From nobody Tue Dec 1 00:55:05 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 12E9B3A0DBB for ; Tue, 1 Dec 2020 00:54:56 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.498 X-Spam-Level: X-Spam-Status: No, score=-1.498 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, KHOP_HELO_FCRDNS=0.399, NICE_REPLY_A=-0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PcZNZ8OuWjOB for ; Tue, 1 Dec 2020 00:54:53 -0800 (PST) Received: from smtp.smtpout.orange.fr (smtp01.smtpout.orange.fr [80.12.242.123]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D79BD3A0D7C for ; Tue, 1 Dec 2020 00:54:52 -0800 (PST) Received: from [192.168.1.11] ([90.91.135.71]) by mwinf5d48 with ME id ywuo2300a1Ybo4i03wuoQT; Tue, 01 Dec 2020 09:54:49 +0100 X-ME-Helo: [192.168.1.11] X-ME-Auth: ZGVuaXMucGlua2FzQG9yYW5nZS5mcg== X-ME-Date: Tue, 01 Dec 2020 09:54:49 +0100 X-ME-IP: 90.91.135.71 To: Brian Campbell Cc: oauth References: <1b584adf-14f9-ba2e-657d-f22b57d87675@free.fr> From: Denis Message-ID: <4cb35c85-e13a-aabe-1e74-d6eb244189cf@free.fr> Date: Tue, 1 Dec 2020 09:54:51 +0100 User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.5.0 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/alternative; boundary="------------D4BEA02DB495EF05D9873A8E" Content-Language: en-GB Archived-At: Subject: Re: [OAUTH-WG] Reminder - Interim Meeting to discuss DPoP X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Dec 2020 08:55:03 -0000 This is a multi-part message in MIME format. --------------D4BEA02DB495EF05D9873A8E Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Hi  Brian, > Hi Denis, > > The choice to use "iat" vs. "exp" was made in the summer of last year. > You can see some of the discussion from then in > https://github.com/danielfett/draft-dpop/issues/38 > . > I believe it pretty well has consensus at this point and thus unlikely > to be changed. I fear that you misread my email or read it too fast. My point had nothing to do whether using *either *of "iat" *o**r* "exp" in the DPoP proof JWT sent by the client. The first sentence of my email was: "One comment on slide 5 about the /time window/". So the topic was all about how the RS SHALL handle the "jti" claim included in the DPoP proof JWT when using a time window. > While I do believe there are reasonable arguments that can be made on > both sides of using either of "iat" or "exp", it's difficult (and > honestly time consuming and very frustrating) to try and have such > discussions or even respond in a coherent way when fundamental aspects > of the draft are misrepresented or misunderstood. For example, the > DPoP proof JWT is created by the client not the AS so the advantages > you put forward are nonsensical in the context of the actual workings > of the draft. Section 8.1 addresses the topic of the /time window/, but this topic should not /only /be addressed in the "Security Considerations" section but in the main body of the document, since some checks MUST be done by the RS. "Security Considerations"are intended to provide explanations but are not intended to be normative. Section 8.1 states:    " If an adversary is able to get hold of a DPoP proof JWT, the adversary could replay that token at the same endpoint (the HTTP    endpoint and method are enforced via the respective claims in the JWTs).  To prevent this, servers MUST only accept DPoP proofs    for a limited time window after their "iat" time, preferably only for a relatively brief period.    Servers SHOULD store, in the context of the request URI, the "jti" value of each DPoP proof for the time window in which the respective    DPoP proof JWT would be accepted and decline HTTP requests to the same URI for which the "jti" value has been seen before.  In order    to guard against memory exhaustion attacks a server SHOULD reject DPoP proof JWTs with unnecessarily large "jti" values or store only    a hash thereof.    (...) ". The previous text makes the assumption that RSs MUST only accept DPoP proofs for a relatively brief period after their "iat" time included in the DPoP proof JWT. This assumption is rather restrictive. A client might get an access token and associate it with DPoP proof JWT that could be used during, e.g., 12 hours. A DPoP proof JWT/ access token JWT pair could thus be used by a client during, e.g., one day for several sessions with a RS. The /time window/ is currently left at the discretion of each RS and is supposed to be short (without stating explicitly what "short" may mean).. It would be possible to mandate in the JWT the inclusion of the exp (Expiration Time) Claim. (I am _not_ advocating the inclusion of the "exp" claim in the DPoP proof JWT). In this way, for a RS, the /time window /would be defined using the "iat" claim defined in the DPoP proof JWT and the "exp" claim defined in the JWT. Such a description should not be done in section 8, but in a section earlier in the main body of the document. This would have the following advantages: * The RS would be able to better manage the "jti" claim values, because it would be able to discard "jti" claim values as soon as they are outside the time window as defined above. * The client would know whether a DPoP proof JWT/ access token JWT pair is still usable, in particular using the "expires_in" status code returned in case of a successful response from the AS and is thus unlikely to get a rejection of both of them because of an unknown time window used by a RS. Denis > > On Mon, Nov 30, 2020 at 8:45 AM Denis > wrote: > > One comment on slide 5 about the /time window/. > > At the bottom, on the left, it is written: "Only valid for a > limited /time window/ relative to creation time". > > While the creation time is defined by "iat", the /time window/ is > currently left at the discretion of each RS. > > It would be preferable to mandate the inclusion in the JWT of the > exp (Expiration Time) Claim. > In this way, the /time window /would be defined by the AS using > both the "iat" and the "exp" claims. > > This would have the following advantages: > > * The client will know whether a token is still usable and is > unlikely to get a rejection of the token > because of an unknown time window defined by a RS. > > * The RS is able to manage better the "jti" claim values, > because it will be able to discard "jti" claim values > as soon as they are outside the time window defined by the AS > in a JWT. > > Denis > > >> All, >> >> This is a reminder that we have an Interim meeting this Monday, >> Nov 30th @ 12:00pm ET, to discuss the latest with the *DPoP >> *document: >> https://datatracker.ietf.org/doc/draft-ietf-oauth-dpop/ >> >> >> You can find the details of the meeting and the slides here: >> https://datatracker.ietf.org/meeting/interim-2020-oauth-16/session/oauth >> >> >> Regards, >>  Rifaat & Hannes >> >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > > > > /CONFIDENTIALITY NOTICE: This email may contain confidential and > privileged material for the sole use of the intended recipient(s). Any > review, use, distribution or disclosure by others is strictly > prohibited.  If you have received this communication in error, please > notify the sender immediately by e-mail and delete the message and any > file attachments from your computer. Thank you./ --------------D4BEA02DB495EF05D9873A8E Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 8bit
Hi  Brian,

Hi Denis,

The choice to use "iat" vs. "exp" was made in the summer of last year. You can see some of the discussion from then in https://github.com/danielfett/draft-dpop/issues/38.
I believe it pretty well has consensus at this point and thus unlikely to be changed.

I fear that you misread my email or read it too fast. My point had nothing to do whether using either of "iat" or "exp" in the DPoP proof JWT sent by the client.

The first sentence of my email was: "One comment on slide 5 about the time window". So the topic was all about how the RS SHALL handle the "jti" claim included
in the DPoP proof JWT when using a time window.


While I do believe there are reasonable arguments that can be made on both sides of using either of "iat" or "exp", it's difficult (and honestly time consuming and very frustrating) to try and have such discussions or even respond in a coherent way when fundamental aspects of the draft are misrepresented or misunderstood. For example, the DPoP proof JWT is created by the client not the AS so the advantages you put forward are nonsensical in the context of the actual workings of the draft.

Section 8.1 addresses the topic of the time window, but this topic should not only be addressed in the "Security Considerations" section
but in the main body of the document, since some checks MUST be done by the RS. "Security Considerations"are intended to provide
explanations but are not intended to be normative.

Section 8.1 states:

   " If an adversary is able to get hold of a DPoP proof JWT, the adversary could replay that token at the same endpoint (the HTTP
   endpoint and method are enforced via the respective claims in the JWTs).  To prevent this, servers MUST only accept DPoP proofs
   for a limited time window after their "iat" time, preferably only for a relatively brief period. 

   Servers SHOULD store, in the context of the request URI, the "jti" value of each DPoP proof for the time window in which the respective
   DPoP proof JWT would be accepted and decline HTTP requests to the same URI for which the "jti" value has been seen before.  In order
   to guard against memory exhaustion attacks a server SHOULD reject DPoP proof JWTs with unnecessarily large "jti" values or store only
   a hash thereof.

   (...) ".

The previous text makes the assumption that RSs MUST only accept DPoP proofs for a relatively brief period after their "iat" time included
in the DPoP proof JWT. This assumption is rather restrictive. A client might get an access token and associate it with DPoP proof JWT that
could be used during, e.g., 12 hours. A DPoP proof JWT/ access token JWT pair could thus be used by a client during, e.g., one day for
several sessions with a RS.

The time window is currently left at the discretion of each RS and is supposed to be short (without stating explicitly what "short" may mean)..
It would be possible to mandate in the JWT the inclusion of the exp (Expiration Time) Claim. (I am not advocating the inclusion of the "exp"
claim in the DPoP proof JWT).

In this way, for a RS, the time window would be defined using the "iat" claim defined in the DPoP proof JWT and the "exp" claim defined in
the JWT.

Such a description should not be done in section 8, but in a section earlier in the main body of the document.

This would have the following advantages:

  • The RS would be able to better manage the "jti" claim values, because it would be able to discard "jti" claim values as soon as they are
    outside the time window as defined above.
  • The client would know whether a DPoP proof JWT/ access token JWT pair is still usable, in particular using the "expires_in" status code
    returned in case of a     successful response from the AS and is thus unlikely to get a rejection of both of them because of an unknown time
    window used by a RS.

Denis



On Mon, Nov 30, 2020 at 8:45 AM Denis <denis.ietf@free.fr> wrote:

One comment on slide 5 about the time window.

At the bottom, on the left, it is written: "Only valid for a limited time window relative to creation time".

While the creation time is defined by "iat", the time window is currently left at the discretion of each RS.

It would be preferable to mandate the inclusion in the JWT of the exp (Expiration Time) Claim.
In this way, the time window would be defined by the AS using both the "iat" and the "exp" claims.

This would have the following advantages:

  • The client will know whether a token is still usable and is unlikely to get a rejection of the token
    because of an unknown time window defined by a RS.
  • The RS is able to manage better the "jti" claim values, because it will be able to discard "jti" claim values
    as soon as they are outside the time window defined by the AS in a JWT.

Denis


All,

This is a reminder that we have an Interim meeting this Monday, Nov 30th @ 12:00pm ET, to discuss the latest with the DPoP document:

You can find the details of the meeting and the slides here:

Regards,
 Rifaat & Hannes


_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth


_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.


--------------D4BEA02DB495EF05D9873A8E-- From nobody Tue Dec 1 05:24:10 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 522403A121A for ; Tue, 1 Dec 2020 05:24:08 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.096 X-Spam-Level: X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_NONE=0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=danielfett.de Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q6Eg4QH8rJHH for ; Tue, 1 Dec 2020 05:24:05 -0800 (PST) Received: from d3f.me (redstone.d3f.me [5.9.29.41]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9CAD43A121B for ; Tue, 1 Dec 2020 05:24:05 -0800 (PST) Received: from authenticated-user (PRIMARY_HOSTNAME [PUBLIC_IP]) by d3f.me (Postfix) with ESMTPA id C0C631749F for ; Tue, 1 Dec 2020 13:24:02 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=danielfett.de; s=dkim; t=1606829042; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=0Ws48qUeh3SvjT2gGuJ36TQR2XmnJ0xQNWT2yIMrWec=; b=JcAQ2lpLALwaamWPHLCqVExQN/QW79rVhgA+86tkhvslcAwUDBzWYyl4ikgViUTxtMEhmL SaxiXRoaJd+clClPsB5Gtt2FNStHK9dpsFJ715yjf3OSRCznSs8aik++oulTbSRW2bxdu1 CSSONGVMPz2nvOc/yuG9FL12p6lXMN4= To: oauth@ietf.org References: <1b584adf-14f9-ba2e-657d-f22b57d87675@free.fr> <4cb35c85-e13a-aabe-1e74-d6eb244189cf@free.fr> From: Daniel Fett Message-ID: <49cbbea5-df0e-f864-cf8b-ec9c3768bc18@danielfett.de> Date: Tue, 1 Dec 2020 14:24:01 +0100 MIME-Version: 1.0 In-Reply-To: <4cb35c85-e13a-aabe-1e74-d6eb244189cf@free.fr> Content-Type: multipart/alternative; boundary="------------46537AD0F8DFEFAE389F1A80" Content-Language: de-DE ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=danielfett.de; s=dkim; t=1606829042; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=0Ws48qUeh3SvjT2gGuJ36TQR2XmnJ0xQNWT2yIMrWec=; b=d+gaF64u03UoSth+LIOGvFOBzEeN/P7qoNokuz4syFvvj9ynMi6YrOCxIB5OTjoJ2wfqlI GzxnWNMw+ZH1WNLqjVqeXiwX15dJnTSuuIG2tuybVCOGuPigy5UXvEQR8lnR48he6qW0Q2 9MtjXR8RDdd8MQ4IUUwN3GdopYWoKn4= ARC-Seal: i=1; s=dkim; d=danielfett.de; t=1606829042; a=rsa-sha256; cv=none; b=UfA/JzxO47eqwD7MN5bvZI8q4dRSPO5SxT1MHVYvmXC8jF0dYMSayJ6kxWN6U2sO8UmF/8 lyIcupe395SW4h3T2aejktdGQQ0NruPMx+wTfTD2u/aEsBcXoczWTyhCy+/hGX5ppnvFi8 4TXvg41XATNyG7wS16OlXWEMN4IW8+M= ARC-Authentication-Results: i=1; d3f.me; auth=pass smtp.auth=fett@danielfett.de smtp.mailfrom=fett@danielfett.de Authentication-Results: d3f.me; auth=pass smtp.auth=fett@danielfett.de smtp.mailfrom=fett@danielfett.de X-Spamd-Bar: / Archived-At: Subject: Re: [OAUTH-WG] Reminder - Interim Meeting to discuss DPoP X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Dec 2020 13:24:08 -0000 This is a multi-part message in MIME format. --------------46537AD0F8DFEFAE389F1A80 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit So what you are proposing is that the time window in which an RS accepts the DPoP proof is defined by the expiration time of the access token? DPoP proofs are intended to be generally be short-lived and fresh for each request in order to provide some level of replay protection. There is no point in making the time window as long as the (typically longer) time window in which an AT would be accepted. A DPoP proof that is valid for 12 hours would not provide much replay protection. The time window is left unspecified because it is only meant to account for clock differences and network latency. Its precise value can depend on deployment considerations. It is not intended to give the client an option to re-use proofs, which is prevented together with the jti. Also this would introduce new, unwanted and potentially surprising dependencies between token lifetimes and the DPoP usage. And finally, as discussed before, not all access tokens are JWTs and we are not going to mandate JWT access tokens in this spec. -Daniel Am 01.12.20 um 09:54 schrieb Denis: > Hi  Brian, > >> Hi Denis, >> >> The choice to use "iat" vs. "exp" was made in the summer of last >> year. You can see some of the discussion from then in >> https://github.com/danielfett/draft-dpop/issues/38. >> I believe it pretty well has consensus at this point and thus >> unlikely to be changed. > > I fear that you misread my email or read it too fast. My point had > nothing to do whether using *either *of "iat" *o**r* "exp" in the DPoP > proof JWT sent by the client. > > The first sentence of my email was: "One comment on slide 5 about the > /time window/". So the topic was all about how the RS SHALL handle the > "jti" claim included > in the DPoP proof JWT when using a time window. > > >> While I do believe there are reasonable arguments that can be made on >> both sides of using either of "iat" or "exp", it's difficult (and >> honestly time consuming and very frustrating) to try and have such >> discussions or even respond in a coherent way when fundamental >> aspects of the draft are misrepresented or misunderstood. For >> example, the DPoP proof JWT is created by the client not the AS so >> the advantages you put forward are nonsensical in the context of the >> actual workings of the draft. > > Section 8.1 addresses the topic of the /time window/, but this topic > should not /only /be addressed in the "Security Considerations" section > but in the main body of the document, since some checks MUST be done > by the RS. "Security Considerations"are intended to provide > explanations but are not intended to be normative. > > Section 8.1 states: > >    " If an adversary is able to get hold of a DPoP proof JWT, the > adversary could replay that token at the same endpoint (the HTTP >    endpoint and method are enforced via the respective claims in the > JWTs).  To prevent this, servers MUST only accept DPoP proofs >    for a limited time window after their "iat" time, preferably only > for a relatively brief period.  > >    Servers SHOULD store, in the context of the request URI, the "jti" > value of each DPoP proof for the time window in which the respective >    DPoP proof JWT would be accepted and decline HTTP requests to the > same URI for which the "jti" value has been seen before.  In order >    to guard against memory exhaustion attacks a server SHOULD reject > DPoP proof JWTs with unnecessarily large "jti" values or store only >    a hash thereof. > >    (...) ". > > The previous text makes the assumption that RSs MUST only accept DPoP > proofs for a relatively brief period after their "iat" time included > in the DPoP proof JWT. This assumption is rather restrictive. A client > might get an access token and associate it with DPoP proof JWT that > could be used during, e.g., 12 hours. A DPoP proof JWT/ access token > JWT pair could thus be used by a client during, e.g., one day for > several sessions with a RS. > > The /time window/ is currently left at the discretion of each RS and > is supposed to be short (without stating explicitly what "short" may > mean).. > > It would be possible to mandate in the JWT the inclusion of the exp > (Expiration Time) Claim. (I am _not_ advocating the inclusion of the > "exp" > claim in the DPoP proof JWT). > > In this way, for a RS, the /time window /would be defined using the > "iat" claim defined in the DPoP proof JWT and the "exp" claim defined in > the JWT. > > Such a description should not be done in section 8, but in a section > earlier in the main body of the document. > > This would have the following advantages: > > * The RS would be able to better manage the "jti" claim values, > because it would be able to discard "jti" claim values as soon as > they are > outside the time window as defined above. > > * The client would know whether a DPoP proof JWT/ access token JWT > pair is still usable, in particular using the "expires_in" status code > returned in case of a successful response from the AS and is thus > unlikely to get a rejection of both of them because of an unknown > time > window used by a RS. > > Denis > > >> >> On Mon, Nov 30, 2020 at 8:45 AM Denis > > wrote: >> >> One comment on slide 5 about the /time window/. >> >> At the bottom, on the left, it is written: "Only valid for a >> limited /time window/ relative to creation time". >> >> While the creation time is defined by "iat", the /time window/ is >> currently left at the discretion of each RS. >> >> It would be preferable to mandate the inclusion in the JWT of the >> exp (Expiration Time) Claim. >> In this way, the /time window /would be defined by the AS using >> both the "iat" and the "exp" claims. >> >> This would have the following advantages: >> >> * The client will know whether a token is still usable and is >> unlikely to get a rejection of the token >> because of an unknown time window defined by a RS. >> >> * The RS is able to manage better the "jti" claim values, >> because it will be able to discard "jti" claim values >> as soon as they are outside the time window defined by the AS >> in a JWT. >> >> Denis >> >> >>> All, >>> >>> This is a reminder that we have an Interim meeting this Monday, >>> Nov 30th @ 12:00pm ET, to discuss the latest with the *DPoP >>> *document: >>> https://datatracker.ietf.org/doc/draft-ietf-oauth-dpop/ >>> >>> You can find the details of the meeting and the slides here: >>> https://datatracker.ietf.org/meeting/interim-2020-oauth-16/session/oauth >>> >>> Regards, >>>  Rifaat & Hannes >>> >>> >>> _______________________________________________ >>> OAuth mailing list >>> OAuth@ietf.org >>> https://www.ietf.org/mailman/listinfo/oauth >> >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth >> >> >> /CONFIDENTIALITY NOTICE: This email may contain confidential and >> privileged material for the sole use of the intended recipient(s). >> Any review, use, distribution or disclosure by others is strictly >> prohibited.  If you have received this communication in error, please >> notify the sender immediately by e-mail and delete the message and >> any file attachments from your computer. Thank you./ > > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth -- https://danielfett.de --------------46537AD0F8DFEFAE389F1A80 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 8bit
So what you are proposing is that the time window in which an RS accepts the DPoP proof is defined by the expiration time of the access token?

DPoP proofs are intended to be generally be short-lived and fresh for each request in order to provide some level of replay protection. There is no point in making the time window as long as the (typically longer) time window in which an AT would be accepted. A DPoP proof that is valid for 12 hours would not provide much replay protection.

The time window is left unspecified because it is only meant to account for clock differences and network latency. Its precise value can depend on deployment considerations. It is not intended to give the client an option to re-use proofs, which is prevented together with the jti.

Also this would introduce new, unwanted and potentially surprising dependencies between token lifetimes and the DPoP usage.

And finally, as discussed before, not all access tokens are JWTs and we are not going to mandate JWT access tokens in this spec.

-Daniel


Am 01.12.20 um 09:54 schrieb Denis:
Hi  Brian,

Hi Denis,

The choice to use "iat" vs. "exp" was made in the summer of last year. You can see some of the discussion from then in https://github.com/danielfett/draft-dpop/issues/38.
I believe it pretty well has consensus at this point and thus unlikely to be changed.

I fear that you misread my email or read it too fast. My point had nothing to do whether using either of "iat" or "exp" in the DPoP proof JWT sent by the client.

The first sentence of my email was: "One comment on slide 5 about the time window". So the topic was all about how the RS SHALL handle the "jti" claim included
in the DPoP proof JWT when using a time window.


While I do believe there are reasonable arguments that can be made on both sides of using either of "iat" or "exp", it's difficult (and honestly time consuming and very frustrating) to try and have such discussions or even respond in a coherent way when fundamental aspects of the draft are misrepresented or misunderstood. For example, the DPoP proof JWT is created by the client not the AS so the advantages you put forward are nonsensical in the context of the actual workings of the draft.

Section 8.1 addresses the topic of the time window, but this topic should not only be addressed in the "Security Considerations" section
but in the main body of the document, since some checks MUST be done by the RS. "Security Considerations"are intended to provide
explanations but are not intended to be normative.

Section 8.1 states:

   " If an adversary is able to get hold of a DPoP proof JWT, the adversary could replay that token at the same endpoint (the HTTP
   endpoint and method are enforced via the respective claims in the JWTs).  To prevent this, servers MUST only accept DPoP proofs
   for a limited time window after their "iat" time, preferably only for a relatively brief period. 

   Servers SHOULD store, in the context of the request URI, the "jti" value of each DPoP proof for the time window in which the respective
   DPoP proof JWT would be accepted and decline HTTP requests to the same URI for which the "jti" value has been seen before.  In order
   to guard against memory exhaustion attacks a server SHOULD reject DPoP proof JWTs with unnecessarily large "jti" values or store only
   a hash thereof.

   (...) ".

The previous text makes the assumption that RSs MUST only accept DPoP proofs for a relatively brief period after their "iat" time included
in the DPoP proof JWT. This assumption is rather restrictive. A client might get an access token and associate it with DPoP proof JWT that
could be used during, e.g., 12 hours. A DPoP proof JWT/ access token JWT pair could thus be used by a client during, e.g., one day for
several sessions with a RS.

The time window is currently left at the discretion of each RS and is supposed to be short (without stating explicitly what "short" may mean)..
It would be possible to mandate in the JWT the inclusion of the exp (Expiration Time) Claim. (I am not advocating the inclusion of the "exp"
claim in the DPoP proof JWT).

In this way, for a RS, the time window would be defined using the "iat" claim defined in the DPoP proof JWT and the "exp" claim defined in
the JWT.

Such a description should not be done in section 8, but in a section earlier in the main body of the document.

This would have the following advantages:

  • The RS would be able to better manage the "jti" claim values, because it would be able to discard "jti" claim values as soon as they are
    outside the time window as defined above.
  • The client would know whether a DPoP proof JWT/ access token JWT pair is still usable, in particular using the "expires_in" status code
    returned in case of a     successful response from the AS and is thus unlikely to get a rejection of both of them because of an unknown time
    window used by a RS.

Denis



On Mon, Nov 30, 2020 at 8:45 AM Denis <denis.ietf@free.fr> wrote:

One comment on slide 5 about the time window.

At the bottom, on the left, it is written: "Only valid for a limited time window relative to creation time".

While the creation time is defined by "iat", the time window is currently left at the discretion of each RS.

It would be preferable to mandate the inclusion in the JWT of the exp (Expiration Time) Claim.
In this way, the time window would be defined by the AS using both the "iat" and the "exp" claims.

This would have the following advantages:

  • The client will know whether a token is still usable and is unlikely to get a rejection of the token
    because of an unknown time window defined by a RS.
  • The RS is able to manage better the "jti" claim values, because it will be able to discard "jti" claim values
    as soon as they are outside the time window defined by the AS in a JWT.

Denis


All,

This is a reminder that we have an Interim meeting this Monday, Nov 30th @ 12:00pm ET, to discuss the latest with the DPoP document:

You can find the details of the meeting and the slides here:

Regards,
 Rifaat & Hannes


_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth


_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you. 



_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth



-- 
https://danielfett.de
--------------46537AD0F8DFEFAE389F1A80-- From nobody Tue Dec 1 12:43:17 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 34D733A1135 for ; Tue, 1 Dec 2020 12:43:16 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.096 X-Spam-Level: X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rVlS-f_ZgBbc for ; Tue, 1 Dec 2020 12:43:14 -0800 (PST) Received: from mail-lj1-x22a.google.com (mail-lj1-x22a.google.com [IPv6:2a00:1450:4864:20::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8E18B3A0D4B for ; Tue, 1 Dec 2020 12:43:13 -0800 (PST) Received: by mail-lj1-x22a.google.com with SMTP id i17so5378404ljd.3 for ; Tue, 01 Dec 2020 12:43:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=MelaZ3XWZKZuhG7JQUbU0gCIbjKuF+QYuyu+BJJrXQc=; b=Edf6NQBdffssw2tIHw92HjBkPSZV1JJ+5/LW4tZeppi8dFbIQ0vd6PYEszN/gB6Axn fBuv4P2IkX4vTmMMAJzfJbgvgZ4auL3ISc97DBK+aMZ136A6NKZ/vQ4EY6scRvSvo41q 8wH/DyVKA5m7+q945Hs2frj5Z82QdqqLl4Juv4hNuqQz9zy/QuiiE07mPou7PyRns00q ElriWdydv91qZnO12zzxxXY4SxX0t1rFjFFKlRAQjOneeEcaK7z9poIY+UsyxlgDXNeu 182zLoH2U8iTyfDKScjK5SZMegLBQb9XSLOolpjv3d/cYuUybMzeF/EiXIc7weZMXNAA GZMA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=MelaZ3XWZKZuhG7JQUbU0gCIbjKuF+QYuyu+BJJrXQc=; b=eYlXHKf2avKOXtnv+pKYFWKRccOOB2SpgQ+kiUEdtDt+vEXRtdVnKSJa8DOHynam80 EcVMhnqK4wjCInEj/Kq5fwVRuL5MMXlJ6VIXKiCyzRelIlyFGlKkKBdNvvPloe9+1WwT Bpjxm6azhKiGCUeUTSxsdXBjfDirlrgoDJ1MauMLjgAEXnj6dFpOQaWhQ45Ru75lRcHu EA2se0T9Zwblf6Zr6vFDQKWBY3QIfQ2fdW+r4AATd6E+aol/X5ne8KMk1hjw8AFoY9m9 p7p0yvomj77e3HbY6aykX0z6zFbmMQ7ZJrwLbMp2Sjvc3MTDDv8VlgH1f3d7XxZZOHO8 UWhQ== X-Gm-Message-State: AOAM533fep3To+y81TNtFD77HpoX/TD7KpXdn8TKoF7+8NXV2C++XlXR hlbuY3dPCZwDnHA2ynKl0QvD8es/E2vGaZtFyIo= X-Google-Smtp-Source: ABdhPJxYdIpuj4qfLJ0RbJp+Yo13hfeentQwsDpbG/N5cQTlf1heRYyic3mVGtdBiM1CFpKiIUm18QLIfTgY+pAzwRQ= X-Received: by 2002:a2e:b701:: with SMTP id j1mr2174694ljo.242.1606855391214; Tue, 01 Dec 2020 12:43:11 -0800 (PST) MIME-Version: 1.0 References: <1b584adf-14f9-ba2e-657d-f22b57d87675@free.fr> <4cb35c85-e13a-aabe-1e74-d6eb244189cf@free.fr> <49cbbea5-df0e-f864-cf8b-ec9c3768bc18@danielfett.de> In-Reply-To: <49cbbea5-df0e-f864-cf8b-ec9c3768bc18@danielfett.de> From: Dick Hardt Date: Tue, 1 Dec 2020 12:42:35 -0800 Message-ID: To: Daniel Fett Cc: oauth@ietf.org Content-Type: multipart/alternative; boundary="000000000000cc81d605b56d2ce2" Archived-At: Subject: Re: [OAUTH-WG] Reminder - Interim Meeting to discuss DPoP X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Dec 2020 20:43:16 -0000 --000000000000cc81d605b56d2ce2 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable I have 2 suggestions for the draft that I beleive address the issues Denis is bringing up: 1) call out that a DPoP proof can only be used once, and a new DPoP proof is needed for every API call. Apologies if that is in the text -- but I could not find it doing a skim over the document. 2) Provide additional guidance on what "a relatively brief period" is including what factors an implementation should consider when determining the length of time. I'm assuming it is a small number of seconds to accommodate for the delay between the client creating the DPoP proof and the server receiving it. =E1=90=A7 On Tue, Dec 1, 2020 at 5:24 AM Daniel Fett wrote: > So what you are proposing is that the time window in which an RS accepts > the DPoP proof is defined by the expiration time of the access token? > > DPoP proofs are intended to be generally be short-lived and fresh for eac= h > request in order to provide some level of replay protection. There is no > point in making the time window as long as the (typically longer) time > window in which an AT would be accepted. A DPoP proof that is valid for 1= 2 > hours would not provide much replay protection. > > The time window is left unspecified because it is only meant to account > for clock differences and network latency. Its precise value can depend o= n > deployment considerations. It is not intended to give the client an optio= n > to re-use proofs, which is prevented together with the jti. > > Also this would introduce new, unwanted and potentially surprising > dependencies between token lifetimes and the DPoP usage. > > And finally, as discussed before, not all access tokens are JWTs and we > are not going to mandate JWT access tokens in this spec. > > -Daniel > > > Am 01.12.20 um 09:54 schrieb Denis: > > Hi Brian, > > Hi Denis, > > The choice to use "iat" vs. "exp" was made in the summer of last year. Yo= u > can see some of the discussion from then in > https://github.com/danielfett/draft-dpop/issues/38. > I believe it pretty well has consensus at this point and thus unlikely to > be changed. > > I fear that you misread my email or read it too fast. My point had nothin= g > to do whether using *either *of "iat" *o**r* "exp" in the DPoP proof JWT > sent by the client. > > The first sentence of my email was: "One comment on slide 5 about the *ti= me > window*". So the topic was all about how the RS SHALL handle the "jti" > claim included > in the DPoP proof JWT when using a time window. > > While I do believe there are reasonable arguments that can be made on bot= h > sides of using either of "iat" or "exp", it's difficult (and honestly tim= e > consuming and very frustrating) to try and have such discussions or even > respond in a coherent way when fundamental aspects of the draft are > misrepresented or misunderstood. For example, the DPoP proof JWT is creat= ed > by the client not the AS so the advantages you put forward are > nonsensical in the context of the actual workings of the draft. > > Section 8.1 addresses the topic of the *time window*, but this topic > should not *only *be addressed in the "Security Considerations" section > but in the main body of the document, since some checks MUST be done by > the RS. "Security Considerations"are intended to provide > explanations but are not intended to be normative. > > Section 8.1 states: > > " If an adversary is able to get hold of a DPoP proof JWT, the > adversary could replay that token at the same endpoint (the HTTP > endpoint and method are enforced via the respective claims in the > JWTs). To prevent this, servers MUST only accept DPoP proofs > for a limited time window after their "iat" time, preferably only for = a > relatively brief period. > > Servers SHOULD store, in the context of the request URI, the "jti" > value of each DPoP proof for the time window in which the respective > DPoP proof JWT would be accepted and decline HTTP requests to the same > URI for which the "jti" value has been seen before. In order > to guard against memory exhaustion attacks a server SHOULD reject DPoP > proof JWTs with unnecessarily large "jti" values or store only > a hash thereof. > > (...) ". > > The previous text makes the assumption that RSs MUST only accept DPoP > proofs for a relatively brief period after their "iat" time included > in the DPoP proof JWT. This assumption is rather restrictive. A client > might get an access token and associate it with DPoP proof JWT that > could be used during, e.g., 12 hours. A DPoP proof JWT/ access token JWT > pair could thus be used by a client during, e.g., one day for > several sessions with a RS. > > The *time window* is currently left at the discretion of each RS and is > supposed to be short (without stating explicitly what "short" may mean).. > > It would be possible to mandate in the JWT the inclusion of the exp > (Expiration Time) Claim. (I am *not* advocating the inclusion of the > "exp" > claim in the DPoP proof JWT). > > In this way, for a RS, the *time window *would be defined using the "iat" > claim defined in the DPoP proof JWT and the "exp" claim defined in > the JWT. > > Such a description should not be done in section 8, but in a section > earlier in the main body of the document. > > This would have the following advantages: > > - The RS would be able to better manage the "jti" claim values, > because it would be able to discard "jti" claim values as soon as they= are > outside the time window as defined above. > > > - The client would know whether a DPoP proof JWT/ access token JWT > pair is still usable, in particular using the "expires_in" status code > returned in case of a successful response from the AS and is thus > unlikely to get a rejection of both of them because of an unknown time > window used by a RS. > > Denis > > > On Mon, Nov 30, 2020 at 8:45 AM Denis wrote: > >> One comment on slide 5 about the *time window*. >> >> At the bottom, on the left, it is written: "Only valid for a limited *ti= me >> window* relative to creation time". >> >> While the creation time is defined by "iat", the *time window* is >> currently left at the discretion of each RS. >> >> It would be preferable to mandate the inclusion in the JWT of the exp >> (Expiration Time) Claim. >> In this way, the *time window *would be defined by the AS using both the >> "iat" and the "exp" claims. >> >> This would have the following advantages: >> >> - The client will know whether a token is still usable and is >> unlikely to get a rejection of the token >> because of an unknown time window defined by a RS. >> >> >> - The RS is able to manage better the "jti" claim values, because it >> will be able to discard "jti" claim values >> as soon as they are outside the time window defined by the AS in a >> JWT. >> >> Denis >> >> All, >> >> This is a reminder that we have an Interim meeting this Monday, Nov 30th >> @ 12:00pm ET, to discuss the latest with the *DPoP *document: >> https://datatracker.ietf.org/doc/draft-ietf-oauth-dpop/ >> >> You can find the details of the meeting and the slides here: >> https://datatracker.ietf.org/meeting/interim-2020-oauth-16/session/oauth >> >> Regards, >> Rifaat & Hannes >> >> >> _______________________________________________ >> OAuth mailing listOAuth@ietf.orghttps://www.ietf.org/mailman/listinfo/oa= uth >> >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth >> > > *CONFIDENTIALITY NOTICE: This email may contain confidential and > privileged material for the sole use of the intended recipient(s). Any > review, use, distribution or disclosure by others is strictly prohibited. > If you have received this communication in error, please notify the sende= r > immediately by e-mail and delete the message and any file attachments fro= m > your computer. Thank you.* > > > > _______________________________________________ > OAuth mailing listOAuth@ietf.orghttps://www.ietf.org/mailman/listinfo/oau= th > > > -- https://danielfett.de > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > --000000000000cc81d605b56d2ce2 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
I have=C2=A02 suggestions for the draft that I beleive=C2= =A0address the issues Denis is bringing up:

1) call out = that a DPoP proof can only be used once, and a new DPoP proof is needed for= every=C2=A0API call. Apologies if that is in the text -- but I could not f= ind it doing a skim over the document.

2) Provide = additional guidance on what "a relatively brief period" is includ= ing what factors an implementation should consider when determining the len= gth of time. I'm assuming it is a small number of seconds to accommodat= e=C2=A0for the delay between the client creating the DPoP proof and the ser= ver receiving=C2=A0it.

3D""=E1=90=A7<= /div>
O= n Tue, Dec 1, 2020 at 5:24 AM Daniel Fett <fett@danielfett.de> wrote:
=20 =20 =20
So what you are proposing is that the time window in which an RS accepts the DPoP proof is defined by the expiration time of the access token?

DPoP proofs are intended to be generally be short-lived and fresh for each request in order to provide some level of replay protection. There is no point in making the time window as long as the (typically longer) time window in which an AT would be accepted. A DPoP proof that is valid for 12 hours would not provide much replay protection.

The time window is left unspecified because it is only meant to account for clock differences and network latency. Its precise value can depend on deployment considerations. It is not intended to give the client an option to re-use proofs, which is prevented together with the jti.

Also this would introduce new, unwanted and potentially surprising dependencies between token lifetimes and the DPoP usage.

And finally, as discussed before, not all access tokens are JWTs and we are not going to mandate JWT access tokens in this spec.

-Daniel


Am 01.12.20 um 09:54 schrieb Denis:
=20
Hi=C2=A0 Brian,

=20
Hi Denis,

The choice to use "iat" vs. "exp" was ma= de in the summer of last year. You can see some of the discussion from then in https://github.com/danielfett/draft-dpop/issues/38= .
I believe it pretty well has consensus at this point and thus unlikely to be changed.

I fear that you misread my email or read it too fast. My point had nothing to do whether using either of "iat" or "exp" in the DP= oP proof JWT sent by the client.

The first sentence of my email was: "One comment on slide 5 about the time window". So the topic was all about how the RS SHALL handle the "jti" c= laim included
in the DPoP proof JWT when using a time window.


While I do believe there are reasonable arguments that can be made on both sides of using either of "iat" or= "exp", it's difficult (and honestly time consuming and very frustrating) to try and have such discussions or even respond in a coherent way when fundamental aspects of the draft are misrepresented or misunderstood. For example, the DPoP proof JWT is created by the client not the AS so the advantages you put forward are nonsensical in the context of the actual workings of the draft.

Section 8.1 addresses th= e topic of the time window, but this topic should not only be addressed in the "Security Considerations" section
but in the main body of the document, since some checks MUST be done by the RS. "Security Considerations"are intended to provide
explanations but are not intended to be normative.

Section 8.1 states:

=C2=A0=C2=A0 " If a= n adversary is able to get hold of a DPoP proof JWT, the adversary could replay that token at the same endpoint (the HTTP
=C2=A0=C2=A0 endpoint and method are enforced via the respectiv= e claims in the JWTs).=C2=A0 To prevent this, servers MUST only accept DPoP proofs
=C2=A0=C2=A0 for a limited time window after their "iat&qu= ot; time, preferably only for a relatively brief period.=C2=A0

=C2=A0=C2=A0 Servers SHO= ULD store, in the context of the request URI, the "jti" value of= each DPoP proof for the time window in which the respective
=C2=A0=C2=A0 DPoP proof JWT would be accepted and decline HTTP requests to the same URI for which the "jti" value ha= s been seen before.=C2=A0 In order
=C2=A0=C2=A0 to guard against memory exhaustion attacks a serve= r SHOULD reject DPoP proof JWTs with unnecessarily large "jt= i" values or store only
=C2=A0=C2=A0 a hash thereof.

=C2=A0=C2=A0 (...) "= ;.

The previous text makes the assumption that RSs MUST only accept DPoP proofs <= font face=3D"Arial">for a relatively brief period after their "iat" time included
in the DPoP proof JWT. This assumption is rather restrictive. A client might get an access token and associate it with <= font face=3D"Arial">DPoP proof JWT that
could be used during, e.g., 12 hours. A <= /font>DPoP proof JWT/ acces= s token JWT pair could thus be used by a client during, e.g., one day for
several sessions with a RS.

The time window is currently left at the discretion of each RS and is supposed to be short (without stating explicitly what "short" may mean)..
It would be possible to mandate in the JWT the inclusion of the exp (Expiration Time) Claim. (I am not advocating the inclusion of the "exp"
claim in the DPoP proof JWT).

In this way, for a RS, the time window would be defined using the "iat" claim defined in t= he DPoP proof JWT and the "exp" claim defined in
the JWT.

Such a description should not be done in section 8, but in a section earlier <= font face=3D"Arial">in the main body of the document.

This would have the following advantages:

  • The RS would be able to better manage the "jti" claim values, because it would be able to d= iscard "jti" claim values as soon as they are
    outside the time window as defined above.
  • The client would know whether a DPoP proof JWT/ access token JWT pair is still usable, in particular using the "exp= ires_in" status code
    returned in case of a     successful response from the AS and is thus unlikely to get a rejection of both of them because of an unknown time
    window used by a RS.

Denis



On Mon, Nov 30, 2020 at 8:4= 5 AM Denis <denis.ietf@free.fr> wrote:

One comment on slide 5 about the time window.

At the bottom, on the left, it is written: "Only valid for a limited time window relative to creation time".

While the creation time is defined by "iat", = the time window is currently left at the discretion of each RS.

It would be preferable to mandate the inclusion in the JWT of the exp (Expiration Time) Claim.
In this way, the time window would be defined by the AS using both the "iat" and th= e "exp" claims.

This would have the following advantages:

  • The client will know whether a token is still usable and is unlikely to get a rejection of the token
    because of an unknown time window defined by a RS.
  • The RS is able to manage better the "jti" claim values, because it will be able to discard "jti&= quot; claim values
    as soon as they are outside the time window defined by the AS in a JWT.

Denis


All,

This is a reminder that we have an Interim meeting=C2=A0this Monday, Nov 30th @ 12:00pm ET, to discuss the latest with the DPoP document:

You can find the details of the meeting and the slides here:

Regards,
=C2=A0Rifaat & Hannes


_______________________________________________
OAuth mailing list
OAuth@ietf.org
h=
ttps://www.ietf.org/mailman/listinfo/oauth


_______________________________________________
OAuth mailing list
OAuth@ietf.= org
https://www.ietf.org/mailman/listinfo/oauth

CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.=C2=A0 If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you. 



_______________________________________________
OAuth mailing list
OAuth@ietf.org
h=
ttps://www.ietf.org/mailman/listinfo/oauth



--=20
https://danielfett.de
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
--000000000000cc81d605b56d2ce2-- From nobody Tue Dec 1 15:13:05 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5EB4E3A0AFA for ; Tue, 1 Dec 2020 15:13:04 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.097 X-Spam-Level: X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=pingidentity.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id znoEUyNKVPuv for ; Tue, 1 Dec 2020 15:13:01 -0800 (PST) Received: from mail-lj1-x235.google.com (mail-lj1-x235.google.com [IPv6:2a00:1450:4864:20::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3FA203A0AF5 for ; Tue, 1 Dec 2020 15:13:01 -0800 (PST) Received: by mail-lj1-x235.google.com with SMTP id f24so6092651ljk.13 for ; Tue, 01 Dec 2020 15:13:00 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=y3OcQeXj/Hsdw+ogd9q8NiD2jfYc/b4yRNVDujASOGk=; b=fCAPZ8mteu1XXXpqfS7sqO8uOXUbnwupjgIpFWoDsnZsJ58agt7ztgqmgYFhTOsXdQ NDBQGcgUfGDxMnribk3+qzv54zGAnXaQFrRpPhKUCKsWhlSfHsAkomwmMzJTghA+YN9G 212UdPtZNa/+itsk2e3KPoZ8O62rCVsKB/wiUyONbmwjIsNuTRnLqQD245Qnph88/8d5 iJYc0iPPVc22URN1YK6x7UZQygF19ikm3HDtDBmCEWkbCKpICXJrU2/Yj9QfWqpahwsU TqDQskRTB6vtndf7XzLH+d6IXjxuF6jF4z8gXWoTEfS4sz6p+GzwPpxuTBpGrI+1m8c4 Or8w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=y3OcQeXj/Hsdw+ogd9q8NiD2jfYc/b4yRNVDujASOGk=; b=NXVw3Q80YpxZM6U/GYdw/mS/wVzrX2mz6SOGp2CTMn6xei7pru1tF6MliRVxtHPIaL CjN1eWye71sT8mHB/ePYSj63HU/nv8aGWC9WBat/U0QSVNFmXhc2CSO4Epvs8bFh1ojA /8fh5YVADvD/rG38wRbQ6CgAPtkAUkZ2ieTT8p9Yxt0LJ55Kq2iJLEG0dfWISOsEWCUM MxWaSUrV/4hulHKU4B1lKCUO7b+M+KzSyqXfWS1ZY5jcVfioEFvOgKPpNfJhI+ShrihS hYySd1OqxiJPsAU59dSM+q7s8pPfqcihsUifAgsL8VsgU7lEoNxKhfYcc1oSmmMrhIz8 S0tA== X-Gm-Message-State: AOAM533ZmHXhrliRyRXMzz4yXHq789VYZj05lw0pnXQhfgMj9a1m3ba9 sGi7y19oDrqTLuAiz2ZrOyO9EdQqAlFYOs7yYMA4dbDqPadVUDdyzSlWX6WUpcKWSzxEf5luFNn kWCn9aPPm1mkjKQ== X-Google-Smtp-Source: ABdhPJz0EBn9gaXUqsfdh8HzrGSRbDBwc5VZ2ddZZTdOQ5vPI2tejTtvu/kZGfzQLnEdQuSn6+SKVUX0qZiqUblq6Zc= X-Received: by 2002:a2e:8796:: with SMTP id n22mr2408419lji.345.1606864378953; Tue, 01 Dec 2020 15:12:58 -0800 (PST) MIME-Version: 1.0 References: <1b584adf-14f9-ba2e-657d-f22b57d87675@free.fr> <4cb35c85-e13a-aabe-1e74-d6eb244189cf@free.fr> <49cbbea5-df0e-f864-cf8b-ec9c3768bc18@danielfett.de> In-Reply-To: From: Brian Campbell Date: Tue, 1 Dec 2020 16:12:32 -0700 Message-ID: To: Dick Hardt Cc: Daniel Fett , oauth Content-Type: multipart/alternative; boundary="00000000000082a08405b56f4474" Archived-At: Subject: Re: [OAUTH-WG] Reminder - Interim Meeting to discuss DPoP X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Dec 2020 23:13:04 -0000 --00000000000082a08405b56f4474 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Thanks Dick. On Tue, Dec 1, 2020 at 1:43 PM Dick Hardt wrote: > I have 2 suggestions for the draft that I beleive address the issues Deni= s > is bringing up: > > 1) call out that a DPoP proof can only be used once, and a new DPoP proof > is needed for every API call. Apologies if that is in the text -- but I > could not find it doing a skim over the document. > I think it is very strongly implied but not called out explicitly as such. We can add that. > 2) Provide additional guidance on what "a relatively brief period" is > including what factors an implementation should consider when determining > the length of time. I'm assuming it is a small number of seconds to > accommodate for the delay between the client creating the DPoP proof and > the server receiving it. > On the order of seconds is my assumption too. But yes we can add some more guidance here with a bit more specificity. > =E1=90=A7 > > On Tue, Dec 1, 2020 at 5:24 AM Daniel Fett wrote: > >> So what you are proposing is that the time window in which an RS accepts >> the DPoP proof is defined by the expiration time of the access token? >> >> DPoP proofs are intended to be generally be short-lived and fresh for >> each request in order to provide some level of replay protection. There = is >> no point in making the time window as long as the (typically longer) tim= e >> window in which an AT would be accepted. A DPoP proof that is valid for = 12 >> hours would not provide much replay protection. >> >> The time window is left unspecified because it is only meant to account >> for clock differences and network latency. Its precise value can depend = on >> deployment considerations. It is not intended to give the client an opti= on >> to re-use proofs, which is prevented together with the jti. >> >> Also this would introduce new, unwanted and potentially surprising >> dependencies between token lifetimes and the DPoP usage. >> >> And finally, as discussed before, not all access tokens are JWTs and we >> are not going to mandate JWT access tokens in this spec. >> >> -Daniel >> >> >> Am 01.12.20 um 09:54 schrieb Denis: >> >> Hi Brian, >> >> Hi Denis, >> >> The choice to use "iat" vs. "exp" was made in the summer of last year. >> You can see some of the discussion from then in >> https://github.com/danielfett/draft-dpop/issues/38. >> I believe it pretty well has consensus at this point and thus unlikely t= o >> be changed. >> >> I fear that you misread my email or read it too fast. My point had >> nothing to do whether using *either *of "iat" *o**r* "exp" in the DPoP >> proof JWT sent by the client. >> >> The first sentence of my email was: "One comment on slide 5 about the *t= ime >> window*". So the topic was all about how the RS SHALL handle the "jti" >> claim included >> in the DPoP proof JWT when using a time window. >> >> While I do believe there are reasonable arguments that can be made on >> both sides of using either of "iat" or "exp", it's difficult (and honest= ly >> time consuming and very frustrating) to try and have such discussions or >> even respond in a coherent way when fundamental aspects of the draft are >> misrepresented or misunderstood. For example, the DPoP proof JWT is crea= ted >> by the client not the AS so the advantages you put forward are >> nonsensical in the context of the actual workings of the draft. >> >> Section 8.1 addresses the topic of the *time window*, but this topic >> should not *only *be addressed in the "Security Considerations" section >> but in the main body of the document, since some checks MUST be done by >> the RS. "Security Considerations"are intended to provide >> explanations but are not intended to be normative. >> >> Section 8.1 states: >> >> " If an adversary is able to get hold of a DPoP proof JWT, the >> adversary could replay that token at the same endpoint (the HTTP >> endpoint and method are enforced via the respective claims in the >> JWTs). To prevent this, servers MUST only accept DPoP proofs >> for a limited time window after their "iat" time, preferably only for >> a relatively brief period. >> >> Servers SHOULD store, in the context of the request URI, the "jti" >> value of each DPoP proof for the time window in which the respective >> DPoP proof JWT would be accepted and decline HTTP requests to the sam= e >> URI for which the "jti" value has been seen before. In order >> to guard against memory exhaustion attacks a server SHOULD reject DPo= P >> proof JWTs with unnecessarily large "jti" values or store only >> a hash thereof. >> >> (...) ". >> >> The previous text makes the assumption that RSs MUST only accept DPoP >> proofs for a relatively brief period after their "iat" time included >> in the DPoP proof JWT. This assumption is rather restrictive. A client >> might get an access token and associate it with DPoP proof JWT that >> could be used during, e.g., 12 hours. A DPoP proof JWT/ access token JWT >> pair could thus be used by a client during, e.g., one day for >> several sessions with a RS. >> >> The *time window* is currently left at the discretion of each RS and is >> supposed to be short (without stating explicitly what "short" may mean).= . >> >> It would be possible to mandate in the JWT the inclusion of the exp >> (Expiration Time) Claim. (I am *not* advocating the inclusion of the >> "exp" >> claim in the DPoP proof JWT). >> >> In this way, for a RS, the *time window *would be defined using the >> "iat" claim defined in the DPoP proof JWT and the "exp" claim defined in >> the JWT. >> >> Such a description should not be done in section 8, but in a section >> earlier in the main body of the document. >> >> This would have the following advantages: >> >> - The RS would be able to better manage the "jti" claim values, >> because it would be able to discard "jti" claim values as soon as the= y are >> outside the time window as defined above. >> >> >> - The client would know whether a DPoP proof JWT/ access token JWT >> pair is still usable, in particular using the "expires_in" status cod= e >> returned in case of a successful response from the AS and is thus >> unlikely to get a rejection of both of them because of an unknown tim= e >> window used by a RS. >> >> Denis >> >> >> On Mon, Nov 30, 2020 at 8:45 AM Denis wrote: >> >>> One comment on slide 5 about the *time window*. >>> >>> At the bottom, on the left, it is written: "Only valid for a limited *t= ime >>> window* relative to creation time". >>> >>> While the creation time is defined by "iat", the *time window* is >>> currently left at the discretion of each RS. >>> >>> It would be preferable to mandate the inclusion in the JWT of the exp >>> (Expiration Time) Claim. >>> In this way, the *time window *would be defined by the AS using both >>> the "iat" and the "exp" claims. >>> >>> This would have the following advantages: >>> >>> - The client will know whether a token is still usable and is >>> unlikely to get a rejection of the token >>> because of an unknown time window defined by a RS. >>> >>> >>> - The RS is able to manage better the "jti" claim values, because it >>> will be able to discard "jti" claim values >>> as soon as they are outside the time window defined by the AS in a >>> JWT. >>> >>> Denis >>> >>> All, >>> >>> This is a reminder that we have an Interim meeting this Monday, Nov 30t= h >>> @ 12:00pm ET, to discuss the latest with the *DPoP *document: >>> https://datatracker.ietf.org/doc/draft-ietf-oauth-dpop/ >>> >>> You can find the details of the meeting and the slides here: >>> https://datatracker.ietf.org/meeting/interim-2020-oauth-16/session/oaut= h >>> >>> Regards, >>> Rifaat & Hannes >>> >>> >>> _______________________________________________ >>> OAuth mailing listOAuth@ietf.orghttps://www.ietf.org/mailman/listinfo/o= auth >>> >>> >>> _______________________________________________ >>> OAuth mailing list >>> OAuth@ietf.org >>> https://www.ietf.org/mailman/listinfo/oauth >>> >> >> *CONFIDENTIALITY NOTICE: This email may contain confidential and >> privileged material for the sole use of the intended recipient(s). Any >> review, use, distribution or disclosure by others is strictly prohibited= . >> If you have received this communication in error, please notify the send= er >> immediately by e-mail and delete the message and any file attachments fr= om >> your computer. Thank you.* >> >> >> >> _______________________________________________ >> OAuth mailing listOAuth@ietf.orghttps://www.ietf.org/mailman/listinfo/oa= uth >> >> >> -- https://danielfett.de >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth >> > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > --=20 _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged= =20 material for the sole use of the intended recipient(s). Any review, use,=20 distribution or disclosure by others is strictly prohibited.=C2=A0 If you h= ave=20 received this communication in error, please notify the sender immediately= =20 by e-mail and delete the message and any file attachments from your=20 computer. Thank you._ --00000000000082a08405b56f4474 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Thanks Dick.

On Tue, Dec 1, 2020 at 1:43 PM Dick = Hardt <dick.ha= rdt@gmail.com> wrote:
I have=C2=A02 suggestions for the draft that = I beleive=C2=A0address the issues Denis is bringing up:

= 1) call out that a DPoP proof can only be used once, and a new DPoP proof i= s needed for every=C2=A0API call. Apologies if that is in the text -- but I= could not find it doing a skim over the document.
=

I think it is very strongly implied but not called out = explicitly as such. We can add that.

=C2=A0
2) Provide additional guidance on what "a relatively brief period&quo= t; is including what factors an implementation should consider when determi= ning the length of time. I'm assuming it is a small number of seconds t= o accommodate=C2=A0for the delay between the client creating the DPoP proof= and the server receiving=C2=A0it.

<= div>On the order of seconds is my assumption too. But yes we can add some m= ore guidance here with a bit more specificity.
=C2=A0
<= div>=C2=A0
3D""= =E1=90=A7

On Tue, Dec 1, 2020 at 5= :24 AM Daniel Fett <fett@danielfett.de> wrote:
=20 =20 =20
So what you are proposing is that the time window in which an RS accepts the DPoP proof is defined by the expiration time of the access token?

DPoP proofs are intended to be generally be short-lived and fresh for each request in order to provide some level of replay protection. There is no point in making the time window as long as the (typically longer) time window in which an AT would be accepted. A DPoP proof that is valid for 12 hours would not provide much replay protection.

The time window is left unspecified because it is only meant to account for clock differences and network latency. Its precise value can depend on deployment considerations. It is not intended to give the client an option to re-use proofs, which is prevented together with the jti.

Also this would introduce new, unwanted and potentially surprising dependencies between token lifetimes and the DPoP usage.

And finally, as discussed before, not all access tokens are JWTs and we are not going to mandate JWT access tokens in this spec.

-Daniel


Am 01.12.20 um 09:54 schrieb Denis:
=20
Hi=C2=A0 Brian,

=20
Hi Denis,

The choice to use "iat" vs. "exp" was ma= de in the summer of last year. You can see some of the discussion from then in https://github.com/danielfett/draft-dpop/issues/38= .
I believe it pretty well has consensus at this point and thus unlikely to be changed.

I fear that you misread my email or read it too fast. My point had nothing to do whether using either of "iat" or "exp" in the DP= oP proof JWT sent by the client.

The first sentence of my email was: "One comment on slide 5 about the time window". So the topic was all about how the RS SHALL handle the "jti" c= laim included
in the DPoP proof JWT when using a time window.


While I do believe there are reasonable arguments that can be made on both sides of using either of "iat" or= "exp", it's difficult (and honestly time consuming and very frustrating) to try and have such discussions or even respond in a coherent way when fundamental aspects of the draft are misrepresented or misunderstood. For example, the DPoP proof JWT is created by the client not the AS so the advantages you put forward are nonsensical in the context of the actual workings of the draft.

Section 8.1 addresses th= e topic of the time window, but this topic should not only be addressed in the "Security Considerations" section
but in the main body of the document, since some checks MUST be done by the RS. "Security Considerations"are intended to provide
explanations but are not intended to be normative.

Section 8.1 states:

=C2=A0=C2=A0 " If a= n adversary is able to get hold of a DPoP proof JWT, the adversary could replay that token at the same endpoint (the HTTP
=C2=A0=C2=A0 endpoint and method are enforced via the respectiv= e claims in the JWTs).=C2=A0 To prevent this, servers MUST only accept DPoP proofs
=C2=A0=C2=A0 for a limited time window after their "iat&qu= ot; time, preferably only for a relatively brief period.=C2=A0

=C2=A0=C2=A0 Servers SHO= ULD store, in the context of the request URI, the "jti" value of= each DPoP proof for the time window in which the respective
=C2=A0=C2=A0 DPoP proof JWT would be accepted and decline HTTP requests to the same URI for which the "jti" value ha= s been seen before.=C2=A0 In order
=C2=A0=C2=A0 to guard against memory exhaustion attacks a serve= r SHOULD reject DPoP proof JWTs with unnecessarily large "jt= i" values or store only
=C2=A0=C2=A0 a hash thereof.

=C2=A0=C2=A0 (...) "= ;.

The previous text makes the assumption that RSs MUST only accept DPoP proofs <= font face=3D"Arial">for a relatively brief period after their "iat" time included
in the DPoP proof JWT. This assumption is rather restrictive. A client might get an access token and associate it with <= font face=3D"Arial">DPoP proof JWT that
could be used during, e.g., 12 hours. A <= /font>DPoP proof JWT/ acces= s token JWT pair could thus be used by a client during, e.g., one day for
several sessions with a RS.

The time window is currently left at the discretion of each RS and is supposed to be short (without stating explicitly what "short" may mean)..
It would be possible to mandate in the JWT the inclusion of the exp (Expiration Time) Claim. (I am not advocating the inclusion of the "exp"
claim in the DPoP proof JWT).

In this way, for a RS, the time window would be defined using the "iat" claim defined in t= he DPoP proof JWT and the "exp" claim defined in
the JWT.

Such a description should not be done in section 8, but in a section earlier <= font face=3D"Arial">in the main body of the document.

This would have the following advantages:

  • The RS would be able to better manage the "jti" claim values, because it would be able to d= iscard "jti" claim values as soon as they are
    outside the time window as defined above.
  • The client would know whether a DPoP proof JWT/ access token JWT pair is still usable, in particular using the "exp= ires_in" status code
    returned in case of a     successful response from the AS and is thus unlikely to get a rejection of both of them because of an unknown time
    window used by a RS.

Denis



On Mon, Nov 30, 2020 at 8:4= 5 AM Denis <denis.ietf@free.fr> wrote:

One comment on slide 5 about the time window.

At the bottom, on the left, it is written: "Only valid for a limited time window relative to creation time".

While the creation time is defined by "iat", = the time window is currently left at the discretion of each RS.

It would be preferable to mandate the inclusion in the JWT of the exp (Expiration Time) Claim.
In this way, the time window would be defined by the AS using both the "iat" and th= e "exp" claims.

This would have the following advantages:

  • The client will know whether a token is still usable and is unlikely to get a rejection of the token
    because of an unknown time window defined by a RS.
  • The RS is able to manage better the "jti" claim values, because it will be able to discard "jti&= quot; claim values
    as soon as they are outside the time window defined by the AS in a JWT.

Denis


All,

This is a reminder that we have an Interim meeting=C2=A0this Monday, Nov 30th @ 12:00pm ET, to discuss the latest with the DPoP document:

You can find the details of the meeting and the slides here:

Regards,
=C2=A0Rifaat & Hannes


_______________________________________________
OAuth mailing list
OAuth@ietf.org
h=
ttps://www.ietf.org/mailman/listinfo/oauth


_______________________________________________
OAuth mailing list
OAuth@ietf.= org
https://www.ietf.org/mailman/listinfo/oauth

CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.=C2=A0 If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you. 



_______________________________________________
OAuth mailing list
OAuth@ietf.org
h=
ttps://www.ietf.org/mailman/listinfo/oauth



--=20
https://danielfett.de
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

<= span style=3D"margin:0px;padding:0px;border:0px;outline:0px;vertical-align:= baseline;background:transparent;font-family:proxima-nova-zendesk,system-ui,= -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ub= untu,Cantarell,"Helvetica Neue",Arial,sans-serif;font-weight:600"= >CONFIDENTIALITY NOTICE: This email may contain confidenti= al and privileged material for the sole use of the intended recipient(s). A= ny review, use, distribution or disclosure by others is strictly prohibited= .=C2=A0 If you have received this communication in error, please notify the= sender immediately by e-mail and delete the message and any file attachmen= ts from your computer. Thank you. --00000000000082a08405b56f4474-- From nobody Wed Dec 2 06:06:53 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5C7253A1406 for ; Wed, 2 Dec 2020 06:06:51 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.498 X-Spam-Level: X-Spam-Status: No, score=-1.498 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, KHOP_HELO_FCRDNS=0.399, NICE_REPLY_A=-0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id N1O5AUjasbUZ for ; Wed, 2 Dec 2020 06:06:48 -0800 (PST) Received: from smtp.smtpout.orange.fr (smtp06.smtpout.orange.fr [80.12.242.128]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 059353A13B4 for ; Wed, 2 Dec 2020 06:06:47 -0800 (PST) Received: from [192.168.1.11] ([90.91.135.71]) by mwinf5d41 with ME id zS6j230061Ybo4i03S6jNc; Wed, 02 Dec 2020 15:06:44 +0100 X-ME-Helo: [192.168.1.11] X-ME-Auth: ZGVuaXMucGlua2FzQG9yYW5nZS5mcg== X-ME-Date: Wed, 02 Dec 2020 15:06:44 +0100 X-ME-IP: 90.91.135.71 To: oauth@ietf.org References: <1b584adf-14f9-ba2e-657d-f22b57d87675@free.fr> <4cb35c85-e13a-aabe-1e74-d6eb244189cf@free.fr> <49cbbea5-df0e-f864-cf8b-ec9c3768bc18@danielfett.de> From: Denis Message-ID: Date: Wed, 2 Dec 2020 15:06:46 +0100 User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.5.0 MIME-Version: 1.0 In-Reply-To: <49cbbea5-df0e-f864-cf8b-ec9c3768bc18@danielfett.de> Content-Type: multipart/alternative; boundary="------------4A1E69A6FC858851A0EED93F" Content-Language: en-GB Archived-At: Subject: Re: [OAUTH-WG] Reminder - Interim Meeting to discuss DPoP X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Dec 2020 14:06:52 -0000 This is a multi-part message in MIME format. --------------4A1E69A6FC858851A0EED93F Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Hi Daniel, All your arguments make sense. I agree. A minor point however. The size of the jti" is currently mandated to 96 bits minimum. This is unnecessarily long for a time window of a few minutes. The jti" does not need to be a unique identifier valid for ever. It can simply be an identifier used during the time window which complements the "iat" claim. Using both the "iat" claim and a 32 bits pseudo-random number will be quite sufficient.  It is also has the advantage of using less memory and it is easier to flush the entries looking at the 32 first bits only. Denis > So what you are proposing is that the time window in which an RS > accepts the DPoP proof is defined by the expiration time of the access > token? > > DPoP proofs are intended to be generally be short-lived and fresh for > each request in order to provide some level of replay protection. > There is no point in making the time window as long as the (typically > longer) time window in which an AT would be accepted. A DPoP proof > that is valid for 12 hours would not provide much replay protection. > > The time window is left unspecified because it is only meant to > account for clock differences and network latency. Its precise value > can depend on deployment considerations. It is not intended to give > the client an option to re-use proofs, which is prevented together > with the jti. > > Also this would introduce new, unwanted and potentially surprising > dependencies between token lifetimes and the DPoP usage. > > And finally, as discussed before, not all access tokens are JWTs and > we are not going to mandate JWT access tokens in this spec. > > -Daniel > > > Am 01.12.20 um 09:54 schrieb Denis: >> Hi  Brian, >> >>> Hi Denis, >>> >>> The choice to use "iat" vs. "exp" was made in the summer of last >>> year. You can see some of the discussion from then in >>> https://github.com/danielfett/draft-dpop/issues/38 >>> . >>> I believe it pretty well has consensus at this point and thus >>> unlikely to be changed. >> >> I fear that you misread my email or read it too fast. My point had >> nothing to do whether using *either *of "iat" *o**r* "exp" in the >> DPoP proof JWT sent by the client. >> >> The first sentence of my email was: "One comment on slide 5 about the >> /time window/". So the topic was all about how the RS SHALL handle >> the "jti" claim included >> in the DPoP proof JWT when using a time window. >> >> >>> While I do believe there are reasonable arguments that can be made >>> on both sides of using either of "iat" or "exp", it's difficult (and >>> honestly time consuming and very frustrating) to try and have such >>> discussions or even respond in a coherent way when fundamental >>> aspects of the draft are misrepresented or misunderstood. For >>> example, the DPoP proof JWT is created by the client not the AS so >>> the advantages you put forward are nonsensical in the context of the >>> actual workings of the draft. >> >> Section 8.1 addresses the topic of the /time window/, but this topic >> should not /only /be addressed in the "Security Considerations" section >> but in the main body of the document, since some checks MUST be done >> by the RS. "Security Considerations"are intended to provide >> explanations but are not intended to be normative. >> >> Section 8.1 states: >> >>    " If an adversary is able to get hold of a DPoP proof JWT, the >> adversary could replay that token at the same endpoint (the HTTP >>    endpoint and method are enforced via the respective claims in the >> JWTs).  To prevent this, servers MUST only accept DPoP proofs >>    for a limited time window after their "iat" time, preferably only >> for a relatively brief period. >> >>    Servers SHOULD store, in the context of the request URI, the "jti" >> value of each DPoP proof for the time window in which the respective >>    DPoP proof JWT would be accepted and decline HTTP requests to the >> same URI for which the "jti" value has been seen before.  In order >>    to guard against memory exhaustion attacks a server SHOULD reject >> DPoP proof JWTs with unnecessarily large "jti" values or store only >>    a hash thereof. >> >>    (...) ". >> >> The previous text makes the assumption that RSs MUST only accept DPoP >> proofs for a relatively brief period after their "iat" time included >> in the DPoP proof JWT. This assumption is rather restrictive. A >> client might get an access token and associate it with DPoP proof JWT >> that >> could be used during, e.g., 12 hours. A DPoP proof JWT/ access token >> JWT pair could thus be used by a client during, e.g., one day for >> several sessions with a RS. >> >> The /time window/ is currently left at the discretion of each RS and >> is supposed to be short (without stating explicitly what "short" may >> mean).. >> >> It would be possible to mandate in the JWT the inclusion of the exp >> (Expiration Time) Claim. (I am _not_ advocating the inclusion of the >> "exp" >> claim in the DPoP proof JWT). >> >> In this way, for a RS, the /time window /would be defined using the >> "iat" claim defined in the DPoP proof JWT and the "exp" claim defined in >> the JWT. >> >> Such a description should not be done in section 8, but in a section >> earlier in the main body of the document. >> >> This would have the following advantages: >> >> * The RS would be able to better manage the "jti" claim values, >> because it would be able to discard "jti" claim values as soon as >> they are >> outside the time window as defined above. >> >> * The client would know whether a DPoP proof JWT/ access token JWT >> pair is still usable, in particular using the "expires_in" status >> code >> returned in case of a successful response from the AS and is thus >> unlikely to get a rejection of both of them because of an unknown >> time >> window used by a RS. >> >> Denis >> >> >>> >>> On Mon, Nov 30, 2020 at 8:45 AM Denis >> > wrote: >>> >>> One comment on slide 5 about the /time window/. >>> >>> At the bottom, on the left, it is written: "Only valid for a >>> limited /time window/ relative to creation time". >>> >>> While the creation time is defined by "iat", the /time window/ >>> is currently left at the discretion of each RS. >>> >>> It would be preferable to mandate the inclusion in the JWT of >>> the exp (Expiration Time) Claim. >>> In this way, the /time window /would be defined by the AS using >>> both the "iat" and the "exp" claims. >>> >>> This would have the following advantages: >>> >>> * The client will know whether a token is still usable and is >>> unlikely to get a rejection of the token >>> because of an unknown time window defined by a RS. >>> >>> * The RS is able to manage better the "jti" claim values, >>> because it will be able to discard "jti" claim values >>> as soon as they are outside the time window defined by the >>> AS in a JWT. >>> >>> Denis >>> >>> >>>> All, >>>> >>>> This is a reminder that we have an Interim meeting this Monday, >>>> Nov 30th @ 12:00pm ET, to discuss the latest with the *DPoP >>>> *document: >>>> https://datatracker.ietf.org/doc/draft-ietf-oauth-dpop/ >>>> >>>> >>>> You can find the details of the meeting and the slides here: >>>> https://datatracker.ietf.org/meeting/interim-2020-oauth-16/session/oauth >>>> >>>> >>>> Regards, >>>>  Rifaat & Hannes >>>> >>>> >>>> _______________________________________________ >>>> OAuth mailing list >>>> OAuth@ietf.org >>>> https://www.ietf.org/mailman/listinfo/oauth >>> >>> >>> _______________________________________________ >>> OAuth mailing list >>> OAuth@ietf.org >>> https://www.ietf.org/mailman/listinfo/oauth >>> >>> >>> >>> /CONFIDENTIALITY NOTICE: This email may contain confidential and >>> privileged material for the sole use of the intended recipient(s). >>> Any review, use, distribution or disclosure by others is strictly >>> prohibited.  If you have received this communication in error, >>> please notify the sender immediately by e-mail and delete the >>> message and any file attachments from your computer. Thank you./ >> >> >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth > > > -- > https://danielfett.de > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth --------------4A1E69A6FC858851A0EED93F Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 8bit
Hi Daniel,

All your arguments make sense. I agree.

A minor point however. The size of the jti" is currently mandated to 96 bits minimum. This is unnecessarily long for a time window of a few minutes.
The jti" does not need to be a unique identifier valid for ever. It can simply be an identifier used during the time window which complements the "iat" claim.

Using both the "iat" claim and a 32 bits pseudo-random number will be quite sufficient.  It is also has the advantage of using less memory and
it is easier to flush the entries looking at the 32 first bits only.

Denis

So what you are proposing is that the time window in which an RS accepts the DPoP proof is defined by the expiration time of the access token?

DPoP proofs are intended to be generally be short-lived and fresh for each request in order to provide some level of replay protection. There is no point in making the time window as long as the (typically longer) time window in which an AT would be accepted. A DPoP proof that is valid for 12 hours would not provide much replay protection.

The time window is left unspecified because it is only meant to account for clock differences and network latency. Its precise value can depend on deployment considerations. It is not intended to give the client an option to re-use proofs, which is prevented together with the jti.

Also this would introduce new, unwanted and potentially surprising dependencies between token lifetimes and the DPoP usage.

And finally, as discussed before, not all access tokens are JWTs and we are not going to mandate JWT access tokens in this spec.

-Daniel


Am 01.12.20 um 09:54 schrieb Denis:
Hi  Brian,

Hi Denis,

The choice to use "iat" vs. "exp" was made in the summer of last year. You can see some of the discussion from then in https://github.com/danielfett/draft-dpop/issues/38.
I believe it pretty well has consensus at this point and thus unlikely to be changed.

I fear that you misread my email or read it too fast. My point had nothing to do whether using either of "iat" or "exp" in the DPoP proof JWT sent by the client.

The first sentence of my email was: "One comment on slide 5 about the time window". So the topic was all about how the RS SHALL handle the "jti" claim included
in the DPoP proof JWT when using a time window.


While I do believe there are reasonable arguments that can be made on both sides of using either of "iat" or "exp", it's difficult (and honestly time consuming and very frustrating) to try and have such discussions or even respond in a coherent way when fundamental aspects of the draft are misrepresented or misunderstood. For example, the DPoP proof JWT is created by the client not the AS so the advantages you put forward are nonsensical in the context of the actual workings of the draft.

Section 8.1 addresses the topic of the time window, but this topic should not only be addressed in the "Security Considerations" section
but in the main body of the document, since some checks MUST be done by the RS. "Security Considerations"are intended to provide
explanations but are not intended to be normative.

Section 8.1 states:

   " If an adversary is able to get hold of a DPoP proof JWT, the adversary could replay that token at the same endpoint (the HTTP
   endpoint and method are enforced via the respective claims in the JWTs).  To prevent this, servers MUST only accept DPoP proofs
   for a limited time window after their "iat" time, preferably only for a relatively brief period. 

   Servers SHOULD store, in the context of the request URI, the "jti" value of each DPoP proof for the time window in which the respective
   DPoP proof JWT would be accepted and decline HTTP requests to the same URI for which the "jti" value has been seen before.  In order
   to guard against memory exhaustion attacks a server SHOULD reject DPoP proof JWTs with unnecessarily large "jti" values or store only
   a hash thereof.

   (...) ".

The previous text makes the assumption that RSs MUST only accept DPoP proofs for a relatively brief period after their "iat" time included
in the DPoP proof JWT. This assumption is rather restrictive. A client might get an access token and associate it with DPoP proof JWT that
could be used during, e.g., 12 hours. A DPoP proof JWT/ access token JWT pair could thus be used by a client during, e.g., one day for
several sessions with a RS.

The time window is currently left at the discretion of each RS and is supposed to be short (without stating explicitly what "short" may mean)..
It would be possible to mandate in the JWT the inclusion of the exp (Expiration Time) Claim. (I am not advocating the inclusion of the "exp"
claim in the DPoP proof JWT).

In this way, for a RS, the time window would be defined using the "iat" claim defined in the DPoP proof JWT and the "exp" claim defined in
the JWT.

Such a description should not be done in section 8, but in a section earlier in the main body of the document.

This would have the following advantages:

  • The RS would be able to better manage the "jti" claim values, because it would be able to discard "jti" claim values as soon as they are
    outside the time window as defined above.
  • The client would know whether a DPoP proof JWT/ access token JWT pair is still usable, in particular using the "expires_in" status code
    returned in case of a     successful response from the AS and is thus unlikely to get a rejection of both of them because of an unknown time
    window used by a RS.

Denis



On Mon, Nov 30, 2020 at 8:45 AM Denis <denis.ietf@free.fr> wrote:

One comment on slide 5 about the time window.

At the bottom, on the left, it is written: "Only valid for a limited time window relative to creation time".

While the creation time is defined by "iat", the time window is currently left at the discretion of each RS.

It would be preferable to mandate the inclusion in the JWT of the exp (Expiration Time) Claim.
In this way, the time window would be defined by the AS using both the "iat" and the "exp" claims.

This would have the following advantages:

  • The client will know whether a token is still usable and is unlikely to get a rejection of the token
    because of an unknown time window defined by a RS.
  • The RS is able to manage better the "jti" claim values, because it will be able to discard "jti" claim values
    as soon as they are outside the time window defined by the AS in a JWT.

Denis


All,

This is a reminder that we have an Interim meeting this Monday, Nov 30th @ 12:00pm ET, to discuss the latest with the DPoP document:

You can find the details of the meeting and the slides here:

Regards,
 Rifaat & Hannes


_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth


_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you. 



_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth



-- 
https://danielfett.de

_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth


--------------4A1E69A6FC858851A0EED93F-- From nobody Wed Dec 2 07:18:23 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 86E7F3A146B for ; Wed, 2 Dec 2020 07:18:21 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.098 X-Spam-Level: X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=pingidentity.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D0q4sCy4erC7 for ; Wed, 2 Dec 2020 07:18:18 -0800 (PST) Received: from mail-lf1-x12d.google.com (mail-lf1-x12d.google.com [IPv6:2a00:1450:4864:20::12d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 23A443A14DD for ; Wed, 2 Dec 2020 07:18:11 -0800 (PST) Received: by mail-lf1-x12d.google.com with SMTP id q13so5291953lfr.10 for ; Wed, 02 Dec 2020 07:18:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=2IseNF7EscnSiiJ7s6v+DZLvsEZOCYfZINp2302lNvI=; b=S0tUvrm6K3JtaJRd0iS2D+XZeGlEvGHLMePMbLaj0w0uE+8T2NNPZ/xQa1TVgl//+Z +L+KILvknt+AeDuBdDYgnjAz0uolPXbaOQDuft6qZsd/+UhoVNw+gndMweta01jVarO1 k1Wg/cugzinUfGbVcy/3CBZ1MTXyBG+OMDe+ihALJTUUv6xfqs4viMRNxp3p5Nzz7lEh +pBSH/bU8YyXMJXYcAoB3X++WQLrR4ZTVaqOtImvqcarb0fM+3JYlpe6KSLmzk4fbrJ8 Kr5Q02IwKdpRjv9sdZENUu4jO9TGquxaK0PjQ3t1FFYsDoPFOxeRxPdX+5U4sTvBCVfO YpWw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=2IseNF7EscnSiiJ7s6v+DZLvsEZOCYfZINp2302lNvI=; b=jx/f111twmfs1sq6InhNSJlLdxy7OFsKN+XriuiU6QTpWgPJHkpifZXS8T8KmngZSk uLehOTSsSQrK9T/LQi0/hzoQ/uFy1S4FeppZMD0TpgmU5Uf6xnusTSDUKRO9aRzzmnHo VP0MIJx+ftuuiHdKIqUbIlNUvedP30pRadYPmW2UNJ/G/y4yCkNmJdLhSmTI8Y4++tMb mES2v9j89cqaz25mxWxeKg3d16KQR/K4BxuZZ2F1ozuNhyehaGyq1JcWWkDwaA244GeV rzbFDBVk+9CKmSsWBgu07oVWkcvguXyRcDWNCPYLzo62HwTAE9GATbwp0khIBkA0wTe7 D/8A== X-Gm-Message-State: AOAM533hjEEgA0TvFUav0Uzczm+iXYnaCCTUpkBl+7zXYIoSEh+mRiMP bOma9Y58vn+QDbHLpiDEHsyp22Y9gVeHhejQp/wN01AdRupHAiOzghnn5qq1KTlcsJS6Q7vZ1bS LbPjk4EtbWEd8FQ== X-Google-Smtp-Source: ABdhPJyW/MiRbNwF11SVqIi+3Wr5ffKcu0L0la88fbB2ocC8OtPJ3q4u8LzyuFdGnbXYq3TWddh57XyZS+u/y0+vY9k= X-Received: by 2002:a05:6512:3218:: with SMTP id d24mr1418831lfe.358.1606922289036; Wed, 02 Dec 2020 07:18:09 -0800 (PST) MIME-Version: 1.0 References: <1b584adf-14f9-ba2e-657d-f22b57d87675@free.fr> <4cb35c85-e13a-aabe-1e74-d6eb244189cf@free.fr> <49cbbea5-df0e-f864-cf8b-ec9c3768bc18@danielfett.de> In-Reply-To: From: Brian Campbell Date: Wed, 2 Dec 2020 08:17:41 -0700 Message-ID: To: Denis Cc: oauth Content-Type: multipart/alternative; boundary="000000000000385d0c05b57cc077" Archived-At: Subject: Re: [OAUTH-WG] Reminder - Interim Meeting to discuss DPoP X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Dec 2020 15:18:22 -0000 --000000000000385d0c05b57cc077 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable The conversation at https://github.com/danielfett/draft-dpop/pull/51#discussion_r332377311 has a bit more of the rational behind the choice of 96 bit minimum. On Wed, Dec 2, 2020 at 7:07 AM Denis wrote: > Hi Daniel, > > All your arguments make sense. I agree. > > A minor point however. The size of the jti" is currently mandated to 96 > bits minimum. This is unnecessarily long for a time window of a few minut= es. > The jti" does not need to be a unique identifier valid for ever. It can > simply be an identifier used during the time window which complements the > "iat" claim. > > Using both the "iat" claim and a 32 bits pseudo-random number will be > quite sufficient. It is also has the advantage of using less memory and > it is easier to flush the entries looking at the 32 first bits only. > > Denis > > So what you are proposing is that the time window in which an RS accepts > the DPoP proof is defined by the expiration time of the access token? > > DPoP proofs are intended to be generally be short-lived and fresh for eac= h > request in order to provide some level of replay protection. There is no > point in making the time window as long as the (typically longer) time > window in which an AT would be accepted. A DPoP proof that is valid for 1= 2 > hours would not provide much replay protection. > > The time window is left unspecified because it is only meant to account > for clock differences and network latency. Its precise value can depend o= n > deployment considerations. It is not intended to give the client an optio= n > to re-use proofs, which is prevented together with the jti. > > Also this would introduce new, unwanted and potentially surprising > dependencies between token lifetimes and the DPoP usage. > > And finally, as discussed before, not all access tokens are JWTs and we > are not going to mandate JWT access tokens in this spec. > > -Daniel > > > Am 01.12.20 um 09:54 schrieb Denis: > > Hi Brian, > > Hi Denis, > > The choice to use "iat" vs. "exp" was made in the summer of last year. Yo= u > can see some of the discussion from then in > https://github.com/danielfett/draft-dpop/issues/38. > I believe it pretty well has consensus at this point and thus unlikely to > be changed. > > I fear that you misread my email or read it too fast. My point had nothin= g > to do whether using *either *of "iat" *o**r* "exp" in the DPoP proof JWT > sent by the client. > > The first sentence of my email was: "One comment on slide 5 about the *ti= me > window*". So the topic was all about how the RS SHALL handle the "jti" > claim included > in the DPoP proof JWT when using a time window. > > While I do believe there are reasonable arguments that can be made on bot= h > sides of using either of "iat" or "exp", it's difficult (and honestly tim= e > consuming and very frustrating) to try and have such discussions or even > respond in a coherent way when fundamental aspects of the draft are > misrepresented or misunderstood. For example, the DPoP proof JWT is creat= ed > by the client not the AS so the advantages you put forward are > nonsensical in the context of the actual workings of the draft. > > Section 8.1 addresses the topic of the *time window*, but this topic > should not *only *be addressed in the "Security Considerations" section > but in the main body of the document, since some checks MUST be done by > the RS. "Security Considerations"are intended to provide > explanations but are not intended to be normative. > > Section 8.1 states: > > " If an adversary is able to get hold of a DPoP proof JWT, the > adversary could replay that token at the same endpoint (the HTTP > endpoint and method are enforced via the respective claims in the > JWTs). To prevent this, servers MUST only accept DPoP proofs > for a limited time window after their "iat" time, preferably only for = a > relatively brief period. > > Servers SHOULD store, in the context of the request URI, the "jti" > value of each DPoP proof for the time window in which the respective > DPoP proof JWT would be accepted and decline HTTP requests to the same > URI for which the "jti" value has been seen before. In order > to guard against memory exhaustion attacks a server SHOULD reject DPoP > proof JWTs with unnecessarily large "jti" values or store only > a hash thereof. > > (...) ". > > The previous text makes the assumption that RSs MUST only accept DPoP > proofs for a relatively brief period after their "iat" time included > in the DPoP proof JWT. This assumption is rather restrictive. A client > might get an access token and associate it with DPoP proof JWT that > could be used during, e.g., 12 hours. A DPoP proof JWT/ access token JWT > pair could thus be used by a client during, e.g., one day for > several sessions with a RS. > > The *time window* is currently left at the discretion of each RS and is > supposed to be short (without stating explicitly what "short" may mean).. > > It would be possible to mandate in the JWT the inclusion of the exp > (Expiration Time) Claim. (I am *not* advocating the inclusion of the > "exp" > claim in the DPoP proof JWT). > > In this way, for a RS, the *time window *would be defined using the "iat" > claim defined in the DPoP proof JWT and the "exp" claim defined in > the JWT. > > Such a description should not be done in section 8, but in a section > earlier in the main body of the document. > > This would have the following advantages: > > - The RS would be able to better manage the "jti" claim values, > because it would be able to discard "jti" claim values as soon as they= are > outside the time window as defined above. > > > - The client would know whether a DPoP proof JWT/ access token JWT > pair is still usable, in particular using the "expires_in" status code > returned in case of a successful response from the AS and is thus > unlikely to get a rejection of both of them because of an unknown time > window used by a RS. > > Denis > > > On Mon, Nov 30, 2020 at 8:45 AM Denis wrote: > >> One comment on slide 5 about the *time window*. >> >> At the bottom, on the left, it is written: "Only valid for a limited *ti= me >> window* relative to creation time". >> >> While the creation time is defined by "iat", the *time window* is >> currently left at the discretion of each RS. >> >> It would be preferable to mandate the inclusion in the JWT of the exp >> (Expiration Time) Claim. >> In this way, the *time window *would be defined by the AS using both the >> "iat" and the "exp" claims. >> >> This would have the following advantages: >> >> - The client will know whether a token is still usable and is >> unlikely to get a rejection of the token >> because of an unknown time window defined by a RS. >> >> >> - The RS is able to manage better the "jti" claim values, because it >> will be able to discard "jti" claim values >> as soon as they are outside the time window defined by the AS in a >> JWT. >> >> Denis >> >> All, >> >> This is a reminder that we have an Interim meeting this Monday, Nov 30th >> @ 12:00pm ET, to discuss the latest with the *DPoP *document: >> https://datatracker.ietf.org/doc/draft-ietf-oauth-dpop/ >> >> You can find the details of the meeting and the slides here: >> https://datatracker.ietf.org/meeting/interim-2020-oauth-16/session/oauth >> >> Regards, >> Rifaat & Hannes >> >> >> _______________________________________________ >> OAuth mailing listOAuth@ietf.orghttps://www.ietf.org/mailman/listinfo/oa= uth >> >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth >> > > *CONFIDENTIALITY NOTICE: This email may contain confidential and > privileged material for the sole use of the intended recipient(s). Any > review, use, distribution or disclosure by others is strictly prohibited. > If you have received this communication in error, please notify the sende= r > immediately by e-mail and delete the message and any file attachments fro= m > your computer. Thank you.* > > > > _______________________________________________ > OAuth mailing listOAuth@ietf.orghttps://www.ietf.org/mailman/listinfo/oau= th > > > -- https://danielfett.de > > > _______________________________________________ > OAuth mailing listOAuth@ietf.orghttps://www.ietf.org/mailman/listinfo/oau= th > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > --=20 _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged= =20 material for the sole use of the intended recipient(s). Any review, use,=20 distribution or disclosure by others is strictly prohibited.=C2=A0 If you h= ave=20 received this communication in error, please notify the sender immediately= =20 by e-mail and delete the message and any file attachments from your=20 computer. Thank you._ --000000000000385d0c05b57cc077 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
The conversation at https:/= /github.com/danielfett/draft-dpop/pull/51#discussion_r332377311 has a b= it more of the rational behind the choice of 96 bit minimum.

On W= ed, Dec 2, 2020 at 7:07 AM Denis <denis.ietf@free.fr> wrote:
=20 =20 =20
Hi Daniel,

All your arguments make sense. I agree.

A minor point however. The size of the jti" is currently mandated to 96 bits minimum. This is unnecessarily long for a time window of a few minutes.
The jti" does not need to be a unique identifier valid for ever. It can simply be an identifier used during the time window which complements the "iat" claim.

Using both the "iat" claim and a 32 bits pseudo-random number will be quite sufficient.=C2=A0 It is also has the advantage of using less memory and
it is easier to flush the entries looking at the 32 first bits only.

Denis

=20
So what you are proposing is that the time window in which an RS accepts the DPoP proof is defined by the expiration time of the access token?

DPoP proofs are intended to be generally be short-lived and fresh for each request in order to provide some level of replay protection. There is no point in making the time window as long as the (typically longer) time window in which an AT would be accepted. A DPoP proof that is valid for 12 hours would not provide much replay protection.

The time window is left unspecified because it is only meant to account for clock differences and network latency. Its precise value can depend on deployment considerations. It is not intended to give the client an option to re-use proofs, which is prevented together with the jti.

Also this would introduce new, unwanted and potentially surprising dependencies between token lifetimes and the DPoP usage.

And finally, as discussed before, not all access tokens are JWTs and we are not going to mandate JWT access tokens in this spec.

-Daniel


Am 01.12.20 um 09:54 schrieb Denis:
=20
Hi=C2=A0 Brian,

=20
Hi Denis,

The choice to use "iat" vs. "exp" was = made in the summer of last year. You can see some of the discussion from then in https://github.com/danielfett/draft-dpop/i= ssues/38.
I believe it pretty well has consensus at this point and thus unlikely to be changed.

I fear that you misread my email or read it too fast. My point had nothing to do whether using either of "iat" or "exp" in the = DPoP proof JWT sent by the client.

The first sentence of my email was: "O= ne comment on slide 5 about the time window". So the topic was all about how the RS SHALL handle the "jti"= claim included
in the DPoP proof JWT when using a time window.


While I do believe there are reasonable arguments that can be made on both sides of using either of "iat" = or "exp", it's difficult (and honestly time consum= ing and very frustrating) to try and have such discussions or even respond in a coherent way when fundamental aspects of the draft are misrepresented or misunderstood. For example, the DPoP proof JWT is created by the client not the AS so the advantag= es you put forward are nonsensical in the context of the actual workings of the draft.

Section 8.1 addresses the topic of the time window, but this topic should not only be addressed in the "Security Considerations" section
but in the main body of the document, since some checks MUST be done by the RS. "Security Considerations"are intended to provide
explanations but are not intended to be normative.

Section 8.1 states:

=C2=A0=C2=A0 " If= an adversary is able to get hold of a DPoP proof JWT, the adversary could replay that token at the same endpoint (the HTTP
=C2=A0=C2=A0 endpoint and method are enforced via the respect= ive claims in the JWTs).=C2=A0 To prevent this, servers MUST only accept DPoP proofs
=C2=A0=C2=A0 for a limited time window after their "iat&= quot; time, preferably only for a relatively brief period.=C2=A0

=C2=A0=C2=A0 Servers S= HOULD store, in the context of the request URI, the "jti"= value of each DPoP proof for the time window in which the respective
=C2=A0=C2=A0 DPoP proof JWT would be accepted and decline HTT= P requests to the same URI for which the "jti" value = has been seen before.=C2=A0 In order
=C2=A0=C2=A0 to guard against memory exhaustion attacks a ser= ver SHOULD reject DPoP proof JWTs with unnecessarily large "jti" values or store only
=C2=A0=C2=A0 a hash thereof.

=C2=A0=C2=A0 (...) &qu= ot;.

The previous text make= s the assumption that RSs MUST only accept DPoP proofs for a relatively brief period after their "iat" time included
in the <= font face=3D"Arial">DPoP proof JWT. This assumption is rather restrictive. A client might get an access token and associate it with <= /font>DPoP proof JWT that
could be used during, e.g., 12 hours. A DPoP proof JWT/ access token JWT pair could thus be used by a client during, e.g., one day for
several sessions with a RS.
<= /font>

The time window is currently left at the discretion of each RS and is supposed to be short (without stating explicitly what "short" may mean)..<= br>
It would be possible to mandate in the JWT the inclusion of the exp (Expiration Time) Claim. (I am not advocating the inclusion of the "exp"
claim in the DPoP proof JWT).

In this way, for a RS, the time window would be defined using the "iat" claim d= efined in the DPoP proof JWT and the "exp" claim defined in =
the JWT.

Such a description should not be done in section 8, but in a section earlier in the main body of the document.

This would have the following advantages:

  • The RS would be able to better manage the "jti" claim values, because it would be able to discard "jti" claim values as soon as they are
    outside the time window as defined above.
  • The client would know whether a DPoP proof JWT/ access token JWT pair is still usable, in particular using the "e= xpires_in" status code
    returned in case of a     successful response from the AS and is thus unlikely to get a rejection of both of them because of an unknown time
    window used by a RS.

Denis



On Mon, Nov 30, 2020 at 8:45 AM Denis <denis.ietf@free.fr> wrote:

One comment on slide 5 about the time window.

At the bottom, on the left, it is written: "Only valid for a limited time window relative to creation time".

While the creation time is defined by "iat"= , the time window is currently left at the discretion of each RS.

It would be preferable to mandate the inclusion in the JWT of the exp (Expiration Time) Claim.
In this way, the time window would be defined by the AS using both the "iat" and = the "exp" claims.

This would have the following advantages:

  • The client will know whether a token is still usable and is unlikely to get a rejection of the token
    because of an unknown time window defined by a RS.
  • The RS is able to manage better the "jti"= claim values, because it will be able to discard "jt= i" claim values
    as soon as they are outside the time window defined by the AS in a JWT.

Denis


All,

This is a reminder that we have an Interim meeting=C2=A0this Monday, Nov 30th @ 12:00pm ET, to discuss the latest with the DPoP document:

You can find the details of the meeting and the slides here:

Regards,
=C2=A0Rifaat & Hannes


_______________________________________________
OAuth mailing list
OAuth@ietf.org
h=
ttps://www.ietf.org/mailman/listinfo/oauth


_______________________________________________
OAuth mailing list
OAuth@iet= f.org
https://www.ietf.org/mailman/listinfo/oau= th

CONFIDENTIALITY NOTICE: This email may = contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.=C2=A0 If yo= u have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you. 



_______________________________________________
OAuth mailing list
OAuth@ietf.org
h=
ttps://www.ietf.org/mailman/listinfo/oauth



--=20
https://danielfett.de

_______________________________________________
OAuth mailing list
OAuth@ietf.org
h=
ttps://www.ietf.org/mailman/listinfo/oauth


_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

<= span style=3D"margin:0px;padding:0px;border:0px;outline:0px;vertical-align:= baseline;background:transparent;font-family:proxima-nova-zendesk,system-ui,= -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ub= untu,Cantarell,"Helvetica Neue",Arial,sans-serif;font-weight:600"= >CONFIDENTIALITY NOTICE: This email may contain confidenti= al and privileged material for the sole use of the intended recipient(s). A= ny review, use, distribution or disclosure by others is strictly prohibited= .=C2=A0 If you have received this communication in error, please notify the= sender immediately by e-mail and delete the message and any file attachmen= ts from your computer. Thank you. --000000000000385d0c05b57cc077-- From nobody Wed Dec 2 07:42:33 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 487A23A1458 for ; Wed, 2 Dec 2020 07:42:31 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.498 X-Spam-Level: X-Spam-Status: No, score=-1.498 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, KHOP_HELO_FCRDNS=0.399, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=no autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Dxe6qMvRE8FD for ; Wed, 2 Dec 2020 07:42:28 -0800 (PST) Received: from smtp.smtpout.orange.fr (smtp09.smtpout.orange.fr [80.12.242.131]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 711D03A145F for ; Wed, 2 Dec 2020 07:42:27 -0800 (PST) Received: from [192.168.1.11] ([90.91.135.71]) by mwinf5d17 with ME id zTiN2300M1Ybo4i03TiNza; Wed, 02 Dec 2020 16:42:23 +0100 X-ME-Helo: [192.168.1.11] X-ME-Auth: ZGVuaXMucGlua2FzQG9yYW5nZS5mcg== X-ME-Date: Wed, 02 Dec 2020 16:42:23 +0100 X-ME-IP: 90.91.135.71 To: oauth From: Denis Message-ID: <5233025a-a958-a5c0-238c-ea6f1df371bc@free.fr> Date: Wed, 2 Dec 2020 16:42:26 +0100 User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.5.0 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="------------75F546B2D90C325FBD615EA8" Content-Language: en-GB Archived-At: Subject: [OAUTH-WG] Proposed changes to draft-ietf-oauth-dpop-02 X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Dec 2020 15:42:31 -0000 This is a multi-part message in MIME format. --------------75F546B2D90C325FBD615EA8 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit I have reviewed the whole draft and you will find comments below starting with five editorials comments. Every other comment is numbered. Let us start with five typos where there is a duplication of the word "the": Page 4: XXS vulnerabilities also allow an attacker to execute code in the context of the browser-based client application and maliciously use a token indirectly through the _the_ client. Page 11: The example response in Figure 5 included a refresh token, which the client can use to obtain a new access token when the _the_ previous one expires. Page 11: Refreshing an access token is a token request using the "refresh_token" grant type made to the _the_ authorization server’s token endpoint. Page 13: Resource servers MUST be able to reliably identify whether an access token is bound using DPoP and ascertain sufficient information about the public key to which the token is bound in order to verify the binding with respect to the _the_ presented DPoP proof (see Section 7.1). Page 13: Resource servers supporting DPoP MUST ensure that the _the_ public key from the DPoP proof matches the pubic key to which the access token is bound. 1. Section 1. Introduction The text states:      The value of the header is a JWT [RFC7519] that enables the authorization server to bind issued tokens to the public part of the client’s key pair. A client may use different key pairs. Change : "the client’s key pair" into : " a client’s key pair". 2. Section 2.Objectives The text states:     The primary aim of DPoP is to prevent unauthorized or illegitimate parties from using leaked or stolen access tokens by binding a token to a public key     upon issuance and requiring that the client demonstrate possession of the corresponding private key when using the token. The objective needs to be described in terms of what ,the mechanism does and not yet at this time for which reasons. Change into:      The aim of DPoP is first to require a client to demonstrate possession of a public key when requesting an access token or a refresh token to an AS      where the AS will then bind that public key upon a token issuance and, then to demonstrate the possession of a public key included into a token      when presenting a refresh token to an AS or an access token to a RS. 3. The next sentence looks odd as far as the English grammar is considered.     This constrains the legitimate sender of the token to only the party with access to the private key and gives the server receiving the token added assurances     that the sender is legitimately authorized to use it. With the proposed change above, this sentence looks unnecessary and could be deleted. 4. Section 3 Concepts Page 5 In order to make crystal clear that they are to different DPoP Proofs, (DPoP Proof 1) and (DPoP Proof 2) should be shown on the figure as proposed below: *+--------++---------------+ ||--(A)-- Token Request ------------------->|| | Client |(DPoP Proof 1)| Authorization | |||Server| ||<-(B)-- DPoP-bound Access Token ----------|| ||(token_type=DPoP)+---------------+ || || ||+---------------+ ||--(C)-- DPoP-bound Access Token --------->|| ||(DPoP Proof 2)|Resource| |||Server| ||<-(D)-- Protected Resource ---------------|| ||+---------------+ +--------+ Figure 1: Basic DPoP Flow * 5. The text states:      The basic steps of an OAuth flow with DPoP are shown in Figure 1:      *(A) In the Token Request, the client sends an authorization grant (e.g., an authorization code, refresh token, etc.) to the authorization server         in order to obtain an access token (and potentially a refresh token).The client attaches a DPoP proof to the request in an HTTP header. At the end of the sentence, add : (DPoP Proof 2). 6. The text states:      *(C) To use the access token the client has to prove possession of the private key by, again, adding a header to the request that carries the DPoP proof. Change into:      *(C) To use the access token the client has to prove possession of the private key by using a header to the request that carries another DPoP proof (DPoP Proof 2). 7. Section 4.DPoP Proof JWTs The text states:      A valid DPoP proof demonstrates to the server that the client holds the private key that was used to sign the JWT. For avoiding misunderstandings, it would be better to say that this applies to DPoP Proof JWTs and that it applicable for both ASs and RSs. Proposed change:      A valid DPoP proof demonstrates to a server, (i.e. an AS or a RS), that the client holds the private key that was used to sign a DPoP Proof JWT. 8. The text states:      This enables authorization servers to bind issued tokens to the corresponding public key (as described in Section 5) and for resource servers to verify      the key-binding of tokens that it receives (see Section 7.1), which prevents said tokens from being used by any entity that does not have access to the private key. The end of the sentence is using the wording "(...) which prevents said tokens from being used by any entity that does not have access to the private key". a) It is proposed to remove the end of the sentence, i.e.: "), which prevents said tokens from being used by any entity that does not have access to the private key".     A new section 8.2 is being proposed (DPoP private key usage). See comment 17 which addresses this issue. At this time, it would be adequate to add that a DPoP Proof JWT can only be used once. b) Additional proposed text:      A DPoP proof JWT is intended to be only usable once: it includes claims that allows an AS or a RS to detect replays. 9. Section 4.2.DPoP Proof JWT Syntax The text states:      The body of a DPoP proof contains at least the following claims: (...)      *"jti": Unique identifier for the DPoP proof JWT (REQUIRED).The value MUST be assigned such that there is a negligible probability that the same value         will be assigned to any other DPoP proof used in the same context during the time window of validity.Such uniqueness can be accomplished by encoding         (base64url or any other suitable encoding) at least 96 bits of pseudorandom data or by using a version 4 UUID string according to [RFC4122].The "jti" can         be used by the server for replay detection and prevention, see Section 8.1. This looks like over engineering. 32 bits of pseudorandom data will be sufficient if used in conjunction with the "iat" claim. If the server (AS or RS) uses a concatenation of both the "iat" and the "jti" this makes 2 ^ 32 possibilities within the same second during a time windows of a few minutes (about 120 seconds). To highlight the fact that "jti" is a complement of "iat", it should be placed after "iat" in the description". Proposed change: *"jti": JWT identifier that complements the "iat" claim to handle replay protection for a given server (REQUIRED).       The value MUST be assigned such that there is a negligible probability that the same value will be assigned to any other DPoP proof received by the server       within the same second during a short time window of validity (i.e. a few minutes only) . This MUST be accomplished by encoding 32 bits of pseudorandom data. 10. Figure 3. The end of figure 3 is as follows: (...)      { "jti":"-BwC3ESc6acc2lTc", "htm":"POST", "htu":"https://server.example.com/token", "iat":1562262616 } Figure 3: Example JWT content of a "DPoP" proof In order to follow the ordering of the claims, as proposed before, it would be more adequate to write it as follows: (...)      { "htm":"POST", "htu":"https://server.example.com/token", "iat":1562262616 "jti": EE238F3F, } Figure 3: Example JWT content of a "DPoP" proof Please note that the "jti" value is shorter. 11. The text below figure 3 states:       Of the HTTP content in the request, only the HTTP method and URI are included in the DPoP JWT, and therefore only these 2 headers of the request       are covered by the DPoP proof and its signature. The four claims should be covered by the signature. Proposed change: Of the HTTP content in the request, only the HTTP method ("htm" claim"), the URI ("htu" claim), the issuance time of the DPoP proof JWT ("iat" claim)     and the DPoP proof JWT identifier ( jti "claim") are included in the DPoP JWT, and therefore only these 4 headers of the request are covered by the DPoP proof     and its signature. 12. Section 4.3.Checking DPoP Proofs The text states:      To check if a string that was received as part of an HTTP Request is a valid DPoP proof, the receiving server MUST ensure that 1.the string value is a well-formed JWT, 2.all required claims are contained in the JWT, It would be wise to indicate what are "all the required claims" Change the last above sentence into: 2.all required claims are contained in the JWT, at least the "htm" claim, the "htu" claim, the "iat" claim and the "jti "claim. 13. The text states:      5.that the JWT is signed using the public key contained in the "jwk" header of the JWT Typo: Since the sentence above all these conditions already includes the word "that" (/the receiving server MUST ensure that/), the word "that" in this sentence should be removed. Change into:      5.the JWT is signed using the public key contained in the "jwk" header of the JWT 14. The text continues with: 8.the token was issued within an acceptable timeframe (see Section 8.1), and 9.that, within a reasonable consideration of accuracy and resource utilization, a JWT with the same "jti" value has not previously been received             at the same URI (see Section 8.1). References to text located in the "Security considerations" section should be avoided. In addition this text needs to be revised in order to take benefit of the use of a combination of "iat" and "jti". Change the two last above sentences into: [the receiving server MUST ensure that] 8.the "iat" time is within an acceptable timeframe (a few seconds skew SHOULD be allowed).            Note: To accommodate for clock offsets, the server SHOULD accept DPoP proofs that carry an "iat" time in the reasonably near future (e.g., a few seconds in the future). 9.and that, in order to accept the DPoP proof JWT, both the "iat" claim and the associated "jti" claim have not already been seen before during the time window             used by the server; otherwise refuse the DPoP proof JWT. 15. Section 5.DPoP Access Token Request (Page 12) The text states: An authorization server MAY elect to issue access tokens which are not DPoP bound, which is signaled to the client with a value of "Bearer" in the "token_type" parameter        of the access token response per [RFC6750]. This has a consequence for the client which is not mentioned but should be mentioned. Proposed additional text:        When the client receives an access token, it MUST check whether the "token_type" parameter of the access token response contains a value of "Bearer" or a value of " DPoP".        If a "Bearer" token is received whereas the client indeed wanted a "DPoP" token, then the client SHALL discard the response. 16. Section 8.1.DPoP Proof Replay Replace the current text with:       In order to prevent the replay of a token at the same endpoint (the HTTP endpoint), only a single DPoP proof JWT which contains the same claims is accepted during a time window       set by the server.This prevents both legitimate and illegitimate clients to use twice a same DPoP proof JWT. A JWT that is still valid can be associated with a new DPoP proof JWT      and hence can be re-used during its validity period.       The mechanism which is based on both the "iat" and the "jti" claims occupies 64 bits of memory (32 +32 bits) per DPoP proof JWT that has been accepted.       The entries can be flushed after the end of the time window.       Clients have no way to know in advance the exact value of a time window used by a server.If they wait too long for using a DPoP proof JWT, a DPoP proof JWT / access token pair       may be rejected, even it is cryptographically correct. 17. Add a new section 8.2:       8.2.DPoP private key usage       A legitimate client does not necessarily need to "have access to" the private key that is being used to sign a DPoP proof JWT, but can simply "use" the private key without knowing its value.       This means that it is able to perform cryptographic computations either for its own benefit or for the benefit of other users. In the later case, an illegitimate client may be given both an access token       and a DPoP Proof JWT by a legitimate client.The fact that a DPoP proof JWT can only be used once does not protect against this collaborative attack. 18. Currently there is no "Privacy considerations" section, whereas there should be one. This point is addressed in a separate email since it proposes new text. Denis --------------75F546B2D90C325FBD615EA8 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 8bit

I have reviewed the whole draft and you will find comments below starting with five editorials comments. Every other comment is numbered.

Let us start with five typos where there is a duplication of the word "the":

Page 4:

XXS vulnerabilities also allow an attacker to execute code in the context of the browser-based client application and maliciously use a token indirectly through the the client.

Page 11:

The example response in Figure 5 included a refresh token, which the client can use to obtain a new access token when the the previous one expires.

Page 11:

Refreshing an access token is a token request using the "refresh_token" grant type made to the the authorization server’s token endpoint.

Page 13:

Resource servers MUST be able to reliably identify whether an access token is bound using DPoP and ascertain sufficient information about the public key to which
the token is bound in order to verify the binding with respect to the the presented DPoP proof (see Section 7.1).

Page 13:

Resource servers supporting DPoP MUST ensure that the the public key from the DPoP proof matches the pubic key to which the access token is bound.


1. Section 1. Introduction

The text states:

     The value of the header is a JWT [RFC7519] that enables the authorization server to bind issued tokens to the public part of the client’s key pair.

A client may use different key pairs.

Change :

"the client’s key pair"

into :

" a client’s key pair".

2. Section 2.  Objectives

The text states:

    The primary aim of DPoP is to prevent unauthorized or illegitimate parties from using leaked or stolen access tokens by binding a token to a public key
    upon issuance and requiring that the client demonstrate possession of the corresponding private key when using the token.

The objective needs to be described in terms of what ,the mechanism does and not yet at this time for which reasons.

Change into:

     The aim of DPoP is first to require a client to demonstrate possession of a public key when requesting an access token or a refresh token to an AS
     where the AS will then bind that public key upon a token issuance and, then to demonstrate the possession of a public key included into a token
     when presenting a refresh token to an AS or an access token to a RS.


3. The next sentence looks odd as far as the English grammar is considered.

    This constrains the legitimate sender of the token to only the party with access to the private key and gives the server receiving the token added assurances
    that the sender is legitimately authorized to use it.

With the proposed change above, this sentence looks unnecessary and could be deleted.

4. Section 3 Concepts Page 5

In order to make crystal clear that they are to different DPoP Proofs, (DPoP Proof 1) and (DPoP Proof 2) should be shown on the figure as proposed below:

+--------+                                          +---------------+
|        |--(A)-- Token Request ------------------->|               |
| Client |        (DPoP Proof 1)                    | Authorization |
|        |                                          |     Server    |
|        |<-(B)-- DPoP-bound Access Token ----------|               |
|        |        (token_type=DPoP)                 +---------------+
|        |
|        |
|        |                                          +---------------+
|        |--(C)-- DPoP-bound Access Token --------->|               |
|        |        (DPoP Proof 2)                    |    Resource   |
|        |                                          |     Server    |
|        |<-(D)-- Protected Resource ---------------|               |
|        |                                          +---------------+
+--------+
                      Figure 1: Basic DPoP Flow

5. The text states:

     The basic steps of an OAuth flow with DPoP are shown in Figure 1:

     *  (A) In the Token Request, the client sends an authorization grant (e.g., an authorization code, refresh token, etc.) to the authorization server
        in order to obtain an access token (and potentially a refresh token).  The client attaches a DPoP proof to the request in an HTTP header.

At the end of the sentence, add : (DPoP Proof 2).


6. The text states:

     *  (C) To use the access token the client has to prove possession of the private key by, again, adding a header to the request that carries the DPoP proof. 

Change into:
 
     *  (C) To use the access token the client has to prove possession of the private key by using a header to the request that carries another DPoP proof (DPoP Proof 2).


7. Section 4.  DPoP Proof JWTs

The text states:

     A valid DPoP proof demonstrates to the server that the client holds the private key that was used to sign the JWT.

For avoiding misunderstandings, it would be better to say that this applies to DPoP Proof JWTs and that it applicable for both ASs and RSs.

Proposed change:

     A valid DPoP proof demonstrates to a server, (i.e. an AS or a RS), that the client holds the private key that was used to sign a DPoP Proof JWT.

8. The text states:

     This enables authorization servers to bind issued tokens to the corresponding public key (as described in Section 5) and for resource servers to verify
     the key-binding of tokens that it receives (see Section 7.1), which prevents said tokens from being used by any entity that does not have access to the private key.

The end of the sentence is using the wording "(...) which prevents said tokens from being used by any entity that does not have access to the private key".

a) It is proposed to remove the end of the sentence, i.e.: "), which prevents said tokens from being used by any entity that does not have access to the private key".
    A new section 8.2 is being proposed (DPoP private key usage). See comment 17 which addresses this issue.

At this time, it would be adequate to add that a DPoP Proof JWT can only be used once.

b) Additional proposed text:

     A DPoP proof JWT is intended to be only usable once: it includes claims that allows an AS or a RS to detect replays.


9. Section 4.2.  DPoP Proof JWT Syntax

The text states:

     The body of a DPoP proof contains at least the following claims:

(...)

     *  "jti": Unique identifier for the DPoP proof JWT (REQUIRED).  The value MUST be assigned such that there is a negligible probability that the same value
        will be assigned to any other DPoP proof used in the same context during the time window of validity.  Such uniqueness can be accomplished by encoding
        (base64url or any other suitable encoding) at least 96 bits of pseudorandom data or by using a version 4 UUID string according to [RFC4122].  The "jti" can
        be used by the server for replay detection and prevention, see Section 8.1.

This looks like over engineering. 32 bits of pseudorandom data will be sufficient if used in conjunction with the "iat" claim. If the server (AS or RS) uses a concatenation
of both the "iat" and the "jti" this makes 2 ^ 32 possibilities within the same second during a time windows of a few minutes (about 120 seconds).

To highlight the fact that "jti" is a complement of "iat", it should be placed after "iat" in the description".

Proposed change:

   *  "jti": JWT identifier that complements the "iat" claim to handle replay protection for a given server (REQUIRED).
    
      The value MUST be assigned such that there is a negligible probability that the same value will be assigned to any other DPoP proof received by the server
      within the same second during a short time window of validity (i.e. a few minutes only) . This MUST be accomplished by encoding 32 bits of pseudorandom data.


10. Figure 3.

The end of figure 3 is as follows:

(...)
     {
     "jti":"-BwC3ESc6acc2lTc",
     "htm":"POST",
     "htu":"https://server.example.com/token",
     "iat":1562262616
    }
              Figure 3: Example JWT content of a "DPoP" proof

In order to follow the ordering of the claims, as proposed before, it would be more adequate to write it as follows:

(...)
     {
     "htm":"POST",
     "htu":"https://server.example.com/token",
     "iat":1562262616
     "jti": EE238F3F,

    }
              Figure 3: Example JWT content of a "DPoP" proof

Please note that the "jti" value is shorter.


11. The text below figure 3 states:

      Of the HTTP content in the request, only the HTTP method and URI are included in the DPoP JWT, and therefore only these 2 headers of the request
      are covered by the DPoP proof and its signature.

The four claims should be covered by the signature.

Proposed change:

    Of the HTTP content in the request, only the HTTP method ("htm" claim"), the URI ("htu" claim), the issuance time of the DPoP proof JWT ("iat" claim)
    and the DPoP proof JWT identifier ( jti "claim") are included in the DPoP JWT, and therefore only these 4 headers of the request are covered by the DPoP proof
    and its signature.

12. Section 4.3.  Checking DPoP Proofs

The text states:

     To check if a string that was received as part of an HTTP Request is a valid DPoP proof, the receiving server MUST ensure that

        1.  the string value is a well-formed JWT,
        2.  all required claims are contained in the JWT,

It would be wise to indicate what are "all the required claims"

Change the last above sentence into:

   2.  all required claims are contained in the JWT, at least the "htm" claim, the "htu" claim, the "iat" claim and the "jti "claim.


13. The text states:

     5.  that the JWT is signed using the public key contained in the "jwk" header of the JWT

Typo: Since the sentence above all these conditions already includes the word "that" (the receiving server MUST ensure that),
the word "that" in this sentence should be removed.

Change into:

     5.  the JWT is signed using the public key contained in the "jwk" header of the JWT


14. The text continues with:

       8.  the token was issued within an acceptable timeframe (see Section 8.1), and
       9.  that, within a reasonable consideration of accuracy and resource utilization, a JWT with the same "jti" value has not previously been received
            at the same URI (see Section 8.1).

References to text located in the "Security considerations" section should be avoided.

In addition this text needs to be revised in order to take benefit of the use of a combination of "iat" and "jti".

Change the two last above sentences into:

[the receiving server MUST ensure that]

       8.  the "iat" time is within an acceptable timeframe (a few seconds skew SHOULD be allowed).

           Note: To accommodate for clock offsets, the server SHOULD accept DPoP proofs that carry an "iat" time in the reasonably near future (e.g., a few seconds in the future).

       9.  and that, in order to accept the DPoP proof JWT, both the "iat" claim and the associated "jti" claim have not already been seen before during the time window
            used by the server; otherwise refuse the DPoP proof JWT.


15. Section 5.  DPoP Access Token Request (Page 12)

The text states:

       An authorization server MAY elect to issue access tokens which are not DPoP bound, which is signaled to the client with a value of "Bearer" in the "token_type" parameter
       of the access token response per [RFC6750]. 

This has a consequence for the client which is not mentioned but should be mentioned.

Proposed additional text:

       When the client receives an access token, it MUST check whether the "token_type" parameter of the access token response contains a value of "Bearer" or a value of " DPoP".
       If a "Bearer" token is received whereas the client indeed wanted a "DPoP" token, then the client SHALL discard the response.


16. Section 8.1.  DPoP Proof Replay

Replace the current text with:

      In order to prevent the replay of a token at the same endpoint (the HTTP endpoint), only a single DPoP proof JWT which contains the same claims is accepted during a time window
      set by the server.  This prevents both legitimate and illegitimate clients to use twice a same DPoP proof JWT. A JWT that is still valid can be associated with a new DPoP proof JWT
     and hence can be re-used during its validity period. 

      The mechanism which is based on both the "iat" and the "jti" claims occupies 64 bits of memory (32 +32 bits) per DPoP proof JWT that has been accepted. 
      The entries can be flushed after the end of the time window.

      Clients have no way to know in advance the exact value of a time window used by a server.  If they wait too long for using a DPoP proof JWT, a DPoP proof JWT / access token pair
      may be rejected, even it is cryptographically correct.

17. Add a new section 8.2:

      8.2.  DPoP private key usage

      A legitimate client does not necessarily need to "have access to" the private key that is being used to sign a DPoP proof JWT, but can simply "use" the private key without knowing its value.
      This means that it is able to perform cryptographic computations either for its own benefit or for the benefit of other users. In the later case, an illegitimate client may be given both an access token
      and a DPoP Proof JWT by a legitimate client.  The fact that a DPoP proof JWT can only be used once does not protect against this collaborative attack.


18. Currently there is no "Privacy considerations" section, whereas there should be one.

This point is addressed in a separate email since it proposes new text.

Denis


 --------------75F546B2D90C325FBD615EA8-- From nobody Wed Dec 2 07:47:37 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B0F543A160B for ; Wed, 2 Dec 2020 07:47:34 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.498 X-Spam-Level: X-Spam-Status: No, score=-1.498 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, KHOP_HELO_FCRDNS=0.399, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=no autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L6lO5UrRnI-M for ; Wed, 2 Dec 2020 07:47:32 -0800 (PST) Received: from smtp.smtpout.orange.fr (smtp09.smtpout.orange.fr [80.12.242.131]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8B9183A1596 for ; Wed, 2 Dec 2020 07:47:14 -0800 (PST) Received: from [192.168.1.11] ([90.91.135.71]) by mwinf5d17 with ME id zTnA2300N1Ybo4i03TnAdq; Wed, 02 Dec 2020 16:47:10 +0100 X-ME-Helo: [192.168.1.11] X-ME-Auth: ZGVuaXMucGlua2FzQG9yYW5nZS5mcg== X-ME-Date: Wed, 02 Dec 2020 16:47:10 +0100 X-ME-IP: 90.91.135.71 To: oauth From: Denis Message-ID: <9619c66e-a19c-d3b2-3026-9755a6249d50@free.fr> Date: Wed, 2 Dec 2020 16:47:14 +0100 User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.5.0 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="------------299B9F48ADDCE2948137038E" Content-Language: en-GB Archived-At: Subject: [OAUTH-WG] Proposed text for a Privacy considerations section in draft-ietf-oauth-dpop-02 X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Dec 2020 15:47:36 -0000 This is a multi-part message in MIME format. --------------299B9F48ADDCE2948137038E Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit This is the development of the 18 th comment from my previous email. Proposed text: 9. Privacy considerations The document does not specify how the public key used to compute the signature of the DPoP proof JWT is generated or comes from. Different scenarios are possible. They are addressed with respect to the ability of RSs or other servers being able to link the users using the DPoP proof JWTs and the associated access tokens they receive. In order to limit attacks to impersonation attacks, an access token must include either a "sub" claim or other claims allowing to unambiguously identify the user to a RS. When a "sub" claim is being used, RFC 7519 states in section 4.1.2 that "the subject value MUST either be scoped to be locally unique in the context of the issuer or be globally unique". When the subject value is globally unique, RSs usually do not learn more than they already knew but since that subject value may be shared and compared with globally unique identifiers stored by other servers that are not part of the OAuth framework this may be considered as a problem but this has nothing to do with the DPoP mechanism. The case where the subject value is locally unique in the context of the AS or other claims incorporated into an access token allow to unambiguously identify the user to a RS is addressed below. 9.1 Use of a single asymmetric key pair for all ASs All the "DPoP" access tokens issued by all the ASs, will include the same public key. When the subject value is locally unique in the context of the issuer (i.e. an AS) or other claims allow to unambiguously identify the user to a RS, RSs may learn more than they already knew since a locally unique identifier used by one AS may be different from another locally unique identifier used by another AS. The same applies for other claims allowing to unambiguously identify the user to a RS. In this case, this allows RSs to link a "sub" claim or other claims allowing to unambiguously identify the user to a RS with another "sub" claim or other claims allowing to unambiguously identify the user to another RS. While this method may not be a problem when it is only used within an Intranet context, this method may be a problem as soon as it is used over the Internet, because RSs will be able to link the access tokens they receive. This method is strongly deprecated when used over the Internet. It may be used with great care within an Intranet as long as the network is kept isolated from the Internet since it may affect the privacy of the users. 9.2 Use of a static asymmetric key pair between a client and each AS All the "DPoP" access tokens issued by one AS for one user, will include the same public key. This allows each RS to know whether the access tokens it receives are coming from the same AS and from the same user. Using this method, RSs are able to know that the access tokens they receive have been issued for the same user whatever claims have been incorporated into the access token. This method may affect the user's privacy. 9.3 Use of a static asymmetric key pair between a client and each RS All the "DPoP" access tokens issued for one RS, will include the same public key, no matter which AS has generated the access token. This allows each RS to know that the access tokens it receives are coming from the same user. Using this method, RSs are unable to link the access tokens they receive when receiving a DPoP proof JWT. From a security point of view, this method has a side benefit since all access tokens that contain the same public key that are received by a given RS are indeed issued for the same user. 9.4 Use of an ephemeral asymmetric key pair for every "DPoP" access token When only using the public key placed in a "DPoP" access token, RSs are unable to link the access tokens they receive.  However, this method has the disadvantage to require the generation of a different key pair for every "DPoP" access token.  This may be time and resource consuming.  When this method is being used, it is recommended to generate key pairs in advance, whenever it is possible. Denis --------------299B9F48ADDCE2948137038E Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 8bit

This is the development of the 18 th comment from my previous email.

Proposed text:

9. Privacy considerations

The document does not specify how the public key used to compute the signature of the DPoP proof JWT is generated or comes from.  Different scenarios are possible.
They are addressed with respect to the ability of RSs or other servers being able to link the users using the DPoP proof JWTs and the associated access tokens they receive.

In order to limit attacks to impersonation attacks, an access token must include either a "sub" claim or other claims allowing to unambiguously identify the user to a RS.
When a "sub" claim is being used, RFC 7519 states in section 4.1.2 that "the subject value MUST either be scoped to be locally unique in the context of the issuer or be globally unique".

When the subject value is globally unique, RSs usually do not learn more than they already knew but since that subject value may be shared and compared with globally unique identifiers
stored by other servers that are not part of the OAuth framework this may be considered as a problem but this has nothing to do with the DPoP mechanism.

The case where the subject value is locally unique in the context of the AS or other claims incorporated into an access token allow to unambiguously identify the user to a RS is addressed below.


9.1 Use of a single asymmetric key pair for all ASs

All the "DPoP" access tokens issued by all the ASs, will include the same public key.

When the subject value is locally unique in the context of the issuer (i.e. an AS) or other claims allow to unambiguously identify the user to a RS,
RSs may learn more than they already knew since a locally unique identifier used by one AS may be different from another locally unique identifier used by another AS.
The same applies for other claims allowing to unambiguously identify the user to a RS. In this case, this allows RSs to link a "sub" claim or other claims allowing
to unambiguously identify the user to a RS with another "sub" claim or other claims allowing to unambiguously identify the user to another RS.

While this method may not be a problem when it is only used within an Intranet context, this method may be a problem as soon as it is used over the Internet,
because RSs will be able to link the access tokens they receive. This method is strongly deprecated when used over the Internet. It may be used with great care
within an Intranet as long as the network is kept isolated from the Internet since it may affect the privacy of the users.

9.2 Use of a static asymmetric key pair between a client and each AS

All the "DPoP" access tokens issued by one AS for one user, will include the same public key. This allows each RS to know whether the access tokens
it receives are coming from the same AS and from the same user.

Using this method, RSs are able to know that the access tokens they receive have been issued for the same user whatever claims have been incorporated
into the access token. This method may affect the user's privacy.

9.3 Use of a static asymmetric key pair between a client and each RS

All the "DPoP" access tokens issued for one RS, will include the same public key, no matter which AS has generated the access token.
This allows each RS to know that the access tokens it receives are coming from the same user. Using this method, RSs are unable to link the access tokens
they receive when receiving a DPoP proof JWT.

From a security point of view, this method has a side benefit since all access tokens that contain the same public key that are received by a given RS are indeed
issued for the same user.

9.4 Use of an ephemeral asymmetric key pair for every "DPoP" access token

When only using the public key placed in a "DPoP" access token, RSs are unable to link the access tokens they receive.  However, this method has the disadvantage
to require the generation of a different key pair for every "DPoP" access token.  This may be time and resource consuming.  When this method is being used,
it is recommended to generate key pairs in advance, whenever it is possible.

Denis

--------------299B9F48ADDCE2948137038E-- From nobody Wed Dec 2 08:11:32 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A71953A1471 for ; Wed, 2 Dec 2020 08:11:30 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.497 X-Spam-Level: X-Spam-Status: No, score=-1.497 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, KHOP_HELO_FCRDNS=0.399, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Hxg9EFUGH45u for ; Wed, 2 Dec 2020 08:11:27 -0800 (PST) Received: from smtp.smtpout.orange.fr (smtp09.smtpout.orange.fr [80.12.242.131]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E55B03A13BB for ; Wed, 2 Dec 2020 08:11:26 -0800 (PST) Received: from [192.168.1.11] ([90.91.135.71]) by mwinf5d17 with ME id zUBN2300G1Ybo4i03UBNuX; Wed, 02 Dec 2020 17:11:23 +0100 X-ME-Helo: [192.168.1.11] X-ME-Auth: ZGVuaXMucGlua2FzQG9yYW5nZS5mcg== X-ME-Date: Wed, 02 Dec 2020 17:11:23 +0100 X-ME-IP: 90.91.135.71 To: Brian Campbell Cc: oauth References: <1b584adf-14f9-ba2e-657d-f22b57d87675@free.fr> <4cb35c85-e13a-aabe-1e74-d6eb244189cf@free.fr> <49cbbea5-df0e-f864-cf8b-ec9c3768bc18@danielfett.de> From: Denis Message-ID: <17c55449-08bc-ba2f-8eef-f0b2c44c7f0e@free.fr> Date: Wed, 2 Dec 2020 17:11:27 +0100 User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.5.0 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/alternative; boundary="------------9629CA0305C5C3162EEC7511" Content-Language: en-GB Archived-At: Subject: [OAUTH-WG] draft-ietf-oauth-dpop-02: The size of the "jti" is currently mandated to 96 bits minimum X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Dec 2020 16:11:31 -0000 This is a multi-part message in MIME format. --------------9629CA0305C5C3162EEC7511 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Hi Brian, I changed the title of this thread from "Reminder - Interim Meeting to discuss DPoP" to "draft-ietf-oauth-dpop-02: The size of the "jti" is currently mandated to 96 bits minimum". Thank you for the link. I read it but I am still not convinced that using a minimum of 96 bits is necessary. Using both the "iat" claim and the "jti" claim, it is very unlikely that the same 32 bits jti will be picked up at the very same "iat" time by two or more clients. Should such a condition happen, then another attempt with a new DPoP proof JWT would very likely succeed for the second client. In case of a collision, it would also be possible to return a specific error code saying something like "duplicate iat/jti pair". So the client would be informed that it should perform another attempt using a new DPoP proof JWT. Denis > The conversation at > https://github.com/danielfett/draft-dpop/pull/51#discussion_r332377311 > > has a bit more of the rational behind the choice of 96 bit minimum. > > On Wed, Dec 2, 2020 at 7:07 AM Denis > wrote: > > Hi Daniel, > > All your arguments make sense. I agree. > > A minor point however. The size of the jti" is currently mandated > to 96 bits minimum. This is unnecessarily long for a time window > of a few minutes. > The jti" does not need to be a unique identifier valid for ever. > It can simply be an identifier used during the time window which > complements the "iat" claim. > > Using both the "iat" claim and a 32 bits pseudo-random number will > be quite sufficient.  It is also has the advantage of using less > memory and > it is easier to flush the entries looking at the 32 first bits only. > > Denis > >> So what you are proposing is that the time window in which an RS >> accepts the DPoP proof is defined by the expiration time of the >> access token? >> >> DPoP proofs are intended to be generally be short-lived and fresh >> for each request in order to provide some level of replay >> protection. There is no point in making the time window as long >> as the (typically longer) time window in which an AT would be >> accepted. A DPoP proof that is valid for 12 hours would not >> provide much replay protection. >> >> The time window is left unspecified because it is only meant to >> account for clock differences and network latency. Its precise >> value can depend on deployment considerations. It is not intended >> to give the client an option to re-use proofs, which is prevented >> together with the jti. >> >> Also this would introduce new, unwanted and potentially >> surprising dependencies between token lifetimes and the DPoP usage. >> >> And finally, as discussed before, not all access tokens are JWTs >> and we are not going to mandate JWT access tokens in this spec. >> >> -Daniel >> >> >> Am 01.12.20 um 09:54 schrieb Denis: >>> Hi  Brian, >>> >>>> Hi Denis, >>>> >>>> The choice to use "iat" vs. "exp" was made in the summer of >>>> last year. You can see some of the discussion from then in >>>> https://github.com/danielfett/draft-dpop/issues/38 >>>> . >>>> I believe it pretty well has consensus at this point and thus >>>> unlikely to be changed. >>> >>> I fear that you misread my email or read it too fast. My point >>> had nothing to do whether using *either *of "iat" *o**r* "exp" >>> in the DPoP proof JWT sent by the client. >>> >>> The first sentence of my email was: "One comment on slide 5 >>> about the /time window/". So the topic was all about how the RS >>> SHALL handle the "jti" claim included >>> in the DPoP proof JWT when using a time window. >>> >>> >>>> While I do believe there are reasonable arguments that can be >>>> made on both sides of using either of "iat" or "exp", it's >>>> difficult (and honestly time consuming and very frustrating) to >>>> try and have such discussions or even respond in a coherent way >>>> when fundamental aspects of the draft are misrepresented or >>>> misunderstood. For example, the DPoP proof JWT is created by >>>> the client not the AS so the advantages you put forward are >>>> nonsensical in the context of the actual workings of the draft. >>> >>> Section 8.1 addresses the topic of the /time window/, but this >>> topic should not /only /be addressed in the "Security >>> Considerations" section >>> but in the main body of the document, since some checks MUST be >>> done by the RS. "Security Considerations"are intended to provide >>> explanations but are not intended to be normative. >>> >>> Section 8.1 states: >>> >>>    " If an adversary is able to get hold of a DPoP proof JWT, >>> the adversary could replay that token at the same endpoint (the HTTP >>>    endpoint and method are enforced via the respective claims in >>> the JWTs).  To prevent this, servers MUST only accept DPoP proofs >>>    for a limited time window after their "iat" time, preferably >>> only for a relatively brief period. >>> >>>    Servers SHOULD store, in the context of the request URI, the >>> "jti" value of each DPoP proof for the time window in which the >>> respective >>>    DPoP proof JWT would be accepted and decline HTTP requests to >>> the same URI for which the "jti" value has been seen before.  In >>> order >>>    to guard against memory exhaustion attacks a server SHOULD >>> reject DPoP proof JWTs with unnecessarily large "jti" values or >>> store only >>>    a hash thereof. >>> >>>    (...) ". >>> >>> The previous text makes the assumption that RSs MUST only accept >>> DPoP proofs for a relatively brief period after their "iat" time >>> included >>> in the DPoP proof JWT. This assumption is rather restrictive. A >>> client might get an access token and associate it with DPoP >>> proof JWT that >>> could be used during, e.g., 12 hours. A DPoP proof JWT/ access >>> token JWT pair could thus be used by a client during, e.g., one >>> day for >>> several sessions with a RS. >>> >>> The /time window/ is currently left at the discretion of each RS >>> and is supposed to be short (without stating explicitly what >>> "short" may mean).. >>> >>> It would be possible to mandate in the JWT the inclusion of the >>> exp (Expiration Time) Claim. (I am _not_ advocating the >>> inclusion of the "exp" >>> claim in the DPoP proof JWT). >>> >>> In this way, for a RS, the /time window /would be defined using >>> the "iat" claim defined in the DPoP proof JWT and the "exp" >>> claim defined in >>> the JWT. >>> >>> Such a description should not be done in section 8, but in a >>> section earlier in the main body of the document. >>> >>> This would have the following advantages: >>> >>> * The RS would be able to better manage the "jti" claim >>> values, because it would be able to discard "jti" claim >>> values as soon as they are >>> outside the time window as defined above. >>> >>> * The client would know whether a DPoP proof JWT/ access token >>> JWT pair is still usable, in particular using the >>> "expires_in" status code >>> returned in case of a successful response from the AS and is >>> thus unlikely to get a rejection of both of them because of >>> an unknown time >>> window used by a RS. >>> >>> Denis >>> >>> >>>> >>>> On Mon, Nov 30, 2020 at 8:45 AM Denis >>> > wrote: >>>> >>>> One comment on slide 5 about the /time window/. >>>> >>>> At the bottom, on the left, it is written: "Only valid for >>>> a limited /time window/ relative to creation time". >>>> >>>> While the creation time is defined by "iat", the /time >>>> window/ is currently left at the discretion of each RS. >>>> >>>> It would be preferable to mandate the inclusion in the JWT >>>> of the exp (Expiration Time) Claim. >>>> In this way, the /time window /would be defined by the AS >>>> using both the "iat" and the "exp" claims. >>>> >>>> This would have the following advantages: >>>> >>>> * The client will know whether a token is still usable >>>> and is unlikely to get a rejection of the token >>>> because of an unknown time window defined by a RS. >>>> >>>> * The RS is able to manage better the "jti" claim values, >>>> because it will be able to discard "jti" claim values >>>> as soon as they are outside the time window defined by >>>> the AS in a JWT. >>>> >>>> Denis >>>> >>>> >>>>> All, >>>>> >>>>> This is a reminder that we have an Interim meeting this >>>>> Monday, Nov 30th @ 12:00pm ET, to discuss the latest with >>>>> the *DPoP *document: >>>>> https://datatracker.ietf.org/doc/draft-ietf-oauth-dpop/ >>>>> >>>>> >>>>> You can find the details of the meeting and the slides here: >>>>> https://datatracker.ietf.org/meeting/interim-2020-oauth-16/session/oauth >>>>> >>>>> >>>>> Regards, >>>>>  Rifaat & Hannes >>>>> >>>>> >>>>> _______________________________________________ >>>>> OAuth mailing list >>>>> OAuth@ietf.org >>>>> https://www.ietf.org/mailman/listinfo/oauth >>>> >>>> >>>> _______________________________________________ >>>> OAuth mailing list >>>> OAuth@ietf.org >>>> https://www.ietf.org/mailman/listinfo/oauth >>>> >>>> >>>> >>>> /CONFIDENTIALITY NOTICE: This email may contain confidential >>>> and privileged material for the sole use of the intended >>>> recipient(s). Any review, use, distribution or disclosure by >>>> others is strictly prohibited.  If you have received this >>>> communication in error, please notify the sender immediately by >>>> e-mail and delete the message and any file attachments from >>>> your computer. Thank you./ >>> >>> >>> >>> _______________________________________________ >>> OAuth mailing list >>> OAuth@ietf.org >>> https://www.ietf.org/mailman/listinfo/oauth >> >> >> -- >> https://danielfett.de >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > > > > /CONFIDENTIALITY NOTICE: This email may contain confidential and > privileged material for the sole use of the intended recipient(s). Any > review, use, distribution or disclosure by others is strictly > prohibited.  If you have received this communication in error, please > notify the sender immediately by e-mail and delete the message and any > file attachments from your computer. Thank you./ --------------9629CA0305C5C3162EEC7511 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 8bit
Hi Brian,

I changed the title of this thread from "Reminder - Interim Meeting to discuss DPoP" to "draft-ietf-oauth-dpop-02: The size of the "jti" is currently mandated to 96 bits minimum".

Thank you for the link. I read it but I am still not convinced that using a minimum of 96 bits is necessary.

Using both the "iat" claim and the "jti" claim, it is very unlikely that the same 32 bits jti will be picked up
at the very same "iat" time by two or more clients. Should such a condition happen, then another attempt
with a new DPoP proof JWT would very likely succeed for the second client.

In case of a collision, it would also be possible to return a specific error code saying something like "duplicate iat/jti pair".
So the client would be informed that it should perform another attempt using a new DPoP proof JWT.

Denis

The conversation at https://github.com/danielfett/draft-dpop/pull/51#discussion_r332377311 has a bit more of the rational behind the choice of 96 bit minimum.

On Wed, Dec 2, 2020 at 7:07 AM Denis <denis.ietf@free.fr> wrote:
Hi Daniel,

All your arguments make sense. I agree.

A minor point however. The size of the jti" is currently mandated to 96 bits minimum. This is unnecessarily long for a time window of a few minutes.
The jti" does not need to be a unique identifier valid for ever. It can simply be an identifier used during the time window which complements the "iat" claim.

Using both the "iat" claim and a 32 bits pseudo-random number will be quite sufficient.  It is also has the advantage of using less memory and
it is easier to flush the entries looking at the 32 first bits only.

Denis

So what you are proposing is that the time window in which an RS accepts the DPoP proof is defined by the expiration time of the access token?

DPoP proofs are intended to be generally be short-lived and fresh for each request in order to provide some level of replay protection. There is no point in making the time window as long as the (typically longer) time window in which an AT would be accepted. A DPoP proof that is valid for 12 hours would not provide much replay protection.

The time window is left unspecified because it is only meant to account for clock differences and network latency. Its precise value can depend on deployment considerations. It is not intended to give the client an option to re-use proofs, which is prevented together with the jti.

Also this would introduce new, unwanted and potentially surprising dependencies between token lifetimes and the DPoP usage.

And finally, as discussed before, not all access tokens are JWTs and we are not going to mandate JWT access tokens in this spec.

-Daniel


Am 01.12.20 um 09:54 schrieb Denis:
Hi  Brian,

Hi Denis,

The choice to use "iat" vs. "exp" was made in the summer of last year. You can see some of the discussion from then in https://github.com/danielfett/draft-dpop/issues/38.
I believe it pretty well has consensus at this point and thus unlikely to be changed.

I fear that you misread my email or read it too fast. My point had nothing to do whether using either of "iat" or "exp" in the DPoP proof JWT sent by the client.

The first sentence of my email was: "One comment on slide 5 about the time window". So the topic was all about how the RS SHALL handle the "jti" claim included
in the DPoP proof JWT when using a time window.


While I do believe there are reasonable arguments that can be made on both sides of using either of "iat" or "exp", it's difficult (and honestly time consuming and very frustrating) to try and have such discussions or even respond in a coherent way when fundamental aspects of the draft are misrepresented or misunderstood. For example, the DPoP proof JWT is created by the client not the AS so the advantages you put forward are nonsensical in the context of the actual workings of the draft.

Section 8.1 addresses the topic of the time window, but this topic should not only be addressed in the "Security Considerations" section
but in the main body of the document, since some checks MUST be done by the RS. "Security Considerations"are intended to provide
explanations but are not intended to be normative.

Section 8.1 states:

   " If an adversary is able to get hold of a DPoP proof JWT, the adversary could replay that token at the same endpoint (the HTTP
   endpoint and method are enforced via the respective claims in the JWTs).  To prevent this, servers MUST only accept DPoP proofs
   for a limited time window after their "iat" time, preferably only for a relatively brief period. 

   Servers SHOULD store, in the context of the request URI, the "jti" value of each DPoP proof for the time window in which the respective
   DPoP proof JWT would be accepted and decline HTTP requests to the same URI for which the "jti" value has been seen before.  In order
   to guard against memory exhaustion attacks a server SHOULD reject DPoP proof JWTs with unnecessarily large "jti" values or store only
   a hash thereof.

   (...) ".

The previous text makes the assumption that RSs MUST only accept DPoP proofs for a relatively brief period after their "iat" time included
in the DPoP proof JWT. This assumption is rather restrictive. A client might get an access token and associate it with DPoP proof JWT that
could be used during, e.g., 12 hours. A DPoP proof JWT/ access token JWT pair could thus be used by a client during, e.g., one day for
several sessions with a RS.

The time window is currently left at the discretion of each RS and is supposed to be short (without stating explicitly what "short" may mean)..
It would be possible to mandate in the JWT the inclusion of the exp (Expiration Time) Claim. (I am not advocating the inclusion of the "exp"
claim in the DPoP proof JWT).

In this way, for a RS, the time window would be defined using the "iat" claim defined in the DPoP proof JWT and the "exp" claim defined in
the JWT.

Such a description should not be done in section 8, but in a section earlier in the main body of the document.

This would have the following advantages:

  • The RS would be able to better manage the "jti" claim values, because it would be able to discard "jti" claim values as soon as they are
    outside the time window as defined above.
  • The client would know whether a DPoP proof JWT/ access token JWT pair is still usable, in particular using the "expires_in" status code
    returned in case of a     successful response from the AS and is thus unlikely to get a rejection of both of them because of an unknown time
    window used by a RS.

Denis



On Mon, Nov 30, 2020 at 8:45 AM Denis <denis.ietf@free.fr> wrote:

One comment on slide 5 about the time window.

At the bottom, on the left, it is written: "Only valid for a limited time window relative to creation time".

While the creation time is defined by "iat", the time window is currently left at the discretion of each RS.

It would be preferable to mandate the inclusion in the JWT of the exp (Expiration Time) Claim.
In this way, the time window would be defined by the AS using both the "iat" and the "exp" claims.

This would have the following advantages:

  • The client will know whether a token is still usable and is unlikely to get a rejection of the token
    because of an unknown time window defined by a RS.
  • The RS is able to manage better the "jti" claim values, because it will be able to discard "jti" claim values
    as soon as they are outside the time window defined by the AS in a JWT.

Denis


All,

This is a reminder that we have an Interim meeting this Monday, Nov 30th @ 12:00pm ET, to discuss the latest with the DPoP document:

You can find the details of the meeting and the slides here:

Regards,
 Rifaat & Hannes


_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth


_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you. 



_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth



-- 
https://danielfett.de

_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth


_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.


--------------9629CA0305C5C3162EEC7511-- From nobody Wed Dec 2 12:49:32 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D4E1E3A149F for ; Wed, 2 Dec 2020 12:49:29 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.097 X-Spam-Level: X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_RATIO_06=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=pingidentity.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IHG5xWWg7dGu for ; Wed, 2 Dec 2020 12:49:28 -0800 (PST) Received: from mail-lf1-x12b.google.com (mail-lf1-x12b.google.com [IPv6:2a00:1450:4864:20::12b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2A3A93A1491 for ; Wed, 2 Dec 2020 12:49:27 -0800 (PST) Received: by mail-lf1-x12b.google.com with SMTP id s30so6903111lfc.4 for ; Wed, 02 Dec 2020 12:49:26 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=google; h=mime-version:from:date:message-id:subject:to; bh=jgcSgrw3o4j9YX870NqvjTbOn507oHfg2sbuZihgZow=; b=V7D1UaVCtxg/v2BqiSGSpLdwvzYQijzaTb5IlUg5WSkh4E3BcgPhXXVBUb4uNQjLls QZSJn+dBGqUvheKSLxZevGSSXPNFFE1AONuD6P45bdp144O5J/hVt5WB3WTxu/9W/Hd+ 2nBmqAEnYrYf4t2q5++GtZthaI/OI96RhrjjWp4YaTp4O/geniniz+XrdenknGQWKlfg LL1B/0axXZcXrXhjHUniXZ4iJDgDDBKOTR0y3U6yozOI61oX+E9oUL9jzh91RahmYzgg EHAyUjrn6BM5g/d61IezhTgVdHOywd2MNHCd3FwU8w6yrsLbGeQSWbh8ThI4GknMF6z7 BKkA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=jgcSgrw3o4j9YX870NqvjTbOn507oHfg2sbuZihgZow=; b=d/klge2txaoApw4qg/IF4JEnyWyc1serEmOQdVu7Irgn0fAQRkayx/ccPnGUDFH6Qa tiLyQkNloaWVaqzW5SnCArHCtB5W9eDgk8VWtZcipqFE9SY9dc5Z01pVTdZH0XvijMpT kD7tp7Z+/nM09V3cdK97qcFACRcdiSz1qfvgmnJSXaf3ycuxD5qwjW/D23WbigZBW27m 3tvJbR7mj6LlP04z9bRMP4YWllw/H/VU3n2RuH0I/QWvWdAQI7fbPAhrsHlNR0ZvBxx1 FNg6zoUp1t/iwr/YrUvTdqylBoElPVfSDq6DYWhKfAP29wf4KELjIQ3+gv7dAPcq3640 3A+A== X-Gm-Message-State: AOAM533WuuNb9fi9es8iWS4PfTH3WWL2KUUdpWkZeoqol66qZgodRr6Z T4nWuyU5DQvlGGLgHoZhug27FD45dDfC/hIDuyQm8jsXKSFjYUzU7pny2V4hOYo30yQEMQRw1RD fiq1fcad2eV+ivLs845eOAA== X-Google-Smtp-Source: ABdhPJzhsaxETF68YVJmi3fz+rpVp/gWw14gOg3vW4zJLoy+vBHIL+dJe6bGM+e2p/rVbDaAcfvU50OZa4uxg8ywH9Y= X-Received: by 2002:a19:5215:: with SMTP id m21mr2002985lfb.407.1606942164057; Wed, 02 Dec 2020 12:49:24 -0800 (PST) MIME-Version: 1.0 From: Brian Campbell Date: Wed, 2 Dec 2020 13:48:57 -0700 Message-ID: To: oauth Content-Type: multipart/related; boundary="000000000000dd6c6d05b581600c" Archived-At: Subject: [OAUTH-WG] DPoP followup I: freshness and coverage of signature X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Dec 2020 20:49:30 -0000 --000000000000dd6c6d05b581600c Content-Type: multipart/alternative; boundary="000000000000dd6c6c05b581600b" --000000000000dd6c6c05b581600b Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable There were a few items discussed somewhat during the recent interim that I committed to bringing back to the list. The slide below (also available as slide #17 from the interim presentation ) is the first one of them, which is difficult to summarize but kinda boils down to how much assurance there is that the DPoP proof was 'freshly' created and that can dovetail into the question of whether the token is covered by the signature of the proof. There are many directions a "resolution" here could go but my sense of the room during the meeting was that the contending options were: 1. It's sufficiently okay as it is 2. Include a hash of the access token in the DPoP proof (when an access token is present) Going with #2 would mean the draft would also have to define how the hashing is done and deal with or at least speak to algorithm agility. Options (that I can think of) include: - 2a) Use the at_hash claim defined in OIDC core https://openid.net/specs/openid-connect-core-1_0.html#CodeIDToken. Using something that already exists is appealing. But its hash alg selection routine can be a bit of a pain. And the algorithm agility based on the signature that it's supposed to provide hasn't worked out as well as hop= ed in practice for "new" JWS signatures https://bitbucket.org/openid/connect/issues/1125/_hash-algorithm-for-edd= sa-id-tokens - 2b) Define a new claim ("ah", "ath", "atd", "ad" or something like that maybe) and just use SHA-256. Explain why it's good enough for now a= nd the foreseeable future. Also include some text about introducing a new claim in the future if/when SHA-256 proves to be insufficient. Note that this is effectively the same as how the confirmation claim value is currently defined in this document and in RFC8705. - 2c) Define a new claim with its own hash algorithm agility scheme (likely similar to how the Digest header value or Subresource Integrity string is done). I'm requesting that interested WG participants indicate their preference for #1 or #2. And among a, b, and c, if the latter. I also acknowledge that an ECDH approach could/would ameliorate the issues in a fundamentally different way. But that would be a distinct protocol. If there's interest in pursuing the ECDH idea, I'm certainly open to it and even willing to work on it. But as a separate effort and not at the expense of derailing DPoP in its general current form. [image: Slide17.jpeg] --=20 _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged= =20 material for the sole use of the intended recipient(s). Any review, use,=20 distribution or disclosure by others is strictly prohibited.=C2=A0 If you h= ave=20 received this communication in error, please notify the sender immediately= =20 by e-mail and delete the message and any file attachments from your=20 computer. Thank you._ --000000000000dd6c6c05b581600b Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
There were a few items discussed somewhat during the = recent interim that I committed to bringing= back to the list. The slide below (also available as slide #17 from the interim presentation= ) is the first one of them, which is difficult to summarize but kinda boils= down to how much assurance there is that the DPoP proof was 'freshly&#= 39; created and that can dovetail into the question of whether the token is= covered by the signature of the proof.
There are many direc= tions a "resolution" here could go but my sense of the room durin= g the meeting was that the contending options were:
  1. =C2=A0= It's sufficiently okay as it is
  2. =C2=A0Include a hash of the acc= ess token in the DPoP proof (when an access token is present)

Going with #2 would mean the draft would also have to defi= ne how the hashing is done and deal with or at least speak to algorithm agi= lity. Options (that I can think of) include:
  • 2a) Use the at_ha= sh claim defined in OIDC core https://openid.net/specs= /openid-connect-core-1_0.html#CodeIDToken. Using something that already= exists is appealing. But its hash alg selection routine can be a bit of a = pain. And the algorithm agility based on the signature that it's suppos= ed to provide hasn't worked out as well as hoped in practice for "= new" JWS signatures https://bitbucket.org/openid= /connect/issues/1125/_hash-algorithm-for-eddsa-id-tokens
  • 2b= ) Define a new claim ("ah", "ath", "atd", &qu= ot;ad" or something like that maybe) and just use SHA-256. Explain why= it's good enough for now and the foreseeable future. Also include some= text about introducing a new claim in the future if/when SHA-256 proves to= be insufficient. Note that this is effectively the same as how the confirm= ation claim value is currently defined in this document and in RFC8705.
  • 2c) Define a new claim with its own hash algorithm agility scheme (lik= ely similar to how the Digest header value or Subresource Integrity string = is done).

I'm requesting that interested = WG participants indicate their preference for #1 or #2. And among a, b, and= c, if the latter.

I also acknowledge that an= ECDH approach could/would ameliorate the issues in a fundamentally differe= nt way. But that would be a distinct protocol. If there's interest in p= ursuing the ECDH idea, I'm certainly open to it and even willing to wor= k on it. But as a separate effort and not at the expense of derailing DPoP = in its general current form.
3D"Slide17.jpeg"


<= span style=3D"margin:0px;padding:0px;border:0px;outline:0px;vertical-align:= baseline;background:transparent;font-family:proxima-nova-zendesk,system-ui,= -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ub= untu,Cantarell,"Helvetica Neue",Arial,sans-serif;font-weight:600"= >CONFIDENTIALITY NOTICE: This email may contain confidenti= al and privileged material for the sole use of the intended recipient(s). A= ny review, use, distribution or disclosure by others is strictly prohibited= .=C2=A0 If you have received this communication in error, please notify the= sender immediately by e-mail and delete the message and any file attachmen= ts from your computer. Thank you. --000000000000dd6c6c05b581600b-- --000000000000dd6c6d05b581600c Content-Type: image/jpeg; name="Slide17.jpeg" Content-Disposition: inline; filename="Slide17.jpeg" Content-Transfer-Encoding: base64 Content-ID: X-Attachment-Id: ii_ki7r8t1n0 /9j/4AAQSkZJRgABAQAAZABkAAD/4QCARXhpZgAATU0AKgAAAAgABAEaAAUAAAABAAAAPgEbAAUA AAABAAAARgEoAAMAAAABAAIAAIdpAAQAAAABAAAATgAAAAAAAABkAAAAAQAAAGQAAAABAAOgAQAD AAAAAQABAACgAgAEAAAAAQAAA+igAwAEAAAAAQAAAjMAAAAA/+0AOFBob3Rvc2hvcCAzLjAAOEJJ TQQEAAAAAAAAOEJJTQQlAAAAAAAQ1B2M2Y8AsgTpgAmY7PhCfv/AABEIAjMD6AMBIgACEQEDEQH/ xAAfAAABBQEBAQEBAQAAAAAAAAAAAQIDBAUGBwgJCgv/xAC1EAACAQMDAgQDBQUEBAAAAX0BAgMA BBEFEiExQQYTUWEHInEUMoGRoQgjQrHBFVLR8CQzYnKCCQoWFxgZGiUmJygpKjQ1Njc4OTpDREVG R0hJSlNUVVZXWFlaY2RlZmdoaWpzdHV2d3h5eoOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0 tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4eLj5OXm5+jp6vHy8/T19vf4+fr/xAAfAQADAQEBAQEB AQEBAAAAAAAAAQIDBAUGBwgJCgv/xAC1EQACAQIEBAMEBwUEBAABAncAAQIDEQQFITEGEkFRB2Fx EyIygQgUQpGhscEJIzNS8BVictEKFiQ04SXxFxgZGiYnKCkqNTY3ODk6Q0RFRkdISUpTVFVWV1hZ WmNkZWZnaGlqc3R1dnd4eXqCg4SFhoeIiYqSk5SVlpeYmZqio6Slpqeoqaqys7S1tre4ubrCw8TF xsfIycrS09TV1tfY2dri4+Tl5ufo6ery8/T19vf4+fr/2wBDAAICAgICAgMCAgMFAwMDBQYFBQUF BggGBgYGBggKCAgICAgICgoKCgoKCgoMDAwMDAwODg4ODg8PDw8PDw8PDw//2wBDAQICAgQEBAcE BAcQCwkLEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBD/ 3QAEAD//2gAMAwEAAhEDEQA/AP38ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACvB/2Wbu6v /wBmP4Q319M9zc3Pg/QJJZZGLvI76fAWZmOSWJOSTyTXvFeAfsnf8ms/Bv8A7Ezw9/6boKAPf6KK KACiiigAooooAKKKKACiq91dW9jbSXd3IsUMKlndjgKB1JNRadqVhq9lFqOmTpc2043JIhyrD6ig C7RRWU+uaRHqyaE93Gt/IhkWEsN5UdSBQBq0UVS1DUbHSbKXUNSnS3toF3PI5wqgepNAF2iq9pd2 1/bR3lnIs0MyhkdTkEHoQasUAFFFFABRRRQAUUUUAFFFFAH/0P38ooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACvAP2Tv+TWfg3/ANiZ4e/9N0Fe/wBeAfsnf8ms/Bv/ALEzw9/6boKAPf6KKKAC iiigAor598Q/tNfBqyXUNM8L+MNG8S+IbFnifTNP1G3urmKWMlWE8ULs8YRhhtwBB46180+Gfjd4 u0bxhP4l1GZr2C/YC5tycIUHQIOilB90j8eM0WA/RikYhVLHoOawNF8UaH4g0KPxJpt0rWDoXZ2I Xy9oywf+6V75/lXxT8X/AI2X3ie//sfwrO9tpdpIG81CUeeRDkN6hQRlR+J7YAIPjN8Y7jxhdSeH 9BdodGhbDNyrXDDuR1C+g/Osb4RfFu98A340/UC1xotw37yPqYif40/qO/1rwe5u5obiS6vJC8Uz F2duqsTkk+38q4e/1m48WXT6B4VuALSPi8v4mDKgP/LKFhkGQjqR90e9AH6x/EX4vaJ4Q8M2+q6X It/c6ohayCnKMMDLsfRcjI654r4BufFWv3WvnxPNeSf2kZPMEoOCCOmPQD09K53zr+DQbTw9aTuL KwO6CJiWUEqFPXnkDn8+tRWTS6pMbOyKRzRqZJ3lOI7WJfvSynsg7Dq54HOSOXHY6lhqMq9eXLGO rb/r/hzSlSlOShBXbPvfwL+0P4d1XSY4fExkt9TtgPtJijZ41iwf9IcrnamRg98ngEBiPnr4t/F+ 7+IF4bHS2MOhwHMSg8zHtI+P0HavG11Ge3EcPhy5msbWB/NSbhZ7qbG3zpxjBUjhYiCgT5SMHAjm WGaC41WwiW3+zjzL6zTO2AE4NzBnJMBP3l5MRODkEM3yeH4mxMKkamPo+zo1HaD6xeyVRbR5unRP 3Za2O+eCg01SleS38/Tvb/go97+D3xnfwPKNG8RzbtCckmRj/wAex6lv9zuR2619seGPGeheLUnO kyOHt25SVDHIUP3JArc7HHKnr2IByB+WEaiwWDUb6ESXkoWWys5R8qL/AA3Vyp7Z5iiPJPzN229V 4O+IGueD9Wj1G5v5p4i5dp5MySQO5y7YHLQuf9ZGOn3kAbIaa3FGInN18HR58PDSUl8Uu7pr7Sj1 /m1UbtakcDBJRqStN7LovXtf8Op+qFFedaD8S/D2qeGp/EF9PHZixjV7lSwYKGGVZCPvpJ1Rh97p 1r468Z/HTxRrfiqDWNCmewsNNcm2h/vjoWlHcsOMdAOB3J+wweLpYilGvQlzRkrprZo8+pTlCTjJ WaP0Kor588PftN/Bq8TT9N8VeMNG8M+IL5kiTTdR1G3tbmWVyFXyI5pFeQOxwu0E5469foOuggKK KKACiiigD//R/fyiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAK8A/ZO/5NZ+Df8A2Jnh7/03 QV7/AF4B+yd/yaz8G/8AsTPD3/pugoA9/ooooAKKKKAPw2tv+Cf3xB+EHxu8b/FqG8h8RaDr095d 82NrLJCLudpzmK4FwCEzgsqg4GeBxW7qsWj6JYS6lqRsoYIRyTpGlZJPAUAWeSSeAByTX7VkAjB5 Br55v/2aPh1qfxDs/Hl/C00ViWmi05sfZFuT/wAtdnfHYHgHpxxXh4/hnL8VU9riKEZS7tXZ1Usd WprlhJpHxP4A+Bnxc1rQX8d6roOlLotwpeDTFsLWz1gQEcTxT20MYSUfeCHqPl5zzz93ayadKkU0 ongmDGC427BKq8MGU/ckTpIh+6enykGv1+AAAAGAK+YvjP8ABy41SC88S+CtLt9TvZv3lzpVwxjg u5lHyTKw5jkB4cj76bgeTz4tfIp5dL6zlFPT7VO9lJd430jNd9pLR9GumGKVZcmIfpLt691+R8PR R26W8WqanD58M+TZ2bHH2sqf9ZJ3W3Q9T1c/KOvMpQao013Z20VtqYDS3VpbIY4blR964tkJYqw/ 5aR5J/iBPd+oab4lsLxn8Y2slrrFwiPOsi7cYGAsYHAjXoirwB6nJPMa9rNvodtFdMZDd+YotEt/ +Ph7j+ARdfmz+GOvBIOP+rWMqf7fOrbFdLN8kV/z7t1i/tStzN+8rWSVfXaa/dKP7v8AF+d+/Zbd Datll1KVLbTijyOhkLscRRRL96WVv4UXuepOFAJIFZ+spdXcFvZeGrtoNPgnWe4Msa7tUdRgNNnJ SNf+WKKfl6nJJJ7KTwb8Zm0b+0vFvg2LQdNliiuL5rR9xubvLfPKnVY1XB2D5Vcucc5PP9eldeBy 7E42rHF5lDlUH7tO90mvtya0b/lW0Vr8T0zq1oUounRd77v9F28+/pvBBcLOhYcMvDKeoPoa45Nf 1vVfEdufBd2dPTR5t82pKoc7xwYIg2VbI4kJBGPl69PTPhn4En+N3iTU/D+kNPa6VZQPHeanFwgm YYWFG/ib+8R0GcHNVb3wpL4IupPC01p9hOnnyxGBgYHRh6huue9fV4nDU61OVKrFSi1Zp6pp9GcE JuLUouzRzOnNq1tJN/wkV7/aN5dSvI12yhGlLHgOBwCBwMcYHHpRrOs/2YILW1ge+1K+cRWlpEMy zynooHp6noKbr2qw2McFklu99fX7iG1tIRulnlY4AUDpjue1foD8FP2eND8D3kPj3xAjXnii6tol xMQ62WRlo4h0Bz1bqT+FOjRhTgqdNWilZJbJLoglJt3e583aZ+yt8bm8K2dxrGu6beNmS4OkT6fa Ti1EvzGG3muIZNvPJB4znpmvGb3w8mmzT2+oQWltLbFllWTR9KUoV6hs2fGK/ZavC/ir8AfBvxYn t7jWGls2Dp9q+znZ9qhQ58uT8sZHOODkYr5+twdlVSbqTw0G27v3Vq3uzrjmVdKym/vPxE139jj4 kftPfEPSPiZ8PDFp+jeHpYES6NpbWaTyQyiQtELdIQwBH3ipP4V/Qx4fs73T9DsLHUZfPureCNJZ MY3OqgE/iak0bRtL8PaXbaLotslnY2aCOKKMbVVV6ACtOvdwmEpUKao0YqMVslsjlqVJTblJ3YUU UV0EBRRRQB//0v38ooooAKKKKACiiigAooooAK83+MfjDUvh58IvG/j/AEaKKfUPDWh6lqdvHcBm heaztpJkWQKysULIAwDA46Eda9Irwz9p/wD5Nq+LP/Ypa7/6QTV04OClWhF7Nr8zSkrySZ+Gv/D3 v9pf/oXfCf8A4BX3/wAnUf8AD3v9pf8A6F3wn/4BX3/ydXgH/BPfRvCuvftX+ENL8a2NlqOkSxam ZYNQijmtmK2E5TckoKHDAEZHXGOa/pE/4VL+zF/0Jng//wAF2n//ABuv1LPqmWYGsqMsLzXV9PV/ 5H0OMeHoy5XTufBX7Cn7ePxg/ab+MOo/D/x9pWh2OnWmi3Goo+m29zFMZobi3iUFprmZdu2Vsjbn OOeoP621534N+Hvwm8NXUutfD7w1omlXLobeS50uztoHKEqxjaSBASMhSVJxwDjpX5hfHn/gp74g +C/xy8RfChfA1nf2GgXkVu1497KkjxuiOzlFiYAgMeAT0r4qrg3mOJksBR5UltdHkype3qP2MbeR +wNFfg14y/4LD+K18Xzx/D/wJYS+GoZmSI6hNN9suIgcB/3RVImYc7dsm3pk1+iH7Rf7anhP9mv4 eeHtc8baNLL4z8S2cdxb+HYZgXikKK0wmuCmEiidvL3+Xucj5U4bbjiOF8dSlThKGs9ldX0/ImeX 1ouKa1Z9q0V/PcP+CxPxg/tLzT4F0L+z92fJ8y687Znp5vmbc47+X+Ffqd+yd+2Z8Pf2q9Iu4tGt pNB8UaSiyX2kzuJGWNiFE0EoCiWLcdpO1WU4DKAVLVmPC2NwtP2tWHu9007eo6+XVaceaS0PsOiv jb9rf9s/wH+ylpdjb6pZS6/4o1mN5LLTIJFi/dIdpmuJSG8uLd8oIVmYggLgMR+WN1/wWH+M73e+ x8EaBFa/885Gu5JP++xKg/8AHKMt4VxuKp+1pQ93u2lcKGXVakeaK0P6F6/Nj/goD+2H8Tf2Vbvw Pb/DvTdIv18SpqLXJ1SGeYqbQ24Ty/JnhxnzW3Z3Z4xjnM/7IP8AwUQ8J/tJ+Ix8OvFGjDwp4vlj eS0jSYz2t8IlLyCJiqskiqC2xs5UEhiRivkr/gsz/wAhL4S/9ctb/wDQrKu/IsjlDNIYXG0++j2e jsbYPCNYhU6q/qx+k/7GHxz8W/tE/Auw+Jnja0srPVLm8vLd49Pjkjg2W8m1SFlklbJHX5vyr6ur +bz4Af8ABQ2x/Zp/Zw0b4aeEvDf/AAkHikXl9c3El3I0NlbJNKTGMIN8zkDJAKKAR8xOVHu/wq/4 LA3934hstM+MXgu1tNKupVjmv9JllDWysceYbebzDIq9WCyA45AJwp3zPg3GOtVqUKXuXdldbeSL xGV1XKUoR0ufuZRXmfxX+IP/AAr34ReKvihpUMeqjw/o93qsEfmbYrgW8LTKN6g4V8D5gDwc1+TX gH/gsFpt9JrUvxH8ELpkFlp7z2KWF08815e+bEiW58yNUjUo7u0hPyhDhWYhT8/l+Q4rFQlUoQul o9jio4OpUTcFex+2NFfz8t/wWM+KP9stOvw/0YaSWJW3NxcG4C+hn+4T7+SPpX66fsuftMeEf2o/ hz/wnPhu1k0u7s5zaahp8ziSS1uAofAcAb43VgUfaueQQCCBvmfDOMwlP2taHu97plYjAVaS5prQ +kqK+B/2vv29fA/7Lt1D4QsdNbxR40uoVuPsKy+RBawuSEe5l2uQWwSsaqWIGWKAqT+dWlf8Fivi 1FqSS634D0S608N80VvLc28xX0ErvKoPv5Z+la4DhPHYmkq1OHuva7SuXRy2tOPNFaH9BtFfO37N n7TPw8/ae8Ev4t8DvJbXVi6w6jp1zgXNnMwJUNtJDI4BMbrwwBHDBlXwD9r7/goD4L/Zi1ZPAmka S3inxnJCk8lsJRBa2ccnKG4kAZt7D5ljVclcFmUFc+dRyfE1MQ8LGD5107GEMLUc/Zpan6EUV/PO P+Cw/wAaPtvmHwR4fNpkfu83fmY7/vPNx/45X6c/sgftv+Cv2rLe+0ZdObw34v0mIT3GmvL56S2+ Qhngl2puUMwDKVDKWH3gc16GY8KY7C0/a1Ye6t7NOxtXy6tTjzSWh9v0V8bftb/tn+A/2UtLsbfV LKXX/FGsxvJZaZBIsX7pDtM1xKQ3lxbvlBCszEEBcBiPyxuv+Cw/xne732PgjQIrX/nnI13JJ/32 JUH/AI5Sy3hXG4qn7WlD3e7aVwoZdVqR5orQ/oXor83/ANkH/goh4T/aT8Rj4deKNGHhTxfLG8lp Gkxntb4RKXkETFVZJFUFtjZyoJDEjFfpBXlZhl1bC1PZV42ZzVqE6cuWaswr5D/bC/a08PfsoeB7 HWbrTzrfiDXpJIdL0/zPKRzCFMs0sm1tscW9MgDcxZVGASy/XlfjR/wV8+E3iPX/AAj4P+LmjQtc 6d4Xe5stSC8+THetEYJiOyeYhRj6sld/DmEo18bTpYj4W/v00XzehtgKUJ1YxnsfKa/8FPv2ydZS 78UaRo+lnR9OINz9n0meW0hB6CWUysy9R1cV+m37EP7dVl+1IL/wd4q0uHQvG2kW4unjtmZrW9tw wR5YQ+WjKMyho2ZjhgQxG4L+UHwA/b7HwX/Zi8S/Ay68MLqup3H2qPSLghPsvlaiGFx9tUnc5jLF kAB3g7GKBQT6V/wSX+EXjHVfjDf/ABiNtLbeGNDsLmy+0sCsdzeXOwCBP7+xMu+M7Tszywr9BzzJ cMsLXlOgqfJ8LT+L/h/62PbxmFpqnNuHLbZ9z+iKiiivyI+ZPLfjN8YPBnwJ+Heq/Evx5cNDpmmK MJGN01xM52xwxLkZd24GSABlmIUEj8IfH/8AwVy+O+tapN/wr7QtI8NaWGbyVnie+uivbzJGdIyc dliH1NfZH/BX/TdbufgP4U1Gz3Npll4gT7WqgkB5LaZYXbHAAIZcnuwHevg3/gnl8ev2YPg7c63Z fHLRIota1GeN7HXp7L7fHBAE2mAqqvJD8/zb0Q784cgIuf0rhvKMOsBLGzo+1nf4f+B+PU97A4aC ouq48z7G54L/AOCt/wC0Not/CfGOj6J4k0/eDMggks7gpnlY5Y5DGpx0LRP9K/cv9nr9oDwN+0j8 Orb4h+B3eJGdoLyzmK/aLO5TBaKUKSOQQysOGUg8HIHxV+0Z+z/8Af24PCFhe/s/+I/C0XjKwuEk +3WskYkktCpEsN1Hbgy8Eq6eYmVIOMBmz2/7Cv7HfxA/ZPu/Fv8Awk/iWw1qx8TR2eIbNJVMU1oZ MPmQAYKykHA7D0rhzt5bWwrqU4eyrL7Ouv6efQxxfsJU+aK5ZdjyT9uv9vL4v/syfGDTvh94B0nQ 77T7vRbfUXk1K3uZZvOmnuIioMNzCu0LEuBtzknnoB+gn7OvxF1v4t/BDwb8SfEkNvb6p4h0+O6u I7RXSBXckERq7uwXjuxPvX5vft+/tLfD/wCD/wAaNN8L+Kvgv4a+Id3NodtdrqOsQxSXEcclxcoI FLwSHYpQsBu6seK/RT9nbxponi34AeDvHVjo1l4R0u+0tLoWFrtjs7KIZyqYVFVFAJ6AAVwZphIx y6hUVHlb+1da6PpuY4imlQg1C3n3PdaK/Ez40f8ABXm10fxJd6J8D/CsGtadatsXVNUkljS4YHDN HbR7HEf91ncMe6L3zvCn/BYRp/Butt4y8EwweKrSJJNOFrPJ9gvHMqK8UgZXkgZYyzq2XViMHbxn OPBmYuCn7PfpdX+4Syqva/KfuJRX56fsSfts63+1lrPirStX8LW/h4eHbe1nR4Lp5/N+0PIpBDIm MbBgg14f+0n/AMFNfE3wG+OHib4TWXgWz1e20CS2RbqS9kieUT20U5ygiYDBkI6npmuSnw1jJYiW EjD34q7V1tp1vbqjKOAqubppao/Xuivw8+MH/BX2bT/EtzpPwS8I22o6TaSFF1HV3lBugpwXjt4j G0aHqpdyxBBKqeK9y/ZK/wCClumfHrx7ZfCz4geG4/DOuaqHFhdW05ltLiZELmFlkAaJmVTs+Zwx +XgkZ2rcI4+nRdeVPRK71V0vQueWVow53HQ/VGivEf2gvj74G/Zw+HV18RfHUjtCrrb2lrCAZ7y6 cFkhjBwASFZmYnCqCfQH8Zdf/wCCxXxTnv5H8LeAtFsrLediXs1zdS7OwZ42gXPuFx7VhlfDeMxk XOhD3e7diMPgKtVXgtD+giua8YeMfC/w/wDDOoeMvGmpQ6RoulR+bc3U7bY40yFGepJLEKoAJYkA AkgV+TX7On/BVuw+IfjnSvAPxc8LQ+H31u4jtbbU7CZ5LdJ5mCRpNDKCyIzEDzA7YJGVC5YX/wDg qj+0XqXgfwp/woCDRYru08d6alxLfNMyyW5trxHAWMKQ2fK7kda6aXC2KWMhhK0bc3mturT8kXHL qntVTkt/yPpz9nv9t/wX+0t8YfEPw8+HekXC6HoOmNerql0fKe6kE8cOEt8ZSPD5DOwY90Wvt+v5 GP2Tf2o9W/ZT8aav4y0nQIPEEmr6ebBoZ52gCAypLvDKrZPyYxjvX70/tEftna18Ef2evhz8bbDw xb6pc+OVsGkspbl40t/ttibs7ZFQltpG0ZAyOa9PiLhOdHFQpYaPuy0Wu7tr/Wx0Y7LXGoo01o9j 7+or4y/Yq/an1T9q3wPr3izVvD8Ph6XRtRFiIoJ2nWRTCku4lkQg5bGOa81/bY/bj139lDxT4b8P aR4UtvEKa7ZS3TST3TwGMxybNoCo+c9c187TyPEyxTwaj766XXa++xwrCVHU9klqfovRXzZ+z98e L741fs46b8c7zSI9Lur631KY2UcpljU2FxPAAJCqn5/JyeOM45xX5k+FP+CxU9xqMw8Z/D6G0sI7 ad0NnevJNJcKhMMWHiCqrvgMx+6uWAYgKdcLw5jK0qkKULuDs9Vvr567FU8DVm5KK23P3Jor8Xf2 d/8Agpx8VPjX8c/Dvwwm8AaYLDxFdeSDa3E63FrCqtJLMzvvSQRRqzlQibsYyM5r2f8Aa0/4KTeE /gD4ouvhr4C0ZfFniqwwt68sphsbKRhuEbFQXmkAI3Ku0LnBfcCo2qcK46NdYbkvJq+627vsXLLq ymqdtT9O6K/ALwr/AMFi/iLDq0R8b+AdKvNMLASLp009tOqk8lTM0ysQOxAz0yOtftP8FvjP4E+P fgCw+I/w8vGudMvCY3jkXZPbTpjzIJ0BO2RMjOCQQQykqQTjmvDuLwaUq8NH1WqIxGBq0lea0PVq KK+Jv+ChHxc1L4P/ALL/AIj1PQrg2mreIHi0W0mVirxtebvOZCOQ4gSUqQQQ2COlebgcJKvWhRhv JpGFKm5yUF1Pl79p7/gqf4f+G/iC98C/A3SrbxVqenu0Vzql27/2dHKmQyQpEVefaeC4dFyPlLjm vhFf+CrX7Vy3guTLojRg58g6d+7I9MiTfj/gWa4r/gnx+zPoX7R/xiuYfG8RuPCfha1F7fwK5jNz JI2y3gLKQwVmDM5BB2oVyCwI/oz1b9nD4Ba34Wk8F3/w90L+xpUKeRFp8EOwEY3RtEisjjs6kMDy Dmv0jMJ5Tlk1hZUPaStq3/wevkrHu1nhsO1TcLvqfEH7If8AwUp8P/HbxJZ/DT4n6VD4W8Wagdll PbOx0++lwT5SiQl4ZT0RWZw54DBiqn9Sa/nvn/4JOfGyH4qapP4M8Q6bonhfTtQM2k6hd3Ekl95C sJIWEcEZHmR8AlmTLLkcEV++EuqR+GPCzax4y1GCFNLs/P1C9I8m3XyY900uGJ2JwWwScDvXy3E2 FwKqQngJXUt12f8Awe3Q8/MKdFSTovfodBRX4l/GD/gr9Y6ZrlxpHwS8IR6vYWzsi6nq0kkSXGON 0drGFdUJ5BeQMR1RTxXKfDv/AILE6+NZhg+K/gS1fS5WAkn0aaRJ4V7sIbhnWX6eZH9e1OPBWYun 7T2fyur/AHAsqruPNyn7v0V89+Lvjpb3X7O+q/Hr4KQ2/jSC1059TtITI8S3EVud1whwpdJI41k+ Qru3rsIBr4m/ZQ/4KU3H7QXxisfhV4q8J2vhv+1ra4azuIbt5i91AvmiJleNAA0ayEHOdwAxzXl0 MjxNWlUrQjpD4trq3luc8MJUlFyS23P1doryz43fFLS/gr8JvFHxS1dBND4espLhIi2wTTnCQQ7u cebKyJnBxnOK/P79kn/goP4//ad+L9v8OR8P7TS9OjtLi9vr2K9kla3hhXahCNEAxaZ40xkcMT2q cLk+IrUJ4inH3I7u6FTws5Qc0tEfqpRXwP8Atfft6+B/2XbqHwhY6a3ijxpdQrcfYVl8iC1hckI9 zLtcgtglY1UsQMsUBUn86tK/4LFfFqLUkl1vwHol1p4b5oreW5t5ivoJXeVQffyz9K9DAcJ47E0l Wpw917XaVzejltaceaK0P6DaK+dv2bP2mfh5+094Jfxb4HeS2urF1h1HTrnAubOZgSobaSGRwCY3 XhgCOGDKvx5+19/wUN8R/sy/F3/hWml+DLTXYf7Ptr37TNdyQNmcuCu1Y2GBs65rhw2SYqtiHhYQ 99bp6fmY08JUlN00tT9TKK/CLx//AMFhfEMWo2sHwz8EWMlmkMBuJtSlmdpJ2jUzLEkfl7URyVRm JLABiq52j7f8aft5eHfhb+zl4J+M3xG8PPaeJfHVp9p07w9bXG95V+8JTOyDZCY2jcsUJXzFUBjz XZiOFcdT5OanrJ2Sur9/67dTWeXVo2utz7+or+eu/wD+CxHxjkvN+l+BtBt7XJ/dzPdTSY7DzFkj GffZ+FfZv7JP/BSrQ/j742s/hb488Or4Y8R6mHFhcW0xns7qSNS7REOoeFyoJTJdWwRuU7Q22M4O x9Ck6s4aLV2adiquV1oR5mtD9R6K83+LfxY8FfBLwDqfxI+IF4bPR9LVd+xd8sskjBY4okH3ndiA BwB1YhQSPxQ8U/8ABYvx9LrEh8E+ANMtdKWRgg1Geae4eMH5STCYkRiOoAcA8ZPWuLKuHsXjU5UI XS67Iyw+CqVdYI/feivxG1r/AILDWi+ENE1Dw/4DV/EUsk8ep2VzduIIVQIYZbedIvnWQlwVZVZC uPmBDH9Kv2UvjrfftHfBfS/ipqOkR6JcX9xdwNbRSmZF+zTNGCHZVPIGcYozDh3GYWl7avCyvbdb /wBIK2Bq04801ZH0fRX5A/tI/wDBVfQvhz4t1DwJ8GvD8Pii60mV7e61O8lZLLz4ztdII48PMqnI Mm9FJHyhlw1eNfD3/gsT4lXWoYfir4Es5NJkYCSbRpZI54V7sIrhpFlI/u+ZH9a7aPBuYTpe1jT0 7XV/uNY5XXceZRP3jork/Avjjwt8SvCOleO/BV+mp6JrMIntbiPIDoeCCDgqykFWUgFWBBAINdZX zM4OLcZKzRwNNOzCiiipEFeAfsnf8ms/Bv8A7Ezw9/6boK9/rwD9k7/k1n4N/wDYmeHv/TdBQB7/ AEUUUAFFFFABRXxB+1b+2Wv7MOv6FobeEP8AhJP7atZLnzPt/wBj8ry32bdv2ebdnrnI+lfRvwW+ JQ+MHww0D4kDTv7J/tyDzvsvnef5XzFceZsj3dOu0V1VMFVjTVaS917CUlex6lRRRXKM81+Jfw10 n4iaOba5Ahv4ATbXAHzI3ofVT3FeEfBn9mM+EvE03j34iXEOr61ExSwijBNvZxdioYDLnucV4p8f f+CiK/A34ta78LT4AOtHRDbD7X/av2bzftFvHcf6r7LJt2+Zt++c4zxnAvfs8/8ABQNfj18T7H4b jwGdD+2xTSfajqn2nb5S7seX9ljzn/eFem8nxPs/a8vu2vutvvI9or2P0bkijmjaGVQ6OCGUjIIP UEV8VfE39lfUvE2uRxeDdUj0fRL6TN6DnzooyfnSDHHze+Mdq+2KK8ws5DwN4G8N/Drw1aeFfC1o tpY2ahQAOWbuzHux7k1yXxV+FenfETTDJFtt9XtlPkT46/7D46qf07V4v+1n+1kP2XI/C0h8Lf8A CTDxKb0f8f32Pyfsfk/9MJt+7zv9nGO+ePjb/h7Un/RKz/4O/wD7hr08Pk+JqwVSnG6fmv8AMh1E tGfb3wK/Zuj+H2qXHjjxxPFq/iqclInQEw2cPZIQ3c92xmvq+vDf2dfjQPj98LbD4ljR/wCwhfTX EX2X7R9q2+RIY8+Z5cWc4zjaMe9e5VwVaUoScJbotMKKK/Kn4mf8FN1+HPxE8TeAT8NzqB8O6jda f9p/tjyvO+zStHv2fY227tudu446ZPWt8JgatdtUle3p+pMpJbn6rUV8D/sv/txJ+0j44u/BY8Fn w6bW0a6886j9r3bSBt2fZ4sdeu78K++KjE4WpRnyVFZjUk9UFFFFc4wooooA/9P9/KKKKACiiigA ooooAKKKKACvDP2n/wDk2r4s/wDYpa7/AOkE1e514Z+0/wD8m1fFn/sUtd/9IJq68B/Hp+q/M1o/ HH1P5K/hJ8J/GXxt8eaf8NvAMEVzrmprM0Ec0qwoRbxNM+XbgYRDj16V9kf8Ot/2uv8AoCab/wCD OD/GsL/gmd/yeV4J/wCuOq/+m64r+pyv1ji3ivE4HExo0UrOKeqfd+fkfR5lmNSjUUY22Pg//gnp 8BPiN+zt8F9a8FfE61gtNUvfEFzqESW86XCm3ktLSFSWTgHfE/HX86/Bv9vT/k734mf9hCP/ANJo q/rUr+Sv9vT/AJO9+Jn/AGEI/wD0miryuBsbPEZjWr1N5Rvp6o58oqudeU5btf5H7x/BP9hX9nLQ vhP4MtfEHgqy1XXre2sNQutRmD/apL9VSZm8xWDCMScCLOwqArK3Ofwn/b88c6j46/ax8fT3ly88 Gi3g0m1RjlYYrFREyIOwMokc/wC0xPev6sfDyhNA0xF4C20IH4IK/lu/4KL/AAx1f4c/tUeKr28h 26f4tddZsZQPlkS5GJh6blnVwR1xg/xCp4Hx8q2PqOvJuVna781ewsorOVaXO7s+y9H/AGvv+Cde m/B+L4Mz/DjWLjSPsS208raTYfapZdmGuTP9q3+eW+cSZypxjAAFfBP7DnjW58CftbfD690eaQW2 qaomkyBsKZbfUSbYB1BI4Lq+MnDKCOlfov4d+O3/AATHuvhHD4z1/wABaLaeK4rMGfQRpLtcPfKn McUixmIxu4+WQuAFI3bWytcV+xl8cPhl8X/jd4c8HaZ+zh4ZsNXhlN+NY01jD/ZqWn7wXPlyRSkl XChP3i/Oy4IOK9elP2WHxNqE7NPm5muzu1d6/LfQ6YvlhU9x263Zzn/BXX4Z+LrP4uaB8VzbTXHh nUtKg00XON0VveW8szmA4+5vRw65xuO/Gdprzn4J/wDBR66+Hvw2sPg78QfhlovivwpZ2i2BWAfY ppoAuwtOrJNFNIRyzbULHkncS1fcv7cP7dnxA+BHxB1D4Pv8N9I1fSL2zguLa61dpLq2v7eZfn3W yrGuElV0Kl2+7njIFeJ29n/wS0+N/wAPbXxj4ong+GXiaa2VtStNMkubSS3ugv71YLYpPbyR7smM xxHKkA4bKjDAVL5fRp47DuUPsuOvo2k7oijL9zFVoNrpb/gHafsT2H/BOvxf8QNKuvh5pmraR8Q7 GY3WnW2vXkyy+ZEC5+zNby/Z5gq5+R/nKgkoQCa5j/gsz/yEvhL/ANctb/8AQrKvy3+D2lXl7+0f 4R0v4WS3F5IPE1oNJmkTZM0Ud2pillVfuYjAeTsoz2FfqR/wWZ/5CXwl/wCuWt/+hWVdE8B7HOsP L2jlzKWkndrR/h/wS3R5cXB3bvff0PSv+CVn7P8A8N7z4O33xd8S6Faazr+sajPawS3kCTi2tbUK oWFZFIRncuXYcsNo6Dn87P8AgpD8PPCnw4/aj1jTfBumw6Rp+p2VnqBtrdBHCk0ylZCiLwoZk3EA AZJwK/Yn/glp/wAmj6R/2FNS/wDR1flf/wAFW/8Ak6x/+wHp/wDOWuXJMXUnnteMpO3vL7mrEYSp J4yab7n603F3Nff8Ey2ubhi8jfDABmPJO3StuT78V+Gn7BXwi8L/ABp/aX8OeFfGtsL3RLOO41G5 tm+5cC0TdHG45yjSFd6/xLle9fuDH/yjDP8A2TJv/TWa/Jz/AIJTf8nXQ/8AYE1H/wBp1lktWVPB Y+UHZpy/InCycaVZruz9BP8AgqR8Gfhva/s5weN9F8O2Ol6v4d1GziguLO3jt3+zXBMTwt5YXKZK kA52leMZOfEf+CM1zML/AOLNnuPlNFosmO24NeDP5GvsT/gqN/yaJrn/AGEdM/8ASgV8Z/8ABGf/ AJDPxX/699G/9Du648JVlPh2tzu9pfrExpSbwM79/wDI/Lv4meOdP+JP7Q+u+OviDc3V3o+r+IHm vXgw1yNOFxt2Qhiq7ktwEjBIAwoyBX6VfGL9rz9gT4hfBLVfhVoXw61PSpIrGRNGmi0mwhazvEQ/ Z5BKl0ZAN4HmHkupYNnJr8+fjb4Iuf2f/wBqDW9C8VaRFqVnoOvLfpZzj/R77T2mFzCjZBBSaEhW HOMsvUGv07+IHx2/4JmaR8KLjxd4C8BaFrPiu5ts2WiTaTJHKlywA23TbRGqRk5crIdwBEZY4NfV 5pGnJYaUKc5LTl5HotrX/wA9rHpYhJ+zai32sfK//BKvxtqHhz9qa28LwSsLPxZpl7aTR5+UtbRm 7jcj1XyWAPoxHesD/gpj8M/F3g39qHxD4u1m2mbRfGH2e7028cZjlEVtFDLEGHAaF1K7TyE2HGGF fdf/AAT6+LPw6+MvxTmXwz8AdB8Iah4cspLmbxDpj7fsxmBhWJI3hLB5gzgYlzsD9QDXLftY/wDB Qfxp4M+JXiT4H+MPhLoGp6To995bx6z5moJeWhO6KdIysSKZYWDLw2wnHODXmrF4n+2XOlR15EpJ yje199H6GHtKn1puMdbaq6PCNI/4KTaP4t+HMnwi+PPwo0vW/Dt1bfY3k0Vhp7wpt2rLDA6Sosq8 MpR4wrAEADivuH9gvSf2Dda8Q/8ACRfAC21C08eabbSGSDWrmcagltIBHIwiSU2sqHIBKBtpIJ2k rXzX8SvCX/BKfx34Au/HPhvxBN4M1WW1eeOz06S5+1C52krC1jOsyffwp8vYh6hwvzV8W/8ABPfT /Et/+158Pz4ZVzJa3E810y52pZrbyCcuR0BQlRngsyjqRRiMBQr4KvKgp0bJtp3Sbt2u0100CdGE 6U3BOJ9Wf8Fdfhn4us/i5oHxXNtNceGdS0qDTRc43RW95byzOYDj7m9HDrnG478Z2mvOfgn/AMFH rr4e/Daw+DvxB+GWi+K/ClnaLYFYB9immgC7C06sk0U0hHLNtQseSdxLV9y/tw/t2fED4EfEHUPg +/w30jV9IvbOC4trrV2kura/t5l+fdbKsa4SVXQqXb7ueMgV4nb2f/BLT43/AA9tfGPiieD4ZeJp rZW1K00yS5tJLe6C/vVgtik9vJHuyYzHEcqQDhsqMcBUvl9GnjsO5Q+y46+jaTuiKMv3MVWg2ulv +Adp+xPYf8E6/F/xA0q6+HmmatpHxDsZjdadba9eTLL5kQLn7M1vL9nmCrn5H+cqCShAJr9rq/ji +D2lXl7+0f4R0v4WS3F5IPE1oNJmkTZM0Ud2pillVfuYjAeTsoz2Ff2O185x1gPY14S9o5cy2k7t f8D/AIJw5vR5Zp3bv3Cv5kf2zv20PiH+0j49vfhX8N7m4h8CLeDT7Oxstxk1mVZdiSy7RukEr4MU P3QNpKl+a/pjv7X7dY3Nl5jQ/aI3j3p95d6kbh7jORX8e/gLVdX/AGYv2jdI1Xxro7y33gDW0N9Z HAdvs0m1/LJ4yV+aNvun5WBxzXTwDhKc51azjzTglyr7/wDgK/S5pk1KLcpWu1sW/j1+y58X/wBm 46CfidpsdvF4htvPgltpPPiSQf6y2kcAKJowQWUEqQQVZhnH6PeBv+CpWmfDn9nrwV4f0TwnZz+L 9GnGnX+nojWVk1hBEdt1AYU2JJKxUMuDhhIdu0rXsP7Uf7d37F/xh+BWreDrv+0PFN7qcAktLKOz ktLiyvgD5MpuJ0EUbRsfmaMygruXDKxB/n4r7XA4eWaYdf2lRcZRfmk/1/rc9WlTeIgvbxs0z+v3 9lX9oR/2mvhWvxOPhqXwvG95PZpbyXAuhKIAm6WOQJHlN7MnKg5U19J1+af/AATi/aW+FPxC+Fui fBDw1p8nh/xL4O04GexYNJFcxq4868imA2/vZpN7o21lZyFDKN1fpZX47neE9hiqlPk5UnovLofL 4ulyVJRtY5Dx94M8JfEPwbq/grx3ZxX+g6vA0F3DKdqlDzkNwVZSAysCCrAMCCAa/Dn4o/8ABI3X ZXn1v4BeNbLWtLkZjFaaoTHKoUkFFuoFkjlYEYyyR+h5r2P/AIK8fCPXvEHg3wl8XdCtpbm18MvP ZarsywigumQ28rL2VZAyFvWRc18tfsGft/eHP2evCt18KfitZXdz4ca5e7sL2yQSy2jzDMsUkTMu 6JmG9SnzKxbIIIK/Y5BgsbSwP1vL6vM29YW7fPfZ6Wdj1MFSqxo+1oyv5Hxj8Uv2af2if2c7iDXf Hfhm+0GGCZRBqlrIs1usufk23Vs7rG5/hDMre3Br9hv+CZP7YHjb4tz6p8FPinqEms6to9n9v03U ZzuuJrWN0ilhnfrI6F0ZXYl2BbcTtBryf9tH/go58I/ip8G9Z+Efwq0681WbxGIori9voBb29vDH KkuY0Zi7ykoAuVUL97JIxXmH/BIv4da7q/xr1/4liF00Tw9pUlm03IV7u9dNkQPRsRo7Nz8vy5+8 K9/M5VMVlNStmFJQnHb8Leau9LHbiHKphpSrxs1sYH/BXX/k5vRP+xWsv/Sy9r7C8d+ML7wd/wAE k9Hn0yd7a71XRNO01XQkHy7u6VJ1yOzweYp9jXx7/wAFdf8Ak5vRP+xWsv8A0sva+90+FmrfGL/g lno/gvw/F52rnw7a31nGBuaSawnFz5SAdXlWNo192FcNecI4DL5VNlKN/wATGTSo0XLa6Pz4/wCC WvwT8E/Ff4ya5r/jvTodYs/CFhHcW1pcIJIGu7iXZHJIjZVxGquQrAjcQ3VRX3D/AMFSf2fPhwfg f/wt7QNEtNH8QeHLy1ikntIUgNzaXT+SYpQgUNtd0ZGIJXBA4Y1+WP7EP7UFt+yx8WLnxB4isZr/ AMO63amw1KK3C/aIgHDxzRqxUM0bAgqWGVZucgV9Oft7ft++Df2gPA9n8KPhNZ3i6PJcxXmo3t7G sLSmDJigijDMdoYh2ZiDlQAMZJ9DMMBj5ZzTrU7+zVteiXVfM3r0azxUZLb+rndf8EbP+Rw+J3/X hpv/AKNmr4w/4KJf8nlfEf8A67af/wCm62r7P/4I2f8AI4fE7/rw03/0bNXxh/wUS/5PK+I//XbT /wD03W1b4H/kf1/8C/8AbS6P++z9P8j99/2ff2V/gt4V/Z68P+B77wnp+qLrWlQTarNdW0cs93cX UQeVmlK7xtZiI8EGNQApBGa/nC+FOmjwb+1z4Q0XT3YLovjiwto2J+Yrb6kkYz9QOa/rS+H3/Ihe G/8AsGWf/olK/lE8O/8AJ7Gmf9lCh/8ATsK8Lg7FVKssX7STd1f8zjyupKTq8z/rU/ox/bA+Dv7P fxM8CW2v/tF6rPomheFjLJFeRXjWwie52KfkAdZZG2gIuxm5IUfMQfzI8FftafsG/sy+FbnwZ8Iv BOqfEK5klmkl1TVbS0jkuhIeEe4lRZRGoACoLZQByQWLE2f+Cx+qeJR4p+HGiySyL4fNne3EcYJE b3gkRJGYdCyRlApPQMcYyc5P7D3ij9gDwV8F08T/ABjTSpPH9lPctfrrNq17JtWRjb/YoGSRCvlb eUXf5m7ccbazyzL1DK4VqznUjJ6Qi9Fq97a/8F7dScPQth1KV2n0R+V3i/xbpnij4n6l428MaJD4 Ys9R1Jr22023ffDZh5N4ijYKg2qemFUAcAAYFf0sf8FHPBPgzVv2W/HHjHVNB0+81/SLW0Sy1Ga1 ikvLVXvoAywzspkjDBiCFYZyc9a/m/8AjD8QNJ+JHxl8TfEXR9OGlaXrGpyXVtaAKvk2+/8AdqQn yg7AMheM5xX9NX7f0Z1H9jf4jtZfvlaytJgV5BRLyCQsPbaCfpXq8TyccTl7ty69/OOl+p05g2ql Hpr/AJH5Af8ABKnwB4E+IXxj8W6Z4+8N6b4ls7bQTNFDqdnDexRy/aoF3qkyuFbBIyBnBIr7Q/4K 66fYaT+z74E0rSraKzsrPX4oYIIUWOKKKOxnVERFAVVVQAAAAAMCvzu/4J1ftB/DT9nf4reI/Enx SvZtP0zU9EktYZYoJLgm4FxDKqFYgzDcqNg4xnqR1r9EP+Couo2nxL/ZG8B/E7woJLjRrzVtO1JH ZdrLaahYzmJ3X+E5dFI7FsVjmlOrHPaU5J8jat2vboTiFJYyLewv/BHf/kjfjj/sPr/6SxV87/8A BY0j/hZvw9HcaRc/+lFYn/BM79rL4R/ArSPF3gX4s6odBh1e6gv7K8aGWaFnWPypIn8lHZDgKykj aeQSCAD88f8ABQL9pTwt+0l8ZbbVvAayP4b8OWK6faXMqtG12xkaWScRuFZFJYKqsN2F3HBO0bYT LK6z6ddwfJq79NVbcqlh5rGOdtP+Afsr+wh/yj68Pf8AXh4h/wDS+9r+ez9m74a2Hxf+O3gj4b6s WGn63qUMd3sJVzbJmSdVYchmjRgD2JzX9Cf7CH/KPrw9/wBeHiH/ANL72vxL/wCCe6hv2xvhsD/z 83h/KxuDUZNVlTlmc47pyf3cxOEk08Q13f6n9Ds3wC/Z/wDgJp2q/GPwH4J0/QdZ8J6HqDRXNsrI RCkJkfeu7bIxCY3uGfGRuwSD/Lr8LfFHgaT4z6R40+PUd7r3h59Qkv8AWEgCzXN653S7WDvGGEs2 0SZcEqWwc1/Yf4v8Pw+LfCet+FbhgsWs2NzZOSMgLcRNGTjvw1fyF+Aho/wJ/aEs7H43eGY9c03w tqk1lrelzIJVkjG+3lZVfCuU3ebFkgMVU5AOa4+BcS6tPE87cp2XXW2uzfn+JnlE3KM7u7/Hqfd3 7Wv7Vf7F/wAc/hBP4X8C+BtR0TxZpphfRrtdLsbOOHbIokid4Lgt5LRbhtCkbtpxkV2X/BHTxtqE Hjzx98OWlZrG+02HVljJ+VJbWZYGYehdZ1B9do9BW98d/jz/AME6vBvgWHUfgr8PvDXjTxRevD5V pLpU8EEEJOZHuGdIiCFBVUVi24gkbQc/SH/BOj4g+BPi1L4n8XeDvgnpHw4OlRRWEur6bIGF48zC VrZVMKMoUIjv+8bqmR0NXjqnJlNSnGhNQb+21dO66N3tfsOtK2GlFQaXmfqRX5S/8FfYLmT9nLwz NFkwxeKbUyADpmyvArH2HT8a/VqvnH9rL4JN+0F8BfE/w2syqarcxLc6a7kKq31qwlhDMfurIQY2 PZWJr4DIcXGhjKVWeyaueLg6ihVjJ7XPy5/4IzXNiuofFmzcgXskWiyR+piRrwPj2DMmfqK/dSv5 E/2d/jn48/Y5+Nc3iCTSXae1E2l61pF1mB5Id4MkZJBMcqOgZWwcEYIKkg/sl4h/4K5fs/2vhKbU /DGh63f680Z8nT7mCK3QS4482dZZFVM90Dn/AGa+x4u4cxdbGuvQhzRnbb0S/TfY9TM8DUnV54K6 Z+mtn408Haj4hvfCOn67YXOu6bt+1WEV1E93b71Dr5sKsXTKsGG5RkEHpX5uf8FZvH+r+Fv2d9N8 KaTK0K+LtXitrsqSC1rbRvOyZH96RY8+oBHevxD8FaR8VP2rv2i4n06SWXxT4v1Q3l1d2wZFso3k DTXGQf3cUCH5eeAFUZYgH92P+ClHwR1Txl+yvajwlFcahcfDy4t7/YzNPcS2MML287MzZZ2RGErs TkhGJyaxjkNHLswwqqVLtvVW2fTrtfb0JWDjQrU+aV7/ANfmfEH/AASv/Zp+HXxQm8UfFX4j6Tb+ IY9BuIbDT7K8jE1ss7oZJZpImykhClAgYEAlmxuClfbv+Cnv7LPws0T4RxfGnwF4fsvDWr6JeW9v eLp8CW0F1a3TeWC8UYVPMSQrhwNxUkNkbdvxx/wTx/bI8K/s1atr/hH4lpMnhXxK8VwLu3jMz2d1 CpXc8a/M0ciEBtoZgVXCkE49Z/4KFft3/Dn43eBrT4QfBuafU9MmuorzUdSlgkto3EGTFBDHMEkP zkO7Mi42qBnJx7uJwmYvO41I39nda/Z5bart307nZUp1/raavy/hY9C/4I8+OtRvYfiL8KdRf7Rp MaWuqW8L/MiPLuguRg5GJFEWR0+X3Nfnb8afCOufsgftZ31v4eVov+ET1iDVtHLE7ZLNnW5tlLfx DYfKk7Ehh6iv1N/4JE/BvXPDXgzxX8Y9etntofFTwWWmBwVMltaF2mmAPVHkYIp9Y27YNZ3/AAV5 +C39qeFvDHx30mDdcaJJ/ZGpso5NrcMXtnY9ljm3p9ZRUYfNKUM8rUF8FSyfbmS/4derJhiIrFyh 0lp8zmv+Cpf7RekeKPhN8OfAng278y08cQQ+JrjBw32DZ/oiuPR5GdiOzRCvZf8Agk18GP8AhDvg 1qnxc1SDZqPjm52WxYfMunWLNGhGeR5kxkJ9VVDzxX4N+EtI8afGvxx4P+HMF1JfX929romneZ8w t4HlO1eOkcZkdznoM9hX9jfgnwjo3gDwdongfw7F5OmaBZQWNsvfyrdBGpPqxAyT3OTXBxRCOXZf DL6b1k236X/4b7jHMEqFFUI9T+Qj4meOdP8AiT+0Prvjr4g3N1d6Pq/iB5r14MNcjThcbdkIYqu5 LcBIwSAMKMgV+lXxi/a8/YE+IXwS1X4VaF8OtT0qSKxkTRpotJsIWs7xEP2eQSpdGQDeB5h5LqWD Zya/Pn42+CLn9n/9qDW9C8VaRFqVnoOvLfpZzj/R77T2mFzCjZBBSaEhWHOMsvUGv07+IHx2/wCC ZmkfCi48XeAvAWhaz4rubbNlok2kyRypcsANt020RqkZOXKyHcARGWODX0+aRpyWGlCnOS05eR6L a1/89rHoYhJ+zai32sfK/wDwSr8bah4c/amtvC8ErCz8WaZe2k0eflLW0Zu43I9V8lgD6MR3qb/g q9/ydX/3AtP/APQpq+xv+CfXxZ+HXxl+Kcy+GfgDoPhDUPDllJczeIdMfb9mMwMKxJG8JYPMGcDE udgfqAa+Of8Agq9/ydX/ANwLT/8A0KauPC1nPPW5Q5Xyaq6fXfRvpYypzvjNVZ2P0M/Yw/Ym/Z/1 79mHw3rvxF8IWniLWvGNq19dXdzv85I53YwpA6srQhYgvMZVi2TnkAekftnfAP8AZB1Xw/pPjb9o PWrvwlZ6HZx6RpslldOjLFHudIbe18ucSOATnbEW2gbjtUY+hP2RVC/su/CoD/oW9MP526Gvww/4 Kwap4luv2n4tM1eWT+zLHRbI6bGSfLEUpcyuq9NzShgx6kKATgAD5XKvrGNzWcHWlGzk9H0vay6L /I87D89XEtczW57RZ/tu/sU/Bn4dx/C/4TfCm58Z2tvAYJrnWbaytv7QY53SXMxSWSQsSc5hUAfK qhQAPzr/AGXb5B+1V8MLzTofskU3ivSwkQYt5cct4i7Nx5OFbGT1r9Rf2dvif/wTr+D/AOz3onjb UrHS9S8eWmno+oW19Z/bNXl1VU/eRwCZHWONpOI3TbGEwWOd1fl1+zzrsV/+1f8ADrxHdolql54x 0u4dR9yPzr+NsDpwu78q+1y2nBQxShTmtHdyb9567L/LuetQirVLRfq+p+of/BZHxhfRwfDTwFbz ulpM2o6lcxAnY8kfkw27EdCUDTAf7xr0T/glf8AvhzJ8Fbj4ua/olpq/iDXb+5t45ruBJvs1pbER iOIOGCl3DM7DBYbQeFqj/wAFffhVrHiDwD4N+LGkwma38K3FzZagFUlkh1DyjFKx7IkkWw/7Ui18 x/sC/t8eCf2fPA2o/Cv4sWl4dJF1Jfade2USztG0wUSwSRllO0su9GGeWYEAYNfPUKNWvkEKeD1k nqlvu/8AgP0OGEJTwSVLfr95zf8AwVN+Bvgn4T/Fnw94o8CadDo1p4ys55bmztkEcC3drIoklRFw qeYsiZUADcC3VjX1r+z3441D4cf8EqPEXi/SLl7K/tYNYht54zh4pru7NtG6nsytICD2Nfmr+2/+ 1PD+1P8AFC117Q7GXTfDWgWxs9NiuNvnyB3LyzyhSQrSHaNoZgFUc5Jr9RP2WPhzqHxb/wCCYer/ AA80hVfUdYi1lbRG4V7mK6aWFSe26RFGe2c13ZnSnSyzCxxm6nG9+2u/yNq8XHD01V7q5+PP7LHj L4JfD/4u2XjL496NdeIPD2lwSywWVtBFciW+yohM0U0kaNGgLvgk/MFyCM19Pftu/tGfso/tA+F9 IvPhN4S1DQPGWmXSq11JYWlnDPYMjh4pTbzuWZX2GPK/KNwBAJr5v/ZV8ZfCP4cfGeCb9oPwxDrv hS5hmsL2K7tvtDWMrMpW4EJG4tG6bXAG4Iz4BOFP35+0X+0L+wZ4Eg0i1+Avwv8AC/jzUJ5S9802 nTW9rBbheFV2WNmldiMYDKoDBuSBXtZirZhCcaU5Sto0/d9H0+/yOuuv3yai2/wPdf8Agj1421DV vhd458B3UrSW/h3U7a7twxz5a6jE4ZF9Bvty2PVie9fsJXwV/wAE/vFHhD4g/DHVviF4N+E2n/C2 z1K8Fr/oEgkXU/sikGX/AFMRCRvIyLkt82/B4NfetfkXE1Tnx9WXLy67aPWyvtdbnzOPletJ2sFF FFeEcYV4B+yd/wAms/Bv/sTPD3/pugr3+vAP2Tv+TWfg3/2Jnh7/ANN0FAHv9FFFABRRRQB+H/8A wVd/5H/wJ/2DLn/0cK/Rz9iz/k2DwB/14/8AtRqyf2kf2P8Awf8AtK61o+t+JtbvtKk0a3kt41tB EVdZH3kt5isc59K92+E/w5074SfD3Rfh3pF1Le2miQ+THNOFEjjcWy20AZ57CvcxWOpzwdOjF+8t /wATOMXzNnolFFFeGaH81H7e4Zv2uvHCpjcX0wDPTP8AZ9t1zX11/wAE+ND1nSvinez+Mp9IleXT 8WAg+xmcPkFtvkqHHy9efrX1N8Z/+Cf/AMO/jX8S9Y+Juu+ItTsb3WfI8yG3EPlL5EEcA27lJ5WM E5PU1c+CH7Bfw++BnxBs/iHoHiDUr+8s45Y1iuRD5ZEo2nOxQeK+wrZvQlhFR5teVLbrYwVN81z7 rooor483PPvH3wv+H3xJgtv+E80C11z+zRKbb7Sm/wAoyhd+303bFz9BX8z/AOzB4f0fxL+0N4H8 O+IrOO+0691OOKe3lG5JEOcqw9K/qfZd6lT3GK+APh1/wTy+GPw2+Imj/EjStf1O4vtGuxdxxS+V 5TuM8NhQcc9q+gyjM40aVSE29Vp+JlUhdo+3fCfg/wAMeBdFi8OeD9Nh0nTIWd0t4F2xq0h3MQPc nJrpKKK8CUm3dmoV/Kv+0gk0n7SfxGjtxulbxNqQQEAgsbp8deOtf1UV+dPjX/gnD8N/G/xD1n4j X3inVre81rUptSkhjWDy0knlMpVcoTtBOBk5xXu5Dj6eHnKVR7oyqwb2KX7E3w0+Pvg7xj4g1H4z 6JZafayWKJZyQWVhbP5pkG4brWKNiNvYnFfpHRRXlYvFOtN1JJL0NIq2gUUUVzDCiiigD//U/fyi iigAooooAKKKKACiiigArlPHfg/TPiF4H8Q+Adakmh0/xLp13ply9uyrMsN5C0MjRs6uocK5Kkqw B6gjiuroqoTcWpLdDTs7o+BfgZ/wTo+CX7P/AMS9L+Kng3W/EN7q2kpcJFFf3NpJbkXMLwPuWK0i c4VyRhxzjOelffVFFdWNx9bEz568uZ7amlWtKbvN3Cvzw+Ln/BND4E/Gf4j658T/ABRrviS11TxB Ms88VndWaW6sqLH+7WSzkcDCjq55r9D6KeCzCvhpOdCTi3poFGvOm7wdivaW0dnaw2cWSkCLGueu FGBmvHvjh+z98K/2h/C6eFfihpAv4bdmktbiNjFdWkjDBeGVeVzgblOUbA3KcCvaaK56NedOaqU3 ZrqiIzcXzJ6n5DS/8EePgw2omWHxvr6WOT+6K2rS47DzfKC/+Q6++fgF+zJ8If2bNDn0f4ZaW0M9 9s+2X90/n3t0U+75kmAAo6hEVUBJIXJJP0BRXpY3P8ZiIezrVW12/wCGOirjKs1yyloeL/G39n74 U/tC+G4/DHxS0ZdShtWaS1nR2hurWRhgtDKhDLnjKnKNgblOBX533f8AwR4+C73wksfG3iCGzzzF ILSSTHtIIkA/74NfrxRSwOe4zDR5KFRpdun4io4yrTVoSsj5J/Z4/Yo+BX7Nd02teCdPuNR8Qujx nVtTkWe7WN/vJHsSOKIEcEogYjhmIqb9pr9jv4ZftVzeHZ/iHqer6c3hlbpbb+y5reEOLsxF/M8+ 3nzjyl27dvU5zxj6worL+1sT7f6z7R8/fqT9Zqc/tL6njHwD+BnhL9nX4dW3wy8E3d9e6Xazz3Cy 6hJFLcF7ht7AtFHEmAemE6dc14B+0H/wT/8Ag3+0l8QD8SPHOsa9Y6mbSGz8vTbi1ig8uAsVO2a1 mbcdxz82Pavuaipo5piKdZ14Tam936ijiJxk5p6njo+CXhRfgT/wz2Lq9/4Rz+wj4e8/zI/tv2U2 /wBn37/L8vzdvOfL27v4ccV89fs+/wDBP34Nfs3fEFfiT4H1nX77U1tZrQR6jcWssHlz7dx2w2sL bhtGPmx7V9z0UU80xEYTpxm7S38wWImk4p6Pc8a+PXwO8J/tEfDm7+GHjW7vbLS7yaCd5dPkjjuA 1u4dQGljlTBI5yh46YrzL9mb9jn4Y/sqXPiG6+Hup6xqL+JEtkuP7Umt5ggtDIU8vyLeDGfNO7du 6DGOc/WVFTDMa8aLw8Zvke66f1oJV5qDgnofNn7Qn7J3wZ/aYsbaL4kaZIupWKGO11OxkEF9AhOS gcqyumSSEkR1BJIAJJr4as/+CPPwYj1Dzb7xtr89kCD5SC1jkx6GQxMP/HK/XiiuvB8QY3Dw9nRq tR7f1sa0sbVguWMtDyn4O/BL4afAbwingr4YaOmk6fvMsrbmknuJiMGWaVyWdiBjk4A4UBQAOD/a C/ZP+C/7S1lbp8SdKf8AtOyjaK11Oyk+z30CMclQ+GR1zkhZUdQSSACSa+kqK4oY+tGr7eM3z976 mKrTUudPU/IVf+CPHwZF/wCY/jfXzZf88gtoJf8Av75RX/yHX3h+z/8AssfBv9mrTJ7P4aaUyX96 ix3epXcnn31yqnIDyYVVXPOyNUTIB255r6Kortxuf4zEQ9nWqtrt/wAMbVcbVmuWUtDxf42/s/fC n9oXw3H4Y+KWjLqUNqzSWs6O0N1ayMMFoZUIZc8ZU5RsDcpwK/O+7/4I8fBd74SWPjbxBDZ55ikF pJJj2kESAf8AfBr9eKKnA57jMNHkoVGl26fiKjjKtNWhKyPkn9nj9ij4Ffs13Ta14J0+41HxC6PG dW1ORZ7tY3+8kexI4ogRwSiBiOGYivraiiuLFYurXm6laTk+7MalWU3zSd2FfIf7RH7EfwK/aUvF 13xjYXGl+IkRY/7V0yRYLl0QYVZg6vHKBwAXQsANqsBX15RRhcZVoTVSjJxfdDp1ZQfNF2Z+P1l/ wR2+Ecd8smo+O9cnswQTHFFbRSEdx5hRxn32fhX1eP8Agn5+yynwtn+FUXhJFtbhhK2p792rC4UY WZbtgWBH9wDyuSPLwSD9pUV6eI4kx9W3PWeny/I3nj60t5M+Wf2Wf2TfAH7K3hjUdH8LTSatqmrz mW81O5RUnljUnyIcLkKkSnoD8zlm4yFX6moory8Viqleo6tWV5PdnPUqSnJyk9TP1XSdL13TLvRd bs4dQ0++ieC4t7iNZYZopBtdHRgVZWBwQRgivzU+If8AwSh/Zv8AGGrXOs+GbzV/B73J3fZbKaKa yRj1KRzxvIoJ/hEoUdFAHFfp3RW+BzTEYZt0JuN+xdHETp/A7H5LeGP+CQXwM0y9juvFHirXdbij 5MCGC0jf2YrG74/3WU+9fpl8PPhv4H+E/hS08EfDvR4ND0Wyz5dvADgs33ndmJZ3b+J3JY9zXb0V pj85xWKSVeo5L8PuKrYqpU+OVz4m/aM/YM+EH7Tnjq1+IPj3V9dsNRtNPi05I9MuLWKEwwyyyqxW a2mbfulYEhgMAcdSfStabTP2Rv2ZrmTwlp114m074c6Tuhtrm4SK4uIIDlzJMkOwFVLMSIsYHSvo +qt/Y2WqWNxpmpW8d1aXcbwzQyqHjkjkBV0dWyGVgSCDwRU/2nVnGFKs3KEXsL6xJpRk7pdD+ca5 +Iv7A37U3xRtpviF4R1n4S6r4hmc3erafqNqmneeylvMufOiZI97DDSLEuWbc5+8w6v9qjwt+xD8 DP2etU8CfAjWrHxZ408VXNnG99Dfw6rdx2tvMtw/mTQfuoEJjUbUVGclSQwXK/SHxL/4JAfD3xDr lzq3w08bXXhS0uHaQWF1ZjUYot3OyKQTQOqDtv3nHc1w3hv/AII120eoxS+L/ig89grDzIbHSxFM 655Cyy3EiocdzG30r9Kp5zll6c44majGz5HzPbbo/uvY96OKw/utVGkumpD/AMEa/Dl8o+KHi2SI rZv/AGXYxSEHDyp9ollUHplQ0ZP+8K+wfjP/AME2/gb8c/iZrfxV8W654jtNW15oWnisbmzjt1ME KQLsWW0lcZWME5c856DgfW3we+DvgH4E+BbP4efDiw+waTaM0jF28yaeaTG+aaQ8vI2ACegACqAo AHqFfE5lxFVnjqmLw0nHm087K3+Vzya+Ok60qlN2uZ2j6Zb6JpNlo1ozNBYQR28ZcgsUiUIpYgAZ wOeBX582X/BMf4C2PxSg+LcWu+JTq9vrK64sLXVn9mNylz9pCFRZh/L3jGN+7b/Fnmv0XoryMJmV ehzexm1zb+ZzU684X5Xa54x8dPgF8NP2ifBh8E/EzT2urWOTzra4hfyrq0n2lRLDJg4OCQQwZG/i U8V+f+j/APBIH4D2er/a9X8V+INRsFYMlqHtoScdVklWEkg99oQ+hr9Z6K3wWeYvDwdOjUaXb+ti 6WLqwXLCVkfnB4//AOCWf7MHjnXU1mz/ALY8KRR20FsLPRp7aK2xAuwSET208jSMAN7lyWPzH5iS fuCx+G3hyL4YW/wj1nzte0GPSU0ab7e4ea6tVgFu3nvGsYLug+ZlC8nIwa7+issTmuJrRjGrUbUd r9CamJqSSUnex+SWrf8ABH/4HXesveaX4u16w06Ry32XNtKyAnO1JWiB2gcDcrH1JNfofY/A74ew /Biz+Amr2b654RtNOi0sw3zB5JbeAAIXeMJh1KgqyBSrAFcECvXqK1xmeYuuoqtUb5dV5PuVVxdS duaWx+SOo/8ABH74HXOtNd6f4v1+z0x33fZc20jqD/CszRdB23Ix9Se/sfjD/gmV+zV4s8I+GPBl sureH7Pwubt1l02e3W5vZb3yvMlvJZ7eYyOPJUJjaFGQBjAH6F0V0T4mx8nFus9NvyLeYVna8noe NfCX4HeEvg38HrL4JeGLq9utCsYryFJrySN7srfTSzSFnjjjTIaVguEGABnJyT8ufBv/AIJsfAz4 H/EvRPin4U1zxHd6toLyyQRX11ZyW7GWF4TvWK0jc4VyRhxzjtxX6EUVx082xMfacs37/wAXne+/ 3mUcTUXNZ77hXx7+0V+w98C/2lL4eIfF1ncaT4kWMR/2rpkiw3EiIMIsyujxyhRgAsm8AbQwFfYV Fc+ExlWhNVKMnF90RTqyg+aLsz8ktA/4JAfA+w1NLrX/ABbruq2kbhvs6G3tg6j+F3Ebtg9yu0+h HWv06+H3w88F/CvwlYeBvh/pMOi6JpqlYbeHJAycszMxLO7HlnYlmPJJNdnRXVj85xWKSVeo5Jfd 9xpWxVSp8crhRRRXmHOfKH7QP7FvwH/aQn/tbxxpMljr4QRjVtNkFveFFGFWQlXjlAGMeYjEAYUg V8aWn/BHj4Mpeb7/AMca/NaZ/wBXEtpHJj/ro0Tj/wAcr9eqK9rCcRY2hD2dKq0u3+V9jqp46rBc sZaHgXwJ/Zk+Df7OWky6d8MNDW1urpFS61CdjPfXQU5HmTN0XPOxAqZ5C5r3tlV1KOAysMEHkEHs adRXl18RUqzdSpJtvqznnNyfNJ3Z+cnxe/4Jgfs4fE/WrjxHoqX3gm/u3MkqaS8Ys3dup+zSo6p9 Iii+1ct8OP8Agk9+zz4P1iDWvFuo6r4yNuwZbS6eO3s2I5HmJCokcZ7eZtPRgRxX6iUV60eJceqf slWdv667/idKx9ZR5eZlSwsLHSrG30zTLeOzs7SNYoYYUEccUaDaqIigBVUDAAGAK434o/Dfw18X vh9r3w08YJI+keIbZracxFVlTOGSSMsrKJI3CuhKkBlBII4rvaK8aFSUZKcXqtTlUmndHwV8Cf8A gnX8Cv2fviPZfFDwpqOuarq+mxTR2y6pcWssETToY2kVYbWFt4RmUEtgBjxnBH3rRRXRjcfWxE/a V5OT21NKtaU3ebufNn7Qn7J3wZ/aYsbaL4kaZIupWKGO11OxkEF9AhOSgcqyumSSEkR1BJIAJJr4 as/+CPPwYj1Dzb7xtr89kCD5SC1jkx6GQxMP/HK/Xiiu3B8QY3Dw9nRqtR7f1sa0sbVguWMtDyn4 O/BL4afAbwingr4YaOmk6fvMsrbmknuJiMGWaVyWdiBjk4A4UBQAPnH9oP8AYA+Df7SfxA/4WP45 1jXrHU/skNn5em3FrFB5cBYqds1rM247jn5sdOBX3JRXNQzPEU6rrwm1N7vqZwxE4y509TjPh34G 0n4ZeA/D/wAPNBlnn03w3Y2+n28lyyvO8VugjVpGRUUsQOSFUZ6AV49+0b+yj8JP2n9Hs7D4iWs8 OoaZvFlqVjIIry3EhBdAWV0dGwMq6MB1XB5r6UorGjjKtOr7aEmpb3JjVlGXOnqflV4M/wCCR/7P 3h/WotV8T65rXiW3glDrZSyQ20Eig52TGKMSMD32Oldb4n/4JY/s4eIfGd54103UvEHhma5uRdRW mkXFlb2lrIpBAt0ezkZFDDIG44PTjAr9KKK9SXE+YOXM6zv/AF02Oh5hWvfmZ8XftpftJaT+zf4F 0e48VeCf+E60DxVPNpd7FJcJDGqmEvtkR4ZElEqh8qQo4P0r8n/hJ4C/4Jt/tC+JNUm1C81r4RTW gSdbDUdasoNPuFctuW3nuY5HyhAypkU4YbcgHH7yfF/4Q+Bfjl4D1D4dfESx+26Tf7Wyp2TQSpyk 0L4OyRD0PQglSCpIP5G+I/8AgjVZyXksvhL4oyQWpP7uG+0oSyKP9qaK5jDH6RLXv8OZjgaeHlTq VZUqndXafy1Xlt8zswNelGDUpOMu+p8Wft43v7Nuk6r4L+GH7NBs7nRvC1rdvfXljJ9piuLu8ePl rrLGeQLENzBmUAqqkAbV/a//AIJxeHL7w5+x94Gj1GIwzaj9uvgrAg+VcXcrRNz2aPaw9iK+Vvhh /wAEgPh/oGswap8UvGlz4qtIWDfYLO1/s6KQj+GWXzppGQ9wnln/AGh3/X/TdN0/RtOtdI0m2js7 GxiSCCCJQkcUUShURFHCqqgAAcACjibPMNUwlPBYabnZ3cn137+oY/F03TjSpu9up8NfH3/gnZ+z /wDHrxDc+M7qK88L+Ir1i9zd6U6IlzIerzQSo6Fz3ZNjMeWJNeMeC/8Agkb8AdB1WHUfFmva14mg hbd9keSK0glH92Qwp5uP9yRD71+rNFfPUeJMdTp+yhWaX9ddzijjq0Y8qk7GRoOgaL4W0Wy8OeHL GHTdL02JILa2gQRxRRIMKqKOAAK16KK8Vtt3ZyNhRRRSAK8A/ZO/5NZ+Df8A2Jnh7/03QV7/AF4B +yd/yaz8G/8AsTPD3/pugoA9/ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooo oAKKKKACiiigD//V/fyiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAK8A/ZO/5NZ+Df8A2Jnh 7/03QV7/AF4B+yd/yaz8G/8AsTPD3/pugoA9/ooooAKKKKACiiigAooooAKKKKACiiigAooooAKK KKACiiigAooooAKKKKACiiigD//W/fyiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAK8A/ZO/ 5NZ+Df8A2Jnh7/03QV7/AF5L8A/CWteAPgV8OfAniSNYdX8N+G9I028RHEiLc2dnFDKquvDAOhAI 4PWgD1qiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAP/1/38 ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigD/9D9/KKKKACiiigAor5I/a9/az8PfsneC9N16/0mTX9Y 12d7fT7BJRbq/kqGlkklKPtSMMo4ViSwAAGWXC/Y3/bL0D9rTRda8vRH8N6/4daH7XZmb7TE0Vxv EcsUuyMkEowZSoKnHJBBr0lk+JeG+tqH7vv+Hrvob/Vans/a20PtSiiivNMArEs/EvhzUNa1Dw1Y araXOr6SsT3lnFPG9zbLON0RmiUl4xIoJQsBuHIzW3X5Nap8Stb+D37SX7ZnxP8ADmjHxBqfhzw7 4Ru4LIbsSOlg4y+35vLjB3vjnYpwQeaAP1lor85/2W/2jfjN8WPGej21/wCJ/AfxE8Kavp811fXH hiaSy1HQrlFVo47mxvLh55IpCfLVhEGDcuQMZ8b8IftrftA+P/GWqJ4YvfAsOoaZ4hl0pvh7qcs2 m+JXs4rnyGdLu7uIrd7nZ+82ojJjjG/5aAP18or5m+GHxj8U+M/2kPjb8IdVt7SPRfhwnhltOkhR 1uZDrNlLcXHns0jI210ATaiYGc7jzXyPqf7fHjDw9+zFpHxQ1ax0RPGXivxffeFNM+1SSWWjWxgu 5oVvL53lZ1hhii3TEOMk8bRnAB+qNFfm18Af2wfEviD48ad8BvH3izwV8QG8S6XcahpuseCrhnjg ubQb57K8heabB8sM8UgZchcFSSdv298KB8Wh4JtB8bzop8W+ZP8AaDoH2j+z/K81vI2fav3u7ytu /PG7OOKAPR6KKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKK KKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooo oAKKKKACiiigAooooAKK8v8Aix8avhZ8DfDyeKvix4ktfDmmzSiGJ5yzSTSnnZDFGHllbHJCKxA5 PFcp8Gv2oPgN+0BPfWfwk8X2+uXumqHubQxzWl3EhO3c1vdRxS7Q3BYLgEgE8igD3uiiigAooooA KKKKACiiigAorzfxJ8Xvhn4SsvFd/r3iK1gj8DW0V5rioxml0+CdGkiaeKIO6l0Usq7dxXkDBBPc aTqlhrmlWet6VKLiy1CGO4gkAIDxSqHRsMARlSDggGgDQooooAKKK4Dx/wDFDwP8L4dGn8cal/Zy a/qEel2WIZZjLdyRyShNsKOVAjidmdgFUKSxFAHf0VyXgTx14U+JnhDS/Hnga/XVNB1qLz7S6VHj EseSu4LIquOQfvKDVXTPiP4K1jx3rXwz03U1m8TeHba1u7+zEcgaCC83eQ5cqI237TwrEjHIFAHb 0UUUAFFFFABRRRQAUUV5Z8W/jZ8LPgT4bj8W/FnxFB4e0yaZbeF5VklkmmYEiOGGFXllbAJwiEgD J4oA9Torx34PfH/4P/HzTL7VfhL4kh16PS5RDeRCOW3ubWRs7Vmt7hI5o921tpZADg4JwcexUAFF FFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQB//R/fyiiigAooooA+WP 2r/2UvCH7Vvgyw8N+INQm0TUtGna40/UIEEphaRQsqPExUPG4CkgMpyqkNgEHE/ZG/Y68H/sm6Hr FvpOrT+Idb8QPEb2/miFupjt93lRxQqz7FBdicuxYnk4AA+wqK9FZtiFh/qnP+77f1rv0N/rM+T2 d9AooorzjAK+HdQ/Zt+K7fFn9oD4i+FfFtt4Xn+J+laFa6DfWm6a8sbvSLZo3e5ilh8ry3fA+R3Y oW+42K+4qKAPzN+H/wCyh8ZNU/aH8D/G/wCKWleBvCE3gVL8z3Hg6K4jvfEE93AbcNeGSKFEiUEv g+Y2dy8KwK8N8YP2M/2kvjFpWo/DLxpc+B/EWl3WoGaz8dahazDxbYWH2oTLEqQQJE8yIBGCJUjZ ODjjH610UAfAPiH4G/tM/D749eMvit+z1qfhq+sPiRpukWeqR+JnvFns7rRoGtoLmL7LGwmBjYll ZkLOccDmvK7H9gf4gx/sveFvhfe+JdJm+IXgLxXc+KtK1CWKWfTLuZrmWVYb2JkVxHPHJiZVVtrc Auo+b9UqKAPiH4L/AAc+OsHxbT4lfFm28IeFNJ0rT5LSx0TwjbeYtxdTHEl3dXdxbRSjCZVI4yBg /N0YP9L/AAoT4tR+CrVfjdJo0vi3zZ/tDaB9o/s/yvNbyNn2oCXd5W3fkY3ZxxivR6KACiiigAoo ooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiii gAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACvNvjF8R7L4QfC3x R8Tb+1e+h8N2E159njO1pmQfIm7B2hmIBbBwDnBxivSaxvEfh3RPF2gaj4W8S2ceoaVq1vJa3VvK MpLDMpR0bGDggkcc+la0XFTi5q6vr6FQtdX2Pxk/Zb/4KdfEv4q/HPRvhv8AEjw9pcWkeKbg2trJ psc0c9pM4Ji3mSWQSoSArcKRncDgbT+2lfEXwX/4J+fs8fAv4hD4l+E7XUL7V7cyGyGo3Kzw2JkU qTAqxoS20lQ0jORnIOea+3a9niHE4KrWUsDDljbX1OrHVKUpXoqyCiiivBOM+E/2sPhX448afE34 W/Ej4N6toFz8Qvho+pXtp4c1+Ui31G0v40gmlRUPmJJCUHlyBdoYglxtAPmvw9+I9j4g/av8If8A DSHwfvfhZ8YbjTL+y0HU7fUFv9J1m2jQy3MHnW+1GeNP3iRyBymeWDFAfpP9oH9my4+MGv8Ahf4j eBvGV58O/iH4M89NN1q0gjvENvdACa3ubSUqk8TYBCswwc9QSK4/4e/svfEQ/FbQPjN+0P8AFCT4 j674PhuotCtLfS4NI0+we9TyricxRNIZpXj+UMxG3sDhSAD5q8HeMf2sPj38E/En7Wvgz4pL4RtI 5NXu/DnhdNKs7jT3sNImli8q/mmQ3DS3BgdWdWXy8hlAztF7Vfj58ePjp43/AGe9B+E/ixfh7p/x X8J3+say6WNvfvayWyxSObYXKH5w+6JCxK7XLlSwXHpM/wCxN8R9E0XxR8LPhh8Y7jwr8KPF1zeT z6L/AGRDdX1jFqLFru2sdQeVTFFLuYDdEzRg5BLEsfbtK/Zd8O+Gvif8LvHHhLUf7M0b4XeHrzw7 Z6UYDKZoblY0SRrkyAhkEfzZjYuSSWBoA+ENA139tDxXoHxu0mb42DTj8CLnUILO9t9DsWu9ckgt zeRfbi6mONEjCpiKMFi7Fy20ZZ8TP21fH+t2XwK8GQ+KZvh03jzwfbeKvEmuaXokmt3iiVPLW3sr RIpxGJZlk3SMjbFK4IIw/wB5eHP2a/8AhH4fjfD/AMJF9o/4XLd3d1n7Js/s37VZCz2/64+ftxvz +7z0wOteV3n7FWraRoXwk1T4Z/EB/DXxD+EmiroNvrbaal1aalYmIRyQ3Vg8wwrEFk2zZjLE/Mdp UAp/sU/Hnxz8SPEvxC+HXi3Vr3xjpfhWSyuNE8TX2izaHcajZ3iN5kM9tJDAvm20i7N6oPMB3Y7n qP2kPiH8VdQ+M3w1/Zs+EXiBPBt540g1LVNV137LFeXFrp+mqv7q1inDRGWd2KlmB2AAgGvVPgP8 GPGHwym8TeJviV49vPiB4s8W3MU11dSRGysbaKBPLht7KxWSSOBFGdzKd0hwW6Cs34+fs93/AMWN e8H/ABG8C+LJfAvj/wABy3LaXqqWqX0DQXqCO5trq1doxLFKqj+NSh5BzQB8XePvjh+0F8BD8bfg t4k8bf8ACV6x4c8CHxr4X8RyWNrBfQwC4NnJBdQxx/Z5WSbBRjHkjJbOQE6G88Z/tPfAzQPhH8av iJ8Sh4007xzq+jaZ4j0B9MtLW1s49cGI5NOmgjE+60ZgCHZvO6nb0pvx0/Zv13wT8A/j58X/AIje K5fiD8SPFPhWXTWvY7JbC2tNPgAdLOztI3k2qZPndi7M5AOAdxbsPhN+yp8RvFGhfCW9+MvxSn8W +DvAqaZrWj6GNLjsZje28ANmb+8SVnufsm7CjYm8jMmTkEA+W9ZX4ofDb4l/tw/EDRfH11LeeGbD SbjyptP0+SK6ludKMtoZVeBgPsSfukAGJF5lDtzX0m3xC+OHxv8Aiz4Z+BHgLxs3w/03RvA+l+Jd f1ezsba41C9u9RASK2gSeNoYYwP3jOqZz8gAFdp8TP2MPE/jbx38YNf8P/EYaH4e+NOkW9hrOly6 Ql40d1ZWf2O2uIbj7REwVF+Zo8DccgtjG3o/Fv7KXiuHxT4U+J3wZ+IJ8F+OPD3h6Dwze3M+mpqG n6tp1uAyLPaNNGUdJBvR1kJA+U5FAHyt48/aZ/aB+GnwI/aR8H634mh1H4ifA690JbLxJDZQRG9s Nclglt2ntSjW4mELOkm1dvIwNw3n1Ia1+078D/jr8G7H4j/E5fHekfFW7vtO1bS20q1sbfT7qO0N zC1jJCPN2Iw2ESMxZRlsswK9brH7CkWv/Ar4ofDXW/HVxqPjX4u3dre694puLFCZJbOeOWBIrGOa NI4Y0j8uOMS/LuJ3EAKPoX4qfBD/AIWZ4/8Ahb45/tr+zf8AhWuq3Gp/Z/s3nfbfPtmt/L3+YnlY 3bt2189MDrQB+Wf/AA018dNL+IN/Y/FD4wyfCrx7H4gkhtPDHiXQEt/CV1paXO1Y4tVjt5ZSHg+Y XDSKS3Gdp319p/GC8n8a/tW6Bo1kwNr8IvB2s+KpWwJIxqerK2n2CurAruSGO5kUEd845Fcl4x/Y a+JXjHw3q3wc1L403dz8ItZ1Fr6TSr3Sor7V4YmuvtRtINVnmZwgf7kjRs6jjkE5+lPBXwE/4Rjx F8V/Et3qq3N38SGtbaDZCVFhpun2AsrS3+ZyZChMsjNldxc8A5JAPhnwB8c/jn8Ufh/+zb8JPCni qPwz4j+Jmj6nrGveIorC1eeCy0zI8u0tTELVZJ3baW2Dywu4Ak1j+C/E3xB/Zy+Ov7UnjX4l66PH 2qeD/BujX9peyW8dlLfQRR3L20dxHbhY1cP+6d0UBgN+ASRX0rB+xRf6D8MvhJofgjx9Jonj74NR XMOk+Il09ZIbiG9BW6gubB5irxTLtBHm7lK5VgSav/Dv9jfU9P8AEnxU8UfGrx6/xEufi9o8Gkat GNOXTI4YoUli22wjmlCRiKRVRcblZS5dmY4APgHw3+2R8ZdE0Xwb8VG+Jmr+Pdd1e8sZdd8G/wDC F3NnpcWn3hBmisb9bNSJbRW+WUzMsuMneOG92/aE+N3jWx+L3jXwlcftBL4JuNLWAeHfDXhHQn8R 6gz+UGaTVj9ilaOSRyMQh1UIQcnq3s3hb9jv4y6VY+Efhz4i+Od9qXww8FXNtLaaXaaYunandW1k f9FsrvUoLjc8MahVbZGpkUchSFI0Jf2PviToPjP4h6h8LPi5J4U8M/FPUptU1q0OjQXmoxT3K7Zx ZX7yr5QZSwQvE/lcFQTk0AfO+t/tO/tE+Lv2Pvgp8XtMuNQ0mDxPczxeMtd8PaTFqd/Y21rJNAs0 Nm4aNVneLMrhcR/wjkKfp/8AYm+K2pfE/RvFpb4taf8AFvRtNvLcaZerZnTtbtYZYyXh1S08iBUY OpEUiqfMAck5G0Y/hv8AYw8X+A/gh8O/hn8PviteaH4k+GF7f3WmazFY5trmG/lmke2vtOa4MU64 lC7i4I27lC5IPp/7P/7OGr/Cjxn44+LHj/xYPGXjr4gmyXULu30+PS7OKGwjMcMcNtG8nOGO+R3L PheAclgD6qorzjx34X8eeItW8KXng3xk3hay0fUkutWthYxXn9rWSjDWZeRlNuGPPmICw9KP+EX8 ef8AC2v+Ez/4TJv+EM/sb7D/AMIz9hi2/wBpfaPM/tH7du83PlfuvJ27P4854oA9Hrxz4lfDX4Wa v4j8PfGv4hWZnvvhdFqF9p9w8svk2izQj7TKYFby3YJGCpZSylQVwa2/Anhbx54e1fxXe+MvGTeK bLWNSe60m2NhFZ/2TZMMLZh42Y3G08+a4DH0rpPGOi33iXwjrnh3TL1dMvNVsbm0hu3t0u0t5Z4m jSVreT5JQhIYxt8r42ng0AfDH7IOg+Ivil8TfGn7a2taSnhbTPiTY2dhoOlDBuZtKszmLUL4qSvn 3AC7FGdkYAyQQT+hdcR8NfC2q+CPh/4e8H65qseuX+jWUNrNfRWcWnx3DxKFMi2sJMcKnHEaHao4 FdvQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAH/9L9/KKKKACi iigAooooAKKKKACvPNZ+LHw68P8AiKPwprOuwWuqSFR5TbiFL8qHcKUQkEHDMOCDXodfEvxD/ZZ1 /wAW/ES98R6dq9tDpeqTefN5u83ERb74RQpV/wDZyy+h6ZO1GMW/fdjgzCtXhFOhHmdz7aoqG3gW 2t4rZCSsSqgLHJIUY5PrU1YneFc74vu7nT/CWt39nIYri2sbmWNx1V0iZlIz6EV0Vc/4tsbrU/Cu s6bYp5lzd2VxDEuQNzyRsqjJIAyT1JxQB+a3/BPj9pnxt4n+C/jCX9ofXX1HWfB1rb+I31CYIrS6 BqNn9qik+VUDeS0U6MQOCAD6nmP2UP2uPH9h4C+KvxI/aMuNR1aWHX9LGkaPY263F5Guv28d1Z6d axKI9z4nRcOwxg7mGCa5S6/Y1+O8nw9+CXhzR9NXTJdT8M2/gj4jRm7t99tokd9DfF42SXZLIFW4 h/dGQ7ZsDjJHpnj74EftJWM3xovPhhZ3WmWvirxpoGoRw6Xqdtp1/qvhyzsIoL63sroSf6HKzKFV pPLOFIHytyAdD8b/ANsnUbv4O/F3w/onh/xF8LviV4S8OLrtpDrEFskr2clwsC3Vu8E1zEwD/IwJ 4Y45wcer6b+0T4O8Ba78bfEfj3xLq0+m+Ao/Db3drcWsJtrWXUdOieKHTTCxmne6kkXcJVTEzbV+ T5q+BvEX7JPxv1zUvijq3gr4U33hzS/GHw8n0Cwt9U8Swatqlxqg1K3uQ97Nc3kojaaNX2hJWjQR jcUZttfRPxA/Ze+Mfi2++Pd9o9hBaXevaj4F1nw2bq5i+z6jP4as7f7RBKI3Z4lMsTRAyKo3YYZX 5qAO3+Kv7Yvh+TwB4o0fxBpfjP4SeI9Nt9J1OFbjT7I6lNYXWq21mJbVTcyW7AvIsVwjyLJGrsQp YCvXfiH+114Z8FeM/EPgnw74L8TePbrwZbxXPiGbw/ZwTwaWk0fnIkrzzwmSYx/vPKiDtt9xivnb 49ab+17+0p8NPFnhOP4Zr4L0b7Po32fS73UdPudR1HU4NZs7qeSO4huPIitre2hkI3kPK2No/hrt 10H9oD4CfFT4s6h8PfhsPiToXxOvota064h1OzsTY6gbRLaa3v0u5I2MBaMOrwh8KSu3cQAAfQvw 8/aV+GfxT8bad4K8Dy3OonVvC1r4vtr4Rotm+n3d1JaLHkuJVnWSJt6NGAvQtuBUeWT/ALb/AIEu 4dFtPB3hHxH4p8QeIdQ1uws9HsLe1+1sPD8/kXtw7S3KQpCHxsJk3tkfIOcfNnwt+AXx8/ZK8UeA fEPhDwUvxOgt/AX/AAi2pwadqVrYNaan/atxqvmK180Ya2LXLRgqNyhdxUcKeKs/2ZPjFB8JfCmk /Fr4O2XjqWy17xPqN/b6VqyWGvabPqV6Z7a70rUFu4IjBICTJC+1ziMsoIKgA/VD4S/FLRfjD4Kt /Guh6fqGkRyyz281jqtsbS+tbi2kMcsU0WWAZWHVWZSOQTXwt8Tv2h/iv+yN8TPEfhTxpbX3xF0b 4ik3Hw7KopnXWpXjhOhXDoFxFvkWSKVuRHuGXfgfR37H/gz4xeBPhJJovxovLufUX1W+n0221G/X Vb/T9IkcfZLS7vkytxNGAxZ1JXDBQcDA+e9d/ZO8W/tWeIPHHj79pe1n8LS+VLpHgXTILqKabQLe ORZV1ZpLWV4je3EyI5Cudsa+UWII2gFb45+I/wBof4Cfs3+Dbjxb45u11jXPENsPG3iuz09L7+wN PvBJJP8AYrVY2CwQsEhSRkYgEtjc6hen/Zv8Q+Mb3xvNdfDH422nx1+G0+lSyXMeo3Vodb0zVFOb cZtoo28m4G5SsyAoQCOhzbtZv264/hX4N1ubR7Sfx14F1Oa013R5L2ySz8ZaYIzCl3b3Q8w2srZW VVl8nDh96bdqHh/Cnwa+KfxJ/aG0T40W3wtt/wBn6PQNI1mzu7yK70+71HWbrU4PJg8yCxDwtHZy Dz1eclnYKANtAHzt8OPjD8UPiToMusf8NJv4U+P8NzIsngPX7a00rR47lLghdM+zXECzPvjAUSxy vJz/AHskftRHqb6f4dXWfFJh057a1FxfEPmGAom+b5yBlEwfmIHAzX5Z/Ebwh+1H8VPhNd/A34u/ AHSPHHi82Mml2/jiXVdNSw3kGJNVCFVvYJEyJTFFGGZgdoVTtH3+fhZqN7+zwfgnrOtSXV/P4W/4 R641RsmSSZ7H7I9yeQSzMS/UHNAHi/hr9uH4aa7e6Jdat4d8ReGPCfipp10XxNq9lFbaRqH2eKSc lHEzTRLJFEzwmaKPzFGRUfhT9uHwD4j1Twq2o+EPE/hvwt48vU0/w94k1Wxig0vUbmbd9nRSs7zx faQpMBliQSDnivG9F8LftbeL/g54e/ZQ1fwLbeCNJs9Am8N+IPFMt9a39ndafFp0ljF/ZttDKtwJ Lg+W5aVE8oBgQTgVnQ/Dj9pL4nfD/wCE37PHjn4bQ+FtP+H+qaDPrHiQ6paXNlc2vh0qYzpsMLm6 Et2I1GZI4/KDENnPABt/tRftsx6J8K/ionwo0HxLM/hRbrSD4vsbOB9Isdaj2p5fmPL5rCOVhG8i wNGrkAnByPWtW/bE0DwzfSeDtI8IeJviHrPhnSLHUPEk3h+zgni0tbq3E6Cdpp4N00iZkWKIOxXP GRivmLxx8J/2n/CXwN+LP7LvgP4ar4tsvFt/rV3o/iFdVsbe2Fjq87XTxXMNzKk4u4y7RIQvls21 i6qpNc54j/ZO8feE/ir4z8TT/Cm9+J9j45ttNubCfTvFs/h86XqFvZrbz21/FFe2wmhLrvWWMSFV G0AlgAAfrL4H8d+FfiN4K0j4h+D79L/QNctI721uRlQ0Mi7gWDYKkdGVgCpBBAINfKWj/t3fDPWb rTtWj8MeJLbwDrGqLo9j4zmsok0K4u3lMCEP55uFgeUeWs7QiPfwSo5r2D4K/CRvAX7POg/CHULK z0SWHSpLW5ttJkupLS1mu97zJbPeT3Fwyo8jbWeUk4yNowo/LTwB+xV4/wBJ8L6B8FfE3wYTUb3S NShjvPFl54v1FvD1zpsV15v2qHSLXUoJlufLACQ+WiCQByQDtoA+/b/9t/4VabJq2hXWka2vjTSv EcPhgeFhBbHWrq8ucNDNbxfafJa1kizKs7TKnlqSSDgF/jj9tHwX4Q8TeKdB0nwd4n8X2PgID/hJ dV0WyhnsNIbYJZEleSeN5ZIYyHmWBZCi5zyCB81a98DP2l9V+N837bNr4at4fGmhapHpOl+DXm0/ zLrwkoeCd5b0SGFNQm81p0Yz7Y0XyiWBCDz7xd+yb4/0D4hfFiSP4QXXxJg+Iuq3uu6NqcXi650W 0sptTQGWz1Wygv7bfHDIGO+ESNImEDDgIAfdXin9sDwHpmr2mh+APDuvfEy6l0e21+4/4Rm1iuUs 9LvF3288zzzQDdMgLRRJulcAnaBjPX/Dj9pj4bfFfxlpng3wX9rupNX8K2vi+3u2iRLY2F3dSWix Nl/NW4SWJg6GPC9NxOQPk3wV8Lfjl+yd411zWfhr8N4PiDo3jHw74dsjaaRqcdkuk6poNq9oIR/a 1w0rWMqvuVzLJImCGU5ydKTw3+1d8PvjP4X+O+peCLf4mazrHgOHw3rtto99aaWtlqkWoS36sv22 QK1vibyi6lm+QuVGQpAF8Rftra1rvxg+Duh/DLwrrt34a8Sa34l0vVkFrYGW8k0aK4tzHC0l18iw TR/apDlCYQuCWLRH07xR+3H8PPDmr+J/snhTxNr3hTwPetp2v+J9NsY5tI066iKidGYzLPKLfcPP MML7BzyK+W/h38Cv2lPhxa/BXxxq3gVNa13wZ4x8ZX+s6ZY6lZoRa+JVnhiuoJZpFjeNfM37CRJt wCinO3gNQ/Y2+IXhi8+IvgVfg8/xBk8Ua1qN/o3iKTxfe6Zoq2epybzFqum29/bys0G5g/kxkzDg EYLEA+5vit+2J4V8NT+K/Dngfw74g8aS+GNLS91bVdAtYbqx0hLy3ae3eaSSaNpG8vbMVhSQiM7i OMV6X+yX4t8R+PP2afhr4y8X3z6nrWsaJaXN3cyBQ800iZZ22gDJPoBXyjpnwv8Aj1+zpf8AxJ8H /Cr4eQ+O9A+IVtZSaXdwalDZw6VexabHp0sN6moTtcNbL5KyRsjTPs+RiznNfWv7K3gnxP8ADf8A Zx+HXgLxpZf2druhaLaWl7b+ZHN5U8SYZfMiZ42we6sR6GgD5g+Gf7avhXR/h58MtBt9N8afE7xL 440i+1PTXTTrL+0bxLS9aCQXKxXKwQsvLbt3liNMl95CN9efBD42eF/jx4PuPFvhqyv9KfTtQutJ 1DTtUhFvfWGoWTBZ7eeNWdQ65B+ViMEc5yB8Ofsmfs5/GL4Z+JvgrqPjnw8NOg8IeBtd0fUn+1Ws 32e/vdWS5gixDK5ffCC29NyDozA8V9R/sw/Dnxl8O5Pi4fGGn/2ePFHxB1zXNO/exS+fp14tuIZv 3Tvs3lG+R9rjHKjIoA+GvjN+2F8YrLw1+0t9msdX8MRfDnV/D0OlagbeyWOzt5L3TormF2SWWSSa 7SeSWPKMvknkxvhK+2fh9+1x4P8AGXja88A+J/C3iH4eanBo8viC3/4SW0is47vSoGCy3CNHNLs8 ssC6SbHUHJHDAfI/xu+A/wAe/EV7+0b4K8OeBm1fSviZqXhfW9J1RNQsY4ZDpc+mLc2skM80ciOI 4JpAxG0hMAlmUH6N+PvwI8YfFn43aJfWMBt/DNz4H8WeHL7UhJFm1uNaSCKDERdZX4DtlFIG3kjI yAWPB37cHw+8Xat4aM/hPxNoHhXxtfLpmgeJdTsYoNK1K7k3eQiETNPGLjafIaWFBJ7HivePjJ8Z vCfwR8M2niPxRDeahNqt9b6XpunabB9pv9Rv7onyra2iLIGdgrN8zKoVSSRX5a/CT9kbx3aH4ceB vFXwTXT77wZqNhJqvibUPGGo3+kTwaZylzpum2+pRulzKyKY0kgWKEnDIVO0fen7U3w6+IPikfDv 4hfDDTYtf134a+I4ta/seW4S1/tG1aCW2nhimlIiScJLujaQhQQQSM0AZL/tsfDPSvDPibVfGmha /wCGNf8ACt3YWFz4cvLON9YuLvVR/oMVnHbzSxXBuSGEZSXHyndtAqxpf7ZHgzyvGtj428J+IfBX iPwP4eufFVxourW9sl7eaRao7PcWTQ3EkEoBTyyDKpWQ7WwMkeK/Ezwp+1f8d9Ih8e3Xg208My/D /wAV6D4k8LeFb+8t2vdQ/stZVvBd3tvJLbwtcCciBckIUy5GcjL+IHwq+Ov7QmveP/iZrnw/bwS8 Hw18Q+EtB0q71CyuNR1LU9YjY75ZLaV7eKBCojQSS/efzDtGcAHr3hT9ubwb4q1fw5p6eAPGGmWf je1ubjw1fX2n28FvrUltbG68i2JuSyyTRjMBmEaSdmAwT5h8Df25by4/Z88OeOfi54d1zUvF3ibW 9S0rSbHTrK1a51qVL252pYQxT4EdnAixTyTmMBkJ3PuDP6Lr3wa+It3pf7LVrZ6OGf4b3thLrqie AfYo4dGltHIzIBLiZgmIt5PUZXmvis/sn/Ha5+Gvw20nxB8N5dWufgp4i8RFtMh8QR6cfEel+Irm edrixvLS4jktpLfdHhJmiLjcDxuQgH3wf2zvBNt4E8a+MNX8I+JdP1L4bS2y+JNAktLc6tptvdLv jvGjW4MUtqY8yeZFI52KzbeDXjP7TP7dVjovwq+I11+zxbX/AIj1TwppunXD+JLG3tLnRNPl1Rla FZJJp1MkohbeVSGVULIH5yo5zwP8IPjL8OvB/wAUPF3wn+Dlt4a8T+OVsNG0ex1PX5dYvYbUIyy3 +sXF9qFzavFAZGaO3tkaQ/cYOCSPPJ/2Ofjj8MP2e/iz+yR4B05PFvhHxHpdvq2g6y81nZzDWFeA 3un3MbOjnzmh8y3l2lEUiOSTgFQD9YNK8YW9z4KTxx4jsLnwrbpaPeXVtqvlJcWUUaln+0eTJLEC qgk7ZGGO9fLfhT9uHwD4j1Twq2o+EPE/hvwt48vU0/w94k1Wxig0vUbmbd9nRSs7zxfaQpMBliQS Dnivbdc0TXvjb8Bdc8K+K9Im8E6r410K/wBNubKeaG7lsHvoJLf5pLZ2jk2ht3yt044ORXw7D8OP 2kvid8P/AITfs8eOfhtD4W0/4f6poM+seJDqlpc2Vza+HSpjOmwwuboS3YjUZkjj8oMQ2c8AHV/s ofEr4nfGj4+fFfxT4ybxZpGj+G9UudH0/R7tdOi0W0jhitj5M6wSSzvqIMhkJDNEEb77EhVx/Gv7 TvxWbxp+1X4JtNJ1XS7L4deDzeaHfCCzWLT7uPTb6c3UsgmaV/tciRvbDYwCxfOkRJDfSn7Nnw68 Y+ANb+M134t0/wCwQ+LPHmo61pjebFL9osJ7SzijmxE7FMvE42PtcYyVwQT8/wDxN+E/xpl+Jn7S tt4d8GvrWifGbwPDYaZqcV9ZwpBqOn6Xe2iWs0M8qSZnluFCuB5ajlmA3FQDq/gN+2fo/iy2+GPg 7xx4Y8TaJfeN9JiOm6/q1lDBpur3lrZie5aJ0maRN4VpI2kiRXXkYBXO3o/7d3wz1m607Vo/DHiS 28A6xqi6PY+M5rKJNCuLt5TAhD+ebhYHlHlrO0Ij38EqOa53x58BfiB4o8Gfs1eGINKMY8ETWia+ Y54FawhXRJrKRlJkAkKyuFAiLnuPl5r428AfsVeP9J8L6B8FfE3wYTUb3SNShjvPFl54v1FvD1zp sV15v2qHSLXUoJlufLACQ+WiCQByQDtoA/Q/9un4j+JfhJ+y74u+IfhHU5dH1PSJ9GZbqFVaSOKb VrSGcAMCDuhd1PHQ8c1k2n7bHgm3XX4vG/g3xP4KvdH8OX/iu0tNYs7eGbVtK02IzXBsylzIhnRQ C0Erxuu4FgBuK9D+218N/HXxb/Zn8V+APhrpkWs+I9Rn0iS1tJ5YoYpPsmqWlzJ5jzMiBVjiZmBO SBhQWIB+YfjB8Nf2i/2nr+/8SeIfhwfAg8H+BvGGk6XZXGqWV3cavrniTT/sQjieCUxR2sYQbZZm jLMwJUAEqAex6b+3l4I1Tw1pviGD4f8AjJJPFF1BbeGLGTTYUvPEQniaYz2CG42+RFGm+WWVo1RG Rsndit2x/bc+GrQS2/iLw/r3h3XNN8Q6T4c1jSdQtoI7vSZtbyLK7uttw0ZspSABNE8h5B2Y6cL4 z+EHxb8NaZ+zj8T/AAP4bj8ReIPg5psmnan4d+1wW009vqWmw2dz9muJHFv51u8IKhnCuNwD9M8X rP7OPxP+Oum/H7x7488Np4K1j4jaLpumeHNIa8guLuCXQ1e5tLq8nt2aASyXZjKhXJjRMFu9AH0q /wC178IYvHHxZ8AzS3cV/wDBvS01bWZWSLyJbcwfaJBasJSzvEMJIHVMOwUE8kecTft5+DXF7d6J 8O/GWt6boVlp17rt1ZWFrKNHGp2yXcUVxH9qEjyxxSK0ywLIE5GWIIHxjqv7FP7RHifw78P9Z1TT 4rPxV8RNS1eH4qeXc2w8rSdY1a21BliKzFXEUVqIQsTSHDbRxyPT/wBpX9n/AOKniP4m+L/EfgX4 VTf8JPqEEEXhfxp4R19fD09v5dusaprUEt0omEEg4eOJi8KrGoU9AD6t8bftjeDvDfizVvCHhDwf 4m+IV14asrfUdcl8P2UU0Ol293F58Ina4ngLTPF+8WGMM5XPGRiszxh+3F8MtAufBdj4P8O+IviF c/EDRn1zR4/DtjHdPPaRuqyBlkmieORFLMysoA2lSQ+FPxnrP7JvxY8J/Evxb4m8WfDm6+M1z44s tLuV1TSfFVx4cW11i3skt7xL2BLy08y3lmUypIisyJ8m3JAH0j8Fv2cfGvwz+Lfwk1STw7YaboPh PwFqmlXx0y4kksrPVb+/guzb2631zcXrp/rMSMzDA6qCqAA/QO1ma5tYbh4nt2lRXMcmN6Fhna20 kZHQ4JGehNT18/fDn9mvwD8MPG174+8O6jr1zqN/HPHJHqGtXt9aBbh1kbZbzyNGpBUbSB8oyBwa +gaACiiigAooooAKKKKACivOfiP8UvCvwt0231HxM8rG7cpDDAgeWQqAWIDFVwuRklh1HrWv4H8c eH/iH4fi8SeG5WktZGaNlkXbJHIuNyOvOCMg8EjBBBIquR25raGKxFNz9nze92OvoooqTYKKK/JX 4+/Ef4n+DPiZ+1TqPgO9na60LwFolzaKb17dLAul1593bjZIvnRqN4UKpdlALr1AB+tVFfB+m3ni /wAL+CdB/a8+J0Utu3gv4e6gL7RLG+l1Fr1y0V1FcGV1hjLmCDcSY9wadgz7Ytz9P+zx+0r8QfjN q1gmveArGx8P6zpx1C01rQteh16zhcbT9jvjHDCYLja2R94Egjgg0AfZNFfJH7R/7TV98FPF3gj4 eeHdD0/VNe8cC+kt5ta1ePQ9MhjsBGXVrqSKbfNIZVEcSrk8knoCzSf2m/Er3vwm0Txf8PbnwzrH xK1XU9Kuba5vUkFg2m20tyJ4ZEiK3cM4jHluPKyrbu2CAfXVFflL+27+0R8RtQ8H/GH4RfD7Q208 +DtQ8I6fe6zDrD2V08HiGSGXEKJbkoWP+jORLwjtJ22HwHTPD/izSPiX8Y4fHvgm7svDnwZ8CGe1 0yy8d6lN/ZSXenajcs0EzQA3U94wYebMubb5WVZNqqoB+7FFfA/h/wDaY8b6jb6L8PfgN8NpPGt9 4e8K6Hq+snUNbWzWzTUrUS2lmtxJbytdXcsSM25kjTgMzAtgcxrn7VngzwZ8SNU+Knjnwzr/AIeb TvhXZ+ILuzvbiWGSHzdWltl09tKljRFuzcfILkyDcrKuAgDUAfo/RX56+GP23/EEXiHSvDvxU8C2 Hh2bxVpmpahov9m+IYNYJm022a7ksr8RQxm1laJSVYeYhOVHzA1V8B/tt/EbxDbfC3xp4y+ER8Ne AfivqFlo+nakNbivLuK+v42aBpLNbdP9HldGVH8wNtAdkUsEoA/RSivxMuvi78fPEWkeLz41V9Nt 9O+O2i6ZDPb6zJcPbILixSTSo4xBCPsiRkPv3ASNI4aIHLN9p3H7Zsdj8GPGnxA1Dwi0fi/wd4ml 8It4aS+3yXertdR29pHDcmBSUuEljmV/JOF3YDbckA+4KK8p+MPxa0P4H/CbXfiz41hdrPw/arNN b2p82SWeRliigiLBNzSTOsakhRkgnFfKPiD9p/4oaRLD8P8A44/DgfD66+IGiaxJ4fvLLWF1QLd2 Vk1w9pd7YIDBOsfzKyl0ZvlU5BNAH6CUV+bn7F/7S9/8RfBPw2+GPgjS5PGA8PeGNNk8YeIri9ZI dNu5bdTHapmKZ728chjIgZBGPvPvyouap+258RfCmr+GNU8f/CmPwx4R8U63Bo0K3muRJ4jtxdXH kQ3c+jtArJGxwxQSsyqdxPQEA/Reivh+4/bNjsfgx40+IGoeEWj8X+DvE0vhFvDSX2+S71drqO3t I4bkwKSlwkscyv5Jwu7Abbk/S/xP8c658O/hxqfjPTPC174t1ixhjMWjaUDLPc3ErrGI0crwis25 5CvyoCxXjFAHpNFfnbB+3L4g8J+KPFXhH4x+BLPS77QfC2oeK7ceH9di10TQabgzWkwWGBoZhnIZ gUIBPAGT6T+zx+0r8QfjNq1gmveArGx8P6zpx1C01rQteh16zhcbT9jvjHDCYLja2R94Egjgg0Af ZNFfLHxZ8Y6T4f8A2k/gtoV7Y39xdatZ+LJoJra+kht4lsrS2kkE9ksbC7ZwwEWXUxEEjcWwPKPg D+2X42+Ouq+H9T0z4c2zeDPEs00K32m6/BqWo6T5YcxNq2npChthLtwcSN5ZIBzkGgD7+ooooAKK KKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAP/9P9/KKKKACiiigAooooAKKK KACiiigAooooAKzda1ay0DR77XdSYpaadBLczMoLERwqXYgDknAPFaVcD8Vv+SXeMf8AsDah/wCk 70AaPgLxv4f+JXgnQ/iB4UlefRvEVnDf2byIY3aC4QOhZG5UkHkHpXW1+I3wt0DxJ8E/2bv2cfjd 4U+Ieu6jrniHVvDWkXWkz6pLcaRe6dq0nkNp0Ngx8iKS2i+46KHV0dmJJJHmfxW+Jnj9fhvrn7Sf w2134ha0tj4gEtp4vu9Yh0jw1JAdUW1+x2eg/a5WntcZh/1ILEGR8AFaAP6BaK/Gv9pK6+KenfFj 4n+PNQ1jxZrPgvQFtWs9U8A+JYhJ4QFtapJcx6joHnRCZiwaaVpSwaEjO0cLyWofED4w/tG/Fn4k 3Phr/hMvEPh3wjY6PHocvhjxLZeFobJL/Tlu11O7t7i5t2ne4LeZHvBjRAyEHoAD9wa8/wDAHxN8 J/EseIz4Tnkn/wCEV1m80C/8yNo9l/YbfORd33lG8YYcHtX5p/DnxH8Vf2jPGnwp+E/xg8YXuh26 /D6fxHqEnhXWooP7b1SPUjpyv/aGlTOkkccSLcMkEgTzJORhdo9v/wCCe+kPoHhD4vaFJrU3iJtP +JniO3Oo3LiS4uzELdfNmcABpGxl2AwWyaAPv2vDG/aI+G+dcSCS9uW8OeJLfwrerDZzStHqVyIi gwoOYgJkLS/dUZyeK+K7PS9b+Ot98eviP4v+Luv/AA6m+HHiTUtE0htP1F7TTNEs9It4pFvbmyR0 iuvPLtJJ55IaP5VKdvFrHxp4g0vw38R/EHhXxJMsurfHHwzFJqGmySWa3tteRaYJcCNyRDcI3MZZ gVO07hQB+2FFfgpe+NP2lPinp/xc+MWkjxZb6r4Y8RavY6Rqdp4u0vRfDmgx6RIBFb3mm3l3Ckgw Abp50IkVgR0yfcfD/hr4g/tC/Ez47X3jX4i+J/DcXhfSPC95p+meHdeltrCy1LUPDsN1cSxtbSOk qLMu5AjmJiWf5y26gD9TNS8d+EtI8YaL4B1HUUh8QeIYbq4sbPDGSaGyCmdwQCqqm9cliMkgDJrr q/Gr4YW+o/F740fsj/Ezxpr2rza7q/gfUb+7kg1G4t45rjTTZsC0UTqm24LE3KBQs4wJAVAA+wP2 pda8Sax8UPgr8DNP8Rah4T0L4ialqx1a/wBKuDZ3skWk2JuorOK6Qh4ftEhwxQhyqkKwzggH2rRX 5UfFi+tPhV4evfgvpHxq8W+J7q98X6bbWuiaMftniyGG4tDO2jf2rNdRtHFKqeeLl2WSKP5MvuzX yr4p+IPxs+HvhT9ojwFpOseKfBT6PaeCtQ0m11jxANa1TSJtR1mCCYpeQyylEnjYF4DKw2nDcMQQ D+gGivzx8G+FfEHwL/bA8JfD3S/HfiXxRoPjbwrq13qFv4h1OXUx9v02e32XUPm8QuyylWWMKmMD bwMdb+0Pea943/aF+FP7Px8S6n4V8L+I7DXNX1F9Iu30+81KTTUhWGzS6iKyxooleSVUILqAMjGa APuGivyK+IuheJj4u+F/wB8MfHfxBrOnX3jnWtL1K7sr+SHVrKxTTGujpN3eLJIbiWJc7ZZFEib1 OAyq1ebarH8avGPxi+Kfw20dvH/iTRvhJBpujaRLpPjG00aayZ7LzjqWpNd3NvJezztmRZJAYwgZ cY4UA/b6uR8UeO/CXgy70Kw8Tailjc+Jr9NM02NgzNc3kiPIsShQediMxJwAAckV+QsHj74k/GqP 4f8AhXxTqHi7xr4xt/B8dzquheAdZsdM0wXMl3JDFqt7rttfpbytOkQKQRF41OWwDla8+8Nxa/8A G34W/sz3vxG8Ua9c6lb/ABI1Xw+buLWrhLo20K33lO11bOnmXMaxLGt0vzlNwDYdsgH701g+KfEm leDfDGr+L9ddo9N0OzuL66ZFLssFtG0shCjkkKpwB1r8Mr3xp+0p8U9P+Lnxi0keLLfVfDHiLV7H SNTtPF2l6L4c0GPSJAIre8028u4UkGADdPOhEisCOmT+rfxP1fVvEH7Ifi3Xteihg1PUvAt/c3Ud vKk0CTzaY7yLHLGzo6BiQrI7KwwQxHNAHmOm/wDBQn9m+7h03UdXudc8O6Pq/km21TVtB1Cz02Rb jBib7W8PlBHyMOWC4IOcc16T8Vv2rfhb8IPGdh8P/EMOs6prupab/a0Nvo2lXWqN9i80w+a32VHw u8YyeOR6ivItDvfBdh/wTV0C5+IfkHw+vww04XK3O3Y4bSIwijd1dn2iMD5t+3bzivi/4Qf8NC6d 8YvgfH8ObHRbvxgnwKtFuovEs93awJZf2nDt+a2iml88fuRtZQMb8kEAEA/VH4N/tF/Cn47PrFl4 B1Gc6p4eaNNS02/s7jT7+0MwJjMtvcpG+1wCVYAqemc8V7Nf3tvptjcajdErBaxvLIQMkIgLHjvw K/I74y+Df2hvhLpvjf8AaP8AiB4p0jQvG/xBm8N+DY5vDaTfYdB0ia+SOe7868CvJOd5AdlXyycq egX0fW/D/iH9nn9oLwf8NvCXjTX/ABP4X+I3hnxMdV0/xBqs+ry2txpFss0N/E9wzPEZmkMThSEY nhMgFQD0qy/4KKfs53WjQeKblfElh4cuArjV7jw5qQ05Y2O0O1wsDJszxuBIr7d0zU9O1rTbTWdI uY72wv4Y7i3nhYPFLDKodHRhkMrKQQRwQc1+On7OXhL9sn4m/sUeF/hp4UHgXR/BXiXw9Npi6jdz ajcarHYXfmQyubVYFtzNsZtoMpTOM194fEfwzP8ABD9ibxX4R8JardR3HgT4f6hZ2OoJI0N0smm6 VIkVwroQY5A0YcFSNpxtxgUAfVNFfk/4ctPFnwf0z9mj4n6L8SfEXi/V/ijqmk6Xr9rqmqzX9lqV tq+nyXMtzDbSsUg+xsimNoQuE4csT83h2k33xU0L9m/Vvj+3xU8Uf8JB4l8W3XhKOa71WSbTtF0q 61/7G1ylvLlTNCquIpXYmMSALgIm0A/dGivx2/aK1/4i/sTeKrWH4ReMdd8UWXijwd4nurqx8Q6n NrT2N7o1vHNBqsZuizR7nkIkUERvg/Jxlel8T+CfEnwgj+BfiHwv8U/FPiaT4r6tZ+HPEUV7rtzc JqNprdlK8uoWS7/9DltdvmQyWxQxjaMnowB96/Cf9oHwJ8a9W8Q6f4Bg1O5s/Dlw9rJqc+nz2+m3 M8UjxSpaXMihJzG6EPszjg9CCfb6/Cj4X+BfHWn/ALHPgiP4U+J9Sk1PxL4z1Rb7QX8Vvo97rNlp +o6lG9lpFzcSFbeaTCzTiLY021mds53fd/7EnjCPUrbx/wCAry/8WRax4U1O3N1ofjKRbvUdGS+t xJDDHfCSVrq2kCs8Tu24DjG3aSAfdFcZ8QfHeh/DTwneeNPEaXMmn2T28cgtLeS6nzczpbptiiBd hvkXcQPlXLHgGvyX+Pnjv41aP4t+Kf7JHgjxZqsHjT4g+J9L1fwne/bbgXtro1/aS3t+lpIHEkVv bTadLCERgqrNtAAJA8/8W/tF/Eb42fCLxt8c/B3izVdE03wd4a8CaIyaffT2sT+IdW1WyutXkxC6 gywRMlqxPIV3XozCgD9bfGf7RHwm8CaR4v1nWtYLw+A7rTrLWVt4ZJXtLjVHhjtoyAuGLGeMnaTt DZbFe3V+Bnx0+HsGl+Ff2zdT0vWtWa9TxL4StIhdajc3NupvbvSLnzWgkdkaSN/licgtHF+6QhOK +5vBvhbxF8Cv2wPCfw90zx14k8U+H/HHhXVru/tvEGpy6kBqGmz2226hMufKZ1lKskYVMdsBQAD7 f1zx34S8N+JfDfg/W9RS11nxdNcwaVbEMz3UlnbvdThdoIAjiQsWYgdBncQDF4L8d6H48j1qXQ0u UGg6reaPcfabeS3JubJ9kpj8wDfESfkkXKsOQa+I/wBqDwHp/ij9r/8AZlnu9U1ayN1c+I4mFjqV zZqos9LluVKCF1CNI3yTMuDLF+7fKcV8yHxF8UfiB460TwEPiF4i0a11n42eOtGuJrHU54pxpFlb vIlnG5ZtkSIpWIAYhJ3x7WAIAP2qor8Tr7wF8QbPQP2oFX4veNfsXwLS5uvCka63OJIZhpY1Nvtc 2fMu0B2RIkzMqJvwMvkP1j4hfHH9oT44an4ZXTPFusaR4X8J+Gb6HT/CHiS08L4vNbsVvJr+d57i CS4KSN5cSqWjjKfMoLfOAftdXI65478JeG/Evhvwfreopa6z4umuYNKtiGZ7qSzt3upwu0EARxIW LMQOgzuIB/Gi31r9pj4k+GfhnN4r1K98e/2VomqDV9B8FeNrDTtdlaDUWt7bWnfTrlkvUWJFgZEl wtyHJw2VO9oUOg/GXx/+yBrw8aeLNZkN14t0y5utQu5tL1RJtIs7iXy7mO2lKLcKwEE8iMTcRKFk ZlJFAH7T0V/P18VviZ4/X4b65+0n8Ntd+IWtLY+IBLaeL7vWIdI8NSQHVFtfsdnoP2uVp7XGYf8A UgsQZHwAVr6T+Jvhvxx8Rfix+1nfT/ErxXoNj8MtM0q98P2OkaxcWVra3z6At20rRxsNymSJT5eQ hLSMRvbcAD9cqK/GS0v/AIn+AdH+A/xUufiR4j1zWvjH4e1e41+G81CRrAyS+H5dTtmtLRNsNq1t KAIzCq8Zzyc0/wAEf8Jt8OvgL+z3+0VYfE/xL4o8W+MtZ8NadqlrqWrz3tjqltrLiCaxW0lcxLNb oSUlUeZvR3csxJAB+zFFfJf7Zt3448LfCGP4s+AL+9t774a6nZeIruztJ5Ik1LS7N8ahaXCowWSJ rZnk2sCAyKRg818jeMPjZqHjjRPjn8e9N+Iet+HfA0U2leCPCcmho15LPcRyxvf3FjZNLFC91dTz fZobgkFEUndhcAA/Ufxr4u0X4f8Ag3XvHniWRodI8N2F1qV46IZHW2s4mmlKovLEIpIA5PSrnhvX 9N8V+HdL8UaM7SafrFrBeW7MpRmhuEEkZKnkEqwyD0r8LPFmsfEXwVr3xN+H97a+MPDvhzxT8IfG GoSaT4w8RR6/czT2tsyx3qok9wbVmy6MpcbuflAAx9p/sj+Ldbk+LPiHwzq2s3D6Lpfw78BXVpZT XDm1tjLZz/aJYombZGX2r5jKBnA3E4FAH6NUV+CHh34v/G/4h/DX9mj4a2N/4m8TQ+N7XxRqmq/2 Xrsel61rP9m3sywW41S9mjZY4o/mkRZAzRgKMAZHZy337UN94R1z4Tx6zd240jxnYfYvD97460yP xdqOlT2Us1zoo1W1uZpEmikVZo1mKyvASN5VcUAft5RXwv8AsSeMI9StvH/gK8v/ABZFrHhTU7c3 Wh+MpFu9R0ZL63EkMMd8JJWuraQKzxO7bgOMbdpP3RQAUUUUAFFFFABRRRQB4x8Zfg3p/wAXdOsI Jr9tNvdNeRoZhH5q7Zdu9WTcuc7VwdwxjvW/8K/htp3ws8Kr4asLl7xnla4nnddnmSuFUkKCdoCq oAyenWvSKKv2kuXlvocywdJVXW5fe7hRRRUHSFfDHxG/Zc8ZeOfGvx71uHU9PtbD4reDbPw7pxZp Wmt7u3huEaS4QR7RFulXBR3YgH5Rxn7nooA8A8JeEvjE/wCzvB4E8R6lpnhrx/DpEmnRX+kg6hY2 88SGK2nCXsK+YCoRpY3jxksoOMGvlj4H/slfEnwr8fdA+MvibRvB3gNdB06+sr+LwYbmMeJJrtFR Zby3eG3ggjjIMqqgdvM6kgKR+k1FAHyd+058JviT8TW0F/CWn+F/F+hWQuU1Pwz4ttlayvGlCiG5 gu0tp57e4gw4G0bWDc4IBr5n8M/sYfGn4b/DrwFd+BtX0KXxn4E8X6n4ltNIuJb0aDbWWqwvbyaV a3DI9yscSNuid4+XZtw5zX6k1T1DULDSLC51XVbmKysbKJ55553WOKKKNSzu7sQqqqglmJAAGTQB +Y+rfsiftDeN9P8AjJq3jrWPDS+Ivijq3g3UYY7GW8FnZxeG7hGlgZpLcyMfJjURuF/ePkssYPHu PjD9nHxv4g8SftJaxZ32nJD8YvCVjoOkCSWYNBdW1he2rvdgQkJGXuUIMZkbaGJUEAH6z0XxZ4W8 Rz3Ft4e1my1Sa0jt5ZktbiOdoo7uPzbd3CMSqyx/PGTw68rkc10FAH53aF+z7+0h8E9fm8WfA258 Mard+KfDPh/R9ctNcnvIIrfU9As/sUN7aS28EjSwmMkPE6RsdoIbnaOf8cfsN+P/AIpf2xYfEjxt FrP9u/DWy8KXWrSKTevrtpq76sLo26xpF9lWQoFUSB9q7SAfnP6Y0UAfmN4H/ZD+KD6raX3ivwl8 L/Ba6PpOpWnm+FNFh+16tf3dsbeGeW4nsElsYo9xcrbMXZsgkodtepP+zJ48b4F/s9/DEX+mjVPh PrvhfU9Vl82b7PPDoiMtwtq3k73di37sSJGD/EVr7nooA/NDWP2TvjhdeIPF+i2V74ebwjrnxM0z 4h2txJcXaagphntWurWSJbd4uI7c+UQ/zMRuKg/LyFt4E8KfFv8A4KK3mq+ANdi1nwh4Zt7HxJ4p tbYia1i8W6WLrS9PjeRcqtwkTmRk6gw5fnAH6vVxmhar8PYvDt1408M3mlpoV3599cajZyQC0l2F vOuJJ4z5bbSrb3LcYOTwaAOH/aL+D0Px8+C3ij4TS6gdJk1yCL7PeKnmfZ7q1mjubaQpxuVZokLL kErkAg818zaz8Cv2lfjV4i8Nav8AHe68LaZa+BrLVGsbfQpby4Gpavf2L2SXNw1zBF9ngiWRnWNB I27qSMV982F/Y6pY2+p6ZcR3dndxpNDNC4kilikAZHR1JDKwIIIOCORVugD82/hF+xj47+BNx8Nd b+F2o6Tot+nh+Lw74/t7eSaK21JUQmPU7NhbndfW87OyNNGnmodrMnOfArP/AIJ9/Gu28HaF4Ttt I+Httq/hzWrHV7nxUWvZtc8QNa3i3DLc3Etq8lrvUln2vMGdVUBUJYfsXPr2h2us2nh261G2h1W/ ilntrN5kW4nityoleOIne6xl0DsAQu5c4yK1qAPyhtvAnhT4t/8ABRW81XwBrsWs+EPDNvY+JPFN rbETWsXi3SxdaXp8byLlVuEicyMnUGHL84A+1P2qvhB4n+OvwS1r4beENWi0nUdQltJAbh5Y7W6i t7hJZbW5aD96IZ0Uo+znnuMg+k+IPFHws+Etr/afinVdG8HW2s3m3zrue309Lu9m5xukKCSV+p6s etdza3drewi4spkuIiWXfGwddyMVYZGRkMCD6EEUAflt4T/Y3+Nek/E60+I/hqx8C/CaOHwzrGhQ 2nhi3e4a1urxUa3vZTc2SR3zGVdsqSogSNRtaRmOOr+B/wCyV8SfCvx90D4y+JtG8HeA10HTr6yv 4vBhuYx4kmu0VFlvLd4beCCOMgyqqB28zqSApH6TVgt4p8MLf6jpTavZi90eKKe9gNxH5trDcbvK kmTdujSTY+xmADbWxnBoA8P+Jnwg8T+NPj38J/ilpF/bWWmeBLTxLBe7mb7WX1m2t4bd7ZDE8TeW 0TF/MZQBjAfkD5A8N/sb/Ga8+L3gTx140t/Bekaj4L1ganqHi/w7FPY654ihQODb3dlDBBaJ9o3A XLb34HycEg/pvYa9oeqX+o6Xpmo215e6RIkN7BDMkktrLJGsqJMiktGzRsrgMASpBHBBo1rXtD8N 2B1TxFqNtpVkJIofPupkgi8yeRYok3yELukkZUQZyzEKMkgUAa1FFFABRRRQAUVXuru1sYGub2ZL eFSAXkYIoLEKMk4HJIA96sUAFFYOr+KfDHh+Ga517V7PTYrd7eOR7m4jhVHu5BFArF2ABlkISMHl 2O1cnit6gAooooAKKKKACiiigAooooAKKKKACiiigAooooA//9T9/KKKKACiiigAooooAKKKKACi iigAooooAKoarpdjrel3mi6pF51nfwyW88e4rvilUo67lIYZUkZBBHY1frmvGd+ul+D9d1N55bVb OwupjNbqrTRiOJm3xq5Cl1xlQxAJxnigDwDwB+xf+zZ8MfEWj+JvBnhI2l14eBOmRTX99d2tlIyb HmgtrmeSFJnH3pQm8nLFtxYnF1b9g39lXXf7Rh1fwW1zY6lLLcPYnU9RWwhuJ2LSzW1qtyIbeViT +8hRGHO0jJz5v4T/AG0vDej6F8PvAWk+HfGfxN8W+IvBuneJ7drXT7M3d1ZXLyQGe7IuUhgkDxZl +bZl0CM5OB9ZfBb4weFPjt8PNP8AiT4Njurawvnnhe2v4fIvLW4tZWhngniBYLJHIhBAYjuCQQaA PPPiB+yB+z78T/E914w8ZeG5brU9Rjhh1BodRvrWPUY7dQkS3sVvPHHchFUAearEgYORxS+P/wBk D9nf4l69B4l8UeElXUIrOPTnewu7vTFuLGJQqW1wllNCk0SqAqpIGAUBR8vFfAHir9tH4vN4H8f+ JdT03XPDsHhL4radpUcwtLPKaKstos2lbIJZpJbsqZHk+VgRKoSU/cX7l8E/te+BfEOr+LPD/jjw 9rvw11Twdo//AAkV5b+JLaKBm0bLKbyM281wpRCpV1JDBvlAJBwAd145/Zp+CnxD0Xw3oPiDw4sN v4Pi8jRpNOubjTLjT4dgiMVvcWUkMqRsihWQPtIAyOBXS/CX4L/DL4F+HLnwl8KdEXQNIvLyS/lt 0mmmVrmVER3zO8jDKxrwCF4zjJJPh/w+/bM8G+OPEnhbRNU8HeJvB1h493/8I1quuWUNvY6syx+c qRNHPK8TyxgyQrMieYv3eSFrlf29viz8RPhr8PfCuifDeDWre/8AGniLTdIl1TRY7SS4tIZ7iNXh h+1yIourlWKW52lMht7x/KSAeq/ED9kH9nr4oeLrvxv4z8LG61TUvI/tDyb28tbbUfsvEP222t5o 4LnYAAPNRuAFOVGK6i6/Zy+DF5DqcFx4dBj1jxBa+KbpRdXSiTWLLyvIuRtlG3Z5Mf7tcRHbyhyc 8D8Mfjz4Vh+E/jbU7qPxHdf8KbintdafW1tH1a5msLCO/mJNvL5EkuyQKTmNTICBhcMfGfB37Yni HxT+0PqWjL4X1uP4eL4DsPE9uzW1irRC5imvDdTuLkybJI0W2jVc/vw25QmJaAPcvFf7Gf7Nvjbx nqHjzxJ4PS41LWJY59RjS8u4LK/miIKSXdlFMltO4POZI23HlsnmvX9L+FfgLRtf8X+KNM0oQan4 8FqutSiaYi6FnbC0gGwuUi2QjZ+6VM9Tlua82f8Aaa8CJ8PPhb8SjYal/Znxb1HSNM0qPyofPgm1 qNpIGul87aqKFPmGNpCD90N1rxvR/wDgoH8KdT0jxN4uu/C3ijSvCPhMXkV5rt3p8S6e17Z3Itfs ULxzu0txM7x+UqKQ2/5ipVwoB7XL+yx8C5LX4eWaeHXt0+FTA+G2hv72KWxUFGKGVJxJMjGNNyTM 6tjBBGc9z8U/hB8O/jR4eh8MfEjSBqtla3Md5bMssttcWt1Dny57e4t3jmhkXJAZHU4JB4JFeX/D D9p/QviD45i+GviLwf4i+Hnia+sH1TT7LxHaw27X9nGwWR4GgnnXzIty+ZC5WRQc7SASOm+Mfx40 b4Q3/h3w6vh7WPF/iXxZJcppuk6JbxzXEotEEk8rvPLDDFFGGXLPIOvyg4OADmF/Y7/Z4XwAPhsP C7f2Uup/22Jvt97/AGh/auzZ9t+3+d9r88L8ofzeB8v3eKoWv7E37MtnZ6zZReEGZfEdva22pu+p 6i818tleLfwPcStcl5JUuEVvNYmQqBGWMfyVws/7fHwu07wMni/WfC/iey1BPFUfgy50I2EUmrW2 szW8lzFE0KTlXWVU2xtG7FmZRgDcV6rw3+2X8OL7SviBfePdF1r4d3vw0s4NQ1ew1+2iiuRZ3as1 vNB9nlnSUSFSgVW3eZhMZIyAfQmofDrwbqnj3SPidfaf5vibQrO6sLK782VfKtr1kadPLDiJt5jT lkLDHykZOef+K/wS+Gnxs06w074i6Sb46RObmxuYLieyvLOcjaXt7q1kimjJHDBXAbjcDivjqL9q Xxf46/ak+CXgGy8MeJ/h/pWv2/iK8vrLXrS3t11S2jsBJZyIYpZ8NFIrF4yySIWXeuGFfV/xs+PH hP4G6bo0ut2Ooa7rPiW8Gn6Ro2jwC51HULnaXZYY2dFCxoC0ju6qo6nJAIBT8K/szfBDwVbeFLbw 14aW0Hgq+u9T0t/tV08kd9fxNDc3E0jys1xJKjkM05k7YwQMZfxN/ZN+Afxe8Vnxv468NNca3Lbi zubm1vrywa8tV6Q3YtJoVuIxwMShuAF+7xXndx+2/wDDzSfCfiDxL4o8LeJNEuvBWpWFh4m0y5tI DfaJDqIzBqFyiXDK9kw582BpWxzswDjy79pf9tZNP+DHxd1L4CafqusXvgdYdOfxNYxWc2j2l9dJ uZkllnDTG2UgSlIXCSPGCCCcAH0j4w/ZI/Z/8b3ekXur+GGtJtE02LRrc6ZfXul/8SuHJjspBZTQ iWBSTiN8j8M1UvP2OP2cbz4exfCweERa+GLXWH162tbW+vbY2moybt0ttLFOskAwzARxMsagkKgr 4F8U/F/4hfDn4SfEaw0rxt44Xxj4dsfBdzJH4ri0z7RZDV9dEErJJZPKpaeIsjIRtSLy8Mz7iPfL r9szXvA3xq+P9l8QfC2uS+Bvhfpuj3VubW2sSYA6XBmldmukd/tx2NbAnASM7xExO8A938UfsYfs 1+MvGF9448Q+D1uNR1aSObUI1vbyKzv5ocFJbuzjmW2uHBGS0kbFjy2TzX0P4g8OaN4p8Oal4S12 2FzpOr2k1jdQBmjElvcRmKRN0ZVlyjEZUgjsQa+RIP22dBvNL0a4sfhj42l1bxVdTw6FpTabBDea nbW8CXLX0YluUjjtRHImXmdGySoUlWA8d+KP7der3HhPwlqfww8IeIbHWB8QtL8LeItLu7KzF9a/ vYnmsdstz5XnXsThLaRWK/e3PEQGoA9t0X/gn1+yFoV5p95beARd/wBlsjW0Ooapqeo2sZj+5i2v LqWEgY4BQj2r6QPw08EH4kxfF7+zQPFsGkNoKXollGNNedbloPJ3+TzKobfs38Y3beK+fvG37YXh rwr4r1XwXoPgXxT401TwvY29/wCIU0Szt510WO6i86OK5aS5iVrgxgsIoTISAcZxivf/AA58R/Dv jX4b2nxS8CmXxFo+p6d/aVitmq+fdRmMusUaytGBKxGzbIybX+ViuDgA1/GXg3wt8QvC+peCvG2m QazoerxGC7tLhd0UsZ5wR1BBAKkEFSAQQQDXknw4/Zc+CHwpvdQ1TwfoEg1HUrP+zpby+v73Urpb HnFrFPeTTSRQj+5Gyg4BOSAa/OPwt+2z8XNR8F/Ajx94q0rX2bXfFniHTtStbCytGbXYkN6llbWU MUpJEDrFCxkMXzxszOy5kP2jZ/tw/CyLwX4w8TeLtF13wtq/gfULPStQ8PX9mh1d77UlDWMNtFBL LHMboH91tkGQCzbUG6gD6c+H/gHwl8LfBmk/D7wJYf2ZoGhwi3s7bzZZvKiBJ2+ZMzyNyTyzE+9c 38dPB+sfEL4I/ELwD4e8s6r4l8O6tplp5rbI/tF5aSwxb2wdq73GTg4FeMaR+2L4Oks/GkfjTwl4 i8Fa/wCCPDtz4quNF1e2t47670e2R2e4szFcSQyYK+WytKhWQhWx1rzy3/4KG/D2a58P28vw88bw Dxvatc+FS+lRE+IChj3R2arckqwWRZN0/lJ5fzlgCu4A9F/Z/wD2P/hH8G7Dwn4jh8PBfGWi6VDa tNJfXd7b2dzLCq3psYbiV4bcTSBixhjTcCR0JFevWPwI+Emn/DXUfg9D4cgm8Has93LdadcPLcxS vfTtczsWmd3BaZy64YbDjZtwMV/gn8avD3xw8Oalrei6bqGh3mhalcaPqmmarEkN7ZX9qEaSKVY3 kQ/K6srK5DKQRXj1t8XL7VPj38T9W1bVZdL+HnwR0eGC8iiyyXup31uNQup5AmWcWlqscccYH+sk kOCduAD0D4efsr/An4YXOpX3hjw1593q1kdMuJ9UvLrVpm085zZq9/LOyW5BwYlIVuNwOKo/Dv8A ZG/Z++Ffiez8YeDPDDQanpaSx6c11fXt9Fp0c/Ei2MN1NLFbBuQfKVTglfu8VxPgj9szw54t8aeE fCOt+AfFfg2D4gpI/h7Utas7eK0vzHCbjZ+5uZZIneIb0WRFJHXBIB8l+Av7XFzpH7Mvwa1Px3b6 x8RPiT8Q7W8Npp+lQQy6he/Y55POnfe8EEUUKbN7uygcYBOaAPqTUP2XvgXqfwxtPg7d+GQ3hXTr 6bU7S3F3dLNa3080tw9xBdCX7RHJ5k0jBlkGAxUYXiuo+FHwT+GnwT02/wBM+HWkmw/taf7VfXE9 xPe3l5OFCiSe5upJZpCAMKGchedoGTXzvqP7evwl0fwdH4m1TQPEcOqp4mh8I3fh8WEb61Z6vcwS 3EEUlusxV0mWIiJ4XkDllA/jK9J4c/bM+HF7pPxAvvHui618O7z4aWkGoavYa/bRRXIs7tWNvNB9 nlnSUSlSgVW3eZhMZIyAe4ap8H/hvrXxR0b40anokc/jTw9ZTafY6iZJQ8NrcbvMjEYcRNne2CyF l3NtIyc8TZfstfAXTvhvrnwisPCkdv4S8San/bOoWMdzdKJ78TxXIl80TeauJIIiFVwgChQu3K15 14M/bL8NeKPih4Q+EmueAPFvg/XPHUN1daQ2s2VtDBPa2lu9y8rPFdSlDsTaYyvmKzLuVQc17Rq3 xp8JaD8XLf4OazFdWepXegXPiGG9kWNbCS2s51huIlk8zzPOjDrIy+Xt8s53ZyAAcf4t/ZM+AXjj xT4m8ZeJvDT3Op+MobODVzHqF9bxXi2E0E9s0kMM6Rb43tYSHChiF2klWYH1fUPh14N1Xx5o/wAT r/T/ADfEug2l1YWV35sq+VbXpRp08tXETbzGnLIWGPlIyc/Ofgb9tv4R/ET4aeDPid4YstWntPHX iWPwrYWTQwC+S/d3BaZBOUWFI0MzsJGIjwdu75a+a/CP7WXjaKX9mLS/CMHibxtoPxE/tuTUr68s tNj1HUktYrpY42C3Ijie2kUTzbGGYVXazsWiIB9//FH4I/DP4ynQZPiFpT38/hi8+36bPDdXNnPb XGNrFJbWSJ8MvDKSVYdRwMZWnfs6/BzSdds/Eun+H/K1Kw1/UvFEMv2u6bZrGrxtFeXO1pip81GI 8sgxrnKIpwa+FPgZ+3bJ4f8Ah7LffGDQfFOs6fYeKNT0jUPFiWMLaTYmbVJIbOKWTzY5WSON4ld4 4XCkquWckD7V/aq+Jnib4Pfs9+OviN4Ospr3WtF0u4mtTFHFKIJQh23EqSuimKE/PIBk7QcKx+Ug HWT/AAR+F9za+P7KbRd0PxRV08Rr9puB9uWS1FkwyJMw5gGz9zs/vfe5rgfG/wCyJ+z78QptCu/E fhhxd+HNPj0izubO/vbG5GnRLtW0lmtZ4pJodvG2Vm6nuxJ800n9sSKDQvBXh8+AfFXif4g65oUe s3miWFrZG8tLNXMP2y6Y3SWsSXLoWgVZS7BlBRCcDkPFX7WGieLdb+AvjjwH4hl0Pwf4g17W7TxF DqCJaSW66ZptxLNb36yZ8lreWMM3zY4DBipBIB7/AOKv2Sf2f/F2jeGtCvfC/wDZ9v4PtmstJfSr y70ue1tZMeZCs9nLFI0b4yyszZJLfeJNTaj+yh8ANS8JeEfA58KLZ6R4DuTeaKlndXVnLZzuSZHE 8EqTOZSxMu928wnL5PNefzfttfDoeBtM8d2PhnxJeweKdUfSvDFlFYxfb/EbICxudPt2nDi12gv5 tx5Py4OPmXKXn7bvwx0L4b+OfH3jHQ9d8O3vw1udOtvEGhXlrCNVs/7VmihtZgiTtDLDJ5u9XSU7 kVsAsApALmrfsG/sq67/AGjDq/gtrmx1KWW4exOp6ithDcTsWlmtrVbkQ28rEn95CiMOdpGTn21P gx8Nku/HN+NIJuPiTBDbeIHa5uGN9Fb2n2GMHMh8si3+TMWwn7xJb5q8C0r9t34fDUdd034geFPE 3w9l0bQLnxPF/b9hHAb7SrMgTSW6wzTN5ikjMLhJORx1A6j4W/tNaX8WvENt4J1HwN4q8D3OvaW+ qaZcavawxQXtn8oLQz2lxOI5VDq2yTYwBBGaAOp8Zfs+fD3WPA2geHNJ0ZVuPAOl3Vj4XD3NwFsT Lp76cgJ8w+aPIbYTN5h/i+9zXjH7Mn7E/wAL/g94R8A6x4h8PJJ488NadAJpDf3d3Y2+ptCEuri1 tpZTbRySHOZI4lY9eCST6J+yz4+8UeJfDXinwD49vH1LxR8MdfvPDl3fSbRJqEEASayvHC8B5rWW Myesgc8Zr6goApalp1jrGnXWkapAtzZX0TwTxOMpJFKpV0Ydwykg14zafs1fA+x+DCfs923hWEfD +MELpbTTuATP9q3+e0hn3iY7w/mbgehGBXudFAHynp/7Ev7NenzXN7/wi9xd399p2oaRdXt3q2p3 N5c2GqQfZrmCaeW5aSRGiGEDMfKJLRbGJJ0/GX7Hv7O/j6+0XUfEvhZpbjQdMh0WBoL+9tTJpkAx HaXPkTp9phX+7NvzznIJB+maKAPm/V/2R/2e9a+HGgfCm68JpF4d8KTy3OjpBdXUFzp000jTO9td xyrcx7nckgSbegxtAAG/ZH/Z5b4dt8LP+ERjGgNqH9rnF1dC8/tMLt+2/bvO+1faNvHm+buxxnHF fSFFAHlPwo+Cfw0+Cem3+mfDrSTYf2tP9qvrie4nvby8nChRJPc3Uks0hAGFDOQvO0DJr1aiigAo oooAKKKKACiiigAooooAKKKKACvEPGPxcn8MeLR4fj04TwQ+X5rliHbzAG/dgccA985PHFe31lXW h6Ne3sOpXljBPdwY8uV41Z1xyMMRng8j0r5LjLK80xeFjTynEqhUUk3JxUrxV7qz76P5W6nRh5wj K9SN0atFFFfWnOFfl5+0L4p+L3xNj/aV0bw/4/TwX4c+FGhm1Olf2fa3A1RbzRzfXEt5NOrSxxyJ I0MJgZNu3zDuI2n9Q6+ePif+yp8B/jFr8/ib4geGmvtQvbZLO8eC+vbFb23iJMcd3HaTRJcCMnKe arFeMEACgD8+/D3xI+NOm+D/ABXo/wAJ5beHU9PsvhnbRG1ttMj1Z7O90hZLxLNrxUju7wqp8iO5 aQAbhGOgrsPDP7Q/xX8TWmgfBrRfHt/Z+LvEXjF9FudS8Q+HbfTte0Gwj0t9TENzZ7RZTXUwi2wT LGYnR87WYZr7cvv2XPgTqWkatod54YD2utppCXGLu7WUHQYhDpzwyiYSQSW6ABZImRz1ZmJJrNH7 JHwBPgq98B3HhuS7sNR1CLVri5uNQvZtTk1GFQkd3/aLzm8EyKNqMsw2qSowpIIB41oXxD+LPhL4 8/Dr4N+IviNp/jW2v9Q8TwahJbQWkd60Nnp1td2UOoxwxhYLqIyO58kRiSNkYpXh/ib46ftIeILn VIPCOs6ndaRpPjzxfpV//wAIxZaReeIotN0owJYJaWV8uy4hikdxcOqPN9wbuTn7Svf2RPgBfeFt O8Iv4cmhttJ1CbVra6g1K/g1Nb+4Ty57g6jHcLdvJKgCyM0p3KAD90Yqj9jb9nWDw3ZeFtM8MS6V aaZfXOpWkthqWoWl5b3d4iR3LxXcNwtwgmWNRIok2tjJBPNAHxVrPx7+P3ijwl4B1nwV4w1jWtGO j6k2tah4S8P6fLry6ta3pto3v9C1LfNHbRBGSYWyZaYOFIQoKo3/AO1F8avir4q0fwl8K/EmsXGn 6f4O0vWZ9W8I+H9PvJdT1G/aRDNNbaxKv2e0RoiDFH+83llZ1AWvunUv2P8A9nzUNE0Dw/D4al0u 38NQXFrZSaZqV/p10tveSedcxS3VrcRzzJPJl5BK77mJY/MSam8R/si/s+eJ7bQLS78K/YE8M6eN JsW0y9vNMkXTeptJJLKeF5oCSSUlLAlmPVmJAPlbwD8X/wBon9oPX/C3gaPxZD8J9Xs/A9v4l1R7 SystSa/1Ce+uLHC/aPOiWzjNsJHETbz5uzzBjNdH+zdq17pX/BNS21y2kgmvLPwp4guUcxJPA8kb XjgmOVWSRCRna6lWHDAgkV9KeMP2VvgL4407w9peteFlgg8LWR0zTv7PurrTXh09gqtaGSylheS3 YKA0TlkPJxkknufD/wAH/hz4W+F3/Cl9A0cWfgz7Fc6f/Z6zTMBa3e/zoxKzmUBvMbkPkZ+UjAwA fnh4c8a/tFfESXX9J8IfEn/hCtL8GfDnwpr8MNno2mzebqOoWFzKVxLAVS3LW/zxoowNqxmNQQ30 1rP7QPinRv2G4v2lBYw3XiN/BVprxgVW+z/bbmzjlJKg7vKWR9xG7OwEZ717Z4e+Cfwx8Kvqsmg6 N9lbW9I0/Qrs/aLh/N03S4pYbSH55G2+XHNIN64ds5ZmIBHQ6P8AD3wZofw/s/hZYaVEfClhpsek RafOWuIvsEcIgWBzMXaRfLG07yxYdSSTQB+TXxmvPjV8IPiPYeOdX+Kg8ca5YfCzxtrOlXZ0yxtj Y3ccNnIZI44IxHLbu6o0IlRyNrBmcHj1nxP41+PPhPSfh/4Q1j4s6zrnijxpa3OuXNv4a8MWF1rK 2/kWwWC1SSJrO3soJ5H3T3RMr7kRWG1jX0hpH7EP7M2iG/az8KTyNqOk3mhSmfVtTuCNKv0CTWcZ lum8uLaoCKm3y+THtLMT6J47/Z5+E/xHOgS+JdMuUufDFu9pp91YalfabdQ2soRZIPtFlPDK8TiN QyOxBxnrzQB+WXhHU/ir+0b4/wD2ftU8ceNL3TtZstR8d6UZBpmjtIs2ikoLmSB4Lm3FzNEVilCF 4l2bodrFnb6//Ya0DxiP2HtAsdK8TztrOqWGpNpd3PBbY0yWR5Y4VRFiCyJHKpl/fLISWKsSgVR9 CeCP2afgj8N7nQrrwR4ZXSm8M3Op3mmrHdXTR2s2sIqXpSN5WTbKqL8hGxOqKpJJ6z4XfCPwD8Gd Cu/DPw40+TStJvLya+a2a6uLmKOafHmeStxJJ5MZIyI49sYJJCgk5APyx0n/AIKAePbLW/B3jjxT NHF4B0Tw0un+MUaKFHHjJrLULoxKwTemH00xBFYLunUbSduOL+LOrfGXxL8JvihoHxL8RCDxFp+g /C/UtSmttM06CeW71PUZzPbzOtsHaOCQx+WCflMXGBJKH/UTUP2UP2e9U8P+IvCuoeDoJtK8Wa// AMJRqcBnuQLjV9yv9o3CUMg3KMxoViwWGzDMD03i74BfCTx23jB/Fegi/bx5Z2FhrJNxcJ9pt9Me SS0UbJF8ponkZleLY+SCScLgA/NfW7b46+B/En7VnxI8B/E2bTJPh5/ZeoyRS6ZYT/21d2Hhyzln a9LQ4jWWOPAS2EIV3JBACqPp39tjxNcXX7IK+Mo7CS7nm1HwhfiztwGlldtZsJRDHkgFmPyrk9cV 9B6d+z18JNL8LeLPBtvo0sml+ObSOx1tZ7+8nlvYIrFNNUPPLM0ob7LGqF0dXYjeSXJY9b4n+GXg fxl4OtvAHiTTftmg2klhLFbedNHtfTJo7i1PmRush8uSFG5b5sYbIJBAPzF1n9qv45SfBnTvGtpq 00Pi74geP4/CD6JY6baT3Hg4QeeZrOKO5Ef2vUHSEHN1J5TtIDGioAGvad+0B+0r4Iste1vxpd6o /hj4c+IvD9xqU+u6dpdpq154b1kSW14l1b2BkSN7GQx3Ec0flGWMNuGAa+7/ABV+zJ8DfG114pvf EvhdLqbxo9lNqpW5uYRNcacNtrcosUqiG4iHAnhCSkcFyK838f8A7N50D4MeLPhl+z1o+lw3/wAQ PNs9avvEl7fXkklvdWz20l1JPL9puLmaJdvlRSOqYz8y9CAdh+zp4+8XfFZPHPxE1S983wne+Ibu w8L26xRqi6bpWLOS5EiqJJPtV1HNIN7NhNu3AOK+GNL+Mf7T5+FujfEW5+JMbXPxM8cv4G0uKXSL EW2hwnWLm0GoErGrXE6x2rxokh8ti6blLAk/qD8NfAWh/Cz4feHPhv4aTZpnhqwt9PgyAGZLeMJv bHVnI3Me7EmuRuf2fPg7e/C+5+DN54bjuPB11cXF09jJNO+Li6unvZJUmaQzI/2iRpFZJAUJ+QqA AAD8wv2jdZ+M0E/iX9n3xb8RbnxFD4e1fwFrlnra2GnwXqpqmtLa/ZLxI4PILQyxpcwskaFtoEm9 CVOp+0N+0d8cfAqfEfxb8P8Ax1rmtw/DS8gs/L0/w5p58Oo9qkC3UOr6hdpFK91I7t5i2LARFlVF z0+/LT9kb4AWngfxD8Pv+EbkuNM8VzW1xqk1xqF7cahdzWbrJbSPqEs7XeYXUNHiUBDnaBk5w9d/ Yk/Zq8TJqVvr3hi5vLPWApvrR9Y1QWl1MsSwi6mt1uhE91sVf9IZTNuAffv+agD4h+IFz4x8F/E7 9pLxdZ+JH1CP/hJfh3bixvtP065tduo3OnbG2yWzHfbQM0MLZyAfMbMyrIOp8X/HT9oU/Dr4r/tP 6J46g0zSfhp4o1DSbbwe+n2j2d1ZaTeJaSR3d0yG7S7uc708uQKhKqFIbj7k1/8AZe+CHifxNqPi /W9AluNT1iHTYb1xqN9HHcjSJ4biyeWKOdY3khkt49shXeVBRmKMymhrf7JX7PviPxzcfEPWPCon 1W8vIdRuovtl2mn3V9b48u5uNPWYWc0y4+/JCxJ5OTzQB8T+Jfi7+0ra+EPix8dbP4iG00v4b+Op dGsvDjaTYm3utOjvrWF4ru4MX2jeEuCqNG6FdgLFixI/WavIL74C/CfUvCfijwPe6F5mieM9Tk1n Vrf7Tcj7TfyyxzvLvEoePMkSNtjZU4wFwSD6/QAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQB//9X9 /KKKKACiiigAooooAKKKKACiiigAooooAK5Lx9pl9rfgTxHo2mR+deX+m3lvCmQu+WWFkRcsQBkk DJIA7mutooA/Of8AZb+A3xU+HPxN8C+I/GehDT7HRfhBo3ha6l+020xi1i11CWea22xSuzbY2VvM UGM9A5PFe7fsk/Dnxj8MPhxrmgeONP8A7NvrzxT4h1GGPzYpt1pfX8s1vJuhd1G+Ng20kMM4YA8V 9RUUAfkz4g+A/wAe7jUvH3gW38DNdaRq/wAXNK8eWesLqFiLefTjcWf2iIwSTLMskCQMzAr83RAx 27vZP2g/2bvHfxl+M/jG5sIlsPD3iX4U33haHVHlj2R6tNqa3MUTxK/nlNg3MwQrtyM7uD+gVFAH 5CfBT9mDxivjD4YR+JPggfCk3ga6gu9W1zVfF+oaxayXFhCRDLo9jDqZVXmkw3+kReXEjMhR+lfb X7U/w68Y/EfRPh3aeDNP/tGbQvHnhrWr1fNih8qw0+7EtzNmV0DbE52Ll26KpPFfUNFAH5aeN/h7 +014Tm/aK+HHgD4cL4q0z4yz3l9peuDVrO0trM6jpsdlcR3MM7ibfEUzHtRlckZKruI1fAnwR+NH hb4i6FaX/hNpNC8T/CXSPBup6lHe2mNF1PToLjzBND5m+ZGd1QNBvGTnOATX6bUUAfkP4f8Ahv8A tX6z4J/Z6+DmufCsaJp/wd8T+H7vVtYbWbCaK8tdIDwLLaQpJ5hQxP5rhwrggIqscgdTf/sk/FDx Z+wzrXwVu7CHSvGX/CR6jrtraXF0vk3IXWZb2COSe1kbYJ4CAGDhkYru2lTj9T6KAPzQ/Z6+Aes2 3xu0P4lX3wZl+Glj4b068j+0a34qvvEepSX92ohaOyVdRnto7by92+SaItIQu1EIDD0b9rjwJ8Zv F/i3wLdeFtP1zxP8PbNL9de0Lw5rcegX9zcyCMWkj3Dz2xlgX5w0SzJg/Md3QfdNFAH4xfDb9lP4 5aFq1iZ/h+vh/TIfi9oHjCO2XWINRFtosGm3EMzPcTTmeaa3kZElyCzuS0XmIN1e8/tAfsv/ABJ+ MXj741nSoIrDTvGHg/w/ZaRfzTR+TLqmj6hLfeRLGjmZUJWNWZk27WON2CK/SSigD88bS0/aR+LP 7Svwa+IPjX4Ut4G8O+AINeTUrifVtPvXa71Ox8kGFLeZnNvvRVVsb2LZZEC5Ov8Att/s/wDir4s6 p8MviH4V8Pt4zb4e39+174fi1WTRLi/stTgSGRre+jlhMc0LRqygyIHG5ScEq33vRQB+Sej/AAE+ M+jeDPiQvww+EVr4L1H4qtYeHYv7V12XXL3T9GaN0vNR1V73UbmCbyxI4t7a1RnBPz7wMGK+/Ze+ OXgP9l/4w/sfeDtB/wCEn8MvbLc+DNX+02FtNdfa7mOa5sLxHliInhk3ukzKI3Q43KQqV+uNFAH5 b/tGfs5fGXx54h+Nt94U8P8A26DxfpvgG30tvtdrF9ol0XVhdXy4kmUp5MI3ZfaH6IWbiqv7Q/wS +PGveMP2jtL8F+CX1/SfjH4Z0SDTtRi1Cyt0t73Ropo2t5oriWOTMplG1wNgHVuu39UqKAPgH9pv 4c/GnX9S+GsfhrS9b8RfD/SrO5h8QaB4b1uPQb6e6McSWjvcNPb+bboQ4aNZkwfm+YdPk/w7+zB+ 0H4Q8JeI7/SfhmLSfT/if4Z8c6XoceuW9291punohmtlvbmYsbmLG2VpyoZ9xjMi7Sf2uooA/Hzx 1+zL4/s/jV8QPiJc/CDUPiHZfEtLLUrH7D4ul0KTRtQW1EU9nqKQX1uk8QcZWaLzNqgqudwA/Rz9 nj4czfCX4KeEfh7dafY6Tc6RZAT2mmPdSWVvPMzTSxwPezXFwyK7sA0krE9RtGFHs9FAH5M/Bf4D /HvQpvgf4Q8V+Bm0+w+EnjDxJeXWp/2hYzQXdjqq6hNBdQxpN5wAe4jQoU3gncVADbW/tGfsi/Fj 4q+PfjB4s0bRo7qC41vwL4g0S3l1AWS63/wj9nc299aefBKJrRiJyElfy/n2lWA+df1oooA/IzRf 2YfGGuaT8Ute0P4OP4AudU+H+teHtKh1fxPd65rV7qWpQSKYlll1KexgtNwQDzFDs2H3IuRX0TH8 F/iEnjL9k7Uv7FUWXwx0zUbfXm8+3xYyzaEtlEoXzMy5nGzMIcD7xIXmvuqigD5e/Z1+HXjHwJ4t +NWp+KtP+w23i3xpcatpj+bFJ9ospLK1iWXEbsUy8bja4VuM4wQT88aDo3xJ0D4iftW/CXwHqCaR 448Vxw+K/Ct1MAPOW/sRaNIjNkAQXUHkljkRsVbGDg/pRXN3nhDw1qHijTfGt3p8cmu6PBcWtrec iWKC7KGaLIIyjmNCVbIyoIwRmgD8i/Bf7OPxok+LXwY8fS/DDXdPuPB+rB/E2r+I/F0WtX92ZrWS GSe3ia8liW2jkJZigSV96bIiFYjrfhJ8BP2gfgT4S+AfxGsvBX/CReIPAmg6x4e8Q+HI7+zivEt9 Ru/tMU9pO8v2V3jZBvXzRuVsA5zj9a6KAPyin/Zy+OPjH4jWXxz1/wAJw6LqfiT4o+F/EF7oqX1t NJpeheHtMu7Fbi4lEgilndpQ7pA0jDcAN2Dt0/2svgT4g8V6z8d/FfiC8s/C/hLX/Bvh21sta1Ge NbL+0dJ1N7zyrlFZpUiZvKR3aPbtc43YIr9SqzdY0fSPEOlXeha/YwalpuoRPBc2tzGs0E0Ug2vH JG4KurA4KkEEdaAPyvPxD+MPxJ/bS/ZyT4meArDwU2lWXii7RLbWLbWJrhLjS/Ke4U2oIhtGbYsR c7pGJ4Gyvav29Pgd8WPix4V8Ma78CIUl8aaNPqOlsZJYoQNG8Q2MthqDbpXjBaMGKVQGzlMqCwAr 6W+Gn7PnwR+Dl/far8LfBOleGb3UlKXE9lbJHK8Zbd5e/wC8I8gHYCFBA44FexUAfmR8K/2RfGfw 9/a+fV7WzS2+DHhiCXWtAUSxMTr99p1npM6tCHMg2QwSSKxjCgvwSenI/Dz4E/H74W/D79lTVV8D vrWtfCq51+LXdIh1Gxjnhi1qG4t0mSZ5vIkEYkDsEkJxwB1I/WWigD8utQ/Zy+MM37AXjf4Jw+HQ fGus6zqV3bWH2q0HmxT6/wDbYnM3m+SM2+Hw0gI+6QG4r7b/AGkPA+u/Ev4A/ET4feF0SXWPEOg6 jY2aSOI0e4ngdY1LtwoZiBk8DOTxXtVFAH5ieAdA/aP+F/jrT/jbb/CO51j/AISnwnpnh7WNBi1b TU1LS77Q5JI7edZpJ1tpba5jYMQkm9CcsvBB86vP2G/GXxB0rwHpfxb8NwXFh4k8feJPGPi7T7G/ RIdKi1i1cQW6Sh43mMcixKxhDAtuOCmWP7AUUAfjR4z/AGYP2jtb8O/D/SvGfhaTx+nwH1i/sdOE WtrpFx4p8M6jbrDDNHc29xFLbXtmsSI6SmJZAOHkBcNo6r+yd8QNc+CvxeHhP4Vx+D9W8aXXhiLS 9KutfuNW1i4s9K1K2up5NQu73ULizXaokaKOIqyqCrM7FRX7DUUAfEH7QXwh+J3jX426H4y8F6Fp ur6fZeCfE+kSf2xsl06S91D7P9ntbu3Esc0kM4R1coCFGcnoD4f+zH8DvjB4E+Negax4Z8D6t8If AFjp17H4j0S98RprOk6hfSIq2/8AZdqs9w8AjlzIZXKZT5AByG/U+oLq2hvbaazuAWinRo3AJUlW GDgqQRx3BBFAHxT+yDDceJfGHxz+NEJzonjfxe8OkyAYjubPRLePT/tUfYpLLHIob+LZnpivt2sL wx4Z0DwZ4d03wn4VsItL0fSII7W0tYF2xwwxKFRFHoAPqep5rdoAKKKKACiiigAooooAKKKKACii igAooooAKKKKACiiigAooooAKKKKACiiigAr4e+IX7YGueBPiP8AEXw7/wAIAb3wh8KLO0v/ABDr p1RInjgvbM3UKW1m0JaaZmVo9nmKo+Vi43YH3DXzF4g/Zj0DxfqHxp/4SjVJLrSvjLZ6fZz20UQi lsVsLM2gdJi7iRySJFyihSACGFAHhPgT/goH4d1HVpLH4l6PpegwT+H9R8SWkui+IbXxCwt9KhFz dW15HAkTW10sJ3qp3I+GUPuUg9Vdfte+OfBfgS9+KPxh+Et74a8LPoraxp9zZajHqkkjM8MdvZXi LDELW6uTOnljdInVS+5SKd4T/Y61drS70b4teNLXxLo8mgX/AIdjttK0ODQ2mh1CIQS3V5Kks7T3 IiyqEbEUkts3HNVb79jvxz478ET/AA3+M3xbvvEfhy10WTRtNt9Nsv7I2tuhe3vr7ZcSpeXVsYE8 olEjB3ME3MTQBleL/wBtTx18JbDXofjZ8Kx4a1u18OXXiTSba11pL+31GGxeNLm1e4W2jMFzD5yF h5ciEZIbpmd/2tfjsPGt18NR8DlHiYaFH4pt4n8Rwi2/sYu8T/aJxaHyrwSqqLAiSKxYnzQq7mi8 Y/sX+Pvi3pniCT40fFNPEOvXnhu68M6TdWuiJY22nw30kT3N1JbC6kM9xN5KBiJYkAyAvIx9KXfw a+1fGe8+Lv8AbG37X4SHhb7F9nztxdvdfafO8zn7+3y9nbO/tQB8z3f7bnizX5LMfCP4YHxRFN4F 0/x5PLdawmnCCzu2nWS1INtMWuEMOE2/K5LZKBQXSx/byGmaRpfjn4m+ALjwp4L8VeGtT8TaBeC/ jvL28ttMjhmeKe0SNFt5Jop0aH99IrZAYqc47r4Wfsh/8K0sns/+Es/tHf4A0/wLu+weTj7A90/2 3Hnv9/7Tjye23/WHPFHxR+xToHjbwF8L/h14o8RSXGlfD3wlf+FJzFaiKW/W+0+2sRdIxlYW7xG3 EqoRKCSFJwMkA4Hwh/wUAttVubzTvFHhnSrS+n8Nap4k0mLR/E1rrfnDSbf7TNZX32eFWsrgxkMM rIhAcBiyEHe0b9tnXdLj0DxF8Yfhy3g3wp4u8Nan4m0m9h1WPUrlrbSrRL6aK5tlghEMj2774wJH yflOGzjQ8N/sgeMYdL1HS/G3xAs9TRvDmpeHrH+zfD0GlAHUYPs5vr7y55Gup0TIADRJyxwGYmu0 8W/smaJ440X4a+GfEuttPpPgTw5qnhy7iS22PqMGq6YmmSSK5kP2dkVDIvEnJAyMZIB4HeftF/F+ f43fCPXfih4TuPhv4Mu9F8T65KkGsjUYr20ttPjuFW9giiiCT2yjzAhEijf8j7gwF3wL/wAFGvC+ uapoVx410TTdB8N+K7O8vdOubLxDaatqNulpbPeBNT06BFe0eSCNiAHlCviNyG5rstF/Y68dah4m 8JXvxd+KA8ZeHvBmiar4etNNTR1sJJ7HVrMWcr3Nwt1JvuPLVQXEYBC8KpZiY/AH7E2peHrbSPCX jXxtbeIPBfh6wutMtbG10K302+vLW4tmtEXUr5JZGuDDExClI4t7gO+48UAcdY/H342/ED45/s7T az4MufAfg3xtcaxfWzRayt3/AGjaf2HdXFvDqNrFHEIpQfLnRC0qg/xB0NfUnx6+NHiX4TDRYPDf huy1ZtW+0NNf6zrEWhaPYJbqpHn3kkcxMkpbEUaRknaxYqBz434C/ZK+JHhrx38Ktd8VfFb/AISL w58HEvLbRNM/sZLaea2utPl09Ptl2ty3mTQxugWQRKCEOU3SFl7/AOO/7N+o/Fj4geEviZ4f1vTd P1bwpa3tlHb65oy69p7R3zRMZ47dri38q5jMXyyqxyDtIxQB8/J/wUPt9V8MeBdR0HwtpVtqnjGX WoHOs+JINO0WGbRLhbeSGDVRbzR3L3BYNBiNAyncSBwfsr/hat/B8CLr4z6t4cm0y7stCuNZl0ie 4iaRGtrd5zB9oh8yMhtuFkUEEENt/hr5a0b9inxt4W8EQ+EdG+JVpq0f9oa1eXdtr/h2HUtJv01i dbjNxp/2mJPtED79k0bICHKmMLxXvPgj9nbT/An7MTfs2aZrcs8DaLqOlf2lNCCwfUhMZJVgVgAi PMfLiD4VAqbuM0AeA6J+2P8AGnX9Z8G+HLL4JLHqHxL0Z9c8N+Z4iiELWcKxyTNqLi0JtSscsbKE WcsXVDtO7bj3f/BQ3Tb+08KWHhLwzpqeJNc0i61i+tPEPiO10KzsEtL6bTnt1vJopBcXD3NvKqKs ajavmMVU19MeH/2f/wCwvF3wp8Vf295//CsfDF34c8n7Lt+3fao7JPtG7zT5W37JnZh87/vDb83z tpf7B2peD7jQfEPgPxvYQ+I9Ns9T0y9m1bw/HqljeWWoarc6rFi0e6QxXFs906rKJW3gYZQp2gA6 af8AbTufEPw18FfEf4beFLKfT/Flne3NxeeItdt9C0vTpbCb7NLaveNHOJpzMrhFRNrIvmFgtYfh H9t/xb8U4PANn8I/hkmuax460XVdW8u51yK2tbE6PqH9nXCvcpbTCWIyZMcsakvlPkAYsmpqv7FO px6l4I8ReG/Gdlda14T0W40aWbxJoMOtQTNd3P2uW+trYT2yWt15hIVl3L5eEZSF56X9n39kKb4F eIvDWuS+Mm8RL4a0fxBpEayWC20s667q8erebI6zMu+JkMZCxgPu3AJjaQDzzU/2+GHhb4c6npfh Cx03V/Hq6wJIvEevxaNp1lc6HdfYrm0GoG3mSad5gwhXYgZRvO37tfT2t/EXxpqH7OmpfE/Q9AOj eJn0GfUIdNvLmI/ZrhYWfDXESzxOFxuVgrK4xkDJx4a37IPivS/AWj+CvDXjyymhsLnXpbuz1vQU 1bRdQj1vUZL9fN0+S6TbNa+aUjlWX5hu3LtbaPcPhV8BtI+F37P1j8AbfVJ9RsbXTruwe9dFjkc3 zSvKyRjKxqrSsI4wSEQKuTjNAHyx8KP2pfjXrPgj4aeA/D/w/h8cfES+8E6Z4m1eWfXVsrVbG4QR 208ly1oxN5esjOYBHtiJOZWUbq+l/Cf7ROjeNf2b739ofRdJnji0/S9UvptLuXEU8d1pHnJc2kjg MFKzQOm8KQRhguDivCfCf7IHxa+HyeFdc8C/Fm107xX4f8NweD7m8l8PCezvtGsXJsC1ob0FLu2B P74SlZM4aPGc+8eFf2eNI8Gfs3Xn7O+javPJFfaVqdhLqlyglnkutW857m7eNSgYtNO77Nw4wu7v QB823/7dPizRfC/gjUvFPw707w1rHxP33Xhy31XxPb2tmdKito7mS81C8a322rATRqsASR3ZtowQ a1/Cv7c1z8SNN0LQfhf4Hi1/4harqmr6ZcaSNagGmWf9iRwSXdz/AGrFFMk0BW6t/JaOEmQyYwpU 13fxA/ZOl8T6F8KZvDniS207xZ8JrH+zrK9v9KTUtPvbaW1itrmO6sHmjysnko6FZt0TDIJ61hJ+ yF4q0iLwx4u8LfERbH4keGtQ1W9XVpNHibTJ4NZSOO4sjpkU0Wy3VYYfKAnLIyFtzFjQBwX7Nv7R njebW4PCvxC0e8OrePPiR4v0gQ3mo/aG0KPSrJr4W0bbGWaJDEYkCGNAG3rx8p9M1X9rrU38Q6p8 P/Bngc654yTxhf8AhTS7F9RW2t7pdN0631K5v7i4aFvs8UcdwFKKkrFgoXJbC8to/wCxh428N+H9 Kv8ARvieJfiBovjHVfGEOt3WjrJbSz6zbtbXltNZLcrmN1dtrJMhTIAHFGj/ALFvjLw/5njHTPih v+JMXi3UPFltrc2jxm1Datp9vYXtjNYC4Ae3kWDKFZUeMbACShZwCXxx+2rrngU+HPCHiHwHbeHv iBrs+pJJYa9r0GlaRb2umMqtdrqssJE0U5kX7OEgDOd4YJsOfob9nf466L+0L8O/+E40m0GnXFpf Xel6haLcxXsdvfWMmyVIrqH91PEfleOVPldGU4HQeAa9+xx4v1bUtA+ITfEn+1PiNpNxqb3Goa3p I1PSbq01Ro2exTTJLlfs1vAYkMCxT5Q72JZnJH058GfhncfCjwSnhi/1p/EOoTXNze3d61vHZpLN cyFyIraH5IYkXCRxqTtVRkk5NAHq9FFFABRRRQAUUUUAFFFFABRRRQAUUUUAf//W/fyiiigAoooo AKKKKACiiigArzzWfix8OvD/AIij8KazrsFrqkhUeU24hS/Kh3ClEJBBwzDgg16HXxL8Q/2Wdf8A FvxEvfEenavbQ6Xqk3nzebvNxEW++EUKVf8A2csvoemTtRjFv33Y4MwrV4RToR5nc+2qKht4Ftre K2QkrEqoCxySFGOT61NWJ3hWB4q0a98Q+GtT0LTtVudCur+3kgiv7PZ9otXkUgSxeYrpvQnI3KRn qDW/RQB+U2mfDz45X37U+ufAeT9oPxgukaX4UstfjugmmfaWnubyW2aNv9D2bAqAjC5yeuKs+Df2 wvEHwn8T/Gvw98QNF8XfEbTPh7rxE2p6dZW00Ol6TFY2+ZLh2ktgWaRZpWWNWKruYhV2g/Umj/DX xra/tp+JPi1Pp23wpf8AgjT9IgvfOiO++gv5ppIvKD+aMRurbigU5wGJyK880L4L/Eaz8J/tUadc 6MEu/iTqOsT6Cvn25+2w3WjxWsJyJCIt0ysuJShHUgKc0AekeNv2s/BXh7WvDvhTwR4f1z4j+IfE 2kR+ILfT/D1tFJLDpEuBHeXDXU1vHFHITtQM25m42jINcvL+3B8N9R0fwfP4B8O6/wCMte8aNqK2 2hWFrDHqVo+kMEv0vUup4Y4GgdgrKXJYkFNyndXx1rX7JHxC8P8AiX4deP8AW/hvffEWzX4faF4Z 1bSNK8StoWo6VqulwopkWaG8tobmBuY2USsAwMg4HzaOofso+LdJ+GnhGx174FaT4hs21TWtW1HS tC129h8Q6Ld3zRC2ns9Yv9SIndo4l+2KHRHkCsi8HIB9mal+2T8ONP8Ahz4e8dDQfEM+q+KtSm0f TvDK6eF1+bUbZmE8BtnkEa+SELSSGXywuDvJIB9G+Dfx58OfGO48RaFDpGp+FvFHhGaGDWNE1mGO G+tDcp5lvIfJklieKZAWjkRyGAPSvzT1v9kz9ozXvhx8NvFPj7S77x1qfgDxJrtzF4WvPEjQ6uPD mrxxwwWra3BLCsl5a+UH3CUI6sU3bRsP11+yN8FdQ8AeJPHPj3UPh4nw6h8R/Ybaxs7nWr3XNYlt rRGJkv7ia+u7YfO58qOEAouQ7NxQB2HxM/a48O/D7xx4g8B6R4I8TeN7zwdY2+o6/LoNrbzR6Zb3 aPJD5gnuIXkkaNC+yJXO3nrkV5x4W/av1rX/ANqfV/BU+kala/De38G2WvRX89tbQW9us4muX1C6 d5hcJA8aLAi7N6yht8ar89eaftW/A74geMvirrPizQ/hPP4hv59Lt4PDninwnry+Hda0+7RHEkWp vNdxpPEH2vFIsR2J8hBPNNtPgF+0Nc+N7jRPiJZf8JFb/Ef4UQ+C9e8T213bhdO1WKO882aWCR45 51czKA8SZZjuIXkAA908Kftw+AfEeqeFW1Hwh4n8N+FvHl6mn+HvEmq2MUGl6jczbvs6KVneeL7S FJgMsSCQc8V5d8Gv2upvDnwZ8MS+PYtY+IHj3xh4h8TWGk6VpNvFNqN3Dpeo3CFsM8MSQ20KoHkd xhcdea5uH4cftJfE74f/AAm/Z48c/DaHwtp/w/1TQZ9Y8SHVLS5srm18OlTGdNhhc3QluxGozJHH 5QYhs548WuP2NPizp2gfDTxnrvgSfxbN4S1PxdFq3hqz14aTfS2GtalNc2l3aX1rdRR70Uq7xNMC 6kIQGztAPuXUP24/hRovw21P4ia9o+vadLoGu2vhzV9FlskOr6df3bKI/Nt1mKvGysHV4Xk3r9wM 2VHcfCL9pnQ/ip461X4Y6j4R8Q+BPFWmafFq66f4htYbeW502aQwrcwmCadSokGx1YhlbjBIOPiW y/ZT+IZ8AXd3ofw1t/CWoa38QPC2rtpZ1ufVtQXR9FuEZ59Qvb++uIJJ1QyER22MIFX942MfZjfD nxkf21E+LY0//ilB8Pn0M3vmxf8AIROrLciHyt/m/wCqBbfs2dt2eKAOh+Lv7Qel/CzxHovgbTfC uueOPFevW9xeW+maFbxSyJa2xVZJ55biaCKKPcwUEuSW4CmvFrv9v34X2/g/w/4kg8KeKLzU/EGu ah4ZXQ4LCJ9Utta05N8tnPD54AckqqlGdQWBcqAxXJ/ao+Hnxm8XfFfw3qVjomv+NfhdDpE8F1oP hzxAnh64OsvODHcXcrXFq09uYfkCLL+7bL45IPzz+z/+yz8cfBXinwJceJPBMWh6dofxM8SeJZoo dTt76C00rVNHWG12SyTefMY5/wBydyeaSu8jad1AHRaz+2R461vVfj9Z+JNC8X+A/DXhPw5od/ZT R6dpo1TQ3uYZpZ3njkujunujtEKFmVVjbeIj9/Z8Y/Hbxre/teweG9ZvPF/hv4c/D/wrb+Irw2EW nJb3rRyzSSXl+S8s72MsUXkrFEolMoOEUHc0X7QnwT+O+u+Mf2jtL8GeCX1/SfjH4Y0W307UYtQs rdLe90aGaNraaK4ljkzKZRtcDYB1brt9Q8Z/B/48P8VvH3jX4cImj3upfCyy0DRtTeaAqmu29zcy +Vs3l1Kh0IlKGMEggsQRQB3Pgf8AbL8OeLfGvhDwjrfgHxX4Ng+IKSP4e1LWrO3itL8xwm42fubm WSJ3iG9FkRSR1wSAat3+3F8ObfULi6t/C/iW98G22rf2E3iyGyhOiHUfOFtsWVp1mMXnnyjP5XlB +N+Oa+OPBX7OPxnf4t/Bfx9L8Mdd0+48H6sr+JtX8R+Lotbv7szWskMk9vE15LEttHISzFAkr702 REKxHtPwl8Pftb/BDwJpf7NPgzwNbyw6Vrc623jee+tZdNGiXWoPeSTy2JlS7a7EUrxeVt2l8PvK 5NAE3we/be1Q/C7xb49+MHhjXRdW/jS48O6LaQWlmJr+e5vJYLTTLZIrgqbi3EWLhpmVNxykknb6 6+Dvxvs/i3ceINGuPC2ueDNe8LSwRX+na5bRwyqLpDJFJDLBJNBNGwB5SQkEfMBkZ+FYfgn8a1+E nxO+Eev/AAi03xdpr+O7vXreDUtQhWLXtI1O/luJBYTQ3EUthfQIUKSz4UElcHnHsX7Gfwx+Lvw/ 1/xvceItP1nwp8O75bFfD3hzxBrUeuX1nLEr/apEmjkmEED5QLEZXYkFjjjIB698TP2n/Dvw/wDG 9x8OdD8JeIfHviDTLFNT1S28PWkNx/ZtlKSI3uGnngXfIFYxxIXkcKSFxgniLv8Abb8E6qNPX4T+ DfE/xNku9HtddnGg2cLLZWd3u8pbhrqeACdtjYhTe+VIIFc74l0L46fBX9oT4jfFb4b/AA+f4maN 8T9P0ceVbajaWFxpupaNDJbIkovJIw1tMjhy8ZYowbKc5PgXir4SftZeJ/Gb6h8dfDGofFKz1DRd NTT9P8O+Jf8AhG9A07VPLY3yahAl1DNOnmkbZlEpKLtCEkKAD6d1T9uj4VweHPhj4g8NaB4i8Vv8 XbfUZ9BstJsY5rt5NLMYuYJo3njEboZDltxjAjcs4ABb2T4G/Hbw58ddH1q90nSdS8O6p4Z1GXSd W0rWIUgvbK8iVXKusbyIysjqyOjkMD65A+Gf2b/2bvjT4BP7LkHjHw4tmfhfbePLbXJFu7WVLdtX lU2Lx7JWaRZ1yRsUsnSQJX1l8B/hz4x8F/FP44+I/Emn/Y9O8YeJLa/0qXzYpPtFtHp1vAz7Y3Zk xIjLiQK3GcYIJAPJvBv7Sk/gVfjt4l+Jt1qOvWPhnx9/YOi2Fjbrc3ji4tbP7PZWsS7N7PLKxG9g BkksBWH8T/24r/TPh18UbDR/AXiTwh8SPB/hyTXLXT9YtLNibOVmhj1BTHdSQyQQS8zDcWGCFVyC K5Lxl8Ef2l7Pw18Yf+Ff295p8viv4lW+uGHTdTt7DUdW8Mi1torqKzvBJi0mkaMhTIUbCkEYYZ8a s/2T/jBq3iv4qat4d+Gl34O0Txr8MdV8N2C6x4jj1nUZtXkuEmja+llurhozOMqojd40CAuUZiAA fa9v+11aaJ4M+HFnqvgzxJrvxD8caYbyLw7ZW1o+p+TbYSa+uNtwtrBbyNh0YyjIcDaCHVKOr/t7 fCrTfC/h/XbTw54l1PVPEGtXvhsaFa2EbatZ63Yx+ZJY3Vu0y7JDlQCjOvzBiwTLD5g8e/s9/FXx j4g+Fnxw8UfCXUNcbSfCZ8J654UtPEqaVqdmbW4MlvfW95Z3kEM6Sc7oTMOGXKlhlOn+GP7LHxC8 NeMPhV4uj+H9n4UtrPxrrWvarY2+rz6pNY2U+lyWdnJeXN/e3BubpmCCQ2vyD5TsGGagD6d/aW+K fizSv2NvGPxc8Jwaj4M1+PQvt9rFfRRxahYSuUIWaMGVFkUHDLlsHg81H8Kf2u/DHjjxF4Y8FeI/ C/iLwdeeL9PkvtBvddtIbe11mK2iWWZrd4ppWRxGfN8uZY28vDYGcV2P7XfgLxZ8UP2afiF8P/At j/aev65pclvZ23mxQ+bKzKQvmTMka8A8swHvXzgfh98d/j349+GVr8S/AC/Dfw/8MrfUJL67Go2t 4dRv7vT30+OPTltXZ0t0EjSlpghIwm0EGgD0LR/27vhnrN1p2rR+GPElt4B1jVF0ex8ZzWUSaFcX bymBCH883CwPKPLWdoRHv4JUc19FfGb4teHPgb8OtR+Jniy2u7vS9NmsYJIrJI3nLX93DZxlVkeN cCSZS2WGFBIycA/kV4A/Yq8f6T4X0D4K+Jvgwmo3ukalDHeeLLzxfqLeHrnTYrrzftUOkWupQTLc +WAEh8tEEgDkgHbX6W/tifDDxf8AGL9nPxb4B8AxxT+Ibo6fd2UM8gijml06/t70RF2+VTIICgLE AEjJAyaANz4o/tIfDz4P+KU8L+NVvIG/4R/VfEsl1FEklvHZaQYxOrfOJDK3mDy1WNg3IJBxnj/h t+1j4e8dazHpHiPwX4k8ALeaTLrtlea/awRWV1p0IVpJFntridI2RGDskuwheea+bfEPhL9qD40/ GWH4lat8J7Dwrpdl4H1/Qrew8Q6hZ6pBcajfGFxHew2cwJtbjaYhsYnCuzhQUVvOPhf+y78X7nxH eeFvDfhDV/gp8P8AWfDGuaP4j0y78RprWlXV9qNobe3k0q0W4neEQyOZTI7JlP3YA5BAPrXwd+3B 8PvF2reGjP4T8TaB4V8bXy6ZoHiXU7GKDStSu5N3kIhEzTxi42nyGlhQSex4rwL9qL9uSVPgv4u1 P4M6L4mtbe21G30mw8Zw2cB0Zr2DUIorlI5GlaUxlVkhWYweWz/IGyQT5V8JP2RvHdofhx4G8VfB NdPvvBmo2Emq+JtQ8Yajf6RPBpnKXOm6bb6lG6XMrIpjSSBYoSfmQqdo1PFfwa/ap0P9lfU/2MvC 3wyXxBbWV+RZeJl1awhtLnShqo1FGME8qTrd4/dsjLs4LiQnAIB+hv7VXxM8TfB79nvx18RvB1lN e61oul3E1qYo4pRBKEO24lSV0UxQn55AMnaDhWPynyLSf2xIoNC8FeHz4B8VeJ/iDrmhR6zeaJYW tkby0s1cw/bLpjdJaxJcuhaBVlLsGUFEJwPdf2kPA+u/Ev4A/ET4feF0SXWPEOg6jY2aSOI0e4ng dY1LtwoZiBk8DOTxXxd4B0D9o/4X+OtP+Ntv8I7nWP8AhKfCemeHtY0GLVtNTUtLvtDkkjt51mkn W2ltrmNgxCSb0Jyy8EEA9/k/bV+Etz8O/DHjrw1Zav4g1DxjqM+j6b4es7Rf7bfUrXd9qtpbeWSN IWttpMzPIEVcMGIZSeb0/wDb3+Er6R48vvEegeI/DWo/Dy40yw1DSr+yi/tCfUdXMq2tlZwwTy+d M5iOCCEKsrhym5l+VF+D3xN+C+vfDD4u3Fnot38UNT8Z+MfEB8GPqkVmlyvii3RLi0sL2YCBrqzi ijbnar5kAY9W8j1T4VfFn9qnxx+0Fq8nhmx0/wAU+H/E/gPWF0CDVsxXTaNZXccunSaramNUuWgm G6SNgIpdq712hwAfbPxS/bdudK+FnxJXRvBXiLwh8SvDHh2TW7PStas7QTGzkJiTUlCXMkMtvbyE eeu/zEIK+Wx4PEXX7WPxF0X4sfB+S/8ADPifU4fGPge/uZfDFpa2b39zqkNzCqXTqkwgijMSyShj MqiNxlQ52DhbP9lHxj4v0X4m6loXwh/4Vzc6r4G1LQNLXW/E95rur3eo3wJaMStqNzZwWeUUDem9 mw+5VyK+g/hT8P8A4var8aPhP8T/ABp4Jl8K2vh3wFqOgahFPe2V09tfi7thCoNvK5cTRQtIGQEK DtchuKAOvj/bk+FNx8O9M8a2Wja/da1q+t3Phu38LR2SHX21iyJ+02rW/m+UphX55HMuxVIy24ha dfftv/DHQPht46+IHjLQ9d8O3vw1udOtvEGhXlrCNVs/7VnigtZgiTtDLDJ5u9XSU7kVsAsAp+MP H37HPxb1XWdQ+Isvg9vEf9i/FDxVr0Xh+LWhpNxq2ha/a2kC3FvfW1xGYJkeDcsckkbMNwbg7X09 W/ZM8f678Fvi6vhT4VR+ENV8aXfheLTNKutfuNW1i4stK1O2uriTULu91C4s12qJGijiKsqgqzOx UUAfpL8Ovi3e/EL4e3/j1vAniPw5LZm48rSNXtYbXU7tYYxIjQxeeyfvgwVPMkT5wQ2ANx+NfgT+ 3HqF98BPDHi/4q+Gtd1Xxn4r1rVNM0iw06ytDPrLw3tyQLKKOcKsNlAixXEs5jCshJZ8h2/Syvx9 +G/wQ/aV+G+kfCvX4fh3/aGsfAzXPFMP2H+1LJR4g0nxTPPJJdWMhl2wy24aMiO48suCwyDlaAP0 M+DHx/8ADHxmu/Efh630nU/C3irwfNDBrGh6zDHDfWhuU8yCQiKSWJ4pkBaN0kYMB2rl/id+09p/ gLxvefDnwx4E8TfELX9KsYtS1GLQLSCSOyt5ywi82S5ngUyyBGKRR72IHQVzHwB8BfEi++M/xI/a G+JfhtPBc3jC10nS9N0Y3UN3dxWmmJIWuLyS2Z4DLM8o2qrMUVdpJ614l8e/hT8b/Fnx18Ralrnh HW/iV4CvtPsIvDWnaZ4oHh/SrC6SNhd/2rDHc280wklw4kVZSE/dhGOAAD3uf9sv4Y3fgLwB408G 6XrPi29+J63DaDomm2sbancfYwftZkSWWOGJLZhtmdpdqkjBYc1l/wDDbvw3udI0xNG8N+ItT8Y6 tql/osXhKKyiXXI73TEWS7E0bzLBHFCjxs8pmKbXUqW5A+U/g18Af2iPgP4K+BXjePwUPEPiD4b2 fibQtc8PwahZpPJZ6tfvcwXljPJL9nYgKjMjujsrbcBgQPSb3w9+1tcfEnwf+1Hr/gW21O+0aTXN MbwbaX1rHqFnoWorAbaQXckv2Sa7SSBnmAdQyOqKcg4APZ7n9tz4WweDLXxBHouvz+Ir3W5vDcPh SOxQ6+2rWy+ZNbm383ygI4yJGl83yghB3kkA15v24fhtp3hnWb7XvDviDSvFehatp2hXHhSe0h/t p9R1cE2EcSrObd0uVDNHJ54QqrZIOAfm742fBL9pL47Wfgb4x/EHwTBqGoeDvEGrTReB7PWf7Mvf 7A1K3jt1Q6ta3CRm9jaISnbKiFWKZPKtjW37LPjCfwR491qy+A+jpbeJL/RY/wDhF9d1+/1PWtQ0 ix3NcM+pyanLbWl4GkJtGjI8tQ6yF9wwAfXL/tmeCNI8DeMPF/jnwn4l8J3/AIIuLC0vdGv7KL7f PPqjKlmtmYZpLecTO20FZgFPL7Bgn0X4RfHm2+KWu614R1Twb4g8DeIdCht7max122ij823udwjl gmtpp4ZFypVgHDKeCvevgnwZ8Afj+nw2+K3h6LwO1z4G1pdJXQfAXjvWhrLstvLvvxFdwXDCy3rt NtmZykyB2C4BPr/7H/wm+LPw/wDiT4k1J9B1vwB8K59Jgt7Dwxr2vR67NHqqzFpLi0aOa4+z26xf u9jSlnYh8YACgH6JUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABXxn4x/ah8N/CXxn8S m8X3Wta5Y+HdQ8MabFpllpls5tZ9chPlC2dJhNdCV8NIJFDI3yxq4NfZlfCHxB/Ze8e+LPid4s8Z 2F/piWGveLPAWuwxzSzCVbXwuym8SRVhZRJIB+5AYq38bJQA+7/b48DaY/iW21j4e+NLC88CtG/i a3k062ZtEtJ0WWC7unS7aNopkYsggeWTajsUCgE7Ov8A7cnw38P6/wCLdOl8LeJrzRvAV9HZa/rt rZQS6Xp4mSN0neQXPmvEVkBYxxO6gFmQKVLR/ED9m7xv4rh/aUj06+06NvjHpVjY6QZZZh5Elrpj WTG72wtsUyHIMfmHbyQDxXyr4K+F3x++IH/DRXwd8HXHh208HeJ/E8mi6vf3z3J1Cy3aRYRXktpA kJjuPMgdREJJYtjqWOQeAD7P+Jv7XfhX4Z3/AIhD+DPFHiLRPB8UE2t61pVlBJp1jHPEJgxee4hk n2RsryG3jlCKeTuBWn+LP2vvAXhrxFq2j6d4d8ReJ9N8NJaPresaRYLcadpf22NJolnZpY5ZHEUi SOsEUpRGBYDkD5S+Nv7DvxU+Il94/wBIsV8O+ItO8R2sVt4f1TxDqWpNP4etobOOBbW302KF7TPm IzJcq6upcyMsjAKfWdA+Bf7UXwxuPFOj/CTW/Ddjpvj57HULrUbxriW+0TU0sbayvHtIGtngvY2F uGgExh2sfnUgYIB6t+zZ8c/F3xi8R/FbTfEvh670q08IeKLjS9Pnkjt0hNrFbWzLCxiuJna4DO0r ttCbJY9rZDIn1bXzV8Dvhh8Qvhh47+KR1ybTr/wv4x15vEOn3UU0v9oie5tba2mhuYPJSFVX7OGV 45Du3fdXoPpWgAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiii gAooooAKKKKACiiigAooooAKKKKAP//X/fyiiigAooooAKKKKACiiigAooooAKKKKACiiuK+JV3d WHw58VX1jM9vc2+lX0kUsbFHR0gcqysOQQRkEcg0AdrRX4z+CP8AhNvh18Bf2e/2irD4n+JfFHi3 xlrPhrTtUtdS1ee9sdUttZcQTWK2krmJZrdCSkqjzN6O7lmJI4bSb74qaF+zfq3x/b4qeKP+Eg8S +LbrwlHNd6rJNp2i6Vda/wDY2uUt5cqZoVVxFK7ExiQBcBE2gH7mzTRW8TzzsEjjUszHgBQMkn6C ua8E+NvC/wARvCum+N/BV+uqaHq8fnWl0isqTR7iu5Q4VsEg4yOeo4r85vFngbWvg38dvCfwa8N+ PPFGueEvip4Z8SR6vaaprl1e3tlPpVuk0Wo2t07+fbPM0hiby2VSTwuQCvxt8P8AUviPpfwn/Zi+ CXgGTxRqmkeP9K1bxBqllpPiBNM1C+kso0RLKzvryeMWtrEFMslvC6hgWIAJJoA/oLrkfG/jvwl8 N/D8ninxtqKaXpcc1vbmZwzAzXUqwQoFQMxZ5HVQAOp9K/IWD4k/tB+E/Aut/CPXtc1Hwxaav8RP Dfhmz1C81/Ttb8R6FpWuhnu4bi7tLi4aKWMx7beS4xIEmBBO0FLX7YPwh0PwT4Q1bwRa/F7xBrUB v/Ceox+GtR1e7u76x87WY7OS9F485laCXzDtikUhJ0EsbAgAAH7PUV+OnxIu/i744/ae8XfBHQbT xv4i8L/CzQtCt9PtfD3iy30K7klvbXzG1G+ury5hnvZgwCKxZ1DIWkG5/ni+CfiP4w/tDeMPh38F vjX421DS7TTPB+p61c3HhnXYI5tcvLfWG06DztR0ieRXNvbqrypFKP3xJfoQAD9UPAHxN8J/EseI z4Tnkn/4RXWbzQL/AMyNo9l/YbfORd33lG8YYcHtXoFfAX/BPfSH0Dwh8XtCk1qbxE2n/EzxHbnU blxJcXZiFuvmzOAA0jYy7AYLZNfOWs33xHsL39qL9oOLx34luLv4Savqcfh7RE1OX+x4WXS4nZri 0OVmiRpUkERIRTGSF+Z9wB+xVFfiZ8K9T/aJ8F6z8HfHfneI9OtfGEsEeval4v8AGukahpGs22oW pla5stPa+3xyQHE8EdsgcQqUYMMgy/AvxF8RPh38Q/hlqnxo13xjHd+LdWbT4/E1n4hi8T+C/Fc1 +sv2eJYVlC2IcjNv5cWU2kHC5KgH7XUV+JH9qfETWf2M9Y/bpf4o6/p/xItri71WO0/tSVdCtFtd Ta2GkNpYP2dozGgjw672lYMW9ff/AAt8UPGU3wh/a+1/Xdev7LUPDd5rT2AlvJfN0kf2DBNFHbMW zCEmLFBHj58lfmNAH6cUV+RPg/QfG/x1+OHwx8G+IfiT4s0bQYfgz4Z8SXcOkaxcWcl7qz3csX2i eQFizMCTI33pCqbmIUVqfCSLWfiP8G9P/a38cfGzWvBPiO98QzyyrPeyPoFlbQas1lHo76SJY4GW VEWMsT5vmOH3N0IB+sVFfgpe+NP2lPinp/xc+MWkjxZb6r4Y8RavY6Rqdp4u0vRfDmgx6RIBFb3m m3l3CkgwAbp50IkVgR0yer+K3iH4032v+Lfi14u1PxNqXh6x0zSrsah8OfFNvKng2dNPiuL2G80W O4WK5Hmb5XkaSRJICCG2kYAP3Aor5g+Nfxd1bwt+yL4k+NXw6uxql9B4WOq6beNCFEhmt1eK6MJG AAGEpQjHGDxXydd+H/FXwC1f9nvx94P+JfiLxhc/EbXtN0XX7XWNWm1Gz1W21a0eaS9gt5WZIDbF A8Zg2hUIU7hwwB+qFFfnN/wTj8H+JtT+CHhj47+OvH/ibxd4j8XadNFPBquqzXenwxQ3bpCYreTI EqpEA0pJYlnyfmrjv2h9Q1X4i/H/AMUeA/C93498Wz+FdI08XGkeFdWi8L6Voc94sk6XN9qMt3F9 onljw6KYmWNF6MSQAD9SqK/Ff9m7x58Rv2oYvgx8L/iP471zT9Ll8Dar4ivrjS9Qk06/1q9tNak0 qGOa8gZZmWGBBI4VgXYhn3c49QSTWfFXxV+HP7Lk/wAZ9W8TeFEfxZcX+q6fePp+rX9xpMsSQ6Pc 39vL50klkk7Gd0ZDKFUsoINAH6sVyXjvxpo/w78H6r438QJcPp2jQG4nW1ge5nKKQDsijBdzz0Az X5BaR4s+Ifgjx8nggfEnXvEGnaV8eNC8Ppc3upzzSvpcujTOdPnfeBIgk2rKrDEkqb3Bck16D+0/ 8UPHGj+Lv2obHw14r1KwXwv8P9CubOO1vpohp97NPOzywBHAhmeMpudMMRjJxigD9Y7aeO6t4rqL OyZFddwIOGGRkHkH2qavyMI8fa38Zv2h/iZd+OvE0lt8GNM0HWNB0C01WeHTZ70+HI72VLq3BxLF NJEA0WVVi8hPLk1458JfEP7S1lpHwd+NMTeJ3vfF+r6U2sar4h8aaO2ga1Zaof39raaVJeqIZQpJ tY4olmQqVKE/KAD91qK+LP27tW8Y6X8I/DsHgbxHfeFNU1bxf4c04X+nTGGeOO8vVifkcOpB+ZHB RhwykZFfF3x68YfEv9jrxJ8VPD/wy8aeIPENo/w2t9fth4h1CTWJrLVZNbi0uS7hkud23EMxlZPu F1yVKgKAD9pKK/GzwBoP7QGg/EjwN4S87xb4c0T4h6Zq2m6zc+JvHOl6rcX7yWLPDqWjwxX73EVz byFXY2i8RleBt3HyvTf2pfi9c3/wh8Q6h4kvLTTPgTHZaf8AE5Wupdk91qGrP4fc6h8wErxpatdg yg4Mm8YJyAD956K+TP2NNY8V+NvhNe/FvxZqN7eN8Rdb1PXdPt7uaSUWGkzzmLT7aBXJEcX2eJJA qgDMhJGSa/K34rfEzx+vw31z9pP4ba78QtaWx8QCW08X3esQ6R4akgOqLa/Y7PQftcrT2uMw/wCp BYgyPgArQB/QLRX5q3ej63+0B8YPjyvin4meIPAll8L5bPTtFh0jU5NOg01X05bt9Uu4onRbne7s VEx2eUpT3HEfD+DWf2l9d+KepeKPjZrVhY/Diz0iy0XUtAvpNHsgsmlJePr1xbQS7JxcyO0irK7R iIFBxyAD9YaK/FHWfGvxh+OHx21rwJo994p+InhvwR4Z8PSWVx4L8QWfhJNQn1S0E8msyia6jebe /ESI7xRleR8w35FvrX7THxJ8M/DObxXqV749/srRNUGr6D4K8bWGna7K0Gotb22tO+nXLJeosSLA yJLhbkOThsqQD9iPiJ8Lfhz8W9B/4Rj4m+G7DxNpauJUgv4EmWOUAqJIywzG4BIDoQwBIzzU3w/+ GvgD4U+HY/CXw28P2XhvR43aUW1jCsMZkfAZ2CjLOQBlmyTgZPFfkvqnin4g/Fj4ZfBlvhx4q8Sf EPTdPi1yPXvD/wDb0XhLxpqElnMIUml2S7rj7AQ0cqpL87FHJZmyv3Z+xf41tPGfwZeKHXNf1y68 O6vqOkXg8UxqmtWNzay5ayvHR5BNJArqvm7iXGN2GyAAfQvhXx34S8bz69beFdRTUZPDGpS6PqPl hgLe/hijmkhJYAMyJMmSpIBO3O4ECz4z8WaN4C8H67468RyNFpPhywutSvHRDI629nE00pVByxCK SAOT0r8TtFs9d+G+lfEfSPBPjHXdCfx18eF8D32qNqlxNLZaZcw280t1EZ3dEvZCBD9qIMmGUFvl XHrHxq07xD8EvEPxV+Cfh7xZrPibwZ4o+DvinXJrDXNSm1a5029sontxcRT3LNKkNwJNpj3FTICw xjAAP1j8M+IdM8W+G9K8V6K7SadrVpBe2zMpRmhuYxJGSp5BKsMg9K26/C34WfHL4sad8OPHfjHx zfaj4Z8afC/4c2N74O8Jx3LDSptHl09Fj1uZInCahL5n+sSVSltgLt3nKdZ8Gb39ojwn4r+CfjPZ 4nhtfGt1aQ69d+KvGukahpmvW2o23mNNp+nm9Mkc0RxNbx20e8RAoQ/IIB+01FfhXNb/ABNsP2Sv FP7V5+Kvi+Xxh4W8T3o0y3fWJ20yOzt/EH2RrWa0J2To6M+TLuIGxBiNAtdJ8Z9b+JvhP4h/Ej4n +LfEXi6+8KaP4gAsfFfgfxDDe6f4btrYwB9N1Lw75saFouRdGRWLb8kZHzAH7YUVUsL221Kxt9Rs pBNb3UaSxuvAdHAZWGecEHNW6ACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi ivEPGPxcn8MeLR4fj04TwQ+X5rliHbzAG/dgccA985PHFfM8VcX4DJcPHFZjU5YSkop2b1d+yfRN /I2oYedR8sFqe30UUV9MYhWD4g8VeF/CcNpceKtYs9Gi1C5isrZ724jt1nup8+VBGZGUPK+DtRcs 2OBW9X5G/trX0Hxt+M83wY/sDxB4g0j4feG7y+eTw/p8uoG08U61EYtKkuBGRsNrArzoc5zIMeoA P1qlu7WCaG3nmSOW5JWJGYBpGVSxCg8khQScdhmi1u7W9hFxZTJcREsu+Ng67kYqwyMjIYEH0IIr 8jdG8aeMf2jfiL+y745tfF2oeD9euNJ8V6fq1vb2li8ljrGlxQQ6iDHd28pVpnG0o4O1AhQKxZm4 z4J+N/iJ4P8A2dfgt4A8L/EDXft3iS21nUmsPD+g2Wq66LSCcQxxwGaAWdvaRzFnkmusys8gRHCr hQD9rayf7e0P+3P+EY/tG2/tn7N9s+xecn2n7Nv8vzvJzv8AL3/Lvxt3cZzX5X/Bj49ftBfHeTwP 8IpPGMng/Wpf+ErudX10abp76ldQ6BqUdhBbJAwnsYp2E2+4MayKNn7s4JJ8t+K/xy+Kfwq+NFlr lvrml+K9ebwR/YmreMNMhW40vRLf/hJXtpdUu7WIkGS1XastuvyrNu3YjUrQB+3FFfP3xeHxT0T9 nfWb74W+I31TxtoulpfWeoTW9rI2py2YWd0aJIhAPtiI0Y8tFC7wUKkA18LfE79tP4iazoPiv4qf BG7D+D7Wz8K6Dpw+ywXQ/t/xK8V1cXOX2FpLGzmhiELSrH58h8wHGAAfrVVe5u7WzjWW8mSBGdIw 0jBQXlYIignHzMxCqOpJAHJr8lbn9pL9pP4YaF8QtM8QNql/5GnaNNomq+LtN0zTr2yvdV1SLSpf PtdMlMc1rH5yzxSMqfMjxMWABqf9pTwt8YtI1DwH4D8UfHFPEEkvjPwXd2qix0u21y1muNTMDXTW yW5ia1SUK9uzJjzFaOTzVoA/WuivyW8UfHH9omL4Z/FP9pvSfH8Nlpnwx8TX2j2/hKXTrNrW9s9I vEs5VvLkx/aku7rO9fKdVQlVVSG4+kPgVrvxq+JHxr+Juva945kh8F+CfEtzodn4dXTrNfNQ6fbX GZ7oR+fmJ7hSgVgchgxZSAAD7Zrk9R8e+BtIur2y1bxFp1lcaYbRbqKe7hje3OoOYrQSqzAobhwU h3Y8xgQuTxX5vftR/HT4uaH4w+JkPwv8Z65Gvw80iG7Wx8PeH7G8sbK5W0a8c65qGqKECum1hHay B1i+bDSYWvGPiL4lvPGl18SvGOookd3rtl8Db+ZYwQiyXWqySsFBJOAWOOelAH7aUV+Tni/46ftC n4dfFf8Aaf0Tx1Bpmk/DTxRqGk23g99PtHs7qy0m8S0kju7pkN2l3c53p5cgVCVUKQ3HO+L/ANsD 43eC9UsfBE+pLc6v8PPF+o3PjWWW1to55fBsN7YrbO0axBIme11aFg8YU/6O53H5twB+wtISACSc AV+SOsfHH9pvxfp2j+OPC2saw3gzxNqfiS/t4vCenaRqPiG20e0uo7PSXFjfIWntJPLknlkjWSUm VU3Bdin650Hxfqnxd/Y3m8V6d4y+26lqnh68365YWC2bPcWyyRzkWd0sixPvjaORGUhW3bcfKQAf RHg7x/4E+Ilhc6p8P/EeneJbKyuHtJ59Mu4byKK4jCs0TvCzKrqrKSpOQCDjBFddX47fsyj4w61o /wANf2fvh/8AEeTwPp1n8NdF8Yz30GkaXPe3VxqwEMVsqSW/lNa2vlfPKyGeVm2ySkndXT/A/wCN n7SH7Rnj7wP4fTx1F4QsIfDF1q2sPp2m2d0mqXeleILnSWaBrlHMUN3HEHYqflIwgGSSAfrFXJ2v jzwNfanHolj4i0641Ga5urNLaO7heZrmxAa6hWMMWMkAYGVANyAgsBmvnT4+eMPiLdfFv4ZfAz4f +KD4GPjSHWtQu9YjtLe8ujFo8cBFrapdpJAHkM+92ZGKonyjk18FfCDxh468D+LE0mbWbPWdUfxn 8V2vNTGn2u+e703T4ZEnh3I5ti0gzIkLBW+425QBQB+1lFfjo/xr/aj0L4a/A5tS8can4j1348wx 6lJNpGh6U17pNpa6cL2S30+CURQSzXAkj3vcFggSRo05Cjq/B3x1/aX8V614a+AGs6zc+Fdb13xL qtkvia/03Tl1c6Rp2mrqASSwieayivnd/LyV2+WPMEeaAP1Ylu7WCaG3nmSOW5JWJGYBpGVSxCg8 khQScdhmrFflteaV8Sb/APar+Bth4k+K8Hia90C88YWck+lW+nhjFZxWlw1vfxrAwhu5oJUhuVj2 BUVHiETuzH678Z+P/FWj/tPfDL4dWN8IfD/iPQ/El3e2xjjPnXGnvYC3YSMpkXYJpOFYA5+YHAwA fR1Ffk1q3x0/aP8AE/hnS7/wrrOp3mnr4v8AGllqb+GLLSLvxCNN0q+aDTBZ2N8ojngjXi4dI3mI 2c5Yk89N+1R8ZPHt98Ofht4C8T61qlxd+HNS1nWdZ8N+HbL+17m6s9RbTlt307VnWG18hlP2raGJ faIwkbZoA/Yaivlj4AfFbx34i/Z2m8efF0W+k+INCXVY726uFjihZNNkkCXU8VtJKsJaNFaeNHOx g4XAAA+FvCH7SXx8sfHHw+kvfFXiDXtF+IGl69LLPrHh3T9H0p57LSJ9RtrjRgFS+aINGoH2lGV4 2DMdxAAB+yFFflt8L/Hv7S0i/s/a74u+J7axF8dNJu0urX+yNPgj0u4bRJNStLq1aOIO0iPH+9WU vG5Y4RVCqMS1/aH/AGj/AIs+EtC+G3w21pdF+KfhDw/4kvPGUqWVrOTquiGTTLK2Ec0TxJ9vvVM/ yICI0wuFJFAH6yUV+NGqf8FBfHU3iHWvHuhSRS/D/WfCb2HhuCOKJi/jcafY6isRdk8xs/bxbmMs V3Qt8oIJa78bfjz+0N4L03xzc+G/iDrOsar8LtMskvBonhvTpdFXUbaximvjrN9fRxKZJnYuYrFl 8qNlCo0nFAH7FUV+YPiz9pX4w+Hbvxn8Jxqif8J141ufDc/gC4a1g2w2fiZRFMPLCbJU0uSC6kLS h2ZQvmFh0/TmCN4oI4pZWndFCtIwUM5AwWIUBcnqcAD0AoAlooooAKKKKACiiigD/9D9/KKKKACi iigAooooAKKKKACiiigAooooAK5bxzpF34g8FeINB0/b9q1LT7u2i3navmTQsi5PYZIya6mop54b WCS5uHEcUKl3ZuAqqMkn2AoA+IP2ZP2J/hf8HvCPgHWPEPh5JPHnhrToBNIb+7u7G31NoQl1cWtt LKbaOSQ5zJHErHrwSSfomx+BHwk0/wCGuo/B6Hw5BN4O1Z7uW6064eW5ile+na5nYtM7uC0zl1ww 2HGzbgY+NPBXxl8S+Ifh/wDDb4z+MfEutaQnxf8AiLaxaRp1hFbzQw6VIl1FYafcCZ1CQTw24uLm WPdKZWAC7eF6yL/goZ8NJbKXxN/wg/i+Pwfp+rNoup+IX06AaZp92Ls2g81xcl3QvtJeJHCh0BxI SigHv/wu/Zk+Cvwd1a61/wAEaDImrXlqLF72/vrvVLlbJTlbaOW+mmeOEHH7tCqnAyCQK4tf2If2 Zo/BEPw7h8JPFotnqUmrWSpqV+J7C9kVUZ7K4+0edbKQi5jidYzjlTWP8ZP2t9B8Eap4z8F+F/C/ iPxXf+DdOFxrmoaJZxT2miG5gaWE3DSzRu7qmJWSFJGWP5iMjbXl/wAIf2w3sfhD8JdA1XRtf+KH xN8T+FrbXb2z0O3t5biO1J8try6eaW3hiR5MonzZZuABkGgD6d0/9mH4D6b8MNW+DkHhG3k8Ja9M 1zqFrPJNPJdXLFSbiW5lka4acFFIlMm9SoKsCBXL2P7Gf7Oll4N8UeBX8MSX2m+MzbHVpL3Ub67v bn7E4ktc3k073CCBgDGEkUKeRyTnk9W/bm+E1j4M8EeMdJ0bX9ebx5qV1otlptjYo2pQarZq3m2V 1byzRmKUSL5fUqCQxYR/vKun9tb4W6Z4Q8Wa/wCM9K1rwxrngu8stP1Dw5e2sb6y15qYzYxW0VvL LHP9r58lkl2kKxYqqk0AdP4v/Y9/Z88c/wBgS+I/Ds8t34a06PSLS8h1PULa9bTohtFtcXUNwk1x HjORM79WOcsc6/ij9lj4D+LfDPhnwlqHhdLKw8GRtFozabc3Om3NhG67ZEhubOWKYLIB+8G8hzy2 TzXl8v7b/gTRNF8YXfxA8H+JfBut+DNGXxDPomqWtsl/d6U0gh+02nl3LwSKshCOGlRkc7WFbvw9 /bB8H+O/H+i+AdQ8I+JfB8niuyutQ0C+12xjtLTVrayQSTNAVmeRCsbCXbMiHyyCQCQCAey/CX4L /DL4F+HLnwl8KdEXQNIvLyS/lt0mmmVrmVER3zO8jDKxrwCF4zjJJOhoPwr8AeGn8WNpGjxovjm8 lv8AWkleS4jvbiaFLeRnjmZ0CtEiqUUKhA+7knP56/G39uC41/wj4ZvvhHofifR9H8QeLdG03TvF ctlAmk6nD/aKRXUcTGV5ljmiWTy3khQSANtIIGfd/FH7cfw88Oav4n+yeFPE2veFPA962na/4n02 xjm0jTrqIqJ0ZjMs8ot9w88wwvsHPIoA734dfsffs7/CnxPa+MPBHhT7JqWm+eLAz3t5eQ2AuQVm FnBczSRW4cMQ3lIvBI6cVD4R/Y4/Zz8DeMLHxv4a8KfZ7/Sp5LqwhkvryewsbiXO+W1sZZntYXOT hkiBU/dxXOeNf2yPCnhr4haj8LvCngnxR4/1/TtNstYZfD1nb3UD2F6rOsyzSXEa4UKBhsM7OojD /MV8ptv2zdR8efHP4I6X8L9D1fUvAHxF0jUb6eVbW0VnkSWK3DO0s4kjTT3Lm7CDPK+X53SgD3i6 /Y2/ZvvfGc3jq58IK97c6gNWmtftl2NMl1EEN9rfTRN9jabIyWMJyeTk80ePf2Nv2cPiZ4w1Txz4 08JfbtU11I01IJfXtvbXxhTZE9zbQTpBK8a8K7oWHBzkAjvvjR8bPCXwN8OWOu+Jre91O61i+h0v S9M0uAXOoajf3GTHb28RZFLEKzEsyqADkjjPxR+0F+3Lf6X8C/icngzwt4h8IfE7wpaW/nafqVrZ i4023vwVi1TIuJIJrVSPL3xNIyysgaPBzQB9z+GPgx8NfBviTT/F3hrR/seraX4ftPC1tN9ouJPL 0axkMsFtskkZDsck+YymQ9GcjivN5P2Pv2d5PiCPiYfCm3WBqQ1kxLe3i6e2qAhhenTxMLQz5G7e YslvmPzc1P8ADO+8U+A/2dV8QatF4q8S65ZWV1evba/9hk16WVS7CJlt5EtRnH7tRLwhUM+7Nfn9 4M/bT+LV7b/syeLfFGjeIdRl8a2viqLUtK06ytGm8QXNtb2clpcWkUcoRbeNpnw0jwlQkjONoDMA feXiv9jP9m3xt4z1Dx54k8HpcalrEsc+oxpeXcFlfzREFJLuyimS2ncHnMkbbjy2TzVr4hfshfs+ /FHxTd+MvGXhl59S1KOGK/8As1/e2UOoR26hIkvILWeKK4VFUACRW4AU5XiuV0/9tf4USfCvxD8T 9e07WdBm8LauPD99oN5Zr/bI1h9gis4beKR0lkm8xTGVk2kZLFQrY7T4T/tIaF8TfGN/8NtY8L65 4D8YWNhHqq6T4gt4YZ7jTpH8oXUDW808bosmEkG4MjnaV70Ae7PoOiSaG3hh9Pt20drY2ZszEv2c 2xTy/J8rG3y9ny7cYxxjFeB/Dv8AZG/Z++Ffiez8YeDPDDQanpaSx6c11fXt9Fp0c/Ei2MN1NLFb BuQfKVTglfu8VZ+Kf7R2g/DbxpY/DTSPDGu+O/F15YPqr6X4ft4ZprXTkk8r7TcPcTQRoruGSMby zspUDoa+TvGP7Uy+MPGMXijwV4k1XSvAV78KPFmvzR29tENQtL7S7iOJpVgnIUXdriRVjdwhcYJ2 ndQB+gnw5+HXg34S+CtK+Hfw+0/+yvD2iRtFaWvmyz+Uju0hHmTvJI2WYn5mJ59K8v8AiF+yt8C/ il4tm8ceM/D8lxq95BHa3klvf3tlHf28OfLhvIbWeKO5jXOAsqsMfKfl4rzy4/at8OeFdO8B+C9B 0LxL8TPGHiHw3Za6bLS7W2a/TTnjRftt+ZJ4reEyuSNqyNmT5V4waztR/bx+FEWl+A7vw74f8SeJ tR+Ib6tbafpWnaej6jDfaI0S3lndwSzRmGaMy5OSUCozlwu0sAd3f/sbfs533g7w/wCBY/CrWGl+ FJrybSGstQvrW609tQkaW6W3uop1nSKV3JaISeX0AXAAGpqf7JvwA1T4faB8MH8Kra6H4Ume50k2 l1dWt5ZXEhZpJor2GVboSSMxMjGUmQnL7q+Vfin+3Tq83hPwlqfww8IeIbHWR8QtL8LeItLu7KzF /a/vYnmsdstz5Xm30ThbaRGKEbiXiIDV98+NPiL4f+Hnw71P4m+Mln03StHsTfXcbR+ZcRqF3GPZ GWDS5OwKpILcA45oA+O/hf8AsP8AgHR9N+K/w78d+HLe58CeJ/EttrGiW0d7ctcQrb2kMazm5Di4 juBMsjb/ADS7biSx3EH1/Rv2Mv2btC0TxR4fsPCbfZvGtjHp2tvLqN/LPqFvFI8q+dO9w0pk3Of3 oYSYwu7aqqM34fftaaN4y+I+h/DDxL4B8UeAdU8V2dzfaG+v2lvFFqEVoiyTqht7icpKiMHZHAIH XBIB4LwN/wAFAfhr440bw/41TwZ4r0XwN4jvotLg8SahY20emR300nkrFK0d1JKqeb+6MwjMIk+X fwSAD6x8NfC3wH4Q8ReJfFfh7Sxbap4w+xf2rKZZZRc/2fbLaW2UkdkQJCoT5FXd1bLZNeP+DP2N P2bvh/4utPGvhPwetnf6dcyXljE15eTWNjcygh5bSylme2gc56xxrt424xXnF9+3n4BtL3xnJD4G 8XXnh74daxeaL4i12Cwt30/Tp7KYwyyEi586WIYEjGKJ2SNlZ1XOK8r8bfH3WrDUf2mdQ1Lxlqtl 4Y8Jaj4EXRrnRYbW5ubSHWLexeT7Ms7RxulxJN+8LvwjsU5AFAH6CeO/h14N+Jem2GkeNtP/ALSt NM1Cz1W3TzZYdl5YSia3lzC6E7HAO0kqejAjisnX/g58M/FXiu+8beJNBh1PV9S0OXw1cvcNJJFN pE03nyWr25byWVpOSxTf23Y4rwzx9+2Z4F8D+IPFOlWvhXxJ4o0rwGyp4k1nR7GKfTtJcxiVkld5 45JHiQh5hDHJ5anLYORTPHn7ZHhfwvret6P4P8EeJ/iHF4XsrXUdXvdAtLeWzs7a8h+0RfvLi4g8 12hxJsiDYXqQcigDt/hZ+yd8Bfgzr8fij4f+G2tdUtYJLS1mur68vzZ20pBeG1F5NMIEYjkRhc8j pxWhcfswfAi7074haTP4Uia1+Ks4ufEqCe5H9oTKSQ5IlBiIJLDySmGJb7xJr5Vuv2xNZ8VfHnS/ Dvg7TNan+HGu/De58SQ3tpaWfmLLPLAyajmedZBFbRloGjwG89sGN0AkX0Lw1+1h4c0D4cfCrStJ 0/xN8T/F/jfw/Dq1pZ2tpajVprJI08y+vwZ47W3BZgpIlIMh2pu7AH2V4c8PaN4R8PaX4U8OWq2O k6Law2VnboSVht7dBHFGCxJIVFAGSTxya+WtW/YN/ZV13+0YdX8Ftc2OpSy3D2J1PUVsIbidi0s1 tarciG3lYk/vIURhztIyc89eft7/AAit/Dfh/WrXQfEl/qWva3e+Gzoltp6Pq9lrVhEZZLG6tjMu 2U/KqlGdMsCzKgZl6LSfjDd/tJ/D/wCJPgr4fwa58NfiR4TVLeS01SKKC9sb6WIXVhI3lyTRSW8+ 0Zw+Hj3AgAgkA674l/slfAP4u+IG8UeOfDkl1qc9tHZ3c1vqF7ZG+tYfuQ3otZ4hdIvbzg5xxnHF VvH/AOx9+zv8S9Ui1jxR4U23CWcGnSiwvbzTY7qxthiG2uY7OaFJ4kAAVZFbCgKPl4rtP2e/itH8 cPgp4P8AiqLYWc3iGwSW5gH3YbuMmK5jXJJ2pMjqM84AzzXslAHzp8RP2TvgF8UdS0nWfFfhcLf6 LZLpttcadd3elyjT14Fo7WM0JkgAyBG+VAJwBk5j8Vfsk/s/+LtG8NaFe+F/7Pt/B9s1lpL6VeXe lz2trJjzIVns5YpGjfGWVmbJJb7xJr6PooA+bdZ/ZF/Z81rwZ4a8Bt4VGn6X4NMx0dtPu7qxurFr k7p2ju7eZJ90x5lLSEyHl8nmvVPhr8L/AAH8IPCkPgr4caRHo2jwSSTeUjvK8k0zbpJZZZWeWWRz 955GZjxk8Cu+ooA+dNV/ZM/Z+1zUvG2p6x4TS7b4iBDrkMl1dG2upUZGWcW/m+VDOGRWE0SpICMh s5Jd4V/ZS+BHg7RPFWhaT4dkmj8bWEmlaxcXt/e319d2EsbRNbm8uZ5LhI9jkBY5FxwR8wBr6Joo A8Z1D9nv4O6pqHhHVL/w5HNdeBtPl0rSXM9wPK0+eAW8lrMBJi5heIbTHcCRepxuJJ474c/sf/s8 fCjxRaeMfA/hU2mp6Z5/2Az315eQ6eLkFZhZwXM8kVuHBIPlIvBI6cV9L0UAeJy/s6/Byf4V6j8E 5fD+7wXq1xNd3Vh9ruv3k0939ukbzvN85c3Hz4WQAfdAC8Vx/jL9jn9nTx/4wvvG/irwobq/1aaK 51CFL69hsb+eAKI5LuyimS2nZdo/1kbbv4t1fTlFADVVUUIgCqowAOAAKdRRQAUUUUAFFFFABRRR QAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAVlXWh6Ne3sOpXljBPdwY8uV41Z1xyMMRng8j0rVorD EYWlVjy1YqS31V9Vs9ew02tgooorcQVxHhP4c+DPA+q+Jdc8Maf9k1Dxff8A9p6rO00s0lzdeWkI YmV32KsaKqxptjUD5VGTnt6+HfiR8aNW0L4pfFLxVGk13oHwB8HjVZNMiuntk1PVdUhnucTMqsu2 C1tQse5WCtcM+0lVwAevSfssfAt/E8PjKLw7Ja6zb6/P4njuLfUL6Arq10sa3EwWOdVCziJBNFjy pNvzoec83F+xZ+zpa2drZaZ4fvdMSwuby5tnstb1W0mt/wC0PL+1Qwyw3aSR28vlqWt1YRA5IQEk nxbXf23/ABh4YsPCWn+Kfh9pfhvxT45S41DTLPWPFNtZWUWjQxQyLdXt89uVhmkebyltkSViysdw UAna8O/tuzfEbQPCVn8KPBK+IfHfia+1ixm0h9XgisLBtAKLfTPqcUU6Sw5mh8h4om84SAgLggAH rL/sbfs5Dwxp/hCx8KNpmn6Pf3Wp2BsdRv7O4srm+wLk21zBcJPDHKFG6JHWM4HycCuz0P8AZz+C nhtVi0bwrbW8I0Kbw0Yd8rwPpNxM1xNbvE7sj+ZK7O8jKZGLHLHJr5I/Zh/aM8b6h4t/4QX4haPe Lq3jXxv42txHeaj9pbQ49Ejt5hZRnYyyxAyFE2MiADcoIOB6LP8Atea3quuyeAvAPgP+3PGdx4o8 QeH7Kym1NbS0a18OCI3WoXNyYHMKZnjAiWKRiWwGNAH1p4I8F+Hfh14R0nwL4RgktNF0O3S1s4Zb ia6aKCPhE824eSVgo4Xc5woAGAAK830n9mv4G6J8L9W+DGmeEbWLwXrk89zeaaWleOWe5kErybnc yKwdVKFWHl7V8vaFXHyR4o/aA+PV/wDGTwZol94Mn8J6PdeGfFdxrGlzaqIbjz9Mmghe5gmS0fzF iRle1dWCyiYsQjRgNteAf2pPHet+FvBXg34J/D268f6xa+CdD8Raw+seIFt5baLUrfdawSXr2rte XswjdmcxxKx+YkZIUA+jPDn7LPwK8MeHfEfhe18Nf2hZeLraOz1ZtUvLvU7i7toQwihe4vZppgkQ Y+WquAh5XB5rBh/Y2/Z3i8Lan4Rbw3PcWury2M09xPquoz6hv0xzJZeXfSXLXUQt2J8pY5VC5PHJ z3/w2+M2h/FT4Kab8bPCen3lxY6np0t9HYBAb3zYA6y2oTO0zLKjRAZwWHBxzXyTov7fUWm+Kl0P 4r+GNM0C2n0DVdfA0jxHb65f2UekW/2qe21G0jhhNvM0W7YA7qzqUBJBIAPoHUP2P/2eNV8XHxtq HhUz6hJcW97PE99emxury1AENzc2Xn/ZriddozJLEzMeWJPNez+FfAXhPwTd+Ib7wxY/Yp/FWpPq +pN5ssnn30kMUDS4kZgmY4Y12ptX5c7ckk/Cej/Gv46eM/2kPgfZeM/B1x8PvD3iTT/EN/FBBrQv 4tQiFlFJDHewxxQrHPb5DhT5ijf8r7lbHpX7YPiXxZ8FtK0X9prwzrs6WHgaZIdd8Py3ZjstZ0q9 kWJ1jhdhEL+F2D2zgBm5jJYELQB6R47/AGUvgT8SvEmq+KvGPh+a7vNfjij1SOLUb+1tNRFugjhN 5a288cE7RIAqNIjFRjB4GLy/sxfA9NPuNL/4Rwtb3Vv4ftZVa9vWLw+FpPN0lSxnLf6O/Oc5k/5a lxXxr537RvxB/Zi1D48eEvEGp6p4g+Jd/pmqPpXh6+R5NI8LLKBLY6N5pEA1EW27zpsK7zFlHKJS fBLxXdXPifxn4Y+C3xI8VHxC3hW8lg8GfEmO8bVrXWVOLO/hm1AZNvvOyeNHkjywY4G0UAfXGt/s lfs++I/HNx8Q9Y8KifVby8h1G6i+2XaafdX1vjy7m409ZhZzTLj78kLEnk5PNdPrn7PXwb8Sa94z 8T614aiudU+IOkroeuzmadWvNPRDGIiFkAjIU43xhH4X5squPzh+Dviq90Dx58ONK8YfEP4h+A/i Ve31tba3pfj0XN1oXiF3jK3dtpr/ADWMcjyc2jwyIcALsYnFffXx4+OHiP4Taz4D8L+D/B3/AAmW t+PtQudOtLc36aekUlvayXXmSSPFKPLCxneQMquSocgIQC94i/Zi+Cnibw94V8M3uhS2dp4Is/7P 0aTT9QvdPu7Oz2JE0CXVpPFOyOkaBw8jbsZbJ5r0bw78N/A/hHwDB8L/AA1pMWneF7a0eyjsoSyo IJQwdd27eWfcxZy29mJYksSa+L5/2ktT8aHwfZ+JfD+o+E/Eul/EefwjqVlputZtRdwaRcXqyPKt uv22zkiZGETJCfM2sTmPDcP+yZ+098WP+Fb/AAN0z4seEJ5dG+IUf9k2fii41kXt/c6jFbzTrJd2 rRblS4ED+W/nu3ALKM4AB9ZeJv2TfgJ4s0bwtoeqeHZYYPBmmpo2lS2eo39ldQ6bGixC0a6tp455 YSigMkruDyT8xJru/CPwV+F3gLWdO17wb4fh0i80nRk8P2pt2kSOLTI5jcCAQ7vL/wBaS5kK+YST ljk1+Ymm/HPWrnw7D4ni1TxKvh9fg9441mSyk1+R9Qe60/V4oUnW/wDJAW5RN6wT+QWiVgAGAOfo HUf209W0X4gj4V+GfBttrVxo1jocs8WoeI4LDWtRXVLeKbfpdpcQBb/yFfErmaLdIGUAEcgH138U fgz8OfjLp+n2HxB0tr06RcfarG5t7m4sby0nKlC8F1aSRTxllOGCuAw+8DgVw/hf9k/4AeC7TTrH wz4VFlBpMmqTWyi9vZNkmtQLbX7EyTsWM0SKp3Z2n5l2sST8/wDxB/bc8ZeCLj4ia3a/CmXWPBnw t1630TWNSh1eNbuU3It9r2dk1v8AvXU3Kb42lQAFcOcts2Nf+LvxR+Ifhj4n/D7VvDr/AA3+JHgL SLHxRpYs9VOowXKlp7i1SWSKKDKNLaNBdQlWRkYhS4OaAPoXxH+zr8HfFfw68O/CrWdAL+HfCKWi aMkV1dQ3Wn/YYvJt3t7yOVblHSMbd4l3MM7icnOBcfsn/AO58CxfDtvDJTS4NROsxzJe3iaiuqMM NejURMLz7Qw4aQzbmX5SSvFep/DHxvZ/Ez4b+FfiNYR+TbeKNKstUjj3bvLW8gSYITxkruweOoru KAPn62/Zb+Btjb+EoLDw61o/gjUZtW0qeG+vY7mO9uXD3Es1ws4luTOVHnCdpBIAA4I4rpPip8C/ hl8Z20afx/pk1zd+HpJpdPu7S9u9Ou7Y3ChJ1juLKWGUJKgCyJu2sAMjIBHrtFAHzQ/7H/7PS+FN J8G6d4Zk0nTtBvLy/wBObTtRv7K6s7jUG3XRguoJ0njSU8NGriPAACgAATan+yP+z9qfhvw14WHh htPtPCH2j+yptPv72wvbYXbF7kC8tp47l/PYlpd8jeYx3Nlua+kaKAOH8M/DXwJ4O8CQ/DHw1olv Y+FoLeW0XT1UtCYZ93mq24kv5hdi5YksWJYkk14lov7F/wCzloOo6Vqtl4bupLrQUli017nWNUuf sFvPBJbSW9sJrpxDA0UrKYUAj6HblVK/UtFAHlNv8GPh3pdh4FtdI0ZU/wCFYQmLw0r3NwVsh9ja wAY+YTKPs7GMmXzDzu+/g15j+zp8FPEPw/174h/FT4i2+k23jj4m6nDeX8WitLJZW1tZQLb20CSz RxSSN9+WVyi7pJDgYAJ+pKKAPniy/ZQ/Z707w9oPhWy8HQRaV4Z8QDxTp0AnuSINYDM4uMmXcwyx /dOWixgbMKoFPxx+yL+z/wDEfXNc17xh4bmvJPE+06rbx6lqFtY30iRCFJp7OC4jt3mRFASUx71I DBgwDD6TooA+RLL9n7WdU/aO8N/FDxNZaTa+F/hdo9xpXhOO2muLnUpWvo4YpJr6SdAFEEaPHEoe UsZGkZgeD9d0UUAFFFFABRRRQAUUUUAf/9H9/KKKKACiiigAooooAKKKKACiiigAooooAKwPFmiN 4l8Laz4cWU251WyuLQSDOUM8bR7uOeN2a36KAPyf+Ffg7xz8Sv2bP2bPDmiaWJda+D3j3TrbxRam WKF9OXw8l7Z3JcSum5hvicKm52WQMFIyRt6h+zl8YZv2A/G3wUh8PA+NdY1rULy2sPtVqPMhn8Qf bY387zfJGbf58NICPukBuK/SHRvCHhrw7q2t65oenx2V94jnjutRkjyPtM8USwLK6527/LRVLAAk KM5wK6SgD879e8IftBfCLx98ZIvhr8P18faP8XJU1HT71dStbMaZqElktnPFfpdOrtADGJUaEOdp 2Y3EY+U9H/Y2+J3gm4+HHjPxV8Mr34gQp4H07w7q+jaV4mOiahpWp2DsyyrPBe28FzA6tsZRK21s uOB837eUUAfi3rfgD4g/AE/s6/2B8PdPh8W33jjxBq7+GrHVLi4VhdadMrxtqOp3M4kuzbLuaTek LTdFUEseg+MX7Knxw/aIbxn8a9a8LR6Br0+r+F73RvCdxqixT3dh4cW4Esd3f2MvlwT3f2t/KMcm YSiguCd6/q/rXg7wt4i1fRNf1zTIL3UfDk0lzps8q7ntZpY2hd4j2LRsVJ9DXS0Afi7r/wCyb4/8 aeDviXqfhH4Lv4Gv9R8Iy6Lpdvq/im51rWr2+ubhJJkWabU5rCC0VYxjzFDs2GDKMrX2r8V/gz4w 8a/Fz4EarZaef7A8K2Piaz1u5jmhjazGp6QtnBtUuHctJlR5QbbjLYHNfZtFAH5C3vwv/auPwP8A h5+y+PhfFcQeAdd0NrrxJHq1gtle6XpF+kkc1rbvKtwszRqHkSRVwFfBZnVa4LUP2NviF4YvPiL4 FX4PP8QZPFGtajf6N4ik8X3umaKtnqcm8xarptvf28rNBuYP5MZMw4BGCx/beigD45+C3wX8UfDn 9oPxr4in0uO28LXHhTwroumXMUoaOSTSY7iOeNI5JprlFQMmDMSWBHzuQTXzB8FvgT8ffhFP+zfr V54HfU38JQ+K9I1+2h1CxWXTYdd1MTwXeWm8uZFiG9kiZn/hxu4r9ZaKAPkz9qT4cfELxLd/Df4n /C7TIfEOv/DLXv7V/sea4S1/tG0nt5LW4iimlxEk4WQNGZCFyDk9M/I3xr+BHx//AGhrD4w/FG48 Bf8ACLazr/guz8IeH9Bn1Cylv7tY9RXUJ7m6mjlNrF83yRqZiQqnO0nB/WyigDKvbKW80S401SEk nt3iBPQMybecV+Xv7OvwS+POjaz+zVD488CP4fg+Dln4t0jUrltQsbmORb61tUs7qFYZmkKTuJE2 7dybCXCqyk/qvRQB+S/xp/ZF+LHxGh+L19Y6NHNNP8QtD8YaJZS6gLRNatdM0+O2nt/tNvKJbRpN 0io7mNg6qwKjDj1P9mP4E6nofxlufinefCV/hpp9nop063Or+JL7xDrVxczzB51Vv7RubSK0UIMB ozI7YcFRkV+itFAHw98QvDfxj+F37SepfHf4deCJPiPo3ivw3a6LeWFpf2tlfWN5p88ssEqm9kjj e3lWYq4VtysN2COvinjn4KftRfEi4u/FnjrRLK58Q6x8JvGOgTx6fcW8Vvb6tq8qvYaepkmy5EQC PP8A6ospJZQRX6mUUAfj54y/ZP8AHmk+O/A/xJ1P4cX3xI06TwLo3hzVNJ0rxI+g6hpep6aijzVl ivLaK4gbJRlErYbMg4Hzeh/Bn9mD4h+BfiR8EPFkvgqw8N2Wi3XjnUdctrDUp79NOl1yC1hslln1 C7uLi6nlWD99JD+735O1QdzfqBRQB+VPxL+AHxyGu+P/ABv4Z8Jf21LF8VvC/jTTLFb60gk1PTtH toEnEbySBIn3qwAmKE4JAPGftj4+6b8Y/GX7PXiTT/g7K3hn4hanpsZsg80ay207MjTQidSY1l8v fGsqttVyHBwAa9+ooA/Iv4W/s9fFCy/ab+EvxXtfhdrXhnQvDSazb65f+IvFcevatcTX1g8McxVr udFgSUBR5OHcyFmiCqDXlv7PWg/Hf49fsQfD79ni28ADTPC2rXFrJceLX1G1+yrpNlq321jFaK/2 r7WXh8kKUCZ/eeYAeP3GrmvB/g7wt8P/AA1Y+DvBWmQaNommKyW1pbLshiVmLkKvYFmJ+poA/Irw DefHzxZ4J/aW+Cnw7+HSa1p/jXx9420uDxDJqNpb2dgNQuGt7tryCR/tDGFH8yPyo5PMyFwNpz1X jH9kv4v2ngH4++B/C2jHVE8RyfDmDw/K11axtqEHhuDTYb2U+ZMPKMf2aQ4lKlsfJuyM/qX4Z8He FvBqalH4W0yDS11i/udUvBAu3z767bfPO/q8jcse9dLQB+cNtof7UnwE1z4ueGPhP8PYvGcXxF8R XviTQtebUbS3tdOudWiiSaPUreeRJylq8e5fJV/MTCjaeB5l8WvgZ+0d4z+IHjay8f8AhrVfidZ6 xaWlv4ZubPxL/YPhrTn+xrHcSX2mxXUczEXJaQ/JcGRcKAMcfrXRQB+Q3w5+BH7Q/wAPj8MbqfwB Jfn/AIVXf+AtWjj1LT1fSr2S7W4jnkzPsmidYxjyWYjPzYIweu+Hfwe+PfwDvvhD8VtI8Ct4wvNL +HFn4I8R6FbX9nBf2MtrMLuO4t5ZpVtp18wtHIqyjjaylh0/UuigD8rvBH7NfxqHxc8GfGbxV4ct 9Nu9Z+IOs+KtZ0+3vIJk0awuNIaws45H3KtxOXUNK0AYFnz0BI+i/Dmi6t8H/jX+0b8d/H9uumeC tUsPD17aXzTRMJotF06Zbw+WjmRDGxCjeq7s/LuFfY1c34t8IeGvHmgXPhXxhp8eq6ReGJp7WbJi l8mRZUDgEbl3opKng4wQQSKAPmr9hHwb4j8Dfso+AtI8XQNaavew3eqzwMCphOrXk9+sZU/dKJOo K8YOcgHNfXNFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFF FABRRRQAUUUUAFFFFABRRXMWXjXwpqXivU/A1jqsE+v6NBBc3lkr5nghut3ku69lfa2098UAdPRR RQAV8K/Ez4Oa1rnxb+J/hKHzrPw9+0B4L/smTVYrZrqPTNW0uKe3DTopQYmtboNGWdAzW5TcCVz9 1UUAfIfxV/ZcuvGup+AvGXhDxFaaP4r8CafJpSzalpKatp9/YzpGJIrizeaIgh4leN0lBQkj5sjH Pt+yP4l0mw8GeIfB/wAQjY/EXwdd6tcjWbjSopbG7i1rb9qtZNNhlgVIAI4hCqTAxeWDliSa+3KK APz50H9i3x94Sg0XxJ4e+KiyeP8ARfE2u+Iv7WvdEWa1uf8AhI4UivbeayS7Q4ygaNkmXbwNuOan 0H9i7xl4P+weLvDHxPx8RNN8Qa7rg1m70dJbW5TxGsP2+0uLFLiPKM8CPG0cqGPAAHr9/wBFAHxH ffsn+ObrVvCnih/ilc6j4g0uDxDaaxd6nYm8W/tfEUkUk0NrF9pQWKQeSiQIjOiKMbSck5Wi/sge Pvhyvh+/+C/xPTwxrFt4T0jwnrM9zoy38Gox6NEYra9igNzGbe4QO+0GSVMEAg4Jb7e0jWtH8QWI 1PQb6DUrMySxCa2lWaMyQSNDKm9CRujkRkcZyrKVPIIrToA8A0L9nrwz4a/Zvf8AZr0XUby30h9D utF+3hx9szeRyLNc7hgeYzyNJ6ZOOlfLmj/sA3Fxe+GoPHHi7Srjw94c0fWNAOl6H4bi0VLuy1iw axmmllS6mb7YRskMpBQFSFjUsXr7+13xh4Z8M3+i6VrmoR2l74iujZafC2TJc3AjeZkjVQSdscbO xxhVBJIFdJQB8S/D79lv4naB8Svh546+IHxUXxZY/DHT77S9KsU0VbJ5IL23W3MtzOt1J5k4WNAX EYVgvCqWYn13x78Dj8S/i14Q8ceMNb+1+FvBG69sPDottsT63nEWoXM5kIl+zxkiCLyl2OTJvJ4r 1jxf4x8LeAfD9x4q8Z6nBo+kWjQpLdXLbIka4lWCIFj03yOqD3IrpaAPhu5/YwmsLXxLongLx9d+ FNCutet/FXhu0tbRH/4R3W49xuGhLy+XNZXLOxezaNUXc21hk1d/4ZR8WfEHXrnxH+0X8QR4xuY9 C1PQNOi0jS00OOyg1dUS7uQwmuZHuWWNNhLhIyDhCTmvteigD4ft/wBlz4veIX8KeHPi78Xh4u8G eD9SsNUgs49ChsdQvZ9LcSWi3l8J5Qyo6qXMcMbS4OSMmvoHx98Kf+E4+Inw18ff2p9i/wCFeahf 332byPM+2fbtPnsdnmb18rZ52/O187duBncO68NeMfC3jJNSk8LanBqi6Pf3Ol3hgbd5F9aNsngf 0eNuGHauloA+O5/2TfO8WyeKf+Eqx5nxCfx35P2Hpv0f+yfsW7z+3+t87H+x5f8AFVzw3+yz/wAI /wDDn4H+AP8AhJ/tH/CmtSttR+0/Ytn9pfZrO6tPL8vzz5G77Tv3bpMbcYOcj64rw3Rv2l/gJ4i8 bTfDrQvHGm3/AIit73+zZLWGUvtvdkr/AGcyAeX5hEEuF3ZJRgORigD5t0/9hT7D4L/4RD/hN9// ABQfiXwR5/8AZuP+Rhvlvftmz7Sf9Rt2eVu+f73mJ0qf4wfsV+IvizaT+Fr7x5aP4U1CzsLWW21H QYtRvtOayiSJ5dGvJLhTZNOE3NlJQjksvXFffE00NtDJcXEixRRKXd3IVVVRkkk8AAdTXI2XxF8C alrWleHdN16zu9R13Tjq9hDDMshutPBQfaYSpIeLMiYdSQdwx1oA+bdc/ZLTV/hz8Vfh9H4qaFfi Z4jttfFy9mZWshbDTwICpnBnLfYeZCyf6z7p2/NF8dPh34l8OXXxN+LXgpp9b8R+PfDOneD9M0qC 2b9xeNPcxRXclwrNiFGvfMlLIqxxxMxY5wPsqigDiPhn4KtPht8OPC3w8sHElv4Y0uy0yNwNu9bO BIQ2P9rbmu3oooAKKKKACiiigAoorMfWtHj1mLw699Auqz28l1HaGVRcPbxOkckqxZ3mNXkRWYDA LKCckUAadFFc14a8Y+FvGSalJ4W1ODU10e/uNLvDA27yL60bbPA/o8bcMO1AHS0UUUAFFFFABRRR QAUUUUAFFFFAH//S/fyiiigAooooAKKKKACiiigArzzWfix8OvD/AIij8KazrsFrqkhUeU24hS/K h3ClEJBBwzDgg16HXxL8Q/2Wdf8AFvxEvfEenavbQ6Xqk3nzebvNxEW++EUKVf8A2csvoemTtRjF v33Y4MwrV4RToR5nc+2qKht4FtreK2QkrEqoCxySFGOT61NWJ3hWVrs8tromoXMDbJYreV0YdQyo SD+BrVrM1u3mvNGv7S3XfLPbyogyBlmQgDJ460Afi/8As7fELTvir8MvB+s+Ov2yNT0Lxt4hjVbj Ro77RY5YrqSVo0hWGW2aXc3y4U5JJr9NNM/aE8G3Hhv4pa4trqMkHwdnvbPVy8cIluZNOskvZWtg Jdrho3AXeY8vkEAc151+x/8AAO3+Gv7O3gDwt8SfB2nWXjDRbPbe74bS5mjnEzup+0ReYrMAVIZX OPXivnjxv8Pf2mvCc37RXw48AfDhfFWmfGWe8vtL1watZ2ltZnUdNjsriO5hncTb4imY9qMrkjJV dxAB3J/bE8Q3X7Rnh/RdP8L63N8O9U+HLeLCEtrHzd1xJbTpeSO1yGEMELNbuinPnvwroBIv0Q/7 TXgRPh58LfiUbDUv7M+Leo6RpmlR+VD58E2tRtJA10vnbVRQp8wxtIQfuhutfKdl8EPjR4f8cfC6 8j8Jtf6bdfCVfh7rc8V7aI2i3zm3kaeVGkBniQxsv7jeSckfw7vPfD/w3/av1nwT+z18HNc+FY0T T/g74n8P3eraw2s2E0V5a6QHgWW0hSTzChifzXDhXBARVY5AAPp62/bt+GU3iHxtYXPhjxLZ+Hfh 1eavp+veJJrGL+xrO70dnV4TMk7O7zbB5KpGXYyRKVVnwOs+Gv7Wvhrx74z0LwNr/gzxL4B1Dxda z3mgN4hs4bePVobZBJMsBhnmKypGfMMUoRtmGGelfP8Affsp/ETxv+zP+0R8HtTgi0HV/iH438Ra 7o8ks0bxT282oRXljJI0DOY1n8kKwYb0U/MnG0878C/2ePEsnxd8DeMda+CT/D6PwfHdT3+oaz4u 1DxBM99JD5KLpMKanNEiNvYySXMTAp8gUMN1AHsv7VWqfETUvjf8BvhJ4J8b6l4GsfHVz4jTUbrS hAbh107ThdwgfaIpU4dCD8vRj3xjH0zWfjZ+zl8fPAHw+8e+P7j4leA/ig97p1tPqlrbW+paVqtp AbmL97bRxrPDOiFMMoKtyMDhuj/ak8J/GB/jL8D/AIufCnwNL49j+H9z4gk1Cyh1Gy06Tbqenizh IkvZY1PzMWO0NwuDjIrF0bwV8f8A48/HnwJ8UPjJ4Kt/hp4T+GH2670/Sm1S31a/1HU72H7Ossr2 oMMUUEZJVQxYv6g/KAfIfwr8beNPFv7OL/G7xb+1hf8AhHxTGuszf2dcyaPJawvp95cw26NaSwec 4kSFDs3bn3fLnIFfXnw+/bLvZPhN8J5fFHhHV/FPxQ+IGhDVjoegWsRm+zQ4R7+X7RNDFb28pKlC 0nJcKoPal+yH+xz4A8GfBLw7bfGz4VeHX+IFtdarLeXF7p+naheYl1K5ltma6RZdx+ztFtw5Krhe CMDr/it4N+KvgP8AaU0b9oz4aeDz490248Kv4U1TSbW7trK+tkjvDfW91bm7eKGRSzNHJHvVgNrD djgA8N+OX7TyfFLw/wDCuT4X+NNV+GEGs+OZfDPiZp47ez1LSpba1mee1uluBNDG6MEOcspyMMat eDPiP4y+Hf7Vfw4+EXhr41yfGnw/44tNXfV7O6XT7m60YWFv51vd/abBI9iSyfutkuAecBmI28XN +yN8T/G2t+HPGXxI8E6dcL4r+KE3izxDoLz2t5a6bo/9ntZwxXHmMIrqXKhpfJV9zPkDAJH6Y+B/ hF8KPhi08nw38F6L4Ve6ULM2ladbWLSqDkBzAiFgDzzmgDgfjr+0X4V+Ac3hOy1/RNY1++8a30mm 6ba6LbR3M8l0kRkWMrJLFjzMBVOSATlyqAsPJ9Z/bs+GPhbwhr/iLxl4b8RaJq3hTVtN0jV9Bms4 H1W1l1bm0mEcVw0c0EoDFHikcsFO1ScA8j+2lrPi7w/8Wv2c9Z8C6CvifWrXxLqbQ6aZ47Y3KHS5 hMiSzERpJ5RcxlyF3hQSByPJPGvwA+PHxe8U618aNa8GjQb7X/FPgb7NoEl9aS3Nronhy6ae6u7u VJfs7SSeazCKN3dVXaNzGgD6Rf8AbP057jSfDen/AAs8a3vjXUrSbUZvDaWNqmpWGnwztbi6u/Nu khjSV0YQjzC8nBCgEE6cv7a3wkuPh34Y8deG7LWPEGoeMNQn0jTfD1lZg62+pWmftVtLbySIkLWw UmZnkCKuGDEMpPN+N/DHxh+FP7S+s/HL4d+CH+I2heNdBsdKv7K0vrSyv7C802WVoZV+2yRRPbyp LtcK+5WG4jA58A8Pfs1/Hn4bXXgj9oLT/DVnrnjXT/F3izxLrPhS0voohHa+L444ZILS7mKQNPaL DGeSqSEuA/QsAbH7R/7berT/AAK8Z2vwu0LxJ4S+Iuh6lpOkapa3VpZi/wBDGp3EIjuHV7h4nS6i Z0tZIjIC7KW2D5h3vhz9rjRvhpolz4In8JfETxw3gK3tj4m1e7tbC8vdNlv1+1LFe/Z7iMTSwxyD zBbRyKiADLEGvJfiN+z78efjFZfFb4q3/gtPD2veNrzwZaaV4fN/aSXceneH9Siurm6vJ0lFr5rq WZUWRmVU2ZZiMn7TPwD+LHin4o+MvFPgr4Wzv4r1OGFPDPjbwn4gHh+5gZLdUC63DNdjz/IkHDxx MZIlWMbT0AP1C1bxf4b0HwheePdZvks9A0+xfUri7lDKkVpFGZnlYY3AKgJIxn2zXzH4L/bO8BeJ 9X0ex8ReGPEXgbTvE9jdalouqa/Zw21jqNpZQ/aZnjeOeV4iIcyqsyRloxuHXFd78RvhT4u+J37M Ws/BzxHrMUnirXfDJ0u61JVKwSak1sEecqoBETzAsQBnaSMdq+c7ax/as+MPgy2+BHizwHD8NvDk vhnUdF8R6vcXtpqK3ss9g1lANMjtZjIiGRvOZ5VUhB5eN3NAHeeFP24fAPiPVPCraj4Q8T+G/C3j y9TT/D3iTVbGKDS9RuZt32dFKzvPF9pCkwGWJBIOeK7Cf9rX4dW/7P8Aq37Rz6bqp8N6Pez2EtuI YPtzSwal/ZbFE8/yypm+YEyg7OcBvlr5ah+HH7SXxO+H/wAJv2ePHPw2h8Laf8P9U0GfWPEh1S0u bK5tfDpUxnTYYXN0JbsRqMyRx+UGIbOePLPF3wb/AGs4f2c/Gn7Jvhz4YLqUF14hutQtfEf9sWEV rc6bNrA1RRHBJIsy3Df6spIqqoy2/O0EA+no/wBpcfDP4u/tDTfEnUb3UvD/AIV1Xwnp2g6VZwrc XUl1q+lxSfZLOJdrSS3E7FgrN6nIUHB8Kf2hvGXxN/bK1HwBfaNrvgzSNL8CLe3Gg63BBE41BtTV Vu42gkmSRGgcIGWUjIZSAymvOvih+zb8Z9c+K3xS+KPhXRoLi5s/Gngjxf4ct7i7hii1oeH9LFpd 2xdXY25JeRUaZFG8Kw+X5h6n8K9H+OfjL9rm/wDjh8QPh3J4E8MDwT/wj9mtzqFjeXb3K6il03nL aTSbNwL7MblCrksGbaACv8cf2gfF3wo/az8DeDtO03WfFWleIfC2qSR6Bo0MEs1zqMV1CY5mM7xJ GsUKylnaVVA7EkCuuk/bg+E58CWHiqz0nXbzX9R1ufw3F4UislPiAazajfcWj2xlEaGFCJJHMvlh Cp3ZIB5742+HvjT4f/al8F/HD4d/D9vHeg6L4Y1LSdQihv7K0uke7uoZE+zLdSx7pAEyc7VKbxv3 lVb5F8ZfscfGjxVPYfH/AMSeD01fxJceM9Y8Qah4Js9cbTp10rVbO3sUhj1S2lhj+2QLbJI7LIqS bmXcRlWAP0z+Dfx58OfGO48RaFDpGp+FvFHhGaGDWNE1mGOG+tDcp5lvIfJklieKZAWjkRyGAPSu X+Jn7T/h34f+N7j4c6H4S8Q+PfEGmWKanqlt4etIbj+zbKUkRvcNPPAu+QKxjiQvI4UkLjBPmv7I 3wV1DwB4k8c+PdQ+HifDqHxH9htrGzudavdc1iW2tEYmS/uJr67th87nyo4QCi5Ds3FUPEuhfHT4 K/tCfEb4rfDf4fP8TNG+J+n6OPKttRtLC403UtGhktkSUXkkYa2mRw5eMsUYNlOckA1dT/bu+Gze IvC3hbwH4U8UePtR8XaBaeJrNNCsIp9umXVxLbM83mzxGJoJISsqsAAzKoJJIUvf27/hjaXeo6sn hnxJcfD/AEfU/wCyL3xpFZRHQILoTC3ZvMMwneBJT5bTpCyBsckENUfwn+GXxyt/2lNO+LvxctbO 4uJ/hnY6LqOoWBijthrI1a4vJrWGEyNNsjidB5hXY+M5z8o+ENC/Yh8f+GPCuofA29+Do8W3H9pz LZ+LLzxdqEHh+bS7i7M3m3mkWuo20wmjifaYoowHcb97YLMAfoL8Rf20fDHgTV/FtrpngLxX4u0j wA23xBrGkWdu+n2BWITyjfPcQvK0MbBpfLRgg5JrkpP2rdYuP2rtB8Eadpl/P8NNT8Bt4j+3rDaJ b4nnt5E1SSaWZZktIIGaJxtDiVz+7dQHX5j+MP7OX7QvjW/+KfhjxF4M1jx9Prcl3B4O1H/hK/7O 8NaTpb24itkl01bpJHubc5J8yGUTPguwG5q9Ab9n/wCNLap8ObO78JSnTtb+Db/DTX54r6zEug3t wIDJcyL53+kRpsYD7Ozk9scAgH0H4O/bg+H3i7VvDRn8J+JtA8K+Nr5dM0DxLqdjFBpWpXcm7yEQ iZp4xcbT5DSwoJPY8V4F+1F+3JKnwX8Xan8GdF8TWtvbajb6TYeM4bOA6M17BqEUVykcjStKYyqy QrMYPLZ/kDZIJ8q+En7I3ju0Pw48DeKvgmun33gzUbCTVfE2oeMNRv8ASJ4NM5S503TbfUo3S5lZ FMaSQLFCT8yFTtGp4r+DX7VOh/sr6n+xl4W+GS+ILayvyLLxMurWENpc6UNVGooxgnlSdbvH7tkZ dnBcSE4BAP0N/ap+JXiT4Rfs+eO/iB4Q0+6v9Z0rSbyS1a1SGT7LMIHKXcqzuimGBgJJANzbQcIx 4r5j+D/7RN58Nfhl4G8M+JdP8d/Er4l+OrSXWl0q6i0+bVI7VFjSW5JimitbfTzJzb+ZKZDv2kbs hfrP9pLwj4h8f/s+fEnwP4StPt2t6/4d1SxsrfzEi825uLZ44k3ysqLuYgZZgo7kCvl6/wDhz8aP hP8AFH4ffHLwf4MbxwLfwDa+C9d0a2vbW1v7N7aVbuO5t3uZEt5l8wvHIokBxtZdw6AHT6n+358J rLwvoOuWPh3xLqmq69rV74b/ALCtrCNtXs9bsY/Mksbq3aZdkhyqgozr8wJYKGYd98efjd4r8F/s o+Jfjb4V8N6np2uw6HJfW1he28H2zTpXjJWS8gabYBbk75lDuQAQFY/LXyp4H/Zq+NP/AAt7wZ8Z /Fnhu20671j4ga14p1nT7e8gmTRrG40g2NnHI+5VuJzIoaRoAw3PnoCR90ftIeB9d+JfwB+Inw+8 LokuseIdB1Gxs0kcRo9xPA6xqXbhQzEDJ4GcnigDxez/AGubfSvCPw706/8ABXiXX/iJ4z0k6ivh 6ytrNtRS2tsRy31yRcrawW8r4aImXLb1UKG3Kvm/iT9rvR/F/i34Na94Q1m68K6FL4n13SPF2n6t HHZ3FjJpelz3EttqCuXWIwsqyEq5XGDuIzWVonhj9obwb46+H37RVn8LLjUr5fBI8E6/4ZTVNPXU bL7Fdm4tr23naYWsySkHfGJVdVZTgkEDyLV/2IvHnxe8QaHr3xl8JQxab418fat4l8R6TZ6jHjSd Nk0v7JZRvNHInnzmWNWla3DAl+RtBoA+0JP2z/htF8L4vi2+g+IP7G1jVo9H8OQ/YY/t3iW4mJED aXbed5jRzbWMbTiHco3YxgnE1H9uj4a+F/B3jXxJ8QvDXiHwlqnw/XTJtV0PULWAaiLTVrmO0t7u 3Edw8M8HmSYdklLLtIK7tqt8seOf2Zf2jfFnwg8L/D3xZoP/AAmF18D/ABRDNo8h1dNNfxb4aWJ4 kRbm3nSayvoYisZeXy1yoYM+WJ57xF+yR8QfFvw9+Jeo+EPhB/whmoa7a+HdO0ux1LxJcazrd3Da 61a3961xcXWpT2MMEaQ7oo1/eE7vnBbYwB9zeDv2xfBWv+J9T8J+MfCfiT4eXljodz4kgPiKxjt1 u9JsyBPNEIZpmDRZBaJwsgUg7eoEnwo/a50H4p+I/DehnwH4p8MWnjW0lv8AQNT1WygFjqNvDGJi RJbXE5hZozvRZlTcuMHJC1U+LHws+IXib9pDwl4+8M6XZ3OkaZ4Q8S6VLcagY5bNL7UDb/ZYri2E iTSwuUbzAgxtBBZSRXyh+z38A/jX4K+MngjVvCnw91D4OaFpwuW8ZWqeI01Hw1qjvblVXTdN+0XE kZaciRGbyxCuV+ZhhgD7v+Ov7RfhP4BS+FbTxHous69eeMrybT9OtdFtUvLiS6ihMqx+W0kZzJgI pGQGILlUDOPMbX9uH4YQ+EvFmu+LNB1/wzrng3UbHSbzw5e2cbazLf6ooawhtYYJZI5jdDJixIAQ CxwozXV/HH4ceMPGXxk+Bfirw/pwvNK8G67qN7qsxliT7NBPps0ET7JHVnzKyriMMRnJAAJr5Z+L /wCzV8avEPxn+JHxb8H6Lb3U2neJvAXirw9b3N3DDFrT+HbK5t721Lhma3bE5CPMiqXCkHblgAez a5+2VB/wi3xC0mLwR4i8L/Efwn4dn1+20LV7a1Fzc2fMaXsBjunglghkx5480OoVgFZhg+rfs6fF XxR8Qv2avCPxQ8WaJqR1y50C0vLmKSK2juNSnFokj3FrHDKYgl0xLQBjGcMAyx9B86ah8L/jP8fP iX4j+Kfi/wAEj4d21p4D1jwppFjfX1rdX15faucvPM1k8sUdvFt2IrOWJYvgDgfSH7KNl480L9n3 wR4P+JXheXwjrnhPSrLRZraW6trvzRpttHbi5SS1eRAkpQsqk7h37EgGXaftY/DPUvhd8OvitpNt qN/Y/FDUrLSNIsoYoTe/bLx3Ro5kaYRp9mMUhnIkYIEbBbjPn17+3f8ADG0u9R1ZPDPiS4+H+j6n /ZF740isojoEF0Jhbs3mGYTvAkp8tp0hZA2OSCGr53/Z6+E94/7aXjfQLa9h1D4cfBzUNQ1rQ44W 3Jbav4zghlltjj5MWiLc7FGSnnAkgtivFNC/Yh8f+GPCuofA29+Do8W3H9pzLZ+LLzxdqEHh+bS7 i7M3m3mkWuo20wmjifaYoowHcb97YLMAff37Pnx98d/E749/Gf4f+I/D+pWOi+EL+2h0yeeG0jt7 eMW8JaKR4p3lea5aQ3ER2svkgZKP8h+0q+Mfgf4D+I/w2/aN+L8Wp+Fn/wCEL8ZSabqema7HeQPF vs7C2smtJLdpDdB8o7BypXC8tkgn7OoAKKKKACiiigAooooAKKKKACiiigD5/wDj58ZNQ+Eum6WN HsYru/1V5QjT7jDGkAXcSEKkk7xgbh3NdL8FviVN8U/Bn/CQ3dotndQXD2s6ISYy6Kr7kzztIccE nByMnrXX+MPA3hTx7pyaV4s09L+3jfegLMjI3TKuhVh74PPer/hzw1oXhHSIdC8OWaWNjBnZGmTy eSSWJZie5JJNbOUeS1tTgjRr/WHNy9y2xu0UUVid4V+Rfxu8eeK/hh8Zf2rviB4Gvv7M1/Q/Afhq 4s7nyo5vKlV7gBvLmV4269GUj2r9dK+YviD+yh8O/iRqfxK1XXNR1WCb4paNY6HqYtpoFWG2sC7R vbB4HKyHedxcyKeMKO4B896Z42/aC+Dfxo+Flh8T/iH/AMJ1ovxO0rXrrUbD+yrSyj0260mxW/X7 A1uolaMgmLbK7kgbiSzfLS+GHjD9p/xP8K/Cf7Vmo/EfT30vXW/tXUfCVxZW0GmxaK5kZbayu44W u2vlTbsaRysj/IwAAJ+0fEPwW8KeJvHPw+8f6jcXYv8A4bJqMenxI8f2eZdTtRZzfaVaMs+Ixldj JhuuRxXhGgfsM/DTQNX0SJPEniK+8FeGdTOsaV4QuryGXQrO93tIhSMwCdo4ncvFE8zKrc4I4oA+ YJfi7+1F4Y/Z08Ofts6t4/j1ey1O502/1Dwamm2aaamj6peR2yW9tcLH9s+0xLMjeY0rZbKlGAwd jWviB+07rN5+0x8Q9K+KDaJ4b+DcmvRaTpMWkafMZ5LfRftUQluJYi22CZo5EyrFjvVyVIC/Qmj/ ALC3w00mXTdFPifxLe+AtE1FdVsPB9xfxvodvcpKZo1CCEXLwRynekMk7IGGSCOK6P4jfAS10H4L ftB2Hw+W91bXvirYa7fNazPE27UrzSzZxw2+1I9qN5aAB2Y7ictjgAHzOPin+0P8DvCnwa+NHxK8 ft4+0v4k3FlYazoY02ztY7WXU7CW8t5NOltokl/cmLZIJWcSAlsJ/DzEvxd/ai8Mfs6eHP22dW8f x6vZanc6bf6h4NTTbNNNTR9UvI7ZLe2uFj+2faYlmRvMaVstlSjAYP0T8BP2O9F8K6H8N9e+IXiD xF4kvPB2lW/9naFrd3Dcado15NarFP5MUcKM7RBniiM0koiQ7UxgGtPR/wBhb4aaTLpuinxP4lvf AWiaiuq2Hg+4v430O3uUlM0ahBCLl4I5TvSGSdkDDJBHFAHkOh+Ov2iPEfxC+Ovjaf4rWXhzwV8J dY1GzstNv9OtRYyhNNSdft14sZuEt4JHjkzGDKw8xdxyu3xXwH+0H8a7r4pfCzQ7H4o+I/Fek/Eo 3emahf3/AIRh0jSIrp7GSaG60We4tIHl8mRQypIkiugBkBziv0eT9mr4cPoHxS8MakbzUdN+L17c 32sxTyp8kl1bR2rLbGONDGqrErJuLsH53dAPMNG/Yo8L2XijwR4v8QfEPxh4m1D4dXcdxoY1K+tX htYUjaJrYxR2kaOkqFRJIw847F2yKMggH5ufCv4u/Fz4Pfs1/Bf4feDPE+ry3PxS1/xSBdWGhQax f6TYaNf3TXSafZQwZnmupG8wtMJBEC5UBFGz9EP2RPib8ZPFXiLx14L+Jdn4jv8AQ9DayuNB8QeJ PD0nh+9vYblGFxbTQ+TDC720igB41BdWBYA06H9gv4ZWvhVPClj4r8T2kek61Nrvh66gvoY7vw7c 3LySTx6dKtvkQzNK3mRzCUNwT8w3V7h8HfgL4a+Dt14g1631bVPFHifxZLBLq2ta1Ok99dfZo/Lh jzFHFGkUS52RoigZPWgDxWyvo/F37eXiJ9TkDWvwv8EWiWMUzBY4rvXrmWS6uVyOCYLaKIsOi5He vhmf9qv40aZd+EfiDpHxR1PxtHf+KbLTdUtrDwr5Hgn7Fe332cwWerXFrBO8iKRslEjl2B6qMn9C vGnwz1jRf2odA+Lui6U2saB420Sbwh4ngRd32dI2e7sb1l/ijLeZbSn+ESIegOPPm/4J8/D6bw1p Hge8+IHjO48L+GLu2vdC0ttQtfs2lzWswmjaIfZMzbcMii4MoVHYKA2HABqf8FIftv8Awxr46/s3 b9r+06B5O/7vmf23Y7N3tnGa5fSPFvx3+Cv7QFn8OviR8SoPHWieKPCOr62k+p2FrpcWm6hpDxF2 8y0RStmySfMH3soGc5BLfXfxm+Evhz45fDnUvhj4tubu00vVJbKaWSxeOO4DWN3FeRhWljlQAyQq GyhypIGDgjE8f/ALwJ8S/G9j448Vm6uJrLQ9W8PNZq6LaT2OtKi3QlXYZC22MBSsigAnIPGAD8v/ AAn+098ZrLxt8Iddg+Jes+PdO8b+JtP0LWRJ4TGl+E2j1IyADStQmtba4keIrmMlmMigu5AG1ur8 G/Hz4/aD8YdC0f46+OdV8Ca3qfid7CbQ9Z8Nwr4Uv9PlnkSCDSNXtYmkM5j2FJJpgGfKvkAbvpuw /YP8FQt4Ji1j4heMtasfhtqGn3/huzu7+1Ntpx011aGMRpaKJl2r5RM29xH8qMmSTe0/9hf4cWGp aZa/8JT4ln8EaLrA12x8ISXsJ0O3vlna5TaggFwYUmbesJmKBuoIJFAHw1osn7Qfgj4cftMfHD4a /Ef/AIR3T/A/xE8X31voR0y0urbUDbXYkuftc8yNMBIh2IsTJt27s5bK/o3+0Z8ctb+FP7LeufG3 wzZRTaxHp9g9lFPkwx3OqTQW0TSYIJSJ5w7DIyFIyOtah/Zg8An4ZfEv4U/b9T/sn4qanrOq6pL5 sP2mGfXG3XC2zeTsVFP+rDpIR/EWr0jxT8KvBfjf4X3fwf8AFtmdU8NX2nrps8UrYd4UQKrb02lZ FKhlZcFWAYYIFAHxbq95+0j8Ffih8N/Anir4qXHjbTfiyup6Nc3Umlada3Oi6tFZPcQXunpDCFeI MrZiuFkRQoLE5Ir5a+G/gPW7T/gmb438Y3Pie4vb/SrzWPEekNJb2kDaZqXh/WbqZZ4ZYYkkeSd4 AX81nxkxptT5a/RX4efso+G/BXjXQ/H/AIj8ZeJviBq3hO2ntNCPiK9huI9LiuUEUrQrBBBumeMe W0su9yvGe9eafFH9nS60X9nbS/2TfhSmoXekeMtYmt9T1S6aOR9N0q9vJdU1KZ3jSJCzZa3gTbkm RM5wzUAev/Gq/vvH37Jfi3XNH1CXQ5tZ8JXF+s0UcckiJJZmd4tkyuuJEzGxI3AMSpDAEfml8K/A nxX1fx3+zL4f8KfEi60W+v8A4Rtcy6sdPsZrm002T7C6WVtG0Qh/dsY41llR5NgYsWfDD9ndU8Ja Fq/hC78C3Nvt0W9sZNNeGMlcWskRhKKRyPkOAe1fPPwh/ZL8IfB/XfC3iKy8U+IPEN34O0W68Pab /a1xbSpFplxJDIsJ8m2iYiEQIsXzDCkgg8bQD4C1r9rf9oPR9E0f4K3Gu3d74ul8feJ/C114m0fQ E1PU5dM8OQwXJlt9KhRoWupkuUUkRlUVWbaSC4+xP2RPib8ZPFXiLx14L+Jdn4jv9D0NrK40HxB4 k8PSeH729huUYXFtND5MMLvbSKAHjUF1YFgDXR+IP2Kfhbr1hqyx6trml6zf+LL3xpaazY3cUGo6 Xql/HHFOLOVYdogZIwpjlSTI+8SQpX0/4O/AXw18HbrxBr1vq2qeKPE/iyWCXVta1qdJ766+zR+X DHmKOKNIolzsjRFAyetAHyP+0j8WvHkHxov/AId+FfifqugjT9KtZ7bQ/Bfho+I9aa7nLt5+pNLa ywW8OAvlRiVC65ZiowTxHwu/aM+Ov7Qfg34A+CNL8Tx+EPEHxB0nXdW8Qa7a2NvNc+Rodz9jWO0g nR7dJblyGkYofLAyigcV9c+N/wBlHw34t+ImvfEjRPGXiXwXfeL7a1tNfh0K8gtodUiskMUHmmSC WWN1jYxiSF43CcAg81zFl+w98NNB+H/gjwR4O8Q+IPDt78N59Rm8P65Z3UA1Syj1SV5bm2LtbmKW 3cvtKSxMSqrls5JAPJtQ8U/tPL8SvCH7Ll/8StPi1XV5dd1K68V6dZW8mpHRNOWAWtu9pLD9jhvp HnPmlEZVRVdRliK4343/ABr/AGk/g3beB/gpqfi5dc8S+MvEGrQL4k8O6KNW1mPQ9Mt47kK+kRQ+ SNQfzQrbEaNYwZNvUr9DR/sN/DWy0fS30TxJ4i0zxppOp32sJ4vhvITrs97qaLHdtcSPA0EscyIi NEYdoVFCgckyz/sN/CmbwTZ+HBrWvw+I7LW5vEkfi2K9RPEP9r3KhJrlrkReWfMjCxtGYvL2Ko25 ANAHydH8bf2zpPAfjzw94W0nxdq8ehanokun+I9R8Jrp3iCbRLssNTS3064ihtLq8tSiiLCfOjlm UEAjZ8LfHb47eI/gx8WLX4O+OL34g+M/Dc2lGxsdU0CPTfFmk21w4F6LiweK3tbqVYw7220EMwKs WbCV9On9iL4Y3nh3WrPX9e8Qax4p13U9P1ibxVcXsY1yK/0obbKW3mjhWGEQKWVEWLaFdgQc8Nh/ Yi+Gt9oni618c+IfEHi/X/Gn9nm81/ULuJdTtzpMnm2X2N7eGKK38iTLrtjyxJ3lhxQBxX7Hfxj1 zxv4x8WeDNe+Iuo+KJdNtLW6TR/FGhLoPibTHZmSbzo4YYYJrdm27WTcyN8rHBXPmfxs1DxR8P8A 9uLWvira+JLxrPwp8ItX8QHTI7e0KT2um3sRfT/MaFpBHPKomaQN5qt8quI8rX1/8Jv2btD+GPjX Uvibq3inXfHfjDUtPi0g6rr9xDLNBp0MpmW2hS2hgjVDId7kqWZuc8kVc+IP7OfhH4ifFLQ/izf6 rqen6npWm3Gi3VraSwiy1XSrqQSy2V9FLFIXhZxkhGQnuehAB8Yr8Qf2nvhl4A+En7RXiz4iL4ws PH+qaDBrfhv+zLO2sbWz8RFREdOmhQXRltTIijfI/m8s3SvFPgn8ZvH03x68X/s2eD9Sl+H1p4h+ KXjXULrxPPaR3H277JdK7aRpn2iOW3+1OnzyPKp8uMjarOVB+7vCH7EvgDwtqfhdbzxb4n8ReGPA t7HqHh/w5ql/HPpem3MG77O6BYUnl+zZ/wBHE0ziMDAzW1rf7G/wt13wbr/g+e/1e3fW/F9z44g1 OCeBNR0vWrmcTmWwl8gpGqkFFDpIdjMGZjggA+GfGv7TX7Qvjb4h/Fo/D3VvFmkW/wAPNXvNB0LT PD/gxtf0++vdMQeY2qXv2eVl+0SHb5cTRmONlcZOC3p/g7xz+1R+0T8W9X8IWXje6+D9lp/hDw3r V3pw0W0nvrPVtSim823/ANOi3rEJUJkWQFyERVMYL7vfvGH7FPgnxR4l8T6/pfjPxV4UtvHaBfEu m6Nfw21jq7+X5Uk00bW7mOWZBtlaBo94zx8xJ9g+H3wC8A/DDxvq3jfwctxZyarpGk6J9h3obO2s 9FWRLYQIEEgbbIQ5aRs4GAOcgHKfse/FDxX8Zf2b/BfxF8dPFLr+pQ3MV7JAgjjlmsrua0aQIuFX zPK3kAAAk4AGAPpavLvgx8JfDnwM+G2kfC3wlc3d3pWjG5aGW+eOS4Y3dzJdPvaJI0OHlYLhB8oG cnJPqNABRRRQAUUUUAFFFFAH/9P9/KKKKACiiigAooooAKKKKACiiigAooooAKo6pqFvpGmXerXY cwWUMk8gjUu5SNSzbVHLHA4A5NXq4v4k3V1Y/DvxTfWMz29zb6VfSRSxsUdHSByrKw5BBGQRyDQB f8G+K9L8deFNI8ZaIsyafrVrFdwC5he3mEcyhlEkUgDI2DyrDINdLX4YxXfxw8feEvhb4hOreKPi Do0Xw70i41DTfCXi3+zfEum6lcBmbVbq0aVJr8zLtERdyNysNvUt2vibxT4/+MOh/CLxL8PPEviL 4peER4TmuL/R9F8QxeFfFslzFd/Zjq9zbRyq1ysbRtBsWQp54Zgxz8wB+zNFflR8Hvi/qXijx7+y vY6L428Q63pmp2Xjyy1Qa1mzvby70tLcRxanbxO0Utxa/MquS5OC4O5mJ8T+Mfxx+MI8X+PPh74J 17Wbu38TfFux8NA6fqaWt5BZLpcUsunabdXciw2Uk8ysoYFcNuxySCAfuHXAah8TPCel/ErR/hNd zyL4i13T7vU7WIRsY2trJ445iZB8qkNKuAeT+Ffjl4j+In7RvwZtPHngOO61jwX4e1mLw7FbP4h8 Uab4h1zw62p6nFYXV1E0V3cXMdtLDITG8wKRzLlGU8H6S8O/Cey+Ev7fPgPSdM8Xa54jtr3wVrk3 2fXtTm1W4tZBc2qvKk1wWkVLgjJTO0OjFQMkAA/TqiiigAooooAKKKKAOa1rwd4W8Ravomv65pkF 7qPhyaS502eVdz2s0sbQu8R7Fo2Kk+hrpaKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAo oooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigApkkaSxtFKoZHBVgeQQeCDT6KAPPvh r8Kfhx8HfDp8J/C/w7Z+GtJaZ7hrezjEavM4AaRz1ZiABliTgAdABXoNFFABRRRQAUUUUAFFFFAB RRRQAUUUUAFFFFABRRRQAUUUUAFfJ+q/tK+Bfhv41+Jv/C1fHOn2fh7wrqGgafHCtheJLpc2rWiy Il3ceW0conY+YskZ2RJxKykGvrCvx/8AjZ8K/H/iD4ufGC4t/COqajpms/EH4X3UEiWE8sF1ZWNr Cl7NGwQrJDBgiZwSseCHIoA+v5v22vgfq/gHx54s8DarPqmo+BtLbU5tPuNM1G0uXjkBFtIIJbdJ nglk2gyojKinc5Uc1neC/wBtv4TT/Bf4d/EP4galLY67420+CRdMstK1Ga5nvkt45L0WlmsMlxJb xOx2zANEVwRI2QTxnxi+HvjPxF+09411TRNCu7iy1b4L6posN6sDi1l1GXUGaK088jy/OKtuCFt2 0lsY5r53+DGs+Kfht4m+D/xt8T/DjxbNoGk/DKz+H2oRR6HdyajpGsaXJFNJO1iEM5tbkAxrPGjA lAGxQB+p/wANPij4C+MPhO38b/DfWIta0a4d4hNGrxsksRw8UsUqpJFIh+8kiqw7jkV+eHxQ/b71 LTNG+PMXhCGOy1D4Walolvp813pt8sMtpcXtja38tzJMkcSuGunWJNysyASoHTLV79+xx4Q8TaXF 8VPiNr/h678I2vxJ8YXuuadpN+nlXcVo8MMInuYckwzXMkbyPGxyo25r4u/aD8IeO9SP7VPwzg8C eINUn8b6v4R1rS7i10q5urC+s7SfSYblI54kZWlj2uzR9QiOx4U0Afon8OP2s/gD8VtY1TQfB/ig NfaRYtqk0d9aXWm7tOUgNeRNeRQrLbgnmRCVHBJAIJr/AA5/a9/Z9+K/iq08GeCfEzXOp6ms76f9 osL2zg1FbYZmNlPcwxRXPljJPlMx2gsAVGa+Yf2zPgv8QPir8VLLSvh/pVxu1P4c+LtH+3JEyWi3 FwbZra0nuQvlx+cQ6qrsOCxA4NeF/Bn4ea54x8U/BLQtQ0n4szXvgC8tLu/g8Siz0rQdAl022MZW CUaXuvY5MeTDFDKu+JgzSJjgA+8/2wPih8SPhj4S8DJ8K7yy07W/GXjLRfDIub+2N3DBFqrSRmQx B4yxRgrY3DIBHfI801f4o/tQfs9eMfBr/HW/8PeNvAPjDWLbQJtS0ixn0y+0u+vyUtJZIpJ5o5Ld 5Pkcghl6+gbc/bvsfEcng74X6/4d8Oat4nHhf4i+G9avbXRbGbULwWVhJLLPIsEKsxAAxngZIBIz XmHxR8V+Of2wtZ8C/C/wh8M/FfhPwvpviPTtd8Qaz4p0ttHiWz0uTz1traKZvNllmkCrkLhOpyCS oBp+BvGf7YXxr8VfFWbwB448NeHdH8DeMtU8NWlnf6HLdySR2KwyI8k8d1H1WYKcJnIJ74rqfhB+ 3D4R1H4J6d49+ONxa6L4hm1rUfDwttGhutQTU77TZCjyabbwpNcSxMu1sgMEz8zYwa8o+DP7GXw5 +Jfi/wCOPin44eEdXW7v/iJrbaf51/qulwXelvHbvFNHDBPBFPE7tIBLtYPgruIXA7j4k/DrT/2d fjP8IfiZ4F8A3mofDXwfo2s6DNY+HrF7640eXUHimS9S0iDTSLKUdJ5EDPyWfJPIB0nx0/aztJ/2 cbv4sfs369Z31/Hr2m6G0l7aTZs7i6vIreaK5s5vJmjlRZM7HCnBB6EE854x+KH7U/7Oni/4cTfF jxJ4Y8deGPHniaw8LzQWGmT6XqVvNqW5YriDNxOkqxlcyKVzjAHXcvzH8U/hJ4++KXgP44/ETT/A WuabpXxT8ZeDn0/RZbSeLVHstJkggvL+W0iBntxMd8h3BXVF3sF6n9DfAf7F/wCzb8OPFtj478N+ Eml1/Syxs7vUdRv9Ue2ZhgtCL64nWNvRlAYdjQB6d8Xfjb8L/gR4fsvFPxY1tdB0vUb1NOgnaGec PdSRSzJHtgjkYFkhcgkAEgLncVB4fSv2svgNq/gzxX47j8Qy2mm+BkSXXIrzT761vrCOUZjeWymg S52yDlCsRDDOCcHHhX/BQTWh4c0X4H+IDodx4kGm/FDQrj+z7OLzrq48q0v22wRH78oxmNf4mAGR mvnT47+HfHnx9g+PHxh8E+BvEGnaPefD208K6daX2lz2up63fpftevPDYMn2gpCjiJWZAWO7bkDg A+2ov24f2ZrjwyPFln4qlurKbUW0q1SHTNQkub67WNZStlbrbmW5Xy3V/MiVowrKSwBGeoi/az/Z 7l+GVz8Xv+EvhTw1ZXv9mTu8Fwl3HqGcfY2smiF19p5yIfK3kfMAV5rwP4s6Nrnws+Nfwa+OC+Ed T8R+D/DHh7UfD97b6PZSX95o8t2kBhuks4gZWQrE0MhjUlF6jGAflrU/hx8TL/4u6j+2NYfDnXP+ ESHj3SdXHhiS0K6zNYWOlS6dLqqaa37zzvtEnmpCQJSo3bR1IB9teOP22fhRa/BD4ifEz4fahLqO s+CLKUvpl3pl/Bd29/LA72a3do8KXEUErqMzMqxBQxMgAJHf/soeNPGXxB+CmkeO/HviOPxHqOtZ ujNHo8+hpbIyLuthBcnzJFicOFnIAlUhlGME/EfxE8O+MPjjrXx/+Nng7wPr2kaLqPwruvCenwah p09nqGu6mxmufNgsJFFwwjRkhQsgLkkKGHT9DfDOga3c/s/6V4WiWTT9Xl8MQWSrKDHJBctZCMBw wyrI/UEZBHIoA8f+F/7Sumah8H/EH7SvxW1iDw/4A1LU5/7AV4W8yPSYZvsdtI6orTTT3sqNMqKr EK6IoOCTt6J+2h+zrrmjeK9bTxHcWEfgi0XUNXgv9L1Cyu7ezdtq3AtZ7dJpI2JAzGjYJGcZFfGG g6v8Qb3/AIJ2fCVPhjoJvNU0G+0zTdaWDSotZ1PR4tLuZLe+u7PT51dXvreSIMilSy7iy4IBr5z8 eeAfin4x8QfF/XNE0P4jeL9P174WXGlafqvifSJI7y/v49Vt52t7a2t7WEwx7GJhieJXfbI67lOa AP1x+Hn7XH7PvxU8XN4H8FeKfteqtbzXluJrO7tILy2tziWa0nuIY4riNOctE7DALDKjNeB/ED9u /wCHmpeJvhr4U+CevJql54q8aaXo9y8+m3iWt3pczyRXkljdTRRQTGOTYpeJ3Ck9CCDWZ+0x8H/G Pjvxj8EPDvgzSrm2ih8NeN9HlvoreT7Ppb6j4fFpa/aJVUrAGl2qgfGWXABIxXik+t+LvF3hD9mL 4OW3wg8U6Xrvwz8VeF2124n0adNO0yPSozazSxXiqYpYpSfMEkbMgj+aQqcZAP1F+KXxb+HfwV8M L40+KGspoOiNdQWZupY5ZI1muW2Rh/KVyqk9XYBVHLEDmvnwft+/sqG2u5D4uuFurKQJLYNo+pjU QjIZfP8AsRtRcGARjeZvL8tRjLAkAy/ts+D9b8b/AA28JaLomjXOu7fGvhme6gtbd7krZxX6NPJI sasREiZLsflVeSQKr+HvA2pp+3V468dXWgzrpd54F0mwh1N7ZxbSzfbbhp4EnK7GcKsRdAxIAUkY xQB6L4v/AGq/gT4K0Dwv4i1TxG15B41tjeaLDptnd6jdX9uEWQyxW9pFLKEVWG5mVQpOCQeKl8Ef tTfAj4i3PhOy8IeJ1vbnxu+oxaVGbW6iaafSUEl7A/mRKIZoUYMY5SjleVDDmvyx+HekfG/wF8O/ gXofiLRvFvgfw/Z+Eb63v9U8NeGBqXiiPUn1J2XTJjPa3E9lbvDskQiMB3wG4AId4Y+Hnj7wZ+y9 8QPizrGga3oXiv4W/E+98f6WniJfKv73TQls9wJrgBY5jc2jTLMYiVaZSvBHAB9yftI/ti+FfhNq Og2uga5bpHo3jjRtA8XvNaXEsdnZajYXV6yxyBAsk2yJGxCZGTO1lDMBXsnhX9qr4DeLvDPijxZY +KFsLHwSqPraanbXOmXOnpIu6Jpra8iimCyj/VkIQ5+VctxX52a98N/HOifs5fBP4k6l4K1Pxp4o 1/4o2HxH8UafpVq93dILyC9uSfLUcC2hMEQVyF3qqZG4Cuf/AGkfhd8Uf2stU+JvxZ+GngzXNG0a 08O6BpFvZanaNpOoeIZ9O1Y6lctBbXSbx5MOI4mljw7gKoYcAA/T34TftOfBb42axc+Hfh/rcs+r W1qt/wDY72wvNNuJbJ22LdQx3sMLSwliBvQMASAcEjPvlfll8A/CN344/aO8K/EpLf4palb+FNI1 FZNU8fC10qK2lvlWI2EVmumwzXTk/OzLMscZQEM5O0/qbQAUUUUAFFFFABRRRQAUUUUAFFFFABRR RQAUUUUAf//U/fyiiigAooooAKKKKACiiigAoorkvGPj7wL8O9MGt/EDxHpvhnT2bYLnU7uGzhLf 3Q8zIpPtnNAHW0VzPhPxr4O8e6QviDwNrth4i0t2KLd6ddRXcBZeoEkLMuR3Ga6agAqhqumWOt6Z eaNqcfnWd/DJbzR5K74pVKOuVIIyCRkEH0NX6KAPl7xD+xp+zr4l03w7pd74Zmto/CumR6LYSWWp 6hZXC6XFnbZyXFvcJLNDyfllduSTnJJrR8U/skfs/eLdF8NaDeeF/wCzrfwfbNZaS+lXl3pc9ray YMkKz2csUjJJjLh2bJJY/MSa+kKKAPm7Xf2Rv2evEHgTw18N7nwmlpong6V59HFjdXVlc2UsuTLJ HdW8qXG6UkmUtITI3zPlsGqtp+xv+zTZeBNc+Gdv4Htx4c8RXUN/e2zXF05e8t41ijuUlaYyxTBU GZI3V2YszEszE/S008FsgkuJFiVmVAWIUFnYKq5PdmIAHcnFS0AfPfhb9lb4C+EfCviXwbp3hWO7 07xlEkOtHUbi41G41CONSsaz3F3JLMwjBPl4cbDym081W+G/7J3wH+E3jCH4geCvD88HiSC1lsUv 7rU9Qv51tJtmYM3dxKDGojUIpGEGduNzZ76f43fBi18U/wDCDXPj3QIfEfmeV/Zj6pare+Znbs+z mTzN2eMbc54rtr7xH4e0vVdN0HU9UtbTU9ZMq2NrNOkc92YE8yUQRsQ0hjT5n2g7V5OBQBs0VFHP BM8scMiu0LbJApBKNtDbWA6HawOD2IPepaACiiopJ4IXijlkVHnYpGGIBdgpYhQep2qTgdgT2oAl orG0fxH4e8QtfpoGqWuptpd1JZXYtp0mNtdRAGSCXYTslQMCyNhhkZHNbNABRRRQAUUUUAFFFFAB RRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFF FFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRX5U/tI/Gz4l2nxR8eeGPBf xU1XTZvC9jbS6dofg3wx/b01vObczPLrl1cWkkMKu33Y0mUCL5n56gH6rVmajrWj6O1omrX0Fk2o TrbWwnlWMzzuCVijDEb3YAkKMk4PHFfn/wDswftE/Ez4u/FTwhpvii/j/svW/hNpHie4soYIkj/t e41Ke2nuFfb5oDpGB5e8ovZc818v+JfEXxX+ONh8DPEeqeP7vTr8fFjXtHtp7Wx05vJW1a/jtZ1V 7dkZ4YIjEoYFWDlnDOAwAP2O8NeMfC3jJNSk8LanBqi6Pf3Ol3hgbd5F9aNsngf0eNuGHaulr8Qt Fk/aD8EfDj9pj44fDX4j/wDCO6f4H+Ini++t9COmWl1bagba7Elz9rnmRpgJEOxFiZNu3dnLZX6a 8PeL/wBob9p3xh8R7v4cfENvhppHgR7TTtLsbfTbK9a91GWxivJJr57yORvI3TBESIplcsTuGSAf pHXNeGvGPhbxkmpSeFtTg1NdHv7jS7wwNu8i+tG2zwP6PG3DDtX5V+EPj1+0n+03rfwX0XwN41T4 ZDxr4M1TWNakt9MtdQxeaXqC2ZltlulYqssg4Uuy+U5+821x0OnfErxjZfCj4qfEPxT8XrzwBY+B PiD4r0tpNK0XRpbjVEhuIorO38mazZZLksGCsoDyM5MjEKCoB+rFZms61o/hzSrrXfEF9Bpmm2Mb S3F1dSrDBDGvJeSRyFVR3JIFfmBJ45/ai+GX7N+k+Kfjn8V4fC/ijxp4htVgN5o1veatpukzKzJY Wdlp9lsu9UkVQzb4fLTLA425r5I+M/xX+Lnjn4I/tEfC7xJ4v8QajonhjS9B1qwn8RaDbaNq09te XRiltbiDyIz5DOEljlEccnyYB2EggH7yL4x8LN4wf4frqcB8Rx2C6o1hu/fixeVoFn2/3DIpTPqM V0tflN8fvjx8Uf2cPiF4ugg1aPxbe+HPhdpl3b3WoWNlDNPq2oeIm01Lm4ktYYmESCRWaFGWL5SQ oYlq6fx34t/aQ/Zo8X+C9P8AFfxIk+I+m/ECz1mzuTdaZY2cmmatZadJewXNkLWJN0DNGyvHMHCK M5JNAH6ZUV+R/gT4mftS6B4H/Z5+Onjb4njxLafFTW9C0XU9AOkWNraR2usxOI545oUWf7QhQSOd wRmYgIqKEP2h+1f8T/Gnw48D+G9N+HVxBp/iXx74n0jwrY39zCLiLT5NUkYNdGE/LIY40YorHaX2 5z0IB7B49+GXhP4ky+GJ/FUEkz+ENattf0/y5Gj2X9okkcTtt+8oWV8qeDn2r0Cvze+LnjL9pf8A Zt8I69bTfEHTvHk3iKfRNM8O3uqWsFtqem3+qXv2Sea6trOGKCa0RXDxOcESDy2Vl5PG/GD41/Hr 9jDxJb2njDxjJ8WtH8T+F/EOo2bahp9rZXFlrGhW6XGSbCOIG0mEihkYEp2kHRgD9Ltc8Y+F/DWp aLo+vanBY3viK4a006GVtr3VwsbSmOMd2CIzY9Aa6WvyW8T+EPjjo/xf/Ze8TfFD4lnxxb65r0k8 9o+nWdkllfyaTcP/AKG1rGjNblCylZS7ZVWDZZhXjWi/td/tSePfC198dPAn/CX6ndyapM2k+EdP 8Ey3nh240y3uzA1vLq0du87XDRozNMkoCSAptAyFAP3OoqrZXP22yt7wxPB58aSeXIpV03DO1lPI YdCD0NfBfxT1n9oHxt+2NB8EPhv8R28BeFrLwTZ+JbpodLstQnlu/wC1Lm1Mam5QlVlQJvySAIwF UFmJAPsHwb8N/DHgLVvFGq+GY5LX/hL9ROrXsG/NuL14killiTHyGYRq0mDhny3UnOZN8avhTB8T 4Pgs/iiyPjm4haddIWTddCNYzMWZVB2fuxvAYgleQMEV+QOi/td/tSePfC198dPAn/CX6ndyapM2 k+EdP8Ey3nh240y3uzA1vLq0du87XDRozNMkoCSAptAyF2LrU/ir8K9U/bK+Mvhvx3fLrmgx6TJE LrTdN3NNPpttLbvKDa5DWkbmBIxhCMtIrP8ANQB+21FfkJ8Tvit+0z8K9Z+HPwh1v4iazrur/ESO 917U9V0Dwrb6hqOmWVvBF/xL9NsYIpVdGndt08yu0ce09R81eX44ftnXvwy1vTdO0jxfND4e8U2U MviP/hFEs/El54Yu7eSR5LbSbuKO3muredBDK8SH5GVxGCS1AH6veKPGPhbwTZ2uoeLNTg0q2vru 3sIJJ22LJdXbiOCJT3aRyFUdzXS1+IfxF+KPiz4p/s5Pp+l/EhPGevaN8SfC1tp1xqmjnStW0ySa 6ja3i1axEdvGzJKCQ8ahZFBG7cDj7Y+EfiD4z+Bf2pNV+APxI8eSfETSL/whH4os7270+0sLq1uE v/sU8AFmkaNE+4Ou4ErwoIAJYA+0bnWtHs9Ts9Fu76CDUNREjW1s8qrNOIQGkMcZO5wgILFQcAjN eX/GD4F+BPjpZ6TpPxCN9c6VpdyLh7C3vZrazvsFWEV7FEyrcRBkVtj8ZHuc/HX7Q9n4k039t74T eLrTxTe2VjpnhnxJqDWNvbWkgaDTjazXNurSwu+L1cI7btyBQYijEk+aS/F39qLwx+zp4c/bZ1bx /Hq9lqdzpt/qHg1NNs001NH1S8jtkt7a4WP7Z9piWZG8xpWy2VKMBggH6m+GPF/hXxfFqLeE9Sg1 KPRb640u7+zsGFve2bbJ7d8dHjPDDtXTV+IvwT+M3j6b49eL/wBmzwfqUvw+tPEPxS8a6hdeJ57S O4+3fZLpXbSNM+0Ry2/2p0+eR5VPlxkbVZyoPReNf2mv2hfG3xD+LR+HureLNIt/h5q95oOhaZ4f 8GNr+n317piDzG1S9+zysv2iQ7fLiaMxxsrjJwWAP2Yor8tvB3jn9qj9on4t6v4QsvG918H7LT/C HhvWrvThotpPfWeralFN5tv/AKdFvWISoTIsgLkIiqYwX3fWf7HvxQ8V/GX9m/wX8RfHTxS6/qUN zFeyQII45ZrK7mtGkCLhV8zyt5AAAJOABgAA+lqK+a/2sPiHrPw0+D9zr2geL9P8DXtxe2VmuqX9 rLfvEs8oEgs7KKKZrm7ZAwhiKFSeWwoJr809Q/aq+PPguL4xeHtM8ZeIdWg0jwD/AMJVompeKvDd to2pW92l+lm5it2t41mtnDkq0sONwKqMKSwB+4Fc14k8Y+F/B/8AZQ8UanBpn9t38Gl2Pntt+0Xt zu8qCP1d9p2jvivzb8S/Fb9oj9m/xp4L1r4j+PB8RNK8beGvFGr32lHS7WxisbzQdL/tRFsXt184 xsAYcSs5x8xJY/L5t430r4961oP7MHxa+JPxIHiWx8Y+OvCepXWijTrS1tbCe+jee3FlNCizMkUb NG4leQyEh8rgggH7JUUUUAFFFFABRRRQAUUUUAFFFFAH/9X9/KKKKACiiigD5I/a9/az8PfsneC9 N16/0mTX9Y12d7fT7BJRbq/kqGlkklKPtSMMo4ViSwAAGWXC/Y3/AGy9A/a00XWvL0R/Dev+HWh+ 12Zm+0xNFcbxHLFLsjJBKMGUqCpxyQQa639q/wDZS8IftW+DLDw34g1CbRNS0adrjT9QgQSmFpFC yo8TFQ8bgKSAynKqQ2AQcT9kb9jrwf8Asm6HrFvpOrT+Idb8QPEb2/miFupjt93lRxQqz7FBdicu xYnk4AA+ji8u/s5p39vfz7/da3zudy9h7D++fYVFFFfOHCFfl/8AC/wD4Z/aX/a5+Nvi344abB4p tfhhf2fh7w5o2pRpcWNhC8XnTXItpAyNLcOisJGBOMgcBQv6gV8G/EP4BfHvwR8dtd/aC/Zb1nRD c+Nba1g8SeHvEn2lLG7lsUEUF3bzWoZ45ljGzBG3lmJbdgAHcaL+zX4E+Afjrxp8cfhED4Yt9T0C SK78OWcaQ6LPeWm6aK8MCBdkoA2YjKrtLHGWJryjxB+1j8SNK/YB0b9qW3sdLbxbqFvpMslu0Mxs A19qUNpJtjEwkAEchK5lOGwTkcV1nwu/Z3+L2v8AxP8AEHxz/ab1/TbrxFqeiSeHdM0fw7540vS9 OnYvK4e5CyTXEhPLMuFywBYFQny5rH7HP7Z+tfs6Wf7KUviLwXH4P8N3Fu9nqQN+t/qVta3guIIb iPyWjt9g+ZmTzCWREHBeSgD33UPjV+1X42/au8e/A74Q2vhSz8M/D06DdXt/rMV69w9tqdskskCC CTa0rHzWjbCABApJzmuB+GX7Vn7SviHRvHnxz8a2Phew+Enw1vfEdlfW8Ed4Nb1H+yRK0L2paRoE JbyYjvOCfMbA+QD6z+GXwa8T+DP2j/jV8YNUurOXRviPH4aTT4YXka5iOjWctvP9oVo1RdzSAx7H fIzu2ng8B8LP2WNQ0j9nn4ifAn4k31tLF471PxFcGfTneQQ22syu8Tfvo4/30YYEjBUMOGYc0AfG uif8FE/iFo2l+E/in478VfDjVvDvia+s4r7wpod87+I9Hsr9gI5mZ52WaaAMDcxGJcEEApyV96f4 1/tj/E34ufF/4efBe18H6bpfwx1CGCK81mG9lnvTParPFbBIZgoO4P5kpxhXQKmQzVzHgz9lf9p+ x0rwX8KdefwFpnhbwpPaJeeJdMsWl1/VdOsvljgMF1bNBFNKiqJpN7nPzAtyG+tPgt8GfFHw4+KP xm8ba3dWc9j8RdatdR09Ld5GlihgtFgZbgPGiq5ZSQEZxjuDxQB+efxp+MXxW/aH+DP7Jvxf8JnS NAl8T+PNKDWt1DcXEcetwPdwQyEpMhazDQyl4j+8OUxINpz+vWs6X4i1fwRfaLHqCWOu3unS24vL dWWOG7khKCaNWLMFWQ7lBJOAASa/OW2/Y3+Nnhz9k34K/C3w1qmgS/ED4P8AiiDxKhuZbo6ReNb3 N7KITKsKzgFLpcnyhypHGQ1foT4h8KT/ABA+GmoeCfGpW0n8Q6TJYai2nyNtikuoDHM1tI4V/kZi Y2ZQeASAaAPw+s/B/wAM/gv8Drj4H/td/s26hpP2SC5t7n4iaDp9vrMbSyM+3VHvlH2iBhuDKrlz wFKBfkH3TfeLtG0X4hfsj+EvB0+m+PrHXtP1+HTvFGqwtc6ikdloqtFcwTRvGEe4AC3JZCXXI+Vs msbSvhV/wUM8J+AP+FG6P4l8B674bt7JtKs/EWpx6gurJp4QwoZ7VFaCSdYsBSWZSR+8LnJPe+H/ ANkHU/AfiT9miPwhqtvdeH/gfBr0OoyXbSR3d42rWBt1kgjRJE5nZnZXkUIhAUsRigD4o+F/xe+P v7P/AOzh+098YzdeHtWu/DvxB1dVhazu9r6vLqdnbXkh/wBJB+yGOT9xHnzEI+Z2HFfpb8avjH4o +HXxb+C/gTQ7e0l0/wCIesX2n6i9wjtLHFbWbXCGBldVVi4wSysMdgea+XL/APY1+MOveAP2hfgd q+r6FF4M+Keuaj4m0TUImuW1G3v728gu0gu4TGIvIQwBS0bs3JIBzhd2L4G/thfEn4xfCH4mfG3V PB9lYfDC9uZZLLRJL55L37VatBJdF54VUOWCbIsKoVnJfOFoA8u+N/7Xv7R/w0h8Y+LdR134ceCk 8M3lyNO8Have/a/EOqWNufkkdrW8KpLOvzRxony5AY9CbfxU8U/Fn4i/tVfsl+OfBV5pGl2finQd a1TT7a+t7i4MH2jTbee/W4aOaMSEwSKluVC7HDM+9SFHLWf7CP7Qmh/Dzxv8HNDHgGWLxbJqjy+N 723upfEtxDqDO5hmXySA7bvLaQTMERiyozjn6B179nD486cP2afFvgS68OTeKPgrpM+j6pa6hPdi wu4r2wtrGeW2mig83KeQzIHjXO4Z6EMAeV6X+1B4l8F6f8RdA+GngzQU8deJvjLqvg/Roo45bWzn nEMEkmqaqVkZ5XVP9c0ZQt8gCjBr3/wP8ZPjz4C+P3hz4CftFJoOrr4906+vfD+taBDcWim50xVl u7S5t7iSX7sTb0kRhxgEEk7PLdR/Yp+Jr6X4w17QfEWlaZ43i+Kl/wDEXwtcMJp7PyriKKJbPUV8 tHUSqrCXyt+35SrNyK9X8EfBT45+N/jz4c+Pn7Rl3oNhL4D0+9s/D+jeHJLm4hSfU18q7u7m4uo4 mLNGoVI0XAGCSCDuAPkzRf2vv219Y/Zsn/a1GkeC4/CGgSz/AGnS/KvxfalbW161rcTRSec0dvtx hFPmZKM5yCqV+m+nal8U9a+IOk61pv8AY6/C+/0JZ5Fl+0f24NVlk3ptx/o/2byCM5O/fnHFfJGg fsk/EfSv+Cf2pfspXGpaS3i28tdUgS6Sac6cGvtTmvYyZDAJsCOQBsQnDZAyOT9V+HdI+MWieMfD +ktNobfDzT/DsVtdAfaTq7a1EwUNEdog+yeUP4sSb+2KAPZaKKKACiiigAooooAKKKKACiiigAoo ooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiii gAooooAKKKKACiiigAooooAKKKKACiiigAr5G8Xfsd+DvFHjLxZ4osfF/ibw3YePmjfxHo+k3sNt Yao0cKwEyEwPPF5kQ2ymGaMuDyRzn65r5x+Jv7WfwG+EPiafwf438QyxatY263l7DZafe6j9gtXG VmvGs4Jlt0I5BlK5HzY280AeYQ/sLeBtIs/Bi+C/HXi3wrqvgzRG8Nxappt7aw3t5pBna4W2uibV omEbsTG6RoynnJIBq2P2GfhhZfCrw98KfDXiHxFoNv4T8QTeJNK1O1vYTqdpeztMWUTSwOrxhZ3U b0ZyMFnZskzwfte+FtS/ak0D4F6I66joWveF/wC2YNTtrO9uFnvLieD7KsU8UbQfZWtnd2nJMYcq hkRxsbzH9l39v/4YfEn4f+AbH4n+JIrTx94oc2Uwi068h006jJM6w2q3fltarM8ewiMzZyQOpAoA +iE/Ze8BL8L/AIk/CdtR1R9K+KWpaxqmqTmWD7VFPrbbrgWzCAIiKf8AVh0cjuWrjvEn7Gfg/VNd 1HXvCXjTxT4Fl8QWFrp2uR6FewQR6tFZwi3iknEtvLsnEQCGWHy2257nNdJ4s/bJ/Zx8EeM77wL4 j8Wi31DSZ4rbUZo7K8nsNPnnIWOK8vooWtbdiTgiSVdp+9trT1b9rD4DaL8W0+BV54jdvG7XVrZt p8NhezmOW9iingMkscDRJG6TR4kL7AWwWBVtoBe8Jfs2/DTwJ4x8JeMPCMVzpn/CFeHZ/DOnWMci m0WxnminZnDo0rTb4h8/mc5YsCTkeI+LP2Avhv4p1aDWovGvizRbi18Uav4vhFjd2Iij1fWHSSSU Rz2MyfuCmLckF4wzfOScj6f+Kfxg+HfwX0G38R/EbVv7Mtb25SztUSGa6ubq6kBKQ29vbpJNLIwB IVEJwMnA5rxe2/bm/ZbuPD+t+KG8afZtO8NXVhZao9xp2oQNZXOpNIlvFPHJbq6MWhkD5H7vbmTa CMgFDV/2O9M8Q6NZ2fiX4n+NNa1fRtTg1fR9ZvL2xbUNKuoY5Ij9maOyjjMcqyHzUkjcNhemKw5f 2DfhhqMPj0+KPFPifxFe/EvR4dI1y71C+glmnFtN50FzHttlWKaLCoioBAEUAxE7mPUXP7cn7NsG iaRrcev310ddhuLi0s7fRdTmv3gtJTDNM1olsZo4kkVl8yRVQkEKSQa39U/bE/Zu0bwH4Y+JuoeN IU8NeMpLiHSrtbW7k+0TWqu0sPlpC0iSgoyiN1V2fEaguQpAMm5/Y/8Ahzr897d/EPV9Y8bT6r4R Xwbfvq08LNdWCXkl8s7tBBEwullk+WRWAAVSF3gsc/w3+xv4R03WLXXfGPjXxT48vdH0290rR316 +gn/ALKt9Qh+zzvbiG3hDTvEShmmEjFeDXn3xZ/b8+F+gfB68+I3wuu21y/s9c0/RLizu9M1GKWz lupoxL9ptzCk0ZWAu8W8KsjgIhZjtPrfjL9sz9nnwFdW1l4l1+7hmm0221edItI1K4awsLxN8M1+ sVszWe5edk4R1/iUUAbLfsyeAm+HPww+GJv9S/sv4T6jo+p6VL5sP2iabRFK263TeTsdGDHzBGkZ P8JWu7+MPwh8IfG/wRP4F8Zi4jtnmgu7e6spjb3tleWriSC6tZgCY5onGVbBHUEFSQdrXPH3hzR/ h9d/EyK5+36HBp51OOe0jku/PtzH5qPElusjyB1IK7FYkHgV8l/Cb9uj4ZeIfgB4R+LvxNvTouq+ JZnshp1ppuoSzT36KJWhsbcRST3SJG6ZmiDxZJBcEEAA6OH9ib4Z6ppPjC0+Jeua58QdW8a2trY3 Wr6zdRG/trawlM9rHZPbQwJbiKY+d8qfNINzZHFavhv9j/wJa6tf698SvEWvfFLULzSLnQEl8TXU U4ttMvBtuIYY7aG3QNOuBLKQ0jY+8ORXTxftZ/s9y/DK5+L3/CXwp4asr3+zJ3eC4S7j1DOPsbWT RC6+085EPlbyPmAK807w58cPC3x78HeLrD4DeJBa+L9Gt2i8rUbCe1udOvZoy9q11ZXkcUvlOR12 4ZQ21sjgA828LfsR+D/Dvi/wP4u1Dx74v8Rf8K2mZ/D1jqd/bzWllC0DQGDatqjyLtYAM7mQBEUO FDBqd1+wb8Lp7rU9Kh8S+JbXwHrWpf2teeDYb+NdAlujMLhh5RhM6QPKN7wpMEJxgAAAe9fs/fFq H44fCDw58SxZnTbvU4XjvrNs5tL+0ka3vIOeSI543UE9QAe9eyUAeMeAfBPjXw/8UPiR4p1zWbi7 8PeIZtLGi6dJdvcQ2MdnaCO4aCEoiWyzStzGpfcyFy3zBV1o/hL4cj+NU/x2W5u/7fuPD8PhtoC8 f2MWcN3JeK4Ty/M80ySEE+Zt24G3OSfUaKAPiG6/YN+F091qelQ+JfEtr4D1rUv7WvPBsN/GugS3 RmFww8owmdIHlG94UmCE4wAAAPRPE/7Kfw68V6X8W9Iv7/U4IPjL9k/tfyJYFNuLK2jtYxZ7oGCA pEpPmCT5s4wMAfTVFAHz38Xv2cPCPxcHhXUpdX1bwv4m8ENI2ja7otwlvqNqs0Yimj3PHJG8UyKB IjxkMBjjJrzl/wBiH4Yt4aksBr3iAeKpNbXxGfFv22M6/wD2okJt1l8/yfK8sQkxiHyvK2nGzvX2 VRQB8d2H7FXw5j0y/TXfEOv6/r2s+ING8Salrd7cwPqF7d6CytZRSbbdYVt4wu0RxxKdpIDA4I9z Pwl8ON8ak+Oxubv+308Pt4bEG+P7H9ja7F4X2eX5nm+YoGfM27eNuea9RooA8J+J3wC8O/E/x/4I +JVzrWq6FrfgWS4+ztps0KR3lreGI3FpdxzRSiSCURKrBdrYJAYZyPHtH/YW+Gmky6bop8T+Jb3w Fomorqth4PuL+N9Dt7lJTNGoQQi5eCOU70hknZAwyQRxX2vRQB8m63+xv8Ldd8G6/wCD57/V7d9b 8X3PjiDU4J4E1HS9auZxOZbCXyCkaqQUUOkh2MwZmOCMbxh+xT4J8UeJfE+v6X4z8VeFLbx2gXxL pujX8NtY6u/l+VJNNG1u5jlmQbZWgaPeM8fMSfsuigDxT4ffALwD8MPG+reN/By3FnJqukaTon2H ehs7az0VZEthAgQSBtshDlpGzgYA5z5p4e/Zx1T4Y2nwg8EfCrxHqdp4T8B6nql5qguL8I9/a3yX MognhggSO4xdzoybiixopJDuQa+tqKAPIPjV8FfC3x08LWXhnxNd3umS6RqVrrGm6hpsqw3thqNk SYLiB3SRA6bmHzIwIJ4r521L9gj4e+Ir3xRrfjHxx4t8Q634z8PzeGtUv7y9tHllsZZ4rhfKjFoI oWieEeWI0VMMxZXZi1fdFFAHi/jD4EeCfHPizwN4t8Qtczy+AbfVLW0td0RtbqHV7MWVwl0jRszj yh8oRk5JzuHFeDaV+wh4B0zVPBk0njnxffaH8OtVttW8O6Jc6jBLp2nSWr7o4lU23myRAfu18yRn SP5Udckn7hooAKKKKACiiigAooooAKKKKACiiigD/9b9/KKKKACiiigAooooAKKKKACiisa68R+H rHUodGvdUtbfULjHlW8k6JNJngbYyQx/AUWFKSW5s0UUUDCiiqt9Dc3FlcQWc5tZ5I3WOYKHMbkE K+1uG2nnB4PegC1RXylqPjP4sfD3wl8MtP8Aix4o0HTvFGueLrfRLy4trO7uLXV4J/tTQwW0aJm0 uZoo0YtITFGyuN5DLTdT/bc/Zo0jxW/hG98VyLNDqP8AZE16unXz6XDqG/y/s76isBtA+75T+9wp 4YigD6vor4h0z9pPWvib8cPjB+zp4JuV0DXPCVjYDQ9Rn0q9mja/dJ3u2uzJGsAhR0iSIbk85S7x PJ/B9ceDD4uPhHRv+E+S0TxKLSEakLB3ktPtYQCYwNIqP5ZfJXcoIHBoA6aivgv9p39uP4YfCbwZ 4/0rwf4hSfx34YtZoogdPu7rTodUCB4rS4u44vsqzMD/AKppg2flOGwD6V4n/bD+B3w3aw0T4g+I ZItdGmWupajDYade6gLCCeMOJrs2cMy20ZzkeaVO3B+7zQB9VUV89ePP2qfgR8Orbw7ca74lF4/i 22F9pUGlWtzq1xd2ZUN9pjhsYpn8nac+YQFPIBJ4pmt/tW/AXQ/APhz4lP4nXUdE8YSNDo5061ub +6v5UDGSOG1t4nuC0e1hIDGPLIw+08UAfRFFfLN1+2r+zLY+D9K8d3vjRINH1m+u9Mt3ayvfO+32 UZkntJLfyPOinVcYjkRWclVQMzKDlat+0F/wuT4SeIdY/ZS1L+0/F2j6jp9hJa3mnzQz2kst1CJl ubW8WB41NuznzGG1QCwJ2kUAfXdFfJPwQ/ag0/4wfGv4qfCiK1ktx4Fu4obJzYX0JngSKL7TJNNP GsKuJ5NsceVZ4x5iB0+cdp8Tv2o/gn8IfGFv8PfG+tXEXie8sk1GDTbLTb/Ubqa0keWMSxpZwS7g Ggk3AcqFywAKkgH0FRXy34q/bS/Zo8HeFfC/jTWPGcb6T41iupdGktbS7u2vfsTxR3CJHBC7rLG8 yK0bhXB3fL8j7a3iP9tr9mjwpqcWlax4skExs7S/uWh03UJ47C2vkWS3kv5Irdls96up23BRlDAu FHNAH1bRXnnh74r/AA/8VeM9W+H/AIf1dLzXdEs7LUbmBY5Av2PUVZraeKVlEU8bhT80TuFPDYJA rxjUv21v2bdO0XRNdTxTLqEPiRrsabDY6ZqF5dXSWMzQXE0dtBbvMYEkR184oI22nYzUAfVVFfOG v/tc/s6eGfBPhj4j6v40t18OeMmmj0m8igubhbqW3RnkiCwxO6yjYyeW6q5k/dhTIQp8P+LP7fnw v0D4PXnxG+F122uX9nrmn6JcWd3pmoxS2ct1NGJftNuYUmjKwF3i3hVkcBELMdpAPv8Aori774he E9L+HVx8VtTupLPwzaaU+tTXE1tPHLFYRwG5eR7ZoxOrLECTGY/MB+Uru4ryD4d/tdfs/fFTxNp/ hLwV4me6v9Zjmk00z2F7Z2+orbjM32K4uYI4rgxDO8ROxGCcYBIAPpOivlLwV+27+zB8QrLXNW8L eNUn0zw5p39qX99NZXtraQ2oZFOZ7iCOMyBpEUxAmTLABSQQOx+E37TnwW+NmsXPh34f63LPq1ta rf8A2O9sLzTbiWydti3UMd7DC0sJYgb0DAEgHBIyAe+UV5v8UPi58PPgz4fi8T/EfV10qyubiO0t wIpbie5uZc7Ibe3gSSaaRsHCxoxwCegJrzqL9rX9nyT4cX3xWk8WJb+H9MvRplyZ7a6ivItQYAiz axeIXX2ghgREIixHIBAJoA+jaK+ZLD9sX9na+8FeJPH0vik6fpfg6Wzh1pL6xvLS8057+VIbY3Fn NCtwqSvIoWTy9mMndhWI5OL9vv8AZVnW6SHxdO15bGHZZf2RqYvrqOdWaOW0tTbCa4iIRiZIkZFG CzAMpIB9j0V8za/+2H+zp4b8OeD/ABVqHi3ztO+IEVzLoDWlje3cmo/ZHjjmSGKCB5PNV5UXy2UO SSAp2tjc0L9qD4G+I9E0LX9J8S+ZbeIteTwvao1pdR3C606PILK4geIS20gWNifOVFAAyfmXIB77 RXyz+0D+1L4L+DPg/wCIk1hN/aPi/wAC6JHqzaabS7kj/wBM8xLIySQxFRHJLGQ7B/3ags5RfmrI h/bV+CWleCPB/iDxXqt2mreKtL/tKPTbPRtTmvTHCxiuJvsaW7zxQLMrqkkqhHAyjMCCQD69or4Q 8T/t1fDiLx78FtJ8CXf9v+F/ifJqTXGoQadqM7xQ2sEywrCkUORMbyMJMjqWhRWaREUiQdxpP7Tn gLwf4X8W+Kfin43sby107xnqnhyyFhp16tws1vLti01bby2murqIZDyQI0b/AHlO0E0AfW9FfOFj +1v+z7ffDjXfit/wlQtfD3ha5gstXe6tLu3udOuLmaOCKO6tJIVuIt0kigM0e3GWztBIt/Cr9qb4 G/GrxNd+Dvh54ge81m0tBfi2ubG8sXnsi4jFzb/a4YhNDvIXfHuGcdiCQD6Eor4q+M/7U1n8Ev2j vCngLxldfZ/CeveG7+9EdvYXF/f3Gpw3UMcEUEdqkkrZjaQlRGeAWJABNeteHv2nfgZ4qs/CF/oP ihLqDx3fXGl6Swt7lRJf2qNJLazboh9mmVVOI7jy2Y8KCcUAe90Vw+k/EjwZrvjvxB8NdI1D7T4i 8LQWdxqdssMu21jvwzW2+YoIt0iozBA5YKMkAEGvIvih+118BPg/4jvfCXjTXrgatpUEV1qEFhpt 9qX2C3mGUlu3s4JUgVl+YCRgSvIBHNAH0rRXy/4w/bL/AGcfBF1pGn6x4sNxe+INJttc0230+xvd QlvdOvGkWGeBbWCTeCYnyBygGXCggn2j4cfEjwR8XPBem/EL4darHrXh/V0Z7a6iV0DbGKOrJIFd GV1KsrKGUgggGgDuKK+U/GP7bP7NngPxNqPhbxJ4plin0W8FhqV1Dpt/cafYXbYAhur2GB7aJwSA waT5D9/bzVv4xftbfBX4R3Wp+GNc8R7PEVnp/wBtaO3sru+hs0mRvs0l7LbRSRW0cjAYMzoCCG+6 d1AH1DRXyn+zH+0XpXxc8E+CNK8UajEPiLrnhSz8T3llFbTQxtaXL+SZ4WZTEUEo2lVkZlONwGRV /Xf2x/2dvD+mx6ldeKHuftGq32i21vaaffXV3d32mMEu0treGBpZ44mIDTRq0OeA5NAH07RXzZq/ 7Xv7OehfDHS/jHqnjKGLwjrN82l214La6djfrHLK1tJAkRmilCwSZSRFOQFxuZQeRvv28f2YdPtL S+uPEt40VxZjUJvK0XVJWsbRneMS3yx2rNaqWjbHnBSVG8ZQhiAfYNFfPHxC/ap+Bvw0/saLxB4g e8uvEVgNV0+20qyu9WuLjTzgi7EdlFMVgIPEj7VPOCSK5nX/ANtz9mLw14P8LeO9S8Zq2j+No7yT Rngsr24kvDYSRxXMaxRQNIssbyopjdVfOeMKxAB9W0V4b4Z/aT+Cvi/4b+JPi5oXiMSeFfCD3cer XU1rdWz2j2UazTq9vPEk+5UZWAEZLZAXJIFdL4l+MXw78HeBNM+JnifU30/w3q7WCQXUlrcddTdI 7XzYxGZIQ7SIpMiqEJw+2gD02ivL4vjP8MZviVrHwgTXoh4u0DTE1m+smSRfIsHYKJmlKCLGWXKh ywBBIAINfFumf8FCPhfb/F7xJZ6/rzP4Cm0DRdX8PPa6PqE17cLd/aDdzvDHA04hRY0bc8SKoIOT uXIB+kVFfP8A4l/ak+BXhbwL4a+It/4oS50bxlj+xPsNvcXt1qLFdxW3tbeOSd2X+MeX+7PD7TxX bfCz4v8Aw6+NPhyXxT8NtYXVrG3uJLO4Bilt57a6hx5kFxbzpHNDIuQSkiKcEHoQSAelUUUUAFFF FABRRRQAUUUUAFFFFABRRRQAV+atnr+tfs6/GH45p4z+G/iPxlZ/Eq+t9X0a90PSptUi1CL7Cls2 m3EkKsLdonRgom2psYtnHX9KqKAPyI/Zp+GPxG/Z0+K/wQsPHvhnVrqG5+HV94buLrT7WS/tdN1O 81tNSW3vJ4QywxxQnZ5jHb8vBIBIpeHfhN47sP8AgnH8JfBSeD9Tg8T6T4h0W9n037BOt/bFdf8A Ommkg2ebHtiZnZiowhJJC1+wlFAH4JXnwf8AHng/T/i/8HfF2l/FTVNS8V+INYvbLTvDMdmvhvxB aatIGjmm1GbT7lbaQqQLgyvmMKpUE/KPvz9lT4X678PPjn8b5dX0e9tLWe38E2Nlf3atIt7HpmgQ 28vlXZihS58uUMsjxoo35yqH5R940UAfC/7V1h4g8P8Axe+B/wAbdN8O3vjLTPAd5ra3+j6Ui3Gp suqWSwR3lraFla4NsyneqZYK+4DgkfAOpW+u/HD4t/GnVtG+Hms6WuoeOvhVc3OlXdkxv1s7cS+f c3dtF5hhVosSuGxsRgZMEmv2J+LfwP8AAPxqs9Kh8ZRXcN9oFw13peo6be3GnahYXDoY2kt7m2dH UshIZSSp4ypwMSfCT4J+AfgppWo6d4JtrhrjWrk3upX9/dTX+oX9yVC+bc3VwzySMFGACcLzgDJy AfFH7SV78TbD9o1JJIfFfh7wXP4dhittX8BeHodU1jUb37RI0lhc3721zJaxoAHjTCxksXLg9PBP 2e/hT8S7HTf2fNO8VeCdcsZfDHxF8W3mpJqNnK72kUtvcyW9xPME8tkeR02XCnypH+4xNftXRQB+ P37Q/wAN/iLdeKP2m/EGieENW1O2vNV+Gep2YtLGWR9Ri0hke9NmAuLh4VTDrGSVxg4NM/aETVr7 4i698T/BHhz4k+Bdc8WeHtNl0+/8P6ZLrFj4gf7PIFsdd0We1ZLa4ts+VslbBjLEkcg/sJRQB438 K7bx5efAbw1ZfELTbbSfFs2gwRX9laqkcEF21uFaNEj/AHaBW4KodqnhTtAr8r/gQnjn4bWPwD+K Hin4beKptO+Geiaz4O12zGjXL3+m3twYZo9QtrTaZbi2kUGJ5oQwAyD0wf20ooA/FPU/hx8TL/4u 6j+2NYfDnXP+ESHj3SdXHhiS0K6zNYWOlS6dLqqaa37zzvtEnmpCQJSo3bR1P1v8Ho9U+JH7V/i3 9pG08Mar4R8HR+EbPw7HNrlpJplxql3HdveSXQtZwsqxQRFYhJIq7ucZA4+9a5Xxz4Q03x/4O1rw PrM1xb6fr1pNZXL2snkz+ROpSQJIAShZSRkcjPGDzQB8nfsBR3t38Cr/AMXSoYdP8YeKPEet6bGe Alhe6hK0JUHna+C6+qsCODX23WZoujaV4c0aw8PaFax2Om6ZBFa2tvENscMEKhI40HZVUAAegrTo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD /9f9/KKKKACiiigAooooAKKKKACvz6+KX7PfxQ8S/FO/1rSES5sNTuFlS8adE+zrgDa6lhJ+7xgb VOQBjngfoLRWtKs4O6OHH5fTxEVGpfR30IbeN4beKGSQyuiqpc9WIGCT9amoorI7gooooA+Qv2tP DPiPxJf/AAMfw7pV3qi6R8S9Ev702sEk4tbOK2vVkuJtgPlxIXUM7YUFgCeRX5UfFnQfj943+Bni nwZrXh3x7/wmg1WS4fwh4e8Nxaf4Ps7eHUxcedHNBahtQ3xp5kZSdpXmbcyHaWr+hSigD4e+HB1z wt+278XDq3hvWF0v4h6T4ZuNK1VLCZtMP9k2t0lzHPdBdkMoaVQsbkMfQZGfuGiigD8V/Htv47+H /wCzX8bv2YL74WeJvFHi3xFq+v3um3mm6RNfafqltqd0byG/a7iUxrNChAaI/vfMREUEkY9a8A6x 4h/Zr8ZfFey8efDPxL4sh+In9nappNzo2kzaml8i6ZFavply0Sn7M8LoyqJ9q7GZsgdf1OooA/Aj wN+zr8W/2dvEXgLXviE3j3TdOuvBEWkSXvgCGHU73Tb8ahNeNp13Gba7cW+2ZQsiDaZVAyRyPU/+ FLy+E/gx4I1zWPA3xF0dpfFeva3/AGxpepR3fjDw4dRj2LcyWVjp8SPDfeXm5t1RjAGwXfcVX9pK qX9/Y6VY3Gp6pcx2dnaRtLNNM4jiijQZZ3diAqqBkknAFAH46/C3wt8dvFnjj4Qaz8QvDuq6nouj /ELWry01XUdCXS9Sm006Q6w32rW0EarC7XHyRyzBHkIUnkrn7W+DfhbxDpH7WX7RPiPUNIurLSde Xwg1jeSwPHb3jW2nSxzmCVgElMTbVfaTtOAcGvpKy8eeDNR8TJ4N0/WbW51uTTY9YS0jkDyNp00h ijuVA4MTOpUMOCRXW0AfEPwLXXvC37Vnx78Pa74c1a1t/FN7putabqrWMv8AZVzbQadbWsiLeAeV 5wkyPLJ3YVj2NeWfE34m2Hwr/wCCh41/U/Cus+I7e4+F9rbtLoenS6pdWZbWrplLwQK0vlSlQhZQ cPsB4JI/TGvP0+GXhNPipL8ZVgk/4SebRY9AaXzG8v7BFcvdKnl/d3ea7Hd1xx0oA/ML4LfBr4jW Hx2+DfxD8S+Dr/SbDVvEPxP8UG0lt2ZdAt9ejtPsFvdtGDHbzSKrkIzA7iyjlSq+b+LPhj458A/E D49eGvFNp8UbpfiFrWpatpEPgu3tZ9F1yz1OEKlpdXMtjdG2ljG6GUysqLGNyqer/uLXNeGvGPhb xkmpSeFtTg1NdHv7jS7wwNu8i+tG2zwP6PG3DDtQB+V/xx+DXxp+EXgL4UeKfgF4d1C98VjwnJ8N tVtEm/tG5s7PUbcGyuZrm3ghRk026Qlp/JRMNnCqTXM+PP2f9Y/Z/wDjr4a1jS5PHtn4Ch8C6f4Y tNV8AWkV7fQXenzFnhvYGtbqRYbknzvMVQDMcEnkr+zdZms61o/hzSrrXfEF9Bpmm2MbS3F1dSrD BDGvJeSRyFVR3JIFAH5KfDH4H+KNCvv2f7//AIQ7xJaWcnj7xJ4ivotckj1G9sY7uwmWG5vms7O1 gtDNKiyCIqfLkfb5jMdoZ+0P8N/iLdeKP2m/EGieENW1O2vNV+Gep2YtLGWR9Ri0hke9NmAuLh4V TDrGSVxg4NfsDRQB8z/tEa7B4o/Y6+J/iS2tbqxi1TwJrdytvfQPa3UIm0yZwk8EgDxyLnDIwypy DXxX4G1nXfj54a/Zh8C+D/h7r3hk/Dm90XXtX1LUdNksdOtLPTNOeHyLW6cBLkXplTyxCWzH8zhT 939IriX4e/Hj4ca7odnfx654Y8R2+o6JeSWkpAZGElndxLIvKup3oSOQRXX+GvD2meEvDmleFNFR o9P0a0gsrZWYuyw20YjjBY8khVGSetAH5FRfs+/E/wARf8EqPDPwr0bw3f2PivTvJ1G60SWI2V/c C31Z7uaHy7hPlmdP3iB0O5gowcgHY+Hfww174xfGPSPFGhar8XNLm0LRNRhHibxiljpj6ZPfbIzZ 21k+lo13IcbmbzBFGUyC5O0/rxWTr2u6P4X0PUfE3iG7j0/StItpry7uZTtjgt7dDJLI57KiKWJ9 BQB+c3xL+E/xQ+DvjT4QfFvXNa8SfGvR/A+t6vNqiGzgudTtINW04WcFxb2tnFGZktpFLsFVpAJC QCBleO+IF142+IviLw3+0loHwXv7Lw14K8cWuoTWY00weJdesU057RtVl09o0lke0lkAtUYmVo1J AUYr9UdK1TTtc0uz1vSLhLuw1CGO4t5ozlJYZVDo6nuGUgg+lX6APxK/aR8E+Nv2irj4tfF/wT8P fENnoN/4c8LeGre1vtMuLbUNbuYfElrf3FzHYMn2jybe2GwyMi5UMRlVJX7rufA+py/t/aZ47bQZ 20az+GlzYpqf2Z/ssd4dYiZbcT7fLEvks7CPdu2FiBjNfW9prWj39/faVY30Fze6YY1u4I5VeW3M q70EqAkoWX5lDAZHI4rToA/Crwle6z8D/Fn7MF/408Ea3dTaZqvxWkbT7fTZptStre6vEMd1FZ7R K6COQP8AIpJiYuobgHtfGPg/4nav4j1b9qnTvh/r0Ph+f4peFfEUegixca22kaHpc+m3V+NPAEoe eSYOIiBIUXcyj7x/WDX/AIZeE/E3j/wn8TNWgkfXfBUeoxabIsjKka6pHHFc70HD7liXGfu9utdb q+taP4fsH1XXr6DTbKIqrz3MqwxKXYIoLuQAWYhQM8kgDk0Afkp4osviN8cfEH7T/izQfh94i0jT vFXw4tdL0Aarps1lPqc0CXgZY4pBkSNIxCxNiQqUYqA65zdT8YfE7WvE/g3WJ9D8e+AfCEngyysI 7rwz4SWXxLealazPFPYXtxcWk89pEpj8yBcLE6sJN4zx+yFRTTQ20MlxcSLFFEpd3chVVVGSSTwA B1NAH4ffA/wr8TfhbY/ALxb4w+H/AIqWLwZ428cxatbrps97qFsmt28sNpPIsSfvoXeQbrmPMR5K seAer0bwF8Sfh58TbD47ar4F1vWNA8IfFj4i3V5YWlhLNftYeIUjhs9VtbQqHuYUKH54gxKOWTIB I/Y3S9U03W9NtNa0a7iv9Pv4Y7i2uIHWWGaGVQ8ckbqSrI6kFWBIIII4q9QB+K/xp+Hvjr40eG/2 jPi54a8Aa7Y6T46HgbTNN02706aLU9X/ALI1O3e7vX08qZ0jSEhULKCY0ZiFAOPujxn4U1+b9tf4 YeLbDR7mTRbHwp4gtLq/jt3NrDJJNaNDDJMF2IzYYorEE4OBwa+m/F3jHwt4B0CfxT4z1ODR9ItX hjlurltkSPcSpBEC3q8jqg9yBUvivxX4c8DeHb/xd4v1GHSdG0uIzXV3cNsihjHBZ27DmgD4T+PG p6p4A/bK+HvxbvfAuv8Aijw1pXhPVrK5v9F0y41H+zri5uYdkjLArFmKBkKJl9js+3arEeIal8If HPiP9nT41/GU6HceDNcufGc3xK8J2GooLe7tG0aOF45rmE48ie8SCYOjHKiQbj1r9ZLHxBoWp39x pWnajb3N9aQwXE9vHKjTRQ3W/wAiSSMHcqy+W+wkANtbGcGvF/2jvA3wp8feBLbRvjLq15pnhttQ tY5IrS+uLIX8t032WKymFsQ88c7yhTDzuOD2zQB5j+xDo+ral8MdU+Oniu1Nr4i+M2q3HiieNzue 3sJ8RaZbB8AskVmkZXj+M18p/G+L4w3/AMX/AIt+Hr2w8Z6PZazDbw+HbTwNoVstt4iBsgnmarrj 20hUpI3lSCWWJYo+EJ6n9b7Gxs9MsrfTdOgS2tLSNIYYo1CpHHGAqqqjgBQAAB0FWqAPyd/Yo+HX jfQ/ip8PNf8AFPhPVNHj0v4Madosk+oafcWogv4tauGltGaZF2zbArmM/MUKtjaQT9R/sT+F/EPh D4Ua9pHiTSLrRZ28XeJp4YLuB7dzbT6lM8MiJIFJjdCGRgMMpBBIr6/ooA/Bb44aJ8dvGPgf4zeB tU0PxzB4iv8AU9WfTvC/hXw7BZ+GLqy83dHfXGoR2pe+eaNC7DzxPLLiMRkkCvoLwzf+LPgjN8Xt J8UfDLxL4sb4sWGnX+izadpM14l0ZNHism0y/IX/AEN7eRGBFxtAjLMeRg/rPXP+K/FfhzwN4dv/ ABd4v1GHSdG0uIzXV3cNsihjHBZ27DmgD8jta8A/G74Y/su/s/8Axp+FfhDUrz4meANBk0G90VbS YXr2esWZhxNb7PN/0S8WCYoyjaA7HABrH8bfs0+KP2f/AB18HtetpfGa+FNA8FSeHNS1PwJBHe6n aazLdtfXN1NBJbXTm3u5JZNzxxlgygFgOH/aSGaK5hjuIHDxyqGVhyCrDII+opZZUgieaTISNSxw CTgDJ4HJ/CgD8bNB+B/ihfDHw71m18IeLWh1r45WHie8TxG0V7qZtIbS5ibVb6C0srZbFZXVC6SB 9p2lpMuBXXftVeH9d0X4z+MfFXhLRvH/AIT8Q6xo9lHY6t4Rs28RaN4mkhilRbXVtMa2eKKSA/u0 8x9rxMWJHIP6Y+FviX8P/G/g7/hYXhPxDZap4aCzOdRhmU2yrbFhMWkzhfLKtu3Yxg5rhfEP7S/w C8J+CNI+I/iXx3pWm+HNfDNp15PcBFvAhIY26n55QMclFPGD0IoA/PDxJe/tCaf4s8Et8TNI8R+B 7SbwNpkNzdfDfw3bahqN1q29mn0ya8FtcmzjiwGjiTbCCS3mcDHJ/sqfCf4laR47/Z9l8YeCdd0w +E9Y+Jz30mp2crfYnvxbG1kmuQghbzwzCOZTsmYMYycHH64+Bfij8Ofib4YPjP4feJbDxBoaF1e8 s7hJYY2jGXWRgfkZQckNggckYrzrwh+1b+zb4+8XL4D8GfEjQ9Y1+RikVpb3kbPM6gkrCc7ZSACc RluBQB8CftC/DHxPP+1evwK8PQhvA/7Rs2k634gVWwLdPCzF9TAUfdF7CtqjMeGckHPOf0V/aF+F 0Pxk+Bnjb4WhVEuvaVcQWh6CO7RfMtX9vLnVG/Cud+HXw4+Dtt8YvHXxK8Nahc6144Eo0vVGvr2e 6fS45Ql59jtoZji2gl3pKFjG1uCDgYH0TQB/Plq/wq/an8SeCNN/aPtvB2q2nxR+Lmo6v4R120ez uEu7HRNV0+30u2uLmMxiSGG1ksTcCR1VR5oYkBlav0l+CHwlf4fftUfEEWOg3Np4Z0/wb4S0TSb2 W3dbeWKyS4jkhimKhHZAsXmKpJHy5AyK+6KKAPxX+B3g34hfA3RP2e/i74u8Ba9qGjeFdM8XaHqV haabPPqeiyajqss1reDTwnnmKSFdjMiErGVOCpGfs79lPw54ivviX8a/jhf+GtQ8IaH8R9V0x9K0 7VITa3rxaXZ/ZpryW2b54TcyksFcByACVGcn7aooAKKKKACiiigAooooAKKKKAM/U9W0rRLRtQ1m 9hsLVCAZbiRYowT0BZyBz9ans7yz1C1jvbCeO5t5huSSJg6Op7qy5BH0r5s/aY+GXjD4i6Po7+EV F0+mSzNLamRY/M80KFcFyqkptIwTnDHHv137P/gTxH8Pfh+uieKHAvJrmW4EKuHECOFAj3DKk5Us dpIy1bOEeTmvr2OCOKqPEOk4e7bc9uooorE7wr4b/bR/aA+KPwms/DPhD4EWNpqvjvXV1PVTBeRt LEukaFZvdXZ2oQRJK3lxQ54Z2wOen3JX5pWfwY+LXx0/aa+JPxpl8T+IPhZZ+GRF4N8PNFp9uJb7 T7fFxfXCrqNvKrQT3TAxTRKA6rjcwFAHsvj79pC7m8HfALx/8M5IH0j4seKtE02489PNZdP1Kzur iRFwRsmR4lUnnaQwIrJ+E37Wug2/wBs/i18edYt9Lnvtf1fRrZLS2mllupLXUbi2tobe1gEs0spj iGQik8FiAOnxf4U+FHxd+Gep+Cf2bpvD2ua74d+GPxf0bWdG1wadM1pL4f1CyvppGaaGPyFFpcSF ZyCqo0qjAGK1PAfgL4k/DXQPgb8YNb8C63qmnfD3xV49/tfSbawlk1SC31+6nS01CKxZRLKkeA2U Ut5cm9ARzQB+hnhX9rX4AeMm0iDRPE5+161q/wDYMNrcWV5bXMWqGJ51tbmGaFHt3eNGKGYIr7SE LGt4/tIfBRY/iLKfE8W34TDPiY+TP/xL/wB20oB/d/vSVRgBDvJYFB83FfnB4++GXj/4v6l8bf2m /BHgrWNDubN/CereFLTULOW11PVtS8Js88tz9hZfPXzIWNtACoaQMcLn5a8jtP2a/jZcax8PbW58 L36WX7R8aXnxJb7NMv8AZ8ltrja8wvSUxBI9pObJVl2ElSmNwKkA/afxb8WPh/4D+HUnxX8Yasul eF4reC6a6nilVvLuSohHk7POMjs6qsYTeWIXbu4rg/Af7UXwP+IuneJNS0PxCbJfB9uLvWItVtLn SZ7G2ZGdZ5Yr6KFxEVUkSAFeOueKx/2u/DEfiz4C69osng6+8bw+bZStp2kXZsdURYbmN/tNhIqS ZuLbHnRx4HmbdmecH80NT+HH7Q3xo+HHxq+HPgyTxR4m8Laj4XsRpOqeONIj0fxBLqdpqCXL6Ylz JFBNdwvBG6mSVQiysFBUEswB+lvgL9sL9nr4k3l1p/hbxLIbi3sJtURLzTr6xN1YW4JlubT7VBF9 pjQA58neRjOMYrG8Hftx/sw+Pr7T7Hwp4ve8/ta/sNMtJjpmoRW017qayNawieS3WIO5ikXDMNrq UbDcV8D6B4B1r4m+J/C+rWOk/FrU7rwdomuyO/jFLXTLPSLi501rX7FbQppUcl89xuCbIJEUKFfc fuj6X0v4C694x/4JzeFfhZDps+g+MtK8M6bf6dDNC1vdWev6eqXkG5JAHjkNym18gEBmBHUUAfVH jf8AaL+C/wAONX17QvG/ieHSbvwxpcGs6kJYpzHbWd1MbeAtKkbRmWWUbY4FYzP1VCCDXO+Ev2sv gN400DxV4i0fxDLDB4J0+TVtXgvdPvbK8ttPjjaY3X2S4gjnkiMallaNGB6D5iBX5neL/gh8cfi/ +z7q37QfiLwvrGm+PvFPjzSPFGo6DaRiDWofD/h8PY21nbQ3cbD7REhe5jR4yHJB2MTtbd/4Vtrv xAh+L3xA8PaX8TvEFwvwt1/QbXUfGiQ2lzd3N/DI66ZaaXFpsFxOVkXd5gl2iQ7FR9wagD9OPg5+ 0L8JPj9Dq118J9Zk1u20WSKO4nNndW0LGYMUaKS4ijWZTsYZjLAY5xlc/P3wo/bm+HPivT/iz4h+ IF6vhjRPh34guLCG5nsL+3STTUS3SB5GniG67lnkkH2ZAJguz91yGf6V+BGizeG/gh8PfD1xZPps 2m+HtKtpLaSMxSQPFaRo0bowBVlIIYEZB681+WPijwZ8S7fVPiFpdv8AD/XtXuPCHxqtviWbaOwk NtrWgiKCApYTsBDc3KnMogDbj5eOWG0AH6bfCj9or4SfGnUNS0XwHq8smr6Okct3p99ZXWm30UMv +rlNvexQyNE3Z1UryATniq/xT/aV+DnwZ8Q6b4R8f6zNa69rVtJdWFha2F7f3N3HG4jYQx2kMpdw zfcHzbQzY2qxHzv8P5NW+Nf7YNl8d9D8Ia34Y8LeGPB9zoc1/rlhNpVxqV5eXiTpbxW1yFlaG3VH ZpCoHmNtGRgnmfj38QLL4Z/t0/DbxTqXhrVPElrH4L1qKQaPYyajd2SyXlv/AKULeENKyDHlOUUk CQkjbmgD6R1j9r39nTQfhlpnxh1XxjFD4S1e/fSre7FtdO329I5pGtpIFhM8UoWCT5JEU5AX7zKD z+p/tv8A7Nulabo2pXHiK7lOt2UmpQ21vo+p3F5FYxStDJc3NrFbNNbxLIjDdKihsEruHNfFK/Cf 4ieI28M/EC98E6pp1h4w+Pth4uj0iazc3On6TDYTW4vtQhRW+zNLLGJJfMOE3JuOWxXvV3rmufs7 /tU/Fnx/4p8D+IvE+g/E2y0GXSNQ8PaXNq7RS6TatazafMkALwNI5EsZfEbbjlwQcAH1l4N+PPwk +IXiO08J+C/EcOralf6LF4htkhSUxz6XLMbdbiOYoInAlBR1Vi6Nw6qa81i/aI8IeLPin4K0LwN4 zsv7Iv7rxRp19aT6feCW/u9Bjh877JdtGsCR2juTJIzFJQcRMxVsfnq3wV+PXwF/Z6+Gvxn+Gvg2 7k+JHhy88SRP4bs0NzNb6R4sluHt7dlhDM/2Gc207LjCHzMkAE16f43/AGWvFnh2H4A/BvwXaXMi 6R4L8f6RqGsRRSPa22q6zpcCfaLicKyxm4u3kdN5yxyBkg0Aeq/ED9u/4eal4m+GvhT4J68mqXni rxppej3Lz6beJa3elzPJFeSWN1NFFBMY5Nil4ncKT0IINe3+LP2yf2cfBHjO+8C+I/Fot9Q0meK2 1GaOyvJ7DT55yFjivL6KFrW3Yk4IklXafvba+Ep9b8XeLvCH7MXwctvhB4p0vXfhn4q8LtrtxPo0 6adpkelRm1mlivFUxSxSk+YJI2ZBH80hU4z47efB/wAeeD9P+L/wd8XaX8VNU1LxX4g1i9stO8Mx 2a+G/EFpq0gaOabUZtPuVtpCpAuDK+YwqlQT8oAP3sVldQykEEZBHQivCvin+0r8HPgz4h03wj4/ 1ma117WraS6sLC1sL2/ubuONxGwhjtIZS7hm+4Pm2hmxtViE+FfjHSdL1sfs8jT9Tg1fwH4e0Waa 6uwsttcQTxtBGYboCI3Dh7d1kfyI1LKcAcqvyl8e/iBZfDP9un4beKdS8Nap4ktY/BetRSDR7GTU buyWS8t/9KFvCGlZBjynKKSBISRtzQB9B63+2d+zV4f8EaJ8RNS8ZIuh+I7m6srGVLO8klkvLNS0 1s0CQmWKdduBHKiOzFVUFmUHO139uD9mnw6ljJf+J7iT7bp0GrutvpOpXL2en3K74ri9SG2drRGU hh54Q7SGxt5r4p8FfCf4iaz8avAnxX1bwTqmkaJ4q+KWv+J00+4s3EumWLaKLa2u9QRVItZrmeEO VkPDFBnccV69Z6/rX7Ovxh+OaeM/hv4j8ZWfxKvrfV9GvdD0qbVItQi+wpbNptxJCrC3aJ0YKJtq bGLZx1APQfiV+2F4a+HHx18C6JqGrw3Xw/8AGXhW71a0m0+zn1O6vr0XEC2otFs1lkkV4XdsKhGB uJABNetXP7W/7PVt8ONN+Kx8WxzeHtYvDptoYLW6mvJr9c7rVbGOJrrz12ndGYgyjlgBg1+dHwv8 DePP2XvF/wCz9qvxC8A694itfCngXWbPU7nRdPn1b+xrvUdQFwiN9nV97RxuYCqFm2FnAKKzCjea F8c9Gnf4q2PhTW/BXhb4hfEHWteubiw8Pxav4q0HT5LCG2tbiKxkhne0lv5I5PtLLG0ka7c5yQQD 6w+LX7cfgS2+E8PxL+E+vQ+Ro/izRNG8QJqdjc2s+n2t5cKLnzra4SKWNvJ3Mj7SODjJBFd94g/a 9+HXif4P/FXxN8HtYM3inwF4Z1LWlsdT0+7sJ08m0lmtp2tr2KCSSB2QfMoKkEAkE1+Xep/Dv4qX f/C29bPw+8eeLbLV/F3w71WyTxDp7tq2tWOmtMl20hiiiijxtAKMsZgiaMShOa+n/ixbeMf2ivFX xO+KXgnwJ4i0fR9I+EniXwzGdV0q40/UNY1XU0aWKztrOVBPMkOw/MFwZW2rnqQD7w+Cnx08J/E/ w8LN9VjfxToGkaNfeIbcwy2yWj6tYreRuDKqo0TqWZWRnUYIJyCK6bSvjZ8Nda+ET/HbS9Ukn8EJ YXGpm+FndBjZ228yzC3MQuCoCMwxHll+ZQQQT+Vv7Qngn4m+BdL+Edz8ObZ9P1z40+DtP+Fuswyg wy2lxLFDJDdvEcOJLaD7YjsQCgABxxj9e/D3gjw14Z8Dab8OdMs0/sDS9Pi0uK2cBkNpDEIVjYdC CgwfWgDmb/40/DLTbDwRqdzrStbfEe4trbw+0UM0xvpLuE3ERVY0ZkQxAu0kgVEH32XIr5/8H/te fDPw98HvAniv4meNYPEeseMYLqSzk0LR9Rd9SFrM6SSW+nrC91HHGAFZpEVcjOeRXz3+yl8Fvipp fxyh8MfEvSbuDwb+zvaanpPg++uo5FTVDrdy7RXUUjAJJ9m05Utm2ltjMRnORXgHw20X43fD/wCH fwP0LxDonizwN4ftPCupQX2qeGfC66j4oTUpNVlddNmM9pcT2VvJDslQiMB3I3cYIAP2P+Ffxa+H 3xr8Iw+Ofhpqy6xo8sskBk8uSCSOeE7ZIpYZlSSORD1V1B5B6EGvRq/P/wD4J4+GPGXhTwB8SbPx voWu6Dd6h471jUrdPEMZW/uLO9itpIZ5ZQoimd+RK8RK+YHHGMV+gFABRRRQAUUUUAFFFFABRRRQ AUUUUAf/0P38ooooAKKKKACiiigAooooAKKKKACiiigArjPiP4uT4f8Aw88UePZIDdJ4b0u91Mwj IMgs4HmKDAJ+bZjpXZ1T1HTrHV9PutJ1SBLqyvYngnhkUMkkUilXRlPBVlJBHcUAfCXwaP7T2o6D 8Nfjd4p+KemarpPjW3t9Q1nw/fWdtp9ja2mo2rXEEel3MELXDTwFkBE8jCVQxLLgV8bz/tV/GjTL vwj8QdI+KOp+No7/AMU2Wm6pbWHhXyPBP2K9vvs5gs9WuLWCd5EUjZKJHLsD1UZP3j4R/Yf+HPhf V/Drah4n8R+J/DHg15pNB8N6xeRXWk6a8sbwgxp5CzSeTHIyQedK/lqeOcEcu3/BPn4fTeGtI8D3 nxA8Z3Hhfwxd217oWltqFr9m0ua1mE0bRD7JmbbhkUXBlCo7BQGw4APnPxB8S/2sdR+HXx7+Omkf FcaVZfCTxb4jsdJ0RdGsJYLuy0e6z5V5M0fmsDE3lJsKsNodmZjkfoV8YvH2v6J+zB43+KPhib+z dbsPB+pazZShUlFvdRafJcRNtkVkfY4BwylTjBBHFZTfsv8AgBvhl8S/hSb/AFP+yfipqesarqkv mw/aYZ9bbfcLbN5OxUU/6sOkhH8RavYL/wADeHtX8A3Pw01eFr3Qr3TH0i4jkbDTWkkJt3VmXby0 ZIJGOvGKAPkHxV8ZfiXYWP7MDaTqyfa/iNPAmsq8MG2+D6LJdkE+WfKUzhWJhCkdBxxXzl8C/j38 dbf4t+DfDHx68d6v4X8Ua7f3FpqfhjxJ4ahstHvCwfyk0HVLOJg7IQuwyzkS8jlsZ+mvCn7CPgHw /rngvWtb8b+LfFkfw8dl0Ky1i/t57O0tXt3tmtfJS1QPG0bKCzHzMRoocKGVr/hH9iDwB4U1nwrJ N4t8T654Z8CX6ap4f8OajfRS6Xpt5EHEMiBYEuH8jefJWSZgmSORQB8BaL+13+1J498LX3x08Cf8 Jfqd3JqkzaT4R0/wTLeeHbjTLe7MDW8urR27ztcNGjM0ySgJICm0DIX9E/224NR139jj4nXGm39x ojnw5d3UgEUbSPCkJkktpFmRtgkXMbkAOuTtKsAa5y6/YN+F091qelQ+JfEtr4D1rUv7WvPBsN/G ugS3RmFww8owmdIHlG94UmCE4wAAAPqzx/4E8P8AxJ8A6/8ADfxGjjRvEen3Gm3KwMI5FguYzE3l tghWAPynBAOOD0oA/KLwl8O/jDrX7T3g3wp4X+KV3oV9H8GdLnvtcGm2E99NC+r3TQW0cTRC2jCb 1XzBGXKRDJ3uz1zsv7Yfx+1nRPht8KLjV9Rg8SahqPii08Q+IPDXh4avqc9v4du2tYzZ6csckSNO cedJ5eIwNyqM4r9HvhP+zJ4b+FHivTvG8XifXfE2tab4aj8KpPq89vKW06G9lvYi/k28JMkbS+Wr Zx5aqCpYFjw2ofsQfDKbSdMi0LX9f8P+INB1vV9d0zX9Pu4YdTs7jXJWlvIEbyDE9tJnaY5I2ygw WJJJAD9j74lfGDxtZ+NPD3xY0/W5IvDeoxLo2t67oUvh+71XT7qMuvm2rRRRma3dWjkaJQrAodoJ y3nD3P7Snxc/aO+OHgfwf8V38EeHfh6dETR7aDStPu2a81HSoblhcvcQO7Wwk3MVB3sXIDqqBa+r vg38D/CvwVsdaTRb7UNc1fxLenUNW1fV51udQvrnYsatLIqRqFRFCoiIqIM7QMnPyEv7Kfirx5+0 18efG2r+JvFHgPRPFJ0C1tp9DvILeLWLKLSY4blHEkU7KYpVKLIojkXc4VsNQB5b4V+O/wC0h+0v rvwX0PwF43T4ax+NvBWpa1rUtvplrqGLzTL5LQyW63SkhZJBgAuV8pzwW2uNLwN8cvi34R8UW/ir XNcjuvA8Pxf8T+CNchTT7G2zFdSLBpN5JJBBGwMNyoWWQtmTzRvJwCPunwt+zj8NvBPjTwl4z8Jx XGmHwV4dm8MadYxOn2NbGeWKZmcMhlaXdEPn8znLFgzHNc7f/sn/AAy1T4XfEb4Sahc6jPo3xN1r Ude1CRpYftFtfajOlyzWjiEKghlRXh3pIVIG4vQB8i63+0d8UdZ+G3ib4twfEi08E+FvFPjoaH4X lfSxqV5/Yenb7aaTSrWC2mku72+uIpHRZw8aICRtHA+S/jP8V/i545+CP7RHwu8SeL/EGo6J4Y0v QdasJ/EWg22jatPbXl0YpbW4g8iM+QzhJY5RHHJ8mAdhIP60eIv2TPhzrHww8BfDLR7/AFPw0vwx e2m8P6rps0Ueo2k9tC0Hml3ieKQyqzGZWj2uTnA7cDL+wb8MNRh8enxR4p8T+Ir34l6PDpGuXeoX 0Es04tpvOguY9tsqxTRYVEVAIAigGIncxAPmn4jfHH45R/HXxD8B9K8aeL7ew+GulaZ9r1fw34Pg 8Qajqup6nCblJrxIrVre2gjTaqxxxp5pD/Nwdv3l+y14++JPxK+CHh/xR8X9AufDfi9vtFvqFtdW c1g7vbTPElwLedVeNZ41WUKRgbiBwBXnGpfsZaHd6zp/jDSviT4y0PxdFpsek6nrlhf20V7rVrEz GP7eGtWheWMMVjlSNHUY5JUEfRXws+GPhD4N+AtI+G/gW2a10bRozHEJHMkrs7GSSWVzy8kjszux 6sT0HFAH5C/sdfGbx/4k8Y6D+zd4b1OX4faRZ634r1m61Se0iln8RmDVpnfTdLa5ikgCRJKHuZMG UYKoF2s5k1P9qr9pjx5d/EPx78O7zxZDN4a1y/07w74d0jwVJq+h3sOmSiMpqGorA83nXJVg4jlT yCQR1IH3/J+xn8MB4F8PeCrLVNYsbjwn4iufE+k6xBPbrqlnfXd1JdTLHIbcxGFzI0bRvEwaPAbL ANWD4l/YZ+HHiDWPFTWPivxR4f8AC/jq7kv9e8M6ZqEcGkahdTYM8jIYWmj8/H74RSoHGBwBigDw 7W/2t/iX8MLf4w2XxBWYa3L4d0jxV4G0+5tY4rqMa6iWI0141ijZ2s9UdI28xWlKsd54wPpf42af 4t0n9h/4hab4+1T+2vEtt8PtYTU73y4ohcXo0qXz5FSFUjVTJnaFUADFeRfEb4Lz/GX9rH4YM/gC 50Lwf8Elnum1mcwxWmps0dtJp9nZRxuzvHbzoJHMiKEMRUD5gT9u/EHwVpXxJ8A+Jfh1rss0Gm+K dMvNKupLZlWdIL6F4JGiZ1dQ4VyVLKwBxkEcUAfmv8N9e/aB+BPhb9nDxL4s8ff8JZ4e+I9xovhq /wDD8mn2kEWnf2lYNLZSWVxAizH7MIQkpleQSjLfLwV0NQ/aN+MFv/wT/wDFfxtXxEE8aabrl5ZW 9+bW1+SGPxILCNPJMXknFufLyUJP3s7vmr6F+HX7GHgfwD4h8J6xe+LfE3i6w+H6MvhvStbvobiw 0p2j8kSRJFBE8jpGSkRldxEpwgGFI4rxL/wT2+GPiez1/wANXHjTxdZeDte1OTWT4dtdRgTTLfUJ pvtDyxI1s77fM+dYnd4wxLbc7SoBj/so+GvFGm/tP/tKajqfi671Wzi1yyhezltrSOOSWfT7aaKc vFCkgaCL9wihgjJ8zhpPmrX+KOsfHnxx+1//AMKK+HvxFk8BeFYvAtt4hupLbTbK9u2u21O5tMQv dRvs8xAm4ncAI8Kqsxavobwr8BtB8G/Gnxb8adC13VorjxtFAupaO00TaU9zbxxQx3SxGLzVmEcQ XIl24LfLyMdDH8JfDkfxqn+Oy3N3/b8/h+Lw20G+P7GLOG7kvFcJ5fmeb5khBPmbduBtzyQD83/h n8fP2ivjTefD/wCAyeM4/DniGaXxUfEPii00+2a6u7bw5f8A2GJbS2mR7aKWcsDKdhCgZQDpXm37 Qnir4z+I/hp8Tvgj4/8AGUt9qfwq8beDUi1qCxs4ZNVsdcuLeezFzEIjEk9ozByYggcqgddpbf8A edz+xN8N49M0xfDfiHX/AA74g0LWNX1rTtesLmCPUbaXXJTNeW4JtzDJbOSB5ckTHaB82ck3Lj9i /wCGF78KPFPwvv8AV9cu7nxnqEGr6r4hmvEfW7jUbSWOW3uPPMXlKYTEioiwiNVGAvJNAHofxml+ MnhL9nrX2+Esp8T/ABG0vSFSynuYoFkvLuNVWW4MKCODzmXfIsaqsZkwoXadtfnP4f8Aiz468feC vi98NtX+LOutqC+B7+/fRvFfhm30XxLZXEAJuGiCW62k1nNHuicAySRlgUZcBj+m/iv4O+G/H/we uPgt8QLu98R6Ve6fFYXV5dSIL+4aELsuXkiREFwJEWXeqAbxnb2ryTwp+yF4R0jXtT8U+N/F3iT4 h6vf6JdeHYrjX7yGVrPS7z/XxQC2ggAeQAb5XDOccEZIIB+eXh/40fGDwb4R+AP7P3hzxV4kSz1H 4d6b4r1DU9A8Nw65rCWc0cVvaadbW8Vs8ccEGCGuJI3kI2Bn3H5/YI/2kPjtbfAOd/iH4iufhzrd t4yTQ7XxBrXhi5t9Y1rRnTzYptP0T7NIsmoSDMZQRGFdjMcdvoG1/YW8G6ZoHg6x0Xx/4u07xB4B hlsdG8QQXtqupwaXIqKumyH7L5E1pGEXYkkRKnOGAJFblx+xN8Lv+EJ03wzpesa7p2t6Vr0viiLx NHdxvrj6zOrJLdTTywvFJvRtrIYthUAbRjNAH5pfEn4z/EvxX8Kfjn8KvGmua54i0fQ28D6ppN14 m0WPQtXRLzX7ZJUkgjjh3xEoGjd41bGe2K/Vj9srxVrfgf8AZc+JPi3w5JFFqel6TLNbvNbw3UYc MoBaG4SSJxz0dGHtXmN3+wN8NNWPi268ReMfFetaj46ttLt9Yvby+tZZ7h9Hv47+2mGbTZEwaJYS karEIhhYw58yvqH4u/DHQPjP8NPEPws8UXFza6T4ltWtLmWzdEuEjYgkxtIkiBuP4kYe1AHw/wDs 16B4sP7afx31u+8XXd1appvhCaeyNrZpDOL2zunt0ZkhWRVswGWPYylwxMpcgEeofFu5Xxb+2T8F Ph1fMW0zw/puu+LXt2/1U97AsVjZOQerQefM646Ehu1es6H+z34d8M/Gm8+Nug69rFlf6tptppup aYk8R02/XT42itZp4jCZPNiR22lJFXP8PLZ4/wCPXgDxEnxQ+Fvx98E6fJq2peCb6fTNTsoRmW40 TXAlvcyIOrPaSCO4C91WTvgEA/PbU/2qv2mPHl38Q/Hvw7vPFkM3hrXL/TvDvh3SPBUmr6Hew6ZK IymoaisDzedclWDiOVPIJBHUgfph8VfjTqvw7/Zj1z47PokltquneHf7WXS7tXR4buSBXS3uFIV1 8uRgsgIVgAehrzDxL+wz8OPEGseKmsfFfijw/wCF/HV3Jf694Z0zUI4NI1C6mwZ5GQwtNH5+P3wi lQOMDgDFeo+Nfg6i6B49uNBF14li1/w5/ZFr4R1C9EPh4LbwPHHDBEiA2xuAwjlkDHAwQBigD5Fl 1z9qj4YePP2f5vFnxWPijSvidqkdtr1g+l6bAkEzWElyIbOSGESfZyQQSSXzGhDjeyn9Pq/Gr4Rf s5/ELWvjV8ItWl8M+PdA0f4ZzT3V8fG2uWmoWNgFtWii0/RI7WRzPG0jrmeQAiKJV3cBK+9/FnwU 8cwfD3RvBXgPx54gnvoPFFlq1zqupas32z7AL0XF3atJFDmWDyC0MVv8g5QM+1TkAuftZ+J/iZ4C +COsfEj4VXRi1XwbLbazdWwhimF/pdlKHv7VvNR9ge23sHTa4Kjawya+Nvjz+0d478YaR8bfFfwl 1yEeAPh34IsHiL2VpeQX2u6xsvY5T9phlDpb2TIGiPy75fmBIAH6pXtlaalZz6dfwrcW11G0Usbj cjxuNrKwPUEHBFfJfhP9ij4P+Cv2dPEf7MugXOqReGPFLXL3t208LaizXOwZWUw+X+7jjSNMxHCK AcnJIB8ofHL45/E9fGfirQfCHxV1TTrrw5pFhcWGh+DPC412aC4e08+SXXLmezeCBXb7sSTIFi+Z uev35+zT8Q9b+LPwA+H/AMSfEwjGr+ItGtLu78ldkZneMeYyrztDNkgds4ryzX/2MPBOseJPEmsa X4w8T+HNM8apAviHSNLvobey1QwQLbZlP2dp4jJEu2UwSxl8npXtvw0+EmlfCj4Q6T8HPCmsaiLD Q7BtPs7+drd7+JDuCSbhAsBkj3fJmEr8o3K3OQD8aPj3P4S8LftJ+KfhT4b12/0v4AeLdc0h/ia1 jD/oGma1eeaRarcq48iK/KRC/Kj5M4LD/V19vfG34WeIJPj54R8d/s83PhLVvFvgTwy2nv4N11jH FHo884MN3Y+QGNtKHj8lXKBCo27hjB+hvBv7Lnwj8G/BTU/gKLGbWfDuvi7bVptSkE99qVxendNd XU6qm+4ZsESAKVKrtxtGPN779iLwTNovg6PS/HHi3SPFPgXT20jT/E9pqEMWsSaZvLpZXTrbiC4g jJAVXh3AAfNkkkA+dPC118L/ABHon7R3gL4m+Gm/Z58beJNFtv8AhKGk1GK60j7LdwS2VrqVpJGY oNrMxWZQsZdiFdmYkjivGVh40+DXw28IeHP2rPhFoWs/DbwNeaS1v4y8E3xtZ9Le2ljjtLySzkSO cbn2ee0T7OTwcqK+8fBH7JXww8L6F4z0rxPc6p4/vfiHAlpr+peI7s3d7e2saMkcG+NYliijDtsW JUKk5zkKR5zp37B/gtY9M0DxT8RPG3i3wXo00E9t4Z1bV0m0vNqweCOYJBHNNFEyqY43lKjaMgji gC/rtyvgn9vXwo2nOY4fid4N1G1v4U+7Jc6BcRT2tw4H8SxXM0QY9VIHYV9r18peHvAHiLxd+1fr /wAaPE+nyafo3gzR08MeHVmGGvJLtkvNQv1HUID5dtGf4tsh6bSfq2gAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiivz9v9f/AGgvjj8Vvi3ovwx+IqfDvSvhdPa6XptuNOtbtdQ1KSzW 7lm1F7qKR1twZRGqw7SVBfO4AEA+3bLxj4W1HxRqfgmx1OCfXdGht7i8slbM0EN1u8l3XsJNjbT3 wa6WvyY0Lwn8dPiP+1x8QovDHxHt/AepjwZ4Um1e+0Szt9Uhub7ZciNbZr6MgWvmeax+QOw2ruX5 s87ZftTfFHx98LPg9d658SJPCOseJNL1STVLTwroD654k1S70+9ksFkt7QWlzBbWrGJneQhCZDsQ AA7QD9ZNZ8Y+FvD2saJ4e1vU4LLUvEk0tvptvK22S6lhjM0iRD+IrGpYj0FHhPxj4W8d6OPEPg7U 4NX01pp7cXFu2+PzbaRoZkz6pIjKw7EGvx7+FPxb+IHxb8e/AiX4lXk+o6x4S+JnjDw+Lq8sk029 ngstGkaJru0iwkNwBJtkRRwRg5OSeE8C/Hr4ieCvh78M/gv8PLvV9FXxZrnjnUdU1LQNEOv6tHaW OsXISGzszHKmZHf95KyN5a4Yc8EA/eSivxtuf2hP2t5PDOieCLa/1fw9qeofErRvDem+J/EfhcaZ calomsWN5IxlsLiGOJp7SWEbmhCB9qZ2hm3dj41/aD+O/wCzRH8dPC3ibxUPiVeeENB0HV9Avr+x trKaK41y7bTzHcLZpFFJFHMVlGQpCgqWxyAD9YaK/K/4i+P/ANpT9l74q/D5PG3xMl+InhfXNF8W atqtlNpmn2UrXfh/Rpb7yoJLaBZFgd9pQDLqVwzMG215d8Jf2k/2p9Wl+GvxDlk8Y+MR4x1Cw/tz RW8DS2nh+z0nUus+n6lFb+a32RXVhI8zpMuSTgAkA/aGiivyW/aS+NP7QXw7+L/jGTxF4w1z4aeD dPWybwxqdp4ah1rwxOhhVrg6xdJDPdxO029CqhNiDcufvMAfrTRX5523jD41/tF/Gnxt4G+HfxMX 4f8Ahz4d6XoMi3ekWFnqLatqGu2f25LjffJKBZxxlQiIFMmSS/p4P8Nfj1+0/wDtC+Mvhv8ADqz8 Zx+AbnUND8RjxHc2GnWl35t3oOprY/abP7VG4RpSFB+9GoaTau4IygH7CV5/efDLwnffE3Tfi7cQ SHxJpWmXOkQSiVhGLS6ljmkUx/dLF41IY8jpX5S6T8Z/2ttJ+Cmq/tB+KviXDfQ/DzxhH4Yn0eDR 7KKDW7OHWIdNuLm6l2GSK4lMx2+R5aIsYIUs7Gn+Nv2m/wBoTxv8RPi23w91XxZo9v8ADzWL3QtC 0vw94MbX9Pvr3TVHmNql75ErL9okO3y42jMcbK4ycFgD9l6K8L034sa7bfs3L8bPGPh6fRtZsvDD 65qGjzxyQTQXNvaG4ntikiiRcOrKNy7sY4zXzN8NtV/actPA/gT9ojxZ8TbDXtH8S6emsa14aubG 2sraGzvLJ7uCDSJ4IWuHuYSUULNIwmAYllwKAP0Nor8jJfi7+1F4Y/Z08Ofts6t4/j1ey1O502/1 Dwamm2aaamj6peR2yW9tcLH9s+0xLMjeY0rZbKlGAwc7xB8S/wBrHUfh18e/jppHxXGlWXwk8W+I 7HSdEXRrCWC7stHus+VeTNH5rAxN5SbCrDaHZmY5AB+uNvrWj3Wq3mhWt9BNqWnxwy3NqkqtPBHc bxC8kYO5Fk8t9hYANtbGcGs3WvGPhbw7q+iaDrmpwWWo+I5pLbToJW2vdTRRtM6RD+JljUsR6Cvy c0vWPiP4d+Kf7YHxk0Hxpd217pHgXSdct7Y2li8Qnm0W/urEMWgLEWBTbH/z1BPn+YcV3Pg7xD+0 FoniL9m/XPid8Qo/F7/FW/N5cWj6Lp1vHpsb6JPdG3tZkiMwG8oDIGVjsPOHYEA/RDwHffDfxfaP 8VPh49jqUPiqKHfq1mFY3sVoXjiDSgZdYiXCgnCktjqaS8+GXhO++Jum/F24gkPiTStMudIglErC MWl1LHNIpj+6WLxqQx5HSvxq/Z+179oH4F/sNfD/APaLs/H32vw5o13axS+EH0+0NpNo95q32FlS 6VPtQuy0vnK/mbRxHsOCD9vaV8a/iRN4C/at1y61oG7+Gmo67DoMhgtx9hhs9HiuoRjywsuyZmfM ocnoSV4oA+z9c8beD/DMepya/rNpY/2NYS6rerLMivb2EIYyXMiZ3LEu1svjHBGc1saTquna7pdn rej3CXdhqEMdxbzRncksMqh0dT3DKQQfSvxLtNZ+KU/jj4h/Ga68cXFxqo+Adh4ingl07TXtriaf T7xkhkja2KmKO6BuQAPnYmN90P7uvpTwf45+N/x18aeHvhP4Q8dP8O9M8N+AvDuvapfafp1jPe6j qOsRExpGlzC8ENtGIyzCOMZY7BhcYAP0wor8efD3x7/al+JvjX4a/BG18aweFde/t/x54Y8Sa1a6 XaXAvj4WWzkhvLeCdXSKV1lKEKfLDMzFDtVF+x/2UfG3xK1XUfin8M/ih4h/4S3UPhz4j/sy11d7 aG0nurKe0huoRPHbqsXmR+YVLKo3cZGeSAfVlvrWj3Wq3mhWt9BNqWnxwy3NqkqtPBHcbxC8kYO5 Fk8t9hYANtbGcGtOvxo8d+N/iJ8A/jd+1z8Y9B8SzapdaFYeDlt9Oura0FpLNrPnWtj57pEsoi08 y5XY6mRc+cznBH0nFrP7QfwD+NXwn8LePviJJ8TdA+J817peoJdabZWMmn6jb2huo57L7HHGxgfY yvHLv2KN27JoA+jda+EfwqtvjLpXxv8AFd9M/iVR/Z2jxX+ov9ht7i4iMTmxtJHES3M0SlWKKWZc +5r1Lw14x8LeMk1KTwtqcGqLo9/c6XeGBt3kX1o2yeB/R424Ydq+Ff24fDXijX/iH+zyvh7xdd+G jN40W2jNtbWk5iuHsbp1ul+0wyguiqyBGzGQ5LKWCkfKOiyftB+CPhx+0x8cPhr8R/8AhHdP8D/E TxffW+hHTLS6ttQNtdiS5+1zzI0wEiHYixMm3buzlsqAft7RX5I/E39pz4t+N/jrrnw68Gav4p8I aB4Q0XRryR/CXhT/AISe7utQ1m1F4humeCdILeJCqqgCmUh/n4+T7r/Za8ffEn4lfBDw/wCKPi/o Fz4b8Xt9ot9QtrqzmsHd7aZ4kuBbzqrxrPGqyhSMDcQOAKAPoOivxu8DfGL9qjRP2UfCn7ZfjP4m /wDCRK95Y/2j4bOlWENnc6Xc6kmmkJNBCk63mXEodWCZ/d+WQOeu1/4z/tGaPq37Qvxifx5nwd8F dVvrXT/Da6XZsuoEWEckcVzdhBMkMUssb7lPmEeYC+Cu0A/WOivy/wDE3xA/aO/Zrh+FfxN+IfxB f4k6J481G30nXNIOm2VolpcahaSXMMumyW0aS7IWiKsspk3p8x2k5XjJfi7+1F4Y/Z08Ofts6t4/ j1ey1O502/1Dwamm2aaamj6peR2yW9tcLH9s+0xLMjeY0rZbKlGAwQD9I5vjV8KYPifB8Fn8UWR8 c3ELTrpCybroRrGZizKoOz92N4DEEryBgivUK/OL9lrwZ4p079rj9pDWtV8ZXerpbappFvPBNZ2M YujNpkMtu7yRQJIv2aM+TGqMqsvzSBn+av0doAKKKKACiiigAooooA//0f38ooooAKKKKACiiigA ooooAKKK+KviD+1PrHhH4h3nhuw0aCfS9Lm8icylxcSlcbyhBCoM5C5Vs9e+BpTpSm7ROTGY6nQi pVHZM+1aKht50ubeK5jBCyqrjIwcMMjIqaszrCoLm5gs7aW7unEUMCNI7twFVRkk+wFT1zPjX/kT de/68Lr/ANFNQBT8IfEPwP8AEDwlB488E65aa34euVleO+tZRLAwhZlk+Yf3GUhh2INaXhTxX4b8 c+HbDxd4Q1GHVtG1SITWt3btvimjPAZG7jivxA/ZU1XUv2TvhP4C1zVrqST4R/HLRVSeWVi0eheK 2hZEZmP3bfUEQKSeFkXkog59K/Zg8WfFjx14O+B/7N/w58XP8P8ATrX4djxVquq2tpbXl9cq9+9j BaW4u0kiiVWVpJH2MxG1RjPIB+ytFfJf7KPxJ+I3i63+IXgH4q3sWteIPhp4luNCOrwwJbDUrURR 3FvcSQxfuo5jHKBIkeFBxxzXxt8ZPjv+0F8O/i34uk8f+NtW+GOkWWswx+G5pvDUOpeC7zSSYgBf 6jBFLdx3E2X8z54xESMEAnaAfr7RX4yeMP2oP2gPH/j74r3Xw31jxVpdn4B1a70TQNO8OeDT4h02 /u9ORS76lf8AkSsBcSHASJozHGyyDJwW9bi+IP7UPxv+O/g/4faH4uufg9ZXfw20nxdrNg2jW11e QarLqE9tPahb+PzI1bADb84EQwoLsSAfqBRX5X6R+0d8atW8FeGPgMdfEfxtm8f3HhHVdSS0tg40 3Sn/ALQu9UjtWiMAWTTTEF/d7S0mVwRkeA6L+13+1J498LX3x08Cf8Jfqd3JqkzaT4R0/wAEy3nh 240y3uzA1vLq0du87XDRozNMkoCSAptAyFAP3Oor8+PBXiL9oH4rftcfEvRLL4hS+GPh/wDDW78N TR6INJs5Zr1dU0uC7ubWeeWPzokDb+QS4aQ4YBFA9E+PXjb4l6r8Z/h3+z38M/En/CFt4qstW1fV dZjtYbu7js9NESJb2iXKvAJJpJvndkYoq5Uc0AfYdFfm34p8ZftO6F4q+Hn7M938Q9MbxH431rXc +LbKzglvodC0a1juhHNZPEtrFqEvmhCVRowg3hc9PH/id8ef2n/hPq3jD4F2vjSLWvEGja94NGi+ JLvTrQSzaf4juGgltr+3iRYCY5EKh41jkdMsCpwQAfr/ADTQ20MlxcSLFFEpd3chVVVGSSTwAB1N VtL1TTdb0201rRruK/0+/hjuLa4gdZYZoZVDxyRupKsjqQVYEgggjivy28fX/wAefDGu/Fz9nfxl 8UbnxbZX/wAL73xXaarLpen2l5aTQXD2tzaqkMQhaGdMj5lLIGwjBlDHgvhVcftJ3tn+zx8Cvh98 W5/DumeIPhnD4gubyTR9Nu5raOFLMW0ECtCgKxCRYQzli0ZYvukw4AP1KX4xfC5/L2eJ7E+drz+G E/ej5tbj3b7Ef9NxsbK+xr0qvxG+I+vfFDx94O0HS9N1u3tfEmm/tKXWi6bqRsLSMW0dtHexRzyQ QxxRzyRqS5MgLSEYZjXofxr+OX7Q37Ok3xG+Fl14+fxVfWGjeGfEuia9c6fYxXtrb6h4hg0i9s7i OKEW0odWZo3MQZVY8kgFQD9cZpobaGS4uJFiiiUu7uQqqqjJJJ4AA6muRHxF8CPqXhrSItes5bvx jbzXejJHMsn9oW9vGk0ktuykrIixyI+5TjawI4NfDn7Yfjj4gN42vPhD4d8SyaHoetfDfxZqt3HD bWs0jz2Hk+Wd08UjKHjaSI4IGHJHzqrDwrw38UPG3wH+Gf7L+oXOrN4n04/DfxN4gngubKyWbydK 8P2V5aWUE0cAljSEExhlYPKMec0hAoA/YuivywX4g/tPfDLwB8JP2ivFnxEXxhYeP9U0GDW/Df8A ZlnbWNrZ+IioiOnTQoLoy2pkRRvkfzeWbpXmD/GD9rO0/Z08Q/tX3PxTEsHhPxHdWkPh3+xrBbW+ 06DWvsDpdTrGJhIVbCNEUwqLnLs0hAP2Tv7+x0qxuNT1S5js7O0jaWaaZxHFFGgyzu7EBVUDJJOA KfaXdrf2sN9YzJcW1yiyRSxsHR0cZVlYcEEHII4Ir5W/bp0/UdR/ZF+K0em6nLpTw6BfTSPFHFIZ oYomaSBhKrgLKoKMy4cA5Vg2DXz14c1f436/4s+Gf7Lvhf4k3WgRWXgGLxbq/iJdOsJdTvI7i6+y 2ljBG8H2aJIBw0giLsqpk7mZmAP02rh9e+Jfw+8MaJq3iPXvEVjZ6ZoN1FY6hcNOhS0up2iWOCYq T5cjGeLCNg/OpxhhXgf7KPxJ+I3i63+IXgH4q3sWteIPhp4luNCOrwwJbDUrURR3FvcSQxfuo5jH KBIkeFBxxzX5geM/DXjXSP2WP2uLufxdc65JH8ToLSO3ura0iikvo9T0Vzeu0EUbh5AyoyBhEFQF UDFiQD986K/K74i/Gb4/fsleNtWtPHvjj/haWm6h4G1rxDbRXWm2unm11bSXhAWM2aIfssnnAFXL soGd2cluW+Cnx5/adl8afDHUNWm8aeN9O8Z3EMHiW01HwPJpOk6XHexbo7vT7+K2Q+TbSbVYzO4l jJf5TyAD9PfiN8Ufh58ItATxT8TfEFp4b0iSdLZbq9kEcRmkDMqbj/EQrED2Nct8Of2ifgT8XdQl 0j4ZePNG8SahChke1s7yOS4EY6v5Wd5UdyBgd6+e/wBu6GK40j4IQToskUnxY8HqysAVZTcSAgg8 EEdRXK/tweFfCPg5fhL8UfCel22l+PNO8eaDZaZc2kaW9zcx38xiurN2QBpIpod29DkYHpnIB9A+ Iv2xP2XfCXiG/wDCfib4m6Hpmr6VO9rdW090qSQzRNtdHB6FSMGve9A8Q6D4r0a08R+F9SttX0rU EEttd2kyT280Z6NHJGWVh7gmvyV+CPiz4maN4y/aD0nwX8CT8UrK4+JviBnv21TSrGGOVorVTbOl 83mkKoVyyoy4fAyQRUnwl8HftAfCqX4efskaZ4itfh3qnjA+JPGWs3Ol28F9/ZVkblPJ0nTftKPB kNLmRzG2znZkDLAH6mePfiH4I+F3hqfxj8Q9atvD+iWrRpLeXb+XCjSsEQFj3ZiAPevOPAP7UX7O 3xR16Pwt8PviLomuazMGaKzt72M3EoQFm8uMkM+0Ak7QcAEnivzD/aJ+I3xVn+Dvxe+C3xMu18ba 18LfGXgwWWprBBZS6rZ6tcQXltFPHGFt1nQDY7KEUgqSo5Le7eM/AHx0/aI8ffC433wRtfhJp/gb xRYeIrvXrrVNNvL1oLAlmsraPTy7/wCkEgMXYJ8oyDgUAfp/RXx1+2T42+LHhLRfhho/wd8RReF9 Z8aeONM8Pz3s1rDeIlneWt40h8qdWUsrRo64KksoXdtLA/NPxg+NPx8/Z+tPjL8M7rxzJ4q1PQvA 9v4x8Pa9c2FlFe2Ze9axmtriOGBbWX513xMYQdpIO7GQAfq3RX5irqH7Uq/EHwF+z/qHxecat440 6+8U6rrkWjWEU2n2dslvGNM06JkeJgZ5WJmmV3WPbjkHdwt3+0P+0hpXxE1D9kGTxTBL4yHi/T9H t/Gsmn2/mLouoaZJqu9rNVFq19HHH5Y+QI24EoD8xAP1c8QeIND8KaHf+JvE1/Bpek6XC9xdXVzI sUMMMY3O7u2AqgDkmuf+HfxJ8C/FnwtB41+HGswa9od08kcV3bkmN3hYo4BYA/KwIPFfjr+2Hr3x w8N+B/jL+zl428f3PifTLDwlYeMLDVnsLGC8nsmv/wCz7jTL3yYVjKNMVmSWNI5fk27mUsB+x/w8 8Pan4T8FaR4d1jWpfEN3YwiNr6eC3tpJhklcw2kcUKBFIQBEUYUZ5ySAdnRRRQAUUUUAFFFFABRR RQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFfJXxM/ZB8JfELxb4i8Y aT4v8SeCJ/GttDZ+I4NAvIbe31eGCMxIZ1mgmKSCI+X5kRRimQeua+taKAPEPhz+z98P/hV4y1Tx l4MW4s21PR9I0MWW9DZ29noqSJbCFQgkDbZCHLSNnAwBznxHSv2FPAPhS18MP8PfGnijwjrHhfT7 7SY9V0+6sxeXWm6hfSajLbXHm2kkLKs8rNGViVk4OSRmvt2igD46+Hf7Efwr+GWsaFrOg6zr11J4 f8R6j4pgW+vIrnfqGqWIsLnzpHg86RHRfM5k3eYSdxU7aguv2IPhkPCvhrRPD+v6/oGteDdS1XVN H8QWF3DFqtpLrU7z3kO/yPJeCQybDG8RygAJJyT9mV86ePv2sPgP8MfGN38P/GOv3MGv2EMFxcWt rpOp35iiuQTEzPaWsyDeFOBuzwaAOU0f9jT4ZaXBo8txq2t6prOm+LbTxpc6te3UU1/qWq2UEltC LuQw7TbrHIQIokjC4G0rzlfjj+z3pHiGy+J3j7RtAPjbxJ4z8N22hy6BfXiWmn3cFjLJNGkcwQSQ TsZW2ymTarhCNmC1fRXgfxt4b+I3hax8Z+EZ5bnSdSDmCSa2ntJGEcjRtmG5SKVMMpHzIMjkcEE9 XQB+QXwa/Zw8XeK/2hPBHjXxD4e8c2/hfwPpWs2V+3xF1a01KSY6laGyXT9PhtXdTAqu7STuAZQF BJwoP1V4N/Yc+HXhDUvDkcvizxRr3hbwbfrqeheGtT1CO40nTrqLd5LIohWaRYN2YVllcJ75NfUw 8d+FD47b4ZC/H/CSrpo1c2nlyZ+wtMbcS+Zt8v8A1oK7d27vjHNdbQB418K/Bnjfwv4i+Ieq+Ltb udTsfEWvNe6PbXF494LGwFtDH5SbkjWFWmWV1hQEIpUF2bca8l+Iv7G3g7x94k8V65Z+MfE3hOx8 foqeJNK0a8ghsNVCwi3JlSW3leNpIlCStE6F1znkk19f0UAfJfiT9j/wReeILbxP8OvE/iH4Y36a TaaFct4avIoFvdNsE8u1jnW5huAZII/kimXbKqnG48Y6X4e/ssfCz4W+JPCPiPwSt5YnwXoV5oFl bGZZIJIL+5S7uJ596GV7h5kLl/MCks2V5GPYde8d+FPDHiDw54V1y/Frqni64ntdLh8uR/tE1tbv dSqGRSqbYY3bLlQcYBJIFddQB8vXn7Jfw5vfg/4j+Ckuo6qND8T68/iG5mWaD7Wl3JqUeqFI3MBQ RedGFAaNm2ZG7dhhzXjf9izwN4t8V+KvEmj+L/FHg6z8fD/ipNK0O/it9P1VzH5TySRyQSvHJKmF laF0LjOeWYn7GooA5jTPBnhbR/B1t8PtP0yGLw7aWK6bHY7d0Is0j8kQlTnK7PlOc5HWvlzwT+xN 8P8Awbr3hm8uPFPiTxJ4d8DyyT+HvDur3kN1pOlyujxI0aeQs0nkRyMkHnSv5YPHOCPsquS8D+Ov CnxI8OReLfBV+NS0mea6t0nEckQMtlcSWs67ZVRvkmidM4wcZBIIJAPlXR/2FvhppMum6KfE/iW9 8BaJqK6rYeD7i/jfQ7e5SUzRqEEIuXgjlO9IZJ2QMMkEcV6Q37L/AIAb4ZfEv4Um/wBT/sn4qanr Gq6pL5sP2mGfW233C2zeTsVFP+rDpIR/EWr6PrzjUPi78OdI1HXdL1bW4rG48Nz6dbX32hJIkjn1 YqLKNZHUJK0xYKojZjuIU4PFAHiWt/se+BNY8Q+K9cg8Sa/pkHjjwuPCmtWNrc24tb21js5bGC4d JLdyLmGKZvLYMEDclCNwb0K6+AHg27m+Fc8l5fhvhCc6TiSLE/8AoLWH+lfuvn/dMW/d+X8/PT5a 9E8L+O/CnjO88QWHhm/F7P4W1F9J1JRHIn2e9SKKdosuqhsRzRtuTcvzYzkECbRPGfhvxFrev+HN HujPqHhieG11CMxSxiGaeBLiNQ7qqyZikVsxlgM4JDAgAHxt4G/4J9/DLwRpnhvwiPGfizXPBHhe 9i1O28Nalf28ulvfQyGVJZkitopHUSnzfJ3iEyfMU5IPRfED9iLwF4/8S+M9Z/4TDxT4e0r4iBW8 Q6LpOoRW+nahMkIg811eCSVWZABIEkCyYAYFcg/Z9eZah8ZPhjpdwlpdeIIDK+vw+F9sQebbrVxE s0dm5iVgkhjdWJbCrnDEHigDwPWv2Jvh5q1zaS2vibxFpUUfgk+AbyG0urYRajpAtZrWNrpZLZwZ 4hM0iOgRd4UlCoKnZ8Q/si+EdQvfDGveD/FniLwP4i8MaHb+G11bRbm3jub3SrYARwXizW8sEhUg uriJWVzkcAAfWFFAHzF4K/ZK+Fnw/wBZ+H2u+G5dSjuvh0Nbe2aa5WdtQufEKxi+ub+SSMyTTOYw wZWQAkjBXao9M8B/CXw58PPFXjjxfotzdzXnj/UotUv0uHjaKKaK3jtlWAJGhVNkYJDs53Z5xgD1 GigD5a8bfsjfDbx/8QPF3jjxDf6q9p4+0mHSNf0VLiNdL1CO1R0tZ5E8ozLPbhyYnjlXawDAZzln w8/ZR8N+CvGuh+P/ABH4y8TfEDVvCdtPaaEfEV7DcR6XFcoIpWhWCCDdM8Y8tpZd7leM96+qKKAP D/jn8CNA+O+kaDYarreq+Gr/AMMapFrGm6los8cF5bXUUckQKtNFMhUpKwIKHtXPJ+y94CX4X/En 4TtqOqPpXxS1LWNU1Scywfaop9bbdcC2YQBERT/qw6OR3LV9I1gf8JV4c/4Sn/hCBqMJ1/7F/aJs g4M4s/M8kTFOoQyZUE9SCBnBwAfNfi/9kLwlr/iuz8d+E/F/iXwD4hi0u30W9vPD97DbvqVjarth W7SWCaNpI1yElRVdc8HAUD3P4WfDHwh8G/AWkfDfwLbNa6No0ZjiEjmSV2djJJLK55eSR2Z3Y9WJ 6Diu8mljt4XnlO1I1LMeuABkniua8EeNfDHxG8I6T478GXo1LQtct0urO5CPEJYZBlW2SqrrkdmU H2oA/N79kr9h+XTfgj8PLH4z6x4mjGi3B1W48GXd5A2jRalDdSSRO8SRGVkB2TeSZzF5hLFSSRX2 1o37Pnw90uy+JelXkdxrGnfFe/ub/WrW9dGiLXVtHaSxQ+WkbLGY4xjLM4YkhumPcK5fT/GfhvVP FmseCLG6MmtaDBaXN7AYpVEUV95nkMJGURvv8l+EZiuPmAyMgHzT4I/Y18FeFNf8Nav4g8XeJvHF j4IDjw9pevXsNzYaZuj8kMiRQRNM8cZMcbTvIUQ4HPNY2j/sLfDTSZdN0U+J/Et74C0TUV1Ww8H3 F/G+h29ykpmjUIIRcvBHKd6QyTsgYZII4r7XooA8v8F/CXw54F8deO/iDpFzdy6j8QruzvL+Od42 hiksbVLSMQKsasqlEBbezktkggcV6hRRQAUUUUAFFFFABRRRQB//0v38ooooAKKKKACiiigAoooo AK821v4QfDfxH4jTxZrWhw3OqIVJkLOFcpwpkjVgjkAY+ZTxwelek0U4ya2M6lKE1aav6hRRRSNA qjqmnw6tpl3pVyWWK9hkhcoQGCyKVJBIIzg8cGr1YviTxHoXhDQNQ8U+J76LTdI0mCS5u7qZtsUM MS7ndz2VQMk0AeJxfsx/DFv2c4v2XtVjudW8HQ6YNLDXbxtebEO6ObzEjRBNG+HRhGAGUHb2rzxf 2KPh/pXh3wHpvgnxR4i8J658OtOk0jTde066t01KXT5m3vbXYe2e3niL4cKYRtYbl2nOdr/hur9j /wD6K34f/wDAtf8ACvqHTNTsNa0201jSp0urK/hjngmjOUkilUOjqe4ZSCPagDzT4OfBnwj8EPC9 14a8JyXl6+p31xqmo6hqM5ub/UdQuiPOubmXChpGCqOFUAKAAK8I8bfsQ+APGmr+KG/4S3xNovhf xzfHUdf8N6dfQw6VqN0+zzXcNA88fn+WPO8qZN/qK+q18Y+Fm8YP8P11OA+I47BdUaw3fvxYvK0C z7f7hkUpn1GK6WgD4y8WfsRfD3X/ABD4k1bw34q8TeCNM8axrHr+jaDfRW2m6ltiEJZ4pIJGieSM BJGhdC65B5JJ9i8L/ALwD4L+JFp8S/DKXFhc6f4WtPB9tYI6fYYdMsrh7mHamzzPNDOVLGQqVA+X OWPtdFAHz/Yfs0/DPTf2idR/adt4rn/hMNU0tdLlRnQ2aqPLU3CR7N4uGjiSJn8zHlrjaDknyG6/ YN+F091qelQ+JfEtr4D1rUv7WvPBsN/GugS3RmFww8owmdIHlG94UmCE4wAAAPt6igDyzwd8IvDP gf4hePPiTo890+pfEKXTZb+GVozbQnS7RbKEW6rGrKDGoLh2fLcjaOK574yfAPw58Yr3w74il1jV PCninwlJPJpOt6LNHDe2wukEc8X76OWKSGZQodHjIOBjFew6jrWj6O1omrX0Fk2oTrbWwnlWMzzu CVijDEb3YAkKMk4PHFadAHxqP2IfhfH4RsNGttc1+38UadrVx4ji8Wx3kY8QHVrtBHPO8/kmJ1li AieIwmMxqBtyAatWv7Fnw2/s28Gua7r2u6/q2vaP4h1LXb66hk1G9utCcPZQyEQCFLaPlRFHEmFY gMDyPsCigDxXxJ8BvBXiv4k6l8TtZlvJL/VvCtx4PuLZZEW1bTbq4+0SMAE8wTFjtDCTaF/hzzXn /wAIP2S/CHwf17wv4jsvFPiDxDd+D9EufDum/wBrXFtKkWmXEkMiw/ubaJiIfIRYvmGFJBB4x9VU UAfHXir9iX4X+LPDF14Xudd8QafHc+Obr4hJdWV5DBdwa1dCUYhlFudkMTSl4xguGVcyMMgi/sT/ AAy1Twt470L4ga3rvjbVPiJb2tpqet6rdRHUUt7FxLaR2pghihgSCUCVQsWGk+Z9/AH2LRQB8b+G /wBivwXpvi5/Hni/xp4q8c67Pod/4cln1u/hmD6ZfqqvEEht4ghTaxVk2sWd2cudu2/4O/Y3+H/h e38AWeq+Idd8VW3w3stY0zTIdXmtZo307WbaGzltJxHbR74ooYVWIAqRltxYYA+lPFXjHwv4I06H VvF2pwaTZ3Fzb2cctw2xGuLqQRQxgn+KR2CqO5NHi/xj4W8A+H7jxV4z1ODR9ItHhSW6uW2RI1xK kEQLHoXkdUHuRQB8seEP2JfAHhbU/C63ni3xP4i8MeBb2PUPD/hzVL+OfS9NuYN32d0CwpPL9mz/ AKOJpnEYGBmuquP2S/hxc/AHWv2cpNR1UeGtdvbi+nuBNB9uWW51D+0nCP5HlhRN8oBiJ2cElvmr 6iooA4/4heB9C+JvgTxB8O/E4kbSfEthc6ddeS2yUQ3UZjco2DtYBsqcHB7Gvmub9jbw7/ZPg1tO 8f8AivT/ABb4Gs7jTbHxPBd2o1aXTrh95srvdam3ngQ7fLV4crtBDZyT9Y3mtaPp19p+mahfQW15 qsjxWcMsqpJcyRxtM6QoxBdljRnYKCQqljwCazfCfjHwt460j+3/AAfqcGr6d509v59u29POtpGh mTPqkisrDsQaAOL+DnwZ8I/BDwvdeGvCcl5evqd9capqOoajObm/1HULojzrm5lwoaRgqjhVACgA CvFfEH7Fnw+8RJ8SdOuPE3iG20T4oaja6xqWlw3Nt9kg1K2uba6NzbCS2dkeVrSNZNzOCmQoX5Sv 2HRQB4j8Qf2f/h98T/G1h428ZpcXz2WiaroD2JdBZXFjrAjFyJl2eYWxGApWRcZPBOCPKvh7+xh4 J8C6/wCFtX1Hxh4o8YWHgN2fw5pWuX8VzYaUxiMKNEkcETyNDGSkJld/LXAXBGa6S2/bU/ZMu9SG kx/Fjw6l0ZPK2S38cQD524LSFVHPHJr0f4kfHX4PfCCz0vUfib4v07w5a63v+xS3k4RLjywrN5bc hgA6njsRQBj/AB6+A/hz9oLwvpHhjxFrWreHzoWsWeuWV7os0NveQ3tjv8h1eaGdQFL7vuZyBgjv 5x4M/Y68FeHvHmkfEjxl4x8WfErWvDrPJpR8U6ot7Bp80i7Wmgt4YYIhLt4DlSRwRyAR6/8ADX47 fBr4xtdR/CzxppXiiWxAa4isLuOaWJWOAzxg71UngMRgnjOa9YoA8p+Fvwf8M/COfxpP4bubu5bx 14ivfE179reNxHeXyRRyJD5cce2ECFdqtuYEnLnjHP8Axk+APhr4w6h4d8TSaxqnhTxX4SknfStb 0SeOC9t1ulCTwnzo5opIZQq745I2BxxjnPJJ+21+yQ99/Zp+LPh6O43+WRJfRxhXzghmfCrg9SSB X05a3VrfWsN7ZTJcW9wiyRSxsHR0cZVlYZBBByCOCKAPkw/sX/C+f4eat4B1HVtb1CfxDrdl4g1b Wrm6il1bUL+wmjmhM0rQmIRr5SxiOOJFVOF2klq+uqKKAPi39tX4PeJfjXovwp8NeHor8Q6f4+0n UdQu9MmW3u9PsoLa8R7yKVvuNC8iFSAxDEHBrSb9jDwBqXhDx94d8YeJfEHifV/iTZQ6dq2v6hc2 76oLO3OYre2KW628MaEltqwYLEs244x9gUUAfP8A8V/2dvC3xTk8Lawus6t4V8T+CvMGka5o08cN /bxzxiOaJvNilililVV3o8ZBxxjnPnj/ALEnwnn8GXXhy81TXbjxBea1F4jfxU98P+EgGsQL5cV0 lyIxGpjj/dpGIfKCcbM817nY/Gn4U6p8TLz4Oab4osrvxrp8BubnSopN9xBEApJkCghSA6nBIOGH HIr1CgD42uf2Jvh5rfhDx54f8a+JvEPifWfiPZ2+n6rr9/dW76mLO1cSRW9ttt1toIlcFtqwckkt k4I+xo0Ecaxr0UAD8KfRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAF FFFABRRRQAUUUUAFFFFABXz945+I/i7QPHEWh6Zaq9qPK2RlCzXHmAE4PUckqMdxzmvoGmlELByo LL0OORn0r5LjLIMZmOFjQwOLlh5KSk5RV20r3jutH+mqaujfD1YwleUbjqKKK+tMAr82V0D4za7+ 2p8aR8IfGGl+EzBonhD7adS0d9W88Ml95Xl7Lq18vZh92d27cOmOf0mrGtPDnh6w1u/8S2Ol2tvq +qxwRXl7HAiXNzHbbhCk0oAeRYt7bAxIXccYyaAPyf8Ajp4k+Nmt/tBzfCbxBr9z9l8M+DLDUVfS vE7eBoru9meVbzVFIW4aZImjAWB5GjiAywfJNeZv8UPj98TvEPwx8CeLddmvYJfh6uuNNo3ip/CK arfm9mt2vxfLBuuPLt4opfICqgZzKVKYFfsN43+FHwv+JjWL/EbwhpHiltMYvanVLCC8MDHBJjMy PtzgZx1xzTPF/wAJPhX8QdP0/SfHfg7R/EVlpBBsoNRsLe6ittoAHkpKjBOABhQOBjpQB+OeheN/ iZrel3/izXviDZaP4sf4OzQp4qSWSS2Cp4lmgt7lriKEOC8IRXuEi+VyZlGADX19+xz4q1iy+JPj P4WeK21+01i20vTdVFhqPiRfF2mrBK8sP2my1JybmM3DLlrebbgAOgwST9xH4f8AgMuZD4b00s2n f2OT9jhydMBz9iJ2f8e2Tnyfuf7NUfAnws+Gfwutrqy+GvhPSvCsF84kuE0uygs1mcZw0ghRdxGS BnOBwOKAPyS/a2+JXi6XVvjZ4u8FeIfEtq3w4+z2sN7/AMJSPDumaTfJaxzLDbaZB5kmpPO0gJNx GFlZjEjqi7qT42fEr9oBNV8TfAfwD4p1S38VeP00vxxoF4lxMXt9Nh0e4utQtYJVbMULX+nJEIlI ULdY2kEg/qz4h+CHwY8W+I5PF/irwFoOs67NC1vJfXumWtxcvC6eUY2lkjZ2Ux/JgnG0lehIrqYP A/gu11TTdbtdA0+HUdHszp9jcpaxLPa2R25t4JAu6OE7VzGpC8DjgUAfiL4q+Lnxt+MninwT+0d8 Fom1bUfEPiTUrLwZo+oTutjDHpnhe5iup443IQO91LckjC+aYY0ZsYI77xF8aPEPw0+Gvgb4o/Dz xr4j8WW3xO8Maz4WH9s30801t44mdZbJ5ICxjtp0m+0wGOJUVFjVVyADX636T8Nvh1oNrodjofhb StOtvDDzS6TFbWMEKafJcK6zPaqiAQNIsjhzHtLB2BzuOYf+FW/DHaUPhDR9rasNeI/s+3wdYU5G oH5P+PsHkT/6z/aoA/IHRfjZ8TLLwl4s0Lxv438QWj/s6+G9a0jxDqtgWmutQ1vUdUew0u4ZbiQR zutlb+ejzMVjeYSFsqTWRc+Pfin8PfEfxc8Hwa3rugr/AMKf13xBHZ33jKTxPf22pWkkSW98J1/4 8pmSRzshlZWwHGAFr9pP+EC8Cj+3R/wjmm/8VQQ2r/6HD/xMSE8sG7+T9+dg2fvN3y8dK43SP2fv gP4fspdO0P4ceG7C1nt7m1kig0izjR7e9CrcwsFiAaOYIokQ8OFAYEAUAfnxp3hO6svif4K+D/xD +L/jDTfDuueDJ/Fr6jL4ims7i/10yW8VxGl3uUxwWsX+kJaoRGDIzMpRdte2fsMaSPFf7D2laHpu vXTDWJPFltDrEEjQ3Z+0azqCJdo8ZVkl+YSKykENyMV9e+L/AIW/DP4g6TZ6D478JaT4i0zTmV7a 11GxguoYGQAKY45UZUwBj5QOOOnFdD4d8M+HPCGkQ+H/AAlpVpoml27SPHaWMEdtbo00jSyFY4lV QXkdnYgcsxY8kmgD8NrL9sH4xeGLnQPjL4k1G/l8OfDDSR4F8T6YXmkW+8XfY9Rd7iVM7Wf7VaWk e5gSPtBwQCc2fHWgeOI/APjfwD8XvGuvapc+DtZ+E7XE0+sXa+Td6g0P9ouHEo2r5sruvOEdI3GG jUj9oJ/hd8M7mw1DS7jwjpEtlq+of2tewPYW7RXWpBlb7ZMhTbJcbkQ+awL5VTngVNrXw1+HXiOD XLbxB4W0vUovE6wLqy3NlBKNQW2GIBdb0PneUAPL352fw4oA/H/xP4R1rw14G/al+Nngrx54j0fV fAPip59Ijs9WnWykls9N02RpbuENtvWuEZY5DP5gKrkYJYt6N8VPF/xH1/4k+L/Bum+Ntb0C0vvi x4M0VH0++liktdN1HQYpLq3tjkrGsjMzkBdvmHfjcM1+mlv8LvhnaeHNS8H2vhHSIdB1nH27T0sL dbS7xEkI8+EJ5cn7qKOP51PyIq9FAFub4eeALi/k1Sfwzpkl7Ne2+pvO1lAZWv7SMQ290zlNxnhj ASOQneigKpA4oA+Yv2aota8J/F/41fCKXxFq3iHQPCl1oVxpZ1q+m1K7txqdh508X2m4ZpWj8xdy qzHbkgV+fes/D3TbnV/FHh/TfE+sWN/f/tDaZZPImqzy3NtbtYxOLiFZXcRzt5jqtxt3EKi5IjUD 9ubLw9oGm6tqOvadptta6nrHk/bbqKFEnuvs67IvOkUBpPLX5U3E7RwMCuVl+Enwrn8TT+NZ/Buj S+ILme3updRbT7drt7izBFvM0xTeZIQSI33blHQigD8nvjB46+K3wTtPiv8ACfwV4v1u90Oy8XeC rCLUNT1eR7/S9N8Q2xe9VdWuRNJbo8saxpO+7yPNLAZGa+nv2PdT+I1j8S/iJ4C8Ras15oGmW2l3 dtYXfiSTxVe6Xc3Il3o2oPDG3lToqukTs7JtJGFavtm/8BeBdUGtjU/Dmm3g8TJFFq3nWcMn9oRw rsjS63KfOVFO1RJuCjgcVF4J+HfgH4a6U2hfDvw3pvhjTncyNb6ZaRWcTOeCzJCqgt7kZoA/OW78 T2niPxN8XviH8SfjHrfgDWPh/wCMI9I0vT7O7la0tNPh+ym036LD/wAfx1IyNkukhcNiPGyuf1j4 4a1Yfs/eJbefxxdQeLF+MEuiW4Oout+tsvihP9DX5/NEQsQw8sfL5PGNnFfpVqvwm+FmueMLT4ha 14P0e/8AFNgFW31W4sLeW+hCHKbLhkMi7f4cNxzjGTWbffAz4K6n4muvGmpeANAu9fvmie41CbS7 WS6leB0liZ5mjLsyPGjKSchkUjlRgA/K7X7L4kzfBL4o/F22+KPi218Q3XxGuPDOniPWLgWmm6ef FtvaqILfOzeib0DNn905ix5eFGh8VLT4i6B8dbv4BaZ4o8R3Phnwl4Vi1XT5bzx1N4fv7iW8ubh7 i/mv5IpXvRa7ViSNz5cSqCVbJNfrK/w98AyaRP4ffw1pjaXdXp1Ka0NnCbeS+M4uTcvFs2NN54Ev mEbvMAfO7ms/xv8ACj4X/ExrF/iN4Q0jxS2mMXtTqlhBeGBjgkxmZH25wM4645oA/Lz4R2nxQ/aH 8Y6bpHxL+JmvWsdt8MdH1Rz4Y1e5021vNRl1DUYItRDQiJizwxI7BVVJG2llZUQCb9ke9ufHv7Qf w4+JnjXxDqN34m1r4RaZfSeZqM6xXlyLye0k3WwkEUi+WvmtHsKCYmfAkJav1ctPCfhXT9TbWrDR rK21F7OLT2uYreNJjZQFmitzIqhjDGXYpHnapYkAZNc/Z/Cf4W6df+H9U0/wdo9reeE4Xt9Hmh0+ 3jk02CRSjx2jKgMCMrEFY9oIJGOaAPh3406nF4x/aC8eeCviL8SdZ+HOg+DfB9jrGhppeqNpaXUl w90L2+m2lftX2cxRRiF90eCcoS2a+LPAXiv4m6/ovwR+EGm3l/aeGbf4XWmtQW9h4pbwg91fPcyQ yzm9jikaf7LGiEW+QFLeYwZeK/brxl8Lvhp8RZtPufiB4T0nxLLpLmWzfUrGC8a2c4JaIzIxQkgE 7cdB6Vla58EPgx4m0DSPCniPwHoOp6LoAA06xudMtZbWyAwALeJ4ykQwAMIAMcdKAPx9vvGnxw8Y +EPBeua745n8VSab4OvLm7sfDvi6Xw1qAEGo3UUOvRTtFBban/o8UcbpIwTzEZguJOew8SftA+ON V03xTrXhvxtrWneGdb0b4UJLrF64guNH07X7i6i1HU/LXMFtPJGF82SIBQ2GU4VCP1V8VfBX4O+O rTS7Dxr4G0PXrbQ1VLCK+022uY7RFAASFZI2EagADaoAwBxxWN8Svg3pnjLwprekeEZrbwfretw2 VvLqlvp1tcNNb2LlorW6hkULc2uxpIzC52hJHClSc0AflF8TvF2t+ANT+PPhP4O/GHxBr2maF4W8 L3FhcTa7PqkmlX97rIjnWK4aRyzNEVZixJ2P5ZOwBR9v/CvQ9a+FX7WOqfCiz8X6/wCJPDup+CYN deLX9Sm1SSPUY9Re1eWF5yTEJIyN0abUyMhQMAdB8Gf2RPDPw/vfFOs+O00PxLc+KbaxsJNP0/w/ baRodtZafK9xFFFpwe4VnM8jSvJI7EsFwF28/Vn/AAj2gf2//wAJX/Ztt/bf2b7F9u8lPtX2Xf5n kedjf5W/59mdu7nGaANiiiigAooooAKKKKACiiigD//T/fyiiigAooooAKKKKACiiigAr4q+IP7U +seEfiHeeG7DRoJ9L0ubyJzKXFxKVxvKEEKgzkLlWz174H2rXm2t/CD4b+I/EaeLNa0OG51RCpMh ZwrlOFMkasEcgDHzKeOD0rajKCfvq5wZhRrzilQlyu56Hbzpc28VzGCFlVXGRg4YZGRU1FFYneFR TQw3ML29xGssUgKsjgMrA9QQeCDUtFAHwBoHhzw8f+CiPi6zOl2pt1+HOlOI/ITYHOp3ALBcYzjj NcSfFf7SPxgh+NHxD+HXxFHgXTfhbrWr6DoWgw6ZZXNteS6BEplk1Ca5jaXbdOdqiJoxEmGGT1+3 7P4P+GbL41al8dorm7Ov6polvoMsDPH9jFrbXD3COqCMSCUu5BJkK4xhQeT4p41/Yy8FeK/EXivV 9I8YeJ/CGmeP38zxHo+i30Vvp+qStGIpJHWSCSSJ50ASdoZI/MX73JJIB+bnxE/bB8W+H/i34X+O eg6ALfW/Hvwe0BZbuWKWXSvD5v8AW5ll1C92BpPssDt8owS5KAnnn3j4ofG7416J8X9G/Z707x14 pvbXw94YttZ1fxH4Z8KW2t6rq19ezMIh9ngtpLa1s1UZVljJbhCzHLV90J+zD8Jk8Uy+IfsEjWMv g2HwGdHZkOmDRIJXlSMRlPN3/OU3GXGwD5d3zV5Ja/sK+CtFtfC03hDx94v8PeIPCOmvoltrlnfW o1CfRzKZY9Pui1o0M0EBP7jdFvTC/M20YAPm+2+Ov7WvjDw18GvB8uoXXw98W+KPFmteHdQ1HU/D y20uoadZWclxBqKadexgxO8WHVVITzlIIKZjr6j/AGZ/F3xSi+Knxi+CHxM8VN42Hw9uNEl0/Vp7 S3s7uW21mza4MU6WqpETEyEBgoLA5PYDrvDP7JXwt8Ix/D1dDm1KN/h1qmoa1bSyXCTTahqGqRSx XM+oSyRs8zuJWbKlCCFH3QFr03wr8JfDnhD4meOvirptzdyat8QRpa38UzxtbxDSYHt4PIVUV13K 5L73fJxjaOKAPkjxPqH7RHxR/ap+IHwh8DfFCTwD4W8L6FouoRm20qxvbr7XffaAFV7mNv3TFN0o bcTtVUKAvu8Z+DHx9/aD/agm+Gnw0s/GK+BL648IXviXxFrOn2NrPd30ltq8+jQw20d1HJBCGaAz SsIz1CqFBr9HdD+Evhzw/wDFjxT8YrO5u31rxdY6dp93DI8ZtUi0zzfKMSiMOGbzm3lnYHAwBzn5 9s/2HPh34f8AD3g3TvAninxH4U1zwNDqFrYa9p91bLqMlnqd1JeT2t0Htmt54fOkLIrQ5QgEHOSQ D4P8Z+JPjd8TfHXw8+H/AI08dzWniH4dfFifwymsWGn2Ki9VtMlurTUmhkhkiS6WFmjeJR5I35KF gCP0x/ax+K3ij4P/AAXv/EngcQDxJqN7p2j6bLdKXt7e51W7jtVnlUdViEhcA8FlAPBridQ/Yj+G U/gDS/Bek6/4h0fU9L8RP4sHiK3vo21u41qVHilurieaGSN2kjfYw8oDAXAGOfoP4o/C3wh8Y/h9 qnwz8ewPe6Pq8aJKUfypkkidZIpo5FxsljkVXRgOGA4xxQB8T/GDxj+0j+yf8O/GvjrWfiFYfEuw i0e3/s5NWtLew1K21u7vobMSrFYwxxS2C/aA7h23oVChipJrM8cXP7VfwY8aeBvAc/xYk8Zv8WLf VtHW7utJ062fRtdhsHubS8tEghCvbmRCJIp1kCoM7snj2zTf2K/hzdDxLL8UvEGvfE+78S6OfD73 PiO6hlltdL3iXybY20NuI2MipI0uDIXRW3Aitz4efso+G/BXjXQ/H/iPxl4m+IGreE7ae00I+Ir2 G4j0uK5QRStCsEEG6Z4x5bSy73K8Z70AfNfg39rDx/8AFGD4JaLoF42na0umap4h+IUcdvA88Vv4 cD2NxaGOSNhF9s1EFQUCuqr8jAdfnfwD+1f+1V4o8NeHPjbpS+MPEl3rWpxTXHhSz8ESv4c/saW5 MTx2mrR25naaKH96JzKylwUKsBz+oPw0/Zm+GHwp+JnxC+K3heC4bWfiVNHPqKXDxyW8JUu8iWyC NWRJpZGllDM+5zngAAeSaN+wb8L9FmstGi8TeJrjwFpeppq9l4Nmv430G3uo5vtCqsXk+e0Cy/OI XmKbskg5oA+VtW+Pn7SvhLwL8ff2lNT8eC/0D4YeK/EfhrRvC/8AZVp5Fwsd6tnZzXN1Gi3BFvJc RnapBdYcO5Ls1dH8Kfjv+0X4Y+I3hiHxO3jjx74X1ix1B/EUuueCJNAg0q5trZriCayuIraIGGV0 MJjmLYyrA5JFfcWnfsz/AAxtfAXxB+GmqRXOtaB8S9X1bWtVgvZEJFxrEnmzJA0SRlEjcAxHl0IB 3kgGuP8Ahx+yJ4T8CeLNC8Ya/wCMPE3j+88J21xZ6FH4jvYbuHTIbpBHKYUigh3SNGPLMkpdtny9 hQB+fvxJn+P/AMTP2dvhj+0B42+IaXuleM/FXhi/uPDEen2kVjY2tzqkTWiWtyiC6aWE7BIZZGDg tkAqpr7P/wCCkY1A/sa+ORpIU3xudA8gPgKZf7bsdm7PGN2M1BP+wF8NZY9K0OLxn4st/B/h7V4d b0jw3HqEH9lafdw3P2lRCj2zSmIHcqxySMEV32bWIZfpP45fBrwp+0D8L9Y+Efjee7t9E1xrRrh7 GRIrjFndRXaBXdJAAzwqG+XO0nBBwQAfDvxB1P8Aay+FXjfSvhDYfFJ/GGsfFDw1r9xo95NpOn28 2l+INCgiuh5SxweU9pdCTydkySMmQQ+fvdl8Kv2mfFn7QfxA+DGleAb8adplx4WuPFXjSNIYn+cn +z4NPDyIxiYX6Ts23a5SHqATXqnhr9nnRvg3q+pfGq/1jxX8WPFWhaPPZaVHqt1b3d3BZr+8e1sU WO2jM85RVaWUmR8AFwC2eQ/Yn+Bt58NrL4h/E/xB4bbwlrXxR8RXerLpMrpJNp2mebI1pbSeWWRX 3SyzMiMVUy7eqmgDlP2oPDXijWf2v/2ZpNE8XXegpNc+I0jS3trSYQvb6XLNNIpuIZCTcRfuHDZC p80YWT5q+OPh/rf7Qfwf/ZV8RftD+D/iGLTQvCfi7VGi8LnTLSW0vbKXX2guxcXLqbkSu8rlDG6B VVQACS1frJ8YfgNoPxh1jwb4mutd1bwzrngS+lvdNv8AR5ooZ1+0xGC4ifzopkaOWM7WG0HHQ4JB 4+4/ZL+HFz8ANb/Zxk1HVR4a168ub2e4E0H25ZLrUP7ScI/keUFEvyqDETs4JLfNQB8W/FL9o743 eLPjx8TvBHgfW/FfhjR/h01tYacnhfwefEi3uoy2/nyS6lM1vN5UYZgqRR7S6fNkEAn9EP2fPG/j b4j/AAX8JeNPiT4fn8LeKdSsgdS065t5bWSC6iZopD5MwEkauU3orchWHJ6nzH4gfsieE/Gfj/W/ iN4e8YeJvAWp+LLeG119PD19FbQatHboYomuElgm2ypGdiyxFHCkgHJJr6D8A+BfDHwx8F6L8PvB dmLDQ9AtY7S0hBJ2xxjALMeWZj8zMeWYknkmgD4T/YL+HXw/8d/sSeGdJ8beHtP1my1GfxFFcpd2 8cgkjbWb5TlmGRheAQQR2IxXwr8OvFPiq30j9km78OeG5/iT/Yeu/EXTtE09ru3il1DTLWGWC3xc XjLCFghB27mxtiCrzgV+g2i/8E9/B+geGT4D034t/EWDwkzXBbRYdatrayZLuV5p4iLezjk2SPI5 YBxncc19ARfs1fDGw174U614fgn0WD4OJqEWh2No6LaFNStDZyi4EiPJIQhLBhIrFyWctkigD4H8 d/8AC6fCHjnX/wBtXXvhRY/C6y+GvgzVbaDT/t9pfXuuXl0QYPtR0/8AdrbQMA5BfeCOOvyeoP4n /aT+But/Bfxb48+Ix+IWkfE/W7Hw/rWlyabZWkNjdatA8sE+nS20aSiOBoyrCVpN6fMdpOV/QjxX 4W0Dxv4Z1Xwd4qs01HRtbtZrO8t5M7ZYJ0KSIcYIypPIII6g5r5j8B/sdeD/AAd4j8L67rXjHxP4 0tfAm4+HNN1y+instKYx+UrxpFBC8skUZKRPO8hRTgcjNAH57/swap8YNd/ZAtfh74Q/Z3g8c2Op f8JDawa5f6rpNvYzG41K8BeWCZjdbYXYoV2Ats+UgEGv1S/Zp+GOufBj4CeBvhb4lv01PVPDemQ2 tzPGSYzIuWKRlgCY487EJAJVQcDpW38Evg/4Z+Avw00v4WeD7m7vNJ0mS8lilvnjkuGa+upbuTc0 UcSECSZguEGFAByck+rUAfjd4G+MX7VGifso+FP2y/GfxN/4SJXvLH+0fDZ0qwhs7nS7nUk00hJo IUnW8y4lDqwTP7vyyBzb1P46/tOeHfBfx2/aIuvHyXmi/Dnxhr3hXRfDL6XZi2mX+0EsLOe6u0RZ 8Wz3MZwpBZYfnY72Nd5+yV+w/LpvwR+Hlj8Z9Y8TRjRbg6rceDLu8gbRotShupJIneJIjKyA7JvJ M5i8wlipJIr7GsP2ZfhhB4A+IPwy1WK51rw/8S9Y1bWtVgvJEJFxrEommWBokjKJG4BhPLoQDvJG aAPmbXvGXx+/Zg+JXw7tviJ4/m+Knhzx3HqlrqUE+m2VjPY6hYWL3sctj9jjjYwyeU6NHLv2AA7s mvKZfi7+1F4Y/Z08Ofts6t4/j1ey1O502/1Dwamm2aaamj6peR2yW9tcLH9s+0xLMjeY0rZbKlGA wfsjwB+yZ4X8IeMdG8ceKvGHiT4h6l4Xtbiy0QeJLyG5i02G6jEMxiSCCAPLJF+7eWXe7JwT3rk9 H/YW+Gmky6bop8T+Jb3wFomorqth4PuL+N9Dt7lJTNGoQQi5eCOU70hknZAwyQRxQB5z+wr4M8Ua L4++P2sa54yu/EAi8c6jp08VxZ2MP2m5itrKQXryW8EcgkKuY/KVhCByIwxJr9Ha8v8Aht8JfDnw tvfGd/4fubu4k8c69ceIb0XTxuI7u5hhhdIdkabYgsKkBizZJyxGAPUKACiiigAooooAKKKKACii igAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACq0l5Zwzx2008aT S/cRmAZvoDyfwqzXgvjb4V694k8Zrr9jfRxW0nlZLFhJD5YAOwAEHpuHI5J+tfJcZZ1mGAwsa2W4 R4ibkk4p8tou95X120Xzu9Ezow9OEpWnKyPeqKKK+tOcK+MP2uv2lfGPwJTw5pvw10G28Ta5dpf6 1qdrP5h8jw7okPnahMnlMpWYl444C2VLE5U44+z6+B7/APZn8YfGL48/EP4p/EfWtd8FWCW1v4Y8 OxaNqFrG91okaefdyz7UuBsubqRtsbbHCxjev3aAPuLQdd0nxPoWneJtDuVu9M1a2hvLWdPuywTo JI3HsysCK+Wtd/bM+DF5oXiyL4c+I4NW8RaNpWs3unpNaXiWF/caRbyTSpbXTRxwXYjKZkFvMxC5 IIHNJ+zL8LviN8P/AIK698B/G6zW1n4bvNT0jw5qrTwzy3mgyktYzsInLRyQrIYijqhHljAwc18+ aB4D/aVk+A+kfs6Xfwq0yxHhDwzqeiy65dXlndxX7ppc1nZvpCpOksE11IyGWS5SNY0ZwQxOQAfR XwV/bG+DfxW0bRraXxDFZ+JLnQU1m8ils7yysykMSNfPaXF1GsM8Vu5IcxSybQCScAmrel/tg/Bb xpBqmnfD7W5LvXI9GvdY02K+03ULGDUILSIuZbWS6ggS5jBxuMLt8pyDjmvE/G/wM+M0vhr4FQ+A 9GtIda8B+C9e0m5a7e2ktrLULvQorS1iljZyJomuYwrBFkTAywK9fDfDPwD/AGidU+IfgTxLrXhX xN5OheH/ABFpepXHiLxFpt6ovdR0swRfYLK0n+z29oZkCBkRXbcm9FSPdQB9Q/Cb9rO88Qy2+qfF FtK8P+Hovhp4a8cX14oliWC51g3H2lMySOPJTyl8pcF8nBZiQK9N0v8AbE/Z01Xw54h8VL4raxsP CsVtcakL/T76xuLe3vJFit7g21zbxztDI7KBKiMnPJHOPg3xF+x18cPF3wou/Bn9mJpmof8ACq/A OiR+bewCOTWvDd895d2LPDI7LwFQTAeXuYMrkKaj8VfswfGD4keH/HOuDwLr9lq194esNEtIvFPi qHWtQumOr2t7dRRsLmS1itYktyytI6u7H5VGSCAfoV4R/as+Anja08R3ujeKVgh8J2Q1LUjqFpd6 aYbBgxW7UXsMJkgbacSRhlPAzkjOV4S/bH/Zx8aX+o6Xo/i7yLrSdLuNbuk1CwvtN8nS7Yxh7xmv IIV8k+ahR84cElc7Wx80/tn/AAa8QeLdc+IPjS7nstC8KzfDq30w6tqE6R2Y1C01yPUEtrlVYzLD KihHk2FFVzznIr5y+LOh/FL9sH4zeJ/Az+GLHwRrd18KbuC2iGr2uql5f7ZsLqIT3FiWSOC4aJo4 Qx3lPMkKAHbQB+pvwr/aP+Dnxo1S70L4e65Jd6lZW6Xj2t3Y3mnTvaSnalzFHewwtLAxIAkjDJkg E8jOd8S/2pfgb8IfFf8AwgvjzX5bTXxZR6mbK306/vpVsZGlT7SRaW8oESGF/MYnCAAvjcu75v8A 2d/g78QE+M1h8TvG/hHxD4cXQ9CuNOWbxN4oXX7p7m6kjMkNpHBPNGlqBHuMkhV2YLhAMms7x74n +InhL9u3xFqnw++Hj/EKWb4c6TbTQwXtpYzW5k1O/aJme8kjUwOybZdpZlwrBWAIoA+mfGf7WPwA 8BW2i3eu+KlnTxDp41azGm2l3qjPpp/5fHWxhnaO3/6ayBV4IzkHDvEX7V3wB8Maz4a8P6j4qW41 DxhaWt/pMVjaXd/9ss7xzHDOjWsMq+WWU5YkBeC2ARn84vDX7HXxs+CeqaBqNlpeu+LobzwnaaTd J4S8SR6DLp+pW9xcXBgka4lgE1iftAVWUsybSfL5AP1L+zj+zp4w+EvxQ8H6pqGhwWGj6J8N10J5 ILsXUdvqU2rNfS2kbSubh1RWGJCuw4ABHC0AfVfxR+Nnw0+DUGmSfEHVmsptbleCwtba1ub+8u5I 13OIbWzjmncIuC7KhVcjcRkZ8/1r9r39nvRNH0PWz4nfU4PEdnNqFjHpen32p3ElnbyeVNO8FnBL LFHHICjtKqBXBU/MCK5n40eGfiZ4f+Ongj48eAfCknj200jR9V0G+0m3u7a0vIF1Ca2njvLY3kkU LkG3McimRW2sCM84+cfFPw+/an1PxTo2v6z4OurHSr3R7lH0r4farYaBJa6nPqE86x6lqE0qXMsJ t2iaWS1fHn+YyxEsMgHd/GL9tLUPDln4n8RfCb+yfEPh6x+HK+NNLvJknYXFw2omzCSBZIj5Wwcp tWQOCCwxtr7X8ffEXwd8LfCNz448fakulaPZmJZJTHJMxkndY4444oleSSR3YKiIrMxOADX4+aR+ yJ+0XbfA3UvBl34SC6y/wsvPC8cQ1CyZZNUPiGe8jiWQ3GNr2zLKHchQDtYhwVH6a/tNeA9V+Inw cvvDGk+GofF1z9psJ/7OkvX02aRba4jkZ7S8R4/s91GFLwSFgu9QG+UmgCO1/av+Adz4J1j4gS+J zY6X4fu4tPv47yyvLS/t7ycKYbdrCaFLsyyhgY0WIlxyuQDVjTf2pvgPqngHXPiYnilLTQvDM62u pm8trm0u7O5cqEgls54kuhLIWURp5RaQkBA1fnZrf7NX7T3jHwbPeXUHiCfT/C/jHQ/EOg6Nrmu2 J8VT2tlaT298p1izdokl3TI1m007MgjYMw3CrXiT9kb4s+M/B/irxnpXh3WdI1+bxL4X1m10/WfE /wBr17VbXw8soZJdQSaW3tJsXL/Zish2FFLsOMAH3jD+2J+zm/hDU/HFz4t+waXot9a6dfi9sb60 urO6vTi3We0mgS4jWXna7RhCATuwDjnh+3X+y2EkM3jCW3ktZzBdwzaVqcU9gRsxJexPaiS0hbzF 2TTqkbZ+VjhsfI8P7MfxS8TanJ42k8GaxYTXfifwTI8XiTxFFrGrTaXo2o/arya4f7RJbpHCrN5U UcjyuC3GSFr2j4l/Ab4i6+P2tZ9G8PpPcfFHRNMs9Bfz7ZGv5rXSHtmQlpB5WyZtoM2wc5B280Af QuoftU/AnSvH7fDW+8RtHrKahDpDuLG9bT49SuApis5NQWA2aXDb1xG0wbJCkBjivV/E/jzwp4N1 Dw9pfiS++x3Xiq/Gl6anlySfaLwwyXAjyisE/dwu25yq8YzkgH8w9Z+BX7QmkfEea8+GXhXU/DGq 6hrmmX0up2WuWsvhK+s4/s32qfVdIu5ZJftqojoWtYRvcLIr9TX2F+1F4R8f6ynw18bfDrQW8U33 gDxXb61c6XFcQ2txc2f2O6tJhBJcskXmp9oDhXdQwBGc4yAdh4x/aa+B3gBNbk8X+J001fDuq22i Xxa2un8nUby1F5BB8kTbzJAQwKblyQmd/wAteLePf27fhLofhbR/EngqS6137X4q0vw5qFu+manB d6eLyVDNJLaNa/aPMEDF4YygMzYEe8grXilp8FPj14y8Y3/jnxV4GGiHVfiz4Z8VCzfULK5aDR9M 01LZ5pGjlKmSJkUPGu5t+fL8xAHO58Yvgf8AGO6+JPxC+I3hTwqdbhfxf8PPEWn2sd5aQTalB4cU fbkjM0qLHIuMDzigbHy54oA+otW/a2/Z90Pxp/wgOqeKhBqqXNvZTObK8NlbXl0AYba5vRCbWCZw w/dyyqwPBAOBWf4l/bJ/Zx8IeKNS8H+IfFhtdS0S9TT9S/4l9+9vYXEuzy/tVylu0ECOZFCySOqE kgN8rY/P/V/2TPjHd3fxG+H+oeEte1jSviF4oudcivE8VpY+Ho7PVbmO5mXU9PinE73VrypMMbrK UUqwAzXv/jX9n74n6t8Ev2pvCdhoIuNa+JGu3d3oUZubYNfWzafYQxOZGlCR/vYZQBMyEEZIAIJA Po3xr+1z+z/8PfFN74P8V+Jntb3Sp4LbUJo9PvrixsJ7oKYY7u9hge1t2YMpxJKpAILYHNeXP+25 8OvBvxh+Jnwz+L2qQ6FD4Q1LT7axmhsb6dVs7ywtrhp9QuIkmhgTz5zGskhiTAHXDNXyf+0Z8Av2 pPiRpvxd8I23h7XNXl8SXks2gnTdd03SPDJ08RwlBe2qSxXVzfkxsjfaFeJ22EuqLx6P44+H37RM Ov8A7Rnh/wAOfCca1Y/G6Kys9O1aTU9OihtA2iw6fPJfRtOZvKgcyMgjR2ZlcBQGRmAPprT/ANp/ w/oeu/F2b4oX9jovhj4fa1pml2N1Ek0s10NQ061u1Xy4zK88zyzlY0hjyVAwpIJPsfwu+Mvw5+M2 mX2qfD3VGvhpVwbS9gntp7K7tLgKG8ue1uo4p4mIORuQBhyCRX5leMv2OPjNHo+sJoVpcak/hnxl 4T1zTkttTi0671qy0bw9BpVy1tciTNrciUO0TTFOVPZgx+tP2UvhP4n8G+JPiD8QvFOgar4fn8XP pkMKa9rf9uaxPBp0MgWW7ljlmgjw0zJGkcjEKPmPQAA+0KKKKACiiigAooooAKKKKACiiigD/9T9 /KKKKACiiigAooooAKKKKACiivir4g/tT6x4R+Id54bsNGgn0vS5vInMpcXEpXG8oQQqDOQuVbPX vgaU6Upu0TkxmOp0IqVR2TPtWiobedLm3iuYwQsqq4yMHDDIyKmrM6wqC5uYLO2lu7pxFDAjSO7c BVUZJPsBU9cz41/5E3Xv+vC6/wDRTUAU/CHxD8D/ABA8JQePPBOuWmt+HrlZXjvrWUSwMIWZZPmH 9xlIYdiDWl4U8V+G/HPh2w8XeENRh1bRtUiE1rd27b4pozwGRu44r8QP2VNV1L9k74T+Atc1a6kk +Efxy0VUnllYtHoXitoWRGZj9231BECknhZF5KIOfSv2YPFnxY8deDvgf+zf8OfFz/D/AE61+HY8 VarqtraW15fXKvfvYwWluLtJIolVlaSR9jMRtUYzyAfsFqOtaPo7WiatfQWTahOttbCeVYzPO4JW KMMRvdgCQoyTg8cVm+L/ABj4W8A+H7jxV4z1ODR9ItGhSW6uW2RI1xKsEQLHpvkdUHuRX4w+M/En xu+Jvjr4efD/AMaeO5rTxD8OvixP4ZTWLDT7FReq2mS3VpqTQyQyRJdLCzRvEo8kb8lCwBH2/wD8 FIftv/DGvjr+zdv2v7ToHk7/ALvmf23Y7N3tnGaAPuSivzV1Lx58fvgF8XZvBPj74p2Xi/TPEPgn W9dgvdb0+20y00nVNIMWZGaxjD/YiJcsjb3AHB3ZLeL/AAw/aM+MC/GT4Rad/wALH8Q+OdA+Ik0+ n6rNqXhOPRNGM5spJ45tGuZLW2lcI68BlcMnL8kAAH7JVzXhPxj4W8daR/b3g/U4NX07zp7bz7dt 6edbSNDMmf7ySKysOxBr81NI/aO+NWreCvDHwGOviP42zeP7jwjqupJaWwcabpT/ANoXeqR2rRGA LJppiC/u9paTK4IyOM8O/GP9oDxH4K+Dvh3wJ4utvDGq+PPHXi/Rr69TSLGRFsrGW9MbLbiJI/Ni SLcrDBeQAy+YCwYA/YOivyL134+/tF/DTxF41/Z4PjKPxL4l/wCEy8HeGtD8T3+n2sc1nB4qtZrq WWe2gSO3le2W3cR5Ub2YFs8JXvXws1v48eC/2xrz4E/ED4hy+OvCb+Bn8Q2Ul1YWNpdrcnUobQiZ 7SGLdsAfZgKpV8EMy7qAPvqivgv9rP4q+JvC3jzwn4F0L4jXPg231Oyu7qaw8OaG/iHxRqEiOqRe TbfZbmKC1X5t0rbWZ/kXoSOi/YY+LfxA+Lfwu8Sy/Eq8n1HWPCXirVvD4uryyTTb2eCy8pomu7SL CQ3AEm2RFHBGDk5JAPtKua0Dxj4W8U3ms6f4d1ODULnw9dmw1COFtzWt0EWQxSDs2x1bHoRXwbae Iv2k/jtrfxc8VfDP4lWvgKx+HHiG+8N6PpVxp1tPY3dxpUUb3E+q3E0UlwsUzybR5BTy0G8Bz1+c fDtj+0GZv2pvih8OviTH4MXwnrd3qwsbGwtNRtdQ1G20i3uJlluLuJn+zFERI/LVD8xdskBQAftL XH+IfiB4K8J6tp+g+JNZttO1DVoL26tIJn2vNBpyLJdyIO6wo6s57Aivzf8AiR+0R458VS/DiHTf iNe+ED4q8Faf4gl0Twd4efxD4invb9Vfe8b2tzDbWSA7UJdXdtwJ28j5+0L4seOPjK3wO8VfEe4N 54htNE+L2mXNy1slnJP9gtoIUklt4/kilKKPMVflDA4AoA/bfw54i0PxdoGn+KfDN7FqWk6tBHdW l1C26KaCVQyOjd1YEEGtqvxF0P4/fEnQ/BH7O3wD8B3+vaBYXHw307xHquoeGdA/4SLV5YsJaQ28 MBimSGMMrNLM0bYyigjOG7PTfjz+154pT4c/Dd9V1HwTreueNNW0D+3Na8MrY3Gq6JDpzXdvfnT7 uJEjuEG75YsR+ai7gyFkIB+w9Ffkx4h/aF+P/wAHNP8AjT8KrzxRH418T+F9a8JaR4c1zULK3tnj Pi1AA13FbLHC/wBlIYoSoDnG/g7Q74sfF/8AaL/ZQ+Jr2Xij4gyfEnw0vgfxB4hhgvtNsLOd9T0/ ylWOVrOFGFururLt2kB3ViwVSAD9Za5vS/GHhrW/EGt+FdK1CO51bw2bddRt0zutmu4/OhDnGMvH hgAScEE4yK/Kj4LfHv8AaaPjL4ZaprM/jPxrpnjGeGHxNa6l4Ik0jSNKivYt0d5YahFbIfItpNqs ZndZIyX+U8iC58a/Fyy+EPhL4m/CTxAvhfxD+0Z8XNjX81nDemLQ76G7tLH93cKyt5dpZW0yAFck YztZgQD9gqK/Hjxf8Z/2gtP+Muu/s/Dx/wCLpofhnpmnm81zwz4Lg1u/1bUdVR7uGS8iit5YLaCG IpGqIqmYq5Lk52x658fv2vNW8GfDjxP4+0/xb8ONBl03UI/EF/4d8MR32opq9pdmK3mu7G/ieW3s ZbZVnykXLuUztAwAfsXRX5VQfGP44fFGb9m3wh8PPi9YFPiHaeKTr/iHStKg/wBKXRfszRvDa38J NvdAM0boUCq7OxjIVFGVqf7QX7Q2j/EK+/ZEg8Ww3HjD/hMNO0a38Zzadb+bHo1/pTasWa0VVtXv o0QxD5AjZDFAcEgH61UV+TXxY+Nn7Q37Psfxn+Fmo+Nn8VX+g+BofGPhvxDc2FlFe2oN59hmtrmK KEW037wb42aIHGQd38Pat4q/aq+FfxU+HGg6v49h+Idz8V9E8RSrpdzptpp9nYavpmnC+tVtZYAs vkM5ELCWRjtBcsWOVAP0wor8ifgD+0X8V9N+IegaJ8a/H2uWmvXemajPrPhPxX4Zh0o3F3a2xm3a Be2cKxyxoyHCyysZI/mC7jx5j4B/av8A2qvFHhrw58bdKXxh4ku9a1OKa48KWfgiV/Dn9jS3JieO 01aO3M7TRQ/vROZWUuChVgOQD9xK8L8QftM/APwr4X0bxp4i8cadYaL4iuJrbTbmWQhb2WCQxSfZ 1xukVXGC6grgg5wQT5/+3T4y1fwJ+yd8RNc0C5az1C4s4dMhnU4MLardQ2BkDfwlROSG4xjIOa+W vjb8PLv4fftSfAK18L+J73SvD3g7wr4ifT9Pt7OxmFtbaLa2YmhiaaB2JvIgI5GYlkA/dFCSSAfq zRX5GS/F39qLwx+zp4c/bZ1bx/Hq9lqdzpt/qHg1NNs001NH1S8jtkt7a4WP7Z9piWZG8xpWy2VK MBg+6/sxaz+0D8Uvif8AEbxx4w+I7Hwb4O8beJvDVj4ci0uyVJ7SxnZIJJrtUEwaIuqrt5Ij+dmL sSAfddzrWj2ep2ei3d9BBqGoiRra2eVVmnEIDSGOMnc4QEFioOARms3wf4x8LfEDw3Y+MPBWpwaz ompqz213bNvhlVWKEqw64ZSPqK+FfjJ4a8Uah+398Er7TvF13pdr/YeuzfZYra0kTyrSS0a5g3Sw s+28VlSRt29AoMRRiSfjj9nbWv2g/g5+yH8GvjTpnxDE3hmTW7DS5fCjaZaG0Olahqz2bn7Vt+0m 5LN5ofzAq527cA7gD91qK/Gjxt+03+0J43+Inxbb4e6r4s0e3+HmsXuhaFpfh7wY2v6ffXumqPMb VL3yJWX7RIdvlxtGY42Vxk4LfpRo3j3xdrv7O0PxJ1nSpvC3ii48NNqNxY3ELRy2N+LQyPG0U67h 5coIAdckAZFAHt9Ffk74L+J37Tfgz4QfBX9o7x58Sf8AhLrbx7qOgWOsaA2l2NvarZa6ywxTWslt Ck4u4i6yyAsUdiyhUVVFcVonxu/autPgrqnx4vviNFqM+u+JbnwboWkTaRZx2dpLcaz9gg1C5niR ZHaBRIAgARsR79xDFwD9l6K/Kf4zfG749/sWeIbe18X+MJPi1pHijwxr9/ZNqGn2ljcWOsaJAk+S bCOINaSiVQyMCyfwydm6jUPEP7TXwWv/AIP+JPGfxObxvp3xU1ez8O6vYtpdhbR6beaxbSSW11pr wRK5S2eMhlm80OgywBJIAPrw/tM/AP8A4T6b4XL4401/FNtdR2M1ikhd4rqZ/LSGRlBRJGkwm1mB 3kJ94gH3Svxn+Efwo1XVv2T/ANp6LxL4sutZ8zxB4xlh863s7Yxato9zJcR6l5tvDHJ50k8UUjDd 5abAI1QV+gek+KviH8UP2RtN8c+A9QbTPHHiXwbb6np9yIYpCmp3Nis8f7qVHjIMxwQVIweO1AH0 rRX5AaJ+3b408Q/FX4N6/BqMNv8ADC70bR7bxmTFF+68QeIbW9e2QyFC6CCWyw2xlHzgMpyuK/8A w0N8Ztf8GfDzU/FXxRvPCk3xEh1jxDBpPh7w8ut+J3064uiNKt7e2isp4o7SO22s1xL+9d227mwS AD9h6K/FzQv2if2sPFvwYtb63uvEV1aeGfHOueHfE2s6L4fs5vFKadYQo9m7aTIrQxymSTbdbIy0 QTjJzu+8/wBjz4n33xQ+GmpX+p+PIfiDcaXq93ZC+OnNpF/DCgRo7fUbNo4ljuowxDmNAjDaVzyS AfWFFfj7+0b+0H8WNK8T/FW48C/FbVEvPAgmk0/RfCfhcaxptkLO2EzjXtSubQxxu7BvNVJ9sC4O CwK16NZ/EX9of47fGfwV4E8I/EI/D3Qte+FWi+M9Ray0yzvJ/wC0L66lidLdrtH2K4K5LbgBGAoD MzUAfp5RXyz+x38R/HXxM+DCaj8Sr6LVfEmiavq+iXd9DClst42l3stss5hj+RGdVBYLhc5IAHA+ pqACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACvGfEXxl0XQficnw9lNtHbaZo tx4g1/Urq6W2t9IsEby7dpWYbczuspG5kVY4ZHY/dDezV+ZHxf0bWrnxl+194QtbOfUdb8Y/DrTL vRbW3iaW4u4IrLUbJ4YI0BaRluT0UE7plGMkZAPvfwp8WPhb471bUdA8EeMNH8QanpHN5a6fqFvd T2wztzLHE7MgzxlgOeOtN8JfFv4VePtV1DQvAvjLRvEWpaTn7ZbadqFvdzW+DtPmxxOzIA3GSBzx 1r89vij8AvEy3fgLQvg34XbQL24+FXi7QXu7S0NrFb3txaWIsYLmdFVYnabzCm8hgwdhyGr5r8Hf A/4neN9E8O6F4PsvFmkeJ/DHgnxBpJ/tHw5Z+GbHTrq80p7OOya+S3he/Elw6vG6SOFKidmDZyAf s74S+Lfwr8f6rqGheBfGWjeItS0rP2y107ULe7mt8HafNjidmT5uOQOeOteWah+1H8NJPiz4J+Ev gvWNL8V6h4p1DUNPvTp+qQTS6U9hp899meGLzGJk8gx4YpgknJKla/NT4SfBn4h+KbrwVpvh618V 6H4g8JeEdc0uSTUfDVp4csNKubvTGs47VryO3ik1EG5dZYzG7gbPOZgxOfQPhJo4vfip+yxo+jfB nW/COqfDa01Sx8TalPoUtnaWkzaFcW/lfbdgjuY57nMiyh2UlkJbfLggH6HeKP2gfh74S+NnhX4E avqFvB4h8V2N1fQCS6gj2CB444ojGziRpLlnbyVC/OIpMElSK67wz8XvhR418QX3hPwd4z0XXdb0 vd9rsbHULe5uoNh2t5kUTs67W4ORweDzXx/+1V4T8Wal8bfBmpeGdFv55NZ8I+LvDdrqtlZS3Men atqa2n2CS6liRvs0YZXYTPhVwxyOa8N+EfhO58Q6z+zZ4U8G/CjWvAfiD4UfN4p1S90l9Ot4YYtN ktbq1S8dVS++23Lq4MTSbl/eNjLYAP04+I3jf4YeCPD0lx8Wdd0jQtD1Ddau2s3MFvbT71O6I/aG VH3LnKc5GeMV5j4b8Qfsl/Bjw4mv+ENS8FeCNC8SRvfJdWM2nada38UDhHmWSIokyxvKqbgWClwv BYCvC/2uV8Xx/FL4d6jp2iXMOjWdlqwfxHp3hmbxZqFldTGBVtIbNBJHbi5QHNw8MgJQJ8o3E/MX 7LfwW8Uy+PfhGfiJ4D1WKx8M3fxJmb+2tJEKWsl/eWb2byLHEtojTRvIY/JxExDiLhSAAfqtpHxj +EfiDX7PwpoPjfRNS1rUbZby1sbbUraa5ntmTzFmjiSQu8ZT5gyggrznFZelePvgTqfxQv8AQtE8 Q+HLr4iJbizu7e3urR9ZFvbM8gglRGNxsiZ3bY3CFicDcSfzg+HfwG1rwp8GPgmfD3gm60PxNafF TUb2/lj02SO8tNPkutXgS4nGwOlsbb7OAz4jKGPsVzyHw5+HniKTwJ8EfgdafCzWtD+JvgHxnY6n r3iCbTJIbKOCzupJr+9XWGUR3YvojsWNZGMm7ay4QUAfoF8RP2zP2ePh9b6ZK3jjQ9Xl1DV9L0uS Oz1exc2i6lMI/tdx+++SCGPdK7Y4Vc8DJHU2X7Rfw10611O9+JHifw34Pt4NYvtLsJLnxDYOl7HZ eWTJuLoI5cSKZLc5eLK7vvCvz20T4M3Xgf8AY1+FGrN8Ob06/oPjbSdc1+1t9Ikl1l7O212Wad3t 1j+0y7YWBC7SfLxgbaXX/EvxQ8D+D/G3hTwz8PfEaX3xG+IviK4i1xPDF9qX9h6NKtsXv0to4Hka aVTstFKhGcMzMBGQQD9Lpfj18DYPCQ8fS/EPw6vhlrg2g1T+1rT7CbkDJhFx5nlmQDnYG3Y7VQ8S /GfQvD+qeALqBrbU/CXj68OmQa1a3SywR308fmWCjYGWSK6KSRrIr8S+UuG8zK/l94x+HNnpGrfB /wAS/CPw34w8OfDfwRaazo8zP4Qmv9WtNUu/s8x1GfStRtXlnW7Xcr3ccLYcMuVHFdnH4E1jwh+y j4c8DG21TS9W8bfFDSrjQ7bVreCzvLTzdchvmlWxtlSO1QRW89x9nUfukY5xggAH660UUUAFFFFA BRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAf/9X9/KKKKACiiigA ooooAKKKKACvNtb+EHw38R+I08Wa1ocNzqiFSZCzhXKcKZI1YI5AGPmU8cHpXpNFOMmtjOpShNWm r+oUUUUjQKo6pp8OraZd6VcllivYZIXKEBgsilSQSCM4PHBq9WF4o1B9J8M6vqsdylm1nZ3EwnlR pI4jHGzB3RMsyrjJVeSBgc0AeLRfsx/DFv2c4v2XtVjudW8HQ6YNLDXbxtebEO6ObzEjRBNG+HRh GAGUHb2rzxf2KPh/pXh3wHpvgnxR4i8J658OtOk0jTde066t01KXT5m3vbXYe2e3niL4cKYRtYbl 2nOa2mftpfBXwj4Q8F23xI8ax6r4p8ReHrDW410nR9Sc6jb3fmILm1tUt3lVGeGQ7GG+MDLhQQTh /FL9un4ceF9O+EfifwJd/wDCReG/iVq5t3voNO1C68rT4El89o4reEv9pWZFj8hl8wfOfLIRiADp tQ/Yj+GU/gDS/Bek6/4h0fU9L8RP4sHiK3vo21u41qVHilurieaGSN2kjfYw8oDAXAGOfdfjH8I/ Dvxv+G2ofC7xdd3lvpmpyWUss1m8cdzusLqG8j2tJHIg3SQqG+TlSQMHBHmniz9sn9nHwR4zvvAv iPxaLfUNJnittRmjsryew0+echY4ry+iha1t2JOCJJV2n722q/xC/bR/Zw+F/irWfBHi/wAUSxa7 4dET6jaWumahevawzQR3KzyG2t5FEIhlRjJkqM7c7gVAB0vxa/Zq+HHxq8Rw+IvHRvJzFoWq+Hja xSolvJaav5fnO2YzIJUMSmJldQp5IJxjzDRv2KPC9l4o8EeL/EHxD8YeJtQ+HV3HcaGNSvrV4bWF I2ia2MUdpGjpKhUSSMPOOxdsijIK+Jf2wfCmnfH74V/CnQH/ALU0P4iaZNqK6lb2N9cqwn8ldO8i WGMxeXKZGaaQkrCoUymMMCTwf+1x8NfD3wb8B+Lvib41t/EWr+M47k2Mmh6TqDSambaV1ke201YX u1SNQA7OgUEZzyMgHp9h+zT8M9N/aJ1H9p23iuf+Ew1TS10uVGdDZqo8tTcJHs3i4aOJImfzMeWu NoOSee8L/sl/DnwmfAx07UdVk/4V/rmseILDzZoD5t1rfn/aEn2wLuiX7Q/lhNjDC7mbnOhqH7Xn 7Oel/DXSfi/f+NLeLwlrWoHSre98i5b/AE8Ryym2lhWIzQyhYXysqIcgL95lBj8M/tffs8eKvCvi zxnZeKxZab4GWJ9a/tG0u9PnskuOYHkt7qGOYrN/yyKod5+VctxQB5L+0h+zXp+paV4+8c+F/DGo eOdc8d3/AIdudQ0+DU4tMu7NNBVoobzRrgrH5V5CrmQCWUq5BUYB2nzj9kv4I+N9P/aK8R/HfXdO 8XafpEvhmLw/bzeO9Qt73Xr+drtbmSQx2rvFb28KxKiJ8pYkvglmx9DaR+178IviDp/i3SPhxrE/ /CVaBod3rMVjqemX2myyW8MZKXEcd7DCZYt+0Er0yM4yK9I/Z78fax8SPgH4B+JXix4U1PxDoVjq V60S+VCJZ4FkkKqSdq5J4zwKAOb+KX7N2ifEjx/pvxU0rxXrvgbxbp+myaM2o6DPbxyXGmyS+e1t Mt1b3CFRJ86EKGVjkGtf4C/s++Dv2dtC17w74J1DVL+08Q6tPrVwdVuVu5heXMcUczCbYsjCQxB2 8xnbeWOcHA+Z/iB+3f8ADzUvE3w18KfBPXk1S88VeNNL0e5efTbxLW70uZ5IrySxupoooJjHJsUv E7hSehBBr2/xZ+2T+zj4I8Z33gXxH4tFvqGkzxW2ozR2V5PYafPOQscV5fRQta27EnBEkq7T97bQ By/xA/Ys8CeOvEPinVLTxZ4l8L6R49kSXxLomj3sUGm6u6oI3eVHgkkjaeMBJzDJH5ij5uctXofh 79mn4eeFvC/xJ8H6JLeW2l/E+S5e/iR4VFotzYpp5jsgsIEaJDGuwOJMN1JHy1j+P/2w/wBnr4Y+ LL7wX4x8SyW+oaSLc6jJBp99d2mni6AaD7ZdW8EkEHmKwI8xxgEMcAg1NP8AHTwx4a+IfxDPjDxt pdv4V8IaJpOqywG3njlsIrzzv38t2V8mdLjYoijiLOCMEZZQQDkLr9jLwhbX+g6t4I8beKPBeo6N 4d0/wtPdaPd2sUuo6ZpibIBc+bayL5y/89oljYdFwMYpeEP2FfhD4Ih0G00TVddNr4a/4SdbGKe6 glEcfiuOOO8jZ2t/McRCMGAs5cEsZGk4x0Wi/tu/s1a7c6hY23ii4trzStLvtbuba70jU7SePTNO iE0915U9sjGPyzujwCZOQgZlYDR+H/7ZH7OfxR8Z6d4D8E+Kze6rrKTPp3mWN7bW1/8AZ13zLa3M 8EcMzRryyo5IGfQ4AOe1b9jHwBcaD8PbHwv4k8QeE9e+GWlpo2k6/pd1DFqT2CoqGC73QPBPG5UM VMIAbJXbkg6vhT9j/wCF3g+98Iatp19q9zqnhLXNQ8Rte3VzHPc6pqep2721xNqEjRZkJjf5RH5Y G1e2QfbviT8TvAfwh8Kz+NfiNq8ei6PBJHCZXV5GeWZtscUUUSvJLI5+6kasx5wODXyB8Yv22fBW mfCuD4i/CzXYRHpPirQtI19NUsrm0n060v51FwZ7W6SGaJvI3MjlcHBK7sUAdN8ff2cdL1Lwt8X/ ABV4Z8Mz+Ptf+JiaGL3RLjUI9PjYaIRHE9hcbFMFwkZMqNI7KZUUfKpIPzN8E/2Ztd8dfHW58ceP 9B8aP4Lg8J6h4eu3+Iup299quovqLpG1rBDZyOkVrDCrkykq8jybvmPzD7g8C/ta/s//ABEtvElz oHikWw8I2g1DVF1O0utKkt7EglbopfRQs0JAzvUEDIBwSAX/AAv/AGrvgV8YfEkfhHwPr8smr3Ns b20t77T73TWvbRes9obyGEXEY6kxlsDkgDmgDyPT/wBg7wPa2FlpOp+PfF2vaf4etLu08O2mp38F xb6Ebq2e1Sa1QW6F5baNyLdpzJ5QC7RxmvcNX/Z48C6x4V+GHg5pryz074Talpep6Qts8ab5dItp LSCOfdG+6MxyneE2MSAQwGQfLfBn7WXw30D4LeBPGvxO8bW2v6n4xjufsU2iaTqBfU2tpXEj2umr DJeKkSqA7NGACMk4YZ73WP2tP2fdF+H2h/E6fxbHc6F4mne00v7Jb3N1d3tzExSSGGzhia5MiMpD qYwUP38UAZfxK/ZY8NePPiI/xX8PeLfEfw+8UXlkmnajd+HLyK2/tG0iJ8tLlJ4Z0Z4wSI5VCuoI +bhcctL+xL8N9Js/Co+F/iDX/h1qnhLTZtIh1LRLqIXd3Y3M32maO8NzDOkxectLuKAiRiw7AfQP wu+Lfw9+M3hyTxV8ONWXVbC3uJbO4Bilt57a6hx5kFxbzpHNDKuQSkiKcEHoQT5L8RP2y/2d/hZ4 m1Lwl4v8Rzpf6GYhqhtNMv76307z1DJ9ruLWCSGEkEHDOGAOSAKAPmnx3+xeNP8AiJ+z74S+GF3r +ieG/BS+L7u+8R2V3EdTt9Q1KO2ljuJ5pkdZHupRIrqYijKSm1VwB7xJ+xR8KbjwRceGL3VNcuNf udbj8SP4qa9UeIBrMS7I7tLlYhGpjj/dpGIvKCcbO9bXij9ojwf4J+I+q3fiXxrp8PgvTPBNv4nl tYrG7uLpYJr14V1FbmGN4pLd1CosKZl3AvjaQawU/b5/ZTkmurWPxm73ECJLbwjTNR83UI5H8tH0 5Ps+69UtwDbiQYBfOwbqAHH9i74f6l4U8e6H4x8S+IPFGtfEixi0zVtf1C6gfUhZQHdHBbbLdbaC JWywVYOWJLbjjHqPjz9n3wD8SPEHg3X/ABWbq5Hgq01axt7QPGLa6t9asvsF0l0pjLsPJ+7sZME5 ORxWTeftXfACw+FWn/Gm58WRDwnq1ybKznW3uWuLi8DtGbaOzWI3LThkYGMRbgFJICgmjS/2rfgF qvw91z4oL4rjs9B8MTLbaqb23ubS7srhyAkM1nNElysjlgEXyyXJ+TdQBwPgL9i/wV4L8TeFdd1X xh4m8YWPgJJI/Dmla3eQT2GliWH7PlFjt4nlZIiY4zM7hFwAMgEY2jfsG/C/RZrLRovE3ia48BaX qaavZeDZr+N9Bt7qOb7QqrF5PntAsvziF5im7JIOad8Lf2sNN+Mn7Ud58MPAl2Z/Cun+Dv7VuYrv T7rT9Qg1X+0Fh2SR3aRSKht3RgDHg7gwYivdPiz+0F8KfglNpdj4/wBVlh1LXBKbCwsrK61G9uVg AMrJb2cUsmxARucqFGcZzQBY+P8A8JNP+O/wY8XfCPUpvs0fiWxe3jnI3CG4UiS3lI7iOZEcjvjF effD/wCHl38Tf+FYfGv4s6dfaH4+8H6TqWl3Wms0f2R574R2968isjtJG7WwkgZZFBRwWDZ48t+K 37d3w18N/D/4f/ET4b3n/CRaV4x8V2OhTyDT9Qle1thcImo7oIoRKl1FG2IoHUPIxBRJACp+tPGv xR8CfDrwDc/E7xvqg0fw3aQxTyXM8UoYLOVWJfJCGUyOzqqxhN5YhdueKAPmfR/2FvhppMum6KfE /iW98BaJqK6rYeD7i/jfQ7e5SUzRqEEIuXgjlO9IZJ2QMMkEcV9DfC34S+HPhHb+KLbw3c3dyviz xBqfiS6+1vG5S81WXzZki8uOPESt9wNuYDqzda8K8Qftb/DHxV8J/iD4k+GvjCPQNZ8F2K3N2+ua RqMT6cs3+qnnsJIY7mWJwDgxIwPrnitTxl+2x+zh8NdZv/CXjfxa8eu6FFayanDbaXqNz9ljubeK 5SeUwW8gSExzI28naCdpO8FQAegfEr4DaD8SPiH4F+KL67q3h/X/AAFLO1rJpc0UaXVtdNE1xa3S SxSh4ZfJUMF2tjOGGcjj7T9kv4c2XwE8Nfs7Rajqp8N+FryzvbW4aaD7c8lje/b4xK4g8sqZeGCx KSnAIPzVseBf2sfgB8S/HUfw68EeK01TWbpJ3tNltcraXotRmf7HePEtvc+UOX8qRsD6HHL+Df24 v2YvH2qaRpfhbxe9yuvXCWVldyabqFtYzXsgylp9rnt0gW4YdImcPyBjPFAGX43/AGLPA3i3xX4q 8SaP4v8AFHg6z8fD/ipNK0O/it9P1VzH5TySRyQSvHJKmFlaF0LjOeWYn3vX/Bljo3we1P4f+CdP W3tLPQ59N06zh4Cols0MMS5PpgDJ+pr5Q8IftGeMtdglk8QeINM0Fo/jHqfge3WWwuJ/t2nWkk6w 2cfkb/LupFjDfaJNsY2ndgkV7NL+15+zzD49Pw4fxWDqy6iujtKtndtp66m7BVsm1AQm0FwSceWZ cg/KcNxQB89fsw/sX2/h34b/AAnvvinrviS/uvB9vZarB4W1K8hk0rS9bWIlpUjjiEjNDIzNCrzO kTE7BjAH0JbfspfCtPgdqn7P2pC91Twxqt3eXzvcTKt5Fc3l49/5kM0McYRoZ23RELkBQG3c5+dP F37bcPw11rStI1TVrfxQmrfETV/Dt1LYaLqrHTNM0/fvt9scLG4vYXCRkx7hICzxqyqxH1kn7Rvw Zf4V6x8aj4iWPwf4fmuba/vJLa5R7ee0n+zSxPbNELjzBLhQnl7mJBUEEEgHnGgfsd+AotT1DWvi Z4i174pX99pFzoCS+JrqKcWumXY23EUCW0NuivMuBJMQZWwPmFQ+A/2OvB/g7xH4X13WvGPifxpa +BNx8Oabrl9FPZaUxj8pXjSKCF5ZIoyUied5CinA5Ga+ivGPj/wf8PvBd/8AEPxvqcei+HtMgFzc 3d0GjEUbYC7kI37iWChNu4sQoG44rx3wD+1v8B/iTq2r6D4c1y5h1PRNPfV57XUNMv8ATp206P71 1FHdwRPLGMjlATyMjkUAeb/FT4Har4P+A3jT4PfBiO+1G/8Ai/rt+l3dXZSVNMTxLMz6ndOY0i2w QQGXylOXLlFLMTmvrnwh4X0rwR4S0TwXoKGLTNAsbbT7VDyVgtYlijBx6Kor5z8E/tu/syfEXxPo fhPwh4vN5d+JSsemyvp99b2l1OYxJ9njupoEgM6qRuiLh1b5CA4Kjx39p39vT4cfDrwJ4ts/hd4h jvfHGiXltp8Bk068n0w3wu4kubX7YIltXnjgMjGMTbhjpkEUAdbdf8E+vgLc/Cz4ifCNH1S30j4k 67/b95NFNbi6s7hZUmjhs3NuUSCMqVRZEkYK7gucgj0Hxp+yn4R8ReI/DnjHwh4l1z4fa74a0VfD cF5oE9vE8ujI6utpKt1b3CFUZdyEKGVuQeldD+1V8SfEnwe/Z48d/E3weYRrPh3TmurX7QnmxeYH VfnTIyMHpkVieOv2uvgX8K9TtvDPj/xE8OuCwi1C8t7KwvdQNlbSKG8+6NnDMLeM9QZSvHP3eaAP NtK/YG+F3hrRY7Pwh4p8UaNrFnr174jsNajv4pdTs77UraO1vQs0sD+bDcrErTJMJCzZO4A4r334 K/A3wv8AA/SdZtNE1DUdc1PxJqEmqatqurTrcX19eSKqb5WjSOMBURVRERVUDpkknC8e/tUfA34c xeH5Nc8QPet4pszqWmxaTZXery3FgApN2EsIpmEGGB8xgFPYkggYuu/tk/s66HonhnxAPFD6tbeL 7SW/0xNKsL3U55rOB/LmnaC0hklijjfKuZFXDBlxuUgAHG+Kf2IfAfia+8aQw+MfFOieGPiHeXGo 674f02+gg068vbtQk8xJt2uE83aDIizBHIAYFcqfUPhz+zh4M+Gfi3Q/Gmj6lqd7qGgeDrDwRALu SBo303TpmmhlkEcMZNwS2GcEIQPuA5J9U8CeO/CHxO8IaX498BapFrOgazF51pdw52SpkqeGAZSr AqysAysCCAQRXW0AeXfCT4S+HPgz4cvvDHhe5u7q11DVdR1eRrx43kE+pXDXMqqY44xsV3IQEEgY yzHmvUaKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoor5C+I/7QXxEufi1efAf9njwjZ+ KvFOh2cF9ruoatetY6Ro8d4CbWKZoo5ZpZ5lG8RogwhDZPzbQD69or4b8P8A7YF94Ufxz4S/aT8O W/gTxl4F0Z/EPlw3yz6Zq+lhhEs9ldSrEAxuGW3MUgDeYygEkkLQ8L/t4fDjXdc+H82rajouh+F/ GHg6XxJe6jcatCY9Mv4pLaN9NklOyMyxtOUcHa+9cbATigD7zrktS8D+GdW8X6L48vLTOu+H4bq3 tLlHdGWC9CCeJwpAkjYxo21wQGRWGCAaqRfE74bz+Cf+Flw+K9Kfwj5Zm/tgX0B04Rq2wsbnf5WA 3yk7uDx1rI0f42/BvxD4SuPH2h+OdDvvDVpNHbz6lDqNs9nDPK6xxxSTB9iO7uiqrEEsygDJFAHp 9FfGvjD9pfxR4u8T6F4I/ZO0nSPiLPqcV3cXuvzX7jw7pqWbIhglurOO433Ls4xCuGClXIKsCPQP 2bfjhqvxt8NeI28UaAPDPijwVrt54c1mzin+1WwvbIRs0lvPtTfE6yKwyoYcg5wCQD6KooooAKKK KACiiigAooooAKKKKACuS1bwP4Z1zxXoPjXVbT7Rq3hlLtdOkZ32QG9RY5nEYOwyFF2BypZVZ1Ug O2etooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKA P//W/fyiiigAooooAKKKKACiiigAooooAKKKKACuL+JNrdX/AMO/FNjYwvcXNxpV9HFFGpd3d4HC qqjJJJOAByTXaUUAfln+yF8NfGvh34v/AA41zxP4X1HS4tM+B+iaPLcXllNAlvqCanLJNZu8iKEu FTazxEhwuCRivMbTwl8QPh78NPhx4qvvA2v3dt4P+MevaveWNhpdxPfppdxLqCRXMdoq+Y8LeahV lBUhgQcGv2aooA/BC5+EXjvwnpnxd+EPi3S/irqmo+Ldf1e+stO8NRWieHNfs9WcNHNPqE+n3ItZ CpAuTM2Y9q7QT8o+2vgT8JvEPgz4hftGWmp6DepbX+keE9NsLq5jeYaimn+HEtZVhufJhS62S5SR o0UF85RSdo/RWqt/fWemWNxqWoSrb2tpG80sjnCpHGCzMT6AAk0Afkl8I9A8efDbUP2P9f8AEvgv X2ttN8Lap4f1MW+mXE0ul3moGzWD7dEF328fyNud1AUKSelcJ+zP4c+IP7Or/Bz4u/EH4f8AiK90 U+Ar/wALXkNjpVzd6lomoDW579ZLiwVPtCRXMTBd6ocFV3YBGf2Y8N+I9C8YaBp/inwxfRanpGrQ R3NpdQNuimhlXcjo3dWByDW1QB+Ntp8IfiDrc/h/4hz+BdV0nT/GXx90/wAWx6RPaO1zYaVFYzxH UL+FAxtTLMvmSCQ4QsmTkiux/aY8K/GW1+Lnxm8VfDXwVLrn9p+F/CUEU0ujjVIZDBqUxuntLedD b3d3awkSJESSCFbH3Qf1hooA/FHw/wCG/iH4j/aCi8Y21r8RvFujXfgPxNpf9teLNIayDahLEki2 9vaw2tubeNhgRmVB50hKxlypr7o+FHw78Wav+wZ4f+FM8E+geJNQ8AJo/l3cb289neT6cYAJUdd8 bRu3zArkEcivqHw34x8L+MP7UPhfU4NT/sS/n0u98ht32e9tsedA/o6bhuHbNdLQB+Ok+t+LvF3h D9mL4OW3wg8U6Xrvwz8VeF2124n0adNO0yPSozazSxXiqYpYpSfMEkbMgj+aQqcZ8dvPg/488H6f 8X/g74u0v4qapqXivxBrF7Zad4Zjs18N+ILTVpA0c02ozafcrbSFSBcGV8xhVKgn5R+9tFAH4ifF j4f+NPhnrnirT/h1oPxB8MeMZdJ0y1sv7Gth4s8L+LpbTTordDqcMtlHbwzKU8md3WNSimUKd22t X4zfCL4zeLta+Iuuav4TP25ND+Gl9cWCL9n03VbrSLmWfUNLs7iTELsrHCIrk52L1YZ/aauG+JPw 28FfF3wXqPw9+IWmjVdB1URieAySREmKRZY3SSJkkR0kRWVlYEEDBoA/ID46eO9X+Pfxt1FtA+Gf ibw3qEnwh8c2FvDrWnG01PUZprZQkEForSSusckgRGAxJJIwj3AZP1Hrnw+8URaN+x1b6b4bvQfC V7p41JY7SXOmxLoUsL/aQF/cKJNqNv2jfhTzxX0x8LP2bfhv8JvEt9430iTVdd8T6harYPq2vand avfJYo/mLaxS3TuY4Q+CVTG4gFskCvfaAPjP9sHw74rmb4VfEnw/4fvPFun/AA68W22s6ppWnxfa LyS1+zz2/wBot7cfNNLbNKHWNfmPJHSvmz4zXniL9ofTLjXfDHwd1DS9Fbxr4KT+0LzR5rXWtatr S7DXc1zatCJ1srRG2pJLxguflANfq/RQB+Tv7afwM+JnxZ+Lnje38BaBc3g1L4WQW0Vx5Tx2d5eW HiS3v/7ONyQIvOmgjdVjZgdrknCkmvQbjXNX/aU+PnwP8QeFfh54k8JWPw0m1PUtYv8AXtLl0kWa 3VibZdNt/PCi4eSQp5nlZRUUEMeg/SGigD8Uv2btA+IX7O8HwV+LfxB8A+Ir7RYPAmq+GLy2sdJu LrUtF1B9Zkv0lnsVT7QkdxDhN4Q4IXdtVgTY+KPg/wCJHiXxd8Lv2kJPh/4m+G/hi1vfE6XVn4Ks 4T4m0+PVGUW2qXdi9rKfOvFQ/bAsbuiEbmLZU/tLRQB8K/sVeArzQbn4leP7nTvFtknjHVbZ4rjx lPb/ANp6illb+WLxrKCytDaB92wLIZHcIGITo3xx8cdP+NniLUPjv4L1HSfG2nXmt3Wpw+HtD8G6 BbwaJrVpNaiKC+1PV/sztM8n/L0jzo+FEaZyFH7Y0UAfhv8AET4XfFPWvAl+th4L1yaeb9nbQNEE Q0y6806tBqBaWw2eXu+1IvzNDjeF+bbjmvuDWfh1qI/av+AviG08OTnSfDPhLXbWS8S1c29jM8dp FBFJKF2xOyGRUViCRuAHWvuiigD8K/GHwT+LNpe2PxJGh+LbLRfCHxc8e311F4ctANcXTtZdUs9S 0+3uoJVnhUofmSN8o5ZP766svwV8a6zcaz8e/Cnhnx74lh0Xxh4P1udPFj2yaz4lsNAWYSm30tLC zeNrdbgeT5rs02wAKpG0/t/RQB+d/wAJ/EOrfFH9uHVPivpvgLxD4b8LL8P10hNT1vSbjTBe3keq JOUCzorAqj4UPhm2sQCgBNf9qy8+Jdh8dfCtxZReIdB8EPoFzFP4g8F+Hota199Qe5XGnNM1tdSW ls8YWRWRMPJw3QEfoxRQB+GHg/wN8U/DPwHudb1jwL4tluPD3x4svGE9leWMl3rlxoqyW8xutsK7 bqUgnzWhyvmB84AOP0p/an0iD4ifs5anGfBOqeMLe9GnXh0qxnfTNahRZ4pvPtcxu63drxKsLAFi hjJ5wfqaigD8ONV0T46+Mfhd8d/Dmg2fjHxz4Nu/BsVvpV94t8P/AGPxPLqv2rP2CFlgjur6FYtz M7IQsnC45LfSmj/DXxWNd/bBvbnwxfZ8WeHNEs9Nd7OXGpGHwwYHhtiUxOUmYxsqbsP8pG7iv0zo oA/NDw78OPFml2H7EcNt4Zv7b/hE7IjWALOVTpry+HGjlF58v7gtOdjeZtzIdp+bivkX4K6zrvxj /YO8AfsxeCPh7r1v4i1PULJhrDabJHotrbW2s/bpdUGokeSTsjZNgPmmUldpH3v3prz/AOFnwy8J /BvwBo/wz8CwSW2haFG8VrHLI0zqryNKcu2Sfmc9aAPzGs/hp8R1i0YN4V1UGL9pbUdefNjP8ukO 15t1A/JxaNuXE5/dnIw3IrS+EWs+M/hZ8H9N/ZT8QfBfU/GHjWz8RXETy6hpTy+GLyC41Z7wazLq JjkgCRxSCQA/vRKiqEU4x+s9FAH4z33hT4heBkg8fX3gfxBqFl4f/aA8Ra/cW9hpdxc3r6TdR3Mc V7BbqvmSwOzrtkQFSDkE1seLvhl4kuf2zJv2cdOg3fDbx/rGnfFbUkHAi/s1XivLaWI8lbzUYrSR sgYyRyc4/YCvGvh/8CfAXw48aeKfiJo/26/8R+LpM3l7qV7NfSxwCR5UtbczM3k20byMViTCjjrh cAHBftkr8RH/AGf9fX4X6DF4i1szWP8Aoz6fFq0qW4uozNPb2M4aO4ngTMkSMMblzgkAH89vDXhz 4h+Iv2hoPGVva/EbxZo114E8S6X/AG34s0g2Qa/ljSVbe3tYbW3NvEwwIzKg86QlYy5Q1+1dFAH5 ZL8MvGVv+y3+yL4dtvCuoJqfhnxZ4LvNUtFsphcaekMcpu5rmLZvhVGc+azhQpPzEZr5/wDF9h8Q fC37FWqfsdXPwo8U65470vVGH2yz0ee60y6gGtf2gNUivYlMb74jjYP3okJBQKCR+5tFAHyv+274 e1/xZ+yf8TfDnhbTLrWdWv8ASXjtrOyhe4uJnLodscUYZ3bA6KCa/PnxP8OvHfw1+O3xW1bxNH8T oLD4gw6ZeaTN4Es7e8tdREFiLd7C/MtldG3licFI/MKx+WWY4xlv2uooA/GLWvg/dfCrwr8Hkl8M fETwRf6J4WntIfEfhK8/4SHU7CWe7+1DRdWtLawjjuLcGQMkgjVfMHl4IXzDhDw/8U08M/DXxx8W /CvjfwT4st9I1S0g8V+A7ALfrEdQMttY6z4ftLeWKNLiMrcHBA84lWVWBI/bqigD5j/Y9PxSP7P/ AIdPxh0tdI8Rb7smH7FDpszWxuJDby3FnABFbzyx7XkjUDDHkBsgfTlFFABRRRQAUUUUAFFFFABR RRQAUUUUAFFFFAHyn+1Z4f8AHmv+HNIj8JW9ze2MUspvre1VndyQvksUTLMq4fPBwSCfUdr+znpH jPRfhtBZeNlmiuPtEjW0VxnzYrYhdqMG5X5gxCnkAjp0Hu9FbOt7nJY4I5eliHiOZ3atboFFFFYn eFfm/J498N/sn/tV/FLxL8Z5X0Twb8YBo19pHiCSN5bKO80y0+yXFjdSxq3kv0kh34UqSA2Riv0g qOWKKeNoZ0WSNxgqwBBHuDQB+T/jLULP9qr4peNfi18NdOuNU8BeC/hxr+hW+rNbvHFrOsakolWC 1jlVXnigRA3mAbfNK7c8MfO/2a4fhJ8Wviv+zP8AYrbT/EFr4Y+FNxFNG0CvHb6zZ/YLa5Do6486 MyOCSM5OQehr9pwABgcAUiIkY2ooUZJwBjk8mgD+ff4ieGL/AE74b+JItHaPRvh94N/aB1ebVT/Z h1Sw0ywWGJoZ7jTkeMTWcE0mXizt+YcHAFYnxS0XRfF/w8+PXjLw945j8daRqun+DtM1O90Xw0mg 6Bc3P/CQ2ZhMUq305uLuGEukhWHaqMoMm75T/RLTI4o4Y1ihQIijAVRgAewFAHy5+0Kul/A/9mHx xc/C670j4ZfY7ErbX4tZILKxmuGjthcNHY288m9QwClYXO4LkYGR6j8FvhL4K+Cnw803wJ4FhYWM IM81zMxkub66n+aa7uZG+aSaZvmZj7KAFAA9VooAKKKKACiiigAooooAKKKKACiiigAooooAKKKK ACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAP/X/fyiiigA ooooAKKKKACiiigAooooAKKKKACuC+KnjX/hW3ww8X/EX7Kb3/hFtH1DVfIBwZvsNu8+zI6btmPx rvaoappena3pl5our26XlhfwyW9xBKN0csMqlHRgeCrKSCO4oA/LuTx9+1B8N/h38J/2hvFPxIHi uy+IOpaFba14dXTLK3s7O08R7RE2myxx/aDLaGVAPMeQS8lhgYL9I/aO+NWreCvDHwGOviP42zeP 7jwjqupJaWwcabpT/wBoXeqR2rRGALJppiC/u9paTK4IyPoTwh+xL4A8Lan4XW88W+J/EXhjwLex 6h4f8Oapfxz6XptzBu+zugWFJ5fs2f8ARxNM4jAwM16ZYfs0/DPTf2idR/adt4rn/hMNU0tdLlRn Q2aqPLU3CR7N4uGjiSJn8zHlrjaDkkA/MnU/2qv2mPHl38Q/Hvw7vPFkM3hrXL/TvDvh3SPBUmr6 Hew6ZKIymoaisDzedclWDiOVPIJBHUgesp4z/aN+N3xI+M8cnja48D+CfAekaHenw22k2klzM2se H4727sLmeeJZ4gjlwTjzA0hwV2KB9EeJf2Gfhx4g1jxU1j4r8UeH/C/jq7kv9e8M6ZqEcGkahdTY M8jIYWmj8/H74RSoHGBwBivYtB/Z88C+GtZ+I+saNJd2/wDws23sbW/t1aJbe1h07TxpsK2aLEDG BCoJDmQbumF+WgD82fgZrf7Qfwb+DX7MPjq5+IY1jwv421Lw/wCGZ/DL6ZaR2ttp2qQulrJDcov2 kzxBFZ2aTDMTwFUKcLU/2qv2mPHl38Q/Hvw7vPFkM3hrXL/TvDvh3SPBUmr6Hew6ZKIymoaisDze dclWDiOVPIJBHUgfpW37MngJ/hx8Mfhgb/Uv7K+E+o6PqelS+bD9omm0QFbdbpvJ2OjZ/eCNIyf4 Stea+Jf2Gfhx4g1jxU1j4r8UeH/C/jq7kv8AXvDOmahHBpGoXU2DPIyGFpo/Px++EUqBxgcAYoA+ XPjF+0P8V9Z8SeIY/DnxD1vwtqOl6HpuoWnhbwr4WbW73Tru4shcyr4huLqzaO3Ic7fKEqbYxukA bg9t4C+N3xx/aQ1P4T/D3w/4t/4V9cax8PofGuvarYWNtdXN1PLcrZR29sl4ksMSearyyHaxwVQY Byffte/Yt8A6n4j8R6p4f8UeI/COieM0gTXdB0W8htNN1BbeBbVVI8hp4Q8K7JPIljLjuKbH+xZ4 F0vwx4D0fwh4s8SeGta+Heny6Tpuv2FzbJqcmnTvve1ut1s1tNFkAqGg+VlDAhskgHG/8E/rHxLp nhX4wad4y1GLV9ctviZ4jjvb2GIQR3M6i2DzLEuRHvPzbBwucdq++K8O+AnwD8Jfs8eF9W8K+ENR 1PVYdb1a61q6uNXuFurp7y8WNZmMqxxlgxjDEsCxYsSxyAPcaACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKAP/0P38ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD/9H9/KKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKin87yZPs20S7Ts3527scZxzjPXFS0UAfA/wH8PfEbXviF8ffhz8Y/G974hvDJoIa50ySfSY7Nb ywMzRacsMpktkQkKGWTzHxvdixJqn+yl4IuNQ+LXxA+JuheKvE174E0W5n8K6NY6tr2oatBfXNjI BqOpkXk0q4E6m2g2cBY5G5LjH2D4a+GuheFvHfjH4hafPcyaj43ewe9jlZDBGdOt/s0XkqqKy5Tl 9zNk9MDimfCT4YaB8Gvh5o/w18MT3N1p2jLKI5rxke5laeV55JJWjSNC7ySMxKoo56UAejUUUUAf /9L9/KKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooA//Z --000000000000dd6c6d05b581600c-- From nobody Wed Dec 2 14:29:11 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 43C313A159C for ; Wed, 2 Dec 2020 14:29:10 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.693 X-Spam-Level: X-Spam-Status: No, score=-0.693 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_ONLY_28=1.404, HTML_IMAGE_RATIO_04=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=pingidentity.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jn_25fgA55Y9 for ; Wed, 2 Dec 2020 14:29:08 -0800 (PST) Received: from mail-lf1-x135.google.com (mail-lf1-x135.google.com [IPv6:2a00:1450:4864:20::135]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B1D083A158F for ; Wed, 2 Dec 2020 14:29:07 -0800 (PST) Received: by mail-lf1-x135.google.com with SMTP id l11so7311007lfg.0 for ; Wed, 02 Dec 2020 14:29:07 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=google; h=mime-version:from:date:message-id:subject:to; bh=7BA4fB7ulUvaTKhtL72IoZHcfjfbNRijUeehwzWPsVk=; b=YJGEn2N3I4Ckm99CtFSXpYDAuJSOlnMD8zNv8N26gSN4HvvERttDvOOZjf9qDegTFh xGrdQKeAPLA0yssqtpfgElOnN97AJt1oIT0auu22s7QUOTTdkyIU7746Tc7HuaqK9yh9 xlwfTgnXsCq5btGTY2SEoC24g5ypaRfozRRU6uEJAqz9qjtKP1BPDUI4AcKLUdbTdZhv 55V4r8GCSJl7rCXZxGf+W58bfghj0w73koqhK0Ix9E6+ULbtPLCb87Bcr/2OumCWrPM9 vvUe2hn0p5hSmUV3oOm/AOQVTS2I0X4fnqgQ7+PjAaCoOD/EVJobEO4RCU6a2JZ+1cIo urAw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=7BA4fB7ulUvaTKhtL72IoZHcfjfbNRijUeehwzWPsVk=; b=qCf2ZcsoCG26JD3pOLE0BjwauyruPx5W2bQ91BdlyeF96MT7Ua2v3o8frvuMpd4pf2 KOtFg3c+an4tvOGGY+CzmolAMQVD22UEHYMCulzVxXvtdYXRCJ2O7J3RUEd2MJpRxnzw PwBsHk53oeHa9P5QEXeuBEzTZqyDgX/tqxWuUyMI/vol0MCftK7uw5Myg8AJH9ZkxPM4 +HvKVHAaYqjJv7ql8/EBlDqTAgqLSSLURG28CzIMU+46g3oLyMsSXhKrtIOgzDlb85rj ZUxwi97z4wANxcGwJ5XG0nA3Rb+TfLIFHFLljzsJloMNG8P04ttIHbaFbo8A/v0Ore1I fKuQ== X-Gm-Message-State: AOAM533947VAbA66Xyth1VdaddASmi3mq9Y4yt8XOnxy1ax+vDXUmBwx rl9sOpCNph8qEQLzuu6d4/9phzp551XiTwy7Wdv7L1X1qUoMsYM+1JSmOpKqRzOXv0pC8D4ICIK gFm0NBoas/LS3tw5R4Hvn7Q== X-Google-Smtp-Source: ABdhPJyT+UDNCEpr7RL7VB7HPHVGACPfAOsbJEqTG++m6GclcK5gIIaiCHa3xMDyRe0DIVm9od+J86+Wj3anlYlQoUQ= X-Received: by 2002:a19:5215:: with SMTP id m21mr91648lfb.407.1606948143427; Wed, 02 Dec 2020 14:29:03 -0800 (PST) MIME-Version: 1.0 From: Brian Campbell Date: Wed, 2 Dec 2020 15:28:37 -0700 Message-ID: To: oauth Content-Type: multipart/related; boundary="000000000000433d7005b582c50b" Archived-At: Subject: [OAUTH-WG] DPoP followup II: confirmation style X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Dec 2020 22:29:10 -0000 --000000000000433d7005b582c50b Content-Type: multipart/alternative; boundary="000000000000433d6c05b582c50a" --000000000000433d6c05b582c50a Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable There were a few items discussed somewhat during the recent interim that I committed to bringing back to the list. The slide below (also available with some typos and omitted words as slide #18 from the interim presentation ) is the second one. To summarize (by basically repeating the content of the slide): It=E2=80=99s been suggested that, for resource access, having the J= WK in the header of the DPoP proof JWT makes it too easy to just use that key to validate the signature and miss checking the binding to the AT=E2=80=99s cn= f/jkt hash, which undermines the value of doing the binding in the first place. As I see it, there are two options here and I'd like to gauge WG consensus on which to move forward with. 1. It=E2=80=99s fine as is (AS/RS symmetry is nice, it's the same way confirmation works in MTLS/TB, and the binding check is kinda fundamenta= l to the whole thing so it's not unreasonable to expect implementers to do= it) 2. For resource access, put the full JWK in the AT=E2=80=99s confirmatio= n and omit it from the proof (less error prone, no hash function needed for confirmation, somewhat less data overall between the two artifacts) [image: Slide18.jpg] --=20 _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged= =20 material for the sole use of the intended recipient(s). Any review, use,=20 distribution or disclosure by others is strictly prohibited.=C2=A0 If you h= ave=20 received this communication in error, please notify the sender immediately= =20 by e-mail and delete the message and any file attachments from your=20 computer. Thank you._ --000000000000433d6c05b582c50a Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
There were a few items discussed somewhat during the = recent interim that I committed to bringing= back to the list. The slide below (also available with some typos and omit= ted words as slide #18 from the interim presentation) is the second one. To= summarize (by basically repeating the content of the slide): It=E2=80=99s = been suggested that, for resource access, having the JWK in the header of t= he DPoP proof JWT makes it too easy to just use that key to validate the si= gnature and miss checking the binding to the AT=E2=80=99s cnf/jkt hash, whi= ch undermines the value of doing the binding in the first place. As I see i= t, there are two options here and I'd like to gauge WG consensus on whi= ch to move forward with.
  1. It=E2=80=99s fine as is (AS= /RS symmetry is nice, it's the same way confirmation works in MTLS/TB, = and the binding check is kinda fundamental to the whole thing so it's n= ot unreasonable to expect implementers to do it)
  2. For resource acces= s, put the full JWK in the AT=E2=80=99s confirmation and omit it from the p= roof (less error prone, no hash function needed for confirmation, somewhat = less data overall between the two artifacts)

=

3D"Slide18.=




<= span style=3D"margin:0px;padding:0px;border:0px;outline:0px;vertical-align:= baseline;background:transparent;font-family:proxima-nova-zendesk,system-ui,= -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ub= untu,Cantarell,"Helvetica Neue",Arial,sans-serif;font-weight:600"= >CONFIDENTIALITY NOTICE: This email may contain confidenti= al and privileged material for the sole use of the intended recipient(s). A= ny review, use, distribution or disclosure by others is strictly prohibited= .=C2=A0 If you have received this communication in error, please notify the= sender immediately by e-mail and delete the message and any file attachmen= ts from your computer. Thank you. --000000000000433d6c05b582c50a-- --000000000000433d7005b582c50b Content-Type: image/jpeg; name="Slide18.jpg" Content-Disposition: inline; filename="Slide18.jpg" Content-Transfer-Encoding: base64 Content-ID: X-Attachment-Id: ii_ki7yqg3z1 /9j/4AAQSkZJRgABAQAAZABkAAD/4QCARXhpZgAATU0AKgAAAAgABAEaAAUAAAABAAAAPgEbAAUA AAABAAAARgEoAAMAAAABAAIAAIdpAAQAAAABAAAATgAAAAAAAABkAAAAAQAAAGQAAAABAAOgAQAD AAAAAQABAACgAgAEAAAAAQAAA+igAwAEAAAAAQAAAjMAAAAA/+0AOFBob3Rvc2hvcCAzLjAAOEJJ TQQEAAAAAAAAOEJJTQQlAAAAAAAQ1B2M2Y8AsgTpgAmY7PhCfv/AABEIAjMD6AMBIgACEQEDEQH/ xAAfAAABBQEBAQEBAQAAAAAAAAAAAQIDBAUGBwgJCgv/xAC1EAACAQMDAgQDBQUEBAAAAX0BAgMA BBEFEiExQQYTUWEHInEUMoGRoQgjQrHBFVLR8CQzYnKCCQoWFxgZGiUmJygpKjQ1Njc4OTpDREVG R0hJSlNUVVZXWFlaY2RlZmdoaWpzdHV2d3h5eoOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0 tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4eLj5OXm5+jp6vHy8/T19vf4+fr/xAAfAQADAQEBAQEB AQEBAAAAAAAAAQIDBAUGBwgJCgv/xAC1EQACAQIEBAMEBwUEBAABAncAAQIDEQQFITEGEkFRB2Fx EyIygQgUQpGhscEJIzNS8BVictEKFiQ04SXxFxgZGiYnKCkqNTY3ODk6Q0RFRkdISUpTVFVWV1hZ WmNkZWZnaGlqc3R1dnd4eXqCg4SFhoeIiYqSk5SVlpeYmZqio6Slpqeoqaqys7S1tre4ubrCw8TF xsfIycrS09TV1tfY2dri4+Tl5ufo6ery8/T19vf4+fr/2wBDAAICAgICAgMCAgMFAwMDBQYFBQUF BggGBgYGBggKCAgICAgICgoKCgoKCgoMDAwMDAwODg4ODg8PDw8PDw8PDw//2wBDAQICAgQEBAcE BAcQCwkLEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBD/ 3QAEAD//2gAMAwEAAhEDEQA/AP38ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACvB/2Wbu6v /wBmP4Q319M9zc3Pg/QJJZZGLvI76fAWZmOSWJOSTyTXvFeAfsnf8ms/Bv8A7Ezw9/6boKAPf6KK KACiiigAooooAKKKKACiq91dW9jbSXd3IsUMKlndjgKB1JNRadqVhq9lFqOmTpc2043JIhyrD6ig C7RRWU+uaRHqyaE93Gt/IhkWEsN5UdSBQBq0UVS1DUbHSbKXUNSnS3toF3PI5wqgepNAF2iq9pd2 1/bR3lnIs0MyhkdTkEHoQasUAFFFFABRRRQAUUUUAFFFFAH/0P38ooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACvAP2Tv+TWfg3/ANiZ4e/9N0Fe/wBeAfsnf8ms/Bv/ALEzw9/6boKAPf6KKKAC iiigAor598Q/tNfBqyXUNM8L+MNG8S+IbFnifTNP1G3urmKWMlWE8ULs8YRhhtwBB46180+Gfjd4 u0bxhP4l1GZr2C/YC5tycIUHQIOilB90j8eM0WA/RikYhVLHoOawNF8UaH4g0KPxJpt0rWDoXZ2I Xy9oywf+6V75/lXxT8X/AI2X3ie//sfwrO9tpdpIG81CUeeRDkN6hQRlR+J7YAIPjN8Y7jxhdSeH 9BdodGhbDNyrXDDuR1C+g/Osb4RfFu98A340/UC1xotw37yPqYif40/qO/1rwe5u5obiS6vJC8Uz F2duqsTkk+38q4e/1m48WXT6B4VuALSPi8v4mDKgP/LKFhkGQjqR90e9AH6x/EX4vaJ4Q8M2+q6X It/c6ohayCnKMMDLsfRcjI654r4BufFWv3WvnxPNeSf2kZPMEoOCCOmPQD09K53zr+DQbTw9aTuL KwO6CJiWUEqFPXnkDn8+tRWTS6pMbOyKRzRqZJ3lOI7WJfvSynsg7Dq54HOSOXHY6lhqMq9eXLGO rb/r/hzSlSlOShBXbPvfwL+0P4d1XSY4fExkt9TtgPtJijZ41iwf9IcrnamRg98ngEBiPnr4t/F+ 7+IF4bHS2MOhwHMSg8zHtI+P0HavG11Ge3EcPhy5msbWB/NSbhZ7qbG3zpxjBUjhYiCgT5SMHAjm WGaC41WwiW3+zjzL6zTO2AE4NzBnJMBP3l5MRODkEM3yeH4mxMKkamPo+zo1HaD6xeyVRbR5unRP 3Za2O+eCg01SleS38/Tvb/go97+D3xnfwPKNG8RzbtCckmRj/wAex6lv9zuR2619seGPGeheLUnO kyOHt25SVDHIUP3JArc7HHKnr2IByB+WEaiwWDUb6ESXkoWWys5R8qL/AA3Vyp7Z5iiPJPzN229V 4O+IGueD9Wj1G5v5p4i5dp5MySQO5y7YHLQuf9ZGOn3kAbIaa3FGInN18HR58PDSUl8Uu7pr7Sj1 /m1UbtakcDBJRqStN7LovXtf8Op+qFFedaD8S/D2qeGp/EF9PHZixjV7lSwYKGGVZCPvpJ1Rh97p 1r468Z/HTxRrfiqDWNCmewsNNcm2h/vjoWlHcsOMdAOB3J+wweLpYilGvQlzRkrprZo8+pTlCTjJ WaP0Kor588PftN/Bq8TT9N8VeMNG8M+IL5kiTTdR1G3tbmWVyFXyI5pFeQOxwu0E5469foOuggKK KKACiiigD//R/fyiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiuf8V+KvD/gfw1qfjDxXfR6bo+jwSXN1cSnCRxRjLHjknsAMknAAJIFVGLbstxpX0Ogor+cf 9oj/AIKnfF3xvrV3o/wPf/hC/DMTskVyYo5dTuk6b3aQOkIPULGNy95DXxW37Vf7ULT/ANpH4qeK c5xkatdiLPXGwSbPwxX3mE8PMXUgpVJKN+m7+Z7FLJKsleTSP7DKK/nJ/Zw/4Kk/FnwTr1nonxzn /wCEx8Lzusct2Ykj1KzUkDzFaMKs6ryWR1Lt2cYwf6ItE1rSfEmjWPiHQbuO/wBN1KCO5triFg0c sMqhkdWHUMpBFfOZ1kGIwE1GstHs1szhxeCnRdpGpRRRXiHIFFFFABRRRQAUUV5J8ePilB8Ffg94 s+KU1uLw+HrF54oGJVZZ2IjhRiOQrSMoJHQE1pRpSqTUIbt2XzKjFyaSPW6K/kt1j9rf9sX4zeMk g0bxt4hk1XU5SLXTPD0s9qCeWEcNvZFWfaPXcxAyxPJr7w+EPxD/AGyfB37MHx18Z/FXW/Eulan4 ctdMTRW1yCRLqOaa4IuJI2u4/MYBCi8kj5uxwa+0xnA9ahBOdWPM2lbXq0v1PVq5RKCV5K+n4n7x UV/Pn+wH+1X+0L8Uv2nPD3gz4geN73W9Fu7bUHltZhFsdorWR0J2op+VgCOa/oMr5/O8lqYCsqNR ptq+nz/yOLF4WVGXLJhRRRXjnKFFFFABRRRQAUUUUAFFFFABRVW+vbXTbK41G9k8q3tY3lkcgnai AsxwMngDtX49+If+Cosfjj43eCfhd8DNIC6FrHiDTNPvdX1KM+bcW9xdxxSC2t8jygyscPIS2D9x CM16eW5RiMW5exjdR1b6I6KGGnUvyrY/Y6iiv5WZ/wBt/wDat/4WJJpf/Cx9RFp/aph8sLAF8vz9 u3/VdMcV2ZFw9Vx/P7KSXLbe/W/+Rrg8DKtflex/VNRRRXgHEFFFFABRRRQAUUUUAFFFFABRX80f 7VH7Y/7TXgr9or4g+E/Cvj+/03SNJ1a4t7W2iWHZFEhwqjMZPHuc14D/AMN3ftc/9FN1L8oP/jVf fYfw+xVSnGoqkdUn16/I9mGS1JJSutT+tqiv5PNJ/wCCg/7YOkXUd1F8Rbm52MCY7m2tJ0YDsweE 8Hvgg+h71+zn7C37eSftLy3fw/8AiDaW+k+OrGJriL7Krpa39smA7xq7OUlQnLpuIIO5eAwXz824 LxeEpOtK0ore19PvRjicqq048z1R+k9FfBX/AAUb+KXj/wCEP7PKeK/htrU2g6s+s2VsbmAIX8mR JWZfnVhglR2zxXyH/wAEx/2jfjd8Zvix4q0L4n+LbvxDYWOiG5hhuBGFSb7TCm8bEU52sR+NcGH4 eq1MFLHKS5Y9Nb/1qYwwUpUnWT0R+2NFFFeAcQUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAF FFFABRRRQAUUUUAFFFFABRRRQAUUUUAFeAfsnf8AJrPwb/7Ezw9/6boK9/rwD9k7/k1n4N/9iZ4e /wDTdBQB7/RRRQAUUUUAfhtbf8E/viD8IPjd43+LUN5D4i0HXp7y75sbWWSEXc7TnMVwLgEJnBZV BwM8Dit3VYtH0Swl1LUjZQwQjknSNKySeAoAs8kk8ADkmv2rIBGDyDXzzf8A7NHw61P4h2fjy/ha aKxLTRac2Psi3J/5a7O+OwPAPTjivDx/DOX4qp7XEUIyl3auzqpY6tTXLCTSPifwB8DPi5rWgv47 1XQdKXRbhS8GmLYWtnrAgI4nintoYwko+8EPUfLznnn7u1k06VIppRPBMGMFxt2CVV4YMp+5InSR D909PlINfr8AAAAMAV8xfGf4OXGqQXniXwVpdvqd7N+8udKuGMcF3Mo+SZWHMcgPDkffTcDyefFr 5FPLpfWcop6fap3spLvG+kZrvtJaPo10wxSrLkxD9JdvXuvyPh6KO3S3i1TU4fPhnybOzY4+1lT/ AKyTutuh6nq5+UdeZSg1RpruztorbUwGlurS2Qxw3Kj71xbISxVh/wAtI8k/xAnu/UNN8S2F4z+M bWS11i4RHnWRduMDAWMDgRr0RV4A9TknmNe1m30O2iumMhu/MUWiW/8Ax8PcfwCLr82fwx14JBx/ 1axlT/b51bYrpZvkiv8An3brF/albmb95Wskq+u01+6Uf3f4vzv37LbobVssupSpbacUeR0Mhdji KKJfvSyt/Ci9z1JwoBJArP1lLq7gt7Lw1dtBp8E6z3BljXdqjqMBps5KRr/yxRT8vU5JJPZSeDfj M2jf2l4t8GxaDpssUVxfNaPuNzd5b55U6rGq4OwfKrlzjnJ5/r0rrwOXYnG1Y4vMocqg/dp3uk19 uTWjf8q2itfiemdWtClF06Lvfd/ou3n39N4ILhZ0LDhl4ZT1B9DXHJr+t6r4jtz4Luzp6aPNvm1J VDneODBEGyrZHEhIIx8vXp6Z8M/Ak/xu8San4f0hp7XSrKB47zU4uEEzDCwo38Tf3iOgzg5qre+F JfBF1J4WmtPsJ08+WIwMDA6MPUN1z3r6vE4anWpypVYqUWrNPVNPozghNxalF2aOZ05tWtpJv+Ei vf7RvLqV5Gu2UI0pY8BwOAQOBjjA49KNZ1n+zBBa2sD32pXziK0tIhmWeU9FA9PU9BTde1WGxjgs kt3vr6/cQ2tpCN0s8rHACgdMdz2r9Afgp+zxofge8h8e+IEa88UXVtEuJiHWyyMtHEOgOerdSfwp 0aMKcFTpq0UrJLZJdEEpNu73Pm7TP2Vvjc3hWzuNY13TbxsyXB0ifT7ScWol+Yw281xDJt55IPGc 9M14ze+Hk02ae31CC0tpbYssqyaPpSlCvUNmz4xX7LV4X8VfgD4N+LE9vcaw0tmwdPtX2c7PtUKH PlyfljI5xwcjFfP1uDsqqTdSeGg23d+6tW92dccyrpWU395+Imu/scfEj9p74h6R8TPh4YtP0bw9 LAiXRtLazSeSGUSFohbpCGAI+8VJ/Cv6GPD9ne6fodhY6jL591bwRpLJjG51UAn8TUmjaNpfh7S7 bRdFtks7GzQRxRRjaqqvQAVp17uEwlKhTVGjFRitktkctSpKbcpO7CiiiuggKKKKAP/S/fyiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACvxm/4K/8AxYv9H8He Dvg7pc/lx+IZptS1FVOC0NkVW3jb1RpXZ8f3olNfszX87f8AwWE+0/8AC+PBwb/j3/4RqPZ/v/bL nf8Aptr6zgmhGpmNPm6Xf3I9LKYJ11c5T/gmb+yz4R+OvjTXfHfxJsV1Pw54P+zpDYyf6m7vpyzL 5oH344kTLIeGLLnK7lP9GN14V8MXugyeFbzSLOfRZozE9i9vG1q0Z4KGErsK+2MV+Vf/AAR6ktT8 D/GkSY+0L4iJf12Gzg2fqGr9cqrjTHVamYTjJ6R0S7aIM1rSlWab2PwK+OP/AASp+IWufGvVZfgi NN0nwJqIjuoG1C6ZVtJJM+dbokaSSlUYEx/LgKyruJBNfrb+yv8AB/xZ8Bvgrovws8X6/D4judGa YQ3EMTRLHBK5kWH52ZnCMzAMdvy4XaAOfoivP/ix42Hw1+F/i74hGNZj4a0m+1FY2OBI9rA8qoT/ ALTKF/GuLG8QYvG04YWo00rW01b21ZlVxtWrFU5Hxv8AtX/8FCvhv+zbqkngfR7BvF/jSNQ01lFL 5FvZB1DJ9pn2v85BDCNFJxyxTK5/NWf/AIK/ftENe+bbeF/C8dqP+WTW967Y93F2vP8AwHHtX58+ BPDXif4//GfR/DN5qDTa3441dI7i9ny7eZdy5mnfudoLOR3xiv6bdJ/YA/ZP0vwOvgaTwJaXyeT5 UmoXBZtSdyMGX7UpV1ck5wm1QeAoAAr7XGYHKsqhCniabqTlu/6a+R61WjhsMlGpG7Z4j+yt/wAF LfAfx08QWfw9+IGljwb4qv2EVmwm86wvZTwIkkYK0UrHhEfIY8ByxCn9CPiJ4ln8F/D/AMTeMbWF bibQtMvb9InJCyNawPKFYjkAlcHFfyN/tKfCCf8AZ5+O3if4Y2149xDodzHJY3JOJWtriNLi3Zio X94qOocgAbwccYr+jfwH8TdR+MP7AVx8Q9ZkM2pal4N1aO7kPWW5s7e4tZpD7vJEzfjXkcScPYej 7HFYX+HNrT11Vuuq+78ubHYKEeSpT+Fnwn8Nf+CvWp6v40sLH4m+E7DRfDTLcPd3dnJPNcII4HeN Y4zwzSSKqAHAy3JA5Hn/AI8/4LCfFW71qb/hWng3R9N0dXIi/tX7ReXTqDwzmCaBELDqoDY6Bj1r 8uvhN4Hb4mfFDwj8OxMbceJdWstOaVQCYkupljZwDwdqsWx7V/Ub4j/Ya/Zo1D4U3nw20vwHplif sUkNtqKW0f8AacU+whJ/thUzM4bDHcxB6EFeK97OsLk+X1oe0o3cunRLvq9/8vv7MXTwtCS5obnz J+x//wAFLIPjr43svhX8UdBt/D/iHVdy2F5Yu/2K4mRS/ktHKWeJ2CnYfMcMfl4JG7w//gpZ+194 n0zVfGn7KcWg2jaRf2umu2omSQXK7jDeEBPufeXb9D61+Q/wYv7jSvjD4F1O0cxz2mu6ZKjDghku o2BH4iv6Hv8AgpB8GPhXefs9eP8A4vXPhmzfxnbQ6aseq7CLlQL22hxuB/55sU/3eKjG5XgsDmlB qn7s9l2lzKz32Jq4elRxEHbR/nc/Ar9nP46ar+zn8UrH4p6LpNtrN5YwXECQXTOqf6RGYywZOQQC f1Ffvt4X/bI1r4hfsTeMP2jNc8I6bLd6JcS2x0qRnms7hY5YFBfeCf8AlrnHPIFfj1/wTv8Ah54J +KH7SuneE/iBo9vrujy6dfyta3K7oy8ceUYjjkHpX7ZftefDbwJ8K/2IPiX4X+HeiW+gaSbeOf7N artj82S6gDPg55IUZ+lXxdUws8bRoTp3qNx1/u323KzKVN1Ywa1utfK58ufsbftwj41/HrR/h4fh d4d8Mfb7e9k+3adFsuI/IgeXAOwcNt2nnoa+mv26v2xvFH7Jf/CEf8I34fs9d/4Sr+0vN+1ySR+V 9h+zbdvl9d3nnOfQV+Of/BMT/k8Pwt/156p/6Ry19jf8Fnf+aPf9zB/7j65MdkuFWd0cNye443au +0vO/RGdbC0/rcYW0a/zMnU/+CwPiM/DeOfSfBunp44nvpozHK88mnwWKRxGOVgGSSSSR2kXYrqF CbieQK9A/Z5/4KQ/Gf4neHPiRqfifwZpEo8C+G7zXRd2TXFtD5lvgRQSxyPMWMpJIKuuArHBr5F/ 4Js/so+AP2iPEnirxJ8U7R9S0DwtHaxRWSzSQLcXV2XYF3iZX2RpEcqGGS4zkAg/ql8Tv2aPhD+z z+zL8d5vhTpL6SnibQbyW5jed51X7PbSiNI2lLOEBd2wWPLHHGAFm9PKKFV4KFG82469FdrS977C xSw0JOko66Hx98OP+Cv9zfeImj+KfhC10vQo7a4kMmmvNPdPOiEwxIr4T94+FyxVRnJPFeU+Jv8A gsH8bLrWZJvB/g7w/p2lBj5cN8t1eXG30eWOe3Un6Rj8a/PH9nn4Y2/xm+Nvg74Y3s721pr+oRw3 EkePMW3UGSYpngN5attJBAOOD0r98f23v2V/gPoP7Jvie/8AB/gnS9C1LwlbQXNjeWdrHDdDy5kV 1lmUeZKHjZg3mM2SQx+YA16OY4HKMHi6dGVG7nZeS1tffr+hvXo4alUjBw1Zwfw6/wCCtnwy1L4a avrnxL0ObSvGGkhBBpliTLDqbSZAMErj9yFIzIJSdq4KGQ/KPk7Vf+CwXx5m1d7jRPCPhu00zcdl vcR3lxMF9GmW4iUkeojUe1fDH7Kvwo0343/tB+CvhhrTONN1i8ZrsRttdra0hkupkVhypeOJlDDk ZyOa/a7/AIKGfsx/BDwx+ynrHizwR4L0vw9qnhGXT5La40+1jt5njnuorR0mkjAaUFZd37wsdwBz nJMYrLspweMhhpUnKVRrrpG7svxJqUMNSqqm43cvwPoT9jb9tPwx+1do+o2Mmnf8I94u0NEkvLDz fNjkgc7RcW7kKxTdw6kZQlQSwIJ9Z/aR/aQ8BfsyeAG8b+NS9zNcSeRp+nwEfaL24xnYmeFVR8zu eFHqxVW/Bv8A4JSX09p+1bHbwsVS90PUIZADgMoMUoB9RuQH8K/Yz9rz9jrwD+0yNM8SeOfGGo+G V8MW00cJje3+wRLKwaWWRJkB3HaoLeaowo4718vnOT4PC5oqVRtUnZ6av077/gefisLSp4jll8J+ XXiP/gsH8cLu9lbwn4O8PaZZFyY0uxd3kyp2DSJNbqT6kRj6Cuy+G/8AwWG8Zx61bwfF3wTp9xpU jKss+iNNbzwqerrFcyTLKR/d3p/vV3vwzvP+Cbf7J3he98P+KfEmj/FbxJPPI816NJGpu0fRIYcC e3iVQOcTDexJJxgL+S/7Sfi/4Q+PPi7q/ir4H+HpvC/ha+ERjsZY44QkyqFlaOKJ3SNHI3BA2Bk4 AHA+xwOU5fipypRwjjC2kndX9L6/1qepRw1Go3FU2l3P6A/20/2w3+EPwa8J+NPh3YWnibSfiPFN FFNO8kai2nthIkqBcHcQ/KsBjocGv5svAHi658AeO/DnjyygS6uPDepWepRwyEhJHs5lmVGI5AYp g45xX9En7OXwy+H3xl/4J8+Bz8S9Ct9e/sXTNYlsvtO4mCSG4uoldCCCCFQD8B6V+AfwJ0XSvEnx v+Hnh3XbZbzTdV8RaTaXUD/clgnu4o5EbHZlJB+tVwlHD0aWJoRjrBtSfdJyt+A8tUIxqQS2389z +kj9hn9rvxJ+1hpfi+/8R6BaaE/huazijFpJJIJRdLKxLeZ02+Xxj1r83G/4KS7PHB0Vvgv4TbGo /ZzN5OJT++2b87Pvd8+tfuJ8Mvgp8Kvg1BqFt8LvDVr4ci1Vo3ultQwErRBghbcT90M2PrX8gM3/ ACVOT/sMn/0prxOGMFgsZXxE407QXLZXemjvs+5yZfSpVZ1Go6aWP7TZJI4Y2mmYIiAszMcAAckk noBX47fH/wD4Kz+F/CGt3fhf4F6DF4re0bY+r3sjx2LOpwwghjAkmTsJC8YPVQy4Y+/f8FOvinq3 w1/ZgvdP0KZre98ZX8GimSNirpbSpJPcYx2eOExN7SGvxc/YH/Zq0P8AaV+M76N4yZz4Y8O2jajq EUTmN7n51jitw68qHdsuRg7FYKQxBHn8MZFhXhZ5hjdYR2Xp/wAHRIxy/B0/ZutV2R9EaP8A8Fgf j7b6isuu+E/DV7Y7stDbxXltLt9Fla5lA+pRq/W/9lf9sn4ZftT6VcR+Hlk0XxNpsYkvdHunVpUj JA82GQACaHcQu4BWU43KuVzwnxs/4J6fs8fET4dX/h/wX4SsfCfiGC3c6Zf2KeQy3KqfLFxtz5sb NgPvBbHKkMAa/nI+BHxN1v4H/Gfwx8QdOke2m0PUI/tSA48y2ZvLuYWHo8RZT6deoFepSyvLs1w9 SWDp8lSP9Lraz+9HRHD0MRCTpKzR/R1+3N+114l/ZP0rwjqHhzQbTXW8STXkUi3ckkYjFssTAr5f XPmHOfSvkHSP+CvlhH8MLzWvEHhCKbxs989vZ6baTyJai1WKNhc3E8isRl2ZVRAxbbzsHzVJ/wAF lf8AkWvhb/196r/6Ltq+bP8Agl3+zd8P/jV4y8V+NPiVpkWt6b4Pjs0trC5XfbTXV4ZTvlQ8SCNY T8jAqS4JBxWOV5Vl6ymONxVO7V72bu/eaS39CMPhqP1ZVai/q5p2n/BYD9oBNVWe+8KeGZtP3fNB HDeRy7fQSm6cBvcoR7V+zH7Lf7TPhH9qT4dHxv4btZNLvbKc2mo6fM4kktbgKHGHAXfG6nKPtXPI IBUgfmD/AMFVf2c/hT4B8B+Ffin8PvDll4ZvZdVGk3UWm28drbzpPbyzo7xRKqb0MBAYAEhjuzgY wv8Agjbf3EfjP4l6WrnyJ9P0+Zl7F4pZVU/UCQ0ZpluAxOVvHYWnyNf52af53DEUKNTD+2pxtY/e +iiivzI8A/kM/bQ/5Os+KP8A2Hbr/wBCr+k/9lFvDA/Zk+FouTZiT/hG9L37/L3bvs6ZznnOetfz Yftof8nWfFH/ALDt1/6FSeGv2M/2n/GHh7TvFfhr4fX9/pOrQR3VrcI0IWWGVQyOoaQHDA5GRX7h m+VUsXgcPGrWVOyWr66eqPrsTho1KMFKVv8Ahj9vf+CkV3+zwv7PGu2/iNtIfxc/k/2GsHknURc+ auTHs/eCPZu8wn5NvB+YrX5Q/wDBMzw9rmtftgeE9Q0mNzb6Hb6leXrqMiO3azltwW9mlmjT6sDX zn8Q/wBmv49fCjSTr/xD8C6poulq6o13LAWt0ZjhQ0qbkUseBkjJ6V+gX/BMb9qH4efDLxMnwa8T eG7XTLzxjcpDD4hhZ/PnuWYi3t7sSMwEZLbIzFtUMRuQlmkrL+z3hMprU8NL2t766aXVnbV7LW2u pHsfZYaUab5rn6u/twfGo/AX4Kp45HhrT/Fe/VLW0+x6mu+3/epI2/GD8y7OOO5r5t/YI/a6H7Qv xD8ReGP+FeaH4POnaV9s+0aVHsklxPHH5b/KMr8+evUV0H/BWP8A5NYh/wCxgsP/AEXPXwv/AMEe f+S3eNP+xdP/AKVwV8pl+WUJZJVxEo+8m9bvy+R51GhB4SU2tT9YP2sv2xPAf7KegWU2s2r674j1 fcbDSYJBE7onDTSylWEUQPy52sWbhVOGK/kbqv8AwV//AGgp7ovo3hXwzZ24YkJNDeTvjsC63UYP uQo/Cv0P/bA/Ya+Fnxw8RXPxg8e/EW98Hz29pDaebdyWp0y1ghyVCrKImUFmZ2zNyzEjHSvnnwn8 Rv8AgmV+zf8ADy38CXbaX8TtYgRvt17Hoi6hcX0pJJYTTqYETskaz7VA6k5Y3klLL1houNCVao99 Hp+n6jwkaHs1aDlIw/gr/wAFebjVPElnonx08K2mm6beSLG2qaQ0oW13EAPLbTNKzRjOWKybgOis eK/aLxB4p8O+FfDV94x8Q6hFY6Lpls93cXbt+6jgjXez5GcjHTGSe2TX8ZfxS1bwRr3xE8Ra18Nt Mm0XwvfXss2n2U5HmW0Eh3LGdrOAFzgAMcDAya/oz+PWleKfHX/BM2FPD/nTanceEPD19KkYZ5JY YVtLi5HGSf3auT6gEHgmujijhzDU6mHlSXIqjSa7Xt+X3F5hgaalBxVrvU+Q/ij/AMFhdeGtT2vw a8FWn9lRZWO61xpXlm5+/wCRbyRiMei+Yx7kjoPNdA/4LBfHi1vI28S+EfDmpWYPzpbJd2krD0Ej XE6j/v2a+B/2ePi/ovwP+JNt4817wZp3jq0hhkhNhqQGxS5UiaJmSRUlXbhWZGADHjOCP0Z+Inx+ /YE/ay0rS9I8f6PqHwh1yxnWQarZadBKrRkENbvLaq7vGc5BeEbCAQcFgfocVkWDw8lT+qOUOsk7 v7t/uO6pg6UGo+yuu/8AWp+u/wCzL+014C/ah8CN4v8ABweyvbF1g1LTZyGnsp2BKgsMB0cAlHAA YAggMGUfR1fEP7HH7N37PPwg0u88dfALxPd+KrTxFAlvPeSX8V1BJ5TbwClvHGiyISRhl3ruIPU1 9vV+SZtChHETWHvydL7ryPmsSoKbUNgooorzjAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAC iiigAooooAK8A/ZO/wCTWfg3/wBiZ4e/9N0Fe/14B+yd/wAms/Bv/sTPD3/pugoA9/ooooAKKKKA CiviD9q39stf2Ydf0LQ28If8JJ/bVrJc+Z9v+x+V5b7Nu37PNuz1zkfSvo34LfEofGD4YaB8SBp3 9k/25B532XzvP8r5iuPM2R7unXaK6qmCqxpqtJe69hKSvY9SooorlGea/Ev4a6T8RNHNtcgQ38AJ trgD5kb0Pqp7ivCPgz+zGfCXiabx78RLiHV9aiYpYRRgm3s4uxUMBlz3OK8U+Pv/AAURX4G/FrXf hafAB1o6IbYfa/7V+zeb9ot47j/VfZZNu3zNv3znGeM4F79nn/goGvx6+J9j8Nx4DOh/bYppPtR1 T7Tt8pd2PL+yx5z/ALwr03k+J9n7Xl92191t95HtFex+jckUc0bQyqHRwQykZBB6givir4m/sr6l 4m1yOLwbqkej6JfSZvQc+dFGT86QY4+b3xjtX2xRXmFnIeBvA3hv4deGrTwr4WtFtLGzUKAByzd2 Y92PcmuS+Kvwr074iaYZIttvq9sp8ifHX/YfHVT+navF/wBrP9rIfsuR+FpD4W/4SYeJTej/AI/v sfk/Y/J/6YTb93nf7OMd88fG3/D2pP8AolZ/8Hf/ANw16eHyfE1YKpTjdPzX+ZDqJaM+3vgV+zdH 8PtUuPHHjieLV/FU5KROgJhs4eyQhu57tjNfV9eG/s6/GgfH74W2HxLGj/2EL6a4i+y/aPtW3yJD HnzPLiznGcbRj3r3KuCrSlCThLdFphRRX5U/Ez/gpuvw5+InibwCfhudQPh3UbrT/tP9seV532aV o9+z7G23dtzt3HHTJ61vhMDVrtqkr29P1JlJLc/Vaivgf9l/9uJP2kfHF34LHgs+HTa2jXXnnUft e7aQNuz7PFjr13fhX3xUYnC1KM+SorMaknqgooornGFFFFAH/9P9/KKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAK/G3/gr38IdR13wT4S+MukW5lTwzNLp2pFQ Sy216UaCRj2RJVKH/alWv2SrG8ReHdD8W6DqHhfxLZR6jpWqwSW11bTDdHLDKpV0YehB+vpXqZNm TwmJhiEr2/LZnRha7pVFPsfzXf8ABOD9q7wx+zx461rwt8RrhrPwr4xW3DXm0ulneW5YRySAZIid ZGV2AOCEJG0Ej+hrUvjb8HdI8Ny+MNQ8b6NHokKGQ3Yv4HiKj+6yudxPYLkk8AE1+Hn7Q/8AwSh+ I/h7WbvXP2fZo/E2gzs0kemXU6W9/ag8+WskpWKZR2Ysj9AVY/Mfje2/YS/a5ur7+z4vhlqay+sh gji/7+vII/8Ax6v0bMcsyvM6ixccQot7rT8m1Z/ej3a+Hw+Il7RTt3O4/ad/bS8e/Eb9oXUviV8J fEuq+GtH0+OPTtKNrcy2zSWtuWPmSRqVB86Rmk2ODhSFbOK/aL4Uad8bPjR+wRq8PxV1A614v8de HtVaxLQxW7+Td27rYK4hVFYuNsm7GSHAOSM18Pfsvf8ABKnxQviDTvGn7SL21pp1lIJv+EegkW5l uWTlVup4mMSR5wWWNpC4+Ulc1+7tvbwWkEdraxrDDCoREQBVRVGAqgcAAcACvH4pzbBwjSw+CSfJ b3vTZX692cuY4mklGFLW3U/jY/Z/+Idp8Ifjf4L+ImrQvJZ+HtUt57pFGZPIDbZtoP8AEELED19K /sB0vx34L1vwhH4/0rXLK58NS25ul1FZ0+y+Qoy0hlJ2qq4O7JG3BBwQa/Ij9sL/AIJh6l468V6l 8UP2fp7W3vNWla4vtDuWFvE078vJaS42KZG+Zo5NqgkkOBhB+aE37DH7YlpK2jN8ONU2swJWOSB4 C3qXSUxnp1zXtZnSwGcxp11XUJJap2+7VrbvsdWIjRxSU+ezMj9tT4t6H8bf2lPGPjvwvIZtEklh s7KXtLDZQpb+avfbKyNIuedrDPNfvH8E/BGp/D3/AIJwJ4b1iJoLw+DtavZI2BVk/tGO5vFVgeQy rMAQehGK+Lf2Tv8Aglp4js/Eth49/aTS3t7LTpFmh8PwypcvPKhBX7ZJGWiEQPJjRn39GKjIb9lv ivoWpeJfhX4x8M6FAJ9Q1XRdRs7WLcqB5p7Z4413MQq5YgZJAHc4ryuJ85wzjQwOGleMGrvppote um7OfH4qm1ClTeisfyifscqG/an+FgYZ/wCKgsT+UgNf1+V/OH+zT+wV+1h4A+P3gHxr4u8Df2fo uiava3V3cf2npsvlQxPlm2RXTu2B2VSfav6PK5uP8ZRrYim6M1JJdGn18jPOqsZTi4u+h/Fd8Lf+ SpeEf+wzYf8ApSlf08/8FF/+TM/iN/1y03/05Wtfi54C/wCCd37Yei+P/Dms6n4A8mysNTs7iaX+ 1dLYJFFOru21bsscKCcAEnsM1+7P7aHw58ZfFr9mbxr8Pfh/p/8Aamv6tHZC1tvNig8ww3sEzjzJ nSNcIjH5mGcYHOBXscU5jh6mPwk6dSLSlq000veW/Y6sxrwlWpOMk7P9UfhT/wAEs/8Ak7fSv+wV qX/oqv22/b8/5M/+Jf8A14wf+lcNfnP+wL+xp+0l8Ff2ibDx38TfCH9jaHBp99C9x/aFhcYkmj2o uy3uJH5PfbgdzX6k/teeAPFnxR/Zv8ceAfAtj/aWu6xaxR2tv5scPmOlxFIR5kzJGvyqT8zAV5nE uNo1M3o1YTTiuW7TTXxdznx9WDxUJJ6afmfgF/wTE/5PD8Lf9eeqf+kctfY3/BZ3/mj3/cwf+4+u d/YS/Yt/aX+DX7SWg+P/AIk+Dv7H0Gxtr+Oa5/tCwuNrTWzxoPLt7iSQ5ZgOFwO9fSv/AAU2/Zt+ NP7Qg+G5+EHh3+3/AOwP7Y+2/wCl2lr5X2v7H5X/AB9TRbt3lP8AdzjHOMjPr43MsO8+o1lUjyqL u7q20uux01a8HjIS5la2/wB5w3/BHKJR8M/iFOB8z6vaqfotvkfzNfoJ+13/AMmu/FX/ALFvU/8A 0Q1fMf8AwTW+APxa+AHgDxfovxb0L+wb3VdTiuLaP7VbXW+JIQhbdbSyqPm4wSD7V9f/ALRnhLxB 48+A3xA8F+FLX7brOt6JfWlnBvSLzZ5oWVE3yMqLknGWYAdyBXyGdYmnPN3VjJOPNHW+nTqeZi6k XiXJPS6P5oP+CfQB/bE+G2f+fu7/APSKev6Fv25/+TSfid/2Cj/6NSvyb/Y6/Yb/AGo/hZ+0p4I8 f+PfBX9l6DpFxcSXVz/aWnT+Wr2s0any4bl5Gy7KPlU9cnjJr9kf2rPA3ij4l/s7+O/Angqy/tHX NZ08w2lv5kcPmSb1bbvlZEXgHlmA9693irHUKmaYepTmnFct2mml7z6nZmNaEsRCUWmtPzP54P8A gmmAf2zfAhI6R6tj/wAFtzX7i/8ABRz/AJMw+I3+5pf/AKdLSvzk/Yd/Yn/ab+D/AO0z4U+IXxG8 G/2RoGmR6gLi5/tHT7jYZ7KeGMeXBcSSHLuo4U4zk4Ffqn+2r8OPGfxc/Zk8afDz4faf/aviDVls Ba23nRQeYYL+3mf95O6RriNGPzMM4wOcCjiTHUKmcYerCacVyXaaaXvPqPH1oPFQkmrafmfhj/wS v/5O00//ALBGpf8AoC17B/wVs+MPi7UPirpXwXt7uW28NaTp0F/NbIxVLq8uXciSQDAcRoqhAchT uI5PHe/sBfsbftIfBT9oez8dfE7wh/Yuhw6dewNcf2hYXOJJlARdlvcSPye+3A7mvo7/AIKFfsPe Jf2ip9M+J/wteF/Fuj2n2K4sbiQQrfWqO0kQikbCLMjO4+chWUgFl2jPpYrNcGs7hWnNOPLa900n r1/q1zapiaX1tSbVrbnx9+w7/wAE8/hf8ePhZZfF/wCJPiC8uY765uYYtL02SOERC2kMRFzIyu+5 8bwqbMIVO45wPi/9t3wR8Ifht+0Dq/gH4LW622iaFb2ttcKlxLdD7cE3T5kldzuUsFcA4VgVwCCK 9B8G/sp/8FBvCMt34T8D6D4k8OQao226js9UWxs5+NuZnjuEhcYOMsTxxXaeOv8Aglj+074d0vQb vwzZ2vi/UdSimk1KC0u7a2TT5FZfLQy3k0Pnl1YklFwrKRyNrN7dDG06WNlWr4xOMr8sbqy66620 2Te/qdcKsY1XKdVNPZH6xfsSgP8A8E/PDSx850nXB+P2y8/rX86X7PF1b2Px/wDhne3ciwwW/ifR pJHc7VVEvYixJPAAAyTX9JX7A/w3+Lnwy/Z5Hwp+N3h0aJcaTfXkdnF9qtroTWF2fPJLWssoB86S UEEg4wa/Fn4w/wDBN39pXwF4w1Ky8HeGJfFvhzznNjfWEsUjPAxJRZYWZZUkVcB/k25+6zDmvE4e x2GjisbSnUS522ndWad9nt1RyYKtBVKsXJav/M/qFS4t5JpLeOVWlhCl0DAsob7u4dRnBxnrX8Ws 3/JU5P8AsMn/ANKa/ez/AIJhfAX45/BQeP7z4t+H5dDtPEg01rX7RPDJM8lobgOTHG7sgxKOXxnH FfnRL/wTu/bDb4gPrI8Af6EdUNx5v9q6XjyvP37tv2rd93nGM+2ay4VeGwOIxNGVeLVo2d0r6O9t el7Cy72dGdSLmump+oH/AAVk8H6j4i/ZjtNe06IyL4Y12zvLoj+C2mimtS2P+us0Y+ma/NP/AIJf fGzwj8JfjrqGjeN72LS9P8Y2H2GK8ndY4YruKRZIlkdsBVkG5AScbyoPXI/pJ8UeGNA8a+HNS8Je KbKPUdI1eCS2ureUZSWKUbWU9xweCOQeQQQK/no+Pf8AwSp+MXg7WbrUvgk0fjTw7I26G3kmjttS gUn7kiylIpQo6OjBm/55r34OF80wtTBVMtxUuW+z6a/qn3McvxFOVJ0Kjtc/eD4zfGPwV8DPh5qn xF8bX0VvZ2ELtBE0irLeXAUtHbwA/ekkIwAOgyxwoJH8gvgTwtrXxZ+J2ieEbCMz6l4p1SG3+UE/ NdSgO5x0VQSzHsASeBX0Ppv7B/7YniG+g0r/AIV5qMZT5Fe7mghhjXv88soUAY7H6A8V+zP7EP8A wT+0/wDZyvP+Fk/EW6t9b8eSxNFbi3Ba00yOUYcRM4DPM6kq0mAApKqMFmb1MJUweS4epKFZVKkt rW6bbN231ZvSlSwkJNS5pM8B/wCCygA8M/CwDgC71X/0XbVP/wAEa1H/AAifxPbHJvdMH5RT17N/ wUw/Z2+MX7QWh+ArT4ReH/7em0W51B7tftdra+Ws6QiM5upYg2SjfdJxjmpf+CaP7PHxh/Z+8OeO rH4u6B/YM+s3djJaJ9qtbrzEhjlDnNrLKFwWH3iCe1eV9eo/6vex51z32ur/AB323Of20PqXJfXt 8zG/4K+f8m0+HP8AsbbL/wBIL+vlb/gjj/yUX4i/9gqz/wDR7V9//wDBR34JfE749fA7RfB/wo0b +3NXs/ENtfywfaLe2220dpdxM++5kiQ4eVBgNnnOMA14B/wTU/Zc+OvwA8Z+NNX+Lnhn+wbXVtPt oLV/ttndeZJHKWYYtZpSuB3YAelGDx1FZDUoua529rq+66bhSqw+pyjfXt8z9faKKK/Ojwz+Qz9t D/k6z4o/9h26/wDQq/ow/ZX+Knww0z9mv4YafqPjDR7S6tvDumRywy6hbxyRulugZXVnBVgeCCMi vyM/ad/YN/au+IX7QPj3xv4P8D/2homtarPc2lx/aemxebE5yrbJbpHX6MoPtXhP/Dtv9tL/AKJ3 /wCVfSf/AJMr9mzClgcdg6NKeJjHlS6rtbufU140a1KEXUSt6f5n78ftA/tI/s4+G/hL4qTxZ4w0 fVoL7Tbq2Gm2t7BdXV4ZomQQxwxszHcTjcRtXOWIAzX8pfgex1fVPGvh/TPD6s2qXeoWkNoFGWNx JKqxADud5GK+y7T/AIJn/tlXMipN4IhtQTy0mq6cQPc+XcOfyFfpf+xf/wAE2Zfgv4tsviz8ZNQt dV8RaaPM07TrPMlrZzMCPOlldV82VAfkCqFRvmDMQpXHA4jLsow1T2ddVJS6Jp69Nr282TRqUMNC XLO7Z3X/AAVj/wCTWIf+xgsP/Rc9fC//AAR5/wCS3eNP+xdP/pXBX6bf8FCvg58R/jl8AY/BXwt0 j+2taXWLO6Nv9ogtv3MSSq7b7iSNOCw43ZPYV8of8E2v2Ufj58Avil4o8SfFrwv/AGFp2o6N9kgl +3WV1vm+0RSbdttPKw+VSckAe+a8TLsdRjkVWjKaUm3pdX6dNzkoVYLByi3r2Pg//gpV8YfF3j/9 pPxB4J1C7lTw94LkjsrCy3ERLJ5SNNOV4Bkkdm+bGdgVc4FfZv7KP/BM34K+OPhR4W+K3xM1u+1+ fxHZRX4s7GdbayhSYbhE7qpleRPuyEOgDBlxxmtj9v7/AIJ+ePfip4+uvjb8E4YtU1DVY4V1XSZJ kgmeaBFhWe3aUrEQY0UOjMpyu5dxYgfCfg39kv8A4KC3GnSfDDRdK8Q6F4cvWYXNpNqv2PSiHPzt JF54icHqdqMW7A171DGUq2W0qeFxKpNJc2ye2vZ7636nZCrGdCMadRRtufMP7Q+n/DvSPjf400j4 TIkfhGw1GW208RTPcRmKHCFklkZ2dWcMVYscggg4xX9NPhz43/Dj4A/sl/C3xz8S72Wy0eXw/oNn G8NtLcs00uno6LtiVtoKo3zNhc4GckA/il8Rf+CWv7UHhXWLTT/BGl2/ja0ls4Zp7y2u7Syiium3 CW3VLy4ikcJgESbFDBhwDkD9mvhb8Dda+Iv7Gmh/AP8AaQ0JtJv4NNTSriGK4gmkhSwk22VxFNA8 se9Y44n6nkFWBBIPDxXjcHWoYf8Ae88U1ezXNa29t+nUxzKrSlCHvXSevc/OzSvhb+wB+218TdV8 M/CL+3Ph94pe3kv1dI4IdPvSrASCG1kkkO5Qd5jj8kbQWA4bHzv+1B/wTf8AHH7OfgTUPifb+LdP 8R+HdMkhjm3RPZXo+0SrChWEtKj/ADONwEuQOQCAcSfEb/gmj+1V8LfEwv8A4cWq+LLK2kMtpqOl XSWt1FtPyF4ZZI5Ek7/ujIB/erm9Q/ZO/wCChPxfe207xlo3iLWYbZx5Z17VlaKHIwWX7Zc8YHXY CccAdq9nCV4U5wnQxq9lpdSab+92a/Q66c1Fpwqrl7M9H/4JN+O/EuiftE3XgWynlfQ/Eml3L3du OYhNaASQzkdmX5owf9vB7V/SRX55fsM/sNwfst22o+L/ABfqEOseONagFrJJbBvstlaFldoIi4Vp Gd1VnkKr91VVQAS36G1+ccX5hRxONlUobWSv3a6/p8jwszrwqVXKGwUUUV8weeFFFFABRRRQAUUU UAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFeAfsnf8ms/Bv/ALEzw9/6boK9/rwD9k7/AJNZ+Df/ AGJnh7/03QUAe/0UUUAFFFFAH4f/APBV3/kf/An/AGDLn/0cK/Rz9iz/AJNg8Af9eP8A7Uasn9pH 9j/wf+0rrWj634m1u+0qTRreS3jW0ERV1kfeS3mKxzn0r3b4T/DnTvhJ8PdF+HekXUt7aaJD5Mc0 4USONxbLbQBnnsK9zFY6nPB06MX7y3/EzjF8zZ6JRRRXhmh/NR+3uGb9rrxwqY3F9MAz0z/Z9t1z X11/wT40PWdK+Kd7P4yn0iV5dPxYCD7GZw+QW2+SocfL15+tfU3xn/4J/wDw7+NfxL1j4m674i1O xvdZ8jzIbcQ+UvkQRwDbuUnlYwTk9TVz4IfsF/D74GfEGz+IegeINSv7yzjljWK5EPlkSjac7FB4 r7Ctm9CWEVHm15UtutjBU3zXPuuiiivjzc8+8ffC/wCH3xJgtv8AhPNAtdc/s0Sm2+0pv8oyhd+3 03bFz9BX8z/7MHh/R/Ev7Q3gfw74is477Tr3U44p7eUbkkQ5yrD0r+p9l3qVPcYr4A+HX/BPL4Y/ Db4iaP8AEjStf1O4vtGuxdxxS+V5TuM8NhQcc9q+gyjM40aVSE29Vp+JlUhdo+3fCfg/wx4F0WLw 54P02HSdMhZ3S3gXbGrSHcxA9ycmukoorwJSbd2ahX8q/wC0gk0n7SfxGjtxulbxNqQQEAgsbp8d eOtf1UV+dPjX/gnD8N/G/wAQ9Z+I194p1a3vNa1KbUpIY1g8tJJ5TKVXKE7QTgZOcV7uQ4+nh5yl Ue6MqsG9il+xN8NPj74O8Y+INR+M+iWWn2sliiWckFlYWz+aZBuG61ijYjb2JxX6R0UV5WLxTrTd SSS9DSKtoFFFFcwwooooA//U/fyiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAK8A/ZO/5NZ+ Df8A2Jnh7/03QV7/AF4B+yd/yaz8G/8AsTPD3/pugoA9/ooooAKKKKACiiigAooooAKKKKACiiig AooooAKKKKACiiigAooooAKKKKACiiigD//V/fyiiigAooooAKKKKACivyi+Gfj3xze/8Faviz4A vPEWpT+F7DwrbT2+lSXczWEMxttIYyR2xbykcmRyWCg5ZueTn7X+J/7WP7OHwZ10eF/iZ8QNL0PW MIzWbymW4jEgBQyxxB2jDAgguBkc9OaAPoaiuL8BfEbwF8U/D0Xiz4c6/ZeJNHlZkW6sZ0njDp95 GKk7WHdTgjuK8N8R/tufsm+EvE83g7X/AIo6LbatbSNDNGJzIkUqHDJJLGrRIynhgzAggg8g0AfU 1FcJrPxQ+Hfh/wABP8UtX8R2Nv4QSGO4Oreej2ZhmZUjkEqkqVZmUAgkEkV0Gh+JNB8S+HbHxdoN 9FfaNqdrHe213E2YpbaZBIkqt3VkIYH0oA26K4P4dfFD4e/Fzw+3iv4aa/aeI9HWZ7c3VnJ5kQmj ALJu9QGBP1rxfWf22v2TPD/ieTwfq/xU0K31SGRopE+0hoo5EO1lknUGFGB4IZwQc+hoA+pKKy5d b0eHRX8Rvew/2Ulubs3QcND9nCeYZQ4yCm35sg4xzXMfDr4n/D74t+Hj4r+GmvWviPRxM9ubqzk8 yLzowCyZ9QGGfrQB3dFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQA UUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABR RRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFF FABRRRQAUUUUAFeAfsnf8ms/Bv8A7Ezw9/6boK9/rwD9k7/k1n4N/wDYmeHv/TdBQB7/AEUUUAFF FFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQB//W/fyvyk/4Kg/tOfEX 4K+HfC3gH4ZX8uh3/iwXc13qUB2XEVvbeWoigfGUaRpCWdSHUKACNxr9W6+Sv2uf2SfCX7V/g2x0 bVb99E13Q5JJdM1KOMTeUZgBLFLGSu+KTapIDKwZVIOMhvYyDEYeljKdTFK8Fv16aaeTOrBThGqn U2Pwt/ZA/bP+Ongr42+F9G8ReLNT8U+HPEmpW2n31lqd1LegLeSiLzoTMXaOSNn3/IRvxtbOeP6h 6/JD9mf/AIJbaV8IviRpvxK+JHimPxNPoE63WnWNrbNBALmI5immd2ZmMbYdUULhwCWYDB/W+vX4 xx2Dr4iMsIumrStf+u505pWpTmnSCiiivkDzD8dvhV/ymX+Mn/YoWv8A6SaNXzNruk+Iv2Qf2hvi 74y/aF/Z/wD+FyeEPHmrXF/a+JDaJqAtLOaaWQJ++hlhjJSQLJGxhOU4ZkC19+fD/wCAPxb0T/gp j8S/2g9U0LyfAHiDw5BYWOpfarZvOuUt9MRk+zrKbhcNbyjLRhfl68rny7TdN/4KCfssfFPxyvhf w3cfH/wB4pvTeaY99rojvdN3FtsObuR5FCqwRwEaNtisrISy0AJ+w/Yfst+OvDnxnuP2Q/E2s6Br Pji0lNzoOqeTCmiSypMtrNawxIxEcbzEBlmlAAVTgha+EPhvr/gf9kvwDqHwN/bQ/ZfmvbaS5uVm 8W29jDdTXKzMQjRXM6KhMQOI3hulwMHYH3Fv0C/Zs/ZH+Nt98RPjN+0D8Yo7f4W+KPinpVzo9jp3 h65DS6ULhY83vm20mzz1eGN1ZZCzPvY7d2K5T4aa/wD8FLvgR4Quvgn4g+E1t8Y/JkuU0/xHd69C UnhnYt/pX2mTzZUDMcCUxPt+ToAaAOL8Uaf8CdK/4JM/EXTv2d/Fmp+LPCccsL7tXaP7ZY3UuoWb zWrxxwwiIKT5gUqc+YWDMrKa/SX9mIgfsbfC5icAeB9Iyf8AuHR18ZfBH/gn54x8O/sV/Ev4J+Nt Rs7Dxj8UJZNReK1JNhptwgie0t8qGBVZIh5rRqRtO1dwQM3AfDey/wCCnWkfCCw/ZVj+HekaHBYW Y0RPGdxqNvIlrphBiWRIIpmMkkcPyoVQtgKWj3ZNAHyj8KPiR4h+Gn/BIPxtfeF7mSyv9b8Uz6R5 8Wd8cF4LZZ8Efd3wh489Ru45xXb/AAp8Q/ADw/8AAbSvhnrn7G3jXxLLe6dENQ1n/hHBNd3dzLGD Jc296V85FLEmEoy7Fxjvn6l/Z2/YZ8c6h+wR4v8A2YvjXY/8Itrutatd3tk4nguxDIn2eS0nJtZJ UKGSLDpu3FNw4JBrN8G+L/8AgqN8HPhxZ/A+z+EGleLtQ0OAabpXiddVtvINrCvlwySwyTRl2RQN pk8okAb0LZJAO2/4JcaZ8RZP2efFnwi+MHhzWtL0jStSuLbTINcs57GZ9Jv4tzQr5ioSocyElD8p fAIGMfoV8I/gz8M/gT4TPgf4UaImgaGbiS6Nsk00486UKHfdO8j8hRxuxxwK8B/Zd+EHx1+CXwB1 Wx+JHi+78ffErUxd6gv2++mvLa2uWixb2UL3DgCMOoLkbFLO38IU16F+y/rP7Ruu/DNr79qLQbLw 54z+3ToLWweF4fsYVPKfMFxcpuJL5/eZ4HA7gH0XRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQ AUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAB RRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFF FFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABXgH7J3/JrPwb/wCxM8Pf+m6Cvf68l+AfhLWvAHwK +HPgTxJGsOr+G/DekabeIjiRFubOzihlVXXhgHQgEcHrQB61RRRQAUUUUAFFFFABRRRQAUUUUAFF FFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAH/9f9/KKKKACiiigAooooAKKKKACiiigAorF8SahP pHh7VNVtQpmsrWeZAwypaNCwyBjjI55r86/g9+234r1L9g/Uf2rviRptje65ppv9thZM1jBcNb3H kxIpkaZlJGCxG44BIFAH6XUV+enxj/aX+J9l+z98Gfir8LpdHXW/HmqeG7fUbGU+eXXWYFaa2s49 +9pUkkU4yWWNWY9DX3nrXiLw/wCG7dbvxFqdrpcDttWS6mSBC3oGkIBPtQBsUVBa3VrfW8d3ZTJc QSjckkbB0YeoYZBFfMH7anxm8W/s+fsz+Mfi94FitZtc0H+z/s6XsbS25+1ahb2r70R42OElYjDD nB5HFAH1NRXn/gfx3pPiPQ9BF9qVmNe1LTbS9ms45kEoM8KyMRCWLhck4z2713Nzc21nBJdXkqQQ xAs8kjBVUDqSTwBQBPRWTo+vaH4itft3h/UbbU7bJXzbWZJkyOo3ISM0axr+heHbYXviDUbbTLck KJLqZIUJPbc5AzQBrUVXiu7Se1W9gmSS3dd4lVgUK9dwYcY96xrzxb4U09LSW/1qytkvztt2luY0 EzekZZhuP0zQB0NFHXkVXu7y00+2kvb+dLa3hBZ5JWCIijuzNgAfWgCxRWRo3iDQfEdsb3w9qVtq luDgyWsyTpn03ISKu219ZXrSrZ3Ec5gcxyCNwxRx1VsHgj0PNAFqiqtvfWV3JNDa3Ec0lu22VUcM Ub0YA8H2NZUfivwtNqF1pMWsWb31ipe4t1uIzLCq9TIgbcoGOSQKAN+iqy3tm1p/aCzxm12GTzQw 8vYBktu6YxznpWPYeLfCmq2ovtL1qyvLZpfIEsNzHIhlP/LMMrEbuPu9aAOhoqhqWqaZo1nJqOsX cNjaRcvNPIsUaj3ZiAPxNLp2p6brFnHqOkXcN9ayjKTQSLLGw9mUkH8DQBeorn77xZ4V0zU4tF1L WbK01CcZjtpriOOZwf7sbMGP4CvnH9sf9pY/stfB+T4h2emQ61qc95b2Nrazz+Sm+4JBlfALMkYG Sq4zwNy5zQB9XUVTh1HT7iz/ALRguopLTDN5yupjwvU7gcYGDnniqejeIvD/AIiikn8P6na6nFE2 x2tZkmVWHYlCQDx0NAGxRWNrHiLw/wCHlhfX9TtdMW5fy4jczpCJH/urvI3HnoOa+Svgr+0B42+I f7VHxw+DWtRWS+H/AIdjRzpjwROtw/2+AyS+c5kZX5Hy7VXA9aAPs6ivNvjF8SLL4QfCzxZ8Tr+A XkfhjS7zURbGUQm5a1heYQq7BsM+3aDtOOuD0r4N+NH7bHjvwz+wp4e/af8AA9ppUfiXWm00zWcw e6trb7azb4yFkjfcoAwSR647UAfp3RWNH4j8PS6u/h+LVLV9UiXe9os6G4VfUxg7gPfFaN1d2tjb yXd9MlvBEMvJIwRFHqWOAKALFFYeh+KPDXieKWfw1q1pq0cDbZGtJ451RvRjGxAPsa+Zfh3+1Da+ P/2n/iR8AIrK1tLLwFZ6a8V99pEkmoXF9GszhEGFVY1YLgFiWBJI6AA+tqKK8X/aG+LkHwM+DHi/ 4otFFd3Xh/Tri6tbWaTy1uLhF/dxkjnBYjdt5xmgD2iivh/9ivxv+038UPCA+KHx21bwzcaL4n0+ y1DR7DQo5VubNblTKVuzJkLmMoVXe5BJ3HivsPSvFPhnXrie00PV7PUZ7U4mjtriOZ4z6OEYlfxo A3aKzL7WtG0zzRqV/b2nkRGeTzZUj2Qg4MjbiMIDxuPFW7S8tNQtYr2wnS5t51DxyxMHR1PQqy5B B9RQBYorFv8AxJ4d0pJ5NU1S1s1tSgmM06RiMyfcDliNpb+HPXtVrUNX0rSbFtU1W9hs7NAGaeaR Y4gD0JdiFA/GgDQoqjp2p6brFnHqOkXcN9ayjKTQSLLGw9mUkH8DWbfeLPCumanFoupazZWmoTjM dtNcRxzOD/djZgx/AUAdBRQTjk1haV4p8M69cT2mh6vZ6jPanE0dtcRzPGfRwjEr+NAG7RVU31kL wacbiMXTJ5gh3jzCmcbtuc4z3xih76yju0sHuI1upFLJEXAkZR1IXOSB60AWqKxH8TeG45ba3k1a 0WW8laGBDPGGllTlkQbssw7gZIqTWfEGg+HbdLvxBqVtpkEjBFkupkhRnPRQzkAk+lAGvRUcUsU8 STwOJI5AGVlOVZTyCCOCCKx7HxR4a1TUJ9I03VrS7vrX/XW8M8cksf8AvopLL+IoA3KKKz9T1bS9 FtH1DWbyGwtY/vS3EixRr9WcgD86ANCisrR9d0TxFZDUvD+oW+p2jEqJrWVJoyR1G9CRn8ai1jxH 4e8OrC/iDVLXTFuG2RG6nSESP/dXeRk+woA2qKQEMAynIPIIrF07xL4c1i9udN0nVbS9u7I4nhgn jkkiPo6qSV/ECgDborJ1jX9C8O2wvfEGo22mW5IUSXUyQoSe25yBmtC3ube7gS6tJVmhlAZHRgys D0II4IoAmorn7bxZ4VvNWl0C01myn1ODIktUuI2nTHXdGG3Dp3FX9V1fSdDsn1LW72DT7SP701xI sUa59WcgD86ANGiqGmarpetWaaho95DfWsn3ZYJFljb6MpINX6ACivlr9tT4zeLf2fP2ZvGXxe8C xWs2uaD/AGf9nS9jaW3P2rULe1feiPGxwkrEYYc4PI4r2PwT480nX9C8O/2lqdkmvatptpeyWazI suZoVkYpCWL7ctx1470AehUVFPPBawvcXMixRRgszuQqqB1JJ4ArF0TxZ4W8StMnhzWbLVWtjiUW lxHOYz6N5bHb+NAG/RVS01Cwv/M+w3Mdx5LFH8t1fYw6q2CcH2Neb/F3X/GWm/D3xM3wnk0248b2 VmZbC31GVUtxMSNpn+dCqEHqWUdOaAPU6K4XwDrGvz+B/CcnxEksrbxZqOmWkmoQ2sim3a/8hGuh bfM2+NZC20hm+XByetdDpfiPw9rc1xbaLqlrfzWbbJ0t50laJvRwhJU+xoA2aKyNZ8QaD4ctlvfE OpW2l27sEWS6mSBC56KGcgZPpVmDU9Nuphb2t3FNKYxKESRWby26PgHO09j0oAvUV5t8YviRZfCD 4WeLPidfwC8j8MaXeaiLYyiE3LWsLzCFXYNhn27Qdpx1welfBvxo/bY8d+Gf2FPD37T/AIHtNKj8 S602mmazmD3VtbfbWbfGQskb7lAGCSPXHagD9O6Kxo/Efh6XV38PxapavqkS73tFnQ3Cr6mMHcB7 4rSubm2s4JLq8lSCGIFnkkYKqgdSSeAKAJ6KydH17Q/EVr9u8P6jbanbZK+bazJMmR1G5CRmtagA orzD42+MdV+HfwY8ffEDQVifU/DPh/VdUtVnUvEZ7K0knjEiqVJQsg3AMCR3HWvzhh/be+M+n/Dj 9l74q69aaQNA+LGryaR4nkS2lT7NJLdeTbvbMZiIx5ayMwYP9zjrgAH620V8Pft4/tJeOP2cfhno F38KrC21bxx4t1u20jTLO6iedJN6u8jeWjxk42qg+YYLgniu4/Z5/aOs/ir+yjon7RPiXybdk0e6 vNXW3BSKK403zEvNisWKruhZlBJIUjk9SAfVNFfjLpn7dX7Rifs8/Bn4u67YaHDqHxT8cDRjEtpO I49HMjQAopuCRMZI5CHJIKlfl7n7S/a6/a60H9mvQbLQtCsT4q+Jnioi38PeHrcNJNcTSNsSaZI/ nEKvxgfNI3yJ/EyAH2RRXinwB/4XrN8OrLUf2iJdKXxfffvpbPSIHit7JGA2wM7yy+bKvV3UhMna u4De1H4oa38a9N+Jnw0034bwaRL4S1G6vF8UPfyBLxLdFhNubJTIhZiTJvwr4+XgdwD3mise88Q6 Bp9vdXd/qdrbQWJAuJJZkRISenmFiAv44q7Y39hqlpHf6Zcx3drMNySwuskbj1VlJBH0NAFuivNv jF8SLL4QfCzxZ8Tr+AXkfhjS7zURbGUQm5a1heYQq7BsM+3aDtOOuD0r4N+NH7bHjvwz+wp4e/af 8D2mlR+JdabTTNZzB7q2tvtrNvjIWSN9ygDBJHrjtQB+ndFY0fiPw9Lq7+H4tUtX1SJd72izobhV 9TGDuA98Vfvb6y021kvtRuI7W2hGXllcIij1ZmwAPrQBaorN0nWdH16yXUtDvoNRtH4Wa2lWaM/R kJB/OtKgAor4Z/Yi/ag1n47/ALPem/FP4wXuk6Nq2oaneWSCE/Y4HEDhUVFnlcljnnDHPpX3KrKy hlOQeQR0IoAWisO38T+GrvVpNAtdWtJtThGZLVJ42nQerRg7h07iteeeC1he4uZFiijBZnchVUDq STwBQBLRWBonizwt4laZPDms2WqtbHEotLiOcxn0by2O38am1jxF4f8ADywvr+p2umLcv5cRuZ0h Ej/3V3kbjz0HNAGzRXxj8Ff2gPG3xD/ao+OHwa1qKyXw/wDDsaOdMeCJ1uH+3wGSXznMjK/I+Xaq 4HrX1le+KPDWm6lBo+o6taWt/df6q3lnjSaT/cRiGb8BQBuUVWu72zsIhPfTx28ZIXdIwRdx6DJw MntVax1nR9UnurXTL6C7msX8q4SGVZGhk67ZApJVvY4NAGlRQTjk1haV4p8M69cT2mh6vZ6jPanE 0dtcRzPGfRwjEr+NAG7RX5qftQ/tMfHKw/aL8Ifsw/s43XhvTdX1nSZtY1DV9fZ5Le3SOWWMQgRk 7G/cNkFHZi6ABACx/Q7wtF4ig8M6RB4wnt7nXo7O3XUJbRWS3kuxGoneFW+YRtJuKg8gYzQBu0UU UAFFFFABRRRQB//Q/fyiiigAooooAKKKKAPzD+M3xt+IV38QNX0vSNXudHsNIupbWGG1kaHPkOUL uVwWLEZwTgDjHr9Zfs1/EbXviD4Nuv8AhJH+0XulTiD7QRgyxsoZS2AAWHIJ7jBPOSa3xF/Zl8Ie PfEEviWK9n0m7uiGuRCqvHKw4L7Tjax7kHBPOM5J9d8AeAPD/wAN/D0fh3w8jCIMZJJJCDJNKwAL uQAM4AAAAAAArtq1abppJanzmAwOKhipVKkvd1679tDtqKKK4j6M5fxv/wAiXr//AGD7r/0U1fgJ 4E8C+E/F/wDwRs1TVfEmnJfXfhe61PUdNkZnU212L0w+aoVgCfLkdcMCOemcV/QV4i06bV/D+p6T bMqy3trNAhfIUNIhUE4BOMnnAr88vhX+xV458NfsEa7+yb4v1rTU8Q6tFqKpe2LTT2SSXE5ngyZY oZCAQof5OOcZ7gHtn7GPwf8Ahn8P/wBnD4dTeEfD9tYSaxpWl6/cv80rNqt5psMc90plLlJHTKnZ tG0kAYJz+ef7Y3gPU/D37XWp/GH4+fCLWvjP8IbrRbaz0pNJeaVdDdFj+0tJBEy/M0gkYGRo0PmA hiy/L+kf7Ivgr4//AA3+Eth8Pvj9daDe3fhuO203SZtCadlbTbS3jhi+0meOPM2UOWUAEEZAOa8R +KvwO/a68I/H/WPjt+zF4v0nUrHxRZwW2peGvFk141jDJAFUS2ggJ2ZC7iA0e1mf7wYBQDlv+Cbd 3+zy2meP4f2dPGWq3ugXV/Fd/wDCKaxG0U3h0yeZ8kW95GdJfulw75MYDMXDE91/wVH/AOTFPiX/ ANwb/wBPFlWj+yj+y/8AEX4ZfEj4hfH/AOOOtaVqfxB+IxgS5t9Ciki0y0gtwMCMyqju77V3FlyN uSzFmavT/wBsz4KeKv2if2bPF/wd8FXVlZa14g/s/wAibUHkjtV+yX9vdP5jQxzOMpEwXCH5iM4G SAD89PiZ+wD8GfA37F938T9A+12nxT8K6AviceKUvrgXsuoWsAu5efM2hH2lIwBlPlIJcEn56+M/ x/1j4/8Ain9nfwL8WtA8UeMfBt54MtPFHiHQfCdrJNfazqMjTQ75IUkizbq9ur5DAoHfaQSCv2Br P7MH7fnjP4X2f7L3i74g+Eo/htHFBY3fiC1gvP8AhILrS4CAtu0TAQbtqhWIZS6gBpGy4b1741fs WeJF1T4X/Er9ljXrTwh46+EumR6Hp6aqskthf6TGpQW120YZxgPIdwRixkbO1trqAfC/w/mg8C/t W/DHxZ+yl8DviT8NPDutXqaR4xsdZ0S7h0iezunSKK5P764CGDe8js5VF2qwx8+7irrx34G+NX7U /wAYvFv7RXwp8efGTTfCms3Ph7w9p3hzTZr7TNKtrOWSFzMqXEOyeURq+3oWLsQTt2/ol4J+A/7Y XxJ+OHhn4uftO+MtI0TRPBYeSw8OeDp76O2u7hiDvvGmILJkKSpaQMF24UFt2d4j/Zk/aX+DXxw8 afGb9kHXfDsunfEeUXmueHfFC3QthqGSTc28ltlizu7uQWQDcR842hQD5r/ZKuvGHhXX/jz8OvC/ gXxr4N+C1/4ZvtY0C08X6bcWp068SJY7i2hlkaSPbKZndV8xmZIwx+YOTzn7FP7CfwO+N37F1l8R filYXOu+JPEFtqsWn3kt7cqdJgsrm4t4I7WNJBGqrLG0xDIwZnIIK8V9zfBH9mf476RD8T/H3x68 eR+I/HfxGsJ7GKwsZrldB0uJ4iiLDFIBzkICwiBVVIBcszN6p+yL8DPFnwC/Zc8M/BLxjd2N5rmj RanHNNYSSyWjG9vbm5j2PLFE5ASZQ2YxyDjIwSAeS/8ABL3xb4g8YfsY+C7vxJeyahc2EuoWMcsz F5Ps9tdSLChY8kRphF9FUDtXE/8ABS/4afE7x74f+G+reF/Cl98Q/BXhjWXvfFHhfTp5IbnU4MR+ RgRZkcJtlUhFZx5gYAYLD6C/Yf8AgH4w/Zp/Z60f4TeO7ywv9X0+6vp5JdNklltitzO0qBWmihck A85Qc9M9az/2svgR8Y/ihc+CvH3wC8bDwp4z8B3slzBbXss40jUopdu+K7jhDZxtwp2N8rOpxkMo B8Bfsia1+x9fftVaRqnwbHiH4JeL3sLiy1DwPqkEkVpq77HOd8ksoDxAh1T5CTGGVAd+76J/4J3f 8lD/AGp/+ym6x/6Plqbwt+zJ+058XP2gfAfx4/au1PwrYRfDVZ30rTPC0dyXnuJgBuuZrn5ggYBw odxxtCruYnKb9mX9sX4J/Gn4keMv2XPEnhOfwv8AFXUn1a9tfEyXfm6ffTs8kskItkIb5pG2ksQR tVo/l3EA+QNS+LfiX4NeG/29PHHgi7ez1weLrCwtbqLlrd728ntpJA38LIjvtbqr7cc17F8WP+Ce HwF8F/sU6z4z8NQXFn4/8PeGJ9bl8RJeTi4vZ1tGmu45F8zyzDcoXi2BeFYck5LdB4e/ZBs/gL8D v2jn/a58Z2+teFPiRNZX95rdhBcS3sU/mu7XktqkB2yLeTJKix+auFy2BkV4Z8aND/aa0X9ie/sv Evx38J6t8HYdFjXS9Qsbaca7rlsEX7Dp7iQKqCQ+UkhVjKF3eaWAcMAWNWuNR+JXwV/Ys/ZRn1O4 0vwp8S7Mz+IPs7eU93aaYkUqWwkHOHJfI7N5bEHAFav7cX7IHwb+AWq/Bfx38GdOfwvb6h430XS9 Q02G5nltrtgzzW9yyTSP+9hEcibh1EhzznPV+MPAHgaf9lP9lHTvEvjn/hVvxVsLawufBmq3NrNN bi+ligke1umRGSKOXdCSZSBlQCGXeh8m/az8P/tMat8VfgHofx9+IHhzXddu/F+mx6X4c8LwTLEI TMnnalcvMFfd/q1UFdgDOUKgPuANr9pTx7oPxQ/bz8UeB/jR4E8ZfFD4f/DDTrNNP8OeFLKW8j+3 3dvDO95fRJNCQv750Vg3zBUH3Qwbtf2SrjVPBP7ZdtpvwM+FXj/4d/B3xtplwur6b4n0m6trCy1a 2ikmjuYJGknSMSCJIwXkyWdkAwUC/Wfxr/Zh+NmmftBn9qj9lTxDpGm+LdU0+PTde0jxAs503VII VVY3L24aRZFWONQAF+4CHXLh7nwP/Z//AGlNQ+NF/wDH39qTxtaTX39ntpum+G/DNxeRaPaxSAq0 kglKF5AGfbkOQzbt+VQKAfkleeBvhz8JD498Nft/fBvxPqviHxBql7OnxGsDPdwETgCGaIiWOECN v3gXdIxyEkjwNte1/th+CfhH4g/4J5fDPxt4Z8Ty/E1/Duo22maX4kvPMivPsd3O/n28sRYbWTy0 iIdd6iMDPUn6g8Pfs/f8FDPg1pniH4U/Czxt4S8ZeB9YuLt7LUfF7X9xq1lDdfeRwqvHJgZ4YSqz EttUHaL/AIi/4J2atB+wnb/st+DvE1u/ie11CPWzqN2kkdnNqAl3umEEjxxBDsRgrH5QxXkgAHgH 7c1r4S+GvjX4J/sdeEfDGvn4Szrfa1q3hzwjHNd6lqiLLJMLaNWlDyIJFkkkHmfKrGQcomPN45NJ 8C/HP4ZfET9j74A/E/4az2+qW9j4mttR0K8j0vUNFndUl80Ce5/eRgkgsAoOJCd6Ka+7PiX+y1+0 l8YfCfw6+KWueKNB8L/tCfDa7uprPUNNS4k0W6tp3/4951kTzFDRgByI3Xl12lX+VNM+A/7bHxk+ K/g/xd+0p4z0Lwv4T8EXQvY9H8FT38R1S4QqQLp5iD5TFRkF2+QsgRSxegDxX4IfBjwB+2z+0D8e fid+0TZSeK7bwf4iuPCeg6XcTTW8FhZWTyAsI4XjIdxtPJ4cu3LEFdT9gD4W6f8ABb9r/wDaW+GG j3k97puhLoMdm9zIZpUtJY5ZreFnYkt5MTrECeyjp0r1zxJ+zd+058HPjj4x+LX7Ies+HJtJ+Jci 3eu6H4q+1fZ4dSBYm7tntRv+YuzMu4csQQ42bNr9jz9lj42/BH4u/FT4p/GfxVpfiu/+I66dO1xY eckguohI9wjQyRIiRRtJ5cGx2zGoJWP7gAPVv27PAvhPx1+yf8S4/FmnJqK6FoepavZB2dfJv7Kz maCYbGXJQkkA5U9wa/Iz4v8Aww8B+A/+CSHhvxF4R0iPTtS8YTaBf6tMjyM11dAuokYOzBTgnhQB 7V+83xe8B/8AC0/hR4y+Gf2r7CfFejX+lC4K7xCb23eESbcjdsLbsZGcYzX5aap+xV+1341/Y1uf 2WvG2teDzNoV5pY8P3dvPfIhsrN5WmF2/wBlJ3/Mgi2R8jIfBAJAPOv20v2J/hD+zj+y4fjZ8O11 DT/ij4MvNLu38R/2jdSXt5eXF3FFPNKXkKbmeQyAoqkEccEg+yftvah8B9d1z4P6z+0p40v7rQxZ G+X4f6RZT3Fxrl1PGMXEj280ZRI32hA6jOHVG+Z8fY/7anwN8WftHfs5eJvhB4Iu7Gx1nWZLB4Zd RklitlFreQ3D72himcZWMhcIecZwOR87/Gv9lT4+xfG74d/tK/s+6toE/izwh4ei8PXmmeIRcfYZ okWVTJDJCpkBPnsCMx4wDk5ZSAfCfwv1LwB4W/b/APg3qnwB+Gfij4O+HvFkOo2N/Z67bS2MWrpH byN5kMEk02UUlCcHbuVGADZNe8/s2fs7fBex/wCCjXxxsrTwvDHB4AXQtQ0NRLMRZXV3axyzSpmQ 7i7uzYfcBngCvSm/ZM/a+8bftJfDD9pr4s+L/Ct3qHhK8eO60PTVvLexstMddrfYpZIpZJ7h/MkZ xMEG4IBJt+76Yf2c/wBofwR+2zr/AO0F8LdX8PT+CfiGNKh8RWWp/aFv4YLCKKCT7J5UbI0hWMvG zOBlirKAAxAP0Pr4O/4KQ/DnwV43/ZO8b654p0tNQvvCdhNqGlyuzqbW64j8xQjAE7SRhgR7Vvfs b/Ej4tfEgfFWX4m69ZeJLPw94uvdI0e906JI7VrW2jjdkjdYojL5bSeWzkHLqwDMBmvXv2mvhhr3 xo+Afjj4WeF7i2tdW8S6dJaW0t47pbpIxBBkaNJHC8fwox9qAPx48c+BtD8E/sy/swfBH4TxyeC4 /wBpKfw2PFuo2MsnnXSyWdp5+Wd22mVrncUTarbdpG0kH1T9tD9kb4S/sp/BCD9o39mq0m8B+NPh readLHdW13cSG/guLqK1eG5WWRhIGMoZuPmUMjAq2B9UfE79jHV/iX+y18LfhSviGLw98RPhRY6J JpOtWu+W3h1XSbSOBiNwRzDI6ZDFAykI+w4KHyvxl+zP+2p+0/Z6J8N/2pvFPhPSPh3pl3Dc6nF4 UW8/tDWjbcoJGuUCRKW5+UKA3zeWdqAAHg3x1+GPhz9qz/goX8JvDvjcXEXhrxD8M7PVdTs7eZ7Z riFbm+uUt3dCG2ef5ZYA5+XghgGH7BfCH4R+BfgZ8P8ATfhj8N7FtO0DSTMYInkaZwbiV5nLSOSz Eu55Yk4wO1fPmofs3+KX/bZ8L/tFaVcabbeD9A8Fnw0bLfKt6JxcXEiGOMRGLyQkqjJlDZBG3GCf s6gD8Mrv9mbwB+03/wAFNfjx4f8Aiol1e+GNE03Q7xrG3upbZJ7x9Ms4YHkMTKx8pGlK4I5brgkH zL4v3vgO/wD2xL34GeP/AIeeMviL8J/ghoWl6bofhfwpZzXyLcNaQOLu/RZoWPEjIH3Zk2pnK7g3 6qfDP9nrxn4M/bD+MH7QeqXuny+HfiBY6Ra2FvDJK17E+n2sEEpnRoljUFoiV2SOSCMgHgedfGv9 mH42aZ+0Gf2qP2VPEOkab4t1TT49N17SPECznTdUghVVjcvbhpFkVY41AAX7gIdcuHAPkz9kq41T wT+2Xbab8DPhV4/+Hfwd8baZcLq+m+J9JurawstWtopJo7mCRpJ0jEgiSMF5MlnZAMFAvyjeeBvh z8JD498Nft/fBvxPqviHxBql7OnxGsDPdwETgCGaIiWOECNv3gXdIxyEkjwNtfrb8D/2f/2lNQ+N F/8AH39qTxtaTX39ntpum+G/DNxeRaPaxSAq0kglKF5AGfbkOQzbt+VQL474e/Z+/wCChnwa0zxD 8KfhZ428JeMvA+sXF29lqPi9r+41ayhuvvI4VXjkwM8MJVZiW2qDtAB4p8ZvFMeufs3fs1/s6fCj 4n6h4n8KfFfxBHoV74mOYb+XTYrhEe0lDfOjJ54j8tsErCEbKlt3SftofsjfCX9lP4IQftG/s1Wk 3gPxp8NbzTpY7q2u7iQ38FxdRWrw3KyyMJAxlDNx8yhkYFWwPXj/AME3Lew/ZR8J/Bfw74vaw8fe CdV/4STTPEKxMI49YLbyBFuLLBgKoI+YFFk2k5Q1fGX7M/7an7T9nonw3/am8U+E9I+HemXcNzqc XhRbz+0NaNtygka5QJEpbn5QoDfN5Z2oAAUrXXz4q/4Kf/DTxO0fkHWPhJFeeX02faLm6k2888bs V0XxVdD/AMFV/grGCNw8GaqSO4BF9g/jg12P7SP7L/xm1L41eBv2kv2XtZ0bSvFvg7SW0KTTNbSU afdabulZIwYFZgVMzjb8v8JDqVweM+G37J/7UNx+1x4U/as+O/i3w7q13Yabe6fd6dpK3MMNjDJD LHbQWQliJlTfK8kjSujBmIG7g0AfJn7BX7G3wh+Pj/Eb4qfFq0utan0Dx1fWWlW32uWK3tjaSRXc jeUjBX85plVw2QQvABOa9R/Zj+Bnw4/bl8WfGD4/ftHWcvjCSHxTf+GtF0+4uJ4INL02xWOSNYkg kjKuVnUZPIZS/wB92Y/bv7Ff7PXjP9nHwR418NeN73T7668SeLtT1+3bTpJZI0tb2K3SNJDNFCRK DE24AMoyMMeceDSfsz/tYfs/fEfx14i/ZB17wvdeEviJfPql1o3ihbtTpuoz582a1e2BDKTz8xA2 hUKNsDUAfN37UPgf4j/sL/sh3nwo8DePdT1vSfH3jGLTtKWC2ddQ0fSbqOaaWytphOxleTyUQACI MXkwo3kj5/8AiR4P+FGj/D3Tp/2XP2dPjD4E+KvhiS2n0nxDLoV0rSyxuom+2MlzLkSpvPyRcNgA CMsp+/7T/gnDd+J/gD408IfFTxn9u+KHjzXY/FN1r9pG32ey1eDf5It4j5bNCiyyqThDiQ7Qm1QK nif4Gf8ABSP4xeHdM+EXxO+IPhPw14Wglt/7S17w4b9Ncv4YGDDhkjjV2IBbZ5SkjnK5UgH6SfDL X9b8V/Dbwn4o8TWEmlaxrGk2N5e2csTwSW1zcW6SSwvFJ86MjsVKtypGDyK/Kf8AbHb9l8ftS2Oo ftFa9q/xLns9HSHSvhzounXFybOWQh/tkzw3CI8koLYjYIxUoTlFTP696Fo9t4e0PTtAs5JZoNNt 4baN7iRppmSFAitJI2WdyBlmJyTknmvze8ffs0/tP+Af2rvFP7TX7M2o+F9T/wCE8sLay1PTvFP2 pfs7W8cMQaGS1BcofIVvvrjJXYwClQD5Q/Yq1LQPCf7f3iXw/wDC/wAE+Ivhb4I8R+EZNQbw3r8U kE5lgliC3K27ySsoYh/L+YkbnC4UgV2f7HP7OXwt/bb8DeLf2l/2lrGbxp4j8Z6xe21qJrqeBNMs LbakMNutvIgQrk4PZQoA+8W93+D37JX7Svhj9ru0/ai+LPjHQfEs2s6Nc6frNvZJc2osWcfuINOj aJhLBH5ceXleJzlyQzctj6D+zH+2R+zPqni3w1+yR4i8JXvw+8VahNqVpY+J0vFudEuLnAkFubdX WSNVVQC5bOAfLzuZwDxb48/DD4k/s7/Af4V/sa2/xMvtY074peOoND/tP7P9muLLw/dMkbaeHMsu 4B5A2QU3LuiCiPKn6b1b/gmt8J/DHibwJ46/Zwv5fhX4m8HX0M097CbjUBqVmg/eW9xFLcoCZTwz g4KllZWG3bxx/wCCb13N+ziPA1x43c/FhfEjeNV8TiNvLTXm6hY+GEGBjPXzP3u3/lnTtc/Zr/bS /aO13wl4d/ar8S+E9P8Ah/4T1C31O5tvC63Zu9ZubTIj843CKsaOGYNtKgZJEedpUA+ILrx34G+N X7U/xi8W/tFfCnx58ZNN8Kazc+HvD2neHNNmvtM0q2s5ZIXMypcQ7J5RGr7ehYuxBO3b6f8As46R 8bGl/aA+CnwH8I+Nvh94C8ReG7nUPBsXi2xudPfTNVIjimtbe5kd44/OaZzGfNLAIsh+ZXY/WXiP 9mT9pf4NfHDxp8Zv2Qdd8Oy6d8R5Rea54d8ULdC2GoZJNzbyW2WLO7u5BZANxHzjaFu/Dz9kD44a 34d+KmuftBfFK6l8c/E60+xw/wDCP3N1FpmhIhVomtI3aIlgyRhvlQlFZNzeY7EA/JvT9D/ZZ8H+ BPDnwz/aD+GnjH9n/wCJ+lSWxXxxFFdXCS3kMitLchvMQkS4JURxSCLOUf5fm+6P25vAvi/xD8SP hF8YNY8F6j8e/gxo2hkXmmaPK+6W+nV2GptDbZLpLE0TgqNnyFWZVYZ2de/Zm/4KH/EH4Qj9l/x/ 4s8DXHgZo7ayn19o7661qWxtZEaP5JEEbTAIMlgrE/8ALXPz17H8Sv2VPj74H134a+Of2S/G9va3 nw/8PW/hqbQ/Ec1y2kajZ2sflxzMkG4LMRjfgLkqhDrtO4A8f/4J96p+yrd/Grxpe/s6a5rnhB9V 09De/D3WIXiS2mheMPeQs8s29lIKlQ5KCQggLtC/sDX52/Az9mL44XP7SN1+1f8AtNatoB8VR6R/ Y+m6X4ZinWzghYkmSeW4AkeQKzKAS/DffwqqO/8A2N/iR8WviQPirL8TdesvEln4e8XXukaPe6dE kdq1rbRxuyRusURl8tpPLZyDl1YBmAzQByf/AAVH/wCTFPiZ/wBwX/08WVfDvxx/YX+C3w5/YVb4 16Tb3y/FPRNJ0vXW8RnULpruS/le3eUkGTywg3FY9qBkwrbt2Wb9Qv2zPgp4p/aJ/Zs8YfBzwVdW VlrXiD+z/s82oPJHar9kv7e6fzGhjlcZSJguEPzEZwMkVfjp8DvFnxN/ZJ1f4C6Dd2UHiC/0Sy02 Oe5klSzE1t5O5mdI3k2HyzgiMnpkCgD4i/am174T+Nvgl+zz4k/aa+Id9ZaFqWn6fqt/4U021muL zxXdzWdvIVZreWNo0idvvFcZkIDK5Qj5Ii1P4W+GP2v/ANn3xd+zd8KvFfwe0/W9b/sm+m1m1lsL bWbad4Y2WCKSebcFSRt54B3ISNyg196fFP8AY3+OaXPwD+KfwZ1vQj8QfgzoFros1nrPnvpN4IrU QSPEyJ5gOWkAyqMQVYMjIM8540/ZO/bT+Mnxa+Fvx0+K3i3wgmo/DzXbS8h8O6aL6HTobBJo5rl0 uZI5pZLubykQqyCMBQQ46EA0vhxcWf7Lv/BQr4jfD/UpV07wZ8atKbxbp7udsMWpWIkkvlyeFJAu ZXx0URg9jXy3o2m3nxQ/ZT/ay/bL8Qwst18UzdWuj+aPni0PTJVhhVT7lRG3vADX6A/t+/sjeLP2 p/BXhwfDLVbPQfGnhm7uPs95fSzQRNp+oQNBewGS3imkHmAR/wAJBAKn71egePP2Z57j9jG+/Zb+ HM9ra3I8PRaNaXF4Xit2mQLvmmMaSOPMcM7FUY7mPFAH5gfHLwMnxM0L/gnj8Pp7+50218QeHxZ3 U1nK0E/2SXTNHW5RJF5UyQ74z2wxBBHFenfGn9nn4Y/sk/tUfs0+LP2etOl8IHxX4gbQdWt4bq4m hu7WVoIyHE8khyUkcNzgna2Nyg19Map+yL8SL3Vv2Rr+LUtJEfwD0/7JroaafNy/2Kxts2OIP3i7 7Zz+98o7SpxkkD1D9pr9nrxn8Z/iZ8DvGfhe90+1svhn4lTWdSS8klSWa3V4WK24jikVpP3Z4dkH T5vQA+O/BHws8GftsftlfHHVPj3BJ4i8P/CS5tPD2g6JLLLDaweb5wnuGWJkZmd4CwJJ3b+eEQLn /so/Bvw/8Bv+ClfxP+HHg+5nk8O2ngpLjTbe4medrK3uruylNsruWbYkjOUBOdpGSTlj0/iHwjr0 X7Y3xF179i74m6FovxCube0Xxl4U8TWl2llM6xq0F5BIkWZDsbc3lE7WYlmxKRXn37Dmi+M5P+Ch Hxp13xj4xt/iDq9n4dgtdW1ewi8qxS/uJrRxaQYJGy3WBol6Z8s5AINAH35+3Z4F8J+Ov2T/AIlx +LNOTUV0LQ9S1eyDs6+Tf2VnM0Ew2MuShJIByp7g1+Rnxf8Ahh4D8B/8EkPDfiLwjpEenal4wm0C /wBWmR5Ga6ugXUSMHZgpwTwoA9q/eb4veA/+Fp/Cjxl8M/tX2E+K9Gv9KFwV3iE3tu8Ik25G7YW3 YyM4xmvy01T9ir9rvxr+xrc/steNta8HmbQrzSx4fu7ee+RDZWbytMLt/spO/wCZBFsj5GQ+CASA edftpfsT/CH9nH9lw/Gz4drqGn/FHwZeaXdv4j/tG6kvby8uLuKKeaUvIU3M8hkBRVII44JBX9uD 4oS/EL9ov4S/Bn4gaB4n8X/D1PDUHifWPD3hK2kuL3Vbu4MqoJI0kiLQQmFCWDAoGfaQxBH6Vftq fA3xZ+0d+zl4m+EHgi7sbHWdZksHhl1GSWK2UWt5DcPvaGKZxlYyFwh5xnA5Hkvx8/ZL+JPinxH8 Nvjf8CvE1j4a+K/w409NLV9QSWTTNSstpD285RWdUBeXaRGSQ5+6wVlAPgn4fzQeBf2rfhj4s/ZS +B3xJ+Gnh3Wr1NI8Y2Os6Jdw6RPZ3TpFFcn99cBDBveR2cqi7VYY+fd+/DukSNJIwREBJJOAAOpJ r85PBPwH/bC+JPxw8M/Fz9p3xlpGiaJ4LDyWHhzwdPfR213cMQd940xBZMhSVLSBgu3Cgtu/RO/s rbUrG4068TzLe6jeKRf7yOCrD8QaAPnz9pLWtG8QfsofFzVtBv4NSsZfB/iMJPbSpNExjsbhHAdC VO1gVODwQQeRX5e6p8Op/iB/wRp8OXGnq39qeELH/hIrN1+9G2nX87TOD1BFs02DXR2f7Ev7dXgT 4deIv2W/hr8QvDJ+D+uvdxRXl/HONWttPvWJuLcIkDLmUOwYBmByxV492B+ovw8+B/hP4ffArS/g DbtJf6DYaO2jyvMAHuI5Y2Sd2A4BlLsxA4GcUAfnT4f8dw/tbftr/A3ULci40T4d+BE8ZXiD7iap rsMapEw/vx74JFHUFW7A5+Utd8Zah+z3+z3+1j+ynYblvbPxZbWHh+2HDvYeLG+SJB3H2SFmwP4p PQ1+g/8AwT3/AGK/Gn7Jlt42v/iTrGn67rniSWyt7aewlnmWLTtPjZYUY3EUTKxL4KKGUKiAMcYG f8cv2Ete+Kv7aPgb9ofT9TsLfwhpbaZd69p80swuru+0d5WtZI4liaGQbTHGfMkUqofGc4IB83/8 FDvBWqfBP9m/9mvwL4JtI77V/B3iDSbWzhKlkub60tDt3AFSfOmGWwVzuPIrgvh9B8Sf2OP2wvD3 xa/bVSz8RTfF+y+zjxPzInh7UnIDWqscRxIiFYnKAKImzG2xJFb9Lf2yf2cfG/7Q6fC9fBd9p1kf BXiuy129/tCSaPzLa3zvSHyoZd0hzwG2r6sK9i/aM+Avg/8AaT+EmtfCnxkgWHUU8y0ugoaSyvYw TBcx/wC0jHkZG5CyE4Y0Ae4AhgGU5B5BFfmH+2l/yeP+x5/2Gtf/APRdhX0p+x98Pfj78J/hBZfD X4+6tpPiC+8PEW2mahplxcTvLp6riKO5+0W8BDw/cVl3bk2g/MpLYX7Qf7PXjP4sfHz4C/FPw7e6 fbaT8LdQ1S71OK6klS4mjvVtljFsscTozAwtu3ugGRgnnAB+f/wf/Zo+G/7Rn7cP7TJ+LlrPrnh7 wrq9hJFpBup4LOW8vo51W4lSF0LvFHC6pk4HmHrXsX7CHhe2+DP7VP7R/wCz34QuJ08EeHp9Iv8A TLCaZ5ktGvYWldY2clvuuqEklmCLuJIyfp79nz9nrxn8J/j78evip4ivdPudJ+KWoaXd6ZFaySvc Qx2S3KyC5V4kRWJmXbseQHByRxk+Ef7PfjPwD+1d8aPjrrF7p82g/EaLSI9Pggkla8iNhbrFL9oR okjUFh8uyR8jrjpQBe/bs8C+E/HX7J/xLj8WacmoroWh6lq9kHZ18m/srOZoJhsZclCSQDlT3Br8 jPi/8MPAfgP/AIJIeG/EXhHSI9O1LxhNoF/q0yPIzXV0C6iRg7MFOCeFAHtX7zfF7wH/AMLT+FHj L4Z/avsJ8V6Nf6ULgrvEJvbd4RJtyN2wtuxkZxjNflpqn7FX7XfjX9jW5/Za8ba14PM2hXmljw/d 2898iGys3laYXb/ZSd/zIItkfIyHwQCQDzr9tL9if4Q/s4/suH42fDtdQ0/4o+DLzS7t/Ef9o3Ul 7eXlxdxRTzSl5Cm5nkMgKKpBHHBIOD+1P8T7b4s/tdeGfhr8WvCXiz4gfD3wl4Xstan8M+EbSS6k vdSvY45PtN1FHLCTBGJlTeG+VgEHEj5/Un9tT4G+LP2jv2cvE3wg8EXdjY6zrMlg8MuoySxWyi1v Ibh97QxTOMrGQuEPOM4HI8U+MX7JnxeX4j+C/wBon9m/xLpeh/Enw1o0Oh6laausz6Tq9lGv3JWh UyLg8cIC2EIaNkBIB8cfAOebwL+2T4Q1P9m34OfET4b/AA38WwT6f4r03xBo11b6WswjZra7iJlu EjZXChmdl2jIXiRhX7uV+efwm+A/7Vnin486f8ev2ofGmnWkPh61lttL8L+FJ7xNMLShgZbsTFfM K7icHfuYISwVNh/QygD+fr/gm9+w78C/j5+zhd+PPjRplz4jvb7ULyw09TfXMEem20O0k26QyIok eVmdiwYHC8DLbud8LfHn4mfCr/glt4xttB1y7/tTSPGF14O02/3sbi0sG8qQiKQHMZCGRIyD8m4b MYXH6w/sK/s9eM/2YvgDZ/Cvx7e6fqGrW+oXl00umSSy25S4cMoDTRQvuAHPyY9Ca8J+HX7AOov+ yn8RP2cfi5q1l9o8YeJL7XbG+0ppbhbNpfIa1dlmjgLOjwnzEHylCVD85AB+cvi34ffBSz+D0Ok/ B/8AZ0+Mvh/4r6NFFc6b4rbQrqK4fVIsMZZ3ju32pK2c7I8oDlBkc/YP7SviXwN48+B3wB8Q/tie LdU8LRXEMV1rXge1025XUfEmopHGjxvHHJFJbpHKCfmQAeZgMrlCOw1n4F/8FLvGfgC1+AviP4he ENM8MIkVrdeKNOOoDX7iyhZdoI2onmlVAcr5ZcZBkOWLdt8eP2Ofiy3i/wCDvxb/AGdvEVjd+Lfh Dp50tIfFsk9zDqEJjaMzSyxhnM7b33n5clgyuhQZAPzxi1P4W+GP2v8A9n3xd+zd8KvFfwe0/W9b /sm+m1m1lsLbWbad4Y2WCKSebcFSRt54B3ISNyg19S/BD4MeAP22f2gfjz8Tv2ibKTxXbeD/ABFc eE9B0u4mmt4LCysnkBYRwvGQ7jaeTw5duWIK9Z40/ZO/bT+Mnxa+Fvx0+K3i3wgmo/DzXbS8h8O6 aL6HTobBJo5rl0uZI5pZLubykQqyCMBQQ46H0TxJ+zd+058HPjj4x+LX7Ies+HJtJ+Jci3eu6H4q +1fZ4dSBYm7tntRv+YuzMu4csQQ42bAD5M/Z20gfsjfFP9tO38JXEupR/DzQLO+0r7WzXDLHFZXF 1ZwSMTllhVkiJz91e3SvnL4N6P8AAXx18H38QfHH4C/Fr4neP/GQnvL7xdYaRPdxtLKzCKSwnF2i MkahcFoyGYEMCmFH6efsy/sZ/FTwJ42+NniP9onxHpfjSD4yWNtb3r2JnikcyRTLexNG8SLHEvnG KAo5JjUErGfkHCeD/wBnb/goT8AfBV38DPgb418H6x4GDzpo+qa4l5FrGlW9wxcqqwo8JKM7FMiU Z5AVcIAD42+LHib40ap/wSrbT/jNp+taX4i8L+L7TTbWXW7Wey1CeyiKzW0zCcB22iUxhwSP3eNx Kk1+vP7NH7GXwb/ZiabXfA1lcN4m1bT7ez1XULq6luJLp4z5ksmHJVDLJ8zBAAcLxxz84fE79g/4 ja/+xVafs3aD42XxF4tbVbbVb7WPEN1deTLKrlpVjIS5kRFXasaYwcFiQWNfqNQB+ZH/AAUk8Q+K dWh+D37POg6tcaDp/wAYPFMGkate2rbJfsCvEkkIb/poZg2P4tm0/KWB8O/bQ/ZG+Ev7KfwQg/aN /ZqtJvAfjT4a3mnSx3Vtd3Ehv4Li6itXhuVlkYSBjKGbj5lDIwKtgffH7Xn7M7ftK+AtL0/QdcPh fxl4S1GHWfD+rBS4tr635UOoIOx+MkZKsFYBtu1vlvxl+zP+2p+0/Z6J8N/2pvFPhPSPh3pl3Dc6 nF4UW8/tDWjbcoJGuUCRKW5+UKA3zeWdqAAHzzr/AOz98B/ij/wUT8EWWv8Ag2CXRfiJ4Abxfqtk 0twqz6tfXF1JJOxEgYNwBtUheOlfuyAAAB0FfGWqfs3+KZf21/CX7ROk3GnW3g/w54Nbw2bLfKt6 J/PuJEMcYiMXkhJVGTKGyD8uME/Z1ABRRRQAUUUUAFFFFAH/0f38ooooAKKKKACiiigAooooAKKK KAOV8ceK7LwL4O1vxjqADwaLZXF2yFxH5nkRs4QM3AL42j3Nfnv4m/bc8YXv/BPTUP2uPCGn6ZYe KU8p002VnvLe2SXXBpyrKFaJ2YwZbOUBfkDHy19dftPeBfCfxE+APjrw74005NU05dJu7sQuzqPP s4mngfKMpykiKw5wccgjivxLsPhh4D8Kf8EZPEvxE8P6RHZ+IvGcWmnV7xXkZ7v7D4oEVvuVmKr5 aEgbQM980AfvV4J8eaTr+heHf7S1OyTXtW020vZLNZkWXM0KyMUhLF9uW468d676WWKCJ553WOOM FmZjhVA5JJPQCvwi+OP7C/wW+HP7CrfGvSbe+X4p6JpOl663iM6hdNdyX8r27ykgyeWEG4rHtQMm FbduyzV/2vvjFr/xCj/Zi+EvjSz8R+I/C/jPw5Z+JvE+l+FoGn1XW2+yrIIFjR496Bkd5AGG1SZP vImAD90dG8ReH/EUUk/h/U7XU4om2O1rMkyqw7EoSAeOhrYr+eaOTSfAvxz+GXxE/Y++APxP+Gs9 vqlvY+JrbUdCvI9L1DRZ3VJfNAnuf3kYJILAKDiQneimv6GaAPx0+H/7RH/BQn48+NPiZY/BiDwH FovgPxJfaIP7XivYp2WCVxEcxSOrHYo3H5ee1ereAP2vfj58NvjT4c+Bf7aXg7SfDs3jZmi0HxHo c0h0y5uQVVbeRJXlYO7sEzuQhmTMe1w4wf8Agmf/AMjN+0r/ANlE1L/0ZJVH/grRcRp8O/hFbaTs /wCEok8e6a+mHjzBshnD4/i2+Y0O7Hfb7UAdH+0F+0P+1fbftd2H7NH7OkPhfddeG49bMmvxXP3h LMko82CTphF2jZ65NcN8R/2mv2/P2V9OsfiL+0V4O8H+Jvh/9rhttSn8NSXUd5aCZwqv/pEgU5yQ o8sqWwrMmQa4H9orWvjVoH/BT/R9Q+Afh3T/ABP4rHgNFWz1O4+zW5t2nuPNfzN8fzLxgbua7T4q /CX/AIKG/tgaBb/CT4v6Z4U+GPgK8u4J9Wl0+4e9vp4rdxIqIBJMpw6hlH7v5gNzYGCAfrPYeItF 1Lw9aeKre7jXSr22ju47h2CJ5EqB0cseACpB5qTR9e0LxFa/bvD+o22p22dvm2syTJkdtyEjNfkp 8efAun/G/wDbR+GX7GniK5urf4T+DvCS63c6VFM0C6lJAz28McrxlWZEWOIA9QPM27S24Y3xe+En g/8AYj/ah+BPjn9nmKXwxo/xI16Lwv4g0SKeaWzvIrmSKKOby5JGO+PzWYc4DKhABLbgDo9N/aI/ by+MHx2+MPw5+A8PgiLSPhhrI08trcV5HM8U7zrAd0Mjh2xA287V7YHPHT6L+1l+1T8FPjd4E+E3 7YPhLw8uj/Ei6Gn6TrnhqSbyo7xmSNY5kuJGJHmSRhsrHgPuUvtYD5g+DHir9qfw1+1p+1MP2avB WjeMFuPE0H9qHVrz7J9nKS3v2fyv3sW7fmTd1xtHTNfSFp+zz+1/+0r8bPh78R/2rk8PeEfCXwzv l1ax0TRJHuJrq9R0kQzOzSrgPEm878bQVVAWZwAfq/WDf+KvDGlWs19qmsWdnbW8nkySzXEcaJL/ AHGZmADex5rer8M/2VP2UfhT8fP2gP2l/F3xjsG8TabonxA12y0/Spp5UtIZ57yZ7i6McbrmR0ES KewU9TtKgH7V67aeFvE3hi9sPEUdpqXh/VLZ4rlLjZJaz20y7WD7soyOpxzwQa+JfCn/AAT4/YS0 XxsdW0HwTYXmsWbR3i2c2pXV5FBubekn2SW4dNjHGA6FMcAYr879XivPg/8ADj9tL9krS764v/BX giwsdU0COdjL9gi1QJPNbCVssVHmRgAn7yO33mY16H4N+AfgL9l39iKP9svwnb3d18Xp/BcV4mr3 FzJOYZtfjhRHSFyYgbaOYKh252g7t2aAP1Z+MPw++A/xu0kfCX4v2uma7FK6zRadcXIiukkAKrJD 5bpPG+1iA0ZBwSM4JFcH8F/2J/2ZP2ftfHi34YeC4bDXUSSNL+4uLi9uI0kGGEbXMkgjyvy5QKSu QSQTn4v+Ev8AwTe+APxB/Zc0PxB4st7nUPiL400S31ybxTLe3DXsOo38C3KSKfM2FImcDDKd4BZj uOR8or8ffit8ev2R/wBnj4M614ivbO5+JnjB/CeuaxG5F1cabZTxRhGlJy7vHcJvJOZTGQ5IZsgH 9BmleKfDOvXE9poer2eoz2pxNHbXEczxn0cIxK/jXwN+17+0v8X/AAb8W/hx+zx+z1LoFt4p8dC+ muNS11na2sYbOPzMFYz8rFVdiWVugAXLZHzb+2h+yN8Jf2U/ghB+0b+zVaTeA/Gnw1vNOljura7u JDfwXF1FavDcrLIwkDGUM3HzKGRgVbA5v4y/BD4K/FP9vT9n668Q+EoZbH4t6Fqms6/bNLOovLhN MmnhZ8SBlMbImAhUfLznmgD9m/h7F41g8D6HF8R7yyv/ABQtpF/aNxpyslnJc7fnaAOA3l5+7kAk c4HSsH42+MdV+HfwY8ffEDQVifU/DPh/VdUtVnUvEZ7K0knjEiqVJQsg3AMCR3HWu+06w07QdJtt LsI1tbDToEhiTPyxwwqFUZY9FUDkmvA/2kta0bxB+yh8XNW0G/g1Kxl8H+Iwk9tKk0TGOxuEcB0J U7WBU4PBBB5FAHw/D+298Z9P+HH7L3xV1600gaB8WNXk0jxPIltKn2aSW68m3e2YzERjy1kZgwf7 nHXA+jP28f2kvHH7OPwz0C7+FVhbat448W63baRplndRPOkm9XeRvLR4ycbVQfMMFwTxXwjqnw6n +IH/AARp8OXGnq39qeELH/hIrN1+9G2nX87TOD1BFs02DXqXh/x3D+1t+2v8DdQtyLjRPh34ETxl eIPuJqmuwxqkTD+/HvgkUdQVbsDkA+1P2ef2jrP4q/so6J+0T4l8m3ZNHurzV1twUiiuNN8xLzYr Fiq7oWZQSSFI5PU/J/wl+MX/AAUH+P37P/gz4ufDK28D2l74gu9Wa6i1aG9gRbKCWOCz8lY5JCWL x3JdmIypj2jqT8Xa74y1D9nv9nv9rH9lOw3Le2fiy2sPD9sOHew8WN8kSDuPskLNgfxSehr93vgx 8PLT4TfCTwd8M7MLs8M6VZ2DMvR5IIlWST6u4Zj7mgD8ovBv7Q//AAUt8c/Gvxt8BdGh+HaeJPAM NtPqDzRX62rJdokkfkyCRmY4kGcouOa/U34I/wDC7f8AhAbf/hoL+xv+Ex86bzv7C837D5O791t8 7592373bPSvgn9nH/lJn+03/ANg7Q/8A0mtq/VKgClLqWn287Ws91FHMkZmKM6hhEOC5BOdoPfpV Sw8ReH9U019Y0zU7W7sI9264hmSSFdn3supKjHfnivx6/af+Dnh748f8FPPAPw58ZzXP/CNXfw/S 41S1tp5Lb7db21/qEq20rxMreU0yxs4Bz8vBDYYeYWP7H3wqs/8AgoTq37N2kLfaf8JtV8N23inU fDcF/dJaXlxauYYYpm83zHjSZzMoL8H5RheKAP3Y0jW9F8QWQ1HQb+31K0YlRNbSpNGSOoDISMj6 1Q1nxh4S8OzRW3iDW7HTJpyBGl1cxQM5PTaHYE/hX5U/sw+A/D/7P/8AwUD+M3wX+GJbQ/BNx4Us tbjsJJpJre2ug1su8ea5YhfOkPLZCttyABj5N8OaX+xHqQ8VaHqnhbxp+1b8QNYv7pr7xNoulXYU yyHCJE/2sLGkQ/5arvDfeBMe1QAfr7+2P8XvEP7Ov7L/AIw+Lfw3trE6roZsZLaO5iMlqxvtRggl ZkieMsWWZ2yGGWOTnnPvPhPxTHqPgLw94q8Q3EFnJqlhaXMrMwiiEs8KyMF3ngZJwMk4r+fnwp4h 17W/+CMfxO07XLue6Tw/r9vptoLhtzw2seq6ZKsXfAVpWwM4GcDgCu+/Zw1uD9t39oLQvCX7TMFz oOh/DzQdO1Hwl4Iu4njttWjEKqdQuGk2/aDsCyBNu1kbAJjSUSAH726hq2laTYtqmq3sNnZoAzTz SLHEAehLsQoH407TtT03WLOPUdIu4b61lGUmgkWWNh7MpIP4GvwX/aR8c+HviX+3h4m8BfGTwH4x +Jvw8+F2m2UWm+GvCdjLdxC+ureGdru9ijmhwv750VgRuCov3Qwbpv2Yz4l8JftaS6J+zp8MfH3w x+FfjvRb2K/s/FOj3UGnadrcFvLLBeQs0k6IreXGnzyZLOyAYKBQD9sJ/FnhW21hfD1zrNlFqr4K 2j3Ea3Bz0xEW3nr6V0Ffy8W3gr4NfCzwTrnw5/bl+DvizQfHl/eXrn4j2xn1CKS6mkZorpX82OJ1 TIyqGXzCNzAM3y/0Qfs7Xeg3vwO8FTeF/GEvj7SV02GK21yf/X30cQ8sPNn5vNG3bJu+fcp3/Nmg DM8Xa58arT48eBdF8MQaQ3w3vLW/fxBLcyBdTSZIZDbfZUMqlkMgTeRG2F3cjqOE+Bv7UFt8ZvjT 8XfhhHZW2n2nw3vbGws5luRLNqLzrcNNKFwAEXyl2qu4gZJbkAfOPx+ghuv+Cmv7NdrcLvim0TxO jr6q2nXgI/KvIv2Dv2ffg7on7Xf7QuoaX4ahguPhprtnbeHXEsx/s+G7hvYp1QFyG3p8pL7j6YoA /Xbxx4rsvAvg7W/GOoAPBotlcXbIXEfmeRGzhAzcAvjaPc145+yj8dn/AGj/AIG+Hfi1d2dvpV7r f2t5bC3m8/7KkV5PBErMcMWKRAklVyckADgav7T3gXwn8RPgD468O+NNOTVNOXSbu7ELs6jz7OJp 4HyjKcpIisOcHHII4r8R/Dstr+z/AP8ABKjS/ib8JLU+H/HHxYu49E1bWbeWRZ2iTUL5EfcWIiKw o0QaMKRvyDuAIAP6ErbxT4YvNWl0Gz1ezn1ODPmWsdxG06Y67ow24dO4rZmnhtoXuLiRYoolLO7k KqqOSSTwAPWvyF+PH/BOr4B/Cn9mDxB4v+HMF3ofxC+HmkT65beJob24S/nvNNiNxIz/AL3YPO2M AFA2EgoRjnyHxN498U/to+Jv2UvgR8QtSubLwz468PTeI/E8do5tv7WnsI5x5bFCCEZ7RztUgDzd 4GVQgA/cTRvEfh7xHDJceHtUtdUiiba72s6TqrehKEgHjpWzX4r/ALUPwR8A/sO+OfhD+0B+zfay eD3vvE9l4b1rS7a4nltdTsb1JHYSRyyPkqsLD03Mr4DqGr9obmdLW2lupASsKM5CjJIUZOB3NAGX q/ibw54feCPXtVtNNa5bbELmeOEyN6IHI3H2FbSsrqHQgqwyCOQQa/mW+B3iz4WfHKHxb8Z/2nfg h8R/jR4o8WajcrBe6Jpdxe6Rp1iuPLtLOSO7h2tESwIwdgChcHcW+vv2WNV+IWl/sz/Hr4b+O9V8 UfB7wL4ccnwv4h8W6ZcQajpui6h5qGJFZ4xJJAsYVVgkJSSUbOSi0AfsRJ4z8Hw6wnh6bXLBNVkO 1bRrqIXDH0ERbeT+Fbl3eWmn20l7fzpbW8ILPJKwREUd2ZsAD61/MX8Q9I/Yyu/2bNVsPgp8JvG3 ivxNo2n/AGk/EFdNuray+12+HmvriaS5ISKRgx8sxkKDgfMAa+uPjv4X+NHxr/ZA/Zl8dReH9R+K Xh3R7ax1Dxh4fs7iRL3WYxBCIXYxZlkI2yhyis+ZN2OrAA/azR/EXh/xDaNf6BqdrqdspwZbWZJo wfdkJFXrO/sdRgFzp9xHdQkkB4nDrkdRlSRX4hfsjax+x7qH7VGlaj8HV8Q/BPxbJYXFlqPgfVbe SOz1h9jn78ksoDRgh1jOwkxhlQHfu7z9mfxxpH7GPxK/aS+APixjb+GfCCXHj3w/GTjfpc0YMsMR PUrmCJQOsgfjNAH7AwX1ldSzQW1xHNJbnbKqOGaNj2YA5B+tfLP7WP7TC/s2aB4PvbXTYNWv/F/i PT9CVJ7jyVtorze0l06gFnVFjIAyo3EEtgYPj/8AwTV8A61pPwLvvjN41Xd4t+Muq3Xii/kYYbyb l2+yr/uFN0yeglxXiv8AwVa+F/gLxDZ/BzxdrOkR3Or33jXSPD81wXkDPpdyLmWW2IVgoVnGcgbv RqAP1sbVNMSwOqvdwrZBd5nMiiIL/e3524981X0fXtC8RWv27w/qNtqdtnb5trMkyZHbchIzX4// ABg+FHhT4mfth/DL9h8xz6N8GPBnheTxDNoVrPLFFfzefKqRvIH8xkUhMEsWH7zaVLbhH8XvhJ4P /Yj/AGofgT45/Z5il8MaP8SNei8L+INEinmls7yK5kiijm8uSRjvj81mHOAyoQAS24A/Zr6V8+/s 9eKPjBqXwph139o4aLpvicXU6zHSZ0awWAOFhIk82Vdx6H5+vYV9Anoa/nA8J/8AKEzxn/2G4v8A 092VAH9G895Z2ts17dTxw26gEyOwVAD0JY8YqpqOt6LpGnnV9Wv7eysQATcTypHEA3Q72IXB7c1+ ff7aTon/AATb8TM7BQfDmijJPczWgH5mvjf9oj4deN9S0/8AZt+KPiT4cap8Yfg/4d8EadDqHh3S pZfMg1GS0Gbt4Ycu6+WYsHG390VdlDcgH7mWeuaLqGm/2zYahb3Nhgt9oilR4do5J3qSuB9a+W/2 Qv2kLL9pDwt4t1230m08PJofiXUdKtrKCYSyPb2ywubmTAX5pZJnYlVA5Ayxyx+Ff2KNI/Y1+Ivx D+JPhn4QX+taBpHi/RmtdZ+GmtxywRRrlI5rmJzNIzMOVIWXcgkIwq7Qu9/wSX+EPw40rwh48+J+ n6JHD4otfFOtaBFfB5C66XGLOVbYKWKbQ4DZ27vegD9e7u8tLC3a7vp0toExukkYIgycDLHAGScU T3lna2zXt1PHDbqATI7BUAPQljxivgT/AIKl/wDJi/xH/wB7Rv8A072dZf7aTon/AATb8TM7BQfD mijJPczWgH5mgD9CbzVdL06wbVtQvIbaxRQ7TyyKkQU9CXYhQDng5qPSNb0bX7NdQ0G/t9StW4E1 tKk0Z+jISK/FT9p34bfETxT8Kv2X/G6+BdR+K3ww8K6DZS+IPC+lzSxzzzSafAIJ2jhzJIEGcbVO 3DKSqyk1qfsS+IP2Rn/aM1bXPgNe+IPhjrF1o8sOpfD7Vbd0hupYMyyXEReWYGSIAFYwwdVDlVCs 4AB+x+r+JvDnh94I9e1W001rltsQuZ44TI3ogcjcfYVtKyuodCCrDII5BBr+Zb4HeLPhZ8cofFvx n/ad+CHxH+NHijxZqNysF7oml3F7pGnWK48u0s5I7uHa0RLAjB2AKFwdxb9Kf+CZWo/E3T/DnxE+ G3izw/4p0Twd4Z1WKTwj/wAJbYTWd+NKvPO22pMnyP8AZxCpYRswQydlZQAD6x/ay+P8f7MvwK8R fF1NOj1m80oW6W1jJP5AnlubiO3BLYZisZlDsFGSBjIzkeN/FX9qHxj4X+LH7NXhHwqNNuNI+L01 +msOyNM8X2aG0kVbd1kAQgzsG3B+g6c587/4K0+BfCfiH9kHxB4z1nTkuda8KT2L6XcszhrZr2/t YJyoVgp3xnadwOO2DzXyN+1F+zh8PYfFP7G3wV8C2snhXQfFF3rD3v2CeRZsXkWlNeMkrs7K8sYZ e456Y4oA/TH4s/snfsk/tR+In8TeONBsfEOv6eq2815p9/LBchU6R3Bs5k3YHA8wEqOAQK9Y+HPw t+B/7M/g+TQPAOl6d4J0F5TNMXm2CSXaF3yz3Ds8jbQAC7kgDA4r8ufjP+zv8Lv2Q/2ov2a/Fn7P Gnz+EW8WeIv7A1a3hvLmeG8tJmt4yHFxJIeVdtwzhjtbG5Q1H7TT/snr+1nrupftAajrnxq11NPt rfS/Amh6ZcXKaEuxC7M0Vykckk3D7TtKl8spzGVAP2Yste0PU9M/tvTdRtrrTiC32mKZHh2r1PmK SuB35r5k/ZL/AGmo/wBpvw34t8SPp1vop0PxHf6PbWiXHnzPa2ccBWeQ4Xl2lb7qhQMDJILH8zP2 GtB8Iaz+1L8dfgfYeCta8F/C7xT4ahvJPB/iDzYbiETG3iYyRmRpI/NSeQr8+4Iyrn5RXsH/AASX +EPw40rwh48+J+n6JHD4otfFOtaBFfB5C66XGLOVbYKWKbQ4DZ27vegD7g/bT+Mvi39n39mfxl8X vA0VrNrmgDT/ALOl7G0tuftV/b2r70R42OElYjDDnB5HFe3+E/FMeo+AvD3irxDcQWcmqWFpcysz CKISzwrIwXeeBknAyTivjf8A4Ki/8mKfE36aN/6eLKvz/wD2cNbg/bd/aC0Lwl+0zBc6Dofw80HT tR8JeCLuJ47bVoxCqnULhpNv2g7AsgTbtZGwCY0lEgB+9uoatpWk2Lapqt7DZ2aAM080ixxAHoS7 EKB+NJZaxpOpaeNW069gurFlLi4ikV4io5JDqSuB65r8Gv2kfHPh74l/t4eJvAXxk8B+Mfib8PPh dptlFpvhrwnYy3cQvrq3hna7vYo5ocL++dFYEbgqL90MG6z9lu3n8P8A7Xf/AAjHwe+Efj3wJ8Ef iFo93ba7pHirSLm30221GKCWQTRO0k6IsqRrF88mSZGQDBQKAfuFaXlpf26XdjOlxBJnbJGwdGwc HDDIOCMU22vrK9Mos7iOcwOY5PLcNscdVbBOCO4PNfjB+zN8YF/Y1+Hv7SPwL8Yzb5fgjdXOsaCt webrT9UGbKMezztCW/2rnvX2D/wTr+E+ofDD9mPQtU8S7n8UePpZfFGryyD97JPqeHi355DCAR7g ej7uBk0Adp8b/wBp63+Enxt+Efwchsba5b4kXl7Fd3s1yIxp8FlEj58sDl5TIApZgAAeGyMfUWo6 zo+kWDarq19BZWSgEzzyrHEAehLsQvP1r8fP24vgX8J/GH7b37OqeJPD0V6PiBcatb67ukmX7dFp 9vbC2V9rjaIwTjZtz3zSxfCnwr+1Z+3b47+FfxUimvPhr8C9H0uz0Xw358sNq01zbxnz5RG6s+3L jOcsvlhjtBVgD9htO1PTdYs49Q0i7hvrWUZSaCRZY2Hsykg/gamuru1sYHur2ZLeGPG55GCKuTgZ JwBzX5EeEfA2lfsff8FDfBnwm+Dss+nfD34w6Lf3F5oLTSz21pf2EM8wuIRI7Mu4QKuTnAZxnbtC /px8X/hto/xh+F3in4X68ALLxNp1xYs5G4xNKhEcqj+9E+1191FAHoaTQywrcRSK8TqHVwQVKkZB B6Yx3qrFqmmTWR1KG7hks1BJmWRTGAvBO8HHHfmvwv8ADP7UHiPwJ/wTV8U/DrVmeP4neD9Rn+GU VqpJuPtUztFB5YHOYrTzFjI6tBXafH34N/An4GfAT4C/CH47+O7vSfDHhvdNqPhLSbWa5uvFepSb JZxvt5kdI47h2IYgjEm0OHKEAH7F6J4s8LeJWmTw5rNlqrWxxKLS4jnMZ9G8tjt/Gvjnwd+0J8TP Ff7VHx3+BkEGm/2b8PNI0260VjG6SvdXtlFORcyGXayeY/ZUwvU96/KeLU/hb4Y/a/8A2ffF37N3 wq8V/B7T9b1v+yb6bWbWWwttZtp3hjZYIpJ5twVJG3ngHchI3KDX2F4X/wCT4f2zf+xS0r/00Q0A fox8A9X+Kus/CPQtX+OMWmW3jSUXR1BdIkElgoW5lWHynEkoP7gRlvnPzbunQfPn7Z37UOr/AAT+ D2m+P/hBe6RrV7ceI9P0ecyH7ZCkV0JTIMQSptkGwYy3HPBr8tfDeu+INY/YE/ZW/Z70nVLjRdN+ MPiy/wBG1e6tvlkOnf25crLCH7bzKpx/HtKnKlgfRP8AgoV+xT8EPgZ8LvB/xB+DOlP4XntvEGma bf28d1PLDfwS7zG8qzSPmWJ0BDDqGbOeMAH7wX+oWGl2r32p3MVpbRDLyzOsaKPdmIAqjoviTw74 ktGv/DuqWuqWqHa0trOk8YI7FkJAP41+U/7dZ/Zvb4+eC7r9o7xTqniqwsNNc6f8N9Hsbi5lurmR 3xqEzwToOR8qowUvsGCVEgb5s/ZxuPBmg/8ABRHwxpPwd+HfiT4SeC/HXhq/S+0PxBDJZtf+TFcu LlIHllKxFokC/NwysVwGIoA/VD4G/tQW3xm+NPxd+GEdlbafafDe9sbCzmW5Es2ovOtw00oXAARf KXaq7iBkluQB9M3vijw1pupQaPqOrWlrf3X+qt5Z40mk/wBxGIZvwFfhJ8BPhx8LPgr8T/2wvit4 W8LW6at8DfOuPCm555FsC1jqAZApk+dHChWL7iFyQR1rw74N6P8AAXx18H38QfHH4C/Fr4neP/GQ nvL7xdYaRPdxtLKzCKSwnF2iMkahcFoyGYEMCmFAB/TRXyf+1j+0wv7NmgeD72102DVr/wAX+I9P 0JUnuPJW2ivN7SXTqAWdUWMgDKjcQS2Bg+ef8E4vEXxi1r9my10r43abrGn674a1K60u3fXrSe0v 7mwjSKW3ldbgBnAWUxBxkfu8ZJUmvnj/AIKtfC/wF4hs/g54u1nSI7nV77xrpHh+a4LyBn0u5FzL LbEKwUKzjOQN3o1AH1J8Rv2ivFvhn9sX4N/AzQv7Pn8JePtN1i8v7hkZ7gNYWtxNEYZVkCKu6Jd2 UbIzyK+v9I8QaB4gjll0HUrbUkgcxyNbTJMEcdVYoTgj0Nfiv+1R+zl4A8Rftkfs0/s7aJbzaB4N fRtYt2trG4lif7BAk9zPbCUsZAs6I8T/ADZKuwzXReJPgZ8Pf2R/29vgB/woK0n8L6X8RItY07WN Pjup5ra4jtYFKFhO8jH5pFbG7G+NWADZJAP2H1jX9C8O2wvfEGo22mW5IUSXUyQoSe25yBmtC3ub e7gS6tJVmhlAZHRgysD0II4Ir+da68d+BvjV+1P8YvFv7RXwp8efGTTfCms3Ph7w9p3hzTZr7TNK trOWSFzMqXEOyeURq+3oWLsQTt2/Vv8AwTyuvGHhX45fEj4deF/AvjXwb8Fr+yTWNAtPF+m3FqdO vEkijuLaGWRpI9spmd1XzGZkjDH5g5IB+wVFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAH/9L9 /KKKKACiiigAooooAKKKKACiiigDnvF3h+Lxb4T1rwrPKYI9ZsrmyaQDcUW4iaMsBkZwGzjNfkpo f7FP7Wv/AAxp43/Y98Ta74RuNLIsV8L3kUt7G6+XrC6ldfbW+zNhWUERhEYhvlJK/MP2Mrn7bxZ4 VvNWl0C01myn1ODIktUuI2nTHXdGG3Dp3FAHzt8dPgd4s+Jv7JOr/AXQbuyg8QX+iWWmxz3MkqWY mtvJ3MzpG8mw+WcERk9MgV4d8Vv2MfHvif4e/BTW/ht4ps/DHxg+CmmWNnY6g6yS6bdeVaxQXEEv yeZ5LtGdrGIkozKyfOdv1D4t1v412vx58C6H4Xg0h/hxe2t+2vyXEgGppOkMhtRap5qllMgTfiNs Lu5HUevat4l8OaDLbQa5qtpp0l422BbmeOFpW9EDkFjz0GaAPzs0z4D/ALbHxk+K/g/xd+0p4z0L wv4T8EXQvY9H8FT38R1S4QqQLp5iD5TFRkF2+QsgRSxev0uqiNT01vtOLuE/Yxmf94v7oYzl+fl4 GeccVnXXivwvZTWdveaxZwS6jg2ySXEaNPnp5QLZf/gOaAPyb8Efss/8FBfgl4z+JOp/BPxV4Att F8eeIr7W9mqNfzXCC4ldowdtltVgjAMAWGehIr1L4cfsX/Gjxd8bPD/x7/bG+INn421XwXl9B0fS bYwabZ3GVYTkskRYqyhwPLDF1Qs5CBK/TBmCgsxwBySe1c7pnjHwjrWoS6To2uWN/fQDMkFvcxSy oB/eRGLD8RQB8n337OPje6/bs079p6O+04eFrTwo2hPbGWb+0DcmWR94j8nyvLw4583dnPy19p18 k6z+1Da6d+15o/7MUdlarbXfh2bXLnVJLkblmE7wR2qR8AN+7LMWYk5ACjGT9WQX1ldTTW9tcRzS 2xCyojhmjJ6BgDkE470AfEH7T37MHxG8d/E/wd+0d+z34jsvDXxP8FwSWCrqqSPpupadKzsba58o M6hfNlwVQk7+qsqOvC+GP2Yv2h/i/wDG/wAH/G79r/XdA+z/AA8ZrnQPDvhdbn7HHfsykXVxLdAu WUorBQzcqmCoDK36LrqOnvLcQJdRNLaAGZA6lowRkFxnK5HPNUovEfh6e9t9Ng1S1ku7uNpoYVnQ ySxqcM6KDllB4JAwKAPkT9mn9nHxv8Gvjd8e/iV4nvtOutM+Kes2uoaZHZyTPPDFA92zC5WSGNVY +euAjSDg8jjP2pWHqfifw1ol1b2Os6taWFzdnEMVxPHE8p9EVyC34VuUAFfgt+zboX7WcHx7/ac8 X/sz6r4bmgPj/WbLUtH8TrdC3dxeXDw3UElr8wkTcyspKhlxncQu395pJI4o2llYIiAlmY4AA6kk 9q8S+E3gr4FeDNd8ZXvwjaxXVfFupzazrotdQe8ea+ndmkmdHml8rLOflQIgzwooA+MdI/YZ+Iif s+fGfSPFXiex134yfG9RLq2pyGWLS4pInJt4ItsTSLDErPyIsnIUKFVa+tdE+A9lqf7K2i/s3/Ed o7qOPwnY+HdRks3Yp5tvZx27ywO6q3yyJvjLIDwCVHIr3mbVtLtnmiubyGJ7ZPNlV5FUxx/32BPC +54pmka3o2v2Y1HQb+31K1YkCa2lSaMkdQGQkfrQB+V+hfs+f8FF/A/wyk/Zv8J+PfBk/gqG2k02 x8R3UV8mvWumEGNYkiRWhWRYztj5covSXIUr6N4z/wCCeXhmX9mTwb8Evhn4hm0HxP8ADm+TW9E1 +VN0n9rh2lklmRDwkrtwBkxhY8b9mG/QO/8AEnh3Sr+10rVNUtbO9vf9RBNPHHLN/wBc0Yhm/AGv kz9j34/eN/jw3xY/4TWGyh/4QrxnqWgWP2OJ4t1nabfLMu+R90nPLDaD6CgD548Zfsz/ALan7T9n onw3/am8U+E9I+HemXcNzqcXhRbz+0NaNtygka5QJEpbn5QoDfN5Z2oB9D+Pv2cPFPiL9rn4M/HT w9cadZ+FfhtpurWF1aO8qXbfbbSa3gFtGsTRlVMi7t0iYAOATgH7Eu72zsIvPvp47eMkLukYIuT0 GSQMntVKLX9Cn1WXQYNRtpNTgUPJarMhnRD0ZowdwB9SKALl/ZW2pWNxp14nmW91G8Ui/wB5HBVh +INfi7Z/sS/t1eBPh14i/Zb+GvxC8Mn4P6693FFeX8c41a20+9Ym4twiQMuZQ7BgGYHLFXj3YH7J 2/iPw9d6tPoNrqlrNqdsu6W1SdGnjX1aMHco9yK8f8Ja38a7r49eOtE8TwaQnw3sbWxbQZLaQNqb 3Dwxm5F0nmMVUSF9mY1yu3k9SAaXw8+B/hP4ffArS/gDbtJf6DYaO2jyvMAHuI5Y2Sd2A4BlLsxA 4GcV8h/8E9/2K/Gn7Jlt42v/AIk6xp+u654klsre2nsJZ5li07T42WFGNxFEysS+CihlCogDHGB+ gY8WeFTrB8OjWbI6qvW0+0R/aB/2y3b/ANK1NQ1HT9Js5NQ1W6is7WEZeaZ1jjQdMszEAfjQB+bH xy/YS174q/to+Bv2h9P1Owt/CGltpl3r2nzSzC6u77R3la1kjiWJoZBtMcZ8yRSqh8Zzg/pnWZpG t6Nr9muoaDf2+pWrcCa2lSaM/RkJFadAHxZ8Jv2cfG/gT9r/AOMP7QGr32nTeHviDaadBYQQSzNe xNaQwxuZ0aFY1BMZ27JHyMZxX2nWJf8AiXw5pV/baVqmq2lne3vEEE08ccsvOPkRiGbn0Br5M/aI +P8A44+Ff7QXwA+F/huGyfR/idqGq2uqvcxO86R2SWrR+QyyKqEmZtxZWzxjHcAsa/8As9eM9V/b l8N/tNW97p6+F9H8HyeH5rZpJRftdNc3MwdIxEYjFtmUZMobIPy4wSQ/s9eM4/25bj9plr3T/wDh F5fB48Pi2Ekv2/7X9pWbeY/K8rytoxnzd2f4cc19W6V4j8P67JcRaJqdrqD2jbJlt50lMTf3XCE7 T7GptW1rRtAs21HXb+DTrROGmuZUhjH1ZyB+tAHxa37LXirUv2sviZ8aNX1Kzj8I+PPBY8LxxW8s o1KKZ/IWSQqYhEqhY22sJWbOPl64+cvg1+zZ/wAFA/gd8O3/AGd/AXivwLYeC4prr7L4jaC9k1q2 gvJXkkeO3AWFpwXLIJCwX7vmEBcfrRZXtlqNrHfafPHdW0w3JLE4dGHqrLkEfSs7VfEvhzQpre21 vVbTT5bxtsCXE8cTSt6IHILH2FAH5OeGP+Cfvxj8M/sO/FL9k5dd0K81LxPr8Wo6NqDTXSQG0jur GUi8H2ZmilKWjHbGJV3MBuwN1e3ftFfsd+NviBoXwr8d/B/WdP8ADfxj+FSWMNnqVy0y2VzbQoqz 207xRPI0RbcyAxkFWkRlAkYj0L9q74/+OPgp40+B3h7whDZS23xF8ZWGgakbuJ5HW0uZYkcwFZEC yYc4ZgwzjivsG51LTrOeG1u7qKCa5O2JHdVaQ5xhQSCxyR0oA/PD4pfsyftB2Hxssv2rP2dNc0HR viDq2k2+neKdE1Y3M2i6iYY0GY540Wb5PLREJjiJCK2UJdWufCb9m39pHxR8Utd+M37VHjyFbu+0 mfRtO8P+Erq8t9MsobmNo3nJkKkzKHcoSHIdg+/KoF+kPhF4k+Md5rPxGf4yrotlo2ma5cQ+HpNP mUudJV3ETXp819k+3buBCYOflFexzeKPDVtf2ulXGrWkV7eqGt4GnjWWZT0MaFtzD3ANAH5Taf8A s6f8FF/Bnw61v9nfw94z8GeKvA2qx3tpDrfiD7fLrENle7/MV12yRs/7xtocTKOAGC4A/QH9mn4H 6f8As4/BDwv8G9Ov21VPD8Moku3Ty/PnuZnuJnCZbYpkkbauThcDJPNe4zTRW8TzzuscUalmZiAq qBkkk8AAdTWFYeLfCmq2ovtL1qyvLZpfIEsNzHIhlP8AyzDKxG7j7vWgD5a+JX7PXjPxj+2L8IP2 hdMvdPi8O/D+w1e1v7eaSVb2V9QtZ4IjAixNGyhpVLb5EIAOATwfNvh3+zn+0P8ACL9r7x18UfBm seHr34YfE++gv9atrz7QurQtbwyhFtgkZiyJZScs+GTghSK/Q4kKCzHAHU18l/A39qC2+M3xp+Lv wwjsrbT7T4b3tjYWcy3Ilm1F51uGmlC4ACL5S7VXcQMktyAAD6U8XeH4vFvhPWvCs8pgj1myubJp ANxRbiJoywGRnAbOM1+XHww/YW+NWofsxeJP2Q/j7rmgTeD7RQ/hXU9GFzJqFrd/a5bszXMcyRI6 bpANgbO0sm7kMPoL9iL9qDWfjv8As96b8U/jBe6To2rahqd5ZIIT9jgcQOFRUWeVyWOecMc+lfcq srKGU5B5BHQigD8otf8A2ff+CiHxU+HSfs9/FDx54OsvBUqQ2ep6/psd7Lr2o2CMN0bJKiQh3QYk ICbuhZgX3ep/Gz9iS+vtD+FWt/s169D4N8c/BWBbTQbi/VprW6s/LEclveGNS37wBizrG27fICvz 5X7vt/E/hq71aTQLXVrSbU4RmS1SeNp0Hq0YO4dO4rcoA/MtP2Yv2nf2g/id4J8aftg654atfDHw +uxqdh4e8KLdGK81GJlMc13JdgnaCv3QzfJlAF3uT+mlfFnib9obxjoX7c/h79nUrYReDtR8Fy+I bmeWNhdJdJc3MXExkCLEFhUkFM5yd3p9f6Rrei+ILQahoN/b6lakkCW2lSaMkdRuQkZH1oA/L/w1 +zF+2J+y7rHinQf2SPEHhPVPh54mvpdQtdL8UreLPo1xccOLdrYEPGqqoBZjnAzHu3M21B+wf8Q/ En7LHxF+E3xS+Jdz4g8ffEm7i1S71KSSeXTrS6trhbqGC3hcgiAyKQ5VEJDcINiCvrv4D+JPjHqX hrxPqPx9XRbG8s9dvItObSplaD+yESL7O07ebIFm3GTeCRgbflHf2KbxR4atr+10q41a0ivb1Q1v A08ayzKehjQtuYe4BoA/KvWv2bv+CgnxV+B//DOnj7xV4G8KeFbPS0077Xo0N9Nf6itnEFtoZvMV IooZGRPOeNFbGdsZBKHstW/ZD/aQsvgX8E9P+Hnjux8N/E74ORmExR3N3J4f1WEEKqXA8pHb92i8 tAfvyJ0KuP04urq1sbaW8vZkt7eFS8kkjBERRySzHAAHcmvib9oT9pjX/h/8TfgL4Z+HFzperaH8 TfET6VqVwf8ASsQIYB/o8kUoVX/enJIbtx6gHlHhb9mT9pz4uftA+A/jx+1dqfhWwi+GqzvpWmeF o7kvPcTADdczXPzBAwDhQ7jjaFXcxPz5/wAFLPhhoHxn/aD+CfgrwDrix+M/Gj3Ph/V4bKRXlGhR zR3DyzhCSqQHzmCsPnw2PuEV+n/hXXvjTP8AHfx3pHiuHR4vhrp9pYvoU0EoOpNO8MbXX2tPNJVB IZNhKLlccnqeM8Bfs8/sq/BX4iap8YPCunadpPirxlPcu2oXN+8rSvdyeZOtqtxMyJvfJIiUHHy/ dwoAPpvRdG0zw7o1h4f0W3W00/TLeK1toU4WOGFAkaL7KoAFfIv7cP7Ovjj9o74YaDo3w01ay0jx T4S8Q2XiGwfUd/2WWWzSWPy5GjWRl/1u4HYwJUKcAlh9m9eRXOWnjHwjqCXclhrljcrYMFuDHcxO IWJwBIVY7Tk4wcUAfnv8Sv2Xv2lfHF/8Nv2jNC8S+HvDv7Qfgq0nsNQ8tbmTw7qdlJNKy277kMyK I5Wz+7JLO2CpVHWx4Y/Zi/aH+L/xv8H/ABu/a/13QPs/w8ZrnQPDvhdbn7HHfsykXVxLdAuWUorB QzcqmCoDK36RKysoZTkHkEdCK+StZ/ahtdO/a80f9mKOytVtrvw7NrlzqklyNyzCd4I7VI+AG/dl mLMScgBRjJAPqu/vbPTbOe/v5kt7e3RpJJJGCoiICzEk8AADJr8Xf2I/gfB+0P8A8Ev9V+Dl7enS l8T3+oeRdbPMEU1teRzwOUyNyiaFdwBBIyAa/Tr9oP4X/Bn4w+Af+EI+OrRf8I5LdQ3AWW/fT1ae HOz94kkZONx+Ukg8HGQCO2+GHgHwD8L/AAHo/gX4X6fBpfhjS4illBbu0kYR2Ls3mMzM7OzFmdmL MxJJJOaAPym8b/sn/wDBQz4yfAz/AIZ5+I/jjwVYeGtItLeCCexW9a71drHYbVL2V4dscSsiuzxx byyDKtkmvbPHv7MX7T/hu/8AhZ8Sf2evG+n2vinwP4Ys/Duq6HrE92+gaittAEaWNY1yHLZ5KIWC xtuQqQ319+0V8ZLX4A/BnxT8WbiyXVH8P2pnhsmnFv8AaZSwVYw5VscnJwpOAeK+Uvjt+15448E/ s5/BT4w+CIdLk1P4i634bsNShlV7iC3j1exlurhItkqssiMqhSxOB1BJzQBP8DP2Yvjhc/tI3X7V /wC01q2gHxVHpH9j6bpfhmKdbOCFiSZJ5bgCR5ArMoBL8N9/Cqof+yJ+zn+0P+zV4/8AGnhfUtY8 Pav8JNf1TUtbtDF9oXWkvLwxLGGUxiEII48Ou9vm+ZW6ivva18R+Hr7U7jRLLVLW41G1GZraOdHm jH+3GCWX8RV+9vrLTbWS+1G4jtbaEZeWVwiKPVmbAA+tAHin7THwUtf2ivgZ4t+DV3fnS/8AhI7e NYrrZ5ghuLaaO5gdkyNyiWJdwBBK5wa/N7xv+yf/AMFDPjJ8DP8Ahnn4j+OPBVh4a0i0t4IJ7Fb1 rvV2sdhtUvZXh2xxKyK7PHFvLIMq2Sa/YTSdZ0fXrJdS0O+g1G0fhZraVZoz9GQkH860qAPzn+KP 7MH7RMWj/Bzxj8BvHNpo3jn4XaLbaTd6bqE902gaokdssMhZI1zkHeFZogWVl5jKKapfC/8AZk/a H8ZftM6B+1L+1Lqnhq21Xwfp01ho+k+F47jyv9ISaNpLma5+c7VmfaoZwSQRswQ1j9vz9rj4k/s9 jwl4M+Bul2eueN/EKalqc1vdxPcLDpGk2zz3EnlpJE24hWZTuORE4Ck4r6t+EfxYf45/ALQviz4D +zrf+JNH+028cxYwQ6gEKPDKV+bbFcq0b45wpxQB8N+Gv2Yv2xP2XdY8U6D+yR4g8J6p8PPE19Lq FrpfilbxZ9GuLjhxbtbAh41VVALMc4GY925m+o/2SvgJ4/8Agh4U1y6+LXje58c+NfF1+2o6ncNN K9lbu2SILOOXGyMFmJIRN2QNoVVA+B/2iv2iP+Clv7MXw9HxL+IsPw7n0k3kNjt0+K/mm82cMVO2 SSMbfkOTu9OK+oPB99/wUd0zU7rUvi7P8OrXwzaadqM001g95HNHPHaStauXuCIliW4EZlLEAR7j QB7t+158DdS/aQ/Z48XfBzRdQh0rUtcjtntbi4DGBZrO6iukWTYCwRzFsZgCVDbgrYwflDTv2YP2 qPGniz9nfxr8YtU8Km/+Depao17/AGZNeD7Tp1xBZRWvlK9vta4DW8vm5MaYKFTkkL9TfsefE/x1 8Xv2bPCHxO+KX2aLxBrKX0ty1tGYLdoor2eKCSNWJwjwIjhs4YHd0Ne/6N4p8M+IzKvh7V7PVDbn EgtbiOfYfRtjHH40AfK37Tn7PXjP40/Ej4HeMPC17p9rZfDTxPHrWpJeSSpLNbo8LFbcRxSK0mIz w7IOnzV8/X37NH7Wnwb/AGjviN8ZP2ZtS8I6tpXxTkhnvrbxV9sWazni3EeW1quWjDuxGH5UhSmU Vq/UesXWPEfh7w6sL+INUtdMW4bZEbqdIRI/91d5GT7CgD87/wBnD9kv9oD4W/tVeJv2ifir4x0f xefHOhG01RrZJ7We3v8AzoGjitoDE0bWsMVusSO0quRyUBHO3+yJ+zn+0P8As1eP/GnhfUtY8Pav 8JNf1TUtbtDF9oXWkvLwxLGGUxiEII48Ou9vm+ZW6iv0FuL6ytFie6uI4VndY4y7hQ7t91VyeSew HJrPtvEnh281WbQrTVLWfUrYZltUnRp4x6tGCWH4igD57/bL+Cvin9oj9m3xh8HfBV1ZWWs+IPsH 2ebUHkjtV+y39vdP5jRRyuMpEwXCH5iM4GSPDf2iv2O/G3xA0L4V+O/g/rOn+G/jH8KksYbPUrlp lsrm2hRVntp3iieRoi25kBjIKtIjKBIxEP7Xv7S/xf8ABvxb+HH7PH7PUugW3inx0L6a41LXWdra xhs4/MwVjPysVV2JZW6ABctkdX8Y/jB8avhronwI+G8WoaXefE34ja/Y6dqlzawNJY/YoIzLqlxb RybW2xqU2kgHBzgHigDjvil+zJ+0HYfGyy/as/Z01zQdG+IOraTb6d4p0TVjczaLqJhjQZjnjRZv k8tEQmOIkIrZQl1bovgR8Bf2l5/jfeftC/tP+NrObUY7E2Gl+G/Dc12mi2sbghpJUm2+Y4DNgMHO W3F/lULL46+NH7Rvwz+Dfx8+JXi+z0FZfBt7eP4SFsftCyabHKVhN+iTlhNsK7lzGc5+UV9M/Bj4 gXXjb4F+APib4ultrO98S+HtJ1S8Zf3NutxfWkU0gQOx2rvchQWJxgZNAH5Jftw/B3wn8df25PhH 4J8E6wlxe+NrD7P4xtbKUFf7E0q6jvUe4KEjMoR1Td/FFF/s1+4sMMVvElvboscUShURQAqqowAA OAAOgr8vPCtl+zh+yh+194P+Enwg8FWGn33xSsdSv9W1+fUZriS2t7eGa5jtoFmdxGsssascMoK7 flY7Sv6j0AfBn7Y/7Onxl+K/jP4U/F34C6vo+n+LvhfeX00UGtiYWdxHfrCrZaFHbK+Tjbgbg5IZ SoB4rx9+zH+0lofxgsP2pfgD4g8PWHxF1vRbPTfGGjaqLptD1Oe3hjRpYJI185dpjRYwQh2oCXG5 1b0f9mj9pnX/AImeKfjnp/xMudL0jS/hv4zvvD+nTL/ooNrbyypGZ3mlZWkIQZI2gnOFr7bt7i3u 4I7q0lWaGUBkdGDKynoQRwRQB8CfBT9l/wCLt38fJP2p/wBqXxDper+NrKwOmaHpegJMulaTbSq4 lKtcASvIwkcc5xvclmyuz9Aa5q98Z+D9N1SLQ9R12wtdRmOI7aW6iSdyeyxswY/gK3bu8tNPtpL2 /nS2t4QWeSVgiIo7szYAH1oA/MPxT/wT91PXv25bH9omDVbKP4dyXdnr2o6MZJhcS69YQSRwTLCI jAUEhSVnaQNlpF24OT3/AO1l+zL8YvHvxi+HH7R/wB1bR4fGXw9juLddP8QLMdPuYZw4yDCrMrgS OD90nKsHVkGfu7RvEGg+I7Y3vh7UrbVLcHBktZknTPpuQkV8a/s0ftM6/wDEzxT8c9P+JlzpekaX 8N/Gd94f06Zf9FBtbeWVIzO80rK0hCDJG0E5wtAHzp40/ZO/bT+Mnxa+Fvx0+K3i3wgmo/DzXbS8 h8O6aL6HTobBJo5rl0uZI5pZLubykQqyCMBQQ46H6A0b9mDx7p37Rv7QHxen1DTG0b4raHZaZpcK yzG5hmtrCO1drpTCEVC6Ego8h29QDxX3Nb3FvdwR3VpKs0MoDI6MGVlPQgjgipqAPy30v9gPxZc/ sUeAfgNrHiS00j4lfDXUbnW9F1rTXlls4NRN/c3UGTJFFK0ZjmUN+7BVwGAYLhvOfjZ+yx/wUG/a i8O+H9B+LninwNpFl4W1C2vY7PS/7QRNSnhJRrm5keKTYyxs3loiBSWbKpwR+x1FAH5s/Gj9mj9o rR/2qh+1f+zTqXh281TUtGTRtS0vxP8AaRCI1KDfbvbgsNwjQnDIVIblw5Uc14O/ZK/aquP2uPA3 7V/xd8Y+G9bvtNtr2w1PS9PS7tbewspbeaGCHTS8UjTgPO8rmYxHcSAWzkfqXRQB+aei/snfG7wr +0t8UvEGnaj4e1f4N/G1j/wk1jeG5j1ZYWtZ4WitvLjMYO+dvmMmGTqFYA1wng/9nb/goT8AfBV3 8DPgb418H6x4GDzpo+qa4l5FrGlW9wxcqqwo8JKM7FMiUZ5AVcIP1nooA+f/ANmT4Kan8AvhHpnw /wBe8UX3jLWEeS6v9TvppZWluZsbhEJXdkiQAKi57Fj8zGvMv24f2dfHH7R3ww0HRvhpq1lpHinw l4hsvENg+o7/ALLLLZpLH5cjRrIy/wCt3A7GBKhTgEsPs2igD8+LP9nj9oLxd+0N8Cf2g/inf+HF 1H4f6XrVp4gg0yW6Cyz38N1DbmySWDDKFljMnmOhBDbdwAz6D8c/2evGfxN/aS+Bnxi0G90+30b4 ZT6tLqUNzJKt1ML6KJI/sypE6MQUO7e6YGMZr7GooA/NHxH+zJ+0v8Gvjh40+M37IOu+HZdO+I8o vNc8O+KFuhbDUMkm5t5LbLFnd3cgsgG4j5xtC+r/ALLXwC+NngPxb4w+MH7RPjkeJ/GfjEpH/Z2m zXA0TTLaPGEtoptoLEKg3eWCoXGWLMx+16KACiiigAooooAKKKKACiiigAooooAKKKKACiiigD// 0/38ooooAKKKKACiiigAooooAKKKKAPIfj/4f8eeLPgl458NfC+8Nh4s1PSLy30yYSeSy3MkRCBZ cjy2b7qvkbCQ2eK/nY0/Q/2WfB/gTw58M/2g/hp4x/Z/+J+lSWxXxxFFdXCS3kMitLchvMQkS4JU RxSCLOUf5fm/o8+MPw9k+K/ww8SfDqHWbvw9Nrtm9vFqNjI0Vxay8NHKjIysQrgFlDDcuVJANfmJ r37M3/BQ/wCIPwhH7L/j/wAWeBrjwM0dtZT6+0d9da1LY2siNH8kiCNpgEGSwVif+WufnoA6r4nX dtqH/BRb9lC/s9TXW7e58N69LHfptK3aPpd0yzrs+XEoO8beOeOK8v8A2UPgJ8MP24rr4pftGftH WEvi/U9R8S32h6ZaXE88EWl6bZJG0UcSQPHtcCUDnJG3d953J+sX/ZE8Q6L+0L+z14/8JajZf8Id 8GPDt5oM8V1LKNQnEmny2UDxIsTRNy6l90iYGcA8Cvl34beEPiBpHxK+LN5+wV8XPDMHhq81u6k8 R+H/ABTZXcL6FqwZkuZbZfKBZMjCscREKEJbywaAPIfgD4Dj+F/gT/goJ8O7fUZ9VtvDuj3Vlb3F zIZZ2todM1VYFkc9WSLah6D5eABxWp8H/wBhT4HeO/8Agn8fix45sLrWPHuoeGL7U7bV5r65Mll9 iil+wwQRiTyhDDHGi7CpyMjgbQtr9hX4Y+JviF4I/bL8L6b4oi8WXnjaW70G28STq0NpqOoy2t/H JcnYJSIjJco52BsIwKg5Ar9MPhX8DPFngf8AY+sf2fdWu7GXxFbeGrvRmuIJJWsjcTxSorB2iWTy wXGT5ecZ+U0AfnpfeKNB+IP/AATD+FepfHn4r3fgjRryWODU7iGCS91DXLaxubmBNNQJIshaWOJS zkOBsDOCobPxp+0JqvwA8OaZ4C+Jf7KXwc8Y/DLUfDviCwEfii/tLiy0+5jYORAsk1xMZZHKhskA lQwbIav0P8QfsA/Fy5/ZY+Cvw90HxHo1t8SfgxqkurWrSmefRbuR7x7kI5aFZOP3ZBaHHDoRhtwy P2g/2T/29f2s/BllY/FLxZ4I8OS+HruC+03RtJS/+xXV2vyPPe3MqSyI0cbP5Sxo6neQ2371AGH4 3/Z2+C/iH/gqtp+g6z4XhutP1fwe/ia7iaWYCXWPt0w+1EiQHd8i/KCE4+7Xs/7FH/J3v7YX/Ye0 T/0C+rqPjx+zp+0hqf7Tfg79p/4Car4cttX0/wAPr4f1XT9ca5+zmIzyzO8MkETM+fNIGQhUopw2 4qOb8Vfs0/tYfC79o3x18a/2U/EHheTS/ieLVtX0zxOt0Ft7q3Qos0ZtVJcKWd1O5ceYVKOAGoA8 4+HDo/7V37cJQhgNE04cc8jTJQR+BryT9gL9ln4R6f8AsyaB+2P4u0+613xvoKavrGmtLdTGG3i0 h7mCGBYFYIVDQmQZBYMRggDFfU/7PP7G3xq+GHir46eKviR4t0vxRqXxb0uCNLyHzoXGoPBN9p82 HyQkcCTTFIfLZyYlBKIfkH0b+yL8CNd+Bn7L/hf4F/ESWx1S/wBKi1KG9axeSS0ljvr24uAqNLHC 5HlzBWyi85xkYJAPw8+BNz8Gvip4C1X4k/tI/Av4ofGTxx44urya48Q6VpNxdafFEJWiji06aO7i UCLbg/J8jAxj5EAr9T/+CZ+sfFlvg1rvgn4paR4h02DwprM1roEniayms9Ql0WRVe3WQTD5zEdyn azKg2op2qK878F/s1/tz/sw6ZrPwv/Zk8VeEdc+Hl9dz3Gk/8JOt4uoaN9pYu6J5CtG6gnOW3hmy /lruZT9jfso/AnxP8Avhk/hzx34yvfHPijVbyXUdS1G7mlljE8wA8q2WVmKRIB7FmLMQMhVAPBv+ CjUfwqu/h54SsvjX8Rbrwf4OOsxzXuj6fbS3N74lWEA/YU8mWN0TBJZyrIrMjHDBM/lp8QdV+C/h r4w/A74hfswfCLxd8JfL8V6fYT6vqlnPYWOqW9zKgMEYluJvNJQNu4G5GYPn5a/Wr9s79mP4m/Gf xJ8Mfiz8F9Y02x8afCvUJr2ztdaWRtOu1naF2EhjV2VlMC4woyGPzKQrD52+Mf7J/wC3R+0bqPgz x18TPFfgvTNS8C6xZ6hp3h/TBfx6a6xuJJpp7uSOeb7QSiIiiNowpYhlJO4A5L4h/Azwl+0J/wAF S/EPgb4gm4ufC9l4Ks9UvtOhuJbeLUPs00EcMM5hZGaNZZllxkfMgrovg98PPDH7Ln/BSHX/AIXf CeO40rwP4l8CHXLjR0mluIUuobjYGjWRnYsPKbbliR5jKMKQB9haB+z14z0r9uTxL+0zcXunt4X1 nwfH4fhtlklN+t0lzbTF3jMQiEW2FhkSlskfLjJBd/s9+M5/25bP9plL3Tx4Xt/B58PtbGSX7ebs 3LzbxH5XleVtYDPm7s/w45oA+D/2Nf2YvhX+2d8L/E37SX7SNlL4u8YeP9Wv0S4e6mh/sy1tm8mG K1WF1VChBKkggKEUDAO71j/glH4bufBvhT41+ELy+fU7jQ/iBqVjJdytukuHtooomlcknLOV3E5O Sav+Hf2Zf2x/2bta8V+D/wBk/wASeFJvhv4qvZtQtIPE63bXeg3FyAJfs/kIUkQYGwPvU4G5M72f 2j9hT9mH4hfsveE/HPh74i6/Z+JbzxJ4juNWhvrVpjJNDLFGgkuVljTZM7IWdVaRQTw7daAPLP8A grnLLB+x3fzQO0cset6UyspwysJGIII5BB6Gvj/9uL9jr4efsx/CH4e/FD4N3WoaH8S7bxJYWF54 jF/dPe3s19DOZriQtKVWRpV35QLwWXBBr9NP26v2evGf7TvwCu/hX4CvdPsNWn1Cyu1l1OSWK38u 3YswLQxTPuIPHyY9SKP23P2evGf7Sfwu0HwT4GvdPsb7S/EenavK+oySxRG3tFlDqphimYufMG0F QDzlhQB+f/7VP7Lfwm/ZM1j4A/FH4JWdzo3iePxzpWlX1+15cTTalFdB3me58x2UtIY2D7QoZZGU jbgD1TwnpvijWf2+v2vtI8D3g07xHfeENIg0y6JKiC9l0m2W3lJHI2SFWz7V9W/tjfs9+M/2hdG+ HGneDL3T7KTwh4x0zxDdnUJJY1e0s0lWRIvKilJlJcbQwVTzlh35G0/ZO8YXf7SHx8+KGsa5Dp/h v4t6DYaPYSaZczx6vZSW9lDayTn92iRsrxl4ykrZ43AcigD8ZLHwp+zt8OvhxF8Lf2uPhJ4v+Fvx HiuHYfEGBLi9SS8FwZBcqwlRHXb8mIlmBwXVg/zV95ftm+AvGXjjw3+z/wDEHRtI1L9oX4R+GbPz dasNNnkS61h3t41t9RkS3y8pYAu21TtO9G2iQkbcv7Nv/BReX4Q3/wCy/qPjDwPrfga9tpdOPiDU Vv5tZOnSswKFGRozKqnCbgxXAxLkBh6n43/Y1+MvgTw78Ir39lfx+un+IfhPp7aa1lrclwukaxFI G8ySeCDzAsjNJIQNp4ZQHUxq1AHhX7Dmsfsk337Suo6l8Ar7XvhhreoaS9tqHw+1eB4oLmaImR7i NpJZhviABVAwdVDkKFZwP1T+N3ja7+GvwZ8d/EPT133fhnQtS1KEbd4MtpbSSpkdxuUZzxjrxXxV 8L/2ZP2h/GX7TOgftS/tS6p4attV8H6dNYaPpPheO48r/SEmjaS5mufnO1Zn2qGcEkEbMEN+hPif w5pHjDw3q3hHxBB9p0vW7Sexu4skeZb3MbRSpkcjcjEZFAH4+/s4/sFfBr9oj9l21+KHxeW58QfE z4m21zqs/iSa6nNzaXVw8ggaKNJFjIhwpKMpDHIPy7VXz/8Aa1/Z/wDEi+K/2Mv2dvHnji88S3TX mv6Xea7CjWN5PYl9P3KMyTEOLb9zvLsWxuYckV7j4b/Zq/4KBfBjwBefs8/Brxz4Rvvh87XMOmaz q0d5HrmmWV0zM8apEjwllLsUJ8znoUXaq9rY/sE634J1b9mC08CazZ3WjfBG61e61me/eWK7v5dU NvIz20cccqf6yNwEkkXYmxQzYJoA8J+M/wCzv8Lv2Q/2ov2a/Fn7PGnz+EW8WeIv7A1a3hvLmeG8 tJmt4yHFxJIeVdtwzhjtbG5Q1eOfE7x74T+MP7bPxQHx6+G/jf4ueFPhtJDo+h6D4X0+W+sbKUhh Nc3iRzwFXmaNjGckSDOeI0A/Uv8Aac/Z68Z/Gn4kfA7xh4WvdPtbL4aeJ49a1JLySVJZrdHhYrbi OKRWkxGeHZB0+avKfiP+zH+0D4A/aD139pD9kfX9DhvfGlvFF4i8P+JFuBYXctuoWO4iktgXEmBk DKbWLneyuUoA+V/2SvE+v/CD48/EJPhp8M/Hfgr4Iah4cu9Zj0vxVpd1bxWGsWCeawtpHeZFSaMO MGTe5Kg8RrWx+yF+x58Jf2tP2fp/2gf2jILjxj48+J9xqU8upy3U0Ulgtvcy2kSWqROsabDDvUFS oBEe3Yu2vrr9nr9nf482vxH8V/Gv9qXxpb69rniWx/syDw/ostyug2NodobbFNt3SFV2j5fl3OSz s+V8P8Jfsz/t0fs26NrXwk/Zk8X+Er/4eX93PcaTN4iS7GqaItyxd0jESSROFJJBYSbmy+xNxFAH zv8AtdeDvGf7J/wt/Zf0bxFr9z8U9Q8BeOYb20Zbdra5uoLWSOeCxRTJcszDb5UbZJxtAXgA+vfs FaXpf7THxU8aftLfH27fVPi94S1N9Kh8O3cJhg8KwIT5Qgt5CTvJEiiRgGV1cnMhZz20P/BPbxP4 V8HfALwr4Q8RWepXHw38b2/i/wAR32ovNDJfyedFLcfZUjjmy22MJGsjKCACzgk16748/ZZ+Iei/ tbeH/wBqP9n7UdL0ttUi+weNNL1GWe3h1S0BRRLCYIJh9oCAH5tq7442yd0mQD8/LD/khf8AwUH/ AOxy1n/0slra1D9hj4JP/wAE7z8bdWs7u/8AiS3gy38VLr819ctcpMlml3DAqmTyhFHEFgVdnCgE EMAw+pbb9ir4pQ/Db9qTwc2q6Mb343a/qGq6K4nufKt4Lud5UW8P2fcjgMAwjWUZ6E19Jah8DPFl 1+xSv7OEd3YjxKPAsPhj7QZJfsP22PTlszJv8oy+T5gyG8rdt52Z4oA/N34j+MPFvx++HH7G/wCz z4r128h0j4t2cd34puI3KT6jDpcEDrE03UtKd7P/ALexyCQKzf24v2QPg38AtV+C/jv4M6c/he31 Dxvoul6hpsNzPLbXbBnmt7lkmkf97CI5E3DqJDnnOfXfjp8EfCfgT4H/ALOPww8cfEW1+Hvxh8GS wW3hPXYoLi6019TgEKzW8sphASCZvKO6ZUBKjKsu9D86ftZ+H/2mNW+KvwD0P4+/EDw5ruu3fi/T Y9L8OeF4JliEJmTztSuXmCvu/wBWqgrsAZyhUB9wB/QPcQQ3UElrcLvimUo6+qsMEflX4y/sHfs+ /B3RP2u/2hdQ0vw1DBcfDTXbO28OuJZj/Z8N3DexTqgLkNvT5SX3H0xX7QV+eHw7/Zz/AGh/hF+1 946+KPgzWPD178MPiffQX+tW159oXVoWt4ZQi2wSMxZEspOWfDJwQpFAHwT/AME3v2HfgX8fP2cL vx58aNMufEd7faheWGnqb65gj022h2km3SGRFEjyszsWDA4XgZbdzvhb48/Ez4Vf8EtvGNtoOuXf 9qaR4wuvB2m3+9jcWlg3lSERSA5jIQyJGQfk3DZjC4/WH9hX9nrxn+zF8AbP4V+Pb3T9Q1a31C8u ml0ySWW3KXDhlAaaKF9wA5+THoTXhPw6/YB1F/2U/iJ+zj8XNWsvtHjDxJfa7Y32lNLcLZtL5DWr ss0cBZ0eE+Yg+UoSofnIAPzl8W/D74KWfweh0n4P/s6fGXw/8V9GiiudN8VtoV1FcPqkWGMs7x3b 7UlbOdkeUBygyOf31/Z98UeM/GnwR8D+KPiLp8+l+KdQ0m1fVLa5t3tZkvQgWfdC4Vo9zgsFIGAa /PvWfgX/AMFLvGfgC1+AviP4heENM8MIkVrdeKNOOoDX7iyhZdoI2onmlVAcr5ZcZBkOWLfp34G8 J23gTwZofgu0vLrUYtEs4LNbq9lae6uPJQIZZpG5aRyNzH1PGBxQB+Rv7TnwQ8NftA/8FPfAfgHx tLMfDi/D9L3UbWGV4Dew22oX5W2d4yrCNpShfByVU4IOGGpqnwx8MfsZ/t4/B6w+Bccuh+EvjFb6 lpus6FHNLLamaxjVorlUkdirBpUIP8IVwuA7CvX/ANpD9lj9o7xr+1d4a/ab+A3irQvD914U8Nx6 XBBq32mQXlyt1dSSwXEcURUWssNzgurmQOPlQHDrs/Cf9mn49eLv2hNO/ab/AGs9b0S41nwtZS2X hzQvDi3H9n2P2hWSW4d7nDtIyswwd+SQd4CKgAPhP4Vf8o5f2tf+x08R/wDorT62tQ/YY+CT/wDB O8/G3VrO7v8A4kt4Mt/FS6/NfXLXKTJZpdwwKpk8oRRxBYFXZwoBBDAMPqXwV+xV8UvDn7J/xx+B N9qujPr3xM8Qatq2mzxz3Js4oL9LVY1uHNuJFcGBtwSNwMjBPOPpLUPgZ4suv2KV/Zwju7EeJR4F h8MfaDJL9h+2x6ctmZN/lGXyfMGQ3lbtvOzPFAH5nazrfiH9qa//AGPv2bviRq93L4X8YeGf+Ei8 SBJGjk1eTT7WRoo5ZVIdiTbsXwwOZN/3lQjS/aF/ZU+Ff7Pn7Wf7M3iP4P2LeH9K8Q+K4YLzS0nl ltvtNtJAY7iNZXcq7IxR8HHyr0JOfo/xL+xH8TV+DvwQvPh74m0/QvjP8ELKO3sb4mWXSbtXjEdz bykxCUxSAYDeXnaXUr8+V5XV/wBl39tf4zfHL4UfGv45eJPB9na/DrWIbpdD0U3ywpbK6STzRvNH IXuZTGq7GYIFUYcHIoAx9D/5Pr/bH/7EvS//AEz29eL/ALFP7CfwO+N37F1l8RfilYXOu+JPEFtq sWn3kt7cqdJgsrm4t4I7WNJBGqrLG0xDIwZnIIK8V976b+y/4+s/2k/j58YpdQ0w6L8VPD9npOmQ iWb7VDPb2EVqzXKmHYqF4yQUdztxkA8V6H+yL8DPFnwC/Zc8M/BLxjd2N5rmjRanHNNYSSyWjG9v bm5j2PLFE5ASZQ2YxyDjIwSAfkVp/wAZPiVqn/BMv4R+BLbxDc2l/wDELxaPBc+pklpotIe4uAY/ MJyMIqRAZGYgVzjNekf8FA/2EPgH8E/2UdT+IHwg02fw1q/hk6fbXcqXk8h1a1ubuGBo7tZHKO3m sk4IUYZOABgDufFX7MXgn4H/APBPfSfgl+1J4ztPDF5Y+IGudM8Q6RFeX9vYarPLNLaSYEEcu0xl 45GKKAGOHB2tXz/+3vpP7WEf7OVlY/Hv4seFta0p7uxj0fT/AA5bym+8R3LOAktyzLGoWOPzJf3I MZcKCNxQqAfvf8PP+RA8M/8AYMsv/RKV+RXjf9nb4L+If+Cq2n6DrPheG60/V/B7+JruJpZgJdY+ 3TD7USJAd3yL8oITj7tfsJ4R0+40jwpoulXQ2z2VlbQSD0eOJVP6ivhH9oL9nP8AaH1H9qTwp+07 +zvq/h6K/wBO0L/hH9QsfEH2hYmt/tEsxkja3jkJLCXGPlKlFI3BiAAfN3wG+Dfgr9t34+fHH4q/ tGW0viqy8HeI7nwxoGjXE8sVrp9raMyl/LhdPndQme2/ex3MQV7z9k3Spv2d/wBtz4ofsk+EdQub j4cvoMPijSLC4le4/suV5bdJYYmdiQjm4bOeWCoWJbLN22t/szftNfBT42+Nvi5+yFrnhyfSPiTc fbta8PeKVuhbx6iSWe5tpLXLEu7u7AsmNxXDgJt9P/Zf/Zd8Z/DX4geM/j/8c/Elt4q+KnjpUtrm bT0aPTrGwi2bLW1WRVcr+7TLMBwiDGQzOAY3/BS/wL4T8X/sgeN9V8Sacl9d+F4F1HTZGZ1Ntdh1 h81QrAE+XI64YEc9M4r87/2ofg74P8F/8E8/2ftF+GliPDtz408UeE9SvJ4JJS76pqGhzpJdbnZi rkhT8pAGOAK/Z39o34UXHxy+BvjT4TWd8mm3PiXT5LaC4kUtHHMCHjLhedu9QGxyBkgE8V8Aax+y L+1l8Rf2cvhv8HPiPq/hIap8NPFmh39lcWc16sUuh6PZSWoSRjbEtdFnBGEVGXqVI5APEv22P2Sv g7+yP8MPA/xw+A1pe+HvG/hjxHpkLap9vuZp75ZhJ5rXAkdk3yMMsUVQQWTbsO0O/bQ8e6f8Qf24 NP8Ag98UfCXi34gfDfwJocWpv4Z8JWkl3Le6hc7SLm7jjlhJgjWVE3hvlYBB/rHz+h/7cn7PXjP9 pn4L2/w58CXun2GpRazY6iZNSklig8q137wGhimbcdwwNuPUiuM/aJ/Zf+K+sfGzQP2of2ZvEem6 B8Q9JsTpV/Z60kzaXq1huLCOZoA0ikZxwvzYQhkZASAfDnwDnm8C/tk+ENT/AGbfg58RPhv8N/Fs E+n+K9N8QaNdW+lrMI2a2u4iZbhI2VwoZnZdoyF4kYV+7lfnn8JvgP8AtWeKfjzp/wAev2ofGmnW kPh61lttL8L+FJ7xNMLShgZbsTFfMK7icHfuYISwVNh+yvizpnjvW/hl4o0X4YXVrY+K9R0+4ttN ub2SSK3t7mZCiTO8Ucrjy87xhDkgDpzQB+Hvh/8Aav8Ahbqf7dfxR+O3xG0jW/EegaFZv4Q8MrpW mPqVv5ETFLuVmBCr5nzso5ylwcivXP8AglN8XtG0/wAT/E79mWz+22+kaXqFxr/heLU4Wt7v+yri URyRvG5ypTML4BOWkkOcc1+g/wCxx+z237MXwA8PfCq+mt7vWbYzXeqXNqWaGe+uZC7sjOqMyouy NSyKSqDIBry744fsvfEHxJ+1f8LP2oPhBqGmadfeGUfTvEUGoSzwm+0tmI2w+TDMHl8qacDzNoBE Rz8vAB49/wAFiP8Ak0Jf+xi03/0Cev1Nuba2vLaWzvIkngnRo5I5FDI6MMMrKeCCDgg9a+Mf29f2 cfG/7UnwJHww+H99p2n6qNVtL7zdTkmit/KgWQMN0EMz7jvGBsx15FfalAHwR/wUU+F/xT+I/wCz FP4P+C9jLey2uoWU2oaRZSfZ5b/SLcP5tpDjA+95bBADkJhVJwp/Ob4R6v8AsZH9oH4bPoHh3xR+ y78SdFvo4pNOvobj7HrCyMiixmlnlJVZCDGXeKLfvIbLbCv63/ta/Azxr8efhjBoPw18Y3PgjxZo uoQappt7FNLHA81vuAhuhEctE27P3W2sqttYAqfkLxH+zD+2V+0x4j8C2P7VWseDNL8IeBtWh1Zl 8NRXb6jqE9vkAF7gBYkkB2sUZMfe8skLgA/VuWRYYnlbJVAWOBk4HPAHJr8UP2Of2cvhb+234G8W /tL/ALS1jN408R+M9Yvba1E11PAmmWFttSGG3W3kQIVycHsoUAfeLftlX5WaD+zH+2R+zPqni3w1 +yR4i8JXvw+8VahNqVpY+J0vFudEuLnAkFubdXWSNVVQC5bOAfLzuZwD5p/bH/Z78ZfAL9jv4Z/B ub4g3XiZovihpw0XUHha0udMtp7O9EECuJpCxgfLo4KYLYVVCitT9t39k34Pfsm/DTwH8bfgLY3X hzxp4Z8TaZC2pi9uJpr1JhIZGuBI7KXd1BYqqggshG04Hs+sf8E7fH0fwD8JfD/SvFVjrPjQfEO1 8d+JtU1FpoILqVYp0njthFDK2R5i7A4UM29yU3BR9Uftxfs9eM/2mPg1Z/DvwJe6fYalb61Yak0m pSSxQGG1371DQxTNvO4YG3HqRQB8O/tL/s5fBTxT/wAFI/g1oOv+FoLyw+Idjr17r8TSzgX9xaWN w8LuVkBUo0aEBCoOOQea+idE02x+IP8AwURXTdLiC+Hf2evBsNnbxrllt9V14YUAnPWwG31+WvWv iV+z34z8ZftifB/9oPTL3T4vDvw/sNYtb+3mklW9lfULWeCIwIsTRsA0oLb5EIAOATwb/wCy58F/ GHwuvfin44+Jj2reJ/iP4qvNXc2spljh01QI7C3LsqEmJN3bjdigD8u9M/5IL/wUF/7HPXP/AErk rhP2cvEf/DYfxG+EHwB/aHF34W+H/gzwjplz4c8Nyo8MPiq40y3S2e7mmbb5sbeVK8aKCPLVlVs+ Yz++/AT4baz8d/AP7bfgDwVd2kd14w8d6zb2N1cyOLQs9xI6s0kSStsKkHKo3UcV9J/GH9iPxX49 /Z1+D/h7wjrVjoHxk+DWnaLDpOtq8q2guLCCCG5jMohaUwO0XmRkw53KuVAZxQB88ftCfs2/A7xL /wAFJPhH4S1nwlazaN4x0HU7jVbRWliiuZdPs547Y7Y3XYIlhjCrHtXCjjrX7VIixosaDCqAAPQC vzZ+PX7On7U/jP4j/CL9or4Yar4V0/4leBtLudP1S0v3u5NIlkvImjle3dYRKyHzZMK6IwG07iQc /o9ZfbDZW51ERi78tPOERJjEmBu2FgCVznGQDjtQB+Ff7Ln7Jfwl/aK/aG/ad8Q/GfT5vEOl6J49 1m1sNNN3cW9rHPcXly09yy27xsZdgREO7AGcgnaV9J/Y5s2+Gmn/ALXHwL0vxnN4S8H/AA+1OZNH 1O8c3A0KC8ju98673TPlCJX+8MuNx5Y5+z/2WP2evGfwP8Z/G3xF4rvdPu7b4k+ML7xBpy2Uksjx Wt1LLIiXAkijCygOMhC65zhjXjlr+xB4v1cftS6V4p12xs9O+Ot3bz6TNZPNLPZi3M7qbuN44l++ 6bkjdwy7huHFAH5garoX7E2pfAHxF4e+HHw08b/FzxjBp1/cTfEC30q7gtjfxq8jX80k1z+6gRhu aNkOVBDZclj7P4t8N/Gz42/sMfs0eNE0HUvin4a8OXNxN4q8PWlzKl7q1raXJt7TJjzLJ5UcTodi s/zhuxYfSWh/s2/8FAtV+CMH7LfiTxX4G8MeBbXTP7Ek1fSoL251e505Y/KEIjkEUA81P3cr4V9r EjLZLWNI/Yo/aa8Jfs+/B/w/4E8e6d4f+JfwgvL+WJYbq8k0DVrW8unnEd0phjfcqtsyYWGC4z8w ZQDyD9kTWv2Pr79qrSNU+DY8Q/BLxe9hcWWoeB9UgkitNXfY5zvkllAeIEOqfISYwyoDv3Y/7Ln7 Jfwl/aK/aG/ad8Q/GfT5vEOl6J491m1sNNN3cW9rHPcXly09yy27xsZdgREO7AGcgnaV+p/C37Mn 7Tnxc/aB8B/Hj9q7U/CthF8NVnfStM8LR3Jee4mAG65mufmCBgHCh3HG0Ku5ifcf2WP2evGfwP8A Gfxt8ReK73T7u2+JPjC+8QactlJLI8VrdSyyIlwJIowsoDjIQuuc4Y0AfOX/AATg0yT4efED9ov4 DaRe3E/hLwB4ohTRra4laX7LDdm5LRqW5xiJM+rZY8sSf1Tr45/Zy/Z68Z/CH40fHb4jeJb3T7nT fifrNpqOmx2kkrzwxQfaNwuVkijVWPmrgIzjg8jjP2NQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQ AUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAf/1P38ooooAKKKKACiiigAorE1fxL4c0AxLr2q 2mmmb/Vi5njh3/7u8jP4VrwzRXESTwOskcgDKykFWU8ggjgg07EqSva5JRRRSKCiuQ+IHjTR/hv4 F8Q/EHxAxXTPDWn3Wo3O37xitYmlcL6sQuAO5r8k/gb8GfjF+3z4Xb9oX4+/E7xH4U8MeIbi4Oge GfC96NPgt7SCVog8zlHEhLIwBZN5ADl8MEAB+zdfHPxR/YE/ZN+MfjOf4geO/AkVxrt64ku57a7u 7IXTDq0yW00aMx/ifAdu7GvF/gp8M/2o/wBmv9o21+GkGt6z8U/gd4ispZl1LWbiOe+0G5jDFUea R1Z1ZgoKou0h9yopRt3tXxi/bv8A2b/gj4xl+HvivXbi/wDElogku7HSrKa/ltEIDbpzEpRMKQxU tuAwSuCMgH0f8Pfhx4G+E/hOy8DfDnRbfQNC08N5NrbLtRS5LMxJJZmYnLMxLE9Sa7WvCPCP7S/w V8e/B/V/jr4N8SRat4P0C0u7y/uII5DNapYwmedJbcqJUkWMbthUMQQVyCCfnC//AOCon7GNhd6d bt4zmnhv44ZHuYNOu5be1+0JvRLh1jO2TH3kUMyEEMAQQAD9BqK+FPFv/BSP9kLwd4vHhDUPGZuy ky28+oWNpPd6ZBK4DBXu4kaNiAct5ZcLyGIIIr1X4wftefs//AbVtK0f4o+J10iXW7CbUrOQQTTw zW8A5KPCrhmboijlyRtBzQB9LUV8q/BD9s74DftAeKb3wN4G1W6tvEllCbk6bqdlNYXMtuCP3sSz KA68gkA7gDkqBzVH4yftwfs8fA/xdL8PvFetXOoeKreJZptL0myn1C5gjdQ6mXylKRkqwYKzBtpD YwQSAfXFFfOvwf8A2q/gh8dfA2t/ED4ca6b/AE7w0jvqkUkEkN3Z7EaTEsDqG5VGKlcq2CASQQPJ /A3/AAUW/ZS+JHj3w58NvBnie51LWvFO1bRE0662CVydsUreX+7cgFjkbVHLstAH3FRXw98RP+Ci X7K/w18X6l4J1fxJc6lf6G5j1N9LsLi+trB1JDCeaFCgKkbWClirZUgEED6Mh+OPwkufhO/xzt/F NlJ4ES0a9bVlcmAQodrZAG/eHGwx7fM3/Jt3/LQB6rRX4g/tn/8ABQ74OfE39mnxToXwT8X6voXi 2SWwm0+TyLzSpru3jvYhM9rPhNw253LuDFc/LgHH7ReGJJJvDekzTMXke0gZmY5JJjUkknqTQBuU V+SHjr9uzTfDX/BQCw+GuoeINQg8AaPo82nXdjDp0zb/ABDJdPHvbZEZZY1QIFcExLyRzk19e/G3 9tn9nv4BeKIvA3jfXJ7rxNJGJm0vS7Sa/uoomG4NKsSlY8qdwDMGK/MBjmgD6yorxr4JftAfCT9o jwvJ4t+EfiCLW7K3k8m4Ta8NxbS9knglCyRk4JUlcMBlSRzXnn7asnxVX9mvxbB8FrLUNQ8V3X2K CCHSmZL1reW8hW7ELoCyMbcyDevKAlhyBQB9UUV+fn7P2t/ErQvi98YvFfxl0fU/C3g3S9L0VtJv tVvpm06106zst1zCgmOxmhk8ySe5cmRiTuIA5rT/APBUT9kGC+ijOv6m2kyzG3GrjR70advBwf3p jDEe4Q8c0AfoZRX5pftq/ELWIPiB+ypfeA/EdzBo3inx1pglfT7qSO31CxuJLdlWTymCzROjZAbK kH3r6J+O/wC2R8B/2ddc07wn8QtXuJPEOqRefDpmnWkt9d+RkjzXSIEImVONxBbB2g4OAD6kor45 8Iftc/AD9pCz8S/D/wCEniO81rV/+Ecu9SkjsLSaK7it2/0ciPzljUXKyOoWNmU5Kn7pzXyr+zL8 BP2hvCnxH+Auq+NbrxCIPC/hvXpPEY1C+82zLajeXj6bbviVjNeolwDMCpWJY0AbOAAD9cKK+RvF P7Quk/E7wF8dPCf7Pl3dal8Q/hrY6hp7wRWsqSw6wYrmO2WAyKFlbzoG27cgkDsRn5j/AGeNR+Of h74p+FNV+KvhXxHo/gvw78NFaae/vru4htNWSZpb9rkPzc3U6qpHmf6pV2oPQA/VWivz11P/AIKi /sb6dZWF/D4ru9RhvY1mkNppt1N9jjZ2jU3WIx5TFlPyHL4IO3DAn65i+Nfwpm+FSfG9fE9mPAr2 gvRqzPtt/IJ25O4Bg2/5NhG/f8m3dxQB6jRXwf4M/wCCk37JXjbxRYeFrPxPc6Y+ry+TYXmp6fc2 VjdvnGEuJUCLzxmTYM4HUgV7J8Zf2r/gR+z/AOIdP8NfFzxIPD93qljc6hbmSCaSN4bXO8Bo0bMh IwkYy7nAUEmgD6Mor5F+CP7cf7Ov7QHjGf4feAtdnj8SRRvNHYajZzWU1xFGNzPD5qgPhfm2537f m24BIvfG79tL9n74A+JIPBXjnXJrnxNPGJv7K0u1lv7yOIjIeVIVIjBX5gHIJXkAjmgD6sor4f8A Hfxe8D/tXfso+PtQ/Z51y/168nspLWGLRgbfV4L/AHKYominMLwksBuZsDy9zKWxXCfsvfBj40eB fj3ca/44vdXuNF074feHdDvDf3fnWVx4ght7UXUlivmOZERYP3k7qpaV3AyASQD9G6KxPEviLSPC HhzVfFniCcWul6LaT3t3MeRHb20Zlkc/7qqTX5m/s5/G+y8L/Bzxl+3p+0RqN/Y2HxE1VVsrdI57 qHSdEt5zZ2EKW8W7aZJMmSQKPMLIx5OSAffnxc+C3wv+O/hNvBHxa8PweItHMgmWKYujxSqCokil iZJI3AYjcjA4JHQkV5N8Fv2Jv2Zf2f8AXx4t+GHguKw11UeNL+4uLi9uI0kGGEbXMkgjyvy5QKSu QSQTnsvjR+0r8HfgD4H0r4jfEzWzY6DrdxDbWc8MEtyZpJ4nmQqkKs20xoWLYwOM8kZ2vib8dPhr 8Io/CsnjXUmhPjXVLbR9JS3hkunuru7/ANUqrCrHaeMuflGRzyKAPXqK/E74H/twfDv4GfEj9orT vjt4w1K+uf8AhYWsw6NpwFzqU8VlbTzBlgjG5YIIwAAMovGFzg4+2vGX7QXwP+Pf7KHjj4h+CPiH d6P4YhtJYL3WdMinTUtKdCpY+RhJ1kAIIAxuU5UlTmgD7Xor5u8P/Fn4V/CD9mPwb8SPGnjR5vCF p4f0gx67qay/atQjltYhDPJFh5nuLgEOyAM+4nIODXDfCH9vb9mn41+OIfhx4S1+4tPEN6pksrbU 7KexN6gBbdbtKoVsqCwUkMRkhTg4APsqivxO+B/7cHw7+BnxI/aK0747eMNSvrn/AIWFrMOjacBc 6lPFZW08wZYIxuWCCMAADKLxhc4OP1S+Cfx5+FX7Q/g4eOvhJria3paytby/I8M0E6AExzQyqro2 CCMjDAhlJBBoA9for43/AG7b/wAI6d+z/eXPjf4g6v8ADLS/7Qsg2s6JHNLeI5c7Ygtuyvtk6Nzj 1rrfjv8AtefA79nXVdM8OfEPVp38QaxE09rpWnWkt9eyQqSDKY4lOxMqQC5XcQ23O1sAH03RXgnw G/aa+DH7Smk6hqvwk14ao2kSJFfWssMltd2ryZ2ebDKqsA21trDKkqwBypAwf2vvjbF8AP2fvFvj 6G7ksdXFlc22kTR2zXQTVJLeVrUugV1CCRAWZxsH8XFAH0zRX4F/F39qzXPiN/wTNsfFHhfxdrMX jjQbzRLTXNSQ3NhcPdTs7SbJ1EYkRgOTGSvQelfoFpv/AAUs/Y91TxzB4Fg8Zskl3c/ZINRls7iP TJp9+wqt0yBNoYj94cR4IO/HNAH3lRXjHxu/aD+Ef7O3hqHxV8W9fj0W0u5PJtYwjz3N1KMZSCCI NI5GRuIXCggsQDXn/wAD/wBsz4BftBeILrwf4D1uaDxJZx+c+lanay2F40Q6vHHMoEgA5OwsVGCw ANAHu/j3wB4L+KPhPUPAvxB0e313QdUQJcWlyu6NwpDKeMFWVgGVlIZSAQQRmvmT4Y/8E/f2SPhD 4stfHHgrwFFHrWnyia0nu7u7vvszj7rRJczSIrKeVbaWB5ByBj6u8UeI9N8H+GdW8W60ZBp+iWk9 9cmKNpZBDbRmWQpGgLO21ThVBJPA5ryO0/aW+Dt78B2/aUt9aLeAFtpLs3pglD+XFMbdh5JXzN/m qU27cluKAPeaK8Gm/aX+Dtv8Bh+0rLrRHgA2y3QvvIl37HmFuo8nb5m/zSE27c7uK4/4q/tofs+/ BrQfDWteN9elhuPGFnDfaXpsFpNPqVxb3Chkc2qLvjBzj94F+YFfvAgAH1TRXzv8CP2qfgh+0fDq K/C3XvteoaPj7dp11DJaX1sCcbngmCsUzxvXcobjOeK8T8Nf8FK/2RPGHinwv4O8OeKrm+1TxdOl raRx6bdkpPNMYIo5gI8o0jj5Rg/KQzbVIJAPvSivgzxj/wAFJ/2TvBXijU/DGoeIr2+GiXBtb++s NNuruwtZ1O0o1xGhViCMZj3Anoa8i/4KEftmWfw8/Z68O658EfFrw6n49lim03U7CAzxyaZGwF0U nKMkMnzKoztkB3BcMpwAfqhRXnvws+J/hL4yeBtO+IvgaWebRdUMwge5t5bWUmCV4X3RTKrr86HG RyORwa/Nr9ob9onR/gP/AMFEvDGpfEjxfdaF4Bg+HbXFxaebO9rLeSX17HGy2kW4STttVQQhbCjk BcgA/WeivlP4D/tpfs/ftHavqPhn4a65NJr+lxNPNpl7ay2d2YVbaXjSUASAHG4IxK5G4DIz6X8E /jv8Nf2hPClz4y+F2oyahp1lezadcedBLbTQ3UCqzxvFMqupCup5HQ0Aew0V8m6x+23+ztoWi+Mf Eeo6/Oul+A9aj8PatdLZXDQxajK7oIkcJiQKUO5kyqjBJwRnjdA/4KMfso+JPHFh4H0/xPcRtq10 bKx1KewuYdLu7kP5flxXboEPzcBzhDkfNyKAPuSivB/jr+0v8Gf2cNKsdT+LGvrpkmqyGKxs4opL m8u3XG4Q28Ks5C5ALEBQSASCQDg/An9rj4F/tF32o6H8ONbkOu6Snm3elX9vLZX8UeQPM8mZVLoC wDMhYKSAxG4ZAPpaivg7xn/wUo/ZG8BeItQ8J+IvFVwmraRrF3ot5bxafdSyQXNi/lzOwWMkxB/l V1zvIOwNtOPlD4bftl+C/gn+0/8AtLWfxn8U6td2txrWkQeHtIVLu/mCpFdvcLa2o3eSqgx+Zwgz tB5wKAP2gorxb4H/ALQnwj/aL8MTeLPhJryaxaWkvkXURR4Lm1l6hJoJQsiZwdpI2tg7ScGvnHxR /wAFLv2RfCviW98O3Hii61FNLl8i91DT9OurzT7eTOMNcRIVYZ4zHvB7GgD73or8wv2/vixLd/CD 4K+OPhH4slXS/EfxA0KNb7SLx447yzmhuy0bPCw3xsVG5G4yuGGRx9i/HX9pf4M/s4aVY6n8WNfX TJNVkMVjZxRSXN5duuNwht4VZyFyAWICgkAkEgEA94rh/iT8OvCfxa8Dax8OPHVq97oOuw+Rdwxz SW7PHuDYEkTK68qM4PI4OQSK8h+BP7XHwL/aLvtR0P4ca3Idd0lPNu9Kv7eWyv4o8geZ5MyqXQFg GZCwUkBiNwz7f42e2i8Ga9JeXsum26afdGS6gBMsCCJt0qBedyD5lxzkcUAcb8GPgb8Lf2fPBo8B fCTQ00LRjO91JGJJJpJriQKryyyzM8jsQqjJbhQFGAAB6zX5/wDwW/aB+BnwP/ZN+HHjHxN8StS8 U+FNe1S40ex8S61BcC6urq4vLx/9KEm54o4vJkj8yQ7VSMHIBFbHg/8A4KO/sl+OPH2n/DzRvFU8 d7rM622n3N1YXNtZXkzNsVIp5UUfM3yqXCqSQASSBQB90UUV+SHh79uzTbz/AIKD678MdV8QagfA 8enR6Bpenpp0wQeIZL63hkklCxbyu4OqzOfLVT8pAYkgH630V+J3wP8A24Ph38DPiR+0Vp3x28Ya lfXP/CwtZh0bTgLnUp4rK2nmDLBGNywQRgAAZReMLnBx+p3wY+Pvwm/aB8FN4/8AhVr8Wr6PDI8M 7FXgltpYwGZJ4pQrxkAhhuGCpDKSpBoA9jor4G1T/gpl+yBpfiGfRG8V3N3aWlx9ln1a1066uNLi mzgKbqOMqwPZ0DKRyGI5r7n0bWNJ8Q6TZa9oN5DqOm6jDHcW1zbussM0MqhkkjdSVZWUggg4IoA0 qK/Kr9rH46WnwT/bn+Bus+NfFtz4d8BQ6J4gudWiE84s5mW0uVhMttFkTSebsEY2MxfaF5xX018D f25f2cf2hfFs3gL4feIJl8RxxvNHYahaTWU08MY3M8PmqFfCnftB37csV2gkAH13RXxH8FvFPw70 b40ftFawfibqWtnRLnTrjW9P1YSw6d4bjjiunxayTMYzHIqu0hTAHlrntXNaV/wU6/ZA1TW7XSm8 T3lhZX832e21W80y7t9NmcNtOLh4wFUHqzhVUcsQM4AP0Bor8of2wP22bf4P/tQ/CT4eWev32neH LC5ubvxbBbWMkv2iGW3iaxWORY2aZfncukJPON44FfXvxf8A2x/gD8DtL0C+8e69JFd+KbeO70zT ba1mudRuIJRlH+zRqXRT0zJtG4FeoIAB9Q0V87/Af9qj4I/tIRagnws177XqGkEfbdOuoZLS+tgT jc8EwVimeN67lB4JzxXiN3/wUu/ZEtPEVl4V/wCEpup9UvNQl00wQ6bdyvFcRSeV+8VY92Hk+VNo Yt1AxzQB97UV498E/jv8Nf2hPClz4y+F2oyahp1lezadcedBLbTQ3UCqzxvFMqupCup5HQ1L8M/j j8OPi/rXjDQvAN/JqM/gXUW0nVHMEscKXiFg8ccrqEl2lDuKEgcdiMgHrlFeSfGf46fCv9n3wg3j j4ta9FoWlmQQxFleWWeYgsIoYYw0kjkAnCqcAEnABNePfBj9uX9nT46eLR4A8Ia7PY+JpYzLBp2q 2c2n3FzGoLFoPOULJ8oLbVYttBbbgEgA+vKK/n5+O/x98BftD/trr8NvFfxG8Y+FfhpoWmLZwW/h 5Luzmn14XQhbzEELnZlz++ZCoCAKw3c/up4k8RaB8L/Ad/4m12WcaP4ZsGnuJFR7mfyLWPLNtQM8 j7V6AEk+9AHZUV+M/wCyn+2Ja/HX4K/HXw78U/G+q2niCOPxRqq6nbWM0Z0rw9FZwxJLatCiIstv uMiQqwlLfMeSWr6z8CftH/Aj4Ffs+fCjUfGnxDvNW0LxRCLTTfEGrQTia9ZdzmW7Lhmi46mQ9utA H3LRXwj4O/4KUfsd+M9W1DSLXxv/AGU1hbS3iy6pZ3FjDc28Cb3eB5kXedoJWMgSPj5Eaus+C/7d v7N/x58eN8NfAWu3H/CQPE89rb31lPZG8hjXez25mUbsJ8207WKgsFIBIAPsKivlP43ftpfs/fAH xJB4K8c65Nc+Jp4xN/ZWl2st/eRxEZDypCpEYK/MA5BK8gEc12Xw0+MHwW/at+HGq3nw71xdd0O+ jm06/jTzbW7tzMhR45Y2CTQuVJKtgZ+8hPWgD3qivgH9hj4keJ1Xx/8AswfEjUJdU8VfBbVP7Ohv bgkz3+iT7n064kJ+8/lja3ovl5JJJP39QAUUUUAFFFFABRRRQAUUUUAf/9X9/KKKKACiiigAoooo A/ID433Wt3XxW8SnXi5mivJY4g+flt1b9wFB/hMe0j1znvX2f+yFda3P8Pr+HUC7WEF6y2ZfOACg Mipn+EMc8cZJ96978TfDjwL4xuY73xNottqFxCAqyOuH2jkKWXBI9jxXUadpun6RYw6bpVtHaWlu u2OKJQiIo7BRwK7KuJUoKNj57A5LOliZV3O6d/x7l2iiiuM+hPA/2p/Bur/EL9m74meC/D8bTapq 3h/UYrWJM7pZ/IZo4xjnLsAv414D/wAEzfiD4f8AHP7Hngew0q5ibUPC8U2lajbIQJLaeCaTYJF6 gyRFJAe+71zX31X59fEH/gnJ8IfE3jzU/iZ8OfE/ib4UeINaZnv38Kaj9gguXc5d3i2NtLHJIRlU kklSSTQB7H43/ar8FeDv2jfBf7M1tp13rvijxdBNcSmxaJk02KNTIr3Qd1KqyJI/GWCqCFO5a+RP +CVVppd54Y+MXirWlik+IF7451OLW5mx9qCKsbxI2fmEfmtMV9W3f3ePqr9nT9jD4Ofs1alqnijw r/aHiDxbrYZb3XtcuReajMjMHZA4VEVSwBbagZsDezbRji/iR+wR8N/GfxI1X4seCfGHiv4XeI/E WBrEvhPVP7Pj1HJyzzIUf526kqQpb5ypcliAfBFpb6VoXxW/4KDeGPh6iReD4/Bt5PNDb8W0Wqtp UxnUKvyK3ntcggYwVIx8uB6d4V8DeFbD/gjnf2tvpsKpe+E7zVpyEAaW+8xpxO56s6siYJ5AVV6A CvuzwJ+x/wDBr4bfBPxX8DPCFtd2ml+N7O+s9Y1Jpll1W7OoQvBJNJcOhUyKkh8vKbFPOzls79p+ zX4Fs/2bm/ZdivtSPhVtIk0X7SZYf7Q+zyggt5nk+V5nzHB8rb/s0Afnz4w8H+GtM/4I3wWNlp8M UMnhHTNTYBFGbyeaC5eY8ffMjE7utcBe6Z4V8R/tNfsLWvjtYrmzk8CwzotzgxyXsWm+ba7t3Bb7 QqFR3cKO9fqJrH7NPgTW/wBm2P8AZcur7Uk8Kx6RbaKLlJYRqH2e12bG8wwmLzD5Y3HytvXCivzW /ab/AGe/BXi39sL9mD9nnU7nUU8OWPhXU9Phu7e4EGoxf2TYzPaTrPGgVZkkgjkyE2lh93adtAHs f7b1tYWf7WX7KGs+GkiTxlP4lltpGQ7Zn0fdCLoSFfmKKjybc8fM+OrVwvhP4mfEbxR+0P8AGRf2 GvhN4fS+tdWGn+KfFnijUrt47zULdpUxHbxy70iVhJtEPysoViq/Ko+vfgp+xR4A+EPxDm+LuteJ /EXxI8bfZjZ2ureKr4ahcWVscgpbnYuwkEgscnBYLtDMDxXiv/gnp8P9W+JfiT4meA/iB4z+Gt14 zma41u08MasLG2vZnZneRgYnYM7uzHJYAs20Lk0AfEX7Ji+Lbf40ftm23ju70m78RnSVbU5NCWRN Na9EN153kLLh/lcsrFhkvuJ617//AME9fCVh4c/4J1WPjDwlpkH/AAlOoWniPUo7hYlE738M93a2 7CQAtuCRIgIOQOBX0T8Jf2Dvgn8Edc8X6x8O7rWbGHxtoo0XULKW7S4tyu0K10hliaYXLHcxZpWT c7YjAwB7r8Bvgt4W/Z5+FGhfB3wVdXl7o3h8XIt5tQeOS6b7Vcy3T+Y0UcSHDysBhB8uAcnJIB+N H/BPzTP2zpP2arW6+Adr8Lrvw5rN7qDXz6+NVfVp7rzWSRb/AOzHymbZt2D/AJ4lCeSa8C8UeDtT 8DfspJ4U8Q+LfC/iLwNqXxh0+XVl8K31xcafpttPBKbi0PnxxmKFWRWUbmx8rbiTk/rB4o/4Jt/C y/8AEOv6x8OvHPjL4ZWHiuVpdW0nw1qwtNNumfJc+Q0b7dxJ4JKAEqqKvFe8aD+yB8A/D3wDuv2a 7Lw4sngq/R/tMUrl7ie4kwTdPN977QGVWVxjZtUKAqhQAfJ3/BWfw54DH7F11PeWtrb3Oi6hpa6C EVE8qR5VieKDGMKbXzDsXjaucfKCP0s8Kf8AIr6P/wBedv8A+i1r839T/wCCVfwh8UeHV8KePPiP 498T6Vp8aw6Pb32sxyx6RGrof9Eie3aJWKJ5R3IV8skBQwVl/TTT7KLTbC206Alo7WJIlLcsVRQo zjHOB6UAfmdrpA/4K3eHM8Z+GT49/wDT7mue/wCCeFppeofHD9qPxJ4iWKbx5H42u7S5kfBni05Z pvISPOWWFmRgMcMEXOdq4+nvj1+xj8Pvjz8SfDvxdvPEfiHwf4t8OWwsYr/w/epaSy2gkeURSb4p eA0j8rtyGIbcMAZHxd/YZ+HPxN+JM/xj8M+KPEvwz8bX8It77UvCuo/2e99GoVQLhSjgkKgGV25w C24gUAfO3wUt9K0L/gqp8Z9E8BokGi3vhO1vNZht/ltxq/m2ZVmVfl81llkY99zyHqWz+r9fPX7P v7Mfwt/Zs0jVLHwDDdXeo69cG61TV9Un+16nfzckNPcbV3AEkhQAuWZsbmYn6FoA+Y/2yfGfwz8B fs1eOPEfxe0eXxF4WS1jhudMgnktpL57iaOKGATRMjorysu9geE3HDDKn8u/jPqn7Xut/sTa2upe CPAnww+Dlv4dgNvp01zd32rCx2xmzihZWaETMTHtaUK+85b5siv2b+LPwr8F/G34d618LviDZm+0 HXoliuI1cxuCjrJHIjj7rxyKrqeeQMgjIr4esv8AgmN8K7rw/H4M8ffETx3428L2MD2+m6Pqmt7r CwzGYopYYYokXzYAcxZ+RcAFCvFAHyJ4qkaT4Sf8E8WZtxHiPw6OfRWtQB+GK+jf2Pk03Uv26P2q tU8XRRnxnZ6hp0FgZv8AXpo+2VVMO7kIyLbF8cfc7EZ+kE/Yn+GP/CKfB3wjca5rtxa/BHU4tV0W WSe186eWCYSxx3hW1CvEu0IBGsTbQMtnmvgn9rHxN+zSf2pdWtf2ltO8S/BnVtNs4BonjvwzeXKt rto0al4pFt7SXa0RJiyA54KsygICAen/AAR0/wAGab/wVh+M8HguOCJJPB8Mt+lvgRjUJJtPafhe A7EhpO+8tn5s1+tdfix/wTg+F3h2T9on4m/HP4TaHqmm/C2fS4dE0e/1ppWvNYuWkgnu7wmb5zvk iLE4C/OAAGDKv7T0AZGneH9B0e6vb7SNNtrG51J/NupYIUie4kyTulZQC7ZYnLZPJ9a5f4sf8ks8 Zf8AYG1H/wBJpK4L4R/s7+Efg143+Ivj3w7q2q6hffEzUV1PUIdQnimt7aVZJ5AloqRRtHHm4YYd nOAvPBz7J4h0W18S6Bqfh2/Z0ttVtprSVoyA4SdDGxUkEBgDxkEZ7GgD81v+Ca/gTwpJ/wAE99Ij l02CRfF8WvPqgaNT9qP2y6s8S5HzDyYlTBzwMV+Zi3Bn/wCCZXwN0rxBOYvCF58Svs+tEsVUWRnu 3ZXYEYj+8x9GCnOa/oO+B/wN8JfAL4O6R8EvB13fXmhaKl3HDNfyRSXbC9uJbmTe8UUSEh5mC4jG ABnJyT5p4M/Yw+CvhL9nSb9l29gvPEvgm4eeRxqkyNd+ZNN54dZbaOAK0cmCjKoIwM55yAeWf8FI PDfw7H7EHjS21iztLey0W1s20dVREW3uknijtltgMbcg7MJ/yzLD7ua+QLnSX+IP7U37DEXxItv7 QvLnwOdQvEuh5jNe2ulPdq8gfJLrPGrnPO4V9W6D/wAE1PhJa3uiQ+OfG/jP4geGvDE0c2l+HvEG ri60i2MQwim3WJAyqOAvC7flYMpIr6c8Ufs7+B/Ffxz8CftAX11f2+v/AA9tL2z062gkhSxeK+hk gk86MxNISqyts2SIAQMgjggHxf8AtU6dZWX/AAUG/ZT161hWLUL069bTTKAHkhht1KIzDkqvnSYB /vH1NfK/7Og/aw1P9qP9pfxF8D4vAlx4ji8VXNnqL+LzqL38NnHczraR2ptOlsUQLz12J2Va/Xz4 h/s9+C/iX8Wvh38ZNdvdQg1r4ZveyabDbSRLazG/RUk+0q8TuwAQbdjpg5zmvIPjF+w18N/in8R5 fjF4c8TeJPhp45u4Bb3mq+FtQNhLexqqoBcAo+4hVC5UoTgbt2BgA+b/ANj3wL8TPDP7Z/xZ8R/E fxN4DGua/o8L614d8HXV4Wgv4pLfybqW1uYxt3RvIZHMhbzJc7fnbH6y18z/ALOX7KPwu/ZlstYP gpr7V9c8RzCfVda1i4F3qV64JI8yUKg2gsxwqjJJLFjzX0xQB8j/ALekuoQ/sdfFl9MJEx0OdWwc fumKrN07eWWzXA+APhNpPxg/4JveFvhRaBXXxH8P9PigLY2pfvYxzROe3yXQDH3FfZ/jbwlo/j/w brvgXxAhl0vxFY3On3SjGTBdRNFJjORnaxx718U/sB6rrHgzwP4g/ZX8dyg+LvgzqEmnkkFftmj3 bNcadexg/wDLOSNigA5UIA3JoA/JmxvNX/bw8FfCH9nqF5X1H4W+AfEd9qsKkhxqliraZpUc3feH it5GB5KykHrXvf7LXxDf9sT43/s52Nw5u9N+BvgyXU9W3dDrayf2bEJP+mmIYLlP+BY4zn9RPgp+ yF8J/gJ8T/H3xY8DtfvrHxDnae8iupIXtrXzJ5Lh47RI4Y2SNpHyVd5OFUAjByn7Ov7IXwm/Zh1n xprnw3a/kuPHN2l1di+khkW3WN5XSC2EUMRSJTM2AxdjxljigD5G/wCCefhbQ/8Ahff7WPjN7SN9 Xb4gapYLcMgMiWy3lzK0asRkK7sCwBwxVc9BXyvLYWWjeC/+CiGi6VClrYW+o28kUEahY0aaS6Z9 qjgZPYV+x/wb/Z68F/A/XviD4i8J3moXdz8SddufEGoreyRSJFdXLu7pbiOKMrEC5wHLtjGWNecX P7FfwsurP40WMmqayI/jpLFNrZE9vm3aIyFfsX+j/IP3hz5ol7fiAfnX8TotN1fQ/wDgnb4V8Zxx y+DtRs9Kku45+YJbyLTtNW0jlVvlIZnZcHIYMwIxkH9Jf2i9O/Zeg8WfCzxL8fVji8QWWuw2/hGV PtouP7VlZGjjQWPzFS6ISJf3W7aG6gHT8cfslfCD4j/AXw9+zx4xt7q/8P8AhSysLPTLvzlj1G2f TbcW0FykyIqCYIPmPl7GyQU2nFeXfDL9gT4ceBviTpXxW8ZeMfFXxP1/w4CNGfxVqf8AaEWnHGFe FBGn7xR0JJUEBgoYBgAeGf8ABPPwtof/AAvv9rHxm9pG+rt8QNUsFuGQGRLZby5laNWIyFd2BYA4 YquegrV/YLsLLRv2lP2uNF0qFLWwt/FdlJFBGoWNGmN6z7VHAyewr7S+Df7PXgv4H698QfEXhO81 C7ufiTrtz4g1Fb2SKRIrq5d3dLcRxRlYgXOA5dsYyxo+Ff7PXgv4Q+P/AIj/ABG8NXuoXOpfE+/h 1HU47uSJ4IZYPN2rbLHFGyqfNbIdnPTkc5APjn/grv8A8ma6n/2GdL/9GNWH+0J8MvHuqftgD4o/ sn/Ebw7b/F7SvDi2mr+Ftb/eGXTRIrrIhCSGPf5kYI/d9iJAHYH7i/aM/Z78F/tO/DOf4VePb3UL DSbi5guml0ySKK4D27FlAaaKZNpzz8mfQivM/j9+xX8Ofjx410z4opr2u+BPHWkwC2i1vw3eiyu5 IASVjlJR9wXccFdrYOCxUAUAfPX7H3xZvdX/AGm/iJ8N/jP8J9O+H3xtk0uDU9U1HSJjNa6rZxmC NWI8yVUYeZGy4dt2W3bXUg/Xv7X/APyal8Yv+xR1z/0ilrD/AGe/2Rfhv+zxrGueMNI1LWPFnjDx KqR6jr/iG9N9qM8SbcReZtQBMqD90scKGYhVx9C+L/CuieOvCeteCfE0H2rSPEFlcafeRBihktrq NopV3LgjKMRkHI6igD8Mv2jSG/4I7fDbBz+50Ef+PvX1f/wU18BeEfDP7AWteH9H0u3trLwo+iR6 YiRKotQl5Bb5jAA2kxuynHUE+tdZYf8ABNb4TW3wY1z4C3/jfxhqXhPV72yvYYrnULaR9PNi0jJH abrQxxpIZCZRsO4hSNpyT9XfH/4G+E/2jvhVq/wg8cXd9Y6NrLWzzTadJFFcqbWdLhNjTRTIMtGA 2UPGcYPIAPyN/aGk+MHiH9vT4E2HgAeHbvW7TwLBfaHF4ta5bSnvn+1G4lC23z/agsasmO6I3ULX YfEDwN+1Dq/7VHwH8cfHzxL8K/CviDR9YVLGPRbvVLXVdWsJZYku7VBcxyed+7ZliQlF3SMN2GNf oR8cv2RvhN8fvDHhvQfF51DT9R8HbP7G1rTLkWuq2LIEBaKYIy/N5akhkIyAyhWAI4H4QfsJfDj4 ZfEyD4y+KPFHiT4m+NbGIwWOo+KdQ+3vZIQV/cDYuG2swBYtjJKhSSaAPti4t4LuCS1uo1lhmUo6 MMqysMEEHqCODX82ySXuleFNX/4JkvNJ9ruvi1a2MaFiH/4RS4f7d5o74Vo1mOOm/wBcZ/pPr5bv f2QvhPfftQWf7WsrX6+M7K0+yrAskP8AZ7t9ne1E7xmEymUQvsBEoXAX5cjNAH4l6Bcajr/hfw9/ wTJmlke8sfivfWd4gJLHwvp7/bXk+ju8ky+uzPrj73+B+n6NqH/BUf46zeLYoX13QdD0iPw/G4H+ j6e9tbCZrZTwv3kDFem9xwGYH680b9kL4TaH+05q/wC1haNft4x1i0+yvbvJCdPiYwxW7TxRCESr K0cW1iZSp3uduSCKHx8/Y4+Gvx68VaT8R59V1rwV460OLyLTxB4bvfsN+IPmxE7FXVkBduwfBIDb SRQB8pfE230rQ/8AgrD8JpvBSJBquveFtUHiRbf5fNtkt7s2z3ITq2+JACwydkfouKv/AASG8HeE dM/ZLbxdcWFsb7Udcvrm4upYkMg+ybI4v3hGQIwpZeflLMRyTX2H8BP2Qvhj8Atc1nxtpl7q3i3x p4hRY7/xD4iu/t+pyxrj92JSqhEJAyAMttUMSFXHZfs5/s+eC/2Y/hnb/CrwFeahf6TbXNxdLLqc kUtwXuG3MC0MUKYB6fJn1JoA/Jz4Z/Dr9pf4OfD7xVF+yPqng/4/fAzW73UpJdLuW23rLMojuoXk 3RLI/lgISZpN4AIjG4CuY+P/AMS/hv8AFL/glz4X8Q/C7wsvgnRLTxRZWj6Okhlis7mOeV5xHI2C 6Oz+YGIB+bkA5r7e1T/gmZ8K11rXJ/AHj/xr8PvDviaaSfUtA0DVxa6ZM0v31WIxNhDjG1t4C/Ku 1QBXuXiX9i34F+I/2cYv2XI9PuNK8G23lvA1pNi8iuUkMv2nzZFcNK7lixdWU7iNoGAAD6wr8ofi h4X0PxP/AMFcfhkdctI71dI+HzX8CSoHVbmG81FYpMMCNyF9ynqrAEcgGv0I+Cvwqh+C3w80/wCH lt4k1jxXFp7Sst9rtyt3fMJXL7GlVEyqZwgxwuBnAFc9qX7PXgvVf2idJ/aZuLzUF8UaPoTeH4bZ ZIhYNatLLMXeMxGUy7pmGRKFwB8uckgHxb8V9PstP/4KsfBHUbGBILnVPCmsJdSIoVplhgvSm8j7 xXsT2AHYV4R4k+KUf7AH7R37Q2ly7bfw/wDELw+/jTw1G+PKOt7mha3UdB5lxJIWA6RonHSv1J8S /s9eC/FPx88IftFahe6hH4k8F2F3p1nbxSRCxkivElR2mRomkZgJW2lZVA4yDzn8wP2i9T+GH7ff 7VHwv+C3w/0u61ZPhnq2ozeMdRmtZLeG0sraWNJrIs4G/wA+WAxg4wCy7SQX2gHlnxz+Dknwb/4J OaHpniIOmu+J9Z03xBrUj8zNd6nJ5p355MkcPlxtn+JDX3Z/wUB8MfCnTv8Agn94m0uztrKHw/o2 n6adA8rbsikWaFLQ2zDuyNjKnLIzZyCa5/8A4K6oT+xvqCIucazpfAHbzGrq9G/4Jq/B2x1/RJdf 8W+LfFXg/wAMXK3ek+E9Y1X7XodnIhJRVgaPJjTOFQtyOHLgkEA/Py0m/aO8SftufDxvCyeF7jx9 pnwt0O409PGTXjWayPaRNeyWotf3n2rzXnwemwSE8gY9+TwN+0ZP+3P8JPiD8dPEvwx8PeK7SC6g GneHrvUoNT1jTJYpY2VobqNxN5eXMeWQcN12/L96/tC/sj/C79oy60PXvEdxqfhvxV4YJOl69oN1 9h1O0UndsSXa6lN3IyuVOdjLubPK/A39iL4bfBj4g3Pxf1HX9f8AiF49nha3TWvE179uubaFxtZI PkQJuUlSx3MFLKpCswIB8xf8E/PBHhfUfjd+1h4q1PTbe91CX4g6nYCSeJJGS3jvLmUopYHAZ2BY DqVXPQVZ/Y50bwjc/t3/ALVmuXkUMniWx1HT4rNnAM0dnOJjcmPPOGdIQ5HTCjvz91fBr9nvwX8D tc+IGv8AhO81C7uPiPrtz4g1Fb2SKRIrq6dndLcRxRlYgXOA5dsYyxr5y8Y/8E6fhb4k+Jfif4za B418YeD/ABx4ou/tUmp6LqiWclurLtkt4RHAD5Mnylw7M2VXDgZBAPi7xy174Z/aq/bNi+EJFrat 8Mbi91BbQkIms/ZoW3gJx53lvO+fveYzHqWr7h/YD8MfDN/2GvA2n2FnZXGiazpU76wrqjRXFzK8 iX32ktkNhgyNv6KoXgAAe0fs+/su/C79m/w5q2h+C47vU7zxHObnWNU1eYXmoanMd3zXMu1VYDe2 FCgfMxILMxPzXff8EyvhClxq+meD/HPjbwd4M8QSvNqHhfR9Z8jR5jIAGXyWidtjAYZWZuMKCAAA Afkx4cuZZP2M/AthZyyTeHtN/aBgt9EaRmYf2f8AZHkXZuz8pkdzx1Yt3zn7G+Na/HDWf+Cpf2f4 WR+Fp/EmjeD4ZdBj8Ym7NisJOZ3tFtPn+1Bnmx28sSE8gY/RLxp+xn8F/F3wx8CfCCzgu/DXhr4e axZ63psOlSRRs11ZLKq+e00UxkEhlZpTxI7fNvznN39ob9kn4YftHXeh+IPElzqnhzxX4ZYnS9f0 G7+w6nagncUWXa6ld3IyuVOdjLubIB8Ep4G/aMn/AG5/hJ8Qfjp4l+GPh7xXaQXUA07w9d6lBqes aZLFLGytDdRuJvLy5jyyDhuu35f1Z+K3/JLvGP8A2BtQ/wDSd6+cfgb+xF8Nvgx8Qbn4v6jr+v8A xC8ezwtbprXia9+3XNtC42skHyIE3KSpY7mCllUhWYH618QaLa+JNB1Lw7fM6W2qW01rK0ZAcJOh RipIIDAHjIIz2NAH84/iPSrPXv8AglV+zLoeoLvtdR+IwtpV9Y5r3W0YfiCa++f+Cr/h7RNP/Zi8 KzadYw2jeH/FOkLp/kxrH9lTZLHsi2gbF2gDauBwPQV9AP8AsIfCGT4EeAP2em1fXP8AhHPhxrq+ INPuPtFr9tlulmupwlw/2Xy2i3XcgwkaNgL82QSfX/2iP2e/Bf7S/gOD4eeO73ULHTbfULbUlk02 SKKczWu7YpaaKZdh3HI259CKAPd6/MPwAQP+CsfxNB6n4e2R/wDJixr9PK+QPid+xj8PviT8c9F/ aGg8R+IfCfi3So7aGZ9EvUtob+C1lEqRXKvFIWQ7QrqGCuoAIJANAHzB/wAE8/C2h/8AC+/2sfGb 2kb6u3xA1SwW4ZAZEtlvLmVo1YjIV3YFgDhiq56CvmO1OpeE/Cn/AAUPsfAsf2EWt/EY4rf92sUV y12LtkCY2/ui54xwPSv2D+Df7PXgv4H698QfEXhO81C7ufiTrtz4g1Fb2SKRIrq5d3dLcRxRlYgX OA5dsYyxql8PP2afh58OfF3xR8X6fJeapL8XbpLrWrXUGhmtBsWZDFDGkKERsszBlkaTIxz1yAfl 98DfDH7Zl1+xvoOg+EbT4N/8Ko1Pw40kzakdXEptZoi11LftH+5FwrbzOw+VZFbGAor7k/4J1+HN S8H/ALKfhjwvf+KtJ8ZQ6bPfR2uo6LdS3lm1u1w7rGssscTZjZmQrtwuAB0rzG+/4JefCQ2974Y8 OfEHxz4d8B6nO1xc+FbHWsaQ5c5ZBFJE7bD0beXY/wB7IGPv74feAPCPws8F6R8PfAenR6ToGhwC 3tLaPJCICSSSSWZmYlnZiWZiWJJJNAH5pftOeF9D8Yf8FKf2Z9F8RWkd9ZDTtauzFKgdDLZW9xdQ kqwIO2WJGHuK1f2rNPsrD9v/APZR12zgSHUL6XX7aedVAkkhit49iMw5IXzZMA9Nx9a+0vFn7PXg vxj8d/A/7Qup3moReI/AFrfWlhbwyRLZSx38MkMhnRomkZgsrFdkiAHGQRwT4i/s9+C/ib8V/h18 YtevdQg1n4ZSXsumw20kSWszXyIkn2lXid2ACDbsdMHOc0AfmT4D0XwN4l+KH7fvhz4la+nhbw3q sui2l5qkjBEs1niv40lOSAcOy/KSN33e9eceJP8AhqX4D/s26dpPxS8K+DP2g/2dNKstPmhubOVr W5XTEeM2coI8o8Ap8yxTHBy7kbyf1Z0L9kv4T6R4h+L+vXy3mtxfG77ONfsb6SJ7QJbJNGq2wiij kjBE7ElpHYEKVKkV8y2n/BLj4UR2cfhLUviP481PwBBMs6eFZ9aH9k/K4cRtGkSkxgjjaVcdd+7m gDzr40+J/DvjP9pL9hbxj4Sgez0LW7fVLywhkG14ra4sbJ4Y2GT8yowU8nnua3fgpaaXq/8AwVM+ PF740WKfxDouiaSugrLgmGwktrbz3tw3Q/Ogdl5BkccBmB+qf2gP2Nfhb+0DovgvStQvdV8IXPw8 J/sK98P3K2dxZRMkcZiQvHIoTbDHggBlKDawG4HD+K37Dvw0+Kk3hPxHN4j8R+HfHPg3T4NNtPFW kagLXWZ4IIyg+1TCMpKzEszsEViWYAhSVoA+cPiTb6Vof/BWX4STeCkSDVde8L6mPEi2/wAvm2yW 92bZ7kJ1bfEgBYZOyP0XFX/glf4I8LzeDvjB4xutNt7jVbz4g6naNPJEjyCGyS3mhUMQThJJnceh OetfYXwD/ZD+GPwB17WPG+mXuq+LfGviBFjv/EPiK7+36nLGuP3YlKqEQkDIAy21QxO1cdh8AP2e vBf7OPh7xB4a8D3moXtr4k1y71+4bUZIpZEur1IkkSMwxQgRARLtBDMOcseMAH5beJPilH+wB+0d +0Npcu238P8AxC8Pv408NRvjyjre5oWt1HQeZcSSFgOkaJx0r7w/YB+Dt18Gv2X/AArputK3/CRe JlfxBq7yZ817zU8S4kzzvjh8uNs90NfDP7Rep/DD9vv9qj4X/Bb4f6Xdasnwz1bUZvGOozWslvDa WVtLGk1kWcDf58sBjBxgFl2kgvt/bUAKAAMAdqAPyj/actNL13/gpH+zboPxAWKfwsmnarc2MNzj yH1dUmZMhvlL+ZHbFB3cKOc4pP8Agp9b6VpuofADxZoKJH8Q7fx5p1vpUkfy3Ulo2WnjBX5mTzvs 4I5ALY/iOft79ob9mj4X/tM+GLLw58RoLmKfSLj7XpupafN9m1DT7jjMlvLhgCcDIZWU4BxuVSPJ Phb+wp8N/APxD0/4s+MfFPib4o+LdGjMWm3vi3Uf7R+wAn5Wt0KKFdecMS2GJZQGwQAeP+EP+Utv jf8A7JjD/wCl9jX6d14Tpv7PfgvS/wBonVf2mbe91BvFGr6Evh6W2aSI2C2izRTB0jEQlEu6FRky lcE/LnBHu1AH4i/srEf8O8P2px3GoePgfb/iUR15F4y8P6T4s/Zo/YM8K6/bpeaZrPinTLO6gkG5 JYLi5SORGB6hlYgj0NfpT4b/AOCfnwq8I658R77w34o8T6fovxOsNXsNS0OO/iOmRf20nl3E8ELw MRMi/wCqdy5Xody/LXYS/sVfCybwn8HfBzaprP2L4I6na6rorie3824ntJFlRbw/ZtroWUbhGsRx 0IoA+VP+CgXgfwp4g/aR/ZJtNW0yC4guPE09pNG0alJbaOSykWF1xho8j7pGMFh3NdL+1hZ2tn+3 t+yZq1rEsV5cTeILaSVQA7QxwRbEJHJUea+B0G4+pr7N+K/7PXgv4w+Ofhz8QPE15qFtqPwx1GTU 9NjtJIkhmmk8vK3KyRSMyfulwEZD159F+Iv7Pfgv4m/Fb4c/GDXr3UINZ+GMt7LpsNtJElrM1+iJ J9pV4ndgBGNux0wc5z2APyD/AGdB+1hqf7Uf7S/iL4HxeBLjxHF4qubPUX8XnUXv4bOO5nW0jtTa dLYogXnrsTsq19G/se+BfiZ4Z/bP+LPiP4j+JvAY1zX9HhfWvDvg66vC0F/FJb+TdS2tzGNu6N5D I5kLeZLnb87Y+kPjF+w18N/in8R5fjF4c8TeJPhp45u4Bb3mq+FtQNhLexqqoBcAo+4hVC5UoTgb t2BjqvgZ+zV8Gf2QvDPifxFo95d3N1qCyajr/iLXLkXN9cR26tK7zzBUUIgLuQqjJJZix5oA+YPh qht/+CtPxbXT2Jt7vwJYS3ozwLlH09Isj18ocZ7E1+pVfnf+wt4N1XxZrXxJ/bE8V272t/8AGfUE l0e3mXEtv4dscw2BbPIaeMKxHQqkbDriv0QoAKKKKACiiigAooooAKKKKAP/1v38ooooAKKKKACi iigAorw7x7+0J8PPh7rJ8P6rJcXl9Hjzo7SNZPJ3DIDl2QZwc4BJHcV6X4Q8YeH/ABzocPiHw1ci 5s5iVzgqyOv3kdTyGHp+IyCDVunJK7RzwxdKU3TjJNrodNRRRUHQUNV1XTdC0u81vWbqOx0/T4ZL i5uJmCRQwxKXkkdjwqqoJJPAAzXzuv7Zv7JjsFHxf8LZPHOrWoH5l8V1/wC0h/ybv8Uf+xV1v/0h mr8Wf2R/G/8AwTM0v9mbwhp/x7tvCz+N4YLwaob3SZLi+LG7nMe+WOB2Y+SU27WJxgCgD99tA8Q6 B4r0i28QeF9TttY0u9XfBd2cyXFvKoJGUljLIwyCMgnmtivx0/4JyTy+DvAnx/8Aif8AD6yuY/g7 Jql3f+DLK8kcFo7FLk3BQOzOiMBCmWBbKnJLK1fe/wCzX8e7z49/s36F8eLzRo9GuNYt9QmNjHMZ kjNldT24AlKKTu8nd93jOOcZoA+jbq6tbG2lvb2ZLe3t0aSSSRgiIijLMzHAAA5JPAp8M0NzClxb ussUqhkdSGVlYZBBHBBHQ1+F/wC1d+0z8Rf2jP8Agmo/xR0vwbb6ZpHiW9+za06ajubTY7LVYYrc xqyI0/2iRdjgAbAcnIr9Xf2bNc+JGv8Awd0C9+KXhmDwpq6W8UUdpb3q3yPapEghmMiAANIOSnVf WgD3eivgr9qH9svxH+z78X/BHwk8MfD6bx3qXjqyuXsobW6FvO16jeXBD86Mixs2DJIT+7TLYOK5 74afti/GG0/aC0L9nn9pn4XReAtV8Z209zoV7Y6imoWs5gR5GikZAQG2owJDZDbcoFdWoA/Raivz t8b/ALY/xV8UfGTxN8Ev2UfhpH8QNQ8DFY9f1XUL9dP060uWJH2ZCwBeTcrIfmB3K2FZVLVyD/tk eO/it8HfjH4Dt/h43hz4zeArCWPVvDl5qMaRrZXCFZL62u9oEixRHzAAvJKBWYOrEA/TWx1Cw1S3 +2aZcxXcG+SPzIXWRN8TmN13KSMo6lWHUMCDyDVyvzJ/4JSa58Sb/wDZX8PaR4o8NQaX4X06Kb+w 9TjvVnl1IS3941z5tuBug8mTCruJ3g5GK+rP2nf2j/C37MXw3/4TrxBYz61f311Fp2k6VaY+06hf z58uFMg4GFJZsNgDhWYqpAPoqivzHvv21f2gvg7e+HvEH7VfwYi8F+AvEl3DZ/2vp2qx6g+ky3H+ r+3RKOF6l2BXABwGYbD2H7Qv7anjL4Q/tE6D+zt4B+G0nj/W/Ffh+LVNLW3vltWe7lubiLy5WkQp HbpDbPK8uTjoQFywAP0IqnFqFhNez6ZDcxSXlqkck0KupkjSXcI2dAcqH2NtJGDtOOhr4A+Dn7YP xX1T47Tfs1/tC/DSPwL41vtLl1bRntL9L2zv4Yt5Kb1yFOEf5gx5RgyqQAfl79g7xl8e7/8Aa/8A j2mveBLS2ttZ1qzPiiUaqkraJNDBeG2igG3N2sj/ACErgIBnpQB+vvgf4geB/iXoS+KPh7r1l4j0 h5HiW7sJ0uIDJGcOodCVyp6jNdfX44fC/wDbH8JfBz9gm3+Pfw7+Ftn4e0pPEb6c2g2t9K0S+bLt knWaRCxY4ztIxnuK9Z0r9vD4m+Efhz4m+Mv7RHwhn8CeDYra0uPDhW/jnv8AVpr98W1oICF2ylA0 sjMUMaDPlnrQB+m1chqPxA8D6R4w0r4fapr1la+JtdjlmsNNknRbu6jgVnleKInc6oqsWIHAB9K/ OjVv22f2mPhRpGl/FH9of4D/APCMfDPUprdLm9sNVS91DSY7ohYpLu22gnLMoIIjIJ2nDkIYvjFq Fpq3/BTD9mrVdInjura88N6/Nbyo26OSOSwvGRww6qwIII7UAfqXRXyR+yV+01e/tF6N4ztfFOgR +E/FvgLXLjRNV0tLg3IjaHhJQ7JGdrssijK9Yz2xVn9lj9pG+/aZt/Hfiex0GPTPCfh/XrjRtGv1 uDK+qRWvL3JQoojUhoyuGbJLDOVNAH1dVe5tLS9j8m8hSeMENtkUMMjocHPIr5Y+I/7SOofDX9p/ 4afArWNBj/4R/wCJVpem11o3DK8eoWau7Wxh2FSGHkgNvB3SAYwMnzR/25dIX9uVf2Oxo0ZhNtg6 v9pORf8A2P7d5HlbNuPLwud+d/y4zQB99UV+eHxB/bi1bwv4r+PeleG/CMOr6N8DdIsrq4vmvGj+ 1alebCLTaImCKqmUM2Sd0eNuDkYPwT/bf+LvxDsZ/ix8QfhGfBPwWj0a71b/AISSfUBJKFsUy5W2 Cb5BM/yxDC7h8ys/SgD9LaK/KWy/bj/aq8TeBbj4+eDP2evtnwqgSS6jkn1iOLWLiwhJ33UduEY7 QoLbQj5HKsyjcfS/jJ/wUF8H+Af2bPh/+054H0WTxP4e8aa3aaXLbNIILu1SSK5kuRtG9WuIWtmj 2bgrNyH24JAP0Por8sNe/bq/aE+E+teFPEf7QnwM/wCEM+HHjG/t9Ph1CLVory9sHuQWjN3Ci8Ns BdoysZADAEsu2vYfjl+1n480H4zW37OH7OPgRPiH8QI7L+0tV+03YsbDSrRtpjM0jD5ncOpxuXAZ ANzNgAH3dRX5y/A/9tr4i/EH9pY/syfEz4XnwL4h03Sbi+1FnvxdKJ4nBj+zFECywSxOjh92QxZe cZP6NUAFFFFABRRRQAVXW0tUuXvVhQXEihGkCjeyjoC3UgelWKKACiiigAooooAKKKKACiiigAoo ooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAqGK2t4GkeCJY2mbe5VQCzYxlsdTgdT U1FABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUU UUAQxW1vA0jwRLG0zb3KqAWbGMtjqcDqamoooAKKKKACiiigAooooAKKKKACopoYbmF7e4jWWKQF WRwGVlPBBB4INS0UAMjjjhjWGFQiIAqqowABwAAOgFPoooAKKKKACiiigAooooAKKKKAP//X/fyi iigAooooAKKKKAPyh+N/w68YaJ8R9bvJ9PuLm11W8mura4jjaRHSdy4XcoOGXO0r144GCDX2J+y1 4J8ReEPBF5P4igezk1W5E8VvINrpGqBQzKeVLHsecAV9NUV1VMU5Q5bHiYTJIUa7rqXfT1CiiiuU 9s8X/aQ/5N3+KP8A2Kut/wDpDNX5R/sU/E/9gTRf2UvBGh/Gi58Ff8JTBBejUYtWsbWe8y17OyCU yROzfuymMk/LjtX7b6lpunazp11pGr2sV9YX0TwXFvOiywzQyqVeORGBVkZSQykEEHB4rw9P2Uv2 XI3Ekfwd8GqynII8PacCD7HyKAPyj/ZEsdE8a/Hr9p6+/ZjtJ4PgpqmgS2dhbxRSQ2M2tzQRqDbR SAbAWFwVQAFY3QYVSqjqv2Mf2ufgP8MP+Cf9l4Y8U+LLKy8W+F7fWrSTQ5JANSnuri7uZ7eOC1/1 sokEyDcqlVYkMRg1+zGheH9B8L6XDonhnTbbSNOtgRFbWcKW8EYJydscYVRz6CvOh8APgYPG3/Cy R8PdA/4SrzftH9qf2ZbfbPPzu87zvL3+bnnzM7vegD8NdLhlm/4Igat5SlvL1AM2BnCjxFFk/hX7 ifAT4heCfiX8J/DniDwFrVrrunxWVtbSTWkqyrHcRQR+ZE+PuyJkblPIzyK63S/hr8OdE8Hy/D3R fCulaf4VnSWOTSbexgi090nJMqtbIgiIkJJcFcMSc5p/gb4deAfhjozeHPhx4c07wxpckzXDWum2 sVpC0zhVaRkiVQXIVQWIzgAdAKAPzw+PMUcv/BTz9mhZVDAaP4jYA+q2F4QfwIzT/wBrJVH7eP7J TAcm48RAnvgW8P8AjX6L3/gjwZqnifTPG+p6Bp934i0VJY7DUprWKS9tI5lKSrBcMpkjV1ZgwRgG BIOQTRq3gnwZr+vaR4p13QNP1HWvD5kOm31zaxTXVkZgBIbaZ1LxFwAG2EZAGc0Afk7+yJ8UPh/+ zf8AH79oj4OfHDXbTwbrWreLLnxDp13rFxHaQajp96zvG6XEzLGWCFX2lsnewGSrhea8F61b/Hr9 rT9pL47fDBH1HwFY/D+78MR6pEjC31HUvJgciFiMSbRE4yv8Oxvuuuf1k+IPwa+EnxYFsPid4M0f xU1lkW7anYwXbwgnJEbSqzICRyFIB711vhvwv4Z8HaRD4f8ACGkWeh6XbZ8q0sbeO2t489dsUSqg z7CgD8+/+CV/xB8E+I/2Q/BvgrRNatbzX/DEV6NTsI5VNzZ/aNRu3hMsf3lEifMhIwR0rzT/AIKz +FtRufBfwq+I00+p2nhnwZ4pgm1q60d/LvrG1uCgF3A+DsliKERPghZHXPWv0o8GfCL4VfDnUtS1 n4f+DtH8NX+sEG9n02wgtJLjBLDzWiRS3JJ57knqa7q+sbLU7KfTdSt47u0ukaKaGZBJHJG4wyOr AhlIOCCMEUAfz3/H/wAO/smjwNo2lP8AtH/E743N4vvLSC08M6Z4ptdWnnaRt0bzWs0DLGUcAKsq h/MIAXOSv2BqOlR6Z/wVQ+F2mOJHbTvhUIlNwyvMDHdX0eXZPlL4yGK8Ek44r708Ifs6fAH4f+ID 4r8DfDnw9oGs87byx0y2t50DDDCN0QFAe4XAPeu/m8E+DLjxbB4/uNA0+XxRa2psodVa1ia/jtSz MYEuSvmrEWZjsDbcknGSaAPzo+LyqP8Agqf8CGA5PhTWgT3wIb3Fcp+yB478HeF/23P2ovAfiPWL bTfEHibxDp8ml2VxII5r1YYrySTyFbBcojKxA52kHpX6hXngjwZqHimw8c3+gafc+JNKieCz1OW1 ie+toZQweOG4ZTJGjBmDKrAHJyOTWFe/CL4Val45tvidqHg7R7nxfZgCHWJLCBtQj2rsXbclPMG1 TtHzcDgcUAfzj4Df8EdUU9D42x/5Hr9MP+CtHgnWda/Zm0HWtEgu30vwV4l07U9STTyEnh09IZ7d pojg4aJpU2nBC5LHhSa+/f8AhSXwY/4Q7/hXf/CA6B/wign+0/2R/ZVp/Z/n5z5v2Xy/K3553bc5 716XNDFcRPBcIskUilXRgGVlIwQQeCCOooA/nt+Ntl+yNB8HYdYuv2oPid8VLXxMbaGHwta+K7e/ vbsyyKQlxYzQHy/LI3ETIDuUKAWIFfS+qaDF4V/bt/Y+8MQQ3lvFo/gfUbNY9RaNr1Ft9KuYwty0 QEZmAXEhQBS2doxiv0T8O/s1/s9eEPEqeMvCvw08OaRrkTb47y00q1hmif8AvRskYKMe5XBNei33 gjwZqfijTfHGpaBp934j0eOSKx1OW1ikvbWOZSsiQXDKZI1dWYMFYAgkHqaAPxA/bW8UeKf2N/2i PiB408D2sx0/9ofwjLYQLbqf3XiK3aO285QP444pPMHcvM3FfrP+y18G7f4BfADwT8KkRVutGsIz fMuCHv7gma7bPcGZ32/7OB2r4+134X/tG/tO/tPeENT+Nfgaz8F/C74P6ve6lYOL6G9m167jcCyl CoxaOPCRylXRQBvQlmICfqBQB+cf/BTLw3qNr8GfDnx38NwmTXfg14j0zxFCV++1usyxTx/7pLRu /wDsoc8Zr81LzTtWi/Z8sv8Ago19ilOtn4sv4rIIAkHh+S5+wi064x5qCMc42nGe9f0Z63oei+Jd IvPD/iPT7fVdL1CJoLm0u4knt54nGGSSKQMrqw4KsCD3rnX+Gvw5k8Ff8K1k8K6U3hARiH+xjYwH TfLD+YE+y7PJ2hxuA2Y3c9aAPxh8I+F9V/4dg/G741+KYtviL4xzap4mui33limuljgTP9zCtInt J+A+qvFnw/134gf8Eq9K8FeC7Z59UvPh1oU0FvB/rJngtLa6eNR/E0gRlx1YnHev0An8C+CbrwgP h9deHtOm8LLbJZjSXtIW08WsYASH7MV8ry1AACbdoAGBW3pWlaXoWl2eh6HZw6dp2nQx29tbW8aw wQQQqEjjjjQBURFAVVUAAAADFAH5p/Az9ub9mPw3+xt4X1nW/F2mWeoeEvDVppt3oEs8aak95YWq 27W8VmT5riV0+RgpQqcswAbH52ah8PfFHgb/AIJz/ADTfG1lLZT618VtO1GK1uFKulpdR33lbkYZ AkUeYAequD3r95779nL9n7U/Fb+OtR+G3hy68QyuZXv5dKtXuHlY5MjSGMlpM/xnLe9egeKfBHgv xza2dj420DT/ABBbafdR3ttFqNrFdpBdQhhHPGsysElQMwV1AYAnB5NAH50f8Fa1U/sv6WSMlfFe kEex/fCuD0z4ieF/2X/+CjXxY1L446gvh7QfizpOl3Wha1e5SzY2EMcMls82NsZVg4+YgAIm4gum f1T8W+CPBnj7S10Px3oGn+I9NSVJ1ttStYryATR52SCOZXUOuThsZGeDXwP+0poX7U9h8W5tc0b4 c6N8f/hDqdnEo8Kal/ZttNpd+gVXnilu4XaRZApOP3nLsNqhQxAPA/hv8b/h78eP+CrS+Ivhlepq ujaJ4Hn0n7fECIbuaGczSSREgFkUzeWGxhthKkrgn9S/D3xn+GXiv4j+IvhJ4f1yO88XeE44pdUs FilV7ZJgrIS7II2yHX7rHrzXxF+yz+z18Xj+0Brf7Tnxp8MaV8OiuiJ4c8PeE9Jkgni0+y8xJ3d5 bbEOS4fAXqZHJCgKD+gOmeAvAui+J9T8baP4c02x8Ra0qJf6lBZwxXt2sYARZ7hFEkgUKAA7HGBj pQBzel/Gf4Za38VdZ+COl65HP438P2aX99poilDwW0giKyGQoIiCJ4+Fcn5unXBB8Z/hlc/Fe4+B 0GuRv44tLEalLpnlS71tDtxJ5mzysfOvG/PPSuktPAXgXT/F998QbDw5ptt4p1OFba71aKzhTULi BAgWKW5VRK6ARphWYgbV44FEfgLwLD4wl+IcXhzTU8VT2/2STV1s4RqD24x+5a5C+aY/lHyFtvA4 4oA6yiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooA8/wBZ8fWem6k2 lWsDXE0bBZGJ2qp9O5P6V0+ia1ba3afabcFHQ7ZI2ILI3UA49QQR7EfSvIPHXg7V7bV7jxDo0bXV tdgNcRIMyRuoxvVerA9wOfauY8PeJ30+6VxP9nmX5cnlHUH7rA8de/X0Nfir4/xmAzWphs1XLBt8 uiStfRqXXTe73utGfoC4aw+JwUauEd5WV9db9U10/pn0/RXmh8feVEJJltyp/jEu0dOu3BP3ugz0 59qv2Pje3uGBZUlQ/wAUL7iP+Anmv0OhxlltSapxrLmfTr/w3nsfLTyLFRXM4aHeUVWtLy2voRPa yCRD6dj6EdjVmvpYTUkpRd0eVKLTs9woooqiQooooAKKKKACiiigAooooAKKKKACiiigAooooAKK KKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKTNAB1opaPegBO9FFHWgAo7UYAoo APrR9KKSgBcd6Wk60YoAKKDRQAcUhpaOvagBD0p1Np1ABRRRQB//0P38oorhviJ8S/Afwl8LXHjT 4j63b6Do1qQrXFwx+Z2ztSNFBeRzg4RFZjg4BwaunTlKSjFXbGk27I7mivm34Pftd/s8/HjWZfDf wz8Xw6jq8StJ9jmhns55ETOWiS5jjMgAGTs3FRywFfSVaYjDVKMuSrFxfZqxU6cou0lYKKKKwIPL fi18a/hV8CvDf/CW/FrxLaeG9MZikb3DEyTOBkpDCgaSVsc7UVjjnFfI/hj/AIKkfsWeKNdi0CPx tJpjzuI47jULC6trViehaZo9sa/7UmwDua+Ovhj4Q0b9uL/gof8AFbxL8Xbf+3fBnwakbSdL0icb 7Iyw3D20ZkT7rpI8E87KwO9iobKLtr9SvjD+y78FfjP8ONR+HHiLwrpsFtc27xWlxb2cUU9hNtIj mt3RVKMjYOAQGGVYFSQQD320u7TULSG/sJkuba5RZIpY2DxyRuNysrLkFSDkEcEVYr839BsviL/w Tv8A2GNauvE2tW/xIv8AwMVlsI2SSzijtbu5hiFr5jPK7rE0rsjYXCkIFAUGvsr4UfEa6+IvwS8J fFi7sks7jxJoFlrL2qOWSJ7q2W4MauQCQpbAJFAHq1FfmL4F/b88SeLv2IPGP7Wc/hC0t9R8MXz2 kelrdSNDKFlto9zSlNwP+kE4C/wj1rkvgj+3d+018cPEOgeItB+BhtfhdqkUyza3PcSqEktLd5Lm VZApTyhLG0cYKfM2E3hyQAD9Z6K/EX4bf8FMv2ofjnY2t78FPgCPEMemTJFrcy3MrW8bzSERRQyB Rg+Xtd2YOVySU2gM31H8bf22fHGmfGdv2bP2Zfh7/wALJ+Idhbi51ZpLpbfTdNVlVtskpKhiu9d5 ZowpZUBZyVUA/Reivzq+Cf7anj29+NVv+zd+1J8Pf+Fa+O9VgNxpE0Fyt1pupKqsxWOQMwDEK2zb JICQUJVwFbz7x9/wUH+J+k/tI+Nv2Y/hj8Jm8beKtHltotIEF4II5VeBJ7ia8kkAWFIw4C87ST8z rxkA/VauTPjvwZ/wmi/Dga1aN4oazfUf7NWVWuls43SNp2iB3Km+RVBYDJPGcHH58/Av9t/4raj+ 0Jbfsw/tQ/DVPh94x1i1e60ua0uRcWlysaSS7chpFIZIn2yJKw3qUIDdPh/wX8QP2pIP+CnXjvX9 L+FlldeNbrQYbS+0dtXt0itdIDWCrei5L7HcosTeUpLfORj5TQB/QlXjvxl/aA+Dv7Pugw+I/jB4 otvDlndOY4BIJJZ52AyRFBCrzSbeNxVCFyMkZFexV+E37cE/hr4Vft+eAvjZ+0f4ZufFPwjfRks7 RvswurS1vk8/5ZIXPlyMkjCYoeSrBlDmPbQB9xeCf+Cmv7GHjnWY9BtPHo0q7uJRFCdTs7qzgkJO AfPkj8lFPrI6V9VfFr4w/D34HeA7v4l/EvUzpfh2xeFJblIZbnDXEixx4SBHc7mYDIU46nivgf4g n9g39uz4YXvw28AeKPC1r4mv4gNHuDbx2WqWd0CChit5lt7h1yNrxrwynHoa6H47BP2S/wBgO10X 4l6Zp3xlHg6LTdOkh1a38q0vE+2JFbl4nM+DBGUC5JyUB4zgAH3HqvxW+HWg+DNN+IPiDxBaaV4f 1hLZ7S6vH+zrP9sUNAqLJtYySBhtTG/tjNeg1+Af/BSvxr8TNW8DfANtE8C2dn4Mml0PU9NuIbuJ AdWmt3K6YsGVaOKOLbtlKhecZGMV9yePf2wPjN8JW+A2hfFD4c2WieJ/i14hk0XUbFdRW5XTYheQ W8UscsG9JWeKcSY3AA/Ke+AD9GKK+aP2vPj1qP7NHwE1/wCMWlaRFrl1o0tlGtpNK0Mb/arqO3JL qGI2h8jjkivKPjp+21Y/BT4OfDfxnH4Yl8TeNvinDZDRfD9nLtaW5u4IpGBkKs3lxvMiDajMzOoA GSwAPu6uV8a+OfB3w48N3ni/x5rNroGi2C7pru8lWGJPQbmIyzHhVGSx4AJ4r8rviB+2/wDtpfs/ Wtj4/wD2hfgLYad4BubiKCebS9Vjubu1M3CiQpLMm703IiM2F3qSK86/4LA+N/GfiP4A+DpPDegw 3nw31u60/VP7eNyiyrdyw3Bt7cWpIkKyQsZC+3AI2nmgD9Xfi/8AHz4V/AjTNE1n4o6w2k2fiG+j 02ykW2nufNupVLomIEcqCFJ3MAPevY6/Jj9ob4/+NvB/wP8Ahx4l/aX+B2g3Ovat4uh06DSL67h1 KCzjMLNFfRSxiZRMcMMZBA69a+g/2sf2zYv2fvEXhr4UeAPCs/xB+KPjIb9N0W3k8pUhLFBNO4Vm CsyvtAHIRyzIq5oA+5KK/KVP28fjz8E/GvhzQf20/hFD4E8O+K5xbWuvaXfR3tpbTORhbgJJKoCg kyfvVcKC6o4Fd9+1b+3fq37Nnxu8IfCjS/A0njNfFulNdWq2UxF5NfzSTQWltEm1lKyTIgZ/mYKx KqxABAP0cor8kp/2+f2jPg78RvCehftafBeHwR4V8bXiWdnqdjqCXhtWkKrmcxvLGxQsC65jfZll VtuD9j/tAfGX4w/DLxz8NPDnw0+G91430nxdqD2utX8CTsmj26zW0YmkMMbqAUmkfLlRiM84zgA+ pqKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKK43XvGOn6RugiYSzjIOOQD6YHU+3HuRXkZ3n2Ey6g8TjaihBdX+SM6lWMFeTOxJAGWOAP WvH/AB1pPgXV/MZ9QjsdU5Ie3HnOx/24VyX/AEb0YV5/rXjS91KZhMxMafe3ksoJ6Dy1+X8CCfU9 KzjdapLFtt0+ywsOSQEY/wDAVwB+lfzXxR434LMqNTDYbCe1h05k236K8eXX7XNbs29DlwfE8sPW U8PJprr/AJrr6Hzn4k8T+NdDubm1svD7av5DEK8TNBvA/wBiRcqT6HvVLRfilqCTomuaHqGhS9pW QywAj+86fd+pGPU17prVxBp9lF5MRe4eQKWJBUgg8Bce2c5qhNHHLHEyqAzIpYEZGSOcV/KdbE42 NWUPYxutdJSur7K7Vrr0+Z+rw8ecOqao1cFFu2sk5Jv5czj8uU2fBPxs062vYmvruOaJyqNLGwYE E9H25/A9RX1Lp3i7R9ShWeCQ+W/Ruo/SviZLSz0m/GtW+mQG6i5ExVSy+44B/nXe6X8QpJI0lu4c o/Rhxn6A5Fftnh145YrLYfVM1m3FbOUXL75J3t/27r3Pz3ivjbL8bVhPBUXTdveu7p9raI+vIbq2 uBmCVX+hzVDWNZg0e3E8sbyluixjca+Z4fil4Uk1pPDaanEmrvA1ytsXxL5KMqF8c4XcwGeMnp0N eQ/GH4va94ZtY7qN5Lg+ckMakMV2McsSV7YB79SPpX7DxF49YelgVLBJTrTsoJNbu+rT1S0ffU+O zPimjhcPKvV0S6n2jZfELQ7lvLuN1rIOCHHSu0tbu2vYVuLWRZY26MpyK/N7SPjw97Gkeo2quuMZ JWYfjnDD8K9/8F/FXQPsyRWV19nLHLRhyQGPXCv0FfN8C/SAq1MR9XznljG3xNcjv0WkpQf3x8kc +WcXUK7spp/gz6qor58HxH1A3rvaalBMpP8Aq5B5Qx7Fht/UV1tt8S/JUHV7F40P/LSP5o/++hlf 1r9PyvxxyDEylGVRwSdrtXj680HKK+bR78M2ot2bserUVj6Nrum69bm506XzEU4PqD1rYzX6rgcd RxNKNfDzUoS1TTun6NHowmpK8XoFFFFdRQUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFA BRRRQAUUUUAFFFct4s8b+EfAmmHWPGOr22j2g4D3Mgj3H+6gPLN7KCfamk27ITdtWdTRXyx/w2n+ zaLoWsni5Y9x2h3tLoR5/wB7ysD8a+gPC3jXwh4309dV8Ha1Z61aMB+8s50mUZ7NsJ2n2ODVzozj rJExqRezOnooorMsSloooASiiigA96KWkoAB0ooooAKO9HSgUAFFFLQAUlLSUAIadSUtABRRRQB/ /9H9/K/ET/gsjp3i+TT/AIa6rCsr+F4JNQimKZ8pL6QRGLzO25o1fy884V8dTX7d1h+JPDHhzxjo l14a8WaZbazpN8uye0u4kngkXOcMjgqcHkccHkc162R5n9TxUMQ43t09VY6cJiPZVFO17H8h/wCy fp3i/VP2lPhtb+BllOrJrtjKDFn5IIpVe5d8Y/drCHMg6FNwPXFf2GV5P8OfgT8HPhHcXV58NPB2 meHbm9G2ae0t1SZ0zu2GTl9medudvtXrFelxTxBHMKsZwjZRVtdzfMcaq0k0rWCiiivlzzz8Qv2Y td079mT/AIKOfHD4RfEC7XRrX4pXP9raLNcERW91JNcy3VtEjsQCxS5mjX1kjZPvkA/sF8TPiV4N +EPgbV/iJ491GPTNF0WB55pZGALbRlY4weXkc/KiDlmIAGa8f/aR/ZE+CX7VOj2un/FPSpDf6cGW y1SxkFvf2qv95UkKsrITzskR0zztzzXyJp3/AASR+B82p2M3j7xx4x8aaTpjhrfTNR1JPs20cbGM cKyBcf8APJ4z70AeX/E79ozxr+1Z/wAExPit8UPE/hCLwtG8sNtZLDcPcLdwW1/aGSdQ8alFV90f 3myUY8YxX25+zx448K6J+wd4C8aajqcEOjaP4GsvtVy0iiKNrKxWKZWbOAySIyEddw29eK+jbr4X /D+7+G8vwhl0K2XwdNp7aU2mRr5cAsmj8sxKEIKjb0KkMDyDnmvz48O/8Em/2fdC1SOK68T+LNW8 JQ3S3a+GrrUk/st5FbdiVI4UZ07feDY6uaAPgX4L/wDKGn4tf9hqT/0q06v2D/ZksbbT/wBh34eW 9omxH8D2UxH+3NYiVz+LMTWN4c/YS+EPhf8AZq8Sfssadqutt4S8UXbXlzcST2x1CN3khl2xSLbL EFBgUANCxwTz0I+kvBXw20LwJ8LdF+EekT3M2j6FpEGjQSzsjXLW9vALdWdlRUMhUZJCAZ6KBxQB +dX/AAR0sba0/ZDluIE2ve+I9RllP95xHbxg/wDfKKPwr4t+DXw3+NPjH9uX9pHwj4B+MLfCbxS+ tXV95Z0uK+l1PT3u5pIygmkQosMcsLYXO5ZAei5P7W/s3fs6eCf2Xfhsvwu8AXuoahpSXc96JdTl hluPMuNu4boIYE2jaMDZn1Jryz9of9hb4N/tEeK7H4j6ldar4Q8b6cipHrnh+6FneOqKVRZSySK2 wHAYBZMfLv2gCgD4B8cfAfXvD37VHwQt/wBof9qL/hJvGum6vbX2gaUfDEnnTxi7hMkTS2crLAk5 i2CSb5QA7dFavVv2arWB/wDgqb+0hesgM0Wk2cat3CyLYlh+JRfyr6T/AGfv2Avg38BPHUvxW/tH WPHHjiRXRNX8Q3S3c9uJF2OYQqIAzLlS7bnCkqGCsQfW/A37M3gPwB8efHH7Q+jX+pTeI/H0ENvf W88sLWUSQCMKYESFJFJ8pc75X74A4wAfCv7T0ca/8FPf2aJlUCR9PvlLdyFW6wPwyfzp/wAOmVP+ CxXxRDnaZPA1uFz3O3Sjx+Rr7n8efszeA/iH8dfA37QetX+pQ+Ivh/FNDYW9vLCtlKswcMZ0eF5G I8w42SJ261478fv+Cfvwi+P/AMUrT4y6hruv+E/FUEMUEtzod3FB9oSDiMuJoZsOq4XKkAqACD1o A+66/PfVP2uPA+vftZeIv2MfjX4Q07TtIa0hk0y+1WeO5tdYmmSGWOH7PPCsalxI6oN75eMoPmIF foRXyt+0n+xp8Cv2qYLF/ijpUy6rpiGK11TT5fs19FExJMW8q6OmSSFkRgpJK4JbIB8dftm/8E/P 2PbD4O+MPihp+mW/w01nQrC4vba+sJ2trV7mJGeGBrVmMJEsgCKsSJISQFJOBXzD448eePPiN/wR lTxB8Q7ma/1GK/tbOG8uCWmubW11ZIoXdm5cqF8vceW2ZJJyT9T6T/wSA+AqapZy+MPGfi3xVo+n sDBpl7fxLBsB+47RQq4XHB8sxn0Ir7e+L37Mfwx+MPwNb9nnUI7jw74QVbOOGLRjDbyW8djIkkSR GWKZAuUAOUJIzznmgD8xP2/GWP8AZg/ZalkO1E1jw6WY9AP7OzzXo/8AwU3v7PRvjL+yhr+qTLa6 dp3jRZrieQhY4o0utOdmdjwAFViSewNfbHxs/ZF+FXx6+Cmi/A3xs9+uk+HFs/7OvLaZI76CSyhN vHJuMbRsWjZlcGMqckgAhSOCvv2Bfg14g/Z4sf2cPG2pa34l0fSryS/stTvbuM6raXEpYloZliCb QHZQjxuuDyCQpAB5b/wVs8S6Jo37GniDRdRu44b3X9Q0y3soWYB5pIbuO4kCL1O2ONicdO/avIvj l+0V488AeB/2ZfgZ8GdG0a4+IHj7RtHFjqutwrLBpmYLeGJ4Q4IErSHO7DbQmAjsy49Gh/4JMfAG +0K+0nxv4s8XeK7ie3W0sru/1GGSXS4llST/AENWt2jRmCeWxdHGxm2qpwR7/wDG/wDYa+DXx48A eDPBHiebUrC6+H9tBaaNrFjPHFqUEcEccYDOY2jfd5SM37sYYZTYSaAPyt/b8+Ff7TXgn9na+8Sf tH/tCp4mk1C8s7ez8M2OnQ2NpezearsS0fkmQQIpkGYeCoJIOK9W/wCChp8z/gmT8IpF5BPhU59j pMtfSb/8EsPgZ4g0jULX4oeLfGHj3Vbu2FrbanrGrefcaaoZW3WQMRjRiFCnzFlGOABX0h42/ZG+ GHxE/Zy0r9mXxhd6nqPhzRLWztbO+eeIalF/Z6hLeUSpEsRdUGzmLaVJyueaAPib/grG6SfCz4MS RkMreNNOII5BBtpcGs/xDeWPhT/gsXot943lEMHiHwotvoUk42xidoXj8uNjxudo51HPLPt6sAfo OD/gnD8JX+Efh/4Oaz4u8U6ppXhrxEPElpcT3lq1ytwsKwLb7mtWUWwVdwQKG3EkOAcD3P8AaS/Z N+D/AO1Poen6X8TLS5hvtHdpNO1TTphb39mzlS/lSFXQq20ZV0ZcgEAMAQAfH/8AwWE17wxYfsmj QNWkjOr6xrdgNLhODK0sBZ5ZEXk4WLcrN0G8AnLAHyPxxpGoQ/8ABRD9kfSPFMZbUbPwWgulcfML q3tL5mJHqJFz9RX1L8L/APgm98IfA3xE034o+NfE3iP4na5oRB0z/hJr1b2C0KHKOsflqWZDyu5i qthgoYAj6E8YfszeA/Gv7Qngz9pTVb/UovE/gazmsrK2hlhWwkjnWdGM0bQtKzAXD4KyoOFyDg5A PhX/AILFxxn4G/DqcqPMTxxYKG7gNZ3hI/HA/Kv1nudR0+ykiivLmKB7g7Y1kdVLngYUE8nkdK8C /aU/Zm8B/tS+EtG8G/EG/wBS0+y0PVYdYhfS5YYpWuIIpYlVzPDOpjKytkBQcgfMOQc747/sp/Dz 9oTxt8OfHnjTUNUstQ+GN+2oaamnzQRwzSvNbzFbkSwSsybrZBhGQ4Lc5IIAPpqiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK4bxV4207QLWW KJ997gqihSVV/dunHXHWvGz7iDB5ZhZ4zG1FCEVe7/Jd32SM6taMI80mZ3jjxcumI2m2UmJ8ZlYH 7int9TXzdrviBBGywPyep6E/59K09QuGukd7mRjLKS7HOSSfWvK9fzzsYEflX+Zvib4j4/iDHurV 92k9Ix7L/Nrd9X2VkfD5vmVRpySOn8L38oguhIQy3haJkb+4wA3j0ZGAYEc8Ed61rfxLNcWircnE uCj8YIYfKwI7cj8K4GEmGCKMdQB+Z5qrc3xN87RbmeVQ0gXJPmDjd/wIYz7gnua8TKuJalGiqNL7 PTum/wBN16vq9fJhXnTjFv8Aq50niHWEa1jYAMVkjAznjcwXt7EitCW/TdgYx0A9u1ecXly1xEI3 icbWRuoz8rBun4VFP4ihich4Jd3oo3H8hRDOq0pym43bt+Bz1MTacpS2sv1/4B1+rajEdOui8oiB XazMcABjg89uD1r43h/bL0Lwpreu+FdZ059ShsruSOylsdrrKgYrhizAHGAAy5BwfqeQ+NWrW+v/ ABIi8LeDbC/PilbKWS8kj2JYXFqIwWtbslxuYhogMYZfMQ7sZ2+NReN7S+8I3fwv+BfhSTS/HFvG 0evC+CxX1ntYrIDPKQrlm6FZMKp4UE8f0NwDwpl9SgsXj487nGOjagqcW378nd2TtZPrto2j2cvw 8Je/Py62su7I/CPxe0pv2l4PHl7Jdafp+r7rW6e8YB0imXAyFARUR1TaAOFUck5NfotpfxB0HWfH 918N9LvftWp2trJdyqBlI4lkWNRIwyAzliVXrtGTgEZ/JqH42atpfhLUfhp8W/DqajqVmjxafdXc ZE8MinBVpMBm8vBYENk42kkV3nwp+OKfs2afFqGoeHo9ck8b2cWqNfxXDRSSMWYeS29XAEJLKQMH J3HrX6F4geFeGzZQrUqPvwhyQUZK00tYyUtNIq+ltdOiZ6WNyt1LOC12338/uP1F1LwZo93IZL/S UDnnzIP3bZ9cpj9RXK3PgeONSulak8Z7R3Ch1+m5cEfka734X+N9R8ceCtP8V67pB0GfUUMotWk8 11iJ/dsxKpguuGxt4BAPNdZcmyu0Z3jzn7uRkt757V/IOc5XUy6cqU69nFtWbUtu26+77z4nE8P4 eTb5Un5afla/4nhKx+ONDQeTAbqMd7aTf/443P8A47V3Tvi7rWkXKxzxSQyr94HdA+P5foK9Oazh 6BSmOmDVa40/7QAkypcL2WRQw/Wvm6Wc0nJSqU1fum4v9f0PPeUYql/u9Zryav8Alb8mdf4N+POj JuW/Igmcgl2QIW+siZH4mu/k+JcN9fG+0zWJsHHcSIAB0G0g9fXrXzZeeENAlOZbL7O/96Elf06G mw6M1mgWykV1XoH+Rvz6frX2j8R8f9UhhaVeXLF3V7p31+1Fp9erv5np4bNcfS9ysk13V7/d/wAA +1/DXxesZB5euS7osMftKIcLtGfnUDI474xXrmja7pevWMWo6XcLNDMMqQeeDjkV+dOi6/q+kvJH CrR7Dh1HI/8Ar8fpXqWgfEl7ZRA8caqOyrsI/wC+cGv2bgH6R+Lwajhc5XtIK/vWvLdWu7u6Sv0b emp+iYPiXDyw0Yzg1UW7vo1r0avfbrbyR9t0V4DpHxNjdVX7Qy+z4cf0P616VpHi+21KZIPlO/jc p6fUGv6a4a8XMizRxhhq65nok9Hf03/A76GY056I7Siiiv0w7wooooAKKOtFABRRRQAUUUUAFFFF ABRRRQAUUUUAFVru8tNPtpb2+mS2t4FLySyMERFXklmOAAB1JNTSOkaM8jBVUEkk4AA6kmv56/2r Pjfqniv9oHxF4QtvFtv4j0Ozcvbi1kIt7KJIxvTax2l0H32UlXbPTO0dGFoqpUVNytcmqpqm6kY3 S38rn6HftCft8+A/h3pl1pXw2li8Qa3zGLo5GnwNjlhJwJ2HGAh285LcbT+GXxU+PXxM+Kevvf6h q6apqFwNpmnuoV2KD91EZlVEB7KAOuK8T+K/xHsrzVZNO0kEJDkGQZIx7ZOT69e/rXk+jeINO0rU Lu+iso768lVVthcIs0Ss33nZWGDjsGBHY5Gc+zJU6CtBXf4nmqMqr99/5HU654n8X6derDrqXNrK wPlmVWRXH95CQAR3yPWuz8DfGPxx4J1WLXfC2uXek3ijCzW07wvtbII3KQceoxijR/DfjfUtNEen 2J1TS5wu+1mACQyHKkxvIVRcEZIDA46DgVBZ/BDxnJf+Q7Wmmwuww89yrlF7ZEO8kj2xmuyMGtzn kl0Prjwb+1T+0teahax+Afiff2l7cSBfsus332i1LHgbJb7zFjBPXzMIOu9QMD7a8J/8FBP2qPhb q+l+GP2i/hTPqS3zBIruyt3t57lSAd8DRCW1uOPmHlbQR3HWvg/wf8Jfh94ViFzqu7xPdQIH+80E TMOfkiVlyOMfOTnqSOlfREfxT8XS+F7Dw59tu7HSo1/c2BkXyrPIJVFSEmMYyRwScE8nOTlXwkJP YuliZRVmz9tfhV8efh78XoTD4euZrDWIkEk+k6jEbXUYFwpy0LfeUbl+dCycgZzxXs1fzSX/AIb+ IXxDlTxJ8JbmeHx74NifUoPsz+VeXFpGwEyQsvzNLEWEixggMnm4y21T+nH7EX7dFl8ebeL4c/Ep 4rDx7axkxyjbFDqqIDuaNRgLOoBLxqNpGWTA3Knj4nBON3HY9GjiObc/SOiiivPOgKSlpKACjNLS UALRRXxn+19+1FZ/AXwuNG8OyRzeMtXjJtUYqwtIuhuZEOc9CI1IwzAk5VSDpSpSnJRiRUmoq7PW /iv+0X8JPgyVtvG2tpHqEgDLY24866KnoxRfuKexcqD2zXIeCf2vfgv42hSaLUJtJ82VYohfRhPM LZwQY2kAHyn7xH5V/OJrnjC/8Qavdavqt3JfX15I8k89w5eWV2IyzOxJJPc5rvPAviC6s1kIndLQ FTOqHazIueAw5BJ7jnqO5r3f7Jgo2b1PL/tCV720P6efDvjTwj4uR5PC+s2mrCIAuLadJSgPTcFJ K5966av5gtH+IHizSvFMXiXwrqk2k6hAxaB4ZjEVzydzc7lJHzAgg9CCK/eb9lX47t8e/hkmvanA LXXtKmNjqcSjC+egBEijsHBzjswYDgAnzcZgfZap3R24bE861Wp9LUtJS1wHUFFFFAH/0v38oooo AKKKKACiiigAorzzxZ8V/h54GvY9N8Ua3FZXcgDCLa8rgHoWWNWKg9i2M12Oj6zpXiDTYNX0S6jv bK5XdHLEwZWHTqO4PBHUHg81Ti7XsZxrQcnFSV10NKiiipNBrMqKXchVUZJPAAFZH/CR+Hv+gpa/ 9/0/xrjPjT/yRzx5/wBgHVP/AElkr8QP2JP2Rf2GPil+zP4S8c/GY2X/AAl+otqAvfO1+WyfEN9P FDmBbiMJ+6RMfKMjnnOaAP3/ALTUdP1AMbC5iuQmN3lOr4z0ztJxVyvz8sNI/Zc/4J9fAjxr8avh Ho81/wCG5JtPOoJpuoNqL3En2lbOLy3uJ2QbGuCWAYcZ6nFfSXxW+O/h34TfAnUPj5rGn3V5o+nW FrfvawbPtLR3TRqqjewTcDKM/Njg80Ae1S3VrBLFBNMkck5IjVmAZyOu0Hk49qSK7tZ5ZYIZkkkg IEiqwLIT03AcjPvX5R/tJeKbPxz+1D+xB4206KSC08QS6vqEMcuPMSO7tbCZVfaSNwDAHBIz0NdP +xR/yd7+2F/2H9E/9AvqAP09qvPd2lqYxdTJCZWCJvYLuY9AM9T7VYr8rP8Agpd/yNX7NH/ZRNN/ 9GRUAfqXDd2lxJLDBMkskBxIqsCUJ7MB0/GmyX1lDcR2k1xGk8vKRs4Dt9FJyfwr8tvhXa/8Ka/4 KhfFDwTj7PpPxf8ADlr4jtE6CS8tH2SfUlvtbnuM/jXwr+15r3i/xT+0/wDEH9rHwtLJLo/7NOue FdIRF+7MqzyNex/8Au2KMM42yc9eAD+ja5uraziNxdzJBEuMvIwVRnpyeKat7ZtOtqtxGZmXeEDD cU/vAZzj3r8sP+CkOqwfFzw58DvgB4aufOh+MPimxlaSI/f0m2VXlk9dq/aI5c/7Fcp4w8W+DPhZ /wAFRrrxZ4tv7fQfDnh/4ZeZPPKdkUEMc21QAOSeioqgliQqgkgEA/Xy5urazhNxdypBEuMu7BVG eBkninQzQ3ESz28iyxuMqykMpHqCODX4yeG9E8bf8FRvHUXjvxmLjw3+zZ4UvnXS9IEnl3XiK7tz taW52HKoOQxB+QExxEuZJV/Y7RtG0nw9pNnoOg2cOnabp8SQW1tbosUMMMYCoiIoAVVAAAAwBQBa S7tZLh7RJkaeIAvGGBdQehK9RmrFfn54N8VfBXw/+2P+0FqmjaRrC+O9D0LS7zX7mWWJrC5torCC SBLSPO9XEQRW34BYHnFeb2P/AAVK8I+J/B58d/Dv4ReNvFeh6ZE0utXtnYKbbS9m4vHJMGZHdIwJ HwQiowJfrgA/UuivMvg58W/Bnx1+G2ifFX4f3D3Oh69E0kJlTy5Y2jdo5YpEydrxyKyMASMjgkYJ 8n/ae/az+Hv7KFh4X1f4i2V9c6f4mvnsllsY0lNuY03s7ozKzDHQLk57UAfUtFfAHgz9vzw/qfxB 8N+BPil8N/FHwti8bt5egaj4gto4LW8lIBSJ2DnypXLKFU7uWUMRkVl/GL/gox4G+E/xe8T/AALs vAXiXxf4x8ONZEWukWyXAuorq0S8klTaxdVgjdQ+5MljwNoLAA/ROivhT4ift5eCvBUvg/wvoXgr xH4r+IHjPS7fV4PCun2qPqdlbXEfmKb4B2WBgM7lBdlxlgFwT2P7P37Yfgj46+LdZ+GN9oGr+Avi B4fiFxd6Br1v9nujbnaPOhIJEkYLr/dbBDbdpDUAfXVFfnp4p/4KEeHB418QeDfg18NfFXxZTwhK YNY1Dw/aLLZW0qEh445CcyupU8AANglCwGap/Ez9tTw149/Y28XfGX4GaXret3ElnqWlTxWcAjv/ AA9efYJpDdXy7/3UVqQjvIjMMMpUnsAff9n4h0DUNRuNHsNTtbm/tBma3imR5ohwPnRSWXqOo71s V+Qf/BJr4ffDqw+Gw8d6Z8NtY8OeLptOihvPEupmT7NrsV5PJK32EGVo/LiMEYYiND90kkkmv18o AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAMbxBrN r4e0W81u9yLeyjMsh/uqvVj7Ack9gDXzVcTw6jcPLeyiVhyFb7pOeua97+It9pum+AfEV9q+PsUO n3JlBwQU8tgRg8HPTHevyp/Z6+Ntl4sguvAupXKjV9DyIQzfNPZrwrjJyzR/dfHbDHrx+AePvDuM xmBpYnDrmjSbco+T6tdUrddtzwM9pTcYzSulv/mfS2qifzZGhcoCT8p+ZR7DPP6mvO5mvbjUVtrl RsJzuU5yPocV211dHedrcGsGYK14kpHO04xwSfSv8854KtSqS51c+LxNJztZ6dRzMF3OegBqppSx vbSvn5pi3PoOgpZTcZI8pWQ9QWPI+oFZtzqvh2ycwXHmWEqqGLAFo8HjJKjgZ9Riu7B0ZUry5b30 03JxFeMWpyaSXfQ3Ps2QEaQEDsBjP615V8ZYfHdl4Evr/wCFwjGvWpiljRo1k86NXHmxjd03Lk8c 8YHJBrv47k3IS70u8ivokOSY2DHHfoa3UljuIQ6g4YdD1HsfevcyavSjiYVmlPlafLLZ26SXZlUs RGTul/wT8prz4gfGTwla+MH17TYpPHUWmwmIQskslus1zP50wiXIYJEiE7S2AsbEFdxX5M8F6V8b NctNT8ZeCvE8l1fWMLyXUX2wvfiAEEny5QS6HAI2k9h1wK+yfjBpV5aeO9R+MZvEaw1u8l0iDTID JHqNybIpBHLZsisRKLiIuH4CgL94NtPnFj8PfFHiXSv+Fv8Aw0ubbT/GWjtuv7LTpkK3GRndEqfK sxAImhxskPKD5gp/vbh54OlgvbQpU4Opy3933VK1nBp7RTurrRN9dbfW4V0407pJc3lpft6HyXrf hz41+PtY/tu7s9RvdXcxQM6W5hlk3ZCAhFQP90jnPTFdxqPhz4s+G5PAQ+IukhP7V1UJEkoCzSB5 YkYSRKQBJwOWUggruBOa+9tP17VfjT8Px4/1xU+G9zo0XmWuufaTF9ovEIDBoWADWhKgFXZiWwFz tOfJNY0Dxr+1T4h0nTL3WbHw1qfhux+0QRKJW+1yStuF7auMboZNiYIO6MggqTydv9Zal+WvThRp 0uZTau+TRpcrjo1qr21js0tDX67J+7JKKV0/LTyP1S0S7UBQ/wDqYk3sp6YHY4xxXkOkfGbU9Su5 bm+0F/sTSN5ckMoMhjz8p8tgo5HOAw9qZb3fiXwX8IH/AOE8u4bnXVgSymuYMiOWRjsEgyq4LAhm +Uc5xxXN6JLbCxgWEgjAAx296/guOWQft3X/AHqUnFSu7abtPS97q1z928BPC7Lc4wGKxma0vaJS UI2bVrK7ejXdWvoen6r8VHjltU0DSJbsOCZjcN5Gz0AwGyf0Hqe27Y/EXRZlU6laz6fJ33J5sf4N Hk/morzEMB36fzqdGUMCcc/Tp+ledWyfCyioqFvNN3/y/A/Z8T4DcMyw6oxoSTX2lN8z++8f/JT3 qx1DQ9XQCxvYrlj2R1ZvxXOR+Ip81lEzYOM1856rpWm6lGvmxAspyp54PYg9RXpfgPV7mfTJNOut 8zWIG2V2LNtY/dJPJx2z247CvFx2SqlT9rSm9N01+t9fuR+EeJXgNDK8vnmeCrOcIW5oySTSbtdN O0tbaWRqaxqkOhXUZmXO9xEB3OQT+nNX4r2wulBb5c+o/rXnfiqdtZ1y3glY7oy0zfVzgfy/Wult rGUooQhq6a2WpUoT1u/6R/LsPa88lFXj0OyiTgfZpSfTBzXRWmv3nhyE6tqM0dta2oLtLI3lhQg3 cFjgnjgdT0FfMGr694kudSurPSroafZ27mISIivLIy8MdzhlUZyBgZ759MVtGt9RuI7vWLmfUriM YR7mVpSoPULuJCj2GBXpZbkqpSVWrUs9GuXddd+j++x/WHBf0bcZiKdLF5nXVKMkpcsbynZ62e0U /m7duh94/Dv9r7wf4ttYhqNsbaYjB8mQP+aPtYe/evovSfiT4J1pN1pq0KHuszeS35PjP4V+V0Wj 6RJAkc1vHKEGBlQSPoeorUhtZLOB4dNu5bbccjJ80L04AfPHHTNfv+W/SKzrDS5anLVj/fVn/wCB Qt+MGfsPEHgzk1eo5YJypeXxL/M+5/Gfx4g0rURY+GUiu44TiSaTJVz6Jgjgf3u/bjky6J+0Lo10 RHrVi9sf78LCRc+6naQPxNfBb3fiCHmeKG9UfxRsYX/75OVP50sHiSyikCXsc9q5IAWVMAk/7Yyt fNy8beKvrc8XSxCs38CjFwS7JP3kvO6b6s0Xg3lrw6pKHM19pPV+f/Dqx+qfh/xp4Z8UZGi3yTyK MmM5RwPXawBP4V1NflxoPifbetNA5gFuuA0ZwwdunOc9Ae9fpT4XivYfDemJqTtJdi3iMpc5beVB IJ9QeK/pnwb8WMXxF7bD4zDqE6aTco/C77Kzu09+rWnTY/DePuBVk8oSjNtS2T3+/r0+83qKKK/d T85CiiigAoo96KACiiuN8fePPDfw08K3njLxZM1vpliYxIyIZGzK6xqAq8nLMKaTbsgbMb4wfEmw +Efw31v4hajCblNJhDJCDt82WRhHEm7nALsMnBwMnB6V+Pes/wDBTb9oD+0Vj0Hwl4dktHcKpIuZ JOTkBx9oTbxwTt2jqTX374z/AGuv2Tde+GGu6j411q1vtIt0SO70e8hzdzyPl4Y47dx+9ZiuVdCU UjJdcEj+cX4xfE3wzo/xI1GTwzov9iaRfStJFpvnvcPZRv8AdjaR/mZscsM/KeFOOB6GDVO8qc1q uvReo54eooRrv4L97N97enV6pdd1f7D+O37f3xc+InhGLwDq+oWWlm+bbeHSI5Yo5UHWNndpH2Dq 5BAPAC8Et8D+ForqVNe1k4ZruX7PG/cRqBJKRnBOcL19D6mpETQvE8RvtEuIYL8qxQsBvGRnGOgz 6gZPOeeK6XR9M/svw7HpuoMuSjq5j65lcg7TjO7ae468UZbkkqVdYirLmeuq28kux7ec8SUq+FeD w1PkppxsvtN63b7vzPktY9V8Ra81npsD3V3dyELHGOST3J9B3JwAOTivr74VfAi2gvoptTC6vrgG 5bZSfslsP70rY+b6n5TyArnBr0b4X+B9F1eCKPwJYw6VaPEoubyRTJMRuAKs5ALt/EVyFGMnHGft zw34Z0Xwvp4sdGTdExzJIRmWR+cl2659uw6DFfNcQ8V0cBenTalV/CPr3fkfU8B+GeJzhqvXThh+ /WXkuy8/u8uF0P4WaJHHGNbMmqyjASIZgt48fwpFGQSP94kewr0/VPg1omjaBp3iO/8ACenW+n6u 0iW5eCHzX8k4Y7CPM25/ixjPfJGfUNQ8ceJfgh8Ar74ufDfSrPUvEkutxabNd3sLTppliY9xk2KR hnYhQSQCXQHPAPIeIP2ovC/7QngbQ7rVVj0/4haXcS211borLHNZMpkSVN3+0BlQcg5PQivlquAx 2IwUswrVpN2uknov6XSyP0TB53leEzinkmEwkIxUuWUmrt7r87atvToeG6n8H/Dt0puPDlzNolx1 HlsZrc+xjc8D/dZa831vSvGnha3/AOKhtjPYxnAu7UmWIA95BgMnr84Kjsa98gvpoWyenpWpDrC7 tw+VvavMyjjbHYV8spc8ez1+57n1vFHhDlePTnTh7OfeOn3rZ/g/M+avh/8AEjxT8MfHelfEnwU8 N1LpszSKrBnRo5lKSI6BgShVmHBB5zkECuR/aP8Aib8PfiBrFt8b/AVjceAPHlrdA6tYW7ubaaYO XF9aToFaGYSZ81HCg8MjF9wb1v4ieCdBudJvdf0CE6RqsI8zfb/LFJ8w3eZCMI3ckjDZ7181yeGL nxPvtNVshFcupH2qPAikVhjEiuVOeOhOfRj3/ZcgzSlmNL29OLTWjv8A1qj+VuMOF8RkmKWFrSUk 1zJrtdr5PQ/cv9hT9tTTf2hfDsfgbxzcx23xD0mL5wdqLqkCAf6REBgeYP8Alsijj76jaSE/RGv4 8/C3gr4m/DPxVD4j8Ga3BZ3mjyiaxvLe8WOaM4+71B77SG4IJHIJz9h2X7dn7T+molrqniy4t71V BeOW1tXPOcEbojlTg4IJrerlEpSvDT1PCWOjFe8f0k0V/Nvd/t6ftJz7m/4TSaPaMkLbWadv9mEf z/GsG6/bP/aEugJJPHGpDvmOTYDk9MIB0/Cl/YdXuif7Uh2Z/TNRX8vsn7VPx1uiJZPiBrXJ6rfz qPww4Hv9K5jxJ8cviZ4mh8rxD4r1TUlkGNtxeyyAj/dZsY+gqlkU+skS81j0R/SB8Wvjz8O/hH4a 1HWNb1e0l1C0hZ4NPSdDczyEHYojUlgrHqxGAOTX8yXxX+KHif4keMtU8Y+Jrv7TqGpTNLIxPyqP 4UQEnaiKAijsABXEan4yntYHaaYbBwBn17HH6V5Pc+KVvmfyjhuRk9eOR0P5CvQwuChR63bOOviZ VPQ6l7/5srJ8xJzj16n3r0Pw9qTf2M0ERwZ5tvPUogBIxjplhx3x0r5/hv7m8uI7eHl3YbRn26Z+ nXtXvnhbTblPsguITEsUeee5J3H+eMD0/CuqDuznkmegxzqpEbANjGc+p5Pv6f56ft9/wTp0uyt/ gxq+rx2/l3d/rEqzy8gyCGCEJ7YXJxgDvX4a7lzndhn5OBk5JzX7zf8ABPpNvwBLYIL6veE5bcTh Yhk+nA6dq8fNH7h6mAWp9wmlFJ3pa8A9QKKKKAP/0/38ooooAKKKKACiiigD8g/jhpeuaZ8VPEf9 uo4kuryWeF3zh7eRiYSp7gJheOmMdRX2f+yLpeu6f8P7651NHisr68MtorgjcgRVd1B/hYjA9cE1 9O3+k6VqmwanZQ3flHKedGsm0+o3A4q+qqihEAVVGABwABXXUxXNDlseDg8k9jiHX5r76eotFFFc h7x5n8af+SOePP8AsA6p/wCkslfkp+wB+w5+yv8AGT9k7wV8RfiV4Ei1rxFqramLm7a9voTIINRu II/khuEQbY0VeFGcZPOTX7Sa1o+neIdGv9A1iH7RYanby2txHuZN8MyFHXcpDDKkjIII7HNch8LP hX4C+CvgXTvhr8MtL/sbw3pJmNra+dNceWbiV55P3lw8kjbpJGb5mOM4GAAKAPz6/bt+DHgD4Mf8 E6fiL4A+EuiDRdDtZdNultY5ZpwrPq9m8r7p3kftk/NgAVm/tq/FXwCP+Caclxba3aXB8WaJodpp aJMhe6lMts7rGuckxojs46qFIODxX6f+I/Dug+LtBv8Awv4osIdV0jVIXt7q1uEEkM0MgwyOrZBB FfFujf8ABNL9ijQ21Q2vw3imGqwvBILi/v5vKikxuEBe4LRMezoQ4BIDAHFAHyd8Qv8Akq3/AATz /wCwbcf+m3Ta9g/Yo/5O9/bC/wCw/on/AKBfV9raj+z38INV1b4ea5f6B5t78Ko2h8NSfarpfsCP FHCRtWULNlIUGZhIeM9SSdjwT8Gvht8OvF/jDx54N0f+z9d8fXEF1rdx9ouJftc1sJBE2yWR449o lfiJUBzyDgYAPP8A9qP9o7Rf2XPhza/ErxDo9zrOnzapa6bKts6obdboOfPcsD8i7MEAEkkAV8K/ 8FAvGnhDx38SP2W/DXgzW7PXL+/8c6dfxR2U8dxm0E0C+cfLLYjJbhjwQGx0OP1L8d+A/B3xO8Ja l4E8f6TBrmgavH5V1aXC7o5FBDKeMFWVgGVlIZWAZSCAR87fBr9hj9l34B+K/wDhOfhn4LSy15BI sN5cXV1eyW6Sjawh+0yyLGSuV3KN+CQWwSKAPmb/AIKE6rD8D/ip8Bv2uPKY2vg/WbrRNVaMEs1l qtu+MgAnCKs2OOr+uKy/2RvgLe/Ef/gnz4tsPFKB/EXxzGua7cySDn7XqBZLOXJ7AxRTL2Bb61+j Pxb+D3w4+Ongq5+HnxV0Zdd8P3csU0lsZprc+ZAweNhLbvHIpBH8LDIyDkEiuv8ADHhrQ/BnhrSf CHhi0Ww0fQ7SCxsrdSzLDbWyCOKMFiWIVFAySSe5JoA/CT9gDxJqP7R/x++GGraxFILf9n74ftpU qTKcx6vLcTWKZ3d2sgDnsU9c47v47/AfwN+0N/wVU0fwV8Ro5LnQrDwfbapNaxtsF0bWaTbDIw5E bFwX2kEgYBGc1+rHws/Z/wDhB8FNW8U658MPDseh33jW7F9q8iT3E32mcNI4YLNI6xqGlchIwqDc cL0rQPwT+GJ+Lw+PJ0b/AIroad/ZP9o/aLj/AI8t27yvI8zyOvO7y93vQB+UunXl1/wTL/aebw7f M6fs7fF+7MtpIxLRaBqhwGUk/dReA2eWg2tlmgYH9q45I5Y1liYOjgMrKcgg8ggjqDXm/wAWvg98 Nvjp4MuPh98V9Dj1/QLmSKZreR5YWWWFtyOksLxyxsORlHUlSVPysQek8F+DvD/w+8KaV4I8KQyW 2jaJbpa2cMtxNdPFBGMInm3DySsFHC7nOAABwAKAPyp0P/k+v9sf/sS9L/8ATPb165/wTT0uwX/g nz4PAgXGow6+9xx/rGOo3kWW9fkRV+gFfYUHwG+E9t478ZfEuDQtviT4gWUWn63d/abk/a7WGFbd I/LMvlR4jRV3RIjHGSSea2/hr8KPAHwg+H1h8LPh1pX9k+F9LWdLez8+afYt1K88o82d5JTukkdv mc4zgYAAAB8N/wDBJgk/sVeGM9tQ1b/0reuL/wCCm2reFtA8Ufs26543aNPD2n+PbS41BpgDEtrE 0TStIDkFFUEsO4yK/RL4S/CD4d/AzwVa/Dv4WaT/AGJ4es5JZYrXz57na87mSQ+ZcySyHLEnliB2 wK+IP+Cgvwq134reLf2eNJtPCt34q0G28dWLa5HBZyXdvDpryRLO93sVljgMe4Oz4XGcmgDkv+Cp +s6J4j+EHw98BeG7yC88aeKfFmky+HY4Cs05YB1N1EFyTGPMVSw4JcDPNW/gTp1pL/wVI/aS1WSM NdW2h+H4Y3xyqTWNizgfUxr+VfS3wh/YZ/Zd+BfjP/hYHw28FpY69Grpb3M93dXhtVkBVhALmWQR kgkbgN2CRnBIPs2g/Br4beGPid4m+Mmh6P8AZvGHjGG2g1W++0Tv9pjs40ihXyXkaFNiIozGik4y cnJoA/O/4OajpPhL/gqV8ctL8dTJba54r0XSZfD0tziM3VnHbwCaK2ZsbiGQAqvJMLnB2EjO+K19 Z+M/+CqPwy0/4a3Ec2teF/Cmrp4gubfEgtEmtrxbaO4K9GSWaM7TyPMTjnFfePxx/Zc+BP7R0FlH 8X/CkOt3Gmgi1u1kltbuAHnatxbvHJsyc7CxTPO3NXvgn+zb8E/2dtOvNN+D3heDQBqJQ3cweW4u bgx52+bPO8kjAZJC7toJOAM0AfDX/BJXXfC+m/s0at4KupYtP8V+F9d1P/hIrSciK6hmLjEs6thg PLUR724zGy5ypA+fPg5eaf4l8L/8FCvHfgrbJ4H1q11ZdOuIQPs1zcRWGpNdSQsOCG8xHyOodTX6 M/FP9gv9lH4y+MZfHvjzwJDPrt2wa6uLS6urH7WR1M6WssSSM38Tkbzxlq9w0z4L/C7RPhZdfBPR fDtvp3gm9sbnTZtNti8Eb2t4jJcKXjZZN0gdt0gfeSS27dzQB4h+wH/yZt8J/wDsDR/+jHr6/rj/ AAB4C8J/C7wbpPw/8C2P9maBocIt7O282WbyogSQvmTM8jck8sxPvXYUAFFFFABRRRQAUUUUAFFF FABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUVDPPFbxmSVsAUATVVuLyC2Us7dK43UfFkS zGCHnapbINcLf65c3rvBkkn5lVeSQK3hQb3MZ1ktj8g/2/f20vFF9rmu/BDQEOn22lXTQTpDky3B TBR3bsuCGVQAOhOcAj8rdD1vWFmGqi9eG/tj5iSxsUdX7EMCMHPf/wDUf1F/4KAfAuyOrR/H2xVF tZ4Y4dWCDe5kiYRQysqgn5lIjJOB8q9c1+VNzqsMsEtvaRmC33fIN2WKnnBJH3Qex/HnJOU4W0Zq pXVz6Q8BftdfGHwfqMY1bUv7esNxMkF98xwTkhJlG5fb7wA6LX6ufCv4neHvjB4Nt/Ffh8vGjMYp opBiSCdMb42xwSuRggkEYINfz8KBwBj6V+5/7LXgxvCHwW8P28ibZ9QjN7L2ybli6/km0fhX8qfS G4SyrD4GGOpU1CtKVvd0TVm3dfr56nymf4SlBRnBWbfyPoENKv313e4qrcWkVxIsyHy5kDKG6HDd QQeorVxjis6+1ex00D7QS7HoijJr+OlTS9258vVceX39jlL7w3yZnt4ZZe0keYJPXOV64qOI66NH vba1la1vJYnSGWYeYI5ipCPjPIBwSM8jjtXT6d4q8K3moWtlqc76fazOFluVTzUhB6FlBGRnGSM4 69qn8dxP4F1FLHWLZp7e8Ae0ubYiSO5jbG106A5yMjt9ME+1gstxyw7x1OHNTjJK+jafS8d0nsm1 Z7Xuj7jB+DmfTlCVHDNSmuZRfLFyXkpNNtdVvbW1jyDw/wDCfwRpGvaX4juA95qmkafFp1tLdNuE Sx5LyICMCWUsS75JPbGTn5X/AGkP2d7Q3c3jP4UWi6XqUEcl7f8AkzPCsvmP8pi6qHJWT5Uxkkdy M/oxp3gnxJr2lf25oVlLeWgYoWRSWDL1G3qcdyMj8a4zWPD7B0tdWtniaGVJTG6lMshyu5T12thh nowB7V95kPHed5TiqeY41T5JL7SfLKP4Jre3Z6nzNZYzAV3TxEHGUdGnf7j8z/2afgYnxU1PUNe+ JT3epaTpDCGK3uZJU8y4DENuy27bHtZSuRyefSv0+g8MeHrZrF49Ntw2loIrRvKUtboF2hYmIyg2 8cEcVQsxDpnnvZxRxm4cyyYQLufuTtxye55z16mtiHVYzzPER7r83+B/SuDj3xLxOdYt1Yycaa0j G+i0s+2/V21OfFZk687y08uxbudL03VbFbTUYVmiYliDyP1rmrj4aeGJY2exjNnKFOPJygzj+6Pl J+q11trPYyS+XHKCJOVB4IPcYPNbWFjTKHOK/N6NGok/Zza9H+h73D/FOOy2ftcDWlB/3W1f17/M +SWk1vSnaPVbKRVVmUSKpZSAcZyudufQgVdttXtZvuNn1+b/AOtX0rcSRSnbPEsgPXI61i3/AIW8 K6wAbq1CuOjAA4z6HqPzrvqZqr2q0/mn+j/zP6myD6TtKaUMzw2vWUHb/wAlf+aPFftSMC2QP1r0 zwRALfQJtQbrezEr/uR/KP1yar/8Ko0eW6Ei3zRW3dAzc/Tgn9aseI7m10DSk0nSziO2j2Jng5PA /n61xY6tTrwjRoXbk1/X3nleMPjHlmZZQsDlrlebTldJWS1tu9b2fyPF9csLzxB4nutW0nUTC6kR eUeEKxkgYIP+Nbd/rHjXwl4Xv9dubdrsWaAIsRVmeRztQAHaSM9fQflWlonhCVG+0RTZJO4g+p56 /wBa2vF73tnpNnpjAkXM6sw7bIgTz/wIivp6uIhGpTw9SneMdOz08z+fvCjhv+0+IcLhq8HySneS vo4r3pLy0TPmjw943uYbWOG9WSKQfeFxG0TE9+oAP4V3tv4ttZceauM9xzXTPFZTKUuIVIPXI/xr CuvBmhXWXgQ27N3iJX9Bx+ld1bGYSrJudNxv21/yP9Y54zBVXepTcfTX/I1LfXbOXBjmCn3rah1R 8fKwYexry258EanB82n3glx2kGD/AN9L/hWLJH4o0o5lt5Co7xneP05/So/sqhV/hVE/UP7Fw1b+ DVT9f6R73Hqy9HFXUvLaQYLdfWvn228aXUZ8uYZYdQwwfyODXQ23jGzkx5oKH2rixHDdWOyPPxPC daO0fuPddDjsrS+iu/LEkIuI5ZY14LorKCB1xnkdK/SHwx8StA8SCOJBJaXEhAEcgBGSM4DLx+eK /J7QvEFl/bVlCZgQCSQf9kc/qa9m8b+PZ7D4e6/c6Iryak1hPDarBzIZ50MaFMY5Utv9fl9a/orw Ir18DCUY71ZK91ulotd9Ls/APF7heFWiq1e94JtPt5W87I/T+ivlT9nr4ja3400LToNYlka9ijTz GbPzgqTlgejfKQf8c19V1/XdOfMrn8lVIcrsFFFFWQFFFfNfxl/au+CPwY0y4bxR4othqRjfyLS3 b7TcSSDKgLFHuY4YYIAOO4qJzUd2b0MNUqu1ONz6FvNV0zTpIIdQu4baS6bZEssioZG/uoGI3H2F fmz+3F+138JND8F+IPgjpEf/AAmPinVrZkktrSQCHT9hDrPcT/dXy3Cttzg4wxHQ/hp47+Pfjnx3 48uJrq/1rxVswj3GrkR3BLtkeVDlhbp83yxB2GPTpXPfFu+/szT4fC2iolvf+IZxJfzJw8pGeWYc sAST9eeTk16VDBOpBVYSatvpZ+VrhKcMPVcK0VN9LP3fnbXTsmvUPCviDSPGXiaDUrlWmm0NXkjB BMfm8KucjB2k7lOcggH2rhPFfh5tU8c3l9EiSO7K8jTNyMoMbFIwRx145zzXV+DvDy+F9OgOmyTX rJk3KRpvKLgl5G2/djQcljxjvXpngv4U+Hfid4yXUtYvZ1g0+NVkggJjM4JYrukHIAxjA+b0Iruz HFUsPhpV662abtv2DJMsxWYYunhMM9ZXUbvTTV/56Hn/AIS+Hvibx1NNaaXZ2+xSsYuQWVYVwDmR wAVPP3Vyx7Zrr/iJ4Kf4ZXOnaBc6i+rST2ayy3DLsLOXcEKBkgKFUAEk4xk9q/QvR/DWjaLp0Wma NbR2dtCMIkYwo9/c+pOSe5ry34mfBrw98QltJtUnura4tDhJ7VlWTZnLIQ6spB+mQeR3B/MMN4hc +MXtPdo6q279X/wPxP3/ABXgmsPlcvYPnxV077LR6pX0+b38tjV+GujW+meEdNTT4gtq8EbmLOTu YAl1YnOTnnJ56jnOe0a5axAmsXZg3UY469CMYH+cDNNgtLTQNJtrKBjBaWkSxpvOW2Rrgbj64HJr jJ/GVmXBtoSIzguT1ZDwpI5yzn7g646+lfms8POvUlKKvrv/AF1P3yniKeHoQhKystlsrL8l+C8j 13wj8RvFPhe21G00i5H2XUkMN5aTxpcW0yAEESwyBgRgkZXHBwSRgV8teMvg1DrGoza/4dmGmTM5 kEcK7YlJHAVQflA6ADIA6CvZLFknQXemuVKHBRTl42HVeM8jvjOO3rU9ilytwQXG1wSf7uM9iM+v +TXpYHPsbhGo06jVunT7j5nM+Ecpx8pTxOHTct5LR/erP+rM+aI/+FzaOUsotetyinaDc5cAdslo 2b9ap6dr/wAW9Yhnjvr+TT5I5XjULbpuk2dJBtx8hOQDnJAzjoa+sJNFsbpjJOoZlJBDDBBHYikT T7K0PyxqhU+1ejPjGbu/Yw5u/KrnLS8NKKcbYqr7NJ+77SVn22a2Pkq88JfELVoJ5ZNRuXmCMEaZ wAGxkHGM9ea+e7fQfF90BPeeIpoCeMQkhh1PDV+ldwI5blWH3B+VfD2sWT6Zqt5YnO63nkjwB02n gV+h8C5zVxntYV5Xatb8b/ofgfjNwvhsteHqYSNlLmTe+qta7fzPOW8B3z3XmXWs3EnmjggKgyR/ s4wPXg+wJq8/h3xRYKkdhqbTwyA5tb8Bo5B38uQDbuI/2Qw45HWvQ7SSRQokJfaOCT0/+sK1/wC0 tsfkTxrNE4wythlcA9wRz/jX6JCi1sz8LlWT3PEdVm+zag8PkSWkiKmY5FKDeUG7YSWDJnIBBPpx 3yH1MxBOgIHPuT69cfjn+dfQ1zZafe20kAiVo5F/1E37yLIH8JOWU985OOgArzHVvha19dr/AGRe LpgJI2XJZo8EZwki5JHop59TXZGpZWZyzp3d0cO2tmJQVkAzkAHnAHf1/Misi58UuEKnA9yQRj8O Mn3Jr0BPhDYQuyat4nTfnmOGIH8iX/XZmul0/wCF/gizlMklhe6xMvH78mNAfX/lkv5kj8aTkwjE +c7zV59QAtLeN5pG/hRdzewCgfyrY0T4X/EDVnWZdNks4XI+e5Pk8euw/OR9FNfWOnWzaRF9m0uy sdJhOCQgyd3YssYVSfU7jUly0czBp7yeZFyxUbY0JPP8IZhx/tCs3BN3d2ac1lY8n8O/C7SvDlzH e+IrtL+eMgrCFIi3DnJz8z8jjhfoelesnUpnjJEJiRl6uCp9sL1z9arrPY225rOGONj949WYA8ZZ uT0zXT+B/h/49+KOsDTfBunPfuCBLJjbDArcgySN8qDjPJyewJwKc6qhF9EKMOaStqzj4TNeXYii UvubAUcZyeAMV/RB+xl4Yv8Awd8DdO0LWIVtdRW4nnuIR9+M3BEiLIM5D7CuQa+DvAPwd+G/7POg 3nxF8b3sfiHxDo4AJT5oLa6IykMCkfNOcjDOAVHzBVHNffX7KD6nceCNY1HxHNu8Q6jqbXeowcgW kk9vC0VuAenlweWMdR35zXzOOxSqO0dj28Lh+Ra7n1HS0hpa886gooooA//U/fyiiigAooooAKKK KACivlz4kftReHvAniSfwzp2lyazcWTbLlxMIY437op2OWZejcAA8Z617L8N/iLoXxN8OJ4i0PfG FcxTQyY8yGVQCVOOCMEEEdQexyBpKlJLma0OOlmFGdR0oSvJHfUUUVmdgV5T8ZvjV8O/gD4Hn+Iv xR1F9L0G3mht3mjgluGEk7bUGyFXfk98YFerV+Y3/BXT/kzPV/8AsL6X/wCjTQB9paT8f/hbrfxg ufgRYapIfGdrpaay1o9tNGjWUnl7ZEmZBE5/erlVYsOePlbGF8cf2pfgj+zle+HdO+Luv/2LP4pe VLAC3mn3+QY1kZzCjiNVMq/M+B1x0OPh/wDaDtf+FV/tn/su/HaEeXZ+J4H8F6kw4Um5jK2Yc+8l 0zZ/6ZjsK8I/ax+Gsv7YX7Rnx10u1Q3dl8EfAMdtp4TkHXp2GooFP950SWBv93HTOQD9p/iJ8QfC fwq8Eax8RPHN7/Z+g6DAbm7n2NIUjBA4RAWYkkABQSScCvK/D37VHwW8UeMfA3gLSNXnfW/iNo/9 vaJBJZXMf2jTtkkglZ3jCx5SJyFchiAOORn8xP2gvjPqnx6/4J4/BPwfolyZvEnxo1PQ/DU/OWa4 sZvLu5COuPtVumR6OO3NQ/tW/En4f/spft6fBjxlrsMyeG/Bfw/urS3t7ZPMlk2x6hbWsCDgAuxR AWwozkkAUAfrZ8afjv8ACr9nvwh/wnHxb12PQ9KaZLeIlHlmmmfokUMStJIwGWO1TtUFjgAmu38G +LNL8deFtM8YaJHcxafq8K3FuLy2ltJzE/3WeGZUkTcOQGUHBBxzX40/seabYft3/G7xN+0R+0Vf R3mtfDy/+x6N4FkV1t9DT7yXE8UoHmuXVlyV5ljLOOI0T9vKAPKLH42fDrUfjJqHwDtNRd/Gul6U utXFp5EoRLFpI4hJ5xXyid0qDaG3c9ODXq9fiR8Uda+Ommf8FRvEel/s9afpV14q17wPa2JutaaQ WGnWnnQXEt1KsPzuQYVjVVB+aQEggEV9Ofs7ftCftEWX7SWt/spftP2mi3muwaKNe0rWdCEkcF1b CURsskcmOTk4IRNpjYEMCrUAfo3RX5lx+O/+ChPxp1Txdrnw60/w/wDCLwloWoT2Wlx+K7C8Gp6l Fb8i6kDqVjhkUghlTg5UF9pY4Hw0/b98aaj+xz8Tfjj448NWkvjT4W38uj3VrYs/2K6ut8EUMw+Z 2WMPPmUBj8qMykAjaAfqnXlF98bPh1p3xk0/4B3eouvjXVNKbWoLMQSlGsVkkiMhmC+UDuicbS27 jOMEV+cXhP43f8FBD4S8KfGzSl8GfF/wvr0to2o6D4XWX+0LCG6Xeyxzbym+H7sm9n2vxtK5ccX+ 1Nr/AMX9I/4Kb/D+H4E6Xp+o+MtY+H62VodXaSOxtUkvdRea5uBHhysUaMdq8k4ADHCsAftRRX5p /B39oH9p3wV+1Jp/7Lf7UcGgavP4q0mfVtE1nQFlhQi381nilSXbn5YnGNilSBy4bI/SygDyj4Mf Gz4dfH/wTH8Q/hbqL6poUs81ss0kEtsTLAQHGyZUfgnrjBr1evxK8O/ttfE7wp/wTvj/AGitB0Lw /puvR+Jjpxs7KwNrp5gaba5EEcgxIw6vnrzg12HxZ/aN/wCCgHwF8FaV+0l8StH8ITeA7q5tPt/h qzFz/aWn2t62Ig9y+FaYBlR2UsokIxGVzgA/YWuU8deN/DPw28G6z4+8Z3o0/Q9AtZby8nKs2yGF dzEKoLMx6KqgljgAEkVv6dfW+qafbanaEtBdxJNGSMEpIoZcj6GvzJ/4KT6/qnju2+Gf7H3hKdo9 X+MGuQLfmPlodHsJFlnkYDkAPtkz3WFxg0AfdfwY+Nvw2/aA8DxfET4Var/a+hyzy23mmKSB0mgO HR45VV1IyCMjlSCOCK8C+LH/AAUG/ZX+CfxA1X4YfEXxRcaf4i0Uwi6gTTbydUNxCk8eJIomRsxy KeCcZweQa+Z/2aIrT9lb9uf4kfssRRjT/B3xHt08V+FYB8sUcyoftMES9ANqSqB2S2Xpmv1F8SaL o13pWpXF1YW80rW8uXeJGY4QgZJGelAHwd/w9a/Yh/6HW6/8FGof/GK+pfAX7RXwu+JXxK8RfCfw nez3HiHwtZ2d9exvbyRRrBfxRzQMsjABiUlUkDkZwelfEX/BJDR9Ivf2O9NnvLGCeQ6zqY3SRKzY Ei9yCa+t9V8B6B8FfEXxa/amu5LnXNUutEWT7GkcUKwadolq8y2sPlpukeWTexkk3NyiAAJyAfTN FfjF8Pf2j/2//ix8LF/aI+GN14D8U2JcyyeCbFJ5dVit1n8ry2dXytxtG/azj5fmALYjr9e/CGs6 j4i8KaNr+r6VNod/qVnb3Fxp9wQZrOaWNXeCQjgtGxKkjgkZFAHRUV8EftD/ALRnxht/jl4d/ZY/ Zn0nTLrxxqumvrWp6prYlbTtK0wM0SuUgYO0pde4Kjcg2tvJTnPh18ff2nPhR468X+Bf2ufDtvqf h3w9oFz4it/GXh2xuV01oLRGklt7hnURJOURyqkody4w4dGoA/RqivyV8DfGD/goz8f/AAFL8f8A 4Uaf4P8ADnha78+bQ/DuqR3E1/qNrCxUGSdSqq0hUiM7og3XCoQxl8ef8FDPEt3+w5D+058PNHtt N8TWWt2+i6rpl8rzRW10j4uIwQY2+ZCjoTyocBgSDQB+steE/Hz9pP4P/sz+GrTxR8Xda/su31GZ rezhihkuLi5lVdzLHFErHCj7zNhFyAWBZQfzw+LP7Rv/AAUA+AvgrSv2kviVo/hCbwHdXNp9v8NW Yuf7S0+1vWxEHuXwrTAMqOyllEhGIyuccP8At12vx18S/ta/s63XhjU/Dx0vVdSurnwal7b3DG3u Et7CS4fUwvEimXa0Ii5UdeaAP0k+Dn7XPwR+OviW38HfD/U7qXW7jR214Wt1Y3Fs62CXItTIzSIE z5rABd2SDuxjmvpmvz1+GPxY+IM37cOp/BHxzp+gS32l/Dqz1W/1TT7ExXU2pedZxTolw7GT7IXk dkiYZGFycivnT9kX9pb9v79qmDQPH+laf4R03wLperJputyzxTrc3qeYslzJaxCQ7TBbyIFBdQZO SWGVUA/ZWivxB+DP7U//AAUT/aP+CmqfFz4dab4O0jTvCP2r7TJeQ3Rn1me2BneG1hUusapCyJ8z AtJ0kGWCdJ4Z/ap/bw+P3wKvv2iPhFo3hPwn4b8L2U0lza6h9ourvWLnToi989sB8kUGQViRmD7l IMh60Afs1RX573P7Wvxb8W/sg+Bfjd8Gfh3L4p8c+O3gso9PghnnsbC5MkkFxdXJj+dbWOSI4LOu Ay7nADNXhnxb/aA/bf8A2SNR8HeN/jpqng3xh4Q8Ratb6Zf6fo8E9teWnngsXt2l2llUK2HfcN2F ZRuBAB+perfEDwVofizQ/Aera1a23iPxJ5507T2kH2m5W2jaWZ0jGW2IiEs5AUHAzkgHmPD/AMbP h14n+K/in4J6NqLzeLvBkFrc6pamCVEhivI0lhIlZRG+5JFOFYkZwcEGvyj/AGl9O/aQn/4KW/DC PwLq/hy21WfR9Tbwy99b3LwwWa2k/wBqW/EZ3PIzCXyzHgAFM9DX1D4b/aJfQP2tP2ifD3jHTdKs vDfwy8O6ZrEuoWlkE1OeIafBdTiefdmYKGYRqQMAKM8UAfolRX5K+BvjB/wUZ+P/AICl+P8A8KNP 8H+HPC13582h+HdUjuJr/UbWFioMk6lVVpCpEZ3RBuuFQhjL48/4KGeJbv8AYch/ac+Hmj22m+Jr LW7fRdV0y+V5ora6R8XEYIMbfMhR0J5UOAwJBoA/WWivx6+LP7Rv/BQD4C+CtK/aS+JWj+EJvAd1 c2n2/wANWYuf7S0+1vWxEHuXwrTAMqOyllEhGIyucfrzp19b6pp9tqdoS0F3Ek0ZIwSkihlyPoaA LlFFFABRRXO+Itdg0WzaWRgHI4GeeaaV9BN2Jdc1y10e0aWRx5hIVRnua8G8Q+Nry5uFjLlIWOGP TG7IH6isLxLrF3qUod+YUJJXPXOcEe3f/wDVXE3t59oR45QCCMDqDjHf3Pr9K7KdNI46lVvY7u9v bi0tppMhZoHCNEx2uT78etc/e+IbyRYr21Ji+zthXQBSrH1I9QM/njvXFrez3HyXEhMygDJPUKMD 9KkF1LB5jI37uYBZF/hPIP8AMA+x5rYxMbXoLTXrK70vVIUuLa9ieKaKRd0ckcg2srKeCCDyK/H/ AMd/sa+ObT4lPofhGOJ/D18TNb3c8m1IEz80Tg5dmTOBgHcMEkHOP15837VcPvRomt2IAJ+8CPvY HGD2/wD1iqep2YvbV4x/rF+ZD3DjoR/npXlZtTryw8/qrSqWfLfVX6XFOpOMX7Pc+QPhZ+xp8PfB Zg1TxXnxNqUeDidQtqjf7MPO7H+2W+gr67a7utOSG3s7RJLYFUCR/L5aDjP0AA4A6flUFnqKy2qO flbGGHoRwQfoasR3cG75iVJ/Kv8AL3jzjHMsdipRx03KUW1Z309ErJfJI+BxWJnVd5zdyW4vpBae aEMbscAH0xnI/OvLfEk0uYraMndMcse+0dvxr03U5Ipoo23cdMk15dqkcq+IBHKMxyIuw9vevjcu q89RyfS5+s+BOAw2I4mo/WrNQTkk+skvd+5u680j0/w38L/DviDSrW4sPFtjDqEyAyWl4Gtij90D tkN9QMGneGPAuqav4jtfDtxcvcLa3DWdsolM0MHOZni5KhQoLfLgGu70f4V+IbTSV1LVnttJhaPz E+1zBGcYyMKoc5PocH2r0D4GWAl8RrcuAfs1nI4/35ZFGfyyK/bMj4fqYnMsDl+Iwbw7qtc3vS9+ Ks23GTbi7ap6K+y0P6tzni6dPD4mvRxHtFG9tI+63e1nFJPt3tuz6g0jSbHQ9NttI02MRW1qgjRR 6DufUnqT3PNPv9L0zVIvJ1K0iuk9JUVx+oq/RX+gSwtL2So8q5LWtbS3a3Y/k2tJ1G5T1b3v1PGf EPwN8FavFK2nxNplwwO1omJTPujZGPYEV8L/ABejv/g0k17r9jcXllbOomktFWQpG5wsu1mXKHuQ cjoRnNfqdXz7+0N4ftdR8LwanPGHWKT7NOCOHt7n5CD9H2kenNfz14weFWUvATzbDYZRnS96Sj7q nC/vLTRNK7UrdNbnyme5RS9i61ONmtdNNOp+eOj/ABU8B660a2mtRQySfdScm2bJ7DzQuT9Ca9St L3UFiWWC5EqHpu5H4EV+b3jDSYdB1HU9HnI/0CeSH6hT8v6Yqx8Dfi/a+AfEF1puszMPD+oZ8wqC 4t50+7IEUE8/dcAZ6HnbivhuJvo9UFlv9p5DWlU91TUGk3KLV9Gra21Stq9DyJ5Len7Wi29L26n6 Pf2vMGxc25Puhz+lWodSsJm2iXYx7N8p/WuE0Pxx4S8VhG8Maxaam78+VDKnm/jGxDqfYgV0LiOV vLlRo39HXH/1q/mbGYWpQm6eIg4SXSSaf3OzPHvOLs/xOyhC43bgR1zmvkn9oTxlfeH7S3k0mB7q a5uBuVAW2xJyScevAr3h7JkOYJ2iP+yePyrw3Uru8k8XXSRxG5trUpCWHPKZL/Lkd2x+HSu3h5QW JVaUFKMNWr2v8zgzerUdBwho313OD8FfGzT7iSK2vp5rG4OAVmDKM/U10vif4m2mpeILiEXhMWlR pETglS7fMxBH12/UV7xptp8NtcjQa7odtNIuPnKBJMjvnCn+dZ+ir+z14X8TprXj2whh0RRMrBke XzGZG2qUTknq2fUV9TkjwWY5lTw1OjKEpvl1acY3e7dtrX7s/ZPo28RyyXOPb5hB4jmTjBQ+JN7u zVm7XXTd6niVp41tbnCpcRyHuDwf6Vuxa9ayEBlIzzlTkV3/AIxvP2EPEk0iaRrOoaBOoB/cQS3E Y3dCYmDyjr6rivn3xR4N8FaWj3ngD4kw38A5SOe2u7aUnqFKyxNH/wCRBX6Lm3hLiKF3FqS7xaf4 aS/8lP8ATLI+IsqzGy5KtGT6TpyS/wDAopx/E9Tj1OE/cmH0birYviRlgGH518uy6740sHMaJFqk I/jibY//AHySefxxVFPibd2E2y7iktTnpIpH6jIr4ufBNdtqNm/x+7dfNH20eCp1FzUZKS8mfU9x aaNqAxd26P8AUA1zGs+B7cWBm8PKBqEhBt0dyI2JYLz1IAwTx6V5ppvxRguSiM6uWwByG5P05rqo fidpVj4i02zaUbiC55yAF4B/nSyvIcXDFQpyuo317WW551XK8wwesG9NbdND17RPCPh/w3okl18Q NDuSLOOSaXVdLvMzRxqNxDW1wvluqdflZGI6k8V7P4a+G/gHUp7C70r4sS6VeJvliiuLDyoJYQhZ xOJn2PhRkFZAAQfvdB4J498d6Z4l8HXPhK31SHT7nX1+xRSSHglgWdRgdSisMcfXNcL408VXvgb4 R6hbXko+0u1vBbsDuDSZ3uY27goh6f41/W/BOW4elhFinTXNG/L0drW6WvrfV3fmfyD4kZ3j8VmS y2VRxjPl5lurt3+1e1lZ2TS8j7n8F/Gv4ffCW18T+I/iBremLPa71tF07zZFvsLu80EIVjMpVUUE gA7ieOTz3h7/AIKZ/B9lvLr4h6bceE7JNotZmmW5Fw5zlD8sQRgBkckEZ545/n98UeF774oa/d6/ 4g1i5mw7JBApxHAiMQFXdnr1bA5Yk5Oa6jxzeW9h4Str3UIBcxWU0PmKVDnDZQnafTd+IzX7NlWD lOjL2jSdr3V9Px1P5+zmrhoYlKhFuKbTu1r9yVvxP271z/grV+zBpwb+zpby9ZexjKk/TyxKP1r4 X/aM/wCCmOrfFjSbGL4cab4m8L2FvIwD2Fytqt68u1UWWXyndgpHyqoXJY5zgV8meBB4WvNPW70L TrCOKMAvNHbxgkEE4PA2sOvI6Z+o7PwDewXt9P4inhUQq5is9yD93EnWRQRwXbgH+6Bg4Jz0xyWS 1nVfysYPPKMf4eGjfz5n+DdvwOY0P4q/Eq3N5pPim41Xw9d6/GYp3juZF+1A8AO6N/rM9A3Oea5X V10rwRE0OhJJca9rBWJZruYzTMxGPmkIyEX7xAGPbpj1PxZrVneTteRpnyjxxk7unAHU9hjvXdfD j9nDUb7VJfGnxOv1RbtAINLt1PmQxDkCWZsbWb+NUXjj5+K3zbN8JgKca+KfvPRae8bcOcOZlm85 YfAp8id5a2ivX+mzxGztNP021t/7PgiMMQeW4eZTLO9w2MSK5IA+bnp2AAHaHw98FpfjD4qfWdT1 GSy0rTNqDyFxM7dwrH5Vzj72G6dK+ofj34di8NfDpLfwfo6i1t7mOSaK2QySBdjgO23czfMQCTn3 OK1vgN4X1PRfAcN5rlqbK61KR7nyXGHWNz8m4diRzg4P418dnnGPPlXtsO+WTlZJ2vZdbdD9O4P8 Mowz5YXG/vKcYczauo3b2v1X3XtsLH4AsfD3ha+8O+HbRYo722lgZjy7l0K5dmyWPPfj0FeJ/s3+ CfH2m+LdV1LxdpE2m2kFssUckpXbNMWGdmGJICj7wyD654r7SW3MxKqpOMdsf/rqnJPDb/ukBlZ8 /Kv3Rj1PQfic+1fmGFz/ABfsa1B+97S127t6H9CZhwll7xWFxUfcdC/Ko2Ss+lrfdYnLbcqmMDqe gFc1qniTTdH3iWUSToPu9gTwBnkAnsOprN8TanfQRIkbiJJM4C8cDGWJ6454wBuPHrXlkOj3eqai lpI880lzMIVghVhK7SyqiZEe6YyfK+HjKoik5HGRhhMtu/e/D+v6/A9TG5ko03UTsvPt/X5dNx2t +IL/AFu6NvLISZMEQJwm0uBsb2XBMpPTGBk1ysF9GER/N2tIFcSL8wYyKMyJ03O4ysS9lG71r6tg /ZS+K99ZrcLZadaIyrK1vc3Pzs5d5PKKQq8S4LAtJ5hLn7yjHPH6j+yx8ULHwzr/AIwv3h0+fQ/3 iRzSRmW82R7JZ96kxrgZEQBHHbPB+wpZRVS+Br5f1+vz2X5lPjfAJ2jiIvVLe/p269dEndpw0lLy axvrrT5Ue3Uo6t5WxDnBUk+Qhx/CeZpDnPT2Ho9lq0GoxxSEhZZRkOowkuMAsvcDOQpOM14pZuLm LY0GH3NAYgRyUPMKn/nmv3pJP4jx7V3tg6y2cLoyzeaoJcjCOV74/hiXsO/vXm4zBwqx97fv/X9e uvL9DRzGdB3ht2+70t06dtFoqnpsGottWG+j84ADHZkHPQ46cH/PNLJPBNGTCA6HoSBvX6gZxXn8 GstYKRd73t0G7LcSIv8Aez7n7q9cflXVWM0cmZrV1kXpzg+xDjsfUY49BXzOIwU6T97bufRYTMqd Vc1J+q/r80WREfvDkV574q+GumeJ5jqVpJ9j1DjJP+rkI6bx2PT5hn3Br1m1i+1N5a4ic5J3H5SB 9ePw/Krcum+VlUVkZeqng10ZdmtbCVPa4eVpf1ucec5Jg80oPD4yHNH8U+6ffzXzPg/W/D2q+Gro 2mq2/kvg43HKuAfvKw6j3H0qjFKitg42kDgDP6nGfWvuDVNGsdbs307VbZbiFv4W7H1BHIPuDXzx 4w+F2oaEkl/oZe/sV+Zk6TRjvkLwy+pAzjOQAMn9s4c49oYpKliPcn+D9O3o/vZ/K/G3hBi8v5sR gr1aX/k0fVLdea+aR5ykzqF8vcqjuxx/n9aet0FyrtvU4yCcg/X14rHEx2sAoUEA5Zs8Y6/j1pGn w4G/5c9l5HPb0r765+OWNpLvyoykH7v2Ubc8VXk1KbgbgCARycn/ADiswv8AMA+c8DJPvjNdj4N+ H/jP4gaiNM8G6RNqdwMK3kpmOPI6ySMQiD3YgcGiU4xV3oOMXJ2Ryr3kjkiVj36e+ev410/hPwX4 n8d6rHovhTS7jVrt+dkS5Cjjlz91R/tMQPevp6y+Bvwr+FwTU/jh4mXUNSjJP9h6S29sjkLPMNu3 nqBs9nIqj4m/aV1G104+Evhbp8PgzQUDApYAC5kGPvSSgbi2OSR83XLGuJ4uU9KKv59DqWHjHWo/ kbml/AD4afCyKPV/jtraXmoqgkTQ9MffJxztmlyMA98FR1w5Fd14e+JXiP4kG58O/D2GD4c/DjRF 8zUr6zQJIkIGSqS7R++kA42jcOpZuh+Vvhn4B8VfGbxFNaretaaTaDz9S1CUnyoIwdzEuerkZ2gn nkkhQSPpKWDRvH8B8D+DRLoPwm8G4m1S/ORJeyKByx25Msh+6uCVGG25CIPMxSSdpu769l/wTtoO 6vFWX5/8AszeKtGv7P8A4WTqNgLTwF4PdoPDWlPj/iZanz++kzy+D88rnJzkZJ37vuD/AIJ961f+ IPh74t1fVpvtF/e67JcTyE/M0ksERJI6DkcAdBgV+SHxW+Iv/Cf65aadolsdP8P6QgttOso+EhgX 5RntvbALnnJ4yQAT+qn/AATgcf8ACsvEsSkYXU0PyjgZhUde/Ssq1DlpXe5pTq807H6KdaWkpa80 6wooooA//9X9/KKKKACiiigAooooA/NP4x/AL4hR+PdW1jw9pkur6frFzLdRyQYZkadi7I65yNrE gHoRg5zkD6q/Zz+GetfDfwfcx+IsR6jqk4neFWDeSiqFVSQSC3UnHHIHavoKiuieJlKPKzyMNktK lWdaN7/5hRRRXOeueG/tLa58VfDPwJ8ZeI/glbrd+NdLsjc6fC0P2kyGF1eVVh/5aOYQ4RRklsAA nAP4wftI/tiaD+23+z34P/Zy+GGkapqvxa8TX+mLqlibNoYrO4tVzdSNJ9zy/N5BHCx5Z9mMV/Qj VaKzs4J5bmCCOOa4wZHVQGfHTcRycds0Afn9/wAFH/h/e6t+yLf65oOX1r4Z3Wm+I7CTHKvpsgSV +ORtgeRvwrD/AOCZOi6jrnwc8WfHzxNb+XrHxl8TaprsoY7ttqJmhii5AyiOspXgfKwwMYr9JqKA P56f2U/hj4iX9uy3/Z41a3P/AAiv7PereKfEGnhs7TBq32ZLEEdAylo5k57tjgEn6p+PPhvQfFH/ AAVc+BeneI9Ph1K0h8K3l0sVwgkjE9r/AGjNDJtbI3RyKrqezAEcgV+ttFAH5CfttfDjxj+zR8Wd N/b9+A9mZWsilp430mLKx3+nyFUNwwA7gKsjYO1xFNg7ZCf05+FPxQ8H/Gf4eaH8TvAV4L3RNft1 ngfgOhyVeKRRnbJG4ZHXswIr0KigD8wfByg/8FbvHRI6fDOHH/gbY1HrpmX/AIKz6S1uoeUfDCQo rHALfbp8AnnAJ71+oVFAH8zHw08V/szeOm8V6x/wUN1zxZ4g+L1trFzF/wAInL/aaxEDaYLezgs1 VELOWRUaWNRxgBcM3sv7FXiPX/A37L/7S9n4c+GKa/rOi+InmuvBGoLIHTT7pFje3khdHkcxRRy/ IV3P5ZA+bFfvwbKyN2L828ZuVXaJdg8wKe27Gce1WqAP5c/HmpfsiXmg6F4z/YWvPFfg/wCPWoXF ksHhjR/7QkjS4Z0NzFK06MGVMtt8uZkYjBj2E7f0yu11w/8ABUv4XnxSIzrI+E4N75X+rF19qvfO 2f7O/dj2r9T4bCxt7iW7gt44558eZIqAO+Om5gMn8at0AfmF8Yv+UpfwC/7FfXP/AERe1+ntFFAH 8wuD/wAOcSMf8zp/7cV+s3/BVUAfsPeOQBgC40f/ANOVvX6KUUAct4G/5Enw/wD9g60/9ErX4z+E /hD4a/4KFftg/F34m+Nr3UYvA/w4MHhfQZNNumtZJJ4GfznjmUElMiVyBjKzp1xX7g0UAfhD+2H+ x14f/ZF8MeF/2rvgTeazfa38O9dsLm+TVL97xWsHk2EAsu5VMrJG4HBSRs9K/aDQvGOifEP4Y2Xj zw1L5+leItJS/tX7mG5g8xMjsQGwR2ORXfUUAfmD/wAEh/8AkzbTf+wzqn/oxa/Q34h6h4i0nwH4 i1Twlo0fiLWrPT7maz0yWTykvZ442ZLcvhgvmkbMkY554rsaKAP5ePG+v/sLeKfh1e+N/BuneIPg 1+0XbrMkXhzw+mopjWQzKkaq0ZiihdgMrE8LoDjaWGD/AEMfs2SfE2X4CeA5fjL5g8avpNsdU84b Z/PK/wDLYYGJtu3zRj7+6vZPsFj9s/tD7PH9q27PO2DzNvpuxnHtmrdAH5J/G7xMv7Jv7fNt+038 Q7G7b4ZePPCw8O3mr28Et1HpV7FNFIvnLErMqsIEwFBLbnKhihFaGr/tDeJv27NV+IXwT/Z50uG/ +FNx4S1OzvfE2oWl1al9cuIZEtILZ3ZB5e9omcPCX2hzhRtJ/VmSOOVGilUOjghlIyCD1BBplvbW 9pCltaRLDFGMKiKFVR7AcCgD8bv2b/2/fhH8A/2fNI+Dfxss9V8N/E34eWp0mTw42m3L3V9Jbki3 +zukZiHmpt5kdMNkjcu1m+UPiZ8KfHvw0/4JdeJNV+JOmto2teP/AB1D4mNhINslrDe+VHEkifwM RFv2kBlDAMAwIH9H72trJcR3UkKNPECEkKguobqAeoz3xU9AH51/8FVQB+w945AGALjR/wD05W9e XftMD/jI79hz/r61T/0l06v1looA/MDwkP8AjbX47/7JjF/6XWNP/wCCRKKv7GulkDBbWNUJ9z5g HP5V+nlFAH5Of8Eu1x+wLd4GCbrXv5Uz9hIf8au7j30nxZ/6OvK/WaigD+dTVfGXxG8I/wDBNL9n lfD+p6t4f8DanrF3b+MNU0PcL620ttSuchXQZVXBfnIVmVEbIfafAP2o7T9iuD4faZqn7J2k614v 1LTNVsbvxD4uu11SWGytPmRLeaS7WOJZbiV0I2xj7hGc4Ff1UOiSI0cihlYYIIyCD2IqG2tLWyhW 2s4UghTokahVGfQDigD8if2wfid4V+Cf7cnwB+PvjySeDwJBoesWsmp28ElzEJLiCdYwPKDFs+dG cLk7TuxgGuaj8FSfGj9sL9svwN4fnQzeL/A2kWtjK5Kx+bdaRai3ZjjITeVJ46Zr9n5YYZ12TxrI uQcMARkdDzUlAH40fs3/ALfvwj+Af7PmkfBv42Weq+G/ib8PLU6TJ4cbTbl7q+ktyRb/AGd0jMQ8 1NvMjphskbl2s3yh8TPhT49+Gn/BLrxJqvxJ01tG1rx/46h8TGwkG2S1hvfKjiSRP4GIi37SAyhg GAYED+j97W1kuI7qSFGniBCSFQXUN1APUZ74qegD86/+CqoA/Ye8cgDAFxo//pyt6+6/A3/Ik+H/ APsHWn/ola6migAooooAimmSCNpZDhVGTXzh4t1GXU9XuzI++GBiFA5G09D/AEP/ANevXvG9zNHp wt4DhnOTzjI9K8MuhZxRtcyu0USg4lX/AJZv6sDztz19OvPQ70o6XOatLoc5/axXeIohLkYDYBA9 Rggg+4I/wrkLy4AdvlwD2GePz5rR1CKeO6kuYT5cj7csBlGVSeCo4HU8j+QxWfcmK4XJ6+1dCfc5 mY1y7MFmhGZE5GOMjuD/AENPjuVkQMOjdQeoqrMskLbh8w9R1/EVnvcmOTzV5U/eH9f8aq5JNfGR VLoyLkgd9569OMHHp+VQJdF4FdwVYjkVZ88OPkJ59D6+9NS0WdVgQEt0GDnFZylYDkxod44dLO5Z HkZ38xhkBmOQNvQjnnkH3Fer/DX4Vav4ou3TXvMhhiGTMi/uW9lJIJJ9O3evYvAXwkjltY9S8Sq6 g4McIO0sPV+Mj6dfpX0LbW8FpAltaxrFFGMKqjAAr8tzbwnyDGYhYithlzXu99fU4f8AV6hOanJf 8E+cPEfwDtLfT5bjw7cyTyKuWt5cEPj+4ezegPB6Zr5P1vTpIHjgkXa8ZJjfGD9PwI6djmv1GzXg PxK+Eqa7PNq2jx7muDumhHDeZ/z0jzxk/wAS9+vWvwvxi8DoQpLM+HqNpL46ceq/miu66pbrVarV zwdXA16eOy5WnB7d/wCvwep8l2GvXcsZtrmVjKF2/MTkgeh7gfpXvHwR12LT/EJg1D9wk1s0QdsB cod4z+Ga8d1DwbrWjztFeWruFPDFSrY91ODTtMmTT7yO5lnmt5ITkD5uv0HGP51/NXBueTynPKGL krShLVS002d77aXP1bHeNmDxWW1cNi6XLUa9NenlvvZtdrH6QxTQzoJYHWRG6MpyD+IqSviTTviJ eWLiW1vlVv8AZbafxHT9K9L0n42Xirs1C2juvRkbYfxxkfoK/vTJfGTKMVpUnyv71+B+T4bifDT0 k7fifSFeD/HrV4ovC0WjA/vL25iGPaM7yfwwM/UVWv8A41WqxN+68jj7qne5+nT8zj618+eKL7xX 4+uLrU7GynuPs8REUUStJ5KtwWO0HJOeTjk+w4+E8X/FjA1Msq5VlkvaV6ycbRV7RfxNrfa/57Jn HneeU5UZUaHvN6fLr+B+dXj34YeKPHHjPVLvRLq0jjv5JrgfaHdAAhChflVsluMfrXzdr3wR+LPh fZLf6BJexQ+YzTWn75G5ypATcRnnJIH3q/S7w5oM0ZuGvYyj79iqwIYKnBznpk549hXWxaPfPMse niR5H+6kYLM30UcmvxXKfHvOsv8AZYKhyyhTSiouOrtZbp3v0PjctzzGKnG0ttLWX/D/AI9T8Uo5 JbaVYtQSSH7MhaQyqcq69ctjggLng969a8NfGT4kaAYjoXii5kh2grBcOLqMpzgBJ95A4/hx9a/V fWvgb4g8V2zDX/BT6jG4+9LalZPwbAcGvnHX/wBh611jUHk8N2uo+HdYKkRJLC88BPZWDASKpJ5I JxknBr9uwHi/h8fGGH4gyuUVLRNwc46+sb/cj6bD5zUnaOKo3Xez/J/5nztrv7R/xZm0d5Leaysp m2xxtbWu6R5JDtXAlaRep7CvafE2m+KPCmnW3gbTrt08WSRxS6pdyjd/Z/mruMbKwxJeSZDuv3YQ QGDOxWPd8Zfsn+I/2fb/AMIfEHxJ4h0nULvSdQt7y00vyZ5Vu7qAqd0nMe2OByH6tvO1SACTWhYW cl5czXl9K0s11K8088p3SSzSMWdiT1ZmJJPqa+n4p4LyTBql7DCRju7cqs/OXe2yT0V3pe1v2zw6 8O8JmtZ1a0VyU3qu7e1/RfmcDpuh+JdIsXh/4SjUbx5B8zXBhkIJ7rujJH0BrkvF+j3Wqi107U72 e+hWFgwKIcs+QThVGTjA5H4YJr6N/smxCZEecHqxP8un6VxPi2wfZb3VnD8qb0k2jorY5OPTFfGU MBhqVb29OlFS7qKT/BH9YcL8A5PhsXTrUsNCM1fVJJ7P8z5mPgvRYrWW3jyNyKgjky0Q2AciMHj/ AIDtx6VV1HwbavDczWu0yzxRBkVIt7bMcZlBDjjgPz6EV6+0dvKojlw+45KtjJ/E8jtyelQSWdog 2bAFJ5Kcc+nb/P459hZjLc/Z4ZXT2SseFXWl+I9Ge5ks50ljhWMrFLJHGiKRgBdi7lPGAGG30NaH hnxtqX9svoXjS2ilsncIsuGL27P93zQw+4em/t1+709Uk0+JxIRK0RP0wuB0zgn6isfVNHk1GGS0 Zg6TbSyElTlOVZT1Xkc7cf0rmx9PDYuk6dePo1uvNHXQw+JpTvTn9/8An/Wx1S/DLRLyae6s0FnN EmA6HAVn4zt6ZAzXyVN4w0ea8ktjBLepbyOkcwPzsgYhWGCCMjnGa9fj0vxXYLdWen6xd2tpdBty KRINjAj5S6nacdMYA56mszSvCmk6LG4SzLSYG6SReWOccDp7naB9K8rhXKamDnUliqntE7KPl3vf /Nndm+JxdaKpuo7X/S25xMdj4r8a+RLp4cQW0h8syHdtPB3DOcEexz716hq/hDxDry6da63qAmtr El8fMCXK7WOAepzj05Neh+AYoJbe7tYAq7GWTj3GD/KvQk0A3aGRgViQ59z7D8q+4+vyiuSnpHsf hucZBRliJ1K6vNPfr/Vj4yutNt7TWb/S4GWGNJpQTzj5jkZx3INYOuRWx0y7ivAt5DFtd8/dYAhv btXq/wAS9BjsPErzQDy4blFlDDozD5W7nJyuT9RVvwl8IvE3iO7g1O+EVlo1wVaQTZaSWMcMBF/d cDgsRwScdM/suW51h6ODjXrTSTj1722P5BzXhXFYjNa2DwtNyak9uivo32VmtThPD3w48Z+OvDs1 v4GsYtPW/Up9qlHkWsQK7SSVBLbQPuorHoCMcj6w8Dfs/eG/D2lwJrV2+q3yxAEKDHapJjA2xBt7 BT2Z8H0FepjxBoumwra2+3ZCu1Y7dQERRxtXjaAOnGcVmyeOraJlSOyJJzgsWIHHUkAKPxr84zbj rF4j3aMuSPZb/N7/AHWP3rhnwawuFXPiKXtZd5bfJbffdnhHw0+B/iLRvErah48NvNb6SyyWhhl3 Lcz5J8xlIUoE4YKR94jrtr6iaF5PnhUt+FYPh7xzo/iSR7aCaAOjAYhdJFzjJDEZ2njoe3SumdCz +Yh3DqFznH4Hg14mb43EZhVVbESTsraK1reR9bkGSYfJqLwuFptJu+rTvfz/AARgXq2tswa6lETd dqcscfSuYu/FunBjFbx73QfekbAA9TwTg+uKg8W6LNE01/ZHdG2dwbny29xkZXP0AHFeANpV1FqI vfs+lXfiGSMrdXSLJaSRWmNqmMkTkntkuoJGcVxUcHG7Vv6/yPp51VyKbldPtpb82320t1btv7Zp WranrurNHJ8tskbF1GQrA4xnvgk8A8n0xXT/AGKKIcct05H6Y/kPzrlvBUIggkS3kZo1jjVWd2dm Xn5i7EsenLtknt79jOTyj88YPGOP6D26muuMLKyPNxVRKo7eX5f18vU8x8ZS/wCmwQMSSqFx0GS2 clWPGQOrnhRwOa9v/Y40zT5tc17VfLV7/TbS3SGIGNPL+0b3l2xqWK5O0Fizbicjg5Pzl44uYoLy +MjKqxxAMXK7BmPcofd8vf5Yhwer8E1J8PPiNrXwv8St4g0jM6RbkureQcSRDy8pI4CIjH/llEpI BwcnBFfRZO4060ZyWn9f5/1fT4jjOjVxeXVMPRlaTX63a+dnf0fSLvt698aPiNN4kudWudWuLeS3 eR2jLSReWuAQWAZRFydsURzkD5+ckfUHxn1rU/GH7Mlpr+tzTWN6Z4gwU7XlIleEfIvyB3GHGRtV ueAOI7vxX+zz4rlfxV4p8NXlpqIk3XEQt5WV7lsKT+5Pls5I5YhW6lsHNeD/ABs+ONv8QoLLwt4T tp7Lw7ZSxLEECK88isYtkef3ahFDBtpJRSSPmIx7/P7OE+apzcy0+fV/L+u/5pDD/W6+HVDCuk6c k5NpJaaWVmm9VbSzTV93ZfNtjbyNC6FAyNJLDsViVYK5byFZsfIOGmboT0yOK9Q0uPzLGAsVkLIp LY2q+0cHB6Rr1Hr1rzqxVZ9PgMZWZJlwqwybonUc+WkhAPkp1kkx83Qelep6ckk2lW028TB0VxIV 2K+B97bxiNcYRcfnXg1o6f1/XT/h7e7+kTqv3e1v8v8APtbXZKX7yC/tUNlKzEptUuHIyQcffIPV j/AvavPtHv7zQrlZIA2xWVGhPzEk8rF1+aZs7pGPCivQNSmNtaSSs7JsQsXxllzxvx3dv4VxxXk0 RZf3aowxmLy0OWG7nyUbvI55lk7DjNOhTUouMlp/X9f8PaR7RxmpRdn/AF/l87bO16f0DpPiLStX RGt5FjuiCPL3YyyffMZIG4LkjI/TrXQpqRdRDOzEJwCeSv16ccfTHTrXywZbhJFlgI8wkAFGKK3l /wAKEcrbxd2/iPevTPD3j+CSFLTW5CCEDLcsAp2f89HHGxWPCDkkYJ9a8LMchlH95R18uv8Awfz+ d0vosBn8Jfu62j79P+B37a9nGU/ZZCjqGI3qTgOB+Wff261UdGB3gZXsR0rNS4eAfumDowyOQVPt 6enH5GrkF0JGLQnBPWNh2/r/ADwM+9eCfQRqfZnueTeNvhrpuumXUtGKWOouDuBXEMx6ncB91if4 gDnuMnI8t8I/BT4n+OtUfS9C0S6kMT7JZ5AIbaNm7tM2E9+CSR0Br66FjBOgmgcAkcq3UfT1qC5u 9Q/su60W11G6toLwYkEMrRgkdOFIB9weD0NfofDvG9bCxVGu+aHR7tf5r+l2Pxfjnwpw2PlLE4Fc lXqtlL/J+a0fXuclb/Cf4GfBsC7+K2uDxTrkEmTpmnPtt0IwdsshKscEDIzGe21q5Xxz+0z4k1DT h4c8B28XhLQY2Ypb6agiJB5+eRQpJI6lQue4NeUeKPh94wsr8Fo31OBz+6khRnOPRkGdp/DB7GsO 78DeLrKwbUL/AE64SBQC5YBdozjJUHIHI7cAc1+rYXGYSqo1HWUr7ar8v0P5vxuS5hQnOjLDyi47 +69PO+1vPY5e4uLm4YvcFiWJOXYY65/n716p8I/hJrvxT1mWKCdNP0bTl8zUNQf/AFNtCBk5YkAs VU7VBHQkkKCRf+D/AMF9V+Kd9c3c0q6P4b0sbtQ1Kb/VwIF3FUJwGkwOnRR8zHGM/SSOfiQjfCv4 Sj/hGfhv4f8An1HU5fl80Dl5p3Ypud8ZRDjONzbVACduMxiinGD+fY8rDYZt80iJo4fHkMnwj+D4 OhfD3w+PO1fVZOtxt5aWRiAWdwpMaHGcbjtVQE8i+J3xN0m5060+G3gJFsPCmjsQFA+e7l4zPMcA sxIJGfyBwF1/in8T9Fj0WL4Y/C+H7D4W085ZycTahKPvTTNgE5IyAevGQMKq/LrygHzGO4YOQo7n 64rHC4a9pS+S/V+ZeIrW92P9eh0ulafJqV/BDEmAGDsW+RFVeWJ/Cv2P/wCCdTsvgnxXamQSCO+g OV+5lo2B2jHT5Rz3r8UrK6BLiTjHOX5PHTAr9m/+CbzGTwn4xmIPzXVmMsfmOI5O3Yc8CpzGL5GV g5XkfpPS0nWlrwj0wooooA//1v38ooooAKKKKACiiigAor89fi5+0x47sPG2paB4Nnj02x0i4e2L GGOWSaSFtrljIGAXcCFCgHHJPPH0z8BPinefFLwlNe6vEkWp6dN5E5jGEkyoZZAOcZGQR0yMjg4G 88NKMeZnl4fOKNWs6Md0e40UUVgeocv438RN4Q8F6/4sSAXTaJp91fCEtsEhtoml2bsHG7bjODj0 r8uvhp+3X+2N8YfBen/EP4b/ALMia14d1QzC2u08SW0SyGCVoZMLLEjjbIjLyo6ccc1+kPxp/wCS OePP+wDqn/pLJX4wfsLfEz9uvw7+y94P0j4MfB3RfFfg+BtR+xald6xBaTzl7+4abdC86MuyUugy oyFB75oA/Vv9nf4l/Hj4jWeuTfHL4Wf8KxmsZIFsY/7Th1L7YsgcytmEDZ5ZVRg9d3tX0hX5j/tK /tL/ALRvwi/YwvvH/jXwzaeB/ijrepJollb2lxHfw2pumbZcK6vIhfyUcqCSA+0kEcHyz4sfsX/E H4H/AAM1n46eCPjV4xn+K/gzTpNcv7271R7jT782cZnu4WtZFIMexX8tXLg8BwwJwAfsXRX4v/ED 9oT4o/tWX/7OHwL8DeIbj4fj4uaJJr/ifUNKdorpLe1jl863tZfvRq7284HUkmMMSm4NZ+LvgbxV /wAE9/Hnww+J3wy8feIdd8B+KfEFr4c8RaH4g1BtQif7aHdbmAso8twscjZAB3qoyUZloA/RjS/2 hfDOsftJav8As0WOn3R1rQtBXXru8fYtsEklhjjhjGS7MRNuYkKFwANxJx7/AF+JPgn9n7Qbv/gq l4305vFHiRF0fQ7XxQjpqjrJLcPe2kxs5m25exBcqLfptCjPFfsf428T2ngnwZr3jO/XdbaBp91q Eo6ZjtYmlYfktAHT0V+L37O/7OXj/wDa8+E//DUnxI+LninQ/HPjKa9utETRdRe107RYoLiSCCNL bncm6MllDrlCATvLOfA/DnxG+Lqf8Es/jh4m8R+LtUn8YaV42FqdSW9mFzERe6UkiQyhlaOMl3AR Nq4YgAAkUAf0O0V8B/tfeJPEWi/8E9/EfibR9UurDWI/D2kypewTvFcrI8tqGYSoQ4ZsnJzk5PrX xp8WJ/i78Q/jH+yV8LvCPxC1rwkPHXgdf7VvLG7kWeSJbHz7qX5iVNw0SOEmYFkchgcigD9x6/O/ x1+2R8U/EHxq8SfAv9lf4ZJ8QdU8EKg17U7/AFBNO0+0nfpbqWHzvkMv3gdythWVWYeBW/gPxP8A sdftu/B7wT4G8feI/EPgr4sQ6pBqWm6/ftfgXFnCX85GIUBizxsDt3ZDgsVbaPvj4veLPhD+yJ8M vHvx4j8M2enmVlvdRXTbeK2uNV1CeXy4fOdFG+SSaX5pH3Ebmc55yAcb+y/+1hN8dNf8W/DHx94Q uPh/8SvAjxjVtGnmW5jMUv3J4J1VQ6Hg9MYZCrOrBq+x6/Oj9iT4NfFGXxb4y/a++PixWPjn4rw2 og0mBdqaXpMSr5ELnr5jIkWVPKhAXJkZwv6L0AFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAB RRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAfMX7QPxm8IfCe402PxnJNbWmpRSNHOkLTo kkZA+ZU+fuDwMEZ6cZw7PUIdWtTK2yaJ1Vo7iJg0M8bjcroQe4wcds8E9a4X9v7wNceJfhZZeILW MyNotwwkwORHOAM/QMoH41+Kfhz47/Fz4RzmDwrrsoskBUWdyBcWuM5wI3zs57xlT71pGWxlUo31 R+22tTy6POJ7jDacfvvjmD/aOOqf3v7v3j8ucZ97bBjuQ7D7cg1+a3hn/go5drGLL4i+EEmYcPca VMUyPX7PcFhn/tsBX0x8Mv2oPgj44uLTw7oGumzvLxtltY38LW0isefKVzmIk9EVZD/dHYVtCWuj 0OSVKS3R7ZcTSRsUnG3H8Q6fXP8AjVNlkBDBRIo/76rp7q3SVe49COorkLr7TaSbQuVPdePzHIz/ AJzWkmZtl7T9Mn1O9itNPRt8jAbe+Se2fU9q+v8AwV8MNJ8MrHe3+Ly/AByR8kbf7I7kep/AV5P8 FbKzn1szXKEzRQvLHuGeQVXJPqN3H59q+pd4FckpXOuhTVrssBqN1VfMpDJUHSW99G+qfm03zaAL UqQzxmKdFlQ9VYAj8jXMXvgrwnqIIudMhOf7o2/y4rd8wmk8yvLzLI8FjY8uMoRqL+9FS/NMzqUY T+JXPLb/AOCfga9JKwyQE/3WGPyxXMXPwB0fzVeyu9oHZlIJ/HJ/lXvW8mjca+AzHwU4XxPx4KK/ wuUf/SWl+B5NXh3Azd3SV/Q8lsfg5oUKgXTlsddvJ/M4H6GvUdH0bTdCtBZaTbrBHnJwOWPqx6k1 djO41pIgxXv8MeHmS5NJzy7DRhJq3NvK3q7v8Tvw+Bo0v4cbHzbr3wHlvr+bUdK1TLzu0jpOvUsc k71zzn2r17wD4HsPBejpbJGj30ozcTgfM7E52g9dq9APxxk13IVacM9K4OH/AAryPK8wlmWCoctS Sa3bSvq2uZuzfddNOrMcPlNClUdWEdRcCik5oJxX6Geifnv+2pc2l5rHh3RwztcQeRKy7RsWOaZw DuznJMJBGAMAcnt8kQ3UcJMfYNwD2Ga+0f2wdGsYb/R9eRG+23ULRsxJK7bN96ADsf3z59civiHV bG5tXSWaF4lnjWZN6lSUcBlOD6g5r4XxFwk3ToVor3dV81r+v4H7X4EZhSVfF4WT968ZW7pq34W1 9fM6KK+MjbAcKRg9BWgIYmXKtgn1rzu11VUDKxx0471s2d+Zn+Ttz1r8scGkf0yqcJO6H6l4V0u+ Yu8XlSHq8fGfqO/+ea4W98I6hanzbc/aQoxleGx9PfvjNeqwusjBS+fUH0q0IQSxYZXscYOPeo9n F6nr4bN8RQaipc0ez/q587TQTLIyN+6Ydj29sf0p9voutapLJb6ZazXLRpvcQoZMKD94hcj068A+ 9e532mW10oW7iWYe4ww+h6/kaw7bSP7Km+1aLdz6fcAYDI/G09VI4OD3GcVMILm97b8T6L/WS9J8 itPpfVfO2v4HihhmgfyWQpKvbBDblPfv/nFQLP5ZBbCkZI56Y7Dqfy/Gver7UvE88huNSWz1b5FQ NLawFgq5xtwisD9DzXEasxuZcz2kVqAMCOJCo9M/MSTn64HtWlSEI6xb+at+rO3BZxOrpVhH/t2V /wA1F/gZHg/VEsNbj3HEMw8tyQAMMep9gQMmvdrqzAtXeVhHHj7zHAx9TXhqw2u/7oy3H4f/AFqm dIymwgHnjPY/X1raniLbo8XOcnhiantIzt30uP8AEEPhie8tnvIhqcli++NE/wBWCeDvboR0O0dw MkdKjuta1C+YpM2yMn/VJwox7d/qc1BLGnOwbMDPTn8frmud1NriSH7FGDFFMCssyymGRF/6Z7VY 7uoHKkdjmtJzqVbRb0W3kTgcrweDUqlOF5vd9W9lf0/AdqOrSrK2n2E6W01uBLPNcW0xt1ixyFkz Ghf2EmQMnFcvtgmtJW0eafTdLR/Na+sZIrk3W0YZQpjuHI9+GyMCsy41HTLWyhbVb59J0CECA2+p JHm7Y5PzPdF5SDj+IBiec1fMd0qWutanpkkk1oVSztdMupHi2NyGaN/s8OR6uCB0zXbSocq8v6/H 77Hn4nGe0m27X8r/AIWu0u3wubtsjc03Xfsdwk7XFpY2V0f9Ctmia1vJXHGSkzR4Oc8eXnofr9C6 NrS6jBtQ7HT7wI6npkZ5weevH1r5pee5imaKC5/4mYjErT3loWht4TyyrJEsSN9GlPr0FdJ4c8Vw yhdQ0+5triwzsjuY5tyzOP8AWAggLw3Rt7DPTmumNJrX+v6/PU8XF1IVY8revT9Vu7fkrxW9z6Cm uC6GI4YEYIPIbOR+P8q8Z8XaFLEssETOtvcfdYBJWGOq4kVg31YbQPevUra8t7uBJ4G8wSZ7Z5HG MdT+gqtqUdpexSWc67lkwM8MSR6cHcR/3yOeoropx1PnpV3G6Wz3/r+tznvCaubB5nPzPISpH8Sq oG7OOf8AePHZR3PRzRkghPlzz977vuO4/wB48ntVPSreTTbFLVn3kM2SMuSSxOOcZbB9Nq9O1WWl JYDJJBzhTyT1wpPVv9o8CuhQ1sebiMQ3eS/r+u3ojwjxRNLFqN5MSUdZdituEZRWcIOdy+UrD0Pm v2wOD9V/sw+D/CM+h6p8RdXsI7250p5fsrSomyFQvmu8Ue5wrNhfmJ38Z4zivkm/uQ8kEiDzXkuB sMQZtznlhDkMGYfxzOMejDivavhd8bLL4feBtT8H3GlSTvqrSotzHNhvtE8OwRhZAZJXXYSxP05A 4+kyucIVeaXn/X9ea7HwfGWHxFfBeyoJtuyevTR/NWtfytLrI9E079rvW7jW47fVNHtW0ybbvjDt 5oidiDISxKqgAODIo39gtYX7TXw00DQTpfjXwzbrbWuqhYpYlxHEiQx7ogpwfKhKkkpGMk8AgHFf KtvNHBJb3kjBIklhdyfMljR0UtliTD505J/hXC9wCBj7U/aQ8W+Fte+Gug2+iavaX81pOPMVHWZ4 2WAjmIHl84ABIAJBJxivQhXlVozVV3atbv8Ah+nquh8xisBSwOPw0sFDlUrqW9red/nvppaWqmfF NosrWcYlG8vChYSZUFVAwX3gNHAOyth3PUV7XpULnS4GkHz+UjElNo6DDMvZf7q144sfkW4DHyTE V3BvnKS4+UyBciSY/wAMY+Vfyr2fS5Ghs7YMrJhVJSQ73DHnDesnr2XPFePUjp/X9f0unKfcYqq0 0v6/q99+t7+97QyNasPL066lDNGVRjuAy4LDGQB1kb+Edq8GeIwjyRHtxmHy1OSO/kI3949ZpB0H Ga+ktXaNrKcpu5RgAp+cHuFJ43ernpXz5ctGYyscfmNtKKkZ2gqOTFGSQQgP+tlblu1aYWGj/r+v +H21vk8Sn/X/AAH5dO2jfKlkyF34+STeMYzsjkEfb/ZtovX+NhWU9xkmZJSwz5u+QZPP/LeRRn5u gijIHUVsSsszgvsdZgGyw2xOI+ASD92CPB2rjLmqrKdzO7MpTErORlgTx5pXrvY5ESYGAAfevRhT /r+vu28racseGviuq/rr3873v1b5tXUqb3hbxld6LMbKdDNZM2wxE73BYZ2g85kbJZ8kKo4PNfQG lXdhq1smpaVKJYznY6+uSOfoeK+VmtFUBdmD/qtit90tz5Ktn73eZs9iPatrQtbv/D92t5YTAKcs +4YidV+UsRwfLjHyoASWbJFeVmWSQr+/DSX5/wBd9fmrtd+W5/Uw/wC7q3cPxXptp5aJbWg7Rf1g hVyvmPscj7wJweeM/wCI/HJqeSIPtFxjceN69/rXI6H4l0jxRC8cH+j3qgF4ZGxgtkjjHUjk4yQD yM9Olik8geU6tJHkjBPKk/T6/rx0r4fEUJ0ZuE0foODxsKsFODun/Xya6p7F+SDykQOAMd/Y1CCj jLA7OwHVif6etC3aJGIpnBiY5Ujnb7Y/njNUZbz+0rmS2g+Ty1BYq33+cDb6Dua0oxUtRYqo4q3c s6jHqHi/TdD+HL6za+GvCFo8jXhhi8reoYydVG1mBBwWwu75m3ECvJfiv8W9IudIi+Gnw0tTpnhC wOP7sl5IDzNPn5myRkbuScE44VfWUHlRqok3OowWHQey+1fNTeEdN1XXNSjhAtjbzybiB5oUNJhf 3YbeRznCqfYV+t8FZtLEOVGtry6p/wCf+Z/NHirwtSwXJjMKuVVHZrpe19Oyfb7jyqZ2WE5wvc45 54Pv6Vi3MwkAALgD3wP8/wCFev8AxE0DQtISws9NF0s9urRXTSwG3R2XgGNXCOe5JZQRkDJxmvFL oo1wVjAG3AJJ57V+l03fU/EJp3sX7J1jkBU4J4OOTg8Cv3A/4JuWuz4W+Jb3A/e6sI/U/u7eM8t3 Pz9O1fhraBhKuzp1OPlX8/Sv3h/4J5akq/CfUtAaAxyQ3xvA+0qHjuEVAcH08o49Rg15+Z/Ad2B+ I+/zS0nWlr589YKKKKAP/9f9/KKKKACiiigAooooA+Ovif8AsrHxd4qu/E/hnVY7D+0pDNcQTozK JW5d0ZTn5jklSOucHHA92+E3ww034VeGP7Cs5zeXE8hmubhl2+ZIQF+VcnaoAAAyfXvXp9Fayryc eVvQ4KOWUadR1YR1YUUUVkd5w3xP0bUfEXw18WeH9Hi+0X+p6Rf2tvHuVN801u6Iu5iFGWIGSQB3 OK+c/wBgX4V+Pfgp+yl4L+GvxN0v+xvEmktqZurXz4bjyxcahcTx/vLd5I23RyK3yscZwcEEV9i0 UAfLf7ZH7PEn7T3wF1v4XaffJpmsPJDfaZcy5EUd7atujEhUMwRwWRioJUNuAOMH4z8b6j/wUX+N /wAJbn9nXX/hLpvhK/1y2XStc8Yy63az2cllJiO4lgsoS0geaPO4Bn2gsAqkrs/XCigD8s/iz+xz 8S/hrafA/wCJH7LjW+ueMfgfYHSTp+oyLbJrVhNGUnAdiEjlcySnDOqgSEhgUUNm+KPht+1P+2l8 Rfh8PjZ8P7f4QfDTwFqkWu3Nm+qwatf6rf2pAjjU24URx4LJkquFZ2yxKAfq9RQB+ZPjb4cftG/D j9vl/wBoH4aeBYfHHhDxnodjoGpONRt7KXTUW4hM05SdlZyiQh1VQQwJGQ1fo14n0vR9b8Natovi LH9lX9pPb3e5ti/Z5Y2SXLdhsJ57VuU10SVGjkUOjgggjIIPUEUAfjL8AYP2zvgp8K5/hL+z7ZeE fip8Oo573/hGvG665bpa2FvPK8jm7hR2aUwyM7MkYO1ty5ZQBXmP7IPwN8TftA/8E0vit8KtO1CE 6z4n8UXtxZ3krN5FxcWTWE6sX252Sy25UvtOAc44xX2Jdf8ABMT4Rw3Wq6f4R8feOPCHg/XJZJr3 wzpGtfZ9JkMn3kETRMfLI4KsWOOAQAK+6fhj8MvBPwd8DaT8OPh3pkek6Do0XlW8Ccnk7nd2PLyO xLO7ElmJJoA/IL4p+Hf+Ci3x7/Zml/Zv1L4Paf4Y/s+ws7fUNVk1yzlfV/7NMbxQ2kKPtheV40Z3 eUx4DLuXOK+hLP8AZ6+L8X7SH7K3j6TQcaD8NvB9zpWv3P2q1/0O8k0qW2WPy/N8yXMrBd0Suvcn HNfptRQB8JftDfBn4k+Of2s/2d/ib4W0f7b4a8Cza0+s3f2i3j+yrdwxJCfLkkWWTcykfu0bGOcV 6D+2Z4S8beN/gfeeHfAPw80z4n6pPe2jf2Lq04trWSJH3NKXNxajdGQCo80ZPY19WUUAUdL+1f2Z afboVt7nyY/NiTlUfaNyrgngHgcmr1FFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUA FFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAGF4n8O6Z4t8P3/hvWIxLZ6jC0MgPYMOCPcHke4r +bH9pT4K6z8L/GWoaBqURAjdmhkA+WWInKup7gj8jx1Ff0114X8d/gR4V+OfhaTSNYRbfU7dW+x3 oXLROf4W/vRk9R+I56tMaZ/JJrFhJHIzAEEZrnSSrY5BHOeh+tfY3x/+Afjv4QeJZ9G8V6XJBks0 MyqWgnjB+/E/Rh7dR0IB4r5SvLRY5TlcMCeOn60Mo++/2ff23LrQorbwd8ZZ5buxjVY7fVgpkmiU cBbpRlpFA/5aLlx/EG6j9DrPx94C8RXVvZ6H4l02/uLtS8UVveQyyuoG4lUVixAHJ4471/P7feG8 aWutWFylxCG2vGGxNFnON68dezDKn1zkCt4f8R+JfBGtWXirwtcvZappz+ZDMgBKkgg8MCpBBIII II4IrT2j2ZyTw6eqP6pvg3Nt1Z4x0MLDj6g/0r6OLGvxU/Yu/af+JfxD+JfhrQteaGWK5eSG6WG3 WJpA0T/MxHQocP8AKADg8en7YeSx6VmyqUXFWZDuNGTUwgf0p4t2pGtyGjBNWhBTxD7UDKeDTtp7 1cEVL5VAFPbRjvVzyqQxUrAVkba2a1IpQwxVIxD1FKo8s53D86EBpjrRxmqyzx4+YilNzCP4h+dM Cx9KSq63ULHAYVYBXHWgDwv9oPwDN458BTPpkJm1TSG+1W6j7zqP9bGPXcnIHdgBXz14m8F6APC+ hxeK/MvfDl1ZwNYa5AuZNPLqpEFyFzmAZwrHOB8p6Ar99ZX1ryTXNFvvCc1zq+gRm70e5Lvd6fgu I2kILyQoATtbLNIignJLKDkqej2sJ0vYVoc0O3+Xn2MKSq0MQsXhpuFRW1Xl3XVdGfmX8Qfgt4i8 K51OBV1HSpBvivbX542Q8hjjO0Ed+V7BjXioM1sQpJJHfkV+qlppOn2CDWPh5fxWkF7+9bS5WEtj KCfnaEKcx5zktGcdyhrzvxV8F/Anjm+eDTVHhfxBIGK27ANbz7eS0OMLIvqYyGXq6A8V+e5twRvV wEuZfyvdf1/TP6A4U8YlZUM2jyP+Zaxfy/y+4+CbLWCFAlbaw4B5Y4H1OK6221mKTCSnJPTnPNdJ 44+Anjjwa7z3enPcWqHP2m2HmxAHucAMo/3gK8dazvoTiMk46cf5/nXwOLwk6cuWrHlfmfu2WZhh 8TT9phqinHyd/wDhj0tbgNJkncOxz0qVhuHDA57GuBt728hyk5O4e3St+2u42I3sd2e9cU6bR6VN 8zNeez+XzANpOM45ArJntHlXYyrKh6qeQfwNa1vP8xIbHb1qa4jD8kfhWPM7myvF2kee3Wh2UuXD yW7rx8pH6hgc1j3GhahGha3nS6j7dY5B65Ukr/4926dq9JW3EmVYY+vNUbmzMHzRHcPpVo74ZhVi 7c36/meTP5kcoimQow6gjBA6ZI4wPf61h61p9tqlv5N4GlidgSNzIcjnBC4OD3ycHvXrt5aQ38Xk ygKwyVYjO1vUdPx9q86ubfyzJD91lJVs85Ppx1Ptz9a6KO6aOz+0IzjKNReq7o4Z5Z7a9d5L+Se6 uv8AUWrwhooe24+Shf6s8m36VXOnxx6pJdWVtbX2s3QEV1eQyLE9upwo2qxncHA+6AFJGT7dTDcx SxmIkIwbGD93kHr/AHvYCo7a3061tXs4o0toJf8AWLGBGDuycsUxjPoOfWvUhLl0t/X4f8PueLWp +0d1LT8vvvrvd9FdJaHLyzrHC8f2++02w0+Qm4mukDm6JOBGr3G9mUnIwiAYxtYVDex22qeXq2qW +n6gqMX0uG5h8l1ZiADvnJYyEAfKqAj+faI0MSCOH92qDjb8hVcZ5z9wfXn8azZbbS3vItQ8iJ7u NQiSqgMgXPSLPI5b7x47100ayT2/r8/nfb0Z5mOwU5Qtzp+XbzSu46X0Vrczu3qmdj4Y8QXcZ+za sqwyyopk+YtGp5ALSFV7DATAPIz1Fd+LgtIN33iBnPB2/wC0f4F9uprxT93u81CAWwMr8w3LnGwf 8tJOvJ4H512+h6mbqEIWUm3cK2SXCt6MScyScHcOgIxxxW3Ldc1v6/r+tr+Li+WDUVK/9b9N+ui6 u3xKPe/aATtLf6wk9MZB6f7o/U+tYOrXQjsro53ZhfP8CkAHqf4I89T1Iq3vAwpJbsc8nPqexPoK 5nxbPLa6E0qqAruquJDhByGDNzl/ugKmcHjJow93LX+v6/rocGNSjD+v+D+N/PS9/JL2G4uZovKA lEitkEvH5iBGVQqqV2W4J+YMRu6jnBp2m6XKYTLFIXiVUjRbdVgUIqFPJtl6rCOSZGOeBg9Krz3G 9JI5FDfL5knncb89Jrgn7qYyUj7jFSm9kIkUbme4TcY2xHJKmPvOekcA4AHGST1r2YRsvL+v66L0 XweLiKybvFO/z9PN7+ru/tS/iyrbWwRPJX96VEUckXzSZVAmIGclmfbw8zc4zzSwmwXy5Nodkcwx sv7zZIyiJo7bcD87D/WSDAzk9SawJJWuAG3G485cFgSnnoPm2oP+WVuD/F3C9eapfaH3CRRvMo2D ywELRgcpFn7sK5+aQ53E5zXRFd/6/rX8b/aS4Zy5kuVf1pbb5Wt/ds3+7cuokvYUi/cnYI8xKYgX 2lhzFDn78nHzyHoPwr0+zuBb2kNsy7NiBNi/w4HKKe5/vNXgsE0lxcW8cJOZ/wByggwmVyMpb91i B5eQk5A/CvaeofaihSMYU7VAB6L6J6nq3aoxErJL+v6/4PW5zQoObvf+tPl226WtdcpPqWoYsJpA qyFY39kYKD8uT0jXueprxWS9E5AlxMJVySx2CRF/iYAfu4F7DALk9TXc+LJpbPR5DIQxuGWJQcgM T2KjkgLnbGOT1bjNePmVpDkDktuOQGLMv8RHRmXnCgCNMck4NdGCjdX/AK/r+t7W5sW1F8u/9f8A Btrfd9OdT3nu4yZJC4IbbIzSDaDjhZZB/cXpHFk5wOOaga+EZ3puVg24hhuZHfjewwczPwFUD5B+ JrK3SFRICT1k3Z3HJ4Mm48M3bzGyq9FBNUHBQiM/L5Zx3Xbv7jILDd3bb5j9AAM13xj0/r+vw+Ss /PlVW9/z9fXz79b8zvHSln3naoAC5jADdh96NX9T1mfcOCRUa3TBjIXHO18sCFOBhWK8fKo4iTB3 EknpWb5wUODjd9wjA/h5C4z0HXy93vIeoqI3QIUKxAPzZ3c5P8WSBk8437T6IOpHRCDf9f1/Wr1t bjq4hLT+tPS23lbflVle/TWF7LbzRvbM6SxsQqhsOGPJUH/nq3WRsAIMjrxXt3hjx2NSWKy1Nh5y gkSj/VyDoenRf4QTjcc45r51tpo8sG24jG3bzgg/8syM8DqdnDN1cjnGrHckj7Ru3D7xY47cBt3K 8dAQ21eigmubHZZTxEOWa17/ANf18ysvzyrhKnPSenVdH/wVsmrWeitFWf12kzliYQWQgBl6Buef X/PTpmp4PLt4T5WXiJJI/iTd6H0/yevPkngzxiMxaZqjbXHypIxbLEHjO7n+Z9cdK9WkltkUSB0j OOctgP8Aj0/zxXwWKyqrQlytH6Pg+IcPiIqrB+qe6fZ/o+pfLKU3xNuX16Vw2reGzqHmapo7fZ9Y iCmOUHCvsI+VhyOQMBsZHTp07Kwktyu5Vd0f+HaQCfZj8v45FXeYTthQcg5wd5X6lcr+TV9Fw7km ayqxrYOk797afO+lj5jjHibh+WGlhsxrRt2veSfdWu7/ACPlr4k+LrjxVa6VYXmnvDqem+es8krh nkkcg5KhVxgjp3JJ715Fb2VwHMCWZuJmOBsV2OeOgH0r7e1bwl4Z1m8TVdQtmkmRfLcK7IrgjHzG PBOOeCenFa+k6Ba2RKaRZ+VvxxEgXP4jn9a/orL+HsVKmpV7QfVXv/wPxP4zzTPMJCtKGGbmr6O1 rr8/wPnnwH8H9T1GaK/12NraL5X8vA8xgDxvJ4RT3HU1+0v7Iq6Va6R4i0q1Xdf201s1y4/1eJEY xxrwOUAJP+9XyD4J+GHjvxifI0CyMMO797ezApbW6j77NIwwWA7DLexr63+DGq+E9B8UWPwy+GU3 9qwW7S3mtaqM7LmURFAsfJyisw5yRnGC3JPn5zhoxhKjR962sn5L8v1fc6crxEpTjVraX0S/rf8A TyPsjpS0hpa+JPqwooooA//Q/fyiiigAooooAKKKKACivyS+OfjDxL4g+JeuW+q3MqwaXeTW1tBu IjijhcopVc4BYDcT3J9MV9mfspeLPEHiXwJe22uzyXa6XdeRbzSEsxjKBvLLHk7M8Z6AgdAK6qmF cYc1zw8Hnka1d0FG2+vofUNFFFcp7hj+Idf0jwpoGp+KPEFytlpej2015dzvnbFb26GSV2xzhUUk /SvyZ+G/if8AbT/buj1D4neBfH0fwM+E73M1rosdtp0d/qmopbyFGuJHkKFQSCpKSqoZSoRtpdvv H9r7Sdc139ln4r6R4cVpNQuvDWqLGiDLSD7O5eNR3LoGUDvmvLv+CcniTw74k/Yz+Gx8OzRyLplk 9hdIhy0V3BK4mVx1VmJ34PVWBHBBoA+cNJ+OH7TX7H3x08JfCb9qLxDD8R/h18QLhbHSPFiWaWVz Z3rsESK5SP5cbmXeHLEI29ZCEdK/RTxZ8ePgt4D1LVNG8a+N9I0O+0W2ivL2C9vIoJILedgkUjq7 AgOzBV/vEgDmvzk/4K7TWWvfDv4U/DLSCsvjPxH40sjpUCH9+VSGWCR1HcebcQrjuWHpWXq/wl8B /Fz/AIK1a3Z/ELR7bXbDw94Gt9WhtLyNZrd7lJbe2QyROCjhROzAMCNwBxkCgD9Nvhh8bfhH8abG 51H4U+LdO8UQ2TKtx9inWR4S+dvmx8Om7BxuUZwcdDXxJ+xj+1PNq3wo8Y+L/wBo3xzawND8QdU8 O6Zdai0FmmyOC3kt7RCixqzcyEZyxGeSBxwfg3wN4U+FH/BVu70L4daXb+HdK8SfD0315ZWMS29q 8/2sIXEMYCKT5CsdoGWyerEn59+AvwS/4X/+wR+0L4BtIPP1hPHuvahpWBl/7QsYLOaFU9DLtMJP o5oA/cfxf4x8K+APDl74v8batbaHomnKrXN5eSrDBEHYIpd2IAyzBR6kgVq6Vqmna5pdnrej3KXl hqEMdxbzxMGjlhlUOjow4KspBB7g1+FfjD413f7bHwe/Zi/Z2s7p5tU+It4lx4wKMfMSz8Nkx3Zk 9PtDxvPH7oozzz+7ltbW9nbRWdpEsMECLHHGgCqiKMKqgcAADAFAHknxP/aD+CPwWktrf4qeNtL8 M3F6u+GC8uVSeRM43rEMyFQeC23HvXQ6L8V/hn4j8CXPxP8AD/inTtS8JWUE9zPqlvcxy2kUNqpe dpJVJVfLUEvk5XHOK/MH9i74d+Cfjh8e/wBo/wCLnxi0W08UeKNN8X3Wg2sOqQpeJp1haM6RxxRz BlXKqI92M4jwMZbPi3iLw/o3wY+P37YfwW+GkQ03wXrHwl1fxBNpcGFtbPUFskUeXH0jDLcOwVcA BwANqqFAP1Y1j9sH9lvQLrTbLWPin4etZtWhiuLcNfxENDOoeKRiCRGrqQys5UEEEV7zea/oWnaH L4m1DUba20eGD7VJeyzIlskAXf5rSkhAm3ncTjHOcV+QH7P/AOy38C77/gmnJrOreDdMv9d13wtq urT6pPaxyXy3YjnkgkjuGBkj8nagQIwAx0+Zs/JnxH8VeNNc/wCCfX7KPw5t7W48QWXjPXjY3unr drZf2jFY30kVpp7XUnywq+VVXb5UKKxHyCgD90PAP7UX7O3xS8Rt4Q+HvxE0XXdaG7baW12jTShB ljEpIMoA5JTcAOa95r8Bf2h/hp+0B468DaHb+CP2RdM+EHiDwnfWd1o3iLT/ABRocctm9u4KxkIl v5gcgYDScPhuTwf3j0C41G80LTbvWIRb389tC9xEGVhHMyAuoZSVOGyMgkHscUAeWeMf2j/gL8Pr 3W9M8bePtG0W98OG2XULe6vI457druPzoFaMnfulj+dFAJK8gYrq/hx8VPhv8XtA/wCEo+GHiSx8 TaWshieexnWZY5QASkgByj4IO1gDgg4wRX5ceAvhB8OfiZ/wVU+PGuePtKtdck8L6VoMthaXkaTw Ca50yyRpzE4Ks0artXIIUvnG4KRC9tbfs6f8FA/iLo/wW09bHR/EPwyuvEmoaTZKsdnFqtm8ghmE C4RWPlqAAMZnY/xGgD9EfHf7Uv7Ofwx8S/8ACHeP/iLomh62Coe0uLyNZYt43L5ygnysjkb9vGD3 r0DxF8UPhz4S8LWnjjxJ4l0/TvD1+0CW+oS3MYtZmuf9T5cudjeZ/CQcHtX4F/sbaf8AEzVPgZP4 lt/2TdP+NTeOrvULnUfFGqeItKiuNQka4kjkTybuGSaARspGNw3PmUfeFcj8TfBHxc+G/wDwTj8c eAfiXop8P6fYeO7WXQrE6paaqbOxuWLta+dayOP3Uu4neFYszNtGcAA/fLwz+0j8AfGU3iC38MfE LQ9RbwpG82qmO/h22kMRw80jFgoiUnDSAlAeC2ayfAf7Vn7N/wATvEa+EfAXxH0XWtakLLFaQ3ae dMVGT5Ktgy4HPybuAT2r5P8A2h/2FPhtD+yp4h+F3wRsdG8D69f2umQPfy7bRdTOmzLMsN5cHLMZ WBIdskvtLHaOPibxT4r8KeCNR+H2mftofszyfCf/AIRXVbE6f4x8HeTFZx3MGTEsklur/ugV80oL iST5dyrkEEA/cD4l/GT4VfBvS4dZ+KfivTvC9pcsUha+uEiaZlGSsSE7pCByQoOKm+G/xb+GPxg0 eTX/AIXeKNP8UWEDiOWSwuEm8pyMhJFU7kYjnDAHHavzO8EeDPC3x4/4KY/GKf4v6fB4hg+G2j6T beH9Nv1W5tYI7uCKV7hYZAUY7nZwSCAZc/eCkLqvhDwv8B/+Co3w1034R2MPh/T/AIn+HNSXXtLs EWC1c2kNzNFceSgCIWeBMlQMlGPVm3AH3Zr37W/7MvhjTV1bXfiboNpbNdTWSk3sbMbi2KrNGEUl yYyyh8DC5GcZr2bwn4v8K+PPD9p4r8Fava67o1+pe3vLKZJ4JQDg7XQkHBBBGcggg81+Pv8AwTW/ Z9+D/jvRvjL8QvHvhLTPE2qXPjfVtHVtTtIrxYrS3SKbbGsysqb2uG3lQCwCgnAFer/8Eu9Ng8La P8dPAGlFk0Xwz8Q9Ws7CAsWWGGMJGFXcScbY179eepNAH6aeIPEWgeE9Fu/EfinUrbR9KsEMtxd3 kyQW8KDq0kkhCqPcmvDfBv7XP7MvxC8UxeCvBnxK0TVdbuH8uC1iu1Dzv/dhLYEreyFjXgn/AAUY 1H4Hw/CXw5pXxwGvapa3uv2jaZoPh0x/atbv4g3l2sgdGzAd3zgFWyV2kvsFfmB+2pqXjW/8BeBf GL/s02XwN03RfEunJp2tLd2MWpvIUkdLYWtrDFLGmI/MO7IVo1I70Af0AfEr4ufDH4OaIniP4peJ 7Dwxp0z+VFLfTrF5smM7I1PzSNjkhQTjnpXwtcftUv41/bh+Fng74VeO7TW/hlr/AIZ1S9v4rBre 4gkvLVbkgvIFMqOgRCU3LjAyvPPG674X0H42/wDBUm+8I/FewTWdB+HvgiPUdE0y+VZrN7q4ngWW 58hwUcjzmU5Gd0aH+Bcc1qfwh+HXwq/4KvfDW5+HmlWuhR+JvC+p3t5ZWcawwC4SG7h85YkAVPMV BkKACylupJIB+qXgP4ieBfih4fTxV8Otes/EejvI8Iu7GZZ4TJGcOm5CRlc8iqeifFX4a+JJfEkG g+J9Ovm8HzPb6z5VzGRp00e7elyc4iK7G3biMbTnpX5K+AvibYfsG/FT9pz4WauFg8PRWMnxB8KQ P8kUhu8QNax+xuHhgUDtEx96+ffHvw48S/Db9gH4UeF/EV5PY3vx78dafqHi69DbJZIdWWSeOOQk f88o4pGVuA6NxyaAP2n8HftYfs1fEDxSngnwZ8StC1fXJn8uG1gvYy874zthyQJTgdIy1eseNfHv gj4b6DJ4o+IOv2PhvSIWCNd6hcx2sO9s7UDyMoLNg4UcnsK/OD9vT9mD4BeFf2PPEmseEvCWmeFd T8BW1teaPqGn26W13BNDPEiqbhAJH83O1t7MWYhyd4DDw83jftN/tU/sv+D/AI2RHVtCb4Z2XjCb TbvDWl/rF3BJvklh+4+PLD7WHRSpG0kEA/WD4X/Hr4M/GpLtvhT4y0zxO1hg3EdncK80Sk4DPEcO qk8BiuCehrkPHP7XH7M3w21+Xwr43+JWiaXrFu/lTWj3aPNA/wDdmSPcYz6h8YryvXf2fP2YPhn+ 0NoHxws9ctfhp4tGl39rHpen3Fjpttq1ukbGeWSyaLfcNArhy0eMFYy+doFfnp8EL3wNqvgvW/DX 7Lf7LOofGPw7rd9e+f4t8a3OnWjahJI5WRzPPb5eKM5CqrIw5LASlqAP0x/ae/aj8MfBz9m3VfjV 4L13R9Suby2/4p15Z1ms9Run+6kRicebhQ77UbJCnng141pvx61D4v8Aw/8A2ffF/gn406B4evNQ 1bRbfxRbu0DNrF68FtLeaPCux/LuXaQgIu0rvABHFfnZ8FtO0/Wv+CRHxYTWrWG/Ph7WdROnGYLc fY2zZndbuwOw5lf5kxnc39417T8VvDfh3w58PP2BV8PaXa6WNR8UeDru5FrAkHn3MsFjvmk2Ab5H wNztljgZNAH63eLPjx8FvAepapo3jXxvpGh32i20V5ewXt5FBJBbzsEikdXYEB2YKv8AeJAHNT/D D42/CP402NzqPwp8W6d4ohsmVbj7FOsjwl87fNj4dN2Djcozg46GvzJ1f4S+A/i5/wAFatbs/iFo 9trth4e8DW+rQ2l5Gs1u9yktvbIZInBRwonZgGBG4A4yBWHr+iaN+z9/wUP8c3fwh0eDQ4b34Taj rUmn2ES29tLe27sUKwoBGpZrdCcKMsSTyzEgH6UeKP2p/wBnHwV4z/4V54s+I+h6V4iVljezuL2N HiduiSknbExyMK5U8jjkV6Z4L+IHgj4jWF5qngPXLPX7PT7uWwuJbKZZkiuoMGSFipIDoGGR1GRX 5l/8E/v2cfgb8Tv2O9N8V/EHw1YeLte+Iz6pc67qeoxJc30s5vJ4Ti4cGWNkCAgqwIfMgO45rQ/4 JDafZaR+zp4w0rTZ/tVpZeONWghmyD5kcdvZqj5HHzAA0AfqpRRRQAUUUUAFFFFACH1qJmbtU1MZ AaAOJ8beC/CnxA0Gfw14z0qDV9OuB80U67gD/eQjDIw7MpBHY1+Sfx6/4JvaM0l1rnwlv5YgQXGn 3a+YAepCTrhsegZGPq1fs60IPc1A1ojdTQO5/KDrXwO+LHw91BhfeGtUhEZIZlsZp4ZF7qSiMCpx yDxXNSfDXXNZu4x4f0jUWnnYBrNNNvSynodpMR4J9T/hX9bp023PJAJ+lOXTYF5UfpQI/LX9hH9l nU/hwT8R/Glq8GsTRNFaWroVNujjDSSEj75XKhR0BOTk4H6hRWe0ZY81pLbqvSpPLpJCRSEWOh/W kw47mr3l+9IYvemMokyDvSbpf71XfJphhbtzUtMCkTJ6mm4c9zVsxP2FN8uT+7S1E0Vdp7mk2Va8 uT+6aPLkx92iwmir5dIY6t+XJ/dpRHIf4aVgSM8w1C0B7VriJyeRR5DelHKDiYwRkORWrBNkYNKb diMYqP7LIDkcU0gSsXdwqpcybYyc9qcI5u+PzrJ1E3CIQV49R0qrjbPHvEPk2MtxNaQpC0zF5Cih S7HqzEDk+5rznSNe0DVNbl8O+KkZ0nVWtXxuUMN3mLt9VAV1A+bqRytewapYm4DK68MMV4X4t8At fLvgO2RGDKc4KspyGBHIIPQ9acHrcwcjN0H42+LPAF5beGfi3Zf2cW8i3t9RkZ5dH1B3Lr5lrqCm ZoIyqoxS95Uvt8z5dx9H1rwz8DvH9ta6nrVsmmyanEssF+hW3SdHAZZI7mItazAgghgzZBrxmD4g 6p4Etn0XxbYLqmjlSrKiqd2Tn95C37t8nqRtPc5Nci37RP7O/wAN/Dmr2vhHwuFn1CMu1pbwtAkk 6htiymUOgjDMx+UNjJO3vTnCNZcmJgpL+u6t+F/M9DC5hUwslVwdVwl8/wBHf8WvI9B1/wDZPmuY WuPBmvW95C3+rjuVMeR14li3Kx99grxnW/2ffiloELTvoUtzEvVrVlufx2Rkvj/gNcr8A/2hm8e/ ETSvAb6G3hy61b91/aGkXs0MayKHbM1vL5iMrnYgCsuG74O1fuLxl8Vbn4I3+laZ8RPGOkpBrQum spdWR7AOLNVeVGuU3QIwDjb5hy54XJ4rwcXwTlta7pTcX2en+a/FH6DlPjLnuGtGtFVF6X/Llf4M /Pi5sNUsHMF3A1tKpwUlVkcY9VbBFSrdzBAkqkEevSv1E/4TTQfEunmHxV4ce5sRjfIsceq2Qyoc HfDvx8rBuUBwQelcpN8NP2e/Fy409bSCaTp9jujA4P8A1y3BR9ClfM4vw4xEfepSuv66q6P0PL/H vB1LRxdBxfk0/wAHys/OEzEg/wALH9RVU3IYFTzX3xq/7I3h24QtoevXNox5H2mFJx+aGL+teU6t +yX48t1ZtPurHUQCcBJGicj6OoUf99V83iOFcdT+xf0sz73L/FHI6/8Ay/5X2kmvxtb8T5OcDdlh nn864zxBCAv22FeGwr4JznsRngZ6E8V9Kap8APixpZcS+HbmRfWHZOD/AN+mc15D4h8J6/oWbTxB ptzpwmBXFxC8JYdON4XP4V531KvSf72DXqmfV0M/wdZqWGrRl6ST/I8FvY9kouIQCG7DO0nH8I9P UnOB061RW4w67SApPB649h/ePGTzjoMda1dSt5bSWWyvQGP8WeAynkM3YDuBXMzlreRirkkALkHD bD0/3FP5nPSu6Ou/9f1/XW3baP2Xp/X9fLTVRb0mnVYyrEARsMknIU+rnje2f4RgZ4xSeaGMgUHc wG8EgMR2LtwI064A25znPaueS4kDAdNv3QoA4P8AcXoB/tHHrg0G5dQpUjZk7RkmMMep7NK2OwwA PeuqnF9v6/r+rpN+biZq1m/y/rr6WfWLajstc/cbk7xiPb8u9OOFHSOPjlyMkDrzzteELt01t2TY 6JE6B15XjHyQjHOGKlpDnqQCK8/ubpmErSFdsh+cO23cx6CZhxjP/LJOei9zj1H4Z+F9c117qbQ9 OudSmnIhUQQu77I/mKhUDeXGSRx94kHOeK9BQfK7L+v6/q2i+UxtWmpJzlbVeX5+n3rfmV590bss 4I+97Dd+A9T71m6t/pdlJaytsVwQr7d2xuxVRyzqQCPQivZtM/Z9+MmsSoLPwpeRh+9xstlA9P3z JgfrXsemfsZ/EO9SJtX1LTtOXbg/O8siKeSMIoXr1w/PrWeFyzFSleMH/XqcWbcVZVThadeN/J3f 4X/rboflzKzwvLHNGI2hlyyyEsscg6NMRjzZe4QYxgD0qGSQtIyPk7mzJ5h5Zx0adl6tn7sK8568 Cv1ytf2Avh/NdLf+KPE99czcBksUjtkwAAQpcTMuQOSpUn14Fev+Gv2Rv2ePC4jFv4VGpzRjaJL6 WS447gRlhEAe4EYB719XRyas9Zaf1/X/AA92/wA4xfiDgY6QTl8tPxt37d1blaUfw1trXUNSm+y2 0T3lzO6jy1QyPKx+6rpHyQMACFBnoGIycewaD+zV8ePFoabTfBepCObbukvEWzSQYBXPntEGX0RD tGclieK/eLSNF8OeELBbHQNLstCsoxgR28UdtGoHsgUVVuPGXhWz3Lda9YxMvUfaI9w/DOa9TD5B fq36L+v6S7HyuO8R568kEvV37+nd/fL+Zn5SfDz9gz4tXt/FqXjG507SLYDc0bTNczl1xtDLGmwh eoHmBQQMKeo+k7f9iOHg33i9lY9fJswP1aUn8cflX0rffGH4c2bkPrguHHaKKV/1CYrlrn9oTwIk q29s9xcSMQPuKg5OOS5GB7mvWhwlKWroyfyZ8tiPEmu2/wDaIr0t/wAF938zxW+/YI+H2rSQPq3i rVpFhzlIRbxo2Tz1icjjtnBxyK8S+Ln7HHwn8A2n2nTvGF2tzMR5djcpFPPJ6kGMR7UA7shUcAAH Ffa/irXfEviS0Ft4Q8SaDpcUoG4/2lG1yxI+7uVSqH/dJPo1fO03wH+JV7JNqUdimrGViXmhvIJg 7f3iWk3MT/tZNengOH8MrOu1Fdtn+O34niY7jDHu/sZOT77r7v8Ahj4lg+C2iMnmQXVzJnqZEHPo eSrenOc+9U7n4LafMxCMxQDHIRc+p+9jn6c9819qTfCL4lW+Vm8P3f0SPeP/ABwms6X4R/EF1I/4 R2+IP/TCT+gr62jlOUfaS+9/5nytbiPOtbVJfcv8j5Di+Cmgwr58qFtxGcvGvAPTiMj/AA7YrWg+ FPhrrLbwjLFsmdiwz1PCDr35z719Nj4Q/EeRWt18NXvBByYH6f8AAuK6XSvgH8ULlcf2BIi+srQR /wDjrSA/mK755Zk0Y68v4HBHPM6nK/NL8T5Df4O+Dvm8m1iUseDlsD1AyMY9BVlfhT4Ws0817RHJ yARvyO/3gQfx64wK+ybr4FeJNO2rr9zp2jFuR9qvYY8j14Y5qhL8LvCwAGq+PtEgAxj7PcG6fPsi KCfbmsqdDKo7QTXpcdTHZs1rUa+dj5dtPh/4TYb/AOzIHBwMfZ0xx0+8GFdB/YFpbIPs9ttCj5QQ Ao+hCjH5171/YvwA0JQdR8Z3WqFclhaafLGxxycNMSlLL8Sf2avDUJ/svw7qviO5HKtdSrbxn2/d Oo/8hmu6jKk5f7LQbt/dt+djzq9aqo/7ViEv+3r/AJXPnlPD2p3s6IABz6GQkex+b+ley+G/hJ4s 151ttL0W6uPlyZZEaCH8JH+Q/TINeS63/wAFBNH0LVH8OfDjSNK0a9DiM/ZrY3U8bbmjZXnbCZQq dwK5xjrkVFrPxq+J/je02eIfEF3c29wMmFWEETg9mjhCIR9RXdSni8VeMOWKXnd/grfiebWlhcLa c+aV/Ky/F3/A+gLr4ZeDfCjM3xB8W2GmS54tLPffXIx13pF9w+5JFc14h+PfwK+FFubrTNEjnNuC qXviG6jiiL5xuFsh2sNxGCcNyK/NH4+6x8WLW90y08Ga0+k6bPC/2jYqKyyo6tuDkbxkYBAOCAeO Tn5Ni+BXiXxnefbbzUbvUZmIDXE26ToAo+ZySeAB+Ar5bM8XUp1HQneTXnaO3lr97Ppcsw8KlJV4 Win5Xf4/oj7o+Nf/AAUR8T/FQ2/gfwZqTGwuJUWaSGE2tmkOfmjSLh3yON0hwvOOcGvvv9mrxY3h vxT4dtNPIePUPKiuGBz5wuQoGCOwzuGOPyr8svhh+zbaeGZ/teoZleMfO74wAew9/wAetfqZ+zT4 c/tHxtokGnwt5dqyXEjHGES35zx0H3VHuRVUKL+p1Z1dI9lor6/kRiKqWLpQpavu9XY/V7rS0mOM Utfn59uFFFFAH//R/fyiiigAooooAKKKKAPHfHHwJ+HPxA1b+3NcspI79goklt5DEZQowN45BIAx nGccZ4Feh+GPC+heDtGg0Dw5aLZ2Vvnai5JJPVmY5LMe5JzW/RVObas2YQw1OMnOMUm+oUUUVJuI QCCCMg1+Zus/8E/vF3gHxtrPjf8AZB+Lt/8ACGPxDKbi/wBF+xR6lpTzH+OGGV1WIdcApJtztQqm FH6Z0UAfAPwS/YVh8G/FOL49/HXx7qHxd+Itonl2N7fxC2s9PBBXNvaq8gDAMdp3BVJLKgf5q9g0 b9m/+yP2t9d/am/4SHzf7b8Mp4d/sj7Jt8rZPBN9o+1ecd2fIxs8ofezu4wfp6igD5huP2cPtH7W 9r+1N/wkO37N4YPhz+yPsmd2Z3n+0favO4+9t2eV2zu7VyHwO+Fvgr9hn4W+L5PiB48tZNF1vxNd 67LqV7Cumw2zakIIUtzummDENGAH3LuLY2jHP2bXL+MvBPg/4ieHbrwj480Wz8QaJe7PPsr6FLiC QxsHQsjgqSrKGU9QQCOaAPyM/wCCb3wg8F618evjZ+054Kt3/wCENu9XvtH8KPIhVHt5rg3N5LAr AFYs+WsRxkKXVvmDCv2brF8PeHPD3hHRbTw34U0y10bSbBPLt7OyhS3t4UyTtjijCooyScAda2qA Pz78ffsWeN7H4w+IPjj+zF8Vbj4Ua74xCnXrNtMg1XTr6Zek4gmZVSXJZixVyWZiCm9t2j4C/YW0 bwj8Pfixpmu+MbzxV8Q/jFpd/pmseLL+3BlCXtu8CCK1WQKsURfd5YkG7AXcFVAv3nRQB87fDz4B /wDCBfsyWn7Of9u/bvsug3Oif2p9l8rd9ojkj877P5rY2787PN5x94V4gf2B/BOr/sjeG/2V/GOv T6hJ4TeS607X7S3Fnc296biaeOeOIyTBcCYxsu87lyQVbBX74ooA/LrVf2BfjH8WbrQPD/7T3x7v fiJ4D8N3MVzHo0OkQaY968AIQ3dxFKzudpKszb3IJIdWJav1Bhhit4kt7dFiiiUKiKAqqqjAAA4A A6CpKKAPw7ufhF8RPiZ/wU0+POr/AAm+Ilx8N/FXhvTdAkgvY7OLULe4huNMsklt7m2mKq6MVVgS SFZQ20kAj7+/Zx/ZMHwf8R+Kvin8TPFc3xK+JnjZRBqeuXdslsgs127bSC2VnSOLKLuAOCFQBVVQ K+oLHwV4N0vxNqXjXTNBsLTxDrKRR32pQ2sUd7dpCoSNZ51USSKiqoUOxCgADgCumoA/MK2/YL+M PwtufEGifst/Hm9+HHgjxLcyXUuiT6TBqYsZJvvmzuJJEeIYwqhQjbQNzswDVp63/wAE2vBT/spy fsy+EfFU+lTX+rwa3qOvXVoL24vbyM/OzwiaEKCoVUAf5QMncxZj+lVFAHg37Sf7Png/9pz4Tan8 KPGcstpb3bx3Ftd2+DNaXcBzHMgbhsZKsp+8rMMgnI+MLr9gb41/EyDQvBv7Sfx/vPH3w/8AD13D dJo8Oj29hLem3BEYurtZHkYc4bf5hIJwythh+pFFAHw58cv2OtV8bfFmy/aD+Bvj+5+FfxIt7Maf dXkFlFf2eo2iDCR3NrIyKxACgMxYbUT5CUVlvfAf9kC4+HXxP1P49/GDxxdfFH4nalarZR6pc2sd jb2Nrj5obS0iZkjDZwSMcZ2qu9932rRQB8w/sr/s3/8ADM3hXxb4ZHiH/hJP+Ep8TX/iLzfsn2Py Pt0cEf2fb502/Z5Od+Vzn7oxyfs3/s4f8M+X3xKvf+Eh/t//AIWH4nvfEe37J9l+x/bDn7PnzpfN 2/3/AJM/3RX09RQB8l/tafsr2n7Tnh/w0LDxLceDfFfgrUk1bRNXt4RcG2uU2n5oiybgWRGBDKVZ VOSMqflb4p/8E7vjL+0J4dhg+PX7Qt9r+s6TJHJpBttDtbTTbKQMPNkls4JY/tMroNquXjMeTww4 r9XaKAPir9oP9knVvit4x8LfGf4a+OJfh18WPCtv9jTXLWzW5gvLVsloLi0kk2sm5nKgswAYhg/y 7fPPhZ+wv438K/tH6J+1D8Tvi/dePfFllaXdreRzaXFaQSrPC8MSWwim228cIcnYEYO2W+Qk1+jF FAHwf+19+wl4R/a48V+BfFOs662gSeFJWjvkjtftDanpzyxym0Z/Ni8rBV9j4faZGOw8V77+0B+z 54A/aN+FF98I/G8LwaZceVJbTWu1JrK4t/8AUzQZUqpUZXGMFGZehr3OigD8w7v9gv4zfEbT9I8A /tEftBaj49+HOiz28v8AY0OlQ6dNqC25BRL29jleaQDAyWLsfvBlfDD3T9ob9j/R/jBc+C/F/wAP fElx8M/Hnw6XytB1nTrdJ1gtioU20tuzIJYdoIVN4ADMCGVmVvsiigD89vh7+w9r158SLn4v/tQf Ei4+LXiYaZd6Pp6fYY9LsdPtL6N4bjyoIGKmR45HXcAgAY5DMFZfO/A/7Anx4+Hfha4+DXhD9o3U dJ+E80s+NNt9FtRqkdtdOzzQRagzl4S+9iZEUDcSwjGSK/U2igD8+vhX+wPo3w3/AGbfiR+zFc+M J9W8N+Ob28urS4FmsF1pyXMcSRox82RbgxmFGLbY9x3fKoIxyHh79gf4jDw/8JfD/wAQPjG3iaH4 PeKNO1zSi2iJCf7P01YFi07K3WVGIeJW3su7GGAFfppRQB8w6N+zf/ZH7W+u/tTf8JD5v9t+GU8O /wBkfZNvlbJ4JvtH2rzjuz5GNnlD72d3GDU1j9nNZP2qB+1U2stci08KSeHToS2YZpv3zz+aLlpg Mtu2eWYsdy/avqmigD+ebwBP+zrL4H8V6r8Lf2nNb+CHw81G6u5NX8AajHZprNu5ys8NiTcNLH5g BCGFJGxhXJZSK+4P+CSvgzU/CP7KBvL6yuLC08S6/qGq6el0u2V7GRIIIZCMDIcQkggYYYYcEV9o 65+zh+z74m8Tv418RfDXw5qevSOZJL250q1lnkf++7vGS7ejNkjsa9jgggtYI7a2jWKGJQiIgCqq qMAADgADgAUAS0UUUAFFFFABRRRQAUUUUAJijAFLRQAmBQBxS0UAFFFFABRRRQAUUUUAJgUmKdRQ AylAp1FADcDvS4FLRQAm0UmBnFOooAaR6UhGKfSUANK0woCMEZBqXmj2oAxrnR7S4B42E+nSuX1D wd56nymDex4r0HFIRQJxR8xeKvhQ+qQSR3FuJVb86+PPHv7LP2xpJbFTE5PAYcfnX6vlQetVprK1 nG2aJWB9RVqZm6SPweH7PHxD8E+ILPxN4fZYb7TpRNDIGOVdDkZwRkdiDwR1r76t/iH8H/jP4Zsf BHx70+207VIHHlrelfJ87bt3wXDfKN3TaxB7YYYNfXmp+A/D+poRJB5ZPda8G8d/sw6B4utnhdlc NnAdcEZ9CKqXLNWYQlOD5onlUH7DXg/R79NX+FnirVPCEEnmEjS7uS3UrOqpKVMRC5dVUEhQeF54 GLX7Yfxs8E/sx/C7Tb6+0y18XeJr5raxsrXUMSTXEcO37RcTy4MgxGD84yTKy8EZryC7/Yn+K/hV pZfhZ471Dw6HyTDbX1xbxn/gMTBT+Ir4/wDiF+wz8fdW1afVvFNxP4gu5D813c3bXMjfV5SWpU6f I7wl9xrUre0Vpr7z7Q/ZA+OXhX9qeXxJaeGtG1H4fX/h0RSslrqjXEckc8jiMqrqOFVBv4A3Hjiv Rfi9+094e/Z38e23w+8dePmtrm5sIdQhk1HSpJ7YxzTtAI2ntN0m8FGdsoFCDO7PFfCn7N3wp+L3 7L/xCPjrTbJLq0uYvs+oWbPt8+3JyQrDo6nlc5GcZFfo54mh/ZZ/ablsJPFNzYt4gslMEUN46Wuo xAncYzFKcyLu5G3emScE5NdNfHV0k783+JJ/i9Tmo4Kg5NW5fRtfgtCp4S/bM8BeI4Hm0/W/Dmux wJJLLLYa1DbMkcUwty7QX/kuoMhAQk4cMrISrAn2Rvjn8PpkfT/FdveaMx4aHUrJwp/75DqRXiOl /sDfAHT9bt9XbRFuViYMUeJdrYORnGB9eOleU/8ABQz9qa2+GXwvk+H/AMJvEcS+PdUuYYW+xSq9 xptrCfMlkfbuEbvtWIK2CVdjjAqaWMpST9tR/wDAW1+fMvwKrYOpFr2Nb/wJJ/lyv8T6R1af9lLx Bh9S0/Qrpic7vsQVuPdYwRXMt8N/2NtTck6VpilyCcT3EIz6/wCsUD8K+DP+Cb37RXxR+KvxM8R/ Dv436umtRXenNd6YtxaW0Keck++4UCGJA7FHBUNnYiEKAvFfcH7WHwq+Mut6Losn7OqaRpd1EbqP UI57Czk81JlQRSJ58LhXiKtjp97kHpWU6OA3lSf/AJK/0R30c0zWNowxH4yX/tzNwfB39juFD/xK tHZeCQ17I+ceu6Y598/jUQ8JfsdaVKJl0XRy6cDIeb8MEtkfhXwv4f8Agn+3fq2ui21ubQLO1nLh 5F0yx2xLMVOUCxEgxhSE3Agbm3bvl2/ph4+8GfCT4e/D7XvG2t6BZRW2gadcXkspiUt+4iLcDoWY jAGOSQAO1aUaGVvXkl90UTiM0zrZ1l/4FNnB/wDCe/syeGUQ6H4c00vDwgtdLjVl+haNP51tW/7S nhYxC30jRb7y16LHEgUfQKxr8ff2L/2xvjJqP7Qnhnw58YdWtj4S1gPYBYtMs7SKK7kiCW0jvbwo wDSKA3zbA0hYgDp+73xT8Ja943+HmveE/DOtTeHNU1G2MdrqFo7RT20wIZHRkKkEFcHnpkHjiumG KwCT5KMn/wBvL9InmVaOYTknUrL/AMBb/OR5O3xz8Q6ifL8P+CtTu3bgFklC5xnnbGR+orIm1v8A aC1h1e10KDT1nJ2KzRq5wMnIklJ4HX5a/N2x/wCCe37VlzrlsuvfFnUZ9OSZHZ11G98weVO1whAL YyJnaRSDkOxYEE5r9ofh94QtvAvgrRvCFq++PSbaOAMcksyLhm5J5Y5J9zVRzSiv4dCK9W3+qFPK 6tvfxDfokv0Z4O2h/HaVD/avinTtIz/ACm8cFuqQ46An73QUq/B34iazEtxqHj1njmG4NGZZlZT3 HzxjB9q/CD9tdfE3xm/ab8aeIPDFxcyaXDcx2NoIXcIy2UC2rSKFODvYSEN3VvQ4r9sP2H/indeM fgxo3hLxtG9h4s8LWy2lykw2faYYfljuos/eDLgSY+6+cgArnOnxHVUrQjGPpFf5FVOHafLecpP1 k/8ANHJ+Kbv9ln4ba3L4Z+KnxHhGu2yI89vNdpG6eYyKoaOMM6E7w+1m3BPnPyAtWz8MvFn7F3xD 8RJ4Y8B65pev6tIsjpALm5aRlico2PMYAkkZAHLLh1BUhjoftBfsKfBj9oHxT/wnWsxy2GvSRRxT XFqwTz1iULGZFIKkqoC54OABniqHwL/YW+H/AMEvEcXibS5/tdxASYXeNY3iyMEgoBkkcHd2zSnn eMk9ajt5O35GlPJMDFfw1fzV/wAz6psfhv8ADyycPa+HrFW4GWhV8Z/391fgl4s/aj+HHif4gaho +iXmbm7vpMQw27xxxiSZkMeWUKDGoycfLjGM9K/eH4ueNtO+Gfw417xdNDJdz2NpK1rbQgtNc3JU iKKNRkks5GTjCjLHABr+THwF+zb8XH1q18QadpkqTWcquwmVk3EHkEnnn3rpy7PMRQqOone+muv3 eZyY/JaFemoWtbtp95+l73Acx9H2HO7GM4PX0r5btP23PANvI8t3Zalp91G7gxJGpZdjABdyv1OS evAUjOdoP0/4U1a1mhXRNThSz1i1RfOtZVUScDAZQQSQcdRkV5Rqv7Ofwxu9Wub8aRFEbhzI4Odo diS2FHAHcdq/S8xzSviacK2EmvO/9dD84yzLaGGqTo4uL8v68zP0j9urSLiUWehav4h+0SvsiSOS SIOd+wYPmgDcPn56LwcN8tfVGl/Gj4o+QZbbxZqypuO0G8lbAGOTuY9TmvmXRvgP4M0m8ju7LT1S TPRFO0Y44OCenvXt4t7PRbeKysLF32R/Ikce9nCLk4AyzHA7Amqy6lUinUxqjt2Vicyq0pWp4Nyv fo3c8S+LP7evjrwR4yk8FX2r6vfzQrC0sgvnjRRMm4jaCOQNuOO5OeMH13wr8YPiD4t0m21SfXdQ MNyoYRm8mdBlQcA7jnrX5n+Nfgl8Wfid8Rdb8S3ugXdjJqVy0irLC67IxhIlzjHyoqj8K+sPhvB4 8+D+hQ6Z46sJDpyAKlzEMhPd16g+uPw5+Wvl8r4ljDFy9okoO9tFp2/rofS5nw254SPs23NWvq7v v/XUwf2kvi98XPAGr6PJ4UZLi21OKbeZ4WnYTRumSGJHVSF59yOcEfL1x8a/2pNc+aO6ubdG43Q2 ccYH3uh2HH3vX+FT1Ga/SqXxP4U8RQIJWgu40w6PvDFfcA9PoR+FNuJvB91hr24hcf3ZJkA+mMgf pXZmuW1q9Z1qVZKD89jkyvMqNCiqNWk+deR8efA+4+Kd9rouvGep3morcDykSSYuqllWMts6fdUd Oe/XJr7gOnJaW5mnk8tlBJHfA+tc9aa/4N0cEwX1hB2BV0ZyTx8qqSxPbgVU+Jfg34w+LvCMun/D 7QrorqcbRS3EuI5fJcYYRwk7wWGRlwpAPC5wR6OAzHDZfRkpzUpdlqedmGAxGYVo+zg1Hu9D8jNE 8Y3Vh41m8RxMiJeXclxJG+TEDK5c4OcqOeufrmv1e+GnjnTvEWlwgBbe4jQbomAfK44ZSPvKfUD6 gcV83eGf2E/ixcPjV/DF7EvcmJsfmK9NtP2TPi94FQXHhiG5ljjO8Wro+UbuY2GCp+n4g18Jk+f1 8HU5lrF7o+5zfIqWLp8j0a2aPpjVZPD+r2i2t9p4uwh3IWjGAcc5/wAQRWLbQ6dbqi2NmkUaDCqS Wxz2HAx9RXnnh7w7+1ROy6ZD4Qv7ls7RJPZMQv0cLGp+pFfVHwx/ZL+Mfia8jvPiZPJYWTYL20bC NnXP3W8nbx7Mxr6HE8W4KclN0Lv+v66nz9DhbGwXIq1kcR4Q8Ka/4+1uLw94ftH1G7HzukQ+WJM/ ekbhIl9C5GegyeK/XL4SfC/Sfhl4djsLZEk1GYBrq4UffbrtUkA7F7cDPUjJwLngDwDpfgfRINE0 Syh0+0gHEUKLGue7EKBlj3PU969JVdox1r5rNs/rYv3WuWK2SPoMryKlhfeT5pPdsdS03PHNOrwz 2gooooA//9L9/KKK/KT/AIKg/tOfEX4K+HfC3gH4ZX8uh3/iwXc13qUB2XEVvbeWoigfGUaRpCWd SHUKACNxr0Mry2pi68cPT3f/AA5vh6DqTUI9T9W6K/l4/ZA/bP8Ajp4K+NvhfRvEXizU/FPhzxJq Vtp99ZandS3oC3koi86EzF2jkjZ9/wAhG/G1s54/qHruz/IKuX1FCo001dNGuNwUqMkm73CiiivB OM/IP9ob46fH39or9pW7/Y0/ZU14eELLw9AJvFPieNXE9syEGSKGVDuQIWRAEKu8pK70jVmLte/4 Jw/G/wALaXL4s+EP7SXi5/HlsDMjardytZXsqjiOUCRmVW6Ev5w9VI6c5/wTpuFtv2yP2ttM8RnZ 4jn15po1bhmtk1G+81lU8lP3kGCOMFfUV+ztAH56/sFftbeJfj34Q8U+D/jJappHxJ+GVz9i11Ng hWVVLoJzGDhJA8UiTKvyqyhlwHCr7NrP7bP7J+gaHp/iTVPijoqWGqlxavHOZnlEb+W7LHGrSbVc FS23bkHng1+cX7M80Os/8FC/2r9b8OAHRIdKvrado+YzeiaFCdy8ZLxTn1PPoai/4JK/swfBvxJ8 B9T+LPjvwvpvinWte1K6sUOp2sV5HbWdsqL5cccyuqs7ly7AAspVeg5AP1ztfjf8Ib74bzfGCx8X 6bc+CrdPMl1aK4R7SMBgpDupO1gzBWU4YE4IBr4D/wCCcn7Ys/x70/xdpHxV8Z2l/wCOdQ8R30ul aYoSF10iG0tyn2eFQP3SsJDkksTuLEnJryb9lnwH4O+GX7ef7QP7I9lpsOpfDbVdJtddTRryNbuy iciyl8toZg67V+2lV3A5VI9xJC40f+CPPgbwTJ8L/HHjWTw/p7eItP8AGGo2VtqRtITewWps7Q+R HcbfMSLLN8isF5PHJoA+wf2IdJt9E8B+LYYvjK3xpR/EN1IdReWaT+z8wwg2OZp5yBHjfgMF+f7v c9bqn7cH7JGi+JX8Jal8VdCh1KJ2jcfaQ0KOpwyvcKDCpB4ILjH4Gvwo8C/EXxH8Ov8Agmx8cZfC 9xLZ3fiH4hyaPJcQna8dtdW9s04z2EkaNEfZzX7EfCL9gz9l+0/Z40L4f634D0rV5dU0m3e/1Wa2 jbUprqeFWknjvCDNEQ7ExhHAQcAYzkA+1NY8Y+FdA8KXXjrWNVtrbw9Z2pvpb9pFNstqq7zN5gyC m3nI4I6V4L4l/bR/ZV8IR6XJ4h+J2i2w1mCK5tQs/mu8E4zHKyxhmRHHIZwoI56V+S37OHiPX7X9 gr9qr4K6tqEmp2Pwz/tqw06Z+QttLFNmNCP4fMieTHYyHHGK+lP+Cff7HH7O/iP9kDw34h8eeBtL 8S6z43t7q4vr2/tkuLhEaeWKJLeVwXtwkargxMp35bOcYAP1Q8PeMPCvizw1beMvDGsWmqaDeQm4 hvraZJbZ4hnLiVSVwMHPPGDnpXzjH+3V+yBLr58Mp8WdCN6H2bvtOLctnHFyR5B57h8d+lflx+xb 8OvHvxK/YU/aH+AngPUmXUY9fv7DS/Nk8tT+6tzJBvPCLcCNkOflBck4yTXh2lfEX4A/Dv4N2n7N 37Yv7NWo+A7+C1NifFen6bAb+S5/5/knuY0fzM/MxjlnRsYClMIAD+jjxn8QfBHw78I3Pj3xvrdr o3h2zETTX9xIFt0Wd1jiJfkYd3VV9SRWv4b8R6F4v0DTvFPhi9i1LSNWgjurS6hbdFNBKoZHQ91Y EEGvlv4RfCj9nr4qfsjeGvhTo2oXHxI+FV1ZRRW09/cMtxcQ2lz5sUcr2y2zI1vLGI9gVCvlhGGQ c/TfhDwl4e8BeFtJ8E+ErMafouhWsVnZW6s7iG3gUJGgaQs52qAMsST3NAHR0UUUAFFFFABRRRQA UUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABR RRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUmfalpKA Gk0U+kxQA3ml7dKXAooAZ161G0MT8MgNT0mKAMK78OaJfArdWcb7uuVGfzryPxj+zT8F/HiNH4n8 NwXe/gnkN+YOa95AxS4FNSYnFPc+N4P2GfghZZi0/wDte0tDkG1i1S5S3IPUFA2CPaoj+wZ+zdwV 8NbT1ys0i/oDivs2gii40fJdp+yD8NdAnh1DwWjaFqFoQ8F1D/ronHRlb1/Q9DxmvY9Nt/i7pm63 1B9H1+JcbJi0+nTYA/5aKsdyjEnqVCD0UV6hg06k9dAWmp5+938TCpEWiaQjHu2qXDD8hYr/ADrz zxl8Htf+LOkNoPxQ1xTpMjB30/SUktYnKnKiWVpGkl2nkfdQnB2ZAI+g6KSQ2z5L0H9i74F+G4fJ 07Qw5/vXDecf1r2QeFviDpccdt4f8S2r2sfAj1Kxe6dV7KJYrmBiB/thm969QoqXTRftZHnCaT8V CP3mv6Mhx20m4b+eoCtCy8N688UieINZW7808ra232ZMHt88kz/+P49q7ek60ezQe1Z55bfCf4d2 jCSHw9YCQfx/Z4w//fQXNSaj8MvB2pxos1kYWiO6OS3keCWNsY3RyRlXQ4OMqQa9Aop8i2sL2ku5 5fH8MREohXxXr5hXgIb4HA9N5TzD9SxPvVyP4a6WE8ubWNamXvu1W7U/mkimvQ6KXs49g9pLucpZ +CfDdlGqJatcFej3U0t3J+Mk7SOfxNaU/h7RrlPKuLOKVB0DIpA/AitnrS1SSWxLdzyHxL8BPg14 xCjxT4N0zUyvKma3Qsp9mABH4GuJT9kD9mpfu/D/AE4f9/f5b6+lKKdxHzgv7JH7OaHMXgazjP8A sPOn8pBXaeG/gV8I/B+9vDnhazsnkxvcIXdtvTc7lmOO2TXrVGarmYuVGKug6OkfkpaRiPpt2jGP pWNf/D7wRqcbxahoVlcJICGEkCMGB6g5Heuzpam4zwGf9lr9nK4Jab4baCSeuLCFeT7KopE/ZZ/Z yiACfDfQgB0/0GI/zFe/UUDueNab+z18C9GulvtL8AaHa3KcrLHp9usgx6NsyK9Jt/Dui2wAtrOK IDsqgfyrczRQIppYWq9IwKf9kt/7gq1Sd6LgRCCIdBT9qjoKdzikz60AL3opM0H1oAM06mE5p9AB RRRQB//T/fyvkr9rn9knwl+1f4NsdG1W/fRNd0OSSXTNSjjE3lGYASxSxkrvik2qSAysGVSDjIb6 1orowmLqUKiq0naS2ZdOpKElKL1PyQ/Zn/4JbaV8IviRpvxK+JHimPxNPoE63WnWNrbNBALmI5im md2ZmMbYdUULhwCWYDB/W+iiunMs2r4yftMRK7NK+JnVfNN3CiiivOMD8uP2ov2O/jBD8bbb9rn9 j7V7XSfiJHEsOq6XdlUtdWjVBGTuf93vdFVHRyqttWRXSRctw2u/Fj/grD8RtJk8C6D8HtG+H+o3 i+Tca+9/BIlsG6yQK1zMAccZCTkdQM4I/YCigD4U/ZW/ZF0j9kr4HeJdFm1Aa94u8SQzXmuaoAwW eZYnEcUe75jFFufazfMzMzkDdtX8rf8Agnb44/bU+F/wNvdV+DPw5svih4H1rU7nyrdtRjs7rTdR jWNJGIlZS0Mi7CVUMMgnchJ3f0XarYrqml3mmM/li7hkhLAZKiRSuce2a+cP2SP2arL9lL4SD4U2 GvSeI4hf3N99qltxbNm4CDZsV5Bxs67uc9KAPA/2J/2Zvix4I8dePf2mf2kJrY/E74kMsb2Vo4li 02xVlbyPMUupJ8uJQqu4RIkG9iTjyP8AYX+FH7Wv7MHxO8RfBnxL4Fs7z4W67reo6s3iaK9gZ4y1 vsgKQ+eJSsphiQoYd6liT8vI/XaigD8afgF+wf8AELWv2Qvi98AfjTp3/CJ6r4t8TXOraRN9ot7s RskVs1rcN9lllGwyxFXQkPs3cAkGrXhXxl/wVH+GHw3tfgZa/CLS/EWr6TbDS9N8WDVrY2/2aFfK inlhklUu6IAQZPLZsAvGxzu/YyigD8ufh9+xL4r+Dn7DnxO+EunTjxV8S/iJp1/c37rKkcc2pXVv 5cdvFLOUGxD/AMtJGG52ZztBCr9V/safDzxh8KP2Yvh/8PPH1h/ZfiDRLF4by282KfypDPI4HmQu 8bfKwOVYivpuigD8gv2d/wBkT9oTQf2dfjr8NdVu7r4Z+LPGXiK41PQdSs9RQSBF8p4mabT5neOO YoYpASHCMx2ngHmhr3/BSe8+CV5+zX4u+BWn+KtQm0uTRm8S32tWkttPbMhhW4mieX97MEw25pAz MAzJuyD+0VFAH54/Dn4JfHr9kv8AYei+HPwRgsfGPxW05lukhmdVsJbi8vke6RDcTW6hIbdnClnT ey7tuW2V9o/Cy78fX/w28MXvxUsodN8Yz6dbPq9tblWhhvmjBnRCjyqVV8gbXYejHrXe0UAFFFFA BRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAF FFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUU UUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRR QAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQB//1P38ooooAKKKKACiiigAor8w /jN8bfiFd/EDV9L0jV7nR7DSLqW1hhtZGhz5DlC7lcFixGcE4A4x6/WX7NfxG174g+Dbr/hJH+0X ulTiD7QRgyxsoZS2AAWHIJ7jBPOSemphZRjzM8fC51Sq1nQinf8AyPoqiiiuY9gxfEmoT6R4e1TV bUKZrK1nmQMMqWjQsMgY4yOea/Ov4Pftt+K9S/YP1H9q74kabY3uuaab/bYWTNYwXDW9x5MSKZGm ZSRgsRuOASBX6DeN/wDkS9f/AOwfdf8Aopq/ATwJ4F8J+L/+CNmqar4k05L678L3Wp6jpsjM6m2u xemHzVCsAT5cjrhgRz0zigD9GPjH+0v8T7L9n74M/FX4XS6Out+PNU8N2+o2Mp88uuswK01tZx79 7SpJIpxkssasx6GvvPWvEXh/w3brd+ItTtdLgdtqyXUyQIW9A0hAJ9q+Xf2Mfg/8M/h/+zh8OpvC Ph+2sJNY0rS9fuX+aVm1W802GOe6UylykjplTs2jaSAME5/PP9sbwHqfh79rrU/jD8fPhFrXxn+E N1ottZ6UmkvNKuhuix/aWkgiZfmaQSMDI0aHzAQxZflAP2/tbq1vreO7spkuIJRuSSNg6MPUMMgi vHv2hvi5B8DPgx4v+KLRRXd14f064urW1mk8tbi4Rf3cZI5wWI3becZr4t/4Jt3f7PLaZ4/h/Z08 Zare6BdX8V3/AMIprEbRTeHTJ5nyRb3kZ0l+6XDvkxgMxcMT6T/wUh+HPgrxv+yd431zxTpaahfe E7CbUNLldnU2t1xH5ihGAJ2kjDAj2oA8X+FfxR/4KD+Nfhj4b+Kz33gLUIPGF9o1zDp8ZkhkstIv IppbjzDLKg8/b5BjjEkrcvnpX6kzatpds80VzeQxPbJ5sqvIqmOP++wJ4X3PFfgZ8Z/hL8O/hn+w v+zRrHgbRY9JvPGPinwJqurSRvI5u72bSLh3mbezAEszHC4HPAr1n4h/Azwl+0J/wVL8Q+BviCbi 58L2Xgqz1S+06G4lt4tQ+zTQRwwzmFkZo1lmWXGR8yCgD9l9I1vRtfsxqOg39vqVqxIE1tKk0ZI6 gMhI/Wq2p+J/DWiXVvY6zq1pYXN2cQxXE8cTyn0RXILfhX44+DfC3h39jj9vTxz4Q+ENvNp3gvUf hvdeJ5dF86ae3F3ZO20oJGZ85hbGWJAkZVIXAHx98Cbn4NfFTwFqvxJ/aR+BfxQ+MnjjxxdXk1x4 h0rSbi60+KIStFHFp00d3EoEW3B+T5GBjHyIBQB/TXSMwUFmOAOST2r85P8AgmfrHxZb4Na74J+K WkeIdNg8KazNa6BJ4msprPUJdFkVXt1kEw+cxHcp2syoNqKdqius/wCCh8fgG6+BEOn/ABR+JU/w 38K3Gq239oGztnurzWIEDs2mwpHIjDzfvFsMF2AuNgbIB9m6Z4x8I61qEuk6Nrljf30AzJBb3MUs qAf3kRiw/EVe1jXdE8O2Z1HxBqFvplqCFM11MkMeT23OQM1/Mn+0JqvwA8OaZ4C+Jf7KXwc8Y/DL UfDviCwEfii/tLiy0+5jYORAsk1xMZZHKhskAlQwbIavt/8Abs+H3ie3/af8PfGD4o/CzV/jR8HL HQWs49M0mSZv7LvzKWmuZLeE5bK4+ZtqMCoL5iAIB+y9jf2Op2sd9ptxHd20oyksLiRGHqGUkGuB +MGo/EDSfhl4i1L4Vx2M3i23tWbTU1JwlmZ8jHnMXjAXGf4h9a/Or/gnLqH7M0/i/wCIj/s3eKNZ 07TtTFvdT+BdZiaN9HePEbTwl5Ji4ZyVcrI2Morn5UJ+of2+v+TN/ix/2BZf/Q0oA+gPBmua3b/D Tw7r3xRnsdO1xtLspdYeGVVsY754UNwIpGZl8oSlgh3HK45PWuq0jW9G1+zXUNBv7fUrVuBNbSpN GfoyEivw1+OXw2+Inin4BfsjeN18C6j8Vvhh4V8KaVL4g8L6XNLHPPNJpdsIJ2jhzJIEGcbVO3DK Sqyk13X7Dmsfsk337Suo6l8Ar7XvhhreoaS9tqHw+1eB4oLmaImR7iNpJZhviABVAwdVDkKFZwAD 9o6+OvhN8cvGHxq/aO+IWh+E3gh+GHwzVdEuJjGHn1LxEzbp/Llz8kNqg2MoGWchslTgfTPj7Xbj wv4F8R+JrNd8+kabeXkYI3Ze3haRRjvyvSvgz/glVpMGl/sXeHfE1w6m58TahrGqXs7H5pJhey2x kkY9W2W65J7CgDnP2+v20/ih+zz4p8OeA/gdo9jr2unTL3xDriXsTzLa6RanasgEcse3cUlLMc4C DAOa/Qz4bePdC+KXw/8ADvxH8MyeZpfiWwt7+3yQWVLhA+xsdGQnaw7MCK/BD4T/ALVXwc8TftF/ HX45fF3w/wCIPEemeNYH8L6GumaVJe240BQYZlZgwCtOkcTMo6Evz81fUH/BJD4wR33gvxl+zhqM 1z9o+H+oSXWkLexG3uZNHvpGZd0LcqUlJdh285QOKAO5n/aO/a8/aL+KXj3wT+yTpvhbQfCnw71F 9HvNd8SPcTSXd/AzLILdLcOFT5TgGJsrhvMBbaO8+BP7T3xxsv2gJP2Vv2rfD2k6b4wvtOfVdE1b QXlOnanbRbvMUJOxkDgRyNn5eEYGNeC3jt9+y54o8QeOvFX7RH/BPP472Wh/8JZfSy6xp4aPUtEu dTDGSVjIgnRTmQtsaCQoXbYyqwUdJ8G/2mf2jPBH7RXhz9nT9snwlpEWs+K4Lj/hH/E+j4EN01uj SPG4JP38FflWJlYoDGQ4YAH0p8UPjL410/8Aaq+EvwD8CyQJba3Z6rrniVpIhLJHplomy2EZz8nm 3AZC3bj3r4n+BHx//wCCjH7TOieI/GHwuf4dWOjaFrt5omzVodSiuDLarFLuAhMyldkyDO4HIPyg YJ+gv2bv+Lp/tjfH/wCOT/vbDwxJZ+AdIk6hRpwE+pID6faSjDHrX58fsK237cjfDT4g3f7Mt34N Xw3F4y1bzrfXxdfb5L8QWxfyjEhi8sx+UF3up3bs4GDQB9seFP2p/wBqL4S/H7wX8Ef2vvDPh1bD 4jvJa6HrnhmScQG8jKjy5UuXZmyzxpjZGQXUjcM46346ftL/AB61P9oZf2Vf2U9D0S68VafpSaxr Wr+IJJfsWn28pVURYoCHL/vIm3Yk/wBYAIyAWHxz+ylaeOf2uP2oV8XftY+LhbePfgZcytZ+CY7J LNYJS6/6YHVz5sayqhYruJZYiX8sqH+qvjx+zfoPx0+ON78Tv2a/jDH4D+NPg+1isNYWxlS8V4Hz 5MV9bo4aInbj5ldWCqDGSoIAMO0/aV/a0/Z1+KXgfwL+1/pHhvWfCnxAvo9IsfEXhpp4/suoTMqx rdJcbBtO4ZxGmF3MGbYVr9Sq/G7Wv2h/20v2SvEPhhf2ydI8P+Pvh1qupQ2B8TaUixT2VxLnbK6b IVBVAzFTboGAIWUHg/sjQBg6x4p8MeHpYIdf1ez0yS6OIlubiOFpD6IHYFvwrQuNT020jimu7uKG O4IWNnkVQ5bkBSTyT2xX8/nxm8F6F8Mv2kviz42/bS+CniD4p+EPFd95uieJNMknng0vSgX8q3Cx SxJEyIUU7pUdTGSi4bJ9Jtvg38MPjL/wTd8VeGvgJ481Hx9F4N1CbX9COoRmDUNIubBFlOnLH95f 3BlEZHBaXcp24AAP3Bubm2s4HuryVIIYxlnkYKqj3J4FU21rRkEjPf26iGITuTKg2xHkSHnhT/eP FfjB8evjteftcfs4fs+fBnwrdbdf+Pd9aR62YcE29rozj+1XKjkKtwnmLkfMkbcVT8V/s4/D74y/ 8FMtT+E3imCYeB/D3gLTruXSLa4ltoLyGwe3t7a2mMTI5ijaVJAAw5jXnGcgH7SweIvD91pB8QWu p2s2lhS5u0mRrfaOreaDtwPXNT6drOkaxp6atpN9Be2MgLLcQSrJEwHUh1JUgd+a/Cb4X/sffCq+ /bx+Kn7N12t9J8IPD+n2PiSLwwL+6Wyl1CeC2SNpsSb5BF58pXLZ+4CSq4PpH7OfhLS/gx8af2xP gL4HMtr4K0bSLXULCweZ5ktZLvTpJXEZkLN0kCEkliqJuJxmgD9hp/FPhm1NmLnV7OE6i22133Ea +e3pFlvnPsuak1HxH4e0i8tdP1bVLWyur5ttvFPOkckzekasQWPsAa/nz/Z8/Yo+DnxJ/wCCdOs/ HDx3bXWr+M5dF1+70q9mvLjbpaaRJdJbwQQrIIvKMsLSOrKcmRunGN/wz+yd8MviX/wTl1j9pD4l /bvE3xOl8Oahq0GuXl/cyT2q6R5qWdvEpk2eUsUCqQysSWY5+7tAP6BGZUUu5CqoySeAAKxtI8S+ HPEBmXQdVtNSNs2yUW08c3lt6NsJ2n2Nfgn+0Z8afGfiP9mj9kz4Ya1Jr+r6X8SbGKfxNFoEbXGt ataabFbRm2hG5fNeYSszqx5ZVZs9DxfjceG/AfiTwR8Sf2MP2dPir8OvGPhnUYPt32rQb0WGp6T/ AMvFvchbi5d2YhR90bgW3HcEKgH7C6L+1Da63+17rv7MsdlawWWgeHU1Z9Sa5DSXF5NPbxrbxx8K uxZW3cszNjAUA7vpu48TeG7RkS71W0haSf7KoeeNS1x/zyGWGZP9nr7V+Ongj9nb4L3n/BVTx1pl z4YhktdG8PWniuzjMs2Itbe8tJmvB+8yXMkjNtOU5+7jivNf2a/2PPhN+018e/2mde+Mlvd6tp+g ePtYttNs4rya2hhnnvZ3uJysTLudlSJOeCByDhdoB+8tlqFhqMbTafcxXUaMUZonVwGHVSVJ5Gel LFfWU9zNZQ3Eclxb48yNXBdNwyNyg5GR0zX5MfAnWNI/ZD/bF+OPwW8QyrpfgfxVp8nxB0Vm+WGG OFXe/SNRwAoEgA7JbDpXon/BNjw7q3ibwj48/ap8XwGLXvjVr1zqEQflodKtJHitIRnkKrGQL6oE PPBoA+tP2gdb+NeheH/Dk3wMg0i41O512zg1IaxII4l0p0lNw0JMkWZwwj2DJyN3ynt7DrXiLw/4 bt1u/EWp2ulwO21ZLqZIELegaQgE+1fm1/wVS/5JX8Jf+ymaB/6T3tfO37Y3gPU/D37XWp/GH4+f CLWvjP8ACG60W2s9KTSXmlXQ3RY/tLSQRMvzNIJGBkaND5gIYsvygH7f2t1a31vHd2UyXEEo3JJG wdGHqGGQRSXd5aWFu93fTpbwR43SSMERcnAyxwBknFfmb/wTbu/2eW0zx/D+zp4y1W90C6v4rv8A 4RTWI2im8OmTzPki3vIzpL90uHfJjAZi4Ynu/wDgqP8A8mKfEz/uC/8Ap4sqAPuR/EvhyPVo9Ak1 W0XU5V3pameMTsv94R53Ee4FeQ/FDW/jXpvxM+Gmm/DeDSJfCWo3V4vih7+QJeJbosJtzZKZELMS ZN+FfHy8Dv8Ak5+0B+xB8GvAf7C8vxt02C9b4q6Rpml69L4lfULp72e/nkgadm3SFNp3sEwoZSFO 7dkt6f8AGTxBqniz4v8A/BP3xTrkxuNR1mG7vbmQ8F57ix0ySRuPVmJoA/XnV9c0Xw/ZnUde1C30 21BCma5lSGME9BucgZPbmrttc217bx3dnKk8Eyh0kjYMjKeQVYcEH1Ffjp8IvhD4H/bc/aV+O/jv 9oW3l8VaV8Ptdl8KeH9ImmlgtbK3tXlSSXy4XRt8hQEEn7xYnJ27Of8A2hvh141/4J7/ALJ/xTt/ hT46vZ9B8aa1aW3h+xMcizeG4bxpDcrBdmd3YyRLsV9qFSA4JkYtQB+y1v4n8NXerSaBa6taTanC MyWqTxtOg9WjB3Dp3FblfzU+Lfh98FLP4PQ6T8H/ANnT4y+H/ivo0UVzpvittCuorh9UiwxlneO7 fakrZzsjygOUGRz++v7Pvijxn40+CPgfxR8RdPn0vxTqGk2r6pbXNu9rMl6ECz7oXCtHucFgpAwD QB7DWDrHinwx4elgh1/V7PTJLo4iW5uI4WkPogdgW/Ct6v57vjN4L0L4ZftJfFnxt+2l8FPEHxT8 IeK77zdE8SaZJPPBpelAv5VuFiliSJkQop3So6mMlFw2SAftd8etZ+Kej/CLXNZ+BsemXXjKMWp0 5dWkEdgwe5iWYyOZIwP3Bcp84y23r0PoGhancf2RpMXiWe2h1q4s4pbiKN12mURgzGMZJKBs4OTx 3r8NfGj/AApi/wCCS3xN0z4N/EC/8eeGrPUdOEA1SPybvSVfVtPYWDRnlVT76n7rbyVO0gDf/aD+ F+mfGn9qD9kz4W69d3Npo+v+D501AWkzwSXFnb2bXM1sXQhgk6xGN8HO1jjnmgD9t9M8Q6BrVrLe 6PqVtfW9uzJJLBMkqIyfeDMpIBHcHpS6Pr+heIbd7vw/qVtqcEbmNpLWZJkV16qWQkAjuK/Cjxt+ x58KfCn/AAUB8H/s/wDgUX3hz4Z/ELwy2o+INEs9Qu1hv/7Pe6kWGR2laQxPJBEWXdkfPtK7uPbv g/8AC7wh+zZ/wUzvfhf8ILaTQ/CPizwENUudMWeWW3W6juzGrqJWdsjyiRknbvcLhTigD134rftB /tM/Bj9kn4pfGTxvZ+HV8W+G9fjg0SO0zdWTaTPeWVvE1ysc5Pn4mmyN64wpK+v3r4X8Rf2j4H0b xTrcsVs17p9tdTuSI4kaaJXbljwuTxk/jX89cX/KMb9qT/sp83/pdo1fWv7XI+AEtv8AAlv2i/Gm oXXh2w0eGeL4f6TZz3Fzrlw8CqlxK9vNGUSNgoQOo3YdUb5nwAfrhofijw14niln8NataatHA22R rSeOdUb0YxsQD7GlvfE3hvTVdtR1W0tVjlSBjLPGgWWT7sZ3EYZuy9T2r+fz4X6l4A8Lft//AAb1 T4A/DPxR8HfD3iyHUbG/s9dtpbGLV0jt5G8yGCSabKKShODt3KjABsmu9+Gn7J/wz/aj/bY/abT4 uR3eoaH4X1S1+z2UF3LbRm71BZQLg+UVJeNLchecfN8wPAoA/eAsANxOAOc18l/A39qC2+M3xp+L vwwjsrbT7T4b3tjYWcy3Ilm1F51uGmlC4ACL5S7VXcQMktyAPpzTPD+j6P4ftPCunWyw6VY2sdlD AudqW8SCNUHfAQAV+In7K3wl+Efwu+O/7VvxD0LwnCb34K3DTeGlEkzfYozZah5sSAyfN5iIFO/c fQg80Afttqfinwxot5Bp+s6vZ2F1df6mG4uI4pJP9xXYFunat6vxd/Y4/Yy+Df7TPwAj+Pn7Rdpc eOvHPxNm1C6utRubydJLRI7qW2jS2EUiom3y9w+Uhc7ANiha90/4Jq+LPFq+Fvif8DvFWsT+IU+E Hiy+0DTr+4YvK9jC7JGhck5CNGxUZ+VWVB8qqAAdH/wUV/ah+KH7LXw48KeJvhTaWF7qmva0NOeO /t5LlShgkkAjSKSM7yygDk+mK+lP2ZPjHD8f/gL4L+LaiNLnX7BGvI4ciOO+hJhu0QEkhVnRwoJJ 24zXxb/wU4VXH7PiOAyt8SNIBB5BB3V5h+z98ULH9jGD9qP4K68VjsvhdPceLPDkEh4m0/VIwbe3 Q+gla3jOOPMlPTnAB2Okft6fEDxX/wAFE4f2YPDdppr/AA+ivb7TJrtoJGvZLvTtOlnuQkwlEY2X KbCNh+UerDEfx5+Kv/BS/wCCHgvxX8VdVj+HUvhTw6WnCxJfyXhtmmEcXyFkUvh13fMB1r5W+A/w u1D4X/tN/sejxDufxJ4u0rxL4l1iWQYkkvdXtLqfMg/vrCY4291NfqB/wUU/5Mr+Kn/YOh/9KoaA PHvgT4z/AOCkPxGh+H/xC8SL8Pk8B+KI9L1S6W3W+TURpV6sc7iNWLRicQucAkqH7kc16z+xj+0R 48+P8nxXXxxDYwjwV4tvdEsfsUTxbrW3+4Zd8km5/UjaPavXf2T/APk1n4Of9iZ4e/8ATdBXxX/w TB/1v7Qv/ZRNT/nQB+j3xJ8d6P8AC/4feJPiP4h3HTfDGnXWo3Cpje8drE0hRM8bm27VHckV+aPg H4qf8FL/AI/eELL40/DTTPAHhTwrqyyXOlaRqr3s97dWu4iMzSxBky4HDBoc9Sqg1+j3xcm+G6fD LxJb/F+/tNN8GX9lLY6pPfTra24tr0fZmV5mKhC5kCKcg7iMc4r8vfDX7Kf7aXwF0O3f9jr42af4 p+H8im80zRPEUKyRi1uD5saQXAjmVg27duja3RtxbAzyAfYn7Hn7Tur/ALRPh3xPpHjzw+vhT4g/ D7Um0jxDpsb74UuV3ASwkszCN2RwFLNgocO4wx8V8ffGX9r34gftE/EH4afsryeGf7K+G1vo9vqH /CQxTGGS91GKW4kMc0B3l41CIU+6PmJ5xXVfsi/tY638TP8AhY/gz46eE7XwB8RPhiyS+IIrYj7N PA6O/wBpT5nYBQh3fvJFIZHVyHwrv+Cc2l3+rfBnX/jlrsJi1f4xeJdW8SyB/vx20s5gtov9xUiL IPR6APle7/aH/wCCltl+0JZfs0TQ/Dv/AIS2/wBHOtxyCK/Nl9lVnQgy+ZvD5jbjy8dOa9n+Mnx2 /bO/Zw/ZX8X/ABV+LsPhCfxhYanp8OmLpUV1NY/ZLmRI5fPSR43MmSduGxis/wAQ/wDKXrwx/wBk 7k/9H3VdX/wVm/5Mp8T/APYQ0n/0rjoA5CXxp/wVd0rwsvjqPQ/hz4hs0tBffYLU3y3U0RTzNib5 Yl8zb0G/rxz0P2b+yv8AtCaP+0/8FND+Lmk2LaVJfma3vLJnEhtru2cpKgcAblOA6HAJRlyAcgfA mq/B/wD4Km+IfhPHpnh74teFPsl9pcaRwW9obS7a3eEYijuDZsEkK/KG3Lg8716j2/8A4JjeN/A+ ufs4R/D/AMKeHZ/C2pfD2/n0jWbK5mFzI+o582a480BciV2b5cDYVKDKqpIB+itfOP7Wnx5f9mn4 B+J/jBbaYNYvNIWCK1tmJWJ7i7mS3jMrLyI1Z9zYIJA2ggkGvo6vze/4KE/Fe8k0PQP2SvBfhi08 WeMvjWJrCCHUGZLOytYypa8kKENvjb95GQfkMZkOdoRwDz/4bftO/tYeCPjh8Jvh9+0TH4Y1/RPj XZS3WmyeHFmFxprpCswEm4lXjAdQx+YEFmWQhCG/WGv5s/hTqOmf8E3fjh4hh/as0i68XeItH8PD /hBNbjuJ57RrZQyvY2aygrb+ZvZCxUeVh1xtlBb+hD4XeNz8S/hx4a+If9lz6KviTT7fUEs7oqZ4 I7lBIiybeN21gSO3QgHIoA+bfib8f/HHhD9s34OfADSobJvDXj3T9YutQklidrtZLC1uJohDIJAq jdEu7KNkZ5Hb7BbUtOS+TTHuolvJF3LCXUSsvPITOSODzjtX4w/8FBPiV4t+EX7afwM8f+AvDc3i 7xHp+h69Fp+lwI8j3FzeW89rHlIgXZY2lEjquCVUjK/eHrf/AATX8GeB/iL4Wv8A9rfxJrjeOPiz 4subi31e+u0CyaO8Z2/YLeLJEKiPYcrjdGVChU+WgD7N/Z68UfF/UvhdBrP7Rv8AYmneKHu543/s idWsfJ3AQ4fzZRvIzkb+vavaV8SeHX1hvDyapatqqLvNoJ0NwF9TFnfj3xX80McssH/BHQTQOY5I /GoZWU4ZWFxkEEdCDX1L+23+xX8Iv2df2XR8aPhxFe6f8TfBt9pd3J4j+33Ml9e3dxcxxTzTF5GT c8knmgqqkEYBALAgH7kX+oWGlWcuoancxWdrAN0k0zrHGg9WZiAB9TXxf8WP2kvEnhf9pr4E/Crw VNpmo+FfiZ/a5v7kAzyEWMAkiNvNHIEHzH5sq2favl7466eP2p/2yfhP+zj8R7id/h/Y+EV8Y6np kTtbx6lfyGWJFd0KsUTC4wcgGRVIJJHn/jb9mb4c/s7f8FEf2dp/hTbPo/h/xS+synSRPJNb213a 2bLLNCJXcp5yPGGGcZj444AB+0mteIvD/hu2F74i1O10u3JwJLqZIEz/AL0hAq5p+o6fq1nFqOlX MV5aTjdHNC6yRuPVWUkEfQ1+H3xob9kJf2p/H+ofG5/EP7Q3jC5MNvZeGdB0q5uIvDkMS7Tar5d0 kUsh+XeQV2uHLKJGbHU/8Evb/wDsb43/AB++Hfh3RNY8HeELObTL/T/Dmt71u9La584lHjdnZGZC oOWLFVTcSRmgD9Yvix8QbD4VfDTxT8RtRVJY/Del3uoiF5BF57Wdu84hVjn5n2YGAT7GvjD9ib4w ftLfGPQV+M/xw1vwlZ+CfENk0mm6ZpYkivrSczhIjcNKWVUdEkIUyOxyp45A9f8A24fhz4K+Iv7L fxFTxrpaaovhvQtW1vTw7Ov2fUbLT7g2867GXLIWOA2VOeQa/G74lfCX4deA/wDglL4Y8c+E9Fj0 7XfG13oE+s3SPIzXklvNciJmDsyrtEj42BRzz2oA/o6vL2z0+Brq/njtoVwC8rBFGTgZLYHJqOTU 9OhmNtNdxJKIzMUZ1DCIcF8E52+/Svzu/wCCr7ov7Evi8MQC97pAGe5+3QnA/AV8w/HD4PaB8df+ Cifwn+HXjGa5/wCEau/hlaz6pa21xJbfbra2ur6VbaV4mVjE0yxs4B5C8EHBAB+02j6/oXiG3a70 DUbbU4EYo0lrMkyBh1UshIBHpUeqeJPDuhzW1treqWunzXrbIEuJ44mlb0QOQWPsM1+Rfhr4Q+Df 2W/+Cl/gLwX8EbeXw74V+IfhbUJdU0tLiaa3ea0W5kVwJmcj5oYyOTtO7bgMRWH+yr8Avhl+3BqP xZ/aF/aP0+XxdqV54nv9A0y0uJ54I9L02xSNoo4khePY4EwHPI27vvO5IB9u/szfH7xx8X/i78eP A3imGyj074a+IY9L0s2sTxytAxnBM7NI4d/3a8qFHXivqi98Z+D9N1SLQ9R12wtdRmOI7aW6iSdy eyxswY/gK/G/9iPwVH8Jx+2L4CXxq/h628Oaj9ji8SXh8+Wwt4obxY7uQl0DSQx4b7wG5fwr5M1X Qv2JtS+APiLw98OPhp43+LnjGDTr+4m+IFvpV3BbG/jV5Gv5pJrn91AjDc0bIcqCGy5LEA/pfub2 zshGbyeOATOI08xgu526KucZY9gOapWmv6Ff6jc6RY6jbXF/Z48+3jmR5os9N6All/ECv5+vjfrP iz4h/wDBMj9ma81HWbn+3b7xnpdnHqPmN9pjaBdUtreQSAht8aomGzuyM5zzXT/tlfscfDD9nbUf ghqX7P8APqXgrxB4k8RweFr/AFW11C5a9uItTTypJ2keRgspBk3eWqqd5GMBQAD927HxH4e1PULr SdN1S1u76y/18EM6SSw/9dEUll/ECn6xr+heHbYXviDUbbTLckKJLqZIUJPbc5AzX4x/G39nD4Uf smftK/sweJ/gHpkvhe61/wATDQ9T2XdxN9ttpzBExl86R8sUkkDYwG3DI4GPArrx34G+NX7U/wAY vFv7RXwp8efGTTfCms3Ph7w9p3hzTZr7TNKtrOWSFzMqXEOyeURq+3oWLsQTt2gH9E8V3aT2q3sE ySW7rvEqsChXruDDjHvWNeeLfCmnpaS3+tWVsl+dtu0tzGgmb0jLMNx+ma/F79kq68YeFdf+PPw6 8L+BfGvg34LX/hm+1jQLTxfptxanTrxIljuLaGWRpI9spmd1XzGZkjDH5g5POfsU/sJ/A743fsXW XxF+KVhc674k8QW2qxafeS3typ0mCyubi3gjtY0kEaqssbTEMjBmcggrxQB+qv7WX7QEf7M3wK8R fF2PTo9avNKW3S2sZJ/IE8tzcR24JbDErGZQ7BRkgYyM5Hs/hDxNa+JvCOl+JxPAy3tpDcStE4aJ GeMO43ZOApPc8d6/ns8T2Vp8UP8Agjnpfj7x7G2s+IvAl4bTR76eSRpraGTWYbZlB3YYeQRENwOE AAxjNfXf7SPwr/Zt+GH7MHwy8GeJ/F03w1+HdzqFrqmo6BpcFxeXnieZ4Y3ltUKziVFbJLsQ0asU J2sEyAfq/o/i/wAJ+Ibmey0DWrLU7i1/1sdtcxTPH2+dUYlefWvlLw58fvHGsft1eLP2brmKyXwr onhCHXIJEicXhu5J7aMhpC5QptmbAEYOcc+v44fEHVfgv4a+MPwO+IX7MHwi8XfCXy/Fen2E+r6p Zz2FjqlvcyoDBGJbibzSUDbuBuRmD5+Wv0h8D/8AKWn4if8AZOLb/wBK7GgD3j9mb45eMPFnjT4j fAT4wvAfiD8NtQG64t4xBFqej3v72xvEiBIVvLZVlVchSV5yxA+xa/Lb4ktL4P8A+Crvwl1HSQIV 8eeDtS0zUAnWVbJbu6Vnx7xRDJ7IPSv1JoAKKKKAP//V/fyiiigAooooAKKKKAPmz4i/sy+EPHvi CXxLFez6Td3RDXIhVXjlYcF9pxtY9yDgnnGck+u+APAHh/4b+Ho/Dvh5GEQYySSSEGSaVgAXcgAZ wAAAAAABXbUVpKrJrlb0OSlgaMJupGNmwooorM6zG8RadNq/h/U9JtmVZb21mgQvkKGkQqCcAnGT zgV+eXwr/Yq8c+Gv2CNd/ZN8X61pqeIdWi1FUvbFpp7JJLiczwZMsUMhAIUP8nHOM9/0mooA+XP2 RfBXx/8Ahv8ACWw+H3x+utBvbvw3HbabpM2hNOytptpbxwxfaTPHHmbKHLKACCMgHNeI/FX4Hftd eEfj/rHx2/Zi8X6TqVj4os4LbUvDXiya8axhkgCqJbQQE7MhdxAaPazP94MAv6I0UAfCH7KP7L/x F+GXxI+IXx/+OOtaVqfxB+IxgS5t9Ciki0y0gtwMCMyqju77V3FlyNuSzFmavev2mvhhr3xo+Afj j4WeF7i2tdW8S6dJaW0t47pbpIxBBkaNJHC8fwox9q91ooA/On4yfsi/Ej4h/sxfAn4LaLqWkwa3 8MNQ8L3WpTXE062syaJp8lpcC2dIHdmZ3Bj3xoCv3ip4r1DQP2evGelftyeJf2mbi909vC+s+D4/ D8Nsskpv1ukubaYu8ZiEQi2wsMiUtkj5cZI+xqKAPi/Wv2bPFGt/trR/tD3txp03g1/BUnhmeyeS b7c88txJIx8sReV5JR8E+buzn5e9fN/gv9mv9uf9mHTNZ+F/7Mnirwjrnw8vrue40n/hJ1vF1DRv tLF3RPIVo3UE5y28M2X8tdzKf1gooA+Zf2UfgT4n+AXwyfw5478ZXvjnxRqt5LqOpajdzSyxieYA eVbLKzFIkA9izFmIGQq+cftufsxeNv2h9E8Ea58MNZstK8YfDrWo9a05NUV30+5dCreXOEVyMNGh B2MCNykANkfcNFAH47ftB/sn/t6/tZ+DLKx+KXizwR4cl8PXcF9pujaSl/8AYrq7X5HnvbmVJZEa ONn8pY0dTvIbb96voP41fA79q6y+Ntn+0L+zb4u0sahd6XHp2seGfEVxeSaO5TaTJaiIfKSVXPyx NlS2752Wv0GooA/P79mr9mD4ueGvjx4w/am/aH1jRbrx14q06PSY7Dw5FMmn2tonkklnnCySSHyE X5g2AD87ZAX6L/ac+GGv/Gn4BeN/hX4XuLa11bxLp72ltLeM6W6SMykGRo0kcLx1VGPtXu1FAH5q eNv2U/2jtI8HfA3xB8DfHVnpHj74SeHrHQ73Tr6e6bw9qgt7NLeUlEQEnPmBWaEMyspJjZARN8L/ ANmT9ofxl+0zoH7Uv7UuqeGrbVfB+nTWGj6T4XjuPK/0hJo2kuZrn5ztWZ9qhnBJBGzBDfpLRQBR 1PTrTWNNu9I1BPMtb6GSCVem6OVSrD8QTX4/fsz+Efi1bfsu/Gv9h3wpfWelfEnwJqF7pVnNqUss Fv8A2PrjedHeq8MUsg82J7hoysZwxTO3PH7H15s3wl8DH4rp8a4rJ4PFo0s6NJcxTSIk9iZPOWOa JSI5Cj8ozKWXoDjigDjv2Yfgrbfs8/Afwd8IonimudCsgL2aHJjmvp2M11IhYKxRpnbYWAO3AIGM V4P40/Ze+IMP7bvhT9qv4W6hpllpsumnSfFlleSzxT3sGCiyQiKGRXdU8ohXeMboI+cEkfeVFAH5 R/8ADIH7U37OHjjxLr/7FHjTRY/B3ii6bUbnwv4mSUwW93Ifn+zPDG3y4AVTujbYFVy+xWrrfh5+ yn+0T4l+MWn/ALSX7U/izSPEfirwbZ3CeF9B0RZINJtbmeNlLzSSxpISSR2Y7sEuVRVr9L6KAPln 9jb4I+IfgH8CtN8GeNp4bvxbe3l/qut3Fu5kjnv764eRmDFVLYj2JnAztrkf2Gf2cfG/7Mvw38We D/Hl9p1/ea94pv8AXIH02SaWJba6gtokRzNDCwkBhbcApXBGGPOPtSigD88P2l/2RfiF4r+PPgb9 qH9m/U9K8P8AxA8OyCDVk1SSeCz1WwVSoSVraGdi5QtC2U5jZcMpiUHL+NP7IHxltfjfcftN/sme NLLwf42123S317TNWV5tJ1ERxqitlInYNhFzmPkjerI27d+kdFAH5Rap+yj+17+07rnhy1/bJ8Ye HrTwD4fvU1F9A8Lxzb7+5gBWMXEs8Y2oQzA4dvlJAVWIZf1doooA/Mq++Bv7c3wd+KnjfxH+zp4w 8PeKPCPju+bUBp/jOa/ll0meXcWW3aHP7pS2FG/7iqpjJXcfX/2QP2bbv9l/wb4r1L4j+ILHUvFP jzV5dZ1m4tU+y6bDNMTtgt1cJ8gLMQSiZ3bQoCivtavM/i98IPAHx18Bah8NPibpx1Tw/qTQvNCs 0tu2+CRZY2WSFkdSrqDweehyCRQB+RP/AATp+BXhxv2pfjB8T/C97/a3gL4falqOgeE5Ad9tG99c NPc/ZmBKkQxYj3rw6zbhwRj780D9nrxnpX7cniX9pm4vdPbwvrPg+Pw/DbLJKb9bpLm2mLvGYhEI tsLDIlLZI+XGSPoX4X/Cv4ffBfwXY/D34Y6LDoOgafvMVtEXf5pDud3kkZpJHY9Wdix9cAV6DQB8 c+B/2evGfhn9tL4j/tG397p8nhvxhoVhplpbxySm+Sa1W3V2lRoliCHym2lZWPIyBzjmfD37MHj3 Sf2gP2hfirc6hpjaT8WdHstP0qJJZjcwS21iLZzdKYQiKXGQY3kO3kgHivuyigD4h+Bn7NXjn4Zf sNN+zLr1/ptx4oOi+INO+020sz2HnatNdyQt5jwpLsUXC7z5WQQcBuMp4J/Zp8deG/2DLj9ly+v9 NfxVN4Z1XRhcxyzHT/tF8J/LYyGES+WPNXcfKyMHCnjP2/RQB+aHi/8AYZ8Y+Jv2bvg54O0jxRa+ HPiz8FY7efR9Yt/Mnsftcar5sTb0RzDK0cZLGIkbBlGUspzL/wCAn7d3x48W+FLT9obxt4e8IeCf C97He3MHgmbUIL3VpIeAssku0ojjIOGAXcSIy20r+oVFAH54ePv2c/2h9H/bNg/aa+B+seHm0rXt Ls9E1+x1r7Qkq2cM8TzG28mNwXZIl2MzLtbIKlTmvSf2V/2evGfwO8XfGrX/ABZe6fd2/wAR/GF/ 4g05bKSWR4rS6lkdEuBLFEFlAcZCF1znDGvsaigD8Xv+CrXgrSPiNrnwd0TwBrMcXxN1vWLnw1Bb 20gMz6ZqsRhu2nCHcIYjhG3cbZZM8Zr9dfAXgzRfhz4I0DwB4bj8nS/DljbafbL38q2jWNScdWIX JPc5NePeFv2TPgB4N+Mer/H3QvCkcfjrWpZ55tQlnnnKS3P+ueGKSRoomkyQzIoOCQCFJB+jaAPj n9tP9nrxn+0b4K8D+HPBF7p9jc+GfF+meILltRkljR7WyiuEkSMwxTEykzLtDBVIByw4z5p8Vfgd +114R+P+sfHb9mLxfpOpWPiizgttS8NeLJrxrGGSAKoltBATsyF3EBo9rM/3gwC/ojRQB8Ifso/s v/EX4ZfEj4hfH/4461pWp/EH4jGBLm30KKSLTLSC3AwIzKqO7vtXcWXI25LMWZq9Q/bM+Cnin9on 9mzxh8HPBV1ZWWteIP7P+zzag8kdqv2S/t7p/MaGOVxlImC4Q/MRnAyR9P0UAfKnx2+Bniz4n/sk at8BNAu7G38QX+i2Omxz3MkqWYmtjCXZnSJ5Nh8s4IjJ6ZAryLxR+yd8RNb8Tfso61a6jpSQfAu1 aDW1eacPcs1pZQZsgICHG62c/vTFwV75A/QiigD81PE37NP7TXwc+N3jf4xfsha54cl074lOt3re geKFuhBHqC5JuraS2yxLM7uwZkA3EYcbAmJ4f/4J6av42+FvxXs/2i/FkWs/Eb4wXFteXupabE32 PS5dPO6zW1jkEbSJGeHyE3xhU427z+o1FAH5Naz8C/8Agpd4z8AWvwF8R/ELwhpnhhEitbrxRpx1 Aa/cWULLtBG1E80qoDlfLLjIMhyxb2j9o3XPil8AfBvwP8DfBnxVGs914i0fw5dJquL7U9XtZNsU jK0scmXADSzy5QIuSD0Wvv2oJbW2nlhnnhSSS3YvEzKC0bFSpKk8glSQSOxI6GgCevzKvvgb+3N8 Hfip438R/s6eMPD3ijwj47vm1Aaf4zmv5ZdJnl3Flt2hz+6UthRv+4qqYyV3H9NaKAPyWX/gnt8Q rb9kP4s/Cb/hI9JvviX8XdXtda1C7Ky2mjQTQ6hBdtDCI4nkEYWOTaRCMswXaqgGve9S/Zf8fXn7 SXwC+MUWoaYNG+Ffh+90nU4TLN9qmnuLCW1RrZfJKMgeQEl3jO3OATxX3dRQB8c+MP2evGfiD9tj wH+0jZ3unp4a8L+HLvSLm2kklF89xcG4KtGgiMRQecuS0qng4U8ZW/8A2e/Gd1+3Jpv7TMd7p48L 2fg5vDz2xkl+3m7NzLNvEfleV5W1wM+aGzn5cc19i0UAfkun7BvxeX9jv4z/ALPh1jQv+Ei+IvjK TxDp9x9ouvsUVo1zp8wS4f7L5iy7bVxhI3XJX5sEkdf8Yf2T/j/Z/GX4a/tHfADVvD8/i7wZ4ch8 O3um+IPtBsJoo0lUyQSQr5gLecwx+7PAOeWU/pzRQB+UjfsmftfeNv2kvhh+018WfF/hW71DwleP HdaHpq3lvY2WmOu1vsUskUsk9w/mSM4mCDcEAk2/d+lf2e/2evGfwm+PPx6+KPiK90+50r4o6lpt 5pkVrJK9xDHZrciQXKyRIisfOXbsdwcHJHGfsaigAr84/B37MPx5+HX7VnxF8deH9S8O6r8JPi7c x3HiCyvvtKaoiJbzJ5duEjMf+smbJMmGTghSM1+jlFAH5TeA/wBm39uj9mjS9U+Ev7OXi/whq3w6 urm4m0mbxLHef2noq3LF3VFgVopNrMWG7erPliiBmWvrP9kj9mey/Zi+G9z4buNXk8R+JvEN9Lq+ varKMG71C4ADlAfmEa4wu4kklnOCxA+pqKAPjL9sL9nbxr+0EfhYfBt9p9l/whHi6w169+3yTR+Z a2ud6Q+VFLulOflDbV9WFeJfti/sFa7+0j8c/BHxI8OavZaVoYgt9L8YW08s8U2oaVa3sd5HHCsU TpK5IYESsgBSI5O35f06ooA+MPib+zl4y8Y/tgfB34/aNeadb+Gvh5Y6pa31tLJKl47XtvNDF9nj SFoiqmRd26RMAHAPAPpf7Vnwm8RfHT9nrxr8JvCVzaWmr+I7RILeW+eSO2RlmjkJkaKOVwMIeiNz jivoSigDzD4I+CtV+GvwY8A/DnXZYZ9S8K+H9K0q6ktmZoHnsbSOCRomdUYoWQlSyqSMZAPFfmR8 Pf2Wf+ChPwL8S/ECf4L+Kvh/BonjXxDe63s1NtQmnU3EjFAdtlhSEwGALDOcE1+w1FAHw54Q+DX7 SPxX+H3j74W/tr6p4Y1rw/4ns4LWy/4RYXMc0DBnaSV2uYIwHRhC8RAYBlO4Y4Pz74M+BP8AwUq+ A+iW/wAMPhP8QfB3ivwZp2bXSrjxDDcpfWNmvESMIomG1FACrvlCj5VAUKB+stFAH5X6f+xL8YPC XwN+M96PFVt4x+OnxotVs9S1O4Y2enxW8j+VJFBtj3Kot5JOdgBIRVVFXJ/Rj4Z+B9O+GXw68MfD rScfY/DOmWmmxEDG5bWJYtx9225J7k13FFAHxZqv7OPje+/bs0b9p6K+04eFtP8ACjaFJbNLN/aB uWlmfesYhMXl4kHJlDZz8vrt/twfATxh+0t+zzrPwm8C3lhYavqF1Yzxy6lJLFbBbadZXDNDFM4J VTjCHnrjrX1xRQB+W9p8N/8Agq3HokHhqL4g/DnSbWC3S2S6tbe9luYkRQisomsthYAdSMZ7V2vg n4C6r+xN+x78QIfCnjW1PjiWK+1++8Saqmy1/tFkX5mRlnPlqqBVDBy7ktjL7R+idQXVrbXtvJZ3 sKXEEylHjkUOjqeCGU8EHuDQB41+zd4j8b+MfgH8P/F3xJbf4m1vRbK+v2MSwEy3MQlyY0Cqhwwy oAweMV4T+15+yx4x+NOt+CPi58GfEkHhP4n/AA4uHm0u5vEZ7K5imKmSC42K7KvBwQjghnRlIbK/ cVFAH45/FH9h/wDay/bFmt5v2rvHHh3w5YeH7a6/sbT/AArbTTIL6ZQomuGugH2EopZRIxKjC+WS TX6IfsyeFPjN4H+DGg+E/j1rln4i8W6WslvJeWYfa9tGxW3EkjhTLIIwN0mxCehBYF298ooA+Ofi V+z14z8Y/ti/CD9oXTL3T4vDvw/sNXtb+3mklW9lfULWeCIwIsTRsoaVS2+RCADgE8HjPAf7LPxD +Cn7W3iD4s/CDUdLt/hd8QovO8R6DcyzxTw6kN7C5sUjgeI/OdxDyIMSSKBgIR980UAfjn/w71+M /wDwwMf2WP7a0D/hK/8AhIP7W+1faLv+zvI83ft8z7L5u/HbysZ/i719wftrfAzxb+0f+zn4k+EP ge7sbHWdYlsHhl1GSWK2UWt3FO+9oYpnGVQgYQ84zgc19WUUAfAPx+/ZZ+J3iDxF8OPjl8BPEFho fxX+HVimmAal5j6VqenlGEttP5amQDc7lSFHDn7rBXTyvRv2XP2wfHn7Unwz/aX+O/iXwr5fg5ry KTRNGN6kNnay27JGbYzRP500ssjGbzHUKEXa7jCp+qVFAH5UaB+zN+2T+z98Yvif4n/Zv1TwXrHh r4parJq8x8UC+W7sbiWSWUjNquXVDMwBLvuABKqdxbvv2Sv2TPjX8B/jx8R/ij8S/F+meMrb4h2d tLc3kKy297/acbh5F+zGPyVtwXkWMrNnaqfu1yQv6M0UAeZfGvwXqnxI+DXj34d6HLDBqXinQNU0 q2kuWZYEnvrWSCNpWRXYIGcFiqsQM4BPFfHPiH9inXvG/wCwVov7KPiPWrOy8S6LZWoi1C28yeyW 9tJjKv30ikaJwShOwMu7cFOMH9E6KAPxp+M37J//AAUM/aY+En/CsPi7438FWNto32eS0XTxehtX u4HVPO1CdoGMaiJpHUQxYaUKGjUfMv14/wCzZ44b9svwX+0QL/Tv+Ec8OeB18M3Fv5s3217wTXEm +NPJ8sw4lXkyhsg/J0J+2qKAPjnx3+z14z8UftofDT9oywvdPj8N+DdF1HTby3lklF9JNdx3Co0K LE0ZQGVdxaVTwcA8Z8L/AOGa/wBrH4A/EzxtrH7IuueF7jwX8Rb6TVbrSvFX2v8A4lep3H+untja r8yNxgEn5QqFG2hz+nVFAH5P/CT9gH4p6R8MP2g/h/8AF3xtZatqPxnlhuY9XsRN5oul82WSW5he OMKDO4+SN2DJkZXIFUND/Zt/4KBar8EYP2W/EnivwN4Y8C2umf2JJq+lQXtzq9zpyx+UIRHIIoB5 qfu5Xwr7WJGWyW/W+igD8mrr9hr41ah+yD8G/wBn671Xw+niH4beMLfXLu5S5uzZz2EMt7JtiY2g kM2LpRtaNV+UneOK+n/2uP2evGfx7u/hNP4PvdPs18CeMNP8QX32+SWMyWloSXSDyopd0p/hDbFP dhX2NRQB8dftOfs9+M/jT8Rvgf4v8LXun2tn8NPFEWt6il5JKkstsjwsVtxHFIGkxGcB2RenzV4t 4j/Zk/aX+DXxw8afGb9kHXfDsunfEeUXmueHfFC3QthqGSTc28ltlizu7uQWQDcR842hf0uooA+A Pgj+zP8AHfSIfif4++PXjyPxH47+I1hPYxWFjNcroOlxPEURYYpAOchAWEQKqpALlmZvVP2RfgZ4 s+AX7Lnhn4JeMbuxvNc0aLU45prCSWS0Y3t7c3Mex5YonICTKGzGOQcZGCfquigD8s/DX7CPxDh/ 4J5at+yH4g1zSofFN5NJdQ3ts881gJF1BL6FWZ4YpQrCMI5ERK5JAbGDznjv9kn9sH4ieEfhJ451 zX/CUXxZ+DOpSyabCgun0a+08pa+X9oLRb1uA9ud2xArKwIZGAK/rfRQB+QXxj/ZP/bo/aN1HwZ4 6+JnivwXpmpeBdYs9Q07w/pgv49NdY3Ek0093JHPN9oJRERRG0YUsQyknd9b+HP2evGej/tw+Kv2 l7m909vDGueEodBgtkklN+t1HPbSl3jMQiEeIWwRKWyR8vUj7GpCMgjpmgD8zfCmm3Hxx/4KS+If ibZKZPC3wO0EeG47lT+7l12+3vcIh/iMUU8kco/hZUBHzAn9M682+Ffwl8DfBjws3hDwBZPZ2Mt3 c307TTSXFxcXd25kmnnmlLSSSOx5ZiTgADgAD0mgAooooA//1v38ooooAKKKKACiiigDE1fxL4c0 AxLr2q2mmmb/AFYuZ44d/wDu7yM/hWvDNFcRJPA6yRyAMrKQVZTyCCOCDX5CfG+61u6+K3iU68XM 0V5LHEHz8turfuAoP8Jj2keuc96+z/2QrrW5/h9fw6gXawgvWWzL5wAUBkVM/wAIY544yT712VcL yw5rngYLO/bYh0OW2/4dz6wooorjPfPLfjle3mm/BT4gajp08lrd2vh7VZYZomKSRyJaSsroy4Ks pAIIOQeRX5Ffsgfsi+I/2hv2dPCHxk8TfHv4kaZq3iBb1pYLLXpBbxm1vZ7ZdgkV35WIE5Y8k4wO K/Wz4/8A/JCPiR/2LWsf+kctfj1+xD+yh8Z/iX+y74J8Y+GP2ifE/gfRtTXUPK0bTU/cWoi1C4ic ROJ0I8xkMhO0YZj160Ae3/sxfEz4qfA39qP4o/sq/Fnx3e/EXwt4S8Pf8JLY6vqG6fULWCMW7vFM +55D+7uMEMWyUUoFD7a/SP4Y/GDwJ8YPhnp/xd8CXsl74Y1OO4lgnkhkhdktZZIZcxyKHGHiYcjn GRwRXyj4E/Y48Bfs3fDX4qeJ9O1XVPGPjbxZouoDUte1mb7RezqIJGEanHyqWwWyWZ2ALMQqheQ/ 4J9a5pWlf8E3vDGsX1ykdrpWm+IpLlywxEsV/fO27PTC889iDQBzX7Xn7ePhez/Y6k+KvwB8R3dr qvjGZrLQr4afKCrWl3FFfbvOjKwsIi4RnAy2Ch3Yr7h/Z2+L/hj43/CfRvG3hW6uby38tLWeW7t5 baVrqCNBMSsyqzAsfvAYbsa/ETT/APlCBqf/AGEl/wDUiir9+fh2Qfh/4YIOQdLsv/RCUAfmn+2H +2vD8HP2o/hL8ObbXr7TPDunXVzdeLre2sJZTcQyW8TWSo6xs8qje5dISecbxwK5LxH+1p4Q+EX7 f3ijxP8AEvxjfad8Prr4d2Nxp9g5upYpL28ubN4vJsVDf6Q0ZcnCBgu/cQA1enftfED9uD9kQngf b/EQ/wDIFrXO6R4X0PxF/wAFe/EN/rFpHdTeH/h/DqFkZED+Tc+dbWwkXIOGEc7gEcjNAH2N+z/+ 138Cf2mZNTsfhXrr3Oq6Moe8067t5LS8hjLbN/lygb1DfKzIWCkgNgsAfNviJ/wUS/ZX+Gvi/UvB Or+JLnUr/Q3MepvpdhcX1tYOpIYTzQoUBUjawUsVbKkAggfMXxPivfDP/BS3xFqfgiAW2s3/AMId QugYRsae9jllWJmK8lswxDPX5R6V4R/wT80z9s6T9mq1uvgHa/C678Oaze6g18+vjVX1ae681kkW /wDsx8pm2bdg/wCeJQnkmgD9x/Anjzwd8TvCeneOvAGrwa5oOrR+ba3ds26ORQSrDnBVlYFWVgGV gVYAgivzv/4KkftKXfwX+Blx4L8G61faF408V+SLS5so5kaOzSZRclbpBthcr8o+ZXIJ2881o/8A BMrwZqngP4dePdDufFfhjxNYy+Jrm7gi8KXk93YabLNGnnWi+fHGY1UqpRQX+U5LEnJo/wDBXb/k zTVf+wxpf/o00AXv2TfiT+zh8IvDfg/wZ4Z8eeKfFN78WdTvY9On8SR3Us819psUK3SIJIY/s8OZ FZd4+YsfmbHH2p8Q/jd8O/hZ4n8F+D/Gd9Jaap8QL86bo8aQSSrNcgoCrMikRj94vLEDmvhf9s+W K2/bO/Y+uLhhHG2r6/GGY4G947FVXPqzEADuTVL9vHVLEftQfsiaL5qm8bxdLceWCCwiWWzTcR1A LHA9cHHQ0AUtE8b+M5P2wv2vdCk1/UG03QfCmnT6dam6lMFlK2kxO0lvHu2xMXJYsgBJ56175/wT g8ReIPFn7F/w58QeKtTutZ1S7TVPOu72Z7i4l2apdou+WQs7bVUKMngADoK+XNB/5PX/AG0v+xP0 z/0zw19Ff8Ewf+TF/hj/ALmrf+na8oA++K/La71jxZ4k/wCCmvi34WSeJNTtfDt98OJNtpDeTJBB PM8Uf2iKJXCJMoYlZFAYHoa+4dc+Pfw98PfG/wAPfs+anPPH4u8UafNqdinlf6O8EHm7wZSQN+IX O0AnAzwK+EfDkkd7/wAFe/FItWEpsPh5Gs+058tjNakBvQ4dT9CKAOs/4Ju/FTxFefs5eJ9B+Lms 3F5r/wAKte1jS9Vur+d7i4EVu32kvJLIWdlQvIg3HgR4HAFfGH7Dnxw+M837U2geMvijr2oXfhD9 oi08RXOh2V5dTSW1lcWN9JIscMTsUj2JCY0CAArIoA6Zwv2ovG19+zL8V/2qfhfo4aOX45aNpGpa JCOGmuNRn+w6gI/V5PPum45OwehNfTH7YfwmT9n39mv4BfEHQo/9K/Z61jQZLqWMZ32khigvjx/z 3uFiLdjk+tAHp/iXxT4u+JH/AAU38NfDrQdbvrTwt8MPCsuraxZW9zLFbXN7elkhSeNGCSbRPbyK HB+63bNeGfsXftZ6N8H/ANjbxn8XPjz4ovtYktPF+qWlil3dPd395ItvbNFaW3nMWPJY4yEQFmbA ya9s/wCCf8UfxI+If7QP7UDsLmHxv4rk0rSp87t+laMvlwOjf3ZFdAccZj9q/Mr9j/8AYHtP2qPg l8QfHGreK7yz1LT9W1Gw8MWiyMtnY6lGIJ5LqUc58/8AdxMEAIUFvmYJtAP02/Zd+G37Q3xp8f8A /DV37Ses6p4as7sK/hrwPaXlxbWdnajJhmvoUZBLIQdwSRcsTukAG2NP0O8bPbReDNekvL2XTbdN PujJdQAmWBBE26VAvO5B8y45yOK+G/2Cf2o9d+Lvh3Vfgv8AGRW074wfDVjY6zb3GFlvIYW8pbwD +Js4WYrkbirjCyKB9m/Fb/kl3jH/ALA2of8ApO9AHx78Fv2gfgZ8D/2Tfhx4x8TfErUvFPhTXtUu NHsfEutQXAurq6uLy8f/AEoSbniji8mSPzJDtVIwcgEVseD/APgo7+yX448faf8ADzRvFU8d7rM6 22n3N1YXNtZXkzNsVIp5UUfM3yqXCqSQASSBX5MeI9Ks9e/4JVfsy6HqC77XUfiMLaVfWOa91tGH 4gmvvn/gq/4e0TT/ANmLwrNp1jDaN4f8U6Qun+TGsf2VNkseyLaBsXaANq4HA9BQB+q1fkh4e/bs 028/4KD678MdV8QagfA8enR6Bpenpp0wQeIZL63hkklCxbyu4OqzOfLVT8pAYk/rfX5h+ACB/wAF Y/iaD1Pw9sj/AOTFjQB4V8D/ANuD4d/Az4kftFad8dvGGpX1z/wsLWYdG04C51KeKytp5gywRjcs EEYAAGUXjC5wcfqd8GPj78Jv2gfBTeP/AIVa/Fq+jwyPDOxV4JbaWMBmSeKUK8ZAIYbhgqQykqQa +BP+CefhbQ/+F9/tY+M3tI31dviBqlgtwyAyJbLeXMrRqxGQruwLAHDFVz0FfMdqdS8J+FP+Ch9j 4Fj+wi1v4jHFb/u1iiuWuxdsgTG390XPGOB6UAfoDqn/AAUy/ZA0vxDPojeK7m7tLS4+yz6ta6dd XGlxTZwFN1HGVYHs6BlI5DEc19z6NrGk+IdJste0G8h1HTdRhjuLa5t3WWGaGVQySRupKsrKQQQc EV+JnwN8MftmXX7G+g6D4RtPg3/wqjU/DjSTNqR1cSm1miLXUt+0f7kXCtvM7D5VkVsYCivuT/gn X4c1Lwf+yn4Y8L3/AIq0nxlDps99Ha6jot1LeWbW7XDusayyxxNmNmZCu3C4AHSgD6I+O/xV0v4I fB3xf8WNX2tD4a06a6SNjgTXGNtvDn1lmZIx7tX5F/sCfEz43fDL44aB8Pv2g/Euoa7bfHjwvD4n 0STUJ5ZhbXatNKLePzWYR+Zb72ZV2jPlALyK9Q/4Kha74w+KOsfDT9jb4W2qap4j8b3b6ze2jzeQ j2OnK7RJNJkbY5HSVy3BBgGDmvnz9srTP245PCnhD44eMvht4b8LR/BC9h1Szu9E1Bp5ooPMhQxG Eud0G5Iy4HRFOflzQB+qX7Qv7LP/AAv/AFvSda/4Wb4v8C/2Vbvb+R4c1L7FBPvff5kq7G3OOgPp xX5X/s5fs1+LfjJ8cfjx8Ltf+OvxEs9P+FWqWVjp81rrsomuI7prsM1wXDKWH2dcbFUcnjpj9w/h f8QtC+LHw68N/Evw0+7TPEthb38IzlkE6BjG2P40JKMOzAivzn/YV/5O9/bI/wCxi0n/AND1OgDv dG/Z3+IngP8AaN+B0PhzxN4p8SeFfAmj67/bmpaxfCWC8+2/aRaJMwZTcXKy3PAMeEhjQ5zXafEf /gol+y58MfGWreB9b169v7/w/L5Oqy6bp1xeW1hKDgpPNGhTcpG1gpba2VPzAgfcVfiT4E8A/tIf DPW/iR4t/Yb8TeD/AIy/DfxL4gvbrUtDv2X7XFfTqrXFsZy0SvtjZVBa42kYJjyWyAfsF8PPiJ4K +K/g3TPiB8PNWh1zw/rEZktruAna4VijAhgGVkYFWRgGVgQwBBFU/if8VPh98GPBt78QfidrUOga Bp+0S3MwZvmc7VRI41aSR2PREVmPPHBr5U/4J5fEv4c/En4BSS/DrwOnw6j0HVrvTdR0aKRpYYdQ jWOWV4nf5irrIp+YAhsqc43Hxj9v6LTdX/aK/ZR8K+M445fB2o+J7yS7jn5glvIvsi2kcqt8pDM7 Lg5DBmBGMggH0R8If29v2afjX44h+HHhLX7i08Q3qmSyttTsp7E3qAFt1u0qhWyoLBSQxGSFODib 4xft3/s3/BHxjL8PfFeu3F/4ktEEl3Y6VZTX8tohAbdOYlKJhSGKltwGCVwRnX/aL079l6DxZ8LP Evx9WOLxBZa7Db+EZU+2i4/tWVkaONBY/MVLohIl/dbtobqAfk//AIJVWml3nhj4xeKtaWKT4gXv jnU4tbmbH2oIqxvEjZ+YR+a0xX1bd/d4APubwj+0v8FfHvwf1f46+DfEkWreD9AtLu8v7iCOQzWq WMJnnSW3KiVJFjG7YVDEEFcggn5u1b/gqH+xtpTWLDxbdXtvdxQSy3Fppt3PDaC4Tei3DrH8smOG jXc6nKsAQRXxTaW+laF8Vv8AgoN4Y+HqJF4Pj8G3k80NvxbRaq2lTGdQq/Iree1yCBjBUjHy4H07 +zj4E8KW3/BLVdHTTYDba14N1i9vAY1Pn3E8U8hlc4+Z1IXax5UKuMbRgAx/+Ckn7XGmeB/2bLa1 +E3ii5tdd+IMFrc6TqelrLsbTWlRppI7yMbYmdCFHzK+GO3np558GdJ+Avh3XvgVeeDfjf48uG8Q a9q7W1nrAvHTXb23hs47iC4VkhEMERw8YkVgTK+GPNfPfxNlkm/4Ir+A3lYuwvoVyTnhdVulA/AA AV9x/tpf8nj/ALHn/Ya1/wD9F2FAHrXxL/4KLfspfCbxLrPg3xl4nuINb0C/Gn3lpFY3EsiSFdzO NqYaNR1YE88DJ4q/43/4KDfsr/DzVtV8PeJ/FM1vq+lRadMbEafdtdTrqtst5bCGLygzEwupfIHl lgsm1iBXzX+yD4J8Ma9+3F+1r4k1rTre+vNO1HTbKBp4lk2Q3wuWnUbgcB/IQMO4HNXPgt4Y0PUf +CrP7QfiK9s4pr7RND0FbKR1DGA3OnWKyNHn7rFF25HO0kdCQQD25P8AgpP+yBP4Dg8e2njJrlLi 5ezj02KzuH1VriNBIy/YwnmbApH73/VZ+Xfu4r2/4R/tQfBH42/DfUviv4E8SRP4d0Pzv7Smu1a0 aw8iPzZDcLMFKKsfzbuVI5BODj4Z/ZJ8F+F7P/goX+1LrNtp0Md3pr6WttIEGYv7SRp7rYf4fNkQ Fsda8E8N+J/hV8L5/wBvLUPifocmteDIPEGmrPo9rM9obyW9nuVSFZIWRoxJMy72U8JkkMBtIB9q T/8ABUT9kGC+ijOv6m2kyzG3GrjR70advBwf3pjDEe4Q8c15/wD8FBf2xV+EOh/DLTPhz4lnsp/F OsaVqd3dWNsZ47nw25kaUw3ARl3SsqYWNhIyZx8pNfNfxn1T9r3W/wBibW11LwR4E+GHwct/DsBt 9Omubu+1YWO2M2cULKzQiZiY9rShX3nLfNkUvxnkL/sKfsayO2QvinwgMnsFtLgfoBQB9y3PxL+F /wASv2lfgT4v0T4i65pk/iDStYuNJ8Ni1uoLDWIVt7gSS3ittWN4ArOglTJKLjqK7b4xft3/ALN/ wR8Yy/D3xXrtxf8AiS0QSXdjpVlNfy2iEBt05iUomFIYqW3AYJXBGfBvjt/yk8/Zn/7A3iX/ANN9 5XP/APBKq00u88MfGLxVrSxSfEC98c6nFrczY+1BFWN4kbPzCPzWmK+rbv7vAB9zeEf2l/gr49+D +r/HXwb4ki1bwfoFpd3l/cQRyGa1SxhM86S25USpIsY3bCoYggrkEE/N2rf8FQ/2NtKaxYeLbq9t 7uKCWW4tNNu54bQXCb0W4dY/lkxw0a7nU5VgCCK+KbS30rQvit/wUG8MfD1Ei8Hx+DbyeaG34tot VbSpjOoVfkVvPa5BAxgqRj5cD6d/Zx8CeFLb/glqujppsBtta8G6xe3gManz7ieKeQyucfM6kLtY 8qFXGNowAfpN4b8R6D4w8P6d4q8L30Wp6Rq9vHdWl1A2+KaGVQyOpHUEHNeTfHL9pH4N/s5aTp+q /FrX10k6vI0NjbRxS3N3dyJt3CGCFXdgu5dzYCgsoJBIB8O/4JrSyTfsQ/C55WLsLW+XJOeF1C5U D8AABXkf7VvxGsbD9rD4c+C/hL8LrT4g/HK10m4vtNvtU1GW007SNPkMyO7RCQRSSMFkJJCuo2bS zFQAD6G+Cn7cX7Pnx48aS/Djwfqt3Y+KkjeZNM1WymsbiaONdztEJBtbao3Fd27bltuASMjx/wD8 FAv2Xvhpr/iHwh4n8SzjxD4avVsLjTLexuJ7uSdkMmIURDvQKvzSZCA4BYEgH88/E0n7QR/4KL/s 7337Rb+FLfxHcRagLe18L/aSbeyME4UXT3WWYs5k2bSV4fHXFfQf7G/hrRb39uv9rPxZdWkcmqaV qOk2ltOygvFFercvOqseRvMEecddooA+5/gN+0j8H/2lfDd14n+EWtjVYNPlWC8hkie3ubWRgSqy xSBWAYA7WGVbBwSQcfOfi7/go/8Aso6dret+Bo/Fs5uLJpbCTVILK5fTIb0gosZvEQoPn4Eg/d8Z 345r5BtrfUfC/wAdv2/rbwFCLW7HhaG8hjh/d/6VNpcszyqF/wCWheR3B7ueepr6i/ZB8K/CS/8A +CcegaTfW9m3hbVPDl/LrbMFMbTHzft0kzH+ON1b5icpsXBG0YANv/gmH4o8S+Mf2OvCmveLtWu9 c1Oe71RZLq+nkuZ3CXsqqGklZmIUAAZPA4r64+K/xe+HPwP8GXXj/wCKWuQ6DodqyoZpdzM8rAlY oo0DPJI2DhEUkgE4wCR8Vf8ABKD/AJMk8H/9fmr/APpdNXA/t4Wuma1+1f8AsoeG/Hixy+C73W9R eWGfm3mv4/sotkmDfKwLsiqrcMGYcgkUAfR3wl/b8/Zm+MnjK0+H/hvxBcabr+pDdYW2rWU9h9tB +79neVQjlv4V3Bm7KeaufFH9u/8AZm+Dni7xH4A8eeJpLPxJ4ZayjuNPjs7iaeZ7+AXMK26xoRL+ 7ZS7A7UJAYgkA/Mn/BXO20ax+A3hPxVZIsXjbSPFGnf8I9PFxeLcEOzpCVw+CEDEDjcqHqBSfBTw 1o+qf8FV/wBoLxJqlnFPqWjaHoItZGUOYGudNsVlaMn7rFV27hg7SR0JBAPcE/4KT/sgT+A4PHtp 4ya5S4uXs49Nis7h9Va4jQSMv2MJ5mwKR+9/1Wfl37uK7O3/AGjPgt+0T+zR8Q/H3w+8Y3Wn6BZa Nq0Go6jbQzRalo5Szd5Jlh+WTzYoz5sZQ/MQNrZHHyr+yT4L8L2f/BQv9qXWbbToY7vTX0tbaQIM xf2kjT3Ww/w+bIgLY615F4BtLbTbb/go7pthGsFrHb6nIsSAKivNp+qM5AHA3HrQBc+Pf7XNn8D/ ANnj4DeGvhb8Q9Z1mTXb7S7y81u6spjeaj4eWWcXDPJKrskzyRqpQN5pUHHyk1+wnw98eeHfif4M 0nx94Skll0jWofPtmnhkt5Sm4r80UoV1OQeCBX4bfEYgfsC/sdMeAPGnh7J/C8r9+6APhDVfHvw3 8B/td+PPE2ufETW5r/w/4Ea/vvCi29zNptrYQz27NfwhNyPcE4TYi7yHb3ryX/gnJ+19cfH1PG3h Xx1rt5rHjA63qep2gks3htodEjFpDBGjrGsKFWc/us7+SzAkk1c8Hf8AKW7xz/2TKH/0usKX/glO R/wpT4ijuPiFroPt+5tKAPb/ANu79oG3/Z+/Z88R6vZX9zpviXW7O5sdEnt4JJjHetGdrl0Vli2D LK74XcBzmvib9i340fs7fBD4N23xr8e/E7xXrGq+Lp9I0bW5/EJu7iytdZu7eW7K2weIERBVcPcF 3UhAdwB5+6/29/8Akzj4s/8AYEm/9CWvzo/a60e08Q/8E8/2TNAvxm21LUvAttKPWObQ50b9DQB+ hHgH9vv9lr4i+EfF/jvRvFjWmg+BzB/ad3fWdxaxoLpnW3Me+P8AeNMyMEjXMhI+4MjOT8Nv+CiP 7LPxP8X6d4H0fxFc6ZqetuE0w6rYz2MF+zEBBBNKoQlydqBipZvlUEkA/N//AAUZ8N+E7DxL+zV4 S1TT7TTvh7f+N7G31iFYkgtWihMUdvHLt2qIlhedcHhVJxiu6/4KxaT4Mj/Y31XU9TihttX0XUdK OgSACOWG7a5jR1gIwR/ovmkhey5x8oIAPpj4yftjfs9/AHxafBHxY8Tf2Hqx0ldZSJraeUS2sk72 yCIxI2+VpEbEa5baCxAUE15foP8AwUn/AGQNd8K6v4qHjNtP/sSWKCewu7O4i1F5Z2ZY1gtdhecs VOfK3bOsm0V8y3+hJ4w/4Kb/AAQvfHlkl1qdh8LLXUnSdN3l6ik1/wDOVb+ON3ZlJ5VgCMEA10Y8 F+F7v/gr9Lqdxp0MlxbeAl1VGZAcXolW0Ewz/GITtB60Afav7Pv7WHwU/aah1cfCvV5bi+0FkW+s by3ktLuASZCMY5AMqSpGVJAIwcHFdP8AtD/FnTPgj8GvFHxI1OaS3/sy0dbeSK3e6K3cw8u2zGis Svmsu4kYAyW4zXxJ8MbS20//AIKvfFxLKNYVvvA1hcTBAAJJhJYpvYDq2BjNffHxp/5I547/AOwD qn/pLJQB+MF1+1x4j+Kf/BLTxvrMPi3Vm+KHhcadJq+pxrPYyo+o+IwIvIuYljRgbdTGVhOEX5CA OK+xPBP/AAUv/ZK02z8MeCtf8azNfC0s7O51N7O6ksBeiKNZFe72EEhj88nKD7xfHNfG2okH/ghg hBz+5g/9Sxa+sP2oPAPhLQf+CXeoeGdO0u3isNH8L6RPbIsSgJcK9u5mGBxIzlmZurFmJJyaAPtX 40ftE/B39n7wpbeMvip4jh0rT79xHZqitcT3jkA4t4YQzyYBBLKNqggsQCK4P4H/ALZnwC/aC8QX Xg/wHrc0HiSzj859K1O1lsLxoh1eOOZQJABydhYqMFgAa/I7xbJ8YPEP7UH7K9h4AHh271u0+Fek X2hxeLWuW0p757eY3EoW2+f7UFjVkx3RG6ha9w+IHgb9qHV/2qPgP44+PniX4V+FfEGj6wqWMei3 eqWuq6tYSyxJd2qC5jk8792zLEhKLukYbsMaAP2or4I1v/gpX+yboxubePxBf6pf2VzdW1zZ2OmX U9zB9jYJNLKoQBIgTw5I3YO3ODX3vX5Pf8EqdG8IJ4a+M+u2kULeJbjx3qdteyYHnizjWN7ZD3Ee 95ivYtu644APue0/aZ+C+pfA+5/aL0nxAt/4Es7d7ia9ghld41jfY6vBt81ZFY4KFQw64xg15v8A Cr9u/wDZn+NPxEk+GHw78SS6lq6Wj3of7FcR2piiTzJf37IEXy1+8XKrn5QxPFflnZwWOm/Br9v7 RPB6xx+CbLWf+JakB/cR3TSyi8WID5Qi7YgNvGAAOAK+p/FfhO18C/8ABJOK48AafDZ6jP8AD7T7 iaaGJUlZNUit5tSYso3fvEeQuc88Z6UAe0ah/wAFOf2PdP1+bRz4qurqytpxbTatb6bdzaYkpONv 2hIyGHoygqRyCRg19R+Pfjz8Ifhn8NI/jB4y8U2dn4QuI4pbfUEfz47oTrviFsIt7TNIvKiMMSAT 0BNeDfs8+Evg3L+wh4Q0O6tbJvA2oeDYJtW3BPJcy2gk1CWY9BIJfMZyTlXB6FePxR+Bct14n8O/ sW+Gfiri48CSeK/EqW0V2S1vPLDcW/2ZJA52souHMaKeCC68jIoA/bX4S/t+fszfGTxlafD/AMN+ ILjTdf1IbrC21aynsPtoP3fs7yqEct/Cu4M3ZTzX5s/tmftIeB/iZ+17ofwe8S+P/FfhP4ZeFLG8 h1uPw9Fd211NrUFxPGVVUiczRjy4tsux0A37CCxNfS//AAVzttGsfgN4T8VWSLF420jxRp3/AAj0 8XF4twQ7OkJXD4IQMQONyoeoFb/jAuf+Cs/gAyAB/wDhWc+4DkZ+232cUAfoGJNC+EnwyE1/dXdx o3gvR90txNvu7yS1063y0j7RvllKR5bAy7dBk4r8RP2ZPid4R/ai/bW8UeJvHXxF8YC9svE0kngr RrN7m20ltO07zbhVvYzEY4g0MCbomMTO27fudq/favxE+Et3r1h8Of8AgoLfeGWaPU4PEfix4WTO 9SqXZZkxzvC5K474oA+xPFH/AAUu/ZF8K+Jb3w7ceKLrUU0uXyL3UNP066vNPt5M4w1xEhVhnjMe 8Hsa+gfHP7SvwX+Hvwq0/wCNmveI4pfBWqSW8VtqVmrXUMhumKxkeUGIGQQxP3SCGwQa8C/YD8Mf DN/2GvA2n2FnZXGiazpU76wrqjRXFzK8iX32ktkNhgyNv6KoXgAAfjVd3Es3/BLDxxptnLJL4e0/ 4nvb6I0jMw/s8iGRdm7Py+Y7ng8sW75oA/en4E/th/Af9pHxJr/hX4R6zPq174cUSXDPZXEMLwl9 gkjlkQIVLcAEhjgkKVBNdb8bP2jvhD+zvbaJffF3Wjodp4guJLa1mMMssfmRJ5jbzErbQF7nqeBz XpHhDwV4X8CaJYeH/C2mW+nWmm2kFlEsESR4gt12xp8oHAySB6knua/M7/gph4c0rxh41/Zl8J67 Atzpus/ECys7qJwGWSC4lgjkRgeCGViCKAPqX4d/txfs2fEr4beJvi1o3idrDwv4QlWHUrvUbWa0 WJ5P9Uqb1/etJxsSPc5JUFQzAHmfht/wUM/Zb+KPjHTvA2ieIrnTtS1xwmmHVLC4sINQZiAq280y BCXJ2orFSzYVQSQD8p/8FW9OvrTQfgr4a8OWulWej6v4zthdpqKtDpElyiJHajUBAAxt9hkEhHzC NTt6DHB/ti/D79szxx8IbXR/2gda+Dfgnw/YahaPYatBcaxY3NneRk+UtrNKkioWVWUgIfkBPG3I AP0p+O/7XnwO/Z11XTPDnxD1ad/EGsRNPa6Vp1pLfXskKkgymOJTsTKkAuV3ENtztbG/8B/2mvgx +0npOoar8JNeGpto8iRX1rLFJbXdq8mdnmwyqrANtbawypKsAcqQPgj4v/DX4max+07pPxV/Zj+J nhk/GvTPCNta694b1UmaO4sf3chnhby2ZFlaSPtEcbW3gOwPlWmfGXxVOP2mvAvxB+FOn/Dv9oCP wHqOrX2qaLM0sGpWkNqqCRQJJQkirIjxlZHLHO7a6kMAfaPij/gpd+yL4V8S3vh248UXWoppcvkX uoafp11eafbyZxhriJCrDPGY94PY1774y/aZ+C3gfwV4S+IureIUufDfjjUbXS9IvbGN7uK5urxX aJQYQ20ERuGLYCkYbB4rwb9gPwx8M3/Ya8DafYWdlcaJrOlTvrCuqNFcXMryJffaS2Q2GDI2/oqh eAAB+NGh3/k/sU+C1jnc+FtG+P0MWkSysdiaaLOSUFSxwE3tIxOcbi2ec0Af0Y/GX43fDv4CeF7X xl8TL6TT9KvL6DTo5IoJLgm5udxjUrErMAdp5xgV5b8cf20v2ev2dPEz+Dviv4gk0rWP7KTWIrdL WaYz20k7WyCJkUq0jSI3yZyFBY4UE18uf8Fb9UsbP9nzwhp08qrc3/jPSVhjyNzeXHcO5A64UDk9 iQO4rN+J/hTQvFX/AAVw+G4160ivY9J+Hz30McyCRBPHd6ikb7WyMoX3KezAEcgUAfWd5+2x+zdp fwX0T4+av4pOn+EfEcskGnPNaXK3V1PC7xyRRWojMzlXRlLKpQYzuwQam+BP7ZnwD/aJ12/8JfD3 Wpk8RabGZptL1G1lsbzyQQDIiSgB1GRnaSVyCwAIr5K+Kem6Def8FTfg54b8T2dumi6X4Pvb7RLd lUQHVWmvGkZE4XzFSMOMAkMqt1wR73+0PF+zzoHxd0bxXqCrF8fbjw7rUXhFoDfCeZYLSdmDi2/c FVDvtNwO7bOVOAA+In/BRL9lf4a+L9S8E6v4kudSv9Dcx6m+l2FxfW1g6khhPNChQFSNrBSxVsqQ CCB9Z+BPHng74neE9O8deANXg1zQdWj821u7Zt0ciglWHOCrKwKsrAMrAqwBBFfhx/wT80z9s6T9 mq1uvgHa/C678Oaze6g18+vjVX1ae681kkW/+zHymbZt2D/niUJ5Jr7I/wCCZXgzVPAfw68e6Hc+ K/DHiaxl8TXN3BF4UvJ7uw02WaNPOtF8+OMxqpVSigv8pyWJOSAfpbRRRQAUUUUAFFFFAH//1/38 ooooAKKKKACiiigDivE3w48C+MbmO98TaLbahcQgKsjrh9o5CllwSPY8V1Gnabp+kWMOm6VbR2lp brtjiiUIiKOwUcCrtFNydrERpRTcktWFFFFIs53xf4ZsPGvhLW/BuqySRWWvWNzYTvCQsqxXUTRO ULBlDBWOCVIz1B6VwnwI+C/hb9nr4UaF8HvBd1eXujeHhcC3m1B45LpvtNxJcv5jRRxIcPKwGEHy 4zk5J9UvLy00+0nv7+ZLa1tkaWWWRgiRxoNzMzHACgAkk8AV+f2rf8FQf2Q9LvZI49f1K/0yCc28 2q2mk3kunxyA4wZvLG4ehRWyORkEUAfoNNDFcRPBOiyRSKVZWAKspGCCDwQR1Ffm9Yf8EvfgZpWq Xlppvirxfa+BdQuxe3Pg+LWGj0KeQMDslhWMSPHgBcNIXwPv19sav8ZvhboXwuPxq1bxLaW/gj7H HfjVSxaBreUAxsm0FmZywCoql2YhQpbivnL4Z/8ABQv9lv4reO7D4d+HPEdzaatrDBdMOo2FxYw6 gW4UW8kyKCXPCB9pY/KoJwKAN7Q/2Kfg/ov7L95+yVJcapqPgu980tNc3EX9oLJJdfbFkWWKGOMN FMFZMxEcAMGGc+m/s/fA/T/2e/h8nw70rxPrfiqzhuHmiuNduUuriFGREWCNkjjCwoEyiY4JODjA HC/HH9s/9n79nzX4fCHj/XZpPEk8IuV0vTrSe+u1gOf3kiwqVjGATh2UkcgEV2fwv/aX+CHxg+G1 78WvA/iq1n8MaUJDqFzcE2v2EwpvkFyswRotq/NluCOQSOaAOS/aX/ZM+H/7UEfhi58VatrHh3Wf B1xNc6Xqmh3S2t5btcBBKoZ45BhvLQ5ADKVG1gNwOj4G/Zf8FeBPjL/wvW21rWdV8Tv4XtfCkrX9 xDLFNaWpgYXEgWBJGuXa3Uu+/aSWwgyMeM6L/wAFMP2Qdb8RW2hR+K7mztb6f7NbareaddW2lyzA 4Ki5kjVVAPVn2qOpIFe2/Hf9qr4K/s5ppMXxK1iSPUde3f2fp9jby3t7chMbmSKFWIUE4DMVUngE nigDUuP2e/Bdz+0Ta/tMyXuoDxRaaEfD6Wwki+wG1MrTbzH5Xm+bucjPm7cY+XPNfMnij/gm38LL /wAQ6/rHw68c+MvhlYeK5Wl1bSfDWrC0026Z8lz5DRvt3EngkoASqoq8V9CfAf8Aav8Agd+0guqR fC7Xjc6homDfWF3BLZ3lupONzRTKpKg8Fl3KDwSDxXh2r/8ABTf9kLR9dudJl8TXlzY2VybSbVrb TLufTEnU4Ki4SMh/ZkDKRypIwSAfUnwR+B/w5/Z5+H1l8NPhfpx0/R7R3lYuxknuJ5MeZPPIeXkb ABPAAAVQFUAYn7Rn7Pfgv9pz4Z3Hwq8e3uoWGk3Nzb3TS6ZJFFcB7dtygNNFMmCevyZ9CK9h0LXd G8T6JYeJPDt7FqWlapBHdWt1A4kingmUPHIjDhlZSCCOor4p/bx+LXirwh4G8M/Bz4ZXbWXjv4y6 tF4c024TO+ztpiq3t4pBBBijdV3AgoXDgjbmgD179pH9l34aftReGtM0Dx+19YXehXX23TNT0ucW 99Yz8ZaKRldcNtG4Mp6AjDAEeB+F/wDgnB8I9E8b+Fvih4g8YeL/ABd408K6lbajDq2s6qt5PN9l OYrWTzIWAtlbLbU2vk/6zGAOC+Pg1j4S/tG/scfCvwbrup2ugCfWLG6h+2TYv47SCzVGvAGxO2Sz EuD8zMR1r6a+N37aX7P3wB8SQeCvHOuTXPiaeMTf2VpdrLf3kcRGQ8qQqRGCvzAOQSvIBHNAG5af sveALL4o/E/4tRX+pnV/ixpsGl6rE0sP2aGC3tltVa1UQh0cooJMjyDdyABxXZ/Aj4L+Fv2evhRo Xwe8F3V5e6N4eFwLebUHjkum+03Ely/mNFHEhw8rAYQfLjOTkml8H/2iPg58d/Blz4++GfiS31LS NPLretJutpbJowWYXMUwR4sKCcsApAyCRzXzL/w89/Y+Gsrpz+Jr1NOe4+ypq50u8GmNMDggT+X0 HUtt245zjmgD1f8AaY/Y++GH7UI0LUfFl3qXh/xF4Yd203WdGuFtr6ASEFk3MjqyblDDI3Kc7GXc 2V/Zu/Y9+F37M1zreu+GLrU/EXijxLt/tHXNcuFu9QnRefLEiogVC3zEY3McbmbauOq+NP7UfwS+ AXhvRvE/xD8QLHB4kYLpMNlG97cahlVbNvHAHLptZTv4T5lG7LKDh/Aj9sH4D/tGatqPhr4ca3Kf EGkx+ddaVf2stlexRBgpfy5VG9VZlDFC20kbsbhkAq/Gj9j74TfHb4seA/jH41fUE1v4fTRS2cdr LCltdCG4W5jju0khkd0WRSQEdOGYEnPHsfxb+GHhn40fDXxF8K/GPnDR/Eto9pcNbsqzxhsFZImd XUSIwDIWVgGAyCOK9Fr4P8W/8FJv2SfCHie+8M3fii51EaTL5F9fadp9ze6fayZxh7mFGRueMx7x nIzkUAfSXwI+Cng79nj4WaL8IvAb3MujaGJ/LlvHSS5la4meeR5XjSJWYs56IABgY4rnv2cf2cfA /wCzD4I1DwF4BvdRv9P1HVLjVpH1OWGWYT3KRo6q0MMKhAIlwCpPXLHtb8eftJfBn4dfCzT/AI1e IfEUUngvVJLaO21K0VrqGQ3ZIjYeUGO3IO4n7uDuxg18/aZ/wUt/ZE1ay1/VLLxVdNYeG7i3gubk 6bd+SRdSeVFIj+Xgoz5HzbTgFsbQTQB6X4w/ZB+Gviv9oTQf2m7HU9X8M+NtFSOKWTSZreG31KJB t8u+jlt5TIGiPlMVZGKYGcqhX6T8QaLa+JNB1Lw7fM6W2qW01rK0ZAcJOhRipIIDAHjIIz2NfL3w q/bl/Zq+Mk/i9PBXigta+CLZ73Ury7tprSzjs0O0zieVVj2ZzgEhjgkKQCa870T/AIKa/sf634ht tETxVc2Nrezm2ttUvdOurbTJpQcYFzJGFQA9WkCqOpIFAHTP+wh8IZPgR4A/Z6bV9c/4Rz4ca6vi DT7j7Ra/bZbpZrqcJcP9l8tot13IMJGjYC/NkEn1/wDaI/Z78F/tL+A4Ph547vdQsdNt9QttSWTT ZIopzNa7tilpopl2Hccjbn0Iqj8b/wBqb4I/s6z+H4fi5r/9ir4nivprGQQSzxyLp8aSTZaJWAJE qBAeXZgqgmtP4A/tE/C/9pjwbceOvhReXF7pdpdvYzG5tZbVkuI0SQpiRQG+SRWyhYDIBIOQAD3K vkD4nfsY/D74k/HPRf2hoPEfiHwn4t0qO2hmfRL1LaG/gtZRKkVyrxSFkO0K6hgrqACCQDW/8Zf2 x/2ffgD4vHgX4q+I20fWZNKTWIoRazzedbSTvbIsRiRt8rSIwEY+bALEBQTU3wI/a6+CH7RWq6r4 c+Hmq3Ca/oqCW70vUbSWxvY4WIAlEcoG5MkAlSduV3Y3LkA6P4N/s9eC/gfr3xB8ReE7zULu5+JO u3PiDUVvZIpEiurl3d0txHFGViBc4Dl2xjLGqXw8/Zp+Hnw58XfFHxfp8l5qkvxdukutatdQaGa0 GxZkMUMaQoRGyzMGWRpMjHPXPiXjP/gpR+yN4C8Rah4T8ReKrhNW0jWLvRby3i0+6lkgubF/Lmdg sZJiD/KrrneQdgbacd38aP23v2efgR4jt/BfjTW7i58SzxLcHS9Nsp728iidQ6tNHGuIsqdwVyrb eduOaAPBr7/gl58JDb3vhjw58QfHPh3wHqc7XFz4VsdaxpDlzlkEUkTtsPRt5dj/AHsgY+/vh94A 8I/CzwXpHw98B6dHpOgaHALe0to8kIgJJJJJZmZiWdmJZmJYkkk15P4E/as+BPxL+FHiD4z+CfEq an4a8KWtzeaqUilW6so7SJppRLasomVtiMVG358fIWrwDVv+Cof7G2lNYsPFt1e293FBLLcWmm3c 8NoLhN6LcOsfyyY4aNdzqcqwBBFAHv8Apn7M3gPT/wBpDVv2op7/AFLUfFmpaYmkxW91LC1hY2yi MH7LGsKyIzeWSxaV+ZJMAbsD2fxf4V0Xxz4U1nwX4kg+06Tr1ncWF3F/fguYzFIvtlWPNcprnxm+ Fnhv4Y/8Lm1vxNZWvglrSK9TVGkzbyQTAGIxkZZ2k3AIigszEKAW4r5w+G3/AAUM/Zb+KPjHTvA2 ieIrnTtS1xwmmHVLC4sINQZiAq280yBCXJ2orFSzYVQSQCAe2fs8fAbw1+zX8MbP4TeDtX1TV9F0 6eea2bVpYZp4RcP5jxK0EMC+XvLMAVzljzjAFD4T/s4+CPg78R/iX8T/AAzfajc6r8VL23vtUivJ YXt4ZbYzlBbLHDG6qftD5DvIeFwRzn3+vym/4KT+O/Eug+Kvgt4G1rxZqfgL4U+L9WuLbxNrWkSm 3uE2eT5ET3AB8qMhpGOcggMxVhHggH6s1+efir/gnJ8NtS8ca941+Hvj3xl8M18VzPPq+n+GdVFl ZXUkhLSN5ZiYqXJJIJZBnCqBxXlP/BOrxF4guPij8avBHg3xjqnxA+DHhi8s4PD+r6tO12/2p0Ju Ibe4YASRrznb8uBG4A83LfrFQB5B8DfgZ8O/2d/h7Z/DP4Y2L2ek2rvM7TSGWe4uJMeZPNIcbpHw M4AUAAKAoAFT49fs/wDw1/aR8ByfD74nWUlxYiZbm2nt5DDdWd1GCqT28oB2uoYjkMpBIZSOK8X8 f/8ABQL9l74aa/4h8IeJ/Es48Q+Gr1bC40y3sbie7knZDJiFEQ70Cr80mQgOAWBIB9d+A37SPwf/ AGlfDd14n+EeuDVYNPlEF5DJE9vc2sjAlVlikCsAwB2sMq2Dgkg4APCfhl+wJ8OPA3xJ0r4reMvG Pir4n6/4cBGjP4q1P+0ItOOMK8KCNP3ijoSSoIDBQwDCT4kfsEfDfxn8SNV+LHgnxh4r+F3iPxFg axL4T1T+z49Rycs8yFH+dupKkKW+cqXJY5/ij/gpd+yL4V8S3vh248UXWoppcvkXuoafp11eafby ZxhriJCrDPGY94PY19r+FPFfhrxz4c0/xf4O1ODWNF1WJZ7W7tnEkM0bdCrD34I6ggg4IIoA+e/A n7H/AMGvht8E/FfwM8IW13aaX43s76z1jUmmWXVbs6hC8Ek0lw6FTIqSHy8psU87OWz33g34G+Ev A/wLtv2fdJu76Xw7a6TNoyzzyRNem3nR0Zi6xLH5gDnB8vGcfLXxj/wUO+JWpfDHxd+zprQ8S3Ph rQj48sTrMsV1JbQSafFJE84udjAPCE3FlYFcZyK9Y+GH/BQ/9lX4uePrP4beFPFE0Ws6q4j04X1j cWcN8xztEEkyKuWIIQPtLt8qgsQKAL+t/sNfCXXv2X9J/ZNvNW1tPCGjTLNDdRz2w1JmW4kuQHkN sYSN8hHEI+XHfk+rfE/9nrwX8WPiV8Nvin4ivdQt9W+Ft1eXemRWskSW80l6IVkFyrxSOyjyV27H QjJyTxjkPjb+2X8AvgF4it/BfjrW55/E91D9oTSdMtJ7+88o8hnSFWWPIGQHZSRyBjmtz4BftVfB T9pWx1S5+FmtNdXWhMq6hZXcElpd2u/O0yRSgZUlSNyllyCCQeKANP4Yfs9eC/hN8SfiT8UfDl5q FxqvxRu7S81OK6kie3hksxKIxbKkSOqnzm3b3cnAwRzk8J/s9eC/B3x38c/tCaZeahL4j8f21ja3 9vNJE1lEmnwxwRGBFiWRWKxKW3yOCc4AHA+d9X/4Kb/shaPrtzpMvia8ubGyuTaTatbaZdz6Yk6n BUXCRkP7MgZSOVJGCfNf28fjPB4Y1P8AZl8feHPGL6Z4O1bxrpt3f31levFZXWkFoZneZomCy25i JYhsqVJ4oA+0/h9+z34L+G/xd+Ifxn0O81CfW/iW1k2ow3MkTWsRsEaOP7OiRI65DHdvd8npivOp v2J/gxqEfxhtddOo6tZ/G25t7vWre5ni8uCa0Z5IWszFFG8ZSR943tIdyr2yDz3ww/4KH/sq/Fzx 9Z/Dbwp4omi1nVXEenC+sbizhvmOdogkmRVyxBCB9pdvlUFiBX25QB+bNl/wTG+Fd14fj8GePviJ 478beF7GB7fTdH1TW91hYZjMUUsMMUSL5sAOYs/IuAChXivW/Fn7Dvwn8afs3+G/2Zdd1XWp9C8I TRXGlal9phTVLeaAy+U/mJAsJ2JM0QBh+5j+MB6/LfW/jj8Pv2sv25tQ8M+LPiP4z0LwBCmk6f4W sNDF3p/nanc+Qjm6j8lvKUzSSBpZEUldn7wIoFftz8H/AI3fDv47aJq3iH4bX0l/ZaHqlxo100kE kBS9tVRpUCyqpYASLhhkHPB4NAHkPhf9jvwR4d8bfC74i3/irxH4h8QfCiy1Gx0+51O8guGvI9TW dJGvW+ziSRkWdljKOmAq7t2DnkPiR+wR8N/GfxI1X4seCfGHiv4XeI/EWBrEvhPVP7Pj1HJyzzIU f526kqQpb5ypclj6LcftjfAW2+Hvjz4oza1OPD3w21Y6Jrc32K4LwXwnjttiR7N0g8yVBuQEc56C vJ7r/gpr+xzaeKYfDT+MpHhmm+zf2oljctpYmyAV+1BNpAzy65QDktjmgD1bwJ+x/wDBr4bfBPxX 8DPCFtd2ml+N7O+s9Y1Jpll1W7OoQvBJNJcOhUyKkh8vKbFPOzls994N+BvhLwP8C7b9n3Sbu+l8 O2ukzaMs88kTXpt50dGYusSx+YA5wfLxnHy1o/Fr43/Cv4G+CT8Q/il4hg0TQd8ccc7B5mmklGUS GOFXklZgCcIp+UFjhQSPBfhl+33+zR8V9S1fQvDuu3VprGj2VxqL2GoWFxaXU9rbRmaSS3jdf3pE al9ikuV524BIAPePgd8HvDPwB+Feg/CHwdc3l5o/h1Jo7eW/eOS5YTTSTt5jRRxISGkIGEHGO/J8 a/aE/Y0+H/7QHjLQPidJr+u+CPHHhuE2tnrfh28FneC3Jc+U7Mj5UGR8FdrfOwJKnFfHn7JP7atn 8a/E3xw8I+N/FepNNealrE/h6RLCaJbDQLSB/LKlI1WKVIxv2uRKz9ctX1P+zr8U/hD8M/2OvD3x J1f4m3fiXwTp637HxPr6zR3l1nUbhCrxy75mdZMwxoNzMFXaDkCgDm/DX/BOr4O+HfiD4U+Lsvij xZrPjvwvqH9oPrepaol5d6kcKot7wzQMpgVFKKsSxuFZhvPBH0L8Mf2evBfwn+JfxJ+Knh281C41 b4pXVnd6nFdSRPbwyWSzLGLZUiR1U+c27e8hOBgjnPi3w2/4KI/ss/E/xfp3gfR/EVzpmp624TTD qtjPYwX7MQEEE0qhCXJ2oGKlm+VQSQD6H8Yv2xP2fPgH4vPgb4r+Jv7D1c6SutRxNbTyiW1ed7ZB EYkbfK0iMBEuXwC2NoJAB0fg39nbwP4I+MnxB+N2m3V9da18SorKHUra5eF7JEsYhCggjWFXG5R8 ++R8npgcV8v3f/BMz4MvqurWuj+LvF+heBdeuze3/g7TtXNtoNxIzBmRoFj3CJsAFQ+QAArKFUD3 D4Dftn/AH9o7XtR8JfDfW5v+Eg0uMzzadf2stldeSrBTIiyqA6gkbtpJXI3AZFfVVAHin7PnwH8I fs2fC3TfhH4Gu76+0fS5bmWKXUZIpblmupWmfc0MUKEBmIGEHHXJ5pvx8/Z7+GX7SfgVvAPxPsZL izjmW5tbi2kMN3Z3KAqs9vKAdrgMRhgykHDKRXzFf/8ABUX9jez0ey1i18VXepLeK8jQ2mm3Us1t EkhiMlyuweUMjIDEMVIYKQwJ+rNB+Pfwe8S/CVfjrpXiqzPgU273LapK5hhjSNtjiQSBWR1cbCjK H3fLjJAoA+b/AAB+wB8NPC/jrRPiL498YeK/ipq3hdi2jr4s1T+0bfTzxsaKLy0G9SAQTkBgGChl BHu/hP8AZ68F+Dvjv45/aE0y81CXxH4/trG1v7eaSJrKJNPhjgiMCLEsisViUtvkcE5wAOB4V4L/ AOCkP7JvjjxVp/hTT/E9zp76zL5Gn3mpafc2VjdyE4Cx3EyKi5PA8zYM4HUgV9C/G79oP4R/s7eG ofFXxb1+PRbS7k8m1jCPPc3UoxlIIIg0jkZG4hcKCCxANAFD4ffs9+C/hv8AF34h/GfQ7zUJ9b+J bWTajDcyRNaxGwRo4/s6JEjrkMd293yemK5DTf2R/hvpbfGxrfUdWb/hfEcsWubpoD9mWaCe3b7F iAeWdtw5Hm+byF7Agt+B/wC2Z8Av2gvEF14P8B63NB4ks4/OfStTtZbC8aIdXjjmUCQAcnYWKjBY AGqPxu/bc/Z7+AHi+DwD461m5n8Rywrcy2Om2c19NbW7ciWfylIjG35tpO/bhtuCCQDO8ZfsQ/CL xv8As5eGv2Z9XvtXXQPCElvPpeoRXESanBcWwkCS+YIREzbZXUjysYPADAMPoX4VfD9PhZ8P9H8A R67qniZdHjeMajrM4utQn3yNJmaVVQMV3bV+XhQAckZP56fsXfGuL40/tb/tDa74Y8VXXiPwTJB4 en0ZHnma1hSW2bzPJglx5LF1IkXap3AhhkV654t/4KTfsk+EPE994Zu/FFzqI0mXyL6+07T7m90+ 1kzjD3MKMjc8Zj3jORnIoA95039nvwXpf7ROq/tM297qDeKNY0JfD81s0kRsFtVlimDpGIhKJd0K jJlK4J+XOCPN/g1+xj8PvgR8WvEXxS+H3iPxDbW/iWS6muPD8t6j6Ks946u8qQeUH3qUARmkLKvy 5I4r3m8+LvwysPhlJ8ZbnxJZDwTFZ/2gdWWQPbG27OrJksSflCqCxb5QN3FfkP8Atn/8FDvg58Tf 2afFOhfBPxfq+heLZJbCbT5PIvNKmu7eO9iEz2s+E3Dbncu4MVz8uAcAH68fF34Y6B8Z/hp4h+Fn iie5tdJ8S2rWlzLZuiXCRsQSY2kSRA3H8SMPavH/AB1+yL8NviD8Jfht8Gta1LVodF+Ft1o93pk1 vNAt1NJols1rbi5Z4HRlZGJk2IhLcqVHFfRXhiSSbw3pM0zF5HtIGZmOSSY1JJJ6k1+Cvx3+PvgL 9of9tdfht4r+I3jHwr8NNC0xbOC38PJd2c0+vC6ELeYghc7Muf3zIVAQBWG7kA/a741/BL4dftBf D+++GnxP03+0dGvWWQbHMc0E8efLnhkXlJEycHkEEqwKkg/KnhL/AIJ0/CzSvE2g+IPiD408X/E+ 38JyiTR9M8U6qL/TrMoMJiARIGK4HB+QhVBUgYrtPil+3F+zV8APEafC3xJr93qXiDSoIxc2Wm2k +pXFrEqLhrl41Kq20hmBbfg5K8jPq/hL9pj4KePPg/q/x28G+JI9W8H6BaXV5f3EEchmtUsoTPOk tuVEqSLGN2wqGIIK5BBIAupfs9eC9V/aJ0n9pm4vNQXxRo+hN4fhtlkiFg1q0ssxd4zEZTLumYZE oXAHy5ySsf7PfguP9omT9plbzUP+Eol0L/hHzbGSL7B9l80TbxH5Xm+buGM+btx/DnmvJfhn+3/+ y/8AF/4l6T8J/h94kuNV1/W7fz7VUsLkQsRAbh4mkKYR0iUl92FUgqW3grX19rOs6T4d0i91/Xry LT9N06GS4ubmdxHFDDEpZ3d2wFVVBJJ6CgDxvRv2e/Beh/tCa/8AtJ2l7qD+JvEWjxaLcW7yRGwW 2haJ1aOMRCUSEwrkmVl5Py9Mez6ppljrWmXmjapCLiyv4ZLeeM5AeKVSjqcYOCpI4r4X0X/gph+x /rviqx8MWvi24t4tTm+z2up3WnXdtps02dpUXE0ahQCQCzhUGeWA5r2f48ftZfA39nB9OsfidrrQ atrA3WWm2cEl5fXCZK71hhDFULAgM+1SQQCSCKAPn/QP+CbPwj8PfCjxx8Ebfxn4un8GeN/se6xm 1C3kTTvsV4L5TYq9qyRs8q4kLKxdevzYYfVfxG+B3hP4nfBK++AuvXd7b+H7/T7fTXntpI0vBDb7 NjK7xPHvPljJMZHXgduc+A/7VHwR/aQi1BPhZr32vUNII+26ddQyWl9bAnG54JgrFM8b13KDwTni vD/EP/BS/wDZF8OQ3HneKLq9vbS6urSaytNOuZrqJrNgk0kiBAEiBbh2IDYO3dg4APQPih+xX8HP iz8OPBHw+8QyanZ3Hw5tbW10HXLC6W21iyW1jjiV1nWPyyziJC2Y9u4blCkAjmfhB+wl8OPhl8TI PjL4o8UeJPib41sYjBY6j4p1D7e9khBX9wNi4bazAFi2MkqFJJqD4tftsfCWy/ZS1v4+/DbxE2oW 2oW19p2jXNvaTSvFrYtJpbeK4hMZaHa8YLGVQgBBJ2sCfyf+Dd38I9f/AGYNe+LHjr4//ETQfF0h 06DxHqXmX9zDay311JJbx2iBVeUuttteRZX285wGAoA/pFr8Dv2KP2RNC+N/hr4pePIPHXiz4f68 vjrXNIuZ/DWpmxW909EtpkhuEKOG2vNIVIx9453YGP1G+OP7aX7PX7OniZ/B3xX8QSaVrH9lJrEV ulrNMZ7aSdrZBEyKVaRpEb5M5CgscKCa5O4/4KF/so2Hh3w14r1jxbJpml+LbC91DT5rqwu4hJFY SPDOuDFkyCRGRVUEuwwm7igDsNO/Y8+Deh/s5ap+zB4dgu9J8K61BJFeXNvLH/aM8krK0lxJPJG6 tMxUDc0ZAUBVUKFA9q8J/Djw14T+GGjfCKONtT8PaNo9voYS+2SvcWdvbrahZ9qojl41w+FVTk4U Divk7wx/wUo/Y98TaPr2sf8ACanSf+EdRZbi21CzuLe6kjdxGht4ShecsxHyRhnAILKo5r034A/t h/An9pTVNX8PfDLV531rRE8260++tZbO6WHcE81UkA3JuIBwSVJXcBuGQD54k/4Jg/B+O3vfC2ke PfHOk/D/AFCZ55vCVrrhXRmZ23FPKaJnMeeoZmckAl8gV9LfEz9kv4F/FP4O6d8DNc8PrYeF9DEZ 0pdPb7NPp0sSlUmt5MNiTDNuLhg5JLhiTXkHjj/gpH+yp4G1/VPDsmu32uzaHKYdQm0jTbi8tbR1 JDeZcKoiIUgglGYZBHUGsf8Aai/bP8GeHf2P7743fBjxOZ5/E0bWfh7ULe0ecJfZO4SxyRkQtGqS Z85QAwAIyRkA2/AH7AHw08L+OtE+Ivj3xh4r+KmreF2LaOvizVP7Rt9PPGxoovLQb1IBBOQGAYKG UEe8an+z34L1X9ojSP2mLi91BfFGjaG+gQ2ySRCwa1eWWYu8ZiMpl3TMMiULgD5epPwRffHz4bfG f9k34PeJ/EHxQ8ReDbmw8Q+HdK1DUrO0vFudS12PTTJNZzFdjSW85cu8o3RllHWvt748ftY/A79n CTTrH4n660GrawN1lplnBJeX06ZK71hhViqFgVDPtUkEAkgigD6PrwX4Rfs7eBvgzrfxE1zw3c31 /L8Tdaudd1SK/eGWJLi6Z2kjgWOGMiL5yArlzjqxqj8B/wBqj4I/tIRagnws177XqGkEfbdOuoZL S+tgTjc8EwVimeN67lB4JzxXh/iH/gpf+yL4chuPO8UXV7e2l1dWk1laadczXUTWbBJpJECAJEC3 DsQGwdu7BwAcxff8EyvhClxq+meD/HPjbwd4M8QSvNqHhfR9Z8jR5jIAGXyWidtjAYZWZuMKCAAB 7h8RP2M/gv8AED4A6d+zXFBd+GPBmly200CaRJFFcB7ZiwZpJ4pw7SMxaRmUs7Ektk5rs/D3jH4S /tdfBPUbrwJrrap4X8T21xp73Vo0ltdW0pXawwwSSGeIlXXIBHysMqQT4n+wd8XvFPjf4feIfhP8 TLo3fj34PatN4a1Wd877uK3ZltLtick+aiMpYklyhc/eoA+6K8I+Mf7PXgv43eIfh74l8V3moWt1 8Ntcg1/TlspIo45bq3dHVLgSRSFoiUGQhRuuGFe70UAeVfGf4LfDv4/eAL/4afE/Tf7T0W+KvhXM csM0fMc0Mi8pIhPB6EEqwKkg/Hmg/wDBNT4VReIdC1T4ieOvGXxJ0jwtIkmlaL4k1YXmm25ixsBh WJNyrjAUFUK/KysvFfoxRQB8efH79iv4c/HjxrpnxRTXtd8CeOtJgFtFrfhu9FldyQAkrHKSj7gu 44K7WwcFioArY+AP7IHwy+AGpa/4o0+/1fxh4s8VRrDqmueI7v8AtC/uYFA/cl9qL5eVBI2ljgBm IVcfVdFAH5wX3/BMr4Qpcavpng/xz428HeDPEErzah4X0fWfI0eYyABl8lonbYwGGVmbjCggAAfQ njD9kH4EeM/gHB+zZdaD/Z/guyWP7JHZP5VxbTxElbmOUhszlmYs7ht5Zt4YMQfpuigD8zZ/+CWv wb12xtoPH/j3xx4wvNNeH+zbvVNYS4k06GFw/k2ySQNEiSbVWTKEkD5dlfXmo/s9+C9T/aJ0v9pm e81BfFGk6E3h+K2WSIWDWrSyzF2jMRlMu6ZhkShcAfLnJPu1FAHzj+0P+y58Mv2ldP0dPGr3+la1 4bnNzpGtaPc/Y9T0+VipYwzbXXDFFJDKcEAjDAGuG+Bn7FHw7+C/j66+Leo+Idf+Ifju4ga1TWvE 999vuba3b70dv8ihNw4LHc2CyqQrMD9j0UAfnb4o/wCCbfwsv/EOv6x8OvHPjL4ZWHiuVpdW0nw1 qwtNNumfJc+Q0b7dxJ4JKAEqqKvFfW/wR+B/w5/Z5+H1l8NPhfpx0/R7R3lYuxknuJ5MeZPPIeXk bABPAAAVQFUAet0UAFFFFABRRRQAUUUUAf/Q/fyiiigAooooAKKKKACiiigAooooA8S/aS8VeA/B XwG8d+JfihZS6l4VtdKuV1GzgkaKS7gmXyjbq6MjKZi4jyGH3uuK/J67139q3xJ+xfrLeDfh74E+ FHwLfwpe3Nva6leXmo6k2jy27yr5LKxVp51bcjzKHLsGPzGv2f8AH/gTwv8AE/wVrXw+8a2Y1DQ9 ftZLS7gJK7opBg7WXBVgeVYHKkAjkV8E6J/wTI+FVppUPg3xT8QvHXivwNZEm18MahrZGkR45TMM EcWfLbDIAVAI5BycgH55anJaan+xR+xX4c8X7W8E6r44hj1sytiEwpqFxGElJwNhhebOTwBntX7A /tT6T+yza+G/B2tftKxRWumaJrdqugyxi8SWLU2VvIjh/s799ghMlf8AV/IpYfKtV9J/Yp+DFn+z XB+ytrv9oeJfBlo80ltJqM0Rv7eSWd7hZIpreKEK0ckjFDs6Eq25SVPm/gT/AIJ2/DHwz450Dxx4 28a+LviU/hB0fQ7LxPqgvrKwaLBidIhEmWjIBUZCDA+Q4GADy39gqHTNV/aU/at8S6/FE3jODxhL ZF3+aaLSo5Z1tlQn5hG4jHQANsXPQY+dv2+h+z94U+Cvx20L9ng/ZfGF94h0N/iBFatfCFPPlklh 3CT/AEUF5j8ywdWLB+RgfoP8ZP2G/h18VPiJcfF7w94o8S/DXxpqFuLW/wBS8LaibB7+FVVAtypR 9xCqACpXOBu3YGOp+GX7GPwI+GPwo8R/B+20mbX9J8Zl31651aY3F9qkj/8ALS4nURkMp5Tywmxs uuHJYgH5/fFzwD+2T4g/ZavPBHjeT4I6J8JxpNssV7DJrMMNnagJ9luLaVw8auCUMbbWyxHBzg59 58I/HWs618BPFvwP+MXhWf48+DfBENjHY3cz3tlq+jxrKFureR4jJ86SOpcxKXHIddhJ+i4/+CXP wkmt7HwvrfxD8da14B02YTW/hW71rdpKENuEYjWJSIwegUq4678kk+4fHT9iX4R/G6fwtrMV1qng TxF4JtVsdG1bwzcrp93aWaAqlsp2MPKQE7AApXLBWAZgQD5E+C3xcuh+0v4u+H37W/wu0jwD8VNa 8J3Fxc+J9Huj9nvtFgTEhkPmyiNRHCWEm8keVtYKVUV4f4O8GftQ/Ar9n3VtK+Dz+Df2if2c5odU lMDf6Petp/mSNeZZTDl1YPnDzsCMIBhQP0v+B37F3wy+C3ibWfH15q+t/EDxjr9obC71nxRe/wBo 3RtHxvgT5EURvgbgwZsDG7bkV4bP/wAEvPhRbnVdD8KfEXx14W8E63JJJeeGdM1kRaW4k+9H5bRO TGQcEOXJHG7pgA+nP2QPH/gL4nfs3+CPGXwy0D/hFvDt1ayRW+lbt4smtp5IJYVf+JFlRtrYG5cH A6D5K/aNRrv/AIKV/sw2mqsRpsWn6/NACfl+1LaTt06Alki+vFfot8PPh94R+FXgrSPh54D09dL0 DQoBb2lujM2xASxJZiWZmYlmZiSzEknJr4y/b6+HPiC58NeDP2j/AAJbNe+J/gbqq6+LVB895pWU Oo2698mKMP1+6rADJFAHBftkf8nqfsf/APYU8Q/+irKvkr9nQftYan+1H+0v4i+B8XgS48RxeKrm z1F/F51F7+GzjuZ1tI7U2nS2KIF567E7KtfqvrPwp+Ff7SXiT4P/ALSFrq99MPBiT6roLWcsSWtz HqsUJP2lJInc4WNcKjxlTuDZ6DhfjF+w18N/in8R5fjF4c8TeJPhp45u4Bb3mq+FtQNhLexqqoBc Ao+4hVC5UoTgbt2BgA+Kfg78OfEOmfHf9ou9/aC8deAtEt/GHg+4g8WaX4QvruM6dI8cMYv5oLqM CP8AcSys8hlJ8yTO352x5tBov7U/wG/Zll0eDTPBf7RX7NlpYzXYMTNaXI0mOZrlpDgxkMjgu2Bc MhGc/Lx+pPwN/Y3+DHwJ8M+J/D+kW934lufHCyJr+pa7ML2+1OOVWV455NqKYyHfKhRu3EsWPNfO kf8AwS3+FFtZ3HhKw+JHjyz8AXMpmfwrDrYXSiWcuYzGYSTGSec5c9S+eaAPIfiRonhv4+xfs3/E /wDZd8a6P8OPiVo+jSzeFfDWuYlim04wtFJAqbJseQIJY1cRsGUEgqVUjoPg18W/Hmm/tmeHPAX7 W3wl0XRPix4i0a4h0XxXocxeO6s7VJpWjkj82UAMscg3EhwQoMYUqV+tPjJ+xF8E/jB4W8H+HBHf +Drj4fRLB4f1LQLn7JfafCiqoiSR1k3J8in5gWBBIYEsTV+CX7E3w9+D3xBb4vav4m8R/EXx19mN nDrHijUDfz2sD7g6W42psDBiDuLEAkKVDMCAes/tOahr2lfs4fFLU/C7PHq9p4X1mW1eNisiSpZy lXQjneuMrjuBX5M/sZ6D+2ef2TvD9l8H7D4RXPw91a2vGnGtLqzXdx5ksiXQ1Hyf3LSAgow6BFVf ugV+6kkcc0bQzKHRwVZWGQQeCCD1Br83dY/4JjfCV59Z0/wJ488a+A/CfiOV5dR8OaJrAh0mYuMO ohkifCsOCHLjHygBQAAD81fiB4Rv/BP/AASq1bwtc+L9C8Y2dt46iNlc+Hbya9sbe3m8uQ24eeOJ ldZmkcrgjDg7iWNfc3/BUnwR4X8D/sPr4d8Labb6baafqOiWMQgiSPEFuXWNTtAyFySB6knua+rf Gn7EnwR8X/s86f8AsyWsN94c8GabPBdR/wBmTRrdtNC5kLyS3EU4dpHYlyVyc8EDAHov7Rn7PXgv 9pz4bSfC7x7eahYaVLd294ZdNkiiuPMtiSoDTRTJtOefkz6EUAfCv/BT/wAKab8Pf2JovDPgmwi0 nRINS0PTb4WsSxkaZbsxjQ7AMgTCMgHjJ9TX0L+134U+EcX7CvjvRhaWMXhHSvC8suiiMJ9ninhg zpjQN0yZvKCEHLbsc7jn6u8e+A/CXxP8Hat4A8d6bHq+ga5Abe7tZchZIyQeGUhlZSAyspDKwDAg gGvgrTf+CY3whij07w94k8d+N/FHgbR547iy8K6nrXmaNE0bbgnkJEhKDoAGUgE8nJNAHw7q2jSf ESL/AIJ1aV8RIP7QS7iv2miul8wTwWw0+S3EgfO9XjjjznIIPcGv36s9PsNOR49PtorVJGLsIkVA zkAFiFAySAOfavCfH/7Nvw++IXxA+F3xEv5bzTLv4Ry3UmjWlg0ENkRdJDGY5omhclEWBAixtHjn qMAfQNAH5P8AxR0fwjrP/BXP4YJ4rjhmktPADXOmxzYKm/iu9SKFVPBdI/Mde4KhhyARqftI29hY f8FH/wBmbUPB6RL4q1C11yLVgh2ySaVHbt5RlA5KgG52bh1Xg8DHmn7TvwY8O/Hb/gpp4J8EeJb7 UtIiX4dre22oaRcmzvrO7tdRvnimgmAYK6nplSOemcEfb/wF/Y4+H/wN8Yar8TbjXdc8feOtYhW2 l13xNeC/vYrZf+WML7F2KcAHqcAAELxQB8nf8E/PBHhfUfjd+1h4q1PTbe91CX4g6nYCSeJJGS3j vLmUopYHAZ2BYDqVXPQVc/4J4Wml6h8cP2o/EniJYpvHkfja7tLmR8GeLTlmm8hI85ZYWZGAxwwR c52rj7n+DX7Pfgv4Ha58QNf8J3moXdx8R9dufEGoreyRSJFdXTs7pbiOKMrEC5wHLtjGWNeP/F39 hn4c/E34kz/GPwz4o8S/DPxtfwi3vtS8K6j/AGe99GoVQLhSjgkKgGV25wC24gUAfnv8RbfStC/a t/bL0TwGiQaLe/CDV7zWYbf5bcav9iiKsyr8vmsssjHvueQ9S2fp39nHwJ4Utv8AglqujppsBtta 8G6xe3gManz7ieKeQyucfM6kLtY8qFXGNox9GfD/APYt+DHw2+FXjn4WeHhqMg+I9pe2eu63d3C3 GtXgvoXgeR7l4yu5VkZkHl7A5LFSWbPp/g34G+EvA/wLtv2fdJu76Xw7a6TNoyzzyRNem3nR0Zi6 xLH5gDnB8vGcfLQB+A/xBuPE2ofsD/sg6DavYtpep+KJo7kaw8g0pp476dLVL/yvm+zbWk8zb8wQ Hbz0+mv2xfh9+2Z44+ENro/7QOtfBvwT4fsNQtHsNWguNYsbmzvIyfKW1mlSRULKrKQEPyAnjbkf oxbfsa/BU/s2WH7K+u213r/g3TFk+zyXsyfb45XnkuFnWaCOJVkR5W2lUA2/KwYFgfE9B/4JqfCq LxDoWqfETx14y+JOkeFpEk0rRfEmrC8023MWNgMKxJuVcYCgqhX5WVl4oA+/fDT38nhzSpNUmjuL 17SAzywktE8pjG9kJAJUtkgkDjsK/HXxn4S1D9vj9sb4m/AX4p+Jr3Qvh38J7aE2WhafKsEt9eTx hBfy7lbzBGzlgSpCho1GNzl/2lr4v+O37Dvwx+Nnj2D4t2Ou698PvHkMH2Z9b8MX32G5uIgoRVnO xt21BtDLsYrhWZlVQAD8sfhH8cv2lv2YPjB4P/4J5213oqHTPFMMcetzLEUn0K+/f+U0ZK7ZWVzI mX83eVh5+Xd/Q9X5r3v/AASs/Zgv/At34YuzrN34gvb2PUJPFNzeibXDOn/TYxiPYwJ3L5fJIY/O qsv6N6bYQ6Xp1rplu8kkVnEkKNNI00rLGoUF5HJd2IHLMSSeSSaAPyx/Y38NaLe/t1/tZ+LLq0jk 1TStR0m0tp2UF4or1bl51VjyN5gjzjrtFeIyw6j4U+Nn/BQGHwGn2G4XwtBexrANmJ5dMlnllULj 94WkkcHruOeSa/VL4Y/s9eC/hP8AEv4k/FTw7eahcat8Urqzu9TiupInt4ZLJZljFsqRI6qfObdv eQnAwRzlng39nXwN4J+MfxC+NunXN9da18SorKHU7a6eF7JEsYhCggjWFXG5R8++RwT0wOKAPBv2 A/DHwzf9hrwNp9hZ2Vxoms6VO+sK6o0VxcyvIl99pLZDYYMjb+iqF4AAHlP/AASSuZZP2dfFVhZy yTeHtN8Z6vb6I0jMw/s/y7eRdm7PymR3PHVi3fOeqvv+CZXwhS41fTPB/jnxt4O8GeIJXm1Dwvo+ s+Ro8xkADL5LRO2xgMMrM3GFBAAA+5/hv8OPBfwk8E6V8PPh7pcWj6Do0Qht7eIdB1Z3Y8u7sSzu xLMxJJJNAH5vf8FMPD2leLvGH7M3hTXoFutM1r4hWFldQuAySQXEsMciMDwQysQQat/8FM9J0yys P2f9cs7WKC+034jaLbW0yIFeGF1kcxoQPlUtEhwOPlHpX2v8ZP2evBfxv1/4feI/Fl5qFpc/DbXb fxBpy2UkUaS3Vs6OiXAkikLREoMhCjYzhhR8d/2e/Bf7Qlj4UsPGl7qFlH4P1208QWh0+SKMyXVm HVEl82KXMR3ncF2t0wwoA+Ab34meMdc/a++Kth+xl8J9F1Pxxo8dnYeLPFviTUrkW5cLsit4rZJd yIvklT5WC5i+ZQEUnyv9mEeKLf8Ab7/aDg+PWqaEmrt4MWTxBceHzLb6XCNtkZCjTYcNFC2JHbne GJ5zX258Rv2BvAXjL4r6v8ZPB3jrxd8M/EHiRVXV28L6mLGO+2gKWcGNyHIAJIO3d823cSx2/g3+ wd8EvgV8R7r4m+BrnWG1DVdHm0fU7e/vEvbbUluJVmnubrzomlaeV1UsVkWPjAjAJyAfnJ4O8Gft Q/Ar9n3VtK+Dz+Df2if2c5odUlMDf6Petp/mSNeZZTDl1YPnDzsCMIBhQD44698LPj58H/2L5vCH hldA8FeJPHFppraI582O3iF4tpdW+T9+PcrhSQNykEgZwPr2f/gl58KLc6rofhT4i+OvC3gnW5JJ LzwzpmsiLS3En3o/LaJyYyDghy5I43dMfQ3iH9jr4O61pPwm8Pacl7oGk/BnVrbWNDtdPmQRtPay LKq3JnjmeRHddzkMrsSTvyc0AfLf/BTPSdMsrD9n/XLO1igvtN+I2i21tMiBXhhdZHMaED5VLRIc Dj5R6V+p1eEfHf8AZ78F/tCWPhSw8aXuoWUfg/XbTxBaHT5IozJdWYdUSXzYpcxHedwXa3TDCvd6 APzE+Bn/ACk9/aU/7Anhv/0gs6g/4JVzRL8KPitaM4E1v8R9dMiE/MoMFpgkdgcHB9j6V9meFP2e /Bfg/wCO/jf9oXTL3UJfEfj61sbS+t5pImso47CKOGMwIsSyKxWJS26RwTnAA4HzT4u/4JufCLxD 4+8SeN/DnjDxf4ItvGkz3Gu6RoGrCz0/UJJGLyeZH5TNtdmYshYqNxCBBQB+YEup2Wt/sB/tj6zp sontL/4jpcQyKQQ8cur6e6MCOCCCDX6FftUeBPCmi/8ABLvUPDWn6bBFY6P4Z0We2RY1HlzxyWz+ aOOJGYsWbqxZsnk59ZsP+Ce/wL0j4I/EH9n7RLzWtP8ACXxF1aPVrpIrmAz2TwzwTxwWbvbsFhQ2 6KBKsr7c5ck5H0F8R/gb4S+J/wAEb34Ca/d31v4fv9Pt9Nee2kiS8ENsYyjK7xPHvPljJMZHXAHY A/KzxCLDxJ+0B+wboHxCSO48Mt4T+2QrcnMUuqjS42i3BuCwmjtivUliBjmv0N+NGn/sv2fxu+E/ iP4uKkHxHlu57PwhKhvRPJMSnmI32T5GjXeP+Pn92u9v7zVY+Jv7IHwh+LXwi8K/B/xat/8AZfBF vZw6LqttcLBqtk9lEkKTRzqmzzGVBvBjKE4OwFVK8V8Hv2F/h38LviTF8YfEnirxL8S/GVjC0Fhq HirUP7QexjZSh8gbEwxQlSzFsAnaFycgHy9+x6R/wj/7Zy9x418U8f8AAJq+IdJisdS/ZA/Yg8O+ Mih8Cal471BdaSY4t3A1u4WNZiSAEMbzhs9FJPav2C0b9hf4aeGvjJ4t+MPhrxN4k0pvHH9oSato sF9GNIubjU4pIp5mgaFmLgytKm5yEk6fJ8lb1h+xR8EIf2Z7D9lLWre91/wbpjTyW019Mn9oRTz3 M10J0mgjhVZI3mcIRGBs+VwwLbgDwH/grFpPgyP9jfVdT1OKG21fRdR0o6BIAI5YbtrmNHWAjBH+ i+aSF7LnHygjy2/0NfF//BTj4IX3juzW51Ow+FltqUiTpu2ags1+C5Vh99HdmUkZDAEYIFfQvhL/ AIJ0/CzSvE2g+IPiD408X/E+38JyiTR9M8U6qL/TrMoMJiARIGK4HB+QhVBUgYr6M1L9nrwXqv7R Ok/tM3F5qC+KNH0JvD8NsskQsGtWllmLvGYjKZd0zDIlC4A+XOSQD4s+KmnWVh/wVc+C2p2UKwXO qeEtWS6dAFMwhhvdm8j7xHABOeAB2FfqVXhHiP8AZ78F+KPj74S/aL1C91CPxJ4N0+602zt4pIhY yQ3ayq7TI0TSFwJW2lZVHTIPOfd6APyd/wCCQHhHw5B+yLc6p/Z8Elz4i1nUFv3eNWM8cQSFI5CQ dyBQcKePmbjk5/MHWG1fTv8AgnO3hvSJI7fRJPjNPY3QuJJFtVtUtN8aXHl/N5AlVXfHIKgjnFf0 U/s5/s9eC/2YvhpB8K/AN5qF/pNvcz3Sy6nJFLcF7hgzAtDFCm0Y4+TPqTXA+DP2K/gn4S+C/ir4 CXsN74l8JeMNTudWvY9UmjaYXNz5RzFJbxwbBG0SNGQNykZ3GgD4A/aj+Hn7ZnjH9nm98HfGq7+C nhXwBALIQ38Emr2v9nmORBbG0kkWSOMniMYQ5RmXGCa88+Lcfxw1b9sv9nHRvC9/4V8Q+KtO+HFh d6XceIpru50G81Mx3H2u7gaFVleZxGJImKgkLG5AYAD7OsP+CYXwlkuNG03xr4/8b+NvCHh2VJbD w3rOsCfSovL4VDEkSHYBwAhT5eCSCQfpT9oH9lH4T/tHaPolh4wivNI1HwvJ5ujato04stQ01vlz 9nkCsgU7F+VkIGAVwwBAB+dnxA8DftQ6v+1R8B/HHx88S/Cvwr4g0fWFSxj0W71S11XVrCWWJLu1 QXMcnnfu2ZYkJRd0jDdhjXrP/BP230+8+O/7VGu+II4m8br42uba4Zjumi0xZZvsqIT8whJVgMYD BFz90Y9x+EH7CXw4+GXxMg+MvijxR4k+JvjWxiMFjqPinUPt72SEFf3A2LhtrMAWLYySoUkmrXxh /Yd+H3xS+Jb/ABg8O+K/Evwz8X3lutpqN/4Uvxp0moQLgAXH7t9zgAAMMcKu4NtXAB8BeDbbT/Bf xc/4KAL8H1S1On+H/PtRZnZ5F8bG6lufK2fdeO5MmFGMMMADpUP7Geg/tnn9k7w/ZfB+w+EVz8Pd WtrxpxrS6s13ceZLIl0NR8n9y0gIKMOgRVX7oFfo/wDs6/sXfCL9mLXvFOv/AA7utWu5PGFvZwX0 WqXMd3GTaKwMqnykkLzs7yS73ZSzHYqLhR4lrH/BMb4SvPrOn+BPHnjXwH4T8RyvLqPhzRNYEOkz Fxh1EMkT4VhwQ5cY+UAKAAAfmh4l8KX3gr9gbwN4J8ReMNB8XeCH+LNrHf3fh6/nurC30maAzPbM 80cTKFmMkjDBAyjbiWOP0J/4Kz+HPAY/Yuup7y1tbe50XUNLXQQionlSPKsTxQYxhTa+Ydi8bVzj 5QR9jwfstfA+3+Azfs2R+G4v+EEe2aBrUsTIXZvMNx5p+f7R5n7wSZyGwRgACvkTU/8AglX8IfFH h1fCnjz4j+PfE+lafGsOj299rMcsekRq6H/RInt2iViieUdyFfLJAUMFZQD9IPCn/Ir6P/152/8A 6LWvzj8If8pbfG//AGTGH/0vsa/TDT7KLTbC206Alo7WJIlLcsVRQozjHOB6V4ppv7PfgvS/2idV /aZt73UG8UavoS+HpbZpIjYLaLNFMHSMRCUS7oVGTKVwT8ucEAHwx/wSqtNLvPDHxi8Va0sUnxAv fHOpxa3M2PtQRVjeJGz8wj81pivq27+7x8+W9vpWhfFX/goN4Y+HqJF4Pj8HXU80NvxbRaq2lzGd Qq/Iree1yCBjBUjHy4H3z8SP2CPhv4z+JGq/FjwT4w8V/C7xH4iwNYl8J6p/Z8eo5OWeZCj/ADt1 JUhS3zlS5LH0LwL+x98Gfhv8E/FfwL8I213aaX43s7601jUmmWXVbs38LwSTSXDoVMipIfLymxTz s5bIB57/AME6vBHhfw7+x/8ADC803TbeO7vLCS/luBEgme4u5ZGkcvjcTtITOfugL0AFef8A/BWS /wBZsv2L/EcWl7hbXmo6VDfMucram5V+3rKsYweDmvuH4R/DHQPgx8NfD3ws8Lz3N1pPhq1W0tpb x0e4eNCSDI0aRoW5/hRR7Vt+OfA/hT4leENW8B+ONOj1bQdcga2vLWXIWSN/dSGVgcFWUhlYAggg GgD51+NnhH9lKH9l6PS/jDa2cfwc0a106WIx+eIooEeNbR4Gsv3+WLKoMXzMGIOQzZ+M/wBmNfBn iP8A4KPfFzWLkrdzaZ4W0A+EzceY0kejTWNoTJCLj96GKPHvZvnBkcNgswPrWmf8Ewvg9DdaRpni bxx408V+CtAmWew8K6rq4n0aEqchPJWJD5Y7KpU44YsCc+3/AB3/AGM/hh8c/EujfED+0tY8DeNv D0AtrLXvDN5/Z98luN22FjsdWjG9sYUMASoYKSKAPlj4k2+laH/wVl+Ek3gpEg1XXvC+pjxItv8A L5tslvdm2e5CdW3xIAWGTsj9Fw//AIJU+GNDi8IfGfxctnH/AGtf/EDV7Ca42jzGtrWKCWOMt12h 55Djpk19a/AP9kP4Y/AHXtY8b6Ze6r4t8a+IEWO/8Q+Irv7fqcsa4/diUqoRCQMgDLbVDE7Vx2Hw B/Z68F/s5aB4i8OeCLzUL228Ta7eeILltRkildLq9SJJEjMMUIEQES7QwZgScseMAH5Y/s66faaJ +zB+3N4e0uJbbTtN1fxvDbQIAscUaafKiqqjgAKqjjsBXEfHv/lDZ8Ovpo//AKUS1+q/hP8AZH+G /g7wb8XPA+majq0th8ZrvVrzWHmmgaaCTWInhnFoVgVUVVcmPzFkIONxbpWN4u/Yr+FnjP8AZo0X 9lbVNU1mLwnoX2byLqGe3XUW+yuzpvka2aI5LHdiEcdMUAfLvxP8KaF4q/4K4fDca9aRXsek/D57 6GOZBIgnju9RSN9rZGUL7lPZgCOQKj/aN8HeGNd/4KSfsyeHNS023l0yLTtbu1tjEvlCazgubuFt mNuVmjVxx94Zr7u1H9nvwXqf7ROl/tMz3moL4o0nQm8PxWyyRCwa1aWWYu0ZiMpl3TMMiULgD5c5 JTxZ+z14L8Y/HfwP+0Lqd5qEXiPwBa31pYW8MkS2Usd/DJDIZ0aJpGYLKxXZIgBxkEcEA+EPi94L 8Mat/wAFZvg9e6hp0M8n/CI3V629Ayvc2hvhBKwPBePgq3UFVI+6MT+M7zQvB3/BU6fxLf8A+h2H /Cqbm+1OWLKM8dvcS73YrhiyxwqAc5+UYPAr7o139nrwX4g/aC8N/tI3t5qCeJvC+lT6RbW8ckQs Xt7gylmkjMRlLjzmwVlUdMqec1NZ/Zs+H3iD49L+0Lq017ca5/wjsnhh7FnhOmy2EsjyOXiMRlMh 8xlJ83bt4255oA/Nj9m/xh+0T4y+E1xN+x38KvBXwu+Dmo3WoSQXniu/vNQnuFEjRXNxIscjMTlG UiUMihdgYooNeBfABw//AASF+NiRurpHq+oqpQEJt/0A/KDyF5yAa+/9I/4JjfCnQ47zwzpfxD8d 2vw/v53mn8JQ64YdIlEhy8MiJGJGiYcMN+8jGXJGa9o+H37Enwa+G/wd8dfAbR5dUu/Bfj66uru5 s7q5jc2bXcaRlLSSOJHVUEaFPMMjAqCWbJyAfB/7WpB/YX/ZNIOQde8B/wDponr1L4KWml6v/wAF TPjxe+NFin8Q6LomkroKy4JhsJLa2897cN0PzoHZeQZHHAZgfYNM/wCCeHwxtPhXovwg1Xxt4u1n Q/DviSy8S6eby/tpZbaawge3htYy1qVS12OSY1UHdyrLyD6T8fP2OPhr8evFWk/EefVda8FeOtDi 8i08QeG737DfiD5sROxV1ZAXbsHwSA20kUAfKnxJt9K0P/grL8JJvBSJBquveF9THiRbf5fNtkt7 s2z3ITq2+JACwydkfouH/wDBKnwxocXhD4z+Lls4/wC1r/4gavYTXG0eY1taxQSxxluu0PPIcdMm vrX4B/sh/DH4A69rHjfTL3VfFvjXxAix3/iHxFd/b9TljXH7sSlVCISBkAZbaoYnauOw+AP7PXgv 9nLQPEXhzwReahe23ibXbzxBctqMkUrpdXqRJIkZhihAiAiXaGDMCTljxgA+Lf8AgmTp9poj/tC+ HtLiW207TfiRq8NtAgCxxRphFVVHAAVVHHYCj9meM2f/AAUc/aks9KYnTJLbQJp8Hj7U1tG3I6ZD PMPzr6r8EfCz4Vfsh+G/ih8Rk1e+XSdf1LUPFusy6hJFIsEsgMkqW4iiiITjCI29ycDcSa8h/YE+ GviLTvCPi79oXx7bGz8V/HHVX8RS2zDDWemsXOn25zzlY5Gf2V1UjKmgD78ooooAKKKKACiiigAo oooAKKKKACiiigAooooAKKKKACiiigAooooA/9H9/KKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACmsqupRwGVhgg8gg06igCG3trezgS2tIkghjGFRFCqo9ABwKmoooAKKKKA CiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAK KKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoo ooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAILm2tryB7W8iSeGQYZJF DKw9weDUwAUBVGAOABS0UAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABUU/neTJ9m2iXadm/ O3djjOOcZ64qWigD8zfC/ib4sfD61/aruPiT8R47zXfDemWN5barJbyQ6Zpc9xpEkyC1s1aZkhik KgBd8kpXcwZ2INf9jbxd4+X4uz+D/GNv4n8Mwaj4MsNV/snxfqU+qXd/qS3Gy81GylkeZIIR5iJL Bvjbc6EQRgGvsnWf2fPh74jm+Jh8Qpc6ja/Fi3tbXWLaSRREsdpa/ZE+zlFV4yU+YkuxDgFdvSsn 4a/s66X4B8a/8LE1vxfr/jrxDb6adGsrvXp7aRrLT2kSR4oltbe3UtI0aGSWQPI+0ZbrkA+h6KKK AP/S/fyiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKAP/2Q== --000000000000433d7005b582c50b-- From nobody Wed Dec 2 14:29:41 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4F3DD3A159F for ; Wed, 2 Dec 2020 14:29:32 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.479 X-Spam-Level: X-Spam-Status: No, score=-0.479 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_IMAGE_RATIO_02=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=pingidentity.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vBYjtdPh2vnD for ; Wed, 2 Dec 2020 14:29:30 -0800 (PST) Received: from mail-lf1-x12a.google.com (mail-lf1-x12a.google.com [IPv6:2a00:1450:4864:20::12a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8B1D93A15CE for ; Wed, 2 Dec 2020 14:29:29 -0800 (PST) Received: by mail-lf1-x12a.google.com with SMTP id z21so7187751lfe.12 for ; Wed, 02 Dec 2020 14:29:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=google; h=mime-version:from:date:message-id:subject:to; bh=a4SsyenOgFCMHv4oL4WnxKwqgVCEzzdRNHOo7NX5Kuk=; b=c5Gpc+KQF0Xv9GcKRSvpVPD/qb1SIR4F3psII+mqyJ9KRF90k1kxvgzEmVrgvK3MCt EcZgFSjVrX7UbCnmINEJF+8JbN220SkeQ0Vrd9NSgQ5D6tHCakD76n2O4KDbeDVFf7xG BaFV0MB4J7fr5EBI9/LOEqIi976tvyDHHRSFP1NPBAPKdmRrScrb82AuEK5dO2Bhe+AB cp+NcvqCJq7p0IRaSpvnSB7mV26ZOfEmIICFI3WNjJXXxk5jBq7oO8UVOFRWRHRn/TEO czPX+tc0fIaTohgYTy1LBwLa7P6FpFODzOR1hAyaXBvyTSVIIcUiwOiUCK6HO+EBMuTD ejMw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=a4SsyenOgFCMHv4oL4WnxKwqgVCEzzdRNHOo7NX5Kuk=; b=KyseysEGmhX2otjQrehJsp1tmegpF+9oJbWjGeGUnp6Y760PCeKQsUWAq/q2jBdoM+ Wrnyie5SFfP49KajquvgmWFQM/zVZ4sU8M0mEpHZEYVDHp6uDH1CdnQLOGCTrXyG+CwI xc3tsoD+3M1VeLvLDY4egVyKxiu4eomlI9L6d5buJdpDq/ADx0tRdFD6IGYnLJmAWl8I 0bhL2a8w0PLWDpNSul9PFLaVmQnqEdeifOA05JE8V9nN6b0paHuJd1NRP577NuUPeUXe 9y7NCuT4yljdr6PhO/Ennudj9rRj7yeCNF0tuLNr1IS5iGGQP0HzDmFKFgHpFuCE8U5H fhnA== X-Gm-Message-State: AOAM532Yk0gZGL4h63C4PE2CoPt2MnMBfk8dTvGRp4BvNT2hyD5rhQuz ueiNF35O5tePiGuoYM5a4fWiANmd3Kjh7qOgxlNtcSvdx8TRW7CaQu78/VMx45PPeFZT20E0iNe Lm4e8E9qHXT5OzTUmLaI= X-Google-Smtp-Source: ABdhPJxNSNMYVgNYVnd2iaySqh2lB26Zb3snUwK5bGNtpgulwiTnPXWnncLL2nKHocdM6RWPNYOnwYyQRyaW91wmUZ0= X-Received: by 2002:a19:642:: with SMTP id 63mr102297lfg.181.1606948166891; Wed, 02 Dec 2020 14:29:26 -0800 (PST) MIME-Version: 1.0 From: Brian Campbell Date: Wed, 2 Dec 2020 15:29:00 -0700 Message-ID: To: oauth Content-Type: multipart/related; boundary="000000000000a93fa605b582c690" Archived-At: Subject: [OAUTH-WG] DPoP followup III: client auth X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Dec 2020 22:29:39 -0000 --000000000000a93fa605b582c690 Content-Type: multipart/alternative; boundary="000000000000a93fa405b582c68f" --000000000000a93fa405b582c68f Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable There were a few items discussed somewhat during the recent interim that I committed to bringing back to the list. The slide below (also available with a few extra spelling errors as slide #19 from the interim presentation ) is the last of them. To summarize, I'm wondering if there's WG interest in working to formalize a client-to-AS authentication mechanism based on DPoP. I think it potentially would be problematic to put into the current document (for a number of reasons) so am preemptively ruling out that option. Thus, basically, I'm asking the WG if there is some/much interest in the idea? In which case I'll find some time (at some point) to write up an I-D for it and bring that back to the group for consideration. Or if I should, as the slide says, "shut up and never speak of this again"? [image: Slide19.jpeg] --=20 _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged= =20 material for the sole use of the intended recipient(s). Any review, use,=20 distribution or disclosure by others is strictly prohibited.=C2=A0 If you h= ave=20 received this communication in error, please notify the sender immediately= =20 by e-mail and delete the message and any file attachments from your=20 computer. Thank you._ --000000000000a93fa405b582c68f Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
There were a few items discussed somewhat during the = recent interim that I committed to bringing= back to the list. The slide below (also available with a few extra spellin= g errors as slide #19 from the interim presentation) is the last of them.

To summarize, I'm wondering if there's WG i= nterest in working to formalize a client-to-AS authentication mechanism bas= ed on DPoP. I think it potentially would be problematic to put into the cur= rent document (for a number of reasons) so am preemptively ruling out that = option. Thus, basically, I'm asking the WG if there is some/much intere= st in the idea? In which case I'll find some time (at some point) to wr= ite up an I-D for it and bring that back to the group for consideration. Or= if I should, as the slide says, "shut up and never speak of this agai= n"?

3D"Slid=

<= /div>

<= span style=3D"margin:0px;padding:0px;border:0px;outline:0px;vertical-align:= baseline;background:transparent;font-family:proxima-nova-zendesk,system-ui,= -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ub= untu,Cantarell,"Helvetica Neue",Arial,sans-serif;font-weight:600"= >CONFIDENTIALITY NOTICE: This email may contain confidenti= al and privileged material for the sole use of the intended recipient(s). A= ny review, use, distribution or disclosure by others is strictly prohibited= .=C2=A0 If you have received this communication in error, please notify the= sender immediately by e-mail and delete the message and any file attachmen= ts from your computer. Thank you. --000000000000a93fa405b582c68f-- --000000000000a93fa605b582c690 Content-Type: image/jpeg; name="Slide19.jpeg" Content-Disposition: inline; filename="Slide19.jpeg" Content-Transfer-Encoding: base64 Content-ID: X-Attachment-Id: ii_ki7r7h4z0 /9j/4AAQSkZJRgABAQAAZABkAAD/4QCARXhpZgAATU0AKgAAAAgABAEaAAUAAAABAAAAPgEbAAUA AAABAAAARgEoAAMAAAABAAIAAIdpAAQAAAABAAAATgAAAAAAAABkAAAAAQAAAGQAAAABAAOgAQAD AAAAAQABAACgAgAEAAAAAQAAA+igAwAEAAAAAQAAAjMAAAAA/+0AOFBob3Rvc2hvcCAzLjAAOEJJ TQQEAAAAAAAAOEJJTQQlAAAAAAAQ1B2M2Y8AsgTpgAmY7PhCfv/AABEIAjMD6AMBIgACEQEDEQH/ xAAfAAABBQEBAQEBAQAAAAAAAAAAAQIDBAUGBwgJCgv/xAC1EAACAQMDAgQDBQUEBAAAAX0BAgMA BBEFEiExQQYTUWEHInEUMoGRoQgjQrHBFVLR8CQzYnKCCQoWFxgZGiUmJygpKjQ1Njc4OTpDREVG R0hJSlNUVVZXWFlaY2RlZmdoaWpzdHV2d3h5eoOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0 tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4eLj5OXm5+jp6vHy8/T19vf4+fr/xAAfAQADAQEBAQEB AQEBAAAAAAAAAQIDBAUGBwgJCgv/xAC1EQACAQIEBAMEBwUEBAABAncAAQIDEQQFITEGEkFRB2Fx EyIygQgUQpGhscEJIzNS8BVictEKFiQ04SXxFxgZGiYnKCkqNTY3ODk6Q0RFRkdISUpTVFVWV1hZ WmNkZWZnaGlqc3R1dnd4eXqCg4SFhoeIiYqSk5SVlpeYmZqio6Slpqeoqaqys7S1tre4ubrCw8TF xsfIycrS09TV1tfY2dri4+Tl5ufo6ery8/T19vf4+fr/2wBDAAICAgICAgMCAgMFAwMDBQYFBQUF BggGBgYGBggKCAgICAgICgoKCgoKCgoMDAwMDAwODg4ODg8PDw8PDw8PDw//2wBDAQICAgQEBAcE BAcQCwkLEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBD/ 3QAEAD//2gAMAwEAAhEDEQA/AP38ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACvB/2Wbu6v /wBmP4Q319M9zc3Pg/QJJZZGLvI76fAWZmOSWJOSTyTXvFeAfsnf8ms/Bv8A7Ezw9/6boKAPf6KK KACiiigAooooAKKKKACiq91dW9jbSXd3IsUMKlndjgKB1JNRadqVhq9lFqOmTpc2043JIhyrD6ig C7RRWU+uaRHqyaE93Gt/IhkWEsN5UdSBQBq0UVS1DUbHSbKXUNSnS3toF3PI5wqgepNAF2iq9pd2 1/bR3lnIs0MyhkdTkEHoQasUAFFFFABRRRQAUUUUAFFFFAH/0P38ooooAKKKKACiiigAooooAKKK KACiiigAooooAKK/DDxr/wAFc/Gvhbxjr3hmD4d6fPFpF/dWayNfShnW3laMMQI8AkLk1hWv/BZP xekytffDGxliyMrHqUsbEd8MYHA/KvrI8EZk1zKn+K/zPSWU17Xt+KP3sor4r/ZY/bk+Ff7UbTaF pUM3hzxZaRGaXSbx1cyRrjdJbTLgTKuRuyqOOpTbzX2pXzuMwVXD1HSrRtJHDVpShLlkrMKKKK5T MKKKKACiiigAooooAKKK+W/2jv2v/g3+zLYKnjjUGvNfuYfOtNGsgJLyZSSquwJCxRlgRvkIBwdo YgiujDYWpWmqdKLcn0RdOnKb5Yq7PqSiuBtvG/274XRfEi3tNn2jRl1ZLdnzjfb+eIy4HbOCce+K /O79j/8A4KG+J/2mfi9/wrTV/B1nocH9n3N79ogupJn3QFAF2sijB3dc114fKK9WnUqwjpDfVaGs MNOUZSS0W5+p9FFFeYc4UUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUV8U/ts/tWax+yj4P8O+JdG8 PweIJdcv3tGjuJ2gWNUiMm4FFYkkjFeg/smfHfUf2j/gxp/xS1XSYtFuL25urc20MjSoot5CgIZg p5xnpXoyyqusMsW17jdr36+nyN3h5qn7XofStFFfG37av7UWr/sqfD/RPGWjaDBr82ramLBoriZo VRTBJLvBRWJOUAx71z4PB1MRVjRpK8nsRSpSnJRjuz7Jor5e/ZC/aB1P9pf4Px/E3VtHh0O4e+ub T7PBK0yYg24bcwU5O7pivqGlisNOjUlSqLVOzFUpuEnGW6CiiiucgKKKKACiiigAooooAKKKKACi vy4/bH/4KDeJv2YPizb/AA30fwfaa7BNplvfm4nupIXDTySoU2qjDAEY5z3r9I/BuuyeKPCGh+Jp ohBJq9jbXbRqchDcRLIVBPUDdjNejisqr0aUK9RWjPbU3qYacIqclozpKKKK84wCiiigAooooAKK KKACiiigAooooAKKKKACiiigAor8uP2m/wDgp78P/gv4mvvh/wDDvRj418QaY7wXk5n+z6fazocN HvCu8zoRh1UKoPG/cCB8Y2n/AAWI+MqXokvvA+gTWm4Zjja6jkK9wJDK4B99n4V9RhODswrU1UjT sntdpHoUsrrSXMkf0K0V8Pfsqft3/C39p+VvDdvbyeF/GMUZlbSrqRZROijLtazgKJQg5YFEcDJ2 lQWr7hrwcbgauHqOlWjaSOOrRlCXLNWYUV+e/wC23+3Ef2UdR8M+HdC0K38R6zrkU91PDPO0At7W Ngkb/KrEmV94H+43tWj+xJ+2qv7WEXifTtZ0WDw7rnh4wSrbwztMs9pPlfMBdVOUdcN2G5fWu55D ivqv1zl9zvp3ttvubfU6ns/a20PveiiivHOUKKKKACivjnxT+2/8GNG+NPh/4CeHbl/E3ijWNTj0 y6+xEfZdPkZtriaY8NIhGDHHuIIIcoRiut/a2+Peo/s2/Bq8+KGlaRFrdxbXdrbC2mlaFCLh9pYs oY8fSvQjlWIc6dNws57X0ubrDTvGNt9j6Zor4t/Yn/ao1j9q3wV4g8VazoEHh+XRdQWyWO3maZZF aJZNxLqpBy2MV9pVjjcHUw9WVGqrSW5FWlKEnGW6CiiiuUzCiiigAooooAKKKKACvAP2Tv8Ak1n4 N/8AYmeHv/TdBXv9eAfsnf8AJrPwb/7Ezw9/6boKAPf6KKKACiiigAor598Q/tNfBqyXUNM8L+MN G8S+IbFnifTNP1G3urmKWMlWE8ULs8YRhhtwBB46180+Gfjd4u0bxhP4l1GZr2C/YC5tycIUHQIO ilB90j8eM0WA/RikYhVLHoOawNF8UaH4g0KPxJpt0rWDoXZ2IXy9oywf+6V75/lXxT8X/jZfeJ7/ APsfwrO9tpdpIG81CUeeRDkN6hQRlR+J7YAIPjN8Y7jxhdSeH9BdodGhbDNyrXDDuR1C+g/Osb4R fFu98A340/UC1xotw37yPqYif40/qO/1rwe5u5obiS6vJC8UzF2duqsTkk+38q4e/wBZuPFl0+ge FbgC0j4vL+JgyoD/AMsoWGQZCOpH3R70AfrH8Rfi9onhDwzb6rpci39zqiFrIKcowwMux9FyMjrn ivgG58Va/da+fE815J/aRk8wSg4II6Y9APT0rnfOv4NBtPD1pO4srA7oImJZQSoU9eeQOfz61FZN Lqkxs7IpHNGpkneU4jtYl+9LKeyDsOrngc5I5cdjqWGoyr15csY6tv8Ar/hzSlSlOShBXbPvfwL+ 0P4d1XSY4fExkt9TtgPtJijZ41iwf9IcrnamRg98ngEBiPnr4t/F+7+IF4bHS2MOhwHMSg8zHtI+ P0HavG11Ge3EcPhy5msbWB/NSbhZ7qbG3zpxjBUjhYiCgT5SMHAjmWGaC41WwiW3+zjzL6zTO2AE 4NzBnJMBP3l5MRODkEM3yeH4mxMKkamPo+zo1HaD6xeyVRbR5unRP3Za2O+eCg01SleS38/Tvb/g o97+D3xnfwPKNG8RzbtCckmRj/x7HqW/3O5HbrX2x4Y8Z6F4tSc6TI4e3blJUMchQ/ckCtzsccqe vYgHIH5YRqLBYNRvoRJeShZbKzlHyov8N1cqe2eYojyT8zdtvVeDviBrng/Vo9Rub+aeIuXaeTMk kDucu2By0Ln/AFkY6feQBshprcUYic3XwdHnw8NJSXxS7umvtKPX+bVRu1qRwMElGpK03sui9e1/ w6n6oUV51oPxL8Pap4an8QX08dmLGNXuVLBgoYZVkI++knVGH3unWvjrxn8dPFGt+KoNY0KZ7Cw0 1ybaH++OhaUdyw4x0A4Hcn7DB4uliKUa9CXNGSumtmjz6lOUJOMlZo/Qqivnzw9+038GrxNP03xV 4w0bwz4gvmSJNN1HUbe1uZZXIVfIjmkV5A7HC7QTnjr1+g66CAooooAKKKKAP//R/fyiiigAoooo AKKKKACiiigAooooAKKKKACiiigD+Tn4UaVpeuft4aTpGtWcOoWF343mjmt7iNZYZUa9fKujgqwP cEYr+kTxZ+yj+zZ410e40TXPhroAhuVKmS10+CzuEz3juLdY5UPurCv5y/gp/wApANB/7HqT/wBL Xr+rav0fjrE1KdWg6cmvd6O3U93N6koyhyvofyN+OtG139jL9rW6sfD948tx4C1iC5tJTw89nIqT xpJjAPm20gSQDg5YdK/p5+NXx9+HvwI+GM3xU8bXTjTMRi1hhAa4vJphuihhRioLsMk5ICqCxIAN fzbf8FDtXtfE37ZXj99HP2gRTWFkNnzFprayt4ZF47iRWXHqK+qv+Csuoa7pc/wh+H93IwstL0WW Zlz8r3WY4HJx1KrGMem446nPsZplqx88Aqz1lFuXdpJP8/zOnEUPbOjzbta/cin4j/4K+fHHUtYl l8DeCdDsNKiJcQ3i3V9cCNepeWKa3XHqRGMetfY/7Jv/AAUx8OfHDxXZ/DT4m6NH4W8S6rJ5Wn3F tIz2F1IRkQnzPnhlY8ICWVz8u4MVDe2/8E8/hv4Q8D/steD9U0CziW/8UWv9oaldBVMtxNK74V3x krEuEVegAPckn8QP+ChfgXw58Jf2sNZh+Hsa6PBdRWWrJDafultLqZdz+UExsy6+YAPuluMDAHFh sJluOr1cBTocjje0r9nbX/g3MqdOhWnKjGFrbM/oh/aR/aM8Dfsy/DyTx740El080otrGxtyvn3d yylgiluFUBSXc5CjsWKqfxum/wCCtX7Rd9cz69ovgHRB4dtG2zBoL2cx7j8oe6WZEVvTMYz6dMc1 /wAFVvGuteJvGHwptNSjkgjfwnBqpibhUudRlYTLjpuHkqD+FbvwU/bU+I3wz+CWifCfQP2fH1rw +lj5U02y6MWpfaVzNPIotWVxPuJPLDBABwBSyjh6lTwUK8qKqTk9bySSWu1ww2CjGkpuPM352P1F /Y9/bQ8H/tW6Le2kVi2g+LdEjSS/05n8yNo3O0T28nBePdgMCoZCQDkFWb5K/aP/AOCoGteDPibq Hwn+AnhO38SajpF29jPeXonmSe7jOySG2trdo5G2OCu8v8xB2rjDH4a/4J+6D8R/Bf7X/hTV7jwr q+i6NqbahaXIktLlIUgntZWjR5HQAqsqxnLd1B61S/aJ/Z4/aN/ZY+Pmr/FjwFY6gdMTUrrU9K1/ ToWuY4IrpnPl3B2uEdUcxuJRtfkjKmtaXDmAp5hOm7NON4xb0vdq1/K3no+tio4GjGu4+V0j6Bsv +CrH7SHgTxDBYfGX4badFbn5pLYW17pN6UPdGuZJl47Zj59e9ft18K/iZ4V+Mfw+0T4l+C5mn0fX YPOh3gLIhDFJI5FBIDxurIwBI3A4JHNfziwf8FDvEHjiXRrb9pX4d+HfirY6LI0kElzb/ZLuMyAL IQyboCGCjKmDBIGegx+/v7M3xG+EvxS+EGk+LPgtpcGheHJWli/s6G2itPsdwjfvYnhh/dqwJ3ZX IYENnmvH4tymNGlCaw/I72bTvF/r+C+Zy5lhlCKfJZ+Wx77X8hv7XPx48QftCfGO88XeItOtdMn0 mI6RHHa7yjQ2k8xV28xmO87znGB0wK/ryr+bD/graAP2n9NwMf8AFNWP/pTdUeHlWCxkoON21o+1 t/vDJJL2rVtT7e/Yu/ay8YftA/C3x/4D8R6NY6ba+BPC8MFtNaeb5kw+zyw5l8xmGcRA/LjkmvyH /ZC/aB0v9mj4pXnxM1HSptakTSLyztbWJljElzOYzH5jt9yP5TuYKx9FNf01+H1Vf2XNO2gD/ijY f/TcK/nt/wCCZvgvQPGf7V2h/wDCQ2kd7Fodnd6nDHKNyC5gVVhcg8Exs4dfRgD1Fe1k2Kw86OOq OnaGl4p9k76+Z14WpBxrS5bLsfQqf8FcPj5oniZD4u8AaNHpMmyT7GI7y1u/JJzlZ5JXUlh0bycd OOuf28+FPxb8I/F/4XaN8W/Dcxh0TWLVrnNwVRrfyyyzJKQSoaJ0ZXOcZUnOOa/Lj/gsbo+nSfD3 4e+IGt0+3wapc2qzbR5nkywb2Td127owcetcV8LPEepeH/8AgkT4vv7Bn83dfWQ2EgiK91CO3l6d tkzZ9s15eOyzC4vBUMTh6fs5Smo6O+7aOerh6dSlCpCPK27E/wAYv+CtHiOTxhP4W/Z08J2urWcb mGG+1OOeaW7cEgvDa27xsqHHybmLEclV+7XU/s+/8FV7jxJ45tPAP7QXhm28NyX8yWiajYCWOG3u XbYBdQXDu6IScFw52fxLjLL+bH7GHxx8S/ALxXr3jHwh8NX+IGqz2sVqkqCYtYRuzM+DDFLgzbQM nBwhA4Jq7+1P4v8Aif8AtN/EC1+Iknwf1DwrqCWaWlz9mtLqb7UY2YpLITAnzqrBM4J2gDOAAPpZ 8MYPneFdBKFvj5le/pv+nlY7ngKV/Z8mne+p/VrXy7+2D8afHX7PvwVvPip4E0ez1qbSru1S8ivf M8tLS4YxGQeUytuErRjrjBJrvf2ddW1jW/gJ8O9T8RRzxatLoGmi8W5Vlm+0pbokpkD4YMXBJzzX R/FnwBY/FT4Y+KfhxqOBD4j065st7DIjeaMrHJ9Y3w49xX5Lh1CjiUqyvFS181fU+bhaNRc2qTPm b9hz9q7Uf2q/AWu674j0600jXNB1AW01tZlzEbeWJXhl/eMzAswkUjOPkr4T8S/8FZvFmi/GXUfC dr4Z0mbwdYa5JY/bi0/2l9PiufKacYk2b2jBcfLgHHBr4u/Yy+PV7+zH4m+K2k645sLm98OalDDC 52ka3poZrVG9wxlT6nivkmH4b+I7n4W3vxfCZ0S01i30VnwSTcz28tx17BVjGfdh+P6theEcJHFV nVj+7fLy/Pe3z2Po6eWU1UnzLTSx/UZ+2p+07c/su/Cez8baFZWuraxquow2NnbXLP5TBkeWWQ+W VYhUTGQfvMtcR+zb+2Fq3j/9nfxJ+0X8c7LT/Cfh/R7qaKBrMSnzoYFQMwEjsXd5n8qNV5LjHcV+ Kn7Xn7RMnx08F/BHw1ZTm8k8P+Govt4Q5ZtVlf7LMGUclttqjr7Scda+wf2+PCOpfAz9i34LfBKz zBBFcK+phOFkvY7dppc46q088jgeoB5wDXiQ4ZowoUMNVVqtSbu+qir3t8kvvORYCKhCnJe9J/gj F8ff8FfPijqevS2vwh8E6ZZaWGYQnVRPe3kqKchytvLCkZIGSg8zH949a9o/Z0/4Kwad418VWfg7 46aDbeHDqckcFvquns/2OOaRtoFzFMzPHGSR+8DsF/iAXLD0L/gk58OfCOj/AACufiRbWcUniLxB qV1BcXZUGZLe2KpHbq2MqmQZCO5bJzhcfDX/AAVo+HPhHwd8bPD/AIp8NWkVhd+K9Nkn1CKFQiyX EExT7QygAb5FYBj/ABFMnkknqpYXK6+LnlkaHK1dKV9brc0jTw86rw6hbzP2H/bN/aC8Q/s0/Bv/ AIWT4Y0y11a9Oo21kIbwuItk4clv3bK2Rs45r8qtX/4LCfFCXwpbQ6J4N0i38SNPKbiabz5LNLcB PKEcQmWRpCd+5mcKPlwp5Nek/tQ+IdV8Vf8ABLf4Za3rZka9lbRI5HlJZ5PIimhWRieSZFQNk8nO TVr/AIJDfC/whqngvxz8RdZ0q21DU31GLS4ZbiJJTDDFAJZFj3g7fMMw346hQD0rkwGX4LDZfPEY mlzyhNrtfW33dTOjRpU6DnUjdp2PC/2yfjL48+Pv7HHwr+KPxC0e00a+1TxDqCwpZeYIZreCJohM ElZ2Tc6uNpduAGB5wP0U/wCCX80Vv+x9o1xcOsUUWoaozuxCqqrOxJJPAAHU188/8FdNH0jw/wDB j4caLoNjBpun2msTJDbW0SwwxILdvlSNAFUewFUvgHq99on/AASd8Z3+nBvPNpr0OUOGCXExhds/ 7KOT+FaYqMcRlFONNcqlV0Xa7Y6iU8NFRVk5f5nL/Gn/AIK2+JIvGNz4c/Z+8L2N/plvL9niv9VS aaS8cNt3w28EkW1GP3NzMzDkqpO0fJn7V/7bPiH9pH4V6T8O/iF4S/4RrxXoOspfO1uHS2kg+zSx kGKcmWKQM4IBLgrk5BGD69/wSG8GeHNd+MvivxVq9rHdah4d0qM2BkAbyZLqXZJKgPRwi7A3YMR3 r3r/AILFeDPDv/CK+AfiAlvHFrgvp9NeZQBJNbPEZQrkcsI3T5c/d3tjqa9OhDAYXM6eBp0feX2r 63tf56f8MdEFRp4iNGMNe59Cf8Ep/wDk1C3/AOw1qP8A7Tr9Ja/Nr/glP/yahb/9hrUf/adfpLX5 1xJ/v9f/ABM8PH/xp+p+Sf7Y3/BQv4ifs3fGmb4ZeGfDOlapYxWNrdefeGfzS04YsP3bquBjjivn /wCJf/BW34pXWs3t78GfBNhD4TsZhELzV4bm5ml5+Uv5EsMcJcdEJc/7VfPn/BVT/k7K8/7A+nf+ gvX7q6T8LfBuhfslj4YWWlwJog8KvC9vsBV3ktC8kjZzl3kJkLHncd3WvsKtHL8JhMLWqUOaU1rq /K79ex6koUadOnKULtnhv7Ef7ddp+1PNqng/xNo8WgeMNIt/thjtnL2t3a7wjSRByXRo2ZQ6MW+8 CGPIXh/2wv8AgpBo/wCz/wCKp/hj8OdGi8S+K7DYb+W6dlsbMugdYsRkPLLggsAVCZxktkL+bn/B KWR0/atiVTgPoeohvcZiP8wK+VPBHxC1OH9oyH4o33hZvG+pf2zdaq2kS73a6uC0kwDhFkY+W/7w jac7eeM16K4Swv8AaFX3bwjFNRv1d+vbT+kbLLaftpaaJXsfpD4Q/wCCtfxh8Pa/ZQ/Gn4f2B0m6 ZZHOnxXNjdi3c/6yJbmWVJMdQDtDYxuH3q/bvwR8RPCPxD8B6X8SvDF+k/h/V7QXsNw/7sLFglvM 3fcaMghwfukEHpX89P7Vn7Snxb/ap8D2HhLXPgZe6LeaXeLd22oxQ3k80Q2skkQDW6fJICCwzjKq cZAx6x8Gtd8e+Cf+CYHxk0fXdP1DTLvTb97W2juYpbdlstVazhkCCQKdm6WZmxxyfU15+ccO0qlG nUhTVObkotJpqzdrmOKwMZRjJLld7Wvfc7D4xf8ABWjxHJ4wn8Lfs6eE7XVrONzDDfanHPNLduCQ Xhtbd42VDj5NzFiOSq/drqf2ff8AgqvceJPHNp4B/aC8M23huS/mS0TUbASxw29y7bALqC4d3RCT guHOz+JcZZfzY/Yw+OPiX4BeK9e8Y+EPhq/xA1We1itUlQTFrCN2ZnwYYpcGbaBk4OEIHBNXf2p/ F/xP/ab+IFr8RJPg/qHhXUEs0tLn7NaXU32oxsxSWQmBPnVWCZwTtAGcAAe7PhjB87wroJQt8fMr 39N/08rHW8BSv7Pk0731P6a/i/8AFfwj8Efh3rPxN8cTPFpOjRh3WIBpppHYJHFEpKhnkchVBIHO SQASPxEvv+Ctvx58Q+KJE+Hvw/0l9KiZ5BaSRXl7eGBT1eWGWNQQOpEWAfauk/b98WeJtU/Yi+Al vrsVzFd6mthNqP2gMkv2y004xsJVfDbmd3b5ueM19Rf8En/BnhzR/wBm2XxhY2sf9seINVuxd3OB 5pjtiI4ot3XYoBYL6sT3r5bB5dhcHgJYzEU/aScnFK9lo7fo/wADz6VCnSourOPM72PxW/a7/aJt P2nPiRpfxHh0iTQ7qLRrWwvLZ3EiLcwSzM5icYLRkOCNyqwOQQcbj/VP8JP+SVeDP+wLp3/pNHX8 2f8AwU18GeHfBv7Vus/8I5bx2ket2NnqVxFEAqLczKySttHAMhQSN6sxPU1/SZ8JP+SVeDP+wLp3 /pNHW/GEqcsBhJUVaLTsu2i0LzRxdGm4qyOw1fVtN0DSb3XdZuFtLDToJLm4mc4SKGFS7ux9FUEm vwq+IX/BW34ma14tuNE+Avgexm04SPHayalFc3l7dKp4kEFtJCI9w52fvCO59P258ezeDLfwTrs/ xF+y/wDCLx2U7an9tUNbG0CEyiVWBBXbnIwc9K/B/SP22/g38NPH+rx/sYfAZJdZ1dTai+ke4aS5 ijfcBFp8IdkRiA2FdCcLvUEADyeFMFTqqpKVB1GtrtKK9W3/AJnNl1JS5m4cz/A6v4Yf8Fb/AIgW XjG20H48+DtPt9LadYLqfTI7i1urME4aR4LiSbzNvVkBQ46c8H9345I5Y1liYOjgMrA5BB5BB9K/ kE/ar8YfGXx98WZvF/x18NDwp4n1Kzt3+xCzksT9mXckLGKZmlzhSuXJbCgdAK/rQ8AM7+A/Dbyn LtptmWPqTCma6+MspoUIUa1GCi5Xuk7rpsaZphoQUJRVrnXV+HEf/BWvxV4e+KWr+HfHHg6wPhvS bnUrctYGb7bI1ssq2ygySGMeZKqK7FTtUsQOAK/cev5O/gr4N0P4gftz6X4S8S2qX2l3viy8a4t5 BmOVIJpZijjurbMMOhGQax4Qy/DVoYiWJhdRjf8AO9icsoU5qbqK9kfVupf8FcP2h7TV4dTPgXQr PQrzL20E8N6ZZIs9VufPRXI6bliC/wCzX7Ifsw/tE+Gv2nPhZbfEfw/avpsyTPZ39jI4ka1u4grM m8AblKuro2ASrDIByB8uf8FVNA0q/wD2U59SntY2udG1awktZNo3ReYxhcIeoDK2CBwcD0FfLn/B NzxDqHhj9kT47+IdNL/adGW+vYAhwwlh0wuu3HfKDFdmMwWExeW/WsPS9nJSUd79v8zWrSpVKHtI Rs72PRf2m/8AgqWPh745vvhx8DPD9r4ivdJnktLvUb8yNatdI2xo7eGB0eUK2QXLqGPCgjDHzf4Y f8FavGml+LLbw9+0T4Kt9PsXIS4udMiuLe5tt2Nsj2tw8hdccsFZTjlQSAp/NL9lT4mat8JPi9bf EPRPAx+IOqaZbTtb2YErGCWTan2oeVHKcoGKgleC4OQQK98/a4+MXxV/avm8PahqPwWv/DWqaCJ4 /tcFvdzy3EE20iJ90CfKjKWXOcFmxjJz9O+GMJTnHDOgnG2s+ZJ39P6Xkd/9n0otU3DTvfU/Uv8A bX/bd+In7NWqeDb7wFoOk+IfC3jHTnura+uWnJeWNgWCGJ1UoYpYmU9TuPavpGL9pTTpf2Rv+GnB BFkeHW1Q224+V9vWMobbdnO37UPKz1/Gvy98efDfxH8Rf+CV3hbU/EGn3Vv4k+GV1NcCO7ieO4Fl FdzW7JtkAYRrbSxv6YiGOmK+QLT9o7y/2Ab/APZ/N1nUj4piVYs4I0iRTfHA9ryPnt835+FR4aoV 6MI04+9CpyyfdX3+6xyRwEJwSitVKz9D9Lf2QP8AgpB4y/aB+Nun/Crxx4d0vR4NXtbprWayM/mG 5t4/OCHzXZdpjSTtnIFdn+2/+374l/Zj+I2kfDzwRoena3cXGnLf3rXpl/dGaR0iRfKdcHbGWOc8 Fa/E/wABWviT9mr4s/B/4o6+DBBqK6f4jjwCM6bLdSQyKT3LwxsT7OPx901eMftjf8FEJbONvt2i at4hEOVO6NtG0gYZlPQCS3tyR23P3J59Wvwxg44v2/IvYqDb7XT/AMvyOmeX0lV57e6l+J/SJ8K9 e8UeKfhr4Y8T+NbKHTdd1fTra8u7W33COCW4jEhiG8s2U3bTknkGvFf21fivq3wY/Zo8Z+NvDs7W 2siCKysZU+/FPeyrAJVJ6NGrs6+6ivqcAAAAYAr8/P8Agp5o97qn7IXiS4s1Lrpt7ptzKF/55/aU iJx6AyAn061+a5RCFXHUoyXuuS0+ex4GGSlWins2fkJ/wTp/Zk8OftH/ABW1fVviHEb/AMM+EIIr m7ti7Kbu6unYW8cjKQ3lny5HfDAnaF6Ma/oS1/8AZs/Z/wDEvhqTwhqvw80I6VJG0Yih0+CAxBhg mF4kV4m9GRlYdjX5Ef8ABG7xbpFn4h+Jfgi5mSPUtUt9NvraMnDyRWbTxzY9dhnj468k/T95K+i4 3zDELMJQUmlG1rO3RO/3ndm1aftmr6LY/kg+O3gXXP2Ov2pr7SvBd+6SeFb+31PR7kkl/s8gWeBZ CMbiFPlS9A+G4wcV/V14O8TWnjLwfofjGxGy11ywtr+IHtHcxLKufwav5kf+CmXi3SfFf7WviOPS Jo7iPQ7Wy02V4+R58Me6VSe7I7lG9CpHav13+PXxLvP2cf8AgnxolvJK1r4jufDOkeG7ME4kW8ns khlYHqGiiSWQH+8or1uJcNPF4fBOX8Sdl96X/DnTj6bqQpX+Jn45fGTXNU/bU/bal0rw9cF7HX9X h0XTZV+dYdMtW8s3Cj+75ayXDD/aNM/Zi8Z6v+yL+2Ra6T4rl+zW9jqdx4b1on5YzbTS+SZT/wBM 0kWOcHuFGOtcX+xx8e/BX7N3xYk+J/i/w/c+IZbewntrGO2kjjME9wVV5SXB/wCWW9Bj++ayP2tv jR4M/aB+Mt78VPBmhXHh9NWtbZb2C5kSRnu4FMRlUxgABoljB77gxPWvtfqk3N4Fw/cclr6b/nt+ J6vs3f2NvctY/r3r8e/Hv/BRz4leE/2qbj4CWXhfSJtJh8RWujC6kNx9oMU80cbPxIE3AOSPlxX2 X+w58aP+F4/s3eFvEt7P5+s6TH/ZGpknLG7sgqb2P96WIxyn3evwh+NBC/8ABR2/ZuAPHWnk/wDg VDX5pw1ktOWJxFDExu4J/enueDgMJF1JwqK9kf0Z/tB/ErUvg98FvF3xN0e0hvr3w7YtdRQTlhFI 4YAB9hDY57EV+a3wg/4KR/Ez4ifCz4t+PdT8LaRbXXw902yvbSKE3HlzvdTmFll3SE4AGRtIOa+3 /wBuR1j/AGSvicznAOksPxaRAP1NfmD/AMEbAD4t+J4PI+w6Z/6NnqMmwOHeV1sVVp80oyX3Xjdf MWFpQ+ryqSV2n/kfmDoHxq13w/8AHiP4/W9hbS6vHrkuu/ZX3/ZjNNM0xj4bfsBYgfNnHev16/aS +OGvftEf8E1x8U/Emn22l3+oa5DC0Fpv8kC2vHiUr5hZuQvPPWvhb4aKD/wUkt1I4/4WHe8f9v8A LX7A/wDBUsAfsj6qAMD+1NN/9G19fnmJpPG4OCp+83Fp32V9rfqeni6kfa0ly66a/ofkt+yR+2rq f7M/ww17wR4J8KN4m8W+ItXW6gEu77LHCsCp9yI+bJIWX7g2gDndnivqn4Nf8FbfGM/jiy8O/Hjw vptppF3cC3mvdMSe2lsi7bRJLFcSyh0Q/fAZWC5I3EbW6z/gjr4L0D/hGfH3xCktI5NaN5b6ZHcM MvFbLGJnRD/CHdlLY67Vz0FfGP8AwVK0fTtJ/az1Oewt0gbUtL0+6n2KF8yYo0ZdsdWKoMnvilUo YDF5lWwdSj71ruV9b2Wy6bhKFGrXlSlHXuf08qysoZTkHkEdCKWuT8BSvP4F8OTSnc8mm2bMT3Jh Umusr8dnGzaPl2rOwUUUVIgooooAKKKKACvAP2Tv+TWfg3/2Jnh7/wBN0Fe/14B+yd/yaz8G/wDs TPD3/pugoA9/ooooAKKKKAPw2tv+Cf3xB+EHxu8b/FqG8h8RaDr095d82NrLJCLudpzmK4FwCEzg sqg4GeBxW7qsWj6JYS6lqRsoYIRyTpGlZJPAUAWeSSeAByTX7VkAjB5Br55v/wBmj4dan8Q7Px5f wtNFYlpotObH2Rbk/wDLXZ3x2B4B6ccV4eP4Zy/FVPa4ihGUu7V2dVLHVqa5YSaR8T+APgZ8XNa0 F/Heq6DpS6LcKXg0xbC1s9YEBHE8U9tDGElH3gh6j5ec88/d2smnSpFNKJ4JgxguNuwSqvDBlP3J E6SIfunp8pBr9fgAAABgCvmL4z/By41SC88S+CtLt9TvZv3lzpVwxjgu5lHyTKw5jkB4cj76bgeT z4tfIp5dL6zlFPT7VO9lJd430jNd9pLR9GumGKVZcmIfpLt691+R8PRR26W8WqanD58M+TZ2bHH2 sqf9ZJ3W3Q9T1c/KOvMpQao013Z20VtqYDS3VpbIY4blR964tkJYqw/5aR5J/iBPd+oab4lsLxn8 Y2slrrFwiPOsi7cYGAsYHAjXoirwB6nJPMa9rNvodtFdMZDd+YotEt/+Ph7j+ARdfmz+GOvBIOP+ rWMqf7fOrbFdLN8kV/z7t1i/tStzN+8rWSVfXaa/dKP7v8X5379lt0Nq2WXUpUttOKPI6GQuxxFF Ev3pZW/hRe56k4UAkgVn6yl1dwW9l4au2g0+CdZ7gyxru1R1GA02clI1/wCWKKfl6nJJJ7KTwb8Z m0b+0vFvg2LQdNliiuL5rR9xubvLfPKnVY1XB2D5Vcucc5PP9eldeBy7E42rHF5lDlUH7tO90mvt ya0b/lW0Vr8T0zq1oUounRd77v8ARdvPv6bwQXCzoWHDLwynqD6GuOTX9b1XxHbnwXdnT00ebfNq SqHO8cGCINlWyOJCQRj5evT0z4Z+BJ/jd4k1Pw/pDT2ulWUDx3mpxcIJmGFhRv4m/vEdBnBzVW98 KS+CLqTwtNafYTp58sRgYGB0YeobrnvX1eJw1OtTlSqxUotWaeqafRnBCbi1KLs0czpzatbSTf8A CRXv9o3l1K8jXbKEaUseA4HAIHAxxgcelGs6z/ZggtbWB77Ur5xFaWkQzLPKeigenqegpuvarDYx wWSW7319fuIbW0hG6WeVjgBQOmO57V+gPwU/Z40PwPeQ+PfECNeeKLq2iXExDrZZGWjiHQHPVupP 4U6NGFOCp01aKVklskuiCUm3d7nzdpn7K3xubwrZ3Gsa7pt42ZLg6RPp9pOLUS/MYbea4hk288kH jOema8ZvfDyabNPb6hBaW0tsWWVZNH0pShXqGzZ8Yr9lq8L+KvwB8G/Fie3uNYaWzYOn2r7Odn2q FDny5Pyxkc44ORivn63B2VVJupPDQbbu/dWre7OuOZV0rKb+8/ETXf2OPiR+098Q9I+Jnw8MWn6N 4elgRLo2ltZpPJDKJC0Qt0hDAEfeKk/hX9DHh+zvdP0OwsdRl8+6t4I0lkxjc6qAT+JqTRtG0vw9 pdtoui2yWdjZoI4ooxtVVXoAK0693CYSlQpqjRioxWyWyOWpUlNuUndhRRRXQQFFFFAH/9L9/KKK KACiiigAooooAKKKKACiiigAooooAKKKKAP459Y8d638Lv2lNY+IfhxIX1Tw74mvb23W4UvCZYbt 2UOqspK+oDA+9fXGsf8ABUr9rfxbYTaHoiaRpl1dLsWfTdOke5Xdx+7E0s67vQ7CfTnmv6YKK/Qa /GmGrcrrYRScVZXl/wDantTzWnK3NTvbz/4B/O1+w9+xB8UfiR8VbD42/HDSrzTPD2m3Y1UDVEZL zV74P5qExy/OYjJ+8kkcYk+6u7czL+gX/BSD9lXxJ+0L8PtI8UfDy2F74s8GtO0doCFe9s7jb5sa FiAZEKK6AnkblHzMAf0jorxcVxXiamMhi1ZOOy6W7fPqctTMakqqq9tj+YH4Eft7/Hf9lLwrc/B7 UfDtvqNrpkkhtbTWI57e5095GLvHgFGMZcltjAEEnDAHFO+B/wAA/jV+3l8c5fin8SLa4Xwzf3qT 61qxTyIDDEoC2lnu+82xViXZu8tcM56bv6ZtQ0DQtXlin1XTba9lhIMbzQpIyEcjaWBI/CtUAAAA YAr1avGcI89TDYdQqT3le/3K3z9d7nRLNUrypwtJ9T8n/wDgp9+y14p+LXhLQPib8NNMl1TWPCEc trdWFspeabT5CHVoYxy7QuD8ijJVyQDtxXwN8If+Cmfxb+C3wfh+D8nhq01S/wBChez03ULqSSKS 0iXISOe32kSmHO1fmj+UAMDgk/0tVh3Xhnw3f3y6nfaTaXF4nSaSCN5RjjhyCf1rgy/iWnHDRwuL oqpGLutbWMaOPiqap1I8yWx+QP8AwTlvf2yPiT4gm8c/FDxbrR+HNvbyiFNTCyPqdzMu2PyHnjaX yotxkMiMFLqqDcN4Hy18VPi5+3F+yP8AHy31v4keIta8TaFpt5J9lN1NKNF1e0kDKFKxgQiXyzkr t3xOAQMAE/0fgADA4AqGe3guomt7mNZonGGRwGUj3B4NOnxRD6xOrPDxcJK3LZLT1tvrq+vyQ45g udycFZ9D+Wz9p79qiz/a/fQvDfgz4P2fh/xD9sEpurEjUNVvnKMgt1aK2hcxktuKkOSyqRjBz+3X /BPr4F+K/gH+zxaeHfHERtdc1y+n1i5tS25rX7RHFEkLdg4jiUuB0YkdRmvsnTNA0LRN/wDY2nW1 h5hy32eFItxPrsAzWtWebcSRrYaODw9Pkgnfdyf3snE49TpqlCNl63Cv55P+CvfgTxHafGbw18Rv sUraDqOiQ6eLoIxiW7tri4domYDarGORWUE5YbsD5TX9DdV7q0tb63e0vYUuIJRh45FDow9CpyDX nZDnDwOJVdRvurbbmGDxXsZ89rn5A/sXfte+M/j34C8Z/C3xLo9jY2vgvwaqW09qsvmzmCE27NKX dkG4BSFUDnPOOB8Rf8EoR/xlWP8AsBah/wChQ1/SnpukaVo1v9k0eyhsYM58uCNYkz67VAFaFes+ JqUYYinRo8qqpddtN9tb/I6f7QilOMYWUvM/H7/gsT/ySPwGf+o5L/6SvXQ/sN/DTT/jD/wTy1D4 Y6pIYIfEcusWolHPlStLmKXHfZIFbHfGK/WCiuJcQSWBhg4xs4y5ua/r0t59zL661RVJLZ3ufyuf Cj4mfHX/AIJ1fGHWLLxL4XLC+j+y31hd74re+iicmKe1uVUg7STskUOuGYFc9PXLb9q79tf9rP44 Wo+BdxfeGUdIrZLDTpHk02yhDMzXF7JIhiJ5O6RkBICoqk4B/o41HStM1i3Npq1nDewE58ueNZEz 67WBFO0/TNO0m3FppdrFZwL0jhjWNB9FUAV7NbjChUbrTwsXVatdu6+639dzqlmkH7zprm7/APAK nh2w1LS9A03TNZ1F9X1C0toYbi9kRI3upo0CvMyRhUUyMCxVQFGcAYrYoor4WTu7njs/lc/4KO/C 3/hWX7VPiWa1h8rTvFyx67bYHBa7yLj2z9pSU/Qiv0B8Gfs6/a/+CUmp6QbXGsataT+MVwPmMkEg niK+pksoVT/gWB2r9oqK+yxHGVWdChRUbOm4u99+Xbp/mepPNJOEI2+G3zsfyW/sI/Cz/hbf7UXg vRLmHztO0i4/ti9yMr5On/vlDDuryiOM/wC9X9Bn7cn7ON9+0t8D7nwt4dMa+JdGuF1PSvMIRZZ4 kZGgZyQFEqOygk7Q+0twCR9jUVzZvxXVxOKp4qEeVw2V7/otyMTmMqlSNRK1j+Wj4FftVfH/APYX v9b+HGr+Gs2dzOZ5tI1mKa3aG5AEZmgdcHDqoBOGRwAV9Sy10D9oz/gpB8cU8S3dgUswYbWe8iia PTNH09XJ2Izt87Dc7BNxkkYk8DJX+ofU9F0bW41h1mwt7+NDlVuIklAPsHBq/FFFBEsMCLHGgAVV ACgDoAB0FepLjampSr0sOlVatzX/AEt/XmdDzaN3OMLSfU/Kz/gpP4P0f4f/ALEWg+BPDysumeHd Q0ewtg53P5NtBJEhc8ZYhQWPc81n/wDBH0f8WA8XH/qZ5v8A0itK/WeivBefN4CWCcbty5ua/wCl v1OP65+5dJrre5+PH/BYsH/hVXgE/wDUan/9Jmr0b/gn/wCCNM+JX7As3w91p2isfEh1zT5XTG9E uXeMuueNy5yPcV+oNFN5+/qEMFGNnGXNzX9elvPuH1x+xVJLZ3ufyieGta+Pf/BO349XNxeaSsV6 kctpJFdIxsNW093BDxSKRlSyK6sp3Iw2sPvobv7VHx9+Of7WGhaf8VPFHhv+xPAXhy4GnWn2cP8A ZPtt4pd/3smDNKyw87RiNQAQC2W/qg1HS9N1e2Nlq1pDe27EExzxrIhI6ZVgRVmCCC1hS2tY1hij AVEQBVUDoABwBX0C44p+0jiJ4ZOqtOa/T7tPxsdqzePMpun73c/N/wD4JUD/AIxQt/8AsNaj/OOv 0loor4zMsZ9YxE69rczbseXXq883PufzIf8ABVQH/hrG899H07/0F6/oenB/4UrIO/8Awjx/9JK9 Ror08xz36xQoUOS3s+t99vLTbzN6+M54Qhb4T+ZX/glOP+Mr4P8AsCaj/wC06q/tJ/Bz4s/sVftM N8YvA1hL/wAI8mqNqujaj5TTWiidiz2Vyy42kBniKsys8fzKeeP6dKjliinieCdFkjkBVlYAqwPU EHgg17M+NpPFyxHsvdlHlcW73WvW3n2Op5s/aOfLo1Zo/m2+LX/BSL9of4+DQPBnwl0i58Hailws rLoU891fX04QqI12IreVyWMW1skAknbX66fDr4L/ABd+In7I2p/C/wDaX8QS6n4s8YWdyJnkWHdp vmgfZYi0CIJGhZFkctuO8su4qAa+wdM8O+H9Fd5NG0y1sGl5c28KRFvqUAzWxXl5jn1KcIU8JRVN Rd77u/qc9fGRaUacOW33n8rnwo+Jnx1/4J1fGHWLLxL4XLC+j+y31hd74re+iicmKe1uVUg7STsk UOuGYFc9PXLb9q79tf8Aaz+OFqPgXcX3hlHSK2Sw06R5NNsoQzM1xeySIYieTukZASAqKpOAf6ON R0rTNYtzaatZw3sBOfLnjWRM+u1gRTtP0zTtJtxaaXaxWcC9I4Y1jQfRVAFerW4woVG608LF1WrX buvut/Xc6ZZpB+86a5u//APiL9tH9mrxR8eP2Z7fwVp9++t+NfC32XULS4kEUDald20LQzhwoSND cI7sANqiTaOFzX4n/s4/tnfGT9jOPXvhnc+HY7+zku2ml0vVFltp7K9CiOQqQAy7gqh0YEZUFdpL Fv6mqzLzRNG1G6gvtQsLe5ubU5hlliR3jP8AsMwJX8K8/KuJY0cPLC4mkqkG72vazMMNj1GDp1I3 R/H/APtG618YvG/j/wD4Wp8adNl0vVfG9umo2kckZgX7CrNbw+TE5LpEBEQm7lgN+W3bj/Wl8JRj 4VeDAf8AoC6d/wCk0deg0Vnn3EaxtKnSVPlUL7PS3TS2lhYzHe1jGPLax88ftY/DrxD8WP2dPHfg DwmN+sapp5+yx7gvmywSJOIgTwDJ5eznA+bkgc1/Ol+yd+1Frv7FXjfxUuu+B/7XudUhis7u0upG 06+tJbZ2YKHeGVkBLHzIynzEIcjbz/VpWXc6Hot5exand6fbz3kH+rmeJGkT/dcjI/A0ZNxDDD4e pha9LnhLW17fj8kGFxqhCVOcbp/I/ki/ar8Z/GD4tePbf41fFbw7N4dg8X24OjQvG0cX2C1wiiIu A7qC24uQN5YsPlIA/qd+BninTvG3wZ8D+LNJfzLbU9GsZl9VYwKHU+6sCp9wa9UoozviKOMo06Ma XJybWd1bta3prcMXjlVhGKjawV/LV+y4D/w8N0MY5HijVf5XNf1K0Vz5Nnn1SnWp8l/aK29rb+Tv v5GeFxfsoyVr3Vj88P8AgqN/yaJrn/YR0z/0oFfOn/BJDRrDxF8DvidoGqx+bY6nqYtZ0zjdFNZh HGe2VY1+zVFFHPXDL5YFR3le9/Tpby7jjjLUXRt1vc/lfuNG+OP/AATk/aL/AOEjj0prmztZJ7e1 uZ43+waxpsx+75qYAcqFYqDujkUZBAw3qHjz9u79q79p74haBonwKsb/AMK3FsGSHTdDnkuHuJJm UNLdyFERkTAwXRUjBYk8k1/SPd2dpf272l/AlzBJw0cih0b6q2Qaq6XomjaJEYNFsLewjbkrbxJE pPuEAFe7LjGjUarV8MpVUrXvp91v67o63mkZWlOmnLv/AMA8o8E/D/xXqPwItfhx8btX/wCEn1zV dJmstbu9kaCV7xGWZFESIhWNX8tW2gsFDN8xNfyO6l8M/Eum/Fa4+D0kW7XoNZbQ9mCA10Lj7MMD 0Z+nsa/tMorz8g4rngZVXyX59bbJPXy89tDHB5i6Lk7XufiF/wAFWvgrp3hr4QfCvxL4eg22ngzH hskDn7K9uptt2OgQ27Ae7+4rjv8Agj58LPt/ivxp8ZL6HMWk28ej2TEZBmuiJrgr6MkaRj6SGv3u opR4rqLLngHHf7V+jd2rW/UFmMvYOjb5hXK+OPBugfETwdrXgTxTB9p0nXrSazuUHBMcylSVPOGG cq3YgEciuqor5aE3FqUXqjzk7ao/lQ+Lf7PP7Rn7D/xPTxj4ba9isdMnaTS/Emnxlrd4myAs+Ayx uyZWSGUbW+YDenJ9K1//AIKr/tT694ak8OWo0TSbmeMxHUbKylF6N3G5PMnkiVvQiLjqMGv6ZGVW UqwyDwQehFc9beEPCdldjULPRLGC6B3CWO2iWTPruCg5r7z/AFzo1YxeMwynNddv0f8Al5Hsf2pG SXtaabXU/nT/AGLf2GfiR8a/iDYfFT4xabdaf4MtboahO+pK63OtTb/MCKsvztFI/MsrcMpIUliS vT/8Fa/jGfFXxf0b4P6bNmw8E2onulB4N/qCrJgjofLgEe09i7iv6J6K5lxlOWNji61O6imoxTsl frs7/wBdjP8AtRuqqso3tsj8x/2YP2AvgNH8BvB158V/BNtrPivU7JL++nuHnWRWuyZkhKpIoBij ZYyMdVJrM/az/YF+BqfADxbrHwh8GW+i+KdEtjqVtLbvM7yJaHzJ4dryMG3whwoxndt+lfqXRXkL iTGLEe39o972u7b3tbsc316rz8/M9+5/O3/wSU+MzeFfi5rPwc1ObFh41tjcWak8LqFgrPgdh5kH mbj3MaCvLv8Agod8MPH3wi/ao1b4pW9nNDpHiC8ttW0rUlj3Qi5jSMyRlsFRJHMhOw8ldrYwa/p1 qteWVnqNs9nqEEdzbyDDxyqHRh7q2Qa9mHGKjj5YyNKykrSV9/O9vJdDqWaWrOqo7qzR/OR8Vv21 f2iv2wfhLrnw78MeC4NM0bSrB9U8S31m0jq1rp6m4fc8uEgjZkDCPLO5AVWIJB9V/wCCNn/I2/E4 /wDTjpn/AKNnr93NO0vTNHthZaRaQ2VupyI4I1iQE99qgCr9ZYrimk8JUwdCgoRl5+aeumu3yJqZ jF05UoQsn5n8nvxrl8b/ALNX7a/iDxpc6XtvtJ8U3Ou6el0jrBd2s109xCwI2lkdG2kqeGyM5Br9 AP2g/j74g/aT/wCCcGofEvxNp1tpl+/iSC0eG0EghCQTjYQZGZidrDcc4JzgDpX7X6nomja3GkOs 2Fvfxxncq3ESShW9QHBwavQww20SW9vGsUUYCqiAKqgdAAOAK1xHF1Or7CcqPv02tb7pdNtL/OxU 8zUuRuGsbdT8hf8AgjsP+LP+Oj/1HY//AEljr4Z/4Kuf8nWP/wBgPT/5y1/TLRXNheKvZ5jPH+zv zdL+nW3l2Ip5jy13W5d+hx/w9GPAPhoH/oGWf/olK7Ciivk5yu2zzW7u4UUUVIgooooAKKKKACvA P2Tv+TWfg3/2Jnh7/wBN0Fe/14B+yd/yaz8G/wDsTPD3/pugoA9/ooooAKKKKACiviD9q39stf2Y df0LQ28If8JJ/bVrJc+Z9v8AsfleW+zbt+zzbs9c5H0r6N+C3xKHxg+GGgfEgad/ZP8AbkHnfZfO 8/yvmK48zZHu6ddorqqYKrGmq0l7r2EpK9j1KiiiuUZ5r8S/hrpPxE0c21yBDfwAm2uAPmRvQ+qn uK8I+DP7MZ8JeJpvHvxEuIdX1qJilhFGCbezi7FQwGXPc4rxT4+/8FEV+Bvxa134WnwAdaOiG2H2 v+1fs3m/aLeO4/1X2WTbt8zb985xnjOBe/Z5/wCCga/Hr4n2Pw3HgM6H9timk+1HVPtO3yl3Y8v7 LHnP+8K9N5PifZ+15fdtfdbfeR7RXsfo3JFHNG0Mqh0cEMpGQQeoIr4q+Jv7K+peJtcji8G6pHo+ iX0mb0HPnRRk/OkGOPm98Y7V9sUV5hZyHgbwN4b+HXhq08K+FrRbSxs1CgAcs3dmPdj3Jrkvir8K 9O+ImmGSLbb6vbKfInx1/wBh8dVP6dq8X/az/ayH7LkfhaQ+Fv8AhJh4lN6P+P77H5P2Pyf+mE2/ d53+zjHfPHxt/wAPak/6JWf/AAd//cNenh8nxNWCqU43T81/mQ6iWjPt74Ffs3R/D7VLjxx44ni1 fxVOSkToCYbOHskIbue7YzX1fXhv7OvxoHx++Fth8Sxo/wDYQvpriL7L9o+1bfIkMefM8uLOcZxt GPevcq4KtKUJOEt0WmFFFflT8TP+Cm6/Dn4ieJvAJ+G51A+HdRutP+0/2x5XnfZpWj37Psbbd23O 3ccdMnrW+EwNWu2qSvb0/UmUktz9VqK+B/2X/wBuJP2kfHF34LHgs+HTa2jXXnnUfte7aQNuz7PF jr13fhX3xUYnC1KM+SorMaknqgooornGFFFFAH//0/38ooooAKKKKACiiigAooooAKKKKACiiigA ooooAKK/Gz/gqB+0L8aPgt4y8Dab8LfFV14dttSsLua5S3WMiV0lVVJ3ox4BxX1TpPjj4ueI/wBg C08e+Gru+1T4h33hZLq3ntYfPvZr1h96OJEbc57AKfpXvSyCosPRxDkrVHZeXqdjwUlCM76SPuqi vyu/4J4eLf2tvEviXxlH+0nD4iisYLS0On/25p0lihlaR/M8oyQxbjtAyBnAxX6o1w5pl7wtZ0XJ St1WxjiKPs5uDdwooorzzEKKKKACiuM+I3jjS/hn4B8Q/EPW4ZrjT/DdhcahPHbhWmeO2jMjKgYq pYgYGSBnqa/Pn9jH9tnxr+1Z8avF+k3mlW2g+FdI0pbixso/31x5huETzJ5yBuYqT8qqqj0JG4+j hsqrVaNTEQXuw3ZvTw85Rc1sj9OaKK4z4jeONL+GfgHxD8Q9bhmuNP8ADdhcahPHbhWmeO2jMjKg YqpYgYGSBnqa4IQcpKMd2YpNuyOzor8xv2Mf22fGv7Vnxq8X6TeaVbaD4V0jSluLGyj/AH1x5huE TzJ5yBuYqT8qqqj0JG4/pzXbmOXVcLV9jWVpaP7zWvQlTlyy3CiiiuAxCiiigAor8t/+Cmv7UXi7 4G+FfCvg34Yay+jeKPEFzJdzXEIRpIbC2G3bhwwHnSuMHHSNhXzB/wAE8f21/it4z+On/CtfjP4p n16y8T2kkenNciNfJvrceaoBRV4ljEi4PVtgFfTYfhXEVME8dFrlV3brZbs74ZdOVL2y2P3noor8 mf8AgoV+3b4s+A+t2vwh+EBht/E1xapd3+pTRrN9ijlJEUcMbgoZWC7mZ1ZVUrhSWyvlZXldXGVl QorV/cvNnPh8PKrLkgfrNRX8y2mXn/BUXxJoqfEfSrrxvcadNH9ojZJZEEsbDcHjs8qXVhyu2Igj G3IIr6G/Yn/4KM/EzVPiVo3we+PV0ut2fiC4WwstTaFYr23vZnCQxzeWFWSN3OzJTerMCWKggfRY rgqvClKpSqRny7pPVHdUyqai5RknbsfvHRRRXxh5QUUUUAFFFFABRRXy1+1v+07pf7K3w0g8c3uj Ta9d6leLp9lbRyLDGbh4pJQ00hyVjCxnO1WJOBgZJHRhcLUrVI0qSvJ7F06bnJRjuz6lor44/Ya+ OnjX9on4L3PxI8eC2j1CbWL23jitI/KhhgiEZSNQSzHbuPzMxJ7mvy2+NP7V/wC0R4d/bf1D4b6J 43vbTwzD4osLJLFFi8oW8kkIePlC2CGOec817WC4ar1sRVwyaUoJt/I66WAnKcoX1R/QhRRRXzpw hRRRQAUUUUAFFFcZ8RvHGl/DPwD4h+IetwzXGn+G7C41CeO3CtM8dtGZGVAxVSxAwMkDPU1UIOUl GO7Gk27I7OivzG/Yx/bZ8a/tWfGrxfpN5pVtoPhXSNKW4sbKP99ceYbhE8yecgbmKk/Kqqo9CRuO J/wUO8Xftc+G/FXg6H9m2DxFLp81lctfnQ9NkvkEwkUJ5rRwy7TtzgEjjNe5Hh6ssWsHVajK19Xo tLnYsDP2nspOzP1UorxX9nK+8dal8C/BF/8AE1btPFVxpkD6kL6IwXQuSPn82NlUo3qCox6V7VXj V6XJOUL3s7HJONm0FFFFZEhRRRQAUV+Sf7WX/BRHxD8M/i+fgJ8L9ESHVbK9srfUdWvgJFUXIil2 2sAOCdkgBkkPByBGeGr7/wD2kL/x5pfwJ8bah8L1u38VwabK2mixhNxdG4GNvlRBXLN1wApPtXrV clr01RdXRVNvTTV/edMsLOPLzac2x7bRX5Xf8E8PFv7W3iXxL4yj/aTh8RRWMFpaHT/7c06SxQyt I/meUZIYtx2gZAzgYr9UaxzTL3hazouSlbqtiMRR9nNwbuFFFFeeYhRRRQAUUUUAFFFFABRRRQAU UUUAFFFfLX7W/wC07pf7K3w0g8c3ujTa9d6leLp9lbRyLDGbh4pJQ00hyVjCxnO1WJOBgZJHRhcL UrVI0qSvJ7F06bnJRjuz6lor44/Ya+OnjX9on4L3PxI8eC2j1CbWL23jitI/KhhgiEZSNQSzHbuP zMxJ7mvy2+NP7V/7RHh39t/UPhvonje9tPDMPiiwsksUWLyhbySQh4+ULYIY55zzXtYLhqvWxFXD JpSgm38jrpYCcpyhfVH9CFFFFfOnCFFFFABRRRQAUV8a/t8/EPxp8LP2YvEnjP4f6rLout2lxp6R XUIUuiy3caOBvDD5lJHSvA/+CYHxr+Kfxp8GeOdR+KXiK48RXOmX9pFbPcBAY0eJmZRsVepGea9i nktSWCljk1yxdrden+Z1RwknSda+iP1Gor8D/wBpr/gov8ZfGfxTuPhB+y3us7S3vf7PgvLW2W61 HVLlW2MIVkV1SIvkJtTewG4sAdo8z8X/ABB/4Kh/s26Zb/EP4iX+qw6I80Zke9ex1S1BcgCOdYmm aBXOFGTHycKQ1ezQ4KxEoxdSpGMpbRb1fyOqGVTaV5JN7J7n9HlFfHn7GH7V2n/tV/Di51y5sk0r xPoMqW2rWcW4wq0oLRTQliT5coVsKxLKyspJADN9h18vjMJUoVZUaqtJbnn1aUoScZboKKKK5jMK KKKACvAP2Tv+TWfg3/2Jnh7/ANN0Fe/14B+yd/yaz8G/+xM8Pf8ApugoA9/ooooAKKKKAPw//wCC rv8AyP8A4E/7Blz/AOjhX6OfsWf8mweAP+vH/wBqNWT+0j+x/wCD/wBpXWtH1vxNrd9pUmjW8lvG toIirrI+8lvMVjnPpXu3wn+HOnfCT4e6L8O9Iupb200SHyY5pwokcbi2W2gDPPYV7mKx1OeDp0Yv 3lv+JnGL5mz0SiiivDND+aj9vcM37XXjhUxuL6YBnpn+z7brmvrr/gnxoes6V8U72fxlPpEry6fi wEH2Mzh8gtt8lQ4+Xrz9a+pvjP8A8E//AId/Gv4l6x8Tdd8RanY3us+R5kNuIfKXyII4Bt3KTysY Jyepq58EP2C/h98DPiDZ/EPQPEGpX95ZxyxrFciHyyJRtOdig8V9hWzehLCKjza8qW3Wxgqb5rn3 XRRRXx5uefePvhf8PviTBbf8J5oFrrn9miU232lN/lGULv2+m7YufoK/mf8A2YPD+j+Jf2hvA/h3 xFZx32nXupxxT28o3JIhzlWHpX9T7LvUqe4xXwB8Ov8Agnl8Mfht8RNH+JGla/qdxfaNdi7jil8r yncZ4bCg457V9BlGZxo0qkJt6rT8TKpC7R9u+E/B/hjwLosXhzwfpsOk6ZCzulvAu2NWkO5iB7k5 NdJRRXgSk27s1Cv5V/2kEmk/aT+I0duN0reJtSCAgEFjdPjrx1r+qivzp8a/8E4fhv43+Ies/Ea+ 8U6tb3mtalNqUkMaweWkk8plKrlCdoJwMnOK93IcfTw85SqPdGVWDexS/Ym+Gnx98HeMfEGo/GfR LLT7WSxRLOSCysLZ/NMg3DdaxRsRt7E4r9I6KK8rF4p1pupJJehpFW0CiiiuYYUUUUAf/9T9/KKK KACiiigAooooAKKKKACiiigAr5y/aq/aC0r9mj4Oap8SLyFLzUN6WWl2jkhbm/nDGNGIwdiqrSPg g7EIByRX0bX5Bf8ABYiLUj8HfA08R/4l6a86zD/ps1rIYv8Ax0SV7HD+DhiMbSo1Nm9fz/E6sFSU 6sYy2PhfwR4n/wCCiH7Zepaz4k8AeJ9XSwsJv3xsdS/sXT4JSNyQRBJIgzKuDj5mAwztkgn0T9lj 9t34/wDwl+OVr8Fv2g9Tvdc0u51L+x72PVH8++027eQRCVbj5pJEV8b1LspTLJzjP3j/AMEodQ0e 6/ZZNnp7J9rs9cv1vFUjcJXEboWHXmMoAfb2r3vXP2pP2S/h/wDFfWfA+v8AiHTdD8bQSwx3zPZS o8kksSMga7SExu2xlBBkyPunGMV9pmObRdavgVhFKMdFyqzVut0n+R6tfErmnR9ndLtv6n5d/wDB Y/8A5KB8OP8AsF3v/o9K+1NC8Sa94P8A+CYNj4n8L38umatp3g2OW2uoG2SxSADDIw5BHrXxX/wW P/5KB8OP+wXe/wDo9K+uZ/8AlFIP+xJT+QpVYp5ZgE/5/wBWEl/s9H1PHf8Aglf8bfi58V/F/j6z +JXi3UfEsGn2NlJbpfXDTLE7yyBioY8EgAGvK/2vv26PjR49+M8/wE/Zqvp9OtLK/GlpcaZxf6nq AbynVJescSyZVdhG7BdmKkBX/wDBG7/kePiV/wBg6w/9HS1+dHwf074t6p+0bp2m/DbVIdI+INxq V4lrdzukaJeFZfMG6RXUFxuVcqcsQBzzXtU8qw7zPE1ZRj7kYtJ/Ddrd/cdSw8PrFSTS0S9Nj628 Z+JP+Cif7F93ofjL4geJtTu9L1CfCrf6kdasJZsF3tpw8jlGZQT8pUnBKPlSR+qXiX9pef4sfsE+ Jvjv4Bu30HXE0iYSi2kIlsNRgZUmRH6jBO5DwSjKe9fnz8a/2ef+Cg/jPwhFoHx1+IOhP4enu4jG mp6pZ2kL3aqxjCuYY8vt3YUNkjPHFex+Cfgj8QvgL/wTu+NXhHx7NYXAvzc6jZyaddLdxGOWG2ib 51AA+aLOB65rzcxhha1OjUnKDqqaXubNXMK6pzUJNrmutuqPiH4H/tPftz/E+41T4P8Awv8AEepe JPEHiXyZRdXE6vcWNtaCTzjFNcMI7dJPMXfIcNlUVDuIBzvGHxa/bp/ZB+J1vpfj/wAZaydT2per b6jqMmrafewMSucSSSIysVZWxtdSOqkA19Of8Eb7SF/H/wAR79lBmh0yyiVu4WSd2YfiUX8qP+Cy ESDx98N5wPnfTL5SfZZkI/ma9j61R/tZ5eqMeRrXTVvlv91tDp9pH6z7HkVn5eR9E/tueJPjX8a/ 2TPBnxR+DS3Vl4e1XSLjVPFMFvdxW6Jp81ojyRSrJIjTIp8xdqBicdORX49fsveGf2nvE/ijV7b9 l2a+h1uGzD3xsb+Cwc2vmKBueeWJWG/HAJPfFfuZ4e/5RYy/9k/vf/SaSvhX/gjsR/wuHx0P+oCn /pVHXnZVjvq+X4pQhFqnJpXW+vXuY4atyUKlkvdf9XP3/wBFS+i0awj1Mk3iW8QnJIYmUIN+SOD8 2ea/Of8A4KcaJ8dNW+Dltc/CSS6TQbCLUZvFAt7uK2RtNEAyJUkkRpUwH+RAxPp0r9K6+ef2tv8A k1/4rf8AYs6r/wCkz1+dZLiXTxlOoknr1210/wCGPDwtTlqxlbqfzI/sveGf2nvE/ijV7b9l2a+h 1uGzD3xsb+Cwc2vmKBueeWJWG/HAJPfFfuB+3R+2f4g/Zk8GeHvA3hARS/EXxBZLNJPcBZksIFHl tcFDlZJHlDCMHKZVmYEAK3xD/wAEdiP+Fw+Oh/1AU/8ASqOvJv8AgqvBqMP7V9xJe7vJn0XTnts9 PKAkU7fbzFf8c1+o46jTxmcxw1aK5YK/m9Fo+6R9DWjGrilTmtEr+ovhHQ/+Cmfxi8NP8aPCeueL L7S28yaCSPWTZi4VM7za2XnxeYnGAI4trH5V3EYr6k/YT/4KD+Pdb+IGn/Ar9oG7F/JqsptNO1W4 TyryO+LYjtbrAAcSNlEYqHEhCsWDZT9dfghe+HdQ+DXga78JNG2jPomn/ZPJxsES26BVAHA24wR2 IIPNfzOfFmay1v8A4KA6k/w2eMm68c2y2bw4MZvDeRqzrt4INxuOR1657152BxNLNPrGGrUYxUU2 mlZq3f8ApddDno1I4jnpyglbbyP6tKKK+U/21vjL/wAKN/Zw8WeLbSfyNXvof7L0wg4f7ZfAxq6f 7USb5v8AgFfmWEw0q1WNKG8ml954FKm5yUV1PwJ/aW8Vat+19+2pcaD4Xm8+1vtUt/DekOPnRLWC TyjMP+mbOZLg+isazf2sfhdefsg/tVA+AQ9jY2Utjr+guxLbUDBtpPcJcRyJjPKgeteCfBHxx8SP hV46sfid8MtO+2axo/mpDI9m15FE08TRMSoBAbY5weozXof7RPxx+PH7Q0mk638XdKCt4djmjhuI dNa0xHcMhKyPjBAZRtz0JOOtfv8ATwlWlWp0advYxjytX1v6fL8WfaRpSjOMV8KVj+rH4YeP9H+K nw78OfEbQDmx8RWMF5GucmMyqC0bH+9G2Ub3Br8Hv+Cr/wAC/F+kfFqH452FjJd+GdftLa2urmMM 62t5ar5QWbAwiyRhNhJwzBh1HP0t/wAEi/jR/wAJB8PPEPwQ1Wfdd+Fp/wC0dPVjybG8b96ij0in yx95hXVfHP8A4KX+H/hZ8Xdb+CPir4aSX1npt6ljf3VxfoI3tJgrGYW32aTerQuHCFhuBwSK/Nsr weLwOa1IYanz8t9LpXi7W3+XzPBw9KpRxElTV7fkfJXwd/4K5fEHwppdh4f+K3hO28Uw2kaQ/brK Y2V2yIMB5IyskUj4/uiIH+f0X8CdN/4JyftPfFCbxj4e0i80v4i3t++snT9RvLqyma7En2h5bdYJ /Ikw4L7I2JABJQDNfTXjn/gn7+yF8YbFPEGneGotFbU4lnhv/D0/2SN45V3JJHEu+1IYEEHyjke1 fzzfG3wTJ+zB+0drHhTwH4iOpT+CtQt5rHUY8LIkqpHcKr7CV8yFm8uQDjcp4HQe3l1LAY91I4Hm o1La2bS+dna1/Q66EaNa6o3jI/sFryD49fEjV/hJ8I/Enj/w9odx4k1bTLfNnYW0Ms7zXEjCOPcs QL+WrNukIxhAeRXqOl3Ut9plpezxGGW4hjkaM9UZ1BKn6E4rwX9qT9oDTP2afg/qXxNvrE6pcxyR WljaBtgnu587Fd8HaihWdiBnCkDkivzHA0ZTrwpqPM21p38rngUYNzStc/CzwOf+Cjv7W+ra3rfh vxVrllBpkwjucak+hWUMzDcsKQRNECwXGcIxGQXOSCdD4BftX/tR/An9o/S/hF8YvEOoa3ZvrMGj 6vp+r3J1B4ftEqxebDcOzuCm8Ou1yjr2III7X4beP/8Ago5+2+NU1PwH4vj8MeHLO4+zTXFtIuk2 kEzKHMSSQI945VGBPzPtBGSMjPxJrfgTxJ8N/wBrSx8B+MNbXxFreleI9MivNQWSSUTzNLC7HfL8 7FS20luciv2ilQp1XVw1eNPSPwxV3H1dl+SPqowUuanNR22XQ/aD/gqd8WfiX8KPAvgW++G3iW+8 N3GoaldR3EljM0LSokIKqxXkgE5xXvP/AAT38ceL/iL+y54d8VeOtXudd1i5utRSS7u5DLM6x3Ui ICx5IVQAPavkT/gscp/4V18OmxwNVuxn6wLX0X/wS/njm/ZA8ORowLQX2powHYm6dsH8GBr4XFUI f2DSqKK5ufe2v2up49SC+pxlbW/+Z+b3xi/aR+PWj/t233gLSvHmr2nhyPxbYWa2Ed0624t3mhVo ggONpBII75ra/wCCr+ifHSLx6mv61JdH4VTy2UOmI13E1sNSFq5lK2wkMivgSZdkAPIB5Gfmr4xa ja6p/wAFEtSu7KRZYh47s4tykEbobuKNhkejKRX6df8ABYP/AJIJ4Q/7GaL/ANIrqvqY8tDGYFQg vejZ6eS19T0FaFWjZbo+Rv8Agmz4W/asuvFnhTxJ4Wnv1+DcGqXY1NE1CCO0MwtyH3WjSiVjvMfK xnnB7Ej5f/bB1+78K/tueOPFGnokt1o/iCC8iSUExtJbiKRQwUglSVGcEHHcV+yv/BKEg/sq/TXt Q/8AQYa/I79o+0gv/wDgoXrdjdIJIbjxdp8bqRkMryQAgj3BrXLMb7TNsTzRSUYtadbPr5l0KvNi al1sv1PV/jCv/BS+z8GH9ovxxr2t6FoTGO7Nvp+p/YxZQ3JAiL2NvICifOFIdS6/8tMHJr9Bf+Cb n7WfjD45eC/FHhn4sXy3mseClt5hqUgWN7ixnEnM5GFLxGM7nwNysucsGY/Uf7asayfso/FFXGQN EuD+K4I/UV+Kf/BOX+0j4O/aKXRzi/Pgq5+z/wDXbyrjy/8Ax7FeLCrTzDK6s504xcZJKytZXX+Z yKUa+Hk3FJp6W+RsfFf9sz9pv9qz41f8Kv8A2ab+90XR5ria30uDS5TZ3V1DHkm7urklWjBRS+Ny Ki8HLfMcTVPjV+3h+wz480a1+LOsXmvabfI0kdpqt82qWV9AhAlWK4ZnkjkjJHQqykqSrIcN8x/s g6J8ePEPxZk0z9nPW4NB8XPp1wwmnkji8y2V4zLGhljkBY/K2AM7VJzgGvsX45/sxftz/EVND0f4 +ePfD1yI5Jn0yHUtXtLRmkIQS+SPKjLkDZuAzjI9a+kr4fCYerHCSVNU7ap/G99f68zvnClCSpvl 5bfM/WP43fGUeI/2LPEnxt+FuqTWDX/h/wDtCwuoW2T27vtBXcPuyRtuRsdGBFfh/wDA/wDae/bn +J9xqnwf+F/iPUvEniDxL5MouridXuLG2tBJ5ximuGEduknmLvkOGyqKh3EA/pjc/DTxp8Hv+CYP in4c+PGtZNS0jStS2tZzi4haG4vHuIyJAADxJj2r5Z/4I32kL+P/AIj37KDNDpllErdwsk7sw/Eo v5V85lcMPh8Di6sYKahP3bq/a3+Zw4dQhRqSSTs9D5j8YfFr9un9kH4nW+l+P/GWsnU9qXq2+o6j Jq2n3sDErnEkkiMrFWVsbXUjqpANfpL+254k+Nfxr/ZM8GfFH4NLdWXh7VdIuNU8UwW93FbomnzW iPJFKskiNMinzF2oGJx05FfO3/BZCJB4++G84Hzvpl8pPssyEfzNfaHh7/lFjL/2T+9/9JpK3xeJ hKjgswVOKm5WemnVf8FdiqlRONKtyq7Z+Gf7L3hn9p7xP4o1e2/Zdmvodbhsw98bG/gsHNr5igbn nliVhvxwCT3xX6d/8FNPjX8a/hHrnw00vwT4v1Lw5JeaPM98llcGIS3CPGpZyhwxHPP5V5N/wR2I /wCFw+Oh/wBQFP8A0qjrZ/4LH/8AJQPhx/2C73/0eleli6yrZ5Tw84JqKfTV3j1726HRVmpYtQaV l/kfpX8MvjpH4C/Yh8OfHb4n38+qS2Ph6C9u5pX3T3dzJhIk3nPzzSsqAnjLAnivxp0r42/t5/tt +PdUsPhdreoabb26CWWz0e8Ok2FjbsSEEkwdGcsQcb3Z3wcDaMD68+OUWpSf8ElvBz2BxBFZaE11 7w/aFUf+RTHU3/BG7UNHPg74k6XGyDVUv7CaRcjebdopFjOOpAcP9CfevEwlKlhcJisfGmpTU2ld XSV10+f5HJTjGnTqVlFN3sfJHgj9rr9rP9kT4z/8IH8dNU1HxDY2M8Sappmq3P8AaEht5VDLNa3T NI4Oxg6bX2MflcZzt+9f+CiP7Vfxi+HGmaD4V+BVrfWdrrdkuo3niKCykkjWCYlYoIJnjMaOwBd2 HzqCm0qSa+wPih+0f+y58IPibb+H/ihrVhovjCeyiuI55rGWWQWzvIsYa6ihcJ8ysQrOMA5xg5Pw 9+3L/wAFE9f+FWtWHw5+A5tn1C7sLbUbjWpoxcIkN7H5tultE/yFmjZZC7hlwwAXOSMcPOWNxdCr HBq9ru+kZee3T57oiDdWpCSpf5Pz2PiXxR8Mv+Ck3gv4aS/HLxF4w8TWmk21vHeTqfEk5u4bZ8ES SW4nJCjcNyfeUZ3KADj7o/YH/ai+Mf7QXwr+JXgPxRfNq3jDw1pxk0jUR5cNzMbuKZI0kb5E3xSo m2Q4zu+Y8ZPyl8V/gP8At+eMPgx4h+LHx9+ITaf4e0/Tn1CbRri/dHnXaGSNrO0RbVWbIG1yCpOC ucgdb/wRvX/ivviQ3ppliPzmevYzWNOtltWrLklKDVnBaLVaX6nViFGVCUnZtdj8y/ivo3xm0r4z ajovxYkuX+Isd1bLdNcXUdxcfaHjjMGbiN3QnYY8EPgDAyMV+43gwftdfCj9i74x678edV1Oy8ZW aTXGk3U+ow3lzDAIYgGjlt5ZQnz7sAkHOTjvX5mftqnH7fnikntrGj/+ktpX76/tsf8AJqHxQ/7A s/8AMVPEOYOcMFBwjafK3pt8Oi7LUWOrXVJNLW36HwB/wSv+Nvxc+K/i/wAfWfxK8W6j4lg0+xsp LdL64aZYneWQMVDHgkAA1x37df8AwUE+I2mfEfUfgZ8AL1tKXR5vsWo6nbxiS9uL7O2S2tiQ3lrG x2FlHmGQEKQo+bn/APgjd/yPHxK/7B1h/wCjpa+NvgtLp2i/t7aK/wAQGSNbXxrOly1xgKt2LqRY 2fd0xPtOT0PNaf2Xh3mmJqyppqnFNRtpe3b5fiV9Xh9YqSa+FbfI9S8T6L/wU0+CXhQfGDxPrniu y0jEcs8k+sf2gbdXxsa5tGmmMa8gHzIwFPyttJxX6rfsDftp3H7Tmh6l4S8dx29p468PRrNL9nXZ Hf2ZKp9pVOdjo5CyqPlBZSuA21fsH45Xvh3Tvgx46vPFzRro0eiah9r83Gxomt3BXngls4A7kgDm v58f+CUEGrTftVGTTji3g0HUHvPeAvCqj/v80ZryPbU8zy6vWq0oxlT1TirfL+u6OXmjiKE5Sik1 2NX9pr9rr9oH4W/te+LLfw/4y1FtD8Oa5FJFpD3MgsZIYRG5t3jUj90+CrAYyCaqfFyD/gpXpngw ftF+PfEPiDRdElMVwY7LVPsgs4rggRM9hayKIkO8KQybhnEgBrzb9oq0h1D/AIKF63YXKh4bnxhY ROp5BV5YFIP1Br9/v21okm/ZQ+KKSDIGiXDfiuGH6ivUxeNp4T6nGFGLc1G7a1tpt9501asafsko rW1/wPl7/gmh+1T47+PfhfxJ4L+J13/amueEvsskGoMoWW5tLneoE23AaSNo8b8AsGGcsCx/UOvw H/4I3/8AI/fEj/sGWP8A6Oev34r4jjDCU6OYVIUlZaO3qkeTmlOMa0lFH4Z/8FRPjz8ZvhX8ZvC+ h/DjxlqfhzT7rQI7mWCxuGhR5jd3CF2C9TtVRn0FfP8Armv/APBRr47/AAtuPj7Y6zquleCtFtGk jXTNROmmW3sV2zTrDFKs1wVKMzySbiTu2cDaOm/4LB/8l78If9izF/6W3VfrP8PLO3t/2DPD9tEg WN/hxbswA4Jk0gMx/Ekk19asXTwmX4SrGlFyk7Xa6dfmekqqpUKclFNs/Ej4SftvftoeLtAi/Z/8 B6rN4k8TeIblItP1KfbNqsMW1jLGLiY7cEDcZpiWjUMdwGCmD49+JX7dX7IfxOsLX4geN9ZGqzRR 38cN5qkmq6fdwMxUhkkkkjYbkZGGFdf4SMqx7r/gk3aQXP7U080qhmtfD1/JGSPusZbePI/4C5H4 169/wWPRR8Q/hzIB8zaVeAn2E64/ma9ydShDNFgI0Y8sld6at2f4aHW5QWI9ioKzWp+rHiD9qDw3 4W/ZWtP2mtatvLgvdFtNQisQ3L3t5GvlWqtjP+ubYWxwoLYwK/Ebwn8RP+CgP7bnizW9S+G/iXUd Os9NZJZotN1B9G02z358mFWR1Z2O0kbi78bmPevoj9pgaif+CV/wj+xHEIl0b7V/1x+z3OP/ACJs r5j/AGL/AAZ+2p4p8Da7N+zD4stdE0aDUdt9byTwRym5aFCJCskMjbWTAByBlW44NeNk2XUcPha2 IjyqXO4pz2ST/r8DlwtCEKc5q17212Pbv2b/ANtj9oD4H/HSL4E/tR30+oafPfR6feSaowkvNMnm AEUy3Kk+ZAxZCxZmGw70Yc7qf/BV/RPjpF49TX9akuj8Kp5bKHTEa7ia2GpC1cylbYSGRXwJMuyA HkA8jPmvxD/Yt/az+KXxJu734h+MPDOr+NwkCXEcutW0d6qqi+TugjRWX5NpX5RkYNfcf/BXL7af 2dPAx1IKt3/wkNv5wU5USfYbndg+mc4reM8NDMsNUw/K5TTUrbJ6O67X79i06ar05Qtd72/NHyl/ wTZ8LftWXXizwp4k8LT36/BuDVLsamiahBHaGYW5D7rRpRKx3mPlYzzg9iR8v/tg6/d+Ff23PHHi jT0SW60fxBBeRJKCY2ktxFIoYKQSpKjOCDjuK/ZX/glCQf2Vfpr2of8AoMNfkd+0faQX/wDwUL1u xukEkNx4u0+N1IyGV5IAQR7g11ZZjfaZtieaKSjFrTrZ9fM0oVebE1LrZfqer/GFf+Cl9n4MP7Rf jjXtb0LQmMd2bfT9T+xiyhuSBEXsbeQFE+cKQ6l1/wCWmDk1+hf/AATT/ar8b/H7wn4j8HfE26Gp a94QNs8V+VCSXVpc71HnbcBpI2jIL4G5WXOWDMfp39tWNZP2UfiirjIGiXB/FcEfqK/Hb/glnDqN 0vxutdI3fbpvDASDby3nN5wTAHfcRivD9tTx+VVak6cYuDSVlayuv8zj5o1sNKTik09LE/7TP/BQ D44fGH4pT/Cn9mm9u9K0MXZ0+yfSl/4mWrTBtnmrKoMkaMwJjWMqdvzOTnC+beMtS/4KR/snwad4 68eeIPENrpl1On7y81Rdas/OPzeVcIZrhELgY+YDdztJIOOf/wCCYl74esv2ufD39vNGk09lqEVg 0uP+PtoDgKT0Zo/MUdznA5NfuN+37e+HbL9kX4if8JK0YiuLOOK3WTGWu2nj+zhAerCQBuOQAT0B Nelj8TSwGLo5dSoRcJWu2rt3dv6/Q6K1SNGpGhGCadg/Yw/at079qX4Yz6/fwQ6Z4o0CRbfWbOEn ykZwWini3EsIplVsBiSrK65IAY/j18d/22/2if2kPjK3w4/Z61bUNJ0Se8ksNGtdGka0u9QUEj7R NOrK43hS+NyJGn3uQzHr/wDglTY+JruH43HQn2xt4eiiHB/4/ZBcfZT+AWSvGf8Agl1e6PaftcaI mqMiT3OnalFZ7+puDCWwv+0Ylk/DIqcPk+GwmIxlaMFL2aTinra6b/ryFDC06U6skr8u33E/7Rkf 7c3wY+Fc3w0/aDv7jW/B/i97dYrm8uxqhhubSRbhY47reZI5PkwUclWXcVBK7l+4P+COaCT4efEm Ns4bUrIHBKnmB+hHI+or3b/gqre6Jb/so3VrqboLu71jT0sVYjcZ1ZnfaDzkQiTOO1eGf8Eb/wDk QPiP/wBhOy/9EPXJisf9ZyKpVcFF8yvZWT1Wv9djOpW9pg5StbXp8j7e+Fv7Dv7OfwZ+Ilv8Tvh5 oM+n6xaRTRQiS9nuYo/PXY7KJ3dt20lQd3Rj618Vf8FKP2zfBGm+DNf/AGa/BLJrXiDVQlvq9yhD W+nRxyLI0OeQ9wdu1lHEeTk7xtH6u/ES817Tvh/4m1DwrDJc61a6Xey2MUS75JLpIHaFUX+Ji4AA 7nivwQ/YV/Yj8WeK/jNe+KP2lPBOq2uk6NAb6GLV7aWKHUNQeVdomMoHmqo3OyHO443ZXKt4uQTp 1JTzDH1HL2drJvVvpv2/4c5ME4ybrVpX5dj6o/4JLfBPxj4F8B+Kfil4pt5NPtfG5sk023kBR5La z84m5Kn+GRpcRkgEhSw+VlJ/XimoiRIsUShEQAKoGAAOgAp1fN5vmUsXiJ4ias3/AMMvwODE13Vm 5vqFFFFeaYBRRRQAV4B+yd/yaz8G/wDsTPD3/pugr3+vAP2Tv+TWfg3/ANiZ4e/9N0FAHv8ARRRQ AUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAH/9X9/KKKKACiiigA ooooAKKKKACiiigArxD9on4F+Gv2i/hRq/ww8Sv9mF6FltLsIJHs7yLmKdVJXOMlWXI3IzLkZzXt 9Fa0K86U1UpuzWqKhNxaktz+ayx/ZB/4KE/s2+ItTi+EMd81pesIWvdCv4PIu0XOxnt5JFkUrk4M kY2knDY5PuX7J/8AwTl+L198WLH4x/tMD7FDpt6NT+xT3SXt/qN8jiVHuHjaVBGZPnfc5dyNpUBi w/eGivrcRxvi6lOUVGKlJWcktX+P9dLHpTzapJNWSb69T8hf+Cln7Lvx0/aA8X+CtV+Efhn+3rXS LC6hun+22dr5ckkqsoxdTRFsgHlQR619Fy/Bj4kt/wAE+x8D10j/AIrX/hFl077B9og/4+wB+78/ zPJ/4F5m33r7vorynxBWdCjQsrU3db3vvrr/AJHO8bPkjDpHU/In/gml+y/8c/2f/FXjjUvi74a/ sG31iys4bVvttndeY8Ujs4xazSlcAjlsA9q8o/bF/wCCdfxUu/irf/G39m5Vu21S6GpTafDcJZXt nf7vMee1kdo0ZWkHmDDq6ucKCMY/c2iuqPFmKWLljFa8lZq2jX33/E0WZVFVdVbv7j+bjxP+zh/w Uk/aZvNJ8O/Fi2vZNO0x8RTavc2ltZ25I2mV0gO+VscbxHI+CeeTX6kXP7JNx8Mf2HvFX7PXwyi/ t7xHq1hO8spMdsb/AFK4Kb2zK6oihVVE3NwiKCSck/f9FGN4qr1lCKjGMYtNJKyuu+oVcxnKySSS 1sj8jP8Agmj+zB8cv2fvEvjrUPi74a/sG31i0sorRvtlndeY8UkjOMWs0pXAYfexnPGaZ/wUt/Zf +Of7QHirwPqXwi8Nf29baPZXkN0322ztfLeWRGQYupoi2QDyuQO9frtRWX+s1f699f5Vz9tbbW73 /En6/P23trK58k/DL4K+Ipf2MNO+AnjaH+xtZvPC0+i3a745vs01xC8Wd8TOjbCwPysQcV+G/hn9 jv8A4KA/BjxffQfDXQ9S0u+u43sn1DR9Rt4obi3Lg8TechVWKqw37HHBIU5r+n6itMt4pr4Z1bRj JTd2mtL/AHjoZjOnzWSdzm/Bqa5F4Q0OLxMpXWEsbYXoLiQi5ES+aN4JDfPnkE561jfFPwTH8Svh n4s+Hkk32YeJtKvdN83GfLN3C8QfH+yWz+Fd7RXzsarU+eOjvc4lJp3R/MD4Z/Y7/wCCgPwY8X30 Hw10PUtLvruN7J9Q0fUbeKG4ty4PE3nIVViqsN+xxwSFOa/Wb9rD9ivUP2o/hf4T1KS8i0b4neHN OhiM1wxkguWaNWntZ5I9xwJsskqhsEtwQ2R+jFFfTY3i/E1qtOulGM49Ut/W99Dvq5nUlJTsk0fz SaL+zl/wUw+Guk3Xwq8G2uuWWhXbSL5On6tbCyYSffaOTzwIg/U8oTn5hnNfbX7DP/BOnW/hF4st PjJ8cHt5PEFgHOm6RCy3CWkzfL9onmUlHlUZ2Km5VJD7iwAX9gaK0x3GWKrUpUlGMebdxVm/xKrZ rUlFxSSvvYK/Jb/gpP8AA/8Aaa/aD1fwl4U+EvhNtY8K6JDLe3E/2+xthJqE7GMKY7m4ic+TEmQw XH71hk44/WmivCyrMp4Suq9NJtbX2/Bo48PXdOamlqfHf7C3wD1T9nj9n7S/CXii0Wz8T6lcT6jq 0aukuy4mIRI/MjZkby4UjU7WK7txB5r6R+IvgfR/iX4D8QfD7X13af4hsbixmOMlVnQpvX/aQkMp 7EA12dFY4nHVKteWIk/ebv8AMmpWlKbm9z+fX9kr9kL9sr9nj9ovw745ufBO7QIrl7DU5o9U00pJ ptyfLkl8v7V5jBPlmVdu4lAMZ4r7E/bu/YCuv2h9Wj+Kfwtubaw8ZxQCG9tromOHUo4QBCRIARHM ijYCw2su0Ertyf1Gor3K/FuKniY4tJRmlbRPVed2zrnmVR1FV0TR/MZpf7PH/BS/4d6X/wAIT4at PFWlaScqtrputr9kUNy237PdGNA3fGM9691/Zc/4Jg/E7UPHem+PP2jIodI0XT7hLx9LM8d3eX8q tvVJmiZ40iZsGTLl2GVwpO4fv9RXdiOOsVOEoQhGLlu0tfzNZ5vUaaSSv2CvmD9r/wDZ+l/aV+CG qfDjT7yOw1dZor7Tpps+SLu3ztWUqCwR0ZkLAEru3YOMH6for5HC4mdGpGrTeqd0ebTqOMlKO6P5 wPhF8Cv+Cm/wGn1fwR8J9Iu9Fs9YfdclZ9Lns2ZRs8+OW4d1jcrjlNrkAZGVAGJ4l/4Jz/tk+E/i Bp3irQ9Ig8cX6yW+rXF/HqNpEpvzJ50sbm8nhmkYOMtJtAbORzmv6WqK+w/17xKm5xpwTe+j19Xe 56f9sVL3UV56bnxP+2x+zbrf7U3wOtdB0Ty9K8V6RcRapZQ3LjyzL5TJLaySJuUblc4cZXeq87ST X5C/Cf8AZ2/4KW/DYX/w3+HNlqnhLTNWm3XbLfWkdmrkBGmWYSOVO1QC0J3kADngV/SlRXm5ZxRW w1B4dQjKN7pSV7fiYUMwnThyWTXmfzg6b/wTe/aZ8A/Hvw7faTog8S+G9H1bSLybWVvbKBZQjQzX brBNcifbHJ5ijKbnC7gvIFfrF+33+zv4r/aQ+Bi+F/AnlSeIdE1GHVbSCWQRLcmOKWF4RI3yqzLK SpYhdygFgCTX25RRi+KsVWrUq87c1PbTf11/KwVMxqSlGb3R/P5+xt8Cv27/AIUfFjwvol/pGsaF 8P7PVvter2rahBHYujp5UrmNZj53y7TtQNkqDjjI0/jF+xX+0x4q/bRv/izoPg77V4Un8S2OoJe/ 2jp6ZtYXhZ38p7hZeArfLs3HHAPFfvhRXVLjLEe3liI04puPK9H3vffc0eaT53NJXtb+tTwn9p3w Z4k+If7P3j3wR4Ps/t+ta1pU9taW/mRxebK4+Vd8rIi59WYD3r8+f+Ca/wCy18cPgJ4r8cah8YfC 40Sy1qwtbe3LXlndiVkkdnUrbTSkAKf4gAa/XyivHw2dVaWFqYSKXLPV736ba+XY5aeKlGnKktmf z4fGr/gnb+0N8H/ixJ8TP2WC+oaZHdPeaeLK6jtdR0zzCcwlZWQSRqGKKULFk4dcZzx11+yB+33+ 1V4203UPjp59hbWq+T/aGsTWyR2sBYFxBZ2xyXbrhY1DEDc44I/pAor3KfHGLjFXjFzSspNe8dkc 3qJbK/fqfHvxK/Z7fQf2Mtc/Z3+EFgb+4g0NrCwheSKF7q4Zg8kjvIyRq8shZ2JKruY9BXyd/wAE 0f2YPjl+z94l8dah8XfDX9g2+sWllFaN9ss7rzHikkZxi1mlK4DD72M54zX650V41PPq8cNVwzs1 Ud23e99PPy7HLHGTUJU+5+RP/BS39l/45/tAeKvA+pfCLw1/b1to9leQ3TfbbO18t5ZEZBi6miLZ APK5A719gfDL4K+Ipf2MNO+AnjaH+xtZvPC0+i3a745vs01xC8Wd8TOjbCwPysQcV9bUUVc9rSw1 LDWSUHdPrfXfW3XsKWMk6cafRH8wPhn9jv8A4KA/BjxffQfDXQ9S0u+u43sn1DR9Rt4obi3Lg8Te chVWKqw37HHBIU5r7g/b6/Za/aQ+Pf8Awq3UPBPhj+3L/RtCNvq5N/ZQmK9fy2dS1xPH5mWDfMu4 H1r9nqK9etxriJ16eI5I80b9HrdW11+46pZrNzU7K6/rufKfwr+Bn9pfsh+HvgH8X9M8h5dAj0zU rUSRytDKF6pJGzxl4nAdGUkBlBHSvxl1f9hL9tr9m3x5da/8CJrnV7ZFMcOq6LdxW00sDnPlz2ks ofPALJiRMgEMeK/pGorhy7ifEYaVRxScZu7i1damNDMJwcmrNPofzv8Awo/4J1/tK/G74oL47/ag kn0rS5p0n1Ke9vY7rU79EAAiiETyeWMKEy5TYv3FOAK96/4KDfsFfEf4neObf4ufBCwh1VprO3sr /SVlit5kNovlRSweYUjZPKCqybgy7RtDA4X9pqK6pcZ4x4iNdWXKrKNtLP8A4Zdeho81q86n26dD +fy3/Z6/4KVftE+D7b4YfFrVJdE8GabEGUanJZo9w9sv7mORbX/SJ23BcNOdgPzliwGfZP8AgnH+ zR+0r+zz8WNevPif4L/snw7r+lGBroahYXBjuYZUkizHb3EjkMu8cLwSMkCv2foqcTxdXqUZ4dU4 RhLola3nvv6iqZnOUXDlST8j8F/2/P2Hvjt4y+PGqfGT4S6K3iPTPEMdrLNHazxR3Npc2sEduR5c jIzK4jV1ZNxBLA7cDPu/wq+F37ZPiz9k34yeCfjdbajqfirxNAI9Ch1PUbeWaQGLa8YLTFIF3KDh ygJJPvX640VEuK68sPToShF8lrOzvpa3Xy1E8xm4Rg0tLfgfkT/wTS/Zf+Of7P8A4q8cal8XfDX9 g2+sWVnDat9ts7rzHikdnGLWaUrgEctgHtXO/twf8E4PE3xO8bX/AMY/gS9u+q6uRLqej3Egt/Ou QMNPbTORGGkwN6OVG7LB/m2j9mKKz/1qxSxjxsbKT0a6Nff5dxf2jU9r7Vbn80up/s4/8FMPinol v8MfF9rrl3oFkYx5Op6tbraAR8IXZp8zBO33yOwr9fP2Kf2ONJ/ZT8J30mp3kWteMtf8s6hexIVi iijGVtrct8xjViWZiFMhwSoCqB9vUVWacVYjE0vYcsYQerUVa/qPEZjOpHkskvI/A/4u/sVftMeK P20774s6F4O+0+FJvE9jqKXv9o6embWKSFnk8p7hZuAp+XZuOOAeK/Xr9p3wZ4k+If7P3j3wR4Ps /t+ta1pU9taW/mRxebK4+Vd8rIi59WYD3r3aiuXGcQVq7ouaX7u1t+lt9fLyM6uNnNwb+yfkL/wT T/Zd+On7P/i/xtqnxc8M/wBg22r2NrDav9ts7rzJI5WZhi1mlK4BHLAD0r9eqKK5M1zSpjK7xFVJ N222008zLE4iVWbnLc/GP/gpF+yd8f8A4+fFzw34o+E3hb+3dMsNDSznl+3WVrsnW6nkKbbmeJj8 rqcgEc4znNfor4S8C+KdM/ZP0b4Z31l5fiS08E22kS2vmRttvo9NW3aLzAxjOJBt3BtvfOOa+h6K 6MRnlapQpYeSVqe29/nqXPFylCMHsj8Q/wDgnd+yD+0T8C/jzeeNPip4T/sPRpdEu7NZ/t9jc5nl mgZU2W08r8hGOduOOT0r0L/gpZ+y78dP2gPGHgrVfhH4Z/t610iwuobp/ttna+XJJKrKMXU0RbIB 5UEetfr1RXbLirEPGrHOMeZK1tbdu9/xNXmM3V9tZX/rzPjrwZ+zqfF37F+g/s7fFm0Om3j6DBY3 ao0U72d3Dh45EaNmjZopFVhtYqcYzg1+P+mfsk/8FBf2VvF+p3PwTS4ure9XyWvtGntpYLuJSShl tLk7g67jjfEdpLbGIyT/AEi0VOA4or0HUXLGUZu7i1dXYUcwnDm0TT6M/n++An/BOr48fFD4tR/F P9qvdZacLtb69hvLmO71DVZEIZYmETOscLY2uWYMEG1EAIZf0k/b7/Z28VftH/AtfC3gMRP4g0PU YdUtIJZFhW58qKWF4Q7fKrMspKliF3KAWAJNfbtFTiuJ8TVxFPEuycNklovl5iqZhUlOM+23Y/n8 /Y2+BX7d/wAKPix4X0S/0jWNC+H9nq32vV7VtQgjsXR08qVzGsx875dp2oGyVBxxkafxi/Yr/aY8 Vfto3/xZ0Hwd9q8KT+JbHUEvf7R09M2sLws7+U9wsvAVvl2bjjgHiv3wortlxliPbyxEacU3Hlej 73vvuavNJ87mkr2t/Wp4T+074M8SfEP9n7x74I8H2f2/Wta0qe2tLfzI4vNlcfKu+VkRc+rMB71+ ff8AwTT/AGXfjp+z/wCL/G2qfFzwz/YNtq9jaw2r/bbO68ySOVmYYtZpSuARywA9K/XqivHw2dVa WFqYOKXLPV736ba+XY5aeKlGnKktmfgx+1N/wTM+JVh8QL74n/szFLyzvbk3w0tLhbO9sLktvJtZ ZGRGjD5ZPnR04UBsA14rqn7K3/BRz9oa503w/wDFJNSl0vT5QqTa7qcItbcn5TKYlkaSRgv8axux HGea/pRor28Pxxi4QjGUYycdpNar8f66nXDNqiSTSbXXqfM/7Kv7M/hj9l34ZR+B9GnGp6peSm61 TUTH5bXdwRgYXLFY41+VF3HHLfeZifyS/ae/4JwfGXwj8Urr4m/szWp1LSbq7bUbe1sriOzvtIn3 +Zth8ySPeivzEYzvUfKV+UM39AtFeZl/EuKw9eeITu5fFfZ/10/yOejj6kJud733P5yvEX7G/wDw UB/aD8L3fin4v3V1eXugQKNH0rUr63NxdSSSosgjTzVhgxHud5JWV22qoDZBH6Cf8E0/2fPi9+z/ AOD/ABrpfxc0H+wbrV7+1mtU+1Wt15kccTKxzbSyhcEgYYg1+mNFdOYcWYjEYeWGcIqD7K1rdtTS tmU5wdNpJHn/AMWdF1fxJ8K/GXh3w/EZ9U1TRdRtbSMOsZe4ntpEiUOxVVy5AySAOpIFflD/AME6 /wBlz9pf4JfGzWvFXxk0CbSdEuvD9zZRSSalZ3ga6e7tZEXy7e4lYHZG53FQBjGckA/s9RXm4POa lDD1MNFK0977/LUwpYqUISppaMKKKK8k5gooooAKKKKACvAP2Tv+TWfg3/2Jnh7/ANN0Fe/14B+y d/yaz8G/+xM8Pf8ApugoA9/ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooA KKKKACiiigD/1v38ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACvAP2Tv+TWfg3/ANiZ4e/9 N0Fe/wBeS/APwlrXgD4FfDnwJ4kjWHV/DfhvSNNvERxIi3NnZxQyqrrwwDoQCOD1oA9aooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD/9f9/KKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooA//Q/fyiiigAooooAKKKKACiivAv2nfjdD+zx8E/EfxUNouoXWmpHFZ2zEhJ bq5kWGIOQQdis298EHapxzitsPQnVqRpQV23ZfMqEHJqK3Z77RX8u2if8FO/2ttN8YJ4k1LxFa6r p/m7pNJlsLaO0aLOfLVo41nXAOAwk3dNxbof6Uvhp470z4n/AA98N/EXRo2hsvEmn21/FG5BeIXE Yfy2I43ITtbHGQa9vO+GsTgFGVazT7flsjrxeAnRs5dTt6KKK+eOI/NP9uj48fFj4RfGz9mvwr8O 9ebSNK8d+JJLHWoBBbzC7thd6bGELTRuyfJPIMxlT83XIGP0W1rXtD8N6e+reItRttLsYyA091Mk ESk9MvIQo/OvyM/4KY/8nG/se/8AY3y/+l+kV5j/AMFKYbfRP2pfhx47/aH8Max4u+AOn6W0Ulrp bukMepu8wkMpWSLEhzA2DJH5iKFVjtdSAftz4f8AFXhjxbZ/2j4V1iz1m1GB51lcR3EfPT5o2Yfr VfxJ408HeDYop/F+vWGhxznEbX11FbK5HZTKyg9R0r8a/wBkjwh+x9r/AO03o3xQ/Y3+J7+D4VsZ o9X8C3cF2ZNSBWTdte7nUlUDrJiPz1Roww2jIHzz8cbn4T+Bf24fiRrP/BQLwZrnifw1rpjj8J3l u8/2G3sFJ2bVimhLhYyFIjclJA5MZZ9ygH9GWm6npusWceo6Rdw31pMMpNBIssbD/ZZSQfwNM0zW NI1qKSfR76C/iicxu8EqyqrgAlSVJAIBHHXmvy//AOCefgH4HeHPF/j7xR+zL8XP+En+HmuCJ4/C MsM6XGjz5UrM7XUolOcSRhjAN67QZHMeTgf8Ecv+SB/ED/sedQ/9IrKgD9X4dY0i41GfSLe+glv7 ZQ0tusqtNGpxgsgO5QcjkjuKy/EXjTwd4PSKTxbrthoiTnbGb66itg5JxhTKy5OfSvya+DmuW3hn /gpr+1D4kvBm30rwzbXcg6fJBbWEjfotfnZ8Evi/+xl8WNa8XfGL9vvVdS8T+N9fv5Vs9OCai1jp +n4DRiFrRlIAZ2RELbY1UEDcS1AH9SlneWeoWsV7YTx3NvMu6OWJg6Op7qy5BHuKqW2t6LeX8+lW d/bz3tqMzQRyo0sY/wBtASy9e4r8KP8AgnV8ZfA3h39rXxh8BPgX4iv9c+DniHT5NU0S31ITLLp9 7AEklijWYAhSHlDHGXCxliWBJ/Vj4dfss/Df4Y/G/wAbfH7w7c6jJ4k8eoyahHcTRvaIGkSQ+TGs SuvKD7ztxmgD6TooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiii gAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKA CiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAK KKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooA//9H9/KKKKACi iigAooooAK8a/aB+DOi/tAfCPxB8KdduGsotZiTyrlF3tb3MLrLDLtyNwWRRuXI3LlcjOa9lorWj WlTmqkHZp3XyKhJxaktz+cbRP+CR37QVz4wTSde1rRbHw+suJNShmkncw56x25jRi+P4WZVz/FX9 B/gbwdo3w88F6F4D8OoyaX4esrewtg53P5VtGI1LNxliFyx7nJrqqK9fOOIsTjlFV2rLsrfM6cVj qla3P0CiiivDOQ/Kj/goV8O/iB41+Pf7KuseDfDOp69YeHfFMlxqdxYWU91DYwm90txJcvEjLCm2 NzucgYVjnAOOp/ag+JH7WnwO+PmifEDw54e1D4m/A3ULBrbVPD+k2MNxd2lyVKvIdkLTsp+SRS7N GfnjbZlWr9LqKAPwX0X4c6p+09+2D8Lfi38HPgXqnwX8L+CbxNS1vV9S09NHOqeVMkqxrboojkc7 GiLIXZlkbeVCCvcPG/xt/ab+A3xu8feHP2hPh3rPxp+D/iObzvD82j6PbXiWNvvZo7eWOKJEZgri NxcEOWjDoWDEn9eKKAPxi/Yo+CfizV/2v/GH7T2i/C67+Cfw6utKfTrHRLyH7FPdzy+QWf7HtURR HyzK21QgfaEL/OR5r+zz41+Pn/BP3xB8Q/gr4j+CXiXx9o2ta7Pqeh6loNrJPFctKoiGZESRNskU cTFc+ZEdwZDnj956KAPxZ/Yv+Hnx71z9sP40fEL9oTwJe+GI/H/h1CxNvL9gVLxrYx2cd0y+VJND b4SRQxZWVgwBBA5D4HeIPjh/wTtPif4I/EH4Pa78SvA51Ce/0DXvD9n9sLJNhBHMFUrHvCBijMrx vuwsispH7q0UAfnD+yR4m/a2+L/xa8U/F34raHL8N/hdLbi30LwteWVvFfNN8i+fJI8CXSqFV2bc UDPIAilFr3j4ZfHD4p+NPj/49+FXif4Y6h4a8K+FkZtN8RzpcC11UiREAiaSBIjlWLfJI/C/jX1N RQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFF ABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUA FFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAU UUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAf//S/fyiiigAooooAKKKKACi iigAooooAKKKKACivkv9o744+Ifh3fWPhbwlsgv7qD7VLcyIJNkbOyIqK2VySjElgeMYHPGX+zt8 evE3jrXpvB/jJo7q4aFp7e5SNYmJjxuR1QBTwcggDoc5yMb/AFaXJz9Dy3nFFV/q/X8D7IooorA9 QK/LK8/bo/aM8SfF/wCJPwv+CfwGTxzD8N9UOnXl2uuxWbfM8iwu0c0S48zynOFZsY5PTP6m1+Vn 7B3/ACdj+2N/2M+nf+jdSoA7v4b/ALemtN8VtF+C37S/wr1L4PeIfFL+Xo1xc3SX2m3svQRi5VIg rsxCKF8wbmUMVLLnY/ab/bA+Jnwd+OXg/wCA3wo+GSfEPX/F+lzajbxnU109/wBwZjIg8yNk+WOF nyXGegGcZ8t/4K/2mlL+yrZ+IZwI9X0bxFp02mTgYkjnYSqwVuozHuJHQlQcZAI8e/a2+Ini74ff 8FBPgL4/0PwXe+NNetfCV6/9haacXUz3EV9HKsZ2v/qg7OflPyqfrQB674m/b6/aI+DdpB4q/aJ/ Zs1Hwt4NM8cN1qthrEGo/ZfNYKrPFHGFwSQo3yICxCgliAf0+8O+INH8WeH9M8U+Hrlb3StZtYb2 0nUELLb3CCSJwCAcMjAjIzzX5A/Hj4p/th/tbfDTU/gN4O/Zy1LwVb+KzDb3ur+IbxI4LaCOVJWK o8UfOUHzAuwGdqFsYs/ETw/8QNb+Mnwc/wCCdPgzxvqPhXwl4W8G2uoeJNV0mRrXUb+OzQ2yxRyc mNWMSnAO0eadwfYFoA/Y2vzF8bftvfHwftC+PPgP8FPginj+bwIbVrm5GtRWTGO6hjlVyk0QUfM5 XAZuma8z8SeGfF/7Bf7RXwft/A/jnXfEnwz+KurL4d1PRtfvWv8A7JdzskcNxbSMo2fNKHOACdhV iysNnlWm/Gfx58Gf+CiH7RGo+BPhfq/xPm1KLSIprfSG2vaqlrAwkk/dycMTgcDkUAfU2g/t+fEH wh8SvC/w6/am+C1/8K4vGVylnpmrLqEep2TXMjBFjkaKNVT5ioJDsV3BmULlq/TWvxf+KOkftS/t 7+L/AIe+EPEfwdufhL8P/Cutwa3qOo6xdJJeTeRlfLhjCROpZGcBQrAsVZmULz+0FAHiHwi+InxG 8c694903x34Fn8H2XhnW59P0i5mlMg1ixid1S9QFE2rIFDAAt97qa9vr8UPBPjv4/wB38OP23Jvh fqepax4u0LxrqdtokXmyXU1pbC8kWZLKNi+xo7feYkjH3lXaM4r5v+EniH4N+J4PB9/8Hf2kfFPg D42W9zZ/2tbeN7y5fTdQuMbbmGRCpgfdKcRo8xJX5WXcQygH9H9fl/8AFH/gqB8FvA/xh8PfD3S9 RtpdLttW1jS/Ft1dw3SS6X/ZgURywLHGy3CzSCRV2bido4Ga/T5d20b8bsc46Zr80/2gf+Cc9h+0 F8UvE3xa8QfEC/tNauYNMj8NslumzQXsphJMwVHjFyJAPk37WQsxLMQpUA+8fhf8SvCXxh8A6L8S /Al015oOvwme1ldDGxUMUIZG5VlZSCD0Irva/Dj/AIK6+NviV8KNF+Blt4D8V6lpl+kmpxzT2Uxs /tctsliEeaKDZE2WJOzbsG4gKAcV84/tk/Dr9pH9ie8+H/xzh+OGu+KfFGv3cq6kJ5pVtVu4VWYx xxeYUktW3OnlMgUKBhQDtUA/pVor8QP23/jp8aPjD+0j4C/Yr+DPiGbwRbeJILK61PUraSSK4c3c bzsheJlcww267zGrL5rnaxwBXivxQi+O3/BLr4yfDzWbb4oan4/+HnjCSRL+w1N5NpS1eIXa+VJJ Msb7JlkimjKtkFWBUEOAfr38T/2vPhz8M/jz4H/ZyntbvUvGPjWWAqkSbLa0tZ2kVZpZW+8SY2Co gY8fMVGM+G/tP/8ABRj4Z/AfxfH8NdFuLa+8WaZr2lWGtWt8lxFDb6ZfwGea8imjVkcwBowy5yCx GDivyw/a1+Amv6h/wUw0DwDH4/1O3uviBNBqNrqa7/tGjR3s9ztt7b98Dsh8s7NrIPmOAO/6k/Gz /gnZp3x9l8KQfEX4g6lqen+D/CLaFZwPEqsdXWJIk1aSUPvkLFd8kMjNuYD59pYEA+yvgr8cvhr+ 0J4Ofx98KtTbVtES8nsfPaGSAma3I3fu5QrgEMrLuUEqQcCvXK86+EngfUPhr8NPDngLVtbk8R3m hWUVrLqMsKW8l00Yx5jRx/KDjjqzHGWZmJY/FX7dCXc3iDwNH49+NMHwh+Ei/aX1qOx1CWy1/V7h RmOK1EUTl4Y/l37W4DsWUkR0Afo1RX8+3wI+LXw58Gftw/Dnwb+yv8UPEnjP4e+MkvbTW7LXJLyW 2F1FBLIjwG7ihJIIRtwUsCCNxV9tf0DSSJFG0srBUQFmJ6ADkk0APr5Z/at/aOuv2bPDngvXrXQU 19vFvijT/DrRvcG2EC3sczmcERybivlY24Gc9Rjn4C+AHwr8V/8ABQfw74p/aC+LfxK8UaFpuo6v d2fhrSPD2ovYWem2tphEnMRV1eYk4JIBO0liSwCch+094I+PXw5/Zo+DHgv9oXxLaeLtd0z4s6RH ZanbyzTTT6b5F15H2t5o42M4O4E5f5duXZgTQB+senfET4jXf7QOqfDC68Cz23gmz0RdRg8UGUmG 4vjLEhshHsADBHd87yfkPHPHt9fl+fiXrnhb/gpD8Tk1TVbybwx4d+Fj6wdNNzJ9kWS3uLR2lWEk xrIU3DeFzgn1Nfm94C+PH7P/AMctH1b4m/tZ/tGeLPCvj7V7u5fT9J0EapBY6DbqxW3ES21pLC7Y +bKvkqQHPmFmoA/phor+f+P9qX4i/Ez/AIJi/GK9u/F11qPif4e6zp2k2viO1eWzvL+wfVLI29yz Dy5UeSN3jbdh2UfvMsWJ6z41/s5/Ev4e/sop+1uPjT4yuPixpen6brdxI2pbdNP2uSEyWsdqqgJF GsnyrkqxXDJtbaoB+q3xR/aE8M/C34o/DL4Sajp91e6z8ULu7t7J4tiwW8dlGsk0kzMd2fnQKqqc 5OSuOffq/Br9oz4d2nxn/aH/AGSfGev+INc0+8+LumPc340/UGt1sHj06zl3acAp+zNIZD5hGd+B 6V+6ejaZHomj2OjQzTXEdhBFbrLcOZJpBEoQNI55ZzjLMepyaANKivxj/aN/4VqPjt4zu/2xv2iJ vDfhmNYE8OeEvCup3iT2tuU+aXUbe2tncTSYWReGzuPzbAgrlf2GvjBq+q6d+0r8OPDHjbWfF/gX wppbX3he+1l5hqMEFxb3J+9KEkUfKhA2qMrvVV3EUAfuNXi/7Qnxv8N/s5/CHX/jF4stLm/07QVh 3W9oFM0slzMlvEo3sqgGSRdzE8Lk4JGD81/sB+JPEXiT9grwb4j8Rapdapq09lrbSXl1O89w5j1C 8VC0shLkqqgDJ4AAHAFflx4t07VviZ/wSB0/4l+MvE2tahrPhzU7goZb+WSO8FzrcVvtvFkLGdYl 5iBb5GAIoA/Yb42ftR3HwmvvglbWfh1dTT4v6/pujMZLkxGwS/MQ80ARt5pTzfu/KDjqM19e1+DP 7Xnwi1PwJ8Mf2WPAXw48Uas2tar4xsZdP1TVbk6hdWd9epbiF0Zwo8uGQqyR9BjFdn8bfhB4u/Yg 8efB34qfDj4q+LvEA8T+LdP0DxBZa/qRvrfUI7zcZJCm1FBKI4G4MVJVkZWXJAP2zor8Cfj5+0n8 Nvib+1r46+G/7RXxb1r4a/DD4e7NP0/S9AF6kur6hjFzLczWUEx2xsCNrgcbAmD5hPqX7CP7RmiH 9pvxH+zv8O/iVqfxT+GOoaS2raFfa0tz/aGnXUDKJ7MvdRQySIUZmzt2Dau0AmTIB+0leafGP4p+ H/gl8MPEfxW8Uw3Fzpfhq1N1PFaqrzyAEKFQOyrkswHLADqTX4q/sN/s4+OP2uP2eW8b/Fz4yeNI EtL67sdDt9P1V4o7YxESNczlw7XEhmkYLuYFUUKGxtCZr6t4z+O//BLHxvqXxV8Tapf658L9YvrK K6iu2R9QS0MKol+Tk3CKLkjDHJKIxJIyQD9ZPF/x2+IEfwe+G/xT+Ffw8ufGE/jqbR3udPjnKvpu n6patcSXLusb7xAdiHhQS2cjpX1HX4UfFHw7qvwK/Yd/Z2uPAvi7xAs/i7xf4Pv7uS41OZ3jS+0i QyWcLJsKWYMalYOVB9a9++I//Cb/ALWf7afij9nB/GureD/ht8L9HtbrU4dAunsrvVb7UY4pEimn XOYlWT7pBA2EAbm3KAfqzRX53fCv9nv9pL9nnVviXo3g/wCI8PiD4dX+jSyeGD4qvp7m+0jWAg2v M/2cx/Y0JdnCnkBPkzvY/mL8QL79nTQ/hfqd/wCK/wBqPxR4u+P1vaXV1FdeH9T1G80z+00DSJDb tFbiNbUEBS/mIduXXaMIAD9zP2lv2hfDP7MnwvuPid4p0+61SBbqCygtrTYHluLkkRhmcgInBLNy QOiscCtD4lfET4jeEviL8OvCnhDwLP4m0LxVc3cOtatHKUj0SKARGKSRQjBxKXcDLLjYeuePxQ/a nu9c+OX/AATY+D/x08ea7qNx4khuYNPnWK4Mdreb7qW3NxcwgbZJwtupV+NpZzj5q+vPjXoWr/Av 49/se/Cnwj4t1+80afWPEaXj6jqc1zcX6O1pMq3b5UTrGZWWMOpCrwKAP1ior8cfAnhHxX+358b/ AIu618QfHev+Hvhz8Otbm8OaJougXraes01qzLJdXDAHcxCq4yC2XwCqptbmdM8b/Fj4G3/7T/7I /iLxrqXivTvDXw71jxT4V1m/uGbVbSH7GQYmuBh2ZHmXY24bTGWQKG2qAftpRX4PfDn9mP4gfFf9 iu3/AGi/Gfxn8aDx3a+H7vVNGW21V4bGzi06OQW0RjA3u0qRAyy71clskkgl/wBOP2I/iX4o+L/7 K3w7+IXjW5+265qVjJHdXBADTyWlxLbea2MDe4iDNgY3E0AfVNFflB/wUQuvilqHx2/Zp+Hvwv8A Gmo+Cbjxjf69p9zd2EzpthkWwjeQxghXeKKSQxFuUY5Uq3zDwD4mfBL4q/Ab9qj4c/An4PfGjxfb eH/jVaXdvqs+p6iL69gFoRLdz2zsipFO8S4jmVfMRi2G2nFAH7vUV+QHgDwX4h/ZV/4KCeCvg74T 8ceIfEfgv4leHtQvLyz16/a/aO8tEnl81GIUBiYV+baG+ZwSQQB8iyftL/A/9oH4r/EHxJ+1d8bv EfgbRNK1WbTvC/hzw8dQhhjs7dsLezSWdrOjyucEbsPuDZ+Ty1AB/RB4j12x8LeHtU8Tapu+x6Ra z3k+wbn8q3QyPtHGTtU4Ga+DPiH+3rY+Hf2OdK/a68J+EpL+y1q++y2+mXtyLeUR/bJrQPJJGkoD Hyd+0AgZxuOMn4r/AGffil/w0B8Hv2hv2c7/AOJGs+NfDPgixOq+G/Eyyz2OrXWnKkkot7h5o1mZ UeJEfeuXV3UHy9gHzVrvw007wt/wSO0/x/a6vqt5deMNUsjPZ3d201hafYtTvol+x25AEHmA5lwT vbBNAH9OtFfhn+1J+z18UP2Xvggn7VWhfGnxhqPxO0C506fVje6h5mmXj3dxHFJCtmFCrCkknyxM zpsypXkY9s/aA8ZfEf8AaL/aa+HP7J/hTxVf+BPC2o+Gl8V+JbvR5Tb6hPFIWCWsU3JVQVUf3T5h LB9gWgD9YKK/HnxJ4Z8X/sF/tFfB+38D+Odd8SfDP4q6svh3U9G1+9a/+yXc7JHDcW0jKNnzShzg AnYVYsrDYzwX4K8Q/t7fHj4va/498eeIPD/gX4Z63L4Z0DS/Dt++nq09oziW9lYBgznCupxk7gMh UCkA+5PhX+0bdfEj9on4t/AuXQksIfhl/Zmy+FwZGvP7QhMp3RbFEezGBhmz7V9S1+PP/BP3wX4r +HX7Xv7Svgnxr4gufFWqaQugw/2peNuurq28uU2rzt/FL9nMYducsCcnOa/YagAooooAKKKKACii igAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKK ACiiigAooooAKKKKACiiigAooooAKKKKAP/T/fyiiigAooooAKKKKACiiigAooooAKKKKAPnz43f Am1+LDWeqWV6NO1exQwh3UvHLESWCMAQRtJJBGepBB4xQ+CX7P0Hwtv7jxBqt+upatNGYU8tSkUM bEFsZOWZiByQMDjHJr6SorX28uXkvocDyyi63t+X3gooorI7wr8ZfCvg/wDbo/Z7/aI+Ovjj4XfB a08a6F8TNcS9trm513TrLEFtJcmNlja5D/OLg5DqpGOnNfs1RQB+Rd/+z9+1/wDth/EfwfqX7W+k 6N4C+Gvgq9XU/wDhHdNuhez6ndJjaJ2jkmjK4yjNvXajMqJly492+J3wS+J3iL/goP8AB3446Po3 2jwT4V0HU7LUtQ+0W6eRcXEF8kaeQ0gnfc0yDKRsBnkjBx9/UUAFfnb+1D8D/jfp/wAffBf7XX7N +n2niTxN4c06TRNX8PXlylmNT02R3dfJnk2okimVyS7D7sZAbaUb9EqKAPyyi+Fv7TH7WPx7+HPx N+PPgq3+FHgT4V3X9r6fpH9pQ6rqGoaorxvG8kkAVUjRolOGUEAEANv3J6f8Dfgl8TvB37bvx4+L 3iPRvsnhLxnbaXHpN79ot5PtLW8Mayjyo5Gmj2lSP3iLntmvv6igAooooA/Kj4ffs3/tN+HfDv7U 0fhK8PgDxR4+8Z32t+FNS8+1nW4tmuZJkLiMzGFZ4zsO9VkTdu2/KRXhfxm+F37Y37WvgPTPhD8R v2edC8NeKY5LKK+8fXWqWMzRpbshkmgjtwZx5wUh0R5BhiNoOCv7l0UAYfhnRv8AhHPDek+HvtMl 5/ZdpBa+fKcyS+RGqb3P95sZPua3KKKAPyb/AOCof7M/xt/aKk+FLfBzw5/wkA8NXepyah/plpae Qlx9k8s/6VNFv3eU/wBzcRjnGRnW/wCCpv7OHxn/AGjvh/4I0T4MeHv+EhvdH1S4uLqP7XaWnlxP BsVt13NCrZbjCkn2r9TqKAPyD/bH/Yz+Nut/EbwJ+1R+zPNE3xF8IWtjb3WlzyRRi4NmG2yRySss THaxiljZlV48bTnIbyOb9mX9tj9t340eDPGH7X+g6b4C8EeCX8xdPspYybkNIjzJFElxdSB5zGiy PK6qqKCgJGD+7FFAH4x/t0/s5/tQX/7W3w+/af8A2dvC9t4uk8O2NpAbaeeGJYru0uJ3AmSWe3Zo pEmA3I+QQ2SvBP61fDq88Z6h4A8N33xHsYdL8WXGm2j6va27K8MGoNEpuY42V5AUWXcFw7cY+Y9a 7KigAr8qP2vPgT8Zp/2rPAn7TPgj4d2Xxk8PaDo7aVdeG7y6t7ZoJt9w4uY/tQMZP75SpCSMGTkA bWX9V6KAPxzvvhV+2Z8Tv2q/gv8AtBeMfhpp/hTwn4Qu5rIaDZatZ3N1pVlOmyS8uZN0UUvmGTIS 33Oqx7THuILfsWQCMHkGlooA/IP4ZeCv2yf2IIvFfwl+Enwttfi54D1LU7jUfDl8msW2nTaeLogf Z7yKfDOFCgkqFXdkiTDbUxvHv7Kf7Wvin4CeAbHxxqE3jzx/L8TbHxdq9u2pI1to2mrFOrW1q95M qmKAuD5cRPLlUDKgY/srRQB+ftv8AfHepft8eO/itr+i/wDFuvE3w9PhwXwuLcmW6luLUyQ+SJDO v7tHO8x7OOuSAfnv4S+Hf24f2NfCOofAjwf8I7H4weGbG7uZPDWtxava6eYIbqRpvLvIJ8O2Hcu2 NgDFlWRl2lf2GooA/KL4h/s7/ta+N/2AfHvw2+Iupp46+LHjC8sb2GwhktLa3s4YtRtJzaRzv5ER 8uOKSRmZsZOxCwClvpD9o74T+P8Ax5+xHrfwh8J6X9u8W3fh/T7GKy8+GLdcQGAyJ5srrCMbG5Lg HHB6V9m0UAfkt8cfgR+0bpWj/sqfEn4WeD4fFXiT4Lactrq2hyX9vauZJrG0gcLO7iJgjQSKzIzc lWUMuSP1N8M32s6n4b0nUvEWm/2Nq13aQTXlj5qT/ZbiSNWlg82MlH8tyV3KSGxkcVuUUAfi/wCF vhD+0v8As3/tFfFnxlo/wK0/41Q/EHWZtV0jXn1WxsbmxSaWWUQO12rvGFEiqwVUUlBtZhgL6D+y 5+zr+0ponx0+Ofij9oTSbO3tPi5pEJOp6XdQzWkNw6lGs0hZxcgwRzFAzR7D5Rw5ypP6v0UAfi58 GPBv/BQb4MfBqf8AZA0X4ZaTdWUTX9lp/jZ9ZgWytbHUZpJJJ2tBm4ldGmd0GFcDAMTAc7Hh39kH 45XP/BLjU/2adT0WLTPiFJNLdRWEt3bOjmLV1vlT7RDI8IaWJCFJcAMQHKjJH7F0UAfkf4s+Gn7U /wAb9E/Zq1fxf8Ml8L6t8M/HOmXWsWy6rYzqmk2BtSb8ETDO/bJ+5TfINvAIIJ+g/wBu74M/En4z aJ8KbP4baR/a83hrx1pOs6gv2i3t/IsLZJhLNm4kjD7Sw+VNznPCnmvu2igD8tvF/wAJP2j/ANnD 9prxr8e/gB4Ltfij4Q+J8dvJrmgvfwade2t9aqQs8Ms42MpLOwChyd7qVGFevWv2atJ/a+8V/FXx J8Xf2hI4fAnha6tVtNG8F2s9te+Q4K5uZ7mFTlsK2AHBYucqgRVP3fRQB8I/8E5vgz8SfgN+zRY/ D74r6R/Yevw6nf3D232iC5xFM4KN5ltJLHyB03ZHcCvnv4Ufsl/Gq0/YY+NHwL8S6RFo3izxfrWs X2mQTXdvLHNFMLZ7cmW3klRPNaErhiCvVgBzX65UUAfjB4w+EH7W3xh/ZT+EXww8S/C1dA8R/DHx f4bDxLq1hKLrR9I0+W3kv93nhEO9gDEGZjnKgjOPcPi18Jf2hPgz+1Vqf7Vv7PPhe3+Iun+NNLg0 3xJ4dkvotOuvMtFRIbm2mmHl4CQxjHzNneNpDBk/S+igD8lL/wCCX7af7S+jfFzxV8WLxvhnF4q8 NNoXhzwdFqrXdnFJvWVrm9MDNDvlCtCXCb9srZVRGoPnPgTwF+2da/s7yfsu+EP2fdC+HmoXOjya Hqfi+fV7Iw3EMkRimnFvaq873Fwhb597qsjbjgcL+2NFAH4ya5+yb+0F4m/4JkeGvgGfDaad8RvC t/8Aaxpk17aOLhYr+eZRHcRSvBlopgwDSLyCCRxn1fxp4C/aW+OvxS/Zd+L3i74bjwndeBtW12bx JZrqllcrYQTm1S2lVhKGlEyxM22NXZDww6E/qJRQB+VFt8N/2pP2RPjj8SPF/wAD/AMHxb+HfxR1 Ftbk05NUg0q/0vU5mZpcNOCrRO8jABVf5AmShU787w7+y3+0B4zsf2hvj98YdPtLL4m/FLwdqvhj Q/DdjcxSxWNpLZ+XBDJdFxCZJZI4gW3BAQzsw3lU/WiigD4y+Dfwn8f+FP2F9O+Dev6X9l8YQeEr 3THsfPhfF3NDMiR+cjtDyzAbg+0Z5Nb37D3w08bfB/8AZX8B/Df4i6d/ZPiLRYLtLu186G48ppb2 eZB5kDyRtlHU/KxxnB5yK+r6KAPhH9pz4M/En4h/tL/s2fEHwfpH2/QPAGp6zca3c/aIIvskV0lo IW8uWRJJNxifiJXIxyBkZX45/Bn4k+Mf2y/gB8V/Dmkfa/CvgmPW11e8+0QR/ZTd2xjh/dSSLLJv bj92jY74FfdtFAHwn8S/g18SfEH7e3wg+NOkaR5/gzwtoWrWepX/ANogXyJ7mG5SJPJaQTPuMijK IwGeSMGvnvwr8N/2q/2LvH3xB0/4O/DS1+MPwz8b6rPrlhDHqltpl9pV5dYDxyfaFO9MKqfIrAqi tuRiyn9cKKAPgv4DfDf9qjxL4I+KGq/tKavb6fqnxAhubbSPDlu0MtroNvNFJGFaeBTvY71BAdwF TcSWchfz6uv2cv20PEf7Ct1+yTq3wpjttQ8IalazaVfRazp7LqkUl9c3M52vOqx+UJF2lmBcHoGB FfvzRQB8Z/t//Cjx/wDG39lXxd8N/hhpf9s+I9Tl01re18+G33i3voJpP3lw8cY2ojHlhnGBk4Fe L/HL4AfHnw18Uvhh+1P+z9plp4g8X+EdBi8Pa54cvLqO1XUbDDHENwxEayI0j5Znx8sZXcFKN+ml FAH5ZRfC39pj9rH49/Dn4m/HnwVb/CjwJ8K7r+19P0j+0odV1DUNUV43jeSSAKqRo0SnDKCACAG3 7kYfh/8AtP8A7Jfx4+Ivi/4GfD6H4teAfivfHWZrBdTt9Ju9L1eVnMvzz5VopGcnIQ8bQShU7/1Q ooA/Mr9ij4O/tLeEvj98avi9+0ToVrpVz8Qk0m4tnsruC5t90ayFrZBHI0o+yoyQlnUBipKM6/Mf 01oooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAC iiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD//U/fyiiigAooooAKKKKACi iigAooooAKKKKACivgX9r/xd4itte0vwjbXEltpUlmLp1RiomlaR0w+PvBAgwD3OfSsT9kjxd4jX xnP4SNxJcaTcWskxiZiyQvGVw6g/dznacdcjPQV1fVXyc9zw3nkVivq3L5X8/Q/RWiiiuU9wK/Fn wLqP7Z/7SPx/+PPhfwH8dn8C6L8N/Ekmn2lq+jWd8DBNNcrGqsVRgI1gxlixOevHP7TV+BnwM+BP xL+M37UX7Uk3w++L+s/C1dK8Xstwmkx+YL0zXF6UMn72PBi2Nt6/eNAH1N8Ivi5+0/8ABf8Aa10D 9lb9onxTY/ErT/HOlXGo6PrNrZx2V1bNaJNIyTxQoq7W8h1O7dyUIk+8o/Rvw78Q/A3i7Xde8L+G Nds9U1fwtLHBqtrbzLJNZSzbjGk6A5QtsbAPXB9K/GDSfA/xB/Yh/bZ+G+r/ABP8Sr8aD8aH/wCE etdc1RJk1nSnWWKIiEPPOixZuY95GcpuAEfO/wCk/wBigj/hr79sJe/9vaIcexS+oA+5da+Onwi0 I+LIdS8X6Xb3HgaOGTWo5LlFbTxc48g3IzmMSEjbnrmvmX9gb9rI/tQ/C+TVvF+r6WfHMd1eTXek 2JCPZ2XnlLcmIs0gTbgB2JLHqa8Q+AGm6B4r/bh/a+0rWLO31bTbiPQYpre5iSeGQxWzAq8bgq21 17jqK2f+CRfhvw7a/slaT4ntdLtYdYvb/Uobi9SCNbmaKO5OxJJgN7KvYEkDtQB+oF5eWenWc+oa hPHa2trG0sssrBI440G5ndmwFVQCSScAV4T4T/ar/Zu8d+Lh4D8HfErQtY16RtkVrbX0UjTsOdsL A7ZTjtGWPX0r5N/4Kp65qtp+z74b8H2d7NpuneOPF2k6HqlxC5j22E6TyyKxH8LGJcg8EAg8cHvv jl+xj+yHc/DjQoPEMGn/AAo0/wAG3dnPZ+INNks9IvLZ42CRI99cRsG8x2XPmbi0m1s78GgD7B0v 4h+Btb8Yaz8PtI12zvPEvh5IZNR06KZWurRLhQ8TSxg7lDqwKk9QRRZfEPwLqPjXUfhvY67Zz+Kd Jt0u7vTEmU3cFvJt2SyRZ3Kjb1wSMcj1r87f2eJoZv8AgpX+0tJDMJ0l0fwy6SAgh1On2pDArwQQ Qcjjnim/Cy4hm/4Kr/G6OJwzQeDNKRwP4WK2DYP/AAFgfxoA+wLL9rT9mXUtT0PRrD4n+H7i98Sn bp0aX8LG5bzDCApDYBaRSigkbmBVcmix/a0/Zl1LU9D0bT/id4fuL3xK23To0v4mNy3mGEBSGwC0 qlFBI3MCq5Nfmr/wSa/Zy+Dut/s+23xf8T+FrDWPFjeILi4tNRuoRLcWf9nmMQCBm/1e2QM+VwSS M5wMR/8ABKD9nf4Q6p+zxD8ZfEXhGx17xeuvXN1ZXtxCstzanTtgt1t3b/VkSKz5XGSRnOBgA/UL 4jftM/s/fCPW4vDXxK8f6P4e1aUIwtLq6RZ1R/uu8YJZFbszAA+td7c/EjwBaeBm+Js/iKwHhJbc XZ1YXEbWX2c9JROpKFPcHFfz8fsXX3xY8W+CvFnxT/4Ze0/47ar431m9l1LxFqmu6XbuXbaXtEtb 2GRokQsWOMBtw/hVQPQ/C3gP4u/DP9jD9q/wp488KDwT4XkY6hoGjDV7PWBpwu5HFzaCW2kdlEPl wj94qbiSQC280Afrdqf7XX7MGj69Z+GdT+KPh+31K+SKSKJtQi+7OqvEXbO2PerqyhypIII4rwP9 sD9smz+APxE+EvgLSdd0iy/4SjXbL/hInu2DTWOhPMge4ALBY0kAdfNYEAK23B5HzhP+y38C9O/4 JbNraeDdMfXZvAUfiZtVa1jOof2jJZLf+YLojzRhzsADY8v5MbcivHPHWh6F4p+H37AOreJNMtNT vdX1TQ9PvZ7mCOWS6tIvsyrBOzqTJGAT8jEjk8cmgD949B13RvFGiWHiTw7exalpWqwRXVpdQOJI p4JlDxyIw4ZWUggjqDXlfjH9o/4C/D691vTPG3j7RtFvfDhtl1C3uryOOe3a7j86BWjJ37pY/nRQ CSvIGK9e07TtP0fT7bSdJtYrKxs40hgggRY4oooxtRERQFVVAAAAAA4FfkL4C+EHw5+Jn/BVT48a 54+0q11yTwvpWgy2FpeRpPAJrnTLJGnMTgqzRqu1cghS+cbgpAB+o/w4+Knw3+L2gf8ACUfDDxJY +JtLWQxPPYzrMscoAJSQA5R8EHawBwQcYIrz7xx+1X+zf8NfEp8G+O/iPomi62hCyWk95GJYSRkC YAnysjn95t4x61+dOpQR/s4/t6/E3SfgfYJYaX4g+F174lvtKswIrKHVrJpPImECgIrExqOB1nY/ xGu1/wCCdP7O3wT8cfslaX488eeF9O8Y+IfiHLql1reoarbx3tzNJ9tng2ebKGdMKgJ2sD5hZ85O QAfqBL4t8KweGG8azazZJ4eS2+2HUmuIxZi227/OM+7y/L287923HOa8f8B/tWfs3/E7xGvhHwF8 R9F1rWpCyxWkN2nnTFRk+SrYMuBz8m7gE9q/HX4XfCjxF8Vf2Uf2kP2VvB3iiKw0jwR47uLTw7Nq VyI7WW3t7syCzeY9FkMPmDt5r7jwTS+KfFfhTwRqPw+0z9tD9meT4T/8IrqtidP8Y+DvJis47mDJ iWSS3V/3QK+aUFxJJ8u5VyCCAftR8Uf2g/gl8FJbS3+K3jXS/DNxfLvggvLhVnlQHaXWIZkKA8bt u3PGaoa98TPC3xB+Bni7xt8I/HulRW66RqX2XxFFPFc2Wm3MVs5FxMw3qBbNiSRWBwBytfnH+0P8 IfjJ4S/a58RftHfDn4eaB8eNH1jR7OyvNAv5oHv9ISKONCbeKYttE3lFlZI5GO+RdgHJ474SeLfg NqfwF/a20f4deCNY+FfjabwxrN54h8K6mdtvZt/Z10EayiCRiOMFyGXy0IBQbdmygD1/4sfHX4q/ DTwj+yi1t8TbTXk8Y+KtPsPEeu2SW5sdWsZJ4xMwd4wscZRmBZAhHJyMV93fD79pj9n74reIZvCX w4+IOjeIdZgDMbS0vI5JnVBlmjXOZFUdWTcB61+JvxD8H6H8Qv2WP2GfAfiZiukeIvEFnp95htjG 3upVikUN/CSrEA9ic19Mf8FI/hJ8NPgn8Lfh98Y/g/4b0/wl4x8F+J9Lh0qXSraK0eZGEjfZn8tQ JBmMMN+ejDozAgH3NpmseLT+1r4g0eX4mabd+H4fCyzReC0Ef9pWtz58A/tF/k3+SQWTlyMyDjpj 4S+D3xy+N/xS/wCCfVt8Std+Mlh4D8YT69NbN4n1mK2it1gjn2iAqIfKBccKdmfevT/C3/KWfx7/ ANkwj/8AS2xr8zpP+UNEX/Y3n/0qNAH6t/Gj9uHw98Mf2v8AwH8Eb3xRomleEGtL+48UXdzIomtL lbWV7O3kkZtsIdvKfldzblAIBIP3B4P+Jnw++IF5rWn+CPENlrl14cuTZ6lFaTLK9ncqWUxTKpyj ZVhg9wfSvzQ+PHgLwNrP/BT34H2Wr+HdNvrfWvD+tTX8c9pDKl3LDa3QjedWUiRkCKFL5I2jHQU7 UL/Tv2TP+CjGo63qcq6Z4C+POgTXk8h+SCHWNFjMsrH38tWY+r3NAH6Z2PxF8Can431H4a6fr9nc +KtIt0urzTI5la7t4JdpSSSIHcqsHUgkc7h618x/t3/tIp+zZ+z/AOIPEeg61Zab44v7fytAguSj SzzGeCGeSGF+JWto5vNIIZRgbgVyD45/wTe0PU/G2kfEf9rfxVbtFrHxl164uLNZOWh0ewd4bWIE 8gK29PdUQ88V0H/BU/w/oOpfsVePdc1DTba61LSBphsrmWFHntTPqtkkvkyMC0fmL8r7SNw4ORQB d/Yy8YXOmfBnV/i/8WP2gbP4lafdraSXt3P9ms7HQLpYfOubQzK+0n9/GG3BPurhBuxX0n8N/wBp j4AfF/WJfD3wz8faR4h1WFWc2lrdIbgon3nSM4Z1HdlBA9a/Ln9obwL4S1zxd+x3+z7NpVto3w+8 aTHVdZsrKNLS31O9tLO02CdYgoZmDFCx+YiTqCAa63/gpn8Kvhp8F/hN4P8Ajz8KNA0/wb418E+I tNGm3Ok20Vk0qNvJt3WFVEijYGAYHAVgPlZgQD9GvGv7TH7P/wAONQ1bSfHXxA0bRL/Q5LaG+trm 7RJ4JLyPzYFeLO/Mkfzrx93LdBmvXND13RfE+jWXiLw5fwappWpQpcWt1ayLNBPDINySRyISrKwO QQcGvx18I/A74afGn/gqN8e7n4peHrTxHZaFo2iPBZX8YmgWe606xTzGjOVZkRWAzkAtkcgEfsZo mi6T4b0aw8O6DaR2GmaXbxWtrbxLtjhggQJHGijoqqAAOwFAHlXxO/aL+BXwZuYrH4peOtJ8N3k6 eYltdXSLctGTgOIATIVzxu24966LwT8Xvhf8SPCc/jrwH4p07XtAtQ5nvLS4SWKHyl3uJSDmMqvJ DAEDnGK/JvUfFXwpj/al+LWofBP4H63+0T48nvI7TXb7VpLGPR9JuIA0X2OzuLi3YRKuzy23jJ8o BWZVJPE/sYwa3ovxO/bC8P6t4XtvAUh0mK5n8O2FzHc2enzvb3TGOJ4cRHbvP3AFXO0cAUAfqVqn 7ZP7KuijS21P4q+HoV1lBLan7fEweMsyByVJCIWVhufaMg816/4o+Jfw+8E+Gbfxp4s8RWGlaBdt AkN/PcIltIbn/U7JSdreZn5SDz2r8v8A/gm5+zB8BvFf7Fekav4q8J6b4gv/AB7/AGkdUubu3jmn xFdz2kcUUrKXiEaRArsIIclxyc18J69rOsat/wAEo9d8NarfS3em+FfiD/Yul3c7+Zu06GSN42U/ 3FaV1A6ADAwAAAD959G/am/Zy8Q+Oh8M9D+I+h33idpTbrYxXsbSSTglTFGQdryAgjYrFs9q98r8 p/22v2YPgT8OP2ItZn8FeHbLQNR+HltY3mjavaxJDqCXUNxCgka6jAkd59xDksdzMG+8FI/Qr4Je INa8WfBnwF4q8SKyavrOgaXe3iv94XNxaxySg++9jmgD5Y+D3xd+IviX9u348/CbXNZe68J+EdP0 KbS7AxxKltJd2cEkzB1QSNvd2Pzs2M8YFexeKv2xf2WvBPiCXwt4o+KGg2WqwSGGaA3iSNDIDgpK YywjIPUORjvXxN4C1PRNF/b1/bA1jxLqkuh6RY+GNGnvL+A7ZbS3j0qBpZ4ztfDxoCy/K3IHB6V8 0/DmTwrq/wAANU8Gfs4fsm3XjLwPeW2oE+MPGN1pthc3CMZN92ZWg3SGHkR+S4KbAB8wNAH7d6z8 YPhX4eg8N3WteLNMtLfxjNHb6NK91H5WoSzbfLS2cHbIX3Lt2k5yMVs+OPH3gr4Z+HZ/F3xB1y08 PaLbMiSXl9MsEKtKwRFLsQMsxAAr8Lvht8KtV+Nf/BISyXTHkl8ReA7zUte0WRSTLFJpl7PK6Rnr loGlVAP4ivoK9M8c/FeD9vDxN+y38H7DbPpetW6eOfGEScxIul77drd8fwPcxXEOD3aNsDggA/Vz 4j/HX4OfCDTLPWPid4x0zw3a6kC1qby4SN7hQASYY875AARnapxkZ6iug8AfEv4ffFTQF8U/DfxF Y+JdJLmM3NhOk8ayLyUcoTtcAglWwRkcV+Haat8SvHH7e/xx8XWvwMg+O174NltNHsLTUdXsdOg0 a0AcRvHBexyJKZ/LZgyrlCXJOZK92/ZP8AfG7wj+2T4o8ZXXwht/g34J8YaDjUtCtdd03UYBqEDh oLtILVo3jDjeoCw7QWc5+bAAPv8Asf2tP2ZdS1PQ9G0/4neH7i98Stt06NL+Jjct5hhAUhsAtKpR QSNzAquTX0N05Nfij/wSW/Zy+Dut/AC0+L/ifwtYax4sbxDPcWmo3UIluLP+zzGIBAzf6vbIGfK4 JJGc4GP1U+PWpeDtI+C3je++IWr3WheGl0i8TUL2xIW7htpIijm3JV8SkNiP5SdxGOcUAefax+2f +yjoGvnwxq3xW8PQaikhhdPt0bpHIpwyySoTGhB4O5hjvXtnib4geBvBnhOTx54s8QWGkeHIo0lb Ubm5jitdkuPLYSsQp35GzB+YkAZyK/Bh5NK1z9kvXPC3wS/ZLll+H8Og39ynjPxVdadZagYI4ZJT qh/ciSaZQPMQxSbeFVPkwK7ex+Dfj74/f8E4/wBnz/hDLvTdU17wrqY1GDQ9cnWOz1pLS7uYEs28 xkDkLtQIWVTGWXcpINAH65/DL9pH4DfGXUJtI+F/jvSfEeoW6NI9ra3Km4EanBfyWw5QEjLBccjn kV2vgb4leAPiZZ32ofD7xBZeIbfTLp7K6eymWYQXUYDPFJtPyuoYEg881+N3gvx/8OLX9qD4Wt+0 d+z9e/An4jxXb2Gh6topjj0bU7q4CwCKcwRosi/P5S7XlCiTDsEYEekaB4s0j9iz9uD4waN4iY2n gT4n+H7jxzYgfdF/pkcs99FH2DuFuXwOcCIYPFAH6S6z8e/gt4efxRHrnjbSbJvBX2Ya2JbuNf7O N46x24uef3fmOyqu7qTisKD9qH9nS58dRfDO3+JGgy+J5pVgSxW/hMrTs20QAhtvnFjgRZ35425r 8YNb8Ea1D/wSv+M/x58ax48WfGrWbDxHeMR8y2r65araRj/YwXlj9FlA9q7z9s39mr4MfDL/AIJz +G/EXg7wrYaZ4i0OPQLpdWgt401Cae8Ma3DzXIHmv5hkLEFsAhcABVAAP1ls/wBp/wDZ31D4gD4V 2PxF0S48WNMbYael7E0puASpgBB2mYMCpjB354xmun8X/Gv4Q/D/AFifQPHXjLSfD+o22njVZIL+ 8it3SwMvkC4IkYfuzKPLB7t8o5r8lf2+PgB8Ivg1+yN8Pde+HPhfT9D13wxrehC31S1t44r6RnRv Maa4UCSQyOBIxdjlwD1Fdv8AHv4WeCfi5/wVZ+Gvh74g6XDrWj2PgEag1lcoJLeeW3vdR8oSxtw6 B2DFGyrYwwIyCAfoToX7Uf7OfiXwhqvj3RfiPoVx4f0No1v7z7dEkdq0xKxCbeylDIQRGGA3kYXN dX8L/jT8KPjTplzrHwp8Vaf4otbJ1juGsplkaF2BKiVOHTcASu4DODjODX5Nj9mv4K3X/BVSbwm3 hPTk8NReD08RnR1to1019QSQWqyNaqoiOA5fBUjzPm610XgvTdL+CX7f37Q1r8LtKg0exg+HI1uP TbKJIbY30C2zKyQqAgLMzHAAGXY9zQB+ivjv9qX9nP4Y+Jf+EO8f/EXRND1sFQ9pcXkayxbxuXzl BPlZHI37eMHvXkP7bH7VNn+z1+zpffEnwLrGk3XiPVo4B4eS4kE8N8JZoUllgWNx5wihlMo2sV4B OVyD+VP7G2n/ABM1T4GT+Jbf9k3T/jU3jq71C51HxRqniLSorjUJGuJI5E8m7hkmgEbKRjcNz5lH 3hVPxd8MPiH4E/4JqfF7w18WvC0GkL4b8TWs/heGW/stYm0uyv8AUbTzrWK6tnkKFX3h87GcsxK4 OAAftl4R/aa+CeqfD3wv4y1P4gaKtvr4W1S6a8hjhmv4oVe4hViQoePOWXjaK8a+L/x+8J/E7wN4 e1f9nz47+HPC4tfFenWeo30s8MyXMUkdwTpoV0crLclN8Rwu4RsVbGa+OP25fhX4K1rwl+yb8MLP SbXStD8T+KtMs7uCyiW1Rlv0top2xCF+dlY5Yck85rsv+Chfwi+GHwh+Dfwx0r4X+F9P8L2d/wDF Dw9NcRafAkCSyJaXkYdgoGTtUDPfknkkkA/T/wCI/wAXPhf8INJj1z4o+KtN8L2U5ZYX1C5jgMzI AWWJWIaRgCCVQE+1Hw2+Lfwy+MOiv4h+F3iew8T6fC/lyy2M6zeVJjOyRQd0bEcgMAcc9K/NzQ/C fhn46f8ABTv4n2PxY0+LX7D4YeHtLj0HTNRVbi0ia9ht5prlYHDRlg0rYJB5YE/MqlfqT4a/s/fs 8/B79pTxN4u+HGtw+H/Fni3SYvtnhG0urOCz+zxuuL6PTUQTKS8ZHmAhMtJxljQB9d3d3aafazX1 /MltbW6NJLLIwRI0QZZmZsAAAZJPAFfNlh+2h+yhqfiSHwnp/wAVvD0+p3DiKNFvozG8jHCqs2fK LE8AB8k9KwP26NS+Eunfsx+Lo/jdq2raT4SvVt4Lk6G0a6lcuZlaO2g85HTMrKAwYBdm7cQua/IP 9p6TVPEP7Iup2/hz9kuD4b+CtBttPkt/E2q3Njbapbr9ohjjdbZYUuXluCwSQl23B2Lc80Af0Ca/ 8Q/A3hXxFoPhLxJrtnputeKXlj0qznmWOa9eAKZVgQnLlA65A6ZFHiX4h+BvBuraFoPivXbPSdR8 T3BtNLt7mZY5L24G3MUKsQXb5l4HPIr8mPiVfXWo/Fv/AIJ76nqEzT3F3p9zLLK5LM8kmnaaWYk8 kknJPqa9V/bxuIV/aT/ZEtGcCWTxlM6r3Ko9kGP4Fh+dAHVfCT9uPw58RP2vviB8GrnxToa+FdLh 0218MtBIvm6pfTRh7oLKWPmyI5MexAANvILZNcR+yV+2v4eg+H3jrWP2n/iZp9lqFr471nStL/tC SC2m+wWsVoY444oVVmSNpWy5U4z8zdKyP2cvAPgWD/gpB+0bFD4c02NNDtvD0+nqtnCBZzS2cTSS W4CfundiSzJgkkk8157/AME2v2d/g38QNI+M3xC+IPhHS/FGp3PjbVtGQ6naR3iw2sCRTFY1mVlQ u1w25lAYgAE4AoA/Ynwr4t8L+OdAs/FfgzV7TXNGv1L295ZTJcW8qglSUkjJU4YEHB4IIPIrxdP2 uP2YpPGA8BR/FDw+2umb7OLYX8XM+7Z5XmbvL8zd8uzduzxjNfi74e8Ra58Hf2IP2wfDXw+mmsLH w948u9GsRG5P2SyvLy3sZgpJJAaD5MjkE7s55rp7T4XfEvWv2WLb4W6Z+xZpZsLzQ0eDxOfFWjLe m4kgDpqplaJZQxYiUqZQu392SE4oA/dHxb8RfAfgO40m08a6/ZaHLrtx9lsFvJ0h+0z4z5ce8jc2 OcV534H/AGoP2d/iV4pbwT4B+Iuia7ro3bbS1vY5JJdg3N5ODiUAcnyy2ACe1fjr8fPA3jXxf8Af 2Mvhd8eomGs6l4uttB1RRdQ3TNaNcizjP2i1kkRy1rsO5XJyfmO7Ne7/ALfHwa+Fvwm1P9nnxz8L vC2m+EtY0/x/o+mpPpVrFZs1rITJskMIXzAGhGN+SMtj7zZAPcPFf7cfhzw9+23pvwFvPFOh6f4J tdEmfUbqSRRMNfa4aFLGSVm2oyKqkRhQxL8kjAr3n4K6v4rv/jP8ZLHXfiXpvjHTbG905dP0KzEf 2rw4jLcb4rvYitunwpXczf6tsY5z8ceKPAPgW/8A+Csmi2V94c024t7r4fPqU0clnC6SX3264/0l 1KENNwP3h+bgc14lB4x8QeAfEf8AwUT8WeFZZbfVrJNIFvPAxSWB5ob+LzkYYKtEHLgjkFcjmgD9 T9Y/a1/Zk8P+Lf8AhBdZ+KHh+011ZTA9s+oQ5imVthilcNsjcNwVdlYHtXpvjz4m/Dv4XaEPE3xG 8S6f4a0pmCJc6hcx28buwyFQuRvYjkKuTjtX5+fA39jv9mTxV+wx4W0jxZ4f02OPxR4YtdX1PxA8 UC6hb3d5arczXa3sqFozAzHaWO1UXawK7gfE/jW/7L3hLxR8BPCei2fiL9o/xH4W0WdPC2hWVzY6 npt3YqZIftl9IkBjkKmEqrR5UfZwXUBcsAfpx8Nf2lfgH8Ybi8svhn470rxBdafG008FvcL56RL9 6Tym2uUHdgNo456V8sfszftvaD8bv2hfin8NdQ8TaI2m6be2dp4OgtJF83VIEiupbudHLMZ22xqz bMKigYHUn4Zjk8Zf8PDvgL4j8T/Bew+CE2tx6nbCxsr60upNRthazK0l0lmkaIfnKAOu5hwchRX0 v+w14E8EWf7Wn7U1xZ+HtOgl8O+IdOj0x47SFWsY5UvVkW2IUGFXXhgmARwaAPrr9k/xLr0/wNHi H4jfFTSPidPb3V48/iLT2ijsRBGc7GZEiRfJGdxIGO5rqPB37WH7NXxA8Up4J8GfErQtX1yZ/Lht YL2MvO+M7YckCU4HSMtX4D+HNS1SX/gmp8M/AEd7Lpuh+OvicNH1i4ifZ/oUjPIY2PTBZA/PH7vo a/TH9vT9mD4BeFf2PPEmseEvCWmeFdT8BW1teaPqGn26W13BNDPEiqbhAJH83O1t7MWYhyd4DAA/ Qfxb8Xfhd4B1aDQvHHivTNAv7m1nvo4b66jt2a1tQWmmHmEDZGASzdBXO/DP9on4GfGTULvSfhb4 50rxLfWKl5rezuUeZUB2mTy+GKZIG8AryOeRX5GeP/D+m/tJ/tK/sUwfFyzXVofFXgv+19UgnUGO 5ni09tQIkUcFJJYxuUjBUlSMZFex/HD4aeA/hN/wUK/Zm1z4ZaDZeFpvEi63Z36aZbx2cVxFb2wC eZHCFRjtmYEkZICgn5VwAfrtXgHxD/aq/Zx+E+tP4b+IfxF0bRdWi2+ZZy3StcxbhlfMij3OmRyN wHHPSvfiQoLMcAdTX4S/CXxJ8ONQ1Lx6v7Ln7N+qftAQ+INbvZdR8WeLJ9Nt7e6upSDLHDcXNttN uCfMCEI53ksBkYAP2Zh+LXwxufh+/wAVrbxVps/g6OEzvq8d1G9ksSnazGZSVG08HJyDwea821P9 rr9mDR9es/DOp/FHw/b6lfJFJFE2oRfdnVXiLtnbHvV1ZQ5UkEEcV+LfwEF9Y/8ABO39rDw9c2y6 dHpeu6jGljFN58No2y3V4opOjKpUKGH3sZ719Mz/ALLfwL07/gls2tp4N0x9dm8BR+Jm1VrWM6h/ aMlkt/5guiPNGHOwANjy/kxtyKAP1o8aeP8AwR8OfDVx4y8ea7ZaBodsFMl5ezpDAC/3QHYgFmPC qMljwATX51/Gr9sTTPEfxZ/Z5039nb4iWWq6D4q8VNpviCLT3guDJATb7IpldWlhyGfBGwnnBOOP lDQ7dfjZ45/Yc+DvxR36p4MuPCMusT2lw2621C+sbKXyUmQ5EnlLAmQwOUdl/jbPsP7X3wR+Fnw+ /a7/AGW/HPgTQrHw5qes+KEsryGwgjto7mO2lt3ikaKJVXfHvKlsZIZQchRgA/ZCiiigAooooAKK KKACiiigAooooAKKKKACiiigAooooAKKKKAP/9X9/KKKKACiiigAooooAKKKKACiiigAooooA4Px 58NfCHxJsYbHxVZ+f9mJaGVGMcsRbG7aw7HAyDkHA4yBVbwB8K/Bfw0hnj8LWZjlusebPKxklcDo Cx6D2AAzzXotFVzu3LfQw+rU+f2nKubv1CiiipNwr8trv/gn/wDGvRPir8Q/iX8Iv2ibvwGnxF1a XVbyyttAjuAC8kkkaNK96u/y/NYBgi5z0r9Sa/Lb9n/9s3RtE8ZfHq1/aR+I9jplh4c8fano2gRa g8Fu8dlbTSIsMKRqskqxgKGYhiONzc0Ad98Kv2DJ9A+L2k/HP47fFLWPi94s8OIV0k38S2lnZMwI MiW4km+YZJUB1UN8xVmAIh+Iv7E3xFPx08RfHb9nT4w3Xwu1PxtFDFrtqdLh1S3uGiQIJY0mdFVs DI3KWDsxV1DFa+rPFXjzQ/GXwM8UeOPhf430y0tZtE1KWw8RxzRXFhYyx28m27kcb0KW7jfICDja QR1Fch8K/il4d8KfCH4eSfFf4m6P4g1jxJEtvb62k8UFtrN1kktbcIp47ADp0oA8x/Zb/Yui/Zp8 f+P/AB0/ji88ZS+P4bD7V/aFuFuRdW6u11PJcCVvN+0TSO4XYvlqQm58biz9kb9kbxn+ylqGteH7 T4mzeJvh1c+e+maDcadHDJYzzyo/mm7WVmkIRSjAIqsTvAU8H27wP+1B+zv8SvFLeCfAPxF0TXdd G7baWt7HJJLsG5vJwcSgDk+WWwAT2rpvih8bPhL8FdPtdU+K/izT/C9vfMyW/wBtnWN52TBYRR8u +3I3bQcZGcZFAGP+0F8B/BH7SPwt1X4U+PkkXT9R2SRXEBUXFrcwndFPCzBgGU8HIIZSyngmvieb 9gX4wfEN/D/hL9o34+X/AMQ/hz4angnj0NNKh0+S+Nt/q1vbpJXklAHDF97sMkMjfNXR+Df2ldT+ I37fNp4C8BeNLbxB8MLzwE2rQw2LW89s9+t6YWlEyKZN6gbWQvgHgrmvUP2dfipbeE/gBbeMfjh8 ZtC8dB9TmtT4ltpYYLB3kcLDbBlSNPMU/Ljbkk0AcX8Yv2LvG2v/AB1n/aK/Z8+Klx8LPF2r2EWm 6sP7Nh1O1vIIVSNG8qV0VWVI0GGVwSildhyTe/Zw/YjuvgH8aPE3xs1b4jX3jjWPF+kiy1JtQtFj mlvGmjmkuRKsrBYz5YRIAnyLgbzivd7P9qj9m/UPHI+Gll8SdCn8TGb7MLJL6Iu1wGKeSrZ2GXcN vlht2eMZr0X4hfEz4ffCfw8/iz4leIbHw1pCOsX2m+nWFGkYErGm45dyASFUEkAnHBoA8Z/ZG/Zw /wCGWPgxa/CH/hIf+En+zXd1dfbfsn2Ld9pbdt8rzpsbemd/PoKX9kX9nH/hlb4M2nwj/wCEh/4S f7LeXV39t+yfYt32l923yvOnxt6Z38+grqfCX7Tn7PfjybRbXwf8QtF1a48Qzy21hDBeRtNcTwIs kkSxZ3h1R1YqQDgg45r3SgD81bv9hb4o/Drxf4o1z9k/41XPwu0LxndPeahok2k2+q2kNzLnzJbM ysvkcYChV3AADftVVXqfCn7Afhbwd+zX4/8AgXpnim5uvEPxMEkut+J7238+4uLuRt3mGDzV+Rfm KoZScszFySa1NM+K3jL4y/tp6j8NvBGry6d4B+DFisviE2xGNV1rUlIt7ORsHEVugdyFIJkRlYEY x8leD9T/AGy/2jv2jPj14N8AfHR/AeifDXXUs7W2bRrO+VoLqS5EaqzKjDyxb4yxYnd145AP0Zvf gH9r/ZUH7Mn9u7MeEI/Cv9rfZc/6uxFl9p+zeb3xv8vzf9nf3r57+Iv7CF14w+BPwj+F/h34gzeH /FPwbmtLnSdfisFkV57VQN7WjTfLllRl/ettK87gSK8X1j4zftdfsU+P/CX/AA0/4r0/4n/Cjxhf ppcmu2+nx2N9pN1IpMe+OBUUocFznzSyK+0qwCt0H7Wvjr9ozVf2yvhf+zp8FfiQ/wAPbPxhoN5e TTiwtr5BPaC7mLFJl3HckATAcAZzjrkA/SfwDo3ifw74K0TQvGmu/wDCT67YWkUN7qn2dbT7bOi4 eYwIzLGXPJUEjPT0r8abn4RfET4mf8FNPjzq/wAJviJcfDfxV4b03QJIL2Ozi1C3uIbjTLJJbe5t piqujFVYEkhWUNtJAI7n42af/wAFDv2Uvh/ffHE/G3T/AImaN4aaGXUtHvtDtrLzLaSVYyyPCC5K lgWCyRkLkgkjafvXwv8AEz4Caf8ADrSv2qvEMWh+Bz4+0nTby81a7Fva3Uyz26PDbT3ZVJJ2iXCI pJ4X5RgUAcd+zn+yWnwh8ReK/ih8TvFU3xM+JfjdBb6nrd5bJbILJQuLSC2VnSOH5F3AHBCoAqqo FeHaZ+wb8X/hbca54b/Zq+PmofDz4f8AiK5luZdFk0m31KSxacfvPsN1LIjxZ6KUCsowSzuA1fbn wv8Aj38GPjUt0fhT4z0zxPJZANcRWVwrzQqxwGki4kVSeASoB7GvzN1DXf2u/jl+2d8ZPg98MfjS /wAPtB8CLp09tCdJtL9Sl1bxFkBdVcfOWbLM3XFAH01J/wAE9Pgqf2XLv9mGGa7S2vbldUm1okPf yawuP9ObPykkDy9nA8v5c5+evK7r9gb41/EyDQvBv7Sfx/vPH3w/8PXcN0mjw6Pb2Et6bcERi6u1 keRhzht/mEgnDK2GHnHj/wCJX7aH7EfjXwDr3xm+I1h8Wvhv4u1iDRb0tpkOm3llLOGIeMwJkkIG cZdw2wqVXIav2PoA/Pz4s/sXeNr/AON9/wDtEfs4fFCb4WeLtdtIbPWIjp0Op2N+kAREcwysFRgk aA5VwSuRtJYtL8Pv2GD4a8H/ABfPjbx/d+MfiL8Z9IutI1XxLdWUcKwQz2r20Yhs45MBYw4JXzQG CIo2AV9GftE/H7wf+zP8Mbz4r+OrO/v9Jsri3t3i02OKW4L3LiNCFmlhTAJ5y446A17lQB+a3xC/ 4J223xD+Bnwf+CV38QrnTIvhVN5rajZ2AS5veMZiBuCLVweVfMuD2q3o37DnxK8X+P8Awp4q/ag+ M938VdG8BXC3ejaR/ZNvpdu11EQYp70xO/nsuOQwLHu5UsrfoB4o8UeHPBXh++8V+LtSg0jR9MjM t1d3LiOGGMHBZ3bgDnqa8SuP2u/2YLXxJZ+Ebj4o+H01a/WJoYTfxYPnqrRBnzsQurKVVmBORgc0 AZOlfs2/2Z+1nr/7Uf8AwkXmf254XXw3/ZH2THlbZ4JvtH2nzju/1ONnlD72d3GD8zN/wTjDfsaJ +yP/AMLC+7rH9q/21/ZP/TUy+V9k+1++N3ne+O1foD41+J3w7+HB00eP/Elh4dGrytBaG/uEt1nk Rd7KhkIBIXk88Dmvkr4v/H7wn8TvA3h7V/2fPjv4c8Li18V6dZ6jfSzwzJcxSR3BOmhXRystyU3x HC7hGxVsZoA0f2nf2SPFHxr+JHgj4y/DD4jT/Dbxt4IhurW3vUsI9RR7e7Uq48p5IwGAdxk7gwbG AQDXx9/wU71X4dfGPw34H/Zz8L65b+IPjQPEtjZW9rZH9/a/aYGS6kukXd5MDo6Oyls/dblVYj9a PDXxJ8A+Mte1/wALeFfEFlquseFpVg1W0t5lknspXLBVnQHKFijYz1wa8/sdN/Zxtvjvfvp9j4dT 4vTWIvLqSOG3/ts2QVYRK7hfOCFSqE55XaDkYoA9B+G/gTRfhh4A8OfDrw4mzTPDWn22n2/GCyW0 YjDNj+JsbmPckmvNv2ofgb/w0l8CvE/wV/tv/hHf+EjFmPt/2b7X5P2S8hu/9T5kO7d5O374xnPO MHC1j9s/9lHQNfPhjVvit4eg1FJDC6fbo3SORThlklQmNCDwdzDHevF/23P2xLb9nrRPANv4N13S Bqvi7XNNS4Ny6zNFoE5kM99CoYKU+QIJDuQbicZwQAekfHX9kLwv8dPhV4R8Dajrd1oXiPwD9lm0 LxFYIEurK8tY0jEqpuzscorNGJFOVUhwVBrx7Tv2HfiP4+8Z+GPE37V/xkufitpfgy5F3pmix6Tb 6RZPcxjEc90Ldz5zDrhhn+EsUZlb7OvvjT8I9M+H1v8AFfUvGGlWvg67VWh1aW7iSzlDEqoSViFY sQQACSSMAVS+F/x6+DPxqS6b4U+MtM8TvYgNcRWVwrzQqxwrSRcOqkjAJUA9jQB554C/Zw/4Qj9p z4m/tG/8JD9t/wCFjWmmWv8AZf2Ty/sf9nW8UG77R5zeb5nlbseUm3OMnGT9PUVx/wAQtSvtF8A+ JdY0yXyLyx0y8nhkABKSxQuyNhgQcEA4IxQB8Cy/sO/GHwH8U/G/jj9mz43y/DvR/iLfPqOq6bPo ltqwjupWd3kt3ncBfmkbaAqlQQCzBVwz4dfsTH9mib4x/Eqx8f33iyHxt4Zuo76DVLZWvH1COFpJ LtrxZcMJHaU+WYcjeBvO35vRf2LvjzfeI/2J/CHxx+PniqBbiZdTfUtX1BobSILDqlzbRFyojjXC IiDAGTjqx5+nLz4o/CW7+Gr/ABJ1TxJpTeBb2BmbUrmeIadLA5MZzJIQjK5yoHO7oM5oA/F79iD9 lz4++OP2SPDuq/Cz4833gPwx47Gpf2tpH9lQXpieK+uLN3sblpEltzLFCu4IVO/LbjkAerf8FB/g v4J/Z/8A+CdNt8KfAEDQ6Vo+q6YPMkO6a4mklZpZ5W7ySOSxwAB91QFAA/RP4FfF39mXxhp3/CD/ ALPPiDw9NZ6KsjrpOiGC3W3jeQs7paRhNqNIxJZU2lmznJ56Yar8Dvj5a674KnbQ/H1t4dvRbarp 1xHBqEdpewswCTwSh1SRWVsblyCDjoaAPh24/YA+KPjCDQ/ht8YfjvqXjP4P+HLiCWDw8+mw2l1d Q2pzBb3uoRP5kyIAAWYEnGVEbBSv6cWlpa2FrDY2USwW9uixxxoAqIiDCqoHAAAwBXKWPxF8Can4 31H4a6fr9nc+KtIt0urzTI5la7t4JdpSSSIHcqsHUgkc7h612dAHxkf2OdD1L4v/ABv+JHibX31D SfjZo1tot1pcdr5EllDBZpaO6XXmvvZgu5f3S7CR97GT4D4Q/YG+O2g+B0+Beo/tF6i/wijEkB0m y0a1tdRksZnZntf7RZ5JY0bcQcBgVJXYFO0fVPxp1fxbYfGj4N2GhfEvTPB2mX15qI1DQrzy/tXi JEWDy4rTcjNugJYttZf9YM54x7b4K+I/gL4j2+o3XgPX7PXotIu5LC8azmWUW93EAXhk2k7XUMMg 80AfLPwO+H/gL9gP9n5fBPxT+IllceG4NTumttR1C3XTkVb0GUWrKZphJJlZGBBXcDgIMc/J3/BK X4KeG9Jm+J/7Qfh20mg8PeKNYvNK8J/aVKyLoNtcvLuXIHyyuUUj+9Cfx/R+O/8A2fv2nvBF0iy6 D8SfClnebJw3kahZxXluofDbtyLIiyA+oVvQ18UfHT9u34VfCnUfgt4R+B3irwv/AMIt4g1yztdW ltXiaDTdAhnWKR4VjZYoYztkj3lSECMFAIyAD1L4wfsaeI9c+Ms/7RH7PXxIufhV481K1W01V1sI dSsNTijCqhmtpWVQ4CqCx3j5VIUOCx1v2cP2O5fhB8QfEfxw+KHja6+JfxP8UQC0uNXubZLOKC1G 391b26M6pny0BOcbVAVUBYNzP7SPxx1r4NeKvhP+0l4f8Sf2t8H/ABHNBoev20brLZLa6oPOstYg YA48sg+YwJDoVUDJzX6AqysoZTkHkEdCKAPmP9kX9nH/AIZW+DNp8I/+Eh/4Sf7LeXV39t+yfYt3 2l923yvOnxt6Z38+gr1L4x/Czw78bPhf4k+FPitpY9L8S2j2sskJAliJIZJEyCN0bqrDIIJHIIrn fib+0j8Bvg1qVvovxR8d6T4c1G6QSR2t1cqLgxsdokMS5dUJBAYgKcHng16P4Q8aeEPiB4ftvFfg bWrPX9GvATDeWM6XED7ThgHjJGVPBHUHg80Afm1pP7A3x3vvh7B8CviD+0ZqOpfCyytlsYtK07Rb WxvJbOJQIbeW+Lyy+UmADGdwZPkyBjHR3H/BOyxv/wBmfwJ8DL7x9PF4m+GOoT6l4e8U2Vh9mmtJ prh7kBrY3Em5QzjpMpJRCCMHP0+n7XH7MUnjAeAo/ih4fbXTN9nFsL+Lmfds8rzN3l+Zu+XZu3Z4 xmvcPEPiPw/4R0S88S+KtSttH0nT4zLc3d3KkEEMY6tJI5CqPcmgD8/PDH7EvxU8T/Evwb8Rv2of jPcfE1Ph7ci90XTINJt9KtkvEKNHPO0LHzWBRWwVDZA+fbuVvmr/AIKRr8LP2n/Hvwn/AGf/AIca 1Dq3xNj8Sz6ddrYt5r6VpkkZTUjd7QdhQxo+0nO1H4x1/UH4b/tLfAH4v6zN4d+Gfj7SPEWqwKzt aWt0jTlE+86RkhnQZ5ZQVHrXJ6n4h/ZF+DvxC8T+KtWuvCXhHxt9mS81m9l+yWmotb3LqqvNKQsh Ez7eMne2OCcUASftA/s26T8af2atT/Zs0HUx4S0y7tdMs7W5W2+1rawaXc288aCHzIdwK24j++MZ zzjBxv2h/wBl7/hfX7Nafs8f8JL/AGFsi0yL+0/sf2r/AJBzRtn7P50X+s2f89Plz3xXb2X7Un7O eo+BLn4m2fxH0J/DFnMtvPfG+iWOK4ddyQuGIZZWUErGRvI5AIrtPh18Xvhh8W/Dsviz4aeJ7DxH pEDtHNcWc6yLC6jcVlGcxsFIOHAOOelAHjf7Uv7Mo/aV+Ddh8JP+Ek/4Rz7FfWF79t+x/bN32IMN nledDjfnrvOPQ1c1j9m/+1v2t9C/am/4SHyv7F8Mv4c/sj7Ju83fPPN9o+1ecNuPP27PKP3c7ucC 9ov7YP7LniLxSngvRPil4fvNYmlEEUKX8WJZWO1UikJ8uRieAEYknp2r6QoA+YYv2cPK/a3m/am/ 4SHPm+GB4c/sj7J0xOs32j7V53tt2eV77u1M0P8AZri0j9qvxZ+0zPrwu4/FPh6HQG0ZrMBYlieF jKbgytvDCHGzyh977xxz6l8S/jV8JPg3ZwX3xT8X6Z4Xiu93kC/uUhkm2fe8qMne+O+1Tiovhd8c fhD8a7K5v/hR4u07xPFZFRcCynV5IS33fMj4dA2DgsoBwcdKAPha2/YL+MPwtufEGifst/Hm9+HH gjxLcyXUuiT6TBqYsZJvvmzuJJEeIYwqhQjbQNzswDV6BY/8E+fhrpH7JPiT9lfSdZu4h4qkW9v9 dlRZbufUo5op0uHjyAUVoEXygw+QEb97Fz9kfErVb/Qvhz4q1vSpTb3un6VfXEEgAYpLFA7o2GBB wwBwQR61+afwz+L/AMYfiL+xD8FfiTq/xf0/wR4p17xIYtS1fV47eNdUt473UIf7OjURGMSypHHt 2qpxGeeuQD02D9iT4ja5oXwfsPid8XW8T6j8IvFVt4gtrttGSFrmztPI8qwIW5G3b5J/fnex38od uT7t+1R+zf8A8NM+FfCXhn/hIf8AhG/+EW8TWHiLzfsn2zz/ALDHPH9n2+dDs3+dnflsY+6c8eB+ K/24/Dnh79tvTfgLeeKdD0/wTa6JM+o3UkiiYa+1w0KWMkrNtRkVVIjChiX5JGBR8JP24/DnxE/a ++IHwaufFOhr4V0uHTbXwy0Ei+bql9NGHugspY+bIjkx7EAA28gtk0Ad78dv2QdY8efFjT/2g/gl 4/ufhb8SrOz/ALOub6Kyi1C01GzHKx3VrKyK5HygMxYYVfkJRCt79nH9kq/+EXjzxF8avin45uvi Z8TfE9sljPq9xbpZw29khVvs9tbRsyopZELEED5RtVPm3ct/wT7+MHxC+L/wz+IPiH4n622sXei+ NtY0y2mljihENjbQ2zxxfukRcIXY5IJ55Ne5aH+1r+zL4l8Xp4D0D4naBfa7NIIYraK/iYyyk4Ec T52SOSMBUYkntQA39qT9nPw1+1L8H9R+E/iW+l0pbiWG6tb2BRI9rdQEmOTy2IDrgsrLkZVjgqcE fHPjL9gX49fGnwJL8PPj9+0bqHiPRbWHGn21lolrYx/aoxi3uL5kk8y7WPqYmZSWAbzA3NfqdXA/ ET4p/Df4SaIPEfxN8S2HhjTXfy0mv7hIFkk67IwxBdsc7VBOOcUAfIfxW/Yel+Jnwf8AhP4Ng8e3 Gg+Ovg3DaJoniazswv7y2ihiZntDMcCQQRsQJuGUHJXKnz+0/YB+JfiX4q+APjd8aPjje+NvFfgb VLa9jV9IhtbE2luwkNtBBBMiwvI4y8+GLAAGPjJ+6vhj8bPhJ8Z7C41L4VeLdN8UQ2ZUT/YbhJXh L/d82MfOm7BxuUZwcdK5nxz+09+zz8NPFcfgbx/8Q9F0HXn2E2d3eRxyRCQbkM2TiIMCCPMK5BBH BFAHh2pfsh+MbD9rW7/ad+G3xMm8M2viU6cviPQ306O7j1GHT0ji8pJ2lQxCSOJRkIzIxZgSDtHp P7K/7N//AAzN4V8W+GR4h/4ST/hKfE1/4i837J9j8j7dHBH9n2+dNv2eTnflc5+6Mc+SfsJfGPx9 8X4vjNc+O9dOuQ+HPHWqaXpblIUWHT4NpijUwooZQDkM2SfU1N8ev20fgvD8JfiXY/CL4p6LN490 PQ9RuLCO1u4JpRdW8DuDCH3RzMhUkqu/pkjFAG98Of2LfCvhbwr8aPA/jbV/+Er0P4za7qGsXUH2 X7I1ml+SwiR/Nm3vE2GSXCEMAwUEV88z/wDBPr4+t4E/4UPD+0lqQ+ERX7P/AGU+i27agLDdxZ/b vNEhj2fL2THy+Vs+WvuD9lrxd4i8ffs4/Dbxr4uvW1HW9b0Gwu7y5ZURpp5oVZ3KoFUZJzgAD2r3 ugD4m8b/ALFHhTW9J+BfhnwRrB8MaH8D9csdYtrZrX7Y98tnIkrRPJ5sXlvKylnl2v8AMxOztXd/ tOfs4f8ADR1j4Dsv+Eh/4R7/AIQnxPY+I932T7X9p+xBx9nx50Pl79/3/mxj7pr6eooA+GPj9+yH 4x+Jnx38MftEfCj4mTfDrxXoWmf2NO39nR6jDc2PnSTbdjyxBSTK6tncCNpG0rk9V4C/ZI0Hwv4+ +O/irxRqyeJdH+OjWgvNKktPIW0gt4rmKSIy+c5m8xbg/MEjK7eMk8fXtFAH5Tj/AIJ6fGvTPB0/ wM8L/tGarp/wcuWljOjPpNvLqCWUzEyWa6h5iv5bhiDhVTk/uiCQe6+IP/BP/wCy+J/h98QP2Z/H c3ws8T/DzRl0C2meyj1SC5sE8wgTRSsimRjNIXdg4YkHaCoYfo9RQB+aGm/sB+O7n42+BP2i/iB8 a77xb468KXvm3clzpMMVjcWIG0WdrbQTItnhWlzIDIGZ9xjyDu9I8L/sh+Mfh/8AtUeIvj/4A+Jk 2l+GvG11FeeIPDMmnRzpeyxQyRoBdGVWjCvI0ikR5BO0lhX3PRQB+eXgr/gnn4F0v9kq6/ZQ8fa/ L4lsZb+bUoNWt7VbC4tbp33xSQxtJcANHypJYh1ZlIAJrkLv9gv4zfEbT9I8A/tEftBaj49+HOiz 28v9jQ6VDp02oLbkFEvb2OV5pAMDJYux+8GV8MP08ooA+VPFP7L1hrv7R3wq+PWl60mk2fwt02/0 yDRY7PclxFeW0tsm2cSr5IiWQEL5T5C4yM5F34s/s4f8LR+O/wAJPjZ/wkP9mf8ACrZNRk+wfZPO +3f2hGkePO85PJ2bM/cfdntX09RQBHNDFcQvbzqHjlUqynkFWGCD9RX5ceB/2BPjj8IbTWPh58Fv 2hr7wl8M9Xu5rr+zRottdajbLPhZI4L6STfGxUACVAmD82zdkn9S6KAPzX8Af8E7rX4cfBL4xfAf RPH89xoXxQmEtnNdaeJLrS+Nrea63Ci7ZlVBkLBypOPm4+n734B/a/2VB+zJ/buzHhCPwr/a32XP +rsRZfafs3m98b/L83/Z396+iaKAPgDxj+wfpXiX4IfDD4f6Z4xudC8dfCGGBdA8WWdtsmiljCiT fbeaQYpdilk83IKj5iNwbgoP2B/iz4s+L3w/+OXxu+Olz4z8R+A9St7uC3GiQWdibWBxIYIooJkW OSR1BebacjAKHaDX6eUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAf/W/fyi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAK/Gv9h34GfCfx1+0F+1J8QPHHh+w8SavZ+P tZ023j1G3juo7a3e8uJHZI5VZQ0pO0tjOEwCAWz+ylfl1Z/sBfGDwB8S/iD8W/gb8ernwdrnxD1v UNSvbdtDgvLH7Ne3D3EcDQzzOHmt2kfbcYBIOAiZYsAfNnhPR7H4Xa3+338D/Ai+R4E0vwteapaW kZ/0eyu73R53mjiX+EHcUwOixKO1eYfEjwjpXxA/ZT/YZ8B66pfTfEniOw026VSVJgvJ1hkAI5BK seRX6jfDX9iXQPhz8Dvib8Mx4outc8XfFyz1KHX/ABTfQiS5uLnULeWAS+QJB+7iMzOsZlJLM2ZP m4wp/wBhkT+BP2fPBX/CbY/4URrNlq/n/wBm/wDIV+xzLL5Wz7T/AKPu243bpcdcHpQB85/t8fBr 4W/CbU/2efHPwu8Lab4S1jT/AB/o+mpPpVrFZs1rITJskMIXzAGhGN+SMtj7zZ6Xwh4P8NfG3/gp l8X/APhbmmRa9B8N9D0i38P6bqSLc20Ed5BDLLcJDIGQsXdiDjjzP7wBH2P+05+zh/w0dY+A7L/h If8AhHv+EJ8T2PiPd9k+1/afsQcfZ8edD5e/f9/5sY+6a8++PH7ImveOfitp37QPwM8ezfC74k2l odPu76OzTULXUrLjbFc20rKjFMDDEMMBcrlEZQD5e+HXwo8A/CT/AIKw6tpnw60630jT9b8BSapN ZWqLHb29zNdRxSCONQFjDiJZNoGMscYBwPgM8/8ABHAj/qdP/a9frr8Cf2H/ABN8Kv2h7r9pPxx8 Vbvx/wCJ9Y0ebTtT+1adHaia4llRllhMUxWGGOKKONYBGQMFg4BCLxP/AA7gH/DHH/DJX/Cw/wDm Nf2x/bP9k/8ATTf5X2X7X+G7zvfFAHlX/BQ/9mH4IfCj9h+5vfAnhDTdG1fwTNpH2LUrW2jhvy73 MVtK0lygEshkEhZ97HLYbqARpePNO0v46f8ABQn4R/Df4twjV/DGg+Al8RWumXmJLO91Sd5FeaSF vlkwqg7SDkxc5XIP3v8AtV/AL/hpv4H678Gf7d/4Rv8AtqSzk+3fZftnlfZLmO4x5Pmw7t3l7fvj Gc84wfh79tKy+B2n/FP4P+EvG/i7WPhP4+0vT5H8PfEC1ihTTIlgUxzWl40kyHDYB2n5V83az7ZH BAOW/aC+Dnwu+Gv/AAUR/Zp8TfD7RrPQb7xPPqa6ja2ESW8L/YoVEM5ijCqHcTOrMB82wZ5GT+yd fz7+BvCNv4z/AOCh3wlu/D3xdvPj3rnh63vtQ8SeIIkhXStPtYoJEtLe3W1MkUQMpbeFkKl5U6MW r+gigD8t/wDglz52r+HPjj431Rt2sa38R9YF2W+/mOOGUBj/AL0747VU/YO/5Ox/bG/7GfTv/Rup V0/7OukS/s6fti/Fn4H6tiDQvitI3jbwvJ92OSUsy6nar282MsrBByIkDHgjGNqX7APxp0v4t/ET 4pfCH9oa78Aj4jam2o3tnbaBHc4w8jRI0r3q7/L81wGCLnPSgDO/4K/azYL+zBp3gpALnXfFPiHT 7fTbVfmnlki3u7RoOTjhCfV1HUivIv2ttC+MF9/wUE+AuhfCHX7LRvHg8JXqW2palD59qrxxXxuG kj2PnzIhIB8pwzA8YzX1B8MP+Cftvo/xT0f4z/Hz4m618Y/FHhsh9J/tRRBZWUoIZZUt/Mm+dGAZ AHChsMVLBSPavGn7Mv8Awl/7V/w+/af/AOEk+yf8IJpd7pv9k/Y/M+1fa4rmPzPtPnL5e37Rnb5T Z24yM8AHyR4z/Y//AG3fj/pK+Af2h/jppieB7maJ9QsfD+lpFNdpEwdUMjRQkfMAQGLICAxRiAK5 b4i/DLwZ41/4KG/CT9nbxdp6XHw4+HXgRb7RtEuSZbOeeFpbdDJG+RIFSJMhs7vJ+bKlgf2Jr4// AGl/2S7T47+IPC3xM8H+LLv4d/ErwSXGla/ZQpcFYZD88FxAzIJojlsKXAG9wQysykA+QP2t/APg n4E/tVfsz/FD4Q6Ta+Ftf8S+J4/D+pQaZDHax3+n3UkEMnmRRqqMUSZl3EZ+Zcn5VK+R6b4c/aU8 R/8ABRD9oiH9m3xZpHhPUIYtIa/k1e1+1JNCbWAIsY8qXaQ2STgcV9x/Df8AYx8VH4vaP8d/2lvi ZcfFjxX4ZhaPRYTp8OladprueZo7aBijy46MQvOCQzKhX0/4Z/szf8K6/aT+KH7Qv/CSf2h/wsmG xi/sz7H5X2L7HGkeftHnP5u/ZnHlpjPegD5is/2Jv2hPi98RPCfjL9sH4s2vi7RfBd4mo2Og6PYL Z2kl3GwZGmcJFuXjByjMVyoZQTn9RqKKAPwb/wCClHwj/ad8PfBLxX4y8dfGseJ/BE+tW7weHRot ta+THPdZtk+1RnzG8gEDJHzY5r9L/gD8I/2m/h/4pv8AVfjb8ah8StHuLJobewGi22m+TcmRGE/m wks2EVk2nj5s9hX0Z4x8D+DPiJocnhjx7oVj4j0iZ0kez1C3jurdnjO5GMcqspKnkHHBrqaAPkD9 vv8A5M2+LH/YFk/9DSvmHwd+yh+z3J/wTitba68M6bJPqXggeIJ9YaCM3q6jLp/203IuSvmDy5Dh RnAjGwgrkH6e/b7/AOTNvix/2BZP/Q0r4f8Agz+xP8bPiF+zR4B8G/8AC/8AUrD4S+LdB0rU73w+ ul273iR39tFc3FnDqO8SC3Z3YKpG1VO0o4zuAPm74jR6n8ev2Wv2I9D+JLzXL+KPFUei3kk0jGWa 0+2fYUcvncS9uqndnPOc55r6t/4KF/CL4YfCH4N/DHSvhf4X0/wvZ3/xQ8PTXEWnwJAksiWl5GHY KBk7VAz35J5JJ+vfif8Ase+GvGg+CGneD9UXwlonwT1ux1azsUtDdC6hsWjZbfzDNGYy3l8ykSEk lipPXqP2qP2b/wDhpnwr4S8M/wDCQ/8ACN/8It4msPEXm/ZPtnn/AGGOeP7Pt86HZv8AOzvy2Mfd OeAD5L+ITQfs0f8ABRvwt8TJXWx8H/HnSZdE1SRjthi1jT1QwSt0ALqsKKT13ynnmvNP2cpfC3xF 8F/tL/tvfFzUrzQvDvxDa/0myvrb5L218NafGbcG2JR8SSfJEMKT5sIIAJr71/bA/Zd0b9rX4Sj4 bahq58O31pf2+o2GprbfamtZ4cq37rzISweJ3THmLgkNztwdGP8AZc8BN+y1F+yndSSnw6uiJpEl zCoimaVQHa7CncokacecQcjccHIoA/IB5NK1z9kvXPC3wS/ZLll+H8Og39ynjPxVdadZagYI4ZJT qh/ciSaZQPMQxSbeFVPkwKxPF+kaPr/7A37Ieua3YW9/qMnjXTdLe5nhSSZrBbnUFFqXYFjDhVHl k7eBxxX3NpP7A3x3vvh7B8CviD+0ZqOpfCyytlsYtK07RbWxvJbOJQIbeW+Lyy+UmADGdwZPkyBj HR6t/wAE97nVv2R/B37M0vxFki1XwBrH9taP4gg00RFJ1muJUWS1Ny+4KLl1BEynIRscFWAPlv8A bLtdbv8A9ub4TfCHwp8Lbb4jeGvCXhmTWNO8GC8tdG064uZprpJZiZUMLLEIYz5RU7thGNpYGw3g b9oa9/au+D3xa0D9nOx+CL6dqIsdbmsfEejzJqelXTxxTh7WH7PvaCJnbKI7tlRjKpj7F+I37E/i b4n+GPh94g134pXll8avh4JhaeN7HT4oXuFmlZ/LuLFZArxhG2BRIAcuSCsjocnwT+xf4uX4vaP+ 0L+1X8WpPibq3giKSTSITp8GkabpzAbmuHjiYoWXG/O1MMqsxbauAD9Fa4H4rf8AJLvGP/YG1D/0 neuK/wCGoP2aP+iteEf/AAfaf/8AHqgu/jF8CPinp9/8OfC3xO8N6hqviO0ubGCGy1azu7hmmiZS Y4I5t8hUZbaOwPI60Afzk/AHV9d17w9+zr4Q/aksLmx/ZvOpapa6U0Uix2Ooaub2ebzdSIJYxLPM Yfm2AIjleBKT+gv/AAUOk8Ra3+03+z/8FtD8Cr4+8O21vearD4TF7BpNnqdzao6pE00oMSrBFFkI ykMjNGo+evrzRv2FPCK/sXWv7HfjHW/7dt7CO8e21pbMW8kF5PeT3kFzHAZZNphabYV8394gZSQH IGT4x/YX1D4h/B74feEfF/xKvH+I/wALn3aD41srL7LeRKhXy1nga4lMoCIgY+crMyBiQS4YA+Kf H/gX9ovXfjJ8Jfid4R/Zi0/4Laz4T1y38/ULDxLopF/pzkLcWj28QthJmLcARubYWUDnj3bUdQ0/ 9k3/AIKNalrmqzDTfAfx60Ce8nlb5YIdZ0WMyysfUmNWY+r3Nei+Hv2G/iP4v+K3hX4o/tVfGCf4 p/8ACCzi60XS4tKg0myjuVKss8yQMVkO5EYrtBJUBmZMqfCv+CpGtfDH406P4O/Z58FatBq/xffx TaWlnYWj77iyS7hZbhrraD5cJjeNmyQThW+6rYAPY/8Agm9oep+NtI+I/wC1v4qt2i1j4y69cXFm snLQ6PYO8NrECeQFbenuqIeeK/TKvF9KvPhF+zV8N/CngbX/ABLpfhXRNGsoNLsZNVvILFZ/ssSq cNM6BnIG58EnJJPWqn/DUH7NH/RWvCP/AIPtP/8Aj1AHxr+2f/yeZ+x5/wBhjxD/AOi7Cvmr4gfE X/hjL4y/tb+Gkl+xWnjzw1H4w8PEnaBqN9IbCQxjuxvLpmIH8MXbBr1j9oj4p/DX4v8A7b37KWk/ CvxTpni+40LUdeuL7+ybyK+W3SSG2dfMaBnVSVgkOCc4XPSvo39rX9hfwv8AtXeO/h5431fXf7Ef wVOftkIshdf2pZNNFN9mLmaLycbJAH2vjzCdpxggH5JfDvxZr/7DHws/aA+BOvXUi61r/hDQNZ0V D8sn27W7eKxvvKHGTBNcgL3xBk5r6C+NP7PfhL4R6b+w/wDDjVNBsZr+HxJp1jrDS20UjXLzSw3F 1DKWUmSI3E0pCNlfmPHJr7q/aL/YW8LftD/H34cfHLV9d/s4+B2t1u9P+xiddUgtLr7VDE03nJ5S hmcN8j5Vu2K7X9rb9ly6/aW0fwjN4e8XzeB/FPgXV49Y0nU4rZbxY548H5oWePPzKjKd3BXkMDig DjP+Ch/hfQz+wx8R9BtbaCwsNM06ze1hijWOKEWd3bvEkaKAEA2BVAAAHHSvoP8AZt1bUde/Z2+F uuawzNf6h4W0S4uGf7zSy2MLuT7liTXxP+2npvj7xH8Ffhz+xiniIeKPiJ8UryysdQ1QW62pbTtK ZLq/1KSCNmEaho48qDhssF/u1+lPh3QdN8LeH9M8MaLF5Gn6Raw2dtH/AHIbdBHGv4KoFAH43/Fr 4S/Gb4WftT/Ev45eEfhToH7Q/hnxjHZi8sbmW3l1bSBDEIzbpFKJCofaRhIZd6KgO0qc+Ry/Fr4U +G/2Ev2jD+zloGu/DnxJDqdpF4i8P6k5DaPLrF5HZyi2XC+XE0IkgA2rIhQBgNqk/eHjz9if4j6d 8Z/Evxv/AGYvi5N8LtT8b+W2uWMmlwarZ3U6Ajz1SZgqtlmbBRjvZirKCRXX/Cb9hfwP4M+H3xI8 KfEzXLr4i618XXaTxPq93ElrJcsN5i8iJC4g8lpGdPmYq/IIAVVAPzgtPhd8S9a/ZYtvhbpn7Fml mwvNDR4PE58VaMt6biSAOmqmVollDFiJSplC7f3ZITisD9oS4+Odz8IP2Pfgh8S/DUnivU9Svb/+ 1NA/ta1iTWpNGnigsLaTUY3lh+e2k5be2TJz+8HH2RP/AME+vj63gT/hQ8P7SWpD4RFfs/8AZT6L btqAsN3Fn9u80SGPZ8vZMfL5Wz5a+h/in+wz8KfiB8D/AAj8GPD1zd+EX+HbRT+GtXsmDXun3cXP nFjtMnmv+8lAZCzgMGVgCAD83/jx4D/aP8Uz+BfFngD9lDTPg54o8E6xa3dhrOn+J9DQyRRA5sni QWqyK+AQGY4CsANrMD7ZrHwj8A/F3/grTrll8RNGtte0/wAPeBrfVobS8jWa2e5SW3tkMkTgo4Vb hmAYEbgDjIFeqj9g/wCKfxM8ZeF9Y/at+Nlx8T/Dngy6W8sNFh0i30qCeeLGyS6aF28zgYYFSxBI 3gM2fpXRv2b/AOyP2t9d/am/4SHzf7b8Mp4d/sj7Jt8rZPBN9o+1ecd2fIxs8ofezu4wQD86/hT+ zZ8Fp/8Agp/8WvDlx4T06Xw3oGg2Gq2WjvbRnTYL67htFaVbXb5WV8yUqCpCmQlQCBir4F+EWlT/ AB9/bb+APgC8tvA+i65oulpb7MW9jZz3tmXJKrhY4i87qwUcIxCjoK/R7wl+zf8A8It+1R45/aZ/ 4SH7V/wmmkWelf2V9k2fZvsiwr5v2nzm8zd5P3fKXGepxz5/f/sS+F/EnxK+OXjLxnrj6po3xt06 w0+40yO18iTTxYQJEssdyZXEj70WRMxKFYDO4DkA/KPxBpUnwk+B+k/Cj9r/APZehl8E6Kloi+Ov Bj2z3AjWRNt09xGsnzXPAkaSaLzC2NgJUD+gz4f61oHiPwJ4c8QeFL19S0TUtOtLmxupSzST200K vFI5bDFmQgtuGcnnmvzNX/gnt8fNR8CRfAfxN+0hf3vwigEMH9kxaJbR3z2MLqyWv20ytIqKFABO 5OMeXt+Wv0+8IeFdE8C+E9G8FeGoPs2k6BZW9haRZzst7WNYo1z3IVRz3oA/KP8AaB8TfBq1/bSv Lnw58L9e+Pvxb0zQ7e1m0Y/ZW0LRLV9ksT5ngcxTMJAxdtyL5xwQzYHl/wCy4virS/8AgpnrR8Q/ Dey+EF3rvgqW4uPD2m3tveQBfOg2SyNaKkIkfYGZQoOfmIyxr7F+Jn7GHxHm/aB1n9oz9nb4sSfD XxD4rtIbPWoJtKg1a1uVhSONZESZ1VTtiQ4Kk7gSGXcwMPwg/YS1z4X/ALRdl+0nrHxW1Dxj4iut OubPXhqVhGDqMs4IV7doplW0ijCxBYdkoATAYBhtAPsr4wf8kk8bf9gPUv8A0mkr8D9T/wCUYf7L H/ZSbf8A9LtZr+hLxhoH/CWeEtb8Lef9l/tmxubLztu/y/tETR79uV3bd2cZGemRXwRc/wDBP8XP 7MPwr/Zw/wCE82/8Kz8SR+If7U/svP23y57ybyPs/wBq/dZ+17d/mv8Aczt+bAAPMfFHgHwLf/8A BWTRbK+8OabcW918Pn1KaOSzhdJL77dcf6S6lCGm4H7w/NwOaP2cvAPgWD/gpB+0bFD4c02NNDtv D0+nqtnCBZzS2cTSSW4CfundiSzJgkkk819A/H79kPxj8TPjv4Y/aI+FHxMm+HXivQtM/sadv7Oj 1GG5sfOkm27HliCkmV1bO4EbSNpXJNS/ZD8Y2H7Wt3+078NviZN4ZtfEp05fEehvp0d3HqMOnpHF 5STtKhiEkcSjIRmRizAkHaAD8iZPGXiTwf8A8E2vjinhuaS2bXfirqGl3csR2lbS4jtGlUnssgQR t6hiDwTXs3xJ+EPxW8Tfs7y/CTSv2KtL8Lw2VjGLHxCni3RDd2k8QBW8efy43lLEZl3SgSAkE9CP 0K+HX7CXgvw38BviJ+z/AOP9afxXovxC16+1ySeK1FjNZvdrB5YizJcAyQPArrIeCeCmMg+J6j/w T7+PninwbZfBLxz+0jqOrfCaz8mM6WmjW8N/NaQMGitpL7zXdlTau0vvXgfu8AAAH3l+zq/j5/gT 4EX4pKR4th0i0i1MtPFcs9zFGEeQywM8bmTbvLKxBJr899b8JeHvjv8A8FTdW8I/Fyyi1vQPhz4N hv8ARNLvAJrN7ieS28ydoHBRyGnYHIOSkZP3AB+pfg7wl4f8A+E9H8EeFLRbHRtBtIbGzgUkiOC3 QIi5OSTgDJJJJ5JJr5S/aI/ZDm+LXxB8P/G/4XeNrr4ZfE/w3AbSHWLW2jvIbm0JY+RdW0jIsoBZ gCWIwSGVwF2gHyf8ePB3hb9nv9vr4A+MPgxpEGiX3xBj1fS9c0zTI0toL23gSLy3eFAqbmaTcWwM tEp6rmj/AIJu/Bn4WfGf9nzxD8V/i54csPGni34ga3qh1m71W3S7uAFfYIEeUFogB8/ykHLA54XH 038Hf2OdZ8OfF9P2hvj78Qrn4q/EOztDZ6ZcSWUWm2OlxOHWQW1rCzJuZXZd3yj5mYrubcPPrz9h f4oeB/GHiq8/Zi+Nd38LPCHji5e81LRF0qHUUt7mVcSy2MksimBn6AoFZOMMQiBQD85/BM+o/BX9 gf8Aa00X4cXU6x6N46n0OC7ikIkWwe4tLJ3LjBO+AlCR/ez0r7c+On7Jf7O+l/8ABPLVItI8L6Zb XXhzwomsWesR28S30l7BbLcec1yF8xzcsCrgnaQ2AAAuPcfgD+wZ4I+DXwd+InwM8Ta3L438MfED Ubi7lW5g+zXENvNFHGkbSJI/mTR+WH89RH8/zBFxXh2o/wDBOz43a98NZvgFr37R2pXPwstYWi0/ S/7Gt/tSLGCbSK5uxKJJoLeQI3lZCuqhV8rClQD7F/Yq/wCTSPhD/wBixpn/AKIWvp6vMPgr8N/+ FPfCTwh8LP7R/tf/AIRTTLXTvtnk+R5/2aMJ5nlb5Nm7Gdu9sepr0+gAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD /9f9/KKKKACiiigAooooAKKKKACiiigAooooAKK/OL9vj9qb4hfCOTwb8DPgJbpc/FP4nXH2axkd VkFjbs4hE218rveRsIzgooSRmHyjPlFr/wAE1Pi5rOk/2/42/aZ8ZP48mQyG7s7qYWUE7DJWONpl laNTwNrxZA4VegAP10or81f2Ffin+0svi/x1+zj+0vp97q2q+A3BsPFBtZRa39vuVfLe68tY5JCj xyxEnzXRm3jKE191/Dv4qfDr4t6Vea58NPENp4jsLC6eynns5BIkdzGqu0TEfxBXUkehFAHf0VwG kfFT4da/481j4YaN4htLzxX4fiSfUNNjkDXNtFIEKtInYESJj/eFeN6v+2x+yfoVhbanqfxR0WO2 vLmWziZZzITNBt8wFYwzKE3rliAoz1oA+o6K+dPEf7XP7M/hKPVZPEPxI0a0/sUWpuh9pDun22Pz bfaqbmcyx/OoQMSuT0FdxYfG/wCEOp/DRfjHZ+MNMPghkaT+13uUjtAEcxsDI5ADBwUKnDbvlxni gD1OivnX4cftbfs1/FzxF/wiXw6+Iek6zrTFhHZpMY5pdgy3lJKEMuBz8m7jJ6A16P4t+LXwz8Ba /pHhfxp4lsdE1XX1next7uZYnnS1XfMy7sDbGvLEkADmgD0Oivmvwh+2L+y94+8Xx+A/B/xL0bU9 duJBFDbR3AHnyHokLsAkrHsI2YmvkX9u39sWf4NfFn4PfDTwh4zs9FjvfEdlL4wQBGuLbSBPauPN ZgfKiljaQuVwzKuMgZBAP1OrjfG/w78A/EzSP7A+IvhvTvE+mhhILbUrWK7iVx0dVlVgGHYjBHrV 7wf4w8L+P/DVh4x8F6nDrGiaohktbu3bfFMgYqSrdxkEfhXwX/wUn/aK+I3wE+E3h7T/AIVXMWk+ IPHWrppCarOB5dhC0bM8gZgUSQnaAzA7V3sBuAIAPtzwH8Lfhr8LrGTTPht4V0vwtazbfNj0yzht BIUztMnlKu8jJ5bJ5Nd5X5Hf8O2vjGNI/wCEgg/ai8aHx4Yci+N3cfY2lxnZs+0ed5WeP9YeOdv8 NezfsL/E39oLx18KvGPgn9pPT77SvFPgi7m05dbu7SS1S/tirqs6SFI0maFo2DSR43L5bN8xLMAf ceueCfCHiXWdE8Q6/o9rqGqeG5pJ9MupoleazllTZI0LkZQuvytg8jrXUV+UPhn4vaZ+zJ+wr4n8 XWnx0tviprgn1OPQ9fvnlnE+pmAPDYotxNOztHsLBS+OTxjOfXv2QP2t/h/4w/Zf0vxx8S/iFY3m veG7CKfxVdXEqI1lLeXEiQm4Cqqx7yAqADHQAUAfoBRWJofiTQfEvh2x8XaDfRX2janax3ttdxNm KW2mQSJKrd1ZCGB9K5v4f/FT4c/FXw1J4x+HXiGz8QaJDLJA95ayh4VkiAZ1LcAFQwJ9AaAO/or5 J1n9vD9j7QdYOg6j8V9E+1hzGfJma4iVgcENNCrxDB7lsV2nxu+Pfgr4bfATXPjFY+JdNW0fTLiX Rb1pVms7u+a3ke0jjZCVk8x1AAU88jNAH0FRX5O/szftG2v7RH7EOv6Z43+LkGjfEn+yddudZ1VX EV1osMl5cLBdtHAYfLSKIxlNjLhduCK+3/2bzp3hv9njwpJe/EFPiBZWFjI8niieVtl7GkkjNO8k 0khCoPlJaQ4C9cUAfQdFfK+lftv/ALJGt+JU8JaZ8VdCm1KSRYkU3OyGSRjtVUnYCFiTwNrnP417 d8Qfib8P/hToUfif4j69aeHtKmnjtUubyQRxtPKCUjB7swUkD2oA7qivmXXP2zP2V/DXjCTwFrvx Q0Oz1uGVoJYXugUhmRtrRyzAGKN1bgq7gg5yODX0tFLFPEk8DrJHIoZWUgqykZBBHBBHQ0AZmveH 9B8VaPd+HfFGm22saVfoY7i0vIUuLeZDyVkikDI6+xBFWNK0rS9C0uz0TQ7OHT9O0+GO3tra3jWG CCCFQkcccaAKiIoCqqgAAAAYq/RQAUUUUAFFFFABRRRQAVXu7S1v7WaxvoUuba5Ro5YpFDpIjjDK ynIKkHBB4IqxRQB4H/wyn+y7/wBEe8G/+E/p3/xitrw7+zv+z/4Q1q18SeE/hl4Y0TV7Fi9veWOi 2VtcwsQVJjliiV1JBIyCOCRXsVFABRRRQAV59a/Cb4XWPjy6+KVn4S0qHxjeoEm1hbKEahIoQR4N xt8z7gCH5uVAB4Ar0GigDifG3w0+HHxLtbax+I/hTSfFVtZOZIItWsYL5InYYLIs6OFYjgkYOK85 /wCGU/2Xf+iPeDf/AAn9O/8AjFe+UUAeR+CvgB8DPhvr0vij4e/D7QfDWrzRmJrvTtNtrSby2+8i vEilVbA3AYBwM165RRQAUUUUAcu3gnwg/jJPiG+j2reJ47I6aupGJTdLZGTzTAshG4Rl/mKg4J5r qKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAo oooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACii igAooooAKKKKACiiigD/0P38ooooAKKKKACiiigAr5h/bF+NGtfAL9nrxP8AEfwzEkutWywWtkZF 3xxT3cqwrKwIIIjDFwDwxAU8Gvp6vOviz8L/AAp8aPh3rnwy8awtLpGuweVKYyFljZWDxyxkggPH IqupIIyBkEZFdWBqU414SrK8U1deV9TSi4qactj+UnRP2xP2ntC8YJ43t/iVrdzqCy+a8Vzeyz2c nOdj2rsYDHyQECAL/Djiv6svg54+PxU+FHhH4kPbfYpPEul2l/JAMkRSTxK7opPJVWJCnuMGvyB0 T/gjgYvGCP4h+I4ufC8cu5ktrExX0sWf9XuaR442IwN+H9dtftf4d8P6P4T0DTfC/h62Wy0vR7aG ztIEztigt0EcaDPOFVQOa+z4zzPL8RGmsIldbtK2nbZf8A9XNcRRmo+y3Niiiivgjxj8WP2jzHpP /BXX4Dav4jjMml3ehx21qx4UXDNqccag9CyzyRsR/tCv2nr4Y/bi/ZEuv2nvCmhaz4G1ZPDfxH8D XRvtB1FyyJvyrNDI6AugLxo6SBWKOoIBBavmy0+Nf/BWLRdCHgy/+B2i634hiQwR66t/apbSlRtE 8kS3aR7j94jdGM/8s1+6AD9NLD4vfC/U/iLqPwjsfFFhL400mJJrrSBOovI4nRZA/lHDEbHViVzg MM4zX5q/8Ecv+SB/EH/sedQ/9IrKvWv2IP2P/G3wY17xZ8dvj1rUfiH4s+PiftssLeZDZ2zusrQq +1Qzs6rv2gRqERI/lXLfLnwr+GH7d/7Eni/x34D+DPw5074neBPFerS6lpd1JqMFp9mkkG1WmEks Tg+Usayqy7CyDy35OQD0j9ncg/8ABVf9o0g5/wCJHYfpFp9fMn/BMX9kr4I/Gzwp8TvH/wAXPDFv 4olHiCXSLVLpn2W8cMaTyNGEZSHczKN+cgLhSMtn6k/Ys/Zw/ae+G/7VvxK+Mn7QFpbXH/Ca6PE7 alZ3Fu1u99PJbzPaxQrIZlW2CtCGaMKfLyrMCCfVf+CbPwJ+KvwB+FPjTw18WtE/sLUtW8V3mpWs X2m2uvMtJba2jSTdbSyquWjYbWIYY5GCMgHxT8Pv2dvhl8b/APgqN8bLH4kaJDrHh/wrYwXEGnyZ W3a4eGzgi3ouAyJGXwvTdtPbFc5+33D4S8IftDfA39l3SvBWqa18LPDGnNrreE/DsUktxfSTXF2X REB3yAC3Yuc5VHlIIJJr75+BXwJ+Kvg39u344/GXxJon2Pwd4ws7SLSr77TbSfaXiW3DjyY5WmTG xuZEUHHHaof22v2YPit8QfGvgT9pH9nK7tofif8ADdmWG0vHEcOo2ZYv5G9iqA5eRSGZFdJHBdSF oA/NL9qHVvCXxV8B6fH8EP2TvG3w38e+Hbu1udI1ew8MmwEYhkUukxtEDOAo3RkqWWQAggFs+p/t o+Hbr9oD4qfsX6B8TrO4sbjxtZw/25ayI1rcRtcmxe9hZCA0T8umMAqe3Fe0eP73/gpr+07Bpvwv TwRD8B9IN1BJq3iG11lZLrbC2WFu1rP5u0n5giA7ioVplUtn1/8AaD/Zx+Kvib9o/wDZj8WeDLC4 8Q+G/hlI6azql5fQG5SNDbhZpvtEqzTySCNmdkV2LZJ5NAHzf/wVM/Zu+Cfww/Zx0X4g/C3wdpng 7X/DetWEMF3pNslnM0MiyArI0QUyMHVHDvucMuQ3LZs/8FBvCXhDXfi7+yTr+q6Bp1zqHi7xNYwa xM9pCz6hAZtOXybpiuZowrsoR8qFYgDBNfXn/BSH4K/Ez49/s2zeAfhNo39u682rWN0Lb7Rb2uYY d+9vMuZIo+Nw43ZPYV5n+3V+z58c/iB4Y+CXjj4KaPb654q+Eup2+oPpk9xFCZWQW8gIaSSONlSS 2AdRICQ3y5oA/SvQPD2geE9HtfDvhbTLXRtKsV2W9pZQpb28KZJ2xxRhUUZJOABya+b/ANqjwT+z r8Z/C2n/AAI+O2uWWm3fim4VtDhe8ittRN+mYo5rFHOXkUy7MbWU79rAhsV6z8GPEHxK8U/DPQ9e +MHhqPwh4wuklN/pcM6XMduyzOke2SN5FIeMI/3iRuwcEED5Y/bw/ZH179pjwx4Z8SfDbV00H4jf D68a/wBEupWZInLGN3iZ1DGNt8UbxvtIVlwQAxYAHyX/AMMQ/t7fs+2uf2Yvj2+vaTYrm30bWwyK I16QwxXAu7UEjjP7kd8rXv37Hv7Xnjb9oLwv8Svhj8Z9Bj8O/Er4cxS2+pxwKUhuFKyxFwhZ9kiS RlZAGKHKshwdq+T23xr/AOCt2g6XH4R1L4JaDrmtLGsUesrdW4hlIG3zpUjvkiDk/MceUv8AsAcV 7J+xt+yT8SPg/o/xJ+J3xp1SHW/ip8VTJPfi2ZTBbBvMcRBwEQu8kpL7QI1CqqfKuSAfB37Nvhnw 34i/4JF/EufxBpNpqcukTeIL2ye6gjma1uo7aNUnhLqTHKoYgOuGAJwea7q88FeDfD//AARs1DxJ oOg2Gm6vr2hac+o3ltaxQ3N60WrxhDcSooeUruO0uTjJx1r3j9l79lD4weG/+Cfnjz9nf4gaXH4b 8X+JRrcdrDNcwXESm8gRLdnltHmQKXX5sEsBzt6CuV+B/wAC/wBqfx5+yF4y/Y5+Ofgu08E2Wn6M LPw/rIvILgXV0ly1zGtwlvNOQiuseXVBlM8bsCgD7q/ZiIH7G3wuYnAHgfSMn/uHR1+Xn7EOleDN c/4Je/EDR/iJ4wl8B+GbzV9Sj1HV4QrSQ2zLab41VlbeZx+52KpZw+1RuIrt/hvZf8FOtI+EFh+y rH8O9I0OCwsxoieM7jUbeRLXTCDEsiQRTMZJI4flQqhbAUtHuyayPAf7CPx31H/gnT4m/Z28RWcf hvxvJ4jk1iytZruCWG6ii8gokkttJLGokCNtyflcKWAHNAHmfh34pfsa3vwc/wCFO/BH9mfxD8WF gsHtJNdHh6CKS6nVCr3r6gPOuInLZfdtXy/urtUADu/2IdL0nxv/AMEtviNpnjKwttctNBPieWwi voUuUtZYbAXEckKyBgjpLI7qy4KsxIIJr0zwjq//AAUh134QaX+zrpPwe0j4cyWmmw6JP4qudUtn t7e2jiWFpobO3aQ+ayA4MfmKHOQqiu7/AGHf2ZvjJ8Nf2S/iX+z58VtFTw9qmuXesRWFz9qt7qCe 31Kxjtlm/wBGkkZArqxKuFbBHGcgAHz9+zz4K8G6d/wSJ8V+NtP0GwtfEWreGPFEN5qUVrEl7cxx Xt2qJNcKokkVQqhQzEAAAdBXinxX8R+Ibn/gnV+zB8GNIvpdMsPiVqqWGozxnAa3iunCxP6qZJUk x3MYzxmvoP4DfCD9tLw7+yl8Sf2Q/HXw0tbTS7bw3rcOganDqNmz32oX05kS2P8ApJUK/nSMsjLG qhQHIPX0vWP2GfHvxP8A2Avh18F9ZZPCXxP8BY1CwaSdZIoL1JpiYpJrVpV2vHJkPGW2uFPOCCAe 5/Fn9gv9l68/Z51v4e6L4E0rSJdM0q4aw1WK2jTUobqCEtHPJeYE0hLqDIHchxwwxjH5CfEj4jeI viN/wSH8HyeJ7mS8uvDvjGHRo5peXe2tYbgwLnuI4nWMH0UZ5r7m8WeM/wDgqR8S/hxcfAu8+EWm eHdY1m1Om6j4s/ta2+z/AGaVfLlnjiilfy5HQnJTey5JSNTja79ov9g/xxov7BXhf9mf4FWLeMNf 0nXLfUr2RprayNzI63DXM4NzLFGqq8ioibywQKDuIJoA7b46fsR/s5+DP2GvFen6Z4I0xNc8MeFr jU49a+zp/akl/ZWxuGme7AEzeY6HcpbZg7QoXAH0D/wTs1jUdc/Ys+Fd7qk7XE8enTWys5yRFa3U 0EK/RI41UewFewfH3wb4j8a/s3/EDwD4YtPtuva34X1LTrO38yOPzbq4s3ijj8yRljXc5A3MwUdS QOa4b9iH4a+NfhB+yz4C+HHxE07+yfEWi290l3a+dFP5TSXk8qjzIHkjbKOp+Vj1x1yKAPqyiiig AooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAC iiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKK KKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD//R /fyiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK/ITRf2iP29/jL8a/jD4C+BUHgePR /hlrsul51qK8jneJpZ0gO6GRw7bYDvOFGcYHoAfr3RX5ufBb9qf9oLRf2ibD9l79rTwto+l+IfEt hLqGg6r4fkkNldpbpJJIjpNJIwbbFJg/IQVwUIdWr9GYL6yuppre2uI5pbYhZURwzRk9AwByCcd6 ALVFZN3rukWcV5LNeQg6eu6cGVQYwRkb8n5c9s9a+a/2Pf2kh+1L8Io/ihPp0Ghz3V9ewpp8c/ny Q28EpjiMjEKSzAZJ2qM9BQB9VUVUnv7G1nhtbm5jimuSREjuFaQjqFBOWxntRNf2Nvcw2dxcxxT3 GfKjZ1V3x12qTk49qALdFc94k1O4s9KvoNHmthrbWs8llDcOFWSZEJTcCVOzcBuIPAzyK+EPiV+1 X8V/2dv2RdG+K/xj0bRtT+JF9eGxmsdOugunK013MkMyMrzM6JAsZkVX5ckbl7AH6IUV8UfH39ov xZ8Ovj3+z98OfBh0+80D4o6hq1rqc0iNNII7FbYx/Z5EkVVOZnDEq3QdMHP19pXiPw/rslxFomp2 uoPaNsmW3nSUxN/dcITtPsaANmiisG/8VeGNKtZr7VNYs7O2t5PJklmuI40SX+4zMwAb2PNAG9RV P+0dPFiNTN1F9jZBIJ96+UUbkNvzjB7HOKrW2u6Je38mlWeo2897DGkskEcqNKkcn3HZAdwVuxIw e1AGrRWHN4n8NW2rx+H7jVrSLVJhlLR541uGH+zGTuP4CtygAoqtc3tnZCM3k8cAmcRp5jBdzt0V c4yxxwBzVbTdZ0fWRO2kX0F8LaRoZTBKsvlyL95G2k7WHcHkUAaVFYdj4o8NapqE+kabq1pd31r/ AK63hnjklj/30Ull/EVo3+oWGlWcuoancx2drAN0kszrHGg9WZiAB9aALdFY1j4j8PanDa3Om6pa 3cN9u+zvDOkizbfveWVJDY74zivH/hfrfxr1L4m/EvTviNBpEXhHTrqyXwu9hIHvHgdZvtJvVErl WBEezKpn5uD2APeaK5+28WeFbzVpdAtNZsp9TgyJLVLiNp0x13Rhtw6dxXzX8b/2nrf4SfG34R/B yGxtrlviReXsV3ezXIjGnwWUSPnywOXlMgClmAAB4bIwAfWlFZ1/q+k6VYNquqXsFnZIAzTzSLHE AehLsQuPxp+nanpusWceo6Rdw31rKMpNBIssbD2ZSQfwNAF6isRPE3huS4tLSPVbRp7/AH/ZoxPG Xm8v7/lruy+3vjOO9Gr+JvDnh94I9e1W001rltsQuZ44TI3ogcjcfYUAbdFIrK6h0IKsMgjkEGvA Pj/8Y4fhz8HfiN4t8Gajp154n8HaLe6hHaSSLMY5beJmTz4UdZAuRyMr9aAPoCivljwZ8fb1v2Ot N/aS8cJbpejwkPEF5HArRwNMtqZzHGrMzAM3yqNxPIGa6n9mTxb4+8X/ALPHgfx78Xp4P+Ej13S4 9UvHiiFtCkd2TPCNmcJsgZA2T1BJxQB79RWTo2v6F4itTfeH9SttTtlYoZbWZJ0DDqNyEjPtVfU/ FPhjRbyDT9Z1ezsLq6/1MNxcRxSSf7iuwLdO1AG9RVa6vbOwi8++njt4yQu6Rgi5PQZJAye1Zy+J PDr6w3h5NUtW1VF3m0E6G4C+pizvx74oA2qK/P39tj9pj4mfCTXvhp8JfgcNG/4TP4l6lPZLd6y7 Na6fFbrDl5UjIK7jOrBmDAKrYRyRj0P4Jar+1mvxHi8OfG268Lat4Zi8Om4bUNEZlnm1d7pNm2J3 Di3+zMfmMSguAQcHBAPr+isS68TeHLDVYNCvtVtLfUroZhtZJ40nkHqkZIZvwFWTrOji0lvzfQC2 gbZJL5q+Wj5A2s2cA5IGD60AaVFVp7yztbZr26njht1AJkdgqAHoSx4xUUuqaZCYBNdwxm5Vni3S KPMVRuYrk/MAOSR0HNAF6isux1vRdU07+2NMv7e7sMMftEMqSQ4X7x3qSvGOeeKj0bxF4f8AEUUk /h/U7XU4om2O1rMkyqw7EoSAeOhoA2KKyNZ8QaD4dtlvPEGpW2mQO4jWS6mSFC56KGcgEnsK+RvA v7QfjPxP+2z8QP2fLlLFvCfhnw5YatZTRRt9qea6FuW3y+YUZP3rYAQduT3APtCiisS58S+HLPVo NBvNVtINTuRmK1knjWeQeqxk7m/AUAbdFfGPxI+P/jjwn+2j8I/2ftLhsm8M+ONL1a8v5JIna7WS yt7iWIRSCQKq7ol3Ao2RnkdvVfgzrfxr1fxB8Q4fi1BpEOmWGu3EHhw6ZIJJX0pXcRNeASSbZ9u3 cCE5z8ooA95orDHijw0dY/4R4ataf2rjd9k8+P7Rj18rO/H4Vpz3tnavDFdTxwvcNsjV2Cl29FBP J9hQBZorFsPEnh3Vb650vTNUtby9s+J4IZ0kliP+2iksv4gV8x6z+1Da6d+15o/7MUdlarbXfh2b XLnVJLkblmE7wR2qR8AN+7LMWYk5ACjGSAfW1FFfF37CH7QfjT9pD9nq3+KvxHjsbXVH1C+tnFlG 0FusVswCnbJJIQcHklqAPtGiqdrqFhfW322yuYri35/eRurp8vX5gSOO9UNI8S+HPEBmXQdVtNSN s2yUW08c3lt6NsJ2n2NAG3RVS31Cwu5p7e0uYppbYhZUR1Zoyc4DAHKng9fSlN9ZC8GnG4j+1FPM 8nePM2Zxu25zjPfGKALVFc/beLPCt5q0ugWms2U+pwZElqlxG06Y67ow24dO4roKACivkH9rD47e KvhpH4K+F/wnW3m+JfxQ1VNM0f7SnmwWdvEVe9vpo8gvHBEfu55LZ5CkHub/AF742ad8f9I0H/iT v8LE8OtcajeTSJHqn9rJJKCVj80YtzGsZJ8vAJb5uMAA+haKpjULBrL+0luYjabS/nb18vaP4t+c Y980HULAWX9pG5i+ybd/nb18vb6784x75oAuUV8XeG/2hPGetft0+Iv2c2SxfwhpnguLxDbzRxsb t7qS5tYuZfMKGMpMxACA9Du9fsSLUtOmvJNOhuopLuEbnhV1MiDjllByByOo70AXaK5+28WeFbzV pdAtNZsp9TgyJLVLiNp0x13Rhtw6dxXQUAFFfIv7Y3xl8a/CXwR4V0r4XyQJ418feJtK8O6UbiIT pG13LumlaMkAqsSMCTwpYGvrqgAor56+A3iv4vajoOuSfH/+xNP1Y+ILu10hNKnRo5dMVIvs+/8A ey/6QXZwy5Bxt+Ud/eri/sbOWGG7uY4JLltkSu6q0jeigkZPPQUAW6KqzX1lbTw21xcRxTXJIiRn CtIV5O0E5OO+K+OP2EP2g/Gn7SH7PVv8VfiPHY2uqPqF9bOLKNoLdYrZgFO2SSQg4PJLUAfaNFZg 1rRzp76uL+A2MQJe481PKUL1JfO0Y781Ho3iDQfEdsb3w9qVtqluDgyWsyTpn03ISKANeiio5pob aF7i4dYoolLO7EKqqBkkk8AAdTQBJRVZLyzltRfRzxvbFd4lDApsHO7d0xjvVcavpLR28y3sBS7O 2FhIuJT6Ic/MfpQBo0V86fG3xp8VB4W8Pal+zlPoOsXk3iC1tNTfULlDbrpu2X7V5LLLGDcK4jCr knG75T24X4pfHLxh8F/2lfAHhvxdJBN8MvifG2j2c4iCT6b4hjYNCskufnhu0IRARkPk5CjBAPsW iisvV9c0Xw/aG/17ULfTbVestzKkMY/4E5A/WgDUorN07WtH1jT11bSL6C+sXBKzwSrLEQOpDqSv H1qheeLfCmnpaS3+tWVsl+dtu0tzGgmb0jLMNx+maAOhoo68iviz9s39pbUPgl+zp4o+Kfwlv9J1 fXdBurC3McrC7hjNzdRwuJUhlRg21jgFhg9qAPtOisvQ7yXUdF0/ULgAS3VvFK+3gbnQMce2TWpQ AUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAH/9L9/KKKKACiiigAooooAKKKKACiiigA ooooA+J/2pviv4u8Lavp3g7wxeSaYk9qLueeE7JX3u6KiuOVA2EnaQTn2rI/Zg+LnjLXfFM3gzxL fTatbTW7zQyzsZJYnjxkGQ5YqwP8RODjHU5+kPir8GPDPxXgtm1WSSyv7IFYbmHBYIxyUdTwy55A 4IPQ8nNP4UfA3wv8KZLi/sJpdQ1K6Ty2uZgAVjyCURV4UEgE8knA5rtVWn7LltqfOSwOK+u+15vc 9enax7XRRRXEfRhX4GfAzwv+1d4j/ai/akb9mnxnofhOGDxew1NdYtDdGdmuL3yDFiGXbtAfd0zk dcV++dfkZpf7Ln7eXwn+NHxc+IXwG8T+BLTSPibrkuqNFrDX8twkYlmeAMI7MqjBZm3BXYZ6HigD yTwqPjP8Bf27/APij9tyW38c634+t20DwjrukTiOw0yaR/Kki+x/Z4Duc3KIWIGBKWBkOdn0h+xR /wAne/thf9h7RP8A0C+qbwV+x/8AtE/EH46eEPjl+2B8QNJ8QN8PWefQ9E0C2eOyiun2t5rySxwt w6I5+RmYogLBV2lvir9mn9rD4XftG+OvjX+yn4g8LyaX8Txatq+meJ1ugtvdW6FFmjNqpLhSzup3 LjzCpRwA1AHA/CbwR4R+J37ZX7Y/gjxtYJq+hapB4djurZ2dUkEdvvALRsrDDoDwRyKt/wDBIH4Y eA9J/Zwtvitp2kRw+LNdub+xvb8PIXmtre5PlxlSxQBcDooPqa9e/ZF/ZN+LvwP+LfxW+JXxa8Va d4tm+JEWnSvc2glinN4iyPdh4WiWOOJZJSkGx2zGqllQ/KJP2GP2d/2if2X7TV/hR451jw9rXw1s 3urjRp7L7Quqm4uJlYeejxrEsZTeWUMxVyAGZeQAc1/wU60G/wBE+Gfgf9o3w9CZNY+DPifT9Yyv 3jZTTRxTx/R5RBu7bQc8V8Gftn/FLXfE/wC1fB+0X4GuTeeDv2dv+EQa7eIFklXXJzdOykf89I3W Fx7Y4Nfu98Xvh5p/xa+Fviz4ZaptW38T6Zd6eXYZEbTxMiSD3jYhx7gV+dfwI/4J9eK/An7IHxS+ BHxG1bTdU8X/ABE88rfW81xPaRfZ7aOPTFeSaGOUrBNHvIEZwDhc4FAHOTSQfHn9s343/E+B1vfD 3wZ8Dy+HNMlU5jbUNStppp5EPQsitPE2OxXPGK+EPHfgHwhrX/BJL4NeOtT01J9e0bWr6ytLos4a K3vtavvtEYAYKRJ5aZJBIxwRzX64/sj/ALI/ij9nz9mbxN8LfE+o2OpeNPF8uqXOoX1vLNLbPPdx fZ4P30sUcrKsaqzEx5DM+Aep8h1D9gz4lar/AME8fD/7KFxr2lW3jXw7eS6hFdxPPJpskp1K5u0Q yNCkwBinwW8k4cdCOaAPG/24v2dfANr8U/2R/wBnrwFbyeE/Cl7qviO1MVhPIssNtdSWE12IpZGd w0geTkkj5umOKvfGf9nf4Xfsh/tRfs1+LP2eNPn8It4s8Rf2Bq1vDeXM8N5aTNbxkOLiSQ8q7bhn DHa2Nyhq+ktY/Z2/aa+KXjv9nX4ofFzUfC6a98K9S1q610abLdpFcQXxtxbfZEeA5kCQnzQ7IucF SQcD1b9pz9nrxn8afiR8DvGHha90+1svhp4nj1rUkvJJUlmt0eFituI4pFaTEZ4dkHT5qAPsavwz /ZU/ZR+FPx8/aA/aX8XfGOwbxNpuifEDXbLT9KmnlS0hnnvJnuLoxxuuZHQRIp7BT1O0r+5lfgt+ zboX7WcHx7/ac8X/ALM+q+G5oD4/1my1LR/E63Qt3cXlw8N1BJa/MJE3MrKSoZcZ3ELtAOd1eK8+ D/w4/bS/ZK0u+uL/AMFeCLCx1TQI52Mv2CLVAk81sJWyxUeZGACfvI7feZjXqHw++APw9/Ze/Yri /bM8M21zefFuTwQt/Hqt1cy3Ajn1yGIRssDMYx9nSVVU7fug7i2a990j9hn4iJ+z58Z9I8VeJ7HX fjJ8b1EuranIZYtLikicm3gi2xNIsMSs/IiychQoVVr658P/AALs779lrRP2c/iM0d3FH4TsvDmp SWbtsLwWSW0kkDuqtgOu+NmQHgEqOlAH4PeBPCHwA8R/AWA+Mv2f/i/4r+JPiSy/tGbxrbaNc3LS alcr50d1az/bAskCsylGMf71PmYFmr9C/g7+2f4j+Bn7LXw2vv2ofB/jG88XX7ahpriHSZHvmTTJ FEU10l1JA+ZIZIwJDkyMrsec1naH+z9/wUe+G3w0b9nb4e+O/Bt74NhiksNO8Q3i30Gu2OnPlQip GrxK8aHEWPMKYAEgwu39CvgF8KJfgl8JvD/w2u9fvfFN5pUTfadT1CV5Z7qeVzJI37xnKoGbbGm4 7UCjJIJIB+Q/7d/x60H9qv8AZj8D6x8O9O1zwu0XxO0rSkbV7YWF0ly+n3brNEI5ZPlXzVw24EMD 6ZrY/bF+DvgX9hH9myfSP2bLXU9E1b4ra1pHh7Vb6Cea71CS1hhuZn+zlnGyWYgqUQqrh2AA4x9+ ftofs9eM/wBozwj4D0DwTe6fY3HhfxhpniC5bUJJY0e0sorhJEjMMUpMpMq7QwVSAcsOM9l+1h+z jpH7Ufwfu/hpf6k+iX8NzBqOl6jGpdrPULbcI5dgZdwKu6MMg4YkEMAaAPxD+JHg/wCFGj/D3Tp/ 2XP2dPjD4E+KvhiS2n0nxDLoV0rSyxuom+2MlzLkSpvPyRcNgACMsp+t/iR/aP7YP7U3wY+Anxkh u9N8IW/ga18ba3oDCWxN1q9wrKbeZcrKohJVSpIZMSr8rEkd74n+Bn/BSP4xeHdM+EXxO+IPhPw1 4Wglt/7S17w4b9Ncv4YGDDhkjjV2IBbZ5SkjnK5U2P2oPh74Xtv2gPhFD8IviXD4D+PHh/Rza6KN chubqy1vR4xKjW13dbHQyDEp+ZjIxckLvKMoB4j8Tf2Zvhv+zt+33+zfP8J4JNG0DxVfapK+jieW W1try0t0WS4hWV3KGdJI1YDj90Meg6f4XeH/AB54s+Ln7fnhr4X3hsPFmpnSrfTJhJ5LLcyW2ohA suR5bN91XyNhIbPFeZ6loXxw1P8A4KP/AAJg+NfjfRvFnjC1TULm40rw5DImnaHYwW8rp80uHMlw 4kLGRQ/yoMkFAPtjw9+xx43/AOEv/af1DW/E0Wjaf8b5NOfR7zR7i4XUNPayS5/eTjZCFIeVDtjl YOoZSVzyAfkTp+h/ss+D/Anhz4Z/tB/DTxj+z/8AE/SpLYr44iiurhJbyGRWluQ3mISJcEqI4pBF nKP8vzfaf7XPwW+D3j/9rn9l+81ixg8UW3xJS+j1m/ErhdZt7KztfskpMThVXaxZTFtBDdxXXa9+ zN/wUP8AiD8IR+y/4/8AFnga48DNHbWU+vtHfXWtS2NrIjR/JIgjaYBBksFYn/lrn569e/aB/Y9+ KV3Y/APWP2a9b0u01/4DwvZWUfiDzvs93bPb29uGdoEkbcBb8rgAhyQylQCAfEXx+8UeEvGf7b2t /Cv4pfD7xj8R/hj8INI0+z0fwv4Tspr2JLma1gkF1exrPE20CVo1bdlwqA/KGDehfsnXGqeCf2yI NN+Bnwq8f/Dv4O+NtLuV1fTfE+k3VtYWWrW0Us0dzBI0k6RiQRJGC8mSzsgGCgX6a+In7MH7R2l/ F/Sv2p/gH4h8P6b8S9T0S00zxdpGprctoeqSwRIrPDJGvnKFaNFjBVDtRTuUl1bq/gV8BP2mLn42 3v7Qn7T/AI2s5tRSxOn6X4b8NzXaaLaxuCGklSbb5jgM2Awc5bcX+VAoB8B/8Ew/2Pvg/wDEP4Oa V+0L8S7O71nxB4f12SbRx9qlEFnDpcizoi26sEffcGR2VgQcjABLFvDfgd4s+Fnxyh8W/Gf9p34I fEf40eKPFmo3KwXuiaXcXukadYrjy7Szkju4drREsCMHYAoXB3Fv2m/YW/Z78Z/sx/ACx+FXj290 +/1a2v726aXTJJZbcpcOGQBpooXyB1+THoTXzf4a/Zi/bE/Zd1jxToP7JHiDwnqnw88TX0uoWul+ KVvFn0a4uOHFu1sCHjVVUAsxzgZj3bmYA+TPA3xm+OnwK/Yo/aB0+30jxb4W0rwrf2Nv4HufFGnz Weo22ma3dG28oPICm61jXIMbERySDBAZAPUPjB/wTy+BPg79h/VfG3hu1ntfiBoPhp9an8QLdz+f ezC2868jlQyeWYbhC8YQLwCOSd2760+G37FWtz/s/wDxA+F37Q/jm98a+IfilK91q14k0rW1lNv8 2EWEc3CrFN+8zsQMcKUCqBXgHiD9mT/gon4w+CN1+zBrfjrwYng62sTYRa2iX39r6ha26f6La3Hy GONHKpHPIqlwmeZjuDgHPfEG/vNf/wCCeX7O3wC0aVo9S+MbeF/D5KHDx2QEdxdTf7qLGof/AGW9 K7z9pnwzY/HP9s74U/sd+Irie1+GGleHH8SahpNtI1vHqDwPPBbQM6FXKRiFeFPCl8YbDL6h8Mv2 UviZoPxJ/Z/vfG9xptz4b+CPgyexQ2s8khm8Q3aLazOkckUZMKwKGSRsNuH3R1rs/wBqH9mT4h+P /iR4K/aH+AHiGx8OfE/wLHLaRDVUkfTdS0+ctutrnygzqB5kmCqEneeVYK6gHAt+x74W/ZZ+IOtf tK/ADU5PCfh/RvDWpPq/hKNJrq01aW2t5ZYXEktxmFlcIQArDK4XbvfPz/8AscfsZfBv9pn4AR/H z9ou0uPHXjn4mzahdXWo3N5Oklokd1LbRpbCKRUTb5e4fKQudgGxQte/eA/2YP2gfij8ctM+On7Y usaBcJ4XsL2w0Xw54bFwbFP7QjaG4luJLgByWRj8oZskI25dm08V4D/Zt/bo/Zo0vVPhL+zl4v8A CGrfDq6ubibSZvEsd5/aeircsXdUWBWik2sxYbt6s+WKIGZaAPzw+JPjHxlb/sJfF74KeJNbuNdP wc+I8GhaZqMzlpmsoJ5EiXzMknY0TFOfkVlUfKqgfSv7bf7Ffwi/Z1/ZdHxo+HEV7p/xN8G32l3c niP7fcyX17d3FzHFPNMXkZNzySeaCqqQRgEAsD7P4z/4JxeJv+GOtU+BHgrxJZ6p488Ua9b+Itc1 rV3mhgur0HM20xRTyBQBhAVJY7mYgsQPsD9tb4GeLf2j/wBnPxJ8IfA93Y2Os6xLYPDLqMksVsot buKd97QxTOMqhAwh5xnA5oA/PT9sf4J/Cnx1+1P+y/r3iXw5BdXfxWubtfEreZMo1BLO0sFgVwrj YI1YgbNuR1zXWaa+jfBb/goT8S5fCuni30rwL8E91jZpucJb6ZJZGGFdxLEBYwoyST65r6s+L/7N Xjr4gfFn9nHx5o1/psOn/CCe8k1ZLiWZZpxcQ2sa/ZAkLq5BgbPmNHwRjPIEqfs6+IbL9svxn+0l 4hn0668D654Hbw49iGmkvmkE1vLIXhEPlmJo4XHyyliSBs5yAD41/ZG/Yu+D37Tn7OyfHf47RXXi j4h/E6bUL+41trqaK4sZI7qW3h+yiN1jTy/KDAFCAfkxsUKPlDwxZXem/wDBJL4+adqF2b+6tfHg iluWYs08iX+kK0hYkklyC2SSTnrX0h8DfCvxc8P/AAj16P8AZG/aC8Lp8A3uL2WPUdds7mPWvDkU jF7hI45I0XehLMpmKhj+8QLvzSfsMfs9r8dv+CcPj74S3uoyWVp438Q6hPYajJETuNo1mYJzGSCV Nxa/ON2eGGc0AfVn7aTon/BNvxMzsFB8OaKMk9zNaAfma+MP2pvh7b/Fi4/YN+G17dT2dj4j0qWy vJLaQxTGzlsdJFyiOOhkh3p3GDggjivUfG/7J/8AwUM+MnwM/wCGefiP448FWHhrSLS3ggnsVvWu 9Xax2G1S9leHbHErIrs8cW8sgyrZJr6U8WfspfEPXvGX7K/iKz1HS0tvgdaywa0sks4e4Z7SzgBs gICHG63cnzTFwV75AAPz8/a4+HPw1+APj74X/skfDvwz4lm+GPiq6vPFHiTQ/DPn6hq+svEgijt0 3yrJJEi2xZ08z5FLSj5lXGXHJpPgX45/DL4ifsffAH4n/DWe31S3sfE1tqOhXkel6hos7qkvmgT3 P7yMEkFgFBxITvRTX6h/tafsveLPjPq/gr4r/B7xJD4R+KHw4uJJ9JvLpGezuIp8CW2uQgZgjY+8 Ef5S6FSHyvk+mfAf9tj4yfFfwf4u/aU8Z6F4X8J+CLoXsej+Cp7+I6pcIVIF08xB8pioyC7fIWQI pYvQB5J4O+Ffg79tT9tD443/AMe7eXxF4d+Ec1loOg6JLLLDaw/aBN59wyxMjMzPAzAkndv5yEQC p+yH8GtB+Av/AAUY+MHw48JTzSaBaeFLSfTop5Wne1trma0lFuHcsxSJiypk52Yzk5J99+JP7N/7 Q3w+/aB139oj9kbWNCW58dW8EHiXQfE32gWNxParshuoWtRvDKvUblwS5ywcqK37L37LH7Qfw3/a W8cftD/HTxVoviS+8caPHazDTPtEZt7lZYSsMccsSr9miihCRtv3nA3JnJIB9P8A7VnxI1n4Q/s4 /ET4j+HHMWr6Lo9zJZSBBJ5V1IPKhk2sCCI5HViCCMDnivz2+E//AATf+CPxc/ZU0DxV4la5n+KH j3SLbxA/i2W6uJryDUtSiW6R9gmVJEjLhWU8vgtuDkMP1V+JHgHQPin4A8Q/DjxSjSaT4lsZ7C5C Ha4jnQoWQ9mXO5T2IFfl/afs0/8ABQ3wz8KZP2XfDXjzwdcfDwwS6XB4guIb1ddh0iUGMwCIK0IY RMVQAsVGAJhgFQCHXfC3iTwR+39+yh4P8X+In8W6xo3hTXbS41aSEwSXrRWN4oleMySkOygbiXYs csTk18+aZ8VvE3wX+EP7dvjzwZcPZ65D8RL2ztLhM77d7/UmtWmVh9140lZkbs4Wvujw1+xLrHw+ +OnwA8YeC9Ts5fB3wf0DUtJvBdySrqN3PfQXCedHGkTREPLPvcNKu0EhQcDMPgn9h3ULnw3+0n4G +K1/ZTaJ8bvEt9rFg+nSSyT2cM073Fs8yyxRKJoZPLfYpdCVxuIoA/LuHwH8CLv4CxadpH7O/wAY pfitLYLfQeMo9EuWlfXGTzVuhKt4QbdpumIy3l/MP3nz17N+0ZP8UfjJ8Bf2O9N+KJ1Xwr428R+K 4dG1CaaOWw1OGYziw+0lZAsiSyIBMGwM7twGCK+jx8Bf+ClVn8L4/wBnLT/H3g1PCUNuNMj8UKL+ LX00tR5aptVfLWURDaCMtj/ltu+evYfiZ+xz4w1rSv2cfD/hDxHHqdv8GvEun6zql7rtzcNe38Nt NHNO0bLHNuldlYqjsqKCF3gCgD5J/ao/Zi+En7IvjH4A/FX9nnTJvCOsHxrpmiXjQ3lzML21uss4 nE0j5LLGyNjAZXYMD8u3b8b/ALO3wX8Q/wDBVbT9B1nwvDdafq/g9/E13E0swEusfbph9qJEgO75 F+UEJx92vt/9sP8AZ78Z/tB6b8NLPwZe6fZP4N8Yab4gvDqEksYktLNZBIkPlRS5lO8bQ21TzlhX m37QX7Of7Q+o/tSeFP2nf2d9X8PRX+naF/wj+oWPiD7QsTW/2iWYyRtbxyElhLjHylSikbgxAAP0 Pr+TX9n34s+KPF3wq+Hf7J/ia8vfh98IfFXiS8tdd8TQRtjUJp9si6as7ARwocxrISW/1gZx5asr f1lV+Xnwv/4J93cX7EGpfsrfGO80661ee9vNRstQ01pZ4bO8dt1rOjTRQvlDlZFCjcjMmcNmgDxj /goW+j/B/wAN/Az9k/4c6Lq2n/DzxLfXP9r6V4VgaXVL/T9PMG60gXcpmkn893k3sSzhXcnnPzd4 3HhvwH4k8EfEn9jD9nT4q/Drxj4Z1GD7d9q0G9Fhqek/8vFvchbi5d2YhR90bgW3HcEK/ffib9jr 9oD4ofAP4daZ8QPGWl6Z8bfhBfG58PeI9PluLy1uI4xH5a3nnwQuHk8uMSsI5MmIOd+90pt/8BP2 7vjx4t8KWn7Q3jbw94Q8E+F72O9uYPBM2oQXurSQ8BZZJdpRHGQcMAu4kRltpUAy7+H/AIZt/wCC mVjqqj7N4S/aL0lraT+GJde00Dacf3nAQD1e5b615h8LvDnj39qPxP8AtS/tM/Dq8Nvq+q2l34H8 C3Qk8rbb2UQ82SGQkeX9oYRFJARsd3OeDj1f/grJH4VuP2etP1SDWFsfH3hzxBplz4bjtpB9vkvp JBG0cSqfMH7pzLwPvRp7V9C/Dv8AZZj8MfsYad+zLbatc+HNRl0TyLnUtPkaOeDVLg/aJ50eNlZl Fyx+XcN0Y2ZwaAPxD0/Q/wBlnwf4E8OfDP8AaD+GnjH9n/4n6VJbFfHEUV1cJLeQyK0tyG8xCRLg lRHFIIs5R/l+b+mjwvd22oeGdIv7PU11u3ubO3ljv02lbtHjVlnXZ8uJQd428c8cV+TGvfszf8FD /iD8IR+y/wCP/Fnga48DNHbWU+vtHfXWtS2NrIjR/JIgjaYBBksFYn/lrn56/VH4c+CNM+Gnw+8M /DrRZHlsPC+m2emQPIcu8VnCsKs3+0QuT70AfnVG8vjb/grc9tqYDwfD74etNYqw4SS6njSSRB/e ZbxlLDsMdqzPiz4b0rxl/wAFR/D/AIQ12Lz9N1z4TXtjdR/34Lm61CKRfxViK6f426bcfBb9v74V ftAzqYvC3xD06TwLqlx/BBfyM01jvJ4AnkEaA5wPLYn3oeJLm3v/APgrh4SWylWc2Pw0lSfYwby2 N7dsA2OhxIhwezA96APhnTfHfijT/wBg3V/2MJLnb46i+Ii/DWJeTJ5N3e/a/N25yYm2yxDnG3AB xioLf4geJte/YN8OfsYRXBTxzqHxCf4dXCf8tI7a1vReSSkdRHHviiPbbkHoa++dT/YO167/AG/L T9qO31OwTwNvi1S60oyzi6fWYLN7WOVYREYSocrNvMobcXG3nlnhb9gvW9D/AG+tX/aju9S0+TwS 73Op6fpqyTNeR6xe2sdvcSyQmIQBWYyyB1lLZ8vK8ZAB8MftMfFPxr+yp+2h4zl+BPhqTVNRs/hf aaLY+XC08ek2dsbeVr2WNVIZLeG2P3sIGKlsqCrfZ37PnwD0eT9i3xT46/Z/8RyeJPip8WtCurm5 8V3Unl39xqc6Nvt/NZi1v5c26P7+VkG9mJAI+iNJ/Zy8WW37bvij9o/UrnTbjwjr3g1fDi2ZeV70 3H2i2lYyRND5PklIWGfNJJIG3GSPDfh9+w/8TvhtJ8YfhB4U8XQaV8F/iFHLdaItrd3UWt+H9Tk2 MDCqxLG0AYbGH2gM6ImcEvkA/LfT9D/ZZ8H+BPDnwz/aD+GnjH9n/wCJ+lSWxXxxFFdXCS3kMitL chvMQkS4JURxSCLOUf5fm/po8L3dtqHhnSL+z1Ndbt7mzt5Y79NpW7R41ZZ12fLiUHeNvHPHFfkx r37M3/BQ/wCIPwhH7L/j/wAWeBrjwM0dtZT6+0d9da1LY2siNH8kiCNpgEGSwVif+Wufnr9Ufhz4 I0z4afD7wz8OtFkeWw8L6bZ6ZA8hy7xWcKwqzf7RC5PvQB8ReP8A/i7X/BRH4d+Cl/faT8HPDd/4 mux/yz/tHVmFnbRv/togWZPQZPrX6IV8l/s//BXxl4K+L3xs+MPxDa1fVfiHrcC6eLeUzeXomlw+ RYhyyrskZWJdBkAgcmvrGSWOFDLM4RF6sxwB+JoA/mx0jwLqev8A7Cfxc+I3hldviL4WfGDUPE1j Io+dfssdkk3P91Ucyt/1zHpXTft5fFXxJ8bPiX4V+K/wpl8zSfgf4T0Px04BLFbvW76zljjyOjCA wykkfdR+OlfZP/BNXw5o3j/9nP40+GtWUXWi+KfHXiW1k2kFZrW8s7SJyp5BDKTg1d/ZM/4J9eJv g78Fvi/8OvizrGna3q/xNtf7JW6spZ544tOgs3t7UM1xFE6vG0rEKoZVVU2scYAAug65pv7Tv/BR XQ/E+jv9s8JfBnwdBqEDfejOqeJIhLEfTJtZVb2aH16fkT+z78WfFHi74VfDv9k/xNeXvw++EPir xJeWuu+JoI2xqE0+2RdNWdgI4UOY1kJLf6wM48tWVv3P/wCCff7I3ij9k34c6/pPxC1Gx1jxX4i1 COae50+WaaAWVpAkNpAHnihc+X+8IGzADADgV5v8L/8Agn3dxfsQal+yt8Y7zTrrV57281Gy1DTW lnhs7x23Ws6NNFC+UOVkUKNyMyZw2aAOU/bt/Zy1zR/hd8I/C3wY+H9x4p+FngDVGn1/wdo8skM+ o2w8sxN+63TSsCJvMYB5C0u887mHk/7ImtfsfX37VWkap8Gx4h+CXi97C4stQ8D6pBJFaau+xznf JLKA8QIdU+QkxhlQHfu+gdZ/Zh/bO1r4TfC68/4WPpmnfF34UXUiwTw3l9Nouu2GI1jGoq0ETmdV TYzeU4cFiW3SZS94W/Zk/ac+Ln7QPgP48ftXan4VsIvhqs76VpnhaO5Lz3EwA3XM1z8wQMA4UO44 2hV3MSAfpvXz1+1v/wAmrfGP/sTtf/8ASCavoWuP+IfgzT/iP4A8TfDzV5GisfFGmXml3Dp99Yr2 F4HZc9wrkj3oA+F/gg6R/wDBL2wkdgqr8PdSJJOAALOfOa/MTxh4Ul8efsb/ALFHgSG8m08+JvE8 +lm4t32SxLfXz27MjdiFc19k+Hv2TP2/dL+DN3+ygfH3g+2+Gv2a6sI9YjgvH1qTTrguTabGQQos gYxuTuZEYhXfAFdxp37DnxYtPhd+y94Jk1bRDffBPxNFrWsuJ7nyri3S++0lbM/ZgzybOAJFiGf4 sc0AeJ/tp/sw/Bz9mT4K/DzRvg/pEml2+ufFLw3cXfnXEty8jw2d7GnzyszAD5jjOAWbGAcD6b/4 Ku6OLv8AY51vxNCwivvCeq6PqdnKOHin+1pah0PZgtw34Zr139tP9nrxn+0b4K8D+HPBF7p9jc+G fF+meILltRkljR7WyiuEkSMwxTEykzLtDBVIByw4z47/AMFII9S+J3hj4f8A7KXhMmTXviv4gt1m VefI0jSyLm8un64WJvLbkcgNjJGKAP0C8Fa1N4k8G6D4iuV2TapYWt06gYw08SyEY7YJr8d/2mn/ AGT1/az13Uv2gNR1z41a6mn21vpfgTQ9MuLlNCXYhdmaK5SOSSbh9p2lS+WU5jK/tHYWNrpljbab ZJ5dvaRpDEvXakahVH4AV+Yd9+zR+1p8G/2jviN8ZP2ZtS8I6tpXxTkhnvrbxV9sWazni3EeW1qu WjDuxGH5UhSmUVqAPkT9kW9sfDvx5/aS8BeBPC2ufDrwRfeCptXt/DGvK8d1Zz+TCqyPFI8jIXEz soLE7GVSSFFbv7FP7CfwO+N37F1l8RfilYXOu+JPEFtqsWn3kt7cqdJgsrm4t4I7WNJBGqrLG0xD IwZnIIK8V9J/Cf8AYw/aK8JfHb4i/Gb4j+NNE8WXXxN8JXmlahJGtxaSW2pT+UIY4IfJdGtII4Uj VzIshXkx5HP1P+yL8DPFnwC/Zc8M/BLxjd2N5rmjRanHNNYSSyWjG9vbm5j2PLFE5ASZQ2YxyDjI wSAfkXZfGP4maj/wTB+FHgy08QXNrqHj/wAWDwVPqRJaWLSpLi5zH5hORhESIDIJiBXOM13n/BQz 9hD4C/BT9le68f8Awg0ubw5qvhqWwtryRbueU6ra3FxHCyXSyOUZxM0cwKqMFeBjG36Z8F/8E+td m/YatP2X/iLrtpaeKdJ1K41jTdV0mSaWC01ATSSW0gMscEjALIUkG0EBjtOQDXm/xx/Zd/4KL/tN /CofCr4o+MPA2nWGlNBMj2H29JNauYHVVe+k8lhEioXkAiiAaUKDGBhkAP1z8Kf8ivo//Xnb/wDo ta36zNEspdN0aw06chpLW3iiYrypZECkjODjI9K06ACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooA//T/fyiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKyNZ8QaD4dt0u/EGpW2 mQSMEWS6mSFGc9FDOQCT6Vr1+Ln7MfwM+HH7cviz4wfH79o6zl8YSQ+Kb/w1oun3FxPBBpem2Kxy RrEkEkZVys6jJ5DKX++7MQD9n4pYp4kngcSRyAMrKcqynkEEcEEVi6f4p8Matfz6VpWr2d5e2v8A rYIbiOSWP/fRWLL+Ir8V/wBon4WfEj9kH9myw/Z+8D/Ee9vNE+KXju10fTpnhaGfQ9IvhI0lmtx5 zs4Yom4qIgR5vA3muy/av/YV+B/wB/Zx1D4ufAa1uvBfj34aRW+o2Wt297Obq4aORElE5aTYxlVm PyquGwANhKEA/YmW/sYLhLSa4jjnkUusbOA7KvUhSckDue1UNK8SeHddSeXQ9UtdRS1YpM1vOkwj YdQ5QnaRjoa/D3426PH+1j+0f+yHZ+L57jT7T4j+C5dQ1eOyle1aWCWxa+urYMhDCKYI0TAHlGOD 3rvfFHwL+Hn7KX7fXwDj+BNhJ4Z0f4i2+sadrOmx3E01rcx2sGQXWd5CcmRTjO3dGrABskgH7K2d 9ZajALrT7iO5hYkB4nDqSOvK5HFFvfWV3JNDa3Ec0lu22VUcMY29GAPB9jX4+/s0/EDSv2L/ABT+ 0p8A/FjeVoPw/wDtHjjw9EzYMuk3UakwRk9SrG3iGOsrPwDXyt4kv/iV8Ef+CeVp4/iuby08e/tM eMEvdYvbJG+3/YdSWeeOO3Ksp3TRxBlXIJE7rnnIAP6GbHxR4a1TUJ9I03VrS7vrX/XW8M8cksf+ +iksv4itFdQsHvX05LmJruNd7Qh1Mirx8xXOQORzjvX83XxI8H/CjR/h7p0/7Ln7Onxh8CfFXwxJ bT6T4hl0K6VpZY3UTfbGS5lyJU3n5IuGwABGWU/YXxn1nXPhP8f/ANmr9tXW9Pk0KLx9p1l4W8Z2 8sT232aXUrdZYvPjfDo0Lu5dW+ZfsyqeeKAP2EmvrK3uIbSe4jjnuc+VGzgPJt5O1ScnHfFeDfs9 eKPi/qXwug1n9o3+xNO8UPdzxv8A2ROrWPk7gIcP5so3kZyN/XtXx54IX/hor/gpB4r8dv8A6R4W /Z90tdCsD1jbXL8OLlwDwWjUzRP6FIzxxn8zY5ZYP+COgmgcxyR+NQyspwysLjIII6EGgD+l5fEn h19Ybw8mqWraqi7zaCdDcBfUxZ3498VwHgz4V/Cj4LXHjDxV4VsIvD7eMNSm1rXLmW6maOe9nYtJ MxuJHSIMzn5U2IM8AcV+Qv7bf7Ffwi/Z1/ZdHxo+HEV7p/xN8G32l3cniP7fcyX17d3FzHFPNMXk ZNzySeaCqqQRgEAsD6t8b7CP9qz9sv4Xfs4fEi5nb4f6Z4RTxhqWlxO1vHqWoSF40V3jKsUQbMYO QPMAILEgA/WSx8R+HtThtbnTdUtbuG+3fZ3hnSRZtv3vLKkhsd8ZxWtJJHDG0srBEQFmZjgADkkk 9AK/ED4m/szfDf8AZ2/b7/Zvn+E8EmjaB4qvtUlfRxPLLa215aW6LJcQrK7lDOkkasBx+6GPQftf rejaZ4j0a/8AD2twC607VLeW1uYWJAkhnQpIhKkEBlJHBBoA+NvhN+1tJ8XbP45Tafp9ppknwu1P VNM05DcfaHvRpsLk3LgbPkeRMhV6LxuJ5re/Y/8A2iLz4z/s2eBfir8U7/S9K8Q+Km1BDFEwtYZG tdQuLVBDHLIzE7IlyNxycn2r87P2LPgf8KtG/wCGp/FumeH4oNX8F6/4p0PR7gSSlrTTRDMggQFy pG0YywLe9Yv7EP7BPwI+Nf7Gth8RPilp91rPiDxDFqqWF019cR/2VBa3dxDGlrFG6xgecjzMHVgz O2eCRQB+9eRjPasPS/E/hrXLm4s9F1a01C4tDiaO3njleI+jqhJX8a/nD1L4+fEm7/4J3fA74cvq WtXQ8b+Jbvw/qEulBrjWLjR7K5KixtRuBeR1kSKOMsN6oIydhYVe+Juj+B/DGk+HPFv7G37Ofxa+ HPxN8JXltNaahcaFefZry3RgJ4b7FzcNIsi8nCfNyjfIxwAf0lV8+ftCfAL9n345eHbeP4+6JZX9 hpBZ7e8ubh7KS1MmN2y5ikidVbaNy7trYGQcCvbtC1CbVtE0/Vbi3ezlvbeGZ4JVKSRNIgYoytgh lJwQeQetfkj4f+GnhX9tb9tz40R/HNJvEHhH4Nf2dpGh6DLLJDaRzXqSefcOsTIzMXt3OSfmDqDl UQAA9x8VfC74LfsPfs5+P/jV+zD4W0y11yy0oSx39xLPqX2lVlUbXmkmZzGSclY3VSQCRwK9K0P4 l/tA+MdF/Z38W+FbbQ20XxvpVvqPjI3DeVPELmztZ4/7OjaYMfnklyMSEALn1Px58a/2SYP2Xv2Z P2kG8C+KZ5Ph74n02O407wzNHJIukzpJH5jxXUk7s4kyQQYwSoTczFcnlPFf/I1f8E3f+wT/AO4v SaAP2g1jX9C8O2wvfEGo22mW5IUSXUyQoSe25yBmr0V3aT2q3sEySW7rvEqsChXruDDjHvX87F14 78DfGr9qf4xeLf2ivhT48+Mmm+FNZufD3h7TvDmmzX2maVbWcskLmZUuIdk8ojV9vQsXYgnbt9t/ ZKuvGHhXX/jz8OvC/gXxr4N+C1/4ZvtY0C08X6bcWp068SJY7i2hlkaSPbKZndV8xmZIwx+YOSAf tDeeLfCmnpaS3+tWVsl+dtu0tzGgmb0jLMNx+ma8Q/ay/aAj/Zm+BXiL4ux6dHrV5pS26W1jJP5A nlubiO3BLYYlYzKHYKMkDGRnI/Kr9in9hP4HfG79i6y+IvxSsLnXfEniC21WLT7yW9uVOkwWVzcW 8EdrGkgjVVljaYhkYMzkEFeK8o8T2Vp8UP8Agjnpfj7x7G2s+IvAl4bTR76eSRpraGTWYbZlB3YY eQRENwOEAAxjNAH9C3gzxFD4s8KaT4ihlhlOoWsEz+QweNXkjVmUEE9CccnNeWeLdb+Ndr8efAuh +F4NIf4cXtrftr8lxIBqaTpDIbUWqeapZTIE34jbC7uR1Fv9nb4YeA/hL8I/D/hn4d6RHoumXFtD fSQxvI4a5uYkaWQmRmbLHrzj0FfGHx2/5Sefsz/9gbxL/wCm+8oA/SPVPEnh3Q5ra21vVLXT5r1t kCXE8cTSt6IHILH2Ga+TP2Zvj944+L/xd+PHgbxTDZR6d8NfEMel6WbWJ45WgYzgmdmkcO/7teVC jrxXxF+yr8Avhl+3BqPxZ/aF/aP0+XxdqV54nv8AQNMtLieeCPS9NsUjaKOJIXj2OBMBzyNu77zu T5b+z/qGtfsn/Dv9tuTwpqE2oaj4F1CC1028uT582f8ASYLaWQ87njDozZ4ypyMcUAfvBN4n8NW2 rx+H7jVrSLVJhlLR541uGH+zGTuP4CtOe9s7V4YrqeOF7htkauwUu3ooJ5PsK/mi8CeEPgB4j+As B8Zfs/8Axf8AFfxJ8SWX9ozeNbbRrm5aTUrlfOjurWf7YFkgVmUoxj/ep8zAs1d18V5vjH8Wv2ev 2S/Cfxi/trwx41vfHA8PXF5eRT2OqCN5ktoLrMwWXzPIdT5h5dgWJJJoA/oSsPEnh3Vb650vTNUt by9s+J4IZ0kliP8AtopLL+IFfMes/tQ2unfteaP+zFHZWq2134dm1y51SS5G5ZhO8EdqkfADfuyz FmJOQAoxk/nr+1R+zF8JP2RfGPwB+Kv7POmTeEdYPjXTNEvGhvLmYXtrdZZxOJpHyWWNkbGAyuwY H5du343/AGdvgv4h/wCCq2n6DrPheG60/V/B7+JruJpZgJdY+3TD7USJAd3yL8oITj7tAH6GeGvH /wAWtC8VfF3Vfi5Ho1t4I8OG3l8NPZTr9slgWKd7lbwGV9shKxiMFUzlsA9vhD4M/tCft9/Hf4S6 38evCE/gO10zUI5F0LQrgypcRyRajHbM9zJJIiqnlLPhmlBd1QhAGxXMeAPhz4K+KHxg/bv8N+Pd LTV9Niu9GvVhkZ0AuLW21KSF8xspyjgEDOPUGvmzRPhL8O/D3/BG/wAQ/FvRtFjtvF3iqGCDU9QD yGS5itfFqRwqysxQBEjUDaozjnNAH9EejX17D4YsNR8VSQW16LSGS9ZGAgSYoDLtYkjYGzg56d6s 6Pr2h+IrX7d4f1G21O2yV821mSZMjqNyEjNfg9+1h4+XxV8XfgT8AvG2geKPF/w207wZp/iHVfD3 hO3kuL7VbmRJI4hJGkkRaCEwISwYFQz7SGIKs+H80HgX9q34Y+LP2Uvgd8Sfhp4d1q9TSPGNjrOi XcOkT2d06RRXJ/fXAQwb3kdnKou1WGPn3AH394x/YG/YO1nxbd+OPFHg/TrS9uLofaY11O5srR7q Y5UNbx3EcSuxyQiqoY5+U19xeHPDmg+ENB0/wv4WsIdL0jS4Ut7W1tkEcMMMYwqIq8AAV+HHw0/Z P+Gf7Uf7bH7TafFyO71DQ/C+qWv2eygu5baM3eoLKBcHyipLxpbkLzj5vmB4Ffudomjab4d0aw8P 6NALbT9Mt4rW3iX7scMKBI0HsqgCgDxP4D+JPjHqXhrxPqPx9XRbG8s9dvItObSplaD+yESL7O07 ebIFm3GTeCRgbflHf2KbxR4atr+10q41a0ivb1Q1vA08ayzKehjQtuYe4Br8IPhV/wAo5f2tf+x0 8R/+itPra1D9hj4JP/wTvPxt1azu7/4kt4Mt/FS6/NfXLXKTJZpdwwKpk8oRRxBYFXZwoBBDAMAD 94q+SfiF+1Da+Cv2pPhz+zmllatD4ws9Rvr7UprkJ9kWzt5pI4Vj6b5HjGWZuFOApJyOt/ZH8Ua5 40/Zh+F3ijxLdPfarqHh7T3ubiQ7pJpBCqtI7Hks2Mse5JNfnL+0j+zz8GvG/wDwUw+FWheKfDMO oWHjvRdVvdbieWZRe3FnaXCwSOUkBUoIYwAhUHaMg80AfZXgD9o7xTrn7Yfxn+CHid9OsvCHw803 R7yyuSpin3X9rbzSmeZ5ChUNK23CrgYyT1r7L03VNM1myj1LR7uG+tJhlJoJFljceqspIP4GvxLi /Zv+H/7Q/wDwU/8AjlovxPgn1Hwv4f0vQbt9LjuZbeC7uTpljHAZ/JZGZIgXYAMPmxnK7lPTfAjS NJ/ZN/bG/aB+FvwyFxB4D0nwUniu30eSeW4iivII4CdhkZnO7zHXJJYrtUk7VwAfsBqfifw1ol1b 2Os6taWFzdnEMVxPHE8p9EVyC34VuV/Mp8Cbn4NfFTwFqvxJ/aR+BfxQ+MnjjxxdXk1x4h0rSbi6 0+KIStFHFp00d3EoEW3B+T5GBjHyIBX6n/8ABM/WPiy3wa13wT8UtI8Q6bB4U1ma10CTxNZTWeoS 6LIqvbrIJh85iO5TtZlQbUU7VFAH6J3N7Z2QjN5PHAJnEaeYwXc7dFXOMsccAc1W07WtH1hZ20i/ gvltpGilMEqyiORfvI+0naw7g8ivy2/4K76dfav8DfhvpOl3L2V7e/EHSIIJ42KPFLJZ3yo6sCCC rEEEHIIr5w/bL+Cnw7/Y1+G3hf4XfAKw1vTU+M2t2Gl+Ip9MllvtYv7DTwd1vaK7gedctcf6pCiy thMBCRQB+52l+J/DWuXNxZ6Lq1pqFxaHE0dvPHK8R9HVCSv41c1TVtK0Oxk1PWryHT7OHBea4kWK JM8Dc7kAc+pr+cX4m6P4H8MaT4c8W/sbfs5/Fr4c/E3wleW01pqFxoV59mvLdGAnhvsXNw0iyLyc J83KN8jHH2T440PT/wBsP9vXTvg38XIblvAXw+8G2/iT/hH5Wkt47nVL0wAtOqlJD5a3KqQT8pjK YAdwwB+ttprei34tzY39vci8QyQeXKj+ag6smCdwHqOKtW19ZXrSrZ3Ec5gcxyCNwxRx1VsHgj0P NfjBo/7Pngv9nr/gqB8MdE+Gqy6f4X13w/rGoQaU00ksFjcm3uIrjyBIzFEl2I+P72QOAAPbP+Cd 3/JQ/wBqf/spusf+j5aAP0zt76yu5JobW4jmkt22yqjhijejAHg+xrNm8T+GrbV4/D9xq1pFqkwy lo88a3DD/ZjJ3H8BX4peBvidrPwhj/b9+JPhZwuraNr2bOTbvEVzJJdQJJjofLdw2DxxzxmvmLwJ 4Q+AHiP4CwHxl+z/APF/xX8SfEll/aM3jW20a5uWk1K5Xzo7q1n+2BZIFZlKMY/3qfMwLNQB/S9d 3lpp9tJe386W1vCCzySsERFHdmbAA+tZ+j+IvD/iG1a+0DU7XU7ZTgy2syTID7shIr8GvH/hz9qf 4zfsh/AzW/iP4D8QeMofAus3SeMfC8y3VhqutWlrIi2Mzoyi4lIhDK7qrOzPv/vMOx/ZM1P9jnWP 2o9NuvhEniH4K+KrnTrmw1PwNqsEkVprLGOTPzyTSYeMHeqfISYwyoDv3AH0V8KNM/Z2/aL/AG1f ir431zwPY/8ACX/Cy90mx07U5dQmuDfTpFOPtS2u8W4MSwII8IxXG8tuxt/Rjxx4rsvAvg7W/GOo APBotlcXbIXEfmeRGzhAzcAvjaPc1+RP7B37Pvwd0T9rv9oXUNL8NQwXHw012ztvDriWY/2fDdw3 sU6oC5Db0+Ul9x9MV+lH7T3gXwn8RPgD468O+NNOTVNOXSbu7ELs6jz7OJp4HyjKcpIisOcHHII4 oAyv2Ufjs/7R/wADfDvxau7O30q91v7W8thbzef9lSK8ngiVmOGLFIgSSq5OSABwPb7bxT4YvNWl 0Gz1ezn1ODPmWsdxG06Y67ow24dO4r+e3w7La/s//wDBKjS/ib8JLU+H/HHxYu49E1bWbeWRZ2iT UL5EfcWIiKwo0QaMKRvyDuAI+sfjx/wTq+Afwp/Zg8QeL/hzBd6H8Qvh5pE+uW3iaG9uEv57zTYj cSM/73YPO2MAFA2EgoRjkA/Tz4p/CzwR8Z/BF/8ADz4h2H9o6JqJiaSNZHhkWSGRZY5I5Yyrxujq CGUg/gTX57+GdG/Z4/ZK/bK8I/Cj4X+Dre01r4nWGp3WteIb7VJ7m4t4beOW5Fuizu4QzTRK7nK7 hjIY7Sv2V+yn8SNb+Lv7OXw8+I/iUh9X1vSLeW8cLsElwg8uWQKOAHdS2BxzxxX5u/tI/s8/Brxv /wAFMPhVoXinwzDqFh470XVb3W4nlmUXtxZ2lwsEjlJAVKCGMAIVB2jIPNAH2V4A/aO8U65+2H8Z /gh4nfTrLwh8PNN0e8srkqYp91/a280pnmeQoVDSttwq4GMk9a+y9N1TTNZso9S0e7hvrSYZSaCR ZY3HqrKSD+Br8S4v2b/h/wDtD/8ABT/45aL8T4J9R8L+H9L0G7fS47mW3gu7k6ZYxwGfyWRmSIF2 ADD5sZyu5TD4E+zfsXftI/tO+BvhB51t4P8AD3w+k8X6fpE80t1bwalbwQlCPMZmKlpGDEsW2YDE hRgA/ay98UeGtN1KDR9R1a0tb+6/1VvLPGk0n+4jEM34Ctyv5l/g3o/wF8dfB9/EHxx+Avxa+J3j /wAZCe8vvF1hpE93G0srMIpLCcXaIyRqFwWjIZgQwKYUfrr/AME4vEXxi1r9my10r43abrGn674a 1K60u3fXrSe0v7mwjSKW3ldbgBnAWUxBxkfu8ZJUmgD7xd0jRpJGCqoJJJwAB1Jr8i/2dP8Agob4 2+LH7UTeAvFWlWVj8MfGVzrFn4M1KOJ45rubSnUjzZGlZWEkWeAi4kZFBPf6P/4KL/GuT4Kfsr+K LvSpSmv+LAvh/S1T/WGfUFZZWTHO6O3ErqR/EF9a/Gn4q/Fj4V6R+yh8IPCnwn0HxPpXxE+DF5aa 1b6hd6LLBam6dvP1ItNuO2Np8SgntGqk4oA/eX9rf9oyw/Zb+CupfFO403+2b5Z4LHT7HzPKFxeX JIRWfDEKqhnbAJIUgcnI/Pz45+D/APgpF8Sfgvrc3xd8N+AfEXhW7tor3UfCNlPqVvqAjtHW52Rz QyoDMjRhtounUlQAH+6frL4p6p+zp+15+y54WtPid4itfDmj/FOKyk0iSW7iguYtWbBSK38w4kmh lLRumDn5lPXNfN8nwp/4Kf8A7OmmH/hWnxD0b40eHNJjxFpmt25i1GSKMfdDMQ7HaMAG9JzwAaAP r/8AYX1n4OeIv2ZPCWu/Azw4PCfhq8W4ZtMMzXEtveJM0dysszlnlYyKSHc5ZNpwowo+uq+Wf2Of 2htE/aY+Cdl8QtK0RfDd3bXU+m6lpqEFLW+ttpdVIVTtZHRxlQQGwckZP1NQB+c/7Zn7Q/7QXwy+ L/wk+D3wBh0F9U+JB1CIvrsU7xLLa+SU+eGRSi4ds/K2TivOvGPxm/4KZfAjQ7n4j/EvwN4K8ceE tGQ3GqQeHpruG/itUGZJUaZjgIOWIhkwMkgAEi1+2F/yfj+yV/1+az/6DBX6d+Ip9ItfD+p3PiDZ /ZcNrM935uPL+zqhMu/PG3ZnOeMUAfH3xX/avtx+xRq/7VXwTkt70jTYLyyS9QyRxyvcx280M8aO h3xMzowD43LwSOvy3ZX/APwU5+OHwet9Tn034aan4W+IGgpM1lK2p288+n6tahjE7RSoY3aKXaSk oKno/Ga+WPg4dTP/AARn+J327P2X+0br7ED1Fv8AbbPIz3/e+Z0r6b+BvxB/4KVR/A/4faV4A+Fn g+TQY/DukxaXqF9qTb5LNbOIW800SXKsGaMKzKAME4wKAPPv2M/2eP2Rv2ibbxp4P+JXwW/4RH4i fDfUF07XLCDX9Zkti7mRVkhJv2IG+GRSu5wMBg7Bhj7++Fn7JX7HXwa+Jln4h+Gei22k+NdNSZYV /tu+up0WeNopM21xdyqcoxGWQ46jBwa+EvGXw3+M37Ff7J3x3/aA8YeI4b/4x/FK7sTe3mmAi301 bm58nEDlUIdFuZSHVQFbywv3Nzd7qv8AwTc+AGn/ALK02u2dvcRfEmy0JtcXxWL24F4dXjt/tRmP 73yxGZBjbjIXkN5nz0AfRf7fH7Q/xV/Z58FeB7/4Qw6ZNrfi3xJbaJ/xNYpJYFW5ilZT+6kjKneq 5PPGeK8l8Q+K/wDgq/4H0S98WX2g/DnxLa6XE1xNYWBvxdTRRjc4h8ySJS+0EgbsnsGOAfin4/8A xa8e/GD9gz9l/wCJGpY1XxfP4yt7cNcHaLy7057y0ieVyRzMYVMjZHzFjx2+2Ne8Vf8ABVnxpo95 4Z0/4f8AgrwbJqMTwf2o2otcPbCQbTJGqTy/OoOQTG4H900AfX37Kn7Q2j/tQfBTRfi3pVi2lS3p lt72yZxJ9mvLdtkqBxjch4ZCQCVYZAOQPQE+E/gS3+Klz8bprRpfFkmlrpAu5pndLewSQzGOGNm8 uIM/zOygFu5xXl37IP7Olr+y18DNG+FC6guq38Ek15qF2ilI5ru5bc5jU8hEUKi55IUE4JwPk79t yO8+NH7S/wADP2QdU1K50/wT4w/tHWPEEFs5hOoRadE88Nu0i4bbmCQFQeC6vjciEAH6aaN4i8P+ Io5ZfD+p2uppA2yRrWdJgjj+FihODx0NM1fxP4a8PyQQ69q1ppsl0dsS3M8cJkPogdhuP0r4S039 g/wB8FvjP4e+O37Pmoy+ALHQrS5j13QrZZ7231y32fJHma5HlMOTnDjeEYKGBLfKn7FP7Mvwv/bG +G2vftMftOWUnjrxX451S+jj+0XVxFFp1pbv5aQWyQyJsw24qf4V2hQvJYA/aye7tba2a8uZkit1 G4yOwVAPUseMUjXlmlp9veeNbbZ5nmlh5ezGd27pjHOelfgBp2qeIvB37Mv7Zf7L9/rFxrmgfCWW CLQ57pzLNDYX0sm22L5xtjECkKAAGZ8ADgfeHi50T/glVudgoPwoshknudIiA/M0Aei/Hv8AaG8Y /Dj9oP8AZ/8Ahl4TWwudB+KN5qsOpSyxtLKIrOO3aI28iSKq581skq2eMYr681nxBoPh22W88Qal baZA7iNZLqZIULnooZyASewr8ObD/kOf8E4f+wbf/wDpHYV6p4O+Ffg79tT9tD443/x7t5fEXh34 RzWWg6DoksssNrD9oE3n3DLEyMzM8DMCSd2/nIRAAD658C/tB+M/E/7bPxA/Z8uUsW8J+GfDlhq1 lNFG32p5roW5bfL5hRk/etgBB25Pf1P9qT4m+Ivg1+z545+KPhKO3l1jw5p7XVst0jSQGQMqjeqs hIwegYV+dH7Ifwa0H4C/8FGPjB8OPCU80mgWnhS0n06KeVp3tba5mtJRbh3LMUiYsqZOdmM5OSft T9v3/kzX4sf9gZ//AEYlAHq3wU+Klr4++Ffw78ReJtRsIPE/i3w7pWrT2cUqxsZb20inlMULO0mw M529cDHJr2hmVFLuQqqMkngACvxN8M/8E9vgde/sMWPxBvIbhviTP4Sg8SweIzeTi5trxLFbu2ij HmeWIIFCQhQo+RdwIbBHhvxo/aS+IHxV/Zc/Za8G+Kjr+qWfxLlv18UxaBE02taxaaDcrZmGFdy+ a9yu6SQE4LBWIxwQD+gvSPEvhzxAZl0HVbTUjbNslFtPHN5bejbCdp9jW3X84njceG/AfiTwR8Sf 2MP2dPir8OvGPhnUYPt32rQb0WGp6T/y8W9yFuLl3ZiFH3RuBbcdwQr/AEd0AY+teIvD/hu2F74i 1O10u3JwJLqZIEz/AL0hAq5p+o6fq1nFqOlXMV5aTjdHNC6yRuPVWUkEfQ1+H3xob9kJf2p/H+of G5/EP7Q3jC5MNvZeGdB0q5uIvDkMS7Tar5d0kUsh+XeQV2uHLKJGbHU/8Evb/wDsb43/AB++Hfh3 RNY8HeELObTL/T/Dmt71u9La584lHjdnZGZCoOWLFVTcSRmgD9pKKKKACiiigAooooAKKKKACiii gD//1P38ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACvzAk/Zn/aw/Z++I/jrxF+yDr3 he68JfES+fVLrRvFC3anTdRnz5s1q9sCGUnn5iBtCoUbYGr9P6yNZ8QaD4dt0u/EGpW2mQSMEWS6 mSFGc9FDOQCT6UAfmFb/APBN++8T/ATxh4W+J/jT7Z8VPG2vx+LLjxBaRsLey1iDzBCLeP8Ads0K rNMpOEP7wlVXaoEXjD9nX9vj9oXwnZfBX9oLxp4Q0nwGJrb+2b/w7Hdtq+sQW7rJsYTxrBGWZQzF VQB8Haygqfof9uz9oTxn+zl+z+3xS+G6WN3qR1KwtU+2xtPbtDdFtzARyRknAG07sexr1nU9b+Nc f7RmkeH9Ng0g/C2XQnnvJZJANWGq+bKFWOPzATBsEfPlnnd83YAHi/iP9ljXG/ai+BnxZ8GTafY+ CfhLomoaPJZSyzC8Mc1lNaWy26LE0bKm9NxeRCADgE8Hb+OH7PfjP4l/tK/A34yaFe6fBovwzl1a TUobmSVbqUX0UaR/ZlSJ0Ygod290wMYzX1Xq/ibw54feCPXtVtNNa5bbELmeOEyN6IHI3H2Fac13 a21u15cTJFAg3GR2CoF9Sx4xQB+aX7dH7CHiP9qXx54L8Y+CNctPD5gh/sjxMZ5ZopLzRftMdyiQ iKKQSSRuJGVJCqsxXLDbX0l+03+y94Y/aI+Bn/Cm4Lo+G20p7W50O8gQsNOurFSkDKgZcoI2aMjc CFYkEMAa+hpvFHhq2v7XSrjVrSK9vVDW8DTxrLMp6GNC25h7gGvmz9rH9phf2bNA8H3trpsGrX/i /wAR6foSpPceSttFeb2kunUAs6osZAGVG4glsDBAPlPxP8DP+Ckfxi8O6Z8Ivid8QfCfhrwtBLb/ ANpa94cN+muX8MDBhwyRxq7EAts8pSRzlcqfYv2+/DXwyg/Yo8Z+C/GOsJaR6Jo8MulyXk4lvHvr Db9iAaRvMkknkQRM3JYOxPevvS3ube8gS5tJUnhkGVdGDKw9QRwa+Zfjh+zV+zP8U/FuhfFP456L Z32oeGoxDaz397Lb2ojSQzKksXmpDKock7ZFYHJDAjigDzf/AIJ1/CTU/hb+zLoepeKTJL4q8fTS +J9YmnJM8lxqeHj8wt828QCPeDyHL9ya+W/+Hevxn/4YGP7LH9taB/wlf/CQf2t9q+0Xf9neR5u/ b5n2Xzd+O3lYz/F3r9etJ1XR9ZsItQ0K8gvrJxiOW2kWWIgf3WQlTj2NWLO+stRgF1p9xHcwsSA8 Th1JHXlSRQB8u/trfAzxb+0f+zn4k+EPge7sbHWdYlsHhl1GSWK2UWt3FO+9oYpnGVQgYQ84zgc1 8pftNeA9GHx6+DzfDf4k2Pw//aF0TRfs+mJqVrcS6VrWmKsiS200wiMY2sJiik7yHOF3bGX7j+P3 xy0j4I/BTxV8YIIoddHh62aSK1S5WIXEwZVEQkAfBy2ThSQAeK/On9ubxT4K+K/7L/wI+Jfizwlo niPUPGmueHrK4ErXGdPTW7GS6uo7aa1uIZkYPGgwzspAG9WOCADyTUtC+OGp/wDBR/4EwfGvxvo3 izxhapqFzcaV4chkTTtDsYLeV0+aXDmS4cSFjIof5UGSCgH7z18vfAX9nT9mD4AatqenfBPRtO03 X5YlivnF497qJjDbtsjTyyyopbkqNqkgccDH1DQB+ZPw3/ZY/aR+Fnxb+MVvoWteG774WfFm91vV pVnNymrW15qUM3kooWIxBUlkVZDvbdGu5QG+Svo39kL4HeLPgD+y/wCF/gn4xu7K81zRYtSSaawk lktGN5fXNzHseWOJzhJlDZjHzA4yME/St1rmi2KXb3uoW9utgoe4MkqIIVYZBkJI2gjkE4qJvEfh 5NH/AOEifVLVdK2eZ9rM6C32f3vNzsx75xQB+V/hn/gnT4ub9jfw18DPEviey0f4ieCdbn8QaJrW ltNPbW14ZmkiBMkcEhVlYBiEyjBWG7bg6/iX4Df8FCvjy2g+BPjd498M+D/Buk3UFxqN94Nkv4dX 1TyO26RUWPfkk7diq+G8tgAo/Uew1Cw1Wzi1DTLmK8tZxujmhdZI3HqrKSCPoazh4o8NHWP+EeGr Wn9q43fZPPj+0Y9fKzvx+FAGtbwR2sEdtDkRxKEXLFjhRgZZiST7k5Nfnb8Sf2af2g/AP7QOv/tH fska5oMd742tYYPEWgeJVuRY3M1soSK5hktsuJAB90lADvO5g5Ue0ftY/tML+zZoHg+9tdNg1a/8 X+I9P0JUnuPJW2ivN7SXTqAWdUWMgDKjcQS2Bg8z8Rv2ivFvhn9sX4N/AzQv7Pn8JePtN1i8v7hk Z7gNYWtxNEYZVkCKu6Jd2UbIzyKAPndP2Gvjf4w8AfGvxV8WfFekat8YPi9pkOlxm28+DRNNtLd4 2SFG8ppSCIk3HyjjaPvEs59N1v8AZI+I+pa1+yVqMGpaSsXwGsfs2uBppw1y/wBisrfNliAhxvtn P70xHBXvkD760jxBoHiCOWXQdSttSSBzHI1tMkwRx1VihOCPQ0ms+IdA8OW63niHU7bS4HbaJLqZ IELegZyBn2oA/OnxH+zJ+0v8Gvjh40+M37IOu+HZdO+I8ovNc8O+KFuhbDUMkm5t5LbLFnd3cgsg G4j5xtC9f8Ef2Z/jvpEPxP8AH3x68eR+I/HfxGsJ7GKwsZrldB0uJ4iiLDFIBzkICwiBVVIBcszN 9829zb3cCXVpKs8MoDI6MGVgehBHBFeX/FD4lad4R8EeM7/Q9SsZvEfhzRdQ1KKyklR5A9tbPNGZ IVcSbCVGemR3HWgDyr9kX4GeLPgF+y54Z+CXjG7sbzXNGi1OOaawklktGN7e3NzHseWKJyAkyhsx jkHGRgn5e8NfsI/EOH/gnlq37IfiDXNKh8U3k0l1De2zzzWAkXUEvoVZnhilCsIwjkRErkkBsYP1 3+yJ8WfE/wAc/wBnHwT8V/GcdtFrXiG3nluVs42igDR3MsQ2I7OwG1BnLHnNfSNAHgf7Nmi/HTw5 8LbLw/8AtCT6LdeJNNcW0MuhGY272MMUaQmXz0Q+cSH37RtxgjHIHmvxK/Z68Z+Mf2xfhB+0Lpl7 p8Xh34f2Gr2t/bzSSreyvqFrPBEYEWJo2UNKpbfIhABwCeD9jUUAfmL/AMM1/tY/AH4meNtY/ZF1 zwvceC/iLfSardaV4q+1/wDEr1O4/wBdPbG1X5kbjAJPyhUKNtDmb9mz9hvxv4J8M/HXwl+0J4js vF8PxlmSS4vbBpY7h2lSf7RLIkkSLFIJJt0YRnHAPH3a/TSigD8k9D/Z+/4KPfDb4aN+zt8PfHfg 298GwxSWGneIbxb6DXbHTnyoRUjV4leNDiLHmFMACQYXb6J4q/Yj8ct4a/Zz8M+H/Fia8/wh8VWf iDWtR125uTdX6R3CTz/ZwEn+bIKxRu6qqhQXzlj+lFFAHxz+2H+z34z/AGg9N+Gln4MvdPsn8G+M NN8QXh1CSWMSWlmsgkSHyopcyneNobap5ywrzb9oL9nP9ofUf2pPCn7Tv7O+r+Hor/TtC/4R/ULH xB9oWJrf7RLMZI2t45CSwlxj5SpRSNwYgfofRQB8KfDH9mHx74L+Jv7THjTVNQ0yWx+MxtP7HSGW ZpYPIt7uJvtYaFVTLXC48tpOAenAPlo/Yq+KY/4Js/8ADHX9q6N/wmf/AD9+fc/2X/yHv7U/1v2f zv8AU/L/AKj7/H3fmr9PaKAPzv8AjZ+yH8TNe1T4W/GT4HeJ7Dw38WvhlpUGkb79ZZdL1KzWPbJb zlFMioC8pUiMkhzkKwVlpeCfgP8AthfEn44eGfi5+074y0jRNE8Fh5LDw54Onvo7a7uGIO+8aYgs mQpKlpAwXbhQW3fo7RQB8c/s9/s9eM/hN8efj18UfEV7p9zpXxR1LTbzTIrWSV7iGOzW5EguVkiR FY+cu3Y7g4OSOM/Y1FFAH5heCv2Kvil4c/ZP+OPwJvtV0Z9e+JniDVtW02eOe5NnFBfparGtw5tx IrgwNuCRuBkYJ5x9Jah8DPFl1+xSv7OEd3YjxKPAsPhj7QZJfsP22PTlszJv8oy+T5gyG8rdt52Z 4r6rooA8W/Zy+HGt/CH4E+Bfhh4lnt7nVfDGk21jcy2jO9u8sK7WMbSJG5XPQsin2FfMf7VP7OXx 68ZfHD4cftE/s6axoVn4n8D2t9YPa+IBOLWWG8R03A26OzELK4K/Lj5SGJGK/QWigD4v+FH7PXxA 8Hftc/Ff9oXxJeaZJo/xA0zRbW2trSWZ7mKewtLeCcyLJCiBC8TGMrIxKkEhTkBND/Zs8UW37Z3j 39oHW7jTrrwf4v8ACkPh9LISTG981Wt/MMsZiEYiZYmGVlLcj5Rzj7RooA/J/wAF/s1/tz/sw6Zr Pwv/AGZPFXhHXPh5fXc9xpP/AAk63i6ho32li7onkK0bqCc5beGbL+Wu5lP2N+yj8CfE/wAAvhk/ hzx34yvfHPijVbyXUdS1G7mlljE8wA8q2WVmKRIB7FmLMQMhV+mqKAPjn9tD9nrxn+0Z4R8B6B4J vdPsbjwv4w0zxBctqEksaPaWUVwkiRmGKUmUmVdoYKpAOWHGdn9rz9mZf2mvh3YaLpOtt4Y8W+GN Qh1jQdVVS32W+t87d4Ug7GzyRyrBXAbbtP1bRQB+VviX4Df8FCvjy2g+BPjd498M+D/Buk3UFxqN 94Nkv4dX1TyO26RUWPfkk7diq+G8tgAo9X+P/wCzB8VLj4xeHf2mP2Xtd03RfH+i6d/Y19Y64J30 3V9NB3LHM8W6UOpxz1bCHehQE/fdFAH4ieF9B+Pum/8ABT/4X63+0VrOkah4j1rwzqksFnoSTLp2 m2kcF2iQRNcfvHJYO7s2fmbAYgDHt7fsy/ti/BP40/Ejxl+y54k8Jz+F/irqT6te2viZLvzdPvp2 eSWSEWyEN80jbSWII2q0fy7j9/ar8G/hvrfxU0X416no4m8aeHbObT7C/wDPnXybWff5kfkrIIW3 eY3LIWGeCMCvTqAPzN/Zv/YU8V+AfDnx28G/HTxHaeMLL4xypJNfWZkiu5HljnN1PLG0apFIZp98 YRpAMZJHSuF0P9n7/go98Nvho37O3w98d+Db3wbDFJYad4hvFvoNdsdOfKhFSNXiV40OIseYUwAJ Bhdv62UUAfmp41/Yx+NGhfC/4VWnwN+Kt4vj/wCF081y91rt1dPp+ttdMHnS7jVpSEUgpCu19sRK E5O8U/C37Mn7Tnxc/aB8B/Hj9q7U/CthF8NVnfStM8LR3Jee4mAG65mufmCBgHCh3HG0Ku5if03o oA/PD4d/s5/tD/CL9r7x18UfBmseHr34YfE++gv9atrz7QurQtbwyhFtgkZiyJZScs+GTghSK+7v F3h+Lxb4T1rwrPKYI9ZsrmyaQDcUW4iaMsBkZwGzjNdDRQB+S/ww/YW+NWofsxeJP2Q/j7rmgTeD 7RQ/hXU9GFzJqFrd/a5bszXMcyRI6bpANgbO0sm7kMLWv/s+/wDBRD4qfDpP2e/ih488HWXgqVIb PU9f02O9l17UbBGG6NklRIQ7oMSEBN3QswL7v1eooA4z4d+A/Dvwu8CaB8OfCUTQ6P4bsoLC1Vzu fyoECBnbA3O2NzNgZYk18W/tU/s5fHrxl8cPhx+0T+zprGhWfifwPa31g9r4gE4tZYbxHTcDbo7M Qsrgr8uPlIYkYr9BaKAPi/4Ufs9fEDwd+1z8V/2hfEl5pkmj/EDTNFtba2tJZnuYp7C0t4JzIskK IELxMYysjEqQSFOQMsfsq63q/wC1r8TPjH4tm0+88CfEDwYPCz2KSzC+PmCBJ/MXyljWNkjcBllL cj5R2+5KKAPyY8H/ALO3/BQn4A+Crv4GfA3xr4P1jwMHnTR9U1xLyLWNKt7hi5VVhR4SUZ2KZEoz yAq4Qfc/7MnwU1P4BfCPTPh/r3ii+8ZawjyXV/qd9NLK0tzNjcIhK7skSABUXPYsfmY19AUUAfDn x8/Zo8e/HP8AaX+EPjnVb/TU+GHw0kk1OaweWb7fdatuLxN5QhMLRI0UHLS5x5g288/ZniDQtK8U 6DqXhnXbdbvTdXtprO6hb7ssFwhjkQ+zKxBrXooA/IjwN/wTg8aXX7NOtfs3fFfxTaCHQfEEuueB 9a0mWaS705nD4W5ilhgAUsxdkjdstIxDgqjV0sHw7/4KxQ6N/wAIEfiJ4Ge18nyR4iaG5OphAuzd t+zeWZsc7jGeed+a/VKigD4J0D4KH9in9jHxb4c+Gniu3s/EOm2d7rM/iDWFAt31R0XzLiSPZMAu I1RE2uThQdzEk/RX7N3iPxv4x+Afw/8AF3xJbf4m1vRbK+v2MSwEy3MQlyY0CqhwwyoAweMV7LdW tte28lnewpcQTKUeORQ6Op4IZTwQe4NT0Afnf+2R+zT8ffi58WPhR8XfgHq/h7S9W+G51CQf29Jc iNpbrygm1Le3n3qAjbtxXGRjPOPL/GX7OP8AwUd+Omh3Pw9+MPxb8J+HPCGrr5OpJ4as7iW5uLZv vxZnggba44YCVQRwcrlT+sFFAHxj8V/2UrW8/Yx1X9lL4MNbaYh02CxsJNSkdYi6XMdxLLcSQxSN vlYO7FYzl26AdPoP4L+DdT+HPwd8CfD3W5YZ9R8L6Dpel3MluzNC81laxwSNGzqjFCyEqWVSRjIB 4r0uigDyX47fB7w58ffhH4m+EPit3h07xJbeSZoxl4Jo3WWCZRwCYpkRwp4O3B4Jr89W/Z8/4KMX /wAK2/Zp1Hx94Mj8FfY/7JbxJHFfNr0mk48nyTEVEPmGH5GOd2P+WxbLn9ZKKAPze+Nn7DN/rXwX +C/wX+C17ZWOmfC3xFY6rM+rSyo9xBB5rTspggkDTyyylyCqJknkcCv0hoooAK+LP2sv2ZPF3xj1 bwR8V/g74it/CvxP+G11JPpN1eI72VxDcACa2uQgZgjAfeCPwXXbh8r9p0UAfmt4W/Zx/ak+L3xy 8G/F/wDa313w5baV8N5JbrRdC8LLcmGW+kCjz7iS6G4BSiuBufJAGEBbdy/hD9mL9sX9l7VPEvhP 9lDxF4S1L4b+I7+W/s7DxSt6LjRJbjh1gNsCJI1AUDcxzgHywS7N+qNFAH55/DL9hGDw/wDAX4o/ D74geKH13xz8Zxc3HiPXkjwn2yXzDCYYjtJjgeQuFJUsS33FIVfnq4/ZO/4KC+KPgNJ+y14n8deD LLwPpmmHT7W/tEvX1O+gtY/9BtJ2aIJFAGSOOV0TzFjBx5vIb9kaKAPzVtv2N/ibDqX7Jl42qaOU +A9pcwa4BNcZuXmt7aJTZf6P84DQtnzfK4I46gafxJ/Zv/aG+H37QOu/tEfsjaxoS3Pjq3gg8S6D 4m+0CxuJ7VdkN1C1qN4ZV6jcuCXOWDlR+i9FAH5v/svfssftB/Df9pbxx+0P8dPFWi+JL7xxo8dr MNM+0Rm3uVlhKwxxyxKv2aKKEJG2/ecDcmck/VH7T3wu1/41fAHxv8K/C1xa2ureJdPa1tpb13S3 RyytmRo0kcLx/CjH2r3iigD8hLH9mH/goXZ/Bez/AGWB4/8ABw8ByWEWmXGurFfHW7fTnQJPZRJt ELoqloo2O1miAy8ZOF9y+MP7Cdlr/wAGPhj4L+C/iA+E/GHwXkjufDOrTqZEM42tOLlVz8tzKiyO QrYYfcZSVP6E0UAfl7f/AAE/bu+PHi3wpaftDeNvD3hDwT4XvY725g8EzahBe6tJDwFlkl2lEcZB wwC7iRGW2lf1CoooA/KjQP2Zv2yf2fvjF8T/ABP+zfqngvWPDXxS1WTV5j4oF8t3Y3EskspGbVcu qGZgCXfcACVU7i3ffslfsmfGv4D/AB4+I/xR+Jfi/TPGVt8Q7O2lubyFZbe9/tONw8i/ZjH5K24L yLGVmztVP3a5IX9GaKACiiigAooooAKKKKACiiigAooooA//1f38ooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACvxc/Zj+Bnw4/bl8WfGD4/ftHWcvjCSHxTf+GtF0+4uJ4INL02xWOSNYkg kjKuVnUZPIZS/wB92Y/tHX5gSfsz/tYfs/fEfx14i/ZB17wvdeEviJfPql1o3ihbtTpuoz582a1e 2BDKTz8xA2hUKNsDUAfLX7Y37OOq/sw/sKeIvh8PGU/inw3L4ysbvRLa5gMcmk2crvi0Eplk81Rg NkLGNxYhfmNfUHjydLX/AIKy+CLqQErD8MbhyFGSQt7fk4Hc1wPi3/gnV8VfEH7Nfi3wZc+LtM1r 4q/EXxPa+Jde1O7ae303fAznyLfyoJJNqeYxUmJcliMIoAH154g/Z68Z6r+3J4a/aZt73T18L6N4 Qk8PzWzySi/a6e4uZg6RiIxGLbMoyZQ2Qfl6EgH4t/A7xZ8LPjlD4t+M/wC078EPiP8AGjxR4s1G 5WC90TS7i90jTrFceXaWckd3DtaIlgRg7AFC4O4t7V4F1H4m6f8AsJ/tOfDbxZ4f8U6J4O8MxiTw j/wlthNZ340q8kfbakyfI/2cQqWEbMEMnZWUD6s8Nfsxftifsu6x4p0H9kjxB4T1T4eeJr6XULXS /FK3iz6NcXHDi3a2BDxqqqAWY5wMx7tzN1mj/safF6H9lf4p/DTxj4//AOEv+JfxTEs91e39xcjS bSd33LDbqUd44gSxLJCu4kDYFVQAD5F1D9hj4JP/AME7z8bdWs7u/wDiS3gy38VLr819ctcpMlml 3DAqmTyhFHEFgVdnCgEEMAw5/wDai8L+Hvit+yr+yZ8VvH1kNY8Wa9qnhjQr/UJpJPOudPuIJ3mi kIYAmV13s+N5bPzV+q+ofAzxZdfsUr+zhHd2I8SjwLD4Y+0GSX7D9tj05bMyb/KMvk+YMhvK3bed meK+c/ir+xd8U/F/7HXwn+C/hnXdKsfHvwru9J1KG4laZ9NuLrTYZYigk8rzQp83crGLkqFIAJIA P0L8DeBvCnw18JaZ4F8D6cmk6Fo8Xk2lrGzssUeS20FyzHkk8k1+Pv7TT/snr+1nrupftAajrnxq 11NPtrfS/Amh6ZcXKaEuxC7M0Vykckk3D7TtKl8spzGV/W34VL8T0+H+jr8Zm0tvGYjf+0ToxlOn l/MbYYfPCyY8vbuyOGzjIwT+fN9+zR+1p8G/2jviN8ZP2ZtS8I6tpXxTkhnvrbxV9sWazni3EeW1 quWjDuxGH5UhSmUVqAPn7/gnpe2Ph39sX4yeAvAnhbXPh14IvtBttXt/DGvK8d1Zz7rZVkeKR5GQ uJnZQWJ2MqkkKK+kP+CRn/JmWj/9hfVP/R1Xf2cP2Sv2gPhb+1T4m/aI+KvjHR/GB8c6EbTVWtkn tZ7e+86Bo4raAxNG1rDFbrEjtKrkclARz5p8Nv2UP25v2fNO8QfBb4E+OvCcHw01q/ubqy1PUobt 9a0mK6wr+REi+S0qgZXezIWG7Me4igD4+8D+CPCPjP8A4JZfF3WfEFgmoXHhnxZq+paZKWcfZ7r/ AEWESrsYBj5cjLhsjB6ZxXX/ALUPwd8H+C/+Cef7P2i/DSxHh258aeKPCepXk8Ekpd9U1DQ50kut zsxVyQp+UgDHAFfZnwg/YT8aeB/2KPiJ+yv4j1/T31LxVeajPY39qZpYEjmWD7MZw8cTBt0I8wKG Cg/KzVyOsfsi/tZfEX9nL4b/AAc+I+r+Ehqnw08WaHf2VxZzXqxS6Ho9lJahJGNsS10WcEYRUZep UjkA8S/bY/ZK+Dv7I/ww8D/HD4DWl74e8b+GPEemQtqn2+5mnvlmEnmtcCR2TfIwyxRVBBZNuw7R +69fHP7cn7PXjP8AaZ+C9v8ADnwJe6fYalFrNjqJk1KSWKDyrXfvAaGKZtx3DA249SK+xqAPxFT9 nfwF+0V/wU8+O2h/FOO41PwvoenaBfSaSlzNb295ef2XZxW7z+S6MwhV5SoyOW67Sytx37N/7H3w q8V/tVfHL4EeLlvtX+F3w1vra+0nw3Lf3S2KXmrxZE7hJQ7vDDGYlZmJIOWya/SX4a/s9eM/B37Y 3xf/AGhdTvdPl8O/EDT9ItbC3hkla9ifT7WCCUzo0SxqpaJiuyRyQRkA5APgn+z14z+G/wC018cP jPrl7p8+ifEt9JbTYbaSVrqIWMLxyfaFeJEXJYbdjvkdcUAfld4Z8eeIf2UPg1+2n4M+Fd9cWWne BfEOn2fh5WkeVtOGtXL2kjxuxLK8cQUq5Od6KxyTz5tD4D+BF38BYtO0j9nf4xS/FaWwW+g8ZR6J ctK+uMnmrdCVbwg27TdMRlvL+YfvPnr9RtE/Ye1DW9R/ac0n4oX9lJ4b+Ol9aXOnmwklkurMWpmk jlmSSKNBJHK8ciqrupKkMcdfLh8Bf+ClVn8L4/2ctP8AH3g1PCUNuNMj8UKL+LX00tR5aptVfLWU RDaCMtj/AJbbvnoA+YP2nvDF38Vf2Yf2Yfib8d/DFzbfEjUfFGleF9YfUorizvpLBJb2ORJoZChU 3BiWYttDHduUhSK9L/ao/Zy8AeIv2yP2af2dtEt5tA8Gvo2sW7W1jcSxP9ggSe5nthKWMgWdEeJ/ myVdhmvq39of9jPxp44/Zn+H/wAI/hj4sE/ir4a6tp+s2epeIJJpvt9zZpMshuJAJXXe8xdRhgu0 R8L8wt2f7PH7QXi79ob4E/tB/FO/8OLqPw/0vWrTxBBpkt0Flnv4bqG3NkksGGULLGZPMdCCG27g BkA+afEnwM+Hv7I/7e3wA/4UFaT+F9L+IkWsadrGnx3U81tcR2sClCwneRj80itjdjfGrABsks+A 3wb8Fftu/Hz44/FX9oy2l8VWXg7xHc+GNA0a4nlitdPtbRmUv5cLp87qEz2372O5iCv218c/2evG fxN/aS+Bnxi0G90+30b4ZT6tLqUNzJKt1ML6KJI/sypE6MQUO7e6YGMZrxfW/wBmb9pr4KfG3xt8 XP2Qtc8OT6R8Sbj7drXh7xSt0LePUSSz3NtJa5Yl3d3YFkxuK4cBNoB8d3XjXxH+wx8Rf2lPgf8A CnU7pvCWl+DV8U+HLWd2uzot7czW1qRF5hbCK92XO4HIRC+TuLehab/wT9+CWq/sPL8TJ4rmT4n6 p4UbxU/iY3tx9rbULmzN6ysfM8toTuMTZXLKSxO87q+nPhP+w/qdy3xT8cftO+IIfF3jz4v2Emj6 nLpatBZWGmMiqtvZeYgfK7EIdl48tPlJDM/jkP7MX/BQXT/hDffsraX498If8K7FpNplrr80V7/b o0llKJZmNV8lQY/3RPzFIyQshIUUAfTP/BN//kyX4W/9eV3/AOl1xX29Xzp+yX8IvEnwG/Z38F/C Txfc2l5rHh23miuJbF5JLZmkuZZh5bSxxORtcA5Rec/WvougAooooAKKKKACiiigAooooAKKKKAC iiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKK KKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooo oAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAP/9b9/KKKKACiiigAooooAKKKKACiiigAoooo AKK+F/2y/wBr3V/2dpPCXw++Gvhg+M/iZ8QZ2t9G09mK26bXRPMn2lWYMzhVUMoOGZnULz80eKfi 7/wVe+FXhy/+J3jDwH4M1/Q7CI3d9pmntK11a20Y3SlNlzliqg52tMR1AIFAH6/0V4F+zL+0F4Y/ ac+D2jfFvwvbvYJf+ZDd2UrB5LO8gO2WEuAAwBwyNgbkZWKqSVHvtABRRRQAUUUUAFFFFABRRRQA UUUUAFFUNV1CLSdMvNVnUvHZwyTMq/eKxqWIGcDOBXy3+yj+0pf/ALUvwX1D4t6ZoK6Ix1C/s7Gy abz2K2wXyjK+EG5y3zAYA6ZOMkA+s6K+dv2YPEv7Qniv4YjVf2mfDdl4V8ZfbZ4/sdiVMP2RQvlP 8txcjcxLZ/edug7/AETQAUUUUAFFFFABRVLUtRstH0661bU5lt7OyieeaRvupHEpZ2PsACTX5afD z9ov9tP4q/slP8cvhR4X0vxL4r1/xTdJpGnXEKwwxeHYS8O591zbh5UnjZd3mcj+E9aAP1YoqC2a d7aJ7pQkzIpdR0DEcgde/vXxZ+35+0X46/Zf+Ay/E34eW1hd6sdWtLHZqMUk0HlTrKWO2KWJt3yD B3Y68UAfbVFZ+k3cl/pVnfTACS4hjkYL0BdQTjOeOa0KACiiigAooooAKKKKACiiigAooprusal3 IVVGSTwAB3NADqK/H3wv+1j+2Z+1x4s8U3P7Huh+G9C+Hnhe7ayj1nxJ57PqEyfNhPK3bS6FX2CL 5FZd8gLAV7n+yP8AtefEb4lfFDxd+zZ+0T4WtvCvxS8Gwfa3+wMxsr203IDJGHeQqQJonXEjCRH3 ALtIoA/Q+iiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiii gAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKA CiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD//1/38ooooAKKKKACiiigA ryT46/GHw98BfhVr/wAVfE0T3FnokKstvGcPcTyusUMKnBxvkZQWwQoyxGBXrdfPH7VXwQk/aH+B fiT4XWl2lhqF+kU9lPLny0urWRZohJgEhHK7GIBIViQCQBXVgY0nXgqz9y6v6X1NKKjzrn26n436 J/wWB+McfjBL3xF4Q0Sfwy8v7yzthcR3iQ5/guXldDIB1Ji2tjgLnI/fPwb4s0Xx54S0Xxt4blM+ la/ZwX1q7DazQ3MYkQsp5U7WGQeQeK/l40T/AIJy/tb6t4wTwndeDDpkfm7JdRubmD7DGmcGXzI3 cuuBnCKz/wCzX9N3ws8BWPws+G3hj4cabM1zb+GtOtrBZmG1pTbxhDIQMgFyCxA6E19nxnhsupxp /Umubryu6t5nq5rToJR9la/kd7RRRXwR4x+en7cn7KXxF+NWoeCfjH8B9ch0L4nfDWaSbTvtAUQ3 cbuj+WzsrqrIyEoHUxuHZXwDkfLd/wDt4/tpfAmyltv2sv2fG1DQ4VMV3q2jl0thE3ylpJEN5asW H8JkiB9ulekftyal+0j8Bvj34F/ao+GUeseLvh9pNobHXvDdrc3BtVb98pnkt03ookjlG2byyEki Uv8AeUHO1v8A4LE/s03fhadNE8L+I9Z167jeCLRZ7KGPzZmG0RSyCaVQjE7SVV2x/AelAG74x/ay +CPwr/YK1r42/sh6TYaDb312un2VjFZxWn2PWbopHK1zAgKGeGEeaM7lcKnLIRXC+CP+CcHi74g/ CzT/AImePvjX4xg+L2v2Kail9DqLCzsbi5QSpAYseaypuCuUmTkfIFAAPgvw1/YZ+MWvf8E6/iDo Wp6K2keMPFWtReKNJ0GRDFLHFZKqrCY2OY5p4/NCI3I/dhsEnH0L4A/4KufB3wh8HNP0H4k6PrVh 8UvDllFpt14e+wSrJcahbIIvkkb5Y1kcAkSYdMkbWIG4AxvhP+0p8Uvin+wB8d9M+I+oSj4hfC6y 1bSbnUYZPLuJfLgYwzM8W3EqlXjLry2wOSWLV5N8Cf2Q/iR+0V+yjZfHX4nfGTxXH4iTTLqXwzaW d+Y7Oxi07zIrdp1KlpJJGiLO6OjlWBZi+TXXfCD4J/Eb4b/8E+v2i/iR8WLE6T4k+KdjquttYsCs sFs1u7R+ajfNG7vJI2wklVK7sNuUfa37FI/418eCh/1Ll9/6HcUAfAv7JXwO+KX7fnwSTx38fvi/ 4nt9P0J20PRLTSrpLcMbJEY3l8WR/tMpZwu5sSHZkyc8df8Asr/tTfEb4R/sW/G/WvHWqS+LNW+D erz6TpdzeyNIztM0dtaxyO7F2jS4bcASSEOwHAGPfP8AgkB/yZ1a/wDYd1P+cdfIH7OXwc1X49/s 3/tffCvQdn9rat4tnkshIdqvdWU4u4Yyxxt8x4gm48Ddk8UAcb8MvC3wG+Mnw+t/ir+0h+1rqOm/ FTxDG96iWmuRW0OjvLkxRG2K53KMGSONoVX/AFaBdu8/oD/wTM/aM8ZfGTwT41+HXxC16Pxbrfwx 1NLBNcjcSDUrCcyrbTF8ZkOYJMSnl0KlstuY/B3wX/aC/YO+GXwms/Af7UXwTs9I+KPg23XTtQtL jwxBNdahJbjYk3mSIMSyKAZDMyZfLAsCDX6I/wDBOtfE+veCfFHxK1z4SeHPhLpfiS9QaNa6NpZ0 29utPgMhSW9y580DzNsLbI84dwu11NAH1t+0F8VI/gh8E/GnxYaBLqTwzpk91BDISEluQu2CNiOQ rysqkjkA8V+Uv7Pn7GHjL9rP4WWP7RP7Q3xc8Wr4q8ZLJfaZFpN8tra6bAWZYCsRR1+YAOEi8tVR tv3ssP1M/aT+Ft18bPgL46+FenypDe+ItLnt7V5f9WtyBvgLkchfMVcnsOcGvyz/AGYv+ChPw4/Z u+C9h8Bv2nNJ1nwh45+HcL2H2M2EkhvYI2ZoDERwrbCFy5WNsB1cq3ABt/s7/Gj4x6T4I/aX/ZZ+ L3iGbxB4l+Eei6pJpeuNIwu57L7LMqMz58wlCI5EdmaQeZtLfKteU/sWfsh+Lf2sf2ftN+JPx3+K ni02Ltd2nhuz0/UjEltDbXEqyXUxkWTzZWufMC5wQigFiCoTsf2efA3xF8beGf2pf2zfiBoknhq0 +J/h7V4tDsbgEXJsEtpm8yRSMhdkcKI3HmEOwATYW89/YJ/4KG/Cn4Afs16X8M/jfZ6po76M99ca Jcw2Mk8Oq2c91LK4hcYXzI7lpYyWIj4A37gwAB6t+z1J8QviZ4M/aA/Yc+O3jbV768+GU8T6frtl dGDVLiwjkeRUM8glYx5iiJD7m2TNHuwq4zP+CTvwf0yx+AesfHeDxDrX9qTprOlDTDeD+yI0XypB OlsEDC4ygHmb+hPFekfsG/D74h/EbxP8c/2tPGmhzeHf+FtNJbaDY3KlJjYjeRIwbB2EeSiNwHKO wG0qT5X/AMEuPjp4S0X4UeI/2T/EFrf6V8QdLfXNQktrm3McflIkauhYncsqNkMjKCMGgDmvgB+1 F45+C3/BLzxJ8Wjqk+r+LpPEF1pel3GoyvdMlxdGFFcmUtu8mPzJVU5UsoBGCa9g8Ef8E4PF3xB+ Fmn/ABM8ffGvxjB8XtfsU1FL6HUWFnY3FyglSAxY81lTcFcpMnI+QKAAfm39n34GeJP2gf8Agk94 l8FeDYftXiCy8SXeqWFv3uJbPyWaFD/fkiLqnYsQDgHI+nfAH/BVz4O+EPg5p+g/EnR9asPil4cs otNuvD32CVZLjULZBF8kjfLGsjgEiTDpkjaxA3AHlemftN/Fj4l/8E4PjZp/j/VJ4fiJ8MLuLRrr U7eUw3Myi9gEcrPFsIkH7yJmH3wm4kszVp/Cv9h3x/8AtC/s1+H/AIz/ABJ+M3i3/hO9T0SK80OK 1vRHp1hDHBtskaHbvdnjVGldHjZmYklmy7eeaX8E/iN8N/8Agmx8f/iR8WLE6T4k+Kd5ba21iwKy wWzXsDR+ajfNG7vJI2wklVK7sNuUfrp+yV/yaF8Jv+xO0j/0ijoA/Mz4cftO/tC+Jv8AglT4t+JG jald6l458LXcmj/2suZb5bBZrcyXRYAs0sNvOy+b95Qvms25Sx8D+HHw6+B/xP8Ahvo/ib4DftQ6 3ofx8eG0mmi8Sa3Jp0E+oFkaeAq8QkdQd/l+XJODxu3gnHqf7DfjL40/D3/gmx4w8Z/AbQ7PxJ4n 0rxReytYXlvLdCaz+z2guDFDDLEzyIh3hcnIUgKxIFeM/G74tf8ABOj45fBS6v8ASPh/NoXxy1Gx EdvpuhabcWbx62ygEMIdtrND52d24NKydFEh4AP1J/bS+IPj/wCFH7BGrweO7u2vfiDr+l2fhqeX Tixgu9R1ELb3T2+Y4mG+LzpFGxcHgCvnT9vfw3rv7Of/AATr+H/gPwhqdzot94dvdE0+e4sZ3t5J JRazm5O+JlOJJtzkZwTXAaR4Z+JHizW/2MP2TviuZ5da8PJceNfEVvdEtJDa6fJM2lwzgknKxo1u wPQnHHNe/wD/AAWR/wCTR7T/ALGbTv8A0Rc0AZf7aXjf4qfE745fB79ij4Y+KbjwfF44sG1XXtRs nZLs2MaykoHUqwXy7acldwEjFFY7cg/GH/BRP9jjVP2avgjY618OviD4j13wTqGp21tq2j67eLeI t3ske3vISqRqnIZXAXdlx823IH1v+2foPjH4GftD/CH9u/Q9Fn8Q+GfCWmpoviK2tF3z29rKlwn2 jbwCDHduAxYKrogYgNmvlv8A4KNft1fDn9pH4IW3gD4GWmpaxpdvqFpqGt6pNZS29tZqodLe2JcD 95JK2cn5cJhSxJ2gH0x+3z+0L4n0nxd8J/2W/DfjpPhhpvjGwg1DxF4jMvkvbaaxaJUSQFWTd5Mp O1lLtsTcFLZ+Vfi1qHwj/ZX0XT/jP+x7+0teeKPEukXcH9p6BqesxalFq9vM6pIfJjSMEgnLhlYh MujIyAn6J/b9+Ft94X+K/wAHv2udQ8DJ8RfA/hrS4dJ8T6S1qt4qWa+ayzyQuGQgLcyFHYBUkSPc RkEeU/En9or9jbxraaP4I/Yu/Z+8PePPiNrtxAsVvfeFIltLWEt+984DynLDhSwcRICXaTC4IB9v /tNp8Zv2hvAvwo134e+N4fhZ8JfEtpa6x4p1kamljfR2t7FFNDDHK2zgIWBw4Duy7lKqQfzE/aWb 4IfssDQviX+x/wDtE6r4i8cWmpRLeac+tJq8F3bbWLySvbIsRAYKrpIWVw3ABHPtX7fuiR+D/jN+ z5D+0PoUjfAfQ9EtrXUrHw9HLb6VBqsYlSeOGNH3RxqBb+Wm4OYFZUbcGNfPP7aHxB/Zf8c/BN/D 37GnwrWPQNDv7W98QeLINGe0itk5gt7VrmaMTs00swJ3sB8oADbiVAPtX/gpB8Vdeh+JPwY8HePP FGt+Afgt4otmu9d1LQfME8k5yTCzRqxZY18s7cPw7P5bsiitL9nP4R22hfG7wn4w/Yq/aBi8afDo hv8AhKPDuu601zdrbFgC0FqlvuV8MWQyRxMrqAZCrsB2H7TP7S2rfDmP4Raj8QPAeleOv2a/GOi2 M2q3smmtqFxBczQny2+eQwKoV4ZI90QZx5iq24DHwvqmjfs6fFP9qf4RXv8AwTk0XVLDXNP1eK+8 QXtrDeW+l2tkk0RZ5EuWBRVTzFkRAkcit5YDs4FAH9K1FFfLP7SH7WHgz9mfVvAekeLNI1DVJfH+ oPp1o1iIisMiNCpaXzZEO3My42gng8dKAPqaivE/2iPjl4d/Zv8AhHrXxh8VWF1qemaI1qstvZCM zubq4jtl2+YyLw0gJy3QHHNbfhD4q6N4y+DWlfGqxtLiDStW0SLXY7eQJ9oWCW3FwI2AYpv2nHDY z3xzQB6jUU8EN1DJbXMaywyqUdHAZWVhggg8EEcEGvnT9lr9pjwn+1b8Np/ib4N0u+0iwg1CfTjD qAiExkgjjkZh5Tuu0iUAc5yDxX0hQB8yfFLxx8FP2Jfghrvjqy8O2Xh7QLCTzY9L0e2hs1vNQucI kcccaqgeQqNzY+VFLHha+RP2GPhF8WvHfxa8Vft2/Hqzj0TW/H9ilnomjIpBtNLPlFJXDcqWjhjV M/MwLuwG8Cuz/wCCn+sfBDS/gX4dj+Pln4gvvD03iS1MUXh2W2iuGuo7W6ZBMboFDDs35AG7dtIO Aa/Ry2eOS2ieJdiMilVxjAI4GB6UAT0UUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRR QAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFA BRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAf /9D9/KKKKACiiigAooooAKKKKACiiigAooooAKzV0bR11A6stjAL5uDOIl808Y5fG7p71pUUAFUp dM02e7j1Ca0ikuoRhJWjUyIPRWIyPwq7RQAUUV4J+0n+0R4J/Zf+F118VPHcNzd2UNzb2kNrZhDc 3M9w2AkQkdEJVA8hyw+VGxk4FAHvdFeU/BD4w+E/j58LPD/xb8E+Yuk+IIWljjnCiaF43aKWKQIz KHjkRlOCRxkHGK9WoApXOmabezQ3N5aRTy25zG8kasyH1UkEj8Ku14D8P/2hvCvxF+NHxF+CGk6d e2+r/DX7B9uuJxGLaf7fGZU8gq7OdoGG3KvPTNe56heR6dYXOoTAtHaxPKwXqQiliBnvxQBbqld6 Zpt+8Ul9aRXLwHdGZI1co3qpIOD9K8a/Zz+PXhr9pX4UaZ8XfCNhd6ZpmqS3MUcF8IxOptZmhYsI ndcEqSMN0p/xe+OOk/B/XPAWhaloWp6xJ4+1u30OCTT4lkjs5Lh1QT3RZl2QruyxAJwDxQB1Xxg8 Par4u+EnjbwpoUYm1LWtD1KytUZggee5tpI41LMQACzAZJwO9fO37C3wS8V/Br9lrwf8L/ixpNvB r+iz6jLLBviu0jM99PNEyyIXTJRwcg5Gcda93tPjV8PtQ+M178BLG9efxhpmk/21d26xOI4LRpYo k3SkBS7mVSFXJwCWxxn1egAqFbe3SZrlYlErgBnCjcQOgJ6mvLvhJ8avh98cNM1zWvhxevqOn+H9 WuNFnnaJ4ke7tUjeXyw4DMi+aFDYAJBxkYJ9XoAKpS6Zps93HqE1pFJdQjCStGpkQeisRkfhV2vK PHXxq+H3w78a+Cvh34lvXj8QfEG6ntdItY4ncym2QPM7MBsRIwy5LNklgFB5wAer0V4Bpf7Q/hXV f2ktX/Zjg069TxBo2gL4glvGEf2Nrd5oYRGpDmTzMzKeUAwDz0r3+gAqhHpemQ3smpRWkKXko2vM saiRh6FwMkfjXj/wJ+OOk/HjQ/EOu6RoWp6BH4e1u70OSPVIlhkmktEidp4grNmF/NAUkgkg8V7f QBSOm6cdQGrG1iN8I/KE+xfNEec7N+N23POM4q7RRQAhAYFWGQeCDVazsbHTofs+n28dtFktsiQI uT1OFAGT3rwv4f8A7Q3hX4i/Gj4i/BDSdOvbfV/hr9g+3XE4jFtP9vjMqeQVdnO0DDblXnpmvfqA CqVrpmm2Mks1laRW8k53SNHGqFz6sQBk/WrtFAENxbW95A9tdxJPDIMMjqGVh6EHg0ltbW1nAlta RJBDGMKiKFVR6ADgVPRQAySOOVGilUOjghlYZBB6gg1WsdPsNMtxaabbRWkAJIjhRY0BPU4UAVco oAKKKKACiiigAoryj4SfGr4ffHDTNc1r4cXr6jp/h/VrjRZ52ieJHu7VI3l8sOAzIvmhQ2ACQcZG CfV6ACivBvgn8e9C+O974zuPBunT/wDCOeFdVbR7bWHZTb6pcQLm6a2UcmKJyEEn3Xzlehr3mgAo oooAKK5Hx74j1Pwh4K1vxVo+jTeIbzSLSa7j063dUnujCpcxRFsjewBCg9Tgd6wfg58WPCPxx+Gm gfFPwNcefpGv26zIGx5kMgJWWCUAkCSKQMjjONwOCRgkA9MooooAKKKKACiiigAooooAKKKKACii igAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKK ACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooA KKKKAP/R/fyiiigAooooAKKKKACiiigAooooAKKKKAPnH47fHhvhTLZ6Lo9lHfavex+f++LCKKHc VDMFwWLFWAAIxjJPQHO+Bf7Qc3xP1K48N+ILGKy1SOIzxPblvJlRSAw2uWKsM5+8QRnpjmt+0N8C tX+Jd3Y+JfC80Q1K0h+zSQzNsWWIMXUq2CAylmyDwQeoxzmfs+/ADXPh9rU/i7xdLEt75LQW9vC3 mbA+Nzu2MZwMADPBOTXalS9l5nzkp4367ZfB+Fv8z67oooriPowr8hv2ovGvhX4tft6fCb4FeJNb sdL8J/C1D4v11r25it4JL8BXsoG85lVmX90dvdJ34IBr9bdRvU03T7rUZIpZ0tYnlMcEbSyuEUsV jjQFnY4wqgZJ4HNfkB+yP+yBofx2j+In7QX7X/w6lfxT488RXFxZaZrkFxbT6fp8PESiJ/LdQSxQ bl5SJCDg0AXv+CfXjLw/8LPj58Zf2QNK1e11Pw/Z6hJ4k8KzWtwlxAbG62GaBJEZlJiR4cqp+8sp wOa3rLxL+0h+2P8AHf4m6N8MvibN8Jvh58KNSbQYX0+zhvbrU9UgZ1mlkaTb+7Vkzt3bSpQBSS7D h/2mf2Wrf9mP4n/CD9pD9kj4d3cj+HNXaz8QaR4ftrm9nudPukw8nkp5jAeUJombGAzx56VteFNd +IX7C/x0+KcepfDPxJ47+G/xV1V/Euj33hbTnvrizvbpmaWzubdinlnLBV3MCAoIDbmEYB59+yJ4 s8efCH48fte+NPjxdw634j8FaVp15qdzaotsl/HptrcPFMiAbY2uII0faBgM2AB0rqvAmg/t2/HH 4I3f7Utl8Xxoup69bXepaR4MTTYJdKfTlL+XaSysQ4aeNcLJguoKln3Ela/7OPw2+MHxx+Jv7V2o /GfwLqfw+h+LujWNpY/2jayCOOCe0ngtwsxCpLNbwtEZlQ5SQFWVGBUS/CT4+ftD/Av4IL+ytqvw M8Vaz8TfDNvPoujahp9l5vh67iLMlrdyXzMqxxRqy7jgghRuaMswQA95/wCCUH/Jkng//r81f/0u mrpv20fi18RPhn8QP2d9I8Da1JpNp4x8eabpOrRokbi7sZ5oVkhYyKxUMGIyuG54NN/4JmeDfF/g L9kDwr4Z8c6HfeHdYt7vVGlstRtpbS5jWS9lZC0Uyq4DKQRkcg5HFYn7dXgjxp4u+I/7M994T0DU NattB+Iel3uoy2VrLcpZWsc8LPPcNGrCKJQCS74UAHJoA+XvBPww+Kc//BVLxvawfFO9guLDQ7XW bmcafblrzSWvbSQaOyk4SIIyx+cP3mFB6k1+yHjTRta8ReEtY0Lw5rUnhzVL+1lgtdShiSeSzmdS EmWOT5HKHkK3BxzX5j+Lrn4g/BT/AIKS3nxTn+HfiHxT4R+IPhqw0CHUNFsnvIrO4a5tw8lyyAiN IhCWcMQ20hlBGa/V6gD+ej9kLx742/Zj/Zc+NP7Rlz4vm1vTNB1/VdKtvDU1rFHbXOt3EljFFqLz qfNzl8PEuF2BiCDzX01d/Dr/AIKB6X8FG/aQPxzafxjBpv8Ab8vhRtKtf7J+zLH9paxDD/loIvl3 BRlvlD/8ta+ffh38GPir4v8Agj8d/wBh7xF8P9d0PxDq2van4m0fX7mzddCuHt57SS3txeHEe648 hlVwSu1ic5Uivfrv9rD9oTWfgNN8Cbf9n3xpH8XZ9IOgyzvp2zQkkaL7K18L4vt8vrIoxs3fL5hX 5yAfoV+zJ8aYf2hvgP4P+MUdqtjL4htGa4t0OUiureV7e4VCSTsE0b7MnO3Gec1+af7dHw7+I2uf tvfs+roXxGu9CPiWfVItIMdlBL/YUltb24nlh3n9+bkkFhJwuOK/RT9kb4J337O37Ovgv4Q6tcx3 mpaJbzNeSwkmM3V5cSXUwQkAsqPKUUkAkAHA6V8mft76d8QPDPxr/Z6+PnhTwTrHjnR/h/qGr/2r a6JbNd3ka3sdusRESAnDBH+Y4UEBWYFlyAfO/jnwl8ddf/4KX6p4F+EfjdPDOuXfgCxttY8Ry2Ud 1cR2ML27zTQ25IjE006RLyQFDtgggV9Efs8+O/2g/hR+2BrH7Jfxn8c/8LK0e98NjxDpGrXFolre RBZxEY5PLJ3BsSBtzPyqlSoLLWj8LdC8a65/wUc174xXPhLWdH8Ma/8ADGySK7v7Ca3iju5rixmN nJIy+WLmNQweLduUq2Rwa3NT8EeNJP8AgqBpHxAj0DUG8LxfDtrJ9WFrKbBbr7bM3kG52+UJdpB2 bt2CDjFAHy/of7XX7Q2kfsSfHT4vW2ovr/irwv48v9E0+7mt4nGm6d/oSq/lIiq4h85ypdWG5gX3 KCK1vhB4o+PWs674K8W/AT9pzTPjil5d2/8AwknhnVktNPnSzdd1xLBG5FzEUAIRQikNhjuUMtRf Ajwp+1P8M/2TfjU/wx8HND4zn+IusahBpOv6bKv9qaRNBaJKbeGfyhKJAGKNyrhGRcsRXzf8VvAW kftGX/hO2/Zp/Zl8V/CH4rw6taz32uSac+h6Tpix7mlJZWWJiG2upMUUh2/LknYwB/RpX5QWXiX9 pD9sf47/ABN0b4ZfE2b4TfDz4Uak2gwvp9nDe3Wp6pAzrNLI0m392rJnbu2lSgCkl2H6uRhlRVdt 7AAE4xk+uK/Inw1rPxE/YR+PPxWtdV+GfiLx58OPilq8niPSL7wpYHUJrO9uWczWdxDuQLksFUlh wqlQ25hGAeafsmeMfHXwa+Of7X3jj49XcOt+IvBWl6bd6lc2qLbJqC6fbTmGVEA2xtcwpG20DAZ8 YHSvRPhT4P8A27/2lvhXD+0VF8cD4D1TxHHLfaB4cs9Mt5dMitgzCBLl5NzMJducsshVSGO4koOc /Z5+GXxj+O3xH/axvvjF4I1T4dp8XdFsbTT21C1kEcUU1pNDbbZSFjmlt4miMyqcpICrKjZUbXwP /aS+O37NvwbsP2ePHnwB8Y69498HQSabpVxo9gbvRNSijJNvI16jYjRVKq5RZOBuO0kooBQ/4eD/ ABY8UfspeFr7wvpVnafGvxX4uHw/AcL9kttUG0teLE28H5JYhsbKLI5JDIu1vXZfhd+3/wDBfxn4 N8YeHviXL8btM1K/ht/E+iXtpY6YkFtIMy3NpI8qBQgB2qhU7tuVdWZV+XR+w/8AH7wH+zB4M8fa VYRaz8XvCvjr/hYtzo0bqTIZhB5lkj5AaVRbxOyqSCd6IWO3d9G65+1P+01+0BrvhL4dfs8fDDxZ 8ML19Qt5vEuveKNIigtLGxjB+028IuUlSV2yCpwsh2gBBuJUA9Y/ZX+LXxE8e/tJ/tL+CfF2tSaj ongjWNKt9GtnSNVs4rhbsyKrIqswby0++W6cd88b4G+NfxR1T9oz9q/wZqGvyzaL4B0qwuNDtjHE FsZZbCSV2QhAzZcBvnLCvILPxR8T/wBjj9rz41+JtY+FHijx54P+Lc2n6hpt/wCGLE6gyXFtHJiG RQVVCXnkVgzBhsDKrK2ap/sxeF/jrrHxY/aq+IfxQ+H+qeE7rx7o1pPp1tPbyOkiy2k5htoZwoSa aKJo0lWPJSTKMqsNtAHlfwx1j9vn4z/sjXn7Uf8AwvBtAPhmx1O80zTLfSrVzqkekmYzy3k7AASS NG8aJ5bRgIpKgsTXSf8ACV/tx/F39lG6/bPg+L0fgx9I0y41Oy8NaZpcJtJ7bSt0dxLcTSl2MlwY pJAjK8ajaAAGwv0d+y74B8deH/8Agl83w/17w5qWm+KD4b8Wwf2Tc2k0N/51zc6g0Mf2Z1Eu+UOh RduWDAjORTfhn4B8d2H/AASrvPh3feHNSt/FTeCtetRpElnMmoG4mF15cItiol8x9y7U27jkYHIo A4n45/tw+PdL/Z3+A9z4R1LSvCfjn44wW4m1rUjHHpujRJHCL67PnEooWSZSnmBlC7uGYCvIfEH7 SnjD9lvxL4P8ZWn7T2iftAeFNY1ODTvEOiiXTmv7WO4yWvbMWk0jhI9p+UkIpKhgwbKS/Er9mX4n a3+y5+zF8R9K+H//AAlmv/CC0jOs+DtTtMT39hcrEbiBra4XJkTyQBEULfOWCkqFLb8aP8bPFvhT wL+zn+x7Y+DGkvY28Raz428FWdrZWVovEscQAAkcZJHzBztCqnzEqAewfFbx3+1R48/bz1n9mr4Q fEFfBvhuTwza6pdXL2MF7Jp8SMnmy2qSAZmld0i+dsKrlhhgKT4V+If2m/Bn7S/jT9i/x/8AFObx NFrXhKTW/D3ih7CFNQ06VnEKuYuVk2t5mVd2BKKQVDMo9W8J+CPGlt/wVA8afEC40DUIvC918PIb KHVWtZVsJLoXlkxgS5K+U0oVGOwNuwpOMA0X/gjxo/8AwVA074gJoGoN4XT4dtZNqwtZTYC6+2yN 5BudvlCXaQdm7dg5xigDwX/gkp4J8c2Xhrx54tvfHNze+H4vE2s6bJobWkKwyagos3bUjOD5gkZA U8ofIAc9a+3/ANuX4m6p8If2TfiT460OZrfUrfThZ2sqHDxTajNHZJIh/vRmbePcV8o/8E7rn4g/ CXxL8Rf2c/iD8O/EOkXEviXWdfttdlsnGizW8v2eJI1usbGd9hdCpKsvGcjFfTX7f/w/1L4mfsef E3wvo0Rnvk05NRiRQWdzpdxFfMqAclmWEqAOSTigDzTw94s0r9ib/gnJoXjKxsFuZ/DXhmxultn4 WbVtXaNj5mCDsN3c5fB3bM45FfEL/GH402/wmPx6H7ZPhWX4gJZf2wfBXnaQdPKbfPOmBBN5nn7P 3eQm8v8AJuz+8r7X1/wY37aP/BN/SvDfhK5iXVPEnhnS5LVnYeWup6WYneBn6KDcW7wsx+7kkjjF fDVp4g0fR/hNa/DU/sPS3HxutbRNNFxN4Ps5tDlu4wIft73gT542I8wjGwnjzdvz0AfR1v8AtdfE HXfiJ+yx8ZLfUZNP+G3xjt7nQtY0cLG1vBrqs8EbrKymQbrl9q/PykXIBJrnpP2x/icP+Ck8Xw2G pyD4QtqLeEvK8uLyTrS2IkJ37fM8wXbCPG7G3tnivR/2hv2d/iHq37AWkeGdP8O6dZfErwG9n4ls dM8LWAgtYdUguGmmis7WANl/LmlH7sHzJcsB82K+Xb39nP4zj9gS0+KUXhnUP+F1xePD8Rm05bGc 6l9vkvfs+z7Nt8//AFO2cx4yAM9eaAPvT9nX4r/EX4x/tUfHW7/tqR/hp4CuLXw3pdgI4/JfU4gP t03mBPMLJJEwwX27ZRxxmvMf2HryT4d/tJ/tKfs3W5ZNE0TXIPEOlQH7tvHrCGWaNB2QBodoHHU9 SSfbf+Cfnwl1/wCEn7MugW3jS1ns/Fvime68Qa0l1G0VwL3UZNwE0bgMkiwrErqwBDAggdK8V/Y2 hf4h/te/tPfHq0G/RptVsfDNjOOUnfSYRDcFG6FQIoSMZyGH4gH6gUUUUAFFFFABRRRQAUUUUAFF FFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUU UAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQ AUUUUAFFFFAH/9L9/KKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoor8h9N/aI/bz+MH x2+MPw5+A0PgiPSPhhrI08trcV5HO8UzzrAd0Mjh2xA287VHTA54AP14or8t9G/a+/aS+BvxR8Mf D39tnwbomlaD41ufsWm+KfD00v2CG6IwsVykzyEbmIBYmLapLbWVWK/p5f6hYaVaSahqlzFZ2sIy 8szrHGg9WZiAPxoAuUVm6TrOj69ZrqOh30Go2j/dmtpVmjP0ZCQfzrSoAKK/PbxH+038Z/gN+x9r nxv+PmjaJqPjnTLnyodO0i7C2UyT3UVtARIrzk7PN3yBSTgY+XOR9x+DPEUPizwppPiKGWGU6haw TP5DB41eSNWZQQT0Jxyc0AdNRXg3i3W/jXa/HnwLofheDSH+HF7a37a/JcSAamk6QyG1FqnmqWUy BN+I2wu7kdR67e+JvDemWk+oalq1paWtrIYppZZ44445B1R2ZgFb2PNAG5RUFrdWt9bx3dlMlxBK AySRsHRlPQhhwR9KnoAKK5uz8ZeD9R1V9B0/XLC61NAS1rFdRPOAOuY1YsMfSukoAKKz5tW0u2ea K5vIYntk82VXkVTHH/fYE8L7nimaRreja/ZjUdBv7fUrViQJraVJoyR1AZCR+tAGnRWJq/ibw54f eCPXtVtNNa5bbELmeOEyN6IHI3H2FX7rUdPso45ry6igjmYIjSOqhmbkBSSMk9gKALlFVLu/sbDy zfXMdv5zBE8x1Tc56KuSMk+gpbi+srR4Y7u4jhe4bZGHcKXc/wAKgnk+woAtUUVyWu+MNC0v7bpk ep2Y1qC1luI7N5k89giFgfK3ByvuB070AdbRXyL+w38c/GX7Rf7OGgfFjx/FZwazqdxfxSrYxtDA FtrmSFNqO8hB2qM/Mea+ndK8U+GdeuJ7TQ9Xs9RntTiaO2uI5njPo4RiV/GgDdoqvdXdrY20l5ez Jb28KlnkkYIiKOpZjgAe5qlpmvaHren/ANraNqNvf2PP7+3mSWL5eT86Erx35oA1aKrW15Z3lst5 Zzxz27gkSRsGQgcHDDjjFVhrOjmzXURfQG0dtqzeanlls4wGzgnPGM0AaVFZMWv6FPqsugwajbSa nAoeS1WZDOiHozRg7gD6kUy38R+HrvVp9BtdUtZtTtl3S2qTo08a+rRg7lHuRQBs0VQ1LVNM0azk 1HWLuGxtIuXmnkWKNR7sxAH4ml07U9N1izj1HSLuG+tZRlJoJFljYezKSD+BoAvUhAIIIyDXP3ni 7wpp1pBf6hrVlbW1y/lxSy3MSRyPnG1GZgGOeMDmvM/2h/jPZfAX4LeJ/i5LZpqx0G0NxBaGcQfa pCQqIJMNjO7JIUnAOBQBz/7PfwHuP2f28Z+GtE1dLnwRrGryatoWliEo+ji7G+6tVk3kPB5vzxKF UoCwO4nNfRteafBvx7/wtD4U+EPiDJ5C3XiDSNPv7mK2ffHDPd20c8kQOSRsL4AY5xjNel0AFFFF AHI+PtL8Va34J1zRvA+qx6Fr9/ZzQWWoSxGdLSeRSqzeWGXcY87lGQMgZ44rjfgL8GvDfwB+E/h7 4VeGCZrfRoMTXLLiS8u5DvuLmTk/NLIWbGTgEKDgCvYKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooA//T/fyiiigAooooAKKKKACiiigAooooAKKKKAPif9qb4r+LvC2r6d4O8MXkmmJPai7nnhOy V97uiorjlQNhJ2kE59qyP2YPi54y13xTN4M8S302rW01u80Ms7GSWJ48ZBkOWKsD/ETg4x1OfpD4 q/Bjwz8V4LZtVkksr+yBWG5hwWCMclHU8MueQOCD0PJzT+FHwN8L/CmS4v7CaXUNSuk8trmYAFY8 glEVeFBIBPJJwOa7VVp+y5banzksDivrvteb3PXp2se10UUVxH0YV+Vn7B3/ACdj+2N/2M+nf+jd Sr9U6/I+z/Zc/bu+Fvxx+LvxK+AfifwLZ6T8T9XGoPFrLX8twkcLzNACsdmyIwE7bgHYHjB4oA6D /gsHcaXD+yVDFdgHUJvEWmjT8Y8wXIWZiU758oSDjnmuH8feD2/a1/b5T4B/Gqee58DfDDwla61N o0MzwW2o6pc/Z98kvlMrMo+0AZzx5e0YDvn0Pw5+xZ8f/ix8V/C3xR/bT+IuneLLTwPOLvSfD2h2 zQ6cLoMrrJM7xwlgGRSVMbF8BS4TKt6V+0H+zF8W7/44aN+1J+zF4i0zQ/H9jYHSdSsNbSZtL1aw 3blSVoA0ispwMADdtQh0KZYA+bte+Gvhz9in9uP4N2vwL87Q/B3xm/tDS9Z8PpPLNZ+dZrH5dyiS OxVt06EH+EK4XCuy1+xlfnd8NP2Yfjl43+P+jftLfta69o13q/hG1kg8O6B4bWcabYvOrLLNK9yP MeTDZ6tltp3bUVa/RGgD+Yqx8C+E/EP/AAR61DxnrOnJc614U8QzPpdyzOGtmvdTs4JyoVgp3xna dwOO2DzX9A/7O3ww8B/CX4R+H/DPw70iPRdMuLaG+khjeRw1zcxI0shMjM2WPXnHoK+FPCP7BHxG sv8Agn34k/ZJ8Ra7pMXifVb1763vbV55rBXS8hu4kdnhilAbydjkRnbuyA2MH7d/Zs0X46eHPhbZ eH/2hJ9FuvEmmuLaGXQjMbd7GGKNITL56IfOJD79o24wRjkAA+Pvjt/yk8/Zn/7A3iX/ANN95XzP +y1+yp8KP2h/j/8AtN638Z7GbxJpOg+P9bt9P0t7u4gs4bi5vLg3FyUgkjzKyJEgbPAXuQpX9D/i V+z14z8Y/ti/CD9oXTL3T4vDvw/sNXtb+3mklW9lfULWeCIwIsTRsoaVS2+RCADgE8E/ZY/Z68Z/ A/xn8bfEXiu90+7tviT4wvvEGnLZSSyPFa3UssiJcCSKMLKA4yELrnOGNAHzh/wTc0ub4eePf2jP gRpV7PN4T8BeKo49Gt55GlNrDdG53IrNz92JM+rAt1Yk/Rv7ecfhm4/Zt16w8Z/Ep/hZoV5NbxXm qQWz3dzPDv3GygiikjkZ5yoB2E/IHDKULEO/Zx/Z68Z/CD4y/Hb4ieJb3T7nTfifrVtqWmx2kkrz www/aNy3KyRRqr/vVwEZxweemYP25P2ZPEH7Unwk0/wr4O1m30XxF4d1e31vTnvVZ7Oae3jli8qc KrkKRKSG2PgjG0gmgD8Pf2lJ/wBmCw+Dun+Mv2V/g3428Gat4XvLGe18a3Fpc2ljgOEG+5kuJPMk kYhkOxWDAYIXIr+nXw3ez6n4d0vUbohprq1glcgYBZ0DHge5r8nfjz+y/wDt+ftZ/DKbwP8AFnxV 4H8K2tg0Vza2Gix37RaleRMFDX08yyNDGiF2QRK+XxuTgFf1V8E6frGk+DNA0rxD5H9q2Wn2sN39 mdng+0RxKsvlM6ozJvB2lkUkYJUHigD8fPiH8DPCX7Qn/BUvxD4G+IJuLnwvZeCrPVL7TobiW3i1 D7NNBHDDOYWRmjWWZZcZHzIK6P4OfDrwx+y9/wAFI9d+FnwoSfSPA/ifwKdcuNIWaWeCO6iuPLDx iVnbcPKYrliR5jKMKQB9g6B+z14z0r9uTxL+0zcXunt4X1nwfH4fhtlklN+t0lzbTF3jMQiEW2Fh kSlskfLjJBd/s9+M5/25bP8AaZS908eF7fwefD7Wxkl+3m7Ny828R+V5XlbWAz5u7P8ADjmgD8W/ gd4s+Fnxyh8W/Gf9p34IfEf40eKPFmo3KwXuiaXcXukadYrjy7Szkju4drREsCMHYAoXB3FvQtH+ H/xT+IP7Evx1+GmteHPFei6N8LdTtvE/gJ/FVhPZ6lFp8Bmke3UyfK7QW0UgxExCNLxwVWvtTw1+ zF+2J+y7rHinQf2SPEHhPVPh54mvpdQtdL8UreLPo1xccOLdrYEPGqqoBZjnAzHu3M30z+yz+zt4 0+EfgfxJbfGrxlP8QfFfjm7lvNYklllksIhKGBtrSKXG2L53LEIm7IG0KqgAH5E/txfFHxV+1Z4c +Ftz8OrnbceDPAMnxL1fyeRFMZIYHU44V7d45CPQMexFfXC+N7P9sD9s34CDTts/h34f+EE8e36L 9yPUdWjjFtC3/TSF/IkAPIG73rsf2L/+Cfmr/s9P8VbL4marZeIdO8ZWp0TS1tZppZINEZrgyRTC aKMI8vmoWRC6BlJyc89T/wAE9f2K/Fv7JWmeM7z4jatp+ueIfElxaQQT2Es8yR6bYRlYELXEUTKx Z23IoKhVTDHGAAfYnx98c6j8Mfgd4/8AiJo67tQ8N6DqWoWo2bx59tbPJEWU8FQ4BbPGM5r8t/gJ +wb8IPjD+yZZ/FjxubvUfit47sZ/EDeKmvZ1vLXUJy8sDx7ZAgER27wQSx3EkfLt/YbxR4c0jxj4 Z1fwjr8P2jS9ctLixu4skb7e5jaKRcjkZViM1+Wvhj9mP9vD4Y+BtR/Zp+G3jzwsfhdcNc21hruo RXbeItN0y7djJDFHGqwNKodthYkAk7XjGwIAfCPgTxD4p1b9h79m79nnQdWuNB0/4weNr/SNWvbV tkv2BdS2SQhv+mhmDY/i2bT8pYH6t/bQ/ZG+Ev7KfwQg/aN/ZqtJvAfjT4a3mnSx3Vtd3Ehv4Li6 itXhuVlkYSBjKGbj5lDIwKtgei6B/wAE7/GLfsdeDfgprfiey0X4lfD7WbjX9E1vTGmuLW3vGuZJ 4lJljhkKsrLuOzKOoYBguGv+Mv2Z/wBtT9p+z0T4b/tTeKfCekfDvTLuG51OLwot5/aGtG25QSNc oEiUtz8oUBvm8s7UAAOG8a2th+2v+2t4W+DfxLe4b4c+FPA1p4vm0JJHt4b7Ur0wgGUxssjKiXUY HzfLsZRje+fZ4/2J/Dv7PWvfEr4l/BjXpfDngjXfCWo21/4R8uW4tpLwW8hW6jnlnJjK4G1fLbGX UMqsFHUfHz9lr4ny/GDwx+0l+yzreleHvHPh/Tf7EutO1lJjpOp6YpJSKQ24aRCnQAKN2EIdCgJx PhX+yz8bfGfxl1H9oH9rrXtIvdb/ALFudA0nRvDgmWwsLO8DrO5knAdpSskijO/72S5wqqAL/wAE 7HSP/gnd4KkdgqrYa+SScAAalfZzX5e6nLLB/wAEYfD80DtHLH4oZlZThlYalOQQRyCD0Nfbfw5/ ZL/bu+Fvw/vf2YvCnxA8Jw/Cq5luootae3un1+10++kZriOCDaIFkfzHbDM21mJWUcYmvv2AvjFd f8E+tN/ZQj1nQR4ts9YbUHujcXX9nGI3ck+BJ9l87dtcDBhAznnHNAHz9+3F+x18PP2Y/hD8Pfih 8G7rUND+Jdt4ksLC88Ri/unvb2a+hnM1xIWlKrI0q78oF4LLgg12n7VP7Lfwm/ZM1j4A/FH4JWdz o3iePxzpWlX1+15cTTalFdB3me58x2UtIY2D7QoZZGUjbgD9AP23P2evGf7Sfwu0HwT4GvdPsb7S /EenavK+oySxRG3tFlDqphimYufMG0FQDzlhS/tjfs9+M/2hdG+HGneDL3T7KTwh4x0zxDdnUJJY 1e0s0lWRIvKilJlJcbQwVTzlh3APzR/aU8e6D8UP28/FHgf40eBPGXxQ+H/ww06zTT/DnhSylvI/ t93bwzveX0STQkL++dFYN8wVB90MG7X9kq41TwT+2Xbab8DPhV4/+Hfwd8baZcLq+m+J9Jurawst WtopJo7mCRpJ0jEgiSMF5MlnZAMFAv1n8a/2YfjZpn7QZ/ao/ZU8Q6Rpvi3VNPj03XtI8QLOdN1S CFVWNy9uGkWRVjjUABfuAh1y4fR+BHwF/aXn+N95+0L+0/42s5tRjsTYaX4b8NzXaaLaxuCGklSb b5jgM2Awc5bcX+VQoB+fv/BOH9ib4H/H79mufxv8adNufEt5dX19p2mh765ij0u0iIYi1SKRVV3n eSRiQQSRxy27lfCfh+z8ff8ABKL4iWXxBDa/P8Kde1K30Ce4kcvZ/Z2t1QphhkKtzKqq2VCtgDAG P1g/YV/Z68Z/sxfAGz+Ffj290/UNWt9QvLppdMklltylw4ZQGmihfcAOfkx6E14p8Mv2I/Hfh/8A ZB+K37OfizW9Mj1fx5quq6hZ3dk009tCt2sBtxN5kUL5Dw/vAqkAHKljxQB9B/sT/DDwH8Mf2avA i+BNIj0keJdG0rWtR2PI/wBo1C7sLfzp28xmwz7RkLhRjgCvq6vlz9kXwV8f/hv8JbD4ffH660G9 u/DcdtpukzaE07K2m2lvHDF9pM8ceZsocsoAIIyAc19R0AFFFFABRRRQAUUUUAFFFFABRRRQAUUU UAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQ AUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAB RRRQAUUUUAFFFFAH/9T9/KKKKACiiigAooooAKKKKACiiigAooooAKKo6jqem6PaPf6tdw2VtHjd LPIsca59WYgCmaXrGk63ai+0W9gv7YnAlt5FlTI7bkJFOxPMr2vqaNFFFIoKKK/FW9m1r9sH9sT4 rfBz4ofF7W/hv4c8AzwWOi+GtEv49LuNVVwRJcs7BhOMqr4KOwWVQuwA5AP2qor80vhf8Gf2lv2a P2jPD3hnwp4q1/4ofBHxNazrqTeILyK7vNCuYUbyWSWRo2KO+wYiQAqX3IWVWPh/w/8A2yfBHwH/ AGoP2nLX45eL9Rkszrej2/h/Sx9p1CQbIrxrhbO2XcsSD93vI2LkoCclaAP2dor54+EX7VHwP+Of gHWfiR8NfEI1PSvDqO+pI0MkV1aeXGZT5kEih+UVirAFXwQpJU47n4Y/GDwJ8YPhnp/xd8CXsl74 Y1OO4lgnkhkhdktZZIZcxyKHGHiYcjnGRwRQB6dRX5X/ALXn7ePhez/Y6k+KvwB8R3drqvjGZrLQ r4afKCrWl3FFfbvOjKwsIi4RnAy2Ch3Yr7h/Z2+L/hj43/CfRvG3hW6uby38tLWeW7t5baVrqCNB MSsyqzAsfvAYbsaAPb6K8l1/43fDvwz8W/C/wP1i+ki8XeMba6u9NthBI0csVmjySlpVUohCxsQG IzjjqKXxd8bfh34G+JPg74TeI76S38SePftX9kwLBJIk32NA826RVKJhTxuIz2oA9Zor4b8W/wDB RX9lrwfrWt+F7zXr2+8QeH9UvdIutMsdNuri7W409tlwwRUx5SNkCQsFbB2k4OPo74NfG34Z/H/w RB8QvhTrKa1o00jws4R4pYZ48b4popArxuuQcMOQQwypBIB6tRXP+K/FfhvwN4b1Hxf4w1GHSNF0 mFri7u7hwkUMSdWYn8gByTgAEnFfCtv/AMFQf2Qp9Us7SXX9StNN1CXyYNWuNIvIdOdycf614wwH qSgAHJIANAH6FUV8/wDxh/ah+CHwEu/DNt8VfEkeiR+Lor2bT7ho5JbeSPT445ZiZI1ZRlZUCDrI zBUBJxXmnwf/AG+P2Z/jf48i+GngvxBcReIbtWezt9Qsp7L7aiLvJgaVQGJUFgpKsQCQpANAH2XR Xy38d/2x/gR+zrruneFPiHq9w/iDVIvPh03TrSW+u/s+SPOdIgQiZU43EFsHaDg4+Rf2Yv2gNO+O n7fXxL1fwD4tu9e8BTeENPnsLZpbhbWGdWtUmItJdoilD7w/yBsk9QckA/V6iuJ+I/xC8LfCjwNr PxG8bXD2mhaBAbm7lSN5mSIEAkIgLNyRwBXxnqX/AAU+/Y303VLTT38X3FzbXPkh7+3066lsrd50 WRY5ZljI3hW+YKG2EENggigD9AqK8u8f/Gv4V/C74dn4seOfElppvhQxRTRXxfzEuFnXfELdYwzT NIvKLGGLDkDGa8F+Ev7e/wCzT8ZfGVr8P/DOv3On69qSl7C21WynsPty9jbvMoRyw5VdwducKcGg D7Lorx7wN8d/ht8RPiF4z+Fnhq/lfxN4Blhj1a0nt5YGj8/d5bxmRQJUYLnchIwVP8Qylp8ePhnf fGTVfgNaak8vjDQ9MXVr6AQSeTbWjlNrSXG3ylYiRCFLZwQcYoA9ior4G1T/AIKZfsgaX4hn0RvF dzd2lpcfZZ9WtdOurjS4ps4Cm6jjKsD2dAykchiOa+hvij+0l8Gfg74K8O/Efx14iitvDHiq9tbH T9RgVrm2lkvYnnhfzIQwETRxs/mH5QBnPNAHudFfNn7Pn7WfwT/afbX0+D+qXOpHw08S3hnsp7ZQ txv8l1aVFUh/LfAzvGPmUcVt/Hf9pX4P/s36Rp2qfFXWWsZNZmaDT7O3gkury8kXG4QwxKzELuG5 jhQSoJyyggHvFFfMPwI/bB+A/wC0Zq2o+Gvhxrcp8QaTH511pV/ay2V7FEGCl/LlUb1VmUMULbSR uxuGfJtb/wCClf7JujG5t4/EF/ql/ZXN1bXNnY6ZdT3MH2Ngk0sqhAEiBPDkjdg7c4NAH3vRXmPw 7+Mvwy+Kvw6g+LHgbxBbX/hSeKWY3zEwJCsGfO88ShGiMeDvEgXaOTxg18pJ/wAFNP2Pn8QjRR4r uRZG5+yDVzpt2NK8/dt2/ajHtx3342Y+bdt5oA++6K8l+Kvx1+E3wU8Br8S/iV4kttJ8OSmNYLn5 p/tLzKXjS3SEO8zOoLAID8oLfdBI+fPhv/wUJ/Zm+Jvj7T/hrper3+ka7rLKmnR6tp1xYpeu5wiw vIu3LnhA23ceFyxAoA+3aK/Nz4PeNPEc3/BRf9ovw7rOu3b+HdE0XQJrazuLqQ2VpvsbV5XjidvL i3EszsoGSST1NfWHwZ/aN+FX7QEmvN8KNQuNasfDtybS4vxaTxWMk4JytvcSIsc2ANx8ssApVujK SAe50VzHjPxn4V+HnhfUfGvjfVINF0PSYjNdXdy2yKJMgAk9ySQqgZLEgAEkCvjbwZ/wUm/ZK8be KLDwtZ+J7nTH1eXybC81PT7mysbt84wlxKgReeMybBnA6kCgD7wor8T/APgpT+0jo7fFb4efs7Qe M9f8I6LHqTyeM5tFiuYbo2kkNvLbJbyxofPzHNISib1V9pdCVAr9Tv2ffD/hbwz8FvB+meCNU1TW 9AksI7yxvNakeXUZre+Juka4aRI33YlxtZVKgBcDFAHsVFfkh8Dv27NN8e/tvfED4f6r4g1C48J3 66ZpnhOx/s6aOOO6EYN20wEQZC0u/Ek3BXAU7cV5X+yf+3v8Lvgx4J+Iel/H3xnqeq+IJfHmuNZ2 pW61S6h0yKK1VWydwit1cSbQWUZD7QcNQB+4dFfHfxC+Nfwc+NP7JXi74meD/iDc6R4PnsZo59e0 mOYX+nNGyiTEI2TpMmR8hCttYMPlIJin/ab+Bn7O/wCz/wDC/XPHfjO71ay17RNLi0a5lt57jVtb UWkJW4NuoeXzJFZXlL4Cu4Vm3MAQD7Jor5h+BH7YPwH/AGjNW1Hw18ONblPiDSY/OutKv7WWyvYo gwUv5cqjeqsyhihbaSN2Nwz9OkhQWY4A5JNAC0V+f3iT/gpv+yP4d1K8sofEF/rdrp03kXWoaZpl 1dWELg45uAgRx6NGWB7Zr6bvv2hfgzp3wdX4/wB34qtV8Avbi6TVBvaN0Z/LCqgXzDIZPk8sJv3/ AC7dwIoA9mor899P/wCCoP7H93ZS3l74kvtKZPKaKG80u7iluY5nCLJAuwiRcnnByBkkYBI+hPjp +1L8Ev2c10yH4pa8bLUNaLCxsLaCW8vbnacEpBArsFzxubCk8A54oA+hKK+VPgR+2f8AAX9onxFf +DPAGrXMHiXTYjPNpep2ktjdiFSAXVZBtcAsMhWJGQSADmvK/g98UfhR8NY/2h/iFf8AxK1rxXpf hnxTfy63FqFvcsmgyJNIr2VkrFzJBGx2r5Q24UYGKAPv+ivz91L/AIKffsb6bqlpp7+L7i5trnyQ 9/b6ddS2Vu86LIscsyxkbwrfMFDbCCGwQRX3ppmp6drWm2msaRcx3ljfxRz288LB45YZVDo6MOGV lIII4INAF6iiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACii igAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKK ACiiigD/1f38ooooAKKKKACiiigAooooAKKKKACiiigD89f2ybrW/wDhKdDspS40gWZkiHPltceY wlPoWCbPoD71ifsh3Wtp8Qryzsi502WydrpefLBVl8pj23ZJA74Le9foN4i8LeHfFth/ZniXT4dR tgdwSZQ21vVT1U+4INReGfB/hjwdaPY+F9Mh02GQ7nES4LkcAs3ViO2Sa7FiV7PksfPSyWbxn1nn 038/Q6SiiiuM+hCvyxuvAn7Gn/BRvxb43sfEvha+0Px78PL+TRb2czJYasUt2MYm2wySxyxB1ZEa ZGK7cfKCAf1Or4c+OX7AHwU+Nfjlvinb3useA/GsibZdW8NXa2M1wwxh5wY3VnAGCy7XYYDMcDAB 8WL4Y+Jn7AX7T3wd+HvhL4oar45+HvxT1I6TJ4f1mUXNzYqXihE8fIVVRplffEkX3GVlYV6x+xx4 X0O+/bu/ax8X3dpHLqukajpVpazsgLwxXq3LThGIyu8wR5x1xzX0L8DP2Dfg78E/HH/C07jUda8e +N1i8qLWPE14L+4tgQQxtwEQIWDEbjuYAkBgGbPsXwx/Z68F/Cf4l/En4qeHbzULjVvildWd3qcV 1JE9vDJZLMsYtlSJHVT5zbt7yE4GCOcgH51fDnTbTR/2tP23NG0W3W1tZvD9jcGGJQqNNNpryu20 cbmeV2J7lie9ew/8E+tc0rSv+Cb3hjWL65SO10rTfEUly5YYiWK/vnbdnpheeexBr6w8H/s6+BvB fxl+IPxw0+5vrrW/iTDZQalbXLwvYoljEIUEEawq43Kvz75HBOcYHFfKth/wS9+BmlapeWmm+KvF 9r4F1C7F7c+D4tYaPQp5AwOyWFYxI8eAFw0hfA+/QB+fWn/8oQNT/wCwkv8A6kUVfvz8OyD8P/DB ByDpdl/6ISvnTQ/2Kfg/ov7L95+yVJcapqPgu980tNc3EX9oLJJdfbFkWWKGOMNFMFZMxEcAMGGc +m/s/fA/T/2e/h8nw70rxPrfiqzhuHmiuNduUuriFGREWCNkjjCwoEyiY4JODjAAB8W/HWWK2/4K ffs3S3DCNJNE8QxqzHALmzvAFye5JAA7kgVT/ah1Sxm/4KK/ss6LHKrXlpFrs8sYI3LHcW7LGxHX DGJ8fQ19W/tKfsl/DX9p630C48XXep6Dr3hWZ59J1nRbkWt/aPJtLBXZXUqWRG5XcpXKMpJz5V4A /wCCefwi8C/Evwr8Zp/E/inxL448MXF1ctqusakl7PqBuYBbiO7MkJJjhXcYhGUILtvZxgAA8U/4 J5aP4Rb4/ftZa+kcL+KE8f6pbSOcGaOwa9unjC91SSUPuxgMUGc7RjU/Y+t7DS/25f2rdH8CJEnh GO60WWZITiKPVZIpDcBVHyhjMbgPjHKgEcYHzd+zh+yxo3xy+Nv7S/i6Hxp4o+H/AIj0n4h65Yx6 j4Z1E2Es1nPdzO8Mw2sHTcNwxtOeSTgAfrX+z/8As8fDf9mzwQfA/wAObeYx3E73V7fXkgmvr+6k +9NczBV3NjgAKFA6Ac5APJP2+vHfwm+H/wCzL4i1P4z+HJfF/h+8ltbVdHiu5bI3120okgjaeFle NFaPzGYZwE4VjgV+b37Yd5+2Vqf7HOuD4qeE/Anw5+G9jb6WkOkQS3N1rK7bmBLSCBlZrdGT5d2M EIrDpmv2R+OXwQ8A/tD/AA31L4W/Ei2kuNH1Io++B/KuIJom3RzQvhgroemQQQSGBUkH41m/4Jjf CvxHoDeGfij8RPHfj3Tra3e30yDV9b82DSyylEntYREIxNGpIUurpjgx4AFAHzR8a/D+keM/F/8A wTy0XxHbpf2F3ZmSaGZQ8cvlWWkShXU5DKWUZB4I4Ne5/t56bYw/tI/ska9DCseoDxmLTzlADmB5 bUmMsOSuc4HQZPqa+n5v2Qvh3dXnwTv7zWdauJ/gPDJBobPNbZuY3iggxfYth5hVLdADF5XcnOa7 X4u/s9+C/jP4t+HfjPxTe6ha3vwz1ZdZ01LOSJIpbhWjYLcCSKRmjzGOEZD1+agD4n/ZGt7DUP27 /wBqrVvFscTeL7K80qCwMhzNHpDRygeVnkKyJbeZjgHYO/Od8B9H8I6J/wAFTfjra+EI4YIpvDFl PdxwACNb6ZrJ5+F4DMx3v/ts2ec19O/HL9i74f8Axn8e2PxZ03xFr/w78c2dv9kfWvC96LC6urbo I7htjb8DgMMNjCklVUBn7Pv7EHwl/Zu+IGsfEvwPqmu6jrev6f8AYL+TVr1Lz7QzTLPJcu3krIZ5 HUFzv2dcIDzQBP8At9/8mbfFj/sCyf8AoaV8+3fgTwpp/wDwSUOjW2mwLaS/DSLV3QRrhr6XT1v2 nIx9/wC0HzN3XPOa++vi98L9A+NPw08Q/CvxTcXNrpPiW1a0uZbN0S4RGIOY2kSRA3H8SMPasC5+ BvhK6/Z/H7OEl3fDw0PDieGPtAki+3fYo7UWYk8zyvK87yxkt5W3dzsxxQB+GXxkfxtrPwj/AGCv Deif2VPDewK0EPiFpjos+pQJZJZpfLD8xjAYooHUOy9M17T+134G/bK8YaH4Lvfj14k+D/gdtC16 1u9D1W2utXsr1b+IMywQzTRzYV9oZlC9UU5BUV+kHib9jj4L+M/2fdA/Zu8WW95qnhzwxbwQ6bdy TKmpW0tshjjuEmjREEoViD+72MCQUI4rybwZ/wAE7PhnovjzQfH/AMQ/G/i/4o3PhRxJo9r4p1QX 1pZOhBRljEaZZCqkDIQkAlDgYAPKf2ir6w/Zd/bp+HP7S17Mun+D/iZYT+FPE054ijuYVD2c8p6A ttiGeyQv0zz85eCbLxj4k/Yu/af/AGxpYpbfxL8Ymv5bM5Ilt/D9nIbZUVhyAsZmU44KRoc9DX64 ftGfs8eAf2n/AIZ3Hws+IzXcGmy3MF3HcWDxx3dvPbtlXieWOVASpZGyh+RmAwcEdz4P+GnhDwT8 NNK+Emk2Sy+GtJ0yPSUt7gLIJbWOLySJhgK5kXPmHHzEkkc0Afjv8DfDH7Zl1+xvoOg+EbT4N/8A CqNT8ONJM2pHVxKbWaItdS37R/uRcK28zsPlWRWxgKK8R+K3gSew/wCCdvwJ+HGu+KdJ8Z2B+Jlp ZRahol1Ld2b2lwuo/u1lljibMZdkK7QFwAOlfoJff8EvPhIbe98MeHPiD458O+A9Tna4ufCtjrWN Icucsgikidth6NvLsf72QMfRHjz9jz4O+Ofhf4E+D0UV54c8MfDrVrLWNLg0qWONvtFisqoszTxT F1kMztKeHdzuL5JyAfSGj+H9C8PW62mg6dbadAkccSpbRJEojhG2NMIB8qDhR0A6V+dP7aPwwvfH nxu+FHiD4PfEjRfCXxt8MR302h6TrWJIdStJkbziI9kpUqscgDeWcjOCrIrD9La+X/2j/wBkv4Z/ tMx6HfeK7rUtA8ReGJHk0vW9EuRaajal8FlWQq4KkqDgrkHlSpJJAPiv4NfFvx5pv7ZnhzwF+1t8 JdF0T4seItGuIdF8V6HMXjurO1SaVo5I/NlADLHINxIcEKDGFKldP/glTo3hBPDXxn120ihbxLce O9Ttr2TA88WcaxvbIe4j3vMV7Ft3XHH0v8Ev2Jvh78HviC3xe1fxN4j+Ivjr7MbOHWPFGoG/ntYH 3B0txtTYGDEHcWIBIUqGYH82P2KP2RNC+N/hr4pePIPHXiz4f68vjrXNIuZ/DWpmxW909EtpkhuE KOG2vNIVIx9453YGADzPxRcah4b+BH7eGlfC7Fv4Pt/Fmmw2gtGKxR/aNQ8rU0iCfL5fl7IyBx5Z I+6BX0Ja+Df2ytV/Y5t/CEifBax+EF34Wj/0mZtYTydPktg4u3kwY1uFz5pkwcTfNya/UD4Z/s1f B74U/B2X4FeGtDSbwnewzw38V2RLLqBul2TyXUgCmR5F4JwMABVCqqgfIk3/AAS4+Ekll/wiEfxE 8dxfD03BuP8AhExredIBL+Z5YjMRbZn1Jkzzv3c0AfNGreJvDnw7/Zy/Zd+G2teG9L+PXxPnvrlP B72OrXCaIkljd7Ibhpm8kSrDG0EQjljCArINwVTu4j9sO9/aqvfHn7P+sftJweDNGU+NtP8A7K0/ w+11LqMeJoTO8805ZDGP3YPltgttJ6V+pPxq/Yq+DPxn8F+DfBzpe+ED8Oyp8OX2gzi0u9MChBth dlkGD5UZJI3blDBg3NeNaj/wTL+EfiZrLWvHvjzxv4q8Xabd2t3a+INS1hLrULUWhLpBCJoJIFhL kOymNm3AYcDIIB+a/wC1f8O/j/8AE39sH9qHw/8AA+7EVrb6Fod5rtojlLnUbG30yyYWcOxS7GQ5 YoCocLsJO4K37MfsT/EH4SfEf9m7wjrHwY0uDQNCs7cWc2lQHJ0+9hA+0QSE/M77zv8AMf5pVYSH l67fwn+z14L8HfHfxx+0Lpl7qEviPx/a2Npf280kTWUcdhDHDGYEWJZFYrEpbfI4JzgAYAwPg7+y v8PvgT8R/G/xC+HWoapZQePZvtN9obTQNo8Nzu3efbQiBZYnyXGPNK4cjbhUCAHyN/wVidH+EHw2 03XJfJ8I6h470mDXG3FF+xmKdiHYEYTALE9mCnOcV6X/AMFIPDfw7H7EHjS21iztLey0W1s20dVR EW3uknijtltgMbcg7MJ/yzLD7ua+wvip8LPAvxp8Cap8NviRpi6toGsIqTwszIwKMHR0dCGR0YBl YHII9MivivQf+Canwktb3RIfHPjfxn8QPDXhiaObS/D3iDVxdaRbGIYRTbrEgZVHAXhdvysGUkUA fOPxCv8AXdU8ff8ABO7U/FDSPrF3Zyy3jSkmRrh9O0tpC5bneWJLZ5zmv2krwb4lfs7+CPil8Rvh p8Tddur+01L4V3N3daVDZyQx20rXiwq63CPE7MqiFdojePHOSeMe80AfmH+zuQP+Ckv7UKnqbDw0 cf8AbjDXN/8ABKrwpoCeEvjR4w+xRHVtR8f6vp005RTI1raxwSxxFsZ2B55Dt6ZNfUPiP9jH4fa3 +0fbftPaT4j8Q+G/FBezbULbTL1IbDVBYhEjS7iaJ2ZGSNEkQOFYKCAGyx9I+AP7PXgv9nLQPEXh zwReahe23ibXbzxBctqMkUrpdXqRJIkZhihAiAiXaGDMCTljxgA/HLwRZWuj/sh/txeH9LiW207T fF+uRW0EYCxxIkiIqqo4ACooAHYCvV/EHwwvfHngf9kTxB8HviRovhL42+GPBGmTaHpOtYkh1K0m 0uLziI9kpUqscgDeWcjOCrIrD7wsf2LPhZYeAvi18O4dU1ltN+Mmp3eq6vI09uZ4J71t8i2jC2Co gP3RIsh9SazPib+wt8Hvif8AD34feB76/wBZ0e/+F9ha6doOv6bdJbavBDaQxwrvmWLy2LCJWbEa 4bJTZk0AfLfwa+LfjzTf2zPDngL9rb4S6LonxY8RaNcQ6L4r0OYvHdWdqk0rRyR+bKAGWOQbiQ4I UGMKVK/pn8WvEPhXwl8LfF/ifxykknh3StIvrnUUhZlle0igdpkjKsjB2QELhlOSMEHmvnb4JfsT fD34PfEFvi9q/ibxH8RfHX2Y2cOseKNQN/PawPuDpbjamwMGIO4sQCQpUMwP1d4m8N6J4y8N6r4R 8S2i3+ka3az2V5bvnbNb3CGOVDjBwysRwc0AfjB8MfE37Tnir9mO8PwG+GXgX4T/AANudN1SeH/h IL691K7fTn803Mp2MSzP8/M64xgZ27TXyN4Hlsr39lL9kPQ/GoR/AN38SrxdZE5xbcX37pJs/L5b RvOWz/DuPrX6oeHv+CZHwq0SyXwhd/ELx1qvw9jnM6+EZ9bKaK25zIY5IoY42aPed2AytnksTkng fj58FPhT+yX+yOvwvk8Daz8V/hfda/5+qrcXqDUNBt7oFje2r29qpKwSLlQ2DmQh5NjEAAp/8Fgd L8Ef8M8eFr7VIbePXbTxJZRaS2FEwR45PtEaY58vYoLAfLlUzztrb+PfxJmP7auneEv2efhXYeNv jfonh0yXOua1qM1vY6TpUrZ8tYBIEZj5wLOoVwJdo3bmx+bXjv4c/s2fHjU/A/wv/ZL1zxl8WPFt 7qloJdQ1+e8ks/DmjRZa4jXz4baNFPynowwmFbcVDftZ8c/2JvAXxo+JNh8ZNO8UeIvh945srYWT ar4avhZTXFupOElyj5wCVypXK4DbgFAAPz/8KN8bE/4KofDOX4/T+Gf+EuuvC1+zweFluBbQWv2e +8mOdrnLvNlWbJJ+Urg4xXH2H/JC/wDgoP8A9jlrP/pZLX6IfD7/AIJ8fBr4b/FTwx8bdH1/xPfe N/Dz3clxqepamt9Pq7XcJt2/tBpoW3bImKp5PlYBydxAI66L9iv4WQ+E/jF4OXVNZNl8btTutV1p zPb+bbz3cjSutmfs+1EDMdokWU46k0AfPl34E8Kaf/wSUOjW2mwLaS/DSLV3QRrhr6XT1v2nIx9/ 7QfM3dc85r6c/Yilkm/ZE+ETysWI8N6euSc8LEFA/AAAV39z8DfCV1+z+P2cJLu+HhoeHE8MfaBJ F9u+xR2osxJ5nleV53ljJbytu7nZjiun+Ffw40P4Q/Djw58MPDU9xc6V4YsorG2lu2R7h4oRtUyN GkaFj3Koo9qAO/ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiii gAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKA CiiigAooooA//9b9/KKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigCvbWlrZo0dpCkCsxYhFCgsepIHc9zViiigAooooAK KKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoo ooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiii gD//1/38ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigD/9D9/KKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo A//R/fyiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACop/O8mT7NtEu07N+du7HGcc4z1xUtFAH5gaPdftL6Hp37VWkW/iqb xn8RtJsNMn0lrWAwW9tc3WltN5OnWbPKEEecRglmldQz7mY0v7MPxI09P2hNL+Hfw313xd4h8Ia1 4NuNS1JvFf8AaUkkWtWF3bRyPC+pjzFcrclbmOE+SHZNvIIr7dl+CPg641X4j6rdTXkrfFC3trbV I/OCLHHa2hs0+zNGqyRsYzksXYh+VK9Ky/hl8BtI+HXiS58aah4l1rxn4imsI9Jh1DXJoJZrXTop DILaEW0FugVn2tI7K0kjKpdzgYAPdaKKKAP/0v38ooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD/9k= --000000000000a93fa605b582c690-- From nobody Wed Dec 2 15:28:39 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8CAD33A15FC for ; Wed, 2 Dec 2020 15:28:38 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.098 X-Spam-Level: X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=pingidentity.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GsY0mFuOOEmv for ; Wed, 2 Dec 2020 15:28:36 -0800 (PST) Received: from mail-lj1-x230.google.com (mail-lj1-x230.google.com [IPv6:2a00:1450:4864:20::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 607CE3A15FB for ; Wed, 2 Dec 2020 15:28:36 -0800 (PST) Received: by mail-lj1-x230.google.com with SMTP id r18so423251ljc.2 for ; Wed, 02 Dec 2020 15:28:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=google; h=mime-version:from:date:message-id:subject:to; bh=WpjwcpRhmhYKR9ivd6Zrd3S95cxXTcUA/qAK1rgdBGY=; b=RRDsPPDdmzI5YD1dIRxdMdFykmgy7LFIs0OI5wD23MRKoo1dMFzmrdkYkBER9531g/ dV9Sz9D2gOJP0niwBAEyr7AzozypSfgLv09nFLDa9h/uDsq3+seBq0M5zuPlmbE8t5j0 4Ljq/2MJYFYEzmgxlq53ro7UlB8bjevexARmYrSRVRvRE3HgVdt0I8Qs4YjTZvDWsUvm ovRtPoNjqRIw4V5hBpsJOEpMaRQl8QhqItJimt1BuAy/XV/4YxVBSOp92NYKTNj9JOVG RZokJq9RRMMtDF/2t81S0rQFn/tDTQDVP0F/iGvv2MpwVdSY4YJrVcgXjWGAp/94+l0F Wa9A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=WpjwcpRhmhYKR9ivd6Zrd3S95cxXTcUA/qAK1rgdBGY=; b=kSh/ej6o3IS0LXD1EwTChGaRvfAsB5iC6uVxnXKifeBcgUdHPPsOje/ONYJx5qk2G7 AaT2Q9gaAHrqwU46mczIFrwLA80t2ExxYiI4AawX7a0bhYoax/9cprxRpu4yb8IYO+XR Vje3lMA2ktzUExADCi80hdHAB0RxLS+a7JBeE8BPYJTJDQymklRVJrzMHWBak2DycYKn ZFnJhBwu3jBo5Rs+H24dZDM/2x+FhIjxyKptyOHyI8UD5D3jCxLh70BHJwghUsV7YYeE ASerpZ+pRNO7gtGexPV0vvlpxHoDdU0Hl85MKL8TXiPjx1F7Y+Aw4hPfE2tCkHNQyccs 2NFQ== X-Gm-Message-State: AOAM530TgllDzZ6/JJDuW4txRjMzGyyllId1TRcPaECqHp8u1YO5R8fq NEupVW4LWQ/Ain4uWwmdOGahbwKVH25Fv3un9QZS0HWrNlb9L8c9hpTQQd9sHXzkbxVHl+84S+0 sKh5urnIVVhE9IkHH97I= X-Google-Smtp-Source: ABdhPJxzXLB4W1KCYg4J73jfEpVjvQUyU3Dqsrlj/KV9QI54AQETuW9HO1P8jy8Gspwyx9N+1ThglVvNqsgRW4jpj1Y= X-Received: by 2002:a05:651c:29c:: with SMTP id b28mr96407ljo.368.1606951714236; Wed, 02 Dec 2020 15:28:34 -0800 (PST) MIME-Version: 1.0 From: Brian Campbell Date: Wed, 2 Dec 2020 16:28:08 -0700 Message-ID: To: oauth Content-Type: multipart/alternative; boundary="00000000000019446a05b5839ad7" Archived-At: Subject: [OAUTH-WG] PAR error for redirect URI? X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Dec 2020 23:28:39 -0000 --00000000000019446a05b5839ad7 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable During the course of a recent OIDF FAPI WG discussion (the FAPI profiles use PAR for authz requests) on this issue it was noted that there's no specific error code for problems with the redirect_uri (the example in https://www.ietf.org/archive/id/draft-ietf-oauth-par-04.html#section-2.3 even shows a general error code with mention of the redirect_uri not being valid in the error description). Some folks on that call thought it would be worthwhile to have a more specific error code for an invalid redirect_uri and I reluctantly took an action item to raise the issue here. At the time I'd forgotten that PAR had already passed WGLC. But it's been sitting idle while awaiting the shepherd writeup since mid September so it's maybe realistic to think the window for a small change is still open. Presumably nothing like an "invalid_redirect_uri" error code was defined in RFC 6749 because that class of errors could not be returned to the client via redirection. But the data flow in PAR would allow for a "invalid_redirect_uri" so it's not an unreasonable thing to do. As I write this message, however, I'm not personally convinced that it's worth making a change to PAR at this point. But I did say I'd bring the question up in the WG list and I'm just trying to be true to my word. So here it is. Please weigh in, if you have opinions on the matter. --=20 _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged= =20 material for the sole use of the intended recipient(s). Any review, use,=20 distribution or disclosure by others is strictly prohibited.=C2=A0 If you h= ave=20 received this communication in error, please notify the sender immediately= =20 by e-mail and delete the message and any file attachments from your=20 computer. Thank you._ --00000000000019446a05b5839ad7 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
During the course of a recent OIDF FAPI WG discussio= n (the FAPI profiles use PAR for authz requests) on this issue it was noted that there's no specific= error code for problems with the redirect_uri (the example in https://www.ietf.org/archive/id/draft-ietf-oauth-par-04.htm= l#section-2.3 even shows a general error code with mention of the redir= ect_uri not being valid in the error description). Some folks on that call = thought it would be worthwhile to have a more specific error code for an in= valid redirect_uri and I reluctantly took an action item to raise the issue= here. At the time I'd forgotten that PAR had already passed WGLC. But = it's been sitting idle while awaiting the shepherd writeup since mid Se= ptember so it's maybe realistic to think the window for a small change = is still open.

Presumably nothing like an &quo= t;invalid_redirect_uri" error code was defined in RFC 6749 because tha= t class of errors could not be returned to the client via redirection. But = the data flow in PAR would allow for a "invalid_redirect_uri" so = it's not an unreasonable thing to do.

As = I write this message, however, I'm not personally convinced that it'= ;s worth making a change to PAR at this point. But I did say I'd bring = the question up in the WG list and I'm just trying to be true to my wor= d. So here it is. Please weigh in, if you have opinions on the matter.
=



<= span style=3D"margin:0px;padding:0px;border:0px;outline:0px;vertical-align:= baseline;background:transparent;font-family:proxima-nova-zendesk,system-ui,= -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ub= untu,Cantarell,"Helvetica Neue",Arial,sans-serif;font-weight:600"= >CONFIDENTIALITY NOTICE: This email may contain confidenti= al and privileged material for the sole use of the intended recipient(s). A= ny review, use, distribution or disclosure by others is strictly prohibited= .=C2=A0 If you have received this communication in error, please notify the= sender immediately by e-mail and delete the message and any file attachmen= ts from your computer. Thank you. --00000000000019446a05b5839ad7-- From nobody Thu Dec 3 00:57:04 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C71753A0B87 for ; Thu, 3 Dec 2020 00:57:02 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.097 X-Spam-Level: X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oaGfZ15drXDx for ; Thu, 3 Dec 2020 00:57:01 -0800 (PST) Received: from mail-yb1-xb32.google.com (mail-yb1-xb32.google.com [IPv6:2607:f8b0:4864:20::b32]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1B4E33A0B36 for ; Thu, 3 Dec 2020 00:57:01 -0800 (PST) Received: by mail-yb1-xb32.google.com with SMTP id r127so1319200yba.10 for ; Thu, 03 Dec 2020 00:57:01 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=4F3KmQ31ZwXgQrca/Azgj8pe9qCHpFzDB6UYfRU+jMY=; b=iGnOG/PGdsgH60uIlTefMHd4F/L9Zws54jojc9EVBfEm3vFS8zOI0cm4HgWBrqcfrM TcSSo//4afJtCp3CljJ3/va5n4Au3EMlSN/ikCfHztJHn7nqrQOjmXgyPPJSAw/AriXX SEQnGqCByZsHQBR2xG7KuCZjk+1V0o9B2IWNg8AOv/ErTTrmTSTTvcZUqzDa15pH5kjx E3lvpfp2xA1vgUlqrNLVsq+RgN93L6BO69knRiKs3Mq3jwuw6mYr5hoyNq6Q6jbZrUzM 01fW5hz5g1FYI1EQQKCZ0r28o+FG9F9xP4WXUGk7fFcZV3c3FzUaC5IyruIFhopf1HW3 +QVg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=4F3KmQ31ZwXgQrca/Azgj8pe9qCHpFzDB6UYfRU+jMY=; b=YFjoHemQ3agWyuI6rmWBPHaOq07QxmZwjHSsnjatcn9VGfa8jMVl182pn/DLbJTi/2 itjFJvksZKIPIfNkMXBu99YgRgWgEbHnEPJu05koOCa1TWvIrOC5RP74gO1h4d7sAPh0 9H//PAcTFGZ5EmWD2OcucM6OVUmPpwnN/I5B8fBnLdJcEkA4MI7zgh9qa9FhHVZdc3cR x5+BuZbfnExmEcpsxa5QrDp6aH3MD2TQ/V4ywO4CcYlnmFLq3XbOJcQdyoHSciM5k6/M pD+JJBVtF9ls3c9xa8TVns3nxi1CS+mKGmp3LK9oGOU46KwRgWnND1U5LJ4ISTZ4kxQ6 enyA== X-Gm-Message-State: AOAM530OuBY7u/6Z+ntjwjKsvLbD9YoJKqo9N4x/L4VEYYnbkhOTh+di O5xfVeAoaUNmWD3bxrlVj2HcMaOvqXrkJ1Gd1qD0GjV7y/8h X-Google-Smtp-Source: ABdhPJxTEQjUIc4Rz36RBcmXRSVyU3dc4Q1BXazdvAtQ7XnecHfQoEAM1Q9y4izp/YIYW55lQyAKm7PWrxIOroXqT3g= X-Received: by 2002:a25:db53:: with SMTP id g80mr3275609ybf.85.1606985820252; Thu, 03 Dec 2020 00:57:00 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: From: Filip Skokan Date: Thu, 3 Dec 2020 09:56:24 +0100 Message-ID: To: Brian Campbell Cc: oauth Content-Type: multipart/alternative; boundary="000000000000f9ac7705b58b8a2f" Archived-At: Subject: Re: [OAUTH-WG] PAR error for redirect URI? X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Dec 2020 08:57:03 -0000 --000000000000f9ac7705b58b8a2f Content-Type: text/plain; charset="UTF-8" There are several documents already mentioning "invalid_redirect_uri" as an error code, specifically RFC7519 and OpenID Connect Dynamic Client Registration 1.0. But these don't register it in the IANA OAuth Extensions Error Registry, presumably because they're neither for the authorization or token endpoints. While I think it'd be great if we had this error code registered, I also worry that its registration could confuse implementers to think it's okay to return it from the authorization endpoint. Best, *Filip* On Thu, 3 Dec 2020 at 00:29, Brian Campbell wrote: > During the course of a recent OIDF FAPI WG discussion (the FAPI profiles > use PAR for authz requests) on this issue > > it was noted that there's no specific error code for problems with the > redirect_uri (the example in > https://www.ietf.org/archive/id/draft-ietf-oauth-par-04.html#section-2.3 > even shows a general error code with mention of the redirect_uri not being > valid in the error description). Some folks on that call thought it would > be worthwhile to have a more specific error code for an invalid > redirect_uri and I reluctantly took an action item to raise the issue here. > At the time I'd forgotten that PAR had already passed WGLC. But it's been > sitting idle while awaiting the shepherd writeup since mid September so > it's maybe realistic to think the window for a small change is still open. > > Presumably nothing like an "invalid_redirect_uri" error code was defined > in RFC 6749 because that class of errors could not be returned to the > client via redirection. But the data flow in PAR would allow for a > "invalid_redirect_uri" so it's not an unreasonable thing to do. > > As I write this message, however, I'm not personally convinced that it's > worth making a change to PAR at this point. But I did say I'd bring the > question up in the WG list and I'm just trying to be true to my word. So > here it is. Please weigh in, if you have opinions on the matter. > > > > *CONFIDENTIALITY NOTICE: This email may contain confidential and > privileged material for the sole use of the intended recipient(s). Any > review, use, distribution or disclosure by others is strictly prohibited. > If you have received this communication in error, please notify the sender > immediately by e-mail and delete the message and any file attachments from > your computer. Thank you.*_______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > --000000000000f9ac7705b58b8a2f Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
There are several documents already mentioning "= invalid_redirect_uri" as an error code, specifically RFC7519 and=C2=A0= OpenID Connect Dynamic Client Registration 1.0. But these don't registe= r it in the IANA OAuth Extensions Error Registry, presumably because they&#= 39;re neither for the authorization or token endpoints.

While I think it'd be great if we had this error code registered,= I also worry that its registration could confuse implementers to think it&= #39;s okay to return it from the authorization endpoint.

Best,
Filip


On Thu, 3 Dec 2020 at 00:= 29, Brian Campbell <bcampbell=3D40pingidentity.com@dmarc.ietf.org> wrote:
During = the course of a recent OIDF FAPI WG discussion (the FAPI profiles use PAR = for authz requests) on this issue= it was noted that there's no specific error code for problems with= the redirect_uri (the example in https://www.i= etf.org/archive/id/draft-ietf-oauth-par-04.html#section-2.3 even shows = a general error code with mention of the redirect_uri not being valid in th= e error description). Some folks on that call thought it would be worthwhil= e to have a more specific error code for an invalid redirect_uri and I relu= ctantly took an action item to raise the issue here. At the time I'd fo= rgotten that PAR had already passed WGLC. But it's been sitting idle wh= ile awaiting the shepherd writeup since mid September so it's maybe rea= listic to think the window for a small change is still open.
=
Presumably nothing like an "invalid_redirect_uri" = error code was defined in RFC 6749 because that class of errors could not b= e returned to the client via redirection. But the data flow in PAR would al= low for a "invalid_redirect_uri" so it's not an unreasonable = thing to do.

As I write this message, however= , I'm not personally convinced that it's worth making a change to P= AR at this point. But I did say I'd bring the question up in the WG lis= t and I'm just trying to be true to my word. So here it is. Please weig= h in, if you have opinions on the matter.


<= span style=3D"margin:0px;padding:0px;border:0px;outline:0px;vertical-align:= baseline;background:transparent;font-family:proxima-nova-zendesk,system-ui,= -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ub= untu,Cantarell,"Helvetica Neue",Arial,sans-serif;font-weight:600"= >CONFIDENTIALITY NOTICE: This email may contain confidenti= al and privileged material for the sole use of the intended recipient(s). A= ny review, use, distribution or disclosure by others is strictly prohibited= .=C2=A0 If you have received this communication in error, please notify the= sender immediately by e-mail and delete the message and any file attachmen= ts from your computer. Thank you.________________________= _______________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
--000000000000f9ac7705b58b8a2f-- From nobody Thu Dec 3 01:21:10 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E54BA3A0D6E for ; Thu, 3 Dec 2020 01:21:00 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.097 X-Spam-Level: X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zotKdbU6b2eV for ; Thu, 3 Dec 2020 01:20:58 -0800 (PST) Received: from mail-yb1-xb35.google.com (mail-yb1-xb35.google.com [IPv6:2607:f8b0:4864:20::b35]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 217453A0DEA for ; Thu, 3 Dec 2020 01:20:58 -0800 (PST) Received: by mail-yb1-xb35.google.com with SMTP id t33so1430389ybd.0 for ; Thu, 03 Dec 2020 01:20:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=umAgptDz+npAaIZj2oNCyPLf0HzXQwVZ0uGBpe9QdfU=; b=tYJzDKCDc0Z5wgYXQ7rjtMq64zOZB4eFCI/FpoH5ACUpy5puhQ/yNm9CJ6YnmGhNOi HafSQRbOth8HK0O0Y2jpYtVIs2tF7bp7ecadgydXytiloWEOxf/UaxHzzuBxkHctm/e6 5dsKBurGkFCyPxtga7relsvvH7PAM8nnwHqi6Ygmox8J2bZp21Ry9OWBev5Nsn8JQa5O Xug0lL6Us2m44/ghv6D3hF6DL7uxYWvzyZAH6CGdV2OrBM+NOtXU7+bJ/JYsr9b+QNhQ YzoFW3FIokI3rMC3ieKzHdMwi2dBoYzSMKgZ8SEVVQUpkfF/vIbZrMQEx5Osxummr1Ki Bf9A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=umAgptDz+npAaIZj2oNCyPLf0HzXQwVZ0uGBpe9QdfU=; b=cu0zPuiZdpd9fqiwiNtyWlw9EMdldzbVp2e244UGBTEdm4rFlD/SN62zLYY2caRQjz 57MBO4F4CNQwluST8eIoNYqgHJJNZSNrL9LE6kc+fPaSFHZR0O2Lf6RjAF5aDZt7ZXsM xcqLDzdOFkCRWQVJ4vSbDgVixypyo3+uePyvQEAaLvGTKPa6rsMwy5JThyl2slRVxaky vS1EAaNMwZvx2V4qSo9nguAd/bitUoII6BnEW+TuBithpcRC3Um+OE1wBjdwLfuPUmkJ xqKYcwClZ7A//I1LOqdpBu9qv66ZvJuP1KoHoSFoToIoFrE9q9HEXweTSCHv5HCpA8IJ kStw== X-Gm-Message-State: AOAM5320TZt4cy6xZ712Ei+047NpurJtgiCLqOMQPOJ3IxSQKaKIrUuq aGSpzcOujTolW/FYcpL+23lsdtPzbbzCPBzekA== X-Google-Smtp-Source: ABdhPJxdj7leQRdKFd4TpEdJ0rAQzE5glRvxGHsGnIhRuI9etVIrgOuZlHuG6aNYRlmRImH8uaFhg/Mx27eEjxz6zKU= X-Received: by 2002:a25:f623:: with SMTP id t35mr3324042ybd.399.1606987256809; Thu, 03 Dec 2020 01:20:56 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: From: Filip Skokan Date: Thu, 3 Dec 2020 10:20:20 +0100 Message-ID: To: Brian Campbell Cc: oauth Content-Type: multipart/related; boundary="0000000000009a16c205b58be0bf" Archived-At: Subject: Re: [OAUTH-WG] DPoP followup I: freshness and coverage of signature X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Dec 2020 09:21:09 -0000 --0000000000009a16c205b58be0bf Content-Type: multipart/alternative; boundary="0000000000009a16c005b58be0be" --0000000000009a16c005b58be0be Content-Type: text/plain; charset="UTF-8" Hi Brian, everyone, While the attack vector allows direct use, there is the option where a smarter attacker will not abuse the gained artifacts straight away. Think public client browser scenario with the non-extractable private key stored in IndexedDB (the only place to persist them really), they wouldn't use the tokens but instead, exfiltrate them, together with a bunch of pre-generated DPoP proofs. They'll get the refresh token and a bunch of DPoP proofs for both the RS and AS. With those they'll be able to get a fresh AT and use it with pre-generated Proofs after the end-user leaves the site. No available protection (e.g. RT already rotated) will be able to kick in until the end-user opens the page again. OTOH with a hash of the AT in the Proof only direct use remains. If what I describe above is something we don't want to deal with because of direct use already allowing access to protected resources, it's sufficiently okay as is (option #1). However, if this scenario, one allowing prolonged access to protected resources, is not acceptable, it's option #2. Ad #2a vs #2b vs #2c. My pre-emptive answer is #2a, simply because we already have the tools needed to generate and validate these hashes. But further thinking about it, it would feel awkward if this JWS algorithm driven at_hash digest selection wouldn't get stretched to the confirmations, when this are placed in a JWT access token, cool - we can do that, but when these are put in a basic token introspection response it's unfortunately not an option. So, #2b (just use sha-256 just like the confirmations do). Best, *Filip* On Wed, 2 Dec 2020 at 21:50, Brian Campbell wrote: > There were a few items discussed somewhat during the recent interim > > that I committed to bringing back to the list. The slide below (also > available as slide #17 from the interim presentation > ) > is the first one of them, which is difficult to summarize but kinda boils > down to how much assurance there is that the DPoP proof was 'freshly' > created and that can dovetail into the question of whether the token is > covered by the signature of the proof. > There are many directions a "resolution" here could go but my sense of the > room during the meeting was that the contending options were: > > 1. It's sufficiently okay as it is > 2. Include a hash of the access token in the DPoP proof (when an > access token is present) > > > Going with #2 would mean the draft would also have to define how the > hashing is done and deal with or at least speak to algorithm agility. > Options (that I can think of) include: > > - 2a) Use the at_hash claim defined in OIDC core > https://openid.net/specs/openid-connect-core-1_0.html#CodeIDToken. > Using something that already exists is appealing. But its hash alg > selection routine can be a bit of a pain. And the algorithm agility based > on the signature that it's supposed to provide hasn't worked out as well as > hoped in practice for "new" JWS signatures > https://bitbucket.org/openid/connect/issues/1125/_hash-algorithm-for-eddsa-id-tokens > - 2b) Define a new claim ("ah", "ath", "atd", "ad" or something like > that maybe) and just use SHA-256. Explain why it's good enough for now and > the foreseeable future. Also include some text about introducing a new > claim in the future if/when SHA-256 proves to be insufficient. Note that > this is effectively the same as how the confirmation claim value is > currently defined in this document and in RFC8705. > - 2c) Define a new claim with its own hash algorithm agility scheme > (likely similar to how the Digest header value or Subresource Integrity > string is done). > > > I'm requesting that interested WG participants indicate their preference > for #1 or #2. And among a, b, and c, if the latter. > > I also acknowledge that an ECDH approach could/would ameliorate the issues > in a fundamentally different way. But that would be a distinct protocol. If > there's interest in pursuing the ECDH idea, I'm certainly open to it and > even willing to work on it. But as a separate effort and not at the expense > of derailing DPoP in its general current form. > [image: Slide17.jpeg] > > > *CONFIDENTIALITY NOTICE: This email may contain confidential and > privileged material for the sole use of the intended recipient(s). Any > review, use, distribution or disclosure by others is strictly prohibited. > If you have received this communication in error, please notify the sender > immediately by e-mail and delete the message and any file attachments from > your computer. Thank you.*_______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > --0000000000009a16c005b58be0be Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hi Brian, everyone,

While th= e attack vector allows direct use, there is the option where a smarter atta= cker will not abuse the gained artifacts straight away. Think public client= browser scenario with the non-extractable private key stored in IndexedDB = (the only place to persist them really), they wouldn't use the tokens b= ut instead, exfiltrate them, together with a bunch of pre-generated DPoP pr= oofs. They'll get the refresh token and a bunch of DPoP proofs for both= the RS and AS. With those they'll be able to get a fresh AT and use it= with pre-generated Proofs after the end-user leaves the site. No available= protection (e.g. RT already rotated) will be able to kick in until the end= -user opens the page again.

OTOH with a hash of th= e AT in the Proof only direct use remains.

If what= I describe above is something we don't want to deal with because of di= rect use already allowing access to protected resources, it's sufficien= tly okay as is (option #1). However, if this scenario, one=C2=A0allowing pr= olonged access to protected resources, is not acceptable, it's option #= 2.

Ad #2a vs #2b vs #2c.=C2=A0My pre-emptive answe= r is #2a, simply because we already have the tools needed to generate and v= alidate these hashes. But further thinking about it, it would feel awkward = if this JWS algorithm driven at_hash digest selection wouldn't get stre= tched to the confirmations, when this are placed in a JWT access token, coo= l - we can do that, but when these are put in a basic token introspection r= esponse it's unfortunately not an option. So, #2b (just use sha-256 jus= t like the confirmations do).

Best,
Filip


On = Wed, 2 Dec 2020 at 21:50, Brian Campbell <bcampbell=3D40pingidentity.com@dma= rc.ietf.org> wrote:
There were a few items discussed somewhat = during the recent interim that I committed = to bringing back to the list. The slide below (also available as slide #17 = from the interim presentation) is the first one of them, which is difficult= to summarize but kinda boils down to how much assurance there is that the = DPoP proof was 'freshly' created and that can dovetail into the que= stion of whether the token is covered by the signature of the proof.
There are many directions a "resolution" here could go b= ut my sense of the room during the meeting was that the contending options = were:
  1. =C2=A0It's sufficiently okay as it is
  2. = =C2=A0Include a hash of the access token in the DPoP proof (when an access = token is present)

Going with #2 would mean th= e draft would also have to define how the hashing is done and deal with or = at least speak to algorithm agility. Options (that I can think of) include:=
<= br>
I'm requesting that interested WG participants indicate t= heir preference for #1 or #2. And among a, b, and c, if the latter.

I also acknowledge that an ECDH approach could/would= ameliorate the issues in a fundamentally different way. But that would be = a distinct protocol. If there's interest in pursuing the ECDH idea, I&#= 39;m certainly open to it and even willing to work on it. But as a separate= effort and not at the expense of derailing DPoP in its general current fo= rm.
3D"Slide17.jpeg"


<= span style=3D"margin:0px;padding:0px;border:0px;outline:0px;vertical-align:= baseline;background:transparent;font-family:proxima-nova-zendesk,system-ui,= -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ub= untu,Cantarell,"Helvetica Neue",Arial,sans-serif;font-weight:600"= >CONFIDENTIALITY NOTICE: This email may contain confidenti= al and privileged material for the sole use of the intended recipient(s). A= ny review, use, distribution or disclosure by others is strictly prohibited= .=C2=A0 If you have received this communication in error, please notify the= sender immediately by e-mail and delete the message and any file attachmen= ts from your computer. Thank you.________________________= _______________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
--0000000000009a16c005b58be0be-- --0000000000009a16c205b58be0bf Content-Type: image/jpeg; name="Slide17.jpeg" Content-Disposition: inline; filename="Slide17.jpeg" Content-Transfer-Encoding: base64 Content-ID: X-Attachment-Id: ii_ki7r8t1n0 /9j/4AAQSkZJRgABAQAAZABkAAD/4QCARXhpZgAATU0AKgAAAAgABAEaAAUAAAABAAAAPgEbAAUA AAABAAAARgEoAAMAAAABAAIAAIdpAAQAAAABAAAATgAAAAAAAABkAAAAAQAAAGQAAAABAAOgAQAD AAAAAQABAACgAgAEAAAAAQAAA+igAwAEAAAAAQAAAjMAAAAA/+0AOFBob3Rvc2hvcCAzLjAAOEJJ TQQEAAAAAAAAOEJJTQQlAAAAAAAQ1B2M2Y8AsgTpgAmY7PhCfv/AABEIAjMD6AMBIgACEQEDEQH/ xAAfAAABBQEBAQEBAQAAAAAAAAAAAQIDBAUGBwgJCgv/xAC1EAACAQMDAgQDBQUEBAAAAX0BAgMA BBEFEiExQQYTUWEHInEUMoGRoQgjQrHBFVLR8CQzYnKCCQoWFxgZGiUmJygpKjQ1Njc4OTpDREVG R0hJSlNUVVZXWFlaY2RlZmdoaWpzdHV2d3h5eoOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0 tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4eLj5OXm5+jp6vHy8/T19vf4+fr/xAAfAQADAQEBAQEB AQEBAAAAAAAAAQIDBAUGBwgJCgv/xAC1EQACAQIEBAMEBwUEBAABAncAAQIDEQQFITEGEkFRB2Fx EyIygQgUQpGhscEJIzNS8BVictEKFiQ04SXxFxgZGiYnKCkqNTY3ODk6Q0RFRkdISUpTVFVWV1hZ WmNkZWZnaGlqc3R1dnd4eXqCg4SFhoeIiYqSk5SVlpeYmZqio6Slpqeoqaqys7S1tre4ubrCw8TF xsfIycrS09TV1tfY2dri4+Tl5ufo6ery8/T19vf4+fr/2wBDAAICAgICAgMCAgMFAwMDBQYFBQUF BggGBgYGBggKCAgICAgICgoKCgoKCgoMDAwMDAwODg4ODg8PDw8PDw8PDw//2wBDAQICAgQEBAcE BAcQCwkLEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBD/ 3QAEAD//2gAMAwEAAhEDEQA/AP38ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACvB/2Wbu6v /wBmP4Q319M9zc3Pg/QJJZZGLvI76fAWZmOSWJOSTyTXvFeAfsnf8ms/Bv8A7Ezw9/6boKAPf6KK KACiiigAooooAKKKKACiq91dW9jbSXd3IsUMKlndjgKB1JNRadqVhq9lFqOmTpc2043JIhyrD6ig C7RRWU+uaRHqyaE93Gt/IhkWEsN5UdSBQBq0UVS1DUbHSbKXUNSnS3toF3PI5wqgepNAF2iq9pd2 1/bR3lnIs0MyhkdTkEHoQasUAFFFFABRRRQAUUUUAFFFFAH/0P38ooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACvAP2Tv+TWfg3/ANiZ4e/9N0Fe/wBeAfsnf8ms/Bv/ALEzw9/6boKAPf6KKKAC iiigAor598Q/tNfBqyXUNM8L+MNG8S+IbFnifTNP1G3urmKWMlWE8ULs8YRhhtwBB46180+Gfjd4 u0bxhP4l1GZr2C/YC5tycIUHQIOilB90j8eM0WA/RikYhVLHoOawNF8UaH4g0KPxJpt0rWDoXZ2I Xy9oywf+6V75/lXxT8X/AI2X3ie//sfwrO9tpdpIG81CUeeRDkN6hQRlR+J7YAIPjN8Y7jxhdSeH 9BdodGhbDNyrXDDuR1C+g/Osb4RfFu98A340/UC1xotw37yPqYif40/qO/1rwe5u5obiS6vJC8Uz F2duqsTkk+38q4e/1m48WXT6B4VuALSPi8v4mDKgP/LKFhkGQjqR90e9AH6x/EX4vaJ4Q8M2+q6X It/c6ohayCnKMMDLsfRcjI654r4BufFWv3WvnxPNeSf2kZPMEoOCCOmPQD09K53zr+DQbTw9aTuL KwO6CJiWUEqFPXnkDn8+tRWTS6pMbOyKRzRqZJ3lOI7WJfvSynsg7Dq54HOSOXHY6lhqMq9eXLGO rb/r/hzSlSlOShBXbPvfwL+0P4d1XSY4fExkt9TtgPtJijZ41iwf9IcrnamRg98ngEBiPnr4t/F+ 7+IF4bHS2MOhwHMSg8zHtI+P0HavG11Ge3EcPhy5msbWB/NSbhZ7qbG3zpxjBUjhYiCgT5SMHAjm WGaC41WwiW3+zjzL6zTO2AE4NzBnJMBP3l5MRODkEM3yeH4mxMKkamPo+zo1HaD6xeyVRbR5unRP 3Za2O+eCg01SleS38/Tvb/go97+D3xnfwPKNG8RzbtCckmRj/wAex6lv9zuR2619seGPGeheLUnO kyOHt25SVDHIUP3JArc7HHKnr2IByB+WEaiwWDUb6ESXkoWWys5R8qL/AA3Vyp7Z5iiPJPzN229V 4O+IGueD9Wj1G5v5p4i5dp5MySQO5y7YHLQuf9ZGOn3kAbIaa3FGInN18HR58PDSUl8Uu7pr7Sj1 /m1UbtakcDBJRqStN7LovXtf8Op+qFFedaD8S/D2qeGp/EF9PHZixjV7lSwYKGGVZCPvpJ1Rh97p 1r468Z/HTxRrfiqDWNCmewsNNcm2h/vjoWlHcsOMdAOB3J+wweLpYilGvQlzRkrprZo8+pTlCTjJ WaP0Kor588PftN/Bq8TT9N8VeMNG8M+IL5kiTTdR1G3tbmWVyFXyI5pFeQOxwu0E5469foOuggKK KKACiiigD//R/fyiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAK8A/ZO/5NZ+Df8A2Jnh7/03 QV7/AF4B+yd/yaz8G/8AsTPD3/pugoA9/ooooAKKKKAPw2tv+Cf3xB+EHxu8b/FqG8h8RaDr095d 82NrLJCLudpzmK4FwCEzgsqg4GeBxW7qsWj6JYS6lqRsoYIRyTpGlZJPAUAWeSSeAByTX7VkAjB5 Br55v/2aPh1qfxDs/Hl/C00ViWmi05sfZFuT/wAtdnfHYHgHpxxXh4/hnL8VU9riKEZS7tXZ1Usd WprlhJpHxP4A+Bnxc1rQX8d6roOlLotwpeDTFsLWz1gQEcTxT20MYSUfeCHqPl5zzz93ayadKkU0 ongmDGC427BKq8MGU/ckTpIh+6enykGv1+AAAAGAK+YvjP8ABy41SC88S+CtLt9TvZv3lzpVwxjg u5lHyTKw5jkB4cj76bgeTz4tfIp5dL6zlFPT7VO9lJd430jNd9pLR9GumGKVZcmIfpLt691+R8PR R26W8WqanD58M+TZ2bHH2sqf9ZJ3W3Q9T1c/KOvMpQao013Z20VtqYDS3VpbIY4blR964tkJYqw/ 5aR5J/iBPd+oab4lsLxn8Y2slrrFwiPOsi7cYGAsYHAjXoirwB6nJPMa9rNvodtFdMZDd+YotEt/ +Ph7j+ARdfmz+GOvBIOP+rWMqf7fOrbFdLN8kV/z7t1i/tStzN+8rWSVfXaa/dKP7v8AF+d+/Zbd Datll1KVLbTijyOhkLscRRRL96WVv4UXuepOFAJIFZ+spdXcFvZeGrtoNPgnWe4Msa7tUdRgNNnJ SNf+WKKfl6nJJJ7KTwb8Zm0b+0vFvg2LQdNliiuL5rR9xubvLfPKnVY1XB2D5Vcucc5PP9eldeBy 7E42rHF5lDlUH7tO90mvtya0b/lW0Vr8T0zq1oUounRd77v9F28+/pvBBcLOhYcMvDKeoPoa45Nf 1vVfEdufBd2dPTR5t82pKoc7xwYIg2VbI4kJBGPl69PTPhn4En+N3iTU/D+kNPa6VZQPHeanFwgm YYWFG/ib+8R0GcHNVb3wpL4IupPC01p9hOnnyxGBgYHRh6huue9fV4nDU61OVKrFSi1Zp6pp9GcE JuLUouzRzOnNq1tJN/wkV7/aN5dSvI12yhGlLHgOBwCBwMcYHHpRrOs/2YILW1ge+1K+cRWlpEMy zynooHp6noKbr2qw2McFklu99fX7iG1tIRulnlY4AUDpjue1foD8FP2eND8D3kPj3xAjXnii6tol xMQ62WRlo4h0Bz1bqT+FOjRhTgqdNWilZJbJLoglJt3e583aZ+yt8bm8K2dxrGu6beNmS4OkT6fa Ti1EvzGG3muIZNvPJB4znpmvGb3w8mmzT2+oQWltLbFllWTR9KUoV6hs2fGK/ZavC/ir8AfBvxYn t7jWGls2Dp9q+znZ9qhQ58uT8sZHOODkYr5+twdlVSbqTw0G27v3Vq3uzrjmVdKym/vPxE139jj4 kftPfEPSPiZ8PDFp+jeHpYES6NpbWaTyQyiQtELdIQwBH3ipP4V/Qx4fs73T9DsLHUZfPureCNJZ MY3OqgE/iak0bRtL8PaXbaLotslnY2aCOKKMbVVV6ACtOvdwmEpUKao0YqMVslsjlqVJTblJ3YUU UV0EBRRRQB//0v38ooooAKKKKACiiigAooooAK83+MfjDUvh58IvG/j/AEaKKfUPDWh6lqdvHcBm heaztpJkWQKysULIAwDA46Eda9Irwz9p/wD5Nq+LP/Ypa7/6QTV04OClWhF7Nr8zSkrySZ+Gv/D3 v9pf/oXfCf8A4BX3/wAnUf8AD3v9pf8A6F3wn/4BX3/ydXgH/BPfRvCuvftX+ENL8a2NlqOkSxam ZYNQijmtmK2E5TckoKHDAEZHXGOa/pE/4VL+zF/0Jng//wAF2n//ABuv1LPqmWYGsqMsLzXV9PV/ 5H0OMeHoy5XTufBX7Cn7ePxg/ab+MOo/D/x9pWh2OnWmi3Goo+m29zFMZobi3iUFprmZdu2Vsjbn OOeoP621534N+Hvwm8NXUutfD7w1omlXLobeS50uztoHKEqxjaSBASMhSVJxwDjpX5hfHn/gp74g +C/xy8RfChfA1nf2GgXkVu1497KkjxuiOzlFiYAgMeAT0r4qrg3mOJksBR5UltdHkype3qP2MbeR +wNFfg14y/4LD+K18Xzx/D/wJYS+GoZmSI6hNN9suIgcB/3RVImYc7dsm3pk1+iH7Rf7anhP9mv4 eeHtc8baNLL4z8S2cdxb+HYZgXikKK0wmuCmEiidvL3+Xucj5U4bbjiOF8dSlThKGs9ldX0/ImeX 1ouKa1Z9q0V/PcP+CxPxg/tLzT4F0L+z92fJ8y687Znp5vmbc47+X+Ffqd+yd+2Z8Pf2q9Iu4tGt pNB8UaSiyX2kzuJGWNiFE0EoCiWLcdpO1WU4DKAVLVmPC2NwtP2tWHu9007eo6+XVaceaS0PsOiv jb9rf9s/wH+ylpdjb6pZS6/4o1mN5LLTIJFi/dIdpmuJSG8uLd8oIVmYggLgMR+WN1/wWH+M73e+ x8EaBFa/885Gu5JP++xKg/8AHKMt4VxuKp+1pQ93u2lcKGXVakeaK0P6F6/Nj/goD+2H8Tf2Vbvw Pb/DvTdIv18SpqLXJ1SGeYqbQ24Ty/JnhxnzW3Z3Z4xjnM/7IP8AwUQ8J/tJ+Ix8OvFGjDwp4vlj eS0jSYz2t8IlLyCJiqskiqC2xs5UEhiRivkr/gsz/wAhL4S/9ctb/wDQrKu/IsjlDNIYXG0++j2e jsbYPCNYhU6q/qx+k/7GHxz8W/tE/Auw+Jnja0srPVLm8vLd49Pjkjg2W8m1SFlklbJHX5vyr6ur +bz4Af8ABQ2x/Zp/Zw0b4aeEvDf/AAkHikXl9c3El3I0NlbJNKTGMIN8zkDJAKKAR8xOVHu/wq/4 LA3934hstM+MXgu1tNKupVjmv9JllDWysceYbebzDIq9WCyA45AJwp3zPg3GOtVqUKXuXdldbeSL xGV1XKUoR0ufuZRXmfxX+IP/AAr34ReKvihpUMeqjw/o93qsEfmbYrgW8LTKN6g4V8D5gDwc1+TX gH/gsFpt9JrUvxH8ELpkFlp7z2KWF08815e+bEiW58yNUjUo7u0hPyhDhWYhT8/l+Q4rFQlUoQul o9jio4OpUTcFex+2NFfz8t/wWM+KP9stOvw/0YaSWJW3NxcG4C+hn+4T7+SPpX66fsuftMeEf2o/ hz/wnPhu1k0u7s5zaahp8ziSS1uAofAcAb43VgUfaueQQCCBvmfDOMwlP2taHu97plYjAVaS5prQ +kqK+B/2vv29fA/7Lt1D4QsdNbxR40uoVuPsKy+RBawuSEe5l2uQWwSsaqWIGWKAqT+dWlf8Fivi 1FqSS634D0S608N80VvLc28xX0ErvKoPv5Z+la4DhPHYmkq1OHuva7SuXRy2tOPNFaH9BtFfO37N n7TPw8/ae8Ev4t8DvJbXVi6w6jp1zgXNnMwJUNtJDI4BMbrwwBHDBlXwD9r7/goD4L/Zi1ZPAmka S3inxnJCk8lsJRBa2ccnKG4kAZt7D5ljVclcFmUFc+dRyfE1MQ8LGD5107GEMLUc/Zpan6EUV/PO P+Cw/wAaPtvmHwR4fNpkfu83fmY7/vPNx/45X6c/sgftv+Cv2rLe+0ZdObw34v0mIT3GmvL56S2+ Qhngl2puUMwDKVDKWH3gc16GY8KY7C0/a1Ye6t7NOxtXy6tTjzSWh9v0V8bftb/tn+A/2UtLsbfV LKXX/FGsxvJZaZBIsX7pDtM1xKQ3lxbvlBCszEEBcBiPyxuv+Cw/xne732PgjQIrX/nnI13JJ/32 JUH/AI5Sy3hXG4qn7WlD3e7aVwoZdVqR5orQ/oXor83/ANkH/goh4T/aT8Rj4deKNGHhTxfLG8lp Gkxntb4RKXkETFVZJFUFtjZyoJDEjFfpBXlZhl1bC1PZV42ZzVqE6cuWaswr5D/bC/a08PfsoeB7 HWbrTzrfiDXpJIdL0/zPKRzCFMs0sm1tscW9MgDcxZVGASy/XlfjR/wV8+E3iPX/AAj4P+LmjQtc 6d4Xe5stSC8+THetEYJiOyeYhRj6sld/DmEo18bTpYj4W/v00XzehtgKUJ1YxnsfKa/8FPv2ydZS 78UaRo+lnR9OINz9n0meW0hB6CWUysy9R1cV+m37EP7dVl+1IL/wd4q0uHQvG2kW4unjtmZrW9tw wR5YQ+WjKMyho2ZjhgQxG4L+UHwA/b7HwX/Zi8S/Ay68MLqup3H2qPSLghPsvlaiGFx9tUnc5jLF kAB3g7GKBQT6V/wSX+EXjHVfjDf/ABiNtLbeGNDsLmy+0sCsdzeXOwCBP7+xMu+M7Tszywr9BzzJ cMsLXlOgqfJ8LT+L/h/62PbxmFpqnNuHLbZ9z+iKiiivyI+ZPLfjN8YPBnwJ+Heq/Evx5cNDpmmK MJGN01xM52xwxLkZd24GSABlmIUEj8IfH/8AwVy+O+tapN/wr7QtI8NaWGbyVnie+uivbzJGdIyc dliH1NfZH/BX/TdbufgP4U1Gz3Npll4gT7WqgkB5LaZYXbHAAIZcnuwHevg3/gnl8ev2YPg7c63Z fHLRIota1GeN7HXp7L7fHBAE2mAqqvJD8/zb0Q784cgIuf0rhvKMOsBLGzo+1nf4f+B+PU97A4aC ouq48z7G54L/AOCt/wC0Not/CfGOj6J4k0/eDMggks7gpnlY5Y5DGpx0LRP9K/cv9nr9oDwN+0j8 Orb4h+B3eJGdoLyzmK/aLO5TBaKUKSOQQysOGUg8HIHxV+0Z+z/8Af24PCFhe/s/+I/C0XjKwuEk +3WskYkktCpEsN1Hbgy8Eq6eYmVIOMBmz2/7Cv7HfxA/ZPu/Fv8Awk/iWw1qx8TR2eIbNJVMU1oZ MPmQAYKykHA7D0rhzt5bWwrqU4eyrL7Ouv6efQxxfsJU+aK5ZdjyT9uv9vL4v/syfGDTvh94B0nQ 77T7vRbfUXk1K3uZZvOmnuIioMNzCu0LEuBtzknnoB+gn7OvxF1v4t/BDwb8SfEkNvb6p4h0+O6u I7RXSBXckERq7uwXjuxPvX5vft+/tLfD/wCD/wAaNN8L+Kvgv4a+Id3NodtdrqOsQxSXEcclxcoI FLwSHYpQsBu6seK/RT9nbxponi34AeDvHVjo1l4R0u+0tLoWFrtjs7KIZyqYVFVFAJ6AAVwZphIx y6hUVHlb+1da6PpuY4imlQg1C3n3PdaK/Ez40f8ABXm10fxJd6J8D/CsGtadatsXVNUkljS4YHDN HbR7HEf91ncMe6L3zvCn/BYRp/Butt4y8EwweKrSJJNOFrPJ9gvHMqK8UgZXkgZYyzq2XViMHbxn OPBmYuCn7PfpdX+4Syqva/KfuJRX56fsSfts63+1lrPirStX8LW/h4eHbe1nR4Lp5/N+0PIpBDIm MbBgg14f+0n/AMFNfE3wG+OHib4TWXgWz1e20CS2RbqS9kieUT20U5ygiYDBkI6npmuSnw1jJYiW EjD34q7V1tp1vbqjKOAqubppao/Xuivw8+MH/BX2bT/EtzpPwS8I22o6TaSFF1HV3lBugpwXjt4j G0aHqpdyxBBKqeK9y/ZK/wCClumfHrx7ZfCz4geG4/DOuaqHFhdW05ltLiZELmFlkAaJmVTs+Zwx +XgkZ2rcI4+nRdeVPRK71V0vQueWVow53HQ/VGivEf2gvj74G/Zw+HV18RfHUjtCrrb2lrCAZ7y6 cFkhjBwASFZmYnCqCfQH8Zdf/wCCxXxTnv5H8LeAtFsrLediXs1zdS7OwZ42gXPuFx7VhlfDeMxk XOhD3e7diMPgKtVXgtD+giua8YeMfC/w/wDDOoeMvGmpQ6RoulR+bc3U7bY40yFGepJLEKoAJYkA AkgV+TX7On/BVuw+IfjnSvAPxc8LQ+H31u4jtbbU7CZ5LdJ5mCRpNDKCyIzEDzA7YJGVC5YX/wDg qj+0XqXgfwp/woCDRYru08d6alxLfNMyyW5trxHAWMKQ2fK7kda6aXC2KWMhhK0bc3mturT8kXHL qntVTkt/yPpz9nv9t/wX+0t8YfEPw8+HekXC6HoOmNerql0fKe6kE8cOEt8ZSPD5DOwY90Wvt+v5 GP2Tf2o9W/ZT8aav4y0nQIPEEmr6ebBoZ52gCAypLvDKrZPyYxjvX70/tEftna18Ef2evhz8bbDw xb6pc+OVsGkspbl40t/ttibs7ZFQltpG0ZAyOa9PiLhOdHFQpYaPuy0Wu7tr/Wx0Y7LXGoo01o9j 7+or4y/Yq/an1T9q3wPr3izVvD8Ph6XRtRFiIoJ2nWRTCku4lkQg5bGOa81/bY/bj139lDxT4b8P aR4UtvEKa7ZS3TST3TwGMxybNoCo+c9c187TyPEyxTwaj766XXa++xwrCVHU9klqfovRXzZ+z98e L741fs46b8c7zSI9Lur631KY2UcpljU2FxPAAJCqn5/JyeOM45xX5k+FP+CxU9xqMw8Z/D6G0sI7 ad0NnevJNJcKhMMWHiCqrvgMx+6uWAYgKdcLw5jK0qkKULuDs9Vvr567FU8DVm5KK23P3Jor8Xf2 d/8Agpx8VPjX8c/Dvwwm8AaYLDxFdeSDa3E63FrCqtJLMzvvSQRRqzlQibsYyM5r2f8Aa0/4KTeE /gD4ouvhr4C0ZfFniqwwt68sphsbKRhuEbFQXmkAI3Ku0LnBfcCo2qcK46NdYbkvJq+627vsXLLq ymqdtT9O6K/ALwr/AMFi/iLDq0R8b+AdKvNMLASLp009tOqk8lTM0ysQOxAz0yOtftP8FvjP4E+P fgCw+I/w8vGudMvCY3jkXZPbTpjzIJ0BO2RMjOCQQQykqQTjmvDuLwaUq8NH1WqIxGBq0lea0PVq KK+Jv+ChHxc1L4P/ALL/AIj1PQrg2mreIHi0W0mVirxtebvOZCOQ4gSUqQQQ2COlebgcJKvWhRhv JpGFKm5yUF1Pl79p7/gqf4f+G/iC98C/A3SrbxVqenu0Vzql27/2dHKmQyQpEVefaeC4dFyPlLjm vhFf+CrX7Vy3guTLojRg58g6d+7I9MiTfj/gWa4r/gnx+zPoX7R/xiuYfG8RuPCfha1F7fwK5jNz JI2y3gLKQwVmDM5BB2oVyCwI/oz1b9nD4Ba34Wk8F3/w90L+xpUKeRFp8EOwEY3RtEisjjs6kMDy Dmv0jMJ5Tlk1hZUPaStq3/wevkrHu1nhsO1TcLvqfEH7If8AwUp8P/HbxJZ/DT4n6VD4W8Wagdll PbOx0++lwT5SiQl4ZT0RWZw54DBiqn9Sa/nvn/4JOfGyH4qapP4M8Q6bonhfTtQM2k6hd3Ekl95C sJIWEcEZHmR8AlmTLLkcEV++EuqR+GPCzax4y1GCFNLs/P1C9I8m3XyY900uGJ2JwWwScDvXy3E2 FwKqQngJXUt12f8Awe3Q8/MKdFSTovfodBRX4l/GD/gr9Y6ZrlxpHwS8IR6vYWzsi6nq0kkSXGON 0drGFdUJ5BeQMR1RTxXKfDv/AILE6+NZhg+K/gS1fS5WAkn0aaRJ4V7sIbhnWX6eZH9e1OPBWYun 7T2fyur/AHAsqruPNyn7v0V89+Lvjpb3X7O+q/Hr4KQ2/jSC1059TtITI8S3EVud1whwpdJI41k+ Qru3rsIBr4m/ZQ/4KU3H7QXxisfhV4q8J2vhv+1ra4azuIbt5i91AvmiJleNAA0ayEHOdwAxzXl0 MjxNWlUrQjpD4trq3luc8MJUlFyS23P1doryz43fFLS/gr8JvFHxS1dBND4espLhIi2wTTnCQQ7u cebKyJnBxnOK/P79kn/goP4//ad+L9v8OR8P7TS9OjtLi9vr2K9kla3hhXahCNEAxaZ40xkcMT2q cLk+IrUJ4inH3I7u6FTws5Qc0tEfqpRXwP8Atfft6+B/2XbqHwhY6a3ijxpdQrcfYVl8iC1hckI9 zLtcgtglY1UsQMsUBUn86tK/4LFfFqLUkl1vwHol1p4b5oreW5t5ivoJXeVQffyz9K9DAcJ47E0l Wpw917XaVzejltaceaK0P6DaK+dv2bP2mfh5+094Jfxb4HeS2urF1h1HTrnAubOZgSobaSGRwCY3 XhgCOGDKvx5+19/wUN8R/sy/F3/hWml+DLTXYf7Ptr37TNdyQNmcuCu1Y2GBs65rhw2SYqtiHhYQ 99bp6fmY08JUlN00tT9TKK/CLx//AMFhfEMWo2sHwz8EWMlmkMBuJtSlmdpJ2jUzLEkfl7URyVRm JLABiq52j7f8aft5eHfhb+zl4J+M3xG8PPaeJfHVp9p07w9bXG95V+8JTOyDZCY2jcsUJXzFUBjz XZiOFcdT5OanrJ2Sur9/67dTWeXVo2utz7+or+eu/wD+CxHxjkvN+l+BtBt7XJ/dzPdTSY7DzFkj GffZ+FfZv7JP/BSrQ/j742s/hb488Or4Y8R6mHFhcW0xns7qSNS7REOoeFyoJTJdWwRuU7Q22M4O x9Ck6s4aLV2adiquV1oR5mtD9R6K83+LfxY8FfBLwDqfxI+IF4bPR9LVd+xd8sskjBY4okH3ndiA BwB1YhQSPxQ8U/8ABYvx9LrEh8E+ANMtdKWRgg1Geae4eMH5STCYkRiOoAcA8ZPWuLKuHsXjU5UI XS67Iyw+CqVdYI/feivxG1r/AILDWi+ENE1Dw/4DV/EUsk8ep2VzduIIVQIYZbedIvnWQlwVZVZC uPmBDH9Kv2UvjrfftHfBfS/ipqOkR6JcX9xdwNbRSmZF+zTNGCHZVPIGcYozDh3GYWl7avCyvbdb /wBIK2Bq04801ZH0fRX5A/tI/wDBVfQvhz4t1DwJ8GvD8Pii60mV7e61O8lZLLz4ztdII48PMqnI Mm9FJHyhlw1eNfD3/gsT4lXWoYfir4Es5NJkYCSbRpZI54V7sIrhpFlI/u+ZH9a7aPBuYTpe1jT0 7XV/uNY5XXceZRP3jork/Avjjwt8SvCOleO/BV+mp6JrMIntbiPIDoeCCDgqykFWUgFWBBAINdZX zM4OLcZKzRwNNOzCiiipEFeAfsnf8ms/Bv8A7Ezw9/6boK9/rwD9k7/k1n4N/wDYmeHv/TdBQB7/ AEUUUAFFFFABRXxB+1b+2Wv7MOv6FobeEP8AhJP7atZLnzPt/wBj8ry32bdv2ebdnrnI+lfRvwW+ JQ+MHww0D4kDTv7J/tyDzvsvnef5XzFceZsj3dOu0V1VMFVjTVaS917CUlex6lRRRXKM81+Jfw10 n4iaOba5Ahv4ATbXAHzI3ofVT3FeEfBn9mM+EvE03j34iXEOr61ExSwijBNvZxdioYDLnucV4p8f f+CiK/A34ta78LT4AOtHRDbD7X/av2bzftFvHcf6r7LJt2+Zt++c4zxnAvfs8/8ABQNfj18T7H4b jwGdD+2xTSfajqn2nb5S7seX9ljzn/eFem8nxPs/a8vu2vutvvI9or2P0bkijmjaGVQ6OCGUjIIP UEV8VfE39lfUvE2uRxeDdUj0fRL6TN6DnzooyfnSDHHze+Mdq+2KK8ws5DwN4G8N/Drw1aeFfC1o tpY2ahQAOWbuzHux7k1yXxV+FenfETTDJFtt9XtlPkT46/7D46qf07V4v+1n+1kP2XI/C0h8Lf8A CTDxKb0f8f32Pyfsfk/9MJt+7zv9nGO+ePjb/h7Un/RKz/4O/wD7hr08Pk+JqwVSnG6fmv8AMh1E tGfb3wK/Zuj+H2qXHjjxxPFq/iqclInQEw2cPZIQ3c92xmvq+vDf2dfjQPj98LbD4ljR/wCwhfTX EX2X7R9q2+RIY8+Z5cWc4zjaMe9e5VwVaUoScJbotMKKK/Kn4mf8FN1+HPxE8TeAT8NzqB8O6jda f9p/tjyvO+zStHv2fY227tudu446ZPWt8JgatdtUle3p+pMpJbn6rUV8D/sv/txJ+0j44u/BY8Fn w6bW0a6886j9r3bSBt2fZ4sdeu78K++KjE4WpRnyVFZjUk9UFFFFc4wooooA/9P9/KKKKACiiigA ooooAKKKKACvDP2n/wDk2r4s/wDYpa7/AOkE1e514Z+0/wD8m1fFn/sUtd/9IJq68B/Hp+q/M1o/ HH1P5K/hJ8J/GXxt8eaf8NvAMEVzrmprM0Ec0qwoRbxNM+XbgYRDj16V9kf8Ot/2uv8AoCab/wCD OD/GsL/gmd/yeV4J/wCuOq/+m64r+pyv1ji3ivE4HExo0UrOKeqfd+fkfR5lmNSjUUY22Pg//gnp 8BPiN+zt8F9a8FfE61gtNUvfEFzqESW86XCm3ktLSFSWTgHfE/HX86/Bv9vT/k734mf9hCP/ANJo q/rUr+Sv9vT/AJO9+Jn/AGEI/wD0miryuBsbPEZjWr1N5Rvp6o58oqudeU5btf5H7x/BP9hX9nLQ vhP4MtfEHgqy1XXre2sNQutRmD/apL9VSZm8xWDCMScCLOwqArK3Ofwn/b88c6j46/ax8fT3ly88 Gi3g0m1RjlYYrFREyIOwMokc/wC0xPev6sfDyhNA0xF4C20IH4IK/lu/4KL/AAx1f4c/tUeKr28h 26f4tddZsZQPlkS5GJh6blnVwR1xg/xCp4Hx8q2PqOvJuVna781ewsorOVaXO7s+y9H/AGvv+Cde m/B+L4Mz/DjWLjSPsS208raTYfapZdmGuTP9q3+eW+cSZypxjAAFfBP7DnjW58CftbfD690eaQW2 qaomkyBsKZbfUSbYB1BI4Lq+MnDKCOlfov4d+O3/AATHuvhHD4z1/wABaLaeK4rMGfQRpLtcPfKn McUixmIxu4+WQuAFI3bWytcV+xl8cPhl8X/jd4c8HaZ+zh4ZsNXhlN+NY01jD/ZqWn7wXPlyRSkl XChP3i/Oy4IOK9elP2WHxNqE7NPm5muzu1d6/LfQ6YvlhU9x263Zzn/BXX4Z+LrP4uaB8VzbTXHh nUtKg00XON0VveW8szmA4+5vRw65xuO/Gdprzn4J/wDBR66+Hvw2sPg78QfhlovivwpZ2i2BWAfY ppoAuwtOrJNFNIRyzbULHkncS1fcv7cP7dnxA+BHxB1D4Pv8N9I1fSL2zguLa61dpLq2v7eZfn3W yrGuElV0Kl2+7njIFeJ29n/wS0+N/wAPbXxj4ong+GXiaa2VtStNMkubSS3ugv71YLYpPbyR7smM xxHKkA4bKjDAVL5fRp47DuUPsuOvo2k7oijL9zFVoNrpb/gHafsT2H/BOvxf8QNKuvh5pmraR8Q7 GY3WnW2vXkyy+ZEC5+zNby/Z5gq5+R/nKgkoQCa5j/gsz/yEvhL/ANctb/8AQrKvy3+D2lXl7+0f 4R0v4WS3F5IPE1oNJmkTZM0Ud2pillVfuYjAeTsoz2FfqR/wWZ/5CXwl/wCuWt/+hWVdE8B7HOsP L2jlzKWkndrR/h/wS3R5cXB3bvff0PSv+CVn7P8A8N7z4O33xd8S6Faazr+sajPawS3kCTi2tbUK oWFZFIRncuXYcsNo6Dn87P8AgpD8PPCnw4/aj1jTfBumw6Rp+p2VnqBtrdBHCk0ylZCiLwoZk3EA AZJwK/Yn/glp/wAmj6R/2FNS/wDR1flf/wAFW/8Ak6x/+wHp/wDOWuXJMXUnnteMpO3vL7mrEYSp J4yab7n603F3Nff8Ey2ubhi8jfDABmPJO3StuT78V+Gn7BXwi8L/ABp/aX8OeFfGtsL3RLOO41G5 tm+5cC0TdHG45yjSFd6/xLle9fuDH/yjDP8A2TJv/TWa/Jz/AIJTf8nXQ/8AYE1H/wBp1lktWVPB Y+UHZpy/InCycaVZruz9BP8AgqR8Gfhva/s5weN9F8O2Ol6v4d1GziguLO3jt3+zXBMTwt5YXKZK kA52leMZOfEf+CM1zML/AOLNnuPlNFosmO24NeDP5GvsT/gqN/yaJrn/AGEdM/8ASgV8Z/8ABGf/ AJDPxX/699G/9Du648JVlPh2tzu9pfrExpSbwM79/wDI/Lv4meOdP+JP7Q+u+OviDc3V3o+r+IHm vXgw1yNOFxt2Qhiq7ktwEjBIAwoyBX6VfGL9rz9gT4hfBLVfhVoXw61PSpIrGRNGmi0mwhazvEQ/ Z5BKl0ZAN4HmHkupYNnJr8+fjb4Iuf2f/wBqDW9C8VaRFqVnoOvLfpZzj/R77T2mFzCjZBBSaEhW HOMsvUGv07+IHx2/4JmaR8KLjxd4C8BaFrPiu5ts2WiTaTJHKlywA23TbRGqRk5crIdwBEZY4NfV 5pGnJYaUKc5LTl5HotrX/wA9rHpYhJ+zai32sfK//BKvxtqHhz9qa28LwSsLPxZpl7aTR5+UtbRm 7jcj1XyWAPoxHesD/gpj8M/F3g39qHxD4u1m2mbRfGH2e7028cZjlEVtFDLEGHAaF1K7TyE2HGGF fdf/AAT6+LPw6+MvxTmXwz8AdB8Iah4cspLmbxDpj7fsxmBhWJI3hLB5gzgYlzsD9QDXLftY/wDB Qfxp4M+JXiT4H+MPhLoGp6To995bx6z5moJeWhO6KdIysSKZYWDLw2wnHODXmrF4n+2XOlR15EpJ yje199H6GHtKn1puMdbaq6PCNI/4KTaP4t+HMnwi+PPwo0vW/Dt1bfY3k0Vhp7wpt2rLDA6Sosq8 MpR4wrAEADivuH9gvSf2Dda8Q/8ACRfAC21C08eabbSGSDWrmcagltIBHIwiSU2sqHIBKBtpIJ2k rXzX8SvCX/BKfx34Au/HPhvxBN4M1WW1eeOz06S5+1C52krC1jOsyffwp8vYh6hwvzV8W/8ABPfT /Et/+158Pz4ZVzJa3E810y52pZrbyCcuR0BQlRngsyjqRRiMBQr4KvKgp0bJtp3Sbt2u0100CdGE 6U3BOJ9Wf8Fdfhn4us/i5oHxXNtNceGdS0qDTRc43RW95byzOYDj7m9HDrnG478Z2mvOfgn/AMFH rr4e/Daw+DvxB+GWi+K/ClnaLYFYB9immgC7C06sk0U0hHLNtQseSdxLV9y/tw/t2fED4EfEHUPg +/w30jV9IvbOC4trrV2kura/t5l+fdbKsa4SVXQqXb7ueMgV4nb2f/BLT43/AA9tfGPiieD4ZeJp rZW1K00yS5tJLe6C/vVgtik9vJHuyYzHEcqQDhsqMcBUvl9GnjsO5Q+y46+jaTuiKMv3MVWg2ulv +Adp+xPYf8E6/F/xA0q6+HmmatpHxDsZjdadba9eTLL5kQLn7M1vL9nmCrn5H+cqCShAJr9rq/ji +D2lXl7+0f4R0v4WS3F5IPE1oNJmkTZM0Ud2pillVfuYjAeTsoz2Ff2O185x1gPY14S9o5cy2k7t f8D/AIJw5vR5Zp3bv3Cv5kf2zv20PiH+0j49vfhX8N7m4h8CLeDT7Oxstxk1mVZdiSy7RukEr4MU P3QNpKl+a/pjv7X7dY3Nl5jQ/aI3j3p95d6kbh7jORX8e/gLVdX/AGYv2jdI1Xxro7y33gDW0N9Z HAdvs0m1/LJ4yV+aNvun5WBxzXTwDhKc51azjzTglyr7/wDgK/S5pk1KLcpWu1sW/j1+y58X/wBm 46CfidpsdvF4htvPgltpPPiSQf6y2kcAKJowQWUEqQQVZhnH6PeBv+CpWmfDn9nrwV4f0TwnZz+L 9GnGnX+nojWVk1hBEdt1AYU2JJKxUMuDhhIdu0rXsP7Uf7d37F/xh+BWreDrv+0PFN7qcAktLKOz ktLiyvgD5MpuJ0EUbRsfmaMygruXDKxB/n4r7XA4eWaYdf2lRcZRfmk/1/rc9WlTeIgvbxs0z+v3 9lX9oR/2mvhWvxOPhqXwvG95PZpbyXAuhKIAm6WOQJHlN7MnKg5U19J1+af/AATi/aW+FPxC+Fui fBDw1p8nh/xL4O04GexYNJFcxq4868imA2/vZpN7o21lZyFDKN1fpZX47neE9hiqlPk5UnovLofL 4ulyVJRtY5Dx94M8JfEPwbq/grx3ZxX+g6vA0F3DKdqlDzkNwVZSAysCCrAMCCAa/Dn4o/8ABI3X ZXn1v4BeNbLWtLkZjFaaoTHKoUkFFuoFkjlYEYyyR+h5r2P/AIK8fCPXvEHg3wl8XdCtpbm18MvP ZarsywigumQ28rL2VZAyFvWRc18tfsGft/eHP2evCt18KfitZXdz4ca5e7sL2yQSy2jzDMsUkTMu 6JmG9SnzKxbIIIK/Y5BgsbSwP1vL6vM29YW7fPfZ6Wdj1MFSqxo+1oyv5Hxj8Uv2af2if2c7iDXf Hfhm+0GGCZRBqlrIs1usufk23Vs7rG5/hDMre3Br9hv+CZP7YHjb4tz6p8FPinqEms6to9n9v03U ZzuuJrWN0ilhnfrI6F0ZXYl2BbcTtBryf9tH/go58I/ip8G9Z+Efwq0681WbxGIori9voBb29vDH KkuY0Zi7ykoAuVUL97JIxXmH/BIv4da7q/xr1/4liF00Tw9pUlm03IV7u9dNkQPRsRo7Nz8vy5+8 K9/M5VMVlNStmFJQnHb8Leau9LHbiHKphpSrxs1sYH/BXX/k5vRP+xWsv/Sy9r7C8d+ML7wd/wAE k9Hn0yd7a71XRNO01XQkHy7u6VJ1yOzweYp9jXx7/wAFdf8Ak5vRP+xWsv8A0sva+90+FmrfGL/g lno/gvw/F52rnw7a31nGBuaSawnFz5SAdXlWNo192FcNecI4DL5VNlKN/wATGTSo0XLa6Pz4/wCC WvwT8E/Ff4ya5r/jvTodYs/CFhHcW1pcIJIGu7iXZHJIjZVxGquQrAjcQ3VRX3D/AMFSf2fPhwfg f/wt7QNEtNH8QeHLy1ikntIUgNzaXT+SYpQgUNtd0ZGIJXBA4Y1+WP7EP7UFt+yx8WLnxB4isZr/ AMO63amw1KK3C/aIgHDxzRqxUM0bAgqWGVZucgV9Oft7ft++Df2gPA9n8KPhNZ3i6PJcxXmo3t7G sLSmDJigijDMdoYh2ZiDlQAMZJ9DMMBj5ZzTrU7+zVteiXVfM3r0azxUZLb+rndf8EbP+Rw+J3/X hpv/AKNmr4w/4KJf8nlfEf8A67af/wCm62r7P/4I2f8AI4fE7/rw03/0bNXxh/wUS/5PK+I//XbT /wD03W1b4H/kf1/8C/8AbS6P++z9P8j99/2ff2V/gt4V/Z68P+B77wnp+qLrWlQTarNdW0cs93cX UQeVmlK7xtZiI8EGNQApBGa/nC+FOmjwb+1z4Q0XT3YLovjiwto2J+Yrb6kkYz9QOa/rS+H3/Ihe G/8AsGWf/olK/lE8O/8AJ7Gmf9lCh/8ATsK8Lg7FVKssX7STd1f8zjyupKTq8z/rU/ox/bA+Dv7P fxM8CW2v/tF6rPomheFjLJFeRXjWwie52KfkAdZZG2gIuxm5IUfMQfzI8FftafsG/sy+FbnwZ8Iv BOqfEK5klmkl1TVbS0jkuhIeEe4lRZRGoACoLZQByQWLE2f+Cx+qeJR4p+HGiySyL4fNne3EcYJE b3gkRJGYdCyRlApPQMcYyc5P7D3ij9gDwV8F08T/ABjTSpPH9lPctfrrNq17JtWRjb/YoGSRCvlb eUXf5m7ccbazyzL1DK4VqznUjJ6Qi9Fq97a/8F7dScPQth1KV2n0R+V3i/xbpnij4n6l428MaJD4 Ys9R1Jr22023ffDZh5N4ijYKg2qemFUAcAAYFf0sf8FHPBPgzVv2W/HHjHVNB0+81/SLW0Sy1Ga1 ikvLVXvoAywzspkjDBiCFYZyc9a/m/8AjD8QNJ+JHxl8TfEXR9OGlaXrGpyXVtaAKvk2+/8AdqQn yg7AMheM5xX9NX7f0Z1H9jf4jtZfvlaytJgV5BRLyCQsPbaCfpXq8TyccTl7ty69/OOl+p05g2ql Hpr/AJH5Af8ABKnwB4E+IXxj8W6Z4+8N6b4ls7bQTNFDqdnDexRy/aoF3qkyuFbBIyBnBIr7Q/4K 66fYaT+z74E0rSraKzsrPX4oYIIUWOKKKOxnVERFAVVVQAAAAAMCvzu/4J1ftB/DT9nf4reI/Enx SvZtP0zU9EktYZYoJLgm4FxDKqFYgzDcqNg4xnqR1r9EP+Couo2nxL/ZG8B/E7woJLjRrzVtO1JH ZdrLaahYzmJ3X+E5dFI7FsVjmlOrHPaU5J8jat2vboTiFJYyLewv/BHf/kjfjj/sPr/6SxV87/8A BY0j/hZvw9HcaRc/+lFYn/BM79rL4R/ArSPF3gX4s6odBh1e6gv7K8aGWaFnWPypIn8lHZDgKykj aeQSCAD88f8ABQL9pTwt+0l8ZbbVvAayP4b8OWK6faXMqtG12xkaWScRuFZFJYKqsN2F3HBO0bYT LK6z6ddwfJq79NVbcqlh5rGOdtP+Afsr+wh/yj68Pf8AXh4h/wDS+9r+ez9m74a2Hxf+O3gj4b6s WGn63qUMd3sJVzbJmSdVYchmjRgD2JzX9Cf7CH/KPrw9/wBeHiH/ANL72vxL/wCCe6hv2xvhsD/z 83h/KxuDUZNVlTlmc47pyf3cxOEk08Q13f6n9Ds3wC/Z/wDgJp2q/GPwH4J0/QdZ8J6HqDRXNsrI RCkJkfeu7bIxCY3uGfGRuwSD/Lr8LfFHgaT4z6R40+PUd7r3h59Qkv8AWEgCzXN653S7WDvGGEs2 0SZcEqWwc1/Yf4v8Pw+LfCet+FbhgsWs2NzZOSMgLcRNGTjvw1fyF+Aho/wJ/aEs7H43eGY9c03w tqk1lrelzIJVkjG+3lZVfCuU3ebFkgMVU5AOa4+BcS6tPE87cp2XXW2uzfn+JnlE3KM7u7/Hqfd3 7Wv7Vf7F/wAc/hBP4X8C+BtR0TxZpphfRrtdLsbOOHbIokid4Lgt5LRbhtCkbtpxkV2X/BHTxtqE Hjzx98OWlZrG+02HVljJ+VJbWZYGYehdZ1B9do9BW98d/jz/AME6vBvgWHUfgr8PvDXjTxRevD5V pLpU8EEEJOZHuGdIiCFBVUVi24gkbQc/SH/BOj4g+BPi1L4n8XeDvgnpHw4OlRRWEur6bIGF48zC VrZVMKMoUIjv+8bqmR0NXjqnJlNSnGhNQb+21dO66N3tfsOtK2GlFQaXmfqRX5S/8FfYLmT9nLwz NFkwxeKbUyADpmyvArH2HT8a/VqvnH9rL4JN+0F8BfE/w2syqarcxLc6a7kKq31qwlhDMfurIQY2 PZWJr4DIcXGhjKVWeyaueLg6ihVjJ7XPy5/4IzXNiuofFmzcgXskWiyR+piRrwPj2DMmfqK/dSv5 E/2d/jn48/Y5+Nc3iCTSXae1E2l61pF1mB5Id4MkZJBMcqOgZWwcEYIKkg/sl4h/4K5fs/2vhKbU /DGh63f680Z8nT7mCK3QS4482dZZFVM90Dn/AGa+x4u4cxdbGuvQhzRnbb0S/TfY9TM8DUnV54K6 Z+mtn408Haj4hvfCOn67YXOu6bt+1WEV1E93b71Dr5sKsXTKsGG5RkEHpX5uf8FZvH+r+Fv2d9N8 KaTK0K+LtXitrsqSC1rbRvOyZH96RY8+oBHevxD8FaR8VP2rv2i4n06SWXxT4v1Q3l1d2wZFso3k DTXGQf3cUCH5eeAFUZYgH92P+ClHwR1Txl+yvajwlFcahcfDy4t7/YzNPcS2MML287MzZZ2RGErs TkhGJyaxjkNHLswwqqVLtvVW2fTrtfb0JWDjQrU+aV7/ANfmfEH/AASv/Zp+HXxQm8UfFX4j6Tb+ IY9BuIbDT7K8jE1ss7oZJZpImykhClAgYEAlmxuClfbv+Cnv7LPws0T4RxfGnwF4fsvDWr6JeW9v eLp8CW0F1a3TeWC8UYVPMSQrhwNxUkNkbdvxx/wTx/bI8K/s1atr/hH4lpMnhXxK8VwLu3jMz2d1 CpXc8a/M0ciEBtoZgVXCkE49Z/4KFft3/Dn43eBrT4QfBuafU9MmuorzUdSlgkto3EGTFBDHMEkP zkO7Mi42qBnJx7uJwmYvO41I39nda/Z5bart307nZUp1/raavy/hY9C/4I8+OtRvYfiL8KdRf7Rp MaWuqW8L/MiPLuguRg5GJFEWR0+X3Nfnb8afCOufsgftZ31v4eVov+ET1iDVtHLE7ZLNnW5tlLfx DYfKk7Ehh6iv1N/4JE/BvXPDXgzxX8Y9etntofFTwWWmBwVMltaF2mmAPVHkYIp9Y27YNZ3/AAV5 +C39qeFvDHx30mDdcaJJ/ZGpso5NrcMXtnY9ljm3p9ZRUYfNKUM8rUF8FSyfbmS/4derJhiIrFyh 0lp8zmv+Cpf7RekeKPhN8OfAng278y08cQQ+JrjBw32DZ/oiuPR5GdiOzRCvZf8Agk18GP8AhDvg 1qnxc1SDZqPjm52WxYfMunWLNGhGeR5kxkJ9VVDzxX4N+EtI8afGvxx4P+HMF1JfX929romneZ8w t4HlO1eOkcZkdznoM9hX9jfgnwjo3gDwdongfw7F5OmaBZQWNsvfyrdBGpPqxAyT3OTXBxRCOXZf DL6b1k236X/4b7jHMEqFFUI9T+Qj4meOdP8AiT+0Prvjr4g3N1d6Pq/iB5r14MNcjThcbdkIYqu5 LcBIwSAMKMgV+lXxi/a8/YE+IXwS1X4VaF8OtT0qSKxkTRpotJsIWs7xEP2eQSpdGQDeB5h5LqWD Zya/Pn42+CLn9n/9qDW9C8VaRFqVnoOvLfpZzj/R77T2mFzCjZBBSaEhWHOMsvUGv07+IHx2/wCC ZmkfCi48XeAvAWhaz4rubbNlok2kyRypcsANt020RqkZOXKyHcARGWODX0+aRpyWGlCnOS05eR6L a1/89rHoYhJ+zai32sfK/wDwSr8bah4c/amtvC8ErCz8WaZe2k0eflLW0Zu43I9V8lgD6MR3qb/g q9/ydX/3AtP/APQpq+xv+CfXxZ+HXxl+Kcy+GfgDoPhDUPDllJczeIdMfb9mMwMKxJG8JYPMGcDE udgfqAa+Of8Agq9/ydX/ANwLT/8A0KauPC1nPPW5Q5Xyaq6fXfRvpYypzvjNVZ2P0M/Yw/Ym/Z/1 79mHw3rvxF8IWniLWvGNq19dXdzv85I53YwpA6srQhYgvMZVi2TnkAekftnfAP8AZB1Xw/pPjb9o PWrvwlZ6HZx6RpslldOjLFHudIbe18ucSOATnbEW2gbjtUY+hP2RVC/su/CoD/oW9MP526Gvww/4 Kwap4luv2n4tM1eWT+zLHRbI6bGSfLEUpcyuq9NzShgx6kKATgAD5XKvrGNzWcHWlGzk9H0vay6L /I87D89XEtczW57RZ/tu/sU/Bn4dx/C/4TfCm58Z2tvAYJrnWbaytv7QY53SXMxSWSQsSc5hUAfK qhQAPzr/AGXb5B+1V8MLzTofskU3ivSwkQYt5cct4i7Nx5OFbGT1r9Rf2dvif/wTr+D/AOz3onjb UrHS9S8eWmno+oW19Z/bNXl1VU/eRwCZHWONpOI3TbGEwWOd1fl1+zzrsV/+1f8ADrxHdolql54x 0u4dR9yPzr+NsDpwu78q+1y2nBQxShTmtHdyb9567L/LuetQirVLRfq+p+of/BZHxhfRwfDTwFbz ulpM2o6lcxAnY8kfkw27EdCUDTAf7xr0T/glf8AvhzJ8Fbj4ua/olpq/iDXb+5t45ruBJvs1pbER iOIOGCl3DM7DBYbQeFqj/wAFffhVrHiDwD4N+LGkwma38K3FzZagFUlkh1DyjFKx7IkkWw/7Ui18 x/sC/t8eCf2fPA2o/Cv4sWl4dJF1Jfade2USztG0wUSwSRllO0su9GGeWYEAYNfPUKNWvkEKeD1k nqlvu/8AgP0OGEJTwSVLfr95zf8AwVN+Bvgn4T/Fnw94o8CadDo1p4ys55bmztkEcC3drIoklRFw qeYsiZUADcC3VjX1r+z3441D4cf8EqPEXi/SLl7K/tYNYht54zh4pru7NtG6nsytICD2Nfmr+2/+ 1PD+1P8AFC117Q7GXTfDWgWxs9NiuNvnyB3LyzyhSQrSHaNoZgFUc5Jr9RP2WPhzqHxb/wCCYer/ AA80hVfUdYi1lbRG4V7mK6aWFSe26RFGe2c13ZnSnSyzCxxm6nG9+2u/yNq8XHD01V7q5+PP7LHj L4JfD/4u2XjL496NdeIPD2lwSywWVtBFciW+yohM0U0kaNGgLvgk/MFyCM19Pftu/tGfso/tA+F9 IvPhN4S1DQPGWmXSq11JYWlnDPYMjh4pTbzuWZX2GPK/KNwBAJr5v/ZV8ZfCP4cfGeCb9oPwxDrv hS5hmsL2K7tvtDWMrMpW4EJG4tG6bXAG4Iz4BOFP35+0X+0L+wZ4Eg0i1+Avwv8AC/jzUJ5S9802 nTW9rBbheFV2WNmldiMYDKoDBuSBXtZirZhCcaU5Sto0/d9H0+/yOuuv3yai2/wPdf8Agj1421DV vhd458B3UrSW/h3U7a7twxz5a6jE4ZF9Bvty2PVie9fsJXwV/wAE/vFHhD4g/DHVviF4N+E2n/C2 z1K8Fr/oEgkXU/sikGX/AFMRCRvIyLkt82/B4NfetfkXE1Tnx9WXLy67aPWyvtdbnzOPletJ2sFF FFeEcYV4B+yd/wAms/Bv/sTPD3/pugr3+vAP2Tv+TWfg3/2Jnh7/ANN0FAHv9FFFABRRRQB+H/8A wVd/5H/wJ/2DLn/0cK/Rz9iz/k2DwB/14/8AtRqyf2kf2P8Awf8AtK61o+t+JtbvtKk0a3kt41tB EVdZH3kt5isc59K92+E/w5074SfD3Rfh3pF1Le2miQ+THNOFEjjcWy20AZ57CvcxWOpzwdOjF+8t /wATOMXzNnolFFFeGaH81H7e4Zv2uvHCpjcX0wDPTP8AZ9t1zX11/wAE+ND1nSvinez+Mp9IleXT 8WAg+xmcPkFtvkqHHy9efrX1N8Z/+Cf/AMO/jX8S9Y+Juu+ItTsb3WfI8yG3EPlL5EEcA27lJ5WM E5PU1c+CH7Bfw++BnxBs/iHoHiDUr+8s45Y1iuRD5ZEo2nOxQeK+wrZvQlhFR5teVLbrYwVN81z7 rooor483PPvH3wv+H3xJgtv+E80C11z+zRKbb7Sm/wAoyhd+303bFz9BX8z/AOzB4f0fxL+0N4H8 O+IrOO+0691OOKe3lG5JEOcqw9K/qfZd6lT3GK+APh1/wTy+GPw2+Imj/EjStf1O4vtGuxdxxS+V 5TuM8NhQcc9q+gyjM40aVSE29Vp+JlUhdo+3fCfg/wAMeBdFi8OeD9Nh0nTIWd0t4F2xq0h3MQPc nJrpKKK8CUm3dmoV/Kv+0gk0n7SfxGjtxulbxNqQQEAgsbp8deOtf1UV+dPjX/gnD8N/G/xD1n4j X3inVre81rUptSkhjWDy0knlMpVcoTtBOBk5xXu5Dj6eHnKVR7oyqwb2KX7E3w0+Pvg7xj4g1H4z 6JZafayWKJZyQWVhbP5pkG4brWKNiNvYnFfpHRRXlYvFOtN1JJL0NIq2gUUUVzDCiiigD//U/fyi iigAooooAKKKKACiiigArlPHfg/TPiF4H8Q+Adakmh0/xLp13ply9uyrMsN5C0MjRs6uocK5Kkqw B6gjiuroqoTcWpLdDTs7o+BfgZ/wTo+CX7P/AMS9L+Kng3W/EN7q2kpcJFFf3NpJbkXMLwPuWK0i c4VyRhxzjOelffVFFdWNx9bEz568uZ7amlWtKbvN3Cvzw+Ln/BND4E/Gf4j658T/ABRrviS11TxB Ms88VndWaW6sqLH+7WSzkcDCjq55r9D6KeCzCvhpOdCTi3poFGvOm7wdivaW0dnaw2cWSkCLGueu FGBmvHvjh+z98K/2h/C6eFfihpAv4bdmktbiNjFdWkjDBeGVeVzgblOUbA3KcCvaaK56NedOaqU3 ZrqiIzcXzJ6n5DS/8EePgw2omWHxvr6WOT+6K2rS47DzfKC/+Q6++fgF+zJ8If2bNDn0f4ZaW0M9 9s+2X90/n3t0U+75kmAAo6hEVUBJIXJJP0BRXpY3P8ZiIezrVW12/wCGOirjKs1yyloeL/G39n74 U/tC+G4/DHxS0ZdShtWaS1nR2hurWRhgtDKhDLnjKnKNgblOBX533f8AwR4+C73wksfG3iCGzzzF ILSSTHtIIkA/74NfrxRSwOe4zDR5KFRpdun4io4yrTVoSsj5J/Z4/Yo+BX7Nd02teCdPuNR8Qujx nVtTkWe7WN/vJHsSOKIEcEogYjhmIqb9pr9jv4ZftVzeHZ/iHqer6c3hlbpbb+y5reEOLsxF/M8+ 3nzjyl27dvU5zxj6worL+1sT7f6z7R8/fqT9Zqc/tL6njHwD+BnhL9nX4dW3wy8E3d9e6Xazz3Cy 6hJFLcF7ht7AtFHEmAemE6dc14B+0H/wT/8Ag3+0l8QD8SPHOsa9Y6mbSGz8vTbi1ig8uAsVO2a1 mbcdxz82Pavuaipo5piKdZ14Tam936ijiJxk5p6njo+CXhRfgT/wz2Lq9/4Rz+wj4e8/zI/tv2U2 /wBn37/L8vzdvOfL27v4ccV89fs+/wDBP34Nfs3fEFfiT4H1nX77U1tZrQR6jcWssHlz7dx2w2sL bhtGPmx7V9z0UU80xEYTpxm7S38wWImk4p6Pc8a+PXwO8J/tEfDm7+GHjW7vbLS7yaCd5dPkjjuA 1u4dQGljlTBI5yh46YrzL9mb9jn4Y/sqXPiG6+Hup6xqL+JEtkuP7Umt5ggtDIU8vyLeDGfNO7du 6DGOc/WVFTDMa8aLw8Zvke66f1oJV5qDgnofNn7Qn7J3wZ/aYsbaL4kaZIupWKGO11OxkEF9AhOS gcqyumSSEkR1BJIAJJr4as/+CPPwYj1Dzb7xtr89kCD5SC1jkx6GQxMP/HK/XiiuvB8QY3Dw9nRq tR7f1sa0sbVguWMtDyn4O/BL4afAbwingr4YaOmk6fvMsrbmknuJiMGWaVyWdiBjk4A4UBQAOD/a C/ZP+C/7S1lbp8SdKf8AtOyjaK11Oyk+z30CMclQ+GR1zkhZUdQSSACSa+kqK4oY+tGr7eM3z976 mKrTUudPU/IVf+CPHwZF/wCY/jfXzZf88gtoJf8Av75RX/yHX3h+z/8AssfBv9mrTJ7P4aaUyX96 ix3epXcnn31yqnIDyYVVXPOyNUTIB255r6Kortxuf4zEQ9nWqtrt/wAMbVcbVmuWUtDxf42/s/fC n9oXw3H4Y+KWjLqUNqzSWs6O0N1ayMMFoZUIZc8ZU5RsDcpwK/O+7/4I8fBd74SWPjbxBDZ55ikF pJJj2kESAf8AfBr9eKKnA57jMNHkoVGl26fiKjjKtNWhKyPkn9nj9ij4Ffs13Ta14J0+41HxC6PG dW1ORZ7tY3+8kexI4ogRwSiBiOGYivraiiuLFYurXm6laTk+7MalWU3zSd2FfIf7RH7EfwK/aUvF 13xjYXGl+IkRY/7V0yRYLl0QYVZg6vHKBwAXQsANqsBX15RRhcZVoTVSjJxfdDp1ZQfNF2Z+P1l/ wR2+Ecd8smo+O9cnswQTHFFbRSEdx5hRxn32fhX1eP8Agn5+yynwtn+FUXhJFtbhhK2p792rC4UY WZbtgWBH9wDyuSPLwSD9pUV6eI4kx9W3PWeny/I3nj60t5M+Wf2Wf2TfAH7K3hjUdH8LTSatqmrz mW81O5RUnljUnyIcLkKkSnoD8zlm4yFX6moory8Viqleo6tWV5PdnPUqSnJyk9TP1XSdL13TLvRd bs4dQ0++ieC4t7iNZYZopBtdHRgVZWBwQRgivzU+If8AwSh/Zv8AGGrXOs+GbzV/B73J3fZbKaKa yRj1KRzxvIoJ/hEoUdFAHFfp3RW+BzTEYZt0JuN+xdHETp/A7H5LeGP+CQXwM0y9juvFHirXdbij 5MCGC0jf2YrG74/3WU+9fpl8PPhv4H+E/hS08EfDvR4ND0Wyz5dvADgs33ndmJZ3b+J3JY9zXb0V pj85xWKSVeo5L8PuKrYqpU+OVz4m/aM/YM+EH7Tnjq1+IPj3V9dsNRtNPi05I9MuLWKEwwyyyqxW a2mbfulYEhgMAcdSfStabTP2Rv2ZrmTwlp114m074c6Tuhtrm4SK4uIIDlzJMkOwFVLMSIsYHSvo +qt/Y2WqWNxpmpW8d1aXcbwzQyqHjkjkBV0dWyGVgSCDwRU/2nVnGFKs3KEXsL6xJpRk7pdD+ca5 +Iv7A37U3xRtpviF4R1n4S6r4hmc3erafqNqmneeylvMufOiZI97DDSLEuWbc5+8w6v9qjwt+xD8 DP2etU8CfAjWrHxZ408VXNnG99Dfw6rdx2tvMtw/mTQfuoEJjUbUVGclSQwXK/SHxL/4JAfD3xDr lzq3w08bXXhS0uHaQWF1ZjUYot3OyKQTQOqDtv3nHc1w3hv/AII120eoxS+L/ig89grDzIbHSxFM 655Cyy3EiocdzG30r9Kp5zll6c44majGz5HzPbbo/uvY96OKw/utVGkumpD/AMEa/Dl8o+KHi2SI rZv/AGXYxSEHDyp9ollUHplQ0ZP+8K+wfjP/AME2/gb8c/iZrfxV8W654jtNW15oWnisbmzjt1ME KQLsWW0lcZWME5c856DgfW3we+DvgH4E+BbP4efDiw+waTaM0jF28yaeaTG+aaQ8vI2ACegACqAo AHqFfE5lxFVnjqmLw0nHm087K3+Vzya+Ok60qlN2uZ2j6Zb6JpNlo1ozNBYQR28ZcgsUiUIpYgAZ wOeBX582X/BMf4C2PxSg+LcWu+JTq9vrK64sLXVn9mNylz9pCFRZh/L3jGN+7b/Fnmv0XoryMJmV ehzexm1zb+ZzU684X5Xa54x8dPgF8NP2ifBh8E/EzT2urWOTzra4hfyrq0n2lRLDJg4OCQQwZG/i U8V+f+j/APBIH4D2er/a9X8V+INRsFYMlqHtoScdVklWEkg99oQ+hr9Z6K3wWeYvDwdOjUaXb+ti 6WLqwXLCVkfnB4//AOCWf7MHjnXU1mz/ALY8KRR20FsLPRp7aK2xAuwSET208jSMAN7lyWPzH5iS fuCx+G3hyL4YW/wj1nzte0GPSU0ab7e4ea6tVgFu3nvGsYLug+ZlC8nIwa7+issTmuJrRjGrUbUd r9CamJqSSUnex+SWrf8ABH/4HXesveaX4u16w06Ry32XNtKyAnO1JWiB2gcDcrH1JNfofY/A74ew /Biz+Amr2b654RtNOi0sw3zB5JbeAAIXeMJh1KgqyBSrAFcECvXqK1xmeYuuoqtUb5dV5PuVVxdS duaWx+SOo/8ABH74HXOtNd6f4v1+z0x33fZc20jqD/CszRdB23Ix9Se/sfjD/gmV+zV4s8I+GPBl sureH7Pwubt1l02e3W5vZb3yvMlvJZ7eYyOPJUJjaFGQBjAH6F0V0T4mx8nFus9NvyLeYVna8noe NfCX4HeEvg38HrL4JeGLq9utCsYryFJrySN7srfTSzSFnjjjTIaVguEGABnJyT8ufBv/AIJsfAz4 H/EvRPin4U1zxHd6toLyyQRX11ZyW7GWF4TvWK0jc4VyRhxzjtxX6EUVx082xMfacs37/wAXne+/ 3mUcTUXNZ77hXx7+0V+w98C/2lL4eIfF1ncaT4kWMR/2rpkiw3EiIMIsyujxyhRgAsm8AbQwFfYV Fc+ExlWhNVKMnF90RTqyg+aLsz8ktA/4JAfA+w1NLrX/ABbruq2kbhvs6G3tg6j+F3Ebtg9yu0+h HWv06+H3w88F/CvwlYeBvh/pMOi6JpqlYbeHJAycszMxLO7HlnYlmPJJNdnRXVj85xWKSVeo5Jfd 9xpWxVSp8crhRRRXmHOfKH7QP7FvwH/aQn/tbxxpMljr4QRjVtNkFveFFGFWQlXjlAGMeYjEAYUg V8aWn/BHj4Mpeb7/AMca/NaZ/wBXEtpHJj/ro0Tj/wAcr9eqK9rCcRY2hD2dKq0u3+V9jqp46rBc sZaHgXwJ/Zk+Df7OWky6d8MNDW1urpFS61CdjPfXQU5HmTN0XPOxAqZ5C5r3tlV1KOAysMEHkEHs adRXl18RUqzdSpJtvqznnNyfNJ3Z+cnxe/4Jgfs4fE/WrjxHoqX3gm/u3MkqaS8Ys3dup+zSo6p9 Iii+1ct8OP8Agk9+zz4P1iDWvFuo6r4yNuwZbS6eO3s2I5HmJCokcZ7eZtPRgRxX6iUV60eJceqf slWdv667/idKx9ZR5eZlSwsLHSrG30zTLeOzs7SNYoYYUEccUaDaqIigBVUDAAGAK434o/Dfw18X vh9r3w08YJI+keIbZracxFVlTOGSSMsrKJI3CuhKkBlBII4rvaK8aFSUZKcXqtTlUmndHwV8Cf8A gnX8Cv2fviPZfFDwpqOuarq+mxTR2y6pcWssETToY2kVYbWFt4RmUEtgBjxnBH3rRRXRjcfWxE/a V5OT21NKtaU3ebufNn7Qn7J3wZ/aYsbaL4kaZIupWKGO11OxkEF9AhOSgcqyumSSEkR1BJIAJJr4 as/+CPPwYj1Dzb7xtr89kCD5SC1jkx6GQxMP/HK/Xiiu3B8QY3Dw9nRqtR7f1sa0sbVguWMtDyn4 O/BL4afAbwingr4YaOmk6fvMsrbmknuJiMGWaVyWdiBjk4A4UBQAPnH9oP8AYA+Df7SfxA/4WP45 1jXrHU/skNn5em3FrFB5cBYqds1rM247jn5sdOBX3JRXNQzPEU6rrwm1N7vqZwxE4y509TjPh34G 0n4ZeA/D/wAPNBlnn03w3Y2+n28lyyvO8VugjVpGRUUsQOSFUZ6AV49+0b+yj8JP2n9Hs7D4iWs8 OoaZvFlqVjIIry3EhBdAWV0dGwMq6MB1XB5r6UorGjjKtOr7aEmpb3JjVlGXOnqflV4M/wCCR/7P 3h/WotV8T65rXiW3glDrZSyQ20Eig52TGKMSMD32Oldb4n/4JY/s4eIfGd54103UvEHhma5uRdRW mkXFlb2lrIpBAt0ezkZFDDIG44PTjAr9KKK9SXE+YOXM6zv/AF02Oh5hWvfmZ8XftpftJaT+zf4F 0e48VeCf+E60DxVPNpd7FJcJDGqmEvtkR4ZElEqh8qQo4P0r8n/hJ4C/4Jt/tC+JNUm1C81r4RTW gSdbDUdasoNPuFctuW3nuY5HyhAypkU4YbcgHH7yfF/4Q+Bfjl4D1D4dfESx+26Tf7Wyp2TQSpyk 0L4OyRD0PQglSCpIP5G+I/8AgjVZyXksvhL4oyQWpP7uG+0oSyKP9qaK5jDH6RLXv8OZjgaeHlTq VZUqndXafy1Xlt8zswNelGDUpOMu+p8Wft43v7Nuk6r4L+GH7NBs7nRvC1rdvfXljJ9piuLu8ePl rrLGeQLENzBmUAqqkAbV/a//AIJxeHL7w5+x94Gj1GIwzaj9uvgrAg+VcXcrRNz2aPaw9iK+Vvhh /wAEgPh/oGswap8UvGlz4qtIWDfYLO1/s6KQj+GWXzppGQ9wnln/AGh3/X/TdN0/RtOtdI0m2js7 GxiSCCCJQkcUUShURFHCqqgAAcACjibPMNUwlPBYabnZ3cn137+oY/F03TjSpu9up8NfH3/gnZ+z /wDHrxDc+M7qK88L+Ir1i9zd6U6IlzIerzQSo6Fz3ZNjMeWJNeMeC/8Agkb8AdB1WHUfFmva14mg hbd9keSK0glH92Qwp5uP9yRD71+rNFfPUeJMdTp+yhWaX9ddzijjq0Y8qk7GRoOgaL4W0Wy8OeHL GHTdL02JILa2gQRxRRIMKqKOAAK16KK8Vtt3ZyNhRRRSAK8A/ZO/5NZ+Df8A2Jnh7/03QV7/AF4B +yd/yaz8G/8AsTPD3/pugoA9/ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooo oAKKKKACiiigD//V/fyiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAK8A/ZO/5NZ+Df8A2Jnh 7/03QV7/AF4B+yd/yaz8G/8AsTPD3/pugoA9/ooooAKKKKACiiigAooooAKKKKACiiigAooooAKK KKACiiigAooooAKKKKACiiigD//W/fyiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAK8A/ZO/ 5NZ+Df8A2Jnh7/03QV7/AF5L8A/CWteAPgV8OfAniSNYdX8N+G9I028RHEiLc2dnFDKquvDAOhAI 4PWgD1qiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAP/1/38 ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigD/9D9/KKKKACiiigAor5I/a9/az8PfsneC9N16/0mTX9Y 12d7fT7BJRbq/kqGlkklKPtSMMo4ViSwAAGWXC/Y3/bL0D9rTRda8vRH8N6/4daH7XZmb7TE0Vxv EcsUuyMkEowZSoKnHJBBr0lk+JeG+tqH7vv+Hrvob/Vans/a20PtSiiivNMArEs/EvhzUNa1Dw1Y araXOr6SsT3lnFPG9zbLON0RmiUl4xIoJQsBuHIzW3X5Nap8Stb+D37SX7ZnxP8ADmjHxBqfhzw7 4Ru4LIbsSOlg4y+35vLjB3vjnYpwQeaAP1lor85/2W/2jfjN8WPGej21/wCJ/AfxE8Kavp811fXH hiaSy1HQrlFVo47mxvLh55IpCfLVhEGDcuQMZ8b8IftrftA+P/GWqJ4YvfAsOoaZ4hl0pvh7qcs2 m+JXs4rnyGdLu7uIrd7nZ+82ojJjjG/5aAP18or5m+GHxj8U+M/2kPjb8IdVt7SPRfhwnhltOkhR 1uZDrNlLcXHns0jI210ATaiYGc7jzXyPqf7fHjDw9+zFpHxQ1ax0RPGXivxffeFNM+1SSWWjWxgu 5oVvL53lZ1hhii3TEOMk8bRnAB+qNFfm18Af2wfEviD48ad8BvH3izwV8QG8S6XcahpuseCrhnjg ubQb57K8heabB8sM8UgZchcFSSdv298KB8Wh4JtB8bzop8W+ZP8AaDoH2j+z/K81vI2fav3u7ytu /PG7OOKAPR6KKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKK KKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooo oAKKKKACiiigAooooAKK8v8Aix8avhZ8DfDyeKvix4ktfDmmzSiGJ5yzSTSnnZDFGHllbHJCKxA5 PFcp8Gv2oPgN+0BPfWfwk8X2+uXumqHubQxzWl3EhO3c1vdRxS7Q3BYLgEgE8igD3uiiigAooooA KKKKACiiigAorzfxJ8Xvhn4SsvFd/r3iK1gj8DW0V5rioxml0+CdGkiaeKIO6l0Usq7dxXkDBBPc aTqlhrmlWet6VKLiy1CGO4gkAIDxSqHRsMARlSDggGgDQooooAKKK4Dx/wDFDwP8L4dGn8cal/Zy a/qEel2WIZZjLdyRyShNsKOVAjidmdgFUKSxFAHf0VyXgTx14U+JnhDS/Hnga/XVNB1qLz7S6VHj EseSu4LIquOQfvKDVXTPiP4K1jx3rXwz03U1m8TeHba1u7+zEcgaCC83eQ5cqI237TwrEjHIFAHb 0UUUAFFFFABRRRQAUUV5Z8W/jZ8LPgT4bj8W/FnxFB4e0yaZbeF5VklkmmYEiOGGFXllbAJwiEgD J4oA9Torx34PfH/4P/HzTL7VfhL4kh16PS5RDeRCOW3ubWRs7Vmt7hI5o921tpZADg4JwcexUAFF FFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQB//R/fyiiigAooooA+WP 2r/2UvCH7Vvgyw8N+INQm0TUtGna40/UIEEphaRQsqPExUPG4CkgMpyqkNgEHE/ZG/Y68H/sm6Hr FvpOrT+Idb8QPEb2/miFupjt93lRxQqz7FBdicuxYnk4AA+wqK9FZtiFh/qnP+77f1rv0N/rM+T2 d9AooorzjAK+HdQ/Zt+K7fFn9oD4i+FfFtt4Xn+J+laFa6DfWm6a8sbvSLZo3e5ilh8ry3fA+R3Y oW+42K+4qKAPzN+H/wCyh8ZNU/aH8D/G/wCKWleBvCE3gVL8z3Hg6K4jvfEE93AbcNeGSKFEiUEv g+Y2dy8KwK8N8YP2M/2kvjFpWo/DLxpc+B/EWl3WoGaz8dahazDxbYWH2oTLEqQQJE8yIBGCJUjZ ODjjH610UAfAPiH4G/tM/D749eMvit+z1qfhq+sPiRpukWeqR+JnvFns7rRoGtoLmL7LGwmBjYll ZkLOccDmvK7H9gf4gx/sveFvhfe+JdJm+IXgLxXc+KtK1CWKWfTLuZrmWVYb2JkVxHPHJiZVVtrc Auo+b9UqKAPiH4L/AAc+OsHxbT4lfFm28IeFNJ0rT5LSx0TwjbeYtxdTHEl3dXdxbRSjCZVI4yBg /N0YP9L/AAoT4tR+CrVfjdJo0vi3zZ/tDaB9o/s/yvNbyNn2oCXd5W3fkY3ZxxivR6KACiiigAoo ooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiii gAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACvNvjF8R7L4QfC3x R8Tb+1e+h8N2E159njO1pmQfIm7B2hmIBbBwDnBxivSaxvEfh3RPF2gaj4W8S2ceoaVq1vJa3VvK MpLDMpR0bGDggkcc+la0XFTi5q6vr6FQtdX2Pxk/Zb/4KdfEv4q/HPRvhv8AEjw9pcWkeKbg2trJ psc0c9pM4Ji3mSWQSoSArcKRncDgbT+2lfEXwX/4J+fs8fAv4hD4l+E7XUL7V7cyGyGo3Kzw2JkU qTAqxoS20lQ0jORnIOea+3a9niHE4KrWUsDDljbX1OrHVKUpXoqyCiiivBOM+E/2sPhX448afE34 W/Ej4N6toFz8Qvho+pXtp4c1+Ui31G0v40gmlRUPmJJCUHlyBdoYglxtAPmvw9+I9j4g/av8If8A DSHwfvfhZ8YbjTL+y0HU7fUFv9J1m2jQy3MHnW+1GeNP3iRyBymeWDFAfpP9oH9my4+MGv8Ahf4j eBvGV58O/iH4M89NN1q0gjvENvdACa3ubSUqk8TYBCswwc9QSK4/4e/svfEQ/FbQPjN+0P8AFCT4 j674PhuotCtLfS4NI0+we9TyricxRNIZpXj+UMxG3sDhSAD5q8HeMf2sPj38E/En7Wvgz4pL4RtI 5NXu/DnhdNKs7jT3sNImli8q/mmQ3DS3BgdWdWXy8hlAztF7Vfj58ePjp43/AGe9B+E/ixfh7p/x X8J3+say6WNvfvayWyxSObYXKH5w+6JCxK7XLlSwXHpM/wCxN8R9E0XxR8LPhh8Y7jwr8KPF1zeT z6L/AGRDdX1jFqLFru2sdQeVTFFLuYDdEzRg5BLEsfbtK/Zd8O+Gvif8LvHHhLUf7M0b4XeHrzw7 Z6UYDKZoblY0SRrkyAhkEfzZjYuSSWBoA+ENA139tDxXoHxu0mb42DTj8CLnUILO9t9DsWu9ckgt zeRfbi6mONEjCpiKMFi7Fy20ZZ8TP21fH+t2XwK8GQ+KZvh03jzwfbeKvEmuaXokmt3iiVPLW3sr RIpxGJZlk3SMjbFK4IIw/wB5eHP2a/8AhH4fjfD/AMJF9o/4XLd3d1n7Js/s37VZCz2/64+ftxvz +7z0wOteV3n7FWraRoXwk1T4Z/EB/DXxD+EmiroNvrbaal1aalYmIRyQ3Vg8wwrEFk2zZjLE/Mdp UAp/sU/Hnxz8SPEvxC+HXi3Vr3xjpfhWSyuNE8TX2izaHcajZ3iN5kM9tJDAvm20i7N6oPMB3Y7n qP2kPiH8VdQ+M3w1/Zs+EXiBPBt540g1LVNV137LFeXFrp+mqv7q1inDRGWd2KlmB2AAgGvVPgP8 GPGHwym8TeJviV49vPiB4s8W3MU11dSRGysbaKBPLht7KxWSSOBFGdzKd0hwW6Cs34+fs93/AMWN e8H/ABG8C+LJfAvj/wABy3LaXqqWqX0DQXqCO5trq1doxLFKqj+NSh5BzQB8XePvjh+0F8BD8bfg t4k8bf8ACV6x4c8CHxr4X8RyWNrBfQwC4NnJBdQxx/Z5WSbBRjHkjJbOQE6G88Z/tPfAzQPhH8av iJ8Sh4007xzq+jaZ4j0B9MtLW1s49cGI5NOmgjE+60ZgCHZvO6nb0pvx0/Zv13wT8A/j58X/AIje K5fiD8SPFPhWXTWvY7JbC2tNPgAdLOztI3k2qZPndi7M5AOAdxbsPhN+yp8RvFGhfCW9+MvxSn8W +DvAqaZrWj6GNLjsZje28ANmb+8SVnufsm7CjYm8jMmTkEA+W9ZX4ofDb4l/tw/EDRfH11LeeGbD SbjyptP0+SK6ludKMtoZVeBgPsSfukAGJF5lDtzX0m3xC+OHxv8Aiz4Z+BHgLxs3w/03RvA+l+Jd f1ezsba41C9u9RASK2gSeNoYYwP3jOqZz8gAFdp8TP2MPE/jbx38YNf8P/EYaH4e+NOkW9hrOly6 Ql40d1ZWf2O2uIbj7REwVF+Zo8DccgtjG3o/Fv7KXiuHxT4U+J3wZ+IJ8F+OPD3h6Dwze3M+mpqG n6tp1uAyLPaNNGUdJBvR1kJA+U5FAHyt48/aZ/aB+GnwI/aR8H634mh1H4ifA690JbLxJDZQRG9s Nclglt2ntSjW4mELOkm1dvIwNw3n1Ia1+078D/jr8G7H4j/E5fHekfFW7vtO1bS20q1sbfT7qO0N zC1jJCPN2Iw2ESMxZRlsswK9brH7CkWv/Ar4ofDXW/HVxqPjX4u3dre694puLFCZJbOeOWBIrGOa NI4Y0j8uOMS/LuJ3EAKPoX4qfBD/AIWZ4/8Ahb45/tr+zf8AhWuq3Gp/Z/s3nfbfPtmt/L3+YnlY 3bt2189MDrQB+Wf/AA018dNL+IN/Y/FD4wyfCrx7H4gkhtPDHiXQEt/CV1paXO1Y4tVjt5ZSHg+Y XDSKS3Gdp319p/GC8n8a/tW6Bo1kwNr8IvB2s+KpWwJIxqerK2n2CurAruSGO5kUEd845Fcl4x/Y a+JXjHw3q3wc1L403dz8ItZ1Fr6TSr3Sor7V4YmuvtRtINVnmZwgf7kjRs6jjkE5+lPBXwE/4Rjx F8V/Et3qq3N38SGtbaDZCVFhpun2AsrS3+ZyZChMsjNldxc8A5JAPhnwB8c/jn8Ufh/+zb8JPCni qPwz4j+Jmj6nrGveIorC1eeCy0zI8u0tTELVZJ3baW2Dywu4Ak1j+C/E3xB/Zy+Ov7UnjX4l66PH 2qeD/BujX9peyW8dlLfQRR3L20dxHbhY1cP+6d0UBgN+ASRX0rB+xRf6D8MvhJofgjx9Jonj74NR XMOk+Il09ZIbiG9BW6gubB5irxTLtBHm7lK5VgSav/Dv9jfU9P8AEnxU8UfGrx6/xEufi9o8Gkat GNOXTI4YoUli22wjmlCRiKRVRcblZS5dmY4APgHw3+2R8ZdE0Xwb8VG+Jmr+Pdd1e8sZdd8G/wDC F3NnpcWn3hBmisb9bNSJbRW+WUzMsuMneOG92/aE+N3jWx+L3jXwlcftBL4JuNLWAeHfDXhHQn8R 6gz+UGaTVj9ilaOSRyMQh1UIQcnq3s3hb9jv4y6VY+Efhz4i+Od9qXww8FXNtLaaXaaYunandW1k f9FsrvUoLjc8MahVbZGpkUchSFI0Jf2PviToPjP4h6h8LPi5J4U8M/FPUptU1q0OjQXmoxT3K7Zx ZX7yr5QZSwQvE/lcFQTk0AfO+t/tO/tE+Lv2Pvgp8XtMuNQ0mDxPczxeMtd8PaTFqd/Y21rJNAs0 Nm4aNVneLMrhcR/wjkKfp/8AYm+K2pfE/RvFpb4taf8AFvRtNvLcaZerZnTtbtYZYyXh1S08iBUY OpEUiqfMAck5G0Y/hv8AYw8X+A/gh8O/hn8PviteaH4k+GF7f3WmazFY5trmG/lmke2vtOa4MU64 lC7i4I27lC5IPp/7P/7OGr/Cjxn44+LHj/xYPGXjr4gmyXULu30+PS7OKGwjMcMcNtG8nOGO+R3L PheAclgD6qorzjx34X8eeItW8KXng3xk3hay0fUkutWthYxXn9rWSjDWZeRlNuGPPmICw9KP+EX8 ef8AC2v+Ez/4TJv+EM/sb7D/AMIz9hi2/wBpfaPM/tH7du83PlfuvJ27P4854oA9Hrxz4lfDX4Wa v4j8PfGv4hWZnvvhdFqF9p9w8svk2izQj7TKYFby3YJGCpZSylQVwa2/Anhbx54e1fxXe+MvGTeK bLWNSe60m2NhFZ/2TZMMLZh42Y3G08+a4DH0rpPGOi33iXwjrnh3TL1dMvNVsbm0hu3t0u0t5Z4m jSVreT5JQhIYxt8r42ng0AfDH7IOg+Ivil8TfGn7a2taSnhbTPiTY2dhoOlDBuZtKszmLUL4qSvn 3AC7FGdkYAyQQT+hdcR8NfC2q+CPh/4e8H65qseuX+jWUNrNfRWcWnx3DxKFMi2sJMcKnHEaHao4 FdvQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAH/9L9/KKKKACi iigAooooAKKKKACvPNZ+LHw68P8AiKPwprOuwWuqSFR5TbiFL8qHcKUQkEHDMOCDXodfEvxD/ZZ1 /wAW/ES98R6dq9tDpeqTefN5u83ERb74RQpV/wDZyy+h6ZO1GMW/fdjgzCtXhFOhHmdz7aoqG3gW 2t4rZCSsSqgLHJIUY5PrU1YneFc74vu7nT/CWt39nIYri2sbmWNx1V0iZlIz6EV0Vc/4tsbrU/Cu s6bYp5lzd2VxDEuQNzyRsqjJIAyT1JxQB+a3/BPj9pnxt4n+C/jCX9ofXX1HWfB1rb+I31CYIrS6 BqNn9qik+VUDeS0U6MQOCAD6nmP2UP2uPH9h4C+KvxI/aMuNR1aWHX9LGkaPY263F5Guv28d1Z6d axKI9z4nRcOwxg7mGCa5S6/Y1+O8nw9+CXhzR9NXTJdT8M2/gj4jRm7t99tokd9DfF42SXZLIFW4 h/dGQ7ZsDjJHpnj74EftJWM3xovPhhZ3WmWvirxpoGoRw6Xqdtp1/qvhyzsIoL63sroSf6HKzKFV pPLOFIHytyAdD8b/ANsnUbv4O/F3w/onh/xF8LviV4S8OLrtpDrEFskr2clwsC3Vu8E1zEwD/IwJ 4Y45wcer6b+0T4O8Ba78bfEfj3xLq0+m+Ao/Db3drcWsJtrWXUdOieKHTTCxmne6kkXcJVTEzbV+ T5q+BvEX7JPxv1zUvijq3gr4U33hzS/GHw8n0Cwt9U8Swatqlxqg1K3uQ97Nc3kojaaNX2hJWjQR jcUZttfRPxA/Ze+Mfi2++Pd9o9hBaXevaj4F1nw2bq5i+z6jP4as7f7RBKI3Z4lMsTRAyKo3YYZX 5qAO3+Kv7Yvh+TwB4o0fxBpfjP4SeI9Nt9J1OFbjT7I6lNYXWq21mJbVTcyW7AvIsVwjyLJGrsQp YCvXfiH+114Z8FeM/EPgnw74L8TePbrwZbxXPiGbw/ZwTwaWk0fnIkrzzwmSYx/vPKiDtt9xivnb 49ab+17+0p8NPFnhOP4Zr4L0b7Po32fS73UdPudR1HU4NZs7qeSO4huPIitre2hkI3kPK2No/hrt 10H9oD4CfFT4s6h8PfhsPiToXxOvota064h1OzsTY6gbRLaa3v0u5I2MBaMOrwh8KSu3cQAAfQvw 8/aV+GfxT8bad4K8Dy3OonVvC1r4vtr4Rotm+n3d1JaLHkuJVnWSJt6NGAvQtuBUeWT/ALb/AIEu 4dFtPB3hHxH4p8QeIdQ1uws9HsLe1+1sPD8/kXtw7S3KQpCHxsJk3tkfIOcfNnwt+AXx8/ZK8UeA fEPhDwUvxOgt/AX/AAi2pwadqVrYNaan/atxqvmK180Ya2LXLRgqNyhdxUcKeKs/2ZPjFB8JfCmk /Fr4O2XjqWy17xPqN/b6VqyWGvabPqV6Z7a70rUFu4IjBICTJC+1ziMsoIKgA/VD4S/FLRfjD4Kt /Guh6fqGkRyyz281jqtsbS+tbi2kMcsU0WWAZWHVWZSOQTXwt8Tv2h/iv+yN8TPEfhTxpbX3xF0b 4ik3Hw7KopnXWpXjhOhXDoFxFvkWSKVuRHuGXfgfR37H/gz4xeBPhJJovxovLufUX1W+n0221G/X Vb/T9IkcfZLS7vkytxNGAxZ1JXDBQcDA+e9d/ZO8W/tWeIPHHj79pe1n8LS+VLpHgXTILqKabQLe ORZV1ZpLWV4je3EyI5Cudsa+UWII2gFb45+I/wBof4Cfs3+Dbjxb45u11jXPENsPG3iuz09L7+wN PvBJJP8AYrVY2CwQsEhSRkYgEtjc6hen/Zv8Q+Mb3xvNdfDH422nx1+G0+lSyXMeo3Vodb0zVFOb cZtoo28m4G5SsyAoQCOhzbtZv264/hX4N1ubR7Sfx14F1Oa013R5L2ySz8ZaYIzCl3b3Q8w2srZW VVl8nDh96bdqHh/Cnwa+KfxJ/aG0T40W3wtt/wBn6PQNI1mzu7yK70+71HWbrU4PJg8yCxDwtHZy Dz1eclnYKANtAHzt8OPjD8UPiToMusf8NJv4U+P8NzIsngPX7a00rR47lLghdM+zXECzPvjAUSxy vJz/AHskftRHqb6f4dXWfFJh057a1FxfEPmGAom+b5yBlEwfmIHAzX5Z/Ebwh+1H8VPhNd/A34u/ AHSPHHi82Mml2/jiXVdNSw3kGJNVCFVvYJEyJTFFGGZgdoVTtH3+fhZqN7+zwfgnrOtSXV/P4W/4 R641RsmSSZ7H7I9yeQSzMS/UHNAHi/hr9uH4aa7e6Jdat4d8ReGPCfipp10XxNq9lFbaRqH2eKSc lHEzTRLJFEzwmaKPzFGRUfhT9uHwD4j1Twq2o+EPE/hvwt48vU0/w94k1Wxig0vUbmbd9nRSs7zx faQpMBliQSDnivG9F8LftbeL/g54e/ZQ1fwLbeCNJs9Am8N+IPFMt9a39ndafFp0ljF/ZttDKtwJ Lg+W5aVE8oBgQTgVnQ/Dj9pL4nfD/wCE37PHjn4bQ+FtP+H+qaDPrHiQ6paXNlc2vh0qYzpsMLm6 Et2I1GZI4/KDENnPABt/tRftsx6J8K/ionwo0HxLM/hRbrSD4vsbOB9Isdaj2p5fmPL5rCOVhG8i wNGrkAnByPWtW/bE0DwzfSeDtI8IeJviHrPhnSLHUPEk3h+zgni0tbq3E6Cdpp4N00iZkWKIOxXP GRivmLxx8J/2n/CXwN+LP7LvgP4ar4tsvFt/rV3o/iFdVsbe2Fjq87XTxXMNzKk4u4y7RIQvls21 i6qpNc54j/ZO8feE/ir4z8TT/Cm9+J9j45ttNubCfTvFs/h86XqFvZrbz21/FFe2wmhLrvWWMSFV G0AlgAAfrL4H8d+FfiN4K0j4h+D79L/QNctI721uRlQ0Mi7gWDYKkdGVgCpBBAINfKWj/t3fDPWb rTtWj8MeJLbwDrGqLo9j4zmsok0K4u3lMCEP55uFgeUeWs7QiPfwSo5r2D4K/CRvAX7POg/CHULK z0SWHSpLW5ttJkupLS1mu97zJbPeT3Fwyo8jbWeUk4yNowo/LTwB+xV4/wBJ8L6B8FfE3wYTUb3S NShjvPFl54v1FvD1zpsV15v2qHSLXUoJlufLACQ+WiCQByQDtoA+/b/9t/4VabJq2hXWka2vjTSv EcPhgeFhBbHWrq8ucNDNbxfafJa1kizKs7TKnlqSSDgF/jj9tHwX4Q8TeKdB0nwd4n8X2PgID/hJ dV0WyhnsNIbYJZEleSeN5ZIYyHmWBZCi5zyCB81a98DP2l9V+N837bNr4at4fGmhapHpOl+DXm0/ zLrwkoeCd5b0SGFNQm81p0Yz7Y0XyiWBCDz7xd+yb4/0D4hfFiSP4QXXxJg+Iuq3uu6NqcXi650W 0sptTQGWz1Wygv7bfHDIGO+ESNImEDDgIAfdXin9sDwHpmr2mh+APDuvfEy6l0e21+4/4Rm1iuUs 9LvF3288zzzQDdMgLRRJulcAnaBjPX/Dj9pj4bfFfxlpng3wX9rupNX8K2vi+3u2iRLY2F3dSWix Nl/NW4SWJg6GPC9NxOQPk3wV8Lfjl+yd411zWfhr8N4PiDo3jHw74dsjaaRqcdkuk6poNq9oIR/a 1w0rWMqvuVzLJImCGU5ydKTw3+1d8PvjP4X+O+peCLf4mazrHgOHw3rtto99aaWtlqkWoS36sv22 QK1vibyi6lm+QuVGQpAF8Rftra1rvxg+Duh/DLwrrt34a8Sa34l0vVkFrYGW8k0aK4tzHC0l18iw TR/apDlCYQuCWLRH07xR+3H8PPDmr+J/snhTxNr3hTwPetp2v+J9NsY5tI066iKidGYzLPKLfcPP MML7BzyK+W/h38Cv2lPhxa/BXxxq3gVNa13wZ4x8ZX+s6ZY6lZoRa+JVnhiuoJZpFjeNfM37CRJt wCinO3gNQ/Y2+IXhi8+IvgVfg8/xBk8Ua1qN/o3iKTxfe6Zoq2epybzFqum29/bys0G5g/kxkzDg EYLEA+5vit+2J4V8NT+K/Dngfw74g8aS+GNLS91bVdAtYbqx0hLy3ae3eaSSaNpG8vbMVhSQiM7i OMV6X+yX4t8R+PP2afhr4y8X3z6nrWsaJaXN3cyBQ800iZZ22gDJPoBXyjpnwv8Aj1+zpf8AxJ8H /Cr4eQ+O9A+IVtZSaXdwalDZw6VexabHp0sN6moTtcNbL5KyRsjTPs+RiznNfWv7K3gnxP8ADf8A Zx+HXgLxpZf2druhaLaWl7b+ZHN5U8SYZfMiZ42we6sR6GgD5g+Gf7avhXR/h58MtBt9N8afE7xL 440i+1PTXTTrL+0bxLS9aCQXKxXKwQsvLbt3liNMl95CN9efBD42eF/jx4PuPFvhqyv9KfTtQutJ 1DTtUhFvfWGoWTBZ7eeNWdQ65B+ViMEc5yB8Ofsmfs5/GL4Z+JvgrqPjnw8NOg8IeBtd0fUn+1Ws 32e/vdWS5gixDK5ffCC29NyDozA8V9R/sw/Dnxl8O5Pi4fGGn/2ePFHxB1zXNO/exS+fp14tuIZv 3Tvs3lG+R9rjHKjIoA+GvjN+2F8YrLw1+0t9msdX8MRfDnV/D0OlagbeyWOzt5L3TormF2SWWSSa 7SeSWPKMvknkxvhK+2fh9+1x4P8AGXja88A+J/C3iH4eanBo8viC3/4SW0is47vSoGCy3CNHNLs8 ssC6SbHUHJHDAfI/xu+A/wAe/EV7+0b4K8OeBm1fSviZqXhfW9J1RNQsY4ZDpc+mLc2skM80ciOI 4JpAxG0hMAlmUH6N+PvwI8YfFn43aJfWMBt/DNz4H8WeHL7UhJFm1uNaSCKDERdZX4DtlFIG3kjI yAWPB37cHw+8Xat4aM/hPxNoHhXxtfLpmgeJdTsYoNK1K7k3eQiETNPGLjafIaWFBJ7HivePjJ8Z vCfwR8M2niPxRDeahNqt9b6XpunabB9pv9Rv7onyra2iLIGdgrN8zKoVSSRX5a/CT9kbx3aH4ceB vFXwTXT77wZqNhJqvibUPGGo3+kTwaZylzpum2+pRulzKyKY0kgWKEnDIVO0fen7U3w6+IPikfDv 4hfDDTYtf134a+I4ta/seW4S1/tG1aCW2nhimlIiScJLujaQhQQQSM0AZL/tsfDPSvDPibVfGmha /wCGNf8ACt3YWFz4cvLON9YuLvVR/oMVnHbzSxXBuSGEZSXHyndtAqxpf7ZHgzyvGtj428J+IfBX iPwP4eufFVxourW9sl7eaRao7PcWTQ3EkEoBTyyDKpWQ7WwMkeK/Ezwp+1f8d9Ih8e3Xg208My/D /wAV6D4k8LeFb+8t2vdQ/stZVvBd3tvJLbwtcCciBckIUy5GcjL+IHwq+Ov7QmveP/iZrnw/bwS8 Hw18Q+EtB0q71CyuNR1LU9YjY75ZLaV7eKBCojQSS/efzDtGcAHr3hT9ubwb4q1fw5p6eAPGGmWf je1ubjw1fX2n28FvrUltbG68i2JuSyyTRjMBmEaSdmAwT5h8Df25by4/Z88OeOfi54d1zUvF3ibW 9S0rSbHTrK1a51qVL252pYQxT4EdnAixTyTmMBkJ3PuDP6Lr3wa+It3pf7LVrZ6OGf4b3thLrqie AfYo4dGltHIzIBLiZgmIt5PUZXmvis/sn/Ha5+Gvw20nxB8N5dWufgp4i8RFtMh8QR6cfEel+Irm edrixvLS4jktpLfdHhJmiLjcDxuQgH3wf2zvBNt4E8a+MNX8I+JdP1L4bS2y+JNAktLc6tptvdLv jvGjW4MUtqY8yeZFI52KzbeDXjP7TP7dVjovwq+I11+zxbX/AIj1TwppunXD+JLG3tLnRNPl1Rla FZJJp1MkohbeVSGVULIH5yo5zwP8IPjL8OvB/wAUPF3wn+Dlt4a8T+OVsNG0ex1PX5dYvYbUIyy3 +sXF9qFzavFAZGaO3tkaQ/cYOCSPPJ/2Ofjj8MP2e/iz+yR4B05PFvhHxHpdvq2g6y81nZzDWFeA 3un3MbOjnzmh8y3l2lEUiOSTgFQD9YNK8YW9z4KTxx4jsLnwrbpaPeXVtqvlJcWUUaln+0eTJLEC qgk7ZGGO9fLfhT9uHwD4j1Twq2o+EPE/hvwt48vU0/w94k1Wxig0vUbmbd9nRSs7zxfaQpMBliQS Dnivbdc0TXvjb8Bdc8K+K9Im8E6r410K/wBNubKeaG7lsHvoJLf5pLZ2jk2ht3yt044ORXw7D8OP 2kvid8P/AITfs8eOfhtD4W0/4f6poM+seJDqlpc2Vza+HSpjOmwwuboS3YjUZkjj8oMQ2c8AHV/s ofEr4nfGj4+fFfxT4ybxZpGj+G9UudH0/R7tdOi0W0jhitj5M6wSSzvqIMhkJDNEEb77EhVx/Gv7 TvxWbxp+1X4JtNJ1XS7L4deDzeaHfCCzWLT7uPTb6c3UsgmaV/tciRvbDYwCxfOkRJDfSn7Nnw68 Y+ANb+M134t0/wCwQ+LPHmo61pjebFL9osJ7SzijmxE7FMvE42PtcYyVwQT8/wDxN+E/xpl+Jn7S tt4d8GvrWifGbwPDYaZqcV9ZwpBqOn6Xe2iWs0M8qSZnluFCuB5ajlmA3FQDq/gN+2fo/iy2+GPg 7xx4Y8TaJfeN9JiOm6/q1lDBpur3lrZie5aJ0maRN4VpI2kiRXXkYBXO3o/7d3wz1m607Vo/DHiS 28A6xqi6PY+M5rKJNCuLt5TAhD+ebhYHlHlrO0Ij38EqOa53x58BfiB4o8Gfs1eGINKMY8ETWia+ Y54FawhXRJrKRlJkAkKyuFAiLnuPl5r428AfsVeP9J8L6B8FfE3wYTUb3SNShjvPFl54v1FvD1zp sV15v2qHSLXUoJlufLACQ+WiCQByQDtoA/Q/9un4j+JfhJ+y74u+IfhHU5dH1PSJ9GZbqFVaSOKb VrSGcAMCDuhd1PHQ8c1k2n7bHgm3XX4vG/g3xP4KvdH8OX/iu0tNYs7eGbVtK02IzXBsylzIhnRQ C0Erxuu4FgBuK9D+218N/HXxb/Zn8V+APhrpkWs+I9Rn0iS1tJ5YoYpPsmqWlzJ5jzMiBVjiZmBO SBhQWIB+YfjB8Nf2i/2nr+/8SeIfhwfAg8H+BvGGk6XZXGqWV3cavrniTT/sQjieCUxR2sYQbZZm jLMwJUAEqAex6b+3l4I1Tw1pviGD4f8AjJJPFF1BbeGLGTTYUvPEQniaYz2CG42+RFGm+WWVo1RG Rsndit2x/bc+GrQS2/iLw/r3h3XNN8Q6T4c1jSdQtoI7vSZtbyLK7uttw0ZspSABNE8h5B2Y6cL4 z+EHxb8NaZ+zj8T/AAP4bj8ReIPg5psmnan4d+1wW009vqWmw2dz9muJHFv51u8IKhnCuNwD9M8X rP7OPxP+Oum/H7x7488Np4K1j4jaLpumeHNIa8guLuCXQ1e5tLq8nt2aASyXZjKhXJjRMFu9AH0q /wC178IYvHHxZ8AzS3cV/wDBvS01bWZWSLyJbcwfaJBasJSzvEMJIHVMOwUE8kecTft5+DXF7d6J 8O/GWt6boVlp17rt1ZWFrKNHGp2yXcUVxH9qEjyxxSK0ywLIE5GWIIHxjqv7FP7RHifw78P9Z1TT 4rPxV8RNS1eH4qeXc2w8rSdY1a21BliKzFXEUVqIQsTSHDbRxyPT/wBpX9n/AOKniP4m+L/EfgX4 VTf8JPqEEEXhfxp4R19fD09v5dusaprUEt0omEEg4eOJi8KrGoU9AD6t8bftjeDvDfizVvCHhDwf 4m+IV14asrfUdcl8P2UU0Ol293F58Ina4ngLTPF+8WGMM5XPGRiszxh+3F8MtAufBdj4P8O+IviF c/EDRn1zR4/DtjHdPPaRuqyBlkmieORFLMysoA2lSQ+FPxnrP7JvxY8J/Evxb4m8WfDm6+M1z44s tLuV1TSfFVx4cW11i3skt7xL2BLy08y3lmUypIisyJ8m3JAH0j8Fv2cfGvwz+Lfwk1STw7YaboPh PwFqmlXx0y4kksrPVb+/guzb2631zcXrp/rMSMzDA6qCqAA/QO1ma5tYbh4nt2lRXMcmN6Fhna20 kZHQ4JGehNT18/fDn9mvwD8MPG174+8O6jr1zqN/HPHJHqGtXt9aBbh1kbZbzyNGpBUbSB8oyBwa +gaACiiigAooooAKKKKACivOfiP8UvCvwt0231HxM8rG7cpDDAgeWQqAWIDFVwuRklh1HrWv4H8c eH/iH4fi8SeG5WktZGaNlkXbJHIuNyOvOCMg8EjBBBIquR25raGKxFNz9nze92OvoooqTYKKK/JX 4+/Ef4n+DPiZ+1TqPgO9na60LwFolzaKb17dLAul1593bjZIvnRqN4UKpdlALr1AB+tVFfB+m3ni /wAL+CdB/a8+J0Utu3gv4e6gL7RLG+l1Fr1y0V1FcGV1hjLmCDcSY9wadgz7Ytz9P+zx+0r8QfjN q1gmveArGx8P6zpx1C01rQteh16zhcbT9jvjHDCYLja2R94Egjgg0AfZNFfJH7R/7TV98FPF3gj4 eeHdD0/VNe8cC+kt5ta1ePQ9MhjsBGXVrqSKbfNIZVEcSrk8knoCzSf2m/Er3vwm0Txf8PbnwzrH xK1XU9Kuba5vUkFg2m20tyJ4ZEiK3cM4jHluPKyrbu2CAfXVFflL+27+0R8RtQ8H/GH4RfD7Q208 +DtQ8I6fe6zDrD2V08HiGSGXEKJbkoWP+jORLwjtJ22HwHTPD/izSPiX8Y4fHvgm7svDnwZ8CGe1 0yy8d6lN/ZSXenajcs0EzQA3U94wYebMubb5WVZNqqoB+7FFfA/h/wDaY8b6jb6L8PfgN8NpPGt9 4e8K6Hq+snUNbWzWzTUrUS2lmtxJbytdXcsSM25kjTgMzAtgcxrn7VngzwZ8SNU+Knjnwzr/AIeb TvhXZ+ILuzvbiWGSHzdWltl09tKljRFuzcfILkyDcrKuAgDUAfo/RX56+GP23/EEXiHSvDvxU8C2 Hh2bxVpmpahov9m+IYNYJm022a7ksr8RQxm1laJSVYeYhOVHzA1V8B/tt/EbxDbfC3xp4y+ER8Ne AfivqFlo+nakNbivLuK+v42aBpLNbdP9HldGVH8wNtAdkUsEoA/RSivxMuvi78fPEWkeLz41V9Nt 9O+O2i6ZDPb6zJcPbILixSTSo4xBCPsiRkPv3ASNI4aIHLN9p3H7Zsdj8GPGnxA1Dwi0fi/wd4ml 8It4aS+3yXertdR29pHDcmBSUuEljmV/JOF3YDbckA+4KK8p+MPxa0P4H/CbXfiz41hdrPw/arNN b2p82SWeRliigiLBNzSTOsakhRkgnFfKPiD9p/4oaRLD8P8A44/DgfD66+IGiaxJ4fvLLWF1QLd2 Vk1w9pd7YIDBOsfzKyl0ZvlU5BNAH6CUV+bn7F/7S9/8RfBPw2+GPgjS5PGA8PeGNNk8YeIri9ZI dNu5bdTHapmKZ728chjIgZBGPvPvyouap+258RfCmr+GNU8f/CmPwx4R8U63Bo0K3muRJ4jtxdXH kQ3c+jtArJGxwxQSsyqdxPQEA/Reivh+4/bNjsfgx40+IGoeEWj8X+DvE0vhFvDSX2+S71drqO3t I4bkwKSlwkscyv5Jwu7Abbk/S/xP8c658O/hxqfjPTPC174t1ixhjMWjaUDLPc3ErrGI0crwis25 5CvyoCxXjFAHpNFfnbB+3L4g8J+KPFXhH4x+BLPS77QfC2oeK7ceH9di10TQabgzWkwWGBoZhnIZ gUIBPAGT6T+zx+0r8QfjNq1gmveArGx8P6zpx1C01rQteh16zhcbT9jvjHDCYLja2R94Egjgg0Af ZNFfLHxZ8Y6T4f8A2k/gtoV7Y39xdatZ+LJoJra+kht4lsrS2kkE9ksbC7ZwwEWXUxEEjcWwPKPg D+2X42+Ouq+H9T0z4c2zeDPEs00K32m6/BqWo6T5YcxNq2npChthLtwcSN5ZIBzkGgD7+ooooAKK KKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAP/9P9/KKKKACiiigAooooAKKK KACiiigAooooAKzda1ay0DR77XdSYpaadBLczMoLERwqXYgDknAPFaVcD8Vv+SXeMf8AsDah/wCk 70AaPgLxv4f+JXgnQ/iB4UlefRvEVnDf2byIY3aC4QOhZG5UkHkHpXW1+I3wt0DxJ8E/2bv2cfjd 4U+Ieu6jrniHVvDWkXWkz6pLcaRe6dq0nkNp0Ngx8iKS2i+46KHV0dmJJJHmfxW+Jnj9fhvrn7Sf w2134ha0tj4gEtp4vu9Yh0jw1JAdUW1+x2eg/a5WntcZh/1ILEGR8AFaAP6BaK/Gv9pK6+KenfFj 4n+PNQ1jxZrPgvQFtWs9U8A+JYhJ4QFtapJcx6joHnRCZiwaaVpSwaEjO0cLyWofED4w/tG/Fn4k 3Phr/hMvEPh3wjY6PHocvhjxLZeFobJL/Tlu11O7t7i5t2ne4LeZHvBjRAyEHoAD9wa8/wDAHxN8 J/EseIz4Tnkn/wCEV1m80C/8yNo9l/YbfORd33lG8YYcHtX5p/DnxH8Vf2jPGnwp+E/xg8YXuh26 /D6fxHqEnhXWooP7b1SPUjpyv/aGlTOkkccSLcMkEgTzJORhdo9v/wCCe+kPoHhD4vaFJrU3iJtP +JniO3Oo3LiS4uzELdfNmcABpGxl2AwWyaAPv2vDG/aI+G+dcSCS9uW8OeJLfwrerDZzStHqVyIi gwoOYgJkLS/dUZyeK+K7PS9b+Ot98eviP4v+Luv/AA6m+HHiTUtE0htP1F7TTNEs9It4pFvbmyR0 iuvPLtJJ55IaP5VKdvFrHxp4g0vw38R/EHhXxJMsurfHHwzFJqGmySWa3tteRaYJcCNyRDcI3MZZ gVO07hQB+2FFfgpe+NP2lPinp/xc+MWkjxZb6r4Y8RavY6Rqdp4u0vRfDmgx6RIBFb3mm3l3Ckgw Abp50IkVgR0yfcfD/hr4g/tC/Ez47X3jX4i+J/DcXhfSPC95p+meHdeltrCy1LUPDsN1cSxtbSOk qLMu5AjmJiWf5y26gD9TNS8d+EtI8YaL4B1HUUh8QeIYbq4sbPDGSaGyCmdwQCqqm9cliMkgDJrr q/Gr4YW+o/F740fsj/Ezxpr2rza7q/gfUb+7kg1G4t45rjTTZsC0UTqm24LE3KBQs4wJAVAA+wP2 pda8Sax8UPgr8DNP8Rah4T0L4ialqx1a/wBKuDZ3skWk2JuorOK6Qh4ftEhwxQhyqkKwzggH2rRX 5UfFi+tPhV4evfgvpHxq8W+J7q98X6bbWuiaMftniyGG4tDO2jf2rNdRtHFKqeeLl2WSKP5MvuzX yr4p+IPxs+HvhT9ojwFpOseKfBT6PaeCtQ0m11jxANa1TSJtR1mCCYpeQyylEnjYF4DKw2nDcMQQ D+gGivzx8G+FfEHwL/bA8JfD3S/HfiXxRoPjbwrq13qFv4h1OXUx9v02e32XUPm8QuyylWWMKmMD bwMdb+0Pea943/aF+FP7Px8S6n4V8L+I7DXNX1F9Iu30+81KTTUhWGzS6iKyxooleSVUILqAMjGa APuGivyK+IuheJj4u+F/wB8MfHfxBrOnX3jnWtL1K7sr+SHVrKxTTGujpN3eLJIbiWJc7ZZFEib1 OAyq1ebarH8avGPxi+Kfw20dvH/iTRvhJBpujaRLpPjG00aayZ7LzjqWpNd3NvJezztmRZJAYwgZ cY4UA/b6uR8UeO/CXgy70Kw8Tailjc+Jr9NM02NgzNc3kiPIsShQediMxJwAAckV+QsHj74k/GqP 4f8AhXxTqHi7xr4xt/B8dzquheAdZsdM0wXMl3JDFqt7rttfpbytOkQKQRF41OWwDla8+8Nxa/8A G34W/sz3vxG8Ua9c6lb/ABI1Xw+buLWrhLo20K33lO11bOnmXMaxLGt0vzlNwDYdsgH701g+KfEm leDfDGr+L9ddo9N0OzuL66ZFLssFtG0shCjkkKpwB1r8Mr3xp+0p8U9P+Lnxi0keLLfVfDHiLV7H SNTtPF2l6L4c0GPSJAIre8028u4UkGADdPOhEisCOmT+rfxP1fVvEH7Ifi3Xteihg1PUvAt/c3Ud vKk0CTzaY7yLHLGzo6BiQrI7KwwQxHNAHmOm/wDBQn9m+7h03UdXudc8O6Pq/km21TVtB1Cz02Rb jBib7W8PlBHyMOWC4IOcc16T8Vv2rfhb8IPGdh8P/EMOs6prupab/a0Nvo2lXWqN9i80w+a32VHw u8YyeOR6ivItDvfBdh/wTV0C5+IfkHw+vww04XK3O3Y4bSIwijd1dn2iMD5t+3bzivi/4Qf8NC6d 8YvgfH8ObHRbvxgnwKtFuovEs93awJZf2nDt+a2iml88fuRtZQMb8kEAEA/VH4N/tF/Cn47PrFl4 B1Gc6p4eaNNS02/s7jT7+0MwJjMtvcpG+1wCVYAqemc8V7Nf3tvptjcajdErBaxvLIQMkIgLHjvw K/I74y+Df2hvhLpvjf8AaP8AiB4p0jQvG/xBm8N+DY5vDaTfYdB0ia+SOe7868CvJOd5AdlXyycq egX0fW/D/iH9nn9oLwf8NvCXjTX/ABP4X+I3hnxMdV0/xBqs+ry2txpFss0N/E9wzPEZmkMThSEY nhMgFQD0qy/4KKfs53WjQeKblfElh4cuArjV7jw5qQ05Y2O0O1wsDJszxuBIr7d0zU9O1rTbTWdI uY72wv4Y7i3nhYPFLDKodHRhkMrKQQRwQc1+On7OXhL9sn4m/sUeF/hp4UHgXR/BXiXw9Npi6jdz ajcarHYXfmQyubVYFtzNsZtoMpTOM194fEfwzP8ABD9ibxX4R8JardR3HgT4f6hZ2OoJI0N0smm6 VIkVwroQY5A0YcFSNpxtxgUAfVNFfk/4ctPFnwf0z9mj4n6L8SfEXi/V/ijqmk6Xr9rqmqzX9lqV tq+nyXMtzDbSsUg+xsimNoQuE4csT83h2k33xU0L9m/Vvj+3xU8Uf8JB4l8W3XhKOa71WSbTtF0q 61/7G1ylvLlTNCquIpXYmMSALgIm0A/dGivx2/aK1/4i/sTeKrWH4ReMdd8UWXijwd4nurqx8Q6n NrT2N7o1vHNBqsZuizR7nkIkUERvg/Jxlel8T+CfEnwgj+BfiHwv8U/FPiaT4r6tZ+HPEUV7rtzc JqNprdlK8uoWS7/9DltdvmQyWxQxjaMnowB96/Cf9oHwJ8a9W8Q6f4Bg1O5s/Dlw9rJqc+nz2+m3 M8UjxSpaXMihJzG6EPszjg9CCfb6/Cj4X+BfHWn/ALHPgiP4U+J9Sk1PxL4z1Rb7QX8Vvo97rNlp +o6lG9lpFzcSFbeaTCzTiLY021mds53fd/7EnjCPUrbx/wCAry/8WRax4U1O3N1ofjKRbvUdGS+t xJDDHfCSVrq2kCs8Tu24DjG3aSAfdFcZ8QfHeh/DTwneeNPEaXMmn2T28cgtLeS6nzczpbptiiBd hvkXcQPlXLHgGvyX+Pnjv41aP4t+Kf7JHgjxZqsHjT4g+J9L1fwne/bbgXtro1/aS3t+lpIHEkVv bTadLCERgqrNtAAJA8/8W/tF/Eb42fCLxt8c/B3izVdE03wd4a8CaIyaffT2sT+IdW1WyutXkxC6 gywRMlqxPIV3XozCgD9bfGf7RHwm8CaR4v1nWtYLw+A7rTrLWVt4ZJXtLjVHhjtoyAuGLGeMnaTt DZbFe3V+Bnx0+HsGl+Ff2zdT0vWtWa9TxL4StIhdajc3NupvbvSLnzWgkdkaSN/licgtHF+6QhOK +5vBvhbxF8Cv2wPCfw90zx14k8U+H/HHhXVru/tvEGpy6kBqGmz2226hMufKZ1lKskYVMdsBQAD7 f1zx34S8N+JfDfg/W9RS11nxdNcwaVbEMz3UlnbvdThdoIAjiQsWYgdBncQDF4L8d6H48j1qXQ0u UGg6reaPcfabeS3JubJ9kpj8wDfESfkkXKsOQa+I/wBqDwHp/ij9r/8AZlnu9U1ayN1c+I4mFjqV zZqos9LluVKCF1CNI3yTMuDLF+7fKcV8yHxF8UfiB460TwEPiF4i0a11n42eOtGuJrHU54pxpFlb vIlnG5ZtkSIpWIAYhJ3x7WAIAP2qor8Tr7wF8QbPQP2oFX4veNfsXwLS5uvCka63OJIZhpY1Nvtc 2fMu0B2RIkzMqJvwMvkP1j4hfHH9oT44an4ZXTPFusaR4X8J+Gb6HT/CHiS08L4vNbsVvJr+d57i CS4KSN5cSqWjjKfMoLfOAftdXI65478JeG/Evhvwfreopa6z4umuYNKtiGZ7qSzt3upwu0EARxIW LMQOgzuIB/Gi31r9pj4k+GfhnN4r1K98e/2VomqDV9B8FeNrDTtdlaDUWt7bWnfTrlkvUWJFgZEl wtyHJw2VO9oUOg/GXx/+yBrw8aeLNZkN14t0y5utQu5tL1RJtIs7iXy7mO2lKLcKwEE8iMTcRKFk ZlJFAH7T0V/P18VviZ4/X4b65+0n8Ntd+IWtLY+IBLaeL7vWIdI8NSQHVFtfsdnoP2uVp7XGYf8A UgsQZHwAVr6T+Jvhvxx8Rfix+1nfT/ErxXoNj8MtM0q98P2OkaxcWVra3z6At20rRxsNymSJT5eQ hLSMRvbcAD9cqK/GS0v/AIn+AdH+A/xUufiR4j1zWvjH4e1e41+G81CRrAyS+H5dTtmtLRNsNq1t KAIzCq8Zzyc0/wAEf8Jt8OvgL+z3+0VYfE/xL4o8W+MtZ8NadqlrqWrz3tjqltrLiCaxW0lcxLNb oSUlUeZvR3csxJAB+zFFfJf7Zt3448LfCGP4s+AL+9t774a6nZeIruztJ5Ik1LS7N8ahaXCowWSJ rZnk2sCAyKRg818jeMPjZqHjjRPjn8e9N+Iet+HfA0U2leCPCcmho15LPcRyxvf3FjZNLFC91dTz fZobgkFEUndhcAA/Ufxr4u0X4f8Ag3XvHniWRodI8N2F1qV46IZHW2s4mmlKovLEIpIA5PSrnhvX 9N8V+HdL8UaM7SafrFrBeW7MpRmhuEEkZKnkEqwyD0r8LPFmsfEXwVr3xN+H97a+MPDvhzxT8IfG GoSaT4w8RR6/czT2tsyx3qok9wbVmy6MpcbuflAAx9p/sj+Ldbk+LPiHwzq2s3D6Lpfw78BXVpZT XDm1tjLZz/aJYombZGX2r5jKBnA3E4FAH6NUV+CHh34v/G/4h/DX9mj4a2N/4m8TQ+N7XxRqmq/2 Xrsel61rP9m3sywW41S9mjZY4o/mkRZAzRgKMAZHZy337UN94R1z4Tx6zd240jxnYfYvD97460yP xdqOlT2Us1zoo1W1uZpEmikVZo1mKyvASN5VcUAft5RXwv8AsSeMI9StvH/gK8v/ABZFrHhTU7c3 Wh+MpFu9R0ZL63EkMMd8JJWuraQKzxO7bgOMbdpP3RQAUUUUAFFFFABRRRQB4x8Zfg3p/wAXdOsI Jr9tNvdNeRoZhH5q7Zdu9WTcuc7VwdwxjvW/8K/htp3ws8Kr4asLl7xnla4nnddnmSuFUkKCdoCq oAyenWvSKKv2kuXlvocywdJVXW5fe7hRRRUHSFfDHxG/Zc8ZeOfGvx71uHU9PtbD4reDbPw7pxZp Wmt7u3huEaS4QR7RFulXBR3YgH5Rxn7nooA8A8JeEvjE/wCzvB4E8R6lpnhrx/DpEmnRX+kg6hY2 88SGK2nCXsK+YCoRpY3jxksoOMGvlj4H/slfEnwr8fdA+MvibRvB3gNdB06+sr+LwYbmMeJJrtFR Zby3eG3ggjjIMqqgdvM6kgKR+k1FAHyd+058JviT8TW0F/CWn+F/F+hWQuU1Pwz4ttlayvGlCiG5 gu0tp57e4gw4G0bWDc4IBr5n8M/sYfGn4b/DrwFd+BtX0KXxn4E8X6n4ltNIuJb0aDbWWqwvbyaV a3DI9yscSNuid4+XZtw5zX6k1T1DULDSLC51XVbmKysbKJ55553WOKKKNSzu7sQqqqglmJAAGTQB +Y+rfsiftDeN9P8AjJq3jrWPDS+Ivijq3g3UYY7GW8FnZxeG7hGlgZpLcyMfJjURuF/ePkssYPHu PjD9nHxv4g8SftJaxZ32nJD8YvCVjoOkCSWYNBdW1he2rvdgQkJGXuUIMZkbaGJUEAH6z0XxZ4W8 Rz3Ft4e1my1Sa0jt5ZktbiOdoo7uPzbd3CMSqyx/PGTw68rkc10FAH53aF+z7+0h8E9fm8WfA258 Mard+KfDPh/R9ctNcnvIIrfU9As/sUN7aS28EjSwmMkPE6RsdoIbnaOf8cfsN+P/AIpf2xYfEjxt FrP9u/DWy8KXWrSKTevrtpq76sLo26xpF9lWQoFUSB9q7SAfnP6Y0UAfmN4H/ZD+KD6raX3ivwl8 L/Ba6PpOpWnm+FNFh+16tf3dsbeGeW4nsElsYo9xcrbMXZsgkodtepP+zJ48b4F/s9/DEX+mjVPh PrvhfU9Vl82b7PPDoiMtwtq3k73di37sSJGD/EVr7nooA/NDWP2TvjhdeIPF+i2V74ebwjrnxM0z 4h2txJcXaagphntWurWSJbd4uI7c+UQ/zMRuKg/LyFt4E8KfFv8A4KK3mq+ANdi1nwh4Zt7HxJ4p tbYia1i8W6WLrS9PjeRcqtwkTmRk6gw5fnAH6vVxmhar8PYvDt1408M3mlpoV3599cajZyQC0l2F vOuJJ4z5bbSrb3LcYOTwaAOH/aL+D0Px8+C3ij4TS6gdJk1yCL7PeKnmfZ7q1mjubaQpxuVZokLL kErkAg818zaz8Cv2lfjV4i8Nav8AHe68LaZa+BrLVGsbfQpby4Gpavf2L2SXNw1zBF9ngiWRnWNB I27qSMV982F/Y6pY2+p6ZcR3dndxpNDNC4kilikAZHR1JDKwIIIOCORVugD82/hF+xj47+BNx8Nd b+F2o6Tot+nh+Lw74/t7eSaK21JUQmPU7NhbndfW87OyNNGnmodrMnOfArP/AIJ9/Gu28HaF4Ttt I+Httq/hzWrHV7nxUWvZtc8QNa3i3DLc3Etq8lrvUln2vMGdVUBUJYfsXPr2h2us2nh261G2h1W/ ilntrN5kW4nityoleOIne6xl0DsAQu5c4yK1qAPyhtvAnhT4t/8ABRW81XwBrsWs+EPDNvY+JPFN rbETWsXi3SxdaXp8byLlVuEicyMnUGHL84A+1P2qvhB4n+OvwS1r4beENWi0nUdQltJAbh5Y7W6i t7hJZbW5aD96IZ0Uo+znnuMg+k+IPFHws+Etr/afinVdG8HW2s3m3zrue309Lu9m5xukKCSV+p6s etdza3drewi4spkuIiWXfGwddyMVYZGRkMCD6EEUAflt4T/Y3+Nek/E60+I/hqx8C/CaOHwzrGhQ 2nhi3e4a1urxUa3vZTc2SR3zGVdsqSogSNRtaRmOOr+B/wCyV8SfCvx90D4y+JtG8HeA10HTr6yv 4vBhuYx4kmu0VFlvLd4beCCOMgyqqB28zqSApH6TVgt4p8MLf6jpTavZi90eKKe9gNxH5trDcbvK kmTdujSTY+xmADbWxnBoA8P+Jnwg8T+NPj38J/ilpF/bWWmeBLTxLBe7mb7WX1m2t4bd7ZDE8TeW 0TF/MZQBjAfkD5A8N/sb/Ga8+L3gTx140t/Bekaj4L1ganqHi/w7FPY654ihQODb3dlDBBaJ9o3A XLb34HycEg/pvYa9oeqX+o6Xpmo215e6RIkN7BDMkktrLJGsqJMiktGzRsrgMASpBHBBo1rXtD8N 2B1TxFqNtpVkJIofPupkgi8yeRYok3yELukkZUQZyzEKMkgUAa1FFFABRRRQAUVXuru1sYGub2ZL eFSAXkYIoLEKMk4HJIA96sUAFFYOr+KfDHh+Ga517V7PTYrd7eOR7m4jhVHu5BFArF2ABlkISMHl 2O1cnit6gAooooAKKKKACiiigAooooAKKKKACiiigAooooA//9T9/KKKKACiiigAooooAKKKKACi iigAooooAKoarpdjrel3mi6pF51nfwyW88e4rvilUo67lIYZUkZBBHY1frmvGd+ul+D9d1N55bVb OwupjNbqrTRiOJm3xq5Cl1xlQxAJxnigDwDwB+xf+zZ8MfEWj+JvBnhI2l14eBOmRTX99d2tlIyb HmgtrmeSFJnH3pQm8nLFtxYnF1b9g39lXXf7Rh1fwW1zY6lLLcPYnU9RWwhuJ2LSzW1qtyIbeViT +8hRGHO0jJz5v4T/AG0vDej6F8PvAWk+HfGfxN8W+IvBuneJ7drXT7M3d1ZXLyQGe7IuUhgkDxZl +bZl0CM5OB9ZfBb4weFPjt8PNP8AiT4Njurawvnnhe2v4fIvLW4tZWhngniBYLJHIhBAYjuCQQaA PPPiB+yB+z78T/E914w8ZeG5brU9Rjhh1BodRvrWPUY7dQkS3sVvPHHchFUAearEgYORxS+P/wBk D9nf4l69B4l8UeElXUIrOPTnewu7vTFuLGJQqW1wllNCk0SqAqpIGAUBR8vFfAHir9tH4vN4H8f+ JdT03XPDsHhL4radpUcwtLPKaKstos2lbIJZpJbsqZHk+VgRKoSU/cX7l8E/te+BfEOr+LPD/jjw 9rvw11Twdo//AAkV5b+JLaKBm0bLKbyM281wpRCpV1JDBvlAJBwAd145/Zp+CnxD0Xw3oPiDw4sN v4Pi8jRpNOubjTLjT4dgiMVvcWUkMqRsihWQPtIAyOBXS/CX4L/DL4F+HLnwl8KdEXQNIvLyS/lt 0mmmVrmVER3zO8jDKxrwCF4zjJJPh/w+/bM8G+OPEnhbRNU8HeJvB1h493/8I1quuWUNvY6syx+c qRNHPK8TyxgyQrMieYv3eSFrlf29viz8RPhr8PfCuifDeDWre/8AGniLTdIl1TRY7SS4tIZ7iNXh h+1yIourlWKW52lMht7x/KSAeq/ED9kH9nr4oeLrvxv4z8LG61TUvI/tDyb28tbbUfsvEP222t5o 4LnYAAPNRuAFOVGK6i6/Zy+DF5DqcFx4dBj1jxBa+KbpRdXSiTWLLyvIuRtlG3Z5Mf7tcRHbyhyc 8D8Mfjz4Vh+E/jbU7qPxHdf8KbintdafW1tH1a5msLCO/mJNvL5EkuyQKTmNTICBhcMfGfB37Yni HxT+0PqWjL4X1uP4eL4DsPE9uzW1irRC5imvDdTuLkybJI0W2jVc/vw25QmJaAPcvFf7Gf7Nvjbx nqHjzxJ4PS41LWJY59RjS8u4LK/miIKSXdlFMltO4POZI23HlsnmvX9L+FfgLRtf8X+KNM0oQan4 8FqutSiaYi6FnbC0gGwuUi2QjZ+6VM9Tlua82f8Aaa8CJ8PPhb8SjYal/Znxb1HSNM0qPyofPgm1 qNpIGul87aqKFPmGNpCD90N1rxvR/wDgoH8KdT0jxN4uu/C3ijSvCPhMXkV5rt3p8S6e17Z3Itfs ULxzu0txM7x+UqKQ2/5ipVwoB7XL+yx8C5LX4eWaeHXt0+FTA+G2hv72KWxUFGKGVJxJMjGNNyTM 6tjBBGc9z8U/hB8O/jR4eh8MfEjSBqtla3Md5bMssttcWt1Dny57e4t3jmhkXJAZHU4JB4JFeX/D D9p/QviD45i+GviLwf4i+Hnia+sH1TT7LxHaw27X9nGwWR4GgnnXzIty+ZC5WRQc7SASOm+Mfx40 b4Q3/h3w6vh7WPF/iXxZJcppuk6JbxzXEotEEk8rvPLDDFFGGXLPIOvyg4OADmF/Y7/Z4XwAPhsP C7f2Uup/22Jvt97/AGh/auzZ9t+3+d9r88L8ofzeB8v3eKoWv7E37MtnZ6zZReEGZfEdva22pu+p 6i818tleLfwPcStcl5JUuEVvNYmQqBGWMfyVws/7fHwu07wMni/WfC/iey1BPFUfgy50I2EUmrW2 szW8lzFE0KTlXWVU2xtG7FmZRgDcV6rw3+2X8OL7SviBfePdF1r4d3vw0s4NQ1ew1+2iiuRZ3as1 vNB9nlnSUSFSgVW3eZhMZIyAfQmofDrwbqnj3SPidfaf5vibQrO6sLK782VfKtr1kadPLDiJt5jT lkLDHykZOef+K/wS+Gnxs06w074i6Sb46RObmxuYLieyvLOcjaXt7q1kimjJHDBXAbjcDivjqL9q Xxf46/ak+CXgGy8MeJ/h/pWv2/iK8vrLXrS3t11S2jsBJZyIYpZ8NFIrF4yySIWXeuGFfV/xs+PH hP4G6bo0ut2Ooa7rPiW8Gn6Ro2jwC51HULnaXZYY2dFCxoC0ju6qo6nJAIBT8K/szfBDwVbeFLbw 14aW0Hgq+u9T0t/tV08kd9fxNDc3E0jys1xJKjkM05k7YwQMZfxN/ZN+Afxe8Vnxv468NNca3Lbi zubm1vrywa8tV6Q3YtJoVuIxwMShuAF+7xXndx+2/wDDzSfCfiDxL4o8LeJNEuvBWpWFh4m0y5tI DfaJDqIzBqFyiXDK9kw582BpWxzswDjy79pf9tZNP+DHxd1L4CafqusXvgdYdOfxNYxWc2j2l9dJ uZkllnDTG2UgSlIXCSPGCCCcAH0j4w/ZI/Z/8b3ekXur+GGtJtE02LRrc6ZfXul/8SuHJjspBZTQ iWBSTiN8j8M1UvP2OP2cbz4exfCweERa+GLXWH162tbW+vbY2moybt0ttLFOskAwzARxMsagkKgr 4F8U/F/4hfDn4SfEaw0rxt44Xxj4dsfBdzJH4ri0z7RZDV9dEErJJZPKpaeIsjIRtSLy8Mz7iPfL r9szXvA3xq+P9l8QfC2uS+Bvhfpuj3VubW2sSYA6XBmldmukd/tx2NbAnASM7xExO8A938UfsYfs 1+MvGF9448Q+D1uNR1aSObUI1vbyKzv5ocFJbuzjmW2uHBGS0kbFjy2TzX0P4g8OaN4p8Oal4S12 2FzpOr2k1jdQBmjElvcRmKRN0ZVlyjEZUgjsQa+RIP22dBvNL0a4sfhj42l1bxVdTw6FpTabBDea nbW8CXLX0YluUjjtRHImXmdGySoUlWA8d+KP7der3HhPwlqfww8IeIbHWB8QtL8LeItLu7KzF9a/ vYnmsdstz5XnXsThLaRWK/e3PEQGoA9t0X/gn1+yFoV5p95beARd/wBlsjW0Ooapqeo2sZj+5i2v LqWEgY4BQj2r6QPw08EH4kxfF7+zQPFsGkNoKXollGNNedbloPJ3+TzKobfs38Y3beK+fvG37YXh rwr4r1XwXoPgXxT401TwvY29/wCIU0Szt510WO6i86OK5aS5iVrgxgsIoTISAcZxivf/AA58R/Dv jX4b2nxS8CmXxFo+p6d/aVitmq+fdRmMusUaytGBKxGzbIybX+ViuDgA1/GXg3wt8QvC+peCvG2m QazoerxGC7tLhd0UsZ5wR1BBAKkEFSAQQQDXknw4/Zc+CHwpvdQ1TwfoEg1HUrP+zpby+v73Urpb HnFrFPeTTSRQj+5Gyg4BOSAa/OPwt+2z8XNR8F/Ajx94q0rX2bXfFniHTtStbCytGbXYkN6llbWU MUpJEDrFCxkMXzxszOy5kP2jZ/tw/CyLwX4w8TeLtF13wtq/gfULPStQ8PX9mh1d77UlDWMNtFBL LHMboH91tkGQCzbUG6gD6c+H/gHwl8LfBmk/D7wJYf2ZoGhwi3s7bzZZvKiBJ2+ZMzyNyTyzE+9c 38dPB+sfEL4I/ELwD4e8s6r4l8O6tplp5rbI/tF5aSwxb2wdq73GTg4FeMaR+2L4Oks/GkfjTwl4 i8Fa/wCCPDtz4quNF1e2t47670e2R2e4szFcSQyYK+WytKhWQhWx1rzy3/4KG/D2a58P28vw88bw Dxvatc+FS+lRE+IChj3R2arckqwWRZN0/lJ5fzlgCu4A9F/Z/wD2P/hH8G7Dwn4jh8PBfGWi6VDa tNJfXd7b2dzLCq3psYbiV4bcTSBixhjTcCR0JFevWPwI+Emn/DXUfg9D4cgm8Has93LdadcPLcxS vfTtczsWmd3BaZy64YbDjZtwMV/gn8avD3xw8Oalrei6bqGh3mhalcaPqmmarEkN7ZX9qEaSKVY3 kQ/K6srK5DKQRXj1t8XL7VPj38T9W1bVZdL+HnwR0eGC8iiyyXup31uNQup5AmWcWlqscccYH+sk kOCduAD0D4efsr/An4YXOpX3hjw1593q1kdMuJ9UvLrVpm085zZq9/LOyW5BwYlIVuNwOKo/Dv8A ZG/Z++Ffiez8YeDPDDQanpaSx6c11fXt9Fp0c/Ei2MN1NLFbBuQfKVTglfu8VxPgj9szw54t8aeE fCOt+AfFfg2D4gpI/h7Utas7eK0vzHCbjZ+5uZZIneIb0WRFJHXBIB8l+Av7XFzpH7Mvwa1Px3b6 x8RPiT8Q7W8Npp+lQQy6he/Y55POnfe8EEUUKbN7uygcYBOaAPqTUP2XvgXqfwxtPg7d+GQ3hXTr 6bU7S3F3dLNa3080tw9xBdCX7RHJ5k0jBlkGAxUYXiuo+FHwT+GnwT02/wBM+HWkmw/taf7VfXE9 xPe3l5OFCiSe5upJZpCAMKGchedoGTXzvqP7evwl0fwdH4m1TQPEcOqp4mh8I3fh8WEb61Z6vcwS 3EEUlusxV0mWIiJ4XkDllA/jK9J4c/bM+HF7pPxAvvHui618O7z4aWkGoavYa/bRRXIs7tWNvNB9 nlnSUSlSgVW3eZhMZIyAe4ap8H/hvrXxR0b40anokc/jTw9ZTafY6iZJQ8NrcbvMjEYcRNne2CyF l3NtIyc8TZfstfAXTvhvrnwisPCkdv4S8San/bOoWMdzdKJ78TxXIl80TeauJIIiFVwgChQu3K15 14M/bL8NeKPih4Q+EmueAPFvg/XPHUN1daQ2s2VtDBPa2lu9y8rPFdSlDsTaYyvmKzLuVQc17Rq3 xp8JaD8XLf4OazFdWepXegXPiGG9kWNbCS2s51huIlk8zzPOjDrIy+Xt8s53ZyAAcf4t/ZM+AXjj xT4m8ZeJvDT3Op+MobODVzHqF9bxXi2E0E9s0kMM6Rb43tYSHChiF2klWYH1fUPh14N1Xx5o/wAT r/T/ADfEug2l1YWV35sq+VbXpRp08tXETbzGnLIWGPlIyc/Ofgb9tv4R/ET4aeDPid4YstWntPHX iWPwrYWTQwC+S/d3BaZBOUWFI0MzsJGIjwdu75a+a/CP7WXjaKX9mLS/CMHibxtoPxE/tuTUr68s tNj1HUktYrpY42C3Ijie2kUTzbGGYVXazsWiIB9//FH4I/DP4ynQZPiFpT38/hi8+36bPDdXNnPb XGNrFJbWSJ8MvDKSVYdRwMZWnfs6/BzSdds/Eun+H/K1Kw1/UvFEMv2u6bZrGrxtFeXO1pip81GI 8sgxrnKIpwa+FPgZ+3bJ4f8Ah7LffGDQfFOs6fYeKNT0jUPFiWMLaTYmbVJIbOKWTzY5WSON4ld4 4XCkquWckD7V/aq+Jnib4Pfs9+OviN4Ospr3WtF0u4mtTFHFKIJQh23EqSuimKE/PIBk7QcKx+Ug HWT/AAR+F9za+P7KbRd0PxRV08Rr9puB9uWS1FkwyJMw5gGz9zs/vfe5rgfG/wCyJ+z78QptCu/E fhhxd+HNPj0izubO/vbG5GnRLtW0lmtZ4pJodvG2Vm6nuxJ800n9sSKDQvBXh8+AfFXif4g65oUe s3miWFrZG8tLNXMP2y6Y3SWsSXLoWgVZS7BlBRCcDkPFX7WGieLdb+AvjjwH4hl0Pwf4g17W7TxF DqCJaSW66ZptxLNb36yZ8lreWMM3zY4DBipBIB7/AOKv2Sf2f/F2jeGtCvfC/wDZ9v4PtmstJfSr y70ue1tZMeZCs9nLFI0b4yyszZJLfeJNTaj+yh8ANS8JeEfA58KLZ6R4DuTeaKlndXVnLZzuSZHE 8EqTOZSxMu928wnL5PNefzfttfDoeBtM8d2PhnxJeweKdUfSvDFlFYxfb/EbICxudPt2nDi12gv5 tx5Py4OPmXKXn7bvwx0L4b+OfH3jHQ9d8O3vw1udOtvEGhXlrCNVs/7VmihtZgiTtDLDJ5u9XSU7 kVsAsApALmrfsG/sq67/AGjDq/gtrmx1KWW4exOp6ithDcTsWlmtrVbkQ28rEn95CiMOdpGTn21P gx8Nku/HN+NIJuPiTBDbeIHa5uGN9Fb2n2GMHMh8si3+TMWwn7xJb5q8C0r9t34fDUdd034geFPE 3w9l0bQLnxPF/b9hHAb7SrMgTSW6wzTN5ikjMLhJORx1A6j4W/tNaX8WvENt4J1HwN4q8D3OvaW+ qaZcavawxQXtn8oLQz2lxOI5VDq2yTYwBBGaAOp8Zfs+fD3WPA2geHNJ0ZVuPAOl3Vj4XD3NwFsT Lp76cgJ8w+aPIbYTN5h/i+9zXjH7Mn7E/wAL/g94R8A6x4h8PJJ488NadAJpDf3d3Y2+ptCEuri1 tpZTbRySHOZI4lY9eCST6J+yz4+8UeJfDXinwD49vH1LxR8MdfvPDl3fSbRJqEEASayvHC8B5rWW Myesgc8Zr6goApalp1jrGnXWkapAtzZX0TwTxOMpJFKpV0Ydwykg14zafs1fA+x+DCfs923hWEfD +MELpbTTuATP9q3+e0hn3iY7w/mbgehGBXudFAHynp/7Ev7NenzXN7/wi9xd399p2oaRdXt3q2p3 N5c2GqQfZrmCaeW5aSRGiGEDMfKJLRbGJJ0/GX7Hv7O/j6+0XUfEvhZpbjQdMh0WBoL+9tTJpkAx HaXPkTp9phX+7NvzznIJB+maKAPm/V/2R/2e9a+HGgfCm68JpF4d8KTy3OjpBdXUFzp000jTO9td xyrcx7nckgSbegxtAAG/ZH/Z5b4dt8LP+ERjGgNqH9rnF1dC8/tMLt+2/bvO+1faNvHm+buxxnHF fSFFAHlPwo+Cfw0+Cem3+mfDrSTYf2tP9qvrie4nvby8nChRJPc3Uks0hAGFDOQvO0DJr1aiigAo oooAKKKKACiiigAooooAKKKKACvEPGPxcn8MeLR4fj04TwQ+X5rliHbzAG/dgccA985PHFe31lXW h6Ne3sOpXljBPdwY8uV41Z1xyMMRng8j0r5LjLK80xeFjTynEqhUUk3JxUrxV7qz76P5W6nRh5wj K9SN0atFFFfWnOFfl5+0L4p+L3xNj/aV0bw/4/TwX4c+FGhm1Olf2fa3A1RbzRzfXEt5NOrSxxyJ I0MJgZNu3zDuI2n9Q6+ePif+yp8B/jFr8/ib4geGmvtQvbZLO8eC+vbFb23iJMcd3HaTRJcCMnKe arFeMEACgD8+/D3xI+NOm+D/ABXo/wAJ5beHU9PsvhnbRG1ttMj1Z7O90hZLxLNrxUju7wqp8iO5 aQAbhGOgrsPDP7Q/xX8TWmgfBrRfHt/Z+LvEXjF9FudS8Q+HbfTte0Gwj0t9TENzZ7RZTXUwi2wT LGYnR87WYZr7cvv2XPgTqWkatod54YD2utppCXGLu7WUHQYhDpzwyiYSQSW6ABZImRz1ZmJJrNH7 JHwBPgq98B3HhuS7sNR1CLVri5uNQvZtTk1GFQkd3/aLzm8EyKNqMsw2qSowpIIB41oXxD+LPhL4 8/Dr4N+IviNp/jW2v9Q8TwahJbQWkd60Nnp1td2UOoxwxhYLqIyO58kRiSNkYpXh/ib46ftIeILn VIPCOs6ndaRpPjzxfpV//wAIxZaReeIotN0owJYJaWV8uy4hikdxcOqPN9wbuTn7Svf2RPgBfeFt O8Iv4cmhttJ1CbVra6g1K/g1Nb+4Ty57g6jHcLdvJKgCyM0p3KAD90Yqj9jb9nWDw3ZeFtM8MS6V aaZfXOpWkthqWoWl5b3d4iR3LxXcNwtwgmWNRIok2tjJBPNAHxVrPx7+P3ijwl4B1nwV4w1jWtGO j6k2tah4S8P6fLry6ta3pto3v9C1LfNHbRBGSYWyZaYOFIQoKo3/AO1F8avir4q0fwl8K/EmsXGn 6f4O0vWZ9W8I+H9PvJdT1G/aRDNNbaxKv2e0RoiDFH+83llZ1AWvunUv2P8A9nzUNE0Dw/D4al0u 38NQXFrZSaZqV/p10tveSedcxS3VrcRzzJPJl5BK77mJY/MSam8R/si/s+eJ7bQLS78K/YE8M6eN JsW0y9vNMkXTeptJJLKeF5oCSSUlLAlmPVmJAPlbwD8X/wBon9oPX/C3gaPxZD8J9Xs/A9v4l1R7 SystSa/1Ce+uLHC/aPOiWzjNsJHETbz5uzzBjNdH+zdq17pX/BNS21y2kgmvLPwp4guUcxJPA8kb XjgmOVWSRCRna6lWHDAgkV9KeMP2VvgL4407w9peteFlgg8LWR0zTv7PurrTXh09gqtaGSylheS3 YKA0TlkPJxkknufD/wAH/hz4W+F3/Cl9A0cWfgz7Fc6f/Z6zTMBa3e/zoxKzmUBvMbkPkZ+UjAwA fnh4c8a/tFfESXX9J8IfEn/hCtL8GfDnwpr8MNno2mzebqOoWFzKVxLAVS3LW/zxoowNqxmNQQ30 1rP7QPinRv2G4v2lBYw3XiN/BVprxgVW+z/bbmzjlJKg7vKWR9xG7OwEZ717Z4e+Cfwx8Kvqsmg6 N9lbW9I0/Qrs/aLh/N03S4pYbSH55G2+XHNIN64ds5ZmIBHQ6P8AD3wZofw/s/hZYaVEfClhpsek RafOWuIvsEcIgWBzMXaRfLG07yxYdSSTQB+TXxmvPjV8IPiPYeOdX+Kg8ca5YfCzxtrOlXZ0yxtj Y3ccNnIZI44IxHLbu6o0IlRyNrBmcHj1nxP41+PPhPSfh/4Q1j4s6zrnijxpa3OuXNv4a8MWF1rK 2/kWwWC1SSJrO3soJ5H3T3RMr7kRWG1jX0hpH7EP7M2iG/az8KTyNqOk3mhSmfVtTuCNKv0CTWcZ lum8uLaoCKm3y+THtLMT6J47/Z5+E/xHOgS+JdMuUufDFu9pp91YalfabdQ2soRZIPtFlPDK8TiN QyOxBxnrzQB+WXhHU/ir+0b4/wD2ftU8ceNL3TtZstR8d6UZBpmjtIs2ikoLmSB4Lm3FzNEVilCF 4l2bodrFnb6//Ya0DxiP2HtAsdK8TztrOqWGpNpd3PBbY0yWR5Y4VRFiCyJHKpl/fLISWKsSgVR9 CeCP2afgj8N7nQrrwR4ZXSm8M3Op3mmrHdXTR2s2sIqXpSN5WTbKqL8hGxOqKpJJ6z4XfCPwD8Gd Cu/DPw40+TStJvLya+a2a6uLmKOafHmeStxJJ5MZIyI49sYJJCgk5APyx0n/AIKAePbLW/B3jjxT NHF4B0Tw0un+MUaKFHHjJrLULoxKwTemH00xBFYLunUbSduOL+LOrfGXxL8JvihoHxL8RCDxFp+g /C/UtSmttM06CeW71PUZzPbzOtsHaOCQx+WCflMXGBJKH/UTUP2UP2e9U8P+IvCuoeDoJtK8Wa// AMJRqcBnuQLjV9yv9o3CUMg3KMxoViwWGzDMD03i74BfCTx23jB/Fegi/bx5Z2FhrJNxcJ9pt9Me SS0UbJF8ponkZleLY+SCScLgA/NfW7b46+B/En7VnxI8B/E2bTJPh5/ZeoyRS6ZYT/21d2Hhyzln a9LQ4jWWOPAS2EIV3JBACqPp39tjxNcXX7IK+Mo7CS7nm1HwhfiztwGlldtZsJRDHkgFmPyrk9cV 9B6d+z18JNL8LeLPBtvo0sml+ObSOx1tZ7+8nlvYIrFNNUPPLM0ob7LGqF0dXYjeSXJY9b4n+GXg fxl4OtvAHiTTftmg2klhLFbedNHtfTJo7i1PmRush8uSFG5b5sYbIJBAPzF1n9qv45SfBnTvGtpq 00Pi74geP4/CD6JY6baT3Hg4QeeZrOKO5Ef2vUHSEHN1J5TtIDGioAGvad+0B+0r4Iste1vxpd6o /hj4c+IvD9xqU+u6dpdpq154b1kSW14l1b2BkSN7GQx3Ec0flGWMNuGAa+7/ABV+zJ8DfG114pvf EvhdLqbxo9lNqpW5uYRNcacNtrcosUqiG4iHAnhCSkcFyK838f8A7N50D4MeLPhl+z1o+lw3/wAQ PNs9avvEl7fXkklvdWz20l1JPL9puLmaJdvlRSOqYz8y9CAdh+zp4+8XfFZPHPxE1S983wne+Ibu w8L26xRqi6bpWLOS5EiqJJPtV1HNIN7NhNu3AOK+GNL+Mf7T5+FujfEW5+JMbXPxM8cv4G0uKXSL EW2hwnWLm0GoErGrXE6x2rxokh8ti6blLAk/qD8NfAWh/Cz4feHPhv4aTZpnhqwt9PgyAGZLeMJv bHVnI3Me7EmuRuf2fPg7e/C+5+DN54bjuPB11cXF09jJNO+Li6unvZJUmaQzI/2iRpFZJAUJ+QqA AAD8wv2jdZ+M0E/iX9n3xb8RbnxFD4e1fwFrlnra2GnwXqpqmtLa/ZLxI4PILQyxpcwskaFtoEm9 CVOp+0N+0d8cfAqfEfxb8P8Ax1rmtw/DS8gs/L0/w5p58Oo9qkC3UOr6hdpFK91I7t5i2LARFlVF z0+/LT9kb4AWngfxD8Pv+EbkuNM8VzW1xqk1xqF7cahdzWbrJbSPqEs7XeYXUNHiUBDnaBk5w9d/ Yk/Zq8TJqVvr3hi5vLPWApvrR9Y1QWl1MsSwi6mt1uhE91sVf9IZTNuAffv+agD4h+IFz4x8F/E7 9pLxdZ+JH1CP/hJfh3bixvtP065tduo3OnbG2yWzHfbQM0MLZyAfMbMyrIOp8X/HT9oU/Dr4r/tP 6J46g0zSfhp4o1DSbbwe+n2j2d1ZaTeJaSR3d0yG7S7uc708uQKhKqFIbj7k1/8AZe+CHifxNqPi /W9AluNT1iHTYb1xqN9HHcjSJ4biyeWKOdY3khkt49shXeVBRmKMymhrf7JX7PviPxzcfEPWPCon 1W8vIdRuovtl2mn3V9b48u5uNPWYWc0y4+/JCxJ5OTzQB8T+Jfi7+0ra+EPix8dbP4iG00v4b+Op dGsvDjaTYm3utOjvrWF4ru4MX2jeEuCqNG6FdgLFixI/WavIL74C/CfUvCfijwPe6F5mieM9Tk1n Vrf7Tcj7TfyyxzvLvEoePMkSNtjZU4wFwSD6/QAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQB//9X9 /KKKKACiiigAooooAKKKKACiiigAooooAK5Lx9pl9rfgTxHo2mR+deX+m3lvCmQu+WWFkRcsQBkk DJIA7mutooA/Of8AZb+A3xU+HPxN8C+I/GehDT7HRfhBo3ha6l+020xi1i11CWea22xSuzbY2VvM UGM9A5PFe7fsk/Dnxj8MPhxrmgeONP8A7NvrzxT4h1GGPzYpt1pfX8s1vJuhd1G+Ng20kMM4YA8V 9RUUAfkz4g+A/wAe7jUvH3gW38DNdaRq/wAXNK8eWesLqFiLefTjcWf2iIwSTLMskCQMzAr83RAx 27vZP2g/2bvHfxl+M/jG5sIlsPD3iX4U33haHVHlj2R6tNqa3MUTxK/nlNg3MwQrtyM7uD+gVFAH 5CfBT9mDxivjD4YR+JPggfCk3ga6gu9W1zVfF+oaxayXFhCRDLo9jDqZVXmkw3+kReXEjMhR+lfb X7U/w68Y/EfRPh3aeDNP/tGbQvHnhrWr1fNih8qw0+7EtzNmV0DbE52Ll26KpPFfUNFAH5aeN/h7 +014Tm/aK+HHgD4cL4q0z4yz3l9peuDVrO0trM6jpsdlcR3MM7ibfEUzHtRlckZKruI1fAnwR+NH hb4i6FaX/hNpNC8T/CXSPBup6lHe2mNF1PToLjzBND5m+ZGd1QNBvGTnOATX6bUUAfkP4f8Ahv8A tX6z4J/Z6+DmufCsaJp/wd8T+H7vVtYbWbCaK8tdIDwLLaQpJ5hQxP5rhwrggIqscgdTf/sk/FDx Z+wzrXwVu7CHSvGX/CR6jrtraXF0vk3IXWZb2COSe1kbYJ4CAGDhkYru2lTj9T6KAPzQ/Z6+Aes2 3xu0P4lX3wZl+Glj4b068j+0a34qvvEepSX92ohaOyVdRnto7by92+SaItIQu1EIDD0b9rjwJ8Zv F/i3wLdeFtP1zxP8PbNL9de0Lw5rcegX9zcyCMWkj3Dz2xlgX5w0SzJg/Md3QfdNFAH4xfDb9lP4 5aFq1iZ/h+vh/TIfi9oHjCO2XWINRFtosGm3EMzPcTTmeaa3kZElyCzuS0XmIN1e8/tAfsv/ABJ+ MXj741nSoIrDTvGHg/w/ZaRfzTR+TLqmj6hLfeRLGjmZUJWNWZk27WON2CK/SSigD88bS0/aR+LP 7Svwa+IPjX4Ut4G8O+AINeTUrifVtPvXa71Ox8kGFLeZnNvvRVVsb2LZZEC5Ov8Att/s/wDir4s6 p8MviH4V8Pt4zb4e39+174fi1WTRLi/stTgSGRre+jlhMc0LRqygyIHG5ScEq33vRQB+Sej/AAE+ M+jeDPiQvww+EVr4L1H4qtYeHYv7V12XXL3T9GaN0vNR1V73UbmCbyxI4t7a1RnBPz7wMGK+/Ze+ OXgP9l/4w/sfeDtB/wCEn8MvbLc+DNX+02FtNdfa7mOa5sLxHliInhk3ukzKI3Q43KQqV+uNFAH5 b/tGfs5fGXx54h+Nt94U8P8A26DxfpvgG30tvtdrF9ol0XVhdXy4kmUp5MI3ZfaH6IWbiqv7Q/wS +PGveMP2jtL8F+CX1/SfjH4Z0SDTtRi1Cyt0t73Ropo2t5oriWOTMplG1wNgHVuu39UqKAPgH9pv 4c/GnX9S+GsfhrS9b8RfD/SrO5h8QaB4b1uPQb6e6McSWjvcNPb+bboQ4aNZkwfm+YdPk/w7+zB+ 0H4Q8JeI7/SfhmLSfT/if4Z8c6XoceuW9291punohmtlvbmYsbmLG2VpyoZ9xjMi7Sf2uooA/Hzx 1+zL4/s/jV8QPiJc/CDUPiHZfEtLLUrH7D4ul0KTRtQW1EU9nqKQX1uk8QcZWaLzNqgqudwA/Rz9 nj4czfCX4KeEfh7dafY6Tc6RZAT2mmPdSWVvPMzTSxwPezXFwyK7sA0krE9RtGFHs9FAH5M/Bf4D /HvQpvgf4Q8V+Bm0+w+EnjDxJeXWp/2hYzQXdjqq6hNBdQxpN5wAe4jQoU3gncVADbW/tGfsi/Fj 4q+PfjB4s0bRo7qC41vwL4g0S3l1AWS63/wj9nc299aefBKJrRiJyElfy/n2lWA+df1oooA/IzRf 2YfGGuaT8Ute0P4OP4AudU+H+teHtKh1fxPd65rV7qWpQSKYlll1KexgtNwQDzFDs2H3IuRX0TH8 F/iEnjL9k7Uv7FUWXwx0zUbfXm8+3xYyzaEtlEoXzMy5nGzMIcD7xIXmvuqigD5e/Z1+HXjHwJ4t +NWp+KtP+w23i3xpcatpj+bFJ9ospLK1iWXEbsUy8bja4VuM4wQT88aDo3xJ0D4iftW/CXwHqCaR 448Vxw+K/Ct1MAPOW/sRaNIjNkAQXUHkljkRsVbGDg/pRXN3nhDw1qHijTfGt3p8cmu6PBcWtrec iWKC7KGaLIIyjmNCVbIyoIwRmgD8i/Bf7OPxok+LXwY8fS/DDXdPuPB+rB/E2r+I/F0WtX92ZrWS GSe3ia8liW2jkJZigSV96bIiFYjrfhJ8BP2gfgT4S+AfxGsvBX/CReIPAmg6x4e8Q+HI7+zivEt9 Ru/tMU9pO8v2V3jZBvXzRuVsA5zj9a6KAPyin/Zy+OPjH4jWXxz1/wAJw6LqfiT4o+F/EF7oqX1t NJpeheHtMu7Fbi4lEgilndpQ7pA0jDcAN2Dt0/2svgT4g8V6z8d/FfiC8s/C/hLX/Bvh21sta1Ge NbL+0dJ1N7zyrlFZpUiZvKR3aPbtc43YIr9SqzdY0fSPEOlXeha/YwalpuoRPBc2tzGs0E0Ug2vH JG4KurA4KkEEdaAPyvPxD+MPxJ/bS/ZyT4meArDwU2lWXii7RLbWLbWJrhLjS/Ke4U2oIhtGbYsR c7pGJ4Gyvav29Pgd8WPix4V8Ma78CIUl8aaNPqOlsZJYoQNG8Q2MthqDbpXjBaMGKVQGzlMqCwAr 6W+Gn7PnwR+Dl/far8LfBOleGb3UlKXE9lbJHK8Zbd5e/wC8I8gHYCFBA44FexUAfmR8K/2RfGfw 9/a+fV7WzS2+DHhiCXWtAUSxMTr99p1npM6tCHMg2QwSSKxjCgvwSenI/Dz4E/H74W/D79lTVV8D vrWtfCq51+LXdIh1Gxjnhi1qG4t0mSZ5vIkEYkDsEkJxwB1I/WWigD8utQ/Zy+MM37AXjf4Jw+HQ fGus6zqV3bWH2q0HmxT6/wDbYnM3m+SM2+Hw0gI+6QG4r7b/AGkPA+u/Ev4A/ET4feF0SXWPEOg6 jY2aSOI0e4ngdY1LtwoZiBk8DOTxXtVFAH5ieAdA/aP+F/jrT/jbb/CO51j/AISnwnpnh7WNBi1b TU1LS77Q5JI7edZpJ1tpba5jYMQkm9CcsvBB86vP2G/GXxB0rwHpfxb8NwXFh4k8feJPGPi7T7G/ RIdKi1i1cQW6Sh43mMcixKxhDAtuOCmWP7AUUAfjR4z/AGYP2jtb8O/D/SvGfhaTx+nwH1i/sdOE WtrpFx4p8M6jbrDDNHc29xFLbXtmsSI6SmJZAOHkBcNo6r+yd8QNc+CvxeHhP4Vx+D9W8aXXhiLS 9KutfuNW1i4s9K1K2up5NQu73ULizXaokaKOIqyqCrM7FRX7DUUAfEH7QXwh+J3jX426H4y8F6Fp ur6fZeCfE+kSf2xsl06S91D7P9ntbu3Esc0kM4R1coCFGcnoD4f+zH8DvjB4E+Negax4Z8D6t8If AFjp17H4j0S98RprOk6hfSIq2/8AZdqs9w8AjlzIZXKZT5AByG/U+oLq2hvbaazuAWinRo3AJUlW GDgqQRx3BBFAHxT+yDDceJfGHxz+NEJzonjfxe8OkyAYjubPRLePT/tUfYpLLHIob+LZnpivt2sL wx4Z0DwZ4d03wn4VsItL0fSII7W0tYF2xwwxKFRFHoAPqep5rdoAKKKKACiiigAooooAKKKKACii igAooooAKKKKACiiigAooooAKKKKACiiigAr4e+IX7YGueBPiP8AEXw7/wAIAb3wh8KLO0v/ABDr p1RInjgvbM3UKW1m0JaaZmVo9nmKo+Vi43YH3DXzF4g/Zj0DxfqHxp/4SjVJLrSvjLZ6fZz20UQi lsVsLM2gdJi7iRySJFyihSACGFAHhPgT/goH4d1HVpLH4l6PpegwT+H9R8SWkui+IbXxCwt9KhFz dW15HAkTW10sJ3qp3I+GUPuUg9Vdfte+OfBfgS9+KPxh+Et74a8LPoraxp9zZajHqkkjM8MdvZXi LDELW6uTOnljdInVS+5SKd4T/Y61drS70b4teNLXxLo8mgX/AIdjttK0ODQ2mh1CIQS3V5Kks7T3 IiyqEbEUkts3HNVb79jvxz478ET/AA3+M3xbvvEfhy10WTRtNt9Nsv7I2tuhe3vr7ZcSpeXVsYE8 olEjB3ME3MTQBleL/wBtTx18JbDXofjZ8Kx4a1u18OXXiTSba11pL+31GGxeNLm1e4W2jMFzD5yF h5ciEZIbpmd/2tfjsPGt18NR8DlHiYaFH4pt4n8Rwi2/sYu8T/aJxaHyrwSqqLAiSKxYnzQq7mi8 Y/sX+Pvi3pniCT40fFNPEOvXnhu68M6TdWuiJY22nw30kT3N1JbC6kM9xN5KBiJYkAyAvIx9KXfw a+1fGe8+Lv8AbG37X4SHhb7F9nztxdvdfafO8zn7+3y9nbO/tQB8z3f7bnizX5LMfCP4YHxRFN4F 0/x5PLdawmnCCzu2nWS1INtMWuEMOE2/K5LZKBQXSx/byGmaRpfjn4m+ALjwp4L8VeGtT8TaBeC/ jvL28ttMjhmeKe0SNFt5Jop0aH99IrZAYqc47r4Wfsh/8K0sns/+Es/tHf4A0/wLu+weTj7A90/2 3Hnv9/7Tjye23/WHPFHxR+xToHjbwF8L/h14o8RSXGlfD3wlf+FJzFaiKW/W+0+2sRdIxlYW7xG3 EqoRKCSFJwMkA4Hwh/wUAttVubzTvFHhnSrS+n8Nap4k0mLR/E1rrfnDSbf7TNZX32eFWsrgxkMM rIhAcBiyEHe0b9tnXdLj0DxF8Yfhy3g3wp4u8Nan4m0m9h1WPUrlrbSrRL6aK5tlghEMj2774wJH yflOGzjQ8N/sgeMYdL1HS/G3xAs9TRvDmpeHrH+zfD0GlAHUYPs5vr7y55Gup0TIADRJyxwGYmu0 8W/smaJ440X4a+GfEuttPpPgTw5qnhy7iS22PqMGq6YmmSSK5kP2dkVDIvEnJAyMZIB4HeftF/F+ f43fCPXfih4TuPhv4Mu9F8T65KkGsjUYr20ttPjuFW9giiiCT2yjzAhEijf8j7gwF3wL/wAFGvC+ uapoVx410TTdB8N+K7O8vdOubLxDaatqNulpbPeBNT06BFe0eSCNiAHlCviNyG5rstF/Y68dah4m 8JXvxd+KA8ZeHvBmiar4etNNTR1sJJ7HVrMWcr3Nwt1JvuPLVQXEYBC8KpZiY/AH7E2peHrbSPCX jXxtbeIPBfh6wutMtbG10K302+vLW4tmtEXUr5JZGuDDExClI4t7gO+48UAcdY/H342/ED45/s7T az4MufAfg3xtcaxfWzRayt3/AGjaf2HdXFvDqNrFHEIpQfLnRC0qg/xB0NfUnx6+NHiX4TDRYPDf huy1ZtW+0NNf6zrEWhaPYJbqpHn3kkcxMkpbEUaRknaxYqBz434C/ZK+JHhrx38Ktd8VfFb/AISL w58HEvLbRNM/sZLaea2utPl09Ptl2ty3mTQxugWQRKCEOU3SFl7/AOO/7N+o/Fj4geEviZ4f1vTd P1bwpa3tlHb65oy69p7R3zRMZ47dri38q5jMXyyqxyDtIxQB8/J/wUPt9V8MeBdR0HwtpVtqnjGX WoHOs+JINO0WGbRLhbeSGDVRbzR3L3BYNBiNAyncSBwfsr/hat/B8CLr4z6t4cm0y7stCuNZl0ie 4iaRGtrd5zB9oh8yMhtuFkUEEENt/hr5a0b9inxt4W8EQ+EdG+JVpq0f9oa1eXdtr/h2HUtJv01i dbjNxp/2mJPtED79k0bICHKmMLxXvPgj9nbT/An7MTfs2aZrcs8DaLqOlf2lNCCwfUhMZJVgVgAi PMfLiD4VAqbuM0AeA6J+2P8AGnX9Z8G+HLL4JLHqHxL0Z9c8N+Z4iiELWcKxyTNqLi0JtSscsbKE WcsXVDtO7bj3f/BQ3Tb+08KWHhLwzpqeJNc0i61i+tPEPiO10KzsEtL6bTnt1vJopBcXD3NvKqKs ajavmMVU19MeH/2f/wCwvF3wp8Vf295//CsfDF34c8n7Lt+3fao7JPtG7zT5W37JnZh87/vDb83z tpf7B2peD7jQfEPgPxvYQ+I9Ns9T0y9m1bw/HqljeWWoarc6rFi0e6QxXFs906rKJW3gYZQp2gA6 af8AbTufEPw18FfEf4beFLKfT/Flne3NxeeItdt9C0vTpbCb7NLaveNHOJpzMrhFRNrIvmFgtYfh H9t/xb8U4PANn8I/hkmuax460XVdW8u51yK2tbE6PqH9nXCvcpbTCWIyZMcsakvlPkAYsmpqv7FO px6l4I8ReG/Gdlda14T0W40aWbxJoMOtQTNd3P2uW+trYT2yWt15hIVl3L5eEZSF56X9n39kKb4F eIvDWuS+Mm8RL4a0fxBpEayWC20s667q8erebI6zMu+JkMZCxgPu3AJjaQDzzU/2+GHhb4c6npfh Cx03V/Hq6wJIvEevxaNp1lc6HdfYrm0GoG3mSad5gwhXYgZRvO37tfT2t/EXxpqH7OmpfE/Q9AOj eJn0GfUIdNvLmI/ZrhYWfDXESzxOFxuVgrK4xkDJx4a37IPivS/AWj+CvDXjyymhsLnXpbuz1vQU 1bRdQj1vUZL9fN0+S6TbNa+aUjlWX5hu3LtbaPcPhV8BtI+F37P1j8AbfVJ9RsbXTruwe9dFjkc3 zSvKyRjKxqrSsI4wSEQKuTjNAHyx8KP2pfjXrPgj4aeA/D/w/h8cfES+8E6Z4m1eWfXVsrVbG4QR 208ly1oxN5esjOYBHtiJOZWUbq+l/Cf7ROjeNf2b739ofRdJnji0/S9UvptLuXEU8d1pHnJc2kjg MFKzQOm8KQRhguDivCfCf7IHxa+HyeFdc8C/Fm107xX4f8NweD7m8l8PCezvtGsXJsC1ob0FLu2B P74SlZM4aPGc+8eFf2eNI8Gfs3Xn7O+javPJFfaVqdhLqlyglnkutW857m7eNSgYtNO77Nw4wu7v QB823/7dPizRfC/gjUvFPw707w1rHxP33Xhy31XxPb2tmdKito7mS81C8a322rATRqsASR3ZtowQ a1/Cv7c1z8SNN0LQfhf4Hi1/4harqmr6ZcaSNagGmWf9iRwSXdz/AGrFFMk0BW6t/JaOEmQyYwpU 13fxA/ZOl8T6F8KZvDniS207xZ8JrH+zrK9v9KTUtPvbaW1itrmO6sHmjysnko6FZt0TDIJ61hJ+ yF4q0iLwx4u8LfERbH4keGtQ1W9XVpNHibTJ4NZSOO4sjpkU0Wy3VYYfKAnLIyFtzFjQBwX7Nv7R njebW4PCvxC0e8OrePPiR4v0gQ3mo/aG0KPSrJr4W0bbGWaJDEYkCGNAG3rx8p9M1X9rrU38Q6p8 P/Bngc654yTxhf8AhTS7F9RW2t7pdN0631K5v7i4aFvs8UcdwFKKkrFgoXJbC8to/wCxh428N+H9 Kv8ARvieJfiBovjHVfGEOt3WjrJbSz6zbtbXltNZLcrmN1dtrJMhTIAHFGj/ALFvjLw/5njHTPih v+JMXi3UPFltrc2jxm1Datp9vYXtjNYC4Ae3kWDKFZUeMbACShZwCXxx+2rrngU+HPCHiHwHbeHv iBrs+pJJYa9r0GlaRb2umMqtdrqssJE0U5kX7OEgDOd4YJsOfob9nf466L+0L8O/+E40m0GnXFpf Xel6haLcxXsdvfWMmyVIrqH91PEfleOVPldGU4HQeAa9+xx4v1bUtA+ITfEn+1PiNpNxqb3Goa3p I1PSbq01Ro2exTTJLlfs1vAYkMCxT5Q72JZnJH058GfhncfCjwSnhi/1p/EOoTXNze3d61vHZpLN cyFyIraH5IYkXCRxqTtVRkk5NAHq9FFFABRRRQAUUUUAFFFFABRRRQAUUUUAf//W/fyiiigAoooo AKKKKACiiigArzzWfix8OvD/AIij8KazrsFrqkhUeU24hS/Kh3ClEJBBwzDgg16HXxL8Q/2Wdf8A FvxEvfEenavbQ6Xqk3nzebvNxEW++EUKVf8A2csvoemTtRjFv33Y4MwrV4RToR5nc+2qKht4Ftre K2QkrEqoCxySFGOT61NWJ3hWB4q0a98Q+GtT0LTtVudCur+3kgiv7PZ9otXkUgSxeYrpvQnI3KRn qDW/RQB+U2mfDz45X37U+ufAeT9oPxgukaX4UstfjugmmfaWnubyW2aNv9D2bAqAjC5yeuKs+Df2 wvEHwn8T/Gvw98QNF8XfEbTPh7rxE2p6dZW00Ol6TFY2+ZLh2ktgWaRZpWWNWKruYhV2g/Umj/DX xra/tp+JPi1Pp23wpf8AgjT9IgvfOiO++gv5ppIvKD+aMRurbigU5wGJyK880L4L/Eaz8J/tUadc 6MEu/iTqOsT6Cvn25+2w3WjxWsJyJCIt0ysuJShHUgKc0AekeNv2s/BXh7WvDvhTwR4f1z4j+IfE 2kR+ILfT/D1tFJLDpEuBHeXDXU1vHFHITtQM25m42jINcvL+3B8N9R0fwfP4B8O6/wCMte8aNqK2 2hWFrDHqVo+kMEv0vUup4Y4GgdgrKXJYkFNyndXx1rX7JHxC8P8AiX4deP8AW/hvffEWzX4faF4Z 1bSNK8StoWo6VqulwopkWaG8tobmBuY2USsAwMg4HzaOofso+LdJ+GnhGx174FaT4hs21TWtW1HS tC129h8Q6Ld3zRC2ns9Yv9SIndo4l+2KHRHkCsi8HIB9mal+2T8ONP8Ahz4e8dDQfEM+q+KtSm0f TvDK6eF1+bUbZmE8BtnkEa+SELSSGXywuDvJIB9G+Dfx58OfGO48RaFDpGp+FvFHhGaGDWNE1mGO G+tDcp5lvIfJklieKZAWjkRyGAPSvzT1v9kz9ozXvhx8NvFPj7S77x1qfgDxJrtzF4WvPEjQ6uPD mrxxwwWra3BLCsl5a+UH3CUI6sU3bRsP11+yN8FdQ8AeJPHPj3UPh4nw6h8R/Ybaxs7nWr3XNYlt rRGJkv7ia+u7YfO58qOEAouQ7NxQB2HxM/a48O/D7xx4g8B6R4I8TeN7zwdY2+o6/LoNrbzR6Zb3 aPJD5gnuIXkkaNC+yJXO3nrkV5x4W/av1rX/ANqfV/BU+kala/De38G2WvRX89tbQW9us4muX1C6 d5hcJA8aLAi7N6yht8ar89eaftW/A74geMvirrPizQ/hPP4hv59Lt4PDninwnry+Hda0+7RHEkWp vNdxpPEH2vFIsR2J8hBPNNtPgF+0Nc+N7jRPiJZf8JFb/Ef4UQ+C9e8T213bhdO1WKO882aWCR45 51czKA8SZZjuIXkAA908Kftw+AfEeqeFW1Hwh4n8N+FvHl6mn+HvEmq2MUGl6jczbvs6KVneeL7S FJgMsSCQc8V5d8Gv2upvDnwZ8MS+PYtY+IHj3xh4h8TWGk6VpNvFNqN3Dpeo3CFsM8MSQ20KoHkd xhcdea5uH4cftJfE74f/AAm/Z48c/DaHwtp/w/1TQZ9Y8SHVLS5srm18OlTGdNhhc3QluxGozJHH 5QYhs548WuP2NPizp2gfDTxnrvgSfxbN4S1PxdFq3hqz14aTfS2GtalNc2l3aX1rdRR70Uq7xNMC 6kIQGztAPuXUP24/hRovw21P4ia9o+vadLoGu2vhzV9FlskOr6df3bKI/Nt1mKvGysHV4Xk3r9wM 2VHcfCL9pnQ/ip461X4Y6j4R8Q+BPFWmafFq66f4htYbeW502aQwrcwmCadSokGx1YhlbjBIOPiW y/ZT+IZ8AXd3ofw1t/CWoa38QPC2rtpZ1ufVtQXR9FuEZ59Qvb++uIJJ1QyER22MIFX942MfZjfD nxkf21E+LY0//ilB8Pn0M3vmxf8AIROrLciHyt/m/wCqBbfs2dt2eKAOh+Lv7Qel/CzxHovgbTfC uueOPFevW9xeW+maFbxSyJa2xVZJ55biaCKKPcwUEuSW4CmvFrv9v34X2/g/w/4kg8KeKLzU/EGu ah4ZXQ4LCJ9Utta05N8tnPD54AckqqlGdQWBcqAxXJ/ao+Hnxm8XfFfw3qVjomv+NfhdDpE8F1oP hzxAnh64OsvODHcXcrXFq09uYfkCLL+7bL45IPzz+z/+yz8cfBXinwJceJPBMWh6dofxM8SeJZoo dTt76C00rVNHWG12SyTefMY5/wBydyeaSu8jad1AHRaz+2R461vVfj9Z+JNC8X+A/DXhPw5od/ZT R6dpo1TQ3uYZpZ3njkujunujtEKFmVVjbeIj9/Z8Y/Hbxre/teweG9ZvPF/hv4c/D/wrb+Irw2EW nJb3rRyzSSXl+S8s72MsUXkrFEolMoOEUHc0X7QnwT+O+u+Mf2jtL8GeCX1/SfjH4Y0W307UYtQs rdLe90aGaNraaK4ljkzKZRtcDYB1brt9Q8Z/B/48P8VvH3jX4cImj3upfCyy0DRtTeaAqmu29zcy +Vs3l1Kh0IlKGMEggsQRQB3Pgf8AbL8OeLfGvhDwjrfgHxX4Ng+IKSP4e1LWrO3itL8xwm42fubm WSJ3iG9FkRSR1wSAat3+3F8ObfULi6t/C/iW98G22rf2E3iyGyhOiHUfOFtsWVp1mMXnnyjP5XlB +N+Oa+OPBX7OPxnf4t/Bfx9L8Mdd0+48H6sr+JtX8R+Lotbv7szWskMk9vE15LEttHISzFAkr702 REKxHtPwl8Pftb/BDwJpf7NPgzwNbyw6Vrc623jee+tZdNGiXWoPeSTy2JlS7a7EUrxeVt2l8PvK 5NAE3we/be1Q/C7xb49+MHhjXRdW/jS48O6LaQWlmJr+e5vJYLTTLZIrgqbi3EWLhpmVNxykknb6 6+Dvxvs/i3ceINGuPC2ueDNe8LSwRX+na5bRwyqLpDJFJDLBJNBNGwB5SQkEfMBkZ+FYfgn8a1+E nxO+Eev/AAi03xdpr+O7vXreDUtQhWLXtI1O/luJBYTQ3EUthfQIUKSz4UElcHnHsX7Gfwx+Lvw/ 1/xvceItP1nwp8O75bFfD3hzxBrUeuX1nLEr/apEmjkmEED5QLEZXYkFjjjIB698TP2n/Dvw/wDG 9x8OdD8JeIfHviDTLFNT1S28PWkNx/ZtlKSI3uGnngXfIFYxxIXkcKSFxgniLv8Abb8E6qNPX4T+ DfE/xNku9HtddnGg2cLLZWd3u8pbhrqeACdtjYhTe+VIIFc74l0L46fBX9oT4jfFb4b/AA+f4maN 8T9P0ceVbajaWFxpupaNDJbIkovJIw1tMjhy8ZYowbKc5PgXir4SftZeJ/Gb6h8dfDGofFKz1DRd NTT9P8O+Jf8AhG9A07VPLY3yahAl1DNOnmkbZlEpKLtCEkKAD6d1T9uj4VweHPhj4g8NaB4i8Vv8 XbfUZ9BstJsY5rt5NLMYuYJo3njEboZDltxjAjcs4ABb2T4G/Hbw58ddH1q90nSdS8O6p4Z1GXSd W0rWIUgvbK8iVXKusbyIysjqyOjkMD65A+Gf2b/2bvjT4BP7LkHjHw4tmfhfbePLbXJFu7WVLdtX lU2Lx7JWaRZ1yRsUsnSQJX1l8B/hz4x8F/FP44+I/Emn/Y9O8YeJLa/0qXzYpPtFtHp1vAz7Y3Zk xIjLiQK3GcYIJAPJvBv7Sk/gVfjt4l+Jt1qOvWPhnx9/YOi2Fjbrc3ji4tbP7PZWsS7N7PLKxG9g BkksBWH8T/24r/TPh18UbDR/AXiTwh8SPB/hyTXLXT9YtLNibOVmhj1BTHdSQyQQS8zDcWGCFVyC K5Lxl8Ef2l7Pw18Yf+Ff295p8viv4lW+uGHTdTt7DUdW8Mi1torqKzvBJi0mkaMhTIUbCkEYYZ8a s/2T/jBq3iv4qat4d+Gl34O0Txr8MdV8N2C6x4jj1nUZtXkuEmja+llurhozOMqojd40CAuUZiAA fa9v+11aaJ4M+HFnqvgzxJrvxD8caYbyLw7ZW1o+p+TbYSa+uNtwtrBbyNh0YyjIcDaCHVKOr/t7 fCrTfC/h/XbTw54l1PVPEGtXvhsaFa2EbatZ63Yx+ZJY3Vu0y7JDlQCjOvzBiwTLD5g8e/s9/FXx j4g+Fnxw8UfCXUNcbSfCZ8J654UtPEqaVqdmbW4MlvfW95Z3kEM6Sc7oTMOGXKlhlOn+GP7LHxC8 NeMPhV4uj+H9n4UtrPxrrWvarY2+rz6pNY2U+lyWdnJeXN/e3BubpmCCQ2vyD5TsGGagD6d/aW+K fizSv2NvGPxc8Jwaj4M1+PQvt9rFfRRxahYSuUIWaMGVFkUHDLlsHg81H8Kf2u/DHjjxF4Y8FeI/ C/iLwdeeL9PkvtBvddtIbe11mK2iWWZrd4ppWRxGfN8uZY28vDYGcV2P7XfgLxZ8UP2afiF8P/At j/aev65pclvZ23mxQ+bKzKQvmTMka8A8swHvXzgfh98d/j349+GVr8S/AC/Dfw/8MrfUJL67Go2t 4dRv7vT30+OPTltXZ0t0EjSlpghIwm0EGgD0LR/27vhnrN1p2rR+GPElt4B1jVF0ex8ZzWUSaFcX bymBCH883CwPKPLWdoRHv4JUc19FfGb4teHPgb8OtR+Jniy2u7vS9NmsYJIrJI3nLX93DZxlVkeN cCSZS2WGFBIycA/kV4A/Yq8f6T4X0D4K+Jvgwmo3ukalDHeeLLzxfqLeHrnTYrrzftUOkWupQTLc +WAEh8tEEgDkgHbX6W/tifDDxf8AGL9nPxb4B8AxxT+Ibo6fd2UM8gijml06/t70RF2+VTIICgLE AEjJAyaANz4o/tIfDz4P+KU8L+NVvIG/4R/VfEsl1FEklvHZaQYxOrfOJDK3mDy1WNg3IJBxnj/h t+1j4e8dazHpHiPwX4k8ALeaTLrtlea/awRWV1p0IVpJFntridI2RGDskuwheea+bfEPhL9qD40/ GWH4lat8J7Dwrpdl4H1/Qrew8Q6hZ6pBcajfGFxHew2cwJtbjaYhsYnCuzhQUVvOPhf+y78X7nxH eeFvDfhDV/gp8P8AWfDGuaP4j0y78RprWlXV9qNobe3k0q0W4neEQyOZTI7JlP3YA5BAPrXwd+3B 8PvF2reGjP4T8TaB4V8bXy6ZoHiXU7GKDStSu5N3kIhEzTxi42nyGlhQSex4rwL9qL9uSVPgv4u1 P4M6L4mtbe21G30mw8Zw2cB0Zr2DUIorlI5GlaUxlVkhWYweWz/IGyQT5V8JP2RvHdofhx4G8VfB NdPvvBmo2Emq+JtQ8Yajf6RPBpnKXOm6bb6lG6XMrIpjSSBYoSfmQqdo1PFfwa/ap0P9lfU/2MvC 3wyXxBbWV+RZeJl1awhtLnShqo1FGME8qTrd4/dsjLs4LiQnAIB+hv7VXxM8TfB79nvx18RvB1lN e61oul3E1qYo4pRBKEO24lSV0UxQn55AMnaDhWPynyLSf2xIoNC8FeHz4B8VeJ/iDrmhR6zeaJYW tkby0s1cw/bLpjdJaxJcuhaBVlLsGUFEJwPdf2kPA+u/Ev4A/ET4feF0SXWPEOg6jY2aSOI0e4ng dY1LtwoZiBk8DOTxXxd4B0D9o/4X+OtP+Ntv8I7nWP8AhKfCemeHtY0GLVtNTUtLvtDkkjt51mkn W2ltrmNgxCSb0Jyy8EEA9/k/bV+Etz8O/DHjrw1Zav4g1DxjqM+j6b4es7Rf7bfUrXd9qtpbeWSN IWttpMzPIEVcMGIZSeb0/wDb3+Er6R48vvEegeI/DWo/Dy40yw1DSr+yi/tCfUdXMq2tlZwwTy+d M5iOCCEKsrhym5l+VF+D3xN+C+vfDD4u3Fnot38UNT8Z+MfEB8GPqkVmlyvii3RLi0sL2YCBrqzi ijbnar5kAY9W8j1T4VfFn9qnxx+0Fq8nhmx0/wAU+H/E/gPWF0CDVsxXTaNZXccunSaramNUuWgm G6SNgIpdq712hwAfbPxS/bdudK+FnxJXRvBXiLwh8SvDHh2TW7PStas7QTGzkJiTUlCXMkMtvbyE eeu/zEIK+Wx4PEXX7WPxF0X4sfB+S/8ADPifU4fGPge/uZfDFpa2b39zqkNzCqXTqkwgijMSyShj MqiNxlQ52DhbP9lHxj4v0X4m6loXwh/4Vzc6r4G1LQNLXW/E95rur3eo3wJaMStqNzZwWeUUDem9 mw+5VyK+g/hT8P8A4var8aPhP8T/ABp4Jl8K2vh3wFqOgahFPe2V09tfi7thCoNvK5cTRQtIGQEK DtchuKAOvj/bk+FNx8O9M8a2Wja/da1q+t3Phu38LR2SHX21iyJ+02rW/m+UphX55HMuxVIy24ha dfftv/DHQPht46+IHjLQ9d8O3vw1udOtvEGhXlrCNVs/7VnigtZgiTtDLDJ5u9XSU7kVsAsAp+MP H37HPxb1XWdQ+Isvg9vEf9i/FDxVr0Xh+LWhpNxq2ha/a2kC3FvfW1xGYJkeDcsckkbMNwbg7X09 W/ZM8f678Fvi6vhT4VR+ENV8aXfheLTNKutfuNW1i4stK1O2uriTULu91C4s12qJGijiKsqgqzOx UUAfpL8Ovi3e/EL4e3/j1vAniPw5LZm48rSNXtYbXU7tYYxIjQxeeyfvgwVPMkT5wQ2ANx+NfgT+ 3HqF98BPDHi/4q+Gtd1Xxn4r1rVNM0iw06ytDPrLw3tyQLKKOcKsNlAixXEs5jCshJZ8h2/Syvx9 +G/wQ/aV+G+kfCvX4fh3/aGsfAzXPFMP2H+1LJR4g0nxTPPJJdWMhl2wy24aMiO48suCwyDlaAP0 M+DHx/8ADHxmu/Efh630nU/C3irwfNDBrGh6zDHDfWhuU8yCQiKSWJ4pkBaN0kYMB2rl/id+09p/ gLxvefDnwx4E8TfELX9KsYtS1GLQLSCSOyt5ywi82S5ngUyyBGKRR72IHQVzHwB8BfEi++M/xI/a G+JfhtPBc3jC10nS9N0Y3UN3dxWmmJIWuLyS2Z4DLM8o2qrMUVdpJ614l8e/hT8b/Fnx18Ralrnh HW/iV4CvtPsIvDWnaZ4oHh/SrC6SNhd/2rDHc280wklw4kVZSE/dhGOAAD3uf9sv4Y3fgLwB408G 6XrPi29+J63DaDomm2sbancfYwftZkSWWOGJLZhtmdpdqkjBYc1l/wDDbvw3udI0xNG8N+ItT8Y6 tql/osXhKKyiXXI73TEWS7E0bzLBHFCjxs8pmKbXUqW5A+U/g18Af2iPgP4K+BXjePwUPEPiD4b2 fibQtc8PwahZpPJZ6tfvcwXljPJL9nYgKjMjujsrbcBgQPSb3w9+1tcfEnwf+1Hr/gW21O+0aTXN MbwbaX1rHqFnoWorAbaQXckv2Sa7SSBnmAdQyOqKcg4APZ7n9tz4WweDLXxBHouvz+Ir3W5vDcPh SOxQ6+2rWy+ZNbm383ygI4yJGl83yghB3kkA15v24fhtp3hnWb7XvDviDSvFehatp2hXHhSe0h/t p9R1cE2EcSrObd0uVDNHJ54QqrZIOAfm742fBL9pL47Wfgb4x/EHwTBqGoeDvEGrTReB7PWf7Mvf 7A1K3jt1Q6ta3CRm9jaISnbKiFWKZPKtjW37LPjCfwR491qy+A+jpbeJL/RY/wDhF9d1+/1PWtQ0 ix3NcM+pyanLbWl4GkJtGjI8tQ6yF9wwAfXL/tmeCNI8DeMPF/jnwn4l8J3/AIIuLC0vdGv7KL7f PPqjKlmtmYZpLecTO20FZgFPL7Bgn0X4RfHm2+KWu614R1Twb4g8DeIdCht7max122ij823udwjl gmtpp4ZFypVgHDKeCvevgnwZ8Afj+nw2+K3h6LwO1z4G1pdJXQfAXjvWhrLstvLvvxFdwXDCy3rt NtmZykyB2C4BPr/7H/wm+LPw/wDiT4k1J9B1vwB8K59Jgt7Dwxr2vR67NHqqzFpLi0aOa4+z26xf u9jSlnYh8YACgH6JUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABXxn4x/ah8N/CXxn8S m8X3Wta5Y+HdQ8MabFpllpls5tZ9chPlC2dJhNdCV8NIJFDI3yxq4NfZlfCHxB/Ze8e+LPid4s8Z 2F/piWGveLPAWuwxzSzCVbXwuym8SRVhZRJIB+5AYq38bJQA+7/b48DaY/iW21j4e+NLC88CtG/i a3k062ZtEtJ0WWC7unS7aNopkYsggeWTajsUCgE7Ov8A7cnw38P6/wCLdOl8LeJrzRvAV9HZa/rt rZQS6Xp4mSN0neQXPmvEVkBYxxO6gFmQKVLR/ED9m7xv4rh/aUj06+06NvjHpVjY6QZZZh5Elrpj WTG72wtsUyHIMfmHbyQDxXyr4K+F3x++IH/DRXwd8HXHh208HeJ/E8mi6vf3z3J1Cy3aRYRXktpA kJjuPMgdREJJYtjqWOQeAD7P+Jv7XfhX4Z3/AIhD+DPFHiLRPB8UE2t61pVlBJp1jHPEJgxee4hk n2RsryG3jlCKeTuBWn+LP2vvAXhrxFq2j6d4d8ReJ9N8NJaPresaRYLcadpf22NJolnZpY5ZHEUi SOsEUpRGBYDkD5S+Nv7DvxU+Il94/wBIsV8O+ItO8R2sVt4f1TxDqWpNP4etobOOBbW302KF7TPm IzJcq6upcyMsjAKfWdA+Bf7UXwxuPFOj/CTW/Ddjpvj57HULrUbxriW+0TU0sbayvHtIGtngvY2F uGgExh2sfnUgYIB6t+zZ8c/F3xi8R/FbTfEvh670q08IeKLjS9Pnkjt0hNrFbWzLCxiuJna4DO0r ttCbJY9rZDIn1bXzV8Dvhh8Qvhh47+KR1ybTr/wv4x15vEOn3UU0v9oie5tba2mhuYPJSFVX7OGV 45Du3fdXoPpWgAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiii gAooooAKKKKACiiigAooooAKKKKAP//X/fyiiigAooooAKKKKACiiigAooooAKKKKACiiuK+JV3d WHw58VX1jM9vc2+lX0kUsbFHR0gcqysOQQRkEcg0AdrRX4z+CP8AhNvh18Bf2e/2irD4n+JfFHi3 xlrPhrTtUtdS1ee9sdUttZcQTWK2krmJZrdCSkqjzN6O7lmJI4bSb74qaF+zfq3x/b4qeKP+Eg8S +LbrwlHNd6rJNp2i6Vda/wDY2uUt5cqZoVVxFK7ExiQBcBE2gH7mzTRW8TzzsEjjUszHgBQMkn6C ua8E+NvC/wARvCum+N/BV+uqaHq8fnWl0isqTR7iu5Q4VsEg4yOeo4r85vFngbWvg38dvCfwa8N+ PPFGueEvip4Z8SR6vaaprl1e3tlPpVuk0Wo2t07+fbPM0hiby2VSTwuQCvxt8P8AUviPpfwn/Zi+ CXgGTxRqmkeP9K1bxBqllpPiBNM1C+kso0RLKzvryeMWtrEFMslvC6hgWIAJJoA/oLrkfG/jvwl8 N/D8ninxtqKaXpcc1vbmZwzAzXUqwQoFQMxZ5HVQAOp9K/IWD4k/tB+E/Aut/CPXtc1Hwxaav8RP Dfhmz1C81/Ttb8R6FpWuhnu4bi7tLi4aKWMx7beS4xIEmBBO0FLX7YPwh0PwT4Q1bwRa/F7xBrUB v/Ceox+GtR1e7u76x87WY7OS9F485laCXzDtikUhJ0EsbAgAAH7PUV+OnxIu/i744/ae8XfBHQbT xv4i8L/CzQtCt9PtfD3iy30K7klvbXzG1G+ury5hnvZgwCKxZ1DIWkG5/ni+CfiP4w/tDeMPh38F vjX421DS7TTPB+p61c3HhnXYI5tcvLfWG06DztR0ieRXNvbqrypFKP3xJfoQAD9UPAHxN8J/EseI z4Tnkn/4RXWbzQL/AMyNo9l/YbfORd33lG8YYcHtXoFfAX/BPfSH0Dwh8XtCk1qbxE2n/EzxHbnU blxJcXZiFuvmzOAA0jYy7AYLZNfOWs33xHsL39qL9oOLx34luLv4Savqcfh7RE1OX+x4WXS4nZri 0OVmiRpUkERIRTGSF+Z9wB+xVFfiZ8K9T/aJ8F6z8HfHfneI9OtfGEsEeval4v8AGukahpGs22oW pla5stPa+3xyQHE8EdsgcQqUYMMgy/AvxF8RPh38Q/hlqnxo13xjHd+LdWbT4/E1n4hi8T+C/Fc1 +sv2eJYVlC2IcjNv5cWU2kHC5KgH7XUV+JH9qfETWf2M9Y/bpf4o6/p/xItri71WO0/tSVdCtFtd Ta2GkNpYP2dozGgjw672lYMW9ff/AAt8UPGU3wh/a+1/Xdev7LUPDd5rT2AlvJfN0kf2DBNFHbMW zCEmLFBHj58lfmNAH6cUV+RPg/QfG/x1+OHwx8G+IfiT4s0bQYfgz4Z8SXcOkaxcWcl7qz3csX2i eQFizMCTI33pCqbmIUVqfCSLWfiP8G9P/a38cfGzWvBPiO98QzyyrPeyPoFlbQas1lHo76SJY4GW VEWMsT5vmOH3N0IB+sVFfgpe+NP2lPinp/xc+MWkjxZb6r4Y8RavY6Rqdp4u0vRfDmgx6RIBFb3m m3l3CkgwAbp50IkVgR0yer+K3iH4032v+Lfi14u1PxNqXh6x0zSrsah8OfFNvKng2dNPiuL2G80W O4WK5Hmb5XkaSRJICCG2kYAP3Aor5g+Nfxd1bwt+yL4k+NXw6uxql9B4WOq6beNCFEhmt1eK6MJG AAGEpQjHGDxXydd+H/FXwC1f9nvx94P+JfiLxhc/EbXtN0XX7XWNWm1Gz1W21a0eaS9gt5WZIDbF A8Zg2hUIU7hwwB+qFFfnN/wTj8H+JtT+CHhj47+OvH/ibxd4j8XadNFPBquqzXenwxQ3bpCYreTI EqpEA0pJYlnyfmrjv2h9Q1X4i/H/AMUeA/C93498Wz+FdI08XGkeFdWi8L6Voc94sk6XN9qMt3F9 onljw6KYmWNF6MSQAD9SqK/Ff9m7x58Rv2oYvgx8L/iP471zT9Ll8Dar4ivrjS9Qk06/1q9tNak0 qGOa8gZZmWGBBI4VgXYhn3c49QSTWfFXxV+HP7Lk/wAZ9W8TeFEfxZcX+q6fePp+rX9xpMsSQ6Pc 39vL50klkk7Gd0ZDKFUsoINAH6sVyXjvxpo/w78H6r438QJcPp2jQG4nW1ge5nKKQDsijBdzz0Az X5BaR4s+Ifgjx8nggfEnXvEGnaV8eNC8Ppc3upzzSvpcujTOdPnfeBIgk2rKrDEkqb3Bck16D+0/ 8UPHGj+Lv2obHw14r1KwXwv8P9CubOO1vpohp97NPOzywBHAhmeMpudMMRjJxigD9Y7aeO6t4rqL OyZFddwIOGGRkHkH2qavyMI8fa38Zv2h/iZd+OvE0lt8GNM0HWNB0C01WeHTZ70+HI72VLq3BxLF NJEA0WVVi8hPLk1458JfEP7S1lpHwd+NMTeJ3vfF+r6U2sar4h8aaO2ga1Zaof39raaVJeqIZQpJ tY4olmQqVKE/KAD91qK+LP27tW8Y6X8I/DsHgbxHfeFNU1bxf4c04X+nTGGeOO8vVifkcOpB+ZHB RhwykZFfF3x68YfEv9jrxJ8VPD/wy8aeIPENo/w2t9fth4h1CTWJrLVZNbi0uS7hkud23EMxlZPu F1yVKgKAD9pKK/GzwBoP7QGg/EjwN4S87xb4c0T4h6Zq2m6zc+JvHOl6rcX7yWLPDqWjwxX73EVz byFXY2i8RleBt3HyvTf2pfi9c3/wh8Q6h4kvLTTPgTHZaf8AE5Wupdk91qGrP4fc6h8wErxpatdg yg4Mm8YJyAD956K+TP2NNY8V+NvhNe/FvxZqN7eN8Rdb1PXdPt7uaSUWGkzzmLT7aBXJEcX2eJJA qgDMhJGSa/K34rfEzx+vw31z9pP4ba78QtaWx8QCW08X3esQ6R4akgOqLa/Y7PQftcrT2uMw/wCp BYgyPgArQB/QLRX5q3ej63+0B8YPjyvin4meIPAll8L5bPTtFh0jU5NOg01X05bt9Uu4onRbne7s VEx2eUpT3HEfD+DWf2l9d+KepeKPjZrVhY/Diz0iy0XUtAvpNHsgsmlJePr1xbQS7JxcyO0irK7R iIFBxyAD9YaK/FHWfGvxh+OHx21rwJo994p+InhvwR4Z8PSWVx4L8QWfhJNQn1S0E8msyia6jebe /ESI7xRleR8w35FvrX7THxJ8M/DObxXqV749/srRNUGr6D4K8bWGna7K0Gotb22tO+nXLJeosSLA yJLhbkOThsqQD9iPiJ8Lfhz8W9B/4Rj4m+G7DxNpauJUgv4EmWOUAqJIywzG4BIDoQwBIzzU3w/+ GvgD4U+HY/CXw28P2XhvR43aUW1jCsMZkfAZ2CjLOQBlmyTgZPFfkvqnin4g/Fj4ZfBlvhx4q8Sf EPTdPi1yPXvD/wDb0XhLxpqElnMIUml2S7rj7AQ0cqpL87FHJZmyv3Z+xf41tPGfwZeKHXNf1y68 O6vqOkXg8UxqmtWNzay5ayvHR5BNJArqvm7iXGN2GyAAfQvhXx34S8bz69beFdRTUZPDGpS6PqPl hgLe/hijmkhJYAMyJMmSpIBO3O4ECz4z8WaN4C8H67468RyNFpPhywutSvHRDI629nE00pVByxCK SAOT0r8TtFs9d+G+lfEfSPBPjHXdCfx18eF8D32qNqlxNLZaZcw280t1EZ3dEvZCBD9qIMmGUFvl XHrHxq07xD8EvEPxV+Cfh7xZrPibwZ4o+DvinXJrDXNSm1a5029sontxcRT3LNKkNwJNpj3FTICw xjAAP1j8M+IdM8W+G9K8V6K7SadrVpBe2zMpRmhuYxJGSp5BKsMg9K26/C34WfHL4sad8OPHfjHx zfaj4Z8afC/4c2N74O8Jx3LDSptHl09Fj1uZInCahL5n+sSVSltgLt3nKdZ8Gb39ojwn4r+CfjPZ 4nhtfGt1aQ69d+KvGukahpmvW2o23mNNp+nm9Mkc0RxNbx20e8RAoQ/IIB+01FfhXNb/ABNsP2Sv FP7V5+Kvi+Xxh4W8T3o0y3fWJ20yOzt/EH2RrWa0J2To6M+TLuIGxBiNAtdJ8Z9b+JvhP4h/Ej4n +LfEXi6+8KaP4gAsfFfgfxDDe6f4btrYwB9N1Lw75saFouRdGRWLb8kZHzAH7YUVUsL221Kxt9Rs pBNb3UaSxuvAdHAZWGecEHNW6ACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi ivEPGPxcn8MeLR4fj04TwQ+X5rliHbzAG/dgccA985PHFfM8VcX4DJcPHFZjU5YSkop2b1d+yfRN /I2oYedR8sFqe30UUV9MYhWD4g8VeF/CcNpceKtYs9Gi1C5isrZ724jt1nup8+VBGZGUPK+DtRcs 2OBW9X5G/trX0Hxt+M83wY/sDxB4g0j4feG7y+eTw/p8uoG08U61EYtKkuBGRsNrArzoc5zIMeoA P1qlu7WCaG3nmSOW5JWJGYBpGVSxCg8khQScdhmi1u7W9hFxZTJcREsu+Ng67kYqwyMjIYEH0IIr 8jdG8aeMf2jfiL+y745tfF2oeD9euNJ8V6fq1vb2li8ljrGlxQQ6iDHd28pVpnG0o4O1AhQKxZm4 z4J+N/iJ4P8A2dfgt4A8L/EDXft3iS21nUmsPD+g2Wq66LSCcQxxwGaAWdvaRzFnkmusys8gRHCr hQD9rayf7e0P+3P+EY/tG2/tn7N9s+xecn2n7Nv8vzvJzv8AL3/Lvxt3cZzX5X/Bj49ftBfHeTwP 8IpPGMng/Wpf+ErudX10abp76ldQ6BqUdhBbJAwnsYp2E2+4MayKNn7s4JJ8t+K/xy+Kfwq+NFlr lvrml+K9ebwR/YmreMNMhW40vRLf/hJXtpdUu7WIkGS1XastuvyrNu3YjUrQB+3FFfP3xeHxT0T9 nfWb74W+I31TxtoulpfWeoTW9rI2py2YWd0aJIhAPtiI0Y8tFC7wUKkA18LfE79tP4iazoPiv4qf BG7D+D7Wz8K6Dpw+ywXQ/t/xK8V1cXOX2FpLGzmhiELSrH58h8wHGAAfrVVe5u7WzjWW8mSBGdIw 0jBQXlYIignHzMxCqOpJAHJr8lbn9pL9pP4YaF8QtM8QNql/5GnaNNomq+LtN0zTr2yvdV1SLSpf PtdMlMc1rH5yzxSMqfMjxMWABqf9pTwt8YtI1DwH4D8UfHFPEEkvjPwXd2qix0u21y1muNTMDXTW yW5ia1SUK9uzJjzFaOTzVoA/WuivyW8UfHH9omL4Z/FP9pvSfH8Nlpnwx8TX2j2/hKXTrNrW9s9I vEs5VvLkx/aku7rO9fKdVQlVVSG4+kPgVrvxq+JHxr+Juva945kh8F+CfEtzodn4dXTrNfNQ6fbX GZ7oR+fmJ7hSgVgchgxZSAAD7Zrk9R8e+BtIur2y1bxFp1lcaYbRbqKe7hje3OoOYrQSqzAobhwU h3Y8xgQuTxX5vftR/HT4uaH4w+JkPwv8Z65Gvw80iG7Wx8PeH7G8sbK5W0a8c65qGqKECum1hHay B1i+bDSYWvGPiL4lvPGl18SvGOookd3rtl8Db+ZYwQiyXWqySsFBJOAWOOelAH7aUV+Tni/46ftC n4dfFf8Aaf0Tx1Bpmk/DTxRqGk23g99PtHs7qy0m8S0kju7pkN2l3c53p5cgVCVUKQ3HO+L/ANsD 43eC9UsfBE+pLc6v8PPF+o3PjWWW1to55fBsN7YrbO0axBIme11aFg8YU/6O53H5twB+wtISACSc AV+SOsfHH9pvxfp2j+OPC2saw3gzxNqfiS/t4vCenaRqPiG20e0uo7PSXFjfIWntJPLknlkjWSUm VU3Bdin650Hxfqnxd/Y3m8V6d4y+26lqnh68365YWC2bPcWyyRzkWd0sixPvjaORGUhW3bcfKQAf RHg7x/4E+Ilhc6p8P/EeneJbKyuHtJ59Mu4byKK4jCs0TvCzKrqrKSpOQCDjBFddX47fsyj4w61o /wANf2fvh/8AEeTwPp1n8NdF8Yz30GkaXPe3VxqwEMVsqSW/lNa2vlfPKyGeVm2ySkndXT/A/wCN n7SH7Rnj7wP4fTx1F4QsIfDF1q2sPp2m2d0mqXeleILnSWaBrlHMUN3HEHYqflIwgGSSAfrFXJ2v jzwNfanHolj4i0641Ga5urNLaO7heZrmxAa6hWMMWMkAYGVANyAgsBmvnT4+eMPiLdfFv4ZfAz4f +KD4GPjSHWtQu9YjtLe8ujFo8cBFrapdpJAHkM+92ZGKonyjk18FfCDxh468D+LE0mbWbPWdUfxn 8V2vNTGn2u+e703T4ZEnh3I5ti0gzIkLBW+425QBQB+1lFfjo/xr/aj0L4a/A5tS8can4j1348wx 6lJNpGh6U17pNpa6cL2S30+CURQSzXAkj3vcFggSRo05Cjq/B3x1/aX8V614a+AGs6zc+Fdb13xL qtkvia/03Tl1c6Rp2mrqASSwieayivnd/LyV2+WPMEeaAP1Ylu7WCaG3nmSOW5JWJGYBpGVSxCg8 khQScdhmrFflteaV8Sb/APar+Bth4k+K8Hia90C88YWck+lW+nhjFZxWlw1vfxrAwhu5oJUhuVj2 BUVHiETuzH678Z+P/FWj/tPfDL4dWN8IfD/iPQ/El3e2xjjPnXGnvYC3YSMpkXYJpOFYA5+YHAwA fR1Ffk1q3x0/aP8AE/hnS7/wrrOp3mnr4v8AGllqb+GLLSLvxCNN0q+aDTBZ2N8ojngjXi4dI3mI 2c5Yk89N+1R8ZPHt98Ofht4C8T61qlxd+HNS1nWdZ8N+HbL+17m6s9RbTlt307VnWG18hlP2raGJ faIwkbZoA/Yaivlj4AfFbx34i/Z2m8efF0W+k+INCXVY726uFjihZNNkkCXU8VtJKsJaNFaeNHOx g4XAAA+FvCH7SXx8sfHHw+kvfFXiDXtF+IGl69LLPrHh3T9H0p57LSJ9RtrjRgFS+aINGoH2lGV4 2DMdxAAB+yFFflt8L/Hv7S0i/s/a74u+J7axF8dNJu0urX+yNPgj0u4bRJNStLq1aOIO0iPH+9WU vG5Y4RVCqMS1/aH/AGj/AIs+EtC+G3w21pdF+KfhDw/4kvPGUqWVrOTquiGTTLK2Ec0TxJ9vvVM/ yICI0wuFJFAH6yUV+NGqf8FBfHU3iHWvHuhSRS/D/WfCb2HhuCOKJi/jcafY6isRdk8xs/bxbmMs V3Qt8oIJa78bfjz+0N4L03xzc+G/iDrOsar8LtMskvBonhvTpdFXUbaximvjrN9fRxKZJnYuYrFl 8qNlCo0nFAH7FUV+YPiz9pX4w+Hbvxn8Jxqif8J141ufDc/gC4a1g2w2fiZRFMPLCbJU0uSC6kLS h2ZQvmFh0/TmCN4oI4pZWndFCtIwUM5AwWIUBcnqcAD0AoAlooooAKKKKACiiigD/9D9/KKKKACi iigAooooAKKKKACiiigAooooAK5bxzpF34g8FeINB0/b9q1LT7u2i3navmTQsi5PYZIya6mop54b WCS5uHEcUKl3ZuAqqMkn2AoA+IP2ZP2J/hf8HvCPgHWPEPh5JPHnhrToBNIb+7u7G31NoQl1cWtt LKbaOSQ5zJHErHrwSSfomx+BHwk0/wCGuo/B6Hw5BN4O1Z7uW6064eW5ile+na5nYtM7uC0zl1ww 2HGzbgY+NPBXxl8S+Ifh/wDDb4z+MfEutaQnxf8AiLaxaRp1hFbzQw6VIl1FYafcCZ1CQTw24uLm WPdKZWAC7eF6yL/goZ8NJbKXxN/wg/i+Pwfp+rNoup+IX06AaZp92Ls2g81xcl3QvtJeJHCh0BxI SigHv/wu/Zk+Cvwd1a61/wAEaDImrXlqLF72/vrvVLlbJTlbaOW+mmeOEHH7tCqnAyCQK4tf2If2 Zo/BEPw7h8JPFotnqUmrWSpqV+J7C9kVUZ7K4+0edbKQi5jidYzjlTWP8ZP2t9B8Eap4z8F+F/C/ iPxXf+DdOFxrmoaJZxT2miG5gaWE3DSzRu7qmJWSFJGWP5iMjbXl/wAIf2w3sfhD8JdA1XRtf+KH xN8T+FrbXb2z0O3t5biO1J8try6eaW3hiR5MonzZZuABkGgD6d0/9mH4D6b8MNW+DkHhG3k8Ja9M 1zqFrPJNPJdXLFSbiW5lka4acFFIlMm9SoKsCBXL2P7Gf7Oll4N8UeBX8MSX2m+MzbHVpL3Ub67v bn7E4ktc3k073CCBgDGEkUKeRyTnk9W/bm+E1j4M8EeMdJ0bX9ebx5qV1otlptjYo2pQarZq3m2V 1byzRmKUSL5fUqCQxYR/vKun9tb4W6Z4Q8Wa/wCM9K1rwxrngu8stP1Dw5e2sb6y15qYzYxW0VvL LHP9r58lkl2kKxYqqk0AdP4v/Y9/Z88c/wBgS+I/Ds8t34a06PSLS8h1PULa9bTohtFtcXUNwk1x HjORM79WOcsc6/ij9lj4D+LfDPhnwlqHhdLKw8GRtFozabc3Om3NhG67ZEhubOWKYLIB+8G8hzy2 TzXl8v7b/gTRNF8YXfxA8H+JfBut+DNGXxDPomqWtsl/d6U0gh+02nl3LwSKshCOGlRkc7WFbvw9 /bB8H+O/H+i+AdQ8I+JfB8niuyutQ0C+12xjtLTVrayQSTNAVmeRCsbCXbMiHyyCQCQCAey/CX4L /DL4F+HLnwl8KdEXQNIvLyS/lt0mmmVrmVER3zO8jDKxrwCF4zjJJOhoPwr8AeGn8WNpGjxovjm8 lv8AWkleS4jvbiaFLeRnjmZ0CtEiqUUKhA+7knP56/G39uC41/wj4ZvvhHofifR9H8QeLdG03TvF ctlAmk6nD/aKRXUcTGV5ljmiWTy3khQSANtIIGfd/FH7cfw88Oav4n+yeFPE2veFPA962na/4n02 xjm0jTrqIqJ0ZjMs8ot9w88wwvsHPIoA734dfsffs7/CnxPa+MPBHhT7JqWm+eLAz3t5eQ2AuQVm FnBczSRW4cMQ3lIvBI6cVD4R/Y4/Zz8DeMLHxv4a8KfZ7/Sp5LqwhkvryewsbiXO+W1sZZntYXOT hkiBU/dxXOeNf2yPCnhr4haj8LvCngnxR4/1/TtNstYZfD1nb3UD2F6rOsyzSXEa4UKBhsM7OojD /MV8ptv2zdR8efHP4I6X8L9D1fUvAHxF0jUb6eVbW0VnkSWK3DO0s4kjTT3Lm7CDPK+X53SgD3i6 /Y2/ZvvfGc3jq58IK97c6gNWmtftl2NMl1EEN9rfTRN9jabIyWMJyeTk80ePf2Nv2cPiZ4w1Txz4 08JfbtU11I01IJfXtvbXxhTZE9zbQTpBK8a8K7oWHBzkAjvvjR8bPCXwN8OWOu+Jre91O61i+h0v S9M0uAXOoajf3GTHb28RZFLEKzEsyqADkjjPxR+0F+3Lf6X8C/icngzwt4h8IfE7wpaW/nafqVrZ i4023vwVi1TIuJIJrVSPL3xNIyysgaPBzQB9z+GPgx8NfBviTT/F3hrR/seraX4ftPC1tN9ouJPL 0axkMsFtskkZDsck+YymQ9GcjivN5P2Pv2d5PiCPiYfCm3WBqQ1kxLe3i6e2qAhhenTxMLQz5G7e YslvmPzc1P8ADO+8U+A/2dV8QatF4q8S65ZWV1evba/9hk16WVS7CJlt5EtRnH7tRLwhUM+7Nfn9 4M/bT+LV7b/syeLfFGjeIdRl8a2viqLUtK06ytGm8QXNtb2clpcWkUcoRbeNpnw0jwlQkjONoDMA feXiv9jP9m3xt4z1Dx54k8HpcalrEsc+oxpeXcFlfzREFJLuyimS2ncHnMkbbjy2TzVr4hfshfs+ /FHxTd+MvGXhl59S1KOGK/8As1/e2UOoR26hIkvILWeKK4VFUACRW4AU5XiuV0/9tf4USfCvxD8T 9e07WdBm8LauPD99oN5Zr/bI1h9gis4beKR0lkm8xTGVk2kZLFQrY7T4T/tIaF8TfGN/8NtY8L65 4D8YWNhHqq6T4gt4YZ7jTpH8oXUDW808bosmEkG4MjnaV70Ae7PoOiSaG3hh9Pt20drY2ZszEv2c 2xTy/J8rG3y9ny7cYxxjFeB/Dv8AZG/Z++Ffiez8YeDPDDQanpaSx6c11fXt9Fp0c/Ei2MN1NLFb BuQfKVTglfu8VZ+Kf7R2g/DbxpY/DTSPDGu+O/F15YPqr6X4ft4ZprXTkk8r7TcPcTQRoruGSMby zspUDoa+TvGP7Uy+MPGMXijwV4k1XSvAV78KPFmvzR29tENQtL7S7iOJpVgnIUXdriRVjdwhcYJ2 ndQB+gnw5+HXg34S+CtK+Hfw+0/+yvD2iRtFaWvmyz+Uju0hHmTvJI2WYn5mJ59K8v8AiF+yt8C/ il4tm8ceM/D8lxq95BHa3klvf3tlHf28OfLhvIbWeKO5jXOAsqsMfKfl4rzy4/at8OeFdO8B+C9B 0LxL8TPGHiHw3Za6bLS7W2a/TTnjRftt+ZJ4reEyuSNqyNmT5V4waztR/bx+FEWl+A7vw74f8SeJ tR+Ib6tbafpWnaej6jDfaI0S3lndwSzRmGaMy5OSUCozlwu0sAd3f/sbfs533g7w/wCBY/CrWGl+ FJrybSGstQvrW609tQkaW6W3uop1nSKV3JaISeX0AXAAGpqf7JvwA1T4faB8MH8Kra6H4Ume50k2 l1dWt5ZXEhZpJor2GVboSSMxMjGUmQnL7q+Vfin+3Tq83hPwlqfww8IeIbHWR8QtL8LeItLu7KzF /a/vYnmsdstz5Xm30ThbaRGKEbiXiIDV98+NPiL4f+Hnw71P4m+Mln03StHsTfXcbR+ZcRqF3GPZ GWDS5OwKpILcA45oA+O/hf8AsP8AgHR9N+K/w78d+HLe58CeJ/EttrGiW0d7ctcQrb2kMazm5Di4 juBMsjb/ADS7biSx3EH1/Rv2Mv2btC0TxR4fsPCbfZvGtjHp2tvLqN/LPqFvFI8q+dO9w0pk3Of3 oYSYwu7aqqM34fftaaN4y+I+h/DDxL4B8UeAdU8V2dzfaG+v2lvFFqEVoiyTqht7icpKiMHZHAIH XBIB4LwN/wAFAfhr440bw/41TwZ4r0XwN4jvotLg8SahY20emR300nkrFK0d1JKqeb+6MwjMIk+X fwSAD6x8NfC3wH4Q8ReJfFfh7Sxbap4w+xf2rKZZZRc/2fbLaW2UkdkQJCoT5FXd1bLZNeP+DP2N P2bvh/4utPGvhPwetnf6dcyXljE15eTWNjcygh5bSylme2gc56xxrt424xXnF9+3n4BtL3xnJD4G 8XXnh74daxeaL4i12Cwt30/Tp7KYwyyEi586WIYEjGKJ2SNlZ1XOK8r8bfH3WrDUf2mdQ1Lxlqtl 4Y8Jaj4EXRrnRYbW5ubSHWLexeT7Ms7RxulxJN+8LvwjsU5AFAH6CeO/h14N+Jem2GkeNtP/ALSt NM1Cz1W3TzZYdl5YSia3lzC6E7HAO0kqejAjisnX/g58M/FXiu+8beJNBh1PV9S0OXw1cvcNJJFN pE03nyWr25byWVpOSxTf23Y4rwzx9+2Z4F8D+IPFOlWvhXxJ4o0rwGyp4k1nR7GKfTtJcxiVkld5 45JHiQh5hDHJ5anLYORTPHn7ZHhfwvret6P4P8EeJ/iHF4XsrXUdXvdAtLeWzs7a8h+0RfvLi4g8 12hxJsiDYXqQcigDt/hZ+yd8Bfgzr8fij4f+G2tdUtYJLS1mur68vzZ20pBeG1F5NMIEYjkRhc8j pxWhcfswfAi7074haTP4Uia1+Ks4ufEqCe5H9oTKSQ5IlBiIJLDySmGJb7xJr5Vuv2xNZ8VfHnS/ Dvg7TNan+HGu/De58SQ3tpaWfmLLPLAyajmedZBFbRloGjwG89sGN0AkX0Lw1+1h4c0D4cfCrStJ 0/xN8T/F/jfw/Dq1pZ2tpajVprJI08y+vwZ47W3BZgpIlIMh2pu7AH2V4c8PaN4R8PaX4U8OWq2O k6Law2VnboSVht7dBHFGCxJIVFAGSTxya+WtW/YN/ZV13+0YdX8Ftc2OpSy3D2J1PUVsIbidi0s1 tarciG3lYk/vIURhztIyc89eft7/AAit/Dfh/WrXQfEl/qWva3e+Gzoltp6Pq9lrVhEZZLG6tjMu 2U/KqlGdMsCzKgZl6LSfjDd/tJ/D/wCJPgr4fwa58NfiR4TVLeS01SKKC9sb6WIXVhI3lyTRSW8+ 0Zw+Hj3AgAgkA674l/slfAP4u+IG8UeOfDkl1qc9tHZ3c1vqF7ZG+tYfuQ3otZ4hdIvbzg5xxnHF VvH/AOx9+zv8S9Ui1jxR4U23CWcGnSiwvbzTY7qxthiG2uY7OaFJ4kAAVZFbCgKPl4rtP2e/itH8 cPgp4P8AiqLYWc3iGwSW5gH3YbuMmK5jXJJ2pMjqM84AzzXslAHzp8RP2TvgF8UdS0nWfFfhcLf6 LZLpttcadd3elyjT14Fo7WM0JkgAyBG+VAJwBk5j8Vfsk/s/+LtG8NaFe+F/7Pt/B9s1lpL6VeXe lz2trJjzIVns5YpGjfGWVmbJJb7xJr6PooA+bdZ/ZF/Z81rwZ4a8Bt4VGn6X4NMx0dtPu7qxurFr k7p2ju7eZJ90x5lLSEyHl8nmvVPhr8L/AAH8IPCkPgr4caRHo2jwSSTeUjvK8k0zbpJZZZWeWWRz 955GZjxk8Cu+ooA+dNV/ZM/Z+1zUvG2p6x4TS7b4iBDrkMl1dG2upUZGWcW/m+VDOGRWE0SpICMh s5Jd4V/ZS+BHg7RPFWhaT4dkmj8bWEmlaxcXt/e319d2EsbRNbm8uZ5LhI9jkBY5FxwR8wBr6Joo A8Z1D9nv4O6pqHhHVL/w5HNdeBtPl0rSXM9wPK0+eAW8lrMBJi5heIbTHcCRepxuJJ474c/sf/s8 fCjxRaeMfA/hU2mp6Z5/2Az315eQ6eLkFZhZwXM8kVuHBIPlIvBI6cV9L0UAeJy/s6/Byf4V6j8E 5fD+7wXq1xNd3Vh9ruv3k0939ukbzvN85c3Hz4WQAfdAC8Vx/jL9jn9nTx/4wvvG/irwobq/1aaK 51CFL69hsb+eAKI5LuyimS2nZdo/1kbbv4t1fTlFADVVUUIgCqowAOAAKdRRQAUUUUAFFFFABRRR QAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAVlXWh6Ne3sOpXljBPdwY8uV41Z1xyMMRng8j0rVorD EYWlVjy1YqS31V9Vs9ew02tgooorcQVxHhP4c+DPA+q+Jdc8Maf9k1Dxff8A9p6rO00s0lzdeWkI YmV32KsaKqxptjUD5VGTnt6+HfiR8aNW0L4pfFLxVGk13oHwB8HjVZNMiuntk1PVdUhnucTMqsu2 C1tQse5WCtcM+0lVwAevSfssfAt/E8PjKLw7Ja6zb6/P4njuLfUL6Arq10sa3EwWOdVCziJBNFjy pNvzoec83F+xZ+zpa2drZaZ4fvdMSwuby5tnstb1W0mt/wC0PL+1Qwyw3aSR28vlqWt1YRA5IQEk nxbXf23/ABh4YsPCWn+Kfh9pfhvxT45S41DTLPWPFNtZWUWjQxQyLdXt89uVhmkebyltkSViysdw UAna8O/tuzfEbQPCVn8KPBK+IfHfia+1ixm0h9XgisLBtAKLfTPqcUU6Sw5mh8h4om84SAgLggAH rL/sbfs5Dwxp/hCx8KNpmn6Pf3Wp2BsdRv7O4srm+wLk21zBcJPDHKFG6JHWM4HycCuz0P8AZz+C nhtVi0bwrbW8I0Kbw0Yd8rwPpNxM1xNbvE7sj+ZK7O8jKZGLHLHJr5I/Zh/aM8b6h4t/4QX4haPe Lq3jXxv42txHeaj9pbQ49Ejt5hZRnYyyxAyFE2MiADcoIOB6LP8Atea3quuyeAvAPgP+3PGdx4o8 QeH7Kym1NbS0a18OCI3WoXNyYHMKZnjAiWKRiWwGNAH1p4I8F+Hfh14R0nwL4RgktNF0O3S1s4Zb ia6aKCPhE824eSVgo4Xc5woAGAAK830n9mv4G6J8L9W+DGmeEbWLwXrk89zeaaWleOWe5kErybnc yKwdVKFWHl7V8vaFXHyR4o/aA+PV/wDGTwZol94Mn8J6PdeGfFdxrGlzaqIbjz9Mmghe5gmS0fzF iRle1dWCyiYsQjRgNteAf2pPHet+FvBXg34J/D268f6xa+CdD8Raw+seIFt5baLUrfdawSXr2rte XswjdmcxxKx+YkZIUA+jPDn7LPwK8MeHfEfhe18Nf2hZeLraOz1ZtUvLvU7i7toQwihe4vZppgkQ Y+WquAh5XB5rBh/Y2/Z3i8Lan4Rbw3PcWury2M09xPquoz6hv0xzJZeXfSXLXUQt2J8pY5VC5PHJ z3/w2+M2h/FT4Kab8bPCen3lxY6np0t9HYBAb3zYA6y2oTO0zLKjRAZwWHBxzXyTov7fUWm+Kl0P 4r+GNM0C2n0DVdfA0jxHb65f2UekW/2qe21G0jhhNvM0W7YA7qzqUBJBIAPoHUP2P/2eNV8XHxtq HhUz6hJcW97PE99emxury1AENzc2Xn/ZriddozJLEzMeWJPNez+FfAXhPwTd+Ib7wxY/Yp/FWpPq +pN5ssnn30kMUDS4kZgmY4Y12ptX5c7ckk/Cej/Gv46eM/2kPgfZeM/B1x8PvD3iTT/EN/FBBrQv 4tQiFlFJDHewxxQrHPb5DhT5ijf8r7lbHpX7YPiXxZ8FtK0X9prwzrs6WHgaZIdd8Py3ZjstZ0q9 kWJ1jhdhEL+F2D2zgBm5jJYELQB6R47/AGUvgT8SvEmq+KvGPh+a7vNfjij1SOLUb+1tNRFugjhN 5a288cE7RIAqNIjFRjB4GLy/sxfA9NPuNL/4Rwtb3Vv4ftZVa9vWLw+FpPN0lSxnLf6O/Oc5k/5a lxXxr537RvxB/Zi1D48eEvEGp6p4g+Jd/pmqPpXh6+R5NI8LLKBLY6N5pEA1EW27zpsK7zFlHKJS fBLxXdXPifxn4Y+C3xI8VHxC3hW8lg8GfEmO8bVrXWVOLO/hm1AZNvvOyeNHkjywY4G0UAfXGt/s lfs++I/HNx8Q9Y8KifVby8h1G6i+2XaafdX1vjy7m409ZhZzTLj78kLEnk5PNdPrn7PXwb8Sa94z 8T614aiudU+IOkroeuzmadWvNPRDGIiFkAjIU43xhH4X5squPzh+Dviq90Dx58ONK8YfEP4h+A/i Ve31tba3pfj0XN1oXiF3jK3dtpr/ADWMcjyc2jwyIcALsYnFffXx4+OHiP4Taz4D8L+D/B3/AAmW t+PtQudOtLc36aekUlvayXXmSSPFKPLCxneQMquSocgIQC94i/Zi+Cnibw94V8M3uhS2dp4Is/7P 0aTT9QvdPu7Oz2JE0CXVpPFOyOkaBw8jbsZbJ5r0bw78N/A/hHwDB8L/AA1pMWneF7a0eyjsoSyo IJQwdd27eWfcxZy29mJYksSa+L5/2ktT8aHwfZ+JfD+o+E/Eul/EefwjqVlputZtRdwaRcXqyPKt uv22zkiZGETJCfM2sTmPDcP+yZ+098WP+Fb/AAN0z4seEJ5dG+IUf9k2fii41kXt/c6jFbzTrJd2 rRblS4ED+W/nu3ALKM4AB9ZeJv2TfgJ4s0bwtoeqeHZYYPBmmpo2lS2eo39ldQ6bGixC0a6tp455 YSigMkruDyT8xJru/CPwV+F3gLWdO17wb4fh0i80nRk8P2pt2kSOLTI5jcCAQ7vL/wBaS5kK+YST ljk1+Ymm/HPWrnw7D4ni1TxKvh9fg9441mSyk1+R9Qe60/V4oUnW/wDJAW5RN6wT+QWiVgAGAOfo HUf209W0X4gj4V+GfBttrVxo1jocs8WoeI4LDWtRXVLeKbfpdpcQBb/yFfErmaLdIGUAEcgH138U fgz8OfjLp+n2HxB0tr06RcfarG5t7m4sby0nKlC8F1aSRTxllOGCuAw+8DgVw/hf9k/4AeC7TTrH wz4VFlBpMmqTWyi9vZNkmtQLbX7EyTsWM0SKp3Z2n5l2sST8/wDxB/bc8ZeCLj4ia3a/CmXWPBnw t1630TWNSh1eNbuU3It9r2dk1v8AvXU3Kb42lQAFcOcts2Nf+LvxR+Ifhj4n/D7VvDr/AA3+JHgL SLHxRpYs9VOowXKlp7i1SWSKKDKNLaNBdQlWRkYhS4OaAPoXxH+zr8HfFfw68O/CrWdAL+HfCKWi aMkV1dQ3Wn/YYvJt3t7yOVblHSMbd4l3MM7icnOBcfsn/AO58CxfDtvDJTS4NROsxzJe3iaiuqMM NejURMLz7Qw4aQzbmX5SSvFep/DHxvZ/Ez4b+FfiNYR+TbeKNKstUjj3bvLW8gSYITxkruweOoru KAPn62/Zb+Btjb+EoLDw61o/gjUZtW0qeG+vY7mO9uXD3Es1ws4luTOVHnCdpBIAA4I4rpPip8C/ hl8Z20afx/pk1zd+HpJpdPu7S9u9Ou7Y3ChJ1juLKWGUJKgCyJu2sAMjIBHrtFAHzQ/7H/7PS+FN J8G6d4Zk0nTtBvLy/wBObTtRv7K6s7jUG3XRguoJ0njSU8NGriPAACgAATan+yP+z9qfhvw14WHh htPtPCH2j+yptPv72wvbYXbF7kC8tp47l/PYlpd8jeYx3Nlua+kaKAOH8M/DXwJ4O8CQ/DHw1olv Y+FoLeW0XT1UtCYZ93mq24kv5hdi5YksWJYkk14lov7F/wCzloOo6Vqtl4bupLrQUli017nWNUuf sFvPBJbSW9sJrpxDA0UrKYUAj6HblVK/UtFAHlNv8GPh3pdh4FtdI0ZU/wCFYQmLw0r3NwVsh9ja wAY+YTKPs7GMmXzDzu+/g15j+zp8FPEPw/174h/FT4i2+k23jj4m6nDeX8WitLJZW1tZQLb20CSz RxSSN9+WVyi7pJDgYAJ+pKKAPniy/ZQ/Z707w9oPhWy8HQRaV4Z8QDxTp0AnuSINYDM4uMmXcwyx /dOWixgbMKoFPxx+yL+z/wDEfXNc17xh4bmvJPE+06rbx6lqFtY30iRCFJp7OC4jt3mRFASUx71I DBgwDD6TooA+RLL9n7WdU/aO8N/FDxNZaTa+F/hdo9xpXhOO2muLnUpWvo4YpJr6SdAFEEaPHEoe UsZGkZgeD9d0UUAFFFFABRRRQAUUUUAf/9H9/KKKKACiiigAooooAKKKKACiiigAooooAKwPFmiN 4l8Laz4cWU251WyuLQSDOUM8bR7uOeN2a36KAPyf+Ffg7xz8Sv2bP2bPDmiaWJda+D3j3TrbxRam WKF9OXw8l7Z3JcSum5hvicKm52WQMFIyRt6h+zl8YZv2A/G3wUh8PA+NdY1rULy2sPtVqPMhn8Qf bY387zfJGbf58NICPukBuK/SHRvCHhrw7q2t65oenx2V94jnjutRkjyPtM8USwLK6527/LRVLAAk KM5wK6SgD879e8IftBfCLx98ZIvhr8P18faP8XJU1HT71dStbMaZqElktnPFfpdOrtADGJUaEOdp 2Y3EY+U9H/Y2+J3gm4+HHjPxV8Mr34gQp4H07w7q+jaV4mOiahpWp2DsyyrPBe28FzA6tsZRK21s uOB837eUUAfi3rfgD4g/AE/s6/2B8PdPh8W33jjxBq7+GrHVLi4VhdadMrxtqOp3M4kuzbLuaTek LTdFUEseg+MX7Knxw/aIbxn8a9a8LR6Br0+r+F73RvCdxqixT3dh4cW4Esd3f2MvlwT3f2t/KMcm YSiguCd6/q/rXg7wt4i1fRNf1zTIL3UfDk0lzps8q7ntZpY2hd4j2LRsVJ9DXS0Afi7r/wCyb4/8 aeDviXqfhH4Lv4Gv9R8Iy6Lpdvq/im51rWr2+ubhJJkWabU5rCC0VYxjzFDs2GDKMrX2r8V/gz4w 8a/Fz4EarZaef7A8K2Piaz1u5jmhjazGp6QtnBtUuHctJlR5QbbjLYHNfZtFAH5C3vwv/auPwP8A h5+y+PhfFcQeAdd0NrrxJHq1gtle6XpF+kkc1rbvKtwszRqHkSRVwFfBZnVa4LUP2NviF4YvPiL4 FX4PP8QZPFGtajf6N4ik8X3umaKtnqcm8xarptvf28rNBuYP5MZMw4BGCx/beigD45+C3wX8UfDn 9oPxr4in0uO28LXHhTwroumXMUoaOSTSY7iOeNI5JprlFQMmDMSWBHzuQTXzB8FvgT8ffhFP+zfr V54HfU38JQ+K9I1+2h1CxWXTYdd1MTwXeWm8uZFiG9kiZn/hxu4r9ZaKAPkz9qT4cfELxLd/Df4n /C7TIfEOv/DLXv7V/sea4S1/tG0nt5LW4iimlxEk4WQNGZCFyDk9M/I3xr+BHx//AGhrD4w/FG48 Bf8ACLazr/guz8IeH9Bn1Cylv7tY9RXUJ7m6mjlNrF83yRqZiQqnO0nB/WyigDKvbKW80S401SEk nt3iBPQMybecV+Xv7OvwS+POjaz+zVD488CP4fg+Dln4t0jUrltQsbmORb61tUs7qFYZmkKTuJE2 7dybCXCqyk/qvRQB+S/xp/ZF+LHxGh+L19Y6NHNNP8QtD8YaJZS6gLRNatdM0+O2nt/tNvKJbRpN 0io7mNg6qwKjDj1P9mP4E6nofxlufinefCV/hpp9nop063Or+JL7xDrVxczzB51Vv7RubSK0UIMB ozI7YcFRkV+itFAHw98QvDfxj+F37SepfHf4deCJPiPo3ivw3a6LeWFpf2tlfWN5p88ssEqm9kjj e3lWYq4VtysN2COvinjn4KftRfEi4u/FnjrRLK58Q6x8JvGOgTx6fcW8Vvb6tq8qvYaepkmy5EQC PP8A6ospJZQRX6mUUAfj54y/ZP8AHmk+O/A/xJ1P4cX3xI06TwLo3hzVNJ0rxI+g6hpep6aijzVl ivLaK4gbJRlErYbMg4Hzeh/Bn9mD4h+BfiR8EPFkvgqw8N2Wi3XjnUdctrDUp79NOl1yC1hslln1 C7uLi6nlWD99JD+735O1QdzfqBRQB+VPxL+AHxyGu+P/ABv4Z8Jf21LF8VvC/jTTLFb60gk1PTtH toEnEbySBIn3qwAmKE4JAPGftj4+6b8Y/GX7PXiTT/g7K3hn4hanpsZsg80ay207MjTQidSY1l8v fGsqttVyHBwAa9+ooA/Iv4W/s9fFCy/ab+EvxXtfhdrXhnQvDSazb65f+IvFcevatcTX1g8McxVr udFgSUBR5OHcyFmiCqDXlv7PWg/Hf49fsQfD79ni28ADTPC2rXFrJceLX1G1+yrpNlq321jFaK/2 r7WXh8kKUCZ/eeYAeP3GrmvB/g7wt8P/AA1Y+DvBWmQaNommKyW1pbLshiVmLkKvYFmJ+poA/Irw DefHzxZ4J/aW+Cnw7+HSa1p/jXx9420uDxDJqNpb2dgNQuGt7tryCR/tDGFH8yPyo5PMyFwNpz1X jH9kv4v2ngH4++B/C2jHVE8RyfDmDw/K11axtqEHhuDTYb2U+ZMPKMf2aQ4lKlsfJuyM/qX4Z8He FvBqalH4W0yDS11i/udUvBAu3z767bfPO/q8jcse9dLQB+cNtof7UnwE1z4ueGPhP8PYvGcXxF8R XviTQtebUbS3tdOudWiiSaPUreeRJylq8e5fJV/MTCjaeB5l8WvgZ+0d4z+IHjay8f8AhrVfidZ6 xaWlv4ZubPxL/YPhrTn+xrHcSX2mxXUczEXJaQ/JcGRcKAMcfrXRQB+Q3w5+BH7Q/wAPj8MbqfwB Jfn/AIVXf+AtWjj1LT1fSr2S7W4jnkzPsmidYxjyWYjPzYIweu+Hfwe+PfwDvvhD8VtI8Ct4wvNL +HFn4I8R6FbX9nBf2MtrMLuO4t5ZpVtp18wtHIqyjjaylh0/UuigD8rvBH7NfxqHxc8GfGbxV4ct 9Nu9Z+IOs+KtZ0+3vIJk0awuNIaws45H3KtxOXUNK0AYFnz0BI+i/Dmi6t8H/jX+0b8d/H9uumeC tUsPD17aXzTRMJotF06Zbw+WjmRDGxCjeq7s/LuFfY1c34t8IeGvHmgXPhXxhp8eq6ReGJp7WbJi l8mRZUDgEbl3opKng4wQQSKAPmr9hHwb4j8Dfso+AtI8XQNaavew3eqzwMCphOrXk9+sZU/dKJOo K8YOcgHNfXNFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFF FABRRRQAUUUUAFFFFABRRXMWXjXwpqXivU/A1jqsE+v6NBBc3lkr5nghut3ku69lfa2098UAdPRR RQAV8K/Ez4Oa1rnxb+J/hKHzrPw9+0B4L/smTVYrZrqPTNW0uKe3DTopQYmtboNGWdAzW5TcCVz9 1UUAfIfxV/ZcuvGup+AvGXhDxFaaP4r8CafJpSzalpKatp9/YzpGJIrizeaIgh4leN0lBQkj5sjH Pt+yP4l0mw8GeIfB/wAQjY/EXwdd6tcjWbjSopbG7i1rb9qtZNNhlgVIAI4hCqTAxeWDliSa+3KK APz50H9i3x94Sg0XxJ4e+KiyeP8ARfE2u+Iv7WvdEWa1uf8AhI4UivbeayS7Q4ygaNkmXbwNuOan 0H9i7xl4P+weLvDHxPx8RNN8Qa7rg1m70dJbW5TxGsP2+0uLFLiPKM8CPG0cqGPAAHr9/wBFAHxH ffsn+ObrVvCnih/ilc6j4g0uDxDaaxd6nYm8W/tfEUkUk0NrF9pQWKQeSiQIjOiKMbSck5Wi/sge Pvhyvh+/+C/xPTwxrFt4T0jwnrM9zoy38Gox6NEYra9igNzGbe4QO+0GSVMEAg4Jb7e0jWtH8QWI 1PQb6DUrMySxCa2lWaMyQSNDKm9CRujkRkcZyrKVPIIrToA8A0L9nrwz4a/Zvf8AZr0XUby30h9D utF+3hx9szeRyLNc7hgeYzyNJ6ZOOlfLmj/sA3Fxe+GoPHHi7Srjw94c0fWNAOl6H4bi0VLuy1iw axmmllS6mb7YRskMpBQFSFjUsXr7+13xh4Z8M3+i6VrmoR2l74iujZafC2TJc3AjeZkjVQSdscbO xxhVBJIFdJQB8S/D79lv4naB8Svh546+IHxUXxZY/DHT77S9KsU0VbJ5IL23W3MtzOt1J5k4WNAX EYVgvCqWYn13x78Dj8S/i14Q8ceMNb+1+FvBG69sPDottsT63nEWoXM5kIl+zxkiCLyl2OTJvJ4r 1jxf4x8LeAfD9x4q8Z6nBo+kWjQpLdXLbIka4lWCIFj03yOqD3IrpaAPhu5/YwmsLXxLongLx9d+ FNCutet/FXhu0tbRH/4R3W49xuGhLy+XNZXLOxezaNUXc21hk1d/4ZR8WfEHXrnxH+0X8QR4xuY9 C1PQNOi0jS00OOyg1dUS7uQwmuZHuWWNNhLhIyDhCTmvteigD4ft/wBlz4veIX8KeHPi78Xh4u8G eD9SsNUgs49ChsdQvZ9LcSWi3l8J5Qyo6qXMcMbS4OSMmvoHx98Kf+E4+Inw18ff2p9i/wCFeahf 332byPM+2fbtPnsdnmb18rZ52/O187duBncO68NeMfC3jJNSk8LanBqi6Pf3Ol3hgbd5F9aNsngf 0eNuGHauloA+O5/2TfO8WyeKf+Eqx5nxCfx35P2Hpv0f+yfsW7z+3+t87H+x5f8AFVzw3+yz/wAI /wDDn4H+AP8AhJ/tH/CmtSttR+0/Ytn9pfZrO6tPL8vzz5G77Tv3bpMbcYOcj64rw3Rv2l/gJ4i8 bTfDrQvHGm3/AIit73+zZLWGUvtvdkr/AGcyAeX5hEEuF3ZJRgORigD5t0/9hT7D4L/4RD/hN9// ABQfiXwR5/8AZuP+Rhvlvftmz7Sf9Rt2eVu+f73mJ0qf4wfsV+IvizaT+Fr7x5aP4U1CzsLWW21H QYtRvtOayiSJ5dGvJLhTZNOE3NlJQjksvXFffE00NtDJcXEixRRKXd3IVVVRkkk8AAdTXI2XxF8C alrWleHdN16zu9R13Tjq9hDDMshutPBQfaYSpIeLMiYdSQdwx1oA+bdc/ZLTV/hz8Vfh9H4qaFfi Z4jttfFy9mZWshbDTwICpnBnLfYeZCyf6z7p2/NF8dPh34l8OXXxN+LXgpp9b8R+PfDOneD9M0qC 2b9xeNPcxRXclwrNiFGvfMlLIqxxxMxY5wPsqigDiPhn4KtPht8OPC3w8sHElv4Y0uy0yNwNu9bO BIQ2P9rbmu3oooAKKKKACiiigAoorMfWtHj1mLw699Auqz28l1HaGVRcPbxOkckqxZ3mNXkRWYDA LKCckUAadFFc14a8Y+FvGSalJ4W1ODU10e/uNLvDA27yL60bbPA/o8bcMO1AHS0UUUAFFFFABRRR QAUUUUAFFFFAH//S/fyiiigAooooAKKKKACiiigArzzWfix8OvD/AIij8KazrsFrqkhUeU24hS/K h3ClEJBBwzDgg16HXxL8Q/2Wdf8AFvxEvfEenavbQ6Xqk3nzebvNxEW++EUKVf8A2csvoemTtRjF v33Y4MwrV4RToR5nc+2qKht4FtreK2QkrEqoCxySFGOT61NWJ3hWVrs8tromoXMDbJYreV0YdQyo SD+BrVrM1u3mvNGv7S3XfLPbyogyBlmQgDJ460Afi/8As7fELTvir8MvB+s+Ov2yNT0Lxt4hjVbj Ro77RY5YrqSVo0hWGW2aXc3y4U5JJr9NNM/aE8G3Hhv4pa4trqMkHwdnvbPVy8cIluZNOskvZWtg Jdrho3AXeY8vkEAc151+x/8AAO3+Gv7O3gDwt8SfB2nWXjDRbPbe74bS5mjnEzup+0ReYrMAVIZX OPXivnjxv8Pf2mvCc37RXw48AfDhfFWmfGWe8vtL1watZ2ltZnUdNjsriO5hncTb4imY9qMrkjJV dxAB3J/bE8Q3X7Rnh/RdP8L63N8O9U+HLeLCEtrHzd1xJbTpeSO1yGEMELNbuinPnvwroBIv0Q/7 TXgRPh58LfiUbDUv7M+Leo6RpmlR+VD58E2tRtJA10vnbVRQp8wxtIQfuhutfKdl8EPjR4f8cfC6 8j8Jtf6bdfCVfh7rc8V7aI2i3zm3kaeVGkBniQxsv7jeSckfw7vPfD/w3/av1nwT+z18HNc+FY0T T/g74n8P3eraw2s2E0V5a6QHgWW0hSTzChifzXDhXBARVY5AAPp62/bt+GU3iHxtYXPhjxLZ+Hfh 1eavp+veJJrGL+xrO70dnV4TMk7O7zbB5KpGXYyRKVVnwOs+Gv7Wvhrx74z0LwNr/gzxL4B1Dxda z3mgN4hs4bePVobZBJMsBhnmKypGfMMUoRtmGGelfP8Affsp/ETxv+zP+0R8HtTgi0HV/iH438Ra 7o8ks0bxT282oRXljJI0DOY1n8kKwYb0U/MnG0878C/2ePEsnxd8DeMda+CT/D6PwfHdT3+oaz4u 1DxBM99JD5KLpMKanNEiNvYySXMTAp8gUMN1AHsv7VWqfETUvjf8BvhJ4J8b6l4GsfHVz4jTUbrS hAbh107ThdwgfaIpU4dCD8vRj3xjH0zWfjZ+zl8fPAHw+8e+P7j4leA/ig97p1tPqlrbW+paVqtp AbmL97bRxrPDOiFMMoKtyMDhuj/ak8J/GB/jL8D/AIufCnwNL49j+H9z4gk1Cyh1Gy06Tbqenizh IkvZY1PzMWO0NwuDjIrF0bwV8f8A48/HnwJ8UPjJ4Kt/hp4T+GH2670/Sm1S31a/1HU72H7Ossr2 oMMUUEZJVQxYv6g/KAfIfwr8beNPFv7OL/G7xb+1hf8AhHxTGuszf2dcyaPJawvp95cw26NaSwec 4kSFDs3bn3fLnIFfXnw+/bLvZPhN8J5fFHhHV/FPxQ+IGhDVjoegWsRm+zQ4R7+X7RNDFb28pKlC 0nJcKoPal+yH+xz4A8GfBLw7bfGz4VeHX+IFtdarLeXF7p+naheYl1K5ltma6RZdx+ztFtw5Krhe CMDr/it4N+KvgP8AaU0b9oz4aeDz490248Kv4U1TSbW7trK+tkjvDfW91bm7eKGRSzNHJHvVgNrD djgA8N+OX7TyfFLw/wDCuT4X+NNV+GEGs+OZfDPiZp47ez1LSpba1mee1uluBNDG6MEOcspyMMat eDPiP4y+Hf7Vfw4+EXhr41yfGnw/44tNXfV7O6XT7m60YWFv51vd/abBI9iSyfutkuAecBmI28XN +yN8T/G2t+HPGXxI8E6dcL4r+KE3izxDoLz2t5a6bo/9ntZwxXHmMIrqXKhpfJV9zPkDAJH6Y+B/ hF8KPhi08nw38F6L4Ve6ULM2ladbWLSqDkBzAiFgDzzmgDgfjr+0X4V+Ac3hOy1/RNY1++8a30mm 6ba6LbR3M8l0kRkWMrJLFjzMBVOSATlyqAsPJ9Z/bs+GPhbwhr/iLxl4b8RaJq3hTVtN0jV9Bms4 H1W1l1bm0mEcVw0c0EoDFHikcsFO1ScA8j+2lrPi7w/8Wv2c9Z8C6CvifWrXxLqbQ6aZ47Y3KHS5 hMiSzERpJ5RcxlyF3hQSByPJPGvwA+PHxe8U618aNa8GjQb7X/FPgb7NoEl9aS3Nronhy6ae6u7u VJfs7SSeazCKN3dVXaNzGgD6Rf8AbP057jSfDen/AAs8a3vjXUrSbUZvDaWNqmpWGnwztbi6u/Nu khjSV0YQjzC8nBCgEE6cv7a3wkuPh34Y8deG7LWPEGoeMNQn0jTfD1lZg62+pWmftVtLbySIkLWw UmZnkCKuGDEMpPN+N/DHxh+FP7S+s/HL4d+CH+I2heNdBsdKv7K0vrSyv7C802WVoZV+2yRRPbyp LtcK+5WG4jA58A8Pfs1/Hn4bXXgj9oLT/DVnrnjXT/F3izxLrPhS0voohHa+L444ZILS7mKQNPaL DGeSqSEuA/QsAbH7R/7berT/AAK8Z2vwu0LxJ4S+Iuh6lpOkapa3VpZi/wBDGp3EIjuHV7h4nS6i Z0tZIjIC7KW2D5h3vhz9rjRvhpolz4In8JfETxw3gK3tj4m1e7tbC8vdNlv1+1LFe/Z7iMTSwxyD zBbRyKiADLEGvJfiN+z78efjFZfFb4q3/gtPD2veNrzwZaaV4fN/aSXceneH9Siurm6vJ0lFr5rq WZUWRmVU2ZZiMn7TPwD+LHin4o+MvFPgr4Wzv4r1OGFPDPjbwn4gHh+5gZLdUC63DNdjz/IkHDxx MZIlWMbT0AP1C1bxf4b0HwheePdZvks9A0+xfUri7lDKkVpFGZnlYY3AKgJIxn2zXzH4L/bO8BeJ 9X0ex8ReGPEXgbTvE9jdalouqa/Zw21jqNpZQ/aZnjeOeV4iIcyqsyRloxuHXFd78RvhT4u+J37M Ws/BzxHrMUnirXfDJ0u61JVKwSak1sEecqoBETzAsQBnaSMdq+c7ax/as+MPgy2+BHizwHD8NvDk vhnUdF8R6vcXtpqK3ss9g1lANMjtZjIiGRvOZ5VUhB5eN3NAHeeFP24fAPiPVPCraj4Q8T+G/C3j y9TT/D3iTVbGKDS9RuZt32dFKzvPF9pCkwGWJBIOeK7Cf9rX4dW/7P8Aq37Rz6bqp8N6Pez2EtuI YPtzSwal/ZbFE8/yypm+YEyg7OcBvlr5ah+HH7SXxO+H/wAJv2ePHPw2h8Laf8P9U0GfWPEh1S0u bK5tfDpUxnTYYXN0JbsRqMyRx+UGIbOePLPF3wb/AGs4f2c/Gn7Jvhz4YLqUF14hutQtfEf9sWEV rc6bNrA1RRHBJIsy3Df6spIqqoy2/O0EA+no/wBpcfDP4u/tDTfEnUb3UvD/AIV1Xwnp2g6VZwrc XUl1q+lxSfZLOJdrSS3E7FgrN6nIUHB8Kf2hvGXxN/bK1HwBfaNrvgzSNL8CLe3Gg63BBE41BtTV Vu42gkmSRGgcIGWUjIZSAymvOvih+zb8Z9c+K3xS+KPhXRoLi5s/Gngjxf4ct7i7hii1oeH9LFpd 2xdXY25JeRUaZFG8Kw+X5h6n8K9H+OfjL9rm/wDjh8QPh3J4E8MDwT/wj9mtzqFjeXb3K6il03nL aTSbNwL7MblCrksGbaACv8cf2gfF3wo/az8DeDtO03WfFWleIfC2qSR6Bo0MEs1zqMV1CY5mM7xJ GsUKylnaVVA7EkCuuk/bg+E58CWHiqz0nXbzX9R1ufw3F4UislPiAazajfcWj2xlEaGFCJJHMvlh Cp3ZIB5742+HvjT4f/al8F/HD4d/D9vHeg6L4Y1LSdQihv7K0uke7uoZE+zLdSx7pAEyc7VKbxv3 lVb5F8ZfscfGjxVPYfH/AMSeD01fxJceM9Y8Qah4Js9cbTp10rVbO3sUhj1S2lhj+2QLbJI7LIqS bmXcRlWAP0z+Dfx58OfGO48RaFDpGp+FvFHhGaGDWNE1mGOG+tDcp5lvIfJklieKZAWjkRyGAPSu X+Jn7T/h34f+N7j4c6H4S8Q+PfEGmWKanqlt4etIbj+zbKUkRvcNPPAu+QKxjiQvI4UkLjBPmv7I 3wV1DwB4k8c+PdQ+HifDqHxH9htrGzudavdc1iW2tEYmS/uJr67th87nyo4QCi5Ds3FUPEuhfHT4 K/tCfEb4rfDf4fP8TNG+J+n6OPKttRtLC403UtGhktkSUXkkYa2mRw5eMsUYNlOckA1dT/bu+Gze IvC3hbwH4U8UePtR8XaBaeJrNNCsIp9umXVxLbM83mzxGJoJISsqsAAzKoJJIUvf27/hjaXeo6sn hnxJcfD/AEfU/wCyL3xpFZRHQILoTC3ZvMMwneBJT5bTpCyBsckENUfwn+GXxyt/2lNO+LvxctbO 4uJ/hnY6LqOoWBijthrI1a4vJrWGEyNNsjidB5hXY+M5z8o+ENC/Yh8f+GPCuofA29+Do8W3H9pz LZ+LLzxdqEHh+bS7i7M3m3mkWuo20wmjifaYoowHcb97YLMAfoL8Rf20fDHgTV/FtrpngLxX4u0j wA23xBrGkWdu+n2BWITyjfPcQvK0MbBpfLRgg5JrkpP2rdYuP2rtB8Eadpl/P8NNT8Bt4j+3rDaJ b4nnt5E1SSaWZZktIIGaJxtDiVz+7dQHX5j+MP7OX7QvjW/+KfhjxF4M1jx9Prcl3B4O1H/hK/7O 8NaTpb24itkl01bpJHubc5J8yGUTPguwG5q9Ab9n/wCNLap8ObO78JSnTtb+Db/DTX54r6zEug3t wIDJcyL53+kRpsYD7Ozk9scAgH0H4O/bg+H3i7VvDRn8J+JtA8K+Nr5dM0DxLqdjFBpWpXcm7yEQ iZp4xcbT5DSwoJPY8V4F+1F+3JKnwX8Xan8GdF8TWtvbajb6TYeM4bOA6M17BqEUVykcjStKYyqy QrMYPLZ/kDZIJ8q+En7I3ju0Pw48DeKvgmun33gzUbCTVfE2oeMNRv8ASJ4NM5S503TbfUo3S5lZ FMaSQLFCT8yFTtGp4r+DX7VOh/sr6n+xl4W+GS+ILayvyLLxMurWENpc6UNVGooxgnlSdbvH7tkZ dnBcSE4BAP0N/ap+JXiT4Rfs+eO/iB4Q0+6v9Z0rSbyS1a1SGT7LMIHKXcqzuimGBgJJANzbQcIx 4r5j+D/7RN58Nfhl4G8M+JdP8d/Er4l+OrSXWl0q6i0+bVI7VFjSW5JimitbfTzJzb+ZKZDv2kbs hfrP9pLwj4h8f/s+fEnwP4StPt2t6/4d1SxsrfzEi825uLZ44k3ysqLuYgZZgo7kCvl6/wDhz8aP hP8AFH4ffHLwf4MbxwLfwDa+C9d0a2vbW1v7N7aVbuO5t3uZEt5l8wvHIokBxtZdw6AHT6n+358J rLwvoOuWPh3xLqmq69rV74b/ALCtrCNtXs9bsY/Mksbq3aZdkhyqgozr8wJYKGYd98efjd4r8F/s o+Jfjb4V8N6np2uw6HJfW1he28H2zTpXjJWS8gabYBbk75lDuQAQFY/LXyp4H/Zq+NP/AAt7wZ8Z /Fnhu20671j4ga14p1nT7e8gmTRrG40g2NnHI+5VuJzIoaRoAw3PnoCR90ftIeB9d+JfwB+Inw+8 LokuseIdB1Gxs0kcRo9xPA6xqXbhQzEDJ4GcnigDxez/AGubfSvCPw706/8ABXiXX/iJ4z0k6ivh 6ytrNtRS2tsRy31yRcrawW8r4aImXLb1UKG3Kvm/iT9rvR/F/i34Na94Q1m68K6FL4n13SPF2n6t HHZ3FjJpelz3EttqCuXWIwsqyEq5XGDuIzWVonhj9obwb46+H37RVn8LLjUr5fBI8E6/4ZTVNPXU bL7Fdm4tr23naYWsySkHfGJVdVZTgkEDyLV/2IvHnxe8QaHr3xl8JQxab418fat4l8R6TZ6jHjSd Nk0v7JZRvNHInnzmWNWla3DAl+RtBoA+0JP2z/htF8L4vi2+g+IP7G1jVo9H8OQ/YY/t3iW4mJED aXbed5jRzbWMbTiHco3YxgnE1H9uj4a+F/B3jXxJ8QvDXiHwlqnw/XTJtV0PULWAaiLTVrmO0t7u 3Edw8M8HmSYdklLLtIK7tqt8seOf2Zf2jfFnwg8L/D3xZoP/AAmF18D/ABRDNo8h1dNNfxb4aWJ4 kRbm3nSayvoYisZeXy1yoYM+WJ57xF+yR8QfFvw9+Jeo+EPhB/whmoa7a+HdO0ux1LxJcazrd3Da 61a3961xcXWpT2MMEaQ7oo1/eE7vnBbYwB9zeDv2xfBWv+J9T8J+MfCfiT4eXljodz4kgPiKxjt1 u9JsyBPNEIZpmDRZBaJwsgUg7eoEnwo/a50H4p+I/DehnwH4p8MWnjW0lv8AQNT1WygFjqNvDGJi RJbXE5hZozvRZlTcuMHJC1U+LHws+IXib9pDwl4+8M6XZ3OkaZ4Q8S6VLcagY5bNL7UDb/ZYri2E iTSwuUbzAgxtBBZSRXyh+z38A/jX4K+MngjVvCnw91D4OaFpwuW8ZWqeI01Hw1qjvblVXTdN+0XE kZaciRGbyxCuV+ZhhgD7v+Ov7RfhP4BS+FbTxHous69eeMrybT9OtdFtUvLiS6ihMqx+W0kZzJgI pGQGILlUDOPMbX9uH4YQ+EvFmu+LNB1/wzrng3UbHSbzw5e2cbazLf6ooawhtYYJZI5jdDJixIAQ CxwozXV/HH4ceMPGXxk+Bfirw/pwvNK8G67qN7qsxliT7NBPps0ET7JHVnzKyriMMRnJAAJr5Z+L /wCzV8avEPxn+JHxb8H6Lb3U2neJvAXirw9b3N3DDFrT+HbK5t721Lhma3bE5CPMiqXCkHblgAez a5+2VB/wi3xC0mLwR4i8L/Efwn4dn1+20LV7a1Fzc2fMaXsBjunglghkx5480OoVgFZhg+rfs6fF XxR8Qv2avCPxQ8WaJqR1y50C0vLmKSK2juNSnFokj3FrHDKYgl0xLQBjGcMAyx9B86ah8L/jP8fP iX4j+Kfi/wAEj4d21p4D1jwppFjfX1rdX15faucvPM1k8sUdvFt2IrOWJYvgDgfSH7KNl480L9n3 wR4P+JXheXwjrnhPSrLRZraW6trvzRpttHbi5SS1eRAkpQsqk7h37EgGXaftY/DPUvhd8OvitpNt qN/Y/FDUrLSNIsoYoTe/bLx3Ro5kaYRp9mMUhnIkYIEbBbjPn17+3f8ADG0u9R1ZPDPiS4+H+j6n /ZF740isojoEF0Jhbs3mGYTvAkp8tp0hZA2OSCGr53/Z6+E94/7aXjfQLa9h1D4cfBzUNQ1rQ44W 3Jbav4zghlltjj5MWiLc7FGSnnAkgtivFNC/Yh8f+GPCuofA29+Do8W3H9pzLZ+LLzxdqEHh+bS7 i7M3m3mkWuo20wmjifaYoowHcb97YLMAff37Pnx98d/E749/Gf4f+I/D+pWOi+EL+2h0yeeG0jt7 eMW8JaKR4p3lea5aQ3ER2svkgZKP8h+0q+Mfgf4D+I/w2/aN+L8Wp+Fn/wCEL8ZSabqema7HeQPF vs7C2smtJLdpDdB8o7BypXC8tkgn7OoAKKKKACiiigAooooAKKKKACiiigD5/wDj58ZNQ+Eum6WN HsYru/1V5QjT7jDGkAXcSEKkk7xgbh3NdL8FviVN8U/Bn/CQ3dotndQXD2s6ISYy6Kr7kzztIccE nByMnrXX+MPA3hTx7pyaV4s09L+3jfegLMjI3TKuhVh74PPer/hzw1oXhHSIdC8OWaWNjBnZGmTy eSSWJZie5JJNbOUeS1tTgjRr/WHNy9y2xu0UUVid4V+Rfxu8eeK/hh8Zf2rviB4Gvv7M1/Q/Afhq 4s7nyo5vKlV7gBvLmV4269GUj2r9dK+YviD+yh8O/iRqfxK1XXNR1WCb4paNY6HqYtpoFWG2sC7R vbB4HKyHedxcyKeMKO4B896Z42/aC+Dfxo+Flh8T/iH/AMJ1ovxO0rXrrUbD+yrSyj0260mxW/X7 A1uolaMgmLbK7kgbiSzfLS+GHjD9p/xP8K/Cf7Vmo/EfT30vXW/tXUfCVxZW0GmxaK5kZbayu44W u2vlTbsaRysj/IwAAJ+0fEPwW8KeJvHPw+8f6jcXYv8A4bJqMenxI8f2eZdTtRZzfaVaMs+Ixldj JhuuRxXhGgfsM/DTQNX0SJPEniK+8FeGdTOsaV4QuryGXQrO93tIhSMwCdo4ncvFE8zKrc4I4oA+ YJfi7+1F4Y/Z08Ofts6t4/j1ey1O502/1Dwamm2aaamj6peR2yW9tcLH9s+0xLMjeY0rZbKlGAwd jWviB+07rN5+0x8Q9K+KDaJ4b+DcmvRaTpMWkafMZ5LfRftUQluJYi22CZo5EyrFjvVyVIC/Qmj/ ALC3w00mXTdFPifxLe+AtE1FdVsPB9xfxvodvcpKZo1CCEXLwRynekMk7IGGSCOK6P4jfAS10H4L ftB2Hw+W91bXvirYa7fNazPE27UrzSzZxw2+1I9qN5aAB2Y7ictjgAHzOPin+0P8DvCnwa+NHxK8 ft4+0v4k3FlYazoY02ztY7WXU7CW8t5NOltokl/cmLZIJWcSAlsJ/DzEvxd/ai8Mfs6eHP22dW8f x6vZanc6bf6h4NTTbNNNTR9UvI7ZLe2uFj+2faYlmRvMaVstlSjAYP0T8BP2O9F8K6H8N9e+IXiD xF4kvPB2lW/9naFrd3Dcado15NarFP5MUcKM7RBniiM0koiQ7UxgGtPR/wBhb4aaTLpuinxP4lvf AWiaiuq2Hg+4v430O3uUlM0ahBCLl4I5TvSGSdkDDJBHFAHkOh+Ov2iPEfxC+Ovjaf4rWXhzwV8J dY1GzstNv9OtRYyhNNSdft14sZuEt4JHjkzGDKw8xdxyu3xXwH+0H8a7r4pfCzQ7H4o+I/Fek/Eo 3emahf3/AIRh0jSIrp7GSaG60We4tIHl8mRQypIkiugBkBziv0eT9mr4cPoHxS8MakbzUdN+L17c 32sxTyp8kl1bR2rLbGONDGqrErJuLsH53dAPMNG/Yo8L2XijwR4v8QfEPxh4m1D4dXcdxoY1K+tX htYUjaJrYxR2kaOkqFRJIw847F2yKMggH5ufCv4u/Fz4Pfs1/Bf4feDPE+ry3PxS1/xSBdWGhQax f6TYaNf3TXSafZQwZnmupG8wtMJBEC5UBFGz9EP2RPib8ZPFXiLx14L+Jdn4jv8AQ9DayuNB8QeJ PD0nh+9vYblGFxbTQ+TDC720igB41BdWBYA06H9gv4ZWvhVPClj4r8T2kek61Nrvh66gvoY7vw7c 3LySTx6dKtvkQzNK3mRzCUNwT8w3V7h8HfgL4a+Dt14g1631bVPFHifxZLBLq2ta1Ok99dfZo/Lh jzFHFGkUS52RoigZPWgDxWyvo/F37eXiJ9TkDWvwv8EWiWMUzBY4rvXrmWS6uVyOCYLaKIsOi5He vhmf9qv40aZd+EfiDpHxR1PxtHf+KbLTdUtrDwr5Hgn7Fe332cwWerXFrBO8iKRslEjl2B6qMn9C vGnwz1jRf2odA+Lui6U2saB420Sbwh4ngRd32dI2e7sb1l/ijLeZbSn+ESIegOPPm/4J8/D6bw1p Hge8+IHjO48L+GLu2vdC0ttQtfs2lzWswmjaIfZMzbcMii4MoVHYKA2HABqf8FIftv8Awxr46/s3 b9r+06B5O/7vmf23Y7N3tnGa5fSPFvx3+Cv7QFn8OviR8SoPHWieKPCOr62k+p2FrpcWm6hpDxF2 8y0RStmySfMH3soGc5BLfXfxm+Evhz45fDnUvhj4tubu00vVJbKaWSxeOO4DWN3FeRhWljlQAyQq GyhypIGDgjE8f/ALwJ8S/G9j448Vm6uJrLQ9W8PNZq6LaT2OtKi3QlXYZC22MBSsigAnIPGAD8v/ AAn+098ZrLxt8Iddg+Jes+PdO8b+JtP0LWRJ4TGl+E2j1IyADStQmtba4keIrmMlmMigu5AG1ur8 G/Hz4/aD8YdC0f46+OdV8Ca3qfid7CbQ9Z8Nwr4Uv9PlnkSCDSNXtYmkM5j2FJJpgGfKvkAbvpuw /YP8FQt4Ji1j4heMtasfhtqGn3/huzu7+1Ntpx011aGMRpaKJl2r5RM29xH8qMmSTe0/9hf4cWGp aZa/8JT4ln8EaLrA12x8ISXsJ0O3vlna5TaggFwYUmbesJmKBuoIJFAHw1osn7Qfgj4cftMfHD4a /Ef/AIR3T/A/xE8X31voR0y0urbUDbXYkuftc8yNMBIh2IsTJt27s5bK/o3+0Z8ctb+FP7LeufG3 wzZRTaxHp9g9lFPkwx3OqTQW0TSYIJSJ5w7DIyFIyOtah/Zg8An4ZfEv4U/b9T/sn4qanrOq6pL5 sP2mGfXG3XC2zeTsVFP+rDpIR/EWr0jxT8KvBfjf4X3fwf8AFtmdU8NX2nrps8UrYd4UQKrb02lZ FKhlZcFWAYYIFAHxbq95+0j8Ffih8N/Anir4qXHjbTfiyup6Nc3Umlada3Oi6tFZPcQXunpDCFeI MrZiuFkRQoLE5Ir5a+G/gPW7T/gmb438Y3Pie4vb/SrzWPEekNJb2kDaZqXh/WbqZZ4ZYYkkeSd4 AX81nxkxptT5a/RX4efso+G/BXjXQ/H/AIj8ZeJviBq3hO2ntNCPiK9huI9LiuUEUrQrBBBumeMe W0su9yvGe9eafFH9nS60X9nbS/2TfhSmoXekeMtYmt9T1S6aOR9N0q9vJdU1KZ3jSJCzZa3gTbkm RM5wzUAev/Gq/vvH37Jfi3XNH1CXQ5tZ8JXF+s0UcckiJJZmd4tkyuuJEzGxI3AMSpDAEfml8K/A nxX1fx3+zL4f8KfEi60W+v8A4Rtcy6sdPsZrm002T7C6WVtG0Qh/dsY41llR5NgYsWfDD9ndU8Ja Fq/hC78C3Nvt0W9sZNNeGMlcWskRhKKRyPkOAe1fPPwh/ZL8IfB/XfC3iKy8U+IPEN34O0W68Pab /a1xbSpFplxJDIsJ8m2iYiEQIsXzDCkgg8bQD4C1r9rf9oPR9E0f4K3Gu3d74ul8feJ/C114m0fQ E1PU5dM8OQwXJlt9KhRoWupkuUUkRlUVWbaSC4+xP2RPib8ZPFXiLx14L+Jdn4jv9D0NrK40HxB4 k8PSeH729huUYXFtND5MMLvbSKAHjUF1YFgDXR+IP2Kfhbr1hqyx6trml6zf+LL3xpaazY3cUGo6 Xql/HHFOLOVYdogZIwpjlSTI+8SQpX0/4O/AXw18HbrxBr1vq2qeKPE/iyWCXVta1qdJ766+zR+X DHmKOKNIolzsjRFAyetAHyP+0j8WvHkHxov/AId+FfifqugjT9KtZ7bQ/Bfho+I9aa7nLt5+pNLa ywW8OAvlRiVC65ZiowTxHwu/aM+Ov7Qfg34A+CNL8Tx+EPEHxB0nXdW8Qa7a2NvNc+Rodz9jWO0g nR7dJblyGkYofLAyigcV9c+N/wBlHw34t+ImvfEjRPGXiXwXfeL7a1tNfh0K8gtodUiskMUHmmSC WWN1jYxiSF43CcAg81zFl+w98NNB+H/gjwR4O8Q+IPDt78N59Rm8P65Z3UA1Syj1SV5bm2LtbmKW 3cvtKSxMSqrls5JAPJtQ8U/tPL8SvCH7Ll/8StPi1XV5dd1K68V6dZW8mpHRNOWAWtu9pLD9jhvp HnPmlEZVRVdRliK4343/ABr/AGk/g3beB/gpqfi5dc8S+MvEGrQL4k8O6KNW1mPQ9Mt47kK+kRQ+ SNQfzQrbEaNYwZNvUr9DR/sN/DWy0fS30TxJ4i0zxppOp32sJ4vhvITrs97qaLHdtcSPA0EscyIi NEYdoVFCgckyz/sN/CmbwTZ+HBrWvw+I7LW5vEkfi2K9RPEP9r3KhJrlrkReWfMjCxtGYvL2Ko25 ANAHydH8bf2zpPAfjzw94W0nxdq8ehanokun+I9R8Jrp3iCbRLssNTS3064ihtLq8tSiiLCfOjlm UEAjZ8LfHb47eI/gx8WLX4O+OL34g+M/Dc2lGxsdU0CPTfFmk21w4F6LiweK3tbqVYw7220EMwKs WbCV9On9iL4Y3nh3WrPX9e8Qax4p13U9P1ibxVcXsY1yK/0obbKW3mjhWGEQKWVEWLaFdgQc8Nh/ Yi+Gt9oni618c+IfEHi/X/Gn9nm81/ULuJdTtzpMnm2X2N7eGKK38iTLrtjyxJ3lhxQBxX7Hfxj1 zxv4x8WeDNe+Iuo+KJdNtLW6TR/FGhLoPibTHZmSbzo4YYYJrdm27WTcyN8rHBXPmfxs1DxR8P8A 9uLWvira+JLxrPwp8ItX8QHTI7e0KT2um3sRfT/MaFpBHPKomaQN5qt8quI8rX1/8Jv2btD+GPjX Uvibq3inXfHfjDUtPi0g6rr9xDLNBp0MpmW2hS2hgjVDId7kqWZuc8kVc+IP7OfhH4ifFLQ/izf6 rqen6npWm3Gi3VraSwiy1XSrqQSy2V9FLFIXhZxkhGQnuehAB8Yr8Qf2nvhl4A+En7RXiz4iL4ws PH+qaDBrfhv+zLO2sbWz8RFREdOmhQXRltTIijfI/m8s3SvFPgn8ZvH03x68X/s2eD9Sl+H1p4h+ KXjXULrxPPaR3H277JdK7aRpn2iOW3+1OnzyPKp8uMjarOVB+7vCH7EvgDwtqfhdbzxb4n8ReGPA t7HqHh/w5ql/HPpem3MG77O6BYUnl+zZ/wBHE0ziMDAzW1rf7G/wt13wbr/g+e/1e3fW/F9z44g1 OCeBNR0vWrmcTmWwl8gpGqkFFDpIdjMGZjggA+GfGv7TX7Qvjb4h/Fo/D3VvFmkW/wAPNXvNB0LT PD/gxtf0++vdMQeY2qXv2eVl+0SHb5cTRmONlcZOC3p/g7xz+1R+0T8W9X8IWXje6+D9lp/hDw3r V3pw0W0nvrPVtSim823/ANOi3rEJUJkWQFyERVMYL7vfvGH7FPgnxR4l8T6/pfjPxV4UtvHaBfEu m6Nfw21jq7+X5Uk00bW7mOWZBtlaBo94zx8xJ9g+H3wC8A/DDxvq3jfwctxZyarpGk6J9h3obO2s 9FWRLYQIEEgbbIQ5aRs4GAOcgHKfse/FDxX8Zf2b/BfxF8dPFLr+pQ3MV7JAgjjlmsrua0aQIuFX zPK3kAAAk4AGAPpavLvgx8JfDnwM+G2kfC3wlc3d3pWjG5aGW+eOS4Y3dzJdPvaJI0OHlYLhB8oG cnJPqNABRRRQAUUUUAFFFFAH/9P9/KKKKACiiigAooooAKKKKACiiigAooooAKo6pqFvpGmXerXY cwWUMk8gjUu5SNSzbVHLHA4A5NXq4v4k3V1Y/DvxTfWMz29zb6VfSRSxsUdHSByrKw5BBGQRyDQB f8G+K9L8deFNI8ZaIsyafrVrFdwC5he3mEcyhlEkUgDI2DyrDINdLX4YxXfxw8feEvhb4hOreKPi Do0Xw70i41DTfCXi3+zfEum6lcBmbVbq0aVJr8zLtERdyNysNvUt2vibxT4/+MOh/CLxL8PPEviL 4peER4TmuL/R9F8QxeFfFslzFd/Zjq9zbRyq1ysbRtBsWQp54Zgxz8wB+zNFflR8Hvi/qXijx7+y vY6L428Q63pmp2Xjyy1Qa1mzvby70tLcRxanbxO0Utxa/MquS5OC4O5mJ8T+Mfxx+MI8X+PPh74J 17Wbu38TfFux8NA6fqaWt5BZLpcUsunabdXciw2Uk8ysoYFcNuxySCAfuHXAah8TPCel/ErR/hNd zyL4i13T7vU7WIRsY2trJ445iZB8qkNKuAeT+Ffjl4j+In7RvwZtPHngOO61jwX4e1mLw7FbP4h8 Uab4h1zw62p6nFYXV1E0V3cXMdtLDITG8wKRzLlGU8H6S8O/Cey+Ev7fPgPSdM8Xa54jtr3wVrk3 2fXtTm1W4tZBc2qvKk1wWkVLgjJTO0OjFQMkAA/TqiiigAooooAKKKKAOa1rwd4W8Ravomv65pkF 7qPhyaS502eVdz2s0sbQu8R7Fo2Kk+hrpaKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAo oooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigApkkaSxtFKoZHBVgeQQeCDT6KAPPvh r8Kfhx8HfDp8J/C/w7Z+GtJaZ7hrezjEavM4AaRz1ZiABliTgAdABXoNFFABRRRQAUUUUAFFFFAB RRRQAUUUUAFFFFABRRRQAUUUUAFfJ+q/tK+Bfhv41+Jv/C1fHOn2fh7wrqGgafHCtheJLpc2rWiy Il3ceW0conY+YskZ2RJxKykGvrCvx/8AjZ8K/H/iD4ufGC4t/COqajpms/EH4X3UEiWE8sF1ZWNr Cl7NGwQrJDBgiZwSseCHIoA+v5v22vgfq/gHx54s8DarPqmo+BtLbU5tPuNM1G0uXjkBFtIIJbdJ nglk2gyojKinc5Uc1neC/wBtv4TT/Bf4d/EP4galLY67420+CRdMstK1Ga5nvkt45L0WlmsMlxJb xOx2zANEVwRI2QTxnxi+HvjPxF+09411TRNCu7iy1b4L6posN6sDi1l1GXUGaK088jy/OKtuCFt2 0lsY5r53+DGs+Kfht4m+D/xt8T/DjxbNoGk/DKz+H2oRR6HdyajpGsaXJFNJO1iEM5tbkAxrPGjA lAGxQB+p/wANPij4C+MPhO38b/DfWIta0a4d4hNGrxsksRw8UsUqpJFIh+8kiqw7jkV+eHxQ/b71 LTNG+PMXhCGOy1D4Walolvp813pt8sMtpcXtja38tzJMkcSuGunWJNysyASoHTLV79+xx4Q8TaXF 8VPiNr/h678I2vxJ8YXuuadpN+nlXcVo8MMInuYckwzXMkbyPGxyo25r4u/aD8IeO9SP7VPwzg8C eINUn8b6v4R1rS7i10q5urC+s7SfSYblI54kZWlj2uzR9QiOx4U0Afon8OP2s/gD8VtY1TQfB/ig NfaRYtqk0d9aXWm7tOUgNeRNeRQrLbgnmRCVHBJAIJr/AA5/a9/Z9+K/iq08GeCfEzXOp6ms76f9 osL2zg1FbYZmNlPcwxRXPljJPlMx2gsAVGa+Yf2zPgv8QPir8VLLSvh/pVxu1P4c+LtH+3JEyWi3 FwbZra0nuQvlx+cQ6qrsOCxA4NeF/Bn4ea54x8U/BLQtQ0n4szXvgC8tLu/g8Siz0rQdAl022MZW CUaXuvY5MeTDFDKu+JgzSJjgA+8/2wPih8SPhj4S8DJ8K7yy07W/GXjLRfDIub+2N3DBFqrSRmQx B4yxRgrY3DIBHfI801f4o/tQfs9eMfBr/HW/8PeNvAPjDWLbQJtS0ixn0y+0u+vyUtJZIpJ5o5Ld 5Pkcghl6+gbc/bvsfEcng74X6/4d8Oat4nHhf4i+G9avbXRbGbULwWVhJLLPIsEKsxAAxngZIBIz XmHxR8V+Of2wtZ8C/C/wh8M/FfhPwvpviPTtd8Qaz4p0ttHiWz0uTz1traKZvNllmkCrkLhOpyCS oBp+BvGf7YXxr8VfFWbwB448NeHdH8DeMtU8NWlnf6HLdySR2KwyI8k8d1H1WYKcJnIJ74rqfhB+ 3D4R1H4J6d49+ONxa6L4hm1rUfDwttGhutQTU77TZCjyabbwpNcSxMu1sgMEz8zYwa8o+DP7GXw5 +Jfi/wCOPin44eEdXW7v/iJrbaf51/qulwXelvHbvFNHDBPBFPE7tIBLtYPgruIXA7j4k/DrT/2d fjP8IfiZ4F8A3mofDXwfo2s6DNY+HrF7640eXUHimS9S0iDTSLKUdJ5EDPyWfJPIB0nx0/aztJ/2 cbv4sfs369Z31/Hr2m6G0l7aTZs7i6vIreaK5s5vJmjlRZM7HCnBB6EE854x+KH7U/7Oni/4cTfF jxJ4Y8deGPHniaw8LzQWGmT6XqVvNqW5YriDNxOkqxlcyKVzjAHXcvzH8U/hJ4++KXgP44/ETT/A WuabpXxT8ZeDn0/RZbSeLVHstJkggvL+W0iBntxMd8h3BXVF3sF6n9DfAf7F/wCzb8OPFtj478N+ Eml1/Syxs7vUdRv9Ue2ZhgtCL64nWNvRlAYdjQB6d8Xfjb8L/gR4fsvFPxY1tdB0vUb1NOgnaGec PdSRSzJHtgjkYFkhcgkAEgLncVB4fSv2svgNq/gzxX47j8Qy2mm+BkSXXIrzT761vrCOUZjeWymg S52yDlCsRDDOCcHHhX/BQTWh4c0X4H+IDodx4kGm/FDQrj+z7OLzrq48q0v22wRH78oxmNf4mAGR mvnT47+HfHnx9g+PHxh8E+BvEGnaPefD208K6daX2lz2up63fpftevPDYMn2gpCjiJWZAWO7bkDg A+2ov24f2ZrjwyPFln4qlurKbUW0q1SHTNQkub67WNZStlbrbmW5Xy3V/MiVowrKSwBGeoi/az/Z 7l+GVz8Xv+EvhTw1ZXv9mTu8Fwl3HqGcfY2smiF19p5yIfK3kfMAV5rwP4s6Nrnws+Nfwa+OC+Ed T8R+D/DHh7UfD97b6PZSX95o8t2kBhuks4gZWQrE0MhjUlF6jGAflrU/hx8TL/4u6j+2NYfDnXP+ ESHj3SdXHhiS0K6zNYWOlS6dLqqaa37zzvtEnmpCQJSo3bR1IB9teOP22fhRa/BD4ifEz4fahLqO s+CLKUvpl3pl/Bd29/LA72a3do8KXEUErqMzMqxBQxMgAJHf/soeNPGXxB+CmkeO/HviOPxHqOtZ ujNHo8+hpbIyLuthBcnzJFicOFnIAlUhlGME/EfxE8O+MPjjrXx/+Nng7wPr2kaLqPwruvCenwah p09nqGu6mxmufNgsJFFwwjRkhQsgLkkKGHT9DfDOga3c/s/6V4WiWTT9Xl8MQWSrKDHJBctZCMBw wyrI/UEZBHIoA8f+F/7Sumah8H/EH7SvxW1iDw/4A1LU5/7AV4W8yPSYZvsdtI6orTTT3sqNMqKr EK6IoOCTt6J+2h+zrrmjeK9bTxHcWEfgi0XUNXgv9L1Cyu7ezdtq3AtZ7dJpI2JAzGjYJGcZFfGG g6v8Qb3/AIJ2fCVPhjoJvNU0G+0zTdaWDSotZ1PR4tLuZLe+u7PT51dXvreSIMilSy7iy4IBr5z8 eeAfin4x8QfF/XNE0P4jeL9P174WXGlafqvifSJI7y/v49Vt52t7a2t7WEwx7GJhieJXfbI67lOa AP1x+Hn7XH7PvxU8XN4H8FeKfteqtbzXluJrO7tILy2tziWa0nuIY4riNOctE7DALDKjNeB/ED9u /wCHmpeJvhr4U+CevJql54q8aaXo9y8+m3iWt3pczyRXkljdTRRQTGOTYpeJ3Ck9CCDWZ+0x8H/G Pjvxj8EPDvgzSrm2ih8NeN9HlvoreT7Ppb6j4fFpa/aJVUrAGl2qgfGWXABIxXik+t+LvF3hD9mL 4OW3wg8U6Xrvwz8VeF2124n0adNO0yPSozazSxXiqYpYpSfMEkbMgj+aQqcZAP1F+KXxb+HfwV8M L40+KGspoOiNdQWZupY5ZI1muW2Rh/KVyqk9XYBVHLEDmvnwft+/sqG2u5D4uuFurKQJLYNo+pjU QjIZfP8AsRtRcGARjeZvL8tRjLAkAy/ts+D9b8b/AA28JaLomjXOu7fGvhme6gtbd7krZxX6NPJI sasREiZLsflVeSQKr+HvA2pp+3V468dXWgzrpd54F0mwh1N7ZxbSzfbbhp4EnK7GcKsRdAxIAUkY xQB6L4v/AGq/gT4K0Dwv4i1TxG15B41tjeaLDptnd6jdX9uEWQyxW9pFLKEVWG5mVQpOCQeKl8Ef tTfAj4i3PhOy8IeJ1vbnxu+oxaVGbW6iaafSUEl7A/mRKIZoUYMY5SjleVDDmvyx+HekfG/wF8O/ gXofiLRvFvgfw/Z+Eb63v9U8NeGBqXiiPUn1J2XTJjPa3E9lbvDskQiMB3wG4AId4Y+Hnj7wZ+y9 8QPizrGga3oXiv4W/E+98f6WniJfKv73TQls9wJrgBY5jc2jTLMYiVaZSvBHAB9yftI/ti+FfhNq Og2uga5bpHo3jjRtA8XvNaXEsdnZajYXV6yxyBAsk2yJGxCZGTO1lDMBXsnhX9qr4DeLvDPijxZY +KFsLHwSqPraanbXOmXOnpIu6Jpra8iimCyj/VkIQ5+VctxX52a98N/HOifs5fBP4k6l4K1Pxp4o 1/4o2HxH8UafpVq93dILyC9uSfLUcC2hMEQVyF3qqZG4Cuf/AGkfhd8Uf2stU+JvxZ+GngzXNG0a 08O6BpFvZanaNpOoeIZ9O1Y6lctBbXSbx5MOI4mljw7gKoYcAA/T34TftOfBb42axc+Hfh/rcs+r W1qt/wDY72wvNNuJbJ22LdQx3sMLSwliBvQMASAcEjPvlfll8A/CN344/aO8K/EpLf4palb+FNI1 FZNU8fC10qK2lvlWI2EVmumwzXTk/OzLMscZQEM5O0/qbQAUUUUAFFFFABRRRQAUUUUAFFFFABRR RQAUUUUAf//U/fyiiigAooooAKKKKACiiigAoorkvGPj7wL8O9MGt/EDxHpvhnT2bYLnU7uGzhLf 3Q8zIpPtnNAHW0VzPhPxr4O8e6QviDwNrth4i0t2KLd6ddRXcBZeoEkLMuR3Ga6agAqhqumWOt6Z eaNqcfnWd/DJbzR5K74pVKOuVIIyCRkEH0NX6KAPl7xD+xp+zr4l03w7pd74Zmto/CumR6LYSWWp 6hZXC6XFnbZyXFvcJLNDyfllduSTnJJrR8U/skfs/eLdF8NaDeeF/wCzrfwfbNZaS+lXl3pc9ray YMkKz2csUjJJjLh2bJJY/MSa+kKKAPm7Xf2Rv2evEHgTw18N7nwmlpong6V59HFjdXVlc2UsuTLJ HdW8qXG6UkmUtITI3zPlsGqtp+xv+zTZeBNc+Gdv4Htx4c8RXUN/e2zXF05e8t41ijuUlaYyxTBU GZI3V2YszEszE/S008FsgkuJFiVmVAWIUFnYKq5PdmIAHcnFS0AfPfhb9lb4C+EfCviXwbp3hWO7 07xlEkOtHUbi41G41CONSsaz3F3JLMwjBPl4cbDym081W+G/7J3wH+E3jCH4geCvD88HiSC1lsUv 7rU9Qv51tJtmYM3dxKDGojUIpGEGduNzZ76f43fBi18U/wDCDXPj3QIfEfmeV/Zj6pare+Znbs+z mTzN2eMbc54rtr7xH4e0vVdN0HU9UtbTU9ZMq2NrNOkc92YE8yUQRsQ0hjT5n2g7V5OBQBs0VFHP BM8scMiu0LbJApBKNtDbWA6HawOD2IPepaACiiopJ4IXijlkVHnYpGGIBdgpYhQep2qTgdgT2oAl orG0fxH4e8QtfpoGqWuptpd1JZXYtp0mNtdRAGSCXYTslQMCyNhhkZHNbNABRRRQAUUUUAFFFFAB RRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFF FFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRX5U/tI/Gz4l2nxR8eeGPBf xU1XTZvC9jbS6dofg3wx/b01vObczPLrl1cWkkMKu33Y0mUCL5n56gH6rVmajrWj6O1omrX0Fk2o TrbWwnlWMzzuCVijDEb3YAkKMk4PHFfn/wDswftE/Ez4u/FTwhpvii/j/svW/hNpHie4soYIkj/t e41Ke2nuFfb5oDpGB5e8ovZc818v+JfEXxX+ONh8DPEeqeP7vTr8fFjXtHtp7Wx05vJW1a/jtZ1V 7dkZ4YIjEoYFWDlnDOAwAP2O8NeMfC3jJNSk8LanBqi6Pf3Ol3hgbd5F9aNsngf0eNuGHaulr8Qt Fk/aD8EfDj9pj44fDX4j/wDCO6f4H+Ini++t9COmWl1bagba7Elz9rnmRpgJEOxFiZNu3dnLZX6a 8PeL/wBob9p3xh8R7v4cfENvhppHgR7TTtLsbfTbK9a91GWxivJJr57yORvI3TBESIplcsTuGSAf pHXNeGvGPhbxkmpSeFtTg1NdHv7jS7wwNu8i+tG2zwP6PG3DDtX5V+EPj1+0n+03rfwX0XwN41T4 ZDxr4M1TWNakt9MtdQxeaXqC2ZltlulYqssg4Uuy+U5+821x0OnfErxjZfCj4qfEPxT8XrzwBY+B PiD4r0tpNK0XRpbjVEhuIorO38mazZZLksGCsoDyM5MjEKCoB+rFZms61o/hzSrrXfEF9Bpmm2Mb S3F1dSrDBDGvJeSRyFVR3JIFfmBJ45/ai+GX7N+k+Kfjn8V4fC/ijxp4htVgN5o1veatpukzKzJY Wdlp9lsu9UkVQzb4fLTLA425r5I+M/xX+Lnjn4I/tEfC7xJ4v8QajonhjS9B1qwn8RaDbaNq09te XRiltbiDyIz5DOEljlEccnyYB2EggH7yL4x8LN4wf4frqcB8Rx2C6o1hu/fixeVoFn2/3DIpTPqM V0tflN8fvjx8Uf2cPiF4ugg1aPxbe+HPhdpl3b3WoWNlDNPq2oeIm01Lm4ktYYmESCRWaFGWL5SQ oYlq6fx34t/aQ/Zo8X+C9P8AFfxIk+I+m/ECz1mzuTdaZY2cmmatZadJewXNkLWJN0DNGyvHMHCK M5JNAH6ZUV+R/gT4mftS6B4H/Z5+Onjb4njxLafFTW9C0XU9AOkWNraR2usxOI545oUWf7QhQSOd wRmYgIqKEP2h+1f8T/Gnw48D+G9N+HVxBp/iXx74n0jwrY39zCLiLT5NUkYNdGE/LIY40YorHaX2 5z0IB7B49+GXhP4ky+GJ/FUEkz+ENattf0/y5Gj2X9okkcTtt+8oWV8qeDn2r0Cvze+LnjL9pf8A Zt8I69bTfEHTvHk3iKfRNM8O3uqWsFtqem3+qXv2Sea6trOGKCa0RXDxOcESDy2Vl5PG/GD41/Hr 9jDxJb2njDxjJ8WtH8T+F/EOo2bahp9rZXFlrGhW6XGSbCOIG0mEihkYEp2kHRgD9Ltc8Y+F/DWp aLo+vanBY3viK4a006GVtr3VwsbSmOMd2CIzY9Aa6WvyW8T+EPjjo/xf/Ze8TfFD4lnxxb65r0k8 9o+nWdkllfyaTcP/AKG1rGjNblCylZS7ZVWDZZhXjWi/td/tSePfC198dPAn/CX6ndyapM2k+EdP 8Ey3nh240y3uzA1vLq0du87XDRozNMkoCSAptAyFAP3OoqrZXP22yt7wxPB58aSeXIpV03DO1lPI YdCD0NfBfxT1n9oHxt+2NB8EPhv8R28BeFrLwTZ+JbpodLstQnlu/wC1Lm1Mam5QlVlQJvySAIwF UFmJAPsHwb8N/DHgLVvFGq+GY5LX/hL9ROrXsG/NuL14killiTHyGYRq0mDhny3UnOZN8avhTB8T 4Pgs/iiyPjm4haddIWTddCNYzMWZVB2fuxvAYgleQMEV+QOi/td/tSePfC198dPAn/CX6ndyapM2 k+EdP8Ey3nh240y3uzA1vLq0du87XDRozNMkoCSAptAyF2LrU/ir8K9U/bK+Mvhvx3fLrmgx6TJE LrTdN3NNPpttLbvKDa5DWkbmBIxhCMtIrP8ANQB+21FfkJ8Tvit+0z8K9Z+HPwh1v4iazrur/ESO 917U9V0Dwrb6hqOmWVvBF/xL9NsYIpVdGndt08yu0ce09R81eX44ftnXvwy1vTdO0jxfND4e8U2U MviP/hFEs/El54Yu7eSR5LbSbuKO3muredBDK8SH5GVxGCS1AH6veKPGPhbwTZ2uoeLNTg0q2vru 3sIJJ22LJdXbiOCJT3aRyFUdzXS1+IfxF+KPiz4p/s5Pp+l/EhPGevaN8SfC1tp1xqmjnStW0ySa 6ja3i1axEdvGzJKCQ8ahZFBG7cDj7Y+EfiD4z+Bf2pNV+APxI8eSfETSL/whH4os7270+0sLq1uE v/sU8AFmkaNE+4Ou4ErwoIAJYA+0bnWtHs9Ts9Fu76CDUNREjW1s8qrNOIQGkMcZO5wgILFQcAjN eX/GD4F+BPjpZ6TpPxCN9c6VpdyLh7C3vZrazvsFWEV7FEyrcRBkVtj8ZHuc/HX7Q9n4k039t74T eLrTxTe2VjpnhnxJqDWNvbWkgaDTjazXNurSwu+L1cI7btyBQYijEk+aS/F39qLwx+zp4c/bZ1bx /Hq9lqdzpt/qHg1NNs001NH1S8jtkt7a4WP7Z9piWZG8xpWy2VKMBggH6m+GPF/hXxfFqLeE9Sg1 KPRb640u7+zsGFve2bbJ7d8dHjPDDtXTV+IvwT+M3j6b49eL/wBmzwfqUvw+tPEPxS8a6hdeJ57S O4+3fZLpXbSNM+0Ry2/2p0+eR5VPlxkbVZyoPReNf2mv2hfG3xD+LR+HureLNIt/h5q95oOhaZ4f 8GNr+n317piDzG1S9+zysv2iQ7fLiaMxxsrjJwWAP2Yor8tvB3jn9qj9on4t6v4QsvG918H7LT/C HhvWrvThotpPfWeralFN5tv/AKdFvWISoTIsgLkIiqYwX3fWf7HvxQ8V/GX9m/wX8RfHTxS6/qUN zFeyQII45ZrK7mtGkCLhV8zyt5AAAJOABgAA+lqK+a/2sPiHrPw0+D9zr2geL9P8DXtxe2VmuqX9 rLfvEs8oEgs7KKKZrm7ZAwhiKFSeWwoJr809Q/aq+PPguL4xeHtM8ZeIdWg0jwD/AMJVompeKvDd to2pW92l+lm5it2t41mtnDkq0sONwKqMKSwB+4Fc14k8Y+F/B/8AZQ8UanBpn9t38Gl2Pntt+0Xt zu8qCP1d9p2jvivzb8S/Fb9oj9m/xp4L1r4j+PB8RNK8beGvFGr32lHS7WxisbzQdL/tRFsXt184 xsAYcSs5x8xJY/L5t430r4961oP7MHxa+JPxIHiWx8Y+OvCepXWijTrS1tbCe+jee3FlNCizMkUb NG4leQyEh8rgggH7JUUUUAFFFFABRRRQAUUUUAFFFFAH/9X9/KKKKACiiigD5I/a9/az8PfsneC9 N16/0mTX9Y12d7fT7BJRbq/kqGlkklKPtSMMo4ViSwAAGWXC/Y3/AGy9A/a00XWvL0R/Dev+HWh+ 12Zm+0xNFcbxHLFLsjJBKMGUqCpxyQQa639q/wDZS8IftW+DLDw34g1CbRNS0adrjT9QgQSmFpFC yo8TFQ8bgKSAynKqQ2AQcT9kb9jrwf8Asm6HrFvpOrT+Idb8QPEb2/miFupjt93lRxQqz7FBdicu xYnk4AA+ji8u/s5p39vfz7/da3zudy9h7D++fYVFFFfOHCFfl/8AC/wD4Z/aX/a5+Nvi344abB4p tfhhf2fh7w5o2pRpcWNhC8XnTXItpAyNLcOisJGBOMgcBQv6gV8G/EP4BfHvwR8dtd/aC/Zb1nRD c+Nba1g8SeHvEn2lLG7lsUEUF3bzWoZ45ljGzBG3lmJbdgAHcaL+zX4E+Afjrxp8cfhED4Yt9T0C SK78OWcaQ6LPeWm6aK8MCBdkoA2YjKrtLHGWJryjxB+1j8SNK/YB0b9qW3sdLbxbqFvpMslu0Mxs A19qUNpJtjEwkAEchK5lOGwTkcV1nwu/Z3+L2v8AxP8AEHxz/ab1/TbrxFqeiSeHdM0fw7540vS9 OnYvK4e5CyTXEhPLMuFywBYFQny5rH7HP7Z+tfs6Wf7KUviLwXH4P8N3Fu9nqQN+t/qVta3guIIb iPyWjt9g+ZmTzCWREHBeSgD33UPjV+1X42/au8e/A74Q2vhSz8M/D06DdXt/rMV69w9tqdskskCC CTa0rHzWjbCABApJzmuB+GX7Vn7SviHRvHnxz8a2Phew+Enw1vfEdlfW8Ed4Nb1H+yRK0L2paRoE JbyYjvOCfMbA+QD6z+GXwa8T+DP2j/jV8YNUurOXRviPH4aTT4YXka5iOjWctvP9oVo1RdzSAx7H fIzu2ng8B8LP2WNQ0j9nn4ifAn4k31tLF471PxFcGfTneQQ22syu8Tfvo4/30YYEjBUMOGYc0AfG uif8FE/iFo2l+E/in478VfDjVvDvia+s4r7wpod87+I9Hsr9gI5mZ52WaaAMDcxGJcEEApyV96f4 1/tj/E34ufF/4efBe18H6bpfwx1CGCK81mG9lnvTParPFbBIZgoO4P5kpxhXQKmQzVzHgz9lf9p+ x0rwX8KdefwFpnhbwpPaJeeJdMsWl1/VdOsvljgMF1bNBFNKiqJpN7nPzAtyG+tPgt8GfFHw4+KP xm8ba3dWc9j8RdatdR09Ld5GlihgtFgZbgPGiq5ZSQEZxjuDxQB+efxp+MXxW/aH+DP7Jvxf8JnS NAl8T+PNKDWt1DcXEcetwPdwQyEpMhazDQyl4j+8OUxINpz+vWs6X4i1fwRfaLHqCWOu3unS24vL dWWOG7khKCaNWLMFWQ7lBJOAASa/OW2/Y3+Nnhz9k34K/C3w1qmgS/ED4P8AiiDxKhuZbo6ReNb3 N7KITKsKzgFLpcnyhypHGQ1foT4h8KT/ABA+GmoeCfGpW0n8Q6TJYai2nyNtikuoDHM1tI4V/kZi Y2ZQeASAaAPw+s/B/wAM/gv8Drj4H/td/s26hpP2SC5t7n4iaDp9vrMbSyM+3VHvlH2iBhuDKrlz wFKBfkH3TfeLtG0X4hfsj+EvB0+m+PrHXtP1+HTvFGqwtc6ikdloqtFcwTRvGEe4AC3JZCXXI+Vs msbSvhV/wUM8J+AP+FG6P4l8B674bt7JtKs/EWpx6gurJp4QwoZ7VFaCSdYsBSWZSR+8LnJPe+H/ ANkHU/AfiT9miPwhqtvdeH/gfBr0OoyXbSR3d42rWBt1kgjRJE5nZnZXkUIhAUsRigD4o+F/xe+P v7P/AOzh+098YzdeHtWu/DvxB1dVhazu9r6vLqdnbXkh/wBJB+yGOT9xHnzEI+Z2HFfpb8avjH4o +HXxb+C/gTQ7e0l0/wCIesX2n6i9wjtLHFbWbXCGBldVVi4wSysMdgea+XL/APY1+MOveAP2hfgd q+r6FF4M+Keuaj4m0TUImuW1G3v728gu0gu4TGIvIQwBS0bs3JIBzhd2L4G/thfEn4xfCH4mfG3V PB9lYfDC9uZZLLRJL55L37VatBJdF54VUOWCbIsKoVnJfOFoA8u+N/7Xv7R/w0h8Y+LdR134ceCk 8M3lyNO8Have/a/EOqWNufkkdrW8KpLOvzRxony5AY9CbfxU8U/Fn4i/tVfsl+OfBV5pGl2finQd a1TT7a+t7i4MH2jTbee/W4aOaMSEwSKluVC7HDM+9SFHLWf7CP7Qmh/Dzxv8HNDHgGWLxbJqjy+N 723upfEtxDqDO5hmXySA7bvLaQTMERiyozjn6B179nD486cP2afFvgS68OTeKPgrpM+j6pa6hPdi wu4r2wtrGeW2mig83KeQzIHjXO4Z6EMAeV6X+1B4l8F6f8RdA+GngzQU8deJvjLqvg/Roo45bWzn nEMEkmqaqVkZ5XVP9c0ZQt8gCjBr3/wP8ZPjz4C+P3hz4CftFJoOrr4906+vfD+taBDcWim50xVl u7S5t7iSX7sTb0kRhxgEEk7PLdR/Yp+Jr6X4w17QfEWlaZ43i+Kl/wDEXwtcMJp7PyriKKJbPUV8 tHUSqrCXyt+35SrNyK9X8EfBT45+N/jz4c+Pn7Rl3oNhL4D0+9s/D+jeHJLm4hSfU18q7u7m4uo4 mLNGoVI0XAGCSCDuAPkzRf2vv219Y/Zsn/a1GkeC4/CGgSz/AGnS/KvxfalbW161rcTRSec0dvtx hFPmZKM5yCqV+m+nal8U9a+IOk61pv8AY6/C+/0JZ5Fl+0f24NVlk3ptx/o/2byCM5O/fnHFfJGg fsk/EfSv+Cf2pfspXGpaS3i28tdUgS6Sac6cGvtTmvYyZDAJsCOQBsQnDZAyOT9V+HdI+MWieMfD +ktNobfDzT/DsVtdAfaTq7a1EwUNEdog+yeUP4sSb+2KAPZaKKKACiiigAooooAKKKKACiiigAoo ooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiii gAooooAKKKKACiiigAooooAKKKKACiiigAr5G8Xfsd+DvFHjLxZ4osfF/ibw3YePmjfxHo+k3sNt Yao0cKwEyEwPPF5kQ2ymGaMuDyRzn65r5x+Jv7WfwG+EPiafwf438QyxatY263l7DZafe6j9gtXG VmvGs4Jlt0I5BlK5HzY280AeYQ/sLeBtIs/Bi+C/HXi3wrqvgzRG8Nxappt7aw3t5pBna4W2uibV omEbsTG6RoynnJIBq2P2GfhhZfCrw98KfDXiHxFoNv4T8QTeJNK1O1vYTqdpeztMWUTSwOrxhZ3U b0ZyMFnZskzwfte+FtS/ak0D4F6I66joWveF/wC2YNTtrO9uFnvLieD7KsU8UbQfZWtnd2nJMYcq hkRxsbzH9l39v/4YfEn4f+AbH4n+JIrTx94oc2Uwi068h006jJM6w2q3fltarM8ewiMzZyQOpAoA +iE/Ze8BL8L/AIk/CdtR1R9K+KWpaxqmqTmWD7VFPrbbrgWzCAIiKf8AVh0cjuWrjvEn7Gfg/VNd 1HXvCXjTxT4Fl8QWFrp2uR6FewQR6tFZwi3iknEtvLsnEQCGWHy2257nNdJ4s/bJ/Zx8EeM77wL4 j8Wi31DSZ4rbUZo7K8nsNPnnIWOK8vooWtbdiTgiSVdp+9trT1b9rD4DaL8W0+BV54jdvG7XVrZt p8NhezmOW9iingMkscDRJG6TR4kL7AWwWBVtoBe8Jfs2/DTwJ4x8JeMPCMVzpn/CFeHZ/DOnWMci m0WxnminZnDo0rTb4h8/mc5YsCTkeI+LP2Avhv4p1aDWovGvizRbi18Uav4vhFjd2Iij1fWHSSSU Rz2MyfuCmLckF4wzfOScj6f+Kfxg+HfwX0G38R/EbVv7Mtb25SztUSGa6ubq6kBKQ29vbpJNLIwB IVEJwMnA5rxe2/bm/ZbuPD+t+KG8afZtO8NXVhZao9xp2oQNZXOpNIlvFPHJbq6MWhkD5H7vbmTa CMgFDV/2O9M8Q6NZ2fiX4n+NNa1fRtTg1fR9ZvL2xbUNKuoY5Ij9maOyjjMcqyHzUkjcNhemKw5f 2DfhhqMPj0+KPFPifxFe/EvR4dI1y71C+glmnFtN50FzHttlWKaLCoioBAEUAxE7mPUXP7cn7NsG iaRrcev310ddhuLi0s7fRdTmv3gtJTDNM1olsZo4kkVl8yRVQkEKSQa39U/bE/Zu0bwH4Y+JuoeN IU8NeMpLiHSrtbW7k+0TWqu0sPlpC0iSgoyiN1V2fEaguQpAMm5/Y/8Ahzr897d/EPV9Y8bT6r4R Xwbfvq08LNdWCXkl8s7tBBEwullk+WRWAAVSF3gsc/w3+xv4R03WLXXfGPjXxT48vdH0290rR316 +gn/ALKt9Qh+zzvbiG3hDTvEShmmEjFeDXn3xZ/b8+F+gfB68+I3wuu21y/s9c0/RLizu9M1GKWz lupoxL9ptzCk0ZWAu8W8KsjgIhZjtPrfjL9sz9nnwFdW1l4l1+7hmm0221edItI1K4awsLxN8M1+ sVszWe5edk4R1/iUUAbLfsyeAm+HPww+GJv9S/sv4T6jo+p6VL5sP2iabRFK263TeTsdGDHzBGkZ P8JWu7+MPwh8IfG/wRP4F8Zi4jtnmgu7e6spjb3tleWriSC6tZgCY5onGVbBHUEFSQdrXPH3hzR/ h9d/EyK5+36HBp51OOe0jku/PtzH5qPElusjyB1IK7FYkHgV8l/Cb9uj4ZeIfgB4R+LvxNvTouq+ JZnshp1ppuoSzT36KJWhsbcRST3SJG6ZmiDxZJBcEEAA6OH9ib4Z6ppPjC0+Jeua58QdW8a2trY3 Wr6zdRG/trawlM9rHZPbQwJbiKY+d8qfNINzZHFavhv9j/wJa6tf698SvEWvfFLULzSLnQEl8TXU U4ttMvBtuIYY7aG3QNOuBLKQ0jY+8ORXTxftZ/s9y/DK5+L3/CXwp4asr3+zJ3eC4S7j1DOPsbWT RC6+085EPlbyPmAK807w58cPC3x78HeLrD4DeJBa+L9Gt2i8rUbCe1udOvZoy9q11ZXkcUvlOR12 4ZQ21sjgA828LfsR+D/Dvi/wP4u1Dx74v8Rf8K2mZ/D1jqd/bzWllC0DQGDatqjyLtYAM7mQBEUO FDBqd1+wb8Lp7rU9Kh8S+JbXwHrWpf2teeDYb+NdAlujMLhh5RhM6QPKN7wpMEJxgAAAe9fs/fFq H44fCDw58SxZnTbvU4XjvrNs5tL+0ka3vIOeSI543UE9QAe9eyUAeMeAfBPjXw/8UPiR4p1zWbi7 8PeIZtLGi6dJdvcQ2MdnaCO4aCEoiWyzStzGpfcyFy3zBV1o/hL4cj+NU/x2W5u/7fuPD8PhtoC8 f2MWcN3JeK4Ty/M80ySEE+Zt24G3OSfUaKAPiG6/YN+F091qelQ+JfEtr4D1rUv7WvPBsN/GugS3 RmFww8owmdIHlG94UmCE4wAAAPRPE/7Kfw68V6X8W9Iv7/U4IPjL9k/tfyJYFNuLK2jtYxZ7oGCA pEpPmCT5s4wMAfTVFAHz38Xv2cPCPxcHhXUpdX1bwv4m8ENI2ja7otwlvqNqs0Yimj3PHJG8UyKB IjxkMBjjJrzl/wBiH4Yt4aksBr3iAeKpNbXxGfFv22M6/wD2okJt1l8/yfK8sQkxiHyvK2nGzvX2 VRQB8d2H7FXw5j0y/TXfEOv6/r2s+ING8Salrd7cwPqF7d6CytZRSbbdYVt4wu0RxxKdpIDA4I9z Pwl8ON8ak+Oxubv+308Pt4bEG+P7H9ja7F4X2eX5nm+YoGfM27eNuea9RooA8J+J3wC8O/E/x/4I +JVzrWq6FrfgWS4+ztps0KR3lreGI3FpdxzRSiSCURKrBdrYJAYZyPHtH/YW+Gmky6bop8T+Jb3w Fomorqth4PuL+N9Dt7lJTNGoQQi5eCOU70hknZAwyQRxX2vRQB8m63+xv8Ldd8G6/wCD57/V7d9b 8X3PjiDU4J4E1HS9auZxOZbCXyCkaqQUUOkh2MwZmOCMbxh+xT4J8UeJfE+v6X4z8VeFLbx2gXxL pujX8NtY6u/l+VJNNG1u5jlmQbZWgaPeM8fMSfsuigDxT4ffALwD8MPG+reN/By3FnJqukaTon2H ehs7az0VZEthAgQSBtshDlpGzgYA5z5p4e/Zx1T4Y2nwg8EfCrxHqdp4T8B6nql5qguL8I9/a3yX MognhggSO4xdzoybiixopJDuQa+tqKAPIPjV8FfC3x08LWXhnxNd3umS6RqVrrGm6hpsqw3thqNk SYLiB3SRA6bmHzIwIJ4r521L9gj4e+Ir3xRrfjHxx4t8Q634z8PzeGtUv7y9tHllsZZ4rhfKjFoI oWieEeWI0VMMxZXZi1fdFFAHi/jD4EeCfHPizwN4t8Qtczy+AbfVLW0td0RtbqHV7MWVwl0jRszj yh8oRk5JzuHFeDaV+wh4B0zVPBk0njnxffaH8OtVttW8O6Jc6jBLp2nSWr7o4lU23myRAfu18yRn SP5Udckn7hooAKKKKACiiigAooooAKKKKACiiigD/9b9/KKKKACiiigAooooAKKKKACiisa68R+H rHUodGvdUtbfULjHlW8k6JNJngbYyQx/AUWFKSW5s0UUUDCiiqt9Dc3FlcQWc5tZ5I3WOYKHMbkE K+1uG2nnB4PegC1RXylqPjP4sfD3wl8MtP8Aix4o0HTvFGueLrfRLy4trO7uLXV4J/tTQwW0aJm0 uZoo0YtITFGyuN5DLTdT/bc/Zo0jxW/hG98VyLNDqP8AZE16unXz6XDqG/y/s76isBtA+75T+9wp 4YigD6vor4h0z9pPWvib8cPjB+zp4JuV0DXPCVjYDQ9Rn0q9mja/dJ3u2uzJGsAhR0iSIbk85S7x PJ/B9ceDD4uPhHRv+E+S0TxKLSEakLB3ktPtYQCYwNIqP5ZfJXcoIHBoA6aivgv9p39uP4YfCbwZ 4/0rwf4hSfx34YtZoogdPu7rTodUCB4rS4u44vsqzMD/AKppg2flOGwD6V4n/bD+B3w3aw0T4g+I ZItdGmWupajDYade6gLCCeMOJrs2cMy20ZzkeaVO3B+7zQB9VUV89ePP2qfgR8Orbw7ca74lF4/i 22F9pUGlWtzq1xd2ZUN9pjhsYpn8nac+YQFPIBJ4pmt/tW/AXQ/APhz4lP4nXUdE8YSNDo5061ub +6v5UDGSOG1t4nuC0e1hIDGPLIw+08UAfRFFfLN1+2r+zLY+D9K8d3vjRINH1m+u9Mt3ayvfO+32 UZkntJLfyPOinVcYjkRWclVQMzKDlat+0F/wuT4SeIdY/ZS1L+0/F2j6jp9hJa3mnzQz2kst1CJl ubW8WB41NuznzGG1QCwJ2kUAfXdFfJPwQ/ag0/4wfGv4qfCiK1ktx4Fu4obJzYX0JngSKL7TJNNP GsKuJ5NsceVZ4x5iB0+cdp8Tv2o/gn8IfGFv8PfG+tXEXie8sk1GDTbLTb/Ubqa0keWMSxpZwS7g Ggk3AcqFywAKkgH0FRXy34q/bS/Zo8HeFfC/jTWPGcb6T41iupdGktbS7u2vfsTxR3CJHBC7rLG8 yK0bhXB3fL8j7a3iP9tr9mjwpqcWlax4skExs7S/uWh03UJ47C2vkWS3kv5Irdls96up23BRlDAu FHNAH1bRXnnh74r/AA/8VeM9W+H/AIf1dLzXdEs7LUbmBY5Av2PUVZraeKVlEU8bhT80TuFPDYJA rxjUv21v2bdO0XRNdTxTLqEPiRrsabDY6ZqF5dXSWMzQXE0dtBbvMYEkR184oI22nYzUAfVVFfOG v/tc/s6eGfBPhj4j6v40t18OeMmmj0m8igubhbqW3RnkiCwxO6yjYyeW6q5k/dhTIQp8P+LP7fnw v0D4PXnxG+F122uX9nrmn6JcWd3pmoxS2ct1NGJftNuYUmjKwF3i3hVkcBELMdpAPv8Aori774he E9L+HVx8VtTupLPwzaaU+tTXE1tPHLFYRwG5eR7ZoxOrLECTGY/MB+Uru4ryD4d/tdfs/fFTxNp/ hLwV4me6v9Zjmk00z2F7Z2+orbjM32K4uYI4rgxDO8ROxGCcYBIAPpOivlLwV+27+zB8QrLXNW8L eNUn0zw5p39qX99NZXtraQ2oZFOZ7iCOMyBpEUxAmTLABSQQOx+E37TnwW+NmsXPh34f63LPq1ta rf8A2O9sLzTbiWydti3UMd7DC0sJYgb0DAEgHBIyAe+UV5v8UPi58PPgz4fi8T/EfV10qyubiO0t wIpbie5uZc7Ibe3gSSaaRsHCxoxwCegJrzqL9rX9nyT4cX3xWk8WJb+H9MvRplyZ7a6ivItQYAiz axeIXX2ghgREIixHIBAJoA+jaK+ZLD9sX9na+8FeJPH0vik6fpfg6Wzh1pL6xvLS8057+VIbY3Fn NCtwqSvIoWTy9mMndhWI5OL9vv8AZVnW6SHxdO15bGHZZf2RqYvrqOdWaOW0tTbCa4iIRiZIkZFG CzAMpIB9j0V8za/+2H+zp4b8OeD/ABVqHi3ztO+IEVzLoDWlje3cmo/ZHjjmSGKCB5PNV5UXy2UO SSAp2tjc0L9qD4G+I9E0LX9J8S+ZbeIteTwvao1pdR3C606PILK4geIS20gWNifOVFAAyfmXIB77 RXyz+0D+1L4L+DPg/wCIk1hN/aPi/wAC6JHqzaabS7kj/wBM8xLIySQxFRHJLGQ7B/3ags5RfmrI h/bV+CWleCPB/iDxXqt2mreKtL/tKPTbPRtTmvTHCxiuJvsaW7zxQLMrqkkqhHAyjMCCQD69or4Q 8T/t1fDiLx78FtJ8CXf9v+F/ifJqTXGoQadqM7xQ2sEywrCkUORMbyMJMjqWhRWaREUiQdxpP7Tn gLwf4X8W+Kfin43sby107xnqnhyyFhp16tws1vLti01bby2murqIZDyQI0b/AHlO0E0AfW9FfOFj +1v+z7ffDjXfit/wlQtfD3ha5gstXe6tLu3udOuLmaOCKO6tJIVuIt0kigM0e3GWztBIt/Cr9qb4 G/GrxNd+Dvh54ge81m0tBfi2ubG8sXnsi4jFzb/a4YhNDvIXfHuGcdiCQD6Eor4q+M/7U1n8Ev2j vCngLxldfZ/CeveG7+9EdvYXF/f3Gpw3UMcEUEdqkkrZjaQlRGeAWJABNeteHv2nfgZ4qs/CF/oP ihLqDx3fXGl6Swt7lRJf2qNJLazboh9mmVVOI7jy2Y8KCcUAe90Vw+k/EjwZrvjvxB8NdI1D7T4i 8LQWdxqdssMu21jvwzW2+YoIt0iozBA5YKMkAEGvIvih+118BPg/4jvfCXjTXrgatpUEV1qEFhpt 9qX2C3mGUlu3s4JUgVl+YCRgSvIBHNAH0rRXy/4w/bL/AGcfBF1pGn6x4sNxe+INJttc0230+xvd QlvdOvGkWGeBbWCTeCYnyBygGXCggn2j4cfEjwR8XPBem/EL4darHrXh/V0Z7a6iV0DbGKOrJIFd GV1KsrKGUgggGgDuKK+U/GP7bP7NngPxNqPhbxJ4plin0W8FhqV1Dpt/cafYXbYAhur2GB7aJwSA waT5D9/bzVv4xftbfBX4R3Wp+GNc8R7PEVnp/wBtaO3sru+hs0mRvs0l7LbRSRW0cjAYMzoCCG+6 d1AH1DRXyn+zH+0XpXxc8E+CNK8UajEPiLrnhSz8T3llFbTQxtaXL+SZ4WZTEUEo2lVkZlONwGRV /Xf2x/2dvD+mx6ldeKHuftGq32i21vaaffXV3d32mMEu0treGBpZ44mIDTRq0OeA5NAH07RXzZq/ 7Xv7OehfDHS/jHqnjKGLwjrN82l214La6djfrHLK1tJAkRmilCwSZSRFOQFxuZQeRvv28f2YdPtL S+uPEt40VxZjUJvK0XVJWsbRneMS3yx2rNaqWjbHnBSVG8ZQhiAfYNFfPHxC/ap+Bvw0/saLxB4g e8uvEVgNV0+20qyu9WuLjTzgi7EdlFMVgIPEj7VPOCSK5nX/ANtz9mLw14P8LeO9S8Zq2j+No7yT Rngsr24kvDYSRxXMaxRQNIssbyopjdVfOeMKxAB9W0V4b4Z/aT+Cvi/4b+JPi5oXiMSeFfCD3cer XU1rdWz2j2UazTq9vPEk+5UZWAEZLZAXJIFdL4l+MXw78HeBNM+JnifU30/w3q7WCQXUlrcddTdI 7XzYxGZIQ7SIpMiqEJw+2gD02ivL4vjP8MZviVrHwgTXoh4u0DTE1m+smSRfIsHYKJmlKCLGWXKh ywBBIAINfFumf8FCPhfb/F7xJZ6/rzP4Cm0DRdX8PPa6PqE17cLd/aDdzvDHA04hRY0bc8SKoIOT uXIB+kVFfP8A4l/ak+BXhbwL4a+It/4oS50bxlj+xPsNvcXt1qLFdxW3tbeOSd2X+MeX+7PD7TxX bfCz4v8Aw6+NPhyXxT8NtYXVrG3uJLO4Bilt57a6hx5kFxbzpHNDIuQSkiKcEHoQSAelUUUUAFFF FABRRRQAUUUUAFFFFABRRRQAV+atnr+tfs6/GH45p4z+G/iPxlZ/Eq+t9X0a90PSptUi1CL7Cls2 m3EkKsLdonRgom2psYtnHX9KqKAPyI/Zp+GPxG/Z0+K/wQsPHvhnVrqG5+HV94buLrT7WS/tdN1O 81tNSW3vJ4QywxxQnZ5jHb8vBIBIpeHfhN47sP8AgnH8JfBSeD9Tg8T6T4h0W9n037BOt/bFdf8A Ommkg2ebHtiZnZiowhJJC1+wlFAH4JXnwf8AHng/T/i/8HfF2l/FTVNS8V+INYvbLTvDMdmvhvxB aatIGjmm1GbT7lbaQqQLgyvmMKpUE/KPvz9lT4X678PPjn8b5dX0e9tLWe38E2Nlf3atIt7HpmgQ 28vlXZihS58uUMsjxoo35yqH5R940UAfC/7V1h4g8P8Axe+B/wAbdN8O3vjLTPAd5ra3+j6Ui3Gp suqWSwR3lraFla4NsyneqZYK+4DgkfAOpW+u/HD4t/GnVtG+Hms6WuoeOvhVc3OlXdkxv1s7cS+f c3dtF5hhVosSuGxsRgZMEmv2J+LfwP8AAPxqs9Kh8ZRXcN9oFw13peo6be3GnahYXDoY2kt7m2dH UshIZSSp4ypwMSfCT4J+AfgppWo6d4JtrhrjWrk3upX9/dTX+oX9yVC+bc3VwzySMFGACcLzgDJy AfFH7SV78TbD9o1JJIfFfh7wXP4dhittX8BeHodU1jUb37RI0lhc3721zJaxoAHjTCxksXLg9PBP 2e/hT8S7HTf2fNO8VeCdcsZfDHxF8W3mpJqNnK72kUtvcyW9xPME8tkeR02XCnypH+4xNftXRQB+ P37Q/wAN/iLdeKP2m/EGieENW1O2vNV+Gep2YtLGWR9Ri0hke9NmAuLh4VTDrGSVxg4NM/aETVr7 4i698T/BHhz4k+Bdc8WeHtNl0+/8P6ZLrFj4gf7PIFsdd0We1ZLa4ts+VslbBjLEkcg/sJRQB438 K7bx5efAbw1ZfELTbbSfFs2gwRX9laqkcEF21uFaNEj/AHaBW4KodqnhTtAr8r/gQnjn4bWPwD+K Hin4beKptO+Geiaz4O12zGjXL3+m3twYZo9QtrTaZbi2kUGJ5oQwAyD0wf20ooA/FPU/hx8TL/4u 6j+2NYfDnXP+ESHj3SdXHhiS0K6zNYWOlS6dLqqaa37zzvtEnmpCQJSo3bR1P1v8Ho9U+JH7V/i3 9pG08Mar4R8HR+EbPw7HNrlpJplxql3HdveSXQtZwsqxQRFYhJIq7ucZA4+9a5Xxz4Q03x/4O1rw PrM1xb6fr1pNZXL2snkz+ROpSQJIAShZSRkcjPGDzQB8nfsBR3t38Cr/AMXSoYdP8YeKPEet6bGe Alhe6hK0JUHna+C6+qsCODX23WZoujaV4c0aw8PaFax2Om6ZBFa2tvENscMEKhI40HZVUAAegrTo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD /9f9/KKKKACiiigAooooAKKKKACvz6+KX7PfxQ8S/FO/1rSES5sNTuFlS8adE+zrgDa6lhJ+7xgb VOQBjngfoLRWtKs4O6OHH5fTxEVGpfR30IbeN4beKGSQyuiqpc9WIGCT9amoorI7gooooA+Qv2tP DPiPxJf/AAMfw7pV3qi6R8S9Ev702sEk4tbOK2vVkuJtgPlxIXUM7YUFgCeRX5UfFnQfj943+Bni nwZrXh3x7/wmg1WS4fwh4e8Nxaf4Ps7eHUxcedHNBahtQ3xp5kZSdpXmbcyHaWr+hSigD4e+HB1z wt+278XDq3hvWF0v4h6T4ZuNK1VLCZtMP9k2t0lzHPdBdkMoaVQsbkMfQZGfuGiigD8V/Htv47+H /wCzX8bv2YL74WeJvFHi3xFq+v3um3mm6RNfafqltqd0byG/a7iUxrNChAaI/vfMREUEkY9a8A6x 4h/Zr8ZfFey8efDPxL4sh+In9nappNzo2kzaml8i6ZFavply0Sn7M8LoyqJ9q7GZsgdf1OooA/Aj wN+zr8W/2dvEXgLXviE3j3TdOuvBEWkSXvgCGHU73Tb8ahNeNp13Gba7cW+2ZQsiDaZVAyRyPU/+ FLy+E/gx4I1zWPA3xF0dpfFeva3/AGxpepR3fjDw4dRj2LcyWVjp8SPDfeXm5t1RjAGwXfcVX9pK qX9/Y6VY3Gp6pcx2dnaRtLNNM4jiijQZZ3diAqqBkknAFAH46/C3wt8dvFnjj4Qaz8QvDuq6nouj /ELWry01XUdCXS9Sm006Q6w32rW0EarC7XHyRyzBHkIUnkrn7W+DfhbxDpH7WX7RPiPUNIurLSde Xwg1jeSwPHb3jW2nSxzmCVgElMTbVfaTtOAcGvpKy8eeDNR8TJ4N0/WbW51uTTY9YS0jkDyNp00h ijuVA4MTOpUMOCRXW0AfEPwLXXvC37Vnx78Pa74c1a1t/FN7putabqrWMv8AZVzbQadbWsiLeAeV 5wkyPLJ3YVj2NeWfE34m2Hwr/wCCh41/U/Cus+I7e4+F9rbtLoenS6pdWZbWrplLwQK0vlSlQhZQ cPsB4JI/TGvP0+GXhNPipL8ZVgk/4SebRY9AaXzG8v7BFcvdKnl/d3ea7Hd1xx0oA/ML4LfBr4jW Hx2+DfxD8S+Dr/SbDVvEPxP8UG0lt2ZdAt9ejtPsFvdtGDHbzSKrkIzA7iyjlSq+b+LPhj458A/E D49eGvFNp8UbpfiFrWpatpEPgu3tZ9F1yz1OEKlpdXMtjdG2ljG6GUysqLGNyqer/uLXNeGvGPhb xkmpSeFtTg1NdHv7jS7wwNu8i+tG2zwP6PG3DDtQB+V/xx+DXxp+EXgL4UeKfgF4d1C98VjwnJ8N tVtEm/tG5s7PUbcGyuZrm3ghRk026Qlp/JRMNnCqTXM+PP2f9Y/Z/wDjr4a1jS5PHtn4Ch8C6f4Y tNV8AWkV7fQXenzFnhvYGtbqRYbknzvMVQDMcEnkr+zdZms61o/hzSrrXfEF9Bpmm2MbS3F1dSrD BDGvJeSRyFVR3JIFAH5KfDH4H+KNCvv2f7//AIQ7xJaWcnj7xJ4ivotckj1G9sY7uwmWG5vms7O1 gtDNKiyCIqfLkfb5jMdoZ+0P8N/iLdeKP2m/EGieENW1O2vNV+Gep2YtLGWR9Ri0hke9NmAuLh4V TDrGSVxg4NfsDRQB8z/tEa7B4o/Y6+J/iS2tbqxi1TwJrdytvfQPa3UIm0yZwk8EgDxyLnDIwypy DXxX4G1nXfj54a/Zh8C+D/h7r3hk/Dm90XXtX1LUdNksdOtLPTNOeHyLW6cBLkXplTyxCWzH8zhT 939IriX4e/Hj4ca7odnfx654Y8R2+o6JeSWkpAZGElndxLIvKup3oSOQRXX+GvD2meEvDmleFNFR o9P0a0gsrZWYuyw20YjjBY8khVGSetAH5FRfs+/E/wARf8EqPDPwr0bw3f2PivTvJ1G60SWI2V/c C31Z7uaHy7hPlmdP3iB0O5gowcgHY+Hfww174xfGPSPFGhar8XNLm0LRNRhHibxiljpj6ZPfbIzZ 21k+lo13IcbmbzBFGUyC5O0/rxWTr2u6P4X0PUfE3iG7j0/StItpry7uZTtjgt7dDJLI57KiKWJ9 BQB+c3xL+E/xQ+DvjT4QfFvXNa8SfGvR/A+t6vNqiGzgudTtINW04WcFxb2tnFGZktpFLsFVpAJC QCBleO+IF142+IviLw3+0loHwXv7Lw14K8cWuoTWY00weJdesU057RtVl09o0lke0lkAtUYmVo1J AUYr9UdK1TTtc0uz1vSLhLuw1CGO4t5ozlJYZVDo6nuGUgg+lX6APxK/aR8E+Nv2irj4tfF/wT8P fENnoN/4c8LeGre1vtMuLbUNbuYfElrf3FzHYMn2jybe2GwyMi5UMRlVJX7rufA+py/t/aZ47bQZ 20az+GlzYpqf2Z/ssd4dYiZbcT7fLEvks7CPdu2FiBjNfW9prWj39/faVY30Fze6YY1u4I5VeW3M q70EqAkoWX5lDAZHI4rToA/Crwle6z8D/Fn7MF/408Ea3dTaZqvxWkbT7fTZptStre6vEMd1FZ7R K6COQP8AIpJiYuobgHtfGPg/4nav4j1b9qnTvh/r0Ph+f4peFfEUegixca22kaHpc+m3V+NPAEoe eSYOIiBIUXcyj7x/WDX/AIZeE/E3j/wn8TNWgkfXfBUeoxabIsjKka6pHHFc70HD7liXGfu9utdb q+taP4fsH1XXr6DTbKIqrz3MqwxKXYIoLuQAWYhQM8kgDk0Afkp4osviN8cfEH7T/izQfh94i0jT vFXw4tdL0Aarps1lPqc0CXgZY4pBkSNIxCxNiQqUYqA65zdT8YfE7WvE/g3WJ9D8e+AfCEngyysI 7rwz4SWXxLealazPFPYXtxcWk89pEpj8yBcLE6sJN4zx+yFRTTQ20MlxcSLFFEpd3chVVVGSSTwA B1NAH4ffA/wr8TfhbY/ALxb4w+H/AIqWLwZ428cxatbrps97qFsmt28sNpPIsSfvoXeQbrmPMR5K seAer0bwF8Sfh58TbD47ar4F1vWNA8IfFj4i3V5YWlhLNftYeIUjhs9VtbQqHuYUKH54gxKOWTIB I/Y3S9U03W9NtNa0a7iv9Pv4Y7i2uIHWWGaGVQ8ckbqSrI6kFWBIIII4q9QB+K/xp+Hvjr40eG/2 jPi54a8Aa7Y6T46HgbTNN02706aLU9X/ALI1O3e7vX08qZ0jSEhULKCY0ZiFAOPujxn4U1+b9tf4 YeLbDR7mTRbHwp4gtLq/jt3NrDJJNaNDDJMF2IzYYorEE4OBwa+m/F3jHwt4B0CfxT4z1ODR9ItX hjlurltkSPcSpBEC3q8jqg9yBUvivxX4c8DeHb/xd4v1GHSdG0uIzXV3cNsihjHBZ27DmgD4T+PG p6p4A/bK+HvxbvfAuv8Aijw1pXhPVrK5v9F0y41H+zri5uYdkjLArFmKBkKJl9js+3arEeIal8If HPiP9nT41/GU6HceDNcufGc3xK8J2GooLe7tG0aOF45rmE48ie8SCYOjHKiQbj1r9ZLHxBoWp39x pWnajb3N9aQwXE9vHKjTRQ3W/wAiSSMHcqy+W+wkANtbGcGvF/2jvA3wp8feBLbRvjLq15pnhttQ tY5IrS+uLIX8t032WKymFsQ88c7yhTDzuOD2zQB5j+xDo+ral8MdU+Oniu1Nr4i+M2q3HiieNzue 3sJ8RaZbB8AskVmkZXj+M18p/G+L4w3/AMX/AIt+Hr2w8Z6PZazDbw+HbTwNoVstt4iBsgnmarrj 20hUpI3lSCWWJYo+EJ6n9b7Gxs9MsrfTdOgS2tLSNIYYo1CpHHGAqqqjgBQAAB0FWqAPyd/Yo+HX jfQ/ip8PNf8AFPhPVNHj0v4Madosk+oafcWogv4tauGltGaZF2zbArmM/MUKtjaQT9R/sT+F/EPh D4Ua9pHiTSLrRZ28XeJp4YLuB7dzbT6lM8MiJIFJjdCGRgMMpBBIr6/ooA/Bb44aJ8dvGPgf4zeB tU0PxzB4iv8AU9WfTvC/hXw7BZ+GLqy83dHfXGoR2pe+eaNC7DzxPLLiMRkkCvoLwzf+LPgjN8Xt J8UfDLxL4sb4sWGnX+izadpM14l0ZNHism0y/IX/AEN7eRGBFxtAjLMeRg/rPXP+K/FfhzwN4dv/ ABd4v1GHSdG0uIzXV3cNsihjHBZ27DmgD8jta8A/G74Y/su/s/8Axp+FfhDUrz4meANBk0G90VbS YXr2esWZhxNb7PN/0S8WCYoyjaA7HABrH8bfs0+KP2f/AB18HtetpfGa+FNA8FSeHNS1PwJBHe6n aazLdtfXN1NBJbXTm3u5JZNzxxlgygFgOH/aSGaK5hjuIHDxyqGVhyCrDII+opZZUgieaTISNSxw CTgDJ4HJ/CgD8bNB+B/ihfDHw71m18IeLWh1r45WHie8TxG0V7qZtIbS5ibVb6C0srZbFZXVC6SB 9p2lpMuBXXftVeH9d0X4z+MfFXhLRvH/AIT8Q6xo9lHY6t4Rs28RaN4mkhilRbXVtMa2eKKSA/u0 8x9rxMWJHIP6Y+FviX8P/G/g7/hYXhPxDZap4aCzOdRhmU2yrbFhMWkzhfLKtu3Yxg5rhfEP7S/w C8J+CNI+I/iXx3pWm+HNfDNp15PcBFvAhIY26n55QMclFPGD0IoA/PDxJe/tCaf4s8Et8TNI8R+B 7SbwNpkNzdfDfw3bahqN1q29mn0ya8FtcmzjiwGjiTbCCS3mcDHJ/sqfCf4laR47/Z9l8YeCdd0w +E9Y+Jz30mp2crfYnvxbG1kmuQghbzwzCOZTsmYMYycHH64+Bfij8Ofib4YPjP4feJbDxBoaF1e8 s7hJYY2jGXWRgfkZQckNggckYrzrwh+1b+zb4+8XL4D8GfEjQ9Y1+RikVpb3kbPM6gkrCc7ZSACc RluBQB8CftC/DHxPP+1evwK8PQhvA/7Rs2k634gVWwLdPCzF9TAUfdF7CtqjMeGckHPOf0V/aF+F 0Pxk+Bnjb4WhVEuvaVcQWh6CO7RfMtX9vLnVG/Cud+HXw4+Dtt8YvHXxK8Nahc6144Eo0vVGvr2e 6fS45Ql59jtoZji2gl3pKFjG1uCDgYH0TQB/Plq/wq/an8SeCNN/aPtvB2q2nxR+Lmo6v4R120ez uEu7HRNV0+30u2uLmMxiSGG1ksTcCR1VR5oYkBlav0l+CHwlf4fftUfEEWOg3Np4Z0/wb4S0TSb2 W3dbeWKyS4jkhimKhHZAsXmKpJHy5AyK+6KKAPxX+B3g34hfA3RP2e/i74u8Ba9qGjeFdM8XaHqV haabPPqeiyajqss1reDTwnnmKSFdjMiErGVOCpGfs79lPw54ivviX8a/jhf+GtQ8IaH8R9V0x9K0 7VITa3rxaXZ/ZpryW2b54TcyksFcByACVGcn7aooAKKKKACiiigAooooAKKKKAM/U9W0rRLRtQ1m 9hsLVCAZbiRYowT0BZyBz9ans7yz1C1jvbCeO5t5huSSJg6Op7qy5BH0r5s/aY+GXjD4i6Po7+EV F0+mSzNLamRY/M80KFcFyqkptIwTnDHHv137P/gTxH8Pfh+uieKHAvJrmW4EKuHECOFAj3DKk5Us dpIy1bOEeTmvr2OCOKqPEOk4e7bc9uooorE7wr4b/bR/aA+KPwms/DPhD4EWNpqvjvXV1PVTBeRt LEukaFZvdXZ2oQRJK3lxQ54Z2wOen3JX5pWfwY+LXx0/aa+JPxpl8T+IPhZZ+GRF4N8PNFp9uJb7 T7fFxfXCrqNvKrQT3TAxTRKA6rjcwFAHsvj79pC7m8HfALx/8M5IH0j4seKtE02489PNZdP1Kzur iRFwRsmR4lUnnaQwIrJ+E37Wug2/wBs/i18edYt9Lnvtf1fRrZLS2mllupLXUbi2tobe1gEs0spj iGQik8FiAOnxf4U+FHxd+Gep+Cf2bpvD2ua74d+GPxf0bWdG1wadM1pL4f1CyvppGaaGPyFFpcSF ZyCqo0qjAGK1PAfgL4k/DXQPgb8YNb8C63qmnfD3xV49/tfSbawlk1SC31+6nS01CKxZRLKkeA2U Ut5cm9ARzQB+hnhX9rX4AeMm0iDRPE5+161q/wDYMNrcWV5bXMWqGJ51tbmGaFHt3eNGKGYIr7SE LGt4/tIfBRY/iLKfE8W34TDPiY+TP/xL/wB20oB/d/vSVRgBDvJYFB83FfnB4++GXj/4v6l8bf2m /BHgrWNDubN/CereFLTULOW11PVtS8Js88tz9hZfPXzIWNtACoaQMcLn5a8jtP2a/jZcax8PbW58 L36WX7R8aXnxJb7NMv8AZ8ltrja8wvSUxBI9pObJVl2ElSmNwKkA/afxb8WPh/4D+HUnxX8Yasul eF4reC6a6nilVvLuSohHk7POMjs6qsYTeWIXbu4rg/Af7UXwP+IuneJNS0PxCbJfB9uLvWItVtLn SZ7G2ZGdZ5Yr6KFxEVUkSAFeOueKx/2u/DEfiz4C69osng6+8bw+bZStp2kXZsdURYbmN/tNhIqS ZuLbHnRx4HmbdmecH80NT+HH7Q3xo+HHxq+HPgyTxR4m8Laj4XsRpOqeONIj0fxBLqdpqCXL6Ylz JFBNdwvBG6mSVQiysFBUEswB+lvgL9sL9nr4k3l1p/hbxLIbi3sJtURLzTr6xN1YW4JlubT7VBF9 pjQA58neRjOMYrG8Hftx/sw+Pr7T7Hwp4ve8/ta/sNMtJjpmoRW017qayNawieS3WIO5ikXDMNrq UbDcV8D6B4B1r4m+J/C+rWOk/FrU7rwdomuyO/jFLXTLPSLi501rX7FbQppUcl89xuCbIJEUKFfc fuj6X0v4C694x/4JzeFfhZDps+g+MtK8M6bf6dDNC1vdWev6eqXkG5JAHjkNym18gEBmBHUUAfVH jf8AaL+C/wAONX17QvG/ieHSbvwxpcGs6kJYpzHbWd1MbeAtKkbRmWWUbY4FYzP1VCCDXO+Ev2sv gN400DxV4i0fxDLDB4J0+TVtXgvdPvbK8ttPjjaY3X2S4gjnkiMallaNGB6D5iBX5neL/gh8cfi/ +z7q37QfiLwvrGm+PvFPjzSPFGo6DaRiDWofD/h8PY21nbQ3cbD7REhe5jR4yHJB2MTtbd/4Vtrv xAh+L3xA8PaX8TvEFwvwt1/QbXUfGiQ2lzd3N/DI66ZaaXFpsFxOVkXd5gl2iQ7FR9wagD9OPg5+ 0L8JPj9Dq118J9Zk1u20WSKO4nNndW0LGYMUaKS4ijWZTsYZjLAY5xlc/P3wo/bm+HPivT/iz4h+ IF6vhjRPh34guLCG5nsL+3STTUS3SB5GniG67lnkkH2ZAJguz91yGf6V+BGizeG/gh8PfD1xZPps 2m+HtKtpLaSMxSQPFaRo0bowBVlIIYEZB681+WPijwZ8S7fVPiFpdv8AD/XtXuPCHxqtviWbaOwk NtrWgiKCApYTsBDc3KnMogDbj5eOWG0AH6bfCj9or4SfGnUNS0XwHq8smr6Okct3p99ZXWm30UMv +rlNvexQyNE3Z1UryATniq/xT/aV+DnwZ8Q6b4R8f6zNa69rVtJdWFha2F7f3N3HG4jYQx2kMpdw zfcHzbQzY2qxHzv8P5NW+Nf7YNl8d9D8Ia34Y8LeGPB9zoc1/rlhNpVxqV5eXiTpbxW1yFlaG3VH ZpCoHmNtGRgnmfj38QLL4Z/t0/DbxTqXhrVPElrH4L1qKQaPYyajd2SyXlv/AKULeENKyDHlOUUk CQkjbmgD6R1j9r39nTQfhlpnxh1XxjFD4S1e/fSre7FtdO329I5pGtpIFhM8UoWCT5JEU5AX7zKD z+p/tv8A7Nulabo2pXHiK7lOt2UmpQ21vo+p3F5FYxStDJc3NrFbNNbxLIjDdKihsEruHNfFK/Cf 4ieI28M/EC98E6pp1h4w+Pth4uj0iazc3On6TDYTW4vtQhRW+zNLLGJJfMOE3JuOWxXvV3rmufs7 /tU/Fnx/4p8D+IvE+g/E2y0GXSNQ8PaXNq7RS6TatazafMkALwNI5EsZfEbbjlwQcAH1l4N+PPwk +IXiO08J+C/EcOralf6LF4htkhSUxz6XLMbdbiOYoInAlBR1Vi6Nw6qa81i/aI8IeLPin4K0LwN4 zsv7Iv7rxRp19aT6feCW/u9Bjh877JdtGsCR2juTJIzFJQcRMxVsfnq3wV+PXwF/Z6+Gvxn+Gvg2 7k+JHhy88SRP4bs0NzNb6R4sluHt7dlhDM/2Gc207LjCHzMkAE16f43/AGWvFnh2H4A/BvwXaXMi 6R4L8f6RqGsRRSPa22q6zpcCfaLicKyxm4u3kdN5yxyBkg0Aeq/ED9u/4eal4m+GvhT4J68mqXni rxppej3Lz6beJa3elzPJFeSWN1NFFBMY5Nil4ncKT0IINe3+LP2yf2cfBHjO+8C+I/Fot9Q0meK2 1GaOyvJ7DT55yFjivL6KFrW3Yk4IklXafvba+Ep9b8XeLvCH7MXwctvhB4p0vXfhn4q8LtrtxPo0 6adpkelRm1mlivFUxSxSk+YJI2ZBH80hU4z47efB/wAeeD9P+L/wd8XaX8VNU1LxX4g1i9stO8Mx 2a+G/EFpq0gaOabUZtPuVtpCpAuDK+YwqlQT8oAP3sVldQykEEZBHQivCvin+0r8HPgz4h03wj4/ 1ma117WraS6sLC1sL2/ubuONxGwhjtIZS7hm+4Pm2hmxtViE+FfjHSdL1sfs8jT9Tg1fwH4e0Waa 6uwsttcQTxtBGYboCI3Dh7d1kfyI1LKcAcqvyl8e/iBZfDP9un4beKdS8Nap4ktY/BetRSDR7GTU buyWS8t/9KFvCGlZBjynKKSBISRtzQB9B63+2d+zV4f8EaJ8RNS8ZIuh+I7m6srGVLO8klkvLNS0 1s0CQmWKdduBHKiOzFVUFmUHO139uD9mnw6ljJf+J7iT7bp0GrutvpOpXL2en3K74ri9SG2drRGU hh54Q7SGxt5r4p8FfCf4iaz8avAnxX1bwTqmkaJ4q+KWv+J00+4s3EumWLaKLa2u9QRVItZrmeEO VkPDFBnccV69Z6/rX7Ovxh+OaeM/hv4j8ZWfxKvrfV9GvdD0qbVItQi+wpbNptxJCrC3aJ0YKJtq bGLZx1APQfiV+2F4a+HHx18C6JqGrw3Xw/8AGXhW71a0m0+zn1O6vr0XEC2otFs1lkkV4XdsKhGB uJABNetXP7W/7PVt8ONN+Kx8WxzeHtYvDptoYLW6mvJr9c7rVbGOJrrz12ndGYgyjlgBg1+dHwv8 DePP2XvF/wCz9qvxC8A694itfCngXWbPU7nRdPn1b+xrvUdQFwiN9nV97RxuYCqFm2FnAKKzCjea F8c9Gnf4q2PhTW/BXhb4hfEHWteubiw8Pxav4q0HT5LCG2tbiKxkhne0lv5I5PtLLG0ka7c5yQQD 6w+LX7cfgS2+E8PxL+E+vQ+Ro/izRNG8QJqdjc2s+n2t5cKLnzra4SKWNvJ3Mj7SODjJBFd94g/a 9+HXif4P/FXxN8HtYM3inwF4Z1LWlsdT0+7sJ08m0lmtp2tr2KCSSB2QfMoKkEAkE1+Xep/Dv4qX f/C29bPw+8eeLbLV/F3w71WyTxDp7tq2tWOmtMl20hiiiijxtAKMsZgiaMShOa+n/ixbeMf2ivFX xO+KXgnwJ4i0fR9I+EniXwzGdV0q40/UNY1XU0aWKztrOVBPMkOw/MFwZW2rnqQD7w+Cnx08J/E/ w8LN9VjfxToGkaNfeIbcwy2yWj6tYreRuDKqo0TqWZWRnUYIJyCK6bSvjZ8Nda+ET/HbS9Ukn8EJ YXGpm+FndBjZ228yzC3MQuCoCMwxHll+ZQQQT+Vv7Qngn4m+BdL+Edz8ObZ9P1z40+DtP+Fuswyg wy2lxLFDJDdvEcOJLaD7YjsQCgABxxj9e/D3gjw14Z8Dab8OdMs0/sDS9Pi0uK2cBkNpDEIVjYdC CgwfWgDmb/40/DLTbDwRqdzrStbfEe4trbw+0UM0xvpLuE3ERVY0ZkQxAu0kgVEH32XIr5/8H/te fDPw98HvAniv4meNYPEeseMYLqSzk0LR9Rd9SFrM6SSW+nrC91HHGAFZpEVcjOeRXz3+yl8Fvipp fxyh8MfEvSbuDwb+zvaanpPg++uo5FTVDrdy7RXUUjAJJ9m05Utm2ltjMRnORXgHw20X43fD/wCH fwP0LxDonizwN4ftPCupQX2qeGfC66j4oTUpNVlddNmM9pcT2VvJDslQiMB3I3cYIAP2P+Ffxa+H 3xr8Iw+Ofhpqy6xo8sskBk8uSCSOeE7ZIpYZlSSORD1V1B5B6EGvRq/P/wD4J4+GPGXhTwB8SbPx voWu6Dd6h471jUrdPEMZW/uLO9itpIZ5ZQoimd+RK8RK+YHHGMV+gFABRRRQAUUUUAFFFFABRRRQ AUUUUAf/0P38ooooAKKKKACiiigAooooAKKKKACiiigArjPiP4uT4f8Aw88UePZIDdJ4b0u91Mwj IMgs4HmKDAJ+bZjpXZ1T1HTrHV9PutJ1SBLqyvYngnhkUMkkUilXRlPBVlJBHcUAfCXwaP7T2o6D 8Nfjd4p+KemarpPjW3t9Q1nw/fWdtp9ja2mo2rXEEel3MELXDTwFkBE8jCVQxLLgV8bz/tV/GjTL vwj8QdI+KOp+No7/AMU2Wm6pbWHhXyPBP2K9vvs5gs9WuLWCd5EUjZKJHLsD1UZP3j4R/Yf+HPhf V/Drah4n8R+J/DHg15pNB8N6xeRXWk6a8sbwgxp5CzSeTHIyQedK/lqeOcEcu3/BPn4fTeGtI8D3 nxA8Z3Hhfwxd217oWltqFr9m0ua1mE0bRD7JmbbhkUXBlCo7BQGw4APnPxB8S/2sdR+HXx7+Omkf FcaVZfCTxb4jsdJ0RdGsJYLuy0e6z5V5M0fmsDE3lJsKsNodmZjkfoV8YvH2v6J+zB43+KPhib+z dbsPB+pazZShUlFvdRafJcRNtkVkfY4BwylTjBBHFZTfsv8AgBvhl8S/hSb/AFP+yfipqesarqkv mw/aYZ9bbfcLbN5OxUU/6sOkhH8RavYL/wADeHtX8A3Pw01eFr3Qr3TH0i4jkbDTWkkJt3VmXby0 ZIJGOvGKAPkHxV8ZfiXYWP7MDaTqyfa/iNPAmsq8MG2+D6LJdkE+WfKUzhWJhCkdBxxXzl8C/j38 dbf4t+DfDHx68d6v4X8Ua7f3FpqfhjxJ4ahstHvCwfyk0HVLOJg7IQuwyzkS8jlsZ+mvCn7CPgHw /rngvWtb8b+LfFkfw8dl0Ky1i/t57O0tXt3tmtfJS1QPG0bKCzHzMRoocKGVr/hH9iDwB4U1nwrJ N4t8T654Z8CX6ap4f8OajfRS6Xpt5EHEMiBYEuH8jefJWSZgmSORQB8BaL+13+1J498LX3x08Cf8 Jfqd3JqkzaT4R0/wTLeeHbjTLe7MDW8urR27ztcNGjM0ySgJICm0DIX9E/224NR139jj4nXGm39x ojnw5d3UgEUbSPCkJkktpFmRtgkXMbkAOuTtKsAa5y6/YN+F091qelQ+JfEtr4D1rUv7WvPBsN/G ugS3RmFww8owmdIHlG94UmCE4wAAAPqzx/4E8P8AxJ8A6/8ADfxGjjRvEen3Gm3KwMI5FguYzE3l tghWAPynBAOOD0oA/KLwl8O/jDrX7T3g3wp4X+KV3oV9H8GdLnvtcGm2E99NC+r3TQW0cTRC2jCb 1XzBGXKRDJ3uz1zsv7Yfx+1nRPht8KLjV9Rg8SahqPii08Q+IPDXh4avqc9v4du2tYzZ6csckSNO cedJ5eIwNyqM4r9HvhP+zJ4b+FHivTvG8XifXfE2tab4aj8KpPq89vKW06G9lvYi/k28JMkbS+Wr Zx5aqCpYFjw2ofsQfDKbSdMi0LX9f8P+INB1vV9d0zX9Pu4YdTs7jXJWlvIEbyDE9tJnaY5I2ygw WJJJAD9j74lfGDxtZ+NPD3xY0/W5IvDeoxLo2t67oUvh+71XT7qMuvm2rRRRma3dWjkaJQrAodoJ y3nD3P7Snxc/aO+OHgfwf8V38EeHfh6dETR7aDStPu2a81HSoblhcvcQO7Wwk3MVB3sXIDqqBa+r vg38D/CvwVsdaTRb7UNc1fxLenUNW1fV51udQvrnYsatLIqRqFRFCoiIqIM7QMnPyEv7Kfirx5+0 18efG2r+JvFHgPRPFJ0C1tp9DvILeLWLKLSY4blHEkU7KYpVKLIojkXc4VsNQB5b4V+O/wC0h+0v rvwX0PwF43T4ax+NvBWpa1rUtvplrqGLzTL5LQyW63SkhZJBgAuV8pzwW2uNLwN8cvi34R8UW/ir XNcjuvA8Pxf8T+CNchTT7G2zFdSLBpN5JJBBGwMNyoWWQtmTzRvJwCPunwt+zj8NvBPjTwl4z8Jx XGmHwV4dm8MadYxOn2NbGeWKZmcMhlaXdEPn8znLFgzHNc7f/sn/AAy1T4XfEb4Sahc6jPo3xN1r Ude1CRpYftFtfajOlyzWjiEKghlRXh3pIVIG4vQB8i63+0d8UdZ+G3ib4twfEi08E+FvFPjoaH4X lfSxqV5/Yenb7aaTSrWC2mku72+uIpHRZw8aICRtHA+S/jP8V/i545+CP7RHwu8SeL/EGo6J4Y0v QdasJ/EWg22jatPbXl0YpbW4g8iM+QzhJY5RHHJ8mAdhIP60eIv2TPhzrHww8BfDLR7/AFPw0vwx e2m8P6rps0Ueo2k9tC0Hml3ieKQyqzGZWj2uTnA7cDL+wb8MNRh8enxR4p8T+Ir34l6PDpGuXeoX 0Es04tpvOguY9tsqxTRYVEVAIAigGIncxAPmn4jfHH45R/HXxD8B9K8aeL7ew+GulaZ9r1fw34Pg 8Qajqup6nCblJrxIrVre2gjTaqxxxp5pD/Nwdv3l+y14++JPxK+CHh/xR8X9AufDfi9vtFvqFtdW c1g7vbTPElwLedVeNZ41WUKRgbiBwBXnGpfsZaHd6zp/jDSviT4y0PxdFpsek6nrlhf20V7rVrEz GP7eGtWheWMMVjlSNHUY5JUEfRXws+GPhD4N+AtI+G/gW2a10bRozHEJHMkrs7GSSWVzy8kjszux 6sT0HFAH5C/sdfGbx/4k8Y6D+zd4b1OX4faRZ634r1m61Se0iln8RmDVpnfTdLa5ikgCRJKHuZMG UYKoF2s5k1P9qr9pjx5d/EPx78O7zxZDN4a1y/07w74d0jwVJq+h3sOmSiMpqGorA83nXJVg4jlT yCQR1IH3/J+xn8MB4F8PeCrLVNYsbjwn4iufE+k6xBPbrqlnfXd1JdTLHIbcxGFzI0bRvEwaPAbL ANWD4l/YZ+HHiDWPFTWPivxR4f8AC/jq7kv9e8M6ZqEcGkahdTYM8jIYWmj8/H74RSoHGBwBigDw 7W/2t/iX8MLf4w2XxBWYa3L4d0jxV4G0+5tY4rqMa6iWI0141ijZ2s9UdI28xWlKsd54wPpf42af 4t0n9h/4hab4+1T+2vEtt8PtYTU73y4ohcXo0qXz5FSFUjVTJnaFUADFeRfEb4Lz/GX9rH4YM/gC 50Lwf8Elnum1mcwxWmps0dtJp9nZRxuzvHbzoJHMiKEMRUD5gT9u/EHwVpXxJ8A+Jfh1rss0Gm+K dMvNKupLZlWdIL6F4JGiZ1dQ4VyVLKwBxkEcUAfmv8N9e/aB+BPhb9nDxL4s8ff8JZ4e+I9xovhq /wDD8mn2kEWnf2lYNLZSWVxAizH7MIQkpleQSjLfLwV0NQ/aN+MFv/wT/wDFfxtXxEE8aabrl5ZW 9+bW1+SGPxILCNPJMXknFufLyUJP3s7vmr6F+HX7GHgfwD4h8J6xe+LfE3i6w+H6MvhvStbvobiw 0p2j8kSRJFBE8jpGSkRldxEpwgGFI4rxL/wT2+GPiez1/wANXHjTxdZeDte1OTWT4dtdRgTTLfUJ pvtDyxI1s77fM+dYnd4wxLbc7SoBj/so+GvFGm/tP/tKajqfi671Wzi1yyhezltrSOOSWfT7aaKc vFCkgaCL9wihgjJ8zhpPmrX+KOsfHnxx+1//AMKK+HvxFk8BeFYvAtt4hupLbTbK9u2u21O5tMQv dRvs8xAm4ncAI8Kqsxavobwr8BtB8G/Gnxb8adC13VorjxtFAupaO00TaU9zbxxQx3SxGLzVmEcQ XIl24LfLyMdDH8JfDkfxqn+Oy3N3/b8/h+Lw20G+P7GLOG7kvFcJ5fmeb5khBPmbduBtzyQD83/h n8fP2ivjTefD/wCAyeM4/DniGaXxUfEPii00+2a6u7bw5f8A2GJbS2mR7aKWcsDKdhCgZQDpXm37 Qnir4z+I/hp8Tvgj4/8AGUt9qfwq8beDUi1qCxs4ZNVsdcuLeezFzEIjEk9ozByYggcqgddpbf8A edz+xN8N49M0xfDfiHX/AA74g0LWNX1rTtesLmCPUbaXXJTNeW4JtzDJbOSB5ckTHaB82ck3Lj9i /wCGF78KPFPwvv8AV9cu7nxnqEGr6r4hmvEfW7jUbSWOW3uPPMXlKYTEioiwiNVGAvJNAHofxml+ MnhL9nrX2+Esp8T/ABG0vSFSynuYoFkvLuNVWW4MKCODzmXfIsaqsZkwoXadtfnP4f8Aiz468feC vi98NtX+LOutqC+B7+/fRvFfhm30XxLZXEAJuGiCW62k1nNHuicAySRlgUZcBj+m/iv4O+G/H/we uPgt8QLu98R6Ve6fFYXV5dSIL+4aELsuXkiREFwJEWXeqAbxnb2ryTwp+yF4R0jXtT8U+N/F3iT4 h6vf6JdeHYrjX7yGVrPS7z/XxQC2ggAeQAb5XDOccEZIIB+eXh/40fGDwb4R+AP7P3hzxV4kSz1H 4d6b4r1DU9A8Nw65rCWc0cVvaadbW8Vs8ccEGCGuJI3kI2Bn3H5/YI/2kPjtbfAOd/iH4iufhzrd t4yTQ7XxBrXhi5t9Y1rRnTzYptP0T7NIsmoSDMZQRGFdjMcdvoG1/YW8G6ZoHg6x0Xx/4u07xB4B hlsdG8QQXtqupwaXIqKumyH7L5E1pGEXYkkRKnOGAJFblx+xN8Lv+EJ03wzpesa7p2t6Vr0viiLx NHdxvrj6zOrJLdTTywvFJvRtrIYthUAbRjNAH5pfEn4z/EvxX8Kfjn8KvGmua54i0fQ28D6ppN14 m0WPQtXRLzX7ZJUkgjjh3xEoGjd41bGe2K/Vj9srxVrfgf8AZc+JPi3w5JFFqel6TLNbvNbw3UYc MoBaG4SSJxz0dGHtXmN3+wN8NNWPi268ReMfFetaj46ttLt9Yvby+tZZ7h9Hv47+2mGbTZEwaJYS karEIhhYw58yvqH4u/DHQPjP8NPEPws8UXFza6T4ltWtLmWzdEuEjYgkxtIkiBuP4kYe1AHw/wDs 16B4sP7afx31u+8XXd1appvhCaeyNrZpDOL2zunt0ZkhWRVswGWPYylwxMpcgEeofFu5Xxb+2T8F Ph1fMW0zw/puu+LXt2/1U97AsVjZOQerQefM646Ehu1es6H+z34d8M/Gm8+Nug69rFlf6tptppup aYk8R02/XT42itZp4jCZPNiR22lJFXP8PLZ4/wCPXgDxEnxQ+Fvx98E6fJq2peCb6fTNTsoRmW40 TXAlvcyIOrPaSCO4C91WTvgEA/PbU/2qv2mPHl38Q/Hvw7vPFkM3hrXL/TvDvh3SPBUmr6Hew6ZK IymoaisDzedclWDiOVPIJBHUgfph8VfjTqvw7/Zj1z47PokltquneHf7WXS7tXR4buSBXS3uFIV1 8uRgsgIVgAehrzDxL+wz8OPEGseKmsfFfijw/wCF/HV3Jf694Z0zUI4NI1C6mwZ5GQwtNH5+P3wi lQOMDgDFeo+Nfg6i6B49uNBF14li1/w5/ZFr4R1C9EPh4LbwPHHDBEiA2xuAwjlkDHAwQBigD5Fl 1z9qj4YePP2f5vFnxWPijSvidqkdtr1g+l6bAkEzWElyIbOSGESfZyQQSSXzGhDjeyn9Pq/Gr4Rf s5/ELWvjV8ItWl8M+PdA0f4ZzT3V8fG2uWmoWNgFtWii0/RI7WRzPG0jrmeQAiKJV3cBK+9/FnwU 8cwfD3RvBXgPx54gnvoPFFlq1zqupas32z7AL0XF3atJFDmWDyC0MVv8g5QM+1TkAuftZ+J/iZ4C +COsfEj4VXRi1XwbLbazdWwhimF/pdlKHv7VvNR9ge23sHTa4Kjawya+Nvjz+0d478YaR8bfFfwl 1yEeAPh34IsHiL2VpeQX2u6xsvY5T9phlDpb2TIGiPy75fmBIAH6pXtlaalZz6dfwrcW11G0Usbj cjxuNrKwPUEHBFfJfhP9ij4P+Cv2dPEf7MugXOqReGPFLXL3t208LaizXOwZWUw+X+7jjSNMxHCK AcnJIB8ofHL45/E9fGfirQfCHxV1TTrrw5pFhcWGh+DPC412aC4e08+SXXLmezeCBXb7sSTIFi+Z uev35+zT8Q9b+LPwA+H/AMSfEwjGr+ItGtLu78ldkZneMeYyrztDNkgds4ryzX/2MPBOseJPEmsa X4w8T+HNM8apAviHSNLvobey1QwQLbZlP2dp4jJEu2UwSxl8npXtvw0+EmlfCj4Q6T8HPCmsaiLD Q7BtPs7+drd7+JDuCSbhAsBkj3fJmEr8o3K3OQD8aPj3P4S8LftJ+KfhT4b12/0v4AeLdc0h/ia1 jD/oGma1eeaRarcq48iK/KRC/Kj5M4LD/V19vfG34WeIJPj54R8d/s83PhLVvFvgTwy2nv4N11jH FHo884MN3Y+QGNtKHj8lXKBCo27hjB+hvBv7Lnwj8G/BTU/gKLGbWfDuvi7bVptSkE99qVxendNd XU6qm+4ZsESAKVKrtxtGPN779iLwTNovg6PS/HHi3SPFPgXT20jT/E9pqEMWsSaZvLpZXTrbiC4g jJAVXh3AAfNkkkA+dPC118L/ABHon7R3gL4m+Gm/Z58beJNFtv8AhKGk1GK60j7LdwS2VrqVpJGY oNrMxWZQsZdiFdmYkjivGVh40+DXw28IeHP2rPhFoWs/DbwNeaS1v4y8E3xtZ9Le2ljjtLySzkSO cbn2ee0T7OTwcqK+8fBH7JXww8L6F4z0rxPc6p4/vfiHAlpr+peI7s3d7e2saMkcG+NYliijDtsW JUKk5zkKR5zp37B/gtY9M0DxT8RPG3i3wXo00E9t4Z1bV0m0vNqweCOYJBHNNFEyqY43lKjaMgji gC/rtyvgn9vXwo2nOY4fid4N1G1v4U+7Jc6BcRT2tw4H8SxXM0QY9VIHYV9r18peHvAHiLxd+1fr /wAaPE+nyafo3gzR08MeHVmGGvJLtkvNQv1HUID5dtGf4tsh6bSfq2gAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiivz9v9f/AGgvjj8Vvi3ovwx+IqfDvSvhdPa6XptuNOtbtdQ1KSzW 7lm1F7qKR1twZRGqw7SVBfO4AEA+3bLxj4W1HxRqfgmx1OCfXdGht7i8slbM0EN1u8l3XsJNjbT3 wa6WvyY0Lwn8dPiP+1x8QovDHxHt/AepjwZ4Um1e+0Szt9Uhub7ZciNbZr6MgWvmeax+QOw2ruX5 s87ZftTfFHx98LPg9d658SJPCOseJNL1STVLTwroD654k1S70+9ksFkt7QWlzBbWrGJneQhCZDsQ AA7QD9ZNZ8Y+FvD2saJ4e1vU4LLUvEk0tvptvK22S6lhjM0iRD+IrGpYj0FHhPxj4W8d6OPEPg7U 4NX01pp7cXFu2+PzbaRoZkz6pIjKw7EGvx7+FPxb+IHxb8e/AiX4lXk+o6x4S+JnjDw+Lq8sk029 ngstGkaJru0iwkNwBJtkRRwRg5OSeE8C/Hr4ieCvh78M/gv8PLvV9FXxZrnjnUdU1LQNEOv6tHaW OsXISGzszHKmZHf95KyN5a4Yc8EA/eSivxtuf2hP2t5PDOieCLa/1fw9qeofErRvDem+J/EfhcaZ calomsWN5IxlsLiGOJp7SWEbmhCB9qZ2hm3dj41/aD+O/wCzRH8dPC3ibxUPiVeeENB0HV9Avr+x trKaK41y7bTzHcLZpFFJFHMVlGQpCgqWxyAD9YaK/K/4i+P/ANpT9l74q/D5PG3xMl+InhfXNF8W atqtlNpmn2UrXfh/Rpb7yoJLaBZFgd9pQDLqVwzMG215d8Jf2k/2p9Wl+GvxDlk8Y+MR4x1Cw/tz RW8DS2nh+z0nUus+n6lFb+a32RXVhI8zpMuSTgAkA/aGiivyW/aS+NP7QXw7+L/jGTxF4w1z4aeD dPWybwxqdp4ah1rwxOhhVrg6xdJDPdxO029CqhNiDcufvMAfrTRX5523jD41/tF/Gnxt4G+HfxMX 4f8Ahz4d6XoMi3ekWFnqLatqGu2f25LjffJKBZxxlQiIFMmSS/p4P8Nfj1+0/wDtC+Mvhv8ADqz8 Zx+AbnUND8RjxHc2GnWl35t3oOprY/abP7VG4RpSFB+9GoaTau4IygH7CV5/efDLwnffE3Tfi7cQ SHxJpWmXOkQSiVhGLS6ljmkUx/dLF41IY8jpX5S6T8Z/2ttJ+Cmq/tB+KviXDfQ/DzxhH4Yn0eDR 7KKDW7OHWIdNuLm6l2GSK4lMx2+R5aIsYIUs7Gn+Nv2m/wBoTxv8RPi23w91XxZo9v8ADzWL3QtC 0vw94MbX9Pvr3TVHmNql75ErL9okO3y42jMcbK4ycFgD9l6K8L034sa7bfs3L8bPGPh6fRtZsvDD 65qGjzxyQTQXNvaG4ntikiiRcOrKNy7sY4zXzN8NtV/actPA/gT9ojxZ8TbDXtH8S6emsa14aubG 2sraGzvLJ7uCDSJ4IWuHuYSUULNIwmAYllwKAP0Nor8jJfi7+1F4Y/Z08Ofts6t4/j1ey1O502/1 Dwamm2aaamj6peR2yW9tcLH9s+0xLMjeY0rZbKlGAwc7xB8S/wBrHUfh18e/jppHxXGlWXwk8W+I 7HSdEXRrCWC7stHus+VeTNH5rAxN5SbCrDaHZmY5AB+uNvrWj3Wq3mhWt9BNqWnxwy3NqkqtPBHc bxC8kYO5Fk8t9hYANtbGcGs3WvGPhbw7q+iaDrmpwWWo+I5pLbToJW2vdTRRtM6RD+JljUsR6Cvy c0vWPiP4d+Kf7YHxk0Hxpd217pHgXSdct7Y2li8Qnm0W/urEMWgLEWBTbH/z1BPn+YcV3Pg7xD+0 FoniL9m/XPid8Qo/F7/FW/N5cWj6Lp1vHpsb6JPdG3tZkiMwG8oDIGVjsPOHYEA/RDwHffDfxfaP 8VPh49jqUPiqKHfq1mFY3sVoXjiDSgZdYiXCgnCktjqaS8+GXhO++Jum/F24gkPiTStMudIglErC MWl1LHNIpj+6WLxqQx5HSvxq/Z+179oH4F/sNfD/APaLs/H32vw5o13axS+EH0+0NpNo95q32FlS 6VPtQuy0vnK/mbRxHsOCD9vaV8a/iRN4C/at1y61oG7+Gmo67DoMhgtx9hhs9HiuoRjywsuyZmfM ocnoSV4oA+z9c8beD/DMepya/rNpY/2NYS6rerLMivb2EIYyXMiZ3LEu1svjHBGc1saTquna7pdn rej3CXdhqEMdxbzRncksMqh0dT3DKQQfSvxLtNZ+KU/jj4h/Ga68cXFxqo+Adh4ingl07TXtriaf T7xkhkja2KmKO6BuQAPnYmN90P7uvpTwf45+N/x18aeHvhP4Q8dP8O9M8N+AvDuvapfafp1jPe6j qOsRExpGlzC8ENtGIyzCOMZY7BhcYAP0wor8efD3x7/al+JvjX4a/BG18aweFde/t/x54Y8Sa1a6 XaXAvj4WWzkhvLeCdXSKV1lKEKfLDMzFDtVF+x/2UfG3xK1XUfin8M/ih4h/4S3UPhz4j/sy11d7 aG0nurKe0huoRPHbqsXmR+YVLKo3cZGeSAfVlvrWj3Wq3mhWt9BNqWnxwy3NqkqtPBHcbxC8kYO5 Fk8t9hYANtbGcGtOvxo8d+N/iJ8A/jd+1z8Y9B8SzapdaFYeDlt9Oura0FpLNrPnWtj57pEsoi08 y5XY6mRc+cznBH0nFrP7QfwD+NXwn8LePviJJ8TdA+J817peoJdabZWMmn6jb2huo57L7HHGxgfY yvHLv2KN27JoA+jda+EfwqtvjLpXxv8AFd9M/iVR/Z2jxX+ov9ht7i4iMTmxtJHES3M0SlWKKWZc +5r1Lw14x8LeMk1KTwtqcGqLo9/c6XeGBt3kX1o2yeB/R424Ydq+Ff24fDXijX/iH+zyvh7xdd+G jN40W2jNtbWk5iuHsbp1ul+0wyguiqyBGzGQ5LKWCkfKOiyftB+CPhx+0x8cPhr8R/8AhHdP8D/E TxffW+hHTLS6ttQNtdiS5+1zzI0wEiHYixMm3buzlsqAft7RX5I/E39pz4t+N/jrrnw68Gav4p8I aB4Q0XRryR/CXhT/AISe7utQ1m1F4humeCdILeJCqqgCmUh/n4+T7r/Za8ffEn4lfBDw/wCKPi/o Fz4b8Xt9ot9QtrqzmsHd7aZ4kuBbzqrxrPGqyhSMDcQOAKAPoOivxu8DfGL9qjRP2UfCn7ZfjP4m /wDCRK95Y/2j4bOlWENnc6Xc6kmmkJNBCk63mXEodWCZ/d+WQOeu1/4z/tGaPq37Qvxifx5nwd8F dVvrXT/Da6XZsuoEWEckcVzdhBMkMUssb7lPmEeYC+Cu0A/WOivy/wDE3xA/aO/Zrh+FfxN+IfxB f4k6J481G30nXNIOm2VolpcahaSXMMumyW0aS7IWiKsspk3p8x2k5XjJfi7+1F4Y/Z08Ofts6t4/ j1ey1O502/1Dwamm2aaamj6peR2yW9tcLH9s+0xLMjeY0rZbKlGAwQD9I5vjV8KYPifB8Fn8UWR8 c3ELTrpCybroRrGZizKoOz92N4DEEryBgivUK/OL9lrwZ4p079rj9pDWtV8ZXerpbappFvPBNZ2M YujNpkMtu7yRQJIv2aM+TGqMqsvzSBn+av0doAKKKKACiiigAooooA//0f38ooooAKKKKACiiigA ooooAKKK+KviD+1PrHhH4h3nhuw0aCfS9Lm8icylxcSlcbyhBCoM5C5Vs9e+BpTpSm7ROTGY6nQi pVHZM+1aKht50ubeK5jBCyqrjIwcMMjIqaszrCoLm5gs7aW7unEUMCNI7twFVRkk+wFT1zPjX/kT de/68Lr/ANFNQBT8IfEPwP8AEDwlB488E65aa34euVleO+tZRLAwhZlk+Yf3GUhh2INaXhTxX4b8 c+HbDxd4Q1GHVtG1SITWt3btvimjPAZG7jivxA/ZU1XUv2TvhP4C1zVrqST4R/HLRVSeWVi0eheK 2hZEZmP3bfUEQKSeFkXkog59K/Zg8WfFjx14O+B/7N/w58XP8P8ATrX4djxVquq2tpbXl9cq9+9j BaW4u0kiiVWVpJH2MxG1RjPIB+ytFfJf7KPxJ+I3i63+IXgH4q3sWteIPhp4luNCOrwwJbDUrURR 3FvcSQxfuo5jHKBIkeFBxxzXxt8ZPjv+0F8O/i34uk8f+NtW+GOkWWswx+G5pvDUOpeC7zSSYgBf 6jBFLdx3E2X8z54xESMEAnaAfr7RX4yeMP2oP2gPH/j74r3Xw31jxVpdn4B1a70TQNO8OeDT4h02 /u9ORS76lf8AkSsBcSHASJozHGyyDJwW9bi+IP7UPxv+O/g/4faH4uufg9ZXfw20nxdrNg2jW11e QarLqE9tPahb+PzI1bADb84EQwoLsSAfqBRX5X6R+0d8atW8FeGPgMdfEfxtm8f3HhHVdSS0tg40 3Sn/ALQu9UjtWiMAWTTTEF/d7S0mVwRkeA6L+13+1J498LX3x08Cf8Jfqd3JqkzaT4R0/wAEy3nh 240y3uzA1vLq0du87XDRozNMkoCSAptAyFAP3Oor8+PBXiL9oH4rftcfEvRLL4hS+GPh/wDDW78N TR6INJs5Zr1dU0uC7ubWeeWPzokDb+QS4aQ4YBFA9E+PXjb4l6r8Z/h3+z38M/En/CFt4qstW1fV dZjtYbu7js9NESJb2iXKvAJJpJvndkYoq5Uc0AfYdFfm34p8ZftO6F4q+Hn7M938Q9MbxH431rXc +LbKzglvodC0a1juhHNZPEtrFqEvmhCVRowg3hc9PH/id8ef2n/hPq3jD4F2vjSLWvEGja94NGi+ JLvTrQSzaf4juGgltr+3iRYCY5EKh41jkdMsCpwQAfr/ADTQ20MlxcSLFFEpd3chVVVGSSTwAB1N VtL1TTdb0201rRruK/0+/hjuLa4gdZYZoZVDxyRupKsjqQVYEgggjivy28fX/wAefDGu/Fz9nfxl 8UbnxbZX/wAL73xXaarLpen2l5aTQXD2tzaqkMQhaGdMj5lLIGwjBlDHgvhVcftJ3tn+zx8Cvh98 W5/DumeIPhnD4gubyTR9Nu5raOFLMW0ECtCgKxCRYQzli0ZYvukw4AP1KX4xfC5/L2eJ7E+drz+G E/ej5tbj3b7Ef9NxsbK+xr0qvxG+I+vfFDx94O0HS9N1u3tfEmm/tKXWi6bqRsLSMW0dtHexRzyQ QxxRzyRqS5MgLSEYZjXofxr+OX7Q37Ok3xG+Fl14+fxVfWGjeGfEuia9c6fYxXtrb6h4hg0i9s7i OKEW0odWZo3MQZVY8kgFQD9cZpobaGS4uJFiiiUu7uQqqqjJJJ4AA6muRHxF8CPqXhrSItes5bvx jbzXejJHMsn9oW9vGk0ktuykrIixyI+5TjawI4NfDn7Yfjj4gN42vPhD4d8SyaHoetfDfxZqt3HD bWs0jz2Hk+Wd08UjKHjaSI4IGHJHzqrDwrw38UPG3wH+Gf7L+oXOrN4n04/DfxN4gngubKyWbydK 8P2V5aWUE0cAljSEExhlYPKMec0hAoA/YuivywX4g/tPfDLwB8JP2ivFnxEXxhYeP9U0GDW/Df8A ZlnbWNrZ+IioiOnTQoLoy2pkRRvkfzeWbpXmD/GD9rO0/Z08Q/tX3PxTEsHhPxHdWkPh3+xrBbW+ 06DWvsDpdTrGJhIVbCNEUwqLnLs0hAP2Tv7+x0qxuNT1S5js7O0jaWaaZxHFFGgyzu7EBVUDJJOA KfaXdrf2sN9YzJcW1yiyRSxsHR0cZVlYcEEHII4Ir5W/bp0/UdR/ZF+K0em6nLpTw6BfTSPFHFIZ oYomaSBhKrgLKoKMy4cA5Vg2DXz14c1f436/4s+Gf7Lvhf4k3WgRWXgGLxbq/iJdOsJdTvI7i6+y 2ljBG8H2aJIBw0giLsqpk7mZmAP02rh9e+Jfw+8MaJq3iPXvEVjZ6ZoN1FY6hcNOhS0up2iWOCYq T5cjGeLCNg/OpxhhXgf7KPxJ+I3i63+IXgH4q3sWteIPhp4luNCOrwwJbDUrURR3FvcSQxfuo5jH KBIkeFBxxzX5geM/DXjXSP2WP2uLufxdc65JH8ToLSO3ura0iikvo9T0Vzeu0EUbh5AyoyBhEFQF UDFiQD986K/K74i/Gb4/fsleNtWtPHvjj/haWm6h4G1rxDbRXWm2unm11bSXhAWM2aIfssnnAFXL soGd2cluW+Cnx5/adl8afDHUNWm8aeN9O8Z3EMHiW01HwPJpOk6XHexbo7vT7+K2Q+TbSbVYzO4l jJf5TyAD9PfiN8Ufh58ItATxT8TfEFp4b0iSdLZbq9kEcRmkDMqbj/EQrED2Nct8Of2ifgT8XdQl 0j4ZePNG8SahChke1s7yOS4EY6v5Wd5UdyBgd6+e/wBu6GK40j4IQToskUnxY8HqysAVZTcSAgg8 EEdRXK/tweFfCPg5fhL8UfCel22l+PNO8eaDZaZc2kaW9zcx38xiurN2QBpIpod29DkYHpnIB9A+ Iv2xP2XfCXiG/wDCfib4m6Hpmr6VO9rdW090qSQzRNtdHB6FSMGve9A8Q6D4r0a08R+F9SttX0rU EEttd2kyT280Z6NHJGWVh7gmvyV+CPiz4maN4y/aD0nwX8CT8UrK4+JviBnv21TSrGGOVorVTbOl 83mkKoVyyoy4fAyQRUnwl8HftAfCqX4efskaZ4itfh3qnjA+JPGWs3Ol28F9/ZVkblPJ0nTftKPB kNLmRzG2znZkDLAH6mePfiH4I+F3hqfxj8Q9atvD+iWrRpLeXb+XCjSsEQFj3ZiAPevOPAP7UX7O 3xR16Pwt8PviLomuazMGaKzt72M3EoQFm8uMkM+0Ak7QcAEnivzD/aJ+I3xVn+Dvxe+C3xMu18ba 18LfGXgwWWprBBZS6rZ6tcQXltFPHGFt1nQDY7KEUgqSo5Le7eM/AHx0/aI8ffC433wRtfhJp/gb xRYeIrvXrrVNNvL1oLAlmsraPTy7/wCkEgMXYJ8oyDgUAfp/RXx1+2T42+LHhLRfhho/wd8RReF9 Z8aeONM8Pz3s1rDeIlneWt40h8qdWUsrRo64KksoXdtLA/NPxg+NPx8/Z+tPjL8M7rxzJ4q1PQvA 9v4x8Pa9c2FlFe2Ze9axmtriOGBbWX513xMYQdpIO7GQAfq3RX5irqH7Uq/EHwF+z/qHxecat440 6+8U6rrkWjWEU2n2dslvGNM06JkeJgZ5WJmmV3WPbjkHdwt3+0P+0hpXxE1D9kGTxTBL4yHi/T9H t/Gsmn2/mLouoaZJqu9rNVFq19HHH5Y+QI24EoD8xAP1c8QeIND8KaHf+JvE1/Bpek6XC9xdXVzI sUMMMY3O7u2AqgDkmuf+HfxJ8C/FnwtB41+HGswa9od08kcV3bkmN3hYo4BYA/KwIPFfjr+2Hr3x w8N+B/jL+zl428f3PifTLDwlYeMLDVnsLGC8nsmv/wCz7jTL3yYVjKNMVmSWNI5fk27mUsB+x/w8 8Pan4T8FaR4d1jWpfEN3YwiNr6eC3tpJhklcw2kcUKBFIQBEUYUZ5ySAdnRRRQAUUUUAFFFFABRR RQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFfJXxM/ZB8JfELxb4i8Y aT4v8SeCJ/GttDZ+I4NAvIbe31eGCMxIZ1mgmKSCI+X5kRRimQeua+taKAPEPhz+z98P/hV4y1Tx l4MW4s21PR9I0MWW9DZ29noqSJbCFQgkDbZCHLSNnAwBznxHSv2FPAPhS18MP8PfGnijwjrHhfT7 7SY9V0+6sxeXWm6hfSajLbXHm2kkLKs8rNGViVk4OSRmvt2igD46+Hf7Efwr+GWsaFrOg6zr11J4 f8R6j4pgW+vIrnfqGqWIsLnzpHg86RHRfM5k3eYSdxU7aguv2IPhkPCvhrRPD+v6/oGteDdS1XVN H8QWF3DFqtpLrU7z3kO/yPJeCQybDG8RygAJJyT9mV86ePv2sPgP8MfGN38P/GOv3MGv2EMFxcWt rpOp35iiuQTEzPaWsyDeFOBuzwaAOU0f9jT4ZaXBo8txq2t6prOm+LbTxpc6te3UU1/qWq2UEltC LuQw7TbrHIQIokjC4G0rzlfjj+z3pHiGy+J3j7RtAPjbxJ4z8N22hy6BfXiWmn3cFjLJNGkcwQSQ TsZW2ymTarhCNmC1fRXgfxt4b+I3hax8Z+EZ5bnSdSDmCSa2ntJGEcjRtmG5SKVMMpHzIMjkcEE9 XQB+QXwa/Zw8XeK/2hPBHjXxD4e8c2/hfwPpWs2V+3xF1a01KSY6laGyXT9PhtXdTAqu7STuAZQF BJwoP1V4N/Yc+HXhDUvDkcvizxRr3hbwbfrqeheGtT1CO40nTrqLd5LIohWaRYN2YVllcJ75NfUw 8d+FD47b4ZC/H/CSrpo1c2nlyZ+wtMbcS+Zt8v8A1oK7d27vjHNdbQB418K/Bnjfwv4i+Ieq+Ltb udTsfEWvNe6PbXF494LGwFtDH5SbkjWFWmWV1hQEIpUF2bca8l+Iv7G3g7x94k8V65Z+MfE3hOx8 foqeJNK0a8ghsNVCwi3JlSW3leNpIlCStE6F1znkk19f0UAfJfiT9j/wReeILbxP8OvE/iH4Y36a TaaFct4avIoFvdNsE8u1jnW5huAZII/kimXbKqnG48Y6X4e/ssfCz4W+JPCPiPwSt5YnwXoV5oFl bGZZIJIL+5S7uJ596GV7h5kLl/MCks2V5GPYde8d+FPDHiDw54V1y/Frqni64ntdLh8uR/tE1tbv dSqGRSqbYY3bLlQcYBJIFddQB8vXn7Jfw5vfg/4j+Ckuo6qND8T68/iG5mWaD7Wl3JqUeqFI3MBQ RedGFAaNm2ZG7dhhzXjf9izwN4t8V+KvEmj+L/FHg6z8fD/ipNK0O/it9P1VzH5TySRyQSvHJKmF laF0LjOeWYn7GooA5jTPBnhbR/B1t8PtP0yGLw7aWK6bHY7d0Is0j8kQlTnK7PlOc5HWvlzwT+xN 8P8Awbr3hm8uPFPiTxJ4d8DyyT+HvDur3kN1pOlyujxI0aeQs0nkRyMkHnSv5YPHOCPsquS8D+Ov CnxI8OReLfBV+NS0mea6t0nEckQMtlcSWs67ZVRvkmidM4wcZBIIJAPlXR/2FvhppMum6KfE/iW9 8BaJqK6rYeD7i/jfQ7e5SUzRqEEIuXgjlO9IZJ2QMMkEcV6Q37L/AIAb4ZfEv4Um/wBT/sn4qanr Gq6pL5sP2mGfW233C2zeTsVFP+rDpIR/EWr6PrzjUPi78OdI1HXdL1bW4rG48Nz6dbX32hJIkjn1 YqLKNZHUJK0xYKojZjuIU4PFAHiWt/se+BNY8Q+K9cg8Sa/pkHjjwuPCmtWNrc24tb21js5bGC4d JLdyLmGKZvLYMEDclCNwb0K6+AHg27m+Fc8l5fhvhCc6TiSLE/8AoLWH+lfuvn/dMW/d+X8/PT5a 9E8L+O/CnjO88QWHhm/F7P4W1F9J1JRHIn2e9SKKdosuqhsRzRtuTcvzYzkECbRPGfhvxFrev+HN HujPqHhieG11CMxSxiGaeBLiNQ7qqyZikVsxlgM4JDAgAHxt4G/4J9/DLwRpnhvwiPGfizXPBHhe 9i1O28Nalf28ulvfQyGVJZkitopHUSnzfJ3iEyfMU5IPRfED9iLwF4/8S+M9Z/4TDxT4e0r4iBW8 Q6LpOoRW+nahMkIg811eCSVWZABIEkCyYAYFcg/Z9eZah8ZPhjpdwlpdeIIDK+vw+F9sQebbrVxE s0dm5iVgkhjdWJbCrnDEHigDwPWv2Jvh5q1zaS2vibxFpUUfgk+AbyG0urYRajpAtZrWNrpZLZwZ 4hM0iOgRd4UlCoKnZ8Q/si+EdQvfDGveD/FniLwP4i8MaHb+G11bRbm3jub3SrYARwXizW8sEhUg uriJWVzkcAAfWFFAHzF4K/ZK+Fnw/wBZ+H2u+G5dSjuvh0Nbe2aa5WdtQufEKxi+ub+SSMyTTOYw wZWQAkjBXao9M8B/CXw58PPFXjjxfotzdzXnj/UotUv0uHjaKKaK3jtlWAJGhVNkYJDs53Z5xgD1 GigD5a8bfsjfDbx/8QPF3jjxDf6q9p4+0mHSNf0VLiNdL1CO1R0tZ5E8ozLPbhyYnjlXawDAZzln w8/ZR8N+CvGuh+P/ABH4y8TfEDVvCdtPaaEfEV7DcR6XFcoIpWhWCCDdM8Y8tpZd7leM96+qKKAP D/jn8CNA+O+kaDYarreq+Gr/AMMapFrGm6los8cF5bXUUckQKtNFMhUpKwIKHtXPJ+y94CX4X/En 4TtqOqPpXxS1LWNU1Scywfaop9bbdcC2YQBERT/qw6OR3LV9I1gf8JV4c/4Sn/hCBqMJ1/7F/aJs g4M4s/M8kTFOoQyZUE9SCBnBwAfNfi/9kLwlr/iuz8d+E/F/iXwD4hi0u30W9vPD97DbvqVjarth W7SWCaNpI1yElRVdc8HAUD3P4WfDHwh8G/AWkfDfwLbNa6No0ZjiEjmSV2djJJLK55eSR2Z3Y9WJ 6Diu8mljt4XnlO1I1LMeuABkniua8EeNfDHxG8I6T478GXo1LQtct0urO5CPEJYZBlW2SqrrkdmU H2oA/N79kr9h+XTfgj8PLH4z6x4mjGi3B1W48GXd5A2jRalDdSSRO8SRGVkB2TeSZzF5hLFSSRX2 1o37Pnw90uy+JelXkdxrGnfFe/ub/WrW9dGiLXVtHaSxQ+WkbLGY4xjLM4YkhumPcK5fT/GfhvVP FmseCLG6MmtaDBaXN7AYpVEUV95nkMJGURvv8l+EZiuPmAyMgHzT4I/Y18FeFNf8Nav4g8XeJvHF j4IDjw9pevXsNzYaZuj8kMiRQRNM8cZMcbTvIUQ4HPNY2j/sLfDTSZdN0U+J/Et74C0TUV1Ww8H3 F/G+h29ykpmjUIIRcvBHKd6QyTsgYZII4r7XooA8v8F/CXw54F8deO/iDpFzdy6j8QruzvL+Od42 hiksbVLSMQKsasqlEBbezktkggcV6hRRQAUUUUAFFFFABRRRQB//0v38ooooAKKKKACiiigAoooo AK821v4QfDfxH4jTxZrWhw3OqIVJkLOFcpwpkjVgjkAY+ZTxwelek0U4ya2M6lKE1aav6hRRRSNA qjqmnw6tpl3pVyWWK9hkhcoQGCyKVJBIIzg8cGr1YviTxHoXhDQNQ8U+J76LTdI0mCS5u7qZtsUM MS7ndz2VQMk0AeJxfsx/DFv2c4v2XtVjudW8HQ6YNLDXbxtebEO6ObzEjRBNG+HRhGAGUHb2rzxf 2KPh/pXh3wHpvgnxR4i8J658OtOk0jTde066t01KXT5m3vbXYe2e3niL4cKYRtYbl2nOdr/hur9j /wD6K34f/wDAtf8ACvqHTNTsNa0201jSp0urK/hjngmjOUkilUOjqe4ZSCPagDzT4OfBnwj8EPC9 14a8JyXl6+p31xqmo6hqM5ub/UdQuiPOubmXChpGCqOFUAKAAK8I8bfsQ+APGmr+KG/4S3xNovhf xzfHUdf8N6dfQw6VqN0+zzXcNA88fn+WPO8qZN/qK+q18Y+Fm8YP8P11OA+I47BdUaw3fvxYvK0C z7f7hkUpn1GK6WgD4y8WfsRfD3X/ABD4k1bw34q8TeCNM8axrHr+jaDfRW2m6ltiEJZ4pIJGieSM BJGhdC65B5JJ9i8L/ALwD4L+JFp8S/DKXFhc6f4WtPB9tYI6fYYdMsrh7mHamzzPNDOVLGQqVA+X OWPtdFAHz/Yfs0/DPTf2idR/adt4rn/hMNU0tdLlRnQ2aqPLU3CR7N4uGjiSJn8zHlrjaDknyG6/ YN+F091qelQ+JfEtr4D1rUv7WvPBsN/GugS3RmFww8owmdIHlG94UmCE4wAAAPt6igDyzwd8IvDP gf4hePPiTo890+pfEKXTZb+GVozbQnS7RbKEW6rGrKDGoLh2fLcjaOK574yfAPw58Yr3w74il1jV PCninwlJPJpOt6LNHDe2wukEc8X76OWKSGZQodHjIOBjFew6jrWj6O1omrX0Fk2oTrbWwnlWMzzu CVijDEb3YAkKMk4PHFadAHxqP2IfhfH4RsNGttc1+38UadrVx4ji8Wx3kY8QHVrtBHPO8/kmJ1li AieIwmMxqBtyAatWv7Fnw2/s28Gua7r2u6/q2vaP4h1LXb66hk1G9utCcPZQyEQCFLaPlRFHEmFY gMDyPsCigDxXxJ8BvBXiv4k6l8TtZlvJL/VvCtx4PuLZZEW1bTbq4+0SMAE8wTFjtDCTaF/hzzXn /wAIP2S/CHwf17wv4jsvFPiDxDd+D9EufDum/wBrXFtKkWmXEkMiw/ubaJiIfIRYvmGFJBB4x9VU UAfHXir9iX4X+LPDF14Xudd8QafHc+Obr4hJdWV5DBdwa1dCUYhlFudkMTSl4xguGVcyMMgi/sT/ AAy1Twt470L4ga3rvjbVPiJb2tpqet6rdRHUUt7FxLaR2pghihgSCUCVQsWGk+Z9/AH2LRQB8b+G /wBivwXpvi5/Hni/xp4q8c67Pod/4cln1u/hmD6ZfqqvEEht4ghTaxVk2sWd2cudu2/4O/Y3+H/h e38AWeq+Idd8VW3w3stY0zTIdXmtZo307WbaGzltJxHbR74ooYVWIAqRltxYYA+lPFXjHwv4I06H VvF2pwaTZ3Fzb2cctw2xGuLqQRQxgn+KR2CqO5NHi/xj4W8A+H7jxV4z1ODR9ItHhSW6uW2RI1xK kEQLHoXkdUHuRQB8seEP2JfAHhbU/C63ni3xP4i8MeBb2PUPD/hzVL+OfS9NuYN32d0CwpPL9mz/ AKOJpnEYGBmuquP2S/hxc/AHWv2cpNR1UeGtdvbi+nuBNB9uWW51D+0nCP5HlhRN8oBiJ2cElvmr 6iooA4/4heB9C+JvgTxB8O/E4kbSfEthc6ddeS2yUQ3UZjco2DtYBsqcHB7Gvmub9jbw7/ZPg1tO 8f8AivT/ABb4Gs7jTbHxPBd2o1aXTrh95srvdam3ngQ7fLV4crtBDZyT9Y3mtaPp19p+mahfQW15 qsjxWcMsqpJcyRxtM6QoxBdljRnYKCQqljwCazfCfjHwt460j+3/AAfqcGr6d509v59u29POtpGh mTPqkisrDsQaAOL+DnwZ8I/BDwvdeGvCcl5evqd9capqOoajObm/1HULojzrm5lwoaRgqjhVACgA CvFfEH7Fnw+8RJ8SdOuPE3iG20T4oaja6xqWlw3Nt9kg1K2uba6NzbCS2dkeVrSNZNzOCmQoX5Sv 2HRQB4j8Qf2f/h98T/G1h428ZpcXz2WiaroD2JdBZXFjrAjFyJl2eYWxGApWRcZPBOCPKvh7+xh4 J8C6/wCFtX1Hxh4o8YWHgN2fw5pWuX8VzYaUxiMKNEkcETyNDGSkJld/LXAXBGa6S2/bU/ZMu9SG kx/Fjw6l0ZPK2S38cQD524LSFVHPHJr0f4kfHX4PfCCz0vUfib4v07w5a63v+xS3k4RLjywrN5bc hgA6njsRQBj/AB6+A/hz9oLwvpHhjxFrWreHzoWsWeuWV7os0NveQ3tjv8h1eaGdQFL7vuZyBgjv 5x4M/Y68FeHvHmkfEjxl4x8WfErWvDrPJpR8U6ot7Bp80i7Wmgt4YYIhLt4DlSRwRyAR6/8ADX47 fBr4xtdR/CzxppXiiWxAa4isLuOaWJWOAzxg71UngMRgnjOa9YoA8p+Fvwf8M/COfxpP4bubu5bx 14ivfE179reNxHeXyRRyJD5cce2ECFdqtuYEnLnjHP8Axk+APhr4w6h4d8TSaxqnhTxX4SknfStb 0SeOC9t1ulCTwnzo5opIZQq745I2BxxjnPJJ+21+yQ99/Zp+LPh6O43+WRJfRxhXzghmfCrg9SSB X05a3VrfWsN7ZTJcW9wiyRSxsHR0cZVlYZBBByCOCKAPkw/sX/C+f4eat4B1HVtb1CfxDrdl4g1b Wrm6il1bUL+wmjmhM0rQmIRr5SxiOOJFVOF2klq+uqKKAPi39tX4PeJfjXovwp8NeHor8Q6f4+0n UdQu9MmW3u9PsoLa8R7yKVvuNC8iFSAxDEHBrSb9jDwBqXhDx94d8YeJfEHifV/iTZQ6dq2v6hc2 76oLO3OYre2KW628MaEltqwYLEs244x9gUUAfP8A8V/2dvC3xTk8Lawus6t4V8T+CvMGka5o08cN /bxzxiOaJvNilililVV3o8ZBxxjnPnj/ALEnwnn8GXXhy81TXbjxBea1F4jfxU98P+EgGsQL5cV0 lyIxGpjj/dpGIfKCcbM817nY/Gn4U6p8TLz4Oab4osrvxrp8BubnSopN9xBEApJkCghSA6nBIOGH HIr1CgD42uf2Jvh5rfhDx54f8a+JvEPifWfiPZ2+n6rr9/dW76mLO1cSRW9ttt1toIlcFtqwckkt k4I+xo0Ecaxr0UAD8KfRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAF FFFABRRRQAUUUUAFFFFABXz945+I/i7QPHEWh6Zaq9qPK2RlCzXHmAE4PUckqMdxzmvoGmlELByo LL0OORn0r5LjLIMZmOFjQwOLlh5KSk5RV20r3jutH+mqaujfD1YwleUbjqKKK+tMAr82V0D4za7+ 2p8aR8IfGGl+EzBonhD7adS0d9W88Ml95Xl7Lq18vZh92d27cOmOf0mrGtPDnh6w1u/8S2Ol2tvq +qxwRXl7HAiXNzHbbhCk0oAeRYt7bAxIXccYyaAPyf8Ajp4k+Nmt/tBzfCbxBr9z9l8M+DLDUVfS vE7eBoru9meVbzVFIW4aZImjAWB5GjiAywfJNeZv8UPj98TvEPwx8CeLddmvYJfh6uuNNo3ip/CK arfm9mt2vxfLBuuPLt4opfICqgZzKVKYFfsN43+FHwv+JjWL/EbwhpHiltMYvanVLCC8MDHBJjMy PtzgZx1xzTPF/wAJPhX8QdP0/SfHfg7R/EVlpBBsoNRsLe6ittoAHkpKjBOABhQOBjpQB+OeheN/ iZrel3/izXviDZaP4sf4OzQp4qSWSS2Cp4lmgt7lriKEOC8IRXuEi+VyZlGADX19+xz4q1iy+JPj P4WeK21+01i20vTdVFhqPiRfF2mrBK8sP2my1JybmM3DLlrebbgAOgwST9xH4f8AgMuZD4b00s2n f2OT9jhydMBz9iJ2f8e2Tnyfuf7NUfAnws+Gfwutrqy+GvhPSvCsF84kuE0uygs1mcZw0ghRdxGS BnOBwOKAPyS/a2+JXi6XVvjZ4u8FeIfEtq3w4+z2sN7/AMJSPDumaTfJaxzLDbaZB5kmpPO0gJNx GFlZjEjqi7qT42fEr9oBNV8TfAfwD4p1S38VeP00vxxoF4lxMXt9Nh0e4utQtYJVbMULX+nJEIlI ULdY2kEg/qz4h+CHwY8W+I5PF/irwFoOs67NC1vJfXumWtxcvC6eUY2lkjZ2Ux/JgnG0lehIrqYP A/gu11TTdbtdA0+HUdHszp9jcpaxLPa2R25t4JAu6OE7VzGpC8DjgUAfiL4q+Lnxt+MninwT+0d8 Fom1bUfEPiTUrLwZo+oTutjDHpnhe5iup443IQO91LckjC+aYY0ZsYI77xF8aPEPw0+Gvgb4o/Dz xr4j8WW3xO8Maz4WH9s30801t44mdZbJ5ICxjtp0m+0wGOJUVFjVVyADX636T8Nvh1oNrodjofhb StOtvDDzS6TFbWMEKafJcK6zPaqiAQNIsjhzHtLB2BzuOYf+FW/DHaUPhDR9rasNeI/s+3wdYU5G oH5P+PsHkT/6z/aoA/IHRfjZ8TLLwl4s0Lxv438QWj/s6+G9a0jxDqtgWmutQ1vUdUew0u4ZbiQR zutlb+ejzMVjeYSFsqTWRc+Pfin8PfEfxc8Hwa3rugr/AMKf13xBHZ33jKTxPf22pWkkSW98J1/4 8pmSRzshlZWwHGAFr9pP+EC8Cj+3R/wjmm/8VQQ2r/6HD/xMSE8sG7+T9+dg2fvN3y8dK43SP2fv gP4fspdO0P4ceG7C1nt7m1kig0izjR7e9CrcwsFiAaOYIokQ8OFAYEAUAfnxp3hO6svif4K+D/xD +L/jDTfDuueDJ/Fr6jL4ims7i/10yW8VxGl3uUxwWsX+kJaoRGDIzMpRdte2fsMaSPFf7D2laHpu vXTDWJPFltDrEEjQ3Z+0azqCJdo8ZVkl+YSKykENyMV9e+L/AIW/DP4g6TZ6D478JaT4i0zTmV7a 11GxguoYGQAKY45UZUwBj5QOOOnFdD4d8M+HPCGkQ+H/AAlpVpoml27SPHaWMEdtbo00jSyFY4lV QXkdnYgcsxY8kmgD8NrL9sH4xeGLnQPjL4k1G/l8OfDDSR4F8T6YXmkW+8XfY9Rd7iVM7Wf7VaWk e5gSPtBwQCc2fHWgeOI/APjfwD8XvGuvapc+DtZ+E7XE0+sXa+Td6g0P9ouHEo2r5sruvOEdI3GG jUj9oJ/hd8M7mw1DS7jwjpEtlq+of2tewPYW7RXWpBlb7ZMhTbJcbkQ+awL5VTngVNrXw1+HXiOD XLbxB4W0vUovE6wLqy3NlBKNQW2GIBdb0PneUAPL352fw4oA/H/xP4R1rw14G/al+Nngrx54j0fV fAPip59Ijs9WnWykls9N02RpbuENtvWuEZY5DP5gKrkYJYt6N8VPF/xH1/4k+L/Bum+Ntb0C0vvi x4M0VH0++liktdN1HQYpLq3tjkrGsjMzkBdvmHfjcM1+mlv8LvhnaeHNS8H2vhHSIdB1nH27T0sL dbS7xEkI8+EJ5cn7qKOP51PyIq9FAFub4eeALi/k1Sfwzpkl7Ne2+pvO1lAZWv7SMQ290zlNxnhj ASOQneigKpA4oA+Yv2aota8J/F/41fCKXxFq3iHQPCl1oVxpZ1q+m1K7txqdh508X2m4ZpWj8xdy qzHbkgV+fes/D3TbnV/FHh/TfE+sWN/f/tDaZZPImqzy3NtbtYxOLiFZXcRzt5jqtxt3EKi5IjUD 9ubLw9oGm6tqOvadptta6nrHk/bbqKFEnuvs67IvOkUBpPLX5U3E7RwMCuVl+Enwrn8TT+NZ/Buj S+ILme3updRbT7drt7izBFvM0xTeZIQSI33blHQigD8nvjB46+K3wTtPiv8ACfwV4v1u90Oy8XeC rCLUNT1eR7/S9N8Q2xe9VdWuRNJbo8saxpO+7yPNLAZGa+nv2PdT+I1j8S/iJ4C8Ras15oGmW2l3 dtYXfiSTxVe6Xc3Il3o2oPDG3lToqukTs7JtJGFavtm/8BeBdUGtjU/Dmm3g8TJFFq3nWcMn9oRw rsjS63KfOVFO1RJuCjgcVF4J+HfgH4a6U2hfDvw3pvhjTncyNb6ZaRWcTOeCzJCqgt7kZoA/OW78 T2niPxN8XviH8SfjHrfgDWPh/wCMI9I0vT7O7la0tNPh+ym036LD/wAfx1IyNkukhcNiPGyuf1j4 4a1Yfs/eJbefxxdQeLF+MEuiW4Oout+tsvihP9DX5/NEQsQw8sfL5PGNnFfpVqvwm+FmueMLT4ha 14P0e/8AFNgFW31W4sLeW+hCHKbLhkMi7f4cNxzjGTWbffAz4K6n4muvGmpeANAu9fvmie41CbS7 WS6leB0liZ5mjLsyPGjKSchkUjlRgA/K7X7L4kzfBL4o/F22+KPi218Q3XxGuPDOniPWLgWmm6ef FtvaqILfOzeib0DNn905ix5eFGh8VLT4i6B8dbv4BaZ4o8R3Phnwl4Vi1XT5bzx1N4fv7iW8ubh7 i/mv5IpXvRa7ViSNz5cSqCVbJNfrK/w98AyaRP4ffw1pjaXdXp1Ka0NnCbeS+M4uTcvFs2NN54Ev mEbvMAfO7ms/xv8ACj4X/ExrF/iN4Q0jxS2mMXtTqlhBeGBjgkxmZH25wM4645oA/Lz4R2nxQ/aH 8Y6bpHxL+JmvWsdt8MdH1Rz4Y1e5021vNRl1DUYItRDQiJizwxI7BVVJG2llZUQCb9ke9ufHv7Qf w4+JnjXxDqN34m1r4RaZfSeZqM6xXlyLye0k3WwkEUi+WvmtHsKCYmfAkJav1ctPCfhXT9TbWrDR rK21F7OLT2uYreNJjZQFmitzIqhjDGXYpHnapYkAZNc/Z/Cf4W6df+H9U0/wdo9reeE4Xt9Hmh0+ 3jk02CRSjx2jKgMCMrEFY9oIJGOaAPh3406nF4x/aC8eeCviL8SdZ+HOg+DfB9jrGhppeqNpaXUl w90L2+m2lftX2cxRRiF90eCcoS2a+LPAXiv4m6/ovwR+EGm3l/aeGbf4XWmtQW9h4pbwg91fPcyQ yzm9jikaf7LGiEW+QFLeYwZeK/brxl8Lvhp8RZtPufiB4T0nxLLpLmWzfUrGC8a2c4JaIzIxQkgE 7cdB6Vla58EPgx4m0DSPCniPwHoOp6LoAA06xudMtZbWyAwALeJ4ykQwAMIAMcdKAPx9vvGnxw8Y +EPBeua745n8VSab4OvLm7sfDvi6Xw1qAEGo3UUOvRTtFBban/o8UcbpIwTzEZguJOew8SftA+ON V03xTrXhvxtrWneGdb0b4UJLrF64guNH07X7i6i1HU/LXMFtPJGF82SIBQ2GU4VCP1V8VfBX4O+O rTS7Dxr4G0PXrbQ1VLCK+022uY7RFAASFZI2EagADaoAwBxxWN8Svg3pnjLwprekeEZrbwfretw2 VvLqlvp1tcNNb2LlorW6hkULc2uxpIzC52hJHClSc0AflF8TvF2t+ANT+PPhP4O/GHxBr2maF4W8 L3FhcTa7PqkmlX97rIjnWK4aRyzNEVZixJ2P5ZOwBR9v/CvQ9a+FX7WOqfCiz8X6/wCJPDup+CYN deLX9Sm1SSPUY9Re1eWF5yTEJIyN0abUyMhQMAdB8Gf2RPDPw/vfFOs+O00PxLc+KbaxsJNP0/w/ baRodtZafK9xFFFpwe4VnM8jSvJI7EsFwF28/Vn/AAj2gf2//wAJX/Ztt/bf2b7F9u8lPtX2Xf5n kedjf5W/59mdu7nGaANiiiigAooooAKKKKACiiigD//T/fyiiigAooooAKKKKACiiigAr4q+IP7U +seEfiHeeG7DRoJ9L0ubyJzKXFxKVxvKEEKgzkLlWz174H2rXm2t/CD4b+I/EaeLNa0OG51RCpMh ZwrlOFMkasEcgDHzKeOD0rajKCfvq5wZhRrzilQlyu56Hbzpc28VzGCFlVXGRg4YZGRU1FFYneFR TQw3ML29xGssUgKsjgMrA9QQeCDUtFAHwBoHhzw8f+CiPi6zOl2pt1+HOlOI/ITYHOp3ALBcYzjj NcSfFf7SPxgh+NHxD+HXxFHgXTfhbrWr6DoWgw6ZZXNteS6BEplk1Ca5jaXbdOdqiJoxEmGGT1+3 7P4P+GbL41al8dorm7Ov6polvoMsDPH9jFrbXD3COqCMSCUu5BJkK4xhQeT4p41/Yy8FeK/EXivV 9I8YeJ/CGmeP38zxHo+i30Vvp+qStGIpJHWSCSSJ50ASdoZI/MX73JJIB+bnxE/bB8W+H/i34X+O eg6ALfW/Hvwe0BZbuWKWXSvD5v8AW5ll1C92BpPssDt8owS5KAnnn3j4ofG7416J8X9G/Z707x14 pvbXw94YttZ1fxH4Z8KW2t6rq19ezMIh9ngtpLa1s1UZVljJbhCzHLV90J+zD8Jk8Uy+IfsEjWMv g2HwGdHZkOmDRIJXlSMRlPN3/OU3GXGwD5d3zV5Ja/sK+CtFtfC03hDx94v8PeIPCOmvoltrlnfW o1CfRzKZY9Pui1o0M0EBP7jdFvTC/M20YAPm+2+Ov7WvjDw18GvB8uoXXw98W+KPFmteHdQ1HU/D y20uoadZWclxBqKadexgxO8WHVVITzlIIKZjr6j/AGZ/F3xSi+Knxi+CHxM8VN42Hw9uNEl0/Vp7 S3s7uW21mza4MU6WqpETEyEBgoLA5PYDrvDP7JXwt8Ix/D1dDm1KN/h1qmoa1bSyXCTTahqGqRSx XM+oSyRs8zuJWbKlCCFH3QFr03wr8JfDnhD4meOvirptzdyat8QRpa38UzxtbxDSYHt4PIVUV13K 5L73fJxjaOKAPkjxPqH7RHxR/ap+IHwh8DfFCTwD4W8L6FouoRm20qxvbr7XffaAFV7mNv3TFN0o bcTtVUKAvu8Z+DHx9/aD/agm+Gnw0s/GK+BL648IXviXxFrOn2NrPd30ltq8+jQw20d1HJBCGaAz SsIz1CqFBr9HdD+Evhzw/wDFjxT8YrO5u31rxdY6dp93DI8ZtUi0zzfKMSiMOGbzm3lnYHAwBzn5 9s/2HPh34f8AD3g3TvAninxH4U1zwNDqFrYa9p91bLqMlnqd1JeT2t0Htmt54fOkLIrQ5QgEHOSQ D4P8Z+JPjd8TfHXw8+H/AI08dzWniH4dfFifwymsWGn2Ki9VtMlurTUmhkhkiS6WFmjeJR5I35KF gCP0x/ax+K3ij4P/AAXv/EngcQDxJqN7p2j6bLdKXt7e51W7jtVnlUdViEhcA8FlAPBridQ/Yj+G U/gDS/Bek6/4h0fU9L8RP4sHiK3vo21u41qVHilurieaGSN2kjfYw8oDAXAGOfoP4o/C3wh8Y/h9 qnwz8ewPe6Pq8aJKUfypkkidZIpo5FxsljkVXRgOGA4xxQB8T/GDxj+0j+yf8O/GvjrWfiFYfEuw i0e3/s5NWtLew1K21u7vobMSrFYwxxS2C/aA7h23oVChipJrM8cXP7VfwY8aeBvAc/xYk8Zv8WLf VtHW7utJ062fRtdhsHubS8tEghCvbmRCJIp1kCoM7snj2zTf2K/hzdDxLL8UvEGvfE+78S6OfD73 PiO6hlltdL3iXybY20NuI2MipI0uDIXRW3Aitz4efso+G/BXjXQ/H/iPxl4m+IGreE7ae00I+Ir2 G4j0uK5QRStCsEEG6Z4x5bSy73K8Z70AfNfg39rDx/8AFGD4JaLoF42na0umap4h+IUcdvA88Vv4 cD2NxaGOSNhF9s1EFQUCuqr8jAdfnfwD+1f+1V4o8NeHPjbpS+MPEl3rWpxTXHhSz8ESv4c/saW5 MTx2mrR25naaKH96JzKylwUKsBz+oPw0/Zm+GHwp+JnxC+K3heC4bWfiVNHPqKXDxyW8JUu8iWyC NWRJpZGllDM+5zngAAeSaN+wb8L9FmstGi8TeJrjwFpeppq9l4Nmv430G3uo5vtCqsXk+e0Cy/OI XmKbskg5oA+VtW+Pn7SvhLwL8ff2lNT8eC/0D4YeK/EfhrRvC/8AZVp5Fwsd6tnZzXN1Gi3BFvJc RnapBdYcO5Ls1dH8Kfjv+0X4Y+I3hiHxO3jjx74X1ix1B/EUuueCJNAg0q5trZriCayuIraIGGV0 MJjmLYyrA5JFfcWnfsz/AAxtfAXxB+GmqRXOtaB8S9X1bWtVgvZEJFxrEnmzJA0SRlEjcAxHl0IB 3kgGuP8Ahx+yJ4T8CeLNC8Ya/wCMPE3j+88J21xZ6FH4jvYbuHTIbpBHKYUigh3SNGPLMkpdtny9 hQB+fvxJn+P/AMTP2dvhj+0B42+IaXuleM/FXhi/uPDEen2kVjY2tzqkTWiWtyiC6aWE7BIZZGDg tkAqpr7P/wCCkY1A/sa+ORpIU3xudA8gPgKZf7bsdm7PGN2M1BP+wF8NZY9K0OLxn4st/B/h7V4d b0jw3HqEH9lafdw3P2lRCj2zSmIHcqxySMEV32bWIZfpP45fBrwp+0D8L9Y+Efjee7t9E1xrRrh7 GRIrjFndRXaBXdJAAzwqG+XO0nBBwQAfDvxB1P8Aay+FXjfSvhDYfFJ/GGsfFDw1r9xo95NpOn28 2l+INCgiuh5SxweU9pdCTydkySMmQQ+fvdl8Kv2mfFn7QfxA+DGleAb8adplx4WuPFXjSNIYn+cn +z4NPDyIxiYX6Ts23a5SHqATXqnhr9nnRvg3q+pfGq/1jxX8WPFWhaPPZaVHqt1b3d3BZr+8e1sU WO2jM85RVaWUmR8AFwC2eQ/Yn+Bt58NrL4h/E/xB4bbwlrXxR8RXerLpMrpJNp2mebI1pbSeWWRX 3SyzMiMVUy7eqmgDlP2oPDXijWf2v/2ZpNE8XXegpNc+I0jS3trSYQvb6XLNNIpuIZCTcRfuHDZC p80YWT5q+OPh/rf7Qfwf/ZV8RftD+D/iGLTQvCfi7VGi8LnTLSW0vbKXX2guxcXLqbkSu8rlDG6B VVQACS1frJ8YfgNoPxh1jwb4mutd1bwzrngS+lvdNv8AR5ooZ1+0xGC4ifzopkaOWM7WG0HHQ4JB 4+4/ZL+HFz8ANb/Zxk1HVR4a168ub2e4E0H25ZLrUP7ScI/keUFEvyqDETs4JLfNQB8W/FL9o743 eLPjx8TvBHgfW/FfhjR/h01tYacnhfwefEi3uoy2/nyS6lM1vN5UYZgqRR7S6fNkEAn9EP2fPG/j b4j/AAX8JeNPiT4fn8LeKdSsgdS065t5bWSC6iZopD5MwEkauU3orchWHJ6nzH4gfsieE/Gfj/W/ iN4e8YeJvAWp+LLeG119PD19FbQatHboYomuElgm2ypGdiyxFHCkgHJJr6D8A+BfDHwx8F6L8PvB dmLDQ9AtY7S0hBJ2xxjALMeWZj8zMeWYknkmgD4T/YL+HXw/8d/sSeGdJ8beHtP1my1GfxFFcpd2 8cgkjbWb5TlmGRheAQQR2IxXwr8OvFPiq30j9km78OeG5/iT/Yeu/EXTtE09ru3il1DTLWGWC3xc XjLCFghB27mxtiCrzgV+g2i/8E9/B+geGT4D034t/EWDwkzXBbRYdatrayZLuV5p4iLezjk2SPI5 YBxncc19ARfs1fDGw174U614fgn0WD4OJqEWh2No6LaFNStDZyi4EiPJIQhLBhIrFyWctkigD4H8 d/8AC6fCHjnX/wBtXXvhRY/C6y+GvgzVbaDT/t9pfXuuXl0QYPtR0/8AdrbQMA5BfeCOOvyeoP4n /aT+But/Bfxb48+Ix+IWkfE/W7Hw/rWlyabZWkNjdatA8sE+nS20aSiOBoyrCVpN6fMdpOV/QjxX 4W0Dxv4Z1Xwd4qs01HRtbtZrO8t5M7ZYJ0KSIcYIypPIII6g5r5j8B/sdeD/AAd4j8L67rXjHxP4 0tfAm4+HNN1y+instKYx+UrxpFBC8skUZKRPO8hRTgcjNAH57/swap8YNd/ZAtfh74Q/Z3g8c2Op f8JDawa5f6rpNvYzG41K8BeWCZjdbYXYoV2Ats+UgEGv1S/Zp+GOufBj4CeBvhb4lv01PVPDemQ2 tzPGSYzIuWKRlgCY487EJAJVQcDpW38Evg/4Z+Avw00v4WeD7m7vNJ0mS8lilvnjkuGa+upbuTc0 UcSECSZguEGFAByck+rUAfjd4G+MX7VGifso+FP2y/GfxN/4SJXvLH+0fDZ0qwhs7nS7nUk00hJo IUnW8y4lDqwTP7vyyBzb1P46/tOeHfBfx2/aIuvHyXmi/Dnxhr3hXRfDL6XZi2mX+0EsLOe6u0RZ 8Wz3MZwpBZYfnY72Nd5+yV+w/LpvwR+Hlj8Z9Y8TRjRbg6rceDLu8gbRotShupJIneJIjKyA7JvJ M5i8wlipJIr7GsP2ZfhhB4A+IPwy1WK51rw/8S9Y1bWtVgvJEJFxrEommWBokjKJG4BhPLoQDvJG aAPmbXvGXx+/Zg+JXw7tviJ4/m+Knhzx3HqlrqUE+m2VjPY6hYWL3sctj9jjjYwyeU6NHLv2AA7s mvKZfi7+1F4Y/Z08Ofts6t4/j1ey1O502/1Dwamm2aaamj6peR2yW9tcLH9s+0xLMjeY0rZbKlGA wfsjwB+yZ4X8IeMdG8ceKvGHiT4h6l4Xtbiy0QeJLyG5i02G6jEMxiSCCAPLJF+7eWXe7JwT3rk9 H/YW+Gmky6bop8T+Jb3wFomorqth4PuL+N9Dt7lJTNGoQQi5eCOU70hknZAwyQRxQB5z+wr4M8Ua L4++P2sa54yu/EAi8c6jp08VxZ2MP2m5itrKQXryW8EcgkKuY/KVhCByIwxJr9Ha8v8Aht8JfDnw tvfGd/4fubu4k8c69ceIb0XTxuI7u5hhhdIdkabYgsKkBizZJyxGAPUKACiiigAooooAKKKKACii igAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACq0l5Zwzx2008aT S/cRmAZvoDyfwqzXgvjb4V694k8Zrr9jfRxW0nlZLFhJD5YAOwAEHpuHI5J+tfJcZZ1mGAwsa2W4 R4ibkk4p8tou95X120Xzu9Ezow9OEpWnKyPeqKKK+tOcK+MP2uv2lfGPwJTw5pvw10G28Ta5dpf6 1qdrP5h8jw7okPnahMnlMpWYl444C2VLE5U44+z6+B7/APZn8YfGL48/EP4p/EfWtd8FWCW1v4Y8 OxaNqFrG91okaefdyz7UuBsubqRtsbbHCxjev3aAPuLQdd0nxPoWneJtDuVu9M1a2hvLWdPuywTo JI3HsysCK+Wtd/bM+DF5oXiyL4c+I4NW8RaNpWs3unpNaXiWF/caRbyTSpbXTRxwXYjKZkFvMxC5 IIHNJ+zL8LviN8P/AIK698B/G6zW1n4bvNT0jw5qrTwzy3mgyktYzsInLRyQrIYijqhHljAwc18+ aB4D/aVk+A+kfs6Xfwq0yxHhDwzqeiy65dXlndxX7ppc1nZvpCpOksE11IyGWS5SNY0ZwQxOQAfR XwV/bG+DfxW0bRraXxDFZ+JLnQU1m8ils7yysykMSNfPaXF1GsM8Vu5IcxSybQCScAmrel/tg/Bb xpBqmnfD7W5LvXI9GvdY02K+03ULGDUILSIuZbWS6ggS5jBxuMLt8pyDjmvE/G/wM+M0vhr4FQ+A 9GtIda8B+C9e0m5a7e2ktrLULvQorS1iljZyJomuYwrBFkTAywK9fDfDPwD/AGidU+IfgTxLrXhX xN5OheH/ABFpepXHiLxFpt6ovdR0swRfYLK0n+z29oZkCBkRXbcm9FSPdQB9Q/Cb9rO88Qy2+qfF FtK8P+Hovhp4a8cX14oliWC51g3H2lMySOPJTyl8pcF8nBZiQK9N0v8AbE/Z01Xw54h8VL4raxsP CsVtcakL/T76xuLe3vJFit7g21zbxztDI7KBKiMnPJHOPg3xF+x18cPF3wou/Bn9mJpmof8ACq/A OiR+bewCOTWvDd895d2LPDI7LwFQTAeXuYMrkKaj8VfswfGD4keH/HOuDwLr9lq194esNEtIvFPi qHWtQumOr2t7dRRsLmS1itYktyytI6u7H5VGSCAfoV4R/as+Anja08R3ujeKVgh8J2Q1LUjqFpd6 aYbBgxW7UXsMJkgbacSRhlPAzkjOV4S/bH/Zx8aX+o6Xo/i7yLrSdLuNbuk1CwvtN8nS7Yxh7xmv IIV8k+ahR84cElc7Wx80/tn/AAa8QeLdc+IPjS7nstC8KzfDq30w6tqE6R2Y1C01yPUEtrlVYzLD KihHk2FFVzznIr5y+LOh/FL9sH4zeJ/Az+GLHwRrd18KbuC2iGr2uql5f7ZsLqIT3FiWSOC4aJo4 Qx3lPMkKAHbQB+pvwr/aP+Dnxo1S70L4e65Jd6lZW6Xj2t3Y3mnTvaSnalzFHewwtLAxIAkjDJkg E8jOd8S/2pfgb8IfFf8AwgvjzX5bTXxZR6mbK306/vpVsZGlT7SRaW8oESGF/MYnCAAvjcu75v8A 2d/g78QE+M1h8TvG/hHxD4cXQ9CuNOWbxN4oXX7p7m6kjMkNpHBPNGlqBHuMkhV2YLhAMms7x74n +InhL9u3xFqnw++Hj/EKWb4c6TbTQwXtpYzW5k1O/aJme8kjUwOybZdpZlwrBWAIoA+mfGf7WPwA 8BW2i3eu+KlnTxDp41azGm2l3qjPpp/5fHWxhnaO3/6ayBV4IzkHDvEX7V3wB8Maz4a8P6j4qW41 DxhaWt/pMVjaXd/9ss7xzHDOjWsMq+WWU5YkBeC2ARn84vDX7HXxs+CeqaBqNlpeu+LobzwnaaTd J4S8SR6DLp+pW9xcXBgka4lgE1iftAVWUsybSfL5AP1L+zj+zp4w+EvxQ8H6pqGhwWGj6J8N10J5 ILsXUdvqU2rNfS2kbSubh1RWGJCuw4ABHC0AfVfxR+Nnw0+DUGmSfEHVmsptbleCwtba1ub+8u5I 13OIbWzjmncIuC7KhVcjcRkZ8/1r9r39nvRNH0PWz4nfU4PEdnNqFjHpen32p3ElnbyeVNO8FnBL LFHHICjtKqBXBU/MCK5n40eGfiZ4f+Ongj48eAfCknj200jR9V0G+0m3u7a0vIF1Ca2njvLY3kkU LkG3McimRW2sCM84+cfFPw+/an1PxTo2v6z4OurHSr3R7lH0r4farYaBJa6nPqE86x6lqE0qXMsJ t2iaWS1fHn+YyxEsMgHd/GL9tLUPDln4n8RfCb+yfEPh6x+HK+NNLvJknYXFw2omzCSBZIj5Wwcp tWQOCCwxtr7X8ffEXwd8LfCNz448fakulaPZmJZJTHJMxkndY4444oleSSR3YKiIrMxOADX4+aR+ yJ+0XbfA3UvBl34SC6y/wsvPC8cQ1CyZZNUPiGe8jiWQ3GNr2zLKHchQDtYhwVH6a/tNeA9V+Inw cvvDGk+GofF1z9psJ/7OkvX02aRba4jkZ7S8R4/s91GFLwSFgu9QG+UmgCO1/av+Adz4J1j4gS+J zY6X4fu4tPv47yyvLS/t7ycKYbdrCaFLsyyhgY0WIlxyuQDVjTf2pvgPqngHXPiYnilLTQvDM62u pm8trm0u7O5cqEgls54kuhLIWURp5RaQkBA1fnZrf7NX7T3jHwbPeXUHiCfT/C/jHQ/EOg6Nrmu2 J8VT2tlaT298p1izdokl3TI1m007MgjYMw3CrXiT9kb4s+M/B/irxnpXh3WdI1+bxL4X1m10/WfE /wBr17VbXw8soZJdQSaW3tJsXL/Zish2FFLsOMAH3jD+2J+zm/hDU/HFz4t+waXot9a6dfi9sb60 urO6vTi3We0mgS4jWXna7RhCATuwDjnh+3X+y2EkM3jCW3ktZzBdwzaVqcU9gRsxJexPaiS0hbzF 2TTqkbZ+VjhsfI8P7MfxS8TanJ42k8GaxYTXfifwTI8XiTxFFrGrTaXo2o/arya4f7RJbpHCrN5U UcjyuC3GSFr2j4l/Ab4i6+P2tZ9G8PpPcfFHRNMs9Bfz7ZGv5rXSHtmQlpB5WyZtoM2wc5B280Af QuoftU/AnSvH7fDW+8RtHrKahDpDuLG9bT49SuApis5NQWA2aXDb1xG0wbJCkBjivV/E/jzwp4N1 Dw9pfiS++x3Xiq/Gl6anlySfaLwwyXAjyisE/dwu25yq8YzkgH8w9Z+BX7QmkfEea8+GXhXU/DGq 6hrmmX0up2WuWsvhK+s4/s32qfVdIu5ZJftqojoWtYRvcLIr9TX2F+1F4R8f6ynw18bfDrQW8U33 gDxXb61c6XFcQ2txc2f2O6tJhBJcskXmp9oDhXdQwBGc4yAdh4x/aa+B3gBNbk8X+J001fDuq22i Xxa2un8nUby1F5BB8kTbzJAQwKblyQmd/wAteLePf27fhLofhbR/EngqS6137X4q0vw5qFu+manB d6eLyVDNJLaNa/aPMEDF4YygMzYEe8grXilp8FPj14y8Y3/jnxV4GGiHVfiz4Z8VCzfULK5aDR9M 01LZ5pGjlKmSJkUPGu5t+fL8xAHO58Yvgf8AGO6+JPxC+I3hTwqdbhfxf8PPEWn2sd5aQTalB4cU fbkjM0qLHIuMDzigbHy54oA+otW/a2/Z90Pxp/wgOqeKhBqqXNvZTObK8NlbXl0AYba5vRCbWCZw w/dyyqwPBAOBWf4l/bJ/Zx8IeKNS8H+IfFhtdS0S9TT9S/4l9+9vYXEuzy/tVylu0ECOZFCySOqE kgN8rY/P/V/2TPjHd3fxG+H+oeEte1jSviF4oudcivE8VpY+Ho7PVbmO5mXU9PinE73VrypMMbrK UUqwAzXv/jX9n74n6t8Ev2pvCdhoIuNa+JGu3d3oUZubYNfWzafYQxOZGlCR/vYZQBMyEEZIAIJA Po3xr+1z+z/8PfFN74P8V+Jntb3Sp4LbUJo9PvrixsJ7oKYY7u9hge1t2YMpxJKpAILYHNeXP+25 8OvBvxh+Jnwz+L2qQ6FD4Q1LT7axmhsb6dVs7ywtrhp9QuIkmhgTz5zGskhiTAHXDNXyf+0Z8Av2 pPiRpvxd8I23h7XNXl8SXks2gnTdd03SPDJ08RwlBe2qSxXVzfkxsjfaFeJ22EuqLx6P44+H37RM Ov8A7Rnh/wAOfCca1Y/G6Kys9O1aTU9OihtA2iw6fPJfRtOZvKgcyMgjR2ZlcBQGRmAPprT/ANp/ w/oeu/F2b4oX9jovhj4fa1pml2N1Ek0s10NQ061u1Xy4zK88zyzlY0hjyVAwpIJPsfwu+Mvw5+M2 mX2qfD3VGvhpVwbS9gntp7K7tLgKG8ue1uo4p4mIORuQBhyCRX5leMv2OPjNHo+sJoVpcak/hnxl 4T1zTkttTi0671qy0bw9BpVy1tciTNrciUO0TTFOVPZgx+tP2UvhP4n8G+JPiD8QvFOgar4fn8XP pkMKa9rf9uaxPBp0MgWW7ljlmgjw0zJGkcjEKPmPQAA+0KKKKACiiigAooooAKKKKACiiigD/9T9 /KKKKACiiigAooooAKKKKACiivir4g/tT6x4R+Id54bsNGgn0vS5vInMpcXEpXG8oQQqDOQuVbPX vgaU6Upu0TkxmOp0IqVR2TPtWiobedLm3iuYwQsqq4yMHDDIyKmrM6wqC5uYLO2lu7pxFDAjSO7c BVUZJPsBU9cz41/5E3Xv+vC6/wDRTUAU/CHxD8D/ABA8JQePPBOuWmt+HrlZXjvrWUSwMIWZZPmH 9xlIYdiDWl4U8V+G/HPh2w8XeENRh1bRtUiE1rd27b4pozwGRu44r8QP2VNV1L9k74T+Atc1a6kk +Efxy0VUnllYtHoXitoWRGZj9231BECknhZF5KIOfSv2YPFnxY8deDvgf+zf8OfFz/D/AE61+HY8 VarqtraW15fXKvfvYwWluLtJIolVlaSR9jMRtUYzyAfsFqOtaPo7WiatfQWTahOttbCeVYzPO4JW KMMRvdgCQoyTg8cVm+L/ABj4W8A+H7jxV4z1ODR9ItGhSW6uW2RI1xKsEQLHpvkdUHuRX4w+M/En xu+Jvjr4efD/AMaeO5rTxD8OvixP4ZTWLDT7FReq2mS3VpqTQyQyRJdLCzRvEo8kb8lCwBH2/wD8 FIftv/DGvjr+zdv2v7ToHk7/ALvmf23Y7N3tnGaAPuSivzV1Lx58fvgF8XZvBPj74p2Xi/TPEPgn W9dgvdb0+20y00nVNIMWZGaxjD/YiJcsjb3AHB3ZLeL/AAw/aM+MC/GT4Rad/wALH8Q+OdA+Ik0+ n6rNqXhOPRNGM5spJ45tGuZLW2lcI68BlcMnL8kAAH7JVzXhPxj4W8daR/b3g/U4NX07zp7bz7dt 6edbSNDMmf7ySKysOxBr81NI/aO+NWreCvDHwGOviP42zeP7jwjqupJaWwcabpT/ANoXeqR2rRGA LJppiC/u9paTK4IyOM8O/GP9oDxH4K+Dvh3wJ4utvDGq+PPHXi/Rr69TSLGRFsrGW9MbLbiJI/Ni SLcrDBeQAy+YCwYA/YOivyL134+/tF/DTxF41/Z4PjKPxL4l/wCEy8HeGtD8T3+n2sc1nB4qtZrq WWe2gSO3le2W3cR5Ub2YFs8JXvXws1v48eC/2xrz4E/ED4hy+OvCb+Bn8Q2Ul1YWNpdrcnUobQiZ 7SGLdsAfZgKpV8EMy7qAPvqivgv9rP4q+JvC3jzwn4F0L4jXPg231Oyu7qaw8OaG/iHxRqEiOqRe TbfZbmKC1X5t0rbWZ/kXoSOi/YY+LfxA+Lfwu8Sy/Eq8n1HWPCXirVvD4uryyTTb2eCy8pomu7SL CQ3AEm2RFHBGDk5JAPtKua0Dxj4W8U3ms6f4d1ODULnw9dmw1COFtzWt0EWQxSDs2x1bHoRXwbae Iv2k/jtrfxc8VfDP4lWvgKx+HHiG+8N6PpVxp1tPY3dxpUUb3E+q3E0UlwsUzybR5BTy0G8Bz1+c fDtj+0GZv2pvih8OviTH4MXwnrd3qwsbGwtNRtdQ1G20i3uJlluLuJn+zFERI/LVD8xdskBQAftL XH+IfiB4K8J6tp+g+JNZttO1DVoL26tIJn2vNBpyLJdyIO6wo6s57Aivzf8AiR+0R458VS/DiHTf iNe+ED4q8Faf4gl0Twd4efxD4invb9Vfe8b2tzDbWSA7UJdXdtwJ28j5+0L4seOPjK3wO8VfEe4N 54htNE+L2mXNy1slnJP9gtoIUklt4/kilKKPMVflDA4AoA/bfw54i0PxdoGn+KfDN7FqWk6tBHdW l1C26KaCVQyOjd1YEEGtqvxF0P4/fEnQ/BH7O3wD8B3+vaBYXHw307xHquoeGdA/4SLV5YsJaQ28 MBimSGMMrNLM0bYyigjOG7PTfjz+154pT4c/Dd9V1HwTreueNNW0D+3Na8MrY3Gq6JDpzXdvfnT7 uJEjuEG75YsR+ai7gyFkIB+w9Ffkx4h/aF+P/wAHNP8AjT8KrzxRH418T+F9a8JaR4c1zULK3tnj Pi1AA13FbLHC/wBlIYoSoDnG/g7Q74sfF/8AaL/ZQ+Jr2Xij4gyfEnw0vgfxB4hhgvtNsLOd9T0/ ylWOVrOFGFururLt2kB3ViwVSAD9Za5vS/GHhrW/EGt+FdK1CO51bw2bddRt0zutmu4/OhDnGMvH hgAScEE4yK/Kj4LfHv8AaaPjL4ZaprM/jPxrpnjGeGHxNa6l4Ik0jSNKivYt0d5YahFbIfItpNqs ZndZIyX+U8iC58a/Fyy+EPhL4m/CTxAvhfxD+0Z8XNjX81nDemLQ76G7tLH93cKyt5dpZW0yAFck YztZgQD9gqK/Hjxf8Z/2gtP+Muu/s/Dx/wCLpofhnpmnm81zwz4Lg1u/1bUdVR7uGS8iit5YLaCG IpGqIqmYq5Lk52x658fv2vNW8GfDjxP4+0/xb8ONBl03UI/EF/4d8MR32opq9pdmK3mu7G/ieW3s ZbZVnykXLuUztAwAfsXRX5VQfGP44fFGb9m3wh8PPi9YFPiHaeKTr/iHStKg/wBKXRfszRvDa38J NvdAM0boUCq7OxjIVFGVqf7QX7Q2j/EK+/ZEg8Ww3HjD/hMNO0a38Zzadb+bHo1/pTasWa0VVtXv o0QxD5AjZDFAcEgH61UV+TXxY+Nn7Q37Psfxn+Fmo+Nn8VX+g+BofGPhvxDc2FlFe2oN59hmtrmK KEW037wb42aIHGQd38Pat4q/aq+FfxU+HGg6v49h+Idz8V9E8RSrpdzptpp9nYavpmnC+tVtZYAs vkM5ELCWRjtBcsWOVAP0wor8ifgD+0X8V9N+IegaJ8a/H2uWmvXemajPrPhPxX4Zh0o3F3a2xm3a Be2cKxyxoyHCyysZI/mC7jx5j4B/av8A2qvFHhrw58bdKXxh4ku9a1OKa48KWfgiV/Dn9jS3JieO 01aO3M7TRQ/vROZWUuChVgOQD9xK8L8QftM/APwr4X0bxp4i8cadYaL4iuJrbTbmWQhb2WCQxSfZ 1xukVXGC6grgg5wQT5/+3T4y1fwJ+yd8RNc0C5az1C4s4dMhnU4MLardQ2BkDfwlROSG4xjIOa+W vjb8PLv4fftSfAK18L+J73SvD3g7wr4ifT9Pt7OxmFtbaLa2YmhiaaB2JvIgI5GYlkA/dFCSSAfq zRX5GS/F39qLwx+zp4c/bZ1bx/Hq9lqdzpt/qHg1NNs001NH1S8jtkt7a4WP7Z9piWZG8xpWy2VK MBg+6/sxaz+0D8Uvif8AEbxx4w+I7Hwb4O8beJvDVj4ci0uyVJ7SxnZIJJrtUEwaIuqrt5Ij+dmL sSAfddzrWj2ep2ei3d9BBqGoiRra2eVVmnEIDSGOMnc4QEFioOARms3wf4x8LfEDw3Y+MPBWpwaz ompqz213bNvhlVWKEqw64ZSPqK+FfjJ4a8Uah+398Er7TvF13pdr/YeuzfZYra0kTyrSS0a5g3Sw s+28VlSRt29AoMRRiSfjj9nbWv2g/g5+yH8GvjTpnxDE3hmTW7DS5fCjaZaG0Olahqz2bn7Vt+0m 5LN5ofzAq527cA7gD91qK/Gjxt+03+0J43+Inxbb4e6r4s0e3+HmsXuhaFpfh7wY2v6ffXumqPMb VL3yJWX7RIdvlxtGY42Vxk4LfpRo3j3xdrv7O0PxJ1nSpvC3ii48NNqNxY3ELRy2N+LQyPG0U67h 5coIAdckAZFAHt9Ffk74L+J37Tfgz4QfBX9o7x58Sf8AhLrbx7qOgWOsaA2l2NvarZa6ywxTWslt Ck4u4i6yyAsUdiyhUVVFcVonxu/autPgrqnx4vviNFqM+u+JbnwboWkTaRZx2dpLcaz9gg1C5niR ZHaBRIAgARsR79xDFwD9l6K/Kf4zfG749/sWeIbe18X+MJPi1pHijwxr9/ZNqGn2ljcWOsaJAk+S bCOINaSiVQyMCyfwydm6jUPEP7TXwWv/AIP+JPGfxObxvp3xU1ez8O6vYtpdhbR6beaxbSSW11pr wRK5S2eMhlm80OgywBJIAPrw/tM/AP8A4T6b4XL4401/FNtdR2M1ikhd4rqZ/LSGRlBRJGkwm1mB 3kJ94gH3Svxn+Efwo1XVv2T/ANp6LxL4sutZ8zxB4xlh863s7Yxato9zJcR6l5tvDHJ50k8UUjDd 5abAI1QV+gek+KviH8UP2RtN8c+A9QbTPHHiXwbb6np9yIYpCmp3Nis8f7qVHjIMxwQVIweO1AH0 rRX5AaJ+3b408Q/FX4N6/BqMNv8ADC70bR7bxmTFF+68QeIbW9e2QyFC6CCWyw2xlHzgMpyuK/8A w0N8Ztf8GfDzU/FXxRvPCk3xEh1jxDBpPh7w8ut+J3064uiNKt7e2isp4o7SO22s1xL+9d227mwS AD9h6K/FzQv2if2sPFvwYtb63uvEV1aeGfHOueHfE2s6L4fs5vFKadYQo9m7aTIrQxymSTbdbIy0 QTjJzu+8/wBjz4n33xQ+GmpX+p+PIfiDcaXq93ZC+OnNpF/DCgRo7fUbNo4ljuowxDmNAjDaVzyS AfWFFfj7+0b+0H8WNK8T/FW48C/FbVEvPAgmk0/RfCfhcaxptkLO2EzjXtSubQxxu7BvNVJ9sC4O CwK16NZ/EX9of47fGfwV4E8I/EI/D3Qte+FWi+M9Ray0yzvJ/wC0L66lidLdrtH2K4K5LbgBGAoD MzUAfp5RXyz+x38R/HXxM+DCaj8Sr6LVfEmiavq+iXd9DClst42l3stss5hj+RGdVBYLhc5IAHA+ pqACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACvGfEXxl0XQficnw9lNtHbaZo tx4g1/Urq6W2t9IsEby7dpWYbczuspG5kVY4ZHY/dDezV+ZHxf0bWrnxl+194QtbOfUdb8Y/DrTL vRbW3iaW4u4IrLUbJ4YI0BaRluT0UE7plGMkZAPvfwp8WPhb471bUdA8EeMNH8QanpHN5a6fqFvd T2wztzLHE7MgzxlgOeOtN8JfFv4VePtV1DQvAvjLRvEWpaTn7ZbadqFvdzW+DtPmxxOzIA3GSBzx 1r89vij8AvEy3fgLQvg34XbQL24+FXi7QXu7S0NrFb3txaWIsYLmdFVYnabzCm8hgwdhyGr5r8Hf A/4neN9E8O6F4PsvFmkeJ/DHgnxBpJ/tHw5Z+GbHTrq80p7OOya+S3he/Elw6vG6SOFKidmDZyAf s74S+Lfwr8f6rqGheBfGWjeItS0rP2y107ULe7mt8HafNjidmT5uOQOeOteWah+1H8NJPiz4J+Ev gvWNL8V6h4p1DUNPvTp+qQTS6U9hp899meGLzGJk8gx4YpgknJKla/NT4SfBn4h+KbrwVpvh618V 6H4g8JeEdc0uSTUfDVp4csNKubvTGs47VryO3ik1EG5dZYzG7gbPOZgxOfQPhJo4vfip+yxo+jfB nW/COqfDa01Sx8TalPoUtnaWkzaFcW/lfbdgjuY57nMiyh2UlkJbfLggH6HeKP2gfh74S+NnhX4E avqFvB4h8V2N1fQCS6gj2CB444ojGziRpLlnbyVC/OIpMElSK67wz8XvhR418QX3hPwd4z0XXdb0 vd9rsbHULe5uoNh2t5kUTs67W4ORweDzXx/+1V4T8Wal8bfBmpeGdFv55NZ8I+LvDdrqtlZS3Men atqa2n2CS6liRvs0YZXYTPhVwxyOa8N+EfhO58Q6z+zZ4U8G/CjWvAfiD4UfN4p1S90l9Ot4YYtN ktbq1S8dVS++23Lq4MTSbl/eNjLYAP04+I3jf4YeCPD0lx8Wdd0jQtD1Ddau2s3MFvbT71O6I/aG VH3LnKc5GeMV5j4b8Qfsl/Bjw4mv+ENS8FeCNC8SRvfJdWM2nada38UDhHmWSIokyxvKqbgWClwv BYCvC/2uV8Xx/FL4d6jp2iXMOjWdlqwfxHp3hmbxZqFldTGBVtIbNBJHbi5QHNw8MgJQJ8o3E/MX 7LfwW8Uy+PfhGfiJ4D1WKx8M3fxJmb+2tJEKWsl/eWb2byLHEtojTRvIY/JxExDiLhSAAfqtpHxj +EfiDX7PwpoPjfRNS1rUbZby1sbbUraa5ntmTzFmjiSQu8ZT5gyggrznFZelePvgTqfxQv8AQtE8 Q+HLr4iJbizu7e3urR9ZFvbM8gglRGNxsiZ3bY3CFicDcSfzg+HfwG1rwp8GPgmfD3gm60PxNafF TUb2/lj02SO8tNPkutXgS4nGwOlsbb7OAz4jKGPsVzyHw5+HniKTwJ8EfgdafCzWtD+JvgHxnY6n r3iCbTJIbKOCzupJr+9XWGUR3YvojsWNZGMm7ay4QUAfoF8RP2zP2ePh9b6ZK3jjQ9Xl1DV9L0uS Oz1exc2i6lMI/tdx+++SCGPdK7Y4Vc8DJHU2X7Rfw10611O9+JHifw34Pt4NYvtLsJLnxDYOl7HZ eWTJuLoI5cSKZLc5eLK7vvCvz20T4M3Xgf8AY1+FGrN8Ob06/oPjbSdc1+1t9Ikl1l7O212Wad3t 1j+0y7YWBC7SfLxgbaXX/EvxQ8D+D/G3hTwz8PfEaX3xG+IviK4i1xPDF9qX9h6NKtsXv0to4Hka aVTstFKhGcMzMBGQQD9Lpfj18DYPCQ8fS/EPw6vhlrg2g1T+1rT7CbkDJhFx5nlmQDnYG3Y7VQ8S /GfQvD+qeALqBrbU/CXj68OmQa1a3SywR308fmWCjYGWSK6KSRrIr8S+UuG8zK/l94x+HNnpGrfB /wAS/CPw34w8OfDfwRaazo8zP4Qmv9WtNUu/s8x1GfStRtXlnW7Xcr3ccLYcMuVHFdnH4E1jwh+y j4c8DG21TS9W8bfFDSrjQ7bVreCzvLTzdchvmlWxtlSO1QRW89x9nUfukY5xggAH660UUUAFFFFA BRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAf/9X9/KKKKACiiigA ooooAKKKKACvNtb+EHw38R+I08Wa1ocNzqiFSZCzhXKcKZI1YI5AGPmU8cHpXpNFOMmtjOpShNWm r+oUUUUjQKo6pp8OraZd6VcllivYZIXKEBgsilSQSCM4PHBq9WF4o1B9J8M6vqsdylm1nZ3EwnlR pI4jHGzB3RMsyrjJVeSBgc0AeLRfsx/DFv2c4v2XtVjudW8HQ6YNLDXbxtebEO6ObzEjRBNG+HRh GAGUHb2rzxf2KPh/pXh3wHpvgnxR4i8J658OtOk0jTde066t01KXT5m3vbXYe2e3niL4cKYRtYbl 2nOa2mftpfBXwj4Q8F23xI8ax6r4p8ReHrDW410nR9Sc6jb3fmILm1tUt3lVGeGQ7GG+MDLhQQTh /FL9un4ceF9O+EfifwJd/wDCReG/iVq5t3voNO1C68rT4El89o4reEv9pWZFj8hl8wfOfLIRiADp tQ/Yj+GU/gDS/Bek6/4h0fU9L8RP4sHiK3vo21u41qVHilurieaGSN2kjfYw8oDAXAGOfdfjH8I/ Dvxv+G2ofC7xdd3lvpmpyWUss1m8cdzusLqG8j2tJHIg3SQqG+TlSQMHBHmniz9sn9nHwR4zvvAv iPxaLfUNJnittRmjsryew0+echY4ry+iha1t2JOCJJV2n722q/xC/bR/Zw+F/irWfBHi/wAUSxa7 4dET6jaWumahevawzQR3KzyG2t5FEIhlRjJkqM7c7gVAB0vxa/Zq+HHxq8Rw+IvHRvJzFoWq+Hja xSolvJaav5fnO2YzIJUMSmJldQp5IJxjzDRv2KPC9l4o8EeL/EHxD8YeJtQ+HV3HcaGNSvrV4bWF I2ia2MUdpGjpKhUSSMPOOxdsijIK+Jf2wfCmnfH74V/CnQH/ALU0P4iaZNqK6lb2N9cqwn8ldO8i WGMxeXKZGaaQkrCoUymMMCTwf+1x8NfD3wb8B+Lvib41t/EWr+M47k2Mmh6TqDSambaV1ke201YX u1SNQA7OgUEZzyMgHp9h+zT8M9N/aJ1H9p23iuf+Ew1TS10uVGdDZqo8tTcJHs3i4aOJImfzMeWu NoOSee8L/sl/DnwmfAx07UdVk/4V/rmseILDzZoD5t1rfn/aEn2wLuiX7Q/lhNjDC7mbnOhqH7Xn 7Oel/DXSfi/f+NLeLwlrWoHSre98i5b/AE8Ryym2lhWIzQyhYXysqIcgL95lBj8M/tffs8eKvCvi zxnZeKxZab4GWJ9a/tG0u9PnskuOYHkt7qGOYrN/yyKod5+VctxQB5L+0h+zXp+paV4+8c+F/DGo eOdc8d3/AIdudQ0+DU4tMu7NNBVoobzRrgrH5V5CrmQCWUq5BUYB2nzj9kv4I+N9P/aK8R/HfXdO 8XafpEvhmLw/bzeO9Qt73Xr+drtbmSQx2rvFb28KxKiJ8pYkvglmx9DaR+178IviDp/i3SPhxrE/ /CVaBod3rMVjqemX2myyW8MZKXEcd7DCZYt+0Er0yM4yK9I/Z78fax8SPgH4B+JXix4U1PxDoVjq V60S+VCJZ4FkkKqSdq5J4zwKAOb+KX7N2ifEjx/pvxU0rxXrvgbxbp+myaM2o6DPbxyXGmyS+e1t Mt1b3CFRJ86EKGVjkGtf4C/s++Dv2dtC17w74J1DVL+08Q6tPrVwdVuVu5heXMcUczCbYsjCQxB2 8xnbeWOcHA+Z/iB+3f8ADzUvE3w18KfBPXk1S88VeNNL0e5efTbxLW70uZ5IrySxupoooJjHJsUv E7hSehBBr2/xZ+2T+zj4I8Z33gXxH4tFvqGkzxW2ozR2V5PYafPOQscV5fRQta27EnBEkq7T97bQ By/xA/Ys8CeOvEPinVLTxZ4l8L6R49kSXxLomj3sUGm6u6oI3eVHgkkjaeMBJzDJH5ij5uctXofh 79mn4eeFvC/xJ8H6JLeW2l/E+S5e/iR4VFotzYpp5jsgsIEaJDGuwOJMN1JHy1j+P/2w/wBnr4Y+ LL7wX4x8SyW+oaSLc6jJBp99d2mni6AaD7ZdW8EkEHmKwI8xxgEMcAg1NP8AHTwx4a+IfxDPjDxt pdv4V8IaJpOqywG3njlsIrzzv38t2V8mdLjYoijiLOCMEZZQQDkLr9jLwhbX+g6t4I8beKPBeo6N 4d0/wtPdaPd2sUuo6ZpibIBc+bayL5y/89oljYdFwMYpeEP2FfhD4Ih0G00TVddNr4a/4SdbGKe6 glEcfiuOOO8jZ2t/McRCMGAs5cEsZGk4x0Wi/tu/s1a7c6hY23ii4trzStLvtbuba70jU7SePTNO iE0915U9sjGPyzujwCZOQgZlYDR+H/7ZH7OfxR8Z6d4D8E+Kze6rrKTPp3mWN7bW1/8AZ13zLa3M 8EcMzRryyo5IGfQ4AOe1b9jHwBcaD8PbHwv4k8QeE9e+GWlpo2k6/pd1DFqT2CoqGC73QPBPG5UM VMIAbJXbkg6vhT9j/wCF3g+98Iatp19q9zqnhLXNQ8Rte3VzHPc6pqep2721xNqEjRZkJjf5RH5Y G1e2QfbviT8TvAfwh8Kz+NfiNq8ei6PBJHCZXV5GeWZtscUUUSvJLI5+6kasx5wODXyB8Yv22fBW mfCuD4i/CzXYRHpPirQtI19NUsrm0n060v51FwZ7W6SGaJvI3MjlcHBK7sUAdN8ff2cdL1Lwt8X/ ABV4Z8Mz+Ptf+JiaGL3RLjUI9PjYaIRHE9hcbFMFwkZMqNI7KZUUfKpIPzN8E/2Ztd8dfHW58ceP 9B8aP4Lg8J6h4eu3+Iup299quovqLpG1rBDZyOkVrDCrkykq8jybvmPzD7g8C/ta/s//ABEtvElz oHikWw8I2g1DVF1O0utKkt7EglbopfRQs0JAzvUEDIBwSAX/AAv/AGrvgV8YfEkfhHwPr8smr3Ns b20t77T73TWvbRes9obyGEXEY6kxlsDkgDmgDyPT/wBg7wPa2FlpOp+PfF2vaf4etLu08O2mp38F xb6Ebq2e1Sa1QW6F5baNyLdpzJ5QC7RxmvcNX/Z48C6x4V+GHg5pryz074Talpep6Qts8ab5dItp LSCOfdG+6MxyneE2MSAQwGQfLfBn7WXw30D4LeBPGvxO8bW2v6n4xjufsU2iaTqBfU2tpXEj2umr DJeKkSqA7NGACMk4YZ73WP2tP2fdF+H2h/E6fxbHc6F4mne00v7Jb3N1d3tzExSSGGzhia5MiMpD qYwUP38UAZfxK/ZY8NePPiI/xX8PeLfEfw+8UXlkmnajd+HLyK2/tG0iJ8tLlJ4Z0Z4wSI5VCuoI +bhcctL+xL8N9Js/Co+F/iDX/h1qnhLTZtIh1LRLqIXd3Y3M32maO8NzDOkxectLuKAiRiw7AfQP wu+Lfw9+M3hyTxV8ONWXVbC3uJbO4Bilt57a6hx5kFxbzpHNDKuQSkiKcEHoQT5L8RP2y/2d/hZ4 m1Lwl4v8Rzpf6GYhqhtNMv76307z1DJ9ruLWCSGEkEHDOGAOSAKAPmnx3+xeNP8AiJ+z74S+GF3r +ieG/BS+L7u+8R2V3EdTt9Q1KO2ljuJ5pkdZHupRIrqYijKSm1VwB7xJ+xR8KbjwRceGL3VNcuNf udbj8SP4qa9UeIBrMS7I7tLlYhGpjj/dpGIvKCcbO9bXij9ojwf4J+I+q3fiXxrp8PgvTPBNv4nl tYrG7uLpYJr14V1FbmGN4pLd1CosKZl3AvjaQawU/b5/ZTkmurWPxm73ECJLbwjTNR83UI5H8tH0 5Ps+69UtwDbiQYBfOwbqAHH9i74f6l4U8e6H4x8S+IPFGtfEixi0zVtf1C6gfUhZQHdHBbbLdbaC JWywVYOWJLbjjHqPjz9n3wD8SPEHg3X/ABWbq5Hgq01axt7QPGLa6t9asvsF0l0pjLsPJ+7sZME5 ORxWTeftXfACw+FWn/Gm58WRDwnq1ybKznW3uWuLi8DtGbaOzWI3LThkYGMRbgFJICgmjS/2rfgF qvw91z4oL4rjs9B8MTLbaqb23ubS7srhyAkM1nNElysjlgEXyyXJ+TdQBwPgL9i/wV4L8TeFdd1X xh4m8YWPgJJI/Dmla3eQT2GliWH7PlFjt4nlZIiY4zM7hFwAMgEY2jfsG/C/RZrLRovE3ia48BaX qaavZeDZr+N9Bt7qOb7QqrF5PntAsvziF5im7JIOad8Lf2sNN+Mn7Ud58MPAl2Z/Cun+Dv7VuYrv T7rT9Qg1X+0Fh2SR3aRSKht3RgDHg7gwYivdPiz+0F8KfglNpdj4/wBVlh1LXBKbCwsrK61G9uVg AMrJb2cUsmxARucqFGcZzQBY+P8A8JNP+O/wY8XfCPUpvs0fiWxe3jnI3CG4UiS3lI7iOZEcjvjF effD/wCHl38Tf+FYfGv4s6dfaH4+8H6TqWl3Wms0f2R574R2968isjtJG7WwkgZZFBRwWDZ48t+K 37d3w18N/D/4f/ET4b3n/CRaV4x8V2OhTyDT9Qle1thcImo7oIoRKl1FG2IoHUPIxBRJACp+tPGv xR8CfDrwDc/E7xvqg0fw3aQxTyXM8UoYLOVWJfJCGUyOzqqxhN5YhdueKAPmfR/2FvhppMum6KfE /iW98BaJqK6rYeD7i/jfQ7e5SUzRqEEIuXgjlO9IZJ2QMMkEcV9DfC34S+HPhHb+KLbw3c3dyviz xBqfiS6+1vG5S81WXzZki8uOPESt9wNuYDqzda8K8Qftb/DHxV8J/iD4k+GvjCPQNZ8F2K3N2+ua RqMT6cs3+qnnsJIY7mWJwDgxIwPrnitTxl+2x+zh8NdZv/CXjfxa8eu6FFayanDbaXqNz9ljubeK 5SeUwW8gSExzI28naCdpO8FQAegfEr4DaD8SPiH4F+KL67q3h/X/AAFLO1rJpc0UaXVtdNE1xa3S SxSh4ZfJUMF2tjOGGcjj7T9kv4c2XwE8Nfs7Rajqp8N+FryzvbW4aaD7c8lje/b4xK4g8sqZeGCx KSnAIPzVseBf2sfgB8S/HUfw68EeK01TWbpJ3tNltcraXotRmf7HePEtvc+UOX8qRsD6HHL+Df24 v2YvH2qaRpfhbxe9yuvXCWVldyabqFtYzXsgylp9rnt0gW4YdImcPyBjPFAGX43/AGLPA3i3xX4q 8SaP4v8AFHg6z8fD/ipNK0O/it9P1VzH5TySRyQSvHJKmFlaF0LjOeWYn3vX/Bljo3we1P4f+CdP W3tLPQ59N06zh4Cols0MMS5PpgDJ+pr5Q8IftGeMtdglk8QeINM0Fo/jHqfge3WWwuJ/t2nWkk6w 2cfkb/LupFjDfaJNsY2ndgkV7NL+15+zzD49Pw4fxWDqy6iujtKtndtp66m7BVsm1AQm0FwSceWZ cg/KcNxQB89fsw/sX2/h34b/AAnvvinrviS/uvB9vZarB4W1K8hk0rS9bWIlpUjjiEjNDIzNCrzO kTE7BjAH0JbfspfCtPgdqn7P2pC91Twxqt3eXzvcTKt5Fc3l49/5kM0McYRoZ23RELkBQG3c5+dP F37bcPw11rStI1TVrfxQmrfETV/Dt1LYaLqrHTNM0/fvt9scLG4vYXCRkx7hICzxqyqxH1kn7Rvw Zf4V6x8aj4iWPwf4fmuba/vJLa5R7ee0n+zSxPbNELjzBLhQnl7mJBUEEEgHnGgfsd+AotT1DWvi Z4i174pX99pFzoCS+JrqKcWumXY23EUCW0NuivMuBJMQZWwPmFQ+A/2OvB/g7xH4X13WvGPifxpa +BNx8Oabrl9FPZaUxj8pXjSKCF5ZIoyUied5CinA5Ga+ivGPj/wf8PvBd/8AEPxvqcei+HtMgFzc 3d0GjEUbYC7kI37iWChNu4sQoG44rx3wD+1v8B/iTq2r6D4c1y5h1PRNPfV57XUNMv8ATp206P71 1FHdwRPLGMjlATyMjkUAeb/FT4Har4P+A3jT4PfBiO+1G/8Ai/rt+l3dXZSVNMTxLMz6ndOY0i2w QQGXylOXLlFLMTmvrnwh4X0rwR4S0TwXoKGLTNAsbbT7VDyVgtYlijBx6Kor5z8E/tu/syfEXxPo fhPwh4vN5d+JSsemyvp99b2l1OYxJ9njupoEgM6qRuiLh1b5CA4Kjx39p39vT4cfDrwJ4ts/hd4h jvfHGiXltp8Bk068n0w3wu4kubX7YIltXnjgMjGMTbhjpkEUAdbdf8E+vgLc/Cz4ifCNH1S30j4k 67/b95NFNbi6s7hZUmjhs3NuUSCMqVRZEkYK7gucgj0Hxp+yn4R8ReI/DnjHwh4l1z4fa74a0VfD cF5oE9vE8ujI6utpKt1b3CFUZdyEKGVuQeldD+1V8SfEnwe/Z48d/E3weYRrPh3TmurX7QnmxeYH VfnTIyMHpkVieOv2uvgX8K9TtvDPj/xE8OuCwi1C8t7KwvdQNlbSKG8+6NnDMLeM9QZSvHP3eaAP NtK/YG+F3hrRY7Pwh4p8UaNrFnr174jsNajv4pdTs77UraO1vQs0sD+bDcrErTJMJCzZO4A4r334 K/A3wv8AA/SdZtNE1DUdc1PxJqEmqatqurTrcX19eSKqb5WjSOMBURVRERVUDpkknC8e/tUfA34c xeH5Nc8QPet4pszqWmxaTZXery3FgApN2EsIpmEGGB8xgFPYkggYuu/tk/s66HonhnxAPFD6tbeL 7SW/0xNKsL3U55rOB/LmnaC0hklijjfKuZFXDBlxuUgAHG+Kf2IfAfia+8aQw+MfFOieGPiHeXGo 674f02+gg068vbtQk8xJt2uE83aDIizBHIAYFcqfUPhz+zh4M+Gfi3Q/Gmj6lqd7qGgeDrDwRALu SBo303TpmmhlkEcMZNwS2GcEIQPuA5J9U8CeO/CHxO8IaX498BapFrOgazF51pdw52SpkqeGAZSr AqysAysCCAQRXW0AeXfCT4S+HPgz4cvvDHhe5u7q11DVdR1eRrx43kE+pXDXMqqY44xsV3IQEEgY yzHmvUaKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoor5C+I/7QXxEufi1efAf9njwjZ+ KvFOh2cF9ruoatetY6Ro8d4CbWKZoo5ZpZ5lG8RogwhDZPzbQD69or4b8P8A7YF94Ufxz4S/aT8O W/gTxl4F0Z/EPlw3yz6Zq+lhhEs9ldSrEAxuGW3MUgDeYygEkkLQ8L/t4fDjXdc+H82rajouh+F/ GHg6XxJe6jcatCY9Mv4pLaN9NklOyMyxtOUcHa+9cbATigD7zrktS8D+GdW8X6L48vLTOu+H4bq3 tLlHdGWC9CCeJwpAkjYxo21wQGRWGCAaqRfE74bz+Cf+Flw+K9Kfwj5Zm/tgX0B04Rq2wsbnf5WA 3yk7uDx1rI0f42/BvxD4SuPH2h+OdDvvDVpNHbz6lDqNs9nDPK6xxxSTB9iO7uiqrEEsygDJFAHp 9FfGvjD9pfxR4u8T6F4I/ZO0nSPiLPqcV3cXuvzX7jw7pqWbIhglurOO433Ls4xCuGClXIKsCPQP 2bfjhqvxt8NeI28UaAPDPijwVrt54c1mzin+1WwvbIRs0lvPtTfE6yKwyoYcg5wCQD6KooooAKKK KACiiigAooooAKKKKACuS1bwP4Z1zxXoPjXVbT7Rq3hlLtdOkZ32QG9RY5nEYOwyFF2BypZVZ1Ug O2etooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKA P//W/fyiiigAooooAKKKKACiiigAooooAKKKKACuL+JNrdX/AMO/FNjYwvcXNxpV9HFFGpd3d4HC qqjJJJOAByTXaUUAfln+yF8NfGvh34v/AA41zxP4X1HS4tM+B+iaPLcXllNAlvqCanLJNZu8iKEu FTazxEhwuCRivMbTwl8QPh78NPhx4qvvA2v3dt4P+MevaveWNhpdxPfppdxLqCRXMdoq+Y8LeahV lBUhgQcGv2aooA/BC5+EXjvwnpnxd+EPi3S/irqmo+Ldf1e+stO8NRWieHNfs9WcNHNPqE+n3ItZ CpAuTM2Y9q7QT8o+2vgT8JvEPgz4hftGWmp6DepbX+keE9NsLq5jeYaimn+HEtZVhufJhS62S5SR o0UF85RSdo/RWqt/fWemWNxqWoSrb2tpG80sjnCpHGCzMT6AAk0Afkl8I9A8efDbUP2P9f8AEvgv X2ttN8Lap4f1MW+mXE0ul3moGzWD7dEF328fyNud1AUKSelcJ+zP4c+IP7Or/Bz4u/EH4f8AiK90 U+Ar/wALXkNjpVzd6lomoDW579ZLiwVPtCRXMTBd6ocFV3YBGf2Y8N+I9C8YaBp/inwxfRanpGrQ R3NpdQNuimhlXcjo3dWByDW1QB+Ntp8IfiDrc/h/4hz+BdV0nT/GXx90/wAWx6RPaO1zYaVFYzxH UL+FAxtTLMvmSCQ4QsmTkiux/aY8K/GW1+Lnxm8VfDXwVLrn9p+F/CUEU0ujjVIZDBqUxuntLedD b3d3awkSJESSCFbH3Qf1hooA/FHw/wCG/iH4j/aCi8Y21r8RvFujXfgPxNpf9teLNIayDahLEki2 9vaw2tubeNhgRmVB50hKxlypr7o+FHw78Wav+wZ4f+FM8E+geJNQ8AJo/l3cb289neT6cYAJUdd8 bRu3zArkEcivqHw34x8L+MP7UPhfU4NT/sS/n0u98ht32e9tsedA/o6bhuHbNdLQB+Ok+t+LvF3h D9mL4OW3wg8U6Xrvwz8VeF2124n0adNO0yPSozazSxXiqYpYpSfMEkbMgj+aQqcZ8dvPg/488H6f 8X/g74u0v4qapqXivxBrF7Zad4Zjs18N+ILTVpA0c02ozafcrbSFSBcGV8xhVKgn5R+9tFAH4ifF j4f+NPhnrnirT/h1oPxB8MeMZdJ0y1sv7Gth4s8L+LpbTTordDqcMtlHbwzKU8md3WNSimUKd22t X4zfCL4zeLta+Iuuav4TP25ND+Gl9cWCL9n03VbrSLmWfUNLs7iTELsrHCIrk52L1YZ/aauG+JPw 28FfF3wXqPw9+IWmjVdB1URieAySREmKRZY3SSJkkR0kRWVlYEEDBoA/ID46eO9X+Pfxt1FtA+Gf ibw3qEnwh8c2FvDrWnG01PUZprZQkEForSSusckgRGAxJJIwj3AZP1Hrnw+8URaN+x1b6b4bvQfC V7p41JY7SXOmxLoUsL/aQF/cKJNqNv2jfhTzxX0x8LP2bfhv8JvEt9430iTVdd8T6harYPq2vand avfJYo/mLaxS3TuY4Q+CVTG4gFskCvfaAPjP9sHw74rmb4VfEnw/4fvPFun/AA68W22s6ppWnxfa LyS1+zz2/wBot7cfNNLbNKHWNfmPJHSvmz4zXniL9ofTLjXfDHwd1DS9Fbxr4KT+0LzR5rXWtatr S7DXc1zatCJ1srRG2pJLxguflANfq/RQB+Tv7afwM+JnxZ+Lnje38BaBc3g1L4WQW0Vx5Tx2d5eW HiS3v/7ONyQIvOmgjdVjZgdrknCkmvQbjXNX/aU+PnwP8QeFfh54k8JWPw0m1PUtYv8AXtLl0kWa 3VibZdNt/PCi4eSQp5nlZRUUEMeg/SGigD8Uv2btA+IX7O8HwV+LfxB8A+Ir7RYPAmq+GLy2sdJu LrUtF1B9Zkv0lnsVT7QkdxDhN4Q4IXdtVgTY+KPg/wCJHiXxd8Lv2kJPh/4m+G/hi1vfE6XVn4Ks 4T4m0+PVGUW2qXdi9rKfOvFQ/bAsbuiEbmLZU/tLRQB8K/sVeArzQbn4leP7nTvFtknjHVbZ4rjx lPb/ANp6illb+WLxrKCytDaB92wLIZHcIGITo3xx8cdP+NniLUPjv4L1HSfG2nXmt3Wpw+HtD8G6 BbwaJrVpNaiKC+1PV/sztM8n/L0jzo+FEaZyFH7Y0UAfhv8AET4XfFPWvAl+th4L1yaeb9nbQNEE Q0y6806tBqBaWw2eXu+1IvzNDjeF+bbjmvuDWfh1qI/av+AviG08OTnSfDPhLXbWS8S1c29jM8dp FBFJKF2xOyGRUViCRuAHWvuiigD8K/GHwT+LNpe2PxJGh+LbLRfCHxc8e311F4ctANcXTtZdUs9S 0+3uoJVnhUofmSN8o5ZP766svwV8a6zcaz8e/Cnhnx74lh0Xxh4P1udPFj2yaz4lsNAWYSm30tLC zeNrdbgeT5rs02wAKpG0/t/RQB+d/wAJ/EOrfFH9uHVPivpvgLxD4b8LL8P10hNT1vSbjTBe3keq JOUCzorAqj4UPhm2sQCgBNf9qy8+Jdh8dfCtxZReIdB8EPoFzFP4g8F+Hota199Qe5XGnNM1tdSW ls8YWRWRMPJw3QEfoxRQB+GHg/wN8U/DPwHudb1jwL4tluPD3x4svGE9leWMl3rlxoqyW8xutsK7 bqUgnzWhyvmB84AOP0p/an0iD4ifs5anGfBOqeMLe9GnXh0qxnfTNahRZ4pvPtcxu63drxKsLAFi hjJ5wfqaigD8ONV0T46+Mfhd8d/Dmg2fjHxz4Nu/BsVvpV94t8P/AGPxPLqv2rP2CFlgjur6FYtz M7IQsnC45LfSmj/DXxWNd/bBvbnwxfZ8WeHNEs9Nd7OXGpGHwwYHhtiUxOUmYxsqbsP8pG7iv0zo oA/NDw78OPFml2H7EcNt4Zv7b/hE7IjWALOVTpry+HGjlF58v7gtOdjeZtzIdp+bivkX4K6zrvxj /YO8AfsxeCPh7r1v4i1PULJhrDabJHotrbW2s/bpdUGokeSTsjZNgPmmUldpH3v3prz/AOFnwy8J /BvwBo/wz8CwSW2haFG8VrHLI0zqryNKcu2Sfmc9aAPzGs/hp8R1i0YN4V1UGL9pbUdefNjP8ukO 15t1A/JxaNuXE5/dnIw3IrS+EWs+M/hZ8H9N/ZT8QfBfU/GHjWz8RXETy6hpTy+GLyC41Z7wazLq JjkgCRxSCQA/vRKiqEU4x+s9FAH4z33hT4heBkg8fX3gfxBqFl4f/aA8Ra/cW9hpdxc3r6TdR3Mc V7BbqvmSwOzrtkQFSDkE1seLvhl4kuf2zJv2cdOg3fDbx/rGnfFbUkHAi/s1XivLaWI8lbzUYrSR sgYyRyc4/YCvGvh/8CfAXw48aeKfiJo/26/8R+LpM3l7qV7NfSxwCR5UtbczM3k20byMViTCjjrh cAHBftkr8RH/AGf9fX4X6DF4i1szWP8Aoz6fFq0qW4uozNPb2M4aO4ngTMkSMMblzgkAH89vDXhz 4h+Iv2hoPGVva/EbxZo114E8S6X/AG34s0g2Qa/ljSVbe3tYbW3NvEwwIzKg86QlYy5Q1+1dFAH5 ZL8MvGVv+y3+yL4dtvCuoJqfhnxZ4LvNUtFsphcaekMcpu5rmLZvhVGc+azhQpPzEZr5/wDF9h8Q fC37FWqfsdXPwo8U65470vVGH2yz0ee60y6gGtf2gNUivYlMb74jjYP3okJBQKCR+5tFAHyv+274 e1/xZ+yf8TfDnhbTLrWdWv8ASXjtrOyhe4uJnLodscUYZ3bA6KCa/PnxP8OvHfw1+O3xW1bxNH8T oLD4gw6ZeaTN4Es7e8tdREFiLd7C/MtldG3licFI/MKx+WWY4xlv2uooA/GLWvg/dfCrwr8Hkl8M fETwRf6J4WntIfEfhK8/4SHU7CWe7+1DRdWtLawjjuLcGQMkgjVfMHl4IXzDhDw/8U08M/DXxx8W /CvjfwT4st9I1S0g8V+A7ALfrEdQMttY6z4ftLeWKNLiMrcHBA84lWVWBI/bqigD5j/Y9PxSP7P/ AIdPxh0tdI8Rb7smH7FDpszWxuJDby3FnABFbzyx7XkjUDDHkBsgfTlFFABRRRQAUUUUAFFFFABR RRQAUUUUAFFFFAHyn+1Z4f8AHmv+HNIj8JW9ze2MUspvre1VndyQvksUTLMq4fPBwSCfUdr+znpH jPRfhtBZeNlmiuPtEjW0VxnzYrYhdqMG5X5gxCnkAjp0Hu9FbOt7nJY4I5eliHiOZ3atboFFFFYn eFfm/J498N/sn/tV/FLxL8Z5X0Twb8YBo19pHiCSN5bKO80y0+yXFjdSxq3kv0kh34UqSA2Riv0g qOWKKeNoZ0WSNxgqwBBHuDQB+T/jLULP9qr4peNfi18NdOuNU8BeC/hxr+hW+rNbvHFrOsakolWC 1jlVXnigRA3mAbfNK7c8MfO/2a4fhJ8Wviv+zP8AYrbT/EFr4Y+FNxFNG0CvHb6zZ/YLa5Do6486 MyOCSM5OQehr9pwABgcAUiIkY2ooUZJwBjk8mgD+ff4ieGL/AE74b+JItHaPRvh94N/aB1ebVT/Z h1Sw0ywWGJoZ7jTkeMTWcE0mXizt+YcHAFYnxS0XRfF/w8+PXjLw945j8daRqun+DtM1O90Xw0mg 6Bc3P/CQ2ZhMUq305uLuGEukhWHaqMoMm75T/RLTI4o4Y1ihQIijAVRgAewFAHy5+0Kul/A/9mHx xc/C670j4ZfY7ErbX4tZILKxmuGjthcNHY288m9QwClYXO4LkYGR6j8FvhL4K+Cnw803wJ4FhYWM IM81zMxkub66n+aa7uZG+aSaZvmZj7KAFAA9VooAKKKKACiiigAooooAKKKKACiiigAooooAKKKK ACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAP/X/fyiiigA ooooAKKKKACiiigAooooAKKKKACuC+KnjX/hW3ww8X/EX7Kb3/hFtH1DVfIBwZvsNu8+zI6btmPx rvaoappena3pl5our26XlhfwyW9xBKN0csMqlHRgeCrKSCO4oA/LuTx9+1B8N/h38J/2hvFPxIHi uy+IOpaFba14dXTLK3s7O08R7RE2myxx/aDLaGVAPMeQS8lhgYL9I/aO+NWreCvDHwGOviP42zeP 7jwjqupJaWwcabpT/wBoXeqR2rRGALJppiC/u9paTK4IyPoTwh+xL4A8Lan4XW88W+J/EXhjwLex 6h4f8Oapfxz6XptzBu+zugWFJ5fs2f8ARxNM4jAwM16ZYfs0/DPTf2idR/adt4rn/hMNU0tdLlRn Q2aqPLU3CR7N4uGjiSJn8zHlrjaDkkA/MnU/2qv2mPHl38Q/Hvw7vPFkM3hrXL/TvDvh3SPBUmr6 Hew6ZKIymoaisDzedclWDiOVPIJBHUgesp4z/aN+N3xI+M8cnja48D+CfAekaHenw22k2klzM2se H4727sLmeeJZ4gjlwTjzA0hwV2KB9EeJf2Gfhx4g1jxU1j4r8UeH/C/jq7kv9e8M6ZqEcGkahdTY M8jIYWmj8/H74RSoHGBwBivYtB/Z88C+GtZ+I+saNJd2/wDws23sbW/t1aJbe1h07TxpsK2aLEDG BCoJDmQbumF+WgD82fgZrf7Qfwb+DX7MPjq5+IY1jwv421Lw/wCGZ/DL6ZaR2ttp2qQulrJDcov2 kzxBFZ2aTDMTwFUKcLU/2qv2mPHl38Q/Hvw7vPFkM3hrXL/TvDvh3SPBUmr6Hew6ZKIymoaisDze dclWDiOVPIJBHUgfpW37MngJ/hx8Mfhgb/Uv7K+E+o6PqelS+bD9omm0QFbdbpvJ2OjZ/eCNIyf4 Stea+Jf2Gfhx4g1jxU1j4r8UeH/C/jq7kv8AXvDOmahHBpGoXU2DPIyGFpo/Px++EUqBxgcAYoA+ XPjF+0P8V9Z8SeIY/DnxD1vwtqOl6HpuoWnhbwr4WbW73Tru4shcyr4huLqzaO3Ic7fKEqbYxukA bg9t4C+N3xx/aQ1P4T/D3w/4t/4V9cax8PofGuvarYWNtdXN1PLcrZR29sl4ksMSearyyHaxwVQY Byffte/Yt8A6n4j8R6p4f8UeI/COieM0gTXdB0W8htNN1BbeBbVVI8hp4Q8K7JPIljLjuKbH+xZ4 F0vwx4D0fwh4s8SeGta+Heny6Tpuv2FzbJqcmnTvve1ut1s1tNFkAqGg+VlDAhskgHG/8E/rHxLp nhX4wad4y1GLV9ctviZ4jjvb2GIQR3M6i2DzLEuRHvPzbBwucdq++K8O+AnwD8Jfs8eF9W8K+ENR 1PVYdb1a61q6uNXuFurp7y8WNZmMqxxlgxjDEsCxYsSxyAPcaACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKAP/0P38ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD/9H9/KKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKin87yZPs20S7Ts3527scZxzjPXFS0UAfA/wH8PfEbXviF8ffhz8Y/G974hvDJoIa50ySfSY7Nb ywMzRacsMpktkQkKGWTzHxvdixJqn+yl4IuNQ+LXxA+JuheKvE174E0W5n8K6NY6tr2oatBfXNjI BqOpkXk0q4E6m2g2cBY5G5LjH2D4a+GuheFvHfjH4hafPcyaj43ewe9jlZDBGdOt/s0XkqqKy5Tl 9zNk9MDimfCT4YaB8Gvh5o/w18MT3N1p2jLKI5rxke5laeV55JJWjSNC7ySMxKoo56UAejUUUUAf /9L9/KKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooA//Z --0000000000009a16c205b58be0bf-- From nobody Thu Dec 3 01:43:17 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 49D303A0DE4 for ; Thu, 3 Dec 2020 01:43:15 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.096 X-Spam-Level: X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_IMAGE_RATIO_06=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P9LnJg5h87gC for ; Thu, 3 Dec 2020 01:43:13 -0800 (PST) Received: from mail-yb1-xb29.google.com (mail-yb1-xb29.google.com [IPv6:2607:f8b0:4864:20::b29]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 251373A0DE1 for ; Thu, 3 Dec 2020 01:43:13 -0800 (PST) Received: by mail-yb1-xb29.google.com with SMTP id x2so1423270ybt.11 for ; Thu, 03 Dec 2020 01:43:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=+0C+8/oUgX9JQmxjdxZAmeWhnf4tDKDby7G8cKU3mdQ=; b=Ij19PPNNFdAL+mS0YaAAx9MnwL7FzBEGuneckeIzFUifPB39w0QPaD+VLws4ZvEB9K pOxAxQJE+4fJFw1sPkiCl/BEWMCrZ8/iEatF5hbnzXf5BL3Ms8JnT7xv4+xaL+jILnAv pywv2bdbwD3iJPch/6fwZ4W702qpi62cXi3gmSpMRQI9bV4Z0krUzOeEeZYgUlRV+ffY /qIv40T3ZiQ+TsOJw0PPhhlrD6CBl6RZnNpS3maMep8Lipyb3Elb6uLizyoP3jAfJ5OL Iku658BKVc+bwJP3YFRuzZbQmOzomN6bAhGA+EgM5Uv4iYVK56Q9XsQylF3pAeaMrib0 dHzg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=+0C+8/oUgX9JQmxjdxZAmeWhnf4tDKDby7G8cKU3mdQ=; b=AI/pMtOFut+qOiFVbK8QpGdxi7YE3btQm41T8ljzFpPJjg6scUKlcB+09/Z9bbzvyU f62ilTACEfwdcO9qr2c+MkGa6Gs8Gw8KIHRcz2N+KK64D1FBrzfUaHNhAmWkveZM4c0U 6ua60VIaPBBQD2LtC+5kXYnh9wLGmSOKtckzO7QyF9YdQSrFL0yUtqL4entEmnR9a1KA D9VPgALaBS4pMyBWGwOmRcFxBgx7ueyxtd+YTd9nuF8wHIZY0nMlOuM9shraoLK6GXzn k4rJk9Y8YHAzUmnvnXVruYvYc5EVflUZTl/Uro7hDRXOEJCVrDIhTMfMtF1kY2apyaWN 0xLg== X-Gm-Message-State: AOAM5319AALMMu78Ne5IPBbuMWEZLjh4XbQBbltSt5iJoKZQjTfHwK52 OjLKHQy4QEVKKEm47rhvsC4Wf0NannDVAnIPjg== X-Google-Smtp-Source: ABdhPJxTgVieDnoLAYAopYaHZ0keRrVsGVg11Vy+SlkCG62J/cN1EEnl1gkmKyMifS4AuuK0EekMlTiNa9GuR9dplNE= X-Received: by 2002:a25:74d6:: with SMTP id p205mr3336225ybc.254.1606988591681; Thu, 03 Dec 2020 01:43:11 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: From: Filip Skokan Date: Thu, 3 Dec 2020 10:42:35 +0100 Message-ID: To: Brian Campbell Cc: oauth Content-Type: multipart/related; boundary="0000000000002ab1cc05b58c30d3" Archived-At: Subject: Re: [OAUTH-WG] DPoP followup II: confirmation style X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Dec 2020 09:43:15 -0000 --0000000000002ab1cc05b58c30d3 Content-Type: multipart/alternative; boundary="0000000000002ab1cb05b58c30d2" --0000000000002ab1cb05b58c30d2 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hi Brian, everyone, implementers always have many ways to mess up if they don't follow the normative requirements and verification steps we spell out for them in the document - in dpop's case they could e.g. accept HMAC signed tokens with an `oct` key. Pushing the JWK in a JWT Access Token will also increase its size, in case of RSA keys by a lot, we could say we recommend to use ES* or EdDSA keys when JWT AT size is a concern but then EdDSA is not available in Web Cryptography API and the available ES curves have some negative energy around them so it would feel weird recommending them, better to stick our head in the sand for this one. I'm in favour of leaving the confirmation style as-is. Best, *Filip* On Wed, 2 Dec 2020 at 23:29, Brian Campbell wrote: > There were a few items discussed somewhat during the recent interim > > that I committed to bringing back to the list. The slide below (also > available with some typos and omitted words as slide #18 from the interim > presentation > ) > is the second one. To summarize (by basically repeating the content of th= e > slide): It=E2=80=99s been suggested that, for resource access, having the= JWK in > the header of the DPoP proof JWT makes it too easy to just use that key t= o > validate the signature and miss checking the binding to the AT=E2=80=99s = cnf/jkt > hash, which undermines the value of doing the binding in the first place. > As I see it, there are two options here and I'd like to gauge WG consensu= s > on which to move forward with. > > 1. It=E2=80=99s fine as is (AS/RS symmetry is nice, it's the same way > confirmation works in MTLS/TB, and the binding check is kinda fundamen= tal > to the whole thing so it's not unreasonable to expect implementers to = do it) > 2. For resource access, put the full JWK in the AT=E2=80=99s confirmat= ion and > omit it from the proof (less error prone, no hash function needed for > confirmation, somewhat less data overall between the two artifacts) > > > > [image: Slide18.jpg] > > > > > *CONFIDENTIALITY NOTICE: This email may contain confidential and > privileged material for the sole use of the intended recipient(s). Any > review, use, distribution or disclosure by others is strictly prohibited. > If you have received this communication in error, please notify the sende= r > immediately by e-mail and delete the message and any file attachments fro= m > your computer. Thank you.*_______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > --0000000000002ab1cb05b58c30d2 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hi Brian, everyone,

implemen= ters always have many ways to mess up if they don't follow the normativ= e requirements and verification steps we spell out for them in the document= - in dpop's case they could e.g. accept HMAC signed tokens with an `oc= t` key.

Pushing the JWK in a JWT Access Token will= also increase its size, in case of RSA keys by a lot, we could say we reco= mmend to use ES* or EdDSA keys when JWT AT size is a concern but then EdDSA= is not available in Web Cryptography API and the available ES curves=C2=A0= have some negati= ve energy around them so it would feel weird recommending them, better = to stick our head in the sand for this one.

I'= m in favour of leaving the confirmation style as-is.

Best,
Filip=


On Wed, 2 Dec 2020 at 23:29, Brian Campbell <bcampbe= ll=3D40pingidentity.com@dmarc.ietf.org> wrote:
There were a few it= ems discussed somewhat during the recent interi= m that I committed to bringing back to the list. The slide below (also = available with some typos and omitted words as slide #18 from the interim prese= ntation) is the second one. To summarize (by basically repeating the co= ntent of the slide): It=E2=80=99s been suggested that, for resource access,= having the JWK in the header of the DPoP proof JWT makes it too easy to ju= st use that key to validate the signature and miss checking the binding to = the AT=E2=80=99s cnf/jkt hash, which undermines the value of doing the bind= ing in the first place. As I see it, there are two options here and I'd= like to gauge WG consensus on which to move forward with.
<= ol>
  • It=E2=80=99s fine as is (AS/RS symmetry is nice, it's the same w= ay confirmation works in MTLS/TB, and the binding check is kinda fundamenta= l to the whole thing so it's not unreasonable to expect implementers to= do it)
  • For resource access, put the full JWK in the AT=E2=80=99s c= onfirmation and omit it from the proof (less error prone, no hash function = needed for confirmation, somewhat less data overall between the two artifac= ts)


    • 3D"Slide18.jpg"




    <= span style=3D"margin:0px;padding:0px;border:0px;outline:0px;vertical-align:= baseline;background:transparent;font-family:proxima-nova-zendesk,system-ui,= -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ub= untu,Cantarell,"Helvetica Neue",Arial,sans-serif;font-weight:600"= >CONFIDENTIALITY NOTICE: This email may contain confidenti= al and privileged material for the sole use of the intended recipient(s). A= ny review, use, distribution or disclosure by others is strictly prohibited= .=C2=A0 If you have received this communication in error, please notify the= sender immediately by e-mail and delete the message and any file attachmen= ts from your computer. Thank you.________________________= _______________________
    OAuth mailing list
    OAuth@ietf.org
    https://www.ietf.org/mailman/listinfo/oauth
    --0000000000002ab1cb05b58c30d2-- --0000000000002ab1cc05b58c30d3 Content-Type: image/jpeg; name="Slide18.jpg" Content-Disposition: inline; filename="Slide18.jpg" Content-Transfer-Encoding: base64 Content-ID: X-Attachment-Id: ii_ki7yqg3z1 /9j/4AAQSkZJRgABAQAAZABkAAD/4QCARXhpZgAATU0AKgAAAAgABAEaAAUAAAABAAAAPgEbAAUA AAABAAAARgEoAAMAAAABAAIAAIdpAAQAAAABAAAATgAAAAAAAABkAAAAAQAAAGQAAAABAAOgAQAD AAAAAQABAACgAgAEAAAAAQAAA+igAwAEAAAAAQAAAjMAAAAA/+0AOFBob3Rvc2hvcCAzLjAAOEJJ TQQEAAAAAAAAOEJJTQQlAAAAAAAQ1B2M2Y8AsgTpgAmY7PhCfv/AABEIAjMD6AMBIgACEQEDEQH/ xAAfAAABBQEBAQEBAQAAAAAAAAAAAQIDBAUGBwgJCgv/xAC1EAACAQMDAgQDBQUEBAAAAX0BAgMA BBEFEiExQQYTUWEHInEUMoGRoQgjQrHBFVLR8CQzYnKCCQoWFxgZGiUmJygpKjQ1Njc4OTpDREVG R0hJSlNUVVZXWFlaY2RlZmdoaWpzdHV2d3h5eoOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0 tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4eLj5OXm5+jp6vHy8/T19vf4+fr/xAAfAQADAQEBAQEB AQEBAAAAAAAAAQIDBAUGBwgJCgv/xAC1EQACAQIEBAMEBwUEBAABAncAAQIDEQQFITEGEkFRB2Fx EyIygQgUQpGhscEJIzNS8BVictEKFiQ04SXxFxgZGiYnKCkqNTY3ODk6Q0RFRkdISUpTVFVWV1hZ WmNkZWZnaGlqc3R1dnd4eXqCg4SFhoeIiYqSk5SVlpeYmZqio6Slpqeoqaqys7S1tre4ubrCw8TF xsfIycrS09TV1tfY2dri4+Tl5ufo6ery8/T19vf4+fr/2wBDAAICAgICAgMCAgMFAwMDBQYFBQUF BggGBgYGBggKCAgICAgICgoKCgoKCgoMDAwMDAwODg4ODg8PDw8PDw8PDw//2wBDAQICAgQEBAcE BAcQCwkLEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBD/ 3QAEAD//2gAMAwEAAhEDEQA/AP38ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACvB/2Wbu6v /wBmP4Q319M9zc3Pg/QJJZZGLvI76fAWZmOSWJOSTyTXvFeAfsnf8ms/Bv8A7Ezw9/6boKAPf6KK KACiiigAooooAKKKKACiq91dW9jbSXd3IsUMKlndjgKB1JNRadqVhq9lFqOmTpc2043JIhyrD6ig C7RRWU+uaRHqyaE93Gt/IhkWEsN5UdSBQBq0UVS1DUbHSbKXUNSnS3toF3PI5wqgepNAF2iq9pd2 1/bR3lnIs0MyhkdTkEHoQasUAFFFFABRRRQAUUUUAFFFFAH/0P38ooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACvAP2Tv+TWfg3/ANiZ4e/9N0Fe/wBeAfsnf8ms/Bv/ALEzw9/6boKAPf6KKKAC iiigAor598Q/tNfBqyXUNM8L+MNG8S+IbFnifTNP1G3urmKWMlWE8ULs8YRhhtwBB46180+Gfjd4 u0bxhP4l1GZr2C/YC5tycIUHQIOilB90j8eM0WA/RikYhVLHoOawNF8UaH4g0KPxJpt0rWDoXZ2I Xy9oywf+6V75/lXxT8X/AI2X3ie//sfwrO9tpdpIG81CUeeRDkN6hQRlR+J7YAIPjN8Y7jxhdSeH 9BdodGhbDNyrXDDuR1C+g/Osb4RfFu98A340/UC1xotw37yPqYif40/qO/1rwe5u5obiS6vJC8Uz F2duqsTkk+38q4e/1m48WXT6B4VuALSPi8v4mDKgP/LKFhkGQjqR90e9AH6x/EX4vaJ4Q8M2+q6X It/c6ohayCnKMMDLsfRcjI654r4BufFWv3WvnxPNeSf2kZPMEoOCCOmPQD09K53zr+DQbTw9aTuL KwO6CJiWUEqFPXnkDn8+tRWTS6pMbOyKRzRqZJ3lOI7WJfvSynsg7Dq54HOSOXHY6lhqMq9eXLGO rb/r/hzSlSlOShBXbPvfwL+0P4d1XSY4fExkt9TtgPtJijZ41iwf9IcrnamRg98ngEBiPnr4t/F+ 7+IF4bHS2MOhwHMSg8zHtI+P0HavG11Ge3EcPhy5msbWB/NSbhZ7qbG3zpxjBUjhYiCgT5SMHAjm WGaC41WwiW3+zjzL6zTO2AE4NzBnJMBP3l5MRODkEM3yeH4mxMKkamPo+zo1HaD6xeyVRbR5unRP 3Za2O+eCg01SleS38/Tvb/go97+D3xnfwPKNG8RzbtCckmRj/wAex6lv9zuR2619seGPGeheLUnO kyOHt25SVDHIUP3JArc7HHKnr2IByB+WEaiwWDUb6ESXkoWWys5R8qL/AA3Vyp7Z5iiPJPzN229V 4O+IGueD9Wj1G5v5p4i5dp5MySQO5y7YHLQuf9ZGOn3kAbIaa3FGInN18HR58PDSUl8Uu7pr7Sj1 /m1UbtakcDBJRqStN7LovXtf8Op+qFFedaD8S/D2qeGp/EF9PHZixjV7lSwYKGGVZCPvpJ1Rh97p 1r468Z/HTxRrfiqDWNCmewsNNcm2h/vjoWlHcsOMdAOB3J+wweLpYilGvQlzRkrprZo8+pTlCTjJ WaP0Kor588PftN/Bq8TT9N8VeMNG8M+IL5kiTTdR1G3tbmWVyFXyI5pFeQOxwu0E5469foOuggKK KKACiiigD//R/fyiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiuf8V+KvD/gfw1qfjDxXfR6bo+jwSXN1cSnCRxRjLHjknsAMknAAJIFVGLbstxpX0Ogor+cf 9oj/AIKnfF3xvrV3o/wPf/hC/DMTskVyYo5dTuk6b3aQOkIPULGNy95DXxW37Vf7ULT/ANpH4qeK c5xkatdiLPXGwSbPwxX3mE8PMXUgpVJKN+m7+Z7FLJKsleTSP7DKK/nJ/Zw/4Kk/FnwTr1nonxzn /wCEx8Lzusct2Ykj1KzUkDzFaMKs6ryWR1Lt2cYwf6ItE1rSfEmjWPiHQbuO/wBN1KCO5triFg0c sMqhkdWHUMpBFfOZ1kGIwE1GstHs1szhxeCnRdpGpRRRXiHIFFFFABRRRQAUUV5J8ePilB8Ffg94 s+KU1uLw+HrF54oGJVZZ2IjhRiOQrSMoJHQE1pRpSqTUIbt2XzKjFyaSPW6K/kt1j9rf9sX4zeMk g0bxt4hk1XU5SLXTPD0s9qCeWEcNvZFWfaPXcxAyxPJr7w+EPxD/AGyfB37MHx18Z/FXW/Eulan4 ctdMTRW1yCRLqOaa4IuJI2u4/MYBCi8kj5uxwa+0xnA9ahBOdWPM2lbXq0v1PVq5RKCV5K+n4n7x UV/Pn+wH+1X+0L8Uv2nPD3gz4geN73W9Fu7bUHltZhFsdorWR0J2op+VgCOa/oMr5/O8lqYCsqNR ptq+nz/yOLF4WVGXLJhRRRXjnKFFFFABRRRQAUUUUAFFFFABRVW+vbXTbK41G9k8q3tY3lkcgnai AsxwMngDtX49+If+Cosfjj43eCfhd8DNIC6FrHiDTNPvdX1KM+bcW9xdxxSC2t8jygyscPIS2D9x CM16eW5RiMW5exjdR1b6I6KGGnUvyrY/Y6iiv5WZ/wBt/wDat/4WJJpf/Cx9RFp/aph8sLAF8vz9 u3/VdMcV2ZFw9Vx/P7KSXLbe/W/+Rrg8DKtflex/VNRRRXgHEFFFFABRRRQAUUUUAFFFFABRX80f 7VH7Y/7TXgr9or4g+E/Cvj+/03SNJ1a4t7W2iWHZFEhwqjMZPHuc14D/AMN3ftc/9FN1L8oP/jVf fYfw+xVSnGoqkdUn16/I9mGS1JJSutT+tqiv5PNJ/wCCg/7YOkXUd1F8Rbm52MCY7m2tJ0YDsweE 8Hvgg+h71+zn7C37eSftLy3fw/8AiDaW+k+OrGJriL7Krpa39smA7xq7OUlQnLpuIIO5eAwXz824 LxeEpOtK0ore19PvRjicqq048z1R+k9FfBX/AAUb+KXj/wCEP7PKeK/htrU2g6s+s2VsbmAIX8mR JWZfnVhglR2zxXyH/wAEx/2jfjd8Zvix4q0L4n+LbvxDYWOiG5hhuBGFSb7TCm8bEU52sR+NcGH4 eq1MFLHKS5Y9Nb/1qYwwUpUnWT0R+2NFFFeAcQUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAF FFFABRRRQAUUUUAFFFFABRRRQAUUUUAFeAfsnf8AJrPwb/7Ezw9/6boK9/rwD9k7/k1n4N/9iZ4e /wDTdBQB7/RRRQAUUUUAfhtbf8E/viD8IPjd43+LUN5D4i0HXp7y75sbWWSEXc7TnMVwLgEJnBZV BwM8Dit3VYtH0Swl1LUjZQwQjknSNKySeAoAs8kk8ADkmv2rIBGDyDXzzf8A7NHw61P4h2fjy/ha aKxLTRac2Psi3J/5a7O+OwPAPTjivDx/DOX4qp7XEUIyl3auzqpY6tTXLCTSPifwB8DPi5rWgv47 1XQdKXRbhS8GmLYWtnrAgI4nintoYwko+8EPUfLznnn7u1k06VIppRPBMGMFxt2CVV4YMp+5InSR D909PlINfr8AAAAMAV8xfGf4OXGqQXniXwVpdvqd7N+8udKuGMcF3Mo+SZWHMcgPDkffTcDyefFr 5FPLpfWcop6fap3spLvG+kZrvtJaPo10wxSrLkxD9JdvXuvyPh6KO3S3i1TU4fPhnybOzY4+1lT/ AKyTutuh6nq5+UdeZSg1RpruztorbUwGlurS2Qxw3Kj71xbISxVh/wAtI8k/xAnu/UNN8S2F4z+M bWS11i4RHnWRduMDAWMDgRr0RV4A9TknmNe1m30O2iumMhu/MUWiW/8Ax8PcfwCLr82fwx14JBx/ 1axlT/b51bYrpZvkiv8An3brF/albmb95Wskq+u01+6Uf3f4vzv37LbobVssupSpbacUeR0Mhdji KKJfvSyt/Ci9z1JwoBJArP1lLq7gt7Lw1dtBp8E6z3BljXdqjqMBps5KRr/yxRT8vU5JJPZSeDfj M2jf2l4t8GxaDpssUVxfNaPuNzd5b55U6rGq4OwfKrlzjnJ5/r0rrwOXYnG1Y4vMocqg/dp3uk19 uTWjf8q2itfiemdWtClF06Lvfd/ou3n39N4ILhZ0LDhl4ZT1B9DXHJr+t6r4jtz4Luzp6aPNvm1J VDneODBEGyrZHEhIIx8vXp6Z8M/Ak/xu8San4f0hp7XSrKB47zU4uEEzDCwo38Tf3iOgzg5qre+F JfBF1J4WmtPsJ08+WIwMDA6MPUN1z3r6vE4anWpypVYqUWrNPVNPozghNxalF2aOZ05tWtpJv+Ei vf7RvLqV5Gu2UI0pY8BwOAQOBjjA49KNZ1n+zBBa2sD32pXziK0tIhmWeU9FA9PU9BTde1WGxjgs kt3vr6/cQ2tpCN0s8rHACgdMdz2r9Afgp+zxofge8h8e+IEa88UXVtEuJiHWyyMtHEOgOerdSfwp 0aMKcFTpq0UrJLZJdEEpNu73Pm7TP2Vvjc3hWzuNY13TbxsyXB0ifT7ScWol+Yw281xDJt55IPGc 9M14ze+Hk02ae31CC0tpbYssqyaPpSlCvUNmz4xX7LV4X8VfgD4N+LE9vcaw0tmwdPtX2c7PtUKH PlyfljI5xwcjFfP1uDsqqTdSeGg23d+6tW92dccyrpWU395+Imu/scfEj9p74h6R8TPh4YtP0bw9 LAiXRtLazSeSGUSFohbpCGAI+8VJ/Cv6GPD9ne6fodhY6jL591bwRpLJjG51UAn8TUmjaNpfh7S7 bRdFtks7GzQRxRRjaqqvQAVp17uEwlKhTVGjFRitktkctSpKbcpO7CiiiuggKKKKAP/S/fyiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACvxm/4K/8AxYv9H8He Dvg7pc/lx+IZptS1FVOC0NkVW3jb1RpXZ8f3olNfszX87f8AwWE+0/8AC+PBwb/j3/4RqPZ/v/bL nf8Aptr6zgmhGpmNPm6Xf3I9LKYJ11c5T/gmb+yz4R+OvjTXfHfxJsV1Pw54P+zpDYyf6m7vpyzL 5oH344kTLIeGLLnK7lP9GN14V8MXugyeFbzSLOfRZozE9i9vG1q0Z4KGErsK+2MV+Vf/AAR6ktT8 D/GkSY+0L4iJf12Gzg2fqGr9cqrjTHVamYTjJ6R0S7aIM1rSlWab2PwK+OP/AASp+IWufGvVZfgi NN0nwJqIjuoG1C6ZVtJJM+dbokaSSlUYEx/LgKyruJBNfrb+yv8AB/xZ8Bvgrovws8X6/D4judGa YQ3EMTRLHBK5kWH52ZnCMzAMdvy4XaAOfoivP/ix42Hw1+F/i74hGNZj4a0m+1FY2OBI9rA8qoT/ ALTKF/GuLG8QYvG04YWo00rW01b21ZlVxtWrFU5Hxv8AtX/8FCvhv+zbqkngfR7BvF/jSNQ01lFL 5FvZB1DJ9pn2v85BDCNFJxyxTK5/NWf/AIK/ftENe+bbeF/C8dqP+WTW967Y93F2vP8AwHHtX58+ BPDXif4//GfR/DN5qDTa3441dI7i9ny7eZdy5mnfudoLOR3xiv6bdJ/YA/ZP0vwOvgaTwJaXyeT5 UmoXBZtSdyMGX7UpV1ck5wm1QeAoAAr7XGYHKsqhCniabqTlu/6a+R61WjhsMlGpG7Z4j+yt/wAF LfAfx08QWfw9+IGljwb4qv2EVmwm86wvZTwIkkYK0UrHhEfIY8ByxCn9CPiJ4ln8F/D/AMTeMbWF bibQtMvb9InJCyNawPKFYjkAlcHFfyN/tKfCCf8AZ5+O3if4Y2149xDodzHJY3JOJWtriNLi3Zio X94qOocgAbwccYr+jfwH8TdR+MP7AVx8Q9ZkM2pal4N1aO7kPWW5s7e4tZpD7vJEzfjXkcScPYej 7HFYX+HNrT11Vuuq+78ubHYKEeSpT+Fnwn8Nf+CvWp6v40sLH4m+E7DRfDTLcPd3dnJPNcII4HeN Y4zwzSSKqAHAy3JA5Hn/AI8/4LCfFW71qb/hWng3R9N0dXIi/tX7ReXTqDwzmCaBELDqoDY6Bj1r 8uvhN4Hb4mfFDwj8OxMbceJdWstOaVQCYkupljZwDwdqsWx7V/Ub4j/Ya/Zo1D4U3nw20vwHplif sUkNtqKW0f8AacU+whJ/thUzM4bDHcxB6EFeK97OsLk+X1oe0o3cunRLvq9/8vv7MXTwtCS5obnz J+x//wAFLIPjr43svhX8UdBt/D/iHVdy2F5Yu/2K4mRS/ktHKWeJ2CnYfMcMfl4JG7w//gpZ+194 n0zVfGn7KcWg2jaRf2umu2omSQXK7jDeEBPufeXb9D61+Q/wYv7jSvjD4F1O0cxz2mu6ZKjDghku o2BH4iv6Hv8AgpB8GPhXefs9eP8A4vXPhmzfxnbQ6aseq7CLlQL22hxuB/55sU/3eKjG5XgsDmlB qn7s9l2lzKz32Jq4elRxEHbR/nc/Ar9nP46ar+zn8UrH4p6LpNtrN5YwXECQXTOqf6RGYywZOQQC f1Ffvt4X/bI1r4hfsTeMP2jNc8I6bLd6JcS2x0qRnms7hY5YFBfeCf8AlrnHPIFfj1/wTv8Ah54J +KH7SuneE/iBo9vrujy6dfyta3K7oy8ceUYjjkHpX7ZftefDbwJ8K/2IPiX4X+HeiW+gaSbeOf7N artj82S6gDPg55IUZ+lXxdUws8bRoTp3qNx1/u323KzKVN1Ywa1utfK58ufsbftwj41/HrR/h4fh d4d8Mfb7e9k+3adFsuI/IgeXAOwcNt2nnoa+mv26v2xvFH7Jf/CEf8I34fs9d/4Sr+0vN+1ySR+V 9h+zbdvl9d3nnOfQV+Of/BMT/k8Pwt/156p/6Ry19jf8Fnf+aPf9zB/7j65MdkuFWd0cNye443au +0vO/RGdbC0/rcYW0a/zMnU/+CwPiM/DeOfSfBunp44nvpozHK88mnwWKRxGOVgGSSSSR2kXYrqF CbieQK9A/Z5/4KQ/Gf4neHPiRqfifwZpEo8C+G7zXRd2TXFtD5lvgRQSxyPMWMpJIKuuArHBr5F/ 4Js/so+AP2iPEnirxJ8U7R9S0DwtHaxRWSzSQLcXV2XYF3iZX2RpEcqGGS4zkAg/ql8Tv2aPhD+z z+zL8d5vhTpL6SnibQbyW5jed51X7PbSiNI2lLOEBd2wWPLHHGAFm9PKKFV4KFG82469FdrS977C xSw0JOko66Hx98OP+Cv9zfeImj+KfhC10vQo7a4kMmmvNPdPOiEwxIr4T94+FyxVRnJPFeU+Jv8A gsH8bLrWZJvB/g7w/p2lBj5cN8t1eXG30eWOe3Un6Rj8a/PH9nn4Y2/xm+Nvg74Y3s721pr+oRw3 EkePMW3UGSYpngN5attJBAOOD0r98f23v2V/gPoP7Jvie/8AB/gnS9C1LwlbQXNjeWdrHDdDy5kV 1lmUeZKHjZg3mM2SQx+YA16OY4HKMHi6dGVG7nZeS1tffr+hvXo4alUjBw1Zwfw6/wCCtnwy1L4a avrnxL0ObSvGGkhBBpliTLDqbSZAMErj9yFIzIJSdq4KGQ/KPk7Vf+CwXx5m1d7jRPCPhu00zcdl vcR3lxMF9GmW4iUkeojUe1fDH7Kvwo0343/tB+CvhhrTONN1i8ZrsRttdra0hkupkVhypeOJlDDk ZyOa/a7/AIKGfsx/BDwx+ynrHizwR4L0vw9qnhGXT5La40+1jt5njnuorR0mkjAaUFZd37wsdwBz nJMYrLspweMhhpUnKVRrrpG7svxJqUMNSqqm43cvwPoT9jb9tPwx+1do+o2Mmnf8I94u0NEkvLDz fNjkgc7RcW7kKxTdw6kZQlQSwIJ9Z/aR/aQ8BfsyeAG8b+NS9zNcSeRp+nwEfaL24xnYmeFVR8zu eFHqxVW/Bv8A4JSX09p+1bHbwsVS90PUIZADgMoMUoB9RuQH8K/Yz9rz9jrwD+0yNM8SeOfGGo+G V8MW00cJje3+wRLKwaWWRJkB3HaoLeaowo4718vnOT4PC5oqVRtUnZ6av077/gefisLSp4jll8J+ XXiP/gsH8cLu9lbwn4O8PaZZFyY0uxd3kyp2DSJNbqT6kRj6Cuy+G/8AwWG8Zx61bwfF3wTp9xpU jKss+iNNbzwqerrFcyTLKR/d3p/vV3vwzvP+Cbf7J3he98P+KfEmj/FbxJPPI816NJGpu0fRIYcC e3iVQOcTDexJJxgL+S/7Sfi/4Q+PPi7q/ir4H+HpvC/ha+ERjsZY44QkyqFlaOKJ3SNHI3BA2Bk4 AHA+xwOU5fipypRwjjC2kndX9L6/1qepRw1Go3FU2l3P6A/20/2w3+EPwa8J+NPh3YWnibSfiPFN FFNO8kai2nthIkqBcHcQ/KsBjocGv5svAHi658AeO/DnjyygS6uPDepWepRwyEhJHs5lmVGI5AYp g45xX9En7OXwy+H3xl/4J8+Bz8S9Ct9e/sXTNYlsvtO4mCSG4uoldCCCCFQD8B6V+AfwJ0XSvEnx v+Hnh3XbZbzTdV8RaTaXUD/clgnu4o5EbHZlJB+tVwlHD0aWJoRjrBtSfdJyt+A8tUIxqQS2389z +kj9hn9rvxJ+1hpfi+/8R6BaaE/huazijFpJJIJRdLKxLeZ02+Xxj1r83G/4KS7PHB0Vvgv4TbGo /ZzN5OJT++2b87Pvd8+tfuJ8Mvgp8Kvg1BqFt8LvDVr4ci1Vo3ultQwErRBghbcT90M2PrX8gM3/ ACVOT/sMn/0prxOGMFgsZXxE407QXLZXemjvs+5yZfSpVZ1Go6aWP7TZJI4Y2mmYIiAszMcAAckk noBX47fH/wD4Kz+F/CGt3fhf4F6DF4re0bY+r3sjx2LOpwwghjAkmTsJC8YPVQy4Y+/f8FOvinq3 w1/ZgvdP0KZre98ZX8GimSNirpbSpJPcYx2eOExN7SGvxc/YH/Zq0P8AaV+M76N4yZz4Y8O2jajq EUTmN7n51jitw68qHdsuRg7FYKQxBHn8MZFhXhZ5hjdYR2Xp/wAHRIxy/B0/ZutV2R9EaP8A8Fgf j7b6isuu+E/DV7Y7stDbxXltLt9Fla5lA+pRq/W/9lf9sn4ZftT6VcR+Hlk0XxNpsYkvdHunVpUj JA82GQACaHcQu4BWU43KuVzwnxs/4J6fs8fET4dX/h/wX4SsfCfiGC3c6Zf2KeQy3KqfLFxtz5sb NgPvBbHKkMAa/nI+BHxN1v4H/Gfwx8QdOke2m0PUI/tSA48y2ZvLuYWHo8RZT6deoFepSyvLs1w9 SWDp8lSP9Lraz+9HRHD0MRCTpKzR/R1+3N+114l/ZP0rwjqHhzQbTXW8STXkUi3ckkYjFssTAr5f XPmHOfSvkHSP+CvlhH8MLzWvEHhCKbxs989vZ6baTyJai1WKNhc3E8isRl2ZVRAxbbzsHzVJ/wAF lf8AkWvhb/196r/6Ltq+bP8Agl3+zd8P/jV4y8V+NPiVpkWt6b4Pjs0trC5XfbTXV4ZTvlQ8SCNY T8jAqS4JBxWOV5Vl6ymONxVO7V72bu/eaS39CMPhqP1ZVai/q5p2n/BYD9oBNVWe+8KeGZtP3fNB HDeRy7fQSm6cBvcoR7V+zH7Lf7TPhH9qT4dHxv4btZNLvbKc2mo6fM4kktbgKHGHAXfG6nKPtXPI IBUgfmD/AMFVf2c/hT4B8B+Ffin8PvDll4ZvZdVGk3UWm28drbzpPbyzo7xRKqb0MBAYAEhjuzgY wv8Agjbf3EfjP4l6WrnyJ9P0+Zl7F4pZVU/UCQ0ZpluAxOVvHYWnyNf52af53DEUKNTD+2pxtY/e +iiivzI8A/kM/bQ/5Os+KP8A2Hbr/wBCr+k/9lFvDA/Zk+FouTZiT/hG9L37/L3bvs6ZznnOetfz Yftof8nWfFH/ALDt1/6FSeGv2M/2n/GHh7TvFfhr4fX9/pOrQR3VrcI0IWWGVQyOoaQHDA5GRX7h m+VUsXgcPGrWVOyWr66eqPrsTho1KMFKVv8Ahj9vf+CkV3+zwv7PGu2/iNtIfxc/k/2GsHknURc+ auTHs/eCPZu8wn5NvB+YrX5Q/wDBMzw9rmtftgeE9Q0mNzb6Hb6leXrqMiO3azltwW9mlmjT6sDX zn8Q/wBmv49fCjSTr/xD8C6poulq6o13LAWt0ZjhQ0qbkUseBkjJ6V+gX/BMb9qH4efDLxMnwa8T eG7XTLzxjcpDD4hhZ/PnuWYi3t7sSMwEZLbIzFtUMRuQlmkrL+z3hMprU8NL2t766aXVnbV7LW2u pHsfZYaUab5rn6u/twfGo/AX4Kp45HhrT/Fe/VLW0+x6mu+3/epI2/GD8y7OOO5r5t/YI/a6H7Qv xD8ReGP+FeaH4POnaV9s+0aVHsklxPHH5b/KMr8+evUV0H/BWP8A5NYh/wCxgsP/AEXPXwv/AMEe f+S3eNP+xdP/AKVwV8pl+WUJZJVxEo+8m9bvy+R51GhB4SU2tT9YP2sv2xPAf7KegWU2s2r674j1 fcbDSYJBE7onDTSylWEUQPy52sWbhVOGK/kbqv8AwV//AGgp7ovo3hXwzZ24YkJNDeTvjsC63UYP uQo/Cv0P/bA/Ya+Fnxw8RXPxg8e/EW98Hz29pDaebdyWp0y1ghyVCrKImUFmZ2zNyzEjHSvnnwn8 Rv8AgmV+zf8ADy38CXbaX8TtYgRvt17Hoi6hcX0pJJYTTqYETskaz7VA6k5Y3klLL1houNCVao99 Hp+n6jwkaHs1aDlIw/gr/wAFebjVPElnonx08K2mm6beSLG2qaQ0oW13EAPLbTNKzRjOWKybgOis eK/aLxB4p8O+FfDV94x8Q6hFY6Lpls93cXbt+6jgjXez5GcjHTGSe2TX8ZfxS1bwRr3xE8Ra18Nt Mm0XwvfXss2n2U5HmW0Eh3LGdrOAFzgAMcDAya/oz+PWleKfHX/BM2FPD/nTanceEPD19KkYZ5JY YVtLi5HGSf3auT6gEHgmujijhzDU6mHlSXIqjSa7Xt+X3F5hgaalBxVrvU+Q/ij/AMFhdeGtT2vw a8FWn9lRZWO61xpXlm5+/wCRbyRiMei+Yx7kjoPNdA/4LBfHi1vI28S+EfDmpWYPzpbJd2krD0Ej XE6j/v2a+B/2ePi/ovwP+JNt4817wZp3jq0hhkhNhqQGxS5UiaJmSRUlXbhWZGADHjOCP0Z+Inx+ /YE/ay0rS9I8f6PqHwh1yxnWQarZadBKrRkENbvLaq7vGc5BeEbCAQcFgfocVkWDw8lT+qOUOsk7 v7t/uO6pg6UGo+yuu/8AWp+u/wCzL+014C/ah8CN4v8ABweyvbF1g1LTZyGnsp2BKgsMB0cAlHAA YAggMGUfR1fEP7HH7N37PPwg0u88dfALxPd+KrTxFAlvPeSX8V1BJ5TbwClvHGiyISRhl3ruIPU1 9vV+SZtChHETWHvydL7ryPmsSoKbUNgooorzjAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAC iiigAooooAK8A/ZO/wCTWfg3/wBiZ4e/9N0Fe/14B+yd/wAms/Bv/sTPD3/pugoA9/ooooAKKKKA CiviD9q39stf2Ydf0LQ28If8JJ/bVrJc+Z9v+x+V5b7Nu37PNuz1zkfSvo34LfEofGD4YaB8SBp3 9k/25B532XzvP8r5iuPM2R7unXaK6qmCqxpqtJe69hKSvY9SooorlGea/Ev4a6T8RNHNtcgQ38AJ trgD5kb0Pqp7ivCPgz+zGfCXiabx78RLiHV9aiYpYRRgm3s4uxUMBlz3OK8U+Pv/AAURX4G/FrXf hafAB1o6IbYfa/7V+zeb9ot47j/VfZZNu3zNv3znGeM4F79nn/goGvx6+J9j8Nx4DOh/bYppPtR1 T7Tt8pd2PL+yx5z/ALwr03k+J9n7Xl92191t95HtFex+jckUc0bQyqHRwQykZBB6givir4m/sr6l 4m1yOLwbqkej6JfSZvQc+dFGT86QY4+b3xjtX2xRXmFnIeBvA3hv4deGrTwr4WtFtLGzUKAByzd2 Y92PcmuS+Kvwr074iaYZIttvq9sp8ifHX/YfHVT+navF/wBrP9rIfsuR+FpD4W/4SYeJTej/AI/v sfk/Y/J/6YTb93nf7OMd88fG3/D2pP8AolZ/8Hf/ANw16eHyfE1YKpTjdPzX+ZDqJaM+3vgV+zdH 8PtUuPHHjieLV/FU5KROgJhs4eyQhu57tjNfV9eG/s6/GgfH74W2HxLGj/2EL6a4i+y/aPtW3yJD HnzPLiznGcbRj3r3KuCrSlCThLdFphRRX5U/Ez/gpuvw5+InibwCfhudQPh3UbrT/tP9seV532aV o9+z7G23dtzt3HHTJ61vhMDVrtqkr29P1JlJLc/Vaivgf9l/9uJP2kfHF34LHgs+HTa2jXXnnUft e7aQNuz7PFjr13fhX3xUYnC1KM+SorMaknqgooornGFFFFAH/9P9/KKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAK/G3/gr38IdR13wT4S+MukW5lTwzNLp2pFQ Sy216UaCRj2RJVKH/alWv2SrG8ReHdD8W6DqHhfxLZR6jpWqwSW11bTDdHLDKpV0YehB+vpXqZNm TwmJhiEr2/LZnRha7pVFPsfzXf8ABOD9q7wx+zx461rwt8RrhrPwr4xW3DXm0ulneW5YRySAZIid ZGV2AOCEJG0Ej+hrUvjb8HdI8Ny+MNQ8b6NHokKGQ3Yv4HiKj+6yudxPYLkk8AE1+Hn7Q/8AwSh+ I/h7WbvXP2fZo/E2gzs0kemXU6W9/ag8+WskpWKZR2Ysj9AVY/Mfje2/YS/a5ur7+z4vhlqay+sh gji/7+vII/8Ax6v0bMcsyvM6ixccQot7rT8m1Z/ej3a+Hw+Il7RTt3O4/ad/bS8e/Eb9oXUviV8J fEuq+GtH0+OPTtKNrcy2zSWtuWPmSRqVB86Rmk2ODhSFbOK/aL4Uad8bPjR+wRq8PxV1A614v8de HtVaxLQxW7+Td27rYK4hVFYuNsm7GSHAOSM18Pfsvf8ABKnxQviDTvGn7SL21pp1lIJv+EegkW5l uWTlVup4mMSR5wWWNpC4+Ulc1+7tvbwWkEdraxrDDCoREQBVRVGAqgcAAcACvH4pzbBwjSw+CSfJ b3vTZX692cuY4mklGFLW3U/jY/Z/+Idp8Ifjf4L+ImrQvJZ+HtUt57pFGZPIDbZtoP8AEELED19K /sB0vx34L1vwhH4/0rXLK58NS25ul1FZ0+y+Qoy0hlJ2qq4O7JG3BBwQa/Ij9sL/AIJh6l468V6l 8UP2fp7W3vNWla4vtDuWFvE078vJaS42KZG+Zo5NqgkkOBhB+aE37DH7YlpK2jN8ONU2swJWOSB4 C3qXSUxnp1zXtZnSwGcxp11XUJJap2+7VrbvsdWIjRxSU+ezMj9tT4t6H8bf2lPGPjvwvIZtEklh s7KXtLDZQpb+avfbKyNIuedrDPNfvH8E/BGp/D3/AIJwJ4b1iJoLw+DtavZI2BVk/tGO5vFVgeQy rMAQehGK+Lf2Tv8Aglp4js/Eth49/aTS3t7LTpFmh8PwypcvPKhBX7ZJGWiEQPJjRn39GKjIb9lv ivoWpeJfhX4x8M6FAJ9Q1XRdRs7WLcqB5p7Z4413MQq5YgZJAHc4ryuJ85wzjQwOGleMGrvppote um7OfH4qm1ClTeisfyifscqG/an+FgYZ/wCKgsT+UgNf1+V/OH+zT+wV+1h4A+P3gHxr4u8Df2fo uiava3V3cf2npsvlQxPlm2RXTu2B2VSfav6PK5uP8ZRrYim6M1JJdGn18jPOqsZTi4u+h/Fd8Lf+ SpeEf+wzYf8ApSlf08/8FF/+TM/iN/1y03/05Wtfi54C/wCCd37Yei+P/Dms6n4A8mysNTs7iaX+ 1dLYJFFOru21bsscKCcAEnsM1+7P7aHw58ZfFr9mbxr8Pfh/p/8Aamv6tHZC1tvNig8ww3sEzjzJ nSNcIjH5mGcYHOBXscU5jh6mPwk6dSLSlq000veW/Y6sxrwlWpOMk7P9UfhT/wAEs/8Ak7fSv+wV qX/oqv22/b8/5M/+Jf8A14wf+lcNfnP+wL+xp+0l8Ff2ibDx38TfCH9jaHBp99C9x/aFhcYkmj2o uy3uJH5PfbgdzX6k/teeAPFnxR/Zv8ceAfAtj/aWu6xaxR2tv5scPmOlxFIR5kzJGvyqT8zAV5nE uNo1M3o1YTTiuW7TTXxdznx9WDxUJJ6afmfgF/wTE/5PD8Lf9eeqf+kctfY3/BZ3/mj3/cwf+4+u d/YS/Yt/aX+DX7SWg+P/AIk+Dv7H0Gxtr+Oa5/tCwuNrTWzxoPLt7iSQ5ZgOFwO9fSv/AAU2/Zt+ NP7Qg+G5+EHh3+3/AOwP7Y+2/wCl2lr5X2v7H5X/AB9TRbt3lP8AdzjHOMjPr43MsO8+o1lUjyqL u7q20uux01a8HjIS5la2/wB5w3/BHKJR8M/iFOB8z6vaqfotvkfzNfoJ+13/AMmu/FX/ALFvU/8A 0Q1fMf8AwTW+APxa+AHgDxfovxb0L+wb3VdTiuLaP7VbXW+JIQhbdbSyqPm4wSD7V9f/ALRnhLxB 48+A3xA8F+FLX7brOt6JfWlnBvSLzZ5oWVE3yMqLknGWYAdyBXyGdYmnPN3VjJOPNHW+nTqeZi6k XiXJPS6P5oP+CfQB/bE+G2f+fu7/APSKev6Fv25/+TSfid/2Cj/6NSvyb/Y6/Yb/AGo/hZ+0p4I8 f+PfBX9l6DpFxcSXVz/aWnT+Wr2s0any4bl5Gy7KPlU9cnjJr9kf2rPA3ij4l/s7+O/Angqy/tHX NZ08w2lv5kcPmSb1bbvlZEXgHlmA9693irHUKmaYepTmnFct2mml7z6nZmNaEsRCUWmtPzP54P8A gmmAf2zfAhI6R6tj/wAFtzX7i/8ABRz/AJMw+I3+5pf/AKdLSvzk/Yd/Yn/ab+D/AO0z4U+IXxG8 G/2RoGmR6gLi5/tHT7jYZ7KeGMeXBcSSHLuo4U4zk4Ffqn+2r8OPGfxc/Zk8afDz4faf/aviDVls Ba23nRQeYYL+3mf95O6RriNGPzMM4wOcCjiTHUKmcYerCacVyXaaaXvPqPH1oPFQkmrafmfhj/wS v/5O00//ALBGpf8AoC17B/wVs+MPi7UPirpXwXt7uW28NaTp0F/NbIxVLq8uXciSQDAcRoqhAchT uI5PHe/sBfsbftIfBT9oez8dfE7wh/Yuhw6dewNcf2hYXOJJlARdlvcSPye+3A7mvo7/AIKFfsPe Jf2ip9M+J/wteF/Fuj2n2K4sbiQQrfWqO0kQikbCLMjO4+chWUgFl2jPpYrNcGs7hWnNOPLa900n r1/q1zapiaX1tSbVrbnx9+w7/wAE8/hf8ePhZZfF/wCJPiC8uY765uYYtL02SOERC2kMRFzIyu+5 8bwqbMIVO45wPi/9t3wR8Ifht+0Dq/gH4LW622iaFb2ttcKlxLdD7cE3T5kldzuUsFcA4VgVwCCK 9B8G/sp/8FBvCMt34T8D6D4k8OQao226js9UWxs5+NuZnjuEhcYOMsTxxXaeOv8Aglj+074d0vQb vwzZ2vi/UdSimk1KC0u7a2TT5FZfLQy3k0Pnl1YklFwrKRyNrN7dDG06WNlWr4xOMr8sbqy66620 2Te/qdcKsY1XKdVNPZH6xfsSgP8A8E/PDSx850nXB+P2y8/rX86X7PF1b2Px/wDhne3ciwwW/ifR pJHc7VVEvYixJPAAAyTX9JX7A/w3+Lnwy/Z5Hwp+N3h0aJcaTfXkdnF9qtroTWF2fPJLWssoB86S UEEg4wa/Fn4w/wDBN39pXwF4w1Ky8HeGJfFvhzznNjfWEsUjPAxJRZYWZZUkVcB/k25+6zDmvE4e x2GjisbSnUS522ndWad9nt1RyYKtBVKsXJav/M/qFS4t5JpLeOVWlhCl0DAsob7u4dRnBxnrX8Ws 3/JU5P8AsMn/ANKa/ez/AIJhfAX45/BQeP7z4t+H5dDtPEg01rX7RPDJM8lobgOTHG7sgxKOXxnH FfnRL/wTu/bDb4gPrI8Af6EdUNx5v9q6XjyvP37tv2rd93nGM+2ay4VeGwOIxNGVeLVo2d0r6O9t el7Cy72dGdSLmump+oH/AAVk8H6j4i/ZjtNe06IyL4Y12zvLoj+C2mimtS2P+us0Y+ma/NP/AIJf fGzwj8JfjrqGjeN72LS9P8Y2H2GK8ndY4YruKRZIlkdsBVkG5AScbyoPXI/pJ8UeGNA8a+HNS8Je KbKPUdI1eCS2ureUZSWKUbWU9xweCOQeQQQK/no+Pf8AwSp+MXg7WbrUvgk0fjTw7I26G3kmjttS gUn7kiylIpQo6OjBm/55r34OF80wtTBVMtxUuW+z6a/qn3McvxFOVJ0Kjtc/eD4zfGPwV8DPh5qn xF8bX0VvZ2ELtBE0irLeXAUtHbwA/ekkIwAOgyxwoJH8gvgTwtrXxZ+J2ieEbCMz6l4p1SG3+UE/ NdSgO5x0VQSzHsASeBX0Ppv7B/7YniG+g0r/AIV5qMZT5Fe7mghhjXv88soUAY7H6A8V+zP7EP8A wT+0/wDZyvP+Fk/EW6t9b8eSxNFbi3Ba00yOUYcRM4DPM6kq0mAApKqMFmb1MJUweS4epKFZVKkt rW6bbN231ZvSlSwkJNS5pM8B/wCCygA8M/CwDgC71X/0XbVP/wAEa1H/AAifxPbHJvdMH5RT17N/ wUw/Z2+MX7QWh+ArT4ReH/7em0W51B7tftdra+Ws6QiM5upYg2SjfdJxjmpf+CaP7PHxh/Z+8OeO rH4u6B/YM+s3djJaJ9qtbrzEhjlDnNrLKFwWH3iCe1eV9eo/6vex51z32ur/AB323Of20PqXJfXt 8zG/4K+f8m0+HP8AsbbL/wBIL+vlb/gjj/yUX4i/9gqz/wDR7V9//wDBR34JfE749fA7RfB/wo0b +3NXs/ENtfywfaLe2220dpdxM++5kiQ4eVBgNnnOMA14B/wTU/Zc+OvwA8Z+NNX+Lnhn+wbXVtPt oLV/ttndeZJHKWYYtZpSuB3YAelGDx1FZDUoua529rq+66bhSqw+pyjfXt8z9faKKK/Ojwz+Qz9t D/k6z4o/9h26/wDQq/ow/ZX+Knww0z9mv4YafqPjDR7S6tvDumRywy6hbxyRulugZXVnBVgeCCMi vyM/ad/YN/au+IX7QPj3xv4P8D/2homtarPc2lx/aemxebE5yrbJbpHX6MoPtXhP/Dtv9tL/AKJ3 /wCVfSf/AJMr9mzClgcdg6NKeJjHlS6rtbufU140a1KEXUSt6f5n78ftA/tI/s4+G/hL4qTxZ4w0 fVoL7Tbq2Gm2t7BdXV4ZomQQxwxszHcTjcRtXOWIAzX8pfgex1fVPGvh/TPD6s2qXeoWkNoFGWNx JKqxADud5GK+y7T/AIJn/tlXMipN4IhtQTy0mq6cQPc+XcOfyFfpf+xf/wAE2Zfgv4tsviz8ZNQt dV8RaaPM07TrPMlrZzMCPOlldV82VAfkCqFRvmDMQpXHA4jLsow1T2ddVJS6Jp69Nr282TRqUMNC XLO7Z3X/AAVj/wCTWIf+xgsP/Rc9fC//AAR5/wCS3eNP+xdP/pXBX6bf8FCvg58R/jl8AY/BXwt0 j+2taXWLO6Nv9ogtv3MSSq7b7iSNOCw43ZPYV8of8E2v2Ufj58Avil4o8SfFrwv/AGFp2o6N9kgl +3WV1vm+0RSbdttPKw+VSckAe+a8TLsdRjkVWjKaUm3pdX6dNzkoVYLByi3r2Pg//gpV8YfF3j/9 pPxB4J1C7lTw94LkjsrCy3ERLJ5SNNOV4Bkkdm+bGdgVc4FfZv7KP/BM34K+OPhR4W+K3xM1u+1+ fxHZRX4s7GdbayhSYbhE7qpleRPuyEOgDBlxxmtj9v7/AIJ+ePfip4+uvjb8E4YtU1DVY4V1XSZJ kgmeaBFhWe3aUrEQY0UOjMpyu5dxYgfCfg39kv8A4KC3GnSfDDRdK8Q6F4cvWYXNpNqv2PSiHPzt JF54icHqdqMW7A171DGUq2W0qeFxKpNJc2ye2vZ7636nZCrGdCMadRRtufMP7Q+n/DvSPjf400j4 TIkfhGw1GW208RTPcRmKHCFklkZ2dWcMVYscggg4xX9NPhz43/Dj4A/sl/C3xz8S72Wy0eXw/oNn G8NtLcs00uno6LtiVtoKo3zNhc4GckA/il8Rf+CWv7UHhXWLTT/BGl2/ja0ls4Zp7y2u7Syiium3 CW3VLy4ikcJgESbFDBhwDkD9mvhb8Dda+Iv7Gmh/AP8AaQ0JtJv4NNTSriGK4gmkhSwk22VxFNA8 se9Y44n6nkFWBBIPDxXjcHWoYf8Ae88U1ezXNa29t+nUxzKrSlCHvXSevc/OzSvhb+wB+218TdV8 M/CL+3Ph94pe3kv1dI4IdPvSrASCG1kkkO5Qd5jj8kbQWA4bHzv+1B/wTf8AHH7OfgTUPifb+LdP 8R+HdMkhjm3RPZXo+0SrChWEtKj/ADONwEuQOQCAcSfEb/gmj+1V8LfEwv8A4cWq+LLK2kMtpqOl XSWt1FtPyF4ZZI5Ek7/ujIB/erm9Q/ZO/wCChPxfe207xlo3iLWYbZx5Z17VlaKHIwWX7Zc8YHXY CccAdq9nCV4U5wnQxq9lpdSab+92a/Q66c1Fpwqrl7M9H/4JN+O/EuiftE3XgWynlfQ/Eml3L3du OYhNaASQzkdmX5owf9vB7V/SRX55fsM/sNwfst22o+L/ABfqEOseONagFrJJbBvstlaFldoIi4Vp Gd1VnkKr91VVQAS36G1+ccX5hRxONlUobWSv3a6/p8jwszrwqVXKGwUUUV8weeFFFFABRRRQAUUU UAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFeAfsnf8ms/Bv/ALEzw9/6boK9/rwD9k7/AJNZ+Df/ AGJnh7/03QUAe/0UUUAFFFFAH4f/APBV3/kf/An/AGDLn/0cK/Rz9iz/AJNg8Af9eP8A7Uasn9pH 9j/wf+0rrWj634m1u+0qTRreS3jW0ERV1kfeS3mKxzn0r3b4T/DnTvhJ8PdF+HekXUt7aaJD5Mc0 4USONxbLbQBnnsK9zFY6nPB06MX7y3/EzjF8zZ6JRRRXhmh/NR+3uGb9rrxwqY3F9MAz0z/Z9t1z X11/wT40PWdK+Kd7P4yn0iV5dPxYCD7GZw+QW2+SocfL15+tfU3xn/4J/wDw7+NfxL1j4m674i1O xvdZ8jzIbcQ+UvkQRwDbuUnlYwTk9TVz4IfsF/D74GfEGz+IegeINSv7yzjljWK5EPlkSjac7FB4 r7Ctm9CWEVHm15UtutjBU3zXPuuiiivjzc8+8ffC/wCH3xJgtv8AhPNAtdc/s0Sm2+0pv8oyhd+3 03bFz9BX8z/7MHh/R/Ev7Q3gfw74is477Tr3U44p7eUbkkQ5yrD0r+p9l3qVPcYr4A+HX/BPL4Y/ Db4iaP8AEjStf1O4vtGuxdxxS+V5TuM8NhQcc9q+gyjM40aVSE29Vp+JlUhdo+3fCfg/wx4F0WLw 54P02HSdMhZ3S3gXbGrSHcxA9ycmukoorwJSbd2ahX8q/wC0gk0n7SfxGjtxulbxNqQQEAgsbp8d eOtf1UV+dPjX/gnD8N/G/wAQ9Z+I194p1a3vNa1KbUpIY1g8tJJ5TKVXKE7QTgZOcV7uQ4+nh5yl Ue6MqsG9il+xN8NPj74O8Y+INR+M+iWWn2sliiWckFlYWz+aZBuG61ijYjb2JxX6R0UV5WLxTrTd SSS9DSKtoFFFFcwwooooA//U/fyiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAK8A/ZO/5NZ+ Df8A2Jnh7/03QV7/AF4B+yd/yaz8G/8AsTPD3/pugoA9/ooooAKKKKACiiigAooooAKKKKACiiig AooooAKKKKACiiigAooooAKKKKACiiigD//V/fyiiigAooooAKKKKACivyi+Gfj3xze/8Faviz4A vPEWpT+F7DwrbT2+lSXczWEMxttIYyR2xbykcmRyWCg5ZueTn7X+J/7WP7OHwZ10eF/iZ8QNL0PW MIzWbymW4jEgBQyxxB2jDAgguBkc9OaAPoaiuL8BfEbwF8U/D0Xiz4c6/ZeJNHlZkW6sZ0njDp95 GKk7WHdTgjuK8N8R/tufsm+EvE83g7X/AIo6LbatbSNDNGJzIkUqHDJJLGrRIynhgzAggg8g0AfU 1FcJrPxQ+Hfh/wABP8UtX8R2Nv4QSGO4Oreej2ZhmZUjkEqkqVZmUAgkEkV0Gh+JNB8S+HbHxdoN 9FfaNqdrHe213E2YpbaZBIkqt3VkIYH0oA26K4P4dfFD4e/Fzw+3iv4aa/aeI9HWZ7c3VnJ5kQmj ALJu9QGBP1rxfWf22v2TPD/ieTwfq/xU0K31SGRopE+0hoo5EO1lknUGFGB4IZwQc+hoA+pKKy5d b0eHRX8Rvew/2Ulubs3QcND9nCeYZQ4yCm35sg4xzXMfDr4n/D74t+Hj4r+GmvWviPRxM9ubqzk8 yLzowCyZ9QGGfrQB3dFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQA UUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABR RRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFF FABRRRQAUUUUAFeAfsnf8ms/Bv8A7Ezw9/6boK9/rwD9k7/k1n4N/wDYmeHv/TdBQB7/AEUUUAFF FFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQB//W/fyvyk/4Kg/tOfEX 4K+HfC3gH4ZX8uh3/iwXc13qUB2XEVvbeWoigfGUaRpCWdSHUKACNxr9W6+Sv2uf2SfCX7V/g2x0 bVb99E13Q5JJdM1KOMTeUZgBLFLGSu+KTapIDKwZVIOMhvYyDEYeljKdTFK8Fv16aaeTOrBThGqn U2Pwt/ZA/bP+Ongr42+F9G8ReLNT8U+HPEmpW2n31lqd1LegLeSiLzoTMXaOSNn3/IRvxtbOeP6h 6/JD9mf/AIJbaV8IviRpvxK+JHimPxNPoE63WnWNrbNBALmI5immd2ZmMbYdUULhwCWYDB/W+vX4 xx2Dr4iMsIumrStf+u505pWpTmnSCiiivkDzD8dvhV/ymX+Mn/YoWv8A6SaNXzNruk+Iv2Qf2hvi 74y/aF/Z/wD+FyeEPHmrXF/a+JDaJqAtLOaaWQJ++hlhjJSQLJGxhOU4ZkC19+fD/wCAPxb0T/gp j8S/2g9U0LyfAHiDw5BYWOpfarZvOuUt9MRk+zrKbhcNbyjLRhfl68rny7TdN/4KCfssfFPxyvhf w3cfH/wB4pvTeaY99rojvdN3FtsObuR5FCqwRwEaNtisrISy0AJ+w/Yfst+OvDnxnuP2Q/E2s6Br Pji0lNzoOqeTCmiSypMtrNawxIxEcbzEBlmlAAVTgha+EPhvr/gf9kvwDqHwN/bQ/ZfmvbaS5uVm 8W29jDdTXKzMQjRXM6KhMQOI3hulwMHYH3Fv0C/Zs/ZH+Nt98RPjN+0D8Yo7f4W+KPinpVzo9jp3 h65DS6ULhY83vm20mzz1eGN1ZZCzPvY7d2K5T4aa/wD8FLvgR4Quvgn4g+E1t8Y/JkuU0/xHd69C UnhnYt/pX2mTzZUDMcCUxPt+ToAaAOL8Uaf8CdK/4JM/EXTv2d/Fmp+LPCccsL7tXaP7ZY3UuoWb zWrxxwwiIKT5gUqc+YWDMrKa/SX9mIgfsbfC5icAeB9Iyf8AuHR18ZfBH/gn54x8O/sV/Ev4J+Nt Rs7Dxj8UJZNReK1JNhptwgie0t8qGBVZIh5rRqRtO1dwQM3AfDey/wCCnWkfCCw/ZVj+HekaHBYW Y0RPGdxqNvIlrphBiWRIIpmMkkcPyoVQtgKWj3ZNAHyj8KPiR4h+Gn/BIPxtfeF7mSyv9b8Uz6R5 8Wd8cF4LZZ8Efd3wh489Ru45xXb/AAp8Q/ADw/8AAbSvhnrn7G3jXxLLe6dENQ1n/hHBNd3dzLGD Jc296V85FLEmEoy7Fxjvn6l/Z2/YZ8c6h+wR4v8A2YvjXY/8Itrutatd3tk4nguxDIn2eS0nJtZJ UKGSLDpu3FNw4JBrN8G+L/8AgqN8HPhxZ/A+z+EGleLtQ0OAabpXiddVtvINrCvlwySwyTRl2RQN pk8okAb0LZJAO2/4JcaZ8RZP2efFnwi+MHhzWtL0jStSuLbTINcs57GZ9Jv4tzQr5ioSocyElD8p fAIGMfoV8I/gz8M/gT4TPgf4UaImgaGbiS6Nsk00486UKHfdO8j8hRxuxxwK8B/Zd+EHx1+CXwB1 Wx+JHi+78ffErUxd6gv2++mvLa2uWixb2UL3DgCMOoLkbFLO38IU16F+y/rP7Ruu/DNr79qLQbLw 54z+3ToLWweF4fsYVPKfMFxcpuJL5/eZ4HA7gH0XRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQ AUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAB RRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFF FFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABXgH7J3/JrPwb/wCxM8Pf+m6Cvf68l+AfhLWvAHwK +HPgTxJGsOr+G/DekabeIjiRFubOzihlVXXhgHQgEcHrQB61RRRQAUUUUAFFFFABRRRQAUUUUAFF FFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAH/9f9/KKKKACiiigAooooAKKKKACiiigAorF8SahP pHh7VNVtQpmsrWeZAwypaNCwyBjjI55r86/g9+234r1L9g/Uf2rviRptje65ppv9thZM1jBcNb3H kxIpkaZlJGCxG44BIFAH6XUV+enxj/aX+J9l+z98Gfir8LpdHXW/HmqeG7fUbGU+eXXWYFaa2s49 +9pUkkU4yWWNWY9DX3nrXiLw/wCG7dbvxFqdrpcDttWS6mSBC3oGkIBPtQBsUVBa3VrfW8d3ZTJc QSjckkbB0YeoYZBFfMH7anxm8W/s+fsz+Mfi94FitZtc0H+z/s6XsbS25+1ahb2r70R42OElYjDD nB5HFAH1NRXn/gfx3pPiPQ9BF9qVmNe1LTbS9ms45kEoM8KyMRCWLhck4z2713Nzc21nBJdXkqQQ xAs8kjBVUDqSTwBQBPRWTo+vaH4itft3h/UbbU7bJXzbWZJkyOo3ISM0axr+heHbYXviDUbbTLck KJLqZIUJPbc5AzQBrUVXiu7Se1W9gmSS3dd4lVgUK9dwYcY96xrzxb4U09LSW/1qytkvztt2luY0 EzekZZhuP0zQB0NFHXkVXu7y00+2kvb+dLa3hBZ5JWCIijuzNgAfWgCxRWRo3iDQfEdsb3w9qVtq luDgyWsyTpn03ISKu219ZXrSrZ3Ec5gcxyCNwxRx1VsHgj0PNAFqiqtvfWV3JNDa3Ec0lu22VUcM Ub0YA8H2NZUfivwtNqF1pMWsWb31ipe4t1uIzLCq9TIgbcoGOSQKAN+iqy3tm1p/aCzxm12GTzQw 8vYBktu6YxznpWPYeLfCmq2ovtL1qyvLZpfIEsNzHIhlP/LMMrEbuPu9aAOhoqhqWqaZo1nJqOsX cNjaRcvNPIsUaj3ZiAPxNLp2p6brFnHqOkXcN9ayjKTQSLLGw9mUkH8DQBeorn77xZ4V0zU4tF1L WbK01CcZjtpriOOZwf7sbMGP4CvnH9sf9pY/stfB+T4h2emQ61qc95b2Nrazz+Sm+4JBlfALMkYG Sq4zwNy5zQB9XUVTh1HT7iz/ALRguopLTDN5yupjwvU7gcYGDnniqejeIvD/AIiikn8P6na6nFE2 x2tZkmVWHYlCQDx0NAGxRWNrHiLw/wCHlhfX9TtdMW5fy4jczpCJH/urvI3HnoOa+Svgr+0B42+I f7VHxw+DWtRWS+H/AIdjRzpjwROtw/2+AyS+c5kZX5Hy7VXA9aAPs6ivNvjF8SLL4QfCzxZ8Tr+A XkfhjS7zURbGUQm5a1heYQq7BsM+3aDtOOuD0r4N+NH7bHjvwz+wp4e/af8AA9ppUfiXWm00zWcw e6trb7azb4yFkjfcoAwSR647UAfp3RWNH4j8PS6u/h+LVLV9UiXe9os6G4VfUxg7gPfFaN1d2tjb yXd9MlvBEMvJIwRFHqWOAKALFFYeh+KPDXieKWfw1q1pq0cDbZGtJ451RvRjGxAPsa+Zfh3+1Da+ P/2n/iR8AIrK1tLLwFZ6a8V99pEkmoXF9GszhEGFVY1YLgFiWBJI6AA+tqKK8X/aG+LkHwM+DHi/ 4otFFd3Xh/Tri6tbWaTy1uLhF/dxkjnBYjdt5xmgD2iivh/9ivxv+038UPCA+KHx21bwzcaL4n0+ y1DR7DQo5VubNblTKVuzJkLmMoVXe5BJ3HivsPSvFPhnXrie00PV7PUZ7U4mjtriOZ4z6OEYlfxo A3aKzL7WtG0zzRqV/b2nkRGeTzZUj2Qg4MjbiMIDxuPFW7S8tNQtYr2wnS5t51DxyxMHR1PQqy5B B9RQBYorFv8AxJ4d0pJ5NU1S1s1tSgmM06RiMyfcDliNpb+HPXtVrUNX0rSbFtU1W9hs7NAGaeaR Y4gD0JdiFA/GgDQoqjp2p6brFnHqOkXcN9ayjKTQSLLGw9mUkH8DWbfeLPCumanFoupazZWmoTjM dtNcRxzOD/djZgx/AUAdBRQTjk1haV4p8M69cT2mh6vZ6jPanE0dtcRzPGfRwjEr+NAG7RVU31kL wacbiMXTJ5gh3jzCmcbtuc4z3xih76yju0sHuI1upFLJEXAkZR1IXOSB60AWqKxH8TeG45ba3k1a 0WW8laGBDPGGllTlkQbssw7gZIqTWfEGg+HbdLvxBqVtpkEjBFkupkhRnPRQzkAk+lAGvRUcUsU8 STwOJI5AGVlOVZTyCCOCCKx7HxR4a1TUJ9I03VrS7vrX/XW8M8cksf8AvopLL+IoA3KKKz9T1bS9 FtH1DWbyGwtY/vS3EixRr9WcgD86ANCisrR9d0TxFZDUvD+oW+p2jEqJrWVJoyR1G9CRn8ai1jxH 4e8OrC/iDVLXTFuG2RG6nSESP/dXeRk+woA2qKQEMAynIPIIrF07xL4c1i9udN0nVbS9u7I4nhgn jkkiPo6qSV/ECgDborJ1jX9C8O2wvfEGo22mW5IUSXUyQoSe25yBmtC3ube7gS6tJVmhlAZHRgys D0II4IoAmorn7bxZ4VvNWl0C01myn1ODIktUuI2nTHXdGG3Dp3FX9V1fSdDsn1LW72DT7SP701xI sUa59WcgD86ANGiqGmarpetWaaho95DfWsn3ZYJFljb6MpINX6ACivlr9tT4zeLf2fP2ZvGXxe8C xWs2uaD/AGf9nS9jaW3P2rULe1feiPGxwkrEYYc4PI4r2PwT480nX9C8O/2lqdkmvatptpeyWazI suZoVkYpCWL7ctx1470AehUVFPPBawvcXMixRRgszuQqqB1JJ4ArF0TxZ4W8StMnhzWbLVWtjiUW lxHOYz6N5bHb+NAG/RVS01Cwv/M+w3Mdx5LFH8t1fYw6q2CcH2Neb/F3X/GWm/D3xM3wnk0248b2 VmZbC31GVUtxMSNpn+dCqEHqWUdOaAPU6K4XwDrGvz+B/CcnxEksrbxZqOmWkmoQ2sim3a/8hGuh bfM2+NZC20hm+XByetdDpfiPw9rc1xbaLqlrfzWbbJ0t50laJvRwhJU+xoA2aKyNZ8QaD4ctlvfE OpW2l27sEWS6mSBC56KGcgZPpVmDU9Nuphb2t3FNKYxKESRWby26PgHO09j0oAvUV5t8YviRZfCD 4WeLPidfwC8j8MaXeaiLYyiE3LWsLzCFXYNhn27Qdpx1welfBvxo/bY8d+Gf2FPD37T/AIHtNKj8 S602mmazmD3VtbfbWbfGQskb7lAGCSPXHagD9O6Kxo/Efh6XV38PxapavqkS73tFnQ3Cr6mMHcB7 4rSubm2s4JLq8lSCGIFnkkYKqgdSSeAKAJ6KydH17Q/EVr9u8P6jbanbZK+bazJMmR1G5CRmtagA orzD42+MdV+HfwY8ffEDQVifU/DPh/VdUtVnUvEZ7K0knjEiqVJQsg3AMCR3HWvzhh/be+M+n/Dj 9l74q69aaQNA+LGryaR4nkS2lT7NJLdeTbvbMZiIx5ayMwYP9zjrgAH620V8Pft4/tJeOP2cfhno F38KrC21bxx4t1u20jTLO6iedJN6u8jeWjxk42qg+YYLgniu4/Z5/aOs/ir+yjon7RPiXybdk0e6 vNXW3BSKK403zEvNisWKruhZlBJIUjk9SAfVNFfjLpn7dX7Rifs8/Bn4u67YaHDqHxT8cDRjEtpO I49HMjQAopuCRMZI5CHJIKlfl7n7S/a6/a60H9mvQbLQtCsT4q+Jnioi38PeHrcNJNcTSNsSaZI/ nEKvxgfNI3yJ/EyAH2RRXinwB/4XrN8OrLUf2iJdKXxfffvpbPSIHit7JGA2wM7yy+bKvV3UhMna u4De1H4oa38a9N+Jnw0034bwaRL4S1G6vF8UPfyBLxLdFhNubJTIhZiTJvwr4+XgdwD3mise88Q6 Bp9vdXd/qdrbQWJAuJJZkRISenmFiAv44q7Y39hqlpHf6Zcx3drMNySwuskbj1VlJBH0NAFuivNv jF8SLL4QfCzxZ8Tr+AXkfhjS7zURbGUQm5a1heYQq7BsM+3aDtOOuD0r4N+NH7bHjvwz+wp4e/af 8D2mlR+JdabTTNZzB7q2tvtrNvjIWSN9ygDBJHrjtQB+ndFY0fiPw9Lq7+H4tUtX1SJd72izobhV 9TGDuA98Vfvb6y021kvtRuI7W2hGXllcIij1ZmwAPrQBaorN0nWdH16yXUtDvoNRtH4Wa2lWaM/R kJB/OtKgAor4Z/Yi/ag1n47/ALPem/FP4wXuk6Nq2oaneWSCE/Y4HEDhUVFnlcljnnDHPpX3KrKy hlOQeQR0IoAWisO38T+GrvVpNAtdWtJtThGZLVJ42nQerRg7h07iteeeC1he4uZFiijBZnchVUDq STwBQBLRWBonizwt4laZPDms2WqtbHEotLiOcxn0by2O38am1jxF4f8ADywvr+p2umLcv5cRuZ0h Ej/3V3kbjz0HNAGzRXxj8Ff2gPG3xD/ao+OHwa1qKyXw/wDDsaOdMeCJ1uH+3wGSXznMjK/I+Xaq 4HrX1le+KPDWm6lBo+o6taWt/df6q3lnjSaT/cRiGb8BQBuUVWu72zsIhPfTx28ZIXdIwRdx6DJw MntVax1nR9UnurXTL6C7msX8q4SGVZGhk67ZApJVvY4NAGlRQTjk1haV4p8M69cT2mh6vZ6jPanE 0dtcRzPGfRwjEr+NAG7RX5qftQ/tMfHKw/aL8Ifsw/s43XhvTdX1nSZtY1DV9fZ5Le3SOWWMQgRk 7G/cNkFHZi6ABACx/Q7wtF4ig8M6RB4wnt7nXo7O3XUJbRWS3kuxGoneFW+YRtJuKg8gYzQBu0UU UAFFFFABRRRQB//Q/fyiiigAooooAKKKKAPzD+M3xt+IV38QNX0vSNXudHsNIupbWGG1kaHPkOUL uVwWLEZwTgDjHr9Zfs1/EbXviD4Nuv8AhJH+0XulTiD7QRgyxsoZS2AAWHIJ7jBPOSa3xF/Zl8Ie PfEEviWK9n0m7uiGuRCqvHKw4L7Tjax7kHBPOM5J9d8AeAPD/wAN/D0fh3w8jCIMZJJJCDJNKwAL uQAM4AAAAAAArtq1abppJanzmAwOKhipVKkvd1679tDtqKKK4j6M5fxv/wAiXr//AGD7r/0U1fgJ 4E8C+E/F/wDwRs1TVfEmnJfXfhe61PUdNkZnU212L0w+aoVgCfLkdcMCOemcV/QV4i06bV/D+p6T bMqy3trNAhfIUNIhUE4BOMnnAr88vhX+xV458NfsEa7+yb4v1rTU8Q6tFqKpe2LTT2SSXE5ngyZY oZCAQof5OOcZ7gHtn7GPwf8Ahn8P/wBnD4dTeEfD9tYSaxpWl6/cv80rNqt5psMc90plLlJHTKnZ tG0kAYJz+ef7Y3gPU/D37XWp/GH4+fCLWvjP8IbrRbaz0pNJeaVdDdFj+0tJBEy/M0gkYGRo0PmA hiy/L+kf7Ivgr4//AA3+Eth8Pvj9daDe3fhuO203SZtCadlbTbS3jhi+0meOPM2UOWUAEEZAOa8R +KvwO/a68I/H/WPjt+zF4v0nUrHxRZwW2peGvFk141jDJAFUS2ggJ2ZC7iA0e1mf7wYBQDlv+Cbd 3+zy2meP4f2dPGWq3ugXV/Fd/wDCKaxG0U3h0yeZ8kW95GdJfulw75MYDMXDE91/wVH/AOTFPiX/ ANwb/wBPFlWj+yj+y/8AEX4ZfEj4hfH/AOOOtaVqfxB+IxgS5t9Ciki0y0gtwMCMyqju77V3FlyN uSzFmavT/wBsz4KeKv2if2bPF/wd8FXVlZa14g/s/wAibUHkjtV+yX9vdP5jQxzOMpEwXCH5iM4G SAD89PiZ+wD8GfA37F938T9A+12nxT8K6AviceKUvrgXsuoWsAu5efM2hH2lIwBlPlIJcEn56+M/ x/1j4/8Ain9nfwL8WtA8UeMfBt54MtPFHiHQfCdrJNfazqMjTQ75IUkizbq9ur5DAoHfaQSCv2Br P7MH7fnjP4X2f7L3i74g+Eo/htHFBY3fiC1gvP8AhILrS4CAtu0TAQbtqhWIZS6gBpGy4b1741fs WeJF1T4X/Er9ljXrTwh46+EumR6Hp6aqskthf6TGpQW120YZxgPIdwRixkbO1trqAfC/w/mg8C/t W/DHxZ+yl8DviT8NPDutXqaR4xsdZ0S7h0iezunSKK5P764CGDe8js5VF2qwx8+7irrx34G+NX7U /wAYvFv7RXwp8efGTTfCms3Ph7w9p3hzTZr7TNKtrOWSFzMqXEOyeURq+3oWLsQTt2/ol4J+A/7Y XxJ+OHhn4uftO+MtI0TRPBYeSw8OeDp76O2u7hiDvvGmILJkKSpaQMF24UFt2d4j/Zk/aX+DXxw8 afGb9kHXfDsunfEeUXmueHfFC3QthqGSTc28ltlizu7uQWQDcR842hQD5r/ZKuvGHhXX/jz8OvC/ gXxr4N+C1/4ZvtY0C08X6bcWp068SJY7i2hlkaSPbKZndV8xmZIwx+YOTzn7FP7CfwO+N37F1l8R filYXOu+JPEFtqsWn3kt7cqdJgsrm4t4I7WNJBGqrLG0xDIwZnIIK8V9zfBH9mf476RD8T/H3x68 eR+I/HfxGsJ7GKwsZrldB0uJ4iiLDFIBzkICwiBVVIBcszN6p+yL8DPFnwC/Zc8M/BLxjd2N5rmj RanHNNYSSyWjG9vbm5j2PLFE5ASZQ2YxyDjIwSAeS/8ABL3xb4g8YfsY+C7vxJeyahc2EuoWMcsz F5Ps9tdSLChY8kRphF9FUDtXE/8ABS/4afE7x74f+G+reF/Cl98Q/BXhjWXvfFHhfTp5IbnU4MR+ RgRZkcJtlUhFZx5gYAYLD6C/Yf8AgH4w/Zp/Z60f4TeO7ywv9X0+6vp5JdNklltitzO0qBWmihck A85Qc9M9az/2svgR8Y/ihc+CvH3wC8bDwp4z8B3slzBbXss40jUopdu+K7jhDZxtwp2N8rOpxkMo B8Bfsia1+x9fftVaRqnwbHiH4JeL3sLiy1DwPqkEkVpq77HOd8ksoDxAh1T5CTGGVAd+76J/4J3f 8lD/AGp/+ym6x/6Plqbwt+zJ+058XP2gfAfx4/au1PwrYRfDVZ30rTPC0dyXnuJgBuuZrn5ggYBw odxxtCruYnKb9mX9sX4J/Gn4keMv2XPEnhOfwv8AFXUn1a9tfEyXfm6ffTs8kskItkIb5pG2ksQR tVo/l3EA+QNS+LfiX4NeG/29PHHgi7ez1weLrCwtbqLlrd728ntpJA38LIjvtbqr7cc17F8WP+Ce HwF8F/sU6z4z8NQXFn4/8PeGJ9bl8RJeTi4vZ1tGmu45F8zyzDcoXi2BeFYck5LdB4e/ZBs/gL8D v2jn/a58Z2+teFPiRNZX95rdhBcS3sU/mu7XktqkB2yLeTJKix+auFy2BkV4Z8aND/aa0X9ie/sv Evx38J6t8HYdFjXS9Qsbaca7rlsEX7Dp7iQKqCQ+UkhVjKF3eaWAcMAWNWuNR+JXwV/Ys/ZRn1O4 0vwp8S7Mz+IPs7eU93aaYkUqWwkHOHJfI7N5bEHAFav7cX7IHwb+AWq/Bfx38GdOfwvb6h430XS9 Q02G5nltrtgzzW9yyTSP+9hEcibh1EhzznPV+MPAHgaf9lP9lHTvEvjn/hVvxVsLawufBmq3NrNN bi+ligke1umRGSKOXdCSZSBlQCGXeh8m/az8P/tMat8VfgHofx9+IHhzXddu/F+mx6X4c8LwTLEI TMnnalcvMFfd/q1UFdgDOUKgPuANr9pTx7oPxQ/bz8UeB/jR4E8ZfFD4f/DDTrNNP8OeFLKW8j+3 3dvDO95fRJNCQv750Vg3zBUH3Qwbtf2SrjVPBP7ZdtpvwM+FXj/4d/B3xtplwur6b4n0m6trCy1a 2ikmjuYJGknSMSCJIwXkyWdkAwUC/Wfxr/Zh+NmmftBn9qj9lTxDpGm+LdU0+PTde0jxAs503VII VVY3L24aRZFWONQAF+4CHXLh7nwP/Z//AGlNQ+NF/wDH39qTxtaTX39ntpum+G/DNxeRaPaxSAq0 kglKF5AGfbkOQzbt+VQKAfkleeBvhz8JD498Nft/fBvxPqviHxBql7OnxGsDPdwETgCGaIiWOECN v3gXdIxyEkjwNte1/th+CfhH4g/4J5fDPxt4Z8Ty/E1/Duo22maX4kvPMivPsd3O/n28sRYbWTy0 iIdd6iMDPUn6g8Pfs/f8FDPg1pniH4U/Czxt4S8ZeB9YuLt7LUfF7X9xq1lDdfeRwqvHJgZ4YSqz EttUHaL/AIi/4J2atB+wnb/st+DvE1u/ie11CPWzqN2kkdnNqAl3umEEjxxBDsRgrH5QxXkgAHgH 7c1r4S+GvjX4J/sdeEfDGvn4Szrfa1q3hzwjHNd6lqiLLJMLaNWlDyIJFkkkHmfKrGQcomPN45NJ 8C/HP4ZfET9j74A/E/4az2+qW9j4mttR0K8j0vUNFndUl80Ce5/eRgkgsAoOJCd6Ka+7PiX+y1+0 l8YfCfw6+KWueKNB8L/tCfDa7uprPUNNS4k0W6tp3/4951kTzFDRgByI3Xl12lX+VNM+A/7bHxk+ K/g/xd+0p4z0Lwv4T8EXQvY9H8FT38R1S4QqQLp5iD5TFRkF2+QsgRSxegDxX4IfBjwB+2z+0D8e fid+0TZSeK7bwf4iuPCeg6XcTTW8FhZWTyAsI4XjIdxtPJ4cu3LEFdT9gD4W6f8ABb9r/wDaW+GG j3k97puhLoMdm9zIZpUtJY5ZreFnYkt5MTrECeyjp0r1zxJ+zd+058HPjj4x+LX7Ies+HJtJ+Jci 3eu6H4q+1fZ4dSBYm7tntRv+YuzMu4csQQ42bNr9jz9lj42/BH4u/FT4p/GfxVpfiu/+I66dO1xY eckguohI9wjQyRIiRRtJ5cGx2zGoJWP7gAPVv27PAvhPx1+yf8S4/FmnJqK6FoepavZB2dfJv7Kz maCYbGXJQkkA5U9wa/Iz4v8Aww8B+A/+CSHhvxF4R0iPTtS8YTaBf6tMjyM11dAuokYOzBTgnhQB 7V+83xe8B/8AC0/hR4y+Gf2r7CfFejX+lC4K7xCb23eESbcjdsLbsZGcYzX5aap+xV+1341/Y1uf 2WvG2teDzNoV5pY8P3dvPfIhsrN5WmF2/wBlJ3/Mgi2R8jIfBAJAPOv20v2J/hD+zj+y4fjZ8O11 DT/ij4MvNLu38R/2jdSXt5eXF3FFPNKXkKbmeQyAoqkEccEg+yftvah8B9d1z4P6z+0p40v7rQxZ G+X4f6RZT3Fxrl1PGMXEj280ZRI32hA6jOHVG+Z8fY/7anwN8WftHfs5eJvhB4Iu7Gx1nWZLB4Zd RklitlFreQ3D72himcZWMhcIecZwOR87/Gv9lT4+xfG74d/tK/s+6toE/izwh4ei8PXmmeIRcfYZ okWVTJDJCpkBPnsCMx4wDk5ZSAfCfwv1LwB4W/b/APg3qnwB+Gfij4O+HvFkOo2N/Z67bS2MWrpH byN5kMEk02UUlCcHbuVGADZNe8/s2fs7fBex/wCCjXxxsrTwvDHB4AXQtQ0NRLMRZXV3axyzSpmQ 7i7uzYfcBngCvSm/ZM/a+8bftJfDD9pr4s+L/Ct3qHhK8eO60PTVvLexstMddrfYpZIpZJ7h/MkZ xMEG4IBJt+76Yf2c/wBofwR+2zr/AO0F8LdX8PT+CfiGNKh8RWWp/aFv4YLCKKCT7J5UbI0hWMvG zOBlirKAAxAP0Pr4O/4KQ/DnwV43/ZO8b654p0tNQvvCdhNqGlyuzqbW64j8xQjAE7SRhgR7Vvfs b/Ej4tfEgfFWX4m69ZeJLPw94uvdI0e906JI7VrW2jjdkjdYojL5bSeWzkHLqwDMBmvXv2mvhhr3 xo+Afjj4WeF7i2tdW8S6dJaW0t47pbpIxBBkaNJHC8fwox9qAPx48c+BtD8E/sy/swfBH4TxyeC4 /wBpKfw2PFuo2MsnnXSyWdp5+Wd22mVrncUTarbdpG0kH1T9tD9kb4S/sp/BCD9o39mq0m8B+NPh readLHdW13cSG/guLqK1eG5WWRhIGMoZuPmUMjAq2B9UfE79jHV/iX+y18LfhSviGLw98RPhRY6J JpOtWu+W3h1XSbSOBiNwRzDI6ZDFAykI+w4KHyvxl+zP+2p+0/Z6J8N/2pvFPhPSPh3pl3Dc6nF4 UW8/tDWjbcoJGuUCRKW5+UKA3zeWdqAAHg3x1+GPhz9qz/goX8JvDvjcXEXhrxD8M7PVdTs7eZ7Z riFbm+uUt3dCG2ef5ZYA5+XghgGH7BfCH4R+BfgZ8P8ATfhj8N7FtO0DSTMYInkaZwbiV5nLSOSz Eu55Yk4wO1fPmofs3+KX/bZ8L/tFaVcabbeD9A8Fnw0bLfKt6JxcXEiGOMRGLyQkqjJlDZBG3GCf s6gD8Mrv9mbwB+03/wAFNfjx4f8Aiol1e+GNE03Q7xrG3upbZJ7x9Ms4YHkMTKx8pGlK4I5brgkH zL4v3vgO/wD2xL34GeP/AIeeMviL8J/ghoWl6bofhfwpZzXyLcNaQOLu/RZoWPEjIH3Zk2pnK7g3 6qfDP9nrxn4M/bD+MH7QeqXuny+HfiBY6Ra2FvDJK17E+n2sEEpnRoljUFoiV2SOSCMgHgedfGv9 mH42aZ+0Gf2qP2VPEOkab4t1TT49N17SPECznTdUghVVjcvbhpFkVY41AAX7gIdcuHAPkz9kq41T wT+2Xbab8DPhV4/+Hfwd8baZcLq+m+J9JurawstWtopJo7mCRpJ0jEgiSMF5MlnZAMFAvyjeeBvh z8JD498Nft/fBvxPqviHxBql7OnxGsDPdwETgCGaIiWOECNv3gXdIxyEkjwNtfrb8D/2f/2lNQ+N F/8AH39qTxtaTX39ntpum+G/DNxeRaPaxSAq0kglKF5AGfbkOQzbt+VQL474e/Z+/wCChnwa0zxD 8KfhZ428JeMvA+sXF29lqPi9r+41ayhuvvI4VXjkwM8MJVZiW2qDtAB4p8ZvFMeufs3fs1/s6fCj 4n6h4n8KfFfxBHoV74mOYb+XTYrhEe0lDfOjJ54j8tsErCEbKlt3SftofsjfCX9lP4IQftG/s1Wk 3gPxp8NbzTpY7q2u7iQ38FxdRWrw3KyyMJAxlDNx8yhkYFWwPXj/AME3Lew/ZR8J/Bfw74vaw8fe CdV/4STTPEKxMI49YLbyBFuLLBgKoI+YFFk2k5Q1fGX7M/7an7T9nonw3/am8U+E9I+HemXcNzqc XhRbz+0NaNtygka5QJEpbn5QoDfN5Z2oAAUrXXz4q/4Kf/DTxO0fkHWPhJFeeX02faLm6k2888bs V0XxVdD/AMFV/grGCNw8GaqSO4BF9g/jg12P7SP7L/xm1L41eBv2kv2XtZ0bSvFvg7SW0KTTNbSU afdabulZIwYFZgVMzjb8v8JDqVweM+G37J/7UNx+1x4U/as+O/i3w7q13Yabe6fd6dpK3MMNjDJD LHbQWQliJlTfK8kjSujBmIG7g0AfJn7BX7G3wh+Pj/Eb4qfFq0utan0Dx1fWWlW32uWK3tjaSRXc jeUjBX85plVw2QQvABOa9R/Zj+Bnw4/bl8WfGD4/ftHWcvjCSHxTf+GtF0+4uJ4INL02xWOSNYkg kjKuVnUZPIZS/wB92Y/bv7Ff7PXjP9nHwR418NeN73T7668SeLtT1+3bTpJZI0tb2K3SNJDNFCRK DE24AMoyMMeceDSfsz/tYfs/fEfx14i/ZB17wvdeEviJfPql1o3ihbtTpuoz582a1e2BDKTz8xA2 hUKNsDUAfN37UPgf4j/sL/sh3nwo8DePdT1vSfH3jGLTtKWC2ddQ0fSbqOaaWytphOxleTyUQACI MXkwo3kj5/8AiR4P+FGj/D3Tp/2XP2dPjD4E+KvhiS2n0nxDLoV0rSyxuom+2MlzLkSpvPyRcNgA CMsp+/7T/gnDd+J/gD408IfFTxn9u+KHjzXY/FN1r9pG32ey1eDf5It4j5bNCiyyqThDiQ7Qm1QK nif4Gf8ABSP4xeHdM+EXxO+IPhPw14Wglt/7S17w4b9Ncv4YGDDhkjjV2IBbZ5SkjnK5UgH6SfDL X9b8V/Dbwn4o8TWEmlaxrGk2N5e2csTwSW1zcW6SSwvFJ86MjsVKtypGDyK/Kf8AbHb9l8ftS2Oo ftFa9q/xLns9HSHSvhzounXFybOWQh/tkzw3CI8koLYjYIxUoTlFTP696Fo9t4e0PTtAs5JZoNNt 4baN7iRppmSFAitJI2WdyBlmJyTknmvze8ffs0/tP+Af2rvFP7TX7M2o+F9T/wCE8sLay1PTvFP2 pfs7W8cMQaGS1BcofIVvvrjJXYwClQD5Q/Yq1LQPCf7f3iXw/wDC/wAE+Ivhb4I8R+EZNQbw3r8U kE5lgliC3K27ySsoYh/L+YkbnC4UgV2f7HP7OXwt/bb8DeLf2l/2lrGbxp4j8Z6xe21qJrqeBNMs LbakMNutvIgQrk4PZQoA+8W93+D37JX7Svhj9ru0/ai+LPjHQfEs2s6Nc6frNvZJc2osWcfuINOj aJhLBH5ceXleJzlyQzctj6D+zH+2R+zPqni3w1+yR4i8JXvw+8VahNqVpY+J0vFudEuLnAkFubdX WSNVVQC5bOAfLzuZwDxb48/DD4k/s7/Af4V/sa2/xMvtY074peOoND/tP7P9muLLw/dMkbaeHMsu 4B5A2QU3LuiCiPKn6b1b/gmt8J/DHibwJ46/Zwv5fhX4m8HX0M097CbjUBqVmg/eW9xFLcoCZTwz g4KllZWG3bxx/wCCb13N+ziPA1x43c/FhfEjeNV8TiNvLTXm6hY+GEGBjPXzP3u3/lnTtc/Zr/bS /aO13wl4d/ar8S+E9P8Ah/4T1C31O5tvC63Zu9ZubTIj843CKsaOGYNtKgZJEedpUA+ILrx34G+N X7U/xi8W/tFfCnx58ZNN8Kazc+HvD2neHNNmvtM0q2s5ZIXMypcQ7J5RGr7ehYuxBO3b6f8As46R 8bGl/aA+CnwH8I+Nvh94C8ReG7nUPBsXi2xudPfTNVIjimtbe5kd44/OaZzGfNLAIsh+ZXY/WXiP 9mT9pf4NfHDxp8Zv2Qdd8Oy6d8R5Rea54d8ULdC2GoZJNzbyW2WLO7u5BZANxHzjaFu/Dz9kD44a 34d+KmuftBfFK6l8c/E60+xw/wDCP3N1FpmhIhVomtI3aIlgyRhvlQlFZNzeY7EA/JvT9D/ZZ8H+ BPDnwz/aD+GnjH9n/wCJ+lSWxXxxFFdXCS3kMitLchvMQkS4JURxSCLOUf5fm+6P25vAvi/xD8SP hF8YNY8F6j8e/gxo2hkXmmaPK+6W+nV2GptDbZLpLE0TgqNnyFWZVYZ2de/Zm/4KH/EH4Qj9l/x/ 4s8DXHgZo7ayn19o7661qWxtZEaP5JEEbTAIMlgrE/8ALXPz17H8Sv2VPj74H134a+Of2S/G9va3 nw/8PW/hqbQ/Ec1y2kajZ2sflxzMkG4LMRjfgLkqhDrtO4A8f/4J96p+yrd/Grxpe/s6a5rnhB9V 09De/D3WIXiS2mheMPeQs8s29lIKlQ5KCQggLtC/sDX52/Az9mL44XP7SN1+1f8AtNatoB8VR6R/ Y+m6X4ZinWzghYkmSeW4AkeQKzKAS/DffwqqO/8A2N/iR8WviQPirL8TdesvEln4e8XXukaPe6dE kdq1rbRxuyRusURl8tpPLZyDl1YBmAzQByf/AAVH/wCTFPiZ/wBwX/08WVfDvxx/YX+C3w5/YVb4 16Tb3y/FPRNJ0vXW8RnULpruS/le3eUkGTywg3FY9qBkwrbt2Wb9Qv2zPgp4p/aJ/Zs8YfBzwVdW VlrXiD+z/s82oPJHar9kv7e6fzGhjlcZSJguEPzEZwMkVfjp8DvFnxN/ZJ1f4C6Dd2UHiC/0Sy02 Oe5klSzE1t5O5mdI3k2HyzgiMnpkCgD4i/am174T+Nvgl+zz4k/aa+Id9ZaFqWn6fqt/4U021muL zxXdzWdvIVZreWNo0idvvFcZkIDK5Qj5Ii1P4W+GP2v/ANn3xd+zd8KvFfwe0/W9b/sm+m1m1lsL bWbad4Y2WCKSebcFSRt54B3ISNyg196fFP8AY3+OaXPwD+KfwZ1vQj8QfgzoFros1nrPnvpN4IrU QSPEyJ5gOWkAyqMQVYMjIM8540/ZO/bT+Mnxa+Fvx0+K3i3wgmo/DzXbS8h8O6aL6HTobBJo5rl0 uZI5pZLubykQqyCMBQQ46EA0vhxcWf7Lv/BQr4jfD/UpV07wZ8atKbxbp7udsMWpWIkkvlyeFJAu ZXx0URg9jXy3o2m3nxQ/ZT/ay/bL8Qwst18UzdWuj+aPni0PTJVhhVT7lRG3vADX6A/t+/sjeLP2 p/BXhwfDLVbPQfGnhm7uPs95fSzQRNp+oQNBewGS3imkHmAR/wAJBAKn71egePP2Z57j9jG+/Zb+ HM9ra3I8PRaNaXF4Xit2mQLvmmMaSOPMcM7FUY7mPFAH5gfHLwMnxM0L/gnj8Pp7+50218QeHxZ3 U1nK0E/2SXTNHW5RJF5UyQ74z2wxBBHFenfGn9nn4Y/sk/tUfs0+LP2etOl8IHxX4gbQdWt4bq4m hu7WVoIyHE8khyUkcNzgna2Nyg19Map+yL8SL3Vv2Rr+LUtJEfwD0/7JroaafNy/2Kxts2OIP3i7 7Zz+98o7SpxkkD1D9pr9nrxn8Z/iZ8DvGfhe90+1svhn4lTWdSS8klSWa3V4WK24jikVpP3Z4dkH T5vQA+O/BHws8GftsftlfHHVPj3BJ4i8P/CS5tPD2g6JLLLDaweb5wnuGWJkZmd4CwJJ3b+eEQLn /so/Bvw/8Bv+ClfxP+HHg+5nk8O2ngpLjTbe4medrK3uruylNsruWbYkjOUBOdpGSTlj0/iHwjr0 X7Y3xF179i74m6FovxCube0Xxl4U8TWl2llM6xq0F5BIkWZDsbc3lE7WYlmxKRXn37Dmi+M5P+Ch Hxp13xj4xt/iDq9n4dgtdW1ewi8qxS/uJrRxaQYJGy3WBol6Z8s5AINAH35+3Z4F8J+Ov2T/AIlx +LNOTUV0LQ9S1eyDs6+Tf2VnM0Ew2MuShJIByp7g1+Rnxf8Ahh4D8B/8EkPDfiLwjpEenal4wm0C /wBWmR5Ga6ugXUSMHZgpwTwoA9q/eb4veA/+Fp/Cjxl8M/tX2E+K9Gv9KFwV3iE3tu8Ik25G7YW3 YyM4xmvy01T9ir9rvxr+xrc/steNta8HmbQrzSx4fu7ee+RDZWbytMLt/spO/wCZBFsj5GQ+CASA edftpfsT/CH9nH9lw/Gz4drqGn/FHwZeaXdv4j/tG6kvby8uLuKKeaUvIU3M8hkBRVII44JBX9uD 4oS/EL9ov4S/Bn4gaB4n8X/D1PDUHifWPD3hK2kuL3Vbu4MqoJI0kiLQQmFCWDAoGfaQxBH6Vftq fA3xZ+0d+zl4m+EHgi7sbHWdZksHhl1GSWK2UWt5DcPvaGKZxlYyFwh5xnA5Hkvx8/ZL+JPinxH8 Nvjf8CvE1j4a+K/w409NLV9QSWTTNSstpD285RWdUBeXaRGSQ5+6wVlAPgn4fzQeBf2rfhj4s/ZS +B3xJ+Gnh3Wr1NI8Y2Os6Jdw6RPZ3TpFFcn99cBDBveR2cqi7VYY+fd+/DukSNJIwREBJJOAAOpJ r85PBPwH/bC+JPxw8M/Fz9p3xlpGiaJ4LDyWHhzwdPfR213cMQd940xBZMhSVLSBgu3Cgtu/RO/s rbUrG4068TzLe6jeKRf7yOCrD8QaAPnz9pLWtG8QfsofFzVtBv4NSsZfB/iMJPbSpNExjsbhHAdC VO1gVODwQQeRX5e6p8Op/iB/wRp8OXGnq39qeELH/hIrN1+9G2nX87TOD1BFs02DXR2f7Ev7dXgT 4deIv2W/hr8QvDJ+D+uvdxRXl/HONWttPvWJuLcIkDLmUOwYBmByxV492B+ovw8+B/hP4ffArS/g DbtJf6DYaO2jyvMAHuI5Y2Sd2A4BlLsxA4GcUAfnT4f8dw/tbftr/A3ULci40T4d+BE8ZXiD7iap rsMapEw/vx74JFHUFW7A5+Utd8Zah+z3+z3+1j+ynYblvbPxZbWHh+2HDvYeLG+SJB3H2SFmwP4p PQ1+g/8AwT3/AGK/Gn7Jlt42v/iTrGn67rniSWyt7aewlnmWLTtPjZYUY3EUTKxL4KKGUKiAMcYG f8cv2Ete+Kv7aPgb9ofT9TsLfwhpbaZd69p80swuru+0d5WtZI4liaGQbTHGfMkUqofGc4IB83/8 FDvBWqfBP9m/9mvwL4JtI77V/B3iDSbWzhKlkub60tDt3AFSfOmGWwVzuPIrgvh9B8Sf2OP2wvD3 xa/bVSz8RTfF+y+zjxPzInh7UnIDWqscRxIiFYnKAKImzG2xJFb9Lf2yf2cfG/7Q6fC9fBd9p1kf BXiuy129/tCSaPzLa3zvSHyoZd0hzwG2r6sK9i/aM+Avg/8AaT+EmtfCnxkgWHUU8y0ugoaSyvYw TBcx/wC0jHkZG5CyE4Y0Ae4AhgGU5B5BFfmH+2l/yeP+x5/2Gtf/APRdhX0p+x98Pfj78J/hBZfD X4+6tpPiC+8PEW2mahplxcTvLp6riKO5+0W8BDw/cVl3bk2g/MpLYX7Qf7PXjP4sfHz4C/FPw7e6 fbaT8LdQ1S71OK6klS4mjvVtljFsscTozAwtu3ugGRgnnAB+f/wf/Zo+G/7Rn7cP7TJ+LlrPrnh7 wrq9hJFpBup4LOW8vo51W4lSF0LvFHC6pk4HmHrXsX7CHhe2+DP7VP7R/wCz34QuJ08EeHp9Iv8A TLCaZ5ktGvYWldY2clvuuqEklmCLuJIyfp79nz9nrxn8J/j78evip4ivdPudJ+KWoaXd6ZFaySvc Qx2S3KyC5V4kRWJmXbseQHByRxk+Ef7PfjPwD+1d8aPjrrF7p82g/EaLSI9Pggkla8iNhbrFL9oR okjUFh8uyR8jrjpQBe/bs8C+E/HX7J/xLj8WacmoroWh6lq9kHZ18m/srOZoJhsZclCSQDlT3Br8 jPi/8MPAfgP/AIJIeG/EXhHSI9O1LxhNoF/q0yPIzXV0C6iRg7MFOCeFAHtX7zfF7wH/AMLT+FHj L4Z/avsJ8V6Nf6ULgrvEJvbd4RJtyN2wtuxkZxjNflpqn7FX7XfjX9jW5/Za8ba14PM2hXmljw/d 2898iGys3laYXb/ZSd/zIItkfIyHwQCQDzr9tL9if4Q/s4/suH42fDtdQ0/4o+DLzS7t/Ef9o3Ul 7eXlxdxRTzSl5Cm5nkMgKKpBHHBIOD+1P8T7b4s/tdeGfhr8WvCXiz4gfD3wl4Xstan8M+EbSS6k vdSvY45PtN1FHLCTBGJlTeG+VgEHEj5/Un9tT4G+LP2jv2cvE3wg8EXdjY6zrMlg8MuoySxWyi1v Ibh97QxTOMrGQuEPOM4HI8U+MX7JnxeX4j+C/wBon9m/xLpeh/Enw1o0Oh6laausz6Tq9lGv3JWh UyLg8cIC2EIaNkBIB8cfAOebwL+2T4Q1P9m34OfET4b/AA38WwT6f4r03xBo11b6WswjZra7iJlu EjZXChmdl2jIXiRhX7uV+efwm+A/7Vnin486f8ev2ofGmnWkPh61lttL8L+FJ7xNMLShgZbsTFfM K7icHfuYISwVNh/QygD+fr/gm9+w78C/j5+zhd+PPjRplz4jvb7ULyw09TfXMEem20O0k26QyIok eVmdiwYHC8DLbud8LfHn4mfCr/glt4xttB1y7/tTSPGF14O02/3sbi0sG8qQiKQHMZCGRIyD8m4b MYXH6w/sK/s9eM/2YvgDZ/Cvx7e6fqGrW+oXl00umSSy25S4cMoDTRQvuAHPyY9Ca8J+HX7AOov+ yn8RP2cfi5q1l9o8YeJL7XbG+0ppbhbNpfIa1dlmjgLOjwnzEHylCVD85AB+cvi34ffBSz+D0Ok/ B/8AZ0+Mvh/4r6NFFc6b4rbQrqK4fVIsMZZ3ju32pK2c7I8oDlBkc/YP7SviXwN48+B3wB8Q/tie LdU8LRXEMV1rXge1025XUfEmopHGjxvHHJFJbpHKCfmQAeZgMrlCOw1n4F/8FLvGfgC1+AviP4he ENM8MIkVrdeKNOOoDX7iyhZdoI2onmlVAcr5ZcZBkOWLdt8eP2Ofiy3i/wCDvxb/AGdvEVjd+Lfh Dp50tIfFsk9zDqEJjaMzSyxhnM7b33n5clgyuhQZAPzxi1P4W+GP2v8A9n3xd+zd8KvFfwe0/W9b /sm+m1m1lsLbWbad4Y2WCKSebcFSRt54B3ISNyg19S/BD4MeAP22f2gfjz8Tv2ibKTxXbeD/ABFc eE9B0u4mmt4LCysnkBYRwvGQ7jaeTw5duWIK9Z40/ZO/bT+Mnxa+Fvx0+K3i3wgmo/DzXbS8h8O6 aL6HTobBJo5rl0uZI5pZLubykQqyCMBQQ46H0TxJ+zd+058HPjj4x+LX7Ies+HJtJ+Jci3eu6H4q +1fZ4dSBYm7tntRv+YuzMu4csQQ42bAD5M/Z20gfsjfFP9tO38JXEupR/DzQLO+0r7WzXDLHFZXF 1ZwSMTllhVkiJz91e3SvnL4N6P8AAXx18H38QfHH4C/Fr4neP/GQnvL7xdYaRPdxtLKzCKSwnF2i MkahcFoyGYEMCmFH6efsy/sZ/FTwJ42+NniP9onxHpfjSD4yWNtb3r2JnikcyRTLexNG8SLHEvnG KAo5JjUErGfkHCeD/wBnb/goT8AfBV38DPgb418H6x4GDzpo+qa4l5FrGlW9wxcqqwo8JKM7FMiU Z5AVcIAD42+LHib40ap/wSrbT/jNp+taX4i8L+L7TTbWXW7Wey1CeyiKzW0zCcB22iUxhwSP3eNx Kk1+vP7NH7GXwb/ZiabXfA1lcN4m1bT7ez1XULq6luJLp4z5ksmHJVDLJ8zBAAcLxxz84fE79g/4 ja/+xVafs3aD42XxF4tbVbbVb7WPEN1deTLKrlpVjIS5kRFXasaYwcFiQWNfqNQB+ZH/AAUk8Q+K dWh+D37POg6tcaDp/wAYPFMGkate2rbJfsCvEkkIb/poZg2P4tm0/KWB8O/bQ/ZG+Ev7KfwQg/aN /ZqtJvAfjT4a3mnSx3Vtd3Ehv4Li6itXhuVlkYSBjKGbj5lDIwKtgffH7Xn7M7ftK+AtL0/QdcPh fxl4S1GHWfD+rBS4tr635UOoIOx+MkZKsFYBtu1vlvxl+zP+2p+0/Z6J8N/2pvFPhPSPh3pl3Dc6 nF4UW8/tDWjbcoJGuUCRKW5+UKA3zeWdqAAHzzr/AOz98B/ij/wUT8EWWv8Ag2CXRfiJ4Abxfqtk 0twqz6tfXF1JJOxEgYNwBtUheOlfuyAAAB0FfGWqfs3+KZf21/CX7ROk3GnW3g/w54Nbw2bLfKt6 J/PuJEMcYiMXkhJVGTKGyD8uME/Z1ABRRRQAUUUUAFFFFAH/0f38ooooAKKKKACiiigAooooAKKK KAOV8ceK7LwL4O1vxjqADwaLZXF2yFxH5nkRs4QM3AL42j3Nfnv4m/bc8YXv/BPTUP2uPCGn6ZYe KU8p002VnvLe2SXXBpyrKFaJ2YwZbOUBfkDHy19dftPeBfCfxE+APjrw74005NU05dJu7sQuzqPP s4mngfKMpykiKw5wccgjivxLsPhh4D8Kf8EZPEvxE8P6RHZ+IvGcWmnV7xXkZ7v7D4oEVvuVmKr5 aEgbQM980AfvV4J8eaTr+heHf7S1OyTXtW020vZLNZkWXM0KyMUhLF9uW468d676WWKCJ553WOOM FmZjhVA5JJPQCvwi+OP7C/wW+HP7CrfGvSbe+X4p6JpOl663iM6hdNdyX8r27ykgyeWEG4rHtQMm FbduyzV/2vvjFr/xCj/Zi+EvjSz8R+I/C/jPw5Z+JvE+l+FoGn1XW2+yrIIFjR496Bkd5AGG1SZP vImAD90dG8ReH/EUUk/h/U7XU4om2O1rMkyqw7EoSAeOhrYr+eaOTSfAvxz+GXxE/Y++APxP+Gs9 vqlvY+JrbUdCvI9L1DRZ3VJfNAnuf3kYJILAKDiQneimv6GaAPx0+H/7RH/BQn48+NPiZY/BiDwH FovgPxJfaIP7XivYp2WCVxEcxSOrHYo3H5ee1ereAP2vfj58NvjT4c+Bf7aXg7SfDs3jZmi0HxHo c0h0y5uQVVbeRJXlYO7sEzuQhmTMe1w4wf8Agmf/AMjN+0r/ANlE1L/0ZJVH/grRcRp8O/hFbaTs /wCEok8e6a+mHjzBshnD4/i2+Y0O7Hfb7UAdH+0F+0P+1fbftd2H7NH7OkPhfddeG49bMmvxXP3h LMko82CTphF2jZ65NcN8R/2mv2/P2V9OsfiL+0V4O8H+Jvh/9rhttSn8NSXUd5aCZwqv/pEgU5yQ o8sqWwrMmQa4H9orWvjVoH/BT/R9Q+Afh3T/ABP4rHgNFWz1O4+zW5t2nuPNfzN8fzLxgbua7T4q /CX/AIKG/tgaBb/CT4v6Z4U+GPgK8u4J9Wl0+4e9vp4rdxIqIBJMpw6hlH7v5gNzYGCAfrPYeItF 1Lw9aeKre7jXSr22ju47h2CJ5EqB0cseACpB5qTR9e0LxFa/bvD+o22p22dvm2syTJkdtyEjNfkp 8efAun/G/wDbR+GX7GniK5urf4T+DvCS63c6VFM0C6lJAz28McrxlWZEWOIA9QPM27S24Y3xe+En g/8AYj/ah+BPjn9nmKXwxo/xI16Lwv4g0SKeaWzvIrmSKKOby5JGO+PzWYc4DKhABLbgDo9N/aI/ by+MHx2+MPw5+A8PgiLSPhhrI08trcV5HM8U7zrAd0Mjh2xA287V7YHPHT6L+1l+1T8FPjd4E+E3 7YPhLw8uj/Ei6Gn6TrnhqSbyo7xmSNY5kuJGJHmSRhsrHgPuUvtYD5g+DHir9qfw1+1p+1MP2avB WjeMFuPE0H9qHVrz7J9nKS3v2fyv3sW7fmTd1xtHTNfSFp+zz+1/+0r8bPh78R/2rk8PeEfCXwzv l1ax0TRJHuJrq9R0kQzOzSrgPEm878bQVVAWZwAfq/WDf+KvDGlWs19qmsWdnbW8nkySzXEcaJL/ AHGZmADex5rer8M/2VP2UfhT8fP2gP2l/F3xjsG8TabonxA12y0/Spp5UtIZ57yZ7i6McbrmR0ES KewU9TtKgH7V67aeFvE3hi9sPEUdpqXh/VLZ4rlLjZJaz20y7WD7soyOpxzwQa+JfCn/AAT4/YS0 XxsdW0HwTYXmsWbR3i2c2pXV5FBubekn2SW4dNjHGA6FMcAYr879XivPg/8ADj9tL9krS764v/BX giwsdU0COdjL9gi1QJPNbCVssVHmRgAn7yO33mY16H4N+AfgL9l39iKP9svwnb3d18Xp/BcV4mr3 FzJOYZtfjhRHSFyYgbaOYKh252g7t2aAP1Z+MPw++A/xu0kfCX4v2uma7FK6zRadcXIiukkAKrJD 5bpPG+1iA0ZBwSM4JFcH8F/2J/2ZP2ftfHi34YeC4bDXUSSNL+4uLi9uI0kGGEbXMkgjyvy5QKSu QSQTn4v+Ev8AwTe+APxB/Zc0PxB4st7nUPiL400S31ybxTLe3DXsOo38C3KSKfM2FImcDDKd4BZj uOR8or8ffit8ev2R/wBnj4M614ivbO5+JnjB/CeuaxG5F1cabZTxRhGlJy7vHcJvJOZTGQ5IZsgH 9BmleKfDOvXE9poer2eoz2pxNHbXEczxn0cIxK/jXwN+17+0v8X/AAb8W/hx+zx+z1LoFt4p8dC+ muNS11na2sYbOPzMFYz8rFVdiWVugAXLZHzb+2h+yN8Jf2U/ghB+0b+zVaTeA/Gnw1vNOljura7u JDfwXF1FavDcrLIwkDGUM3HzKGRgVbA5v4y/BD4K/FP9vT9n668Q+EoZbH4t6Fqms6/bNLOovLhN MmnhZ8SBlMbImAhUfLznmgD9m/h7F41g8D6HF8R7yyv/ABQtpF/aNxpyslnJc7fnaAOA3l5+7kAk c4HSsH42+MdV+HfwY8ffEDQVifU/DPh/VdUtVnUvEZ7K0knjEiqVJQsg3AMCR3HWu+06w07QdJtt LsI1tbDToEhiTPyxwwqFUZY9FUDkmvA/2kta0bxB+yh8XNW0G/g1Kxl8H+Iwk9tKk0TGOxuEcB0J U7WBU4PBBB5FAHw/D+298Z9P+HH7L3xV1600gaB8WNXk0jxPIltKn2aSW68m3e2YzERjy1kZgwf7 nHXA+jP28f2kvHH7OPwz0C7+FVhbat448W63baRplndRPOkm9XeRvLR4ycbVQfMMFwTxXwjqnw6n +IH/AARp8OXGnq39qeELH/hIrN1+9G2nX87TOD1BFs02DXqXh/x3D+1t+2v8DdQtyLjRPh34ETxl eIPuJqmuwxqkTD+/HvgkUdQVbsDkA+1P2ef2jrP4q/so6J+0T4l8m3ZNHurzV1twUiiuNN8xLzYr Fiq7oWZQSSFI5PU/J/wl+MX/AAUH+P37P/gz4ufDK28D2l74gu9Wa6i1aG9gRbKCWOCz8lY5JCWL x3JdmIypj2jqT8Xa74y1D9nv9nv9rH9lOw3Le2fiy2sPD9sOHew8WN8kSDuPskLNgfxSehr93vgx 8PLT4TfCTwd8M7MLs8M6VZ2DMvR5IIlWST6u4Zj7mgD8ovBv7Q//AAUt8c/Gvxt8BdGh+HaeJPAM NtPqDzRX62rJdokkfkyCRmY4kGcouOa/U34I/wDC7f8AhAbf/hoL+xv+Ex86bzv7C837D5O791t8 7592373bPSvgn9nH/lJn+03/ANg7Q/8A0mtq/VKgClLqWn287Ws91FHMkZmKM6hhEOC5BOdoPfpV Sw8ReH9U019Y0zU7W7sI9264hmSSFdn3supKjHfnivx6/af+Dnh748f8FPPAPw58ZzXP/CNXfw/S 41S1tp5Lb7db21/qEq20rxMreU0yxs4Bz8vBDYYeYWP7H3wqs/8AgoTq37N2kLfaf8JtV8N23inU fDcF/dJaXlxauYYYpm83zHjSZzMoL8H5RheKAP3Y0jW9F8QWQ1HQb+31K0YlRNbSpNGSOoDISMj6 1Q1nxh4S8OzRW3iDW7HTJpyBGl1cxQM5PTaHYE/hX5U/sw+A/D/7P/8AwUD+M3wX+GJbQ/BNx4Us tbjsJJpJre2ug1su8ea5YhfOkPLZCttyABj5N8OaX+xHqQ8VaHqnhbxp+1b8QNYv7pr7xNoulXYU yyHCJE/2sLGkQ/5arvDfeBMe1QAfr7+2P8XvEP7Ov7L/AIw+Lfw3trE6roZsZLaO5iMlqxvtRggl ZkieMsWWZ2yGGWOTnnPvPhPxTHqPgLw94q8Q3EFnJqlhaXMrMwiiEs8KyMF3ngZJwMk4r+fnwp4h 17W/+CMfxO07XLue6Tw/r9vptoLhtzw2seq6ZKsXfAVpWwM4GcDgCu+/Zw1uD9t39oLQvCX7TMFz oOh/DzQdO1Hwl4Iu4njttWjEKqdQuGk2/aDsCyBNu1kbAJjSUSAH726hq2laTYtqmq3sNnZoAzTz SLHEAehLsQoH407TtT03WLOPUdIu4b61lGUmgkWWNh7MpIP4GvwX/aR8c+HviX+3h4m8BfGTwH4x +Jvw8+F2m2UWm+GvCdjLdxC+ureGdru9ijmhwv750VgRuCov3Qwbpv2Yz4l8JftaS6J+zp8MfH3w x+FfjvRb2K/s/FOj3UGnadrcFvLLBeQs0k6IreXGnzyZLOyAYKBQD9sJ/FnhW21hfD1zrNlFqr4K 2j3Ea3Bz0xEW3nr6V0Ffy8W3gr4NfCzwTrnw5/bl+DvizQfHl/eXrn4j2xn1CKS6mkZorpX82OJ1 TIyqGXzCNzAM3y/0Qfs7Xeg3vwO8FTeF/GEvj7SV02GK21yf/X30cQ8sPNn5vNG3bJu+fcp3/Nmg DM8Xa58arT48eBdF8MQaQ3w3vLW/fxBLcyBdTSZIZDbfZUMqlkMgTeRG2F3cjqOE+Bv7UFt8ZvjT 8XfhhHZW2n2nw3vbGws5luRLNqLzrcNNKFwAEXyl2qu4gZJbkAfOPx+ghuv+Cmv7NdrcLvim0TxO jr6q2nXgI/KvIv2Dv2ffg7on7Xf7QuoaX4ahguPhprtnbeHXEsx/s+G7hvYp1QFyG3p8pL7j6YoA /Xbxx4rsvAvg7W/GOoAPBotlcXbIXEfmeRGzhAzcAvjaPc145+yj8dn/AGj/AIG+Hfi1d2dvpV7r f2t5bC3m8/7KkV5PBErMcMWKRAklVyckADgav7T3gXwn8RPgD468O+NNOTVNOXSbu7ELs6jz7OJp 4HyjKcpIisOcHHII4r8R/Dstr+z/AP8ABKjS/ib8JLU+H/HHxYu49E1bWbeWRZ2iTUL5EfcWIiKw o0QaMKRvyDuAIAP6ErbxT4YvNWl0Gz1ezn1ODPmWsdxG06Y67ow24dO4rZmnhtoXuLiRYoolLO7k KqqOSSTwAPWvyF+PH/BOr4B/Cn9mDxB4v+HMF3ofxC+HmkT65beJob24S/nvNNiNxIz/AL3YPO2M AFA2EgoRjnyHxN498U/to+Jv2UvgR8QtSubLwz468PTeI/E8do5tv7WnsI5x5bFCCEZ7RztUgDzd 4GVQgA/cTRvEfh7xHDJceHtUtdUiiba72s6TqrehKEgHjpWzX4r/ALUPwR8A/sO+OfhD+0B+zfay eD3vvE9l4b1rS7a4nltdTsb1JHYSRyyPkqsLD03Mr4DqGr9obmdLW2lupASsKM5CjJIUZOB3NAGX q/ibw54feCPXtVtNNa5bbELmeOEyN6IHI3H2FbSsrqHQgqwyCOQQa/mW+B3iz4WfHKHxb8Z/2nfg h8R/jR4o8WajcrBe6Jpdxe6Rp1iuPLtLOSO7h2tESwIwdgChcHcW+vv2WNV+IWl/sz/Hr4b+O9V8 UfB7wL4ccnwv4h8W6ZcQajpui6h5qGJFZ4xJJAsYVVgkJSSUbOSi0AfsRJ4z8Hw6wnh6bXLBNVkO 1bRrqIXDH0ERbeT+Fbl3eWmn20l7fzpbW8ILPJKwREUd2ZsAD61/MX8Q9I/Yyu/2bNVsPgp8JvG3 ivxNo2n/AGk/EFdNuray+12+HmvriaS5ISKRgx8sxkKDgfMAa+uPjv4X+NHxr/ZA/Zl8dReH9R+K Xh3R7ax1Dxh4fs7iRL3WYxBCIXYxZlkI2yhyis+ZN2OrAA/azR/EXh/xDaNf6BqdrqdspwZbWZJo wfdkJFXrO/sdRgFzp9xHdQkkB4nDrkdRlSRX4hfsjax+x7qH7VGlaj8HV8Q/BPxbJYXFlqPgfVbe SOz1h9jn78ksoDRgh1jOwkxhlQHfu7z9mfxxpH7GPxK/aS+APixjb+GfCCXHj3w/GTjfpc0YMsMR PUrmCJQOsgfjNAH7AwX1ldSzQW1xHNJbnbKqOGaNj2YA5B+tfLP7WP7TC/s2aB4PvbXTYNWv/F/i PT9CVJ7jyVtorze0l06gFnVFjIAyo3EEtgYPj/8AwTV8A61pPwLvvjN41Xd4t+Muq3Xii/kYYbyb l2+yr/uFN0yeglxXiv8AwVa+F/gLxDZ/BzxdrOkR3Or33jXSPD81wXkDPpdyLmWW2IVgoVnGcgbv RqAP1sbVNMSwOqvdwrZBd5nMiiIL/e3524981X0fXtC8RWv27w/qNtqdtnb5trMkyZHbchIzX4// ABg+FHhT4mfth/DL9h8xz6N8GPBnheTxDNoVrPLFFfzefKqRvIH8xkUhMEsWH7zaVLbhH8XvhJ4P /Yj/AGofgT45/Z5il8MaP8SNei8L+INEinmls7yK5kiijm8uSRjvj81mHOAyoQAS24A/Zr6V8+/s 9eKPjBqXwph139o4aLpvicXU6zHSZ0awWAOFhIk82Vdx6H5+vYV9Anoa/nA8J/8AKEzxn/2G4v8A 092VAH9G895Z2ts17dTxw26gEyOwVAD0JY8YqpqOt6LpGnnV9Wv7eysQATcTypHEA3Q72IXB7c1+ ff7aTon/AATb8TM7BQfDmijJPczWgH5mvjf9oj4deN9S0/8AZt+KPiT4cap8Yfg/4d8EadDqHh3S pZfMg1GS0Gbt4Ycu6+WYsHG390VdlDcgH7mWeuaLqGm/2zYahb3Nhgt9oilR4do5J3qSuB9a+W/2 Qv2kLL9pDwt4t1230m08PJofiXUdKtrKCYSyPb2ywubmTAX5pZJnYlVA5Ayxyx+Ff2KNI/Y1+Ivx D+JPhn4QX+taBpHi/RmtdZ+GmtxywRRrlI5rmJzNIzMOVIWXcgkIwq7Qu9/wSX+EPw40rwh48+J+ n6JHD4otfFOtaBFfB5C66XGLOVbYKWKbQ4DZ27vegD9e7u8tLC3a7vp0toExukkYIgycDLHAGScU T3lna2zXt1PHDbqATI7BUAPQljxivgT/AIKl/wDJi/xH/wB7Rv8A072dZf7aTon/AATb8TM7BQfD mijJPczWgH5mgD9CbzVdL06wbVtQvIbaxRQ7TyyKkQU9CXYhQDng5qPSNb0bX7NdQ0G/t9StW4E1 tKk0Z+jISK/FT9p34bfETxT8Kv2X/G6+BdR+K3ww8K6DZS+IPC+lzSxzzzSafAIJ2jhzJIEGcbVO 3DKSqyk1qfsS+IP2Rn/aM1bXPgNe+IPhjrF1o8sOpfD7Vbd0hupYMyyXEReWYGSIAFYwwdVDlVCs 4AB+x+r+JvDnh94I9e1W001rltsQuZ44TI3ogcjcfYVtKyuodCCrDII5BBr+Zb4HeLPhZ8cofFvx n/ad+CHxH+NHijxZqNysF7oml3F7pGnWK48u0s5I7uHa0RLAjB2AKFwdxb9Kf+CZWo/E3T/DnxE+ G3izw/4p0Twd4Z1WKTwj/wAJbYTWd+NKvPO22pMnyP8AZxCpYRswQydlZQAD6x/ay+P8f7MvwK8R fF1NOj1m80oW6W1jJP5AnlubiO3BLYZisZlDsFGSBjIzkeN/FX9qHxj4X+LH7NXhHwqNNuNI+L01 +msOyNM8X2aG0kVbd1kAQgzsG3B+g6c587/4K0+BfCfiH9kHxB4z1nTkuda8KT2L6XcszhrZr2/t YJyoVgp3xnadwOO2DzXyN+1F+zh8PYfFP7G3wV8C2snhXQfFF3rD3v2CeRZsXkWlNeMkrs7K8sYZ e456Y4oA/TH4s/snfsk/tR+In8TeONBsfEOv6eq2815p9/LBchU6R3Bs5k3YHA8wEqOAQK9Y+HPw t+B/7M/g+TQPAOl6d4J0F5TNMXm2CSXaF3yz3Ds8jbQAC7kgDA4r8ufjP+zv8Lv2Q/2ov2a/Fn7P Gnz+EW8WeIv7A1a3hvLmeG8tJmt4yHFxJIeVdtwzhjtbG5Q1H7TT/snr+1nrupftAajrnxq11NPt rfS/Amh6ZcXKaEuxC7M0Vykckk3D7TtKl8spzGVAP2Yste0PU9M/tvTdRtrrTiC32mKZHh2r1PmK SuB35r5k/ZL/AGmo/wBpvw34t8SPp1vop0PxHf6PbWiXHnzPa2ccBWeQ4Xl2lb7qhQMDJILH8zP2 GtB8Iaz+1L8dfgfYeCta8F/C7xT4ahvJPB/iDzYbiETG3iYyRmRpI/NSeQr8+4Iyrn5RXsH/AASX +EPw40rwh48+J+n6JHD4otfFOtaBFfB5C66XGLOVbYKWKbQ4DZ27vegD7g/bT+Mvi39n39mfxl8X vA0VrNrmgDT/ALOl7G0tuftV/b2r70R42OElYjDDnB5HFe3+E/FMeo+AvD3irxDcQWcmqWFpcysz CKISzwrIwXeeBknAyTivjf8A4Ki/8mKfE36aN/6eLKvz/wD2cNbg/bd/aC0Lwl+0zBc6Dofw80HT tR8JeCLuJ47bVoxCqnULhpNv2g7AsgTbtZGwCY0lEgB+9uoatpWk2Lapqt7DZ2aAM080ixxAHoS7 EKB+NJZaxpOpaeNW069gurFlLi4ikV4io5JDqSuB65r8Gv2kfHPh74l/t4eJvAXxk8B+Mfib8PPh dptlFpvhrwnYy3cQvrq3hna7vYo5ocL++dFYEbgqL90MG6z9lu3n8P8A7Xf/AAjHwe+Efj3wJ8Ef iFo93ba7pHirSLm30221GKCWQTRO0k6IsqRrF88mSZGQDBQKAfuFaXlpf26XdjOlxBJnbJGwdGwc HDDIOCMU22vrK9Mos7iOcwOY5PLcNscdVbBOCO4PNfjB+zN8YF/Y1+Hv7SPwL8Yzb5fgjdXOsaCt webrT9UGbKMezztCW/2rnvX2D/wTr+E+ofDD9mPQtU8S7n8UePpZfFGryyD97JPqeHi355DCAR7g ej7uBk0Adp8b/wBp63+Enxt+Efwchsba5b4kXl7Fd3s1yIxp8FlEj58sDl5TIApZgAAeGyMfUWo6 zo+kWDarq19BZWSgEzzyrHEAehLsQvP1r8fP24vgX8J/GH7b37OqeJPD0V6PiBcatb67ukmX7dFp 9vbC2V9rjaIwTjZtz3zSxfCnwr+1Z+3b47+FfxUimvPhr8C9H0uz0Xw358sNq01zbxnz5RG6s+3L jOcsvlhjtBVgD9htO1PTdYs49Q0i7hvrWUZSaCRZY2Hsykg/gamuru1sYHur2ZLeGPG55GCKuTgZ JwBzX5EeEfA2lfsff8FDfBnwm+Dss+nfD34w6Lf3F5oLTSz21pf2EM8wuIRI7Mu4QKuTnAZxnbtC /px8X/hto/xh+F3in4X68ALLxNp1xYs5G4xNKhEcqj+9E+1191FAHoaTQywrcRSK8TqHVwQVKkZB B6Yx3qrFqmmTWR1KG7hks1BJmWRTGAvBO8HHHfmvwv8ADP7UHiPwJ/wTV8U/DrVmeP4neD9Rn+GU VqpJuPtUztFB5YHOYrTzFjI6tBXafH34N/An4GfAT4C/CH47+O7vSfDHhvdNqPhLSbWa5uvFepSb JZxvt5kdI47h2IYgjEm0OHKEAH7F6J4s8LeJWmTw5rNlqrWxxKLS4jnMZ9G8tjt/Gvjnwd+0J8TP Ff7VHx3+BkEGm/2b8PNI0260VjG6SvdXtlFORcyGXayeY/ZUwvU96/KeLU/hb4Y/a/8A2ffF37N3 wq8V/B7T9b1v+yb6bWbWWwttZtp3hjZYIpJ5twVJG3ngHchI3KDX2F4X/wCT4f2zf+xS0r/00Q0A fox8A9X+Kus/CPQtX+OMWmW3jSUXR1BdIkElgoW5lWHynEkoP7gRlvnPzbunQfPn7Z37UOr/AAT+ D2m+P/hBe6RrV7ceI9P0ecyH7ZCkV0JTIMQSptkGwYy3HPBr8tfDeu+INY/YE/ZW/Z70nVLjRdN+ MPiy/wBG1e6tvlkOnf25crLCH7bzKpx/HtKnKlgfRP8AgoV+xT8EPgZ8LvB/xB+DOlP4XntvEGma bf28d1PLDfwS7zG8qzSPmWJ0BDDqGbOeMAH7wX+oWGl2r32p3MVpbRDLyzOsaKPdmIAqjoviTw74 ktGv/DuqWuqWqHa0trOk8YI7FkJAP41+U/7dZ/Zvb4+eC7r9o7xTqniqwsNNc6f8N9Hsbi5lurmR 3xqEzwToOR8qowUvsGCVEgb5s/ZxuPBmg/8ABRHwxpPwd+HfiT4SeC/HXhq/S+0PxBDJZtf+TFcu LlIHllKxFokC/NwysVwGIoA/VD4G/tQW3xm+NPxd+GEdlbafafDe9sbCzmW5Es2ovOtw00oXAARf KXaq7iBkluQB9M3vijw1pupQaPqOrWlrf3X+qt5Z40mk/wBxGIZvwFfhJ8BPhx8LPgr8T/2wvit4 W8LW6at8DfOuPCm555FsC1jqAZApk+dHChWL7iFyQR1rw74N6P8AAXx18H38QfHH4C/Fr4neP/GQ nvL7xdYaRPdxtLKzCKSwnF2iMkahcFoyGYEMCmFAB/TRXyf+1j+0wv7NmgeD72102DVr/wAX+I9P 0JUnuPJW2ivN7SXTqAWdUWMgDKjcQS2Bg+ef8E4vEXxi1r9my10r43abrGn674a1K60u3fXrSe0v 7mwjSKW3ldbgBnAWUxBxkfu8ZJUmvnj/AIKtfC/wF4hs/g54u1nSI7nV77xrpHh+a4LyBn0u5FzL LbEKwUKzjOQN3o1AH1J8Rv2ivFvhn9sX4N/AzQv7Pn8JePtN1i8v7hkZ7gNYWtxNEYZVkCKu6Jd2 UbIzyK+v9I8QaB4gjll0HUrbUkgcxyNbTJMEcdVYoTgj0Nfiv+1R+zl4A8Rftkfs0/s7aJbzaB4N fRtYt2trG4lif7BAk9zPbCUsZAs6I8T/ADZKuwzXReJPgZ8Pf2R/29vgB/woK0n8L6X8RItY07WN Pjup5ra4jtYFKFhO8jH5pFbG7G+NWADZJAP2H1jX9C8O2wvfEGo22mW5IUSXUyQoSe25yBmtC3ub e7gS6tJVmhlAZHRgysD0II4Ir+da68d+BvjV+1P8YvFv7RXwp8efGTTfCms3Ph7w9p3hzTZr7TNK trOWSFzMqXEOyeURq+3oWLsQTt2/Vv8AwTyuvGHhX45fEj4deF/AvjXwb8Fr+yTWNAtPF+m3FqdO vEkijuLaGWRpI9spmd1XzGZkjDH5g5IB+wVFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAH/9L9 /KKKKACiiigAooooAKKKKACiiigDnvF3h+Lxb4T1rwrPKYI9ZsrmyaQDcUW4iaMsBkZwGzjNfkpo f7FP7Wv/AAxp43/Y98Ta74RuNLIsV8L3kUt7G6+XrC6ldfbW+zNhWUERhEYhvlJK/MP2Mrn7bxZ4 VvNWl0C01myn1ODIktUuI2nTHXdGG3Dp3FAHzt8dPgd4s+Jv7JOr/AXQbuyg8QX+iWWmxz3MkqWY mtvJ3MzpG8mw+WcERk9MgV4d8Vv2MfHvif4e/BTW/ht4ps/DHxg+CmmWNnY6g6yS6bdeVaxQXEEv yeZ5LtGdrGIkozKyfOdv1D4t1v412vx58C6H4Xg0h/hxe2t+2vyXEgGppOkMhtRap5qllMgTfiNs Lu5HUevat4l8OaDLbQa5qtpp0l422BbmeOFpW9EDkFjz0GaAPzs0z4D/ALbHxk+K/g/xd+0p4z0L wv4T8EXQvY9H8FT38R1S4QqQLp5iD5TFRkF2+QsgRSxev0uqiNT01vtOLuE/Yxmf94v7oYzl+fl4 GeccVnXXivwvZTWdveaxZwS6jg2ySXEaNPnp5QLZf/gOaAPyb8Efss/8FBfgl4z+JOp/BPxV4Att F8eeIr7W9mqNfzXCC4ldowdtltVgjAMAWGehIr1L4cfsX/Gjxd8bPD/x7/bG+INn421XwXl9B0fS bYwabZ3GVYTkskRYqyhwPLDF1Qs5CBK/TBmCgsxwBySe1c7pnjHwjrWoS6To2uWN/fQDMkFvcxSy oB/eRGLD8RQB8n337OPje6/bs079p6O+04eFrTwo2hPbGWb+0DcmWR94j8nyvLw4583dnPy19p18 k6z+1Da6d+15o/7MUdlarbXfh2bXLnVJLkblmE7wR2qR8AN+7LMWYk5ACjGT9WQX1ldTTW9tcRzS 2xCyojhmjJ6BgDkE470AfEH7T37MHxG8d/E/wd+0d+z34jsvDXxP8FwSWCrqqSPpupadKzsba58o M6hfNlwVQk7+qsqOvC+GP2Yv2h/i/wDG/wAH/G79r/XdA+z/AA8ZrnQPDvhdbn7HHfsykXVxLdAu WUorBQzcqmCoDK36LrqOnvLcQJdRNLaAGZA6lowRkFxnK5HPNUovEfh6e9t9Ng1S1ku7uNpoYVnQ ySxqcM6KDllB4JAwKAPkT9mn9nHxv8Gvjd8e/iV4nvtOutM+Kes2uoaZHZyTPPDFA92zC5WSGNVY +euAjSDg8jjP2pWHqfifw1ol1b2Os6taWFzdnEMVxPHE8p9EVyC34VuUAFfgt+zboX7WcHx7/ac8 X/sz6r4bmgPj/WbLUtH8TrdC3dxeXDw3UElr8wkTcyspKhlxncQu395pJI4o2llYIiAlmY4AA6kk 9q8S+E3gr4FeDNd8ZXvwjaxXVfFupzazrotdQe8ea+ndmkmdHml8rLOflQIgzwooA+MdI/YZ+Iif s+fGfSPFXiex134yfG9RLq2pyGWLS4pInJt4ItsTSLDErPyIsnIUKFVa+tdE+A9lqf7K2i/s3/Ed o7qOPwnY+HdRks3Yp5tvZx27ywO6q3yyJvjLIDwCVHIr3mbVtLtnmiubyGJ7ZPNlV5FUxx/32BPC +54pmka3o2v2Y1HQb+31K1YkCa2lSaMkdQGQkfrQB+V+hfs+f8FF/A/wyk/Zv8J+PfBk/gqG2k02 x8R3UV8mvWumEGNYkiRWhWRYztj5covSXIUr6N4z/wCCeXhmX9mTwb8Evhn4hm0HxP8ADm+TW9E1 +VN0n9rh2lklmRDwkrtwBkxhY8b9mG/QO/8AEnh3Sr+10rVNUtbO9vf9RBNPHHLN/wBc0Yhm/AGv kz9j34/eN/jw3xY/4TWGyh/4QrxnqWgWP2OJ4t1nabfLMu+R90nPLDaD6CgD548Zfsz/ALan7T9n onw3/am8U+E9I+HemXcNzqcXhRbz+0NaNtygka5QJEpbn5QoDfN5Z2oB9D+Pv2cPFPiL9rn4M/HT w9cadZ+FfhtpurWF1aO8qXbfbbSa3gFtGsTRlVMi7t0iYAOATgH7Eu72zsIvPvp47eMkLukYIuT0 GSQMntVKLX9Cn1WXQYNRtpNTgUPJarMhnRD0ZowdwB9SKALl/ZW2pWNxp14nmW91G8Ui/wB5HBVh +INfi7Z/sS/t1eBPh14i/Zb+GvxC8Mn4P6693FFeX8c41a20+9Ym4twiQMuZQ7BgGYHLFXj3YH7J 2/iPw9d6tPoNrqlrNqdsu6W1SdGnjX1aMHco9yK8f8Ja38a7r49eOtE8TwaQnw3sbWxbQZLaQNqb 3Dwxm5F0nmMVUSF9mY1yu3k9SAaXw8+B/hP4ffArS/gDbtJf6DYaO2jyvMAHuI5Y2Sd2A4BlLsxA 4GcV8h/8E9/2K/Gn7Jlt42v/AIk6xp+u654klsre2nsJZ5li07T42WFGNxFEysS+CihlCogDHGB+ gY8WeFTrB8OjWbI6qvW0+0R/aB/2y3b/ANK1NQ1HT9Js5NQ1W6is7WEZeaZ1jjQdMszEAfjQB+bH xy/YS174q/to+Bv2h9P1Owt/CGltpl3r2nzSzC6u77R3la1kjiWJoZBtMcZ8yRSqh8Zzg/pnWZpG t6Nr9muoaDf2+pWrcCa2lSaM/RkJFadAHxZ8Jv2cfG/gT9r/AOMP7QGr32nTeHviDaadBYQQSzNe xNaQwxuZ0aFY1BMZ27JHyMZxX2nWJf8AiXw5pV/baVqmq2lne3vEEE08ccsvOPkRiGbn0Br5M/aI +P8A44+Ff7QXwA+F/huGyfR/idqGq2uqvcxO86R2SWrR+QyyKqEmZtxZWzxjHcAsa/8As9eM9V/b l8N/tNW97p6+F9H8HyeH5rZpJRftdNc3MwdIxEYjFtmUZMobIPy4wSQ/s9eM4/25bj9plr3T/wDh F5fB48Pi2Ekv2/7X9pWbeY/K8rytoxnzd2f4cc19W6V4j8P67JcRaJqdrqD2jbJlt50lMTf3XCE7 T7GptW1rRtAs21HXb+DTrROGmuZUhjH1ZyB+tAHxa37LXirUv2sviZ8aNX1Kzj8I+PPBY8LxxW8s o1KKZ/IWSQqYhEqhY22sJWbOPl64+cvg1+zZ/wAFA/gd8O3/AGd/AXivwLYeC4prr7L4jaC9k1q2 gvJXkkeO3AWFpwXLIJCwX7vmEBcfrRZXtlqNrHfafPHdW0w3JLE4dGHqrLkEfSs7VfEvhzQpre21 vVbTT5bxtsCXE8cTSt6IHILH2FAH5OeGP+Cfvxj8M/sO/FL9k5dd0K81LxPr8Wo6NqDTXSQG0jur GUi8H2ZmilKWjHbGJV3MBuwN1e3ftFfsd+NviBoXwr8d/B/WdP8ADfxj+FSWMNnqVy0y2VzbQoqz 207xRPI0RbcyAxkFWkRlAkYj0L9q74/+OPgp40+B3h7whDZS23xF8ZWGgakbuJ5HW0uZYkcwFZEC yYc4ZgwzjivsG51LTrOeG1u7qKCa5O2JHdVaQ5xhQSCxyR0oA/PD4pfsyftB2Hxssv2rP2dNc0HR viDq2k2+neKdE1Y3M2i6iYY0GY540Wb5PLREJjiJCK2UJdWufCb9m39pHxR8Utd+M37VHjyFbu+0 mfRtO8P+Erq8t9MsobmNo3nJkKkzKHcoSHIdg+/KoF+kPhF4k+Md5rPxGf4yrotlo2ma5cQ+HpNP mUudJV3ETXp819k+3buBCYOflFexzeKPDVtf2ulXGrWkV7eqGt4GnjWWZT0MaFtzD3ANAH5Taf8A s6f8FF/Bnw61v9nfw94z8GeKvA2qx3tpDrfiD7fLrENle7/MV12yRs/7xtocTKOAGC4A/QH9mn4H 6f8As4/BDwv8G9Ov21VPD8Moku3Ty/PnuZnuJnCZbYpkkbauThcDJPNe4zTRW8TzzuscUalmZiAq qBkkk8AAdTWFYeLfCmq2ovtL1qyvLZpfIEsNzHIhlP8AyzDKxG7j7vWgD5a+JX7PXjPxj+2L8IP2 hdMvdPi8O/D+w1e1v7eaSVb2V9QtZ4IjAixNGyhpVLb5EIAOATwfNvh3+zn+0P8ACL9r7x18UfBm seHr34YfE++gv9atrz7QurQtbwyhFtgkZiyJZScs+GTghSK/Q4kKCzHAHU18l/A39qC2+M3xp+Lv wwjsrbT7T4b3tjYWcy3Ilm1F51uGmlC4ACL5S7VXcQMktyAAD6U8XeH4vFvhPWvCs8pgj1myubJp ANxRbiJoywGRnAbOM1+XHww/YW+NWofsxeJP2Q/j7rmgTeD7RQ/hXU9GFzJqFrd/a5bszXMcyRI6 bpANgbO0sm7kMPoL9iL9qDWfjv8As96b8U/jBe6To2rahqd5ZIIT9jgcQOFRUWeVyWOecMc+lfcq srKGU5B5BHQigD8otf8A2ff+CiHxU+HSfs9/FDx54OsvBUqQ2ep6/psd7Lr2o2CMN0bJKiQh3QYk ICbuhZgX3ep/Gz9iS+vtD+FWt/s169D4N8c/BWBbTQbi/VprW6s/LEclveGNS37wBizrG27fICvz 5X7vt/E/hq71aTQLXVrSbU4RmS1SeNp0Hq0YO4dO4rcoA/MtP2Yv2nf2g/id4J8aftg654atfDHw +uxqdh4e8KLdGK81GJlMc13JdgnaCv3QzfJlAF3uT+mlfFnib9obxjoX7c/h79nUrYReDtR8Fy+I bmeWNhdJdJc3MXExkCLEFhUkFM5yd3p9f6Rrei+ILQahoN/b6lakkCW2lSaMkdRuQkZH1oA/L/w1 +zF+2J+y7rHinQf2SPEHhPVPh54mvpdQtdL8UreLPo1xccOLdrYEPGqqoBZjnAzHu3M21B+wf8Q/ En7LHxF+E3xS+Jdz4g8ffEm7i1S71KSSeXTrS6trhbqGC3hcgiAyKQ5VEJDcINiCvrv4D+JPjHqX hrxPqPx9XRbG8s9dvItObSplaD+yESL7O07ebIFm3GTeCRgbflHf2KbxR4atr+10q41a0ivb1Q1v A08ayzKehjQtuYe4BoA/KvWv2bv+CgnxV+B//DOnj7xV4G8KeFbPS0077Xo0N9Nf6itnEFtoZvMV IooZGRPOeNFbGdsZBKHstW/ZD/aQsvgX8E9P+Hnjux8N/E74ORmExR3N3J4f1WEEKqXA8pHb92i8 tAfvyJ0KuP04urq1sbaW8vZkt7eFS8kkjBERRySzHAAHcmvib9oT9pjX/h/8TfgL4Z+HFzperaH8 TfET6VqVwf8ASsQIYB/o8kUoVX/enJIbtx6gHlHhb9mT9pz4uftA+A/jx+1dqfhWwi+GqzvpWmeF o7kvPcTADdczXPzBAwDhQ7jjaFXcxPz5/wAFLPhhoHxn/aD+CfgrwDrix+M/Gj3Ph/V4bKRXlGhR zR3DyzhCSqQHzmCsPnw2PuEV+n/hXXvjTP8AHfx3pHiuHR4vhrp9pYvoU0EoOpNO8MbXX2tPNJVB IZNhKLlccnqeM8Bfs8/sq/BX4iap8YPCunadpPirxlPcu2oXN+8rSvdyeZOtqtxMyJvfJIiUHHy/ dwoAPpvRdG0zw7o1h4f0W3W00/TLeK1toU4WOGFAkaL7KoAFfIv7cP7Ovjj9o74YaDo3w01ay0jx T4S8Q2XiGwfUd/2WWWzSWPy5GjWRl/1u4HYwJUKcAlh9m9eRXOWnjHwjqCXclhrljcrYMFuDHcxO IWJwBIVY7Tk4wcUAfnv8Sv2Xv2lfHF/8Nv2jNC8S+HvDv7Qfgq0nsNQ8tbmTw7qdlJNKy277kMyK I5Wz+7JLO2CpVHWx4Y/Zi/aH+L/xv8H/ABu/a/13QPs/w8ZrnQPDvhdbn7HHfsykXVxLdAuWUorB QzcqmCoDK36RKysoZTkHkEdCK+StZ/ahtdO/a80f9mKOytVtrvw7NrlzqklyNyzCd4I7VI+AG/dl mLMScgBRjJAPqu/vbPTbOe/v5kt7e3RpJJJGCoiICzEk8AADJr8Xf2I/gfB+0P8A8Ev9V+Dl7enS l8T3+oeRdbPMEU1teRzwOUyNyiaFdwBBIyAa/Tr9oP4X/Bn4w+Af+EI+OrRf8I5LdQ3AWW/fT1ae HOz94kkZONx+Ukg8HGQCO2+GHgHwD8L/AAHo/gX4X6fBpfhjS4illBbu0kYR2Ls3mMzM7OzFmdmL MxJJJOaAPym8b/sn/wDBQz4yfAz/AIZ5+I/jjwVYeGtItLeCCexW9a71drHYbVL2V4dscSsiuzxx byyDKtkmvbPHv7MX7T/hu/8AhZ8Sf2evG+n2vinwP4Ys/Duq6HrE92+gaittAEaWNY1yHLZ5KIWC xtuQqQ319+0V8ZLX4A/BnxT8WbiyXVH8P2pnhsmnFv8AaZSwVYw5VscnJwpOAeK+Uvjt+15448E/ s5/BT4w+CIdLk1P4i634bsNShlV7iC3j1exlurhItkqssiMqhSxOB1BJzQBP8DP2Yvjhc/tI3X7V /wC01q2gHxVHpH9j6bpfhmKdbOCFiSZJ5bgCR5ArMoBL8N9/Cqof+yJ+zn+0P+zV4/8AGnhfUtY8 Pav8JNf1TUtbtDF9oXWkvLwxLGGUxiEII48Ou9vm+ZW6ivva18R+Hr7U7jRLLVLW41G1GZraOdHm jH+3GCWX8RV+9vrLTbWS+1G4jtbaEZeWVwiKPVmbAA+tAHin7THwUtf2ivgZ4t+DV3fnS/8AhI7e NYrrZ5ghuLaaO5gdkyNyiWJdwBBK5wa/N7xv+yf/AMFDPjJ8DP8Ahnn4j+OPBVh4a0i0t4IJ7Fb1 rvV2sdhtUvZXh2xxKyK7PHFvLIMq2Sa/YTSdZ0fXrJdS0O+g1G0fhZraVZoz9GQkH860qAPzn+KP 7MH7RMWj/Bzxj8BvHNpo3jn4XaLbaTd6bqE902gaokdssMhZI1zkHeFZogWVl5jKKapfC/8AZk/a H8ZftM6B+1L+1Lqnhq21Xwfp01ho+k+F47jyv9ISaNpLma5+c7VmfaoZwSQRswQ1j9vz9rj4k/s9 jwl4M+Bul2eueN/EKalqc1vdxPcLDpGk2zz3EnlpJE24hWZTuORE4Ck4r6t+EfxYf45/ALQviz4D +zrf+JNH+028cxYwQ6gEKPDKV+bbFcq0b45wpxQB8N+Gv2Yv2xP2XdY8U6D+yR4g8J6p8PPE19Lq FrpfilbxZ9GuLjhxbtbAh41VVALMc4GY925m+o/2SvgJ4/8Agh4U1y6+LXje58c+NfF1+2o6ncNN K9lbu2SILOOXGyMFmJIRN2QNoVVA+B/2iv2iP+Clv7MXw9HxL+IsPw7n0k3kNjt0+K/mm82cMVO2 SSMbfkOTu9OK+oPB99/wUd0zU7rUvi7P8OrXwzaadqM001g95HNHPHaStauXuCIliW4EZlLEAR7j QB7t+158DdS/aQ/Z48XfBzRdQh0rUtcjtntbi4DGBZrO6iukWTYCwRzFsZgCVDbgrYwflDTv2YP2 qPGniz9nfxr8YtU8Km/+Depao17/AGZNeD7Tp1xBZRWvlK9vta4DW8vm5MaYKFTkkL9TfsefE/x1 8Xv2bPCHxO+KX2aLxBrKX0ty1tGYLdoor2eKCSNWJwjwIjhs4YHd0Ne/6N4p8M+IzKvh7V7PVDbn EgtbiOfYfRtjHH40AfK37Tn7PXjP40/Ej4HeMPC17p9rZfDTxPHrWpJeSSpLNbo8LFbcRxSK0mIz w7IOnzV8/X37NH7Wnwb/AGjviN8ZP2ZtS8I6tpXxTkhnvrbxV9sWazni3EeW1quWjDuxGH5UhSmU Vq/UesXWPEfh7w6sL+INUtdMW4bZEbqdIRI/91d5GT7CgD87/wBnD9kv9oD4W/tVeJv2ifir4x0f xefHOhG01RrZJ7We3v8AzoGjitoDE0bWsMVusSO0quRyUBHO3+yJ+zn+0P8As1eP/GnhfUtY8Pav 8JNf1TUtbtDF9oXWkvLwxLGGUxiEII48Ou9vm+ZW6iv0FuL6ytFie6uI4VndY4y7hQ7t91VyeSew HJrPtvEnh281WbQrTVLWfUrYZltUnRp4x6tGCWH4igD57/bL+Cvin9oj9m3xh8HfBV1ZWWs+IPsH 2ebUHkjtV+y39vdP5jRRyuMpEwXCH5iM4GSPDf2iv2O/G3xA0L4V+O/g/rOn+G/jH8KksYbPUrlp lsrm2hRVntp3iieRoi25kBjIKtIjKBIxEP7Xv7S/xf8ABvxb+HH7PH7PUugW3inx0L6a41LXWdra xhs4/MwVjPysVV2JZW6ABctkdX8Y/jB8avhronwI+G8WoaXefE34ja/Y6dqlzawNJY/YoIzLqlxb RybW2xqU2kgHBzgHigDjvil+zJ+0HYfGyy/as/Z01zQdG+IOraTb6d4p0TVjczaLqJhjQZjnjRZv k8tEQmOIkIrZQl1bovgR8Bf2l5/jfeftC/tP+NrObUY7E2Gl+G/Dc12mi2sbghpJUm2+Y4DNgMHO W3F/lULL46+NH7Rvwz+Dfx8+JXi+z0FZfBt7eP4SFsftCyabHKVhN+iTlhNsK7lzGc5+UV9M/Bj4 gXXjb4F+APib4ultrO98S+HtJ1S8Zf3NutxfWkU0gQOx2rvchQWJxgZNAH5Jftw/B3wn8df25PhH 4J8E6wlxe+NrD7P4xtbKUFf7E0q6jvUe4KEjMoR1Td/FFF/s1+4sMMVvElvboscUShURQAqqowAA OAAOgr8vPCtl+zh+yh+194P+Enwg8FWGn33xSsdSv9W1+fUZriS2t7eGa5jtoFmdxGsssascMoK7 flY7Sv6j0AfBn7Y/7Onxl+K/jP4U/F34C6vo+n+LvhfeX00UGtiYWdxHfrCrZaFHbK+Tjbgbg5IZ SoB4rx9+zH+0lofxgsP2pfgD4g8PWHxF1vRbPTfGGjaqLptD1Oe3hjRpYJI185dpjRYwQh2oCXG5 1b0f9mj9pnX/AImeKfjnp/xMudL0jS/hv4zvvD+nTL/ooNrbyypGZ3mlZWkIQZI2gnOFr7bt7i3u 4I7q0lWaGUBkdGDKynoQRwRQB8CfBT9l/wCLt38fJP2p/wBqXxDper+NrKwOmaHpegJMulaTbSq4 lKtcASvIwkcc5xvclmyuz9Aa5q98Z+D9N1SLQ9R12wtdRmOI7aW6iSdyeyxswY/gK3bu8tNPtpL2 /nS2t4QWeSVgiIo7szYAH1oA/MPxT/wT91PXv25bH9omDVbKP4dyXdnr2o6MZJhcS69YQSRwTLCI jAUEhSVnaQNlpF24OT3/AO1l+zL8YvHvxi+HH7R/wB1bR4fGXw9juLddP8QLMdPuYZw4yDCrMrgS OD90nKsHVkGfu7RvEGg+I7Y3vh7UrbVLcHBktZknTPpuQkV8a/s0ftM6/wDEzxT8c9P+JlzpekaX 8N/Gd94f06Zf9FBtbeWVIzO80rK0hCDJG0E5wtAHzp40/ZO/bT+Mnxa+Fvx0+K3i3wgmo/DzXbS8 h8O6aL6HTobBJo5rl0uZI5pZLubykQqyCMBQQ46H6A0b9mDx7p37Rv7QHxen1DTG0b4raHZaZpcK yzG5hmtrCO1drpTCEVC6Ego8h29QDxX3Nb3FvdwR3VpKs0MoDI6MGVlPQgjgipqAPy30v9gPxZc/ sUeAfgNrHiS00j4lfDXUbnW9F1rTXlls4NRN/c3UGTJFFK0ZjmUN+7BVwGAYLhvOfjZ+yx/wUG/a i8O+H9B+LninwNpFl4W1C2vY7PS/7QRNSnhJRrm5keKTYyxs3loiBSWbKpwR+x1FAH5s/Gj9mj9o rR/2qh+1f+zTqXh281TUtGTRtS0vxP8AaRCI1KDfbvbgsNwjQnDIVIblw5Uc14O/ZK/aquP2uPA3 7V/xd8Y+G9bvtNtr2w1PS9PS7tbewspbeaGCHTS8UjTgPO8rmYxHcSAWzkfqXRQB+aei/snfG7wr +0t8UvEGnaj4e1f4N/G1j/wk1jeG5j1ZYWtZ4WitvLjMYO+dvmMmGTqFYA1wng/9nb/goT8AfBV3 8DPgb418H6x4GDzpo+qa4l5FrGlW9wxcqqwo8JKM7FMiUZ5AVcIP1nooA+f/ANmT4Kan8AvhHpnw /wBe8UX3jLWEeS6v9TvppZWluZsbhEJXdkiQAKi57Fj8zGvMv24f2dfHH7R3ww0HRvhpq1lpHinw l4hsvENg+o7/ALLLLZpLH5cjRrIy/wCt3A7GBKhTgEsPs2igD8+LP9nj9oLxd+0N8Cf2g/inf+HF 1H4f6XrVp4gg0yW6Cyz38N1DbmySWDDKFljMnmOhBDbdwAz6D8c/2evGfxN/aS+Bnxi0G90+30b4 ZT6tLqUNzJKt1ML6KJI/sypE6MQUO7e6YGMZr7GooA/NHxH+zJ+0v8Gvjh40+M37IOu+HZdO+I8o vNc8O+KFuhbDUMkm5t5LbLFnd3cgsgG4j5xtC+r/ALLXwC+NngPxb4w+MH7RPjkeJ/GfjEpH/Z2m zXA0TTLaPGEtoptoLEKg3eWCoXGWLMx+16KACiiigAooooAKKKKACiiigAooooAKKKKACiiigD// 0/38ooooAKKKKACiiigAooooAKKKKAPIfj/4f8eeLPgl458NfC+8Nh4s1PSLy30yYSeSy3MkRCBZ cjy2b7qvkbCQ2eK/nY0/Q/2WfB/gTw58M/2g/hp4x/Z/+J+lSWxXxxFFdXCS3kMitLchvMQkS4JU RxSCLOUf5fm/o8+MPw9k+K/ww8SfDqHWbvw9Nrtm9vFqNjI0Vxay8NHKjIysQrgFlDDcuVJANfmJ r37M3/BQ/wCIPwhH7L/j/wAWeBrjwM0dtZT6+0d9da1LY2siNH8kiCNpgEGSwVif+WufnoA6r4nX dtqH/BRb9lC/s9TXW7e58N69LHfptK3aPpd0yzrs+XEoO8beOeOK8v8A2UPgJ8MP24rr4pftGftH WEvi/U9R8S32h6ZaXE88EWl6bZJG0UcSQPHtcCUDnJG3d953J+sX/ZE8Q6L+0L+z14/8JajZf8Id 8GPDt5oM8V1LKNQnEmny2UDxIsTRNy6l90iYGcA8Cvl34beEPiBpHxK+LN5+wV8XPDMHhq81u6k8 R+H/ABTZXcL6FqwZkuZbZfKBZMjCscREKEJbywaAPIfgD4Dj+F/gT/goJ8O7fUZ9VtvDuj3Vlb3F zIZZ2todM1VYFkc9WSLah6D5eABxWp8H/wBhT4HeO/8Agn8fix45sLrWPHuoeGL7U7bV5r65Mll9 iil+wwQRiTyhDDHGi7CpyMjgbQtr9hX4Y+JviF4I/bL8L6b4oi8WXnjaW70G28STq0NpqOoy2t/H JcnYJSIjJco52BsIwKg5Ar9MPhX8DPFngf8AY+sf2fdWu7GXxFbeGrvRmuIJJWsjcTxSorB2iWTy wXGT5ecZ+U0AfnpfeKNB+IP/AATD+FepfHn4r3fgjRryWODU7iGCS91DXLaxubmBNNQJIshaWOJS zkOBsDOCobPxp+0JqvwA8OaZ4C+Jf7KXwc8Y/DLUfDviCwEfii/tLiy0+5jYORAsk1xMZZHKhskA lQwbIav0P8QfsA/Fy5/ZY+Cvw90HxHo1t8SfgxqkurWrSmefRbuR7x7kI5aFZOP3ZBaHHDoRhtwy P2g/2T/29f2s/BllY/FLxZ4I8OS+HruC+03RtJS/+xXV2vyPPe3MqSyI0cbP5Sxo6neQ2371AGH4 3/Z2+C/iH/gqtp+g6z4XhutP1fwe/ia7iaWYCXWPt0w+1EiQHd8i/KCE4+7Xs/7FH/J3v7YX/Ye0 T/0C+rqPjx+zp+0hqf7Tfg79p/4Car4cttX0/wAPr4f1XT9ca5+zmIzyzO8MkETM+fNIGQhUopw2 4qOb8Vfs0/tYfC79o3x18a/2U/EHheTS/ieLVtX0zxOt0Ft7q3Qos0ZtVJcKWd1O5ceYVKOAGoA8 4+HDo/7V37cJQhgNE04cc8jTJQR+BryT9gL9ln4R6f8AsyaB+2P4u0+613xvoKavrGmtLdTGG3i0 h7mCGBYFYIVDQmQZBYMRggDFfU/7PP7G3xq+GHir46eKviR4t0vxRqXxb0uCNLyHzoXGoPBN9p82 HyQkcCTTFIfLZyYlBKIfkH0b+yL8CNd+Bn7L/hf4F/ESWx1S/wBKi1KG9axeSS0ljvr24uAqNLHC 5HlzBWyi85xkYJAPw8+BNz8Gvip4C1X4k/tI/Av4ofGTxx44urya48Q6VpNxdafFEJWiji06aO7i UCLbg/J8jAxj5EAr9T/+CZ+sfFlvg1rvgn4paR4h02DwprM1roEniayms9Ql0WRVe3WQTD5zEdyn azKg2op2qK878F/s1/tz/sw6ZrPwv/Zk8VeEdc+Hl9dz3Gk/8JOt4uoaN9pYu6J5CtG6gnOW3hmy /lruZT9jfso/AnxP8Avhk/hzx34yvfHPijVbyXUdS1G7mlljE8wA8q2WVmKRIB7FmLMQMhVAPBv+ CjUfwqu/h54SsvjX8Rbrwf4OOsxzXuj6fbS3N74lWEA/YU8mWN0TBJZyrIrMjHDBM/lp8QdV+C/h r4w/A74hfswfCLxd8JfL8V6fYT6vqlnPYWOqW9zKgMEYluJvNJQNu4G5GYPn5a/Wr9s79mP4m/Gf xJ8Mfiz8F9Y02x8afCvUJr2ztdaWRtOu1naF2EhjV2VlMC4woyGPzKQrD52+Mf7J/wC3R+0bqPgz x18TPFfgvTNS8C6xZ6hp3h/TBfx6a6xuJJpp7uSOeb7QSiIiiNowpYhlJO4A5L4h/Azwl+0J/wAF S/EPgb4gm4ufC9l4Ks9UvtOhuJbeLUPs00EcMM5hZGaNZZllxkfMgrovg98PPDH7Ln/BSHX/AIXf CeO40rwP4l8CHXLjR0mluIUuobjYGjWRnYsPKbbliR5jKMKQB9haB+z14z0r9uTxL+0zcXunt4X1 nwfH4fhtlklN+t0lzbTF3jMQiEW2FhkSlskfLjJBd/s9+M5/25bP9plL3Tx4Xt/B58PtbGSX7ebs 3LzbxH5XleVtYDPm7s/w45oA+D/2Nf2YvhX+2d8L/E37SX7SNlL4u8YeP9Wv0S4e6mh/sy1tm8mG K1WF1VChBKkggKEUDAO71j/glH4bufBvhT41+ELy+fU7jQ/iBqVjJdytukuHtooomlcknLOV3E5O Sav+Hf2Zf2x/2bta8V+D/wBk/wASeFJvhv4qvZtQtIPE63bXeg3FyAJfs/kIUkQYGwPvU4G5M72f 2j9hT9mH4hfsveE/HPh74i6/Z+JbzxJ4juNWhvrVpjJNDLFGgkuVljTZM7IWdVaRQTw7daAPLP8A grnLLB+x3fzQO0cset6UyspwysJGIII5BB6Gvj/9uL9jr4efsx/CH4e/FD4N3WoaH8S7bxJYWF54 jF/dPe3s19DOZriQtKVWRpV35QLwWXBBr9NP26v2evGf7TvwCu/hX4CvdPsNWn1Cyu1l1OSWK38u 3YswLQxTPuIPHyY9SKP23P2evGf7Sfwu0HwT4GvdPsb7S/EenavK+oySxRG3tFlDqphimYufMG0F QDzlhQB+f/7VP7Lfwm/ZM1j4A/FH4JWdzo3iePxzpWlX1+15cTTalFdB3me58x2UtIY2D7QoZZGU jbgD1TwnpvijWf2+v2vtI8D3g07xHfeENIg0y6JKiC9l0m2W3lJHI2SFWz7V9W/tjfs9+M/2hdG+ HGneDL3T7KTwh4x0zxDdnUJJY1e0s0lWRIvKilJlJcbQwVTzlh35G0/ZO8YXf7SHx8+KGsa5Dp/h v4t6DYaPYSaZczx6vZSW9lDayTn92iRsrxl4ykrZ43AcigD8ZLHwp+zt8OvhxF8Lf2uPhJ4v+Fvx HiuHYfEGBLi9SS8FwZBcqwlRHXb8mIlmBwXVg/zV95ftm+AvGXjjw3+z/wDEHRtI1L9oX4R+GbPz dasNNnkS61h3t41t9RkS3y8pYAu21TtO9G2iQkbcv7Nv/BReX4Q3/wCy/qPjDwPrfga9tpdOPiDU Vv5tZOnSswKFGRozKqnCbgxXAxLkBh6n43/Y1+MvgTw78Ir39lfx+un+IfhPp7aa1lrclwukaxFI G8ySeCDzAsjNJIQNp4ZQHUxq1AHhX7Dmsfsk337Suo6l8Ar7XvhhreoaS9tqHw+1eB4oLmaImR7i NpJZhviABVAwdVDkKFZwP1T+N3ja7+GvwZ8d/EPT133fhnQtS1KEbd4MtpbSSpkdxuUZzxjrxXxV 8L/2ZP2h/GX7TOgftS/tS6p4attV8H6dNYaPpPheO48r/SEmjaS5mufnO1Zn2qGcEkEbMEN+hPif w5pHjDw3q3hHxBB9p0vW7Sexu4skeZb3MbRSpkcjcjEZFAH4+/s4/sFfBr9oj9l21+KHxeW58QfE z4m21zqs/iSa6nNzaXVw8ggaKNJFjIhwpKMpDHIPy7VXz/8Aa1/Z/wDEi+K/2Mv2dvHnji88S3TX mv6Xea7CjWN5PYl9P3KMyTEOLb9zvLsWxuYckV7j4b/Zq/4KBfBjwBefs8/Brxz4Rvvh87XMOmaz q0d5HrmmWV0zM8apEjwllLsUJ8znoUXaq9rY/sE634J1b9mC08CazZ3WjfBG61e61me/eWK7v5dU NvIz20cccqf6yNwEkkXYmxQzYJoA8J+M/wCzv8Lv2Q/2ov2a/Fn7PGnz+EW8WeIv7A1a3hvLmeG8 tJmt4yHFxJIeVdtwzhjtbG5Q1eOfE7x74T+MP7bPxQHx6+G/jf4ueFPhtJDo+h6D4X0+W+sbKUhh Nc3iRzwFXmaNjGckSDOeI0A/Uv8Aac/Z68Z/Gn4kfA7xh4WvdPtbL4aeJ49a1JLySVJZrdHhYrbi OKRWkxGeHZB0+avKfiP+zH+0D4A/aD139pD9kfX9DhvfGlvFF4i8P+JFuBYXctuoWO4iktgXEmBk DKbWLneyuUoA+V/2SvE+v/CD48/EJPhp8M/Hfgr4Iah4cu9Zj0vxVpd1bxWGsWCeawtpHeZFSaMO MGTe5Kg8RrWx+yF+x58Jf2tP2fp/2gf2jILjxj48+J9xqU8upy3U0Ulgtvcy2kSWqROsabDDvUFS oBEe3Yu2vrr9nr9nf482vxH8V/Gv9qXxpb69rniWx/syDw/ostyug2NodobbFNt3SFV2j5fl3OSz s+V8P8Jfsz/t0fs26NrXwk/Zk8X+Er/4eX93PcaTN4iS7GqaItyxd0jESSROFJJBYSbmy+xNxFAH zv8AtdeDvGf7J/wt/Zf0bxFr9z8U9Q8BeOYb20Zbdra5uoLWSOeCxRTJcszDb5UbZJxtAXgA+vfs FaXpf7THxU8aftLfH27fVPi94S1N9Kh8O3cJhg8KwIT5Qgt5CTvJEiiRgGV1cnMhZz20P/BPbxP4 V8HfALwr4Q8RWepXHw38b2/i/wAR32ovNDJfyedFLcfZUjjmy22MJGsjKCACzgk16748/ZZ+Iei/ tbeH/wBqP9n7UdL0ttUi+weNNL1GWe3h1S0BRRLCYIJh9oCAH5tq7442yd0mQD8/LD/khf8AwUH/ AOxy1n/0slra1D9hj4JP/wAE7z8bdWs7u/8AiS3gy38VLr819ctcpMlml3DAqmTyhFHEFgVdnCgE EMAw+pbb9ir4pQ/Db9qTwc2q6Mb343a/qGq6K4nufKt4Lud5UW8P2fcjgMAwjWUZ6E19Jah8DPFl 1+xSv7OEd3YjxKPAsPhj7QZJfsP22PTlszJv8oy+T5gyG8rdt52Z4oA/N34j+MPFvx++HH7G/wCz z4r128h0j4t2cd34puI3KT6jDpcEDrE03UtKd7P/ALexyCQKzf24v2QPg38AtV+C/jv4M6c/he31 Dxvoul6hpsNzPLbXbBnmt7lkmkf97CI5E3DqJDnnOfXfjp8EfCfgT4H/ALOPww8cfEW1+Hvxh8GS wW3hPXYoLi6019TgEKzW8sphASCZvKO6ZUBKjKsu9D86ftZ+H/2mNW+KvwD0P4+/EDw5ruu3fi/T Y9L8OeF4JliEJmTztSuXmCvu/wBWqgrsAZyhUB9wB/QPcQQ3UElrcLvimUo6+qsMEflX4y/sHfs+ /B3RP2u/2hdQ0vw1DBcfDTXbO28OuJZj/Z8N3DexTqgLkNvT5SX3H0xX7QV+eHw7/Zz/AGh/hF+1 946+KPgzWPD178MPiffQX+tW159oXVoWt4ZQi2wSMxZEspOWfDJwQpFAHwT/AME3v2HfgX8fP2cL vx58aNMufEd7faheWGnqb65gj022h2km3SGRFEjyszsWDA4XgZbdzvhb48/Ez4Vf8EtvGNtoOuXf 9qaR4wuvB2m3+9jcWlg3lSERSA5jIQyJGQfk3DZjC4/WH9hX9nrxn+zF8AbP4V+Pb3T9Q1a31C8u ml0ySWW3KXDhlAaaKF9wA5+THoTXhPw6/YB1F/2U/iJ+zj8XNWsvtHjDxJfa7Y32lNLcLZtL5DWr ss0cBZ0eE+Yg+UoSofnIAPzl8W/D74KWfweh0n4P/s6fGXw/8V9GiiudN8VtoV1FcPqkWGMs7x3b 7UlbOdkeUBygyOf31/Z98UeM/GnwR8D+KPiLp8+l+KdQ0m1fVLa5t3tZkvQgWfdC4Vo9zgsFIGAa /PvWfgX/AMFLvGfgC1+AviP4heENM8MIkVrdeKNOOoDX7iyhZdoI2onmlVAcr5ZcZBkOWLfp34G8 J23gTwZofgu0vLrUYtEs4LNbq9lae6uPJQIZZpG5aRyNzH1PGBxQB+Rv7TnwQ8NftA/8FPfAfgHx tLMfDi/D9L3UbWGV4Dew22oX5W2d4yrCNpShfByVU4IOGGpqnwx8MfsZ/t4/B6w+Bccuh+EvjFb6 lpus6FHNLLamaxjVorlUkdirBpUIP8IVwuA7CvX/ANpD9lj9o7xr+1d4a/ab+A3irQvD914U8Nx6 XBBq32mQXlyt1dSSwXEcURUWssNzgurmQOPlQHDrs/Cf9mn49eLv2hNO/ab/AGs9b0S41nwtZS2X hzQvDi3H9n2P2hWSW4d7nDtIyswwd+SQd4CKgAPhP4Vf8o5f2tf+x08R/wDorT62tQ/YY+CT/wDB O8/G3VrO7v8A4kt4Mt/FS6/NfXLXKTJZpdwwKpk8oRRxBYFXZwoBBDAMPqXwV+xV8UvDn7J/xx+B N9qujPr3xM8Qatq2mzxz3Js4oL9LVY1uHNuJFcGBtwSNwMjBPOPpLUPgZ4suv2KV/Zwju7EeJR4F h8MfaDJL9h+2x6ctmZN/lGXyfMGQ3lbtvOzPFAH5nazrfiH9qa//AGPv2bviRq93L4X8YeGf+Ei8 SBJGjk1eTT7WRoo5ZVIdiTbsXwwOZN/3lQjS/aF/ZU+Ff7Pn7Wf7M3iP4P2LeH9K8Q+K4YLzS0nl ltvtNtJAY7iNZXcq7IxR8HHyr0JOfo/xL+xH8TV+DvwQvPh74m0/QvjP8ELKO3sb4mWXSbtXjEdz bykxCUxSAYDeXnaXUr8+V5XV/wBl39tf4zfHL4UfGv45eJPB9na/DrWIbpdD0U3ywpbK6STzRvNH IXuZTGq7GYIFUYcHIoAx9D/5Pr/bH/7EvS//AEz29eL/ALFP7CfwO+N37F1l8RfilYXOu+JPEFtq sWn3kt7cqdJgsrm4t4I7WNJBGqrLG0xDIwZnIIK8V976b+y/4+s/2k/j58YpdQ0w6L8VPD9npOmQ iWb7VDPb2EVqzXKmHYqF4yQUdztxkA8V6H+yL8DPFnwC/Zc8M/BLxjd2N5rmjRanHNNYSSyWjG9v bm5j2PLFE5ASZQ2YxyDjIwSAfkVp/wAZPiVqn/BMv4R+BLbxDc2l/wDELxaPBc+pklpotIe4uAY/ MJyMIqRAZGYgVzjNekf8FA/2EPgH8E/2UdT+IHwg02fw1q/hk6fbXcqXk8h1a1ubuGBo7tZHKO3m sk4IUYZOABgDufFX7MXgn4H/APBPfSfgl+1J4ztPDF5Y+IGudM8Q6RFeX9vYarPLNLaSYEEcu0xl 45GKKAGOHB2tXz/+3vpP7WEf7OVlY/Hv4seFta0p7uxj0fT/AA5bym+8R3LOAktyzLGoWOPzJf3I MZcKCNxQqAfvf8PP+RA8M/8AYMsv/RKV+RXjf9nb4L+If+Cq2n6DrPheG60/V/B7+JruJpZgJdY+ 3TD7USJAd3yL8oITj7tfsJ4R0+40jwpoulXQ2z2VlbQSD0eOJVP6ivhH9oL9nP8AaH1H9qTwp+07 +zvq/h6K/wBO0L/hH9QsfEH2hYmt/tEsxkja3jkJLCXGPlKlFI3BiAAfN3wG+Dfgr9t34+fHH4q/ tGW0viqy8HeI7nwxoGjXE8sVrp9raMyl/LhdPndQme2/ex3MQV7z9k3Spv2d/wBtz4ofsk+EdQub j4cvoMPijSLC4le4/suV5bdJYYmdiQjm4bOeWCoWJbLN22t/szftNfBT42+Nvi5+yFrnhyfSPiTc fbta8PeKVuhbx6iSWe5tpLXLEu7u7AsmNxXDgJt9P/Zf/Zd8Z/DX4geM/j/8c/Elt4q+KnjpUtrm bT0aPTrGwi2bLW1WRVcr+7TLMBwiDGQzOAY3/BS/wL4T8X/sgeN9V8Sacl9d+F4F1HTZGZ1Ntdh1 h81QrAE+XI64YEc9M4r87/2ofg74P8F/8E8/2ftF+GliPDtz408UeE9SvJ4JJS76pqGhzpJdbnZi rkhT8pAGOAK/Z39o34UXHxy+BvjT4TWd8mm3PiXT5LaC4kUtHHMCHjLhedu9QGxyBkgE8V8Aax+y L+1l8Rf2cvhv8HPiPq/hIap8NPFmh39lcWc16sUuh6PZSWoSRjbEtdFnBGEVGXqVI5APEv22P2Sv g7+yP8MPA/xw+A1pe+HvG/hjxHpkLap9vuZp75ZhJ5rXAkdk3yMMsUVQQWTbsO0O/bQ8e6f8Qf24 NP8Ag98UfCXi34gfDfwJocWpv4Z8JWkl3Le6hc7SLm7jjlhJgjWVE3hvlYBB/rHz+h/7cn7PXjP9 pn4L2/w58CXun2GpRazY6iZNSklig8q137wGhimbcdwwNuPUiuM/aJ/Zf+K+sfGzQP2of2ZvEem6 B8Q9JsTpV/Z60kzaXq1huLCOZoA0ikZxwvzYQhkZASAfDnwDnm8C/tk+ENT/AGbfg58RPhv8N/Fs E+n+K9N8QaNdW+lrMI2a2u4iZbhI2VwoZnZdoyF4kYV+7lfnn8JvgP8AtWeKfjzp/wAev2ofGmnW kPh61lttL8L+FJ7xNMLShgZbsTFfMK7icHfuYISwVNh+yvizpnjvW/hl4o0X4YXVrY+K9R0+4ttN ub2SSK3t7mZCiTO8Ucrjy87xhDkgDpzQB+Hvh/8Aav8Ahbqf7dfxR+O3xG0jW/EegaFZv4Q8MrpW mPqVv5ETFLuVmBCr5nzso5ylwcivXP8AglN8XtG0/wAT/E79mWz+22+kaXqFxr/heLU4Wt7v+yri URyRvG5ypTML4BOWkkOcc1+g/wCxx+z237MXwA8PfCq+mt7vWbYzXeqXNqWaGe+uZC7sjOqMyouy NSyKSqDIBry744fsvfEHxJ+1f8LP2oPhBqGmadfeGUfTvEUGoSzwm+0tmI2w+TDMHl8qacDzNoBE Rz8vAB49/wAFiP8Ak0Jf+xi03/0Cev1Nuba2vLaWzvIkngnRo5I5FDI6MMMrKeCCDgg9a+Mf29f2 cfG/7UnwJHww+H99p2n6qNVtL7zdTkmit/KgWQMN0EMz7jvGBsx15FfalAHwR/wUU+F/xT+I/wCz FP4P+C9jLey2uoWU2oaRZSfZ5b/SLcP5tpDjA+95bBADkJhVJwp/Ob4R6v8AsZH9oH4bPoHh3xR+ y78SdFvo4pNOvobj7HrCyMiixmlnlJVZCDGXeKLfvIbLbCv63/ta/Azxr8efhjBoPw18Y3PgjxZo uoQappt7FNLHA81vuAhuhEctE27P3W2sqttYAqfkLxH+zD+2V+0x4j8C2P7VWseDNL8IeBtWh1Zl 8NRXb6jqE9vkAF7gBYkkB2sUZMfe8skLgA/VuWRYYnlbJVAWOBk4HPAHJr8UP2Of2cvhb+234G8W /tL/ALS1jN408R+M9Yvba1E11PAmmWFttSGG3W3kQIVycHsoUAfeLftlX5WaD+zH+2R+zPqni3w1 +yR4i8JXvw+8VahNqVpY+J0vFudEuLnAkFubdXWSNVVQC5bOAfLzuZwD5p/bH/Z78ZfAL9jv4Z/B ub4g3XiZovihpw0XUHha0udMtp7O9EECuJpCxgfLo4KYLYVVCitT9t39k34Pfsm/DTwH8bfgLY3X hzxp4Z8TaZC2pi9uJpr1JhIZGuBI7KXd1BYqqggshG04Hs+sf8E7fH0fwD8JfD/SvFVjrPjQfEO1 8d+JtU1FpoILqVYp0njthFDK2R5i7A4UM29yU3BR9Uftxfs9eM/2mPg1Z/DvwJe6fYalb61Yak0m pSSxQGG1371DQxTNvO4YG3HqRQB8O/tL/s5fBTxT/wAFI/g1oOv+FoLyw+Idjr17r8TSzgX9xaWN w8LuVkBUo0aEBCoOOQea+idE02x+IP8AwURXTdLiC+Hf2evBsNnbxrllt9V14YUAnPWwG31+WvWv iV+z34z8ZftifB/9oPTL3T4vDvw/sNYtb+3mklW9lfULWeCIwIsTRsA0oLb5EIAOATwb/wCy58F/ GHwuvfin44+Jj2reJ/iP4qvNXc2spljh01QI7C3LsqEmJN3bjdigD8u9M/5IL/wUF/7HPXP/AErk rhP2cvEf/DYfxG+EHwB/aHF34W+H/gzwjplz4c8Nyo8MPiq40y3S2e7mmbb5sbeVK8aKCPLVlVs+ Yz++/AT4baz8d/AP7bfgDwVd2kd14w8d6zb2N1cyOLQs9xI6s0kSStsKkHKo3UcV9J/GH9iPxX49 /Z1+D/h7wjrVjoHxk+DWnaLDpOtq8q2guLCCCG5jMohaUwO0XmRkw53KuVAZxQB88ftCfs2/A7xL /wAFJPhH4S1nwlazaN4x0HU7jVbRWliiuZdPs547Y7Y3XYIlhjCrHtXCjjrX7VIixosaDCqAAPQC vzZ+PX7On7U/jP4j/CL9or4Yar4V0/4leBtLudP1S0v3u5NIlkvImjle3dYRKyHzZMK6IwG07iQc /o9ZfbDZW51ERi78tPOERJjEmBu2FgCVznGQDjtQB+Ff7Ln7Jfwl/aK/aG/ad8Q/GfT5vEOl6J49 1m1sNNN3cW9rHPcXly09yy27xsZdgREO7AGcgnaV9J/Y5s2+Gmn/ALXHwL0vxnN4S8H/AA+1OZNH 1O8c3A0KC8ju98673TPlCJX+8MuNx5Y5+z/2WP2evGfwP8Z/G3xF4rvdPu7b4k+ML7xBpy2Uksjx Wt1LLIiXAkijCygOMhC65zhjXjlr+xB4v1cftS6V4p12xs9O+Ot3bz6TNZPNLPZi3M7qbuN44l++ 6bkjdwy7huHFAH5garoX7E2pfAHxF4e+HHw08b/FzxjBp1/cTfEC30q7gtjfxq8jX80k1z+6gRhu aNkOVBDZclj7P4t8N/Gz42/sMfs0eNE0HUvin4a8OXNxN4q8PWlzKl7q1raXJt7TJjzLJ5UcTodi s/zhuxYfSWh/s2/8FAtV+CMH7LfiTxX4G8MeBbXTP7Ek1fSoL251e505Y/KEIjkEUA81P3cr4V9r EjLZLWNI/Yo/aa8Jfs+/B/w/4E8e6d4f+JfwgvL+WJYbq8k0DVrW8unnEd0phjfcqtsyYWGC4z8w ZQDyD9kTWv2Pr79qrSNU+DY8Q/BLxe9hcWWoeB9UgkitNXfY5zvkllAeIEOqfISYwyoDv3Y/7Ln7 Jfwl/aK/aG/ad8Q/GfT5vEOl6J491m1sNNN3cW9rHPcXly09yy27xsZdgREO7AGcgnaV+p/C37Mn 7Tnxc/aB8B/Hj9q7U/CthF8NVnfStM8LR3Jee4mAG65mufmCBgHCh3HG0Ku5ifcf2WP2evGfwP8A Gfxt8ReK73T7u2+JPjC+8QactlJLI8VrdSyyIlwJIowsoDjIQuuc4Y0AfOX/AATg0yT4efED9ov4 DaRe3E/hLwB4ohTRra4laX7LDdm5LRqW5xiJM+rZY8sSf1Tr45/Zy/Z68Z/CH40fHb4jeJb3T7nT fifrNpqOmx2kkrzwxQfaNwuVkijVWPmrgIzjg8jjP2NQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQ AUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAf/1P38ooooAKKKKACiiigAorE1fxL4c0AxLr2q 2mmmb/Vi5njh3/7u8jP4VrwzRXESTwOskcgDKykFWU8ggjgg07EqSva5JRRRSKCiuQ+IHjTR/hv4 F8Q/EHxAxXTPDWn3Wo3O37xitYmlcL6sQuAO5r8k/gb8GfjF+3z4Xb9oX4+/E7xH4U8MeIbi4Oge GfC96NPgt7SCVog8zlHEhLIwBZN5ADl8MEAB+zdfHPxR/YE/ZN+MfjOf4geO/AkVxrt64ku57a7u 7IXTDq0yW00aMx/ifAdu7GvF/gp8M/2o/wBmv9o21+GkGt6z8U/gd4ispZl1LWbiOe+0G5jDFUea R1Z1ZgoKou0h9yopRt3tXxi/bv8A2b/gj4xl+HvivXbi/wDElogku7HSrKa/ltEIDbpzEpRMKQxU tuAwSuCMgH0f8Pfhx4G+E/hOy8DfDnRbfQNC08N5NrbLtRS5LMxJJZmYnLMxLE9Sa7WvCPCP7S/w V8e/B/V/jr4N8SRat4P0C0u7y/uII5DNapYwmedJbcqJUkWMbthUMQQVyCCfnC//AOCon7GNhd6d bt4zmnhv44ZHuYNOu5be1+0JvRLh1jO2TH3kUMyEEMAQQAD9BqK+FPFv/BSP9kLwd4vHhDUPGZuy ky28+oWNpPd6ZBK4DBXu4kaNiAct5ZcLyGIIIr1X4wftefs//AbVtK0f4o+J10iXW7CbUrOQQTTw zW8A5KPCrhmboijlyRtBzQB9LUV8q/BD9s74DftAeKb3wN4G1W6tvEllCbk6bqdlNYXMtuCP3sSz KA68gkA7gDkqBzVH4yftwfs8fA/xdL8PvFetXOoeKreJZptL0myn1C5gjdQ6mXylKRkqwYKzBtpD YwQSAfXFFfOvwf8A2q/gh8dfA2t/ED4ca6b/AE7w0jvqkUkEkN3Z7EaTEsDqG5VGKlcq2CASQQPJ /A3/AAUW/ZS+JHj3w58NvBnie51LWvFO1bRE0662CVydsUreX+7cgFjkbVHLstAH3FRXw98RP+Ci X7K/w18X6l4J1fxJc6lf6G5j1N9LsLi+trB1JDCeaFCgKkbWClirZUgEED6Mh+OPwkufhO/xzt/F NlJ4ES0a9bVlcmAQodrZAG/eHGwx7fM3/Jt3/LQB6rRX4g/tn/8ABQ74OfE39mnxToXwT8X6voXi 2SWwm0+TyLzSpru3jvYhM9rPhNw253LuDFc/LgHH7ReGJJJvDekzTMXke0gZmY5JJjUkknqTQBuU V+SHjr9uzTfDX/BQCw+GuoeINQg8AaPo82nXdjDp0zb/ABDJdPHvbZEZZY1QIFcExLyRzk19e/G3 9tn9nv4BeKIvA3jfXJ7rxNJGJm0vS7Sa/uoomG4NKsSlY8qdwDMGK/MBjmgD6yorxr4JftAfCT9o jwvJ4t+EfiCLW7K3k8m4Ta8NxbS9knglCyRk4JUlcMBlSRzXnn7asnxVX9mvxbB8FrLUNQ8V3X2K CCHSmZL1reW8hW7ELoCyMbcyDevKAlhyBQB9UUV+fn7P2t/ErQvi98YvFfxl0fU/C3g3S9L0VtJv tVvpm06106zst1zCgmOxmhk8ySe5cmRiTuIA5rT/APBUT9kGC+ijOv6m2kyzG3GrjR70advBwf3p jDEe4Q8c0AfoZRX5pftq/ELWIPiB+ypfeA/EdzBo3inx1pglfT7qSO31CxuJLdlWTymCzROjZAbK kH3r6J+O/wC2R8B/2ddc07wn8QtXuJPEOqRefDpmnWkt9d+RkjzXSIEImVONxBbB2g4OAD6kor45 8Iftc/AD9pCz8S/D/wCEniO81rV/+Ecu9SkjsLSaK7it2/0ciPzljUXKyOoWNmU5Kn7pzXyr+zL8 BP2hvCnxH+Auq+NbrxCIPC/hvXpPEY1C+82zLajeXj6bbviVjNeolwDMCpWJY0AbOAAD9cKK+RvF P7Quk/E7wF8dPCf7Pl3dal8Q/hrY6hp7wRWsqSw6wYrmO2WAyKFlbzoG27cgkDsRn5j/AGeNR+Of h74p+FNV+KvhXxHo/gvw78NFaae/vru4htNWSZpb9rkPzc3U6qpHmf6pV2oPQA/VWivz11P/AIKi /sb6dZWF/D4ru9RhvY1mkNppt1N9jjZ2jU3WIx5TFlPyHL4IO3DAn65i+Nfwpm+FSfG9fE9mPAr2 gvRqzPtt/IJ25O4Bg2/5NhG/f8m3dxQB6jRXwf4M/wCCk37JXjbxRYeFrPxPc6Y+ry+TYXmp6fc2 VjdvnGEuJUCLzxmTYM4HUgV7J8Zf2r/gR+z/AOIdP8NfFzxIPD93qljc6hbmSCaSN4bXO8Bo0bMh IwkYy7nAUEmgD6Mor5F+CP7cf7Ov7QHjGf4feAtdnj8SRRvNHYajZzWU1xFGNzPD5qgPhfm2537f m24BIvfG79tL9n74A+JIPBXjnXJrnxNPGJv7K0u1lv7yOIjIeVIVIjBX5gHIJXkAjmgD6sor4f8A Hfxe8D/tXfso+PtQ/Z51y/168nspLWGLRgbfV4L/AHKYominMLwksBuZsDy9zKWxXCfsvfBj40eB fj3ca/44vdXuNF074feHdDvDf3fnWVx4ght7UXUlivmOZERYP3k7qpaV3AyASQD9G6KxPEviLSPC HhzVfFniCcWul6LaT3t3MeRHb20Zlkc/7qqTX5m/s5/G+y8L/Bzxl+3p+0RqN/Y2HxE1VVsrdI57 qHSdEt5zZ2EKW8W7aZJMmSQKPMLIx5OSAffnxc+C3wv+O/hNvBHxa8PweItHMgmWKYujxSqCokil iZJI3AYjcjA4JHQkV5N8Fv2Jv2Zf2f8AXx4t+GHguKw11UeNL+4uLi9uI0kGGEbXMkgjyvy5QKSu QSQTnsvjR+0r8HfgD4H0r4jfEzWzY6DrdxDbWc8MEtyZpJ4nmQqkKs20xoWLYwOM8kZ2vib8dPhr 8Io/CsnjXUmhPjXVLbR9JS3hkunuru7/ANUqrCrHaeMuflGRzyKAPXqK/E74H/twfDv4GfEj9orT vjt4w1K+uf8AhYWsw6NpwFzqU8VlbTzBlgjG5YIIwAAMovGFzg4+2vGX7QXwP+Pf7KHjj4h+CPiH d6P4YhtJYL3WdMinTUtKdCpY+RhJ1kAIIAxuU5UlTmgD7Xor5u8P/Fn4V/CD9mPwb8SPGnjR5vCF p4f0gx67qay/atQjltYhDPJFh5nuLgEOyAM+4nIODXDfCH9vb9mn41+OIfhx4S1+4tPEN6pksrbU 7KexN6gBbdbtKoVsqCwUkMRkhTg4APsqivxO+B/7cHw7+BnxI/aK0747eMNSvrn/AIWFrMOjacBc 6lPFZW08wZYIxuWCCMAADKLxhc4OP1S+Cfx5+FX7Q/g4eOvhJria3paytby/I8M0E6AExzQyqro2 CCMjDAhlJBBoA9for43/AG7b/wAI6d+z/eXPjf4g6v8ADLS/7Qsg2s6JHNLeI5c7Ygtuyvtk6Nzj 1rrfjv8AtefA79nXVdM8OfEPVp38QaxE09rpWnWkt9eyQqSDKY4lOxMqQC5XcQ23O1sAH03RXgnw G/aa+DH7Smk6hqvwk14ao2kSJFfWssMltd2ryZ2ebDKqsA21trDKkqwBypAwf2vvjbF8AP2fvFvj 6G7ksdXFlc22kTR2zXQTVJLeVrUugV1CCRAWZxsH8XFAH0zRX4F/F39qzXPiN/wTNsfFHhfxdrMX jjQbzRLTXNSQ3NhcPdTs7SbJ1EYkRgOTGSvQelfoFpv/AAUs/Y91TxzB4Fg8Zskl3c/ZINRls7iP TJp9+wqt0yBNoYj94cR4IO/HNAH3lRXjHxu/aD+Ef7O3hqHxV8W9fj0W0u5PJtYwjz3N1KMZSCCI NI5GRuIXCggsQDXn/wAD/wBsz4BftBeILrwf4D1uaDxJZx+c+lanay2F40Q6vHHMoEgA5OwsVGCw ANAHu/j3wB4L+KPhPUPAvxB0e313QdUQJcWlyu6NwpDKeMFWVgGVlIZSAQQRmvmT4Y/8E/f2SPhD 4stfHHgrwFFHrWnyia0nu7u7vvszj7rRJczSIrKeVbaWB5ByBj6u8UeI9N8H+GdW8W60ZBp+iWk9 9cmKNpZBDbRmWQpGgLO21ThVBJPA5ryO0/aW+Dt78B2/aUt9aLeAFtpLs3pglD+XFMbdh5JXzN/m qU27cluKAPeaK8Gm/aX+Dtv8Bh+0rLrRHgA2y3QvvIl37HmFuo8nb5m/zSE27c7uK4/4q/tofs+/ BrQfDWteN9elhuPGFnDfaXpsFpNPqVxb3Chkc2qLvjBzj94F+YFfvAgAH1TRXzv8CP2qfgh+0fDq K/C3XvteoaPj7dp11DJaX1sCcbngmCsUzxvXcobjOeK8T8Nf8FK/2RPGHinwv4O8OeKrm+1TxdOl raRx6bdkpPNMYIo5gI8o0jj5Rg/KQzbVIJAPvSivgzxj/wAFJ/2TvBXijU/DGoeIr2+GiXBtb++s NNuruwtZ1O0o1xGhViCMZj3Anoa8i/4KEftmWfw8/Z68O658EfFrw6n49lim03U7CAzxyaZGwF0U nKMkMnzKoztkB3BcMpwAfqhRXnvws+J/hL4yeBtO+IvgaWebRdUMwge5t5bWUmCV4X3RTKrr86HG RyORwa/Nr9ob9onR/gP/AMFEvDGpfEjxfdaF4Bg+HbXFxaebO9rLeSX17HGy2kW4STttVQQhbCjk BcgA/WeivlP4D/tpfs/ftHavqPhn4a65NJr+lxNPNpl7ay2d2YVbaXjSUASAHG4IxK5G4DIz6X8E /jv8Nf2hPClz4y+F2oyahp1lezadcedBLbTQ3UCqzxvFMqupCup5HQ0Aew0V8m6x+23+ztoWi+Mf Eeo6/Oul+A9aj8PatdLZXDQxajK7oIkcJiQKUO5kyqjBJwRnjdA/4KMfso+JPHFh4H0/xPcRtq10 bKx1KewuYdLu7kP5flxXboEPzcBzhDkfNyKAPuSivB/jr+0v8Gf2cNKsdT+LGvrpkmqyGKxs4opL m8u3XG4Q28Ks5C5ALEBQSASCQDg/An9rj4F/tF32o6H8ONbkOu6Snm3elX9vLZX8UeQPM8mZVLoC wDMhYKSAxG4ZAPpaivg7xn/wUo/ZG8BeItQ8J+IvFVwmraRrF3ot5bxafdSyQXNi/lzOwWMkxB/l V1zvIOwNtOPlD4bftl+C/gn+0/8AtLWfxn8U6td2txrWkQeHtIVLu/mCpFdvcLa2o3eSqgx+Zwgz tB5wKAP2gorxb4H/ALQnwj/aL8MTeLPhJryaxaWkvkXURR4Lm1l6hJoJQsiZwdpI2tg7ScGvnHxR /wAFLv2RfCviW98O3Hii61FNLl8i91DT9OurzT7eTOMNcRIVYZ4zHvB7GgD73or8wv2/vixLd/CD 4K+OPhH4slXS/EfxA0KNb7SLx447yzmhuy0bPCw3xsVG5G4yuGGRx9i/HX9pf4M/s4aVY6n8WNfX TJNVkMVjZxRSXN5duuNwht4VZyFyAWICgkAkEgEA94rh/iT8OvCfxa8Dax8OPHVq97oOuw+Rdwxz SW7PHuDYEkTK68qM4PI4OQSK8h+BP7XHwL/aLvtR0P4ca3Idd0lPNu9Kv7eWyv4o8geZ5MyqXQFg GZCwUkBiNwz7f42e2i8Ga9JeXsum26afdGS6gBMsCCJt0qBedyD5lxzkcUAcb8GPgb8Lf2fPBo8B fCTQ00LRjO91JGJJJpJriQKryyyzM8jsQqjJbhQFGAAB6zX5/wDwW/aB+BnwP/ZN+HHjHxN8StS8 U+FNe1S40ex8S61BcC6urq4vLx/9KEm54o4vJkj8yQ7VSMHIBFbHg/8A4KO/sl+OPH2n/DzRvFU8 d7rM622n3N1YXNtZXkzNsVIp5UUfM3yqXCqSQASSBQB90UUV+SHh79uzTbz/AIKD678MdV8QagfA 8enR6Bpenpp0wQeIZL63hkklCxbyu4OqzOfLVT8pAYkgH630V+J3wP8A24Ph38DPiR+0Vp3x28Ya lfXP/CwtZh0bTgLnUp4rK2nmDLBGNywQRgAAZReMLnBx+p3wY+Pvwm/aB8FN4/8AhVr8Wr6PDI8M 7FXgltpYwGZJ4pQrxkAhhuGCpDKSpBoA9jor4G1T/gpl+yBpfiGfRG8V3N3aWlx9ln1a1066uNLi mzgKbqOMqwPZ0DKRyGI5r7n0bWNJ8Q6TZa9oN5DqOm6jDHcW1zbussM0MqhkkjdSVZWUggg4IoA0 qK/Kr9rH46WnwT/bn+Bus+NfFtz4d8BQ6J4gudWiE84s5mW0uVhMttFkTSebsEY2MxfaF5xX018D f25f2cf2hfFs3gL4feIJl8RxxvNHYahaTWU08MY3M8PmqFfCnftB37csV2gkAH13RXxH8FvFPw70 b40ftFawfibqWtnRLnTrjW9P1YSw6d4bjjiunxayTMYzHIqu0hTAHlrntXNaV/wU6/ZA1TW7XSm8 T3lhZX832e21W80y7t9NmcNtOLh4wFUHqzhVUcsQM4AP0Bor8of2wP22bf4P/tQ/CT4eWev32neH LC5ubvxbBbWMkv2iGW3iaxWORY2aZfncukJPON44FfXvxf8A2x/gD8DtL0C+8e69JFd+KbeO70zT ba1mudRuIJRlH+zRqXRT0zJtG4FeoIAB9Q0V87/Af9qj4I/tIRagnws177XqGkEfbdOuoZLS+tgT jc8EwVimeN67lB4JzxXiN3/wUu/ZEtPEVl4V/wCEpup9UvNQl00wQ6bdyvFcRSeV+8VY92Hk+VNo Yt1AxzQB97UV498E/jv8Nf2hPClz4y+F2oyahp1lezadcedBLbTQ3UCqzxvFMqupCup5HQ1L8M/j j8OPi/rXjDQvAN/JqM/gXUW0nVHMEscKXiFg8ccrqEl2lDuKEgcdiMgHrlFeSfGf46fCv9n3wg3j j4ta9FoWlmQQxFleWWeYgsIoYYw0kjkAnCqcAEnABNePfBj9uX9nT46eLR4A8Ia7PY+JpYzLBp2q 2c2n3FzGoLFoPOULJ8oLbVYttBbbgEgA+vKK/n5+O/x98BftD/trr8NvFfxG8Y+FfhpoWmLZwW/h 5Luzmn14XQhbzEELnZlz++ZCoCAKw3c/up4k8RaB8L/Ad/4m12WcaP4ZsGnuJFR7mfyLWPLNtQM8 j7V6AEk+9AHZUV+M/wCyn+2Ja/HX4K/HXw78U/G+q2niCOPxRqq6nbWM0Z0rw9FZwxJLatCiIstv uMiQqwlLfMeSWr6z8CftH/Aj4Ffs+fCjUfGnxDvNW0LxRCLTTfEGrQTia9ZdzmW7Lhmi46mQ9utA H3LRXwj4O/4KUfsd+M9W1DSLXxv/AGU1hbS3iy6pZ3FjDc28Cb3eB5kXedoJWMgSPj5Eaus+C/7d v7N/x58eN8NfAWu3H/CQPE89rb31lPZG8hjXez25mUbsJ8207WKgsFIBIAPsKivlP43ftpfs/fAH xJB4K8c65Nc+Jp4xN/ZWl2st/eRxEZDypCpEYK/MA5BK8gEc12Xw0+MHwW/at+HGq3nw71xdd0O+ jm06/jTzbW7tzMhR45Y2CTQuVJKtgZ+8hPWgD3qivgH9hj4keJ1Xx/8AswfEjUJdU8VfBbVP7Ohv bgkz3+iT7n064kJ+8/lja3ovl5JJJP39QAUUUUAFFFFABRRRQAUUUUAf/9X9/KKKKACiiigAoooo A/ID433Wt3XxW8SnXi5mivJY4g+flt1b9wFB/hMe0j1znvX2f+yFda3P8Pr+HUC7WEF6y2ZfOACg Mipn+EMc8cZJ96978TfDjwL4xuY73xNottqFxCAqyOuH2jkKWXBI9jxXUadpun6RYw6bpVtHaWlu u2OKJQiIo7BRwK7KuJUoKNj57A5LOliZV3O6d/x7l2iiiuM+hPA/2p/Bur/EL9m74meC/D8bTapq 3h/UYrWJM7pZ/IZo4xjnLsAv414D/wAEzfiD4f8AHP7Hngew0q5ibUPC8U2lajbIQJLaeCaTYJF6 gyRFJAe+71zX31X59fEH/gnJ8IfE3jzU/iZ8OfE/ib4UeINaZnv38Kaj9gguXc5d3i2NtLHJIRlU kklSSTQB7H43/ar8FeDv2jfBf7M1tp13rvijxdBNcSmxaJk02KNTIr3Qd1KqyJI/GWCqCFO5a+RP +CVVppd54Y+MXirWlik+IF7451OLW5mx9qCKsbxI2fmEfmtMV9W3f3ePqr9nT9jD4Ofs1alqnijw r/aHiDxbrYZb3XtcuReajMjMHZA4VEVSwBbagZsDezbRji/iR+wR8N/GfxI1X4seCfGHiv4XeI/E WBrEvhPVP7Pj1HJyzzIUf526kqQpb5ypcliAfBFpb6VoXxW/4KDeGPh6iReD4/Bt5PNDb8W0Wqtp UxnUKvyK3ntcggYwVIx8uB6d4V8DeFbD/gjnf2tvpsKpe+E7zVpyEAaW+8xpxO56s6siYJ5AVV6A CvuzwJ+x/wDBr4bfBPxX8DPCFtd2ml+N7O+s9Y1Jpll1W7OoQvBJNJcOhUyKkh8vKbFPOzls79p+ zX4Fs/2bm/ZdivtSPhVtIk0X7SZYf7Q+zyggt5nk+V5nzHB8rb/s0Afnz4w8H+GtM/4I3wWNlp8M UMnhHTNTYBFGbyeaC5eY8ffMjE7utcBe6Z4V8R/tNfsLWvjtYrmzk8CwzotzgxyXsWm+ba7t3Bb7 QqFR3cKO9fqJrH7NPgTW/wBm2P8AZcur7Uk8Kx6RbaKLlJYRqH2e12bG8wwmLzD5Y3HytvXCivzW /ab/AGe/BXi39sL9mD9nnU7nUU8OWPhXU9Phu7e4EGoxf2TYzPaTrPGgVZkkgjkyE2lh93adtAHs f7b1tYWf7WX7KGs+GkiTxlP4lltpGQ7Zn0fdCLoSFfmKKjybc8fM+OrVwvhP4mfEbxR+0P8AGRf2 GvhN4fS+tdWGn+KfFnijUrt47zULdpUxHbxy70iVhJtEPysoViq/Ko+vfgp+xR4A+EPxDm+LuteJ /EXxI8bfZjZ2ureKr4ahcWVscgpbnYuwkEgscnBYLtDMDxXiv/gnp8P9W+JfiT4meA/iB4z+Gt14 zma41u08MasLG2vZnZneRgYnYM7uzHJYAs20Lk0AfEX7Ji+Lbf40ftm23ju70m78RnSVbU5NCWRN Na9EN153kLLh/lcsrFhkvuJ617//AME9fCVh4c/4J1WPjDwlpkH/AAlOoWniPUo7hYlE738M93a2 7CQAtuCRIgIOQOBX0T8Jf2Dvgn8Edc8X6x8O7rWbGHxtoo0XULKW7S4tyu0K10hliaYXLHcxZpWT c7YjAwB7r8Bvgt4W/Z5+FGhfB3wVdXl7o3h8XIt5tQeOS6b7Vcy3T+Y0UcSHDysBhB8uAcnJIB+N H/BPzTP2zpP2arW6+Adr8Lrvw5rN7qDXz6+NVfVp7rzWSRb/AOzHymbZt2D/AJ4lCeSa8C8UeDtT 8DfspJ4U8Q+LfC/iLwNqXxh0+XVl8K31xcafpttPBKbi0PnxxmKFWRWUbmx8rbiTk/rB4o/4Jt/C y/8AEOv6x8OvHPjL4ZWHiuVpdW0nw1qwtNNumfJc+Q0b7dxJ4JKAEqqKvFe8aD+yB8A/D3wDuv2a 7Lw4sngq/R/tMUrl7ie4kwTdPN977QGVWVxjZtUKAqhQAfJ3/BWfw54DH7F11PeWtrb3Oi6hpa6C EVE8qR5VieKDGMKbXzDsXjaucfKCP0s8Kf8AIr6P/wBedv8A+i1r839T/wCCVfwh8UeHV8KePPiP 498T6Vp8aw6Pb32sxyx6RGrof9Eie3aJWKJ5R3IV8skBQwVl/TTT7KLTbC206Alo7WJIlLcsVRQo zjHOB6UAfmdrpA/4K3eHM8Z+GT49/wDT7mue/wCCeFppeofHD9qPxJ4iWKbx5H42u7S5kfBni05Z pvISPOWWFmRgMcMEXOdq4+nvj1+xj8Pvjz8SfDvxdvPEfiHwf4t8OWwsYr/w/epaSy2gkeURSb4p eA0j8rtyGIbcMAZHxd/YZ+HPxN+JM/xj8M+KPEvwz8bX8It77UvCuo/2e99GoVQLhSjgkKgGV25w C24gUAfO3wUt9K0L/gqp8Z9E8BokGi3vhO1vNZht/ltxq/m2ZVmVfl81llkY99zyHqWz+r9fPX7P v7Mfwt/Zs0jVLHwDDdXeo69cG61TV9Un+16nfzckNPcbV3AEkhQAuWZsbmYn6FoA+Y/2yfGfwz8B fs1eOPEfxe0eXxF4WS1jhudMgnktpL57iaOKGATRMjorysu9geE3HDDKn8u/jPqn7Xut/sTa2upe CPAnww+Dlv4dgNvp01zd32rCx2xmzihZWaETMTHtaUK+85b5siv2b+LPwr8F/G34d618LviDZm+0 HXoliuI1cxuCjrJHIjj7rxyKrqeeQMgjIr4esv8AgmN8K7rw/H4M8ffETx3428L2MD2+m6Pqmt7r CwzGYopYYYokXzYAcxZ+RcAFCvFAHyJ4qkaT4Sf8E8WZtxHiPw6OfRWtQB+GK+jf2Pk03Uv26P2q tU8XRRnxnZ6hp0FgZv8AXpo+2VVMO7kIyLbF8cfc7EZ+kE/Yn+GP/CKfB3wjca5rtxa/BHU4tV0W WSe186eWCYSxx3hW1CvEu0IBGsTbQMtnmvgn9rHxN+zSf2pdWtf2ltO8S/BnVtNs4BonjvwzeXKt rto0al4pFt7SXa0RJiyA54KsygICAen/AAR0/wAGab/wVh+M8HguOCJJPB8Mt+lvgRjUJJtPafhe A7EhpO+8tn5s1+tdfix/wTg+F3h2T9on4m/HP4TaHqmm/C2fS4dE0e/1ppWvNYuWkgnu7wmb5zvk iLE4C/OAAGDKv7T0AZGneH9B0e6vb7SNNtrG51J/NupYIUie4kyTulZQC7ZYnLZPJ9a5f4sf8ks8 Zf8AYG1H/wBJpK4L4R/s7+Efg143+Ivj3w7q2q6hffEzUV1PUIdQnimt7aVZJ5AloqRRtHHm4YYd nOAvPBz7J4h0W18S6Bqfh2/Z0ttVtprSVoyA4SdDGxUkEBgDxkEZ7GgD81v+Ca/gTwpJ/wAE99Ij l02CRfF8WvPqgaNT9qP2y6s8S5HzDyYlTBzwMV+Zi3Bn/wCCZXwN0rxBOYvCF58Svs+tEsVUWRnu 3ZXYEYj+8x9GCnOa/oO+B/wN8JfAL4O6R8EvB13fXmhaKl3HDNfyRSXbC9uJbmTe8UUSEh5mC4jG ABnJyT5p4M/Yw+CvhL9nSb9l29gvPEvgm4eeRxqkyNd+ZNN54dZbaOAK0cmCjKoIwM55yAeWf8FI PDfw7H7EHjS21iztLey0W1s20dVREW3uknijtltgMbcg7MJ/yzLD7ua+QLnSX+IP7U37DEXxItv7 QvLnwOdQvEuh5jNe2ulPdq8gfJLrPGrnPO4V9W6D/wAE1PhJa3uiQ+OfG/jP4geGvDE0c2l+HvEG ri60i2MQwim3WJAyqOAvC7flYMpIr6c8Ufs7+B/Ffxz8CftAX11f2+v/AA9tL2z062gkhSxeK+hk gk86MxNISqyts2SIAQMgjggHxf8AtU6dZWX/AAUG/ZT161hWLUL069bTTKAHkhht1KIzDkqvnSYB /vH1NfK/7Og/aw1P9qP9pfxF8D4vAlx4ji8VXNnqL+LzqL38NnHczraR2ptOlsUQLz12J2Va/Xz4 h/s9+C/iX8Wvh38ZNdvdQg1r4ZveyabDbSRLazG/RUk+0q8TuwAQbdjpg5zmvIPjF+w18N/in8R5 fjF4c8TeJPhp45u4Bb3mq+FtQNhLexqqoBcAo+4hVC5UoTgbt2BgA+b/ANj3wL8TPDP7Z/xZ8R/E fxN4DGua/o8L614d8HXV4Wgv4pLfybqW1uYxt3RvIZHMhbzJc7fnbH6y18z/ALOX7KPwu/ZlstYP gpr7V9c8RzCfVda1i4F3qV64JI8yUKg2gsxwqjJJLFjzX0xQB8j/ALekuoQ/sdfFl9MJEx0OdWwc fumKrN07eWWzXA+APhNpPxg/4JveFvhRaBXXxH8P9PigLY2pfvYxzROe3yXQDH3FfZ/jbwlo/j/w brvgXxAhl0vxFY3On3SjGTBdRNFJjORnaxx718U/sB6rrHgzwP4g/ZX8dyg+LvgzqEmnkkFftmj3 bNcadexg/wDLOSNigA5UIA3JoA/JmxvNX/bw8FfCH9nqF5X1H4W+AfEd9qsKkhxqliraZpUc3feH it5GB5KykHrXvf7LXxDf9sT43/s52Nw5u9N+BvgyXU9W3dDrayf2bEJP+mmIYLlP+BY4zn9RPgp+ yF8J/gJ8T/H3xY8DtfvrHxDnae8iupIXtrXzJ5Lh47RI4Y2SNpHyVd5OFUAjByn7Ov7IXwm/Zh1n xprnw3a/kuPHN2l1di+khkW3WN5XSC2EUMRSJTM2AxdjxljigD5G/wCCefhbQ/8Ahff7WPjN7SN9 Xb4gapYLcMgMiWy3lzK0asRkK7sCwBwxVc9BXyvLYWWjeC/+CiGi6VClrYW+o28kUEahY0aaS6Z9 qjgZPYV+x/wb/Z68F/A/XviD4i8J3moXdz8SddufEGoreyRSJFdXLu7pbiOKMrEC5wHLtjGWNecX P7FfwsurP40WMmqayI/jpLFNrZE9vm3aIyFfsX+j/IP3hz5ol7fiAfnX8TotN1fQ/wDgnb4V8Zxx y+DtRs9Kku45+YJbyLTtNW0jlVvlIZnZcHIYMwIxkH9Jf2i9O/Zeg8WfCzxL8fVji8QWWuw2/hGV PtouP7VlZGjjQWPzFS6ISJf3W7aG6gHT8cfslfCD4j/AXw9+zx4xt7q/8P8AhSysLPTLvzlj1G2f TbcW0FykyIqCYIPmPl7GyQU2nFeXfDL9gT4ceBviTpXxW8ZeMfFXxP1/w4CNGfxVqf8AaEWnHGFe FBGn7xR0JJUEBgoYBgAeGf8ABPPwtof/AAvv9rHxm9pG+rt8QNUsFuGQGRLZby5laNWIyFd2BYA4 YquegrV/YLsLLRv2lP2uNF0qFLWwt/FdlJFBGoWNGmN6z7VHAyewr7S+Df7PXgv4H698QfEXhO81 C7ufiTrtz4g1Fb2SKRIrq5d3dLcRxRlYgXOA5dsYyxo+Ff7PXgv4Q+P/AIj/ABG8NXuoXOpfE+/h 1HU47uSJ4IZYPN2rbLHFGyqfNbIdnPTkc5APjn/grv8A8ma6n/2GdL/9GNWH+0J8MvHuqftgD4o/ sn/Ebw7b/F7SvDi2mr+Ftb/eGXTRIrrIhCSGPf5kYI/d9iJAHYH7i/aM/Z78F/tO/DOf4VePb3UL DSbi5guml0ySKK4D27FlAaaKZNpzz8mfQivM/j9+xX8Ofjx410z4opr2u+BPHWkwC2i1vw3eiyu5 IASVjlJR9wXccFdrYOCxUAUAfPX7H3xZvdX/AGm/iJ8N/jP8J9O+H3xtk0uDU9U1HSJjNa6rZxmC NWI8yVUYeZGy4dt2W3bXUg/Xv7X/APyal8Yv+xR1z/0ilrD/AGe/2Rfhv+zxrGueMNI1LWPFnjDx KqR6jr/iG9N9qM8SbcReZtQBMqD90scKGYhVx9C+L/CuieOvCeteCfE0H2rSPEFlcafeRBihktrq NopV3LgjKMRkHI6igD8Mv2jSG/4I7fDbBz+50Ef+PvX1f/wU18BeEfDP7AWteH9H0u3trLwo+iR6 YiRKotQl5Bb5jAA2kxuynHUE+tdZYf8ABNb4TW3wY1z4C3/jfxhqXhPV72yvYYrnULaR9PNi0jJH abrQxxpIZCZRsO4hSNpyT9XfH/4G+E/2jvhVq/wg8cXd9Y6NrLWzzTadJFFcqbWdLhNjTRTIMtGA 2UPGcYPIAPyN/aGk+MHiH9vT4E2HgAeHbvW7TwLBfaHF4ta5bSnvn+1G4lC23z/agsasmO6I3ULX YfEDwN+1Dq/7VHwH8cfHzxL8K/CviDR9YVLGPRbvVLXVdWsJZYku7VBcxyed+7ZliQlF3SMN2GNf oR8cv2RvhN8fvDHhvQfF51DT9R8HbP7G1rTLkWuq2LIEBaKYIy/N5akhkIyAyhWAI4H4QfsJfDj4 ZfEyD4y+KPFHiT4m+NbGIwWOo+KdQ+3vZIQV/cDYuG2swBYtjJKhSSaAPti4t4LuCS1uo1lhmUo6 MMqysMEEHqCODX82ySXuleFNX/4JkvNJ9ruvi1a2MaFiH/4RS4f7d5o74Vo1mOOm/wBcZ/pPr5bv f2QvhPfftQWf7WsrX6+M7K0+yrAskP8AZ7t9ne1E7xmEymUQvsBEoXAX5cjNAH4l6Bcajr/hfw9/ wTJmlke8sfivfWd4gJLHwvp7/bXk+ju8ky+uzPrj73+B+n6NqH/BUf46zeLYoX13QdD0iPw/G4H+ j6e9tbCZrZTwv3kDFem9xwGYH680b9kL4TaH+05q/wC1haNft4x1i0+yvbvJCdPiYwxW7TxRCESr K0cW1iZSp3uduSCKHx8/Y4+Gvx68VaT8R59V1rwV460OLyLTxB4bvfsN+IPmxE7FXVkBduwfBIDb SRQB8pfE230rQ/8AgrD8JpvBSJBquveFtUHiRbf5fNtkt7s2z3ITq2+JACwydkfouKv/AASG8HeE dM/ZLbxdcWFsb7Udcvrm4upYkMg+ybI4v3hGQIwpZeflLMRyTX2H8BP2Qvhj8Atc1nxtpl7q3i3x p4hRY7/xD4iu/t+pyxrj92JSqhEJAyAMttUMSFXHZfs5/s+eC/2Y/hnb/CrwFeahf6TbXNxdLLqc kUtwXuG3MC0MUKYB6fJn1JoA/Jz4Z/Dr9pf4OfD7xVF+yPqng/4/fAzW73UpJdLuW23rLMojuoXk 3RLI/lgISZpN4AIjG4CuY+P/AMS/hv8AFL/glz4X8Q/C7wsvgnRLTxRZWj6Okhlis7mOeV5xHI2C 6Oz+YGIB+bkA5r7e1T/gmZ8K11rXJ/AHj/xr8PvDviaaSfUtA0DVxa6ZM0v31WIxNhDjG1t4C/Ku 1QBXuXiX9i34F+I/2cYv2XI9PuNK8G23lvA1pNi8iuUkMv2nzZFcNK7lixdWU7iNoGAAD6wr8ofi h4X0PxP/AMFcfhkdctI71dI+HzX8CSoHVbmG81FYpMMCNyF9ynqrAEcgGv0I+Cvwqh+C3w80/wCH lt4k1jxXFp7Sst9rtyt3fMJXL7GlVEyqZwgxwuBnAFc9qX7PXgvVf2idJ/aZuLzUF8UaPoTeH4bZ ZIhYNatLLMXeMxGUy7pmGRKFwB8uckgHxb8V9PstP/4KsfBHUbGBILnVPCmsJdSIoVplhgvSm8j7 xXsT2AHYV4R4k+KUf7AH7R37Q2ly7bfw/wDELw+/jTw1G+PKOt7mha3UdB5lxJIWA6RonHSv1J8S /s9eC/FPx88IftFahe6hH4k8F2F3p1nbxSRCxkivElR2mRomkZgJW2lZVA4yDzn8wP2i9T+GH7ff 7VHwv+C3w/0u61ZPhnq2ozeMdRmtZLeG0sraWNJrIs4G/wA+WAxg4wCy7SQX2gHlnxz+Dknwb/4J OaHpniIOmu+J9Z03xBrUj8zNd6nJ5p355MkcPlxtn+JDX3Z/wUB8MfCnTv8Agn94m0uztrKHw/o2 n6adA8rbsikWaFLQ2zDuyNjKnLIzZyCa5/8A4K6oT+xvqCIucazpfAHbzGrq9G/4Jq/B2x1/RJdf 8W+LfFXg/wAMXK3ek+E9Y1X7XodnIhJRVgaPJjTOFQtyOHLgkEA/Py0m/aO8SftufDxvCyeF7jx9 pnwt0O409PGTXjWayPaRNeyWotf3n2rzXnwemwSE8gY9+TwN+0ZP+3P8JPiD8dPEvwx8PeK7SC6g GneHrvUoNT1jTJYpY2VobqNxN5eXMeWQcN12/L96/tC/sj/C79oy60PXvEdxqfhvxV4YJOl69oN1 9h1O0UndsSXa6lN3IyuVOdjLubPK/A39iL4bfBj4g3Pxf1HX9f8AiF49nha3TWvE179uubaFxtZI PkQJuUlSx3MFLKpCswIB8xf8E/PBHhfUfjd+1h4q1PTbe91CX4g6nYCSeJJGS3jvLmUopYHAZ2BY DqVXPQVZ/Y50bwjc/t3/ALVmuXkUMniWx1HT4rNnAM0dnOJjcmPPOGdIQ5HTCjvz91fBr9nvwX8D tc+IGv8AhO81C7uPiPrtz4g1Fb2SKRIrq6dndLcRxRlYgXOA5dsYyxr5y8Y/8E6fhb4k+Jfif4za B418YeD/ABx4ou/tUmp6LqiWclurLtkt4RHAD5Mnylw7M2VXDgZBAPi7xy174Z/aq/bNi+EJFrat 8Mbi91BbQkIms/ZoW3gJx53lvO+fveYzHqWr7h/YD8MfDN/2GvA2n2FnZXGiazpU76wrqjRXFzK8 iX32ktkNhgyNv6KoXgAAe0fs+/su/C79m/w5q2h+C47vU7zxHObnWNU1eYXmoanMd3zXMu1VYDe2 FCgfMxILMxPzXff8EyvhClxq+meD/HPjbwd4M8QSvNqHhfR9Z8jR5jIAGXyWidtjAYZWZuMKCAAA Afkx4cuZZP2M/AthZyyTeHtN/aBgt9EaRmYf2f8AZHkXZuz8pkdzx1Yt3zn7G+Na/HDWf+Cpf2f4 WR+Fp/EmjeD4ZdBj8Ym7NisJOZ3tFtPn+1Bnmx28sSE8gY/RLxp+xn8F/F3wx8CfCCzgu/DXhr4e axZ63psOlSRRs11ZLKq+e00UxkEhlZpTxI7fNvznN39ob9kn4YftHXeh+IPElzqnhzxX4ZYnS9f0 G7+w6nagncUWXa6ld3IyuVOdjLubIB8Ep4G/aMn/AG5/hJ8Qfjp4l+GPh7xXaQXUA07w9d6lBqes aZLFLGytDdRuJvLy5jyyDhuu35f1Z+K3/JLvGP8A2BtQ/wDSd6+cfgb+xF8Nvgx8Qbn4v6jr+v8A xC8ezwtbprXia9+3XNtC42skHyIE3KSpY7mCllUhWYH618QaLa+JNB1Lw7fM6W2qW01rK0ZAcJOh RipIIDAHjIIz2NAH84/iPSrPXv8AglV+zLoeoLvtdR+IwtpV9Y5r3W0YfiCa++f+Cr/h7RNP/Zi8 KzadYw2jeH/FOkLp/kxrH9lTZLHsi2gbF2gDauBwPQV9AP8AsIfCGT4EeAP2em1fXP8AhHPhxrq+ INPuPtFr9tlulmupwlw/2Xy2i3XcgwkaNgL82QSfX/2iP2e/Bf7S/gOD4eeO73ULHTbfULbUlk02 SKKczWu7YpaaKZdh3HI259CKAPd6/MPwAQP+CsfxNB6n4e2R/wDJixr9PK+QPid+xj8PviT8c9F/ aGg8R+IfCfi3So7aGZ9EvUtob+C1lEqRXKvFIWQ7QrqGCuoAIJANAHzB/wAE8/C2h/8AC+/2sfGb 2kb6u3xA1SwW4ZAZEtlvLmVo1YjIV3YFgDhiq56CvmO1OpeE/Cn/AAUPsfAsf2EWt/EY4rf92sUV y12LtkCY2/ui54xwPSv2D+Df7PXgv4H698QfEXhO81C7ufiTrtz4g1Fb2SKRIrq5d3dLcRxRlYgX OA5dsYyxql8PP2afh58OfF3xR8X6fJeapL8XbpLrWrXUGhmtBsWZDFDGkKERsszBlkaTIxz1yAfl 98DfDH7Zl1+xvoOg+EbT4N/8Ko1Pw40kzakdXEptZoi11LftH+5FwrbzOw+VZFbGAor7k/4J1+HN S8H/ALKfhjwvf+KtJ8ZQ6bPfR2uo6LdS3lm1u1w7rGssscTZjZmQrtwuAB0rzG+/4JefCQ2974Y8 OfEHxz4d8B6nO1xc+FbHWsaQ5c5ZBFJE7bD0beXY/wB7IGPv74feAPCPws8F6R8PfAenR6ToGhwC 3tLaPJCICSSSSWZmYlnZiWZiWJJJNAH5pftOeF9D8Yf8FKf2Z9F8RWkd9ZDTtauzFKgdDLZW9xdQ kqwIO2WJGHuK1f2rNPsrD9v/APZR12zgSHUL6XX7aedVAkkhit49iMw5IXzZMA9Nx9a+0vFn7PXg vxj8d/A/7Qup3moReI/AFrfWlhbwyRLZSx38MkMhnRomkZgsrFdkiAHGQRwT4i/s9+C/ib8V/h18 YtevdQg1n4ZSXsumw20kSWszXyIkn2lXid2ACDbsdMHOc0AfmT4D0XwN4l+KH7fvhz4la+nhbw3q sui2l5qkjBEs1niv40lOSAcOy/KSN33e9eceJP8AhqX4D/s26dpPxS8K+DP2g/2dNKstPmhubOVr W5XTEeM2coI8o8Ap8yxTHBy7kbyf1Z0L9kv4T6R4h+L+vXy3mtxfG77ONfsb6SJ7QJbJNGq2wiij kjBE7ElpHYEKVKkV8y2n/BLj4UR2cfhLUviP481PwBBMs6eFZ9aH9k/K4cRtGkSkxgjjaVcdd+7m gDzr40+J/DvjP9pL9hbxj4Sgez0LW7fVLywhkG14ra4sbJ4Y2GT8yowU8nnua3fgpaaXq/8AwVM+ PF740WKfxDouiaSugrLgmGwktrbz3tw3Q/Ogdl5BkccBmB+qf2gP2Nfhb+0DovgvStQvdV8IXPw8 J/sK98P3K2dxZRMkcZiQvHIoTbDHggBlKDawG4HD+K37Dvw0+Kk3hPxHN4j8R+HfHPg3T4NNtPFW kagLXWZ4IIyg+1TCMpKzEszsEViWYAhSVoA+cPiTb6Vof/BWX4STeCkSDVde8L6mPEi2/wAvm2yW 92bZ7kJ1bfEgBYZOyP0XFX/glf4I8LzeDvjB4xutNt7jVbz4g6naNPJEjyCGyS3mhUMQThJJnceh OetfYXwD/ZD+GPwB17WPG+mXuq+LfGviBFjv/EPiK7+36nLGuP3YlKqEQkDIAy21QxO1cdh8AP2e vBf7OPh7xB4a8D3moXtr4k1y71+4bUZIpZEur1IkkSMwxQgRARLtBDMOcseMAH5beJPilH+wB+0d +0Npcu238P8AxC8Pv408NRvjyjre5oWt1HQeZcSSFgOkaJx0r7w/YB+Dt18Gv2X/AArputK3/CRe JlfxBq7yZ817zU8S4kzzvjh8uNs90NfDP7Rep/DD9vv9qj4X/Bb4f6Xdasnwz1bUZvGOozWslvDa WVtLGk1kWcDf58sBjBxgFl2kgvt/bUAKAAMAdqAPyj/actNL13/gpH+zboPxAWKfwsmnarc2MNzj yH1dUmZMhvlL+ZHbFB3cKOc4pP8Agp9b6VpuofADxZoKJH8Q7fx5p1vpUkfy3Ulo2WnjBX5mTzvs 4I5ALY/iOft79ob9mj4X/tM+GLLw58RoLmKfSLj7XpupafN9m1DT7jjMlvLhgCcDIZWU4BxuVSPJ Phb+wp8N/APxD0/4s+MfFPib4o+LdGjMWm3vi3Uf7R+wAn5Wt0KKFdecMS2GJZQGwQAeP+EP+Utv jf8A7JjD/wCl9jX6d14Tpv7PfgvS/wBonVf2mbe91BvFGr6Evh6W2aSI2C2izRTB0jEQlEu6FRky lcE/LnBHu1AH4i/srEf8O8P2px3GoePgfb/iUR15F4y8P6T4s/Zo/YM8K6/bpeaZrPinTLO6gkG5 JYLi5SORGB6hlYgj0NfpT4b/AOCfnwq8I658R77w34o8T6fovxOsNXsNS0OO/iOmRf20nl3E8ELw MRMi/wCqdy5Xody/LXYS/sVfCybwn8HfBzaprP2L4I6na6rorie3824ntJFlRbw/ZtroWUbhGsRx 0IoA+VP+CgXgfwp4g/aR/ZJtNW0yC4guPE09pNG0alJbaOSykWF1xho8j7pGMFh3NdL+1hZ2tn+3 t+yZq1rEsV5cTeILaSVQA7QxwRbEJHJUea+B0G4+pr7N+K/7PXgv4w+Ofhz8QPE15qFtqPwx1GTU 9NjtJIkhmmk8vK3KyRSMyfulwEZD159F+Iv7Pfgv4m/Fb4c/GDXr3UINZ+GMt7LpsNtJElrM1+iJ J9pV4ndgBGNux0wc5z2APyD/AGdB+1hqf7Uf7S/iL4HxeBLjxHF4qubPUX8XnUXv4bOO5nW0jtTa dLYogXnrsTsq19G/se+BfiZ4Z/bP+LPiP4j+JvAY1zX9HhfWvDvg66vC0F/FJb+TdS2tzGNu6N5D I5kLeZLnb87Y+kPjF+w18N/in8R5fjF4c8TeJPhp45u4Bb3mq+FtQNhLexqqoBcAo+4hVC5UoTgb t2BjqvgZ+zV8Gf2QvDPifxFo95d3N1qCyajr/iLXLkXN9cR26tK7zzBUUIgLuQqjJJZix5oA+YPh qht/+CtPxbXT2Jt7vwJYS3ozwLlH09Isj18ocZ7E1+pVfnf+wt4N1XxZrXxJ/bE8V272t/8AGfUE l0e3mXEtv4dscw2BbPIaeMKxHQqkbDriv0QoAKKKKACiiigAooooAKKKKAP/1v38ooooAKKKKACi iigAorw7x7+0J8PPh7rJ8P6rJcXl9Hjzo7SNZPJ3DIDl2QZwc4BJHcV6X4Q8YeH/ABzocPiHw1ci 5s5iVzgqyOv3kdTyGHp+IyCDVunJK7RzwxdKU3TjJNrodNRRRUHQUNV1XTdC0u81vWbqOx0/T4ZL i5uJmCRQwxKXkkdjwqqoJJPAAzXzuv7Zv7JjsFHxf8LZPHOrWoH5l8V1/wC0h/ybv8Uf+xV1v/0h mr8Wf2R/G/8AwTM0v9mbwhp/x7tvCz+N4YLwaob3SZLi+LG7nMe+WOB2Y+SU27WJxgCgD99tA8Q6 B4r0i28QeF9TttY0u9XfBd2cyXFvKoJGUljLIwyCMgnmtivx0/4JyTy+DvAnx/8Aif8AD6yuY/g7 Jql3f+DLK8kcFo7FLk3BQOzOiMBCmWBbKnJLK1fe/wCzX8e7z49/s36F8eLzRo9GuNYt9QmNjHMZ kjNldT24AlKKTu8nd93jOOcZoA+jbq6tbG2lvb2ZLe3t0aSSSRgiIijLMzHAAA5JPAp8M0NzClxb ussUqhkdSGVlYZBBHBBHQ1+F/wC1d+0z8Rf2jP8Agmo/xR0vwbb6ZpHiW9+za06ajubTY7LVYYrc xqyI0/2iRdjgAbAcnIr9Xf2bNc+JGv8Awd0C9+KXhmDwpq6W8UUdpb3q3yPapEghmMiAANIOSnVf WgD3eivgr9qH9svxH+z78X/BHwk8MfD6bx3qXjqyuXsobW6FvO16jeXBD86Mixs2DJIT+7TLYOK5 74afti/GG0/aC0L9nn9pn4XReAtV8Z209zoV7Y6imoWs5gR5GikZAQG2owJDZDbcoFdWoA/Raivz t8b/ALY/xV8UfGTxN8Ev2UfhpH8QNQ8DFY9f1XUL9dP060uWJH2ZCwBeTcrIfmB3K2FZVLVyD/tk eO/it8HfjH4Dt/h43hz4zeArCWPVvDl5qMaRrZXCFZL62u9oEixRHzAAvJKBWYOrEA/TWx1Cw1S3 +2aZcxXcG+SPzIXWRN8TmN13KSMo6lWHUMCDyDVyvzJ/4JSa58Sb/wDZX8PaR4o8NQaX4X06Kb+w 9TjvVnl1IS3941z5tuBug8mTCruJ3g5GK+rP2nf2j/C37MXw3/4TrxBYz61f311Fp2k6VaY+06hf z58uFMg4GFJZsNgDhWYqpAPoqivzHvv21f2gvg7e+HvEH7VfwYi8F+AvEl3DZ/2vp2qx6g+ky3H+ r+3RKOF6l2BXABwGYbD2H7Qv7anjL4Q/tE6D+zt4B+G0nj/W/Ffh+LVNLW3vltWe7lubiLy5WkQp HbpDbPK8uTjoQFywAP0IqnFqFhNez6ZDcxSXlqkck0KupkjSXcI2dAcqH2NtJGDtOOhr4A+Dn7YP xX1T47Tfs1/tC/DSPwL41vtLl1bRntL9L2zv4Yt5Kb1yFOEf5gx5RgyqQAfl79g7xl8e7/8Aa/8A j2mveBLS2ttZ1qzPiiUaqkraJNDBeG2igG3N2sj/ACErgIBnpQB+vvgf4geB/iXoS+KPh7r1l4j0 h5HiW7sJ0uIDJGcOodCVyp6jNdfX44fC/wDbH8JfBz9gm3+Pfw7+Ftn4e0pPEb6c2g2t9K0S+bLt knWaRCxY4ztIxnuK9Z0r9vD4m+Efhz4m+Mv7RHwhn8CeDYra0uPDhW/jnv8AVpr98W1oICF2ylA0 sjMUMaDPlnrQB+m1chqPxA8D6R4w0r4fapr1la+JtdjlmsNNknRbu6jgVnleKInc6oqsWIHAB9K/ OjVv22f2mPhRpGl/FH9of4D/APCMfDPUprdLm9sNVS91DSY7ohYpLu22gnLMoIIjIJ2nDkIYvjFq Fpq3/BTD9mrVdInjura88N6/Nbyo26OSOSwvGRww6qwIII7UAfqXRXyR+yV+01e/tF6N4ztfFOgR +E/FvgLXLjRNV0tLg3IjaHhJQ7JGdrssijK9Yz2xVn9lj9pG+/aZt/Hfiex0GPTPCfh/XrjRtGv1 uDK+qRWvL3JQoojUhoyuGbJLDOVNAH1dVe5tLS9j8m8hSeMENtkUMMjocHPIr5Y+I/7SOofDX9p/ 4afArWNBj/4R/wCJVpem11o3DK8eoWau7Wxh2FSGHkgNvB3SAYwMnzR/25dIX9uVf2Oxo0ZhNtg6 v9pORf8A2P7d5HlbNuPLwud+d/y4zQB99UV+eHxB/bi1bwv4r+PeleG/CMOr6N8DdIsrq4vmvGj+ 1alebCLTaImCKqmUM2Sd0eNuDkYPwT/bf+LvxDsZ/ix8QfhGfBPwWj0a71b/AISSfUBJKFsUy5W2 Cb5BM/yxDC7h8ys/SgD9LaK/KWy/bj/aq8TeBbj4+eDP2evtnwqgSS6jkn1iOLWLiwhJ33UduEY7 QoLbQj5HKsyjcfS/jJ/wUF8H+Af2bPh/+054H0WTxP4e8aa3aaXLbNIILu1SSK5kuRtG9WuIWtmj 2bgrNyH24JAP0Por8sNe/bq/aE+E+teFPEf7QnwM/wCEM+HHjG/t9Ph1CLVory9sHuQWjN3Ci8Ns BdoysZADAEsu2vYfjl+1n480H4zW37OH7OPgRPiH8QI7L+0tV+03YsbDSrRtpjM0jD5ncOpxuXAZ ANzNgAH3dRX5y/A/9tr4i/EH9pY/syfEz4XnwL4h03Sbi+1FnvxdKJ4nBj+zFECywSxOjh92QxZe cZP6NUAFFFFABRRRQAVXW0tUuXvVhQXEihGkCjeyjoC3UgelWKKACiiigAooooAKKKKACiiigAoo ooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAqGK2t4GkeCJY2mbe5VQCzYxlsdTgdT U1FABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUU UUAQxW1vA0jwRLG0zb3KqAWbGMtjqcDqamoooAKKKKACiiigAooooAKKKKACopoYbmF7e4jWWKQF WRwGVlPBBB4INS0UAMjjjhjWGFQiIAqqowABwAAOgFPoooAKKKKACiiigAooooAKKKKAP//X/fyi iigAooooAKKKKAPyh+N/w68YaJ8R9bvJ9PuLm11W8mura4jjaRHSdy4XcoOGXO0r144GCDX2J+y1 4J8ReEPBF5P4igezk1W5E8VvINrpGqBQzKeVLHsecAV9NUV1VMU5Q5bHiYTJIUa7rqXfT1CiiiuU 9s8X/aQ/5N3+KP8A2Kut/wDpDNX5R/sU/E/9gTRf2UvBGh/Gi58Ff8JTBBejUYtWsbWe8y17OyCU yROzfuymMk/LjtX7b6lpunazp11pGr2sV9YX0TwXFvOiywzQyqVeORGBVkZSQykEEHB4rw9P2Uv2 XI3Ekfwd8GqynII8PacCD7HyKAPyj/ZEsdE8a/Hr9p6+/ZjtJ4PgpqmgS2dhbxRSQ2M2tzQRqDbR SAbAWFwVQAFY3QYVSqjqv2Mf2ufgP8MP+Cf9l4Y8U+LLKy8W+F7fWrSTQ5JANSnuri7uZ7eOC1/1 sokEyDcqlVYkMRg1+zGheH9B8L6XDonhnTbbSNOtgRFbWcKW8EYJydscYVRz6CvOh8APgYPG3/Cy R8PdA/4SrzftH9qf2ZbfbPPzu87zvL3+bnnzM7vegD8NdLhlm/4Igat5SlvL1AM2BnCjxFFk/hX7 ifAT4heCfiX8J/DniDwFrVrrunxWVtbSTWkqyrHcRQR+ZE+PuyJkblPIzyK63S/hr8OdE8Hy/D3R fCulaf4VnSWOTSbexgi090nJMqtbIgiIkJJcFcMSc5p/gb4deAfhjozeHPhx4c07wxpckzXDWum2 sVpC0zhVaRkiVQXIVQWIzgAdAKAPzw+PMUcv/BTz9mhZVDAaP4jYA+q2F4QfwIzT/wBrJVH7eP7J TAcm48RAnvgW8P8AjX6L3/gjwZqnifTPG+p6Bp934i0VJY7DUprWKS9tI5lKSrBcMpkjV1ZgwRgG BIOQTRq3gnwZr+vaR4p13QNP1HWvD5kOm31zaxTXVkZgBIbaZ1LxFwAG2EZAGc0Afk7+yJ8UPh/+ zf8AH79oj4OfHDXbTwbrWreLLnxDp13rFxHaQajp96zvG6XEzLGWCFX2lsnewGSrhea8F61b/Hr9 rT9pL47fDBH1HwFY/D+78MR6pEjC31HUvJgciFiMSbRE4yv8Oxvuuuf1k+IPwa+EnxYFsPid4M0f xU1lkW7anYwXbwgnJEbSqzICRyFIB711vhvwv4Z8HaRD4f8ACGkWeh6XbZ8q0sbeO2t489dsUSqg z7CgD8+/+CV/xB8E+I/2Q/BvgrRNatbzX/DEV6NTsI5VNzZ/aNRu3hMsf3lEifMhIwR0rzT/AIKz +FtRufBfwq+I00+p2nhnwZ4pgm1q60d/LvrG1uCgF3A+DsliKERPghZHXPWv0o8GfCL4VfDnUtS1 n4f+DtH8NX+sEG9n02wgtJLjBLDzWiRS3JJ57knqa7q+sbLU7KfTdSt47u0ukaKaGZBJHJG4wyOr AhlIOCCMEUAfz3/H/wAO/smjwNo2lP8AtH/E743N4vvLSC08M6Z4ptdWnnaRt0bzWs0DLGUcAKsq h/MIAXOSv2BqOlR6Z/wVQ+F2mOJHbTvhUIlNwyvMDHdX0eXZPlL4yGK8Ek44r708Ifs6fAH4f+ID 4r8DfDnw9oGs87byx0y2t50DDDCN0QFAe4XAPeu/m8E+DLjxbB4/uNA0+XxRa2psodVa1ia/jtSz MYEuSvmrEWZjsDbcknGSaAPzo+LyqP8Agqf8CGA5PhTWgT3wIb3Fcp+yB478HeF/23P2ovAfiPWL bTfEHibxDp8ml2VxII5r1YYrySTyFbBcojKxA52kHpX6hXngjwZqHimw8c3+gafc+JNKieCz1OW1 ie+toZQweOG4ZTJGjBmDKrAHJyOTWFe/CL4Val45tvidqHg7R7nxfZgCHWJLCBtQj2rsXbclPMG1 TtHzcDgcUAfzj4Df8EdUU9D42x/5Hr9MP+CtHgnWda/Zm0HWtEgu30vwV4l07U9STTyEnh09IZ7d pojg4aJpU2nBC5LHhSa+/f8AhSXwY/4Q7/hXf/CA6B/wign+0/2R/ZVp/Z/n5z5v2Xy/K3553bc5 716XNDFcRPBcIskUilXRgGVlIwQQeCCOooA/nt+Ntl+yNB8HYdYuv2oPid8VLXxMbaGHwta+K7e/ vbsyyKQlxYzQHy/LI3ETIDuUKAWIFfS+qaDF4V/bt/Y+8MQQ3lvFo/gfUbNY9RaNr1Ft9KuYwty0 QEZmAXEhQBS2doxiv0T8O/s1/s9eEPEqeMvCvw08OaRrkTb47y00q1hmif8AvRskYKMe5XBNei33 gjwZqfijTfHGpaBp934j0eOSKx1OW1ikvbWOZSsiQXDKZI1dWYMFYAgkHqaAPxA/bW8UeKf2N/2i PiB408D2sx0/9ofwjLYQLbqf3XiK3aO285QP444pPMHcvM3FfrP+y18G7f4BfADwT8KkRVutGsIz fMuCHv7gma7bPcGZ32/7OB2r4+134X/tG/tO/tPeENT+Nfgaz8F/C74P6ve6lYOL6G9m167jcCyl CoxaOPCRylXRQBvQlmICfqBQB+cf/BTLw3qNr8GfDnx38NwmTXfg14j0zxFCV++1usyxTx/7pLRu /wDsoc8Zr81LzTtWi/Z8sv8Ago19ilOtn4sv4rIIAkHh+S5+wi064x5qCMc42nGe9f0Z63oei+Jd IvPD/iPT7fVdL1CJoLm0u4knt54nGGSSKQMrqw4KsCD3rnX+Gvw5k8Ff8K1k8K6U3hARiH+xjYwH TfLD+YE+y7PJ2hxuA2Y3c9aAPxh8I+F9V/4dg/G741+KYtviL4xzap4mui33limuljgTP9zCtInt J+A+qvFnw/134gf8Eq9K8FeC7Z59UvPh1oU0FvB/rJngtLa6eNR/E0gRlx1YnHev0An8C+CbrwgP h9deHtOm8LLbJZjSXtIW08WsYASH7MV8ry1AACbdoAGBW3pWlaXoWl2eh6HZw6dp2nQx29tbW8aw wQQQqEjjjjQBURFAVVUAAAADFAH5p/Az9ub9mPw3+xt4X1nW/F2mWeoeEvDVppt3oEs8aak95YWq 27W8VmT5riV0+RgpQqcswAbH52ah8PfFHgb/AIJz/ADTfG1lLZT618VtO1GK1uFKulpdR33lbkYZ AkUeYAequD3r95779nL9n7U/Fb+OtR+G3hy68QyuZXv5dKtXuHlY5MjSGMlpM/xnLe9egeKfBHgv xza2dj420DT/ABBbafdR3ttFqNrFdpBdQhhHPGsysElQMwV1AYAnB5NAH50f8Fa1U/sv6WSMlfFe kEex/fCuD0z4ieF/2X/+CjXxY1L446gvh7QfizpOl3Wha1e5SzY2EMcMls82NsZVg4+YgAIm4gum f1T8W+CPBnj7S10Px3oGn+I9NSVJ1ttStYryATR52SCOZXUOuThsZGeDXwP+0poX7U9h8W5tc0b4 c6N8f/hDqdnEo8Kal/ZttNpd+gVXnilu4XaRZApOP3nLsNqhQxAPA/hv8b/h78eP+CrS+Ivhlepq ujaJ4Hn0n7fECIbuaGczSSREgFkUzeWGxhthKkrgn9S/D3xn+GXiv4j+IvhJ4f1yO88XeE44pdUs FilV7ZJgrIS7II2yHX7rHrzXxF+yz+z18Xj+0Brf7Tnxp8MaV8OiuiJ4c8PeE9Jkgni0+y8xJ3d5 bbEOS4fAXqZHJCgKD+gOmeAvAui+J9T8baP4c02x8Ra0qJf6lBZwxXt2sYARZ7hFEkgUKAA7HGBj pQBzel/Gf4Za38VdZ+COl65HP438P2aX99poilDwW0giKyGQoIiCJ4+Fcn5unXBB8Z/hlc/Fe4+B 0GuRv44tLEalLpnlS71tDtxJ5mzysfOvG/PPSuktPAXgXT/F998QbDw5ptt4p1OFba71aKzhTULi BAgWKW5VRK6ARphWYgbV44FEfgLwLD4wl+IcXhzTU8VT2/2STV1s4RqD24x+5a5C+aY/lHyFtvA4 4oA6yiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooA8/wBZ8fWem6k2 lWsDXE0bBZGJ2qp9O5P6V0+ia1ba3afabcFHQ7ZI2ILI3UA49QQR7EfSvIPHXg7V7bV7jxDo0bXV tdgNcRIMyRuoxvVerA9wOfauY8PeJ30+6VxP9nmX5cnlHUH7rA8de/X0Nfir4/xmAzWphs1XLBt8 uiStfRqXXTe73utGfoC4aw+JwUauEd5WV9db9U10/pn0/RXmh8feVEJJltyp/jEu0dOu3BP3ugz0 59qv2Pje3uGBZUlQ/wAUL7iP+Anmv0OhxlltSapxrLmfTr/w3nsfLTyLFRXM4aHeUVWtLy2voRPa yCRD6dj6EdjVmvpYTUkpRd0eVKLTs9woooqiQooooAKKKKACiiigAooooAKKKKACiiigAooooAKK KKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKTNAB1opaPegBO9FFHWgAo7UYAoo APrR9KKSgBcd6Wk60YoAKKDRQAcUhpaOvagBD0p1Np1ABRRRQB//0P38oorhviJ8S/Afwl8LXHjT 4j63b6Do1qQrXFwx+Z2ztSNFBeRzg4RFZjg4BwaunTlKSjFXbGk27I7mivm34Pftd/s8/HjWZfDf wz8Xw6jq8StJ9jmhns55ETOWiS5jjMgAGTs3FRywFfSVaYjDVKMuSrFxfZqxU6cou0lYKKKKwIPL fi18a/hV8CvDf/CW/FrxLaeG9MZikb3DEyTOBkpDCgaSVsc7UVjjnFfI/hj/AIKkfsWeKNdi0CPx tJpjzuI47jULC6trViehaZo9sa/7UmwDua+Ovhj4Q0b9uL/gof8AFbxL8Xbf+3fBnwakbSdL0icb 7Iyw3D20ZkT7rpI8E87KwO9iobKLtr9SvjD+y78FfjP8ONR+HHiLwrpsFtc27xWlxb2cUU9hNtIj mt3RVKMjYOAQGGVYFSQQD320u7TULSG/sJkuba5RZIpY2DxyRuNysrLkFSDkEcEVYr839BsviL/w Tv8A2GNauvE2tW/xIv8AwMVlsI2SSzijtbu5hiFr5jPK7rE0rsjYXCkIFAUGvsr4UfEa6+IvwS8J fFi7sks7jxJoFlrL2qOWSJ7q2W4MauQCQpbAJFAHq1FfmL4F/b88SeLv2IPGP7Wc/hC0t9R8MXz2 kelrdSNDKFlto9zSlNwP+kE4C/wj1rkvgj+3d+018cPEOgeItB+BhtfhdqkUyza3PcSqEktLd5Lm VZApTyhLG0cYKfM2E3hyQAD9Z6K/EX4bf8FMv2ofjnY2t78FPgCPEMemTJFrcy3MrW8bzSERRQyB Rg+Xtd2YOVySU2gM31H8bf22fHGmfGdv2bP2Zfh7/wALJ+Idhbi51ZpLpbfTdNVlVtskpKhiu9d5 ZowpZUBZyVUA/Reivzq+Cf7anj29+NVv+zd+1J8Pf+Fa+O9VgNxpE0Fyt1pupKqsxWOQMwDEK2zb JICQUJVwFbz7x9/wUH+J+k/tI+Nv2Y/hj8Jm8beKtHltotIEF4II5VeBJ7ia8kkAWFIw4C87ST8z rxkA/VauTPjvwZ/wmi/Dga1aN4oazfUf7NWVWuls43SNp2iB3Km+RVBYDJPGcHH58/Av9t/4raj+ 0Jbfsw/tQ/DVPh94x1i1e60ua0uRcWlysaSS7chpFIZIn2yJKw3qUIDdPh/wX8QP2pIP+CnXjvX9 L+FlldeNbrQYbS+0dtXt0itdIDWCrei5L7HcosTeUpLfORj5TQB/QlXjvxl/aA+Dv7Pugw+I/jB4 otvDlndOY4BIJJZ52AyRFBCrzSbeNxVCFyMkZFexV+E37cE/hr4Vft+eAvjZ+0f4ZufFPwjfRks7 RvswurS1vk8/5ZIXPlyMkjCYoeSrBlDmPbQB9xeCf+Cmv7GHjnWY9BtPHo0q7uJRFCdTs7qzgkJO AfPkj8lFPrI6V9VfFr4w/D34HeA7v4l/EvUzpfh2xeFJblIZbnDXEixx4SBHc7mYDIU46nivgf4g n9g39uz4YXvw28AeKPC1r4mv4gNHuDbx2WqWd0CChit5lt7h1yNrxrwynHoa6H47BP2S/wBgO10X 4l6Zp3xlHg6LTdOkh1a38q0vE+2JFbl4nM+DBGUC5JyUB4zgAH3HqvxW+HWg+DNN+IPiDxBaaV4f 1hLZ7S6vH+zrP9sUNAqLJtYySBhtTG/tjNeg1+Af/BSvxr8TNW8DfANtE8C2dn4Mml0PU9NuIbuJ AdWmt3K6YsGVaOKOLbtlKhecZGMV9yePf2wPjN8JW+A2hfFD4c2WieJ/i14hk0XUbFdRW5XTYheQ W8UscsG9JWeKcSY3AA/Ke+AD9GKK+aP2vPj1qP7NHwE1/wCMWlaRFrl1o0tlGtpNK0Mb/arqO3JL qGI2h8jjkivKPjp+21Y/BT4OfDfxnH4Yl8TeNvinDZDRfD9nLtaW5u4IpGBkKs3lxvMiDajMzOoA GSwAPu6uV8a+OfB3w48N3ni/x5rNroGi2C7pru8lWGJPQbmIyzHhVGSx4AJ4r8rviB+2/wDtpfs/ Wtj4/wD2hfgLYad4BubiKCebS9Vjubu1M3CiQpLMm703IiM2F3qSK86/4LA+N/GfiP4A+DpPDegw 3nw31u60/VP7eNyiyrdyw3Bt7cWpIkKyQsZC+3AI2nmgD9Xfi/8AHz4V/AjTNE1n4o6w2k2fiG+j 02ykW2nufNupVLomIEcqCFJ3MAPevY6/Jj9ob4/+NvB/wP8Ahx4l/aX+B2g3Ovat4uh06DSL67h1 KCzjMLNFfRSxiZRMcMMZBA69a+g/2sf2zYv2fvEXhr4UeAPCs/xB+KPjIb9N0W3k8pUhLFBNO4Vm CsyvtAHIRyzIq5oA+5KK/KVP28fjz8E/GvhzQf20/hFD4E8O+K5xbWuvaXfR3tpbTORhbgJJKoCg kyfvVcKC6o4Fd9+1b+3fq37Nnxu8IfCjS/A0njNfFulNdWq2UxF5NfzSTQWltEm1lKyTIgZ/mYKx KqxABAP0cor8kp/2+f2jPg78RvCehftafBeHwR4V8bXiWdnqdjqCXhtWkKrmcxvLGxQsC65jfZll VtuD9j/tAfGX4w/DLxz8NPDnw0+G91430nxdqD2utX8CTsmj26zW0YmkMMbqAUmkfLlRiM84zgA+ pqKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKK43XvGOn6RugiYSzjIOOQD6YHU+3HuRXkZ3n2Ey6g8TjaihBdX+SM6lWMFeTOxJAGWOAP WvH/AB1pPgXV/MZ9QjsdU5Ie3HnOx/24VyX/AEb0YV5/rXjS91KZhMxMafe3ksoJ6Dy1+X8CCfU9 KzjdapLFtt0+ywsOSQEY/wDAVwB+lfzXxR434LMqNTDYbCe1h05k236K8eXX7XNbs29DlwfE8sPW U8PJprr/AJrr6Hzn4k8T+NdDubm1svD7av5DEK8TNBvA/wBiRcqT6HvVLRfilqCTomuaHqGhS9pW QywAj+86fd+pGPU17prVxBp9lF5MRe4eQKWJBUgg8Bce2c5qhNHHLHEyqAzIpYEZGSOcV/KdbE42 NWUPYxutdJSur7K7Vrr0+Z+rw8ecOqao1cFFu2sk5Jv5czj8uU2fBPxs062vYmvruOaJyqNLGwYE E9H25/A9RX1Lp3i7R9ShWeCQ+W/Ruo/SviZLSz0m/GtW+mQG6i5ExVSy+44B/nXe6X8QpJI0lu4c o/Rhxn6A5Fftnh145YrLYfVM1m3FbOUXL75J3t/27r3Pz3ivjbL8bVhPBUXTdveu7p9raI+vIbq2 uBmCVX+hzVDWNZg0e3E8sbyluixjca+Z4fil4Uk1pPDaanEmrvA1ytsXxL5KMqF8c4XcwGeMnp0N eQ/GH4va94ZtY7qN5Lg+ckMakMV2McsSV7YB79SPpX7DxF49YelgVLBJTrTsoJNbu+rT1S0ffU+O zPimjhcPKvV0S6n2jZfELQ7lvLuN1rIOCHHSu0tbu2vYVuLWRZY26MpyK/N7SPjw97Gkeo2quuMZ JWYfjnDD8K9/8F/FXQPsyRWV19nLHLRhyQGPXCv0FfN8C/SAq1MR9XznljG3xNcjv0WkpQf3x8kc +WcXUK7spp/gz6qor58HxH1A3rvaalBMpP8Aq5B5Qx7Fht/UV1tt8S/JUHV7F40P/LSP5o/++hlf 1r9PyvxxyDEylGVRwSdrtXj680HKK+bR78M2ot2bserUVj6Nrum69bm506XzEU4PqD1rYzX6rgcd RxNKNfDzUoS1TTun6NHowmpK8XoFFFFdRQUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFA BRRRQAUUUUAFFFct4s8b+EfAmmHWPGOr22j2g4D3Mgj3H+6gPLN7KCfamk27ITdtWdTRXyx/w2n+ zaLoWsni5Y9x2h3tLoR5/wB7ysD8a+gPC3jXwh4309dV8Ha1Z61aMB+8s50mUZ7NsJ2n2ODVzozj rJExqRezOnooorMsSloooASiiigA96KWkoAB0ooooAKO9HSgUAFFFLQAUlLSUAIadSUtABRRRQB/ /9H9/K/ET/gsjp3i+TT/AIa6rCsr+F4JNQimKZ8pL6QRGLzO25o1fy884V8dTX7d1h+JPDHhzxjo l14a8WaZbazpN8uye0u4kngkXOcMjgqcHkccHkc162R5n9TxUMQ43t09VY6cJiPZVFO17H8h/wCy fp3i/VP2lPhtb+BllOrJrtjKDFn5IIpVe5d8Y/drCHMg6FNwPXFf2GV5P8OfgT8HPhHcXV58NPB2 meHbm9G2ae0t1SZ0zu2GTl9medudvtXrFelxTxBHMKsZwjZRVtdzfMcaq0k0rWCiiivlzzz8Qv2Y td079mT/AIKOfHD4RfEC7XRrX4pXP9raLNcERW91JNcy3VtEjsQCxS5mjX1kjZPvkA/sF8TPiV4N +EPgbV/iJ491GPTNF0WB55pZGALbRlY4weXkc/KiDlmIAGa8f/aR/ZE+CX7VOj2un/FPSpDf6cGW y1SxkFvf2qv95UkKsrITzskR0zztzzXyJp3/AASR+B82p2M3j7xx4x8aaTpjhrfTNR1JPs20cbGM cKyBcf8APJ4z70AeX/E79ozxr+1Z/wAExPit8UPE/hCLwtG8sNtZLDcPcLdwW1/aGSdQ8alFV90f 3myUY8YxX25+zx448K6J+wd4C8aajqcEOjaP4GsvtVy0iiKNrKxWKZWbOAySIyEddw29eK+jbr4X /D+7+G8vwhl0K2XwdNp7aU2mRr5cAsmj8sxKEIKjb0KkMDyDnmvz48O/8Em/2fdC1SOK68T+LNW8 JQ3S3a+GrrUk/st5FbdiVI4UZ07feDY6uaAPgX4L/wDKGn4tf9hqT/0q06v2D/ZksbbT/wBh34eW 9omxH8D2UxH+3NYiVz+LMTWN4c/YS+EPhf8AZq8Sfssadqutt4S8UXbXlzcST2x1CN3khl2xSLbL EFBgUANCxwTz0I+kvBXw20LwJ8LdF+EekT3M2j6FpEGjQSzsjXLW9vALdWdlRUMhUZJCAZ6KBxQB +dX/AAR0sba0/ZDluIE2ve+I9RllP95xHbxg/wDfKKPwr4t+DXw3+NPjH9uX9pHwj4B+MLfCbxS+ tXV95Z0uK+l1PT3u5pIygmkQosMcsLYXO5ZAei5P7W/s3fs6eCf2Xfhsvwu8AXuoahpSXc96JdTl hluPMuNu4boIYE2jaMDZn1Jryz9of9hb4N/tEeK7H4j6ldar4Q8b6cipHrnh+6FneOqKVRZSySK2 wHAYBZMfLv2gCgD4B8cfAfXvD37VHwQt/wBof9qL/hJvGum6vbX2gaUfDEnnTxi7hMkTS2crLAk5 i2CSb5QA7dFavVv2arWB/wDgqb+0hesgM0Wk2cat3CyLYlh+JRfyr6T/AGfv2Avg38BPHUvxW/tH WPHHjiRXRNX8Q3S3c9uJF2OYQqIAzLlS7bnCkqGCsQfW/A37M3gPwB8efHH7Q+jX+pTeI/H0ENvf W88sLWUSQCMKYESFJFJ8pc75X74A4wAfCv7T0ca/8FPf2aJlUCR9PvlLdyFW6wPwyfzp/wAOmVP+ CxXxRDnaZPA1uFz3O3Sjx+Rr7n8efszeA/iH8dfA37QetX+pQ+Ivh/FNDYW9vLCtlKswcMZ0eF5G I8w42SJ261478fv+Cfvwi+P/AMUrT4y6hruv+E/FUEMUEtzod3FB9oSDiMuJoZsOq4XKkAqACD1o A+66/PfVP2uPA+vftZeIv2MfjX4Q07TtIa0hk0y+1WeO5tdYmmSGWOH7PPCsalxI6oN75eMoPmIF foRXyt+0n+xp8Cv2qYLF/ijpUy6rpiGK11TT5fs19FExJMW8q6OmSSFkRgpJK4JbIB8dftm/8E/P 2PbD4O+MPihp+mW/w01nQrC4vba+sJ2trV7mJGeGBrVmMJEsgCKsSJISQFJOBXzD448eePPiN/wR lTxB8Q7ma/1GK/tbOG8uCWmubW11ZIoXdm5cqF8vceW2ZJJyT9T6T/wSA+AqapZy+MPGfi3xVo+n sDBpl7fxLBsB+47RQq4XHB8sxn0Ir7e+L37Mfwx+MPwNb9nnUI7jw74QVbOOGLRjDbyW8djIkkSR GWKZAuUAOUJIzznmgD8xP2/GWP8AZg/ZalkO1E1jw6WY9AP7OzzXo/8AwU3v7PRvjL+yhr+qTLa6 dp3jRZrieQhY4o0utOdmdjwAFViSewNfbHxs/ZF+FXx6+Cmi/A3xs9+uk+HFs/7OvLaZI76CSyhN vHJuMbRsWjZlcGMqckgAhSOCvv2Bfg14g/Z4sf2cPG2pa34l0fSryS/stTvbuM6raXEpYloZliCb QHZQjxuuDyCQpAB5b/wVs8S6Jo37GniDRdRu44b3X9Q0y3soWYB5pIbuO4kCL1O2ONicdO/avIvj l+0V488AeB/2ZfgZ8GdG0a4+IHj7RtHFjqutwrLBpmYLeGJ4Q4IErSHO7DbQmAjsy49Gh/4JMfAG +0K+0nxv4s8XeK7ie3W0sru/1GGSXS4llST/AENWt2jRmCeWxdHGxm2qpwR7/wDG/wDYa+DXx48A eDPBHiebUrC6+H9tBaaNrFjPHFqUEcEccYDOY2jfd5SM37sYYZTYSaAPyt/b8+Ff7TXgn9na+8Sf tH/tCp4mk1C8s7ez8M2OnQ2NpezearsS0fkmQQIpkGYeCoJIOK9W/wCChp8z/gmT8IpF5BPhU59j pMtfSb/8EsPgZ4g0jULX4oeLfGHj3Vbu2FrbanrGrefcaaoZW3WQMRjRiFCnzFlGOABX0h42/ZG+ GHxE/Zy0r9mXxhd6nqPhzRLWztbO+eeIalF/Z6hLeUSpEsRdUGzmLaVJyueaAPib/grG6SfCz4MS RkMreNNOII5BBtpcGs/xDeWPhT/gsXot943lEMHiHwotvoUk42xidoXj8uNjxudo51HPLPt6sAfo OD/gnD8JX+Efh/4Oaz4u8U6ppXhrxEPElpcT3lq1ytwsKwLb7mtWUWwVdwQKG3EkOAcD3P8AaS/Z N+D/AO1Poen6X8TLS5hvtHdpNO1TTphb39mzlS/lSFXQq20ZV0ZcgEAMAQAfH/8AwWE17wxYfsmj QNWkjOr6xrdgNLhODK0sBZ5ZEXk4WLcrN0G8AnLAHyPxxpGoQ/8ABRD9kfSPFMZbUbPwWgulcfML q3tL5mJHqJFz9RX1L8L/APgm98IfA3xE034o+NfE3iP4na5oRB0z/hJr1b2C0KHKOsflqWZDyu5i qthgoYAj6E8YfszeA/Gv7Qngz9pTVb/UovE/gazmsrK2hlhWwkjnWdGM0bQtKzAXD4KyoOFyDg5A PhX/AILFxxn4G/DqcqPMTxxYKG7gNZ3hI/HA/Kv1nudR0+ykiivLmKB7g7Y1kdVLngYUE8nkdK8C /aU/Zm8B/tS+EtG8G/EG/wBS0+y0PVYdYhfS5YYpWuIIpYlVzPDOpjKytkBQcgfMOQc747/sp/Dz 9oTxt8OfHnjTUNUstQ+GN+2oaamnzQRwzSvNbzFbkSwSsybrZBhGQ4Lc5IIAPpqiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK4bxV4207QLWW KJ997gqihSVV/dunHXHWvGz7iDB5ZhZ4zG1FCEVe7/Jd32SM6taMI80mZ3jjxcumI2m2UmJ8ZlYH 7int9TXzdrviBBGywPyep6E/59K09QuGukd7mRjLKS7HOSSfWvK9fzzsYEflX+Zvib4j4/iDHurV 92k9Ix7L/Nrd9X2VkfD5vmVRpySOn8L38oguhIQy3haJkb+4wA3j0ZGAYEc8Ed61rfxLNcWircnE uCj8YIYfKwI7cj8K4GEmGCKMdQB+Z5qrc3xN87RbmeVQ0gXJPmDjd/wIYz7gnua8TKuJalGiqNL7 PTum/wBN16vq9fJhXnTjFv8Aq50niHWEa1jYAMVkjAznjcwXt7EitCW/TdgYx0A9u1ecXly1xEI3 icbWRuoz8rBun4VFP4ihich4Jd3oo3H8hRDOq0pym43bt+Bz1MTacpS2sv1/4B1+rajEdOui8oiB XazMcABjg89uD1r43h/bL0Lwpreu+FdZ059ShsruSOylsdrrKgYrhizAHGAAy5BwfqeQ+NWrW+v/ ABIi8LeDbC/PilbKWS8kj2JYXFqIwWtbslxuYhogMYZfMQ7sZ2+NReN7S+8I3fwv+BfhSTS/HFvG 0evC+CxX1ntYrIDPKQrlm6FZMKp4UE8f0NwDwpl9SgsXj487nGOjagqcW378nd2TtZPrto2j2cvw 8Je/Py62su7I/CPxe0pv2l4PHl7Jdafp+r7rW6e8YB0imXAyFARUR1TaAOFUck5NfotpfxB0HWfH 918N9LvftWp2trJdyqBlI4lkWNRIwyAzliVXrtGTgEZ/JqH42atpfhLUfhp8W/DqajqVmjxafdXc ZE8MinBVpMBm8vBYENk42kkV3nwp+OKfs2afFqGoeHo9ck8b2cWqNfxXDRSSMWYeS29XAEJLKQMH J3HrX6F4geFeGzZQrUqPvwhyQUZK00tYyUtNIq+ltdOiZ6WNyt1LOC12338/uP1F1LwZo93IZL/S UDnnzIP3bZ9cpj9RXK3PgeONSulak8Z7R3Ch1+m5cEfka734X+N9R8ceCtP8V67pB0GfUUMotWk8 11iJ/dsxKpguuGxt4BAPNdZcmyu0Z3jzn7uRkt757V/IOc5XUy6cqU69nFtWbUtu26+77z4nE8P4 eTb5Un5afla/4nhKx+ONDQeTAbqMd7aTf/443P8A47V3Tvi7rWkXKxzxSQyr94HdA+P5foK9Oazh 6BSmOmDVa40/7QAkypcL2WRQw/Wvm6Wc0nJSqU1fum4v9f0PPeUYql/u9Zryav8Alb8mdf4N+POj JuW/Igmcgl2QIW+siZH4mu/k+JcN9fG+0zWJsHHcSIAB0G0g9fXrXzZeeENAlOZbL7O/96Elf06G mw6M1mgWykV1XoH+Rvz6frX2j8R8f9UhhaVeXLF3V7p31+1Fp9erv5np4bNcfS9ysk13V7/d/wAA +1/DXxesZB5euS7osMftKIcLtGfnUDI474xXrmja7pevWMWo6XcLNDMMqQeeDjkV+dOi6/q+kvJH CrR7Dh1HI/8Ar8fpXqWgfEl7ZRA8caqOyrsI/wC+cGv2bgH6R+Lwajhc5XtIK/vWvLdWu7u6Sv0b emp+iYPiXDyw0Yzg1UW7vo1r0avfbrbyR9t0V4DpHxNjdVX7Qy+z4cf0P616VpHi+21KZIPlO/jc p6fUGv6a4a8XMizRxhhq65nok9Hf03/A76GY056I7Siiiv0w7wooooAKKOtFABRRRQAUUUUAFFFF ABRRRQAUUUUAFVru8tNPtpb2+mS2t4FLySyMERFXklmOAAB1JNTSOkaM8jBVUEkk4AA6kmv56/2r Pjfqniv9oHxF4QtvFtv4j0Ozcvbi1kIt7KJIxvTax2l0H32UlXbPTO0dGFoqpUVNytcmqpqm6kY3 S38rn6HftCft8+A/h3pl1pXw2li8Qa3zGLo5GnwNjlhJwJ2HGAh285LcbT+GXxU+PXxM+Kevvf6h q6apqFwNpmnuoV2KD91EZlVEB7KAOuK8T+K/xHsrzVZNO0kEJDkGQZIx7ZOT69e/rXk+jeINO0rU Lu+iso768lVVthcIs0Ss33nZWGDjsGBHY5Gc+zJU6CtBXf4nmqMqr99/5HU654n8X6derDrqXNrK wPlmVWRXH95CQAR3yPWuz8DfGPxx4J1WLXfC2uXek3ijCzW07wvtbII3KQceoxijR/DfjfUtNEen 2J1TS5wu+1mACQyHKkxvIVRcEZIDA46DgVBZ/BDxnJf+Q7Wmmwuww89yrlF7ZEO8kj2xmuyMGtzn kl0Prjwb+1T+0teahax+Afiff2l7cSBfsus332i1LHgbJb7zFjBPXzMIOu9QMD7a8J/8FBP2qPhb q+l+GP2i/hTPqS3zBIruyt3t57lSAd8DRCW1uOPmHlbQR3HWvg/wf8Jfh94ViFzqu7xPdQIH+80E TMOfkiVlyOMfOTnqSOlfREfxT8XS+F7Dw59tu7HSo1/c2BkXyrPIJVFSEmMYyRwScE8nOTlXwkJP YuliZRVmz9tfhV8efh78XoTD4euZrDWIkEk+k6jEbXUYFwpy0LfeUbl+dCycgZzxXs1fzSX/AIb+ IXxDlTxJ8JbmeHx74NifUoPsz+VeXFpGwEyQsvzNLEWEixggMnm4y21T+nH7EX7dFl8ebeL4c/Ep 4rDx7axkxyjbFDqqIDuaNRgLOoBLxqNpGWTA3Knj4nBON3HY9GjiObc/SOiiivPOgKSlpKACjNLS UALRRXxn+19+1FZ/AXwuNG8OyRzeMtXjJtUYqwtIuhuZEOc9CI1IwzAk5VSDpSpSnJRiRUmoq7PW /iv+0X8JPgyVtvG2tpHqEgDLY24866KnoxRfuKexcqD2zXIeCf2vfgv42hSaLUJtJ82VYohfRhPM LZwQY2kAHyn7xH5V/OJrnjC/8Qavdavqt3JfX15I8k89w5eWV2IyzOxJJPc5rvPAviC6s1kIndLQ FTOqHazIueAw5BJ7jnqO5r3f7Jgo2b1PL/tCV720P6efDvjTwj4uR5PC+s2mrCIAuLadJSgPTcFJ K5966av5gtH+IHizSvFMXiXwrqk2k6hAxaB4ZjEVzydzc7lJHzAgg9CCK/eb9lX47t8e/hkmvanA LXXtKmNjqcSjC+egBEijsHBzjswYDgAnzcZgfZap3R24bE861Wp9LUtJS1wHUFFFFAH/0v38oooo AKKKKACiiigAorzzxZ8V/h54GvY9N8Ua3FZXcgDCLa8rgHoWWNWKg9i2M12Oj6zpXiDTYNX0S6jv bK5XdHLEwZWHTqO4PBHUHg81Ti7XsZxrQcnFSV10NKiiipNBrMqKXchVUZJPAAFZH/CR+Hv+gpa/ 9/0/xrjPjT/yRzx5/wBgHVP/AElkr8QP2JP2Rf2GPil+zP4S8c/GY2X/AAl+otqAvfO1+WyfEN9P FDmBbiMJ+6RMfKMjnnOaAP3/ALTUdP1AMbC5iuQmN3lOr4z0ztJxVyvz8sNI/Zc/4J9fAjxr8avh Ho81/wCG5JtPOoJpuoNqL3En2lbOLy3uJ2QbGuCWAYcZ6nFfSXxW+O/h34TfAnUPj5rGn3V5o+nW FrfvawbPtLR3TRqqjewTcDKM/Njg80Ae1S3VrBLFBNMkck5IjVmAZyOu0Hk49qSK7tZ5ZYIZkkkg IEiqwLIT03AcjPvX5R/tJeKbPxz+1D+xB4206KSC08QS6vqEMcuPMSO7tbCZVfaSNwDAHBIz0NdP +xR/yd7+2F/2H9E/9AvqAP09qvPd2lqYxdTJCZWCJvYLuY9AM9T7VYr8rP8Agpd/yNX7NH/ZRNN/ 9GRUAfqXDd2lxJLDBMkskBxIqsCUJ7MB0/GmyX1lDcR2k1xGk8vKRs4Dt9FJyfwr8tvhXa/8Ka/4 KhfFDwTj7PpPxf8ADlr4jtE6CS8tH2SfUlvtbnuM/jXwr+15r3i/xT+0/wDEH9rHwtLJLo/7NOue FdIRF+7MqzyNex/8Au2KMM42yc9eAD+ja5uraziNxdzJBEuMvIwVRnpyeKat7ZtOtqtxGZmXeEDD cU/vAZzj3r8sP+CkOqwfFzw58DvgB4aufOh+MPimxlaSI/f0m2VXlk9dq/aI5c/7Fcp4w8W+DPhZ /wAFRrrxZ4tv7fQfDnh/4ZeZPPKdkUEMc21QAOSeioqgliQqgkgEA/Xy5urazhNxdypBEuMu7BVG eBkninQzQ3ESz28iyxuMqykMpHqCODX4yeG9E8bf8FRvHUXjvxmLjw3+zZ4UvnXS9IEnl3XiK7tz taW52HKoOQxB+QExxEuZJV/Y7RtG0nw9pNnoOg2cOnabp8SQW1tbosUMMMYCoiIoAVVAAAAwBQBa S7tZLh7RJkaeIAvGGBdQehK9RmrFfn54N8VfBXw/+2P+0FqmjaRrC+O9D0LS7zX7mWWJrC5torCC SBLSPO9XEQRW34BYHnFeb2P/AAVK8I+J/B58d/Dv4ReNvFeh6ZE0utXtnYKbbS9m4vHJMGZHdIwJ HwQiowJfrgA/UuivMvg58W/Bnx1+G2ifFX4f3D3Oh69E0kJlTy5Y2jdo5YpEydrxyKyMASMjgkYJ 8n/ae/az+Hv7KFh4X1f4i2V9c6f4mvnsllsY0lNuY03s7ozKzDHQLk57UAfUtFfAHgz9vzw/qfxB 8N+BPil8N/FHwti8bt5egaj4gto4LW8lIBSJ2DnypXLKFU7uWUMRkVl/GL/gox4G+E/xe8T/AALs vAXiXxf4x8ONZEWukWyXAuorq0S8klTaxdVgjdQ+5MljwNoLAA/ROivhT4ift5eCvBUvg/wvoXgr xH4r+IHjPS7fV4PCun2qPqdlbXEfmKb4B2WBgM7lBdlxlgFwT2P7P37Yfgj46+LdZ+GN9oGr+Avi B4fiFxd6Br1v9nujbnaPOhIJEkYLr/dbBDbdpDUAfXVFfnp4p/4KEeHB418QeDfg18NfFXxZTwhK YNY1Dw/aLLZW0qEh445CcyupU8AANglCwGap/Ez9tTw149/Y28XfGX4GaXret3ElnqWlTxWcAjv/ AA9efYJpDdXy7/3UVqQjvIjMMMpUnsAff9n4h0DUNRuNHsNTtbm/tBma3imR5ohwPnRSWXqOo71s V+Qf/BJr4ffDqw+Gw8d6Z8NtY8OeLptOihvPEupmT7NrsV5PJK32EGVo/LiMEYYiND90kkkmv18o AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAMbxBrN r4e0W81u9yLeyjMsh/uqvVj7Ack9gDXzVcTw6jcPLeyiVhyFb7pOeua97+It9pum+AfEV9q+PsUO n3JlBwQU8tgRg8HPTHevyp/Z6+Ntl4sguvAupXKjV9DyIQzfNPZrwrjJyzR/dfHbDHrx+AePvDuM xmBpYnDrmjSbco+T6tdUrddtzwM9pTcYzSulv/mfS2qifzZGhcoCT8p+ZR7DPP6mvO5mvbjUVtrl RsJzuU5yPocV211dHedrcGsGYK14kpHO04xwSfSv8854KtSqS51c+LxNJztZ6dRzMF3OegBqppSx vbSvn5pi3PoOgpZTcZI8pWQ9QWPI+oFZtzqvh2ycwXHmWEqqGLAFo8HjJKjgZ9Riu7B0ZUry5b30 03JxFeMWpyaSXfQ3Ps2QEaQEDsBjP615V8ZYfHdl4Evr/wCFwjGvWpiljRo1k86NXHmxjd03Lk8c 8YHJBrv47k3IS70u8ivokOSY2DHHfoa3UljuIQ6g4YdD1HsfevcyavSjiYVmlPlafLLZ26SXZlUs RGTul/wT8prz4gfGTwla+MH17TYpPHUWmwmIQskslus1zP50wiXIYJEiE7S2AsbEFdxX5M8F6V8b NctNT8ZeCvE8l1fWMLyXUX2wvfiAEEny5QS6HAI2k9h1wK+yfjBpV5aeO9R+MZvEaw1u8l0iDTID JHqNybIpBHLZsisRKLiIuH4CgL94NtPnFj8PfFHiXSv+Fv8Aw0ubbT/GWjtuv7LTpkK3GRndEqfK sxAImhxskPKD5gp/vbh54OlgvbQpU4Opy3933VK1nBp7RTurrRN9dbfW4V0407pJc3lpft6HyXrf hz41+PtY/tu7s9RvdXcxQM6W5hlk3ZCAhFQP90jnPTFdxqPhz4s+G5PAQ+IukhP7V1UJEkoCzSB5 YkYSRKQBJwOWUggruBOa+9tP17VfjT8Px4/1xU+G9zo0XmWuufaTF9ovEIDBoWADWhKgFXZiWwFz tOfJNY0Dxr+1T4h0nTL3WbHw1qfhux+0QRKJW+1yStuF7auMboZNiYIO6MggqTydv9Zal+WvThRp 0uZTau+TRpcrjo1qr21js0tDX67J+7JKKV0/LTyP1S0S7UBQ/wDqYk3sp6YHY4xxXkOkfGbU9Su5 bm+0F/sTSN5ckMoMhjz8p8tgo5HOAw9qZb3fiXwX8IH/AOE8u4bnXVgSymuYMiOWRjsEgyq4LAhm +Uc5xxXN6JLbCxgWEgjAAx296/guOWQft3X/AHqUnFSu7abtPS97q1z928BPC7Lc4wGKxma0vaJS UI2bVrK7ejXdWvoen6r8VHjltU0DSJbsOCZjcN5Gz0AwGyf0Hqe27Y/EXRZlU6laz6fJ33J5sf4N Hk/morzEMB36fzqdGUMCcc/Tp+ledWyfCyioqFvNN3/y/A/Z8T4DcMyw6oxoSTX2lN8z++8f/JT3 qx1DQ9XQCxvYrlj2R1ZvxXOR+Ip81lEzYOM1856rpWm6lGvmxAspyp54PYg9RXpfgPV7mfTJNOut 8zWIG2V2LNtY/dJPJx2z247CvFx2SqlT9rSm9N01+t9fuR+EeJXgNDK8vnmeCrOcIW5oySTSbtdN O0tbaWRqaxqkOhXUZmXO9xEB3OQT+nNX4r2wulBb5c+o/rXnfiqdtZ1y3glY7oy0zfVzgfy/Wult rGUooQhq6a2WpUoT1u/6R/LsPa88lFXj0OyiTgfZpSfTBzXRWmv3nhyE6tqM0dta2oLtLI3lhQg3 cFjgnjgdT0FfMGr694kudSurPSroafZ27mISIivLIy8MdzhlUZyBgZ759MVtGt9RuI7vWLmfUriM YR7mVpSoPULuJCj2GBXpZbkqpSVWrUs9GuXddd+j++x/WHBf0bcZiKdLF5nXVKMkpcsbynZ62e0U /m7duh94/Dv9r7wf4ttYhqNsbaYjB8mQP+aPtYe/evovSfiT4J1pN1pq0KHuszeS35PjP4V+V0Wj 6RJAkc1vHKEGBlQSPoeorUhtZLOB4dNu5bbccjJ80L04AfPHHTNfv+W/SKzrDS5anLVj/fVn/wCB Qt+MGfsPEHgzk1eo5YJypeXxL/M+5/Gfx4g0rURY+GUiu44TiSaTJVz6Jgjgf3u/bjky6J+0Lo10 RHrVi9sf78LCRc+6naQPxNfBb3fiCHmeKG9UfxRsYX/75OVP50sHiSyikCXsc9q5IAWVMAk/7Yyt fNy8beKvrc8XSxCs38CjFwS7JP3kvO6b6s0Xg3lrw6pKHM19pPV+f/Dqx+qfh/xp4Z8UZGi3yTyK MmM5RwPXawBP4V1NflxoPifbetNA5gFuuA0ZwwdunOc9Ae9fpT4XivYfDemJqTtJdi3iMpc5beVB IJ9QeK/pnwb8WMXxF7bD4zDqE6aTco/C77Kzu09+rWnTY/DePuBVk8oSjNtS2T3+/r0+83qKKK/d T85CiiigAoo96KACiiuN8fePPDfw08K3njLxZM1vpliYxIyIZGzK6xqAq8nLMKaTbsgbMb4wfEmw +Efw31v4hajCblNJhDJCDt82WRhHEm7nALsMnBwMnB6V+Pes/wDBTb9oD+0Vj0Hwl4dktHcKpIuZ JOTkBx9oTbxwTt2jqTX374z/AGuv2Tde+GGu6j411q1vtIt0SO70e8hzdzyPl4Y47dx+9ZiuVdCU UjJdcEj+cX4xfE3wzo/xI1GTwzov9iaRfStJFpvnvcPZRv8AdjaR/mZscsM/KeFOOB6GDVO8qc1q uvReo54eooRrv4L97N97enV6pdd1f7D+O37f3xc+InhGLwDq+oWWlm+bbeHSI5Yo5UHWNndpH2Dq 5BAPAC8Et8D+ForqVNe1k4ZruX7PG/cRqBJKRnBOcL19D6mpETQvE8RvtEuIYL8qxQsBvGRnGOgz 6gZPOeeK6XR9M/svw7HpuoMuSjq5j65lcg7TjO7ae468UZbkkqVdYirLmeuq28kux7ec8SUq+FeD w1PkppxsvtN63b7vzPktY9V8Ra81npsD3V3dyELHGOST3J9B3JwAOTivr74VfAi2gvoptTC6vrgG 5bZSfslsP70rY+b6n5TyArnBr0b4X+B9F1eCKPwJYw6VaPEoubyRTJMRuAKs5ALt/EVyFGMnHGft zw34Z0Xwvp4sdGTdExzJIRmWR+cl2659uw6DFfNcQ8V0cBenTalV/CPr3fkfU8B+GeJzhqvXThh+ /WXkuy8/u8uF0P4WaJHHGNbMmqyjASIZgt48fwpFGQSP94kewr0/VPg1omjaBp3iO/8ACenW+n6u 0iW5eCHzX8k4Y7CPM25/ixjPfJGfUNQ8ceJfgh8Ar74ufDfSrPUvEkutxabNd3sLTppliY9xk2KR hnYhQSQCXQHPAPIeIP2ovC/7QngbQ7rVVj0/4haXcS211borLHNZMpkSVN3+0BlQcg5PQivlquAx 2IwUswrVpN2uknov6XSyP0TB53leEzinkmEwkIxUuWUmrt7r87atvToeG6n8H/Dt0puPDlzNolx1 HlsZrc+xjc8D/dZa831vSvGnha3/AOKhtjPYxnAu7UmWIA95BgMnr84Kjsa98gvpoWyenpWpDrC7 tw+VvavMyjjbHYV8spc8ez1+57n1vFHhDlePTnTh7OfeOn3rZ/g/M+avh/8AEjxT8MfHelfEnwU8 N1LpszSKrBnRo5lKSI6BgShVmHBB5zkECuR/aP8Aib8PfiBrFt8b/AVjceAPHlrdA6tYW7ubaaYO XF9aToFaGYSZ81HCg8MjF9wb1v4ieCdBudJvdf0CE6RqsI8zfb/LFJ8w3eZCMI3ckjDZ7181yeGL nxPvtNVshFcupH2qPAikVhjEiuVOeOhOfRj3/ZcgzSlmNL29OLTWjv8A1qj+VuMOF8RkmKWFrSUk 1zJrtdr5PQ/cv9hT9tTTf2hfDsfgbxzcx23xD0mL5wdqLqkCAf6REBgeYP8Alsijj76jaSE/RGv4 8/C3gr4m/DPxVD4j8Ga3BZ3mjyiaxvLe8WOaM4+71B77SG4IJHIJz9h2X7dn7T+molrqniy4t71V BeOW1tXPOcEbojlTg4IJrerlEpSvDT1PCWOjFe8f0k0V/Nvd/t6ftJz7m/4TSaPaMkLbWadv9mEf z/GsG6/bP/aEugJJPHGpDvmOTYDk9MIB0/Cl/YdXuif7Uh2Z/TNRX8vsn7VPx1uiJZPiBrXJ6rfz qPww4Hv9K5jxJ8cviZ4mh8rxD4r1TUlkGNtxeyyAj/dZsY+gqlkU+skS81j0R/SB8Wvjz8O/hH4a 1HWNb1e0l1C0hZ4NPSdDczyEHYojUlgrHqxGAOTX8yXxX+KHif4keMtU8Y+Jrv7TqGpTNLIxPyqP 4UQEnaiKAijsABXEan4yntYHaaYbBwBn17HH6V5Pc+KVvmfyjhuRk9eOR0P5CvQwuChR63bOOviZ VPQ6l7/5srJ8xJzj16n3r0Pw9qTf2M0ERwZ5tvPUogBIxjplhx3x0r5/hv7m8uI7eHl3YbRn26Z+ nXtXvnhbTblPsguITEsUeee5J3H+eMD0/CuqDuznkmegxzqpEbANjGc+p5Pv6f56ft9/wTp0uyt/ gxq+rx2/l3d/rEqzy8gyCGCEJ7YXJxgDvX4a7lzndhn5OBk5JzX7zf8ABPpNvwBLYIL6veE5bcTh Yhk+nA6dq8fNH7h6mAWp9wmlFJ3pa8A9QKKKKAP/0/38ooooAKKKKACiiigD8g/jhpeuaZ8VPEf9 uo4kuryWeF3zh7eRiYSp7gJheOmMdRX2f+yLpeu6f8P7651NHisr68MtorgjcgRVd1B/hYjA9cE1 9O3+k6VqmwanZQ3flHKedGsm0+o3A4q+qqihEAVVGABwABXXUxXNDlseDg8k9jiHX5r76eotFFFc h7x5n8af+SOePP8AsA6p/wCkslfkp+wB+w5+yv8AGT9k7wV8RfiV4Ei1rxFqramLm7a9voTIINRu II/khuEQbY0VeFGcZPOTX7Sa1o+neIdGv9A1iH7RYanby2txHuZN8MyFHXcpDDKkjIII7HNch8LP hX4C+CvgXTvhr8MtL/sbw3pJmNra+dNceWbiV55P3lw8kjbpJGb5mOM4GAAKAPz6/bt+DHgD4Mf8 E6fiL4A+EuiDRdDtZdNultY5ZpwrPq9m8r7p3kftk/NgAVm/tq/FXwCP+Caclxba3aXB8WaJodpp aJMhe6lMts7rGuckxojs46qFIODxX6f+I/Dug+LtBv8Awv4osIdV0jVIXt7q1uEEkM0MgwyOrZBB FfFujf8ABNL9ijQ21Q2vw3imGqwvBILi/v5vKikxuEBe4LRMezoQ4BIDAHFAHyd8Qv8Akq3/AATz /wCwbcf+m3Ta9g/Yo/5O9/bC/wCw/on/AKBfV9raj+z38INV1b4ea5f6B5t78Ko2h8NSfarpfsCP FHCRtWULNlIUGZhIeM9SSdjwT8Gvht8OvF/jDx54N0f+z9d8fXEF1rdx9ouJftc1sJBE2yWR449o lfiJUBzyDgYAPP8A9qP9o7Rf2XPhza/ErxDo9zrOnzapa6bKts6obdboOfPcsD8i7MEAEkkAV8K/ 8FAvGnhDx38SP2W/DXgzW7PXL+/8c6dfxR2U8dxm0E0C+cfLLYjJbhjwQGx0OP1L8d+A/B3xO8Ja l4E8f6TBrmgavH5V1aXC7o5FBDKeMFWVgGVlIZWAZSCAR87fBr9hj9l34B+K/wDhOfhn4LSy15BI sN5cXV1eyW6Sjawh+0yyLGSuV3KN+CQWwSKAPmb/AIKE6rD8D/ip8Bv2uPKY2vg/WbrRNVaMEs1l qtu+MgAnCKs2OOr+uKy/2RvgLe/Ef/gnz4tsPFKB/EXxzGua7cySDn7XqBZLOXJ7AxRTL2Bb61+j Pxb+D3w4+Ongq5+HnxV0Zdd8P3csU0lsZprc+ZAweNhLbvHIpBH8LDIyDkEiuv8ADHhrQ/BnhrSf CHhi0Ww0fQ7SCxsrdSzLDbWyCOKMFiWIVFAySSe5JoA/CT9gDxJqP7R/x++GGraxFILf9n74ftpU qTKcx6vLcTWKZ3d2sgDnsU9c47v47/AfwN+0N/wVU0fwV8Ro5LnQrDwfbapNaxtsF0bWaTbDIw5E bFwX2kEgYBGc1+rHws/Z/wDhB8FNW8U658MPDseh33jW7F9q8iT3E32mcNI4YLNI6xqGlchIwqDc cL0rQPwT+GJ+Lw+PJ0b/AIroad/ZP9o/aLj/AI8t27yvI8zyOvO7y93vQB+UunXl1/wTL/aebw7f M6fs7fF+7MtpIxLRaBqhwGUk/dReA2eWg2tlmgYH9q45I5Y1liYOjgMrKcgg8ggjqDXm/wAWvg98 Nvjp4MuPh98V9Dj1/QLmSKZreR5YWWWFtyOksLxyxsORlHUlSVPysQek8F+DvD/w+8KaV4I8KQyW 2jaJbpa2cMtxNdPFBGMInm3DySsFHC7nOAABwAKAPyp0P/k+v9sf/sS9L/8ATPb165/wTT0uwX/g nz4PAgXGow6+9xx/rGOo3kWW9fkRV+gFfYUHwG+E9t478ZfEuDQtviT4gWUWn63d/abk/a7WGFbd I/LMvlR4jRV3RIjHGSSea2/hr8KPAHwg+H1h8LPh1pX9k+F9LWdLez8+afYt1K88o82d5JTukkdv mc4zgYAAAB8N/wDBJgk/sVeGM9tQ1b/0reuL/wCCm2reFtA8Ufs26543aNPD2n+PbS41BpgDEtrE 0TStIDkFFUEsO4yK/RL4S/CD4d/AzwVa/Dv4WaT/AGJ4es5JZYrXz57na87mSQ+ZcySyHLEnliB2 wK+IP+Cgvwq134reLf2eNJtPCt34q0G28dWLa5HBZyXdvDpryRLO93sVljgMe4Oz4XGcmgDkv+Cp +s6J4j+EHw98BeG7yC88aeKfFmky+HY4Cs05YB1N1EFyTGPMVSw4JcDPNW/gTp1pL/wVI/aS1WSM NdW2h+H4Y3xyqTWNizgfUxr+VfS3wh/YZ/Zd+BfjP/hYHw28FpY69Grpb3M93dXhtVkBVhALmWQR kgkbgN2CRnBIPs2g/Br4beGPid4m+Mmh6P8AZvGHjGG2g1W++0Tv9pjs40ihXyXkaFNiIozGik4y cnJoA/O/4OajpPhL/gqV8ctL8dTJba54r0XSZfD0tziM3VnHbwCaK2ZsbiGQAqvJMLnB2EjO+K19 Z+M/+CqPwy0/4a3Ec2teF/Cmrp4gubfEgtEmtrxbaO4K9GSWaM7TyPMTjnFfePxx/Zc+BP7R0FlH 8X/CkOt3Gmgi1u1kltbuAHnatxbvHJsyc7CxTPO3NXvgn+zb8E/2dtOvNN+D3heDQBqJQ3cweW4u bgx52+bPO8kjAZJC7toJOAM0AfDX/BJXXfC+m/s0at4KupYtP8V+F9d1P/hIrSciK6hmLjEs6thg PLUR724zGy5ypA+fPg5eaf4l8L/8FCvHfgrbJ4H1q11ZdOuIQPs1zcRWGpNdSQsOCG8xHyOodTX6 M/FP9gv9lH4y+MZfHvjzwJDPrt2wa6uLS6urH7WR1M6WssSSM38Tkbzxlq9w0z4L/C7RPhZdfBPR fDtvp3gm9sbnTZtNti8Eb2t4jJcKXjZZN0gdt0gfeSS27dzQB4h+wH/yZt8J/wDsDR/+jHr6/rj/ AAB4C8J/C7wbpPw/8C2P9maBocIt7O282WbyogSQvmTM8jck8sxPvXYUAFFFFABRRRQAUUUUAFFF FABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUVDPPFbxmSVsAUATVVuLyC2Us7dK43UfFkS zGCHnapbINcLf65c3rvBkkn5lVeSQK3hQb3MZ1ktj8g/2/f20vFF9rmu/BDQEOn22lXTQTpDky3B TBR3bsuCGVQAOhOcAj8rdD1vWFmGqi9eG/tj5iSxsUdX7EMCMHPf/wDUf1F/4KAfAuyOrR/H2xVF tZ4Y4dWCDe5kiYRQysqgn5lIjJOB8q9c1+VNzqsMsEtvaRmC33fIN2WKnnBJH3Qex/HnJOU4W0Zq pXVz6Q8BftdfGHwfqMY1bUv7esNxMkF98xwTkhJlG5fb7wA6LX6ufCv4neHvjB4Nt/Ffh8vGjMYp opBiSCdMb42xwSuRggkEYINfz8KBwBj6V+5/7LXgxvCHwW8P28ibZ9QjN7L2ybli6/km0fhX8qfS G4SyrD4GGOpU1CtKVvd0TVm3dfr56nymf4SlBRnBWbfyPoENKv313e4qrcWkVxIsyHy5kDKG6HDd QQeorVxjis6+1ex00D7QS7HoijJr+OlTS9258vVceX39jlL7w3yZnt4ZZe0keYJPXOV64qOI66NH vba1la1vJYnSGWYeYI5ipCPjPIBwSM8jjtXT6d4q8K3moWtlqc76fazOFluVTzUhB6FlBGRnGSM4 69qn8dxP4F1FLHWLZp7e8Ae0ubYiSO5jbG106A5yMjt9ME+1gstxyw7x1OHNTjJK+jafS8d0nsm1 Z7Xuj7jB+DmfTlCVHDNSmuZRfLFyXkpNNtdVvbW1jyDw/wDCfwRpGvaX4juA95qmkafFp1tLdNuE Sx5LyICMCWUsS75JPbGTn5X/AGkP2d7Q3c3jP4UWi6XqUEcl7f8AkzPCsvmP8pi6qHJWT5Uxkkdy M/oxp3gnxJr2lf25oVlLeWgYoWRSWDL1G3qcdyMj8a4zWPD7B0tdWtniaGVJTG6lMshyu5T12thh nowB7V95kPHed5TiqeY41T5JL7SfLKP4Jre3Z6nzNZYzAV3TxEHGUdGnf7j8z/2afgYnxU1PUNe+ JT3epaTpDCGK3uZJU8y4DENuy27bHtZSuRyefSv0+g8MeHrZrF49Ntw2loIrRvKUtboF2hYmIyg2 8cEcVQsxDpnnvZxRxm4cyyYQLufuTtxye55z16mtiHVYzzPER7r83+B/SuDj3xLxOdYt1Yycaa0j G+i0s+2/V21OfFZk687y08uxbudL03VbFbTUYVmiYliDyP1rmrj4aeGJY2exjNnKFOPJygzj+6Pl J+q11trPYyS+XHKCJOVB4IPcYPNbWFjTKHOK/N6NGok/Zza9H+h73D/FOOy2ftcDWlB/3W1f17/M +SWk1vSnaPVbKRVVmUSKpZSAcZyudufQgVdttXtZvuNn1+b/AOtX0rcSRSnbPEsgPXI61i3/AIW8 K6wAbq1CuOjAA4z6HqPzrvqZqr2q0/mn+j/zP6myD6TtKaUMzw2vWUHb/wAlf+aPFftSMC2QP1r0 zwRALfQJtQbrezEr/uR/KP1yar/8Ko0eW6Ei3zRW3dAzc/Tgn9aseI7m10DSk0nSziO2j2Jng5PA /n61xY6tTrwjRoXbk1/X3nleMPjHlmZZQsDlrlebTldJWS1tu9b2fyPF9csLzxB4nutW0nUTC6kR eUeEKxkgYIP+Nbd/rHjXwl4Xv9dubdrsWaAIsRVmeRztQAHaSM9fQflWlonhCVG+0RTZJO4g+p56 /wBa2vF73tnpNnpjAkXM6sw7bIgTz/wIivp6uIhGpTw9SneMdOz08z+fvCjhv+0+IcLhq8HySneS vo4r3pLy0TPmjw943uYbWOG9WSKQfeFxG0TE9+oAP4V3tv4ttZceauM9xzXTPFZTKUuIVIPXI/xr CuvBmhXWXgQ27N3iJX9Bx+ld1bGYSrJudNxv21/yP9Y54zBVXepTcfTX/I1LfXbOXBjmCn3rah1R 8fKwYexry258EanB82n3glx2kGD/AN9L/hWLJH4o0o5lt5Co7xneP05/So/sqhV/hVE/UP7Fw1b+ DVT9f6R73Hqy9HFXUvLaQYLdfWvn228aXUZ8uYZYdQwwfyODXQ23jGzkx5oKH2rixHDdWOyPPxPC daO0fuPddDjsrS+iu/LEkIuI5ZY14LorKCB1xnkdK/SHwx8StA8SCOJBJaXEhAEcgBGSM4DLx+eK /J7QvEFl/bVlCZgQCSQf9kc/qa9m8b+PZ7D4e6/c6Iryak1hPDarBzIZ50MaFMY5Utv9fl9a/orw Ir18DCUY71ZK91ulotd9Ls/APF7heFWiq1e94JtPt5W87I/T+ivlT9nr4ja3400LToNYlka9ijTz GbPzgqTlgejfKQf8c19V1/XdOfMrn8lVIcrsFFFFWQFFFfNfxl/au+CPwY0y4bxR4othqRjfyLS3 b7TcSSDKgLFHuY4YYIAOO4qJzUd2b0MNUqu1ONz6FvNV0zTpIIdQu4baS6bZEssioZG/uoGI3H2F fmz+3F+138JND8F+IPgjpEf/AAmPinVrZkktrSQCHT9hDrPcT/dXy3Cttzg4wxHQ/hp47+Pfjnx3 48uJrq/1rxVswj3GrkR3BLtkeVDlhbp83yxB2GPTpXPfFu+/szT4fC2iolvf+IZxJfzJw8pGeWYc sAST9eeTk16VDBOpBVYSatvpZ+VrhKcMPVcK0VN9LP3fnbXTsmvUPCviDSPGXiaDUrlWmm0NXkjB BMfm8KucjB2k7lOcggH2rhPFfh5tU8c3l9EiSO7K8jTNyMoMbFIwRx145zzXV+DvDy+F9OgOmyTX rJk3KRpvKLgl5G2/djQcljxjvXpngv4U+Hfid4yXUtYvZ1g0+NVkggJjM4JYrukHIAxjA+b0Iruz HFUsPhpV662abtv2DJMsxWYYunhMM9ZXUbvTTV/56Hn/AIS+Hvibx1NNaaXZ2+xSsYuQWVYVwDmR wAVPP3Vyx7Zrr/iJ4Kf4ZXOnaBc6i+rST2ayy3DLsLOXcEKBkgKFUAEk4xk9q/QvR/DWjaLp0Wma NbR2dtCMIkYwo9/c+pOSe5ry34mfBrw98QltJtUnura4tDhJ7VlWTZnLIQ6spB+mQeR3B/MMN4hc +MXtPdo6q279X/wPxP3/ABXgmsPlcvYPnxV077LR6pX0+b38tjV+GujW+meEdNTT4gtq8EbmLOTu YAl1YnOTnnJ56jnOe0a5axAmsXZg3UY469CMYH+cDNNgtLTQNJtrKBjBaWkSxpvOW2Rrgbj64HJr jJ/GVmXBtoSIzguT1ZDwpI5yzn7g646+lfms8POvUlKKvrv/AF1P3yniKeHoQhKystlsrL8l+C8j 13wj8RvFPhe21G00i5H2XUkMN5aTxpcW0yAEESwyBgRgkZXHBwSRgV8teMvg1DrGoza/4dmGmTM5 kEcK7YlJHAVQflA6ADIA6CvZLFknQXemuVKHBRTl42HVeM8jvjOO3rU9ilytwQXG1wSf7uM9iM+v +TXpYHPsbhGo06jVunT7j5nM+Ecpx8pTxOHTct5LR/erP+rM+aI/+FzaOUsotetyinaDc5cAdslo 2b9ap6dr/wAW9Yhnjvr+TT5I5XjULbpuk2dJBtx8hOQDnJAzjoa+sJNFsbpjJOoZlJBDDBBHYikT T7K0PyxqhU+1ejPjGbu/Yw5u/KrnLS8NKKcbYqr7NJ+77SVn22a2Pkq88JfELVoJ5ZNRuXmCMEaZ wAGxkHGM9ea+e7fQfF90BPeeIpoCeMQkhh1PDV+ldwI5blWH3B+VfD2sWT6Zqt5YnO63nkjwB02n gV+h8C5zVxntYV5Xatb8b/ofgfjNwvhsteHqYSNlLmTe+qta7fzPOW8B3z3XmXWs3EnmjggKgyR/ s4wPXg+wJq8/h3xRYKkdhqbTwyA5tb8Bo5B38uQDbuI/2Qw45HWvQ7SSRQokJfaOCT0/+sK1/wC0 tsfkTxrNE4wythlcA9wRz/jX6JCi1sz8LlWT3PEdVm+zag8PkSWkiKmY5FKDeUG7YSWDJnIBBPpx 3yH1MxBOgIHPuT69cfjn+dfQ1zZafe20kAiVo5F/1E37yLIH8JOWU985OOgArzHVvha19dr/AGRe LpgJI2XJZo8EZwki5JHop59TXZGpZWZyzp3d0cO2tmJQVkAzkAHnAHf1/Misi58UuEKnA9yQRj8O Mn3Jr0BPhDYQuyat4nTfnmOGIH8iX/XZmul0/wCF/gizlMklhe6xMvH78mNAfX/lkv5kj8aTkwjE +c7zV59QAtLeN5pG/hRdzewCgfyrY0T4X/EDVnWZdNks4XI+e5Pk8euw/OR9FNfWOnWzaRF9m0uy sdJhOCQgyd3YssYVSfU7jUly0czBp7yeZFyxUbY0JPP8IZhx/tCs3BN3d2ac1lY8n8O/C7SvDlzH e+IrtL+eMgrCFIi3DnJz8z8jjhfoelesnUpnjJEJiRl6uCp9sL1z9arrPY225rOGONj949WYA8ZZ uT0zXT+B/h/49+KOsDTfBunPfuCBLJjbDArcgySN8qDjPJyewJwKc6qhF9EKMOaStqzj4TNeXYii UvubAUcZyeAMV/RB+xl4Yv8Awd8DdO0LWIVtdRW4nnuIR9+M3BEiLIM5D7CuQa+DvAPwd+G/7POg 3nxF8b3sfiHxDo4AJT5oLa6IykMCkfNOcjDOAVHzBVHNffX7KD6nceCNY1HxHNu8Q6jqbXeowcgW kk9vC0VuAenlweWMdR35zXzOOxSqO0dj28Lh+Ra7n1HS0hpa886gooooA//U/fyiiigAooooAKKK KACivlz4kftReHvAniSfwzp2lyazcWTbLlxMIY437op2OWZejcAA8Z617L8N/iLoXxN8OJ4i0PfG FcxTQyY8yGVQCVOOCMEEEdQexyBpKlJLma0OOlmFGdR0oSvJHfUUUVmdgV5T8ZvjV8O/gD4Hn+Iv xR1F9L0G3mht3mjgluGEk7bUGyFXfk98YFerV+Y3/BXT/kzPV/8AsL6X/wCjTQB9paT8f/hbrfxg ufgRYapIfGdrpaay1o9tNGjWUnl7ZEmZBE5/erlVYsOePlbGF8cf2pfgj+zle+HdO+Luv/2LP4pe VLAC3mn3+QY1kZzCjiNVMq/M+B1x0OPh/wDaDtf+FV/tn/su/HaEeXZ+J4H8F6kw4Um5jK2Yc+8l 0zZ/6ZjsK8I/ax+Gsv7YX7Rnx10u1Q3dl8EfAMdtp4TkHXp2GooFP950SWBv93HTOQD9p/iJ8QfC fwq8Eax8RPHN7/Z+g6DAbm7n2NIUjBA4RAWYkkABQSScCvK/D37VHwW8UeMfA3gLSNXnfW/iNo/9 vaJBJZXMf2jTtkkglZ3jCx5SJyFchiAOORn8xP2gvjPqnx6/4J4/BPwfolyZvEnxo1PQ/DU/OWa4 sZvLu5COuPtVumR6OO3NQ/tW/En4f/spft6fBjxlrsMyeG/Bfw/urS3t7ZPMlk2x6hbWsCDgAuxR AWwozkkAUAfrZ8afjv8ACr9nvwh/wnHxb12PQ9KaZLeIlHlmmmfokUMStJIwGWO1TtUFjgAmu38G +LNL8deFtM8YaJHcxafq8K3FuLy2ltJzE/3WeGZUkTcOQGUHBBxzX40/seabYft3/G7xN+0R+0Vf R3mtfDy/+x6N4FkV1t9DT7yXE8UoHmuXVlyV5ljLOOI0T9vKAPKLH42fDrUfjJqHwDtNRd/Gul6U utXFp5EoRLFpI4hJ5xXyid0qDaG3c9ODXq9fiR8Uda+Ommf8FRvEel/s9afpV14q17wPa2JutaaQ WGnWnnQXEt1KsPzuQYVjVVB+aQEggEV9Ofs7ftCftEWX7SWt/spftP2mi3muwaKNe0rWdCEkcF1b CURsskcmOTk4IRNpjYEMCrUAfo3RX5lx+O/+ChPxp1Txdrnw60/w/wDCLwloWoT2Wlx+K7C8Gp6l Fb8i6kDqVjhkUghlTg5UF9pY4Hw0/b98aaj+xz8Tfjj448NWkvjT4W38uj3VrYs/2K6ut8EUMw+Z 2WMPPmUBj8qMykAjaAfqnXlF98bPh1p3xk0/4B3eouvjXVNKbWoLMQSlGsVkkiMhmC+UDuicbS27 jOMEV+cXhP43f8FBD4S8KfGzSl8GfF/wvr0to2o6D4XWX+0LCG6Xeyxzbym+H7sm9n2vxtK5ccX+ 1Nr/AMX9I/4Kb/D+H4E6Xp+o+MtY+H62VodXaSOxtUkvdRea5uBHhysUaMdq8k4ADHCsAftRRX5p /B39oH9p3wV+1Jp/7Lf7UcGgavP4q0mfVtE1nQFlhQi381nilSXbn5YnGNilSBy4bI/SygDyj4Mf Gz4dfH/wTH8Q/hbqL6poUs81ss0kEtsTLAQHGyZUfgnrjBr1evxK8O/ttfE7wp/wTvj/AGitB0Lw /puvR+Jjpxs7KwNrp5gaba5EEcgxIw6vnrzg12HxZ/aN/wCCgHwF8FaV+0l8StH8ITeA7q5tPt/h qzFz/aWn2t62Ig9y+FaYBlR2UsokIxGVzgA/YWuU8deN/DPw28G6z4+8Z3o0/Q9AtZby8nKs2yGF dzEKoLMx6KqgljgAEkVv6dfW+qafbanaEtBdxJNGSMEpIoZcj6GvzJ/4KT6/qnju2+Gf7H3hKdo9 X+MGuQLfmPlodHsJFlnkYDkAPtkz3WFxg0AfdfwY+Nvw2/aA8DxfET4Var/a+hyzy23mmKSB0mgO HR45VV1IyCMjlSCOCK8C+LH/AAUG/ZX+CfxA1X4YfEXxRcaf4i0Uwi6gTTbydUNxCk8eJIomRsxy KeCcZweQa+Z/2aIrT9lb9uf4kfssRRjT/B3xHt08V+FYB8sUcyoftMES9ANqSqB2S2Xpmv1F8SaL o13pWpXF1YW80rW8uXeJGY4QgZJGelAHwd/w9a/Yh/6HW6/8FGof/GK+pfAX7RXwu+JXxK8RfCfw nez3HiHwtZ2d9exvbyRRrBfxRzQMsjABiUlUkDkZwelfEX/BJDR9Ivf2O9NnvLGCeQ6zqY3SRKzY Ei9yCa+t9V8B6B8FfEXxa/amu5LnXNUutEWT7GkcUKwadolq8y2sPlpukeWTexkk3NyiAAJyAfTN FfjF8Pf2j/2//ix8LF/aI+GN14D8U2JcyyeCbFJ5dVit1n8ry2dXytxtG/azj5fmALYjr9e/CGs6 j4i8KaNr+r6VNod/qVnb3Fxp9wQZrOaWNXeCQjgtGxKkjgkZFAHRUV8EftD/ALRnxht/jl4d/ZY/ Zn0nTLrxxqumvrWp6prYlbTtK0wM0SuUgYO0pde4Kjcg2tvJTnPh18ff2nPhR468X+Bf2ufDtvqf h3w9oFz4it/GXh2xuV01oLRGklt7hnURJOURyqkody4w4dGoA/RqivyV8DfGD/goz8f/AAFL8f8A 4Uaf4P8ADnha78+bQ/DuqR3E1/qNrCxUGSdSqq0hUiM7og3XCoQxl8ef8FDPEt3+w5D+058PNHtt N8TWWt2+i6rpl8rzRW10j4uIwQY2+ZCjoTyocBgSDQB+steE/Hz9pP4P/sz+GrTxR8Xda/su31GZ rezhihkuLi5lVdzLHFErHCj7zNhFyAWBZQfzw+LP7Rv/AAUA+AvgrSv2kviVo/hCbwHdXNp9v8NW Yuf7S0+1vWxEHuXwrTAMqOyllEhGIyuccP8At12vx18S/ta/s63XhjU/Dx0vVdSurnwal7b3DG3u Et7CS4fUwvEimXa0Ii5UdeaAP0k+Dn7XPwR+OviW38HfD/U7qXW7jR214Wt1Y3Fs62CXItTIzSIE z5rABd2SDuxjmvpmvz1+GPxY+IM37cOp/BHxzp+gS32l/Dqz1W/1TT7ExXU2pedZxTolw7GT7IXk dkiYZGFycivnT9kX9pb9v79qmDQPH+laf4R03wLperJputyzxTrc3qeYslzJaxCQ7TBbyIFBdQZO SWGVUA/ZWivxB+DP7U//AAUT/aP+CmqfFz4dab4O0jTvCP2r7TJeQ3Rn1me2BneG1hUusapCyJ8z AtJ0kGWCdJ4Z/ap/bw+P3wKvv2iPhFo3hPwn4b8L2U0lza6h9ourvWLnToi989sB8kUGQViRmD7l IMh60Afs1RX573P7Wvxb8W/sg+Bfjd8Gfh3L4p8c+O3gso9PghnnsbC5MkkFxdXJj+dbWOSI4LOu Ay7nADNXhnxb/aA/bf8A2SNR8HeN/jpqng3xh4Q8Ratb6Zf6fo8E9teWnngsXt2l2llUK2HfcN2F ZRuBAB+perfEDwVofizQ/Aera1a23iPxJ5507T2kH2m5W2jaWZ0jGW2IiEs5AUHAzkgHmPD/AMbP h14n+K/in4J6NqLzeLvBkFrc6pamCVEhivI0lhIlZRG+5JFOFYkZwcEGvyj/AGl9O/aQn/4KW/DC PwLq/hy21WfR9Tbwy99b3LwwWa2k/wBqW/EZ3PIzCXyzHgAFM9DX1D4b/aJfQP2tP2ifD3jHTdKs vDfwy8O6ZrEuoWlkE1OeIafBdTiefdmYKGYRqQMAKM8UAfolRX5K+BvjB/wUZ+P/AICl+P8A8KNP 8H+HPC13582h+HdUjuJr/UbWFioMk6lVVpCpEZ3RBuuFQhjL48/4KGeJbv8AYch/ac+Hmj22m+Jr LW7fRdV0y+V5ora6R8XEYIMbfMhR0J5UOAwJBoA/WWivx6+LP7Rv/BQD4C+CtK/aS+JWj+EJvAd1 c2n2/wANWYuf7S0+1vWxEHuXwrTAMqOyllEhGIyucfrzp19b6pp9tqdoS0F3Ek0ZIwSkihlyPoaA LlFFFABRRXO+Itdg0WzaWRgHI4GeeaaV9BN2Jdc1y10e0aWRx5hIVRnua8G8Q+Nry5uFjLlIWOGP TG7IH6isLxLrF3qUod+YUJJXPXOcEe3f/wDVXE3t59oR45QCCMDqDjHf3Pr9K7KdNI46lVvY7u9v bi0tppMhZoHCNEx2uT78etc/e+IbyRYr21Ji+zthXQBSrH1I9QM/njvXFrez3HyXEhMygDJPUKMD 9KkF1LB5jI37uYBZF/hPIP8AMA+x5rYxMbXoLTXrK70vVIUuLa9ieKaKRd0ckcg2srKeCCDyK/H/ AMd/sa+ObT4lPofhGOJ/D18TNb3c8m1IEz80Tg5dmTOBgHcMEkHOP15837VcPvRomt2IAJ+8CPvY HGD2/wD1iqep2YvbV4x/rF+ZD3DjoR/npXlZtTryw8/qrSqWfLfVX6XFOpOMX7Pc+QPhZ+xp8PfB Zg1TxXnxNqUeDidQtqjf7MPO7H+2W+gr67a7utOSG3s7RJLYFUCR/L5aDjP0AA4A6flUFnqKy2qO flbGGHoRwQfoasR3cG75iVJ/Kv8AL3jzjHMsdipRx03KUW1Z309ErJfJI+BxWJnVd5zdyW4vpBae aEMbscAH0xnI/OvLfEk0uYraMndMcse+0dvxr03U5Ipoo23cdMk15dqkcq+IBHKMxyIuw9vevjcu q89RyfS5+s+BOAw2I4mo/WrNQTkk+skvd+5u680j0/w38L/DviDSrW4sPFtjDqEyAyWl4Gtij90D tkN9QMGneGPAuqav4jtfDtxcvcLa3DWdsolM0MHOZni5KhQoLfLgGu70f4V+IbTSV1LVnttJhaPz E+1zBGcYyMKoc5PocH2r0D4GWAl8RrcuAfs1nI4/35ZFGfyyK/bMj4fqYnMsDl+Iwbw7qtc3vS9+ Ks23GTbi7ap6K+y0P6tzni6dPD4mvRxHtFG9tI+63e1nFJPt3tuz6g0jSbHQ9NttI02MRW1qgjRR 6DufUnqT3PNPv9L0zVIvJ1K0iuk9JUVx+oq/RX+gSwtL2So8q5LWtbS3a3Y/k2tJ1G5T1b3v1PGf EPwN8FavFK2nxNplwwO1omJTPujZGPYEV8L/ABejv/g0k17r9jcXllbOomktFWQpG5wsu1mXKHuQ cjoRnNfqdXz7+0N4ftdR8LwanPGHWKT7NOCOHt7n5CD9H2kenNfz14weFWUvATzbDYZRnS96Sj7q nC/vLTRNK7UrdNbnyme5RS9i61ONmtdNNOp+eOj/ABU8B660a2mtRQySfdScm2bJ7DzQuT9Ca9St L3UFiWWC5EqHpu5H4EV+b3jDSYdB1HU9HnI/0CeSH6hT8v6Yqx8Dfi/a+AfEF1puszMPD+oZ8wqC 4t50+7IEUE8/dcAZ6HnbivhuJvo9UFlv9p5DWlU91TUGk3KLV9Gra21Stq9DyJ5Len7Wi29L26n6 Pf2vMGxc25Puhz+lWodSsJm2iXYx7N8p/WuE0Pxx4S8VhG8Maxaam78+VDKnm/jGxDqfYgV0LiOV vLlRo39HXH/1q/mbGYWpQm6eIg4SXSSaf3OzPHvOLs/xOyhC43bgR1zmvkn9oTxlfeH7S3k0mB7q a5uBuVAW2xJyScevAr3h7JkOYJ2iP+yePyrw3Uru8k8XXSRxG5trUpCWHPKZL/Lkd2x+HSu3h5QW JVaUFKMNWr2v8zgzerUdBwho313OD8FfGzT7iSK2vp5rG4OAVmDKM/U10vif4m2mpeILiEXhMWlR pETglS7fMxBH12/UV7xptp8NtcjQa7odtNIuPnKBJMjvnCn+dZ+ir+z14X8TprXj2whh0RRMrBke XzGZG2qUTknq2fUV9TkjwWY5lTw1OjKEpvl1acY3e7dtrX7s/ZPo28RyyXOPb5hB4jmTjBQ+JN7u zVm7XXTd6niVp41tbnCpcRyHuDwf6Vuxa9ayEBlIzzlTkV3/AIxvP2EPEk0iaRrOoaBOoB/cQS3E Y3dCYmDyjr6rivn3xR4N8FaWj3ngD4kw38A5SOe2u7aUnqFKyxNH/wCRBX6Lm3hLiKF3FqS7xaf4 aS/8lP8ATLI+IsqzGy5KtGT6TpyS/wDAopx/E9Tj1OE/cmH0birYviRlgGH518uy6740sHMaJFqk I/jibY//AHySefxxVFPibd2E2y7iktTnpIpH6jIr4ufBNdtqNm/x+7dfNH20eCp1FzUZKS8mfU9x aaNqAxd26P8AUA1zGs+B7cWBm8PKBqEhBt0dyI2JYLz1IAwTx6V5ppvxRguSiM6uWwByG5P05rqo fidpVj4i02zaUbiC55yAF4B/nSyvIcXDFQpyuo317WW551XK8wwesG9NbdND17RPCPh/w3okl18Q NDuSLOOSaXVdLvMzRxqNxDW1wvluqdflZGI6k8V7P4a+G/gHUp7C70r4sS6VeJvliiuLDyoJYQhZ xOJn2PhRkFZAAQfvdB4J498d6Z4l8HXPhK31SHT7nX1+xRSSHglgWdRgdSisMcfXNcL408VXvgb4 R6hbXko+0u1vBbsDuDSZ3uY27goh6f41/W/BOW4elhFinTXNG/L0drW6WvrfV3fmfyD4kZ3j8VmS y2VRxjPl5lurt3+1e1lZ2TS8j7n8F/Gv4ffCW18T+I/iBremLPa71tF07zZFvsLu80EIVjMpVUUE gA7ieOTz3h7/AIKZ/B9lvLr4h6bceE7JNotZmmW5Fw5zlD8sQRgBkckEZ545/n98UeF774oa/d6/ 4g1i5mw7JBApxHAiMQFXdnr1bA5Yk5Oa6jxzeW9h4Str3UIBcxWU0PmKVDnDZQnafTd+IzX7NlWD lOjL2jSdr3V9Px1P5+zmrhoYlKhFuKbTu1r9yVvxP271z/grV+zBpwb+zpby9ZexjKk/TyxKP1r4 X/aM/wCCmOrfFjSbGL4cab4m8L2FvIwD2Fytqt68u1UWWXyndgpHyqoXJY5zgV8meBB4WvNPW70L TrCOKMAvNHbxgkEE4PA2sOvI6Z+o7PwDewXt9P4inhUQq5is9yD93EnWRQRwXbgH+6Bg4Jz0xyWS 1nVfysYPPKMf4eGjfz5n+DdvwOY0P4q/Eq3N5pPim41Xw9d6/GYp3juZF+1A8AO6N/rM9A3Oea5X V10rwRE0OhJJca9rBWJZruYzTMxGPmkIyEX7xAGPbpj1PxZrVneTteRpnyjxxk7unAHU9hjvXdfD j9nDUb7VJfGnxOv1RbtAINLt1PmQxDkCWZsbWb+NUXjj5+K3zbN8JgKca+KfvPRae8bcOcOZlm85 YfAp8id5a2ivX+mzxGztNP021t/7PgiMMQeW4eZTLO9w2MSK5IA+bnp2AAHaHw98FpfjD4qfWdT1 GSy0rTNqDyFxM7dwrH5Vzj72G6dK+ofj34di8NfDpLfwfo6i1t7mOSaK2QySBdjgO23czfMQCTn3 OK1vgN4X1PRfAcN5rlqbK61KR7nyXGHWNz8m4diRzg4P418dnnGPPlXtsO+WTlZJ2vZdbdD9O4P8 Mowz5YXG/vKcYczauo3b2v1X3XtsLH4AsfD3ha+8O+HbRYo722lgZjy7l0K5dmyWPPfj0FeJ/s3+ CfH2m+LdV1LxdpE2m2kFssUckpXbNMWGdmGJICj7wyD654r7SW3MxKqpOMdsf/rqnJPDb/ukBlZ8 /Kv3Rj1PQfic+1fmGFz/ABfsa1B+97S127t6H9CZhwll7xWFxUfcdC/Ko2Ss+lrfdYnLbcqmMDqe gFc1qniTTdH3iWUSToPu9gTwBnkAnsOprN8TanfQRIkbiJJM4C8cDGWJ6454wBuPHrXlkOj3eqai lpI880lzMIVghVhK7SyqiZEe6YyfK+HjKoik5HGRhhMtu/e/D+v6/A9TG5ko03UTsvPt/X5dNx2t +IL/AFu6NvLISZMEQJwm0uBsb2XBMpPTGBk1ysF9GER/N2tIFcSL8wYyKMyJ03O4ysS9lG71r6tg /ZS+K99ZrcLZadaIyrK1vc3Pzs5d5PKKQq8S4LAtJ5hLn7yjHPH6j+yx8ULHwzr/AIwv3h0+fQ/3 iRzSRmW82R7JZ96kxrgZEQBHHbPB+wpZRVS+Br5f1+vz2X5lPjfAJ2jiIvVLe/p269dEndpw0lLy axvrrT5Ue3Uo6t5WxDnBUk+Qhx/CeZpDnPT2Ho9lq0GoxxSEhZZRkOowkuMAsvcDOQpOM14pZuLm LY0GH3NAYgRyUPMKn/nmv3pJP4jx7V3tg6y2cLoyzeaoJcjCOV74/hiXsO/vXm4zBwqx97fv/X9e uvL9DRzGdB3ht2+70t06dtFoqnpsGottWG+j84ADHZkHPQ46cH/PNLJPBNGTCA6HoSBvX6gZxXn8 GstYKRd73t0G7LcSIv8Aez7n7q9cflXVWM0cmZrV1kXpzg+xDjsfUY49BXzOIwU6T97bufRYTMqd Vc1J+q/r80WREfvDkV574q+GumeJ5jqVpJ9j1DjJP+rkI6bx2PT5hn3Br1m1i+1N5a4ic5J3H5SB 9ePw/Krcum+VlUVkZeqng10ZdmtbCVPa4eVpf1ucec5Jg80oPD4yHNH8U+6ffzXzPg/W/D2q+Gro 2mq2/kvg43HKuAfvKw6j3H0qjFKitg42kDgDP6nGfWvuDVNGsdbs307VbZbiFv4W7H1BHIPuDXzx 4w+F2oaEkl/oZe/sV+Zk6TRjvkLwy+pAzjOQAMn9s4c49oYpKliPcn+D9O3o/vZ/K/G3hBi8v5sR gr1aX/k0fVLdea+aR5ykzqF8vcqjuxx/n9aet0FyrtvU4yCcg/X14rHEx2sAoUEA5Zs8Y6/j1pGn w4G/5c9l5HPb0r765+OWNpLvyoykH7v2Ubc8VXk1KbgbgCARycn/ADiswv8AMA+c8DJPvjNdj4N+ H/jP4gaiNM8G6RNqdwMK3kpmOPI6ySMQiD3YgcGiU4xV3oOMXJ2Ryr3kjkiVj36e+ev410/hPwX4 n8d6rHovhTS7jVrt+dkS5Cjjlz91R/tMQPevp6y+Bvwr+FwTU/jh4mXUNSjJP9h6S29sjkLPMNu3 nqBs9nIqj4m/aV1G104+Evhbp8PgzQUDApYAC5kGPvSSgbi2OSR83XLGuJ4uU9KKv59DqWHjHWo/ kbml/AD4afCyKPV/jtraXmoqgkTQ9MffJxztmlyMA98FR1w5Fd14e+JXiP4kG58O/D2GD4c/DjRF 8zUr6zQJIkIGSqS7R++kA42jcOpZuh+Vvhn4B8VfGbxFNaretaaTaDz9S1CUnyoIwdzEuerkZ2gn nkkhQSPpKWDRvH8B8D+DRLoPwm8G4m1S/ORJeyKByx25Msh+6uCVGG25CIPMxSSdpu769l/wTtoO 6vFWX5/8AszeKtGv7P8A4WTqNgLTwF4PdoPDWlPj/iZanz++kzy+D88rnJzkZJ37vuD/AIJ961f+ IPh74t1fVpvtF/e67JcTyE/M0ksERJI6DkcAdBgV+SHxW+Iv/Cf65aadolsdP8P6QgttOso+EhgX 5RntvbALnnJ4yQAT+qn/AATgcf8ACsvEsSkYXU0PyjgZhUde/Ssq1DlpXe5pTq807H6KdaWkpa80 6wooooA//9X9/KKKKACiiigAooooA/NP4x/AL4hR+PdW1jw9pkur6frFzLdRyQYZkadi7I65yNrE gHoRg5zkD6q/Zz+GetfDfwfcx+IsR6jqk4neFWDeSiqFVSQSC3UnHHIHavoKiuieJlKPKzyMNktK lWdaN7/5hRRRXOeueG/tLa58VfDPwJ8ZeI/glbrd+NdLsjc6fC0P2kyGF1eVVh/5aOYQ4RRklsAA nAP4wftI/tiaD+23+z34P/Zy+GGkapqvxa8TX+mLqlibNoYrO4tVzdSNJ9zy/N5BHCx5Z9mMV/Qj VaKzs4J5bmCCOOa4wZHVQGfHTcRycds0Afn9/wAFH/h/e6t+yLf65oOX1r4Z3Wm+I7CTHKvpsgSV +ORtgeRvwrD/AOCZOi6jrnwc8WfHzxNb+XrHxl8TaprsoY7ttqJmhii5AyiOspXgfKwwMYr9JqKA P56f2U/hj4iX9uy3/Z41a3P/AAiv7PereKfEGnhs7TBq32ZLEEdAylo5k57tjgEn6p+PPhvQfFH/ AAVc+BeneI9Ph1K0h8K3l0sVwgkjE9r/AGjNDJtbI3RyKrqezAEcgV+ttFAH5CfttfDjxj+zR8Wd N/b9+A9mZWsilp430mLKx3+nyFUNwwA7gKsjYO1xFNg7ZCf05+FPxQ8H/Gf4eaH8TvAV4L3RNft1 ngfgOhyVeKRRnbJG4ZHXswIr0KigD8wfByg/8FbvHRI6fDOHH/gbY1HrpmX/AIKz6S1uoeUfDCQo rHALfbp8AnnAJ71+oVFAH8zHw08V/szeOm8V6x/wUN1zxZ4g+L1trFzF/wAInL/aaxEDaYLezgs1 VELOWRUaWNRxgBcM3sv7FXiPX/A37L/7S9n4c+GKa/rOi+InmuvBGoLIHTT7pFje3khdHkcxRRy/ IV3P5ZA+bFfvwbKyN2L828ZuVXaJdg8wKe27Gce1WqAP5c/HmpfsiXmg6F4z/YWvPFfg/wCPWoXF ksHhjR/7QkjS4Z0NzFK06MGVMtt8uZkYjBj2E7f0yu11w/8ABUv4XnxSIzrI+E4N75X+rF19qvfO 2f7O/dj2r9T4bCxt7iW7gt44558eZIqAO+Om5gMn8at0AfmF8Yv+UpfwC/7FfXP/AERe1+ntFFAH 8wuD/wAOcSMf8zp/7cV+s3/BVUAfsPeOQBgC40f/ANOVvX6KUUAct4G/5Enw/wD9g60/9ErX4z+E /hD4a/4KFftg/F34m+Nr3UYvA/w4MHhfQZNNumtZJJ4GfznjmUElMiVyBjKzp1xX7g0UAfhD+2H+ x14f/ZF8MeF/2rvgTeazfa38O9dsLm+TVL97xWsHk2EAsu5VMrJG4HBSRs9K/aDQvGOifEP4Y2Xj zw1L5+leItJS/tX7mG5g8xMjsQGwR2ORXfUUAfmD/wAEh/8AkzbTf+wzqn/oxa/Q34h6h4i0nwH4 i1Twlo0fiLWrPT7maz0yWTykvZ442ZLcvhgvmkbMkY554rsaKAP5ePG+v/sLeKfh1e+N/BuneIPg 1+0XbrMkXhzw+mopjWQzKkaq0ZiihdgMrE8LoDjaWGD/AEMfs2SfE2X4CeA5fjL5g8avpNsdU84b Z/PK/wDLYYGJtu3zRj7+6vZPsFj9s/tD7PH9q27PO2DzNvpuxnHtmrdAH5J/G7xMv7Jv7fNt+038 Q7G7b4ZePPCw8O3mr28Et1HpV7FNFIvnLErMqsIEwFBLbnKhihFaGr/tDeJv27NV+IXwT/Z50uG/ +FNx4S1OzvfE2oWl1al9cuIZEtILZ3ZB5e9omcPCX2hzhRtJ/VmSOOVGilUOjghlIyCD1BBplvbW 9pCltaRLDFGMKiKFVR7AcCgD8bv2b/2/fhH8A/2fNI+Dfxss9V8N/E34eWp0mTw42m3L3V9Jbki3 +zukZiHmpt5kdMNkjcu1m+UPiZ8KfHvw0/4JdeJNV+JOmto2teP/AB1D4mNhINslrDe+VHEkifwM RFv2kBlDAMAwIH9H72trJcR3UkKNPECEkKguobqAeoz3xU9AH51/8FVQB+w945AGALjR/wD05W9e XftMD/jI79hz/r61T/0l06v1looA/MDwkP8AjbX47/7JjF/6XWNP/wCCRKKv7GulkDBbWNUJ9z5g HP5V+nlFAH5Of8Eu1x+wLd4GCbrXv5Uz9hIf8au7j30nxZ/6OvK/WaigD+dTVfGXxG8I/wDBNL9n lfD+p6t4f8DanrF3b+MNU0PcL620ttSuchXQZVXBfnIVmVEbIfafAP2o7T9iuD4faZqn7J2k614v 1LTNVsbvxD4uu11SWGytPmRLeaS7WOJZbiV0I2xj7hGc4Ff1UOiSI0cihlYYIIyCD2IqG2tLWyhW 2s4UghTokahVGfQDigD8if2wfid4V+Cf7cnwB+PvjySeDwJBoesWsmp28ElzEJLiCdYwPKDFs+dG cLk7TuxgGuaj8FSfGj9sL9svwN4fnQzeL/A2kWtjK5Kx+bdaRai3ZjjITeVJ46Zr9n5YYZ12TxrI uQcMARkdDzUlAH40fs3/ALfvwj+Af7PmkfBv42Weq+G/ib8PLU6TJ4cbTbl7q+ktyRb/AGd0jMQ8 1NvMjphskbl2s3yh8TPhT49+Gn/BLrxJqvxJ01tG1rx/46h8TGwkG2S1hvfKjiSRP4GIi37SAyhg GAYED+j97W1kuI7qSFGniBCSFQXUN1APUZ74qegD86/+CqoA/Ye8cgDAFxo//pyt6+6/A3/Ik+H/ APsHWn/ola6migAooooAimmSCNpZDhVGTXzh4t1GXU9XuzI++GBiFA5G09D/AEP/ANevXvG9zNHp wt4DhnOTzjI9K8MuhZxRtcyu0USg4lX/AJZv6sDztz19OvPQ70o6XOatLoc5/axXeIohLkYDYBA9 Rggg+4I/wrkLy4AdvlwD2GePz5rR1CKeO6kuYT5cj7csBlGVSeCo4HU8j+QxWfcmK4XJ6+1dCfc5 mY1y7MFmhGZE5GOMjuD/AENPjuVkQMOjdQeoqrMskLbh8w9R1/EVnvcmOTzV5U/eH9f8aq5JNfGR VLoyLkgd9569OMHHp+VQJdF4FdwVYjkVZ88OPkJ59D6+9NS0WdVgQEt0GDnFZylYDkxod44dLO5Z HkZ38xhkBmOQNvQjnnkH3Fer/DX4Vav4ou3TXvMhhiGTMi/uW9lJIJJ9O3evYvAXwkjltY9S8Sq6 g4McIO0sPV+Mj6dfpX0LbW8FpAltaxrFFGMKqjAAr8tzbwnyDGYhYithlzXu99fU4f8AV6hOanJf 8E+cPEfwDtLfT5bjw7cyTyKuWt5cEPj+4ezegPB6Zr5P1vTpIHjgkXa8ZJjfGD9PwI6djmv1GzXg PxK+Eqa7PNq2jx7muDumhHDeZ/z0jzxk/wAS9+vWvwvxi8DoQpLM+HqNpL46ceq/miu66pbrVarV zwdXA16eOy5WnB7d/wCvwep8l2GvXcsZtrmVjKF2/MTkgeh7gfpXvHwR12LT/EJg1D9wk1s0QdsB cod4z+Ga8d1DwbrWjztFeWruFPDFSrY91ODTtMmTT7yO5lnmt5ITkD5uv0HGP51/NXBueTynPKGL krShLVS002d77aXP1bHeNmDxWW1cNi6XLUa9NenlvvZtdrH6QxTQzoJYHWRG6MpyD+IqSviTTviJ eWLiW1vlVv8AZbafxHT9K9L0n42Xirs1C2juvRkbYfxxkfoK/vTJfGTKMVpUnyv71+B+T4bifDT0 k7fifSFeD/HrV4ovC0WjA/vL25iGPaM7yfwwM/UVWv8A41WqxN+68jj7qne5+nT8zj618+eKL7xX 4+uLrU7GynuPs8REUUStJ5KtwWO0HJOeTjk+w4+E8X/FjA1Msq5VlkvaV6ycbRV7RfxNrfa/57Jn HneeU5UZUaHvN6fLr+B+dXj34YeKPHHjPVLvRLq0jjv5JrgfaHdAAhChflVsluMfrXzdr3wR+LPh fZLf6BJexQ+YzTWn75G5ypATcRnnJIH3q/S7w5oM0ZuGvYyj79iqwIYKnBznpk549hXWxaPfPMse niR5H+6kYLM30UcmvxXKfHvOsv8AZYKhyyhTSiouOrtZbp3v0PjctzzGKnG0ttLWX/D/AI9T8Uo5 JbaVYtQSSH7MhaQyqcq69ctjggLng969a8NfGT4kaAYjoXii5kh2grBcOLqMpzgBJ95A4/hx9a/V fWvgb4g8V2zDX/BT6jG4+9LalZPwbAcGvnHX/wBh611jUHk8N2uo+HdYKkRJLC88BPZWDASKpJ5I JxknBr9uwHi/h8fGGH4gyuUVLRNwc46+sb/cj6bD5zUnaOKo3Xez/J/5nztrv7R/xZm0d5Leaysp m2xxtbWu6R5JDtXAlaRep7CvafE2m+KPCmnW3gbTrt08WSRxS6pdyjd/Z/mruMbKwxJeSZDuv3YQ QGDOxWPd8Zfsn+I/2fb/AMIfEHxJ4h0nULvSdQt7y00vyZ5Vu7qAqd0nMe2OByH6tvO1SACTWhYW cl5czXl9K0s11K8088p3SSzSMWdiT1ZmJJPqa+n4p4LyTBql7DCRju7cqs/OXe2yT0V3pe1v2zw6 8O8JmtZ1a0VyU3qu7e1/RfmcDpuh+JdIsXh/4SjUbx5B8zXBhkIJ7rujJH0BrkvF+j3Wqi107U72 e+hWFgwKIcs+QThVGTjA5H4YJr6N/smxCZEecHqxP8un6VxPi2wfZb3VnD8qb0k2jorY5OPTFfGU MBhqVb29OlFS7qKT/BH9YcL8A5PhsXTrUsNCM1fVJJ7P8z5mPgvRYrWW3jyNyKgjky0Q2AciMHj/ AIDtx6VV1HwbavDczWu0yzxRBkVIt7bMcZlBDjjgPz6EV6+0dvKojlw+45KtjJ/E8jtyelQSWdog 2bAFJ5Kcc+nb/P459hZjLc/Z4ZXT2SseFXWl+I9Ge5ks50ljhWMrFLJHGiKRgBdi7lPGAGG30NaH hnxtqX9svoXjS2ilsncIsuGL27P93zQw+4em/t1+709Uk0+JxIRK0RP0wuB0zgn6isfVNHk1GGS0 Zg6TbSyElTlOVZT1Xkc7cf0rmx9PDYuk6dePo1uvNHXQw+JpTvTn9/8An/Wx1S/DLRLyae6s0FnN EmA6HAVn4zt6ZAzXyVN4w0ea8ktjBLepbyOkcwPzsgYhWGCCMjnGa9fj0vxXYLdWen6xd2tpdBty KRINjAj5S6nacdMYA56mszSvCmk6LG4SzLSYG6SReWOccDp7naB9K8rhXKamDnUliqntE7KPl3vf /Nndm+JxdaKpuo7X/S25xMdj4r8a+RLp4cQW0h8syHdtPB3DOcEexz716hq/hDxDry6da63qAmtr El8fMCXK7WOAepzj05Neh+AYoJbe7tYAq7GWTj3GD/KvQk0A3aGRgViQ59z7D8q+4+vyiuSnpHsf hucZBRliJ1K6vNPfr/Vj4yutNt7TWb/S4GWGNJpQTzj5jkZx3INYOuRWx0y7ivAt5DFtd8/dYAhv btXq/wAS9BjsPErzQDy4blFlDDozD5W7nJyuT9RVvwl8IvE3iO7g1O+EVlo1wVaQTZaSWMcMBF/d cDgsRwScdM/suW51h6ODjXrTSTj1722P5BzXhXFYjNa2DwtNyak9uivo32VmtThPD3w48Z+OvDs1 v4GsYtPW/Up9qlHkWsQK7SSVBLbQPuorHoCMcj6w8Dfs/eG/D2lwJrV2+q3yxAEKDHapJjA2xBt7 BT2Z8H0FepjxBoumwra2+3ZCu1Y7dQERRxtXjaAOnGcVmyeOraJlSOyJJzgsWIHHUkAKPxr84zbj rF4j3aMuSPZb/N7/AHWP3rhnwawuFXPiKXtZd5bfJbffdnhHw0+B/iLRvErah48NvNb6SyyWhhl3 Lcz5J8xlIUoE4YKR94jrtr6iaF5PnhUt+FYPh7xzo/iSR7aCaAOjAYhdJFzjJDEZ2njoe3SumdCz +Yh3DqFznH4Hg14mb43EZhVVbESTsraK1reR9bkGSYfJqLwuFptJu+rTvfz/AARgXq2tswa6lETd dqcscfSuYu/FunBjFbx73QfekbAA9TwTg+uKg8W6LNE01/ZHdG2dwbny29xkZXP0AHFeANpV1FqI vfs+lXfiGSMrdXSLJaSRWmNqmMkTkntkuoJGcVxUcHG7Vv6/yPp51VyKbldPtpb82320t1btv7Zp WranrurNHJ8tskbF1GQrA4xnvgk8A8n0xXT/AGKKIcct05H6Y/kPzrlvBUIggkS3kZo1jjVWd2dm Xn5i7EsenLtknt79jOTyj88YPGOP6D26muuMLKyPNxVRKo7eX5f18vU8x8ZS/wCmwQMSSqFx0GS2 clWPGQOrnhRwOa9v/Y40zT5tc17VfLV7/TbS3SGIGNPL+0b3l2xqWK5O0Fizbicjg5Pzl44uYoLy +MjKqxxAMXK7BmPcofd8vf5Yhwer8E1J8PPiNrXwv8St4g0jM6RbkureQcSRDy8pI4CIjH/llEpI BwcnBFfRZO4060ZyWn9f5/1fT4jjOjVxeXVMPRlaTX63a+dnf0fSLvt698aPiNN4kudWudWuLeS3 eR2jLSReWuAQWAZRFydsURzkD5+ckfUHxn1rU/GH7Mlpr+tzTWN6Z4gwU7XlIleEfIvyB3GHGRtV ueAOI7vxX+zz4rlfxV4p8NXlpqIk3XEQt5WV7lsKT+5Pls5I5YhW6lsHNeD/ABs+ONv8QoLLwt4T tp7Lw7ZSxLEECK88isYtkef3ahFDBtpJRSSPmIx7/P7OE+apzcy0+fV/L+u/5pDD/W6+HVDCuk6c k5NpJaaWVmm9VbSzTV93ZfNtjbyNC6FAyNJLDsViVYK5byFZsfIOGmboT0yOK9Q0uPzLGAsVkLIp LY2q+0cHB6Rr1Hr1rzqxVZ9PgMZWZJlwqwybonUc+WkhAPkp1kkx83Qelep6ckk2lW028TB0VxIV 2K+B97bxiNcYRcfnXg1o6f1/XT/h7e7+kTqv3e1v8v8APtbXZKX7yC/tUNlKzEptUuHIyQcffIPV j/AvavPtHv7zQrlZIA2xWVGhPzEk8rF1+aZs7pGPCivQNSmNtaSSs7JsQsXxllzxvx3dv4VxxXk0 RZf3aowxmLy0OWG7nyUbvI55lk7DjNOhTUouMlp/X9f8PaR7RxmpRdn/AF/l87bO16f0DpPiLStX RGt5FjuiCPL3YyyffMZIG4LkjI/TrXQpqRdRDOzEJwCeSv16ccfTHTrXywZbhJFlgI8wkAFGKK3l /wAKEcrbxd2/iPevTPD3j+CSFLTW5CCEDLcsAp2f89HHGxWPCDkkYJ9a8LMchlH95R18uv8Awfz+ d0vosBn8Jfu62j79P+B37a9nGU/ZZCjqGI3qTgOB+Wff261UdGB3gZXsR0rNS4eAfumDowyOQVPt 6enH5GrkF0JGLQnBPWNh2/r/ADwM+9eCfQRqfZnueTeNvhrpuumXUtGKWOouDuBXEMx6ncB91if4 gDnuMnI8t8I/BT4n+OtUfS9C0S6kMT7JZ5AIbaNm7tM2E9+CSR0Br66FjBOgmgcAkcq3UfT1qC5u 9Q/su60W11G6toLwYkEMrRgkdOFIB9weD0NfofDvG9bCxVGu+aHR7tf5r+l2Pxfjnwpw2PlLE4Fc lXqtlL/J+a0fXuclb/Cf4GfBsC7+K2uDxTrkEmTpmnPtt0IwdsshKscEDIzGe21q5Xxz+0z4k1DT h4c8B28XhLQY2Ypb6agiJB5+eRQpJI6lQue4NeUeKPh94wsr8Fo31OBz+6khRnOPRkGdp/DB7GsO 78DeLrKwbUL/AE64SBQC5YBdozjJUHIHI7cAc1+rYXGYSqo1HWUr7ar8v0P5vxuS5hQnOjLDyi47 +69PO+1vPY5e4uLm4YvcFiWJOXYY65/n716p8I/hJrvxT1mWKCdNP0bTl8zUNQf/AFNtCBk5YkAs VU7VBHQkkKCRf+D/AMF9V+Kd9c3c0q6P4b0sbtQ1Kb/VwIF3FUJwGkwOnRR8zHGM/SSOfiQjfCv4 Sj/hGfhv4f8An1HU5fl80Dl5p3Ypud8ZRDjONzbVACduMxiinGD+fY8rDYZt80iJo4fHkMnwj+D4 OhfD3w+PO1fVZOtxt5aWRiAWdwpMaHGcbjtVQE8i+J3xN0m5060+G3gJFsPCmjsQFA+e7l4zPMcA sxIJGfyBwF1/in8T9Fj0WL4Y/C+H7D4W085ZycTahKPvTTNgE5IyAevGQMKq/LrygHzGO4YOQo7n 64rHC4a9pS+S/V+ZeIrW92P9eh0ulafJqV/BDEmAGDsW+RFVeWJ/Cv2P/wCCdTsvgnxXamQSCO+g OV+5lo2B2jHT5Rz3r8UrK6BLiTjHOX5PHTAr9m/+CbzGTwn4xmIPzXVmMsfmOI5O3Yc8CpzGL5GV g5XkfpPS0nWlrwj0wooooA//1v38ooooAKKKKACiiigAor89fi5+0x47sPG2paB4Nnj02x0i4e2L GGOWSaSFtrljIGAXcCFCgHHJPPH0z8BPinefFLwlNe6vEkWp6dN5E5jGEkyoZZAOcZGQR0yMjg4G 88NKMeZnl4fOKNWs6Md0e40UUVgeocv438RN4Q8F6/4sSAXTaJp91fCEtsEhtoml2bsHG7bjODj0 r8uvhp+3X+2N8YfBen/EP4b/ALMia14d1QzC2u08SW0SyGCVoZMLLEjjbIjLyo6ccc1+kPxp/wCS OePP+wDqn/pLJX4wfsLfEz9uvw7+y94P0j4MfB3RfFfg+BtR+xald6xBaTzl7+4abdC86MuyUugy oyFB75oA/Vv9nf4l/Hj4jWeuTfHL4Wf8KxmsZIFsY/7Th1L7YsgcytmEDZ5ZVRg9d3tX0hX5j/tK /tL/ALRvwi/YwvvH/jXwzaeB/ijrepJollb2lxHfw2pumbZcK6vIhfyUcqCSA+0kEcHyz4sfsX/E H4H/AAM1n46eCPjV4xn+K/gzTpNcv7271R7jT782cZnu4WtZFIMexX8tXLg8BwwJwAfsXRX4v/ED 9oT4o/tWX/7OHwL8DeIbj4fj4uaJJr/ifUNKdorpLe1jl863tZfvRq7284HUkmMMSm4NZ+LvgbxV /wAE9/Hnww+J3wy8feIdd8B+KfEFr4c8RaH4g1BtQif7aHdbmAso8twscjZAB3qoyUZloA/RjS/2 hfDOsftJav8As0WOn3R1rQtBXXru8fYtsEklhjjhjGS7MRNuYkKFwANxJx7/AF+JPgn9n7Qbv/gq l4305vFHiRF0fQ7XxQjpqjrJLcPe2kxs5m25exBcqLfptCjPFfsf428T2ngnwZr3jO/XdbaBp91q Eo6ZjtYmlYfktAHT0V+L37O/7OXj/wDa8+E//DUnxI+LninQ/HPjKa9utETRdRe107RYoLiSCCNL bncm6MllDrlCATvLOfA/DnxG+Lqf8Es/jh4m8R+LtUn8YaV42FqdSW9mFzERe6UkiQyhlaOMl3AR Nq4YgAAkUAf0O0V8B/tfeJPEWi/8E9/EfibR9UurDWI/D2kypewTvFcrI8tqGYSoQ4ZsnJzk5PrX xp8WJ/i78Q/jH+yV8LvCPxC1rwkPHXgdf7VvLG7kWeSJbHz7qX5iVNw0SOEmYFkchgcigD9x6/O/ x1+2R8U/EHxq8SfAv9lf4ZJ8QdU8EKg17U7/AFBNO0+0nfpbqWHzvkMv3gdythWVWYeBW/gPxP8A sdftu/B7wT4G8feI/EPgr4sQ6pBqWm6/ftfgXFnCX85GIUBizxsDt3ZDgsVbaPvj4veLPhD+yJ8M vHvx4j8M2enmVlvdRXTbeK2uNV1CeXy4fOdFG+SSaX5pH3Ebmc55yAcb+y/+1hN8dNf8W/DHx94Q uPh/8SvAjxjVtGnmW5jMUv3J4J1VQ6Hg9MYZCrOrBq+x6/Oj9iT4NfFGXxb4y/a++PixWPjn4rw2 og0mBdqaXpMSr5ELnr5jIkWVPKhAXJkZwv6L0AFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAB RRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAfMX7QPxm8IfCe402PxnJNbWmpRSNHOkLTo kkZA+ZU+fuDwMEZ6cZw7PUIdWtTK2yaJ1Vo7iJg0M8bjcroQe4wcds8E9a4X9v7wNceJfhZZeILW MyNotwwkwORHOAM/QMoH41+Kfhz47/Fz4RzmDwrrsoskBUWdyBcWuM5wI3zs57xlT71pGWxlUo31 R+22tTy6POJ7jDacfvvjmD/aOOqf3v7v3j8ucZ97bBjuQ7D7cg1+a3hn/go5drGLL4i+EEmYcPca VMUyPX7PcFhn/tsBX0x8Mv2oPgj44uLTw7oGumzvLxtltY38LW0isefKVzmIk9EVZD/dHYVtCWuj 0OSVKS3R7ZcTSRsUnG3H8Q6fXP8AjVNlkBDBRIo/76rp7q3SVe49COorkLr7TaSbQuVPdePzHIz/ AJzWkmZtl7T9Mn1O9itNPRt8jAbe+Se2fU9q+v8AwV8MNJ8MrHe3+Ly/AByR8kbf7I7kep/AV5P8 FbKzn1szXKEzRQvLHuGeQVXJPqN3H59q+pd4FckpXOuhTVrssBqN1VfMpDJUHSW99G+qfm03zaAL UqQzxmKdFlQ9VYAj8jXMXvgrwnqIIudMhOf7o2/y4rd8wmk8yvLzLI8FjY8uMoRqL+9FS/NMzqUY T+JXPLb/AOCfga9JKwyQE/3WGPyxXMXPwB0fzVeyu9oHZlIJ/HJ/lXvW8mjca+AzHwU4XxPx4KK/ wuUf/SWl+B5NXh3Azd3SV/Q8lsfg5oUKgXTlsddvJ/M4H6GvUdH0bTdCtBZaTbrBHnJwOWPqx6k1 djO41pIgxXv8MeHmS5NJzy7DRhJq3NvK3q7v8Tvw+Bo0v4cbHzbr3wHlvr+bUdK1TLzu0jpOvUsc k71zzn2r17wD4HsPBejpbJGj30ozcTgfM7E52g9dq9APxxk13IVacM9K4OH/AAryPK8wlmWCoctS Sa3bSvq2uZuzfddNOrMcPlNClUdWEdRcCik5oJxX6Geifnv+2pc2l5rHh3RwztcQeRKy7RsWOaZw DuznJMJBGAMAcnt8kQ3UcJMfYNwD2Ga+0f2wdGsYb/R9eRG+23ULRsxJK7bN96ADsf3z59civiHV bG5tXSWaF4lnjWZN6lSUcBlOD6g5r4XxFwk3ToVor3dV81r+v4H7X4EZhSVfF4WT968ZW7pq34W1 9fM6KK+MjbAcKRg9BWgIYmXKtgn1rzu11VUDKxx0471s2d+Zn+Ttz1r8scGkf0yqcJO6H6l4V0u+ Yu8XlSHq8fGfqO/+ea4W98I6hanzbc/aQoxleGx9PfvjNeqwusjBS+fUH0q0IQSxYZXscYOPeo9n F6nr4bN8RQaipc0ez/q587TQTLIyN+6Ydj29sf0p9voutapLJb6ZazXLRpvcQoZMKD94hcj068A+ 9e532mW10oW7iWYe4ww+h6/kaw7bSP7Km+1aLdz6fcAYDI/G09VI4OD3GcVMILm97b8T6L/WS9J8 itPpfVfO2v4HihhmgfyWQpKvbBDblPfv/nFQLP5ZBbCkZI56Y7Dqfy/Gver7UvE88huNSWz1b5FQ NLawFgq5xtwisD9DzXEasxuZcz2kVqAMCOJCo9M/MSTn64HtWlSEI6xb+at+rO3BZxOrpVhH/t2V /wA1F/gZHg/VEsNbj3HEMw8tyQAMMep9gQMmvdrqzAtXeVhHHj7zHAx9TXhqw2u/7oy3H4f/AFqm dIymwgHnjPY/X1raniLbo8XOcnhiantIzt30uP8AEEPhie8tnvIhqcli++NE/wBWCeDvboR0O0dw MkdKjuta1C+YpM2yMn/VJwox7d/qc1BLGnOwbMDPTn8frmud1NriSH7FGDFFMCssyymGRF/6Z7VY 7uoHKkdjmtJzqVbRb0W3kTgcrweDUqlOF5vd9W9lf0/AdqOrSrK2n2E6W01uBLPNcW0xt1ixyFkz Ghf2EmQMnFcvtgmtJW0eafTdLR/Na+sZIrk3W0YZQpjuHI9+GyMCsy41HTLWyhbVb59J0CECA2+p JHm7Y5PzPdF5SDj+IBiec1fMd0qWutanpkkk1oVSztdMupHi2NyGaN/s8OR6uCB0zXbSocq8v6/H 77Hn4nGe0m27X8r/AIWu0u3wubtsjc03Xfsdwk7XFpY2V0f9Ctmia1vJXHGSkzR4Oc8eXnofr9C6 NrS6jBtQ7HT7wI6npkZ5weevH1r5pee5imaKC5/4mYjErT3loWht4TyyrJEsSN9GlPr0FdJ4c8Vw yhdQ0+5triwzsjuY5tyzOP8AWAggLw3Rt7DPTmumNJrX+v6/PU8XF1IVY8revT9Vu7fkrxW9z6Cm uC6GI4YEYIPIbOR+P8q8Z8XaFLEssETOtvcfdYBJWGOq4kVg31YbQPevUra8t7uBJ4G8wSZ7Z5HG MdT+gqtqUdpexSWc67lkwM8MSR6cHcR/3yOeoropx1PnpV3G6Wz3/r+tznvCaubB5nPzPISpH8Sq oG7OOf8AePHZR3PRzRkghPlzz977vuO4/wB48ntVPSreTTbFLVn3kM2SMuSSxOOcZbB9Nq9O1WWl JYDJJBzhTyT1wpPVv9o8CuhQ1sebiMQ3eS/r+u3ojwjxRNLFqN5MSUdZdituEZRWcIOdy+UrD0Pm v2wOD9V/sw+D/CM+h6p8RdXsI7250p5fsrSomyFQvmu8Ue5wrNhfmJ38Z4zivkm/uQ8kEiDzXkuB sMQZtznlhDkMGYfxzOMejDivavhd8bLL4feBtT8H3GlSTvqrSotzHNhvtE8OwRhZAZJXXYSxP05A 4+kyucIVeaXn/X9ea7HwfGWHxFfBeyoJtuyevTR/NWtfytLrI9E079rvW7jW47fVNHtW0ybbvjDt 5oidiDISxKqgAODIo39gtYX7TXw00DQTpfjXwzbrbWuqhYpYlxHEiQx7ogpwfKhKkkpGMk8AgHFf KtvNHBJb3kjBIklhdyfMljR0UtliTD505J/hXC9wCBj7U/aQ8W+Fte+Gug2+iavaX81pOPMVHWZ4 2WAjmIHl84ABIAJBJxivQhXlVozVV3atbv8Ah+nquh8xisBSwOPw0sFDlUrqW9red/nvppaWqmfF NosrWcYlG8vChYSZUFVAwX3gNHAOyth3PUV7XpULnS4GkHz+UjElNo6DDMvZf7q144sfkW4DHyTE V3BvnKS4+UyBciSY/wAMY+Vfyr2fS5Ghs7YMrJhVJSQ73DHnDesnr2XPFePUjp/X9f0unKfcYqq0 0v6/q99+t7+97QyNasPL066lDNGVRjuAy4LDGQB1kb+Edq8GeIwjyRHtxmHy1OSO/kI3949ZpB0H Ga+ktXaNrKcpu5RgAp+cHuFJ43ernpXz5ctGYyscfmNtKKkZ2gqOTFGSQQgP+tlblu1aYWGj/r+v +H21vk8Sn/X/AAH5dO2jfKlkyF34+STeMYzsjkEfb/ZtovX+NhWU9xkmZJSwz5u+QZPP/LeRRn5u gijIHUVsSsszgvsdZgGyw2xOI+ASD92CPB2rjLmqrKdzO7MpTErORlgTx5pXrvY5ESYGAAfevRhT /r+vu28racseGviuq/rr3873v1b5tXUqb3hbxld6LMbKdDNZM2wxE73BYZ2g85kbJZ8kKo4PNfQG lXdhq1smpaVKJYznY6+uSOfoeK+VmtFUBdmD/qtit90tz5Ktn73eZs9iPatrQtbv/D92t5YTAKcs +4YidV+UsRwfLjHyoASWbJFeVmWSQr+/DSX5/wBd9fmrtd+W5/Uw/wC7q3cPxXptp5aJbWg7Rf1g hVyvmPscj7wJweeM/wCI/HJqeSIPtFxjceN69/rXI6H4l0jxRC8cH+j3qgF4ZGxgtkjjHUjk4yQD yM9Olik8geU6tJHkjBPKk/T6/rx0r4fEUJ0ZuE0foODxsKsFODun/Xya6p7F+SDykQOAMd/Y1CCj jLA7OwHVif6etC3aJGIpnBiY5Ujnb7Y/njNUZbz+0rmS2g+Ty1BYq33+cDb6Dua0oxUtRYqo4q3c s6jHqHi/TdD+HL6za+GvCFo8jXhhi8reoYydVG1mBBwWwu75m3ECvJfiv8W9IudIi+Gnw0tTpnhC wOP7sl5IDzNPn5myRkbuScE44VfWUHlRqok3OowWHQey+1fNTeEdN1XXNSjhAtjbzybiB5oUNJhf 3YbeRznCqfYV+t8FZtLEOVGtry6p/wCf+Z/NHirwtSwXJjMKuVVHZrpe19Oyfb7jyqZ2WE5wvc45 54Pv6Vi3MwkAALgD3wP8/wCFev8AxE0DQtISws9NF0s9urRXTSwG3R2XgGNXCOe5JZQRkDJxmvFL oo1wVjAG3AJJ57V+l03fU/EJp3sX7J1jkBU4J4OOTg8Cv3A/4JuWuz4W+Jb3A/e6sI/U/u7eM8t3 Pz9O1fhraBhKuzp1OPlX8/Sv3h/4J5akq/CfUtAaAxyQ3xvA+0qHjuEVAcH08o49Rg15+Z/Ad2B+ I+/zS0nWlr589YKKKKAP/9f9/KKKKACiiigAooooA+Ovif8AsrHxd4qu/E/hnVY7D+0pDNcQTozK JW5d0ZTn5jklSOucHHA92+E3ww034VeGP7Cs5zeXE8hmubhl2+ZIQF+VcnaoAAAyfXvXp9Fayryc eVvQ4KOWUadR1YR1YUUUVkd5w3xP0bUfEXw18WeH9Hi+0X+p6Rf2tvHuVN801u6Iu5iFGWIGSQB3 OK+c/wBgX4V+Pfgp+yl4L+GvxN0v+xvEmktqZurXz4bjyxcahcTx/vLd5I23RyK3yscZwcEEV9i0 UAfLf7ZH7PEn7T3wF1v4XaffJpmsPJDfaZcy5EUd7atujEhUMwRwWRioJUNuAOMH4z8b6j/wUX+N /wAJbn9nXX/hLpvhK/1y2XStc8Yy63az2cllJiO4lgsoS0geaPO4Bn2gsAqkrs/XCigD8s/iz+xz 8S/hrafA/wCJH7LjW+ueMfgfYHSTp+oyLbJrVhNGUnAdiEjlcySnDOqgSEhgUUNm+KPht+1P+2l8 Rfh8PjZ8P7f4QfDTwFqkWu3Nm+qwatf6rf2pAjjU24URx4LJkquFZ2yxKAfq9RQB+ZPjb4cftG/D j9vl/wBoH4aeBYfHHhDxnodjoGpONRt7KXTUW4hM05SdlZyiQh1VQQwJGQ1fo14n0vR9b8Natovi LH9lX9pPb3e5ti/Z5Y2SXLdhsJ57VuU10SVGjkUOjgggjIIPUEUAfjL8AYP2zvgp8K5/hL+z7ZeE fip8Oo573/hGvG665bpa2FvPK8jm7hR2aUwyM7MkYO1ty5ZQBXmP7IPwN8TftA/8E0vit8KtO1CE 6z4n8UXtxZ3krN5FxcWTWE6sX252Sy25UvtOAc44xX2Jdf8ABMT4Rw3Wq6f4R8feOPCHg/XJZJr3 wzpGtfZ9JkMn3kETRMfLI4KsWOOAQAK+6fhj8MvBPwd8DaT8OPh3pkek6Do0XlW8Ccnk7nd2PLyO xLO7ElmJJoA/IL4p+Hf+Ci3x7/Zml/Zv1L4Paf4Y/s+ws7fUNVk1yzlfV/7NMbxQ2kKPtheV40Z3 eUx4DLuXOK+hLP8AZ6+L8X7SH7K3j6TQcaD8NvB9zpWv3P2q1/0O8k0qW2WPy/N8yXMrBd0Suvcn HNfptRQB8JftDfBn4k+Of2s/2d/ib4W0f7b4a8Cza0+s3f2i3j+yrdwxJCfLkkWWTcykfu0bGOcV 6D+2Z4S8beN/gfeeHfAPw80z4n6pPe2jf2Lq04trWSJH3NKXNxajdGQCo80ZPY19WUUAUdL+1f2Z afboVt7nyY/NiTlUfaNyrgngHgcmr1FFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUA FFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAGF4n8O6Z4t8P3/hvWIxLZ6jC0MgPYMOCPcHke4r +bH9pT4K6z8L/GWoaBqURAjdmhkA+WWInKup7gj8jx1Ff0114X8d/gR4V+OfhaTSNYRbfU7dW+x3 oXLROf4W/vRk9R+I56tMaZ/JJrFhJHIzAEEZrnSSrY5BHOeh+tfY3x/+Afjv4QeJZ9G8V6XJBks0 MyqWgnjB+/E/Rh7dR0IB4r5SvLRY5TlcMCeOn60Mo++/2ff23LrQorbwd8ZZ5buxjVY7fVgpkmiU cBbpRlpFA/5aLlx/EG6j9DrPx94C8RXVvZ6H4l02/uLtS8UVveQyyuoG4lUVixAHJ4471/P7feG8 aWutWFylxCG2vGGxNFnON68dezDKn1zkCt4f8R+JfBGtWXirwtcvZappz+ZDMgBKkgg8MCpBBIII II4IrT2j2ZyTw6eqP6pvg3Nt1Z4x0MLDj6g/0r6OLGvxU/Yu/af+JfxD+JfhrQteaGWK5eSG6WG3 WJpA0T/MxHQocP8AKADg8en7YeSx6VmyqUXFWZDuNGTUwgf0p4t2pGtyGjBNWhBTxD7UDKeDTtp7 1cEVL5VAFPbRjvVzyqQxUrAVkba2a1IpQwxVIxD1FKo8s53D86EBpjrRxmqyzx4+YilNzCP4h+dM Cx9KSq63ULHAYVYBXHWgDwv9oPwDN458BTPpkJm1TSG+1W6j7zqP9bGPXcnIHdgBXz14m8F6APC+ hxeK/MvfDl1ZwNYa5AuZNPLqpEFyFzmAZwrHOB8p6Ar99ZX1ryTXNFvvCc1zq+gRm70e5Lvd6fgu I2kILyQoATtbLNIignJLKDkqej2sJ0vYVoc0O3+Xn2MKSq0MQsXhpuFRW1Xl3XVdGfmX8Qfgt4i8 K51OBV1HSpBvivbX542Q8hjjO0Ed+V7BjXioM1sQpJJHfkV+qlppOn2CDWPh5fxWkF7+9bS5WEtj KCfnaEKcx5zktGcdyhrzvxV8F/Anjm+eDTVHhfxBIGK27ANbz7eS0OMLIvqYyGXq6A8V+e5twRvV wEuZfyvdf1/TP6A4U8YlZUM2jyP+Zaxfy/y+4+CbLWCFAlbaw4B5Y4H1OK6221mKTCSnJPTnPNdJ 44+Anjjwa7z3enPcWqHP2m2HmxAHucAMo/3gK8dazvoTiMk46cf5/nXwOLwk6cuWrHlfmfu2WZhh 8TT9phqinHyd/wDhj0tbgNJkncOxz0qVhuHDA57GuBt728hyk5O4e3St+2u42I3sd2e9cU6bR6VN 8zNeez+XzANpOM45ArJntHlXYyrKh6qeQfwNa1vP8xIbHb1qa4jD8kfhWPM7myvF2kee3Wh2UuXD yW7rx8pH6hgc1j3GhahGha3nS6j7dY5B65Ukr/4926dq9JW3EmVYY+vNUbmzMHzRHcPpVo74ZhVi 7c36/meTP5kcoimQow6gjBA6ZI4wPf61h61p9tqlv5N4GlidgSNzIcjnBC4OD3ycHvXrt5aQ38Xk ygKwyVYjO1vUdPx9q86ubfyzJD91lJVs85Ppx1Ptz9a6KO6aOz+0IzjKNReq7o4Z5Z7a9d5L+Se6 uv8AUWrwhooe24+Shf6s8m36VXOnxx6pJdWVtbX2s3QEV1eQyLE9upwo2qxncHA+6AFJGT7dTDcx SxmIkIwbGD93kHr/AHvYCo7a3061tXs4o0toJf8AWLGBGDuycsUxjPoOfWvUhLl0t/X4f8PueLWp +0d1LT8vvvrvd9FdJaHLyzrHC8f2++02w0+Qm4mukDm6JOBGr3G9mUnIwiAYxtYVDex22qeXq2qW +n6gqMX0uG5h8l1ZiADvnJYyEAfKqAj+faI0MSCOH92qDjb8hVcZ5z9wfXn8azZbbS3vItQ8iJ7u NQiSqgMgXPSLPI5b7x47100ayT2/r8/nfb0Z5mOwU5Qtzp+XbzSu46X0Vrczu3qmdj4Y8QXcZ+za sqwyyopk+YtGp5ALSFV7DATAPIz1Fd+LgtIN33iBnPB2/wC0f4F9uprxT93u81CAWwMr8w3LnGwf 8tJOvJ4H512+h6mbqEIWUm3cK2SXCt6MScyScHcOgIxxxW3Ldc1v6/r+tr+Li+WDUVK/9b9N+ui6 u3xKPe/aATtLf6wk9MZB6f7o/U+tYOrXQjsro53ZhfP8CkAHqf4I89T1Iq3vAwpJbsc8nPqexPoK 5nxbPLa6E0qqAruquJDhByGDNzl/ugKmcHjJow93LX+v6/rocGNSjD+v+D+N/PS9/JL2G4uZovKA lEitkEvH5iBGVQqqV2W4J+YMRu6jnBp2m6XKYTLFIXiVUjRbdVgUIqFPJtl6rCOSZGOeBg9Krz3G 9JI5FDfL5knncb89Jrgn7qYyUj7jFSm9kIkUbme4TcY2xHJKmPvOekcA4AHGST1r2YRsvL+v66L0 XweLiKybvFO/z9PN7+ru/tS/iyrbWwRPJX96VEUckXzSZVAmIGclmfbw8zc4zzSwmwXy5Nodkcwx sv7zZIyiJo7bcD87D/WSDAzk9SawJJWuAG3G485cFgSnnoPm2oP+WVuD/F3C9eapfaH3CRRvMo2D ywELRgcpFn7sK5+aQ53E5zXRFd/6/rX8b/aS4Zy5kuVf1pbb5Wt/ds3+7cuokvYUi/cnYI8xKYgX 2lhzFDn78nHzyHoPwr0+zuBb2kNsy7NiBNi/w4HKKe5/vNXgsE0lxcW8cJOZ/wByggwmVyMpb91i B5eQk5A/CvaeofaihSMYU7VAB6L6J6nq3aoxErJL+v6/4PW5zQoObvf+tPl226WtdcpPqWoYsJpA qyFY39kYKD8uT0jXueprxWS9E5AlxMJVySx2CRF/iYAfu4F7DALk9TXc+LJpbPR5DIQxuGWJQcgM T2KjkgLnbGOT1bjNePmVpDkDktuOQGLMv8RHRmXnCgCNMck4NdGCjdX/AK/r+t7W5sW1F8u/9f8A Btrfd9OdT3nu4yZJC4IbbIzSDaDjhZZB/cXpHFk5wOOaga+EZ3puVg24hhuZHfjewwczPwFUD5B+ JrK3SFRICT1k3Z3HJ4Mm48M3bzGyq9FBNUHBQiM/L5Zx3Xbv7jILDd3bb5j9AAM13xj0/r+vw+Ss /PlVW9/z9fXz79b8zvHSln3naoAC5jADdh96NX9T1mfcOCRUa3TBjIXHO18sCFOBhWK8fKo4iTB3 EknpWb5wUODjd9wjA/h5C4z0HXy93vIeoqI3QIUKxAPzZ3c5P8WSBk8437T6IOpHRCDf9f1/Wr1t bjq4hLT+tPS23lbflVle/TWF7LbzRvbM6SxsQqhsOGPJUH/nq3WRsAIMjrxXt3hjx2NSWKy1Nh5y gkSj/VyDoenRf4QTjcc45r51tpo8sG24jG3bzgg/8syM8DqdnDN1cjnGrHckj7Ru3D7xY47cBt3K 8dAQ21eigmubHZZTxEOWa17/ANf18ysvzyrhKnPSenVdH/wVsmrWeitFWf12kzliYQWQgBl6Buef X/PTpmp4PLt4T5WXiJJI/iTd6H0/yevPkngzxiMxaZqjbXHypIxbLEHjO7n+Z9cdK9WkltkUSB0j OOctgP8Aj0/zxXwWKyqrQlytH6Pg+IcPiIqrB+qe6fZ/o+pfLKU3xNuX16Vw2reGzqHmapo7fZ9Y iCmOUHCvsI+VhyOQMBsZHTp07Kwktyu5Vd0f+HaQCfZj8v45FXeYTthQcg5wd5X6lcr+TV9Fw7km ayqxrYOk797afO+lj5jjHibh+WGlhsxrRt2veSfdWu7/ACPlr4k+LrjxVa6VYXmnvDqem+es8krh nkkcg5KhVxgjp3JJ715Fb2VwHMCWZuJmOBsV2OeOgH0r7e1bwl4Z1m8TVdQtmkmRfLcK7IrgjHzG PBOOeCenFa+k6Ba2RKaRZ+VvxxEgXP4jn9a/orL+HsVKmpV7QfVXv/wPxP4zzTPMJCtKGGbmr6O1 rr8/wPnnwH8H9T1GaK/12NraL5X8vA8xgDxvJ4RT3HU1+0v7Iq6Va6R4i0q1Xdf201s1y4/1eJEY xxrwOUAJP+9XyD4J+GHjvxifI0CyMMO797ezApbW6j77NIwwWA7DLexr63+DGq+E9B8UWPwy+GU3 9qwW7S3mtaqM7LmURFAsfJyisw5yRnGC3JPn5zhoxhKjR962sn5L8v1fc6crxEpTjVraX0S/rf8A TyPsjpS0hpa+JPqwooooA//Q/fyiiigAooooAKKKKACivyS+OfjDxL4g+JeuW+q3MqwaXeTW1tBu IjijhcopVc4BYDcT3J9MV9mfspeLPEHiXwJe22uzyXa6XdeRbzSEsxjKBvLLHk7M8Z6AgdAK6qmF cYc1zw8Hnka1d0FG2+vofUNFFFcp7hj+Idf0jwpoGp+KPEFytlpej2015dzvnbFb26GSV2xzhUUk /SvyZ+G/if8AbT/buj1D4neBfH0fwM+E73M1rosdtp0d/qmopbyFGuJHkKFQSCpKSqoZSoRtpdvv H9r7Sdc139ln4r6R4cVpNQuvDWqLGiDLSD7O5eNR3LoGUDvmvLv+CcniTw74k/Yz+Gx8OzRyLplk 9hdIhy0V3BK4mVx1VmJ34PVWBHBBoA+cNJ+OH7TX7H3x08JfCb9qLxDD8R/h18QLhbHSPFiWaWVz Z3rsESK5SP5cbmXeHLEI29ZCEdK/RTxZ8ePgt4D1LVNG8a+N9I0O+0W2ivL2C9vIoJILedgkUjq7 AgOzBV/vEgDmvzk/4K7TWWvfDv4U/DLSCsvjPxH40sjpUCH9+VSGWCR1HcebcQrjuWHpWXq/wl8B /Fz/AIK1a3Z/ELR7bXbDw94Gt9WhtLyNZrd7lJbe2QyROCjhROzAMCNwBxkCgD9Nvhh8bfhH8abG 51H4U+LdO8UQ2TKtx9inWR4S+dvmx8Om7BxuUZwcdDXxJ+xj+1PNq3wo8Y+L/wBo3xzawND8QdU8 O6Zdai0FmmyOC3kt7RCixqzcyEZyxGeSBxwfg3wN4U+FH/BVu70L4daXb+HdK8SfD0315ZWMS29q 8/2sIXEMYCKT5CsdoGWyerEn59+AvwS/4X/+wR+0L4BtIPP1hPHuvahpWBl/7QsYLOaFU9DLtMJP o5oA/cfxf4x8K+APDl74v8batbaHomnKrXN5eSrDBEHYIpd2IAyzBR6kgVq6Vqmna5pdnrej3KXl hqEMdxbzxMGjlhlUOjow4KspBB7g1+FfjD413f7bHwe/Zi/Z2s7p5tU+It4lx4wKMfMSz8Nkx3Zk 9PtDxvPH7oozzz+7ltbW9nbRWdpEsMECLHHGgCqiKMKqgcAADAFAHknxP/aD+CPwWktrf4qeNtL8 M3F6u+GC8uVSeRM43rEMyFQeC23HvXQ6L8V/hn4j8CXPxP8AD/inTtS8JWUE9zPqlvcxy2kUNqpe dpJVJVfLUEvk5XHOK/MH9i74d+Cfjh8e/wBo/wCLnxi0W08UeKNN8X3Wg2sOqQpeJp1haM6RxxRz BlXKqI92M4jwMZbPi3iLw/o3wY+P37YfwW+GkQ03wXrHwl1fxBNpcGFtbPUFskUeXH0jDLcOwVcA BwANqqFAP1Y1j9sH9lvQLrTbLWPin4etZtWhiuLcNfxENDOoeKRiCRGrqQys5UEEEV7zea/oWnaH L4m1DUba20eGD7VJeyzIlskAXf5rSkhAm3ncTjHOcV+QH7P/AOy38C77/gmnJrOreDdMv9d13wtq urT6pPaxyXy3YjnkgkjuGBkj8nagQIwAx0+Zs/JnxH8VeNNc/wCCfX7KPw5t7W48QWXjPXjY3unr drZf2jFY30kVpp7XUnywq+VVXb5UKKxHyCgD90PAP7UX7O3xS8Rt4Q+HvxE0XXdaG7baW12jTShB ljEpIMoA5JTcAOa95r8Bf2h/hp+0B468DaHb+CP2RdM+EHiDwnfWd1o3iLT/ABRocctm9u4KxkIl v5gcgYDScPhuTwf3j0C41G80LTbvWIRb389tC9xEGVhHMyAuoZSVOGyMgkHscUAeWeMf2j/gL8Pr 3W9M8bePtG0W98OG2XULe6vI457druPzoFaMnfulj+dFAJK8gYrq/hx8VPhv8XtA/wCEo+GHiSx8 TaWshieexnWZY5QASkgByj4IO1gDgg4wRX5ceAvhB8OfiZ/wVU+PGuePtKtdck8L6VoMthaXkaTw Ca50yyRpzE4Ks0artXIIUvnG4KRC9tbfs6f8FA/iLo/wW09bHR/EPwyuvEmoaTZKsdnFqtm8ghmE C4RWPlqAAMZnY/xGgD9EfHf7Uv7Ofwx8S/8ACHeP/iLomh62Coe0uLyNZYt43L5ygnysjkb9vGD3 r0DxF8UPhz4S8LWnjjxJ4l0/TvD1+0CW+oS3MYtZmuf9T5cudjeZ/CQcHtX4F/sbaf8AEzVPgZP4 lt/2TdP+NTeOrvULnUfFGqeItKiuNQka4kjkTybuGSaARspGNw3PmUfeFcj8TfBHxc+G/wDwTj8c eAfiXop8P6fYeO7WXQrE6paaqbOxuWLta+dayOP3Uu4neFYszNtGcAA/fLwz+0j8AfGU3iC38MfE LQ9RbwpG82qmO/h22kMRw80jFgoiUnDSAlAeC2ayfAf7Vn7N/wATvEa+EfAXxH0XWtakLLFaQ3ae dMVGT5Ktgy4HPybuAT2r5P8A2h/2FPhtD+yp4h+F3wRsdG8D69f2umQPfy7bRdTOmzLMsN5cHLMZ WBIdskvtLHaOPibxT4r8KeCNR+H2mftofszyfCf/AIRXVbE6f4x8HeTFZx3MGTEsklur/ugV80oL iST5dyrkEEA/cD4l/GT4VfBvS4dZ+KfivTvC9pcsUha+uEiaZlGSsSE7pCByQoOKm+G/xb+GPxg0 eTX/AIXeKNP8UWEDiOWSwuEm8pyMhJFU7kYjnDAHHavzO8EeDPC3x4/4KY/GKf4v6fB4hg+G2j6T beH9Nv1W5tYI7uCKV7hYZAUY7nZwSCAZc/eCkLqvhDwv8B/+Co3w1034R2MPh/T/AIn+HNSXXtLs EWC1c2kNzNFceSgCIWeBMlQMlGPVm3AH3Zr37W/7MvhjTV1bXfiboNpbNdTWSk3sbMbi2KrNGEUl yYyyh8DC5GcZr2bwn4v8K+PPD9p4r8Fava67o1+pe3vLKZJ4JQDg7XQkHBBBGcggg81+Pv8AwTW/ Z9+D/jvRvjL8QvHvhLTPE2qXPjfVtHVtTtIrxYrS3SKbbGsysqb2uG3lQCwCgnAFer/8Eu9Ng8La P8dPAGlFk0Xwz8Q9Ws7CAsWWGGMJGFXcScbY179eepNAH6aeIPEWgeE9Fu/EfinUrbR9KsEMtxd3 kyQW8KDq0kkhCqPcmvDfBv7XP7MvxC8UxeCvBnxK0TVdbuH8uC1iu1Dzv/dhLYEreyFjXgn/AAUY 1H4Hw/CXw5pXxwGvapa3uv2jaZoPh0x/atbv4g3l2sgdGzAd3zgFWyV2kvsFfmB+2pqXjW/8BeBf GL/s02XwN03RfEunJp2tLd2MWpvIUkdLYWtrDFLGmI/MO7IVo1I70Af0AfEr4ufDH4OaIniP4peJ 7Dwxp0z+VFLfTrF5smM7I1PzSNjkhQTjnpXwtcftUv41/bh+Fng74VeO7TW/hlr/AIZ1S9v4rBre 4gkvLVbkgvIFMqOgRCU3LjAyvPPG674X0H42/wDBUm+8I/FewTWdB+HvgiPUdE0y+VZrN7q4ngWW 58hwUcjzmU5Gd0aH+Bcc1qfwh+HXwq/4KvfDW5+HmlWuhR+JvC+p3t5ZWcawwC4SG7h85YkAVPMV BkKACylupJIB+qXgP4ieBfih4fTxV8Otes/EejvI8Iu7GZZ4TJGcOm5CRlc8iqeifFX4a+JJfEkG g+J9Ovm8HzPb6z5VzGRp00e7elyc4iK7G3biMbTnpX5K+AvibYfsG/FT9pz4WauFg8PRWMnxB8KQ P8kUhu8QNax+xuHhgUDtEx96+ffHvw48S/Db9gH4UeF/EV5PY3vx78dafqHi69DbJZIdWWSeOOQk f88o4pGVuA6NxyaAP2n8HftYfs1fEDxSngnwZ8StC1fXJn8uG1gvYy874zthyQJTgdIy1eseNfHv gj4b6DJ4o+IOv2PhvSIWCNd6hcx2sO9s7UDyMoLNg4UcnsK/OD9vT9mD4BeFf2PPEmseEvCWmeFd T8BW1teaPqGn26W13BNDPEiqbhAJH83O1t7MWYhyd4DDw83jftN/tU/sv+D/AI2RHVtCb4Z2XjCb TbvDWl/rF3BJvklh+4+PLD7WHRSpG0kEA/WD4X/Hr4M/GpLtvhT4y0zxO1hg3EdncK80Sk4DPEcO qk8BiuCehrkPHP7XH7M3w21+Xwr43+JWiaXrFu/lTWj3aPNA/wDdmSPcYz6h8YryvXf2fP2YPhn+ 0NoHxws9ctfhp4tGl39rHpen3Fjpttq1ukbGeWSyaLfcNArhy0eMFYy+doFfnp8EL3wNqvgvW/DX 7Lf7LOofGPw7rd9e+f4t8a3OnWjahJI5WRzPPb5eKM5CqrIw5LASlqAP0x/ae/aj8MfBz9m3VfjV 4L13R9Suby2/4p15Z1ms9Run+6kRicebhQ77UbJCnng141pvx61D4v8Aw/8A2ffF/gn406B4evNQ 1bRbfxRbu0DNrF68FtLeaPCux/LuXaQgIu0rvABHFfnZ8FtO0/Wv+CRHxYTWrWG/Ph7WdROnGYLc fY2zZndbuwOw5lf5kxnc39417T8VvDfh3w58PP2BV8PaXa6WNR8UeDru5FrAkHn3MsFjvmk2Ab5H wNztljgZNAH63eLPjx8FvAepapo3jXxvpGh32i20V5ewXt5FBJBbzsEikdXYEB2YKv8AeJAHNT/D D42/CP402NzqPwp8W6d4ohsmVbj7FOsjwl87fNj4dN2Djcozg46GvzJ1f4S+A/i5/wAFatbs/iFo 9trth4e8DW+rQ2l5Gs1u9yktvbIZInBRwonZgGBG4A4yBWHr+iaN+z9/wUP8c3fwh0eDQ4b34Taj rUmn2ES29tLe27sUKwoBGpZrdCcKMsSTyzEgH6UeKP2p/wBnHwV4z/4V54s+I+h6V4iVljezuL2N HiduiSknbExyMK5U8jjkV6Z4L+IHgj4jWF5qngPXLPX7PT7uWwuJbKZZkiuoMGSFipIDoGGR1GRX 5l/8E/v2cfgb8Tv2O9N8V/EHw1YeLte+Iz6pc67qeoxJc30s5vJ4Ti4cGWNkCAgqwIfMgO45rQ/4 JDafZaR+zp4w0rTZ/tVpZeONWghmyD5kcdvZqj5HHzAA0AfqpRRRQAUUUUAFFFFACH1qJmbtU1MZ AaAOJ8beC/CnxA0Gfw14z0qDV9OuB80U67gD/eQjDIw7MpBHY1+Sfx6/4JvaM0l1rnwlv5YgQXGn 3a+YAepCTrhsegZGPq1fs60IPc1A1ojdTQO5/KDrXwO+LHw91BhfeGtUhEZIZlsZp4ZF7qSiMCpx yDxXNSfDXXNZu4x4f0jUWnnYBrNNNvSynodpMR4J9T/hX9bp023PJAJ+lOXTYF5UfpQI/LX9hH9l nU/hwT8R/Glq8GsTRNFaWroVNujjDSSEj75XKhR0BOTk4H6hRWe0ZY81pLbqvSpPLpJCRSEWOh/W kw47mr3l+9IYvemMokyDvSbpf71XfJphhbtzUtMCkTJ6mm4c9zVsxP2FN8uT+7S1E0Vdp7mk2Va8 uT+6aPLkx92iwmir5dIY6t+XJ/dpRHIf4aVgSM8w1C0B7VriJyeRR5DelHKDiYwRkORWrBNkYNKb diMYqP7LIDkcU0gSsXdwqpcybYyc9qcI5u+PzrJ1E3CIQV49R0qrjbPHvEPk2MtxNaQpC0zF5Cih S7HqzEDk+5rznSNe0DVNbl8O+KkZ0nVWtXxuUMN3mLt9VAV1A+bqRytewapYm4DK68MMV4X4t8At fLvgO2RGDKc4KspyGBHIIPQ9acHrcwcjN0H42+LPAF5beGfi3Zf2cW8i3t9RkZ5dH1B3Lr5lrqCm ZoIyqoxS95Uvt8z5dx9H1rwz8DvH9ta6nrVsmmyanEssF+hW3SdHAZZI7mItazAgghgzZBrxmD4g 6p4Etn0XxbYLqmjlSrKiqd2Tn95C37t8nqRtPc5Nci37RP7O/wAN/Dmr2vhHwuFn1CMu1pbwtAkk 6htiymUOgjDMx+UNjJO3vTnCNZcmJgpL+u6t+F/M9DC5hUwslVwdVwl8/wBHf8WvI9B1/wDZPmuY WuPBmvW95C3+rjuVMeR14li3Kx99grxnW/2ffiloELTvoUtzEvVrVlufx2Rkvj/gNcr8A/2hm8e/ ETSvAb6G3hy61b91/aGkXs0MayKHbM1vL5iMrnYgCsuG74O1fuLxl8Vbn4I3+laZ8RPGOkpBrQum spdWR7AOLNVeVGuU3QIwDjb5hy54XJ4rwcXwTlta7pTcX2en+a/FH6DlPjLnuGtGtFVF6X/Llf4M /Pi5sNUsHMF3A1tKpwUlVkcY9VbBFSrdzBAkqkEevSv1E/4TTQfEunmHxV4ce5sRjfIsceq2Qyoc HfDvx8rBuUBwQelcpN8NP2e/Fy409bSCaTp9jujA4P8A1y3BR9ClfM4vw4xEfepSuv66q6P0PL/H vB1LRxdBxfk0/wAHys/OEzEg/wALH9RVU3IYFTzX3xq/7I3h24QtoevXNox5H2mFJx+aGL+teU6t +yX48t1ZtPurHUQCcBJGicj6OoUf99V83iOFcdT+xf0sz73L/FHI6/8Ay/5X2kmvxtb8T5OcDdlh nn864zxBCAv22FeGwr4JznsRngZ6E8V9Kap8APixpZcS+HbmRfWHZOD/AN+mc15D4h8J6/oWbTxB ptzpwmBXFxC8JYdON4XP4V531KvSf72DXqmfV0M/wdZqWGrRl6ST/I8FvY9kouIQCG7DO0nH8I9P UnOB061RW4w67SApPB649h/ePGTzjoMda1dSt5bSWWyvQGP8WeAynkM3YDuBXMzlreRirkkALkHD bD0/3FP5nPSu6Ou/9f1/XW3baP2Xp/X9fLTVRb0mnVYyrEARsMknIU+rnje2f4RgZ4xSeaGMgUHc wG8EgMR2LtwI064A25znPaueS4kDAdNv3QoA4P8AcXoB/tHHrg0G5dQpUjZk7RkmMMep7NK2OwwA PeuqnF9v6/r+rpN+biZq1m/y/rr6WfWLajstc/cbk7xiPb8u9OOFHSOPjlyMkDrzzteELt01t2TY 6JE6B15XjHyQjHOGKlpDnqQCK8/ubpmErSFdsh+cO23cx6CZhxjP/LJOei9zj1H4Z+F9c117qbQ9 OudSmnIhUQQu77I/mKhUDeXGSRx94kHOeK9BQfK7L+v6/q2i+UxtWmpJzlbVeX5+n3rfmV590bss 4I+97Dd+A9T71m6t/pdlJaytsVwQr7d2xuxVRyzqQCPQivZtM/Z9+MmsSoLPwpeRh+9xstlA9P3z JgfrXsemfsZ/EO9SJtX1LTtOXbg/O8siKeSMIoXr1w/PrWeFyzFSleMH/XqcWbcVZVThadeN/J3f 4X/rboflzKzwvLHNGI2hlyyyEsscg6NMRjzZe4QYxgD0qGSQtIyPk7mzJ5h5Zx0adl6tn7sK8568 Cv1ytf2Avh/NdLf+KPE99czcBksUjtkwAAQpcTMuQOSpUn14Fev+Gv2Rv2ePC4jFv4VGpzRjaJL6 WS447gRlhEAe4EYB719XRyas9Zaf1/X/AA92/wA4xfiDgY6QTl8tPxt37d1blaUfw1trXUNSm+y2 0T3lzO6jy1QyPKx+6rpHyQMACFBnoGIycewaD+zV8ePFoabTfBepCObbukvEWzSQYBXPntEGX0RD tGclieK/eLSNF8OeELBbHQNLstCsoxgR28UdtGoHsgUVVuPGXhWz3Lda9YxMvUfaI9w/DOa9TD5B fq36L+v6S7HyuO8R568kEvV37+nd/fL+Zn5SfDz9gz4tXt/FqXjG507SLYDc0bTNczl1xtDLGmwh eoHmBQQMKeo+k7f9iOHg33i9lY9fJswP1aUn8cflX0rffGH4c2bkPrguHHaKKV/1CYrlrn9oTwIk q29s9xcSMQPuKg5OOS5GB7mvWhwlKWroyfyZ8tiPEmu2/wDaIr0t/wAF938zxW+/YI+H2rSQPq3i rVpFhzlIRbxo2Tz1icjjtnBxyK8S+Ln7HHwn8A2n2nTvGF2tzMR5djcpFPPJ6kGMR7UA7shUcAAH Ffa/irXfEviS0Ft4Q8SaDpcUoG4/2lG1yxI+7uVSqH/dJPo1fO03wH+JV7JNqUdimrGViXmhvIJg 7f3iWk3MT/tZNengOH8MrOu1Fdtn+O34niY7jDHu/sZOT77r7v8Ahj4lg+C2iMnmQXVzJnqZEHPo eSrenOc+9U7n4LafMxCMxQDHIRc+p+9jn6c9819qTfCL4lW+Vm8P3f0SPeP/ABwms6X4R/EF1I/4 R2+IP/TCT+gr62jlOUfaS+9/5nytbiPOtbVJfcv8j5Di+Cmgwr58qFtxGcvGvAPTiMj/AA7YrWg+ FPhrrLbwjLFsmdiwz1PCDr35z719Nj4Q/EeRWt18NXvBByYH6f8AAuK6XSvgH8ULlcf2BIi+srQR /wDjrSA/mK755Zk0Y68v4HBHPM6nK/NL8T5Df4O+Dvm8m1iUseDlsD1AyMY9BVlfhT4Ws0817RHJ yARvyO/3gQfx64wK+ybr4FeJNO2rr9zp2jFuR9qvYY8j14Y5qhL8LvCwAGq+PtEgAxj7PcG6fPsi KCfbmsqdDKo7QTXpcdTHZs1rUa+dj5dtPh/4TYb/AOzIHBwMfZ0xx0+8GFdB/YFpbIPs9ttCj5QQ Ao+hCjH5171/YvwA0JQdR8Z3WqFclhaafLGxxycNMSlLL8Sf2avDUJ/svw7qviO5HKtdSrbxn2/d Oo/8hmu6jKk5f7LQbt/dt+djzq9aqo/7ViEv+3r/AJXPnlPD2p3s6IABz6GQkex+b+ley+G/hJ4s 151ttL0W6uPlyZZEaCH8JH+Q/TINeS63/wAFBNH0LVH8OfDjSNK0a9DiM/ZrY3U8bbmjZXnbCZQq dwK5xjrkVFrPxq+J/je02eIfEF3c29wMmFWEETg9mjhCIR9RXdSni8VeMOWKXnd/grfiebWlhcLa c+aV/Ky/F3/A+gLr4ZeDfCjM3xB8W2GmS54tLPffXIx13pF9w+5JFc14h+PfwK+FFubrTNEjnNuC qXviG6jiiL5xuFsh2sNxGCcNyK/NH4+6x8WLW90y08Ga0+k6bPC/2jYqKyyo6tuDkbxkYBAOCAeO Tn5Ni+BXiXxnefbbzUbvUZmIDXE26ToAo+ZySeAB+Ar5bM8XUp1HQneTXnaO3lr97Ppcsw8KlJV4 Win5Xf4/oj7o+Nf/AAUR8T/FQ2/gfwZqTGwuJUWaSGE2tmkOfmjSLh3yON0hwvOOcGvvv9mrxY3h vxT4dtNPIePUPKiuGBz5wuQoGCOwzuGOPyr8svhh+zbaeGZ/teoZleMfO74wAew9/wAetfqZ+zT4 c/tHxtokGnwt5dqyXEjHGES35zx0H3VHuRVUKL+p1Z1dI9lor6/kRiKqWLpQpavu9XY/V7rS0mOM Utfn59uFFFFAH//R/fyiiigAooooAKKKKAPHfHHwJ+HPxA1b+3NcspI79goklt5DEZQowN45BIAx nGccZ4Feh+GPC+heDtGg0Dw5aLZ2Vvnai5JJPVmY5LMe5JzW/RVObas2YQw1OMnOMUm+oUUUVJuI QCCCMg1+Zus/8E/vF3gHxtrPjf8AZB+Lt/8ACGPxDKbi/wBF+xR6lpTzH+OGGV1WIdcApJtztQqm FH6Z0UAfAPwS/YVh8G/FOL49/HXx7qHxd+Itonl2N7fxC2s9PBBXNvaq8gDAMdp3BVJLKgf5q9g0 b9m/+yP2t9d/am/4SHzf7b8Mp4d/sj7Jt8rZPBN9o+1ecd2fIxs8ofezu4wfp6igD5huP2cPtH7W 9r+1N/wkO37N4YPhz+yPsmd2Z3n+0favO4+9t2eV2zu7VyHwO+Fvgr9hn4W+L5PiB48tZNF1vxNd 67LqV7Cumw2zakIIUtzummDENGAH3LuLY2jHP2bXL+MvBPg/4ieHbrwj480Wz8QaJe7PPsr6FLiC QxsHQsjgqSrKGU9QQCOaAPyM/wCCb3wg8F618evjZ+054Kt3/wCENu9XvtH8KPIhVHt5rg3N5LAr AFYs+WsRxkKXVvmDCv2brF8PeHPD3hHRbTw34U0y10bSbBPLt7OyhS3t4UyTtjijCooyScAda2qA Pz78ffsWeN7H4w+IPjj+zF8Vbj4Ua74xCnXrNtMg1XTr6Zek4gmZVSXJZixVyWZiCm9t2j4C/YW0 bwj8Pfixpmu+MbzxV8Q/jFpd/pmseLL+3BlCXtu8CCK1WQKsURfd5YkG7AXcFVAv3nRQB87fDz4B /wDCBfsyWn7Of9u/bvsug3Oif2p9l8rd9ojkj877P5rY2787PN5x94V4gf2B/BOr/sjeG/2V/GOv T6hJ4TeS607X7S3Fnc296biaeOeOIyTBcCYxsu87lyQVbBX74ooA/LrVf2BfjH8WbrQPD/7T3x7v fiJ4D8N3MVzHo0OkQaY968AIQ3dxFKzudpKszb3IJIdWJav1Bhhit4kt7dFiiiUKiKAqqqjAAA4A A6CpKKAPw7ufhF8RPiZ/wU0+POr/AAm+Ilx8N/FXhvTdAkgvY7OLULe4huNMsklt7m2mKq6MVVgS SFZQ20kAj7+/Zx/ZMHwf8R+Kvin8TPFc3xK+JnjZRBqeuXdslsgs127bSC2VnSOLKLuAOCFQBVVQ K+oLHwV4N0vxNqXjXTNBsLTxDrKRR32pQ2sUd7dpCoSNZ51USSKiqoUOxCgADgCumoA/MK2/YL+M PwtufEGifst/Hm9+HHgjxLcyXUuiT6TBqYsZJvvmzuJJEeIYwqhQjbQNzswDVp63/wAE2vBT/spy fsy+EfFU+lTX+rwa3qOvXVoL24vbyM/OzwiaEKCoVUAf5QMncxZj+lVFAHg37Sf7Png/9pz4Tan8 KPGcstpb3bx3Ftd2+DNaXcBzHMgbhsZKsp+8rMMgnI+MLr9gb41/EyDQvBv7Sfx/vPH3w/8AD13D dJo8Oj29hLem3BEYurtZHkYc4bf5hIJwythh+pFFAHw58cv2OtV8bfFmy/aD+Bvj+5+FfxIt7Maf dXkFlFf2eo2iDCR3NrIyKxACgMxYbUT5CUVlvfAf9kC4+HXxP1P49/GDxxdfFH4nalarZR6pc2sd jb2Nrj5obS0iZkjDZwSMcZ2qu9932rRQB8w/sr/s3/8ADM3hXxb4ZHiH/hJP+Ep8TX/iLzfsn2Py Pt0cEf2fb502/Z5Od+Vzn7oxyfs3/s4f8M+X3xKvf+Eh/t//AIWH4nvfEe37J9l+x/bDn7PnzpfN 2/3/AJM/3RX09RQB8l/tafsr2n7Tnh/w0LDxLceDfFfgrUk1bRNXt4RcG2uU2n5oiybgWRGBDKVZ VOSMqflb4p/8E7vjL+0J4dhg+PX7Qt9r+s6TJHJpBttDtbTTbKQMPNkls4JY/tMroNquXjMeTww4 r9XaKAPir9oP9knVvit4x8LfGf4a+OJfh18WPCtv9jTXLWzW5gvLVsloLi0kk2sm5nKgswAYhg/y 7fPPhZ+wv438K/tH6J+1D8Tvi/dePfFllaXdreRzaXFaQSrPC8MSWwim228cIcnYEYO2W+Qk1+jF FAHwf+19+wl4R/a48V+BfFOs662gSeFJWjvkjtftDanpzyxym0Z/Ni8rBV9j4faZGOw8V77+0B+z 54A/aN+FF98I/G8LwaZceVJbTWu1JrK4t/8AUzQZUqpUZXGMFGZehr3OigD8w7v9gv4zfEbT9I8A /tEftBaj49+HOiz28v8AY0OlQ6dNqC25BRL29jleaQDAyWLsfvBlfDD3T9ob9j/R/jBc+C/F/wAP fElx8M/Hnw6XytB1nTrdJ1gtioU20tuzIJYdoIVN4ADMCGVmVvsiigD89vh7+w9r158SLn4v/tQf Ei4+LXiYaZd6Pp6fYY9LsdPtL6N4bjyoIGKmR45HXcAgAY5DMFZfO/A/7Anx4+Hfha4+DXhD9o3U dJ+E80s+NNt9FtRqkdtdOzzQRagzl4S+9iZEUDcSwjGSK/U2igD8+vhX+wPo3w3/AGbfiR+zFc+M J9W8N+Ob28urS4FmsF1pyXMcSRox82RbgxmFGLbY9x3fKoIxyHh79gf4jDw/8JfD/wAQPjG3iaH4 PeKNO1zSi2iJCf7P01YFi07K3WVGIeJW3su7GGAFfppRQB8w6N+zf/ZH7W+u/tTf8JD5v9t+GU8O /wBkfZNvlbJ4JvtH2rzjuz5GNnlD72d3GDU1j9nNZP2qB+1U2stci08KSeHToS2YZpv3zz+aLlpg Mtu2eWYsdy/avqmigD+ebwBP+zrL4H8V6r8Lf2nNb+CHw81G6u5NX8AajHZprNu5ys8NiTcNLH5g BCGFJGxhXJZSK+4P+CSvgzU/CP7KBvL6yuLC08S6/qGq6el0u2V7GRIIIZCMDIcQkggYYYYcEV9o 65+zh+z74m8Tv418RfDXw5qevSOZJL250q1lnkf++7vGS7ejNkjsa9jgggtYI7a2jWKGJQiIgCqq qMAADgADgAUAS0UUUAFFFFABRRRQAUUUUAJijAFLRQAmBQBxS0UAFFFFABRRRQAUUUUAJgUmKdRQ AylAp1FADcDvS4FLRQAm0UmBnFOooAaR6UhGKfSUANK0woCMEZBqXmj2oAxrnR7S4B42E+nSuX1D wd56nymDex4r0HFIRQJxR8xeKvhQ+qQSR3FuJVb86+PPHv7LP2xpJbFTE5PAYcfnX6vlQetVprK1 nG2aJWB9RVqZm6SPweH7PHxD8E+ILPxN4fZYb7TpRNDIGOVdDkZwRkdiDwR1r76t/iH8H/jP4Zsf BHx70+207VIHHlrelfJ87bt3wXDfKN3TaxB7YYYNfXmp+A/D+poRJB5ZPda8G8d/sw6B4utnhdlc NnAdcEZ9CKqXLNWYQlOD5onlUH7DXg/R79NX+FnirVPCEEnmEjS7uS3UrOqpKVMRC5dVUEhQeF54 GLX7Yfxs8E/sx/C7Tb6+0y18XeJr5raxsrXUMSTXEcO37RcTy4MgxGD84yTKy8EZryC7/Yn+K/hV pZfhZ471Dw6HyTDbX1xbxn/gMTBT+Ir4/wDiF+wz8fdW1afVvFNxP4gu5D813c3bXMjfV5SWpU6f I7wl9xrUre0Vpr7z7Q/ZA+OXhX9qeXxJaeGtG1H4fX/h0RSslrqjXEckc8jiMqrqOFVBv4A3Hjiv Rfi9+094e/Z38e23w+8dePmtrm5sIdQhk1HSpJ7YxzTtAI2ntN0m8FGdsoFCDO7PFfCn7N3wp+L3 7L/xCPjrTbJLq0uYvs+oWbPt8+3JyQrDo6nlc5GcZFfo54mh/ZZ/ablsJPFNzYt4gslMEUN46Wuo xAncYzFKcyLu5G3emScE5NdNfHV0k783+JJ/i9Tmo4Kg5NW5fRtfgtCp4S/bM8BeI4Hm0/W/Dmux wJJLLLYa1DbMkcUwty7QX/kuoMhAQk4cMrISrAn2Rvjn8PpkfT/FdveaMx4aHUrJwp/75DqRXiOl /sDfAHT9bt9XbRFuViYMUeJdrYORnGB9eOleU/8ABQz9qa2+GXwvk+H/AMJvEcS+PdUuYYW+xSq9 xptrCfMlkfbuEbvtWIK2CVdjjAqaWMpST9tR/wDAW1+fMvwKrYOpFr2Nb/wJJ/lyv8T6R1af9lLx Bh9S0/Qrpic7vsQVuPdYwRXMt8N/2NtTck6VpilyCcT3EIz6/wCsUD8K+DP+Cb37RXxR+KvxM8R/ Dv436umtRXenNd6YtxaW0Keck++4UCGJA7FHBUNnYiEKAvFfcH7WHwq+Mut6Losn7OqaRpd1EbqP UI57Czk81JlQRSJ58LhXiKtjp97kHpWU6OA3lSf/AJK/0R30c0zWNowxH4yX/tzNwfB39juFD/xK tHZeCQ17I+ceu6Y598/jUQ8JfsdaVKJl0XRy6cDIeb8MEtkfhXwv4f8Agn+3fq2ui21ubQLO1nLh 5F0yx2xLMVOUCxEgxhSE3Agbm3bvl2/ph4+8GfCT4e/D7XvG2t6BZRW2gadcXkspiUt+4iLcDoWY jAGOSQAO1aUaGVvXkl90UTiM0zrZ1l/4FNnB/wDCe/syeGUQ6H4c00vDwgtdLjVl+haNP51tW/7S nhYxC30jRb7y16LHEgUfQKxr8ff2L/2xvjJqP7Qnhnw58YdWtj4S1gPYBYtMs7SKK7kiCW0jvbwo wDSKA3zbA0hYgDp+73xT8Ja943+HmveE/DOtTeHNU1G2MdrqFo7RT20wIZHRkKkEFcHnpkHjiumG KwCT5KMn/wBvL9InmVaOYTknUrL/AMBb/OR5O3xz8Q6ifL8P+CtTu3bgFklC5xnnbGR+orIm1v8A aC1h1e10KDT1nJ2KzRq5wMnIklJ4HX5a/N2x/wCCe37VlzrlsuvfFnUZ9OSZHZ11G98weVO1whAL YyJnaRSDkOxYEE5r9ofh94QtvAvgrRvCFq++PSbaOAMcksyLhm5J5Y5J9zVRzSiv4dCK9W3+qFPK 6tvfxDfokv0Z4O2h/HaVD/avinTtIz/ACm8cFuqQ46An73QUq/B34iazEtxqHj1njmG4NGZZlZT3 HzxjB9q/CD9tdfE3xm/ab8aeIPDFxcyaXDcx2NoIXcIy2UC2rSKFODvYSEN3VvQ4r9sP2H/indeM fgxo3hLxtG9h4s8LWy2lykw2faYYfljuos/eDLgSY+6+cgArnOnxHVUrQjGPpFf5FVOHafLecpP1 k/8ANHJ+Kbv9ln4ba3L4Z+KnxHhGu2yI89vNdpG6eYyKoaOMM6E7w+1m3BPnPyAtWz8MvFn7F3xD 8RJ4Y8B65pev6tIsjpALm5aRlico2PMYAkkZAHLLh1BUhjoftBfsKfBj9oHxT/wnWsxy2GvSRRxT XFqwTz1iULGZFIKkqoC54OABniqHwL/YW+H/AMEvEcXibS5/tdxASYXeNY3iyMEgoBkkcHd2zSnn eMk9ajt5O35GlPJMDFfw1fzV/wAz6psfhv8ADyycPa+HrFW4GWhV8Z/391fgl4s/aj+HHif4gaho +iXmbm7vpMQw27xxxiSZkMeWUKDGoycfLjGM9K/eH4ueNtO+Gfw417xdNDJdz2NpK1rbQgtNc3JU iKKNRkks5GTjCjLHABr+THwF+zb8XH1q18QadpkqTWcquwmVk3EHkEnnn3rpy7PMRQqOone+muv3 eZyY/JaFemoWtbtp95+l73Acx9H2HO7GM4PX0r5btP23PANvI8t3Zalp91G7gxJGpZdjABdyv1OS evAUjOdoP0/4U1a1mhXRNThSz1i1RfOtZVUScDAZQQSQcdRkV5Rqv7Ofwxu9Wub8aRFEbhzI4Odo diS2FHAHcdq/S8xzSviacK2EmvO/9dD84yzLaGGqTo4uL8v68zP0j9urSLiUWehav4h+0SvsiSOS SIOd+wYPmgDcPn56LwcN8tfVGl/Gj4o+QZbbxZqypuO0G8lbAGOTuY9TmvmXRvgP4M0m8ju7LT1S TPRFO0Y44OCenvXt4t7PRbeKysLF32R/Ikce9nCLk4AyzHA7Amqy6lUinUxqjt2Vicyq0pWp4Nyv fo3c8S+LP7evjrwR4yk8FX2r6vfzQrC0sgvnjRRMm4jaCOQNuOO5OeMH13wr8YPiD4t0m21SfXdQ MNyoYRm8mdBlQcA7jnrX5n+Nfgl8Wfid8Rdb8S3ugXdjJqVy0irLC67IxhIlzjHyoqj8K+sPhvB4 8+D+hQ6Z46sJDpyAKlzEMhPd16g+uPw5+Wvl8r4ljDFy9okoO9tFp2/rofS5nw254SPs23NWvq7v v/XUwf2kvi98XPAGr6PJ4UZLi21OKbeZ4WnYTRumSGJHVSF59yOcEfL1x8a/2pNc+aO6ubdG43Q2 ccYH3uh2HH3vX+FT1Ga/SqXxP4U8RQIJWgu40w6PvDFfcA9PoR+FNuJvB91hr24hcf3ZJkA+mMgf pXZmuW1q9Z1qVZKD89jkyvMqNCiqNWk+deR8efA+4+Kd9rouvGep3morcDykSSYuqllWMts6fdUd Oe/XJr7gOnJaW5mnk8tlBJHfA+tc9aa/4N0cEwX1hB2BV0ZyTx8qqSxPbgVU+Jfg34w+LvCMun/D 7QrorqcbRS3EuI5fJcYYRwk7wWGRlwpAPC5wR6OAzHDZfRkpzUpdlqedmGAxGYVo+zg1Hu9D8jNE 8Y3Vh41m8RxMiJeXclxJG+TEDK5c4OcqOeufrmv1e+GnjnTvEWlwgBbe4jQbomAfK44ZSPvKfUD6 gcV83eGf2E/ixcPjV/DF7EvcmJsfmK9NtP2TPi94FQXHhiG5ljjO8Wro+UbuY2GCp+n4g18Jk+f1 8HU5lrF7o+5zfIqWLp8j0a2aPpjVZPD+r2i2t9p4uwh3IWjGAcc5/wAQRWLbQ6dbqi2NmkUaDCqS Wxz2HAx9RXnnh7w7+1ROy6ZD4Qv7ls7RJPZMQv0cLGp+pFfVHwx/ZL+Mfia8jvPiZPJYWTYL20bC NnXP3W8nbx7Mxr6HE8W4KclN0Lv+v66nz9DhbGwXIq1kcR4Q8Ka/4+1uLw94ftH1G7HzukQ+WJM/ ekbhIl9C5GegyeK/XL4SfC/Sfhl4djsLZEk1GYBrq4UffbrtUkA7F7cDPUjJwLngDwDpfgfRINE0 Syh0+0gHEUKLGue7EKBlj3PU969JVdox1r5rNs/rYv3WuWK2SPoMryKlhfeT5pPdsdS03PHNOrwz 2gooooA//9L9/KKK/KT/AIKg/tOfEX4K+HfC3gH4ZX8uh3/iwXc13qUB2XEVvbeWoigfGUaRpCWd SHUKACNxr0Mry2pi68cPT3f/AA5vh6DqTUI9T9W6K/l4/ZA/bP8Ajp4K+NvhfRvEXizU/FPhzxJq Vtp99ZandS3oC3koi86EzF2jkjZ9/wAhG/G1s54/qHruz/IKuX1FCo001dNGuNwUqMkm73CiiivB OM/IP9ob46fH39or9pW7/Y0/ZU14eELLw9AJvFPieNXE9syEGSKGVDuQIWRAEKu8pK70jVmLte/4 Jw/G/wALaXL4s+EP7SXi5/HlsDMjardytZXsqjiOUCRmVW6Ev5w9VI6c5/wTpuFtv2yP2ttM8RnZ 4jn15po1bhmtk1G+81lU8lP3kGCOMFfUV+ztAH56/sFftbeJfj34Q8U+D/jJappHxJ+GVz9i11Ng hWVVLoJzGDhJA8UiTKvyqyhlwHCr7NrP7bP7J+gaHp/iTVPijoqWGqlxavHOZnlEb+W7LHGrSbVc FS23bkHng1+cX7M80Os/8FC/2r9b8OAHRIdKvrado+YzeiaFCdy8ZLxTn1PPoai/4JK/swfBvxJ8 B9T+LPjvwvpvinWte1K6sUOp2sV5HbWdsqL5cccyuqs7ly7AAspVeg5AP1ztfjf8Ib74bzfGCx8X 6bc+CrdPMl1aK4R7SMBgpDupO1gzBWU4YE4IBr4D/wCCcn7Ys/x70/xdpHxV8Z2l/wCOdQ8R30ul aYoSF10iG0tyn2eFQP3SsJDkksTuLEnJryb9lnwH4O+GX7ef7QP7I9lpsOpfDbVdJtddTRryNbuy iciyl8toZg67V+2lV3A5VI9xJC40f+CPPgbwTJ8L/HHjWTw/p7eItP8AGGo2VtqRtITewWps7Q+R HcbfMSLLN8isF5PHJoA+wf2IdJt9E8B+LYYvjK3xpR/EN1IdReWaT+z8wwg2OZp5yBHjfgMF+f7v c9bqn7cH7JGi+JX8Jal8VdCh1KJ2jcfaQ0KOpwyvcKDCpB4ILjH4Gvwo8C/EXxH8Ov8Agmx8cZfC 9xLZ3fiH4hyaPJcQna8dtdW9s04z2EkaNEfZzX7EfCL9gz9l+0/Z40L4f634D0rV5dU0m3e/1Wa2 jbUprqeFWknjvCDNEQ7ExhHAQcAYzkA+1NY8Y+FdA8KXXjrWNVtrbw9Z2pvpb9pFNstqq7zN5gyC m3nI4I6V4L4l/bR/ZV8IR6XJ4h+J2i2w1mCK5tQs/mu8E4zHKyxhmRHHIZwoI56V+S37OHiPX7X9 gr9qr4K6tqEmp2Pwz/tqw06Z+QttLFNmNCP4fMieTHYyHHGK+lP+Cff7HH7O/iP9kDw34h8eeBtL 8S6z43t7q4vr2/tkuLhEaeWKJLeVwXtwkargxMp35bOcYAP1Q8PeMPCvizw1beMvDGsWmqaDeQm4 hvraZJbZ4hnLiVSVwMHPPGDnpXzjH+3V+yBLr58Mp8WdCN6H2bvtOLctnHFyR5B57h8d+lflx+xb 8OvHvxK/YU/aH+AngPUmXUY9fv7DS/Nk8tT+6tzJBvPCLcCNkOflBck4yTXh2lfEX4A/Dv4N2n7N 37Yv7NWo+A7+C1NifFen6bAb+S5/5/knuY0fzM/MxjlnRsYClMIAD+jjxn8QfBHw78I3Pj3xvrdr o3h2zETTX9xIFt0Wd1jiJfkYd3VV9SRWv4b8R6F4v0DTvFPhi9i1LSNWgjurS6hbdFNBKoZHQ91Y EEGvlv4RfCj9nr4qfsjeGvhTo2oXHxI+FV1ZRRW09/cMtxcQ2lz5sUcr2y2zI1vLGI9gVCvlhGGQ c/TfhDwl4e8BeFtJ8E+ErMafouhWsVnZW6s7iG3gUJGgaQs52qAMsST3NAHR0UUUAFFFFABRRRQA UUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABR RRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUmfalpKA Gk0U+kxQA3ml7dKXAooAZ161G0MT8MgNT0mKAMK78OaJfArdWcb7uuVGfzryPxj+zT8F/HiNH4n8 NwXe/gnkN+YOa95AxS4FNSYnFPc+N4P2GfghZZi0/wDte0tDkG1i1S5S3IPUFA2CPaoj+wZ+zdwV 8NbT1ys0i/oDivs2gii40fJdp+yD8NdAnh1DwWjaFqFoQ8F1D/ronHRlb1/Q9DxmvY9Nt/i7pm63 1B9H1+JcbJi0+nTYA/5aKsdyjEnqVCD0UV6hg06k9dAWmp5+938TCpEWiaQjHu2qXDD8hYr/ADrz zxl8Htf+LOkNoPxQ1xTpMjB30/SUktYnKnKiWVpGkl2nkfdQnB2ZAI+g6KSQ2z5L0H9i74F+G4fJ 07Qw5/vXDecf1r2QeFviDpccdt4f8S2r2sfAj1Kxe6dV7KJYrmBiB/thm969QoqXTRftZHnCaT8V CP3mv6Mhx20m4b+eoCtCy8N688UieINZW7808ra232ZMHt88kz/+P49q7ek60ezQe1Z55bfCf4d2 jCSHw9YCQfx/Z4w//fQXNSaj8MvB2pxos1kYWiO6OS3keCWNsY3RyRlXQ4OMqQa9Aop8i2sL2ku5 5fH8MREohXxXr5hXgIb4HA9N5TzD9SxPvVyP4a6WE8ubWNamXvu1W7U/mkimvQ6KXs49g9pLucpZ +CfDdlGqJatcFej3U0t3J+Mk7SOfxNaU/h7RrlPKuLOKVB0DIpA/AitnrS1SSWxLdzyHxL8BPg14 xCjxT4N0zUyvKma3Qsp9mABH4GuJT9kD9mpfu/D/AE4f9/f5b6+lKKdxHzgv7JH7OaHMXgazjP8A sPOn8pBXaeG/gV8I/B+9vDnhazsnkxvcIXdtvTc7lmOO2TXrVGarmYuVGKug6OkfkpaRiPpt2jGP pWNf/D7wRqcbxahoVlcJICGEkCMGB6g5Heuzpam4zwGf9lr9nK4Jab4baCSeuLCFeT7KopE/ZZ/Z yiACfDfQgB0/0GI/zFe/UUDueNab+z18C9GulvtL8AaHa3KcrLHp9usgx6NsyK9Jt/Dui2wAtrOK IDsqgfyrczRQIppYWq9IwKf9kt/7gq1Sd6LgRCCIdBT9qjoKdzikz60AL3opM0H1oAM06mE5p9AB RRRQB//T/fyvkr9rn9knwl+1f4NsdG1W/fRNd0OSSXTNSjjE3lGYASxSxkrvik2qSAysGVSDjIb6 1orowmLqUKiq0naS2ZdOpKElKL1PyQ/Zn/4JbaV8IviRpvxK+JHimPxNPoE63WnWNrbNBALmI5im md2ZmMbYdUULhwCWYDB/W+iiunMs2r4yftMRK7NK+JnVfNN3CiiivOMD8uP2ov2O/jBD8bbb9rn9 j7V7XSfiJHEsOq6XdlUtdWjVBGTuf93vdFVHRyqttWRXSRctw2u/Fj/grD8RtJk8C6D8HtG+H+o3 i+Tca+9/BIlsG6yQK1zMAccZCTkdQM4I/YCigD4U/ZW/ZF0j9kr4HeJdFm1Aa94u8SQzXmuaoAwW eZYnEcUe75jFFufazfMzMzkDdtX8rf8Agnb44/bU+F/wNvdV+DPw5svih4H1rU7nyrdtRjs7rTdR jWNJGIlZS0Mi7CVUMMgnchJ3f0XarYrqml3mmM/li7hkhLAZKiRSuce2a+cP2SP2arL9lL4SD4U2 GvSeI4hf3N99qltxbNm4CDZsV5Bxs67uc9KAPA/2J/2Zvix4I8dePf2mf2kJrY/E74kMsb2Vo4li 02xVlbyPMUupJ8uJQqu4RIkG9iTjyP8AYX+FH7Wv7MHxO8RfBnxL4Fs7z4W67reo6s3iaK9gZ4y1 vsgKQ+eJSsphiQoYd6liT8vI/XaigD8afgF+wf8AELWv2Qvi98AfjTp3/CJ6r4t8TXOraRN9ot7s RskVs1rcN9lllGwyxFXQkPs3cAkGrXhXxl/wVH+GHw3tfgZa/CLS/EWr6TbDS9N8WDVrY2/2aFfK inlhklUu6IAQZPLZsAvGxzu/YyigD8ufh9+xL4r+Dn7DnxO+EunTjxV8S/iJp1/c37rKkcc2pXVv 5cdvFLOUGxD/AMtJGG52ZztBCr9V/safDzxh8KP2Yvh/8PPH1h/ZfiDRLF4by282KfypDPI4HmQu 8bfKwOVYivpuigD8gv2d/wBkT9oTQf2dfjr8NdVu7r4Z+LPGXiK41PQdSs9RQSBF8p4mabT5neOO YoYpASHCMx2ngHmhr3/BSe8+CV5+zX4u+BWn+KtQm0uTRm8S32tWkttPbMhhW4mieX97MEw25pAz MAzJuyD+0VFAH54/Dn4JfHr9kv8AYei+HPwRgsfGPxW05lukhmdVsJbi8vke6RDcTW6hIbdnClnT ey7tuW2V9o/Cy78fX/w28MXvxUsodN8Yz6dbPq9tblWhhvmjBnRCjyqVV8gbXYejHrXe0UAFFFFA BRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAF FFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUU UUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRR QAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQB//1P38ooooAKKKKACiiigAor8w /jN8bfiFd/EDV9L0jV7nR7DSLqW1hhtZGhz5DlC7lcFixGcE4A4x6/WX7NfxG174g+Dbr/hJH+0X ulTiD7QRgyxsoZS2AAWHIJ7jBPOSemphZRjzM8fC51Sq1nQinf8AyPoqiiiuY9gxfEmoT6R4e1TV bUKZrK1nmQMMqWjQsMgY4yOea/Ov4Pftt+K9S/YP1H9q74kabY3uuaab/bYWTNYwXDW9x5MSKZGm ZSRgsRuOASBX6DeN/wDkS9f/AOwfdf8Aopq/ATwJ4F8J+L/+CNmqar4k05L678L3Wp6jpsjM6m2u xemHzVCsAT5cjrhgRz0zigD9GPjH+0v8T7L9n74M/FX4XS6Out+PNU8N2+o2Mp88uuswK01tZx79 7SpJIpxkssasx6GvvPWvEXh/w3brd+ItTtdLgdtqyXUyQIW9A0hAJ9q+Xf2Mfg/8M/h/+zh8OpvC Ph+2sJNY0rS9fuX+aVm1W802GOe6UylykjplTs2jaSAME5/PP9sbwHqfh79rrU/jD8fPhFrXxn+E N1ottZ6UmkvNKuhuix/aWkgiZfmaQSMDI0aHzAQxZflAP2/tbq1vreO7spkuIJRuSSNg6MPUMMgi vHv2hvi5B8DPgx4v+KLRRXd14f064urW1mk8tbi4Rf3cZI5wWI3becZr4t/4Jt3f7PLaZ4/h/Z08 Zare6BdX8V3/AMIprEbRTeHTJ5nyRb3kZ0l+6XDvkxgMxcMT6T/wUh+HPgrxv+yd431zxTpaahfe E7CbUNLldnU2t1xH5ihGAJ2kjDAj2oA8X+FfxR/4KD+Nfhj4b+Kz33gLUIPGF9o1zDp8ZkhkstIv IppbjzDLKg8/b5BjjEkrcvnpX6kzatpds80VzeQxPbJ5sqvIqmOP++wJ4X3PFfgZ8Z/hL8O/hn+w v+zRrHgbRY9JvPGPinwJqurSRvI5u72bSLh3mbezAEszHC4HPAr1n4h/Azwl+0J/wVL8Q+BviCbi 58L2Xgqz1S+06G4lt4tQ+zTQRwwzmFkZo1lmWXGR8yCgD9l9I1vRtfsxqOg39vqVqxIE1tKk0ZI6 gMhI/Wq2p+J/DWiXVvY6zq1pYXN2cQxXE8cTyn0RXILfhX44+DfC3h39jj9vTxz4Q+ENvNp3gvUf hvdeJ5dF86ae3F3ZO20oJGZ85hbGWJAkZVIXAHx98Cbn4NfFTwFqvxJ/aR+BfxQ+MnjjxxdXk1x4 h0rSbi60+KIStFHFp00d3EoEW3B+T5GBjHyIBQB/TXSMwUFmOAOST2r85P8AgmfrHxZb4Na74J+K WkeIdNg8KazNa6BJ4msprPUJdFkVXt1kEw+cxHcp2syoNqKdqius/wCCh8fgG6+BEOn/ABR+JU/w 38K3Gq239oGztnurzWIEDs2mwpHIjDzfvFsMF2AuNgbIB9m6Z4x8I61qEuk6Nrljf30AzJBb3MUs qAf3kRiw/EVe1jXdE8O2Z1HxBqFvplqCFM11MkMeT23OQM1/Mn+0JqvwA8OaZ4C+Jf7KXwc8Y/DL UfDviCwEfii/tLiy0+5jYORAsk1xMZZHKhskAlQwbIavt/8Abs+H3ie3/af8PfGD4o/CzV/jR8HL HQWs49M0mSZv7LvzKWmuZLeE5bK4+ZtqMCoL5iAIB+y9jf2Op2sd9ptxHd20oyksLiRGHqGUkGuB +MGo/EDSfhl4i1L4Vx2M3i23tWbTU1JwlmZ8jHnMXjAXGf4h9a/Or/gnLqH7M0/i/wCIj/s3eKNZ 07TtTFvdT+BdZiaN9HePEbTwl5Ji4ZyVcrI2Morn5UJ+of2+v+TN/ix/2BZf/Q0oA+gPBmua3b/D Tw7r3xRnsdO1xtLspdYeGVVsY754UNwIpGZl8oSlgh3HK45PWuq0jW9G1+zXUNBv7fUrVuBNbSpN GfoyEivw1+OXw2+Inin4BfsjeN18C6j8Vvhh4V8KaVL4g8L6XNLHPPNJpdsIJ2jhzJIEGcbVO3DK Sqyk13X7Dmsfsk337Suo6l8Ar7XvhhreoaS9tqHw+1eB4oLmaImR7iNpJZhviABVAwdVDkKFZwAD 9o6+OvhN8cvGHxq/aO+IWh+E3gh+GHwzVdEuJjGHn1LxEzbp/Llz8kNqg2MoGWchslTgfTPj7Xbj wv4F8R+JrNd8+kabeXkYI3Ze3haRRjvyvSvgz/glVpMGl/sXeHfE1w6m58TahrGqXs7H5pJhey2x kkY9W2W65J7CgDnP2+v20/ih+zz4p8OeA/gdo9jr2unTL3xDriXsTzLa6RanasgEcse3cUlLMc4C DAOa/Qz4bePdC+KXw/8ADvxH8MyeZpfiWwt7+3yQWVLhA+xsdGQnaw7MCK/BD4T/ALVXwc8TftF/ HX45fF3w/wCIPEemeNYH8L6GumaVJe240BQYZlZgwCtOkcTMo6Evz81fUH/BJD4wR33gvxl+zhqM 1z9o+H+oSXWkLexG3uZNHvpGZd0LcqUlJdh285QOKAO5n/aO/a8/aL+KXj3wT+yTpvhbQfCnw71F 9HvNd8SPcTSXd/AzLILdLcOFT5TgGJsrhvMBbaO8+BP7T3xxsv2gJP2Vv2rfD2k6b4wvtOfVdE1b QXlOnanbRbvMUJOxkDgRyNn5eEYGNeC3jt9+y54o8QeOvFX7RH/BPP472Wh/8JZfSy6xp4aPUtEu dTDGSVjIgnRTmQtsaCQoXbYyqwUdJ8G/2mf2jPBH7RXhz9nT9snwlpEWs+K4Lj/hH/E+j4EN01uj SPG4JP38FflWJlYoDGQ4YAH0p8UPjL410/8Aaq+EvwD8CyQJba3Z6rrniVpIhLJHplomy2EZz8nm 3AZC3bj3r4n+BHx//wCCjH7TOieI/GHwuf4dWOjaFrt5omzVodSiuDLarFLuAhMyldkyDO4HIPyg YJ+gv2bv+Lp/tjfH/wCOT/vbDwxJZ+AdIk6hRpwE+pID6faSjDHrX58fsK237cjfDT4g3f7Mt34N Xw3F4y1bzrfXxdfb5L8QWxfyjEhi8sx+UF3up3bs4GDQB9seFP2p/wBqL4S/H7wX8Ef2vvDPh1bD 4jvJa6HrnhmScQG8jKjy5UuXZmyzxpjZGQXUjcM46346ftL/AB61P9oZf2Vf2U9D0S68VafpSaxr Wr+IJJfsWn28pVURYoCHL/vIm3Yk/wBYAIyAWHxz+ylaeOf2uP2oV8XftY+LhbePfgZcytZ+CY7J LNYJS6/6YHVz5sayqhYruJZYiX8sqH+qvjx+zfoPx0+ON78Tv2a/jDH4D+NPg+1isNYWxlS8V4Hz 5MV9bo4aInbj5ldWCqDGSoIAMO0/aV/a0/Z1+KXgfwL+1/pHhvWfCnxAvo9IsfEXhpp4/suoTMqx rdJcbBtO4ZxGmF3MGbYVr9Sq/G7Wv2h/20v2SvEPhhf2ydI8P+Pvh1qupQ2B8TaUixT2VxLnbK6b IVBVAzFTboGAIWUHg/sjQBg6x4p8MeHpYIdf1ez0yS6OIlubiOFpD6IHYFvwrQuNT020jimu7uKG O4IWNnkVQ5bkBSTyT2xX8/nxm8F6F8Mv2kviz42/bS+CniD4p+EPFd95uieJNMknng0vSgX8q3Cx SxJEyIUU7pUdTGSi4bJ9Jtvg38MPjL/wTd8VeGvgJ481Hx9F4N1CbX9COoRmDUNIubBFlOnLH95f 3BlEZHBaXcp24AAP3Bubm2s4HuryVIIYxlnkYKqj3J4FU21rRkEjPf26iGITuTKg2xHkSHnhT/eP FfjB8evjteftcfs4fs+fBnwrdbdf+Pd9aR62YcE29rozj+1XKjkKtwnmLkfMkbcVT8V/s4/D74y/ 8FMtT+E3imCYeB/D3gLTruXSLa4ltoLyGwe3t7a2mMTI5ijaVJAAw5jXnGcgH7SweIvD91pB8QWu p2s2lhS5u0mRrfaOreaDtwPXNT6drOkaxp6atpN9Be2MgLLcQSrJEwHUh1JUgd+a/Cb4X/sffCq+ /bx+Kn7N12t9J8IPD+n2PiSLwwL+6Wyl1CeC2SNpsSb5BF58pXLZ+4CSq4PpH7OfhLS/gx8af2xP gL4HMtr4K0bSLXULCweZ5ktZLvTpJXEZkLN0kCEkliqJuJxmgD9hp/FPhm1NmLnV7OE6i22133Ea +e3pFlvnPsuak1HxH4e0i8tdP1bVLWyur5ttvFPOkckzekasQWPsAa/nz/Z8/Yo+DnxJ/wCCdOs/ HDx3bXWr+M5dF1+70q9mvLjbpaaRJdJbwQQrIIvKMsLSOrKcmRunGN/wz+yd8MviX/wTl1j9pD4l /bvE3xOl8Oahq0GuXl/cyT2q6R5qWdvEpk2eUsUCqQysSWY5+7tAP6BGZUUu5CqoySeAAKxtI8S+ HPEBmXQdVtNSNs2yUW08c3lt6NsJ2n2Nfgn+0Z8afGfiP9mj9kz4Ya1Jr+r6X8SbGKfxNFoEbXGt ataabFbRm2hG5fNeYSszqx5ZVZs9DxfjceG/AfiTwR8Sf2MP2dPir8OvGPhnUYPt32rQb0WGp6T/ AMvFvchbi5d2YhR90bgW3HcEKgH7C6L+1Da63+17rv7MsdlawWWgeHU1Z9Sa5DSXF5NPbxrbxx8K uxZW3cszNjAUA7vpu48TeG7RkS71W0haSf7KoeeNS1x/zyGWGZP9nr7V+Ongj9nb4L3n/BVTx1pl z4YhktdG8PWniuzjMs2Itbe8tJmvB+8yXMkjNtOU5+7jivNf2a/2PPhN+018e/2mde+Mlvd6tp+g ePtYttNs4rya2hhnnvZ3uJysTLudlSJOeCByDhdoB+8tlqFhqMbTafcxXUaMUZonVwGHVSVJ5Gel LFfWU9zNZQ3Eclxb48yNXBdNwyNyg5GR0zX5MfAnWNI/ZD/bF+OPwW8QyrpfgfxVp8nxB0Vm+WGG OFXe/SNRwAoEgA7JbDpXon/BNjw7q3ibwj48/ap8XwGLXvjVr1zqEQflodKtJHitIRnkKrGQL6oE PPBoA+tP2gdb+NeheH/Dk3wMg0i41O512zg1IaxII4l0p0lNw0JMkWZwwj2DJyN3ynt7DrXiLw/4 bt1u/EWp2ulwO21ZLqZIELegaQgE+1fm1/wVS/5JX8Jf+ymaB/6T3tfO37Y3gPU/D37XWp/GH4+f CLWvjP8ACG60W2s9KTSXmlXQ3RY/tLSQRMvzNIJGBkaND5gIYsvygH7f2t1a31vHd2UyXEEo3JJG wdGHqGGQRSXd5aWFu93fTpbwR43SSMERcnAyxwBknFfmb/wTbu/2eW0zx/D+zp4y1W90C6v4rv8A 4RTWI2im8OmTzPki3vIzpL90uHfJjAZi4Ynu/wDgqP8A8mKfEz/uC/8Ap4sqAPuR/EvhyPVo9Ak1 W0XU5V3pameMTsv94R53Ee4FeQ/FDW/jXpvxM+Gmm/DeDSJfCWo3V4vih7+QJeJbosJtzZKZELMS ZN+FfHy8Dv8Ak5+0B+xB8GvAf7C8vxt02C9b4q6Rpml69L4lfULp72e/nkgadm3SFNp3sEwoZSFO 7dkt6f8AGTxBqniz4v8A/BP3xTrkxuNR1mG7vbmQ8F57ix0ySRuPVmJoA/XnV9c0Xw/ZnUde1C30 21BCma5lSGME9BucgZPbmrttc217bx3dnKk8Eyh0kjYMjKeQVYcEH1Ffjp8IvhD4H/bc/aV+O/jv 9oW3l8VaV8Ptdl8KeH9ImmlgtbK3tXlSSXy4XRt8hQEEn7xYnJ27Of8A2hvh141/4J7/ALJ/xTt/ hT46vZ9B8aa1aW3h+xMcizeG4bxpDcrBdmd3YyRLsV9qFSA4JkYtQB+y1v4n8NXerSaBa6taTanC MyWqTxtOg9WjB3Dp3FblfzU+Lfh98FLP4PQ6T8H/ANnT4y+H/ivo0UVzpvittCuorh9UiwxlneO7 fakrZzsjygOUGRz++v7Pvijxn40+CPgfxR8RdPn0vxTqGk2r6pbXNu9rMl6ECz7oXCtHucFgpAwD QB7DWDrHinwx4elgh1/V7PTJLo4iW5uI4WkPogdgW/Ct6v57vjN4L0L4ZftJfFnxt+2l8FPEHxT8 IeK77zdE8SaZJPPBpelAv5VuFiliSJkQop3So6mMlFw2SAftd8etZ+Kej/CLXNZ+BsemXXjKMWp0 5dWkEdgwe5iWYyOZIwP3Bcp84y23r0PoGhancf2RpMXiWe2h1q4s4pbiKN12mURgzGMZJKBs4OTx 3r8NfGj/AApi/wCCS3xN0z4N/EC/8eeGrPUdOEA1SPybvSVfVtPYWDRnlVT76n7rbyVO0gDf/aD+ F+mfGn9qD9kz4W69d3Npo+v+D501AWkzwSXFnb2bXM1sXQhgk6xGN8HO1jjnmgD9t9M8Q6BrVrLe 6PqVtfW9uzJJLBMkqIyfeDMpIBHcHpS6Pr+heIbd7vw/qVtqcEbmNpLWZJkV16qWQkAjuK/Cjxt+ x58KfCn/AAUB8H/s/wDgUX3hz4Z/ELwy2o+INEs9Qu1hv/7Pe6kWGR2laQxPJBEWXdkfPtK7uPbv g/8AC7wh+zZ/wUzvfhf8ILaTQ/CPizwENUudMWeWW3W6juzGrqJWdsjyiRknbvcLhTigD134rftB /tM/Bj9kn4pfGTxvZ+HV8W+G9fjg0SO0zdWTaTPeWVvE1ysc5Pn4mmyN64wpK+v3r4X8Rf2j4H0b xTrcsVs17p9tdTuSI4kaaJXbljwuTxk/jX89cX/KMb9qT/sp83/pdo1fWv7XI+AEtv8AAlv2i/Gm oXXh2w0eGeL4f6TZz3Fzrlw8CqlxK9vNGUSNgoQOo3YdUb5nwAfrhofijw14niln8NataatHA22R rSeOdUb0YxsQD7GlvfE3hvTVdtR1W0tVjlSBjLPGgWWT7sZ3EYZuy9T2r+fz4X6l4A8Lft//AAb1 T4A/DPxR8HfD3iyHUbG/s9dtpbGLV0jt5G8yGCSabKKShODt3KjABsmu9+Gn7J/wz/aj/bY/abT4 uR3eoaH4X1S1+z2UF3LbRm71BZQLg+UVJeNLchecfN8wPAoA/eAsANxOAOc18l/A39qC2+M3xp+L vwwjsrbT7T4b3tjYWcy3Ilm1F51uGmlC4ACL5S7VXcQMktyAPpzTPD+j6P4ftPCunWyw6VY2sdlD AudqW8SCNUHfAQAV+In7K3wl+Efwu+O/7VvxD0LwnCb34K3DTeGlEkzfYozZah5sSAyfN5iIFO/c fQg80Afttqfinwxot5Bp+s6vZ2F1df6mG4uI4pJP9xXYFunat6vxd/Y4/Yy+Df7TPwAj+Pn7Rdpc eOvHPxNm1C6utRubydJLRI7qW2jS2EUiom3y9w+Uhc7ANiha90/4Jq+LPFq+Fvif8DvFWsT+IU+E Hiy+0DTr+4YvK9jC7JGhck5CNGxUZ+VWVB8qqAAdH/wUV/ah+KH7LXw48KeJvhTaWF7qmva0NOeO /t5LlShgkkAjSKSM7yygDk+mK+lP2ZPjHD8f/gL4L+LaiNLnX7BGvI4ciOO+hJhu0QEkhVnRwoJJ 24zXxb/wU4VXH7PiOAyt8SNIBB5BB3V5h+z98ULH9jGD9qP4K68VjsvhdPceLPDkEh4m0/VIwbe3 Q+gla3jOOPMlPTnAB2Okft6fEDxX/wAFE4f2YPDdppr/AA+ivb7TJrtoJGvZLvTtOlnuQkwlEY2X KbCNh+UerDEfx5+Kv/BS/wCCHgvxX8VdVj+HUvhTw6WnCxJfyXhtmmEcXyFkUvh13fMB1r5W+A/w u1D4X/tN/sejxDufxJ4u0rxL4l1iWQYkkvdXtLqfMg/vrCY4291NfqB/wUU/5Mr+Kn/YOh/9KoaA PHvgT4z/AOCkPxGh+H/xC8SL8Pk8B+KI9L1S6W3W+TURpV6sc7iNWLRicQucAkqH7kc16z+xj+0R 48+P8nxXXxxDYwjwV4tvdEsfsUTxbrW3+4Zd8km5/UjaPavXf2T/APk1n4Of9iZ4e/8ATdBXxX/w TB/1v7Qv/ZRNT/nQB+j3xJ8d6P8AC/4feJPiP4h3HTfDGnXWo3Cpje8drE0hRM8bm27VHckV+aPg H4qf8FL/AI/eELL40/DTTPAHhTwrqyyXOlaRqr3s97dWu4iMzSxBky4HDBoc9Sqg1+j3xcm+G6fD LxJb/F+/tNN8GX9lLY6pPfTra24tr0fZmV5mKhC5kCKcg7iMc4r8vfDX7Kf7aXwF0O3f9jr42af4 p+H8im80zRPEUKyRi1uD5saQXAjmVg27duja3RtxbAzyAfYn7Hn7Tur/ALRPh3xPpHjzw+vhT4g/ D7Um0jxDpsb74UuV3ASwkszCN2RwFLNgocO4wx8V8ffGX9r34gftE/EH4afsryeGf7K+G1vo9vqH /CQxTGGS91GKW4kMc0B3l41CIU+6PmJ5xXVfsi/tY638TP8AhY/gz46eE7XwB8RPhiyS+IIrYj7N PA6O/wBpT5nYBQh3fvJFIZHVyHwrv+Cc2l3+rfBnX/jlrsJi1f4xeJdW8SyB/vx20s5gtov9xUiL IPR6APle7/aH/wCCltl+0JZfs0TQ/Dv/AIS2/wBHOtxyCK/Nl9lVnQgy+ZvD5jbjy8dOa9n+Mnx2 /bO/Zw/ZX8X/ABV+LsPhCfxhYanp8OmLpUV1NY/ZLmRI5fPSR43MmSduGxis/wAQ/wDKXrwx/wBk 7k/9H3VdX/wVm/5Mp8T/APYQ0n/0rjoA5CXxp/wVd0rwsvjqPQ/hz4hs0tBffYLU3y3U0RTzNib5 Yl8zb0G/rxz0P2b+yv8AtCaP+0/8FND+Lmk2LaVJfma3vLJnEhtru2cpKgcAblOA6HAJRlyAcgfA mq/B/wD4Km+IfhPHpnh74teFPsl9pcaRwW9obS7a3eEYijuDZsEkK/KG3Lg8716j2/8A4JjeN/A+ ufs4R/D/AMKeHZ/C2pfD2/n0jWbK5mFzI+o582a480BciV2b5cDYVKDKqpIB+itfOP7Wnx5f9mn4 B+J/jBbaYNYvNIWCK1tmJWJ7i7mS3jMrLyI1Z9zYIJA2ggkGvo6vze/4KE/Fe8k0PQP2SvBfhi08 WeMvjWJrCCHUGZLOytYypa8kKENvjb95GQfkMZkOdoRwDz/4bftO/tYeCPjh8Jvh9+0TH4Y1/RPj XZS3WmyeHFmFxprpCswEm4lXjAdQx+YEFmWQhCG/WGv5s/hTqOmf8E3fjh4hh/as0i68XeItH8PD /hBNbjuJ57RrZQyvY2aygrb+ZvZCxUeVh1xtlBb+hD4XeNz8S/hx4a+If9lz6KviTT7fUEs7oqZ4 I7lBIiybeN21gSO3QgHIoA+bfib8f/HHhD9s34OfADSobJvDXj3T9YutQklidrtZLC1uJohDIJAq jdEu7KNkZ5Hb7BbUtOS+TTHuolvJF3LCXUSsvPITOSODzjtX4w/8FBPiV4t+EX7afwM8f+AvDc3i 7xHp+h69Fp+lwI8j3FzeW89rHlIgXZY2lEjquCVUjK/eHrf/AATX8GeB/iL4Wv8A9rfxJrjeOPiz 4subi31e+u0CyaO8Z2/YLeLJEKiPYcrjdGVChU+WgD7N/Z68UfF/UvhdBrP7Rv8AYmneKHu543/s idWsfJ3AQ4fzZRvIzkb+vavaV8SeHX1hvDyapatqqLvNoJ0NwF9TFnfj3xX80McssH/BHQTQOY5I /GoZWU4ZWFxkEEdCDX1L+23+xX8Iv2df2XR8aPhxFe6f8TfBt9pd3J4j+33Ml9e3dxcxxTzTF5GT c8knmgqqkEYBALAgH7kX+oWGlWcuoancxWdrAN0k0zrHGg9WZiAB9TXxf8WP2kvEnhf9pr4E/Crw VNpmo+FfiZ/a5v7kAzyEWMAkiNvNHIEHzH5sq2favl7466eP2p/2yfhP+zj8R7id/h/Y+EV8Y6np kTtbx6lfyGWJFd0KsUTC4wcgGRVIJJHn/jb9mb4c/s7f8FEf2dp/hTbPo/h/xS+synSRPJNb213a 2bLLNCJXcp5yPGGGcZj444AB+0mteIvD/hu2F74i1O10u3JwJLqZIEz/AL0hAq5p+o6fq1nFqOlX MV5aTjdHNC6yRuPVWUkEfQ1+H3xob9kJf2p/H+ofG5/EP7Q3jC5MNvZeGdB0q5uIvDkMS7Tar5d0 kUsh+XeQV2uHLKJGbHU/8Evb/wDsb43/AB++Hfh3RNY8HeELObTL/T/Dmt71u9La584lHjdnZGZC oOWLFVTcSRmgD9Yvix8QbD4VfDTxT8RtRVJY/Del3uoiF5BF57Wdu84hVjn5n2YGAT7GvjD9ib4w ftLfGPQV+M/xw1vwlZ+CfENk0mm6ZpYkivrSczhIjcNKWVUdEkIUyOxyp45A9f8A24fhz4K+Iv7L fxFTxrpaaovhvQtW1vTw7Ov2fUbLT7g2867GXLIWOA2VOeQa/G74lfCX4deA/wDglL4Y8c+E9Fj0 7XfG13oE+s3SPIzXklvNciJmDsyrtEj42BRzz2oA/o6vL2z0+Brq/njtoVwC8rBFGTgZLYHJqOTU 9OhmNtNdxJKIzMUZ1DCIcF8E52+/Svzu/wCCr7ov7Evi8MQC97pAGe5+3QnA/AV8w/HD4PaB8df+ Cifwn+HXjGa5/wCEau/hlaz6pa21xJbfbra2ur6VbaV4mVjE0yxs4B5C8EHBAB+02j6/oXiG3a70 DUbbU4EYo0lrMkyBh1UshIBHpUeqeJPDuhzW1treqWunzXrbIEuJ44mlb0QOQWPsM1+Rfhr4Q+Df 2W/+Cl/gLwX8EbeXw74V+IfhbUJdU0tLiaa3ea0W5kVwJmcj5oYyOTtO7bgMRWH+yr8Avhl+3BqP xZ/aF/aP0+XxdqV54nv9A0y0uJ54I9L02xSNoo4khePY4EwHPI27vvO5IB9u/szfH7xx8X/i78eP A3imGyj074a+IY9L0s2sTxytAxnBM7NI4d/3a8qFHXivqi98Z+D9N1SLQ9R12wtdRmOI7aW6iSdy eyxswY/gK/G/9iPwVH8Jx+2L4CXxq/h628Oaj9ji8SXh8+Wwt4obxY7uQl0DSQx4b7wG5fwr5M1X Qv2JtS+APiLw98OPhp43+LnjGDTr+4m+IFvpV3BbG/jV5Gv5pJrn91AjDc0bIcqCGy5LEA/pfub2 zshGbyeOATOI08xgu526KucZY9gOapWmv6Ff6jc6RY6jbXF/Z48+3jmR5os9N6All/ECv5+vjfrP iz4h/wDBMj9ma81HWbn+3b7xnpdnHqPmN9pjaBdUtreQSAht8aomGzuyM5zzXT/tlfscfDD9nbUf ghqX7P8APqXgrxB4k8RweFr/AFW11C5a9uItTTypJ2keRgspBk3eWqqd5GMBQAD927HxH4e1PULr SdN1S1u76y/18EM6SSw/9dEUll/ECn6xr+heHbYXviDUbbTLckKJLqZIUJPbc5AzX4x/G39nD4Uf smftK/sweJ/gHpkvhe61/wATDQ9T2XdxN9ttpzBExl86R8sUkkDYwG3DI4GPArrx34G+NX7U/wAY vFv7RXwp8efGTTfCms3Ph7w9p3hzTZr7TNKtrOWSFzMqXEOyeURq+3oWLsQTt2gH9E8V3aT2q3sE ySW7rvEqsChXruDDjHvWNeeLfCmnpaS3+tWVsl+dtu0tzGgmb0jLMNx+ma/F79kq68YeFdf+PPw6 8L+BfGvg34LX/hm+1jQLTxfptxanTrxIljuLaGWRpI9spmd1XzGZkjDH5g5POfsU/sJ/A743fsXW XxF+KVhc674k8QW2qxafeS3typ0mCyubi3gjtY0kEaqssbTEMjBmcggrxQB+qv7WX7QEf7M3wK8R fF2PTo9avNKW3S2sZJ/IE8tzcR24JbDErGZQ7BRkgYyM5Hs/hDxNa+JvCOl+JxPAy3tpDcStE4aJ GeMO43ZOApPc8d6/ns8T2Vp8UP8Agjnpfj7x7G2s+IvAl4bTR76eSRpraGTWYbZlB3YYeQRENwOE AAxjNfXf7SPwr/Zt+GH7MHwy8GeJ/F03w1+HdzqFrqmo6BpcFxeXnieZ4Y3ltUKziVFbJLsQ0asU J2sEyAfq/o/i/wAJ+Ibmey0DWrLU7i1/1sdtcxTPH2+dUYlefWvlLw58fvHGsft1eLP2brmKyXwr onhCHXIJEicXhu5J7aMhpC5QptmbAEYOcc+v44fEHVfgv4a+MPwO+IX7MHwi8XfCXy/Fen2E+r6p Zz2FjqlvcyoDBGJbibzSUDbuBuRmD5+Wv0h8D/8AKWn4if8AZOLb/wBK7GgD3j9mb45eMPFnjT4j fAT4wvAfiD8NtQG64t4xBFqej3v72xvEiBIVvLZVlVchSV5yxA+xa/Lb4ktL4P8A+Crvwl1HSQIV 8eeDtS0zUAnWVbJbu6Vnx7xRDJ7IPSv1JoAKKKKAP//V/fyiiigAooooAKKKKAPmz4i/sy+EPHvi CXxLFez6Td3RDXIhVXjlYcF9pxtY9yDgnnGck+u+APAHh/4b+Ho/Dvh5GEQYySSSEGSaVgAXcgAZ wAAAAAABXbUVpKrJrlb0OSlgaMJupGNmwooorM6zG8RadNq/h/U9JtmVZb21mgQvkKGkQqCcAnGT zgV+eXwr/Yq8c+Gv2CNd/ZN8X61pqeIdWi1FUvbFpp7JJLiczwZMsUMhAIUP8nHOM9/0mooA+XP2 RfBXx/8Ahv8ACWw+H3x+utBvbvw3HbabpM2hNOytptpbxwxfaTPHHmbKHLKACCMgHNeI/FX4Hftd eEfj/rHx2/Zi8X6TqVj4os4LbUvDXiya8axhkgCqJbQQE7MhdxAaPazP94MAv6I0UAfCH7KP7L/x F+GXxI+IXx/+OOtaVqfxB+IxgS5t9Ciki0y0gtwMCMyqju77V3FlyNuSzFmavev2mvhhr3xo+Afj j4WeF7i2tdW8S6dJaW0t47pbpIxBBkaNJHC8fwox9q91ooA/On4yfsi/Ej4h/sxfAn4LaLqWkwa3 8MNQ8L3WpTXE062syaJp8lpcC2dIHdmZ3Bj3xoCv3ip4r1DQP2evGelftyeJf2mbi909vC+s+D4/ D8Nsskpv1ukubaYu8ZiEQi2wsMiUtkj5cZI+xqKAPi/Wv2bPFGt/trR/tD3txp03g1/BUnhmeyeS b7c88txJIx8sReV5JR8E+buzn5e9fN/gv9mv9uf9mHTNZ+F/7Mnirwjrnw8vrue40n/hJ1vF1DRv tLF3RPIVo3UE5y28M2X8tdzKf1gooA+Zf2UfgT4n+AXwyfw5478ZXvjnxRqt5LqOpajdzSyxieYA eVbLKzFIkA9izFmIGQq+cftufsxeNv2h9E8Ea58MNZstK8YfDrWo9a05NUV30+5dCreXOEVyMNGh B2MCNykANkfcNFAH47ftB/sn/t6/tZ+DLKx+KXizwR4cl8PXcF9pujaSl/8AYrq7X5HnvbmVJZEa ONn8pY0dTvIbb96voP41fA79q6y+Ntn+0L+zb4u0sahd6XHp2seGfEVxeSaO5TaTJaiIfKSVXPyx NlS2752Wv0GooA/P79mr9mD4ueGvjx4w/am/aH1jRbrx14q06PSY7Dw5FMmn2tonkklnnCySSHyE X5g2AD87ZAX6L/ac+GGv/Gn4BeN/hX4XuLa11bxLp72ltLeM6W6SMykGRo0kcLx1VGPtXu1FAH5q eNv2U/2jtI8HfA3xB8DfHVnpHj74SeHrHQ73Tr6e6bw9qgt7NLeUlEQEnPmBWaEMyspJjZARN8L/ ANmT9ofxl+0zoH7Uv7UuqeGrbVfB+nTWGj6T4XjuPK/0hJo2kuZrn5ztWZ9qhnBJBGzBDfpLRQBR 1PTrTWNNu9I1BPMtb6GSCVem6OVSrD8QTX4/fsz+Efi1bfsu/Gv9h3wpfWelfEnwJqF7pVnNqUss Fv8A2PrjedHeq8MUsg82J7hoysZwxTO3PH7H15s3wl8DH4rp8a4rJ4PFo0s6NJcxTSIk9iZPOWOa JSI5Cj8ozKWXoDjigDjv2Yfgrbfs8/Afwd8IonimudCsgL2aHJjmvp2M11IhYKxRpnbYWAO3AIGM V4P40/Ze+IMP7bvhT9qv4W6hpllpsumnSfFlleSzxT3sGCiyQiKGRXdU8ohXeMboI+cEkfeVFAH5 R/8ADIH7U37OHjjxLr/7FHjTRY/B3ii6bUbnwv4mSUwW93Ifn+zPDG3y4AVTujbYFVy+xWrrfh5+ yn+0T4l+MWn/ALSX7U/izSPEfirwbZ3CeF9B0RZINJtbmeNlLzSSxpISSR2Y7sEuVRVr9L6KAPln 9jb4I+IfgH8CtN8GeNp4bvxbe3l/qut3Fu5kjnv764eRmDFVLYj2JnAztrkf2Gf2cfG/7Mvw38We D/Hl9p1/ea94pv8AXIH02SaWJba6gtokRzNDCwkBhbcApXBGGPOPtSigD88P2l/2RfiF4r+PPgb9 qH9m/U9K8P8AxA8OyCDVk1SSeCz1WwVSoSVraGdi5QtC2U5jZcMpiUHL+NP7IHxltfjfcftN/sme NLLwf42123S317TNWV5tJ1ERxqitlInYNhFzmPkjerI27d+kdFAH5Rap+yj+17+07rnhy1/bJ8Ye HrTwD4fvU1F9A8Lxzb7+5gBWMXEs8Y2oQzA4dvlJAVWIZf1doooA/Mq++Bv7c3wd+KnjfxH+zp4w 8PeKPCPju+bUBp/jOa/ll0meXcWW3aHP7pS2FG/7iqpjJXcfX/2QP2bbv9l/wb4r1L4j+ILHUvFP jzV5dZ1m4tU+y6bDNMTtgt1cJ8gLMQSiZ3bQoCivtavM/i98IPAHx18Bah8NPibpx1Tw/qTQvNCs 0tu2+CRZY2WSFkdSrqDweehyCRQB+RP/AATp+BXhxv2pfjB8T/C97/a3gL4falqOgeE5Ad9tG99c NPc/ZmBKkQxYj3rw6zbhwRj780D9nrxnpX7cniX9pm4vdPbwvrPg+Pw/DbLJKb9bpLm2mLvGYhEI tsLDIlLZI+XGSPoX4X/Cv4ffBfwXY/D34Y6LDoOgafvMVtEXf5pDud3kkZpJHY9Wdix9cAV6DQB8 c+B/2evGfhn9tL4j/tG397p8nhvxhoVhplpbxySm+Sa1W3V2lRoliCHym2lZWPIyBzjmfD37MHj3 Sf2gP2hfirc6hpjaT8WdHstP0qJJZjcwS21iLZzdKYQiKXGQY3kO3kgHivuyigD4h+Bn7NXjn4Zf sNN+zLr1/ptx4oOi+INO+020sz2HnatNdyQt5jwpLsUXC7z5WQQcBuMp4J/Zp8deG/2DLj9ly+v9 NfxVN4Z1XRhcxyzHT/tF8J/LYyGES+WPNXcfKyMHCnjP2/RQB+aHi/8AYZ8Y+Jv2bvg54O0jxRa+ HPiz8FY7efR9Yt/Mnsftcar5sTb0RzDK0cZLGIkbBlGUspzL/wCAn7d3x48W+FLT9obxt4e8IeCf C97He3MHgmbUIL3VpIeAssku0ojjIOGAXcSIy20r+oVFAH54ePv2c/2h9H/bNg/aa+B+seHm0rXt Ls9E1+x1r7Qkq2cM8TzG28mNwXZIl2MzLtbIKlTmvSf2V/2evGfwO8XfGrX/ABZe6fd2/wAR/GF/ 4g05bKSWR4rS6lkdEuBLFEFlAcZCF1znDGvsaigD8Xv+CrXgrSPiNrnwd0TwBrMcXxN1vWLnw1Bb 20gMz6ZqsRhu2nCHcIYjhG3cbZZM8Zr9dfAXgzRfhz4I0DwB4bj8nS/DljbafbL38q2jWNScdWIX JPc5NePeFv2TPgB4N+Mer/H3QvCkcfjrWpZ55tQlnnnKS3P+ueGKSRoomkyQzIoOCQCFJB+jaAPj n9tP9nrxn+0b4K8D+HPBF7p9jc+GfF+meILltRkljR7WyiuEkSMwxTEykzLtDBVIByw4z5p8Vfgd +114R+P+sfHb9mLxfpOpWPiizgttS8NeLJrxrGGSAKoltBATsyF3EBo9rM/3gwC/ojRQB8Ifso/s v/EX4ZfEj4hfH/4461pWp/EH4jGBLm30KKSLTLSC3AwIzKqO7vtXcWXI25LMWZq9Q/bM+Cnin9on 9mzxh8HPBV1ZWWteIP7P+zzag8kdqv2S/t7p/MaGOVxlImC4Q/MRnAyR9P0UAfKnx2+Bniz4n/sk at8BNAu7G38QX+i2Omxz3MkqWYmtjCXZnSJ5Nh8s4IjJ6ZAryLxR+yd8RNb8Tfso61a6jpSQfAu1 aDW1eacPcs1pZQZsgICHG62c/vTFwV75A/QiigD81PE37NP7TXwc+N3jf4xfsha54cl074lOt3re geKFuhBHqC5JuraS2yxLM7uwZkA3EYcbAmJ4f/4J6av42+FvxXs/2i/FkWs/Eb4wXFteXupabE32 PS5dPO6zW1jkEbSJGeHyE3xhU427z+o1FAH5Naz8C/8Agpd4z8AWvwF8R/ELwhpnhhEitbrxRpx1 Aa/cWULLtBG1E80qoDlfLLjIMhyxb2j9o3XPil8AfBvwP8DfBnxVGs914i0fw5dJquL7U9XtZNsU jK0scmXADSzy5QIuSD0Wvv2oJbW2nlhnnhSSS3YvEzKC0bFSpKk8glSQSOxI6GgCevzKvvgb+3N8 Hfip438R/s6eMPD3ijwj47vm1Aaf4zmv5ZdJnl3Flt2hz+6UthRv+4qqYyV3H9NaKAPyWX/gnt8Q rb9kP4s/Cb/hI9JvviX8XdXtda1C7Ky2mjQTQ6hBdtDCI4nkEYWOTaRCMswXaqgGve9S/Zf8fXn7 SXwC+MUWoaYNG+Ffh+90nU4TLN9qmnuLCW1RrZfJKMgeQEl3jO3OATxX3dRQB8c+MP2evGfiD9tj wH+0jZ3unp4a8L+HLvSLm2kklF89xcG4KtGgiMRQecuS0qng4U8ZW/8A2e/Gd1+3Jpv7TMd7p48L 2fg5vDz2xkl+3m7NzLNvEfleV5W1wM+aGzn5cc19i0UAfkun7BvxeX9jv4z/ALPh1jQv+Ei+IvjK TxDp9x9ouvsUVo1zp8wS4f7L5iy7bVxhI3XJX5sEkdf8Yf2T/j/Z/GX4a/tHfADVvD8/i7wZ4ch8 O3um+IPtBsJoo0lUyQSQr5gLecwx+7PAOeWU/pzRQB+UjfsmftfeNv2kvhh+018WfF/hW71DwleP HdaHpq3lvY2WmOu1vsUskUsk9w/mSM4mCDcEAk2/d+lf2e/2evGfwm+PPx6+KPiK90+50r4o6lpt 5pkVrJK9xDHZrciQXKyRIisfOXbsdwcHJHGfsaigAr84/B37MPx5+HX7VnxF8deH9S8O6r8JPi7c x3HiCyvvtKaoiJbzJ5duEjMf+smbJMmGTghSM1+jlFAH5TeA/wBm39uj9mjS9U+Ev7OXi/whq3w6 urm4m0mbxLHef2noq3LF3VFgVopNrMWG7erPliiBmWvrP9kj9mey/Zi+G9z4buNXk8R+JvEN9Lq+ varKMG71C4ADlAfmEa4wu4kklnOCxA+pqKAPjL9sL9nbxr+0EfhYfBt9p9l/whHi6w169+3yTR+Z a2ud6Q+VFLulOflDbV9WFeJfti/sFa7+0j8c/BHxI8OavZaVoYgt9L8YW08s8U2oaVa3sd5HHCsU TpK5IYESsgBSI5O35f06ooA+MPib+zl4y8Y/tgfB34/aNeadb+Gvh5Y6pa31tLJKl47XtvNDF9nj SFoiqmRd26RMAHAPAPpf7Vnwm8RfHT9nrxr8JvCVzaWmr+I7RILeW+eSO2RlmjkJkaKOVwMIeiNz jivoSigDzD4I+CtV+GvwY8A/DnXZYZ9S8K+H9K0q6ktmZoHnsbSOCRomdUYoWQlSyqSMZAPFfmR8 Pf2Wf+ChPwL8S/ECf4L+Kvh/BonjXxDe63s1NtQmnU3EjFAdtlhSEwGALDOcE1+w1FAHw54Q+DX7 SPxX+H3j74W/tr6p4Y1rw/4ns4LWy/4RYXMc0DBnaSV2uYIwHRhC8RAYBlO4Y4Pz74M+BP8AwUq+ A+iW/wAMPhP8QfB3ivwZp2bXSrjxDDcpfWNmvESMIomG1FACrvlCj5VAUKB+stFAH5X6f+xL8YPC XwN+M96PFVt4x+OnxotVs9S1O4Y2enxW8j+VJFBtj3Kot5JOdgBIRVVFXJ/Rj4Z+B9O+GXw68MfD rScfY/DOmWmmxEDG5bWJYtx9225J7k13FFAHxZqv7OPje+/bs0b9p6K+04eFtP8ACjaFJbNLN/aB uWlmfesYhMXl4kHJlDZz8vrt/twfATxh+0t+zzrPwm8C3lhYavqF1Yzxy6lJLFbBbadZXDNDFM4J VTjCHnrjrX1xRQB+W9p8N/8Agq3HokHhqL4g/DnSbWC3S2S6tbe9luYkRQisomsthYAdSMZ7V2vg n4C6r+xN+x78QIfCnjW1PjiWK+1++8Saqmy1/tFkX5mRlnPlqqBVDBy7ktjL7R+idQXVrbXtvJZ3 sKXEEylHjkUOjqeCGU8EHuDQB41+zd4j8b+MfgH8P/F3xJbf4m1vRbK+v2MSwEy3MQlyY0Cqhwwy oAweMV4T+15+yx4x+NOt+CPi58GfEkHhP4n/AA4uHm0u5vEZ7K5imKmSC42K7KvBwQjghnRlIbK/ cVFAH45/FH9h/wDay/bFmt5v2rvHHh3w5YeH7a6/sbT/AArbTTIL6ZQomuGugH2EopZRIxKjC+WS TX6IfsyeFPjN4H+DGg+E/j1rln4i8W6WslvJeWYfa9tGxW3EkjhTLIIwN0mxCehBYF298ooA+Ofi V+z14z8Y/ti/CD9oXTL3T4vDvw/sNXtb+3mklW9lfULWeCIwIsTRsoaVS2+RCADgE8HjPAf7LPxD +Cn7W3iD4s/CDUdLt/hd8QovO8R6DcyzxTw6kN7C5sUjgeI/OdxDyIMSSKBgIR980UAfjn/w71+M /wDwwMf2WP7a0D/hK/8AhIP7W+1faLv+zvI83ft8z7L5u/HbysZ/i719wftrfAzxb+0f+zn4k+EP ge7sbHWdYlsHhl1GSWK2UWt3FO+9oYpnGVQgYQ84zgc19WUUAfAPx+/ZZ+J3iDxF8OPjl8BPEFho fxX+HVimmAal5j6VqenlGEttP5amQDc7lSFHDn7rBXTyvRv2XP2wfHn7Unwz/aX+O/iXwr5fg5ry KTRNGN6kNnay27JGbYzRP500ssjGbzHUKEXa7jCp+qVFAH5UaB+zN+2T+z98Yvif4n/Zv1TwXrHh r4parJq8x8UC+W7sbiWSWUjNquXVDMwBLvuABKqdxbvv2Sv2TPjX8B/jx8R/ij8S/F+meMrb4h2d tLc3kKy297/acbh5F+zGPyVtwXkWMrNnaqfu1yQv6M0UAeZfGvwXqnxI+DXj34d6HLDBqXinQNU0 q2kuWZYEnvrWSCNpWRXYIGcFiqsQM4BPFfHPiH9inXvG/wCwVov7KPiPWrOy8S6LZWoi1C28yeyW 9tJjKv30ikaJwShOwMu7cFOMH9E6KAPxp+M37J//AAUM/aY+En/CsPi7438FWNto32eS0XTxehtX u4HVPO1CdoGMaiJpHUQxYaUKGjUfMv14/wCzZ44b9svwX+0QL/Tv+Ec8OeB18M3Fv5s3217wTXEm +NPJ8sw4lXkyhsg/J0J+2qKAPjnx3+z14z8UftofDT9oywvdPj8N+DdF1HTby3lklF9JNdx3Co0K LE0ZQGVdxaVTwcA8Z8L/AOGa/wBrH4A/EzxtrH7IuueF7jwX8Rb6TVbrSvFX2v8A4lep3H+untja r8yNxgEn5QqFG2hz+nVFAH5P/CT9gH4p6R8MP2g/h/8AF3xtZatqPxnlhuY9XsRN5oul82WSW5he OMKDO4+SN2DJkZXIFUND/Zt/4KBar8EYP2W/EnivwN4Y8C2umf2JJq+lQXtzq9zpyx+UIRHIIoB5 qfu5Xwr7WJGWyW/W+igD8mrr9hr41ah+yD8G/wBn671Xw+niH4beMLfXLu5S5uzZz2EMt7JtiY2g kM2LpRtaNV+UneOK+n/2uP2evGfx7u/hNP4PvdPs18CeMNP8QX32+SWMyWloSXSDyopd0p/hDbFP dhX2NRQB8dftOfs9+M/jT8Rvgf4v8LXun2tn8NPFEWt6il5JKkstsjwsVtxHFIGkxGcB2RenzV4t 4j/Zk/aX+DXxw8afGb9kHXfDsunfEeUXmueHfFC3QthqGSTc28ltlizu7uQWQDcR842hf0uooA+A Pgj+zP8AHfSIfif4++PXjyPxH47+I1hPYxWFjNcroOlxPEURYYpAOchAWEQKqpALlmZvVP2RfgZ4 s+AX7Lnhn4JeMbuxvNc0aLU45prCSWS0Y3t7c3Mex5YonICTKGzGOQcZGCfquigD8s/DX7CPxDh/ 4J5at+yH4g1zSofFN5NJdQ3ts881gJF1BL6FWZ4YpQrCMI5ERK5JAbGDznjv9kn9sH4ieEfhJ451 zX/CUXxZ+DOpSyabCgun0a+08pa+X9oLRb1uA9ud2xArKwIZGAK/rfRQB+QXxj/ZP/bo/aN1HwZ4 6+JnivwXpmpeBdYs9Q07w/pgv49NdY3Ek0093JHPN9oJRERRG0YUsQyknd9b+HP2evGej/tw+Kv2 l7m909vDGueEodBgtkklN+t1HPbSl3jMQiEeIWwRKWyR8vUj7GpCMgjpmgD8zfCmm3Hxx/4KS+If ibZKZPC3wO0EeG47lT+7l12+3vcIh/iMUU8kco/hZUBHzAn9M682+Ffwl8DfBjws3hDwBZPZ2Mt3 c307TTSXFxcXd25kmnnmlLSSSOx5ZiTgADgAD0mgAooooA//1v38ooooAKKKKACiiigDE1fxL4c0 AxLr2q2mmmb/AFYuZ44d/wDu7yM/hWvDNFcRJPA6yRyAMrKQVZTyCCOCDX5CfG+61u6+K3iU68XM 0V5LHEHz8turfuAoP8Jj2keuc96+z/2QrrW5/h9fw6gXawgvWWzL5wAUBkVM/wAIY544yT712VcL yw5rngYLO/bYh0OW2/4dz6wooorjPfPLfjle3mm/BT4gajp08lrd2vh7VZYZomKSRyJaSsroy4Ks pAIIOQeRX5Ffsgfsi+I/2hv2dPCHxk8TfHv4kaZq3iBb1pYLLXpBbxm1vZ7ZdgkV35WIE5Y8k4wO K/Wz4/8A/JCPiR/2LWsf+kctfj1+xD+yh8Z/iX+y74J8Y+GP2ifE/gfRtTXUPK0bTU/cWoi1C4ic ROJ0I8xkMhO0YZj160Ae3/sxfEz4qfA39qP4o/sq/Fnx3e/EXwt4S8Pf8JLY6vqG6fULWCMW7vFM +55D+7uMEMWyUUoFD7a/SP4Y/GDwJ8YPhnp/xd8CXsl74Y1OO4lgnkhkhdktZZIZcxyKHGHiYcjn GRwRXyj4E/Y48Bfs3fDX4qeJ9O1XVPGPjbxZouoDUte1mb7RezqIJGEanHyqWwWyWZ2ALMQqheQ/ 4J9a5pWlf8E3vDGsX1ykdrpWm+IpLlywxEsV/fO27PTC889iDQBzX7Xn7ePhez/Y6k+KvwB8R3dr qvjGZrLQr4afKCrWl3FFfbvOjKwsIi4RnAy2Ch3Yr7h/Z2+L/hj43/CfRvG3hW6uby38tLWeW7t5 baVrqCNBMSsyqzAsfvAYbsa/ETT/APlCBqf/AGEl/wDUiir9+fh2Qfh/4YIOQdLsv/RCUAfmn+2H +2vD8HP2o/hL8ObbXr7TPDunXVzdeLre2sJZTcQyW8TWSo6xs8qje5dISecbxwK5LxH+1p4Q+EX7 f3ijxP8AEvxjfad8Prr4d2Nxp9g5upYpL28ubN4vJsVDf6Q0ZcnCBgu/cQA1enftfED9uD9kQngf b/EQ/wDIFrXO6R4X0PxF/wAFe/EN/rFpHdTeH/h/DqFkZED+Tc+dbWwkXIOGEc7gEcjNAH2N+z/+ 138Cf2mZNTsfhXrr3Oq6Moe8067t5LS8hjLbN/lygb1DfKzIWCkgNgsAfNviJ/wUS/ZX+Gvi/UvB Or+JLnUr/Q3MepvpdhcX1tYOpIYTzQoUBUjawUsVbKkAggfMXxPivfDP/BS3xFqfgiAW2s3/AMId QugYRsae9jllWJmK8lswxDPX5R6V4R/wT80z9s6T9mq1uvgHa/C678Oaze6g18+vjVX1ae681kkW /wDsx8pm2bdg/wCeJQnkmgD9x/Anjzwd8TvCeneOvAGrwa5oOrR+ba3ds26ORQSrDnBVlYFWVgGV gVYAgivzv/4KkftKXfwX+Blx4L8G61faF408V+SLS5so5kaOzSZRclbpBthcr8o+ZXIJ2881o/8A BMrwZqngP4dePdDufFfhjxNYy+Jrm7gi8KXk93YabLNGnnWi+fHGY1UqpRQX+U5LEnJo/wDBXb/k zTVf+wxpf/o00AXv2TfiT+zh8IvDfg/wZ4Z8eeKfFN78WdTvY9On8SR3Us819psUK3SIJIY/s8OZ FZd4+YsfmbHH2p8Q/jd8O/hZ4n8F+D/Gd9Jaap8QL86bo8aQSSrNcgoCrMikRj94vLEDmvhf9s+W K2/bO/Y+uLhhHG2r6/GGY4G947FVXPqzEADuTVL9vHVLEftQfsiaL5qm8bxdLceWCCwiWWzTcR1A LHA9cHHQ0AUtE8b+M5P2wv2vdCk1/UG03QfCmnT6dam6lMFlK2kxO0lvHu2xMXJYsgBJ56175/wT g8ReIPFn7F/w58QeKtTutZ1S7TVPOu72Z7i4l2apdou+WQs7bVUKMngADoK+XNB/5PX/AG0v+xP0 z/0zw19Ff8Ewf+TF/hj/ALmrf+na8oA++K/La71jxZ4k/wCCmvi34WSeJNTtfDt98OJNtpDeTJBB PM8Uf2iKJXCJMoYlZFAYHoa+4dc+Pfw98PfG/wAPfs+anPPH4u8UafNqdinlf6O8EHm7wZSQN+IX O0AnAzwK+EfDkkd7/wAFe/FItWEpsPh5Gs+058tjNakBvQ4dT9CKAOs/4Ju/FTxFefs5eJ9B+Lms 3F5r/wAKte1jS9Vur+d7i4EVu32kvJLIWdlQvIg3HgR4HAFfGH7Dnxw+M837U2geMvijr2oXfhD9 oi08RXOh2V5dTSW1lcWN9JIscMTsUj2JCY0CAArIoA6Zwv2ovG19+zL8V/2qfhfo4aOX45aNpGpa JCOGmuNRn+w6gI/V5PPum45OwehNfTH7YfwmT9n39mv4BfEHQo/9K/Z61jQZLqWMZ32khigvjx/z 3uFiLdjk+tAHp/iXxT4u+JH/AAU38NfDrQdbvrTwt8MPCsuraxZW9zLFbXN7elkhSeNGCSbRPbyK HB+63bNeGfsXftZ6N8H/ANjbxn8XPjz4ovtYktPF+qWlil3dPd395ItvbNFaW3nMWPJY4yEQFmbA ya9s/wCCf8UfxI+If7QP7UDsLmHxv4rk0rSp87t+laMvlwOjf3ZFdAccZj9q/Mr9j/8AYHtP2qPg l8QfHGreK7yz1LT9W1Gw8MWiyMtnY6lGIJ5LqUc58/8AdxMEAIUFvmYJtAP02/Zd+G37Q3xp8f8A /DV37Ses6p4as7sK/hrwPaXlxbWdnajJhmvoUZBLIQdwSRcsTukAG2NP0O8bPbReDNekvL2XTbdN PujJdQAmWBBE26VAvO5B8y45yOK+G/2Cf2o9d+Lvh3Vfgv8AGRW074wfDVjY6zb3GFlvIYW8pbwD +Js4WYrkbirjCyKB9m/Fb/kl3jH/ALA2of8ApO9AHx78Fv2gfgZ8D/2Tfhx4x8TfErUvFPhTXtUu NHsfEutQXAurq6uLy8f/AEoSbniji8mSPzJDtVIwcgEVseD/APgo7+yX448faf8ADzRvFU8d7rM6 22n3N1YXNtZXkzNsVIp5UUfM3yqXCqSQASSBX5MeI9Ks9e/4JVfsy6HqC77XUfiMLaVfWOa91tGH 4gmvvn/gq/4e0TT/ANmLwrNp1jDaN4f8U6Qun+TGsf2VNkseyLaBsXaANq4HA9BQB+q1fkh4e/bs 028/4KD678MdV8QagfA8enR6Bpenpp0wQeIZL63hkklCxbyu4OqzOfLVT8pAYk/rfX5h+ACB/wAF Y/iaD1Pw9sj/AOTFjQB4V8D/ANuD4d/Az4kftFad8dvGGpX1z/wsLWYdG04C51KeKytp5gywRjcs EEYAAGUXjC5wcfqd8GPj78Jv2gfBTeP/AIVa/Fq+jwyPDOxV4JbaWMBmSeKUK8ZAIYbhgqQykqQa +BP+CefhbQ/+F9/tY+M3tI31dviBqlgtwyAyJbLeXMrRqxGQruwLAHDFVz0FfMdqdS8J+FP+Ch9j 4Fj+wi1v4jHFb/u1iiuWuxdsgTG390XPGOB6UAfoDqn/AAUy/ZA0vxDPojeK7m7tLS4+yz6ta6dd XGlxTZwFN1HGVYHs6BlI5DEc19z6NrGk+IdJste0G8h1HTdRhjuLa5t3WWGaGVQySRupKsrKQQQc EV+JnwN8MftmXX7G+g6D4RtPg3/wqjU/DjSTNqR1cSm1miLXUt+0f7kXCtvM7D5VkVsYCivuT/gn X4c1Lwf+yn4Y8L3/AIq0nxlDps99Ha6jot1LeWbW7XDusayyxxNmNmZCu3C4AHSgD6I+O/xV0v4I fB3xf8WNX2tD4a06a6SNjgTXGNtvDn1lmZIx7tX5F/sCfEz43fDL44aB8Pv2g/Euoa7bfHjwvD4n 0STUJ5ZhbXatNKLePzWYR+Zb72ZV2jPlALyK9Q/4Kha74w+KOsfDT9jb4W2qap4j8b3b6ze2jzeQ j2OnK7RJNJkbY5HSVy3BBgGDmvnz9srTP245PCnhD44eMvht4b8LR/BC9h1Szu9E1Bp5ooPMhQxG Eud0G5Iy4HRFOflzQB+qX7Qv7LP/AAv/AFvSda/4Wb4v8C/2Vbvb+R4c1L7FBPvff5kq7G3OOgPp xX5X/s5fs1+LfjJ8cfjx8Ltf+OvxEs9P+FWqWVjp81rrsomuI7prsM1wXDKWH2dcbFUcnjpj9w/h f8QtC+LHw68N/Evw0+7TPEthb38IzlkE6BjG2P40JKMOzAivzn/YV/5O9/bI/wCxi0n/AND1OgDv dG/Z3+IngP8AaN+B0PhzxN4p8SeFfAmj67/bmpaxfCWC8+2/aRaJMwZTcXKy3PAMeEhjQ5zXafEf /gol+y58MfGWreB9b169v7/w/L5Oqy6bp1xeW1hKDgpPNGhTcpG1gpba2VPzAgfcVfiT4E8A/tIf DPW/iR4t/Yb8TeD/AIy/DfxL4gvbrUtDv2X7XFfTqrXFsZy0SvtjZVBa42kYJjyWyAfsF8PPiJ4K +K/g3TPiB8PNWh1zw/rEZktruAna4VijAhgGVkYFWRgGVgQwBBFU/if8VPh98GPBt78QfidrUOga Bp+0S3MwZvmc7VRI41aSR2PREVmPPHBr5U/4J5fEv4c/En4BSS/DrwOnw6j0HVrvTdR0aKRpYYdQ jWOWV4nf5irrIp+YAhsqc43Hxj9v6LTdX/aK/ZR8K+M445fB2o+J7yS7jn5glvIvsi2kcqt8pDM7 Lg5DBmBGMggH0R8If29v2afjX44h+HHhLX7i08Q3qmSyttTsp7E3qAFt1u0qhWyoLBSQxGSFODib 4xft3/s3/BHxjL8PfFeu3F/4ktEEl3Y6VZTX8tohAbdOYlKJhSGKltwGCVwRnX/aL079l6DxZ8LP Evx9WOLxBZa7Db+EZU+2i4/tWVkaONBY/MVLohIl/dbtobqAfk//AIJVWml3nhj4xeKtaWKT4gXv jnU4tbmbH2oIqxvEjZ+YR+a0xX1bd/d4APubwj+0v8FfHvwf1f46+DfEkWreD9AtLu8v7iCOQzWq WMJnnSW3KiVJFjG7YVDEEFcggn5u1b/gqH+xtpTWLDxbdXtvdxQSy3Fppt3PDaC4Tei3DrH8smOG jXc6nKsAQRXxTaW+laF8Vv8AgoN4Y+HqJF4Pj8G3k80NvxbRaq2lTGdQq/Iree1yCBjBUjHy4H07 +zj4E8KW3/BLVdHTTYDba14N1i9vAY1Pn3E8U8hlc4+Z1IXax5UKuMbRgAx/+Ckn7XGmeB/2bLa1 +E3ii5tdd+IMFrc6TqelrLsbTWlRppI7yMbYmdCFHzK+GO3np558GdJ+Avh3XvgVeeDfjf48uG8Q a9q7W1nrAvHTXb23hs47iC4VkhEMERw8YkVgTK+GPNfPfxNlkm/4Ir+A3lYuwvoVyTnhdVulA/AA AV9x/tpf8nj/ALHn/Ya1/wD9F2FAHrXxL/4KLfspfCbxLrPg3xl4nuINb0C/Gn3lpFY3EsiSFdzO NqYaNR1YE88DJ4q/43/4KDfsr/DzVtV8PeJ/FM1vq+lRadMbEafdtdTrqtst5bCGLygzEwupfIHl lgsm1iBXzX+yD4J8Ma9+3F+1r4k1rTre+vNO1HTbKBp4lk2Q3wuWnUbgcB/IQMO4HNXPgt4Y0PUf +CrP7QfiK9s4pr7RND0FbKR1DGA3OnWKyNHn7rFF25HO0kdCQQD25P8AgpP+yBP4Dg8e2njJrlLi 5ezj02KzuH1VriNBIy/YwnmbApH73/VZ+Xfu4r2/4R/tQfBH42/DfUviv4E8SRP4d0Pzv7Smu1a0 aw8iPzZDcLMFKKsfzbuVI5BODj4Z/ZJ8F+F7P/goX+1LrNtp0Md3pr6WttIEGYv7SRp7rYf4fNkQ Fsda8E8N+J/hV8L5/wBvLUPifocmteDIPEGmrPo9rM9obyW9nuVSFZIWRoxJMy72U8JkkMBtIB9q T/8ABUT9kGC+ijOv6m2kyzG3GrjR70advBwf3pjDEe4Q8c15/wD8FBf2xV+EOh/DLTPhz4lnsp/F OsaVqd3dWNsZ47nw25kaUw3ARl3SsqYWNhIyZx8pNfNfxn1T9r3W/wBibW11LwR4E+GHwct/DsBt 9Omubu+1YWO2M2cULKzQiZiY9rShX3nLfNkUvxnkL/sKfsayO2QvinwgMnsFtLgfoBQB9y3PxL+F /wASv2lfgT4v0T4i65pk/iDStYuNJ8Ni1uoLDWIVt7gSS3ittWN4ArOglTJKLjqK7b4xft3/ALN/ wR8Yy/D3xXrtxf8AiS0QSXdjpVlNfy2iEBt05iUomFIYqW3AYJXBGfBvjt/yk8/Zn/7A3iX/ANN9 5XP/APBKq00u88MfGLxVrSxSfEC98c6nFrczY+1BFWN4kbPzCPzWmK+rbv7vAB9zeEf2l/gr49+D +r/HXwb4ki1bwfoFpd3l/cQRyGa1SxhM86S25USpIsY3bCoYggrkEE/N2rf8FQ/2NtKaxYeLbq9t 7uKCWW4tNNu54bQXCb0W4dY/lkxw0a7nU5VgCCK+KbS30rQvit/wUG8MfD1Ei8Hx+DbyeaG34tot VbSpjOoVfkVvPa5BAxgqRj5cD6d/Zx8CeFLb/glqujppsBtta8G6xe3gManz7ieKeQyucfM6kLtY 8qFXGNowAfpN4b8R6D4w8P6d4q8L30Wp6Rq9vHdWl1A2+KaGVQyOpHUEHNeTfHL9pH4N/s5aTp+q /FrX10k6vI0NjbRxS3N3dyJt3CGCFXdgu5dzYCgsoJBIB8O/4JrSyTfsQ/C55WLsLW+XJOeF1C5U D8AABXkf7VvxGsbD9rD4c+C/hL8LrT4g/HK10m4vtNvtU1GW007SNPkMyO7RCQRSSMFkJJCuo2bS zFQAD6G+Cn7cX7Pnx48aS/Djwfqt3Y+KkjeZNM1WymsbiaONdztEJBtbao3Fd27bltuASMjx/wD8 FAv2Xvhpr/iHwh4n8SzjxD4avVsLjTLexuJ7uSdkMmIURDvQKvzSZCA4BYEgH88/E0n7QR/4KL/s 7337Rb+FLfxHcRagLe18L/aSbeyME4UXT3WWYs5k2bSV4fHXFfQf7G/hrRb39uv9rPxZdWkcmqaV qOk2ltOygvFFercvOqseRvMEecddooA+5/gN+0j8H/2lfDd14n+EWtjVYNPlWC8hkie3ubWRgSqy xSBWAYA7WGVbBwSQcfOfi7/go/8Aso6dret+Bo/Fs5uLJpbCTVILK5fTIb0gosZvEQoPn4Eg/d8Z 345r5BtrfUfC/wAdv2/rbwFCLW7HhaG8hjh/d/6VNpcszyqF/wCWheR3B7ueepr6i/ZB8K/CS/8A +CcegaTfW9m3hbVPDl/LrbMFMbTHzft0kzH+ON1b5icpsXBG0YANv/gmH4o8S+Mf2OvCmveLtWu9 c1Oe71RZLq+nkuZ3CXsqqGklZmIUAAZPA4r64+K/xe+HPwP8GXXj/wCKWuQ6DodqyoZpdzM8rAlY oo0DPJI2DhEUkgE4wCR8Vf8ABKD/AJMk8H/9fmr/APpdNXA/t4Wuma1+1f8AsoeG/Hixy+C73W9R eWGfm3mv4/sotkmDfKwLsiqrcMGYcgkUAfR3wl/b8/Zm+MnjK0+H/hvxBcabr+pDdYW2rWU9h9tB +79neVQjlv4V3Bm7KeaufFH9u/8AZm+Dni7xH4A8eeJpLPxJ4ZayjuNPjs7iaeZ7+AXMK26xoRL+ 7ZS7A7UJAYgkA/Mn/BXO20ax+A3hPxVZIsXjbSPFGnf8I9PFxeLcEOzpCVw+CEDEDjcqHqBSfBTw 1o+qf8FV/wBoLxJqlnFPqWjaHoItZGUOYGudNsVlaMn7rFV27hg7SR0JBAPcE/4KT/sgT+A4PHtp 4ya5S4uXs49Nis7h9Va4jQSMv2MJ5mwKR+9/1Wfl37uK7O3/AGjPgt+0T+zR8Q/H3w+8Y3Wn6BZa Nq0Go6jbQzRalo5Szd5Jlh+WTzYoz5sZQ/MQNrZHHyr+yT4L8L2f/BQv9qXWbbToY7vTX0tbaQIM xf2kjT3Ww/w+bIgLY615F4BtLbTbb/go7pthGsFrHb6nIsSAKivNp+qM5AHA3HrQBc+Pf7XNn8D/ ANnj4DeGvhb8Q9Z1mTXb7S7y81u6spjeaj4eWWcXDPJKrskzyRqpQN5pUHHyk1+wnw98eeHfif4M 0nx94Skll0jWofPtmnhkt5Sm4r80UoV1OQeCBX4bfEYgfsC/sdMeAPGnh7J/C8r9+6APhDVfHvw3 8B/td+PPE2ufETW5r/w/4Ea/vvCi29zNptrYQz27NfwhNyPcE4TYi7yHb3ryX/gnJ+19cfH1PG3h Xx1rt5rHjA63qep2gks3htodEjFpDBGjrGsKFWc/us7+SzAkk1c8Hf8AKW7xz/2TKH/0usKX/glO R/wpT4ijuPiFroPt+5tKAPb/ANu79oG3/Z+/Z88R6vZX9zpviXW7O5sdEnt4JJjHetGdrl0Vli2D LK74XcBzmvib9i340fs7fBD4N23xr8e/E7xXrGq+Lp9I0bW5/EJu7iytdZu7eW7K2weIERBVcPcF 3UhAdwB5+6/29/8Akzj4s/8AYEm/9CWvzo/a60e08Q/8E8/2TNAvxm21LUvAttKPWObQ50b9DQB+ hHgH9vv9lr4i+EfF/jvRvFjWmg+BzB/ad3fWdxaxoLpnW3Me+P8AeNMyMEjXMhI+4MjOT8Nv+CiP 7LPxP8X6d4H0fxFc6ZqetuE0w6rYz2MF+zEBBBNKoQlydqBipZvlUEkA/N//AAUZ8N+E7DxL+zV4 S1TT7TTvh7f+N7G31iFYkgtWihMUdvHLt2qIlhedcHhVJxiu6/4KxaT4Mj/Y31XU9TihttX0XUdK OgSACOWG7a5jR1gIwR/ovmkhey5x8oIAPpj4yftjfs9/AHxafBHxY8Tf2Hqx0ldZSJraeUS2sk72 yCIxI2+VpEbEa5baCxAUE15foP8AwUn/AGQNd8K6v4qHjNtP/sSWKCewu7O4i1F5Z2ZY1gtdhecs VOfK3bOsm0V8y3+hJ4w/4Kb/AAQvfHlkl1qdh8LLXUnSdN3l6ik1/wDOVb+ON3ZlJ5VgCMEA10Y8 F+F7v/gr9Lqdxp0MlxbeAl1VGZAcXolW0Ewz/GITtB60Afav7Pv7WHwU/aah1cfCvV5bi+0FkW+s by3ktLuASZCMY5AMqSpGVJAIwcHFdP8AtD/FnTPgj8GvFHxI1OaS3/sy0dbeSK3e6K3cw8u2zGis Svmsu4kYAyW4zXxJ8MbS20//AIKvfFxLKNYVvvA1hcTBAAJJhJYpvYDq2BjNffHxp/5I547/AOwD qn/pLJQB+MF1+1x4j+Kf/BLTxvrMPi3Vm+KHhcadJq+pxrPYyo+o+IwIvIuYljRgbdTGVhOEX5CA OK+xPBP/AAUv/ZK02z8MeCtf8azNfC0s7O51N7O6ksBeiKNZFe72EEhj88nKD7xfHNfG2okH/ghg hBz+5g/9Sxa+sP2oPAPhLQf+CXeoeGdO0u3isNH8L6RPbIsSgJcK9u5mGBxIzlmZurFmJJyaAPtX 40ftE/B39n7wpbeMvip4jh0rT79xHZqitcT3jkA4t4YQzyYBBLKNqggsQCK4P4H/ALZnwC/aC8QX Xg/wHrc0HiSzj859K1O1lsLxoh1eOOZQJABydhYqMFgAa/I7xbJ8YPEP7UH7K9h4AHh271u0+Fek X2hxeLWuW0p757eY3EoW2+f7UFjVkx3RG6ha9w+IHgb9qHV/2qPgP44+PniX4V+FfEGj6wqWMei3 eqWuq6tYSyxJd2qC5jk8792zLEhKLukYbsMaAP2or4I1v/gpX+yboxubePxBf6pf2VzdW1zZ2OmX U9zB9jYJNLKoQBIgTw5I3YO3ODX3vX5Pf8EqdG8IJ4a+M+u2kULeJbjx3qdteyYHnizjWN7ZD3Ee 95ivYtu644APue0/aZ+C+pfA+5/aL0nxAt/4Es7d7ia9ghld41jfY6vBt81ZFY4KFQw64xg15v8A Cr9u/wDZn+NPxEk+GHw78SS6lq6Wj3of7FcR2piiTzJf37IEXy1+8XKrn5QxPFflnZwWOm/Br9v7 RPB6xx+CbLWf+JakB/cR3TSyi8WID5Qi7YgNvGAAOAK+p/FfhO18C/8ABJOK48AafDZ6jP8AD7T7 iaaGJUlZNUit5tSYso3fvEeQuc88Z6UAe0ah/wAFOf2PdP1+bRz4qurqytpxbTatb6bdzaYkpONv 2hIyGHoygqRyCRg19R+Pfjz8Ifhn8NI/jB4y8U2dn4QuI4pbfUEfz47oTrviFsIt7TNIvKiMMSAT 0BNeDfs8+Evg3L+wh4Q0O6tbJvA2oeDYJtW3BPJcy2gk1CWY9BIJfMZyTlXB6FePxR+Bct14n8O/ sW+Gfiri48CSeK/EqW0V2S1vPLDcW/2ZJA52souHMaKeCC68jIoA/bX4S/t+fszfGTxlafD/AMN+ ILjTdf1IbrC21aynsPtoP3fs7yqEct/Cu4M3ZTzX5s/tmftIeB/iZ+17ofwe8S+P/FfhP4ZeFLG8 h1uPw9Fd211NrUFxPGVVUiczRjy4tsux0A37CCxNfS//AAVzttGsfgN4T8VWSLF420jxRp3/AAj0 8XF4twQ7OkJXD4IQMQONyoeoFb/jAuf+Cs/gAyAB/wDhWc+4DkZ+232cUAfoGJNC+EnwyE1/dXdx o3gvR90txNvu7yS1063y0j7RvllKR5bAy7dBk4r8RP2ZPid4R/ai/bW8UeJvHXxF8YC9svE0kngr RrN7m20ltO07zbhVvYzEY4g0MCbomMTO27fudq/favxE+Et3r1h8Of8AgoLfeGWaPU4PEfix4WTO 9SqXZZkxzvC5K474oA+xPFH/AAUu/ZF8K+Jb3w7ceKLrUU0uXyL3UNP066vNPt5M4w1xEhVhnjMe 8Hsa+gfHP7SvwX+Hvwq0/wCNmveI4pfBWqSW8VtqVmrXUMhumKxkeUGIGQQxP3SCGwQa8C/YD8Mf DN/2GvA2n2FnZXGiazpU76wrqjRXFzK8iX32ktkNhgyNv6KoXgAAfjVd3Es3/BLDxxptnLJL4e0/ 4nvb6I0jMw/s8iGRdm7Py+Y7ng8sW75oA/en4E/th/Af9pHxJr/hX4R6zPq174cUSXDPZXEMLwl9 gkjlkQIVLcAEhjgkKVBNdb8bP2jvhD+zvbaJffF3Wjodp4guJLa1mMMssfmRJ5jbzErbQF7nqeBz XpHhDwV4X8CaJYeH/C2mW+nWmm2kFlEsESR4gt12xp8oHAySB6knua/M7/gph4c0rxh41/Zl8J67 Atzpus/ECys7qJwGWSC4lgjkRgeCGViCKAPqX4d/txfs2fEr4beJvi1o3idrDwv4QlWHUrvUbWa0 WJ5P9Uqb1/etJxsSPc5JUFQzAHmfht/wUM/Zb+KPjHTvA2ieIrnTtS1xwmmHVLC4sINQZiAq280y BCXJ2orFSzYVQSQD8p/8FW9OvrTQfgr4a8OWulWej6v4zthdpqKtDpElyiJHajUBAAxt9hkEhHzC NTt6DHB/ti/D79szxx8IbXR/2gda+Dfgnw/YahaPYatBcaxY3NneRk+UtrNKkioWVWUgIfkBPG3I AP0p+O/7XnwO/Z11XTPDnxD1ad/EGsRNPa6Vp1pLfXskKkgymOJTsTKkAuV3ENtztbG/8B/2mvgx +0npOoar8JNeGpto8iRX1rLFJbXdq8mdnmwyqrANtbawypKsAcqQPgj4v/DX4max+07pPxV/Zj+J nhk/GvTPCNta694b1UmaO4sf3chnhby2ZFlaSPtEcbW3gOwPlWmfGXxVOP2mvAvxB+FOn/Dv9oCP wHqOrX2qaLM0sGpWkNqqCRQJJQkirIjxlZHLHO7a6kMAfaPij/gpd+yL4V8S3vh248UXWoppcvkX uoafp11eafbyZxhriJCrDPGY94PY1774y/aZ+C3gfwV4S+IureIUufDfjjUbXS9IvbGN7uK5urxX aJQYQ20ERuGLYCkYbB4rwb9gPwx8M3/Ya8DafYWdlcaJrOlTvrCuqNFcXMryJffaS2Q2GDI2/oqh eAAB+NGh3/k/sU+C1jnc+FtG+P0MWkSysdiaaLOSUFSxwE3tIxOcbi2ec0Af0Y/GX43fDv4CeF7X xl8TL6TT9KvL6DTo5IoJLgm5udxjUrErMAdp5xgV5b8cf20v2ev2dPEz+Dviv4gk0rWP7KTWIrdL WaYz20k7WyCJkUq0jSI3yZyFBY4UE18uf8Fb9UsbP9nzwhp08qrc3/jPSVhjyNzeXHcO5A64UDk9 iQO4rN+J/hTQvFX/AAVw+G4160ivY9J+Hz30McyCRBPHd6ikb7WyMoX3KezAEcgUAfWd5+2x+zdp fwX0T4+av4pOn+EfEcskGnPNaXK3V1PC7xyRRWojMzlXRlLKpQYzuwQam+BP7ZnwD/aJ12/8JfD3 Wpk8RabGZptL1G1lsbzyQQDIiSgB1GRnaSVyCwAIr5K+Kem6Def8FTfg54b8T2dumi6X4Pvb7RLd lUQHVWmvGkZE4XzFSMOMAkMqt1wR73+0PF+zzoHxd0bxXqCrF8fbjw7rUXhFoDfCeZYLSdmDi2/c FVDvtNwO7bOVOAA+In/BRL9lf4a+L9S8E6v4kudSv9Dcx6m+l2FxfW1g6khhPNChQFSNrBSxVsqQ CCB9Z+BPHng74neE9O8deANXg1zQdWj821u7Zt0ciglWHOCrKwKsrAMrAqwBBFfhx/wT80z9s6T9 mq1uvgHa/C678Oaze6g18+vjVX1ae681kkW/+zHymbZt2D/niUJ5Jr7I/wCCZXgzVPAfw68e6Hc+ K/DHiaxl8TXN3BF4UvJ7uw02WaNPOtF8+OMxqpVSigv8pyWJOSAfpbRRRQAUUUUAFFFFAH//1/38 ooooAKKKKACiiigDivE3w48C+MbmO98TaLbahcQgKsjrh9o5CllwSPY8V1Gnabp+kWMOm6VbR2lp brtjiiUIiKOwUcCrtFNydrERpRTcktWFFFFIs53xf4ZsPGvhLW/BuqySRWWvWNzYTvCQsqxXUTRO ULBlDBWOCVIz1B6VwnwI+C/hb9nr4UaF8HvBd1eXujeHhcC3m1B45LpvtNxJcv5jRRxIcPKwGEHy 4zk5J9UvLy00+0nv7+ZLa1tkaWWWRgiRxoNzMzHACgAkk8AV+f2rf8FQf2Q9LvZI49f1K/0yCc28 2q2mk3kunxyA4wZvLG4ehRWyORkEUAfoNNDFcRPBOiyRSKVZWAKspGCCDwQR1Ffm9Yf8EvfgZpWq Xlppvirxfa+BdQuxe3Pg+LWGj0KeQMDslhWMSPHgBcNIXwPv19sav8ZvhboXwuPxq1bxLaW/gj7H HfjVSxaBreUAxsm0FmZywCoql2YhQpbivnL4Z/8ABQv9lv4reO7D4d+HPEdzaatrDBdMOo2FxYw6 gW4UW8kyKCXPCB9pY/KoJwKAN7Q/2Kfg/ov7L95+yVJcapqPgu980tNc3EX9oLJJdfbFkWWKGOMN FMFZMxEcAMGGc+m/s/fA/T/2e/h8nw70rxPrfiqzhuHmiuNduUuriFGREWCNkjjCwoEyiY4JODjA HC/HH9s/9n79nzX4fCHj/XZpPEk8IuV0vTrSe+u1gOf3kiwqVjGATh2UkcgEV2fwv/aX+CHxg+G1 78WvA/iq1n8MaUJDqFzcE2v2EwpvkFyswRotq/NluCOQSOaAOS/aX/ZM+H/7UEfhi58VatrHh3Wf B1xNc6Xqmh3S2t5btcBBKoZ45BhvLQ5ADKVG1gNwOj4G/Zf8FeBPjL/wvW21rWdV8Tv4XtfCkrX9 xDLFNaWpgYXEgWBJGuXa3Uu+/aSWwgyMeM6L/wAFMP2Qdb8RW2hR+K7mztb6f7NbareaddW2lyzA 4Ki5kjVVAPVn2qOpIFe2/Hf9qr4K/s5ppMXxK1iSPUde3f2fp9jby3t7chMbmSKFWIUE4DMVUngE nigDUuP2e/Bdz+0Ta/tMyXuoDxRaaEfD6Wwki+wG1MrTbzH5Xm+bucjPm7cY+XPNfMnij/gm38LL /wAQ6/rHw68c+MvhlYeK5Wl1bSfDWrC0026Z8lz5DRvt3EngkoASqoq8V9CfAf8Aav8Agd+0guqR fC7Xjc6homDfWF3BLZ3lupONzRTKpKg8Fl3KDwSDxXh2r/8ABTf9kLR9dudJl8TXlzY2VybSbVrb TLufTEnU4Ki4SMh/ZkDKRypIwSAfUnwR+B/w5/Z5+H1l8NPhfpx0/R7R3lYuxknuJ5MeZPPIeXkb ABPAAAVQFUAYn7Rn7Pfgv9pz4Z3Hwq8e3uoWGk3Nzb3TS6ZJFFcB7dtygNNFMmCevyZ9CK9h0LXd G8T6JYeJPDt7FqWlapBHdWt1A4kingmUPHIjDhlZSCCOor4p/bx+LXirwh4G8M/Bz4ZXbWXjv4y6 tF4c024TO+ztpiq3t4pBBBijdV3AgoXDgjbmgD179pH9l34aftReGtM0Dx+19YXehXX23TNT0ucW 99Yz8ZaKRldcNtG4Mp6AjDAEeB+F/wDgnB8I9E8b+Fvih4g8YeL/ABd408K6lbajDq2s6qt5PN9l OYrWTzIWAtlbLbU2vk/6zGAOC+Pg1j4S/tG/scfCvwbrup2ugCfWLG6h+2TYv47SCzVGvAGxO2Sz EuD8zMR1r6a+N37aX7P3wB8SQeCvHOuTXPiaeMTf2VpdrLf3kcRGQ8qQqRGCvzAOQSvIBHNAG5af sveALL4o/E/4tRX+pnV/ixpsGl6rE0sP2aGC3tltVa1UQh0cooJMjyDdyABxXZ/Aj4L+Fv2evhRo Xwe8F3V5e6N4eFwLebUHjkum+03Ely/mNFHEhw8rAYQfLjOTkml8H/2iPg58d/Blz4++GfiS31LS NPLretJutpbJowWYXMUwR4sKCcsApAyCRzXzL/w89/Y+Gsrpz+Jr1NOe4+ypq50u8GmNMDggT+X0 HUtt245zjmgD1f8AaY/Y++GH7UI0LUfFl3qXh/xF4Yd203WdGuFtr6ASEFk3MjqyblDDI3Kc7GXc 2V/Zu/Y9+F37M1zreu+GLrU/EXijxLt/tHXNcuFu9QnRefLEiogVC3zEY3McbmbauOq+NP7UfwS+ AXhvRvE/xD8QLHB4kYLpMNlG97cahlVbNvHAHLptZTv4T5lG7LKDh/Aj9sH4D/tGatqPhr4ca3Kf EGkx+ddaVf2stlexRBgpfy5VG9VZlDFC20kbsbhkAq/Gj9j74TfHb4seA/jH41fUE1v4fTRS2cdr LCltdCG4W5jju0khkd0WRSQEdOGYEnPHsfxb+GHhn40fDXxF8K/GPnDR/Eto9pcNbsqzxhsFZImd XUSIwDIWVgGAyCOK9Fr4P8W/8FJv2SfCHie+8M3fii51EaTL5F9fadp9ze6fayZxh7mFGRueMx7x nIzkUAfSXwI+Cng79nj4WaL8IvAb3MujaGJ/LlvHSS5la4meeR5XjSJWYs56IABgY4rnv2cf2cfA /wCzD4I1DwF4BvdRv9P1HVLjVpH1OWGWYT3KRo6q0MMKhAIlwCpPXLHtb8eftJfBn4dfCzT/AI1e IfEUUngvVJLaO21K0VrqGQ3ZIjYeUGO3IO4n7uDuxg18/aZ/wUt/ZE1ay1/VLLxVdNYeG7i3gubk 6bd+SRdSeVFIj+Xgoz5HzbTgFsbQTQB6X4w/ZB+Gviv9oTQf2m7HU9X8M+NtFSOKWTSZreG31KJB t8u+jlt5TIGiPlMVZGKYGcqhX6T8QaLa+JNB1Lw7fM6W2qW01rK0ZAcJOhRipIIDAHjIIz2NfL3w q/bl/Zq+Mk/i9PBXigta+CLZ73Ury7tprSzjs0O0zieVVj2ZzgEhjgkKQCa870T/AIKa/sf634ht tETxVc2Nrezm2ttUvdOurbTJpQcYFzJGFQA9WkCqOpIFAHTP+wh8IZPgR4A/Z6bV9c/4Rz4ca6vi DT7j7Ra/bZbpZrqcJcP9l8tot13IMJGjYC/NkEn1/wDaI/Z78F/tL+A4Ph547vdQsdNt9QttSWTT ZIopzNa7tilpopl2Hccjbn0Iqj8b/wBqb4I/s6z+H4fi5r/9ir4nivprGQQSzxyLp8aSTZaJWAJE qBAeXZgqgmtP4A/tE/C/9pjwbceOvhReXF7pdpdvYzG5tZbVkuI0SQpiRQG+SRWyhYDIBIOQAD3K vkD4nfsY/D74k/HPRf2hoPEfiHwn4t0qO2hmfRL1LaG/gtZRKkVyrxSFkO0K6hgrqACCQDW/8Zf2 x/2ffgD4vHgX4q+I20fWZNKTWIoRazzedbSTvbIsRiRt8rSIwEY+bALEBQTU3wI/a6+CH7RWq6r4 c+Hmq3Ca/oqCW70vUbSWxvY4WIAlEcoG5MkAlSduV3Y3LkA6P4N/s9eC/gfr3xB8ReE7zULu5+JO u3PiDUVvZIpEiurl3d0txHFGViBc4Dl2xjLGqXw8/Zp+Hnw58XfFHxfp8l5qkvxdukutatdQaGa0 GxZkMUMaQoRGyzMGWRpMjHPXPiXjP/gpR+yN4C8Rah4T8ReKrhNW0jWLvRby3i0+6lkgubF/Lmdg sZJiD/KrrneQdgbacd38aP23v2efgR4jt/BfjTW7i58SzxLcHS9Nsp728iidQ6tNHGuIsqdwVyrb eduOaAPBr7/gl58JDb3vhjw58QfHPh3wHqc7XFz4VsdaxpDlzlkEUkTtsPRt5dj/AHsgY+/vh94A 8I/CzwXpHw98B6dHpOgaHALe0to8kIgJJJJJZmZiWdmJZmJYkkk15P4E/as+BPxL+FHiD4z+CfEq an4a8KWtzeaqUilW6so7SJppRLasomVtiMVG358fIWrwDVv+Cof7G2lNYsPFt1e293FBLLcWmm3c 8NoLhN6LcOsfyyY4aNdzqcqwBBFAHv8Apn7M3gPT/wBpDVv2op7/AFLUfFmpaYmkxW91LC1hY2yi MH7LGsKyIzeWSxaV+ZJMAbsD2fxf4V0Xxz4U1nwX4kg+06Tr1ncWF3F/fguYzFIvtlWPNcprnxm+ Fnhv4Y/8Lm1vxNZWvglrSK9TVGkzbyQTAGIxkZZ2k3AIigszEKAW4r5w+G3/AAUM/Zb+KPjHTvA2 ieIrnTtS1xwmmHVLC4sINQZiAq280yBCXJ2orFSzYVQSQCAe2fs8fAbw1+zX8MbP4TeDtX1TV9F0 6eea2bVpYZp4RcP5jxK0EMC+XvLMAVzljzjAFD4T/s4+CPg78R/iX8T/AAzfajc6r8VL23vtUivJ YXt4ZbYzlBbLHDG6qftD5DvIeFwRzn3+vym/4KT+O/Eug+Kvgt4G1rxZqfgL4U+L9WuLbxNrWkSm 3uE2eT5ET3AB8qMhpGOcggMxVhHggH6s1+efir/gnJ8NtS8ca941+Hvj3xl8M18VzPPq+n+GdVFl ZXUkhLSN5ZiYqXJJIJZBnCqBxXlP/BOrxF4guPij8avBHg3xjqnxA+DHhi8s4PD+r6tO12/2p0Ju Ibe4YASRrznb8uBG4A83LfrFQB5B8DfgZ8O/2d/h7Z/DP4Y2L2ek2rvM7TSGWe4uJMeZPNIcbpHw M4AUAAKAoAFT49fs/wDw1/aR8ByfD74nWUlxYiZbm2nt5DDdWd1GCqT28oB2uoYjkMpBIZSOK8X8 f/8ABQL9l74aa/4h8IeJ/Es48Q+Gr1bC40y3sbie7knZDJiFEQ70Cr80mQgOAWBIB9d+A37SPwf/ AGlfDd14n+EeuDVYNPlEF5DJE9vc2sjAlVlikCsAwB2sMq2Dgkg4APCfhl+wJ8OPA3xJ0r4reMvG Pir4n6/4cBGjP4q1P+0ItOOMK8KCNP3ijoSSoIDBQwDCT4kfsEfDfxn8SNV+LHgnxh4r+F3iPxFg axL4T1T+z49Rycs8yFH+dupKkKW+cqXJY5/ij/gpd+yL4V8S3vh248UXWoppcvkXuoafp11eafby ZxhriJCrDPGY94PY19r+FPFfhrxz4c0/xf4O1ODWNF1WJZ7W7tnEkM0bdCrD34I6ggg4IIoA+e/A n7H/AMGvht8E/FfwM8IW13aaX43s76z1jUmmWXVbs6hC8Ek0lw6FTIqSHy8psU87OWz33g34G+Ev A/wLtv2fdJu76Xw7a6TNoyzzyRNem3nR0Zi6xLH5gDnB8vGcfLXxj/wUO+JWpfDHxd+zprQ8S3Ph rQj48sTrMsV1JbQSafFJE84udjAPCE3FlYFcZyK9Y+GH/BQ/9lX4uePrP4beFPFE0Ws6q4j04X1j cWcN8xztEEkyKuWIIQPtLt8qgsQKAL+t/sNfCXXv2X9J/ZNvNW1tPCGjTLNDdRz2w1JmW4kuQHkN sYSN8hHEI+XHfk+rfE/9nrwX8WPiV8Nvin4ivdQt9W+Ft1eXemRWskSW80l6IVkFyrxSOyjyV27H QjJyTxjkPjb+2X8AvgF4it/BfjrW55/E91D9oTSdMtJ7+88o8hnSFWWPIGQHZSRyBjmtz4BftVfB T9pWx1S5+FmtNdXWhMq6hZXcElpd2u/O0yRSgZUlSNyllyCCQeKANP4Yfs9eC/hN8SfiT8UfDl5q FxqvxRu7S81OK6kie3hksxKIxbKkSOqnzm3b3cnAwRzk8J/s9eC/B3x38c/tCaZeahL4j8f21ja3 9vNJE1lEmnwxwRGBFiWRWKxKW3yOCc4AHA+d9X/4Kb/shaPrtzpMvia8ubGyuTaTatbaZdz6Yk6n BUXCRkP7MgZSOVJGCfNf28fjPB4Y1P8AZl8feHPGL6Z4O1bxrpt3f31levFZXWkFoZneZomCy25i JYhsqVJ4oA+0/h9+z34L+G/xd+Ifxn0O81CfW/iW1k2ow3MkTWsRsEaOP7OiRI65DHdvd8npivOp v2J/gxqEfxhtddOo6tZ/G25t7vWre5ni8uCa0Z5IWszFFG8ZSR943tIdyr2yDz3ww/4KH/sq/Fzx 9Z/Dbwp4omi1nVXEenC+sbizhvmOdogkmRVyxBCB9pdvlUFiBX25QB+bNl/wTG+Fd14fj8GePviJ 478beF7GB7fTdH1TW91hYZjMUUsMMUSL5sAOYs/IuAChXivW/Fn7Dvwn8afs3+G/2Zdd1XWp9C8I TRXGlal9phTVLeaAy+U/mJAsJ2JM0QBh+5j+MB6/LfW/jj8Pv2sv25tQ8M+LPiP4z0LwBCmk6f4W sNDF3p/nanc+Qjm6j8lvKUzSSBpZEUldn7wIoFftz8H/AI3fDv47aJq3iH4bX0l/ZaHqlxo100kE kBS9tVRpUCyqpYASLhhkHPB4NAHkPhf9jvwR4d8bfC74i3/irxH4h8QfCiy1Gx0+51O8guGvI9TW dJGvW+ziSRkWdljKOmAq7t2DnkPiR+wR8N/GfxI1X4seCfGHiv4XeI/EWBrEvhPVP7Pj1HJyzzIU f526kqQpb5ypclj6LcftjfAW2+Hvjz4oza1OPD3w21Y6Jrc32K4LwXwnjttiR7N0g8yVBuQEc56C vJ7r/gpr+xzaeKYfDT+MpHhmm+zf2oljctpYmyAV+1BNpAzy65QDktjmgD1bwJ+x/wDBr4bfBPxX 8DPCFtd2ml+N7O+s9Y1Jpll1W7OoQvBJNJcOhUyKkh8vKbFPOzls994N+BvhLwP8C7b9n3Sbu+l8 O2ukzaMs88kTXpt50dGYusSx+YA5wfLxnHy1o/Fr43/Cv4G+CT8Q/il4hg0TQd8ccc7B5mmklGUS GOFXklZgCcIp+UFjhQSPBfhl+33+zR8V9S1fQvDuu3VprGj2VxqL2GoWFxaXU9rbRmaSS3jdf3pE al9ikuV524BIAPePgd8HvDPwB+Feg/CHwdc3l5o/h1Jo7eW/eOS5YTTSTt5jRRxISGkIGEHGO/J8 a/aE/Y0+H/7QHjLQPidJr+u+CPHHhuE2tnrfh28FneC3Jc+U7Mj5UGR8FdrfOwJKnFfHn7JP7atn 8a/E3xw8I+N/FepNNealrE/h6RLCaJbDQLSB/LKlI1WKVIxv2uRKz9ctX1P+zr8U/hD8M/2OvD3x J1f4m3fiXwTp637HxPr6zR3l1nUbhCrxy75mdZMwxoNzMFXaDkCgDm/DX/BOr4O+HfiD4U+Lsvij xZrPjvwvqH9oPrepaol5d6kcKot7wzQMpgVFKKsSxuFZhvPBH0L8Mf2evBfwn+JfxJ+Knh281C41 b4pXVnd6nFdSRPbwyWSzLGLZUiR1U+c27e8hOBgjnPi3w2/4KI/ss/E/xfp3gfR/EVzpmp624TTD qtjPYwX7MQEEE0qhCXJ2oGKlm+VQSQD6H8Yv2xP2fPgH4vPgb4r+Jv7D1c6SutRxNbTyiW1ed7ZB EYkbfK0iMBEuXwC2NoJAB0fg39nbwP4I+MnxB+N2m3V9da18SorKHUra5eF7JEsYhCggjWFXG5R8 ++R8npgcV8v3f/BMz4MvqurWuj+LvF+heBdeuze3/g7TtXNtoNxIzBmRoFj3CJsAFQ+QAArKFUD3 D4Dftn/AH9o7XtR8JfDfW5v+Eg0uMzzadf2stldeSrBTIiyqA6gkbtpJXI3AZFfVVAHin7PnwH8I fs2fC3TfhH4Gu76+0fS5bmWKXUZIpblmupWmfc0MUKEBmIGEHHXJ5pvx8/Z7+GX7SfgVvAPxPsZL izjmW5tbi2kMN3Z3KAqs9vKAdrgMRhgykHDKRXzFf/8ABUX9jez0ey1i18VXepLeK8jQ2mm3Us1t EkhiMlyuweUMjIDEMVIYKQwJ+rNB+Pfwe8S/CVfjrpXiqzPgU273LapK5hhjSNtjiQSBWR1cbCjK H3fLjJAoA+b/AAB+wB8NPC/jrRPiL498YeK/ipq3hdi2jr4s1T+0bfTzxsaKLy0G9SAQTkBgGChl BHu/hP8AZ68F+Dvjv45/aE0y81CXxH4/trG1v7eaSJrKJNPhjgiMCLEsisViUtvkcE5wAOB4V4L/ AOCkP7JvjjxVp/hTT/E9zp76zL5Gn3mpafc2VjdyE4Cx3EyKi5PA8zYM4HUgV9C/G79oP4R/s7eG ofFXxb1+PRbS7k8m1jCPPc3UoxlIIIg0jkZG4hcKCCxANAFD4ffs9+C/hv8AF34h/GfQ7zUJ9b+J bWTajDcyRNaxGwRo4/s6JEjrkMd293yemK5DTf2R/hvpbfGxrfUdWb/hfEcsWubpoD9mWaCe3b7F iAeWdtw5Hm+byF7Agt+B/wC2Z8Av2gvEF14P8B63NB4ks4/OfStTtZbC8aIdXjjmUCQAcnYWKjBY AGqPxu/bc/Z7+AHi+DwD461m5n8Rywrcy2Om2c19NbW7ciWfylIjG35tpO/bhtuCCQDO8ZfsQ/CL xv8As5eGv2Z9XvtXXQPCElvPpeoRXESanBcWwkCS+YIREzbZXUjysYPADAMPoX4VfD9PhZ8P9H8A R67qniZdHjeMajrM4utQn3yNJmaVVQMV3bV+XhQAckZP56fsXfGuL40/tb/tDa74Y8VXXiPwTJB4 en0ZHnma1hSW2bzPJglx5LF1IkXap3AhhkV654t/4KTfsk+EPE994Zu/FFzqI0mXyL6+07T7m90+ 1kzjD3MKMjc8Zj3jORnIoA95039nvwXpf7ROq/tM297qDeKNY0JfD81s0kRsFtVlimDpGIhKJd0K jJlK4J+XOCPN/g1+xj8PvgR8WvEXxS+H3iPxDbW/iWS6muPD8t6j6Ks946u8qQeUH3qUARmkLKvy 5I4r3m8+LvwysPhlJ8ZbnxJZDwTFZ/2gdWWQPbG27OrJksSflCqCxb5QN3FfkP8Atn/8FDvg58Tf 2afFOhfBPxfq+heLZJbCbT5PIvNKmu7eO9iEz2s+E3Dbncu4MVz8uAcAH68fF34Y6B8Z/hp4h+Fn iie5tdJ8S2rWlzLZuiXCRsQSY2kSRA3H8SMPavH/AB1+yL8NviD8Jfht8Gta1LVodF+Ft1o93pk1 vNAt1NJols1rbi5Z4HRlZGJk2IhLcqVHFfRXhiSSbw3pM0zF5HtIGZmOSSY1JJJ6k1+Cvx3+PvgL 9of9tdfht4r+I3jHwr8NNC0xbOC38PJd2c0+vC6ELeYghc7Muf3zIVAQBWG7kA/a741/BL4dftBf D+++GnxP03+0dGvWWQbHMc0E8efLnhkXlJEycHkEEqwKkg/KnhL/AIJ0/CzSvE2g+IPiD408X/E+ 38JyiTR9M8U6qL/TrMoMJiARIGK4HB+QhVBUgYrtPil+3F+zV8APEafC3xJr93qXiDSoIxc2Wm2k +pXFrEqLhrl41Kq20hmBbfg5K8jPq/hL9pj4KePPg/q/x28G+JI9W8H6BaXV5f3EEchmtUsoTPOk tuVEqSLGN2wqGIIK5BBIAupfs9eC9V/aJ0n9pm4vNQXxRo+hN4fhtlkiFg1q0ssxd4zEZTLumYZE oXAHy5ySsf7PfguP9omT9plbzUP+Eol0L/hHzbGSL7B9l80TbxH5Xm+buGM+btx/DnmvJfhn+3/+ y/8AF/4l6T8J/h94kuNV1/W7fz7VUsLkQsRAbh4mkKYR0iUl92FUgqW3grX19rOs6T4d0i91/Xry LT9N06GS4ubmdxHFDDEpZ3d2wFVVBJJ6CgDxvRv2e/Beh/tCa/8AtJ2l7qD+JvEWjxaLcW7yRGwW 2haJ1aOMRCUSEwrkmVl5Py9Mez6ppljrWmXmjapCLiyv4ZLeeM5AeKVSjqcYOCpI4r4X0X/gph+x /rviqx8MWvi24t4tTm+z2up3WnXdtps02dpUXE0ahQCQCzhUGeWA5r2f48ftZfA39nB9OsfidrrQ atrA3WWm2cEl5fXCZK71hhDFULAgM+1SQQCSCKAPn/QP+CbPwj8PfCjxx8Ebfxn4un8GeN/se6xm 1C3kTTvsV4L5TYq9qyRs8q4kLKxdevzYYfVfxG+B3hP4nfBK++AuvXd7b+H7/T7fTXntpI0vBDb7 NjK7xPHvPljJMZHXgduc+A/7VHwR/aQi1BPhZr32vUNII+26ddQyWl9bAnG54JgrFM8b13KDwTni vD/EP/BS/wDZF8OQ3HneKLq9vbS6urSaytNOuZrqJrNgk0kiBAEiBbh2IDYO3dg4APQPih+xX8HP iz8OPBHw+8QyanZ3Hw5tbW10HXLC6W21iyW1jjiV1nWPyyziJC2Y9u4blCkAjmfhB+wl8OPhl8TI PjL4o8UeJPib41sYjBY6j4p1D7e9khBX9wNi4bazAFi2MkqFJJqD4tftsfCWy/ZS1v4+/DbxE2oW 2oW19p2jXNvaTSvFrYtJpbeK4hMZaHa8YLGVQgBBJ2sCfyf+Dd38I9f/AGYNe+LHjr4//ETQfF0h 06DxHqXmX9zDay311JJbx2iBVeUuttteRZX285wGAoA/pFr8Dv2KP2RNC+N/hr4pePIPHXiz4f68 vjrXNIuZ/DWpmxW909EtpkhuEKOG2vNIVIx9453YGP1G+OP7aX7PX7OniZ/B3xX8QSaVrH9lJrEV ulrNMZ7aSdrZBEyKVaRpEb5M5CgscKCa5O4/4KF/so2Hh3w14r1jxbJpml+LbC91DT5rqwu4hJFY SPDOuDFkyCRGRVUEuwwm7igDsNO/Y8+Deh/s5ap+zB4dgu9J8K61BJFeXNvLH/aM8krK0lxJPJG6 tMxUDc0ZAUBVUKFA9q8J/Djw14T+GGjfCKONtT8PaNo9voYS+2SvcWdvbrahZ9qojl41w+FVTk4U Divk7wx/wUo/Y98TaPr2sf8ACanSf+EdRZbi21CzuLe6kjdxGht4ShecsxHyRhnAILKo5r034A/t h/An9pTVNX8PfDLV531rRE8260++tZbO6WHcE81UkA3JuIBwSVJXcBuGQD54k/4Jg/B+O3vfC2ke PfHOk/D/AFCZ55vCVrrhXRmZ23FPKaJnMeeoZmckAl8gV9LfEz9kv4F/FP4O6d8DNc8PrYeF9DEZ 0pdPb7NPp0sSlUmt5MNiTDNuLhg5JLhiTXkHjj/gpH+yp4G1/VPDsmu32uzaHKYdQm0jTbi8tbR1 JDeZcKoiIUgglGYZBHUGsf8Aai/bP8GeHf2P7743fBjxOZ5/E0bWfh7ULe0ecJfZO4SxyRkQtGqS Z85QAwAIyRkA2/AH7AHw08L+OtE+Ivj3xh4r+KmreF2LaOvizVP7Rt9PPGxoovLQb1IBBOQGAYKG UEe8an+z34L1X9ojSP2mLi91BfFGjaG+gQ2ySRCwa1eWWYu8ZiMpl3TMMiULgD5epPwRffHz4bfG f9k34PeJ/EHxQ8ReDbmw8Q+HdK1DUrO0vFudS12PTTJNZzFdjSW85cu8o3RllHWvt748ftY/A79n CTTrH4n660GrawN1lplnBJeX06ZK71hhViqFgVDPtUkEAkgigD6PrwX4Rfs7eBvgzrfxE1zw3c31 /L8Tdaudd1SK/eGWJLi6Z2kjgWOGMiL5yArlzjqxqj8B/wBqj4I/tIRagnws177XqGkEfbdOuoZL S+tgTjc8EwVimeN67lB4JzxXh/iH/gpf+yL4chuPO8UXV7e2l1dWk1laadczXUTWbBJpJECAJEC3 DsQGwdu7BwAcxff8EyvhClxq+meD/HPjbwd4M8QSvNqHhfR9Z8jR5jIAGXyWidtjAYZWZuMKCAAB 7h8RP2M/gv8AED4A6d+zXFBd+GPBmly200CaRJFFcB7ZiwZpJ4pw7SMxaRmUs7Ektk5rs/D3jH4S /tdfBPUbrwJrrap4X8T21xp73Vo0ltdW0pXawwwSSGeIlXXIBHysMqQT4n+wd8XvFPjf4feIfhP8 TLo3fj34PatN4a1Wd877uK3ZltLtick+aiMpYklyhc/eoA+6K8I+Mf7PXgv43eIfh74l8V3moWt1 8Ntcg1/TlspIo45bq3dHVLgSRSFoiUGQhRuuGFe70UAeVfGf4LfDv4/eAL/4afE/Tf7T0W+KvhXM csM0fMc0Mi8pIhPB6EEqwKkg/Hmg/wDBNT4VReIdC1T4ieOvGXxJ0jwtIkmlaL4k1YXmm25ixsBh WJNyrjAUFUK/KysvFfoxRQB8efH79iv4c/HjxrpnxRTXtd8CeOtJgFtFrfhu9FldyQAkrHKSj7gu 44K7WwcFioArY+AP7IHwy+AGpa/4o0+/1fxh4s8VRrDqmueI7v8AtC/uYFA/cl9qL5eVBI2ljgBm IVcfVdFAH5wX3/BMr4Qpcavpng/xz428HeDPEErzah4X0fWfI0eYyABl8lonbYwGGVmbjCggAAfQ njD9kH4EeM/gHB+zZdaD/Z/guyWP7JHZP5VxbTxElbmOUhszlmYs7ht5Zt4YMQfpuigD8zZ/+CWv wb12xtoPH/j3xx4wvNNeH+zbvVNYS4k06GFw/k2ySQNEiSbVWTKEkD5dlfXmo/s9+C9T/aJ0v9pm e81BfFGk6E3h+K2WSIWDWrSyzF2jMRlMu6ZhkShcAfLnJPu1FAHzj+0P+y58Mv2ldP0dPGr3+la1 4bnNzpGtaPc/Y9T0+VipYwzbXXDFFJDKcEAjDAGuG+Bn7FHw7+C/j66+Leo+Idf+Ifju4ga1TWvE 999vuba3b70dv8ihNw4LHc2CyqQrMD9j0UAfnb4o/wCCbfwsv/EOv6x8OvHPjL4ZWHiuVpdW0nw1 qwtNNumfJc+Q0b7dxJ4JKAEqqKvFfW/wR+B/w5/Z5+H1l8NPhfpx0/R7R3lYuxknuJ5MeZPPIeXk bABPAAAVQFUAet0UAFFFFABRRRQAUUUUAf/Q/fyiiigAooooAKKKKACiiigAooooA8S/aS8VeA/B XwG8d+JfihZS6l4VtdKuV1GzgkaKS7gmXyjbq6MjKZi4jyGH3uuK/J67139q3xJ+xfrLeDfh74E+ FHwLfwpe3Nva6leXmo6k2jy27yr5LKxVp51bcjzKHLsGPzGv2f8AH/gTwv8AE/wVrXw+8a2Y1DQ9 ftZLS7gJK7opBg7WXBVgeVYHKkAjkV8E6J/wTI+FVppUPg3xT8QvHXivwNZEm18MahrZGkR45TMM EcWfLbDIAVAI5BycgH55anJaan+xR+xX4c8X7W8E6r44hj1sytiEwpqFxGElJwNhhebOTwBntX7A /tT6T+yza+G/B2tftKxRWumaJrdqugyxi8SWLU2VvIjh/s799ghMlf8AV/IpYfKtV9J/Yp+DFn+z XB+ytrv9oeJfBlo80ltJqM0Rv7eSWd7hZIpreKEK0ckjFDs6Eq25SVPm/gT/AIJ2/DHwz450Dxx4 28a+LviU/hB0fQ7LxPqgvrKwaLBidIhEmWjIBUZCDA+Q4GADy39gqHTNV/aU/at8S6/FE3jODxhL ZF3+aaLSo5Z1tlQn5hG4jHQANsXPQY+dv2+h+z94U+Cvx20L9ng/ZfGF94h0N/iBFatfCFPPlklh 3CT/AEUF5j8ywdWLB+RgfoP8ZP2G/h18VPiJcfF7w94o8S/DXxpqFuLW/wBS8LaibB7+FVVAtypR 9xCqACpXOBu3YGOp+GX7GPwI+GPwo8R/B+20mbX9J8Zl31651aY3F9qkj/8ALS4nURkMp5Tywmxs uuHJYgH5/fFzwD+2T4g/ZavPBHjeT4I6J8JxpNssV7DJrMMNnagJ9luLaVw8auCUMbbWyxHBzg59 58I/HWs618BPFvwP+MXhWf48+DfBENjHY3cz3tlq+jxrKFureR4jJ86SOpcxKXHIddhJ+i4/+CXP wkmt7HwvrfxD8da14B02YTW/hW71rdpKENuEYjWJSIwegUq4678kk+4fHT9iX4R/G6fwtrMV1qng TxF4JtVsdG1bwzcrp93aWaAqlsp2MPKQE7AApXLBWAZgQD5E+C3xcuh+0v4u+H37W/wu0jwD8VNa 8J3Fxc+J9Huj9nvtFgTEhkPmyiNRHCWEm8keVtYKVUV4f4O8GftQ/Ar9n3VtK+Dz+Df2if2c5odU lMDf6Petp/mSNeZZTDl1YPnDzsCMIBhQP0v+B37F3wy+C3ibWfH15q+t/EDxjr9obC71nxRe/wBo 3RtHxvgT5EURvgbgwZsDG7bkV4bP/wAEvPhRbnVdD8KfEXx14W8E63JJJeeGdM1kRaW4k+9H5bRO TGQcEOXJHG7pgA+nP2QPH/gL4nfs3+CPGXwy0D/hFvDt1ayRW+lbt4smtp5IJYVf+JFlRtrYG5cH A6D5K/aNRrv/AIKV/sw2mqsRpsWn6/NACfl+1LaTt06Alki+vFfot8PPh94R+FXgrSPh54D09dL0 DQoBb2lujM2xASxJZiWZmYlmZiSzEknJr4y/b6+HPiC58NeDP2j/AAJbNe+J/gbqq6+LVB895pWU Oo2698mKMP1+6rADJFAHBftkf8nqfsf/APYU8Q/+irKvkr9nQftYan+1H+0v4i+B8XgS48RxeKrm z1F/F51F7+GzjuZ1tI7U2nS2KIF567E7KtfqvrPwp+Ff7SXiT4P/ALSFrq99MPBiT6roLWcsSWtz HqsUJP2lJInc4WNcKjxlTuDZ6DhfjF+w18N/in8R5fjF4c8TeJPhp45u4Bb3mq+FtQNhLexqqoBc Ao+4hVC5UoTgbt2BgA+Kfg78OfEOmfHf9ou9/aC8deAtEt/GHg+4g8WaX4QvruM6dI8cMYv5oLqM CP8AcSys8hlJ8yTO352x5tBov7U/wG/Zll0eDTPBf7RX7NlpYzXYMTNaXI0mOZrlpDgxkMjgu2Bc MhGc/Lx+pPwN/Y3+DHwJ8M+J/D+kW934lufHCyJr+pa7ML2+1OOVWV455NqKYyHfKhRu3EsWPNfO kf8AwS3+FFtZ3HhKw+JHjyz8AXMpmfwrDrYXSiWcuYzGYSTGSec5c9S+eaAPIfiRonhv4+xfs3/E /wDZd8a6P8OPiVo+jSzeFfDWuYlim04wtFJAqbJseQIJY1cRsGUEgqVUjoPg18W/Hmm/tmeHPAX7 W3wl0XRPix4i0a4h0XxXocxeO6s7VJpWjkj82UAMscg3EhwQoMYUqV+tPjJ+xF8E/jB4W8H+HBHf +Drj4fRLB4f1LQLn7JfafCiqoiSR1k3J8in5gWBBIYEsTV+CX7E3w9+D3xBb4vav4m8R/EXx19mN nDrHijUDfz2sD7g6W42psDBiDuLEAkKVDMCAes/tOahr2lfs4fFLU/C7PHq9p4X1mW1eNisiSpZy lXQjneuMrjuBX5M/sZ6D+2ef2TvD9l8H7D4RXPw91a2vGnGtLqzXdx5ksiXQ1Hyf3LSAgow6BFVf ugV+6kkcc0bQzKHRwVZWGQQeCCD1Br83dY/4JjfCV59Z0/wJ488a+A/CfiOV5dR8OaJrAh0mYuMO ohkifCsOCHLjHygBQAAD81fiB4Rv/BP/AASq1bwtc+L9C8Y2dt46iNlc+Hbya9sbe3m8uQ24eeOJ ldZmkcrgjDg7iWNfc3/BUnwR4X8D/sPr4d8Labb6baafqOiWMQgiSPEFuXWNTtAyFySB6knua+rf Gn7EnwR8X/s86f8AsyWsN94c8GabPBdR/wBmTRrdtNC5kLyS3EU4dpHYlyVyc8EDAHov7Rn7PXgv 9pz4bSfC7x7eahYaVLd294ZdNkiiuPMtiSoDTRTJtOefkz6EUAfCv/BT/wAKab8Pf2JovDPgmwi0 nRINS0PTb4WsSxkaZbsxjQ7AMgTCMgHjJ9TX0L+134U+EcX7CvjvRhaWMXhHSvC8suiiMJ9ninhg zpjQN0yZvKCEHLbsc7jn6u8e+A/CXxP8Hat4A8d6bHq+ga5Abe7tZchZIyQeGUhlZSAyspDKwDAg gGvgrTf+CY3whij07w94k8d+N/FHgbR547iy8K6nrXmaNE0bbgnkJEhKDoAGUgE8nJNAHw7q2jSf ESL/AIJ1aV8RIP7QS7iv2miul8wTwWw0+S3EgfO9XjjjznIIPcGv36s9PsNOR49PtorVJGLsIkVA zkAFiFAySAOfavCfH/7Nvw++IXxA+F3xEv5bzTLv4Ry3UmjWlg0ENkRdJDGY5omhclEWBAixtHjn qMAfQNAH5P8AxR0fwjrP/BXP4YJ4rjhmktPADXOmxzYKm/iu9SKFVPBdI/Mde4KhhyARqftI29hY f8FH/wBmbUPB6RL4q1C11yLVgh2ySaVHbt5RlA5KgG52bh1Xg8DHmn7TvwY8O/Hb/gpp4J8EeJb7 UtIiX4dre22oaRcmzvrO7tdRvnimgmAYK6nplSOemcEfb/wF/Y4+H/wN8Yar8TbjXdc8feOtYhW2 l13xNeC/vYrZf+WML7F2KcAHqcAAELxQB8nf8E/PBHhfUfjd+1h4q1PTbe91CX4g6nYCSeJJGS3j vLmUopYHAZ2BYDqVXPQVc/4J4Wml6h8cP2o/EniJYpvHkfja7tLmR8GeLTlmm8hI85ZYWZGAxwwR c52rj7n+DX7Pfgv4Ha58QNf8J3moXdx8R9dufEGoreyRSJFdXTs7pbiOKMrEC5wHLtjGWNeP/F39 hn4c/E34kz/GPwz4o8S/DPxtfwi3vtS8K6j/AGe99GoVQLhSjgkKgGV25wC24gUAfnv8RbfStC/a t/bL0TwGiQaLe/CDV7zWYbf5bcav9iiKsyr8vmsssjHvueQ9S2fp39nHwJ4Utv8AglqujppsBtta 8G6xe3gManz7ieKeQyucfM6kLtY8qFXGNox9GfD/APYt+DHw2+FXjn4WeHhqMg+I9pe2eu63d3C3 GtXgvoXgeR7l4yu5VkZkHl7A5LFSWbPp/g34G+EvA/wLtv2fdJu76Xw7a6TNoyzzyRNem3nR0Zi6 xLH5gDnB8vGcfLQB+A/xBuPE2ofsD/sg6DavYtpep+KJo7kaw8g0pp476dLVL/yvm+zbWk8zb8wQ Hbz0+mv2xfh9+2Z44+ENro/7QOtfBvwT4fsNQtHsNWguNYsbmzvIyfKW1mlSRULKrKQEPyAnjbkf oxbfsa/BU/s2WH7K+u213r/g3TFk+zyXsyfb45XnkuFnWaCOJVkR5W2lUA2/KwYFgfE9B/4JqfCq LxDoWqfETx14y+JOkeFpEk0rRfEmrC8023MWNgMKxJuVcYCgqhX5WVl4oA+/fDT38nhzSpNUmjuL 17SAzywktE8pjG9kJAJUtkgkDjsK/HXxn4S1D9vj9sb4m/AX4p+Jr3Qvh38J7aE2WhafKsEt9eTx hBfy7lbzBGzlgSpCho1GNzl/2lr4v+O37Dvwx+Nnj2D4t2Ou698PvHkMH2Z9b8MX32G5uIgoRVnO xt21BtDLsYrhWZlVQAD8sfhH8cv2lv2YPjB4P/4J5213oqHTPFMMcetzLEUn0K+/f+U0ZK7ZWVzI mX83eVh5+Xd/Q9X5r3v/AASs/Zgv/At34YuzrN34gvb2PUJPFNzeibXDOn/TYxiPYwJ3L5fJIY/O qsv6N6bYQ6Xp1rplu8kkVnEkKNNI00rLGoUF5HJd2IHLMSSeSSaAPyx/Y38NaLe/t1/tZ+LLq0jk 1TStR0m0tp2UF4or1bl51VjyN5gjzjrtFeIyw6j4U+Nn/BQGHwGn2G4XwtBexrANmJ5dMlnllULj 94WkkcHruOeSa/VL4Y/s9eC/hP8AEv4k/FTw7eahcat8Urqzu9TiupInt4ZLJZljFsqRI6qfObdv eQnAwRzlng39nXwN4J+MfxC+NunXN9da18SorKHU7a6eF7JEsYhCggjWFXG5R8++RwT0wOKAPBv2 A/DHwzf9hrwNp9hZ2Vxoms6VO+sK6o0VxcyvIl99pLZDYYMjb+iqF4AAHlP/AASSuZZP2dfFVhZy yTeHtN8Z6vb6I0jMw/s/y7eRdm7PymR3PHVi3fOeqvv+CZXwhS41fTPB/jnxt4O8GeIJXm1Dwvo+ s+Ro8xkADL5LRO2xgMMrM3GFBAAA+5/hv8OPBfwk8E6V8PPh7pcWj6Do0Qht7eIdB1Z3Y8u7sSzu xLMxJJJNAH5vf8FMPD2leLvGH7M3hTXoFutM1r4hWFldQuAySQXEsMciMDwQysQQat/8FM9J0yys P2f9cs7WKC+034jaLbW0yIFeGF1kcxoQPlUtEhwOPlHpX2v8ZP2evBfxv1/4feI/Fl5qFpc/DbXb fxBpy2UkUaS3Vs6OiXAkikLREoMhCjYzhhR8d/2e/Bf7Qlj4UsPGl7qFlH4P1208QWh0+SKMyXVm HVEl82KXMR3ncF2t0wwoA+Ab34meMdc/a++Kth+xl8J9F1Pxxo8dnYeLPFviTUrkW5cLsit4rZJd yIvklT5WC5i+ZQEUnyv9mEeKLf8Ab7/aDg+PWqaEmrt4MWTxBceHzLb6XCNtkZCjTYcNFC2JHbne GJ5zX258Rv2BvAXjL4r6v8ZPB3jrxd8M/EHiRVXV28L6mLGO+2gKWcGNyHIAJIO3d823cSx2/g3+ wd8EvgV8R7r4m+BrnWG1DVdHm0fU7e/vEvbbUluJVmnubrzomlaeV1UsVkWPjAjAJyAfnJ4O8Gft Q/Ar9n3VtK+Dz+Df2if2c5odUlMDf6Petp/mSNeZZTDl1YPnDzsCMIBhQD44698LPj58H/2L5vCH hldA8FeJPHFppraI582O3iF4tpdW+T9+PcrhSQNykEgZwPr2f/gl58KLc6rofhT4i+OvC3gnW5JJ LzwzpmsiLS3En3o/LaJyYyDghy5I43dMfQ3iH9jr4O61pPwm8Pacl7oGk/BnVrbWNDtdPmQRtPay LKq3JnjmeRHddzkMrsSTvyc0AfLf/BTPSdMsrD9n/XLO1igvtN+I2i21tMiBXhhdZHMaED5VLRIc Dj5R6V+p1eEfHf8AZ78F/tCWPhSw8aXuoWUfg/XbTxBaHT5IozJdWYdUSXzYpcxHedwXa3TDCvd6 APzE+Bn/ACk9/aU/7Anhv/0gs6g/4JVzRL8KPitaM4E1v8R9dMiE/MoMFpgkdgcHB9j6V9meFP2e /Bfg/wCO/jf9oXTL3UJfEfj61sbS+t5pImso47CKOGMwIsSyKxWJS26RwTnAA4HzT4u/4JufCLxD 4+8SeN/DnjDxf4ItvGkz3Gu6RoGrCz0/UJJGLyeZH5TNtdmYshYqNxCBBQB+YEup2Wt/sB/tj6zp sontL/4jpcQyKQQ8cur6e6MCOCCCDX6FftUeBPCmi/8ABLvUPDWn6bBFY6P4Z0We2RY1HlzxyWz+ aOOJGYsWbqxZsnk59ZsP+Ce/wL0j4I/EH9n7RLzWtP8ACXxF1aPVrpIrmAz2TwzwTxwWbvbsFhQ2 6KBKsr7c5ck5H0F8R/gb4S+J/wAEb34Ca/d31v4fv9Pt9Nee2kiS8ENsYyjK7xPHvPljJMZHXAHY A/KzxCLDxJ+0B+wboHxCSO48Mt4T+2QrcnMUuqjS42i3BuCwmjtivUliBjmv0N+NGn/sv2fxu+E/ iP4uKkHxHlu57PwhKhvRPJMSnmI32T5GjXeP+Pn92u9v7zVY+Jv7IHwh+LXwi8K/B/xat/8AZfBF vZw6LqttcLBqtk9lEkKTRzqmzzGVBvBjKE4OwFVK8V8Hv2F/h38LviTF8YfEnirxL8S/GVjC0Fhq HirUP7QexjZSh8gbEwxQlSzFsAnaFycgHy9+x6R/wj/7Zy9x418U8f8AAJq+IdJisdS/ZA/Yg8O+ Mih8Cal471BdaSY4t3A1u4WNZiSAEMbzhs9FJPav2C0b9hf4aeGvjJ4t+MPhrxN4k0pvHH9oSato sF9GNIubjU4pIp5mgaFmLgytKm5yEk6fJ8lb1h+xR8EIf2Z7D9lLWre91/wbpjTyW019Mn9oRTz3 M10J0mgjhVZI3mcIRGBs+VwwLbgDwH/grFpPgyP9jfVdT1OKG21fRdR0o6BIAI5YbtrmNHWAjBH+ i+aSF7LnHygjy2/0NfF//BTj4IX3juzW51Ow+FltqUiTpu2ags1+C5Vh99HdmUkZDAEYIFfQvhL/ AIJ0/CzSvE2g+IPiD408X/E+38JyiTR9M8U6qL/TrMoMJiARIGK4HB+QhVBUgYr6M1L9nrwXqv7R Ok/tM3F5qC+KNH0JvD8NsskQsGtWllmLvGYjKZd0zDIlC4A+XOSQD4s+KmnWVh/wVc+C2p2UKwXO qeEtWS6dAFMwhhvdm8j7xHABOeAB2FfqVXhHiP8AZ78F+KPj74S/aL1C91CPxJ4N0+602zt4pIhY yQ3ayq7TI0TSFwJW2lZVHTIPOfd6APyd/wCCQHhHw5B+yLc6p/Z8Elz4i1nUFv3eNWM8cQSFI5CQ dyBQcKePmbjk5/MHWG1fTv8AgnO3hvSJI7fRJPjNPY3QuJJFtVtUtN8aXHl/N5AlVXfHIKgjnFf0 U/s5/s9eC/2YvhpB8K/AN5qF/pNvcz3Sy6nJFLcF7hgzAtDFCm0Y4+TPqTXA+DP2K/gn4S+C/ir4 CXsN74l8JeMNTudWvY9UmjaYXNz5RzFJbxwbBG0SNGQNykZ3GgD4A/aj+Hn7ZnjH9nm98HfGq7+C nhXwBALIQ38Emr2v9nmORBbG0kkWSOMniMYQ5RmXGCa88+Lcfxw1b9sv9nHRvC9/4V8Q+KtO+HFh d6XceIpru50G81Mx3H2u7gaFVleZxGJImKgkLG5AYAD7OsP+CYXwlkuNG03xr4/8b+NvCHh2VJbD w3rOsCfSovL4VDEkSHYBwAhT5eCSCQfpT9oH9lH4T/tHaPolh4wivNI1HwvJ5ujato04stQ01vlz 9nkCsgU7F+VkIGAVwwBAB+dnxA8DftQ6v+1R8B/HHx88S/Cvwr4g0fWFSxj0W71S11XVrCWWJLu1 QXMcnnfu2ZYkJRd0jDdhjXrP/BP230+8+O/7VGu+II4m8br42uba4Zjumi0xZZvsqIT8whJVgMYD BFz90Y9x+EH7CXw4+GXxMg+MvijxR4k+JvjWxiMFjqPinUPt72SEFf3A2LhtrMAWLYySoUkmrXxh /Yd+H3xS+Jb/ABg8O+K/Evwz8X3lutpqN/4Uvxp0moQLgAXH7t9zgAAMMcKu4NtXAB8BeDbbT/Bf xc/4KAL8H1S1On+H/PtRZnZ5F8bG6lufK2fdeO5MmFGMMMADpUP7Geg/tnn9k7w/ZfB+w+EVz8Pd WtrxpxrS6s13ceZLIl0NR8n9y0gIKMOgRVX7oFfo/wDs6/sXfCL9mLXvFOv/AA7utWu5PGFvZwX0 WqXMd3GTaKwMqnykkLzs7yS73ZSzHYqLhR4lrH/BMb4SvPrOn+BPHnjXwH4T8RyvLqPhzRNYEOkz Fxh1EMkT4VhwQ5cY+UAKAAAfmh4l8KX3gr9gbwN4J8ReMNB8XeCH+LNrHf3fh6/nurC30maAzPbM 80cTKFmMkjDBAyjbiWOP0J/4Kz+HPAY/Yuup7y1tbe50XUNLXQQionlSPKsTxQYxhTa+Ydi8bVzj 5QR9jwfstfA+3+Azfs2R+G4v+EEe2aBrUsTIXZvMNx5p+f7R5n7wSZyGwRgACvkTU/8AglX8IfFH h1fCnjz4j+PfE+lafGsOj299rMcsekRq6H/RInt2iViieUdyFfLJAUMFZQD9IPCn/Ir6P/152/8A 6LWvzj8If8pbfG//AGTGH/0vsa/TDT7KLTbC206Alo7WJIlLcsVRQozjHOB6V4ppv7PfgvS/2idV /aZt73UG8UavoS+HpbZpIjYLaLNFMHSMRCUS7oVGTKVwT8ucEAHwx/wSqtNLvPDHxi8Va0sUnxAv fHOpxa3M2PtQRVjeJGz8wj81pivq27+7x8+W9vpWhfFX/goN4Y+HqJF4Pj8HXU80NvxbRaq2lzGd Qq/Iree1yCBjBUjHy4H3z8SP2CPhv4z+JGq/FjwT4w8V/C7xH4iwNYl8J6p/Z8eo5OWeZCj/ADt1 JUhS3zlS5LH0LwL+x98Gfhv8E/FfwL8I213aaX43s7601jUmmWXVbs38LwSTSXDoVMipIfLymxTz s5bIB57/AME6vBHhfw7+x/8ADC803TbeO7vLCS/luBEgme4u5ZGkcvjcTtITOfugL0AFef8A/BWS /wBZsv2L/EcWl7hbXmo6VDfMucram5V+3rKsYweDmvuH4R/DHQPgx8NfD3ws8Lz3N1pPhq1W0tpb x0e4eNCSDI0aRoW5/hRR7Vt+OfA/hT4leENW8B+ONOj1bQdcga2vLWXIWSN/dSGVgcFWUhlYAggg GgD51+NnhH9lKH9l6PS/jDa2cfwc0a106WIx+eIooEeNbR4Gsv3+WLKoMXzMGIOQzZ+M/wBmNfBn iP8A4KPfFzWLkrdzaZ4W0A+EzceY0kejTWNoTJCLj96GKPHvZvnBkcNgswPrWmf8Ewvg9DdaRpni bxx408V+CtAmWew8K6rq4n0aEqchPJWJD5Y7KpU44YsCc+3/AB3/AGM/hh8c/EujfED+0tY8DeNv D0AtrLXvDN5/Z98luN22FjsdWjG9sYUMASoYKSKAPlj4k2+laH/wVl+Ek3gpEg1XXvC+pjxItv8A L5tslvdm2e5CdW3xIAWGTsj9Fw//AIJU+GNDi8IfGfxctnH/AGtf/EDV7Ca42jzGtrWKCWOMt12h 55Djpk19a/AP9kP4Y/AHXtY8b6Ze6r4t8a+IEWO/8Q+Irv7fqcsa4/diUqoRCQMgDLbVDE7Vx2Hw B/Z68F/s5aB4i8OeCLzUL228Ta7eeILltRkildLq9SJJEjMMUIEQES7QwZgScseMAH5Y/s66faaJ +zB+3N4e0uJbbTtN1fxvDbQIAscUaafKiqqjgAKqjjsBXEfHv/lDZ8Ovpo//AKUS1+q/hP8AZH+G /g7wb8XPA+majq0th8ZrvVrzWHmmgaaCTWInhnFoVgVUVVcmPzFkIONxbpWN4u/Yr+FnjP8AZo0X 9lbVNU1mLwnoX2byLqGe3XUW+yuzpvka2aI5LHdiEcdMUAfLvxP8KaF4q/4K4fDca9aRXsek/D57 6GOZBIgnju9RSN9rZGUL7lPZgCOQKj/aN8HeGNd/4KSfsyeHNS023l0yLTtbu1tjEvlCazgubuFt mNuVmjVxx94Zr7u1H9nvwXqf7ROl/tMz3moL4o0nQm8PxWyyRCwa1aWWYu0ZiMpl3TMMiULgD5c5 JTxZ+z14L8Y/HfwP+0Lqd5qEXiPwBa31pYW8MkS2Usd/DJDIZ0aJpGYLKxXZIgBxkEcEA+EPi94L 8Mat/wAFZvg9e6hp0M8n/CI3V629Ayvc2hvhBKwPBePgq3UFVI+6MT+M7zQvB3/BU6fxLf8A+h2H /Cqbm+1OWLKM8dvcS73YrhiyxwqAc5+UYPAr7o139nrwX4g/aC8N/tI3t5qCeJvC+lT6RbW8ckQs Xt7gylmkjMRlLjzmwVlUdMqec1NZ/Zs+H3iD49L+0Lq017ca5/wjsnhh7FnhOmy2EsjyOXiMRlMh 8xlJ83bt4255oA/Nj9m/xh+0T4y+E1xN+x38KvBXwu+Dmo3WoSQXniu/vNQnuFEjRXNxIscjMTlG UiUMihdgYooNeBfABw//AASF+NiRurpHq+oqpQEJt/0A/KDyF5yAa+/9I/4JjfCnQ47zwzpfxD8d 2vw/v53mn8JQ64YdIlEhy8MiJGJGiYcMN+8jGXJGa9o+H37Enwa+G/wd8dfAbR5dUu/Bfj66uru5 s7q5jc2bXcaRlLSSOJHVUEaFPMMjAqCWbJyAfB/7WpB/YX/ZNIOQde8B/wDponr1L4KWml6v/wAF TPjxe+NFin8Q6LomkroKy4JhsJLa2897cN0PzoHZeQZHHAZgfYNM/wCCeHwxtPhXovwg1Xxt4u1n Q/DviSy8S6eby/tpZbaawge3htYy1qVS12OSY1UHdyrLyD6T8fP2OPhr8evFWk/EefVda8FeOtDi 8i08QeG737DfiD5sROxV1ZAXbsHwSA20kUAfKnxJt9K0P/grL8JJvBSJBquveF9THiRbf5fNtkt7 s2z3ITq2+JACwydkfouH/wDBKnwxocXhD4z+Lls4/wC1r/4gavYTXG0eY1taxQSxxluu0PPIcdMm vrX4B/sh/DH4A69rHjfTL3VfFvjXxAix3/iHxFd/b9TljXH7sSlVCISBkAZbaoYnauOw+AP7PXgv 9nLQPEXhzwReahe23ibXbzxBctqMkUrpdXqRJIkZhihAiAiXaGDMCTljxgA+Lf8AgmTp9poj/tC+ HtLiW207TfiRq8NtAgCxxRphFVVHAAVVHHYCj9meM2f/AAUc/aks9KYnTJLbQJp8Hj7U1tG3I6ZD PMPzr6r8EfCz4Vfsh+G/ih8Rk1e+XSdf1LUPFusy6hJFIsEsgMkqW4iiiITjCI29ycDcSa8h/YE+ GviLTvCPi79oXx7bGz8V/HHVX8RS2zDDWemsXOn25zzlY5Gf2V1UjKmgD78ooooAKKKKACiiigAo oooAKKKKACiiigAooooAKKKKACiiigAooooA/9H9/KKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACmsqupRwGVhgg8gg06igCG3trezgS2tIkghjGFRFCqo9ABwKmoooAKKKKA CiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAK KKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoo ooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAILm2tryB7W8iSeGQYZJF DKw9weDUwAUBVGAOABS0UAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABUU/neTJ9m2iXadm/ O3djjOOcZ64qWigD8zfC/ib4sfD61/aruPiT8R47zXfDemWN5barJbyQ6Zpc9xpEkyC1s1aZkhik KgBd8kpXcwZ2INf9jbxd4+X4uz+D/GNv4n8Mwaj4MsNV/snxfqU+qXd/qS3Gy81GylkeZIIR5iJL Bvjbc6EQRgGvsnWf2fPh74jm+Jh8Qpc6ja/Fi3tbXWLaSRREsdpa/ZE+zlFV4yU+YkuxDgFdvSsn 4a/s66X4B8a/8LE1vxfr/jrxDb6adGsrvXp7aRrLT2kSR4oltbe3UtI0aGSWQPI+0ZbrkA+h6KKK AP/S/fyiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKAP/2Q== --0000000000002ab1cc05b58c30d3-- From nobody Thu Dec 3 01:47:05 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D69E63A0DE8 for ; Thu, 3 Dec 2020 01:47:02 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.096 X-Spam-Level: X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_IMAGE_RATIO_04=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9eBp8lgc1uaQ for ; Thu, 3 Dec 2020 01:47:01 -0800 (PST) Received: from mail-yb1-xb2d.google.com (mail-yb1-xb2d.google.com [IPv6:2607:f8b0:4864:20::b2d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EC81C3A0DE6 for ; Thu, 3 Dec 2020 01:47:00 -0800 (PST) Received: by mail-yb1-xb2d.google.com with SMTP id s8so1418502yba.13 for ; Thu, 03 Dec 2020 01:47:00 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Y4Ds04624udTmqMpCtcjor7A0jMER/z+U5tx+BdKxPg=; b=d8oIOxN4a7AcTn605t4GnHI1UxvJSU9tNsjX+7OepiwzUXDzeIyCZ9Hz5foz5c6HI6 bolBZCnUTuE2fQBhpG7uHv/yX01tnMdM6k1ENskrnXofGdrNONqag92v+YMXLxRZWkF6 IieRKMCfdW0UMw2IB6SmFKv6zNPCAThQy3R3uszIno7r6HymRoW9u6ab4WA5eM7h8EY8 8xTqi8MXek17qMd3P53KcG+zuMjAmcGmKiKDVQEnLNUdUjoyYpNgcoCX1V8txzHtv694 3xECSM71GrA5kBK0FCgVFaEljjfTWCaae7MLsqdAPyQGizoDpcmqCHstuI110PYmtnzp NpHQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Y4Ds04624udTmqMpCtcjor7A0jMER/z+U5tx+BdKxPg=; b=YfDLG37KN2qjJrXX869VCXOeOTbiLMyFRSaauUlwZzcQ9fqXZFA30fUyHLWYYiGkaB B17df45yiJJdGZtFG1LBX930cibBgBwkpTw+QW/D4+EVlBi2XLHyujKoRtHf0py5x+Kc 89orv8zdMTl+K8b5sy0B/ve7UQdtygJNvFfK3gF4Fni3FRtbO/PFztI1LMws6kIoAm3g 2W67yEdlYZ2EeDARROD0+tSEzSSm+e4hc+rFMgv8nBGWjNu5Q3tS3OcQKRJUZYJ1i4FG b8sZAsT+8MxCUmFni1RoJPcNE71TgTeHXvzjLPJEZNlkH56WtU9mJhrWn5rtcXwF/voy FEMg== X-Gm-Message-State: AOAM533x865VacDDmJO3kt+bng+ZIdzGoVIOMXDqa6vR51egM3YGofg8 POiGgYoYr505IWJxktPp3q4XdlfoBHzXPoleJw== X-Google-Smtp-Source: ABdhPJw6Uh+n1kq5F8Oi8NCo/ESXjtiYHNZ8KsVKgb+lbDvLDeCqcOoGjVRMQZzJ8PEG60dIgmD86OYOfrNoUiCYBEs= X-Received: by 2002:a25:fc20:: with SMTP id v32mr3054441ybd.351.1606988819496; Thu, 03 Dec 2020 01:46:59 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: From: Filip Skokan Date: Thu, 3 Dec 2020 10:46:23 +0100 Message-ID: To: Brian Campbell Cc: oauth Content-Type: multipart/related; boundary="000000000000c1439b05b58c3d64" Archived-At: Subject: Re: [OAUTH-WG] DPoP followup III: client auth X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Dec 2020 09:47:03 -0000 --000000000000c1439b05b58c3d64 Content-Type: multipart/alternative; boundary="000000000000c1439a05b58c3d63" --000000000000c1439a05b58c3d63 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable =F0=9F=A4=AB, better not open up the possibility of thinking of DPoP Proof = keys as pre-registered (i.e. not "ephemeral"). Best, *Filip* On Wed, 2 Dec 2020 at 23:30, Brian Campbell wrote: > There were a few items discussed somewhat during the recent interim > > that I committed to bringing back to the list. The slide below (also > available with a few extra spelling errors as slide #19 from the interim > presentation > ) > is the last of them. > > To summarize, I'm wondering if there's WG interest in working to formaliz= e > a client-to-AS authentication mechanism based on DPoP. I think it > potentially would be problematic to put into the current document (for a > number of reasons) so am preemptively ruling out that option. Thus, > basically, I'm asking the WG if there is some/much interest in the idea? = In > which case I'll find some time (at some point) to write up an I-D for it > and bring that back to the group for consideration. Or if I should, as th= e > slide says, "shut up and never speak of this again"? > > [image: Slide19.jpeg] > > > *CONFIDENTIALITY NOTICE: This email may contain confidential and > privileged material for the sole use of the intended recipient(s). Any > review, use, distribution or disclosure by others is strictly prohibited. > If you have received this communication in error, please notify the sende= r > immediately by e-mail and delete the message and any file attachments fro= m > your computer. Thank you.*_______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > --000000000000c1439a05b58c3d63 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
    =F0=9F=A4=AB, better not open up the possibility of t= hinking of DPoP Proof keys as pre-registered (i.e. not "ephemeral"= ;).

    Best,
    Filip


    On Wed, 2 Dec 2020 at 23:30,= Brian Campbell <bcampbell=3D40pingidentity.com@dmarc.ietf.org> wrote= :
    There were a few items discussed somewhat during the recent interim that I committed to bringing back to the l= ist. The slide below (also available with a few extra spelling errors as sl= ide #19 from the interim presentation) is the last of them.

    <= /div>
    To summarize, I'm wondering if there's WG interest in wor= king to formalize a client-to-AS authentication mechanism based on DPoP. I = think it potentially would be problematic to put into the current document = (for a number of reasons) so am preemptively ruling out that option. Thus, = basically, I'm asking the WG if there is some/much interest in the idea= ? In which case I'll find some time (at some point) to write up an I-D = for it and bring that back to the group for consideration. Or if I should, = as the slide says, "shut up and never speak of this again"?
    =

    3D"Slide19.jpeg"


    <= span style=3D"margin:0px;padding:0px;border:0px;outline:0px;vertical-align:= baseline;background:transparent;font-family:proxima-nova-zendesk,system-ui,= -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ub= untu,Cantarell,"Helvetica Neue",Arial,sans-serif;font-weight:600"= >CONFIDENTIALITY NOTICE: This email may contain confidenti= al and privileged material for the sole use of the intended recipient(s). A= ny review, use, distribution or disclosure by others is strictly prohibited= .=C2=A0 If you have received this communication in error, please notify the= sender immediately by e-mail and delete the message and any file attachmen= ts from your computer. Thank you.________________________= _______________________
    OAuth mailing list
    OAuth@ietf.org
    https://www.ietf.org/mailman/listinfo/oauth
    --000000000000c1439a05b58c3d63-- --000000000000c1439b05b58c3d64 Content-Type: image/jpeg; name="Slide19.jpeg" Content-Disposition: inline; filename="Slide19.jpeg" Content-Transfer-Encoding: base64 Content-ID: X-Attachment-Id: ii_ki7r7h4z0 /9j/4AAQSkZJRgABAQAAZABkAAD/4QCARXhpZgAATU0AKgAAAAgABAEaAAUAAAABAAAAPgEbAAUA AAABAAAARgEoAAMAAAABAAIAAIdpAAQAAAABAAAATgAAAAAAAABkAAAAAQAAAGQAAAABAAOgAQAD AAAAAQABAACgAgAEAAAAAQAAA+igAwAEAAAAAQAAAjMAAAAA/+0AOFBob3Rvc2hvcCAzLjAAOEJJ TQQEAAAAAAAAOEJJTQQlAAAAAAAQ1B2M2Y8AsgTpgAmY7PhCfv/AABEIAjMD6AMBIgACEQEDEQH/ xAAfAAABBQEBAQEBAQAAAAAAAAAAAQIDBAUGBwgJCgv/xAC1EAACAQMDAgQDBQUEBAAAAX0BAgMA BBEFEiExQQYTUWEHInEUMoGRoQgjQrHBFVLR8CQzYnKCCQoWFxgZGiUmJygpKjQ1Njc4OTpDREVG R0hJSlNUVVZXWFlaY2RlZmdoaWpzdHV2d3h5eoOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0 tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4eLj5OXm5+jp6vHy8/T19vf4+fr/xAAfAQADAQEBAQEB AQEBAAAAAAAAAQIDBAUGBwgJCgv/xAC1EQACAQIEBAMEBwUEBAABAncAAQIDEQQFITEGEkFRB2Fx EyIygQgUQpGhscEJIzNS8BVictEKFiQ04SXxFxgZGiYnKCkqNTY3ODk6Q0RFRkdISUpTVFVWV1hZ WmNkZWZnaGlqc3R1dnd4eXqCg4SFhoeIiYqSk5SVlpeYmZqio6Slpqeoqaqys7S1tre4ubrCw8TF xsfIycrS09TV1tfY2dri4+Tl5ufo6ery8/T19vf4+fr/2wBDAAICAgICAgMCAgMFAwMDBQYFBQUF BggGBgYGBggKCAgICAgICgoKCgoKCgoMDAwMDAwODg4ODg8PDw8PDw8PDw//2wBDAQICAgQEBAcE BAcQCwkLEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBD/ 3QAEAD//2gAMAwEAAhEDEQA/AP38ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACvB/2Wbu6v /wBmP4Q319M9zc3Pg/QJJZZGLvI76fAWZmOSWJOSTyTXvFeAfsnf8ms/Bv8A7Ezw9/6boKAPf6KK KACiiigAooooAKKKKACiq91dW9jbSXd3IsUMKlndjgKB1JNRadqVhq9lFqOmTpc2043JIhyrD6ig C7RRWU+uaRHqyaE93Gt/IhkWEsN5UdSBQBq0UVS1DUbHSbKXUNSnS3toF3PI5wqgepNAF2iq9pd2 1/bR3lnIs0MyhkdTkEHoQasUAFFFFABRRRQAUUUUAFFFFAH/0P38ooooAKKKKACiiigAooooAKKK KACiiigAooooAKK/DDxr/wAFc/Gvhbxjr3hmD4d6fPFpF/dWayNfShnW3laMMQI8AkLk1hWv/BZP xekytffDGxliyMrHqUsbEd8MYHA/KvrI8EZk1zKn+K/zPSWU17Xt+KP3sor4r/ZY/bk+Ff7UbTaF pUM3hzxZaRGaXSbx1cyRrjdJbTLgTKuRuyqOOpTbzX2pXzuMwVXD1HSrRtJHDVpShLlkrMKKKK5T MKKKKACiiigAooooAKKK+W/2jv2v/g3+zLYKnjjUGvNfuYfOtNGsgJLyZSSquwJCxRlgRvkIBwdo YgiujDYWpWmqdKLcn0RdOnKb5Yq7PqSiuBtvG/274XRfEi3tNn2jRl1ZLdnzjfb+eIy4HbOCce+K /O79j/8A4KG+J/2mfi9/wrTV/B1nocH9n3N79ogupJn3QFAF2sijB3dc114fKK9WnUqwjpDfVaGs MNOUZSS0W5+p9FFFeYc4UUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUV8U/ts/tWax+yj4P8O+JdG8 PweIJdcv3tGjuJ2gWNUiMm4FFYkkjFeg/smfHfUf2j/gxp/xS1XSYtFuL25urc20MjSoot5CgIZg p5xnpXoyyqusMsW17jdr36+nyN3h5qn7XofStFFfG37av7UWr/sqfD/RPGWjaDBr82ramLBoriZo VRTBJLvBRWJOUAx71z4PB1MRVjRpK8nsRSpSnJRjuz7Jor5e/ZC/aB1P9pf4Px/E3VtHh0O4e+ub T7PBK0yYg24bcwU5O7pivqGlisNOjUlSqLVOzFUpuEnGW6CiiiucgKKKKACiiigAooooAKKKKACi vy4/bH/4KDeJv2YPizb/AA30fwfaa7BNplvfm4nupIXDTySoU2qjDAEY5z3r9I/BuuyeKPCGh+Jp ohBJq9jbXbRqchDcRLIVBPUDdjNejisqr0aUK9RWjPbU3qYacIqclozpKKKK84wCiiigAooooAKK KKACiiigAooooAKKKKACiiigAor8uP2m/wDgp78P/gv4mvvh/wDDvRj418QaY7wXk5n+z6fazocN HvCu8zoRh1UKoPG/cCB8Y2n/AAWI+MqXokvvA+gTWm4Zjja6jkK9wJDK4B99n4V9RhODswrU1UjT sntdpHoUsrrSXMkf0K0V8Pfsqft3/C39p+VvDdvbyeF/GMUZlbSrqRZROijLtazgKJQg5YFEcDJ2 lQWr7hrwcbgauHqOlWjaSOOrRlCXLNWYUV+e/wC23+3Ef2UdR8M+HdC0K38R6zrkU91PDPO0At7W Ngkb/KrEmV94H+43tWj+xJ+2qv7WEXifTtZ0WDw7rnh4wSrbwztMs9pPlfMBdVOUdcN2G5fWu55D ivqv1zl9zvp3ttvubfU6ns/a20PveiiivHOUKKKKACivjnxT+2/8GNG+NPh/4CeHbl/E3ijWNTj0 y6+xEfZdPkZtriaY8NIhGDHHuIIIcoRiut/a2+Peo/s2/Bq8+KGlaRFrdxbXdrbC2mlaFCLh9pYs oY8fSvQjlWIc6dNws57X0ubrDTvGNt9j6Zor4t/Yn/ao1j9q3wV4g8VazoEHh+XRdQWyWO3maZZF aJZNxLqpBy2MV9pVjjcHUw9WVGqrSW5FWlKEnGW6CiiiuUzCiiigAooooAKKKKACvAP2Tv8Ak1n4 N/8AYmeHv/TdBXv9eAfsnf8AJrPwb/7Ezw9/6boKAPf6KKKACiiigAor598Q/tNfBqyXUNM8L+MN G8S+IbFnifTNP1G3urmKWMlWE8ULs8YRhhtwBB46180+Gfjd4u0bxhP4l1GZr2C/YC5tycIUHQIO ilB90j8eM0WA/RikYhVLHoOawNF8UaH4g0KPxJpt0rWDoXZ2IXy9oywf+6V75/lXxT8X/jZfeJ7/ APsfwrO9tpdpIG81CUeeRDkN6hQRlR+J7YAIPjN8Y7jxhdSeH9BdodGhbDNyrXDDuR1C+g/Osb4R fFu98A340/UC1xotw37yPqYif40/qO/1rwe5u5obiS6vJC8UzF2duqsTkk+38q4e/wBZuPFl0+ge FbgC0j4vL+JgyoD/AMsoWGQZCOpH3R70AfrH8Rfi9onhDwzb6rpci39zqiFrIKcowwMux9FyMjrn ivgG58Va/da+fE815J/aRk8wSg4II6Y9APT0rnfOv4NBtPD1pO4srA7oImJZQSoU9eeQOfz61FZN Lqkxs7IpHNGpkneU4jtYl+9LKeyDsOrngc5I5cdjqWGoyr15csY6tv8Ar/hzSlSlOShBXbPvfwL+ 0P4d1XSY4fExkt9TtgPtJijZ41iwf9IcrnamRg98ngEBiPnr4t/F+7+IF4bHS2MOhwHMSg8zHtI+ P0HavG11Ge3EcPhy5msbWB/NSbhZ7qbG3zpxjBUjhYiCgT5SMHAjmWGaC41WwiW3+zjzL6zTO2AE 4NzBnJMBP3l5MRODkEM3yeH4mxMKkamPo+zo1HaD6xeyVRbR5unRP3Za2O+eCg01SleS38/Tvb/g o97+D3xnfwPKNG8RzbtCckmRj/x7HqW/3O5HbrX2x4Y8Z6F4tSc6TI4e3blJUMchQ/ckCtzsccqe vYgHIH5YRqLBYNRvoRJeShZbKzlHyov8N1cqe2eYojyT8zdtvVeDviBrng/Vo9Rub+aeIuXaeTMk kDucu2By0Ln/AFkY6feQBshprcUYic3XwdHnw8NJSXxS7umvtKPX+bVRu1qRwMElGpK03sui9e1/ w6n6oUV51oPxL8Pap4an8QX08dmLGNXuVLBgoYZVkI++knVGH3unWvjrxn8dPFGt+KoNY0KZ7Cw0 1ybaH++OhaUdyw4x0A4Hcn7DB4uliKUa9CXNGSumtmjz6lOUJOMlZo/Qqivnzw9+038GrxNP03xV 4w0bwz4gvmSJNN1HUbe1uZZXIVfIjmkV5A7HC7QTnjr1+g66CAooooAKKKKAP//R/fyiiigAoooo AKKKKACiiigAooooAKKKKACiiigD+Tn4UaVpeuft4aTpGtWcOoWF343mjmt7iNZYZUa9fKujgqwP cEYr+kTxZ+yj+zZ410e40TXPhroAhuVKmS10+CzuEz3juLdY5UPurCv5y/gp/wApANB/7HqT/wBL Xr+rav0fjrE1KdWg6cmvd6O3U93N6koyhyvofyN+OtG139jL9rW6sfD948tx4C1iC5tJTw89nIqT xpJjAPm20gSQDg5YdK/p5+NXx9+HvwI+GM3xU8bXTjTMRi1hhAa4vJphuihhRioLsMk5ICqCxIAN fzbf8FDtXtfE37ZXj99HP2gRTWFkNnzFprayt4ZF47iRWXHqK+qv+Csuoa7pc/wh+H93IwstL0WW Zlz8r3WY4HJx1KrGMem446nPsZplqx88Aqz1lFuXdpJP8/zOnEUPbOjzbta/cin4j/4K+fHHUtYl l8DeCdDsNKiJcQ3i3V9cCNepeWKa3XHqRGMetfY/7Jv/AAUx8OfHDxXZ/DT4m6NH4W8S6rJ5Wn3F tIz2F1IRkQnzPnhlY8ICWVz8u4MVDe2/8E8/hv4Q8D/steD9U0CziW/8UWv9oaldBVMtxNK74V3x krEuEVegAPckn8QP+ChfgXw58Jf2sNZh+Hsa6PBdRWWrJDafultLqZdz+UExsy6+YAPuluMDAHFh sJluOr1cBTocjje0r9nbX/g3MqdOhWnKjGFrbM/oh/aR/aM8Dfsy/DyTx740El080otrGxtyvn3d yylgiluFUBSXc5CjsWKqfxum/wCCtX7Rd9cz69ovgHRB4dtG2zBoL2cx7j8oe6WZEVvTMYz6dMc1 /wAFVvGuteJvGHwptNSjkgjfwnBqpibhUudRlYTLjpuHkqD+FbvwU/bU+I3wz+CWifCfQP2fH1rw +lj5U02y6MWpfaVzNPIotWVxPuJPLDBABwBSyjh6lTwUK8qKqTk9bySSWu1ww2CjGkpuPM352P1F /Y9/bQ8H/tW6Le2kVi2g+LdEjSS/05n8yNo3O0T28nBePdgMCoZCQDkFWb5K/aP/AOCoGteDPibq Hwn+AnhO38SajpF29jPeXonmSe7jOySG2trdo5G2OCu8v8xB2rjDH4a/4J+6D8R/Bf7X/hTV7jwr q+i6NqbahaXIktLlIUgntZWjR5HQAqsqxnLd1B61S/aJ/Z4/aN/ZY+Pmr/FjwFY6gdMTUrrU9K1/ ToWuY4IrpnPl3B2uEdUcxuJRtfkjKmtaXDmAp5hOm7NON4xb0vdq1/K3no+tio4GjGu4+V0j6Bsv +CrH7SHgTxDBYfGX4badFbn5pLYW17pN6UPdGuZJl47Zj59e9ft18K/iZ4V+Mfw+0T4l+C5mn0fX YPOh3gLIhDFJI5FBIDxurIwBI3A4JHNfziwf8FDvEHjiXRrb9pX4d+HfirY6LI0kElzb/ZLuMyAL IQyboCGCjKmDBIGegx+/v7M3xG+EvxS+EGk+LPgtpcGheHJWli/s6G2itPsdwjfvYnhh/dqwJ3ZX IYENnmvH4tymNGlCaw/I72bTvF/r+C+Zy5lhlCKfJZ+Wx77X8hv7XPx48QftCfGO88XeItOtdMn0 mI6RHHa7yjQ2k8xV28xmO87znGB0wK/ryr+bD/graAP2n9NwMf8AFNWP/pTdUeHlWCxkoON21o+1 t/vDJJL2rVtT7e/Yu/ay8YftA/C3x/4D8R6NY6ba+BPC8MFtNaeb5kw+zyw5l8xmGcRA/LjkmvyH /ZC/aB0v9mj4pXnxM1HSptakTSLyztbWJljElzOYzH5jt9yP5TuYKx9FNf01+H1Vf2XNO2gD/ijY f/TcK/nt/wCCZvgvQPGf7V2h/wDCQ2kd7Fodnd6nDHKNyC5gVVhcg8Exs4dfRgD1Fe1k2Kw86OOq OnaGl4p9k76+Z14WpBxrS5bLsfQqf8FcPj5oniZD4u8AaNHpMmyT7GI7y1u/JJzlZ5JXUlh0bycd OOuf28+FPxb8I/F/4XaN8W/Dcxh0TWLVrnNwVRrfyyyzJKQSoaJ0ZXOcZUnOOa/Lj/gsbo+nSfD3 4e+IGt0+3wapc2qzbR5nkywb2Td127owcetcV8LPEepeH/8AgkT4vv7Bn83dfWQ2EgiK91CO3l6d tkzZ9s15eOyzC4vBUMTh6fs5Smo6O+7aOerh6dSlCpCPK27E/wAYv+CtHiOTxhP4W/Z08J2urWcb mGG+1OOeaW7cEgvDa27xsqHHybmLEclV+7XU/s+/8FV7jxJ45tPAP7QXhm28NyX8yWiajYCWOG3u XbYBdQXDu6IScFw52fxLjLL+bH7GHxx8S/ALxXr3jHwh8NX+IGqz2sVqkqCYtYRuzM+DDFLgzbQM nBwhA4Jq7+1P4v8Aif8AtN/EC1+Iknwf1DwrqCWaWlz9mtLqb7UY2YpLITAnzqrBM4J2gDOAAPpZ 8MYPneFdBKFvj5le/pv+nlY7ngKV/Z8mne+p/VrXy7+2D8afHX7PvwVvPip4E0ez1qbSru1S8ivf M8tLS4YxGQeUytuErRjrjBJrvf2ddW1jW/gJ8O9T8RRzxatLoGmi8W5Vlm+0pbokpkD4YMXBJzzX R/FnwBY/FT4Y+KfhxqOBD4j065st7DIjeaMrHJ9Y3w49xX5Lh1CjiUqyvFS181fU+bhaNRc2qTPm b9hz9q7Uf2q/AWu674j0600jXNB1AW01tZlzEbeWJXhl/eMzAswkUjOPkr4T8S/8FZvFmi/GXUfC dr4Z0mbwdYa5JY/bi0/2l9PiufKacYk2b2jBcfLgHHBr4u/Yy+PV7+zH4m+K2k645sLm98OalDDC 52ka3poZrVG9wxlT6nivkmH4b+I7n4W3vxfCZ0S01i30VnwSTcz28tx17BVjGfdh+P6theEcJHFV nVj+7fLy/Pe3z2Po6eWU1UnzLTSx/UZ+2p+07c/su/Cez8baFZWuraxquow2NnbXLP5TBkeWWQ+W VYhUTGQfvMtcR+zb+2Fq3j/9nfxJ+0X8c7LT/Cfh/R7qaKBrMSnzoYFQMwEjsXd5n8qNV5LjHcV+ Kn7Xn7RMnx08F/BHw1ZTm8k8P+Govt4Q5ZtVlf7LMGUclttqjr7Scda+wf2+PCOpfAz9i34LfBKz zBBFcK+phOFkvY7dppc46q088jgeoB5wDXiQ4ZowoUMNVVqtSbu+qir3t8kvvORYCKhCnJe9J/gj F8ff8FfPijqevS2vwh8E6ZZaWGYQnVRPe3kqKchytvLCkZIGSg8zH949a9o/Z0/4Kwad418VWfg7 46aDbeHDqckcFvquns/2OOaRtoFzFMzPHGSR+8DsF/iAXLD0L/gk58OfCOj/AACufiRbWcUniLxB qV1BcXZUGZLe2KpHbq2MqmQZCO5bJzhcfDX/AAVo+HPhHwd8bPD/AIp8NWkVhd+K9Nkn1CKFQiyX EExT7QygAb5FYBj/ABFMnkknqpYXK6+LnlkaHK1dKV9brc0jTw86rw6hbzP2H/bN/aC8Q/s0/Bv/ AIWT4Y0y11a9Oo21kIbwuItk4clv3bK2Rs45r8qtX/4LCfFCXwpbQ6J4N0i38SNPKbiabz5LNLcB PKEcQmWRpCd+5mcKPlwp5Nek/tQ+IdV8Vf8ABLf4Za3rZka9lbRI5HlJZ5PIimhWRieSZFQNk8nO TVr/AIJDfC/whqngvxz8RdZ0q21DU31GLS4ZbiJJTDDFAJZFj3g7fMMw346hQD0rkwGX4LDZfPEY mlzyhNrtfW33dTOjRpU6DnUjdp2PC/2yfjL48+Pv7HHwr+KPxC0e00a+1TxDqCwpZeYIZreCJohM ElZ2Tc6uNpduAGB5wP0U/wCCX80Vv+x9o1xcOsUUWoaozuxCqqrOxJJPAAHU188/8FdNH0jw/wDB j4caLoNjBpun2msTJDbW0SwwxILdvlSNAFUewFUvgHq99on/AASd8Z3+nBvPNpr0OUOGCXExhds/ 7KOT+FaYqMcRlFONNcqlV0Xa7Y6iU8NFRVk5f5nL/Gn/AIK2+JIvGNz4c/Z+8L2N/plvL9niv9VS aaS8cNt3w28EkW1GP3NzMzDkqpO0fJn7V/7bPiH9pH4V6T8O/iF4S/4RrxXoOspfO1uHS2kg+zSx kGKcmWKQM4IBLgrk5BGD69/wSG8GeHNd+MvivxVq9rHdah4d0qM2BkAbyZLqXZJKgPRwi7A3YMR3 r3r/AILFeDPDv/CK+AfiAlvHFrgvp9NeZQBJNbPEZQrkcsI3T5c/d3tjqa9OhDAYXM6eBp0feX2r 63tf56f8MdEFRp4iNGMNe59Cf8Ep/wDk1C3/AOw1qP8A7Tr9Ja/Nr/glP/yahb/9hrUf/adfpLX5 1xJ/v9f/ABM8PH/xp+p+Sf7Y3/BQv4ifs3fGmb4ZeGfDOlapYxWNrdefeGfzS04YsP3bquBjjivn /wCJf/BW34pXWs3t78GfBNhD4TsZhELzV4bm5ml5+Uv5EsMcJcdEJc/7VfPn/BVT/k7K8/7A+nf+ gvX7q6T8LfBuhfslj4YWWlwJog8KvC9vsBV3ktC8kjZzl3kJkLHncd3WvsKtHL8JhMLWqUOaU1rq /K79ex6koUadOnKULtnhv7Ef7ddp+1PNqng/xNo8WgeMNIt/thjtnL2t3a7wjSRByXRo2ZQ6MW+8 CGPIXh/2wv8AgpBo/wCz/wCKp/hj8OdGi8S+K7DYb+W6dlsbMugdYsRkPLLggsAVCZxktkL+bn/B KWR0/atiVTgPoeohvcZiP8wK+VPBHxC1OH9oyH4o33hZvG+pf2zdaq2kS73a6uC0kwDhFkY+W/7w jac7eeM16K4Swv8AaFX3bwjFNRv1d+vbT+kbLLaftpaaJXsfpD4Q/wCCtfxh8Pa/ZQ/Gn4f2B0m6 ZZHOnxXNjdi3c/6yJbmWVJMdQDtDYxuH3q/bvwR8RPCPxD8B6X8SvDF+k/h/V7QXsNw/7sLFglvM 3fcaMghwfukEHpX89P7Vn7Snxb/ap8D2HhLXPgZe6LeaXeLd22oxQ3k80Q2skkQDW6fJICCwzjKq cZAx6x8Gtd8e+Cf+CYHxk0fXdP1DTLvTb97W2juYpbdlstVazhkCCQKdm6WZmxxyfU15+ccO0qlG nUhTVObkotJpqzdrmOKwMZRjJLld7Wvfc7D4xf8ABWjxHJ4wn8Lfs6eE7XVrONzDDfanHPNLduCQ Xhtbd42VDj5NzFiOSq/drqf2ff8AgqvceJPHNp4B/aC8M23huS/mS0TUbASxw29y7bALqC4d3RCT guHOz+JcZZfzY/Yw+OPiX4BeK9e8Y+EPhq/xA1We1itUlQTFrCN2ZnwYYpcGbaBk4OEIHBNXf2p/ F/xP/ab+IFr8RJPg/qHhXUEs0tLn7NaXU32oxsxSWQmBPnVWCZwTtAGcAAe7PhjB87wroJQt8fMr 39N/08rHW8BSv7Pk0731P6a/i/8AFfwj8Efh3rPxN8cTPFpOjRh3WIBpppHYJHFEpKhnkchVBIHO SQASPxEvv+Ctvx58Q+KJE+Hvw/0l9KiZ5BaSRXl7eGBT1eWGWNQQOpEWAfauk/b98WeJtU/Yi+Al vrsVzFd6mthNqP2gMkv2y004xsJVfDbmd3b5ueM19Rf8En/BnhzR/wBm2XxhY2sf9seINVuxd3OB 5pjtiI4ot3XYoBYL6sT3r5bB5dhcHgJYzEU/aScnFK9lo7fo/wADz6VCnSourOPM72PxW/a7/aJt P2nPiRpfxHh0iTQ7qLRrWwvLZ3EiLcwSzM5icYLRkOCNyqwOQQcbj/VP8JP+SVeDP+wLp3/pNHX8 2f8AwU18GeHfBv7Vus/8I5bx2ket2NnqVxFEAqLczKySttHAMhQSN6sxPU1/SZ8JP+SVeDP+wLp3 /pNHW/GEqcsBhJUVaLTsu2i0LzRxdGm4qyOw1fVtN0DSb3XdZuFtLDToJLm4mc4SKGFS7ux9FUEm vwq+IX/BW34ma14tuNE+Avgexm04SPHayalFc3l7dKp4kEFtJCI9w52fvCO59P258ezeDLfwTrs/ xF+y/wDCLx2U7an9tUNbG0CEyiVWBBXbnIwc9K/B/SP22/g38NPH+rx/sYfAZJdZ1dTai+ke4aS5 ijfcBFp8IdkRiA2FdCcLvUEADyeFMFTqqpKVB1GtrtKK9W3/AJnNl1JS5m4cz/A6v4Yf8Fb/AIgW XjG20H48+DtPt9LadYLqfTI7i1urME4aR4LiSbzNvVkBQ46c8H9345I5Y1liYOjgMrA5BB5BB9K/ kE/ar8YfGXx98WZvF/x18NDwp4n1Kzt3+xCzksT9mXckLGKZmlzhSuXJbCgdAK/rQ8AM7+A/Dbyn LtptmWPqTCma6+MspoUIUa1GCi5Xuk7rpsaZphoQUJRVrnXV+HEf/BWvxV4e+KWr+HfHHg6wPhvS bnUrctYGb7bI1ssq2ygySGMeZKqK7FTtUsQOAK/cev5O/gr4N0P4gftz6X4S8S2qX2l3viy8a4t5 BmOVIJpZijjurbMMOhGQax4Qy/DVoYiWJhdRjf8AO9icsoU5qbqK9kfVupf8FcP2h7TV4dTPgXQr PQrzL20E8N6ZZIs9VufPRXI6bliC/wCzX7Ifsw/tE+Gv2nPhZbfEfw/avpsyTPZ39jI4ka1u4grM m8AblKuro2ASrDIByB8uf8FVNA0q/wD2U59SntY2udG1awktZNo3ReYxhcIeoDK2CBwcD0FfLn/B NzxDqHhj9kT47+IdNL/adGW+vYAhwwlh0wuu3HfKDFdmMwWExeW/WsPS9nJSUd79v8zWrSpVKHtI Rs72PRf2m/8AgqWPh745vvhx8DPD9r4ivdJnktLvUb8yNatdI2xo7eGB0eUK2QXLqGPCgjDHzf4Y f8FavGml+LLbw9+0T4Kt9PsXIS4udMiuLe5tt2Nsj2tw8hdccsFZTjlQSAp/NL9lT4mat8JPi9bf EPRPAx+IOqaZbTtb2YErGCWTan2oeVHKcoGKgleC4OQQK98/a4+MXxV/avm8PahqPwWv/DWqaCJ4 /tcFvdzy3EE20iJ90CfKjKWXOcFmxjJz9O+GMJTnHDOgnG2s+ZJ39P6Xkd/9n0otU3DTvfU/Uv8A bX/bd+In7NWqeDb7wFoOk+IfC3jHTnura+uWnJeWNgWCGJ1UoYpYmU9TuPavpGL9pTTpf2Rv+GnB BFkeHW1Q224+V9vWMobbdnO37UPKz1/Gvy98efDfxH8Rf+CV3hbU/EGn3Vv4k+GV1NcCO7ieO4Fl FdzW7JtkAYRrbSxv6YiGOmK+QLT9o7y/2Ab/APZ/N1nUj4piVYs4I0iRTfHA9ryPnt835+FR4aoV 6MI04+9CpyyfdX3+6xyRwEJwSitVKz9D9Lf2QP8AgpB4y/aB+Nun/Crxx4d0vR4NXtbprWayM/mG 5t4/OCHzXZdpjSTtnIFdn+2/+374l/Zj+I2kfDzwRoena3cXGnLf3rXpl/dGaR0iRfKdcHbGWOc8 Fa/E/wABWviT9mr4s/B/4o6+DBBqK6f4jjwCM6bLdSQyKT3LwxsT7OPx901eMftjf8FEJbONvt2i at4hEOVO6NtG0gYZlPQCS3tyR23P3J59Wvwxg44v2/IvYqDb7XT/AMvyOmeX0lV57e6l+J/SJ8K9 e8UeKfhr4Y8T+NbKHTdd1fTra8u7W33COCW4jEhiG8s2U3bTknkGvFf21fivq3wY/Zo8Z+NvDs7W 2siCKysZU+/FPeyrAJVJ6NGrs6+6ivqcAAAAYAr8/P8Agp5o97qn7IXiS4s1Lrpt7ptzKF/55/aU iJx6AyAn061+a5RCFXHUoyXuuS0+ex4GGSlWins2fkJ/wTp/Zk8OftH/ABW1fVviHEb/AMM+EIIr m7ti7Kbu6unYW8cjKQ3lny5HfDAnaF6Ma/oS1/8AZs/Z/wDEvhqTwhqvw80I6VJG0Yih0+CAxBhg mF4kV4m9GRlYdjX5Ef8ABG7xbpFn4h+Jfgi5mSPUtUt9NvraMnDyRWbTxzY9dhnj468k/T95K+i4 3zDELMJQUmlG1rO3RO/3ndm1aftmr6LY/kg+O3gXXP2Ov2pr7SvBd+6SeFb+31PR7kkl/s8gWeBZ CMbiFPlS9A+G4wcV/V14O8TWnjLwfofjGxGy11ywtr+IHtHcxLKufwav5kf+CmXi3SfFf7WviOPS Jo7iPQ7Wy02V4+R58Me6VSe7I7lG9CpHav13+PXxLvP2cf8AgnxolvJK1r4jufDOkeG7ME4kW8ns khlYHqGiiSWQH+8or1uJcNPF4fBOX8Sdl96X/DnTj6bqQpX+Jn45fGTXNU/bU/bal0rw9cF7HX9X h0XTZV+dYdMtW8s3Cj+75ayXDD/aNM/Zi8Z6v+yL+2Ra6T4rl+zW9jqdx4b1on5YzbTS+SZT/wBM 0kWOcHuFGOtcX+xx8e/BX7N3xYk+J/i/w/c+IZbewntrGO2kjjME9wVV5SXB/wCWW9Bj++ayP2tv jR4M/aB+Mt78VPBmhXHh9NWtbZb2C5kSRnu4FMRlUxgABoljB77gxPWvtfqk3N4Fw/cclr6b/nt+ J6vs3f2NvctY/r3r8e/Hv/BRz4leE/2qbj4CWXhfSJtJh8RWujC6kNx9oMU80cbPxIE3AOSPlxX2 X+w58aP+F4/s3eFvEt7P5+s6TH/ZGpknLG7sgqb2P96WIxyn3evwh+NBC/8ABR2/ZuAPHWnk/wDg VDX5pw1ktOWJxFDExu4J/enueDgMJF1JwqK9kf0Z/tB/ErUvg98FvF3xN0e0hvr3w7YtdRQTlhFI 4YAB9hDY57EV+a3wg/4KR/Ez4ifCz4t+PdT8LaRbXXw902yvbSKE3HlzvdTmFll3SE4AGRtIOa+3 /wBuR1j/AGSvicznAOksPxaRAP1NfmD/AMEbAD4t+J4PI+w6Z/6NnqMmwOHeV1sVVp80oyX3Xjdf MWFpQ+ryqSV2n/kfmDoHxq13w/8AHiP4/W9hbS6vHrkuu/ZX3/ZjNNM0xj4bfsBYgfNnHev16/aS +OGvftEf8E1x8U/Emn22l3+oa5DC0Fpv8kC2vHiUr5hZuQvPPWvhb4aKD/wUkt1I4/4WHe8f9v8A LX7A/wDBUsAfsj6qAMD+1NN/9G19fnmJpPG4OCp+83Fp32V9rfqeni6kfa0ly66a/ofkt+yR+2rq f7M/ww17wR4J8KN4m8W+ItXW6gEu77LHCsCp9yI+bJIWX7g2gDndnivqn4Nf8FbfGM/jiy8O/Hjw vptppF3cC3mvdMSe2lsi7bRJLFcSyh0Q/fAZWC5I3EbW6z/gjr4L0D/hGfH3xCktI5NaN5b6ZHcM MvFbLGJnRD/CHdlLY67Vz0FfGP8AwVK0fTtJ/az1Oewt0gbUtL0+6n2KF8yYo0ZdsdWKoMnvilUo YDF5lWwdSj71ruV9b2Wy6bhKFGrXlSlHXuf08qysoZTkHkEdCKWuT8BSvP4F8OTSnc8mm2bMT3Jh Umusr8dnGzaPl2rOwUUUVIgooooAKKKKACvAP2Tv+TWfg3/2Jnh7/wBN0Fe/14B+yd/yaz8G/wDs TPD3/pugoA9/ooooAKKKKAPw2tv+Cf3xB+EHxu8b/FqG8h8RaDr095d82NrLJCLudpzmK4FwCEzg sqg4GeBxW7qsWj6JYS6lqRsoYIRyTpGlZJPAUAWeSSeAByTX7VkAjB5Br55v/wBmj4dan8Q7Px5f wtNFYlpotObH2Rbk/wDLXZ3x2B4B6ccV4eP4Zy/FVPa4ihGUu7V2dVLHVqa5YSaR8T+APgZ8XNa0 F/Heq6DpS6LcKXg0xbC1s9YEBHE8U9tDGElH3gh6j5ec88/d2smnSpFNKJ4JgxguNuwSqvDBlP3J E6SIfunp8pBr9fgAAABgCvmL4z/By41SC88S+CtLt9TvZv3lzpVwxjgu5lHyTKw5jkB4cj76bgeT z4tfIp5dL6zlFPT7VO9lJd430jNd9pLR9GumGKVZcmIfpLt691+R8PRR26W8WqanD58M+TZ2bHH2 sqf9ZJ3W3Q9T1c/KOvMpQao013Z20VtqYDS3VpbIY4blR964tkJYqw/5aR5J/iBPd+oab4lsLxn8 Y2slrrFwiPOsi7cYGAsYHAjXoirwB6nJPMa9rNvodtFdMZDd+YotEt/+Ph7j+ARdfmz+GOvBIOP+ rWMqf7fOrbFdLN8kV/z7t1i/tStzN+8rWSVfXaa/dKP7v8X5379lt0Nq2WXUpUttOKPI6GQuxxFF Ev3pZW/hRe56k4UAkgVn6yl1dwW9l4au2g0+CdZ7gyxru1R1GA02clI1/wCWKKfl6nJJJ7KTwb8Z m0b+0vFvg2LQdNliiuL5rR9xubvLfPKnVY1XB2D5Vcucc5PP9eldeBy7E42rHF5lDlUH7tO90mvt ya0b/lW0Vr8T0zq1oUounRd77v8ARdvPv6bwQXCzoWHDLwynqD6GuOTX9b1XxHbnwXdnT00ebfNq SqHO8cGCINlWyOJCQRj5evT0z4Z+BJ/jd4k1Pw/pDT2ulWUDx3mpxcIJmGFhRv4m/vEdBnBzVW98 KS+CLqTwtNafYTp58sRgYGB0YeobrnvX1eJw1OtTlSqxUotWaeqafRnBCbi1KLs0czpzatbSTf8A CRXv9o3l1K8jXbKEaUseA4HAIHAxxgcelGs6z/ZggtbWB77Ur5xFaWkQzLPKeigenqegpuvarDYx wWSW7319fuIbW0hG6WeVjgBQOmO57V+gPwU/Z40PwPeQ+PfECNeeKLq2iXExDrZZGWjiHQHPVupP 4U6NGFOCp01aKVklskuiCUm3d7nzdpn7K3xubwrZ3Gsa7pt42ZLg6RPp9pOLUS/MYbea4hk288kH jOema8ZvfDyabNPb6hBaW0tsWWVZNH0pShXqGzZ8Yr9lq8L+KvwB8G/Fie3uNYaWzYOn2r7Odn2q FDny5Pyxkc44ORivn63B2VVJupPDQbbu/dWre7OuOZV0rKb+8/ETXf2OPiR+098Q9I+Jnw8MWn6N 4elgRLo2ltZpPJDKJC0Qt0hDAEfeKk/hX9DHh+zvdP0OwsdRl8+6t4I0lkxjc6qAT+JqTRtG0vw9 pdtoui2yWdjZoI4ooxtVVXoAK0693CYSlQpqjRioxWyWyOWpUlNuUndhRRRXQQFFFFAH/9L9/KKK KACiiigAooooAKKKKACiiigAooooAKKKKAP459Y8d638Lv2lNY+IfhxIX1Tw74mvb23W4UvCZYbt 2UOqspK+oDA+9fXGsf8ABUr9rfxbYTaHoiaRpl1dLsWfTdOke5Xdx+7E0s67vQ7CfTnmv6YKK/Qa /GmGrcrrYRScVZXl/wDantTzWnK3NTvbz/4B/O1+w9+xB8UfiR8VbD42/HDSrzTPD2m3Y1UDVEZL zV74P5qExy/OYjJ+8kkcYk+6u7czL+gX/BSD9lXxJ+0L8PtI8UfDy2F74s8GtO0doCFe9s7jb5sa FiAZEKK6AnkblHzMAf0jorxcVxXiamMhi1ZOOy6W7fPqctTMakqqq9tj+YH4Eft7/Hf9lLwrc/B7 UfDtvqNrpkkhtbTWI57e5095GLvHgFGMZcltjAEEnDAHFO+B/wAA/jV+3l8c5fin8SLa4Xwzf3qT 61qxTyIDDEoC2lnu+82xViXZu8tcM56bv6ZtQ0DQtXlin1XTba9lhIMbzQpIyEcjaWBI/CtUAAAA YAr1avGcI89TDYdQqT3le/3K3z9d7nRLNUrypwtJ9T8n/wDgp9+y14p+LXhLQPib8NNMl1TWPCEc trdWFspeabT5CHVoYxy7QuD8ijJVyQDtxXwN8If+Cmfxb+C3wfh+D8nhq01S/wBChez03ULqSSKS 0iXISOe32kSmHO1fmj+UAMDgk/0tVh3Xhnw3f3y6nfaTaXF4nSaSCN5RjjhyCf1rgy/iWnHDRwuL oqpGLutbWMaOPiqap1I8yWx+QP8AwTlvf2yPiT4gm8c/FDxbrR+HNvbyiFNTCyPqdzMu2PyHnjaX yotxkMiMFLqqDcN4Hy18VPi5+3F+yP8AHy31v4keIta8TaFpt5J9lN1NKNF1e0kDKFKxgQiXyzkr t3xOAQMAE/0fgADA4AqGe3guomt7mNZonGGRwGUj3B4NOnxRD6xOrPDxcJK3LZLT1tvrq+vyQ45g udycFZ9D+Wz9p79qiz/a/fQvDfgz4P2fh/xD9sEpurEjUNVvnKMgt1aK2hcxktuKkOSyqRjBz+3X /BPr4F+K/gH+zxaeHfHERtdc1y+n1i5tS25rX7RHFEkLdg4jiUuB0YkdRmvsnTNA0LRN/wDY2nW1 h5hy32eFItxPrsAzWtWebcSRrYaODw9Pkgnfdyf3snE49TpqlCNl63Cv55P+CvfgTxHafGbw18Rv sUraDqOiQ6eLoIxiW7tri4domYDarGORWUE5YbsD5TX9DdV7q0tb63e0vYUuIJRh45FDow9CpyDX nZDnDwOJVdRvurbbmGDxXsZ89rn5A/sXfte+M/j34C8Z/C3xLo9jY2vgvwaqW09qsvmzmCE27NKX dkG4BSFUDnPOOB8Rf8EoR/xlWP8AsBah/wChQ1/SnpukaVo1v9k0eyhsYM58uCNYkz67VAFaFes+ JqUYYinRo8qqpddtN9tb/I6f7QilOMYWUvM/H7/gsT/ySPwGf+o5L/6SvXQ/sN/DTT/jD/wTy1D4 Y6pIYIfEcusWolHPlStLmKXHfZIFbHfGK/WCiuJcQSWBhg4xs4y5ua/r0t59zL661RVJLZ3ufyuf Cj4mfHX/AIJ1fGHWLLxL4XLC+j+y31hd74re+iicmKe1uVUg7STskUOuGYFc9PXLb9q79tf9rP44 Wo+BdxfeGUdIrZLDTpHk02yhDMzXF7JIhiJ5O6RkBICoqk4B/o41HStM1i3Npq1nDewE58ueNZEz 67WBFO0/TNO0m3FppdrFZwL0jhjWNB9FUAV7NbjChUbrTwsXVatdu6+639dzqlmkH7zprm7/APAK nh2w1LS9A03TNZ1F9X1C0toYbi9kRI3upo0CvMyRhUUyMCxVQFGcAYrYoor4WTu7njs/lc/4KO/C 3/hWX7VPiWa1h8rTvFyx67bYHBa7yLj2z9pSU/Qiv0B8Gfs6/a/+CUmp6QbXGsataT+MVwPmMkEg niK+pksoVT/gWB2r9oqK+yxHGVWdChRUbOm4u99+Xbp/mepPNJOEI2+G3zsfyW/sI/Cz/hbf7UXg vRLmHztO0i4/ti9yMr5On/vlDDuryiOM/wC9X9Bn7cn7ON9+0t8D7nwt4dMa+JdGuF1PSvMIRZZ4 kZGgZyQFEqOygk7Q+0twCR9jUVzZvxXVxOKp4qEeVw2V7/otyMTmMqlSNRK1j+Wj4FftVfH/APYX v9b+HGr+Gs2dzOZ5tI1mKa3aG5AEZmgdcHDqoBOGRwAV9Sy10D9oz/gpB8cU8S3dgUswYbWe8iia PTNH09XJ2Izt87Dc7BNxkkYk8DJX+ofU9F0bW41h1mwt7+NDlVuIklAPsHBq/FFFBEsMCLHGgAVV ACgDoAB0FepLjampSr0sOlVatzX/AEt/XmdDzaN3OMLSfU/Kz/gpP4P0f4f/ALEWg+BPDysumeHd Q0ewtg53P5NtBJEhc8ZYhQWPc81n/wDBH0f8WA8XH/qZ5v8A0itK/WeivBefN4CWCcbty5ua/wCl v1OP65+5dJrre5+PH/BYsH/hVXgE/wDUan/9Jmr0b/gn/wCCNM+JX7As3w91p2isfEh1zT5XTG9E uXeMuueNy5yPcV+oNFN5+/qEMFGNnGXNzX9elvPuH1x+xVJLZ3ufyieGta+Pf/BO349XNxeaSsV6 kctpJFdIxsNW093BDxSKRlSyK6sp3Iw2sPvobv7VHx9+Of7WGhaf8VPFHhv+xPAXhy4GnWn2cP8A ZPtt4pd/3smDNKyw87RiNQAQC2W/qg1HS9N1e2Nlq1pDe27EExzxrIhI6ZVgRVmCCC1hS2tY1hij AVEQBVUDoABwBX0C44p+0jiJ4ZOqtOa/T7tPxsdqzePMpun73c/N/wD4JUD/AIxQt/8AsNaj/OOv 0loor4zMsZ9YxE69rczbseXXq883PufzIf8ABVQH/hrG899H07/0F6/oenB/4UrIO/8Awjx/9JK9 Ror08xz36xQoUOS3s+t99vLTbzN6+M54Qhb4T+ZX/glOP+Mr4P8AsCaj/wC06q/tJ/Bz4s/sVftM N8YvA1hL/wAI8mqNqujaj5TTWiidiz2Vyy42kBniKsys8fzKeeP6dKjliinieCdFkjkBVlYAqwPU EHgg17M+NpPFyxHsvdlHlcW73WvW3n2Op5s/aOfLo1Zo/m2+LX/BSL9of4+DQPBnwl0i58Hailws rLoU891fX04QqI12IreVyWMW1skAknbX66fDr4L/ABd+In7I2p/C/wDaX8QS6n4s8YWdyJnkWHdp vmgfZYi0CIJGhZFkctuO8su4qAa+wdM8O+H9Fd5NG0y1sGl5c28KRFvqUAzWxXl5jn1KcIU8JRVN Rd77u/qc9fGRaUacOW33n8rnwo+Jnx1/4J1fGHWLLxL4XLC+j+y31hd74re+iicmKe1uVUg7STsk UOuGYFc9PXLb9q79tf8Aaz+OFqPgXcX3hlHSK2Sw06R5NNsoQzM1xeySIYieTukZASAqKpOAf6ON R0rTNYtzaatZw3sBOfLnjWRM+u1gRTtP0zTtJtxaaXaxWcC9I4Y1jQfRVAFerW4woVG608LF1WrX buvut/Xc6ZZpB+86a5u//APiL9tH9mrxR8eP2Z7fwVp9++t+NfC32XULS4kEUDald20LQzhwoSND cI7sANqiTaOFzX4n/s4/tnfGT9jOPXvhnc+HY7+zku2ml0vVFltp7K9CiOQqQAy7gqh0YEZUFdpL Fv6mqzLzRNG1G6gvtQsLe5ubU5hlliR3jP8AsMwJX8K8/KuJY0cPLC4mkqkG72vazMMNj1GDp1I3 R/H/APtG618YvG/j/wD4Wp8adNl0vVfG9umo2kckZgX7CrNbw+TE5LpEBEQm7lgN+W3bj/Wl8JRj 4VeDAf8AoC6d/wCk0deg0Vnn3EaxtKnSVPlUL7PS3TS2lhYzHe1jGPLax88ftY/DrxD8WP2dPHfg DwmN+sapp5+yx7gvmywSJOIgTwDJ5eznA+bkgc1/Ol+yd+1Frv7FXjfxUuu+B/7XudUhis7u0upG 06+tJbZ2YKHeGVkBLHzIynzEIcjbz/VpWXc6Hot5exand6fbz3kH+rmeJGkT/dcjI/A0ZNxDDD4e pha9LnhLW17fj8kGFxqhCVOcbp/I/ki/ar8Z/GD4tePbf41fFbw7N4dg8X24OjQvG0cX2C1wiiIu A7qC24uQN5YsPlIA/qd+BninTvG3wZ8D+LNJfzLbU9GsZl9VYwKHU+6sCp9wa9UoozviKOMo06Ma XJybWd1bta3prcMXjlVhGKjawV/LV+y4D/w8N0MY5HijVf5XNf1K0Vz5Nnn1SnWp8l/aK29rb+Tv v5GeFxfsoyVr3Vj88P8AgqN/yaJrn/YR0z/0oFfOn/BJDRrDxF8DvidoGqx+bY6nqYtZ0zjdFNZh HGe2VY1+zVFFHPXDL5YFR3le9/Tpby7jjjLUXRt1vc/lfuNG+OP/AATk/aL/AOEjj0prmztZJ7e1 uZ43+waxpsx+75qYAcqFYqDujkUZBAw3qHjz9u79q79p74haBonwKsb/AMK3FsGSHTdDnkuHuJJm UNLdyFERkTAwXRUjBYk8k1/SPd2dpf272l/AlzBJw0cih0b6q2Qaq6XomjaJEYNFsLewjbkrbxJE pPuEAFe7LjGjUarV8MpVUrXvp91v67o63mkZWlOmnLv/AMA8o8E/D/xXqPwItfhx8btX/wCEn1zV dJmstbu9kaCV7xGWZFESIhWNX8tW2gsFDN8xNfyO6l8M/Eum/Fa4+D0kW7XoNZbQ9mCA10Lj7MMD 0Z+nsa/tMorz8g4rngZVXyX59bbJPXy89tDHB5i6Lk7XufiF/wAFWvgrp3hr4QfCvxL4eg22ngzH hskDn7K9uptt2OgQ27Ae7+4rjv8Agj58LPt/ivxp8ZL6HMWk28ej2TEZBmuiJrgr6MkaRj6SGv3u opR4rqLLngHHf7V+jd2rW/UFmMvYOjb5hXK+OPBugfETwdrXgTxTB9p0nXrSazuUHBMcylSVPOGG cq3YgEciuqor5aE3FqUXqjzk7ao/lQ+Lf7PP7Rn7D/xPTxj4ba9isdMnaTS/Emnxlrd4myAs+Ayx uyZWSGUbW+YDenJ9K1//AIKr/tT694ak8OWo0TSbmeMxHUbKylF6N3G5PMnkiVvQiLjqMGv6ZGVW UqwyDwQehFc9beEPCdldjULPRLGC6B3CWO2iWTPruCg5r7z/AFzo1YxeMwynNddv0f8Al5Hsf2pG SXtaabXU/nT/AGLf2GfiR8a/iDYfFT4xabdaf4MtboahO+pK63OtTb/MCKsvztFI/MsrcMpIUliS vT/8Fa/jGfFXxf0b4P6bNmw8E2onulB4N/qCrJgjofLgEe09i7iv6J6K5lxlOWNji61O6imoxTsl frs7/wBdjP8AtRuqqso3tsj8x/2YP2AvgNH8BvB158V/BNtrPivU7JL++nuHnWRWuyZkhKpIoBij ZYyMdVJrM/az/YF+BqfADxbrHwh8GW+i+KdEtjqVtLbvM7yJaHzJ4dryMG3whwoxndt+lfqXRXkL iTGLEe39o972u7b3tbsc316rz8/M9+5/O3/wSU+MzeFfi5rPwc1ObFh41tjcWak8LqFgrPgdh5kH mbj3MaCvLv8Agod8MPH3wi/ao1b4pW9nNDpHiC8ttW0rUlj3Qi5jSMyRlsFRJHMhOw8ldrYwa/p1 qteWVnqNs9nqEEdzbyDDxyqHRh7q2Qa9mHGKjj5YyNKykrSV9/O9vJdDqWaWrOqo7qzR/OR8Vv21 f2iv2wfhLrnw78MeC4NM0bSrB9U8S31m0jq1rp6m4fc8uEgjZkDCPLO5AVWIJB9V/wCCNn/I2/E4 /wDTjpn/AKNnr93NO0vTNHthZaRaQ2VupyI4I1iQE99qgCr9ZYrimk8JUwdCgoRl5+aeumu3yJqZ jF05UoQsn5n8nvxrl8b/ALNX7a/iDxpc6XtvtJ8U3Ou6el0jrBd2s109xCwI2lkdG2kqeGyM5Br9 AP2g/j74g/aT/wCCcGofEvxNp1tpl+/iSC0eG0EghCQTjYQZGZidrDcc4JzgDpX7X6nomja3GkOs 2Fvfxxncq3ESShW9QHBwavQww20SW9vGsUUYCqiAKqgdAAOAK1xHF1Or7CcqPv02tb7pdNtL/OxU 8zUuRuGsbdT8hf8AgjsP+LP+Oj/1HY//AEljr4Z/4Kuf8nWP/wBgPT/5y1/TLRXNheKvZ5jPH+zv zdL+nW3l2Ip5jy13W5d+hx/w9GPAPhoH/oGWf/olK7Ciivk5yu2zzW7u4UUUVIgooooAKKKKACvA P2Tv+TWfg3/2Jnh7/wBN0Fe/14B+yd/yaz8G/wDsTPD3/pugoA9/ooooAKKKKACiviD9q39stf2Y df0LQ28If8JJ/bVrJc+Z9v8AsfleW+zbt+zzbs9c5H0r6N+C3xKHxg+GGgfEgad/ZP8AbkHnfZfO 8/yvmK48zZHu6ddorqqYKrGmq0l7r2EpK9j1KiiiuUZ5r8S/hrpPxE0c21yBDfwAm2uAPmRvQ+qn uK8I+DP7MZ8JeJpvHvxEuIdX1qJilhFGCbezi7FQwGXPc4rxT4+/8FEV+Bvxa134WnwAdaOiG2H2 v+1fs3m/aLeO4/1X2WTbt8zb985xnjOBe/Z5/wCCga/Hr4n2Pw3HgM6H9timk+1HVPtO3yl3Y8v7 LHnP+8K9N5PifZ+15fdtfdbfeR7RXsfo3JFHNG0Mqh0cEMpGQQeoIr4q+Jv7K+peJtcji8G6pHo+ iX0mb0HPnRRk/OkGOPm98Y7V9sUV5hZyHgbwN4b+HXhq08K+FrRbSxs1CgAcs3dmPdj3Jrkvir8K 9O+ImmGSLbb6vbKfInx1/wBh8dVP6dq8X/az/ayH7LkfhaQ+Fv8AhJh4lN6P+P77H5P2Pyf+mE2/ d53+zjHfPHxt/wAPak/6JWf/AAd//cNenh8nxNWCqU43T81/mQ6iWjPt74Ffs3R/D7VLjxx44ni1 fxVOSkToCYbOHskIbue7YzX1fXhv7OvxoHx++Fth8Sxo/wDYQvpriL7L9o+1bfIkMefM8uLOcZxt GPevcq4KtKUJOEt0WmFFFflT8TP+Cm6/Dn4ieJvAJ+G51A+HdRutP+0/2x5XnfZpWj37Psbbd23O 3ccdMnrW+EwNWu2qSvb0/UmUktz9VqK+B/2X/wBuJP2kfHF34LHgs+HTa2jXXnnUfte7aQNuz7PF jr13fhX3xUYnC1KM+SorMaknqgooornGFFFFAH//0/38ooooAKKKKACiiigAooooAKKKKACiiigA ooooAKK/Gz/gqB+0L8aPgt4y8Dab8LfFV14dttSsLua5S3WMiV0lVVJ3ox4BxX1TpPjj4ueI/wBg C08e+Gru+1T4h33hZLq3ntYfPvZr1h96OJEbc57AKfpXvSyCosPRxDkrVHZeXqdjwUlCM76SPuqi vyu/4J4eLf2tvEviXxlH+0nD4iisYLS0On/25p0lihlaR/M8oyQxbjtAyBnAxX6o1w5pl7wtZ0XJ St1WxjiKPs5uDdwooorzzEKKKKACiuM+I3jjS/hn4B8Q/EPW4ZrjT/DdhcahPHbhWmeO2jMjKgYq pYgYGSBnqa/Pn9jH9tnxr+1Z8avF+k3mlW2g+FdI0pbixso/31x5huETzJ5yBuYqT8qqqj0JG4+j hsqrVaNTEQXuw3ZvTw85Rc1sj9OaKK4z4jeONL+GfgHxD8Q9bhmuNP8ADdhcahPHbhWmeO2jMjKg YqpYgYGSBnqa4IQcpKMd2YpNuyOzor8xv2Mf22fGv7Vnxq8X6TeaVbaD4V0jSluLGyj/AH1x5huE TzJ5yBuYqT8qqqj0JG4/pzXbmOXVcLV9jWVpaP7zWvQlTlyy3CiiiuAxCiiigAor8t/+Cmv7UXi7 4G+FfCvg34Yay+jeKPEFzJdzXEIRpIbC2G3bhwwHnSuMHHSNhXzB/wAE8f21/it4z+On/CtfjP4p n16y8T2kkenNciNfJvrceaoBRV4ljEi4PVtgFfTYfhXEVME8dFrlV3brZbs74ZdOVL2y2P3noor8 mf8AgoV+3b4s+A+t2vwh+EBht/E1xapd3+pTRrN9ijlJEUcMbgoZWC7mZ1ZVUrhSWyvlZXldXGVl QorV/cvNnPh8PKrLkgfrNRX8y2mXn/BUXxJoqfEfSrrxvcadNH9ojZJZEEsbDcHjs8qXVhyu2Igj G3IIr6G/Yn/4KM/EzVPiVo3we+PV0ut2fiC4WwstTaFYr23vZnCQxzeWFWSN3OzJTerMCWKggfRY rgqvClKpSqRny7pPVHdUyqai5RknbsfvHRRRXxh5QUUUUAFFFFABRRXy1+1v+07pf7K3w0g8c3uj Ta9d6leLp9lbRyLDGbh4pJQ00hyVjCxnO1WJOBgZJHRhcLUrVI0qSvJ7F06bnJRjuz6lor44/Ya+ OnjX9on4L3PxI8eC2j1CbWL23jitI/KhhgiEZSNQSzHbuPzMxJ7mvy2+NP7V/wC0R4d/bf1D4b6J 43vbTwzD4osLJLFFi8oW8kkIePlC2CGOec817WC4ar1sRVwyaUoJt/I66WAnKcoX1R/QhRRRXzpw hRRRQAUUUUAFFFcZ8RvHGl/DPwD4h+IetwzXGn+G7C41CeO3CtM8dtGZGVAxVSxAwMkDPU1UIOUl GO7Gk27I7OivzG/Yx/bZ8a/tWfGrxfpN5pVtoPhXSNKW4sbKP99ceYbhE8yecgbmKk/Kqqo9CRuO J/wUO8Xftc+G/FXg6H9m2DxFLp81lctfnQ9NkvkEwkUJ5rRwy7TtzgEjjNe5Hh6ssWsHVajK19Xo tLnYsDP2nspOzP1UorxX9nK+8dal8C/BF/8AE1btPFVxpkD6kL6IwXQuSPn82NlUo3qCox6V7VXj V6XJOUL3s7HJONm0FFFFZEhRRRQAUV+Sf7WX/BRHxD8M/i+fgJ8L9ESHVbK9srfUdWvgJFUXIil2 2sAOCdkgBkkPByBGeGr7/wD2kL/x5pfwJ8bah8L1u38VwabK2mixhNxdG4GNvlRBXLN1wApPtXrV clr01RdXRVNvTTV/edMsLOPLzac2x7bRX5Xf8E8PFv7W3iXxL4yj/aTh8RRWMFpaHT/7c06SxQyt I/meUZIYtx2gZAzgYr9UaxzTL3hazouSlbqtiMRR9nNwbuFFFFeeYhRRRQAUUUUAFFFFABRRRQAU UUUAFFFfLX7W/wC07pf7K3w0g8c3ujTa9d6leLp9lbRyLDGbh4pJQ00hyVjCxnO1WJOBgZJHRhcL UrVI0qSvJ7F06bnJRjuz6lor44/Ya+OnjX9on4L3PxI8eC2j1CbWL23jitI/KhhgiEZSNQSzHbuP zMxJ7mvy2+NP7V/7RHh39t/UPhvonje9tPDMPiiwsksUWLyhbySQh4+ULYIY55zzXtYLhqvWxFXD JpSgm38jrpYCcpyhfVH9CFFFFfOnCFFFFABRRRQAUV8a/t8/EPxp8LP2YvEnjP4f6rLout2lxp6R XUIUuiy3caOBvDD5lJHSvA/+CYHxr+Kfxp8GeOdR+KXiK48RXOmX9pFbPcBAY0eJmZRsVepGea9i nktSWCljk1yxdrden+Z1RwknSda+iP1Gor8D/wBpr/gov8ZfGfxTuPhB+y3us7S3vf7PgvLW2W61 HVLlW2MIVkV1SIvkJtTewG4sAdo8z8X/ABB/4Kh/s26Zb/EP4iX+qw6I80Zke9ex1S1BcgCOdYmm aBXOFGTHycKQ1ezQ4KxEoxdSpGMpbRb1fyOqGVTaV5JN7J7n9HlFfHn7GH7V2n/tV/Di51y5sk0r xPoMqW2rWcW4wq0oLRTQliT5coVsKxLKyspJADN9h18vjMJUoVZUaqtJbnn1aUoScZboKKKK5jMK KKKACvAP2Tv+TWfg3/2Jnh7/ANN0Fe/14B+yd/yaz8G/+xM8Pf8ApugoA9/ooooAKKKKAPw//wCC rv8AyP8A4E/7Blz/AOjhX6OfsWf8mweAP+vH/wBqNWT+0j+x/wCD/wBpXWtH1vxNrd9pUmjW8lvG toIirrI+8lvMVjnPpXu3wn+HOnfCT4e6L8O9Iupb200SHyY5pwokcbi2W2gDPPYV7mKx1OeDp0Yv 3lv+JnGL5mz0SiiivDND+aj9vcM37XXjhUxuL6YBnpn+z7brmvrr/gnxoes6V8U72fxlPpEry6fi wEH2Mzh8gtt8lQ4+Xrz9a+pvjP8A8E//AId/Gv4l6x8Tdd8RanY3us+R5kNuIfKXyII4Bt3KTysY Jyepq58EP2C/h98DPiDZ/EPQPEGpX95ZxyxrFciHyyJRtOdig8V9hWzehLCKjza8qW3Wxgqb5rn3 XRRRXx5uefePvhf8PviTBbf8J5oFrrn9miU232lN/lGULv2+m7YufoK/mf8A2YPD+j+Jf2hvA/h3 xFZx32nXupxxT28o3JIhzlWHpX9T7LvUqe4xXwB8Ov8Agnl8Mfht8RNH+JGla/qdxfaNdi7jil8r yncZ4bCg457V9BlGZxo0qkJt6rT8TKpC7R9u+E/B/hjwLosXhzwfpsOk6ZCzulvAu2NWkO5iB7k5 NdJRRXgSk27s1Cv5V/2kEmk/aT+I0duN0reJtSCAgEFjdPjrx1r+qivzp8a/8E4fhv43+Ies/Ea+ 8U6tb3mtalNqUkMaweWkk8plKrlCdoJwMnOK93IcfTw85SqPdGVWDexS/Ym+Gnx98HeMfEGo/GfR LLT7WSxRLOSCysLZ/NMg3DdaxRsRt7E4r9I6KK8rF4p1pupJJehpFW0CiiiuYYUUUUAf/9T9/KKK KACiiigAooooAKKKKACiiigAr5y/aq/aC0r9mj4Oap8SLyFLzUN6WWl2jkhbm/nDGNGIwdiqrSPg g7EIByRX0bX5Bf8ABYiLUj8HfA08R/4l6a86zD/ps1rIYv8Ax0SV7HD+DhiMbSo1Nm9fz/E6sFSU 6sYy2PhfwR4n/wCCiH7Zepaz4k8AeJ9XSwsJv3xsdS/sXT4JSNyQRBJIgzKuDj5mAwztkgn0T9lj 9t34/wDwl+OVr8Fv2g9Tvdc0u51L+x72PVH8++027eQRCVbj5pJEV8b1LspTLJzjP3j/AMEodQ0e 6/ZZNnp7J9rs9cv1vFUjcJXEboWHXmMoAfb2r3vXP2pP2S/h/wDFfWfA+v8AiHTdD8bQSwx3zPZS o8kksSMga7SExu2xlBBkyPunGMV9pmObRdavgVhFKMdFyqzVut0n+R6tfErmnR9ndLtv6n5d/wDB Y/8A5KB8OP8AsF3v/o9K+1NC8Sa94P8A+CYNj4n8L38umatp3g2OW2uoG2SxSADDIw5BHrXxX/wW P/5KB8OP+wXe/wDo9K+uZ/8AlFIP+xJT+QpVYp5ZgE/5/wBWEl/s9H1PHf8Aglf8bfi58V/F/j6z +JXi3UfEsGn2NlJbpfXDTLE7yyBioY8EgAGvK/2vv26PjR49+M8/wE/Zqvp9OtLK/GlpcaZxf6nq AbynVJescSyZVdhG7BdmKkBX/wDBG7/kePiV/wBg6w/9HS1+dHwf074t6p+0bp2m/DbVIdI+INxq V4lrdzukaJeFZfMG6RXUFxuVcqcsQBzzXtU8qw7zPE1ZRj7kYtJ/Ddrd/cdSw8PrFSTS0S9Nj628 Z+JP+Cif7F93ofjL4geJtTu9L1CfCrf6kdasJZsF3tpw8jlGZQT8pUnBKPlSR+qXiX9pef4sfsE+ Jvjv4Bu30HXE0iYSi2kIlsNRgZUmRH6jBO5DwSjKe9fnz8a/2ef+Cg/jPwhFoHx1+IOhP4enu4jG mp6pZ2kL3aqxjCuYY8vt3YUNkjPHFex+Cfgj8QvgL/wTu+NXhHx7NYXAvzc6jZyaddLdxGOWG2ib 51AA+aLOB65rzcxhha1OjUnKDqqaXubNXMK6pzUJNrmutuqPiH4H/tPftz/E+41T4P8Awv8AEepe JPEHiXyZRdXE6vcWNtaCTzjFNcMI7dJPMXfIcNlUVDuIBzvGHxa/bp/ZB+J1vpfj/wAZaydT2per b6jqMmrafewMSucSSSIysVZWxtdSOqkA19Of8Eb7SF/H/wAR79lBmh0yyiVu4WSd2YfiUX8qP+Cy ESDx98N5wPnfTL5SfZZkI/ma9j61R/tZ5eqMeRrXTVvlv91tDp9pH6z7HkVn5eR9E/tueJPjX8a/ 2TPBnxR+DS3Vl4e1XSLjVPFMFvdxW6Jp81ojyRSrJIjTIp8xdqBicdORX49fsveGf2nvE/ijV7b9 l2a+h1uGzD3xsb+Cwc2vmKBueeWJWG/HAJPfFfuZ4e/5RYy/9k/vf/SaSvhX/gjsR/wuHx0P+oCn /pVHXnZVjvq+X4pQhFqnJpXW+vXuY4atyUKlkvdf9XP3/wBFS+i0awj1Mk3iW8QnJIYmUIN+SOD8 2ea/Of8A4KcaJ8dNW+Dltc/CSS6TQbCLUZvFAt7uK2RtNEAyJUkkRpUwH+RAxPp0r9K6+ef2tv8A k1/4rf8AYs6r/wCkz1+dZLiXTxlOoknr1210/wCGPDwtTlqxlbqfzI/sveGf2nvE/ijV7b9l2a+h 1uGzD3xsb+Cwc2vmKBueeWJWG/HAJPfFfuB+3R+2f4g/Zk8GeHvA3hARS/EXxBZLNJPcBZksIFHl tcFDlZJHlDCMHKZVmYEAK3xD/wAEdiP+Fw+Oh/1AU/8ASqOvJv8AgqvBqMP7V9xJe7vJn0XTnts9 PKAkU7fbzFf8c1+o46jTxmcxw1aK5YK/m9Fo+6R9DWjGrilTmtEr+ovhHQ/+Cmfxi8NP8aPCeueL L7S28yaCSPWTZi4VM7za2XnxeYnGAI4trH5V3EYr6k/YT/4KD+Pdb+IGn/Ar9oG7F/JqsptNO1W4 TyryO+LYjtbrAAcSNlEYqHEhCsWDZT9dfghe+HdQ+DXga78JNG2jPomn/ZPJxsES26BVAHA24wR2 IIPNfzOfFmay1v8A4KA6k/w2eMm68c2y2bw4MZvDeRqzrt4INxuOR1657152BxNLNPrGGrUYxUU2 mlZq3f8ApddDno1I4jnpyglbbyP6tKKK+U/21vjL/wAKN/Zw8WeLbSfyNXvof7L0wg4f7ZfAxq6f 7USb5v8AgFfmWEw0q1WNKG8ml954FKm5yUV1PwJ/aW8Vat+19+2pcaD4Xm8+1vtUt/DekOPnRLWC TyjMP+mbOZLg+isazf2sfhdefsg/tVA+AQ9jY2Utjr+guxLbUDBtpPcJcRyJjPKgeteCfBHxx8SP hV46sfid8MtO+2axo/mpDI9m15FE08TRMSoBAbY5weozXof7RPxx+PH7Q0mk638XdKCt4djmjhuI dNa0xHcMhKyPjBAZRtz0JOOtfv8ATwlWlWp0advYxjytX1v6fL8WfaRpSjOMV8KVj+rH4YeP9H+K nw78OfEbQDmx8RWMF5GucmMyqC0bH+9G2Ub3Br8Hv+Cr/wAC/F+kfFqH452FjJd+GdftLa2urmMM 62t5ar5QWbAwiyRhNhJwzBh1HP0t/wAEi/jR/wAJB8PPEPwQ1Wfdd+Fp/wC0dPVjybG8b96ij0in yx95hXVfHP8A4KX+H/hZ8Xdb+CPir4aSX1npt6ljf3VxfoI3tJgrGYW32aTerQuHCFhuBwSK/Nsr weLwOa1IYanz8t9LpXi7W3+XzPBw9KpRxElTV7fkfJXwd/4K5fEHwppdh4f+K3hO28Uw2kaQ/brK Y2V2yIMB5IyskUj4/uiIH+f0X8CdN/4JyftPfFCbxj4e0i80v4i3t++snT9RvLqyma7En2h5bdYJ /Ikw4L7I2JABJQDNfTXjn/gn7+yF8YbFPEGneGotFbU4lnhv/D0/2SN45V3JJHEu+1IYEEHyjke1 fzzfG3wTJ+zB+0drHhTwH4iOpT+CtQt5rHUY8LIkqpHcKr7CV8yFm8uQDjcp4HQe3l1LAY91I4Hm o1La2bS+dna1/Q66EaNa6o3jI/sFryD49fEjV/hJ8I/Enj/w9odx4k1bTLfNnYW0Ms7zXEjCOPcs QL+WrNukIxhAeRXqOl3Ut9plpezxGGW4hjkaM9UZ1BKn6E4rwX9qT9oDTP2afg/qXxNvrE6pcxyR WljaBtgnu587Fd8HaihWdiBnCkDkivzHA0ZTrwpqPM21p38rngUYNzStc/CzwOf+Cjv7W+ra3rfh vxVrllBpkwjucak+hWUMzDcsKQRNECwXGcIxGQXOSCdD4BftX/tR/An9o/S/hF8YvEOoa3ZvrMGj 6vp+r3J1B4ftEqxebDcOzuCm8Ou1yjr2III7X4beP/8Ago5+2+NU1PwH4vj8MeHLO4+zTXFtIuk2 kEzKHMSSQI945VGBPzPtBGSMjPxJrfgTxJ8N/wBrSx8B+MNbXxFreleI9MivNQWSSUTzNLC7HfL8 7FS20luciv2ilQp1XVw1eNPSPwxV3H1dl+SPqowUuanNR22XQ/aD/gqd8WfiX8KPAvgW++G3iW+8 N3GoaldR3EljM0LSokIKqxXkgE5xXvP/AAT38ceL/iL+y54d8VeOtXudd1i5utRSS7u5DLM6x3Ui ICx5IVQAPavkT/gscp/4V18OmxwNVuxn6wLX0X/wS/njm/ZA8ORowLQX2powHYm6dsH8GBr4XFUI f2DSqKK5ufe2v2up49SC+pxlbW/+Z+b3xi/aR+PWj/t233gLSvHmr2nhyPxbYWa2Ed0624t3mhVo ggONpBII75ra/wCCr+ifHSLx6mv61JdH4VTy2UOmI13E1sNSFq5lK2wkMivgSZdkAPIB5Gfmr4xa ja6p/wAFEtSu7KRZYh47s4tykEbobuKNhkejKRX6df8ABYP/AJIJ4Q/7GaL/ANIrqvqY8tDGYFQg vejZ6eS19T0FaFWjZbo+Rv8Agmz4W/asuvFnhTxJ4Wnv1+DcGqXY1NE1CCO0MwtyH3WjSiVjvMfK xnnB7Ej5f/bB1+78K/tueOPFGnokt1o/iCC8iSUExtJbiKRQwUglSVGcEHHcV+yv/BKEg/sq/TXt Q/8AQYa/I79o+0gv/wDgoXrdjdIJIbjxdp8bqRkMryQAgj3BrXLMb7TNsTzRSUYtadbPr5l0KvNi al1sv1PV/jCv/BS+z8GH9ovxxr2t6FoTGO7Nvp+p/YxZQ3JAiL2NvICifOFIdS6/8tMHJr9Bf+Cb n7WfjD45eC/FHhn4sXy3mseClt5hqUgWN7ixnEnM5GFLxGM7nwNysucsGY/Uf7asayfso/FFXGQN EuD+K4I/UV+Kf/BOX+0j4O/aKXRzi/Pgq5+z/wDXbyrjy/8Ax7FeLCrTzDK6s504xcZJKytZXX+Z yKUa+Hk3FJp6W+RsfFf9sz9pv9qz41f8Kv8A2ab+90XR5ria30uDS5TZ3V1DHkm7urklWjBRS+Ny Ki8HLfMcTVPjV+3h+wz480a1+LOsXmvabfI0kdpqt82qWV9AhAlWK4ZnkjkjJHQqykqSrIcN8x/s g6J8ePEPxZk0z9nPW4NB8XPp1wwmnkji8y2V4zLGhljkBY/K2AM7VJzgGvsX45/sxftz/EVND0f4 +ePfD1yI5Jn0yHUtXtLRmkIQS+SPKjLkDZuAzjI9a+kr4fCYerHCSVNU7ap/G99f68zvnClCSpvl 5bfM/WP43fGUeI/2LPEnxt+FuqTWDX/h/wDtCwuoW2T27vtBXcPuyRtuRsdGBFfh/wDA/wDae/bn +J9xqnwf+F/iPUvEniDxL5MouridXuLG2tBJ5ximuGEduknmLvkOGyqKh3EA/pjc/DTxp8Hv+CYP in4c+PGtZNS0jStS2tZzi4haG4vHuIyJAADxJj2r5Z/4I32kL+P/AIj37KDNDpllErdwsk7sw/Eo v5V85lcMPh8Di6sYKahP3bq/a3+Zw4dQhRqSSTs9D5j8YfFr9un9kH4nW+l+P/GWsnU9qXq2+o6j Jq2n3sDErnEkkiMrFWVsbXUjqpANfpL+254k+Nfxr/ZM8GfFH4NLdWXh7VdIuNU8UwW93FbomnzW iPJFKskiNMinzF2oGJx05FfO3/BZCJB4++G84Hzvpl8pPssyEfzNfaHh7/lFjL/2T+9/9JpK3xeJ hKjgswVOKm5WemnVf8FdiqlRONKtyq7Z+Gf7L3hn9p7xP4o1e2/Zdmvodbhsw98bG/gsHNr5igbn nliVhvxwCT3xX6d/8FNPjX8a/hHrnw00vwT4v1Lw5JeaPM98llcGIS3CPGpZyhwxHPP5V5N/wR2I /wCFw+Oh/wBQFP8A0qjrZ/4LH/8AJQPhx/2C73/0eleli6yrZ5Tw84JqKfTV3j1726HRVmpYtQaV l/kfpX8MvjpH4C/Yh8OfHb4n38+qS2Ph6C9u5pX3T3dzJhIk3nPzzSsqAnjLAnivxp0r42/t5/tt +PdUsPhdreoabb26CWWz0e8Ok2FjbsSEEkwdGcsQcb3Z3wcDaMD68+OUWpSf8ElvBz2BxBFZaE11 7w/aFUf+RTHU3/BG7UNHPg74k6XGyDVUv7CaRcjebdopFjOOpAcP9CfevEwlKlhcJisfGmpTU2ld XSV10+f5HJTjGnTqVlFN3sfJHgj9rr9rP9kT4z/8IH8dNU1HxDY2M8Sappmq3P8AaEht5VDLNa3T NI4Oxg6bX2MflcZzt+9f+CiP7Vfxi+HGmaD4V+BVrfWdrrdkuo3niKCykkjWCYlYoIJnjMaOwBd2 HzqCm0qSa+wPih+0f+y58IPibb+H/ihrVhovjCeyiuI55rGWWQWzvIsYa6ihcJ8ysQrOMA5xg5Pw 9+3L/wAFE9f+FWtWHw5+A5tn1C7sLbUbjWpoxcIkN7H5tultE/yFmjZZC7hlwwAXOSMcPOWNxdCr HBq9ru+kZee3T57oiDdWpCSpf5Pz2PiXxR8Mv+Ck3gv4aS/HLxF4w8TWmk21vHeTqfEk5u4bZ8ES SW4nJCjcNyfeUZ3KADj7o/YH/ai+Mf7QXwr+JXgPxRfNq3jDw1pxk0jUR5cNzMbuKZI0kb5E3xSo m2Q4zu+Y8ZPyl8V/gP8At+eMPgx4h+LHx9+ITaf4e0/Tn1CbRri/dHnXaGSNrO0RbVWbIG1yCpOC ucgdb/wRvX/ivviQ3ppliPzmevYzWNOtltWrLklKDVnBaLVaX6nViFGVCUnZtdj8y/ivo3xm0r4z ajovxYkuX+Isd1bLdNcXUdxcfaHjjMGbiN3QnYY8EPgDAyMV+43gwftdfCj9i74x678edV1Oy8ZW aTXGk3U+ow3lzDAIYgGjlt5ZQnz7sAkHOTjvX5mftqnH7fnikntrGj/+ktpX76/tsf8AJqHxQ/7A s/8AMVPEOYOcMFBwjafK3pt8Oi7LUWOrXVJNLW36HwB/wSv+Nvxc+K/i/wAfWfxK8W6j4lg0+xsp LdL64aZYneWQMVDHgkAA1x37df8AwUE+I2mfEfUfgZ8AL1tKXR5vsWo6nbxiS9uL7O2S2tiQ3lrG x2FlHmGQEKQo+bn/APgjd/yPHxK/7B1h/wCjpa+NvgtLp2i/t7aK/wAQGSNbXxrOly1xgKt2LqRY 2fd0xPtOT0PNaf2Xh3mmJqyppqnFNRtpe3b5fiV9Xh9YqSa+FbfI9S8T6L/wU0+CXhQfGDxPrniu y0jEcs8k+sf2gbdXxsa5tGmmMa8gHzIwFPyttJxX6rfsDftp3H7Tmh6l4S8dx29p468PRrNL9nXZ Hf2ZKp9pVOdjo5CyqPlBZSuA21fsH45Xvh3Tvgx46vPFzRro0eiah9r83Gxomt3BXngls4A7kgDm v58f+CUEGrTftVGTTji3g0HUHvPeAvCqj/v80ZryPbU8zy6vWq0oxlT1TirfL+u6OXmjiKE5Sik1 2NX9pr9rr9oH4W/te+LLfw/4y1FtD8Oa5FJFpD3MgsZIYRG5t3jUj90+CrAYyCaqfFyD/gpXpngw ftF+PfEPiDRdElMVwY7LVPsgs4rggRM9hayKIkO8KQybhnEgBrzb9oq0h1D/AIKF63YXKh4bnxhY ROp5BV5YFIP1Br9/v21okm/ZQ+KKSDIGiXDfiuGH6ivUxeNp4T6nGFGLc1G7a1tpt9501asafsko rW1/wPl7/gmh+1T47+PfhfxJ4L+J13/amueEvsskGoMoWW5tLneoE23AaSNo8b8AsGGcsCx/UOvw H/4I3/8AI/fEj/sGWP8A6Oev34r4jjDCU6OYVIUlZaO3qkeTmlOMa0lFH4Z/8FRPjz8ZvhX8ZvC+ h/DjxlqfhzT7rQI7mWCxuGhR5jd3CF2C9TtVRn0FfP8Armv/APBRr47/AAtuPj7Y6zquleCtFtGk jXTNROmmW3sV2zTrDFKs1wVKMzySbiTu2cDaOm/4LB/8l78If9izF/6W3VfrP8PLO3t/2DPD9tEg WN/hxbswA4Jk0gMx/Ekk19asXTwmX4SrGlFyk7Xa6dfmekqqpUKclFNs/Ej4SftvftoeLtAi/Z/8 B6rN4k8TeIblItP1KfbNqsMW1jLGLiY7cEDcZpiWjUMdwGCmD49+JX7dX7IfxOsLX4geN9ZGqzRR 38cN5qkmq6fdwMxUhkkkkjYbkZGGFdf4SMqx7r/gk3aQXP7U080qhmtfD1/JGSPusZbePI/4C5H4 169/wWPRR8Q/hzIB8zaVeAn2E64/ma9ydShDNFgI0Y8sld6at2f4aHW5QWI9ioKzWp+rHiD9qDw3 4W/ZWtP2mtatvLgvdFtNQisQ3L3t5GvlWqtjP+ubYWxwoLYwK/Ebwn8RP+CgP7bnizW9S+G/iXUd Os9NZJZotN1B9G02z358mFWR1Z2O0kbi78bmPevoj9pgaif+CV/wj+xHEIl0b7V/1x+z3OP/ACJs r5j/AGL/AAZ+2p4p8Da7N+zD4stdE0aDUdt9byTwRym5aFCJCskMjbWTAByBlW44NeNk2XUcPha2 IjyqXO4pz2ST/r8DlwtCEKc5q17212Pbv2b/ANtj9oD4H/HSL4E/tR30+oafPfR6feSaowkvNMnm AEUy3Kk+ZAxZCxZmGw70Yc7qf/BV/RPjpF49TX9akuj8Kp5bKHTEa7ia2GpC1cylbYSGRXwJMuyA HkA8jPmvxD/Yt/az+KXxJu734h+MPDOr+NwkCXEcutW0d6qqi+TugjRWX5NpX5RkYNfcf/BXL7af 2dPAx1IKt3/wkNv5wU5USfYbndg+mc4reM8NDMsNUw/K5TTUrbJ6O67X79i06ar05Qtd72/NHyl/ wTZ8LftWXXizwp4k8LT36/BuDVLsamiahBHaGYW5D7rRpRKx3mPlYzzg9iR8v/tg6/d+Ff23PHHi jT0SW60fxBBeRJKCY2ktxFIoYKQSpKjOCDjuK/ZX/glCQf2Vfpr2of8AoMNfkd+0faQX/wDwUL1u xukEkNx4u0+N1IyGV5IAQR7g11ZZjfaZtieaKSjFrTrZ9fM0oVebE1LrZfqer/GFf+Cl9n4MP7Rf jjXtb0LQmMd2bfT9T+xiyhuSBEXsbeQFE+cKQ6l1/wCWmDk1+hf/AATT/ar8b/H7wn4j8HfE26Gp a94QNs8V+VCSXVpc71HnbcBpI2jIL4G5WXOWDMfp39tWNZP2UfiirjIGiXB/FcEfqK/Hb/glnDqN 0vxutdI3fbpvDASDby3nN5wTAHfcRivD9tTx+VVak6cYuDSVlayuv8zj5o1sNKTik09LE/7TP/BQ D44fGH4pT/Cn9mm9u9K0MXZ0+yfSl/4mWrTBtnmrKoMkaMwJjWMqdvzOTnC+beMtS/4KR/snwad4 68eeIPENrpl1On7y81Rdas/OPzeVcIZrhELgY+YDdztJIOOf/wCCYl74esv2ufD39vNGk09lqEVg 0uP+PtoDgKT0Zo/MUdznA5NfuN+37e+HbL9kX4if8JK0YiuLOOK3WTGWu2nj+zhAerCQBuOQAT0B Nelj8TSwGLo5dSoRcJWu2rt3dv6/Q6K1SNGpGhGCadg/Yw/at079qX4Yz6/fwQ6Z4o0CRbfWbOEn ykZwWini3EsIplVsBiSrK65IAY/j18d/22/2if2kPjK3w4/Z61bUNJ0Se8ksNGtdGka0u9QUEj7R NOrK43hS+NyJGn3uQzHr/wDglTY+JruH43HQn2xt4eiiHB/4/ZBcfZT+AWSvGf8Agl1e6PaftcaI mqMiT3OnalFZ7+puDCWwv+0Ylk/DIqcPk+GwmIxlaMFL2aTinra6b/ryFDC06U6skr8u33E/7Rkf 7c3wY+Fc3w0/aDv7jW/B/i97dYrm8uxqhhubSRbhY47reZI5PkwUclWXcVBK7l+4P+COaCT4efEm Ns4bUrIHBKnmB+hHI+or3b/gqre6Jb/so3VrqboLu71jT0sVYjcZ1ZnfaDzkQiTOO1eGf8Eb/wDk QPiP/wBhOy/9EPXJisf9ZyKpVcFF8yvZWT1Wv9djOpW9pg5StbXp8j7e+Fv7Dv7OfwZ+Ilv8Tvh5 oM+n6xaRTRQiS9nuYo/PXY7KJ3dt20lQd3Rj618Vf8FKP2zfBGm+DNf/AGa/BLJrXiDVQlvq9yhD W+nRxyLI0OeQ9wdu1lHEeTk7xtH6u/ES817Tvh/4m1DwrDJc61a6Xey2MUS75JLpIHaFUX+Ji4AA 7nivwQ/YV/Yj8WeK/jNe+KP2lPBOq2uk6NAb6GLV7aWKHUNQeVdomMoHmqo3OyHO443ZXKt4uQTp 1JTzDH1HL2drJvVvpv2/4c5ME4ybrVpX5dj6o/4JLfBPxj4F8B+Kfil4pt5NPtfG5sk023kBR5La z84m5Kn+GRpcRkgEhSw+VlJ/XimoiRIsUShEQAKoGAAOgAp1fN5vmUsXiJ4ias3/AMMvwODE13Vm 5vqFFFFeaYBRRRQAV4B+yd/yaz8G/wDsTPD3/pugr3+vAP2Tv+TWfg3/ANiZ4e/9N0FAHv8ARRRQ AUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAH/9X9/KKKKACiiigA ooooAKKKKACiiigArxD9on4F+Gv2i/hRq/ww8Sv9mF6FltLsIJHs7yLmKdVJXOMlWXI3IzLkZzXt 9Fa0K86U1UpuzWqKhNxaktz+ayx/ZB/4KE/s2+ItTi+EMd81pesIWvdCv4PIu0XOxnt5JFkUrk4M kY2knDY5PuX7J/8AwTl+L198WLH4x/tMD7FDpt6NT+xT3SXt/qN8jiVHuHjaVBGZPnfc5dyNpUBi w/eGivrcRxvi6lOUVGKlJWcktX+P9dLHpTzapJNWSb69T8hf+Cln7Lvx0/aA8X+CtV+Efhn+3rXS LC6hun+22dr5ckkqsoxdTRFsgHlQR619Fy/Bj4kt/wAE+x8D10j/AIrX/hFl077B9og/4+wB+78/ zPJ/4F5m33r7vorynxBWdCjQsrU3db3vvrr/AJHO8bPkjDpHU/In/gml+y/8c/2f/FXjjUvi74a/ sG31iys4bVvttndeY8Ujs4xazSlcAjlsA9q8o/bF/wCCdfxUu/irf/G39m5Vu21S6GpTafDcJZXt nf7vMee1kdo0ZWkHmDDq6ucKCMY/c2iuqPFmKWLljFa8lZq2jX33/E0WZVFVdVbv7j+bjxP+zh/w Uk/aZvNJ8O/Fi2vZNO0x8RTavc2ltZ25I2mV0gO+VscbxHI+CeeTX6kXP7JNx8Mf2HvFX7PXwyi/ t7xHq1hO8spMdsb/AFK4Kb2zK6oihVVE3NwiKCSck/f9FGN4qr1lCKjGMYtNJKyuu+oVcxnKySSS 1sj8jP8Agmj+zB8cv2fvEvjrUPi74a/sG31i0sorRvtlndeY8UkjOMWs0pXAYfexnPGaZ/wUt/Zf +Of7QHirwPqXwi8Nf29baPZXkN0322ztfLeWRGQYupoi2QDyuQO9frtRWX+s1f699f5Vz9tbbW73 /En6/P23trK58k/DL4K+Ipf2MNO+AnjaH+xtZvPC0+i3a745vs01xC8Wd8TOjbCwPysQcV+G/hn9 jv8A4KA/BjxffQfDXQ9S0u+u43sn1DR9Rt4obi3Lg8TechVWKqw37HHBIU5r+n6itMt4pr4Z1bRj JTd2mtL/AHjoZjOnzWSdzm/Bqa5F4Q0OLxMpXWEsbYXoLiQi5ES+aN4JDfPnkE561jfFPwTH8Svh n4s+Hkk32YeJtKvdN83GfLN3C8QfH+yWz+Fd7RXzsarU+eOjvc4lJp3R/MD4Z/Y7/wCCgPwY8X30 Hw10PUtLvruN7J9Q0fUbeKG4ty4PE3nIVViqsN+xxwSFOa/Wb9rD9ivUP2o/hf4T1KS8i0b4neHN OhiM1wxkguWaNWntZ5I9xwJsskqhsEtwQ2R+jFFfTY3i/E1qtOulGM49Ut/W99Dvq5nUlJTsk0fz SaL+zl/wUw+Guk3Xwq8G2uuWWhXbSL5On6tbCyYSffaOTzwIg/U8oTn5hnNfbX7DP/BOnW/hF4st PjJ8cHt5PEFgHOm6RCy3CWkzfL9onmUlHlUZ2Km5VJD7iwAX9gaK0x3GWKrUpUlGMebdxVm/xKrZ rUlFxSSvvYK/Jb/gpP8AA/8Aaa/aD1fwl4U+EvhNtY8K6JDLe3E/2+xthJqE7GMKY7m4ic+TEmQw XH71hk44/WmivCyrMp4Suq9NJtbX2/Bo48PXdOamlqfHf7C3wD1T9nj9n7S/CXii0Wz8T6lcT6jq 0aukuy4mIRI/MjZkby4UjU7WK7txB5r6R+IvgfR/iX4D8QfD7X13af4hsbixmOMlVnQpvX/aQkMp 7EA12dFY4nHVKteWIk/ebv8AMmpWlKbm9z+fX9kr9kL9sr9nj9ovw745ufBO7QIrl7DU5o9U00pJ ptyfLkl8v7V5jBPlmVdu4lAMZ4r7E/bu/YCuv2h9Wj+Kfwtubaw8ZxQCG9tromOHUo4QBCRIARHM ijYCw2su0Ertyf1Gor3K/FuKniY4tJRmlbRPVed2zrnmVR1FV0TR/MZpf7PH/BS/4d6X/wAIT4at PFWlaScqtrputr9kUNy237PdGNA3fGM9691/Zc/4Jg/E7UPHem+PP2jIodI0XT7hLx9LM8d3eX8q tvVJmiZ40iZsGTLl2GVwpO4fv9RXdiOOsVOEoQhGLlu0tfzNZ5vUaaSSv2CvmD9r/wDZ+l/aV+CG qfDjT7yOw1dZor7Tpps+SLu3ztWUqCwR0ZkLAEru3YOMH6for5HC4mdGpGrTeqd0ebTqOMlKO6P5 wPhF8Cv+Cm/wGn1fwR8J9Iu9Fs9YfdclZ9Lns2ZRs8+OW4d1jcrjlNrkAZGVAGJ4l/4Jz/tk+E/i Bp3irQ9Ig8cX6yW+rXF/HqNpEpvzJ50sbm8nhmkYOMtJtAbORzmv6WqK+w/17xKm5xpwTe+j19Xe 56f9sVL3UV56bnxP+2x+zbrf7U3wOtdB0Ty9K8V6RcRapZQ3LjyzL5TJLaySJuUblc4cZXeq87ST X5C/Cf8AZ2/4KW/DYX/w3+HNlqnhLTNWm3XbLfWkdmrkBGmWYSOVO1QC0J3kADngV/SlRXm5ZxRW w1B4dQjKN7pSV7fiYUMwnThyWTXmfzg6b/wTe/aZ8A/Hvw7faTog8S+G9H1bSLybWVvbKBZQjQzX brBNcifbHJ5ijKbnC7gvIFfrF+33+zv4r/aQ+Bi+F/AnlSeIdE1GHVbSCWQRLcmOKWF4RI3yqzLK SpYhdygFgCTX25RRi+KsVWrUq87c1PbTf11/KwVMxqSlGb3R/P5+xt8Cv27/AIUfFjwvol/pGsaF 8P7PVvter2rahBHYujp5UrmNZj53y7TtQNkqDjjI0/jF+xX+0x4q/bRv/izoPg77V4Un8S2OoJe/ 2jp6ZtYXhZ38p7hZeArfLs3HHAPFfvhRXVLjLEe3liI04puPK9H3vffc0eaT53NJXtb+tTwn9p3w Z4k+If7P3j3wR4Ps/t+ta1pU9taW/mRxebK4+Vd8rIi59WYD3r8+f+Ca/wCy18cPgJ4r8cah8YfC 40Sy1qwtbe3LXlndiVkkdnUrbTSkAKf4gAa/XyivHw2dVaWFqYSKXLPV736ba+XY5aeKlGnKktmf z4fGr/gnb+0N8H/ixJ8TP2WC+oaZHdPeaeLK6jtdR0zzCcwlZWQSRqGKKULFk4dcZzx11+yB+33+ 1V4203UPjp59hbWq+T/aGsTWyR2sBYFxBZ2xyXbrhY1DEDc44I/pAor3KfHGLjFXjFzSspNe8dkc 3qJbK/fqfHvxK/Z7fQf2Mtc/Z3+EFgb+4g0NrCwheSKF7q4Zg8kjvIyRq8shZ2JKruY9BXyd/wAE 0f2YPjl+z94l8dah8XfDX9g2+sWllFaN9ss7rzHikkZxi1mlK4DD72M54zX650V41PPq8cNVwzs1 Ud23e99PPy7HLHGTUJU+5+RP/BS39l/45/tAeKvA+pfCLw1/b1to9leQ3TfbbO18t5ZEZBi6miLZ APK5A719gfDL4K+Ipf2MNO+AnjaH+xtZvPC0+i3a745vs01xC8Wd8TOjbCwPysQcV9bUUVc9rSw1 LDWSUHdPrfXfW3XsKWMk6cafRH8wPhn9jv8A4KA/BjxffQfDXQ9S0u+u43sn1DR9Rt4obi3Lg8Te chVWKqw37HHBIU5r7g/b6/Za/aQ+Pf8Awq3UPBPhj+3L/RtCNvq5N/ZQmK9fy2dS1xPH5mWDfMu4 H1r9nqK9etxriJ16eI5I80b9HrdW11+46pZrNzU7K6/rufKfwr+Bn9pfsh+HvgH8X9M8h5dAj0zU rUSRytDKF6pJGzxl4nAdGUkBlBHSvxl1f9hL9tr9m3x5da/8CJrnV7ZFMcOq6LdxW00sDnPlz2ks ofPALJiRMgEMeK/pGorhy7ifEYaVRxScZu7i1damNDMJwcmrNPofzv8Awo/4J1/tK/G74oL47/ag kn0rS5p0n1Ke9vY7rU79EAAiiETyeWMKEy5TYv3FOAK96/4KDfsFfEf4neObf4ufBCwh1VprO3sr /SVlit5kNovlRSweYUjZPKCqybgy7RtDA4X9pqK6pcZ4x4iNdWXKrKNtLP8A4Zdeho81q86n26dD +fy3/Z6/4KVftE+D7b4YfFrVJdE8GabEGUanJZo9w9sv7mORbX/SJ23BcNOdgPzliwGfZP8AgnH+ zR+0r+zz8WNevPif4L/snw7r+lGBroahYXBjuYZUkizHb3EjkMu8cLwSMkCv2foqcTxdXqUZ4dU4 RhLola3nvv6iqZnOUXDlST8j8F/2/P2Hvjt4y+PGqfGT4S6K3iPTPEMdrLNHazxR3Npc2sEduR5c jIzK4jV1ZNxBLA7cDPu/wq+F37ZPiz9k34yeCfjdbajqfirxNAI9Ch1PUbeWaQGLa8YLTFIF3KDh ygJJPvX640VEuK68sPToShF8lrOzvpa3Xy1E8xm4Rg0tLfgfkT/wTS/Zf+Of7P8A4q8cal8XfDX9 g2+sWVnDat9ts7rzHikdnGLWaUrgEctgHtXO/twf8E4PE3xO8bX/AMY/gS9u+q6uRLqej3Egt/Ou QMNPbTORGGkwN6OVG7LB/m2j9mKKz/1qxSxjxsbKT0a6Nff5dxf2jU9r7Vbn80up/s4/8FMPinol v8MfF9rrl3oFkYx5Op6tbraAR8IXZp8zBO33yOwr9fP2Kf2ONJ/ZT8J30mp3kWteMtf8s6hexIVi iijGVtrct8xjViWZiFMhwSoCqB9vUVWacVYjE0vYcsYQerUVa/qPEZjOpHkskvI/A/4u/sVftMeK P20774s6F4O+0+FJvE9jqKXv9o6embWKSFnk8p7hZuAp+XZuOOAeK/Xr9p3wZ4k+If7P3j3wR4Ps /t+ta1pU9taW/mRxebK4+Vd8rIi59WYD3r3aiuXGcQVq7ouaX7u1t+lt9fLyM6uNnNwb+yfkL/wT T/Zd+On7P/i/xtqnxc8M/wBg22r2NrDav9ts7rzJI5WZhi1mlK4BHLAD0r9eqKK5M1zSpjK7xFVJ N222008zLE4iVWbnLc/GP/gpF+yd8f8A4+fFzw34o+E3hb+3dMsNDSznl+3WVrsnW6nkKbbmeJj8 rqcgEc4znNfor4S8C+KdM/ZP0b4Z31l5fiS08E22kS2vmRttvo9NW3aLzAxjOJBt3BtvfOOa+h6K 6MRnlapQpYeSVqe29/nqXPFylCMHsj8Q/wDgnd+yD+0T8C/jzeeNPip4T/sPRpdEu7NZ/t9jc5nl mgZU2W08r8hGOduOOT0r0L/gpZ+y78dP2gPGHgrVfhH4Z/t610iwuobp/ttna+XJJKrKMXU0RbIB 5UEetfr1RXbLirEPGrHOMeZK1tbdu9/xNXmM3V9tZX/rzPjrwZ+zqfF37F+g/s7fFm0Om3j6DBY3 ao0U72d3Dh45EaNmjZopFVhtYqcYzg1+P+mfsk/8FBf2VvF+p3PwTS4ure9XyWvtGntpYLuJSShl tLk7g67jjfEdpLbGIyT/AEi0VOA4or0HUXLGUZu7i1dXYUcwnDm0TT6M/n++An/BOr48fFD4tR/F P9qvdZacLtb69hvLmO71DVZEIZYmETOscLY2uWYMEG1EAIZf0k/b7/Z28VftH/AtfC3gMRP4g0PU YdUtIJZFhW58qKWF4Q7fKrMspKliF3KAWAJNfbtFTiuJ8TVxFPEuycNklovl5iqZhUlOM+23Y/n8 /Y2+BX7d/wAKPix4X0S/0jWNC+H9nq32vV7VtQgjsXR08qVzGsx875dp2oGyVBxxkafxi/Yr/aY8 Vfto3/xZ0Hwd9q8KT+JbHUEvf7R09M2sLws7+U9wsvAVvl2bjjgHiv3wortlxliPbyxEacU3Hlej 73vvuavNJ87mkr2t/Wp4T+074M8SfEP9n7x74I8H2f2/Wta0qe2tLfzI4vNlcfKu+VkRc+rMB71+ ff8AwTT/AGXfjp+z/wCL/G2qfFzwz/YNtq9jaw2r/bbO68ySOVmYYtZpSuARywA9K/XqivHw2dVa WFqYOKXLPV736ba+XY5aeKlGnKktmfgx+1N/wTM+JVh8QL74n/szFLyzvbk3w0tLhbO9sLktvJtZ ZGRGjD5ZPnR04UBsA14rqn7K3/BRz9oa503w/wDFJNSl0vT5QqTa7qcItbcn5TKYlkaSRgv8axux HGea/pRor28Pxxi4QjGUYycdpNar8f66nXDNqiSTSbXXqfM/7Kv7M/hj9l34ZR+B9GnGp6peSm61 TUTH5bXdwRgYXLFY41+VF3HHLfeZifyS/ae/4JwfGXwj8Urr4m/szWp1LSbq7bUbe1sriOzvtIn3 +Zth8ySPeivzEYzvUfKV+UM39AtFeZl/EuKw9eeITu5fFfZ/10/yOejj6kJud733P5yvEX7G/wDw UB/aD8L3fin4v3V1eXugQKNH0rUr63NxdSSSosgjTzVhgxHud5JWV22qoDZBH6Cf8E0/2fPi9+z/ AOD/ABrpfxc0H+wbrV7+1mtU+1Wt15kccTKxzbSyhcEgYYg1+mNFdOYcWYjEYeWGcIqD7K1rdtTS tmU5wdNpJHn/AMWdF1fxJ8K/GXh3w/EZ9U1TRdRtbSMOsZe4ntpEiUOxVVy5AySAOpIFflD/AME6 /wBlz9pf4JfGzWvFXxk0CbSdEuvD9zZRSSalZ3ga6e7tZEXy7e4lYHZG53FQBjGckA/s9RXm4POa lDD1MNFK0977/LUwpYqUISppaMKKKK8k5gooooAKKKKACvAP2Tv+TWfg3/2Jnh7/ANN0Fe/14B+y d/yaz8G/+xM8Pf8ApugoA9/ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooA KKKKACiiigD/1v38ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACvAP2Tv+TWfg3/ANiZ4e/9 N0Fe/wBeS/APwlrXgD4FfDnwJ4kjWHV/DfhvSNNvERxIi3NnZxQyqrrwwDoQCOD1oA9aooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD/9f9/KKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooA//Q/fyiiigAooooAKKKKACiivAv2nfjdD+zx8E/EfxUNouoXWmpHFZ2zEhJ bq5kWGIOQQdis298EHapxzitsPQnVqRpQV23ZfMqEHJqK3Z77RX8u2if8FO/2ttN8YJ4k1LxFa6r p/m7pNJlsLaO0aLOfLVo41nXAOAwk3dNxbof6Uvhp470z4n/AA98N/EXRo2hsvEmn21/FG5BeIXE Yfy2I43ITtbHGQa9vO+GsTgFGVazT7flsjrxeAnRs5dTt6KKK+eOI/NP9uj48fFj4RfGz9mvwr8O 9ebSNK8d+JJLHWoBBbzC7thd6bGELTRuyfJPIMxlT83XIGP0W1rXtD8N6e+reItRttLsYyA091Mk ESk9MvIQo/OvyM/4KY/8nG/se/8AY3y/+l+kV5j/AMFKYbfRP2pfhx47/aH8Max4u+AOn6W0Ulrp bukMepu8wkMpWSLEhzA2DJH5iKFVjtdSAftz4f8AFXhjxbZ/2j4V1iz1m1GB51lcR3EfPT5o2Yfr VfxJ408HeDYop/F+vWGhxznEbX11FbK5HZTKyg9R0r8a/wBkjwh+x9r/AO03o3xQ/Y3+J7+D4VsZ o9X8C3cF2ZNSBWTdte7nUlUDrJiPz1Roww2jIHzz8cbn4T+Bf24fiRrP/BQLwZrnifw1rpjj8J3l u8/2G3sFJ2bVimhLhYyFIjclJA5MZZ9ygH9GWm6npusWceo6Rdw31pMMpNBIssbD/ZZSQfwNM0zW NI1qKSfR76C/iicxu8EqyqrgAlSVJAIBHHXmvy//AOCefgH4HeHPF/j7xR+zL8XP+En+HmuCJ4/C MsM6XGjz5UrM7XUolOcSRhjAN67QZHMeTgf8Ecv+SB/ED/sedQ/9IrKgD9X4dY0i41GfSLe+glv7 ZQ0tusqtNGpxgsgO5QcjkjuKy/EXjTwd4PSKTxbrthoiTnbGb66itg5JxhTKy5OfSvya+DmuW3hn /gpr+1D4kvBm30rwzbXcg6fJBbWEjfotfnZ8Evi/+xl8WNa8XfGL9vvVdS8T+N9fv5Vs9OCai1jp +n4DRiFrRlIAZ2RELbY1UEDcS1AH9SlneWeoWsV7YTx3NvMu6OWJg6Op7qy5BHuKqW2t6LeX8+lW d/bz3tqMzQRyo0sY/wBtASy9e4r8KP8AgnV8ZfA3h39rXxh8BPgX4iv9c+DniHT5NU0S31ITLLp9 7AEklijWYAhSHlDHGXCxliWBJ/Vj4dfss/Df4Y/G/wAbfH7w7c6jJ4k8eoyahHcTRvaIGkSQ+TGs SuvKD7ztxmgD6TooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiii gAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKA CiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAK KKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooA//9H9/KKKKACi iigAooooAK8a/aB+DOi/tAfCPxB8KdduGsotZiTyrlF3tb3MLrLDLtyNwWRRuXI3LlcjOa9lorWj WlTmqkHZp3XyKhJxaktz+cbRP+CR37QVz4wTSde1rRbHw+suJNShmkncw56x25jRi+P4WZVz/FX9 B/gbwdo3w88F6F4D8OoyaX4esrewtg53P5VtGI1LNxliFyx7nJrqqK9fOOIsTjlFV2rLsrfM6cVj qla3P0CiiivDOQ/Kj/goV8O/iB41+Pf7KuseDfDOp69YeHfFMlxqdxYWU91DYwm90txJcvEjLCm2 NzucgYVjnAOOp/ag+JH7WnwO+PmifEDw54e1D4m/A3ULBrbVPD+k2MNxd2lyVKvIdkLTsp+SRS7N GfnjbZlWr9LqKAPwX0X4c6p+09+2D8Lfi38HPgXqnwX8L+CbxNS1vV9S09NHOqeVMkqxrboojkc7 GiLIXZlkbeVCCvcPG/xt/ab+A3xu8feHP2hPh3rPxp+D/iObzvD82j6PbXiWNvvZo7eWOKJEZgri NxcEOWjDoWDEn9eKKAPxi/Yo+CfizV/2v/GH7T2i/C67+Cfw6utKfTrHRLyH7FPdzy+QWf7HtURR HyzK21QgfaEL/OR5r+zz41+Pn/BP3xB8Q/gr4j+CXiXx9o2ta7Pqeh6loNrJPFctKoiGZESRNskU cTFc+ZEdwZDnj956KAPxZ/Yv+Hnx71z9sP40fEL9oTwJe+GI/H/h1CxNvL9gVLxrYx2cd0y+VJND b4SRQxZWVgwBBA5D4HeIPjh/wTtPif4I/EH4Pa78SvA51Ce/0DXvD9n9sLJNhBHMFUrHvCBijMrx vuwsispH7q0UAfnD+yR4m/a2+L/xa8U/F34raHL8N/hdLbi30LwteWVvFfNN8i+fJI8CXSqFV2bc UDPIAilFr3j4ZfHD4p+NPj/49+FXif4Y6h4a8K+FkZtN8RzpcC11UiREAiaSBIjlWLfJI/C/jX1N RQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFF ABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUA FFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAU UUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAf//S/fyiiigAooooAKKKKACi iigAooooAKKKKACivkv9o744+Ifh3fWPhbwlsgv7qD7VLcyIJNkbOyIqK2VySjElgeMYHPGX+zt8 evE3jrXpvB/jJo7q4aFp7e5SNYmJjxuR1QBTwcggDoc5yMb/AFaXJz9Dy3nFFV/q/X8D7IooorA9 QK/LK8/bo/aM8SfF/wCJPwv+CfwGTxzD8N9UOnXl2uuxWbfM8iwu0c0S48zynOFZsY5PTP6m1+Vn 7B3/ACdj+2N/2M+nf+jdSoA7v4b/ALemtN8VtF+C37S/wr1L4PeIfFL+Xo1xc3SX2m3svQRi5VIg rsxCKF8wbmUMVLLnY/ab/bA+Jnwd+OXg/wCA3wo+GSfEPX/F+lzajbxnU109/wBwZjIg8yNk+WOF nyXGegGcZ8t/4K/2mlL+yrZ+IZwI9X0bxFp02mTgYkjnYSqwVuozHuJHQlQcZAI8e/a2+Ini74ff 8FBPgL4/0PwXe+NNetfCV6/9haacXUz3EV9HKsZ2v/qg7OflPyqfrQB674m/b6/aI+DdpB4q/aJ/ Zs1Hwt4NM8cN1qthrEGo/ZfNYKrPFHGFwSQo3yICxCgliAf0+8O+INH8WeH9M8U+Hrlb3StZtYb2 0nUELLb3CCSJwCAcMjAjIzzX5A/Hj4p/th/tbfDTU/gN4O/Zy1LwVb+KzDb3ur+IbxI4LaCOVJWK o8UfOUHzAuwGdqFsYs/ETw/8QNb+Mnwc/wCCdPgzxvqPhXwl4W8G2uoeJNV0mRrXUb+OzQ2yxRyc mNWMSnAO0eadwfYFoA/Y2vzF8bftvfHwftC+PPgP8FPginj+bwIbVrm5GtRWTGO6hjlVyk0QUfM5 XAZuma8z8SeGfF/7Bf7RXwft/A/jnXfEnwz+KurL4d1PRtfvWv8A7JdzskcNxbSMo2fNKHOACdhV iysNnlWm/Gfx58Gf+CiH7RGo+BPhfq/xPm1KLSIprfSG2vaqlrAwkk/dycMTgcDkUAfU2g/t+fEH wh8SvC/w6/am+C1/8K4vGVylnpmrLqEep2TXMjBFjkaKNVT5ioJDsV3BmULlq/TWvxf+KOkftS/t 7+L/AIe+EPEfwdufhL8P/Cutwa3qOo6xdJJeTeRlfLhjCROpZGcBQrAsVZmULz+0FAHiHwi+InxG 8c694903x34Fn8H2XhnW59P0i5mlMg1ixid1S9QFE2rIFDAAt97qa9vr8UPBPjv4/wB38OP23Jvh fqepax4u0LxrqdtokXmyXU1pbC8kWZLKNi+xo7feYkjH3lXaM4r5v+EniH4N+J4PB9/8Hf2kfFPg D42W9zZ/2tbeN7y5fTdQuMbbmGRCpgfdKcRo8xJX5WXcQygH9H9fl/8AFH/gqB8FvA/xh8PfD3S9 RtpdLttW1jS/Ft1dw3SS6X/ZgURywLHGy3CzSCRV2bido4Ga/T5d20b8bsc46Zr80/2gf+Cc9h+0 F8UvE3xa8QfEC/tNauYNMj8NslumzQXsphJMwVHjFyJAPk37WQsxLMQpUA+8fhf8SvCXxh8A6L8S /Al015oOvwme1ldDGxUMUIZG5VlZSCD0Irva/Dj/AIK6+NviV8KNF+Blt4D8V6lpl+kmpxzT2Uxs /tctsliEeaKDZE2WJOzbsG4gKAcV84/tk/Dr9pH9ie8+H/xzh+OGu+KfFGv3cq6kJ5pVtVu4VWYx xxeYUktW3OnlMgUKBhQDtUA/pVor8QP23/jp8aPjD+0j4C/Yr+DPiGbwRbeJILK61PUraSSK4c3c bzsheJlcww267zGrL5rnaxwBXivxQi+O3/BLr4yfDzWbb4oan4/+HnjCSRL+w1N5NpS1eIXa+VJJ Msb7JlkimjKtkFWBUEOAfr38T/2vPhz8M/jz4H/ZyntbvUvGPjWWAqkSbLa0tZ2kVZpZW+8SY2Co gY8fMVGM+G/tP/8ABRj4Z/AfxfH8NdFuLa+8WaZr2lWGtWt8lxFDb6ZfwGea8imjVkcwBowy5yCx GDivyw/a1+Amv6h/wUw0DwDH4/1O3uviBNBqNrqa7/tGjR3s9ztt7b98Dsh8s7NrIPmOAO/6k/Gz /gnZp3x9l8KQfEX4g6lqen+D/CLaFZwPEqsdXWJIk1aSUPvkLFd8kMjNuYD59pYEA+yvgr8cvhr+ 0J4Ofx98KtTbVtES8nsfPaGSAma3I3fu5QrgEMrLuUEqQcCvXK86+EngfUPhr8NPDngLVtbk8R3m hWUVrLqMsKW8l00Yx5jRx/KDjjqzHGWZmJY/FX7dCXc3iDwNH49+NMHwh+Ei/aX1qOx1CWy1/V7h RmOK1EUTl4Y/l37W4DsWUkR0Afo1RX8+3wI+LXw58Gftw/Dnwb+yv8UPEnjP4e+MkvbTW7LXJLyW 2F1FBLIjwG7ihJIIRtwUsCCNxV9tf0DSSJFG0srBUQFmJ6ADkk0APr5Z/at/aOuv2bPDngvXrXQU 19vFvijT/DrRvcG2EC3sczmcERybivlY24Gc9Rjn4C+AHwr8V/8ABQfw74p/aC+LfxK8UaFpuo6v d2fhrSPD2ovYWem2tphEnMRV1eYk4JIBO0liSwCch+094I+PXw5/Zo+DHgv9oXxLaeLtd0z4s6RH ZanbyzTTT6b5F15H2t5o42M4O4E5f5duXZgTQB+senfET4jXf7QOqfDC68Cz23gmz0RdRg8UGUmG 4vjLEhshHsADBHd87yfkPHPHt9fl+fiXrnhb/gpD8Tk1TVbybwx4d+Fj6wdNNzJ9kWS3uLR2lWEk xrIU3DeFzgn1Nfm94C+PH7P/AMctH1b4m/tZ/tGeLPCvj7V7u5fT9J0EapBY6DbqxW3ES21pLC7Y +bKvkqQHPmFmoA/phor+f+P9qX4i/Ez/AIJi/GK9u/F11qPif4e6zp2k2viO1eWzvL+wfVLI29yz Dy5UeSN3jbdh2UfvMsWJ6z41/s5/Ev4e/sop+1uPjT4yuPixpen6brdxI2pbdNP2uSEyWsdqqgJF GsnyrkqxXDJtbaoB+q3xR/aE8M/C34o/DL4Sajp91e6z8ULu7t7J4tiwW8dlGsk0kzMd2fnQKqqc 5OSuOffq/Br9oz4d2nxn/aH/AGSfGev+INc0+8+LumPc340/UGt1sHj06zl3acAp+zNIZD5hGd+B 6V+6ejaZHomj2OjQzTXEdhBFbrLcOZJpBEoQNI55ZzjLMepyaANKivxj/aN/4VqPjt4zu/2xv2iJ vDfhmNYE8OeEvCup3iT2tuU+aXUbe2tncTSYWReGzuPzbAgrlf2GvjBq+q6d+0r8OPDHjbWfF/gX wppbX3he+1l5hqMEFxb3J+9KEkUfKhA2qMrvVV3EUAfuNXi/7Qnxv8N/s5/CHX/jF4stLm/07QVh 3W9oFM0slzMlvEo3sqgGSRdzE8Lk4JGD81/sB+JPEXiT9grwb4j8Rapdapq09lrbSXl1O89w5j1C 8VC0shLkqqgDJ4AAHAFflx4t07VviZ/wSB0/4l+MvE2tahrPhzU7goZb+WSO8FzrcVvtvFkLGdYl 5iBb5GAIoA/Yb42ftR3HwmvvglbWfh1dTT4v6/pujMZLkxGwS/MQ80ARt5pTzfu/KDjqM19e1+DP 7Xnwi1PwJ8Mf2WPAXw48Uas2tar4xsZdP1TVbk6hdWd9epbiF0Zwo8uGQqyR9BjFdn8bfhB4u/Yg 8efB34qfDj4q+LvEA8T+LdP0DxBZa/qRvrfUI7zcZJCm1FBKI4G4MVJVkZWXJAP2zor8Cfj5+0n8 Nvib+1r46+G/7RXxb1r4a/DD4e7NP0/S9AF6kur6hjFzLczWUEx2xsCNrgcbAmD5hPqX7CP7RmiH 9pvxH+zv8O/iVqfxT+GOoaS2raFfa0tz/aGnXUDKJ7MvdRQySIUZmzt2Dau0AmTIB+0leafGP4p+ H/gl8MPEfxW8Uw3Fzpfhq1N1PFaqrzyAEKFQOyrkswHLADqTX4q/sN/s4+OP2uP2eW8b/Fz4yeNI EtL67sdDt9P1V4o7YxESNczlw7XEhmkYLuYFUUKGxtCZr6t4z+O//BLHxvqXxV8Tapf658L9YvrK K6iu2R9QS0MKol+Tk3CKLkjDHJKIxJIyQD9ZPF/x2+IEfwe+G/xT+Ffw8ufGE/jqbR3udPjnKvpu n6patcSXLusb7xAdiHhQS2cjpX1HX4UfFHw7qvwK/Yd/Z2uPAvi7xAs/i7xf4Pv7uS41OZ3jS+0i QyWcLJsKWYMalYOVB9a9++I//Cb/ALWf7afij9nB/GureD/ht8L9HtbrU4dAunsrvVb7UY4pEimn XOYlWT7pBA2EAbm3KAfqzRX53fCv9nv9pL9nnVviXo3g/wCI8PiD4dX+jSyeGD4qvp7m+0jWAg2v M/2cx/Y0JdnCnkBPkzvY/mL8QL79nTQ/hfqd/wCK/wBqPxR4u+P1vaXV1FdeH9T1G80z+00DSJDb tFbiNbUEBS/mIduXXaMIAD9zP2lv2hfDP7MnwvuPid4p0+61SBbqCygtrTYHluLkkRhmcgInBLNy QOiscCtD4lfET4jeEviL8OvCnhDwLP4m0LxVc3cOtatHKUj0SKARGKSRQjBxKXcDLLjYeuePxQ/a nu9c+OX/AATY+D/x08ea7qNx4khuYNPnWK4Mdreb7qW3NxcwgbZJwtupV+NpZzj5q+vPjXoWr/Av 49/se/Cnwj4t1+80afWPEaXj6jqc1zcX6O1pMq3b5UTrGZWWMOpCrwKAP1ior8cfAnhHxX+358b/ AIu618QfHev+Hvhz8Otbm8OaJougXraes01qzLJdXDAHcxCq4yC2XwCqptbmdM8b/Fj4G3/7T/7I /iLxrqXivTvDXw71jxT4V1m/uGbVbSH7GQYmuBh2ZHmXY24bTGWQKG2qAftpRX4PfDn9mP4gfFf9 iu3/AGi/Gfxn8aDx3a+H7vVNGW21V4bGzi06OQW0RjA3u0qRAyy71clskkgl/wBOP2I/iX4o+L/7 K3w7+IXjW5+265qVjJHdXBADTyWlxLbea2MDe4iDNgY3E0AfVNFflB/wUQuvilqHx2/Zp+Hvwv8A Gmo+Cbjxjf69p9zd2EzpthkWwjeQxghXeKKSQxFuUY5Uq3zDwD4mfBL4q/Ab9qj4c/An4PfGjxfb eH/jVaXdvqs+p6iL69gFoRLdz2zsipFO8S4jmVfMRi2G2nFAH7vUV+QHgDwX4h/ZV/4KCeCvg74T 8ceIfEfgv4leHtQvLyz16/a/aO8tEnl81GIUBiYV+baG+ZwSQQB8iyftL/A/9oH4r/EHxJ+1d8bv EfgbRNK1WbTvC/hzw8dQhhjs7dsLezSWdrOjyucEbsPuDZ+Ty1AB/RB4j12x8LeHtU8Tapu+x6Ra z3k+wbn8q3QyPtHGTtU4Ga+DPiH+3rY+Hf2OdK/a68J+EpL+y1q++y2+mXtyLeUR/bJrQPJJGkoD Hyd+0AgZxuOMn4r/AGffil/w0B8Hv2hv2c7/AOJGs+NfDPgixOq+G/Eyyz2OrXWnKkkot7h5o1mZ UeJEfeuXV3UHy9gHzVrvw007wt/wSO0/x/a6vqt5deMNUsjPZ3d201hafYtTvol+x25AEHmA5lwT vbBNAH9OtFfhn+1J+z18UP2Xvggn7VWhfGnxhqPxO0C506fVje6h5mmXj3dxHFJCtmFCrCkknyxM zpsypXkY9s/aA8ZfEf8AaL/aa+HP7J/hTxVf+BPC2o+Gl8V+JbvR5Tb6hPFIWCWsU3JVQVUf3T5h LB9gWgD9YKK/HnxJ4Z8X/sF/tFfB+38D+Odd8SfDP4q6svh3U9G1+9a/+yXc7JHDcW0jKNnzShzg AnYVYsrDYzwX4K8Q/t7fHj4va/498eeIPD/gX4Z63L4Z0DS/Dt++nq09oziW9lYBgznCupxk7gMh UCkA+5PhX+0bdfEj9on4t/AuXQksIfhl/Zmy+FwZGvP7QhMp3RbFEezGBhmz7V9S1+PP/BP3wX4r +HX7Xv7Svgnxr4gufFWqaQugw/2peNuurq28uU2rzt/FL9nMYducsCcnOa/YagAooooAKKKKACii igAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKK ACiiigAooooAKKKKACiiigAooooAKKKKAP/T/fyiiigAooooAKKKKACiiigAooooAKKKKAPnz43f Am1+LDWeqWV6NO1exQwh3UvHLESWCMAQRtJJBGepBB4xQ+CX7P0Hwtv7jxBqt+upatNGYU8tSkUM bEFsZOWZiByQMDjHJr6SorX28uXkvocDyyi63t+X3gooorI7wr8ZfCvg/wDbo/Z7/aI+Ovjj4XfB a08a6F8TNcS9trm513TrLEFtJcmNlja5D/OLg5DqpGOnNfs1RQB+Rd/+z9+1/wDth/EfwfqX7W+k 6N4C+Gvgq9XU/wDhHdNuhez6ndJjaJ2jkmjK4yjNvXajMqJly492+J3wS+J3iL/goP8AB3446Po3 2jwT4V0HU7LUtQ+0W6eRcXEF8kaeQ0gnfc0yDKRsBnkjBx9/UUAFfnb+1D8D/jfp/wAffBf7XX7N +n2niTxN4c06TRNX8PXlylmNT02R3dfJnk2okimVyS7D7sZAbaUb9EqKAPyyi+Fv7TH7WPx7+HPx N+PPgq3+FHgT4V3X9r6fpH9pQ6rqGoaorxvG8kkAVUjRolOGUEAEANv3J6f8Dfgl8TvB37bvx4+L 3iPRvsnhLxnbaXHpN79ot5PtLW8Mayjyo5Gmj2lSP3iLntmvv6igAooooA/Kj4ffs3/tN+HfDv7U 0fhK8PgDxR4+8Z32t+FNS8+1nW4tmuZJkLiMzGFZ4zsO9VkTdu2/KRXhfxm+F37Y37WvgPTPhD8R v2edC8NeKY5LKK+8fXWqWMzRpbshkmgjtwZx5wUh0R5BhiNoOCv7l0UAYfhnRv8AhHPDek+HvtMl 5/ZdpBa+fKcyS+RGqb3P95sZPua3KKKAPyb/AOCof7M/xt/aKk+FLfBzw5/wkA8NXepyah/plpae Qlx9k8s/6VNFv3eU/wBzcRjnGRnW/wCCpv7OHxn/AGjvh/4I0T4MeHv+EhvdH1S4uLqP7XaWnlxP BsVt13NCrZbjCkn2r9TqKAPyD/bH/Yz+Nut/EbwJ+1R+zPNE3xF8IWtjb3WlzyRRi4NmG2yRySss THaxiljZlV48bTnIbyOb9mX9tj9t340eDPGH7X+g6b4C8EeCX8xdPspYybkNIjzJFElxdSB5zGiy PK6qqKCgJGD+7FFAH4x/t0/s5/tQX/7W3w+/af8A2dvC9t4uk8O2NpAbaeeGJYru0uJ3AmSWe3Zo pEmA3I+QQ2SvBP61fDq88Z6h4A8N33xHsYdL8WXGm2j6va27K8MGoNEpuY42V5AUWXcFw7cY+Y9a 7KigAr8qP2vPgT8Zp/2rPAn7TPgj4d2Xxk8PaDo7aVdeG7y6t7ZoJt9w4uY/tQMZP75SpCSMGTkA bWX9V6KAPxzvvhV+2Z8Tv2q/gv8AtBeMfhpp/hTwn4Qu5rIaDZatZ3N1pVlOmyS8uZN0UUvmGTIS 33Oqx7THuILfsWQCMHkGlooA/IP4ZeCv2yf2IIvFfwl+Enwttfi54D1LU7jUfDl8msW2nTaeLogf Z7yKfDOFCgkqFXdkiTDbUxvHv7Kf7Wvin4CeAbHxxqE3jzx/L8TbHxdq9u2pI1to2mrFOrW1q95M qmKAuD5cRPLlUDKgY/srRQB+ftv8AfHepft8eO/itr+i/wDFuvE3w9PhwXwuLcmW6luLUyQ+SJDO v7tHO8x7OOuSAfnv4S+Hf24f2NfCOofAjwf8I7H4weGbG7uZPDWtxava6eYIbqRpvLvIJ8O2Hcu2 NgDFlWRl2lf2GooA/KL4h/s7/ta+N/2AfHvw2+Iupp46+LHjC8sb2GwhktLa3s4YtRtJzaRzv5ER 8uOKSRmZsZOxCwClvpD9o74T+P8Ax5+xHrfwh8J6X9u8W3fh/T7GKy8+GLdcQGAyJ5srrCMbG5Lg HHB6V9m0UAfkt8cfgR+0bpWj/sqfEn4WeD4fFXiT4Lactrq2hyX9vauZJrG0gcLO7iJgjQSKzIzc lWUMuSP1N8M32s6n4b0nUvEWm/2Nq13aQTXlj5qT/ZbiSNWlg82MlH8tyV3KSGxkcVuUUAfi/wCF vhD+0v8As3/tFfFnxlo/wK0/41Q/EHWZtV0jXn1WxsbmxSaWWUQO12rvGFEiqwVUUlBtZhgL6D+y 5+zr+0ponx0+Ofij9oTSbO3tPi5pEJOp6XdQzWkNw6lGs0hZxcgwRzFAzR7D5Rw5ypP6v0UAfi58 GPBv/BQb4MfBqf8AZA0X4ZaTdWUTX9lp/jZ9ZgWytbHUZpJJJ2tBm4ldGmd0GFcDAMTAc7Hh39kH 45XP/BLjU/2adT0WLTPiFJNLdRWEt3bOjmLV1vlT7RDI8IaWJCFJcAMQHKjJH7F0UAfkf4s+Gn7U /wAb9E/Zq1fxf8Ml8L6t8M/HOmXWsWy6rYzqmk2BtSb8ETDO/bJ+5TfINvAIIJ+g/wBu74M/En4z aJ8KbP4baR/a83hrx1pOs6gv2i3t/IsLZJhLNm4kjD7Sw+VNznPCnmvu2igD8tvF/wAJP2j/ANnD 9prxr8e/gB4Ltfij4Q+J8dvJrmgvfwade2t9aqQs8Ms42MpLOwChyd7qVGFevWv2atJ/a+8V/FXx J8Xf2hI4fAnha6tVtNG8F2s9te+Q4K5uZ7mFTlsK2AHBYucqgRVP3fRQB8I/8E5vgz8SfgN+zRY/ D74r6R/Yevw6nf3D232iC5xFM4KN5ltJLHyB03ZHcCvnv4Ufsl/Gq0/YY+NHwL8S6RFo3izxfrWs X2mQTXdvLHNFMLZ7cmW3klRPNaErhiCvVgBzX65UUAfjB4w+EH7W3xh/ZT+EXww8S/C1dA8R/DHx f4bDxLq1hKLrR9I0+W3kv93nhEO9gDEGZjnKgjOPcPi18Jf2hPgz+1Vqf7Vv7PPhe3+Iun+NNLg0 3xJ4dkvotOuvMtFRIbm2mmHl4CQxjHzNneNpDBk/S+igD8lL/wCCX7af7S+jfFzxV8WLxvhnF4q8 NNoXhzwdFqrXdnFJvWVrm9MDNDvlCtCXCb9srZVRGoPnPgTwF+2da/s7yfsu+EP2fdC+HmoXOjya Hqfi+fV7Iw3EMkRimnFvaq873Fwhb597qsjbjgcL+2NFAH4ya5+yb+0F4m/4JkeGvgGfDaad8RvC t/8Aaxpk17aOLhYr+eZRHcRSvBlopgwDSLyCCRxn1fxp4C/aW+OvxS/Zd+L3i74bjwndeBtW12bx JZrqllcrYQTm1S2lVhKGlEyxM22NXZDww6E/qJRQB+VFt8N/2pP2RPjj8SPF/wAD/AMHxb+HfxR1 Ftbk05NUg0q/0vU5mZpcNOCrRO8jABVf5AmShU787w7+y3+0B4zsf2hvj98YdPtLL4m/FLwdqvhj Q/DdjcxSxWNpLZ+XBDJdFxCZJZI4gW3BAQzsw3lU/WiigD4y+Dfwn8f+FP2F9O+Dev6X9l8YQeEr 3THsfPhfF3NDMiR+cjtDyzAbg+0Z5Nb37D3w08bfB/8AZX8B/Df4i6d/ZPiLRYLtLu186G48ppb2 eZB5kDyRtlHU/KxxnB5yK+r6KAPhH9pz4M/En4h/tL/s2fEHwfpH2/QPAGp6zca3c/aIIvskV0lo IW8uWRJJNxifiJXIxyBkZX45/Bn4k+Mf2y/gB8V/Dmkfa/CvgmPW11e8+0QR/ZTd2xjh/dSSLLJv bj92jY74FfdtFAHwn8S/g18SfEH7e3wg+NOkaR5/gzwtoWrWepX/ANogXyJ7mG5SJPJaQTPuMijK IwGeSMGvnvwr8N/2q/2LvH3xB0/4O/DS1+MPwz8b6rPrlhDHqltpl9pV5dYDxyfaFO9MKqfIrAqi tuRiyn9cKKAPgv4DfDf9qjxL4I+KGq/tKavb6fqnxAhubbSPDlu0MtroNvNFJGFaeBTvY71BAdwF TcSWchfz6uv2cv20PEf7Ct1+yTq3wpjttQ8IalazaVfRazp7LqkUl9c3M52vOqx+UJF2lmBcHoGB FfvzRQB8Z/t//Cjx/wDG39lXxd8N/hhpf9s+I9Tl01re18+G33i3voJpP3lw8cY2ojHlhnGBk4Fe L/HL4AfHnw18Uvhh+1P+z9plp4g8X+EdBi8Pa54cvLqO1XUbDDHENwxEayI0j5Znx8sZXcFKN+ml FAH5ZRfC39pj9rH49/Dn4m/HnwVb/CjwJ8K7r+19P0j+0odV1DUNUV43jeSSAKqRo0SnDKCACAG3 7kYfh/8AtP8A7Jfx4+Ivi/4GfD6H4teAfivfHWZrBdTt9Ju9L1eVnMvzz5VopGcnIQ8bQShU7/1Q ooA/Mr9ij4O/tLeEvj98avi9+0ToVrpVz8Qk0m4tnsruC5t90ayFrZBHI0o+yoyQlnUBipKM6/Mf 01oooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAC iiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD//U/fyiiigAooooAKKKKACi iigAooooAKKKKACivgX9r/xd4itte0vwjbXEltpUlmLp1RiomlaR0w+PvBAgwD3OfSsT9kjxd4jX xnP4SNxJcaTcWskxiZiyQvGVw6g/dznacdcjPQV1fVXyc9zw3nkVivq3L5X8/Q/RWiiiuU9wK/Fn wLqP7Z/7SPx/+PPhfwH8dn8C6L8N/Ekmn2lq+jWd8DBNNcrGqsVRgI1gxlixOevHP7TV+BnwM+BP xL+M37UX7Uk3w++L+s/C1dK8Xstwmkx+YL0zXF6UMn72PBi2Nt6/eNAH1N8Ivi5+0/8ABf8Aa10D 9lb9onxTY/ErT/HOlXGo6PrNrZx2V1bNaJNIyTxQoq7W8h1O7dyUIk+8o/Rvw78Q/A3i7Xde8L+G Nds9U1fwtLHBqtrbzLJNZSzbjGk6A5QtsbAPXB9K/GDSfA/xB/Yh/bZ+G+r/ABP8Sr8aD8aH/wCE etdc1RJk1nSnWWKIiEPPOixZuY95GcpuAEfO/wCk/wBigj/hr79sJe/9vaIcexS+oA+5da+Onwi0 I+LIdS8X6Xb3HgaOGTWo5LlFbTxc48g3IzmMSEjbnrmvmX9gb9rI/tQ/C+TVvF+r6WfHMd1eTXek 2JCPZ2XnlLcmIs0gTbgB2JLHqa8Q+AGm6B4r/bh/a+0rWLO31bTbiPQYpre5iSeGQxWzAq8bgq21 17jqK2f+CRfhvw7a/slaT4ntdLtYdYvb/Uobi9SCNbmaKO5OxJJgN7KvYEkDtQB+oF5eWenWc+oa hPHa2trG0sssrBI440G5ndmwFVQCSScAV4T4T/ar/Zu8d+Lh4D8HfErQtY16RtkVrbX0UjTsOdsL A7ZTjtGWPX0r5N/4Kp65qtp+z74b8H2d7NpuneOPF2k6HqlxC5j22E6TyyKxH8LGJcg8EAg8cHvv jl+xj+yHc/DjQoPEMGn/AAo0/wAG3dnPZ+INNks9IvLZ42CRI99cRsG8x2XPmbi0m1s78GgD7B0v 4h+Btb8Yaz8PtI12zvPEvh5IZNR06KZWurRLhQ8TSxg7lDqwKk9QRRZfEPwLqPjXUfhvY67Zz+Kd Jt0u7vTEmU3cFvJt2SyRZ3Kjb1wSMcj1r87f2eJoZv8AgpX+0tJDMJ0l0fwy6SAgh1On2pDArwQQ Qcjjnim/Cy4hm/4Kr/G6OJwzQeDNKRwP4WK2DYP/AAFgfxoA+wLL9rT9mXUtT0PRrD4n+H7i98Sn bp0aX8LG5bzDCApDYBaRSigkbmBVcmix/a0/Zl1LU9D0bT/id4fuL3xK23To0v4mNy3mGEBSGwC0 qlFBI3MCq5Nfmr/wSa/Zy+Dut/s+23xf8T+FrDWPFjeILi4tNRuoRLcWf9nmMQCBm/1e2QM+VwSS M5wMR/8ABKD9nf4Q6p+zxD8ZfEXhGx17xeuvXN1ZXtxCstzanTtgt1t3b/VkSKz5XGSRnOBgA/UL 4jftM/s/fCPW4vDXxK8f6P4e1aUIwtLq6RZ1R/uu8YJZFbszAA+td7c/EjwBaeBm+Js/iKwHhJbc XZ1YXEbWX2c9JROpKFPcHFfz8fsXX3xY8W+CvFnxT/4Ze0/47ar431m9l1LxFqmu6XbuXbaXtEtb 2GRokQsWOMBtw/hVQPQ/C3gP4u/DP9jD9q/wp488KDwT4XkY6hoGjDV7PWBpwu5HFzaCW2kdlEPl wj94qbiSQC280Afrdqf7XX7MGj69Z+GdT+KPh+31K+SKSKJtQi+7OqvEXbO2PerqyhypIII4rwP9 sD9smz+APxE+EvgLSdd0iy/4SjXbL/hInu2DTWOhPMge4ALBY0kAdfNYEAK23B5HzhP+y38C9O/4 JbNraeDdMfXZvAUfiZtVa1jOof2jJZLf+YLojzRhzsADY8v5MbcivHPHWh6F4p+H37AOreJNMtNT vdX1TQ9PvZ7mCOWS6tIvsyrBOzqTJGAT8jEjk8cmgD949B13RvFGiWHiTw7exalpWqwRXVpdQOJI p4JlDxyIw4ZWUggjqDXlfjH9o/4C/D691vTPG3j7RtFvfDhtl1C3uryOOe3a7j86BWjJ37pY/nRQ CSvIGK9e07TtP0fT7bSdJtYrKxs40hgggRY4oooxtRERQFVVAAAAAA4FfkL4C+EHw5+Jn/BVT48a 54+0q11yTwvpWgy2FpeRpPAJrnTLJGnMTgqzRqu1cghS+cbgpAB+o/w4+Knw3+L2gf8ACUfDDxJY +JtLWQxPPYzrMscoAJSQA5R8EHawBwQcYIrz7xx+1X+zf8NfEp8G+O/iPomi62hCyWk95GJYSRkC YAnysjn95t4x61+dOpQR/s4/t6/E3SfgfYJYaX4g+F174lvtKswIrKHVrJpPImECgIrExqOB1nY/ xGu1/wCCdP7O3wT8cfslaX488eeF9O8Y+IfiHLql1reoarbx3tzNJ9tng2ebKGdMKgJ2sD5hZ85O QAfqBL4t8KweGG8azazZJ4eS2+2HUmuIxZi227/OM+7y/L287923HOa8f8B/tWfs3/E7xGvhHwF8 R9F1rWpCyxWkN2nnTFRk+SrYMuBz8m7gE9q/HX4XfCjxF8Vf2Uf2kP2VvB3iiKw0jwR47uLTw7Nq VyI7WW3t7syCzeY9FkMPmDt5r7jwTS+KfFfhTwRqPw+0z9tD9meT4T/8IrqtidP8Y+DvJis47mDJ iWSS3V/3QK+aUFxJJ8u5VyCCAftR8Uf2g/gl8FJbS3+K3jXS/DNxfLvggvLhVnlQHaXWIZkKA8bt u3PGaoa98TPC3xB+Bni7xt8I/HulRW66RqX2XxFFPFc2Wm3MVs5FxMw3qBbNiSRWBwBytfnH+0P8 IfjJ4S/a58RftHfDn4eaB8eNH1jR7OyvNAv5oHv9ISKONCbeKYttE3lFlZI5GO+RdgHJ474SeLfg NqfwF/a20f4deCNY+FfjabwxrN54h8K6mdtvZt/Z10EayiCRiOMFyGXy0IBQbdmygD1/4sfHX4q/ DTwj+yi1t8TbTXk8Y+KtPsPEeu2SW5sdWsZJ4xMwd4wscZRmBZAhHJyMV93fD79pj9n74reIZvCX w4+IOjeIdZgDMbS0vI5JnVBlmjXOZFUdWTcB61+JvxD8H6H8Qv2WP2GfAfiZiukeIvEFnp95htjG 3upVikUN/CSrEA9ic19Mf8FI/hJ8NPgn8Lfh98Y/g/4b0/wl4x8F+J9Lh0qXSraK0eZGEjfZn8tQ JBmMMN+ejDozAgH3NpmseLT+1r4g0eX4mabd+H4fCyzReC0Ef9pWtz58A/tF/k3+SQWTlyMyDjpj 4S+D3xy+N/xS/wCCfVt8Std+Mlh4D8YT69NbN4n1mK2it1gjn2iAqIfKBccKdmfevT/C3/KWfx7/ ANkwj/8AS2xr8zpP+UNEX/Y3n/0qNAH6t/Gj9uHw98Mf2v8AwH8Eb3xRomleEGtL+48UXdzIomtL lbWV7O3kkZtsIdvKfldzblAIBIP3B4P+Jnw++IF5rWn+CPENlrl14cuTZ6lFaTLK9ncqWUxTKpyj ZVhg9wfSvzQ+PHgLwNrP/BT34H2Wr+HdNvrfWvD+tTX8c9pDKl3LDa3QjedWUiRkCKFL5I2jHQU7 UL/Tv2TP+CjGo63qcq6Z4C+POgTXk8h+SCHWNFjMsrH38tWY+r3NAH6Z2PxF8Can431H4a6fr9nc +KtIt0urzTI5la7t4JdpSSSIHcqsHUgkc7h618x/t3/tIp+zZ+z/AOIPEeg61Zab44v7fytAguSj SzzGeCGeSGF+JWto5vNIIZRgbgVyD45/wTe0PU/G2kfEf9rfxVbtFrHxl164uLNZOWh0ewd4bWIE 8gK29PdUQ88V0H/BU/w/oOpfsVePdc1DTba61LSBphsrmWFHntTPqtkkvkyMC0fmL8r7SNw4ORQB d/Yy8YXOmfBnV/i/8WP2gbP4lafdraSXt3P9ms7HQLpYfOubQzK+0n9/GG3BPurhBuxX0n8N/wBp j4AfF/WJfD3wz8faR4h1WFWc2lrdIbgon3nSM4Z1HdlBA9a/Ln9obwL4S1zxd+x3+z7NpVto3w+8 aTHVdZsrKNLS31O9tLO02CdYgoZmDFCx+YiTqCAa63/gpn8Kvhp8F/hN4P8Ajz8KNA0/wb418E+I tNGm3Ok20Vk0qNvJt3WFVEijYGAYHAVgPlZgQD9GvGv7TH7P/wAONQ1bSfHXxA0bRL/Q5LaG+trm 7RJ4JLyPzYFeLO/Mkfzrx93LdBmvXND13RfE+jWXiLw5fwappWpQpcWt1ayLNBPDINySRyISrKwO QQcGvx18I/A74afGn/gqN8e7n4peHrTxHZaFo2iPBZX8YmgWe606xTzGjOVZkRWAzkAtkcgEfsZo mi6T4b0aw8O6DaR2GmaXbxWtrbxLtjhggQJHGijoqqAAOwFAHlXxO/aL+BXwZuYrH4peOtJ8N3k6 eYltdXSLctGTgOIATIVzxu24966LwT8Xvhf8SPCc/jrwH4p07XtAtQ5nvLS4SWKHyl3uJSDmMqvJ DAEDnGK/JvUfFXwpj/al+LWofBP4H63+0T48nvI7TXb7VpLGPR9JuIA0X2OzuLi3YRKuzy23jJ8o BWZVJPE/sYwa3ovxO/bC8P6t4XtvAUh0mK5n8O2FzHc2enzvb3TGOJ4cRHbvP3AFXO0cAUAfqVqn 7ZP7KuijS21P4q+HoV1lBLan7fEweMsyByVJCIWVhufaMg816/4o+Jfw+8E+Gbfxp4s8RWGlaBdt AkN/PcIltIbn/U7JSdreZn5SDz2r8v8A/gm5+zB8BvFf7Fekav4q8J6b4gv/AB7/AGkdUubu3jmn xFdz2kcUUrKXiEaRArsIIclxyc18J69rOsat/wAEo9d8NarfS3em+FfiD/Yul3c7+Zu06GSN42U/ 3FaV1A6ADAwAAAD959G/am/Zy8Q+Oh8M9D+I+h33idpTbrYxXsbSSTglTFGQdryAgjYrFs9q98r8 p/22v2YPgT8OP2ItZn8FeHbLQNR+HltY3mjavaxJDqCXUNxCgka6jAkd59xDksdzMG+8FI/Qr4Je INa8WfBnwF4q8SKyavrOgaXe3iv94XNxaxySg++9jmgD5Y+D3xd+IviX9u348/CbXNZe68J+EdP0 KbS7AxxKltJd2cEkzB1QSNvd2Pzs2M8YFexeKv2xf2WvBPiCXwt4o+KGg2WqwSGGaA3iSNDIDgpK YywjIPUORjvXxN4C1PRNF/b1/bA1jxLqkuh6RY+GNGnvL+A7ZbS3j0qBpZ4ztfDxoCy/K3IHB6V8 0/DmTwrq/wAANU8Gfs4fsm3XjLwPeW2oE+MPGN1pthc3CMZN92ZWg3SGHkR+S4KbAB8wNAH7d6z8 YPhX4eg8N3WteLNMtLfxjNHb6NK91H5WoSzbfLS2cHbIX3Lt2k5yMVs+OPH3gr4Z+HZ/F3xB1y08 PaLbMiSXl9MsEKtKwRFLsQMsxAAr8Lvht8KtV+Nf/BISyXTHkl8ReA7zUte0WRSTLFJpl7PK6Rnr loGlVAP4ivoK9M8c/FeD9vDxN+y38H7DbPpetW6eOfGEScxIul77drd8fwPcxXEOD3aNsDggA/Vz 4j/HX4OfCDTLPWPid4x0zw3a6kC1qby4SN7hQASYY875AARnapxkZ6iug8AfEv4ffFTQF8U/DfxF Y+JdJLmM3NhOk8ayLyUcoTtcAglWwRkcV+Haat8SvHH7e/xx8XWvwMg+O174NltNHsLTUdXsdOg0 a0AcRvHBexyJKZ/LZgyrlCXJOZK92/ZP8AfG7wj+2T4o8ZXXwht/g34J8YaDjUtCtdd03UYBqEDh oLtILVo3jDjeoCw7QWc5+bAAPv8Asf2tP2ZdS1PQ9G0/4neH7i98Stt06NL+Jjct5hhAUhsAtKpR QSNzAquTX0N05Nfij/wSW/Zy+Dut/AC0+L/ifwtYax4sbxDPcWmo3UIluLP+zzGIBAzf6vbIGfK4 JJGc4GP1U+PWpeDtI+C3je++IWr3WheGl0i8TUL2xIW7htpIijm3JV8SkNiP5SdxGOcUAefax+2f +yjoGvnwxq3xW8PQaikhhdPt0bpHIpwyySoTGhB4O5hjvXtnib4geBvBnhOTx54s8QWGkeHIo0lb Ubm5jitdkuPLYSsQp35GzB+YkAZyK/Bh5NK1z9kvXPC3wS/ZLll+H8Og39ynjPxVdadZagYI4ZJT qh/ciSaZQPMQxSbeFVPkwK7ex+Dfj74/f8E4/wBnz/hDLvTdU17wrqY1GDQ9cnWOz1pLS7uYEs28 xkDkLtQIWVTGWXcpINAH65/DL9pH4DfGXUJtI+F/jvSfEeoW6NI9ra3Km4EanBfyWw5QEjLBccjn kV2vgb4leAPiZZ32ofD7xBZeIbfTLp7K6eymWYQXUYDPFJtPyuoYEg881+N3gvx/8OLX9qD4Wt+0 d+z9e/An4jxXb2Gh6topjj0bU7q4CwCKcwRosi/P5S7XlCiTDsEYEekaB4s0j9iz9uD4waN4iY2n gT4n+H7jxzYgfdF/pkcs99FH2DuFuXwOcCIYPFAH6S6z8e/gt4efxRHrnjbSbJvBX2Ya2JbuNf7O N46x24uef3fmOyqu7qTisKD9qH9nS58dRfDO3+JGgy+J5pVgSxW/hMrTs20QAhtvnFjgRZ35425r 8YNb8Ea1D/wSv+M/x58ax48WfGrWbDxHeMR8y2r65araRj/YwXlj9FlA9q7z9s39mr4MfDL/AIJz +G/EXg7wrYaZ4i0OPQLpdWgt401Cae8Ma3DzXIHmv5hkLEFsAhcABVAAP1ls/wBp/wDZ31D4gD4V 2PxF0S48WNMbYael7E0puASpgBB2mYMCpjB354xmun8X/Gv4Q/D/AFifQPHXjLSfD+o22njVZIL+ 8it3SwMvkC4IkYfuzKPLB7t8o5r8lf2+PgB8Ivg1+yN8Pde+HPhfT9D13wxrehC31S1t44r6RnRv Maa4UCSQyOBIxdjlwD1Fdv8AHv4WeCfi5/wVZ+Gvh74g6XDrWj2PgEag1lcoJLeeW3vdR8oSxtw6 B2DFGyrYwwIyCAfoToX7Uf7OfiXwhqvj3RfiPoVx4f0No1v7z7dEkdq0xKxCbeylDIQRGGA3kYXN dX8L/jT8KPjTplzrHwp8Vaf4otbJ1juGsplkaF2BKiVOHTcASu4DODjODX5Nj9mv4K3X/BVSbwm3 hPTk8NReD08RnR1to1019QSQWqyNaqoiOA5fBUjzPm610XgvTdL+CX7f37Q1r8LtKg0exg+HI1uP TbKJIbY30C2zKyQqAgLMzHAAGXY9zQB+ivjv9qX9nP4Y+Jf+EO8f/EXRND1sFQ9pcXkayxbxuXzl BPlZHI37eMHvXkP7bH7VNn+z1+zpffEnwLrGk3XiPVo4B4eS4kE8N8JZoUllgWNx5wihlMo2sV4B OVyD+VP7G2n/ABM1T4GT+Jbf9k3T/jU3jq71C51HxRqniLSorjUJGuJI5E8m7hkmgEbKRjcNz5lH 3hVPxd8MPiH4E/4JqfF7w18WvC0GkL4b8TWs/heGW/stYm0uyv8AUbTzrWK6tnkKFX3h87GcsxK4 OAAftl4R/aa+CeqfD3wv4y1P4gaKtvr4W1S6a8hjhmv4oVe4hViQoePOWXjaK8a+L/x+8J/E7wN4 e1f9nz47+HPC4tfFenWeo30s8MyXMUkdwTpoV0crLclN8Rwu4RsVbGa+OP25fhX4K1rwl+yb8MLP SbXStD8T+KtMs7uCyiW1Rlv0top2xCF+dlY5Yck85rsv+Chfwi+GHwh+Dfwx0r4X+F9P8L2d/wDF Dw9NcRafAkCSyJaXkYdgoGTtUDPfknkkkA/T/wCI/wAXPhf8INJj1z4o+KtN8L2U5ZYX1C5jgMzI AWWJWIaRgCCVQE+1Hw2+Lfwy+MOiv4h+F3iew8T6fC/lyy2M6zeVJjOyRQd0bEcgMAcc9K/NzQ/C fhn46f8ABTv4n2PxY0+LX7D4YeHtLj0HTNRVbi0ia9ht5prlYHDRlg0rYJB5YE/MqlfqT4a/s/fs 8/B79pTxN4u+HGtw+H/Fni3SYvtnhG0urOCz+zxuuL6PTUQTKS8ZHmAhMtJxljQB9d3d3aafazX1 /MltbW6NJLLIwRI0QZZmZsAAAZJPAFfNlh+2h+yhqfiSHwnp/wAVvD0+p3DiKNFvozG8jHCqs2fK LE8AB8k9KwP26NS+Eunfsx+Lo/jdq2raT4SvVt4Lk6G0a6lcuZlaO2g85HTMrKAwYBdm7cQua/IP 9p6TVPEP7Iup2/hz9kuD4b+CtBttPkt/E2q3Njbapbr9ohjjdbZYUuXluCwSQl23B2Lc80Af0Ca/ 8Q/A3hXxFoPhLxJrtnputeKXlj0qznmWOa9eAKZVgQnLlA65A6ZFHiX4h+BvBuraFoPivXbPSdR8 T3BtNLt7mZY5L24G3MUKsQXb5l4HPIr8mPiVfXWo/Fv/AIJ76nqEzT3F3p9zLLK5LM8kmnaaWYk8 kknJPqa9V/bxuIV/aT/ZEtGcCWTxlM6r3Ko9kGP4Fh+dAHVfCT9uPw58RP2vviB8GrnxToa+FdLh 0218MtBIvm6pfTRh7oLKWPmyI5MexAANvILZNcR+yV+2v4eg+H3jrWP2n/iZp9lqFr471nStL/tC SC2m+wWsVoY444oVVmSNpWy5U4z8zdKyP2cvAPgWD/gpB+0bFD4c02NNDtvD0+nqtnCBZzS2cTSS W4CfundiSzJgkkk8157/AME2v2d/g38QNI+M3xC+IPhHS/FGp3PjbVtGQ6naR3iw2sCRTFY1mVlQ u1w25lAYgAE4AoA/Ynwr4t8L+OdAs/FfgzV7TXNGv1L295ZTJcW8qglSUkjJU4YEHB4IIPIrxdP2 uP2YpPGA8BR/FDw+2umb7OLYX8XM+7Z5XmbvL8zd8uzduzxjNfi74e8Ra58Hf2IP2wfDXw+mmsLH w948u9GsRG5P2SyvLy3sZgpJJAaD5MjkE7s55rp7T4XfEvWv2WLb4W6Z+xZpZsLzQ0eDxOfFWjLe m4kgDpqplaJZQxYiUqZQu392SE4oA/dHxb8RfAfgO40m08a6/ZaHLrtx9lsFvJ0h+0z4z5ce8jc2 OcV534H/AGoP2d/iV4pbwT4B+Iuia7ro3bbS1vY5JJdg3N5ODiUAcnyy2ACe1fjr8fPA3jXxf8Af 2Mvhd8eomGs6l4uttB1RRdQ3TNaNcizjP2i1kkRy1rsO5XJyfmO7Ne7/ALfHwa+Fvwm1P9nnxz8L vC2m+EtY0/x/o+mpPpVrFZs1rITJskMIXzAGhGN+SMtj7zZAPcPFf7cfhzw9+23pvwFvPFOh6f4J tdEmfUbqSRRMNfa4aFLGSVm2oyKqkRhQxL8kjAr3n4K6v4rv/jP8ZLHXfiXpvjHTbG905dP0KzEf 2rw4jLcb4rvYitunwpXczf6tsY5z8ceKPAPgW/8A+Csmi2V94c024t7r4fPqU0clnC6SX3264/0l 1KENNwP3h+bgc14lB4x8QeAfEf8AwUT8WeFZZbfVrJNIFvPAxSWB5ob+LzkYYKtEHLgjkFcjmgD9 T9Y/a1/Zk8P+Lf8AhBdZ+KHh+011ZTA9s+oQ5imVthilcNsjcNwVdlYHtXpvjz4m/Dv4XaEPE3xG 8S6f4a0pmCJc6hcx28buwyFQuRvYjkKuTjtX5+fA39jv9mTxV+wx4W0jxZ4f02OPxR4YtdX1PxA8 UC6hb3d5arczXa3sqFozAzHaWO1UXawK7gfE/jW/7L3hLxR8BPCei2fiL9o/xH4W0WdPC2hWVzY6 npt3YqZIftl9IkBjkKmEqrR5UfZwXUBcsAfpx8Nf2lfgH8Ybi8svhn470rxBdafG008FvcL56RL9 6Tym2uUHdgNo456V8sfszftvaD8bv2hfin8NdQ8TaI2m6be2dp4OgtJF83VIEiupbudHLMZ22xqz bMKigYHUn4Zjk8Zf8PDvgL4j8T/Bew+CE2tx6nbCxsr60upNRthazK0l0lmkaIfnKAOu5hwchRX0 v+w14E8EWf7Wn7U1xZ+HtOgl8O+IdOj0x47SFWsY5UvVkW2IUGFXXhgmARwaAPrr9k/xLr0/wNHi H4jfFTSPidPb3V48/iLT2ijsRBGc7GZEiRfJGdxIGO5rqPB37WH7NXxA8Up4J8GfErQtX1yZ/Lht YL2MvO+M7YckCU4HSMtX4D+HNS1SX/gmp8M/AEd7Lpuh+OvicNH1i4ifZ/oUjPIY2PTBZA/PH7vo a/TH9vT9mD4BeFf2PPEmseEvCWmeFdT8BW1teaPqGn26W13BNDPEiqbhAJH83O1t7MWYhyd4DAA/ Qfxb8Xfhd4B1aDQvHHivTNAv7m1nvo4b66jt2a1tQWmmHmEDZGASzdBXO/DP9on4GfGTULvSfhb4 50rxLfWKl5rezuUeZUB2mTy+GKZIG8AryOeRX5GeP/D+m/tJ/tK/sUwfFyzXVofFXgv+19UgnUGO 5ni09tQIkUcFJJYxuUjBUlSMZFex/HD4aeA/hN/wUK/Zm1z4ZaDZeFpvEi63Z36aZbx2cVxFb2wC eZHCFRjtmYEkZICgn5VwAfrtXgHxD/aq/Zx+E+tP4b+IfxF0bRdWi2+ZZy3StcxbhlfMij3OmRyN wHHPSvfiQoLMcAdTX4S/CXxJ8ONQ1Lx6v7Ln7N+qftAQ+INbvZdR8WeLJ9Nt7e6upSDLHDcXNttN uCfMCEI53ksBkYAP2Zh+LXwxufh+/wAVrbxVps/g6OEzvq8d1G9ksSnazGZSVG08HJyDwea821P9 rr9mDR9es/DOp/FHw/b6lfJFJFE2oRfdnVXiLtnbHvV1ZQ5UkEEcV+LfwEF9Y/8ABO39rDw9c2y6 dHpeu6jGljFN58No2y3V4opOjKpUKGH3sZ719Mz/ALLfwL07/gls2tp4N0x9dm8BR+Jm1VrWM6h/ aMlkt/5guiPNGHOwANjy/kxtyKAP1o8aeP8AwR8OfDVx4y8ea7ZaBodsFMl5ezpDAC/3QHYgFmPC qMljwATX51/Gr9sTTPEfxZ/Z5039nb4iWWq6D4q8VNpviCLT3guDJATb7IpldWlhyGfBGwnnBOOP lDQ7dfjZ45/Yc+DvxR36p4MuPCMusT2lw2621C+sbKXyUmQ5EnlLAmQwOUdl/jbPsP7X3wR+Fnw+ /a7/AGW/HPgTQrHw5qes+KEsryGwgjto7mO2lt3ikaKJVXfHvKlsZIZQchRgA/ZCiiigAooooAKK KKACiiigAooooAKKKKACiiigAooooAKKKKAP/9X9/KKKKACiiigAooooAKKKKACiiigAooooA4Px 58NfCHxJsYbHxVZ+f9mJaGVGMcsRbG7aw7HAyDkHA4yBVbwB8K/Bfw0hnj8LWZjlusebPKxklcDo Cx6D2AAzzXotFVzu3LfQw+rU+f2nKubv1CiiipNwr8trv/gn/wDGvRPir8Q/iX8Iv2ibvwGnxF1a XVbyyttAjuAC8kkkaNK96u/y/NYBgi5z0r9Sa/Lb9n/9s3RtE8ZfHq1/aR+I9jplh4c8fano2gRa g8Fu8dlbTSIsMKRqskqxgKGYhiONzc0Ad98Kv2DJ9A+L2k/HP47fFLWPi94s8OIV0k38S2lnZMwI MiW4km+YZJUB1UN8xVmAIh+Iv7E3xFPx08RfHb9nT4w3Xwu1PxtFDFrtqdLh1S3uGiQIJY0mdFVs DI3KWDsxV1DFa+rPFXjzQ/GXwM8UeOPhf430y0tZtE1KWw8RxzRXFhYyx28m27kcb0KW7jfICDja QR1Fch8K/il4d8KfCH4eSfFf4m6P4g1jxJEtvb62k8UFtrN1kktbcIp47ADp0oA8x/Zb/Yui/Zp8 f+P/AB0/ji88ZS+P4bD7V/aFuFuRdW6u11PJcCVvN+0TSO4XYvlqQm58biz9kb9kbxn+ylqGteH7 T4mzeJvh1c+e+maDcadHDJYzzyo/mm7WVmkIRSjAIqsTvAU8H27wP+1B+zv8SvFLeCfAPxF0TXdd G7baWt7HJJLsG5vJwcSgDk+WWwAT2rpvih8bPhL8FdPtdU+K/izT/C9vfMyW/wBtnWN52TBYRR8u +3I3bQcZGcZFAGP+0F8B/BH7SPwt1X4U+PkkXT9R2SRXEBUXFrcwndFPCzBgGU8HIIZSyngmvieb 9gX4wfEN/D/hL9o34+X/AMQ/hz4angnj0NNKh0+S+Nt/q1vbpJXklAHDF97sMkMjfNXR+Df2ldT+ I37fNp4C8BeNLbxB8MLzwE2rQw2LW89s9+t6YWlEyKZN6gbWQvgHgrmvUP2dfipbeE/gBbeMfjh8 ZtC8dB9TmtT4ltpYYLB3kcLDbBlSNPMU/Ljbkk0AcX8Yv2LvG2v/AB1n/aK/Z8+Klx8LPF2r2EWm 6sP7Nh1O1vIIVSNG8qV0VWVI0GGVwSildhyTe/Zw/YjuvgH8aPE3xs1b4jX3jjWPF+kiy1JtQtFj mlvGmjmkuRKsrBYz5YRIAnyLgbzivd7P9qj9m/UPHI+Gll8SdCn8TGb7MLJL6Iu1wGKeSrZ2GXcN vlht2eMZr0X4hfEz4ffCfw8/iz4leIbHw1pCOsX2m+nWFGkYErGm45dyASFUEkAnHBoA8Z/ZG/Zw /wCGWPgxa/CH/hIf+En+zXd1dfbfsn2Ld9pbdt8rzpsbemd/PoKX9kX9nH/hlb4M2nwj/wCEh/4S f7LeXV39t+yfYt32l923yvOnxt6Z38+grqfCX7Tn7PfjybRbXwf8QtF1a48Qzy21hDBeRtNcTwIs kkSxZ3h1R1YqQDgg45r3SgD81bv9hb4o/Drxf4o1z9k/41XPwu0LxndPeahok2k2+q2kNzLnzJbM ysvkcYChV3AADftVVXqfCn7Afhbwd+zX4/8AgXpnim5uvEPxMEkut+J7238+4uLuRt3mGDzV+Rfm KoZScszFySa1NM+K3jL4y/tp6j8NvBGry6d4B+DFisviE2xGNV1rUlIt7ORsHEVugdyFIJkRlYEY x8leD9T/AGy/2jv2jPj14N8AfHR/AeifDXXUs7W2bRrO+VoLqS5EaqzKjDyxb4yxYnd145AP0Zvf gH9r/ZUH7Mn9u7MeEI/Cv9rfZc/6uxFl9p+zeb3xv8vzf9nf3r57+Iv7CF14w+BPwj+F/h34gzeH /FPwbmtLnSdfisFkV57VQN7WjTfLllRl/ettK87gSK8X1j4zftdfsU+P/CX/AA0/4r0/4n/Cjxhf ppcmu2+nx2N9pN1IpMe+OBUUocFznzSyK+0qwCt0H7Wvjr9ozVf2yvhf+zp8FfiQ/wAPbPxhoN5e TTiwtr5BPaC7mLFJl3HckATAcAZzjrkA/SfwDo3ifw74K0TQvGmu/wDCT67YWkUN7qn2dbT7bOi4 eYwIzLGXPJUEjPT0r8abn4RfET4mf8FNPjzq/wAJviJcfDfxV4b03QJIL2Ozi1C3uIbjTLJJbe5t piqujFVYEkhWUNtJAI7n42af/wAFDv2Uvh/ffHE/G3T/AImaN4aaGXUtHvtDtrLzLaSVYyyPCC5K lgWCyRkLkgkjafvXwv8AEz4Caf8ADrSv2qvEMWh+Bz4+0nTby81a7Fva3Uyz26PDbT3ZVJJ2iXCI pJ4X5RgUAcd+zn+yWnwh8ReK/ih8TvFU3xM+JfjdBb6nrd5bJbILJQuLSC2VnSOH5F3AHBCoAqqo FeHaZ+wb8X/hbca54b/Zq+PmofDz4f8AiK5luZdFk0m31KSxacfvPsN1LIjxZ6KUCsowSzuA1fbn wv8Aj38GPjUt0fhT4z0zxPJZANcRWVwrzQqxwGki4kVSeASoB7GvzN1DXf2u/jl+2d8ZPg98MfjS /wAPtB8CLp09tCdJtL9Sl1bxFkBdVcfOWbLM3XFAH01J/wAE9Pgqf2XLv9mGGa7S2vbldUm1okPf yawuP9ObPykkDy9nA8v5c5+evK7r9gb41/EyDQvBv7Sfx/vPH3w/8PXcN0mjw6Pb2Et6bcERi6u1 keRhzht/mEgnDK2GHnHj/wCJX7aH7EfjXwDr3xm+I1h8Wvhv4u1iDRb0tpkOm3llLOGIeMwJkkIG cZdw2wqVXIav2PoA/Pz4s/sXeNr/AON9/wDtEfs4fFCb4WeLtdtIbPWIjp0Op2N+kAREcwysFRgk aA5VwSuRtJYtL8Pv2GD4a8H/ABfPjbx/d+MfiL8Z9IutI1XxLdWUcKwQz2r20Yhs45MBYw4JXzQG CIo2AV9GftE/H7wf+zP8Mbz4r+OrO/v9Jsri3t3i02OKW4L3LiNCFmlhTAJ5y446A17lQB+a3xC/ 4J223xD+Bnwf+CV38QrnTIvhVN5rajZ2AS5veMZiBuCLVweVfMuD2q3o37DnxK8X+P8Awp4q/ag+ M938VdG8BXC3ejaR/ZNvpdu11EQYp70xO/nsuOQwLHu5UsrfoB4o8UeHPBXh++8V+LtSg0jR9MjM t1d3LiOGGMHBZ3bgDnqa8SuP2u/2YLXxJZ+Ebj4o+H01a/WJoYTfxYPnqrRBnzsQurKVVmBORgc0 AZOlfs2/2Z+1nr/7Uf8AwkXmf254XXw3/ZH2THlbZ4JvtH2nzju/1ONnlD72d3GD8zN/wTjDfsaJ +yP/AMLC+7rH9q/21/ZP/TUy+V9k+1++N3ne+O1foD41+J3w7+HB00eP/Elh4dGrytBaG/uEt1nk Rd7KhkIBIXk88Dmvkr4v/H7wn8TvA3h7V/2fPjv4c8Li18V6dZ6jfSzwzJcxSR3BOmhXRystyU3x HC7hGxVsZoA0f2nf2SPFHxr+JHgj4y/DD4jT/Dbxt4IhurW3vUsI9RR7e7Uq48p5IwGAdxk7gwbG AQDXx9/wU71X4dfGPw34H/Zz8L65b+IPjQPEtjZW9rZH9/a/aYGS6kukXd5MDo6Oyls/dblVYj9a PDXxJ8A+Mte1/wALeFfEFlquseFpVg1W0t5lknspXLBVnQHKFijYz1wa8/sdN/Zxtvjvfvp9j4dT 4vTWIvLqSOG3/ts2QVYRK7hfOCFSqE55XaDkYoA9B+G/gTRfhh4A8OfDrw4mzTPDWn22n2/GCyW0 YjDNj+JsbmPckmvNv2ofgb/w0l8CvE/wV/tv/hHf+EjFmPt/2b7X5P2S8hu/9T5kO7d5O374xnPO MHC1j9s/9lHQNfPhjVvit4eg1FJDC6fbo3SORThlklQmNCDwdzDHevF/23P2xLb9nrRPANv4N13S Bqvi7XNNS4Ny6zNFoE5kM99CoYKU+QIJDuQbicZwQAekfHX9kLwv8dPhV4R8Dajrd1oXiPwD9lm0 LxFYIEurK8tY0jEqpuzscorNGJFOVUhwVBrx7Tv2HfiP4+8Z+GPE37V/xkufitpfgy5F3pmix6Tb 6RZPcxjEc90Ldz5zDrhhn+EsUZlb7OvvjT8I9M+H1v8AFfUvGGlWvg67VWh1aW7iSzlDEqoSViFY sQQACSSMAVS+F/x6+DPxqS6b4U+MtM8TvYgNcRWVwrzQqxwrSRcOqkjAJUA9jQB554C/Zw/4Qj9p z4m/tG/8JD9t/wCFjWmmWv8AZf2Ty/sf9nW8UG77R5zeb5nlbseUm3OMnGT9PUVx/wAQtSvtF8A+ JdY0yXyLyx0y8nhkABKSxQuyNhgQcEA4IxQB8Cy/sO/GHwH8U/G/jj9mz43y/DvR/iLfPqOq6bPo ltqwjupWd3kt3ncBfmkbaAqlQQCzBVwz4dfsTH9mib4x/Eqx8f33iyHxt4Zuo76DVLZWvH1COFpJ LtrxZcMJHaU+WYcjeBvO35vRf2LvjzfeI/2J/CHxx+PniqBbiZdTfUtX1BobSILDqlzbRFyojjXC IiDAGTjqx5+nLz4o/CW7+Gr/ABJ1TxJpTeBb2BmbUrmeIadLA5MZzJIQjK5yoHO7oM5oA/F79iD9 lz4++OP2SPDuq/Cz4833gPwx47Gpf2tpH9lQXpieK+uLN3sblpEltzLFCu4IVO/LbjkAerf8FB/g v4J/Z/8A+CdNt8KfAEDQ6Vo+q6YPMkO6a4mklZpZ5W7ySOSxwAB91QFAA/RP4FfF39mXxhp3/CD/ ALPPiDw9NZ6KsjrpOiGC3W3jeQs7paRhNqNIxJZU2lmznJ56Yar8Dvj5a674KnbQ/H1t4dvRbarp 1xHBqEdpewswCTwSh1SRWVsblyCDjoaAPh24/YA+KPjCDQ/ht8YfjvqXjP4P+HLiCWDw8+mw2l1d Q2pzBb3uoRP5kyIAAWYEnGVEbBSv6cWlpa2FrDY2USwW9uixxxoAqIiDCqoHAAAwBXKWPxF8Can4 31H4a6fr9nc+KtIt0urzTI5la7t4JdpSSSIHcqsHUgkc7h612dAHxkf2OdD1L4v/ABv+JHibX31D SfjZo1tot1pcdr5EllDBZpaO6XXmvvZgu5f3S7CR97GT4D4Q/YG+O2g+B0+Beo/tF6i/wijEkB0m y0a1tdRksZnZntf7RZ5JY0bcQcBgVJXYFO0fVPxp1fxbYfGj4N2GhfEvTPB2mX15qI1DQrzy/tXi JEWDy4rTcjNugJYttZf9YM54x7b4K+I/gL4j2+o3XgPX7PXotIu5LC8azmWUW93EAXhk2k7XUMMg 80AfLPwO+H/gL9gP9n5fBPxT+IllceG4NTumttR1C3XTkVb0GUWrKZphJJlZGBBXcDgIMc/J3/BK X4KeG9Jm+J/7Qfh20mg8PeKNYvNK8J/aVKyLoNtcvLuXIHyyuUUj+9Cfx/R+O/8A2fv2nvBF0iy6 D8SfClnebJw3kahZxXluofDbtyLIiyA+oVvQ18UfHT9u34VfCnUfgt4R+B3irwv/AMIt4g1yztdW ltXiaDTdAhnWKR4VjZYoYztkj3lSECMFAIyAD1L4wfsaeI9c+Ms/7RH7PXxIufhV481K1W01V1sI dSsNTijCqhmtpWVQ4CqCx3j5VIUOCx1v2cP2O5fhB8QfEfxw+KHja6+JfxP8UQC0uNXubZLOKC1G 391b26M6pny0BOcbVAVUBYNzP7SPxx1r4NeKvhP+0l4f8Sf2t8H/ABHNBoev20brLZLa6oPOstYg YA48sg+YwJDoVUDJzX6AqysoZTkHkEdCKAPmP9kX9nH/AIZW+DNp8I/+Eh/4Sf7LeXV39t+yfYt3 2l923yvOnxt6Z38+gr1L4x/Czw78bPhf4k+FPitpY9L8S2j2sskJAliJIZJEyCN0bqrDIIJHIIrn fib+0j8Bvg1qVvovxR8d6T4c1G6QSR2t1cqLgxsdokMS5dUJBAYgKcHng16P4Q8aeEPiB4ftvFfg bWrPX9GvATDeWM6XED7ThgHjJGVPBHUHg80Afm1pP7A3x3vvh7B8CviD+0ZqOpfCyytlsYtK07Rb WxvJbOJQIbeW+Lyy+UmADGdwZPkyBjHR3H/BOyxv/wBmfwJ8DL7x9PF4m+GOoT6l4e8U2Vh9mmtJ prh7kBrY3Em5QzjpMpJRCCMHP0+n7XH7MUnjAeAo/ih4fbXTN9nFsL+Lmfds8rzN3l+Zu+XZu3Z4 xmvcPEPiPw/4R0S88S+KtSttH0nT4zLc3d3KkEEMY6tJI5CqPcmgD8/PDH7EvxU8T/Evwb8Rv2of jPcfE1Ph7ci90XTINJt9KtkvEKNHPO0LHzWBRWwVDZA+fbuVvmr/AIKRr8LP2n/Hvwn/AGf/AIca 1Dq3xNj8Sz6ddrYt5r6VpkkZTUjd7QdhQxo+0nO1H4x1/UH4b/tLfAH4v6zN4d+Gfj7SPEWqwKzt aWt0jTlE+86RkhnQZ5ZQVHrXJ6n4h/ZF+DvxC8T+KtWuvCXhHxt9mS81m9l+yWmotb3LqqvNKQsh Ez7eMne2OCcUASftA/s26T8af2atT/Zs0HUx4S0y7tdMs7W5W2+1rawaXc288aCHzIdwK24j++MZ zzjBxv2h/wBl7/hfX7Nafs8f8JL/AGFsi0yL+0/sf2r/AJBzRtn7P50X+s2f89Plz3xXb2X7Un7O eo+BLn4m2fxH0J/DFnMtvPfG+iWOK4ddyQuGIZZWUErGRvI5AIrtPh18Xvhh8W/Dsviz4aeJ7DxH pEDtHNcWc6yLC6jcVlGcxsFIOHAOOelAHjf7Uv7Mo/aV+Ddh8JP+Ek/4Rz7FfWF79t+x/bN32IMN nledDjfnrvOPQ1c1j9m/+1v2t9C/am/4SHyv7F8Mv4c/sj7Ju83fPPN9o+1ecNuPP27PKP3c7ucC 9ov7YP7LniLxSngvRPil4fvNYmlEEUKX8WJZWO1UikJ8uRieAEYknp2r6QoA+YYv2cPK/a3m/am/ 4SHPm+GB4c/sj7J0xOs32j7V53tt2eV77u1M0P8AZri0j9qvxZ+0zPrwu4/FPh6HQG0ZrMBYlieF jKbgytvDCHGzyh977xxz6l8S/jV8JPg3ZwX3xT8X6Z4Xiu93kC/uUhkm2fe8qMne+O+1Tiovhd8c fhD8a7K5v/hR4u07xPFZFRcCynV5IS33fMj4dA2DgsoBwcdKAPha2/YL+MPwtufEGifst/Hm9+HH gjxLcyXUuiT6TBqYsZJvvmzuJJEeIYwqhQjbQNzswDV6BY/8E+fhrpH7JPiT9lfSdZu4h4qkW9v9 dlRZbufUo5op0uHjyAUVoEXygw+QEb97Fz9kfErVb/Qvhz4q1vSpTb3un6VfXEEgAYpLFA7o2GBB wwBwQR61+afwz+L/AMYfiL+xD8FfiTq/xf0/wR4p17xIYtS1fV47eNdUt473UIf7OjURGMSypHHt 2qpxGeeuQD02D9iT4ja5oXwfsPid8XW8T6j8IvFVt4gtrttGSFrmztPI8qwIW5G3b5J/fnex38od uT7t+1R+zf8A8NM+FfCXhn/hIf8AhG/+EW8TWHiLzfsn2zz/ALDHPH9n2+dDs3+dnflsY+6c8eB+ K/24/Dnh79tvTfgLeeKdD0/wTa6JM+o3UkiiYa+1w0KWMkrNtRkVVIjChiX5JGBR8JP24/DnxE/a ++IHwaufFOhr4V0uHTbXwy0Ei+bql9NGHugspY+bIjkx7EAA28gtk0Ad78dv2QdY8efFjT/2g/gl 4/ufhb8SrOz/ALOub6Kyi1C01GzHKx3VrKyK5HygMxYYVfkJRCt79nH9kq/+EXjzxF8avin45uvi Z8TfE9sljPq9xbpZw29khVvs9tbRsyopZELEED5RtVPm3ct/wT7+MHxC+L/wz+IPiH4n622sXei+ NtY0y2mljihENjbQ2zxxfukRcIXY5IJ55Ne5aH+1r+zL4l8Xp4D0D4naBfa7NIIYraK/iYyyk4Ec T52SOSMBUYkntQA39qT9nPw1+1L8H9R+E/iW+l0pbiWG6tb2BRI9rdQEmOTy2IDrgsrLkZVjgqcE fHPjL9gX49fGnwJL8PPj9+0bqHiPRbWHGn21lolrYx/aoxi3uL5kk8y7WPqYmZSWAbzA3NfqdXA/ ET4p/Df4SaIPEfxN8S2HhjTXfy0mv7hIFkk67IwxBdsc7VBOOcUAfIfxW/Yel+Jnwf8AhP4Ng8e3 Gg+Ovg3DaJoniazswv7y2ihiZntDMcCQQRsQJuGUHJXKnz+0/YB+JfiX4q+APjd8aPjje+NvFfgb VLa9jV9IhtbE2luwkNtBBBMiwvI4y8+GLAAGPjJ+6vhj8bPhJ8Z7C41L4VeLdN8UQ2ZUT/YbhJXh L/d82MfOm7BxuUZwcdK5nxz+09+zz8NPFcfgbx/8Q9F0HXn2E2d3eRxyRCQbkM2TiIMCCPMK5BBH BFAHh2pfsh+MbD9rW7/ad+G3xMm8M2viU6cviPQ306O7j1GHT0ji8pJ2lQxCSOJRkIzIxZgSDtHp P7K/7N//AAzN4V8W+GR4h/4ST/hKfE1/4i837J9j8j7dHBH9n2+dNv2eTnflc5+6Mc+SfsJfGPx9 8X4vjNc+O9dOuQ+HPHWqaXpblIUWHT4NpijUwooZQDkM2SfU1N8ev20fgvD8JfiXY/CL4p6LN490 PQ9RuLCO1u4JpRdW8DuDCH3RzMhUkqu/pkjFAG98Of2LfCvhbwr8aPA/jbV/+Er0P4za7qGsXUH2 X7I1ml+SwiR/Nm3vE2GSXCEMAwUEV88z/wDBPr4+t4E/4UPD+0lqQ+ERX7P/AGU+i27agLDdxZ/b vNEhj2fL2THy+Vs+WvuD9lrxd4i8ffs4/Dbxr4uvW1HW9b0Gwu7y5ZURpp5oVZ3KoFUZJzgAD2r3 ugD4m8b/ALFHhTW9J+BfhnwRrB8MaH8D9csdYtrZrX7Y98tnIkrRPJ5sXlvKylnl2v8AMxOztXd/ tOfs4f8ADR1j4Dsv+Eh/4R7/AIQnxPY+I932T7X9p+xBx9nx50Pl79/3/mxj7pr6eooA+GPj9+yH 4x+Jnx38MftEfCj4mTfDrxXoWmf2NO39nR6jDc2PnSTbdjyxBSTK6tncCNpG0rk9V4C/ZI0Hwv4+ +O/irxRqyeJdH+OjWgvNKktPIW0gt4rmKSIy+c5m8xbg/MEjK7eMk8fXtFAH5Tj/AIJ6fGvTPB0/ wM8L/tGarp/wcuWljOjPpNvLqCWUzEyWa6h5iv5bhiDhVTk/uiCQe6+IP/BP/wCy+J/h98QP2Z/H c3ws8T/DzRl0C2meyj1SC5sE8wgTRSsimRjNIXdg4YkHaCoYfo9RQB+aGm/sB+O7n42+BP2i/iB8 a77xb468KXvm3clzpMMVjcWIG0WdrbQTItnhWlzIDIGZ9xjyDu9I8L/sh+Mfh/8AtUeIvj/4A+Jk 2l+GvG11FeeIPDMmnRzpeyxQyRoBdGVWjCvI0ikR5BO0lhX3PRQB+eXgr/gnn4F0v9kq6/ZQ8fa/ L4lsZb+bUoNWt7VbC4tbp33xSQxtJcANHypJYh1ZlIAJrkLv9gv4zfEbT9I8A/tEftBaj49+HOiz 28v9jQ6VDp02oLbkFEvb2OV5pAMDJYux+8GV8MP08ooA+VPFP7L1hrv7R3wq+PWl60mk2fwt02/0 yDRY7PclxFeW0tsm2cSr5IiWQEL5T5C4yM5F34s/s4f8LR+O/wAJPjZ/wkP9mf8ACrZNRk+wfZPO +3f2hGkePO85PJ2bM/cfdntX09RQBHNDFcQvbzqHjlUqynkFWGCD9RX5ceB/2BPjj8IbTWPh58Fv 2hr7wl8M9Xu5rr+zRottdajbLPhZI4L6STfGxUACVAmD82zdkn9S6KAPzX8Af8E7rX4cfBL4xfAf RPH89xoXxQmEtnNdaeJLrS+Nrea63Ci7ZlVBkLBypOPm4+n734B/a/2VB+zJ/buzHhCPwr/a32XP +rsRZfafs3m98b/L83/Z396+iaKAPgDxj+wfpXiX4IfDD4f6Z4xudC8dfCGGBdA8WWdtsmiljCiT fbeaQYpdilk83IKj5iNwbgoP2B/iz4s+L3w/+OXxu+Olz4z8R+A9St7uC3GiQWdibWBxIYIooJkW OSR1BebacjAKHaDX6eUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAf/W/fyi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAK/Gv9h34GfCfx1+0F+1J8QPHHh+w8SavZ+P tZ023j1G3juo7a3e8uJHZI5VZQ0pO0tjOEwCAWz+ylfl1Z/sBfGDwB8S/iD8W/gb8ernwdrnxD1v UNSvbdtDgvLH7Ne3D3EcDQzzOHmt2kfbcYBIOAiZYsAfNnhPR7H4Xa3+338D/Ai+R4E0vwteapaW kZ/0eyu73R53mjiX+EHcUwOixKO1eYfEjwjpXxA/ZT/YZ8B66pfTfEniOw026VSVJgvJ1hkAI5BK seRX6jfDX9iXQPhz8Dvib8Mx4outc8XfFyz1KHX/ABTfQiS5uLnULeWAS+QJB+7iMzOsZlJLM2ZP m4wp/wBhkT+BP2fPBX/CbY/4URrNlq/n/wBm/wDIV+xzLL5Wz7T/AKPu243bpcdcHpQB85/t8fBr 4W/CbU/2efHPwu8Lab4S1jT/AB/o+mpPpVrFZs1rITJskMIXzAGhGN+SMtj7zZ6Xwh4P8NfG3/gp l8X/APhbmmRa9B8N9D0i38P6bqSLc20Ed5BDLLcJDIGQsXdiDjjzP7wBH2P+05+zh/w0dY+A7L/h If8AhHv+EJ8T2PiPd9k+1/afsQcfZ8edD5e/f9/5sY+6a8++PH7ImveOfitp37QPwM8ezfC74k2l odPu76OzTULXUrLjbFc20rKjFMDDEMMBcrlEZQD5e+HXwo8A/CT/AIKw6tpnw60630jT9b8BSapN ZWqLHb29zNdRxSCONQFjDiJZNoGMscYBwPgM8/8ABHAj/qdP/a9frr8Cf2H/ABN8Kv2h7r9pPxx8 Vbvx/wCJ9Y0ebTtT+1adHaia4llRllhMUxWGGOKKONYBGQMFg4BCLxP/AA7gH/DHH/DJX/Cw/wDm Nf2x/bP9k/8ATTf5X2X7X+G7zvfFAHlX/BQ/9mH4IfCj9h+5vfAnhDTdG1fwTNpH2LUrW2jhvy73 MVtK0lygEshkEhZ97HLYbqARpePNO0v46f8ABQn4R/Df4twjV/DGg+Al8RWumXmJLO91Sd5FeaSF vlkwqg7SDkxc5XIP3v8AtV/AL/hpv4H678Gf7d/4Rv8AtqSzk+3fZftnlfZLmO4x5Pmw7t3l7fvj Gc84wfh79tKy+B2n/FP4P+EvG/i7WPhP4+0vT5H8PfEC1ihTTIlgUxzWl40kyHDYB2n5V83az7ZH BAOW/aC+Dnwu+Gv/AAUR/Zp8TfD7RrPQb7xPPqa6ja2ESW8L/YoVEM5ijCqHcTOrMB82wZ5GT+yd fz7+BvCNv4z/AOCh3wlu/D3xdvPj3rnh63vtQ8SeIIkhXStPtYoJEtLe3W1MkUQMpbeFkKl5U6MW r+gigD8t/wDglz52r+HPjj431Rt2sa38R9YF2W+/mOOGUBj/AL0747VU/YO/5Ox/bG/7GfTv/Rup V0/7OukS/s6fti/Fn4H6tiDQvitI3jbwvJ92OSUsy6nar282MsrBByIkDHgjGNqX7APxp0v4t/ET 4pfCH9oa78Aj4jam2o3tnbaBHc4w8jRI0r3q7/L81wGCLnPSgDO/4K/azYL+zBp3gpALnXfFPiHT 7fTbVfmnlki3u7RoOTjhCfV1HUivIv2ttC+MF9/wUE+AuhfCHX7LRvHg8JXqW2palD59qrxxXxuG kj2PnzIhIB8pwzA8YzX1B8MP+Cftvo/xT0f4z/Hz4m618Y/FHhsh9J/tRRBZWUoIZZUt/Mm+dGAZ AHChsMVLBSPavGn7Mv8Awl/7V/w+/af/AOEk+yf8IJpd7pv9k/Y/M+1fa4rmPzPtPnL5e37Rnb5T Z24yM8AHyR4z/Y//AG3fj/pK+Af2h/jppieB7maJ9QsfD+lpFNdpEwdUMjRQkfMAQGLICAxRiAK5 b4i/DLwZ41/4KG/CT9nbxdp6XHw4+HXgRb7RtEuSZbOeeFpbdDJG+RIFSJMhs7vJ+bKlgf2Jr4// AGl/2S7T47+IPC3xM8H+LLv4d/ErwSXGla/ZQpcFYZD88FxAzIJojlsKXAG9wQysykA+QP2t/APg n4E/tVfsz/FD4Q6Ta+Ftf8S+J4/D+pQaZDHax3+n3UkEMnmRRqqMUSZl3EZ+Zcn5VK+R6b4c/aU8 R/8ABRD9oiH9m3xZpHhPUIYtIa/k1e1+1JNCbWAIsY8qXaQ2STgcV9x/Df8AYx8VH4vaP8d/2lvi ZcfFjxX4ZhaPRYTp8OladprueZo7aBijy46MQvOCQzKhX0/4Z/szf8K6/aT+KH7Qv/CSf2h/wsmG xi/sz7H5X2L7HGkeftHnP5u/ZnHlpjPegD5is/2Jv2hPi98RPCfjL9sH4s2vi7RfBd4mo2Og6PYL Z2kl3GwZGmcJFuXjByjMVyoZQTn9RqKKAPwb/wCClHwj/ad8PfBLxX4y8dfGseJ/BE+tW7weHRot ta+THPdZtk+1RnzG8gEDJHzY5r9L/gD8I/2m/h/4pv8AVfjb8ah8StHuLJobewGi22m+TcmRGE/m wks2EVk2nj5s9hX0Z4x8D+DPiJocnhjx7oVj4j0iZ0kez1C3jurdnjO5GMcqspKnkHHBrqaAPkD9 vv8A5M2+LH/YFk/9DSvmHwd+yh+z3J/wTitba68M6bJPqXggeIJ9YaCM3q6jLp/203IuSvmDy5Dh RnAjGwgrkH6e/b7/AOTNvix/2BZP/Q0r4f8Agz+xP8bPiF+zR4B8G/8AC/8AUrD4S+LdB0rU73w+ ul273iR39tFc3FnDqO8SC3Z3YKpG1VO0o4zuAPm74jR6n8ev2Wv2I9D+JLzXL+KPFUei3kk0jGWa 0+2fYUcvncS9uqndnPOc55r6t/4KF/CL4YfCH4N/DHSvhf4X0/wvZ3/xQ8PTXEWnwJAksiWl5GHY KBk7VAz35J5JJ+vfif8Ase+GvGg+CGneD9UXwlonwT1ux1azsUtDdC6hsWjZbfzDNGYy3l8ykSEk lipPXqP2qP2b/wDhpnwr4S8M/wDCQ/8ACN/8It4msPEXm/ZPtnn/AGGOeP7Pt86HZv8AOzvy2Mfd OeAD5L+ITQfs0f8ABRvwt8TJXWx8H/HnSZdE1SRjthi1jT1QwSt0ALqsKKT13ynnmvNP2cpfC3xF 8F/tL/tvfFzUrzQvDvxDa/0myvrb5L218NafGbcG2JR8SSfJEMKT5sIIAJr71/bA/Zd0b9rX4Sj4 bahq58O31pf2+o2GprbfamtZ4cq37rzISweJ3THmLgkNztwdGP8AZc8BN+y1F+yndSSnw6uiJpEl zCoimaVQHa7CncokacecQcjccHIoA/IB5NK1z9kvXPC3wS/ZLll+H8Og39ynjPxVdadZagYI4ZJT qh/ciSaZQPMQxSbeFVPkwKxPF+kaPr/7A37Ieua3YW9/qMnjXTdLe5nhSSZrBbnUFFqXYFjDhVHl k7eBxxX3NpP7A3x3vvh7B8CviD+0ZqOpfCyytlsYtK07RbWxvJbOJQIbeW+Lyy+UmADGdwZPkyBj HR6t/wAE97nVv2R/B37M0vxFki1XwBrH9taP4gg00RFJ1muJUWS1Ny+4KLl1BEynIRscFWAPlv8A bLtdbv8A9ub4TfCHwp8Lbb4jeGvCXhmTWNO8GC8tdG064uZprpJZiZUMLLEIYz5RU7thGNpYGw3g b9oa9/au+D3xa0D9nOx+CL6dqIsdbmsfEejzJqelXTxxTh7WH7PvaCJnbKI7tlRjKpj7F+I37E/i b4n+GPh94g134pXll8avh4JhaeN7HT4oXuFmlZ/LuLFZArxhG2BRIAcuSCsjocnwT+xf4uX4vaP+ 0L+1X8WpPibq3giKSTSITp8GkabpzAbmuHjiYoWXG/O1MMqsxbauAD9Fa4H4rf8AJLvGP/YG1D/0 neuK/wCGoP2aP+iteEf/AAfaf/8AHqgu/jF8CPinp9/8OfC3xO8N6hqviO0ubGCGy1azu7hmmiZS Y4I5t8hUZbaOwPI60Afzk/AHV9d17w9+zr4Q/aksLmx/ZvOpapa6U0Uix2Ooaub2ebzdSIJYxLPM Yfm2AIjleBKT+gv/AAUOk8Ra3+03+z/8FtD8Cr4+8O21vearD4TF7BpNnqdzao6pE00oMSrBFFkI ykMjNGo+evrzRv2FPCK/sXWv7HfjHW/7dt7CO8e21pbMW8kF5PeT3kFzHAZZNphabYV8394gZSQH IGT4x/YX1D4h/B74feEfF/xKvH+I/wALn3aD41srL7LeRKhXy1nga4lMoCIgY+crMyBiQS4YA+Kf H/gX9ovXfjJ8Jfid4R/Zi0/4Laz4T1y38/ULDxLopF/pzkLcWj28QthJmLcARubYWUDnj3bUdQ0/ 9k3/AIKNalrmqzDTfAfx60Ce8nlb5YIdZ0WMyysfUmNWY+r3Nei+Hv2G/iP4v+K3hX4o/tVfGCf4 p/8ACCzi60XS4tKg0myjuVKss8yQMVkO5EYrtBJUBmZMqfCv+CpGtfDH406P4O/Z58FatBq/xffx TaWlnYWj77iyS7hZbhrraD5cJjeNmyQThW+6rYAPY/8Agm9oep+NtI+I/wC1v4qt2i1j4y69cXFm snLQ6PYO8NrECeQFbenuqIeeK/TKvF9KvPhF+zV8N/CngbX/ABLpfhXRNGsoNLsZNVvILFZ/ssSq cNM6BnIG58EnJJPWqn/DUH7NH/RWvCP/AIPtP/8Aj1AHxr+2f/yeZ+x5/wBhjxD/AOi7Cvmr4gfE X/hjL4y/tb+Gkl+xWnjzw1H4w8PEnaBqN9IbCQxjuxvLpmIH8MXbBr1j9oj4p/DX4v8A7b37KWk/ CvxTpni+40LUdeuL7+ybyK+W3SSG2dfMaBnVSVgkOCc4XPSvo39rX9hfwv8AtXeO/h5431fXf7Ef wVOftkIshdf2pZNNFN9mLmaLycbJAH2vjzCdpxggH5JfDvxZr/7DHws/aA+BOvXUi61r/hDQNZ0V D8sn27W7eKxvvKHGTBNcgL3xBk5r6C+NP7PfhL4R6b+w/wDDjVNBsZr+HxJp1jrDS20UjXLzSw3F 1DKWUmSI3E0pCNlfmPHJr7q/aL/YW8LftD/H34cfHLV9d/s4+B2t1u9P+xiddUgtLr7VDE03nJ5S hmcN8j5Vu2K7X9rb9ly6/aW0fwjN4e8XzeB/FPgXV49Y0nU4rZbxY548H5oWePPzKjKd3BXkMDig DjP+Ch/hfQz+wx8R9BtbaCwsNM06ze1hijWOKEWd3bvEkaKAEA2BVAAAHHSvoP8AZt1bUde/Z2+F uuawzNf6h4W0S4uGf7zSy2MLuT7liTXxP+2npvj7xH8Ffhz+xiniIeKPiJ8UryysdQ1QW62pbTtK ZLq/1KSCNmEaho48qDhssF/u1+lPh3QdN8LeH9M8MaLF5Gn6Raw2dtH/AHIbdBHGv4KoFAH43/Fr 4S/Gb4WftT/Ev45eEfhToH7Q/hnxjHZi8sbmW3l1bSBDEIzbpFKJCofaRhIZd6KgO0qc+Ry/Fr4U +G/2Ev2jD+zloGu/DnxJDqdpF4i8P6k5DaPLrF5HZyi2XC+XE0IkgA2rIhQBgNqk/eHjz9if4j6d 8Z/Evxv/AGYvi5N8LtT8b+W2uWMmlwarZ3U6Ajz1SZgqtlmbBRjvZirKCRXX/Cb9hfwP4M+H3xI8 KfEzXLr4i618XXaTxPq93ElrJcsN5i8iJC4g8lpGdPmYq/IIAVVAPzgtPhd8S9a/ZYtvhbpn7Fml mwvNDR4PE58VaMt6biSAOmqmVollDFiJSplC7f3ZITisD9oS4+Odz8IP2Pfgh8S/DUnivU9Svb/+ 1NA/ta1iTWpNGnigsLaTUY3lh+e2k5be2TJz+8HH2RP/AME+vj63gT/hQ8P7SWpD4RFfs/8AZT6L btqAsN3Fn9u80SGPZ8vZMfL5Wz5a+h/in+wz8KfiB8D/AAj8GPD1zd+EX+HbRT+GtXsmDXun3cXP nFjtMnmv+8lAZCzgMGVgCAD83/jx4D/aP8Uz+BfFngD9lDTPg54o8E6xa3dhrOn+J9DQyRRA5sni QWqyK+AQGY4CsANrMD7ZrHwj8A/F3/grTrll8RNGtte0/wAPeBrfVobS8jWa2e5SW3tkMkTgo4Vb hmAYEbgDjIFeqj9g/wCKfxM8ZeF9Y/at+Nlx8T/Dngy6W8sNFh0i30qCeeLGyS6aF28zgYYFSxBI 3gM2fpXRv2b/AOyP2t9d/am/4SHzf7b8Mp4d/sj7Jt8rZPBN9o+1ecd2fIxs8ofezu4wQD86/hT+ zZ8Fp/8Agp/8WvDlx4T06Xw3oGg2Gq2WjvbRnTYL67htFaVbXb5WV8yUqCpCmQlQCBir4F+EWlT/ AB9/bb+APgC8tvA+i65oulpb7MW9jZz3tmXJKrhY4i87qwUcIxCjoK/R7wl+zf8A8It+1R45/aZ/ 4SH7V/wmmkWelf2V9k2fZvsiwr5v2nzm8zd5P3fKXGepxz5/f/sS+F/EnxK+OXjLxnrj6po3xt06 w0+40yO18iTTxYQJEssdyZXEj70WRMxKFYDO4DkA/KPxBpUnwk+B+k/Cj9r/APZehl8E6Kloi+Ov Bj2z3AjWRNt09xGsnzXPAkaSaLzC2NgJUD+gz4f61oHiPwJ4c8QeFL19S0TUtOtLmxupSzST200K vFI5bDFmQgtuGcnnmvzNX/gnt8fNR8CRfAfxN+0hf3vwigEMH9kxaJbR3z2MLqyWv20ytIqKFABO 5OMeXt+Wv0+8IeFdE8C+E9G8FeGoPs2k6BZW9haRZzst7WNYo1z3IVRz3oA/KP8AaB8TfBq1/bSv Lnw58L9e+Pvxb0zQ7e1m0Y/ZW0LRLV9ksT5ngcxTMJAxdtyL5xwQzYHl/wCy4virS/8AgpnrR8Q/ Dey+EF3rvgqW4uPD2m3tveQBfOg2SyNaKkIkfYGZQoOfmIyxr7F+Jn7GHxHm/aB1n9oz9nb4sSfD XxD4rtIbPWoJtKg1a1uVhSONZESZ1VTtiQ4Kk7gSGXcwMPwg/YS1z4X/ALRdl+0nrHxW1Dxj4iut OubPXhqVhGDqMs4IV7doplW0ijCxBYdkoATAYBhtAPsr4wf8kk8bf9gPUv8A0mkr8D9T/wCUYf7L H/ZSbf8A9LtZr+hLxhoH/CWeEtb8Lef9l/tmxubLztu/y/tETR79uV3bd2cZGemRXwRc/wDBP8XP 7MPwr/Zw/wCE82/8Kz8SR+If7U/svP23y57ybyPs/wBq/dZ+17d/mv8Aczt+bAAPMfFHgHwLf/8A BWTRbK+8OabcW918Pn1KaOSzhdJL77dcf6S6lCGm4H7w/NwOaP2cvAPgWD/gpB+0bFD4c02NNDtv D0+nqtnCBZzS2cTSSW4CfundiSzJgkkk819A/H79kPxj8TPjv4Y/aI+FHxMm+HXivQtM/sadv7Oj 1GG5sfOkm27HliCkmV1bO4EbSNpXJNS/ZD8Y2H7Wt3+078NviZN4ZtfEp05fEehvp0d3HqMOnpHF 5STtKhiEkcSjIRmRizAkHaAD8iZPGXiTwf8A8E2vjinhuaS2bXfirqGl3csR2lbS4jtGlUnssgQR t6hiDwTXs3xJ+EPxW8Tfs7y/CTSv2KtL8Lw2VjGLHxCni3RDd2k8QBW8efy43lLEZl3SgSAkE9CP 0K+HX7CXgvw38BviJ+z/AOP9afxXovxC16+1ySeK1FjNZvdrB5YizJcAyQPArrIeCeCmMg+J6j/w T7+PninwbZfBLxz+0jqOrfCaz8mM6WmjW8N/NaQMGitpL7zXdlTau0vvXgfu8AAAH3l+zq/j5/gT 4EX4pKR4th0i0i1MtPFcs9zFGEeQywM8bmTbvLKxBJr899b8JeHvjv8A8FTdW8I/Fyyi1vQPhz4N hv8ARNLvAJrN7ieS28ydoHBRyGnYHIOSkZP3AB+pfg7wl4f8A+E9H8EeFLRbHRtBtIbGzgUkiOC3 QIi5OSTgDJJJJ5JJr5S/aI/ZDm+LXxB8P/G/4XeNrr4ZfE/w3AbSHWLW2jvIbm0JY+RdW0jIsoBZ gCWIwSGVwF2gHyf8ePB3hb9nv9vr4A+MPgxpEGiX3xBj1fS9c0zTI0toL23gSLy3eFAqbmaTcWwM tEp6rmj/AIJu/Bn4WfGf9nzxD8V/i54csPGni34ga3qh1m71W3S7uAFfYIEeUFogB8/ykHLA54XH 038Hf2OdZ8OfF9P2hvj78Qrn4q/EOztDZ6ZcSWUWm2OlxOHWQW1rCzJuZXZd3yj5mYrubcPPrz9h f4oeB/GHiq8/Zi+Nd38LPCHji5e81LRF0qHUUt7mVcSy2MksimBn6AoFZOMMQiBQD85/BM+o/BX9 gf8Aa00X4cXU6x6N46n0OC7ikIkWwe4tLJ3LjBO+AlCR/ez0r7c+On7Jf7O+l/8ABPLVItI8L6Zb XXhzwomsWesR28S30l7BbLcec1yF8xzcsCrgnaQ2AAAuPcfgD+wZ4I+DXwd+InwM8Ta3L438MfED Ubi7lW5g+zXENvNFHGkbSJI/mTR+WH89RH8/zBFxXh2o/wDBOz43a98NZvgFr37R2pXPwstYWi0/ S/7Gt/tSLGCbSK5uxKJJoLeQI3lZCuqhV8rClQD7F/Yq/wCTSPhD/wBixpn/AKIWvp6vMPgr8N/+ FPfCTwh8LP7R/tf/AIRTTLXTvtnk+R5/2aMJ5nlb5Nm7Gdu9sepr0+gAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD /9f9/KKKKACiiigAooooAKKKKACiiigAooooAKK/OL9vj9qb4hfCOTwb8DPgJbpc/FP4nXH2axkd VkFjbs4hE218rveRsIzgooSRmHyjPlFr/wAE1Pi5rOk/2/42/aZ8ZP48mQyG7s7qYWUE7DJWONpl laNTwNrxZA4VegAP10or81f2Ffin+0svi/x1+zj+0vp97q2q+A3BsPFBtZRa39vuVfLe68tY5JCj xyxEnzXRm3jKE191/Dv4qfDr4t6Vea58NPENp4jsLC6eynns5BIkdzGqu0TEfxBXUkehFAHf0VwG kfFT4da/481j4YaN4htLzxX4fiSfUNNjkDXNtFIEKtInYESJj/eFeN6v+2x+yfoVhbanqfxR0WO2 vLmWziZZzITNBt8wFYwzKE3rliAoz1oA+o6K+dPEf7XP7M/hKPVZPEPxI0a0/sUWpuh9pDun22Pz bfaqbmcyx/OoQMSuT0FdxYfG/wCEOp/DRfjHZ+MNMPghkaT+13uUjtAEcxsDI5ADBwUKnDbvlxni gD1OivnX4cftbfs1/FzxF/wiXw6+Iek6zrTFhHZpMY5pdgy3lJKEMuBz8m7jJ6A16P4t+LXwz8Ba /pHhfxp4lsdE1XX1next7uZYnnS1XfMy7sDbGvLEkADmgD0Oivmvwh+2L+y94+8Xx+A/B/xL0bU9 duJBFDbR3AHnyHokLsAkrHsI2YmvkX9u39sWf4NfFn4PfDTwh4zs9FjvfEdlL4wQBGuLbSBPauPN ZgfKiljaQuVwzKuMgZBAP1OrjfG/w78A/EzSP7A+IvhvTvE+mhhILbUrWK7iVx0dVlVgGHYjBHrV 7wf4w8L+P/DVh4x8F6nDrGiaohktbu3bfFMgYqSrdxkEfhXwX/wUn/aK+I3wE+E3h7T/AIVXMWk+ IPHWrppCarOB5dhC0bM8gZgUSQnaAzA7V3sBuAIAPtzwH8Lfhr8LrGTTPht4V0vwtazbfNj0yzht BIUztMnlKu8jJ5bJ5Nd5X5Hf8O2vjGNI/wCEgg/ai8aHx4Yci+N3cfY2lxnZs+0ed5WeP9YeOdv8 NezfsL/E39oLx18KvGPgn9pPT77SvFPgi7m05dbu7SS1S/tirqs6SFI0maFo2DSR43L5bN8xLMAf ceueCfCHiXWdE8Q6/o9rqGqeG5pJ9MupoleazllTZI0LkZQuvytg8jrXUV+UPhn4vaZ+zJ+wr4n8 XWnx0tviprgn1OPQ9fvnlnE+pmAPDYotxNOztHsLBS+OTxjOfXv2QP2t/h/4w/Zf0vxx8S/iFY3m veG7CKfxVdXEqI1lLeXEiQm4Cqqx7yAqADHQAUAfoBRWJofiTQfEvh2x8XaDfRX2janax3ttdxNm KW2mQSJKrd1ZCGB9K5v4f/FT4c/FXw1J4x+HXiGz8QaJDLJA95ayh4VkiAZ1LcAFQwJ9AaAO/or5 J1n9vD9j7QdYOg6j8V9E+1hzGfJma4iVgcENNCrxDB7lsV2nxu+Pfgr4bfATXPjFY+JdNW0fTLiX Rb1pVms7u+a3ke0jjZCVk8x1AAU88jNAH0FRX5O/szftG2v7RH7EOv6Z43+LkGjfEn+yddudZ1VX EV1osMl5cLBdtHAYfLSKIxlNjLhduCK+3/2bzp3hv9njwpJe/EFPiBZWFjI8niieVtl7GkkjNO8k 0khCoPlJaQ4C9cUAfQdFfK+lftv/ALJGt+JU8JaZ8VdCm1KSRYkU3OyGSRjtVUnYCFiTwNrnP417 d8Qfib8P/hToUfif4j69aeHtKmnjtUubyQRxtPKCUjB7swUkD2oA7qivmXXP2zP2V/DXjCTwFrvx Q0Oz1uGVoJYXugUhmRtrRyzAGKN1bgq7gg5yODX0tFLFPEk8DrJHIoZWUgqykZBBHBBHQ0AZmveH 9B8VaPd+HfFGm22saVfoY7i0vIUuLeZDyVkikDI6+xBFWNK0rS9C0uz0TQ7OHT9O0+GO3tra3jWG CCCFQkcccaAKiIoCqqgAAAAYq/RQAUUUUAFFFFABRRRQAVXu7S1v7WaxvoUuba5Ro5YpFDpIjjDK ynIKkHBB4IqxRQB4H/wyn+y7/wBEe8G/+E/p3/xitrw7+zv+z/4Q1q18SeE/hl4Y0TV7Fi9veWOi 2VtcwsQVJjliiV1JBIyCOCRXsVFABRRRQAV59a/Cb4XWPjy6+KVn4S0qHxjeoEm1hbKEahIoQR4N xt8z7gCH5uVAB4Ar0GigDifG3w0+HHxLtbax+I/hTSfFVtZOZIItWsYL5InYYLIs6OFYjgkYOK85 /wCGU/2Xf+iPeDf/AAn9O/8AjFe+UUAeR+CvgB8DPhvr0vij4e/D7QfDWrzRmJrvTtNtrSby2+8i vEilVbA3AYBwM165RRQAUUUUAcu3gnwg/jJPiG+j2reJ47I6aupGJTdLZGTzTAshG4Rl/mKg4J5r qKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAo oooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACii igAooooAKKKKACiiigD/0P38ooooAKKKKACiiigAr5h/bF+NGtfAL9nrxP8AEfwzEkutWywWtkZF 3xxT3cqwrKwIIIjDFwDwxAU8Gvp6vOviz8L/AAp8aPh3rnwy8awtLpGuweVKYyFljZWDxyxkggPH IqupIIyBkEZFdWBqU414SrK8U1deV9TSi4qactj+UnRP2xP2ntC8YJ43t/iVrdzqCy+a8Vzeyz2c nOdj2rsYDHyQECAL/Djiv6svg54+PxU+FHhH4kPbfYpPEul2l/JAMkRSTxK7opPJVWJCnuMGvyB0 T/gjgYvGCP4h+I4ufC8cu5ktrExX0sWf9XuaR442IwN+H9dtftf4d8P6P4T0DTfC/h62Wy0vR7aG ztIEztigt0EcaDPOFVQOa+z4zzPL8RGmsIldbtK2nbZf8A9XNcRRmo+y3Niiiivgjxj8WP2jzHpP /BXX4Dav4jjMml3ehx21qx4UXDNqccag9CyzyRsR/tCv2nr4Y/bi/ZEuv2nvCmhaz4G1ZPDfxH8D XRvtB1FyyJvyrNDI6AugLxo6SBWKOoIBBavmy0+Nf/BWLRdCHgy/+B2i634hiQwR66t/apbSlRtE 8kS3aR7j94jdGM/8s1+6AD9NLD4vfC/U/iLqPwjsfFFhL400mJJrrSBOovI4nRZA/lHDEbHViVzg MM4zX5q/8Ecv+SB/EH/sedQ/9IrKvWv2IP2P/G3wY17xZ8dvj1rUfiH4s+PiftssLeZDZ2zusrQq +1Qzs6rv2gRqERI/lXLfLnwr+GH7d/7Eni/x34D+DPw5074neBPFerS6lpd1JqMFp9mkkG1WmEks Tg+Usayqy7CyDy35OQD0j9ncg/8ABVf9o0g5/wCJHYfpFp9fMn/BMX9kr4I/Gzwp8TvH/wAXPDFv 4olHiCXSLVLpn2W8cMaTyNGEZSHczKN+cgLhSMtn6k/Ys/Zw/ae+G/7VvxK+Mn7QFpbXH/Ca6PE7 alZ3Fu1u99PJbzPaxQrIZlW2CtCGaMKfLyrMCCfVf+CbPwJ+KvwB+FPjTw18WtE/sLUtW8V3mpWs X2m2uvMtJba2jSTdbSyquWjYbWIYY5GCMgHxT8Pv2dvhl8b/APgqN8bLH4kaJDrHh/wrYwXEGnyZ W3a4eGzgi3ouAyJGXwvTdtPbFc5+33D4S8IftDfA39l3SvBWqa18LPDGnNrreE/DsUktxfSTXF2X REB3yAC3Yuc5VHlIIJJr75+BXwJ+Kvg39u344/GXxJon2Pwd4ws7SLSr77TbSfaXiW3DjyY5WmTG xuZEUHHHaof22v2YPit8QfGvgT9pH9nK7tofif8ADdmWG0vHEcOo2ZYv5G9iqA5eRSGZFdJHBdSF oA/NL9qHVvCXxV8B6fH8EP2TvG3w38e+Hbu1udI1ew8MmwEYhkUukxtEDOAo3RkqWWQAggFs+p/t o+Hbr9oD4qfsX6B8TrO4sbjxtZw/25ayI1rcRtcmxe9hZCA0T8umMAqe3Fe0eP73/gpr+07Bpvwv TwRD8B9IN1BJq3iG11lZLrbC2WFu1rP5u0n5giA7ioVplUtn1/8AaD/Zx+Kvib9o/wDZj8WeDLC4 8Q+G/hlI6azql5fQG5SNDbhZpvtEqzTySCNmdkV2LZJ5NAHzf/wVM/Zu+Cfww/Zx0X4g/C3wdpng 7X/DetWEMF3pNslnM0MiyArI0QUyMHVHDvucMuQ3LZs/8FBvCXhDXfi7+yTr+q6Bp1zqHi7xNYwa xM9pCz6hAZtOXybpiuZowrsoR8qFYgDBNfXn/BSH4K/Ez49/s2zeAfhNo39u682rWN0Lb7Rb2uYY d+9vMuZIo+Nw43ZPYV5n+3V+z58c/iB4Y+CXjj4KaPb654q+Eup2+oPpk9xFCZWQW8gIaSSONlSS 2AdRICQ3y5oA/SvQPD2geE9HtfDvhbTLXRtKsV2W9pZQpb28KZJ2xxRhUUZJOABya+b/ANqjwT+z r8Z/C2n/AAI+O2uWWm3fim4VtDhe8ittRN+mYo5rFHOXkUy7MbWU79rAhsV6z8GPEHxK8U/DPQ9e +MHhqPwh4wuklN/pcM6XMduyzOke2SN5FIeMI/3iRuwcEED5Y/bw/ZH179pjwx4Z8SfDbV00H4jf D68a/wBEupWZInLGN3iZ1DGNt8UbxvtIVlwQAxYAHyX/AMMQ/t7fs+2uf2Yvj2+vaTYrm30bWwyK I16QwxXAu7UEjjP7kd8rXv37Hv7Xnjb9oLwv8Svhj8Z9Bj8O/Er4cxS2+pxwKUhuFKyxFwhZ9kiS RlZAGKHKshwdq+T23xr/AOCt2g6XH4R1L4JaDrmtLGsUesrdW4hlIG3zpUjvkiDk/MceUv8AsAcV 7J+xt+yT8SPg/o/xJ+J3xp1SHW/ip8VTJPfi2ZTBbBvMcRBwEQu8kpL7QI1CqqfKuSAfB37Nvhnw 34i/4JF/EufxBpNpqcukTeIL2ye6gjma1uo7aNUnhLqTHKoYgOuGAJwea7q88FeDfD//AARs1DxJ oOg2Gm6vr2hac+o3ltaxQ3N60WrxhDcSooeUruO0uTjJx1r3j9l79lD4weG/+Cfnjz9nf4gaXH4b 8X+JRrcdrDNcwXESm8gRLdnltHmQKXX5sEsBzt6CuV+B/wAC/wBqfx5+yF4y/Y5+Ofgu08E2Wn6M LPw/rIvILgXV0ly1zGtwlvNOQiuseXVBlM8bsCgD7q/ZiIH7G3wuYnAHgfSMn/uHR1+Xn7EOleDN c/4Je/EDR/iJ4wl8B+GbzV9Sj1HV4QrSQ2zLab41VlbeZx+52KpZw+1RuIrt/hvZf8FOtI+EFh+y rH8O9I0OCwsxoieM7jUbeRLXTCDEsiQRTMZJI4flQqhbAUtHuyayPAf7CPx31H/gnT4m/Z28RWcf hvxvJ4jk1iytZruCWG6ii8gokkttJLGokCNtyflcKWAHNAHmfh34pfsa3vwc/wCFO/BH9mfxD8WF gsHtJNdHh6CKS6nVCr3r6gPOuInLZfdtXy/urtUADu/2IdL0nxv/AMEtviNpnjKwttctNBPieWwi voUuUtZYbAXEckKyBgjpLI7qy4KsxIIJr0zwjq//AAUh134QaX+zrpPwe0j4cyWmmw6JP4qudUtn t7e2jiWFpobO3aQ+ayA4MfmKHOQqiu7/AGHf2ZvjJ8Nf2S/iX+z58VtFTw9qmuXesRWFz9qt7qCe 31Kxjtlm/wBGkkZArqxKuFbBHGcgAHz9+zz4K8G6d/wSJ8V+NtP0GwtfEWreGPFEN5qUVrEl7cxx Xt2qJNcKokkVQqhQzEAAAdBXinxX8R+Ibn/gnV+zB8GNIvpdMsPiVqqWGozxnAa3iunCxP6qZJUk x3MYzxmvoP4DfCD9tLw7+yl8Sf2Q/HXw0tbTS7bw3rcOganDqNmz32oX05kS2P8ApJUK/nSMsjLG qhQHIPX0vWP2GfHvxP8A2Avh18F9ZZPCXxP8BY1CwaSdZIoL1JpiYpJrVpV2vHJkPGW2uFPOCCAe 5/Fn9gv9l68/Z51v4e6L4E0rSJdM0q4aw1WK2jTUobqCEtHPJeYE0hLqDIHchxwwxjH5CfEj4jeI viN/wSH8HyeJ7mS8uvDvjGHRo5peXe2tYbgwLnuI4nWMH0UZ5r7m8WeM/wDgqR8S/hxcfAu8+EWm eHdY1m1Om6j4s/ta2+z/AGaVfLlnjiilfy5HQnJTey5JSNTja79ov9g/xxov7BXhf9mf4FWLeMNf 0nXLfUr2RprayNzI63DXM4NzLFGqq8ioibywQKDuIJoA7b46fsR/s5+DP2GvFen6Z4I0xNc8MeFr jU49a+zp/akl/ZWxuGme7AEzeY6HcpbZg7QoXAH0D/wTs1jUdc/Ys+Fd7qk7XE8enTWys5yRFa3U 0EK/RI41UewFewfH3wb4j8a/s3/EDwD4YtPtuva34X1LTrO38yOPzbq4s3ijj8yRljXc5A3MwUdS QOa4b9iH4a+NfhB+yz4C+HHxE07+yfEWi290l3a+dFP5TSXk8qjzIHkjbKOp+Vj1x1yKAPqyiiig AooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAC iiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKK KKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD//R /fyiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK/ITRf2iP29/jL8a/jD4C+BUHgePR /hlrsul51qK8jneJpZ0gO6GRw7bYDvOFGcYHoAfr3RX5ufBb9qf9oLRf2ibD9l79rTwto+l+IfEt hLqGg6r4fkkNldpbpJJIjpNJIwbbFJg/IQVwUIdWr9GYL6yuppre2uI5pbYhZURwzRk9AwByCcd6 ALVFZN3rukWcV5LNeQg6eu6cGVQYwRkb8n5c9s9a+a/2Pf2kh+1L8Io/ihPp0Ghz3V9ewpp8c/ny Q28EpjiMjEKSzAZJ2qM9BQB9VUVUnv7G1nhtbm5jimuSREjuFaQjqFBOWxntRNf2Nvcw2dxcxxT3 GfKjZ1V3x12qTk49qALdFc94k1O4s9KvoNHmthrbWs8llDcOFWSZEJTcCVOzcBuIPAzyK+EPiV+1 X8V/2dv2RdG+K/xj0bRtT+JF9eGxmsdOugunK013MkMyMrzM6JAsZkVX5ckbl7AH6IUV8UfH39ov xZ8Ovj3+z98OfBh0+80D4o6hq1rqc0iNNII7FbYx/Z5EkVVOZnDEq3QdMHP19pXiPw/rslxFomp2 uoPaNsmW3nSUxN/dcITtPsaANmiisG/8VeGNKtZr7VNYs7O2t5PJklmuI40SX+4zMwAb2PNAG9RV P+0dPFiNTN1F9jZBIJ96+UUbkNvzjB7HOKrW2u6Je38mlWeo2897DGkskEcqNKkcn3HZAdwVuxIw e1AGrRWHN4n8NW2rx+H7jVrSLVJhlLR541uGH+zGTuP4CtygAoqtc3tnZCM3k8cAmcRp5jBdzt0V c4yxxwBzVbTdZ0fWRO2kX0F8LaRoZTBKsvlyL95G2k7WHcHkUAaVFYdj4o8NapqE+kabq1pd31r/ AK63hnjklj/30Ull/EVo3+oWGlWcuoancx2drAN0kszrHGg9WZiAB9aALdFY1j4j8PanDa3Om6pa 3cN9u+zvDOkizbfveWVJDY74zivH/hfrfxr1L4m/EvTviNBpEXhHTrqyXwu9hIHvHgdZvtJvVErl WBEezKpn5uD2APeaK5+28WeFbzVpdAtNZsp9TgyJLVLiNp0x13Rhtw6dxXzX8b/2nrf4SfG34R/B yGxtrlviReXsV3ezXIjGnwWUSPnywOXlMgClmAAB4bIwAfWlFZ1/q+k6VYNquqXsFnZIAzTzSLHE AehLsQuPxp+nanpusWceo6Rdw31rKMpNBIssbD2ZSQfwNAF6isRPE3huS4tLSPVbRp7/AH/ZoxPG Xm8v7/lruy+3vjOO9Gr+JvDnh94I9e1W001rltsQuZ44TI3ogcjcfYUAbdFIrK6h0IKsMgjkEGvA Pj/8Y4fhz8HfiN4t8Gajp154n8HaLe6hHaSSLMY5beJmTz4UdZAuRyMr9aAPoCivljwZ8fb1v2Ot N/aS8cJbpejwkPEF5HArRwNMtqZzHGrMzAM3yqNxPIGa6n9mTxb4+8X/ALPHgfx78Xp4P+Ej13S4 9UvHiiFtCkd2TPCNmcJsgZA2T1BJxQB79RWTo2v6F4itTfeH9SttTtlYoZbWZJ0DDqNyEjPtVfU/ FPhjRbyDT9Z1ezsLq6/1MNxcRxSSf7iuwLdO1AG9RVa6vbOwi8++njt4yQu6Rgi5PQZJAye1Zy+J PDr6w3h5NUtW1VF3m0E6G4C+pizvx74oA2qK/P39tj9pj4mfCTXvhp8JfgcNG/4TP4l6lPZLd6y7 Na6fFbrDl5UjIK7jOrBmDAKrYRyRj0P4Jar+1mvxHi8OfG268Lat4Zi8Om4bUNEZlnm1d7pNm2J3 Di3+zMfmMSguAQcHBAPr+isS68TeHLDVYNCvtVtLfUroZhtZJ40nkHqkZIZvwFWTrOji0lvzfQC2 gbZJL5q+Wj5A2s2cA5IGD60AaVFVp7yztbZr26njht1AJkdgqAHoSx4xUUuqaZCYBNdwxm5Vni3S KPMVRuYrk/MAOSR0HNAF6isux1vRdU07+2NMv7e7sMMftEMqSQ4X7x3qSvGOeeKj0bxF4f8AEUUk /h/U7XU4om2O1rMkyqw7EoSAeOhoA2KKyNZ8QaD4dtlvPEGpW2mQO4jWS6mSFC56KGcgEnsK+RvA v7QfjPxP+2z8QP2fLlLFvCfhnw5YatZTRRt9qea6FuW3y+YUZP3rYAQduT3APtCiisS58S+HLPVo NBvNVtINTuRmK1knjWeQeqxk7m/AUAbdFfGPxI+P/jjwn+2j8I/2ftLhsm8M+ONL1a8v5JIna7WS yt7iWIRSCQKq7ol3Ao2RnkdvVfgzrfxr1fxB8Q4fi1BpEOmWGu3EHhw6ZIJJX0pXcRNeASSbZ9u3 cCE5z8ooA95orDHijw0dY/4R4ataf2rjd9k8+P7Rj18rO/H4Vpz3tnavDFdTxwvcNsjV2Cl29FBP J9hQBZorFsPEnh3Vb650vTNUtby9s+J4IZ0kliP+2iksv4gV8x6z+1Da6d+15o/7MUdlarbXfh2b XLnVJLkblmE7wR2qR8AN+7LMWYk5ACjGSAfW1FFfF37CH7QfjT9pD9nq3+KvxHjsbXVH1C+tnFlG 0FusVswCnbJJIQcHklqAPtGiqdrqFhfW322yuYri35/eRurp8vX5gSOO9UNI8S+HPEBmXQdVtNSN s2yUW08c3lt6NsJ2n2NAG3RVS31Cwu5p7e0uYppbYhZUR1Zoyc4DAHKng9fSlN9ZC8GnG4j+1FPM 8nePM2Zxu25zjPfGKALVFc/beLPCt5q0ugWms2U+pwZElqlxG06Y67ow24dO4roKACivkH9rD47e KvhpH4K+F/wnW3m+JfxQ1VNM0f7SnmwWdvEVe9vpo8gvHBEfu55LZ5CkHub/AF742ad8f9I0H/iT v8LE8OtcajeTSJHqn9rJJKCVj80YtzGsZJ8vAJb5uMAA+haKpjULBrL+0luYjabS/nb18vaP4t+c Y980HULAWX9pG5i+ybd/nb18vb6784x75oAuUV8XeG/2hPGetft0+Iv2c2SxfwhpnguLxDbzRxsb t7qS5tYuZfMKGMpMxACA9Du9fsSLUtOmvJNOhuopLuEbnhV1MiDjllByByOo70AXaK5+28WeFbzV pdAtNZsp9TgyJLVLiNp0x13Rhtw6dxXQUAFFfIv7Y3xl8a/CXwR4V0r4XyQJ418feJtK8O6UbiIT pG13LumlaMkAqsSMCTwpYGvrqgAor56+A3iv4vajoOuSfH/+xNP1Y+ILu10hNKnRo5dMVIvs+/8A ey/6QXZwy5Bxt+Ud/eri/sbOWGG7uY4JLltkSu6q0jeigkZPPQUAW6KqzX1lbTw21xcRxTXJIiRn CtIV5O0E5OO+K+OP2EP2g/Gn7SH7PVv8VfiPHY2uqPqF9bOLKNoLdYrZgFO2SSQg4PJLUAfaNFZg 1rRzp76uL+A2MQJe481PKUL1JfO0Y781Ho3iDQfEdsb3w9qVtqluDgyWsyTpn03ISKANeiio5pob aF7i4dYoolLO7EKqqBkkk8AAdTQBJRVZLyzltRfRzxvbFd4lDApsHO7d0xjvVcavpLR28y3sBS7O 2FhIuJT6Ic/MfpQBo0V86fG3xp8VB4W8Pal+zlPoOsXk3iC1tNTfULlDbrpu2X7V5LLLGDcK4jCr knG75T24X4pfHLxh8F/2lfAHhvxdJBN8MvifG2j2c4iCT6b4hjYNCskufnhu0IRARkPk5CjBAPsW iisvV9c0Xw/aG/17ULfTbVestzKkMY/4E5A/WgDUorN07WtH1jT11bSL6C+sXBKzwSrLEQOpDqSv H1qheeLfCmnpaS3+tWVsl+dtu0tzGgmb0jLMNx+maAOhoo68iviz9s39pbUPgl+zp4o+Kfwlv9J1 fXdBurC3McrC7hjNzdRwuJUhlRg21jgFhg9qAPtOisvQ7yXUdF0/ULgAS3VvFK+3gbnQMce2TWpQ AUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAH/9L9/KKKKACiiigAooooAKKKKACiiigA ooooA+J/2pviv4u8Lavp3g7wxeSaYk9qLueeE7JX3u6KiuOVA2EnaQTn2rI/Zg+LnjLXfFM3gzxL fTatbTW7zQyzsZJYnjxkGQ5YqwP8RODjHU5+kPir8GPDPxXgtm1WSSyv7IFYbmHBYIxyUdTwy55A 4IPQ8nNP4UfA3wv8KZLi/sJpdQ1K6Ty2uZgAVjyCURV4UEgE8knA5rtVWn7LltqfOSwOK+u+15vc 9enax7XRRRXEfRhX4GfAzwv+1d4j/ai/akb9mnxnofhOGDxew1NdYtDdGdmuL3yDFiGXbtAfd0zk dcV++dfkZpf7Ln7eXwn+NHxc+IXwG8T+BLTSPibrkuqNFrDX8twkYlmeAMI7MqjBZm3BXYZ6HigD yTwqPjP8Bf27/APij9tyW38c634+t20DwjrukTiOw0yaR/Kki+x/Z4Duc3KIWIGBKWBkOdn0h+xR /wAne/thf9h7RP8A0C+qbwV+x/8AtE/EH46eEPjl+2B8QNJ8QN8PWefQ9E0C2eOyiun2t5rySxwt w6I5+RmYogLBV2lvir9mn9rD4XftG+OvjX+yn4g8LyaX8Txatq+meJ1ugtvdW6FFmjNqpLhSzup3 LjzCpRwA1AHA/CbwR4R+J37ZX7Y/gjxtYJq+hapB4djurZ2dUkEdvvALRsrDDoDwRyKt/wDBIH4Y eA9J/Zwtvitp2kRw+LNdub+xvb8PIXmtre5PlxlSxQBcDooPqa9e/ZF/ZN+LvwP+LfxW+JXxa8Va d4tm+JEWnSvc2glinN4iyPdh4WiWOOJZJSkGx2zGqllQ/KJP2GP2d/2if2X7TV/hR451jw9rXw1s 3urjRp7L7Quqm4uJlYeejxrEsZTeWUMxVyAGZeQAc1/wU60G/wBE+Gfgf9o3w9CZNY+DPifT9Yyv 3jZTTRxTx/R5RBu7bQc8V8Gftn/FLXfE/wC1fB+0X4GuTeeDv2dv+EQa7eIFklXXJzdOykf89I3W Fx7Y4Nfu98Xvh5p/xa+Fviz4ZaptW38T6Zd6eXYZEbTxMiSD3jYhx7gV+dfwI/4J9eK/An7IHxS+ BHxG1bTdU8X/ABE88rfW81xPaRfZ7aOPTFeSaGOUrBNHvIEZwDhc4FAHOTSQfHn9s343/E+B1vfD 3wZ8Dy+HNMlU5jbUNStppp5EPQsitPE2OxXPGK+EPHfgHwhrX/BJL4NeOtT01J9e0bWr6ytLos4a K3vtavvtEYAYKRJ5aZJBIxwRzX64/sj/ALI/ij9nz9mbxN8LfE+o2OpeNPF8uqXOoX1vLNLbPPdx fZ4P30sUcrKsaqzEx5DM+Aep8h1D9gz4lar/AME8fD/7KFxr2lW3jXw7eS6hFdxPPJpskp1K5u0Q yNCkwBinwW8k4cdCOaAPG/24v2dfANr8U/2R/wBnrwFbyeE/Cl7qviO1MVhPIssNtdSWE12IpZGd w0geTkkj5umOKvfGf9nf4Xfsh/tRfs1+LP2eNPn8It4s8Rf2Bq1vDeXM8N5aTNbxkOLiSQ8q7bhn DHa2Nyhq+ktY/Z2/aa+KXjv9nX4ofFzUfC6a98K9S1q610abLdpFcQXxtxbfZEeA5kCQnzQ7IucF SQcD1b9pz9nrxn8afiR8DvGHha90+1svhp4nj1rUkvJJUlmt0eFituI4pFaTEZ4dkHT5qAPsavwz /ZU/ZR+FPx8/aA/aX8XfGOwbxNpuifEDXbLT9KmnlS0hnnvJnuLoxxuuZHQRIp7BT1O0r+5lfgt+ zboX7WcHx7/ac8X/ALM+q+G5oD4/1my1LR/E63Qt3cXlw8N1BJa/MJE3MrKSoZcZ3ELtAOd1eK8+ D/w4/bS/ZK0u+uL/AMFeCLCx1TQI52Mv2CLVAk81sJWyxUeZGACfvI7feZjXqHw++APw9/Ze/Yri /bM8M21zefFuTwQt/Hqt1cy3Ajn1yGIRssDMYx9nSVVU7fug7i2a990j9hn4iJ+z58Z9I8VeJ7HX fjJ8b1EuranIZYtLikicm3gi2xNIsMSs/IiychQoVVr658P/AALs779lrRP2c/iM0d3FH4TsvDmp SWbtsLwWSW0kkDuqtgOu+NmQHgEqOlAH4PeBPCHwA8R/AWA+Mv2f/i/4r+JPiSy/tGbxrbaNc3LS alcr50d1az/bAskCsylGMf71PmYFmr9C/g7+2f4j+Bn7LXw2vv2ofB/jG88XX7ahpriHSZHvmTTJ FEU10l1JA+ZIZIwJDkyMrsec1naH+z9/wUe+G3w0b9nb4e+O/Bt74NhiksNO8Q3i30Gu2OnPlQip GrxK8aHEWPMKYAEgwu39CvgF8KJfgl8JvD/w2u9fvfFN5pUTfadT1CV5Z7qeVzJI37xnKoGbbGm4 7UCjJIJIB+Q/7d/x60H9qv8AZj8D6x8O9O1zwu0XxO0rSkbV7YWF0ly+n3brNEI5ZPlXzVw24EMD 6ZrY/bF+DvgX9hH9myfSP2bLXU9E1b4ra1pHh7Vb6Cea71CS1hhuZn+zlnGyWYgqUQqrh2AA4x9+ ftofs9eM/wBozwj4D0DwTe6fY3HhfxhpniC5bUJJY0e0sorhJEjMMUpMpMq7QwVSAcsOM9l+1h+z jpH7Ufwfu/hpf6k+iX8NzBqOl6jGpdrPULbcI5dgZdwKu6MMg4YkEMAaAPxD+JHg/wCFGj/D3Tp/ 2XP2dPjD4E+KvhiS2n0nxDLoV0rSyxuom+2MlzLkSpvPyRcNgACMsp+t/iR/aP7YP7U3wY+Anxkh u9N8IW/ga18ba3oDCWxN1q9wrKbeZcrKohJVSpIZMSr8rEkd74n+Bn/BSP4xeHdM+EXxO+IPhPw1 4Wglt/7S17w4b9Ncv4YGDDhkjjV2IBbZ5SkjnK5U2P2oPh74Xtv2gPhFD8IviXD4D+PHh/Rza6KN chubqy1vR4xKjW13dbHQyDEp+ZjIxckLvKMoB4j8Tf2Zvhv+zt+33+zfP8J4JNG0DxVfapK+jieW W1try0t0WS4hWV3KGdJI1YDj90Meg6f4XeH/AB54s+Ln7fnhr4X3hsPFmpnSrfTJhJ5LLcyW2ohA suR5bN91XyNhIbPFeZ6loXxw1P8A4KP/AAJg+NfjfRvFnjC1TULm40rw5DImnaHYwW8rp80uHMlw 4kLGRQ/yoMkFAPtjw9+xx43/AOEv/af1DW/E0Wjaf8b5NOfR7zR7i4XUNPayS5/eTjZCFIeVDtjl YOoZSVzyAfkTp+h/ss+D/Anhz4Z/tB/DTxj+z/8AE/SpLYr44iiurhJbyGRWluQ3mISJcEqI4pBF nKP8vzfaf7XPwW+D3j/9rn9l+81ixg8UW3xJS+j1m/ErhdZt7KztfskpMThVXaxZTFtBDdxXXa9+ zN/wUP8AiD8IR+y/4/8AFnga48DNHbWU+vtHfXWtS2NrIjR/JIgjaYBBksFYn/lrn569e/aB/Y9+ KV3Y/APWP2a9b0u01/4DwvZWUfiDzvs93bPb29uGdoEkbcBb8rgAhyQylQCAfEXx+8UeEvGf7b2t /Cv4pfD7xj8R/hj8INI0+z0fwv4Tspr2JLma1gkF1exrPE20CVo1bdlwqA/KGDehfsnXGqeCf2yI NN+Bnwq8f/Dv4O+NtLuV1fTfE+k3VtYWWrW0Us0dzBI0k6RiQRJGC8mSzsgGCgX6a+In7MH7R2l/ F/Sv2p/gH4h8P6b8S9T0S00zxdpGprctoeqSwRIrPDJGvnKFaNFjBVDtRTuUl1bq/gV8BP2mLn42 3v7Qn7T/AI2s5tRSxOn6X4b8NzXaaLaxuCGklSbb5jgM2Awc5bcX+VAoB8B/8Ew/2Pvg/wDEP4Oa V+0L8S7O71nxB4f12SbRx9qlEFnDpcizoi26sEffcGR2VgQcjABLFvDfgd4s+Fnxyh8W/Gf9p34I fEf40eKPFmo3KwXuiaXcXukadYrjy7Szkju4drREsCMHYAoXB3Fv2m/YW/Z78Z/sx/ACx+FXj290 +/1a2v726aXTJJZbcpcOGQBpooXyB1+THoTXzf4a/Zi/bE/Zd1jxToP7JHiDwnqnw88TX0uoWul+ KVvFn0a4uOHFu1sCHjVVUAsxzgZj3bmYA+TPA3xm+OnwK/Yo/aB0+30jxb4W0rwrf2Nv4HufFGnz Weo22ma3dG28oPICm61jXIMbERySDBAZAPUPjB/wTy+BPg79h/VfG3hu1ntfiBoPhp9an8QLdz+f ezC2868jlQyeWYbhC8YQLwCOSd2760+G37FWtz/s/wDxA+F37Q/jm98a+IfilK91q14k0rW1lNv8 2EWEc3CrFN+8zsQMcKUCqBXgHiD9mT/gon4w+CN1+zBrfjrwYng62sTYRa2iX39r6ha26f6La3Hy GONHKpHPIqlwmeZjuDgHPfEG/vNf/wCCeX7O3wC0aVo9S+MbeF/D5KHDx2QEdxdTf7qLGof/AGW9 K7z9pnwzY/HP9s74U/sd+Irie1+GGleHH8SahpNtI1vHqDwPPBbQM6FXKRiFeFPCl8YbDL6h8Mv2 UviZoPxJ/Z/vfG9xptz4b+CPgyexQ2s8khm8Q3aLazOkckUZMKwKGSRsNuH3R1rs/wBqH9mT4h+P /iR4K/aH+AHiGx8OfE/wLHLaRDVUkfTdS0+ctutrnygzqB5kmCqEneeVYK6gHAt+x74W/ZZ+IOtf tK/ADU5PCfh/RvDWpPq/hKNJrq01aW2t5ZYXEktxmFlcIQArDK4XbvfPz/8AscfsZfBv9pn4AR/H z9ou0uPHXjn4mzahdXWo3N5Oklokd1LbRpbCKRUTb5e4fKQudgGxQte/eA/2YP2gfij8ctM+On7Y usaBcJ4XsL2w0Xw54bFwbFP7QjaG4luJLgByWRj8oZskI25dm08V4D/Zt/bo/Zo0vVPhL+zl4v8A CGrfDq6ubibSZvEsd5/aeircsXdUWBWik2sxYbt6s+WKIGZaAPzw+JPjHxlb/sJfF74KeJNbuNdP wc+I8GhaZqMzlpmsoJ5EiXzMknY0TFOfkVlUfKqgfSv7bf7Ffwi/Z1/ZdHxo+HEV7p/xN8G32l3c niP7fcyX17d3FzHFPNMXkZNzySeaCqqQRgEAsD7P4z/4JxeJv+GOtU+BHgrxJZ6p488Ua9b+Itc1 rV3mhgur0HM20xRTyBQBhAVJY7mYgsQPsD9tb4GeLf2j/wBnPxJ8IfA93Y2Os6xLYPDLqMksVsot buKd97QxTOMqhAwh5xnA5oA/PT9sf4J/Cnx1+1P+y/r3iXw5BdXfxWubtfEreZMo1BLO0sFgVwrj YI1YgbNuR1zXWaa+jfBb/goT8S5fCuni30rwL8E91jZpucJb6ZJZGGFdxLEBYwoyST65r6s+L/7N Xjr4gfFn9nHx5o1/psOn/CCe8k1ZLiWZZpxcQ2sa/ZAkLq5BgbPmNHwRjPIEqfs6+IbL9svxn+0l 4hn0668D654Hbw49iGmkvmkE1vLIXhEPlmJo4XHyyliSBs5yAD41/ZG/Yu+D37Tn7OyfHf47RXXi j4h/E6bUL+41trqaK4sZI7qW3h+yiN1jTy/KDAFCAfkxsUKPlDwxZXem/wDBJL4+adqF2b+6tfHg iluWYs08iX+kK0hYkklyC2SSTnrX0h8DfCvxc8P/AAj16P8AZG/aC8Lp8A3uL2WPUdds7mPWvDkU jF7hI45I0XehLMpmKhj+8QLvzSfsMfs9r8dv+CcPj74S3uoyWVp438Q6hPYajJETuNo1mYJzGSCV Nxa/ON2eGGc0AfVn7aTon/BNvxMzsFB8OaKMk9zNaAfma+MP2pvh7b/Fi4/YN+G17dT2dj4j0qWy vJLaQxTGzlsdJFyiOOhkh3p3GDggjivUfG/7J/8AwUM+MnwM/wCGefiP448FWHhrSLS3ggnsVvWu 9Xax2G1S9leHbHErIrs8cW8sgyrZJr6U8WfspfEPXvGX7K/iKz1HS0tvgdaywa0sks4e4Z7SzgBs gICHG63cnzTFwV75AAPz8/a4+HPw1+APj74X/skfDvwz4lm+GPiq6vPFHiTQ/DPn6hq+svEgijt0 3yrJJEi2xZ08z5FLSj5lXGXHJpPgX45/DL4ifsffAH4n/DWe31S3sfE1tqOhXkel6hos7qkvmgT3 P7yMEkFgFBxITvRTX6h/tafsveLPjPq/gr4r/B7xJD4R+KHw4uJJ9JvLpGezuIp8CW2uQgZgjY+8 Ef5S6FSHyvk+mfAf9tj4yfFfwf4u/aU8Z6F4X8J+CLoXsej+Cp7+I6pcIVIF08xB8pioyC7fIWQI pYvQB5J4O+Ffg79tT9tD443/AMe7eXxF4d+Ec1loOg6JLLLDaw/aBN59wyxMjMzPAzAkndv5yEQC p+yH8GtB+Av/AAUY+MHw48JTzSaBaeFLSfTop5Wne1trma0lFuHcsxSJiypk52Yzk5J99+JP7N/7 Q3w+/aB139oj9kbWNCW58dW8EHiXQfE32gWNxParshuoWtRvDKvUblwS5ywcqK37L37LH7Qfw3/a W8cftD/HTxVoviS+8caPHazDTPtEZt7lZYSsMccsSr9miihCRtv3nA3JnJIB9P8A7VnxI1n4Q/s4 /ET4j+HHMWr6Lo9zJZSBBJ5V1IPKhk2sCCI5HViCCMDnivz2+E//AATf+CPxc/ZU0DxV4la5n+KH j3SLbxA/i2W6uJryDUtSiW6R9gmVJEjLhWU8vgtuDkMP1V+JHgHQPin4A8Q/DjxSjSaT4lsZ7C5C Ha4jnQoWQ9mXO5T2IFfl/afs0/8ABQ3wz8KZP2XfDXjzwdcfDwwS6XB4guIb1ddh0iUGMwCIK0IY RMVQAsVGAJhgFQCHXfC3iTwR+39+yh4P8X+In8W6xo3hTXbS41aSEwSXrRWN4oleMySkOygbiXYs csTk18+aZ8VvE3wX+EP7dvjzwZcPZ65D8RL2ztLhM77d7/UmtWmVh9140lZkbs4Wvujw1+xLrHw+ +OnwA8YeC9Ts5fB3wf0DUtJvBdySrqN3PfQXCedHGkTREPLPvcNKu0EhQcDMPgn9h3ULnw3+0n4G +K1/ZTaJ8bvEt9rFg+nSSyT2cM073Fs8yyxRKJoZPLfYpdCVxuIoA/LuHwH8CLv4CxadpH7O/wAY pfitLYLfQeMo9EuWlfXGTzVuhKt4QbdpumIy3l/MP3nz17N+0ZP8UfjJ8Bf2O9N+KJ1Xwr428R+K 4dG1CaaOWw1OGYziw+0lZAsiSyIBMGwM7twGCK+jx8Bf+ClVn8L4/wBnLT/H3g1PCUNuNMj8UKL+ LX00tR5aptVfLWURDaCMtj/ltu+evYfiZ+xz4w1rSv2cfD/hDxHHqdv8GvEun6zql7rtzcNe38Nt NHNO0bLHNuldlYqjsqKCF3gCgD5J/ao/Zi+En7IvjH4A/FX9nnTJvCOsHxrpmiXjQ3lzML21uss4 nE0j5LLGyNjAZXYMD8u3b8b/ALO3wX8Q/wDBVbT9B1nwvDdafq/g9/E13E0swEusfbph9qJEgO75 F+UEJx92vt/9sP8AZ78Z/tB6b8NLPwZe6fZP4N8Yab4gvDqEksYktLNZBIkPlRS5lO8bQ21TzlhX m37QX7Of7Q+o/tSeFP2nf2d9X8PRX+naF/wj+oWPiD7QsTW/2iWYyRtbxyElhLjHylSikbgxAAP0 Pr+TX9n34s+KPF3wq+Hf7J/ia8vfh98IfFXiS8tdd8TQRtjUJp9si6as7ARwocxrISW/1gZx5asr f1lV+Xnwv/4J93cX7EGpfsrfGO80661ee9vNRstQ01pZ4bO8dt1rOjTRQvlDlZFCjcjMmcNmgDxj /goW+j/B/wAN/Az9k/4c6Lq2n/DzxLfXP9r6V4VgaXVL/T9PMG60gXcpmkn893k3sSzhXcnnPzd4 3HhvwH4k8EfEn9jD9nT4q/Drxj4Z1GD7d9q0G9Fhqek/8vFvchbi5d2YhR90bgW3HcEK/ffib9jr 9oD4ofAP4daZ8QPGWl6Z8bfhBfG58PeI9PluLy1uI4xH5a3nnwQuHk8uMSsI5MmIOd+90pt/8BP2 7vjx4t8KWn7Q3jbw94Q8E+F72O9uYPBM2oQXurSQ8BZZJdpRHGQcMAu4kRltpUAy7+H/AIZt/wCC mVjqqj7N4S/aL0lraT+GJde00Dacf3nAQD1e5b615h8LvDnj39qPxP8AtS/tM/Dq8Nvq+q2l34H8 C3Qk8rbb2UQ82SGQkeX9oYRFJARsd3OeDj1f/grJH4VuP2etP1SDWFsfH3hzxBplz4bjtpB9vkvp JBG0cSqfMH7pzLwPvRp7V9C/Dv8AZZj8MfsYad+zLbatc+HNRl0TyLnUtPkaOeDVLg/aJ50eNlZl Fyx+XcN0Y2ZwaAPxD0/Q/wBlnwf4E8OfDP8AaD+GnjH9n/4n6VJbFfHEUV1cJLeQyK0tyG8xCRLg lRHFIIs5R/l+b+mjwvd22oeGdIv7PU11u3ubO3ljv02lbtHjVlnXZ8uJQd428c8cV+TGvfszf8FD /iD8IR+y/wCP/Fnga48DNHbWU+vtHfXWtS2NrIjR/JIgjaYBBksFYn/lrn56/VH4c+CNM+Gnw+8M /DrRZHlsPC+m2emQPIcu8VnCsKs3+0QuT70AfnVG8vjb/grc9tqYDwfD74etNYqw4SS6njSSRB/e ZbxlLDsMdqzPiz4b0rxl/wAFR/D/AIQ12Lz9N1z4TXtjdR/34Lm61CKRfxViK6f426bcfBb9v74V ftAzqYvC3xD06TwLqlx/BBfyM01jvJ4AnkEaA5wPLYn3oeJLm3v/APgrh4SWylWc2Pw0lSfYwby2 N7dsA2OhxIhwezA96APhnTfHfijT/wBg3V/2MJLnb46i+Ii/DWJeTJ5N3e/a/N25yYm2yxDnG3AB xioLf4geJte/YN8OfsYRXBTxzqHxCf4dXCf8tI7a1vReSSkdRHHviiPbbkHoa++dT/YO167/AG/L T9qO31OwTwNvi1S60oyzi6fWYLN7WOVYREYSocrNvMobcXG3nlnhb9gvW9D/AG+tX/aju9S0+TwS 73Op6fpqyTNeR6xe2sdvcSyQmIQBWYyyB1lLZ8vK8ZAB8MftMfFPxr+yp+2h4zl+BPhqTVNRs/hf aaLY+XC08ek2dsbeVr2WNVIZLeG2P3sIGKlsqCrfZ37PnwD0eT9i3xT46/Z/8RyeJPip8WtCurm5 8V3Unl39xqc6Nvt/NZi1v5c26P7+VkG9mJAI+iNJ/Zy8WW37bvij9o/UrnTbjwjr3g1fDi2ZeV70 3H2i2lYyRND5PklIWGfNJJIG3GSPDfh9+w/8TvhtJ8YfhB4U8XQaV8F/iFHLdaItrd3UWt+H9Tk2 MDCqxLG0AYbGH2gM6ImcEvkA/LfT9D/ZZ8H+BPDnwz/aD+GnjH9n/wCJ+lSWxXxxFFdXCS3kMitL chvMQkS4JURxSCLOUf5fm/po8L3dtqHhnSL+z1Ndbt7mzt5Y79NpW7R41ZZ12fLiUHeNvHPHFfkx r37M3/BQ/wCIPwhH7L/j/wAWeBrjwM0dtZT6+0d9da1LY2siNH8kiCNpgEGSwVif+Wufnr9Ufhz4 I0z4afD7wz8OtFkeWw8L6bZ6ZA8hy7xWcKwqzf7RC5PvQB8ReP8A/i7X/BRH4d+Cl/faT8HPDd/4 mux/yz/tHVmFnbRv/togWZPQZPrX6IV8l/s//BXxl4K+L3xs+MPxDa1fVfiHrcC6eLeUzeXomlw+ RYhyyrskZWJdBkAgcmvrGSWOFDLM4RF6sxwB+JoA/mx0jwLqev8A7Cfxc+I3hldviL4WfGDUPE1j Io+dfssdkk3P91Ucyt/1zHpXTft5fFXxJ8bPiX4V+K/wpl8zSfgf4T0Px04BLFbvW76zljjyOjCA wykkfdR+OlfZP/BNXw5o3j/9nP40+GtWUXWi+KfHXiW1k2kFZrW8s7SJyp5BDKTg1d/ZM/4J9eJv g78Fvi/8OvizrGna3q/xNtf7JW6spZ544tOgs3t7UM1xFE6vG0rEKoZVVU2scYAAug65pv7Tv/BR XQ/E+jv9s8JfBnwdBqEDfejOqeJIhLEfTJtZVb2aH16fkT+z78WfFHi74VfDv9k/xNeXvw++EPir xJeWuu+JoI2xqE0+2RdNWdgI4UOY1kJLf6wM48tWVv3P/wCCff7I3ij9k34c6/pPxC1Gx1jxX4i1 COae50+WaaAWVpAkNpAHnihc+X+8IGzADADgV5v8L/8Agn3dxfsQal+yt8Y7zTrrV57281Gy1DTW lnhs7x23Ws6NNFC+UOVkUKNyMyZw2aAOU/bt/Zy1zR/hd8I/C3wY+H9x4p+FngDVGn1/wdo8skM+ o2w8sxN+63TSsCJvMYB5C0u887mHk/7ImtfsfX37VWkap8Gx4h+CXi97C4stQ8D6pBJFaau+xznf JLKA8QIdU+QkxhlQHfu+gdZ/Zh/bO1r4TfC68/4WPpmnfF34UXUiwTw3l9Nouu2GI1jGoq0ETmdV TYzeU4cFiW3SZS94W/Zk/ac+Ln7QPgP48ftXan4VsIvhqs76VpnhaO5Lz3EwA3XM1z8wQMA4UO44 2hV3MSAfpvXz1+1v/wAmrfGP/sTtf/8ASCavoWuP+IfgzT/iP4A8TfDzV5GisfFGmXml3Dp99Yr2 F4HZc9wrkj3oA+F/gg6R/wDBL2wkdgqr8PdSJJOAALOfOa/MTxh4Ul8efsb/ALFHgSG8m08+JvE8 +lm4t32SxLfXz27MjdiFc19k+Hv2TP2/dL+DN3+ygfH3g+2+Gv2a6sI9YjgvH1qTTrguTabGQQos gYxuTuZEYhXfAFdxp37DnxYtPhd+y94Jk1bRDffBPxNFrWsuJ7nyri3S++0lbM/ZgzybOAJFiGf4 sc0AeJ/tp/sw/Bz9mT4K/DzRvg/pEml2+ufFLw3cXfnXEty8jw2d7GnzyszAD5jjOAWbGAcD6b/4 Ku6OLv8AY51vxNCwivvCeq6PqdnKOHin+1pah0PZgtw34Zr139tP9nrxn+0b4K8D+HPBF7p9jc+G fF+meILltRkljR7WyiuEkSMwxTEykzLtDBVIByw4z47/AMFII9S+J3hj4f8A7KXhMmTXviv4gt1m VefI0jSyLm8un64WJvLbkcgNjJGKAP0C8Fa1N4k8G6D4iuV2TapYWt06gYw08SyEY7YJr8d/2mn/ AGT1/az13Uv2gNR1z41a6mn21vpfgTQ9MuLlNCXYhdmaK5SOSSbh9p2lS+WU5jK/tHYWNrpljbab ZJ5dvaRpDEvXakahVH4AV+Yd9+zR+1p8G/2jviN8ZP2ZtS8I6tpXxTkhnvrbxV9sWazni3EeW1qu WjDuxGH5UhSmUVqAPkT9kW9sfDvx5/aS8BeBPC2ufDrwRfeCptXt/DGvK8d1Zz+TCqyPFI8jIXEz soLE7GVSSFFbv7FP7CfwO+N37F1l8RfilYXOu+JPEFtqsWn3kt7cqdJgsrm4t4I7WNJBGqrLG0xD IwZnIIK8V9J/Cf8AYw/aK8JfHb4i/Gb4j+NNE8WXXxN8JXmlahJGtxaSW2pT+UIY4IfJdGtII4Uj VzIshXkx5HP1P+yL8DPFnwC/Zc8M/BLxjd2N5rmjRanHNNYSSyWjG9vbm5j2PLFE5ASZQ2YxyDjI wSAfkXZfGP4maj/wTB+FHgy08QXNrqHj/wAWDwVPqRJaWLSpLi5zH5hORhESIDIJiBXOM13n/BQz 9hD4C/BT9le68f8Awg0ubw5qvhqWwtryRbueU6ra3FxHCyXSyOUZxM0cwKqMFeBjG36Z8F/8E+td m/YatP2X/iLrtpaeKdJ1K41jTdV0mSaWC01ATSSW0gMscEjALIUkG0EBjtOQDXm/xx/Zd/4KL/tN /CofCr4o+MPA2nWGlNBMj2H29JNauYHVVe+k8lhEioXkAiiAaUKDGBhkAP1z8Kf8ivo//Xnb/wDo ta36zNEspdN0aw06chpLW3iiYrypZECkjODjI9K06ACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooA//T/fyiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKyNZ8QaD4dt0u/EGpW2 mQSMEWS6mSFGc9FDOQCT6Vr1+Ln7MfwM+HH7cviz4wfH79o6zl8YSQ+Kb/w1oun3FxPBBpem2Kxy RrEkEkZVys6jJ5DKX++7MQD9n4pYp4kngcSRyAMrKcqynkEEcEEVi6f4p8Matfz6VpWr2d5e2v8A rYIbiOSWP/fRWLL+Ir8V/wBon4WfEj9kH9myw/Z+8D/Ee9vNE+KXju10fTpnhaGfQ9IvhI0lmtx5 zs4Yom4qIgR5vA3muy/av/YV+B/wB/Zx1D4ufAa1uvBfj34aRW+o2Wt297Obq4aORElE5aTYxlVm PyquGwANhKEA/YmW/sYLhLSa4jjnkUusbOA7KvUhSckDue1UNK8SeHddSeXQ9UtdRS1YpM1vOkwj YdQ5QnaRjoa/D3426PH+1j+0f+yHZ+L57jT7T4j+C5dQ1eOyle1aWCWxa+urYMhDCKYI0TAHlGOD 3rvfFHwL+Hn7KX7fXwDj+BNhJ4Z0f4i2+sadrOmx3E01rcx2sGQXWd5CcmRTjO3dGrABskgH7K2d 9ZajALrT7iO5hYkB4nDqSOvK5HFFvfWV3JNDa3Ec0lu22VUcMY29GAPB9jX4+/s0/EDSv2L/ABT+ 0p8A/FjeVoPw/wDtHjjw9EzYMuk3UakwRk9SrG3iGOsrPwDXyt4kv/iV8Ef+CeVp4/iuby08e/tM eMEvdYvbJG+3/YdSWeeOO3Ksp3TRxBlXIJE7rnnIAP6GbHxR4a1TUJ9I03VrS7vrX/XW8M8cksf+ +iksv4itFdQsHvX05LmJruNd7Qh1Mirx8xXOQORzjvX83XxI8H/CjR/h7p0/7Ln7Onxh8CfFXwxJ bT6T4hl0K6VpZY3UTfbGS5lyJU3n5IuGwABGWU/YXxn1nXPhP8f/ANmr9tXW9Pk0KLx9p1l4W8Z2 8sT232aXUrdZYvPjfDo0Lu5dW+ZfsyqeeKAP2EmvrK3uIbSe4jjnuc+VGzgPJt5O1ScnHfFeDfs9 eKPi/qXwug1n9o3+xNO8UPdzxv8A2ROrWPk7gIcP5so3kZyN/XtXx54IX/hor/gpB4r8dv8A6R4W /Z90tdCsD1jbXL8OLlwDwWjUzRP6FIzxxn8zY5ZYP+COgmgcxyR+NQyspwysLjIII6EGgD+l5fEn h19Ybw8mqWraqi7zaCdDcBfUxZ3498VwHgz4V/Cj4LXHjDxV4VsIvD7eMNSm1rXLmW6maOe9nYtJ MxuJHSIMzn5U2IM8AcV+Qv7bf7Ffwi/Z1/ZdHxo+HEV7p/xN8G32l3cniP7fcyX17d3FzHFPNMXk ZNzySeaCqqQRgEAsD6t8b7CP9qz9sv4Xfs4fEi5nb4f6Z4RTxhqWlxO1vHqWoSF40V3jKsUQbMYO QPMAILEgA/WSx8R+HtThtbnTdUtbuG+3fZ3hnSRZtv3vLKkhsd8ZxWtJJHDG0srBEQFmZjgADkkk 9AK/ED4m/szfDf8AZ2/b7/Zvn+E8EmjaB4qvtUlfRxPLLa215aW6LJcQrK7lDOkkasBx+6GPQftf rejaZ4j0a/8AD2twC607VLeW1uYWJAkhnQpIhKkEBlJHBBoA+NvhN+1tJ8XbP45Tafp9ppknwu1P VNM05DcfaHvRpsLk3LgbPkeRMhV6LxuJ5re/Y/8A2iLz4z/s2eBfir8U7/S9K8Q+Km1BDFEwtYZG tdQuLVBDHLIzE7IlyNxycn2r87P2LPgf8KtG/wCGp/FumeH4oNX8F6/4p0PR7gSSlrTTRDMggQFy pG0YywLe9Yv7EP7BPwI+Nf7Gth8RPilp91rPiDxDFqqWF019cR/2VBa3dxDGlrFG6xgecjzMHVgz O2eCRQB+9eRjPasPS/E/hrXLm4s9F1a01C4tDiaO3njleI+jqhJX8a/nD1L4+fEm7/4J3fA74cvq WtXQ8b+Jbvw/qEulBrjWLjR7K5KixtRuBeR1kSKOMsN6oIydhYVe+Juj+B/DGk+HPFv7G37Ofxa+ HPxN8JXltNaahcaFefZry3RgJ4b7FzcNIsi8nCfNyjfIxwAf0lV8+ftCfAL9n345eHbeP4+6JZX9 hpBZ7e8ubh7KS1MmN2y5ikidVbaNy7trYGQcCvbtC1CbVtE0/Vbi3ezlvbeGZ4JVKSRNIgYoytgh lJwQeQetfkj4f+GnhX9tb9tz40R/HNJvEHhH4Nf2dpGh6DLLJDaRzXqSefcOsTIzMXt3OSfmDqDl UQAA9x8VfC74LfsPfs5+P/jV+zD4W0y11yy0oSx39xLPqX2lVlUbXmkmZzGSclY3VSQCRwK9K0P4 l/tA+MdF/Z38W+FbbQ20XxvpVvqPjI3DeVPELmztZ4/7OjaYMfnklyMSEALn1Px58a/2SYP2Xv2Z P2kG8C+KZ5Ph74n02O407wzNHJIukzpJH5jxXUk7s4kyQQYwSoTczFcnlPFf/I1f8E3f+wT/AO4v SaAP2g1jX9C8O2wvfEGo22mW5IUSXUyQoSe25yBmr0V3aT2q3sEySW7rvEqsChXruDDjHvX87F14 78DfGr9qf4xeLf2ivhT48+Mmm+FNZufD3h7TvDmmzX2maVbWcskLmZUuIdk8ojV9vQsXYgnbt9t/ ZKuvGHhXX/jz8OvC/gXxr4N+C1/4ZvtY0C08X6bcWp068SJY7i2hlkaSPbKZndV8xmZIwx+YOSAf tDeeLfCmnpaS3+tWVsl+dtu0tzGgmb0jLMNx+ma8Q/ay/aAj/Zm+BXiL4ux6dHrV5pS26W1jJP5A nlubiO3BLYYlYzKHYKMkDGRnI/Kr9in9hP4HfG79i6y+IvxSsLnXfEniC21WLT7yW9uVOkwWVzcW 8EdrGkgjVVljaYhkYMzkEFeK8o8T2Vp8UP8Agjnpfj7x7G2s+IvAl4bTR76eSRpraGTWYbZlB3YY eQRENwOEAAxjNAH9C3gzxFD4s8KaT4ihlhlOoWsEz+QweNXkjVmUEE9CccnNeWeLdb+Ndr8efAuh +F4NIf4cXtrftr8lxIBqaTpDIbUWqeapZTIE34jbC7uR1Fv9nb4YeA/hL8I/D/hn4d6RHoumXFtD fSQxvI4a5uYkaWQmRmbLHrzj0FfGHx2/5Sefsz/9gbxL/wCm+8oA/SPVPEnh3Q5ra21vVLXT5r1t kCXE8cTSt6IHILH2Ga+TP2Zvj944+L/xd+PHgbxTDZR6d8NfEMel6WbWJ45WgYzgmdmkcO/7teVC jrxXxF+yr8Avhl+3BqPxZ/aF/aP0+XxdqV54nv8AQNMtLieeCPS9NsUjaKOJIXj2OBMBzyNu77zu T5b+z/qGtfsn/Dv9tuTwpqE2oaj4F1CC1028uT582f8ASYLaWQ87njDozZ4ypyMcUAfvBN4n8NW2 rx+H7jVrSLVJhlLR541uGH+zGTuP4CtOe9s7V4YrqeOF7htkauwUu3ooJ5PsK/mi8CeEPgB4j+As B8Zfs/8Axf8AFfxJ8SWX9ozeNbbRrm5aTUrlfOjurWf7YFkgVmUoxj/ep8zAs1d18V5vjH8Wv2ev 2S/Cfxi/trwx41vfHA8PXF5eRT2OqCN5ktoLrMwWXzPIdT5h5dgWJJJoA/oSsPEnh3Vb650vTNUt by9s+J4IZ0kliP8AtopLL+IFfMes/tQ2unfteaP+zFHZWq2134dm1y51SS5G5ZhO8EdqkfADfuyz FmJOQAoxk/nr+1R+zF8JP2RfGPwB+Kv7POmTeEdYPjXTNEvGhvLmYXtrdZZxOJpHyWWNkbGAyuwY H5du343/AGdvgv4h/wCCq2n6DrPheG60/V/B7+JruJpZgJdY+3TD7USJAd3yL8oITj7tAH6GeGvH /wAWtC8VfF3Vfi5Ho1t4I8OG3l8NPZTr9slgWKd7lbwGV9shKxiMFUzlsA9vhD4M/tCft9/Hf4S6 38evCE/gO10zUI5F0LQrgypcRyRajHbM9zJJIiqnlLPhmlBd1QhAGxXMeAPhz4K+KHxg/bv8N+Pd LTV9Niu9GvVhkZ0AuLW21KSF8xspyjgEDOPUGvmzRPhL8O/D3/BG/wAQ/FvRtFjtvF3iqGCDU9QD yGS5itfFqRwqysxQBEjUDaozjnNAH9EejX17D4YsNR8VSQW16LSGS9ZGAgSYoDLtYkjYGzg56d6s 6Pr2h+IrX7d4f1G21O2yV821mSZMjqNyEjNfg9+1h4+XxV8XfgT8AvG2geKPF/w207wZp/iHVfD3 hO3kuL7VbmRJI4hJGkkRaCEwISwYFQz7SGIKs+H80HgX9q34Y+LP2Uvgd8Sfhp4d1q9TSPGNjrOi XcOkT2d06RRXJ/fXAQwb3kdnKou1WGPn3AH394x/YG/YO1nxbd+OPFHg/TrS9uLofaY11O5srR7q Y5UNbx3EcSuxyQiqoY5+U19xeHPDmg+ENB0/wv4WsIdL0jS4Ut7W1tkEcMMMYwqIq8AAV+HHw0/Z P+Gf7Uf7bH7TafFyO71DQ/C+qWv2eygu5baM3eoLKBcHyipLxpbkLzj5vmB4Ffudomjab4d0aw8P 6NALbT9Mt4rW3iX7scMKBI0HsqgCgDxP4D+JPjHqXhrxPqPx9XRbG8s9dvItObSplaD+yESL7O07 ebIFm3GTeCRgbflHf2KbxR4atr+10q41a0ivb1Q1vA08ayzKehjQtuYe4Br8IPhV/wAo5f2tf+x0 8R/+itPra1D9hj4JP/wTvPxt1azu7/4kt4Mt/FS6/NfXLXKTJZpdwwKpk8oRRxBYFXZwoBBDAMAD 94q+SfiF+1Da+Cv2pPhz+zmllatD4ws9Rvr7UprkJ9kWzt5pI4Vj6b5HjGWZuFOApJyOt/ZH8Ua5 40/Zh+F3ijxLdPfarqHh7T3ubiQ7pJpBCqtI7Hks2Mse5JNfnL+0j+zz8GvG/wDwUw+FWheKfDMO oWHjvRdVvdbieWZRe3FnaXCwSOUkBUoIYwAhUHaMg80AfZXgD9o7xTrn7Yfxn+CHid9OsvCHw803 R7yyuSpin3X9rbzSmeZ5ChUNK23CrgYyT1r7L03VNM1myj1LR7uG+tJhlJoJFljceqspIP4GvxLi /Zv+H/7Q/wDwU/8AjlovxPgn1Hwv4f0vQbt9LjuZbeC7uTpljHAZ/JZGZIgXYAMPmxnK7lPTfAjS NJ/ZN/bG/aB+FvwyFxB4D0nwUniu30eSeW4iivII4CdhkZnO7zHXJJYrtUk7VwAfsBqfifw1ol1b 2Os6taWFzdnEMVxPHE8p9EVyC34VuV/Mp8Cbn4NfFTwFqvxJ/aR+BfxQ+MnjjxxdXk1x4h0rSbi6 0+KIStFHFp00d3EoEW3B+T5GBjHyIBX6n/8ABM/WPiy3wa13wT8UtI8Q6bB4U1ma10CTxNZTWeoS 6LIqvbrIJh85iO5TtZlQbUU7VFAH6J3N7Z2QjN5PHAJnEaeYwXc7dFXOMsccAc1W07WtH1hZ20i/ gvltpGilMEqyiORfvI+0naw7g8ivy2/4K76dfav8DfhvpOl3L2V7e/EHSIIJ42KPFLJZ3yo6sCCC rEEEHIIr5w/bL+Cnw7/Y1+G3hf4XfAKw1vTU+M2t2Gl+Ip9MllvtYv7DTwd1vaK7gedctcf6pCiy thMBCRQB+52l+J/DWuXNxZ6Lq1pqFxaHE0dvPHK8R9HVCSv41c1TVtK0Oxk1PWryHT7OHBea4kWK JM8Dc7kAc+pr+cX4m6P4H8MaT4c8W/sbfs5/Fr4c/E3wleW01pqFxoV59mvLdGAnhvsXNw0iyLyc J83KN8jHH2T440PT/wBsP9vXTvg38XIblvAXw+8G2/iT/hH5Wkt47nVL0wAtOqlJD5a3KqQT8pjK YAdwwB+ttprei34tzY39vci8QyQeXKj+ag6smCdwHqOKtW19ZXrSrZ3Ec5gcxyCNwxRx1VsHgj0P NfjBo/7Pngv9nr/gqB8MdE+Gqy6f4X13w/rGoQaU00ksFjcm3uIrjyBIzFEl2I+P72QOAAPbP+Cd 3/JQ/wBqf/spusf+j5aAP0zt76yu5JobW4jmkt22yqjhijejAHg+xrNm8T+GrbV4/D9xq1pFqkwy lo88a3DD/ZjJ3H8BX4peBvidrPwhj/b9+JPhZwuraNr2bOTbvEVzJJdQJJjofLdw2DxxzxmvmLwJ 4Q+AHiP4CwHxl+z/APF/xX8SfEll/aM3jW20a5uWk1K5Xzo7q1n+2BZIFZlKMY/3qfMwLNQB/S9d 3lpp9tJe386W1vCCzySsERFHdmbAA+tZ+j+IvD/iG1a+0DU7XU7ZTgy2syTID7shIr8GvH/hz9qf 4zfsh/AzW/iP4D8QeMofAus3SeMfC8y3VhqutWlrIi2Mzoyi4lIhDK7qrOzPv/vMOx/ZM1P9jnWP 2o9NuvhEniH4K+KrnTrmw1PwNqsEkVprLGOTPzyTSYeMHeqfISYwyoDv3AH0V8KNM/Z2/aL/AG1f ir431zwPY/8ACX/Cy90mx07U5dQmuDfTpFOPtS2u8W4MSwII8IxXG8tuxt/Rjxx4rsvAvg7W/GOo APBotlcXbIXEfmeRGzhAzcAvjaPc1+RP7B37Pvwd0T9rv9oXUNL8NQwXHw012ztvDriWY/2fDdw3 sU6oC5Db0+Ul9x9MV+lH7T3gXwn8RPgD468O+NNOTVNOXSbu7ELs6jz7OJp4HyjKcpIisOcHHII4 oAyv2Ufjs/7R/wADfDvxau7O30q91v7W8thbzef9lSK8ngiVmOGLFIgSSq5OSABwPb7bxT4YvNWl 0Gz1ezn1ODPmWsdxG06Y67ow24dO4r+e3w7La/s//wDBKjS/ib8JLU+H/HHxYu49E1bWbeWRZ2iT UL5EfcWIiKwo0QaMKRvyDuAI+sfjx/wTq+Afwp/Zg8QeL/hzBd6H8Qvh5pE+uW3iaG9uEv57zTYj cSM/73YPO2MAFA2EgoRjkA/Tz4p/CzwR8Z/BF/8ADz4h2H9o6JqJiaSNZHhkWSGRZY5I5Yyrxujq CGUg/gTX57+GdG/Z4/ZK/bK8I/Cj4X+Dre01r4nWGp3WteIb7VJ7m4t4beOW5Fuizu4QzTRK7nK7 hjIY7Sv2V+yn8SNb+Lv7OXw8+I/iUh9X1vSLeW8cLsElwg8uWQKOAHdS2BxzxxX5u/tI/s8/Brxv /wAFMPhVoXinwzDqFh470XVb3W4nlmUXtxZ2lwsEjlJAVKCGMAIVB2jIPNAH2V4A/aO8U65+2H8Z /gh4nfTrLwh8PNN0e8srkqYp91/a280pnmeQoVDSttwq4GMk9a+y9N1TTNZso9S0e7hvrSYZSaCR ZY3HqrKSD+Br8S4v2b/h/wDtD/8ABT/45aL8T4J9R8L+H9L0G7fS47mW3gu7k6ZYxwGfyWRmSIF2 ADD5sZyu5TD4E+zfsXftI/tO+BvhB51t4P8AD3w+k8X6fpE80t1bwalbwQlCPMZmKlpGDEsW2YDE hRgA/ay98UeGtN1KDR9R1a0tb+6/1VvLPGk0n+4jEM34Ctyv5l/g3o/wF8dfB9/EHxx+Avxa+J3j /wAZCe8vvF1hpE93G0srMIpLCcXaIyRqFwWjIZgQwKYUfrr/AME4vEXxi1r9my10r43abrGn674a 1K60u3fXrSe0v7mwjSKW3ldbgBnAWUxBxkfu8ZJUmgD7xd0jRpJGCqoJJJwAB1Jr8i/2dP8Agob4 2+LH7UTeAvFWlWVj8MfGVzrFn4M1KOJ45rubSnUjzZGlZWEkWeAi4kZFBPf6P/4KL/GuT4Kfsr+K LvSpSmv+LAvh/S1T/WGfUFZZWTHO6O3ErqR/EF9a/Gn4q/Fj4V6R+yh8IPCnwn0HxPpXxE+DF5aa 1b6hd6LLBam6dvP1ItNuO2Np8SgntGqk4oA/eX9rf9oyw/Zb+CupfFO403+2b5Z4LHT7HzPKFxeX JIRWfDEKqhnbAJIUgcnI/Pz45+D/APgpF8Sfgvrc3xd8N+AfEXhW7tor3UfCNlPqVvqAjtHW52Rz QyoDMjRhtounUlQAH+6frL4p6p+zp+15+y54WtPid4itfDmj/FOKyk0iSW7iguYtWbBSK38w4kmh lLRumDn5lPXNfN8nwp/4Kf8A7OmmH/hWnxD0b40eHNJjxFpmt25i1GSKMfdDMQ7HaMAG9JzwAaAP r/8AYX1n4OeIv2ZPCWu/Azw4PCfhq8W4ZtMMzXEtveJM0dysszlnlYyKSHc5ZNpwowo+uq+Wf2Of 2htE/aY+Cdl8QtK0RfDd3bXU+m6lpqEFLW+ttpdVIVTtZHRxlQQGwckZP1NQB+c/7Zn7Q/7QXwy+ L/wk+D3wBh0F9U+JB1CIvrsU7xLLa+SU+eGRSi4ds/K2TivOvGPxm/4KZfAjQ7n4j/EvwN4K8ceE tGQ3GqQeHpruG/itUGZJUaZjgIOWIhkwMkgAEi1+2F/yfj+yV/1+az/6DBX6d+Ip9ItfD+p3PiDZ /ZcNrM935uPL+zqhMu/PG3ZnOeMUAfH3xX/avtx+xRq/7VXwTkt70jTYLyyS9QyRxyvcx280M8aO h3xMzowD43LwSOvy3ZX/APwU5+OHwet9Tn034aan4W+IGgpM1lK2p288+n6tahjE7RSoY3aKXaSk oKno/Ga+WPg4dTP/AARn+J327P2X+0br7ED1Fv8AbbPIz3/e+Z0r6b+BvxB/4KVR/A/4faV4A+Fn g+TQY/DukxaXqF9qTb5LNbOIW800SXKsGaMKzKAME4wKAPPv2M/2eP2Rv2ibbxp4P+JXwW/4RH4i fDfUF07XLCDX9Zkti7mRVkhJv2IG+GRSu5wMBg7Bhj7++Fn7JX7HXwa+Jln4h+Gei22k+NdNSZYV /tu+up0WeNopM21xdyqcoxGWQ46jBwa+EvGXw3+M37Ff7J3x3/aA8YeI4b/4x/FK7sTe3mmAi301 bm58nEDlUIdFuZSHVQFbywv3Nzd7qv8AwTc+AGn/ALK02u2dvcRfEmy0JtcXxWL24F4dXjt/tRmP 73yxGZBjbjIXkN5nz0AfRf7fH7Q/xV/Z58FeB7/4Qw6ZNrfi3xJbaJ/xNYpJYFW5ilZT+6kjKneq 5PPGeK8l8Q+K/wDgq/4H0S98WX2g/DnxLa6XE1xNYWBvxdTRRjc4h8ySJS+0EgbsnsGOAfin4/8A xa8e/GD9gz9l/wCJGpY1XxfP4yt7cNcHaLy7057y0ieVyRzMYVMjZHzFjx2+2Ne8Vf8ABVnxpo95 4Z0/4f8AgrwbJqMTwf2o2otcPbCQbTJGqTy/OoOQTG4H900AfX37Kn7Q2j/tQfBTRfi3pVi2lS3p lt72yZxJ9mvLdtkqBxjch4ZCQCVYZAOQPQE+E/gS3+Klz8bprRpfFkmlrpAu5pndLewSQzGOGNm8 uIM/zOygFu5xXl37IP7Olr+y18DNG+FC6guq38Ek15qF2ilI5ru5bc5jU8hEUKi55IUE4JwPk79t yO8+NH7S/wADP2QdU1K50/wT4w/tHWPEEFs5hOoRadE88Nu0i4bbmCQFQeC6vjciEAH6aaN4i8P+ Io5ZfD+p2uppA2yRrWdJgjj+FihODx0NM1fxP4a8PyQQ69q1ppsl0dsS3M8cJkPogdhuP0r4S039 g/wB8FvjP4e+O37Pmoy+ALHQrS5j13QrZZ7231y32fJHma5HlMOTnDjeEYKGBLfKn7FP7Mvwv/bG +G2vftMftOWUnjrxX451S+jj+0XVxFFp1pbv5aQWyQyJsw24qf4V2hQvJYA/aye7tba2a8uZkit1 G4yOwVAPUseMUjXlmlp9veeNbbZ5nmlh5ezGd27pjHOelfgBp2qeIvB37Mv7Zf7L9/rFxrmgfCWW CLQ57pzLNDYX0sm22L5xtjECkKAAGZ8ADgfeHi50T/glVudgoPwoshknudIiA/M0Aei/Hv8AaG8Y /Dj9oP8AZ/8Ahl4TWwudB+KN5qsOpSyxtLKIrOO3aI28iSKq581skq2eMYr681nxBoPh22W88Qal baZA7iNZLqZIULnooZyASewr8ObD/kOf8E4f+wbf/wDpHYV6p4O+Ffg79tT9tD443/x7t5fEXh34 RzWWg6DoksssNrD9oE3n3DLEyMzM8DMCSd2/nIRAAD658C/tB+M/E/7bPxA/Z8uUsW8J+GfDlhq1 lNFG32p5roW5bfL5hRk/etgBB25Pf1P9qT4m+Ivg1+z545+KPhKO3l1jw5p7XVst0jSQGQMqjeqs hIwegYV+dH7Ifwa0H4C/8FGPjB8OPCU80mgWnhS0n06KeVp3tba5mtJRbh3LMUiYsqZOdmM5OSft T9v3/kzX4sf9gZ//AEYlAHq3wU+Klr4++Ffw78ReJtRsIPE/i3w7pWrT2cUqxsZb20inlMULO0mw M529cDHJr2hmVFLuQqqMkngACvxN8M/8E9vgde/sMWPxBvIbhviTP4Sg8SweIzeTi5trxLFbu2ij HmeWIIFCQhQo+RdwIbBHhvxo/aS+IHxV/Zc/Za8G+Kjr+qWfxLlv18UxaBE02taxaaDcrZmGFdy+ a9yu6SQE4LBWIxwQD+gvSPEvhzxAZl0HVbTUjbNslFtPHN5bejbCdp9jW3X84njceG/AfiTwR8Sf 2MP2dPir8OvGPhnUYPt32rQb0WGp6T/y8W9yFuLl3ZiFH3RuBbcdwQr/AEd0AY+teIvD/hu2F74i 1O10u3JwJLqZIEz/AL0hAq5p+o6fq1nFqOlXMV5aTjdHNC6yRuPVWUkEfQ1+H3xob9kJf2p/H+of G5/EP7Q3jC5MNvZeGdB0q5uIvDkMS7Tar5d0kUsh+XeQV2uHLKJGbHU/8Evb/wDsb43/AB++Hfh3 RNY8HeELObTL/T/Dmt71u9La584lHjdnZGZCoOWLFVTcSRmgD9pKKKKACiiigAooooAKKKKACiii gD//1P38ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACvzAk/Zn/aw/Z++I/jrxF+yDr3 he68JfES+fVLrRvFC3anTdRnz5s1q9sCGUnn5iBtCoUbYGr9P6yNZ8QaD4dt0u/EGpW2mQSMEWS6 mSFGc9FDOQCT6UAfmFb/APBN++8T/ATxh4W+J/jT7Z8VPG2vx+LLjxBaRsLey1iDzBCLeP8Ads0K rNMpOEP7wlVXaoEXjD9nX9vj9oXwnZfBX9oLxp4Q0nwGJrb+2b/w7Hdtq+sQW7rJsYTxrBGWZQzF VQB8Haygqfof9uz9oTxn+zl+z+3xS+G6WN3qR1KwtU+2xtPbtDdFtzARyRknAG07sexr1nU9b+Nc f7RmkeH9Ng0g/C2XQnnvJZJANWGq+bKFWOPzATBsEfPlnnd83YAHi/iP9ljXG/ai+BnxZ8GTafY+ CfhLomoaPJZSyzC8Mc1lNaWy26LE0bKm9NxeRCADgE8Hb+OH7PfjP4l/tK/A34yaFe6fBovwzl1a TUobmSVbqUX0UaR/ZlSJ0Ygod290wMYzX1Xq/ibw54feCPXtVtNNa5bbELmeOEyN6IHI3H2Fac13 a21u15cTJFAg3GR2CoF9Sx4xQB+aX7dH7CHiP9qXx54L8Y+CNctPD5gh/sjxMZ5ZopLzRftMdyiQ iKKQSSRuJGVJCqsxXLDbX0l+03+y94Y/aI+Bn/Cm4Lo+G20p7W50O8gQsNOurFSkDKgZcoI2aMjc CFYkEMAa+hpvFHhq2v7XSrjVrSK9vVDW8DTxrLMp6GNC25h7gGvmz9rH9phf2bNA8H3trpsGrX/i /wAR6foSpPceSttFeb2kunUAs6osZAGVG4glsDBAPlPxP8DP+Ckfxi8O6Z8Ivid8QfCfhrwtBLb/ ANpa94cN+muX8MDBhwyRxq7EAts8pSRzlcqfYv2+/DXwyg/Yo8Z+C/GOsJaR6Jo8MulyXk4lvHvr Db9iAaRvMkknkQRM3JYOxPevvS3ube8gS5tJUnhkGVdGDKw9QRwa+Zfjh+zV+zP8U/FuhfFP456L Z32oeGoxDaz397Lb2ojSQzKksXmpDKock7ZFYHJDAjigDzf/AIJ1/CTU/hb+zLoepeKTJL4q8fTS +J9YmnJM8lxqeHj8wt828QCPeDyHL9ya+W/+Hevxn/4YGP7LH9taB/wlf/CQf2t9q+0Xf9neR5u/ b5n2Xzd+O3lYz/F3r9etJ1XR9ZsItQ0K8gvrJxiOW2kWWIgf3WQlTj2NWLO+stRgF1p9xHcwsSA8 Th1JHXlSRQB8u/trfAzxb+0f+zn4k+EPge7sbHWdYlsHhl1GSWK2UWt3FO+9oYpnGVQgYQ84zgc1 8pftNeA9GHx6+DzfDf4k2Pw//aF0TRfs+mJqVrcS6VrWmKsiS200wiMY2sJiik7yHOF3bGX7j+P3 xy0j4I/BTxV8YIIoddHh62aSK1S5WIXEwZVEQkAfBy2ThSQAeK/On9ubxT4K+K/7L/wI+Jfizwlo niPUPGmueHrK4ErXGdPTW7GS6uo7aa1uIZkYPGgwzspAG9WOCADyTUtC+OGp/wDBR/4EwfGvxvo3 izxhapqFzcaV4chkTTtDsYLeV0+aXDmS4cSFjIof5UGSCgH7z18vfAX9nT9mD4AatqenfBPRtO03 X5YlivnF497qJjDbtsjTyyyopbkqNqkgccDH1DQB+ZPw3/ZY/aR+Fnxb+MVvoWteG774WfFm91vV pVnNymrW15qUM3kooWIxBUlkVZDvbdGu5QG+Svo39kL4HeLPgD+y/wCF/gn4xu7K81zRYtSSaawk lktGN5fXNzHseWOJzhJlDZjHzA4yME/St1rmi2KXb3uoW9utgoe4MkqIIVYZBkJI2gjkE4qJvEfh 5NH/AOEifVLVdK2eZ9rM6C32f3vNzsx75xQB+V/hn/gnT4ub9jfw18DPEviey0f4ieCdbn8QaJrW ltNPbW14ZmkiBMkcEhVlYBiEyjBWG7bg6/iX4Df8FCvjy2g+BPjd498M+D/Buk3UFxqN94Nkv4dX 1TyO26RUWPfkk7diq+G8tgAo/Uew1Cw1Wzi1DTLmK8tZxujmhdZI3HqrKSCPoazh4o8NHWP+EeGr Wn9q43fZPPj+0Y9fKzvx+FAGtbwR2sEdtDkRxKEXLFjhRgZZiST7k5Nfnb8Sf2af2g/AP7QOv/tH fska5oMd742tYYPEWgeJVuRY3M1soSK5hktsuJAB90lADvO5g5Ue0ftY/tML+zZoHg+9tdNg1a/8 X+I9P0JUnuPJW2ivN7SXTqAWdUWMgDKjcQS2Bg8z8Rv2ivFvhn9sX4N/AzQv7Pn8JePtN1i8v7hk Z7gNYWtxNEYZVkCKu6Jd2UbIzyKAPndP2Gvjf4w8AfGvxV8WfFekat8YPi9pkOlxm28+DRNNtLd4 2SFG8ppSCIk3HyjjaPvEs59N1v8AZI+I+pa1+yVqMGpaSsXwGsfs2uBppw1y/wBisrfNliAhxvtn P70xHBXvkD760jxBoHiCOWXQdSttSSBzHI1tMkwRx1VihOCPQ0ms+IdA8OW63niHU7bS4HbaJLqZ IELegZyBn2oA/OnxH+zJ+0v8Gvjh40+M37IOu+HZdO+I8ovNc8O+KFuhbDUMkm5t5LbLFnd3cgsg G4j5xtC9f8Ef2Z/jvpEPxP8AH3x68eR+I/HfxGsJ7GKwsZrldB0uJ4iiLDFIBzkICwiBVVIBcszN 9829zb3cCXVpKs8MoDI6MGVgehBHBFeX/FD4lad4R8EeM7/Q9SsZvEfhzRdQ1KKyklR5A9tbPNGZ IVcSbCVGemR3HWgDyr9kX4GeLPgF+y54Z+CXjG7sbzXNGi1OOaawklktGN7e3NzHseWKJyAkyhsx jkHGRgn5e8NfsI/EOH/gnlq37IfiDXNKh8U3k0l1De2zzzWAkXUEvoVZnhilCsIwjkRErkkBsYP1 3+yJ8WfE/wAc/wBnHwT8V/GcdtFrXiG3nluVs42igDR3MsQ2I7OwG1BnLHnNfSNAHgf7Nmi/HTw5 8LbLw/8AtCT6LdeJNNcW0MuhGY272MMUaQmXz0Q+cSH37RtxgjHIHmvxK/Z68Z+Mf2xfhB+0Lpl7 p8Xh34f2Gr2t/bzSSreyvqFrPBEYEWJo2UNKpbfIhABwCeD9jUUAfmL/AMM1/tY/AH4meNtY/ZF1 zwvceC/iLfSardaV4q+1/wDEr1O4/wBdPbG1X5kbjAJPyhUKNtDmb9mz9hvxv4J8M/HXwl+0J4js vF8PxlmSS4vbBpY7h2lSf7RLIkkSLFIJJt0YRnHAPH3a/TSigD8k9D/Z+/4KPfDb4aN+zt8PfHfg 298GwxSWGneIbxb6DXbHTnyoRUjV4leNDiLHmFMACQYXb6J4q/Yj8ct4a/Zz8M+H/Fia8/wh8VWf iDWtR125uTdX6R3CTz/ZwEn+bIKxRu6qqhQXzlj+lFFAHxz+2H+z34z/AGg9N+Gln4MvdPsn8G+M NN8QXh1CSWMSWlmsgkSHyopcyneNobap5ywrzb9oL9nP9ofUf2pPCn7Tv7O+r+Hor/TtC/4R/ULH xB9oWJrf7RLMZI2t45CSwlxj5SpRSNwYgfofRQB8KfDH9mHx74L+Jv7THjTVNQ0yWx+MxtP7HSGW ZpYPIt7uJvtYaFVTLXC48tpOAenAPlo/Yq+KY/4Js/8ADHX9q6N/wmf/AD9+fc/2X/yHv7U/1v2f zv8AU/L/AKj7/H3fmr9PaKAPzv8AjZ+yH8TNe1T4W/GT4HeJ7Dw38WvhlpUGkb79ZZdL1KzWPbJb zlFMioC8pUiMkhzkKwVlpeCfgP8AthfEn44eGfi5+074y0jRNE8Fh5LDw54Onvo7a7uGIO+8aYgs mQpKlpAwXbhQW3fo7RQB8c/s9/s9eM/hN8efj18UfEV7p9zpXxR1LTbzTIrWSV7iGOzW5EguVkiR FY+cu3Y7g4OSOM/Y1FFAH5heCv2Kvil4c/ZP+OPwJvtV0Z9e+JniDVtW02eOe5NnFBfparGtw5tx IrgwNuCRuBkYJ5x9Jah8DPFl1+xSv7OEd3YjxKPAsPhj7QZJfsP22PTlszJv8oy+T5gyG8rdt52Z 4r6rooA8W/Zy+HGt/CH4E+Bfhh4lnt7nVfDGk21jcy2jO9u8sK7WMbSJG5XPQsin2FfMf7VP7OXx 68ZfHD4cftE/s6axoVn4n8D2t9YPa+IBOLWWG8R03A26OzELK4K/Lj5SGJGK/QWigD4v+FH7PXxA 8Hftc/Ff9oXxJeaZJo/xA0zRbW2trSWZ7mKewtLeCcyLJCiBC8TGMrIxKkEhTkBND/Zs8UW37Z3j 39oHW7jTrrwf4v8ACkPh9LISTG981Wt/MMsZiEYiZYmGVlLcj5Rzj7RooA/J/wAF/s1/tz/sw6Zr Pwv/AGZPFXhHXPh5fXc9xpP/AAk63i6ho32li7onkK0bqCc5beGbL+Wu5lP2N+yj8CfE/wAAvhk/ hzx34yvfHPijVbyXUdS1G7mlljE8wA8q2WVmKRIB7FmLMQMhV+mqKAPjn9tD9nrxn+0Z4R8B6B4J vdPsbjwv4w0zxBctqEksaPaWUVwkiRmGKUmUmVdoYKpAOWHGdn9rz9mZf2mvh3YaLpOtt4Y8W+GN Qh1jQdVVS32W+t87d4Ug7GzyRyrBXAbbtP1bRQB+VviX4Df8FCvjy2g+BPjd498M+D/Buk3UFxqN 94Nkv4dX1TyO26RUWPfkk7diq+G8tgAo9X+P/wCzB8VLj4xeHf2mP2Xtd03RfH+i6d/Y19Y64J30 3V9NB3LHM8W6UOpxz1bCHehQE/fdFAH4ieF9B+Pum/8ABT/4X63+0VrOkah4j1rwzqksFnoSTLp2 m2kcF2iQRNcfvHJYO7s2fmbAYgDHt7fsy/ti/BP40/Ejxl+y54k8Jz+F/irqT6te2viZLvzdPvp2 eSWSEWyEN80jbSWII2q0fy7j9/ar8G/hvrfxU0X416no4m8aeHbObT7C/wDPnXybWff5kfkrIIW3 eY3LIWGeCMCvTqAPzN/Zv/YU8V+AfDnx28G/HTxHaeMLL4xypJNfWZkiu5HljnN1PLG0apFIZp98 YRpAMZJHSuF0P9n7/go98Nvho37O3w98d+Db3wbDFJYad4hvFvoNdsdOfKhFSNXiV40OIseYUwAJ Bhdv62UUAfmp41/Yx+NGhfC/4VWnwN+Kt4vj/wCF081y91rt1dPp+ttdMHnS7jVpSEUgpCu19sRK E5O8U/C37Mn7Tnxc/aB8B/Hj9q7U/CthF8NVnfStM8LR3Jee4mAG65mufmCBgHCh3HG0Ku5if03o oA/PD4d/s5/tD/CL9r7x18UfBmseHr34YfE++gv9atrz7QurQtbwyhFtgkZiyJZScs+GTghSK+7v F3h+Lxb4T1rwrPKYI9ZsrmyaQDcUW4iaMsBkZwGzjNdDRQB+S/ww/YW+NWofsxeJP2Q/j7rmgTeD 7RQ/hXU9GFzJqFrd/a5bszXMcyRI6bpANgbO0sm7kMLWv/s+/wDBRD4qfDpP2e/ih488HWXgqVIb PU9f02O9l17UbBGG6NklRIQ7oMSEBN3QswL7v1eooA4z4d+A/Dvwu8CaB8OfCUTQ6P4bsoLC1Vzu fyoECBnbA3O2NzNgZYk18W/tU/s5fHrxl8cPhx+0T+zprGhWfifwPa31g9r4gE4tZYbxHTcDbo7M Qsrgr8uPlIYkYr9BaKAPi/4Ufs9fEDwd+1z8V/2hfEl5pkmj/EDTNFtba2tJZnuYp7C0t4JzIskK IELxMYysjEqQSFOQMsfsq63q/wC1r8TPjH4tm0+88CfEDwYPCz2KSzC+PmCBJ/MXyljWNkjcBllL cj5R2+5KKAPyY8H/ALO3/BQn4A+Crv4GfA3xr4P1jwMHnTR9U1xLyLWNKt7hi5VVhR4SUZ2KZEoz yAq4Qfc/7MnwU1P4BfCPTPh/r3ii+8ZawjyXV/qd9NLK0tzNjcIhK7skSABUXPYsfmY19AUUAfDn x8/Zo8e/HP8AaX+EPjnVb/TU+GHw0kk1OaweWb7fdatuLxN5QhMLRI0UHLS5x5g288/ZniDQtK8U 6DqXhnXbdbvTdXtprO6hb7ssFwhjkQ+zKxBrXooA/IjwN/wTg8aXX7NOtfs3fFfxTaCHQfEEuueB 9a0mWaS705nD4W5ilhgAUsxdkjdstIxDgqjV0sHw7/4KxQ6N/wAIEfiJ4Ge18nyR4iaG5OphAuzd t+zeWZsc7jGeed+a/VKigD4J0D4KH9in9jHxb4c+Gniu3s/EOm2d7rM/iDWFAt31R0XzLiSPZMAu I1RE2uThQdzEk/RX7N3iPxv4x+Afw/8AF3xJbf4m1vRbK+v2MSwEy3MQlyY0CqhwwyoAweMV7LdW tte28lnewpcQTKUeORQ6Op4IZTwQe4NT0Afnf+2R+zT8ffi58WPhR8XfgHq/h7S9W+G51CQf29Jc iNpbrygm1Le3n3qAjbtxXGRjPOPL/GX7OP8AwUd+Omh3Pw9+MPxb8J+HPCGrr5OpJ4as7iW5uLZv vxZnggba44YCVQRwcrlT+sFFAHxj8V/2UrW8/Yx1X9lL4MNbaYh02CxsJNSkdYi6XMdxLLcSQxSN vlYO7FYzl26AdPoP4L+DdT+HPwd8CfD3W5YZ9R8L6Dpel3MluzNC81laxwSNGzqjFCyEqWVSRjIB 4r0uigDyX47fB7w58ffhH4m+EPit3h07xJbeSZoxl4Jo3WWCZRwCYpkRwp4O3B4Jr89W/Z8/4KMX /wAK2/Zp1Hx94Mj8FfY/7JbxJHFfNr0mk48nyTEVEPmGH5GOd2P+WxbLn9ZKKAPze+Nn7DN/rXwX +C/wX+C17ZWOmfC3xFY6rM+rSyo9xBB5rTspggkDTyyylyCqJknkcCv0hoooAK+LP2sv2ZPF3xj1 bwR8V/g74it/CvxP+G11JPpN1eI72VxDcACa2uQgZgjAfeCPwXXbh8r9p0UAfmt4W/Zx/ak+L3xy 8G/F/wDa313w5baV8N5JbrRdC8LLcmGW+kCjz7iS6G4BSiuBufJAGEBbdy/hD9mL9sX9l7VPEvhP 9lDxF4S1L4b+I7+W/s7DxSt6LjRJbjh1gNsCJI1AUDcxzgHywS7N+qNFAH55/DL9hGDw/wDAX4o/ D74geKH13xz8Zxc3HiPXkjwn2yXzDCYYjtJjgeQuFJUsS33FIVfnq4/ZO/4KC+KPgNJ+y14n8deD LLwPpmmHT7W/tEvX1O+gtY/9BtJ2aIJFAGSOOV0TzFjBx5vIb9kaKAPzVtv2N/ibDqX7Jl42qaOU +A9pcwa4BNcZuXmt7aJTZf6P84DQtnzfK4I46gafxJ/Zv/aG+H37QOu/tEfsjaxoS3Pjq3gg8S6D 4m+0CxuJ7VdkN1C1qN4ZV6jcuCXOWDlR+i9FAH5v/svfssftB/Df9pbxx+0P8dPFWi+JL7xxo8dr MNM+0Rm3uVlhKwxxyxKv2aKKEJG2/ecDcmck/VH7T3wu1/41fAHxv8K/C1xa2ureJdPa1tpb13S3 RyytmRo0kcLx/CjH2r3iigD8hLH9mH/goXZ/Bez/AGWB4/8ABw8ByWEWmXGurFfHW7fTnQJPZRJt ELoqloo2O1miAy8ZOF9y+MP7Cdlr/wAGPhj4L+C/iA+E/GHwXkjufDOrTqZEM42tOLlVz8tzKiyO QrYYfcZSVP6E0UAfl7f/AAE/bu+PHi3wpaftDeNvD3hDwT4XvY725g8EzahBe6tJDwFlkl2lEcZB wwC7iRGW2lf1CoooA/KjQP2Zv2yf2fvjF8T/ABP+zfqngvWPDXxS1WTV5j4oF8t3Y3EskspGbVcu qGZgCXfcACVU7i3ffslfsmfGv4D/AB4+I/xR+Jfi/TPGVt8Q7O2lubyFZbe9/tONw8i/ZjH5K24L yLGVmztVP3a5IX9GaKACiiigAooooAKKKKACiiigAooooA//1f38ooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACvxc/Zj+Bnw4/bl8WfGD4/ftHWcvjCSHxTf+GtF0+4uJ4INL02xWOSNYkg kjKuVnUZPIZS/wB92Y/tHX5gSfsz/tYfs/fEfx14i/ZB17wvdeEviJfPql1o3ihbtTpuoz582a1e 2BDKTz8xA2hUKNsDUAfLX7Y37OOq/sw/sKeIvh8PGU/inw3L4ysbvRLa5gMcmk2crvi0Eplk81Rg NkLGNxYhfmNfUHjydLX/AIKy+CLqQErD8MbhyFGSQt7fk4Hc1wPi3/gnV8VfEH7Nfi3wZc+LtM1r 4q/EXxPa+Jde1O7ae303fAznyLfyoJJNqeYxUmJcliMIoAH154g/Z68Z6r+3J4a/aZt73T18L6N4 Qk8PzWzySi/a6e4uZg6RiIxGLbMoyZQ2Qfl6EgH4t/A7xZ8LPjlD4t+M/wC078EPiP8AGjxR4s1G 5WC90TS7i90jTrFceXaWckd3DtaIlgRg7AFC4O4t7V4F1H4m6f8AsJ/tOfDbxZ4f8U6J4O8MxiTw j/wlthNZ340q8kfbakyfI/2cQqWEbMEMnZWUD6s8Nfsxftifsu6x4p0H9kjxB4T1T4eeJr6XULXS /FK3iz6NcXHDi3a2BDxqqqAWY5wMx7tzN1mj/safF6H9lf4p/DTxj4//AOEv+JfxTEs91e39xcjS bSd33LDbqUd44gSxLJCu4kDYFVQAD5F1D9hj4JP/AME7z8bdWs7u/wDiS3gy38VLr819ctcpMlml 3DAqmTyhFHEFgVdnCgEEMAw5/wDai8L+Hvit+yr+yZ8VvH1kNY8Wa9qnhjQr/UJpJPOudPuIJ3mi kIYAmV13s+N5bPzV+q+ofAzxZdfsUr+zhHd2I8SjwLD4Y+0GSX7D9tj05bMyb/KMvk+YMhvK3bed meK+c/ir+xd8U/F/7HXwn+C/hnXdKsfHvwru9J1KG4laZ9NuLrTYZYigk8rzQp83crGLkqFIAJIA P0L8DeBvCnw18JaZ4F8D6cmk6Fo8Xk2lrGzssUeS20FyzHkk8k1+Pv7TT/snr+1nrupftAajrnxq 11NPtrfS/Amh6ZcXKaEuxC7M0Vykckk3D7TtKl8spzGV/W34VL8T0+H+jr8Zm0tvGYjf+0ToxlOn l/MbYYfPCyY8vbuyOGzjIwT+fN9+zR+1p8G/2jviN8ZP2ZtS8I6tpXxTkhnvrbxV9sWazni3EeW1 quWjDuxGH5UhSmUVqAPn7/gnpe2Ph39sX4yeAvAnhbXPh14IvtBttXt/DGvK8d1Zz7rZVkeKR5GQ uJnZQWJ2MqkkKK+kP+CRn/JmWj/9hfVP/R1Xf2cP2Sv2gPhb+1T4m/aI+KvjHR/GB8c6EbTVWtkn tZ7e+86Bo4raAxNG1rDFbrEjtKrkclARz5p8Nv2UP25v2fNO8QfBb4E+OvCcHw01q/ubqy1PUobt 9a0mK6wr+REi+S0qgZXezIWG7Me4igD4+8D+CPCPjP8A4JZfF3WfEFgmoXHhnxZq+paZKWcfZ7r/ AEWESrsYBj5cjLhsjB6ZxXX/ALUPwd8H+C/+Cef7P2i/DSxHh258aeKPCepXk8Ekpd9U1DQ50kut zsxVyQp+UgDHAFfZnwg/YT8aeB/2KPiJ+yv4j1/T31LxVeajPY39qZpYEjmWD7MZw8cTBt0I8wKG Cg/KzVyOsfsi/tZfEX9nL4b/AAc+I+r+Ehqnw08WaHf2VxZzXqxS6Ho9lJahJGNsS10WcEYRUZep UjkA8S/bY/ZK+Dv7I/ww8D/HD4DWl74e8b+GPEemQtqn2+5mnvlmEnmtcCR2TfIwyxRVBBZNuw7R +69fHP7cn7PXjP8AaZ+C9v8ADnwJe6fYalFrNjqJk1KSWKDyrXfvAaGKZtx3DA249SK+xqAPxFT9 nfwF+0V/wU8+O2h/FOO41PwvoenaBfSaSlzNb295ef2XZxW7z+S6MwhV5SoyOW67Sytx37N/7H3w q8V/tVfHL4EeLlvtX+F3w1vra+0nw3Lf3S2KXmrxZE7hJQ7vDDGYlZmJIOWya/SX4a/s9eM/B37Y 3xf/AGhdTvdPl8O/EDT9ItbC3hkla9ifT7WCCUzo0SxqpaJiuyRyQRkA5APgn+z14z+G/wC018cP jPrl7p8+ifEt9JbTYbaSVrqIWMLxyfaFeJEXJYbdjvkdcUAfld4Z8eeIf2UPg1+2n4M+Fd9cWWne BfEOn2fh5WkeVtOGtXL2kjxuxLK8cQUq5Od6KxyTz5tD4D+BF38BYtO0j9nf4xS/FaWwW+g8ZR6J ctK+uMnmrdCVbwg27TdMRlvL+YfvPnr9RtE/Ye1DW9R/ac0n4oX9lJ4b+Ol9aXOnmwklkurMWpmk jlmSSKNBJHK8ciqrupKkMcdfLh8Bf+ClVn8L4/2ctP8AH3g1PCUNuNMj8UKL+LX00tR5aptVfLWU RDaCMtj/AJbbvnoA+YP2nvDF38Vf2Yf2Yfib8d/DFzbfEjUfFGleF9YfUorizvpLBJb2ORJoZChU 3BiWYttDHduUhSK9L/ao/Zy8AeIv2yP2af2dtEt5tA8Gvo2sW7W1jcSxP9ggSe5nthKWMgWdEeJ/ myVdhmvq39of9jPxp44/Zn+H/wAI/hj4sE/ir4a6tp+s2epeIJJpvt9zZpMshuJAJXXe8xdRhgu0 R8L8wt2f7PH7QXi79ob4E/tB/FO/8OLqPw/0vWrTxBBpkt0Flnv4bqG3NkksGGULLGZPMdCCG27g BkA+afEnwM+Hv7I/7e3wA/4UFaT+F9L+IkWsadrGnx3U81tcR2sClCwneRj80itjdjfGrABsks+A 3wb8Fftu/Hz44/FX9oy2l8VWXg7xHc+GNA0a4nlitdPtbRmUv5cLp87qEz2372O5iCv218c/2evG fxN/aS+Bnxi0G90+30b4ZT6tLqUNzJKt1ML6KJI/sypE6MQUO7e6YGMZrxfW/wBmb9pr4KfG3xt8 XP2Qtc8OT6R8Sbj7drXh7xSt0LePUSSz3NtJa5Yl3d3YFkxuK4cBNoB8d3XjXxH+wx8Rf2lPgf8A CnU7pvCWl+DV8U+HLWd2uzot7czW1qRF5hbCK92XO4HIRC+TuLehab/wT9+CWq/sPL8TJ4rmT4n6 p4UbxU/iY3tx9rbULmzN6ysfM8toTuMTZXLKSxO87q+nPhP+w/qdy3xT8cftO+IIfF3jz4v2Emj6 nLpatBZWGmMiqtvZeYgfK7EIdl48tPlJDM/jkP7MX/BQXT/hDffsraX498If8K7FpNplrr80V7/b o0llKJZmNV8lQY/3RPzFIyQshIUUAfTP/BN//kyX4W/9eV3/AOl1xX29Xzp+yX8IvEnwG/Z38F/C Txfc2l5rHh23miuJbF5JLZmkuZZh5bSxxORtcA5Rec/WvougAooooAKKKKACiiigAooooAKKKKAC iiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKK KKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooo oAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAP/9b9/KKKKACiiigAooooAKKKKACiiigAoooo AKK+F/2y/wBr3V/2dpPCXw++Gvhg+M/iZ8QZ2t9G09mK26bXRPMn2lWYMzhVUMoOGZnULz80eKfi 7/wVe+FXhy/+J3jDwH4M1/Q7CI3d9pmntK11a20Y3SlNlzliqg52tMR1AIFAH6/0V4F+zL+0F4Y/ ac+D2jfFvwvbvYJf+ZDd2UrB5LO8gO2WEuAAwBwyNgbkZWKqSVHvtABRRRQAUUUUAFFFFABRRRQA UUUUAFFUNV1CLSdMvNVnUvHZwyTMq/eKxqWIGcDOBXy3+yj+0pf/ALUvwX1D4t6ZoK6Ix1C/s7Gy abz2K2wXyjK+EG5y3zAYA6ZOMkA+s6K+dv2YPEv7Qniv4YjVf2mfDdl4V8ZfbZ4/sdiVMP2RQvlP 8txcjcxLZ/edug7/AETQAUUUUAFFFFABRVLUtRstH0661bU5lt7OyieeaRvupHEpZ2PsACTX5afD z9ov9tP4q/slP8cvhR4X0vxL4r1/xTdJpGnXEKwwxeHYS8O591zbh5UnjZd3mcj+E9aAP1YoqC2a d7aJ7pQkzIpdR0DEcgde/vXxZ+35+0X46/Zf+Ay/E34eW1hd6sdWtLHZqMUk0HlTrKWO2KWJt3yD B3Y68UAfbVFZ+k3cl/pVnfTACS4hjkYL0BdQTjOeOa0KACiiigAooooAKKKKACiiigAooprusal3 IVVGSTwAB3NADqK/H3wv+1j+2Z+1x4s8U3P7Huh+G9C+Hnhe7ayj1nxJ57PqEyfNhPK3bS6FX2CL 5FZd8gLAV7n+yP8AtefEb4lfFDxd+zZ+0T4WtvCvxS8Gwfa3+wMxsr203IDJGHeQqQJonXEjCRH3 ALtIoA/Q+iiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiii gAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKA CiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD//1/38ooooAKKKKACiiigA ryT46/GHw98BfhVr/wAVfE0T3FnokKstvGcPcTyusUMKnBxvkZQWwQoyxGBXrdfPH7VXwQk/aH+B fiT4XWl2lhqF+kU9lPLny0urWRZohJgEhHK7GIBIViQCQBXVgY0nXgqz9y6v6X1NKKjzrn26n436 J/wWB+McfjBL3xF4Q0Sfwy8v7yzthcR3iQ5/guXldDIB1Ji2tjgLnI/fPwb4s0Xx54S0Xxt4blM+ la/ZwX1q7DazQ3MYkQsp5U7WGQeQeK/l40T/AIJy/tb6t4wTwndeDDpkfm7JdRubmD7DGmcGXzI3 cuuBnCKz/wCzX9N3ws8BWPws+G3hj4cabM1zb+GtOtrBZmG1pTbxhDIQMgFyCxA6E19nxnhsupxp /Umubryu6t5nq5rToJR9la/kd7RRRXwR4x+en7cn7KXxF+NWoeCfjH8B9ch0L4nfDWaSbTvtAUQ3 cbuj+WzsrqrIyEoHUxuHZXwDkfLd/wDt4/tpfAmyltv2sv2fG1DQ4VMV3q2jl0thE3ylpJEN5asW H8JkiB9ulekftyal+0j8Bvj34F/ao+GUeseLvh9pNobHXvDdrc3BtVb98pnkt03ookjlG2byyEki Uv8AeUHO1v8A4LE/s03fhadNE8L+I9Z167jeCLRZ7KGPzZmG0RSyCaVQjE7SVV2x/AelAG74x/ay +CPwr/YK1r42/sh6TYaDb312un2VjFZxWn2PWbopHK1zAgKGeGEeaM7lcKnLIRXC+CP+CcHi74g/ CzT/AImePvjX4xg+L2v2Kail9DqLCzsbi5QSpAYseaypuCuUmTkfIFAAPgvw1/YZ+MWvf8E6/iDo Wp6K2keMPFWtReKNJ0GRDFLHFZKqrCY2OY5p4/NCI3I/dhsEnH0L4A/4KufB3wh8HNP0H4k6PrVh 8UvDllFpt14e+wSrJcahbIIvkkb5Y1kcAkSYdMkbWIG4AxvhP+0p8Uvin+wB8d9M+I+oSj4hfC6y 1bSbnUYZPLuJfLgYwzM8W3EqlXjLry2wOSWLV5N8Cf2Q/iR+0V+yjZfHX4nfGTxXH4iTTLqXwzaW d+Y7Oxi07zIrdp1KlpJJGiLO6OjlWBZi+TXXfCD4J/Eb4b/8E+v2i/iR8WLE6T4k+KdjquttYsCs sFs1u7R+ajfNG7vJI2wklVK7sNuUfa37FI/418eCh/1Ll9/6HcUAfAv7JXwO+KX7fnwSTx38fvi/ 4nt9P0J20PRLTSrpLcMbJEY3l8WR/tMpZwu5sSHZkyc8df8Asr/tTfEb4R/sW/G/WvHWqS+LNW+D erz6TpdzeyNIztM0dtaxyO7F2jS4bcASSEOwHAGPfP8AgkB/yZ1a/wDYd1P+cdfIH7OXwc1X49/s 3/tffCvQdn9rat4tnkshIdqvdWU4u4Yyxxt8x4gm48Ddk8UAcb8MvC3wG+Mnw+t/ir+0h+1rqOm/ FTxDG96iWmuRW0OjvLkxRG2K53KMGSONoVX/AFaBdu8/oD/wTM/aM8ZfGTwT41+HXxC16Pxbrfwx 1NLBNcjcSDUrCcyrbTF8ZkOYJMSnl0KlstuY/B3wX/aC/YO+GXwms/Af7UXwTs9I+KPg23XTtQtL jwxBNdahJbjYk3mSIMSyKAZDMyZfLAsCDX6I/wDBOtfE+veCfFHxK1z4SeHPhLpfiS9QaNa6NpZ0 29utPgMhSW9y580DzNsLbI84dwu11NAH1t+0F8VI/gh8E/GnxYaBLqTwzpk91BDISEluQu2CNiOQ rysqkjkA8V+Uv7Pn7GHjL9rP4WWP7RP7Q3xc8Wr4q8ZLJfaZFpN8tra6bAWZYCsRR1+YAOEi8tVR tv3ssP1M/aT+Ft18bPgL46+FenypDe+ItLnt7V5f9WtyBvgLkchfMVcnsOcGvyz/AGYv+ChPw4/Z u+C9h8Bv2nNJ1nwh45+HcL2H2M2EkhvYI2ZoDERwrbCFy5WNsB1cq3ABt/s7/Gj4x6T4I/aX/ZZ+ L3iGbxB4l+Eei6pJpeuNIwu57L7LMqMz58wlCI5EdmaQeZtLfKteU/sWfsh+Lf2sf2ftN+JPx3+K ni02Ltd2nhuz0/UjEltDbXEqyXUxkWTzZWufMC5wQigFiCoTsf2efA3xF8beGf2pf2zfiBoknhq0 +J/h7V4tDsbgEXJsEtpm8yRSMhdkcKI3HmEOwATYW89/YJ/4KG/Cn4Afs16X8M/jfZ6po76M99ca Jcw2Mk8Oq2c91LK4hcYXzI7lpYyWIj4A37gwAB6t+z1J8QviZ4M/aA/Yc+O3jbV768+GU8T6frtl dGDVLiwjkeRUM8glYx5iiJD7m2TNHuwq4zP+CTvwf0yx+AesfHeDxDrX9qTprOlDTDeD+yI0XypB OlsEDC4ygHmb+hPFekfsG/D74h/EbxP8c/2tPGmhzeHf+FtNJbaDY3KlJjYjeRIwbB2EeSiNwHKO wG0qT5X/AMEuPjp4S0X4UeI/2T/EFrf6V8QdLfXNQktrm3McflIkauhYncsqNkMjKCMGgDmvgB+1 F45+C3/BLzxJ8Wjqk+r+LpPEF1pel3GoyvdMlxdGFFcmUtu8mPzJVU5UsoBGCa9g8Ef8E4PF3xB+ Fmn/ABM8ffGvxjB8XtfsU1FL6HUWFnY3FyglSAxY81lTcFcpMnI+QKAAfm39n34GeJP2gf8Agk94 l8FeDYftXiCy8SXeqWFv3uJbPyWaFD/fkiLqnYsQDgHI+nfAH/BVz4O+EPg5p+g/EnR9asPil4cs otNuvD32CVZLjULZBF8kjfLGsjgEiTDpkjaxA3AHlemftN/Fj4l/8E4PjZp/j/VJ4fiJ8MLuLRrr U7eUw3Myi9gEcrPFsIkH7yJmH3wm4kszVp/Cv9h3x/8AtC/s1+H/AIz/ABJ+M3i3/hO9T0SK80OK 1vRHp1hDHBtskaHbvdnjVGldHjZmYklmy7eeaX8E/iN8N/8Agmx8f/iR8WLE6T4k+Kd5ba21iwKy wWzXsDR+ajfNG7vJI2wklVK7sNuUfrp+yV/yaF8Jv+xO0j/0ijoA/Mz4cftO/tC+Jv8AglT4t+JG jald6l458LXcmj/2suZb5bBZrcyXRYAs0sNvOy+b95Qvms25Sx8D+HHw6+B/xP8Ahvo/ib4DftQ6 3ofx8eG0mmi8Sa3Jp0E+oFkaeAq8QkdQd/l+XJODxu3gnHqf7DfjL40/D3/gmx4w8Z/AbQ7PxJ4n 0rxReytYXlvLdCaz+z2guDFDDLEzyIh3hcnIUgKxIFeM/G74tf8ABOj45fBS6v8ASPh/NoXxy1Gx EdvpuhabcWbx62ygEMIdtrND52d24NKydFEh4AP1J/bS+IPj/wCFH7BGrweO7u2vfiDr+l2fhqeX Tixgu9R1ELb3T2+Y4mG+LzpFGxcHgCvnT9vfw3rv7Of/AATr+H/gPwhqdzot94dvdE0+e4sZ3t5J JRazm5O+JlOJJtzkZwTXAaR4Z+JHizW/2MP2TviuZ5da8PJceNfEVvdEtJDa6fJM2lwzgknKxo1u wPQnHHNe/wD/AAWR/wCTR7T/ALGbTv8A0Rc0AZf7aXjf4qfE745fB79ij4Y+KbjwfF44sG1XXtRs nZLs2MaykoHUqwXy7acldwEjFFY7cg/GH/BRP9jjVP2avgjY618OviD4j13wTqGp21tq2j67eLeI t3ske3vISqRqnIZXAXdlx823IH1v+2foPjH4GftD/CH9u/Q9Fn8Q+GfCWmpoviK2tF3z29rKlwn2 jbwCDHduAxYKrogYgNmvlv8A4KNft1fDn9pH4IW3gD4GWmpaxpdvqFpqGt6pNZS29tZqodLe2JcD 95JK2cn5cJhSxJ2gH0x+3z+0L4n0nxd8J/2W/DfjpPhhpvjGwg1DxF4jMvkvbaaxaJUSQFWTd5Mp O1lLtsTcFLZ+Vfi1qHwj/ZX0XT/jP+x7+0teeKPEukXcH9p6BqesxalFq9vM6pIfJjSMEgnLhlYh MujIyAn6J/b9+Ft94X+K/wAHv2udQ8DJ8RfA/hrS4dJ8T6S1qt4qWa+ayzyQuGQgLcyFHYBUkSPc RkEeU/En9or9jbxraaP4I/Yu/Z+8PePPiNrtxAsVvfeFIltLWEt+984DynLDhSwcRICXaTC4IB9v /tNp8Zv2hvAvwo134e+N4fhZ8JfEtpa6x4p1kamljfR2t7FFNDDHK2zgIWBw4Duy7lKqQfzE/aWb 4IfssDQviX+x/wDtE6r4i8cWmpRLeac+tJq8F3bbWLySvbIsRAYKrpIWVw3ABHPtX7fuiR+D/jN+ z5D+0PoUjfAfQ9EtrXUrHw9HLb6VBqsYlSeOGNH3RxqBb+Wm4OYFZUbcGNfPP7aHxB/Zf8c/BN/D 37GnwrWPQNDv7W98QeLINGe0itk5gt7VrmaMTs00swJ3sB8oADbiVAPtX/gpB8Vdeh+JPwY8HePP FGt+Afgt4otmu9d1LQfME8k5yTCzRqxZY18s7cPw7P5bsiitL9nP4R22hfG7wn4w/Yq/aBi8afDo hv8AhKPDuu601zdrbFgC0FqlvuV8MWQyRxMrqAZCrsB2H7TP7S2rfDmP4Raj8QPAeleOv2a/GOi2 M2q3smmtqFxBczQny2+eQwKoV4ZI90QZx5iq24DHwvqmjfs6fFP9qf4RXv8AwTk0XVLDXNP1eK+8 QXtrDeW+l2tkk0RZ5EuWBRVTzFkRAkcit5YDs4FAH9K1FFfLP7SH7WHgz9mfVvAekeLNI1DVJfH+ oPp1o1iIisMiNCpaXzZEO3My42gng8dKAPqaivE/2iPjl4d/Zv8AhHrXxh8VWF1qemaI1qstvZCM zubq4jtl2+YyLw0gJy3QHHNbfhD4q6N4y+DWlfGqxtLiDStW0SLXY7eQJ9oWCW3FwI2AYpv2nHDY z3xzQB6jUU8EN1DJbXMaywyqUdHAZWVhggg8EEcEGvnT9lr9pjwn+1b8Np/ib4N0u+0iwg1CfTjD qAiExkgjjkZh5Tuu0iUAc5yDxX0hQB8yfFLxx8FP2Jfghrvjqy8O2Xh7QLCTzY9L0e2hs1vNQucI kcccaqgeQqNzY+VFLHha+RP2GPhF8WvHfxa8Vft2/Hqzj0TW/H9ilnomjIpBtNLPlFJXDcqWjhjV M/MwLuwG8Cuz/wCCn+sfBDS/gX4dj+Pln4gvvD03iS1MUXh2W2iuGuo7W6ZBMboFDDs35AG7dtIO Aa/Ry2eOS2ieJdiMilVxjAI4GB6UAT0UUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRR QAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFA BRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAf /9D9/KKKKACiiigAooooAKKKKACiiigAooooAKzV0bR11A6stjAL5uDOIl808Y5fG7p71pUUAFUp dM02e7j1Ca0ikuoRhJWjUyIPRWIyPwq7RQAUUV4J+0n+0R4J/Zf+F118VPHcNzd2UNzb2kNrZhDc 3M9w2AkQkdEJVA8hyw+VGxk4FAHvdFeU/BD4w+E/j58LPD/xb8E+Yuk+IIWljjnCiaF43aKWKQIz KHjkRlOCRxkHGK9WoApXOmabezQ3N5aRTy25zG8kasyH1UkEj8Ku14D8P/2hvCvxF+NHxF+CGk6d e2+r/DX7B9uuJxGLaf7fGZU8gq7OdoGG3KvPTNe56heR6dYXOoTAtHaxPKwXqQiliBnvxQBbqld6 Zpt+8Ul9aRXLwHdGZI1co3qpIOD9K8a/Zz+PXhr9pX4UaZ8XfCNhd6ZpmqS3MUcF8IxOptZmhYsI ndcEqSMN0p/xe+OOk/B/XPAWhaloWp6xJ4+1u30OCTT4lkjs5Lh1QT3RZl2QruyxAJwDxQB1Xxg8 Par4u+EnjbwpoUYm1LWtD1KytUZggee5tpI41LMQACzAZJwO9fO37C3wS8V/Br9lrwf8L/ixpNvB r+iz6jLLBviu0jM99PNEyyIXTJRwcg5Gcda93tPjV8PtQ+M178BLG9efxhpmk/21d26xOI4LRpYo k3SkBS7mVSFXJwCWxxn1egAqFbe3SZrlYlErgBnCjcQOgJ6mvLvhJ8avh98cNM1zWvhxevqOn+H9 WuNFnnaJ4ke7tUjeXyw4DMi+aFDYAJBxkYJ9XoAKpS6Zps93HqE1pFJdQjCStGpkQeisRkfhV2vK PHXxq+H3w78a+Cvh34lvXj8QfEG6ntdItY4ncym2QPM7MBsRIwy5LNklgFB5wAer0V4Bpf7Q/hXV f2ktX/Zjg069TxBo2gL4glvGEf2Nrd5oYRGpDmTzMzKeUAwDz0r3+gAqhHpemQ3smpRWkKXko2vM saiRh6FwMkfjXj/wJ+OOk/HjQ/EOu6RoWp6BH4e1u70OSPVIlhkmktEidp4grNmF/NAUkgkg8V7f QBSOm6cdQGrG1iN8I/KE+xfNEec7N+N23POM4q7RRQAhAYFWGQeCDVazsbHTofs+n28dtFktsiQI uT1OFAGT3rwv4f8A7Q3hX4i/Gj4i/BDSdOvbfV/hr9g+3XE4jFtP9vjMqeQVdnO0DDblXnpmvfqA CqVrpmm2Mks1laRW8k53SNHGqFz6sQBk/WrtFAENxbW95A9tdxJPDIMMjqGVh6EHg0ltbW1nAlta RJBDGMKiKFVR6ADgVPRQAySOOVGilUOjghlYZBB6gg1WsdPsNMtxaabbRWkAJIjhRY0BPU4UAVco oAKKKKACiiigAoryj4SfGr4ffHDTNc1r4cXr6jp/h/VrjRZ52ieJHu7VI3l8sOAzIvmhQ2ACQcZG CfV6ACivBvgn8e9C+O974zuPBunT/wDCOeFdVbR7bWHZTb6pcQLm6a2UcmKJyEEn3Xzlehr3mgAo oooAKK5Hx74j1Pwh4K1vxVo+jTeIbzSLSa7j063dUnujCpcxRFsjewBCg9Tgd6wfg58WPCPxx+Gm gfFPwNcefpGv26zIGx5kMgJWWCUAkCSKQMjjONwOCRgkA9MooooAKKKKACiiigAooooAKKKKACii igAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKK ACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooA KKKKAP/R/fyiiigAooooAKKKKACiiigAooooAKKKKAPnH47fHhvhTLZ6Lo9lHfavex+f++LCKKHc VDMFwWLFWAAIxjJPQHO+Bf7Qc3xP1K48N+ILGKy1SOIzxPblvJlRSAw2uWKsM5+8QRnpjmt+0N8C tX+Jd3Y+JfC80Q1K0h+zSQzNsWWIMXUq2CAylmyDwQeoxzmfs+/ADXPh9rU/i7xdLEt75LQW9vC3 mbA+Nzu2MZwMADPBOTXalS9l5nzkp4367ZfB+Fv8z67oooriPowr8hv2ovGvhX4tft6fCb4FeJNb sdL8J/C1D4v11r25it4JL8BXsoG85lVmX90dvdJ34IBr9bdRvU03T7rUZIpZ0tYnlMcEbSyuEUsV jjQFnY4wqgZJ4HNfkB+yP+yBofx2j+In7QX7X/w6lfxT488RXFxZaZrkFxbT6fp8PESiJ/LdQSxQ bl5SJCDg0AXv+CfXjLw/8LPj58Zf2QNK1e11Pw/Z6hJ4k8KzWtwlxAbG62GaBJEZlJiR4cqp+8sp wOa3rLxL+0h+2P8AHf4m6N8MvibN8Jvh58KNSbQYX0+zhvbrU9UgZ1mlkaTb+7Vkzt3bSpQBSS7D h/2mf2Wrf9mP4n/CD9pD9kj4d3cj+HNXaz8QaR4ftrm9nudPukw8nkp5jAeUJombGAzx56VteFNd +IX7C/x0+KcepfDPxJ47+G/xV1V/Euj33hbTnvrizvbpmaWzubdinlnLBV3MCAoIDbmEYB59+yJ4 s8efCH48fte+NPjxdw634j8FaVp15qdzaotsl/HptrcPFMiAbY2uII0faBgM2AB0rqvAmg/t2/HH 4I3f7Utl8Xxoup69bXepaR4MTTYJdKfTlL+XaSysQ4aeNcLJguoKln3Ela/7OPw2+MHxx+Jv7V2o /GfwLqfw+h+LujWNpY/2jayCOOCe0ngtwsxCpLNbwtEZlQ5SQFWVGBUS/CT4+ftD/Av4IL+ytqvw M8Vaz8TfDNvPoujahp9l5vh67iLMlrdyXzMqxxRqy7jgghRuaMswQA95/wCCUH/Jkng//r81f/0u mrpv20fi18RPhn8QP2d9I8Da1JpNp4x8eabpOrRokbi7sZ5oVkhYyKxUMGIyuG54NN/4JmeDfF/g L9kDwr4Z8c6HfeHdYt7vVGlstRtpbS5jWS9lZC0Uyq4DKQRkcg5HFYn7dXgjxp4u+I/7M994T0DU NattB+Iel3uoy2VrLcpZWsc8LPPcNGrCKJQCS74UAHJoA+XvBPww+Kc//BVLxvawfFO9guLDQ7XW bmcafblrzSWvbSQaOyk4SIIyx+cP3mFB6k1+yHjTRta8ReEtY0Lw5rUnhzVL+1lgtdShiSeSzmdS EmWOT5HKHkK3BxzX5j+Lrn4g/BT/AIKS3nxTn+HfiHxT4R+IPhqw0CHUNFsnvIrO4a5tw8lyyAiN IhCWcMQ20hlBGa/V6gD+ej9kLx742/Zj/Zc+NP7Rlz4vm1vTNB1/VdKtvDU1rFHbXOt3EljFFqLz qfNzl8PEuF2BiCDzX01d/Dr/AIKB6X8FG/aQPxzafxjBpv8Ab8vhRtKtf7J+zLH9paxDD/loIvl3 BRlvlD/8ta+ffh38GPir4v8Agj8d/wBh7xF8P9d0PxDq2van4m0fX7mzddCuHt57SS3txeHEe648 hlVwSu1ic5Uivfrv9rD9oTWfgNN8Cbf9n3xpH8XZ9IOgyzvp2zQkkaL7K18L4vt8vrIoxs3fL5hX 5yAfoV+zJ8aYf2hvgP4P+MUdqtjL4htGa4t0OUiureV7e4VCSTsE0b7MnO3Gec1+af7dHw7+I2uf tvfs+roXxGu9CPiWfVItIMdlBL/YUltb24nlh3n9+bkkFhJwuOK/RT9kb4J337O37Ovgv4Q6tcx3 mpaJbzNeSwkmM3V5cSXUwQkAsqPKUUkAkAHA6V8mft76d8QPDPxr/Z6+PnhTwTrHjnR/h/qGr/2r a6JbNd3ka3sdusRESAnDBH+Y4UEBWYFlyAfO/jnwl8ddf/4KX6p4F+EfjdPDOuXfgCxttY8Ry2Ud 1cR2ML27zTQ25IjE006RLyQFDtgggV9Efs8+O/2g/hR+2BrH7Jfxn8c/8LK0e98NjxDpGrXFolre RBZxEY5PLJ3BsSBtzPyqlSoLLWj8LdC8a65/wUc174xXPhLWdH8Ma/8ADGySK7v7Ca3iju5rixmN nJIy+WLmNQweLduUq2Rwa3NT8EeNJP8AgqBpHxAj0DUG8LxfDtrJ9WFrKbBbr7bM3kG52+UJdpB2 bt2CDjFAHy/of7XX7Q2kfsSfHT4vW2ovr/irwv48v9E0+7mt4nGm6d/oSq/lIiq4h85ypdWG5gX3 KCK1vhB4o+PWs674K8W/AT9pzTPjil5d2/8AwknhnVktNPnSzdd1xLBG5FzEUAIRQikNhjuUMtRf Ajwp+1P8M/2TfjU/wx8HND4zn+IusahBpOv6bKv9qaRNBaJKbeGfyhKJAGKNyrhGRcsRXzf8VvAW kftGX/hO2/Zp/Zl8V/CH4rw6taz32uSac+h6Tpix7mlJZWWJiG2upMUUh2/LknYwB/RpX5QWXiX9 pD9sf47/ABN0b4ZfE2b4TfDz4Uak2gwvp9nDe3Wp6pAzrNLI0m392rJnbu2lSgCkl2H6uRhlRVdt 7AAE4xk+uK/Inw1rPxE/YR+PPxWtdV+GfiLx58OPilq8niPSL7wpYHUJrO9uWczWdxDuQLksFUlh wqlQ25hGAeafsmeMfHXwa+Of7X3jj49XcOt+IvBWl6bd6lc2qLbJqC6fbTmGVEA2xtcwpG20DAZ8 YHSvRPhT4P8A27/2lvhXD+0VF8cD4D1TxHHLfaB4cs9Mt5dMitgzCBLl5NzMJducsshVSGO4koOc /Z5+GXxj+O3xH/axvvjF4I1T4dp8XdFsbTT21C1kEcUU1pNDbbZSFjmlt4miMyqcpICrKjZUbXwP /aS+O37NvwbsP2ePHnwB8Y69498HQSabpVxo9gbvRNSijJNvI16jYjRVKq5RZOBuO0kooBQ/4eD/ ABY8UfspeFr7wvpVnafGvxX4uHw/AcL9kttUG0teLE28H5JYhsbKLI5JDIu1vXZfhd+3/wDBfxn4 N8YeHviXL8btM1K/ht/E+iXtpY6YkFtIMy3NpI8qBQgB2qhU7tuVdWZV+XR+w/8AH7wH+zB4M8fa VYRaz8XvCvjr/hYtzo0bqTIZhB5lkj5AaVRbxOyqSCd6IWO3d9G65+1P+01+0BrvhL4dfs8fDDxZ 8ML19Qt5vEuveKNIigtLGxjB+028IuUlSV2yCpwsh2gBBuJUA9Y/ZX+LXxE8e/tJ/tL+CfF2tSaj ongjWNKt9GtnSNVs4rhbsyKrIqswby0++W6cd88b4G+NfxR1T9oz9q/wZqGvyzaL4B0qwuNDtjHE FsZZbCSV2QhAzZcBvnLCvILPxR8T/wBjj9rz41+JtY+FHijx54P+Lc2n6hpt/wCGLE6gyXFtHJiG RQVVCXnkVgzBhsDKrK2ap/sxeF/jrrHxY/aq+IfxQ+H+qeE7rx7o1pPp1tPbyOkiy2k5htoZwoSa aKJo0lWPJSTKMqsNtAHlfwx1j9vn4z/sjXn7Uf8AwvBtAPhmx1O80zTLfSrVzqkekmYzy3k7AASS NG8aJ5bRgIpKgsTXSf8ACV/tx/F39lG6/bPg+L0fgx9I0y41Oy8NaZpcJtJ7bSt0dxLcTSl2MlwY pJAjK8ajaAAGwv0d+y74B8deH/8Agl83w/17w5qWm+KD4b8Wwf2Tc2k0N/51zc6g0Mf2Z1Eu+UOh RduWDAjORTfhn4B8d2H/AASrvPh3feHNSt/FTeCtetRpElnMmoG4mF15cItiol8x9y7U27jkYHIo A4n45/tw+PdL/Z3+A9z4R1LSvCfjn44wW4m1rUjHHpujRJHCL67PnEooWSZSnmBlC7uGYCvIfEH7 SnjD9lvxL4P8ZWn7T2iftAeFNY1ODTvEOiiXTmv7WO4yWvbMWk0jhI9p+UkIpKhgwbKS/Er9mX4n a3+y5+zF8R9K+H//AAlmv/CC0jOs+DtTtMT39hcrEbiBra4XJkTyQBEULfOWCkqFLb8aP8bPFvhT wL+zn+x7Y+DGkvY28Raz428FWdrZWVovEscQAAkcZJHzBztCqnzEqAewfFbx3+1R48/bz1n9mr4Q fEFfBvhuTwza6pdXL2MF7Jp8SMnmy2qSAZmld0i+dsKrlhhgKT4V+If2m/Bn7S/jT9i/x/8AFObx NFrXhKTW/D3ih7CFNQ06VnEKuYuVk2t5mVd2BKKQVDMo9W8J+CPGlt/wVA8afEC40DUIvC918PIb KHVWtZVsJLoXlkxgS5K+U0oVGOwNuwpOMA0X/gjxo/8AwVA074gJoGoN4XT4dtZNqwtZTYC6+2yN 5BudvlCXaQdm7dg5xigDwX/gkp4J8c2Xhrx54tvfHNze+H4vE2s6bJobWkKwyagos3bUjOD5gkZA U8ofIAc9a+3/ANuX4m6p8If2TfiT460OZrfUrfThZ2sqHDxTajNHZJIh/vRmbePcV8o/8E7rn4g/ CXxL8Rf2c/iD8O/EOkXEviXWdfttdlsnGizW8v2eJI1usbGd9hdCpKsvGcjFfTX7f/w/1L4mfsef E3wvo0Rnvk05NRiRQWdzpdxFfMqAclmWEqAOSTigDzTw94s0r9ib/gnJoXjKxsFuZ/DXhmxultn4 WbVtXaNj5mCDsN3c5fB3bM45FfEL/GH402/wmPx6H7ZPhWX4gJZf2wfBXnaQdPKbfPOmBBN5nn7P 3eQm8v8AJuz+8r7X1/wY37aP/BN/SvDfhK5iXVPEnhnS5LVnYeWup6WYneBn6KDcW7wsx+7kkjjF fDVp4g0fR/hNa/DU/sPS3HxutbRNNFxN4Ps5tDlu4wIft73gT542I8wjGwnjzdvz0AfR1v8AtdfE HXfiJ+yx8ZLfUZNP+G3xjt7nQtY0cLG1vBrqs8EbrKymQbrl9q/PykXIBJrnpP2x/icP+Ck8Xw2G pyD4QtqLeEvK8uLyTrS2IkJ37fM8wXbCPG7G3tnivR/2hv2d/iHq37AWkeGdP8O6dZfErwG9n4ls dM8LWAgtYdUguGmmis7WANl/LmlH7sHzJcsB82K+Xb39nP4zj9gS0+KUXhnUP+F1xePD8Rm05bGc 6l9vkvfs+z7Nt8//AFO2cx4yAM9eaAPvT9nX4r/EX4x/tUfHW7/tqR/hp4CuLXw3pdgI4/JfU4gP t03mBPMLJJEwwX27ZRxxmvMf2HryT4d/tJ/tKfs3W5ZNE0TXIPEOlQH7tvHrCGWaNB2QBodoHHU9 SSfbf+Cfnwl1/wCEn7MugW3jS1ns/Fvime68Qa0l1G0VwL3UZNwE0bgMkiwrErqwBDAggdK8V/Y2 hf4h/te/tPfHq0G/RptVsfDNjOOUnfSYRDcFG6FQIoSMZyGH4gH6gUUUUAFFFFABRRRQAUUUUAFF FFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUU UAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQ AUUUUAFFFFAH/9L9/KKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoor8h9N/aI/bz+MH x2+MPw5+A0PgiPSPhhrI08trcV5HO8UzzrAd0Mjh2xA287VHTA54AP14or8t9G/a+/aS+BvxR8Mf D39tnwbomlaD41ufsWm+KfD00v2CG6IwsVykzyEbmIBYmLapLbWVWK/p5f6hYaVaSahqlzFZ2sIy 8szrHGg9WZiAPxoAuUVm6TrOj69ZrqOh30Go2j/dmtpVmjP0ZCQfzrSoAKK/PbxH+038Z/gN+x9r nxv+PmjaJqPjnTLnyodO0i7C2UyT3UVtARIrzk7PN3yBSTgY+XOR9x+DPEUPizwppPiKGWGU6haw TP5DB41eSNWZQQT0Jxyc0AdNRXg3i3W/jXa/HnwLofheDSH+HF7a37a/JcSAamk6QyG1FqnmqWUy BN+I2wu7kdR67e+JvDemWk+oalq1paWtrIYppZZ44445B1R2ZgFb2PNAG5RUFrdWt9bx3dlMlxBK AySRsHRlPQhhwR9KnoAKK5uz8ZeD9R1V9B0/XLC61NAS1rFdRPOAOuY1YsMfSukoAKKz5tW0u2ea K5vIYntk82VXkVTHH/fYE8L7nimaRreja/ZjUdBv7fUrViQJraVJoyR1AZCR+tAGnRWJq/ibw54f eCPXtVtNNa5bbELmeOEyN6IHI3H2FX7rUdPso45ry6igjmYIjSOqhmbkBSSMk9gKALlFVLu/sbDy zfXMdv5zBE8x1Tc56KuSMk+gpbi+srR4Y7u4jhe4bZGHcKXc/wAKgnk+woAtUUVyWu+MNC0v7bpk ep2Y1qC1luI7N5k89giFgfK3ByvuB070AdbRXyL+w38c/GX7Rf7OGgfFjx/FZwazqdxfxSrYxtDA FtrmSFNqO8hB2qM/Mea+ndK8U+GdeuJ7TQ9Xs9RntTiaO2uI5njPo4RiV/GgDdoqvdXdrY20l5ez Jb28KlnkkYIiKOpZjgAe5qlpmvaHren/ANraNqNvf2PP7+3mSWL5eT86Erx35oA1aKrW15Z3lst5 Zzxz27gkSRsGQgcHDDjjFVhrOjmzXURfQG0dtqzeanlls4wGzgnPGM0AaVFZMWv6FPqsugwajbSa nAoeS1WZDOiHozRg7gD6kUy38R+HrvVp9BtdUtZtTtl3S2qTo08a+rRg7lHuRQBs0VQ1LVNM0azk 1HWLuGxtIuXmnkWKNR7sxAH4ml07U9N1izj1HSLuG+tZRlJoJFljYezKSD+BoAvUhAIIIyDXP3ni 7wpp1pBf6hrVlbW1y/lxSy3MSRyPnG1GZgGOeMDmvM/2h/jPZfAX4LeJ/i5LZpqx0G0NxBaGcQfa pCQqIJMNjO7JIUnAOBQBz/7PfwHuP2f28Z+GtE1dLnwRrGryatoWliEo+ji7G+6tVk3kPB5vzxKF UoCwO4nNfRteafBvx7/wtD4U+EPiDJ5C3XiDSNPv7mK2ffHDPd20c8kQOSRsL4AY5xjNel0AFFFF AHI+PtL8Va34J1zRvA+qx6Fr9/ZzQWWoSxGdLSeRSqzeWGXcY87lGQMgZ44rjfgL8GvDfwB+E/h7 4VeGCZrfRoMTXLLiS8u5DvuLmTk/NLIWbGTgEKDgCvYKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooA//T/fyiiigAooooAKKKKACiiigAooooAKKKKAPif9qb4r+LvC2r6d4O8MXkmmJPai7nnhOy V97uiorjlQNhJ2kE59qyP2YPi54y13xTN4M8S302rW01u80Ms7GSWJ48ZBkOWKsD/ETg4x1OfpD4 q/Bjwz8V4LZtVkksr+yBWG5hwWCMclHU8MueQOCD0PJzT+FHwN8L/CmS4v7CaXUNSuk8trmYAFY8 glEVeFBIBPJJwOa7VVp+y5banzksDivrvteb3PXp2se10UUVxH0YV+Vn7B3/ACdj+2N/2M+nf+jd Sr9U6/I+z/Zc/bu+Fvxx+LvxK+AfifwLZ6T8T9XGoPFrLX8twkcLzNACsdmyIwE7bgHYHjB4oA6D /gsHcaXD+yVDFdgHUJvEWmjT8Y8wXIWZiU758oSDjnmuH8feD2/a1/b5T4B/Gqee58DfDDwla61N o0MzwW2o6pc/Z98kvlMrMo+0AZzx5e0YDvn0Pw5+xZ8f/ix8V/C3xR/bT+IuneLLTwPOLvSfD2h2 zQ6cLoMrrJM7xwlgGRSVMbF8BS4TKt6V+0H+zF8W7/44aN+1J+zF4i0zQ/H9jYHSdSsNbSZtL1aw 3blSVoA0ispwMADdtQh0KZYA+bte+Gvhz9in9uP4N2vwL87Q/B3xm/tDS9Z8PpPLNZ+dZrH5dyiS OxVt06EH+EK4XCuy1+xlfnd8NP2Yfjl43+P+jftLfta69o13q/hG1kg8O6B4bWcabYvOrLLNK9yP MeTDZ6tltp3bUVa/RGgD+Yqx8C+E/EP/AAR61DxnrOnJc614U8QzPpdyzOGtmvdTs4JyoVgp3xna dwOO2DzX9A/7O3ww8B/CX4R+H/DPw70iPRdMuLaG+khjeRw1zcxI0shMjM2WPXnHoK+FPCP7BHxG sv8Agn34k/ZJ8Ra7pMXifVb1763vbV55rBXS8hu4kdnhilAbydjkRnbuyA2MH7d/Zs0X46eHPhbZ eH/2hJ9FuvEmmuLaGXQjMbd7GGKNITL56IfOJD79o24wRjkAA+Pvjt/yk8/Zn/7A3iX/ANN95XzP +y1+yp8KP2h/j/8AtN638Z7GbxJpOg+P9bt9P0t7u4gs4bi5vLg3FyUgkjzKyJEgbPAXuQpX9D/i V+z14z8Y/ti/CD9oXTL3T4vDvw/sNXtb+3mklW9lfULWeCIwIsTRsoaVS2+RCADgE8E/ZY/Z68Z/ A/xn8bfEXiu90+7tviT4wvvEGnLZSSyPFa3UssiJcCSKMLKA4yELrnOGNAHzh/wTc0ub4eePf2jP gRpV7PN4T8BeKo49Gt55GlNrDdG53IrNz92JM+rAt1Yk/Rv7ecfhm4/Zt16w8Z/Ep/hZoV5NbxXm qQWz3dzPDv3GygiikjkZ5yoB2E/IHDKULEO/Zx/Z68Z/CD4y/Hb4ieJb3T7nTfifrVtqWmx2kkrz www/aNy3KyRRqr/vVwEZxweemYP25P2ZPEH7Unwk0/wr4O1m30XxF4d1e31vTnvVZ7Oae3jli8qc KrkKRKSG2PgjG0gmgD8Pf2lJ/wBmCw+Dun+Mv2V/g3428Gat4XvLGe18a3Fpc2ljgOEG+5kuJPMk kYhkOxWDAYIXIr+nXw3ez6n4d0vUbohprq1glcgYBZ0DHge5r8nfjz+y/wDt+ftZ/DKbwP8AFnxV 4H8K2tg0Vza2Gix37RaleRMFDX08yyNDGiF2QRK+XxuTgFf1V8E6frGk+DNA0rxD5H9q2Wn2sN39 mdng+0RxKsvlM6ozJvB2lkUkYJUHigD8fPiH8DPCX7Qn/BUvxD4G+IJuLnwvZeCrPVL7TobiW3i1 D7NNBHDDOYWRmjWWZZcZHzIK6P4OfDrwx+y9/wAFI9d+FnwoSfSPA/ifwKdcuNIWaWeCO6iuPLDx iVnbcPKYrliR5jKMKQB9g6B+z14z0r9uTxL+0zcXunt4X1nwfH4fhtlklN+t0lzbTF3jMQiEW2Fh kSlskfLjJBd/s9+M5/25bP8AaZS908eF7fwefD7Wxkl+3m7Ny828R+V5XlbWAz5u7P8ADjmgD8W/ gd4s+Fnxyh8W/Gf9p34IfEf40eKPFmo3KwXuiaXcXukadYrjy7Szkju4drREsCMHYAoXB3FvQtH+ H/xT+IP7Evx1+GmteHPFei6N8LdTtvE/gJ/FVhPZ6lFp8Bmke3UyfK7QW0UgxExCNLxwVWvtTw1+ zF+2J+y7rHinQf2SPEHhPVPh54mvpdQtdL8UreLPo1xccOLdrYEPGqqoBZjnAzHu3M30z+yz+zt4 0+EfgfxJbfGrxlP8QfFfjm7lvNYklllksIhKGBtrSKXG2L53LEIm7IG0KqgAH5E/txfFHxV+1Z4c +Ftz8OrnbceDPAMnxL1fyeRFMZIYHU44V7d45CPQMexFfXC+N7P9sD9s34CDTts/h34f+EE8e36L 9yPUdWjjFtC3/TSF/IkAPIG73rsf2L/+Cfmr/s9P8VbL4marZeIdO8ZWp0TS1tZppZINEZrgyRTC aKMI8vmoWRC6BlJyc89T/wAE9f2K/Fv7JWmeM7z4jatp+ueIfElxaQQT2Es8yR6bYRlYELXEUTKx Z23IoKhVTDHGAAfYnx98c6j8Mfgd4/8AiJo67tQ8N6DqWoWo2bx59tbPJEWU8FQ4BbPGM5r8t/gJ +wb8IPjD+yZZ/FjxubvUfit47sZ/EDeKmvZ1vLXUJy8sDx7ZAgER27wQSx3EkfLt/YbxR4c0jxj4 Z1fwjr8P2jS9ctLixu4skb7e5jaKRcjkZViM1+Wvhj9mP9vD4Y+BtR/Zp+G3jzwsfhdcNc21hruo RXbeItN0y7djJDFHGqwNKodthYkAk7XjGwIAfCPgTxD4p1b9h79m79nnQdWuNB0/4weNr/SNWvbV tkv2BdS2SQhv+mhmDY/i2bT8pYH6t/bQ/ZG+Ev7KfwQg/aN/ZqtJvAfjT4a3mnSx3Vtd3Ehv4Li6 itXhuVlkYSBjKGbj5lDIwKtgei6B/wAE7/GLfsdeDfgprfiey0X4lfD7WbjX9E1vTGmuLW3vGuZJ 4lJljhkKsrLuOzKOoYBguGv+Mv2Z/wBtT9p+z0T4b/tTeKfCekfDvTLuG51OLwot5/aGtG25QSNc oEiUtz8oUBvm8s7UAAOG8a2th+2v+2t4W+DfxLe4b4c+FPA1p4vm0JJHt4b7Ur0wgGUxssjKiXUY HzfLsZRje+fZ4/2J/Dv7PWvfEr4l/BjXpfDngjXfCWo21/4R8uW4tpLwW8hW6jnlnJjK4G1fLbGX UMqsFHUfHz9lr4ny/GDwx+0l+yzreleHvHPh/Tf7EutO1lJjpOp6YpJSKQ24aRCnQAKN2EIdCgJx PhX+yz8bfGfxl1H9oH9rrXtIvdb/ALFudA0nRvDgmWwsLO8DrO5knAdpSskijO/72S5wqqAL/wAE 7HSP/gnd4KkdgqrYa+SScAAalfZzX5e6nLLB/wAEYfD80DtHLH4oZlZThlYalOQQRyCD0Nfbfw5/ ZL/bu+Fvw/vf2YvCnxA8Jw/Cq5luootae3un1+10++kZriOCDaIFkfzHbDM21mJWUcYmvv2AvjFd f8E+tN/ZQj1nQR4ts9YbUHujcXX9nGI3ck+BJ9l87dtcDBhAznnHNAHz9+3F+x18PP2Y/hD8Pfih 8G7rUND+Jdt4ksLC88Ri/unvb2a+hnM1xIWlKrI0q78oF4LLgg12n7VP7Lfwm/ZM1j4A/FH4JWdz o3iePxzpWlX1+15cTTalFdB3me58x2UtIY2D7QoZZGUjbgD9AP23P2evGf7Sfwu0HwT4GvdPsb7S /EenavK+oySxRG3tFlDqphimYufMG0FQDzlhS/tjfs9+M/2hdG+HGneDL3T7KTwh4x0zxDdnUJJY 1e0s0lWRIvKilJlJcbQwVTzlh3APzR/aU8e6D8UP28/FHgf40eBPGXxQ+H/ww06zTT/DnhSylvI/ t93bwzveX0STQkL++dFYN8wVB90MG7X9kq41TwT+2Xbab8DPhV4/+Hfwd8baZcLq+m+J9Jurawst WtopJo7mCRpJ0jEgiSMF5MlnZAMFAv1n8a/2YfjZpn7QZ/ao/ZU8Q6Rpvi3VNPj03XtI8QLOdN1S CFVWNy9uGkWRVjjUABfuAh1y4fR+BHwF/aXn+N95+0L+0/42s5tRjsTYaX4b8NzXaaLaxuCGklSb b5jgM2Awc5bcX+VQoB+fv/BOH9ib4H/H79mufxv8adNufEt5dX19p2mh765ij0u0iIYi1SKRVV3n eSRiQQSRxy27lfCfh+z8ff8ABKL4iWXxBDa/P8Kde1K30Ce4kcvZ/Z2t1QphhkKtzKqq2VCtgDAG P1g/YV/Z68Z/sxfAGz+Ffj290/UNWt9QvLppdMklltylw4ZQGmihfcAOfkx6E14p8Mv2I/Hfh/8A ZB+K37OfizW9Mj1fx5quq6hZ3dk009tCt2sBtxN5kUL5Dw/vAqkAHKljxQB9B/sT/DDwH8Mf2avA i+BNIj0keJdG0rWtR2PI/wBo1C7sLfzp28xmwz7RkLhRjgCvq6vlz9kXwV8f/hv8JbD4ffH660G9 u/DcdtpukzaE07K2m2lvHDF9pM8ceZsocsoAIIyAc19R0AFFFFABRRRQAUUUUAFFFFABRRRQAUUU UAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQ AUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAB RRRQAUUUUAFFFFAH/9T9/KKKKACiiigAooooAKKKKACiiigAooooAKKo6jqem6PaPf6tdw2VtHjd LPIsca59WYgCmaXrGk63ai+0W9gv7YnAlt5FlTI7bkJFOxPMr2vqaNFFFIoKKK/FW9m1r9sH9sT4 rfBz4ofF7W/hv4c8AzwWOi+GtEv49LuNVVwRJcs7BhOMqr4KOwWVQuwA5AP2qor80vhf8Gf2lv2a P2jPD3hnwp4q1/4ofBHxNazrqTeILyK7vNCuYUbyWSWRo2KO+wYiQAqX3IWVWPh/w/8A2yfBHwH/ AGoP2nLX45eL9Rkszrej2/h/Sx9p1CQbIrxrhbO2XcsSD93vI2LkoCclaAP2dor54+EX7VHwP+Of gHWfiR8NfEI1PSvDqO+pI0MkV1aeXGZT5kEih+UVirAFXwQpJU47n4Y/GDwJ8YPhnp/xd8CXsl74 Y1OO4lgnkhkhdktZZIZcxyKHGHiYcjnGRwRQB6dRX5X/ALXn7ePhez/Y6k+KvwB8R3drqvjGZrLQ r4afKCrWl3FFfbvOjKwsIi4RnAy2Ch3Yr7h/Z2+L/hj43/CfRvG3hW6uby38tLWeW7t5baVrqCNB MSsyqzAsfvAYbsaAPb6K8l1/43fDvwz8W/C/wP1i+ki8XeMba6u9NthBI0csVmjySlpVUohCxsQG IzjjqKXxd8bfh34G+JPg74TeI76S38SePftX9kwLBJIk32NA826RVKJhTxuIz2oA9Zor4b8W/wDB RX9lrwfrWt+F7zXr2+8QeH9UvdIutMsdNuri7W409tlwwRUx5SNkCQsFbB2k4OPo74NfG34Z/H/w RB8QvhTrKa1o00jws4R4pYZ48b4popArxuuQcMOQQwypBIB6tRXP+K/FfhvwN4b1Hxf4w1GHSNF0 mFri7u7hwkUMSdWYn8gByTgAEnFfCtv/AMFQf2Qp9Us7SXX9StNN1CXyYNWuNIvIdOdycf614wwH qSgAHJIANAH6FUV8/wDxh/ah+CHwEu/DNt8VfEkeiR+Lor2bT7ho5JbeSPT445ZiZI1ZRlZUCDrI zBUBJxXmnwf/AG+P2Z/jf48i+GngvxBcReIbtWezt9Qsp7L7aiLvJgaVQGJUFgpKsQCQpANAH2XR Xy38d/2x/gR+zrruneFPiHq9w/iDVIvPh03TrSW+u/s+SPOdIgQiZU43EFsHaDg4+Rf2Yv2gNO+O n7fXxL1fwD4tu9e8BTeENPnsLZpbhbWGdWtUmItJdoilD7w/yBsk9QckA/V6iuJ+I/xC8LfCjwNr PxG8bXD2mhaBAbm7lSN5mSIEAkIgLNyRwBXxnqX/AAU+/Y303VLTT38X3FzbXPkh7+3066lsrd50 WRY5ZljI3hW+YKG2EENggigD9AqK8u8f/Gv4V/C74dn4seOfElppvhQxRTRXxfzEuFnXfELdYwzT NIvKLGGLDkDGa8F+Ev7e/wCzT8ZfGVr8P/DOv3On69qSl7C21WynsPty9jbvMoRyw5VdwducKcGg D7Lorx7wN8d/ht8RPiF4z+Fnhq/lfxN4Blhj1a0nt5YGj8/d5bxmRQJUYLnchIwVP8Qylp8ePhnf fGTVfgNaak8vjDQ9MXVr6AQSeTbWjlNrSXG3ylYiRCFLZwQcYoA9ior4G1T/AIKZfsgaX4hn0RvF dzd2lpcfZZ9WtdOurjS4ps4Cm6jjKsD2dAykchiOa+hvij+0l8Gfg74K8O/Efx14iitvDHiq9tbH T9RgVrm2lkvYnnhfzIQwETRxs/mH5QBnPNAHudFfNn7Pn7WfwT/afbX0+D+qXOpHw08S3hnsp7ZQ txv8l1aVFUh/LfAzvGPmUcVt/Hf9pX4P/s36Rp2qfFXWWsZNZmaDT7O3gkury8kXG4QwxKzELuG5 jhQSoJyyggHvFFfMPwI/bB+A/wC0Zq2o+Gvhxrcp8QaTH511pV/ay2V7FEGCl/LlUb1VmUMULbSR uxuGfJtb/wCClf7JujG5t4/EF/ql/ZXN1bXNnY6ZdT3MH2Ngk0sqhAEiBPDkjdg7c4NAH3vRXmPw 7+Mvwy+Kvw6g+LHgbxBbX/hSeKWY3zEwJCsGfO88ShGiMeDvEgXaOTxg18pJ/wAFNP2Pn8QjRR4r uRZG5+yDVzpt2NK8/dt2/ajHtx3342Y+bdt5oA++6K8l+Kvx1+E3wU8Br8S/iV4kttJ8OSmNYLn5 p/tLzKXjS3SEO8zOoLAID8oLfdBI+fPhv/wUJ/Zm+Jvj7T/hrper3+ka7rLKmnR6tp1xYpeu5wiw vIu3LnhA23ceFyxAoA+3aK/Nz4PeNPEc3/BRf9ovw7rOu3b+HdE0XQJrazuLqQ2VpvsbV5XjidvL i3EszsoGSST1NfWHwZ/aN+FX7QEmvN8KNQuNasfDtybS4vxaTxWMk4JytvcSIsc2ANx8ssApVujK SAe50VzHjPxn4V+HnhfUfGvjfVINF0PSYjNdXdy2yKJMgAk9ySQqgZLEgAEkCvjbwZ/wUm/ZK8be KLDwtZ+J7nTH1eXybC81PT7mysbt84wlxKgReeMybBnA6kCgD7wor8T/APgpT+0jo7fFb4efs7Qe M9f8I6LHqTyeM5tFiuYbo2kkNvLbJbyxofPzHNISib1V9pdCVAr9Tv2ffD/hbwz8FvB+meCNU1TW 9AksI7yxvNakeXUZre+Juka4aRI33YlxtZVKgBcDFAHsVFfkh8Dv27NN8e/tvfED4f6r4g1C48J3 66ZpnhOx/s6aOOO6EYN20wEQZC0u/Ek3BXAU7cV5X+yf+3v8Lvgx4J+Iel/H3xnqeq+IJfHmuNZ2 pW61S6h0yKK1VWydwit1cSbQWUZD7QcNQB+4dFfHfxC+Nfwc+NP7JXi74meD/iDc6R4PnsZo59e0 mOYX+nNGyiTEI2TpMmR8hCttYMPlIJin/ab+Bn7O/wCz/wDC/XPHfjO71ay17RNLi0a5lt57jVtb UWkJW4NuoeXzJFZXlL4Cu4Vm3MAQD7Jor5h+BH7YPwH/AGjNW1Hw18ONblPiDSY/OutKv7WWyvYo gwUv5cqjeqsyhihbaSN2Nwz9OkhQWY4A5JNAC0V+f3iT/gpv+yP4d1K8sofEF/rdrp03kXWoaZpl 1dWELg45uAgRx6NGWB7Zr6bvv2hfgzp3wdX4/wB34qtV8Avbi6TVBvaN0Z/LCqgXzDIZPk8sJv3/ AC7dwIoA9mor899P/wCCoP7H93ZS3l74kvtKZPKaKG80u7iluY5nCLJAuwiRcnnByBkkYBI+hPjp +1L8Ev2c10yH4pa8bLUNaLCxsLaCW8vbnacEpBArsFzxubCk8A54oA+hKK+VPgR+2f8AAX9onxFf +DPAGrXMHiXTYjPNpep2ktjdiFSAXVZBtcAsMhWJGQSADmvK/g98UfhR8NY/2h/iFf8AxK1rxXpf hnxTfy63FqFvcsmgyJNIr2VkrFzJBGx2r5Q24UYGKAPv+ivz91L/AIKffsb6bqlpp7+L7i5trnyQ 9/b6ddS2Vu86LIscsyxkbwrfMFDbCCGwQRX3ppmp6drWm2msaRcx3ljfxRz288LB45YZVDo6MOGV lIII4INAF6iiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACii igAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKK ACiiigD/1f38ooooAKKKKACiiigAooooAKKKKACiiigD89f2ybrW/wDhKdDspS40gWZkiHPltceY wlPoWCbPoD71ifsh3Wtp8Qryzsi502WydrpefLBVl8pj23ZJA74Le9foN4i8LeHfFth/ZniXT4dR tgdwSZQ21vVT1U+4INReGfB/hjwdaPY+F9Mh02GQ7nES4LkcAs3ViO2Sa7FiV7PksfPSyWbxn1nn 038/Q6SiiiuM+hCvyxuvAn7Gn/BRvxb43sfEvha+0Px78PL+TRb2czJYasUt2MYm2wySxyxB1ZEa ZGK7cfKCAf1Or4c+OX7AHwU+Nfjlvinb3useA/GsibZdW8NXa2M1wwxh5wY3VnAGCy7XYYDMcDAB 8WL4Y+Jn7AX7T3wd+HvhL4oar45+HvxT1I6TJ4f1mUXNzYqXihE8fIVVRplffEkX3GVlYV6x+xx4 X0O+/bu/ax8X3dpHLqukajpVpazsgLwxXq3LThGIyu8wR5x1xzX0L8DP2Dfg78E/HH/C07jUda8e +N1i8qLWPE14L+4tgQQxtwEQIWDEbjuYAkBgGbPsXwx/Z68F/Cf4l/En4qeHbzULjVvildWd3qcV 1JE9vDJZLMsYtlSJHVT5zbt7yE4GCOcgH51fDnTbTR/2tP23NG0W3W1tZvD9jcGGJQqNNNpryu20 cbmeV2J7lie9ew/8E+tc0rSv+Cb3hjWL65SO10rTfEUly5YYiWK/vnbdnpheeexBr6w8H/s6+BvB fxl+IPxw0+5vrrW/iTDZQalbXLwvYoljEIUEEawq43Kvz75HBOcYHFfKth/wS9+BmlapeWmm+KvF 9r4F1C7F7c+D4tYaPQp5AwOyWFYxI8eAFw0hfA+/QB+fWn/8oQNT/wCwkv8A6kUVfvz8OyD8P/DB ByDpdl/6ISvnTQ/2Kfg/ov7L95+yVJcapqPgu980tNc3EX9oLJJdfbFkWWKGOMNFMFZMxEcAMGGc +m/s/fA/T/2e/h8nw70rxPrfiqzhuHmiuNduUuriFGREWCNkjjCwoEyiY4JODjAAB8W/HWWK2/4K ffs3S3DCNJNE8QxqzHALmzvAFye5JAA7kgVT/ah1Sxm/4KK/ss6LHKrXlpFrs8sYI3LHcW7LGxHX DGJ8fQ19W/tKfsl/DX9p630C48XXep6Dr3hWZ59J1nRbkWt/aPJtLBXZXUqWRG5XcpXKMpJz5V4A /wCCefwi8C/Evwr8Zp/E/inxL448MXF1ctqusakl7PqBuYBbiO7MkJJjhXcYhGUILtvZxgAA8U/4 J5aP4Rb4/ftZa+kcL+KE8f6pbSOcGaOwa9unjC91SSUPuxgMUGc7RjU/Y+t7DS/25f2rdH8CJEnh GO60WWZITiKPVZIpDcBVHyhjMbgPjHKgEcYHzd+zh+yxo3xy+Nv7S/i6Hxp4o+H/AIj0n4h65Yx6 j4Z1E2Es1nPdzO8Mw2sHTcNwxtOeSTgAfrX+z/8As8fDf9mzwQfA/wAObeYx3E73V7fXkgmvr+6k +9NczBV3NjgAKFA6Ac5APJP2+vHfwm+H/wCzL4i1P4z+HJfF/h+8ltbVdHiu5bI3120okgjaeFle NFaPzGYZwE4VjgV+b37Yd5+2Vqf7HOuD4qeE/Anw5+G9jb6WkOkQS3N1rK7bmBLSCBlZrdGT5d2M EIrDpmv2R+OXwQ8A/tD/AA31L4W/Ei2kuNH1Io++B/KuIJom3RzQvhgroemQQQSGBUkH41m/4Jjf CvxHoDeGfij8RPHfj3Tra3e30yDV9b82DSyylEntYREIxNGpIUurpjgx4AFAHzR8a/D+keM/F/8A wTy0XxHbpf2F3ZmSaGZQ8cvlWWkShXU5DKWUZB4I4Ne5/t56bYw/tI/ska9DCseoDxmLTzlADmB5 bUmMsOSuc4HQZPqa+n5v2Qvh3dXnwTv7zWdauJ/gPDJBobPNbZuY3iggxfYth5hVLdADF5XcnOa7 X4u/s9+C/jP4t+HfjPxTe6ha3vwz1ZdZ01LOSJIpbhWjYLcCSKRmjzGOEZD1+agD4n/ZGt7DUP27 /wBqrVvFscTeL7K80qCwMhzNHpDRygeVnkKyJbeZjgHYO/Od8B9H8I6J/wAFTfjra+EI4YIpvDFl PdxwACNb6ZrJ5+F4DMx3v/ts2ec19O/HL9i74f8Axn8e2PxZ03xFr/w78c2dv9kfWvC96LC6urbo I7htjb8DgMMNjCklVUBn7Pv7EHwl/Zu+IGsfEvwPqmu6jrev6f8AYL+TVr1Lz7QzTLPJcu3krIZ5 HUFzv2dcIDzQBP8At9/8mbfFj/sCyf8AoaV8+3fgTwpp/wDwSUOjW2mwLaS/DSLV3QRrhr6XT1v2 nIx9/wC0HzN3XPOa++vi98L9A+NPw08Q/CvxTcXNrpPiW1a0uZbN0S4RGIOY2kSRA3H8SMPasC5+ BvhK6/Z/H7OEl3fDw0PDieGPtAki+3fYo7UWYk8zyvK87yxkt5W3dzsxxQB+GXxkfxtrPwj/AGCv Deif2VPDewK0EPiFpjos+pQJZJZpfLD8xjAYooHUOy9M17T+134G/bK8YaH4Lvfj14k+D/gdtC16 1u9D1W2utXsr1b+IMywQzTRzYV9oZlC9UU5BUV+kHib9jj4L+M/2fdA/Zu8WW95qnhzwxbwQ6bdy TKmpW0tshjjuEmjREEoViD+72MCQUI4rybwZ/wAE7PhnovjzQfH/AMQ/G/i/4o3PhRxJo9r4p1QX 1pZOhBRljEaZZCqkDIQkAlDgYAPKf2ir6w/Zd/bp+HP7S17Mun+D/iZYT+FPE054ijuYVD2c8p6A ttiGeyQv0zz85eCbLxj4k/Yu/af/AGxpYpbfxL8Ymv5bM5Ilt/D9nIbZUVhyAsZmU44KRoc9DX64 ftGfs8eAf2n/AIZ3Hws+IzXcGmy3MF3HcWDxx3dvPbtlXieWOVASpZGyh+RmAwcEdz4P+GnhDwT8 NNK+Emk2Sy+GtJ0yPSUt7gLIJbWOLySJhgK5kXPmHHzEkkc0Afjv8DfDH7Zl1+xvoOg+EbT4N/8A CqNT8ONJM2pHVxKbWaItdS37R/uRcK28zsPlWRWxgKK8R+K3gSew/wCCdvwJ+HGu+KdJ8Z2B+Jlp ZRahol1Ld2b2lwuo/u1lljibMZdkK7QFwAOlfoJff8EvPhIbe98MeHPiD458O+A9Tna4ufCtjrWN Icucsgikidth6NvLsf72QMfRHjz9jz4O+Ofhf4E+D0UV54c8MfDrVrLWNLg0qWONvtFisqoszTxT F1kMztKeHdzuL5JyAfSGj+H9C8PW62mg6dbadAkccSpbRJEojhG2NMIB8qDhR0A6V+dP7aPwwvfH nxu+FHiD4PfEjRfCXxt8MR302h6TrWJIdStJkbziI9kpUqscgDeWcjOCrIrD9La+X/2j/wBkv4Z/ tMx6HfeK7rUtA8ReGJHk0vW9EuRaajal8FlWQq4KkqDgrkHlSpJJAPiv4NfFvx5pv7ZnhzwF+1t8 JdF0T4seItGuIdF8V6HMXjurO1SaVo5I/NlADLHINxIcEKDGFKldP/glTo3hBPDXxn120ihbxLce O9Ttr2TA88WcaxvbIe4j3vMV7Ft3XHH0v8Ev2Jvh78HviC3xe1fxN4j+Ivjr7MbOHWPFGoG/ntYH 3B0txtTYGDEHcWIBIUqGYH82P2KP2RNC+N/hr4pePIPHXiz4f68vjrXNIuZ/DWpmxW909EtpkhuE KOG2vNIVIx9453YGADzPxRcah4b+BH7eGlfC7Fv4Pt/Fmmw2gtGKxR/aNQ8rU0iCfL5fl7IyBx5Z I+6BX0Ja+Df2ytV/Y5t/CEifBax+EF34Wj/0mZtYTydPktg4u3kwY1uFz5pkwcTfNya/UD4Z/s1f B74U/B2X4FeGtDSbwnewzw38V2RLLqBul2TyXUgCmR5F4JwMABVCqqgfIk3/AAS4+Ekll/wiEfxE 8dxfD03BuP8AhExredIBL+Z5YjMRbZn1Jkzzv3c0AfNGreJvDnw7/Zy/Zd+G2teG9L+PXxPnvrlP B72OrXCaIkljd7Ibhpm8kSrDG0EQjljCArINwVTu4j9sO9/aqvfHn7P+sftJweDNGU+NtP8A7K0/ w+11LqMeJoTO8805ZDGP3YPltgttJ6V+pPxq/Yq+DPxn8F+DfBzpe+ED8Oyp8OX2gzi0u9MChBth dlkGD5UZJI3blDBg3NeNaj/wTL+EfiZrLWvHvjzxv4q8Xabd2t3a+INS1hLrULUWhLpBCJoJIFhL kOymNm3AYcDIIB+a/wC1f8O/j/8AE39sH9qHw/8AA+7EVrb6Fod5rtojlLnUbG30yyYWcOxS7GQ5 YoCocLsJO4K37MfsT/EH4SfEf9m7wjrHwY0uDQNCs7cWc2lQHJ0+9hA+0QSE/M77zv8AMf5pVYSH l67fwn+z14L8HfHfxx+0Lpl7qEviPx/a2Npf280kTWUcdhDHDGYEWJZFYrEpbfI4JzgAYAwPg7+y v8PvgT8R/G/xC+HWoapZQePZvtN9obTQNo8Nzu3efbQiBZYnyXGPNK4cjbhUCAHyN/wVidH+EHw2 03XJfJ8I6h470mDXG3FF+xmKdiHYEYTALE9mCnOcV6X/AMFIPDfw7H7EHjS21iztLey0W1s20dVR EW3uknijtltgMbcg7MJ/yzLD7ua+wvip8LPAvxp8Cap8NviRpi6toGsIqTwszIwKMHR0dCGR0YBl YHII9MivivQf+Canwktb3RIfHPjfxn8QPDXhiaObS/D3iDVxdaRbGIYRTbrEgZVHAXhdvysGUkUA fOPxCv8AXdU8ff8ABO7U/FDSPrF3Zyy3jSkmRrh9O0tpC5bneWJLZ5zmv2krwb4lfs7+CPil8Rvh p8Tddur+01L4V3N3daVDZyQx20rXiwq63CPE7MqiFdojePHOSeMe80AfmH+zuQP+Ckv7UKnqbDw0 cf8AbjDXN/8ABKrwpoCeEvjR4w+xRHVtR8f6vp005RTI1raxwSxxFsZ2B55Dt6ZNfUPiP9jH4fa3 +0fbftPaT4j8Q+G/FBezbULbTL1IbDVBYhEjS7iaJ2ZGSNEkQOFYKCAGyx9I+AP7PXgv9nLQPEXh zwReahe23ibXbzxBctqMkUrpdXqRJIkZhihAiAiXaGDMCTljxgA/HLwRZWuj/sh/txeH9LiW207T fF+uRW0EYCxxIkiIqqo4ACooAHYCvV/EHwwvfHngf9kTxB8HviRovhL42+GPBGmTaHpOtYkh1K0m 0uLziI9kpUqscgDeWcjOCrIrD7wsf2LPhZYeAvi18O4dU1ltN+Mmp3eq6vI09uZ4J71t8i2jC2Co gP3RIsh9SazPib+wt8Hvif8AD34feB76/wBZ0e/+F9ha6doOv6bdJbavBDaQxwrvmWLy2LCJWbEa 4bJTZk0AfLfwa+LfjzTf2zPDngL9rb4S6LonxY8RaNcQ6L4r0OYvHdWdqk0rRyR+bKAGWOQbiQ4I UGMKVK/pn8WvEPhXwl8LfF/ifxykknh3StIvrnUUhZlle0igdpkjKsjB2QELhlOSMEHmvnb4JfsT fD34PfEFvi9q/ibxH8RfHX2Y2cOseKNQN/PawPuDpbjamwMGIO4sQCQpUMwP1d4m8N6J4y8N6r4R 8S2i3+ka3az2V5bvnbNb3CGOVDjBwysRwc0AfjB8MfE37Tnir9mO8PwG+GXgX4T/AANudN1SeH/h IL691K7fTn803Mp2MSzP8/M64xgZ27TXyN4Hlsr39lL9kPQ/GoR/AN38SrxdZE5xbcX37pJs/L5b RvOWz/DuPrX6oeHv+CZHwq0SyXwhd/ELx1qvw9jnM6+EZ9bKaK25zIY5IoY42aPed2AytnksTkng fj58FPhT+yX+yOvwvk8Daz8V/hfda/5+qrcXqDUNBt7oFje2r29qpKwSLlQ2DmQh5NjEAAp/8Fgd L8Ef8M8eFr7VIbePXbTxJZRaS2FEwR45PtEaY58vYoLAfLlUzztrb+PfxJmP7auneEv2efhXYeNv jfonh0yXOua1qM1vY6TpUrZ8tYBIEZj5wLOoVwJdo3bmx+bXjv4c/s2fHjU/A/wv/ZL1zxl8WPFt 7qloJdQ1+e8ks/DmjRZa4jXz4baNFPynowwmFbcVDftZ8c/2JvAXxo+JNh8ZNO8UeIvh945srYWT ar4avhZTXFupOElyj5wCVypXK4DbgFAAPz/8KN8bE/4KofDOX4/T+Gf+EuuvC1+zweFluBbQWv2e +8mOdrnLvNlWbJJ+Urg4xXH2H/JC/wDgoP8A9jlrP/pZLX6IfD7/AIJ8fBr4b/FTwx8bdH1/xPfe N/Dz3clxqepamt9Pq7XcJt2/tBpoW3bImKp5PlYBydxAI66L9iv4WQ+E/jF4OXVNZNl8btTutV1p zPb+bbz3cjSutmfs+1EDMdokWU46k0AfPl34E8Kaf/wSUOjW2mwLaS/DSLV3QRrhr6XT1v2nIx9/ 7QfM3dc85r6c/Yilkm/ZE+ETysWI8N6euSc8LEFA/AAAV39z8DfCV1+z+P2cJLu+HhoeHE8MfaBJ F9u+xR2osxJ5nleV53ljJbytu7nZjiun+Ffw40P4Q/Djw58MPDU9xc6V4YsorG2lu2R7h4oRtUyN GkaFj3Koo9qAO/ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiii gAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKA CiiigAooooA//9b9/KKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigCvbWlrZo0dpCkCsxYhFCgsepIHc9zViiigAooooAK KKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoo ooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiii gD//1/38ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigD/9D9/KKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo A//R/fyiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACop/O8mT7NtEu07N+du7HGcc4z1xUtFAH5gaPdftL6Hp37VWkW/iqb xn8RtJsNMn0lrWAwW9tc3WltN5OnWbPKEEecRglmldQz7mY0v7MPxI09P2hNL+Hfw313xd4h8Ia1 4NuNS1JvFf8AaUkkWtWF3bRyPC+pjzFcrclbmOE+SHZNvIIr7dl+CPg641X4j6rdTXkrfFC3trbV I/OCLHHa2hs0+zNGqyRsYzksXYh+VK9Ky/hl8BtI+HXiS58aah4l1rxn4imsI9Jh1DXJoJZrXTop DILaEW0FugVn2tI7K0kjKpdzgYAPdaKKKAP/0v38ooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD/9k= --000000000000c1439b05b58c3d64-- From nobody Thu Dec 3 02:00:09 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CBB7E3A0E0D for ; Thu, 3 Dec 2020 02:00:06 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.097 X-Spam-Level: X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LBADSWtbX4Y6 for ; Thu, 3 Dec 2020 02:00:05 -0800 (PST) Received: from mail-yb1-xb2a.google.com (mail-yb1-xb2a.google.com [IPv6:2607:f8b0:4864:20::b2a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5955A3A0E09 for ; Thu, 3 Dec 2020 02:00:05 -0800 (PST) Received: by mail-yb1-xb2a.google.com with SMTP id x2so1461401ybt.11 for ; Thu, 03 Dec 2020 02:00:05 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=9GqeY2d0jn3dUtbIpKCzGqN1k7pzzJOdm0jC8wEv1X0=; b=BNWaRqTV2MKkB/8drvb/2s8in417t4DCsco92bgvk2GrHT1W6wMmdOqtxNIFpSN7Pp +W5rMYb0rB7CD0Tt+U/2I5W69zSk6EYMNeJkczMyNI0+cb0eJTLqJLFtw+cVRvEyzZCS Xz/qGPNWAqWtbuSPvCT9NBLiT8YASB66yRxgkM3w8r9PGhTk46HBHJOLIbK4zAH3mcVU GmTL4y72u0M1fLwMqsdZoCtA8MaMIvMSuRsAnCEwebn4JrVytKM62LKicKowSZ+bixSv iScFX+EVF0ysbSpHDHTD3Cg/FLUCPydc8DB3y7oHge45Q0CX89IGEL7seb4PTPgN12Br mNBQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=9GqeY2d0jn3dUtbIpKCzGqN1k7pzzJOdm0jC8wEv1X0=; b=VOOVmVuZTrTIHMmqnqt46C4l9tKTLlRCj3bF5akndIUe2m2WoyLdyVf8aaoPDkQOOH DP0JsrnOS7Y08vUtw1P9MvR2QsWpz0s1Hr0ewrMNVZck/49npFqbs0NUcgMLHM2ypmk9 Hy9/jqRfAvWWRCkqe0UGVPXgRW2L7TEoqXFICLsTNHlWYBLpBLmyvaTaM0Vlb7JcZA0B gxA002B7uJtw8siNTm2/v/9lA4jIhhzDgl3cHry4ERF7/2khEhli2ihQuPCsAOaSNBJ9 w2nHDdioieNeWjF1FXGmNz2TjbWnN31hCSi6+kE3+MzWuNXufK5ju0emQEjEwidlNwr4 MoSw== X-Gm-Message-State: AOAM532YsL4sWsj+iYdFzrZZ7KULUKQhXW0dllHp3P1ByekGRBjo6K/x LyEzFhqjRb3oB9W57JxJQnyfh3WaMAuaLb8nnhM/cIApbg== X-Google-Smtp-Source: ABdhPJzZbpfdQib2SHG/fPHtJUj+M5Zn903p3ZeXiQSti3tDPj9IEdsnKRjPF8r/fQuQAvgkUEV/1algCvkbVPNIGjA= X-Received: by 2002:a25:209:: with SMTP id 9mr3576473ybc.127.1606989604039; Thu, 03 Dec 2020 02:00:04 -0800 (PST) MIME-Version: 1.0 From: Filip Skokan Date: Thu, 3 Dec 2020 10:59:28 +0100 Message-ID: To: oauth Content-Type: multipart/alternative; boundary="00000000000081ae3005b58c6c9c" Archived-At: Subject: [OAUTH-WG] OAuth 2.1 + OAuth 2.0 for Native Apps: Private-Use URI Scheme Redirection enforcement X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Dec 2020 10:00:07 -0000 --00000000000081ae3005b58c6c9c Content-Type: text/plain; charset="UTF-8" Hello everyone, Both RFC 8252 and OAuth 2.1 draft state that (paraphrasing) Apps MUST use a URI scheme based on a domain name under their control, > expressed in reverse order, as recommended by Section 3.8 of [RFC7595] for > private-use URI schemes. e.g. com.example.app:/ My question is, is the AS right to reject client registrations that do not follow this specific requirement, to e.g. reject myapp:/oauth2/example-issuer on the account of it not being neither claimed https scheme, an http: + loopback interface, nor having a "." (dot) character suggesting it is a reverse domain scheme? Best, *Filip* --00000000000081ae3005b58c6c9c Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
    Hello everyone,

    Both RFC = 8252 and OAuth 2.1 draft state that (paraphr= asing)

    Apps MUST use a URI scheme based on a domain name under their control= , expressed in reverse order, as recommended by Section 3.8 of [RFC7595] fo= r private-use URI schemes. e.g.=C2=A0com.example.app:/

    My question is, is the AS right t= o reject client registrations that do not follow this specific requirement,= to e.g. reject=C2=A0myapp:/oauth2/example-issuer on the acco= unt=C2=A0of it not being neither claimed https scheme, an http:=C2=A0+ loop= back interface, nor having a "." (dot) character suggesting it is= a reverse domain scheme?

    Best,
    Filip
    --00000000000081ae3005b58c6c9c-- From nobody Thu Dec 3 02:06:44 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DE1443A0E13 for ; Thu, 3 Dec 2020 02:06:42 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.099 X-Spam-Level: X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lodderstedt.net Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VFcm5KvjE5gl for ; Thu, 3 Dec 2020 02:06:41 -0800 (PST) Received: from mail-ej1-x631.google.com (mail-ej1-x631.google.com [IPv6:2a00:1450:4864:20::631]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D158B3A011B for ; Thu, 3 Dec 2020 02:06:40 -0800 (PST) Received: by mail-ej1-x631.google.com with SMTP id n26so2582648eju.6 for ; Thu, 03 Dec 2020 02:06:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lodderstedt.net; s=google; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=kLO8+46tAWVR5pH910Eaoso8EHxFm6uYSSorb57ZBdc=; b=vMCsrWOgeSsXwV3/akljUVvrMdOgOcqboy+4CXkwCRuABA8G7j5PgtmPRsM324D155 ZL2CROChrZwDxQJyvyDLF5cxtr7mpo2xhs70b9J2nw3yU47h5eK80V68P32DdCnV4LYB jH3TnhT4FZ4wjKf1Y5jZnmEUPDmTlqy6Lwtqumsnzu9eITLo7SQaN17KTkespDAuvYkH Zvo0y9r8XE2QNkLOq5lPuiV/P59noIRaWouJq6/nJGto7srf3C5J9yYgbAE9vsr+A9H/ EaA3MBMOMPiXMD/7PomXepjYrtXKGVUh1Pbd+I0FNwJymFzHvgW+Jz0ZM0A/u2dByXBQ Bp+w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=kLO8+46tAWVR5pH910Eaoso8EHxFm6uYSSorb57ZBdc=; b=Nat0ckglyJzGFVX+Udsc68Fptyz3zfZwTsb53ddqSwNQI63zfl1XLln29kbC9ImbMA tE8WwDSaNeLrhE0pbwIOTbT4e3nJcNJvVB3tbLiLs601dWPhya0cU03fWr5XltbRbaLa 3E5FBu+A6hzgdIy3y0sS5Viw9qmSf/zxfgky036nXXdhUVlA3ztrrFPuto8vdepzOD27 BMhqB6VjuRaoZ0nEo2hLtuUPIRjNZZKIeueb/96LNzTK9el1foO0llLbeXawuCe91pud AVuRrfZxHAghJ7cjC0Iwc3hB/ysFeWcnBKCwOsddAMs0oLX0j4Ayegr9kq1upybv+H15 Ufag== X-Gm-Message-State: AOAM531VGtgAOn3cmyizFzVLh5E9dGxSKi38nvyb5gG7Fzzj/deefLi0 RCedshG6Leq1eyeqrS2BQTVZk2WuiMrdYQ== X-Google-Smtp-Source: ABdhPJzM/Cz7+9PH25Y5xsofECHoRSFocpir6l5XeEXZn1AIJq5yzycPQZwvlN2RBR3dtRSiHgBPcw== X-Received: by 2002:a17:906:16da:: with SMTP id t26mr1767634ejd.478.1606989999027; Thu, 03 Dec 2020 02:06:39 -0800 (PST) Received: from [192.168.71.123] (p4fc08d1c.dip0.t-ipconnect.de. [79.192.141.28]) by smtp.gmail.com with ESMTPSA id u3sm471358eje.33.2020.12.03.02.06.38 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 03 Dec 2020 02:06:38 -0800 (PST) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.20.0.2.21\)) From: Torsten Lodderstedt In-Reply-To: Date: Thu, 3 Dec 2020 11:06:36 +0100 Cc: Brian Campbell , oauth Content-Transfer-Encoding: quoted-printable Message-Id: References: To: Filip Skokan X-Mailer: Apple Mail (2.3654.20.0.2.21) Archived-At: Subject: Re: [OAUTH-WG] PAR error for redirect URI? X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Dec 2020 10:06:43 -0000 > Am 03.12.2020 um 09:56 schrieb Filip Skokan : >=20 > There are several documents already mentioning "invalid_redirect_uri" = as an error code, specifically RFC7519 and OpenID Connect Dynamic Client = Registration 1.0. But these don't register it in the IANA OAuth = Extensions Error Registry, presumably because they're neither for the = authorization or token endpoints. >=20 > While I think it'd be great if we had this error code registered, I = also worry that its registration could confuse implementers to think = it's okay to return it from the authorization endpoint. I understand your concern. On the other hand, registering the error code = is in my opinion the proper way forward. The registration is scoped to a = usage location, should be pushed authorization endpoint then, and = RFC6749 gives clear guidance on how to treat errors related to the = redirect URI at the authorization endpoint.=20 "If the request fails due to a missing, invalid, or mismatching redirection URI, =E2=80=A6 authorization server ... MUST NOT = automatically redirect the user-agent to the invalid redirection URI." I think if an implementor ignores this, it will ignore any advise. best regards, Torsten.=20 >=20 > Best, > Filip >=20 >=20 > On Thu, 3 Dec 2020 at 00:29, Brian Campbell = wrote: > During the course of a recent OIDF FAPI WG discussion (the FAPI = profiles use PAR for authz requests) on this issue it was noted that = there's no specific error code for problems with the redirect_uri (the = example in = https://www.ietf.org/archive/id/draft-ietf-oauth-par-04.html#section-2.3 = even shows a general error code with mention of the redirect_uri not = being valid in the error description). Some folks on that call thought = it would be worthwhile to have a more specific error code for an invalid = redirect_uri and I reluctantly took an action item to raise the issue = here. At the time I'd forgotten that PAR had already passed WGLC. But = it's been sitting idle while awaiting the shepherd writeup since mid = September so it's maybe realistic to think the window for a small change = is still open. >=20 > Presumably nothing like an "invalid_redirect_uri" error code was = defined in RFC 6749 because that class of errors could not be returned = to the client via redirection. But the data flow in PAR would allow for = a "invalid_redirect_uri" so it's not an unreasonable thing to do.=20 >=20 > As I write this message, however, I'm not personally convinced that = it's worth making a change to PAR at this point. But I did say I'd bring = the question up in the WG list and I'm just trying to be true to my = word. So here it is. Please weigh in, if you have opinions on the = matter.=20 >=20 >=20 >=20 > CONFIDENTIALITY NOTICE: This email may contain confidential and = privileged material for the sole use of the intended recipient(s). Any = review, use, distribution or disclosure by others is strictly = prohibited. If you have received this communication in error, please = notify the sender immediately by e-mail and delete the message and any = file attachments from your computer. Thank = you._______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > = https://www.google.com/url?q=3Dhttps://www.ietf.org/mailman/listinfo/oauth= &source=3Dgmail-imap&ust=3D1607590629000000&usg=3DAOvVaw3aW1gdv4EEiLmNYzls= Jj-A From nobody Thu Dec 3 02:13:31 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8C7A93A0E26 for ; Thu, 3 Dec 2020 02:13:29 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.097 X-Spam-Level: X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qed3m4Mz0b92 for ; Thu, 3 Dec 2020 02:13:28 -0800 (PST) Received: from mail-yb1-xb2c.google.com (mail-yb1-xb2c.google.com [IPv6:2607:f8b0:4864:20::b2c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 117AD3A0E21 for ; Thu, 3 Dec 2020 02:13:28 -0800 (PST) Received: by mail-yb1-xb2c.google.com with SMTP id x17so1511875ybr.8 for ; Thu, 03 Dec 2020 02:13:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=oVEyQYAp0CV3vCKEfDluEdP9nlQtmcwBgiZ4GYM/IHs=; b=nP6SR2DNjgtjE/kx7r3oxQY45i1tY08fWDOvlRXg0gYHJnlaTDdXX/vRumsM3zAduO iJ5qHtPk84zP3bkMrIcp7JyR/D+2EUf73d+EFFfumHPOayORumyTsIfMuFNh850o93V2 qQD/DM5LGdnEAZpYqJuom4KGiluWKeyyzzfqwwMzT14CUsz2aYgHCC/Cczeh8edH3ll1 4gST1Molmf1boZX+fM77AwrzUikSu1k9lwh+3a+NwDlbSyLAQhkOvPHfXXmtddvbmNR0 vR0UnnfTMzYh9Ujlp+9NrlUHr3jck3hSqxJpYfSDDFaBlbDmAy5gZyY/kX6w1CVtJ4bH z7zw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=oVEyQYAp0CV3vCKEfDluEdP9nlQtmcwBgiZ4GYM/IHs=; b=WvcWd8+OBlpxA+fWBirGTOAp6s/OesIzCdM1ZD7ps0IZFLDa8tTDCvfohiJ60CI3fH oOgIddSr+Fk0jrADW6pVRBbE4jRhpYlAGwky3ugpP1qAP8Tljn9vKmz9wT5YDEWuZQPX /ZrkCmnCLAwM+hA4A60Iszqv0XlPGkLenen3Ep5P3YxitPxY/ft3nkB/eCHPJlaNZAu/ r1KGl+qv0Rd8nhbz72oU/tTTIRt7MKdXCLmMAqCWvKYVk/XVM6GP4+STbGWM4uw+WZPg muCCI4y6gnDgtZyVQlx1kyPTUmkDlVNs1pnS59EKwyygRJMxlKHSNkA0x+1axq9OlSoL X+Hg== X-Gm-Message-State: AOAM531Oiw/u1XZXP6jSF1iSYZeoNE+EM46qzGVeN9OCtuBpXS7Hzg1e OhpYR6lm5uJD94RzQ91YNVTVa1rMfCSy8g30vAWCP5/hvw== X-Google-Smtp-Source: ABdhPJyQaH+gCO/WM8rtUmzcGcG/Q9kQuuMH0axKLPC2dMVt/wgfMYdcxQZ0XLVwitPIFMNU003E9k5W7OxA/eAFkJo= X-Received: by 2002:a25:209:: with SMTP id 9mr3644730ybc.127.1606990406991; Thu, 03 Dec 2020 02:13:26 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: From: Filip Skokan Date: Thu, 3 Dec 2020 11:12:50 +0100 Message-ID: To: oauth Content-Type: multipart/alternative; boundary="0000000000005dc38805b58c9cdf" Archived-At: Subject: Re: [OAUTH-WG] OAuth 2.1 + OAuth 2.0 for Native Apps: Private-Use URI Scheme Redirection enforcement X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Dec 2020 10:13:30 -0000 --0000000000005dc38805b58c9cdf Content-Type: text/plain; charset="UTF-8" Please note that this simple validation (in combination with web application enforcing http(s) schemes) removes the need to implement and maintain a blocklist of potentially malicious schemes such as `javascript:/`, `vbscript:/`, and `data:/`. More details: https://security.lauritz-holtmann.de/post/sso-security-redirect-uri/ Best, *Filip* On Thu, 3 Dec 2020 at 10:59, Filip Skokan wrote: > Hello everyone, > > Both RFC 8252 and OAuth > 2.1 draft > > state that (paraphrasing) > > Apps MUST use a URI scheme based on a domain name under their control, >> expressed in reverse order, as recommended by Section 3.8 of [RFC7595] for >> private-use URI schemes. e.g. com.example.app:/ > > > My question is, is the AS right to reject client registrations that do not > follow this specific requirement, to e.g. reject myapp:/oauth2/example-issuer > on the account of it not being neither claimed https scheme, an http: + > loopback interface, nor having a "." (dot) character suggesting it is a > reverse domain scheme? > > Best, > *Filip* > --0000000000005dc38805b58c9cdf Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
    Please note that this simple validation (in combination wi= th web application enforcing http(s) schemes) removes the need to implement= and maintain a blocklist of potentially malicious schemes such as `javascr= ipt:/`, `vbscript:/`, and `data:/`.

    More details:=C2=A0<= a href=3D"https://security.lauritz-holtmann.de/post/sso-security-redirect-u= ri/" target=3D"_blank">https://security.lauritz-holtmann.de/post/sso-securi= ty-redirect-uri/

    Best,
    Filip


    On = Thu, 3 Dec 2020 at 10:59, Filip Skokan <panva.ip@gmail.com> wrote:
    Hello every= one,

    Both RFC 8252 and OAuth 2.1 draft state that (paraphrasing)

    Apps MUST use a URI scheme = based on a domain name under their control, expressed in reverse order, as = recommended by Section 3.8 of [RFC7595] for private-use URI schemes. e.g.= =C2=A0com.example.app:= /

    My question is, is the AS right to reject client registrations t= hat do not follow this specific requirement, to e.g. reject=C2=A0myapp:/oauth2/example-issuer on the account=C2=A0of it not being neithe= r claimed https scheme, an http:=C2=A0+ loopback interface, nor having a &q= uot;." (dot) character suggesting it is a reverse domain scheme?
    =
    Best,
    Filip
    --0000000000005dc38805b58c9cdf-- From nobody Thu Dec 3 02:17:10 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 509EB3A0E27 for ; Thu, 3 Dec 2020 02:17:09 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.097 X-Spam-Level: X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qTgtskVkUJIi for ; Thu, 3 Dec 2020 02:17:06 -0800 (PST) Received: from mail-yb1-xb2c.google.com (mail-yb1-xb2c.google.com [IPv6:2607:f8b0:4864:20::b2c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E5EFC3A0B95 for ; Thu, 3 Dec 2020 02:17:05 -0800 (PST) Received: by mail-yb1-xb2c.google.com with SMTP id g15so1526371ybq.6 for ; Thu, 03 Dec 2020 02:17:05 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=VxpWKglMKgTg3riMq0wgSV2uzjktNL4l6lnbZwLPCA8=; b=u24eblngJ0ukj7b0FNqV0o5raA/Po5IrhEZZEkZterLn/j0LA/TCSWcgRv6WRdsfu7 DYVHCmC0xRcb8er+1pXMPgAVkWq8bgUFnzc9mfgIPm3DFsvAaxTY/8J+7kMX2xbFvKG1 pxFgraNk5+68+h5FxdHZS0HwEqvYpUzW/zK4FE71b3L+VyuQ5VEc81Xv3v0bLJaiDDKe lbPn7Okj70C/i4rk/JPE9I8B0bZXtMyNi4YcRgJNqHGZHUwEp5xyrqX8QtMOp3xk637w +feEFy0vIHnI8QcRf77XAGw3D5o3Xi1gBMT5e6WrHiWCv4sWZWPC3aCe0I1an1apihrX Lj9Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=VxpWKglMKgTg3riMq0wgSV2uzjktNL4l6lnbZwLPCA8=; b=gacmpOlq8DQb0AVcqZwGIwPFyrgXH5cPYYf5uYdzYhz++VDXSjixPATS01lV9b3J3q FSurb06m+IzSKY2aWiEicfyjEuFWhTSUUWtcMorgOk0nRVBbqiUXrRBvyFe9ZcAtn491 6Jm7Ca+n5Kmf5RaoMSamRpo6vMYseuwDvMpdqOWFXSo85+IKJ5im5qdADxiYXay3zazx Cxdz+w93+GQzH8pHlbvE4sxv/jkwc2jQxsBQR1msFLEjEBG+5WawpUkm/1jJFCz7K4RD fPTfml0hifZo/nfYA7MP3EKJROp4JzgxslYqK2EuDfUoLXkxa59RHeSwIyH7GPaz9bM+ dvMg== X-Gm-Message-State: AOAM531aDHJlJ1/I5hVh8YyB6YUmbE4xjxbjc/ziIj8AZ0slu1E3qVDg yvSuu2uTGks3gmywLJGuahBVaqB7xhxRbXYkJw== X-Google-Smtp-Source: ABdhPJxAODK4ebJzFLIDarl8+Rq57e4tw3Yq6PueWSR/H0Sy19QeiE06Fkj8OVghcqxu9kIFtLSNX01MrJj3W1BZ/og= X-Received: by 2002:a25:2e4e:: with SMTP id b14mr3502035ybn.259.1606990625139; Thu, 03 Dec 2020 02:17:05 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: From: Filip Skokan Date: Thu, 3 Dec 2020 11:16:29 +0100 Message-ID: To: Torsten Lodderstedt Cc: Brian Campbell , oauth Content-Type: multipart/alternative; boundary="0000000000005e6fa105b58ca936" Archived-At: Subject: Re: [OAUTH-WG] PAR error for redirect URI? X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Dec 2020 10:17:09 -0000 --0000000000005e6fa105b58ca936 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable To be clear, I'm not advocating to skip the registration, just wanted to mention a potential concern. If the process allows it and it will not introduce more delay to publication, I think we should go ahead and register the error code. Best, *Filip* On Thu, 3 Dec 2020 at 11:06, Torsten Lodderstedt wrote: > > > > Am 03.12.2020 um 09:56 schrieb Filip Skokan : > > > > There are several documents already mentioning "invalid_redirect_uri" a= s > an error code, specifically RFC7519 and OpenID Connect Dynamic Client > Registration 1.0. But these don't register it in the IANA OAuth Extension= s > Error Registry, presumably because they're neither for the authorization = or > token endpoints. > > > > While I think it'd be great if we had this error code registered, I als= o > worry that its registration could confuse implementers to think it's okay > to return it from the authorization endpoint. > > I understand your concern. On the other hand, registering the error code > is in my opinion the proper way forward. The registration is scoped to a > usage location, should be pushed authorization endpoint then, and RFC6749 > gives clear guidance on how to treat errors related to the redirect URI a= t > the authorization endpoint. > > "If the request fails due to a missing, invalid, or mismatching > redirection URI, =E2=80=A6 authorization server ... MUST NOT automatic= ally > redirect the user-agent to the > invalid redirection URI." > > I think if an implementor ignores this, it will ignore any advise. > > best regards, > Torsten. > > > > > Best, > > Filip > > > > > > On Thu, 3 Dec 2020 at 00:29, Brian Campbell 40pingidentity.com@dmarc.ietf.org> wrote: > > During the course of a recent OIDF FAPI WG discussion (the FAPI profile= s > use PAR for authz requests) on this issue it was noted that there's no > specific error code for problems with the redirect_uri (the example in > https://www.ietf.org/archive/id/draft-ietf-oauth-par-04.html#section-2.3 > even shows a general error code with mention of the redirect_uri not bein= g > valid in the error description). Some folks on that call thought it would > be worthwhile to have a more specific error code for an invalid > redirect_uri and I reluctantly took an action item to raise the issue her= e. > At the time I'd forgotten that PAR had already passed WGLC. But it's been > sitting idle while awaiting the shepherd writeup since mid September so > it's maybe realistic to think the window for a small change is still open= . > > > > Presumably nothing like an "invalid_redirect_uri" error code was define= d > in RFC 6749 because that class of errors could not be returned to the > client via redirection. But the data flow in PAR would allow for a > "invalid_redirect_uri" so it's not an unreasonable thing to do. > > > > As I write this message, however, I'm not personally convinced that it'= s > worth making a change to PAR at this point. But I did say I'd bring the > question up in the WG list and I'm just trying to be true to my word. So > here it is. Please weigh in, if you have opinions on the matter. > > > > > > > > CONFIDENTIALITY NOTICE: This email may contain confidential and > privileged material for the sole use of the intended recipient(s). Any > review, use, distribution or disclosure by others is strictly prohibited. > If you have received this communication in error, please notify the sende= r > immediately by e-mail and delete the message and any file attachments fro= m > your computer. Thank you._______________________________________________ > > OAuth mailing list > > OAuth@ietf.org > > https://www.ietf.org/mailman/listinfo/oauth > > _______________________________________________ > > OAuth mailing list > > OAuth@ietf.org > > > https://www.google.com/url?q=3Dhttps://www.ietf.org/mailman/listinfo/oaut= h&source=3Dgmail-imap&ust=3D1607590629000000&usg=3DAOvVaw3aW1gdv4EEiLmNYzls= Jj-A > > --0000000000005e6fa105b58ca936 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
    To be clear, I'm not advocating to skip the registrati= on, just wanted to mention a potential concern. If the process allows it an= d it will not introduce more delay to publication, I think we should go ahe= ad and register the error code.

    Best,
    F= ilip


    On Thu, 3 Dec 2020 at 11:06, Torsten Lodderst= edt <torsten@lodderstedt.net<= /a>> wrote:
    <= br>
    > Am 03.12.2020 um 09:56 schrieb Filip Skokan <    panva.ip@gmail.com>:
    >
    > There are several documents already mentioning "invalid_redirect_= uri" as an error code, specifically RFC7519 and OpenID Connect Dynamic= Client Registration 1.0. But these don't register it in the IANA OAuth= Extensions Error Registry, presumably because they're neither for the = authorization or token endpoints.
    >
    > While I think it'd be great if we had this error code registered, = I also worry that its registration could confuse implementers to think it&#= 39;s okay to return it from the authorization endpoint.

    I understand your concern. On the other hand, registering the error code is= in my opinion the proper way forward. The registration is scoped to a usag= e location, should be pushed authorization endpoint then, and RFC6749 gives= clear guidance on how to treat errors related to the redirect URI at the a= uthorization endpoint.

    "If the request fails due to a missing, invalid, or mismatching
    =C2=A0 =C2=A0redirection URI, =E2=80=A6 authorization server ... MUST NOT a= utomatically redirect the user-agent to the
    =C2=A0 =C2=A0invalid redirection URI."

    I think if an implementor ignores this, it will ignore any advise.

    best regards,
    Torsten.

    >
    > Best,
    > Filip
    >
    >
    > On Thu, 3 Dec 2020 at 00:29, Brian Campbell <bcampbell=3D40pingidentity= .com@dmarc.ietf.org> wrote:
    > During the course of a recent OIDF FAPI WG discussion (the FAPI profil= es use PAR for authz requests) on this issue it was noted that there's = no specific error code for problems with the redirect_uri (the example in <= a href=3D"https://www.ietf.org/archive/id/draft-ietf-oauth-par-04.html#sect= ion-2.3" rel=3D"noreferrer" target=3D"_blank">https://www.ietf.org/archive/= id/draft-ietf-oauth-par-04.html#section-2.3 even shows a general error = code with mention of the redirect_uri not being valid in the error descript= ion). Some folks on that call thought it would be worthwhile to have a more= specific error code for an invalid redirect_uri and I reluctantly took an = action item to raise the issue here. At the time I'd forgotten that PAR= had already passed WGLC. But it's been sitting idle while awaiting the= shepherd writeup since mid September so it's maybe realistic to think = the window for a small change is still open.
    >
    > Presumably nothing like an "invalid_redirect_uri" error code= was defined in RFC 6749 because that class of errors could not be returned= to the client via redirection. But the data flow in PAR would allow for a = "invalid_redirect_uri" so it's not an unreasonable thing to d= o.
    >
    > As I write this message, however, I'm not personally convinced tha= t it's worth making a change to PAR at this point. But I did say I'= d bring the question up in the WG list and I'm just trying to be true t= o my word. So here it is. Please weigh in, if you have opinions on the matt= er.
    >
    >
    >
    > CONFIDENTIALITY NOTICE: This email may contain confidential and privil= eged material for the sole use of the intended recipient(s). Any review, us= e, distribution or disclosure by others is strictly prohibited.=C2=A0 If yo= u have received this communication in error, please notify the sender immed= iately by e-mail and delete the message and any file attachments from your = computer. Thank you._______________________________________________
    > OAuth mailing list
    > OAuth@ietf.org=
    > https://www.ietf.org/mailman/listinfo/oauth
    > _______________________________________________
    > OAuth mailing list
    > OAuth@ietf.org=
    > https= ://www.google.com/url?q=3Dhttps://www.ietf.org/mailman/listinfo/oauth&s= ource=3Dgmail-imap&ust=3D1607590629000000&usg=3DAOvVaw3aW1gdv4EEiLm= NYzlsJj-A

    --0000000000005e6fa105b58ca936-- From nobody Thu Dec 3 03:00:23 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3EA843A0EA4 for ; Thu, 3 Dec 2020 03:00:22 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.098 X-Spam-Level: X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=forgerock.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Tm50o7YUCRVX for ; Thu, 3 Dec 2020 03:00:19 -0800 (PST) Received: from mail-ed1-x530.google.com (mail-ed1-x530.google.com [IPv6:2a00:1450:4864:20::530]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9898A3A0E96 for ; Thu, 3 Dec 2020 03:00:18 -0800 (PST) Received: by mail-ed1-x530.google.com with SMTP id q16so1596758edv.10 for ; Thu, 03 Dec 2020 03:00:18 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=forgerock.com; s=google; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=q6SBf8yyX3qOtL6vgp51qdInILXkrTqs0pAJkl3jXts=; b=JMVHdD8IgoR+v5ixsYqflnfnBXma0/Ze79/0dtNhCtmWXN7I85SyJ75lyju6eVLBXC kuXiYupqXEJM26qGAkwXWt24pOj6fycaFk1pwr9YdB7R/g8374TcxAIeV2FpR0V5s6y9 bq6vgHvIpoqgA6p0G4tNpDEIWOxbbEjY+YpN8= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=q6SBf8yyX3qOtL6vgp51qdInILXkrTqs0pAJkl3jXts=; b=gW7iWJFTqgCIudt0pDDsHAJCfRkYqMSz5tTq0ptkYUpbq+D3AdwKe2kBc534vDLBbJ FKIFLt42o0TQVaJ7cqPtzuun1fcBh8QfgN61RSdoYcifsub8hgxv2C9A1IY9zeXQOgav c/BA5qdvWp9kGCsN76KsOkoLJYyVm7YTEEwPnenDMl7nfYhxuvRDnqyZ7pxz4b9zQpk/ kL419+7ME9eGcU6nmSpibVSPrGY4ydPOxNzaS8wwICCXJqQVtE0ZbtLnnNkpQQgmyjAt iNaQ+BAVgNLdVtRLNAZcpEoVvrMDJ4FmD/UZq1qBcMCXsF8NP8KrigvppMktLuDqmGa/ 9gmA== X-Gm-Message-State: AOAM532izKoAdujyiHnmoJWKXHtHWlZzyLkTG5tv4EdtT4uPwjKoaqon kBnhsG0qYZkvhqPJwxi2NYLgjDDIxhWlmvdd+gFMkLcKDcbpZiNBNiY8wFZZHLNs0hF+B2e1Qg= = X-Google-Smtp-Source: ABdhPJydxm6v0HAfPY/kjPaMsSeLaq1zYUj5qhn44F3a5ZB7LfbtxtZH+K6R8GZTYxwyf5p1RQOqhA== X-Received: by 2002:a05:6402:31a5:: with SMTP id dj5mr2224009edb.325.1606993216451; Thu, 03 Dec 2020 03:00:16 -0800 (PST) Received: from [10.0.0.4] ([213.31.218.193]) by smtp.gmail.com with ESMTPSA id l19sm895968edq.14.2020.12.03.03.00.15 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 03 Dec 2020 03:00:15 -0800 (PST) From: Neil Madden Message-Id: <2A107633-F0AC-439C-9783-57DA38E1B04F@forgerock.com> Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.1\)) Date: Thu, 3 Dec 2020 11:00:14 +0000 In-Reply-To: Cc: oauth To: Brian Campbell References: X-Mailer: Apple Mail (2.3608.120.23.2.1) Content-Type: multipart/alternative; boundary="Apple-Mail=_5CEB17FB-DE90-4C8F-8C19-3F6E1385683C" Archived-At: Subject: Re: [OAUTH-WG] DPoP followup II: confirmation style X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Dec 2020 11:00:22 -0000 --Apple-Mail=_5CEB17FB-DE90-4C8F-8C19-3F6E1385683C Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="UTF-8" Strongly in favour of 2. I think history shows that successful standards make security checks hard t= o get wrong rather than merely easy to get right. =E2=80=94 Neil > On 2 Dec 2020, at 22:28, Brian Campbell wrote: >=20 > There were a few items discussed somewhat during the recent interim that = I committed to bringing back to the list. The slide below (also available w= ith some typos and omitted words as slide #18 from the interim presentation= ) is the second one. To summariz= e (by basically repeating the content of the slide): It=E2=80=99s been sugg= ested that, for resource access, having the JWK in the header of the DPoP p= roof JWT makes it too easy to just use that key to validate the signature a= nd miss checking the binding to the AT=E2=80=99s cnf/jkt hash, which underm= ines the value of doing the binding in the first place. As I see it, there = are two options here and I'd like to gauge WG consensus on which to move fo= rward with.=20 > It=E2=80=99s fine as is (AS/RS symmetry is nice, it's the same way confir= mation works in MTLS/TB, and the binding check is kinda fundamental to the = whole thing so it's not unreasonable to expect implementers to do it) > For resource access, put the full JWK in the AT=E2=80=99s confirmation an= d omit it from the proof (less error prone, no hash function needed for con= firmation, somewhat less data overall between the two artifacts) >=20 >=20 > >=20 >=20 >=20 >=20 > CONFIDENTIALITY NOTICE: This email may contain confidential and privilege= d material for the sole use of the intended recipient(s). Any review, use, = distribution or disclosure by others is strictly prohibited. If you have r= eceived this communication in error, please notify the sender immediately b= y e-mail and delete the message and any file attachments from your computer= . Thank you._______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth --=20 ForgeRock values your Privacy --Apple-Mail=_5CEB17FB-DE90-4C8F-8C19-3F6E1385683C Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset="UTF-8" Strongly in favour of 2.
    I think history shows th= at successful standards make security checks hard to get wrong rather than = merely easy to get right.

    =E2=80=94 Neil

    On= 2 Dec 2020, at 22:28, Brian Campbell <bcampbell=3D40pingidentity.com@d= marc.ietf.org> wrote:

    <= div class=3D"">
    There were a few= items discussed somewhat during the recent interim that I committed to bringing back to the list. The slid= e below (also available with some typos and omitted words as slide #18 from= the interim presentation) is the second one. To summarize (by b= asically repeating the content of the slide): It=E2=80=99s been suggested t= hat, for resource access, having the JWK in the header of the DPoP proof JW= T makes it too easy to just use that key to validate the signature and miss= checking the binding to the AT=E2=80=99s cnf/jkt hash, which undermines th= e value of doing the binding in the first place. As I see it, there are two= options here and I'd like to gauge WG consensus on which to move forward w= ith.
    1. It= =E2=80=99s fine as is (AS/RS symmetry is nice, it's the same way confirmati= on works in MTLS/TB, and the binding check is kinda fundamental to the whol= e thing so it's not unreasonable to expect implementers to do it)
    2. For resource access, put the full JWK in the AT=E2=80=99s confirm= ation and omit it from the proof (less error prone, no hash function needed= for confirmation, somewhat less data overall between the two artifacts)


    <Slide18.jpg>




    CONFIDENTIALITY NOTICE: = This email may contain confidential and privileged material for the sole us= e of the intended recipient(s). Any review, use, distribution or disclosure= by others is strictly prohibited.  If you have received this communic= ation in error, please notify the sender immediately by e-mail and delete t= he message and any file attachments from your computer. Thank you._______________________________________________
    OAut= h mailing list
    O= Auth@ietf.org
    https://www.ietf.org/mailman/listinfo/oauth=


    ForgeRock values your Privacy --Apple-Mail=_5CEB17FB-DE90-4C8F-8C19-3F6E1385683C-- From nobody Thu Dec 3 03:03:24 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 022213A003E for ; Thu, 3 Dec 2020 03:03:23 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.098 X-Spam-Level: X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=forgerock.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZImE2dBGZVz6 for ; Thu, 3 Dec 2020 03:03:21 -0800 (PST) Received: from mail-ed1-x535.google.com (mail-ed1-x535.google.com [IPv6:2a00:1450:4864:20::535]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 215B93A0062 for ; Thu, 3 Dec 2020 03:03:20 -0800 (PST) Received: by mail-ed1-x535.google.com with SMTP id d18so1618949edt.7 for ; Thu, 03 Dec 2020 03:03:20 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=forgerock.com; s=google; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=FnrBdrJbc/sTiMV+o9hnqSeJEh+KoWtYqn/BBmrupLk=; b=boXfo0N37RcAO5hUb4re8ZQwOlxo+rH5lqPo5xFKdl5XVSRKC1QJJEQU6sDKFjRaKI SfJwGVSoHo2UXuzPS9f8/802bjRvq1LO/qSH2uJrAB8R8V3HOVnhN61QpqRp5+P+b/1r O6S2Wr+jpLw428bRcyMTKEMFmFdCjb/1OpIH0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=FnrBdrJbc/sTiMV+o9hnqSeJEh+KoWtYqn/BBmrupLk=; b=R+6vYP+KYBBz4GeeW3nZ74fJjlKZTKAaNkGQKhFP1lK1bdNN+yOsLMS+JxcqWc2u98 CuxlZvcrzJTjgfuD7xlO076TuvuSk/HfQye7x/7zAuo5NcXy6kZqYpy9674/XVcQNtjt /mcVsELqJrmBqkq6Jdz5wuDG5CQEXSbG6vY2NORLGkXI52y2s5m+ljij3bcLXuphhRsw tDbeGY1QZYYN8pIrYyLahH+gbDuAoZH0HtOoiv2BnPYBTp/Km1favNSCSi3azkFh899P lD6evv5cddcfqy9BV5YaVskpj7g10j4jpT4UaqyV7Xdw0zSFkEFEqxicpdoP3LrNAOC4 TtUw== X-Gm-Message-State: AOAM531cICihN4R78/b2icQs4hJL3JRfxTlO7aE4Cj+94FTMXd1AkWsJ 9J4B3hGg/j12MmQ9ncp+W/EgUlzu4rMADp0DIulwG8QaczO9IXoigCIqnHjZaGNogrRGRkqAXY7 XvDpPDw== X-Google-Smtp-Source: ABdhPJzXyZWM1kEP2SLAOSsXjoaZ3BX8Htd/Uo27mTstqfw/oCMqaTUQzS44xl3g9VJiyoLBJIgEOA== X-Received: by 2002:a50:875b:: with SMTP id 27mr2358188edv.24.1606993399344; Thu, 03 Dec 2020 03:03:19 -0800 (PST) Received: from [10.0.0.4] ([213.31.218.193]) by smtp.gmail.com with ESMTPSA id qu21sm573218ejb.95.2020.12.03.03.03.16 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 03 Dec 2020 03:03:18 -0800 (PST) From: Neil Madden Message-Id: Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.1\)) Date: Thu, 3 Dec 2020 11:03:14 +0000 In-Reply-To: Cc: oauth To: Brian Campbell References: X-Mailer: Apple Mail (2.3608.120.23.2.1) Content-Type: multipart/alternative; boundary="Apple-Mail=_7DE1598E-51C3-4ABC-B444-94D5D7B81B41" Archived-At: Subject: Re: [OAUTH-WG] DPoP followup III: client auth X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Dec 2020 11:03:23 -0000 --Apple-Mail=_7DE1598E-51C3-4ABC-B444-94D5D7B81B41 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="ISO-8859-1" I like the last option :-) > On 2 Dec 2020, at 22:29, Brian Campbell wrote: >=20 > There were a few items discussed somewhat during the recent interim that = I committed to bringing back to the list. The slide below (also available w= ith a few extra spelling errors as slide #19 from the interim presentation = ) is the last of them. >=20 > To summarize, I'm wondering if there's WG interest in working to formaliz= e a client-to-AS authentication mechanism based on DPoP. I think it potenti= ally would be problematic to put into the current document (for a number of= reasons) so am preemptively ruling out that option. Thus, basically, I'm a= sking the WG if there is some/much interest in the idea? In which case I'll= find some time (at some point) to write up an I-D for it and bring that ba= ck to the group for consideration. Or if I should, as the slide says, "shut= up and never speak of this again"? >=20 > >=20 >=20 > CONFIDENTIALITY NOTICE: This email may contain confidential and privilege= d material for the sole use of the intended recipient(s). Any review, use, = distribution or disclosure by others is strictly prohibited. If you have r= eceived this communication in error, please notify the sender immediately b= y e-mail and delete the message and any file attachments from your computer= . Thank you._______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth --=20 ForgeRock values your Privacy --Apple-Mail=_7DE1598E-51C3-4ABC-B444-94D5D7B81B41 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset="ISO-8859-1" I like the last option = :-)

    On= 2 Dec 2020, at 22:29, Brian Campbell <bcampbell=3D40pingidentity.com@d= marc.ietf.org> wrote:

    <= div class=3D"">
    There were a few= items discussed somewhat during the recent interim that I committed to bringing back to the list. The slid= e below (also available with a few extra spelling errors as slide #19 from = the interim presentation) is the last of them.

    To summarize, I'm wondering if t= here's WG interest in working to formalize a client-to-AS authentication me= chanism based on DPoP. I think it potentially would be problematic to put i= nto the current document (for a number of reasons) so am preemptively rulin= g out that option. Thus, basically, I'm asking the WG if there is some/much= interest in the idea? In which case I'll find some time (at some point) to= write up an I-D for it and bring that back to the group for consideration.= Or if I should, as the slide says, "shut up and never speak of this again"= ?

    <Slide19.jpeg>


    CONFIDENTIALITY NOTICE: = This email may contain confidential and privileged material for the sole us= e of the intended recipient(s). Any review, use, distribution or disclosure= by others is strictly prohibited.  If you have received this communic= ation in error, please notify the sender immediately by e-mail and delete t= he message and any file attachments from your computer. Thank you._______________________________________________
    OAut= h mailing list
    O= Auth@ietf.org
    https://www.ietf.org/mailman/listinfo/oauth=


    ForgeRock values your Privacy --Apple-Mail=_7DE1598E-51C3-4ABC-B444-94D5D7B81B41-- From nobody Thu Dec 3 03:49:31 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7B0573A07B3 for ; Thu, 3 Dec 2020 03:49:29 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.097 X-Spam-Level: X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A4HiOBFCU6Zj for ; Thu, 3 Dec 2020 03:49:27 -0800 (PST) Received: from mail-lf1-x135.google.com (mail-lf1-x135.google.com [IPv6:2a00:1450:4864:20::135]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1C2873A0769 for ; Thu, 3 Dec 2020 03:49:27 -0800 (PST) Received: by mail-lf1-x135.google.com with SMTP id u18so2260469lfd.9 for ; Thu, 03 Dec 2020 03:49:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=aEmswWxW8lZW9BgkupyraOZtjFRYupq1YMH/JQgEghQ=; b=aHzmP47CJpCbRHfXrqZpwP2TL/Tss3yBVliV9zV0bgggGp2GIXdeQDQyMn8ds/lf30 lhIAlJdWfH+YoOQxGuMxHoy47lJ0HITQp0gdcWhZiZyG5pPPamKpMhhRKJ2NnnStbjSL WZkwKu51Lg+HJSkwKnRpopUfRQXWCLiwg7DmzAja0m3N2tSqmeMtCrmWzMbAMB4hg/Rb UPHrxp2C3gwO5Kbu+O1/qT8FZBq2zX5/NJNODHruc36KzVXPI8hdZ0bmLNM+6ptdfBrx NCS7awGP/XqCa/B/N/rmUnpqkgDnXFrAoEPe4AIl0dVIqiYdNXh2PCbSBty45AQxPvIb aD7A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=aEmswWxW8lZW9BgkupyraOZtjFRYupq1YMH/JQgEghQ=; b=WAhtccv4cpHSrYQxvtW1QDoOvdGNQ353K6YS76tpD/oCm+1i/lscoIa7N9GvnvufKM 63W8MkCFVH7QOODAPPcJTkjqPY8pAPHA/Cq9Nux9UyD4+7KJsXQbZ5b7OTc3mOF5LIx6 HsW6l8Rc7jxyF47D2Ek3znHZbiMsk3bcmB850IJErITBUE+xSBbM9ypBv3BObfaxziGZ qdeIQTmNcZttFFzYTMTR0YMWJrMkFXv8quxby2Fa2b8Cy0EfcUxYM6yjNxm1Y8PRgoBW Oy4PprYszQr7kCZfx5OBFFvvB8vwYwVyHuiFlfNhjQ0ELRHWZCy2vphqIanjJNSuvJB0 CZLQ== X-Gm-Message-State: AOAM531yvcEHK2Q2hF8WeRdOs1hNKouLoJkdG4O8bBBNaHtZa7EoXs6h s38hikC9r6gce8IVKOQVUGwHLBsYZUnTf4cdL7M= X-Google-Smtp-Source: ABdhPJy0nxgNEMA3qX8g18kEXTW+lHwoTmkDX4pdCwsitNXJF6YIG6/zdpky/6ASCgphJIZ6X9HkkZq90U0fuf0ObYI= X-Received: by 2002:a19:8405:: with SMTP id g5mr1193434lfd.360.1606996165193; Thu, 03 Dec 2020 03:49:25 -0800 (PST) MIME-Version: 1.0 Received: by 2002:a19:4c5:0:0:0:0:0 with HTTP; Thu, 3 Dec 2020 03:49:24 -0800 (PST) In-Reply-To: References: From: Rifaat Shekh-Yusef Date: Thu, 3 Dec 2020 06:49:24 -0500 Message-ID: To: Filip Skokan Cc: Torsten Lodderstedt , Brian Campbell , oauth Content-Type: multipart/alternative; boundary="00000000000094f3d105b58df3b7" Archived-At: Subject: [OAUTH-WG] PAR error for redirect URI? X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Dec 2020 11:49:30 -0000 --00000000000094f3d105b58df3b7 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Torsten, Filip, You can absolutely make this change, as we are still very early in the process. So feel free to continue this effort and try to get WG agreement on this, and update the document as needed. Regards, Rifaat On Thursday, December 3, 2020, Filip Skokan wrote: > To be clear, I'm not advocating to skip the registration, just wanted to > mention a potential concern. If the process allows it and it will not > introduce more delay to publication, I think we should go ahead and > register the error code. > > Best, > *Filip* > > > On Thu, 3 Dec 2020 at 11:06, Torsten Lodderstedt > wrote: > >> >> >> > Am 03.12.2020 um 09:56 schrieb Filip Skokan : >> > >> > There are several documents already mentioning "invalid_redirect_uri" >> as an error code, specifically RFC7519 and OpenID Connect Dynamic Client >> Registration 1.0. But these don't register it in the IANA OAuth Extensio= ns >> Error Registry, presumably because they're neither for the authorization= or >> token endpoints. >> > >> > While I think it'd be great if we had this error code registered, I >> also worry that its registration could confuse implementers to think it'= s >> okay to return it from the authorization endpoint. >> >> I understand your concern. On the other hand, registering the error code >> is in my opinion the proper way forward. The registration is scoped to a >> usage location, should be pushed authorization endpoint then, and RFC674= 9 >> gives clear guidance on how to treat errors related to the redirect URI = at >> the authorization endpoint. >> >> "If the request fails due to a missing, invalid, or mismatching >> redirection URI, =E2=80=A6 authorization server ... MUST NOT automati= cally >> redirect the user-agent to the >> invalid redirection URI." >> >> I think if an implementor ignores this, it will ignore any advise. >> >> best regards, >> Torsten. >> >> > >> > Best, >> > Filip >> > >> > >> > On Thu, 3 Dec 2020 at 00:29, Brian Campbell > 40pingidentity.com@dmarc.ietf.org> wrote: >> > During the course of a recent OIDF FAPI WG discussion (the FAPI >> profiles use PAR for authz requests) on this issue it was noted that >> there's no specific error code for problems with the redirect_uri (the >> example in https://www.ietf.org/archive/id/draft-ietf-oauth-par-04.html >> #section-2.3 even shows a general error code with mention of the >> redirect_uri not being valid in the error description). Some folks on th= at >> call thought it would be worthwhile to have a more specific error code f= or >> an invalid redirect_uri and I reluctantly took an action item to raise t= he >> issue here. At the time I'd forgotten that PAR had already passed WGLC. = But >> it's been sitting idle while awaiting the shepherd writeup since mid >> September so it's maybe realistic to think the window for a small change= is >> still open. >> > >> > Presumably nothing like an "invalid_redirect_uri" error code was >> defined in RFC 6749 because that class of errors could not be returned t= o >> the client via redirection. But the data flow in PAR would allow for a >> "invalid_redirect_uri" so it's not an unreasonable thing to do. >> > >> > As I write this message, however, I'm not personally convinced that >> it's worth making a change to PAR at this point. But I did say I'd bring >> the question up in the WG list and I'm just trying to be true to my word= . >> So here it is. Please weigh in, if you have opinions on the matter. >> > >> > >> > >> > CONFIDENTIALITY NOTICE: This email may contain confidential and >> privileged material for the sole use of the intended recipient(s). Any >> review, use, distribution or disclosure by others is strictly prohibited= . >> If you have received this communication in error, please notify the send= er >> immediately by e-mail and delete the message and any file attachments fr= om >> your computer. Thank you._______________________________________________ >> > OAuth mailing list >> > OAuth@ietf.org >> > https://www.ietf.org/mailman/listinfo/oauth >> > _______________________________________________ >> > OAuth mailing list >> > OAuth@ietf.org >> > https://www.google.com/url?q=3Dhttps://www.ietf.org/mailman/li >> stinfo/oauth&source=3Dgmail-imap&ust=3D1607590629000000&usg=3DAOvV >> aw3aW1gdv4EEiLmNYzlsJj-A >> >> --00000000000094f3d105b58df3b7 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Torsten, Filip,

    You can absolutely make this change, as = we are still very early in the process.=C2=A0
    So feel free to con= tinue this effort and try to get WG agreement on this, and update the docum= ent as needed.=C2=A0

    Regards,
    =C2=A0Rifa= at


    On Thursday, December 3, 2020, Filip Skokan= <panva.ip@gmail= .com> wrote:
    To b= e clear, I'm not advocating to skip the registration, just wanted to me= ntion a potential concern. If the process allows it and it will not introdu= ce more delay to publication, I think we should go ahead and register the e= rror code.

    Best,
    Filip


    On Thu, 3 Dec 202= 0 at 11:06, Torsten Lodderstedt <torsten@lodderstedt.net> wrote:


    > Am 03.12.2020 um 09:56 schrieb Filip Skokan <panva.ip@gmail.com>:
    >
    > There are several documents already mentioning "invalid_redirect_= uri" as an error code, specifically RFC7519 and OpenID Connect Dynamic= Client Registration 1.0. But these don't register it in the IANA OAuth= Extensions Error Registry, presumably because they're neither for the = authorization or token endpoints.
    >
    > While I think it'd be great if we had this error code registered, = I also worry that its registration could confuse implementers to think it&#= 39;s okay to return it from the authorization endpoint.

    I understand your concern. On the other hand, registering the error code is= in my opinion the proper way forward. The registration is scoped to a usag= e location, should be pushed authorization endpoint then, and RFC6749 gives= clear guidance on how to treat errors related to the redirect URI at the a= uthorization endpoint.

    "If the request fails due to a missing, invalid, or mismatching
    =C2=A0 =C2=A0redirection URI, =E2=80=A6 authorization server ... MUST NOT a= utomatically redirect the user-agent to the
    =C2=A0 =C2=A0invalid redirection URI."

    I think if an implementor ignores this, it will ignore any advise.

    best regards,
    Torsten.

    >
    > Best,
    > Filip
    >
    >
    > On Thu, 3 Dec 2020 at 00:29, Brian Campbell <bcampbell=3D40pingidentity= .com@dmarc.ietf.org> wrote:
    > During the course of a recent OIDF FAPI WG discussion (the FAPI profil= es use PAR for authz requests) on this issue it was noted that there's = no specific error code for problems with the redirect_uri (the example in <= a href=3D"https://www.ietf.org/archive/id/draft-ietf-oauth-par-04.html#sect= ion-2.3" rel=3D"noreferrer" target=3D"_blank">https://www.ietf.org/archive/= id/draft-ietf-oauth-par-04.html#section-2.3 even shows a gene= ral error code with mention of the redirect_uri not being valid in the erro= r description). Some folks on that call thought it would be worthwhile to h= ave a more specific error code for an invalid redirect_uri and I reluctantl= y took an action item to raise the issue here. At the time I'd forgotte= n that PAR had already passed WGLC. But it's been sitting idle while aw= aiting the shepherd writeup since mid September so it's maybe realistic= to think the window for a small change is still open.
    >
    > Presumably nothing like an "invalid_redirect_uri" error code= was defined in RFC 6749 because that class of errors could not be returned= to the client via redirection. But the data flow in PAR would allow for a = "invalid_redirect_uri" so it's not an unreasonable thing to d= o.
    >
    > As I write this message, however, I'm not personally convinced tha= t it's worth making a change to PAR at this point. But I did say I'= d bring the question up in the WG list and I'm just trying to be true t= o my word. So here it is. Please weigh in, if you have opinions on the matt= er.
    >
    >
    >
    > CONFIDENTIALITY NOTICE: This email may contain confidential and privil= eged material for the sole use of the intended recipient(s). Any review, us= e, distribution or disclosure by others is strictly prohibited.=C2=A0 If yo= u have received this communication in error, please notify the sender immed= iately by e-mail and delete the message and any file attachments from your = computer. Thank you._______________________________________________ > OAuth mailing list
    > OAuth@ietf.org=
    > https://www.ietf.org/mailman/listinfo/oauth=
    > _______________________________________________
    > OAuth mailing list
    > OAuth@ietf.org=
    > https= ://www.google.com/url?q=3Dhttps://www.ietf.org/mailman/listinfo/o= auth&source=3Dgmail-imap&ust=3D1607590629000000&usg=3DAOvV= aw3aW1gdv4EEiLmNYzlsJj-A

    --00000000000094f3d105b58df3b7-- From nobody Thu Dec 3 03:59:30 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5166A3A07B3 for ; Thu, 3 Dec 2020 03:59:29 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.099 X-Spam-Level: X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lodderstedt.net Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yLL-0HSF7bXY for ; Thu, 3 Dec 2020 03:59:26 -0800 (PST) Received: from mail-ej1-x633.google.com (mail-ej1-x633.google.com [IPv6:2a00:1450:4864:20::633]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 960D53A0779 for ; Thu, 3 Dec 2020 03:59:26 -0800 (PST) Received: by mail-ej1-x633.google.com with SMTP id g20so3103890ejb.1 for ; Thu, 03 Dec 2020 03:59:26 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lodderstedt.net; s=google; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=WpMvMQ6fR82mAT9cK3ebvQcsoAFkzwqkQA9JJkDQY1I=; b=GCVgLWu2lR+2ot5SgK1sH6p02K9/E+k+8biBlK7UzAaL/MlTlV/fK+8vqlTMqMXRbF Fhz9bf43h8HSbzYJcdw3XovFj7ZFhOUHY1j7zl5fUCgVYRnQe4XTYBUjWFpQ5qRhKbyu z5gstwHyRzWi0jLcmc7NAL65Ryby3Z4YzIPtz0Nv0JTVuAWa7ZgM5uSY8hQEsQO3MOl2 4HLP/1VhVW+mqzpujN23ihAeMu/EHGw60uwepLbsPt5yvQDKvxwm2ueklxYA7jebF3Xb 5uKv4eeDWXDBLxHbQndBcIbkGhLY/PTeMxmf/zBpMcWTdAA31ng5mepWjjgJ56RLTpEa cG1A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=WpMvMQ6fR82mAT9cK3ebvQcsoAFkzwqkQA9JJkDQY1I=; b=XBCHVVPFrPfHYHWEeqZ7pzEU48DdQehPflalPTu8sRbRj4Pt+v1CxcZZzflCk1hyTy +DyJQDjheRayOmC7se+KbGnPNYSXhfDZtYQ6DayI19L+I8EjsHzVZZovBal2s5qu1/5w 0nPy4P3D6VLFMSbpVhQI3ofweDHQaHSLMvWKf1sIm4PqugRY8G9p5+Cj6pRP4s0HwLQU 3jL2e1zYJbmS5X8RxjiVJG/+kLfc6DB/BZDNLt99U8WtJh/9wURdl7GHSIoknXPdmgzr U2AuBeXRwcSppjALIRi/xxFZyBg8trt/t7XVtCPfgoIglf8DA17APUJ45UEOQAgzI+2i ObsQ== X-Gm-Message-State: AOAM531Loon9n9Iofwqqu9iXvFk0qahZryeoDAXSgYpeUxp7i9P5hmze DGgyvFEH79ozADxeIBHvI29cSA== X-Google-Smtp-Source: ABdhPJyk4v+4SNvl8Lgk2J5OYvQlw2GH3zeX2nmvwVmUFPK9Ay/AoJd+x0w++bBklQqAn8Umiw33tg== X-Received: by 2002:a17:906:bcf9:: with SMTP id op25mr2204258ejb.223.1606996764647; Thu, 03 Dec 2020 03:59:24 -0800 (PST) Received: from [192.168.71.123] (p4fc08d1c.dip0.t-ipconnect.de. [79.192.141.28]) by smtp.gmail.com with ESMTPSA id o3sm1039970edj.41.2020.12.03.03.59.23 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 03 Dec 2020 03:59:24 -0800 (PST) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.20.0.2.21\)) From: Torsten Lodderstedt In-Reply-To: Date: Thu, 3 Dec 2020 12:59:22 +0100 Content-Transfer-Encoding: quoted-printable Message-Id: <30D5F7BA-EA54-4E40-A2FC-222AA0C9AF8D@lodderstedt.net> References: To: Brian Campbell , oauth X-Mailer: Apple Mail (2.3654.20.0.2.21) Archived-At: Subject: Re: [OAUTH-WG] DPoP followup I: freshness and coverage of signature X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Dec 2020 11:59:29 -0000 Hi,=20 I'm failing to understand why binding the proof to the access token = ensures freshness of the proof. I would rather think if the client is = forced to create proofs with a reasonable short lifetime, chances for = replay could be reduced.=20 Beside that as far as I remember the primary replay counter measure is = the inclusion of the endpoint URL and HTTP method in the proof, since it = reduces the attack surface to a particular URL. So in the context of = freshness, we are talking about using the same proof with the same URL = again.=20 best regards, Torsten.=20 > Am 03.12.2020 um 10:20 schrieb Filip Skokan : >=20 > Hi Brian, everyone, >=20 > While the attack vector allows direct use, there is the option where a = smarter attacker will not abuse the gained artifacts straight away. = Think public client browser scenario with the non-extractable private = key stored in IndexedDB (the only place to persist them really), they = wouldn't use the tokens but instead, exfiltrate them, together with a = bunch of pre-generated DPoP proofs. They'll get the refresh token and a = bunch of DPoP proofs for both the RS and AS. With those they'll be able = to get a fresh AT and use it with pre-generated Proofs after the = end-user leaves the site. No available protection (e.g. RT already = rotated) will be able to kick in until the end-user opens the page = again. >=20 > OTOH with a hash of the AT in the Proof only direct use remains. >=20 > If what I describe above is something we don't want to deal with = because of direct use already allowing access to protected resources, = it's sufficiently okay as is (option #1). However, if this scenario, one = allowing prolonged access to protected resources, is not acceptable, = it's option #2. >=20 > Ad #2a vs #2b vs #2c. My pre-emptive answer is #2a, simply because we = already have the tools needed to generate and validate these hashes. But = further thinking about it, it would feel awkward if this JWS algorithm = driven at_hash digest selection wouldn't get stretched to the = confirmations, when this are placed in a JWT access token, cool - we can = do that, but when these are put in a basic token introspection response = it's unfortunately not an option. So, #2b (just use sha-256 just like = the confirmations do). >=20 > Best, > Filip >=20 >=20 > On Wed, 2 Dec 2020 at 21:50, Brian Campbell = wrote: > There were a few items discussed somewhat during the recent interim = that I committed to bringing back to the list. The slide below (also = available as slide #17 from the interim presentation) is the first one = of them, which is difficult to summarize but kinda boils down to how = much assurance there is that the DPoP proof was 'freshly' created and = that can dovetail into the question of whether the token is covered by = the signature of the proof.=20 > There are many directions a "resolution" here could go but my sense of = the room during the meeting was that the contending options were: > =E2=80=A2 It's sufficiently okay as it is > =E2=80=A2 Include a hash of the access token in the DPoP proof = (when an access token is present) >=20 > Going with #2 would mean the draft would also have to define how the = hashing is done and deal with or at least speak to algorithm agility. = Options (that I can think of) include: > =E2=80=A2 2a) Use the at_hash claim defined in OIDC core = https://openid.net/specs/openid-connect-core-1_0.html#CodeIDToken. Using = something that already exists is appealing. But its hash alg selection = routine can be a bit of a pain. And the algorithm agility based on the = signature that it's supposed to provide hasn't worked out as well as = hoped in practice for "new" JWS signatures = https://bitbucket.org/openid/connect/issues/1125/_hash-algorithm-for-eddsa= -id-tokens > =E2=80=A2 2b) Define a new claim ("ah", "ath", "atd", "ad" or = something like that maybe) and just use SHA-256. Explain why it's good = enough for now and the foreseeable future. Also include some text about = introducing a new claim in the future if/when SHA-256 proves to be = insufficient. Note that this is effectively the same as how the = confirmation claim value is currently defined in this document and in = RFC8705. > =E2=80=A2 2c) Define a new claim with its own hash algorithm = agility scheme (likely similar to how the Digest header value or = Subresource Integrity string is done). >=20 > I'm requesting that interested WG participants indicate their = preference for #1 or #2. And among a, b, and c, if the latter.=20 >=20 > I also acknowledge that an ECDH approach could/would ameliorate the = issues in a fundamentally different way. But that would be a distinct = protocol. If there's interest in pursuing the ECDH idea, I'm certainly = open to it and even willing to work on it. But as a separate effort and = not at the expense of derailing DPoP in its general current form.=20 > >=20 >=20 > CONFIDENTIALITY NOTICE: This email may contain confidential and = privileged material for the sole use of the intended recipient(s). Any = review, use, distribution or disclosure by others is strictly = prohibited. If you have received this communication in error, please = notify the sender immediately by e-mail and delete the message and any = file attachments from your computer. Thank = you._______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > = https://www.google.com/url?q=3Dhttps://www.ietf.org/mailman/listinfo/oauth= &source=3Dgmail-imap&ust=3D1607592086000000&usg=3DAOvVaw3hGaihxAdyXVvzFnVT= pc6N From nobody Thu Dec 3 04:09:42 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 816013A0825 for ; Thu, 3 Dec 2020 04:09:40 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.098 X-Spam-Level: X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=forgerock.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vE8kFro9ev3O for ; Thu, 3 Dec 2020 04:09:36 -0800 (PST) Received: from mail-ej1-x62d.google.com (mail-ej1-x62d.google.com [IPv6:2a00:1450:4864:20::62d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 610973A0822 for ; Thu, 3 Dec 2020 04:09:35 -0800 (PST) Received: by mail-ej1-x62d.google.com with SMTP id f23so3086475ejt.8 for ; Thu, 03 Dec 2020 04:09:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=forgerock.com; s=google; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=lbLZiUQ8eZUHTws+x35ABLrtNcBFju6yNG1LwLAUCIk=; b=cBISYoGUAdT/6MLV5HU7y94ZwqG3I4I/XAuQP1lABfwB7aUt0o9weFTnLujvIVED5b XwnPH41llmlXfCzvFrtNqndgijOpNERPFwLTGnlVMFOyGcP+0u1NKFtkn2O9PdcMIdCS E958uapmjA90qP417xC/HAxHpXYtsDNKC1gqo= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=lbLZiUQ8eZUHTws+x35ABLrtNcBFju6yNG1LwLAUCIk=; b=cbK8gObYnPJVbG9aCyHcBGsH4YOMBk3vAIWHgsSuv6K2gRDb9qX01IZg4ADcDxQNXI EUE81TjkK00z79VcDtftrbPxkNEeR5hvUOvONhDnISoa8OGEgOlP0EG5NhJH+WqTPSqj fnMRuRJ7juYXLUjHwqOyhZumZE6lErfmQkoLKpWI1tos3Pw1rC60jne2sQnNApFvNbzy wchVHpdmEffTQso8Vh2QAfydu9CaP/Qqy35+5z45PGOype+e8xskZ5mH5hw3OAqBvlUX OpSMdRHiHtIkzS9hGZE8mmK3tTuhWh7OMrQNKEMbMvZ71VaHLUEWISm7PzIeW2/A0/KA oQXg== X-Gm-Message-State: AOAM532pmgzB2t6Bz8wVdF3HA/dzlQcWboFDfbSn0mMtVd4h2ilCJlcd bCGEEPMlkGR7KeE9ddRj8Y4dC6NJv2JZr3395p+y0Wq5TKYz+fEoKJJ+/Rh26jOF8kJy5lIL1ac jDUDJEQ== X-Google-Smtp-Source: ABdhPJxzrjK0MPGGVAlhw4+E+e5g34OOCpduBksjIrB0JQA69+iIeBKEQ8LSVxpcl0QaNwyQxLL5WQ== X-Received: by 2002:a17:906:a1cb:: with SMTP id bx11mr2154471ejb.508.1606997374089; Thu, 03 Dec 2020 04:09:34 -0800 (PST) Received: from [10.0.0.4] ([213.31.218.193]) by smtp.gmail.com with ESMTPSA id rv11sm707835ejb.80.2020.12.03.04.09.32 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 03 Dec 2020 04:09:33 -0800 (PST) From: Neil Madden Message-Id: <699AB5C1-D9DE-4BCE-9D51-C10C7B88CD75@forgerock.com> Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.1\)) Date: Thu, 3 Dec 2020 12:09:32 +0000 In-Reply-To: Cc: Denis , oauth To: Brian Campbell References: <1b584adf-14f9-ba2e-657d-f22b57d87675@free.fr> <4cb35c85-e13a-aabe-1e74-d6eb244189cf@free.fr> <49cbbea5-df0e-f864-cf8b-ec9c3768bc18@danielfett.de> X-Mailer: Apple Mail (2.3608.120.23.2.1) Content-Type: multipart/alternative; boundary="Apple-Mail=_DD6EAB7E-F9F6-4F66-9C84-670661FB96B9" Archived-At: Subject: Re: [OAUTH-WG] Reminder - Interim Meeting to discuss DPoP X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Dec 2020 12:09:41 -0000 --Apple-Mail=_DD6EAB7E-F9F6-4F66-9C84-670661FB96B9 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="UTF-8" I think perhaps an assumption in the DPoP draft (and in the description of = =E2=80=9Cjti=E2=80=9D in RFC 7519) is that the server will maintain a singl= e global list of recently used jti values to prevent replay, rather than ma= intaining a separate list per client. That could perhaps be spelled out mor= e clearly in the draft, as I think the entropy discussions only really make= sense in that context. If the RS instead maintains a separate list per cli= ent then a simple counter is sufficient. =E2=80=94 Neil > On 2 Dec 2020, at 15:17, Brian Campbell wrote: >=20 > The conversation at https://github.com/danielfett/draft-dpop/pull/51#disc= ussion_r332377311 has a bit more of the rational behind the choice of 96 bit = minimum.=20 >=20 > On Wed, Dec 2, 2020 at 7:07 AM Denis > wrote: > Hi Daniel, >=20 > All your arguments make sense. I agree. >=20 > A minor point however. The size of the jti" is currently mandated to 96 b= its minimum. This is unnecessarily long for a time window of a few minutes. > The jti" does not need to be a unique identifier valid for ever. It can s= imply be an identifier used during the time window which complements the "i= at" claim. >=20 > Using both the "iat" claim and a 32 bits pseudo-random number will be qui= te sufficient. It is also has the advantage of using less memory and=20 > it is easier to flush the entries looking at the 32 first bits only. >=20 > Denis >=20 >> So what you are proposing is that the time window in which an RS accepts= the DPoP proof is defined by the expiration time of the access token? >>=20 >> DPoP proofs are intended to be generally be short-lived and fresh for ea= ch request in order to provide some level of replay protection. There is no= point in making the time window as long as the (typically longer) time win= dow in which an AT would be accepted. A DPoP proof that is valid for 12 hou= rs would not provide much replay protection.=20 >>=20 >> The time window is left unspecified because it is only meant to account = for clock differences and network latency. Its precise value can depend on = deployment considerations. It is not intended to give the client an option = to re-use proofs, which is prevented together with the jti. >>=20 >> Also this would introduce new, unwanted and potentially surprising depen= dencies between token lifetimes and the DPoP usage. >>=20 >> And finally, as discussed before, not all access tokens are JWTs and we = are not going to mandate JWT access tokens in this spec. >>=20 >> -Daniel >>=20 >>=20 >> Am 01.12.20 um 09:54 schrieb Denis: >>> Hi Brian, >>>=20 >>>> Hi Denis,=20 >>>>=20 >>>> The choice to use "iat" vs. "exp" was made in the summer of last year.= You can see some of the discussion from then in https://github.com/danielf= ett/draft-dpop/issues/38 .=20 >>>> I believe it pretty well has consensus at this point and thus unlikely= to be changed.=20 >>> I fear that you misread my email or read it too fast. My point had noth= ing to do whether using either of "iat" or "exp" in the DPoP proof JWT sent= by the client. >>>=20 >>> The first sentence of my email was: "One comment on slide 5 about the t= ime window". So the topic was all about how the RS SHALL handle the "jti" c= laim included=20 >>> in the DPoP proof JWT when using a time window. >>>=20 >>>=20 >>>> While I do believe there are reasonable arguments that can be made on = both sides of using either of "iat" or "exp", it's difficult (and honestly = time consuming and very frustrating) to try and have such discussions or ev= en respond in a coherent way when fundamental aspects of the draft are misr= epresented or misunderstood. For example, the DPoP proof JWT is created by = the client not the AS so the advantages you put forward are nonsensical in = the context of the actual workings of the draft.=20 >>> Section 8.1 addresses the topic of the time window, but this topic shou= ld not only be addressed in the "Security Considerations" section=20 >>> but in the main body of the document, since some checks MUST be done by= the RS. "Security Considerations"are intended to provide=20 >>> explanations but are not intended to be normative. >>>=20 >>> Section 8.1 states: >>>=20 >>> " If an adversary is able to get hold of a DPoP proof JWT, the adver= sary could replay that token at the same endpoint (the HTTP >>> endpoint and method are enforced via the respective claims in the JW= Ts). To prevent this, servers MUST only accept DPoP proofs=20 >>> for a limited time window after their "iat" time, preferably only fo= r a relatively brief period. =20 >>>=20 >>> Servers SHOULD store, in the context of the request URI, the "jti" v= alue of each DPoP proof for the time window in which the respective=20 >>> DPoP proof JWT would be accepted and decline HTTP requests to the sa= me URI for which the "jti" value has been seen before. In order=20 >>> to guard against memory exhaustion attacks a server SHOULD reject DP= oP proof JWTs with unnecessarily large "jti" values or store only=20 >>> a hash thereof. >>>=20 >>> (...) ". >>>=20 >>> The previous text makes the assumption that RSs MUST only accept DPoP p= roofs for a relatively brief period after their "iat" time included=20 >>> in the DPoP proof JWT. This assumption is rather restrictive. A client = might get an access token and associate it with DPoP proof JWT that=20 >>> could be used during, e.g., 12 hours. A DPoP proof JWT/ access token JW= T pair could thus be used by a client during, e.g., one day for=20 >>> several sessions with a RS. >>>=20 >>> The time window is currently left at the discretion of each RS and is s= upposed to be short (without stating explicitly what "short" may mean).. >>>=20 >>> It would be possible to mandate in the JWT the inclusion of the exp (Ex= piration Time) Claim. (I am not advocating the inclusion of the "exp"=20 >>> claim in the DPoP proof JWT).=20 >>>=20 >>> In this way, for a RS, the time window would be defined using the "iat"= claim defined in the DPoP proof JWT and the "exp" claim defined in=20 >>> the JWT. >>>=20 >>> Such a description should not be done in section 8, but in a section ea= rlier in the main body of the document. >>>=20 >>> This would have the following advantages:=20 >>>=20 >>> The RS would be able to better manage the "jti" claim values, because i= t would be able to discard "jti" claim values as soon as they are=20 >>> outside the time window as defined above. >>> The client would know whether a DPoP proof JWT/ access token JWT pair i= s still usable, in particular using the "expires_in" status code >>> returned in case of a successful response from the AS and is thus unlik= ely to get a rejection of both of them because of an unknown time=20 >>> window used by a RS. >>> Denis >>>=20 >>>=20 >>>>=20 >>>> On Mon, Nov 30, 2020 at 8:45 AM Denis > wrote: >>>> One comment on slide 5 about the time window. >>>>=20 >>>> At the bottom, on the left, it is written: "Only valid for a limited t= ime window relative to creation time". >>>>=20 >>>> While the creation time is defined by "iat", the time window is curren= tly left at the discretion of each RS. >>>>=20 >>>> It would be preferable to mandate the inclusion in the JWT of the exp = (Expiration Time) Claim.=20 >>>> In this way, the time window would be defined by the AS using both the= "iat" and the "exp" claims. >>>>=20 >>>> This would have the following advantages:=20 >>>>=20 >>>> The client will know whether a token is still usable and is unlikely t= o get a rejection of the token=20 >>>> because of an unknown time window defined by a RS. >>>> The RS is able to manage better the "jti" claim values, because it wil= l be able to discard "jti" claim values=20 >>>> as soon as they are outside the time window defined by the AS in a JWT= . >>>> Denis >>>>=20 >>>>=20 >>>>> All, >>>>>=20 >>>>> This is a reminder that we have an Interim meeting this Monday, Nov 3= 0th @ 12:00pm ET, to discuss the latest with the DPoP document: >>>>> https://datatracker.ietf.org/doc/draft-ietf-oauth-dpop/ >>>>>=20 >>>>> You can find the details of the meeting and the slides here: >>>>> https://datatracker.ietf.org/meeting/interim-2020-oauth-16/session/oa= uth >>>>>=20 >>>>> Regards, >>>>> Rifaat & Hannes >>>>>=20 >>>>>=20 >>>>>=20 >>>>> _______________________________________________ >>>>> OAuth mailing list >>>>> OAuth@ietf.org >>>>> https://www.ietf.org/mailman/listinfo/oauth >>>>=20 >>>> _______________________________________________ >>>> OAuth mailing list >>>> OAuth@ietf.org >>>> https://www.ietf.org/mailman/listinfo/oauth >>>>=20 >>>> CONFIDENTIALITY NOTICE: This email may contain confidential and privil= eged material for the sole use of the intended recipient(s). Any review, us= e, distribution or disclosure by others is strictly prohibited. If you hav= e received this communication in error, please notify the sender immediatel= y by e-mail and delete the message and any file attachments from your compu= ter. Thank you. >>>=20 >>>=20 >>>=20 >>> _______________________________________________ >>> OAuth mailing list >>> OAuth@ietf.org >>> https://www.ietf.org/mailman/listinfo/oauth >>=20 >> --=20 >> https://danielfett.de >>=20 >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth >=20 > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth >=20 > CONFIDENTIALITY NOTICE: This email may contain confidential and privilege= d material for the sole use of the intended recipient(s). Any review, use, = distribution or disclosure by others is strictly prohibited. If you have r= eceived this communication in error, please notify the sender immediately b= y e-mail and delete the message and any file attachments from your computer= . Thank you._______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth --=20 ForgeRock values your Privacy --Apple-Mail=_DD6EAB7E-F9F6-4F66-9C84-670661FB96B9 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset="UTF-8" I think perhaps an assumpt= ion in the DPoP draft (and in the description of =E2=80=9Cjti=E2=80=9D in R= FC 7519) is that the server will maintain a single global list of recently = used jti values to prevent replay, rather than maintaining a separate list = per client. That could perhaps be spelled out more clearly in the draft, as= I think the entropy discussions only really make sense in that context. If= the RS instead maintains a separate list per client then a simple counter = is sufficient.

    =E2=80= =94 Neil

    On= 2 Dec 2020, at 15:17, Brian Campbell <bcampbell=3D40pingidentity.com@d= marc.ietf.org> wrote:

    <= div class=3D"">
    The conversation= at https://github.com/danielfett/draf= t-dpop/pull/51#discussion_r332377311 has a bit more of the rational beh= ind the choice of 96 bit minimum.

    On Wed, D= ec 2, 2020 at 7:07 AM Denis <denis.ietf@free.fr> wrote:
    =20 =20 =20
    Hi Daniel,

    All your arguments make sense. I agree.

    A minor point however. The size of the jti" is currently mandated to 96 bits minimum. This is unnecessarily long for a time window of a few minutes.
    The jti" does not need to be a unique identifier valid for ever. It can simply be an identifier used during the time window which complements the "iat" claim.

    Using both the "iat" claim and a 32 bits pseudo-random number will be quite sufficient.  It is also has the advantage of using less memory and
    it is easier to flush the entries looking at the 32 first bits only.

    Denis

    =20
    So what you are proposing is that the time window in which an RS accepts the DPoP proof is defined by the expiration time of the access token?

    DPoP proofs are intended to be generally be short-lived and fresh for each request in order to provide some level of replay protection. There is no point in making the time window as long as the (typically longer) time window in which an AT would be accepted. A DPoP proof that is valid for 12 hours would not provide much replay protection.

    The time window is left unspecified because it is only meant to account for clock differences and network latency. Its precise value can depend on deployment considerations. It is not intended to give the client an option to re-use proofs, which is prevented together with the jti.

    Also this would introduce new, unwanted and potentially surprising dependencies between token lifetimes and the DPoP usage.

    And finally, as discussed before, not all access tokens are JWTs and we are not going to mandate JWT access tokens in this spec.

    -Daniel


    Am 01.12.20 um 09:54 schrieb Denis:
    =20
    Hi  Brian,

    =20
    Hi Denis,

    The choice to use "iat" vs. "exp" was made in t= he summer of last year. You can see some of the discussion from then in https://github.com/danielfett/d= raft-dpop/issues/38.
    I believe it pretty well has consensus at this point and thus unlikely to be changed.

    I fear t= hat you misread my email or read it too fast. My point had nothing to do whether using either of "iat" or "exp" in th= e DPoP proof JWT sent by the client.

    The first sentence of my email was: "One comment on slide 5 about the time window". So= the topic was all about how the RS SHALL handle the "jti" claim included
    in the     DPoP proof JWT when using a time window.


    While I do believe there are reasonable argumen= ts that can be made on both sides of using either of "iat" or "exp", it's difficult (and honestly time consuming and very frustrating) to try and have such discussions or even respond in a coherent way when fundamental aspects of the draft are misrepresented or misunderstood. For example, the DPoP proof JWT is created by the client not the AS so the advantages you put forward are nonsensical in the context of the actual workings of the draft.

    Section 8.1 addresses the topic of the time window, but this topic should not only be addressed= in the "Security Considerations" section
    but in the main body of the document, since some checks MUST be done by the RS.     "Security Considerations"are inten= ded to provide
    explanations but are not intended to be normative.

    Section 8.1 states:

    &n= bsp;  " If an adversary is able to get hold of a DPoP proof JWT, the adversary could replay that token at the same endpoint (the HTTP
       endpoint and method are enforced via the respect= ive claims in the JWTs).  To prevent this, servers MUST only accept DPoP proofs
       for a limited time window after their "iat" time= , preferably only for a relatively brief period. 

       Servers SHOULD store, in the context of the request URI, the "jti" value of each DPoP proof for the time window in which the respective
       DPoP proof JWT would be accepted and decline HTT= P requests to the same URI for which the "jti" value has been seen before.  In order
       to guard against memory exhaustion attacks a ser= ver SHOULD reject DPoP proof JWTs with unnecessarily large "jti" values or store only
       a hash thereof.

    <= font face=3D"Arial" class=3D"">  = (...) ".

    The previous text makes the assumption that RSs MUST only accept DPoP proofs for a relatively brief period after their "iat" time included
    in the     <= font face=3D"Arial" class=3D"">DPoP proof JWT. This assumption is rather restrictive. A client might get an access token and associate it with <= /font>DPoP proof JWT that
    could be used during, e.g., 12 hours. A     DPoP proof JWT/ access token JWT pair could thus be used by a client during, e.g., one day for
    several sessions with a RS.
    <= /font>

    The time window is currently left at the discretion of each RS and is supposed to be short (without stating explicitly what "short" may mean)..
    It would be possible to mandate     in the JWT the inclusion of = the exp (Expiration Time) Claim. (I am not advocating= the inclusion of the "exp"
    claim in the DPoP proof JWT).

    In this= way, for a RS, the time window would be defined using the "iat" claim defined in the DPoP proof JWT and the "exp" claim defined in
    the JWT.

    Such a description should not be done in section 8, but in a section earlier in the main body of the document.

    This would have the following advantages:

    • The RS would be a= ble to better manage the "jti" claim values, because it would be able to discard "jti" claim values as soon as they are
      outside the time window as defined above.
    • The client would k= now whether a DPoP proof JWT/ access token JWT pair is still usable, in particular using the "expires_in" status code
      returned in case of a successful response from the AS and is thus unlikely to get a rejection of both of them because of an unknown time
      window used by a RS.

    Denis



    On Mon, Nov 30, 2020 at 8:45 AM Denis <denis.ietf@free.fr> wrote:

    One comment on slide 5 about the time window.

    At the bottom, on the left, it is written: "Only valid for a limited time window rel= ative to creation time".

    While the creation time is defined by "iat", the time window is currently left at the discretion of each RS.

    It would be preferable to mandate the inclusion in the JWT of the exp (Expiration Time) Claim.
    In this way, the time window would = be defined by the AS using both the "iat" and the "exp" claims.

    This would have the following advantages:

    • The client will know whether a token is still usable and is unlikely to get a rejection of the token
      because of an unknown time window defined by a RS.
    • The RS is able to manage better the "jti" claim values, because it will be able to discard "jti" claim values
      as soon as they are outside the time window defined by the AS in a JWT.

    Denis


    All,

    This is a reminder that we have an Inte= rim meeting this Monday, Nov 30th @ 12:00pm ET, to discuss the latest with the DPoP do= cument:
    https://datatrack= er.ietf.org/doc/draft-ietf-oauth-dpop/

    You can find the details of the meeting= and the slides here:
    = https://datatracker.ietf.org/meeting/interim-2020-oauth-16/session/oauth

    Regards,
     Rifaat & Hannes


    _________________________________________=
______
OAuth mailing list
OAuth@ietf.o=
rg
https://www.ietf.org/mailman/listinfo/oauth


    _______________________________________________
    OAuth mailing list
    OAuth@ietf.org
    https://www.ietf.org/mailman/l= istinfo/oauth

    CONFID= ENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.  If yo= u have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you. 



    _______________________________________________
OAuth mailing list
OAuth@ietf.o=
rg
https://www.ietf.org/mailman/listinfo/oauth



    --=20
https://dan=
ielfett.de

    _______________________________________________
OAuth mailing list
OAuth@ietf.o=
rg
https://www.ietf.org/mailman/listinfo/oauth


    _______________________________________________
    OAuth mailing list
    OAuth@ietf.o= rg
    https://www.ietf.org/mailman/listinfo/oauth

    CONFIDENTIALITY NOTICE: = This email may contain confidential and privileged material for the sole us= e of the intended recipient(s). Any review, use, distribution or disclosure= by others is strictly prohibited.  If you have received this communic= ation in error, please notify the sender immediately by e-mail and delete t= he message and any file attachments from your computer. Thank you._______________________________________________
    OAut= h mailing list
    O= Auth@ietf.org
    https://www.ietf.org/mailman/listinfo/oauth=


    ForgeRock values your Privacy --Apple-Mail=_DD6EAB7E-F9F6-4F66-9C84-670661FB96B9-- From nobody Thu Dec 3 04:20:16 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3C70E3A0AC5 for ; Thu, 3 Dec 2020 04:20:07 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.097 X-Spam-Level: X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AgSBMIjDaxsa for ; Thu, 3 Dec 2020 04:20:03 -0800 (PST) Received: from mail-yb1-xb34.google.com (mail-yb1-xb34.google.com [IPv6:2607:f8b0:4864:20::b34]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 587963A0983 for ; Thu, 3 Dec 2020 04:20:03 -0800 (PST) Received: by mail-yb1-xb34.google.com with SMTP id x2so1810458ybt.11 for ; Thu, 03 Dec 2020 04:20:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=EzEPL0eQxINwJDDtlMoNKoyokk2VhLvH1zuBUAJZUGk=; b=DBcN7seKZ2ccZer5YOId9l5qetsZX9vYlMkB/e0oaFBIyoyZ3xMwvc3MoFj345DgUy 6fuDSaCC92A78F2eHo8P3oic9gja+nCmj800/MO+S5/7IAkh3yfBciwHsXzqrI4Wzthc yIJfBmL7zFvpcBsNMGaCMtSk/u+8FGbNV4nZpkR25JYg9ogoPAULrDnsMtYDB65RGbT1 qFSYgCg2sVqSPPwgZzfHKS92DE9Zup+VSNr3KOOrM2KautsqmDx5x3Gm1vry2iAzQcTL c8yoQRyMwcnpjAafiQ/+noUAJAX/IYBVAZx2Ti+I+Wd3QxRK5sTMZzvXhOunuhenH+D+ 8rqA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=EzEPL0eQxINwJDDtlMoNKoyokk2VhLvH1zuBUAJZUGk=; b=NdEZw23gsMS6PfeUq4TLuBEjmdegldL10CZRDH+9E0SGLKIAeGSyqsdk4whWRJJxAz 4Vu+skkaKs2NDmdMZmikZetdIyKePE8gvlyzSzedQwv45LXuc16eOaTNdl5gE5zle547 mhS2heFUYkCiVvAG2Qvrq/pKvwq1EZdDnNw/SwB6MuQPgkpr42sXsgEsdIo5CbyBTFHb JA+brb2qLkaOX6WDDQO0xeQg4+OFLaKljIu/b1gQ5YBiqFZz5rO/GT7GoqlBjnBT0OL4 qZKTbX1vSnfSyaulCZaMW9gKq07EuPOe4+oevpERYvTvQjRgMcjawVvamaJXaUQam5VD XEjw== X-Gm-Message-State: AOAM531oUYOG28erg8I4l9PvdOZCykv2+xwhnp4V3uB+Br5QP1m7b73/ dLGGAmiZhsinuMlMXkocB//rQbO26iKv5lRLfCq29jJabg== X-Google-Smtp-Source: ABdhPJyY4BnDLY5asR1I+VnQMc7QRDqqWpmiZ+AtoLHxndNErWvz0nFPM3VCrTspP4GFPTJDKl9B+7IVOO7c+U56PLA= X-Received: by 2002:a25:f623:: with SMTP id t35mr4187242ybd.399.1606998002232; Thu, 03 Dec 2020 04:20:02 -0800 (PST) MIME-Version: 1.0 References: <30D5F7BA-EA54-4E40-A2FC-222AA0C9AF8D@lodderstedt.net> In-Reply-To: <30D5F7BA-EA54-4E40-A2FC-222AA0C9AF8D@lodderstedt.net> From: Filip Skokan Date: Thu, 3 Dec 2020 13:19:25 +0100 Message-ID: To: Torsten Lodderstedt Cc: Brian Campbell , oauth Content-Type: multipart/alternative; boundary="00000000000013f1b205b58e6152" Archived-At: Subject: Re: [OAUTH-WG] DPoP followup I: freshness and coverage of signature X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Dec 2020 12:20:15 -0000 --00000000000013f1b205b58e6152 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable > > I'm failing to understand why binding the proof to the access token > ensures freshness of the proof. Because when access tokens issued to public browser based clients have a short duration you need continued access to the private key to issue new proofs. When I exfiltrate the RT and pre-generate tons of proofs while the user is active on the page through XSS I can then use the RT and my prepared proofs to talk to the AS to keep on refreshing the AT and use it against the RS. When the value of the token is part of the proof, i cannot pre-generate them for future issued access tokens. Short `iat` based windows don't help here. S pozdravem, *Filip Skokan* On Thu, 3 Dec 2020 at 12:59, Torsten Lodderstedt wrote: > Hi, > > I'm failing to understand why binding the proof to the access token > ensures freshness of the proof. I would rather think if the client is > forced to create proofs with a reasonable short lifetime, chances for > replay could be reduced. > > Beside that as far as I remember the primary replay counter measure is th= e > inclusion of the endpoint URL and HTTP method in the proof, since it > reduces the attack surface to a particular URL. So in the context of > freshness, we are talking about using the same proof with the same URL > again. > > best regards, > Torsten. > > > Am 03.12.2020 um 10:20 schrieb Filip Skokan : > > > > Hi Brian, everyone, > > > > While the attack vector allows direct use, there is the option where a > smarter attacker will not abuse the gained artifacts straight away. Think > public client browser scenario with the non-extractable private key store= d > in IndexedDB (the only place to persist them really), they wouldn't use t= he > tokens but instead, exfiltrate them, together with a bunch of pre-generat= ed > DPoP proofs. They'll get the refresh token and a bunch of DPoP proofs for > both the RS and AS. With those they'll be able to get a fresh AT and use = it > with pre-generated Proofs after the end-user leaves the site. No availabl= e > protection (e.g. RT already rotated) will be able to kick in until the > end-user opens the page again. > > > > OTOH with a hash of the AT in the Proof only direct use remains. > > > > If what I describe above is something we don't want to deal with becaus= e > of direct use already allowing access to protected resources, it's > sufficiently okay as is (option #1). However, if this scenario, one > allowing prolonged access to protected resources, is not acceptable, it's > option #2. > > > > Ad #2a vs #2b vs #2c. My pre-emptive answer is #2a, simply because we > already have the tools needed to generate and validate these hashes. But > further thinking about it, it would feel awkward if this JWS algorithm > driven at_hash digest selection wouldn't get stretched to the > confirmations, when this are placed in a JWT access token, cool - we can = do > that, but when these are put in a basic token introspection response it's > unfortunately not an option. So, #2b (just use sha-256 just like the > confirmations do). > > > > Best, > > Filip > > > > > > On Wed, 2 Dec 2020 at 21:50, Brian Campbell 40pingidentity.com@dmarc.ietf.org> wrote: > > There were a few items discussed somewhat during the recent interim tha= t > I committed to bringing back to the list. The slide below (also available > as slide #17 from the interim presentation) is the first one of them, whi= ch > is difficult to summarize but kinda boils down to how much assurance ther= e > is that the DPoP proof was 'freshly' created and that can dovetail into t= he > question of whether the token is covered by the signature of the proof. > > There are many directions a "resolution" here could go but my sense of > the room during the meeting was that the contending options were: > > =E2=80=A2 It's sufficiently okay as it is > > =E2=80=A2 Include a hash of the access token in the DPoP proof (= when an > access token is present) > > > > Going with #2 would mean the draft would also have to define how the > hashing is done and deal with or at least speak to algorithm agility. > Options (that I can think of) include: > > =E2=80=A2 2a) Use the at_hash claim defined in OIDC core > https://openid.net/specs/openid-connect-core-1_0.html#CodeIDToken. Using > something that already exists is appealing. But its hash alg selection > routine can be a bit of a pain. And the algorithm agility based on the > signature that it's supposed to provide hasn't worked out as well as hope= d > in practice for "new" JWS signatures > https://bitbucket.org/openid/connect/issues/1125/_hash-algorithm-for-edds= a-id-tokens > > =E2=80=A2 2b) Define a new claim ("ah", "ath", "atd", "ad" or som= ething > like that maybe) and just use SHA-256. Explain why it's good enough for n= ow > and the foreseeable future. Also include some text about introducing a ne= w > claim in the future if/when SHA-256 proves to be insufficient. Note that > this is effectively the same as how the confirmation claim value is > currently defined in this document and in RFC8705. > > =E2=80=A2 2c) Define a new claim with its own hash algorithm agil= ity > scheme (likely similar to how the Digest header value or Subresource > Integrity string is done). > > > > I'm requesting that interested WG participants indicate their preferenc= e > for #1 or #2. And among a, b, and c, if the latter. > > > > I also acknowledge that an ECDH approach could/would ameliorate the > issues in a fundamentally different way. But that would be a distinct > protocol. If there's interest in pursuing the ECDH idea, I'm certainly op= en > to it and even willing to work on it. But as a separate effort and not at > the expense of derailing DPoP in its general current form. > > > > > > > > CONFIDENTIALITY NOTICE: This email may contain confidential and > privileged material for the sole use of the intended recipient(s). Any > review, use, distribution or disclosure by others is strictly prohibited. > If you have received this communication in error, please notify the sende= r > immediately by e-mail and delete the message and any file attachments fro= m > your computer. Thank you._______________________________________________ > > OAuth mailing list > > OAuth@ietf.org > > https://www.ietf.org/mailman/listinfo/oauth > > _______________________________________________ > > OAuth mailing list > > OAuth@ietf.org > > > https://www.google.com/url?q=3Dhttps://www.ietf.org/mailman/listinfo/oaut= h&source=3Dgmail-imap&ust=3D1607592086000000&usg=3DAOvVaw3hGaihxAdyXVvzFnVT= pc6N > > --00000000000013f1b205b58e6152 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
    I'm = failing to understand why binding the proof to the access token ensures fre= shness of the proof.

    Because when access to= kens issued to public browser based clients have a short duration you need = continued access to the private key to issue new proofs. When I exfiltrate = the RT and pre-generate tons of proofs while the user is active on the page= through XSS I can then use the RT and my prepared proofs to talk to the AS= to keep on refreshing the AT and use it against the RS. When the value of = the token is part of the proof, i cannot pre-generate them for future issue= d access tokens. Short `iat` based windows don't help here.

    S pozdravem,
    Filip Skokan


    On Thu, 3 Dec= 2020 at 12:59, Torsten Lodderstedt <torsten@lodderstedt.net> wrote:
    <= blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-l= eft:1px solid rgb(204,204,204);padding-left:1ex">Hi,

    I'm failing to understand why binding the proof to the access token ens= ures freshness of the proof. I would rather think if the client is forced t= o create proofs with a reasonable short lifetime, chances for replay could = be reduced.

    Beside that as far as I remember the primary replay counter measure is the = inclusion of the endpoint URL and HTTP method in the proof, since it reduce= s the attack surface to a particular URL. So in the context of freshness, w= e are talking about using the same proof with the same URL again.

    best regards,
    Torsten.

    > Am 03.12.2020 um 10:20 schrieb Filip Skokan <panva.ip@gmail.com>:
    >
    > Hi Brian, everyone,
    >
    > While the attack vector allows direct use, there is the option where a= smarter attacker will not abuse the gained artifacts straight away. Think = public client browser scenario with the non-extractable private key stored = in IndexedDB (the only place to persist them really), they wouldn't use= the tokens but instead, exfiltrate them, together with a bunch of pre-gene= rated DPoP proofs. They'll get the refresh token and a bunch of DPoP pr= oofs for both the RS and AS. With those they'll be able to get a fresh = AT and use it with pre-generated Proofs after the end-user leaves the site.= No available protection (e.g. RT already rotated) will be able to kick in = until the end-user opens the page again.
    >
    > OTOH with a hash of the AT in the Proof only direct use remains.
    >
    > If what I describe above is something we don't want to deal with b= ecause of direct use already allowing access to protected resources, it'= ;s sufficiently okay as is (option #1). However, if this scenario, one allo= wing prolonged access to protected resources, is not acceptable, it's o= ption #2.
    >
    > Ad #2a vs #2b vs #2c. My pre-emptive answer is #2a, simply because we = already have the tools needed to generate and validate these hashes. But fu= rther thinking about it, it would feel awkward if this JWS algorithm driven= at_hash digest selection wouldn't get stretched to the confirmations, = when this are placed in a JWT access token, cool - we can do that, but when= these are put in a basic token introspection response it's unfortunate= ly not an option. So, #2b (just use sha-256 just like the confirmations do)= .
    >
    > Best,
    > Filip
    >
    >
    > On Wed, 2 Dec 2020 at 21:50, Brian Campbell <bcampbell=3D40pingidentity= .com@dmarc.ietf.org> wrote:
    > There were a few items discussed somewhat during the recent interim th= at I committed to bringing back to the list. The slide below (also availabl= e as slide #17 from the interim presentation) is the first one of them, whi= ch is difficult to summarize but kinda boils down to how much assurance the= re is that the DPoP proof was 'freshly' created and that can doveta= il into the question of whether the token is covered by the signature of th= e proof.
    > There are many directions a "resolution" here could go but m= y sense of the room during the meeting was that the contending options were= :
    >=C2=A0 =C2=A0 =C2=A0 =C2=A0=E2=80=A2=C2=A0 It's sufficiently okay a= s it is
    >=C2=A0 =C2=A0 =C2=A0 =C2=A0=E2=80=A2=C2=A0 Include a hash of the access= token in the DPoP proof (when an access token is present)
    >
    > Going with #2 would mean the draft would also have to define how the h= ashing is done and deal with or at least speak to algorithm agility. Option= s (that I can think of) include:
    >=C2=A0 =C2=A0 =C2=A0 =C2=A0=E2=80=A2 2a) Use the at_hash claim defined = in OIDC core https://openid.net/spe= cs/openid-connect-core-1_0.html#CodeIDToken. Using something that alrea= dy exists is appealing. But its hash alg selection routine can be a bit of = a pain. And the algorithm agility based on the signature that it's supp= osed to provide hasn't worked out as well as hoped in practice for &quo= t;new" JWS signatures https://bitbucket.org/openid/connect/issues/1125/_hash-algorith= m-for-eddsa-id-tokens
    >=C2=A0 =C2=A0 =C2=A0 =C2=A0=E2=80=A2 2b) Define a new claim ("ah&q= uot;, "ath", "atd", "ad" or something like th= at maybe) and just use SHA-256. Explain why it's good enough for now an= d the foreseeable future. Also include some text about introducing a new cl= aim in the future if/when SHA-256 proves to be insufficient. Note that this= is effectively the same as how the confirmation claim value is currently d= efined in this document and in RFC8705.
    >=C2=A0 =C2=A0 =C2=A0 =C2=A0=E2=80=A2 2c) Define a new claim with its ow= n hash algorithm agility scheme (likely similar to how the Digest header va= lue or Subresource Integrity string is done).
    >
    > I'm requesting that interested WG participants indicate their pref= erence for #1 or #2. And among a, b, and c, if the latter.
    >
    > I also acknowledge that an ECDH approach could/would ameliorate the is= sues in a fundamentally different way. But that would be a distinct protoco= l. If there's interest in pursuing the ECDH idea, I'm certainly ope= n to it and even willing to work on it. But as a separate effort and not at= the expense of derailing DPoP in its general current form.
    > <Slide17.jpeg>
    >
    >
    > CONFIDENTIALITY NOTICE: This email may contain confidential and privil= eged material for the sole use of the intended recipient(s). Any review, us= e, distribution or disclosure by others is strictly prohibited.=C2=A0 If yo= u have received this communication in error, please notify the sender immed= iately by e-mail and delete the message and any file attachments from your = computer. Thank you._______________________________________________
    > OAuth mailing list
    > OAuth@ietf.org=
    > https://www.ietf.org/mailman/listinfo/oauth
    > _______________________________________________
    > OAuth mailing list
    > OAuth@ietf.org=
    > https= ://www.google.com/url?q=3Dhttps://www.ietf.org/mailman/listinfo/oauth&s= ource=3Dgmail-imap&ust=3D1607592086000000&usg=3DAOvVaw3hGaihxAdyXVv= zFnVTpc6N

    --00000000000013f1b205b58e6152-- From nobody Thu Dec 3 04:55:39 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 445173A091B for ; Thu, 3 Dec 2020 04:55:38 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.099 X-Spam-Level: X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lodderstedt.net Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LCfQWcPdMfCs for ; Thu, 3 Dec 2020 04:55:36 -0800 (PST) Received: from mail-ej1-x62d.google.com (mail-ej1-x62d.google.com [IPv6:2a00:1450:4864:20::62d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2CEF73A0911 for ; Thu, 3 Dec 2020 04:55:36 -0800 (PST) Received: by mail-ej1-x62d.google.com with SMTP id d17so3270751ejy.9 for ; Thu, 03 Dec 2020 04:55:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lodderstedt.net; s=google; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=fhZrIegnU5PbYb9S3EaNbBdprCbxAAC34ahqYmlMhc0=; b=t1Lwh8p1XW/D/wef/NqPJVjTEqzXc4/IdIBwM/LxSMkixtfC3sUmgLdyG1iCmInbm+ fDbeHFZKo62A85JLbxYr80bSeh6ESFhnyUS1A2SPUqUelx9LUljC7F6XdxxOJZ5ZVM8H RIbPve2sNj+2DzLmXGsY/2Qajj+zWeLxZInNCB3iRWI4ZRgkMOJdLXlI5UPdWxWxwZJO oHth/A+A+B3YzkzEIx1gtfmQIbQA3rdIvihHPt/4HChX42qTSuZLC/oGLR0krymHzra3 SFAAQQXpEBB9Gjm2gqKh94aRCl4Ns0Bfhtzp61U+F7qAXXxV69UVIGtD+SOhZUqA+WxP eKxg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=fhZrIegnU5PbYb9S3EaNbBdprCbxAAC34ahqYmlMhc0=; b=NI4F/BwImE6BZWayjZX/vMx6o48UAVb0ZdkC9+QBN6KCM5ltyHySoHPm6SP0vLAoog v0rJvAHSOEkjA4OlcXhNw2CR8g7l4cVcx96SObbqZyyG+dBGjSj8ljPcE31RWAN9oBu3 wqjvMtvNELLI+vUATyiRLtVEwgXaXBKlQTs1hWdX3KtdQ2b5zjdXctErr/tA/wTnhDEo +gDj+vMXiUdr5Rk4QRZEAy0Jz/d3r/yiq6kS2jplSJgr2f4AN9bvkJSB3JLejpfOnJ/k n/mMzr7RBdD3utLM/NzANLHU++96vfb/H1RlCbI2Y0yn70raVKey4ztyFJnzAJB3jomJ 1bOA== X-Gm-Message-State: AOAM53149AHpouECjeT2Kcgzdc8C3nLWCXJ0nzO+QzltbCdmw9cc3XrL PsS72GNjMd0wA3d60LDNIZIdwQ== X-Google-Smtp-Source: ABdhPJwuKYihLtJ+Lzsp6kcWn0QlgXKbzDGi1ZKOocQtZnSqUp/fvJegCL+sIRAwjMk6gw8z34fTLw== X-Received: by 2002:a17:906:ce51:: with SMTP id se17mr2341629ejb.314.1607000134474; Thu, 03 Dec 2020 04:55:34 -0800 (PST) Received: from [192.168.71.123] (p4fc08d1c.dip0.t-ipconnect.de. [79.192.141.28]) by smtp.gmail.com with ESMTPSA id p22sm781030ejx.59.2020.12.03.04.55.33 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 03 Dec 2020 04:55:33 -0800 (PST) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.20.0.2.21\)) From: Torsten Lodderstedt In-Reply-To: Date: Thu, 3 Dec 2020 13:55:32 +0100 Cc: Brian Campbell , oauth Content-Transfer-Encoding: quoted-printable Message-Id: <353E4494-2F80-44BC-9267-6FB8B37AA0FE@lodderstedt.net> References: <30D5F7BA-EA54-4E40-A2FC-222AA0C9AF8D@lodderstedt.net> To: Filip Skokan X-Mailer: Apple Mail (2.3654.20.0.2.21) Archived-At: Subject: Re: [OAUTH-WG] DPoP followup I: freshness and coverage of signature X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Dec 2020 12:55:38 -0000 I understand. Thanks!=20 I think RT rotation + RT hash in the proof would also stop the attack. =20= > Am 03.12.2020 um 13:19 schrieb Filip Skokan : >=20 > I'm failing to understand why binding the proof to the access token = ensures freshness of the proof. >=20 > Because when access tokens issued to public browser based clients have = a short duration you need continued access to the private key to issue = new proofs. When I exfiltrate the RT and pre-generate tons of proofs = while the user is active on the page through XSS I can then use the RT = and my prepared proofs to talk to the AS to keep on refreshing the AT = and use it against the RS. When the value of the token is part of the = proof, i cannot pre-generate them for future issued access tokens. Short = `iat` based windows don't help here. >=20 > S pozdravem, > Filip Skokan >=20 >=20 > On Thu, 3 Dec 2020 at 12:59, Torsten Lodderstedt = wrote: > Hi,=20 >=20 > I'm failing to understand why binding the proof to the access token = ensures freshness of the proof. I would rather think if the client is = forced to create proofs with a reasonable short lifetime, chances for = replay could be reduced.=20 >=20 > Beside that as far as I remember the primary replay counter measure is = the inclusion of the endpoint URL and HTTP method in the proof, since it = reduces the attack surface to a particular URL. So in the context of = freshness, we are talking about using the same proof with the same URL = again.=20 >=20 > best regards, > Torsten.=20 >=20 > > Am 03.12.2020 um 10:20 schrieb Filip Skokan : > >=20 > > Hi Brian, everyone, > >=20 > > While the attack vector allows direct use, there is the option where = a smarter attacker will not abuse the gained artifacts straight away. = Think public client browser scenario with the non-extractable private = key stored in IndexedDB (the only place to persist them really), they = wouldn't use the tokens but instead, exfiltrate them, together with a = bunch of pre-generated DPoP proofs. They'll get the refresh token and a = bunch of DPoP proofs for both the RS and AS. With those they'll be able = to get a fresh AT and use it with pre-generated Proofs after the = end-user leaves the site. No available protection (e.g. RT already = rotated) will be able to kick in until the end-user opens the page = again. > >=20 > > OTOH with a hash of the AT in the Proof only direct use remains. > >=20 > > If what I describe above is something we don't want to deal with = because of direct use already allowing access to protected resources, = it's sufficiently okay as is (option #1). However, if this scenario, one = allowing prolonged access to protected resources, is not acceptable, = it's option #2. > >=20 > > Ad #2a vs #2b vs #2c. My pre-emptive answer is #2a, simply because = we already have the tools needed to generate and validate these hashes. = But further thinking about it, it would feel awkward if this JWS = algorithm driven at_hash digest selection wouldn't get stretched to the = confirmations, when this are placed in a JWT access token, cool - we can = do that, but when these are put in a basic token introspection response = it's unfortunately not an option. So, #2b (just use sha-256 just like = the confirmations do). > >=20 > > Best, > > Filip > >=20 > >=20 > > On Wed, 2 Dec 2020 at 21:50, Brian Campbell = wrote: > > There were a few items discussed somewhat during the recent interim = that I committed to bringing back to the list. The slide below (also = available as slide #17 from the interim presentation) is the first one = of them, which is difficult to summarize but kinda boils down to how = much assurance there is that the DPoP proof was 'freshly' created and = that can dovetail into the question of whether the token is covered by = the signature of the proof.=20 > > There are many directions a "resolution" here could go but my sense = of the room during the meeting was that the contending options were: > > =E2=80=A2 It's sufficiently okay as it is > > =E2=80=A2 Include a hash of the access token in the DPoP = proof (when an access token is present) > >=20 > > Going with #2 would mean the draft would also have to define how the = hashing is done and deal with or at least speak to algorithm agility. = Options (that I can think of) include: > > =E2=80=A2 2a) Use the at_hash claim defined in OIDC core = https://openid.net/specs/openid-connect-core-1_0.html#CodeIDToken. Using = something that already exists is appealing. But its hash alg selection = routine can be a bit of a pain. And the algorithm agility based on the = signature that it's supposed to provide hasn't worked out as well as = hoped in practice for "new" JWS signatures = https://bitbucket.org/openid/connect/issues/1125/_hash-algorithm-for-eddsa= -id-tokens > > =E2=80=A2 2b) Define a new claim ("ah", "ath", "atd", "ad" or = something like that maybe) and just use SHA-256. Explain why it's good = enough for now and the foreseeable future. Also include some text about = introducing a new claim in the future if/when SHA-256 proves to be = insufficient. Note that this is effectively the same as how the = confirmation claim value is currently defined in this document and in = RFC8705. > > =E2=80=A2 2c) Define a new claim with its own hash algorithm = agility scheme (likely similar to how the Digest header value or = Subresource Integrity string is done). > >=20 > > I'm requesting that interested WG participants indicate their = preference for #1 or #2. And among a, b, and c, if the latter.=20 > >=20 > > I also acknowledge that an ECDH approach could/would ameliorate the = issues in a fundamentally different way. But that would be a distinct = protocol. If there's interest in pursuing the ECDH idea, I'm certainly = open to it and even willing to work on it. But as a separate effort and = not at the expense of derailing DPoP in its general current form.=20 > > > >=20 > >=20 > > CONFIDENTIALITY NOTICE: This email may contain confidential and = privileged material for the sole use of the intended recipient(s). Any = review, use, distribution or disclosure by others is strictly = prohibited. If you have received this communication in error, please = notify the sender immediately by e-mail and delete the message and any = file attachments from your computer. Thank = you._______________________________________________ > > OAuth mailing list > > OAuth@ietf.org > > https://www.ietf.org/mailman/listinfo/oauth > > _______________________________________________ > > OAuth mailing list > > OAuth@ietf.org > > = https://www.google.com/url?q=3Dhttps://www.ietf.org/mailman/listinfo/oauth= &source=3Dgmail-imap&ust=3D1607592086000000&usg=3DAOvVaw3hGaihxAdyXVvzFnVT= pc6N >=20 From nobody Thu Dec 3 16:55:15 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6650F3A1155; Thu, 3 Dec 2020 16:55:06 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.898 X-Spam-Level: X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_IMAGE_RATIO_04=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3RhQZJKjUTQF; Thu, 3 Dec 2020 16:54:59 -0800 (PST) Received: from mo-csw.securemx.jp (mo-csw1515.securemx.jp [210.130.202.154]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B61753A1109; Thu, 3 Dec 2020 16:54:58 -0800 (PST) Received: by mo-csw.securemx.jp (mx-mo-csw1515) id 0B40stiS008697; Fri, 4 Dec 2020 09:54:55 +0900 X-Iguazu-Qid: 34ts1bXBD8wRw0NaB5 X-Iguazu-QSIG: v=2; s=0; t=1607043294; q=34ts1bXBD8wRw0NaB5; m=7I+uS69UbdvoO9le2n4/YbL+5s9MD1gwzvR+HqhHcPs= Received: from imx2.toshiba.co.jp (imx2.toshiba.co.jp [106.186.93.51]) by relay.securemx.jp (mx-mr1511) id 0B40sqaV031122; Fri, 4 Dec 2020 09:54:54 +0900 Received: from enc01.toshiba.co.jp ([106.186.93.100]) by imx2.toshiba.co.jp with ESMTP id 0B40sq3Z027062; Fri, 4 Dec 2020 09:54:52 +0900 (JST) Received: from hop001.toshiba.co.jp ([133.199.164.63]) by enc01.toshiba.co.jp with ESMTP id 0B40spWF013836; Fri, 4 Dec 2020 09:54:51 +0900 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=QrTyHBOfbOQV0kqmviYZW41s1aPXd8pgePCKv7jtvXSxTEjVD7qDwNzHgqPDpbR87CrHG/fjQKw+GPO9PV2Z82WSd5Mon2Qa/f2dIBRMFtQjgtsvXyOtR5NvXmYdOd/fC8XCs8U3W9sW4+tF06kWpfK2Jo6e6csj5vrkvXLbP6Gn+RlHiGAQlizCewVGgMOga7O1U3jDEhpoW+g/0z+CnLFyNP6idrhuuVCCFelIwjj5FU3fWqe8nFmZuYQOllNN93dR8NOteqxXSyvXcQ5xhOX5oG1dxwZpcpwn2sMzFpENEyyT9HLQXrrXTzcb30igkia/l65F4yxPEZi8VC4FKA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=a+O0qB/1IjQvpy7nYyTU0lEVRQ/7CNTPnv62Bac54BE=; b=bB0C/5HlBaa2/kYd9T4l/xNbOy5fM+Cwtu08ZiP5rgUDCqan5d9TU2K1e5+vCMkyGdrfALc/fbIlwf2xE4cTL6AIY2XjU7PEOcgpWP7vuuvcK/AoiaFYBSBw2F4N1nwV0L6F6SxR3uzkwjlFc9vLqB+vxmDGWDapjrgFZ82Nf6m2wsbdvhstne0FGlz4AOS4ynaMFNL6I3GteSRuh0eGveQ6g3bM3c4DFfo2DPscWvklDnWCKLW8Kwlm6+O3QDvEb83+sp+9aySqu2T4CyQrqNpwGYPbgPffOaASEpgqOLdf6yqkIobHXftSa/5YGZ3WmLDrhu4DUI+a+W4oDv5+jg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=toshiba.co.jp; dmarc=pass action=none header.from=toshiba.co.jp; dkim=pass header.d=toshiba.co.jp; arc=none From: To: , Thread-Topic: [OAUTH-WG] DPoP followup II: confirmation style Thread-Index: AQHWyPqroZwFgMt+9kGBwHTeXvIWCKnmHdEA Date: Fri, 4 Dec 2020 00:54:46 +0000 X-TSB-HOP: ON Message-ID: References: In-Reply-To: Accept-Language: ja-JP, en-US Content-Language: ja-JP X-MS-Has-Attach: yes authentication-results: dmarc.ietf.org; dkim=none (message not signed) header.d=none;dmarc.ietf.org; dmarc=none action=none header.from=toshiba.co.jp; x-originating-ip: [124.211.28.2] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 0adb0e44-5dce-4f05-f472-08d897ef321e x-ms-traffictypediagnostic: TYAPR01MB2494: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:8882; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 8oBg+CNb26JOT8yYPC7BFFXVf0ZH67B/7t5fDZqZSJ9Cn/0bkqnzUO5xPX7rtsfLkECY+LlEgMDzXO6ycAf2U2mwqI/mBjX1pQWUhbJ91t7DfZGKDJIdNDr5iqw92WhUmQ6pvOEC3LT5F6hHmbo5fWJncOUzXt0+yFIaWNhvOoiwJihY+ZqrbMmzkRMqu6bj3RkArwoOkdskjoPiIZpN/sXs5MjuuP+3+UhgAHtOw+JVJX7aM3anp9S+MDpA7jwLEZC8iyq90xBSlXwOWVS3NDU7CseVhjb1TGs2wukMpDiUOrdaPx06h7WAj5h078sESn5qsxCAh/C7HI5iYgTGiNR/WdjaM+jGrGpKvHemH0n5DbrjbS/dafCfod9bBmQ5S+ltZkDmxKv4dLTahQa8Ug== x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:TY1PR01MB1466.jpnprd01.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(136003)(346002)(366004)(39860400002)(376002)(396003)(9686003)(71200400001)(316002)(66446008)(186003)(166002)(7696005)(53546011)(55236004)(26005)(6506007)(66616009)(66476007)(8676002)(64756008)(110136005)(66556008)(86362001)(8936002)(76116006)(478600001)(52536014)(5660300002)(99936003)(55016002)(66946007)(33656002)(2906002)(83380400001); DIR:OUT; SFP:1101; x-ms-exchange-antispam-messagedata: =?utf-8?B?a2N1RlBZUzRuVHd4c3pkeGNITEo4VzRSc3lXRnNSTDRmYU9pZEtLUVg3S0lM?= =?utf-8?B?S2lTbVhZTmhLZytueXFBNi9jK1Z5cldhMDV0T0JRb25RUmkzT1lJZmRIL296?= =?utf-8?B?N0FyRXJraStRVkl5U1pId3c2SUpMeFJ1b21HVzdVR3BidnhCb09jK1hISmlq?= =?utf-8?B?VW5jZEhxMWE4c1Q2K0dXWkhlWkFwZDhad2sva1k1OEVkQ1hhVFdWbyt1Qkpy?= =?utf-8?B?OVBycGNTTUQrVmU4QjQ3a1Q5d2hDaFpHdWJ4KzBRNmFkUjRmcTBpOW1zZlR3?= =?utf-8?B?UzFKRFpEMzVtUndsSDdjeW5KY1JESkZpN3N0OTRQamZWcDh5VS9HWDBTSzU0?= =?utf-8?B?eFVZTFNMc2xrcmFPcUYzWFRKdUVaU1pMUFRxWFczOTIrUXlVMEJ4OERDODN2?= =?utf-8?B?a0s0N05KcUZtWXNqU2hGMEFFbUZHMk9xOVFpTmN3T1BXWHo1Yld4MlBFVnBo?= =?utf-8?B?eEpyTXM4SmcyTStyaU4xNWMxV2RsUmNka1BGVm1BZ0U1ZnJWR3RENEpNajI2?= =?utf-8?B?Q3lzdDlYZFpOSGRaWi9KRW42SnBUUGR4Y2FBczVCcHh0TnNXNWhnWmdZVHRX?= =?utf-8?B?L3FseWpQWDBHR3h0N05WS2pIbHkzbXBkL2pLeStlMnNpZzBONEw0N3ZmS0pT?= =?utf-8?B?UXl4Sm9uNW1IZ0hxNk5OTVovZWRFMnV2Vnl5bXpySjFzRndtRkExYlFCOHpO?= =?utf-8?B?OHRzbWhibHF0czQxMHhWVlV5dXRld3BPcGIzOTZLN3BoSi9IU3NhWFNiSjVL?= =?utf-8?B?UEVKUy9heHNBY2Nxd3ZWYlNzTU9tNGt5aWc4Y0VYYWlRUmZPcXd3RWU1S3Vi?= =?utf-8?B?bjU4cFprT1FLRmRLMkg5aC9ycmQxTG5yNlprbnZiQUlwWWp2RW9VMlVjMUxv?= =?utf-8?B?Rnplb0tLVzk0L0JkcVNVbmtSa3hwQVk2R0hQODhaaEZqK1lZa2g1dSt4TkhR?= =?utf-8?B?S3NodG43UTI0Y3BMZzdoQ2xiQ2VEWms1b1lTOXAva2dSQzBYeHNuZ2t1S0c1?= =?utf-8?B?V0FYY3lOSE5TdmpkSHJieHdOWDEyd3BhcHlaZlJRNTVOTlMvRnNJN3l4RUdz?= =?utf-8?B?YTlyMU4zSmpoRUFWd09BQk1JbDgwRkMwSytIako2OWZpY3k1SHBocXhoMmFI?= =?utf-8?B?amFsQWtpTTIydlNlMTNRTVhINlB4TTg0WktLdGxoSHJyanBveit0MzBVbU00?= =?utf-8?B?TzJoU1lGWGlnT1pUWnltaGJJUGtGUzhUZ0JZQXE4OGJYYmNkbXFuQ0VGWkdn?= =?utf-8?B?L2gwcjJNY3JtaWY5Vk5jK0VqRFJwNGx5S2VISTNWU3pPMlUzVXRSZGYxeE9L?= =?utf-8?Q?ULhKp9PglvD2o=3D?= x-ms-exchange-transport-forked: True Content-Type: multipart/related; boundary="_004_TY1PR01MB1466B046019192708FF52C46E5F10TY1PR01MB1466jpnp_"; type="multipart/alternative" MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: TY1PR01MB1466.jpnprd01.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 0adb0e44-5dce-4f05-f472-08d897ef321e X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Dec 2020 00:54:46.5913 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: f109924e-fb71-4ba0-b2cc-65dcdf6fbe4f X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: Q0tQab8x7WHX0kaP5ToT4wD2llEyP9wzk0cL++CzR3qv1ziZPKb9UYblsIpQlS8zskraTVPgvXmDc81hbur0tr/44yOa7fugusEBNRadzzo= X-MS-Exchange-Transport-CrossTenantHeadersStamped: TYAPR01MB2494 X-OriginatorOrg: toshiba.co.jp MSSCP.TransferMailToMossAgent: 103 Archived-At: Subject: Re: [OAUTH-WG] DPoP followup II: confirmation style X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Dec 2020 00:55:14 -0000 --_004_TY1PR01MB1466B046019192708FF52C46E5F10TY1PR01MB1466jpnp_ Content-Type: multipart/alternative; boundary="_000_TY1PR01MB1466B046019192708FF52C46E5F10TY1PR01MB1466jpnp_" --_000_TY1PR01MB1466B046019192708FF52C46E5F10TY1PR01MB1466jpnp_ Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 SGkgQnJpYW4sIGV2ZXJ5b25lDQoNClRoZSBvcHRpb24gMiBtYWtlcyBzZW5zZSB0byBtZSwgYmVj YXVzZSBJIHRoaW5rIHRoZSBEUG9QIFByb29mIHRvIEFTIGFuZCB0aGUgb25lDQp0byBSUyBwbGF5 IGRpZmZlcmVudCByb2xlcy4gTWF5YmUgdGhleSBzaG91bGQgZXZlbiBoYXZlIGRpZmZlcmVudCBu YW1lcy4NCkhvd2V2ZXIsIEFTL1JTIHN5bW1ldHJ5IG9mIG9wdGlvbiAxIGlzIGFsc28gYXR0cmFj dGl2ZSBmcm9tIHRoZSB2aWV3cG9pbnQgb2YNCmFuIGltcGxlbWVudGVyLg0KDQpJIHRoaW5rIHRo aXMgdG9waWMgaXMgcmVsYXRlZCB0byB0aGUgcXVlc3Rpb24gb2YgImZvbGxvd3VwIEk6IGZyZXNo bmVzcyBhbmQNCmNvdmVyYWdlIG9mIHNpZ25hdHVyZSIuIFRoZSBvcHRpb24gMiBmb3IgdGhlIGZv bGxvd3VwIEkgd2lsbCBhbHNvIGJyZWFrIEFTL1JTDQpzeW1tZXRyeS4gSWYgd2UgY2hvb3NlIHRo ZSBvcHRpb24gMiBmb3IgZm9sbG93dXAgSSwgSSB0aGluayB3ZSBtaWdodCBhcyB3ZWxsDQpjaG9v c2UgdGhlIG9wdGlvbiAyIGZvciBmb2xsb3d1cCBJSSwgdG9vLg0KDQoNClRvc2hpbyBJdG8NCg0K DQpGcm9tOiBPQXV0aCA8b2F1dGgtYm91bmNlc0BpZXRmLm9yZz4gT24gQmVoYWxmIE9mIEJyaWFu IENhbXBiZWxsDQpTZW50OiBUaHVyc2RheSwgRGVjZW1iZXIgMywgMjAyMCA3OjI5IEFNDQpUbzog b2F1dGggPG9hdXRoQGlldGYub3JnPg0KU3ViamVjdDogW09BVVRILVdHXSBEUG9QIGZvbGxvd3Vw IElJOiBjb25maXJtYXRpb24gc3R5bGUNCg0KVGhlcmUgd2VyZSBhIGZldyBpdGVtcyBkaXNjdXNz ZWQgc29tZXdoYXQgZHVyaW5nIHRoZSByZWNlbnQgaW50ZXJpbTxodHRwczovL2RhdGF0cmFja2Vy LmlldGYub3JnL21lZXRpbmcvaW50ZXJpbS0yMDIwLW9hdXRoLTE2L3Nlc3Npb24vb2F1dGg+IHRo YXQgSSBjb21taXR0ZWQgdG8gYnJpbmdpbmcgYmFjayB0byB0aGUgbGlzdC4gVGhlIHNsaWRlIGJl bG93IChhbHNvIGF2YWlsYWJsZSB3aXRoIHNvbWUgdHlwb3MgYW5kIG9taXR0ZWQgd29yZHMgYXMg c2xpZGUgIzE4IGZyb20gdGhlIGludGVyaW0gcHJlc2VudGF0aW9uPGh0dHBzOi8vZGF0YXRyYWNr ZXIuaWV0Zi5vcmcvbWVldGluZy9pbnRlcmltLTIwMjAtb2F1dGgtMTYvbWF0ZXJpYWxzL3NsaWRl cy1pbnRlcmltLTIwMjAtb2F1dGgtMTYtc2Vzc2EtZHBvcC0wMS5wZGY+KSBpcyB0aGUgc2Vjb25k IG9uZS4gVG8gc3VtbWFyaXplIChieSBiYXNpY2FsbHkgcmVwZWF0aW5nIHRoZSBjb250ZW50IG9m IHRoZSBzbGlkZSk6IEl04oCZcyBiZWVuIHN1Z2dlc3RlZCB0aGF0LCBmb3IgcmVzb3VyY2UgYWNj ZXNzLCBoYXZpbmcgdGhlIEpXSyBpbiB0aGUgaGVhZGVyIG9mIHRoZSBEUG9QIHByb29mIEpXVCBt YWtlcyBpdCB0b28gZWFzeSB0byBqdXN0IHVzZSB0aGF0IGtleSB0byB2YWxpZGF0ZSB0aGUgc2ln bmF0dXJlIGFuZCBtaXNzIGNoZWNraW5nIHRoZSBiaW5kaW5nIHRvIHRoZSBBVOKAmXMgY25mL2pr dCBoYXNoLCB3aGljaCB1bmRlcm1pbmVzIHRoZSB2YWx1ZSBvZiBkb2luZyB0aGUgYmluZGluZyBp biB0aGUgZmlyc3QgcGxhY2UuIEFzIEkgc2VlIGl0LCB0aGVyZSBhcmUgdHdvIG9wdGlvbnMgaGVy ZSBhbmQgSSdkIGxpa2UgdG8gZ2F1Z2UgV0cgY29uc2Vuc3VzIG9uIHdoaWNoIHRvIG1vdmUgZm9y d2FyZCB3aXRoLg0KDQogIDEuICBJdOKAmXMgZmluZSBhcyBpcyAoQVMvUlMgc3ltbWV0cnkgaXMg bmljZSwgaXQncyB0aGUgc2FtZSB3YXkgY29uZmlybWF0aW9uIHdvcmtzIGluIE1UTFMvVEIsIGFu ZCB0aGUgYmluZGluZyBjaGVjayBpcyBraW5kYSBmdW5kYW1lbnRhbCB0byB0aGUgd2hvbGUgdGhp bmcgc28gaXQncyBub3QgdW5yZWFzb25hYmxlIHRvIGV4cGVjdCBpbXBsZW1lbnRlcnMgdG8gZG8g aXQpDQogIDIuICBGb3IgcmVzb3VyY2UgYWNjZXNzLCBwdXQgdGhlIGZ1bGwgSldLIGluIHRoZSBB VOKAmXMgY29uZmlybWF0aW9uIGFuZCBvbWl0IGl0IGZyb20gdGhlIHByb29mIChsZXNzIGVycm9y IHByb25lLCBubyBoYXNoIGZ1bmN0aW9uIG5lZWRlZCBmb3IgY29uZmlybWF0aW9uLCBzb21ld2hh dCBsZXNzIGRhdGEgb3ZlcmFsbCBiZXR3ZWVuIHRoZSB0d28gYXJ0aWZhY3RzKQ0KDQoNCltTbGlk ZTE4LmpwZ10NCg0KDQpDT05GSURFTlRJQUxJVFkgTk9USUNFOiBUaGlzIGVtYWlsIG1heSBjb250 YWluIGNvbmZpZGVudGlhbCBhbmQgcHJpdmlsZWdlZCBtYXRlcmlhbCBmb3IgdGhlIHNvbGUgdXNl IG9mIHRoZSBpbnRlbmRlZCByZWNpcGllbnQocykuIEFueSByZXZpZXcsIHVzZSwgZGlzdHJpYnV0 aW9uIG9yIGRpc2Nsb3N1cmUgYnkgb3RoZXJzIGlzIHN0cmljdGx5IHByb2hpYml0ZWQuICBJZiB5 b3UgaGF2ZSByZWNlaXZlZCB0aGlzIGNvbW11bmljYXRpb24gaW4gZXJyb3IsIHBsZWFzZSBub3Rp ZnkgdGhlIHNlbmRlciBpbW1lZGlhdGVseSBieSBlLW1haWwgYW5kIGRlbGV0ZSB0aGUgbWVzc2Fn ZSBhbmQgYW55IGZpbGUgYXR0YWNobWVudHMgZnJvbSB5b3VyIGNvbXB1dGVyLiBUaGFuayB5b3Uu DQo= --_000_TY1PR01MB1466B046019192708FF52C46E5F10TY1PR01MB1466jpnp_ Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: base64 PGh0bWwgeG1sbnM6dj0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTp2bWwiIHhtbG5zOm89InVy bjpzY2hlbWFzLW1pY3Jvc29mdC1jb206b2ZmaWNlOm9mZmljZSIgeG1sbnM6dz0idXJuOnNjaGVt YXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6d29yZCIgeG1sbnM6bT0iaHR0cDovL3NjaGVtYXMubWlj cm9zb2Z0LmNvbS9vZmZpY2UvMjAwNC8xMi9vbW1sIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv VFIvUkVDLWh0bWw0MCI+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIg Y29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjxtZXRhIG5hbWU9IkdlbmVyYXRv ciIgY29udGVudD0iTWljcm9zb2Z0IFdvcmQgMTUgKGZpbHRlcmVkIG1lZGl1bSkiPg0KPCEtLVtp ZiAhbXNvXT48c3R5bGU+dlw6KiB7YmVoYXZpb3I6dXJsKCNkZWZhdWx0I1ZNTCk7fQ0Kb1w6KiB7 YmVoYXZpb3I6dXJsKCNkZWZhdWx0I1ZNTCk7fQ0Kd1w6KiB7YmVoYXZpb3I6dXJsKCNkZWZhdWx0 I1ZNTCk7fQ0KLnNoYXBlIHtiZWhhdmlvcjp1cmwoI2RlZmF1bHQjVk1MKTt9DQo8L3N0eWxlPjwh W2VuZGlmXS0tPjxzdHlsZT48IS0tDQovKiBGb250IERlZmluaXRpb25zICovDQpAZm9udC1mYWNl DQoJe2ZvbnQtZmFtaWx5OiLvvK3vvLMg44K044K344OD44KvIjsNCglwYW5vc2UtMToyIDExIDYg OSA3IDIgNSA4IDIgNDt9DQpAZm9udC1mYWNlDQoJe2ZvbnQtZmFtaWx5OiJDYW1icmlhIE1hdGgi Ow0KCXBhbm9zZS0xOjIgNCA1IDMgNSA0IDYgMyAyIDQ7fQ0KQGZvbnQtZmFjZQ0KCXtmb250LWZh bWlseToi77yt77yzIO+8sOOCtOOCt+ODg+OCryI7DQoJcGFub3NlLTE6MiAxMSA2IDAgNyAyIDUg OCAyIDQ7fQ0KQGZvbnQtZmFjZQ0KCXtmb250LWZhbWlseTrjg6HjgqTjg6rjgqo7DQoJcGFub3Nl LTE6MiAxMSA2IDQgMyA1IDQgNCAyIDQ7fQ0KQGZvbnQtZmFjZQ0KCXtmb250LWZhbWlseToiXEDj g6HjgqTjg6rjgqoiO30NCkBmb250LWZhY2UNCgl7Zm9udC1mYW1pbHk6Q2FsaWJyaTsNCglwYW5v c2UtMToyIDE1IDUgMiAyIDIgNCAzIDIgNDt9DQpAZm9udC1mYWNlDQoJe2ZvbnQtZmFtaWx5OiJT ZWdvZSBVSSI7DQoJcGFub3NlLTE6MiAxMSA1IDIgNCAyIDQgMiAyIDM7fQ0KQGZvbnQtZmFjZQ0K CXtmb250LWZhbWlseToiXEDvvK3vvLMg77yw44K044K344OD44KvIjt9DQpAZm9udC1mYWNlDQoJ e2ZvbnQtZmFtaWx5OiJcQO+8re+8syDjgrTjgrfjg4Pjgq8iOw0KCXBhbm9zZS0xOjIgMTEgNiA5 IDcgMiA1IDggMiA0O30NCi8qIFN0eWxlIERlZmluaXRpb25zICovDQpwLk1zb05vcm1hbCwgbGku TXNvTm9ybWFsLCBkaXYuTXNvTm9ybWFsDQoJe21hcmdpbjowbW07DQoJbWFyZ2luLWJvdHRvbTou MDAwMXB0Ow0KCWZvbnQtc2l6ZToxMi4wcHQ7DQoJZm9udC1mYW1pbHk6Iu+8re+8syDvvLDjgrTj grfjg4Pjgq8iO30NCmE6bGluaywgc3Bhbi5Nc29IeXBlcmxpbmsNCgl7bXNvLXN0eWxlLXByaW9y aXR5Ojk5Ow0KCWNvbG9yOmJsdWU7DQoJdGV4dC1kZWNvcmF0aW9uOnVuZGVybGluZTt9DQphOnZp c2l0ZWQsIHNwYW4uTXNvSHlwZXJsaW5rRm9sbG93ZWQNCgl7bXNvLXN0eWxlLXByaW9yaXR5Ojk5 Ow0KCWNvbG9yOnB1cnBsZTsNCgl0ZXh0LWRlY29yYXRpb246dW5kZXJsaW5lO30NCnAubXNvbm9y bWFsMCwgbGkubXNvbm9ybWFsMCwgZGl2Lm1zb25vcm1hbDANCgl7bXNvLXN0eWxlLW5hbWU6bXNv bm9ybWFsOw0KCW1zby1tYXJnaW4tdG9wLWFsdDphdXRvOw0KCW1hcmdpbi1yaWdodDowbW07DQoJ bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG87DQoJbWFyZ2luLWxlZnQ6MG1tOw0KCWZvbnQtc2l6 ZToxMi4wcHQ7DQoJZm9udC1mYW1pbHk6Iu+8re+8syDvvLDjgrTjgrfjg4Pjgq8iO30NCnNwYW4u MTgNCgl7bXNvLXN0eWxlLXR5cGU6cGVyc29uYWwtcmVwbHk7DQoJZm9udC1mYW1pbHk6Iu+8re+8 syDjgrTjgrfjg4Pjgq8iOw0KCWNvbG9yOiMxRjQ5N0Q7fQ0KLk1zb0NocERlZmF1bHQNCgl7bXNv LXN0eWxlLXR5cGU6ZXhwb3J0LW9ubHk7DQoJZm9udC1mYW1pbHk65ri444K044K344OD44KvO30N CkBwYWdlIFdvcmRTZWN0aW9uMQ0KCXtzaXplOjYxMi4wcHQgNzkyLjBwdDsNCgltYXJnaW46OTku MjVwdCAzMC4wbW0gMzAuMG1tIDMwLjBtbTt9DQpkaXYuV29yZFNlY3Rpb24xDQoJe3BhZ2U6V29y ZFNlY3Rpb24xO30NCi8qIExpc3QgRGVmaW5pdGlvbnMgKi8NCkBsaXN0IGwwDQoJe21zby1saXN0 LWlkOjE5NTA2MjczMTU7DQoJbXNvLWxpc3QtdGVtcGxhdGUtaWRzOi0zMzQ2MDI3MTg7fQ0Kb2wN Cgl7bWFyZ2luLWJvdHRvbTowbW07fQ0KdWwNCgl7bWFyZ2luLWJvdHRvbTowbW07fQ0KLS0+PC9z dHlsZT48IS0tW2lmIGd0ZSBtc28gOV0+PHhtbD4NCjxvOnNoYXBlZGVmYXVsdHMgdjpleHQ9ImVk aXQiIHNwaWRtYXg9IjEwMjYiPg0KPHY6dGV4dGJveCBpbnNldD0iNS44NXB0LC43cHQsNS44NXB0 LC43cHQiIC8+DQo8L286c2hhcGVkZWZhdWx0cz48L3htbD48IVtlbmRpZl0tLT48IS0tW2lmIGd0 ZSBtc28gOV0+PHhtbD4NCjxvOnNoYXBlbGF5b3V0IHY6ZXh0PSJlZGl0Ij4NCjxvOmlkbWFwIHY6 ZXh0PSJlZGl0IiBkYXRhPSIxIiAvPg0KPC9vOnNoYXBlbGF5b3V0PjwveG1sPjwhW2VuZGlmXS0t Pg0KPC9oZWFkPg0KPGJvZHkgbGFuZz0iSkEiIGxpbms9ImJsdWUiIHZsaW5rPSJwdXJwbGUiPg0K PGRpdiBjbGFzcz0iV29yZFNlY3Rpb24xIj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIGxh bmc9IkVOLVVTIiBzdHlsZT0iZm9udC1zaXplOjExLjBwdDtmb250LWZhbWlseTomcXVvdDvvvK3v vLMg44K044K344OD44KvJnF1b3Q7O2NvbG9yOiMxRjQ5N0QiPkhpIEJyaWFuLCBldmVyeW9uZTxv OnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIGxhbmc9IkVO LVVTIiBzdHlsZT0iZm9udC1zaXplOjExLjBwdDtmb250LWZhbWlseTomcXVvdDvvvK3vvLMg44K0 44K344OD44KvJnF1b3Q7O2NvbG9yOiMxRjQ5N0QiPjxvOnA+Jm5ic3A7PC9vOnA+PC9zcGFuPjwv cD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIGxhbmc9IkVOLVVTIiBzdHlsZT0iZm9udC1z aXplOjExLjBwdDtmb250LWZhbWlseTomcXVvdDvvvK3vvLMg44K044K344OD44KvJnF1b3Q7O2Nv bG9yOiMxRjQ5N0QiPlRoZSBvcHRpb24gMiBtYWtlcyBzZW5zZSB0byBtZSwgYmVjYXVzZSBJIHRo aW5rIHRoZSBEUG9QIFByb29mIHRvIEFTIGFuZCB0aGUgb25lPG86cD48L286cD48L3NwYW4+PC9w Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gbGFuZz0iRU4tVVMiIHN0eWxlPSJmb250LXNp emU6MTEuMHB0O2ZvbnQtZmFtaWx5OiZxdW90O++8re+8syDjgrTjgrfjg4Pjgq8mcXVvdDs7Y29s b3I6IzFGNDk3RCI+dG8gUlMgcGxheSBkaWZmZXJlbnQgcm9sZXMuIE1heWJlIHRoZXkgc2hvdWxk IGV2ZW4gaGF2ZSBkaWZmZXJlbnQgbmFtZXMuPG86cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xh c3M9Ik1zb05vcm1hbCI+PHNwYW4gbGFuZz0iRU4tVVMiIHN0eWxlPSJmb250LXNpemU6MTEuMHB0 O2ZvbnQtZmFtaWx5OiZxdW90O++8re+8syDjgrTjgrfjg4Pjgq8mcXVvdDs7Y29sb3I6IzFGNDk3 RCI+SG93ZXZlciwgQVMvUlMgc3ltbWV0cnkgb2Ygb3B0aW9uIDEgaXMgYWxzbyBhdHRyYWN0aXZl IGZyb20gdGhlIHZpZXdwb2ludCBvZjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJN c29Ob3JtYWwiPjxzcGFuIGxhbmc9IkVOLVVTIiBzdHlsZT0iZm9udC1zaXplOjExLjBwdDtmb250 LWZhbWlseTomcXVvdDvvvK3vvLMg44K044K344OD44KvJnF1b3Q7O2NvbG9yOiMxRjQ5N0QiPmFu IGltcGxlbWVudGVyLjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwi PjxzcGFuIGxhbmc9IkVOLVVTIiBzdHlsZT0iZm9udC1zaXplOjExLjBwdDtmb250LWZhbWlseTom cXVvdDvvvK3vvLMg44K044K344OD44KvJnF1b3Q7O2NvbG9yOiMxRjQ5N0QiPjxvOnA+Jm5ic3A7 PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIGxhbmc9IkVOLVVT IiBzdHlsZT0iZm9udC1zaXplOjExLjBwdDtmb250LWZhbWlseTomcXVvdDvvvK3vvLMg44K044K3 44OD44KvJnF1b3Q7O2NvbG9yOiMxRjQ5N0QiPkkgdGhpbmsgdGhpcyB0b3BpYyBpcyByZWxhdGVk IHRvIHRoZSBxdWVzdGlvbiBvZiAmcXVvdDtmb2xsb3d1cCBJOiBmcmVzaG5lc3MgYW5kPG86cD48 L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gbGFuZz0iRU4tVVMi IHN0eWxlPSJmb250LXNpemU6MTEuMHB0O2ZvbnQtZmFtaWx5OiZxdW90O++8re+8syDjgrTjgrfj g4Pjgq8mcXVvdDs7Y29sb3I6IzFGNDk3RCI+Y292ZXJhZ2Ugb2Ygc2lnbmF0dXJlJnF1b3Q7LiBU aGUgb3B0aW9uIDIgZm9yIHRoZSBmb2xsb3d1cCBJIHdpbGwgYWxzbyBicmVhayBBUy9SUzxvOnA+ PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIGxhbmc9IkVOLVVT IiBzdHlsZT0iZm9udC1zaXplOjExLjBwdDtmb250LWZhbWlseTomcXVvdDvvvK3vvLMg44K044K3 44OD44KvJnF1b3Q7O2NvbG9yOiMxRjQ5N0QiPnN5bW1ldHJ5LiBJZiB3ZSBjaG9vc2UgdGhlIG9w dGlvbiAyIGZvciBmb2xsb3d1cCBJLCBJIHRoaW5rIHdlIG1pZ2h0IGFzIHdlbGw8bzpwPjwvbzpw Pjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBsYW5nPSJFTi1VUyIgc3R5 bGU9ImZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q777yt77yzIOOCtOOCt+ODg+OC ryZxdW90Oztjb2xvcjojMUY0OTdEIj5jaG9vc2UgdGhlIG9wdGlvbiAyIGZvciBmb2xsb3d1cCBJ SSwgdG9vLjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFu IGxhbmc9IkVOLVVTIiBzdHlsZT0iZm9udC1zaXplOjExLjBwdDtmb250LWZhbWlseTomcXVvdDvv vK3vvLMg44K044K344OD44KvJnF1b3Q7O2NvbG9yOiMxRjQ5N0QiPjxvOnA+Jm5ic3A7PC9vOnA+ PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIGxhbmc9IkVOLVVTIiBzdHls ZT0iZm9udC1zaXplOjExLjBwdDtmb250LWZhbWlseTomcXVvdDvvvK3vvLMg44K044K344OD44Kv JnF1b3Q7O2NvbG9yOiMxRjQ5N0QiPjxvOnA+Jm5ic3A7PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNs YXNzPSJNc29Ob3JtYWwiPjxzcGFuIGxhbmc9IkVOLVVTIiBzdHlsZT0iZm9udC1zaXplOjExLjBw dDtmb250LWZhbWlseTomcXVvdDvvvK3vvLMg44K044K344OD44KvJnF1b3Q7O2NvbG9yOiMxRjQ5 N0QiPlRvc2hpbyBJdG88bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFs Ij48c3BhbiBsYW5nPSJFTi1VUyIgc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6 JnF1b3Q777yt77yzIOOCtOOCt+ODg+OCryZxdW90Oztjb2xvcjojMUY0OTdEIj48bzpwPiZuYnNw OzwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBsYW5nPSJFTi1V UyIgc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q777yt77yzIOOCtOOC t+ODg+OCryZxdW90Oztjb2xvcjojMUY0OTdEIj48bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+ DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48Yj48c3BhbiBsYW5nPSJFTi1VUyIgc3R5bGU9ImZvbnQt c2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90OyxzYW5zLXNlcmlmIj5G cm9tOjwvc3Bhbj48L2I+PHNwYW4gbGFuZz0iRU4tVVMiIHN0eWxlPSJmb250LXNpemU6MTEuMHB0 O2ZvbnQtZmFtaWx5OiZxdW90O0NhbGlicmkmcXVvdDssc2Fucy1zZXJpZiI+IE9BdXRoICZsdDtv YXV0aC1ib3VuY2VzQGlldGYub3JnJmd0Ow0KPGI+T24gQmVoYWxmIE9mIDwvYj5CcmlhbiBDYW1w YmVsbDxicj4NCjxiPlNlbnQ6PC9iPiBUaHVyc2RheSwgRGVjZW1iZXIgMywgMjAyMCA3OjI5IEFN PGJyPg0KPGI+VG86PC9iPiBvYXV0aCAmbHQ7b2F1dGhAaWV0Zi5vcmcmZ3Q7PGJyPg0KPGI+U3Vi amVjdDo8L2I+IFtPQVVUSC1XR10gRFBvUCBmb2xsb3d1cCBJSTogY29uZmlybWF0aW9uIHN0eWxl PG86cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gbGFuZz0i RU4tVVMiPjxvOnA+Jm5ic3A7PC9vOnA+PC9zcGFuPjwvcD4NCjxkaXY+DQo8ZGl2Pg0KPHAgY2xh c3M9Ik1zb05vcm1hbCI+PHNwYW4gbGFuZz0iRU4tVVMiPlRoZXJlIHdlcmUgYSBmZXcgaXRlbXMg ZGlzY3Vzc2VkIHNvbWV3aGF0IGR1cmluZyB0aGUNCjxhIGhyZWY9Imh0dHBzOi8vZGF0YXRyYWNr ZXIuaWV0Zi5vcmcvbWVldGluZy9pbnRlcmltLTIwMjAtb2F1dGgtMTYvc2Vzc2lvbi9vYXV0aCIg dGFyZ2V0PSJfYmxhbmsiPg0KcmVjZW50IGludGVyaW08L2E+IHRoYXQgSSBjb21taXR0ZWQgdG8g YnJpbmdpbmcgYmFjayB0byB0aGUgbGlzdC4gVGhlIHNsaWRlIGJlbG93IChhbHNvIGF2YWlsYWJs ZSB3aXRoIHNvbWUgdHlwb3MgYW5kIG9taXR0ZWQgd29yZHMgYXMgc2xpZGUgIzE4IGZyb20NCjxh IGhyZWY9Imh0dHBzOi8vZGF0YXRyYWNrZXIuaWV0Zi5vcmcvbWVldGluZy9pbnRlcmltLTIwMjAt b2F1dGgtMTYvbWF0ZXJpYWxzL3NsaWRlcy1pbnRlcmltLTIwMjAtb2F1dGgtMTYtc2Vzc2EtZHBv cC0wMS5wZGYiIHRhcmdldD0iX2JsYW5rIj4NCnRoZSBpbnRlcmltIHByZXNlbnRhdGlvbjwvYT4p IGlzIHRoZSBzZWNvbmQgb25lLiBUbyBzdW1tYXJpemUgKGJ5IGJhc2ljYWxseSByZXBlYXRpbmcg dGhlIGNvbnRlbnQgb2YgdGhlIHNsaWRlKTogSXTigJlzIGJlZW4gc3VnZ2VzdGVkIHRoYXQsIGZv ciByZXNvdXJjZSBhY2Nlc3MsIGhhdmluZyB0aGUgSldLIGluIHRoZSBoZWFkZXIgb2YgdGhlIERQ b1AgcHJvb2YgSldUIG1ha2VzIGl0IHRvbyBlYXN5IHRvIGp1c3QgdXNlIHRoYXQga2V5IHRvIHZh bGlkYXRlDQogdGhlIHNpZ25hdHVyZSBhbmQgbWlzcyBjaGVja2luZyB0aGUgYmluZGluZyB0byB0 aGUgQVTigJlzIGNuZi9qa3QgaGFzaCwgd2hpY2ggdW5kZXJtaW5lcyB0aGUgdmFsdWUgb2YgZG9p bmcgdGhlIGJpbmRpbmcgaW4gdGhlIGZpcnN0IHBsYWNlLiBBcyBJIHNlZSBpdCwgdGhlcmUgYXJl IHR3byBvcHRpb25zIGhlcmUgYW5kIEknZCBsaWtlIHRvIGdhdWdlIFdHIGNvbnNlbnN1cyBvbiB3 aGljaCB0byBtb3ZlIGZvcndhcmQgd2l0aC4NCjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjwvZGl2 Pg0KPGRpdj4NCjxvbCBzdGFydD0iMSIgdHlwZT0iMSI+DQo8bGkgY2xhc3M9Ik1zb05vcm1hbCIg c3R5bGU9Im1zby1tYXJnaW4tdG9wLWFsdDphdXRvO21zby1tYXJnaW4tYm90dG9tLWFsdDphdXRv O21zby1saXN0OmwwIGxldmVsMSBsZm8xIj4NCjxzcGFuIGxhbmc9IkVOLVVTIj5JdOKAmXMgZmlu ZSBhcyBpcyAoQVMvUlMgc3ltbWV0cnkgaXMgbmljZSwgaXQncyB0aGUgc2FtZSB3YXkgY29uZmly bWF0aW9uIHdvcmtzIGluIE1UTFMvVEIsIGFuZCB0aGUgYmluZGluZyBjaGVjayBpcyBraW5kYSBm dW5kYW1lbnRhbCB0byB0aGUgd2hvbGUgdGhpbmcgc28gaXQncyBub3QgdW5yZWFzb25hYmxlIHRv IGV4cGVjdCBpbXBsZW1lbnRlcnMgdG8gZG8gaXQpPG86cD48L286cD48L3NwYW4+PC9saT48bGkg Y2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1zby1tYXJnaW4tdG9wLWFsdDphdXRvO21zby1tYXJn aW4tYm90dG9tLWFsdDphdXRvO21zby1saXN0OmwwIGxldmVsMSBsZm8xIj4NCjxzcGFuIGxhbmc9 IkVOLVVTIj5Gb3IgcmVzb3VyY2UgYWNjZXNzLCBwdXQgdGhlIGZ1bGwgSldLIGluIHRoZSBBVOKA mXMgY29uZmlybWF0aW9uIGFuZCBvbWl0IGl0IGZyb20gdGhlIHByb29mIChsZXNzIGVycm9yIHBy b25lLCBubyBoYXNoIGZ1bmN0aW9uIG5lZWRlZCBmb3IgY29uZmlybWF0aW9uLCBzb21ld2hhdCBs ZXNzIGRhdGEgb3ZlcmFsbCBiZXR3ZWVuIHRoZSB0d28gYXJ0aWZhY3RzKTxvOnA+PC9vOnA+PC9z cGFuPjwvbGk+PC9vbD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFu IGxhbmc9IkVOLVVTIj48bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8L2Rpdj4NCjxkaXY+ DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBsYW5nPSJFTi1VUyI+PG86cD4mbmJzcDs8L286 cD48L3NwYW4+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPGRpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNv Tm9ybWFsIiBzdHlsZT0ibWFyZ2luLWJvdHRvbToxMi4wcHQiPjxzcGFuIGxhbmc9IkVOLVVTIj48 aW1nIGJvcmRlcj0iMCIgd2lkdGg9IjkzMSIgaGVpZ2h0PSI1MjMiIHN0eWxlPSJ3aWR0aDo5LjY5 NzlpbjtoZWlnaHQ6NS40NDc5aW4iIGlkPSJfeDAwMDBfaTEwMjUiIHNyYz0iY2lkOmltYWdlMDAx LmpwZ0AwMUQ2Q0EyMy43RDlEMzg1MCIgYWx0PSJTbGlkZTE4LmpwZyI+PG86cD48L286cD48L3Nw YW4+PC9wPg0KPC9kaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibWFyZ2luLWJvdHRv bToxMi4wcHQiPjxzcGFuIGxhbmc9IkVOLVVTIj48bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+ DQo8L2Rpdj4NCjwvZGl2Pg0KPC9kaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBsYW5n PSJFTi1VUyI+PGJyPg0KPC9zcGFuPjxiPjxpPjxzcGFuIGxhbmc9IkVOLVVTIiBzdHlsZT0iZm9u dC1zaXplOjEwLjBwdDtmb250LWZhbWlseTomcXVvdDtTZWdvZSBVSSZxdW90OyxzYW5zLXNlcmlm O2NvbG9yOiM1NTU1NTU7Ym9yZGVyOm5vbmUgd2luZG93dGV4dCAxLjBwdDtwYWRkaW5nOjBtbSI+ Q09ORklERU5USUFMSVRZIE5PVElDRTogVGhpcyBlbWFpbCBtYXkgY29udGFpbiBjb25maWRlbnRp YWwgYW5kIHByaXZpbGVnZWQgbWF0ZXJpYWwgZm9yIHRoZSBzb2xlIHVzZSBvZiB0aGUgaW50ZW5k ZWQNCiByZWNpcGllbnQocykuIEFueSByZXZpZXcsIHVzZSwgZGlzdHJpYnV0aW9uIG9yIGRpc2Ns b3N1cmUgYnkgb3RoZXJzIGlzIHN0cmljdGx5IHByb2hpYml0ZWQuJm5ic3A7IElmIHlvdSBoYXZl IHJlY2VpdmVkIHRoaXMgY29tbXVuaWNhdGlvbiBpbiBlcnJvciwgcGxlYXNlIG5vdGlmeSB0aGUg c2VuZGVyIGltbWVkaWF0ZWx5IGJ5IGUtbWFpbCBhbmQgZGVsZXRlIHRoZSBtZXNzYWdlIGFuZCBh bnkgZmlsZSBhdHRhY2htZW50cyBmcm9tIHlvdXIgY29tcHV0ZXIuDQogVGhhbmsgeW91Ljwvc3Bh bj48L2k+PC9iPjxzcGFuIGxhbmc9IkVOLVVTIj48bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8L2Rp dj4NCjwvYm9keT4NCjwvaHRtbD4NCg== --_000_TY1PR01MB1466B046019192708FF52C46E5F10TY1PR01MB1466jpnp_-- --_004_TY1PR01MB1466B046019192708FF52C46E5F10TY1PR01MB1466jpnp_ Content-Type: image/jpeg; name="image001.jpg" Content-Description: image001.jpg Content-Disposition: inline; filename="image001.jpg"; size=83288; creation-date="Fri, 04 Dec 2020 00:54:45 GMT"; modification-date="Fri, 04 Dec 2020 00:54:45 GMT" Content-ID: Content-Transfer-Encoding: base64 /9j/4AAQSkZJRgABAQEAYABgAAD/2wBDAAoHBwkHBgoJCAkLCwoMDxkQDw4ODx4WFxIZJCAmJSMg IyIoLTkwKCo2KyIjMkQyNjs9QEBAJjBGS0U+Sjk/QD3/2wBDAQsLCw8NDx0QEB09KSMpPT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT3/wAARCAILA6MDASIA AhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQA AAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3 ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWm p6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEA AwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSEx BhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElK U1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3 uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwD2aiii gAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKA CiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAK KKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoo ooAKKKKACiiigAooooAxfCDtJ4S0t3Ysxt1JJOSa2qxPBv8AyJ+lf9e6/wAq26ACiiigAooooAKK KKACikqtDqNtcXUlvHIGlTqP8KALVFJVa61G2s5Y455ArSHAFAFqikyCM5qG5uorOBpZ3CotAE9F RQTx3MKyxMGRhwRUlAC0UUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFF ABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUlLQAUUlLQAUUlLQAUUU UAFFFFABRRRQAUUUUAFFFJQAtFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFJRQAtFJRQAtFJS0AFF FFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAGJ4N/5E/S v+vdf5Vt1ieDf+RP0r/r3X+VbdABRRRQAUySRIo2eRgqKMkntWd4j12Dw3odxql1HJLFAAWSPG45 OOM/WuNfxj/wldhHcWlvcRWjdEYDJI9cGplOMFeTsNJvY9ER1kQOjBlYZBHelritD16TT28meKZr c/7OStXdX8TLJEYLISIzD52dSpA9gf51MasJO0WDi1uT+IdbMMYt7R1JfIZ1PTHUVy8U0kEqyxMV dTkEVE43Dk89c1BcC6dI1SNo45SR556e+PerclHRsLNnaW3imKfTJpBta5g4dAeM+tcxc3Mt3O00 zbnY/lVeGBIIRHGMKP1pUB+YM4SJBlpT0UenuT2FKc1CN5Ak3sdBpHiGaCEwSoJFQgB2bbt/2c+v pVDVdWl1O4YuCkaHCxn+H6+9UGxIAuzbEv3UP8z6mnZ8zCuwEo+VJGOA3+yx/ka5/aVI+/NafkVZ PRGho+sS6bOECtLHIceWOufUV1um6nHfp/CJB2Vsgj1BrgchVZI2DMeJJFPH+6p9PU96ltLqSwlE kWQoOSq9vce/86PaVH78V7vbq/MLR26no9MWWNpGjV1Lr1XPIrnbjxWv9nqbdDLO44ZBlB7/AP1q 5+31G6tbv7UizGUnLEj7315rRYik/tC5Jdj0aiuP8K/EbTvFOr3GmQ21zb3MCkt5u3a2Dg4wa7Ct iQooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKSiqu qahBpOmXF9dNiG3jMjH2FCV9AH3d7bWFu095cRQQr1eRwo/M1z0nxK8KRybG1iIn/ZRyPzAxXiGu 69q3jjXVLiSVpH2W1qnIQdgB6+prp4PgprclmJZLyzimK58k7jg+hI4rs+rwgl7SVma8iXxM9i0z W9N1mIyabewXKjr5bgkfUdRV6vl9hq3g3xAVy9nf2rc4PBH9VNfRPhbXo/Enh201KMBTKuJEB+64 4I/Os61D2dpJ3TJlCxsUUx5FjQvIyqg5LMcAVVTWNOkkEcd/aM5ONqzKT+Wa5yC7RSZpkk8UIBlk RAehZgKAJKSmLcRNGZFlQxr1YMMD8agh1awuJRFBfWskh/gSZSfyBoswLVZur+I9K0FFbVL6G23f dVj8x+gHNaEkiRrukZUX1Y4FfN/j+9k1DxzqjtJ5gSYxRnOQFHAxW1Cj7WVmXCPMz3LTPHfh3WLp Lax1SKSdzhUKspY+2QKlXxn4fe5FuurWpmL7AgfndnGK4/wb8MbPStUsNWGrfaZok8wwhVwGK465 zxmuetfhfqcfiOK7N9pxRboSkCX5sbs4x61fs6V3qPlie2UtRySxwrukdUXOMscCmG8tliaU3EQj T7zlxtH1NcxmT0VWg1C0uUZ7e6glRPvMkgYD6kVJHcwzMViljcjqFYGiwEtFU21fT1m8pr+1Eucb DMu7P0zVpnVELMQqgZJJwBRYB1FVINVsLmXy7e9tpZP7qSqx/IGrWaAFoqOWaOBC80iRoOrOwA/O qq61pjttXUbNm9BOuf50WAu0Egck4FIWGN2RjGc14p8WPFWpHXZNJtb3Zp4iVisJxvJ67iOv0rSl SdSXKiox5nY9qjkSVFeNldGGQynINZV94t0PTbt7a91S2hnT7yO+CKp+Ap4j4J0aNZULi0TKhhnp 6VwnjX4c6hrfiu9v4LywjjmKkLLLhhwByKcIRcmpOwJK9metwTR3MEc0Lh4pFDKw6EHoakqjotq1 joljayMrPDAkbFTwSABxVqWaOCMyTSJGg6s7AAfjWb30JJKKpw6tp9xII4L61kc9FSZSfyBq3mkA tFRSXMETbZJo0b0ZgKSW6ggh86aaOOL++zgL+dAE1FVrbULO8JFrdQTkdRFIGx+VWKAFqlqer2Gj wrNqV1FbRs21WkOAT6VdrzX43f8AItWX/Xz/AOymrpx55qLHFXdjqv8AhO/DX/Qas/8AvunL448N scDWrL8ZAK8K8H+Cbvxk10LO5gg+zbd3mg85z0x9K6G7+CutwW7yQ3dlO6jIjUspb8SK6pUKMXZy NHCKdrntdreW99Cs1pPFPE3R42DA/iKLy9t9PtZLm7mSGCMZeRzgKK+cvBfiG98L+JYDEzCKSUQ3 EB6MCcHj1Fe8eMdLk1rwrf2EEkcckyAK0hwo5B5NY1aPs5JN6Eyjysn07xPo2r3P2fT9Rt7ibbu2 Rtk49a1a8t+HXgO+8OeJGvbm6spY/IZNsMm5snFeo5qKkYxlaLuKSSegtFUn1rTI22vqNmrehnUH +dWYriK4jEkMiSIf4kYEfmKizJJKKTNVZ9VsLZytxe20TDgh5VU/qaQFuiobe8t7tS1tPFMo6mNw 38qlzQAtFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAGJ4N/wCRP0r/AK91 /lW3WJ4N/wCRP0r/AK91rboAKKKKAKmp6ba6xp81lfRLLbzDDo3euPuvBFvodiBpsYa3TlkZQSvv 9K7ukIzxQ1cDzjRvDn/CRzF5ovJ02M4JC7WmPoPatjVvDaWFuptA32ZOmSWMP+K/yrrlRUUKoCqO gHSlIyMHkHtWU6UZrsUpNHmhiMeDcLgfwoD/AKw/X+770nmPuZn/AHgcYdDwpHYD0x2rp9Q8IQl5 rmyZllYf6snK8dh6Vylw0kMq26RM907bUhA5J9/aoWH5tajuxufYm8kldyv+4/56t/D7Ef3vao5k S4jEbJ+4HKo3c/3j7/yrf0/wJH9nWW/uZmu2O9tjYRWxgce1ZWqWb6RKy3Jwg5D9mFEKLvebvbYH LsUt4hU7z8oH3qrJE184muVxCOY4m7/7RrpPC2iT3twup3qmO2X/AFELDlv9pqdruitYStPCM27n /vg+n0roIMFIltl2xLiP+6O30qzp2lXHiC8MEW6KzQ/vpsYz/srRpemz+IL3yrcmOzib99OO/wDs rXosMEdvEscShUUYAAoAwJ/BGlCA/YrdIJQuA3UH6iuUn065+3rp9vZqbtjjlPlQf3ifSvTqbsXf v2jdjG7HOKXKgucv4b+H+l+HL37dCC94ykO/QEnrxXVUUUwFooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAK4P4w3bW/gZ41OBcXCRn6ct/wCy13dcP8X7 JrrwLLIgz9mmSU/Tof8A0KtKP8RXKjucL8FrGO48V3Ny6gtbW+Uz2LHGa9yrwj4O6nHY+L3t5WCi 8gKKSerA5A/nXu+a1xd/aalVPiMjUfCui6tqC32oafDcXCJsDSDIx9OlXW+yaPp0kixxwW0CFyEU KAAMniuP8V/FC18L+IV05rRrpVjDTNG4BQnoMd+Kk8R69b+JPhXqmo6esqxPCwHmLtbgjNZ8k9Ob Zk2fU8m8R+K9X8ba0Io2mMMkmy2s4zxyeMgdSas6l8LvEWkaY2oSQROsa75Ehky8Y7n8PapPhMsJ 8fWvm4yI5PLz/e2/4Zr6AcKUYSY2YO7d0xXXVrOjJQitDSUuV2R4t8MPH13bapBoupztPaXB2QO5 y0Tdhn0NbnxwYro+l4Yj9+3Q/wCzXlFvx4ji+y5wLseXj/f4r1b44/8AIH0v/ru//oNE4KNaLXUG kpI4Dwzp3iDxVA2iaZcMtmjGaXe5VATgZYjk9OBVTxL4U1LwbqEUN6UDSLvimgY4bHoeDkV6R8DY wNL1Z+7TIM/RT/jUPx0A8nRT33TfySqVV+25EtB83vWJtNbVPiB8J2tI5Fe/inEZkkfG8Kcgk+uD +leS6jYT6bqdxY3OPPglMT4ORuBx1r2b4J/8ird/9fR/kK8t8Zf8j5q//X6//oVOi7VJQWwR0k0e lfDXwPrHh3V5L7UGiMEtttXZJuOTgjivMLB3/wCEygG9/wDj/H8R/v19K2X/ACD7f/rkv8q+aLD/ AJHK3/6/x/6HWdCbm5tig73PXfjUSvg23IJH+mp0P+y9eRaNaaxr2dF0zzZllbzmiDYUkDGST2Ga 9d+Nf/ImW/8A1+p/6C9YHwNgU3urTkfMI0QH2yTRRlyUHKwRdoXKWkeCtS8OeGvFF3qsLQOtmYog HyrZ5LDH0H5muL0KbVnvxZaPNMtzejyMI2CynqM9h7+lfQPj3/kRNZ/69mryH4RRq/j2DcM7YJGH 1wKqlUcoSmxxldNmf4r8Bar4Sggur+SCaOdtu+JiSrYzg5FSaPN4m8ZxW/h21vJHt4QX+dyFVf8A abqQOwr0n4zj/ijovUXS/wAjWD8DIwbzWXI5EcSj82oVVujztaoOb3bnC+JPDGo+DNVigunQSMvm RTQMcH6Hg8V7l8PNcuNe8GWt3eMXuE3RyN3cqcA/UjFcH8cx/wATPSD/ANMZP5rXTfCCRYvARkc4 VJ5GY+gFRVfPRUnuKWsUzzzxY3ifxV4pMFxZXsSSS+XbQOjKirngnt7k0zxD8LtX8NaQ2pTy2s0U ePMELHcme/IGa2dc+Lms6nqLWvh2JYYWfZEQm+WT0PtmszXdA8b3Oiz6nr88wtoV3NHNPgkZ/uji tYua5U7JDV9DY+FGtX+oRapoMk7Sxtas9uJGzsPQjPpyK4HXtDvfDuqPYajt+0IoY7W3DB6c12Hw WH/FZTn/AKc3/wDQlqn8Xf8Akfbj/rjH/KnF8tdxXUa0nY3/AIX+DNXtNY0/XZvL+wSQMy4ky2GX jiuW+JruPH2pgOwGV6H/AGRXtfgT/kRdF/69E/lXifxO/wCR/wBT+q/+gis6M3Os7kxd5M9qstVh 0XwBa6jdEmO3sUdhnlvlHH1NeGajrGu+PddWItLNLMxWG2jOEQemOnA6k16X423f8KXtdvTyrbd9 Plrl/gqIT4rui+PNFqfLz1+8M4/SpopRhKpbUI6Jsxtb+HGv+G9P/tCeONoU5d7d8mP3P+IrsPhV 48uru9XQtWmaYupNtM5y2RztJ78dK9M1oRHQ74T48r7O+7PTG0185+CN48baN5Wc/a4/yzz+lOEv b05cy2BPnTudL8ZWYeNIwGYD7KnQ+5qnonhXxL490+N1uUWxtEEEPnuQnA6AAHPuatfGf/kdI/8A r1T+Zr0z4YxrH8P9MCjGVdj9S5pym6dGLW4N2imeEXEOp+D9feHe9rfWrj5o24PofcGvpPQdR/tf QrG/KhWuIVkYDsSOf1rw74vceP7n3gi/9Br2HwH/AMiPpH/XutRiHzU4z6inrFM6CvNfjd/yLVl/ 18/0NelV5t8bf+Rasv8Ar5/9lNYUP4iIh8SPPPA/jhvBb3jLYi6+1BRzJs27c+x9a6a8+OF7LbOl ppMMMrDCu8pcL74wKo/CjwxpXiSTUxq1sJxCI/LyxGM7s9PpXoNx8KfC08bIti8RIwGSUgiuqtOi pvmWprJx5tUeUfD/AEH/AISbxZE91cxKkMgnkVnAeU5zhR356mvYviOSPAOqkEg+WOn+8K8G1uwl 8L+KLm1trhvMspv3UynDeoPHevZ/E+oPq3wemvpBh7i0jdvqSM0sQm5xl0FNapnA/Bt2bxqwLMR9 mfgn6V0Xxc1PXmmTT9Ptr1NOVA800UbYkY/w7h2A/Wuc+DX/ACOzf9er/wBK7D4g/E2bw7qB0vSI o3ukUNLLIMrHnkADucUVE/rHuq4P49DitN+Eeu6ppKX+61haVd6QzEhyO2eOM1l+Ddcv/Dfiq1RJ ZEjacQ3EJb5WBODx0z71v20PxE8ZQCVbi5S0l5Vy4hQj2xziuMtIJLfxJbwTEGWO8VHIOckOM81s ryUlNplLW9z2X4ueJbzQtGtbXT5WhlvXZWlXgqq4yAe2c15t4U8CXHjK3luV1O1iZH2lJWLSE+uP T3r2Lx54PTxfoywLKIrqBi8Dt93J6g+xrxPUfA/iXQpS8mnXHynia2y4+oK8iscPKPJyp2ZMGrWL kfhfxb4V8RmPTLW6e4gIZZbZS0bg/oR6g179ps89zptvNdQmC4eMGSI/wNjkV89aR8QfEmgzKi3s s0aHDQXXzD6c8ive/DmtxeIdBtdThQoJ0yUP8LdCPzrPFKVk5JeoqifU06WiiuQyCiiigAooooAK KKKACiiigAooooAKKKKACiiigAooooAKKKKAMTwb/wAifpX/AF7r/KtusTwb/wAifpX/AF7rW3QA UUUUAJUYuIi+wSxlumNwzUteF6GB/wALUT/r9f8AmauEOa/kB7nS0lLUAMeRIxmR1UerHFVQmn/a /tP+j+eRjzMjdj61yPxeGfCMP/X2n8mryjSbO3vL+2geZo5JJVUYjyOtbQpc0ea4mz6RHIqG5s7e 8QJcwpKqnIDjODUkKeVCiZztUDNPrEZGzxwqNzKi9Bk4FRyTWssbJJLCysMEFhzWD448LzeKtLgt YJo4mim8wlxkYwR/WvE7DSHv9eTS0dFkeYw7z0yCRn9K1hTUle4mz6LtIbe3gWO0SNIh0EeMVPWL 4T0WTw/4ft9PmkWR4i2WUcHJzW1WTGISACScAd6i+12//PeL/vsVX1r/AJAd/wD9e0n/AKCa+cbS O2eUC6leGLHLIm45+laU6fPcTZ9NI6yLuRgw9Qc06uW+HUENv4Qt/s0zTROzMrMm09fSupqGrOww ooopAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAJUF7Zw6 hZTWlygeGZCjqe4PBqeigD5y8WeCdT8IaiXVJZLMNuguo88emSOjCrEXxX8URWX2f7dE2F2iVowX H4+tfQjosiFXUMp6gjINZx8N6MZvNOl2fmf3vJX/AArrWJTVpxua+07o+etB8N6v4z1b9yssglfd PeSAlV9ST3PtX0JbaBaW3htdFVc2og8g5HJBGCfr3rQigigjEcMaRoOiooA/IU/FZ1q7qNdEiZTc j5s13w7q/gbXFkxKghk3212g+VgOhz2Psa0dU+LHiDVNKexd7aESLsklhQh2HcdeM+1e/wAsMU8Z jmjSRD1V1BB/CqMfh3SIpfNj0yzWT+8IV/wrX6zF2543aH7TujyH4X+BLq91aDWdQgaGytm3wq4w ZX7HHoK3/jkQNH0vOP8Aj4f/ANBr1AAAAAYAqOe1guVAuIY5QOQHUNj86ydduopvoLnvK55n8DSD o2qYI/4+F/8AQar/AB1IEGi5IHzzfySvVILaC2BFvDHECckIoXP5Uk9rBc7ftEEUu3pvQNj86Srf vfaWDm97mPPfgmQfCt3g5/0o/wAhXl3jNgPHmr8j/j9fv/tV9KQ20NuhWCKOJSc4RQo/So302ykc u9nbs7HJZolJJ+uKuOI5ZudtwU7O4WX/ACD7f/rkv8q+Z7Bh/wAJlb8j/j/H/odfUG0AYHQdqrDT bIOHFnbhwc7vKXOfyqaVb2d9NwjKxwvxrIHgy3ycf6an/oL1jfAwgtq+Dn/V/wBa9Ymt4bhNk8SS qDna6hhn8aSC0t7bP2eCKLd18tAufypKral7Owub3bGH4+P/ABQms/8AXs1eRfB5gfHsWCD/AKPJ /SvfHjSVCkiK6MMFWGQfwqKGwtLd98NrBG+MbkjAP5iiFbkg4W3BSsrHC/Gg48Gxkn/l6T+RrB+B ZBn1nBB+WL+bV65Nbw3CbJ4kkXOdrqCP1psFpb2277PBFFu67EC5/KhVrUnTsPm92x5B8cyBqWj5 IH7mT+a10Hwqt/tvw3ntw2PNkmTI7ZGK7+eztrkg3FvFKV6F0DY/OnQwRW6bIYkjTrtRQB+Qput+ 7ULbBze7Y+Y4W1DwX4miklh8u8spchZBw3bj1BHeum8RfEDWfHNg+m2Wm+VAB5k6wkyEheeTgYHF e4XmmWWoAC8tIJ8cDzIw2PzpbXTrOxiMdpawwoeqxoAD9a1eJi7ScdUV7Rb2PCvg/fxWvjlI5GA+ 0wPEnP8AFw38lNWPjLp89v4uS9ZGFvcQKFfHG4ZyPr0r22PTrKFw8Vpbo69GWJQR+OKfcWsF3EYr mGOaM/wyKGH61P1n95z2Fz+9c8g+Gnj3Up9V0rw9KLf7EiNGGCHeQFJXnPt6Vy/xOI/4T/U+QOV/ 9BFfQFpo2nWD77SxtoW/vJGAfzqSXT7OaQvLaQSOerNGCT+OKFiIxnzJBzpO6Rh22kw698PLXTpz hLixjXdj7p2jB/A14ZdWOueAdfWVlktriBsxzBcpIOnB6EH0r6WVFRQqqFUDAAGAKZPbQXUZjuIY 5UP8LqGH61FOu4X00YozsfPuvfE7XPEWmnT5jbwwycSC3QhpPY5J4+ldT8KPAt1DfJr2qQtCqKRa xOMMSeC5HYY6fWvTYPD+k2svmQabaRv/AHliXNaGKqeIXLywVhuelkeEfGdgPGqZI/49U/ma9O+G hz4A0r02N/6Ea6Kaxtbh989tDK2MZeMMf1qWOKOFAkSKiDoqjAH4VM63NTULbCcrqx4D8XiB4/uM kf8AHvF/KvYfAfPgfSP+vda2JrC0uH3zWsEjkY3PGCfzNTRxpEgSNVVFGAqjAFKdXmgoW2E5XVh1 ea/G4geGbLJ/5ef6GvSqimt4blQs8Ucqg5AdQw/Wopy5JKQk7O58zeHvFup+F2nOlTxxmfG/cgbO M46/WtiX4r+KZUKjUI0zxlIVz/Kve/7K0/8A58bX/vyv+FKNLsB0srYf9sl/wrpeJg3dwNHUT6Hz foXhrV/F+rbYYpn819091IDtUHqxJ6mvavHVnFp3wwvrSHiKC3SNfoCBXWxxpEu2NFRR2UYFEkST IUlRXRuqsMg/hWdTEOck7aIlzuzwj4NEHxs2CP8Aj1f+YqP4s6Fdaf4uuL942NpeYZJcZAOACpPY 5r3aGxtbd98FtDG+MbkjAP6VJNbxXMZjniSWM9VdQwP4Gq+s/vOew/ae9c8Psvi/q8OhQ6XbWML3 aRiGOdSScAYHyY64964kifS9cjOoI8VxDOskqSDDDkNyPpX05a6JpllL5trYW0Mn95IgD+dSy6dZ zSF5bSCR26s0YJP44prEwjfljuPnS2RwXxP0jVdY0m11XQri5eNI8y28MhG9DyGCjqR39q4Lwn8S 9S8JWklhJbLdw7ywSVyjxk9ecH8q+gVVUUKoAAGAAOlU7nRNMvXL3On2srE5LPEpJ/GohWio8sld EqStZo+eNd1jUPH3iFJrfT189lESQ2y5OM9z369a948GaE/hzwtZ6fMQZo13SlTkbicnFalrp9nY jFpawwcY/dxhf5VZpVa3OlFKyQSlfQKKKKwICiiigAooooAKKKKACiiigAooooAKKKKACiiigAoo ooAKKKKAMTwb/wAifpX/AF7r/KtusTwb/wAifpX/AF7r/KtugAooooASvKtK8F63beP01KW0C2gu mkL7x9055xXq1JiqjNxvYApaKKkDk/iNot9r3h2O106ISzLcK5UsBwA3+NcJpvg7xbprx+TYW4Cu G3MVJH417NRitI1HFWCw2Ld5KeZ9/aN31p9FFZgJXk2keBdbtPGsN/JbKLVbtpC28Z2kk9K9apMV UZuN7AFLRRUgVdThe40q8hiGZJIXVR6kqQK8t8F+ANTs/EMUutadGbMRsGDMGGcccV65SVUZuKaQ WIrW1gsoFhtokiiXoijAFTUUVIBRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABR RRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFF FABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUU AFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQBieDf+RP0r/r3X+Vb dYng3/kT9K/691/lW3QAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFF FABRSV5P8XvFmp6dqNtpOn3ElrE0XmySRnazkkgDPpxV06bqS5UOK5nY9Zorxr4TeL9VufEB0i+u pbu3liZ0MrFmjK+hPOK9kp1abpy5WEo8rsLWD45vbjTvBWrXdnK0NxFbsySL1U+orermviL/AMk+ 1v8A69WrMQvhLWN3gHTNT1e8UFrZXmnmYAZ9SataZ4w0DWbn7Pp2rWs8/aNXwx+gPWuCvPDuo+I/ gvoEOlqsssCxztbscCZQD8v61lS6p4duNT02HxJ4ZuvDV5bzKY7i1jVEyOgJ28igD1nV/EOk6CiN q2oQWgf7okfBb6Dqak0vWtO1uAzaXewXUanDGJwdv1HavO/GmjapZeOk8SRaJH4g09rYRfZ2+Ywk dSBz9eh6mpfh/feGLzxXezaZaXukapLDiXT5AEiIGMsqgdf8elAHoen6pZatC02n3MVzGjmNmjbI DDqP1otNUsr65uLe1uopZrZtsyI2TGfQ1w3wW/5FXUP+wlL/ACWsOw1GbSpfiXe2rFZopCUYdVJ3 DP4ZzQB6Je+M/D2nX32O81iziuAcFGkGVPv6fjWs11AtqbozJ9nCbzJu+XbjOc+leLeE44IvCkMc 3gC81RrpS8t4VVjLknlWPIrrfhdpmpQ+GdQ0nXLC5gtBMwt4rjg+Uw5XP5/nQB3Gn6jaaraLdWFx HcQMSBJGcg461aqjpOj2OhWCWWmW629shJWNSTgnr15q9QAUUUUAFFFFABRRRQAUUUUAFFFFABRR RQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFF ABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUA FFFFABRRRQAUUUUAFFFFABRRRQBieDf+RP0r/r3X+VbdYng3/kT9K/691/lW3QAUUUUAFFFFABRR RQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFACVzXi/wNp/jCOI3TSQXMORHPHjOPQg9 RXTUU4ycXdDTscn4P+H2neEJJLiGSS5u5F2maTA2r6ADpXV0tFEpOTuwbuFY/izSp9c8LajptqyL PcwmNDISFBPritiikI4K+8A3934A0jSob8Wuq6YFaOWNm8ssOx74/DtVHUvCnjPxhFbaf4mn0mDT 4pVkla1DNJLj0yOM/hXpdFAHCa34V8Q2fika94VvYC0kIhms7xm8tgAACMfQenP1p3h7wjrDeL5P E3ieezN4IfJhgtAdiD1JPJNdzRQB5lZeDvGPha+v4PDF9px028mMq/at26En0GDk9vfFXvCPw8ud HXxBb61cx31vquAZFJ3uCDuLDHB57Zrv6KAPM7Dwz4+8M2L6RomoaZcaeCRbzXIYSQqeemCO/vXR eGfCt54a8L3NrHftc6rcbpGuJSSokI4wDngV1VFAGR4at9YttFij8Q3MNzqAZt8kI+UjPHYdvate iigAopKWgAoopKAFooooAKKKKACikooAWiikoAWiiigAooooAKKKSgBaKKKACiiigAooooAKKSlo AKKSloAKKKKACiiigAooooAKKKKACikpaACikpaACiiigAooooAKKSloAKKKKACiikoAWikpaACi iigAooooAKKKKACiiigAooooAKKKKACiikoAWiiigAopKWgAoopKAFooooAKKKKACiiigDP0LT30 rQ7KxlZXe3iCMy9CRWhRRQAUUUUAFFFJQAtFFFABRRRQAUUUUAFFFJQAtFFFABRRRQAUUUUAFFFF ABRRRQAUUUUAFFFFABSEhQSTgDqTS1keKEnk0GdbcMW4LBepXPNAm7K5eg1G0upDHb3MUjr1VWBN Wa8u0aOeTV7YWwbzA4OR2Hf8K9QFNqxFOfOhaSlpKRoed6Tr9xZeLPG8t3PczW1j5bRxDL7Pl/hX 6+lZui67qfjb4a31rDLfya0JM+bGvljmX5cNwMADkDoK0fDP/I/eO8f7H/oBq78IJFbwDboHBZJ5 tyg8j94etAGpq3jDTvCy2dhfPcXN+8IIhtojI7ADBYgdvrV3w74p0zxRbSy6ZKzGFtksciFHjPoV Ncl4osI7z4gRPoeuDTPEcdoAY5ot0c0WSQMnvVjwDrN1ceItb0vVLOwXU7bY895ZD5Z89N3vz/Og Cf4qajPpfhi1uLe5ktiL+EO8bFTs5yCR2qzpnxJ0HU9RgskkuYWuDi3kuIGjSY/7LGs74xmEeELU 3IzANQh8z/d5z+lQfFG4sLnwrpcNm8UlzNdwGxEWCeo5XHbFAHRa9450jw9fLY3DT3F6y7/s9tEZ HVfUgdKuaJ4n0vxBp0l9YXIaGEkShwUaIjqGB6V5zpFvrT/EjxPFY6vZ6ffNIrEXNt5jSx44KEkc ew9qqyWU32HxzJBrUWpX0lsouUtLZo0VgRkgjgnAOce9AHaD4q+HDPjzLr7Nv8v7Z9nbyN2cfe9P etXXfGejeHHtRqVwyLdqzROiFwwAz29c8eteeQW2pS/DNHl8U6RFobWgjaP7CCVGMbeud+fxzzU3 2OL+1fhzbvN9tiVZCsrxld4Ckqdp5HQflQB22g+PdH8Qak2n2xuIbwKXWG5hMbOvqM9a6KWVIInl lcJGilmZjgADqa4bxKgX4t+FHAAdobhSe5AHT9TXWa6bT+wb/wDtAsLM27icqCSE2ndjHtQBzcfx W8OPMm57uO2d9iXb2zCFjnH3vT3roG8QWC+IYdF3sbya3+0oAvylMkZz+FeVuNT8P+CkvLDVNM17 wuoBW1vYgrhc8KP9oGt8X8Mnxb8P3bgW0d1on7tH4wSzHb9cUAdr/wAJDYDxGdDLv9uEH2jbtO3Z nHWsGX4peHYbuWIy3LQxOY3ukgZoQw7bq5vWLkaj8Utaj02RZZ49BliHlnP7zHTjvyKu+GdU0KL4 MhJ5bZYY7R47iJiM+bzkEdck9PwoA6lvGujR+F49fkuGSwk+4WQ72OcYC9Saz7L4naDd3ltaH7ZB dXMgjjhmt2Rjnofp71wNo8Vv4a+Hl1fgf2bFdP5zMPkVifkLfj/I10vxAvtNuPF3hGKGWGW9W9Df IQxEZ9cdicUAdLr3jrSPD98LGc3Fxeld5gtYjI6r6nHSrOneLtH1TRZtVtrxRaW+fPLgq0WOoYHk GvPdGg1qT4ieK4tO1ez0+8a4DFLm28x5IudpUk9AMcD2pNPs9OCeM5NZ15L2CWNFvjZ2rIsb5wGG MgnPXFAHW2fxR8P3l3BAxu7dLlgsE1xbskchPTDH+tZk/jt4viwNJdrv7AkHk+UkBOZiwG48Z2+/ SsC+udY8MeH9Pubm+0vxH4dDx+RHNHiUDgLt9wK6GOdT8bkdj5fm6N8oc4OSwOPrQBs6v8Q9F0fU pLBjdXVzCMzLawNJ5Q/2iOlaEfizRpfDja6l9H/ZyqWaXnj2x1znjHWvNfAtvrzza9Hp+u2Fhcx3 8jXUNxah5DzwxYkfL1/X1rJu7WGDwpcTpqcWo6f/AG/FLemG2aKNODuwOhXkdPagDpPFnxGs9V0+ xg0ma/s7l76EgSRNEZY92CQe46V6kzBELHOAM8V558VrrTZdK0MLJC9w+oQtbbCCdmfmIx2xivRa APNfD/juTWNc8S2kkl5tw32IGAqIlVDnJx8pz61V8G/E/TNN8HafFq9xfXN0gf7TMImkEeXbG5vp ir3h6VB4g8fxFxvMpIQnkjyz2p3gK1hHwU/1anzra5eTI+8cuMn8APyoA6zUfFej6XokOrXN4v2O fb5LoCxlJ6BQOSazdJ+Imjatq0emhbu0u5uYUuoGj836Zrh4NV+yeBfBNpDYWd1qN1IRaS3hPl27 A/e+vIxT9b/taHx/4Uj13WLK8uhc7hBbQ7PJB7k5yc/0oA3NC8eNqHxL1PTZWuzabY4rWI25ARgP mLccZPQmvRK4Lw/KifGHxUjuAzQW20E8nCDpXbW15bXqM9rcRTorFS0bhgCOo470AcL8WvE0uj6N DY2k13b3F3KgM0CH5Y8/MAw6H2qxpviPQfB/hmz8y91O4F27NBHdIz3Mhzz8uMgU34sn/intP/7C UH/oVVrl4rf45wvqTKqS6btsmk6b93IHv96gDpfD3jLSvEss0Fk8sd1CMyW1xGY5FHrg9qzrL4oe HtQ1O3sLV7qWeaTyvlt2wjZwAx7ZxWZqkkM/xq0YaeUa4itJPthTsv8ACGP+e1P+D1tEnha7lCLv kv5SzY5ODgUAdjrOr2ug6TcalfMy20ADOVXceSB0/GsbSPiHoOtS3YtZ5VitYjLJPLEUj2A4JDGo vil/yTfWf+ua/wDoa1h+OrNoPgxFFZJsRIbffsX+DK5zjt3NAGxa/FHw9dXUUW+6hhmbZFczW7JC 59mNaPiDxppfhu4htbozzXcyl0t7aIyOV9cDoK4HX7TUJ/AaHVPFmkjRZo4xH5dgCe20Lg5yPb3q 9qOmpceJdKGj+IfsXiWHTI1JmgPl3MePfoScnHNAHa6F4v0jxDZXFzZXBVbU4uEmUo0X+8D06H8q xh8VvDhmAMl2tqX2C8NswhznH3v61x17qup3mg+MtJvLOxGrW8CSXF3YL8s65GQ3vtz+tdVdX2if 8KbZvMtzZHTvLVcjHmbMAY/vbv1oA6a78RafZ6rp2nyyMZ9RDG32LlWCgE89uopbrX7Gz16z0eZn F5eIzxKEJUheuT26V5lZu9lefDOTUG8si3lQtJxjIXaDn2xW5rV7b3Pxr8PQQyo8kFrN5gVs7SQ2 AaANS3+KHh671OKwt3upZ5JfJIW3YhGzgZ+pp+qfEvQdKvp7VnubhrZttw9vA0iQn/aYcVlfCm2U eGtYmhRftD6jOA2OSRjb/Ok+Ftzp0HgS6S8eBJYrif7eshAOSx+9n/ZwKAOmv/Geiadodvq016rW lzgQGMFmlJ7Ko5JqLQfHOk+IL5rG3M9vequ/7PdRGN2X1APWvNtUns7zW/CNz4baPSNMbzltXu4M xpLu5O0nHPY5rbu7C+/4WB4e/tvxLZT6hDIWhht7Iq7IfvBmU8Aj196APUGYKCSQAOST2ri7j4r+ HoWdkF9PbRsVe6itmaJT/vd66bW7uGx0K/urmIzQw27u8Y/jUKSR+NeVi61u7+HE98t7oui6C8D+ XZww72IOfkyTwxP86APTL7xRpGnaCms3F4gsJFVo5FBO/PQKByT7VQ0Px9o2u6l/Z8JuLe7Klo4r qExmRfVc9a89R449A+Gs19t/s6OdvOZ/uK/Gzd29f1rvvEeoaGmvaZBNAtxrcgkFiyKGaE7fvE54 FAEWp/E3QNMvZrZnubg27bZ5LeBnjiPuw4rR1Hxnoml6LbapPeBra6x9n8pSzSk9lUcmuY+F11pk Hw5mW8eBGilnF+rkA53H72f9nFczqM1teeI/CNz4cePSNNeKZbN7u33RpJuOflJxk8YOfSgD0nQP G+k+Ibx7O3aeC8Rd5t7mIxuV9QD1FZ9z8U/D1tcyoTeSQQuY5LqO3ZolYdt1c/c2N4vxB0Rtc8S2 dxfwB2SC2sirPGR8wYqeBjOM+9Z1pbXun+HdQvfCeuWN/oAaV5tP1GLaVHJZefX8M0Aeiaz400fR LK0uZ52mF6M2yW6GR5hjOVA7Uvh3xlpXiaWeCyeVLqAAy288ZjkUeuD2rhbuXT/Etp4Tu7O+Hh7W nhdrJRHuixnDL6c44+tafhfV9Sg+IE+j+ILfTrjUWtPMGoWa4YoDwr+nT+VAHotcL8TtXk0aLQbh buS1h/tJfPZGIBTaSQcdRx0rs7a8tr1Ge1uIp0VipaNwwBHUcd64b4qwpc/8I1FKoaN9WjDA9CMG gDV0j4j6FrOrR6dC9zDPNkwfaIGjE3+6TUut+PdI0TUGsJPtN1eou54LWEyMg/2sdKx/iIijxD4M ZVAYaoqggdBxxVGDUdU1fxjr0XhdNK0oW0oS7u7hC80xAxnHoMGgDpIfiFoc/h241qOWZrW2cRzr 5R8yIkgcr171qan4h0/SNBbWLubFkEVw6jJYNjGB361518O7OPW7jxvZXd3HfLdShJJ41CrISHBY AdOazNKubjxEdB8EXW4yaZdu1/kcGOI/J19c/wAqAO/stTsn8a30w1G+LjTUnaxkQiONODvH+17V Ub4ueGhCk0cl5LCQDJJHbMViz/ePY+1UH4+KviT/ALAY/pR4KtYV+CUiiNdstpcM/H3iQ3JoA6/U fFWk6XoMesXN2v2KUKYnQbjJnoFA5JrIsfiboN9fWtj/AKZBeXMqxxwz27I2W6H6e9cHaOsGi/Di 61AqNMjlcSs/3VfJ2k10Xjy90648d+DIoJYZb1L0MxRgSsZIxnHqen40Ad9qV9HpmnT3kyyNHCu5 hGhZj9AOteUW3je+1j4UazNJdXY1OAlzOEKAKZMAKw44HYV7A33TjrivF9PlRvgBqaBwXSaTcoPI /ed6AOv0z4peH1hsba4uLn5o0jN08LeUZMAH5/r3rofEPizS/DMUJ1CZvNnOIYYkLySfRRXJ+Pba GH4K+XHEqpHb25QAdDlef1P51kaxHqDfFLSTbahb2EsulILWa6h8xC3O5QCfvUAd/wCHvGOleJZJ obJ5Y7qAZkt54zHIo9cHtW7XmmmWVyvxWs5NU8Q2l5qcVq6vBbWZTdGQcbmBwCCQefau38Sa5H4b 0G51SaGSaO3ALJH1OSB/WgDmfilf3dhZ6EbO5lgMuqxRuY3K7lIbg46in6Fe3dl8U9d0m7uppYbi FLu1R2JCDowX0GTWV8SdUs9ZsvCy2FxFPJcanFMiI4YlcHJwPqBU/wAR7w+F/Eei+J1UlI45rWYA dcqSg/76oAxpPE2pr8STq/2yUaGupDS/K3HZnZgnHT73f3rp9fvbu++KGg6RaXMsUFvDJeXSxuQH HRQ3qMgfnWEvhmX/AIUbtwxvmT+089zJneD/AN84q/8ADi5/4SXxDrfiYglHWKzhJHOFUFvzOKAK nhnxvHoXhXVr/Wbma5lGpTRW0LOWeQ54Rc9v5Vu+D9I126vH8QeJrueO4nH7jTkkIit07ZXu2P8A OenC+Evh5Z+K9P167uJ5VuxeTRWpDELCwbO7HucV3Pw98VXGpwz6JreY9c0w+XMrdZVHAcevv+B7 0Aa/jaaGDwhqEl1fXFhCqruubYEyR/OOmPy/Gqt7430Tw6lja6hdTmSa1WWJvKZmlHAHT+I+lQ/F T/kmusf7if8AoxawhDHN8TvCXmIG2aQXXI6ELwaAOp8O+N9J8TXU1rZtPFdwrueC4iMbhfXB7dPz q14q1gaD4cvb/Em+OJvL2RlyHIO0kemcZrmrhFT45WjKoDPpDbiO/wA//wBauq8Sf8ixqv8A15zf +gGgDzDUPGd1f/CmyvFvLyK9huoVuZyDHvySTg9xj0rtLH4m+Hr/AFWGxSW4ja4bZBLLAyRyn/ZY +tcPqzR3HwN0FAyuBNAjAHOPmPBrqfinBFFoWiiONV8rVLdY8D7o54H5UAbeveONJ8PXqWVw09xe su/7PbRGRwvqQOlXdA8Sad4msmudMmMio2yRGUq8bejKeRXnGmQay/xN8URWGr2en3ryIwFzbeY0 sWONpJHAGM4/pWx4BtvL8Z6/M+tW2oXTqi3S21qYkVxnBz0J65xQBo/FS/n03wgtxbXMlswu4Q0k blTt3c8jtTtP+J3h69v7eyE1zG05CQzTQMkcrezGqvxgRZfBKxsMq17ApHsWqv8AFWGOLwlpIRFU RX9uEwPu9uKAOl8Q+MtK8NzRQXjyyXcwzHb28ZkkYeuB0FSaB4r0vxJbzSWEzBrc4milUo8X+8p6 VwNxDqrfGLVks9TtNPu5LaP7O1zb+Z5iY5CZPHvT9N26d4v17UNS1m11S7g01he21raGMMowRlgc Z7etAHQXHxW8PQM7IL6e2jYq91FbM0Skf7XetnVPGGj6TokGq3F1utbnHkeUpZpc9AoHJrzn7Trd 38OLm+S90XRtCe2fy7OGHexBz8mSeGJ4/GoNDeGCX4dXF+VFkIJkR3+6s244yen0oA3JPGsWv/ET w1Bps95BGDMLq1lVoifkyu5T19q6XWfiBo2i6i9hIbm6uowGljtYWlMQ/wBrHSsLxLNZv8YvCyQt G12kc3nbTyFKnZn/AMerC8GW+vPrHiOPT9bstPulv5GniubUSSEZOGySDtxQB6J/wmejN4YfX47k yaen32RSWU5xgr1B56VH4e8caR4ovZrbSzcOYl373hZUYdMgn3rzSS2ih+H3jSSHVodR864RpDBb mKNJN3zbexB46elet+H7eK28P6dHDGqKttGAFGP4RQAuua9p/h3TmvdUuBDCDtHGSx9AByTWPo/x C0XWL8WKG6trp1LRRXUJjMoHPy56/Ssb4ilIfFnhG4vyo0xLthKXHyB8DaTTPifLBNqHheGzZH1U 6lG8Ow5cR/xH6Z2/lQBiaVrcfi74n3P2q/1qK3hlQWNvErRoMDJ8wY4Bx3xmvX64Xwcf+LjeMv8A rtD/AOgV3dABRRRQAUUUUAFFFFABRRRQAUUUUAFJS0UARpBHGSY40UnqVXGaeKWigApDS01iQpKj LAcD1oAz7XSNM0/UL6/t4Y4rm6w11JvJ3YHBIJwO9VNA8OaBpc0+oaFbwobz78kMhZX5zxyR1z0r gvCd/rNxrXjRbuwRY5C/2lzcBvIYRttUD+IH26VX8GeLte0zwDbS6d4bN3ptijefcPOEL4JLFF6k D1oA9I1/wjovifyzq9ik7xcJJuKso+oIqbRPDml+HLZrfSLOO2jc7n25JY+5OSaxtR8f2lt4a03U 7K1mu7jVCFs7ReHdz2J7AdzUNn4z1Sz1uy07xToq6f8Ab22W1xDOJUL/ANxvQ0AdJq+i6frtmttq tslxbo4lCOSBuHQ8fWua0vRPAWjal9usG0uK6B+VjdBtn+6C2BXX3P8Ax6zf7h/lXl3wu8HaBrXg mO61LSra4uGnlUyOvOA3FAHbax4S8PeLfKub+zhumAwk8bkEj/eU8imaUfCnhy0fT9OuNNtYgxDx +euSeh3ZOSfrXM6JaDwT8TxoNjK/9k6pbG4igdi3lSLnOCe3B/SsTwXYeEbqTXX8RpppuBqcwT7S 4Dbc9snpQB2kHw+8F3939vttOtJzv3HypS0e7/dB2/hXQXOiafd39leTWqNcWOfs7gkeXkYOADjp 615x4U/s2z+LF1F4TlDaMbIvdiJi0KSA8YPT0/M1sR+Pdc1gXN54b8OfbdLt3ZfPkuBG0+OuxaAO q1Oz0dL+01XU/IjuLXckE8suwJu6gc4OaemuaRcnyl1KxkL/AC7BOh3e2M815v8AEDxBYeK/AWja jEpWCTUo0mjl6xkZDK3+elWPFOl/DeHw7etC2lw3AiYwtbSjzN4Hy7QDzzigDp0+GPhNL77Uujxb 924KXYoD67c4/DpWnrvhTRvEsMUWrWMc4h/1ZyVKfQjBx7VS+Hcl7N4C0l9SLm4MPJkzuK5O3P8A wHFUvE3je80bxVaaDp+kHULm7t/NixLsw24jnjgAKTmgDTsfBuj6IxuNE0+C0vUgaGKX5jjPPzc8 8468153caTe3MdwLv4fJJ4gk3J9siwLYk8eZjOPeuy0jxpeSane6Rr2mCw1SC3NzEqSb450A6qe2 KoeGviHq3iIx3n/CP+Ro67hcXj3AwhUEkgYyRx+dABe+H9W0PwBpWl2mn2mrpb4W/tJFyZVPJ2E4 wQaxtJ8JtqXibSptP8KtoGnWEv2iaS4bMszdlHJOK14/iBr1/Yy6xpfhdp9FjJIke4CyyoOrKuOl aWofESxg8Nafqmn28t7NqbCO0tV4Z36EE9sHrQBp674M0LxLMk2q6fHNMgwsoYo+PTIIz+NMhs/D PhiwGkqtjZ29x8vkSOMy545ycn8ayLbxvqun6zZWHirRV09b9tltcRTiRN/ZW9DXMWUF9rPxd1Bt U8P2ty0KRArLOGFsmeHXjk+1AHaWXw18K2F+t5b6REJUbcm52ZVPqFJxVvXPD3h7U9TsbrWIIDeR uBbO8pRiQcgDBGee1b1ef/Ef/kZvBf8A2ET/AOy0AbOpeDvCniq8ku7m0trm5Q7JZIZSDkdm2nr9 ea0LXT9Bhsn8P2sVkIFQh7JSCdp65Xr36muW8MbdB+JfijTX2xwXSLqMf4/e/Un8q5DRZZrXxXpv jSViINY1Sa0f0EbfKn6gn8KAO+XwD4J0qZEextYpnYSRiWdt3y8/Lls4Ht+Nb/8Awkmi/wDQWsP/ AAIT/GuQa2i8SfGG5WdUltNJsPKZGGRvk6j8jWR8RvB+g6X/AGB9h0q2g+0amkUuxcb0IOQfagDs 4ND8Kar4gk1W1WzuNSKESSQz5JBG0khTjocZxWtY6Jp+m6ONKs7YRWIRkEIYkYYkkZJzzk1DpPhb RdCnebStNt7WV12s0a4JHpWd428YHwfbWM4smvPtVyINiNhuQSMep4oAtXXgvQb3RINIuNOjext/ 9THubMf0bOf1qva/DzwxZCHyNJiV4ZRMkm994cdDuzn8OntWBL8R9a0zVYtP1jwvJFdXqZsY4bhX MjZwFY9B7nt6VqeH/GWoXfiafQdf0pdPvlh+0RGOYSK6Z9aANe78JaNe67DrM9ijajDjZOGYHjpk A4P41T8LaRF4Q0ieO9mtYDc3kkuFfCLuPyoC3J4FY/8Awm/iLU4rq80Hw0s2nW7solubgRvLt6lV rJ8ZeIoPFXw30nVIIjEsupwho2OdjAsCM96APRdU0ew1u3jh1G3E8UciyqpYjDDoeDUOueG9K8SW 6wavZR3KIcoWyGQ+xGCKyLXxi+reKDpWh2Yu7W24vL4viOM/3V4+Zqpy+N9W1PU7238K6GuoW9i5 jmuZbgRqzjqqetAHQaF4X0fw1HImkWUduZPvsCWZvqSSas6To1jodo1tptuLeFnMhUMT8x6nkmuV l+JlsnhJtVWxl+2pciyexdgrJP02luw96saZ4r11ddtdO8QeH/sq3gJhubaXzowQM4bHT60AdJqu nWerabPZalEstpKP3qMxUEA56jHpSQfYJ9KVIWgmsCnljDBoyo4xnofSpb9lXT7lnTeoiYsp/iGD xXjeuarLN8NfDcmiaUtpYS3ufKW4PyuJWwnPUMcnPagD0K2+GvhS0v1vIdHiEqNuUM7Mqn1Ck4q/ r/hTQ/E5jXV7KOeSIfu23FXUfUEHFaOny3U9hDJf26210y5khV94Q+me9ec6HqOtN8YdZEtgnl+U iS5uRiGIHhx659PegDu9F8NaT4etHttKsYreKT/WAZYv9Sck1lp8NvCkeofbF0aHzQ28LubYG9du cfpWUnjzW9Xa6ufDXh37bplq7IZ5bgRtMV67Fq6/xI00eDE19IZmZ5PIW0x+887ps/8Ar0Ab2t+H tL8RWQtNWs47mFTuUHIKn1BHIqlpfgXw7otxb3Gn6ZFDPb7vLlDMWG4YOSTzx61h/wDCd61pFxZv 4o8PiwsLxxGtxFOJPKY9A4ru8jGe3rQBS0rRrDRLeSDTbcQRSStMyhicu3U8k+lZGqfD3wzrOoNf X2lRPcOcuysybz7gEA1kjx1rWsT3cvhfw8L/AE+0kaNriW4EfnMOojHerh+Idm/gv+34LS4lfzPI +xgfvBNnGw+n19KANy/8OaTqelJpl5YQS2SABItuAmOm3HT8KqaF4K0Hw3cPcaVp6QzuNplLM7Y9 AWJx+Fc/P461/RbyxPiPw9Ha2N7KsKyw3IkaJm6bhVzWPGWpjxRPoPh3SYr66tYllnaecRKAcEAe pwRQB17xrLGySKHRwVZWGQQeoNcxb/DPwnbXRuI9HhLHPyuzMgz1wpOKz5/iFe2/hG61ebQZ4bix uBDd20rY2jOCytj5hyK1vE3i6PQ9Esr20hW8lv5Y47WLdt8zfznOD25oAuL4V0ZdBGi/YI200ZxA 5LAZOeCTkcn1qvoPgvw/4dupJ9JsIorgja0hcuyj0BJOK2Z3nSyd4YlkuAhKx7sBmx0z9e9eZfDv X73TrDxFe6varHYQ3c000/nb2WQHmML39AaAOu1L4eeGNW1Br690qJ7hzudlZlDn1IBANaeo+HNJ 1bS006+sIJbOMAJFtwEx0245H4Vx/wDwsLX00sa5L4WZdDI37xcAzCP+/t9Mc13Wn30Gp6fBe2jh 4J0EiN6g0AYvh7wr4a8P3040a2t0vFAEp8wvIgPQHJJGagu/hp4VvtQe8uNIiMsjbnCuyqx9SoOK qafqtnD408W+Rpqx3dnDHJNcCQk3GIwQCO2OlaWleKm1LwJ/wkJtQjfZ3m8kPkfLnjP4UAW9W8Ka LrmnxWOoafDLbw/6pQNvl9vlIxim6F4R0Xw0ko0iwjgaUYd8lmb2JJJxXOS/EaeTS9BOn6Ws2p6y jPFA822OMDqSxq5YeKtcuv7T0++8PtbarawebEBNmGcez9AeaANDwboB8PaXcwMYd813JMywElI9 x4UZ54GK0tS0aw1c2xv7cTG1lE0OWI2OOh4P864n4OXeo3HhyZbu1C2wnkZLgy7mdy3zAjqMeveu l8UeJW8Oy6Si24m+33i2xy2NmQTn36UAaOoaLYarPaTX1us0lnL50DFiNj+vB/nWVqvw/wDDet6k 1/qGmJJcv991dk3/AO8ARmpPEfiZtB1TRLRbYTDU7r7OWLY8vpz79ax7zxrrF1r2o6d4b0SK+XTS FuHmuRGWYjOFH9aAOj0rw1pGh3M9xpdjFayXCqsnlZAYL0+XOB+Ap9t4f0yz1i51W3tI0v7oBZpg Tlx+eB07Vht8QLe38GDXb7T7q2mMnkCyYfvGlzgKvqD1z6VT/wCE51rSZ7STxP4eFhp95II1uIrg SGFm6CQdvrQB1J0HTjqdxqJth9ruYfs8su45aP8Au4zim2+laVpeiPpsMccOnxxsHjLnCoc5yScg dec1oOx8tjGAzYyoz1NeO6dfazcJ8QFu9PRYpI5/tDG4DeQwibCgfxCgDr/EmnSWvhWwtfDekWeq aOjYmsid++I85jYnqCTzXO6N4SbUfFWk3Nh4XbQNN06Q3Ej3BzLO/ZRyTgY/nTPDnjXXdH8B6feQ +GjNo1nCEkuGuArsBwWVfTNdjrHjU2tlpLaPp02o3WrANbRA7FC4BJZugxmgDqa5yPwF4Zja/WPT Il+3KBcosjAMM56Z45GeMVnab401aPxRBoXiLR4rK4u42ktpIZ/MR8dj6dKxvh9f61P468TLdWCL G9wv2lvtAb7OQrbVUfxA+3SgDutW0zSbnQXsdVji/sxVVWWSQooCkbctkdwO9M1bw1o3iGwhttRs ormCMDyiSQVGONrA5/Wsb4rj/i2msf7sf/o1KhtfGLvfaboWg2Y1C5SCM3ku/bFartHUgHJ9qANz QfCWi+GRJ/ZFikDyffkyWZh9SScVq3FvDd28kFxGssMilXRxkMD2IrktS8Z6jNr9zo/hjSBqM9mB 9qmlmEcUZPRc9zUK/EGd/DmrXQ0lo9V0kj7XYSScgf3lYDkY5oA1NI8AeG9C1AX2naZHFcjO1yzN s+mScVqazoeneIbH7Hq1stzb7w+xiR8w6HIIPc1kax41t9O8ExeIIIvPFwkZgh3YLs+MLn/PSt1Z rltNE3kD7UYd3k7uN+M7c/XjNADxBA1sbUKphCeWYx0C4xj8qraPomn6BYiy0q2W2t9xbYpJ5PU5 JzXnXw816/sR4mvNXtVisYb2ea4nM+4xOOsYHcDoDWkPiF4gOl/27/wix/sPG/f9pHneX/f2+mOa AO00rRbDRIpYtNtxAk0hmkAYnc56nkmopfDelTa7HrT2i/2lGu1Z1ZlOOmCAcHr3qzpuoW+rabb3 1m++3uEEiN7GsjTPFDXfjHVPD91aiCW0jWaBw+fOjPf2xkfrQBranplprOnTWGoQie1mAEkZJG7B BHI56gVCNB01dRtb8Wqi6tIfIhk3H5ExjbjOPzrA/wCFgIsviGU2TvYaMVjEsbbmnkPVQPY96zb3 x94i0a0t9U1nwzHb6TKyhmW6DSxBuhIx+lAHXyWOknxHFeyCL+1hAY4yZPn8rOThc9M98VcjmtdQ t5BFJDcQnMb7WDL6EGuJvZFl+NGkSLyraO7A+o3NUOheL9L0PwNeanb6YbdF1CSGO1icuZpSQOCe mf0xQBtHwR4S0uwkt5LKC3tbidJCsk7KrSDO3GW9zwK3NU0ex1qGKHUbcTxxSrMiliMOvQ8EV5V4 81zXryy0e217QVsFlv4pYpY5xIvB+63o2DXca34r1KHxAdF0DRzf3aRCWaWWTy4owenPc0AX9e8G 6H4lkSTVdPjmmjGFlBKOB6ZBGR9ataHoel6BZm10e1it4dxLBOSW9yeSfrXM6b411LU4dc02fSFt 9d02LcbcTgpICOCG7dc1z/gHxZN4e+HEt/q1oTaRzOLd1l3SXMrO2U29sHvQB6Xquj2OuWgtdStx PAHWQIWI+YdDwRTdU0Sw1q1jttRtxPDHIsiKWIww6Hg1yZ8da3pL2tx4m8O/YdNunWMTx3AkaAt0 3jtXclsoWTDHGRz1oAx9f8MaH4kVRrNnFO0AyrliroPqCDj9KTw94f0HStNePQra3FrcZ3tG3mCX scsSc9xXB+Fr/WZ/E/i9brT0WNy32hvtAbyCIztUD+IH2qn4G8Va/pfgC3Ol+GzeWFh5hnnacIX+ dmOxepwD1+tAHc2/wz8J210biPR4SxJIV2ZkGfRScVoP4Q0OTQF0R9PjbTkOVhZmO05zkEnI5J71 mX/xAtLbwtp2rWtrNcz6mVS0s1IDu57Z7YPeq9r401Ww1izsfFOirp6X7bLe4inEib+yN6GgDT0v wD4c0a6t7mw0yOK4t2Zo5d7FgSMHJJ549aXW/Anh7xFd/atT02OS4xgyqzIzD32kZ/GuhooAyB4V 0YaC2irYRLprfegUkA855IOc8dc1qQxJbwxxRLtjjUKq+gHAp9FAFPU9KstZsXs9Sto7m2f70bjI +vsfcVmaH4H8P+Hbk3Ol6dHFcEFfNLM7AegLE4/Ct+igCjaaNY2GoXd9bW4jubwhp5AxO8gYHBOB +FXqKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigApKWkoA8t0TUraw8V+ONKunMV5eM0sEb Kf3iiNiSD9K0fBqgfBQYGM2U/wD7NXfGGMybzGhfGN20Zx9az9V1ux0SSxguw4N9OLeEJGWG89M4 6D3oA8hu9OZvAHgrVplu20+y3i6NoxWSNWY/OCORjFXoYvC+p+JdJtNDn1rXJRMszO14/l2uP4ju FewhFC7QoC9MY4psVvDBnyYo489dqgZoALn/AI9Zv9w/yryL4b/ELw/4c8HpY6ldulyk0jGNYmbg tx0r2Go/s8P/ADyj/wC+RQB554ce58Z/ERvE/wBkmt9Ksbc29o06bWlY9WA9OT+lUvh54W0XXP7f n1TTbe6lTVJlV5FyQM9K9UAAGAMAdhVLTtTsNRa5GnzRy/Z5TFMUHCuOo+tAEUWhWNhpdxZ6ZaQW izIykRIFySMZNef+C/Gml+D/AAwdE8QNJZ6lp7upgMbEzckgpxzmvUqjeCKRw7xRs69GZQSKAPDb /Srm2+G9i2o2zQ/2lrwuhA45WNxgAjtnH616vb+BPDNrMJYdEsldTkExg/zreZVcYZQ2OeRS0AAA UAAYA6CvNPFeu2nh34xaVe6huW2OmGOSRVLeUC7fMcds8fjXpdc3d+GZ7n4hWmvmSE2sNi1q0TAl ixYnPTGOaAOXOow+MPHT6ppG+XTdL02aJ7rBVZJGB+UZ64qfwLp76p8FFsoPlluYblFPT5i7gV6F HDHEmyONET+6owKcqqgAUBQOwFAHmHhv4g6RoHgiLTNR82HVrCE27WLRNvkcdMcYwaxoNE1Dwp4c 8IazqFrM0enXMkt1Egy0KSHgke36Zr2U28LSiRoozIOjFRn86o6Nr1j4gjumsWd1tp2tpd6Y+deo 9xQBwPinXrLx9qGhaT4aka8aK9S7uJ0RgsCLnqSBzz+la2g/8lf8Sf8AXpBXbxwRQ5EUSID12qBm nBFDFgoDHqccmgDB8a6vqGheG5tQ0q3FxNC6l0Klvkz8xAHoK4nU/Elj4+8XeFYtA86f7HObq5Yx kCJeOCT34r1KaRYYZJJPuIpZuM8AVn6BqWn6zpceoaXHtt58kExbCcHByKAPP/i61xouoWGtWKZl uLebTmx1+cfL/WtTxL4Z+z/CFLCFT5+mwR3CEDnenzN+ON3513zIrjDKGA55GaUgHIPSgDhPhSJb /StR8QXSlZ9Wu2lweyLwv9aj+K3/ADLP/YXj/ka75VCKAoAA7AUMivjcoOORkUAOrg/icAbjwuD0 /teP+Rrrda1i10DSbjUr9mW2gALlV3HkgDj6kVZhkivLeGdRuSRRIm4diMigDiPFw/4uf4M/3rj/ ANAqPUGkT40wPCm+RdHkKr/eOeBXflFLBioJHQ46UbF3bto3dM45oA8OstYsNY0+6uPFWv6w+sF5 EGk2xePnJ2qqqOc1XSMT/BCxtXJRv7ZEUg/iQlm/Xmvdvs8Il83yY/M/v7Rn86zr7WtO0/V7DS7g EXN+zeSojypKjJye1AHD6Mv/AArLxcujSO58P6uQ1pLIc+TNgAqT78fp71zel2WiaDqGrWHizUtW 0u6S5eWIw3EiRzoTkFdo5Ne2XLxRQPNMoKRKXPy5wAM8VS0vUNP8S6XBqFtGJbeXJQzRYPBx0NAH l1quk23gLUL5/DmpXGk3t6vmm4uC0hQZ/fjjI603Q72Cx8YaPbeCNd1DUrK4k/0y0mDOkEXGTkjj v+VeybV27cDbjGMcUyK3hgz5MUceeuxQM0AQ6n/yCrz/AK4P/wCgmvGmzH8D/D1wVYxW+oeZKQM7 VEz5Ne34zVHU9R0/R7NZNQkihgdxGoYcMxPAA70ASaZqVrrGnw31hKJbaYbkcDGR+Neem8trD4ua 3aX0pt31WyjhtWZTh2Ixwa7mTXLC01+20MllvJ4TNGip8u0Eg89B0rQaKN2VmRSy9CRyKAPMPBPj HS/BfhuTQvEDyWeoafJIPJaNiZgWJBTA5zmsQ6HqkPgq212Sxn/d63/ajWgHziEn0r2l4IpHDvFG zL0ZlBIqTHFAHlvjTxZpvjfRbbQ/DTvfXt7PGxVIyPIVSGJYkcdK9NWArZiHcciPZu/DGazrvWNM 0jWbHTZE8u71Ev5ISLhtuM5I6dRWtmgDwjQLbQNAs7vTvFep6xpepWkr/uobiREmXsyADHNajXl3 4e+GP23QbTUNLhvdQDTSzP50qREYMg44zgf5NenaTqum+JreS6tY/MWCdoCZosEOvXGfrWoVVlKs oKkYwRxQB4H4ml0AR6dJpWsaprM0d3E9xdTyO0UK57ggAE/0rqPGcvhu58ZSxeIY7vRrhYFa11aC RgJxgccDt0/D6V6iltDGhRIY1Q9VCgD8qyn1zSrrWLzSJF8y5sYRcSq8WVCnkYPc0Acl4A+1+I9A 1zTtQurjUNHdjb2d3cJteVCME89ccc1heA4L/WfFNhpepofK8KJIhJzh5CxCH8B09hXoq6rP4g8K fbfCkkMcso/cNdREJw2DkdfWo/BvhmXw7ZXL31wt1qV9Obi7nUYDMegHsKAOirxjTympeHPGXhiF mGsSXk9xHbspBdQ4PH5fqK9nNMEUYkMgRQ54LY5/OgDzO4+ImkXPgE6bEJW1iS1+yf2f5TeYJNu3 GMdK7TwXplxovg7S7C7AE8EAEgznB64/DNXdSvNO0a2k1G/aG3jTAaZl55OAM9eTVmRpHtWa2Kea yExl87c44z7UAefaXE9x8QvHsMYy8ltEqj1JiAFYWj+NdO074WTaDL5w1qOCW2+xiJi+4556YwM5 Ndt4O8M6npeq6tq+u3FtLf6kybltgQiKowOvPp+VdPIlvAJLmRIk2qS8hAGAOuTQB4+0ujf8IJ4R g8R6fP8AYJITjUoWINq+44HAzzWl4Evbg+LLzTtF1e81jw+tqWaa5BPlSnoqsev+fSu3vfFOi2vh 2HVZZBLps8ixxske4MSSBx6ZBrahjjijAhRUTHAUYFAHn/wg1S1/sO40YyFdQtbmV5YWUgqpfg1P 8Vi9tY6LqXkySW9hqKTTlBnYmCM13KxRq7OqIGbqwHJpxUMCGAIPUGgDyjxL4u03xP4w8JR6PK9x BBfhpJxGwQM2MLkjrgGoPEcnhi48W6mNae98N6pER5d5BI2LpezcDr0r1xLeGNQscSKoOQFUAA1h XPinQT4qi8PXDo+pMNyK0WVBxnG7scUAeY3kOu+I/hfBeX32u9jsNU86N9pWaa2AxuHfPJwfSlv/ APhENVWys9Jute1y6u5F/wBEN648sf3m3DAxXqniHxPp/heCB9QW42TEqghhMnT1x0rnIvit4TSZ xDFdrKPv7LJtw+uBQB3SLtRV9ABXkZ1W1sb74iaXdOYr27WeWCNlI8xRExyD9Oa73T/G2l6nqGn2 duLkS38TzQ+ZCU+VSQc56H5TW8YY2fe0aF8Y3FRnFAHAQAD4CjHA/ss/yrn9R1m7svD3guxm1G40 rRbmyX7VewL824Lwue3b8/avYdi7Nu0bemMcU14YpI/LkjRk/usoI/KgDxTTm0dfil4dk0a71C9t syRve3bu6ySbT8qlvT29a6jwhqlrp3xL8VaZeOYru+ukkt0ZT+8UKxOD9DXoawxqqhY0Cr90ADj6 UGKMyCQou8cbsc/nQByfxX/5JprH+7H/AOjErlNNtv8AhVuqabeRvK/h/V4o0umc5MM2MhyfQ5/n XfeJ/Fml+F4YP7TMjvcsVihijLs5HXiln8TWCWukvLDNjVZFjt4mi+YEjPzA9MCgDzK4stJ0nx1r i+KL/UtOhvZvtNpdW07pFKp5wSo5IzXRfDqx0q/udautPs9RayuALf7Xezl/tS85wCM/jW/P410B /D76rOJHso7j7Md8BJ35x909vetzUY7z+y500loIrvZ+5Mqkxg+4HagDyHw3p17d+LLLwdeIWsvD 13Ndsx6OmQYv1Y/ga9prjfAumraanrc1/qMF/r00qG+aEHbCMHYgz7D+VdJresWnh/SJ9Sv2ZbaA AuVXceSAOPqRQB5TpxS+0zxx4YRmXV7m8uJ4YGBBkUHPB98frWqPiLpH/CA/2diX+2Psv2T+z/Jb zPM27cYx0r0m3MFxHHdxIv71AyuVwxBGRTvIh83zfKj8z+/tGfzoAxPAulXOi+CtLsL1dtxFD+8X OdpJJx+Ga5r4mvN4b1LS/F9lFve23Wtwo/iRwdufof516JSMquMMAR6EZoA8yaHVvB3wca605WOq 3GLi4lC7mQyHLNj2BFcZ4sl0K58Ks9hrmr65qTbJJDI7mOFcjcWXGB6CvbrjXrG21620WVn+2XUT SxrsypUdcmryW0ESsI4Y0DdQqgZoA4BXWT4r6A6EFW0IkEfU1ylpYXM/w7F/axST/wBma+91JFH1 ZFYZ474r27y0yDtGQMA46ChUVQQqgA9gKAPI/H/jnRvElho9ro8zXLm/hmkYRsBCM9GJHUk/zqfx TrXnePbvTfEmuXui6TDEr2wtyUFwe5LAZr1JLaCMEJDGoJycIBk0stvDMQZYo5CvTcoOKAPIvh6b Q+PPEKacLv7NNYA27XZYyTLwC+W5IJzj2rFhUav8Kl0u0E0t/o+oG6u7SMFZBHvcEjjrz+Fe8iNQ 24KMgYzjtSLFGjMyoqs3UgYJoA8Tvz4Q1O3tLXS7rX9bu7uRQLI3jjZ7tuGBiva4U8uCNMYCqBgn OOKRLaCJy8cMauerKoBP41JQB5hpOq2un+OPGWmXbmK7vmL26Mp/eARk8GtD4fAD4MRYHW2uf/Qn rvTDGZA5jQuBgMVGfzpQiqu0KAvoBxQB4hd6c83w58GanJHdPY2Ej/azasRIiMfvjHIxjrVtYvC2 qa/pNpoc+ta7MZlmYteP5dsAc7m3CvZAihdoUBemMcU2O3hhJMUUaFuu1QM0APpaKKACiiigAooo oAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigApKWkNAHko8Wa1rOs6rEPE9nol3aXDxW 2nXEKgSBehLN1zW9reva3Y23hD7WtvDeXuoRQXaoqyKQSM7T2z7Vj6xbarcyahZeI/Bq63MXb7Jf WqqmUx8uT1GKIvCOuWXh/wAF2k0L3E1jqizzhWDeRHuzgn0A9KANV9R8Q+LvE2qWmh6nFpen6VII Wk8kStNL369AKoaZ4r8SDS/Go1W4hN7o8QELRRgKGCt82O+cA81Pbpq/hLxVrcujaamtWGoTec6W 86iS3lxyGBPAOaxfD8Gq6vafEWO4tlOpXI8swwtuAfa/yA98ZAoAtzan43XwVH4sbWLVFSFZjYi2 G1kyBy3qetdJresa7faXo8+jyWunWt7EJru/uCpFuCoIUKxGSc/pTL3SL+X4PHS1tZDfmwWLyON2 7jiue1/w7qbf8IpcXeiz6tp1lYrFc6ejYZJdoG4jPP8A9agCbRfE+qReNU8Pr4ktNagvbeRo7mJF Jt5ACRnacHp0rO8HNrGkaB4u1GPU1YW09wPL8gfNMD/rM/0q7pujao/xE0XVofC40nSokkhEcYQO uVPzSAepPv0qfRtF1mFPFXh+50uWOHUZrieC+3Dyju+6D354oA3Zdfv1+EY1wTD+0P7OE/mbRjft znHSsTXfE3iQjwlbaRdQx3WrwfvWkjBXcVBLe2OTWfK3i24+Hh8LR+GJ47iK28h7lpF8tkX+76sQ MfjWy2g6mdZ8Cy/YpfLsICt03H7o+XjB59aAK+ueItc8ODS/D9zrliNSvGeSXU7hFSOGIdOCcFjz 1pdD8X3en+LrHRrrxBYa/Z6grCOeAoJIZAM4YKTwau+PfDd3c67pfiCx0yDVfsitFcWMqqfMjPdc 8ZGTVfQ7K+1HxXbXNv4Ts9C0u2UtI09tH50r9tpH3frQB3moS3MGn3EtlB9ouUjJii3Ab27DJ968 r1nX/Eej6O2p3fjDTU1OMB20lUjPflODkketeieLbG91HwrqVppb7LyaErE27bz6Z7ZGRXl3/CP3 03g2TSdN8CG21IwbZ7252ckD5ijHkse3TrQB0niDxXr0k3hRNDeCCbWIyXWVNyqSoOfXjJP4VNYa j4j8PeO9P0bWtTi1S01OKR0kEAjaNlGe3bp+dV4tE1SS/wDAczafMi2ETLdbsfuTs288+tbHiDSr 26+Ivhq/gtne0tUnE0oxhNwGM/WgDKsdQ8U+M73Ub3R9Uh0uws52t7eJoBJ57L1LH0zUnwfadtF1 g3aqtydUmMqr0D8ZA/HNQaYNf8B3ep6fbaFPq1lcztcWc1uygKW6q+emPWtP4Y6XqumaVqY1u2Nv dXGoSTEZGG3Y5HtnNAB8Rde1jRTokWhPELi9vPs+2Vcq2RwD6c1h3upeNtC8U2Ohtq1nfSasjGOd 7baLcj7xAHXA7V0HjnSr3UtW8LS2Vs8yWmppNOy4/doCMk03xDpN9dfEjw1fwWzyWlqkwmlGMJkc ZoAoaTq+v6T4t1Hw/rOoR6gP7Pa8t5xCEKnpgj06/lWNJ451iD4d6DeC4htpL+4aK4vvIBS3UHrt Ax/+quj1DRtQl+J02oR2sjWbaM0AmGNpk3H5frzWPpum+JtG+HmjQW+lRXJhkb7fp06KzSxluMZ4 /wAigDX8JX2uSaqV/tqx8QaO0Jb7RFtWWJ+ylQe9cxY+LNf103c9v4osLDU4pXWLSJ4VUEA8Lubq TVzw/wCHbq58dW2r6X4em8OWcMLicSsP37EHACA9AaqavYatqdleWOv+ChqOrEusOpWwWNGz91iR zx70Aeq6dJdS6dbvfxJFdNGDMiNuUNjnB9K5HWNY1vW/Gc3hzQLuLT47OBZru7aMSNlsbVUHp1re 8IaZd6N4T06w1GXzbqCLbI27dzknGe+Bx+Fc3qdlq/hnx5deINN0yTVLLUYFjuIYGAkjdRgMAeo4 /U0AZXihvEsHw+8TWPiMJcRwLGba/QKvnqZFyCoOQRUV3feM/DXhOy8RzarayWyJFv04W4AWM4AG 7rnGM1b1m18WeJvCviOS8s5II7pI47DTPlLrtdSzE+pA6ZrX8a6Pf6j8Lzp1nayTXhhhXyVxuyNu fyoApeK/GlyNdsNE07UrLSPPtxc3F9dlcRqRwqg8FjTfDHjC5g8VHQr/AFux1q3lgaaC9tiuVK8l XCkjpUPiLwveWviHTfEEOixazCLNbW8snVWcYAwyhuMj+nvVrw3pt7qPiOS6bwzZaHpCQNGqNbxi 4kZhjIK9Bg0AVtOvfGPjTT7nWtK1SDTbUSuLK18gOZQpx87H1INUPEWuz6frvgzVvFEP2GeBZ2uU XDYO0gYwT14496t6LL4m8DaTcaDD4en1IRSObK6gdRGVYkjfnpgmnT+F9b1DVvCDeIIRqbQGZ7+Q qpjTIJVSOAcHHagDT8N6vr2vadfeIrqaO202SGQ2NkiqxwAcO7euR0rn5fGXiCPwN4Wu7CWA3+o3 fkMGiAR8kgDA6dulaujaJq3hbVNX0O2tJrnQbyKSazlUjFu5U5jPPT/63qay7fwxrCeFvBNs2nzC ax1JJblOMxIHzuPPSgDUe+8U+FvFOjQ6tq0Gp2WqzGF1FuIzE+P4cdqkOo+I/F3iXVbbRNTj0rT9 Kl+zmTyRK00o69e1aXjTS73UNb8MTWdu8sdrf+ZMy4wi46msW2GseEvFGuPo2nJrWn38/nlLedRJ bTHqrg9B/hQBo+ANc1zUtU12y1+WJ5rCZYgIkCqOOSPrwfxrO+MdveS6dpLwXgihF9Ghj8sH5yfl fPtzx70vwvkvrjX/ABXPqSRpdPdr5qxtuVWwflB74HFa3xN0i/1Xw9bnTLZrme1u47jyVOC4U84o A5nxHb67H8SvD1rZX0L6o2nOkl5JD8oG5tz7OmcdBWxoes65ovjaTw94gv4tRhezN3FcrEI2XB5B AqRLXU9U+Imh63LpdxaW66dIkwkIJics2FOPwP41NfaJeXXxVt7420h0/wDsySB5hjaGJPFAHM23 jLU/En2nUI/F2k6FEkrLa2UpjLsBwC+455rtvAfih/FfhxbudY1uYpGgm8o5Qsv8S+x61w+m6Jee E7e50u78EQ64UkdrS9jijberHIDluRiu78E6bf6b4fRdVt7K3u5XMjxWkKxogPQHHBPvQBy3xIGo v468Iro7RJeuZ1jeRdypnZliO+Bk1dtdU8QeF/F+naTruoR6nZaoGWG48kRvFIozg46j/Gjx9Za4 fFfhzVND05r37B5zSqGCjB28ZPcgHFNhttZ8YeM9M1K/0mbStM0kO6JcMDJLKwx0HYcflQBmx+MN XT4Za5qyzRreWuoSQxOsSgBQyjp0PU80axqfjXw9odr4mvNVtZomaLz9PW3AVUcjgN1J5HPvUI8M az/wqzXtO/s+b7bcajJLFDxudCykEc+xrpPHukX2p/Dg2FjbSTXf7j90uM/Kyk/lg0AV9T1jW/EX i+TQfD98mmwWdus11cmMSOWblVAPSsfwv/a1p8R/E41iaKa+h05f30abVkAxtbb24xkVp3llq/hb xhJrun6VJqVpqFskV1DAQJY3UcHnqKg8PWWv3vjLxBq+q6TJZR3th5duhYNjHAU4/i4yaAM2Txp4 gj8A+G76xlgN/f3nkMDEAj5JAGB07dK1Zr/xV4U8TaMmratBqdlqk/kSItuI/KbH8OO1ZVv4X1lP B/g61bTphPZaok1wnGY0D53Hnpiur8b6Xe6jqvhqWyt3mS11ASzMuPkXHU0AZ8mo+IvFvifVLPRN Sj0qw0pxC0hhEjTS9+vQCp/AWt67qOta9YeIJYXlsJEjURIFXp1H14P41QhXV/CfizW5dH09dasN QmEzx286CS2m7hgegNJ8MZL658TeK7jU4447prmPzUjbcqHB+XPfAwPwoAn+MsF1J4M8yC6EUCTx +bEUz5mXULz2wefem6jq/iG0n0Xwvp99DLql5EZpr94QBFEPRPWtn4k6Re634KurXTYfOuQ8cixg 4LbXBIHvgVgX9vr099oniyx0WZbu0ja1utOkYCRo/wC8poAt22q6/wCFvFunaRrt9HqljqmUguBE I3jkHYgdQeK6PxjDcz+EtSSzuRbS+QxMhTd8oGSMe4yPxrmUtNZ8ZeMNK1K+0ubSdN0omVEuGBkm kPsOgFdrq1s97pF5bRY8yaB0XJ4yVIFAHjNzDf23wNsJprpbmN7mFraHywvlAO3yk/xZNdJqeo+M PCI0zVdT1W1vbW6njhuLNLcII9391upxWeNJ1+8+GFroUmhXUN3p91DjJUiZd7EsvPbj866v4kaT fav4esINPtnuJY72GR0TGQo6mgDM8TeL7qfxfLoNlrdjodvaxB7i8uSu52PRUDECrXgnxbc3niG9 0DUNSs9VaGIT299alcSJ0KsBxuGapa/4duNK8cXOuJ4eh17T7+JVmh2I0kLr/Eob1xWj4LsNQfW7 zUbjQbHRLAp5dtbrAizn1LMvb2/woA7K8uorGzmup2CxQo0jsewAya8LcxXvhS98XG9tk1s6l9uh jMqiQRKdoTGc9O3tXpnxJt9V1Hwx/ZejW0k0t9KsUrrjEUecsT+g/OpIfht4VitY4W0e2cqgQyFT ubjGfrQBuaNqcOt6NaahbkGK5iWQe2R0rjPCwH/C2/FvA/1UNWvhrp2q6Ba6lomo20q2tpcsbKds bZI2J4H0PP40/wAPaRfWvxK8SahPayR2lzHEIZTjDkdcUAdHLottNr1vqspdri2iaKFc/Km77xA9 T0rzNPFmt6zq+qRr4ms9Fu7Wd47bTriFQJAOmWb1/GvXK8r1i21W6kv7PxH4MXW5y7fZL61VUyh+ 6C3UYoA9F0Oa/n0W1k1aKKK+ZP3yxNuXPqD7jmuX1rWNb1jxnJ4b0C6i09LS3E13dtGJG+bG1VB+ tanw/wBGv9B8HWVhqkm+5jBJXdnywTkLn2rG1ay1fw349uPEWm6bJqlnf26w3MELASRsvRgD1GB+ poArahqvjDw54V8QHU5IpXskRrLUVRR5oLAEFM9RmqOqar410fwzB4ruNWtXiIjkk05bcBQjEcbs 5zzVjV7bxZ4m8M+I5buykt4rmJI7HTDtMgw4JYn1IHrWt4w0i/v/AIWHTbS1eW9NvCvkrjdkbc/l igDnvFltquofEfwxLa6otv8AakeS13QBvs/7vJz/AHs/pXQOr6t8UrK3kcSpotiZZGxw00nAOOxw M/jTNQ0bUJfGXg26jtZGt7KCRbiQYxETHgA/jV7wTp90l3rurahA8FxqF82xJBgiJBtT8xQBwWua zdax8JZ7rUHjLx6uEykYQBQ/oK67RPEmp+N/EMs2jXSWnh+xfy2fYGkun+h+6v8An6cfZaRea38J rq00+1e5lOsMxjXGSofnrXWXGgXvhLxtb6n4csWl0u/AhvrSAACMjgSAf57+tAGd8PLHVI/H3idp tUWSOG5UXKCADz2KttOf4cfrXQ/Fb/kmmsf7kf8A6MWqPh+11bRPiJrqzaVNJYarMsqXiMNkYCn7 w698VrfEXTrvVvAeqWWnwPPcyqgSNerYkUn9AaAOPvb/AMZeGfCtl4juNVtZbZEi8zThb4CxnAA3 dScYzXTeJr/XZbmyTTry10jS5IfMuNRuChIY9EVWPX3qLxxpF/qXwxOn2drJNeGKFfJXG7Ixn8qw /E+gX/8Awl2najf6FPrmlR2KwraxMMwy8ZJUnB/z6UASeGvGGpQ+J9Q0aTVbfxBDFZNdQXECqCWX +AleDWZo3inxFrlmL6x8U6cdUL86NNEsYxuxtBPOcd6u6LoeuL4+bVYdBi0e1m0+SC2VApWFv4TI F7k1naxpWq67pUljqXgfdr5JUanAVjjzn/WEjr+NAGp4vOsTfE3w4mltBbahNYOrPIu9Yck7jjvj nFamg6rr+keOx4b1y/i1KK4tTcw3CxCNlIPIIFJD4f1W28ceGZ5kkuIrPTGguLrPG/nr3q5eaTfS fFrT9TS2c2Mdg8TzcbVYk4FAHZUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUU UUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUhoAKWoY7mCZisU0bsOoVgSKlFAC0UUlAC0V51JqOteO vFOo6dpGpPpekaW/kzTwqDLNJzkAnoOD+XvU8On+KfCev2CwX13r2kXT+XOswHmW/wDt59P8KAND Vfh7a32tT6pY6pqelXNyALg2UwUS47kEda1/Dnhqw8L6ebTT0fDuZJZZG3PKx/iY9zVbXvG+h+HL lbbUbzbcsNwhjQu4HqQOlWLXxVo97oM2s2t7HLYQKWlkUElABk5HUGgDYork1+J3hR76K1XVoy0u AH2tsBPQFsYB5qW2+Inhu71ldMg1JHuHbYhCnY7egbGDQB09Fc1qfj/w9pF5PaXl9i6gIVoFjZnJ IzwAOeK0tI8RaZrumHUNOu0ltlzvc/LsxydwPSgDTpK5Bvin4UW4EX9okoW2ecIn8vP+9itXWfF2 i+HxbnVL5IFuELxNgkOAM8EfWgDbornV8eeH28PrrTagqWLOY1d1YFmHVQuMk/SpdB8ZaL4llkh0 2733EY3NDIpRwPXB7UAbtFcvqXxE8OaZqUmn3OohbiP5ZCqMyxt2DMBgVB8MtUu9Y8ILdX1y9zKb mVRI5ySobigDr6SuF8deOl8N67o1ktz5SSTb7z90WPldsHHr6c1uax420PQ4LaS+vQpukDwxqhZ3 U99oGfzoA36KytC8SaX4ltmn0m7SdUO115DIfQg8iqPji41O38Pg6Olw873ESuLcfvPLLfNg9uO/ agDoqWuQ0DWbmzi16+8SNPZ20F2fLe5OEEWAF2j/ADkmpNP+JXhrUtRisoL9llmOIjLEyLIe2CRQ B1dFcdY6peyfFvU9Oe5kNlFpqSpCT8qsWUEj9amm+Jfhe31GSzk1NQ8bbHkCMYw3puxjNAHV0Vxe r311r8/h/UPDt1dtp8jyPO8K4UxgEEnPfIwB3p+g6vJ4W8E2M/i67mSeWYpvnBZ/mYlA2Oh2j8KA Oxorz7xdqHiSHWNXTTYL54UsIxatAvy7y3zkcctjp6Vt3XjjQ9DVLXVb4wXccEcjQyAtIdw4HA5P 0oA6akrI8P8AirSfE8Ekuk3Ym8o4kQgqyH3BrLufib4Wtb97WTUwWRtjyJGzRofQsBigDrKKydT8 T6Ro9va3F/fRRQXbbYZc5RuM9R2xVDR/iB4d17UvsFhfhrhhlFdGTzB/s5HNAHS0lYOu+NtD8OXK 22o3m25YbhDGhdwPUgdPxrN8R6o/ibwRJceEb6WW4kkRYntfvBt3IbP3R65oA7GkrmfCdvqsOp66 +ozXMls9yBaefxgAfNtH93JwD3xVjxr4hPhnwxc30Sh7lsRWyHndK3C/4/hQBvVyOqfD20vdZuNT sdU1LSri6A+0/YpQgl9yMdau6LeQ6Kmm6Dqd/JPq88BlLS5Jkbq2D04OcD0FXofEOmz6/Posdyra jBGJJIcHheO/TuKAGeHPDVh4X042mnI+HYvJJI255WPVmPc1r1wHj/xekOiyf2NqDRT2epQwXTpx tBySuTwela+m/Ebw1qmppp9rqatcOdse5GVZD6KSMGgDqKK5zR7kSeL9bh/tiS6MYi/0JkIFrkHo e+ar3XxL8L2moG0l1Nd6P5buqMY0b0LAYoA6uivP9f8AGEeh/Emx+26n5OjPpZmZc5R3LsFIA5JP FdJ4e8X6N4oEo0m8EskP+sjZSrr74PagDcorE8Xz/Z/C97KdSbTNqj/S1UsY+RzgflVfUPGGkeHN PsP7Tvy8s8KtGFQtJMMD5to9aAOjpKy9B8SaX4ltXuNJu1uEjba4AIZD6EHkVi/ErxVJ4V8MPNaS iO+mZUgJTcPvDd7dCetAHX0V5trPjiNNU8J30OqPDpVwZftTMCqvtX+IEZ611Gg+OtB8S3b2umXw kuEBbynUoxHqM9aAOgoNc7rXj3w/oF6bO+vv9JUZeONGcoPVsDitjTdTs9YsY73T7hLi2kGVkQ8f /WPtQBzmq/D20vtZn1Sx1PUtKubkAXBspQglx3IIPNa/hzwzYeF7BrXT1c+Y5kllkbc8rH+Jj3qa fXLC31u30iafbfXMZkijKn51Gc89OxpkPiLTJ9fm0WO6VtQhTzHhweB9encUAalFY/8AwlWj41It exommPsuncELG3pnueO1UNJ+InhzWr9LK0v/AN/J/qlkjZPM/wB0kc0AdPSVzOrfETw5od7PZ6hq AjuYHVJIwjEgsMjoOmDRqvxD8OaPcCC6viZSgkZY4mbYpGQWwOODQB09JXC+OfH0Gm+CF1PQr2J5 bs7LaQIWB/vfQgetdVoWrW2uaRBfWcplikGNxUrkjg8H3oA0aSvPdQ8Zx6B8S9Qh1fUmh01LGNo4 TkgyH+6AMk10dh440HU9HutTtL4SW1ou6f5DujHuuM0Ab9LVBdasH0T+11uF+weT5/ndtgGc1k3P xB8OWcVvJcaiI1uYPtEO6NsumcDAx1PpQB0tFYvh/wAWaT4mE39l3PmSQH95E6lHT0yDWfefErwx Y372k2pDfG2yR0jZkjPoWAxQB1VFZGqeJ9I0aytby/vo47a6YLFL95WJGRyO2BXFeJviFaXkOhX2 h6q8dkNVSG8faUGzgkNkdMc0AemUVzmjePfD+vX/ANisL8NcEZRJEZDIPVcjmn69430Pw5crbaje YuWG7yY0LuB6kDpQB0FFcX4q8VQXnw11PV/DuohmjRdk0RwyHeoIIPIODWu/iOx0TwzZahrV4sKP CmXfkuxUHgDkmgDdrP1rTX1fTJbOO9ubFpMfv7ZsOv0NUtB8ZaL4kmkh0283XEY3NDIpRwPXB6ir uuyCLQr1zdtZhYWP2hRkxcfex7UAQ+G/D1p4X0aLTbFpGjQli8pyzsTkkmtauWtfFek6J4f0dtW1 kS/a7ctHdyoR5+0Aljxx1HFWNB8daD4jvXtNNvd9woLeW6MhZfUZHNAHQ0VU1TUIdK0y5vbhtsUE ZdjgnGPYV5dF8QbvVvhVrN5Hfums2zBy8aFPLQygLg4x0yKAPXKK4zS/iX4bmazsZNVU3ToiM7K2 wyYGRuxjOa3dd8TaV4at0m1W7WESHEa4LM59gOTQBrUVjaB4r0jxMkh0u7Erxf6yJlKun1U81T+I V/c6Z4H1O7sZnguIowUkQ8ryKAOkpa4rSviZ4bdLGyuNWU3bxRq8jKdhkKjILYxnJrSu7kL480+D +2HjL20jf2eEJWb/AG93QY/pQB0dFcndfE3wvZ3z2supcxv5byLGzRq3oWAxWd438fQ6FqehwW14 qw3Eqy3LLGXzARwVPv7c0Ad7RWBq3jbQ9Etraa+vQn2pQ8MaozO6nvtAz+dT6P4r0jXrCa8029Sa KAEyjBDR4GeVPNAGxRXIL8U/CjybI9T3nyzIdsTnAHXt1roF1qwfRP7XW4X7B5Pn+d22YzmgC/RV XTtQt9W0+C+s3L286742IIyPXBrG1vx7oHh+9+x399/pIG5oo0Z2QerYHFAHR0VyXiTxxp9n4In1 jTb1JRKjJayIpYeZjgEdiPeqPwtuG1DR3v5dcvdSuJlTz45xhYHxkheOevX2oA7uiuA8UfECPRPH 2laW915dkFdr0CIs2Sp2AHHTOOlatnq0Fn4h8RTXOtvPDaqjyWjRnFou3PB7568UAdVRXJD4n+FG u4bddWjLTYw+1tgJ6AtjANTQ/ETw1ca0mlxakjXDv5aHadjNnG0N0JzQB09FYuv+LdH8NeWuqXYj ll/1cSKXdvoo5pdL1zSvFulznS77zEYGOQoSskRI9DyDQBs0VyfgPWbq8tb7SdUkMmo6RObeWQ9Z U/gf8RXWUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFZHigzjQZzb7t3G7b1255rXpCARg8g0Cau rHl+jGYava/Zc+Z5g+76d8+1eoCoIbK3t3LwwRox6lVANTim3cinDkVhaSlopGh5v8OZ49H8VeKN DvHWK6a9NxCrcGVGzyPXgj866XxF4xtdA1PTdOWJru9v5xEsETDcgP8AEfb/AOvUviHwZo3iaSOX UrUm4i4SeJykij03CotB8CaH4dvGvLK2d7thj7RPIZHA9ielAHP+AUifxv4va9CNqQuwBu+8IscY 9un6VgXIhTU/iVHpu3+z/sOWCfcE2w7sds53V6BrngXRfEF+t9dwyx3YXaZreVomYehI61PaeENH sfD9xotraeXZXKsswDHc+4YJLdSfegDgPEGnWsHwBtxHBGu2GGUELzuLDJ+vJq/8QrK3s/Cnhlbe JIxBfWyx7QBtGK7O78L6Ze+G10GeJzp6oqBBIQcKcj5uvan6t4d0/W7S2tr6J3itpEliAcrhl6cj rQBx/hmOzf4weKWmEZu1ji8nd97bj5sf+O1li7sNN8SePbhoDPo6W8f2iGJtqvKeCoI6Zyc/jV6H wRDrvxB8ST6vaXccP7k2tzGzRZ4Ibaw69s12Nh4S0fTdDm0i3s1+xz585XJYyk9SxPJNAHmWuvr8 vwyllkt9D0vQ2t1MNuu6SUqcFQGzjd0561du7aG/1b4cQ3KLLG0GSrDIOIwR+oFdRF8KvDEcZjkt rieLaVSOa5dljyMZUZ4PvWtF4Q0qGXSZFilL6SpW1LSsdoIwc+vHrQBxHjyG7HxI8NwWJ0+FfKka 3F4hMHm55yF/i6Y96W5sNZX4gaLcavqmgxakiuIobRJVknQqcg5zx1xmu917w3pniWzW21W2EyI2 5GBKsh9VYciqWheBtF8PXzXtnDLJdsu3z7iVpHA9AT0oA5r4XxadL8PLv7csRdpZv7QMmM55zuz7 Vd+DwQeAoxF/q/tM236b+K0NQ+HHh7UtTlvp7aVXnIaaOKZkjlP+0oODWxoehWPhzTRYaZEYrZXZ wpYtgk5PJoA5b4gbR4n8GlsAf2g2Sf8AdFV9CSF/jP4i+3BDdJbxfZN46R7Ru2/1x711fiLwvpni m1ig1WFnWF98bI5RkPsRVPVPAeiavDZrdQzCWzjEUNxHMyyhQMYLg5P40Ac/pwij+OGoLp4AibTg bsR/d8zIxnHfFeiVkaB4Y0zw1BJFpdv5fmtukkdi7yH3Y8mtegDjvibqNjYeG4V1DTxqJuLpI4Ld pCimTkgsR2GK4rx3/wAJEsOit4gbR4F+3xeRbWqsZBzydx4wPavVNc0Gw8Saa1jqkAmgJDAZIKsO hBHQ1gf8Ks8NNEVmt7md8qVmluXaRMHI2tnj8KAMHVDcD4keKTZ5Nx/YH7vHXPy1P4cGin4J4m+z eR9ik+0ZxnzcHOf9rOMfhXYnQLa31W61m0iJ1Oa2+z7pHJVgOVBH1A5ryi50+3uoLqObwFqaa/Lu Uxwq4si5yBJ97HfP9aAPQPhZ/wAk20f/AK5v/wCjGrpr1LSSJRfLA0YYEecBjd2696zPBujS+H/C WnaZcFTNbxYkK8jcSScfian1/wAPWHiWyjtNTjeSGOUTKFcqdwzjkfU0AaYrz6C0hufjtePNGrtB pSvHuGdrbgM/kTXoNZ0eg2MXiGXW0jYX8sAt3fecFAQcY6dhQBwF9E9t448bjT0CSvowcBBgltvX jvWp4Lh0c/CGDctubVrRzdFgMb+d273z/Suri0Kxg1251iONhe3MSxSMWJBVegx0rCn+F3hme6kl +yTIkr73t47h1iY+6A4oA85t4TfeCfA1veK0kEus+Wqyd4i+APpiu48d28UXizwbNHGiSC+KBlGD t29PpXTX3hnTNQGmrNb7U02VZrVY2KBGXpwOo46VNqeh2Wr3djcXkbNLYy+dAQ5G1unOOtAHmWgx eIJ/H3ixtJn0hLsXe1xqCO0nl87duP4cY/Stz4dWctp4k8QmbUtNuJJXRp7ewVwkUnOTgjHP1rf1 zwLoviC+F7dwyx3YXYZ7eVonYehI61f0Hw7pvhqyNppVuIY2bc5JLM59STyaANSuA+KI3XHhVZD/ AKOdYi8z068f1rv65/xt4ePiXwzcWcTbLpCJrZ/7sq8r+fT8aAMX4lx/2e+ieI0AB0y9XzWx/wAs n4auFtr86VrFn8QJi/2bUNQuYXBzxEVxHx9VJ/KvVrRIvGHg6OLV7SWIXUQS5gkBRlYfe9xyODSX XgvRr3wzDoM1sx0+DbsQOQRjp83WgDzHUtKZfhFZ3F4v+katqsd1Pxz87NgflXUfFGzt7bRNBMEM cZg1GBY9igbR6Cuv1Pw1p2raXb6ddwsbW2dHiRXK7SnC8in61oFjr9vBDqEbOkEyzIFcrhl6HigD gkadPFPxFa0yZxYoY8dd3lvjFaPhCHQf+FQWxvkgOnG2ZrvPdsndnHO7P49K62z0CxsdXvtTgiYX V+FE7FyQ23px0HWsGf4W+GZ7p5mtJljd/Me3Sd1hZv8AcBxQBzdpb6Vf/FDww1hDu0+PRfMtVlBJ ADOFPzc8Z71prEkHx0HlKE83SSXCjG4hhya6weHNOXXLfVlgK3dvb/ZYirEKseScbenenHQLE+Ih rflt9vEH2cPvONmc4x0oAxPil/yTrVv+uY/9CFc7qGny3WvaNc+HtYtLfxBDpaKbS6QsskW0Hg44 NehaxpFrrulzaffoz20ww6qxUnnPUVl6z4G0XXY7QXcEiyWiCOGaKVkkVQMAbh1/GgDC8CapJJ4p 1nTtU0i0stajRJbma0bKTDgDPPB5FWfi9j/hXV8fSSH/ANGrW74f8KaV4ZSUaZAyvMcyyyOXkf6s eat6vpFnrulz6fqMPm204w65I75BBHQ5FAHCeLLWC98XeBoZ40khZmYqRkHCAj9RVrxLDHD8WfCU saKjyR3CsyjBYBRgH8zW7ZeBtHsDpphjnZtNd3tjJOzFSwwep5HtWheaDY3+sWOqXEbNd2O8QMHI A3cHI6GgDy7wPD4kuL3xBJpU+ircG/kFyL+ORpuvHI/h9K6b4XWhs01tRqNheK95vMdkGEcLnO5Q GHTp09K1tY+H2ha3qD308M0N1IMSSW0zRGT/AHsda19F0Ow8PacljpdusFunO0ckn1J7mgDlPiah 03+xPEiA50q9UzEdfJfhv6fnXD298dJ1m28fzM5t76/uYpMDrDtxH/6Dj8K9n1XS7XWtMn0++j8y 2nXa65xkfXtWZdeCtGvPDMOgTWzHToCDGgkIIwSfvde5oA8uu7Brf4faDdalnyNV1kXl+T0Kvnbu 9sAV1nxfjtY/B9o9usa3qXUX2ExgBt2f4cdsentXa3ei2F9pB0u6tY5bIoI/KYcYHT8sVi6V8OdA 0m/hvIbeaaaD/U/aJ2lEX+6CcCgDC8N2EFz8XfFc1zDHJJHFAo3qDjMa56/Sqz6bqUXizXL7wTqe nXUkkg+32F2nKuOwPp1713tnoFjY61farBG63d8FE7FyQ20YGB0HArJ1j4e6FrepvqFxDPDdSACR 7eZo/MH+1jrQB59qup2uo/BvVUttLi02S1vRHPDEdyeZuGSp969issfYYNuMeWvT6VlL4O0VPDb6 Clkq6c4+aME5J/vbuufereh6Ja+H9MSwsPN8hCSBLIXIz7mgDjrezgufjnfSzRq7wabG0e4Z2k8Z Hvim6TZW7/F3xPamNRDcafH5iAYDZwDXZR6DYxa/NrSxsL6aIQu+84KjoMdKiOjWWn6rfa9Dbyvf TQbJNrEl1XkAL0zxQB5L9ruo9Dk+HSu3219U+zKec/ZSd5b6f0zXUahZ6fb/ABh0C1mSMQwacUt1 foGXhce+OlTeFtPn8RePbzxbd6VPp0KQC3tY7lNsjtjDOR9OPxpfEvhYeIfibY/brKeTThYODOm5 Qjg5GHHQ0AU/FO6L4oA6OFF3/Y05ufL69G2Zx3zj9KyfBtpr83w8U2Vz4ZXS2jk+0faopC467vMI OM//AFq9J8PeEdK8M+e2nQv51wR5s0zmSR8dAWPb2rKu/hd4avLqWY208SzNvlhhnZI3PuoOKAOC u9OjPgLwhYyXsGoWx1jYssQbYyfN8vzAHjkV03xTtbCP/hGYriKKOzbVIxMAoVdvAOfbFddd+FdJ vLXTrZ7XZBp0qy20cTFQjKMDp1607xB4Y0zxPDbxavbmeOCTzEXeVGenOOtAHJfEtIEv/Cxs1RdQ GooIfLADeX/F0/hp3gJLd/G3jFrkI2oi9wN/3hDztxnt/wDWrd0XwDoehagL61gmkuUXbG9xM0pj HouTxTtc8C6Lr9+t9dwyx3YXYZreVomZfQkdaAPM9c8lG+IsenYFj5cBYJ9wS713Y7Z61o+Jlvpf FnguK1ksk/0HNub5WMPm7R1A79Me9d+ngrRIfDc2hRWeywn/ANaquQznIOS3UngVNq3hTSdb0qHT 9QtfNgtwPJO4h48DAIYcg0AcRLp+rj4i6Dca5qmhRX6bgkNokqyTxkHIOc++M12vjP8A5E3V/wDr 0k/lUGheBdF8PXz3tnDLJeMu3z7iVpXVfQE9K2b+yh1Kxns7pS0E6GNwDjIPXmgDyZraK8h+FsNw iyRMrEqwyDhUIyPwrofFMKRfFjwjJGgV3EysVGMjaeDXSr4Q0lTo5EMn/EmBFn+8b5MgDn16DrVm 98P2GoaxY6pcRs13YbvIYOQF3DByOhoAvXQzaTA8jYf5V45bY/4Z51TGM+c+f+/617ORkEEZBrlY /hv4fittRt47edbfUMefEJ228MG4GeORQBz/AI9061tPg1FHBBGggigaMqoBU8ZP16/nWbqy6rcf FbTVspdPS4XSlNodQVmjJ/i2gfxdf1r0nVPD1hrOh/2RexO9ntVdiuVOFxjkc9qg1vwjpHiG2t4d Qtixtv8AUyo5SSP6MOe1AHH6VY6lF8Ure41bU9EGofZWWW2sUkVpE7Fs8ZHua3vih/yTrV/+uQ/9 CFX/AA/4M0jwzLNPp8Dm5mGHnmkMkhHpk9q0NX0m11zS59Pv0Z7acbXVWKkjOeooA4Pxpptpb/BE JFbxqIra3dMKOGJXJ+vJ/On3Dr/wtDw48zfL/Y8hY+205rs9R8P2Gq6CdGu43axKJHsDkHC4xz17 CkPhzTzrFpqZib7VZwG3hbecBCMEEdDQB5la2WraX4bv5fD1zpOv+GGaWSS3uF2SBeSwzxzV3UdQ s9Tsvh9eWdqLS2kvMJCTkRgDGM+mRxXS3Pwt8NXN3NMbe4jWdt8kMVw6ROfdQcVp6v4N0bW9JttN urTbbWpBgWFihiwMcEUAczo6Qv8AGvX/ALeENylpF9jDjpHgbtv9ce9U7kQx/FnWV08AI2jObwR/ d8zHGcd8V1ep+A9E1a3s47mGbzLKMRQ3CTMsoUDGC4OT+NWtH8JaToVlcWthbFVuQRNI7lpJMjHL HnvQBzfwq0iyl+Gllvt42a6E3mttGTl2Xr9ABXGfa7qPQ5Ph0rt9tfVPsynnP2UneW+n9M167p2m WnhjQBZ6bBKba1R2jiDF2PJYgZ6kkmuQ8LafP4i8e3ni270qfT4UgW3tY7lNsjtjDOR9OPxoA722 to7O1htoFCxQoI0UdgBgVwPwsSGSbxK92EbVDqUguN4+fZ/D+Gc16HXNax4A0PW9Ra/uIJorqQYk ktpmiMg/2sdaAOCthCNI+I8enhTpiu3lbOUD7fmxXo/gkAeB9DwAM2EHT/cFPh8K6Tb+HZdDt7QR afKhR0QkFgepLdc+9aGn2MOmafb2VqpWC2jWKME5IVRgc0AcV4lCj4veE9wGDDcde/yGsW5/5Dvx J/69o/8A0WK7zxF4Q0nxQbdtThkMlsSYpIpCjLnqMij/AIRHSjLqkhhkL6pGsd0TK3zqF2jHpx6U AcDq+n2sP7PUHlwRqTbQzZC87y6kn68mr3jmytrXwF4b8iGOPyby0CFVAK5HNdpceFtMuvDK6BLC 505Y1jCCQg7VII+br2FP1Pw7p+r6dbWN5E7W9tIkkahyCGT7vI60AedzR61P8Zta/syXTEu0toxB /aCM37vaufLx75z+NaXhKxvLf4l6lNf6npD3klqBc2lgjryCNrHPGfXnPNdTr/g3SPEssM2oQOLi EYjnhkMcij03DtzRo/hvSPB1jdy6fbSAsDJNISZJZMDOMnk/SgDnvDwA+MnifyydhtYTJ/v4GP0r v65LwHpFzb299rWpRtHqGsT/AGh42HMSdEQ+4HWutoAKKKKACiiigAooooAKKKKACiiigAooooAK SlqnquoJpenyXUilgvAUdyegoBuxboFcjpvjOWe+SK7gjWKRtoZM5XPTNdcKbViYzUthaSlpKRRx l18UdHtdSu7EWmpzy2kpilMNqXAYHHUH2rW8OeMdJ8U+cunSyCaA4lgmQpInuQa898O6/qei+K/F y6b4futVWTUSXaFwPLILcHPrV3wdqDan8T9Tv9Vt20jUntBFDp8ikM6cEuWwATxQB6lVPVtWs9E0 +S91GYQ28eAzkZ5JwB+JNc58PNZvta8M3d1qE5mmjvJo1YgDCrjA4rhddv8AVfEPwcXULzUXLx3p SVfLX96PNAXPpt60Aezo4kRXX7rAEfSnVnaDa3Nno1tDe3rXswUEzMgQkHoMD0rjdTvvEmq/Eq90 DS9VFjZJaJM8nkq7Rjvtz3JIoA9EorzvRPEuq6De+JtN1+8Goro9uLqK42BHdSCdpx+FV7GDxrrP hv8A4SNPEK21xLGbiCwW3UxbOoUk85IHX3oA77UdYstLmtIbycRy3kwhgTBJdz2q7XjGu6hfeL28 E6rDfvZPd3XkiNYwwgmU4Zxnrz2PpXsdvG8VtFHLKZZEQK0hGN5A5OO2aAJKK8mfxlP4i1jUi3i6 18PWVpM0FtDtUySkfxtntUo8fandfDXXrlbyB9U0mVIheW4BSZS6gOB05BIoA9UqjcaxZWurWmmS zgXl2GaKLBywUEk+w4rznWrzxh4e8O2vim515J8mNp9PFuojCPj5QeuRnrS+I7HUL74t6C9vq0ls 1zavJCREreQoU7lGeueevrQB6BYa9a6jq2oafCswmsGVZS6YUkjI2nvWnXnFx4l1SO48dhLrA01F NrhF/dnbn05/GqNtrnifRPBv/CX6vq6XUdxbL5Nj5ICh2ICMT+OTigD1WsubxDZw+JbfQ28z7ZPC 06YX5do68+teX3Pi7UdI0uPWY/HNhqV4u159M2oEdSeVTHORn9K3bi5/tX4qaJc2rmP7Xoskkb9S u4ZB/DNAHo9Fef8Ah7xrc2/gnWbjXJPM1LRZJIpiQFLt/BwPXgV0fgttTl8KWM+tTma9nTznJUDa G5A49BigDdorhrbxPeaV4p8VWOrXBkgtLcX9oWUDbFg5HvgkD8KwfDXxB1RfBPiK71qUnULFRJDu UDAkH7vjuNxoA9Xpa8pu9Q8Xy6v4d0O31fyLq+07zrqZ4lJRuSSBjqBxV+4vfElxr1n4PtNZC3UF r9ov9S8ldxGeFVeg6igD0alrhNH1PWvD/jaHw7rd+NStr2FpbS6ZAkileqsB1rC8NSeMvF2gXV+P En2JbaWRIVS3UmUqc/OfTt+FAHrFJXl0XjzWtU8G6FHZ+VFrWrXL2n2gqNsew/M+3pnFSas/ivwp rehW8uvtqFhfXixyNJAquD3X/dI/lQB6dRSUUALRSUtABRRRQAlLRRQAUUUUAFFFFABRRRQAUUUU AFFFFABRRRQAUUUUAFFFJQAtFJmloAKKKSgBaKKKACiiigBKWiigAooooAKKKKACiiigAooooAKK KKACiiigAooooAKKKKACiiigAooooAKKKKACiiigApKWigAooooAKKKKACiiigAooooAKSlooASl oooAKKKKACiiigAooooAKKKKACiikoAWikpaACqeq6emqafJayMVDchh2I6GrlJQDVzkdO8GSwXy TXU6NHG24KgPzEV11FFNu5MYKOwtJS0lIo8v0xPFfhfxH4ims/DD31vqF6Zo5PtMafLk44J960NG 0XxBrvjq38SeIbKHTYrKBobe2WQO7Fs8sRx/Ea9AooA8x0W28W+FYNS0Oz0JbuO4uZJLa+89VjQP 3YdePSoYfBuuH4NTaK9qBqi3BmEJdfnAlDcHOOQK9UooAzPDt3e3mjQSalp76fcgbWgdwxGOM5Hr WJYaNfQ/FTU9VktyLGawSKObcMM4YEjGc9jXXYoxQBw7+FrvUPGfil7qFo9P1PT0to58g5O3BwM5 4rNsJ/Gmj+Gv+EcXw8Li4ijNvDfrcKItnQMQecgH9K9KooA8w1HwVqug+HfCy6Vb/wBpXGj3ZuJ4 1cIZCx3NgntnivSbOaS4s4ZZ4Gt5XQM8TEEoSORkccVNRQB5fb6Dqng/VNThi8L2+vafdztcW8o8 sSRFuqtuHT/Pepbzw34ivvhnrNtdWVoupXzo0NnaxpH5aB1O0sMAnAPWvS6KAOM8daJqGq/Db+zb G2aa82QjygwByuM8k47VU8TaZrVp4q8O65pmmHUFsrd4JoVkVGG5cZyfr+ld9iigDzi48M6vJN46 dbJsanGotPnX96duCOvHPrWnd+ErnWPhTZ6DNi3vo7OEAOQQsqAHBIzxkYrtKKAPLXh8TXenwabb eC7CyvwVSXUJFheIAdWC4zzj9a320DUI/iTo9+Id9la6a1vJOoVVD+gXt+AxXZ0EZGKAPI/GHhyS 7+KVtplrIBaa2I7i/iX0iJyT9cfnXrYUKAFAAHAA7Vz/AIf8E6d4e1G51CGW6ury4G0zXUvmMqZz tU9h/hXRUAecfE7whqut6lp93okRZ5EazvNrAfuSQecnoOaq+KfAN/feNtN+wRMdHmSFL47lAxEf lBGcnIx0r1DFGKAORvtGvpfilpeqR25NhBZSRPLuGFY5wMZzVXxDpGsaT41h8UaFZDUBJb/Zbu0D hHK5yGUnjsPy967jFFAHC6TpeteIPG0HiLW7EaZbWULRWtq0geRi3VmI4FWfh5ot/ovg+ez1G2MF w08zhCwOQx4PBxXY4oxQB5DbeFdU07wlobM1vZ67YahLNbW1zKqi4DNygOepGKd4l1LxDqvifwqu raXHpkAv12Qeeskkj9246KB/OvRvEfhnT/FFgtrqSPiNxJFJE2142HdT2NZui/D/AE3SNUTUpbm/ 1G9iUrFLfTmUxj/Z9KANKa91ZfE8FpHpytpTwl5LzeMo/OF25z6fnSG+1ceKlsxpqnSPI3m93jIk /u7c/wBK18UYoAyUvtWPimSzbTlGkiDet7vGTJx8u3Na9JS0AFFFFABRRRQAUUUUAFFFFABRRRQA UUUUAFFFFABRRRQAUUUUAFU9SuWtbcMnBLAZ9Kt0yaJJ4zHIAVYcis6sZSg1F2ZUGlJNmZa37q48 1yynr7e9aqsGUFSCD0IrGuNMltvntyZFHbuP8aqpqYUFcEMOu1sV5scXLD+7XR1SoqrrTOkornk1 Ug5YMPcGtO01FJsAsD7100cfRrOyZlPDzgrsv0UlFdpgLRSUZoAWikooAWiikoAWiiigAooooAKK KKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAEpaKKACii koAWkpaKACiiigApKWigBKWkpaACiiigBKM0V5h8VPHGpaFe2+l6TL9nd4/NlmABbBOABn6VdODn LlQ0ruyPT6K8n+F/j3VdV1o6Rq8xuhJGzxSsAGUjqDjqK9YoqU3TlysJRadmLVHWtWttC0e51G8Y iC3Qu2Op9APc1ergvjQHPw6udmcCaLdj03f/AKqgRnaZc+PfG1t/adpfWuh6dKc28Zi3u69if8/h Vzw74q17TfFo8MeLlilmmTfa3sK4WT2OPp+ddf4dMLeGtNNv/qjbR7fptFTT6hp9tqFvb3Fxbx3k wIhR2Adx3AoAsRXMMskkcUsbvGcOqsCVPuO1AuYTcGASxmYDcY9w3AeuK8/+H3/JQfHP/X2n83os f+S8an/2DU/9loA7h9Z06PZ5l/ar5jbEzKo3N6DnrSzavp9urNPfW0aq2wlpVGG9PrXkHwy8B6V4 ktNR1DVo5JjHetHCgchUwQx498ipPDPgrTfFXjfxUdVR5La2uisUSOVUMScnj0AFAHsE17bW1v58 88UcOM+Y7gL+dJaX1rfxebZ3EU8f96Jww/SvGNfvLC5+I0umatY395o+iwJDb2VpGzrnaOWA+vX2 FS6RdW+n/EPSp/CmkatYWN03kX0E1u6xYPAbvjrn2xQB7BLqVlCsrS3cCLEcSFpANh9D6U6G/tLm 2NxBcwyQDrIjgqPxryjQPCth4l+Jnio6tG1xa21xlYC5CM5yMkD0Aq14b0Oz0n4o694et4z/AGRc 2Qka1ZiV52/4n8DQB03gjxm3im41ZZzbxG2u2ht40bJZAPve+a6ySRYomkc4VAWP0FeW/CDQtNF5 rd6LSMXNpqEkMEmTmNMfdHNepSyRxRO8zKsajLM5wAO+TQB5jpereM/H32q+0bULTSNLjmMUIaMS SOV7k4rQ8PeJfEWm+Ml8NeK/IuGuIzJbXkCbQ2Ox4x2NUB4D1Swnm1H4f+I0is7lzJ9mZt8RbPOD yP0qxoXjXXtP8VW2geM7CGO4usi2u4Puuf8AD/OKAOmsrjVIPEurvqOo2LaVGitbwqyiSHgZL8cD r1NU/AvjI+KLK+nu2toXiuHRI0bkRrj5jn+dc9odjbal8UvGtpeQrNbzQRrJG3RhheOKyvAOi6fH 4G8S6ilqgvEW6gWUE5Ee37vXFAHsEM8VxEssMiSRt0ZGyD+NJBcw3KFreWOVQcEowIB9K5P4V/8A JM9J/wByT/0Y1cl4JjSX4Wa8kmpjS42vJQ91j7i/Ln8xxx60Aentrulpci3bUbQTk4EZmXdn6ZrL 8c+Jm8K+F7nUYRE9wuBFHI2AxJAzjvjOa8ov/wDhBn8KTWuj6JqN/dxwn/T0gYfOBy5YnGM9sdK0 9agj1X4BWOoX6efeWyKsMzk7kHmbf5ADmgDu9T1LVNR8N6ZdaFqenwXEjxG4eZ12kFcso4POe1dP NcRWsJluJUijXq7sFA/E15J410ew0f4e+Hk0+2SBZ723mkC5+ZynJ5rQ1qyXxn8WhompNI2labai Y24YqJXOOTj6j8qAPR7PUbPUEL2d1BcKOpikDY/Klkv7SIyiS5hQxAGTdIBsHv6V5d4t0Sz+H/iL QdZ8OobNLi6Ftc26MSkin2Ptn9Kig8M2fiX4za/FqQaS0gjjkaDcQsjYUDdjrjmgD1a0v7W/i8yz uYZ4/wC9E4YfpTo7qCWaSGOaN5Y/vorAlfqO1eZaTpNv4U+NiadpAaCxvbAyvAGJUEZ6Z91/U13W m+F9P0rXdQ1e1WUXeoY88s+V/AdqANmiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigApKKKACoZrmOEfMckdhVW8v8AaSkZGR1NYk93vlC8tk14uNzeFF8l PVmc6iibEmqMc+WEUDueaxNSs11STzHY5A5ZRt/lU6mPcQW3dCuemKbM4KOBxxxXk4jEVq8ffkFP ETpvmi9THTQ1g+e3u50567sj9asRx3kcqlZYwP73SrMRHkrg8HmkfZgkjoOtcKU9JX1Nv7Trv4nc 27a9fYAZg59QKtLfYHzDP0rkbS8gkeSLz1E0X31z0FZMHiu7fxa2nHH2fyzsHBLN1z+Wa9rDY3Ec rvHRK5yqo3qdvf6vCpVBIUzxnOOaZFqMi42TK49GrmtQt11ArukeMo27A6Z96rLbXduf3Tq4H904 P5V59TMKs6nPzW/A55YialtoehR3amMNJlTjmljvIJPuuPxrhk1y7tgFlVh2ywxViLW0cjzApPrX of21NW900jios7gEHoaK5a21RSR5c5U+mcitwagoh3AbyB0WvRw2Z0qyblpY6I1YyLtLVKHU4pCF YFCfUVczmu6lXp1lem7lp32FopKK1GLRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUlAC0U maparrFnotm1zfzLHGOg7sfQDvQBdoryPxF8WpzI0enYt4+xxuc/0Fc9D8Vdchn3reNIo/hkUEGr 5GTzI99pa8u0v4yxywbb3TiZx08qQAN+fetey+Lvh6eYQ3ZuLKTOD5sfA+pFJxaGmmd1RVSw1Sy1 WHzrC6huI/WNwcfX0q1UjFooooAKKKKACiiigAooooAKKTNGaAFopKKACloooAKKKKAErkPHHw/t /GPkzi4NrewrsWTbuDL1wRXYUmKqMnF3Q02tjifA/wAN7fwjdPezXJu71l2KwXasanrgeprtqMUt EpObvIG29wqlrOlW+t6Rc6deLmC4jKNjqPce4q7SVIjzLS7Lx/4LtzpllZ2etadFxbyPLsdF7A8/ 59aueHfB+t6j4rXxP4xkhF1Cu21s4TlYffPTv6mvQaKAPN7jQvFXhfxrqmreHbK21Gz1Uh5IpJQh R/x9yfwNP8J+GPEtr4/u9e18W7C7tdpMLjEbZGEA68Ada9FoxQBx/wANPD2oeG9DvLbVIlillvZJ lCuGypC4PH0NJ4L8Paho3iDxJdX0SpDfXXmwEOG3Lz1A6de9djRQBwOveGtd0rxk3ibwqkFy9xGI 7yzmfZ5gHcH8BT9KsvGWueKLbUtcYaRp1qPlsrafd55/28HBH19Old3RQBx3hPw9qGleMPEt/eRK ltfzK8DBwSwGew6fjRaeHtQh+K19rjxKNPmslhSTeMlhjjb17GuxoxQB574N0LxJ4X8U6jbPZW0u jX109wboSjeuQcfLnPoOld7d20d7ZzW067opkaNx6gjBqWigDyzS9D8deA/OsdDhs9X0neXhWV9j pk/Ufj1q7pPhjxL4h8XWev8Ai5ba0jsAfs1nAd3J7k5P8+wr0aigDjdA8OahY/EbxFq1zEq2V8iL A4cEtgDPHUdKyPCPhjxFpEmr6Ff2ludGvWmYXaSgsN4wPlzn9K9JooA8s0LS/iB4e0c+HLWysHt1 Zlh1BphiNGPJ29T1J6VFZ/DjWn+GGoaFcNHFfPem4izICsoGMZI6Zwf0r1iigDzKS08d6t4bOgjS dP0mLyPJluROG3qFxhVHTPTPvU8Pg3V7n4Nnw5cRRw6igO1TIGVsSbhyOBkV6NiigDy/VPD/AIs8 Q+DNNsb7TbeC8sb2IhUnXDRIuNx5657VreKPDGtQeK7bxR4X8mW8WLybm1mbasy+x6f/AKhXdYoo A84/4R/xJ408RafeeJ7SDTNM05/NjtY5RI0r5HU+nH+c1raF4e1Gx+JOv6vcRKtleRIsLhwSxGM8 dR0NdjRQBxt14d1GX4tWWupEp0+KwMDybxkP83G3r3Fa2lS+IX8RammpwW6aSuPsToRvb13c/wBB W5iigBaKSloAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoopDQ AVR1C88lRGh+dv0FSX1x5MOAfmbtWFMGXMmfmPY142a450YunDd9exnOdtCK4dueuKoo5MxbutSz zlR8wI96hjOVLetfH9bnI9WTPLwH6EcH3FMabIIz+tMYbnC9uppTEMnC/StbyauGoRSbYkXcMget Zus6pPp8azQiJ0PyuhbDH3X1+lWruMQ20kuwuUUtsXgtjtXFnXdP1S/ivLi3kijs0Z1Vx6Dt75P6 Cu3BUZVJc1rpBGLIr23hezl1rU9Q3GYkRx25xuPYe1UrB9PNr/aNneyW17bfO0Uh3Z+h96y4tckj 1SbUYtKUwvkGMZMY98dAazdS1JLm8a4gtFhjb70YPGfrX1NOnP4X/XkdSTPS/DGuQNLd3usX8cU8 2AsDnaI06jg9zXXxC3uoVmhZXjcZVlPBFeMW1zFrOraVHcI6q+2M5GMqDxz34717AkkcFsc4SGJe g7Adq8PNKVOm13fQylDWyJHhIHDZX3qtJYQyctEM+q8Gi21W1useXMo9m4/nTv7RtBO0RmAZTgnH H514bU09E0N4GrJ2cH9xVOmBT+7lZT/tDNSxG9g4MpZPY5q8u1xlWVge4OaQw80e2l1OZ4dw8iJL 19wDMcdxWtZakI5Awmk24xsbkCsmSP5fm5pqFH5U4PfFaUsROk+aDNadWcFa52EWpI/ofoasLcI/ fH1rjUeROjVah1CRDhs/zr2aGezWlRXNY1X1OtFLWXaa5Zy/ummVZU4YHjmtJZFcZVgR7Gvo6Ven VinB3OpwlHdDqKpXmq29k4SViWPZecUsGqWtx/q5lz6Hg0vrNHn5OZXH7Odua2hcopobPTmlrcgW iiigAooooAKKKSgBaKKax2gknAHUmgB1JmuOvvil4fsJ2iZrqQg43RxZU/Qk1max8WbNNMZ9LgmN y/Ceeu0D3xnmiXuq7KhBzdok/ij4gT6bqs2mWUAjlj48yVeWyOqivK/EniC6vLsm5umnlPdjnH0H YVVm1e91LUry/vJ3lmPyAt2z6emBXMTTNNOzclmP41rBrlvYicLScbmpDcblkkuGiJJ2Kvlglj9e 31qKaGE5aINDIOsTHIP0NXdJ8PzSust0rDd9yJfvH6+ldfbaD8q7zFD7BA7D8TUyqxh8bNKeHqVv gRwtlDcXUqx28Ujsf7o6fjXa6LZR26hdbhtLyB/+WDD5/wDgL8EH6VdOivECIruRG9GjAH6VTmgu 7Rle4hEqL0kjGcfh1FKOIpz0TKqYKtTXM0WrSCx0m7ebSBcWrsSUk84kx+3bI+tdh4P+JIvrw6Rr 4W21BG2LL0SU+/oT+Rrz95g6Fo+RntWldR6R4o0K3iedbPX7ZDHG8nypcAfdUt2OMAE1pJJnMme3 ilrzP4c/EF7uRdC1x9t5H8kMr8F8fwt/tfzr0usmrGgtFFFIApKKKACsjxJ4jtvDmnG4n+eVuIog eXP+HvV+/vodNsZru5cLFEpZj/SvAvE3iW48QapJdTkhfuxxjoi9hVwjzMmUrFzVvF+qavcl7i7d Vz8sUZ2oo+launeL9StrXEV3IgRejHI69ga4ITEHGa0o5d0caDuNxrayM7s9Q8MfEb7Zdx2WrqiN Idsc44BPYMO31rvxXzvEBKyxhsBmGD6H1r6Et0MdvEjNvKoAWPfjrWM0kzSLuiWiiioKCiiigAoo ooAKKKKACkNLWR4oknj0GdrYsG4DFeoXPNAm7K5pJPHIxEciMR1CsDipK8v0aSaPV7Y2xbzDIBgH qO+a9QFNqxFOfOhaKKKRoeYWC+JPFHizxHb23ie50+30+5EccaQo4wc+vpium0rS9T8Nm61DXfE8 1/ZxQMzJLAqKmOS3HPABritF8Jx+JfG/i9pNS1Gy8i8UAWkuwNnd14OeldNqPhhPDfgHxHHFqF/e +dZStm7l3lcIenAoA6g65p66J/a5uV/s/wArzfO5xs9a5nXfENwfF/g9NMvD/Z+pea0gUDEyhVK9 RnvWZc3MS/AEOZF2tpqoDnq3TH1zVL/mLfDH/r3f/wBFpQB03gXV77VNQ8RpfXDTLa6g0UIYD5Ex 0GK7CuD+Gv8AyFPFv/YVb+VdNqfiOx0jVdO0+8Z1m1BmSEhflyPU9utAHO3uq6nJ8Un0aG9kitX0 p5FRQMLJnAbp1FL4H8UXNz4BuL7WJfMvNOaaO4ZsAkpk8/yqqHWT47gIwYx6Sd+P4fmHX865TxLK +j6t4n8MwfK+uXNvJbj2kOJP1zQB0Hww8T6zqGr3dj4guGle5tUvrPcAMRk4IGB7j8qk/wCEi1a8 ufG97b3rrZabEYbRVAwsgXJbp1yKTxmsXg7XvDGuJ8ltbRPp8xHTaUOz9cmmaHYPa/BXUrmcf6Rq EE93Kcc5fJH6YoAuRePjpHgDRrm5L6hreoQL5Fuo+eZz3IHQVu+D9P122snuvEmovcXtyd3kKAI7 cf3RgcmvMdJ8E6jY+DNM8X6VeTXOsW6rOsLcr5AGPLA9h/WvWfC/iO08VaFBqVmcBxiSM9Y37qaA K3ii5e3udHCayumiS7CshTd9pGP9X04o1Lx34d0ia4hvdUhjmt2CSRclgSMgY71ifEn/AJCPhP8A 7Cq/yNVfClhbXPxU8YXE8EcksJhSMuoO0MDnH/fIoA7bR9c0/X7IXel3UdzBnaWTsfQjtTtV1mw0 O2W41O5S3hZxGHfpuPQVyHgCCO08X+Mbe3QRwreoVRRgDKknik+MSxv4StlnwImvoQ+f7ueaAN3T fHfh7V9TFhY6nFLctnYuCBJjrtJ4PSjU/Hnh3Rrua1v9UiiuIXVJIyCWUkZHGOmK5r4pWllaeFdL fTooY7uG8hFgYwAc+gx2xj9KTw/pdnffFzxbNd28UzRrCqiRAwGUXPX6UAdTq/jbQNC8oahqMUbz KHRACzFT0OB0FaGma1p+s2AvdOvIri25zIjcDHXPp+NcR4Ft7a58beL5bxI5NQjuxGocZKQ/w4B6 Dj9BXM6ufsNz8RINGJS1EETMsXCq5YB8Y9ic/jQB6InxH8LSagLNdYg8wtsDc7C3puxiue+JnjM6 deabo9jrA0+SeUG7nVNzRREcEfXnp6Vbv9M0IfB9gsNv9iGniRHAGd23IbP97d+tc8xkuLH4aSXi 75nlIcuMlgFGM59sUAemeH08vQbMfb5NQDRhxdSDDSg8gkfQ1pUgAUAKAAOgFLQAUUUUAFFFFABR RRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABSGlqtfXkdjZTXMmSkSFyB1wKAOf8A G2oLpNvZ3ZP3ZCrKP4lI5/Kq6XKz26yRuGjYBlI6EV5f438dzeIr9UgAS2j4VAenuT61naf4q1TS IFjt5g0OchHG4D6eleXmGX/WVzR3MqlPm1R63IQyniox8qAcmuZ8O+NYNXlS2u0EFy33cH5XPt71 0/I9xXydfCzw8uWaOZqzGfJncz7D0+YcU4l9uRhh6qaSRFlQqe9QG22tuRdp9UbB/Ko2IldbFpWD rn8xXF+KIpRq8cttF/oltFtuCMYTd3x34xXVQSOshDliPcc1myaJ/aDo1/LlTK0skK/dc/wg+oAF ehgqsaUuaTLpz6nEQQXNrE+paREzW3IuLdlO1l/vAf3T+YrXt4bLUrUXmhWEe+EB5oZY/kb/AGQ3 97rVjxDolzpsj3mhzTo8mXlhVvlwO4H9KzPDWnXniBZIbi7li0+I/NHD8oZiele46sKlP23Nov61 N73VxL37ZrOq2d/odgDFYKMo2F+buuK7S8nzpKh1Mb3BAKN1HqKnttJs7SfzoIhHJsCEqcbgOmR3 PvU11YQ3ioJgfk5GD0rwsXioVZRSWi+8rD1YQrRnNaIyUjTaBgU8Io6KKnudONrA0kLs4X+E81TW 4GcNlW9DXN8WqPs6GJp4hc1Nk6ooOVJVvVTipIby4gmHmTGSInkMOn41Crg05V82VEHVmApNX3Ct Rpzi/aK6NW4mCwn065qhaIwjyec81JqzH7MY42CsxwCap2r3sZCsm/PcVFOF6d0fBTS5y3cXjWir hWdm6LmoGv76UYEiQj1QZP5ms251gS6g6HgR/IARjnvUyXkbDmtlScFtqfZYDKoU6MZzjeT7k0Nm qu0m9/MY7i245Jq/BdXdtkxzk+nOKoLOp+61SiY/Wpcp3ud86fNpJE0l7I7Fp1cMep+9To7pG6SD +tRCYHrRtjc5IBPrWbSe5HIkrWNjTtUmgcrDISCQNrcg12ak4GevevP9LMdvewvJkxq+4967u3uo bkAxOCfTvX0uSt8kuaXojw8ypqM04onooor3DzAooooAKKKTNAATiqQvrHUIp4Y7uKQbCHCSDKjH JqPWtc0/QrB7nUrhIoscAnlvYDvXzxe6hFd6hJBbSzQI7kLk7X8snoceoppXHbq9i/4obTNI1V4t Nu3urPON7Djd3APce9Ys8f2w+dG5lI5C54qLWbcT3cSxqdioFVB0ApbSyllk8u2gbzAMAqe/+fWt HZfF0BN/DT6k1tEy2JVvkZskk9s8Zq3pGgwpMv2QGaUgZmfgJ7j0pl/Zz6d5UN3IrSOm4lOg5rq9 LtUtbGNEXCbQd3f8awr11CK5TtwuCdao1PS25Ys9PisoyB80h+856n/61a9xqmk+GfsCalYS3ct1 H5zOGwsS5wBjuayzKYhtzuHapr26TU9Ijsr23jmEWfIlPDx+wPce1cNGpHn5qh6mLw9T2ahQ0Lni C5in1V57ecTwyqsiOp6Ajp+FUVmGOeDXMrY6jpZJtZA8Z/hPSll1jUYY90lpGVyBlTk8+wqp0ud8 0GiaVf2VNQqRenkbV3p1rdHfgxSn+OPjP1HQ1zmowGGdoLkbgvImQY/MVbe/1J+F8pc/3VzWZqEm qLMnIyy/eaunDNxfK5XODHwjKPNGFvMo3OnXcEyz26O6kj5k6g9iK9D0n4s6pa2cdtf2Ucs0ShTI 5Klx6n3rgXbU3UZuVGPQdKRlvdnzTJKM5xIvB/HtXa7Pc8rVHprfGC4x8umwZ/66n/CoX+Lt+w+S ztl+pJrzWRigXepikJOVJyPwNRmYgHtzTUI9iXJnpDfFjV2Pyw2ij/cJ/rUFz8UNclTCSQQ+6R/4 5rz77Rge1Ma8wMc5o5Y9hczOi1TxXqWpxlb+8llT+6xwv5dK5yS6DZIOaqz3O9cZyaLaxvLj/Vwv tP8AERgfrT9AJkkLuFArathkM3boM1XsdNFm3m3Dhn7Kp4/+vWgzrt4XFAE1iM3sI9XUevevoZeg +lfP+g273esWscaFsyKSB6A8mvoAVhU3NY7C0UUVBQUUUUAFFFFABRRRQAUjAMpDAEHqDS0lAFaD TrS1kMkFvFG56sq81ZoooC1haQ0tFAGVpfh6x0fUdSvbQSCbUZBJPufIyM4wO3U1ozQx3ELwzKHj kUqykcEHgg1HfXkWn2M93cEiGBDI5AycAZPFY1t420i6n0iGOSYNq6M9qWjIDAZyCex4oAyR8JfD ex4mF89s2Stu1y3lxk91Xsa2v+EQ0zz9GlxNu0ZClr+86AgD5vXgCl8S+LtK8JQ28uryvGtw5RNi Fjkdenarmq61Z6No0uqXshW0iQOzKMnB6YH40AR6P4fstDmvpbISBr6czzb3z8x9PQVF4k8Lab4q skttUiZhG++OSNtro3qDTbLxZpt/rMWlwtN9rltFvFVoyB5ZxjJ9eelJrni3S9Au7W0vJJHu7psR W8EZkkb3wO1AEfhvwZpXhd55bBJpLmfHmTzyF5GA7ZPapdQ8JaXqfiKy1u5ic3tkMRMGwvfGR3xm tkNlQxBHGcHqKztC1+y8RWctzp7O0UUzQMXQqdy9f50AN8ReHbDxRpTafqaO0DMH+RtrAj0NSz6P a3GhPpDqws2g+z7VbBCYx1+laFFAFLStMt9G0q2060DfZ7dBGgc5OB6mqGi+EdN8Paje3mmiaI3j bpYfMzFnPUL2rcrP1zWbTw/pE+pagzrbQYLlF3HkhRx9SKAI9Y8P2WuS2Ml6JC1jOJ4dj4+YevqK TT/D1lpmsajqdsJBc6iUM+58rlc4wO3U1owTJcW8c0edkih1z6EZFSUAZenaBZ6VqWo31sJBPqEg kn3NkZAxwO1c38V9Pm1LwxbQQW0txm9i3pGhY7c8njtXS2GvWeparf6fbmQ3FgyrNuQgZIyMHvWn QBymmfDnRNL1OG9T7XcPbZ+zx3M5kjg/3VPStey8P2Wn63qGqwCT7VqG3ziz5X5RgYHatSqGs6xa aBpU+o6hIY7aEZYgZPXAAHc0AZOt+BNJ1zUhqMhurW927GntJzEzr6Ejr0q7o/hfStC0qXT7K1Hk TZ87zDuaUnruJ61Z0XWbPxBpUOo6dIZLaYEqSMHg4II9a5q8+Kvh7T55orgX6mByjt9kbbkHHWgA T4V+HkkAIvWtFfzBZNcsYAc5+5W9qPhyw1S7024uEdX02TzLcRttVTgDkenArH074maHql0lvarf l3Uspa1YLgAnr9BW5oOt2viLSYdRsd/kS5271weDjpQBo0tFFABRRRQAUUUUAFFZmv6/YeGtLfUN TlMcCsFG1SzMx6AAdTWdovjjTNcvYLSCK8huJ0eREngKfKvU80AdJRRRQAUUUUAFFJWUfEumHTtQ vorgTW+nFluGiG7ayjLAepGaANaiqunX8OqafBe2xbyZ0EiblwcH1HarVABRRRQAUUUUAFFFFABT WcIMsahubpYE6jceBWPNeyTTBcnB4H1ppCbNOS9HIXtVC5kFzE6Sjcjgow7YNVpJzGFIIOeo9Kgm nfk9FcfgaqxNzxfxJoK+GtUltZOVJLQY7rnj/CsaR97DsPQdq9g8SaJFr+nNC2FmTLRORyp/wNcX pHgC5uHLajKIEU4KJyx/wrCtVhRjzTeg3JJamf4KsftviSAkZWEGQ/h0/WvWQKztL0az0aLZYwqj Hq55ZvqavJI7ffTb7ivkMxxccRV5o7I5Jz5pDmKqMsQBURvYAD978KhuJDtZj26CmafaQXIb7Rc+ S/8ADlcg/jXHTg6jsj0cvwUa6dWo/dReu1S3t0uFbzbdx/rE7H0I7GmW9tJeRGS3RnVeoxyKjewa KbyFmEsRwxCMdrHtx612mnWSWNokSj5sZY+pr08Ll8MTUa2S39TfF4PD04Ll3ZxFxbEqUmVlz1BG Mj0pII47bf5MaLvbcwUYya7+SGOVdsiKw9xWddeH7SYHy1MTHoV6flW9XJ60Y2pyuux5ToNbM5gT KfvAipEKngMDiqWtu+hNm4hkePdhmTnb6HHpVWDWLKcgJchW7B/lNeR9Wravl2MtV0Ns4A7EVA8U Mh/eRqfwpiyvtBVw6kcH1oE/95CPcVi0VGpKL0diKTSrd8mNihNLb6cto3nPLuZegqdZEbo1JcuF gPPWi8rWudbzCu4ODloZtyrXc4AOAlWoI3t1LHoozXKDWZ4r2UywyrHu+VgO1aUmuo1iAkhJkYL7 iuqWHmkkkcuC5a+IjTW7ZOEVxmRAS3JyKjaxhflcqfaqyakmSN/TjkVMt2jDsfoaHGaP0ZQnHYja wlXmOTP1qMm5h6q2PbmronU9D+dO80H0NHO+qK55dVcpLqB6MOanS9Ru+DUrJFJ99QarzacGUfZs CRjwCeMVSUZu1g5qb3VjQsrpPtQBYEAZq/qGtS2EVu9mWEjTqDtGcL3z7VnR2dtaQKb2J4+Qpnhf PJOBlT/StOOzsoEknh1gh1TmKeLCN6V72Bw7ppPoeFmFWD9yO52Ol3hvoBL2I5HoavVwTeO9O0HS 4oVKXF8x+aCM4C/j7UxvjBodvAv2xJornHzxKM4/HvXrra54Ti72PQKSvMbn426djFjp9zcOegxi uBvfFOtaxdyyAXzwq2WWWbhe+FAwOKa1Y3BpXZ9C3d7b2MRlup44UAyWdgBXj3xE+IZuLsQaJqMr 220IyQphXbPJL9/oK5i5uf7VAu7+e4m2ADbLIcDHqKrWzfai0pQbzkQgjIUfSr5HvclSj0Vx1xqD zaeL278x5IgRCsrFtp9s1l6fbSBmunctM/zbcZJ+nvWpJYtq8sdlGwjUnLEDoBXS6dosGlIvkAu4 /jfk1FbEQpOz3OnC4KpiFfZHMR6cNXvYo/PaLbkkgc49K7Gy0y3sYPLt0x6seS31NYOl6TfxeImk li22qlm8zIwc9BXVdOlcWKq87Vnoetl+GVOLco63MbWNBj1No3aaSN043IM5HpitA7beBRnCKuOf Sia7jhyM7nHYVlXFy85JZuBz/s/5FYrmkknsjqtCEnJLVlw3kbNt2sFP55qUAhPkYFW7islXGdo6 88E/5/GrMNw0TDByp657/wCewpun2D2ncvoCyEN0FJ9jiBzgZoSTJynDDtUnmqRlhg+orF3RqpKw zYiKQoArG12L91DJ6EqTW03J6AfSo5reOeMxSrlT+la0Z8k1IwxdL29NwRycZPPpU6vtHQY9KtXu jyWwLxfvIx37j6iqAP55r2oTjNXifK1aU6UuWSsS7IpFxtAHdTyD/hVG40ouf3B8sk9GOV/OroPH ANLvx3qzIy/7EkB/fXcS+wGamj0W1U/vGmmPoBgVeDAZwAPwpDM3TNABDbxW/EVtDH7tyakZix+a ViB2HFQlyeuav6Zod9rD4tIGZB96RuEX6mhuwblPciDKKPqeTWjpPh/UNZO6JBHbjlp5OFA7/WtZ bHQ/D/zXbjUrtf4E4iU+/rVz+1LiW0S/1NQlsTizsIxgSt2JHcCs5S7FqPcuJZWmhW8en6e267uh ma5bqkQ+83sPSvTY8eWu05GBg14zqlzJZxtBO4bUbwhrtv8Anmn8MY/rXslsc20R9UH8qyaLRJS0 UUhhRRRQAUUUUAFFFFABVTU9Qj0ywkuZQSE6KO57CrdUtW05dU06S2Ztu7lW9COlAne2hgab4za5 vkhubdUjkbarITwT0zXViuP03wZPDfxy3csZijbdhOrYrsBTduhFPmt7wtFFIaRoZPi3/kUtW/69 ZP8A0E15nexNafCzwdr0YO/SZ4pGI/uM2G/ULV6efxtZaTqvh6bR7jU5LmSRLfUDKCnltxz9BXU/ 8Ik6/DA+HJSsky2RiyOnmYyMf8CoA5vxTpyeN/HF5pwAlt9N0p2XB/5bScr/ACFZt7qsniX4c+Fd H3E3OoXiWswPXERwxP5Ka6f4WaFqemaXe3muwvFqN3KoZXxu2IoVay/DXgzUbD4nXU9xAy6PZvNc WTnG0vLtBA+gz+VAGd4l1mXw18XnfTrF7u7k0tba1gjHVyeM+wxWv8Kbez1QXuu38z3XiJpWjuvO GGt+eFUdhj/DtWkmi33/AAuR9WNo/wBg/s3yhPxt35HHrmqniTw/qmgeL4PFHhi0e5+0Hy9Rs4yB 5q/3hnv/AFx70Aegt90/SvHfA2n+KtQ0jU/7F1aDTrWG/mZAYN7TSZ5BJ6Dp+devoxkhVtrKWXO1 uo9jXJ/DbSb3SPD97BqFs9vK9/NIqvjJU4weKAKOl+KvEGtfDhdQ0+2t31jzTA7MwWNNrYaQ5IHT tWFfeKdW8N6tprf8JdYa2Li5SG5tI0QFATgkbSSKhl8JeIG+F8VgljL50epvcXFnvCtPDuPGQfcH FR63omoala2P9heBzpltZ3Mc0u4RieXB6L3IHfJ9KANnxP4p1A+Op9EbXofD1pDCjwzSwhvtDEZP zHgAZx+FR+J7jWbj4P63/bslpPIjoIbm2YFZ4/MTDYHANX/E66sNfnTU/DSeINEmjX7OsUaebbtx kEnnk56e1YEPg3WYvhz4mt4dNlt/7QnR7PTBJvaJRIpPJPXA/SgCzfX/AIy8L+GLLxFc6ray2yrF 5mnC3ACxtgAbuucYzXqcMgmgjkAwHUNj6iuN8eaPf6n8Mzp9layTXhjhHlLjORjP5V2FojR2cCMM Msagj0OKAOAn8T6nFdeOfLljX+zFVrYiJcqdueT3/Gs2XUvHC+CYvFjaxaqqQLObEWw2vHxyW9SO fxq7c+HtVa48estjKRqCKLU8fvjtxxzWrd6Pfv8ABtdKW1c3/wDZiQ+Rxu3hQCKAOq0u8/tHSrS8 27TPCkm30yM4rhfiLfwaj4l0Hw3NcRRW7zC8vDI4VdicgHPqQa7Tw9BLa+HdOgnQxyx20auh6qQo yK4zRPB3/CQ+J9d1nxXpWVllENnDcYOIl6NgHjPH60ARfD3ULbSvF2u+GYLiKW1MhvLIxuGXY33l BHpkcfWtv4pAf8K41jgf6tf/AENaxfE3gs6DrGia54P0oCa1uNtzBb8GSJhyeT6ZH410fxC0+61b wLqVpYQPNczIoSNep+YGgDQ0SPzPC9ggYoWtEXcvUZUciuT8Y303gLw5pGn6LKLO2ln8mW+lQy+Q DyWI7kkk12eiwyW+h2MMyFJI7dFZT1BCjIrF8bf22lpay6PZQajbrL/pljKisZo/9nPHFAGf4Qvd bl1fYdcsde0Z4i32mLassT+hUHmun1/Vk0HQb3U5E3rawtJszjcQOB+Jrz7w74dubjx9a6xp3h2b w7YwRMLhZHA+0MegCA4ArvfE2jf8JB4bv9M3hDcxFFY/wt1B/OgDi4V+IF1olvr9tqVtLPKqzLpQ gUIY25C7yeuD1qzea34g8SeK5dB0W4j0lLK3SW9nZBK4dgDsXtxnr7GqkOreNYfDkGgW3h+eDU4k W2GoeYpgVV4Dj8BU0mm674Q8Wy6za2UutW+oWscd4sJVZVlRcbwOmDj9aAJ9J8Ra3put6p4d1yeK 6uoLNru0vI49nmKB0ZemQaxdIv8Axzr/AIL/AOEhj1u2txCjvHALYHzwhOSx7ZwRj2rW0zRtY1rx DqniXVLJrHdYvZ2dmzBnwR95scAn+tXvB+kX9h8KI9NurV4r0W1whhbG7LM+B+OR+dAHIeN77UvE vgnwzqxu0giurmBXtxECBMS37zPoMdK6u21HVrL4haVol7ex3atp8kk0vkKhdwxwR3HGOM1i3fhr V3+GXhjT1sJTeWt9DJPFxlFBfJPPuPzrorrSr1/ixYakts5so7B4mm42hieBQBznhDVPGXiW3k1W TV7eGxs55I2i+zgtMByee3YCqWn61451XwK/iZdYtoEtVZltxbAmcL1LHt9Pauq+Huj3+leCbu0v rV4Lh5p2WNsZIbpVTQdC1K1+DU+lTWciX7W0yCA43EnOB1xzQBkajr/jGHwnB4yOo2sVu2yT+zUg yvlsQOXPJJ6/jXTeJdQ16aXT1027tdI0yaHzbnULgodpI4RVY9fes7WNB1O4+C1vpMNnI+oLawoY BjcGBGR+FZ/iXQNQ/wCEp0rUL7Qptc0qKxWEWkbDMMoAySpOD/n0oAn8L+JtTm8XXfhw6/bavE9o 0tvfxIv7p+mDjg4rH8FnVtK8IeL9RXUUkS3kucRGAYMwVT5mT2/2elanhzRtWT4lW+sSeHV0rTHs 3hjii2fu/TeF6E/4VFp2ka5Y6J4v0GTRrhheG5ntrpWBSQsoCqPc0AXZvFet3tn4Z0fSJIYtT1S1 E8108YKwoByQvTNWbfVfEHhTxZpmla7fx6pY6oTHDcCIRvFIOxx1B4qjJ4f1zSrfwtrun2JuLzTb QW13Ylgrsh64PTIzVxbTWvGfi7SdQvdLm0nTNJYzKtwwMk0h6cDoBigClpF74x8V6jrdvaazBYWt jePEkn2YO7Hsv0A79ea6L4eeIL/X9EuP7W8s3tldPayvGMByvfFR+AdKvtLn8QtfWzwC51J5Yt2P nQgYIo+HmlX2lQa0t/bPAZ9Tmmj3Y+ZCeCKAOwooooASq95dLbx9fmPap3YIpY9BWFdy+dcMwOR/ DTQmQXMrytuPIHaqkjlgQevrU3nNllU4I6g9arSMQaokA5Y8n5h1pGZlQhee4BpjEk7l6jrS7sj2 oEMXBGe55NRSfu5Vfs3Bp77g4IJP1pkiiXCkZwc4rDE0VWpOHcmSuhTIPwp6yKQR60W2ky3Uo8kk nuvY/wCFdLFoNosAWSPLY5Oe/tXy7yOu21dGKpTZxt2pMR29QeRV7TLDz4fNaaONM4+Y8/lVnVtM ayk+XLIw+U+vtWXExiPGdp/SvOcHQm4VY6o9XLsTyQdCTsbFhCp1NEV96iQc4xnFdZXE2Fx5F3HI SNobJya7CO7hk+6/Poa+hyWpD2cls7mmOfvrW5NRRnijIr3DiOf8V2iz2qMwGHzG3vnpXj95tjVl bkqSPyr17xLdrtjiBHy5c/hXm8vhxb9pT9qePdyPlyMnrXirG0qGKqcz00+85JVIxqMg8PeJYrCB ra8LmLOY2UZ256gj0rpbbVrK8OLe6icn+Ettb8jXHXXhHUoQzQmK4XjhTg/lWVNbXFodt1byRkn+ IdBWdTC4PFyc6c7N/wBbA/ZzejseolQwyRiqWo/urRtrHc3yqCe5rg7HU7uFf9Fu5kXpjdkfka2N G8+8nu7+9mlmgtAI1Uv9+VuQoHQcdT2Fc8smqQfNzJpD+ruWiOgsJTCuJo1YH15FWbprAoMW0S8Z OBXO/wBni4na4vGZpSchVYqqewFOmtR5UhBkORjO49KxeXvmvzHpYfJqialdG3ceJ/Cc8KwvpshZ QFLIoDdPasW6k8Oz/NZXF5bseiuqnP5GqDWcYYFogSOfWmfZozwQ2ck16slCSs0fU0cPKj8Mn947 zpAM210sq/7VIb25i5eNseq8iqzWJG0q5DAHkZNMhe8s5t7kyQgAupHGPX2Nc8sOmrx1PQjWW0ka UOsbiFJ59KsprccV9GpOBjOaYkdncq77kIVeSOormEupZXYRwBkBOAewrGhQjOTaVrCqum1ojtdS 1O31BIbRrjymdhIDjg7e1Z/iTVHgsbe3ik/ejc/BzgdBWPbaZNdbZpHKDPQVcfTk8xpJGZ22kDPa vVhJRioHz1bDN1HURzdrpkcU63W6RpSclmPJzTru5WHUlEke5XUENtzg1eQKVO7IPYCiOGe5uoo7 eMuzjBwOgr1ItKJ4Di3LQW4lZYo40wrynAwANo7mrzXCxWyxKOOgAq/aeFE+1Lc38zPgbRCn3fxP +FXNT0CO+ihW1cWxiyMBchs+vvWLxdNSsdccvqyjzHO2miSa2SGlMFojfOyjJc+grp4tOtrO3ZbW NVkK4DtyxOPWrdvbR2sCQRLtRBxmiVkjXLtwegHeuGriJ1JXWx6+HwdOlBK2pzHh3S7uK8muLyLy lUbFB6sfX6V0W3Jxiq1xqkVttGAAxwCQTk/hUayvc3CqHyobnHas6kpVJc0jpo01QhyxLRYL935j 7VWu3dUHOAeMCrhQDnFUL9vmUdgMmhRQ+Yq2tlJfXKxQo0zueFB4xnqfbjrW9/whNw3ym+tkkx9w DJz9f5cU7wSV869AwLjyxsJ/H/61YTvfR6gRJ5onD4I5znP5/jXVGKSTZ51WpUnUcYu1i1q3haTS NLW7muolnL4MOeCvse59ayIzypwQcj68/wBT+ldV41BbTdONxj7SFO8+nHP61y0SEGMc54GB1+n1 9TRNJOwYecpQvItkHHA+mKctyAQsvB7Mf608D6VWvVHynvnHHX/9dZOKlubqbjsaKHgdCKmWIMu7 r/Sse1vGtvlbDR/56ew/WtKKdZRuiOfUdxWM4OJ0QmpEhQr06VnXukRXGXixHL/46frWkrg+x/Sg jPsadOpKDvFiq0YVo8s0cfNDLbS+XKm1vfvUZJ7Zrrbq3juY/LmTI7HuPpWXB4YuLq6KRzQpCBuM kr7cD6V6dHFRnpLRnz+KwE6L5o6oxia0tN0DUNVObeErEODLJ8qD8TWvjQNAHyL/AGndDGGcYjB9 h3rO1XxFfamNskmyEdIk+VR+FdN29jhsluaC2ug6HhrmQ6ndD+BeIlP9ap6l4mvL9DEGENsowIYh tUf41ik+pFb+j6NBBaDVdYyLUcxQnhpj9PSk0lqwTbE0jS4o7b+1tY3C0Q/uYScGc/4VpTXclrjW dRRftUi4srbtEvZsfypZpC4XWNZUKo/487IcAgdCR6Vzt9qM2o3bz3Dlnb16D2qbczK2I1kkuLpp ZSWdmySeSa+gbM5s4D/0zX+VeA26oBuLfMSMKPT3Ne96cd2m2p9YU/kKmY4lmiiioKCiiigAoooo AKKKKACiikNABRUUV1BMxWKaN2XqFYEipaAFoopKAClry/TbXXPFPi3xLAnibULCDT7pY4o4QCMH Pr6YrrdB8O3+iXclzf8AiS91GIxlfLuAoVeQd2R9P1oA6OiuS/4Wh4V+2/Zv7TX72zzvLbyt3pvx itvWfEOmeH9PF7qd5HBbscKx53nsFA60AaVJWDofjbQ/EUskOn3mZ413tDIhR9vrg9fwrA8GeP4/ EHizWLCW53p5oFggiK/u1BLEnHXp1oA76iorm5htLaS4uJFihiUu7scBQOpNconxW8JuJGOp7FQZ BeJwHGcfLxzQB19FZ417TzrMOlef/ps0H2lI9p5jzjOenamyeIdOh1iTS3uMXkdublo9p4jHfPSg DSorkJfir4TiETf2oHWTklImITnHzccdKl8WXetajpmnR+EmBW/lUS30ZBEER/iGevX9KAOrorzP URq3gTxBogi1671S31G48ia1u8M3P8a46Yr0ugBaKKKACiiigAooooAKKKKAEopaKAEopaKAEpaK KACiiigAooooAKSlooASilooASilooAKKKKACiiigCrfH9wR61jyHapJXdxjHrTPG2qXWj6bFd2i oxD7WVxwQRWNo/irTtSjVRcpFMQMwSHBU98E9RTQmX5Eycj1/Go3IPB61JcIVbzYufVezCoztlUM vIP5imQQsMHj9ajyVJPbvT2BU88im9OhwfQ0wFBzWjp2lPduHcbYx39al0XTUmYzTLlV6A9Ca6AA KAAAAOgFSykhIYI4E2xIFHtT6TNGaRRHcW8d1CY5BkHv3FYN14ck3loSCf510WaM1x4rAUcTrNa9 yJQUtzj3025gPzwFgKQ3EkXDRyLXYZprRxt95FP1FecsmdP+FUt8jOVGT+0cxDrE0XCyOB6EZqd9 YuXXgFj9MCtp7G2c/NCv4U9LWFPuxj8apYPG/D7RWEqU9nI5l9HvL+3lmYhS3J38ZrJt7fy49rcn vXoW3IwenpVOTRrOV9xiCnvt4zWOIyVuK9lLXrfqTLDJtNHN2ugXN2odFCIejMcZqeXwlcPHtaWG Qf3WGRXVqoUADgCnV108noRjaV2y1Qh1OGh+G1hNP5t1H5BAP+obAb6jpXMGzgsr24tLISJaxykq sj7vm7t9TivXZmKwuwGSFJxXlExZp5pHUBnYMQBjHFdkqKpUHFHfgIqNeKJY1AHTkdzRIu5WX1GK hWXPFTLIBwa88+nSa2MuWCSH7ykj1FREjFbRKmoJbSOTJ27T6ilY6I1rfEjKKqT8yio3iUjB4FXp bF15X5h7daiitlklCSyeSvqynihX2N+eNrmY2nxs5bA5/CnJbMi7UVQOwFar6ZKrYjaKUYzlHHT6 VXktpYWwy4Ppmq1W4KcJ7Mk06J3icFeVOcZq2bcRruYZNVrN2t5tzD5TwcVelvIduFV2J9sVSZyV acubRHMtpksuoPDGvOc7j0ANbGn2VtpBZkkeWRhgnPakeaRiRwinsP6moXlWIqp++/3Rgn88dBWs 8ROa5Vsc1DLqdJ88ty/NqZiAJAXJwMDJqI6pNvCqTIc8hMHb9azgzNIfLwXYfvJo3yqfgaYDHIhP yiJj8zEGOSQ/pWaR0tR6I6aKZZ0HGD3HvSTRLKm0/gfSsmzneMDcnl56pnOB9a1A4YAr0NUYSjyu 6Ma4t3imfDyB24yH4UeoB4qXT1AYYJOM5Y8En1OKvXEPnJ/tDpVWwjCs+ABjjAGMVSE5Fw+1ZeoN +9IHZf8AP/661D061kXvMsm3uR/n/wCvVRRk5C6XHfG/Q6aj+evIK9AOOvoPr1rtWuNajgMkmm20 syj7ytyR9Kz/AAqxh8P306gKw3EHGOg/+vWHpmr3y6nC32iVtzAMGJwQf5CuiNopHm1E6sm0loU9 Wvru+vGkvOJFJUKB9zjoM8Z96hRMugCgjOMDuP8AD19a6Hxvbol9FKoAaSP5iOM896wYwPOXJI+Y ZyP8/lUyVmb0pKUE0XmQjn071QvcjaMdc9/0/wATWttyPpWfqKD5MYx79P8A9X86hLUu5nk8dffp +R/wFEcrQSbkODn15+n19TQQRk8+vv8A/r9PSo2HbAx0xn9Pp6mtLA2a9tfpcYDYWQ9PQ1b3EcMM gfpXNHcOcnrnI/z+QrTstTxiO46Do3+f51hOj1iawr9JGuuMfN07EUjqAOFBB70A4AI5B59jTlYM Dt6+lYXsb6PcyLvQxK3mW7bSeqt0/CoG8PypEWWVGf8Au46/jXQ4BXjt1FNY7OW4rqjiaiVrnFUw FCTbsZ2maNb6daf2prg/d/8ALG27yn39qvysfl1jXlzn/j0shxx2JHZaIxELmO5lgE7Qg+WjN8oP auc1G/utSu3muSxc9sYA9hXbSqe1PHxFB0HboLqepT6nctPcOSx6DsB6D0rPZsZHHNPmDI21hhvQ 1CW55rpRyNlmB8lfr3/wr6B00FdMtVPUQp/IV8+WgMkyqvUkCvomBPLgjT+6oH6VlULgSUUlLWZY UUUUAFFFFABRRRQAVkeKDONBuPs+7dxu29duea16QjIwelAmrqx5foxmGr2v2UnzPMH3fTvn2r1A VDDZW9u5eGCNHPUqoBqYU27kU4ciFpKWkpGh5HonhCz8UeN/FzXl1fwGC8UL9ln8vOQ3XjnpW74i 8Lp4W+HPiBNKur+d5odzG4m8whejY44+XNdbpvh+w0m/1C8s42WfUJBJcEuSGYZxgHp1PStF41kR kdQyMCGUjII9KAOG8nRP+FNjIt/sP9m5zxjzNn/oW/8AWuT0UmXWvh8Nbwbb7DIYhN90yc7evfGz H4V26/Czwwtx5gtJvK3+Z9m89/JznP3M4rb1vwzpfiHT0stStVkhjIaPadpjI7qR0oA5HxqII/iJ 4RazCDUWncSBPvGHHf261N4C2jxn41HAIvkwPbDVu6F4I0bw9dvd2UEj3brtM88rSuB6Anp+FPTw bpMXiZtfiiljv35cpKwRzjGSvQ8UAYfxgMo8AzbN3km4i8/b/wA893P64rN+LI0c/DWPyPs23dH9 i2Y/8d9sV2Xiv7cfDV4NNsbe/uCmPss4ysq5+YfXGcV5Nc+GbTxBBDp2h+ENVsLuWRfPuL7cIrVQ csEyT19gKAOuLrH8ZNF3sF8zRNq57ncxwPyqveXEc/xh1NY3VjFojo+DnDdcfrXW654L0jxHFarq ULtLariKaJzG68eo7VFpfgHQdGumubG1dJngaB3MrMXVuucnk+9AHM/D/TrRvgzIWgjb7TDcvKSo +YhnAz+AFb3wwYn4daPk5xER/wCPGtnTPD1hpGgjR7ON0sgroELknDEk8nnuam0jSLXQ9Lh06wRk toBtRWYsQPqaAOS8KeHp7/xHqPiPxAPNvVuHhsoy4ZYIh0IAOATn/Oa7ms3Q/D1h4dt54dNjeNJ5 mmcM5bLHqea06ACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAyvEmmf2todxbAZcruT6ivANTtmgmdWUgg4Ir6Trzf4g+DmcyalYR5Q8zIo+6fX6 UAeV2uvappZ22l9PEo6Luyv5Hiuk0f4kXMdwiatFG8B4aWJcMvuR3rlLq3KORVTYc4GaYWPdobiC 8t1mt5FlicZVlOQajCYkGCceleP6J4jv9AmJtX3QscvC/KN/gfcV2mhePoL+4kj1MRWh48sjJDeu T2ouQ0eraScWCg44Y1dzWR4ev7a+sX+yzLKI32sV6A4zWrSKQuaM0lAFAxc0ZoxS4oASilxRigBK VetGKKAJR0opimn0AFFFFABXnNzYNLrlzbyuI23NgsOCc5X869GrL1CwjW6N75XmK8flToBklexH uKejTT6ivKMlKO6PN7u1ntJTHLGyMvUGoRMc4Nd1cWANsFkU39l/Cw/1sQ/qKwb7wy5iM+nSC4i7 gfeX6iuCrhnHWOqPdw2Yxqe7PRmWkwPT9anVlbBHas94pIXIKkMOxHSnLOV69a5bHpJ3LxwfrTWT OQcEehqJLhX781KJN3bNKxSZA9un93afaoXtyPunJq/weOlMZB6flS0KVSRmsSh+YECk3jjFXyrY 4qF4I3/hCt6rxTsaKr3KjEGqkzlGYB3jBG5pCMjHoKuywtEeuQelQOvPpVIG7opnBTIVTCPmjWNi rufpxU26TflmdZHGVVkDLH9SP8aUpIrbv3ckhPBYY2j2pPs+0bY3dAx3M4PJP41poYO5Gjx8vG0R jz87hirO47D/APXWlYXT7MTR+UT/AAlgce+aovG5Yn5HCj93GVxg+uaSOPYfMwBKx+Yoc/lmq0M5 c1zdZz27daaAASeMkcmqsE+9MHhh6d/p/jU4bIGKWxmx5bB5rFnky56gl+3PP9T+grUlfajN0wD0 rIYK2DgHHTt+XoPfvVxM2SW+o3MELxQzyIjcOinI5HT3NMikaCaObYD5bBsHnJ4/En+VKhVUI744 xxx7eg96jMvTAyCOO2R/QfzrQyaWpqa1q8mtSQu0AiMYK5Vs5Oe2f51Rj4lj7c8Y/p/U1X84kdR0 78Aj+g/nT4H3zqMn1ORj8/QegpvXUiK5VyxNcPjnPFU9QbIXnBB6defp608uRz7/AOfxqjfS/Mg9 j3/r/WpW47WIWznPPpwfz5/maYRx2+vbH+H86Z5nGP6cY/w9u9IZDn/P+c/yrQhsewA/zz/+s/pT dw9R+X+ePSo92eP8/wCf50Z5z6f5/wA+lMls0LPUJLUheTH3Un/P41sRzxzJviY4/UVy6t9PpViG doHDI31GetZ1KSlr1Lp13DR7HSb+fQ/zpqku7Fug42+lVrW4W5TPQ9CKsnOBn8DXLZx3O3mUtR2e PQDtWXDGkNxsugoUt8rsu5T/APXrTGXBGPmpklsk8LRy9D09Qa6MPU5JHJjKCqw31Rh64JYr798Q zFAdwUAY7cVkhDjcR1rYm0i6knYOC4XADseCKlt/D65DTykj+6ox+tevGMpLRHzkpKLs2U9Hs3uL pccBeScf55r3yy8z7FB53+s8td31xXl9ja+W0cFnFumb7igdD616fYPm2SMvveICORvVgBms6qto XTdyzRSUtYmgUUUUAFFFFABRRRQAUUVT1XUE0vT5Llxu28BfUnoKBN21LdFcjpvjOWe+jiuoI1jk baGTOVz0z611wptWFGalsLSUtJSKOf8AEXjfSPDU8VtdvLNeTcx2ttGZJCPXA6CqmjfEbSNX1JNO lju9PvpP9XDewmMyfTPU1i/DaJNT8R+KNaul8y8+3tboz8tHGvRR6dvyqz8YNOgn8ETaiVC3mnyR ywTDhlJcAgH8f0FAHeZpGbapY9AM15rf634k1LxToWmaVqK2a3+lrcTs0QfYcZZgD37Vc0G/1vSf G934a1fUjqkD2JuoJ3jCOvOCDj8f0oA6zw/4gtPEumm+sBJ5IkaL94u05U4PFadeM6Nqmp6D8NLb V9OmZYLTVpDeRBQfMiL4P0/+vXaeI9fvLnxL4d0fRLnyzeH7VcSIA3+jgZ7+v9KAOyoqlrOpR6Po t5qMq7ktYWlKjvgZxXA2Nv411nw3/wAJGniFba4ljNxBYLbqYtnUKT1yQOvvQB6XRmvKr7xvrutW 3g+TRJ47K41Zp4Z1ZAyB1KqTg88ckVpWl5r/AIY8faZpGpaw2rWeqRuQ0kIRonUZ4x24oA9DoryV /GU/iLWNSLeLrbw9ZWkxgtodqmSUj+Ns9q6r4deKp/Een3kN7PBc3VhOYWuIPuTr/C4HvQB2FGa4 r4kazrOlLokegzrFc3l75B3qCrAqeue3eqN1c+IPBOt6RJqWtHVtO1K4FrOssSoYZG6MuO3Xj2oA 9DzRXlup+MJtY8ValY/8JTbeHtP09/KXhTLcP3PzdhUEfj/U38H+JIl1KC6v9JKGG/t1G2eNjwcd M9j9aAPWc0ZrzGe68ZaF4LvPENxqovp57ZHjtltxttyxHzD1wp/Ok8M6rqd3qeny6T4xt9bhlI+2 WdyixOgPUqOvHpQB6fRmvPRe6/408T6taaXqx0jTNLk8jfFEHkmk78noKgg8Va3ZaX4p0nUrlZNU 0iDzYbxEC+YhHDEdM0Aek5oryeSfxoPAsXi1vESrIkC3H2JbdfLaPjqe5I5r0zSb06jo9neMoU3E KSFR2JANAFyiuB8S3ernX7lL7xJbeHNIjVRbsrRmW4J6k5OVANZ3hjx/dw6D4mlvryPVk0Y5t7pQ E88HIXOPcfrQB6Hq+qwaJpNzqN3v8i2Te+wZOPYVJp99FqenW97b7vJuI1lTcMHBGRkV5Xr+n+LZ vh1dazea8JxdWwlnsDAojWJsHCkcggEVqWmtX+g3HgpnnP8AY2oWaWssZAwku35Wz15z+hoA9IzR XC3viq7/AOE31NYZyNI0KwaW6jUD97KQSFzj0rO06Hxpr/h3/hI4/EK2k8yNPb2CW6mIJ2VieckD r70Ael5ozXm03xA1LVfC2gjSkit9X1m4a2LsMrCUOHYA9fxrX07TPF+i+IbUS6p/bWlTg/aTMiRP A3YrzyPagDss1S1fWLLQtOkvtSnENvHgFiM8noPrXnGpajrI+2T6340tNDu1djb6fD5bhVH3dxzk k1leJtY1HxX8GrPVbq68uRLgRzoiDE5DYDe2OvFAHq0uv2sOv2mkMkxuLqJpkYJ8gUdcnsa081wl ve6rpnjzQNFuNSa8ilsppJnaJVMhGSvTpjgcelZeiyeLPF1/rkMXiE6faWN48UTJArOx7KTx8oGP zoA9Poryy38f6zF4GcTNDLrn9pHS4pSuFLZxvI6cUnin/hMfBun2d0PEjX0VxcRxXG+BVMZJ/hPo eRQB6pS0lLQAUUUUAFFFFABTSAQQRkHqDTqQigDz/wAV/DODUy91pLLBOeTCxwjH2PavKdW8Pajo 87R3ttJEVPBI4P0PSvpQqap3ul2+oRGK6iEiHsaAPm0x/awqyAJKo4bGA3196rC0PmgEMGU17tcf C/QZ3LCO4iJ/55ykVJZ/DXRLS4WZluJ3Xp50pYD8KAK/w102ew0BprhSrXDAqp67R3rsh9KWOFYl CqMAcU/FADMD0peKXFGKAEyKMijFGKAEz7UbvajiigAz7UZ9qKKQCEn0FG9qWjFADd7Uque9LtpC tAEmc0E0wHFBbApgZ9xa+RN5tu4QN95COPqP8KpSSgSgo3lzMcB14yfcdxWlcncKxNQtmdTtz+FC ES3P2C8uHtNThjFyiqxaPrg9D69vesy88GF18zT51lTsrn+RprvbXnlx6tHiSH/U3Ckq6H1DDp9O laOn2lxBJj+1I5Lf+FyNsg46Ejg/UiolThPdHRSxNWl8LOUudHurIkTwSR474yPzquu5e/FddF4s h+2tafb7S5cOYwr/ACFj7H7pq/ImnXG5L/TWhc9W8vj8xWEsG38LO6nm1v4kThg+Oc1JuBFdY/hX TbtCbK6Kk9OQ4/LrVGfwZeR5MMsUg9M7TXPLDVI9DuhmFCfWxz+QtMfDc1oz6BqVuMvaSEeqDd/K s94JY/voy/7wIrJwkt0dUKsJaxZC67kK+vrWfMpwV7itFulU7pcYfB9DREvyKnmHHPWl8wnvxUcn ByKYX2gf5/8A1VoK7Ji557fX/P6UhbGf6/1/wqHf3/Qf5/WkMg4x+nP5f41SRnJssJNslHIweuf6 /wCFaRIHGelY0GZLiMcYDZ9cf4n3rTzgA5H505GUdx84EkDp3I79Kxmfls/juPT6/wCFbkdvLOB5 UUjHttUmk/4Q3WrqXdb2Lqh5zIQmD+P86qCbMas4RerMMv1HbuG/mf8ACmls5zzk8kj+f+Fdha/D PUZMG6ureAei5Yj+n61tWnw30yIKbm5uJ2HULhFP5c/rWypyOWWJprY8yY9/fqefz9T/ACq3pdtJ dSs0UbuFH8ILc/1NetW3hTRLVcR6ZCx9XG4/ma1I447dAsUKRqOyqBV+yMJYxdEeVLo9++AllcH/ ALZmqdx4W1y4leRdLuQo6ZA6fnXsD3SJndKo/GsXUvEzQ5S0iLN/z0cEL+AqoUNdDKeNkeUSaRfQ ybZLWVW9GXFNbTbjaf3bDHtXZXE817OZrqVnkPvUbRg9q6o4VPdnLLHz6I44aZdMflj708aNcnrt GfUiusCgN91QPpSKvPYfgK0WEj3M3j6j6HLDRLsEEbMfWnpo90f7v511YidumT9BTxZ3Ei7UhkYn 0U0vq0Fuw+uVXsjmoNIuonDJIgP0NaYgl24YqPXjitqHQdRcf8esij/b4qyPDsqIWuri1t1HXfJ/ hSdChfXUFi8Qlo7HNgYIXJbParAtWPJ4NarNoFhzPeyXDf3YEwM/U0xvENjACbDTlLH+O5bd+nSt Ywiv4cTCdacv4kypb6VdXZUQRu/bKjj86vjQ7a0BOpX0UOP4FO9/yFcjr/xGvorqSzSOeR1GCiEJ Hj8K4281zX9SYogMCntEMH8+tKVV7BGktz1STxPY2t62maChFwy/vbh+XA9B6V2nhZ4jpASNizKx 8wnufWvEPCmkXFnP58jHe2Q2e+fevZPBcZSynPYsP5VnNfu7lwfv2OlooormOgKKKKACiiigAooo oAKp6rp6app8ltIxUNyGHYjoauUlANX0OR03wZJb36TXU6NHG24KgPzGuuFFApt3JjBR2FpKWikU ee3mh6/4R8UXuseGbVNRsNSYPdWJkCMsndlJ47n86r6nYeKPiHLBY6npn9iaIkiyTh5Q8s2P4Rjo K9JpaAOOm0O8X4oafqMNrjTYNPeAyAjCtnhcZzRcaLfv8VBqq25Nj/ZRg87cMeZuJ24znp7V2NJQ BxHg3wvcReALzRtbtzA1zLOGViGwrHhuCR71ifB3TLmc3usahJ5zQqum2r9R5cfXHt05+td74i8P w+JNNFlcXV3bJvDFraTYx6jBPoc1Z0jSbTQ9Lt9P0+Ly7aBdqL1PuSe5J5oANY01NY0a90+ViqXU LxFh23DGa4Gwm8a6P4a/4RxPDy3FxFGbeHUFuFEWzoGIPOQD+lel0lAHm0Hga/0e88EQW8ZuYtMk nkvJwQArPg5wTkjOenpW14h0a/vPiF4a1G3ti9pZiXz5dwATKkDgnJ/CuwpKAPL7fQdU8H6nqcMP he31/T7udri3kHliSIt1Vtwzj/Peuq8Eafq1np082tw2dvcXEu9be2iVRCnZSV+8a6aigDzz4std o3httOCtdrqIMSucBm2nAP1pZ7XxD411zSV1TRjpGm6bOLqXzZVkM8i9FXHbr+ddbrXh6z12ewlv DMGsJxcReW2MsPXjpWrQB5rPoGpeGfFOqXdt4ct9e03Un88L8gkgk7j5uxz2qO58O+I9S8Ea8LrT bS3ur7aLSwtkjVo0DZwzjAJ/Ht716dRQBzuq2etjwVFBokkcGqRQRgLIoZWwAGTnjn1rhrnw7qvi bWNLlTwlHoFzbXCS3N+sqjIXqFC9c163RQB5+LPX/B3inVrvTNJOr6Zqsn2gpFKqSQyd+vUHNVof Cmt3mmeKNW1K3VNV1e38qGyjcHy0A4Ut0zXpOKKAONuNE1B/hANHW2J1D+zEg8ncM7woBGc4/Wuh 8P20tn4d063uE2TRW6I6kg4IUZHFaVFAHldxoWqaX441fULrwsviGO8dXtJzKg8kAfdIbgdvyp2g eCtYuh4ttNcs4bNdYjRongYNEjcnAA5+XI7dq9RpaAPK78+NrzwVJ4Z/4R0faEhFu16LhPLkjXgb R13EAda3tX8L3Wp/DC10wRbNTtLaJ4VJGVmQAgZ6diPxrtaKAOI8H+ErtPB2pQa9ldS1kyvdnIJU sCo6ccDmszTJfGmg+HP+Ecj8PLdTQoYLe/S4URbOzMDzkA/pXpVLQB5pcfD/AFLSPDGgNpDx3Wra NO1yY3O1Zy5y6g/gAM1ow3Pi/wASa3bF7GXw/p1urGbfMsjzsRgDjsDzXc0UAeQ6BoGuaJY3GnN4 Nt7vVJJHxqs8qNGdxOGOcnjPQVNF4L1w/B2fQ2s9upRXRlSMuuJQHzkHOOffFesUYoA4Gysta1Tx zoOtXukSWMUFnNFOrSq3lscgdDzmtDwFo19pEmvm/tzCLrUnmhywO9CBg8GuvooA8ll8IXqeGNQW 8kt9Ovl1x72wa5lUJIc/KM5/iqr4/wBU8T6lpelw6tpEOmQfbolb/SFkaeTttA6L1PPtXqWvaFY+ I9Kk0/UojJA5B+U4KkdCD2NYemfDjS7DUbe9uLvUtSmtjm3F9cGVYvTAoA62lpBS0AFFFFABRRRQ AUUUUAJRilooASilooAKKKKACiiigApMUtFACYpMD0p1JQAYFGKWigBMCjFLRQAmKMUtFACYpCM0 tFAEL26t0qtLZt2Gav0YoA5u904yqQV/SuR1Pw9dDd5LttP8IJH6V6iVB6iontIpB8yCmKx4c2mX lndRyiJiY3DDIyMivTJHXxjosP2O/msL2FxIDG21kbGMEdxzWzcaLDKDtwPqKwtR8KTOfMtXaORe VeNsEUbhexTGneKrKQKy2Wor0DuvluOMD5l/OtfV9Rh8N6dFd6lqclsrsseCPMAc9cDqQP5VhGfx vpoIiaK9jHQSx5I/EYrifFMXiXxFcI2rRORFnZGke1Vz6CnqgdmeqaPr8ms2xuNLuLTUIVbazKDG QfTB71a/tiKSR4rmyZnjO11XbJtPXkDpxXnvwzu5vDEtzZ6jE8drcsGEhHCN059jW7r3w1tNd1af VbW8kje5+ZtjnBOMZBHqBSb7oEuzOiYaBdEiSO3Vu4ddh/pVe48HaVdqWgd4w39xgwqj4f8ABd1p t0Gv9Uuby3XdiCWQurEjHOfSuW8deMLXwz4gFhpumxTiOMNMfNZdrE9Bj2/nU8lOW6NFWrQfuyOh l+G0Rz5WpSDPTcgNVz8MWJ/5Ca4/65f/AF62PDttZ+IfD9lqYWWE3Ee5kSYkKc4I59MVyN74g1yy u5oF0K/2xuVDLcnDDJ5HH0pexpGyxuJ7mwPhivO7U/w8v/69Sp8NdPQZn1GY+uAoFSeGba+16zkn 1KO8sSpARTNuLccnp61zHjPxNb+Ete/s5bJ9QxGru73BXbnPGAPTBqlSpLqZvGYl9Tq7bwj4Zsn3 PcNK+MHfP/QVpInh20AKxWgx7bqlsdG0i6soLmG2V0mjV1IckHIz6157qQ8b22pTxWuk2HkhyI3W AMMdAeT+NVy0kZupXluzvm8S2UPyW0bEDsiYFINfnmH7nTrmT37fyqbwzbX6aNEdY8o3jHc4jQKq +gAFeefEjxnrum+KHsdDvDDBDEm8Kgb5zknr7EU+aC6Ecs29zvDqGsSf6rTcf73/ANenrHrsy/NN bQZ7YyRUfgjXf+Eg8M208rk3ca+XcKeocf0PWuc8WfD7VtV1qa+0/Wp445sEwtIwCEdlx2/xo9p2 SD2eurOoXStSlH73Vmweypiquo6Ktlp1xdT39w5jUkc8Z7frVHwP4Qv/AA7JK95dyymRQu1pCy4H TrSfFi8Fp4CvIRJia6ZIo1HU/MCf0FNVZCdKJzkGtzQ3JNrPiQDlgQT71Zl8Z3tou67vUCMwVfNR cE+leb+Eo7ixu2NxFIsMg+/jiur1rRYdY07yGcp8wdWHPNdkZxqR2VzklCUJ76G6PHEbD95/Zkh9 1UfyqWLxdbzMRHp+nykYzsJ7/jXnX/CBxKAfNck+tbujaJHpkTBXOOp9zUwhzPWNipyUVpI6m68X 2NpAZbjTLONAQNzE4qGz8e291lrKwsXHqEPFcL45nElnBZQAs7vvbHYDp/OqPhb7Tpjt9pgfyH/i xwKmUoRqcttBxjOVPmvqei6z4/utMsvtBhjRNwU+TEMjP1rl5/jFdtxH9rP1cD+QrTnistSsjFKF eJ/SqaeHNOVAI7eMe+MmnUptu8FoKnNJWm9SpYeOtR1i8EcqNHEepMjH/wCt6Vt7Xdd0mWwOpqvb aVa2rZWMnHPoKZrF/LBYv9ljaWVgVXYuQvuTWlNqmm5GdROo0onEW2rNLrLPcSSOhkOw56DJxxXo No0U8SOh3KR1HSvPbTw5dzsCEdWHOcV0FquqaSuJ4S6eoHB+ornpYhwfvbHRVoKS0Ny/0a1uZvN8 3axGGpYbC2tx8iA49qpw60bgbI7F2kPZeldNofh2/wBTdZLyNraDOdqj5j+J/wAKuVSle5Cp1bWI dK02XUb2O3gXA69OAPU16dp1jHp1mlvFyF5JPc+tRaZptvptv5VrCsank46k+56mr1YVKrn6G9On yeotFFFZGgUUUUAJRRXmHxV8c6loV7b6XpMv2d3j82WYAFsZwAM/Srpwc5cqGld2PT6WvJfhd491 XVdaOkatOboSRs8UrABlI6g46ivWaKlN05crCUXF2Fqlq+qW2iaVc6hePsgt0Lse59h7mrtcH8Zz IPh1deXnBmi349N3/wCqoEZum3vjzxxCdSsby20PS5T/AKOjRiSRwO/T/D6VNYeLfEHhbxLa6L4z 8i4t707bbUIV2gt0AYfXj8e9dv4f8n/hHdO+zlTD9mj2bemNorhfjcU/4R3TQo/0o3q+R65xz/Sg D0OW9toZGjluIkdV3lWcAhfX6U2z1Kz1FWaxu4LhVOGMUgbH5V5br+gQ+JPjJYWN+WNuNNSSdAxH mBSTtPtnFTeJNGsvAnjbw3qOgxmzjvrj7JcW8ZOxwSBnH/Av0FAHTWHjYXnxDv8AQ2ktUs7W3Vkk 3jdJISvGc47kYrR0dtYPiTV1vr60msAV+ywREeZF67+M/nmuF0Twtoz/ABn1m2bT4jBa28dxCmTh JModw565JqumqTaJ4j+JGoW3E8MSGM46McgH8Cc0AeqT6xp1rci3uL+1jnPSN5VDflmrMk0cULSy SKkajJdjgAeua838IfDXQtU8HW13q9u15f6hF50ty8jbwW6YOe1Y2k3t1/wrDxjo13O040pnhikY 5OzsM/UH86APWJdY063eNJr+1jeUZQNKoLfTmrTSIkZdmVUAyWJ4A+teU6F8OdEvvhmt9fW7TajP ZtN9peRiyEKdoHOMDA4qjHb614j+Blgll5t08M5E0Ssd8sSsfl98cflQB61aaxp99IY7O+tp5F6r HKrH8hU8l1BDNHFJPGkkn3EZgC30HevEba48E32oadHHb3vhLVbeVWDlDhvZiT3Pcj6163qXhjTt W1vTtWulkN1p5JgKvheeeR3oA2KWkFLQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAB RRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFF FFABRRRQAUUUUAFFFFABRRRQAUlLRQAlFLSUAFFFLQAmM1G8Ecgw6A/UVLSYoAoTaLZzqQ0YwfSs d/BEMchfT9RvrFj/AM8JMD8uldPRigDmH8K6lPE0Vx4kv3jPGFAU/mOax/8AhUml+YXa5nkJOTv5 yfrXoFJQBzmj6Jd+Grc2+niOe1zuELvtKnvg/wBK1vtMzAbtOnz7Mh/9mq7S0AZ73F8/y29iI/8A amkGB+C5z+lcrc/DK21HUpb/AFK7eeeY7n+UAE13VJQFzG07SrjQ7FLSw8uW3j+5HKxG36HB49qt iXUT1s7cH/r4P/xNXqWlYdynH9tcnzUhiHba5b+grMk8F6RNcvcz23mTyNuZyTya3qWiwXMiLw9b WpLWLNavjG6MDn6joamFrqGMG/THqIBn+daNFFguUfsl2R82oP8A8BiT/CmXGi2d6VN7GLkr0Moz j8K0aKYjJfw1pboU+yIqkYwowKy2+Huk8+TLewKf4I5jt/I11VFNNrYTSe5yf/CvdO/5+7/P/Xb/ AOtUkfgLT0Ybrm9Zf7pk6/pXUUlPnl3Fyx7GQnhfSVUKbOJwOm9c05/DOlupU2iAHsvFatLUlHKP 8ONBaRnSK4iLHJEc7AflSf8ACt9E7ten/t5ausop3YrI5RfhxoAYForl8dmuGIP4Zrah0Sxt0VIo FCL0GOlaFLSuMqjT7Yf8sI/++RSHTLM9baI/VRVukoAgjsbaL/V28S/7qAVMFA6ClooAKKKKAClp BS0AFFFFACVyHjj4f23jHyZxObW9hG1ZNu4MvXBFdfRVRk4u8RptbHE+B/hvb+ErmS9muTd3rLsV gu1Y1PXA9T6121FLRKTm7yBtvcKp6vpdtrWlXOn3qb4LhCjjv9R7irlFSI8w03TfHvgiI6bpkFpr WloT9naSTY8Y9Oo/rU+neDdf8SeJbbW/Gr28cdmd1tYQHKq3Yk/XB6n8K9IpKAPJfFg1gfGm0k8P iF76LTw4jmbCyrltyk+4rWg0DxJ4t8V6fqnie1g0+w0xvMgtI5fMZ5PUke4H5V1L+FrV/GMfiMyz faktzbiPI2beefXPNbdAHnt9ofiXSviZPrui2dteWd9FHDMJJQpjAxnqRz8uaksPBV3P4k8YPqcQ TTtYRY4nVwWIwecdRjPeu/ooA8y0uD4g+FtJ/sSz02x1CKHKWt6Zwu1e25SecZ//AF1as/AF5pfw 41jTVkW71jU1aSZtwCmQ9gT2HrXodFAHPaJpN3ZeAbfS541W7SyMLIGBG7aRjPSuSsPBfia0+Gdn p1ldtp+r2lw0wSObCyjcTtYrx3zXp1FAHleu6N4w8d2ttpmraJYabEkqvNeecJG467QOea7TUP8A hILbWtIt9Ihgk0lRtvZJWG9QOBjn09jXQUUAJS0UUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFF FFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUU UAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQ AUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAB RRRQAUUUUAFJS1keKHnj0GdrcsG43FeoXPNAm7K5ppNFIxWORGI6hWBxT68v0aSZNXtjalvMMgGB 3HfNeoCm1YinPnQtJS0UjQ4HS/FNxb+KPGJ1O8JsNM2NErj5YwV9hnk1mad4x1Dxb8OL5rC9kGvx yfctYvmQGTCAD0IGM9qteGlDePPHYYAg7OCMj7hq98IEUeALZgqhjNMCQOf9YaANvU/FWl+GLS1j 1y/SK5eMfIAWZyAMkAe9XdG17TfENmbnSbuO5iB2sUPKn0I6iuL8U6VdT+Po7/w3qOnnW4bTZJYX gyGjznK+nX/69WPAGpJLr+t2F5okOl61GUku/s77o5c9COeOv60AWvib4sPhfwxKbS5EOpT/AC2+ Vyeo3EduB61meHLp/tmhsPGsl8l08pMMsOPtBAGVXjgKc/nVz4xKp+Hd4xUEiSPBxyPmFV/EiKnx H8EhFVRsn4AwPurQBuXvxE8MaeZFuNWhV45DEyAEsGHXjH61rW2u6bd6R/akF7C9gFLGfdhQB1z6 VxXw1020m1LxVdS28Ukzam8RZ1B+UDOOfcmuHvRLb+AL+0tvLW1HiNonVyRGEzwGx/DkDNAHrWl+ PvDms6gLKx1SJ7hzhFIK+Z/ukjmuiryPxdpfiCbRrMarJ4T063hmja2uYGlVlYdAhweor1mEs0KF yC5UZI6ZoAwdY8eeHtCu2tb/AFFFuE5eNFLsv1wOKvweItKudFbV4r+BtPVSzT7vlGOuff2rz/R7 2+1LUdam8G6Hpsdq9263V9qUzOZZB947RyBznHTmsPw5Z2eo/DPxFZ6nqcFjE+qEJcDPlBxggAf3 SRQB6ZpPj3w7rl8tnYalG9w/3I2UqX+mRzXQt90844615Pd3eq6FqGijxjo2mXtqtwkdrqFi2xkY 9Dt4yPwAr1eT/Vt9DQBy+ga7a2Hhe41DVfEEV9BHcyKbtl2BeeExjkirmieNtB8RXRttN1BJbgAt 5TAqxHqAeteaaZp9rqfw3S3n1ODT7n+2pHtWnGUeUNwpH41swX+o6b4z0SHxhoentdTOYbLUbJ8f MeOV9OfQdaAPUK5Hwjqt14l1rVtW89xpcMhs7OEH5X2/ekPqSentXR6qZF0i9aHPmCByuPXacVxf w91C20T4PW2oyMNkEU0sme7B24/lQBk+NPGetWviu4k0WY/2XoQhOoRqARKXbkdOw4/A16LearHD 4en1W2HnRpbNcRgfxjbuFeV+GNN8XXXhjUHj0fT7qHXy88ss9wVcq4wOPbtWx4C8TtpHgbU7PV4J Jbrw+zRzQoAzNHnjGeo6/gKAE8O2fiXxjosetJ4ya2mm3MltbQoY4eeFbv2711fg/UdYudGlHiS1 NveWsjRtKV2rMo6OPauXtPAPhzxHYxa54av7zSXuF83NrNhUY9mXtj0BFZ1v4s1SPwH4msb68W/u 7Ob+z7a6T/luZPlHPcjJNAEd/wCJNdfwbbapb6nPbvq2sssDAA+XASVVQCPYmukvPCniq1s5Z7bx xctJGpYCa1jCHHPJ7VkfEfSE07wP4a0qN2QRXcEO9OCDjBYe+eaqeOfA2o6RpP8AaEGtavqtjAwa 8tLi4O5o+5BGPx4oA1o/iJfP8JH8RCBDqCN5Bwvyb92N+PTn86VdA8XPow1bT/GT3l4YhKIRChhk OM7R9elXZfEHhjSvhzYzw2Jm0G52wGJVBEe7rvyexzn3rOvPhtp9lYyap4V1+80vbGZEKXG6EjGf rj8aAO58P3t5qOhWlzqVo1peSJmaFhja3f8ADvUOu+KtI8NiP+1b1IXl/wBXHgszfQDmqHw71+78 SeDrS/vwPtBLRu4GA+043fjWH4t0q4ufHlrfeHtTsBrkFptaxvBkPFknI9Dyf8aAOmh8aaBc6LNq 0OoxPZQELLIAf3ZJAGRjI6itC51axs9JbU57hEsljEpm/h2nof1FcF4Z8jWr/wASaDq+hQabq9xA PtbW77o5VIwGHJwRnP41zlrf3OuaFo/gSYn7ZFftb3g5yIIjnP0PT8BQB6ZeeO/DtgP9K1SGImFZ wrA5KN90gY5zULfEXwuulrqB1eAwM2wAZL7sZxt61gQ6da3PxyuBNAki2ukq8KsuQp3Bc/kTUfg7 SrIfFLxc/wBmhJiaMICgwu4ZbHpmgDsk8VaNLoJ1pL+JtOXhphnCnOMEdc1Th+IXhi41IWEWsWzT ngc4Un03dK82ZFg+HPjqCIBYotVkVEHAUbh0/Ktf4g6Lp8Hw00OKG1ijC3FsoKqAcMp3c+9AHa6Z 478O6xqn9nWGpxS3P8KjID467SeDUuueMdD8OSpDql/HDM4yIgCzY9cCua8b2NrZeIfBjWtvFCUv /LUxqBhdvT6Vg6Mmv3PxA8Vy6TFos10l15bf2kXLrHzt2bf4cAfpQB2fiLxxYWXgm51vS723nypS 3bllaTspH+OKTQ/HmkTeE9O1HUdTiVpQsEsjAqPP2BmXpx/KuFGn3Nnovjr7VdaS7SQiSS009mKQ S9zhhxn61b8T2kN34E8B27opimuLYOAOGBj5oA7rTfHvh3VriCCy1OOSWdzHGu1huYDJHI9K1L3W LHTru0tbu4WOe8cpBGeS59q5L4k6EkXhZNS0m3jhutInW9jESBchcbunsAf+A1U8O3sfjf4iPrcR 3afpVokcGeR5sg3N+IBx+FAHa6/I0Ph/UJFvBZMkDkXJXPk8fex3x1rLj8UaZoXhjTrrV9YjmE0Q 2XG05uDjqFAzU3jr/kQ9d/68Zv8A0E1wZ0p7/TfB0+lanZW+u29lm3tbtcpMhHPY4PWgD0XQvE+k eJIpH0m9juPL++oyGT6g81a1PU7TRtPlvtQmENtFjfI3QZIA/UiuG8I6nInjy7sNc0O1sNeltQ5u LR8pNGCOozx0/StX4r/8k01j/dj/APRqUAWo/iJ4Xl1NbCPV4GnZti4ztLdMbumalubll8e2dv8A 2yI0azZv7N2cyHcf3m7Hbpj2rkfH2k2Vl8HoBb20UZgjt2jZVAIbjJz6nJqzdM//AAtnR2Xl/wCw XI9zlqAOj1Tx/wCG9GvzZX2qRJcKcOoBbYf9ogcVoX3iHStN0pNSvL+CKycApKWyHz0xjr+FcZ8L rPTbz4f3Et9FDJJcSzfbmlA3ZzzuPXpXM6kbW41/wja+E/skumIk5s11JpPJaUMd2c8k5xj3oA9S 0LxdoviR3TSr6OaWMZaIgq4Hrg9q2q8tew1sfETQrrWLjw7ZXallEVm8gkuIyDkEEc47V6grqzFV YEr1APIoAralqdnpFjJeahcR29tH96RzgCsrRfHGgeILs2um6hHJcY3CJgVYj1APWs/4l6fZ6p4c htbrU4dPlN0jW0kwyjyjOFI9Dk1zqX2paX4u0RPGWh6fJO8pis9RsmwQxHde459BQB0+l63b2DeI bvUdeS7trW8IZdhH2MZx5Z45+tTQ/ELwvPqS2MesWzTtwOTtJ9N3TNee3f8AyLPxK/7CTf8AoVX/ AB5o1hb/AAn0ZIbWKPEltgqoB+YfNz75oA7fTvHfh3VtW/s2x1SGW6OQqjIDnuFJ4NZGp6pc2qeM pbbXfOltLTzIrVUwbNgjEHOOc4z+FVPHNja2Op+DWtLeKEx6ikamNAMLt6fTism6/wCQr8T/APrw X/0W9AHYaP4otbDwLpWqeINQSJpoELyynl2I7AdT9KtaH420LxFdNa6bfpJcKC3lMpViPUA9a4Jr 6BNH8E2dvpC6nrLW3mWizTFIo+OWYdD/APWob+11+LvhxtcTS4bpo5cR2G75V2nG8nr3oA7e5+IP hmzvDaz6tCs4mMLJgkqw9eK2dU1GDStLuL65kEcMEZdmIOBXCfDzS7O58QeLLqe2ilmGpFFZ0BKg c8Z967++UNYXAYAgxtwRntQByXw98bxeJPD81xqF3D9st2d7gAbFij3Hb14xgVfsfiJ4Y1HUFsrb VoWmdtqbgVVz6AkYNeZsXj+AaGP5UkvylwyjB8vzT1/HFdn8R7DRoPhjcNDFbxxwxxmydABhsjbt I9qAO+rybTfGesQfFq5sb+7d9IkuntI0bAVHxle2fb8a9L0N5pNCsHus+e1uhfPXO0Zrya+0yTUI vHU9sP8AS9P1GO8gIHIKDJ/TP5UAdl8UvEd5oPh2KLSZWj1G7lCRMuCVUfMx59hj8ag0qy1/xT4P 0O+g8S3FhM9tmcpCr+axPU5rBl1SPxxfalrEXzWel6KUj9BPKmW/IcfUV2vw4/5J7on/AF7D+ZoA 4zw1aeKtf1TW7RvGN3D/AGZciAMLdD5nXn26VvWWo6rafE+00K41KS5tk0kPJuUDzZAcbzjoTUXw 4/5Gbxn/ANhEf+zUkhA+PEeSB/xKT1/3qAO/Y7VLYJwM4HWvMPDkniD4gQ3Opr4pfTFSdkjsrWJW MYHTdnnmvSbq6W1tJ59pk8qNpNics2BnA9687sfCnhbx9anXtGlu9KupmJk+zShHRwf4l5A9eOua AOk8G3XiDdf6d4kjMklnIFhvgm1blD3+o/rWIItb8W+KNbbTPEFxplnYTJaxiOMOrsFy/B7gmoPC viHUNE1DxJpOran/AGpb6PB9ojuj94DBJRj6/wD166D4b2Mln4LtJrj/AI+b5mvJj6tId2fyxQBy On2niu+8a6poJ8Y3aLYxJIJhboS+4A4x261f8UnxBpUnhnRbfxDcfaL24kjmvPKXcw6j5farWgf8 lm8T/wDXrB/IVV+KNgmqeIvClnLLLEk106l4m2svA6HtQBF4gPirwHbwatJ4k/tW2E6Ry2txAqlw xx8pHOa9LjfzI1faV3AHB6ivJPGfga08K6SNfs9au5bqwdZIor6QTRuc4xgjrXqGk37X2kWN1cKI priFJDGT3IycUAXTXl3irXtQn8a6lpsviFtAtLGzFxblUH+kNjJyT1+gr0+R9kTOAWKgnA714tD4 buviXo2o+I7vUgNUt5mS0tyQIoFQ52MPf1oA9K8B6rf614N0++1VcXUqHc2MbxkgNjtkUnxA1G60 rwTqV5YTNDcxRgpIuMryPWuc+GvjjUvF+pXkV2tpBb2kCKIY8bi/QsP9nj8K2fih/wAk71f/AK5D /wBCFAF5fE1hpmkaS2rXqpc3sMexSCXlYqM4A9zVe01NLbxLr73WurNb2scbtZlMfYxtBJJxznrX DeChNpXjayPi1I5bzULKM6bc5ykYC/6sDoDjH4/WrU//ACNPxH/684//AEUKAOsf4l+FI54ojrMG ZQCCASBnpk44rZ1bXdN0PTvt2pXcUFscbXJzuJ6Yx1rgbfSLFPgG5FrFubTWnLbRkvjduz65qnCI 7rW/h5FqWHtDYFkWTlWlCjGR0z0xQBsP46h1nx34ct9C1PzbGcTi6hUY+YLldwIyK6HWfHnh7Qbt rW/1FFuE5eJFLsv1wOK5vxBa2UHxk8MPbJGlzJDN5wQAEgKdpP8A49+VUtIvb/UdT1qTwdoemx25 umW5vdSmZzI46kKOQPbpQB6PperWWtWKXmm3MdxbvkB0PGR1H1rjvin4wfw7pUFnYXwtNRupUG/Z kpFk7nHGOoxVX4MEjRNYUtGwGpSf6r7nQcr7elWvi2inRNIYqpP9r24yR2+bigDU8JatYx2tpp39 vyatdXKNcRSzJtZ484P4Ag1svrenx6s2mPcqL1YPtBi5z5ecbq5G8CQ/GzTFwqK2mSKo6AnPQVWu 545fjPeKjBjFojK+OxznH5EUAbsvxM8JwiEtrMBEoyNoJwPfjj8a27vWtOstJ/tO5vIY7HaHE5b5 SD0x65rz/wCH+kWLfB64Z7WJ2uIZ2kZkBJOCBz7YFYVrtn8KfDuG/KnTnvHE28/KSGO0H2oA6TWP iFa6prXhyHw5qu5Jr8R3cSrhmQ4xkEZwfUV1et+NNC8OziDUr9I7gruEKgs+PXArlvH9nYw+M/Bs sUcSXjXwX5QASmR19gahS9ur3xrrn/CIaFYy3UcixXt/qE7FSwGAFUcgcdvSgDtbPxVo+oaLNq1p fRyWMClpZBn5MDJyOvSs9fiN4Wa+itF1m3MsuNuM7cnoCegPNed6F5q6H8Skna2aUI+/7KMRbtr5 2j0q9rekWVv8AoGjtolcQxTbwozvLDJz+JoA7uDx74budZGlw6rA92W2KoztZvQN0JqfXPF+i+HH SPVL+OGVxlYgCzkeuBXF+PtNtLDwj4aFrbxxGG9tgjIoBHHPNUNPTXrn4m+KJNKj0ea7jkVMakXL LF22be3r+FAHpVr4k0m+0aTVbW+ilsYlLPKpyFA65HUVlP8AErwolxFCdZgLSAEEZKjPTJxxXE2d jd2Q8bm6u9J8yazLT2WnO5WKTHXDDjIz361oJpFjH8A2K2sW5tN+0FtgyZMbt2fXNAGt428ew+Hd Z0a0jvIo455g92ShYrDjgg+5rc1XxnoWiwwSX+oRx/aEEkKAEs6noQoGcVw+oBXtfhu0gVi0iAlh nI8sVd1K+kn+I97B4Z0O1utXt7ZEubu9mIjjQ4IVU/Ecj3oA6i28Vabrug393ol8kzQQuTt4aNtp IyD9K5i01PW734Sadr0N7LJqVruuZM9LhVdgyMB22/yrJ8MC6Txh4zW+ay+1HT8zCyyIg2DwM85r pfh6Fb4QWSyfcNrMG+m56AOr0jU4dZ0i11C2OYrmNZF9sjpV2uJ+ELMfh1Y7iSA8oUn+7vOK7agA ooooAKKKKACiiigApGAYYIBB6g0tJQBWg060tZDJBbxRuerKuDVkUZooBKwtJS0lAGVYeG7DTtW1 LUoFk+0aiVM+58qcDAwO1V/D3g3TfDFzcy6YblVuDlonlLRrzn5V7dazL34o6BY6jdWMn2157WQx y+VbMwDD3FaHh/xzonia5kttPuW+0xjc0E0ZjfHqAevWgA8Q+CdL8SXcN5dfaILyFdqXFtKY5Nvo SO1T+HvCmm+GEn/s9JDLcNumnmkLySemWNbOaq6nqlno9jJeahOkFvHjc7dMk4A/OgCvr+gWfiXS ZNO1ESG3kILCNtpyDkc0288OWN/q+nalOJPtOnBhAQ+B8wAOR36Vpo4dFdejDIqqdWshq66X9oT7 c0XneSPvBM4z9M0AV9G8P2WgtetYiQG9nNxLvfd85649BVW38GaPBpmoaebdprXUJmnnSVt2Xbkk elW9H8QWWuterYs7GznNvLuTbhx1x61pZoA5Cx+GGhWd5b3Dm9uxbENBDdXBkjjI6YU+ldfRRmgD kLj4Y6FPf3FyjX1uty5eeCC5ZIpCeuVHrVu18AaDZ6XqGmxWh+w37+ZLAzkqp7Fe46D8qW68d6Tb eJV0JRc3F7vVHEMJZYy3Tce1dHQByWnfDTRNOvbe5Zr27a2O6BLq4MiRHsQvTiutK7gQehrN1bX7 LRZ7GK8Zw99N5EO1c5b39KTT/ENjqerajptszm505lWcMhABbOMHv0NAGd/wgOhnw9LorwSSWckz T/NIS6ue4btUej/D3R9H1KK/DXl3cwAiF7ucy+V/ug9K6msq88R2NjrtrpEzSfbLqN5IlVCQQoJP P4UAahGQQeQeted6T4VhH9s+DNTS5/sx5Re2kkRKho2PKFunysOldloHiCx8Saeb3TmdohI0ZDpt YMOoIqpovjLSPEGq32nafM73NkSJQyEDhtpwe/NAGzb28drbxwQqFjiUIgHYAYFZUHhXTbfxDd61 GkguryPy5135jkHTlfwpt74v0uw1a606Z5TcWlobyYLGSFjHfPr7Vd0vWbTV9Hh1S1ci0mQyK8g2 4X1OenSgDmJvhN4dkuJZIPt1okrFnhtrlkjOfatNfAujRWGn2NvA0FrY3K3SRo335F6Fz3qxoHiz TfE0tyNKM8sVu2xpzEVjY+isetWNX1+z0NrNb0yA3k628WxC3zt0z6D3oAbr3hyx8Rw20eoCQrbT rOmx9vzDpmtN0WRGR1DKwwwI4Ipc0UAc/pXgjRtI0y806CB5LG7YtJbzPvQZ/ujt/wDWFY4+EPh0 fJu1D7NnP2b7U3l/lXXanqlno1hJe6jOkFtEPmdug9Kq3viOwsNT02wneQXGpbvs4CEg7QCcnt1F AF+0tILC0itrSFIYIlCpGgwFFYviLwXpfiW5gursTw3cAKx3FtKY5APTI7Vv5ooA5zTvD+l+B9Ov 72yt7q4lZTJPIWM082B056/SsHwPpb6p4v1jxdPp0tilziG1jnTbIQANzkds4Feg0fWgDMj8P2UX iWXXVEn26W3FsxL/AC7AQenrwKTT/Dtlpus6hqluJBc6gVM5Z8r8owMDtVfw94y0jxRcXkGlztJJ aMBIGQr3IyPUcVDr/jnSvDl+tpfJeGVkDjybdnXB9x9KABvAukNpeqaeVn8jVJzcXA83kuTk4PYc Vb1fwxYa3pNvp14JTb27pJGEfBygwMmuej+L3huZS0X9oOAcEraOcH0rotL8TWOr6re6fbCYT2Sx tLvTaMOMjFAEmq6BZ6zdWFxdiQyWE3nQ7GwN3v61m654D0nXdR/tCU3Vre7djT2kxiZ19Djr0rpM 0ZoAwdN8FaNpWh3OlW9sTbXYIuC7Fnlz3LetVLX4daNaWFrZq968NpdC7hEk5bY4GAB/s47V1OaK AOf8Y68ND0kg6Zd6i90rxJFBEXBJHRvQHNVvhx4afwv4PtrW4QLdykzXA9Gbt+AwK6migCtqWnw6 tplzYXQYwXMTRSBTg7SMHBrD1DwBoupaXYWUsc6DT12208cpWWMf71dHJIkUTSSMFRAWYnsBXHwf FPQblJJY1vjbrIsYm+zNsdmOBg/hQBqeH/BmmeG7ia6tPPmu5lCvcXMpkkI9MntV/XNFtfEOj3Gm X4c21wAHCNtPDBhz9QKvg5APrRmgDK1fw3Y63oP9j3gkNptRcI+GwuMc/hR/wjdj/b9rrGJPtdtb fZYzv+XZz1Hrz1rVooA5HUPhloWoXlxcf6ZbC6bdPDbXDRxynuWUetaOpeCtE1TRbbS5rMJbWuPs /lMUaEjupHOa3aqNq1kurppZuE+3PEZhD/FsBxu+maAMbQ/AekaFqR1GM3V1fbdgnu5jKyD0GelJ 4e8Pzad4o1/UpE8uK+kTyl8zeWAHLH0yTwPatTSdes9bkvY7MyFrKYwS70K/MPT1FaNAGfruhWHi PS5NP1OHzbdyDjOCpHQg9jWNpHw70fSdShvw97d3MAIha7uDKIv90HpXU5ozQBzz+B9Jks9YtmWf y9XmM11+85LE549Ks6r4W0/WdEt9KuxKbW3MZQK+G+QYXmtjNGaAMzVvD9lrUthJeCQtYTCeHY2P mHr61Wfwfpkk+syss2/WYhFdfvOqgEfL6cE1uZozQBzOofD7RdQ07TrSQXMZ05dltPFMVlQem6o7 L4b6HY6jaahGLt762k8wXElwzu5xjDE9R7V1TMFUsegGTWdoWu2fiPTFv9OZ2gZ2QF12nKnB4oAb pHh6y0Oa+lshIGvpzPNvfPzH09BWmyhlKsMgjBFGaM0Ac1pngDRNKS/hgime1vwVmtpZS0WCc8L2 qpZ/C/QLS4gkb7ZcxW7b4be4uGeKM9sKeK7DNFAABjp0rK0/w3YabdanPAjltSffcB2yGOMcDsOa fqGv2emapp+n3JkFxqDMsAVCRlcZye3UVPa6tZXt9dWdtOsk9oQs6r/ATyAfegDL0nwVpGiaDd6R ZRyra3ZYy5fLHcMHn6Vp6RpdvomlW2nWYYW9umxA7ZOPc0ms6vbaFpU2oXpcW8Iy+xSx646U067p 63NhbvcKtxfrvt4iPmcbdxOPYUARaR4dsdEvNRurMSCXUJfOn3vuBbnp6dazNf8Ah/o/iPVl1G9a 7S5WMRBoJynyjPp9a6fNc5B470q78TNodqLme5RzHJJHCTGjAZILfhQA3QvAWl+HtSF9ZzX7yhSg E1yzrg+xqpqHwu0C+1CW8iW6spZjmQWc5jVvwHFdhmigDmovAGi23hu60W0hkgt7vHnyI/72TkHl j9K6KGFLeGOGJQscahVA7AcCn0ZoAy7Xw7ZWfiG81qESfbLxFSUl8rhQAMDt0qt4l8Hab4r+zf2l 9oBtiWjaGUoQT1/lW7mqmqarZ6NYSXuozpBbR/eduntQBy8Hwo8NxXMc00d3dmM7lS5uWdc/Sruv eHZdT8U+H72GMLFp8jvJJ5mAF24Che+TjnsBWle+IrCw1XTdOneQXGpbvs4VCQdoBOT26itSgArk NQ+F+gahfXFzi7tvtJzPFbTmOOU+6iuvzRQBzth4D0HS9YttTsLP7NcW8RhURsQrD1Ydz71qazo9 tr2kz6dfBzbzja4RsHrnrV6jNAGHrHhDTNc0uzsLxJfLsipgkjk2yRlRgEN+Ao/4Q/TDd6rcsJzL qsSw3JMnVQu0Y9DitzNGaAMpfDdivhj+wAJPsH2c2+N/zbMY6+tVr/wXpGpeH7XR7mKQ29oFEDh8 SRlehDdc1vZozQByumfDnRdK1a21SNr2a+gLETz3DOzZGMHPUAdPrUVz8MdDnv7m5Rr63W6cvPBB cskUhPXKj1q/4k8baX4Yube1vPtEt1cKWjgt4jI5Ud8D/PFbsEwngjlUMqyKGAYYIyM8igDK8P8A hXTfC4uk0mN4YrmTzGjLllU/7IPQVLrvh+y8RW1vBqAkKW9wtwmx9vzrnH4cms7R/Hmk67rcmm6a LmZoywM4hIiyvUbq6TNAGF4j8G6X4okt5b5Zo7i2z5M9vIY5Ez2yKraR8P8ARNE1Br2zS4+0vA0E kkkxYyBjkls9W966ajNAGVpXhux0fw//AGNaCQWe1kwz5bDZzz+NVf8AhCdGbwrH4ekgaSwjB2B3 y6nJOQ3Y5Nb+aM0AchafDHQ7W/tb5nv7i7tZFkilnuWcjHRee3tUupfDrR9R1afUfMvrSe4/14tL loll+oFdVmjNAHM2Xw90LTbbU7eyglhg1KEQzxrKdu0AjIz0PJ596uXfhPTrzwsvh+ZZfsCosYAk +bCnI5/CtqjNAGTrHhqw1yxtbO9EhitZElj2Pg7l6ZNU9d8DaTr9+t/N9ptr5V2faLSYxOy+hI61 0VFAHP6b4H0bStFvNMtYZBFegi4kaQmSTPct+NW/+Ecsf+EX/sDEn2H7P9nxv+bZjHX1rVzRmgDn tU8D6Rq+i2OmXKziGwx9neOUrImBj730qpe/DfR726huhNqFvdRwrC08F0yPKqjA3nucAc11lGaA Oa0v4f6Ho11PPYRTRNcWxtph5pIkB6sc/wAXvVPXrD/hG/A0Xh/w/DM8tyfsdsDl9m8kszHsACxr sqSgChoOkxaDodnpsBzHbRCMMf4j3P4mtCkpaACiiigAooooAKKKKACqmp6hHplhJcygkJ0Udz2F W6patpy6pp0ls7Fd3Kt6EdKEJ3toc/p3jNrm+SG6t0jjkbarITwT0zXWVx2m+DZ4b+OW7mjMUbBs J1bFdiKqVuhFPmt7wtJS0lSaHkOgeMdO8LeMfFyahDdyGe+yvkQGTGN2c+nWr1hNL4w+J2n65pml 3dlp+nwOs1zcReWZiQQAB361u+CNIvtO8S+K7i8tXhivL1ZIHbGJF+bkfmK7IjII9aAOU+H+uX2u +G7q71CUSTR3c0SsFC4VcYHFcH4g1PV/EfwdXUbu/XKXpSZBEP3oEoCc9sdfetnQ18UeE7bU9Ct/ D0t2Z7qSS1vFlURAP3b0xwarweEtbPwWm0hrJhqa3Jm8gkZYCUNx25A4oA9G0C3vLXRbaLULwXlw FBMwjCZHbgVwElhqrfHFvL1YIfsQlz5AP7nef3X/ANlXe+Hb66v9GglvtPm0+cDY0EpBIxxnjsa5 fWLXVtN+KVtrVrpU19ZT2S2jtCwBiO8kk57YIoA5zwpYeI9S1TxNFomqw6ZapqTs0hg8x3k/u+wA A/Or8fxI1Ky8BXN1fLbvq8N+2nK5+WMuD98+wGfyroPAOk3ulTeITfW7wi41N5YS2PnQgYYVyp8C 6tqPhbWIDaLFeJrUl9axz4KzLnp9CPWgBLjxlqPhs2t/J4v0nXYnlVLqyiMYZQepj2nPFerk+dAT E+C6/K2M4yODXl722p6u9paad4DsdJnLqbq7uraJo0XvtAHNepIoRFUAYUY4GKAPJ/CNnrNr4v8A F9wdXV2tHU3P+jgfaDscqf8AZxjt1rqfDmvahf8Awu/ti5mDX32WWTzNoA3KGwcfgKi8O6HfReIv Gj3Nu8MGoyJ9nkbGHGxgSPpkVzmmjxbpfgu48Jx+HJXuAkkCXvmqIdjZ+b64Jx+FABfandazoPw/ v76QSXM+oBpGAAyeR0/CtzwX/wAlH8a/9dYP5NWXH4a1ceGfA1ubCXzrC7D3ScZiXJ5PPvW/4V0m +svHPiu8ubZ4ra7khMEjYxIAGzj8xQB2NcD4g/5LL4Y/69Z/5Gtbx1BrzWFnd+HGd57S4WWW2Vtv 2hO61i6Ta654m8f2ev6npL6VZ6fbtGkczAvI7Ag9O3P6e9AFLRtRHg288c2jjalqTfwAnqHU4H54 /OszwzpT+EtZ8Hag6sG1i3eC7Ynq7/OmffkflWp8R/B2qaz4psZtLgd7W+jW11BlI+VBIGyfw/lX Q/ETQrrVPCirpERa/sZY57VV65U9B+FAHL2anVY/iFr5O5ZI5LOBsfwRoc4/T8q5O28TXGo+FtA0 a4W6sPDauLa+vVX/AFr5J257L0/yK9L0rw9eaf8ACifTWgY6jcWkzyRcZMrgkr6dTipvD3hZbz4Y Weg63amJmtyksZA3I2SQfqODQB02l6fZ6Xp0Fpp0SRWsagRqnTHr7/Wub8eazeaPN4fWzdFF1qcU Eu6MNlCecZ6fWovh7Hr+kw3Gg67bSPFZEi0vsgrLHngdc5Hb2+lO8f6TfarP4dNjbPOLbVIppiuP kQHlj7UAZMmp+Kdc8f67oWmapDY2VmI385oA7oCinav1JJyfStXwFrmq3l9rWja5NHc3WlTKguET b5isDjI/D9ad4e0m+tPiN4nv57Z0tLoQ+RKcYfCAHH4ik8KaTfWPjfxVeXVs8VtdyxNBI2MSAA5x +dAFD40w3MngaSSG5EcMcq+bEUz5mSMc9sHmsXxbb61a614GghvornViZ1S5ki2qM7MEqPQH8cV2 PxK0a813wRe2enR+bckq6xg4LYOSB71i3Ftq+ueIfBupSaNc2i2bTrcpIVPlcKATz0OKAH2GpeIv DvjrT9E1rU4tUttTjdo5BAI2jZRk9O3FZTeM73xHquomDxXpvh+ytJjDbxzbDJMV/ibcR8tdJ4g0 m+uviR4av4LZ3tLVJhPKMYjypAzXM23h+58I6jqdvceEItfsridp7W4jijZ03fwNu5AH+etAHV/D 7xVN4m0y6S9eCS8sZzBJLbkGOYdnXHY1J8Rte/4R/wAF3s8bBbiZfIh5/ibjP4DJo8B6dqNlpc82 rWNjYT3Mu9La1hVPLTsGK9TWd4r0G88U+N9Is7qyZtCs1aeeRsbJXPAXrn/9dAHJ2X9neBfEXha7 sr61liubcWOoeTKG+c8hzj3P/jtey4HoK4bxR8M9EvPDl7FpOlW9vf8Al7oJIxht45Az74x+NdB4 Sn1CfwxYnV7aS2vkjEcySYySvGfx60Acz8HgD4b1Tgf8hWf+SVvatajw5Y69r9jFJdajLD5m1znO xTtUD0HJrO+GGkX2jaFqEOpWz28smoyyor4yUIXB4+hrpdaTUH0e6XSJI47/AMs+Q0gyu70P16UA eaaB4g8Q6nHZXum+KtP1O6lZTc6XLGsRUH7wXPPHtXq46DPBPavGdX0LU/Etnb2y+C207XA6eZqa MscakHl/l65r2OBGit40dt7qoDN/eOOtAHAwah4l8a6pqh0XVItJ06wnNvGfIEjzOvUknoKjvfFf irT9E03Tbu0gh8R6hdm1ikJUxlBj97gfXpRp8eu+A9S1a3ttDuNWsL24a5tpLd1BRm6qwPSq974d 8W3uk6drt35dxrljetdx2RKgLEcfugRjnigC1eah4m8D6jpk2sapHq+l3twttMTAI3hduhGO3X8q Y2peKtd8ea9oem6pDY2Vn5bCYwB3UFB8q/UknJ9KXVIdd8f32mWdxok+kaZa3C3VzJcupZyvRVA+ p5961vDulX1p8QvFF9cWzx2t2YfIlOMSYQA4oAwrPVfEGraB4o0W+1GNb/SWKm7SEfvYypONvYkA 8+9ZOl32seHfhNpV7FqEckdxcwpDE1uv7lS7bhk9c+tdLpmh6lDq/jmWSzkWO/x9lY4/e/Iw459x WbeeG9Xk+EmhaWlhKb63uYnlh43KA7Ek8+hFAFnWdU8U6l8RLnw9oeow2dutolw0jwhinrj6kimT 6j4uvPG8vhuz1a3hEVlFLPdNbhiGx8xVfcn8K2tP0m+i+K+panJbOtlLpscSTcbS4Zcj9DS2GlXs XxV1XUntnWymsoo45uNrMMZFAHPaLfeNtd1HVNBOsW1s+lSbZL4W4Z5c/dG3oOmc9at6J4p8Tan4 GvntooLjWrO8azMr7UQAYzIQSBwDWv4U0q9sfGPiq6urd44Lu4jaCRsYkAUg4ri7nwj4hl8GatbR 2Mu59ca6e2LhTcwY6Ag9zj8qALF/4p1bw1qenOPF9hrfn3CQ3NmiICoJwSNpJFWrmw1V/jivlasI ybESg+QDiHef3X8/m96y9b0TUdSsrIaD4HOmW9pcxzS7hGJ5cHovcgd8n0rp9ZtdX0/4nWOuWmkz X1nLYi0k8pgGiO8kkg/UfrQBRXx5eaVoniq/uFjmltNRNtaIECjJxjOOvr+FO1N/G/hjRR4gu9Xt 74RBZLuwNuFVUPUKw5yM1XPgbUtV0LxXZSRG2nuNT+1WbSEbZNuMH2B5FT6vfeLPFXh/+wP+Ecls bi5CxXV3M6+Sq/xFcHJzigCbW/Emvah4x0fTPDl3DbQalpwuC80QfyuSS3ucADHTmrHhzVtd0zx3 N4Z1y+TUUe1+1QXAiEbDnBBAp8Xhy7sfiNok0Fu76fZ6SbVp+MBgTgf59ank0m+Pxdh1QWz/AGBd NaEz8bd+7p60AdFrs9/baLdS6TbLc3yp+5jZgqlvUkkcDrXl+u+Jtd8NWMWpSeMdOvr5WXztMRI8 YPUDBzx613fxC0vUdZ8F31npBP2pwp2htpdQQWXPuK871bw/f6n4SbTdD8Cf2dMqqZ55tnmPgjIQ 9SSeevSgDqfEeveIZfGekaRoNzDbJqFmZXaWIOI+5b3IHan6Fq2u6N44l8Pa9qEeowPZm7huBEI2 XBwQQPx/KpE0nUJfiB4d1I2UqWsOmNHM7Y/duV+6eetWL3Rry4+KttqH2Z208aW8DzcbQxY/L+VA GLpl94v8X6dda/pmpwWVrucWdi0AcSqvHzN6mtL4PFj8P4C4wxuJsj0O81m6IfE3gvTbjw7baDNq ASR/sN5G6iPa3TfnkYJrd+GOl3+j+C4bTVLdre6E0rMjY7sTnigCPxfr2rLr+m+HPD7xQXt8rSyX Ui7xDGO4Xuap22q6/wCFfFum6Vrl+mqWOqEpDcCERvFIOxx1Bqz4w0nVbfxLpfibRLX7bLZo0Fxa hgrSRt3UnuM1USz1rxl4v0rUb7S5dJ03SiZUS4YGSaQ9OB0AxQBkaRqfjbxNpeqXtrrNvaRafPKs S/ZwzTlSTgnsMYFNTXfGer+CG8Vxapa2cdvGWW0S3DCYLwzMx6ZOeOldF4G0bUNN8K6vbXtrJDPN c3Dxo2MsG6H8aq6ToWpwfBaTSZbORdQNtKgtzjcSWJA64oAfeeKr651PwO0Bjii1dHedTGGP3FIw TyOSelZ/gGw1WPx94kabVRIkNyBcr5AHnkrwf9nFTL4e1UXPw9Y2MuNNiZbs8fuTsQc8+oPT0q7o Vtq2i/EbWxLpM0lhqkyypeIw2RgL/EOvtQBsfEDU7nR/BWoXtmyrPEoKlkDDqB0PFcTr9tq1/wDE bwrJb6qtvLc2ZeFvIDeSfLy/Hfdz9M12nxD0671bwRqNnYQNPcyqAka4yfmFc/4h03WLHW/Cms2O lTX40+2aGeCJgHUlMd/r+lAHf3UU0tnLHbz+TOyEJLt3bW9cd68g8I/2zpPh7xhqkOqqfsk1zuj8 gfvJlQESZ7fSvZI2LxqxUqSAdp6j2rzjS/D2qw+CvGlpJZSrcX1zcvbRnGZQyAKRz3NAFO18TeKd J8I/8JbrOoW89vPbgQ2Cw7fnJwhLfmSKt6g/jjw9oX/CQ3OsW94YlWW60824VAncKw5yM1o3vhK6 1v4UWuiOv2e/jt4yqyH7si84OPyrN1S/8WeJPDh8Pnw3LZ3VwogubyWRfJVf4mXByc4oAl1zxPru oeKdD0/w3dQ28OqWHnlpow/lcklvcgDGKqWl741fxTd+EzrFszxxrcf2i1sN6xnsFzjJJxz0xWtH 4au7Dx94ekt4HksLHTGtnn4wG5/nVyz0q9j+K2o6k9u4spdPSJJuNpYMMigCLwFrWq3Woa3o2t3C Xdxpc6otwqbPMVgcZH4frVH40wXMnghpIbkRwxyr5sWzPmZIxz2wa0PCmk31j428V3l1bPFb3csT QSNjEgAbOKn+JWjXmveCbuz06LzbncjrGDgtg5IHvQBx/i2DW7XX/A8EN9Dc6sfPVLmSLagzs5Kj 0B/HFbWn6n4h8O+ObDRNb1OLVLXUYZHSXyRG0bKCT07cU24ttX1zxL4O1STR7m0W0M63KSFT5XCg E89DitDxBo97d/Ejw5fQ2ryWVvFMs8oxtTcpAz9aAOXtvGeoeJ3ur6LxfpWgW6SslpaTbC7gdGfc cgGuz+H/AIqfxZ4eNzcCIXVvK1vOYjlGYfxL7EEGuL0zQbzwfHd6Zc+C4ddQSs9neJFGxZT0V9wy MV3PgfTdQ07Qf+JrbWVtdTSGRobSFY1jB6A44JwOtAGT481vXbDXtB07w/PDHLfu8beagZenX8OT UUOpa/4U8W6Zp2t6kuqWOrFo45fJEbQyjtx1Bqr8SZ7228YeFJtMtxc3aSyskJbG/wCXkZ+masJb ax4y8X6VfX+kTaTpukFplW4YGSaU9MAdhjrQBR0e/wDGPibxDq0Vpq9vaWOm3pj+a3DM4z938BU+ nah4n8dXOoXmkavFpOmWtw1vbgQCRpmXqzZ7dPzrW8B6Te6ZeeI3vrZ4FutRaWEtj50x1FY+jpr/ AIBuNR02HQZ9W0+e5a4tJrZ1BXd/C4PToKAIG+JGq2nhi7gubeF/EVvfjTlA4R3bo+PwPHrip9Yu /F3ge0g1nUtYh1WzEireW/2cJsDcZQj0qi/w/wBbvfDl5qM3kx+ILjUV1JIAflUrnEZPryf0q5rz +JPHunQ6G/h+fSYZZFa8uZ5FKqo5ITHJzQBS1Gw1e6+M1qbfWVjeWwM8EhtgfLhLn93jPPf5vevT NUt7q502eKwuhaXLr8k5QPsOeuD1rmJNFvE+K9hfx2znT4dKNuZ+Nofc2B65xiuyPQ0AeLeCtX1D wn8NbrWRcrcxPM8NvZmIDExcDcW6n6Vv6nL428MaIPEN1rFvfrEFkurA24VQhIyFYc5Gag0nwRqd 78JZNGnhNnqS3TXEKS4+8H3Lk+hqfV7zxX4q8PDw/wD8I5NYT3AWK6vJpF8pFB+Yrjk5xQA/XvEP iDU/FulaX4bvYrWDUrAXO+WIMYwed31xiu60eC+ttKgi1S6W7vEXEkypsDH6Vylv4du7H4i6NNDB I+n2WlG1NwcY3DgA/lXcUAeZaTf+MfE3iTV4LPV7e0sdNvdgLQBmcZ+79AKrv4yvfEWraiIPFem+ H7KzmMECTbDJOV6udxHy/Sul8C6TfaZqXiSS9tnhS61AywlsfOuOormbfw9c+EtT1OCfwhFr9lcz tcWtwkcbOm7+Bt3IA/z1oAsRfEXU3+H+sXsa21zqmmTC3aeDDROCQBKAOox+FS+G9V1y61Kxl0/x RYa/aSn/AEu3KLFJCMcso68emKn0/S/FVt4Mv57Sx0ux1SeXzIrOK3QKIv8Anm2OC2PX+tYU3h+8 8Qa5pM+neEJPD91b3Cy3N5uVE2jqFC9c/SgDfOp+IvGHiTVbPRNSj0rTdLk8hpRCJHmk79egrPuP Guu6f4d8T2N/LF/bWjBGjuo4xtlRmADbemcGr0UGt+CfFGsTWmjzatpeqzfaVNsyh4ZD1BB7c/pV P/hDNa13SfFGoahElpqOsxqkFoWz5SoQVDH1OKAN3xhr+oaV8NTq1nMEvfKhbeVBGWK546dzWV4k 1zxJN4q0TRdEvYrc6hYebLJJEGCHklh74GMe9ZOvv4t8ReBk0JPC9xBLCkYnleRcPsxwgzznFdM2 jagfiJoN/wDZZPstvpZhll4wj8/KaAKl5qfib+19O8J2upQf2kbdri91EwAgJkhQqevSpo9W8S+E LfV5PETJqWnWlt51teqFjZ36eWyg56nr7U/xJpuq6V43tvFGkWL6jGbf7LdWsbAPtzkMuevX9Kqy 6f4k8cx6umpQvpGlTWnk2tpNtZ2lzkSNjkAY6UAYJ8X60ui/25/wmeiNd7POOk/u8beuzOd27H41 6joOrR67oVlqUSlEuoVk2k/dyOR+BrzKK01e30OPSl+H9m2rxqIRfNDE0Bxx5hPU8c16fotnJYaN aW0/k+dHGBJ5EYRN3fao6DNAF6iiigAooooAKKKKACiiigAooooAKKKKAEopaKACkNLSd6AEZwvL EAe5pa8g1U6BdeItTTW9Q1bXb1piI7fTEk2Wq9k4OCw9araT4s1TTvhLqskVxP8AaYb82dtJNzJE rEdc9wCfoaAPZwwLEZGR2zQSFGSQB71wR+GJsVsrvR9YvINVgdGmuJpmkWcfxArnvVOy0seP/Fvi A6zdXX2LTJxaW9tDK0agjqxx1OaAPSqQMDnBBI6815T4pGseBfCK6UurXFyl9fiGCWNS08MB6qDn lvSsmWaHR7iyvPCen+Kor6OZROt3byNHOhPzbsk80Ae2FguMkDPTJpa8d8URiDxhqN14vstan0uU KbG4snYRwJjuB0P1q/Ml/ffCpY/Dmr3WtIlyPMePKTmEHJj9cigD1IMGHykEexpa8j8IXOgr4tsV 0q+1XR7rBWfTb/cRcZHQEnr3r1a8nNtZTzgZMUbOB64GaAMGHxS95rmsW1nbq9lpMP76ct96fBOw ewA5PrVvwnrzeJvDdpqjQCBrgE+WG3AYOOtct8OIv+LV3F4/M179pnlY9WbLLk/981yTa1c2Pwz8 J6bbyXUUWoyutw1opaYxq3KoB3Of0oA9uDBhwQcehoLBcZIGemTXjNvdJo3iDS7jwpp3ieJXnEV7 DeQSGKSM8FiTnBHWpPE8QtfGGqT+MrPWptPkYGxurJ28uBPoOh+voaAPY6QMG5Ugj1Bry27j1C++ FkCeHtWutbijuR5zxZSdoAeY/XIqDwbc6Cvi6zTSb/VNIuCrLPpl/uInJHYk8GgD1qkLDcBkZPbN Udd1BtJ0DUL9FDPbW7yqp7lVJFeLWElnqmg/b9Rh8W3Guzq0i3lvDIY0b+HZg4K9KAPeKQEEZBBH 1rx3Xb3Wde8K+DY72W8sNQu742sz/NE/XbuI46jmpvE3hCPS9e8N6Hpuo6jDBfTyea5uGLYwMgfg D+dAHrgIIzkEetAIYZUgj2ry/VNFEHiTRfBFjfX0OmTJJeXL+cTJIBnCbuw+Xp71Yn03/hAfG+gp pF1c/wBnatI1vPazStIoYDhhnp1FAHpG4DHI5pc15N4S8Lr4m8R+IbvUb+/8uy1aVbeKO4Kqp3kk /oBXfeNHaPwRrboxVlsZiCpwQdh70AbRYZAyMnoM0teTWPghZvhzHrsmp351pbT7VHc/aGwm0ZCg ZxjAxUOuXV54ufwCHu57ZtSilFy0DlCRhN358/nQB68CCM5BHrQCGGVII9jXmGqaH5XiTRvBVlfX sOlSRyXlwxmJklAPCbuw4qaXTv8AhAvHOhQ6Rc3J07VXa3ntZpS6hh0Zc9OtAHpJYAZJA7cmlryH wX4Qi8WaVqdzq+oag4jvJo7ZEuWVYsHOcdzk9/Sqq+LdVtPhHap9rna7mv2sPtCAtKIwe3q2OBQB 7OGBJAIJHXB6UteIXMsWjtaXnhOw8Vx6lDKvm/areRo7hP4g4JNe2xv5kavgjcAcHqKAOT8ReML+ z8RR6DoGlLqGoGD7RJ5kojRE+vc1peD/ABMnivQxfC3a2lWRopoWOdjr1we4rzPxUdX8aa7qGseE 4Gt/7FR7V7pJCslz13Ko9hn866b4ceK9Dnjs/D+h2lyrJbGedn58t8/MGJ6kk9aAPQj0pNwyBkZP QZrG8Zu0fgzV2RmVhauQynBHFebN4RU/CxPEkmp6i2rx2a3Uc32lsIBghQOmMcUAex0gYMMqQR7V 5jqV5feKtR8KaFNeTW9te2IvLxoW2PNgfdyPUj9aln03/hAfG+gx6Rc3J07VZDbT2s0pkUN2Zc9O tAHod7c/ZLC4udu7yY2k2564GcVm+FNePiTwzY6q8K27XSsfKDbsYYjr36Vc1r/kBX//AF7yf+gm vJfDPgeDUfhaur3F/freJbyy2xjnZVgClsAKOOSCfxoA9npFZWGVYEexrynUNVj1LwP4XuNf16a1 glTdcQQBjPekcAAryPf61R8PXtrp/wAS9Ih8Pw6vZ2F7HIs0V+GCykAncoY+w5oA9kLAEAkAnoCe tYPijxM3h2fSI1thP/aF6loSX27Axxu6c15hq8UVnrmrt43g1xZJLhmtNRtXYwxR/wAGADgYq/4t U6j4R8Hw2ustfNLqMcUd+ow2ScA49R7+lAHrwIJIBBx1pa8v1Tw/H4I8VeG7nSL2+xe3f2e5Sadp BKCOpz3r0q8tI76ymtZt3lzIUbYxU4IwcEcigDk9F8Y6r4g8TXVtYaRGNIs7hrea7knAfcueQv1F dlmvE9A0S2svCfjLULd7lLi2lubaM+e2AmfTu3v1rrb+4lHwKWfzXEp0mM+ZuO7O0c565oA7+kDB hkEEeorya+s7jW/FXhHTmv7uC3uNIDXHkylWkUckZ9yBzV7SrMeDfih/Zen3Fy2mXOnNcNBNKZNr KTyM/T9aAPSyQCMkDPTPesjXPEcGh3ml20sTySajceRHtIAXjJJrhfDPhhPiBo1zrutahem7uppF t/KmZFtgpKrhRx2qn4p8KPHd+D7fW76W9u5Lk2ss8cjJuQDI78Nzjd1NAHpceoX7eJZrF9OZdPS3 EiXu/h3yBsx9MmtIsMhcgE9B3rzaa+fQfiLrZheV4bHw+JI4mcsMqVwee/vUHh/wMnibwlFreo6n ftrF7G06XK3DKISc7QFBxgUAeo0gYEkAgkda8Xvtc1TxH4E8KSNezQ30mp/ZZLiNtrNgMN31x+tb Gq6BH4I8X+GZ9HvL3F/d/ZrpJp2kEoOOTnvyaAPUaQsB1IAPvTq8d8E+EIvFPhi8vtW1DUHeOeVL ZUuWVYcHOcdzk96APYaRWDdCDj0NeJSeK9Vf4caBZyXV2XvLyS1nntwXnaJDghe5JB/SpormPRtb 0y58J6d4oiJnWO8hvIJDFLGeCTnOCKAPZyQoyxAHqTS143q+qwa7451mHXoNcurGwf7PbW2mxuUB 7s5Ujn0qbR/EmqaFoHigW8OqCwtIRNp0mpQsrpuIBXJ64Jz+FAHpfiLWP7C8P3+pLGJntITL5ZbG cds9qn0m+Op6RZ3zJ5ZuIVlKZztyM4zXluteAooPhrPq41G+bVDafaLiZp2KzAjLKV6YwTim+I9Z lFn4R0R21AafPYpPdLp6FppQFGFGOccc0AevqwYZUgj2oJAIBIBPTnrXknh+6Ol+NtNTw3YeIYdL usxXkN/BJ5aH+FwTnHvVvw54fX4gHVNa1q9vPN+1SQWqQTtGLdV4BAHegDs/CfiVvEtvfytbCD7J eSWoAbdu2nr0qLxn4ql8MWtmLOy+2319cC3t4S+wFj6msP4QQSW2h6tBNIZZYtTmR5D/ABkYBP41 S+J+g2d54l8MTTGffd36W0m2VgNnsOx56jmgDvtJuL6bSoptXtorS7IzJEkm9U5/vVeznkc15imk p4o8dXugXVzdx6NodvGkdukzKZWYfeZs5NO08T+FfGWqeGoLu4n02fTGvLdJnLtA3IIDHnHB/SgD 0vIzjIz1pa8w+FXhZLrR9O8RX19fTXoLeWrTnywgyoGO/rXQfEvV7vTPDkUOnzNb3F/cx2omUcoG PJHocUAdcGBJAIJHUA9KCwXGSBn1NcOvw3/sq+0++0HVru3uoJQblriVpVuU/iBGeprJ0DQ0+IV/ rGqa9dXbxRXj21rbxTNGsKrxnA70Aen0mRuxkZ9K8dn1C/s/BfjTQ5r2a4/saVEt7hmPmbGPAJ9s frT/ABH4W/sPwDB4mt9T1BtahSGZp2uGIbcR8u3pjn9KAO28X+LrvQb7TdM0rThf6jqJYRI8uxAF 6kn8av6DqmsXt1dQ6vpAsRCkZSRZd6ysQdwH0wPzrg/FXh6y1X4jeGnuDcA6nC7z7J2XBVFxt/u/ h1pZJ5or74kxrPLst7FBEC5+TEb9PTpQB3+p+HbTVdb0zUppZVn01meJUI2tuGPm4zWtkZAyM+le TaX4YWz+Gs/iKa/v5tSn01yxedtoBHGB7AVm6j4dk074XWXiqPVdROsrHDMsxuGwAxAChemACPyo A9ryM4yM9cUFgoyxAHqa8l1/QD4ZtPD/AIgtdRv31Oe9gW5kknLCYPyw29APYVY8WSaJL4xu08Qa nqGokIq2+l6cj5gGOS204JPWgD0y8u47KxmupMmOGNpG28nAGeKwU8U3eoeEbPWtG0qS6e6dcWxc BlQsQWJ9sZrgPC4Gp6B4z0iZtQXT7T97bQ3Lss0XDEA9x90cVAtgmlfBfTLyzluI5ry7gaU+a3Z2 HHPA9hQB7Tuwm5sLxzk07ORntXm1xZv42+IuoaXqN1cppWk28WLeKQx+a7gHcxHXv+lM09Z/C3jD VfDdvdzz6ZNpr3cCTSF2gYDBAJ5xQB6WWAxkjnp71i+K9dn8N6YmpJbCe1ilUXYBO5IycF19cEji vNvDPg2PXfhp/bN/qWovfCGZ7dxcsBCELAADPPIP5123hqSXxJ8LLcaixmkurFo5Gbq3BGTQB1cM qTxJNE4eORQysOhB5BqSuO+FN9JffDzTWlJLRBosnuFY4/TA/CuxoATFGKWigBKMUtFACYopaKAE opaKAExRS0UAJiilooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACkpaKAPO9O8G+KfDs1/b aFqmmpYXk7TeZcQs08e7rjHBP1p+k/DJoPCusaFqd8txFe3Hnw3CKQ6NxhiOmcjP516DRQB55L4O 8Wa1DaaZ4g1mxfSrd1aQ20bCa4C9AxPA98frVy78Ja5pXiG+1TwlfWUK6hg3NteIzIHHG5SO/Wu3 ooA4AfDN7nw7dQX+qO+s3N0L03qLxHKOm0en+e1Obwz4w1m5s4te1u0isbWRZH/s8Okk5H94n/Pt Xe0lAHE3fhvxTp+u3154d1a0e1viGe31AO4ib/Yx2qrb/De7tPCktpbau0GrSXn25riIFI/M/u7R /D/nFeg0lAHBx+EPEWs6/pd/4ovtOaPTJPNiSyiYNI/GCxPbjtXdSRrLG8bjKuCrD2NPpKAOB8A2 8tlo2teErhgl1YSyLHu6NFICUf6ZJoHw5uD4L0nTlv0g1bSZDNbXUYJUNnOCDzg8flXaHTLQ6oNR 8hPtgi8nzh94pnO36Zq1QBxEPhvxXqusWVx4i1i1S0sn3iDTg6ec3beT29v0ouvDfirT9c1C68P6 tZvaX7+Y0GoK7+S3fbjt7V3FFAHn0Hw3vLPwoLOy1hoNW+1/bTcRgrG0n90qP4f84qWDwh4g1fxF pmp+KL7TymmMZIY7KJgZH45Yntx2ru6WgCC7tYr6zmtbhd0M8bRuvqpGCP1rgbfwh4y0jSn0TSNc sBpZ3LFNNG32iFD2BHHc/wD1q9FooA4u88DXD2/hiCC/Mo0e7W4lluWZnmwcnHXmtDXfDVxqvivQ tVimiSHTXdpEbO59wxxXR0tAHLeLPCl1rF9Yato96tlq9gT5Uki7kdT1Vh6f4mqen+EtYv8AxLa6 34qvrWaSxU/ZbazRljRj1Y7uSa7WigDm/CPhq48PT609xNFKNQv5LqMR5+VWOcHPep/G/wDyIuu/ 9eE3/oBrdqK5tob21ltrmNZYJVKSIwyGU8EGgDyzw94b8War4FsNNj1myj0a6hUs5ib7QkZ5KA9P UV1V34KP9s+Fp9Pljis9DV0Mb5LOpVQMfl3rqLS0gsbWK2tYkigiUKkaDAUegqagDlvFnhS61fUL DV9HvUs9WsCRG8ilo3Q9VYDt1qpp3hLV7/xLa634rvrWeWyUi1trNCsaMerHPJNdnS0Ac14M8NXH hrSLu0uZopXmuZJlaPOAGPA571i2nw2c+BpdDvLxFuRdtdwXMAP7p85XrXfUtAHAv4Y8ZazJaW2u a7aRWFu6u7WCuks+OzHt/niu9AAAA7UtFAHADwb4j0DVNQl8J6pZRWWoSGZ4LyNm8lz1K4/rUPhv 4b6l4Y8RW+p2mtCUzhv7TR4+JScn5AOnP+e1eiUtAGb4g06TV/D99YQuiSXMLRqz9ASO9ZTeF7g/ Df8A4Rvz4vtP2EWvm87N23GfXFdPRQBxGo+Bb2Sw0K402/jtda0eJYkmZSYpBgBlI64NOsPCWsah 4ktNa8V31rPJYqfsttZoyxox6sd3JNdrRQBWv7c3enXNujBWmiZAT0BIxWFoPhm40n4fJ4flnie4 W2lh81c7MuWwfX+KumpKAPOX+HerWlp4cuNMvrMapo0TRYnRmhkBz+OeasR+DPEV34u0rxDq+q2U s1ozK1tDGyxohBHyk5JPPOa7+igDgG8K+LtMnv7fRdYsZtOvJGcLqCvJJDu6gHuP84pF+Gstronh 7T7S9jY6ZqC3s7yKR5nzZYKB09q7+igDnfFHhy417UNDngmijXTrwXEgfOWGMYGO9dHSUtAHH6L4 Jks9F1/Tr64jdNVuZpQ0QOUV+mc9xWDL4C8XXfhc+HLnW9PGmxR7ImjibzJAPuKx7L06c/WvTaWg DkLbwfdQ+JdB1JriAxabp/2SRADl2x1HtVm58Mzz/EG11/zovs0Nm1s0RzuJJPPpjmumpKAPP4vB 3ijQBeWXhjVrGPS7mRpEW6jYyW5brtI4P40t78Obu38P6La6LqEa32lXBuRNcqSsrt94nGSK9Aoo A5C08I3kniy61fVZraWO70tbKeKIMMvkFiM/w8H3rKtvB/i/SdMk0TStbsBpTblilmiY3EKH+EY4 7n/61eh0UAcRdfDxYtH8Padpc6JFpV4tzI02d0vXd07kmtTxR4auNd1TQbqCaKNdNvBcSB85cccD HfiukooAK5nwX4YufDPhybTrmeKWSSaSQNHnADdOtdNRQB53b/DO4Xwba6a2oRw6pY3b3drdRAlU YnIBB7etW4/DXizV9VspfEWs2sdnZv5nk6cHQzsOm4nt/nFdxS0AcTf+E9b07xLeaz4Tv7SJr8D7 Va3iM0bMOjAjnNS6T4Kun0/Vk8Tam9/caqCsqxsRFEvYID0/+tXY0lAHmt14I8Y3fhx/Dr65p/8A ZiJsjl8pvOdR91WPTHTOOfrWrqnga8nsNDn02/jtda0eJY45ipaOQYAZWHXBrtaWgDjNM8OeJLvx Fb6r4l1aApaqRDaWG9I2J7tnr+tVh4R8R6HqV+fCupWUOn38hmeK7jZmgc/eZMf1ru6KAOX8B+Fr rwlpV1aXl2l1JNdPOJVBBIOOue/FTeKfDdxruo6DcwTRRrpt8tzIHzllHYY710dFAHG634U1WPxM fEHhe+tre7miEVzBdIWimA6HjnNGjeDL2K/1LWNcvorrV72A26mJSsUCY6KDz1/zzXZUUAYXgzQZ vDXhez0u5ljllgBBePO05JPeneLPDcXinQ5LB5mgkDLJDMoyY3XkGtukoA4I+EvFOuXVhF4m1axf T7KVZtlojK9wy9NxP9KkPhLxDoWsX9z4T1GxS01CTzpba9jZhHIerKRXdUlAHB/8K6nXwbrGnm/W fVtWfzbm7kBCs2c8AdAOfzrW8S+GLnW/ATaDDPDHOYYo/MfO3Klc9Oe1dPRQBy194VubrxP4e1NJ 4RFpcTxyoQdzlgBx+XeqUvgm8ku/GEouoMa7biKEYP7shWX5uP8Aa7V21FAHM/8ACM3A+Hf/AAj3 nxfaPsf2fzcHZuxjPriqmqeDbu/+GcHhqO5gW5jghiMrA7CUK59+1dhS0Act4n8LXOu6FpVjBPDH JZ3MEzs+cMEHIGO9ZbeEfEej+JtU1Lw3faaIdTcSSrexszRsPQjtya7yigDh/DfgS/0i619tR1OO 8XWIwHlCFXD4IY46Y+bj6Vnx/D/X38FJ4eu9Q0947a5iktXRGBCKxLBuOvIxXpNFAHGax4T1WLxL /wAJB4Zvra3vZYRDdQ3SFopgBweOQeB+VLo/gy9jvtS1jXL2K61i9tzbqYkKxQIR0UHnrXZUlAHM +G/DFxovgBNBmnikuFhmj8xM7MuWI68/xCqEqS+A/hYbWeRJbqCAwReXnEkrkhQAeepFdrVW8020 1CS3e7gSZraQSxbudjjow96AMzwTob+HfCGnadKB50UWZcf32OSPwzj8K3qSloAKKKKACiiigAoo ooAKKKKACiiigAooooAKKSue8bajqul+Hp7nR1gEkalpJZT/AKtR6L/ET+VAHRUVwPi/xXqGk3cU VvctCBp/2oeVbiYySZxiT+4n+1x354rt7OZriygmfZukjVzsbcuSM8HuKAJ6KKKACiiigAooooAK KKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoo ooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiii gAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKA CiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKo61pi6zo91p7yNEt wmwuoyVq9RQBzep+E5Ly6knstTlsnuLVbS5xEriRBnGM/dPJ5963LGzi0+wt7ODPlW8axJk5OAMD +VWKKACiiigD/9k= --_004_TY1PR01MB1466B046019192708FF52C46E5F10TY1PR01MB1466jpnp_-- From nobody Thu Dec 3 17:26:28 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 87EA33A11EB; Thu, 3 Dec 2020 17:26:26 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.918 X-Spam-Level: X-Spam-Status: No, score=-1.918 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_IMAGE_RATIO_04=0.001, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hAvVG65Pbj-w; Thu, 3 Dec 2020 17:26:24 -0800 (PST) Received: from mo-csw.securemx.jp (mo-csw1514.securemx.jp [210.130.202.153]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4B4BF3A11E7; Thu, 3 Dec 2020 17:26:22 -0800 (PST) Received: by mo-csw.securemx.jp (mx-mo-csw1514) id 0B41QIFb008269; Fri, 4 Dec 2020 10:26:18 +0900 X-Iguazu-Qid: 34tr8pqEJcNCq8UYzc X-Iguazu-QSIG: v=2; s=0; t=1607045178; q=34tr8pqEJcNCq8UYzc; m=hsWRQtvlQYnTrc7UiaZOyG80sp5qPDMusHcqhnQ2YJk= Received: from imx2.toshiba.co.jp (imx2.toshiba.co.jp [106.186.93.51]) by relay.securemx.jp (mx-mr1511) id 0B41QGR3000779; Fri, 4 Dec 2020 10:26:17 +0900 Received: from enc01.toshiba.co.jp ([106.186.93.100]) by imx2.toshiba.co.jp with ESMTP id 0B41QF8j015732; Fri, 4 Dec 2020 10:26:15 +0900 (JST) Received: from hop001.toshiba.co.jp ([133.199.164.63]) by enc01.toshiba.co.jp with ESMTP id 0B41QFfe013261; Fri, 4 Dec 2020 10:26:15 +0900 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=MwHDrqizJEOABfOUFKKmSDD4ZflB0Nyt3XpWMKKmdt+W/v5YGTFLACLhOCk1cPrptQb0ehZBTEiVCYnZV/6oz2+6ly+JVzUD/j7OLKjhrJgvodPA6inuL+xph3nJbAzMdAbd8euNZgPne8l4EfyFrCEMYnLxnBndKC8ub5cvFCi7U4a+7uImtyAKHkjvi95MSzh5r9KYkfRqf1ld/WIAUS6mNZ8/1u6sJtMa1PqsziX7sX94F9CUnnzN3ntQLNxfTIbtOjOsADrEw5YXaY5uoPEngS8BH/I5/bEkHHn4Oy5CABNuOjQ/9Sjf7aICbNa6lGibInG0Y34H/KuFHU3uKQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=TA4nnl4aVnQHstZLbcxSRJ1UW6sBFNq9e7RV9zB9pJg=; b=AgbqUFsgpa1jtp1gnHLgnW7euyh63lPRAT6bZZoGQNnS3QWoaTq1EiOxC9nO8ILJ4h7jcd8COesI0c0kBe0rZIMazoX4AkWVaUIBVbUhHNOqdrjZ8/WlB2lHir8jLDWjbcQ9NnAR/iN0YfE7qE1kUpufRed6IBAUI3uhLUxUL2p/mAUF3NdpjMQ4dY+1TLfZAKWrg3Vv5w5o2N7cje8UQA1Y6/x21t/n2CNF9mNcfaarXD/7df6bdrshe10SC1P0SPWhkwWMVeTBpE2Tnv0n1ELnISk7RWqjcRfW33h15niMJoIQBdJ+s5cPrJ/5UNwledOVhnsY0zwSNZXrCwk99A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=toshiba.co.jp; dmarc=pass action=none header.from=toshiba.co.jp; dkim=pass header.d=toshiba.co.jp; arc=none From: To: , Thread-Topic: [OAUTH-WG] DPoP followup III: client auth Thread-Index: AQHWyPrEOGWRAyI//ECYKFnkC8YmFqnmJquQ Date: Fri, 4 Dec 2020 01:26:10 +0000 X-TSB-HOP: ON Message-ID: References: In-Reply-To: Accept-Language: ja-JP, en-US Content-Language: ja-JP X-MS-Has-Attach: yes authentication-results: dmarc.ietf.org; dkim=none (message not signed) header.d=none;dmarc.ietf.org; dmarc=none action=none header.from=toshiba.co.jp; x-originating-ip: [124.211.28.2] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 04492adb-e5a1-4660-443a-08d897f394d6 x-ms-traffictypediagnostic: TY2PR01MB3977: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:9508; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 8CqS5/gHe1NB5mS4NW34D/qimwg2svJNAQLHJ3EdCSFLzl3Ni4Exu9XzOXqhqDdzqAjU9M8zCEuSmDo1hwMAXESzl1G/GeZPpk6F4XjTirX5QGMNiDltWp88TUL5Azo2OiVF6OrIa9E8WOqvjZnkAEFPjSutrrQcSLWUe/tvSiyivtllUu7rPPipGyTpni863tBL+/5TeSOnoqVgg5wi6ciCka13zFfF1b76re2TXGo91sfIMpyiWUIfRxKH2Tx59FONojZoEbfL+4Mkr3u3ct6kky7W6tIVATJ5Akp2suus4PUNwBG4O2t47rMFOlhdCO+Cv58DO0ET2uiuRJxrTrFtniYKhUE+aG/z9aCyO/F7j6GfJhpITareSoU/t1Oi5trslQG1LWRHM6sVDSanSQ== x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:TY1PR01MB1466.jpnprd01.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(376002)(346002)(136003)(396003)(39860400002)(5660300002)(53546011)(52536014)(66446008)(6506007)(55236004)(166002)(83380400001)(8936002)(316002)(99936003)(8676002)(110136005)(7696005)(186003)(26005)(64756008)(76116006)(66476007)(66556008)(86362001)(66946007)(478600001)(66616009)(71200400001)(33656002)(9686003)(55016002)(2906002); DIR:OUT; SFP:1101; x-ms-exchange-antispam-messagedata: =?utf-8?B?RVdabDVlVnBZSVFLci9XdVFwUWRVU04xRFpoMjNHdVFpNXhPUys5STduKzA3?= =?utf-8?B?cVBkcDlpaGpRR3Y4UzkvNEtQKzhyVzN1OXRoZG93VW1vSENTVWdON0hOa1Br?= =?utf-8?B?OFpZRWxLOElnM3NPUnB2NUg0TjMxWjNUVnFnNW4yWENIZk50aFJGb1cxVnBV?= =?utf-8?B?SEk5TXdyM3lzczV4cUVPaWNycEpnR0pNRS8rZmI0M1htblM1RXJMZmxTVGxJ?= =?utf-8?B?V0lZL3BaenpxZS9vYXlmcWNZOXN3dFVYcjNjUmFyVjRDRlBId0xYaUlTSmhj?= =?utf-8?B?azJSWUsvOXVhV3QwY1Q4Z0p5ejQzQkNpWjVSWG9FSC8wUFdzZ0lCQXV5S0lZ?= =?utf-8?B?T0dXWlRTLzVIUFpTcSs3d2F1a3NSVVVOVysydFVmRTZOcUhhcXdMeUJHRlpH?= =?utf-8?B?eXJFQmdYNENzZmlPMk1oLzVnckxxM3N3UkV0UW8zSXoxVlBwbm9iMjhFeHox?= =?utf-8?B?NUJmTmZvS2RidElXT0ZBVjErdGlFTnpmQ2hXVzZEMTJkMGd3cnRMOWJlMUFS?= =?utf-8?B?YTlaN3ZUYlM4Q1BRcWZNSFFUNDVXNHVIbG9hZWhad3BPOUh5QXBQQlJJRzhz?= =?utf-8?B?bWdaQVFWNGtkNGZjUWx2YTc5VVlBdFNURnhsM3p4RHAyUU1WZWFqTjVrbXVu?= =?utf-8?B?TkpRWEdLR0dyVTJ3eTA0QlJvc3RiWWVFdUJVMHppYUpLTU5obHdDREdCdlNo?= =?utf-8?B?MGhjbFduWUl2STNGY2JrYll1Y2ozaDlGMUgzbkxvSlJWcXp6SEdhY1BqREtX?= =?utf-8?B?dEc3UkZ2MkJRZC9zY2Y1Tk04KzZOYTRQSU9kdUo3Zzg3UWQyK2huVjIwcm1i?= =?utf-8?B?S0ExQmtkMjdnRFFnS0hldVBRdU1kVXpHdEJUdlhSU1ZURlRBYWpSK2d6b1dC?= =?utf-8?B?UFJKc1ZlTWlkQVpVclhGU1NJaWVnZ0d4aW5lY3Fjd0R4azZBNkdLaHVZSkNo?= =?utf-8?B?WExTOHJOaTgvN0llUVRwSG9MOEtDRXJsSEdoUmNZc0dqMEszZ3pFcVpQZ2lO?= =?utf-8?B?eXVoWnBzSTluYzk2WUdYbk9PMjZVYmwzMnBiQU1GcDNSbERQZmhON1g0QXgz?= =?utf-8?B?NE5qVEJzM2l5c0JyaEIrNU84d1FsUXJ5UGxaTXZNaEoxTERJRjQ2UW4yZ001?= =?utf-8?B?QVpOb21lOHNtVVZ5d29lUytXbExFV0hHQ2tybXZ5djQ2d2t5VVJja1RwN1NL?= =?utf-8?B?dFRqdW5HK2hJQzZSYjZFVm1IRkNYTHF3cXl6UUY1Rll6NmpxeE9Cd1dMNDhN?= =?utf-8?B?ZmFvT2luNlJlaWZ0WHpCQ0ZEQ3Zicys1N2FMSm8vM2wrUFFDa1B4akFSMUY1?= =?utf-8?Q?ZopdzWpquN5l0=3D?= x-ms-exchange-transport-forked: True Content-Type: multipart/related; boundary="_004_TY1PR01MB1466B7B9186A75EFA9315FFCE5F10TY1PR01MB1466jpnp_"; type="multipart/alternative" MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: TY1PR01MB1466.jpnprd01.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 04492adb-e5a1-4660-443a-08d897f394d6 X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Dec 2020 01:26:10.1932 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: f109924e-fb71-4ba0-b2cc-65dcdf6fbe4f X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: LDXUFKHs10k89vWGW/aOaO5/GhMP49QCI8uDTaR6OTtwVZHZ8L8wVuD6uft/w79TJorm90QaOp89mt+6XBeSjgOOb7Kt98vTHfPKfYU1L50= X-MS-Exchange-Transport-CrossTenantHeadersStamped: TY2PR01MB3977 X-OriginatorOrg: toshiba.co.jp MSSCP.TransferMailToMossAgent: 103 Archived-At: Subject: Re: [OAUTH-WG] DPoP followup III: client auth X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Dec 2020 01:26:27 -0000 --_004_TY1PR01MB1466B7B9186A75EFA9315FFCE5F10TY1PR01MB1466jpnp_ Content-Type: multipart/alternative; boundary="_000_TY1PR01MB1466B7B9186A75EFA9315FFCE5F10TY1PR01MB1466jpnp_" --_000_TY1PR01MB1466B7B9186A75EFA9315FFCE5F10TY1PR01MB1466jpnp_ Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 SGkgQnJpYW4sIGV2ZXJ5b25lDQoNCkknbSBpbnRlcmVzdGVkIGluIGEgY2xpZW50IGF1dGhlbnRp Y2F0aW9uIG1ldGhvZCBiYXNlZCBvbiBEUG9QLiBJdCdkIGJlIGEgZ29vZA0Kb3B0aW9uIGZvciBh cHBsaWNhdGlvbi1sYXllciBjbGllbnQgYXV0aGVudGljYXRpb24gd2l0aCBhc3ltbWV0cmljIGtl eXMuDQoNCkhvd2V2ZXIsIEkgZG9uJ3QgdGhpbmsgdGhlIERQb1AgZHJhZnQgc2hvdWxkIGluY2x1 ZGUgRFBvUCBhcyBhIGNsaWVudA0KYXV0aGVudGljYXRpb24gbWV0aG9kLiBJdCBzaG91bGQgYmUg YSBkaWZmZXJlbnQgZG9jdW1lbnQuIEluIGFkZGl0aW9uLCBJJ20gbm90DQpzdXJlIHdlIGNhbiAo b3Igc2hvdWxkKSB1c2UgZXhhY3RseSB0aGUgc2FtZSBEUG9QIFByb29mIEpXVCBzdHJ1Y3R1cmUg Zm9yIGNsaWVudA0KYXV0aGVudGljYXRpb24uDQoNCg0KVG9zaGlvIEl0bw0KDQpGcm9tOiBPQXV0 aCA8b2F1dGgtYm91bmNlc0BpZXRmLm9yZz4gT24gQmVoYWxmIE9mIEJyaWFuIENhbXBiZWxsDQpT ZW50OiBUaHVyc2RheSwgRGVjZW1iZXIgMywgMjAyMCA3OjI5IEFNDQpUbzogb2F1dGggPG9hdXRo QGlldGYub3JnPg0KU3ViamVjdDogW09BVVRILVdHXSBEUG9QIGZvbGxvd3VwIElJSTogY2xpZW50 IGF1dGgNCg0KVGhlcmUgd2VyZSBhIGZldyBpdGVtcyBkaXNjdXNzZWQgc29tZXdoYXQgZHVyaW5n IHRoZSByZWNlbnQgaW50ZXJpbTxodHRwczovL2RhdGF0cmFja2VyLmlldGYub3JnL21lZXRpbmcv aW50ZXJpbS0yMDIwLW9hdXRoLTE2L3Nlc3Npb24vb2F1dGg+IHRoYXQgSSBjb21taXR0ZWQgdG8g YnJpbmdpbmcgYmFjayB0byB0aGUgbGlzdC4gVGhlIHNsaWRlIGJlbG93IChhbHNvIGF2YWlsYWJs ZSB3aXRoIGEgZmV3IGV4dHJhIHNwZWxsaW5nIGVycm9ycyBhcyBzbGlkZSAjMTkgZnJvbSB0aGUg aW50ZXJpbSBwcmVzZW50YXRpb248aHR0cHM6Ly9kYXRhdHJhY2tlci5pZXRmLm9yZy9tZWV0aW5n L2ludGVyaW0tMjAyMC1vYXV0aC0xNi9tYXRlcmlhbHMvc2xpZGVzLWludGVyaW0tMjAyMC1vYXV0 aC0xNi1zZXNzYS1kcG9wLTAxLnBkZj4pIGlzIHRoZSBsYXN0IG9mIHRoZW0uDQoNClRvIHN1bW1h cml6ZSwgSSdtIHdvbmRlcmluZyBpZiB0aGVyZSdzIFdHIGludGVyZXN0IGluIHdvcmtpbmcgdG8g Zm9ybWFsaXplIGEgY2xpZW50LXRvLUFTIGF1dGhlbnRpY2F0aW9uIG1lY2hhbmlzbSBiYXNlZCBv biBEUG9QLiBJIHRoaW5rIGl0IHBvdGVudGlhbGx5IHdvdWxkIGJlIHByb2JsZW1hdGljIHRvIHB1 dCBpbnRvIHRoZSBjdXJyZW50IGRvY3VtZW50IChmb3IgYSBudW1iZXIgb2YgcmVhc29ucykgc28g YW0gcHJlZW1wdGl2ZWx5IHJ1bGluZyBvdXQgdGhhdCBvcHRpb24uIFRodXMsIGJhc2ljYWxseSwg SSdtIGFza2luZyB0aGUgV0cgaWYgdGhlcmUgaXMgc29tZS9tdWNoIGludGVyZXN0IGluIHRoZSBp ZGVhPyBJbiB3aGljaCBjYXNlIEknbGwgZmluZCBzb21lIHRpbWUgKGF0IHNvbWUgcG9pbnQpIHRv IHdyaXRlIHVwIGFuIEktRCBmb3IgaXQgYW5kIGJyaW5nIHRoYXQgYmFjayB0byB0aGUgZ3JvdXAg Zm9yIGNvbnNpZGVyYXRpb24uIE9yIGlmIEkgc2hvdWxkLCBhcyB0aGUgc2xpZGUgc2F5cywgInNo dXQgdXAgYW5kIG5ldmVyIHNwZWFrIG9mIHRoaXMgYWdhaW4iPw0KDQpbU2xpZGUxOS5qcGVnXQ0K DQpDT05GSURFTlRJQUxJVFkgTk9USUNFOiBUaGlzIGVtYWlsIG1heSBjb250YWluIGNvbmZpZGVu dGlhbCBhbmQgcHJpdmlsZWdlZCBtYXRlcmlhbCBmb3IgdGhlIHNvbGUgdXNlIG9mIHRoZSBpbnRl bmRlZCByZWNpcGllbnQocykuIEFueSByZXZpZXcsIHVzZSwgZGlzdHJpYnV0aW9uIG9yIGRpc2Ns b3N1cmUgYnkgb3RoZXJzIGlzIHN0cmljdGx5IHByb2hpYml0ZWQuICBJZiB5b3UgaGF2ZSByZWNl aXZlZCB0aGlzIGNvbW11bmljYXRpb24gaW4gZXJyb3IsIHBsZWFzZSBub3RpZnkgdGhlIHNlbmRl ciBpbW1lZGlhdGVseSBieSBlLW1haWwgYW5kIGRlbGV0ZSB0aGUgbWVzc2FnZSBhbmQgYW55IGZp bGUgYXR0YWNobWVudHMgZnJvbSB5b3VyIGNvbXB1dGVyLiBUaGFuayB5b3UuDQo= --_000_TY1PR01MB1466B7B9186A75EFA9315FFCE5F10TY1PR01MB1466jpnp_ Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: base64 PGh0bWwgeG1sbnM6dj0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTp2bWwiIHhtbG5zOm89InVy bjpzY2hlbWFzLW1pY3Jvc29mdC1jb206b2ZmaWNlOm9mZmljZSIgeG1sbnM6dz0idXJuOnNjaGVt YXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6d29yZCIgeG1sbnM6bT0iaHR0cDovL3NjaGVtYXMubWlj cm9zb2Z0LmNvbS9vZmZpY2UvMjAwNC8xMi9vbW1sIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv VFIvUkVDLWh0bWw0MCI+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIg Y29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjxtZXRhIG5hbWU9IkdlbmVyYXRv ciIgY29udGVudD0iTWljcm9zb2Z0IFdvcmQgMTUgKGZpbHRlcmVkIG1lZGl1bSkiPg0KPCEtLVtp ZiAhbXNvXT48c3R5bGU+dlw6KiB7YmVoYXZpb3I6dXJsKCNkZWZhdWx0I1ZNTCk7fQ0Kb1w6KiB7 YmVoYXZpb3I6dXJsKCNkZWZhdWx0I1ZNTCk7fQ0Kd1w6KiB7YmVoYXZpb3I6dXJsKCNkZWZhdWx0 I1ZNTCk7fQ0KLnNoYXBlIHtiZWhhdmlvcjp1cmwoI2RlZmF1bHQjVk1MKTt9DQo8L3N0eWxlPjwh W2VuZGlmXS0tPjxzdHlsZT48IS0tDQovKiBGb250IERlZmluaXRpb25zICovDQpAZm9udC1mYWNl DQoJe2ZvbnQtZmFtaWx5OiLvvK3vvLMg44K044K344OD44KvIjsNCglwYW5vc2UtMToyIDExIDYg OSA3IDIgNSA4IDIgNDt9DQpAZm9udC1mYWNlDQoJe2ZvbnQtZmFtaWx5OiJDYW1icmlhIE1hdGgi Ow0KCXBhbm9zZS0xOjIgNCA1IDMgNSA0IDYgMyAyIDQ7fQ0KQGZvbnQtZmFjZQ0KCXtmb250LWZh bWlseToi77yt77yzIO+8sOOCtOOCt+ODg+OCryI7DQoJcGFub3NlLTE6MiAxMSA2IDAgNyAyIDUg OCAyIDQ7fQ0KQGZvbnQtZmFjZQ0KCXtmb250LWZhbWlseTrjg6HjgqTjg6rjgqo7DQoJcGFub3Nl LTE6MiAxMSA2IDQgMyA1IDQgNCAyIDQ7fQ0KQGZvbnQtZmFjZQ0KCXtmb250LWZhbWlseToiXEDj g6HjgqTjg6rjgqoiO30NCkBmb250LWZhY2UNCgl7Zm9udC1mYW1pbHk6Q2FsaWJyaTsNCglwYW5v c2UtMToyIDE1IDUgMiAyIDIgNCAzIDIgNDt9DQpAZm9udC1mYWNlDQoJe2ZvbnQtZmFtaWx5OiJT ZWdvZSBVSSI7DQoJcGFub3NlLTE6MiAxMSA1IDIgNCAyIDQgMiAyIDM7fQ0KQGZvbnQtZmFjZQ0K CXtmb250LWZhbWlseToiXEDvvK3vvLMg77yw44K044K344OD44KvIjt9DQpAZm9udC1mYWNlDQoJ e2ZvbnQtZmFtaWx5OiJcQO+8re+8syDjgrTjgrfjg4Pjgq8iOw0KCXBhbm9zZS0xOjIgMTEgNiA5 IDcgMiA1IDggMiA0O30NCi8qIFN0eWxlIERlZmluaXRpb25zICovDQpwLk1zb05vcm1hbCwgbGku TXNvTm9ybWFsLCBkaXYuTXNvTm9ybWFsDQoJe21hcmdpbjowbW07DQoJbWFyZ2luLWJvdHRvbTou MDAwMXB0Ow0KCWZvbnQtc2l6ZToxMi4wcHQ7DQoJZm9udC1mYW1pbHk6Iu+8re+8syDvvLDjgrTj grfjg4Pjgq8iO30NCmE6bGluaywgc3Bhbi5Nc29IeXBlcmxpbmsNCgl7bXNvLXN0eWxlLXByaW9y aXR5Ojk5Ow0KCWNvbG9yOmJsdWU7DQoJdGV4dC1kZWNvcmF0aW9uOnVuZGVybGluZTt9DQphOnZp c2l0ZWQsIHNwYW4uTXNvSHlwZXJsaW5rRm9sbG93ZWQNCgl7bXNvLXN0eWxlLXByaW9yaXR5Ojk5 Ow0KCWNvbG9yOnB1cnBsZTsNCgl0ZXh0LWRlY29yYXRpb246dW5kZXJsaW5lO30NCnAubXNvbm9y bWFsMCwgbGkubXNvbm9ybWFsMCwgZGl2Lm1zb25vcm1hbDANCgl7bXNvLXN0eWxlLW5hbWU6bXNv bm9ybWFsOw0KCW1zby1tYXJnaW4tdG9wLWFsdDphdXRvOw0KCW1hcmdpbi1yaWdodDowbW07DQoJ bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG87DQoJbWFyZ2luLWxlZnQ6MG1tOw0KCWZvbnQtc2l6 ZToxMi4wcHQ7DQoJZm9udC1mYW1pbHk6Iu+8re+8syDvvLDjgrTjgrfjg4Pjgq8iO30NCnNwYW4u MTgNCgl7bXNvLXN0eWxlLXR5cGU6cGVyc29uYWwtcmVwbHk7DQoJZm9udC1mYW1pbHk6Iu+8re+8 syDjgrTjgrfjg4Pjgq8iOw0KCWNvbG9yOiMxRjQ5N0Q7fQ0KLk1zb0NocERlZmF1bHQNCgl7bXNv LXN0eWxlLXR5cGU6ZXhwb3J0LW9ubHk7DQoJZm9udC1mYW1pbHk65ri444K044K344OD44KvO30N CkBwYWdlIFdvcmRTZWN0aW9uMQ0KCXtzaXplOjYxMi4wcHQgNzkyLjBwdDsNCgltYXJnaW46OTku MjVwdCAzMC4wbW0gMzAuMG1tIDMwLjBtbTt9DQpkaXYuV29yZFNlY3Rpb24xDQoJe3BhZ2U6V29y ZFNlY3Rpb24xO30NCi0tPjwvc3R5bGU+PCEtLVtpZiBndGUgbXNvIDldPjx4bWw+DQo8bzpzaGFw ZWRlZmF1bHRzIHY6ZXh0PSJlZGl0IiBzcGlkbWF4PSIxMDI2Ij4NCjx2OnRleHRib3ggaW5zZXQ9 IjUuODVwdCwuN3B0LDUuODVwdCwuN3B0IiAvPg0KPC9vOnNoYXBlZGVmYXVsdHM+PC94bWw+PCFb ZW5kaWZdLS0+PCEtLVtpZiBndGUgbXNvIDldPjx4bWw+DQo8bzpzaGFwZWxheW91dCB2OmV4dD0i ZWRpdCI+DQo8bzppZG1hcCB2OmV4dD0iZWRpdCIgZGF0YT0iMSIgLz4NCjwvbzpzaGFwZWxheW91 dD48L3htbD48IVtlbmRpZl0tLT4NCjwvaGVhZD4NCjxib2R5IGxhbmc9IkpBIiBsaW5rPSJibHVl IiB2bGluaz0icHVycGxlIj4NCjxkaXYgY2xhc3M9IldvcmRTZWN0aW9uMSI+DQo8cCBjbGFzcz0i TXNvTm9ybWFsIj48c3BhbiBsYW5nPSJFTi1VUyIgc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7Zm9u dC1mYW1pbHk6JnF1b3Q777yt77yzIOOCtOOCt+ODg+OCryZxdW90Oztjb2xvcjojMUY0OTdEIj5I aSBCcmlhbiwgZXZlcnlvbmU8bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9y bWFsIj48c3BhbiBsYW5nPSJFTi1VUyIgc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1p bHk6JnF1b3Q777yt77yzIOOCtOOCt+ODg+OCryZxdW90Oztjb2xvcjojMUY0OTdEIj48bzpwPiZu YnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBsYW5nPSJF Ti1VUyIgc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q777yt77yzIOOC tOOCt+ODg+OCryZxdW90Oztjb2xvcjojMUY0OTdEIj5JJ20gaW50ZXJlc3RlZCBpbiBhIGNsaWVu dCBhdXRoZW50aWNhdGlvbiBtZXRob2QgYmFzZWQgb24gRFBvUC4gSXQnZCBiZSBhIGdvb2Q8bzpw PjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBsYW5nPSJFTi1V UyIgc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q777yt77yzIOOCtOOC t+ODg+OCryZxdW90Oztjb2xvcjojMUY0OTdEIj5vcHRpb24gZm9yIGFwcGxpY2F0aW9uLWxheWVy IGNsaWVudCBhdXRoZW50aWNhdGlvbiB3aXRoIGFzeW1tZXRyaWMga2V5cy48bzpwPjwvbzpwPjwv c3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBsYW5nPSJFTi1VUyIgc3R5bGU9 ImZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q777yt77yzIOOCtOOCt+ODg+OCryZx dW90Oztjb2xvcjojMUY0OTdEIj48bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFz cz0iTXNvTm9ybWFsIj48c3BhbiBsYW5nPSJFTi1VUyIgc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7 Zm9udC1mYW1pbHk6JnF1b3Q777yt77yzIOOCtOOCt+ODg+OCryZxdW90Oztjb2xvcjojMUY0OTdE Ij5Ib3dldmVyLCBJIGRvbid0IHRoaW5rIHRoZSBEUG9QIGRyYWZ0IHNob3VsZCBpbmNsdWRlIERQ b1AgYXMgYSBjbGllbnQ8bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFs Ij48c3BhbiBsYW5nPSJFTi1VUyIgc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6 JnF1b3Q777yt77yzIOOCtOOCt+ODg+OCryZxdW90Oztjb2xvcjojMUY0OTdEIj5hdXRoZW50aWNh dGlvbiBtZXRob2QuIEl0IHNob3VsZCBiZSBhIGRpZmZlcmVudCBkb2N1bWVudC4gSW4gYWRkaXRp b24sIEknbSBub3Q8bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48 c3BhbiBsYW5nPSJFTi1VUyIgc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6JnF1 b3Q777yt77yzIOOCtOOCt+ODg+OCryZxdW90Oztjb2xvcjojMUY0OTdEIj5zdXJlIHdlIGNhbiAo b3Igc2hvdWxkKSB1c2UgZXhhY3RseSB0aGUgc2FtZSBEUG9QIFByb29mIEpXVCBzdHJ1Y3R1cmUg Zm9yIGNsaWVudDxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxz cGFuIGxhbmc9IkVOLVVTIiBzdHlsZT0iZm9udC1zaXplOjExLjBwdDtmb250LWZhbWlseTomcXVv dDvvvK3vvLMg44K044K344OD44KvJnF1b3Q7O2NvbG9yOiMxRjQ5N0QiPmF1dGhlbnRpY2F0aW9u LjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIGxhbmc9 IkVOLVVTIiBzdHlsZT0iZm9udC1zaXplOjExLjBwdDtmb250LWZhbWlseTomcXVvdDvvvK3vvLMg 44K044K344OD44KvJnF1b3Q7O2NvbG9yOiMxRjQ5N0QiPjxvOnA+Jm5ic3A7PC9vOnA+PC9zcGFu PjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIGxhbmc9IkVOLVVTIiBzdHlsZT0iZm9u dC1zaXplOjExLjBwdDtmb250LWZhbWlseTomcXVvdDvvvK3vvLMg44K044K344OD44KvJnF1b3Q7 O2NvbG9yOiMxRjQ5N0QiPjxvOnA+Jm5ic3A7PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJN c29Ob3JtYWwiPjxzcGFuIGxhbmc9IkVOLVVTIiBzdHlsZT0iZm9udC1zaXplOjExLjBwdDtmb250 LWZhbWlseTomcXVvdDvvvK3vvLMg44K044K344OD44KvJnF1b3Q7O2NvbG9yOiMxRjQ5N0QiPlRv c2hpbyBJdG88bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3Bh biBsYW5nPSJFTi1VUyIgc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7 77yt77yzIOOCtOOCt+ODg+OCryZxdW90Oztjb2xvcjojMUY0OTdEIj48bzpwPiZuYnNwOzwvbzpw Pjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48Yj48c3BhbiBsYW5nPSJFTi1VUyIg c3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90Oyxz YW5zLXNlcmlmIj5Gcm9tOjwvc3Bhbj48L2I+PHNwYW4gbGFuZz0iRU4tVVMiIHN0eWxlPSJmb250 LXNpemU6MTEuMHB0O2ZvbnQtZmFtaWx5OiZxdW90O0NhbGlicmkmcXVvdDssc2Fucy1zZXJpZiI+ IE9BdXRoICZsdDtvYXV0aC1ib3VuY2VzQGlldGYub3JnJmd0Ow0KPGI+T24gQmVoYWxmIE9mIDwv Yj5CcmlhbiBDYW1wYmVsbDxicj4NCjxiPlNlbnQ6PC9iPiBUaHVyc2RheSwgRGVjZW1iZXIgMywg MjAyMCA3OjI5IEFNPGJyPg0KPGI+VG86PC9iPiBvYXV0aCAmbHQ7b2F1dGhAaWV0Zi5vcmcmZ3Q7 PGJyPg0KPGI+U3ViamVjdDo8L2I+IFtPQVVUSC1XR10gRFBvUCBmb2xsb3d1cCBJSUk6IGNsaWVu dCBhdXRoPG86cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4g bGFuZz0iRU4tVVMiPjxvOnA+Jm5ic3A7PC9vOnA+PC9zcGFuPjwvcD4NCjxkaXY+DQo8ZGl2Pg0K PHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gbGFuZz0iRU4tVVMiPlRoZXJlIHdlcmUgYSBmZXcg aXRlbXMgZGlzY3Vzc2VkIHNvbWV3aGF0IGR1cmluZyB0aGUNCjxhIGhyZWY9Imh0dHBzOi8vZGF0 YXRyYWNrZXIuaWV0Zi5vcmcvbWVldGluZy9pbnRlcmltLTIwMjAtb2F1dGgtMTYvc2Vzc2lvbi9v YXV0aCIgdGFyZ2V0PSJfYmxhbmsiPg0KcmVjZW50IGludGVyaW08L2E+IHRoYXQgSSBjb21taXR0 ZWQgdG8gYnJpbmdpbmcgYmFjayB0byB0aGUgbGlzdC4gVGhlIHNsaWRlIGJlbG93IChhbHNvIGF2 YWlsYWJsZSB3aXRoIGEgZmV3IGV4dHJhIHNwZWxsaW5nIGVycm9ycyBhcyBzbGlkZSAjMTkgZnJv bQ0KPGEgaHJlZj0iaHR0cHM6Ly9kYXRhdHJhY2tlci5pZXRmLm9yZy9tZWV0aW5nL2ludGVyaW0t MjAyMC1vYXV0aC0xNi9tYXRlcmlhbHMvc2xpZGVzLWludGVyaW0tMjAyMC1vYXV0aC0xNi1zZXNz YS1kcG9wLTAxLnBkZiIgdGFyZ2V0PSJfYmxhbmsiPg0KdGhlIGludGVyaW0gcHJlc2VudGF0aW9u PC9hPikgaXMgdGhlIGxhc3Qgb2YgdGhlbS48bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8L2Rpdj4N CjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBsYW5nPSJFTi1VUyI+PG86cD4mbmJz cDs8L286cD48L3NwYW4+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+ PHNwYW4gbGFuZz0iRU4tVVMiPlRvIHN1bW1hcml6ZSwgSSdtIHdvbmRlcmluZyBpZiB0aGVyZSdz IFdHIGludGVyZXN0IGluIHdvcmtpbmcgdG8gZm9ybWFsaXplIGEgY2xpZW50LXRvLUFTIGF1dGhl bnRpY2F0aW9uIG1lY2hhbmlzbSBiYXNlZCBvbiBEUG9QLiBJIHRoaW5rIGl0IHBvdGVudGlhbGx5 IHdvdWxkIGJlIHByb2JsZW1hdGljIHRvIHB1dCBpbnRvIHRoZSBjdXJyZW50IGRvY3VtZW50IChm b3IgYSBudW1iZXINCiBvZiByZWFzb25zKSBzbyBhbSBwcmVlbXB0aXZlbHkgcnVsaW5nIG91dCB0 aGF0IG9wdGlvbi4gVGh1cywgYmFzaWNhbGx5LCBJJ20gYXNraW5nIHRoZSBXRyBpZiB0aGVyZSBp cyBzb21lL211Y2ggaW50ZXJlc3QgaW4gdGhlIGlkZWE/IEluIHdoaWNoIGNhc2UgSSdsbCBmaW5k IHNvbWUgdGltZSAoYXQgc29tZSBwb2ludCkgdG8gd3JpdGUgdXAgYW4gSS1EIGZvciBpdCBhbmQg YnJpbmcgdGhhdCBiYWNrIHRvIHRoZSBncm91cCBmb3IgY29uc2lkZXJhdGlvbi4NCiBPciBpZiBJ IHNob3VsZCwgYXMgdGhlIHNsaWRlIHNheXMsICZxdW90O3NodXQgdXAgYW5kIG5ldmVyIHNwZWFr IG9mIHRoaXMgYWdhaW4mcXVvdDs/PG86cD48L286cD48L3NwYW4+PC9wPg0KPC9kaXY+DQo8ZGl2 Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gbGFuZz0iRU4tVVMiPjxvOnA+Jm5ic3A7PC9v OnA+PC9zcGFuPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxl PSJtYXJnaW4tYm90dG9tOjEyLjBwdCI+PHNwYW4gbGFuZz0iRU4tVVMiPjxpbWcgYm9yZGVyPSIw IiB3aWR0aD0iOTkwIiBoZWlnaHQ9IjU1NiIgc3R5bGU9IndpZHRoOjEwLjMxMjVpbjtoZWlnaHQ6 NS43OTE2aW4iIGlkPSJfeDAwMDBfaTEwMjUiIHNyYz0iY2lkOmltYWdlMDAxLmpwZ0AwMUQ2Q0Ey Ny5ERjRFOEE1MCIgYWx0PSJTbGlkZTE5LmpwZWciPjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjwv ZGl2Pg0KPC9kaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBsYW5nPSJFTi1VUyI+PGJy Pg0KPC9zcGFuPjxiPjxpPjxzcGFuIGxhbmc9IkVOLVVTIiBzdHlsZT0iZm9udC1zaXplOjEwLjBw dDtmb250LWZhbWlseTomcXVvdDtTZWdvZSBVSSZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOiM1NTU1 NTU7Ym9yZGVyOm5vbmUgd2luZG93dGV4dCAxLjBwdDtwYWRkaW5nOjBtbSI+Q09ORklERU5USUFM SVRZIE5PVElDRTogVGhpcyBlbWFpbCBtYXkgY29udGFpbiBjb25maWRlbnRpYWwgYW5kIHByaXZp bGVnZWQgbWF0ZXJpYWwgZm9yIHRoZSBzb2xlIHVzZSBvZiB0aGUgaW50ZW5kZWQNCiByZWNpcGll bnQocykuIEFueSByZXZpZXcsIHVzZSwgZGlzdHJpYnV0aW9uIG9yIGRpc2Nsb3N1cmUgYnkgb3Ro ZXJzIGlzIHN0cmljdGx5IHByb2hpYml0ZWQuJm5ic3A7IElmIHlvdSBoYXZlIHJlY2VpdmVkIHRo aXMgY29tbXVuaWNhdGlvbiBpbiBlcnJvciwgcGxlYXNlIG5vdGlmeSB0aGUgc2VuZGVyIGltbWVk aWF0ZWx5IGJ5IGUtbWFpbCBhbmQgZGVsZXRlIHRoZSBtZXNzYWdlIGFuZCBhbnkgZmlsZSBhdHRh Y2htZW50cyBmcm9tIHlvdXIgY29tcHV0ZXIuDQogVGhhbmsgeW91Ljwvc3Bhbj48L2k+PC9iPjxz cGFuIGxhbmc9IkVOLVVTIj48bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8L2Rpdj4NCjwvYm9keT4N CjwvaHRtbD4NCg== --_000_TY1PR01MB1466B7B9186A75EFA9315FFCE5F10TY1PR01MB1466jpnp_-- --_004_TY1PR01MB1466B7B9186A75EFA9315FFCE5F10TY1PR01MB1466jpnp_ Content-Type: image/jpeg; name="image001.jpg" Content-Description: image001.jpg Content-Disposition: inline; filename="image001.jpg"; size=124544; creation-date="Fri, 04 Dec 2020 01:26:07 GMT"; modification-date="Fri, 04 Dec 2020 01:26:07 GMT" Content-ID: Content-Transfer-Encoding: base64 /9j/4AAQSkZJRgABAQAAZABkAAD/4QCARXhpZgAATU0AKgAAAAgABAEaAAUAAAABAAAAPgEbAAUA AAABAAAARgEoAAMAAAABAAIAAIdpAAQAAAABAAAATgAAAAAAAABkAAAAAQAAAGQAAAABAAOgAQAD AAAAAQABAACgAgAEAAAAAQAAA+igAwAEAAAAAQAAAjMAAAAA/+0AOFBob3Rvc2hvcCAzLjAAOEJJ TQQEAAAAAAAAOEJJTQQlAAAAAAAQ1B2M2Y8AsgTpgAmY7PhCfv/AABEIAjMD6AMBIgACEQEDEQH/ xAAfAAABBQEBAQEBAQAAAAAAAAAAAQIDBAUGBwgJCgv/xAC1EAACAQMDAgQDBQUEBAAAAX0BAgMA BBEFEiExQQYTUWEHInEUMoGRoQgjQrHBFVLR8CQzYnKCCQoWFxgZGiUmJygpKjQ1Njc4OTpDREVG R0hJSlNUVVZXWFlaY2RlZmdoaWpzdHV2d3h5eoOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0 tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4eLj5OXm5+jp6vHy8/T19vf4+fr/xAAfAQADAQEBAQEB AQEBAAAAAAAAAQIDBAUGBwgJCgv/xAC1EQACAQIEBAMEBwUEBAABAncAAQIDEQQFITEGEkFRB2Fx EyIygQgUQpGhscEJIzNS8BVictEKFiQ04SXxFxgZGiYnKCkqNTY3ODk6Q0RFRkdISUpTVFVWV1hZ WmNkZWZnaGlqc3R1dnd4eXqCg4SFhoeIiYqSk5SVlpeYmZqio6Slpqeoqaqys7S1tre4ubrCw8TF xsfIycrS09TV1tfY2dri4+Tl5ufo6ery8/T19vf4+fr/2wBDAAICAgICAgMCAgMFAwMDBQYFBQUF BggGBgYGBggKCAgICAgICgoKCgoKCgoMDAwMDAwODg4ODg8PDw8PDw8PDw//2wBDAQICAgQEBAcE BAcQCwkLEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBD/ 3QAEAD//2gAMAwEAAhEDEQA/AP38ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACvB/2Wbu6v /wBmP4Q319M9zc3Pg/QJJZZGLvI76fAWZmOSWJOSTyTXvFeAfsnf8ms/Bv8A7Ezw9/6boKAPf6KK KACiiigAooooAKKKKACiq91dW9jbSXd3IsUMKlndjgKB1JNRadqVhq9lFqOmTpc2043JIhyrD6ig C7RRWU+uaRHqyaE93Gt/IhkWEsN5UdSBQBq0UVS1DUbHSbKXUNSnS3toF3PI5wqgepNAF2iq9pd2 1/bR3lnIs0MyhkdTkEHoQasUAFFFFABRRRQAUUUUAFFFFAH/0P38ooooAKKKKACiiigAooooAKKK KACiiigAooooAKK/DDxr/wAFc/Gvhbxjr3hmD4d6fPFpF/dWayNfShnW3laMMQI8AkLk1hWv/BZP xekytffDGxliyMrHqUsbEd8MYHA/KvrI8EZk1zKn+K/zPSWU17Xt+KP3sor4r/ZY/bk+Ff7UbTaF pUM3hzxZaRGaXSbx1cyRrjdJbTLgTKuRuyqOOpTbzX2pXzuMwVXD1HSrRtJHDVpShLlkrMKKKK5T MKKKKACiiigAooooAKKK+W/2jv2v/g3+zLYKnjjUGvNfuYfOtNGsgJLyZSSquwJCxRlgRvkIBwdo YgiujDYWpWmqdKLcn0RdOnKb5Yq7PqSiuBtvG/274XRfEi3tNn2jRl1ZLdnzjfb+eIy4HbOCce+K /O79j/8A4KG+J/2mfi9/wrTV/B1nocH9n3N79ogupJn3QFAF2sijB3dc114fKK9WnUqwjpDfVaGs MNOUZSS0W5+p9FFFeYc4UUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUV8U/ts/tWax+yj4P8O+JdG8 PweIJdcv3tGjuJ2gWNUiMm4FFYkkjFeg/smfHfUf2j/gxp/xS1XSYtFuL25urc20MjSoot5CgIZg p5xnpXoyyqusMsW17jdr36+nyN3h5qn7XofStFFfG37av7UWr/sqfD/RPGWjaDBr82ramLBoriZo VRTBJLvBRWJOUAx71z4PB1MRVjRpK8nsRSpSnJRjuz7Jor5e/ZC/aB1P9pf4Px/E3VtHh0O4e+ub T7PBK0yYg24bcwU5O7pivqGlisNOjUlSqLVOzFUpuEnGW6CiiiucgKKKKACiiigAooooAKKKKACi vy4/bH/4KDeJv2YPizb/AA30fwfaa7BNplvfm4nupIXDTySoU2qjDAEY5z3r9I/BuuyeKPCGh+Jp ohBJq9jbXbRqchDcRLIVBPUDdjNejisqr0aUK9RWjPbU3qYacIqclozpKKKK84wCiiigAooooAKK KKACiiigAooooAKKKKACiiigAor8uP2m/wDgp78P/gv4mvvh/wDDvRj418QaY7wXk5n+z6fazocN HvCu8zoRh1UKoPG/cCB8Y2n/AAWI+MqXokvvA+gTWm4Zjja6jkK9wJDK4B99n4V9RhODswrU1UjT sntdpHoUsrrSXMkf0K0V8Pfsqft3/C39p+VvDdvbyeF/GMUZlbSrqRZROijLtazgKJQg5YFEcDJ2 lQWr7hrwcbgauHqOlWjaSOOrRlCXLNWYUV+e/wC23+3Ef2UdR8M+HdC0K38R6zrkU91PDPO0At7W Ngkb/KrEmV94H+43tWj+xJ+2qv7WEXifTtZ0WDw7rnh4wSrbwztMs9pPlfMBdVOUdcN2G5fWu55D ivqv1zl9zvp3ttvubfU6ns/a20PveiiivHOUKKKKACivjnxT+2/8GNG+NPh/4CeHbl/E3ijWNTj0 y6+xEfZdPkZtriaY8NIhGDHHuIIIcoRiut/a2+Peo/s2/Bq8+KGlaRFrdxbXdrbC2mlaFCLh9pYs oY8fSvQjlWIc6dNws57X0ubrDTvGNt9j6Zor4t/Yn/ao1j9q3wV4g8VazoEHh+XRdQWyWO3maZZF aJZNxLqpBy2MV9pVjjcHUw9WVGqrSW5FWlKEnGW6CiiiuUzCiiigAooooAKKKKACvAP2Tv8Ak1n4 N/8AYmeHv/TdBXv9eAfsnf8AJrPwb/7Ezw9/6boKAPf6KKKACiiigAor598Q/tNfBqyXUNM8L+MN G8S+IbFnifTNP1G3urmKWMlWE8ULs8YRhhtwBB46180+Gfjd4u0bxhP4l1GZr2C/YC5tycIUHQIO ilB90j8eM0WA/RikYhVLHoOawNF8UaH4g0KPxJpt0rWDoXZ2IXy9oywf+6V75/lXxT8X/jZfeJ7/ APsfwrO9tpdpIG81CUeeRDkN6hQRlR+J7YAIPjN8Y7jxhdSeH9BdodGhbDNyrXDDuR1C+g/Osb4R fFu98A340/UC1xotw37yPqYif40/qO/1rwe5u5obiS6vJC8UzF2duqsTkk+38q4e/wBZuPFl0+ge FbgC0j4vL+JgyoD/AMsoWGQZCOpH3R70AfrH8Rfi9onhDwzb6rpci39zqiFrIKcowwMux9FyMjrn ivgG58Va/da+fE815J/aRk8wSg4II6Y9APT0rnfOv4NBtPD1pO4srA7oImJZQSoU9eeQOfz61FZN Lqkxs7IpHNGpkneU4jtYl+9LKeyDsOrngc5I5cdjqWGoyr15csY6tv8Ar/hzSlSlOShBXbPvfwL+ 0P4d1XSY4fExkt9TtgPtJijZ41iwf9IcrnamRg98ngEBiPnr4t/F+7+IF4bHS2MOhwHMSg8zHtI+ P0HavG11Ge3EcPhy5msbWB/NSbhZ7qbG3zpxjBUjhYiCgT5SMHAjmWGaC41WwiW3+zjzL6zTO2AE 4NzBnJMBP3l5MRODkEM3yeH4mxMKkamPo+zo1HaD6xeyVRbR5unRP3Za2O+eCg01SleS38/Tvb/g o97+D3xnfwPKNG8RzbtCckmRj/x7HqW/3O5HbrX2x4Y8Z6F4tSc6TI4e3blJUMchQ/ckCtzsccqe vYgHIH5YRqLBYNRvoRJeShZbKzlHyov8N1cqe2eYojyT8zdtvVeDviBrng/Vo9Rub+aeIuXaeTMk kDucu2By0Ln/AFkY6feQBshprcUYic3XwdHnw8NJSXxS7umvtKPX+bVRu1qRwMElGpK03sui9e1/ w6n6oUV51oPxL8Pap4an8QX08dmLGNXuVLBgoYZVkI++knVGH3unWvjrxn8dPFGt+KoNY0KZ7Cw0 1ybaH++OhaUdyw4x0A4Hcn7DB4uliKUa9CXNGSumtmjz6lOUJOMlZo/Qqivnzw9+038GrxNP03xV 4w0bwz4gvmSJNN1HUbe1uZZXIVfIjmkV5A7HC7QTnjr1+g66CAooooAKKKKAP//R/fyiiigAoooo AKKKKACiiigAooooAKKKKACiiigD+Tn4UaVpeuft4aTpGtWcOoWF343mjmt7iNZYZUa9fKujgqwP cEYr+kTxZ+yj+zZ410e40TXPhroAhuVKmS10+CzuEz3juLdY5UPurCv5y/gp/wApANB/7HqT/wBL Xr+rav0fjrE1KdWg6cmvd6O3U93N6koyhyvofyN+OtG139jL9rW6sfD948tx4C1iC5tJTw89nIqT xpJjAPm20gSQDg5YdK/p5+NXx9+HvwI+GM3xU8bXTjTMRi1hhAa4vJphuihhRioLsMk5ICqCxIAN fzbf8FDtXtfE37ZXj99HP2gRTWFkNnzFprayt4ZF47iRWXHqK+qv+Csuoa7pc/wh+H93IwstL0WW Zlz8r3WY4HJx1KrGMem446nPsZplqx88Aqz1lFuXdpJP8/zOnEUPbOjzbta/cin4j/4K+fHHUtYl l8DeCdDsNKiJcQ3i3V9cCNepeWKa3XHqRGMetfY/7Jv/AAUx8OfHDxXZ/DT4m6NH4W8S6rJ5Wn3F tIz2F1IRkQnzPnhlY8ICWVz8u4MVDe2/8E8/hv4Q8D/steD9U0CziW/8UWv9oaldBVMtxNK74V3x krEuEVegAPckn8QP+ChfgXw58Jf2sNZh+Hsa6PBdRWWrJDafultLqZdz+UExsy6+YAPuluMDAHFh sJluOr1cBTocjje0r9nbX/g3MqdOhWnKjGFrbM/oh/aR/aM8Dfsy/DyTx740El080otrGxtyvn3d yylgiluFUBSXc5CjsWKqfxum/wCCtX7Rd9cz69ovgHRB4dtG2zBoL2cx7j8oe6WZEVvTMYz6dMc1 /wAFVvGuteJvGHwptNSjkgjfwnBqpibhUudRlYTLjpuHkqD+FbvwU/bU+I3wz+CWifCfQP2fH1rw +lj5U02y6MWpfaVzNPIotWVxPuJPLDBABwBSyjh6lTwUK8qKqTk9bySSWu1ww2CjGkpuPM352P1F /Y9/bQ8H/tW6Le2kVi2g+LdEjSS/05n8yNo3O0T28nBePdgMCoZCQDkFWb5K/aP/AOCoGteDPibq Hwn+AnhO38SajpF29jPeXonmSe7jOySG2trdo5G2OCu8v8xB2rjDH4a/4J+6D8R/Bf7X/hTV7jwr q+i6NqbahaXIktLlIUgntZWjR5HQAqsqxnLd1B61S/aJ/Z4/aN/ZY+Pmr/FjwFY6gdMTUrrU9K1/ ToWuY4IrpnPl3B2uEdUcxuJRtfkjKmtaXDmAp5hOm7NON4xb0vdq1/K3no+tio4GjGu4+V0j6Bsv +CrH7SHgTxDBYfGX4badFbn5pLYW17pN6UPdGuZJl47Zj59e9ft18K/iZ4V+Mfw+0T4l+C5mn0fX YPOh3gLIhDFJI5FBIDxurIwBI3A4JHNfziwf8FDvEHjiXRrb9pX4d+HfirY6LI0kElzb/ZLuMyAL IQyboCGCjKmDBIGegx+/v7M3xG+EvxS+EGk+LPgtpcGheHJWli/s6G2itPsdwjfvYnhh/dqwJ3ZX IYENnmvH4tymNGlCaw/I72bTvF/r+C+Zy5lhlCKfJZ+Wx77X8hv7XPx48QftCfGO88XeItOtdMn0 mI6RHHa7yjQ2k8xV28xmO87znGB0wK/ryr+bD/graAP2n9NwMf8AFNWP/pTdUeHlWCxkoON21o+1 t/vDJJL2rVtT7e/Yu/ay8YftA/C3x/4D8R6NY6ba+BPC8MFtNaeb5kw+zyw5l8xmGcRA/LjkmvyH /ZC/aB0v9mj4pXnxM1HSptakTSLyztbWJljElzOYzH5jt9yP5TuYKx9FNf01+H1Vf2XNO2gD/ijY f/TcK/nt/wCCZvgvQPGf7V2h/wDCQ2kd7Fodnd6nDHKNyC5gVVhcg8Exs4dfRgD1Fe1k2Kw86OOq OnaGl4p9k76+Z14WpBxrS5bLsfQqf8FcPj5oniZD4u8AaNHpMmyT7GI7y1u/JJzlZ5JXUlh0bycd OOuf28+FPxb8I/F/4XaN8W/Dcxh0TWLVrnNwVRrfyyyzJKQSoaJ0ZXOcZUnOOa/Lj/gsbo+nSfD3 4e+IGt0+3wapc2qzbR5nkywb2Td127owcetcV8LPEepeH/8AgkT4vv7Bn83dfWQ2EgiK91CO3l6d tkzZ9s15eOyzC4vBUMTh6fs5Smo6O+7aOerh6dSlCpCPK27E/wAYv+CtHiOTxhP4W/Z08J2urWcb mGG+1OOeaW7cEgvDa27xsqHHybmLEclV+7XU/s+/8FV7jxJ45tPAP7QXhm28NyX8yWiajYCWOG3u XbYBdQXDu6IScFw52fxLjLL+bH7GHxx8S/ALxXr3jHwh8NX+IGqz2sVqkqCYtYRuzM+DDFLgzbQM nBwhA4Jq7+1P4v8Aif8AtN/EC1+Iknwf1DwrqCWaWlz9mtLqb7UY2YpLITAnzqrBM4J2gDOAAPpZ 8MYPneFdBKFvj5le/pv+nlY7ngKV/Z8mne+p/VrXy7+2D8afHX7PvwVvPip4E0ez1qbSru1S8ivf M8tLS4YxGQeUytuErRjrjBJrvf2ddW1jW/gJ8O9T8RRzxatLoGmi8W5Vlm+0pbokpkD4YMXBJzzX R/FnwBY/FT4Y+KfhxqOBD4j065st7DIjeaMrHJ9Y3w49xX5Lh1CjiUqyvFS181fU+bhaNRc2qTPm b9hz9q7Uf2q/AWu674j0600jXNB1AW01tZlzEbeWJXhl/eMzAswkUjOPkr4T8S/8FZvFmi/GXUfC dr4Z0mbwdYa5JY/bi0/2l9PiufKacYk2b2jBcfLgHHBr4u/Yy+PV7+zH4m+K2k645sLm98OalDDC 52ka3poZrVG9wxlT6nivkmH4b+I7n4W3vxfCZ0S01i30VnwSTcz28tx17BVjGfdh+P6theEcJHFV nVj+7fLy/Pe3z2Po6eWU1UnzLTSx/UZ+2p+07c/su/Cez8baFZWuraxquow2NnbXLP5TBkeWWQ+W VYhUTGQfvMtcR+zb+2Fq3j/9nfxJ+0X8c7LT/Cfh/R7qaKBrMSnzoYFQMwEjsXd5n8qNV5LjHcV+ Kn7Xn7RMnx08F/BHw1ZTm8k8P+Govt4Q5ZtVlf7LMGUclttqjr7Scda+wf2+PCOpfAz9i34LfBKz zBBFcK+phOFkvY7dppc46q088jgeoB5wDXiQ4ZowoUMNVVqtSbu+qir3t8kvvORYCKhCnJe9J/gj F8ff8FfPijqevS2vwh8E6ZZaWGYQnVRPe3kqKchytvLCkZIGSg8zH949a9o/Z0/4Kwad418VWfg7 46aDbeHDqckcFvquns/2OOaRtoFzFMzPHGSR+8DsF/iAXLD0L/gk58OfCOj/AACufiRbWcUniLxB qV1BcXZUGZLe2KpHbq2MqmQZCO5bJzhcfDX/AAVo+HPhHwd8bPD/AIp8NWkVhd+K9Nkn1CKFQiyX EExT7QygAb5FYBj/ABFMnkknqpYXK6+LnlkaHK1dKV9brc0jTw86rw6hbzP2H/bN/aC8Q/s0/Bv/ AIWT4Y0y11a9Oo21kIbwuItk4clv3bK2Rs45r8qtX/4LCfFCXwpbQ6J4N0i38SNPKbiabz5LNLcB PKEcQmWRpCd+5mcKPlwp5Nek/tQ+IdV8Vf8ABLf4Za3rZka9lbRI5HlJZ5PIimhWRieSZFQNk8nO TVr/AIJDfC/whqngvxz8RdZ0q21DU31GLS4ZbiJJTDDFAJZFj3g7fMMw346hQD0rkwGX4LDZfPEY mlzyhNrtfW33dTOjRpU6DnUjdp2PC/2yfjL48+Pv7HHwr+KPxC0e00a+1TxDqCwpZeYIZreCJohM ElZ2Tc6uNpduAGB5wP0U/wCCX80Vv+x9o1xcOsUUWoaozuxCqqrOxJJPAAHU188/8FdNH0jw/wDB j4caLoNjBpun2msTJDbW0SwwxILdvlSNAFUewFUvgHq99on/AASd8Z3+nBvPNpr0OUOGCXExhds/ 7KOT+FaYqMcRlFONNcqlV0Xa7Y6iU8NFRVk5f5nL/Gn/AIK2+JIvGNz4c/Z+8L2N/plvL9niv9VS aaS8cNt3w28EkW1GP3NzMzDkqpO0fJn7V/7bPiH9pH4V6T8O/iF4S/4RrxXoOspfO1uHS2kg+zSx kGKcmWKQM4IBLgrk5BGD69/wSG8GeHNd+MvivxVq9rHdah4d0qM2BkAbyZLqXZJKgPRwi7A3YMR3 r3r/AILFeDPDv/CK+AfiAlvHFrgvp9NeZQBJNbPEZQrkcsI3T5c/d3tjqa9OhDAYXM6eBp0feX2r 63tf56f8MdEFRp4iNGMNe59Cf8Ep/wDk1C3/AOw1qP8A7Tr9Ja/Nr/glP/yahb/9hrUf/adfpLX5 1xJ/v9f/ABM8PH/xp+p+Sf7Y3/BQv4ifs3fGmb4ZeGfDOlapYxWNrdefeGfzS04YsP3bquBjjivn /wCJf/BW34pXWs3t78GfBNhD4TsZhELzV4bm5ml5+Uv5EsMcJcdEJc/7VfPn/BVT/k7K8/7A+nf+ gvX7q6T8LfBuhfslj4YWWlwJog8KvC9vsBV3ktC8kjZzl3kJkLHncd3WvsKtHL8JhMLWqUOaU1rq /K79ex6koUadOnKULtnhv7Ef7ddp+1PNqng/xNo8WgeMNIt/thjtnL2t3a7wjSRByXRo2ZQ6MW+8 CGPIXh/2wv8AgpBo/wCz/wCKp/hj8OdGi8S+K7DYb+W6dlsbMugdYsRkPLLggsAVCZxktkL+bn/B KWR0/atiVTgPoeohvcZiP8wK+VPBHxC1OH9oyH4o33hZvG+pf2zdaq2kS73a6uC0kwDhFkY+W/7w jac7eeM16K4Swv8AaFX3bwjFNRv1d+vbT+kbLLaftpaaJXsfpD4Q/wCCtfxh8Pa/ZQ/Gn4f2B0m6 ZZHOnxXNjdi3c/6yJbmWVJMdQDtDYxuH3q/bvwR8RPCPxD8B6X8SvDF+k/h/V7QXsNw/7sLFglvM 3fcaMghwfukEHpX89P7Vn7Snxb/ap8D2HhLXPgZe6LeaXeLd22oxQ3k80Q2skkQDW6fJICCwzjKq cZAx6x8Gtd8e+Cf+CYHxk0fXdP1DTLvTb97W2juYpbdlstVazhkCCQKdm6WZmxxyfU15+ccO0qlG nUhTVObkotJpqzdrmOKwMZRjJLld7Wvfc7D4xf8ABWjxHJ4wn8Lfs6eE7XVrONzDDfanHPNLduCQ Xhtbd42VDj5NzFiOSq/drqf2ff8AgqvceJPHNp4B/aC8M23huS/mS0TUbASxw29y7bALqC4d3RCT guHOz+JcZZfzY/Yw+OPiX4BeK9e8Y+EPhq/xA1We1itUlQTFrCN2ZnwYYpcGbaBk4OEIHBNXf2p/ F/xP/ab+IFr8RJPg/qHhXUEs0tLn7NaXU32oxsxSWQmBPnVWCZwTtAGcAAe7PhjB87wroJQt8fMr 39N/08rHW8BSv7Pk0731P6a/i/8AFfwj8Efh3rPxN8cTPFpOjRh3WIBpppHYJHFEpKhnkchVBIHO SQASPxEvv+Ctvx58Q+KJE+Hvw/0l9KiZ5BaSRXl7eGBT1eWGWNQQOpEWAfauk/b98WeJtU/Yi+Al vrsVzFd6mthNqP2gMkv2y004xsJVfDbmd3b5ueM19Rf8En/BnhzR/wBm2XxhY2sf9seINVuxd3OB 5pjtiI4ot3XYoBYL6sT3r5bB5dhcHgJYzEU/aScnFK9lo7fo/wADz6VCnSourOPM72PxW/a7/aJt P2nPiRpfxHh0iTQ7qLRrWwvLZ3EiLcwSzM5icYLRkOCNyqwOQQcbj/VP8JP+SVeDP+wLp3/pNHX8 2f8AwU18GeHfBv7Vus/8I5bx2ket2NnqVxFEAqLczKySttHAMhQSN6sxPU1/SZ8JP+SVeDP+wLp3 /pNHW/GEqcsBhJUVaLTsu2i0LzRxdGm4qyOw1fVtN0DSb3XdZuFtLDToJLm4mc4SKGFS7ux9FUEm vwq+IX/BW34ma14tuNE+Avgexm04SPHayalFc3l7dKp4kEFtJCI9w52fvCO59P258ezeDLfwTrs/ xF+y/wDCLx2U7an9tUNbG0CEyiVWBBXbnIwc9K/B/SP22/g38NPH+rx/sYfAZJdZ1dTai+ke4aS5 ijfcBFp8IdkRiA2FdCcLvUEADyeFMFTqqpKVB1GtrtKK9W3/AJnNl1JS5m4cz/A6v4Yf8Fb/AIgW XjG20H48+DtPt9LadYLqfTI7i1urME4aR4LiSbzNvVkBQ46c8H9345I5Y1liYOjgMrA5BB5BB9K/ kE/ar8YfGXx98WZvF/x18NDwp4n1Kzt3+xCzksT9mXckLGKZmlzhSuXJbCgdAK/rQ8AM7+A/Dbyn LtptmWPqTCma6+MspoUIUa1GCi5Xuk7rpsaZphoQUJRVrnXV+HEf/BWvxV4e+KWr+HfHHg6wPhvS bnUrctYGb7bI1ssq2ygySGMeZKqK7FTtUsQOAK/cev5O/gr4N0P4gftz6X4S8S2qX2l3viy8a4t5 BmOVIJpZijjurbMMOhGQax4Qy/DVoYiWJhdRjf8AO9icsoU5qbqK9kfVupf8FcP2h7TV4dTPgXQr PQrzL20E8N6ZZIs9VufPRXI6bliC/wCzX7Ifsw/tE+Gv2nPhZbfEfw/avpsyTPZ39jI4ka1u4grM m8AblKuro2ASrDIByB8uf8FVNA0q/wD2U59SntY2udG1awktZNo3ReYxhcIeoDK2CBwcD0FfLn/B NzxDqHhj9kT47+IdNL/adGW+vYAhwwlh0wuu3HfKDFdmMwWExeW/WsPS9nJSUd79v8zWrSpVKHtI Rs72PRf2m/8AgqWPh745vvhx8DPD9r4ivdJnktLvUb8yNatdI2xo7eGB0eUK2QXLqGPCgjDHzf4Y f8FavGml+LLbw9+0T4Kt9PsXIS4udMiuLe5tt2Nsj2tw8hdccsFZTjlQSAp/NL9lT4mat8JPi9bf EPRPAx+IOqaZbTtb2YErGCWTan2oeVHKcoGKgleC4OQQK98/a4+MXxV/avm8PahqPwWv/DWqaCJ4 /tcFvdzy3EE20iJ90CfKjKWXOcFmxjJz9O+GMJTnHDOgnG2s+ZJ39P6Xkd/9n0otU3DTvfU/Uv8A bX/bd+In7NWqeDb7wFoOk+IfC3jHTnura+uWnJeWNgWCGJ1UoYpYmU9TuPavpGL9pTTpf2Rv+GnB BFkeHW1Q224+V9vWMobbdnO37UPKz1/Gvy98efDfxH8Rf+CV3hbU/EGn3Vv4k+GV1NcCO7ieO4Fl FdzW7JtkAYRrbSxv6YiGOmK+QLT9o7y/2Ab/APZ/N1nUj4piVYs4I0iRTfHA9ryPnt835+FR4aoV 6MI04+9CpyyfdX3+6xyRwEJwSitVKz9D9Lf2QP8AgpB4y/aB+Nun/Crxx4d0vR4NXtbprWayM/mG 5t4/OCHzXZdpjSTtnIFdn+2/+374l/Zj+I2kfDzwRoena3cXGnLf3rXpl/dGaR0iRfKdcHbGWOc8 Fa/E/wABWviT9mr4s/B/4o6+DBBqK6f4jjwCM6bLdSQyKT3LwxsT7OPx901eMftjf8FEJbONvt2i at4hEOVO6NtG0gYZlPQCS3tyR23P3J59Wvwxg44v2/IvYqDb7XT/AMvyOmeX0lV57e6l+J/SJ8K9 e8UeKfhr4Y8T+NbKHTdd1fTra8u7W33COCW4jEhiG8s2U3bTknkGvFf21fivq3wY/Zo8Z+NvDs7W 2siCKysZU+/FPeyrAJVJ6NGrs6+6ivqcAAAAYAr8/P8Agp5o97qn7IXiS4s1Lrpt7ptzKF/55/aU iJx6AyAn061+a5RCFXHUoyXuuS0+ex4GGSlWins2fkJ/wTp/Zk8OftH/ABW1fVviHEb/AMM+EIIr m7ti7Kbu6unYW8cjKQ3lny5HfDAnaF6Ma/oS1/8AZs/Z/wDEvhqTwhqvw80I6VJG0Yih0+CAxBhg mF4kV4m9GRlYdjX5Ef8ABG7xbpFn4h+Jfgi5mSPUtUt9NvraMnDyRWbTxzY9dhnj468k/T95K+i4 3zDELMJQUmlG1rO3RO/3ndm1aftmr6LY/kg+O3gXXP2Ov2pr7SvBd+6SeFb+31PR7kkl/s8gWeBZ CMbiFPlS9A+G4wcV/V14O8TWnjLwfofjGxGy11ywtr+IHtHcxLKufwav5kf+CmXi3SfFf7WviOPS Jo7iPQ7Wy02V4+R58Me6VSe7I7lG9CpHav13+PXxLvP2cf8AgnxolvJK1r4jufDOkeG7ME4kW8ns khlYHqGiiSWQH+8or1uJcNPF4fBOX8Sdl96X/DnTj6bqQpX+Jn45fGTXNU/bU/bal0rw9cF7HX9X h0XTZV+dYdMtW8s3Cj+75ayXDD/aNM/Zi8Z6v+yL+2Ra6T4rl+zW9jqdx4b1on5YzbTS+SZT/wBM 0kWOcHuFGOtcX+xx8e/BX7N3xYk+J/i/w/c+IZbewntrGO2kjjME9wVV5SXB/wCWW9Bj++ayP2tv jR4M/aB+Mt78VPBmhXHh9NWtbZb2C5kSRnu4FMRlUxgABoljB77gxPWvtfqk3N4Fw/cclr6b/nt+ J6vs3f2NvctY/r3r8e/Hv/BRz4leE/2qbj4CWXhfSJtJh8RWujC6kNx9oMU80cbPxIE3AOSPlxX2 X+w58aP+F4/s3eFvEt7P5+s6TH/ZGpknLG7sgqb2P96WIxyn3evwh+NBC/8ABR2/ZuAPHWnk/wDg VDX5pw1ktOWJxFDExu4J/enueDgMJF1JwqK9kf0Z/tB/ErUvg98FvF3xN0e0hvr3w7YtdRQTlhFI 4YAB9hDY57EV+a3wg/4KR/Ez4ifCz4t+PdT8LaRbXXw902yvbSKE3HlzvdTmFll3SE4AGRtIOa+3 /wBuR1j/AGSvicznAOksPxaRAP1NfmD/AMEbAD4t+J4PI+w6Z/6NnqMmwOHeV1sVVp80oyX3Xjdf MWFpQ+ryqSV2n/kfmDoHxq13w/8AHiP4/W9hbS6vHrkuu/ZX3/ZjNNM0xj4bfsBYgfNnHev16/aS +OGvftEf8E1x8U/Emn22l3+oa5DC0Fpv8kC2vHiUr5hZuQvPPWvhb4aKD/wUkt1I4/4WHe8f9v8A LX7A/wDBUsAfsj6qAMD+1NN/9G19fnmJpPG4OCp+83Fp32V9rfqeni6kfa0ly66a/ofkt+yR+2rq f7M/ww17wR4J8KN4m8W+ItXW6gEu77LHCsCp9yI+bJIWX7g2gDndnivqn4Nf8FbfGM/jiy8O/Hjw vptppF3cC3mvdMSe2lsi7bRJLFcSyh0Q/fAZWC5I3EbW6z/gjr4L0D/hGfH3xCktI5NaN5b6ZHcM MvFbLGJnRD/CHdlLY67Vz0FfGP8AwVK0fTtJ/az1Oewt0gbUtL0+6n2KF8yYo0ZdsdWKoMnvilUo YDF5lWwdSj71ruV9b2Wy6bhKFGrXlSlHXuf08qysoZTkHkEdCKWuT8BSvP4F8OTSnc8mm2bMT3Jh Umusr8dnGzaPl2rOwUUUVIgooooAKKKKACvAP2Tv+TWfg3/2Jnh7/wBN0Fe/14B+yd/yaz8G/wDs TPD3/pugoA9/ooooAKKKKAPw2tv+Cf3xB+EHxu8b/FqG8h8RaDr095d82NrLJCLudpzmK4FwCEzg sqg4GeBxW7qsWj6JYS6lqRsoYIRyTpGlZJPAUAWeSSeAByTX7VkAjB5Br55v/wBmj4dan8Q7Px5f wtNFYlpotObH2Rbk/wDLXZ3x2B4B6ccV4eP4Zy/FVPa4ihGUu7V2dVLHVqa5YSaR8T+APgZ8XNa0 F/Heq6DpS6LcKXg0xbC1s9YEBHE8U9tDGElH3gh6j5ec88/d2smnSpFNKJ4JgxguNuwSqvDBlP3J E6SIfunp8pBr9fgAAABgCvmL4z/By41SC88S+CtLt9TvZv3lzpVwxjgu5lHyTKw5jkB4cj76bgeT z4tfIp5dL6zlFPT7VO9lJd430jNd9pLR9GumGKVZcmIfpLt691+R8PRR26W8WqanD58M+TZ2bHH2 sqf9ZJ3W3Q9T1c/KOvMpQao013Z20VtqYDS3VpbIY4blR964tkJYqw/5aR5J/iBPd+oab4lsLxn8 Y2slrrFwiPOsi7cYGAsYHAjXoirwB6nJPMa9rNvodtFdMZDd+YotEt/+Ph7j+ARdfmz+GOvBIOP+ rWMqf7fOrbFdLN8kV/z7t1i/tStzN+8rWSVfXaa/dKP7v8X5379lt0Nq2WXUpUttOKPI6GQuxxFF Ev3pZW/hRe56k4UAkgVn6yl1dwW9l4au2g0+CdZ7gyxru1R1GA02clI1/wCWKKfl6nJJJ7KTwb8Z m0b+0vFvg2LQdNliiuL5rR9xubvLfPKnVY1XB2D5Vcucc5PP9eldeBy7E42rHF5lDlUH7tO90mvt ya0b/lW0Vr8T0zq1oUounRd77v8ARdvPv6bwQXCzoWHDLwynqD6GuOTX9b1XxHbnwXdnT00ebfNq SqHO8cGCINlWyOJCQRj5evT0z4Z+BJ/jd4k1Pw/pDT2ulWUDx3mpxcIJmGFhRv4m/vEdBnBzVW98 KS+CLqTwtNafYTp58sRgYGB0YeobrnvX1eJw1OtTlSqxUotWaeqafRnBCbi1KLs0czpzatbSTf8A CRXv9o3l1K8jXbKEaUseA4HAIHAxxgcelGs6z/ZggtbWB77Ur5xFaWkQzLPKeigenqegpuvarDYx wWSW7319fuIbW0hG6WeVjgBQOmO57V+gPwU/Z40PwPeQ+PfECNeeKLq2iXExDrZZGWjiHQHPVupP 4U6NGFOCp01aKVklskuiCUm3d7nzdpn7K3xubwrZ3Gsa7pt42ZLg6RPp9pOLUS/MYbea4hk288kH jOema8ZvfDyabNPb6hBaW0tsWWVZNH0pShXqGzZ8Yr9lq8L+KvwB8G/Fie3uNYaWzYOn2r7Odn2q FDny5Pyxkc44ORivn63B2VVJupPDQbbu/dWre7OuOZV0rKb+8/ETXf2OPiR+098Q9I+Jnw8MWn6N 4elgRLo2ltZpPJDKJC0Qt0hDAEfeKk/hX9DHh+zvdP0OwsdRl8+6t4I0lkxjc6qAT+JqTRtG0vw9 pdtoui2yWdjZoI4ooxtVVXoAK0693CYSlQpqjRioxWyWyOWpUlNuUndhRRRXQQFFFFAH/9L9/KKK KACiiigAooooAKKKKACiiigAooooAKKKKAP459Y8d638Lv2lNY+IfhxIX1Tw74mvb23W4UvCZYbt 2UOqspK+oDA+9fXGsf8ABUr9rfxbYTaHoiaRpl1dLsWfTdOke5Xdx+7E0s67vQ7CfTnmv6YKK/Qa /GmGrcrrYRScVZXl/wDantTzWnK3NTvbz/4B/O1+w9+xB8UfiR8VbD42/HDSrzTPD2m3Y1UDVEZL zV74P5qExy/OYjJ+8kkcYk+6u7czL+gX/BSD9lXxJ+0L8PtI8UfDy2F74s8GtO0doCFe9s7jb5sa FiAZEKK6AnkblHzMAf0jorxcVxXiamMhi1ZOOy6W7fPqctTMakqqq9tj+YH4Eft7/Hf9lLwrc/B7 UfDtvqNrpkkhtbTWI57e5095GLvHgFGMZcltjAEEnDAHFO+B/wAA/jV+3l8c5fin8SLa4Xwzf3qT 61qxTyIDDEoC2lnu+82xViXZu8tcM56bv6ZtQ0DQtXlin1XTba9lhIMbzQpIyEcjaWBI/CtUAAAA YAr1avGcI89TDYdQqT3le/3K3z9d7nRLNUrypwtJ9T8n/wDgp9+y14p+LXhLQPib8NNMl1TWPCEc trdWFspeabT5CHVoYxy7QuD8ijJVyQDtxXwN8If+Cmfxb+C3wfh+D8nhq01S/wBChez03ULqSSKS 0iXISOe32kSmHO1fmj+UAMDgk/0tVh3Xhnw3f3y6nfaTaXF4nSaSCN5RjjhyCf1rgy/iWnHDRwuL oqpGLutbWMaOPiqap1I8yWx+QP8AwTlvf2yPiT4gm8c/FDxbrR+HNvbyiFNTCyPqdzMu2PyHnjaX yotxkMiMFLqqDcN4Hy18VPi5+3F+yP8AHy31v4keIta8TaFpt5J9lN1NKNF1e0kDKFKxgQiXyzkr t3xOAQMAE/0fgADA4AqGe3guomt7mNZonGGRwGUj3B4NOnxRD6xOrPDxcJK3LZLT1tvrq+vyQ45g udycFZ9D+Wz9p79qiz/a/fQvDfgz4P2fh/xD9sEpurEjUNVvnKMgt1aK2hcxktuKkOSyqRjBz+3X /BPr4F+K/gH+zxaeHfHERtdc1y+n1i5tS25rX7RHFEkLdg4jiUuB0YkdRmvsnTNA0LRN/wDY2nW1 h5hy32eFItxPrsAzWtWebcSRrYaODw9Pkgnfdyf3snE49TpqlCNl63Cv55P+CvfgTxHafGbw18Rv sUraDqOiQ6eLoIxiW7tri4domYDarGORWUE5YbsD5TX9DdV7q0tb63e0vYUuIJRh45FDow9CpyDX nZDnDwOJVdRvurbbmGDxXsZ89rn5A/sXfte+M/j34C8Z/C3xLo9jY2vgvwaqW09qsvmzmCE27NKX dkG4BSFUDnPOOB8Rf8EoR/xlWP8AsBah/wChQ1/SnpukaVo1v9k0eyhsYM58uCNYkz67VAFaFes+ JqUYYinRo8qqpddtN9tb/I6f7QilOMYWUvM/H7/gsT/ySPwGf+o5L/6SvXQ/sN/DTT/jD/wTy1D4 Y6pIYIfEcusWolHPlStLmKXHfZIFbHfGK/WCiuJcQSWBhg4xs4y5ua/r0t59zL661RVJLZ3ufyuf Cj4mfHX/AIJ1fGHWLLxL4XLC+j+y31hd74re+iicmKe1uVUg7STskUOuGYFc9PXLb9q79tf9rP44 Wo+BdxfeGUdIrZLDTpHk02yhDMzXF7JIhiJ5O6RkBICoqk4B/o41HStM1i3Npq1nDewE58ueNZEz 67WBFO0/TNO0m3FppdrFZwL0jhjWNB9FUAV7NbjChUbrTwsXVatdu6+639dzqlmkH7zprm7/APAK nh2w1LS9A03TNZ1F9X1C0toYbi9kRI3upo0CvMyRhUUyMCxVQFGcAYrYoor4WTu7njs/lc/4KO/C 3/hWX7VPiWa1h8rTvFyx67bYHBa7yLj2z9pSU/Qiv0B8Gfs6/a/+CUmp6QbXGsataT+MVwPmMkEg niK+pksoVT/gWB2r9oqK+yxHGVWdChRUbOm4u99+Xbp/mepPNJOEI2+G3zsfyW/sI/Cz/hbf7UXg vRLmHztO0i4/ti9yMr5On/vlDDuryiOM/wC9X9Bn7cn7ON9+0t8D7nwt4dMa+JdGuF1PSvMIRZZ4 kZGgZyQFEqOygk7Q+0twCR9jUVzZvxXVxOKp4qEeVw2V7/otyMTmMqlSNRK1j+Wj4FftVfH/APYX v9b+HGr+Gs2dzOZ5tI1mKa3aG5AEZmgdcHDqoBOGRwAV9Sy10D9oz/gpB8cU8S3dgUswYbWe8iia PTNH09XJ2Izt87Dc7BNxkkYk8DJX+ofU9F0bW41h1mwt7+NDlVuIklAPsHBq/FFFBEsMCLHGgAVV ACgDoAB0FepLjampSr0sOlVatzX/AEt/XmdDzaN3OMLSfU/Kz/gpP4P0f4f/ALEWg+BPDysumeHd Q0ewtg53P5NtBJEhc8ZYhQWPc81n/wDBH0f8WA8XH/qZ5v8A0itK/WeivBefN4CWCcbty5ua/wCl v1OP65+5dJrre5+PH/BYsH/hVXgE/wDUan/9Jmr0b/gn/wCCNM+JX7As3w91p2isfEh1zT5XTG9E uXeMuueNy5yPcV+oNFN5+/qEMFGNnGXNzX9elvPuH1x+xVJLZ3ufyieGta+Pf/BO349XNxeaSsV6 kctpJFdIxsNW093BDxSKRlSyK6sp3Iw2sPvobv7VHx9+Of7WGhaf8VPFHhv+xPAXhy4GnWn2cP8A ZPtt4pd/3smDNKyw87RiNQAQC2W/qg1HS9N1e2Nlq1pDe27EExzxrIhI6ZVgRVmCCC1hS2tY1hij AVEQBVUDoABwBX0C44p+0jiJ4ZOqtOa/T7tPxsdqzePMpun73c/N/wD4JUD/AIxQt/8AsNaj/OOv 0loor4zMsZ9YxE69rczbseXXq883PufzIf8ABVQH/hrG899H07/0F6/oenB/4UrIO/8Awjx/9JK9 Ror08xz36xQoUOS3s+t99vLTbzN6+M54Qhb4T+ZX/glOP+Mr4P8AsCaj/wC06q/tJ/Bz4s/sVftM N8YvA1hL/wAI8mqNqujaj5TTWiidiz2Vyy42kBniKsys8fzKeeP6dKjliinieCdFkjkBVlYAqwPU EHgg17M+NpPFyxHsvdlHlcW73WvW3n2Op5s/aOfLo1Zo/m2+LX/BSL9of4+DQPBnwl0i58Hailws rLoU891fX04QqI12IreVyWMW1skAknbX66fDr4L/ABd+In7I2p/C/wDaX8QS6n4s8YWdyJnkWHdp vmgfZYi0CIJGhZFkctuO8su4qAa+wdM8O+H9Fd5NG0y1sGl5c28KRFvqUAzWxXl5jn1KcIU8JRVN Rd77u/qc9fGRaUacOW33n8rnwo+Jnx1/4J1fGHWLLxL4XLC+j+y31hd74re+iicmKe1uVUg7STsk UOuGYFc9PXLb9q79tf8Aaz+OFqPgXcX3hlHSK2Sw06R5NNsoQzM1xeySIYieTukZASAqKpOAf6ON R0rTNYtzaatZw3sBOfLnjWRM+u1gRTtP0zTtJtxaaXaxWcC9I4Y1jQfRVAFerW4woVG608LF1WrX buvut/Xc6ZZpB+86a5u//APiL9tH9mrxR8eP2Z7fwVp9++t+NfC32XULS4kEUDald20LQzhwoSND cI7sANqiTaOFzX4n/s4/tnfGT9jOPXvhnc+HY7+zku2ml0vVFltp7K9CiOQqQAy7gqh0YEZUFdpL Fv6mqzLzRNG1G6gvtQsLe5ubU5hlliR3jP8AsMwJX8K8/KuJY0cPLC4mkqkG72vazMMNj1GDp1I3 R/H/APtG618YvG/j/wD4Wp8adNl0vVfG9umo2kckZgX7CrNbw+TE5LpEBEQm7lgN+W3bj/Wl8JRj 4VeDAf8AoC6d/wCk0deg0Vnn3EaxtKnSVPlUL7PS3TS2lhYzHe1jGPLax88ftY/DrxD8WP2dPHfg DwmN+sapp5+yx7gvmywSJOIgTwDJ5eznA+bkgc1/Ol+yd+1Frv7FXjfxUuu+B/7XudUhis7u0upG 06+tJbZ2YKHeGVkBLHzIynzEIcjbz/VpWXc6Hot5exand6fbz3kH+rmeJGkT/dcjI/A0ZNxDDD4e pha9LnhLW17fj8kGFxqhCVOcbp/I/ki/ar8Z/GD4tePbf41fFbw7N4dg8X24OjQvG0cX2C1wiiIu A7qC24uQN5YsPlIA/qd+BninTvG3wZ8D+LNJfzLbU9GsZl9VYwKHU+6sCp9wa9UoozviKOMo06Ma XJybWd1bta3prcMXjlVhGKjawV/LV+y4D/w8N0MY5HijVf5XNf1K0Vz5Nnn1SnWp8l/aK29rb+Tv v5GeFxfsoyVr3Vj88P8AgqN/yaJrn/YR0z/0oFfOn/BJDRrDxF8DvidoGqx+bY6nqYtZ0zjdFNZh HGe2VY1+zVFFHPXDL5YFR3le9/Tpby7jjjLUXRt1vc/lfuNG+OP/AATk/aL/AOEjj0prmztZJ7e1 uZ43+waxpsx+75qYAcqFYqDujkUZBAw3qHjz9u79q79p74haBonwKsb/AMK3FsGSHTdDnkuHuJJm UNLdyFERkTAwXRUjBYk8k1/SPd2dpf272l/AlzBJw0cih0b6q2Qaq6XomjaJEYNFsLewjbkrbxJE pPuEAFe7LjGjUarV8MpVUrXvp91v67o63mkZWlOmnLv/AMA8o8E/D/xXqPwItfhx8btX/wCEn1zV dJmstbu9kaCV7xGWZFESIhWNX8tW2gsFDN8xNfyO6l8M/Eum/Fa4+D0kW7XoNZbQ9mCA10Lj7MMD 0Z+nsa/tMorz8g4rngZVXyX59bbJPXy89tDHB5i6Lk7XufiF/wAFWvgrp3hr4QfCvxL4eg22ngzH hskDn7K9uptt2OgQ27Ae7+4rjv8Agj58LPt/ivxp8ZL6HMWk28ej2TEZBmuiJrgr6MkaRj6SGv3u opR4rqLLngHHf7V+jd2rW/UFmMvYOjb5hXK+OPBugfETwdrXgTxTB9p0nXrSazuUHBMcylSVPOGG cq3YgEciuqor5aE3FqUXqjzk7ao/lQ+Lf7PP7Rn7D/xPTxj4ba9isdMnaTS/Emnxlrd4myAs+Ayx uyZWSGUbW+YDenJ9K1//AIKr/tT694ak8OWo0TSbmeMxHUbKylF6N3G5PMnkiVvQiLjqMGv6ZGVW UqwyDwQehFc9beEPCdldjULPRLGC6B3CWO2iWTPruCg5r7z/AFzo1YxeMwynNddv0f8Al5Hsf2pG SXtaabXU/nT/AGLf2GfiR8a/iDYfFT4xabdaf4MtboahO+pK63OtTb/MCKsvztFI/MsrcMpIUliS vT/8Fa/jGfFXxf0b4P6bNmw8E2onulB4N/qCrJgjofLgEe09i7iv6J6K5lxlOWNji61O6imoxTsl frs7/wBdjP8AtRuqqso3tsj8x/2YP2AvgNH8BvB158V/BNtrPivU7JL++nuHnWRWuyZkhKpIoBij ZYyMdVJrM/az/YF+BqfADxbrHwh8GW+i+KdEtjqVtLbvM7yJaHzJ4dryMG3whwoxndt+lfqXRXkL iTGLEe39o972u7b3tbsc316rz8/M9+5/O3/wSU+MzeFfi5rPwc1ObFh41tjcWak8LqFgrPgdh5kH mbj3MaCvLv8Agod8MPH3wi/ao1b4pW9nNDpHiC8ttW0rUlj3Qi5jSMyRlsFRJHMhOw8ldrYwa/p1 qteWVnqNs9nqEEdzbyDDxyqHRh7q2Qa9mHGKjj5YyNKykrSV9/O9vJdDqWaWrOqo7qzR/OR8Vv21 f2iv2wfhLrnw78MeC4NM0bSrB9U8S31m0jq1rp6m4fc8uEgjZkDCPLO5AVWIJB9V/wCCNn/I2/E4 /wDTjpn/AKNnr93NO0vTNHthZaRaQ2VupyI4I1iQE99qgCr9ZYrimk8JUwdCgoRl5+aeumu3yJqZ jF05UoQsn5n8nvxrl8b/ALNX7a/iDxpc6XtvtJ8U3Ou6el0jrBd2s109xCwI2lkdG2kqeGyM5Br9 AP2g/j74g/aT/wCCcGofEvxNp1tpl+/iSC0eG0EghCQTjYQZGZidrDcc4JzgDpX7X6nomja3GkOs 2Fvfxxncq3ESShW9QHBwavQww20SW9vGsUUYCqiAKqgdAAOAK1xHF1Or7CcqPv02tb7pdNtL/OxU 8zUuRuGsbdT8hf8AgjsP+LP+Oj/1HY//AEljr4Z/4Kuf8nWP/wBgPT/5y1/TLRXNheKvZ5jPH+zv zdL+nW3l2Ip5jy13W5d+hx/w9GPAPhoH/oGWf/olK7Ciivk5yu2zzW7u4UUUVIgooooAKKKKACvA P2Tv+TWfg3/2Jnh7/wBN0Fe/14B+yd/yaz8G/wDsTPD3/pugoA9/ooooAKKKKACiviD9q39stf2Y df0LQ28If8JJ/bVrJc+Z9v8AsfleW+zbt+zzbs9c5H0r6N+C3xKHxg+GGgfEgad/ZP8AbkHnfZfO 8/yvmK48zZHu6ddorqqYKrGmq0l7r2EpK9j1KiiiuUZ5r8S/hrpPxE0c21yBDfwAm2uAPmRvQ+qn uK8I+DP7MZ8JeJpvHvxEuIdX1qJilhFGCbezi7FQwGXPc4rxT4+/8FEV+Bvxa134WnwAdaOiG2H2 v+1fs3m/aLeO4/1X2WTbt8zb985xnjOBe/Z5/wCCga/Hr4n2Pw3HgM6H9timk+1HVPtO3yl3Y8v7 LHnP+8K9N5PifZ+15fdtfdbfeR7RXsfo3JFHNG0Mqh0cEMpGQQeoIr4q+Jv7K+peJtcji8G6pHo+ iX0mb0HPnRRk/OkGOPm98Y7V9sUV5hZyHgbwN4b+HXhq08K+FrRbSxs1CgAcs3dmPdj3Jrkvir8K 9O+ImmGSLbb6vbKfInx1/wBh8dVP6dq8X/az/ayH7LkfhaQ+Fv8AhJh4lN6P+P77H5P2Pyf+mE2/ d53+zjHfPHxt/wAPak/6JWf/AAd//cNenh8nxNWCqU43T81/mQ6iWjPt74Ffs3R/D7VLjxx44ni1 fxVOSkToCYbOHskIbue7YzX1fXhv7OvxoHx++Fth8Sxo/wDYQvpriL7L9o+1bfIkMefM8uLOcZxt GPevcq4KtKUJOEt0WmFFFflT8TP+Cm6/Dn4ieJvAJ+G51A+HdRutP+0/2x5XnfZpWj37Psbbd23O 3ccdMnrW+EwNWu2qSvb0/UmUktz9VqK+B/2X/wBuJP2kfHF34LHgs+HTa2jXXnnUfte7aQNuz7PF jr13fhX3xUYnC1KM+SorMaknqgooornGFFFFAH//0/38ooooAKKKKACiiigAooooAKKKKACiiigA ooooAKK/Gz/gqB+0L8aPgt4y8Dab8LfFV14dttSsLua5S3WMiV0lVVJ3ox4BxX1TpPjj4ueI/wBg C08e+Gru+1T4h33hZLq3ntYfPvZr1h96OJEbc57AKfpXvSyCosPRxDkrVHZeXqdjwUlCM76SPuqi vyu/4J4eLf2tvEviXxlH+0nD4iisYLS0On/25p0lihlaR/M8oyQxbjtAyBnAxX6o1w5pl7wtZ0XJ St1WxjiKPs5uDdwooorzzEKKKKACiuM+I3jjS/hn4B8Q/EPW4ZrjT/DdhcahPHbhWmeO2jMjKgYq pYgYGSBnqa/Pn9jH9tnxr+1Z8avF+k3mlW2g+FdI0pbixso/31x5huETzJ5yBuYqT8qqqj0JG4+j hsqrVaNTEQXuw3ZvTw85Rc1sj9OaKK4z4jeONL+GfgHxD8Q9bhmuNP8ADdhcahPHbhWmeO2jMjKg YqpYgYGSBnqa4IQcpKMd2YpNuyOzor8xv2Mf22fGv7Vnxq8X6TeaVbaD4V0jSluLGyj/AH1x5huE TzJ5yBuYqT8qqqj0JG4/pzXbmOXVcLV9jWVpaP7zWvQlTlyy3CiiiuAxCiiigAor8t/+Cmv7UXi7 4G+FfCvg34Yay+jeKPEFzJdzXEIRpIbC2G3bhwwHnSuMHHSNhXzB/wAE8f21/it4z+On/CtfjP4p n16y8T2kkenNciNfJvrceaoBRV4ljEi4PVtgFfTYfhXEVME8dFrlV3brZbs74ZdOVL2y2P3noor8 mf8AgoV+3b4s+A+t2vwh+EBht/E1xapd3+pTRrN9ijlJEUcMbgoZWC7mZ1ZVUrhSWyvlZXldXGVl QorV/cvNnPh8PKrLkgfrNRX8y2mXn/BUXxJoqfEfSrrxvcadNH9ojZJZEEsbDcHjs8qXVhyu2Igj G3IIr6G/Yn/4KM/EzVPiVo3we+PV0ut2fiC4WwstTaFYr23vZnCQxzeWFWSN3OzJTerMCWKggfRY rgqvClKpSqRny7pPVHdUyqai5RknbsfvHRRRXxh5QUUUUAFFFFABRRXy1+1v+07pf7K3w0g8c3uj Ta9d6leLp9lbRyLDGbh4pJQ00hyVjCxnO1WJOBgZJHRhcLUrVI0qSvJ7F06bnJRjuz6lor44/Ya+ OnjX9on4L3PxI8eC2j1CbWL23jitI/KhhgiEZSNQSzHbuPzMxJ7mvy2+NP7V/wC0R4d/bf1D4b6J 43vbTwzD4osLJLFFi8oW8kkIePlC2CGOec817WC4ar1sRVwyaUoJt/I66WAnKcoX1R/QhRRRXzpw hRRRQAUUUUAFFFcZ8RvHGl/DPwD4h+IetwzXGn+G7C41CeO3CtM8dtGZGVAxVSxAwMkDPU1UIOUl GO7Gk27I7OivzG/Yx/bZ8a/tWfGrxfpN5pVtoPhXSNKW4sbKP99ceYbhE8yecgbmKk/Kqqo9CRuO J/wUO8Xftc+G/FXg6H9m2DxFLp81lctfnQ9NkvkEwkUJ5rRwy7TtzgEjjNe5Hh6ssWsHVajK19Xo tLnYsDP2nspOzP1UorxX9nK+8dal8C/BF/8AE1btPFVxpkD6kL6IwXQuSPn82NlUo3qCox6V7VXj V6XJOUL3s7HJONm0FFFFZEhRRRQAUV+Sf7WX/BRHxD8M/i+fgJ8L9ESHVbK9srfUdWvgJFUXIil2 2sAOCdkgBkkPByBGeGr7/wD2kL/x5pfwJ8bah8L1u38VwabK2mixhNxdG4GNvlRBXLN1wApPtXrV clr01RdXRVNvTTV/edMsLOPLzac2x7bRX5Xf8E8PFv7W3iXxL4yj/aTh8RRWMFpaHT/7c06SxQyt I/meUZIYtx2gZAzgYr9UaxzTL3hazouSlbqtiMRR9nNwbuFFFFeeYhRRRQAUUUUAFFFFABRRRQAU UUUAFFFfLX7W/wC07pf7K3w0g8c3ujTa9d6leLp9lbRyLDGbh4pJQ00hyVjCxnO1WJOBgZJHRhcL UrVI0qSvJ7F06bnJRjuz6lor44/Ya+OnjX9on4L3PxI8eC2j1CbWL23jitI/KhhgiEZSNQSzHbuP zMxJ7mvy2+NP7V/7RHh39t/UPhvonje9tPDMPiiwsksUWLyhbySQh4+ULYIY55zzXtYLhqvWxFXD JpSgm38jrpYCcpyhfVH9CFFFFfOnCFFFFABRRRQAUV8a/t8/EPxp8LP2YvEnjP4f6rLout2lxp6R XUIUuiy3caOBvDD5lJHSvA/+CYHxr+Kfxp8GeOdR+KXiK48RXOmX9pFbPcBAY0eJmZRsVepGea9i nktSWCljk1yxdrden+Z1RwknSda+iP1Gor8D/wBpr/gov8ZfGfxTuPhB+y3us7S3vf7PgvLW2W61 HVLlW2MIVkV1SIvkJtTewG4sAdo8z8X/ABB/4Kh/s26Zb/EP4iX+qw6I80Zke9ex1S1BcgCOdYmm aBXOFGTHycKQ1ezQ4KxEoxdSpGMpbRb1fyOqGVTaV5JN7J7n9HlFfHn7GH7V2n/tV/Di51y5sk0r xPoMqW2rWcW4wq0oLRTQliT5coVsKxLKyspJADN9h18vjMJUoVZUaqtJbnn1aUoScZboKKKK5jMK KKKACvAP2Tv+TWfg3/2Jnh7/ANN0Fe/14B+yd/yaz8G/+xM8Pf8ApugoA9/ooooAKKKKAPw//wCC rv8AyP8A4E/7Blz/AOjhX6OfsWf8mweAP+vH/wBqNWT+0j+x/wCD/wBpXWtH1vxNrd9pUmjW8lvG toIirrI+8lvMVjnPpXu3wn+HOnfCT4e6L8O9Iupb200SHyY5pwokcbi2W2gDPPYV7mKx1OeDp0Yv 3lv+JnGL5mz0SiiivDND+aj9vcM37XXjhUxuL6YBnpn+z7brmvrr/gnxoes6V8U72fxlPpEry6fi wEH2Mzh8gtt8lQ4+Xrz9a+pvjP8A8E//AId/Gv4l6x8Tdd8RanY3us+R5kNuIfKXyII4Bt3KTysY Jyepq58EP2C/h98DPiDZ/EPQPEGpX95ZxyxrFciHyyJRtOdig8V9hWzehLCKjza8qW3Wxgqb5rn3 XRRRXx5uefePvhf8PviTBbf8J5oFrrn9miU232lN/lGULv2+m7YufoK/mf8A2YPD+j+Jf2hvA/h3 xFZx32nXupxxT28o3JIhzlWHpX9T7LvUqe4xXwB8Ov8Agnl8Mfht8RNH+JGla/qdxfaNdi7jil8r yncZ4bCg457V9BlGZxo0qkJt6rT8TKpC7R9u+E/B/hjwLosXhzwfpsOk6ZCzulvAu2NWkO5iB7k5 NdJRRXgSk27s1Cv5V/2kEmk/aT+I0duN0reJtSCAgEFjdPjrx1r+qivzp8a/8E4fhv43+Ies/Ea+ 8U6tb3mtalNqUkMaweWkk8plKrlCdoJwMnOK93IcfTw85SqPdGVWDexS/Ym+Gnx98HeMfEGo/GfR LLT7WSxRLOSCysLZ/NMg3DdaxRsRt7E4r9I6KK8rF4p1pupJJehpFW0CiiiuYYUUUUAf/9T9/KKK KACiiigAooooAKKKKACiiigAr5y/aq/aC0r9mj4Oap8SLyFLzUN6WWl2jkhbm/nDGNGIwdiqrSPg g7EIByRX0bX5Bf8ABYiLUj8HfA08R/4l6a86zD/ps1rIYv8Ax0SV7HD+DhiMbSo1Nm9fz/E6sFSU 6sYy2PhfwR4n/wCCiH7Zepaz4k8AeJ9XSwsJv3xsdS/sXT4JSNyQRBJIgzKuDj5mAwztkgn0T9lj 9t34/wDwl+OVr8Fv2g9Tvdc0u51L+x72PVH8++027eQRCVbj5pJEV8b1LspTLJzjP3j/AMEodQ0e 6/ZZNnp7J9rs9cv1vFUjcJXEboWHXmMoAfb2r3vXP2pP2S/h/wDFfWfA+v8AiHTdD8bQSwx3zPZS o8kksSMga7SExu2xlBBkyPunGMV9pmObRdavgVhFKMdFyqzVut0n+R6tfErmnR9ndLtv6n5d/wDB Y/8A5KB8OP8AsF3v/o9K+1NC8Sa94P8A+CYNj4n8L38umatp3g2OW2uoG2SxSADDIw5BHrXxX/wW P/5KB8OP+wXe/wDo9K+uZ/8AlFIP+xJT+QpVYp5ZgE/5/wBWEl/s9H1PHf8Aglf8bfi58V/F/j6z +JXi3UfEsGn2NlJbpfXDTLE7yyBioY8EgAGvK/2vv26PjR49+M8/wE/Zqvp9OtLK/GlpcaZxf6nq AbynVJescSyZVdhG7BdmKkBX/wDBG7/kePiV/wBg6w/9HS1+dHwf074t6p+0bp2m/DbVIdI+INxq V4lrdzukaJeFZfMG6RXUFxuVcqcsQBzzXtU8qw7zPE1ZRj7kYtJ/Ddrd/cdSw8PrFSTS0S9Nj628 Z+JP+Cif7F93ofjL4geJtTu9L1CfCrf6kdasJZsF3tpw8jlGZQT8pUnBKPlSR+qXiX9pef4sfsE+ Jvjv4Bu30HXE0iYSi2kIlsNRgZUmRH6jBO5DwSjKe9fnz8a/2ef+Cg/jPwhFoHx1+IOhP4enu4jG mp6pZ2kL3aqxjCuYY8vt3YUNkjPHFex+Cfgj8QvgL/wTu+NXhHx7NYXAvzc6jZyaddLdxGOWG2ib 51AA+aLOB65rzcxhha1OjUnKDqqaXubNXMK6pzUJNrmutuqPiH4H/tPftz/E+41T4P8Awv8AEepe JPEHiXyZRdXE6vcWNtaCTzjFNcMI7dJPMXfIcNlUVDuIBzvGHxa/bp/ZB+J1vpfj/wAZaydT2per b6jqMmrafewMSucSSSIysVZWxtdSOqkA19Of8Eb7SF/H/wAR79lBmh0yyiVu4WSd2YfiUX8qP+Cy ESDx98N5wPnfTL5SfZZkI/ma9j61R/tZ5eqMeRrXTVvlv91tDp9pH6z7HkVn5eR9E/tueJPjX8a/ 2TPBnxR+DS3Vl4e1XSLjVPFMFvdxW6Jp81ojyRSrJIjTIp8xdqBicdORX49fsveGf2nvE/ijV7b9 l2a+h1uGzD3xsb+Cwc2vmKBueeWJWG/HAJPfFfuZ4e/5RYy/9k/vf/SaSvhX/gjsR/wuHx0P+oCn /pVHXnZVjvq+X4pQhFqnJpXW+vXuY4atyUKlkvdf9XP3/wBFS+i0awj1Mk3iW8QnJIYmUIN+SOD8 2ea/Of8A4KcaJ8dNW+Dltc/CSS6TQbCLUZvFAt7uK2RtNEAyJUkkRpUwH+RAxPp0r9K6+ef2tv8A k1/4rf8AYs6r/wCkz1+dZLiXTxlOoknr1210/wCGPDwtTlqxlbqfzI/sveGf2nvE/ijV7b9l2a+h 1uGzD3xsb+Cwc2vmKBueeWJWG/HAJPfFfuB+3R+2f4g/Zk8GeHvA3hARS/EXxBZLNJPcBZksIFHl tcFDlZJHlDCMHKZVmYEAK3xD/wAEdiP+Fw+Oh/1AU/8ASqOvJv8AgqvBqMP7V9xJe7vJn0XTnts9 PKAkU7fbzFf8c1+o46jTxmcxw1aK5YK/m9Fo+6R9DWjGrilTmtEr+ovhHQ/+Cmfxi8NP8aPCeueL L7S28yaCSPWTZi4VM7za2XnxeYnGAI4trH5V3EYr6k/YT/4KD+Pdb+IGn/Ar9oG7F/JqsptNO1W4 TyryO+LYjtbrAAcSNlEYqHEhCsWDZT9dfghe+HdQ+DXga78JNG2jPomn/ZPJxsES26BVAHA24wR2 IIPNfzOfFmay1v8A4KA6k/w2eMm68c2y2bw4MZvDeRqzrt4INxuOR1657152BxNLNPrGGrUYxUU2 mlZq3f8ApddDno1I4jnpyglbbyP6tKKK+U/21vjL/wAKN/Zw8WeLbSfyNXvof7L0wg4f7ZfAxq6f 7USb5v8AgFfmWEw0q1WNKG8ml954FKm5yUV1PwJ/aW8Vat+19+2pcaD4Xm8+1vtUt/DekOPnRLWC TyjMP+mbOZLg+isazf2sfhdefsg/tVA+AQ9jY2Utjr+guxLbUDBtpPcJcRyJjPKgeteCfBHxx8SP hV46sfid8MtO+2axo/mpDI9m15FE08TRMSoBAbY5weozXof7RPxx+PH7Q0mk638XdKCt4djmjhuI dNa0xHcMhKyPjBAZRtz0JOOtfv8ATwlWlWp0advYxjytX1v6fL8WfaRpSjOMV8KVj+rH4YeP9H+K nw78OfEbQDmx8RWMF5GucmMyqC0bH+9G2Ub3Br8Hv+Cr/wAC/F+kfFqH452FjJd+GdftLa2urmMM 62t5ar5QWbAwiyRhNhJwzBh1HP0t/wAEi/jR/wAJB8PPEPwQ1Wfdd+Fp/wC0dPVjybG8b96ij0in yx95hXVfHP8A4KX+H/hZ8Xdb+CPir4aSX1npt6ljf3VxfoI3tJgrGYW32aTerQuHCFhuBwSK/Nsr weLwOa1IYanz8t9LpXi7W3+XzPBw9KpRxElTV7fkfJXwd/4K5fEHwppdh4f+K3hO28Uw2kaQ/brK Y2V2yIMB5IyskUj4/uiIH+f0X8CdN/4JyftPfFCbxj4e0i80v4i3t++snT9RvLqyma7En2h5bdYJ /Ikw4L7I2JABJQDNfTXjn/gn7+yF8YbFPEGneGotFbU4lnhv/D0/2SN45V3JJHEu+1IYEEHyjke1 fzzfG3wTJ+zB+0drHhTwH4iOpT+CtQt5rHUY8LIkqpHcKr7CV8yFm8uQDjcp4HQe3l1LAY91I4Hm o1La2bS+dna1/Q66EaNa6o3jI/sFryD49fEjV/hJ8I/Enj/w9odx4k1bTLfNnYW0Ms7zXEjCOPcs QL+WrNukIxhAeRXqOl3Ut9plpezxGGW4hjkaM9UZ1BKn6E4rwX9qT9oDTP2afg/qXxNvrE6pcxyR WljaBtgnu587Fd8HaihWdiBnCkDkivzHA0ZTrwpqPM21p38rngUYNzStc/CzwOf+Cjv7W+ra3rfh vxVrllBpkwjucak+hWUMzDcsKQRNECwXGcIxGQXOSCdD4BftX/tR/An9o/S/hF8YvEOoa3ZvrMGj 6vp+r3J1B4ftEqxebDcOzuCm8Ou1yjr2III7X4beP/8Ago5+2+NU1PwH4vj8MeHLO4+zTXFtIuk2 kEzKHMSSQI945VGBPzPtBGSMjPxJrfgTxJ8N/wBrSx8B+MNbXxFreleI9MivNQWSSUTzNLC7HfL8 7FS20luciv2ilQp1XVw1eNPSPwxV3H1dl+SPqowUuanNR22XQ/aD/gqd8WfiX8KPAvgW++G3iW+8 N3GoaldR3EljM0LSokIKqxXkgE5xXvP/AAT38ceL/iL+y54d8VeOtXudd1i5utRSS7u5DLM6x3Ui ICx5IVQAPavkT/gscp/4V18OmxwNVuxn6wLX0X/wS/njm/ZA8ORowLQX2powHYm6dsH8GBr4XFUI f2DSqKK5ufe2v2up49SC+pxlbW/+Z+b3xi/aR+PWj/t233gLSvHmr2nhyPxbYWa2Ed0624t3mhVo ggONpBII75ra/wCCr+ifHSLx6mv61JdH4VTy2UOmI13E1sNSFq5lK2wkMivgSZdkAPIB5Gfmr4xa ja6p/wAFEtSu7KRZYh47s4tykEbobuKNhkejKRX6df8ABYP/AJIJ4Q/7GaL/ANIrqvqY8tDGYFQg vejZ6eS19T0FaFWjZbo+Rv8Agmz4W/asuvFnhTxJ4Wnv1+DcGqXY1NE1CCO0MwtyH3WjSiVjvMfK xnnB7Ej5f/bB1+78K/tueOPFGnokt1o/iCC8iSUExtJbiKRQwUglSVGcEHHcV+yv/BKEg/sq/TXt Q/8AQYa/I79o+0gv/wDgoXrdjdIJIbjxdp8bqRkMryQAgj3BrXLMb7TNsTzRSUYtadbPr5l0KvNi al1sv1PV/jCv/BS+z8GH9ovxxr2t6FoTGO7Nvp+p/YxZQ3JAiL2NvICifOFIdS6/8tMHJr9Bf+Cb n7WfjD45eC/FHhn4sXy3mseClt5hqUgWN7ixnEnM5GFLxGM7nwNysucsGY/Uf7asayfso/FFXGQN EuD+K4I/UV+Kf/BOX+0j4O/aKXRzi/Pgq5+z/wDXbyrjy/8Ax7FeLCrTzDK6s504xcZJKytZXX+Z yKUa+Hk3FJp6W+RsfFf9sz9pv9qz41f8Kv8A2ab+90XR5ria30uDS5TZ3V1DHkm7urklWjBRS+Ny Ki8HLfMcTVPjV+3h+wz480a1+LOsXmvabfI0kdpqt82qWV9AhAlWK4ZnkjkjJHQqykqSrIcN8x/s g6J8ePEPxZk0z9nPW4NB8XPp1wwmnkji8y2V4zLGhljkBY/K2AM7VJzgGvsX45/sxftz/EVND0f4 +ePfD1yI5Jn0yHUtXtLRmkIQS+SPKjLkDZuAzjI9a+kr4fCYerHCSVNU7ap/G99f68zvnClCSpvl 5bfM/WP43fGUeI/2LPEnxt+FuqTWDX/h/wDtCwuoW2T27vtBXcPuyRtuRsdGBFfh/wDA/wDae/bn +J9xqnwf+F/iPUvEniDxL5MouridXuLG2tBJ5ximuGEduknmLvkOGyqKh3EA/pjc/DTxp8Hv+CYP in4c+PGtZNS0jStS2tZzi4haG4vHuIyJAADxJj2r5Z/4I32kL+P/AIj37KDNDpllErdwsk7sw/Eo v5V85lcMPh8Di6sYKahP3bq/a3+Zw4dQhRqSSTs9D5j8YfFr9un9kH4nW+l+P/GWsnU9qXq2+o6j Jq2n3sDErnEkkiMrFWVsbXUjqpANfpL+254k+Nfxr/ZM8GfFH4NLdWXh7VdIuNU8UwW93FbomnzW iPJFKskiNMinzF2oGJx05FfO3/BZCJB4++G84Hzvpl8pPssyEfzNfaHh7/lFjL/2T+9/9JpK3xeJ hKjgswVOKm5WemnVf8FdiqlRONKtyq7Z+Gf7L3hn9p7xP4o1e2/Zdmvodbhsw98bG/gsHNr5igbn nliVhvxwCT3xX6d/8FNPjX8a/hHrnw00vwT4v1Lw5JeaPM98llcGIS3CPGpZyhwxHPP5V5N/wR2I /wCFw+Oh/wBQFP8A0qjrZ/4LH/8AJQPhx/2C73/0eleli6yrZ5Tw84JqKfTV3j1726HRVmpYtQaV l/kfpX8MvjpH4C/Yh8OfHb4n38+qS2Ph6C9u5pX3T3dzJhIk3nPzzSsqAnjLAnivxp0r42/t5/tt +PdUsPhdreoabb26CWWz0e8Ok2FjbsSEEkwdGcsQcb3Z3wcDaMD68+OUWpSf8ElvBz2BxBFZaE11 7w/aFUf+RTHU3/BG7UNHPg74k6XGyDVUv7CaRcjebdopFjOOpAcP9CfevEwlKlhcJisfGmpTU2ld XSV10+f5HJTjGnTqVlFN3sfJHgj9rr9rP9kT4z/8IH8dNU1HxDY2M8Sappmq3P8AaEht5VDLNa3T NI4Oxg6bX2MflcZzt+9f+CiP7Vfxi+HGmaD4V+BVrfWdrrdkuo3niKCykkjWCYlYoIJnjMaOwBd2 HzqCm0qSa+wPih+0f+y58IPibb+H/ihrVhovjCeyiuI55rGWWQWzvIsYa6ihcJ8ysQrOMA5xg5Pw 9+3L/wAFE9f+FWtWHw5+A5tn1C7sLbUbjWpoxcIkN7H5tultE/yFmjZZC7hlwwAXOSMcPOWNxdCr HBq9ru+kZee3T57oiDdWpCSpf5Pz2PiXxR8Mv+Ck3gv4aS/HLxF4w8TWmk21vHeTqfEk5u4bZ8ES SW4nJCjcNyfeUZ3KADj7o/YH/ai+Mf7QXwr+JXgPxRfNq3jDw1pxk0jUR5cNzMbuKZI0kb5E3xSo m2Q4zu+Y8ZPyl8V/gP8At+eMPgx4h+LHx9+ITaf4e0/Tn1CbRri/dHnXaGSNrO0RbVWbIG1yCpOC ucgdb/wRvX/ivviQ3ppliPzmevYzWNOtltWrLklKDVnBaLVaX6nViFGVCUnZtdj8y/ivo3xm0r4z ajovxYkuX+Isd1bLdNcXUdxcfaHjjMGbiN3QnYY8EPgDAyMV+43gwftdfCj9i74x678edV1Oy8ZW aTXGk3U+ow3lzDAIYgGjlt5ZQnz7sAkHOTjvX5mftqnH7fnikntrGj/+ktpX76/tsf8AJqHxQ/7A s/8AMVPEOYOcMFBwjafK3pt8Oi7LUWOrXVJNLW36HwB/wSv+Nvxc+K/i/wAfWfxK8W6j4lg0+xsp LdL64aZYneWQMVDHgkAA1x37df8AwUE+I2mfEfUfgZ8AL1tKXR5vsWo6nbxiS9uL7O2S2tiQ3lrG x2FlHmGQEKQo+bn/APgjd/yPHxK/7B1h/wCjpa+NvgtLp2i/t7aK/wAQGSNbXxrOly1xgKt2LqRY 2fd0xPtOT0PNaf2Xh3mmJqyppqnFNRtpe3b5fiV9Xh9YqSa+FbfI9S8T6L/wU0+CXhQfGDxPrniu y0jEcs8k+sf2gbdXxsa5tGmmMa8gHzIwFPyttJxX6rfsDftp3H7Tmh6l4S8dx29p468PRrNL9nXZ Hf2ZKp9pVOdjo5CyqPlBZSuA21fsH45Xvh3Tvgx46vPFzRro0eiah9r83Gxomt3BXngls4A7kgDm v58f+CUEGrTftVGTTji3g0HUHvPeAvCqj/v80ZryPbU8zy6vWq0oxlT1TirfL+u6OXmjiKE5Sik1 2NX9pr9rr9oH4W/te+LLfw/4y1FtD8Oa5FJFpD3MgsZIYRG5t3jUj90+CrAYyCaqfFyD/gpXpngw ftF+PfEPiDRdElMVwY7LVPsgs4rggRM9hayKIkO8KQybhnEgBrzb9oq0h1D/AIKF63YXKh4bnxhY ROp5BV5YFIP1Br9/v21okm/ZQ+KKSDIGiXDfiuGH6ivUxeNp4T6nGFGLc1G7a1tpt9501asafsko rW1/wPl7/gmh+1T47+PfhfxJ4L+J13/amueEvsskGoMoWW5tLneoE23AaSNo8b8AsGGcsCx/UOvw H/4I3/8AI/fEj/sGWP8A6Oev34r4jjDCU6OYVIUlZaO3qkeTmlOMa0lFH4Z/8FRPjz8ZvhX8ZvC+ h/DjxlqfhzT7rQI7mWCxuGhR5jd3CF2C9TtVRn0FfP8Armv/APBRr47/AAtuPj7Y6zquleCtFtGk jXTNROmmW3sV2zTrDFKs1wVKMzySbiTu2cDaOm/4LB/8l78If9izF/6W3VfrP8PLO3t/2DPD9tEg WN/hxbswA4Jk0gMx/Ekk19asXTwmX4SrGlFyk7Xa6dfmekqqpUKclFNs/Ej4SftvftoeLtAi/Z/8 B6rN4k8TeIblItP1KfbNqsMW1jLGLiY7cEDcZpiWjUMdwGCmD49+JX7dX7IfxOsLX4geN9ZGqzRR 38cN5qkmq6fdwMxUhkkkkjYbkZGGFdf4SMqx7r/gk3aQXP7U080qhmtfD1/JGSPusZbePI/4C5H4 169/wWPRR8Q/hzIB8zaVeAn2E64/ma9ydShDNFgI0Y8sld6at2f4aHW5QWI9ioKzWp+rHiD9qDw3 4W/ZWtP2mtatvLgvdFtNQisQ3L3t5GvlWqtjP+ubYWxwoLYwK/Ebwn8RP+CgP7bnizW9S+G/iXUd Os9NZJZotN1B9G02z358mFWR1Z2O0kbi78bmPevoj9pgaif+CV/wj+xHEIl0b7V/1x+z3OP/ACJs r5j/AGL/AAZ+2p4p8Da7N+zD4stdE0aDUdt9byTwRym5aFCJCskMjbWTAByBlW44NeNk2XUcPha2 IjyqXO4pz2ST/r8DlwtCEKc5q17212Pbv2b/ANtj9oD4H/HSL4E/tR30+oafPfR6feSaowkvNMnm AEUy3Kk+ZAxZCxZmGw70Yc7qf/BV/RPjpF49TX9akuj8Kp5bKHTEa7ia2GpC1cylbYSGRXwJMuyA HkA8jPmvxD/Yt/az+KXxJu734h+MPDOr+NwkCXEcutW0d6qqi+TugjRWX5NpX5RkYNfcf/BXL7af 2dPAx1IKt3/wkNv5wU5USfYbndg+mc4reM8NDMsNUw/K5TTUrbJ6O67X79i06ar05Qtd72/NHyl/ wTZ8LftWXXizwp4k8LT36/BuDVLsamiahBHaGYW5D7rRpRKx3mPlYzzg9iR8v/tg6/d+Ff23PHHi jT0SW60fxBBeRJKCY2ktxFIoYKQSpKjOCDjuK/ZX/glCQf2Vfpr2of8AoMNfkd+0faQX/wDwUL1u xukEkNx4u0+N1IyGV5IAQR7g11ZZjfaZtieaKSjFrTrZ9fM0oVebE1LrZfqer/GFf+Cl9n4MP7Rf jjXtb0LQmMd2bfT9T+xiyhuSBEXsbeQFE+cKQ6l1/wCWmDk1+hf/AATT/ar8b/H7wn4j8HfE26Gp a94QNs8V+VCSXVpc71HnbcBpI2jIL4G5WXOWDMfp39tWNZP2UfiirjIGiXB/FcEfqK/Hb/glnDqN 0vxutdI3fbpvDASDby3nN5wTAHfcRivD9tTx+VVak6cYuDSVlayuv8zj5o1sNKTik09LE/7TP/BQ D44fGH4pT/Cn9mm9u9K0MXZ0+yfSl/4mWrTBtnmrKoMkaMwJjWMqdvzOTnC+beMtS/4KR/snwad4 68eeIPENrpl1On7y81Rdas/OPzeVcIZrhELgY+YDdztJIOOf/wCCYl74esv2ufD39vNGk09lqEVg 0uP+PtoDgKT0Zo/MUdznA5NfuN+37e+HbL9kX4if8JK0YiuLOOK3WTGWu2nj+zhAerCQBuOQAT0B Nelj8TSwGLo5dSoRcJWu2rt3dv6/Q6K1SNGpGhGCadg/Yw/at079qX4Yz6/fwQ6Z4o0CRbfWbOEn ykZwWini3EsIplVsBiSrK65IAY/j18d/22/2if2kPjK3w4/Z61bUNJ0Se8ksNGtdGka0u9QUEj7R NOrK43hS+NyJGn3uQzHr/wDglTY+JruH43HQn2xt4eiiHB/4/ZBcfZT+AWSvGf8Agl1e6PaftcaI mqMiT3OnalFZ7+puDCWwv+0Ylk/DIqcPk+GwmIxlaMFL2aTinra6b/ryFDC06U6skr8u33E/7Rkf 7c3wY+Fc3w0/aDv7jW/B/i97dYrm8uxqhhubSRbhY47reZI5PkwUclWXcVBK7l+4P+COaCT4efEm Ns4bUrIHBKnmB+hHI+or3b/gqre6Jb/so3VrqboLu71jT0sVYjcZ1ZnfaDzkQiTOO1eGf8Eb/wDk QPiP/wBhOy/9EPXJisf9ZyKpVcFF8yvZWT1Wv9djOpW9pg5StbXp8j7e+Fv7Dv7OfwZ+Ilv8Tvh5 oM+n6xaRTRQiS9nuYo/PXY7KJ3dt20lQd3Rj618Vf8FKP2zfBGm+DNf/AGa/BLJrXiDVQlvq9yhD W+nRxyLI0OeQ9wdu1lHEeTk7xtH6u/ES817Tvh/4m1DwrDJc61a6Xey2MUS75JLpIHaFUX+Ji4AA 7nivwQ/YV/Yj8WeK/jNe+KP2lPBOq2uk6NAb6GLV7aWKHUNQeVdomMoHmqo3OyHO443ZXKt4uQTp 1JTzDH1HL2drJvVvpv2/4c5ME4ybrVpX5dj6o/4JLfBPxj4F8B+Kfil4pt5NPtfG5sk023kBR5La z84m5Kn+GRpcRkgEhSw+VlJ/XimoiRIsUShEQAKoGAAOgAp1fN5vmUsXiJ4ias3/AMMvwODE13Vm 5vqFFFFeaYBRRRQAV4B+yd/yaz8G/wDsTPD3/pugr3+vAP2Tv+TWfg3/ANiZ4e/9N0FAHv8ARRRQ AUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAH/9X9/KKKKACiiigA ooooAKKKKACiiigArxD9on4F+Gv2i/hRq/ww8Sv9mF6FltLsIJHs7yLmKdVJXOMlWXI3IzLkZzXt 9Fa0K86U1UpuzWqKhNxaktz+ayx/ZB/4KE/s2+ItTi+EMd81pesIWvdCv4PIu0XOxnt5JFkUrk4M kY2knDY5PuX7J/8AwTl+L198WLH4x/tMD7FDpt6NT+xT3SXt/qN8jiVHuHjaVBGZPnfc5dyNpUBi w/eGivrcRxvi6lOUVGKlJWcktX+P9dLHpTzapJNWSb69T8hf+Cln7Lvx0/aA8X+CtV+Efhn+3rXS LC6hun+22dr5ckkqsoxdTRFsgHlQR619Fy/Bj4kt/wAE+x8D10j/AIrX/hFl077B9og/4+wB+78/ zPJ/4F5m33r7vorynxBWdCjQsrU3db3vvrr/AJHO8bPkjDpHU/In/gml+y/8c/2f/FXjjUvi74a/ sG31iys4bVvttndeY8Ujs4xazSlcAjlsA9q8o/bF/wCCdfxUu/irf/G39m5Vu21S6GpTafDcJZXt nf7vMee1kdo0ZWkHmDDq6ucKCMY/c2iuqPFmKWLljFa8lZq2jX33/E0WZVFVdVbv7j+bjxP+zh/w Uk/aZvNJ8O/Fi2vZNO0x8RTavc2ltZ25I2mV0gO+VscbxHI+CeeTX6kXP7JNx8Mf2HvFX7PXwyi/ t7xHq1hO8spMdsb/AFK4Kb2zK6oihVVE3NwiKCSck/f9FGN4qr1lCKjGMYtNJKyuu+oVcxnKySSS 1sj8jP8Agmj+zB8cv2fvEvjrUPi74a/sG31i0sorRvtlndeY8UkjOMWs0pXAYfexnPGaZ/wUt/Zf +Of7QHirwPqXwi8Nf29baPZXkN0322ztfLeWRGQYupoi2QDyuQO9frtRWX+s1f699f5Vz9tbbW73 /En6/P23trK58k/DL4K+Ipf2MNO+AnjaH+xtZvPC0+i3a745vs01xC8Wd8TOjbCwPysQcV+G/hn9 jv8A4KA/BjxffQfDXQ9S0u+u43sn1DR9Rt4obi3Lg8TechVWKqw37HHBIU5r+n6itMt4pr4Z1bRj JTd2mtL/AHjoZjOnzWSdzm/Bqa5F4Q0OLxMpXWEsbYXoLiQi5ES+aN4JDfPnkE561jfFPwTH8Svh n4s+Hkk32YeJtKvdN83GfLN3C8QfH+yWz+Fd7RXzsarU+eOjvc4lJp3R/MD4Z/Y7/wCCgPwY8X30 Hw10PUtLvruN7J9Q0fUbeKG4ty4PE3nIVViqsN+xxwSFOa/Wb9rD9ivUP2o/hf4T1KS8i0b4neHN OhiM1wxkguWaNWntZ5I9xwJsskqhsEtwQ2R+jFFfTY3i/E1qtOulGM49Ut/W99Dvq5nUlJTsk0fz SaL+zl/wUw+Guk3Xwq8G2uuWWhXbSL5On6tbCyYSffaOTzwIg/U8oTn5hnNfbX7DP/BOnW/hF4st PjJ8cHt5PEFgHOm6RCy3CWkzfL9onmUlHlUZ2Km5VJD7iwAX9gaK0x3GWKrUpUlGMebdxVm/xKrZ rUlFxSSvvYK/Jb/gpP8AA/8Aaa/aD1fwl4U+EvhNtY8K6JDLe3E/2+xthJqE7GMKY7m4ic+TEmQw XH71hk44/WmivCyrMp4Suq9NJtbX2/Bo48PXdOamlqfHf7C3wD1T9nj9n7S/CXii0Wz8T6lcT6jq 0aukuy4mIRI/MjZkby4UjU7WK7txB5r6R+IvgfR/iX4D8QfD7X13af4hsbixmOMlVnQpvX/aQkMp 7EA12dFY4nHVKteWIk/ebv8AMmpWlKbm9z+fX9kr9kL9sr9nj9ovw745ufBO7QIrl7DU5o9U00pJ ptyfLkl8v7V5jBPlmVdu4lAMZ4r7E/bu/YCuv2h9Wj+Kfwtubaw8ZxQCG9tromOHUo4QBCRIARHM ijYCw2su0Ertyf1Gor3K/FuKniY4tJRmlbRPVed2zrnmVR1FV0TR/MZpf7PH/BS/4d6X/wAIT4at PFWlaScqtrputr9kUNy237PdGNA3fGM9691/Zc/4Jg/E7UPHem+PP2jIodI0XT7hLx9LM8d3eX8q tvVJmiZ40iZsGTLl2GVwpO4fv9RXdiOOsVOEoQhGLlu0tfzNZ5vUaaSSv2CvmD9r/wDZ+l/aV+CG qfDjT7yOw1dZor7Tpps+SLu3ztWUqCwR0ZkLAEru3YOMH6for5HC4mdGpGrTeqd0ebTqOMlKO6P5 wPhF8Cv+Cm/wGn1fwR8J9Iu9Fs9YfdclZ9Lns2ZRs8+OW4d1jcrjlNrkAZGVAGJ4l/4Jz/tk+E/i Bp3irQ9Ig8cX6yW+rXF/HqNpEpvzJ50sbm8nhmkYOMtJtAbORzmv6WqK+w/17xKm5xpwTe+j19Xe 56f9sVL3UV56bnxP+2x+zbrf7U3wOtdB0Ty9K8V6RcRapZQ3LjyzL5TJLaySJuUblc4cZXeq87ST X5C/Cf8AZ2/4KW/DYX/w3+HNlqnhLTNWm3XbLfWkdmrkBGmWYSOVO1QC0J3kADngV/SlRXm5ZxRW w1B4dQjKN7pSV7fiYUMwnThyWTXmfzg6b/wTe/aZ8A/Hvw7faTog8S+G9H1bSLybWVvbKBZQjQzX brBNcifbHJ5ijKbnC7gvIFfrF+33+zv4r/aQ+Bi+F/AnlSeIdE1GHVbSCWQRLcmOKWF4RI3yqzLK SpYhdygFgCTX25RRi+KsVWrUq87c1PbTf11/KwVMxqSlGb3R/P5+xt8Cv27/AIUfFjwvol/pGsaF 8P7PVvter2rahBHYujp5UrmNZj53y7TtQNkqDjjI0/jF+xX+0x4q/bRv/izoPg77V4Un8S2OoJe/ 2jp6ZtYXhZ38p7hZeArfLs3HHAPFfvhRXVLjLEe3liI04puPK9H3vffc0eaT53NJXtb+tTwn9p3w Z4k+If7P3j3wR4Ps/t+ta1pU9taW/mRxebK4+Vd8rIi59WYD3r8+f+Ca/wCy18cPgJ4r8cah8YfC 40Sy1qwtbe3LXlndiVkkdnUrbTSkAKf4gAa/XyivHw2dVaWFqYSKXLPV736ba+XY5aeKlGnKktmf z4fGr/gnb+0N8H/ixJ8TP2WC+oaZHdPeaeLK6jtdR0zzCcwlZWQSRqGKKULFk4dcZzx11+yB+33+ 1V4203UPjp59hbWq+T/aGsTWyR2sBYFxBZ2xyXbrhY1DEDc44I/pAor3KfHGLjFXjFzSspNe8dkc 3qJbK/fqfHvxK/Z7fQf2Mtc/Z3+EFgb+4g0NrCwheSKF7q4Zg8kjvIyRq8shZ2JKruY9BXyd/wAE 0f2YPjl+z94l8dah8XfDX9g2+sWllFaN9ss7rzHikkZxi1mlK4DD72M54zX650V41PPq8cNVwzs1 Ud23e99PPy7HLHGTUJU+5+RP/BS39l/45/tAeKvA+pfCLw1/b1to9leQ3TfbbO18t5ZEZBi6miLZ APK5A719gfDL4K+Ipf2MNO+AnjaH+xtZvPC0+i3a745vs01xC8Wd8TOjbCwPysQcV9bUUVc9rSw1 LDWSUHdPrfXfW3XsKWMk6cafRH8wPhn9jv8A4KA/BjxffQfDXQ9S0u+u43sn1DR9Rt4obi3Lg8Te chVWKqw37HHBIU5r7g/b6/Za/aQ+Pf8Awq3UPBPhj+3L/RtCNvq5N/ZQmK9fy2dS1xPH5mWDfMu4 H1r9nqK9etxriJ16eI5I80b9HrdW11+46pZrNzU7K6/rufKfwr+Bn9pfsh+HvgH8X9M8h5dAj0zU rUSRytDKF6pJGzxl4nAdGUkBlBHSvxl1f9hL9tr9m3x5da/8CJrnV7ZFMcOq6LdxW00sDnPlz2ks ofPALJiRMgEMeK/pGorhy7ifEYaVRxScZu7i1damNDMJwcmrNPofzv8Awo/4J1/tK/G74oL47/ag kn0rS5p0n1Ke9vY7rU79EAAiiETyeWMKEy5TYv3FOAK96/4KDfsFfEf4neObf4ufBCwh1VprO3sr /SVlit5kNovlRSweYUjZPKCqybgy7RtDA4X9pqK6pcZ4x4iNdWXKrKNtLP8A4Zdeho81q86n26dD +fy3/Z6/4KVftE+D7b4YfFrVJdE8GabEGUanJZo9w9sv7mORbX/SJ23BcNOdgPzliwGfZP8AgnH+ zR+0r+zz8WNevPif4L/snw7r+lGBroahYXBjuYZUkizHb3EjkMu8cLwSMkCv2foqcTxdXqUZ4dU4 RhLola3nvv6iqZnOUXDlST8j8F/2/P2Hvjt4y+PGqfGT4S6K3iPTPEMdrLNHazxR3Npc2sEduR5c jIzK4jV1ZNxBLA7cDPu/wq+F37ZPiz9k34yeCfjdbajqfirxNAI9Ch1PUbeWaQGLa8YLTFIF3KDh ygJJPvX640VEuK68sPToShF8lrOzvpa3Xy1E8xm4Rg0tLfgfkT/wTS/Zf+Of7P8A4q8cal8XfDX9 g2+sWVnDat9ts7rzHikdnGLWaUrgEctgHtXO/twf8E4PE3xO8bX/AMY/gS9u+q6uRLqej3Egt/Ou QMNPbTORGGkwN6OVG7LB/m2j9mKKz/1qxSxjxsbKT0a6Nff5dxf2jU9r7Vbn80up/s4/8FMPinol v8MfF9rrl3oFkYx5Op6tbraAR8IXZp8zBO33yOwr9fP2Kf2ONJ/ZT8J30mp3kWteMtf8s6hexIVi iijGVtrct8xjViWZiFMhwSoCqB9vUVWacVYjE0vYcsYQerUVa/qPEZjOpHkskvI/A/4u/sVftMeK P20774s6F4O+0+FJvE9jqKXv9o6embWKSFnk8p7hZuAp+XZuOOAeK/Xr9p3wZ4k+If7P3j3wR4Ps /t+ta1pU9taW/mRxebK4+Vd8rIi59WYD3r3aiuXGcQVq7ouaX7u1t+lt9fLyM6uNnNwb+yfkL/wT T/Zd+On7P/i/xtqnxc8M/wBg22r2NrDav9ts7rzJI5WZhi1mlK4BHLAD0r9eqKK5M1zSpjK7xFVJ N222008zLE4iVWbnLc/GP/gpF+yd8f8A4+fFzw34o+E3hb+3dMsNDSznl+3WVrsnW6nkKbbmeJj8 rqcgEc4znNfor4S8C+KdM/ZP0b4Z31l5fiS08E22kS2vmRttvo9NW3aLzAxjOJBt3BtvfOOa+h6K 6MRnlapQpYeSVqe29/nqXPFylCMHsj8Q/wDgnd+yD+0T8C/jzeeNPip4T/sPRpdEu7NZ/t9jc5nl mgZU2W08r8hGOduOOT0r0L/gpZ+y78dP2gPGHgrVfhH4Z/t610iwuobp/ttna+XJJKrKMXU0RbIB 5UEetfr1RXbLirEPGrHOMeZK1tbdu9/xNXmM3V9tZX/rzPjrwZ+zqfF37F+g/s7fFm0Om3j6DBY3 ao0U72d3Dh45EaNmjZopFVhtYqcYzg1+P+mfsk/8FBf2VvF+p3PwTS4ure9XyWvtGntpYLuJSShl tLk7g67jjfEdpLbGIyT/AEi0VOA4or0HUXLGUZu7i1dXYUcwnDm0TT6M/n++An/BOr48fFD4tR/F P9qvdZacLtb69hvLmO71DVZEIZYmETOscLY2uWYMEG1EAIZf0k/b7/Z28VftH/AtfC3gMRP4g0PU YdUtIJZFhW58qKWF4Q7fKrMspKliF3KAWAJNfbtFTiuJ8TVxFPEuycNklovl5iqZhUlOM+23Y/n8 /Y2+BX7d/wAKPix4X0S/0jWNC+H9nq32vV7VtQgjsXR08qVzGsx875dp2oGyVBxxkafxi/Yr/aY8 Vfto3/xZ0Hwd9q8KT+JbHUEvf7R09M2sLws7+U9wsvAVvl2bjjgHiv3wortlxliPbyxEacU3Hlej 73vvuavNJ87mkr2t/Wp4T+074M8SfEP9n7x74I8H2f2/Wta0qe2tLfzI4vNlcfKu+VkRc+rMB71+ ff8AwTT/AGXfjp+z/wCL/G2qfFzwz/YNtq9jaw2r/bbO68ySOVmYYtZpSuARywA9K/XqivHw2dVa WFqYOKXLPV736ba+XY5aeKlGnKktmfgx+1N/wTM+JVh8QL74n/szFLyzvbk3w0tLhbO9sLktvJtZ ZGRGjD5ZPnR04UBsA14rqn7K3/BRz9oa503w/wDFJNSl0vT5QqTa7qcItbcn5TKYlkaSRgv8axux HGea/pRor28Pxxi4QjGUYycdpNar8f66nXDNqiSTSbXXqfM/7Kv7M/hj9l34ZR+B9GnGp6peSm61 TUTH5bXdwRgYXLFY41+VF3HHLfeZifyS/ae/4JwfGXwj8Urr4m/szWp1LSbq7bUbe1sriOzvtIn3 +Zth8ySPeivzEYzvUfKV+UM39AtFeZl/EuKw9eeITu5fFfZ/10/yOejj6kJud733P5yvEX7G/wDw UB/aD8L3fin4v3V1eXugQKNH0rUr63NxdSSSosgjTzVhgxHud5JWV22qoDZBH6Cf8E0/2fPi9+z/ AOD/ABrpfxc0H+wbrV7+1mtU+1Wt15kccTKxzbSyhcEgYYg1+mNFdOYcWYjEYeWGcIqD7K1rdtTS tmU5wdNpJHn/AMWdF1fxJ8K/GXh3w/EZ9U1TRdRtbSMOsZe4ntpEiUOxVVy5AySAOpIFflD/AME6 /wBlz9pf4JfGzWvFXxk0CbSdEuvD9zZRSSalZ3ga6e7tZEXy7e4lYHZG53FQBjGckA/s9RXm4POa lDD1MNFK0977/LUwpYqUISppaMKKKK8k5gooooAKKKKACvAP2Tv+TWfg3/2Jnh7/ANN0Fe/14B+y d/yaz8G/+xM8Pf8ApugoA9/ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooA KKKKACiiigD/1v38ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACvAP2Tv+TWfg3/ANiZ4e/9 N0Fe/wBeS/APwlrXgD4FfDnwJ4kjWHV/DfhvSNNvERxIi3NnZxQyqrrwwDoQCOD1oA9aooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD/9f9/KKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooA//Q/fyiiigAooooAKKKKACiivAv2nfjdD+zx8E/EfxUNouoXWmpHFZ2zEhJ bq5kWGIOQQdis298EHapxzitsPQnVqRpQV23ZfMqEHJqK3Z77RX8u2if8FO/2ttN8YJ4k1LxFa6r p/m7pNJlsLaO0aLOfLVo41nXAOAwk3dNxbof6Uvhp470z4n/AA98N/EXRo2hsvEmn21/FG5BeIXE Yfy2I43ITtbHGQa9vO+GsTgFGVazT7flsjrxeAnRs5dTt6KKK+eOI/NP9uj48fFj4RfGz9mvwr8O 9ebSNK8d+JJLHWoBBbzC7thd6bGELTRuyfJPIMxlT83XIGP0W1rXtD8N6e+reItRttLsYyA091Mk ESk9MvIQo/OvyM/4KY/8nG/se/8AY3y/+l+kV5j/AMFKYbfRP2pfhx47/aH8Max4u+AOn6W0Ulrp bukMepu8wkMpWSLEhzA2DJH5iKFVjtdSAftz4f8AFXhjxbZ/2j4V1iz1m1GB51lcR3EfPT5o2Yfr VfxJ408HeDYop/F+vWGhxznEbX11FbK5HZTKyg9R0r8a/wBkjwh+x9r/AO03o3xQ/Y3+J7+D4VsZ o9X8C3cF2ZNSBWTdte7nUlUDrJiPz1Roww2jIHzz8cbn4T+Bf24fiRrP/BQLwZrnifw1rpjj8J3l u8/2G3sFJ2bVimhLhYyFIjclJA5MZZ9ygH9GWm6npusWceo6Rdw31pMMpNBIssbD/ZZSQfwNM0zW NI1qKSfR76C/iicxu8EqyqrgAlSVJAIBHHXmvy//AOCefgH4HeHPF/j7xR+zL8XP+En+HmuCJ4/C MsM6XGjz5UrM7XUolOcSRhjAN67QZHMeTgf8Ecv+SB/ED/sedQ/9IrKgD9X4dY0i41GfSLe+glv7 ZQ0tusqtNGpxgsgO5QcjkjuKy/EXjTwd4PSKTxbrthoiTnbGb66itg5JxhTKy5OfSvya+DmuW3hn /gpr+1D4kvBm30rwzbXcg6fJBbWEjfotfnZ8Evi/+xl8WNa8XfGL9vvVdS8T+N9fv5Vs9OCai1jp +n4DRiFrRlIAZ2RELbY1UEDcS1AH9SlneWeoWsV7YTx3NvMu6OWJg6Op7qy5BHuKqW2t6LeX8+lW d/bz3tqMzQRyo0sY/wBtASy9e4r8KP8AgnV8ZfA3h39rXxh8BPgX4iv9c+DniHT5NU0S31ITLLp9 7AEklijWYAhSHlDHGXCxliWBJ/Vj4dfss/Df4Y/G/wAbfH7w7c6jJ4k8eoyahHcTRvaIGkSQ+TGs SuvKD7ztxmgD6TooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiii gAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKA CiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAK KKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooA//9H9/KKKKACi iigAooooAK8a/aB+DOi/tAfCPxB8KdduGsotZiTyrlF3tb3MLrLDLtyNwWRRuXI3LlcjOa9lorWj WlTmqkHZp3XyKhJxaktz+cbRP+CR37QVz4wTSde1rRbHw+suJNShmkncw56x25jRi+P4WZVz/FX9 B/gbwdo3w88F6F4D8OoyaX4esrewtg53P5VtGI1LNxliFyx7nJrqqK9fOOIsTjlFV2rLsrfM6cVj qla3P0CiiivDOQ/Kj/goV8O/iB41+Pf7KuseDfDOp69YeHfFMlxqdxYWU91DYwm90txJcvEjLCm2 NzucgYVjnAOOp/ag+JH7WnwO+PmifEDw54e1D4m/A3ULBrbVPD+k2MNxd2lyVKvIdkLTsp+SRS7N GfnjbZlWr9LqKAPwX0X4c6p+09+2D8Lfi38HPgXqnwX8L+CbxNS1vV9S09NHOqeVMkqxrboojkc7 GiLIXZlkbeVCCvcPG/xt/ab+A3xu8feHP2hPh3rPxp+D/iObzvD82j6PbXiWNvvZo7eWOKJEZgri NxcEOWjDoWDEn9eKKAPxi/Yo+CfizV/2v/GH7T2i/C67+Cfw6utKfTrHRLyH7FPdzy+QWf7HtURR HyzK21QgfaEL/OR5r+zz41+Pn/BP3xB8Q/gr4j+CXiXx9o2ta7Pqeh6loNrJPFctKoiGZESRNskU cTFc+ZEdwZDnj956KAPxZ/Yv+Hnx71z9sP40fEL9oTwJe+GI/H/h1CxNvL9gVLxrYx2cd0y+VJND b4SRQxZWVgwBBA5D4HeIPjh/wTtPif4I/EH4Pa78SvA51Ce/0DXvD9n9sLJNhBHMFUrHvCBijMrx vuwsispH7q0UAfnD+yR4m/a2+L/xa8U/F34raHL8N/hdLbi30LwteWVvFfNN8i+fJI8CXSqFV2bc UDPIAilFr3j4ZfHD4p+NPj/49+FXif4Y6h4a8K+FkZtN8RzpcC11UiREAiaSBIjlWLfJI/C/jX1N RQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFF ABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUA FFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAU UUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAf//S/fyiiigAooooAKKKKACi iigAooooAKKKKACivkv9o744+Ifh3fWPhbwlsgv7qD7VLcyIJNkbOyIqK2VySjElgeMYHPGX+zt8 evE3jrXpvB/jJo7q4aFp7e5SNYmJjxuR1QBTwcggDoc5yMb/AFaXJz9Dy3nFFV/q/X8D7IooorA9 QK/LK8/bo/aM8SfF/wCJPwv+CfwGTxzD8N9UOnXl2uuxWbfM8iwu0c0S48zynOFZsY5PTP6m1+Vn 7B3/ACdj+2N/2M+nf+jdSoA7v4b/ALemtN8VtF+C37S/wr1L4PeIfFL+Xo1xc3SX2m3svQRi5VIg rsxCKF8wbmUMVLLnY/ab/bA+Jnwd+OXg/wCA3wo+GSfEPX/F+lzajbxnU109/wBwZjIg8yNk+WOF nyXGegGcZ8t/4K/2mlL+yrZ+IZwI9X0bxFp02mTgYkjnYSqwVuozHuJHQlQcZAI8e/a2+Ini74ff 8FBPgL4/0PwXe+NNetfCV6/9haacXUz3EV9HKsZ2v/qg7OflPyqfrQB674m/b6/aI+DdpB4q/aJ/ Zs1Hwt4NM8cN1qthrEGo/ZfNYKrPFHGFwSQo3yICxCgliAf0+8O+INH8WeH9M8U+Hrlb3StZtYb2 0nUELLb3CCSJwCAcMjAjIzzX5A/Hj4p/th/tbfDTU/gN4O/Zy1LwVb+KzDb3ur+IbxI4LaCOVJWK o8UfOUHzAuwGdqFsYs/ETw/8QNb+Mnwc/wCCdPgzxvqPhXwl4W8G2uoeJNV0mRrXUb+OzQ2yxRyc mNWMSnAO0eadwfYFoA/Y2vzF8bftvfHwftC+PPgP8FPginj+bwIbVrm5GtRWTGO6hjlVyk0QUfM5 XAZuma8z8SeGfF/7Bf7RXwft/A/jnXfEnwz+KurL4d1PRtfvWv8A7JdzskcNxbSMo2fNKHOACdhV iysNnlWm/Gfx58Gf+CiH7RGo+BPhfq/xPm1KLSIprfSG2vaqlrAwkk/dycMTgcDkUAfU2g/t+fEH wh8SvC/w6/am+C1/8K4vGVylnpmrLqEep2TXMjBFjkaKNVT5ioJDsV3BmULlq/TWvxf+KOkftS/t 7+L/AIe+EPEfwdufhL8P/Cutwa3qOo6xdJJeTeRlfLhjCROpZGcBQrAsVZmULz+0FAHiHwi+InxG 8c694903x34Fn8H2XhnW59P0i5mlMg1ixid1S9QFE2rIFDAAt97qa9vr8UPBPjv4/wB38OP23Jvh fqepax4u0LxrqdtokXmyXU1pbC8kWZLKNi+xo7feYkjH3lXaM4r5v+EniH4N+J4PB9/8Hf2kfFPg D42W9zZ/2tbeN7y5fTdQuMbbmGRCpgfdKcRo8xJX5WXcQygH9H9fl/8AFH/gqB8FvA/xh8PfD3S9 RtpdLttW1jS/Ft1dw3SS6X/ZgURywLHGy3CzSCRV2bido4Ga/T5d20b8bsc46Zr80/2gf+Cc9h+0 F8UvE3xa8QfEC/tNauYNMj8NslumzQXsphJMwVHjFyJAPk37WQsxLMQpUA+8fhf8SvCXxh8A6L8S /Al015oOvwme1ldDGxUMUIZG5VlZSCD0Irva/Dj/AIK6+NviV8KNF+Blt4D8V6lpl+kmpxzT2Uxs /tctsliEeaKDZE2WJOzbsG4gKAcV84/tk/Dr9pH9ie8+H/xzh+OGu+KfFGv3cq6kJ5pVtVu4VWYx xxeYUktW3OnlMgUKBhQDtUA/pVor8QP23/jp8aPjD+0j4C/Yr+DPiGbwRbeJILK61PUraSSK4c3c bzsheJlcww267zGrL5rnaxwBXivxQi+O3/BLr4yfDzWbb4oan4/+HnjCSRL+w1N5NpS1eIXa+VJJ Msb7JlkimjKtkFWBUEOAfr38T/2vPhz8M/jz4H/ZyntbvUvGPjWWAqkSbLa0tZ2kVZpZW+8SY2Co gY8fMVGM+G/tP/8ABRj4Z/AfxfH8NdFuLa+8WaZr2lWGtWt8lxFDb6ZfwGea8imjVkcwBowy5yCx GDivyw/a1+Amv6h/wUw0DwDH4/1O3uviBNBqNrqa7/tGjR3s9ztt7b98Dsh8s7NrIPmOAO/6k/Gz /gnZp3x9l8KQfEX4g6lqen+D/CLaFZwPEqsdXWJIk1aSUPvkLFd8kMjNuYD59pYEA+yvgr8cvhr+ 0J4Ofx98KtTbVtES8nsfPaGSAma3I3fu5QrgEMrLuUEqQcCvXK86+EngfUPhr8NPDngLVtbk8R3m hWUVrLqMsKW8l00Yx5jRx/KDjjqzHGWZmJY/FX7dCXc3iDwNH49+NMHwh+Ei/aX1qOx1CWy1/V7h RmOK1EUTl4Y/l37W4DsWUkR0Afo1RX8+3wI+LXw58Gftw/Dnwb+yv8UPEnjP4e+MkvbTW7LXJLyW 2F1FBLIjwG7ihJIIRtwUsCCNxV9tf0DSSJFG0srBUQFmJ6ADkk0APr5Z/at/aOuv2bPDngvXrXQU 19vFvijT/DrRvcG2EC3sczmcERybivlY24Gc9Rjn4C+AHwr8V/8ABQfw74p/aC+LfxK8UaFpuo6v d2fhrSPD2ovYWem2tphEnMRV1eYk4JIBO0liSwCch+094I+PXw5/Zo+DHgv9oXxLaeLtd0z4s6RH ZanbyzTTT6b5F15H2t5o42M4O4E5f5duXZgTQB+senfET4jXf7QOqfDC68Cz23gmz0RdRg8UGUmG 4vjLEhshHsADBHd87yfkPHPHt9fl+fiXrnhb/gpD8Tk1TVbybwx4d+Fj6wdNNzJ9kWS3uLR2lWEk xrIU3DeFzgn1Nfm94C+PH7P/AMctH1b4m/tZ/tGeLPCvj7V7u5fT9J0EapBY6DbqxW3ES21pLC7Y +bKvkqQHPmFmoA/phor+f+P9qX4i/Ez/AIJi/GK9u/F11qPif4e6zp2k2viO1eWzvL+wfVLI29yz Dy5UeSN3jbdh2UfvMsWJ6z41/s5/Ev4e/sop+1uPjT4yuPixpen6brdxI2pbdNP2uSEyWsdqqgJF GsnyrkqxXDJtbaoB+q3xR/aE8M/C34o/DL4Sajp91e6z8ULu7t7J4tiwW8dlGsk0kzMd2fnQKqqc 5OSuOffq/Br9oz4d2nxn/aH/AGSfGev+INc0+8+LumPc340/UGt1sHj06zl3acAp+zNIZD5hGd+B 6V+6ejaZHomj2OjQzTXEdhBFbrLcOZJpBEoQNI55ZzjLMepyaANKivxj/aN/4VqPjt4zu/2xv2iJ vDfhmNYE8OeEvCup3iT2tuU+aXUbe2tncTSYWReGzuPzbAgrlf2GvjBq+q6d+0r8OPDHjbWfF/gX wppbX3he+1l5hqMEFxb3J+9KEkUfKhA2qMrvVV3EUAfuNXi/7Qnxv8N/s5/CHX/jF4stLm/07QVh 3W9oFM0slzMlvEo3sqgGSRdzE8Lk4JGD81/sB+JPEXiT9grwb4j8Rapdapq09lrbSXl1O89w5j1C 8VC0shLkqqgDJ4AAHAFflx4t07VviZ/wSB0/4l+MvE2tahrPhzU7goZb+WSO8FzrcVvtvFkLGdYl 5iBb5GAIoA/Yb42ftR3HwmvvglbWfh1dTT4v6/pujMZLkxGwS/MQ80ARt5pTzfu/KDjqM19e1+DP 7Xnwi1PwJ8Mf2WPAXw48Uas2tar4xsZdP1TVbk6hdWd9epbiF0Zwo8uGQqyR9BjFdn8bfhB4u/Yg 8efB34qfDj4q+LvEA8T+LdP0DxBZa/qRvrfUI7zcZJCm1FBKI4G4MVJVkZWXJAP2zor8Cfj5+0n8 Nvib+1r46+G/7RXxb1r4a/DD4e7NP0/S9AF6kur6hjFzLczWUEx2xsCNrgcbAmD5hPqX7CP7RmiH 9pvxH+zv8O/iVqfxT+GOoaS2raFfa0tz/aGnXUDKJ7MvdRQySIUZmzt2Dau0AmTIB+0leafGP4p+ H/gl8MPEfxW8Uw3Fzpfhq1N1PFaqrzyAEKFQOyrkswHLADqTX4q/sN/s4+OP2uP2eW8b/Fz4yeNI EtL67sdDt9P1V4o7YxESNczlw7XEhmkYLuYFUUKGxtCZr6t4z+O//BLHxvqXxV8Tapf658L9YvrK K6iu2R9QS0MKol+Tk3CKLkjDHJKIxJIyQD9ZPF/x2+IEfwe+G/xT+Ffw8ufGE/jqbR3udPjnKvpu n6patcSXLusb7xAdiHhQS2cjpX1HX4UfFHw7qvwK/Yd/Z2uPAvi7xAs/i7xf4Pv7uS41OZ3jS+0i QyWcLJsKWYMalYOVB9a9++I//Cb/ALWf7afij9nB/GureD/ht8L9HtbrU4dAunsrvVb7UY4pEimn XOYlWT7pBA2EAbm3KAfqzRX53fCv9nv9pL9nnVviXo3g/wCI8PiD4dX+jSyeGD4qvp7m+0jWAg2v M/2cx/Y0JdnCnkBPkzvY/mL8QL79nTQ/hfqd/wCK/wBqPxR4u+P1vaXV1FdeH9T1G80z+00DSJDb tFbiNbUEBS/mIduXXaMIAD9zP2lv2hfDP7MnwvuPid4p0+61SBbqCygtrTYHluLkkRhmcgInBLNy QOiscCtD4lfET4jeEviL8OvCnhDwLP4m0LxVc3cOtatHKUj0SKARGKSRQjBxKXcDLLjYeuePxQ/a nu9c+OX/AATY+D/x08ea7qNx4khuYNPnWK4Mdreb7qW3NxcwgbZJwtupV+NpZzj5q+vPjXoWr/Av 49/se/Cnwj4t1+80afWPEaXj6jqc1zcX6O1pMq3b5UTrGZWWMOpCrwKAP1ior8cfAnhHxX+358b/ AIu618QfHev+Hvhz8Otbm8OaJougXraes01qzLJdXDAHcxCq4yC2XwCqptbmdM8b/Fj4G3/7T/7I /iLxrqXivTvDXw71jxT4V1m/uGbVbSH7GQYmuBh2ZHmXY24bTGWQKG2qAftpRX4PfDn9mP4gfFf9 iu3/AGi/Gfxn8aDx3a+H7vVNGW21V4bGzi06OQW0RjA3u0qRAyy71clskkgl/wBOP2I/iX4o+L/7 K3w7+IXjW5+265qVjJHdXBADTyWlxLbea2MDe4iDNgY3E0AfVNFflB/wUQuvilqHx2/Zp+Hvwv8A Gmo+Cbjxjf69p9zd2EzpthkWwjeQxghXeKKSQxFuUY5Uq3zDwD4mfBL4q/Ab9qj4c/An4PfGjxfb eH/jVaXdvqs+p6iL69gFoRLdz2zsipFO8S4jmVfMRi2G2nFAH7vUV+QHgDwX4h/ZV/4KCeCvg74T 8ceIfEfgv4leHtQvLyz16/a/aO8tEnl81GIUBiYV+baG+ZwSQQB8iyftL/A/9oH4r/EHxJ+1d8bv EfgbRNK1WbTvC/hzw8dQhhjs7dsLezSWdrOjyucEbsPuDZ+Ty1AB/RB4j12x8LeHtU8Tapu+x6Ra z3k+wbn8q3QyPtHGTtU4Ga+DPiH+3rY+Hf2OdK/a68J+EpL+y1q++y2+mXtyLeUR/bJrQPJJGkoD Hyd+0AgZxuOMn4r/AGffil/w0B8Hv2hv2c7/AOJGs+NfDPgixOq+G/Eyyz2OrXWnKkkot7h5o1mZ UeJEfeuXV3UHy9gHzVrvw007wt/wSO0/x/a6vqt5deMNUsjPZ3d201hafYtTvol+x25AEHmA5lwT vbBNAH9OtFfhn+1J+z18UP2Xvggn7VWhfGnxhqPxO0C506fVje6h5mmXj3dxHFJCtmFCrCkknyxM zpsypXkY9s/aA8ZfEf8AaL/aa+HP7J/hTxVf+BPC2o+Gl8V+JbvR5Tb6hPFIWCWsU3JVQVUf3T5h LB9gWgD9YKK/HnxJ4Z8X/sF/tFfB+38D+Odd8SfDP4q6svh3U9G1+9a/+yXc7JHDcW0jKNnzShzg AnYVYsrDYzwX4K8Q/t7fHj4va/498eeIPD/gX4Z63L4Z0DS/Dt++nq09oziW9lYBgznCupxk7gMh UCkA+5PhX+0bdfEj9on4t/AuXQksIfhl/Zmy+FwZGvP7QhMp3RbFEezGBhmz7V9S1+PP/BP3wX4r +HX7Xv7Svgnxr4gufFWqaQugw/2peNuurq28uU2rzt/FL9nMYducsCcnOa/YagAooooAKKKKACii igAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKK ACiiigAooooAKKKKACiiigAooooAKKKKAP/T/fyiiigAooooAKKKKACiiigAooooAKKKKAPnz43f Am1+LDWeqWV6NO1exQwh3UvHLESWCMAQRtJJBGepBB4xQ+CX7P0Hwtv7jxBqt+upatNGYU8tSkUM bEFsZOWZiByQMDjHJr6SorX28uXkvocDyyi63t+X3gooorI7wr8ZfCvg/wDbo/Z7/aI+Ovjj4XfB a08a6F8TNcS9trm513TrLEFtJcmNlja5D/OLg5DqpGOnNfs1RQB+Rd/+z9+1/wDth/EfwfqX7W+k 6N4C+Gvgq9XU/wDhHdNuhez6ndJjaJ2jkmjK4yjNvXajMqJly492+J3wS+J3iL/goP8AB3446Po3 2jwT4V0HU7LUtQ+0W6eRcXEF8kaeQ0gnfc0yDKRsBnkjBx9/UUAFfnb+1D8D/jfp/wAffBf7XX7N +n2niTxN4c06TRNX8PXlylmNT02R3dfJnk2okimVyS7D7sZAbaUb9EqKAPyyi+Fv7TH7WPx7+HPx N+PPgq3+FHgT4V3X9r6fpH9pQ6rqGoaorxvG8kkAVUjRolOGUEAEANv3J6f8Dfgl8TvB37bvx4+L 3iPRvsnhLxnbaXHpN79ot5PtLW8Mayjyo5Gmj2lSP3iLntmvv6igAooooA/Kj4ffs3/tN+HfDv7U 0fhK8PgDxR4+8Z32t+FNS8+1nW4tmuZJkLiMzGFZ4zsO9VkTdu2/KRXhfxm+F37Y37WvgPTPhD8R v2edC8NeKY5LKK+8fXWqWMzRpbshkmgjtwZx5wUh0R5BhiNoOCv7l0UAYfhnRv8AhHPDek+HvtMl 5/ZdpBa+fKcyS+RGqb3P95sZPua3KKKAPyb/AOCof7M/xt/aKk+FLfBzw5/wkA8NXepyah/plpae Qlx9k8s/6VNFv3eU/wBzcRjnGRnW/wCCpv7OHxn/AGjvh/4I0T4MeHv+EhvdH1S4uLqP7XaWnlxP BsVt13NCrZbjCkn2r9TqKAPyD/bH/Yz+Nut/EbwJ+1R+zPNE3xF8IWtjb3WlzyRRi4NmG2yRySss THaxiljZlV48bTnIbyOb9mX9tj9t340eDPGH7X+g6b4C8EeCX8xdPspYybkNIjzJFElxdSB5zGiy PK6qqKCgJGD+7FFAH4x/t0/s5/tQX/7W3w+/af8A2dvC9t4uk8O2NpAbaeeGJYru0uJ3AmSWe3Zo pEmA3I+QQ2SvBP61fDq88Z6h4A8N33xHsYdL8WXGm2j6va27K8MGoNEpuY42V5AUWXcFw7cY+Y9a 7KigAr8qP2vPgT8Zp/2rPAn7TPgj4d2Xxk8PaDo7aVdeG7y6t7ZoJt9w4uY/tQMZP75SpCSMGTkA bWX9V6KAPxzvvhV+2Z8Tv2q/gv8AtBeMfhpp/hTwn4Qu5rIaDZatZ3N1pVlOmyS8uZN0UUvmGTIS 33Oqx7THuILfsWQCMHkGlooA/IP4ZeCv2yf2IIvFfwl+Enwttfi54D1LU7jUfDl8msW2nTaeLogf Z7yKfDOFCgkqFXdkiTDbUxvHv7Kf7Wvin4CeAbHxxqE3jzx/L8TbHxdq9u2pI1to2mrFOrW1q95M qmKAuD5cRPLlUDKgY/srRQB+ftv8AfHepft8eO/itr+i/wDFuvE3w9PhwXwuLcmW6luLUyQ+SJDO v7tHO8x7OOuSAfnv4S+Hf24f2NfCOofAjwf8I7H4weGbG7uZPDWtxava6eYIbqRpvLvIJ8O2Hcu2 NgDFlWRl2lf2GooA/KL4h/s7/ta+N/2AfHvw2+Iupp46+LHjC8sb2GwhktLa3s4YtRtJzaRzv5ER 8uOKSRmZsZOxCwClvpD9o74T+P8Ax5+xHrfwh8J6X9u8W3fh/T7GKy8+GLdcQGAyJ5srrCMbG5Lg HHB6V9m0UAfkt8cfgR+0bpWj/sqfEn4WeD4fFXiT4Lactrq2hyX9vauZJrG0gcLO7iJgjQSKzIzc lWUMuSP1N8M32s6n4b0nUvEWm/2Nq13aQTXlj5qT/ZbiSNWlg82MlH8tyV3KSGxkcVuUUAfi/wCF vhD+0v8As3/tFfFnxlo/wK0/41Q/EHWZtV0jXn1WxsbmxSaWWUQO12rvGFEiqwVUUlBtZhgL6D+y 5+zr+0ponx0+Ofij9oTSbO3tPi5pEJOp6XdQzWkNw6lGs0hZxcgwRzFAzR7D5Rw5ypP6v0UAfi58 GPBv/BQb4MfBqf8AZA0X4ZaTdWUTX9lp/jZ9ZgWytbHUZpJJJ2tBm4ldGmd0GFcDAMTAc7Hh39kH 45XP/BLjU/2adT0WLTPiFJNLdRWEt3bOjmLV1vlT7RDI8IaWJCFJcAMQHKjJH7F0UAfkf4s+Gn7U /wAb9E/Zq1fxf8Ml8L6t8M/HOmXWsWy6rYzqmk2BtSb8ETDO/bJ+5TfINvAIIJ+g/wBu74M/En4z aJ8KbP4baR/a83hrx1pOs6gv2i3t/IsLZJhLNm4kjD7Sw+VNznPCnmvu2igD8tvF/wAJP2j/ANnD 9prxr8e/gB4Ltfij4Q+J8dvJrmgvfwade2t9aqQs8Ms42MpLOwChyd7qVGFevWv2atJ/a+8V/FXx J8Xf2hI4fAnha6tVtNG8F2s9te+Q4K5uZ7mFTlsK2AHBYucqgRVP3fRQB8I/8E5vgz8SfgN+zRY/ D74r6R/Yevw6nf3D232iC5xFM4KN5ltJLHyB03ZHcCvnv4Ufsl/Gq0/YY+NHwL8S6RFo3izxfrWs X2mQTXdvLHNFMLZ7cmW3klRPNaErhiCvVgBzX65UUAfjB4w+EH7W3xh/ZT+EXww8S/C1dA8R/DHx f4bDxLq1hKLrR9I0+W3kv93nhEO9gDEGZjnKgjOPcPi18Jf2hPgz+1Vqf7Vv7PPhe3+Iun+NNLg0 3xJ4dkvotOuvMtFRIbm2mmHl4CQxjHzNneNpDBk/S+igD8lL/wCCX7af7S+jfFzxV8WLxvhnF4q8 NNoXhzwdFqrXdnFJvWVrm9MDNDvlCtCXCb9srZVRGoPnPgTwF+2da/s7yfsu+EP2fdC+HmoXOjya Hqfi+fV7Iw3EMkRimnFvaq873Fwhb597qsjbjgcL+2NFAH4ya5+yb+0F4m/4JkeGvgGfDaad8RvC t/8Aaxpk17aOLhYr+eZRHcRSvBlopgwDSLyCCRxn1fxp4C/aW+OvxS/Zd+L3i74bjwndeBtW12bx JZrqllcrYQTm1S2lVhKGlEyxM22NXZDww6E/qJRQB+VFt8N/2pP2RPjj8SPF/wAD/AMHxb+HfxR1 Ftbk05NUg0q/0vU5mZpcNOCrRO8jABVf5AmShU787w7+y3+0B4zsf2hvj98YdPtLL4m/FLwdqvhj Q/DdjcxSxWNpLZ+XBDJdFxCZJZI4gW3BAQzsw3lU/WiigD4y+Dfwn8f+FP2F9O+Dev6X9l8YQeEr 3THsfPhfF3NDMiR+cjtDyzAbg+0Z5Nb37D3w08bfB/8AZX8B/Df4i6d/ZPiLRYLtLu186G48ppb2 eZB5kDyRtlHU/KxxnB5yK+r6KAPhH9pz4M/En4h/tL/s2fEHwfpH2/QPAGp6zca3c/aIIvskV0lo IW8uWRJJNxifiJXIxyBkZX45/Bn4k+Mf2y/gB8V/Dmkfa/CvgmPW11e8+0QR/ZTd2xjh/dSSLLJv bj92jY74FfdtFAHwn8S/g18SfEH7e3wg+NOkaR5/gzwtoWrWepX/ANogXyJ7mG5SJPJaQTPuMijK IwGeSMGvnvwr8N/2q/2LvH3xB0/4O/DS1+MPwz8b6rPrlhDHqltpl9pV5dYDxyfaFO9MKqfIrAqi tuRiyn9cKKAPgv4DfDf9qjxL4I+KGq/tKavb6fqnxAhubbSPDlu0MtroNvNFJGFaeBTvY71BAdwF TcSWchfz6uv2cv20PEf7Ct1+yTq3wpjttQ8IalazaVfRazp7LqkUl9c3M52vOqx+UJF2lmBcHoGB FfvzRQB8Z/t//Cjx/wDG39lXxd8N/hhpf9s+I9Tl01re18+G33i3voJpP3lw8cY2ojHlhnGBk4Fe L/HL4AfHnw18Uvhh+1P+z9plp4g8X+EdBi8Pa54cvLqO1XUbDDHENwxEayI0j5Znx8sZXcFKN+ml FAH5ZRfC39pj9rH49/Dn4m/HnwVb/CjwJ8K7r+19P0j+0odV1DUNUV43jeSSAKqRo0SnDKCACAG3 7kYfh/8AtP8A7Jfx4+Ivi/4GfD6H4teAfivfHWZrBdTt9Ju9L1eVnMvzz5VopGcnIQ8bQShU7/1Q ooA/Mr9ij4O/tLeEvj98avi9+0ToVrpVz8Qk0m4tnsruC5t90ayFrZBHI0o+yoyQlnUBipKM6/Mf 01oooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAC iiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD//U/fyiiigAooooAKKKKACi iigAooooAKKKKACivgX9r/xd4itte0vwjbXEltpUlmLp1RiomlaR0w+PvBAgwD3OfSsT9kjxd4jX xnP4SNxJcaTcWskxiZiyQvGVw6g/dznacdcjPQV1fVXyc9zw3nkVivq3L5X8/Q/RWiiiuU9wK/Fn wLqP7Z/7SPx/+PPhfwH8dn8C6L8N/Ekmn2lq+jWd8DBNNcrGqsVRgI1gxlixOevHP7TV+BnwM+BP xL+M37UX7Uk3w++L+s/C1dK8Xstwmkx+YL0zXF6UMn72PBi2Nt6/eNAH1N8Ivi5+0/8ABf8Aa10D 9lb9onxTY/ErT/HOlXGo6PrNrZx2V1bNaJNIyTxQoq7W8h1O7dyUIk+8o/Rvw78Q/A3i7Xde8L+G Nds9U1fwtLHBqtrbzLJNZSzbjGk6A5QtsbAPXB9K/GDSfA/xB/Yh/bZ+G+r/ABP8Sr8aD8aH/wCE etdc1RJk1nSnWWKIiEPPOixZuY95GcpuAEfO/wCk/wBigj/hr79sJe/9vaIcexS+oA+5da+Onwi0 I+LIdS8X6Xb3HgaOGTWo5LlFbTxc48g3IzmMSEjbnrmvmX9gb9rI/tQ/C+TVvF+r6WfHMd1eTXek 2JCPZ2XnlLcmIs0gTbgB2JLHqa8Q+AGm6B4r/bh/a+0rWLO31bTbiPQYpre5iSeGQxWzAq8bgq21 17jqK2f+CRfhvw7a/slaT4ntdLtYdYvb/Uobi9SCNbmaKO5OxJJgN7KvYEkDtQB+oF5eWenWc+oa hPHa2trG0sssrBI440G5ndmwFVQCSScAV4T4T/ar/Zu8d+Lh4D8HfErQtY16RtkVrbX0UjTsOdsL A7ZTjtGWPX0r5N/4Kp65qtp+z74b8H2d7NpuneOPF2k6HqlxC5j22E6TyyKxH8LGJcg8EAg8cHvv jl+xj+yHc/DjQoPEMGn/AAo0/wAG3dnPZ+INNks9IvLZ42CRI99cRsG8x2XPmbi0m1s78GgD7B0v 4h+Btb8Yaz8PtI12zvPEvh5IZNR06KZWurRLhQ8TSxg7lDqwKk9QRRZfEPwLqPjXUfhvY67Zz+Kd Jt0u7vTEmU3cFvJt2SyRZ3Kjb1wSMcj1r87f2eJoZv8AgpX+0tJDMJ0l0fwy6SAgh1On2pDArwQQ Qcjjnim/Cy4hm/4Kr/G6OJwzQeDNKRwP4WK2DYP/AAFgfxoA+wLL9rT9mXUtT0PRrD4n+H7i98Sn bp0aX8LG5bzDCApDYBaRSigkbmBVcmix/a0/Zl1LU9D0bT/id4fuL3xK23To0v4mNy3mGEBSGwC0 qlFBI3MCq5Nfmr/wSa/Zy+Dut/s+23xf8T+FrDWPFjeILi4tNRuoRLcWf9nmMQCBm/1e2QM+VwSS M5wMR/8ABKD9nf4Q6p+zxD8ZfEXhGx17xeuvXN1ZXtxCstzanTtgt1t3b/VkSKz5XGSRnOBgA/UL 4jftM/s/fCPW4vDXxK8f6P4e1aUIwtLq6RZ1R/uu8YJZFbszAA+td7c/EjwBaeBm+Js/iKwHhJbc XZ1YXEbWX2c9JROpKFPcHFfz8fsXX3xY8W+CvFnxT/4Ze0/47ar431m9l1LxFqmu6XbuXbaXtEtb 2GRokQsWOMBtw/hVQPQ/C3gP4u/DP9jD9q/wp488KDwT4XkY6hoGjDV7PWBpwu5HFzaCW2kdlEPl wj94qbiSQC280Afrdqf7XX7MGj69Z+GdT+KPh+31K+SKSKJtQi+7OqvEXbO2PerqyhypIII4rwP9 sD9smz+APxE+EvgLSdd0iy/4SjXbL/hInu2DTWOhPMge4ALBY0kAdfNYEAK23B5HzhP+y38C9O/4 JbNraeDdMfXZvAUfiZtVa1jOof2jJZLf+YLojzRhzsADY8v5MbcivHPHWh6F4p+H37AOreJNMtNT vdX1TQ9PvZ7mCOWS6tIvsyrBOzqTJGAT8jEjk8cmgD949B13RvFGiWHiTw7exalpWqwRXVpdQOJI p4JlDxyIw4ZWUggjqDXlfjH9o/4C/D691vTPG3j7RtFvfDhtl1C3uryOOe3a7j86BWjJ37pY/nRQ CSvIGK9e07TtP0fT7bSdJtYrKxs40hgggRY4oooxtRERQFVVAAAAAA4FfkL4C+EHw5+Jn/BVT48a 54+0q11yTwvpWgy2FpeRpPAJrnTLJGnMTgqzRqu1cghS+cbgpAB+o/w4+Knw3+L2gf8ACUfDDxJY +JtLWQxPPYzrMscoAJSQA5R8EHawBwQcYIrz7xx+1X+zf8NfEp8G+O/iPomi62hCyWk95GJYSRkC YAnysjn95t4x61+dOpQR/s4/t6/E3SfgfYJYaX4g+F174lvtKswIrKHVrJpPImECgIrExqOB1nY/ xGu1/wCCdP7O3wT8cfslaX488eeF9O8Y+IfiHLql1reoarbx3tzNJ9tng2ebKGdMKgJ2sD5hZ85O QAfqBL4t8KweGG8azazZJ4eS2+2HUmuIxZi227/OM+7y/L287923HOa8f8B/tWfs3/E7xGvhHwF8 R9F1rWpCyxWkN2nnTFRk+SrYMuBz8m7gE9q/HX4XfCjxF8Vf2Uf2kP2VvB3iiKw0jwR47uLTw7Nq VyI7WW3t7syCzeY9FkMPmDt5r7jwTS+KfFfhTwRqPw+0z9tD9meT4T/8IrqtidP8Y+DvJis47mDJ iWSS3V/3QK+aUFxJJ8u5VyCCAftR8Uf2g/gl8FJbS3+K3jXS/DNxfLvggvLhVnlQHaXWIZkKA8bt u3PGaoa98TPC3xB+Bni7xt8I/HulRW66RqX2XxFFPFc2Wm3MVs5FxMw3qBbNiSRWBwBytfnH+0P8 IfjJ4S/a58RftHfDn4eaB8eNH1jR7OyvNAv5oHv9ISKONCbeKYttE3lFlZI5GO+RdgHJ474SeLfg NqfwF/a20f4deCNY+FfjabwxrN54h8K6mdtvZt/Z10EayiCRiOMFyGXy0IBQbdmygD1/4sfHX4q/ DTwj+yi1t8TbTXk8Y+KtPsPEeu2SW5sdWsZJ4xMwd4wscZRmBZAhHJyMV93fD79pj9n74reIZvCX w4+IOjeIdZgDMbS0vI5JnVBlmjXOZFUdWTcB61+JvxD8H6H8Qv2WP2GfAfiZiukeIvEFnp95htjG 3upVikUN/CSrEA9ic19Mf8FI/hJ8NPgn8Lfh98Y/g/4b0/wl4x8F+J9Lh0qXSraK0eZGEjfZn8tQ JBmMMN+ejDozAgH3NpmseLT+1r4g0eX4mabd+H4fCyzReC0Ef9pWtz58A/tF/k3+SQWTlyMyDjpj 4S+D3xy+N/xS/wCCfVt8Std+Mlh4D8YT69NbN4n1mK2it1gjn2iAqIfKBccKdmfevT/C3/KWfx7/ ANkwj/8AS2xr8zpP+UNEX/Y3n/0qNAH6t/Gj9uHw98Mf2v8AwH8Eb3xRomleEGtL+48UXdzIomtL lbWV7O3kkZtsIdvKfldzblAIBIP3B4P+Jnw++IF5rWn+CPENlrl14cuTZ6lFaTLK9ncqWUxTKpyj ZVhg9wfSvzQ+PHgLwNrP/BT34H2Wr+HdNvrfWvD+tTX8c9pDKl3LDa3QjedWUiRkCKFL5I2jHQU7 UL/Tv2TP+CjGo63qcq6Z4C+POgTXk8h+SCHWNFjMsrH38tWY+r3NAH6Z2PxF8Can431H4a6fr9nc +KtIt0urzTI5la7t4JdpSSSIHcqsHUgkc7h618x/t3/tIp+zZ+z/AOIPEeg61Zab44v7fytAguSj SzzGeCGeSGF+JWto5vNIIZRgbgVyD45/wTe0PU/G2kfEf9rfxVbtFrHxl164uLNZOWh0ewd4bWIE 8gK29PdUQ88V0H/BU/w/oOpfsVePdc1DTba61LSBphsrmWFHntTPqtkkvkyMC0fmL8r7SNw4ORQB d/Yy8YXOmfBnV/i/8WP2gbP4lafdraSXt3P9ms7HQLpYfOubQzK+0n9/GG3BPurhBuxX0n8N/wBp j4AfF/WJfD3wz8faR4h1WFWc2lrdIbgon3nSM4Z1HdlBA9a/Ln9obwL4S1zxd+x3+z7NpVto3w+8 aTHVdZsrKNLS31O9tLO02CdYgoZmDFCx+YiTqCAa63/gpn8Kvhp8F/hN4P8Ajz8KNA0/wb418E+I tNGm3Ok20Vk0qNvJt3WFVEijYGAYHAVgPlZgQD9GvGv7TH7P/wAONQ1bSfHXxA0bRL/Q5LaG+trm 7RJ4JLyPzYFeLO/Mkfzrx93LdBmvXND13RfE+jWXiLw5fwappWpQpcWt1ayLNBPDINySRyISrKwO QQcGvx18I/A74afGn/gqN8e7n4peHrTxHZaFo2iPBZX8YmgWe606xTzGjOVZkRWAzkAtkcgEfsZo mi6T4b0aw8O6DaR2GmaXbxWtrbxLtjhggQJHGijoqqAAOwFAHlXxO/aL+BXwZuYrH4peOtJ8N3k6 eYltdXSLctGTgOIATIVzxu24966LwT8Xvhf8SPCc/jrwH4p07XtAtQ5nvLS4SWKHyl3uJSDmMqvJ DAEDnGK/JvUfFXwpj/al+LWofBP4H63+0T48nvI7TXb7VpLGPR9JuIA0X2OzuLi3YRKuzy23jJ8o BWZVJPE/sYwa3ovxO/bC8P6t4XtvAUh0mK5n8O2FzHc2enzvb3TGOJ4cRHbvP3AFXO0cAUAfqVqn 7ZP7KuijS21P4q+HoV1lBLan7fEweMsyByVJCIWVhufaMg816/4o+Jfw+8E+Gbfxp4s8RWGlaBdt AkN/PcIltIbn/U7JSdreZn5SDz2r8v8A/gm5+zB8BvFf7Fekav4q8J6b4gv/AB7/AGkdUubu3jmn xFdz2kcUUrKXiEaRArsIIclxyc18J69rOsat/wAEo9d8NarfS3em+FfiD/Yul3c7+Zu06GSN42U/ 3FaV1A6ADAwAAAD959G/am/Zy8Q+Oh8M9D+I+h33idpTbrYxXsbSSTglTFGQdryAgjYrFs9q98r8 p/22v2YPgT8OP2ItZn8FeHbLQNR+HltY3mjavaxJDqCXUNxCgka6jAkd59xDksdzMG+8FI/Qr4Je INa8WfBnwF4q8SKyavrOgaXe3iv94XNxaxySg++9jmgD5Y+D3xd+IviX9u348/CbXNZe68J+EdP0 KbS7AxxKltJd2cEkzB1QSNvd2Pzs2M8YFexeKv2xf2WvBPiCXwt4o+KGg2WqwSGGaA3iSNDIDgpK YywjIPUORjvXxN4C1PRNF/b1/bA1jxLqkuh6RY+GNGnvL+A7ZbS3j0qBpZ4ztfDxoCy/K3IHB6V8 0/DmTwrq/wAANU8Gfs4fsm3XjLwPeW2oE+MPGN1pthc3CMZN92ZWg3SGHkR+S4KbAB8wNAH7d6z8 YPhX4eg8N3WteLNMtLfxjNHb6NK91H5WoSzbfLS2cHbIX3Lt2k5yMVs+OPH3gr4Z+HZ/F3xB1y08 PaLbMiSXl9MsEKtKwRFLsQMsxAAr8Lvht8KtV+Nf/BISyXTHkl8ReA7zUte0WRSTLFJpl7PK6Rnr loGlVAP4ivoK9M8c/FeD9vDxN+y38H7DbPpetW6eOfGEScxIul77drd8fwPcxXEOD3aNsDggA/Vz 4j/HX4OfCDTLPWPid4x0zw3a6kC1qby4SN7hQASYY875AARnapxkZ6iug8AfEv4ffFTQF8U/DfxF Y+JdJLmM3NhOk8ayLyUcoTtcAglWwRkcV+Haat8SvHH7e/xx8XWvwMg+O174NltNHsLTUdXsdOg0 a0AcRvHBexyJKZ/LZgyrlCXJOZK92/ZP8AfG7wj+2T4o8ZXXwht/g34J8YaDjUtCtdd03UYBqEDh oLtILVo3jDjeoCw7QWc5+bAAPv8Asf2tP2ZdS1PQ9G0/4neH7i98Stt06NL+Jjct5hhAUhsAtKpR QSNzAquTX0N05Nfij/wSW/Zy+Dut/AC0+L/ifwtYax4sbxDPcWmo3UIluLP+zzGIBAzf6vbIGfK4 JJGc4GP1U+PWpeDtI+C3je++IWr3WheGl0i8TUL2xIW7htpIijm3JV8SkNiP5SdxGOcUAefax+2f +yjoGvnwxq3xW8PQaikhhdPt0bpHIpwyySoTGhB4O5hjvXtnib4geBvBnhOTx54s8QWGkeHIo0lb Ubm5jitdkuPLYSsQp35GzB+YkAZyK/Bh5NK1z9kvXPC3wS/ZLll+H8Og39ynjPxVdadZagYI4ZJT qh/ciSaZQPMQxSbeFVPkwK7ex+Dfj74/f8E4/wBnz/hDLvTdU17wrqY1GDQ9cnWOz1pLS7uYEs28 xkDkLtQIWVTGWXcpINAH65/DL9pH4DfGXUJtI+F/jvSfEeoW6NI9ra3Km4EanBfyWw5QEjLBccjn kV2vgb4leAPiZZ32ofD7xBZeIbfTLp7K6eymWYQXUYDPFJtPyuoYEg881+N3gvx/8OLX9qD4Wt+0 d+z9e/An4jxXb2Gh6topjj0bU7q4CwCKcwRosi/P5S7XlCiTDsEYEekaB4s0j9iz9uD4waN4iY2n gT4n+H7jxzYgfdF/pkcs99FH2DuFuXwOcCIYPFAH6S6z8e/gt4efxRHrnjbSbJvBX2Ya2JbuNf7O N46x24uef3fmOyqu7qTisKD9qH9nS58dRfDO3+JGgy+J5pVgSxW/hMrTs20QAhtvnFjgRZ35425r 8YNb8Ea1D/wSv+M/x58ax48WfGrWbDxHeMR8y2r65araRj/YwXlj9FlA9q7z9s39mr4MfDL/AIJz +G/EXg7wrYaZ4i0OPQLpdWgt401Cae8Ma3DzXIHmv5hkLEFsAhcABVAAP1ls/wBp/wDZ31D4gD4V 2PxF0S48WNMbYael7E0puASpgBB2mYMCpjB354xmun8X/Gv4Q/D/AFifQPHXjLSfD+o22njVZIL+ 8it3SwMvkC4IkYfuzKPLB7t8o5r8lf2+PgB8Ivg1+yN8Pde+HPhfT9D13wxrehC31S1t44r6RnRv Maa4UCSQyOBIxdjlwD1Fdv8AHv4WeCfi5/wVZ+Gvh74g6XDrWj2PgEag1lcoJLeeW3vdR8oSxtw6 B2DFGyrYwwIyCAfoToX7Uf7OfiXwhqvj3RfiPoVx4f0No1v7z7dEkdq0xKxCbeylDIQRGGA3kYXN dX8L/jT8KPjTplzrHwp8Vaf4otbJ1juGsplkaF2BKiVOHTcASu4DODjODX5Nj9mv4K3X/BVSbwm3 hPTk8NReD08RnR1to1019QSQWqyNaqoiOA5fBUjzPm610XgvTdL+CX7f37Q1r8LtKg0exg+HI1uP TbKJIbY30C2zKyQqAgLMzHAAGXY9zQB+ivjv9qX9nP4Y+Jf+EO8f/EXRND1sFQ9pcXkayxbxuXzl BPlZHI37eMHvXkP7bH7VNn+z1+zpffEnwLrGk3XiPVo4B4eS4kE8N8JZoUllgWNx5wihlMo2sV4B OVyD+VP7G2n/ABM1T4GT+Jbf9k3T/jU3jq71C51HxRqniLSorjUJGuJI5E8m7hkmgEbKRjcNz5lH 3hVPxd8MPiH4E/4JqfF7w18WvC0GkL4b8TWs/heGW/stYm0uyv8AUbTzrWK6tnkKFX3h87GcsxK4 OAAftl4R/aa+CeqfD3wv4y1P4gaKtvr4W1S6a8hjhmv4oVe4hViQoePOWXjaK8a+L/x+8J/E7wN4 e1f9nz47+HPC4tfFenWeo30s8MyXMUkdwTpoV0crLclN8Rwu4RsVbGa+OP25fhX4K1rwl+yb8MLP SbXStD8T+KtMs7uCyiW1Rlv0top2xCF+dlY5Yck85rsv+Chfwi+GHwh+Dfwx0r4X+F9P8L2d/wDF Dw9NcRafAkCSyJaXkYdgoGTtUDPfknkkkA/T/wCI/wAXPhf8INJj1z4o+KtN8L2U5ZYX1C5jgMzI AWWJWIaRgCCVQE+1Hw2+Lfwy+MOiv4h+F3iew8T6fC/lyy2M6zeVJjOyRQd0bEcgMAcc9K/NzQ/C fhn46f8ABTv4n2PxY0+LX7D4YeHtLj0HTNRVbi0ia9ht5prlYHDRlg0rYJB5YE/MqlfqT4a/s/fs 8/B79pTxN4u+HGtw+H/Fni3SYvtnhG0urOCz+zxuuL6PTUQTKS8ZHmAhMtJxljQB9d3d3aafazX1 /MltbW6NJLLIwRI0QZZmZsAAAZJPAFfNlh+2h+yhqfiSHwnp/wAVvD0+p3DiKNFvozG8jHCqs2fK LE8AB8k9KwP26NS+Eunfsx+Lo/jdq2raT4SvVt4Lk6G0a6lcuZlaO2g85HTMrKAwYBdm7cQua/IP 9p6TVPEP7Iup2/hz9kuD4b+CtBttPkt/E2q3Njbapbr9ohjjdbZYUuXluCwSQl23B2Lc80Af0Ca/ 8Q/A3hXxFoPhLxJrtnputeKXlj0qznmWOa9eAKZVgQnLlA65A6ZFHiX4h+BvBuraFoPivXbPSdR8 T3BtNLt7mZY5L24G3MUKsQXb5l4HPIr8mPiVfXWo/Fv/AIJ76nqEzT3F3p9zLLK5LM8kmnaaWYk8 kknJPqa9V/bxuIV/aT/ZEtGcCWTxlM6r3Ko9kGP4Fh+dAHVfCT9uPw58RP2vviB8GrnxToa+FdLh 0218MtBIvm6pfTRh7oLKWPmyI5MexAANvILZNcR+yV+2v4eg+H3jrWP2n/iZp9lqFr471nStL/tC SC2m+wWsVoY444oVVmSNpWy5U4z8zdKyP2cvAPgWD/gpB+0bFD4c02NNDtvD0+nqtnCBZzS2cTSS W4CfundiSzJgkkk8157/AME2v2d/g38QNI+M3xC+IPhHS/FGp3PjbVtGQ6naR3iw2sCRTFY1mVlQ u1w25lAYgAE4AoA/Ynwr4t8L+OdAs/FfgzV7TXNGv1L295ZTJcW8qglSUkjJU4YEHB4IIPIrxdP2 uP2YpPGA8BR/FDw+2umb7OLYX8XM+7Z5XmbvL8zd8uzduzxjNfi74e8Ra58Hf2IP2wfDXw+mmsLH w948u9GsRG5P2SyvLy3sZgpJJAaD5MjkE7s55rp7T4XfEvWv2WLb4W6Z+xZpZsLzQ0eDxOfFWjLe m4kgDpqplaJZQxYiUqZQu392SE4oA/dHxb8RfAfgO40m08a6/ZaHLrtx9lsFvJ0h+0z4z5ce8jc2 OcV534H/AGoP2d/iV4pbwT4B+Iuia7ro3bbS1vY5JJdg3N5ODiUAcnyy2ACe1fjr8fPA3jXxf8Af 2Mvhd8eomGs6l4uttB1RRdQ3TNaNcizjP2i1kkRy1rsO5XJyfmO7Ne7/ALfHwa+Fvwm1P9nnxz8L vC2m+EtY0/x/o+mpPpVrFZs1rITJskMIXzAGhGN+SMtj7zZAPcPFf7cfhzw9+23pvwFvPFOh6f4J tdEmfUbqSRRMNfa4aFLGSVm2oyKqkRhQxL8kjAr3n4K6v4rv/jP8ZLHXfiXpvjHTbG905dP0KzEf 2rw4jLcb4rvYitunwpXczf6tsY5z8ceKPAPgW/8A+Csmi2V94c024t7r4fPqU0clnC6SX3264/0l 1KENNwP3h+bgc14lB4x8QeAfEf8AwUT8WeFZZbfVrJNIFvPAxSWB5ob+LzkYYKtEHLgjkFcjmgD9 T9Y/a1/Zk8P+Lf8AhBdZ+KHh+011ZTA9s+oQ5imVthilcNsjcNwVdlYHtXpvjz4m/Dv4XaEPE3xG 8S6f4a0pmCJc6hcx28buwyFQuRvYjkKuTjtX5+fA39jv9mTxV+wx4W0jxZ4f02OPxR4YtdX1PxA8 UC6hb3d5arczXa3sqFozAzHaWO1UXawK7gfE/jW/7L3hLxR8BPCei2fiL9o/xH4W0WdPC2hWVzY6 npt3YqZIftl9IkBjkKmEqrR5UfZwXUBcsAfpx8Nf2lfgH8Ybi8svhn470rxBdafG008FvcL56RL9 6Tym2uUHdgNo456V8sfszftvaD8bv2hfin8NdQ8TaI2m6be2dp4OgtJF83VIEiupbudHLMZ22xqz bMKigYHUn4Zjk8Zf8PDvgL4j8T/Bew+CE2tx6nbCxsr60upNRthazK0l0lmkaIfnKAOu5hwchRX0 v+w14E8EWf7Wn7U1xZ+HtOgl8O+IdOj0x47SFWsY5UvVkW2IUGFXXhgmARwaAPrr9k/xLr0/wNHi H4jfFTSPidPb3V48/iLT2ijsRBGc7GZEiRfJGdxIGO5rqPB37WH7NXxA8Up4J8GfErQtX1yZ/Lht YL2MvO+M7YckCU4HSMtX4D+HNS1SX/gmp8M/AEd7Lpuh+OvicNH1i4ifZ/oUjPIY2PTBZA/PH7vo a/TH9vT9mD4BeFf2PPEmseEvCWmeFdT8BW1teaPqGn26W13BNDPEiqbhAJH83O1t7MWYhyd4DAA/ Qfxb8Xfhd4B1aDQvHHivTNAv7m1nvo4b66jt2a1tQWmmHmEDZGASzdBXO/DP9on4GfGTULvSfhb4 50rxLfWKl5rezuUeZUB2mTy+GKZIG8AryOeRX5GeP/D+m/tJ/tK/sUwfFyzXVofFXgv+19UgnUGO 5ni09tQIkUcFJJYxuUjBUlSMZFex/HD4aeA/hN/wUK/Zm1z4ZaDZeFpvEi63Z36aZbx2cVxFb2wC eZHCFRjtmYEkZICgn5VwAfrtXgHxD/aq/Zx+E+tP4b+IfxF0bRdWi2+ZZy3StcxbhlfMij3OmRyN wHHPSvfiQoLMcAdTX4S/CXxJ8ONQ1Lx6v7Ln7N+qftAQ+INbvZdR8WeLJ9Nt7e6upSDLHDcXNttN uCfMCEI53ksBkYAP2Zh+LXwxufh+/wAVrbxVps/g6OEzvq8d1G9ksSnazGZSVG08HJyDwea821P9 rr9mDR9es/DOp/FHw/b6lfJFJFE2oRfdnVXiLtnbHvV1ZQ5UkEEcV+LfwEF9Y/8ABO39rDw9c2y6 dHpeu6jGljFN58No2y3V4opOjKpUKGH3sZ719Mz/ALLfwL07/gls2tp4N0x9dm8BR+Jm1VrWM6h/ aMlkt/5guiPNGHOwANjy/kxtyKAP1o8aeP8AwR8OfDVx4y8ea7ZaBodsFMl5ezpDAC/3QHYgFmPC qMljwATX51/Gr9sTTPEfxZ/Z5039nb4iWWq6D4q8VNpviCLT3guDJATb7IpldWlhyGfBGwnnBOOP lDQ7dfjZ45/Yc+DvxR36p4MuPCMusT2lw2621C+sbKXyUmQ5EnlLAmQwOUdl/jbPsP7X3wR+Fnw+ /a7/AGW/HPgTQrHw5qes+KEsryGwgjto7mO2lt3ikaKJVXfHvKlsZIZQchRgA/ZCiiigAooooAKK KKACiiigAooooAKKKKACiiigAooooAKKKKAP/9X9/KKKKACiiigAooooAKKKKACiiigAooooA4Px 58NfCHxJsYbHxVZ+f9mJaGVGMcsRbG7aw7HAyDkHA4yBVbwB8K/Bfw0hnj8LWZjlusebPKxklcDo Cx6D2AAzzXotFVzu3LfQw+rU+f2nKubv1CiiipNwr8trv/gn/wDGvRPir8Q/iX8Iv2ibvwGnxF1a XVbyyttAjuAC8kkkaNK96u/y/NYBgi5z0r9Sa/Lb9n/9s3RtE8ZfHq1/aR+I9jplh4c8fano2gRa g8Fu8dlbTSIsMKRqskqxgKGYhiONzc0Ad98Kv2DJ9A+L2k/HP47fFLWPi94s8OIV0k38S2lnZMwI MiW4km+YZJUB1UN8xVmAIh+Iv7E3xFPx08RfHb9nT4w3Xwu1PxtFDFrtqdLh1S3uGiQIJY0mdFVs DI3KWDsxV1DFa+rPFXjzQ/GXwM8UeOPhf430y0tZtE1KWw8RxzRXFhYyx28m27kcb0KW7jfICDja QR1Fch8K/il4d8KfCH4eSfFf4m6P4g1jxJEtvb62k8UFtrN1kktbcIp47ADp0oA8x/Zb/Yui/Zp8 f+P/AB0/ji88ZS+P4bD7V/aFuFuRdW6u11PJcCVvN+0TSO4XYvlqQm58biz9kb9kbxn+ylqGteH7 T4mzeJvh1c+e+maDcadHDJYzzyo/mm7WVmkIRSjAIqsTvAU8H27wP+1B+zv8SvFLeCfAPxF0TXdd G7baWt7HJJLsG5vJwcSgDk+WWwAT2rpvih8bPhL8FdPtdU+K/izT/C9vfMyW/wBtnWN52TBYRR8u +3I3bQcZGcZFAGP+0F8B/BH7SPwt1X4U+PkkXT9R2SRXEBUXFrcwndFPCzBgGU8HIIZSyngmvieb 9gX4wfEN/D/hL9o34+X/AMQ/hz4angnj0NNKh0+S+Nt/q1vbpJXklAHDF97sMkMjfNXR+Df2ldT+ I37fNp4C8BeNLbxB8MLzwE2rQw2LW89s9+t6YWlEyKZN6gbWQvgHgrmvUP2dfipbeE/gBbeMfjh8 ZtC8dB9TmtT4ltpYYLB3kcLDbBlSNPMU/Ljbkk0AcX8Yv2LvG2v/AB1n/aK/Z8+Klx8LPF2r2EWm 6sP7Nh1O1vIIVSNG8qV0VWVI0GGVwSildhyTe/Zw/YjuvgH8aPE3xs1b4jX3jjWPF+kiy1JtQtFj mlvGmjmkuRKsrBYz5YRIAnyLgbzivd7P9qj9m/UPHI+Gll8SdCn8TGb7MLJL6Iu1wGKeSrZ2GXcN vlht2eMZr0X4hfEz4ffCfw8/iz4leIbHw1pCOsX2m+nWFGkYErGm45dyASFUEkAnHBoA8Z/ZG/Zw /wCGWPgxa/CH/hIf+En+zXd1dfbfsn2Ld9pbdt8rzpsbemd/PoKX9kX9nH/hlb4M2nwj/wCEh/4S f7LeXV39t+yfYt32l923yvOnxt6Z38+grqfCX7Tn7PfjybRbXwf8QtF1a48Qzy21hDBeRtNcTwIs kkSxZ3h1R1YqQDgg45r3SgD81bv9hb4o/Drxf4o1z9k/41XPwu0LxndPeahok2k2+q2kNzLnzJbM ysvkcYChV3AADftVVXqfCn7Afhbwd+zX4/8AgXpnim5uvEPxMEkut+J7238+4uLuRt3mGDzV+Rfm KoZScszFySa1NM+K3jL4y/tp6j8NvBGry6d4B+DFisviE2xGNV1rUlIt7ORsHEVugdyFIJkRlYEY x8leD9T/AGy/2jv2jPj14N8AfHR/AeifDXXUs7W2bRrO+VoLqS5EaqzKjDyxb4yxYnd145AP0Zvf gH9r/ZUH7Mn9u7MeEI/Cv9rfZc/6uxFl9p+zeb3xv8vzf9nf3r57+Iv7CF14w+BPwj+F/h34gzeH /FPwbmtLnSdfisFkV57VQN7WjTfLllRl/ettK87gSK8X1j4zftdfsU+P/CX/AA0/4r0/4n/Cjxhf ppcmu2+nx2N9pN1IpMe+OBUUocFznzSyK+0qwCt0H7Wvjr9ozVf2yvhf+zp8FfiQ/wAPbPxhoN5e TTiwtr5BPaC7mLFJl3HckATAcAZzjrkA/SfwDo3ifw74K0TQvGmu/wDCT67YWkUN7qn2dbT7bOi4 eYwIzLGXPJUEjPT0r8abn4RfET4mf8FNPjzq/wAJviJcfDfxV4b03QJIL2Ozi1C3uIbjTLJJbe5t piqujFVYEkhWUNtJAI7n42af/wAFDv2Uvh/ffHE/G3T/AImaN4aaGXUtHvtDtrLzLaSVYyyPCC5K lgWCyRkLkgkjafvXwv8AEz4Caf8ADrSv2qvEMWh+Bz4+0nTby81a7Fva3Uyz26PDbT3ZVJJ2iXCI pJ4X5RgUAcd+zn+yWnwh8ReK/ih8TvFU3xM+JfjdBb6nrd5bJbILJQuLSC2VnSOH5F3AHBCoAqqo FeHaZ+wb8X/hbca54b/Zq+PmofDz4f8AiK5luZdFk0m31KSxacfvPsN1LIjxZ6KUCsowSzuA1fbn wv8Aj38GPjUt0fhT4z0zxPJZANcRWVwrzQqxwGki4kVSeASoB7GvzN1DXf2u/jl+2d8ZPg98MfjS /wAPtB8CLp09tCdJtL9Sl1bxFkBdVcfOWbLM3XFAH01J/wAE9Pgqf2XLv9mGGa7S2vbldUm1okPf yawuP9ObPykkDy9nA8v5c5+evK7r9gb41/EyDQvBv7Sfx/vPH3w/8PXcN0mjw6Pb2Et6bcERi6u1 keRhzht/mEgnDK2GHnHj/wCJX7aH7EfjXwDr3xm+I1h8Wvhv4u1iDRb0tpkOm3llLOGIeMwJkkIG cZdw2wqVXIav2PoA/Pz4s/sXeNr/AON9/wDtEfs4fFCb4WeLtdtIbPWIjp0Op2N+kAREcwysFRgk aA5VwSuRtJYtL8Pv2GD4a8H/ABfPjbx/d+MfiL8Z9IutI1XxLdWUcKwQz2r20Yhs45MBYw4JXzQG CIo2AV9GftE/H7wf+zP8Mbz4r+OrO/v9Jsri3t3i02OKW4L3LiNCFmlhTAJ5y446A17lQB+a3xC/ 4J223xD+Bnwf+CV38QrnTIvhVN5rajZ2AS5veMZiBuCLVweVfMuD2q3o37DnxK8X+P8Awp4q/ag+ M938VdG8BXC3ejaR/ZNvpdu11EQYp70xO/nsuOQwLHu5UsrfoB4o8UeHPBXh++8V+LtSg0jR9MjM t1d3LiOGGMHBZ3bgDnqa8SuP2u/2YLXxJZ+Ebj4o+H01a/WJoYTfxYPnqrRBnzsQurKVVmBORgc0 AZOlfs2/2Z+1nr/7Uf8AwkXmf254XXw3/ZH2THlbZ4JvtH2nzju/1ONnlD72d3GD8zN/wTjDfsaJ +yP/AMLC+7rH9q/21/ZP/TUy+V9k+1++N3ne+O1foD41+J3w7+HB00eP/Elh4dGrytBaG/uEt1nk Rd7KhkIBIXk88Dmvkr4v/H7wn8TvA3h7V/2fPjv4c8Li18V6dZ6jfSzwzJcxSR3BOmhXRystyU3x HC7hGxVsZoA0f2nf2SPFHxr+JHgj4y/DD4jT/Dbxt4IhurW3vUsI9RR7e7Uq48p5IwGAdxk7gwbG AQDXx9/wU71X4dfGPw34H/Zz8L65b+IPjQPEtjZW9rZH9/a/aYGS6kukXd5MDo6Oyls/dblVYj9a PDXxJ8A+Mte1/wALeFfEFlquseFpVg1W0t5lknspXLBVnQHKFijYz1wa8/sdN/Zxtvjvfvp9j4dT 4vTWIvLqSOG3/ts2QVYRK7hfOCFSqE55XaDkYoA9B+G/gTRfhh4A8OfDrw4mzTPDWn22n2/GCyW0 YjDNj+JsbmPckmvNv2ofgb/w0l8CvE/wV/tv/hHf+EjFmPt/2b7X5P2S8hu/9T5kO7d5O374xnPO MHC1j9s/9lHQNfPhjVvit4eg1FJDC6fbo3SORThlklQmNCDwdzDHevF/23P2xLb9nrRPANv4N13S Bqvi7XNNS4Ny6zNFoE5kM99CoYKU+QIJDuQbicZwQAekfHX9kLwv8dPhV4R8Dajrd1oXiPwD9lm0 LxFYIEurK8tY0jEqpuzscorNGJFOVUhwVBrx7Tv2HfiP4+8Z+GPE37V/xkufitpfgy5F3pmix6Tb 6RZPcxjEc90Ldz5zDrhhn+EsUZlb7OvvjT8I9M+H1v8AFfUvGGlWvg67VWh1aW7iSzlDEqoSViFY sQQACSSMAVS+F/x6+DPxqS6b4U+MtM8TvYgNcRWVwrzQqxwrSRcOqkjAJUA9jQB554C/Zw/4Qj9p z4m/tG/8JD9t/wCFjWmmWv8AZf2Ty/sf9nW8UG77R5zeb5nlbseUm3OMnGT9PUVx/wAQtSvtF8A+ JdY0yXyLyx0y8nhkABKSxQuyNhgQcEA4IxQB8Cy/sO/GHwH8U/G/jj9mz43y/DvR/iLfPqOq6bPo ltqwjupWd3kt3ncBfmkbaAqlQQCzBVwz4dfsTH9mib4x/Eqx8f33iyHxt4Zuo76DVLZWvH1COFpJ LtrxZcMJHaU+WYcjeBvO35vRf2LvjzfeI/2J/CHxx+PniqBbiZdTfUtX1BobSILDqlzbRFyojjXC IiDAGTjqx5+nLz4o/CW7+Gr/ABJ1TxJpTeBb2BmbUrmeIadLA5MZzJIQjK5yoHO7oM5oA/F79iD9 lz4++OP2SPDuq/Cz4833gPwx47Gpf2tpH9lQXpieK+uLN3sblpEltzLFCu4IVO/LbjkAerf8FB/g v4J/Z/8A+CdNt8KfAEDQ6Vo+q6YPMkO6a4mklZpZ5W7ySOSxwAB91QFAA/RP4FfF39mXxhp3/CD/ ALPPiDw9NZ6KsjrpOiGC3W3jeQs7paRhNqNIxJZU2lmznJ56Yar8Dvj5a674KnbQ/H1t4dvRbarp 1xHBqEdpewswCTwSh1SRWVsblyCDjoaAPh24/YA+KPjCDQ/ht8YfjvqXjP4P+HLiCWDw8+mw2l1d Q2pzBb3uoRP5kyIAAWYEnGVEbBSv6cWlpa2FrDY2USwW9uixxxoAqIiDCqoHAAAwBXKWPxF8Can4 31H4a6fr9nc+KtIt0urzTI5la7t4JdpSSSIHcqsHUgkc7h612dAHxkf2OdD1L4v/ABv+JHibX31D SfjZo1tot1pcdr5EllDBZpaO6XXmvvZgu5f3S7CR97GT4D4Q/YG+O2g+B0+Beo/tF6i/wijEkB0m y0a1tdRksZnZntf7RZ5JY0bcQcBgVJXYFO0fVPxp1fxbYfGj4N2GhfEvTPB2mX15qI1DQrzy/tXi JEWDy4rTcjNugJYttZf9YM54x7b4K+I/gL4j2+o3XgPX7PXotIu5LC8azmWUW93EAXhk2k7XUMMg 80AfLPwO+H/gL9gP9n5fBPxT+IllceG4NTumttR1C3XTkVb0GUWrKZphJJlZGBBXcDgIMc/J3/BK X4KeG9Jm+J/7Qfh20mg8PeKNYvNK8J/aVKyLoNtcvLuXIHyyuUUj+9Cfx/R+O/8A2fv2nvBF0iy6 D8SfClnebJw3kahZxXluofDbtyLIiyA+oVvQ18UfHT9u34VfCnUfgt4R+B3irwv/AMIt4g1yztdW ltXiaDTdAhnWKR4VjZYoYztkj3lSECMFAIyAD1L4wfsaeI9c+Ms/7RH7PXxIufhV481K1W01V1sI dSsNTijCqhmtpWVQ4CqCx3j5VIUOCx1v2cP2O5fhB8QfEfxw+KHja6+JfxP8UQC0uNXubZLOKC1G 391b26M6pny0BOcbVAVUBYNzP7SPxx1r4NeKvhP+0l4f8Sf2t8H/ABHNBoev20brLZLa6oPOstYg YA48sg+YwJDoVUDJzX6AqysoZTkHkEdCKAPmP9kX9nH/AIZW+DNp8I/+Eh/4Sf7LeXV39t+yfYt3 2l923yvOnxt6Z38+gr1L4x/Czw78bPhf4k+FPitpY9L8S2j2sskJAliJIZJEyCN0bqrDIIJHIIrn fib+0j8Bvg1qVvovxR8d6T4c1G6QSR2t1cqLgxsdokMS5dUJBAYgKcHng16P4Q8aeEPiB4ftvFfg bWrPX9GvATDeWM6XED7ThgHjJGVPBHUHg80Afm1pP7A3x3vvh7B8CviD+0ZqOpfCyytlsYtK07Rb WxvJbOJQIbeW+Lyy+UmADGdwZPkyBjHR3H/BOyxv/wBmfwJ8DL7x9PF4m+GOoT6l4e8U2Vh9mmtJ prh7kBrY3Em5QzjpMpJRCCMHP0+n7XH7MUnjAeAo/ih4fbXTN9nFsL+Lmfds8rzN3l+Zu+XZu3Z4 xmvcPEPiPw/4R0S88S+KtSttH0nT4zLc3d3KkEEMY6tJI5CqPcmgD8/PDH7EvxU8T/Evwb8Rv2of jPcfE1Ph7ci90XTINJt9KtkvEKNHPO0LHzWBRWwVDZA+fbuVvmr/AIKRr8LP2n/Hvwn/AGf/AIca 1Dq3xNj8Sz6ddrYt5r6VpkkZTUjd7QdhQxo+0nO1H4x1/UH4b/tLfAH4v6zN4d+Gfj7SPEWqwKzt aWt0jTlE+86RkhnQZ5ZQVHrXJ6n4h/ZF+DvxC8T+KtWuvCXhHxt9mS81m9l+yWmotb3LqqvNKQsh Ez7eMne2OCcUASftA/s26T8af2atT/Zs0HUx4S0y7tdMs7W5W2+1rawaXc288aCHzIdwK24j++MZ zzjBxv2h/wBl7/hfX7Nafs8f8JL/AGFsi0yL+0/sf2r/AJBzRtn7P50X+s2f89Plz3xXb2X7Un7O eo+BLn4m2fxH0J/DFnMtvPfG+iWOK4ddyQuGIZZWUErGRvI5AIrtPh18Xvhh8W/Dsviz4aeJ7DxH pEDtHNcWc6yLC6jcVlGcxsFIOHAOOelAHjf7Uv7Mo/aV+Ddh8JP+Ek/4Rz7FfWF79t+x/bN32IMN nledDjfnrvOPQ1c1j9m/+1v2t9C/am/4SHyv7F8Mv4c/sj7Ju83fPPN9o+1ecNuPP27PKP3c7ucC 9ov7YP7LniLxSngvRPil4fvNYmlEEUKX8WJZWO1UikJ8uRieAEYknp2r6QoA+YYv2cPK/a3m/am/ 4SHPm+GB4c/sj7J0xOs32j7V53tt2eV77u1M0P8AZri0j9qvxZ+0zPrwu4/FPh6HQG0ZrMBYlieF jKbgytvDCHGzyh977xxz6l8S/jV8JPg3ZwX3xT8X6Z4Xiu93kC/uUhkm2fe8qMne+O+1Tiovhd8c fhD8a7K5v/hR4u07xPFZFRcCynV5IS33fMj4dA2DgsoBwcdKAPha2/YL+MPwtufEGifst/Hm9+HH gjxLcyXUuiT6TBqYsZJvvmzuJJEeIYwqhQjbQNzswDV6BY/8E+fhrpH7JPiT9lfSdZu4h4qkW9v9 dlRZbufUo5op0uHjyAUVoEXygw+QEb97Fz9kfErVb/Qvhz4q1vSpTb3un6VfXEEgAYpLFA7o2GBB wwBwQR61+afwz+L/AMYfiL+xD8FfiTq/xf0/wR4p17xIYtS1fV47eNdUt473UIf7OjURGMSypHHt 2qpxGeeuQD02D9iT4ja5oXwfsPid8XW8T6j8IvFVt4gtrttGSFrmztPI8qwIW5G3b5J/fnex38od uT7t+1R+zf8A8NM+FfCXhn/hIf8AhG/+EW8TWHiLzfsn2zz/ALDHPH9n2+dDs3+dnflsY+6c8eB+ K/24/Dnh79tvTfgLeeKdD0/wTa6JM+o3UkiiYa+1w0KWMkrNtRkVVIjChiX5JGBR8JP24/DnxE/a ++IHwaufFOhr4V0uHTbXwy0Ei+bql9NGHugspY+bIjkx7EAA28gtk0Ad78dv2QdY8efFjT/2g/gl 4/ufhb8SrOz/ALOub6Kyi1C01GzHKx3VrKyK5HygMxYYVfkJRCt79nH9kq/+EXjzxF8avin45uvi Z8TfE9sljPq9xbpZw29khVvs9tbRsyopZELEED5RtVPm3ct/wT7+MHxC+L/wz+IPiH4n622sXei+ NtY0y2mljihENjbQ2zxxfukRcIXY5IJ55Ne5aH+1r+zL4l8Xp4D0D4naBfa7NIIYraK/iYyyk4Ec T52SOSMBUYkntQA39qT9nPw1+1L8H9R+E/iW+l0pbiWG6tb2BRI9rdQEmOTy2IDrgsrLkZVjgqcE fHPjL9gX49fGnwJL8PPj9+0bqHiPRbWHGn21lolrYx/aoxi3uL5kk8y7WPqYmZSWAbzA3NfqdXA/ ET4p/Df4SaIPEfxN8S2HhjTXfy0mv7hIFkk67IwxBdsc7VBOOcUAfIfxW/Yel+Jnwf8AhP4Ng8e3 Gg+Ovg3DaJoniazswv7y2ihiZntDMcCQQRsQJuGUHJXKnz+0/YB+JfiX4q+APjd8aPjje+NvFfgb VLa9jV9IhtbE2luwkNtBBBMiwvI4y8+GLAAGPjJ+6vhj8bPhJ8Z7C41L4VeLdN8UQ2ZUT/YbhJXh L/d82MfOm7BxuUZwcdK5nxz+09+zz8NPFcfgbx/8Q9F0HXn2E2d3eRxyRCQbkM2TiIMCCPMK5BBH BFAHh2pfsh+MbD9rW7/ad+G3xMm8M2viU6cviPQ306O7j1GHT0ji8pJ2lQxCSOJRkIzIxZgSDtHp P7K/7N//AAzN4V8W+GR4h/4ST/hKfE1/4i837J9j8j7dHBH9n2+dNv2eTnflc5+6Mc+SfsJfGPx9 8X4vjNc+O9dOuQ+HPHWqaXpblIUWHT4NpijUwooZQDkM2SfU1N8ev20fgvD8JfiXY/CL4p6LN490 PQ9RuLCO1u4JpRdW8DuDCH3RzMhUkqu/pkjFAG98Of2LfCvhbwr8aPA/jbV/+Er0P4za7qGsXUH2 X7I1ml+SwiR/Nm3vE2GSXCEMAwUEV88z/wDBPr4+t4E/4UPD+0lqQ+ERX7P/AGU+i27agLDdxZ/b vNEhj2fL2THy+Vs+WvuD9lrxd4i8ffs4/Dbxr4uvW1HW9b0Gwu7y5ZURpp5oVZ3KoFUZJzgAD2r3 ugD4m8b/ALFHhTW9J+BfhnwRrB8MaH8D9csdYtrZrX7Y98tnIkrRPJ5sXlvKylnl2v8AMxOztXd/ tOfs4f8ADR1j4Dsv+Eh/4R7/AIQnxPY+I932T7X9p+xBx9nx50Pl79/3/mxj7pr6eooA+GPj9+yH 4x+Jnx38MftEfCj4mTfDrxXoWmf2NO39nR6jDc2PnSTbdjyxBSTK6tncCNpG0rk9V4C/ZI0Hwv4+ +O/irxRqyeJdH+OjWgvNKktPIW0gt4rmKSIy+c5m8xbg/MEjK7eMk8fXtFAH5Tj/AIJ6fGvTPB0/ wM8L/tGarp/wcuWljOjPpNvLqCWUzEyWa6h5iv5bhiDhVTk/uiCQe6+IP/BP/wCy+J/h98QP2Z/H c3ws8T/DzRl0C2meyj1SC5sE8wgTRSsimRjNIXdg4YkHaCoYfo9RQB+aGm/sB+O7n42+BP2i/iB8 a77xb468KXvm3clzpMMVjcWIG0WdrbQTItnhWlzIDIGZ9xjyDu9I8L/sh+Mfh/8AtUeIvj/4A+Jk 2l+GvG11FeeIPDMmnRzpeyxQyRoBdGVWjCvI0ikR5BO0lhX3PRQB+eXgr/gnn4F0v9kq6/ZQ8fa/ L4lsZb+bUoNWt7VbC4tbp33xSQxtJcANHypJYh1ZlIAJrkLv9gv4zfEbT9I8A/tEftBaj49+HOiz 28v9jQ6VDp02oLbkFEvb2OV5pAMDJYux+8GV8MP08ooA+VPFP7L1hrv7R3wq+PWl60mk2fwt02/0 yDRY7PclxFeW0tsm2cSr5IiWQEL5T5C4yM5F34s/s4f8LR+O/wAJPjZ/wkP9mf8ACrZNRk+wfZPO +3f2hGkePO85PJ2bM/cfdntX09RQBHNDFcQvbzqHjlUqynkFWGCD9RX5ceB/2BPjj8IbTWPh58Fv 2hr7wl8M9Xu5rr+zRottdajbLPhZI4L6STfGxUACVAmD82zdkn9S6KAPzX8Af8E7rX4cfBL4xfAf RPH89xoXxQmEtnNdaeJLrS+Nrea63Ci7ZlVBkLBypOPm4+n734B/a/2VB+zJ/buzHhCPwr/a32XP +rsRZfafs3m98b/L83/Z396+iaKAPgDxj+wfpXiX4IfDD4f6Z4xudC8dfCGGBdA8WWdtsmiljCiT fbeaQYpdilk83IKj5iNwbgoP2B/iz4s+L3w/+OXxu+Olz4z8R+A9St7uC3GiQWdibWBxIYIooJkW OSR1BebacjAKHaDX6eUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAf/W/fyi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAK/Gv9h34GfCfx1+0F+1J8QPHHh+w8SavZ+P tZ023j1G3juo7a3e8uJHZI5VZQ0pO0tjOEwCAWz+ylfl1Z/sBfGDwB8S/iD8W/gb8ernwdrnxD1v UNSvbdtDgvLH7Ne3D3EcDQzzOHmt2kfbcYBIOAiZYsAfNnhPR7H4Xa3+338D/Ai+R4E0vwteapaW kZ/0eyu73R53mjiX+EHcUwOixKO1eYfEjwjpXxA/ZT/YZ8B66pfTfEniOw026VSVJgvJ1hkAI5BK seRX6jfDX9iXQPhz8Dvib8Mx4outc8XfFyz1KHX/ABTfQiS5uLnULeWAS+QJB+7iMzOsZlJLM2ZP m4wp/wBhkT+BP2fPBX/CbY/4URrNlq/n/wBm/wDIV+xzLL5Wz7T/AKPu243bpcdcHpQB85/t8fBr 4W/CbU/2efHPwu8Lab4S1jT/AB/o+mpPpVrFZs1rITJskMIXzAGhGN+SMtj7zZ6Xwh4P8NfG3/gp l8X/APhbmmRa9B8N9D0i38P6bqSLc20Ed5BDLLcJDIGQsXdiDjjzP7wBH2P+05+zh/w0dY+A7L/h If8AhHv+EJ8T2PiPd9k+1/afsQcfZ8edD5e/f9/5sY+6a8++PH7ImveOfitp37QPwM8ezfC74k2l odPu76OzTULXUrLjbFc20rKjFMDDEMMBcrlEZQD5e+HXwo8A/CT/AIKw6tpnw60630jT9b8BSapN ZWqLHb29zNdRxSCONQFjDiJZNoGMscYBwPgM8/8ABHAj/qdP/a9frr8Cf2H/ABN8Kv2h7r9pPxx8 Vbvx/wCJ9Y0ebTtT+1adHaia4llRllhMUxWGGOKKONYBGQMFg4BCLxP/AA7gH/DHH/DJX/Cw/wDm Nf2x/bP9k/8ATTf5X2X7X+G7zvfFAHlX/BQ/9mH4IfCj9h+5vfAnhDTdG1fwTNpH2LUrW2jhvy73 MVtK0lygEshkEhZ97HLYbqARpePNO0v46f8ABQn4R/Df4twjV/DGg+Al8RWumXmJLO91Sd5FeaSF vlkwqg7SDkxc5XIP3v8AtV/AL/hpv4H678Gf7d/4Rv8AtqSzk+3fZftnlfZLmO4x5Pmw7t3l7fvj Gc84wfh79tKy+B2n/FP4P+EvG/i7WPhP4+0vT5H8PfEC1ihTTIlgUxzWl40kyHDYB2n5V83az7ZH BAOW/aC+Dnwu+Gv/AAUR/Zp8TfD7RrPQb7xPPqa6ja2ESW8L/YoVEM5ijCqHcTOrMB82wZ5GT+yd fz7+BvCNv4z/AOCh3wlu/D3xdvPj3rnh63vtQ8SeIIkhXStPtYoJEtLe3W1MkUQMpbeFkKl5U6MW r+gigD8t/wDglz52r+HPjj431Rt2sa38R9YF2W+/mOOGUBj/AL0747VU/YO/5Ox/bG/7GfTv/Rup V0/7OukS/s6fti/Fn4H6tiDQvitI3jbwvJ92OSUsy6nar282MsrBByIkDHgjGNqX7APxp0v4t/ET 4pfCH9oa78Aj4jam2o3tnbaBHc4w8jRI0r3q7/L81wGCLnPSgDO/4K/azYL+zBp3gpALnXfFPiHT 7fTbVfmnlki3u7RoOTjhCfV1HUivIv2ttC+MF9/wUE+AuhfCHX7LRvHg8JXqW2palD59qrxxXxuG kj2PnzIhIB8pwzA8YzX1B8MP+Cftvo/xT0f4z/Hz4m618Y/FHhsh9J/tRRBZWUoIZZUt/Mm+dGAZ AHChsMVLBSPavGn7Mv8Awl/7V/w+/af/AOEk+yf8IJpd7pv9k/Y/M+1fa4rmPzPtPnL5e37Rnb5T Z24yM8AHyR4z/Y//AG3fj/pK+Af2h/jppieB7maJ9QsfD+lpFNdpEwdUMjRQkfMAQGLICAxRiAK5 b4i/DLwZ41/4KG/CT9nbxdp6XHw4+HXgRb7RtEuSZbOeeFpbdDJG+RIFSJMhs7vJ+bKlgf2Jr4// AGl/2S7T47+IPC3xM8H+LLv4d/ErwSXGla/ZQpcFYZD88FxAzIJojlsKXAG9wQysykA+QP2t/APg n4E/tVfsz/FD4Q6Ta+Ftf8S+J4/D+pQaZDHax3+n3UkEMnmRRqqMUSZl3EZ+Zcn5VK+R6b4c/aU8 R/8ABRD9oiH9m3xZpHhPUIYtIa/k1e1+1JNCbWAIsY8qXaQ2STgcV9x/Df8AYx8VH4vaP8d/2lvi ZcfFjxX4ZhaPRYTp8OladprueZo7aBijy46MQvOCQzKhX0/4Z/szf8K6/aT+KH7Qv/CSf2h/wsmG xi/sz7H5X2L7HGkeftHnP5u/ZnHlpjPegD5is/2Jv2hPi98RPCfjL9sH4s2vi7RfBd4mo2Og6PYL Z2kl3GwZGmcJFuXjByjMVyoZQTn9RqKKAPwb/wCClHwj/ad8PfBLxX4y8dfGseJ/BE+tW7weHRot ta+THPdZtk+1RnzG8gEDJHzY5r9L/gD8I/2m/h/4pv8AVfjb8ah8StHuLJobewGi22m+TcmRGE/m wks2EVk2nj5s9hX0Z4x8D+DPiJocnhjx7oVj4j0iZ0kez1C3jurdnjO5GMcqspKnkHHBrqaAPkD9 vv8A5M2+LH/YFk/9DSvmHwd+yh+z3J/wTitba68M6bJPqXggeIJ9YaCM3q6jLp/203IuSvmDy5Dh RnAjGwgrkH6e/b7/AOTNvix/2BZP/Q0r4f8Agz+xP8bPiF+zR4B8G/8AC/8AUrD4S+LdB0rU73w+ ul273iR39tFc3FnDqO8SC3Z3YKpG1VO0o4zuAPm74jR6n8ev2Wv2I9D+JLzXL+KPFUei3kk0jGWa 0+2fYUcvncS9uqndnPOc55r6t/4KF/CL4YfCH4N/DHSvhf4X0/wvZ3/xQ8PTXEWnwJAksiWl5GHY KBk7VAz35J5JJ+vfif8Ase+GvGg+CGneD9UXwlonwT1ux1azsUtDdC6hsWjZbfzDNGYy3l8ykSEk lipPXqP2qP2b/wDhpnwr4S8M/wDCQ/8ACN/8It4msPEXm/ZPtnn/AGGOeP7Pt86HZv8AOzvy2Mfd OeAD5L+ITQfs0f8ABRvwt8TJXWx8H/HnSZdE1SRjthi1jT1QwSt0ALqsKKT13ynnmvNP2cpfC3xF 8F/tL/tvfFzUrzQvDvxDa/0myvrb5L218NafGbcG2JR8SSfJEMKT5sIIAJr71/bA/Zd0b9rX4Sj4 bahq58O31pf2+o2GprbfamtZ4cq37rzISweJ3THmLgkNztwdGP8AZc8BN+y1F+yndSSnw6uiJpEl zCoimaVQHa7CncokacecQcjccHIoA/IB5NK1z9kvXPC3wS/ZLll+H8Og39ynjPxVdadZagYI4ZJT qh/ciSaZQPMQxSbeFVPkwKxPF+kaPr/7A37Ieua3YW9/qMnjXTdLe5nhSSZrBbnUFFqXYFjDhVHl k7eBxxX3NpP7A3x3vvh7B8CviD+0ZqOpfCyytlsYtK07RbWxvJbOJQIbeW+Lyy+UmADGdwZPkyBj HR6t/wAE97nVv2R/B37M0vxFki1XwBrH9taP4gg00RFJ1muJUWS1Ny+4KLl1BEynIRscFWAPlv8A bLtdbv8A9ub4TfCHwp8Lbb4jeGvCXhmTWNO8GC8tdG064uZprpJZiZUMLLEIYz5RU7thGNpYGw3g b9oa9/au+D3xa0D9nOx+CL6dqIsdbmsfEejzJqelXTxxTh7WH7PvaCJnbKI7tlRjKpj7F+I37E/i b4n+GPh94g134pXll8avh4JhaeN7HT4oXuFmlZ/LuLFZArxhG2BRIAcuSCsjocnwT+xf4uX4vaP+ 0L+1X8WpPibq3giKSTSITp8GkabpzAbmuHjiYoWXG/O1MMqsxbauAD9Fa4H4rf8AJLvGP/YG1D/0 neuK/wCGoP2aP+iteEf/AAfaf/8AHqgu/jF8CPinp9/8OfC3xO8N6hqviO0ubGCGy1azu7hmmiZS Y4I5t8hUZbaOwPI60Afzk/AHV9d17w9+zr4Q/aksLmx/ZvOpapa6U0Uix2Ooaub2ebzdSIJYxLPM Yfm2AIjleBKT+gv/AAUOk8Ra3+03+z/8FtD8Cr4+8O21vearD4TF7BpNnqdzao6pE00oMSrBFFkI ykMjNGo+evrzRv2FPCK/sXWv7HfjHW/7dt7CO8e21pbMW8kF5PeT3kFzHAZZNphabYV8394gZSQH IGT4x/YX1D4h/B74feEfF/xKvH+I/wALn3aD41srL7LeRKhXy1nga4lMoCIgY+crMyBiQS4YA+Kf H/gX9ovXfjJ8Jfid4R/Zi0/4Laz4T1y38/ULDxLopF/pzkLcWj28QthJmLcARubYWUDnj3bUdQ0/ 9k3/AIKNalrmqzDTfAfx60Ce8nlb5YIdZ0WMyysfUmNWY+r3Nei+Hv2G/iP4v+K3hX4o/tVfGCf4 p/8ACCzi60XS4tKg0myjuVKss8yQMVkO5EYrtBJUBmZMqfCv+CpGtfDH406P4O/Z58FatBq/xffx TaWlnYWj77iyS7hZbhrraD5cJjeNmyQThW+6rYAPY/8Agm9oep+NtI+I/wC1v4qt2i1j4y69cXFm snLQ6PYO8NrECeQFbenuqIeeK/TKvF9KvPhF+zV8N/CngbX/ABLpfhXRNGsoNLsZNVvILFZ/ssSq cNM6BnIG58EnJJPWqn/DUH7NH/RWvCP/AIPtP/8Aj1AHxr+2f/yeZ+x5/wBhjxD/AOi7Cvmr4gfE X/hjL4y/tb+Gkl+xWnjzw1H4w8PEnaBqN9IbCQxjuxvLpmIH8MXbBr1j9oj4p/DX4v8A7b37KWk/ CvxTpni+40LUdeuL7+ybyK+W3SSG2dfMaBnVSVgkOCc4XPSvo39rX9hfwv8AtXeO/h5431fXf7Ef wVOftkIshdf2pZNNFN9mLmaLycbJAH2vjzCdpxggH5JfDvxZr/7DHws/aA+BOvXUi61r/hDQNZ0V D8sn27W7eKxvvKHGTBNcgL3xBk5r6C+NP7PfhL4R6b+w/wDDjVNBsZr+HxJp1jrDS20UjXLzSw3F 1DKWUmSI3E0pCNlfmPHJr7q/aL/YW8LftD/H34cfHLV9d/s4+B2t1u9P+xiddUgtLr7VDE03nJ5S hmcN8j5Vu2K7X9rb9ly6/aW0fwjN4e8XzeB/FPgXV49Y0nU4rZbxY548H5oWePPzKjKd3BXkMDig DjP+Ch/hfQz+wx8R9BtbaCwsNM06ze1hijWOKEWd3bvEkaKAEA2BVAAAHHSvoP8AZt1bUde/Z2+F uuawzNf6h4W0S4uGf7zSy2MLuT7liTXxP+2npvj7xH8Ffhz+xiniIeKPiJ8UryysdQ1QW62pbTtK ZLq/1KSCNmEaho48qDhssF/u1+lPh3QdN8LeH9M8MaLF5Gn6Raw2dtH/AHIbdBHGv4KoFAH43/Fr 4S/Gb4WftT/Ev45eEfhToH7Q/hnxjHZi8sbmW3l1bSBDEIzbpFKJCofaRhIZd6KgO0qc+Ry/Fr4U +G/2Ev2jD+zloGu/DnxJDqdpF4i8P6k5DaPLrF5HZyi2XC+XE0IkgA2rIhQBgNqk/eHjz9if4j6d 8Z/Evxv/AGYvi5N8LtT8b+W2uWMmlwarZ3U6Ajz1SZgqtlmbBRjvZirKCRXX/Cb9hfwP4M+H3xI8 KfEzXLr4i618XXaTxPq93ElrJcsN5i8iJC4g8lpGdPmYq/IIAVVAPzgtPhd8S9a/ZYtvhbpn7Fml mwvNDR4PE58VaMt6biSAOmqmVollDFiJSplC7f3ZITisD9oS4+Odz8IP2Pfgh8S/DUnivU9Svb/+ 1NA/ta1iTWpNGnigsLaTUY3lh+e2k5be2TJz+8HH2RP/AME+vj63gT/hQ8P7SWpD4RFfs/8AZT6L btqAsN3Fn9u80SGPZ8vZMfL5Wz5a+h/in+wz8KfiB8D/AAj8GPD1zd+EX+HbRT+GtXsmDXun3cXP nFjtMnmv+8lAZCzgMGVgCAD83/jx4D/aP8Uz+BfFngD9lDTPg54o8E6xa3dhrOn+J9DQyRRA5sni QWqyK+AQGY4CsANrMD7ZrHwj8A/F3/grTrll8RNGtte0/wAPeBrfVobS8jWa2e5SW3tkMkTgo4Vb hmAYEbgDjIFeqj9g/wCKfxM8ZeF9Y/at+Nlx8T/Dngy6W8sNFh0i30qCeeLGyS6aF28zgYYFSxBI 3gM2fpXRv2b/AOyP2t9d/am/4SHzf7b8Mp4d/sj7Jt8rZPBN9o+1ecd2fIxs8ofezu4wQD86/hT+ zZ8Fp/8Agp/8WvDlx4T06Xw3oGg2Gq2WjvbRnTYL67htFaVbXb5WV8yUqCpCmQlQCBir4F+EWlT/ AB9/bb+APgC8tvA+i65oulpb7MW9jZz3tmXJKrhY4i87qwUcIxCjoK/R7wl+zf8A8It+1R45/aZ/ 4SH7V/wmmkWelf2V9k2fZvsiwr5v2nzm8zd5P3fKXGepxz5/f/sS+F/EnxK+OXjLxnrj6po3xt06 w0+40yO18iTTxYQJEssdyZXEj70WRMxKFYDO4DkA/KPxBpUnwk+B+k/Cj9r/APZehl8E6Kloi+Ov Bj2z3AjWRNt09xGsnzXPAkaSaLzC2NgJUD+gz4f61oHiPwJ4c8QeFL19S0TUtOtLmxupSzST200K vFI5bDFmQgtuGcnnmvzNX/gnt8fNR8CRfAfxN+0hf3vwigEMH9kxaJbR3z2MLqyWv20ytIqKFABO 5OMeXt+Wv0+8IeFdE8C+E9G8FeGoPs2k6BZW9haRZzst7WNYo1z3IVRz3oA/KP8AaB8TfBq1/bSv Lnw58L9e+Pvxb0zQ7e1m0Y/ZW0LRLV9ksT5ngcxTMJAxdtyL5xwQzYHl/wCy4virS/8AgpnrR8Q/ Dey+EF3rvgqW4uPD2m3tveQBfOg2SyNaKkIkfYGZQoOfmIyxr7F+Jn7GHxHm/aB1n9oz9nb4sSfD XxD4rtIbPWoJtKg1a1uVhSONZESZ1VTtiQ4Kk7gSGXcwMPwg/YS1z4X/ALRdl+0nrHxW1Dxj4iut OubPXhqVhGDqMs4IV7doplW0ijCxBYdkoATAYBhtAPsr4wf8kk8bf9gPUv8A0mkr8D9T/wCUYf7L H/ZSbf8A9LtZr+hLxhoH/CWeEtb8Lef9l/tmxubLztu/y/tETR79uV3bd2cZGemRXwRc/wDBP8XP 7MPwr/Zw/wCE82/8Kz8SR+If7U/svP23y57ybyPs/wBq/dZ+17d/mv8Aczt+bAAPMfFHgHwLf/8A BWTRbK+8OabcW918Pn1KaOSzhdJL77dcf6S6lCGm4H7w/NwOaP2cvAPgWD/gpB+0bFD4c02NNDtv D0+nqtnCBZzS2cTSSW4CfundiSzJgkkk819A/H79kPxj8TPjv4Y/aI+FHxMm+HXivQtM/sadv7Oj 1GG5sfOkm27HliCkmV1bO4EbSNpXJNS/ZD8Y2H7Wt3+078NviZN4ZtfEp05fEehvp0d3HqMOnpHF 5STtKhiEkcSjIRmRizAkHaAD8iZPGXiTwf8A8E2vjinhuaS2bXfirqGl3csR2lbS4jtGlUnssgQR t6hiDwTXs3xJ+EPxW8Tfs7y/CTSv2KtL8Lw2VjGLHxCni3RDd2k8QBW8efy43lLEZl3SgSAkE9CP 0K+HX7CXgvw38BviJ+z/AOP9afxXovxC16+1ySeK1FjNZvdrB5YizJcAyQPArrIeCeCmMg+J6j/w T7+PninwbZfBLxz+0jqOrfCaz8mM6WmjW8N/NaQMGitpL7zXdlTau0vvXgfu8AAAH3l+zq/j5/gT 4EX4pKR4th0i0i1MtPFcs9zFGEeQywM8bmTbvLKxBJr899b8JeHvjv8A8FTdW8I/Fyyi1vQPhz4N hv8ARNLvAJrN7ieS28ydoHBRyGnYHIOSkZP3AB+pfg7wl4f8A+E9H8EeFLRbHRtBtIbGzgUkiOC3 QIi5OSTgDJJJJ5JJr5S/aI/ZDm+LXxB8P/G/4XeNrr4ZfE/w3AbSHWLW2jvIbm0JY+RdW0jIsoBZ gCWIwSGVwF2gHyf8ePB3hb9nv9vr4A+MPgxpEGiX3xBj1fS9c0zTI0toL23gSLy3eFAqbmaTcWwM tEp6rmj/AIJu/Bn4WfGf9nzxD8V/i54csPGni34ga3qh1m71W3S7uAFfYIEeUFogB8/ykHLA54XH 038Hf2OdZ8OfF9P2hvj78Qrn4q/EOztDZ6ZcSWUWm2OlxOHWQW1rCzJuZXZd3yj5mYrubcPPrz9h f4oeB/GHiq8/Zi+Nd38LPCHji5e81LRF0qHUUt7mVcSy2MksimBn6AoFZOMMQiBQD85/BM+o/BX9 gf8Aa00X4cXU6x6N46n0OC7ikIkWwe4tLJ3LjBO+AlCR/ez0r7c+On7Jf7O+l/8ABPLVItI8L6Zb XXhzwomsWesR28S30l7BbLcec1yF8xzcsCrgnaQ2AAAuPcfgD+wZ4I+DXwd+InwM8Ta3L438MfED Ubi7lW5g+zXENvNFHGkbSJI/mTR+WH89RH8/zBFxXh2o/wDBOz43a98NZvgFr37R2pXPwstYWi0/ S/7Gt/tSLGCbSK5uxKJJoLeQI3lZCuqhV8rClQD7F/Yq/wCTSPhD/wBixpn/AKIWvp6vMPgr8N/+ FPfCTwh8LP7R/tf/AIRTTLXTvtnk+R5/2aMJ5nlb5Nm7Gdu9sepr0+gAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD /9f9/KKKKACiiigAooooAKKKKACiiigAooooAKK/OL9vj9qb4hfCOTwb8DPgJbpc/FP4nXH2axkd VkFjbs4hE218rveRsIzgooSRmHyjPlFr/wAE1Pi5rOk/2/42/aZ8ZP48mQyG7s7qYWUE7DJWONpl laNTwNrxZA4VegAP10or81f2Ffin+0svi/x1+zj+0vp97q2q+A3BsPFBtZRa39vuVfLe68tY5JCj xyxEnzXRm3jKE191/Dv4qfDr4t6Vea58NPENp4jsLC6eynns5BIkdzGqu0TEfxBXUkehFAHf0VwG kfFT4da/481j4YaN4htLzxX4fiSfUNNjkDXNtFIEKtInYESJj/eFeN6v+2x+yfoVhbanqfxR0WO2 vLmWziZZzITNBt8wFYwzKE3rliAoz1oA+o6K+dPEf7XP7M/hKPVZPEPxI0a0/sUWpuh9pDun22Pz bfaqbmcyx/OoQMSuT0FdxYfG/wCEOp/DRfjHZ+MNMPghkaT+13uUjtAEcxsDI5ADBwUKnDbvlxni gD1OivnX4cftbfs1/FzxF/wiXw6+Iek6zrTFhHZpMY5pdgy3lJKEMuBz8m7jJ6A16P4t+LXwz8Ba /pHhfxp4lsdE1XX1next7uZYnnS1XfMy7sDbGvLEkADmgD0Oivmvwh+2L+y94+8Xx+A/B/xL0bU9 duJBFDbR3AHnyHokLsAkrHsI2YmvkX9u39sWf4NfFn4PfDTwh4zs9FjvfEdlL4wQBGuLbSBPauPN ZgfKiljaQuVwzKuMgZBAP1OrjfG/w78A/EzSP7A+IvhvTvE+mhhILbUrWK7iVx0dVlVgGHYjBHrV 7wf4w8L+P/DVh4x8F6nDrGiaohktbu3bfFMgYqSrdxkEfhXwX/wUn/aK+I3wE+E3h7T/AIVXMWk+ IPHWrppCarOB5dhC0bM8gZgUSQnaAzA7V3sBuAIAPtzwH8Lfhr8LrGTTPht4V0vwtazbfNj0yzht BIUztMnlKu8jJ5bJ5Nd5X5Hf8O2vjGNI/wCEgg/ai8aHx4Yci+N3cfY2lxnZs+0ed5WeP9YeOdv8 NezfsL/E39oLx18KvGPgn9pPT77SvFPgi7m05dbu7SS1S/tirqs6SFI0maFo2DSR43L5bN8xLMAf ceueCfCHiXWdE8Q6/o9rqGqeG5pJ9MupoleazllTZI0LkZQuvytg8jrXUV+UPhn4vaZ+zJ+wr4n8 XWnx0tviprgn1OPQ9fvnlnE+pmAPDYotxNOztHsLBS+OTxjOfXv2QP2t/h/4w/Zf0vxx8S/iFY3m veG7CKfxVdXEqI1lLeXEiQm4Cqqx7yAqADHQAUAfoBRWJofiTQfEvh2x8XaDfRX2janax3ttdxNm KW2mQSJKrd1ZCGB9K5v4f/FT4c/FXw1J4x+HXiGz8QaJDLJA95ayh4VkiAZ1LcAFQwJ9AaAO/or5 J1n9vD9j7QdYOg6j8V9E+1hzGfJma4iVgcENNCrxDB7lsV2nxu+Pfgr4bfATXPjFY+JdNW0fTLiX Rb1pVms7u+a3ke0jjZCVk8x1AAU88jNAH0FRX5O/szftG2v7RH7EOv6Z43+LkGjfEn+yddudZ1VX EV1osMl5cLBdtHAYfLSKIxlNjLhduCK+3/2bzp3hv9njwpJe/EFPiBZWFjI8niieVtl7GkkjNO8k 0khCoPlJaQ4C9cUAfQdFfK+lftv/ALJGt+JU8JaZ8VdCm1KSRYkU3OyGSRjtVUnYCFiTwNrnP417 d8Qfib8P/hToUfif4j69aeHtKmnjtUubyQRxtPKCUjB7swUkD2oA7qivmXXP2zP2V/DXjCTwFrvx Q0Oz1uGVoJYXugUhmRtrRyzAGKN1bgq7gg5yODX0tFLFPEk8DrJHIoZWUgqykZBBHBBHQ0AZmveH 9B8VaPd+HfFGm22saVfoY7i0vIUuLeZDyVkikDI6+xBFWNK0rS9C0uz0TQ7OHT9O0+GO3tra3jWG CCCFQkcccaAKiIoCqqgAAAAYq/RQAUUUUAFFFFABRRRQAVXu7S1v7WaxvoUuba5Ro5YpFDpIjjDK ynIKkHBB4IqxRQB4H/wyn+y7/wBEe8G/+E/p3/xitrw7+zv+z/4Q1q18SeE/hl4Y0TV7Fi9veWOi 2VtcwsQVJjliiV1JBIyCOCRXsVFABRRRQAV59a/Cb4XWPjy6+KVn4S0qHxjeoEm1hbKEahIoQR4N xt8z7gCH5uVAB4Ar0GigDifG3w0+HHxLtbax+I/hTSfFVtZOZIItWsYL5InYYLIs6OFYjgkYOK85 /wCGU/2Xf+iPeDf/AAn9O/8AjFe+UUAeR+CvgB8DPhvr0vij4e/D7QfDWrzRmJrvTtNtrSby2+8i vEilVbA3AYBwM165RRQAUUUUAcu3gnwg/jJPiG+j2reJ47I6aupGJTdLZGTzTAshG4Rl/mKg4J5r qKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAo oooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACii igAooooAKKKKACiiigD/0P38ooooAKKKKACiiigAr5h/bF+NGtfAL9nrxP8AEfwzEkutWywWtkZF 3xxT3cqwrKwIIIjDFwDwxAU8Gvp6vOviz8L/AAp8aPh3rnwy8awtLpGuweVKYyFljZWDxyxkggPH IqupIIyBkEZFdWBqU414SrK8U1deV9TSi4qactj+UnRP2xP2ntC8YJ43t/iVrdzqCy+a8Vzeyz2c nOdj2rsYDHyQECAL/Djiv6svg54+PxU+FHhH4kPbfYpPEul2l/JAMkRSTxK7opPJVWJCnuMGvyB0 T/gjgYvGCP4h+I4ufC8cu5ktrExX0sWf9XuaR442IwN+H9dtftf4d8P6P4T0DTfC/h62Wy0vR7aG ztIEztigt0EcaDPOFVQOa+z4zzPL8RGmsIldbtK2nbZf8A9XNcRRmo+y3Niiiivgjxj8WP2jzHpP /BXX4Dav4jjMml3ehx21qx4UXDNqccag9CyzyRsR/tCv2nr4Y/bi/ZEuv2nvCmhaz4G1ZPDfxH8D XRvtB1FyyJvyrNDI6AugLxo6SBWKOoIBBavmy0+Nf/BWLRdCHgy/+B2i634hiQwR66t/apbSlRtE 8kS3aR7j94jdGM/8s1+6AD9NLD4vfC/U/iLqPwjsfFFhL400mJJrrSBOovI4nRZA/lHDEbHViVzg MM4zX5q/8Ecv+SB/EH/sedQ/9IrKvWv2IP2P/G3wY17xZ8dvj1rUfiH4s+PiftssLeZDZ2zusrQq +1Qzs6rv2gRqERI/lXLfLnwr+GH7d/7Eni/x34D+DPw5074neBPFerS6lpd1JqMFp9mkkG1WmEks Tg+Usayqy7CyDy35OQD0j9ncg/8ABVf9o0g5/wCJHYfpFp9fMn/BMX9kr4I/Gzwp8TvH/wAXPDFv 4olHiCXSLVLpn2W8cMaTyNGEZSHczKN+cgLhSMtn6k/Ys/Zw/ae+G/7VvxK+Mn7QFpbXH/Ca6PE7 alZ3Fu1u99PJbzPaxQrIZlW2CtCGaMKfLyrMCCfVf+CbPwJ+KvwB+FPjTw18WtE/sLUtW8V3mpWs X2m2uvMtJba2jSTdbSyquWjYbWIYY5GCMgHxT8Pv2dvhl8b/APgqN8bLH4kaJDrHh/wrYwXEGnyZ W3a4eGzgi3ouAyJGXwvTdtPbFc5+33D4S8IftDfA39l3SvBWqa18LPDGnNrreE/DsUktxfSTXF2X REB3yAC3Yuc5VHlIIJJr75+BXwJ+Kvg39u344/GXxJon2Pwd4ws7SLSr77TbSfaXiW3DjyY5WmTG xuZEUHHHaof22v2YPit8QfGvgT9pH9nK7tofif8ADdmWG0vHEcOo2ZYv5G9iqA5eRSGZFdJHBdSF oA/NL9qHVvCXxV8B6fH8EP2TvG3w38e+Hbu1udI1ew8MmwEYhkUukxtEDOAo3RkqWWQAggFs+p/t o+Hbr9oD4qfsX6B8TrO4sbjxtZw/25ayI1rcRtcmxe9hZCA0T8umMAqe3Fe0eP73/gpr+07Bpvwv TwRD8B9IN1BJq3iG11lZLrbC2WFu1rP5u0n5giA7ioVplUtn1/8AaD/Zx+Kvib9o/wDZj8WeDLC4 8Q+G/hlI6azql5fQG5SNDbhZpvtEqzTySCNmdkV2LZJ5NAHzf/wVM/Zu+Cfww/Zx0X4g/C3wdpng 7X/DetWEMF3pNslnM0MiyArI0QUyMHVHDvucMuQ3LZs/8FBvCXhDXfi7+yTr+q6Bp1zqHi7xNYwa xM9pCz6hAZtOXybpiuZowrsoR8qFYgDBNfXn/BSH4K/Ez49/s2zeAfhNo39u682rWN0Lb7Rb2uYY d+9vMuZIo+Nw43ZPYV5n+3V+z58c/iB4Y+CXjj4KaPb654q+Eup2+oPpk9xFCZWQW8gIaSSONlSS 2AdRICQ3y5oA/SvQPD2geE9HtfDvhbTLXRtKsV2W9pZQpb28KZJ2xxRhUUZJOABya+b/ANqjwT+z r8Z/C2n/AAI+O2uWWm3fim4VtDhe8ittRN+mYo5rFHOXkUy7MbWU79rAhsV6z8GPEHxK8U/DPQ9e +MHhqPwh4wuklN/pcM6XMduyzOke2SN5FIeMI/3iRuwcEED5Y/bw/ZH179pjwx4Z8SfDbV00H4jf D68a/wBEupWZInLGN3iZ1DGNt8UbxvtIVlwQAxYAHyX/AMMQ/t7fs+2uf2Yvj2+vaTYrm30bWwyK I16QwxXAu7UEjjP7kd8rXv37Hv7Xnjb9oLwv8Svhj8Z9Bj8O/Er4cxS2+pxwKUhuFKyxFwhZ9kiS RlZAGKHKshwdq+T23xr/AOCt2g6XH4R1L4JaDrmtLGsUesrdW4hlIG3zpUjvkiDk/MceUv8AsAcV 7J+xt+yT8SPg/o/xJ+J3xp1SHW/ip8VTJPfi2ZTBbBvMcRBwEQu8kpL7QI1CqqfKuSAfB37Nvhnw 34i/4JF/EufxBpNpqcukTeIL2ye6gjma1uo7aNUnhLqTHKoYgOuGAJwea7q88FeDfD//AARs1DxJ oOg2Gm6vr2hac+o3ltaxQ3N60WrxhDcSooeUruO0uTjJx1r3j9l79lD4weG/+Cfnjz9nf4gaXH4b 8X+JRrcdrDNcwXESm8gRLdnltHmQKXX5sEsBzt6CuV+B/wAC/wBqfx5+yF4y/Y5+Ofgu08E2Wn6M LPw/rIvILgXV0ly1zGtwlvNOQiuseXVBlM8bsCgD7q/ZiIH7G3wuYnAHgfSMn/uHR1+Xn7EOleDN c/4Je/EDR/iJ4wl8B+GbzV9Sj1HV4QrSQ2zLab41VlbeZx+52KpZw+1RuIrt/hvZf8FOtI+EFh+y rH8O9I0OCwsxoieM7jUbeRLXTCDEsiQRTMZJI4flQqhbAUtHuyayPAf7CPx31H/gnT4m/Z28RWcf hvxvJ4jk1iytZruCWG6ii8gokkttJLGokCNtyflcKWAHNAHmfh34pfsa3vwc/wCFO/BH9mfxD8WF gsHtJNdHh6CKS6nVCr3r6gPOuInLZfdtXy/urtUADu/2IdL0nxv/AMEtviNpnjKwttctNBPieWwi voUuUtZYbAXEckKyBgjpLI7qy4KsxIIJr0zwjq//AAUh134QaX+zrpPwe0j4cyWmmw6JP4qudUtn t7e2jiWFpobO3aQ+ayA4MfmKHOQqiu7/AGHf2ZvjJ8Nf2S/iX+z58VtFTw9qmuXesRWFz9qt7qCe 31Kxjtlm/wBGkkZArqxKuFbBHGcgAHz9+zz4K8G6d/wSJ8V+NtP0GwtfEWreGPFEN5qUVrEl7cxx Xt2qJNcKokkVQqhQzEAAAdBXinxX8R+Ibn/gnV+zB8GNIvpdMsPiVqqWGozxnAa3iunCxP6qZJUk x3MYzxmvoP4DfCD9tLw7+yl8Sf2Q/HXw0tbTS7bw3rcOganDqNmz32oX05kS2P8ApJUK/nSMsjLG qhQHIPX0vWP2GfHvxP8A2Avh18F9ZZPCXxP8BY1CwaSdZIoL1JpiYpJrVpV2vHJkPGW2uFPOCCAe 5/Fn9gv9l68/Z51v4e6L4E0rSJdM0q4aw1WK2jTUobqCEtHPJeYE0hLqDIHchxwwxjH5CfEj4jeI viN/wSH8HyeJ7mS8uvDvjGHRo5peXe2tYbgwLnuI4nWMH0UZ5r7m8WeM/wDgqR8S/hxcfAu8+EWm eHdY1m1Om6j4s/ta2+z/AGaVfLlnjiilfy5HQnJTey5JSNTja79ov9g/xxov7BXhf9mf4FWLeMNf 0nXLfUr2RprayNzI63DXM4NzLFGqq8ioibywQKDuIJoA7b46fsR/s5+DP2GvFen6Z4I0xNc8MeFr jU49a+zp/akl/ZWxuGme7AEzeY6HcpbZg7QoXAH0D/wTs1jUdc/Ys+Fd7qk7XE8enTWys5yRFa3U 0EK/RI41UewFewfH3wb4j8a/s3/EDwD4YtPtuva34X1LTrO38yOPzbq4s3ijj8yRljXc5A3MwUdS QOa4b9iH4a+NfhB+yz4C+HHxE07+yfEWi290l3a+dFP5TSXk8qjzIHkjbKOp+Vj1x1yKAPqyiiig AooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAC iiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKK KKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD//R /fyiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK/ITRf2iP29/jL8a/jD4C+BUHgePR /hlrsul51qK8jneJpZ0gO6GRw7bYDvOFGcYHoAfr3RX5ufBb9qf9oLRf2ibD9l79rTwto+l+IfEt hLqGg6r4fkkNldpbpJJIjpNJIwbbFJg/IQVwUIdWr9GYL6yuppre2uI5pbYhZURwzRk9AwByCcd6 ALVFZN3rukWcV5LNeQg6eu6cGVQYwRkb8n5c9s9a+a/2Pf2kh+1L8Io/ihPp0Ghz3V9ewpp8c/ny Q28EpjiMjEKSzAZJ2qM9BQB9VUVUnv7G1nhtbm5jimuSREjuFaQjqFBOWxntRNf2Nvcw2dxcxxT3 GfKjZ1V3x12qTk49qALdFc94k1O4s9KvoNHmthrbWs8llDcOFWSZEJTcCVOzcBuIPAzyK+EPiV+1 X8V/2dv2RdG+K/xj0bRtT+JF9eGxmsdOugunK013MkMyMrzM6JAsZkVX5ckbl7AH6IUV8UfH39ov xZ8Ovj3+z98OfBh0+80D4o6hq1rqc0iNNII7FbYx/Z5EkVVOZnDEq3QdMHP19pXiPw/rslxFomp2 uoPaNsmW3nSUxN/dcITtPsaANmiisG/8VeGNKtZr7VNYs7O2t5PJklmuI40SX+4zMwAb2PNAG9RV P+0dPFiNTN1F9jZBIJ96+UUbkNvzjB7HOKrW2u6Je38mlWeo2897DGkskEcqNKkcn3HZAdwVuxIw e1AGrRWHN4n8NW2rx+H7jVrSLVJhlLR541uGH+zGTuP4CtygAoqtc3tnZCM3k8cAmcRp5jBdzt0V c4yxxwBzVbTdZ0fWRO2kX0F8LaRoZTBKsvlyL95G2k7WHcHkUAaVFYdj4o8NapqE+kabq1pd31r/ AK63hnjklj/30Ull/EVo3+oWGlWcuoancx2drAN0kszrHGg9WZiAB9aALdFY1j4j8PanDa3Om6pa 3cN9u+zvDOkizbfveWVJDY74zivH/hfrfxr1L4m/EvTviNBpEXhHTrqyXwu9hIHvHgdZvtJvVErl WBEezKpn5uD2APeaK5+28WeFbzVpdAtNZsp9TgyJLVLiNp0x13Rhtw6dxXzX8b/2nrf4SfG34R/B yGxtrlviReXsV3ezXIjGnwWUSPnywOXlMgClmAAB4bIwAfWlFZ1/q+k6VYNquqXsFnZIAzTzSLHE AehLsQuPxp+nanpusWceo6Rdw31rKMpNBIssbD2ZSQfwNAF6isRPE3huS4tLSPVbRp7/AH/ZoxPG Xm8v7/lruy+3vjOO9Gr+JvDnh94I9e1W001rltsQuZ44TI3ogcjcfYUAbdFIrK6h0IKsMgjkEGvA Pj/8Y4fhz8HfiN4t8Gajp154n8HaLe6hHaSSLMY5beJmTz4UdZAuRyMr9aAPoCivljwZ8fb1v2Ot N/aS8cJbpejwkPEF5HArRwNMtqZzHGrMzAM3yqNxPIGa6n9mTxb4+8X/ALPHgfx78Xp4P+Ej13S4 9UvHiiFtCkd2TPCNmcJsgZA2T1BJxQB79RWTo2v6F4itTfeH9SttTtlYoZbWZJ0DDqNyEjPtVfU/ FPhjRbyDT9Z1ezsLq6/1MNxcRxSSf7iuwLdO1AG9RVa6vbOwi8++njt4yQu6Rgi5PQZJAye1Zy+J PDr6w3h5NUtW1VF3m0E6G4C+pizvx74oA2qK/P39tj9pj4mfCTXvhp8JfgcNG/4TP4l6lPZLd6y7 Na6fFbrDl5UjIK7jOrBmDAKrYRyRj0P4Jar+1mvxHi8OfG268Lat4Zi8Om4bUNEZlnm1d7pNm2J3 Di3+zMfmMSguAQcHBAPr+isS68TeHLDVYNCvtVtLfUroZhtZJ40nkHqkZIZvwFWTrOji0lvzfQC2 gbZJL5q+Wj5A2s2cA5IGD60AaVFVp7yztbZr26njht1AJkdgqAHoSx4xUUuqaZCYBNdwxm5Vni3S KPMVRuYrk/MAOSR0HNAF6isux1vRdU07+2NMv7e7sMMftEMqSQ4X7x3qSvGOeeKj0bxF4f8AEUUk /h/U7XU4om2O1rMkyqw7EoSAeOhoA2KKyNZ8QaD4dtlvPEGpW2mQO4jWS6mSFC56KGcgEnsK+RvA v7QfjPxP+2z8QP2fLlLFvCfhnw5YatZTRRt9qea6FuW3y+YUZP3rYAQduT3APtCiisS58S+HLPVo NBvNVtINTuRmK1knjWeQeqxk7m/AUAbdFfGPxI+P/jjwn+2j8I/2ftLhsm8M+ONL1a8v5JIna7WS yt7iWIRSCQKq7ol3Ao2RnkdvVfgzrfxr1fxB8Q4fi1BpEOmWGu3EHhw6ZIJJX0pXcRNeASSbZ9u3 cCE5z8ooA95orDHijw0dY/4R4ataf2rjd9k8+P7Rj18rO/H4Vpz3tnavDFdTxwvcNsjV2Cl29FBP J9hQBZorFsPEnh3Vb650vTNUtby9s+J4IZ0kliP+2iksv4gV8x6z+1Da6d+15o/7MUdlarbXfh2b XLnVJLkblmE7wR2qR8AN+7LMWYk5ACjGSAfW1FFfF37CH7QfjT9pD9nq3+KvxHjsbXVH1C+tnFlG 0FusVswCnbJJIQcHklqAPtGiqdrqFhfW322yuYri35/eRurp8vX5gSOO9UNI8S+HPEBmXQdVtNSN s2yUW08c3lt6NsJ2n2NAG3RVS31Cwu5p7e0uYppbYhZUR1Zoyc4DAHKng9fSlN9ZC8GnG4j+1FPM 8nePM2Zxu25zjPfGKALVFc/beLPCt5q0ugWms2U+pwZElqlxG06Y67ow24dO4roKACivkH9rD47e KvhpH4K+F/wnW3m+JfxQ1VNM0f7SnmwWdvEVe9vpo8gvHBEfu55LZ5CkHub/AF742ad8f9I0H/iT v8LE8OtcajeTSJHqn9rJJKCVj80YtzGsZJ8vAJb5uMAA+haKpjULBrL+0luYjabS/nb18vaP4t+c Y980HULAWX9pG5i+ybd/nb18vb6784x75oAuUV8XeG/2hPGetft0+Iv2c2SxfwhpnguLxDbzRxsb t7qS5tYuZfMKGMpMxACA9Du9fsSLUtOmvJNOhuopLuEbnhV1MiDjllByByOo70AXaK5+28WeFbzV pdAtNZsp9TgyJLVLiNp0x13Rhtw6dxXQUAFFfIv7Y3xl8a/CXwR4V0r4XyQJ418feJtK8O6UbiIT pG13LumlaMkAqsSMCTwpYGvrqgAor56+A3iv4vajoOuSfH/+xNP1Y+ILu10hNKnRo5dMVIvs+/8A ey/6QXZwy5Bxt+Ud/eri/sbOWGG7uY4JLltkSu6q0jeigkZPPQUAW6KqzX1lbTw21xcRxTXJIiRn CtIV5O0E5OO+K+OP2EP2g/Gn7SH7PVv8VfiPHY2uqPqF9bOLKNoLdYrZgFO2SSQg4PJLUAfaNFZg 1rRzp76uL+A2MQJe481PKUL1JfO0Y781Ho3iDQfEdsb3w9qVtqluDgyWsyTpn03ISKANeiio5pob aF7i4dYoolLO7EKqqBkkk8AAdTQBJRVZLyzltRfRzxvbFd4lDApsHO7d0xjvVcavpLR28y3sBS7O 2FhIuJT6Ic/MfpQBo0V86fG3xp8VB4W8Pal+zlPoOsXk3iC1tNTfULlDbrpu2X7V5LLLGDcK4jCr knG75T24X4pfHLxh8F/2lfAHhvxdJBN8MvifG2j2c4iCT6b4hjYNCskufnhu0IRARkPk5CjBAPsW iisvV9c0Xw/aG/17ULfTbVestzKkMY/4E5A/WgDUorN07WtH1jT11bSL6C+sXBKzwSrLEQOpDqSv H1qheeLfCmnpaS3+tWVsl+dtu0tzGgmb0jLMNx+maAOhoo68iviz9s39pbUPgl+zp4o+Kfwlv9J1 fXdBurC3McrC7hjNzdRwuJUhlRg21jgFhg9qAPtOisvQ7yXUdF0/ULgAS3VvFK+3gbnQMce2TWpQ AUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAH/9L9/KKKKACiiigAooooAKKKKACiiigA ooooA+J/2pviv4u8Lavp3g7wxeSaYk9qLueeE7JX3u6KiuOVA2EnaQTn2rI/Zg+LnjLXfFM3gzxL fTatbTW7zQyzsZJYnjxkGQ5YqwP8RODjHU5+kPir8GPDPxXgtm1WSSyv7IFYbmHBYIxyUdTwy55A 4IPQ8nNP4UfA3wv8KZLi/sJpdQ1K6Ty2uZgAVjyCURV4UEgE8knA5rtVWn7LltqfOSwOK+u+15vc 9enax7XRRRXEfRhX4GfAzwv+1d4j/ai/akb9mnxnofhOGDxew1NdYtDdGdmuL3yDFiGXbtAfd0zk dcV++dfkZpf7Ln7eXwn+NHxc+IXwG8T+BLTSPibrkuqNFrDX8twkYlmeAMI7MqjBZm3BXYZ6HigD yTwqPjP8Bf27/APij9tyW38c634+t20DwjrukTiOw0yaR/Kki+x/Z4Duc3KIWIGBKWBkOdn0h+xR /wAne/thf9h7RP8A0C+qbwV+x/8AtE/EH46eEPjl+2B8QNJ8QN8PWefQ9E0C2eOyiun2t5rySxwt w6I5+RmYogLBV2lvir9mn9rD4XftG+OvjX+yn4g8LyaX8Txatq+meJ1ugtvdW6FFmjNqpLhSzup3 LjzCpRwA1AHA/CbwR4R+J37ZX7Y/gjxtYJq+hapB4djurZ2dUkEdvvALRsrDDoDwRyKt/wDBIH4Y eA9J/Zwtvitp2kRw+LNdub+xvb8PIXmtre5PlxlSxQBcDooPqa9e/ZF/ZN+LvwP+LfxW+JXxa8Va d4tm+JEWnSvc2glinN4iyPdh4WiWOOJZJSkGx2zGqllQ/KJP2GP2d/2if2X7TV/hR451jw9rXw1s 3urjRp7L7Quqm4uJlYeejxrEsZTeWUMxVyAGZeQAc1/wU60G/wBE+Gfgf9o3w9CZNY+DPifT9Yyv 3jZTTRxTx/R5RBu7bQc8V8Gftn/FLXfE/wC1fB+0X4GuTeeDv2dv+EQa7eIFklXXJzdOykf89I3W Fx7Y4Nfu98Xvh5p/xa+Fviz4ZaptW38T6Zd6eXYZEbTxMiSD3jYhx7gV+dfwI/4J9eK/An7IHxS+ BHxG1bTdU8X/ABE88rfW81xPaRfZ7aOPTFeSaGOUrBNHvIEZwDhc4FAHOTSQfHn9s343/E+B1vfD 3wZ8Dy+HNMlU5jbUNStppp5EPQsitPE2OxXPGK+EPHfgHwhrX/BJL4NeOtT01J9e0bWr6ytLos4a K3vtavvtEYAYKRJ5aZJBIxwRzX64/sj/ALI/ij9nz9mbxN8LfE+o2OpeNPF8uqXOoX1vLNLbPPdx fZ4P30sUcrKsaqzEx5DM+Aep8h1D9gz4lar/AME8fD/7KFxr2lW3jXw7eS6hFdxPPJpskp1K5u0Q yNCkwBinwW8k4cdCOaAPG/24v2dfANr8U/2R/wBnrwFbyeE/Cl7qviO1MVhPIssNtdSWE12IpZGd w0geTkkj5umOKvfGf9nf4Xfsh/tRfs1+LP2eNPn8It4s8Rf2Bq1vDeXM8N5aTNbxkOLiSQ8q7bhn DHa2Nyhq+ktY/Z2/aa+KXjv9nX4ofFzUfC6a98K9S1q610abLdpFcQXxtxbfZEeA5kCQnzQ7IucF SQcD1b9pz9nrxn8afiR8DvGHha90+1svhp4nj1rUkvJJUlmt0eFituI4pFaTEZ4dkHT5qAPsavwz /ZU/ZR+FPx8/aA/aX8XfGOwbxNpuifEDXbLT9KmnlS0hnnvJnuLoxxuuZHQRIp7BT1O0r+5lfgt+ zboX7WcHx7/ac8X/ALM+q+G5oD4/1my1LR/E63Qt3cXlw8N1BJa/MJE3MrKSoZcZ3ELtAOd1eK8+ D/w4/bS/ZK0u+uL/AMFeCLCx1TQI52Mv2CLVAk81sJWyxUeZGACfvI7feZjXqHw++APw9/Ze/Yri /bM8M21zefFuTwQt/Hqt1cy3Ajn1yGIRssDMYx9nSVVU7fug7i2a990j9hn4iJ+z58Z9I8VeJ7HX fjJ8b1EuranIZYtLikicm3gi2xNIsMSs/IiychQoVVr658P/AALs779lrRP2c/iM0d3FH4TsvDmp SWbtsLwWSW0kkDuqtgOu+NmQHgEqOlAH4PeBPCHwA8R/AWA+Mv2f/i/4r+JPiSy/tGbxrbaNc3LS alcr50d1az/bAskCsylGMf71PmYFmr9C/g7+2f4j+Bn7LXw2vv2ofB/jG88XX7ahpriHSZHvmTTJ FEU10l1JA+ZIZIwJDkyMrsec1naH+z9/wUe+G3w0b9nb4e+O/Bt74NhiksNO8Q3i30Gu2OnPlQip GrxK8aHEWPMKYAEgwu39CvgF8KJfgl8JvD/w2u9fvfFN5pUTfadT1CV5Z7qeVzJI37xnKoGbbGm4 7UCjJIJIB+Q/7d/x60H9qv8AZj8D6x8O9O1zwu0XxO0rSkbV7YWF0ly+n3brNEI5ZPlXzVw24EMD 6ZrY/bF+DvgX9hH9myfSP2bLXU9E1b4ra1pHh7Vb6Cea71CS1hhuZn+zlnGyWYgqUQqrh2AA4x9+ ftofs9eM/wBozwj4D0DwTe6fY3HhfxhpniC5bUJJY0e0sorhJEjMMUpMpMq7QwVSAcsOM9l+1h+z jpH7Ufwfu/hpf6k+iX8NzBqOl6jGpdrPULbcI5dgZdwKu6MMg4YkEMAaAPxD+JHg/wCFGj/D3Tp/ 2XP2dPjD4E+KvhiS2n0nxDLoV0rSyxuom+2MlzLkSpvPyRcNgACMsp+t/iR/aP7YP7U3wY+Anxkh u9N8IW/ga18ba3oDCWxN1q9wrKbeZcrKohJVSpIZMSr8rEkd74n+Bn/BSP4xeHdM+EXxO+IPhPw1 4Wglt/7S17w4b9Ncv4YGDDhkjjV2IBbZ5SkjnK5U2P2oPh74Xtv2gPhFD8IviXD4D+PHh/Rza6KN chubqy1vR4xKjW13dbHQyDEp+ZjIxckLvKMoB4j8Tf2Zvhv+zt+33+zfP8J4JNG0DxVfapK+jieW W1try0t0WS4hWV3KGdJI1YDj90Meg6f4XeH/AB54s+Ln7fnhr4X3hsPFmpnSrfTJhJ5LLcyW2ohA suR5bN91XyNhIbPFeZ6loXxw1P8A4KP/AAJg+NfjfRvFnjC1TULm40rw5DImnaHYwW8rp80uHMlw 4kLGRQ/yoMkFAPtjw9+xx43/AOEv/af1DW/E0Wjaf8b5NOfR7zR7i4XUNPayS5/eTjZCFIeVDtjl YOoZSVzyAfkTp+h/ss+D/Anhz4Z/tB/DTxj+z/8AE/SpLYr44iiurhJbyGRWluQ3mISJcEqI4pBF nKP8vzfaf7XPwW+D3j/9rn9l+81ixg8UW3xJS+j1m/ErhdZt7KztfskpMThVXaxZTFtBDdxXXa9+ zN/wUP8AiD8IR+y/4/8AFnga48DNHbWU+vtHfXWtS2NrIjR/JIgjaYBBksFYn/lrn569e/aB/Y9+ KV3Y/APWP2a9b0u01/4DwvZWUfiDzvs93bPb29uGdoEkbcBb8rgAhyQylQCAfEXx+8UeEvGf7b2t /Cv4pfD7xj8R/hj8INI0+z0fwv4Tspr2JLma1gkF1exrPE20CVo1bdlwqA/KGDehfsnXGqeCf2yI NN+Bnwq8f/Dv4O+NtLuV1fTfE+k3VtYWWrW0Us0dzBI0k6RiQRJGC8mSzsgGCgX6a+In7MH7R2l/ F/Sv2p/gH4h8P6b8S9T0S00zxdpGprctoeqSwRIrPDJGvnKFaNFjBVDtRTuUl1bq/gV8BP2mLn42 3v7Qn7T/AI2s5tRSxOn6X4b8NzXaaLaxuCGklSbb5jgM2Awc5bcX+VAoB8B/8Ew/2Pvg/wDEP4Oa V+0L8S7O71nxB4f12SbRx9qlEFnDpcizoi26sEffcGR2VgQcjABLFvDfgd4s+Fnxyh8W/Gf9p34I fEf40eKPFmo3KwXuiaXcXukadYrjy7Szkju4drREsCMHYAoXB3Fv2m/YW/Z78Z/sx/ACx+FXj290 +/1a2v726aXTJJZbcpcOGQBpooXyB1+THoTXzf4a/Zi/bE/Zd1jxToP7JHiDwnqnw88TX0uoWul+ KVvFn0a4uOHFu1sCHjVVUAsxzgZj3bmYA+TPA3xm+OnwK/Yo/aB0+30jxb4W0rwrf2Nv4HufFGnz Weo22ma3dG28oPICm61jXIMbERySDBAZAPUPjB/wTy+BPg79h/VfG3hu1ntfiBoPhp9an8QLdz+f ezC2868jlQyeWYbhC8YQLwCOSd2760+G37FWtz/s/wDxA+F37Q/jm98a+IfilK91q14k0rW1lNv8 2EWEc3CrFN+8zsQMcKUCqBXgHiD9mT/gon4w+CN1+zBrfjrwYng62sTYRa2iX39r6ha26f6La3Hy GONHKpHPIqlwmeZjuDgHPfEG/vNf/wCCeX7O3wC0aVo9S+MbeF/D5KHDx2QEdxdTf7qLGof/AGW9 K7z9pnwzY/HP9s74U/sd+Irie1+GGleHH8SahpNtI1vHqDwPPBbQM6FXKRiFeFPCl8YbDL6h8Mv2 UviZoPxJ/Z/vfG9xptz4b+CPgyexQ2s8khm8Q3aLazOkckUZMKwKGSRsNuH3R1rs/wBqH9mT4h+P /iR4K/aH+AHiGx8OfE/wLHLaRDVUkfTdS0+ctutrnygzqB5kmCqEneeVYK6gHAt+x74W/ZZ+IOtf tK/ADU5PCfh/RvDWpPq/hKNJrq01aW2t5ZYXEktxmFlcIQArDK4XbvfPz/8AscfsZfBv9pn4AR/H z9ou0uPHXjn4mzahdXWo3N5Oklokd1LbRpbCKRUTb5e4fKQudgGxQte/eA/2YP2gfij8ctM+On7Y usaBcJ4XsL2w0Xw54bFwbFP7QjaG4luJLgByWRj8oZskI25dm08V4D/Zt/bo/Zo0vVPhL+zl4v8A CGrfDq6ubibSZvEsd5/aeircsXdUWBWik2sxYbt6s+WKIGZaAPzw+JPjHxlb/sJfF74KeJNbuNdP wc+I8GhaZqMzlpmsoJ5EiXzMknY0TFOfkVlUfKqgfSv7bf7Ffwi/Z1/ZdHxo+HEV7p/xN8G32l3c niP7fcyX17d3FzHFPNMXkZNzySeaCqqQRgEAsD7P4z/4JxeJv+GOtU+BHgrxJZ6p488Ua9b+Itc1 rV3mhgur0HM20xRTyBQBhAVJY7mYgsQPsD9tb4GeLf2j/wBnPxJ8IfA93Y2Os6xLYPDLqMksVsot buKd97QxTOMqhAwh5xnA5oA/PT9sf4J/Cnx1+1P+y/r3iXw5BdXfxWubtfEreZMo1BLO0sFgVwrj YI1YgbNuR1zXWaa+jfBb/goT8S5fCuni30rwL8E91jZpucJb6ZJZGGFdxLEBYwoyST65r6s+L/7N Xjr4gfFn9nHx5o1/psOn/CCe8k1ZLiWZZpxcQ2sa/ZAkLq5BgbPmNHwRjPIEqfs6+IbL9svxn+0l 4hn0668D654Hbw49iGmkvmkE1vLIXhEPlmJo4XHyyliSBs5yAD41/ZG/Yu+D37Tn7OyfHf47RXXi j4h/E6bUL+41trqaK4sZI7qW3h+yiN1jTy/KDAFCAfkxsUKPlDwxZXem/wDBJL4+adqF2b+6tfHg iluWYs08iX+kK0hYkklyC2SSTnrX0h8DfCvxc8P/AAj16P8AZG/aC8Lp8A3uL2WPUdds7mPWvDkU jF7hI45I0XehLMpmKhj+8QLvzSfsMfs9r8dv+CcPj74S3uoyWVp438Q6hPYajJETuNo1mYJzGSCV Nxa/ON2eGGc0AfVn7aTon/BNvxMzsFB8OaKMk9zNaAfma+MP2pvh7b/Fi4/YN+G17dT2dj4j0qWy vJLaQxTGzlsdJFyiOOhkh3p3GDggjivUfG/7J/8AwUM+MnwM/wCGefiP448FWHhrSLS3ggnsVvWu 9Xax2G1S9leHbHErIrs8cW8sgyrZJr6U8WfspfEPXvGX7K/iKz1HS0tvgdaywa0sks4e4Z7SzgBs gICHG63cnzTFwV75AAPz8/a4+HPw1+APj74X/skfDvwz4lm+GPiq6vPFHiTQ/DPn6hq+svEgijt0 3yrJJEi2xZ08z5FLSj5lXGXHJpPgX45/DL4ifsffAH4n/DWe31S3sfE1tqOhXkel6hos7qkvmgT3 P7yMEkFgFBxITvRTX6h/tafsveLPjPq/gr4r/B7xJD4R+KHw4uJJ9JvLpGezuIp8CW2uQgZgjY+8 Ef5S6FSHyvk+mfAf9tj4yfFfwf4u/aU8Z6F4X8J+CLoXsej+Cp7+I6pcIVIF08xB8pioyC7fIWQI pYvQB5J4O+Ffg79tT9tD443/AMe7eXxF4d+Ec1loOg6JLLLDaw/aBN59wyxMjMzPAzAkndv5yEQC p+yH8GtB+Av/AAUY+MHw48JTzSaBaeFLSfTop5Wne1trma0lFuHcsxSJiypk52Yzk5J99+JP7N/7 Q3w+/aB139oj9kbWNCW58dW8EHiXQfE32gWNxParshuoWtRvDKvUblwS5ywcqK37L37LH7Qfw3/a W8cftD/HTxVoviS+8caPHazDTPtEZt7lZYSsMccsSr9miihCRtv3nA3JnJIB9P8A7VnxI1n4Q/s4 /ET4j+HHMWr6Lo9zJZSBBJ5V1IPKhk2sCCI5HViCCMDnivz2+E//AATf+CPxc/ZU0DxV4la5n+KH j3SLbxA/i2W6uJryDUtSiW6R9gmVJEjLhWU8vgtuDkMP1V+JHgHQPin4A8Q/DjxSjSaT4lsZ7C5C Ha4jnQoWQ9mXO5T2IFfl/afs0/8ABQ3wz8KZP2XfDXjzwdcfDwwS6XB4guIb1ddh0iUGMwCIK0IY RMVQAsVGAJhgFQCHXfC3iTwR+39+yh4P8X+In8W6xo3hTXbS41aSEwSXrRWN4oleMySkOygbiXYs csTk18+aZ8VvE3wX+EP7dvjzwZcPZ65D8RL2ztLhM77d7/UmtWmVh9140lZkbs4Wvujw1+xLrHw+ +OnwA8YeC9Ts5fB3wf0DUtJvBdySrqN3PfQXCedHGkTREPLPvcNKu0EhQcDMPgn9h3ULnw3+0n4G +K1/ZTaJ8bvEt9rFg+nSSyT2cM073Fs8yyxRKJoZPLfYpdCVxuIoA/LuHwH8CLv4CxadpH7O/wAY pfitLYLfQeMo9EuWlfXGTzVuhKt4QbdpumIy3l/MP3nz17N+0ZP8UfjJ8Bf2O9N+KJ1Xwr428R+K 4dG1CaaOWw1OGYziw+0lZAsiSyIBMGwM7twGCK+jx8Bf+ClVn8L4/wBnLT/H3g1PCUNuNMj8UKL+ LX00tR5aptVfLWURDaCMtj/ltu+evYfiZ+xz4w1rSv2cfD/hDxHHqdv8GvEun6zql7rtzcNe38Nt NHNO0bLHNuldlYqjsqKCF3gCgD5J/ao/Zi+En7IvjH4A/FX9nnTJvCOsHxrpmiXjQ3lzML21uss4 nE0j5LLGyNjAZXYMD8u3b8b/ALO3wX8Q/wDBVbT9B1nwvDdafq/g9/E13E0swEusfbph9qJEgO75 F+UEJx92vt/9sP8AZ78Z/tB6b8NLPwZe6fZP4N8Yab4gvDqEksYktLNZBIkPlRS5lO8bQ21TzlhX m37QX7Of7Q+o/tSeFP2nf2d9X8PRX+naF/wj+oWPiD7QsTW/2iWYyRtbxyElhLjHylSikbgxAAP0 Pr+TX9n34s+KPF3wq+Hf7J/ia8vfh98IfFXiS8tdd8TQRtjUJp9si6as7ARwocxrISW/1gZx5asr f1lV+Xnwv/4J93cX7EGpfsrfGO80661ee9vNRstQ01pZ4bO8dt1rOjTRQvlDlZFCjcjMmcNmgDxj /goW+j/B/wAN/Az9k/4c6Lq2n/DzxLfXP9r6V4VgaXVL/T9PMG60gXcpmkn893k3sSzhXcnnPzd4 3HhvwH4k8EfEn9jD9nT4q/Drxj4Z1GD7d9q0G9Fhqek/8vFvchbi5d2YhR90bgW3HcEK/ffib9jr 9oD4ofAP4daZ8QPGWl6Z8bfhBfG58PeI9PluLy1uI4xH5a3nnwQuHk8uMSsI5MmIOd+90pt/8BP2 7vjx4t8KWn7Q3jbw94Q8E+F72O9uYPBM2oQXurSQ8BZZJdpRHGQcMAu4kRltpUAy7+H/AIZt/wCC mVjqqj7N4S/aL0lraT+GJde00Dacf3nAQD1e5b615h8LvDnj39qPxP8AtS/tM/Dq8Nvq+q2l34H8 C3Qk8rbb2UQ82SGQkeX9oYRFJARsd3OeDj1f/grJH4VuP2etP1SDWFsfH3hzxBplz4bjtpB9vkvp JBG0cSqfMH7pzLwPvRp7V9C/Dv8AZZj8MfsYad+zLbatc+HNRl0TyLnUtPkaOeDVLg/aJ50eNlZl Fyx+XcN0Y2ZwaAPxD0/Q/wBlnwf4E8OfDP8AaD+GnjH9n/4n6VJbFfHEUV1cJLeQyK0tyG8xCRLg lRHFIIs5R/l+b+mjwvd22oeGdIv7PU11u3ubO3ljv02lbtHjVlnXZ8uJQd428c8cV+TGvfszf8FD /iD8IR+y/wCP/Fnga48DNHbWU+vtHfXWtS2NrIjR/JIgjaYBBksFYn/lrn56/VH4c+CNM+Gnw+8M /DrRZHlsPC+m2emQPIcu8VnCsKs3+0QuT70AfnVG8vjb/grc9tqYDwfD74etNYqw4SS6njSSRB/e ZbxlLDsMdqzPiz4b0rxl/wAFR/D/AIQ12Lz9N1z4TXtjdR/34Lm61CKRfxViK6f426bcfBb9v74V ftAzqYvC3xD06TwLqlx/BBfyM01jvJ4AnkEaA5wPLYn3oeJLm3v/APgrh4SWylWc2Pw0lSfYwby2 N7dsA2OhxIhwezA96APhnTfHfijT/wBg3V/2MJLnb46i+Ii/DWJeTJ5N3e/a/N25yYm2yxDnG3AB xioLf4geJte/YN8OfsYRXBTxzqHxCf4dXCf8tI7a1vReSSkdRHHviiPbbkHoa++dT/YO167/AG/L T9qO31OwTwNvi1S60oyzi6fWYLN7WOVYREYSocrNvMobcXG3nlnhb9gvW9D/AG+tX/aju9S0+TwS 73Op6fpqyTNeR6xe2sdvcSyQmIQBWYyyB1lLZ8vK8ZAB8MftMfFPxr+yp+2h4zl+BPhqTVNRs/hf aaLY+XC08ek2dsbeVr2WNVIZLeG2P3sIGKlsqCrfZ37PnwD0eT9i3xT46/Z/8RyeJPip8WtCurm5 8V3Unl39xqc6Nvt/NZi1v5c26P7+VkG9mJAI+iNJ/Zy8WW37bvij9o/UrnTbjwjr3g1fDi2ZeV70 3H2i2lYyRND5PklIWGfNJJIG3GSPDfh9+w/8TvhtJ8YfhB4U8XQaV8F/iFHLdaItrd3UWt+H9Tk2 MDCqxLG0AYbGH2gM6ImcEvkA/LfT9D/ZZ8H+BPDnwz/aD+GnjH9n/wCJ+lSWxXxxFFdXCS3kMitL chvMQkS4JURxSCLOUf5fm/po8L3dtqHhnSL+z1Ndbt7mzt5Y79NpW7R41ZZ12fLiUHeNvHPHFfkx r37M3/BQ/wCIPwhH7L/j/wAWeBrjwM0dtZT6+0d9da1LY2siNH8kiCNpgEGSwVif+Wufnr9Ufhz4 I0z4afD7wz8OtFkeWw8L6bZ6ZA8hy7xWcKwqzf7RC5PvQB8ReP8A/i7X/BRH4d+Cl/faT8HPDd/4 mux/yz/tHVmFnbRv/togWZPQZPrX6IV8l/s//BXxl4K+L3xs+MPxDa1fVfiHrcC6eLeUzeXomlw+ RYhyyrskZWJdBkAgcmvrGSWOFDLM4RF6sxwB+JoA/mx0jwLqev8A7Cfxc+I3hldviL4WfGDUPE1j Io+dfssdkk3P91Ucyt/1zHpXTft5fFXxJ8bPiX4V+K/wpl8zSfgf4T0Px04BLFbvW76zljjyOjCA wykkfdR+OlfZP/BNXw5o3j/9nP40+GtWUXWi+KfHXiW1k2kFZrW8s7SJyp5BDKTg1d/ZM/4J9eJv g78Fvi/8OvizrGna3q/xNtf7JW6spZ544tOgs3t7UM1xFE6vG0rEKoZVVU2scYAAug65pv7Tv/BR XQ/E+jv9s8JfBnwdBqEDfejOqeJIhLEfTJtZVb2aH16fkT+z78WfFHi74VfDv9k/xNeXvw++EPir xJeWuu+JoI2xqE0+2RdNWdgI4UOY1kJLf6wM48tWVv3P/wCCff7I3ij9k34c6/pPxC1Gx1jxX4i1 COae50+WaaAWVpAkNpAHnihc+X+8IGzADADgV5v8L/8Agn3dxfsQal+yt8Y7zTrrV57281Gy1DTW lnhs7x23Ws6NNFC+UOVkUKNyMyZw2aAOU/bt/Zy1zR/hd8I/C3wY+H9x4p+FngDVGn1/wdo8skM+ o2w8sxN+63TSsCJvMYB5C0u887mHk/7ImtfsfX37VWkap8Gx4h+CXi97C4stQ8D6pBJFaau+xznf JLKA8QIdU+QkxhlQHfu+gdZ/Zh/bO1r4TfC68/4WPpmnfF34UXUiwTw3l9Nouu2GI1jGoq0ETmdV TYzeU4cFiW3SZS94W/Zk/ac+Ln7QPgP48ftXan4VsIvhqs76VpnhaO5Lz3EwA3XM1z8wQMA4UO44 2hV3MSAfpvXz1+1v/wAmrfGP/sTtf/8ASCavoWuP+IfgzT/iP4A8TfDzV5GisfFGmXml3Dp99Yr2 F4HZc9wrkj3oA+F/gg6R/wDBL2wkdgqr8PdSJJOAALOfOa/MTxh4Ul8efsb/ALFHgSG8m08+JvE8 +lm4t32SxLfXz27MjdiFc19k+Hv2TP2/dL+DN3+ygfH3g+2+Gv2a6sI9YjgvH1qTTrguTabGQQos gYxuTuZEYhXfAFdxp37DnxYtPhd+y94Jk1bRDffBPxNFrWsuJ7nyri3S++0lbM/ZgzybOAJFiGf4 sc0AeJ/tp/sw/Bz9mT4K/DzRvg/pEml2+ufFLw3cXfnXEty8jw2d7GnzyszAD5jjOAWbGAcD6b/4 Ku6OLv8AY51vxNCwivvCeq6PqdnKOHin+1pah0PZgtw34Zr139tP9nrxn+0b4K8D+HPBF7p9jc+G fF+meILltRkljR7WyiuEkSMwxTEykzLtDBVIByw4z47/AMFII9S+J3hj4f8A7KXhMmTXviv4gt1m VefI0jSyLm8un64WJvLbkcgNjJGKAP0C8Fa1N4k8G6D4iuV2TapYWt06gYw08SyEY7YJr8d/2mn/ AGT1/az13Uv2gNR1z41a6mn21vpfgTQ9MuLlNCXYhdmaK5SOSSbh9p2lS+WU5jK/tHYWNrpljbab ZJ5dvaRpDEvXakahVH4AV+Yd9+zR+1p8G/2jviN8ZP2ZtS8I6tpXxTkhnvrbxV9sWazni3EeW1qu WjDuxGH5UhSmUVqAPkT9kW9sfDvx5/aS8BeBPC2ufDrwRfeCptXt/DGvK8d1Zz+TCqyPFI8jIXEz soLE7GVSSFFbv7FP7CfwO+N37F1l8RfilYXOu+JPEFtqsWn3kt7cqdJgsrm4t4I7WNJBGqrLG0xD IwZnIIK8V9J/Cf8AYw/aK8JfHb4i/Gb4j+NNE8WXXxN8JXmlahJGtxaSW2pT+UIY4IfJdGtII4Uj VzIshXkx5HP1P+yL8DPFnwC/Zc8M/BLxjd2N5rmjRanHNNYSSyWjG9vbm5j2PLFE5ASZQ2YxyDjI wSAfkXZfGP4maj/wTB+FHgy08QXNrqHj/wAWDwVPqRJaWLSpLi5zH5hORhESIDIJiBXOM13n/BQz 9hD4C/BT9le68f8Awg0ubw5qvhqWwtryRbueU6ra3FxHCyXSyOUZxM0cwKqMFeBjG36Z8F/8E+td m/YatP2X/iLrtpaeKdJ1K41jTdV0mSaWC01ATSSW0gMscEjALIUkG0EBjtOQDXm/xx/Zd/4KL/tN /CofCr4o+MPA2nWGlNBMj2H29JNauYHVVe+k8lhEioXkAiiAaUKDGBhkAP1z8Kf8ivo//Xnb/wDo ta36zNEspdN0aw06chpLW3iiYrypZECkjODjI9K06ACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooA//T/fyiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKyNZ8QaD4dt0u/EGpW2 mQSMEWS6mSFGc9FDOQCT6Vr1+Ln7MfwM+HH7cviz4wfH79o6zl8YSQ+Kb/w1oun3FxPBBpem2Kxy RrEkEkZVys6jJ5DKX++7MQD9n4pYp4kngcSRyAMrKcqynkEEcEEVi6f4p8Matfz6VpWr2d5e2v8A rYIbiOSWP/fRWLL+Ir8V/wBon4WfEj9kH9myw/Z+8D/Ee9vNE+KXju10fTpnhaGfQ9IvhI0lmtx5 zs4Yom4qIgR5vA3muy/av/YV+B/wB/Zx1D4ufAa1uvBfj34aRW+o2Wt297Obq4aORElE5aTYxlVm PyquGwANhKEA/YmW/sYLhLSa4jjnkUusbOA7KvUhSckDue1UNK8SeHddSeXQ9UtdRS1YpM1vOkwj YdQ5QnaRjoa/D3426PH+1j+0f+yHZ+L57jT7T4j+C5dQ1eOyle1aWCWxa+urYMhDCKYI0TAHlGOD 3rvfFHwL+Hn7KX7fXwDj+BNhJ4Z0f4i2+sadrOmx3E01rcx2sGQXWd5CcmRTjO3dGrABskgH7K2d 9ZajALrT7iO5hYkB4nDqSOvK5HFFvfWV3JNDa3Ec0lu22VUcMY29GAPB9jX4+/s0/EDSv2L/ABT+ 0p8A/FjeVoPw/wDtHjjw9EzYMuk3UakwRk9SrG3iGOsrPwDXyt4kv/iV8Ef+CeVp4/iuby08e/tM eMEvdYvbJG+3/YdSWeeOO3Ksp3TRxBlXIJE7rnnIAP6GbHxR4a1TUJ9I03VrS7vrX/XW8M8cksf+ +iksv4itFdQsHvX05LmJruNd7Qh1Mirx8xXOQORzjvX83XxI8H/CjR/h7p0/7Ln7Onxh8CfFXwxJ bT6T4hl0K6VpZY3UTfbGS5lyJU3n5IuGwABGWU/YXxn1nXPhP8f/ANmr9tXW9Pk0KLx9p1l4W8Z2 8sT232aXUrdZYvPjfDo0Lu5dW+ZfsyqeeKAP2EmvrK3uIbSe4jjnuc+VGzgPJt5O1ScnHfFeDfs9 eKPi/qXwug1n9o3+xNO8UPdzxv8A2ROrWPk7gIcP5so3kZyN/XtXx54IX/hor/gpB4r8dv8A6R4W /Z90tdCsD1jbXL8OLlwDwWjUzRP6FIzxxn8zY5ZYP+COgmgcxyR+NQyspwysLjIII6EGgD+l5fEn h19Ybw8mqWraqi7zaCdDcBfUxZ3498VwHgz4V/Cj4LXHjDxV4VsIvD7eMNSm1rXLmW6maOe9nYtJ MxuJHSIMzn5U2IM8AcV+Qv7bf7Ffwi/Z1/ZdHxo+HEV7p/xN8G32l3cniP7fcyX17d3FzHFPNMXk ZNzySeaCqqQRgEAsD6t8b7CP9qz9sv4Xfs4fEi5nb4f6Z4RTxhqWlxO1vHqWoSF40V3jKsUQbMYO QPMAILEgA/WSx8R+HtThtbnTdUtbuG+3fZ3hnSRZtv3vLKkhsd8ZxWtJJHDG0srBEQFmZjgADkkk 9AK/ED4m/szfDf8AZ2/b7/Zvn+E8EmjaB4qvtUlfRxPLLa215aW6LJcQrK7lDOkkasBx+6GPQftf rejaZ4j0a/8AD2twC607VLeW1uYWJAkhnQpIhKkEBlJHBBoA+NvhN+1tJ8XbP45Tafp9ppknwu1P VNM05DcfaHvRpsLk3LgbPkeRMhV6LxuJ5re/Y/8A2iLz4z/s2eBfir8U7/S9K8Q+Km1BDFEwtYZG tdQuLVBDHLIzE7IlyNxycn2r87P2LPgf8KtG/wCGp/FumeH4oNX8F6/4p0PR7gSSlrTTRDMggQFy pG0YywLe9Yv7EP7BPwI+Nf7Gth8RPilp91rPiDxDFqqWF019cR/2VBa3dxDGlrFG6xgecjzMHVgz O2eCRQB+9eRjPasPS/E/hrXLm4s9F1a01C4tDiaO3njleI+jqhJX8a/nD1L4+fEm7/4J3fA74cvq WtXQ8b+Jbvw/qEulBrjWLjR7K5KixtRuBeR1kSKOMsN6oIydhYVe+Juj+B/DGk+HPFv7G37Ofxa+ HPxN8JXltNaahcaFefZry3RgJ4b7FzcNIsi8nCfNyjfIxwAf0lV8+ftCfAL9n345eHbeP4+6JZX9 hpBZ7e8ubh7KS1MmN2y5ikidVbaNy7trYGQcCvbtC1CbVtE0/Vbi3ezlvbeGZ4JVKSRNIgYoytgh lJwQeQetfkj4f+GnhX9tb9tz40R/HNJvEHhH4Nf2dpGh6DLLJDaRzXqSefcOsTIzMXt3OSfmDqDl UQAA9x8VfC74LfsPfs5+P/jV+zD4W0y11yy0oSx39xLPqX2lVlUbXmkmZzGSclY3VSQCRwK9K0P4 l/tA+MdF/Z38W+FbbQ20XxvpVvqPjI3DeVPELmztZ4/7OjaYMfnklyMSEALn1Px58a/2SYP2Xv2Z P2kG8C+KZ5Ph74n02O407wzNHJIukzpJH5jxXUk7s4kyQQYwSoTczFcnlPFf/I1f8E3f+wT/AO4v SaAP2g1jX9C8O2wvfEGo22mW5IUSXUyQoSe25yBmr0V3aT2q3sEySW7rvEqsChXruDDjHvX87F14 78DfGr9qf4xeLf2ivhT48+Mmm+FNZufD3h7TvDmmzX2maVbWcskLmZUuIdk8ojV9vQsXYgnbt9t/ ZKuvGHhXX/jz8OvC/gXxr4N+C1/4ZvtY0C08X6bcWp068SJY7i2hlkaSPbKZndV8xmZIwx+YOSAf tDeeLfCmnpaS3+tWVsl+dtu0tzGgmb0jLMNx+ma8Q/ay/aAj/Zm+BXiL4ux6dHrV5pS26W1jJP5A nlubiO3BLYYlYzKHYKMkDGRnI/Kr9in9hP4HfG79i6y+IvxSsLnXfEniC21WLT7yW9uVOkwWVzcW 8EdrGkgjVVljaYhkYMzkEFeK8o8T2Vp8UP8Agjnpfj7x7G2s+IvAl4bTR76eSRpraGTWYbZlB3YY eQRENwOEAAxjNAH9C3gzxFD4s8KaT4ihlhlOoWsEz+QweNXkjVmUEE9CccnNeWeLdb+Ndr8efAuh +F4NIf4cXtrftr8lxIBqaTpDIbUWqeapZTIE34jbC7uR1Fv9nb4YeA/hL8I/D/hn4d6RHoumXFtD fSQxvI4a5uYkaWQmRmbLHrzj0FfGHx2/5Sefsz/9gbxL/wCm+8oA/SPVPEnh3Q5ra21vVLXT5r1t kCXE8cTSt6IHILH2Ga+TP2Zvj944+L/xd+PHgbxTDZR6d8NfEMel6WbWJ45WgYzgmdmkcO/7teVC jrxXxF+yr8Avhl+3BqPxZ/aF/aP0+XxdqV54nv8AQNMtLieeCPS9NsUjaKOJIXj2OBMBzyNu77zu T5b+z/qGtfsn/Dv9tuTwpqE2oaj4F1CC1028uT582f8ASYLaWQ87njDozZ4ypyMcUAfvBN4n8NW2 rx+H7jVrSLVJhlLR541uGH+zGTuP4CtOe9s7V4YrqeOF7htkauwUu3ooJ5PsK/mi8CeEPgB4j+As B8Zfs/8Axf8AFfxJ8SWX9ozeNbbRrm5aTUrlfOjurWf7YFkgVmUoxj/ep8zAs1d18V5vjH8Wv2ev 2S/Cfxi/trwx41vfHA8PXF5eRT2OqCN5ktoLrMwWXzPIdT5h5dgWJJJoA/oSsPEnh3Vb650vTNUt by9s+J4IZ0kliP8AtopLL+IFfMes/tQ2unfteaP+zFHZWq2134dm1y51SS5G5ZhO8EdqkfADfuyz FmJOQAoxk/nr+1R+zF8JP2RfGPwB+Kv7POmTeEdYPjXTNEvGhvLmYXtrdZZxOJpHyWWNkbGAyuwY H5du343/AGdvgv4h/wCCq2n6DrPheG60/V/B7+JruJpZgJdY+3TD7USJAd3yL8oITj7tAH6GeGvH /wAWtC8VfF3Vfi5Ho1t4I8OG3l8NPZTr9slgWKd7lbwGV9shKxiMFUzlsA9vhD4M/tCft9/Hf4S6 38evCE/gO10zUI5F0LQrgypcRyRajHbM9zJJIiqnlLPhmlBd1QhAGxXMeAPhz4K+KHxg/bv8N+Pd LTV9Niu9GvVhkZ0AuLW21KSF8xspyjgEDOPUGvmzRPhL8O/D3/BG/wAQ/FvRtFjtvF3iqGCDU9QD yGS5itfFqRwqysxQBEjUDaozjnNAH9EejX17D4YsNR8VSQW16LSGS9ZGAgSYoDLtYkjYGzg56d6s 6Pr2h+IrX7d4f1G21O2yV821mSZMjqNyEjNfg9+1h4+XxV8XfgT8AvG2geKPF/w207wZp/iHVfD3 hO3kuL7VbmRJI4hJGkkRaCEwISwYFQz7SGIKs+H80HgX9q34Y+LP2Uvgd8Sfhp4d1q9TSPGNjrOi XcOkT2d06RRXJ/fXAQwb3kdnKou1WGPn3AH394x/YG/YO1nxbd+OPFHg/TrS9uLofaY11O5srR7q Y5UNbx3EcSuxyQiqoY5+U19xeHPDmg+ENB0/wv4WsIdL0jS4Ut7W1tkEcMMMYwqIq8AAV+HHw0/Z P+Gf7Uf7bH7TafFyO71DQ/C+qWv2eygu5baM3eoLKBcHyipLxpbkLzj5vmB4Ffudomjab4d0aw8P 6NALbT9Mt4rW3iX7scMKBI0HsqgCgDxP4D+JPjHqXhrxPqPx9XRbG8s9dvItObSplaD+yESL7O07 ebIFm3GTeCRgbflHf2KbxR4atr+10q41a0ivb1Q1vA08ayzKehjQtuYe4Br8IPhV/wAo5f2tf+x0 8R/+itPra1D9hj4JP/wTvPxt1azu7/4kt4Mt/FS6/NfXLXKTJZpdwwKpk8oRRxBYFXZwoBBDAMAD 94q+SfiF+1Da+Cv2pPhz+zmllatD4ws9Rvr7UprkJ9kWzt5pI4Vj6b5HjGWZuFOApJyOt/ZH8Ua5 40/Zh+F3ijxLdPfarqHh7T3ubiQ7pJpBCqtI7Hks2Mse5JNfnL+0j+zz8GvG/wDwUw+FWheKfDMO oWHjvRdVvdbieWZRe3FnaXCwSOUkBUoIYwAhUHaMg80AfZXgD9o7xTrn7Yfxn+CHid9OsvCHw803 R7yyuSpin3X9rbzSmeZ5ChUNK23CrgYyT1r7L03VNM1myj1LR7uG+tJhlJoJFljceqspIP4GvxLi /Zv+H/7Q/wDwU/8AjlovxPgn1Hwv4f0vQbt9LjuZbeC7uTpljHAZ/JZGZIgXYAMPmxnK7lPTfAjS NJ/ZN/bG/aB+FvwyFxB4D0nwUniu30eSeW4iivII4CdhkZnO7zHXJJYrtUk7VwAfsBqfifw1ol1b 2Os6taWFzdnEMVxPHE8p9EVyC34VuV/Mp8Cbn4NfFTwFqvxJ/aR+BfxQ+MnjjxxdXk1x4h0rSbi6 0+KIStFHFp00d3EoEW3B+T5GBjHyIBX6n/8ABM/WPiy3wa13wT8UtI8Q6bB4U1ma10CTxNZTWeoS 6LIqvbrIJh85iO5TtZlQbUU7VFAH6J3N7Z2QjN5PHAJnEaeYwXc7dFXOMsccAc1W07WtH1hZ20i/ gvltpGilMEqyiORfvI+0naw7g8ivy2/4K76dfav8DfhvpOl3L2V7e/EHSIIJ42KPFLJZ3yo6sCCC rEEEHIIr5w/bL+Cnw7/Y1+G3hf4XfAKw1vTU+M2t2Gl+Ip9MllvtYv7DTwd1vaK7gedctcf6pCiy thMBCRQB+52l+J/DWuXNxZ6Lq1pqFxaHE0dvPHK8R9HVCSv41c1TVtK0Oxk1PWryHT7OHBea4kWK JM8Dc7kAc+pr+cX4m6P4H8MaT4c8W/sbfs5/Fr4c/E3wleW01pqFxoV59mvLdGAnhvsXNw0iyLyc J83KN8jHH2T440PT/wBsP9vXTvg38XIblvAXw+8G2/iT/hH5Wkt47nVL0wAtOqlJD5a3KqQT8pjK YAdwwB+ttprei34tzY39vci8QyQeXKj+ag6smCdwHqOKtW19ZXrSrZ3Ec5gcxyCNwxRx1VsHgj0P NfjBo/7Pngv9nr/gqB8MdE+Gqy6f4X13w/rGoQaU00ksFjcm3uIrjyBIzFEl2I+P72QOAAPbP+Cd 3/JQ/wBqf/spusf+j5aAP0zt76yu5JobW4jmkt22yqjhijejAHg+xrNm8T+GrbV4/D9xq1pFqkwy lo88a3DD/ZjJ3H8BX4peBvidrPwhj/b9+JPhZwuraNr2bOTbvEVzJJdQJJjofLdw2DxxzxmvmLwJ 4Q+AHiP4CwHxl+z/APF/xX8SfEll/aM3jW20a5uWk1K5Xzo7q1n+2BZIFZlKMY/3qfMwLNQB/S9d 3lpp9tJe386W1vCCzySsERFHdmbAA+tZ+j+IvD/iG1a+0DU7XU7ZTgy2syTID7shIr8GvH/hz9qf 4zfsh/AzW/iP4D8QeMofAus3SeMfC8y3VhqutWlrIi2Mzoyi4lIhDK7qrOzPv/vMOx/ZM1P9jnWP 2o9NuvhEniH4K+KrnTrmw1PwNqsEkVprLGOTPzyTSYeMHeqfISYwyoDv3AH0V8KNM/Z2/aL/AG1f ir431zwPY/8ACX/Cy90mx07U5dQmuDfTpFOPtS2u8W4MSwII8IxXG8tuxt/Rjxx4rsvAvg7W/GOo APBotlcXbIXEfmeRGzhAzcAvjaPc1+RP7B37Pvwd0T9rv9oXUNL8NQwXHw012ztvDriWY/2fDdw3 sU6oC5Db0+Ul9x9MV+lH7T3gXwn8RPgD468O+NNOTVNOXSbu7ELs6jz7OJp4HyjKcpIisOcHHII4 oAyv2Ufjs/7R/wADfDvxau7O30q91v7W8thbzef9lSK8ngiVmOGLFIgSSq5OSABwPb7bxT4YvNWl 0Gz1ezn1ODPmWsdxG06Y67ow24dO4r+e3w7La/s//wDBKjS/ib8JLU+H/HHxYu49E1bWbeWRZ2iT UL5EfcWIiKwo0QaMKRvyDuAI+sfjx/wTq+Afwp/Zg8QeL/hzBd6H8Qvh5pE+uW3iaG9uEv57zTYj cSM/73YPO2MAFA2EgoRjkA/Tz4p/CzwR8Z/BF/8ADz4h2H9o6JqJiaSNZHhkWSGRZY5I5Yyrxujq CGUg/gTX57+GdG/Z4/ZK/bK8I/Cj4X+Dre01r4nWGp3WteIb7VJ7m4t4beOW5Fuizu4QzTRK7nK7 hjIY7Sv2V+yn8SNb+Lv7OXw8+I/iUh9X1vSLeW8cLsElwg8uWQKOAHdS2BxzxxX5u/tI/s8/Brxv /wAFMPhVoXinwzDqFh470XVb3W4nlmUXtxZ2lwsEjlJAVKCGMAIVB2jIPNAH2V4A/aO8U65+2H8Z /gh4nfTrLwh8PNN0e8srkqYp91/a280pnmeQoVDSttwq4GMk9a+y9N1TTNZso9S0e7hvrSYZSaCR ZY3HqrKSD+Br8S4v2b/h/wDtD/8ABT/45aL8T4J9R8L+H9L0G7fS47mW3gu7k6ZYxwGfyWRmSIF2 ADD5sZyu5TD4E+zfsXftI/tO+BvhB51t4P8AD3w+k8X6fpE80t1bwalbwQlCPMZmKlpGDEsW2YDE hRgA/ay98UeGtN1KDR9R1a0tb+6/1VvLPGk0n+4jEM34Ctyv5l/g3o/wF8dfB9/EHxx+Avxa+J3j /wAZCe8vvF1hpE93G0srMIpLCcXaIyRqFwWjIZgQwKYUfrr/AME4vEXxi1r9my10r43abrGn674a 1K60u3fXrSe0v7mwjSKW3ldbgBnAWUxBxkfu8ZJUmgD7xd0jRpJGCqoJJJwAB1Jr8i/2dP8Agob4 2+LH7UTeAvFWlWVj8MfGVzrFn4M1KOJ45rubSnUjzZGlZWEkWeAi4kZFBPf6P/4KL/GuT4Kfsr+K LvSpSmv+LAvh/S1T/WGfUFZZWTHO6O3ErqR/EF9a/Gn4q/Fj4V6R+yh8IPCnwn0HxPpXxE+DF5aa 1b6hd6LLBam6dvP1ItNuO2Np8SgntGqk4oA/eX9rf9oyw/Zb+CupfFO403+2b5Z4LHT7HzPKFxeX JIRWfDEKqhnbAJIUgcnI/Pz45+D/APgpF8Sfgvrc3xd8N+AfEXhW7tor3UfCNlPqVvqAjtHW52Rz QyoDMjRhtounUlQAH+6frL4p6p+zp+15+y54WtPid4itfDmj/FOKyk0iSW7iguYtWbBSK38w4kmh lLRumDn5lPXNfN8nwp/4Kf8A7OmmH/hWnxD0b40eHNJjxFpmt25i1GSKMfdDMQ7HaMAG9JzwAaAP r/8AYX1n4OeIv2ZPCWu/Azw4PCfhq8W4ZtMMzXEtveJM0dysszlnlYyKSHc5ZNpwowo+uq+Wf2Of 2htE/aY+Cdl8QtK0RfDd3bXU+m6lpqEFLW+ttpdVIVTtZHRxlQQGwckZP1NQB+c/7Zn7Q/7QXwy+ L/wk+D3wBh0F9U+JB1CIvrsU7xLLa+SU+eGRSi4ds/K2TivOvGPxm/4KZfAjQ7n4j/EvwN4K8ceE tGQ3GqQeHpruG/itUGZJUaZjgIOWIhkwMkgAEi1+2F/yfj+yV/1+az/6DBX6d+Ip9ItfD+p3PiDZ /ZcNrM935uPL+zqhMu/PG3ZnOeMUAfH3xX/avtx+xRq/7VXwTkt70jTYLyyS9QyRxyvcx280M8aO h3xMzowD43LwSOvy3ZX/APwU5+OHwet9Tn034aan4W+IGgpM1lK2p288+n6tahjE7RSoY3aKXaSk oKno/Ga+WPg4dTP/AARn+J327P2X+0br7ED1Fv8AbbPIz3/e+Z0r6b+BvxB/4KVR/A/4faV4A+Fn g+TQY/DukxaXqF9qTb5LNbOIW800SXKsGaMKzKAME4wKAPPv2M/2eP2Rv2ibbxp4P+JXwW/4RH4i fDfUF07XLCDX9Zkti7mRVkhJv2IG+GRSu5wMBg7Bhj7++Fn7JX7HXwa+Jln4h+Gei22k+NdNSZYV /tu+up0WeNopM21xdyqcoxGWQ46jBwa+EvGXw3+M37Ff7J3x3/aA8YeI4b/4x/FK7sTe3mmAi301 bm58nEDlUIdFuZSHVQFbywv3Nzd7qv8AwTc+AGn/ALK02u2dvcRfEmy0JtcXxWL24F4dXjt/tRmP 73yxGZBjbjIXkN5nz0AfRf7fH7Q/xV/Z58FeB7/4Qw6ZNrfi3xJbaJ/xNYpJYFW5ilZT+6kjKneq 5PPGeK8l8Q+K/wDgq/4H0S98WX2g/DnxLa6XE1xNYWBvxdTRRjc4h8ySJS+0EgbsnsGOAfin4/8A xa8e/GD9gz9l/wCJGpY1XxfP4yt7cNcHaLy7057y0ieVyRzMYVMjZHzFjx2+2Ne8Vf8ABVnxpo95 4Z0/4f8AgrwbJqMTwf2o2otcPbCQbTJGqTy/OoOQTG4H900AfX37Kn7Q2j/tQfBTRfi3pVi2lS3p lt72yZxJ9mvLdtkqBxjch4ZCQCVYZAOQPQE+E/gS3+Klz8bprRpfFkmlrpAu5pndLewSQzGOGNm8 uIM/zOygFu5xXl37IP7Olr+y18DNG+FC6guq38Ek15qF2ilI5ru5bc5jU8hEUKi55IUE4JwPk79t yO8+NH7S/wADP2QdU1K50/wT4w/tHWPEEFs5hOoRadE88Nu0i4bbmCQFQeC6vjciEAH6aaN4i8P+ Io5ZfD+p2uppA2yRrWdJgjj+FihODx0NM1fxP4a8PyQQ69q1ppsl0dsS3M8cJkPogdhuP0r4S039 g/wB8FvjP4e+O37Pmoy+ALHQrS5j13QrZZ7231y32fJHma5HlMOTnDjeEYKGBLfKn7FP7Mvwv/bG +G2vftMftOWUnjrxX451S+jj+0XVxFFp1pbv5aQWyQyJsw24qf4V2hQvJYA/aye7tba2a8uZkit1 G4yOwVAPUseMUjXlmlp9veeNbbZ5nmlh5ezGd27pjHOelfgBp2qeIvB37Mv7Zf7L9/rFxrmgfCWW CLQ57pzLNDYX0sm22L5xtjECkKAAGZ8ADgfeHi50T/glVudgoPwoshknudIiA/M0Aei/Hv8AaG8Y /Dj9oP8AZ/8Ahl4TWwudB+KN5qsOpSyxtLKIrOO3aI28iSKq581skq2eMYr681nxBoPh22W88Qal baZA7iNZLqZIULnooZyASewr8ObD/kOf8E4f+wbf/wDpHYV6p4O+Ffg79tT9tD443/x7t5fEXh34 RzWWg6DoksssNrD9oE3n3DLEyMzM8DMCSd2/nIRAAD658C/tB+M/E/7bPxA/Z8uUsW8J+GfDlhq1 lNFG32p5roW5bfL5hRk/etgBB25Pf1P9qT4m+Ivg1+z545+KPhKO3l1jw5p7XVst0jSQGQMqjeqs hIwegYV+dH7Ifwa0H4C/8FGPjB8OPCU80mgWnhS0n06KeVp3tba5mtJRbh3LMUiYsqZOdmM5OSft T9v3/kzX4sf9gZ//AEYlAHq3wU+Klr4++Ffw78ReJtRsIPE/i3w7pWrT2cUqxsZb20inlMULO0mw M529cDHJr2hmVFLuQqqMkngACvxN8M/8E9vgde/sMWPxBvIbhviTP4Sg8SweIzeTi5trxLFbu2ij HmeWIIFCQhQo+RdwIbBHhvxo/aS+IHxV/Zc/Za8G+Kjr+qWfxLlv18UxaBE02taxaaDcrZmGFdy+ a9yu6SQE4LBWIxwQD+gvSPEvhzxAZl0HVbTUjbNslFtPHN5bejbCdp9jW3X84njceG/AfiTwR8Sf 2MP2dPir8OvGPhnUYPt32rQb0WGp6T/y8W9yFuLl3ZiFH3RuBbcdwQr/AEd0AY+teIvD/hu2F74i 1O10u3JwJLqZIEz/AL0hAq5p+o6fq1nFqOlXMV5aTjdHNC6yRuPVWUkEfQ1+H3xob9kJf2p/H+of G5/EP7Q3jC5MNvZeGdB0q5uIvDkMS7Tar5d0kUsh+XeQV2uHLKJGbHU/8Evb/wDsb43/AB++Hfh3 RNY8HeELObTL/T/Dmt71u9La584lHjdnZGZCoOWLFVTcSRmgD9pKKKKACiiigAooooAKKKKACiii gD//1P38ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACvzAk/Zn/aw/Z++I/jrxF+yDr3 he68JfES+fVLrRvFC3anTdRnz5s1q9sCGUnn5iBtCoUbYGr9P6yNZ8QaD4dt0u/EGpW2mQSMEWS6 mSFGc9FDOQCT6UAfmFb/APBN++8T/ATxh4W+J/jT7Z8VPG2vx+LLjxBaRsLey1iDzBCLeP8Ads0K rNMpOEP7wlVXaoEXjD9nX9vj9oXwnZfBX9oLxp4Q0nwGJrb+2b/w7Hdtq+sQW7rJsYTxrBGWZQzF VQB8Haygqfof9uz9oTxn+zl+z+3xS+G6WN3qR1KwtU+2xtPbtDdFtzARyRknAG07sexr1nU9b+Nc f7RmkeH9Ng0g/C2XQnnvJZJANWGq+bKFWOPzATBsEfPlnnd83YAHi/iP9ljXG/ai+BnxZ8GTafY+ CfhLomoaPJZSyzC8Mc1lNaWy26LE0bKm9NxeRCADgE8Hb+OH7PfjP4l/tK/A34yaFe6fBovwzl1a TUobmSVbqUX0UaR/ZlSJ0Ygod290wMYzX1Xq/ibw54feCPXtVtNNa5bbELmeOEyN6IHI3H2Fac13 a21u15cTJFAg3GR2CoF9Sx4xQB+aX7dH7CHiP9qXx54L8Y+CNctPD5gh/sjxMZ5ZopLzRftMdyiQ iKKQSSRuJGVJCqsxXLDbX0l+03+y94Y/aI+Bn/Cm4Lo+G20p7W50O8gQsNOurFSkDKgZcoI2aMjc CFYkEMAa+hpvFHhq2v7XSrjVrSK9vVDW8DTxrLMp6GNC25h7gGvmz9rH9phf2bNA8H3trpsGrX/i /wAR6foSpPceSttFeb2kunUAs6osZAGVG4glsDBAPlPxP8DP+Ckfxi8O6Z8Ivid8QfCfhrwtBLb/ ANpa94cN+muX8MDBhwyRxq7EAts8pSRzlcqfYv2+/DXwyg/Yo8Z+C/GOsJaR6Jo8MulyXk4lvHvr Db9iAaRvMkknkQRM3JYOxPevvS3ube8gS5tJUnhkGVdGDKw9QRwa+Zfjh+zV+zP8U/FuhfFP456L Z32oeGoxDaz397Lb2ojSQzKksXmpDKock7ZFYHJDAjigDzf/AIJ1/CTU/hb+zLoepeKTJL4q8fTS +J9YmnJM8lxqeHj8wt828QCPeDyHL9ya+W/+Hevxn/4YGP7LH9taB/wlf/CQf2t9q+0Xf9neR5u/ b5n2Xzd+O3lYz/F3r9etJ1XR9ZsItQ0K8gvrJxiOW2kWWIgf3WQlTj2NWLO+stRgF1p9xHcwsSA8 Th1JHXlSRQB8u/trfAzxb+0f+zn4k+EPge7sbHWdYlsHhl1GSWK2UWt3FO+9oYpnGVQgYQ84zgc1 8pftNeA9GHx6+DzfDf4k2Pw//aF0TRfs+mJqVrcS6VrWmKsiS200wiMY2sJiik7yHOF3bGX7j+P3 xy0j4I/BTxV8YIIoddHh62aSK1S5WIXEwZVEQkAfBy2ThSQAeK/On9ubxT4K+K/7L/wI+Jfizwlo niPUPGmueHrK4ErXGdPTW7GS6uo7aa1uIZkYPGgwzspAG9WOCADyTUtC+OGp/wDBR/4EwfGvxvo3 izxhapqFzcaV4chkTTtDsYLeV0+aXDmS4cSFjIof5UGSCgH7z18vfAX9nT9mD4AatqenfBPRtO03 X5YlivnF497qJjDbtsjTyyyopbkqNqkgccDH1DQB+ZPw3/ZY/aR+Fnxb+MVvoWteG774WfFm91vV pVnNymrW15qUM3kooWIxBUlkVZDvbdGu5QG+Svo39kL4HeLPgD+y/wCF/gn4xu7K81zRYtSSaawk lktGN5fXNzHseWOJzhJlDZjHzA4yME/St1rmi2KXb3uoW9utgoe4MkqIIVYZBkJI2gjkE4qJvEfh 5NH/AOEifVLVdK2eZ9rM6C32f3vNzsx75xQB+V/hn/gnT4ub9jfw18DPEviey0f4ieCdbn8QaJrW ltNPbW14ZmkiBMkcEhVlYBiEyjBWG7bg6/iX4Df8FCvjy2g+BPjd498M+D/Buk3UFxqN94Nkv4dX 1TyO26RUWPfkk7diq+G8tgAo/Uew1Cw1Wzi1DTLmK8tZxujmhdZI3HqrKSCPoazh4o8NHWP+EeGr Wn9q43fZPPj+0Y9fKzvx+FAGtbwR2sEdtDkRxKEXLFjhRgZZiST7k5Nfnb8Sf2af2g/AP7QOv/tH fska5oMd742tYYPEWgeJVuRY3M1soSK5hktsuJAB90lADvO5g5Ue0ftY/tML+zZoHg+9tdNg1a/8 X+I9P0JUnuPJW2ivN7SXTqAWdUWMgDKjcQS2Bg8z8Rv2ivFvhn9sX4N/AzQv7Pn8JePtN1i8v7hk Z7gNYWtxNEYZVkCKu6Jd2UbIzyKAPndP2Gvjf4w8AfGvxV8WfFekat8YPi9pkOlxm28+DRNNtLd4 2SFG8ppSCIk3HyjjaPvEs59N1v8AZI+I+pa1+yVqMGpaSsXwGsfs2uBppw1y/wBisrfNliAhxvtn P70xHBXvkD760jxBoHiCOWXQdSttSSBzHI1tMkwRx1VihOCPQ0ms+IdA8OW63niHU7bS4HbaJLqZ IELegZyBn2oA/OnxH+zJ+0v8Gvjh40+M37IOu+HZdO+I8ovNc8O+KFuhbDUMkm5t5LbLFnd3cgsg G4j5xtC9f8Ef2Z/jvpEPxP8AH3x68eR+I/HfxGsJ7GKwsZrldB0uJ4iiLDFIBzkICwiBVVIBcszN 9829zb3cCXVpKs8MoDI6MGVgehBHBFeX/FD4lad4R8EeM7/Q9SsZvEfhzRdQ1KKyklR5A9tbPNGZ IVcSbCVGemR3HWgDyr9kX4GeLPgF+y54Z+CXjG7sbzXNGi1OOaawklktGN7e3NzHseWKJyAkyhsx jkHGRgn5e8NfsI/EOH/gnlq37IfiDXNKh8U3k0l1De2zzzWAkXUEvoVZnhilCsIwjkRErkkBsYP1 3+yJ8WfE/wAc/wBnHwT8V/GcdtFrXiG3nluVs42igDR3MsQ2I7OwG1BnLHnNfSNAHgf7Nmi/HTw5 8LbLw/8AtCT6LdeJNNcW0MuhGY272MMUaQmXz0Q+cSH37RtxgjHIHmvxK/Z68Z+Mf2xfhB+0Lpl7 p8Xh34f2Gr2t/bzSSreyvqFrPBEYEWJo2UNKpbfIhABwCeD9jUUAfmL/AMM1/tY/AH4meNtY/ZF1 zwvceC/iLfSardaV4q+1/wDEr1O4/wBdPbG1X5kbjAJPyhUKNtDmb9mz9hvxv4J8M/HXwl+0J4js vF8PxlmSS4vbBpY7h2lSf7RLIkkSLFIJJt0YRnHAPH3a/TSigD8k9D/Z+/4KPfDb4aN+zt8PfHfg 298GwxSWGneIbxb6DXbHTnyoRUjV4leNDiLHmFMACQYXb6J4q/Yj8ct4a/Zz8M+H/Fia8/wh8VWf iDWtR125uTdX6R3CTz/ZwEn+bIKxRu6qqhQXzlj+lFFAHxz+2H+z34z/AGg9N+Gln4MvdPsn8G+M NN8QXh1CSWMSWlmsgkSHyopcyneNobap5ywrzb9oL9nP9ofUf2pPCn7Tv7O+r+Hor/TtC/4R/ULH xB9oWJrf7RLMZI2t45CSwlxj5SpRSNwYgfofRQB8KfDH9mHx74L+Jv7THjTVNQ0yWx+MxtP7HSGW ZpYPIt7uJvtYaFVTLXC48tpOAenAPlo/Yq+KY/4Js/8ADHX9q6N/wmf/AD9+fc/2X/yHv7U/1v2f zv8AU/L/AKj7/H3fmr9PaKAPzv8AjZ+yH8TNe1T4W/GT4HeJ7Dw38WvhlpUGkb79ZZdL1KzWPbJb zlFMioC8pUiMkhzkKwVlpeCfgP8AthfEn44eGfi5+074y0jRNE8Fh5LDw54Onvo7a7uGIO+8aYgs mQpKlpAwXbhQW3fo7RQB8c/s9/s9eM/hN8efj18UfEV7p9zpXxR1LTbzTIrWSV7iGOzW5EguVkiR FY+cu3Y7g4OSOM/Y1FFAH5heCv2Kvil4c/ZP+OPwJvtV0Z9e+JniDVtW02eOe5NnFBfparGtw5tx IrgwNuCRuBkYJ5x9Jah8DPFl1+xSv7OEd3YjxKPAsPhj7QZJfsP22PTlszJv8oy+T5gyG8rdt52Z 4r6rooA8W/Zy+HGt/CH4E+Bfhh4lnt7nVfDGk21jcy2jO9u8sK7WMbSJG5XPQsin2FfMf7VP7OXx 68ZfHD4cftE/s6axoVn4n8D2t9YPa+IBOLWWG8R03A26OzELK4K/Lj5SGJGK/QWigD4v+FH7PXxA 8Hftc/Ff9oXxJeaZJo/xA0zRbW2trSWZ7mKewtLeCcyLJCiBC8TGMrIxKkEhTkBND/Zs8UW37Z3j 39oHW7jTrrwf4v8ACkPh9LISTG981Wt/MMsZiEYiZYmGVlLcj5Rzj7RooA/J/wAF/s1/tz/sw6Zr Pwv/AGZPFXhHXPh5fXc9xpP/AAk63i6ho32li7onkK0bqCc5beGbL+Wu5lP2N+yj8CfE/wAAvhk/ hzx34yvfHPijVbyXUdS1G7mlljE8wA8q2WVmKRIB7FmLMQMhV+mqKAPjn9tD9nrxn+0Z4R8B6B4J vdPsbjwv4w0zxBctqEksaPaWUVwkiRmGKUmUmVdoYKpAOWHGdn9rz9mZf2mvh3YaLpOtt4Y8W+GN Qh1jQdVVS32W+t87d4Ug7GzyRyrBXAbbtP1bRQB+VviX4Df8FCvjy2g+BPjd498M+D/Buk3UFxqN 94Nkv4dX1TyO26RUWPfkk7diq+G8tgAo9X+P/wCzB8VLj4xeHf2mP2Xtd03RfH+i6d/Y19Y64J30 3V9NB3LHM8W6UOpxz1bCHehQE/fdFAH4ieF9B+Pum/8ABT/4X63+0VrOkah4j1rwzqksFnoSTLp2 m2kcF2iQRNcfvHJYO7s2fmbAYgDHt7fsy/ti/BP40/Ejxl+y54k8Jz+F/irqT6te2viZLvzdPvp2 eSWSEWyEN80jbSWII2q0fy7j9/ar8G/hvrfxU0X416no4m8aeHbObT7C/wDPnXybWff5kfkrIIW3 eY3LIWGeCMCvTqAPzN/Zv/YU8V+AfDnx28G/HTxHaeMLL4xypJNfWZkiu5HljnN1PLG0apFIZp98 YRpAMZJHSuF0P9n7/go98Nvho37O3w98d+Db3wbDFJYad4hvFvoNdsdOfKhFSNXiV40OIseYUwAJ Bhdv62UUAfmp41/Yx+NGhfC/4VWnwN+Kt4vj/wCF081y91rt1dPp+ttdMHnS7jVpSEUgpCu19sRK E5O8U/C37Mn7Tnxc/aB8B/Hj9q7U/CthF8NVnfStM8LR3Jee4mAG65mufmCBgHCh3HG0Ku5if03o oA/PD4d/s5/tD/CL9r7x18UfBmseHr34YfE++gv9atrz7QurQtbwyhFtgkZiyJZScs+GTghSK+7v F3h+Lxb4T1rwrPKYI9ZsrmyaQDcUW4iaMsBkZwGzjNdDRQB+S/ww/YW+NWofsxeJP2Q/j7rmgTeD 7RQ/hXU9GFzJqFrd/a5bszXMcyRI6bpANgbO0sm7kMLWv/s+/wDBRD4qfDpP2e/ih488HWXgqVIb PU9f02O9l17UbBGG6NklRIQ7oMSEBN3QswL7v1eooA4z4d+A/Dvwu8CaB8OfCUTQ6P4bsoLC1Vzu fyoECBnbA3O2NzNgZYk18W/tU/s5fHrxl8cPhx+0T+zprGhWfifwPa31g9r4gE4tZYbxHTcDbo7M Qsrgr8uPlIYkYr9BaKAPi/4Ufs9fEDwd+1z8V/2hfEl5pkmj/EDTNFtba2tJZnuYp7C0t4JzIskK IELxMYysjEqQSFOQMsfsq63q/wC1r8TPjH4tm0+88CfEDwYPCz2KSzC+PmCBJ/MXyljWNkjcBllL cj5R2+5KKAPyY8H/ALO3/BQn4A+Crv4GfA3xr4P1jwMHnTR9U1xLyLWNKt7hi5VVhR4SUZ2KZEoz yAq4Qfc/7MnwU1P4BfCPTPh/r3ii+8ZawjyXV/qd9NLK0tzNjcIhK7skSABUXPYsfmY19AUUAfDn x8/Zo8e/HP8AaX+EPjnVb/TU+GHw0kk1OaweWb7fdatuLxN5QhMLRI0UHLS5x5g288/ZniDQtK8U 6DqXhnXbdbvTdXtprO6hb7ssFwhjkQ+zKxBrXooA/IjwN/wTg8aXX7NOtfs3fFfxTaCHQfEEuueB 9a0mWaS705nD4W5ilhgAUsxdkjdstIxDgqjV0sHw7/4KxQ6N/wAIEfiJ4Ge18nyR4iaG5OphAuzd t+zeWZsc7jGeed+a/VKigD4J0D4KH9in9jHxb4c+Gniu3s/EOm2d7rM/iDWFAt31R0XzLiSPZMAu I1RE2uThQdzEk/RX7N3iPxv4x+Afw/8AF3xJbf4m1vRbK+v2MSwEy3MQlyY0CqhwwyoAweMV7LdW tte28lnewpcQTKUeORQ6Op4IZTwQe4NT0Afnf+2R+zT8ffi58WPhR8XfgHq/h7S9W+G51CQf29Jc iNpbrygm1Le3n3qAjbtxXGRjPOPL/GX7OP8AwUd+Omh3Pw9+MPxb8J+HPCGrr5OpJ4as7iW5uLZv vxZnggba44YCVQRwcrlT+sFFAHxj8V/2UrW8/Yx1X9lL4MNbaYh02CxsJNSkdYi6XMdxLLcSQxSN vlYO7FYzl26AdPoP4L+DdT+HPwd8CfD3W5YZ9R8L6Dpel3MluzNC81laxwSNGzqjFCyEqWVSRjIB 4r0uigDyX47fB7w58ffhH4m+EPit3h07xJbeSZoxl4Jo3WWCZRwCYpkRwp4O3B4Jr89W/Z8/4KMX /wAK2/Zp1Hx94Mj8FfY/7JbxJHFfNr0mk48nyTEVEPmGH5GOd2P+WxbLn9ZKKAPze+Nn7DN/rXwX +C/wX+C17ZWOmfC3xFY6rM+rSyo9xBB5rTspggkDTyyylyCqJknkcCv0hoooAK+LP2sv2ZPF3xj1 bwR8V/g74it/CvxP+G11JPpN1eI72VxDcACa2uQgZgjAfeCPwXXbh8r9p0UAfmt4W/Zx/ak+L3xy 8G/F/wDa313w5baV8N5JbrRdC8LLcmGW+kCjz7iS6G4BSiuBufJAGEBbdy/hD9mL9sX9l7VPEvhP 9lDxF4S1L4b+I7+W/s7DxSt6LjRJbjh1gNsCJI1AUDcxzgHywS7N+qNFAH55/DL9hGDw/wDAX4o/ D74geKH13xz8Zxc3HiPXkjwn2yXzDCYYjtJjgeQuFJUsS33FIVfnq4/ZO/4KC+KPgNJ+y14n8deD LLwPpmmHT7W/tEvX1O+gtY/9BtJ2aIJFAGSOOV0TzFjBx5vIb9kaKAPzVtv2N/ibDqX7Jl42qaOU +A9pcwa4BNcZuXmt7aJTZf6P84DQtnzfK4I46gafxJ/Zv/aG+H37QOu/tEfsjaxoS3Pjq3gg8S6D 4m+0CxuJ7VdkN1C1qN4ZV6jcuCXOWDlR+i9FAH5v/svfssftB/Df9pbxx+0P8dPFWi+JL7xxo8dr MNM+0Rm3uVlhKwxxyxKv2aKKEJG2/ecDcmck/VH7T3wu1/41fAHxv8K/C1xa2ureJdPa1tpb13S3 RyytmRo0kcLx/CjH2r3iigD8hLH9mH/goXZ/Bez/AGWB4/8ABw8ByWEWmXGurFfHW7fTnQJPZRJt ELoqloo2O1miAy8ZOF9y+MP7Cdlr/wAGPhj4L+C/iA+E/GHwXkjufDOrTqZEM42tOLlVz8tzKiyO QrYYfcZSVP6E0UAfl7f/AAE/bu+PHi3wpaftDeNvD3hDwT4XvY725g8EzahBe6tJDwFlkl2lEcZB wwC7iRGW2lf1CoooA/KjQP2Zv2yf2fvjF8T/ABP+zfqngvWPDXxS1WTV5j4oF8t3Y3EskspGbVcu qGZgCXfcACVU7i3ffslfsmfGv4D/AB4+I/xR+Jfi/TPGVt8Q7O2lubyFZbe9/tONw8i/ZjH5K24L yLGVmztVP3a5IX9GaKACiiigAooooAKKKKACiiigAooooA//1f38ooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACvxc/Zj+Bnw4/bl8WfGD4/ftHWcvjCSHxTf+GtF0+4uJ4INL02xWOSNYkg kjKuVnUZPIZS/wB92Y/tHX5gSfsz/tYfs/fEfx14i/ZB17wvdeEviJfPql1o3ihbtTpuoz582a1e 2BDKTz8xA2hUKNsDUAfLX7Y37OOq/sw/sKeIvh8PGU/inw3L4ysbvRLa5gMcmk2crvi0Eplk81Rg NkLGNxYhfmNfUHjydLX/AIKy+CLqQErD8MbhyFGSQt7fk4Hc1wPi3/gnV8VfEH7Nfi3wZc+LtM1r 4q/EXxPa+Jde1O7ae303fAznyLfyoJJNqeYxUmJcliMIoAH154g/Z68Z6r+3J4a/aZt73T18L6N4 Qk8PzWzySi/a6e4uZg6RiIxGLbMoyZQ2Qfl6EgH4t/A7xZ8LPjlD4t+M/wC078EPiP8AGjxR4s1G 5WC90TS7i90jTrFceXaWckd3DtaIlgRg7AFC4O4t7V4F1H4m6f8AsJ/tOfDbxZ4f8U6J4O8MxiTw j/wlthNZ340q8kfbakyfI/2cQqWEbMEMnZWUD6s8Nfsxftifsu6x4p0H9kjxB4T1T4eeJr6XULXS /FK3iz6NcXHDi3a2BDxqqqAWY5wMx7tzN1mj/safF6H9lf4p/DTxj4//AOEv+JfxTEs91e39xcjS bSd33LDbqUd44gSxLJCu4kDYFVQAD5F1D9hj4JP/AME7z8bdWs7u/wDiS3gy38VLr819ctcpMlml 3DAqmTyhFHEFgVdnCgEEMAw5/wDai8L+Hvit+yr+yZ8VvH1kNY8Wa9qnhjQr/UJpJPOudPuIJ3mi kIYAmV13s+N5bPzV+q+ofAzxZdfsUr+zhHd2I8SjwLD4Y+0GSX7D9tj05bMyb/KMvk+YMhvK3bed meK+c/ir+xd8U/F/7HXwn+C/hnXdKsfHvwru9J1KG4laZ9NuLrTYZYigk8rzQp83crGLkqFIAJIA P0L8DeBvCnw18JaZ4F8D6cmk6Fo8Xk2lrGzssUeS20FyzHkk8k1+Pv7TT/snr+1nrupftAajrnxq 11NPtrfS/Amh6ZcXKaEuxC7M0Vykckk3D7TtKl8spzGV/W34VL8T0+H+jr8Zm0tvGYjf+0ToxlOn l/MbYYfPCyY8vbuyOGzjIwT+fN9+zR+1p8G/2jviN8ZP2ZtS8I6tpXxTkhnvrbxV9sWazni3EeW1 quWjDuxGH5UhSmUVqAPn7/gnpe2Ph39sX4yeAvAnhbXPh14IvtBttXt/DGvK8d1Zz7rZVkeKR5GQ uJnZQWJ2MqkkKK+kP+CRn/JmWj/9hfVP/R1Xf2cP2Sv2gPhb+1T4m/aI+KvjHR/GB8c6EbTVWtkn tZ7e+86Bo4raAxNG1rDFbrEjtKrkclARz5p8Nv2UP25v2fNO8QfBb4E+OvCcHw01q/ubqy1PUobt 9a0mK6wr+REi+S0qgZXezIWG7Me4igD4+8D+CPCPjP8A4JZfF3WfEFgmoXHhnxZq+paZKWcfZ7r/ AEWESrsYBj5cjLhsjB6ZxXX/ALUPwd8H+C/+Cef7P2i/DSxHh258aeKPCepXk8Ekpd9U1DQ50kut zsxVyQp+UgDHAFfZnwg/YT8aeB/2KPiJ+yv4j1/T31LxVeajPY39qZpYEjmWD7MZw8cTBt0I8wKG Cg/KzVyOsfsi/tZfEX9nL4b/AAc+I+r+Ehqnw08WaHf2VxZzXqxS6Ho9lJahJGNsS10WcEYRUZep UjkA8S/bY/ZK+Dv7I/ww8D/HD4DWl74e8b+GPEemQtqn2+5mnvlmEnmtcCR2TfIwyxRVBBZNuw7R +69fHP7cn7PXjP8AaZ+C9v8ADnwJe6fYalFrNjqJk1KSWKDyrXfvAaGKZtx3DA249SK+xqAPxFT9 nfwF+0V/wU8+O2h/FOO41PwvoenaBfSaSlzNb295ef2XZxW7z+S6MwhV5SoyOW67Sytx37N/7H3w q8V/tVfHL4EeLlvtX+F3w1vra+0nw3Lf3S2KXmrxZE7hJQ7vDDGYlZmJIOWya/SX4a/s9eM/B37Y 3xf/AGhdTvdPl8O/EDT9ItbC3hkla9ifT7WCCUzo0SxqpaJiuyRyQRkA5APgn+z14z+G/wC018cP jPrl7p8+ifEt9JbTYbaSVrqIWMLxyfaFeJEXJYbdjvkdcUAfld4Z8eeIf2UPg1+2n4M+Fd9cWWne BfEOn2fh5WkeVtOGtXL2kjxuxLK8cQUq5Od6KxyTz5tD4D+BF38BYtO0j9nf4xS/FaWwW+g8ZR6J ctK+uMnmrdCVbwg27TdMRlvL+YfvPnr9RtE/Ye1DW9R/ac0n4oX9lJ4b+Ol9aXOnmwklkurMWpmk jlmSSKNBJHK8ciqrupKkMcdfLh8Bf+ClVn8L4/2ctP8AH3g1PCUNuNMj8UKL+LX00tR5aptVfLWU RDaCMtj/AJbbvnoA+YP2nvDF38Vf2Yf2Yfib8d/DFzbfEjUfFGleF9YfUorizvpLBJb2ORJoZChU 3BiWYttDHduUhSK9L/ao/Zy8AeIv2yP2af2dtEt5tA8Gvo2sW7W1jcSxP9ggSe5nthKWMgWdEeJ/ myVdhmvq39of9jPxp44/Zn+H/wAI/hj4sE/ir4a6tp+s2epeIJJpvt9zZpMshuJAJXXe8xdRhgu0 R8L8wt2f7PH7QXi79ob4E/tB/FO/8OLqPw/0vWrTxBBpkt0Flnv4bqG3NkksGGULLGZPMdCCG27g BkA+afEnwM+Hv7I/7e3wA/4UFaT+F9L+IkWsadrGnx3U81tcR2sClCwneRj80itjdjfGrABsks+A 3wb8Fftu/Hz44/FX9oy2l8VWXg7xHc+GNA0a4nlitdPtbRmUv5cLp87qEz2372O5iCv218c/2evG fxN/aS+Bnxi0G90+30b4ZT6tLqUNzJKt1ML6KJI/sypE6MQUO7e6YGMZrxfW/wBmb9pr4KfG3xt8 XP2Qtc8OT6R8Sbj7drXh7xSt0LePUSSz3NtJa5Yl3d3YFkxuK4cBNoB8d3XjXxH+wx8Rf2lPgf8A CnU7pvCWl+DV8U+HLWd2uzot7czW1qRF5hbCK92XO4HIRC+TuLehab/wT9+CWq/sPL8TJ4rmT4n6 p4UbxU/iY3tx9rbULmzN6ysfM8toTuMTZXLKSxO87q+nPhP+w/qdy3xT8cftO+IIfF3jz4v2Emj6 nLpatBZWGmMiqtvZeYgfK7EIdl48tPlJDM/jkP7MX/BQXT/hDffsraX498If8K7FpNplrr80V7/b o0llKJZmNV8lQY/3RPzFIyQshIUUAfTP/BN//kyX4W/9eV3/AOl1xX29Xzp+yX8IvEnwG/Z38F/C Txfc2l5rHh23miuJbF5JLZmkuZZh5bSxxORtcA5Rec/WvougAooooAKKKKACiiigAooooAKKKKAC iiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKK KKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooo oAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAP/9b9/KKKKACiiigAooooAKKKKACiiigAoooo AKK+F/2y/wBr3V/2dpPCXw++Gvhg+M/iZ8QZ2t9G09mK26bXRPMn2lWYMzhVUMoOGZnULz80eKfi 7/wVe+FXhy/+J3jDwH4M1/Q7CI3d9pmntK11a20Y3SlNlzliqg52tMR1AIFAH6/0V4F+zL+0F4Y/ ac+D2jfFvwvbvYJf+ZDd2UrB5LO8gO2WEuAAwBwyNgbkZWKqSVHvtABRRRQAUUUUAFFFFABRRRQA UUUUAFFUNV1CLSdMvNVnUvHZwyTMq/eKxqWIGcDOBXy3+yj+0pf/ALUvwX1D4t6ZoK6Ix1C/s7Gy abz2K2wXyjK+EG5y3zAYA6ZOMkA+s6K+dv2YPEv7Qniv4YjVf2mfDdl4V8ZfbZ4/sdiVMP2RQvlP 8txcjcxLZ/edug7/AETQAUUUUAFFFFABRVLUtRstH0661bU5lt7OyieeaRvupHEpZ2PsACTX5afD z9ov9tP4q/slP8cvhR4X0vxL4r1/xTdJpGnXEKwwxeHYS8O591zbh5UnjZd3mcj+E9aAP1YoqC2a d7aJ7pQkzIpdR0DEcgde/vXxZ+35+0X46/Zf+Ay/E34eW1hd6sdWtLHZqMUk0HlTrKWO2KWJt3yD B3Y68UAfbVFZ+k3cl/pVnfTACS4hjkYL0BdQTjOeOa0KACiiigAooooAKKKKACiiigAooprusal3 IVVGSTwAB3NADqK/H3wv+1j+2Z+1x4s8U3P7Huh+G9C+Hnhe7ayj1nxJ57PqEyfNhPK3bS6FX2CL 5FZd8gLAV7n+yP8AtefEb4lfFDxd+zZ+0T4WtvCvxS8Gwfa3+wMxsr203IDJGHeQqQJonXEjCRH3 ALtIoA/Q+iiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiii gAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKA CiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD//1/38ooooAKKKKACiiigA ryT46/GHw98BfhVr/wAVfE0T3FnokKstvGcPcTyusUMKnBxvkZQWwQoyxGBXrdfPH7VXwQk/aH+B fiT4XWl2lhqF+kU9lPLny0urWRZohJgEhHK7GIBIViQCQBXVgY0nXgqz9y6v6X1NKKjzrn26n436 J/wWB+McfjBL3xF4Q0Sfwy8v7yzthcR3iQ5/guXldDIB1Ji2tjgLnI/fPwb4s0Xx54S0Xxt4blM+ la/ZwX1q7DazQ3MYkQsp5U7WGQeQeK/l40T/AIJy/tb6t4wTwndeDDpkfm7JdRubmD7DGmcGXzI3 cuuBnCKz/wCzX9N3ws8BWPws+G3hj4cabM1zb+GtOtrBZmG1pTbxhDIQMgFyCxA6E19nxnhsupxp /Umubryu6t5nq5rToJR9la/kd7RRRXwR4x+en7cn7KXxF+NWoeCfjH8B9ch0L4nfDWaSbTvtAUQ3 cbuj+WzsrqrIyEoHUxuHZXwDkfLd/wDt4/tpfAmyltv2sv2fG1DQ4VMV3q2jl0thE3ylpJEN5asW H8JkiB9ulekftyal+0j8Bvj34F/ao+GUeseLvh9pNobHXvDdrc3BtVb98pnkt03ookjlG2byyEki Uv8AeUHO1v8A4LE/s03fhadNE8L+I9Z167jeCLRZ7KGPzZmG0RSyCaVQjE7SVV2x/AelAG74x/ay +CPwr/YK1r42/sh6TYaDb312un2VjFZxWn2PWbopHK1zAgKGeGEeaM7lcKnLIRXC+CP+CcHi74g/ CzT/AImePvjX4xg+L2v2Kail9DqLCzsbi5QSpAYseaypuCuUmTkfIFAAPgvw1/YZ+MWvf8E6/iDo Wp6K2keMPFWtReKNJ0GRDFLHFZKqrCY2OY5p4/NCI3I/dhsEnH0L4A/4KufB3wh8HNP0H4k6PrVh 8UvDllFpt14e+wSrJcahbIIvkkb5Y1kcAkSYdMkbWIG4AxvhP+0p8Uvin+wB8d9M+I+oSj4hfC6y 1bSbnUYZPLuJfLgYwzM8W3EqlXjLry2wOSWLV5N8Cf2Q/iR+0V+yjZfHX4nfGTxXH4iTTLqXwzaW d+Y7Oxi07zIrdp1KlpJJGiLO6OjlWBZi+TXXfCD4J/Eb4b/8E+v2i/iR8WLE6T4k+KdjquttYsCs sFs1u7R+ajfNG7vJI2wklVK7sNuUfa37FI/418eCh/1Ll9/6HcUAfAv7JXwO+KX7fnwSTx38fvi/ 4nt9P0J20PRLTSrpLcMbJEY3l8WR/tMpZwu5sSHZkyc8df8Asr/tTfEb4R/sW/G/WvHWqS+LNW+D erz6TpdzeyNIztM0dtaxyO7F2jS4bcASSEOwHAGPfP8AgkB/yZ1a/wDYd1P+cdfIH7OXwc1X49/s 3/tffCvQdn9rat4tnkshIdqvdWU4u4Yyxxt8x4gm48Ddk8UAcb8MvC3wG+Mnw+t/ir+0h+1rqOm/ FTxDG96iWmuRW0OjvLkxRG2K53KMGSONoVX/AFaBdu8/oD/wTM/aM8ZfGTwT41+HXxC16Pxbrfwx 1NLBNcjcSDUrCcyrbTF8ZkOYJMSnl0KlstuY/B3wX/aC/YO+GXwms/Af7UXwTs9I+KPg23XTtQtL jwxBNdahJbjYk3mSIMSyKAZDMyZfLAsCDX6I/wDBOtfE+veCfFHxK1z4SeHPhLpfiS9QaNa6NpZ0 29utPgMhSW9y580DzNsLbI84dwu11NAH1t+0F8VI/gh8E/GnxYaBLqTwzpk91BDISEluQu2CNiOQ rysqkjkA8V+Uv7Pn7GHjL9rP4WWP7RP7Q3xc8Wr4q8ZLJfaZFpN8tra6bAWZYCsRR1+YAOEi8tVR tv3ssP1M/aT+Ft18bPgL46+FenypDe+ItLnt7V5f9WtyBvgLkchfMVcnsOcGvyz/AGYv+ChPw4/Z u+C9h8Bv2nNJ1nwh45+HcL2H2M2EkhvYI2ZoDERwrbCFy5WNsB1cq3ABt/s7/Gj4x6T4I/aX/ZZ+ L3iGbxB4l+Eei6pJpeuNIwu57L7LMqMz58wlCI5EdmaQeZtLfKteU/sWfsh+Lf2sf2ftN+JPx3+K ni02Ltd2nhuz0/UjEltDbXEqyXUxkWTzZWufMC5wQigFiCoTsf2efA3xF8beGf2pf2zfiBoknhq0 +J/h7V4tDsbgEXJsEtpm8yRSMhdkcKI3HmEOwATYW89/YJ/4KG/Cn4Afs16X8M/jfZ6po76M99ca Jcw2Mk8Oq2c91LK4hcYXzI7lpYyWIj4A37gwAB6t+z1J8QviZ4M/aA/Yc+O3jbV768+GU8T6frtl dGDVLiwjkeRUM8glYx5iiJD7m2TNHuwq4zP+CTvwf0yx+AesfHeDxDrX9qTprOlDTDeD+yI0XypB OlsEDC4ygHmb+hPFekfsG/D74h/EbxP8c/2tPGmhzeHf+FtNJbaDY3KlJjYjeRIwbB2EeSiNwHKO wG0qT5X/AMEuPjp4S0X4UeI/2T/EFrf6V8QdLfXNQktrm3McflIkauhYncsqNkMjKCMGgDmvgB+1 F45+C3/BLzxJ8Wjqk+r+LpPEF1pel3GoyvdMlxdGFFcmUtu8mPzJVU5UsoBGCa9g8Ef8E4PF3xB+ Fmn/ABM8ffGvxjB8XtfsU1FL6HUWFnY3FyglSAxY81lTcFcpMnI+QKAAfm39n34GeJP2gf8Agk94 l8FeDYftXiCy8SXeqWFv3uJbPyWaFD/fkiLqnYsQDgHI+nfAH/BVz4O+EPg5p+g/EnR9asPil4cs otNuvD32CVZLjULZBF8kjfLGsjgEiTDpkjaxA3AHlemftN/Fj4l/8E4PjZp/j/VJ4fiJ8MLuLRrr U7eUw3Myi9gEcrPFsIkH7yJmH3wm4kszVp/Cv9h3x/8AtC/s1+H/AIz/ABJ+M3i3/hO9T0SK80OK 1vRHp1hDHBtskaHbvdnjVGldHjZmYklmy7eeaX8E/iN8N/8Agmx8f/iR8WLE6T4k+Kd5ba21iwKy wWzXsDR+ajfNG7vJI2wklVK7sNuUfrp+yV/yaF8Jv+xO0j/0ijoA/Mz4cftO/tC+Jv8AglT4t+JG jald6l458LXcmj/2suZb5bBZrcyXRYAs0sNvOy+b95Qvms25Sx8D+HHw6+B/xP8Ahvo/ib4DftQ6 3ofx8eG0mmi8Sa3Jp0E+oFkaeAq8QkdQd/l+XJODxu3gnHqf7DfjL40/D3/gmx4w8Z/AbQ7PxJ4n 0rxReytYXlvLdCaz+z2guDFDDLEzyIh3hcnIUgKxIFeM/G74tf8ABOj45fBS6v8ASPh/NoXxy1Gx EdvpuhabcWbx62ygEMIdtrND52d24NKydFEh4AP1J/bS+IPj/wCFH7BGrweO7u2vfiDr+l2fhqeX Tixgu9R1ELb3T2+Y4mG+LzpFGxcHgCvnT9vfw3rv7Of/AATr+H/gPwhqdzot94dvdE0+e4sZ3t5J JRazm5O+JlOJJtzkZwTXAaR4Z+JHizW/2MP2TviuZ5da8PJceNfEVvdEtJDa6fJM2lwzgknKxo1u wPQnHHNe/wD/AAWR/wCTR7T/ALGbTv8A0Rc0AZf7aXjf4qfE745fB79ij4Y+KbjwfF44sG1XXtRs nZLs2MaykoHUqwXy7acldwEjFFY7cg/GH/BRP9jjVP2avgjY618OviD4j13wTqGp21tq2j67eLeI t3ske3vISqRqnIZXAXdlx823IH1v+2foPjH4GftD/CH9u/Q9Fn8Q+GfCWmpoviK2tF3z29rKlwn2 jbwCDHduAxYKrogYgNmvlv8A4KNft1fDn9pH4IW3gD4GWmpaxpdvqFpqGt6pNZS29tZqodLe2JcD 95JK2cn5cJhSxJ2gH0x+3z+0L4n0nxd8J/2W/DfjpPhhpvjGwg1DxF4jMvkvbaaxaJUSQFWTd5Mp O1lLtsTcFLZ+Vfi1qHwj/ZX0XT/jP+x7+0teeKPEukXcH9p6BqesxalFq9vM6pIfJjSMEgnLhlYh MujIyAn6J/b9+Ft94X+K/wAHv2udQ8DJ8RfA/hrS4dJ8T6S1qt4qWa+ayzyQuGQgLcyFHYBUkSPc RkEeU/En9or9jbxraaP4I/Yu/Z+8PePPiNrtxAsVvfeFIltLWEt+984DynLDhSwcRICXaTC4IB9v /tNp8Zv2hvAvwo134e+N4fhZ8JfEtpa6x4p1kamljfR2t7FFNDDHK2zgIWBw4Duy7lKqQfzE/aWb 4IfssDQviX+x/wDtE6r4i8cWmpRLeac+tJq8F3bbWLySvbIsRAYKrpIWVw3ABHPtX7fuiR+D/jN+ z5D+0PoUjfAfQ9EtrXUrHw9HLb6VBqsYlSeOGNH3RxqBb+Wm4OYFZUbcGNfPP7aHxB/Zf8c/BN/D 37GnwrWPQNDv7W98QeLINGe0itk5gt7VrmaMTs00swJ3sB8oADbiVAPtX/gpB8Vdeh+JPwY8HePP FGt+Afgt4otmu9d1LQfME8k5yTCzRqxZY18s7cPw7P5bsiitL9nP4R22hfG7wn4w/Yq/aBi8afDo hv8AhKPDuu601zdrbFgC0FqlvuV8MWQyRxMrqAZCrsB2H7TP7S2rfDmP4Raj8QPAeleOv2a/GOi2 M2q3smmtqFxBczQny2+eQwKoV4ZI90QZx5iq24DHwvqmjfs6fFP9qf4RXv8AwTk0XVLDXNP1eK+8 QXtrDeW+l2tkk0RZ5EuWBRVTzFkRAkcit5YDs4FAH9K1FFfLP7SH7WHgz9mfVvAekeLNI1DVJfH+ oPp1o1iIisMiNCpaXzZEO3My42gng8dKAPqaivE/2iPjl4d/Zv8AhHrXxh8VWF1qemaI1qstvZCM zubq4jtl2+YyLw0gJy3QHHNbfhD4q6N4y+DWlfGqxtLiDStW0SLXY7eQJ9oWCW3FwI2AYpv2nHDY z3xzQB6jUU8EN1DJbXMaywyqUdHAZWVhggg8EEcEGvnT9lr9pjwn+1b8Np/ib4N0u+0iwg1CfTjD qAiExkgjjkZh5Tuu0iUAc5yDxX0hQB8yfFLxx8FP2Jfghrvjqy8O2Xh7QLCTzY9L0e2hs1vNQucI kcccaqgeQqNzY+VFLHha+RP2GPhF8WvHfxa8Vft2/Hqzj0TW/H9ilnomjIpBtNLPlFJXDcqWjhjV M/MwLuwG8Cuz/wCCn+sfBDS/gX4dj+Pln4gvvD03iS1MUXh2W2iuGuo7W6ZBMboFDDs35AG7dtIO Aa/Ry2eOS2ieJdiMilVxjAI4GB6UAT0UUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRR QAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFA BRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAf /9D9/KKKKACiiigAooooAKKKKACiiigAooooAKzV0bR11A6stjAL5uDOIl808Y5fG7p71pUUAFUp dM02e7j1Ca0ikuoRhJWjUyIPRWIyPwq7RQAUUV4J+0n+0R4J/Zf+F118VPHcNzd2UNzb2kNrZhDc 3M9w2AkQkdEJVA8hyw+VGxk4FAHvdFeU/BD4w+E/j58LPD/xb8E+Yuk+IIWljjnCiaF43aKWKQIz KHjkRlOCRxkHGK9WoApXOmabezQ3N5aRTy25zG8kasyH1UkEj8Ku14D8P/2hvCvxF+NHxF+CGk6d e2+r/DX7B9uuJxGLaf7fGZU8gq7OdoGG3KvPTNe56heR6dYXOoTAtHaxPKwXqQiliBnvxQBbqld6 Zpt+8Ul9aRXLwHdGZI1co3qpIOD9K8a/Zz+PXhr9pX4UaZ8XfCNhd6ZpmqS3MUcF8IxOptZmhYsI ndcEqSMN0p/xe+OOk/B/XPAWhaloWp6xJ4+1u30OCTT4lkjs5Lh1QT3RZl2QruyxAJwDxQB1Xxg8 Par4u+EnjbwpoUYm1LWtD1KytUZggee5tpI41LMQACzAZJwO9fO37C3wS8V/Br9lrwf8L/ixpNvB r+iz6jLLBviu0jM99PNEyyIXTJRwcg5Gcda93tPjV8PtQ+M178BLG9efxhpmk/21d26xOI4LRpYo k3SkBS7mVSFXJwCWxxn1egAqFbe3SZrlYlErgBnCjcQOgJ6mvLvhJ8avh98cNM1zWvhxevqOn+H9 WuNFnnaJ4ke7tUjeXyw4DMi+aFDYAJBxkYJ9XoAKpS6Zps93HqE1pFJdQjCStGpkQeisRkfhV2vK PHXxq+H3w78a+Cvh34lvXj8QfEG6ntdItY4ncym2QPM7MBsRIwy5LNklgFB5wAer0V4Bpf7Q/hXV f2ktX/Zjg069TxBo2gL4glvGEf2Nrd5oYRGpDmTzMzKeUAwDz0r3+gAqhHpemQ3smpRWkKXko2vM saiRh6FwMkfjXj/wJ+OOk/HjQ/EOu6RoWp6BH4e1u70OSPVIlhkmktEidp4grNmF/NAUkgkg8V7f QBSOm6cdQGrG1iN8I/KE+xfNEec7N+N23POM4q7RRQAhAYFWGQeCDVazsbHTofs+n28dtFktsiQI uT1OFAGT3rwv4f8A7Q3hX4i/Gj4i/BDSdOvbfV/hr9g+3XE4jFtP9vjMqeQVdnO0DDblXnpmvfqA CqVrpmm2Mks1laRW8k53SNHGqFz6sQBk/WrtFAENxbW95A9tdxJPDIMMjqGVh6EHg0ltbW1nAlta RJBDGMKiKFVR6ADgVPRQAySOOVGilUOjghlYZBB6gg1WsdPsNMtxaabbRWkAJIjhRY0BPU4UAVco oAKKKKACiiigAoryj4SfGr4ffHDTNc1r4cXr6jp/h/VrjRZ52ieJHu7VI3l8sOAzIvmhQ2ACQcZG CfV6ACivBvgn8e9C+O974zuPBunT/wDCOeFdVbR7bWHZTb6pcQLm6a2UcmKJyEEn3Xzlehr3mgAo oooAKK5Hx74j1Pwh4K1vxVo+jTeIbzSLSa7j063dUnujCpcxRFsjewBCg9Tgd6wfg58WPCPxx+Gm gfFPwNcefpGv26zIGx5kMgJWWCUAkCSKQMjjONwOCRgkA9MooooAKKKKACiiigAooooAKKKKACii igAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKK ACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooA KKKKAP/R/fyiiigAooooAKKKKACiiigAooooAKKKKAPnH47fHhvhTLZ6Lo9lHfavex+f++LCKKHc VDMFwWLFWAAIxjJPQHO+Bf7Qc3xP1K48N+ILGKy1SOIzxPblvJlRSAw2uWKsM5+8QRnpjmt+0N8C tX+Jd3Y+JfC80Q1K0h+zSQzNsWWIMXUq2CAylmyDwQeoxzmfs+/ADXPh9rU/i7xdLEt75LQW9vC3 mbA+Nzu2MZwMADPBOTXalS9l5nzkp4367ZfB+Fv8z67oooriPowr8hv2ovGvhX4tft6fCb4FeJNb sdL8J/C1D4v11r25it4JL8BXsoG85lVmX90dvdJ34IBr9bdRvU03T7rUZIpZ0tYnlMcEbSyuEUsV jjQFnY4wqgZJ4HNfkB+yP+yBofx2j+In7QX7X/w6lfxT488RXFxZaZrkFxbT6fp8PESiJ/LdQSxQ bl5SJCDg0AXv+CfXjLw/8LPj58Zf2QNK1e11Pw/Z6hJ4k8KzWtwlxAbG62GaBJEZlJiR4cqp+8sp wOa3rLxL+0h+2P8AHf4m6N8MvibN8Jvh58KNSbQYX0+zhvbrU9UgZ1mlkaTb+7Vkzt3bSpQBSS7D h/2mf2Wrf9mP4n/CD9pD9kj4d3cj+HNXaz8QaR4ftrm9nudPukw8nkp5jAeUJombGAzx56VteFNd +IX7C/x0+KcepfDPxJ47+G/xV1V/Euj33hbTnvrizvbpmaWzubdinlnLBV3MCAoIDbmEYB59+yJ4 s8efCH48fte+NPjxdw634j8FaVp15qdzaotsl/HptrcPFMiAbY2uII0faBgM2AB0rqvAmg/t2/HH 4I3f7Utl8Xxoup69bXepaR4MTTYJdKfTlL+XaSysQ4aeNcLJguoKln3Ela/7OPw2+MHxx+Jv7V2o /GfwLqfw+h+LujWNpY/2jayCOOCe0ngtwsxCpLNbwtEZlQ5SQFWVGBUS/CT4+ftD/Av4IL+ytqvw M8Vaz8TfDNvPoujahp9l5vh67iLMlrdyXzMqxxRqy7jgghRuaMswQA95/wCCUH/Jkng//r81f/0u mrpv20fi18RPhn8QP2d9I8Da1JpNp4x8eabpOrRokbi7sZ5oVkhYyKxUMGIyuG54NN/4JmeDfF/g L9kDwr4Z8c6HfeHdYt7vVGlstRtpbS5jWS9lZC0Uyq4DKQRkcg5HFYn7dXgjxp4u+I/7M994T0DU NattB+Iel3uoy2VrLcpZWsc8LPPcNGrCKJQCS74UAHJoA+XvBPww+Kc//BVLxvawfFO9guLDQ7XW bmcafblrzSWvbSQaOyk4SIIyx+cP3mFB6k1+yHjTRta8ReEtY0Lw5rUnhzVL+1lgtdShiSeSzmdS EmWOT5HKHkK3BxzX5j+Lrn4g/BT/AIKS3nxTn+HfiHxT4R+IPhqw0CHUNFsnvIrO4a5tw8lyyAiN IhCWcMQ20hlBGa/V6gD+ej9kLx742/Zj/Zc+NP7Rlz4vm1vTNB1/VdKtvDU1rFHbXOt3EljFFqLz qfNzl8PEuF2BiCDzX01d/Dr/AIKB6X8FG/aQPxzafxjBpv8Ab8vhRtKtf7J+zLH9paxDD/loIvl3 BRlvlD/8ta+ffh38GPir4v8Agj8d/wBh7xF8P9d0PxDq2van4m0fX7mzddCuHt57SS3txeHEe648 hlVwSu1ic5Uivfrv9rD9oTWfgNN8Cbf9n3xpH8XZ9IOgyzvp2zQkkaL7K18L4vt8vrIoxs3fL5hX 5yAfoV+zJ8aYf2hvgP4P+MUdqtjL4htGa4t0OUiureV7e4VCSTsE0b7MnO3Gec1+af7dHw7+I2uf tvfs+roXxGu9CPiWfVItIMdlBL/YUltb24nlh3n9+bkkFhJwuOK/RT9kb4J337O37Ovgv4Q6tcx3 mpaJbzNeSwkmM3V5cSXUwQkAsqPKUUkAkAHA6V8mft76d8QPDPxr/Z6+PnhTwTrHjnR/h/qGr/2r a6JbNd3ka3sdusRESAnDBH+Y4UEBWYFlyAfO/jnwl8ddf/4KX6p4F+EfjdPDOuXfgCxttY8Ry2Ud 1cR2ML27zTQ25IjE006RLyQFDtgggV9Efs8+O/2g/hR+2BrH7Jfxn8c/8LK0e98NjxDpGrXFolre RBZxEY5PLJ3BsSBtzPyqlSoLLWj8LdC8a65/wUc174xXPhLWdH8Ma/8ADGySK7v7Ca3iju5rixmN nJIy+WLmNQweLduUq2Rwa3NT8EeNJP8AgqBpHxAj0DUG8LxfDtrJ9WFrKbBbr7bM3kG52+UJdpB2 bt2CDjFAHy/of7XX7Q2kfsSfHT4vW2ovr/irwv48v9E0+7mt4nGm6d/oSq/lIiq4h85ypdWG5gX3 KCK1vhB4o+PWs674K8W/AT9pzTPjil5d2/8AwknhnVktNPnSzdd1xLBG5FzEUAIRQikNhjuUMtRf Ajwp+1P8M/2TfjU/wx8HND4zn+IusahBpOv6bKv9qaRNBaJKbeGfyhKJAGKNyrhGRcsRXzf8VvAW kftGX/hO2/Zp/Zl8V/CH4rw6taz32uSac+h6Tpix7mlJZWWJiG2upMUUh2/LknYwB/RpX5QWXiX9 pD9sf47/ABN0b4ZfE2b4TfDz4Uak2gwvp9nDe3Wp6pAzrNLI0m392rJnbu2lSgCkl2H6uRhlRVdt 7AAE4xk+uK/Inw1rPxE/YR+PPxWtdV+GfiLx58OPilq8niPSL7wpYHUJrO9uWczWdxDuQLksFUlh wqlQ25hGAeafsmeMfHXwa+Of7X3jj49XcOt+IvBWl6bd6lc2qLbJqC6fbTmGVEA2xtcwpG20DAZ8 YHSvRPhT4P8A27/2lvhXD+0VF8cD4D1TxHHLfaB4cs9Mt5dMitgzCBLl5NzMJducsshVSGO4koOc /Z5+GXxj+O3xH/axvvjF4I1T4dp8XdFsbTT21C1kEcUU1pNDbbZSFjmlt4miMyqcpICrKjZUbXwP /aS+O37NvwbsP2ePHnwB8Y69498HQSabpVxo9gbvRNSijJNvI16jYjRVKq5RZOBuO0kooBQ/4eD/ ABY8UfspeFr7wvpVnafGvxX4uHw/AcL9kttUG0teLE28H5JYhsbKLI5JDIu1vXZfhd+3/wDBfxn4 N8YeHviXL8btM1K/ht/E+iXtpY6YkFtIMy3NpI8qBQgB2qhU7tuVdWZV+XR+w/8AH7wH+zB4M8fa VYRaz8XvCvjr/hYtzo0bqTIZhB5lkj5AaVRbxOyqSCd6IWO3d9G65+1P+01+0BrvhL4dfs8fDDxZ 8ML19Qt5vEuveKNIigtLGxjB+028IuUlSV2yCpwsh2gBBuJUA9Y/ZX+LXxE8e/tJ/tL+CfF2tSaj ongjWNKt9GtnSNVs4rhbsyKrIqswby0++W6cd88b4G+NfxR1T9oz9q/wZqGvyzaL4B0qwuNDtjHE FsZZbCSV2QhAzZcBvnLCvILPxR8T/wBjj9rz41+JtY+FHijx54P+Lc2n6hpt/wCGLE6gyXFtHJiG RQVVCXnkVgzBhsDKrK2ap/sxeF/jrrHxY/aq+IfxQ+H+qeE7rx7o1pPp1tPbyOkiy2k5htoZwoSa aKJo0lWPJSTKMqsNtAHlfwx1j9vn4z/sjXn7Uf8AwvBtAPhmx1O80zTLfSrVzqkekmYzy3k7AASS NG8aJ5bRgIpKgsTXSf8ACV/tx/F39lG6/bPg+L0fgx9I0y41Oy8NaZpcJtJ7bSt0dxLcTSl2MlwY pJAjK8ajaAAGwv0d+y74B8deH/8Agl83w/17w5qWm+KD4b8Wwf2Tc2k0N/51zc6g0Mf2Z1Eu+UOh RduWDAjORTfhn4B8d2H/AASrvPh3feHNSt/FTeCtetRpElnMmoG4mF15cItiol8x9y7U27jkYHIo A4n45/tw+PdL/Z3+A9z4R1LSvCfjn44wW4m1rUjHHpujRJHCL67PnEooWSZSnmBlC7uGYCvIfEH7 SnjD9lvxL4P8ZWn7T2iftAeFNY1ODTvEOiiXTmv7WO4yWvbMWk0jhI9p+UkIpKhgwbKS/Er9mX4n a3+y5+zF8R9K+H//AAlmv/CC0jOs+DtTtMT39hcrEbiBra4XJkTyQBEULfOWCkqFLb8aP8bPFvhT wL+zn+x7Y+DGkvY28Raz428FWdrZWVovEscQAAkcZJHzBztCqnzEqAewfFbx3+1R48/bz1n9mr4Q fEFfBvhuTwza6pdXL2MF7Jp8SMnmy2qSAZmld0i+dsKrlhhgKT4V+If2m/Bn7S/jT9i/x/8AFObx NFrXhKTW/D3ih7CFNQ06VnEKuYuVk2t5mVd2BKKQVDMo9W8J+CPGlt/wVA8afEC40DUIvC918PIb KHVWtZVsJLoXlkxgS5K+U0oVGOwNuwpOMA0X/gjxo/8AwVA074gJoGoN4XT4dtZNqwtZTYC6+2yN 5BudvlCXaQdm7dg5xigDwX/gkp4J8c2Xhrx54tvfHNze+H4vE2s6bJobWkKwyagos3bUjOD5gkZA U8ofIAc9a+3/ANuX4m6p8If2TfiT460OZrfUrfThZ2sqHDxTajNHZJIh/vRmbePcV8o/8E7rn4g/ CXxL8Rf2c/iD8O/EOkXEviXWdfttdlsnGizW8v2eJI1usbGd9hdCpKsvGcjFfTX7f/w/1L4mfsef E3wvo0Rnvk05NRiRQWdzpdxFfMqAclmWEqAOSTigDzTw94s0r9ib/gnJoXjKxsFuZ/DXhmxultn4 WbVtXaNj5mCDsN3c5fB3bM45FfEL/GH402/wmPx6H7ZPhWX4gJZf2wfBXnaQdPKbfPOmBBN5nn7P 3eQm8v8AJuz+8r7X1/wY37aP/BN/SvDfhK5iXVPEnhnS5LVnYeWup6WYneBn6KDcW7wsx+7kkjjF fDVp4g0fR/hNa/DU/sPS3HxutbRNNFxN4Ps5tDlu4wIft73gT542I8wjGwnjzdvz0AfR1v8AtdfE HXfiJ+yx8ZLfUZNP+G3xjt7nQtY0cLG1vBrqs8EbrKymQbrl9q/PykXIBJrnpP2x/icP+Ck8Xw2G pyD4QtqLeEvK8uLyTrS2IkJ37fM8wXbCPG7G3tnivR/2hv2d/iHq37AWkeGdP8O6dZfErwG9n4ls dM8LWAgtYdUguGmmis7WANl/LmlH7sHzJcsB82K+Xb39nP4zj9gS0+KUXhnUP+F1xePD8Rm05bGc 6l9vkvfs+z7Nt8//AFO2cx4yAM9eaAPvT9nX4r/EX4x/tUfHW7/tqR/hp4CuLXw3pdgI4/JfU4gP t03mBPMLJJEwwX27ZRxxmvMf2HryT4d/tJ/tKfs3W5ZNE0TXIPEOlQH7tvHrCGWaNB2QBodoHHU9 SSfbf+Cfnwl1/wCEn7MugW3jS1ns/Fvime68Qa0l1G0VwL3UZNwE0bgMkiwrErqwBDAggdK8V/Y2 hf4h/te/tPfHq0G/RptVsfDNjOOUnfSYRDcFG6FQIoSMZyGH4gH6gUUUUAFFFFABRRRQAUUUUAFF FFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUU UAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQ AUUUUAFFFFAH/9L9/KKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoor8h9N/aI/bz+MH x2+MPw5+A0PgiPSPhhrI08trcV5HO8UzzrAd0Mjh2xA287VHTA54AP14or8t9G/a+/aS+BvxR8Mf D39tnwbomlaD41ufsWm+KfD00v2CG6IwsVykzyEbmIBYmLapLbWVWK/p5f6hYaVaSahqlzFZ2sIy 8szrHGg9WZiAPxoAuUVm6TrOj69ZrqOh30Go2j/dmtpVmjP0ZCQfzrSoAKK/PbxH+038Z/gN+x9r nxv+PmjaJqPjnTLnyodO0i7C2UyT3UVtARIrzk7PN3yBSTgY+XOR9x+DPEUPizwppPiKGWGU6haw TP5DB41eSNWZQQT0Jxyc0AdNRXg3i3W/jXa/HnwLofheDSH+HF7a37a/JcSAamk6QyG1FqnmqWUy BN+I2wu7kdR67e+JvDemWk+oalq1paWtrIYppZZ44445B1R2ZgFb2PNAG5RUFrdWt9bx3dlMlxBK AySRsHRlPQhhwR9KnoAKK5uz8ZeD9R1V9B0/XLC61NAS1rFdRPOAOuY1YsMfSukoAKKz5tW0u2ea K5vIYntk82VXkVTHH/fYE8L7nimaRreja/ZjUdBv7fUrViQJraVJoyR1AZCR+tAGnRWJq/ibw54f eCPXtVtNNa5bbELmeOEyN6IHI3H2FX7rUdPso45ry6igjmYIjSOqhmbkBSSMk9gKALlFVLu/sbDy zfXMdv5zBE8x1Tc56KuSMk+gpbi+srR4Y7u4jhe4bZGHcKXc/wAKgnk+woAtUUVyWu+MNC0v7bpk ep2Y1qC1luI7N5k89giFgfK3ByvuB070AdbRXyL+w38c/GX7Rf7OGgfFjx/FZwazqdxfxSrYxtDA FtrmSFNqO8hB2qM/Mea+ndK8U+GdeuJ7TQ9Xs9RntTiaO2uI5njPo4RiV/GgDdoqvdXdrY20l5ez Jb28KlnkkYIiKOpZjgAe5qlpmvaHren/ANraNqNvf2PP7+3mSWL5eT86Erx35oA1aKrW15Z3lst5 Zzxz27gkSRsGQgcHDDjjFVhrOjmzXURfQG0dtqzeanlls4wGzgnPGM0AaVFZMWv6FPqsugwajbSa nAoeS1WZDOiHozRg7gD6kUy38R+HrvVp9BtdUtZtTtl3S2qTo08a+rRg7lHuRQBs0VQ1LVNM0azk 1HWLuGxtIuXmnkWKNR7sxAH4ml07U9N1izj1HSLuG+tZRlJoJFljYezKSD+BoAvUhAIIIyDXP3ni 7wpp1pBf6hrVlbW1y/lxSy3MSRyPnG1GZgGOeMDmvM/2h/jPZfAX4LeJ/i5LZpqx0G0NxBaGcQfa pCQqIJMNjO7JIUnAOBQBz/7PfwHuP2f28Z+GtE1dLnwRrGryatoWliEo+ji7G+6tVk3kPB5vzxKF UoCwO4nNfRteafBvx7/wtD4U+EPiDJ5C3XiDSNPv7mK2ffHDPd20c8kQOSRsL4AY5xjNel0AFFFF AHI+PtL8Va34J1zRvA+qx6Fr9/ZzQWWoSxGdLSeRSqzeWGXcY87lGQMgZ44rjfgL8GvDfwB+E/h7 4VeGCZrfRoMTXLLiS8u5DvuLmTk/NLIWbGTgEKDgCvYKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooA//T/fyiiigAooooAKKKKACiiigAooooAKKKKAPif9qb4r+LvC2r6d4O8MXkmmJPai7nnhOy V97uiorjlQNhJ2kE59qyP2YPi54y13xTN4M8S302rW01u80Ms7GSWJ48ZBkOWKsD/ETg4x1OfpD4 q/Bjwz8V4LZtVkksr+yBWG5hwWCMclHU8MueQOCD0PJzT+FHwN8L/CmS4v7CaXUNSuk8trmYAFY8 glEVeFBIBPJJwOa7VVp+y5banzksDivrvteb3PXp2se10UUVxH0YV+Vn7B3/ACdj+2N/2M+nf+jd Sr9U6/I+z/Zc/bu+Fvxx+LvxK+AfifwLZ6T8T9XGoPFrLX8twkcLzNACsdmyIwE7bgHYHjB4oA6D /gsHcaXD+yVDFdgHUJvEWmjT8Y8wXIWZiU758oSDjnmuH8feD2/a1/b5T4B/Gqee58DfDDwla61N o0MzwW2o6pc/Z98kvlMrMo+0AZzx5e0YDvn0Pw5+xZ8f/ix8V/C3xR/bT+IuneLLTwPOLvSfD2h2 zQ6cLoMrrJM7xwlgGRSVMbF8BS4TKt6V+0H+zF8W7/44aN+1J+zF4i0zQ/H9jYHSdSsNbSZtL1aw 3blSVoA0ispwMADdtQh0KZYA+bte+Gvhz9in9uP4N2vwL87Q/B3xm/tDS9Z8PpPLNZ+dZrH5dyiS OxVt06EH+EK4XCuy1+xlfnd8NP2Yfjl43+P+jftLfta69o13q/hG1kg8O6B4bWcabYvOrLLNK9yP MeTDZ6tltp3bUVa/RGgD+Yqx8C+E/EP/AAR61DxnrOnJc614U8QzPpdyzOGtmvdTs4JyoVgp3xna dwOO2DzX9A/7O3ww8B/CX4R+H/DPw70iPRdMuLaG+khjeRw1zcxI0shMjM2WPXnHoK+FPCP7BHxG sv8Agn34k/ZJ8Ra7pMXifVb1763vbV55rBXS8hu4kdnhilAbydjkRnbuyA2MH7d/Zs0X46eHPhbZ eH/2hJ9FuvEmmuLaGXQjMbd7GGKNITL56IfOJD79o24wRjkAA+Pvjt/yk8/Zn/7A3iX/ANN95XzP +y1+yp8KP2h/j/8AtN638Z7GbxJpOg+P9bt9P0t7u4gs4bi5vLg3FyUgkjzKyJEgbPAXuQpX9D/i V+z14z8Y/ti/CD9oXTL3T4vDvw/sNXtb+3mklW9lfULWeCIwIsTRsoaVS2+RCADgE8E/ZY/Z68Z/ A/xn8bfEXiu90+7tviT4wvvEGnLZSSyPFa3UssiJcCSKMLKA4yELrnOGNAHzh/wTc0ub4eePf2jP gRpV7PN4T8BeKo49Gt55GlNrDdG53IrNz92JM+rAt1Yk/Rv7ecfhm4/Zt16w8Z/Ep/hZoV5NbxXm qQWz3dzPDv3GygiikjkZ5yoB2E/IHDKULEO/Zx/Z68Z/CD4y/Hb4ieJb3T7nTfifrVtqWmx2kkrz www/aNy3KyRRqr/vVwEZxweemYP25P2ZPEH7Unwk0/wr4O1m30XxF4d1e31vTnvVZ7Oae3jli8qc KrkKRKSG2PgjG0gmgD8Pf2lJ/wBmCw+Dun+Mv2V/g3428Gat4XvLGe18a3Fpc2ljgOEG+5kuJPMk kYhkOxWDAYIXIr+nXw3ez6n4d0vUbohprq1glcgYBZ0DHge5r8nfjz+y/wDt+ftZ/DKbwP8AFnxV 4H8K2tg0Vza2Gix37RaleRMFDX08yyNDGiF2QRK+XxuTgFf1V8E6frGk+DNA0rxD5H9q2Wn2sN39 mdng+0RxKsvlM6ozJvB2lkUkYJUHigD8fPiH8DPCX7Qn/BUvxD4G+IJuLnwvZeCrPVL7TobiW3i1 D7NNBHDDOYWRmjWWZZcZHzIK6P4OfDrwx+y9/wAFI9d+FnwoSfSPA/ifwKdcuNIWaWeCO6iuPLDx iVnbcPKYrliR5jKMKQB9g6B+z14z0r9uTxL+0zcXunt4X1nwfH4fhtlklN+t0lzbTF3jMQiEW2Fh kSlskfLjJBd/s9+M5/25bP8AaZS908eF7fwefD7Wxkl+3m7Ny828R+V5XlbWAz5u7P8ADjmgD8W/ gd4s+Fnxyh8W/Gf9p34IfEf40eKPFmo3KwXuiaXcXukadYrjy7Szkju4drREsCMHYAoXB3FvQtH+ H/xT+IP7Evx1+GmteHPFei6N8LdTtvE/gJ/FVhPZ6lFp8Bmke3UyfK7QW0UgxExCNLxwVWvtTw1+ zF+2J+y7rHinQf2SPEHhPVPh54mvpdQtdL8UreLPo1xccOLdrYEPGqqoBZjnAzHu3M30z+yz+zt4 0+EfgfxJbfGrxlP8QfFfjm7lvNYklllksIhKGBtrSKXG2L53LEIm7IG0KqgAH5E/txfFHxV+1Z4c +Ftz8OrnbceDPAMnxL1fyeRFMZIYHU44V7d45CPQMexFfXC+N7P9sD9s34CDTts/h34f+EE8e36L 9yPUdWjjFtC3/TSF/IkAPIG73rsf2L/+Cfmr/s9P8VbL4marZeIdO8ZWp0TS1tZppZINEZrgyRTC aKMI8vmoWRC6BlJyc89T/wAE9f2K/Fv7JWmeM7z4jatp+ueIfElxaQQT2Es8yR6bYRlYELXEUTKx Z23IoKhVTDHGAAfYnx98c6j8Mfgd4/8AiJo67tQ8N6DqWoWo2bx59tbPJEWU8FQ4BbPGM5r8t/gJ +wb8IPjD+yZZ/FjxubvUfit47sZ/EDeKmvZ1vLXUJy8sDx7ZAgER27wQSx3EkfLt/YbxR4c0jxj4 Z1fwjr8P2jS9ctLixu4skb7e5jaKRcjkZViM1+Wvhj9mP9vD4Y+BtR/Zp+G3jzwsfhdcNc21hruo RXbeItN0y7djJDFHGqwNKodthYkAk7XjGwIAfCPgTxD4p1b9h79m79nnQdWuNB0/4weNr/SNWvbV tkv2BdS2SQhv+mhmDY/i2bT8pYH6t/bQ/ZG+Ev7KfwQg/aN/ZqtJvAfjT4a3mnSx3Vtd3Ehv4Li6 itXhuVlkYSBjKGbj5lDIwKtgei6B/wAE7/GLfsdeDfgprfiey0X4lfD7WbjX9E1vTGmuLW3vGuZJ 4lJljhkKsrLuOzKOoYBguGv+Mv2Z/wBtT9p+z0T4b/tTeKfCekfDvTLuG51OLwot5/aGtG25QSNc oEiUtz8oUBvm8s7UAAOG8a2th+2v+2t4W+DfxLe4b4c+FPA1p4vm0JJHt4b7Ur0wgGUxssjKiXUY HzfLsZRje+fZ4/2J/Dv7PWvfEr4l/BjXpfDngjXfCWo21/4R8uW4tpLwW8hW6jnlnJjK4G1fLbGX UMqsFHUfHz9lr4ny/GDwx+0l+yzreleHvHPh/Tf7EutO1lJjpOp6YpJSKQ24aRCnQAKN2EIdCgJx PhX+yz8bfGfxl1H9oH9rrXtIvdb/ALFudA0nRvDgmWwsLO8DrO5knAdpSskijO/72S5wqqAL/wAE 7HSP/gnd4KkdgqrYa+SScAAalfZzX5e6nLLB/wAEYfD80DtHLH4oZlZThlYalOQQRyCD0Nfbfw5/ ZL/bu+Fvw/vf2YvCnxA8Jw/Cq5luootae3un1+10++kZriOCDaIFkfzHbDM21mJWUcYmvv2AvjFd f8E+tN/ZQj1nQR4ts9YbUHujcXX9nGI3ck+BJ9l87dtcDBhAznnHNAHz9+3F+x18PP2Y/hD8Pfih 8G7rUND+Jdt4ksLC88Ri/unvb2a+hnM1xIWlKrI0q78oF4LLgg12n7VP7Lfwm/ZM1j4A/FH4JWdz o3iePxzpWlX1+15cTTalFdB3me58x2UtIY2D7QoZZGUjbgD9AP23P2evGf7Sfwu0HwT4GvdPsb7S /EenavK+oySxRG3tFlDqphimYufMG0FQDzlhS/tjfs9+M/2hdG+HGneDL3T7KTwh4x0zxDdnUJJY 1e0s0lWRIvKilJlJcbQwVTzlh3APzR/aU8e6D8UP28/FHgf40eBPGXxQ+H/ww06zTT/DnhSylvI/ t93bwzveX0STQkL++dFYN8wVB90MG7X9kq41TwT+2Xbab8DPhV4/+Hfwd8baZcLq+m+J9Jurawst WtopJo7mCRpJ0jEgiSMF5MlnZAMFAv1n8a/2YfjZpn7QZ/ao/ZU8Q6Rpvi3VNPj03XtI8QLOdN1S CFVWNy9uGkWRVjjUABfuAh1y4fR+BHwF/aXn+N95+0L+0/42s5tRjsTYaX4b8NzXaaLaxuCGklSb b5jgM2Awc5bcX+VQoB+fv/BOH9ib4H/H79mufxv8adNufEt5dX19p2mh765ij0u0iIYi1SKRVV3n eSRiQQSRxy27lfCfh+z8ff8ABKL4iWXxBDa/P8Kde1K30Ce4kcvZ/Z2t1QphhkKtzKqq2VCtgDAG P1g/YV/Z68Z/sxfAGz+Ffj290/UNWt9QvLppdMklltylw4ZQGmihfcAOfkx6E14p8Mv2I/Hfh/8A ZB+K37OfizW9Mj1fx5quq6hZ3dk009tCt2sBtxN5kUL5Dw/vAqkAHKljxQB9B/sT/DDwH8Mf2avA i+BNIj0keJdG0rWtR2PI/wBo1C7sLfzp28xmwz7RkLhRjgCvq6vlz9kXwV8f/hv8JbD4ffH660G9 u/DcdtpukzaE07K2m2lvHDF9pM8ceZsocsoAIIyAc19R0AFFFFABRRRQAUUUUAFFFFABRRRQAUUU UAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQ AUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAB RRRQAUUUUAFFFFAH/9T9/KKKKACiiigAooooAKKKKACiiigAooooAKKo6jqem6PaPf6tdw2VtHjd LPIsca59WYgCmaXrGk63ai+0W9gv7YnAlt5FlTI7bkJFOxPMr2vqaNFFFIoKKK/FW9m1r9sH9sT4 rfBz4ofF7W/hv4c8AzwWOi+GtEv49LuNVVwRJcs7BhOMqr4KOwWVQuwA5AP2qor80vhf8Gf2lv2a P2jPD3hnwp4q1/4ofBHxNazrqTeILyK7vNCuYUbyWSWRo2KO+wYiQAqX3IWVWPh/w/8A2yfBHwH/ AGoP2nLX45eL9Rkszrej2/h/Sx9p1CQbIrxrhbO2XcsSD93vI2LkoCclaAP2dor54+EX7VHwP+Of gHWfiR8NfEI1PSvDqO+pI0MkV1aeXGZT5kEih+UVirAFXwQpJU47n4Y/GDwJ8YPhnp/xd8CXsl74 Y1OO4lgnkhkhdktZZIZcxyKHGHiYcjnGRwRQB6dRX5X/ALXn7ePhez/Y6k+KvwB8R3drqvjGZrLQ r4afKCrWl3FFfbvOjKwsIi4RnAy2Ch3Yr7h/Z2+L/hj43/CfRvG3hW6uby38tLWeW7t5baVrqCNB MSsyqzAsfvAYbsaAPb6K8l1/43fDvwz8W/C/wP1i+ki8XeMba6u9NthBI0csVmjySlpVUohCxsQG IzjjqKXxd8bfh34G+JPg74TeI76S38SePftX9kwLBJIk32NA826RVKJhTxuIz2oA9Zor4b8W/wDB RX9lrwfrWt+F7zXr2+8QeH9UvdIutMsdNuri7W409tlwwRUx5SNkCQsFbB2k4OPo74NfG34Z/H/w RB8QvhTrKa1o00jws4R4pYZ48b4popArxuuQcMOQQwypBIB6tRXP+K/FfhvwN4b1Hxf4w1GHSNF0 mFri7u7hwkUMSdWYn8gByTgAEnFfCtv/AMFQf2Qp9Us7SXX9StNN1CXyYNWuNIvIdOdycf614wwH qSgAHJIANAH6FUV8/wDxh/ah+CHwEu/DNt8VfEkeiR+Lor2bT7ho5JbeSPT445ZiZI1ZRlZUCDrI zBUBJxXmnwf/AG+P2Z/jf48i+GngvxBcReIbtWezt9Qsp7L7aiLvJgaVQGJUFgpKsQCQpANAH2XR Xy38d/2x/gR+zrruneFPiHq9w/iDVIvPh03TrSW+u/s+SPOdIgQiZU43EFsHaDg4+Rf2Yv2gNO+O n7fXxL1fwD4tu9e8BTeENPnsLZpbhbWGdWtUmItJdoilD7w/yBsk9QckA/V6iuJ+I/xC8LfCjwNr PxG8bXD2mhaBAbm7lSN5mSIEAkIgLNyRwBXxnqX/AAU+/Y303VLTT38X3FzbXPkh7+3066lsrd50 WRY5ZljI3hW+YKG2EENggigD9AqK8u8f/Gv4V/C74dn4seOfElppvhQxRTRXxfzEuFnXfELdYwzT NIvKLGGLDkDGa8F+Ev7e/wCzT8ZfGVr8P/DOv3On69qSl7C21WynsPty9jbvMoRyw5VdwducKcGg D7Lorx7wN8d/ht8RPiF4z+Fnhq/lfxN4Blhj1a0nt5YGj8/d5bxmRQJUYLnchIwVP8Qylp8ePhnf fGTVfgNaak8vjDQ9MXVr6AQSeTbWjlNrSXG3ylYiRCFLZwQcYoA9ior4G1T/AIKZfsgaX4hn0RvF dzd2lpcfZZ9WtdOurjS4ps4Cm6jjKsD2dAykchiOa+hvij+0l8Gfg74K8O/Efx14iitvDHiq9tbH T9RgVrm2lkvYnnhfzIQwETRxs/mH5QBnPNAHudFfNn7Pn7WfwT/afbX0+D+qXOpHw08S3hnsp7ZQ txv8l1aVFUh/LfAzvGPmUcVt/Hf9pX4P/s36Rp2qfFXWWsZNZmaDT7O3gkury8kXG4QwxKzELuG5 jhQSoJyyggHvFFfMPwI/bB+A/wC0Zq2o+Gvhxrcp8QaTH511pV/ay2V7FEGCl/LlUb1VmUMULbSR uxuGfJtb/wCClf7JujG5t4/EF/ql/ZXN1bXNnY6ZdT3MH2Ngk0sqhAEiBPDkjdg7c4NAH3vRXmPw 7+Mvwy+Kvw6g+LHgbxBbX/hSeKWY3zEwJCsGfO88ShGiMeDvEgXaOTxg18pJ/wAFNP2Pn8QjRR4r uRZG5+yDVzpt2NK8/dt2/ajHtx3342Y+bdt5oA++6K8l+Kvx1+E3wU8Br8S/iV4kttJ8OSmNYLn5 p/tLzKXjS3SEO8zOoLAID8oLfdBI+fPhv/wUJ/Zm+Jvj7T/hrper3+ka7rLKmnR6tp1xYpeu5wiw vIu3LnhA23ceFyxAoA+3aK/Nz4PeNPEc3/BRf9ovw7rOu3b+HdE0XQJrazuLqQ2VpvsbV5XjidvL i3EszsoGSST1NfWHwZ/aN+FX7QEmvN8KNQuNasfDtybS4vxaTxWMk4JytvcSIsc2ANx8ssApVujK SAe50VzHjPxn4V+HnhfUfGvjfVINF0PSYjNdXdy2yKJMgAk9ySQqgZLEgAEkCvjbwZ/wUm/ZK8be KLDwtZ+J7nTH1eXybC81PT7mysbt84wlxKgReeMybBnA6kCgD7wor8T/APgpT+0jo7fFb4efs7Qe M9f8I6LHqTyeM5tFiuYbo2kkNvLbJbyxofPzHNISib1V9pdCVAr9Tv2ffD/hbwz8FvB+meCNU1TW 9AksI7yxvNakeXUZre+Juka4aRI33YlxtZVKgBcDFAHsVFfkh8Dv27NN8e/tvfED4f6r4g1C48J3 66ZpnhOx/s6aOOO6EYN20wEQZC0u/Ek3BXAU7cV5X+yf+3v8Lvgx4J+Iel/H3xnqeq+IJfHmuNZ2 pW61S6h0yKK1VWydwit1cSbQWUZD7QcNQB+4dFfHfxC+Nfwc+NP7JXi74meD/iDc6R4PnsZo59e0 mOYX+nNGyiTEI2TpMmR8hCttYMPlIJin/ab+Bn7O/wCz/wDC/XPHfjO71ay17RNLi0a5lt57jVtb UWkJW4NuoeXzJFZXlL4Cu4Vm3MAQD7Jor5h+BH7YPwH/AGjNW1Hw18ONblPiDSY/OutKv7WWyvYo gwUv5cqjeqsyhihbaSN2Nwz9OkhQWY4A5JNAC0V+f3iT/gpv+yP4d1K8sofEF/rdrp03kXWoaZpl 1dWELg45uAgRx6NGWB7Zr6bvv2hfgzp3wdX4/wB34qtV8Avbi6TVBvaN0Z/LCqgXzDIZPk8sJv3/ AC7dwIoA9mor899P/wCCoP7H93ZS3l74kvtKZPKaKG80u7iluY5nCLJAuwiRcnnByBkkYBI+hPjp +1L8Ev2c10yH4pa8bLUNaLCxsLaCW8vbnacEpBArsFzxubCk8A54oA+hKK+VPgR+2f8AAX9onxFf +DPAGrXMHiXTYjPNpep2ktjdiFSAXVZBtcAsMhWJGQSADmvK/g98UfhR8NY/2h/iFf8AxK1rxXpf hnxTfy63FqFvcsmgyJNIr2VkrFzJBGx2r5Q24UYGKAPv+ivz91L/AIKffsb6bqlpp7+L7i5trnyQ 9/b6ddS2Vu86LIscsyxkbwrfMFDbCCGwQRX3ppmp6drWm2msaRcx3ljfxRz288LB45YZVDo6MOGV lIII4INAF6iiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACii igAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKK ACiiigD/1f38ooooAKKKKACiiigAooooAKKKKACiiigD89f2ybrW/wDhKdDspS40gWZkiHPltceY wlPoWCbPoD71ifsh3Wtp8Qryzsi502WydrpefLBVl8pj23ZJA74Le9foN4i8LeHfFth/ZniXT4dR tgdwSZQ21vVT1U+4INReGfB/hjwdaPY+F9Mh02GQ7nES4LkcAs3ViO2Sa7FiV7PksfPSyWbxn1nn 038/Q6SiiiuM+hCvyxuvAn7Gn/BRvxb43sfEvha+0Px78PL+TRb2czJYasUt2MYm2wySxyxB1ZEa ZGK7cfKCAf1Or4c+OX7AHwU+Nfjlvinb3useA/GsibZdW8NXa2M1wwxh5wY3VnAGCy7XYYDMcDAB 8WL4Y+Jn7AX7T3wd+HvhL4oar45+HvxT1I6TJ4f1mUXNzYqXihE8fIVVRplffEkX3GVlYV6x+xx4 X0O+/bu/ax8X3dpHLqukajpVpazsgLwxXq3LThGIyu8wR5x1xzX0L8DP2Dfg78E/HH/C07jUda8e +N1i8qLWPE14L+4tgQQxtwEQIWDEbjuYAkBgGbPsXwx/Z68F/Cf4l/En4qeHbzULjVvildWd3qcV 1JE9vDJZLMsYtlSJHVT5zbt7yE4GCOcgH51fDnTbTR/2tP23NG0W3W1tZvD9jcGGJQqNNNpryu20 cbmeV2J7lie9ew/8E+tc0rSv+Cb3hjWL65SO10rTfEUly5YYiWK/vnbdnpheeexBr6w8H/s6+BvB fxl+IPxw0+5vrrW/iTDZQalbXLwvYoljEIUEEawq43Kvz75HBOcYHFfKth/wS9+BmlapeWmm+KvF 9r4F1C7F7c+D4tYaPQp5AwOyWFYxI8eAFw0hfA+/QB+fWn/8oQNT/wCwkv8A6kUVfvz8OyD8P/DB ByDpdl/6ISvnTQ/2Kfg/ov7L95+yVJcapqPgu980tNc3EX9oLJJdfbFkWWKGOMNFMFZMxEcAMGGc +m/s/fA/T/2e/h8nw70rxPrfiqzhuHmiuNduUuriFGREWCNkjjCwoEyiY4JODjAAB8W/HWWK2/4K ffs3S3DCNJNE8QxqzHALmzvAFye5JAA7kgVT/ah1Sxm/4KK/ss6LHKrXlpFrs8sYI3LHcW7LGxHX DGJ8fQ19W/tKfsl/DX9p630C48XXep6Dr3hWZ59J1nRbkWt/aPJtLBXZXUqWRG5XcpXKMpJz5V4A /wCCefwi8C/Evwr8Zp/E/inxL448MXF1ctqusakl7PqBuYBbiO7MkJJjhXcYhGUILtvZxgAA8U/4 J5aP4Rb4/ftZa+kcL+KE8f6pbSOcGaOwa9unjC91SSUPuxgMUGc7RjU/Y+t7DS/25f2rdH8CJEnh GO60WWZITiKPVZIpDcBVHyhjMbgPjHKgEcYHzd+zh+yxo3xy+Nv7S/i6Hxp4o+H/AIj0n4h65Yx6 j4Z1E2Es1nPdzO8Mw2sHTcNwxtOeSTgAfrX+z/8As8fDf9mzwQfA/wAObeYx3E73V7fXkgmvr+6k +9NczBV3NjgAKFA6Ac5APJP2+vHfwm+H/wCzL4i1P4z+HJfF/h+8ltbVdHiu5bI3120okgjaeFle NFaPzGYZwE4VjgV+b37Yd5+2Vqf7HOuD4qeE/Anw5+G9jb6WkOkQS3N1rK7bmBLSCBlZrdGT5d2M EIrDpmv2R+OXwQ8A/tD/AA31L4W/Ei2kuNH1Io++B/KuIJom3RzQvhgroemQQQSGBUkH41m/4Jjf CvxHoDeGfij8RPHfj3Tra3e30yDV9b82DSyylEntYREIxNGpIUurpjgx4AFAHzR8a/D+keM/F/8A wTy0XxHbpf2F3ZmSaGZQ8cvlWWkShXU5DKWUZB4I4Ne5/t56bYw/tI/ska9DCseoDxmLTzlADmB5 bUmMsOSuc4HQZPqa+n5v2Qvh3dXnwTv7zWdauJ/gPDJBobPNbZuY3iggxfYth5hVLdADF5XcnOa7 X4u/s9+C/jP4t+HfjPxTe6ha3vwz1ZdZ01LOSJIpbhWjYLcCSKRmjzGOEZD1+agD4n/ZGt7DUP27 /wBqrVvFscTeL7K80qCwMhzNHpDRygeVnkKyJbeZjgHYO/Od8B9H8I6J/wAFTfjra+EI4YIpvDFl PdxwACNb6ZrJ5+F4DMx3v/ts2ec19O/HL9i74f8Axn8e2PxZ03xFr/w78c2dv9kfWvC96LC6urbo I7htjb8DgMMNjCklVUBn7Pv7EHwl/Zu+IGsfEvwPqmu6jrev6f8AYL+TVr1Lz7QzTLPJcu3krIZ5 HUFzv2dcIDzQBP8At9/8mbfFj/sCyf8AoaV8+3fgTwpp/wDwSUOjW2mwLaS/DSLV3QRrhr6XT1v2 nIx9/wC0HzN3XPOa++vi98L9A+NPw08Q/CvxTcXNrpPiW1a0uZbN0S4RGIOY2kSRA3H8SMPasC5+ BvhK6/Z/H7OEl3fDw0PDieGPtAki+3fYo7UWYk8zyvK87yxkt5W3dzsxxQB+GXxkfxtrPwj/AGCv Deif2VPDewK0EPiFpjos+pQJZJZpfLD8xjAYooHUOy9M17T+134G/bK8YaH4Lvfj14k+D/gdtC16 1u9D1W2utXsr1b+IMywQzTRzYV9oZlC9UU5BUV+kHib9jj4L+M/2fdA/Zu8WW95qnhzwxbwQ6bdy TKmpW0tshjjuEmjREEoViD+72MCQUI4rybwZ/wAE7PhnovjzQfH/AMQ/G/i/4o3PhRxJo9r4p1QX 1pZOhBRljEaZZCqkDIQkAlDgYAPKf2ir6w/Zd/bp+HP7S17Mun+D/iZYT+FPE054ijuYVD2c8p6A ttiGeyQv0zz85eCbLxj4k/Yu/af/AGxpYpbfxL8Ymv5bM5Ilt/D9nIbZUVhyAsZmU44KRoc9DX64 ftGfs8eAf2n/AIZ3Hws+IzXcGmy3MF3HcWDxx3dvPbtlXieWOVASpZGyh+RmAwcEdz4P+GnhDwT8 NNK+Emk2Sy+GtJ0yPSUt7gLIJbWOLySJhgK5kXPmHHzEkkc0Afjv8DfDH7Zl1+xvoOg+EbT4N/8A CqNT8ONJM2pHVxKbWaItdS37R/uRcK28zsPlWRWxgKK8R+K3gSew/wCCdvwJ+HGu+KdJ8Z2B+Jlp ZRahol1Ld2b2lwuo/u1lljibMZdkK7QFwAOlfoJff8EvPhIbe98MeHPiD458O+A9Tna4ufCtjrWN Icucsgikidth6NvLsf72QMfRHjz9jz4O+Ofhf4E+D0UV54c8MfDrVrLWNLg0qWONvtFisqoszTxT F1kMztKeHdzuL5JyAfSGj+H9C8PW62mg6dbadAkccSpbRJEojhG2NMIB8qDhR0A6V+dP7aPwwvfH nxu+FHiD4PfEjRfCXxt8MR302h6TrWJIdStJkbziI9kpUqscgDeWcjOCrIrD9La+X/2j/wBkv4Z/ tMx6HfeK7rUtA8ReGJHk0vW9EuRaajal8FlWQq4KkqDgrkHlSpJJAPiv4NfFvx5pv7ZnhzwF+1t8 JdF0T4seItGuIdF8V6HMXjurO1SaVo5I/NlADLHINxIcEKDGFKldP/glTo3hBPDXxn120ihbxLce O9Ttr2TA88WcaxvbIe4j3vMV7Ft3XHH0v8Ev2Jvh78HviC3xe1fxN4j+Ivjr7MbOHWPFGoG/ntYH 3B0txtTYGDEHcWIBIUqGYH82P2KP2RNC+N/hr4pePIPHXiz4f68vjrXNIuZ/DWpmxW909EtpkhuE KOG2vNIVIx9453YGADzPxRcah4b+BH7eGlfC7Fv4Pt/Fmmw2gtGKxR/aNQ8rU0iCfL5fl7IyBx5Z I+6BX0Ja+Df2ytV/Y5t/CEifBax+EF34Wj/0mZtYTydPktg4u3kwY1uFz5pkwcTfNya/UD4Z/s1f B74U/B2X4FeGtDSbwnewzw38V2RLLqBul2TyXUgCmR5F4JwMABVCqqgfIk3/AAS4+Ekll/wiEfxE 8dxfD03BuP8AhExredIBL+Z5YjMRbZn1Jkzzv3c0AfNGreJvDnw7/Zy/Zd+G2teG9L+PXxPnvrlP B72OrXCaIkljd7Ibhpm8kSrDG0EQjljCArINwVTu4j9sO9/aqvfHn7P+sftJweDNGU+NtP8A7K0/ w+11LqMeJoTO8805ZDGP3YPltgttJ6V+pPxq/Yq+DPxn8F+DfBzpe+ED8Oyp8OX2gzi0u9MChBth dlkGD5UZJI3blDBg3NeNaj/wTL+EfiZrLWvHvjzxv4q8Xabd2t3a+INS1hLrULUWhLpBCJoJIFhL kOymNm3AYcDIIB+a/wC1f8O/j/8AE39sH9qHw/8AA+7EVrb6Fod5rtojlLnUbG30yyYWcOxS7GQ5 YoCocLsJO4K37MfsT/EH4SfEf9m7wjrHwY0uDQNCs7cWc2lQHJ0+9hA+0QSE/M77zv8AMf5pVYSH l67fwn+z14L8HfHfxx+0Lpl7qEviPx/a2Npf280kTWUcdhDHDGYEWJZFYrEpbfI4JzgAYAwPg7+y v8PvgT8R/G/xC+HWoapZQePZvtN9obTQNo8Nzu3efbQiBZYnyXGPNK4cjbhUCAHyN/wVidH+EHw2 03XJfJ8I6h470mDXG3FF+xmKdiHYEYTALE9mCnOcV6X/AMFIPDfw7H7EHjS21iztLey0W1s20dVR EW3uknijtltgMbcg7MJ/yzLD7ua+wvip8LPAvxp8Cap8NviRpi6toGsIqTwszIwKMHR0dCGR0YBl YHII9MivivQf+Canwktb3RIfHPjfxn8QPDXhiaObS/D3iDVxdaRbGIYRTbrEgZVHAXhdvysGUkUA fOPxCv8AXdU8ff8ABO7U/FDSPrF3Zyy3jSkmRrh9O0tpC5bneWJLZ5zmv2krwb4lfs7+CPil8Rvh p8Tddur+01L4V3N3daVDZyQx20rXiwq63CPE7MqiFdojePHOSeMe80AfmH+zuQP+Ckv7UKnqbDw0 cf8AbjDXN/8ABKrwpoCeEvjR4w+xRHVtR8f6vp005RTI1raxwSxxFsZ2B55Dt6ZNfUPiP9jH4fa3 +0fbftPaT4j8Q+G/FBezbULbTL1IbDVBYhEjS7iaJ2ZGSNEkQOFYKCAGyx9I+AP7PXgv9nLQPEXh zwReahe23ibXbzxBctqMkUrpdXqRJIkZhihAiAiXaGDMCTljxgA/HLwRZWuj/sh/txeH9LiW207T fF+uRW0EYCxxIkiIqqo4ACooAHYCvV/EHwwvfHngf9kTxB8HviRovhL42+GPBGmTaHpOtYkh1K0m 0uLziI9kpUqscgDeWcjOCrIrD7wsf2LPhZYeAvi18O4dU1ltN+Mmp3eq6vI09uZ4J71t8i2jC2Co gP3RIsh9SazPib+wt8Hvif8AD34feB76/wBZ0e/+F9ha6doOv6bdJbavBDaQxwrvmWLy2LCJWbEa 4bJTZk0AfLfwa+LfjzTf2zPDngL9rb4S6LonxY8RaNcQ6L4r0OYvHdWdqk0rRyR+bKAGWOQbiQ4I UGMKVK/pn8WvEPhXwl8LfF/ifxykknh3StIvrnUUhZlle0igdpkjKsjB2QELhlOSMEHmvnb4JfsT fD34PfEFvi9q/ibxH8RfHX2Y2cOseKNQN/PawPuDpbjamwMGIO4sQCQpUMwP1d4m8N6J4y8N6r4R 8S2i3+ka3az2V5bvnbNb3CGOVDjBwysRwc0AfjB8MfE37Tnir9mO8PwG+GXgX4T/AANudN1SeH/h IL691K7fTn803Mp2MSzP8/M64xgZ27TXyN4Hlsr39lL9kPQ/GoR/AN38SrxdZE5xbcX37pJs/L5b RvOWz/DuPrX6oeHv+CZHwq0SyXwhd/ELx1qvw9jnM6+EZ9bKaK25zIY5IoY42aPed2AytnksTkng fj58FPhT+yX+yOvwvk8Daz8V/hfda/5+qrcXqDUNBt7oFje2r29qpKwSLlQ2DmQh5NjEAAp/8Fgd L8Ef8M8eFr7VIbePXbTxJZRaS2FEwR45PtEaY58vYoLAfLlUzztrb+PfxJmP7auneEv2efhXYeNv jfonh0yXOua1qM1vY6TpUrZ8tYBIEZj5wLOoVwJdo3bmx+bXjv4c/s2fHjU/A/wv/ZL1zxl8WPFt 7qloJdQ1+e8ks/DmjRZa4jXz4baNFPynowwmFbcVDftZ8c/2JvAXxo+JNh8ZNO8UeIvh945srYWT ar4avhZTXFupOElyj5wCVypXK4DbgFAAPz/8KN8bE/4KofDOX4/T+Gf+EuuvC1+zweFluBbQWv2e +8mOdrnLvNlWbJJ+Urg4xXH2H/JC/wDgoP8A9jlrP/pZLX6IfD7/AIJ8fBr4b/FTwx8bdH1/xPfe N/Dz3clxqepamt9Pq7XcJt2/tBpoW3bImKp5PlYBydxAI66L9iv4WQ+E/jF4OXVNZNl8btTutV1p zPb+bbz3cjSutmfs+1EDMdokWU46k0AfPl34E8Kaf/wSUOjW2mwLaS/DSLV3QRrhr6XT1v2nIx9/ 7QfM3dc85r6c/Yilkm/ZE+ETysWI8N6euSc8LEFA/AAAV39z8DfCV1+z+P2cJLu+HhoeHE8MfaBJ F9u+xR2osxJ5nleV53ljJbytu7nZjiun+Ffw40P4Q/Djw58MPDU9xc6V4YsorG2lu2R7h4oRtUyN GkaFj3Koo9qAO/ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiii gAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKA CiiigAooooA//9b9/KKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigCvbWlrZo0dpCkCsxYhFCgsepIHc9zViiigAooooAK KKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoo ooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiii gD//1/38ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigD/9D9/KKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo A//R/fyiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACop/O8mT7NtEu07N+du7HGcc4z1xUtFAH5gaPdftL6Hp37VWkW/iqb xn8RtJsNMn0lrWAwW9tc3WltN5OnWbPKEEecRglmldQz7mY0v7MPxI09P2hNL+Hfw313xd4h8Ia1 4NuNS1JvFf8AaUkkWtWF3bRyPC+pjzFcrclbmOE+SHZNvIIr7dl+CPg641X4j6rdTXkrfFC3trbV I/OCLHHa2hs0+zNGqyRsYzksXYh+VK9Ky/hl8BtI+HXiS58aah4l1rxn4imsI9Jh1DXJoJZrXTop DILaEW0FugVn2tI7K0kjKpdzgYAPdaKKKAP/0v38ooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD/9k= --_004_TY1PR01MB1466B7B9186A75EFA9315FFCE5F10TY1PR01MB1466jpnp_-- From nobody Thu Dec 3 23:29:51 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2C9C93A13F3 for ; Thu, 3 Dec 2020 23:29:50 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.898 X-Spam-Level: X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TL67BdSDt-kJ for ; Thu, 3 Dec 2020 23:29:48 -0800 (PST) Received: from p3plsmtpa12-07.prod.phx3.secureserver.net (p3plsmtpa12-07.prod.phx3.secureserver.net [68.178.252.236]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2ECD43A13F2 for ; Thu, 3 Dec 2020 23:29:48 -0800 (PST) Received: from [192.168.88.250] ([94.155.17.31]) by :SMTPAUTH: with ESMTPSA id l5XGkPvDQJwSFl5XGkimuG; Fri, 04 Dec 2020 00:29:47 -0700 x-spam-cmae: v=2.4 cv=dcRFYVbe c=1 sm=1 tr=0 ts=5fc9e56b p=_Y5QVBCcAAAA:8 a=+I3yL00+yDwT8KNLgfs+4A==:117 a=+I3yL00+yDwT8KNLgfs+4A==:17 a=q0rX5H01Qin5IyBaTmIA:9 a=r77TgQKjGQsHNAKrUKIA:9 a=pGLkceISAAAA:8 a=48vgC7mUAAAA:8 a=1XWaLZrsAAAA:8 a=bni3dQmXGEzwKo8-QP0A:9 a=QEXdDO2ut3YA:10 a=IW_zQs2oMLEA:10 a=YWXEy_97qxwA:10 a=1xOB4YiTHOsA:10 a=hhRRb06fAAAA:8 a=EnT5GZYCVyqKcKa3HN4A:9 a=4MmiVwRYZYX5uFfh:21 a=_W_S_7VecoQA:10 a=D8lnhvtxf0AONpHuB7QA:9 a=ZVk8-NSrHBgA:10 a=30ssDGKg3p0A:10 a=IdGyktwZ2tr74praB_5u:22 a=w1C3t2QeGrPiZgrLijVG:22 a=n3QqoSL0uoLsV-jlCK0K:22 x-spam-account: vladimir@connect2id.com x-spam-domain: connect2id.com X-CMAE-Analysis: v=2.4 cv=dcRFYVbe c=1 sm=1 tr=0 ts=5fc9e56b p=_Y5QVBCcAAAA:8 a=+I3yL00+yDwT8KNLgfs+4A==:117 a=+I3yL00+yDwT8KNLgfs+4A==:17 a=q0rX5H01Qin5IyBaTmIA:9 a=r77TgQKjGQsHNAKrUKIA:9 a=pGLkceISAAAA:8 a=48vgC7mUAAAA:8 a=1XWaLZrsAAAA:8 a=bni3dQmXGEzwKo8-QP0A:9 a=QEXdDO2ut3YA:10 a=IW_zQs2oMLEA:10 a=YWXEy_97qxwA:10 a=1xOB4YiTHOsA:10 a=hhRRb06fAAAA:8 a=EnT5GZYCVyqKcKa3HN4A:9 a=4MmiVwRYZYX5uFfh:21 a=_W_S_7VecoQA:10 a=D8lnhvtxf0AONpHuB7QA:9 a=ZVk8-NSrHBgA:10 a=30ssDGKg3p0A:10 a=IdGyktwZ2tr74praB_5u:22 a=w1C3t2QeGrPiZgrLijVG:22 a=n3QqoSL0uoLsV-jlCK0K:22 X-SECURESERVER-ACCT: vladimir@connect2id.com To: oauth@ietf.org References: From: Vladimir Dzhuvinov Autocrypt: addr=vladimir@connect2id.com; prefer-encrypt=mutual; keydata= mQENBFQZaoEBCACnP2YMDex9fnf+niLglTHGKuoypUSVKPQeKDHHeFQVzhRke+HBEZBwmA9T kZ+kEhyrNqibDPkPYVPmo23tM8mbNcTVQqpmN7NwgMpqkqcAqNsIyBtt09DjWOQVm57A3K+y uXI7SdNErdt79p2xQseOhqSC9+LgWuyh+mZsl2oFD4glFFfKSCMp2jATXrAMeGzigTnW+Xe0 tRzrwFN9zqykKxhUq9oHg1cNvoDtfxgsc9ysVHbxM/PM8o9lgj3YTQwKMBcCFclTqohji7ML fQ08eQo+acKTwC1WRzeLt9PknGt3C4TmvdCl0c1BQTTTNiF96Hu4kbaiBIbsfxJOR8+VABEB AAG0LFZsYWRpbWlyIER6aHV2aW5vdiA8dmxhZGltaXJAY29ubmVjdDJpZC5jb20+iQE+BBMB AgAoBQJUGWqBAhsjBQkJZgGABgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRAZ0vUyOqri Ql62B/wOO0s2JC/QvO6w9iSsRhCOa/JZi+wO+l01V7eGCQ1cYf1W26Y7iKiUlY4/Kz+cr69D pMtkv3UpDTGejKEfspLUxz5Vo3T4oAKbTtNtVIZL/XxH3/JhJ719Jj4eLoe9/djKkGYTX2O5 bMk8TpO1DDjbIw4r9XKI9ZIk96zlKnZvrg7Ho7oOl0ZIf8AzcvdqZEUogDwyr8uwOU+jIyux mOTthepBzXCNjjBjnc8I1//9YppAIaGJ5nnXelVVD1/dyOszogervzFNANEIOvNvCd9G5u4e s7qkDKWKY7/Lj1tF+tMrDTrOh6JqUKbGNeTUB8DlPvIoNyqHUYfBELdpw1Nd Organization: Connect2id Ltd. Message-ID: <9a58bd66-e259-ebb9-1ed5-3f5075f44d97@connect2id.com> Date: Fri, 4 Dec 2020 09:29:45 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-256; boundary="------------ms030700080203090701030804" X-CMAE-Envelope: MS4xfCo78uyv45NhGzGurYiaD1490fyuGaGzAcvUglYnw9h8Hie0e1hMOysLrqSv0zn0YOzRXbzO0TGLk7k8D+EAidGUI5g3Dh52zGEx7VJLAfjoFY8CfLNc GfI9wxys6ImMNHn5cbIutZ/+KHbn4Lg6DDi+dDA+o7h/ldissV8Uqn0d2xyn1spOQxygQp00+mtfhQ== Archived-At: Subject: Re: [OAUTH-WG] PAR error for redirect URI? X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Dec 2020 07:29:50 -0000 This is a cryptographically signed message in MIME format. --------------ms030700080203090701030804 Content-Type: multipart/alternative; boundary="------------167F371A21B0AEA7F3946D65" Content-Language: en-US This is a multi-part message in MIME format. --------------167F371A21B0AEA7F3946D65 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable If people have articulated a need to have an invalid_redirect_uri error for the PAR endpoint, then let's register it properly. Rifaat says there's still time to do this. I'm also okay with using the general invalid_request code for this. In this case a sentence, next to the current example, spelling out what the PAR endpoint must do on a invalid redirect URI will help. Vladimir On 03/12/2020 13:49, Rifaat Shekh-Yusef wrote: > Torsten, Filip, > > You can absolutely make this change, as we are still very early in the > process.=C2=A0 > So feel free to continue this effort and try to get WG agreement on > this, and update the document as needed.=C2=A0 > > Regards, > =C2=A0Rifaat > > > On Thursday, December 3, 2020, Filip Skokan > wrote: > > To be clear, I'm not advocating to skip the registration, just > wanted to mention a potential concern. If the process allows it > and it will not introduce more delay to publication, I think we > should go ahead and register the error code. > > Best, > *Filip* > > > On Thu, 3 Dec 2020 at 11:06, Torsten Lodderstedt > > wrote: > > > > > Am 03.12.2020 um 09:56 schrieb Filip Skokan > >: > > > > There are several documents already mentioning > "invalid_redirect_uri" as an error code, specifically RFC7519 > and OpenID Connect Dynamic Client Registration 1.0. But these > don't register it in the IANA OAuth Extensions Error Registry, > presumably because they're neither for the authorization or > token endpoints. > > > > While I think it'd be great if we had this error code > registered, I also worry that its registration could confuse > implementers to think it's okay to return it from the > authorization endpoint. > > I understand your concern. On the other hand, registering the > error code is in my opinion the proper way forward. The > registration is scoped to a usage location, should be pushed > authorization endpoint then, and RFC6749 gives clear guidance > on how to treat errors related to the redirect URI at the > authorization endpoint. > > "If the request fails due to a missing, invalid, or mismatching= > =C2=A0 =C2=A0redirection URI, =E2=80=A6 authorization server ..= =2E MUST NOT > automatically redirect the user-agent to the > =C2=A0 =C2=A0invalid redirection URI." > > I think if an implementor ignores this, it will ignore any advi= se. > > best regards, > Torsten. > > > > > Best, > > Filip > > > > > > On Thu, 3 Dec 2020 at 00:29, Brian Campbell > > wrote: > > During the course of a recent OIDF FAPI WG discussion (the > FAPI profiles use PAR for authz requests) on this issue it was > noted that there's no specific error code for problems with > the redirect_uri (the example in > https://www.ietf.org/archive/id/draft-ietf-oauth-par-04.html#se= ction-2.3 > > even shows a general error code with mention of the > redirect_uri not being valid in the error description). Some > folks on that call thought it would be worthwhile to have a > more specific error code for an invalid redirect_uri and I > reluctantly took an action item to raise the issue here. At > the time I'd forgotten that PAR had already passed WGLC. But > it's been sitting idle while awaiting the shepherd writeup > since mid September so it's maybe realistic to think the > window for a small change is still open. > > > > Presumably nothing like an "invalid_redirect_uri" error code > was defined in RFC 6749 because that class of errors could not > be returned to the client via redirection. But the data flow > in PAR would allow for a "invalid_redirect_uri" so it's not an > unreasonable thing to do. > > > > As I write this message, however, I'm not personally > convinced that it's worth making a change to PAR at this > point. But I did say I'd bring the question up in the WG list > and I'm just trying to be true to my word. So here it is. > Please weigh in, if you have opinions on the matter. > > > > > > > > CONFIDENTIALITY NOTICE: This email may contain confidential > and privileged material for the sole use of the intended > recipient(s). Any review, use, distribution or disclosure by > others is strictly prohibited.=C2=A0 If you have received this > communication in error, please notify the sender immediately > by e-mail and delete the message and any file attachments from > your computer. Thank > you._______________________________________________ > > OAuth mailing list > > OAuth@ietf.org > > https://www.ietf.org/mailman/listinfo/oauth > > > _______________________________________________ > > OAuth mailing list > > OAuth@ietf.org > > > https://www.google.com/url?q=3Dhttps://www.ietf.org/mailman/lis= tinfo/oauth&source=3Dgmail-imap&ust=3D1607590629000000&usg=3DAOvVaw3aW1gd= v4EEiLmNYzlsJj-A > > > --------------167F371A21B0AEA7F3946D65 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable

    If people have articulated a need to have an invalid_redirect_uri error for the PAR endpoint, then let's register it properly. Rifaat says there's still time to do this.

    I'm also okay with using the general invalid_request code for this. In this case a sentence, next to the current example, spelling out what the PAR endpoint must do on a invalid redirect URI will help.

    Vladimir

    On 03/12/2020 13:49, Rifaat Shekh-Yuse= f wrote:
    Torsten, Filip,

    You can absolutely make this change, as we are still very early in the process.=C2=A0
    So feel free to continue this effort and try to get WG agreement on this, and update the document as needed.=C2=A0
    =

    Regards,
    =C2=A0Rifaat


    On Thursday, December 3, 2020, Filip Skokan <panva.ip@gmail.com> wrote:
    To be clear, I'm not advocating to skip the registration, just wanted to mention a potential concern. If the process allows it and it will not introduce more delay to publication, I think we should go ahead and register the error code.

    Best,=
    Filip


    On Thu, 3 Dec 2020 at 11:06, Torsten Lodderstedt <torsten@lodderstedt.net> wrote:


    > Am 03.12.2020 um 09:56 schrieb Filip Skokan <panva.ip@gmail.com>:
    >
    > There are several documents already mentioning "invalid_redirect_uri" as an error code, specifically RFC7519 and OpenID Connect Dynamic Client Registration 1.0. But these don't register it in the IANA OAuth Extensions Error Registry, presumably because they're neither for the authorization or token endpoints.
    >
    > While I think it'd be great if we had this error code registered, I also worry that its registration could confuse implementers to think it's okay to return it from the authorization endpoint.

    I understand your concern. On the other hand, registering the error code is in my opinion the proper way forward. The registration is scoped to a usage location, should be pushed authorization endpoint then, and RFC6749 gives clear guidance on how to treat errors related to the redirect URI at the authorization endpoint.

    "If the request fails due to a missing, invalid, or mismatching
    =C2=A0 =C2=A0redirection URI, =E2=80=A6 authorization serve= r ... MUST NOT automatically redirect the user-agent to the
    =C2=A0 =C2=A0invalid redirection URI."

    I think if an implementor ignores this, it will ignore any advise.

    best regards,
    Torsten.

    >
    > Best,
    > Filip
    >
    >
    > On Thu, 3 Dec 2020 at 00:29, Brian Campbell <bcampbell=3D40pingidentity= =2Ecom@dmarc.ietf.org> wrote:
    > During the course of a recent OIDF FAPI WG discussion (the FAPI profiles use PAR for authz requests) on this issue it was noted that there's no specific error code for problems with the redirect_uri (the example in https://www.ietf.org/archive/id/draft-ietf-oauth-par-04.html#section-2.3 even shows a general error code with mention of the redirect_uri not being valid in the error description). Some folks on that call thought it would be worthwhile to have a more specific error code for an invalid redirect_uri and I reluctantly took an action item to raise the issue here. At the time I'd forgotten that PAR had already passed WGLC. But it's been sitting idle while awaiting the shepherd writeup since mid September so it's maybe realistic to think the window for a small change is still open.
    >
    > Presumably nothing like an "invalid_redirect_uri" error code was defined in RFC 6749 because that class of errors could not be returned to the client via redirection. But the data flow in PAR would allow for a "invalid_redirect_uri" so it's not an unreasonable thing to do.
    >
    > As I write this message, however, I'm not personally convinced that it's worth making a change to PAR at this point. But I did say I'd bring the question up in the WG list and I'm just trying to be true to my word. So here it is. Please weigh in, if you have opinions on the matter. >
    >
    >
    > CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.=C2=A0 If yo= u have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you._______________________________________________ > OAuth mailing list
    > OAuth@ietf.org
    > https://www.ietf.org/mailman/listinfo/oauth
    > _______________________________________________ > OAuth mailing list
    > OAuth@ietf.org
    > https://www.google.com/url?q=3Dhttps://www.ietf.org/mailman/li<= wbr>stinfo/oauth&source=3Dgmail-imap&ust=3D1607590629000000&= amp;usg=3DAOvVaw3aW1gdv4EEiLmNYzlsJj-A



    --------------167F371A21B0AEA7F3946D65-- --------------ms030700080203090701030804 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADCABgkqhkiG9w0BBwEAAKCC CzMwggUbMIIEA6ADAgECAhBs/e7jES6a32XKZxs4R01iMA0GCSqGSIb3DQEBCwUAMIGWMQsw CQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxm b3JkMRgwFgYDVQQKEw9TZWN0aWdvIExpbWl0ZWQxPjA8BgNVBAMTNVNlY3RpZ28gUlNBIENs aWVudCBBdXRoZW50aWNhdGlvbiBhbmQgU2VjdXJlIEVtYWlsIENBMB4XDTE5MTEwMjAwMDAw MFoXDTIxMTEwMTIzNTk1OVowKDEmMCQGCSqGSIb3DQEJARYXdmxhZGltaXJAY29ubmVjdDJp ZC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG5mL+CcvSppMj/W8Kd0/E 1/y5/s94gmbIFzEugHyMPV2dd6lusiALe35QCtu3e8Wy6FkCwzxWmmzhF4FY/e4uPbDjco3w /GgHhz2KXe385u31c32/uM3jRqhYT5JvmXxte/GgmjcW1yWcPkKEz/sCezdIYpI9Pek+P4Gr xmbt8H+wJrwfrXKTJXXT+gFjCcZDRLm67X4U57TsaCoezTe7zOoPX9zxMTyZD/cvC/SfuVxQ U60ZsfZzdcgPwScgy3JaiPegcbnqqebjJqtRx42eRjrBZ1/u411rHN2QQLgiih7D1/4PJC9f /8nHgaerLy3ogdu1dw5+vQ1TRIYBmcIXAgMBAAGjggHQMIIBzDAfBgNVHSMEGDAWgBQJwPL8 C9qU21/+K9+omULPyeCtADAdBgNVHQ4EFgQU446sriG/NgywLZA2oBG79Yr2qyAwDgYDVR0P AQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwQGCCsGAQUFBwMC MEAGA1UdIAQ5MDcwNQYMKwYBBAGyMQECAQEBMCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8vc2Vj dGlnby5jb20vQ1BTMFoGA1UdHwRTMFEwT6BNoEuGSWh0dHA6Ly9jcmwuc2VjdGlnby5jb20v U2VjdGlnb1JTQUNsaWVudEF1dGhlbnRpY2F0aW9uYW5kU2VjdXJlRW1haWxDQS5jcmwwgYoG CCsGAQUFBwEBBH4wfDBVBggrBgEFBQcwAoZJaHR0cDovL2NydC5zZWN0aWdvLmNvbS9TZWN0 aWdvUlNBQ2xpZW50QXV0aGVudGljYXRpb25hbmRTZWN1cmVFbWFpbENBLmNydDAjBggrBgEF BQcwAYYXaHR0cDovL29jc3Auc2VjdGlnby5jb20wIgYDVR0RBBswGYEXdmxhZGltaXJAY29u bmVjdDJpZC5jb20wDQYJKoZIhvcNAQELBQADggEBAEE73kCtUigl/bhLrqS6AsCU+jKm1fxq BY09+ktBwVcu5WgM18Uov3WvzVnjXn5BNNVM3RwhWFXyW3pPnDPyjqgxcpfoyY5SJEzvcPlu wm69z/dzqasVhsHPIFSjACnUBrFZPsq/abMQr4yFOMVyX/EudYgmZVu2Er9Ui7YbTO1Nolap xlseQIgQhVcr7aSs02PLDANuwW/asgKExYzhPdt9MF1lezj968Mv74kRo1T/lm5RFNfh2QdM 9C0n1t+qRCrRF1VbsiTgChjazgNGbvl12bOAujX0up4hqw+7PaCcI3Mpyv/rKKKrRG52iCcv cMHX344tOqKM/DIdF/0WNpkwggYQMIID+KADAgECAhBNlCwQ1DvglAnFgS06KwZPMA0GCSqG SIb3DQEBDAUAMIGIMQswCQYDVQQGEwJVUzETMBEGA1UECBMKTmV3IEplcnNleTEUMBIGA1UE BxMLSmVyc2V5IENpdHkxHjAcBgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29yazEuMCwGA1UE AxMlVVNFUlRydXN0IFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0xODExMDIwMDAw MDBaFw0zMDEyMzEyMzU5NTlaMIGWMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBN YW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRgwFgYDVQQKEw9TZWN0aWdvIExpbWl0ZWQx PjA8BgNVBAMTNVNlY3RpZ28gUlNBIENsaWVudCBBdXRoZW50aWNhdGlvbiBhbmQgU2VjdXJl IEVtYWlsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjztlApB/975Rrno 1jvm2pK/KxBOqhq8gr2+JhwpKirSzZxQgT9tlC7zl6hn1fXjSo5MqXUfItMltrMaXqcESJuK 8dtK56NCSrq4iDKaKq9NxOXFmqXX2zN8HHGjQ2b2Xv0v1L5Nk1MQPKA19xeWQcpGEGFUUd0k N+oHox+L9aV1rjfNiCj3bJk6kJaOPabPi2503nn/ITX5e8WfPnGw4VuZ79Khj1YBrf24k5Ee 1sLTHsLtpiK9OjG4iQRBdq6Z/TlVx/hGAez5h36bBJMxqdHLpdwIUkTqT8se3ed0PewDch/8 kHPo5fZl5u1B0ecpq/sDN/5sCG52Ds+QU5O5EwIDAQABo4IBZDCCAWAwHwYDVR0jBBgwFoAU U3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFAnA8vwL2pTbX/4r36iZQs/J4K0AMA4G A1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMC BggrBgEFBQcDBDARBgNVHSAECjAIMAYGBFUdIAAwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDov L2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUNlcnRpZmljYXRpb25BdXRob3JpdHku Y3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3Qu Y29tL1VTRVJUcnVzdFJTQUFkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2Nz cC51c2VydHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQBBRHUAqznCFfXejpVtMnFojADd F9d6HBA4kMjjsb0XMZHztuOCtKF+xswhh2GqkW5JQrM8zVlU+A2VP72Ky2nlRA1GwmIPgou7 4TZ/XTarHG8zdMSgaDrkVYzz1g3nIVO9IHk96VwsacIvBF8JfqIs+8aWH2PfSUrNxP6Ys7U0 sZYx4rXD6+cqFq/ZW5BUfClN/rhk2ddQXyn7kkmka2RQb9d90nmNHdgKrwfQ49mQ2hWQNDkJ JIXwKjYA6VUR/fZUFeCUisdDe/0ABLTI+jheXUV1eoYV7lNwNBKpeHdNuO6Aacb533JlfeUH xvBz9OfYWUiXu09sMAviM11Q0DuMZ5760CdO2VnpsXP4KxaYIhvqPqUMWqRdWyn7crItNkZe roXaecG03i3mM7dkiPaCkgocBg0EBYsbZDZ8bsG3a08LwEsL1Ygz3SBsyECa0waq4hOf/Z85 F2w2ZpXfP+w8q4ifwO90SGZZV+HR/Jh6rEaVPDRF/CEGVqR1hiuQOZ1YL5ezMTX0ZSLwrymU E0pwi/KDaiYB15uswgeIAcA6JzPFf9pLkAFFWs1QNyN++niFhsM47qodx/PL+5jR87myx5uY dBEQkkDc+lKB1Wct6ucXqm2EmsaQ0M95QjTmy+rDWjkDYdw3Ms6mSWE3Bn7i5ZgtwCLXgAIe 5W8mybM2JzGCBDIwggQuAgEBMIGrMIGWMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRl ciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRgwFgYDVQQKEw9TZWN0aWdvIExpbWl0 ZWQxPjA8BgNVBAMTNVNlY3RpZ28gUlNBIENsaWVudCBBdXRoZW50aWNhdGlvbiBhbmQgU2Vj dXJlIEVtYWlsIENBAhBs/e7jES6a32XKZxs4R01iMA0GCWCGSAFlAwQCAQUAoIICVzAYBgkq hkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0yMDEyMDQwNzI5NDVaMC8G CSqGSIb3DQEJBDEiBCCdcfMfT9BjLcfJoHd6qiqPrevIfC9zMBw3x/xXgnUQADBsBgkqhkiG 9w0BCQ8xXzBdMAsGCWCGSAFlAwQBKjALBglghkgBZQMEAQIwCgYIKoZIhvcNAwcwDgYIKoZI hvcNAwICAgCAMA0GCCqGSIb3DQMCAgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMIG8Bgkr BgEEAYI3EAQxga4wgaswgZYxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNo ZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE+MDwG A1UEAxM1U2VjdGlnbyBSU0EgQ2xpZW50IEF1dGhlbnRpY2F0aW9uIGFuZCBTZWN1cmUgRW1h aWwgQ0ECEGz97uMRLprfZcpnGzhHTWIwgb4GCyqGSIb3DQEJEAILMYGuoIGrMIGWMQswCQYD VQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3Jk MRgwFgYDVQQKEw9TZWN0aWdvIExpbWl0ZWQxPjA8BgNVBAMTNVNlY3RpZ28gUlNBIENsaWVu dCBBdXRoZW50aWNhdGlvbiBhbmQgU2VjdXJlIEVtYWlsIENBAhBs/e7jES6a32XKZxs4R01i MA0GCSqGSIb3DQEBAQUABIIBAFGKQBqegThDvSbTGtrhAbGstIMskLHucQRFV1xYZseYWmZb tgST/bEeuwRm0M0E91OQzpu0EMqtYgivTK+vjc++QzSMw0Wes3Qa+UNRKxiX59UkE4jzHqfL 6GAW8kEfegQIS3LW85NPGDJ2mI6MFCfxXvAonIY53jKeUlfx8bF683GRi3a3mgcw2ANB1E3K la2O6S2zS21AGSfC2/TviTtuBYTKCPuivHQ/KQkT2AKzqITS/VYciSfonyGfHVY6qt5yUgo/ GCyw6qdyPKtJxbKVOpZRQRcj8JdpruWkSx203OYJ/OxpKCBVymQatUhiwTgl5K+L7YC9KBI8 /zTcpBgAAAAAAAA= --------------ms030700080203090701030804-- From nobody Fri Dec 4 00:13:53 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A8F993A15AB for ; Fri, 4 Dec 2020 00:13:50 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.098 X-Spam-Level: X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=forgerock.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IAUqNhJ311xm for ; Fri, 4 Dec 2020 00:13:48 -0800 (PST) Received: from mail-ej1-x62d.google.com (mail-ej1-x62d.google.com [IPv6:2a00:1450:4864:20::62d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AD9F43A15A8 for ; Fri, 4 Dec 2020 00:13:47 -0800 (PST) Received: by mail-ej1-x62d.google.com with SMTP id x16so7393147ejj.7 for ; Fri, 04 Dec 2020 00:13:47 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=forgerock.com; s=google; h=from:mime-version:subject:date:message-id:references:cc:in-reply-to :to:content-transfer-encoding; bh=mEWLEL+/BwyAgRxzAInVy1GKdzISJDSjakaCoaeDeG4=; b=NhjSX8O+qh5HqZSpY5CGAVLsfwPMB5FnXOqCdqj7LsVQl9gBVyUdl7Ut0IP+SooY/J ClOMYnBDSrfwmMzu9mcH3oro/Y0AO7l5wSikAbRp+s1xTzoHw0MelWE0cYwBTVpjOhf5 S5BbwtbJCwypFUqGQeowhVuyzc5diazpF/PTA= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:mime-version:subject:date:message-id :references:cc:in-reply-to:to:content-transfer-encoding; bh=mEWLEL+/BwyAgRxzAInVy1GKdzISJDSjakaCoaeDeG4=; b=tc2hM09Ig7oa5ugPqh4zza3iRcvBp12F2bvVv35MGWNhhljTMrIpUAaSoV4aXSRSEF GFUtSxppaeIXUC3QIfMuWtGqjcxWjzjnzS5M69SeWnuDctUsF+uJW4O4yURi3tbpDug2 TQDqJx5ydhsb3UDbbGfQieGLBobDqOMegMuSmzKXSOa3+L8J79GGjwBIqIA39ao3tod+ pFmc2xJmLk9wXN0yQm3pbINLE3JjigZb7S/cJamwMNTncEU/r/ortQQLGTE9TkocBSKx tYKsbPoDrDq6JPD32y7WsXIDeriyS2BTGoc9vu1odFVYIgxIf1jMYCNFjefSACkCkByz MOBg== X-Gm-Message-State: AOAM533DPECtdJBsfksxtFeOU+98IHiKQFu6CibTdsTf6b9tFcPRwIZv 1XRaKpruxFDsEzKbW5WWUhV6NjjZ2e/HCSynBAljXuujcq4OlChUqxzeNZ3pDA9mgbAi+7FsYX0 dzs8o6vdnRBp9PXdCmPpS+APAwftPTBAkfDn/oDpeAbKmbduoBx6xjA4oF+o6z/O1xg== X-Google-Smtp-Source: ABdhPJxyP5v8yJALYfZGl+pTKDPkQL2Bv9Hlc1vO5Isypi34U8z0Ef31OYKPs6RlNvs3KUMtKwKN7w== X-Received: by 2002:a17:907:20cc:: with SMTP id qq12mr6355860ejb.316.1607069625612; Fri, 04 Dec 2020 00:13:45 -0800 (PST) Received: from [10.0.0.17] ([213.31.218.193]) by smtp.gmail.com with ESMTPSA id d9sm2827252edk.86.2020.12.04.00.13.44 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 04 Dec 2020 00:13:45 -0800 (PST) From: Neil Madden Mime-Version: 1.0 (1.0) Date: Fri, 4 Dec 2020 08:13:44 +0000 Message-Id: <23A0EC1E-B161-4CDC-B3F5-1EA670458785@forgerock.com> References: Cc: oauth In-Reply-To: To: Brian Campbell X-Mailer: iPhone Mail (18B92) Content-Type: multipart/alternative; boundary=Apple-Mail-7FAB66F1-8E6D-4CF1-BA92-E11274F03126 Content-Transfer-Encoding: 7bit Archived-At: Subject: Re: [OAUTH-WG] PAR error for redirect URI? X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Dec 2020 08:13:51 -0000 --Apple-Mail-7FAB66F1-8E6D-4CF1-BA92-E11274F03126 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Making it a specific error code rather than just an error message suggests = that the client can do something with that information. That doesn=E2=80=99= t seem likely to me. It=E2=80=99s most likely caused by a misconfiguration = that somebody needs to manually sort out rather than something that can be = automatically corrected, so I don=E2=80=99t see a reason for this to get it= s own error code.=20 =E2=80=94 Neil > On 2 Dec 2020, at 23:28, Brian Campbell wrote: >=20 > =EF=BB=BF > During the course of a recent OIDF FAPI WG discussion (the FAPI profiles = use PAR for authz requests) on this issue it was noted that there's no spec= ific error code for problems with the redirect_uri (the example in https://= www.ietf.org/archive/id/draft-ietf-oauth-par-04.html#section-2.3 even shows= a general error code with mention of the redirect_uri not being valid in t= he error description). Some folks on that call thought it would be worthwhi= le to have a more specific error code for an invalid redirect_uri and I rel= uctantly took an action item to raise the issue here. At the time I'd forgo= tten that PAR had already passed WGLC. But it's been sitting idle while awa= iting the shepherd writeup since mid September so it's maybe realistic to t= hink the window for a small change is still open. >=20 > Presumably nothing like an "invalid_redirect_uri" error code was defined = in RFC 6749 because that class of errors could not be returned to the clien= t via redirection. But the data flow in PAR would allow for a "invalid_redi= rect_uri" so it's not an unreasonable thing to do.=20 >=20 > As I write this message, however, I'm not personally convinced that it's = worth making a change to PAR at this point. But I did say I'd bring the que= stion up in the WG list and I'm just trying to be true to my word. So here = it is. Please weigh in, if you have opinions on the matter.=20 >=20 >=20 >=20 > CONFIDENTIALITY NOTICE: This email may contain confidential and privilege= d material for the sole use of the intended recipient(s). Any review, use, = distribution or disclosure by others is strictly prohibited. If you have r= eceived this communication in error, please notify the sender immediately b= y e-mail and delete the message and any file attachments from your computer= . Thank you._______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth --=20 ForgeRock values your Privacy --Apple-Mail-7FAB66F1-8E6D-4CF1-BA92-E11274F03126 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
    Making it a specific e= rror code rather than just an error message suggests that the client can do= something with that information. That doesn=E2=80=99t seem likely to me. I= t=E2=80=99s most likely caused by a misconfiguration that somebody needs to= manually sort out rather than something that can be automatically correcte= d, so I don=E2=80=99t see a reason for this to get its own error code. = ;

    =E2=80=94 Neil

    On 2 Dec 2020, at 23:28, Brian C= ampbell <bcampbell=3D40pingidentity.com@dmarc.ietf.org> wrote:
    =EF=BB=BF
    During the course of a recent OIDF FAPI WG discussion (= the FAPI profiles use PAR for authz requests) on this issue it was noted that there's no specific error = code for problems with the redirect_uri (the example in https://www.ietf.org/archive/id/draft-ietf-oauth-par-04.html#secti= on-2.3 even shows a general error code with mention of the redirect_uri= not being valid in the error description). Some folks on that call thought= it would be worthwhile to have a more specific error code for an invalid r= edirect_uri and I reluctantly took an action item to raise the issue here. = At the time I'd forgotten that PAR had already passed WGLC. But it's been s= itting idle while awaiting the shepherd writeup since mid September so it's= maybe realistic to think the window for a small change is still open.
    <= /div>

    Presumably nothing like an "invalid_redirect_uri" = error code was defined in RFC 6749 because that class of errors could not b= e returned to the client via redirection. But the data flow in PAR would al= low for a "invalid_redirect_uri" so it's not an unreasonable thing to do. <= br>

    As I write this message, however, I'm not pers= onally convinced that it's worth making a change to PAR at this point. But = I did say I'd bring the question up in the WG list and I'm just trying to b= e true to my word. So here it is. Please weigh in, if you have opinions on = the matter.



    <= span style=3D"margin:0px;padding:0px;border:0px;outline:0px;vertical-align:= baseline;background:transparent;font-family:proxima-nova-zendesk,system-ui,= -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ub= untu,Cantarell,"Helvetica Neue",Arial,sans-serif;font-weight:600"= >CONFIDENTIALITY NOTICE: This email may contain confidenti= al and privileged material for the sole use of the intended recipient(s). A= ny review, use, distribution or disclosure by others is strictly prohibited= .  If you have received this communication in error, please notify the= sender immediately by e-mail and delete the message and any file attachmen= ts from your computer. Thank you.__________________= _____________________________
    OAuth mailing list
    = OAuth@ietf.org
    https://www.ietf.org/mailman/listinfo/= oauth

    ForgeRock values your Privacy --Apple-Mail-7FAB66F1-8E6D-4CF1-BA92-E11274F03126-- From nobody Fri Dec 4 01:22:41 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7D7093A0B6D for ; Fri, 4 Dec 2020 01:22:40 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.119 X-Spam-Level: X-Spam-Status: No, score=-2.119 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=pragmaticwebsecurity.com header.b=bsc6JBye; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=Ap8YyULP Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ylWs-BbTsCC4 for ; Fri, 4 Dec 2020 01:22:36 -0800 (PST) Received: from wout3-smtp.messagingengine.com (wout3-smtp.messagingengine.com [64.147.123.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3385D3A09B5 for ; Fri, 4 Dec 2020 01:22:36 -0800 (PST) Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.west.internal (Postfix) with ESMTP id 093D8B27; Fri, 4 Dec 2020 04:22:34 -0500 (EST) Received: from mailfrontend1 ([10.202.2.162]) by compute3.internal (MEProxy); Fri, 04 Dec 2020 04:22:35 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= pragmaticwebsecurity.com; h=from:message-id:content-type :mime-version:subject:date:in-reply-to:cc:to:references; s=fm2; bh=Xta/mWOoAvbv2wTS/p7ZSUP6GhspU+YZPczXkv2g0Ks=; b=bsc6JByeTS+1 SCW7U0ENawl6yZk5X9hRiZIse1XivhBs//9AXBNGK+QsmKFwrjM03MGtnR0Jb3by 17gauKasxSssQpDXH42VAgCSJ3zfgdujskvkK11T56odSxR8B9BnxUSG7Vx/4AR4 5vd9xxsiJrgwBBRZzeg+5SjjYfuyPvM9PM4+QBTcUNW9+/42Qo52J9PQE3aPiYLC PC4ivYGdfM3Pt0pMJwfzcoE1Gd7QdLnDW++UdAP14Ac8YUmNkISeIylduQtokvMg Gm+kcfcPYuiyohYpeG6L3BfwImEtFHY7HRTfuuHm+s8/DhB+Nwpt7reIuZnEpbHg TBRqYmJ3Iw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=Xta/mW OoAvbv2wTS/p7ZSUP6GhspU+YZPczXkv2g0Ks=; b=Ap8YyULP4zgPm9pRtleBJo +btDnYtAOAMx6LlYb/hbtji8I/JjCPJJReKIcs5CYn3ybxfHgE5YugqTDAxwgPzf Uh/Quz8SOLXKhZQiBWcM5sawD93IXypRJG/9+P4roQ7OQXMQCEcsp4Xf2KjNFxdm pi4u/L5c+M12lE7dkMMDxhaB3zcJBxi1f/53Z5s+heGkzxWcdFPQehJ0Kkbs9eU1 uEGYhRLbPP07q4/7iXy1OdHqibrxruVyuiaLqfGM8ccRCU8tSA9daj4HxmNZHgTC f4R23MrKJrFMHvnKjeyYadhq8Q2QRTTR/FVsZpUrxnSP0GUnB/tkPIHEEOffRR+Q == X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedujedrudeikedgtddvucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefhkfgtggfuffgjvfhfofesrgdtmh erhhdtjeenucfhrhhomheprfhhihhlihhpphgvucffvgcutfihtghkuceophhhihhlihhp phgvsehprhgrghhmrghtihgtfigvsghsvggtuhhrihhthidrtghomheqnecuggftrfgrth htvghrnhepieevfefhgedvudetieeffedvleeijeehvefhteduledthefffffgtefhkeet ueeinecuffhomhgrihhnpegurghnihgvlhhfvghtthdruggvpdhprhgrghhmrghtihgtfi gvsghsvggtuhhrihhthidrtghomhdpohhpvghnihgurdhnvghtpdgsihhtsghutghkvght rdhorhhgpdhivghtfhdrohhrghdpghhoohhglhgvrdgtohhmnecukfhppeekuddrudeige druddvledrleehnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhf rhhomhepphhhihhlihhpphgvsehprhgrghhmrghtihgtfigvsghsvggtuhhrihhthidrtg homh X-ME-Proxy: Received: from [192.168.1.47] (d51a4815f.access.telenet.be [81.164.129.95]) by mail.messagingengine.com (Postfix) with ESMTPA id 7BEFC24005A; Fri, 4 Dec 2020 04:22:33 -0500 (EST) From: Philippe De Ryck Message-Id: Content-Type: multipart/alternative; boundary="Apple-Mail=_A12DDCD6-4B0C-4FB5-B013-D015F7C69B2D" Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.4\)) Date: Fri, 4 Dec 2020 10:22:31 +0100 In-Reply-To: <353E4494-2F80-44BC-9267-6FB8B37AA0FE@lodderstedt.net> Cc: Filip Skokan , Brian Campbell , oauth To: Torsten Lodderstedt References: <30D5F7BA-EA54-4E40-A2FC-222AA0C9AF8D@lodderstedt.net> <353E4494-2F80-44BC-9267-6FB8B37AA0FE@lodderstedt.net> X-Mailer: Apple Mail (2.3608.120.23.2.4) Archived-At: Subject: Re: [OAUTH-WG] DPoP followup I: freshness and coverage of signature X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Dec 2020 09:22:41 -0000 --Apple-Mail=_A12DDCD6-4B0C-4FB5-B013-D015F7C69B2D Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 Hi all, This is a very useful discussion, and there are some merits to using = DPoP in this way. However, the attacker's capabilities are stronger than = often assumed, so it may not matter in the end. I've been wanting to = write this out for a while now, so I've added a couple of scenarios = below. Note that I just came up with the scenario names on the fly, so = these may not be the best ones for future use ... (This got a lot longer than I expected, so here's a TOC) - Attack assumption - Scenario 1: offline XSS against existing tokens - Scenario 2: passive online XSS against existing tokens - Scenario 3: active online XSS against existing tokens - Scenario 4 (!): obtaining fresh tokens - Mitigation: DPoP in a Web Worker - Conclusion (TL;DR) I hope this all makes sense! Philippe Assumption The attacker has the ability to execute JS code in the application's = context (e.g., through XSS, a malicious ad, ...). For simplicity, I'll = just refer to the attack as "XSS". Scenario 1: offline XSS against existing tokens In this scenario, the malicious code executes and immediately performs a = malicious action. The attacker is not necessarily present or actively = participating in the attack (i.e., abuse of stolen tokens is done at a = later time).=20 A common example would be stealing tokens from localStorage and sending = them to an attacker-controlled server for later abuse. Existing = mitigations include short AT lifetimes and RT rotation. The attacker could determine that DPoP is being used, and also extract = precomputed proofs for any of these tokens. The use of DPoP makes token = abuse a bit harder (large window =3D lots of proofs), but does not = really strengthen the defense beyond existing mitigations (Short AT = lifetimes and RT rotation).=20 Scenario 2: passive online XSS against existing tokens In this scenario, the malicious code executes and sets up a long-term = attack. The attacker (i.e., a malicious application running on a server) = is passive until certain criteria are met.=20 An attack could be to manipulate the JS execution context, so that the = attacker can detect new tokens being obtained by the client. (e.g., by = overriding a listener or changing core function prototypes). Each time = new tokens are issued (AT + RT), the attacker sends them to the = malicious server. The moment the attacker detects that the user closes = the application, the malicious server continues the RT rotation chain. = Since the application is no longer active, the AS will not detect this. = The attacker now has access for as long as the RT chain can be kept = alive. When DPoP is used, the attacker will need proofs to present to the AS = when running a refresh token flow. If the proofs are independent of the = RT being used, these can be precomputed. When the RT is part of the = proof, as per Filip's suggestion, the attacker can only run a RT flow = once (with the stolen RT + proof). This attack scenario is fairly well = mitigated when DPoP proofs include the RT (hash). Scenario 3: active online XSS against existing tokens In this scenario, the malicious code executes and sets up a long-term = attack. The attacker is actively controlling the behavior of the = malicious code.=20 The attack vectors are the same as scenario 2. Once in control, the = attacker can use the same mechanism as the application does to send = requests to any endpoint. There is no need to obtain an RT (which may = not even be possible), since the attacker can just abuse the AT = directly. When DPoP is used, little changes here. The attacker can use the = application's DPoP mechanism to obtain legitimate proofs. DPoP does = nothing to mitigate this type of attack (as already stated in Daniel's = threat model: https://danielfett.de/2020/05/04/dpop-attacker-model/). Scenario 4: obtaining fresh tokens In this scenario, the malicious code executes and immediately launches = the attack. In this attack, the malicious code loads a hidden iframe in = the application's DOM. In that iframe, the attacker starts a silent flow = with AS to obtain an authorization code (AC). If the user has an active = session, this will succeed (existing cookie + all origins match). The = attacker extracts this AC and exchanges it for tokens with the AS.=20 At this point, the attacker has a fresh set of tokens that grant access = to resources in the name of the user. Short AT lifetimes and RT rotation = are useless, since the attacker is in full control of the tokens. Using DPoP in this scenario does not help at all. The attacker can use = their own private key to generate the necesary DPoP proofs, starting = with the code exchange. One solution is to turn off silent flows for SPAs, since they have = become quite unreliable with third-party cookie blocking restrictions. Mitigation: DPoP in a Web Worker Isolating sensitive features from malicious JS is virtually impossible = when the application's legitimate JS code needs access to them. One = solution that can work is the use of a Web Worker. Concretely, the DPoP = private key is kept in a worker, isolated from the main application. All = requests that require a DPoP proof are tunneled through the worker, = which adds the required proof.=20 In this setup, the worker can also handle RTs, since they will require a = proof. This strategy is already implemented by some libraries (e.g., = Auth0's JS library). When ATs are also sender-constrained with DPoP, = they can also be kept in the worker instead of in the application. This implementation strategy has the following impact on the scenarios = discussed above. - Scenario 1 (offline XSS): mitigated, since there is nothing to steal = from the application - Scenario 2 (passive online XSS): mitigated, since there are no tokens = to steal - Scenario 3 (active online XSS): impacted, but not mitigated. The = attacker can no longer send requests directly, and is forced to go = through the worker. The worker can enforce restrictions on requests it = sends (e.g., rate limiting, only allowing certain types of requests or = certain endpoints, ...) - Scenario 4 (obtaining fresh tokens): no effect --> this is a big = problem! Conclusion Even with current best practices and DPoP in place, an attacker can = still send requests through the application, or obtain an entirely fresh = set of tokens with a hidden silent flow. The former scenario can be = somewhat reduced, but the latter cannot be mitigated.=20 In a nutshell: XSS =3D Game over =E2=80=94 Pragmatic Web Security Security for developers https://pragmaticwebsecurity.com/ > On 3 Dec 2020, at 13:55, Torsten Lodderstedt = wrote: >=20 > I understand. Thanks!=20 >=20 > I think RT rotation + RT hash in the proof would also stop the attack. = =20 >=20 >> Am 03.12.2020 um 13:19 schrieb Filip Skokan : >>=20 >> I'm failing to understand why binding the proof to the access token = ensures freshness of the proof. >>=20 >> Because when access tokens issued to public browser based clients = have a short duration you need continued access to the private key to = issue new proofs. When I exfiltrate the RT and pre-generate tons of = proofs while the user is active on the page through XSS I can then use = the RT and my prepared proofs to talk to the AS to keep on refreshing = the AT and use it against the RS. When the value of the token is part of = the proof, i cannot pre-generate them for future issued access tokens. = Short `iat` based windows don't help here. >>=20 >> S pozdravem, >> Filip Skokan >>=20 >>=20 >> On Thu, 3 Dec 2020 at 12:59, Torsten Lodderstedt = wrote: >> Hi,=20 >>=20 >> I'm failing to understand why binding the proof to the access token = ensures freshness of the proof. I would rather think if the client is = forced to create proofs with a reasonable short lifetime, chances for = replay could be reduced.=20 >>=20 >> Beside that as far as I remember the primary replay counter measure = is the inclusion of the endpoint URL and HTTP method in the proof, since = it reduces the attack surface to a particular URL. So in the context of = freshness, we are talking about using the same proof with the same URL = again.=20 >>=20 >> best regards, >> Torsten.=20 >>=20 >>> Am 03.12.2020 um 10:20 schrieb Filip Skokan : >>>=20 >>> Hi Brian, everyone, >>>=20 >>> While the attack vector allows direct use, there is the option where = a smarter attacker will not abuse the gained artifacts straight away. = Think public client browser scenario with the non-extractable private = key stored in IndexedDB (the only place to persist them really), they = wouldn't use the tokens but instead, exfiltrate them, together with a = bunch of pre-generated DPoP proofs. They'll get the refresh token and a = bunch of DPoP proofs for both the RS and AS. With those they'll be able = to get a fresh AT and use it with pre-generated Proofs after the = end-user leaves the site. No available protection (e.g. RT already = rotated) will be able to kick in until the end-user opens the page = again. >>>=20 >>> OTOH with a hash of the AT in the Proof only direct use remains. >>>=20 >>> If what I describe above is something we don't want to deal with = because of direct use already allowing access to protected resources, = it's sufficiently okay as is (option #1). However, if this scenario, one = allowing prolonged access to protected resources, is not acceptable, = it's option #2. >>>=20 >>> Ad #2a vs #2b vs #2c. My pre-emptive answer is #2a, simply because = we already have the tools needed to generate and validate these hashes. = But further thinking about it, it would feel awkward if this JWS = algorithm driven at_hash digest selection wouldn't get stretched to the = confirmations, when this are placed in a JWT access token, cool - we can = do that, but when these are put in a basic token introspection response = it's unfortunately not an option. So, #2b (just use sha-256 just like = the confirmations do). >>>=20 >>> Best, >>> Filip >>>=20 >>>=20 >>> On Wed, 2 Dec 2020 at 21:50, Brian Campbell = wrote: >>> There were a few items discussed somewhat during the recent interim = that I committed to bringing back to the list. The slide below (also = available as slide #17 from the interim presentation) is the first one = of them, which is difficult to summarize but kinda boils down to how = much assurance there is that the DPoP proof was 'freshly' created and = that can dovetail into the question of whether the token is covered by = the signature of the proof.=20 >>> There are many directions a "resolution" here could go but my sense = of the room during the meeting was that the contending options were: >>> =E2=80=A2 It's sufficiently okay as it is >>> =E2=80=A2 Include a hash of the access token in the DPoP proof = (when an access token is present) >>>=20 >>> Going with #2 would mean the draft would also have to define how the = hashing is done and deal with or at least speak to algorithm agility. = Options (that I can think of) include: >>> =E2=80=A2 2a) Use the at_hash claim defined in OIDC core = https://openid.net/specs/openid-connect-core-1_0.html#CodeIDToken. Using = something that already exists is appealing. But its hash alg selection = routine can be a bit of a pain. And the algorithm agility based on the = signature that it's supposed to provide hasn't worked out as well as = hoped in practice for "new" JWS signatures = https://bitbucket.org/openid/connect/issues/1125/_hash-algorithm-for-eddsa= -id-tokens >>> =E2=80=A2 2b) Define a new claim ("ah", "ath", "atd", "ad" or = something like that maybe) and just use SHA-256. Explain why it's good = enough for now and the foreseeable future. Also include some text about = introducing a new claim in the future if/when SHA-256 proves to be = insufficient. Note that this is effectively the same as how the = confirmation claim value is currently defined in this document and in = RFC8705. >>> =E2=80=A2 2c) Define a new claim with its own hash algorithm = agility scheme (likely similar to how the Digest header value or = Subresource Integrity string is done). >>>=20 >>> I'm requesting that interested WG participants indicate their = preference for #1 or #2. And among a, b, and c, if the latter.=20 >>>=20 >>> I also acknowledge that an ECDH approach could/would ameliorate the = issues in a fundamentally different way. But that would be a distinct = protocol. If there's interest in pursuing the ECDH idea, I'm certainly = open to it and even willing to work on it. But as a separate effort and = not at the expense of derailing DPoP in its general current form.=20 >>> >>>=20 >>>=20 >>> CONFIDENTIALITY NOTICE: This email may contain confidential and = privileged material for the sole use of the intended recipient(s). Any = review, use, distribution or disclosure by others is strictly = prohibited. If you have received this communication in error, please = notify the sender immediately by e-mail and delete the message and any = file attachments from your computer. Thank = you._______________________________________________ >>> OAuth mailing list >>> OAuth@ietf.org >>> https://www.ietf.org/mailman/listinfo/oauth >>> _______________________________________________ >>> OAuth mailing list >>> OAuth@ietf.org >>> = https://www.google.com/url?q=3Dhttps://www.ietf.org/mailman/listinfo/oauth= &source=3Dgmail-imap&ust=3D1607592086000000&usg=3DAOvVaw3hGaihxAdyXVvzFnVT= pc6N >>=20 >=20 > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth --Apple-Mail=_A12DDCD6-4B0C-4FB5-B013-D015F7C69B2D Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8
    Hi all,

    This is a very useful discussion, and there are some merits = to using DPoP in this way. However, the attacker's capabilities are = stronger than often assumed, so it may not matter in the end. I've been = wanting to write this out for a while now, so I've added a couple of = scenarios below. Note that I just came up with the scenario names on the = fly, so these may not be the best ones for future use ...

    (This got a lot longer = than I expected, so here's a TOC)
    - Attack = assumption
    - Scenario 1: offline XSS against = existing tokens
    - Scenario 2: passive online XSS = against existing tokens
    - Scenario 3: active online = XSS against existing tokens
    - Scenario 4 (!): = obtaining fresh tokens
    - Mitigation: DPoP in a Web = Worker
    - Conclusion (TL;DR)

    I hope this all makes sense!

    Philippe




    Assumption

    The attacker has the = ability to execute JS code in the application's context (e.g., through = XSS, a malicious ad, ...). For simplicity, I'll just refer to the attack = as "XSS".



    Scenario 1: offline XSS against existing = tokens

    In this scenario, the malicious code executes and immediately = performs a malicious action. The attacker is not necessarily present or = actively participating in the attack (i.e., abuse of stolen tokens is = done at a later time). 

    A common example would be stealing = tokens from localStorage and sending them to an attacker-controlled = server for later abuse. Existing mitigations include short AT lifetimes = and RT rotation.

    The attacker could determine that DPoP is being used, and = also extract precomputed proofs for any of these tokens. The use of DPoP = makes token abuse a bit harder (large window =3D lots of proofs), but = does not really strengthen the defense beyond existing mitigations = (Short AT lifetimes and RT rotation). 



    Scenario 2: = passive online XSS against existing tokens

    In this scenario, the = malicious code executes and sets up a long-term attack. The attacker = (i.e., a malicious application running on a server) is passive until = certain criteria are met. 

    An attack could be to manipulate the JS = execution context, so that the attacker can detect new tokens being = obtained by the client. (e.g., by overriding a listener or changing core = function prototypes). Each time new tokens are issued (AT + RT), the = attacker sends them to the malicious server. The moment the attacker = detects that the user closes the application, the malicious server = continues the RT rotation chain. Since the application is no longer = active, the AS will not detect this. The attacker now has access for as = long as the RT chain can be kept alive.

    When DPoP is used, the attacker will = need proofs to present to the AS when running a refresh token flow. If = the proofs are independent of the RT being used, these can be = precomputed. When the RT is part of the proof, as per Filip's = suggestion, the attacker can only run a RT flow once (with the stolen RT = + proof). This attack scenario is fairly well mitigated when DPoP proofs = include the RT (hash).



    Scenario 3: active online XSS = against existing tokens

    In this scenario, the malicious code = executes and sets up a long-term attack. The attacker is actively = controlling the behavior of the malicious code. 

    The attack vectors are = the same as scenario 2. Once in control, the attacker can use the same = mechanism as the application does to send requests to any endpoint. = There is no need to obtain an RT (which may not even be possible), since = the attacker can just abuse the AT directly.

    When DPoP is used, little changes here. = The attacker can use the application's DPoP mechanism to obtain = legitimate proofs. DPoP does nothing to mitigate this type of attack (as = already stated in Daniel's threat model: https://danielfett.de/2020/05/04/dpop-attacker-model/).



    Scenario 4: obtaining fresh = tokens

    In this scenario, the malicious code executes and immediately = launches the attack. In this attack, the malicious code loads a hidden = iframe in the application's DOM. In that iframe, the attacker starts a = silent flow with AS to obtain an authorization code (AC). If the user = has an active session, this will succeed (existing cookie + all origins = match). The attacker extracts this AC and exchanges it for tokens with = the AS. 

    At= this point, the attacker has a fresh set of tokens that grant access to = resources in the name of the user. Short AT lifetimes and RT rotation = are useless, since the attacker is in full control of the = tokens.

    Using = DPoP in this scenario does not help at all. The attacker can use their = own private key to generate the necesary DPoP proofs, starting with the = code exchange.

    One solution is to turn off silent flows for SPAs, since they = have become quite unreliable with third-party cookie blocking = restrictions.



    Mitigation: DPoP in a Web = Worker

    Isolating sensitive features from malicious JS is virtually = impossible when the application's legitimate JS code needs access to = them. One solution that can work is the use of a Web Worker. Concretely, = the DPoP private key is kept in a worker, isolated from the main = application. All requests that require a DPoP proof are tunneled through = the worker, which adds the required proof. 

    In this setup, the worker can also = handle RTs, since they will require a proof. This strategy is already = implemented by some libraries (e.g., Auth0's JS library). When ATs are = also sender-constrained with DPoP, they can also be kept in the worker = instead of in the application.

    This implementation strategy has the = following impact on the scenarios discussed above.

    - Scenario 1 (offline XSS): mitigated, since there is = nothing to steal from the application
    - Scenario 2 (passive online XSS): = mitigated, since there are no tokens to steal
    - Scenario 3 (active online = XSS): impacted, but not mitigated. The attacker can no longer = send requests directly, and is forced to go through the worker. The = worker can enforce restrictions on requests it sends (e.g., rate = limiting, only allowing certain types of requests or certain endpoints, = ...)
    - Scenario 4 = (obtaining fresh tokens): no effect --> this is a big = problem!



    Conclusion

    Even with current best = practices and DPoP in place, an attacker can still send requests through = the application, or obtain an entirely fresh set of tokens with a hidden = silent flow. The former scenario can be somewhat reduced, but the latter = cannot be mitigated. 

    In a nutshell: XSS =3D Game over

    =E2=80=94
    Pragmatic Web = Security
    Security for developers
    https://pragmaticwebsecurity.com/


    On 3 Dec 2020, at 13:55, Torsten Lodderstedt <torsten=3D40lodderstedt.net@dmarc.ietf.org> = wrote:

    I understand. Thanks!

    I think = RT rotation + RT hash in the proof would also stop the attack.  

    Am = 03.12.2020 um 13:19 schrieb Filip Skokan <panva.ip@gmail.com>:

    I'm = failing to understand why binding the proof to the access token ensures = freshness of the proof.

    Because when access = tokens issued to public browser based clients have a short duration you = need continued access to the private key to issue new proofs. When I = exfiltrate the RT and pre-generate tons of proofs while the user is = active on the page through XSS I can then use the RT and my prepared = proofs to talk to the AS to keep on refreshing the AT and use it against = the RS. When the value of the token is part of the proof, i cannot = pre-generate them for future issued access tokens. Short `iat` based = windows don't help here.

    S pozdravem,
    Filip Skokan


    On = Thu, 3 Dec 2020 at 12:59, Torsten Lodderstedt <torsten@lodderstedt.net> wrote:
    Hi,

    I'm failing to understand why binding the = proof to the access token ensures freshness of the proof. I would rather = think if the client is forced to create proofs with a reasonable short = lifetime, chances for replay could be reduced.

    Beside that as far as I remember the primary replay counter = measure is the inclusion of the endpoint URL and HTTP method in the = proof, since it reduces the attack surface to a particular URL. So in = the context of freshness, we are talking about using the same proof with = the same URL again.

    best regards,
    Torsten.

    Am 03.12.2020 um 10:20 schrieb Filip Skokan = <panva.ip@gmail.com>:

    Hi = Brian, everyone,

    While the attack vector = allows direct use, there is the option where a smarter attacker will not = abuse the gained artifacts straight away. Think public client browser = scenario with the non-extractable private key stored in IndexedDB (the = only place to persist them really), they wouldn't use the tokens but = instead, exfiltrate them, together with a bunch of pre-generated DPoP = proofs. They'll get the refresh token and a bunch of DPoP proofs for = both the RS and AS. With those they'll be able to get a fresh AT and use = it with pre-generated Proofs after the end-user leaves the site. No = available protection (e.g. RT already rotated) will be able to kick in = until the end-user opens the page again.

    OTOH= with a hash of the AT in the Proof only direct use remains.

    If what I describe above is something we don't = want to deal with because of direct use already allowing access to = protected resources, it's sufficiently okay as is (option #1). However, = if this scenario, one allowing prolonged access to protected resources, = is not acceptable, it's option #2.

    Ad #2a = vs #2b vs #2c. My pre-emptive answer is #2a, simply because we already = have the tools needed to generate and validate these hashes. But further = thinking about it, it would feel awkward if this JWS algorithm driven = at_hash digest selection wouldn't get stretched to the confirmations, = when this are placed in a JWT access token, cool - we can do that, but = when these are put in a basic token introspection response it's = unfortunately not an option. So, #2b (just use sha-256 just like the = confirmations do).

    Best,
    Filip


    On Wed, 2 = Dec 2020 at 21:50, Brian Campbell <bcampbell=3D40pingidentity.com@dmarc.ietf.org> = wrote:
    There were a few items discussed somewhat during = the recent interim that I committed to bringing back to the list. The = slide below (also available as slide #17 from the interim presentation) = is the first one of them, which is difficult to summarize but kinda = boils down to how much assurance there is that the DPoP proof was = 'freshly' created and that can dovetail into the question of whether the = token is covered by the signature of the proof.
    There are = many directions a "resolution" here could go but my sense of the room = during the meeting was that the contending options were:
    =      =E2=80=A2  It's sufficiently okay as = it is
         =E2=80=A2 =  Include a hash of the access token in the DPoP proof (when an = access token is present)

    Going with #2 = would mean the draft would also have to define how the hashing is done = and deal with or at least speak to algorithm agility. Options (that I = can think of) include:
         =E2=80= =A2 2a) Use the at_hash claim defined in OIDC core https://openid.net/specs/openid-connect-core-1_0.html#CodeIDTok= en. Using something that already exists is appealing. But its hash = alg selection routine can be a bit of a pain. And the algorithm agility = based on the signature that it's supposed to provide hasn't worked out = as well as hoped in practice for "new" JWS signatures https://bitbucket.org/openid/connect/issues/1125/_hash-algorith= m-for-eddsa-id-tokens
    =      =E2=80=A2 2b) Define a new claim ("ah", = "ath", "atd", "ad" or something like that maybe) and just use SHA-256. = Explain why it's good enough for now and the foreseeable future. Also = include some text about introducing a new claim in the future if/when = SHA-256 proves to be insufficient. Note that this is effectively the = same as how the confirmation claim value is currently defined in this = document and in RFC8705.
    =      =E2=80=A2 2c) Define a new claim with its = own hash algorithm agility scheme (likely similar to how the Digest = header value or Subresource Integrity string is done).

    I'm requesting that interested WG participants indicate their = preference for #1 or #2. And among a, b, and c, if the latter.

    I also acknowledge that an ECDH approach = could/would ameliorate the issues in a fundamentally different way. But = that would be a distinct protocol. If there's interest in pursuing the = ECDH idea, I'm certainly open to it and even willing to work on it. But = as a separate effort and not at the expense of derailing DPoP in its = general current form.
    <Slide17.jpeg>


    CONFIDENTIALITY NOTICE: This = email may contain confidential and privileged material for the sole use = of the intended recipient(s). Any review, use, distribution or = disclosure by others is strictly prohibited.  If you have received = this communication in error, please notify the sender immediately by = e-mail and delete the message and any file attachments from your = computer. Thank you._______________________________________________
    OAuth mailing list
    OAuth@ietf.org
    https://www.ietf.org/mailman/listinfo/oauth
    _______________________________________________
    OAuth mailing list
    OAuth@ietf.org
    https://www.google.com/url?q=3Dhttps://www.ietf.org/mailman/lis= tinfo/oauth&source=3Dgmail-imap&ust=3D1607592086000000&usg=3DA= OvVaw3hGaihxAdyXVvzFnVTpc6N


    _______________________________________________
    OAuth mailing list
    OAuth@ietf.org
    https://www.ietf.org/mailman/listinfo/oauth

    = --Apple-Mail=_A12DDCD6-4B0C-4FB5-B013-D015F7C69B2D-- From nobody Fri Dec 4 03:36:32 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 236803A0B5B for ; Fri, 4 Dec 2020 03:36:31 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.098 X-Spam-Level: X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=forgerock.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VatPzee7wMsH for ; Fri, 4 Dec 2020 03:36:26 -0800 (PST) Received: from mail-ej1-x636.google.com (mail-ej1-x636.google.com [IPv6:2a00:1450:4864:20::636]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 07FFA3A0B5A for ; Fri, 4 Dec 2020 03:36:25 -0800 (PST) Received: by mail-ej1-x636.google.com with SMTP id a16so8228454ejj.5 for ; Fri, 04 Dec 2020 03:36:25 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=forgerock.com; s=google; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=qx2qaqHC5hVA/PCNftib9m8saXslxOfs/js3F+UMXMY=; b=eNI3Fzb1gbhaPSQ5uPdt4JbELj8hSxLxL5yO6/CBfyIcUQfN/e2wcbqEY3SKJAlaDJ U49oNFkrc5MDyzEdnzXUwX8PphPrB9T1/U3MNVZaVzRSm4sbCK6Mrc1SO1Sd31Gaeavr HfL0vsKbZAb4eYqivUmBCLfWn207AM3NU1NZs= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=qx2qaqHC5hVA/PCNftib9m8saXslxOfs/js3F+UMXMY=; b=oLVKYlLjJzZsc1YxgQ3cYfsayvxTU+Y939PbOKAaXHSY1MNsTQEVtWkGLWdYr9gfHY d+wmaoZZ5o1ineI+RTdcAlvp7Uyc8DNabzQGv81bUFhGQJ3rU2nJfkiXqHN7BuojHHKt sArH1yBpDbED2vR9Ujd/07FZ114dwif6dMLUb0k95jG3fPdAhfzLRkAS1h2Qb0jF6nxg jSFUj2JwvAUtHptu8IWOQNTzH6NidZI7M4EWi6x0avzpC+M1rIUZhgknoYWiHIxqMZTN QmoNryZSKkIDeh3RM1p5sYRSBbzHfdPSwkuy3tj/uJsCj0sdLYiKTxuvSu3ynQz+DPbP xa7Q== X-Gm-Message-State: AOAM530hj5V3j06A5zVpww+SVn57SA1Idz7+geGFNCbJIJW1KMiPdaS6 I00ySwnHrOVdb5oCW445rbZdSD6B81KdF9EDU7s+PG2qOefN4WeTZO4Xljbs5ii6CWP9S2I8zw= = X-Google-Smtp-Source: ABdhPJz/hHLzvuFU6adZtVqXgVf/xHqxCWeKuLKsNyDV/bG4dcvIv6pTVP6EYb1bM4oFI2h54xX8vw== X-Received: by 2002:a17:907:2116:: with SMTP id qn22mr6661393ejb.483.1607081783590; Fri, 04 Dec 2020 03:36:23 -0800 (PST) Received: from [10.0.0.4] ([213.31.218.193]) by smtp.gmail.com with ESMTPSA id z22sm2854079eji.91.2020.12.04.03.36.22 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 04 Dec 2020 03:36:23 -0800 (PST) From: Neil Madden Message-Id: <1B663AA7-563D-4D25-A408-9ED10FD818AC@forgerock.com> Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.1\)) Date: Fri, 4 Dec 2020 11:36:21 +0000 In-Reply-To: Cc: Torsten Lodderstedt , Brian Campbell , oauth To: Philippe De Ryck References: <30D5F7BA-EA54-4E40-A2FC-222AA0C9AF8D@lodderstedt.net> <353E4494-2F80-44BC-9267-6FB8B37AA0FE@lodderstedt.net> X-Mailer: Apple Mail (2.3608.120.23.2.1) Content-Type: multipart/alternative; boundary="Apple-Mail=_8FE5FE27-6FC6-4DD6-9F79-725FD0CEFA8D" Archived-At: Subject: Re: [OAUTH-WG] DPoP followup I: freshness and coverage of signature X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Dec 2020 11:36:31 -0000 --Apple-Mail=_8FE5FE27-6FC6-4DD6-9F79-725FD0CEFA8D Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="UTF-8" Thanks Philippe, this is a good analysis. The suggestion to use a web worker to ensure that proofs cannot be pre-comp= uted is a good one I think. (You could also use a sandboxed iframe for a se= parate sub/sibling-domain - dpop.example.com ). For scenario 4, I think this only works if the attacker can trick/spoof the= AS into using their redirect_uri? Otherwise the AC will go to the legitima= te app which will reject it due to mismatched state/PKCE. Or are you thinki= ng of XSS on the redirect_uri itself? I think probably a good practice is t= hat the target of a redirect_uri should be a very minimal and locked down p= age to avoid this kind of possibility. (Again, using a separate sub-domain = to handle tokens and DPoP seems like a good idea). IMO, the online attack scenario (i.e., proxying malicious requests through = the victim=E2=80=99s browser) is quite appealing to an attacker, despite th= e apparent inconvenience: - the victim=E2=80=99s browser may be inside a corporate firewall or VPN, = allowing the attacker to effectively bypass these restrictions - the attacker=E2=80=99s traffic is mixed in with the user=E2=80=99s own r= equests, making them harder to distinguish or to block Overall, DPoP can only protect against XSS to the same level as HttpOnly co= okies. This is not nothing, but it means it only prevents relatively naive = attacks. Given the association of public key signatures with strong authent= ication, people may have overinflated expectations if DPoP is pitched as an= XSS defence. =E2=80=94 Neil > On 4 Dec 2020, at 09:22, Philippe De Ryck wrote: >=20 > Hi all, >=20 > This is a very useful discussion, and there are some merits to using DPoP= in this way. However, the attacker's capabilities are stronger than often = assumed, so it may not matter in the end. I've been wanting to write this o= ut for a while now, so I've added a couple of scenarios below. Note that I = just came up with the scenario names on the fly, so these may not be the be= st ones for future use ... >=20 > (This got a lot longer than I expected, so here's a TOC) > - Attack assumption > - Scenario 1: offline XSS against existing tokens > - Scenario 2: passive online XSS against existing tokens > - Scenario 3: active online XSS against existing tokens > - Scenario 4 (!): obtaining fresh tokens > - Mitigation: DPoP in a Web Worker > - Conclusion (TL;DR) >=20 > I hope this all makes sense! >=20 > Philippe >=20 >=20 >=20 >=20 > Assumption >=20 > The attacker has the ability to execute JS code in the application's cont= ext (e.g., through XSS, a malicious ad, ...). For simplicity, I'll just ref= er to the attack as "XSS". >=20 >=20 >=20 > Scenario 1: offline XSS against existing tokens >=20 > In this scenario, the malicious code executes and immediately performs a = malicious action. The attacker is not necessarily present or actively parti= cipating in the attack (i.e., abuse of stolen tokens is done at a later tim= e).=20 >=20 > A common example would be stealing tokens from localStorage and sending t= hem to an attacker-controlled server for later abuse. Existing mitigations = include short AT lifetimes and RT rotation. >=20 > The attacker could determine that DPoP is being used, and also extract pr= ecomputed proofs for any of these tokens. The use of DPoP makes token abuse= a bit harder (large window =3D lots of proofs), but does not really streng= then the defense beyond existing mitigations (Short AT lifetimes and RT rot= ation).=20 >=20 >=20 >=20 > Scenario 2: passive online XSS against existing tokens >=20 > In this scenario, the malicious code executes and sets up a long-term att= ack. The attacker (i.e., a malicious application running on a server) is pa= ssive until certain criteria are met.=20 >=20 > An attack could be to manipulate the JS execution context, so that the at= tacker can detect new tokens being obtained by the client. (e.g., by overri= ding a listener or changing core function prototypes). Each time new tokens= are issued (AT + RT), the attacker sends them to the malicious server. The= moment the attacker detects that the user closes the application, the mali= cious server continues the RT rotation chain. Since the application is no l= onger active, the AS will not detect this. The attacker now has access for = as long as the RT chain can be kept alive. >=20 > When DPoP is used, the attacker will need proofs to present to the AS whe= n running a refresh token flow. If the proofs are independent of the RT bei= ng used, these can be precomputed. When the RT is part of the proof, as per= Filip's suggestion, the attacker can only run a RT flow once (with the sto= len RT + proof). This attack scenario is fairly well mitigated when DPoP pr= oofs include the RT (hash). >=20 >=20 >=20 > Scenario 3: active online XSS against existing tokens >=20 > In this scenario, the malicious code executes and sets up a long-term att= ack. The attacker is actively controlling the behavior of the malicious cod= e.=20 >=20 > The attack vectors are the same as scenario 2. Once in control, the attac= ker can use the same mechanism as the application does to send requests to = any endpoint. There is no need to obtain an RT (which may not even be possi= ble), since the attacker can just abuse the AT directly. >=20 > When DPoP is used, little changes here. The attacker can use the applicat= ion's DPoP mechanism to obtain legitimate proofs. DPoP does nothing to miti= gate this type of attack (as already stated in Daniel's threat model: https= ://danielfett.de/2020/05/04/dpop-attacker-model/ ). >=20 >=20 >=20 > Scenario 4: obtaining fresh tokens >=20 > In this scenario, the malicious code executes and immediately launches th= e attack. In this attack, the malicious code loads a hidden iframe in the a= pplication's DOM. In that iframe, the attacker starts a silent flow with AS= to obtain an authorization code (AC). If the user has an active session, t= his will succeed (existing cookie + all origins match). The attacker extrac= ts this AC and exchanges it for tokens with the AS.=20 >=20 > At this point, the attacker has a fresh set of tokens that grant access t= o resources in the name of the user. Short AT lifetimes and RT rotation are= useless, since the attacker is in full control of the tokens. >=20 > Using DPoP in this scenario does not help at all. The attacker can use th= eir own private key to generate the necesary DPoP proofs, starting with the= code exchange. >=20 > One solution is to turn off silent flows for SPAs, since they have become= quite unreliable with third-party cookie blocking restrictions. >=20 >=20 >=20 > Mitigation: DPoP in a Web Worker >=20 > Isolating sensitive features from malicious JS is virtually impossible wh= en the application's legitimate JS code needs access to them. One solution = that can work is the use of a Web Worker. Concretely, the DPoP private key = is kept in a worker, isolated from the main application. All requests that = require a DPoP proof are tunneled through the worker, which adds the requir= ed proof.=20 >=20 > In this setup, the worker can also handle RTs, since they will require a = proof. This strategy is already implemented by some libraries (e.g., Auth0'= s JS library). When ATs are also sender-constrained with DPoP, they can als= o be kept in the worker instead of in the application. >=20 > This implementation strategy has the following impact on the scenarios di= scussed above. >=20 > - Scenario 1 (offline XSS): mitigated, since there is nothing to steal fr= om the application > - Scenario 2 (passive online XSS): mitigated, since there are no tokens t= o steal > - Scenario 3 (active online XSS): impacted, but not mitigated. The attack= er can no longer send requests directly, and is forced to go through the wo= rker. The worker can enforce restrictions on requests it sends (e.g., rate = limiting, only allowing certain types of requests or certain endpoints, ...= ) > - Scenario 4 (obtaining fresh tokens): no effect --> this is a big proble= m! >=20 >=20 >=20 > Conclusion >=20 > Even with current best practices and DPoP in place, an attacker can still= send requests through the application, or obtain an entirely fresh set of = tokens with a hidden silent flow. The former scenario can be somewhat reduc= ed, but the latter cannot be mitigated.=20 >=20 > In a nutshell: XSS =3D Game over >=20 >=20 > =E2=80=94 > Pragmatic Web Security > Security for developers > https://pragmaticwebsecurity.com/ >=20 >=20 >> On 3 Dec 2020, at 13:55, Torsten Lodderstedt > wrote= : >>=20 >> I understand. Thanks!=20 >>=20 >> I think RT rotation + RT hash in the proof would also stop the attack. = =20 >>=20 >>> Am 03.12.2020 um 13:19 schrieb Filip Skokan >: >>>=20 >>> I'm failing to understand why binding the proof to the access token ens= ures freshness of the proof. >>>=20 >>> Because when access tokens issued to public browser based clients have = a short duration you need continued access to the private key to issue new = proofs. When I exfiltrate the RT and pre-generate tons of proofs while the = user is active on the page through XSS I can then use the RT and my prepare= d proofs to talk to the AS to keep on refreshing the AT and use it against = the RS. When the value of the token is part of the proof, i cannot pre-gene= rate them for future issued access tokens. Short `iat` based windows don't = help here. >>>=20 >>> S pozdravem, >>> Filip Skokan >>>=20 >>>=20 >>> On Thu, 3 Dec 2020 at 12:59, Torsten Lodderstedt > wrote: >>> Hi,=20 >>>=20 >>> I'm failing to understand why binding the proof to the access token ens= ures freshness of the proof. I would rather think if the client is forced t= o create proofs with a reasonable short lifetime, chances for replay could = be reduced.=20 >>>=20 >>> Beside that as far as I remember the primary replay counter measure is = the inclusion of the endpoint URL and HTTP method in the proof, since it re= duces the attack surface to a particular URL. So in the context of freshnes= s, we are talking about using the same proof with the same URL again.=20 >>>=20 >>> best regards, >>> Torsten.=20 >>>=20 >>>> Am 03.12.2020 um 10:20 schrieb Filip Skokan >: >>>>=20 >>>> Hi Brian, everyone, >>>>=20 >>>> While the attack vector allows direct use, there is the option where a= smarter attacker will not abuse the gained artifacts straight away. Think = public client browser scenario with the non-extractable private key stored = in IndexedDB (the only place to persist them really), they wouldn't use the= tokens but instead, exfiltrate them, together with a bunch of pre-generate= d DPoP proofs. They'll get the refresh token and a bunch of DPoP proofs for= both the RS and AS. With those they'll be able to get a fresh AT and use i= t with pre-generated Proofs after the end-user leaves the site. No availabl= e protection (e.g. RT already rotated) will be able to kick in until the en= d-user opens the page again. >>>>=20 >>>> OTOH with a hash of the AT in the Proof only direct use remains. >>>>=20 >>>> If what I describe above is something we don't want to deal with becau= se of direct use already allowing access to protected resources, it's suffi= ciently okay as is (option #1). However, if this scenario, one allowing pro= longed access to protected resources, is not acceptable, it's option #2. >>>>=20 >>>> Ad #2a vs #2b vs #2c. My pre-emptive answer is #2a, simply because we = already have the tools needed to generate and validate these hashes. But fu= rther thinking about it, it would feel awkward if this JWS algorithm driven= at_hash digest selection wouldn't get stretched to the confirmations, when= this are placed in a JWT access token, cool - we can do that, but when the= se are put in a basic token introspection response it's unfortunately not a= n option. So, #2b (just use sha-256 just like the confirmations do). >>>>=20 >>>> Best, >>>> Filip >>>>=20 >>>>=20 >>>> On Wed, 2 Dec 2020 at 21:50, Brian Campbell = > wrote: >>>> There were a few items discussed somewhat during the recent interim th= at I committed to bringing back to the list. The slide below (also availabl= e as slide #17 from the interim presentation) is the first one of them, whi= ch is difficult to summarize but kinda boils down to how much assurance the= re is that the DPoP proof was 'freshly' created and that can dovetail into = the question of whether the token is covered by the signature of the proof.= =20 >>>> There are many directions a "resolution" here could go but my sense of= the room during the meeting was that the contending options were: >>>> =E2=80=A2 It's sufficiently okay as it is >>>> =E2=80=A2 Include a hash of the access token in the DPoP proof (= when an access token is present) >>>>=20 >>>> Going with #2 would mean the draft would also have to define how the h= ashing is done and deal with or at least speak to algorithm agility. Option= s (that I can think of) include: >>>> =E2=80=A2 2a) Use the at_hash claim defined in OIDC core https://= openid.net/specs/openid-connect-core-1_0.html#CodeIDToken . Using something that al= ready exists is appealing. But its hash alg selection routine can be a bit = of a pain. And the algorithm agility based on the signature that it's suppo= sed to provide hasn't worked out as well as hoped in practice for "new" JWS= signatures https://bitbucket.org/openid/connect/issues/1125/_hash-algorith= m-for-eddsa-id-tokens >>>> =E2=80=A2 2b) Define a new claim ("ah", "ath", "atd", "ad" or som= ething like that maybe) and just use SHA-256. Explain why it's good enough = for now and the foreseeable future. Also include some text about introducin= g a new claim in the future if/when SHA-256 proves to be insufficient. Note= that this is effectively the same as how the confirmation claim value is c= urrently defined in this document and in RFC8705. >>>> =E2=80=A2 2c) Define a new claim with its own hash algorithm agil= ity scheme (likely similar to how the Digest header value or Subresource In= tegrity string is done). >>>>=20 >>>> I'm requesting that interested WG participants indicate their preferen= ce for #1 or #2. And among a, b, and c, if the latter.=20 >>>>=20 >>>> I also acknowledge that an ECDH approach could/would ameliorate the is= sues in a fundamentally different way. But that would be a distinct protoco= l. If there's interest in pursuing the ECDH idea, I'm certainly open to it = and even willing to work on it. But as a separate effort and not at the exp= ense of derailing DPoP in its general current form.=20 >>>> >>>>=20 >>>>=20 >>>> CONFIDENTIALITY NOTICE: This email may contain confidential and privil= eged material for the sole use of the intended recipient(s). Any review, us= e, distribution or disclosure by others is strictly prohibited. If you hav= e received this communication in error, please notify the sender immediatel= y by e-mail and delete the message and any file attachments from your compu= ter. Thank you._______________________________________________ >>>> OAuth mailing list >>>> OAuth@ietf.org >>>> https://www.ietf.org/mailman/listinfo/oauth >>>> _______________________________________________ >>>> OAuth mailing list >>>> OAuth@ietf.org >>>> https://www.google.com/url?q=3Dhttps://www.ietf.org/mailman/listinfo/o= auth&source=3Dgmail-imap&ust=3D1607592086000000&usg=3DAOvVaw3hGaihxAdyXVvzF= nVTpc6N >>>=20 >>=20 >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth >=20 > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth --=20 ForgeRock values your Privacy --Apple-Mail=_8FE5FE27-6FC6-4DD6-9F79-725FD0CEFA8D Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset="UTF-8" Thanks Philippe, this is a= good analysis.

    The sug= gestion to use a web worker to ensure that proofs cannot be pre-computed is= a good one I think. (You could also use a sandboxed iframe for a separate = sub/sibling-domain - dpop.ex= ample.com).

    F= or scenario 4, I think this only works if the attacker can trick/spoof the = AS into using their redirect_uri? Otherwise the AC will go to the legitimat= e app which will reject it due to mismatched state/PKCE. Or are you thinkin= g of XSS on the redirect_uri itself? I think probably a good practice is th= at the target of a redirect_uri should be a very minimal and locked down pa= ge to avoid this kind of possibility. (Again, using a separate sub-domain t= o handle tokens and DPoP seems like a good idea).

    IMO, the online attack scenario (i.e., pro= xying malicious requests through the victim=E2=80=99s browser) is quite app= ealing to an attacker, despite the apparent inconvenience:

     - the victim=E2=80=99s bro= wser may be inside a corporate firewall or VPN, allowing the attacker to ef= fectively bypass these restrictions
     - the attack= er=E2=80=99s traffic is mixed in with the user=E2=80=99s own requests, maki= ng them harder to distinguish or to block

    Overall, DPoP can only protect against XSS to the = same level as HttpOnly cookies. This is not nothing, but it means it only p= revents relatively naive attacks. Given the association of public key signa= tures with strong authentication, people may have overinflated expectations= if DPoP is pitched as an XSS defence.

    =
    =E2=80=94 Neil

    On 4 Dec 2020, at 0= 9:22, Philippe De Ryck <philippe@pragmaticwebsecurity.com> wrote:

    Hi all,

    This is a very useful discussion, and there are some= merits to using DPoP in this way. However, the attacker's capabilities are= stronger than often assumed, so it may not matter in the end. I've been wa= nting to write this out for a while now, so I've added a couple of scenario= s below. Note that I just came up with the scenario names on the fly, so th= ese may not be the best ones for future use ...

    (This got a lot longer than I expected, so h= ere's a TOC)
    - Attack assumption
    = - Scenario 1: offline XSS against existing tokens
    - Sc= enario 2: passive online XSS against existing tokens
    -= Scenario 3: active online XSS against existing tokens
    - Scenario 4 (!): obtaining fresh tokens
    - Mitigation= : DPoP in a Web Worker
    - Conclusion (TL;DR)

    I hope this all makes sense= !

    Philippe
    <= div class=3D"">



    Assumption

    The attacker has the ability to = execute JS code in the application's context (e.g., through XSS, a maliciou= s ad, ...). For simplicity, I'll just refer to the attack as "XSS".



    Scenario 1: offline XSS against existing tokens

    In this scenario, the malicious = code executes and immediately performs a malicious action. The attacker is = not necessarily present or actively participating in the attack (i.e., abus= e of stolen tokens is done at a later time). 
    A common example would be stealing tokens= from localStorage and sending them to an attacker-controlled server for la= ter abuse. Existing mitigations include short AT lifetimes and RT rotation.=

    The attacker cou= ld determine that DPoP is being used, and also extract precomputed proofs f= or any of these tokens. The use of DPoP makes token abuse a bit harder (lar= ge window =3D lots of proofs), but does not really strengthen the defense b= eyond existing mitigations (Short AT lifetimes and RT rotation). 


    =

    Scenario 2: passive online XSS against existing tokens
    <= div class=3D"">
    In this scenario, the m= alicious code executes and sets up a long-term attack. The attacker (i.e., = a malicious application running on a server) is passive until certain crite= ria are met. 

    An attack could be to manipulate the JS execution context, so that the at= tacker can detect new tokens being obtained by the client. (e.g., by overri= ding a listener or changing core function prototypes). Each time new tokens= are issued (AT + RT), the attacker sends them to the malicious server. The= moment the attacker detects that the user closes the application, the mali= cious server continues the RT rotation chain. Since the application is no l= onger active, the AS will not detect this. The attacker now has access for = as long as the RT chain can be kept alive.

    When DPoP is used, the attacker will need proof= s to present to the AS when running a refresh token flow. If the proofs are= independent of the RT being used, these can be precomputed. When the RT is= part of the proof, as per Filip's suggestion, the attacker can only run a = RT flow once (with the stolen RT + proof). This attack scenario is fairly w= ell mitigated when DPoP proofs include the RT (hash).
    =

    <= br class=3D"">
    Scenario 3:= active online XSS against existing tokens
    In this scenario, the malicious code exec= utes and sets up a long-term attack. The attacker is actively controlling t= he behavior of the malicious code. 

    The attack vectors are the same as scenario 2. Once= in control, the attacker can use the same mechanism as the application doe= s to send requests to any endpoint. There is no need to obtain an RT (which= may not even be possible), since the attacker can just abuse the AT direct= ly.

    When DPoP is = used, little changes here. The attacker can use the application's DPoP mech= anism to obtain legitimate proofs. DPoP does nothing to mitigate this type = of attack (as already stated in Daniel's threat model: https://danielfett= .de/2020/05/04/dpop-attacker-model/).



    Scenario 4: obtaining f= resh tokens

    In this scenario, the malicious code executes and immediately launches t= he attack. In this attack, the malicious code loads a hidden iframe in the = application's DOM. In that iframe, the attacker starts a silent flow with A= S to obtain an authorization code (AC). If the user has an active session, = this will succeed (existing cookie + all origins match). The attacker extra= cts this AC and exchanges it for tokens with the AS. 

    At this point, the attacker has = a fresh set of tokens that grant access to resources in the name of the use= r. Short AT lifetimes and RT rotation are useless, since the attacker is in= full control of the tokens.

    Using DPoP in this scenario does not help at all. The attacker = can use their own private key to generate the necesary DPoP proofs, startin= g with the code exchange.

    One solution is to turn off silent flows for SPAs, since they have= become quite unreliable with third-party cookie blocking restrictions.



    Mitigation: DPoP in a Web Worker

    Isolating sensitive features from malicious = JS is virtually impossible when the application's legitimate JS code needs = access to them. One solution that can work is the use of a Web Worker. Conc= retely, the DPoP private key is kept in a worker, isolated from the main ap= plication. All requests that require a DPoP proof are tunneled through the = worker, which adds the required proof. 

    In this setup, the worker can also handle RTs, = since they will require a proof. This strategy is already implemented by so= me libraries (e.g., Auth0's JS library). When ATs are also sender-constrain= ed with DPoP, they can also be kept in the worker instead of in the applica= tion.

    This implem= entation strategy has the following impact on the scenarios discussed above= .

    <= i class=3D"">- Scenario 1 (offline XSS): mitigated, since there is = nothing to steal from the application
    - Scenario 2 (passive online XSS): mitigated, since the= re are no tokens to steal
    = - Scenario 3 (active online XSS): impacted, but not mitigated. The = attacker can no longer send requests directly, and is forced to go through = the worker. The worker can enforce restrictions on requests it sends (e.g.,= rate limiting, only allowing certain types of requests or certain endpoint= s, ...)
    - Scenario 4 (obta= ining fresh tokens): no effect --> this is a big problem!
    <= div class=3D"">


    Conclusion

    =
    Even with current best practices and DPoP in place, a= n attacker can still send requests through the application, or obtain an en= tirely fresh set of tokens with a hidden silent flow. The former scenario c= an be somewhat reduced, but the latter cannot be mitigated. 

    In a nutshell: XSS =3D Gam= e over


    =E2=80=94
    Pragmatic Web SecuritySecurity for developers
    https://pragmaticwebsecu= rity.com/


    On 3 Dec 2020, at 13:55, Torsten Lodderstedt <torsten=3D40lodders= tedt.net@dmarc.ietf.org> wrote:

    I understand. Thanks!

    I think RT rotation + RT hash in the proof would also sto= p the attack.  

    Am 03.12.2020 um 13:19 schrieb Filip Skokan <panva.ip@gmail.com>:

    I'm failing to understand why binding the proof to the acce= ss token ensures freshness of the proof.

    Becau= se when access tokens issued to public browser based clients have a short d= uration you need continued access to the private key to issue new proofs. W= hen I exfiltrate the RT and pre-generate tons of proofs while the user is a= ctive on the page through XSS I can then use the RT and my prepared proofs = to talk to the AS to keep on refreshing the AT and use it against the RS. W= hen the value of the token is part of the proof, i cannot pre-generate them= for future issued access tokens. Short `iat` based windows don't help here= .

    S pozdravem,
    Filip Skokan


    On Thu, 3 Dec 2020 at 12:59, Torste= n Lodderstedt <tor= sten@lodderstedt.net> wrote:
    Hi,

    I'm failing to understand why binding the proof to the access toke= n ensures freshness of the proof. I would rather think if the client is for= ced to create proofs with a reasonable short lifetime, chances for replay c= ould be reduced.

    Beside that as far as I reme= mber the primary replay counter measure is the inclusion of the endpoint UR= L and HTTP method in the proof, since it reduces the attack surface to a pa= rticular URL. So in the context of freshness, we are talking about using th= e same proof with the same URL again.

    best re= gards,
    Torsten.

    Am 03.12.2020 um 10:20 schrieb Filip Skokan <panva.ip@gmail.com>:

    Hi Brian, everyone,

    = While the attack vector allows direct use, there is the option where a smar= ter attacker will not abuse the gained artifacts straight away. Think publi= c client browser scenario with the non-extractable private key stored in In= dexedDB (the only place to persist them really), they wouldn't use the toke= ns but instead, exfiltrate them, together with a bunch of pre-generated DPo= P proofs. They'll get the refresh token and a bunch of DPoP proofs for both= the RS and AS. With those they'll be able to get a fresh AT and use it wit= h pre-generated Proofs after the end-user leaves the site. No available pro= tection (e.g. RT already rotated) will be able to kick in until the end-use= r opens the page again.

    OTOH with a hash of th= e AT in the Proof only direct use remains.

    If = what I describe above is something we don't want to deal with because of di= rect use already allowing access to protected resources, it's sufficiently = okay as is (option #1). However, if this scenario, one allowing prolonged a= ccess to protected resources, is not acceptable, it's option #2.

    Ad #2a vs #2b vs #2c. My pre-emptive answer is #2a, si= mply because we already have the tools needed to generate and validate thes= e hashes. But further thinking about it, it would feel awkward if this JWS = algorithm driven at_hash digest selection wouldn't get stretched to the con= firmations, when this are placed in a JWT access token, cool - we can do th= at, but when these are put in a basic token introspection response it's unf= ortunately not an option. So, #2b (just use sha-256 just like the confirmat= ions do).

    Best,
    Filip


    On Wed, 2 Dec 2020 at 21:50, Brian Camp= bell <bcampbell=3D40pingidentity.com@dmarc.ietf.org> wrote:
    There were a few items discussed somewhat during the recent inter= im that I committed to bringing back to the list. The slide below (also ava= ilable as slide #17 from the interim presentation) is the first one of them= , which is difficult to summarize but kinda boils down to how much assuranc= e there is that the DPoP proof was 'freshly' created and that can dovetail = into the question of whether the token is covered by the signature of the p= roof.
    There are many directions a "resolution" here could go= but my sense of the room during the meeting was that the contending option= s were:
         =E2=80=A2  It's s= ufficiently okay as it is
         =E2= =80=A2  Include a hash of the access token in the DPoP proof (when an = access token is present)

    Going with #2 would m= ean the draft would also have to define how the hashing is done and deal wi= th or at least speak to algorithm agility. Options (that I can think of) in= clude:
         =E2=80=A2 2a) Use the a= t_hash claim defined in OIDC core https://openid.net/specs/op= enid-connect-core-1_0.html#CodeIDToken. Using something that already ex= ists is appealing. But its hash alg selection routine can be a bit of a pai= n. And the algorithm agility based on the signature that it's supposed to p= rovide hasn't worked out as well as hoped in practice for "new" JWS signatu= res https://bitbucket.org/openid/connect/i= ssues/1125/_hash-algorithm-for-eddsa-id-tokens
     &nb= sp;   =E2=80=A2 2b) Define a new claim ("ah", "ath", "atd", = "ad" or something like that maybe) and just use SHA-256. Explain why it's g= ood enough for now and the foreseeable future. Also include some text about= introducing a new claim in the future if/when SHA-256 proves to be insuffi= cient. Note that this is effectively the same as how the confirmation claim= value is currently defined in this document and in RFC8705.
    =      =E2=80=A2 2c) Define a new claim with its ow= n hash algorithm agility scheme (likely similar to how the Digest header va= lue or Subresource Integrity string is done).

    = I'm requesting that interested WG participants indicate their preference fo= r #1 or #2. And among a, b, and c, if the latter.

    I also acknowledge that an ECDH approach could/would ameliorate the i= ssues in a fundamentally different way. But that would be a distinct protoc= ol. If there's interest in pursuing the ECDH idea, I'm certainly open to it= and even willing to work on it. But as a separate effort and not at the ex= pense of derailing DPoP in its general current form.
    <Sli= de17.jpeg>


    CONFIDENTIALITY N= OTICE: This email may contain confidential and privileged material for the = sole use of the intended recipient(s). Any review, use, distribution or dis= closure by others is strictly prohibited.  If you have received this c= ommunication in error, please notify the sender immediately by e-mail and d= elete the message and any file attachments from your computer. Thank you.__= _____________________________________________
    OAuth mailing l= ist
    OAuth@ietf.o= rg
    https://www.ietf.org/mailman/listinfo/oauth
    = _______________________________________________
    OAuth mailing= list
    OAuth@ietf.org
    https://www.google.com/url= ?q=3Dhttps://www.ietf.org/mailman/listinfo/oauth&source=3Dgmail-imap&am= p;ust=3D1607592086000000&usg=3DAOvVaw3hGaihxAdyXVvzFnVTpc6N


    ________________= _______________________________
    OAuth mailing list
    OAuth@ietf.org
    https://www.ietf.org/mailman/listinfo/oauth
    =

    ___________________________________= ____________
    OAuth mailing list
    OAuth@ietf.org
    https://www.= ietf.org/mailman/listinfo/oauth


    ForgeRock values your Privacy --Apple-Mail=_8FE5FE27-6FC6-4DD6-9F79-725FD0CEFA8D-- From nobody Fri Dec 4 04:40:12 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D1C173A0C2F for ; Fri, 4 Dec 2020 04:40:10 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.118 X-Spam-Level: X-Spam-Status: No, score=-2.118 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_FONT_FACE_BAD=0.001, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=pragmaticwebsecurity.com header.b=Kv6ePQni; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=cYYw3kqi Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YlnhXieb6cJa for ; Fri, 4 Dec 2020 04:40:08 -0800 (PST) Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AB0DD3A0C29 for ; Fri, 4 Dec 2020 04:40:08 -0800 (PST) Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.nyi.internal (Postfix) with ESMTP id D99CD5C0151; Fri, 4 Dec 2020 07:40:07 -0500 (EST) Received: from mailfrontend1 ([10.202.2.162]) by compute3.internal (MEProxy); Fri, 04 Dec 2020 07:40:07 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= pragmaticwebsecurity.com; h=from:message-id:content-type :mime-version:subject:date:in-reply-to:cc:to:references; s=fm2; bh=F4MVJYR9FcepTM3pBzBdCEycH8vX6rftzmfggplCFAk=; b=Kv6ePQni4Sla rBPuwbfNuTvUQGCpP8LFlx5nU1DuDyrOk65eS2wLfzKaDpGUjqXvndnFTxttwiTF 87CnU3xWPGGlHVvev4VMI2od8skCIzEJ1C4MGYDN8J4YrSj6XldTUX6h6kM/i6/w dOe5w4xxI8c0wxtSHOWvcxttKXr6MclImC03EkuROn3hZyiGaSCWzEVVN1epD35B bAToQ+Mz9cskTRnIdRYWGxiHUlH55C0mdpTu6yDNr5KQXX47pxeB2FqJB9z7iomx ndNU0vAYLH0A7mQxNmMKPl1OXBSqKD+CslpMdVXFQWRJUOuRQoKQPaqhXnCxAtZ4 RtjgdDolyg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=F4MVJY R9FcepTM3pBzBdCEycH8vX6rftzmfggplCFAk=; b=cYYw3kqiVSH64sg3cPcG+Z QWlhMJarJ57hGzLcP7AEksk5q9BfokrfIr+9atHm5AxPpr+Cz1z1czYVmGnOTYBy wGFVPqENQaSGv8G15y76n8753j16LLDeXIDc33xjueCo23DVugkK4t8c95wkGuPm CIL49dSFEdG/BEmtuKuM5xb40darm10AEzewOL02slqa9Wmh6dTULhu4LyynQoRD RoT7aY70gT7PF/sdcBHwVBgNck1MUyfkETOUm1hplC5dozBZiK0IpSAqfwvqDbFj F1ZAkvMTLCTVxJnRon5EDynVoQ/uDriqjXdceuMWf7fcFM0vUSB9B78nb9EMbTsQ == X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedujedrudeikedggedvucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhephffktgggufffjgfvfhfosegrtdhmrehhtdejnecuhfhrohhmpefrhhhilhhi phhpvgcuffgvucfthigtkhcuoehphhhilhhiphhpvgesphhrrghgmhgrthhitgifvggssh gvtghurhhithihrdgtohhmqeenucggtffrrghtthgvrhhnpeehleejgeegieefgfeigefg geekleelkeefieehteehkeegtdevuedvudekgfdvjeenucffohhmrghinhepvgigrghmph hlvgdrtghomhdpvgigrghmphhlvgdrtghomhdrrghnpdhhthhtphhsfegrvdhfvgigrghm phhlvgdrtghomhenucfkphepkedurdduieegrdduvdelrdelheenucevlhhushhtvghruf hiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehphhhilhhiphhpvgesphhrrghg mhgrthhitgifvggsshgvtghurhhithihrdgtohhm X-ME-Proxy: Received: from [192.168.1.47] (d51a4815f.access.telenet.be [81.164.129.95]) by mail.messagingengine.com (Postfix) with ESMTPA id 1FFC524005B; Fri, 4 Dec 2020 07:40:06 -0500 (EST) From: Philippe De Ryck Message-Id: Content-Type: multipart/alternative; boundary="Apple-Mail=_6E97C9C2-73C4-4B1A-BDEC-F122155E00D0" Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.4\)) Date: Fri, 4 Dec 2020 13:40:03 +0100 In-Reply-To: <1B663AA7-563D-4D25-A408-9ED10FD818AC@forgerock.com> Cc: Torsten Lodderstedt , Brian Campbell , oauth To: Neil Madden References: <30D5F7BA-EA54-4E40-A2FC-222AA0C9AF8D@lodderstedt.net> <353E4494-2F80-44BC-9267-6FB8B37AA0FE@lodderstedt.net> <1B663AA7-563D-4D25-A408-9ED10FD818AC@forgerock.com> X-Mailer: Apple Mail (2.3608.120.23.2.4) Archived-At: Subject: Re: [OAUTH-WG] DPoP followup I: freshness and coverage of signature X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Dec 2020 12:40:11 -0000 --Apple-Mail=_6E97C9C2-73C4-4B1A-BDEC-F122155E00D0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 > The suggestion to use a web worker to ensure that proofs cannot be = pre-computed is a good one I think. (You could also use a sandboxed = iframe for a separate sub/sibling-domain - dpop.example.com = ). An iframe with a different origin would also work (not really = sandboxing, as that implies the use of the sandbox attribute to enforce = behavioral restrictions). The downside of an iframe is the need to host = additional HTML, vs a script file for the worker, but the effect is = indeed the same. > For scenario 4, I think this only works if the attacker can = trick/spoof the AS into using their redirect_uri? Otherwise the AC will = go to the legitimate app which will reject it due to mismatched = state/PKCE. Or are you thinking of XSS on the redirect_uri itself? I = think probably a good practice is that the target of a redirect_uri = should be a very minimal and locked down page to avoid this kind of = possibility. (Again, using a separate sub-domain to handle tokens and = DPoP seems like a good idea). My original thought was to use a silent flow with Web Messaging. The = scenario would go as follows: 1. Setup a Web Messaging listener to receive the incoming code 2. Create a hidden iframe with the DOM APIs 3. Create an authorization request such as = =E2=80=9C/authorize?response_type=3Dcode&client_id=3D...&redirect_uri=3Dht= tps%3A%2F%example.com&state=3D...&code_challenge=3D7-ffnU1EzHtMfxOAdlkp_Wi= xnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256&prompt=3Dnone&response_m= ode=3Dweb_message=E2=80=9D 4. Load this URL in the iframe, and wait for the result 5. Retrieve code in the listener, and use PKCE (+ DPoP if needed) to = exchange it for tokens This puts the attacker in full control over every aspect of the flow, so = no need to manipulate any of the parameters. After your comment, I also believe an attacker can run the same scenario = without the =E2=80=9Cresponse_mode=3Dweb_message=E2=80=9D. This would go = as follows: 1. Create a hidden iframe with the DOM APIs 2. Setup polling to read the URL (this will be possible for same-origin = pages, not for cross-origin pages) 3. Create an authorization request such as = =E2=80=9C/authorize?response_type=3Dcode&client_id=3D...&redirect_uri=3Dht= tps%3A%2F%example.com&state=3D...&code_challenge=3D7-ffnU1EzHtMfxOAdlkp_Wi= xnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256=E2=80=9D 4. Load this URL in the iframe, and keep polling 5. Detect the redirect back to the application with the code in the URL, = retrieve code, and use PKCE (+ DPoP if needed) to exchange it for tokens In step 5, the application is likely to also try to exchange the code. = This will fail due to a mismatching PKCE verifier. While noisy, I = don=E2=80=99t think it affects the scenario.=20 > IMO, the online attack scenario (i.e., proxying malicious requests = through the victim=E2=80=99s browser) is quite appealing to an attacker, = despite the apparent inconvenience: >=20 > - the victim=E2=80=99s browser may be inside a corporate firewall or = VPN, allowing the attacker to effectively bypass these restrictions > - the attacker=E2=80=99s traffic is mixed in with the user=E2=80=99s = own requests, making them harder to distinguish or to block >=20 > Overall, DPoP can only protect against XSS to the same level as = HttpOnly cookies. This is not nothing, but it means it only prevents = relatively naive attacks. Given the association of public key signatures = with strong authentication, people may have overinflated expectations if = DPoP is pitched as an XSS defence. Yes, in the cookie world this is known as =E2=80=9CSession Riding=E2=80=9D= . Having the worker for token isolation would make it possible to = enforce a coarse-grained policy on outgoing requests to prevent total = abuse of the AT. My main concern here is the effort of doing DPoP in a browser versus the = limited gains. It may also give a false sense of security.=20 With all this said, I believe that the AS can lock down its = configuration to reduce these attack vectors. A few initial ideas: 1. Disable silent flows for SPAs using RT rotation 2. Use the sec-fetch headers to detect and reject non-silent = iframe-based flows For example, an OAuth 2.0 flow in an iframe in Brave/Chrome carries = these headers: sec-fetch-dest: iframe sec-fetch-mode: navigate sec-fetch-site: cross-site sec-fetch-user: ?1 Philippe --Apple-Mail=_6E97C9C2-73C4-4B1A-BDEC-F122155E00D0 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8

    The suggestion to use a web worker to ensure = that proofs cannot be pre-computed is a good one I think. (You could = also use a sandboxed iframe for a separate sub/sibling-domain - dpop.example.com).

    An iframe with a different origin would also work = (not really sandboxing, as that implies the use of the sandbox attribute = to enforce behavioral restrictions). The downside of an iframe is the = need to host additional HTML, vs a script file for the worker, but the = effect is indeed the same.

    For scenario 4, I think this only works if = the attacker can trick/spoof the AS into using their redirect_uri? = Otherwise the AC will go to the legitimate app which will reject it due = to mismatched state/PKCE. Or are you thinking of XSS on the redirect_uri = itself? I think probably a good practice is that the target of a = redirect_uri should be a very minimal and locked down page to avoid this = kind of possibility. (Again, using a separate sub-domain to handle = tokens and DPoP seems like a good = idea).

    My = original thought was to use a silent flow with Web Messaging. The = scenario would go as follows:

    1. = Setup a Web Messaging listener to receive the incoming code
    2. = Create a hidden iframe with the DOM APIs
    3. Create an = authorization request such as =E2=80=9C/authorize?response_type=3Dcode&client_id=3D...&redirec= t_uri=3Dhttps%3A%2F%example.com&state=3D...&code_challenge=3D7-ffnU1EzH= tMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256&pro= mpt=3Dnone&response_mode=3Dweb_message=E2=80=9D
    4. = Load this URL in the iframe, and wait for the result
    5. = Retrieve code in the listener, and use PKCE (+ DPoP if needed) to = exchange it for tokens

    This puts the = attacker in full control over every aspect of the flow, so no need to = manipulate any of the parameters.


    After your comment, I also believe an attacker can = run the same scenario without the =E2=80=9Cresponse_mode=3Dweb_message=E2=80=9D. This would go as = follows:

    1. Create a hidden = iframe with the DOM APIs
    2. Setup polling to read the URL = (this will be possible for same-origin pages, not for cross-origin = pages)
    3. Create an authorization request such as =E2=80=9C/authorize?response_type=3Dcode&client_id=3D...&redirec= t_uri=3Dhttps%3A%2F%example.com&state=3D...&code_challenge=3D7-ffnU1EzH= tMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256=E2=80= =9D
    4. Load this URL in the iframe, and keep = polling
    5. Detect the redirect back to the application with = the code in the URL, retrieve code, and use PKCE (+ DPoP if needed) to = exchange it for tokens

    In step 5, = the application is likely to also try to exchange the code. This will = fail due to a mismatching PKCE verifier. While noisy, I don=E2=80=99t = think it affects the scenario. 


    IMO, = the online attack scenario (i.e., proxying malicious requests through = the victim=E2=80=99s browser) is quite appealing to an attacker, despite = the apparent inconvenience:

     - the victim=E2=80=99s browser may be inside a = corporate firewall or VPN, allowing the attacker to effectively bypass = these restrictions
     - the attacker=E2=80=99s = traffic is mixed in with the user=E2=80=99s own requests, making them = harder to distinguish or to block

    Overall, DPoP can only protect against = XSS to the same level as HttpOnly cookies. This is not nothing, but it = means it only prevents relatively naive attacks. Given the association = of public key signatures with strong authentication, people may have = overinflated expectations if DPoP is pitched as an XSS = defence.

    Yes,= in the cookie world this is known as =E2=80=9CSession Riding=E2=80=9D. = Having the worker for token isolation would make it possible to enforce = a coarse-grained policy on outgoing requests to prevent total abuse of = the AT.

    My main concern here is the = effort of doing DPoP in a browser versus the limited gains. It may also = give a false sense of security. 



    With all this said, I believe that the AS can lock = down its configuration to reduce these attack vectors. A few initial = ideas:

    1. Disable silent flows for = SPAs using RT rotation
    2. Use the sec-fetch headers to detect = and reject non-silent iframe-based flows

    For example,  an OAuth 2.0 flow in an iframe = in Brave/Chrome carries these headers:
    sec-fetch-dest: iframe
    sec-fetch-mode: navigate
    sec-fetch-site: = cross-site
    sec-fetch-user: = ?1


    Philippe

    = --Apple-Mail=_6E97C9C2-73C4-4B1A-BDEC-F122155E00D0-- From nobody Fri Dec 4 07:21:40 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0CDD83A0D94 for ; Fri, 4 Dec 2020 07:21:39 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.098 X-Spam-Level: X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_RATIO_06=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mitre.org Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tHMFux61CCi8 for ; Fri, 4 Dec 2020 07:21:37 -0800 (PST) Received: from smtpvbsrv1.mitre.org (smtpvbsrv1.mitre.org [198.49.146.234]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8CB363A0D8C for ; Fri, 4 Dec 2020 07:21:36 -0800 (PST) Received: from smtpvbsrv1.mitre.org (localhost.localdomain [127.0.0.1]) by localhost (Postfix) with SMTP id 6DDF1332047; Fri, 4 Dec 2020 10:21:34 -0500 (EST) Received: from smtprhbv1.mitre.org (unknown [129.83.19.196]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtpvbsrv1.mitre.org (Postfix) with ESMTPS id 0D380332038; Fri, 4 Dec 2020 10:21:34 -0500 (EST) Received: from mbfesmtp-mgt.mitre.org (mbfesmtp-in.mitre.org [198.49.146.235]) by smtprhbv1.mitre.org (Postfix) with ESMTP id EDBA480C07E; Fri, 4 Dec 2020 10:21:33 -0500 (EST) Received: by mbfesmtp-mgt.mitre.org (Postfix, from userid 600) id 4Cnbyj6pZ5zlYT; Fri, 4 Dec 2020 15:21:27 +0000 (UTC) Received: from GCC02-DM3-obe.outbound.protection.outlook.com (mail-dm3gcc02lp2104.outbound.protection.outlook.com [104.47.65.104]) by mbfesmtp-mgt.mitre.org (Postfix) with ESMTPS id 4CnbyX6Kd6z3D4fB; Fri, 4 Dec 2020 15:21:24 +0000 (UTC) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=fmfbUm9IaiNwRSW0f0NLMxBT0NU7AW+hyvpfyU0iEjYizom6qXoy7cn1pniq9dvhnVkqpanKMrIw2A8PaRFKVnV0ogvmhkpcU9T077uDGbsjZtoL+Gv/OE5DfjRPkL//j84U3bJBwrllhr9GyvFIslt504qyEEPpeLJoySSosPPKldq5eE8l2kJrn9mcG2u84jk87yWgsHuOCsHfyN4uaqe3F6Ulbrn07a509Km0TzCt8hlxQoz+p/81v5OxouW/8KBeJIfrLeU2dQe1FQz/qPrJd6KWD6PW0GQIyWthjhTYuhuOICkUrwNO0a6yz1STZrEvQwxkzY28BXyVrqf8AQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=vCu8qxBXAz0abkRIJUK31iECEjPPafGVFjaIXsF/Wgw=; b=YY964iBhC2TTAFArbfyNHI/gzmSHXBXQvRUwLQoXxF5zYQezoffiNq+MxVmEHuxzE4RkXJOiXhvMMyUJHj5H6iQ4ngjJs44BPuPaeTkLBjRgOLYJ3GzMIU2gZM/Kd9Bz5QHBgv2YQzgnuX2LDQBkwZtXEGVOvrLDi9tM4bM47bIwXqzTtnj7SCm0BJwopQcgmV6kfot/ZYu53SmPSEzqY7SEdg+PySvS/J8LvdPc/Bjssntsenae+6s29yUIaU6IY01bFYrNW8FUcI1zCDg/Lk2kL+CJTI7xr+kr5taRy+RbIKHTNuw0YtkC+KomMscyjemBWSFQ3ZG3MLmWAzOatg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=mitre.org; dmarc=pass action=none header.from=mitre.org; dkim=pass header.d=mitre.org; arc=none Received: from SA9PR09MB5727.namprd09.prod.outlook.com (2603:10b6:806:1d::9) by SA0PR09MB7434.namprd09.prod.outlook.com (2603:10b6:806:76::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3632.19; Fri, 4 Dec 2020 15:21:24 +0000 Received: from SA9PR09MB5727.namprd09.prod.outlook.com ([fe80::2112:2e1:2d80:cffd]) by SA9PR09MB5727.namprd09.prod.outlook.com ([fe80::2112:2e1:2d80:cffd%4]) with mapi id 15.20.3611.020; Fri, 4 Dec 2020 15:21:23 +0000 From: Michael A Peck To: Filip Skokan , Brian Campbell CC: oauth Thread-Topic: [EXT] Re: [OAUTH-WG] DPoP followup III: client auth Thread-Index: AQHWyVmcrFi8a3ShvkmhLyzxd1n2jKnmu7kA Date: Fri, 4 Dec 2020 15:21:23 +0000 Message-ID: <5F2D6022-CA13-4255-ADC2-78CCC1AED766@mitre.org> References: <3134_1606988830_5FC8B41D_3134_178_1_CALAqi_-6ovK4otw9JW+c5H3qjnFrUqbwn-AoyGnA_EHfCSgQNw@mail.gmail.com> In-Reply-To: <3134_1606988830_5FC8B41D_3134_178_1_CALAqi_-6ovK4otw9JW+c5H3qjnFrUqbwn-AoyGnA_EHfCSgQNw@mail.gmail.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: yes X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/16.42.20101102 authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=mitre.org; x-originating-ip: [192.80.55.87] x-ms-publictraffictype: Email x-ms-office365-filtering-ht: Tenant x-ms-office365-filtering-correlation-id: ffa5527c-fb5e-424d-a0b8-08d8986842b1 x-ms-traffictypediagnostic: SA0PR09MB7434: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:8273; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: AahKhyu6xxT2H90hix7lbOJovpdDMU9HJlGM4EFTnq734iweudQz6eL3WNbWUQKUj043DEXW22gU7YRaZuj2KQnGEYm+uCnfZlPwKNYAGle4/qXdU2AsuGnLIRu7sqhorDFvADsWPpKryXzJvJrojzjsZOAUeDmlHiaixJiPO+OrxwxXdF67RfqqCx49VN5EFNrR5sY1Gu2tz31d1qgTJtOE9/w4AXDByamh+PtHGRz6ALK7jQiEXeviVMjIGmqXD6m9pLzfMZEVWxIwrncDS9IpninaxfelOhreJ8aAE5X6BjyaYdkT1mE9QyYJEfXaPYYY4XaG3DrSZsK6sFGhih9thr0+NzV4TZvmedfs/6T0n4K0r15xwi9E4JD/uuywe803Cwm+X4bOJd0WJLAFOxUOyieLdo1UaKnmJO5SIjZirzwsqVZyBnkJjx3NgsKA8e6H8EQSNcI3g3XwD+KlBw== x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SA9PR09MB5727.namprd09.prod.outlook.com; PTR:; CAT:NONE; SFS:(346002)(396003)(376002)(366004)(39860400002)(136003)(9326002)(186003)(6486002)(6506007)(2906002)(53546011)(4326008)(478600001)(91956017)(71200400001)(2616005)(966005)(99936003)(86362001)(36756003)(64756008)(8936002)(66556008)(76116006)(110136005)(66616009)(66476007)(66446008)(316002)(8676002)(33656002)(66946007)(6512007)(83380400001)(166002)(5660300002)(26005)(45980500001); DIR:OUT; SFP:1101; x-ms-exchange-antispam-messagedata: =?utf-8?B?VVh0Y0g5WE85M0hzVzRZdU5WOGdZVUErYVAyVGlqeHlQWjNGblE1U1FTM3lC?= =?utf-8?B?U2ZaR2JHY3hXcll2SHRsM0xTK2dISXhYZm90KzhxSGltYkxtTnJIcjRKZ0lT?= =?utf-8?B?RTYxMmZzZ0NuSWRSamV4aUtXT3RoYzYxNS84Z1JqbGRwaTF1VXVxc1J3TGNS?= =?utf-8?B?WWU5YkVxMzVrTEhTSGdxQ3A5QnVNbXBrK2UyaWFoUThvNXM1Ukh0bXV0eGUy?= =?utf-8?B?eXRzZnRTNG9FTi82aVF1cE11b1R1TEZPUXZIdGQyb3NueGJXSWRVV0I2OXhn?= =?utf-8?B?ZWEyMkRLekZ3WDZzanZjRGdXWFdWSVFCeXFMbWhQZmVmZ1ltTmVnMVBpNmh1?= =?utf-8?B?a1puRTBaeEJQQmFDSDhzTmNJVFBTcjNrRkhScXYrZDZOclpTR0k1VVVHWmF3?= =?utf-8?B?Q0Rxb1FTbUpvOThqMjc2ZlJ6OVRENHY4UkdwVTBubTdidmtvNHlYZTBGVG42?= =?utf-8?B?T1lmbmRmTTN0OU1aQVJLR0gvMXQ3RkNZUWVZcHFSUER3Q2VwRFRwL0lGblVO?= =?utf-8?B?NnVERWNGeklXaDQrajNWKzgrdFFnTmFsa2VaSXZ6VXBGQUt5ajlNMGQyNkZi?= =?utf-8?B?akdrUlVWY2xIWGVKVGo5bVJlVU5TbUcrT2RkaVptV1l4SGt5UWo5VUo5RzFm?= =?utf-8?B?SXN2L3hXSzU2R01tV3VaS2RTR3dCRldrUnlNKzFrSEVwcUxwemRlUTRwdnNO?= =?utf-8?B?aExpUFNnTkNsWUNuZlZsSy92eEcvc29qT29ETTB4RGpGTWdXNnBEZm0zVE5q?= =?utf-8?B?dVJPS1ZoRHlGd0REa0RMdnZrUjRvdWVGQzdMRi9uRm9nWlhlL0ZaRk8yNVJS?= =?utf-8?B?SDM5ZWZyNmNndXR0Q0lTY3lDSThKNU52ZXppcGhCcERzbXB4ZFczVmh3SFVy?= =?utf-8?B?R2ZIdGJtQ0ZYanRhVnBuKzhBYWtxalM0bkdhVUpMdnNvQXVGRWUzOXdZdTVu?= =?utf-8?B?ZU5BYlJnb2Z5Mkx5Q1hDdXF6czR0ZHVxSjN5MURWWjNDYTBZM0p4R3NaVjVI?= =?utf-8?B?SThZd0tIY3lUYjd3L3ozcmwzZUkvVTFIaHFEbVpPcEt2U1UzN21qQllwNXcx?= =?utf-8?B?Ujl0V2R1c1FCSFdieWxGUUxnVlQwTS9aTmk2bmNhSG42enk1MC9CUGVKK0pL?= =?utf-8?B?ckVLczQ5RkFIOWk3anFOdkg1bFNlTFp3a3NkTUFCOVdaMUpiNmJ3NmZtMzZ6?= =?utf-8?B?QVVjSTFWTUYzQTlaYmJyMExXUUFDWVlHTmx3bUMvVWw2WnY3d3ZBb1BHUWNL?= =?utf-8?B?Mng3WTJXL1ZDUXFrUmw3WlNKUHV6QmxzZWw0WUp1em8wWDUxN01vTFhJazJW?= =?utf-8?Q?3FVxmrE5YOxV4Btrbg4Otri9YcWy7d3oYy?= x-ms-exchange-transport-forked: True Content-Type: multipart/related; boundary="_004_5F2D6022CA134255ADC278CCC1AED766mitreorg_"; type="multipart/alternative" MIME-Version: 1.0 X-OriginatorOrg: mitre.org X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: SA9PR09MB5727.namprd09.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: ffa5527c-fb5e-424d-a0b8-08d8986842b1 X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Dec 2020 15:21:23.4897 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: c620dc48-1d50-4952-8b39-df4d54d74d82 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: Hrle/GOjJF73DeTc3EM1AFmjpaW+mPyqv52XugLXUGCJjc0J4VHh51rTFQe1gE6O X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR09MB7434 X-MITRE: 8GQsMWxq66rxk57w DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mitre.org; h=from:to:cc:subject:date:message-id:references:in-reply-to:content-type:mime-version; s=selector1; bh=vCu8qxBXAz0abkRIJUK31iECEjPPafGVFjaIXsF/Wgw=; b=rVMf4+ls98R7fzlUiljIbnU0kDqPIZzTC0IOF6/VUbMSikUBrS0Ce4pv8IRG8fhd230vcKgCI+ApfIfaVWIg6ge8bGNa+nzVN1bfk/TNHUveVmkBM9QWks0hyZcY8vVRXSO0mT+83MS6eCRjrrScwNqp+otyGOoTqJqfLbj/sQE= Archived-At: Subject: Re: [OAUTH-WG] [EXT] Re: DPoP followup III: client auth X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Dec 2020 15:21:39 -0000 --_004_5F2D6022CA134255ADC278CCC1AED766mitreorg_ Content-Type: multipart/alternative; boundary="_000_5F2D6022CA134255ADC278CCC1AED766mitreorg_" --_000_5F2D6022CA134255ADC278CCC1AED766mitreorg_ Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 SGkgQnJpYW4sDQoNCkkgdGhpbmsgSSBsZWFuIHRvd2FyZHMgIOKAnFNodXQgdXAgYW5kIG5ldmVy IHNwZWFrIG9mIHRoaXMgYWdhaW7igJ0sIGJ1dCBjb3VsZCB5b3UgY2xhcmlmeSBzb21lIHRoaW5n cz8NCg0KSSBtaXNzZWQgdGhlIGludGVyaW0gbWVldGluZyBkaXNjdXNzaW9uIG9uIHRoaXMgc2xp ZGUg4oCTIGl0IGxvb2tzIGxpa2UgRFBvUCBmb3IgY2xpZW50IGF1dGhlbnRpY2F0aW9uIHdvdWxk IGhhdmUgdmVyeSBzaW1pbGFyIHByb3BlcnRpZXMgYXMgcHJpdmF0ZV9rZXlfand0LCBidXQgdXNp bmcgRFBvUCBpbnN0ZWFkPyBpLmUuIGJvdGggdXNlIGEgcHJpdmF0ZSBrZXkgdG8gc2lnbiBhIEpX VCB0aGF0IGF1dGhlbnRpY2F0ZXMgdGhlIGNsaWVudC4NCg0KQ291bGQgeW91IGV4cGFuZCBhIGJp dCBvbiB0aGUgYWR2YW50YWdlIG9mIHVzaW5nIERQb1AgZm9yIGJvdGggY2xpZW50IGF1dGhlbnRp Y2F0aW9uIGFuZCBzZW5kZXItY29uc3RyYWluaW5nIHRoZSB0b2tlbiB2cy4gdXNpbmcgcHJpdmF0 ZV9rZXlfand0IChmb3IgY2xpZW50IGF1dGhlbnRpY2F0aW9uKSArIERQb1AgKGZvciBzZW5kZXIt Y29uc3RyYWluaW5nIHRoZSB0b2tlbik/DQoNCkFkZGluZyB0byBGaWxpcOKAmXMgY29tbWVudCwg aXMgdGhlcmUganVzdCBvbmUgRFBvUCBwcm9vZiBzZW50IGluIHRoZSB0b2tlbiByZXF1ZXN0IHRv IGNvdmVyIGJvdGggY2xpZW50IGF1dGhlbnRpY2F0aW9uIGFuZCBzZW5kZXItY29uc3RyYWluaW5n IHRoZSB0b2tlbiwgbWVhbmluZyB0aGUgc2FtZSBrZXlwYWlyIHdvdWxkIGJlIHVzZWQgZm9yIGJv dGggRFBvUCB1c2FnZXM/ICBUaGF0IHdvdWxkIGdvIGFnYWluc3QgRFBvUOKAmXMga2V5IHJvdGF0 aW9uIGd1aWRhbmNlLCBidXQgbWF5YmUgd291bGQgYmUgb2theSBpZiBmcmVzaG5lc3MgZ3VhcmFu dGVlcyBvZiB0aGUgRFBvUCBwcm9vZiBnZXQgYWRkZWQ/DQoNClRoYW5rcywNCk1pa2UNCg0KDQpG cm9tOiBPQXV0aCA8b2F1dGgtYm91bmNlc0BpZXRmLm9yZz4gb24gYmVoYWxmIG9mIEZpbGlwIFNr b2thbiA8cGFudmEuaXBAZ21haWwuY29tPg0KRGF0ZTogVGh1cnNkYXksIERlY2VtYmVyIDMsIDIw MjAgYXQgNDo0OSBBTQ0KVG86IEJyaWFuIENhbXBiZWxsIDxiY2FtcGJlbGw9NDBwaW5naWRlbnRp dHkuY29tQGRtYXJjLmlldGYub3JnPg0KQ2M6ICJvYXV0aEBpZXRmLm9yZyIgPG9hdXRoQGlldGYu b3JnPg0KU3ViamVjdDogW0VYVF0gUmU6IFtPQVVUSC1XR10gRFBvUCBmb2xsb3d1cCBJSUk6IGNs aWVudCBhdXRoDQoNCvCfpKssIGJldHRlciBub3Qgb3BlbiB1cCB0aGUgcG9zc2liaWxpdHkgb2Yg dGhpbmtpbmcgb2YgRFBvUCBQcm9vZiBrZXlzIGFzIHByZS1yZWdpc3RlcmVkIChpLmUuIG5vdCAi ZXBoZW1lcmFsIikuDQoNCkJlc3QsDQpGaWxpcA0KDQoNCk9uIFdlZCwgMiBEZWMgMjAyMCBhdCAy MzozMCwgQnJpYW4gQ2FtcGJlbGwgPGJjYW1wYmVsbD00MHBpbmdpZGVudGl0eS5jb21AZG1hcmMu aWV0Zi5vcmc8bWFpbHRvOjQwcGluZ2lkZW50aXR5LmNvbUBkbWFyYy5pZXRmLm9yZz4+IHdyb3Rl Og0KVGhlcmUgd2VyZSBhIGZldyBpdGVtcyBkaXNjdXNzZWQgc29tZXdoYXQgZHVyaW5nIHRoZSBy ZWNlbnQgaW50ZXJpbTxodHRwczovL2RhdGF0cmFja2VyLmlldGYub3JnL21lZXRpbmcvaW50ZXJp bS0yMDIwLW9hdXRoLTE2L3Nlc3Npb24vb2F1dGg+IHRoYXQgSSBjb21taXR0ZWQgdG8gYnJpbmdp bmcgYmFjayB0byB0aGUgbGlzdC4gVGhlIHNsaWRlIGJlbG93IChhbHNvIGF2YWlsYWJsZSB3aXRo IGEgZmV3IGV4dHJhIHNwZWxsaW5nIGVycm9ycyBhcyBzbGlkZSAjMTkgZnJvbSB0aGUgaW50ZXJp bSBwcmVzZW50YXRpb248aHR0cHM6Ly9kYXRhdHJhY2tlci5pZXRmLm9yZy9tZWV0aW5nL2ludGVy aW0tMjAyMC1vYXV0aC0xNi9tYXRlcmlhbHMvc2xpZGVzLWludGVyaW0tMjAyMC1vYXV0aC0xNi1z ZXNzYS1kcG9wLTAxLnBkZj4pIGlzIHRoZSBsYXN0IG9mIHRoZW0uDQoNClRvIHN1bW1hcml6ZSwg SSdtIHdvbmRlcmluZyBpZiB0aGVyZSdzIFdHIGludGVyZXN0IGluIHdvcmtpbmcgdG8gZm9ybWFs aXplIGEgY2xpZW50LXRvLUFTIGF1dGhlbnRpY2F0aW9uIG1lY2hhbmlzbSBiYXNlZCBvbiBEUG9Q LiBJIHRoaW5rIGl0IHBvdGVudGlhbGx5IHdvdWxkIGJlIHByb2JsZW1hdGljIHRvIHB1dCBpbnRv IHRoZSBjdXJyZW50IGRvY3VtZW50IChmb3IgYSBudW1iZXIgb2YgcmVhc29ucykgc28gYW0gcHJl ZW1wdGl2ZWx5IHJ1bGluZyBvdXQgdGhhdCBvcHRpb24uIFRodXMsIGJhc2ljYWxseSwgSSdtIGFz a2luZyB0aGUgV0cgaWYgdGhlcmUgaXMgc29tZS9tdWNoIGludGVyZXN0IGluIHRoZSBpZGVhPyBJ biB3aGljaCBjYXNlIEknbGwgZmluZCBzb21lIHRpbWUgKGF0IHNvbWUgcG9pbnQpIHRvIHdyaXRl IHVwIGFuIEktRCBmb3IgaXQgYW5kIGJyaW5nIHRoYXQgYmFjayB0byB0aGUgZ3JvdXAgZm9yIGNv bnNpZGVyYXRpb24uIE9yIGlmIEkgc2hvdWxkLCBhcyB0aGUgc2xpZGUgc2F5cywgInNodXQgdXAg YW5kIG5ldmVyIHNwZWFrIG9mIHRoaXMgYWdhaW4iPw0KDQpbY2lkOmltYWdlMDAxLmpwZ0AwMUQ2 Q0EyNy4zNkI3ODM2MF0NCg0KQ09ORklERU5USUFMSVRZIE5PVElDRTogVGhpcyBlbWFpbCBtYXkg Y29udGFpbiBjb25maWRlbnRpYWwgYW5kIHByaXZpbGVnZWQgbWF0ZXJpYWwgZm9yIHRoZSBzb2xl IHVzZSBvZiB0aGUgaW50ZW5kZWQgcmVjaXBpZW50KHMpLiBBbnkgcmV2aWV3LCB1c2UsIGRpc3Ry aWJ1dGlvbiBvciBkaXNjbG9zdXJlIGJ5IG90aGVycyBpcyBzdHJpY3RseSBwcm9oaWJpdGVkLiAg SWYgeW91IGhhdmUgcmVjZWl2ZWQgdGhpcyBjb21tdW5pY2F0aW9uIGluIGVycm9yLCBwbGVhc2Ug bm90aWZ5IHRoZSBzZW5kZXIgaW1tZWRpYXRlbHkgYnkgZS1tYWlsIGFuZCBkZWxldGUgdGhlIG1l c3NhZ2UgYW5kIGFueSBmaWxlIGF0dGFjaG1lbnRzIGZyb20geW91ciBjb21wdXRlci4gVGhhbmsg eW91Ll9fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fDQpPQXV0 aCBtYWlsaW5nIGxpc3QNCk9BdXRoQGlldGYub3JnPG1haWx0bzpPQXV0aEBpZXRmLm9yZz4NCmh0 dHBzOi8vd3d3LmlldGYub3JnL21haWxtYW4vbGlzdGluZm8vb2F1dGgNCg== --_000_5F2D6022CA134255ADC278CCC1AED766mitreorg_ Content-Type: text/html; charset="utf-8" Content-ID: <20FF967AD0A5E6449D64FD476DB9D944@namprd09.prod.outlook.com> Content-Transfer-Encoding: base64 PGh0bWwgeG1sbnM6dj0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTp2bWwiIHhtbG5zOm89InVy bjpzY2hlbWFzLW1pY3Jvc29mdC1jb206b2ZmaWNlOm9mZmljZSIgeG1sbnM6dz0idXJuOnNjaGVt YXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6d29yZCIgeG1sbnM6bT0iaHR0cDovL3NjaGVtYXMubWlj cm9zb2Z0LmNvbS9vZmZpY2UvMjAwNC8xMi9vbW1sIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv VFIvUkVDLWh0bWw0MCI+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIg Y29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjxtZXRhIG5hbWU9IkdlbmVyYXRv ciIgY29udGVudD0iTWljcm9zb2Z0IFdvcmQgMTUgKGZpbHRlcmVkIG1lZGl1bSkiPg0KPCEtLVtp ZiAhbXNvXT48c3R5bGU+dlw6KiB7YmVoYXZpb3I6dXJsKCNkZWZhdWx0I1ZNTCk7fQ0Kb1w6KiB7 YmVoYXZpb3I6dXJsKCNkZWZhdWx0I1ZNTCk7fQ0Kd1w6KiB7YmVoYXZpb3I6dXJsKCNkZWZhdWx0 I1ZNTCk7fQ0KLnNoYXBlIHtiZWhhdmlvcjp1cmwoI2RlZmF1bHQjVk1MKTt9DQo8L3N0eWxlPjwh W2VuZGlmXS0tPjxzdHlsZT48IS0tDQovKiBGb250IERlZmluaXRpb25zICovDQpAZm9udC1mYWNl DQoJe2ZvbnQtZmFtaWx5OiJDYW1icmlhIE1hdGgiOw0KCXBhbm9zZS0xOjIgNCA1IDMgNSA0IDYg MyAyIDQ7fQ0KQGZvbnQtZmFjZQ0KCXtmb250LWZhbWlseTpDYWxpYnJpOw0KCXBhbm9zZS0xOjIg MTUgNSAyIDIgMiA0IDMgMiA0O30NCkBmb250LWZhY2UNCgl7Zm9udC1mYW1pbHk6IkFwcGxlIENv bG9yIEVtb2ppIjsNCglwYW5vc2UtMTowIDAgMCAwIDAgMCAwIDAgMCAwO30NCkBmb250LWZhY2UN Cgl7Zm9udC1mYW1pbHk6IlNlZ29lIFVJIjsNCglwYW5vc2UtMToyIDExIDUgMiA0IDIgNCAyIDIg Mzt9DQovKiBTdHlsZSBEZWZpbml0aW9ucyAqLw0KcC5Nc29Ob3JtYWwsIGxpLk1zb05vcm1hbCwg ZGl2Lk1zb05vcm1hbA0KCXttYXJnaW46MGluOw0KCWZvbnQtc2l6ZToxMS4wcHQ7DQoJZm9udC1m YW1pbHk6IkNhbGlicmkiLHNhbnMtc2VyaWY7fQ0KYTpsaW5rLCBzcGFuLk1zb0h5cGVybGluaw0K CXttc28tc3R5bGUtcHJpb3JpdHk6OTk7DQoJY29sb3I6Ymx1ZTsNCgl0ZXh0LWRlY29yYXRpb246 dW5kZXJsaW5lO30NCnNwYW4uRW1haWxTdHlsZTE4DQoJe21zby1zdHlsZS10eXBlOnBlcnNvbmFs LXJlcGx5Ow0KCWZvbnQtZmFtaWx5OiJDYWxpYnJpIixzYW5zLXNlcmlmOw0KCWNvbG9yOndpbmRv d3RleHQ7fQ0KLk1zb0NocERlZmF1bHQNCgl7bXNvLXN0eWxlLXR5cGU6ZXhwb3J0LW9ubHk7DQoJ Zm9udC1zaXplOjEwLjBwdDt9DQpAcGFnZSBXb3JkU2VjdGlvbjENCgl7c2l6ZTo4LjVpbiAxMS4w aW47DQoJbWFyZ2luOjEuMGluIDEuMGluIDEuMGluIDEuMGluO30NCmRpdi5Xb3JkU2VjdGlvbjEN Cgl7cGFnZTpXb3JkU2VjdGlvbjE7fQ0KLS0+PC9zdHlsZT48IS0tW2lmIGd0ZSBtc28gOV0+PHht bD4NCjxvOnNoYXBlZGVmYXVsdHMgdjpleHQ9ImVkaXQiIHNwaWRtYXg9IjEwMjYiIC8+DQo8L3ht bD48IVtlbmRpZl0tLT48IS0tW2lmIGd0ZSBtc28gOV0+PHhtbD4NCjxvOnNoYXBlbGF5b3V0IHY6 ZXh0PSJlZGl0Ij4NCjxvOmlkbWFwIHY6ZXh0PSJlZGl0IiBkYXRhPSIxIiAvPg0KPC9vOnNoYXBl bGF5b3V0PjwveG1sPjwhW2VuZGlmXS0tPg0KPC9oZWFkPg0KPGJvZHkgbGFuZz0iRU4tVVMiIGxp bms9ImJsdWUiIHZsaW5rPSJwdXJwbGUiIHN0eWxlPSJ3b3JkLXdyYXA6YnJlYWstd29yZCI+DQo8 ZGl2IGNsYXNzPSJXb3JkU2VjdGlvbjEiPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+SGkgQnJpYW4s PG86cD48L286cD48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwv cD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPkkgdGhpbmsgSSBsZWFuIHRvd2FyZHMgJm5ic3A74oCc U2h1dCB1cCBhbmQgbmV2ZXIgc3BlYWsgb2YgdGhpcyBhZ2FpbuKAnSwgYnV0IGNvdWxkIHlvdSBj bGFyaWZ5IHNvbWUgdGhpbmdzPzxvOnA+PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+ PG86cD4mbmJzcDs8L286cD48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5JIG1pc3NlZCB0aGUg aW50ZXJpbSBtZWV0aW5nIGRpc2N1c3Npb24gb24gdGhpcyBzbGlkZSDigJMgaXQgbG9va3MgbGlr ZSBEUG9QIGZvciBjbGllbnQgYXV0aGVudGljYXRpb24gd291bGQgaGF2ZSB2ZXJ5IHNpbWlsYXIg cHJvcGVydGllcyBhcyBwcml2YXRlX2tleV9qd3QsIGJ1dCB1c2luZyBEUG9QIGluc3RlYWQ/IGku ZS4gYm90aCB1c2UgYSBwcml2YXRlIGtleSB0byBzaWduIGEgSldUIHRoYXQgYXV0aGVudGljYXRl cw0KIHRoZSBjbGllbnQuPG86cD48L286cD48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpw PiZuYnNwOzwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPkNvdWxkIHlvdSBleHBhbmQg YSBiaXQgb24gdGhlIGFkdmFudGFnZSBvZiB1c2luZyBEUG9QIGZvciBib3RoIGNsaWVudCBhdXRo ZW50aWNhdGlvbiBhbmQgc2VuZGVyLWNvbnN0cmFpbmluZyB0aGUgdG9rZW4gdnMuIHVzaW5nIHBy aXZhdGVfa2V5X2p3dCAoZm9yIGNsaWVudCBhdXRoZW50aWNhdGlvbikgKyBEUG9QIChmb3Igc2Vu ZGVyLWNvbnN0cmFpbmluZyB0aGUgdG9rZW4pPzxvOnA+PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1z b05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5BZGRp bmcgdG8gRmlsaXDigJlzIGNvbW1lbnQsIGlzIHRoZXJlIGp1c3Qgb25lIERQb1AgcHJvb2Ygc2Vu dCBpbiB0aGUgdG9rZW4gcmVxdWVzdCB0byBjb3ZlciBib3RoIGNsaWVudCBhdXRoZW50aWNhdGlv biBhbmQgc2VuZGVyLWNvbnN0cmFpbmluZyB0aGUgdG9rZW4sIG1lYW5pbmcgdGhlIHNhbWUga2V5 cGFpciB3b3VsZCBiZSB1c2VkIGZvciBib3RoIERQb1AgdXNhZ2VzPyZuYnNwOyBUaGF0IHdvdWxk IGdvIGFnYWluc3QNCiBEUG9Q4oCZcyBrZXkgcm90YXRpb24gZ3VpZGFuY2UsIGJ1dCBtYXliZSB3 b3VsZCBiZSBva2F5IGlmIGZyZXNobmVzcyBndWFyYW50ZWVzIG9mIHRoZSBEUG9QIHByb29mIGdl dCBhZGRlZD88bzpwPjwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7 PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+VGhhbmtzLDxvOnA+PC9vOnA+PC9wPg0K PHAgY2xhc3M9Ik1zb05vcm1hbCI+TWlrZTxvOnA+PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05v cm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpwPiZu YnNwOzwvbzpwPjwvcD4NCjxkaXYgc3R5bGU9ImJvcmRlcjpub25lO2JvcmRlci10b3A6c29saWQg I0I1QzRERiAxLjBwdDtwYWRkaW5nOjMuMHB0IDBpbiAwaW4gMGluIj4NCjxwIGNsYXNzPSJNc29O b3JtYWwiPjxiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTIuMHB0O2NvbG9yOmJsYWNrIj5Gcm9t OiA8L3NwYW4+PC9iPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTIuMHB0O2NvbG9yOmJsYWNrIj5P QXV0aCAmbHQ7b2F1dGgtYm91bmNlc0BpZXRmLm9yZyZndDsgb24gYmVoYWxmIG9mIEZpbGlwIFNr b2thbiAmbHQ7cGFudmEuaXBAZ21haWwuY29tJmd0Ozxicj4NCjxiPkRhdGU6IDwvYj5UaHVyc2Rh eSwgRGVjZW1iZXIgMywgMjAyMCBhdCA0OjQ5IEFNPGJyPg0KPGI+VG86IDwvYj5CcmlhbiBDYW1w YmVsbCAmbHQ7YmNhbXBiZWxsPTQwcGluZ2lkZW50aXR5LmNvbUBkbWFyYy5pZXRmLm9yZyZndDs8 YnI+DQo8Yj5DYzogPC9iPiZxdW90O29hdXRoQGlldGYub3JnJnF1b3Q7ICZsdDtvYXV0aEBpZXRm Lm9yZyZndDs8YnI+DQo8Yj5TdWJqZWN0OiA8L2I+W0VYVF0gUmU6IFtPQVVUSC1XR10gRFBvUCBm b2xsb3d1cCBJSUk6IGNsaWVudCBhdXRoPG86cD48L286cD48L3NwYW4+PC9wPg0KPC9kaXY+DQo8 ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8L2Rpdj4N CjxkaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtZmFt aWx5OiZxdW90O0FwcGxlIENvbG9yIEVtb2ppJnF1b3Q7Ij4mIzEyOTMyMzs8L3NwYW4+LCBiZXR0 ZXIgbm90IG9wZW4gdXAgdGhlIHBvc3NpYmlsaXR5IG9mIHRoaW5raW5nIG9mIERQb1AgUHJvb2Yg a2V5cyBhcyBwcmUtcmVnaXN0ZXJlZCAoaS5lLiBub3QgJnF1b3Q7ZXBoZW1lcmFsJnF1b3Q7KS48 bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+ Jm5ic3A7PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3Jt YWwiPkJlc3QsPGJyPg0KPGI+RmlsaXA8L2I+PG86cD48L286cD48L3A+DQo8L2Rpdj4NCjwvZGl2 Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8L2Rpdj4NCjxw IGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPGRpdj4NCjxkaXY+DQo8 cCBjbGFzcz0iTXNvTm9ybWFsIj5PbiBXZWQsIDIgRGVjIDIwMjAgYXQgMjM6MzAsIEJyaWFuIENh bXBiZWxsICZsdDtiY2FtcGJlbGw9PGEgaHJlZj0ibWFpbHRvOjQwcGluZ2lkZW50aXR5LmNvbUBk bWFyYy5pZXRmLm9yZyIgdGFyZ2V0PSJfYmxhbmsiPjQwcGluZ2lkZW50aXR5LmNvbUBkbWFyYy5p ZXRmLm9yZzwvYT4mZ3Q7IHdyb3RlOjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8YmxvY2txdW90 ZSBzdHlsZT0iYm9yZGVyOm5vbmU7Ym9yZGVyLWxlZnQ6c29saWQgI0NDQ0NDQyAxLjBwdDtwYWRk aW5nOjBpbiAwaW4gMGluIDYuMHB0O21hcmdpbi1sZWZ0OjQuOHB0O21hcmdpbi1yaWdodDowaW4i Pg0KPGRpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj5UaGVyZSB3ZXJlIGEgZmV3IGl0 ZW1zIGRpc2N1c3NlZCBzb21ld2hhdCBkdXJpbmcgdGhlIDxhIGhyZWY9Imh0dHBzOi8vZGF0YXRy YWNrZXIuaWV0Zi5vcmcvbWVldGluZy9pbnRlcmltLTIwMjAtb2F1dGgtMTYvc2Vzc2lvbi9vYXV0 aCIgdGFyZ2V0PSJfYmxhbmsiPg0KcmVjZW50IGludGVyaW08L2E+IHRoYXQgSSBjb21taXR0ZWQg dG8gYnJpbmdpbmcgYmFjayB0byB0aGUgbGlzdC4gVGhlIHNsaWRlIGJlbG93IChhbHNvIGF2YWls YWJsZSB3aXRoIGEgZmV3IGV4dHJhIHNwZWxsaW5nIGVycm9ycyBhcyBzbGlkZSAjMTkgZnJvbQ0K PGEgaHJlZj0iaHR0cHM6Ly9kYXRhdHJhY2tlci5pZXRmLm9yZy9tZWV0aW5nL2ludGVyaW0tMjAy MC1vYXV0aC0xNi9tYXRlcmlhbHMvc2xpZGVzLWludGVyaW0tMjAyMC1vYXV0aC0xNi1zZXNzYS1k cG9wLTAxLnBkZiIgdGFyZ2V0PSJfYmxhbmsiPg0KdGhlIGludGVyaW0gcHJlc2VudGF0aW9uPC9h PikgaXMgdGhlIGxhc3Qgb2YgdGhlbS48bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxw IGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0K PHAgY2xhc3M9Ik1zb05vcm1hbCI+VG8gc3VtbWFyaXplLCBJJ20gd29uZGVyaW5nIGlmIHRoZXJl J3MgV0cgaW50ZXJlc3QgaW4gd29ya2luZyB0byBmb3JtYWxpemUgYSBjbGllbnQtdG8tQVMgYXV0 aGVudGljYXRpb24gbWVjaGFuaXNtIGJhc2VkIG9uIERQb1AuIEkgdGhpbmsgaXQgcG90ZW50aWFs bHkgd291bGQgYmUgcHJvYmxlbWF0aWMgdG8gcHV0IGludG8gdGhlIGN1cnJlbnQgZG9jdW1lbnQg KGZvciBhIG51bWJlciBvZiByZWFzb25zKSBzbw0KIGFtIHByZWVtcHRpdmVseSBydWxpbmcgb3V0 IHRoYXQgb3B0aW9uLiBUaHVzLCBiYXNpY2FsbHksIEknbSBhc2tpbmcgdGhlIFdHIGlmIHRoZXJl IGlzIHNvbWUvbXVjaCBpbnRlcmVzdCBpbiB0aGUgaWRlYT8gSW4gd2hpY2ggY2FzZSBJJ2xsIGZp bmQgc29tZSB0aW1lIChhdCBzb21lIHBvaW50KSB0byB3cml0ZSB1cCBhbiBJLUQgZm9yIGl0IGFu ZCBicmluZyB0aGF0IGJhY2sgdG8gdGhlIGdyb3VwIGZvciBjb25zaWRlcmF0aW9uLiBPciBpZiBJ IHNob3VsZCwNCiBhcyB0aGUgc2xpZGUgc2F5cywgJnF1b3Q7c2h1dCB1cCBhbmQgbmV2ZXIgc3Bl YWsgb2YgdGhpcyBhZ2FpbiZxdW90Oz88bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxw IGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0K PHAgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1hcmdpbi1ib3R0b206MTIuMHB0Ij48aW1nIGJv cmRlcj0iMCIgd2lkdGg9Ijk5MCIgaGVpZ2h0PSI1NTYiIHN0eWxlPSJ3aWR0aDoxMC4zMTI1aW47 aGVpZ2h0OjUuNzkxNmluIiBpZD0iX3gwMDAwX2kxMDI1IiBzcmM9ImNpZDppbWFnZTAwMS5qcGdA MDFENkNBMjcuMzZCNzgzNjAiPjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8L2Rpdj4NCjxwIGNs YXNzPSJNc29Ob3JtYWwiPjxicj4NCjxiPjxpPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTAuMHB0 O2ZvbnQtZmFtaWx5OiZxdW90O1NlZ29lIFVJJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6IzU1NTU1 NTtib3JkZXI6bm9uZSB3aW5kb3d0ZXh0IDEuMHB0O3BhZGRpbmc6MGluIj5DT05GSURFTlRJQUxJ VFkgTk9USUNFOiBUaGlzIGVtYWlsIG1heSBjb250YWluIGNvbmZpZGVudGlhbCBhbmQgcHJpdmls ZWdlZCBtYXRlcmlhbCBmb3IgdGhlIHNvbGUgdXNlIG9mIHRoZSBpbnRlbmRlZCByZWNpcGllbnQo cykuDQogQW55IHJldmlldywgdXNlLCBkaXN0cmlidXRpb24gb3IgZGlzY2xvc3VyZSBieSBvdGhl cnMgaXMgc3RyaWN0bHkgcHJvaGliaXRlZC4mbmJzcDsgSWYgeW91IGhhdmUgcmVjZWl2ZWQgdGhp cyBjb21tdW5pY2F0aW9uIGluIGVycm9yLCBwbGVhc2Ugbm90aWZ5IHRoZSBzZW5kZXIgaW1tZWRp YXRlbHkgYnkgZS1tYWlsIGFuZCBkZWxldGUgdGhlIG1lc3NhZ2UgYW5kIGFueSBmaWxlIGF0dGFj aG1lbnRzIGZyb20geW91ciBjb21wdXRlci4gVGhhbmsgeW91Ljwvc3Bhbj48L2k+PC9iPl9fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fPGJyPg0KT0F1dGggbWFp bGluZyBsaXN0PGJyPg0KPGEgaHJlZj0ibWFpbHRvOk9BdXRoQGlldGYub3JnIiB0YXJnZXQ9Il9i bGFuayI+T0F1dGhAaWV0Zi5vcmc8L2E+PGJyPg0KPGEgaHJlZj0iaHR0cHM6Ly93d3cuaWV0Zi5v cmcvbWFpbG1hbi9saXN0aW5mby9vYXV0aCIgdGFyZ2V0PSJfYmxhbmsiPmh0dHBzOi8vd3d3Lmll dGYub3JnL21haWxtYW4vbGlzdGluZm8vb2F1dGg8L2E+PG86cD48L286cD48L3A+DQo8L2Jsb2Nr cXVvdGU+DQo8L2Rpdj4NCjwvZGl2Pg0KPC9ib2R5Pg0KPC9odG1sPg0K --_000_5F2D6022CA134255ADC278CCC1AED766mitreorg_-- --_004_5F2D6022CA134255ADC278CCC1AED766mitreorg_ Content-Type: image/jpeg; name="image001.jpg" Content-Description: image001.jpg Content-Disposition: inline; filename="image001.jpg"; size=124545; creation-date="Fri, 04 Dec 2020 15:21:23 GMT"; modification-date="Fri, 04 Dec 2020 15:21:23 GMT" Content-ID: Content-Transfer-Encoding: base64 /9j/4AAQSkZJRgABAQAAZABkAAD/4QCARXhpZgAATU0AKgAAAAgABAEaAAUAAAABAAAAPgEbAAUA AAABAAAARgEoAAMAAAABAAIAAIdpAAQAAAABAAAATgAAAAAAAABkAAAAAQAAAGQAAAABAAOgAQAD AAAAAQABAACgAgAEAAAAAQAAA+igAwAEAAAAAQAAAjMAAAAA/+0AOFBob3Rvc2hvcCAzLjAAOEJJ TQQEAAAAAAAAOEJJTQQlAAAAAAAQ1B2M2Y8AsgTpgAmY7PhCfv/AABEIAjMD6AMBIgACEQEDEQH/ xAAfAAABBQEBAQEBAQAAAAAAAAAAAQIDBAUGBwgJCgv/xAC1EAACAQMDAgQDBQUEBAAAAX0BAgMA BBEFEiExQQYTUWEHInEUMoGRoQgjQrHBFVLR8CQzYnKCCQoWFxgZGiUmJygpKjQ1Njc4OTpDREVG R0hJSlNUVVZXWFlaY2RlZmdoaWpzdHV2d3h5eoOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0 tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4eLj5OXm5+jp6vHy8/T19vf4+fr/xAAfAQADAQEBAQEB AQEBAAAAAAAAAQIDBAUGBwgJCgv/xAC1EQACAQIEBAMEBwUEBAABAncAAQIDEQQFITEGEkFRB2Fx EyIygQgUQpGhscEJIzNS8BVictEKFiQ04SXxFxgZGiYnKCkqNTY3ODk6Q0RFRkdISUpTVFVWV1hZ WmNkZWZnaGlqc3R1dnd4eXqCg4SFhoeIiYqSk5SVlpeYmZqio6Slpqeoqaqys7S1tre4ubrCw8TF xsfIycrS09TV1tfY2dri4+Tl5ufo6ery8/T19vf4+fr/2wBDAAICAgICAgMCAgMFAwMDBQYFBQUF BggGBgYGBggKCAgICAgICgoKCgoKCgoMDAwMDAwODg4ODg8PDw8PDw8PDw//2wBDAQICAgQEBAcE BAcQCwkLEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBD/ 3QAEAD//2gAMAwEAAhEDEQA/AP38ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACvB/2Wbu6v /wBmP4Q319M9zc3Pg/QJJZZGLvI76fAWZmOSWJOSTyTXvFeAfsnf8ms/Bv8A7Ezw9/6boKAPf6KK KACiiigAooooAKKKKACiq91dW9jbSXd3IsUMKlndjgKB1JNRadqVhq9lFqOmTpc2043JIhyrD6ig C7RRWU+uaRHqyaE93Gt/IhkWEsN5UdSBQBq0UVS1DUbHSbKXUNSnS3toF3PI5wqgepNAF2iq9pd2 1/bR3lnIs0MyhkdTkEHoQasUAFFFFABRRRQAUUUUAFFFFAH/0P38ooooAKKKKACiiigAooooAKKK KACiiigAooooAKK/DDxr/wAFc/Gvhbxjr3hmD4d6fPFpF/dWayNfShnW3laMMQI8AkLk1hWv/BZP xekytffDGxliyMrHqUsbEd8MYHA/KvrI8EZk1zKn+K/zPSWU17Xt+KP3sor4r/ZY/bk+Ff7UbTaF pUM3hzxZaRGaXSbx1cyRrjdJbTLgTKuRuyqOOpTbzX2pXzuMwVXD1HSrRtJHDVpShLlkrMKKKK5T MKKKKACiiigAooooAKKK+W/2jv2v/g3+zLYKnjjUGvNfuYfOtNGsgJLyZSSquwJCxRlgRvkIBwdo YgiujDYWpWmqdKLcn0RdOnKb5Yq7PqSiuBtvG/274XRfEi3tNn2jRl1ZLdnzjfb+eIy4HbOCce+K /O79j/8A4KG+J/2mfi9/wrTV/B1nocH9n3N79ogupJn3QFAF2sijB3dc114fKK9WnUqwjpDfVaGs MNOUZSS0W5+p9FFFeYc4UUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUV8U/ts/tWax+yj4P8O+JdG8 PweIJdcv3tGjuJ2gWNUiMm4FFYkkjFeg/smfHfUf2j/gxp/xS1XSYtFuL25urc20MjSoot5CgIZg p5xnpXoyyqusMsW17jdr36+nyN3h5qn7XofStFFfG37av7UWr/sqfD/RPGWjaDBr82ramLBoriZo VRTBJLvBRWJOUAx71z4PB1MRVjRpK8nsRSpSnJRjuz7Jor5e/ZC/aB1P9pf4Px/E3VtHh0O4e+ub T7PBK0yYg24bcwU5O7pivqGlisNOjUlSqLVOzFUpuEnGW6CiiiucgKKKKACiiigAooooAKKKKACi vy4/bH/4KDeJv2YPizb/AA30fwfaa7BNplvfm4nupIXDTySoU2qjDAEY5z3r9I/BuuyeKPCGh+Jp ohBJq9jbXbRqchDcRLIVBPUDdjNejisqr0aUK9RWjPbU3qYacIqclozpKKKK84wCiiigAooooAKK KKACiiigAooooAKKKKACiiigAor8uP2m/wDgp78P/gv4mvvh/wDDvRj418QaY7wXk5n+z6fazocN HvCu8zoRh1UKoPG/cCB8Y2n/AAWI+MqXokvvA+gTWm4Zjja6jkK9wJDK4B99n4V9RhODswrU1UjT sntdpHoUsrrSXMkf0K0V8Pfsqft3/C39p+VvDdvbyeF/GMUZlbSrqRZROijLtazgKJQg5YFEcDJ2 lQWr7hrwcbgauHqOlWjaSOOrRlCXLNWYUV+e/wC23+3Ef2UdR8M+HdC0K38R6zrkU91PDPO0At7W Ngkb/KrEmV94H+43tWj+xJ+2qv7WEXifTtZ0WDw7rnh4wSrbwztMs9pPlfMBdVOUdcN2G5fWu55D ivqv1zl9zvp3ttvubfU6ns/a20PveiiivHOUKKKKACivjnxT+2/8GNG+NPh/4CeHbl/E3ijWNTj0 y6+xEfZdPkZtriaY8NIhGDHHuIIIcoRiut/a2+Peo/s2/Bq8+KGlaRFrdxbXdrbC2mlaFCLh9pYs oY8fSvQjlWIc6dNws57X0ubrDTvGNt9j6Zor4t/Yn/ao1j9q3wV4g8VazoEHh+XRdQWyWO3maZZF aJZNxLqpBy2MV9pVjjcHUw9WVGqrSW5FWlKEnGW6CiiiuUzCiiigAooooAKKKKACvAP2Tv8Ak1n4 N/8AYmeHv/TdBXv9eAfsnf8AJrPwb/7Ezw9/6boKAPf6KKKACiiigAor598Q/tNfBqyXUNM8L+MN G8S+IbFnifTNP1G3urmKWMlWE8ULs8YRhhtwBB46180+Gfjd4u0bxhP4l1GZr2C/YC5tycIUHQIO ilB90j8eM0WA/RikYhVLHoOawNF8UaH4g0KPxJpt0rWDoXZ2IXy9oywf+6V75/lXxT8X/jZfeJ7/ APsfwrO9tpdpIG81CUeeRDkN6hQRlR+J7YAIPjN8Y7jxhdSeH9BdodGhbDNyrXDDuR1C+g/Osb4R fFu98A340/UC1xotw37yPqYif40/qO/1rwe5u5obiS6vJC8UzF2duqsTkk+38q4e/wBZuPFl0+ge FbgC0j4vL+JgyoD/AMsoWGQZCOpH3R70AfrH8Rfi9onhDwzb6rpci39zqiFrIKcowwMux9FyMjrn ivgG58Va/da+fE815J/aRk8wSg4II6Y9APT0rnfOv4NBtPD1pO4srA7oImJZQSoU9eeQOfz61FZN Lqkxs7IpHNGpkneU4jtYl+9LKeyDsOrngc5I5cdjqWGoyr15csY6tv8Ar/hzSlSlOShBXbPvfwL+ 0P4d1XSY4fExkt9TtgPtJijZ41iwf9IcrnamRg98ngEBiPnr4t/F+7+IF4bHS2MOhwHMSg8zHtI+ P0HavG11Ge3EcPhy5msbWB/NSbhZ7qbG3zpxjBUjhYiCgT5SMHAjmWGaC41WwiW3+zjzL6zTO2AE 4NzBnJMBP3l5MRODkEM3yeH4mxMKkamPo+zo1HaD6xeyVRbR5unRP3Za2O+eCg01SleS38/Tvb/g o97+D3xnfwPKNG8RzbtCckmRj/x7HqW/3O5HbrX2x4Y8Z6F4tSc6TI4e3blJUMchQ/ckCtzsccqe vYgHIH5YRqLBYNRvoRJeShZbKzlHyov8N1cqe2eYojyT8zdtvVeDviBrng/Vo9Rub+aeIuXaeTMk kDucu2By0Ln/AFkY6feQBshprcUYic3XwdHnw8NJSXxS7umvtKPX+bVRu1qRwMElGpK03sui9e1/ w6n6oUV51oPxL8Pap4an8QX08dmLGNXuVLBgoYZVkI++knVGH3unWvjrxn8dPFGt+KoNY0KZ7Cw0 1ybaH++OhaUdyw4x0A4Hcn7DB4uliKUa9CXNGSumtmjz6lOUJOMlZo/Qqivnzw9+038GrxNP03xV 4w0bwz4gvmSJNN1HUbe1uZZXIVfIjmkV5A7HC7QTnjr1+g66CAooooAKKKKAP//R/fyiiigAoooo AKKKKACiiigAooooAKKKKACiiigD+Tn4UaVpeuft4aTpGtWcOoWF343mjmt7iNZYZUa9fKujgqwP cEYr+kTxZ+yj+zZ410e40TXPhroAhuVKmS10+CzuEz3juLdY5UPurCv5y/gp/wApANB/7HqT/wBL Xr+rav0fjrE1KdWg6cmvd6O3U93N6koyhyvofyN+OtG139jL9rW6sfD948tx4C1iC5tJTw89nIqT xpJjAPm20gSQDg5YdK/p5+NXx9+HvwI+GM3xU8bXTjTMRi1hhAa4vJphuihhRioLsMk5ICqCxIAN fzbf8FDtXtfE37ZXj99HP2gRTWFkNnzFprayt4ZF47iRWXHqK+qv+Csuoa7pc/wh+H93IwstL0WW Zlz8r3WY4HJx1KrGMem446nPsZplqx88Aqz1lFuXdpJP8/zOnEUPbOjzbta/cin4j/4K+fHHUtYl l8DeCdDsNKiJcQ3i3V9cCNepeWKa3XHqRGMetfY/7Jv/AAUx8OfHDxXZ/DT4m6NH4W8S6rJ5Wn3F tIz2F1IRkQnzPnhlY8ICWVz8u4MVDe2/8E8/hv4Q8D/steD9U0CziW/8UWv9oaldBVMtxNK74V3x krEuEVegAPckn8QP+ChfgXw58Jf2sNZh+Hsa6PBdRWWrJDafultLqZdz+UExsy6+YAPuluMDAHFh sJluOr1cBTocjje0r9nbX/g3MqdOhWnKjGFrbM/oh/aR/aM8Dfsy/DyTx740El080otrGxtyvn3d yylgiluFUBSXc5CjsWKqfxum/wCCtX7Rd9cz69ovgHRB4dtG2zBoL2cx7j8oe6WZEVvTMYz6dMc1 /wAFVvGuteJvGHwptNSjkgjfwnBqpibhUudRlYTLjpuHkqD+FbvwU/bU+I3wz+CWifCfQP2fH1rw +lj5U02y6MWpfaVzNPIotWVxPuJPLDBABwBSyjh6lTwUK8qKqTk9bySSWu1ww2CjGkpuPM352P1F /Y9/bQ8H/tW6Le2kVi2g+LdEjSS/05n8yNo3O0T28nBePdgMCoZCQDkFWb5K/aP/AOCoGteDPibq Hwn+AnhO38SajpF29jPeXonmSe7jOySG2trdo5G2OCu8v8xB2rjDH4a/4J+6D8R/Bf7X/hTV7jwr q+i6NqbahaXIktLlIUgntZWjR5HQAqsqxnLd1B61S/aJ/Z4/aN/ZY+Pmr/FjwFY6gdMTUrrU9K1/ ToWuY4IrpnPl3B2uEdUcxuJRtfkjKmtaXDmAp5hOm7NON4xb0vdq1/K3no+tio4GjGu4+V0j6Bsv +CrH7SHgTxDBYfGX4badFbn5pLYW17pN6UPdGuZJl47Zj59e9ft18K/iZ4V+Mfw+0T4l+C5mn0fX YPOh3gLIhDFJI5FBIDxurIwBI3A4JHNfziwf8FDvEHjiXRrb9pX4d+HfirY6LI0kElzb/ZLuMyAL IQyboCGCjKmDBIGegx+/v7M3xG+EvxS+EGk+LPgtpcGheHJWli/s6G2itPsdwjfvYnhh/dqwJ3ZX IYENnmvH4tymNGlCaw/I72bTvF/r+C+Zy5lhlCKfJZ+Wx77X8hv7XPx48QftCfGO88XeItOtdMn0 mI6RHHa7yjQ2k8xV28xmO87znGB0wK/ryr+bD/graAP2n9NwMf8AFNWP/pTdUeHlWCxkoON21o+1 t/vDJJL2rVtT7e/Yu/ay8YftA/C3x/4D8R6NY6ba+BPC8MFtNaeb5kw+zyw5l8xmGcRA/LjkmvyH /ZC/aB0v9mj4pXnxM1HSptakTSLyztbWJljElzOYzH5jt9yP5TuYKx9FNf01+H1Vf2XNO2gD/ijY f/TcK/nt/wCCZvgvQPGf7V2h/wDCQ2kd7Fodnd6nDHKNyC5gVVhcg8Exs4dfRgD1Fe1k2Kw86OOq OnaGl4p9k76+Z14WpBxrS5bLsfQqf8FcPj5oniZD4u8AaNHpMmyT7GI7y1u/JJzlZ5JXUlh0bycd OOuf28+FPxb8I/F/4XaN8W/Dcxh0TWLVrnNwVRrfyyyzJKQSoaJ0ZXOcZUnOOa/Lj/gsbo+nSfD3 4e+IGt0+3wapc2qzbR5nkywb2Td127owcetcV8LPEepeH/8AgkT4vv7Bn83dfWQ2EgiK91CO3l6d tkzZ9s15eOyzC4vBUMTh6fs5Smo6O+7aOerh6dSlCpCPK27E/wAYv+CtHiOTxhP4W/Z08J2urWcb mGG+1OOeaW7cEgvDa27xsqHHybmLEclV+7XU/s+/8FV7jxJ45tPAP7QXhm28NyX8yWiajYCWOG3u XbYBdQXDu6IScFw52fxLjLL+bH7GHxx8S/ALxXr3jHwh8NX+IGqz2sVqkqCYtYRuzM+DDFLgzbQM nBwhA4Jq7+1P4v8Aif8AtN/EC1+Iknwf1DwrqCWaWlz9mtLqb7UY2YpLITAnzqrBM4J2gDOAAPpZ 8MYPneFdBKFvj5le/pv+nlY7ngKV/Z8mne+p/VrXy7+2D8afHX7PvwVvPip4E0ez1qbSru1S8ivf M8tLS4YxGQeUytuErRjrjBJrvf2ddW1jW/gJ8O9T8RRzxatLoGmi8W5Vlm+0pbokpkD4YMXBJzzX R/FnwBY/FT4Y+KfhxqOBD4j065st7DIjeaMrHJ9Y3w49xX5Lh1CjiUqyvFS181fU+bhaNRc2qTPm b9hz9q7Uf2q/AWu674j0600jXNB1AW01tZlzEbeWJXhl/eMzAswkUjOPkr4T8S/8FZvFmi/GXUfC dr4Z0mbwdYa5JY/bi0/2l9PiufKacYk2b2jBcfLgHHBr4u/Yy+PV7+zH4m+K2k645sLm98OalDDC 52ka3poZrVG9wxlT6nivkmH4b+I7n4W3vxfCZ0S01i30VnwSTcz28tx17BVjGfdh+P6theEcJHFV nVj+7fLy/Pe3z2Po6eWU1UnzLTSx/UZ+2p+07c/su/Cez8baFZWuraxquow2NnbXLP5TBkeWWQ+W VYhUTGQfvMtcR+zb+2Fq3j/9nfxJ+0X8c7LT/Cfh/R7qaKBrMSnzoYFQMwEjsXd5n8qNV5LjHcV+ Kn7Xn7RMnx08F/BHw1ZTm8k8P+Govt4Q5ZtVlf7LMGUclttqjr7Scda+wf2+PCOpfAz9i34LfBKz zBBFcK+phOFkvY7dppc46q088jgeoB5wDXiQ4ZowoUMNVVqtSbu+qir3t8kvvORYCKhCnJe9J/gj F8ff8FfPijqevS2vwh8E6ZZaWGYQnVRPe3kqKchytvLCkZIGSg8zH949a9o/Z0/4Kwad418VWfg7 46aDbeHDqckcFvquns/2OOaRtoFzFMzPHGSR+8DsF/iAXLD0L/gk58OfCOj/AACufiRbWcUniLxB qV1BcXZUGZLe2KpHbq2MqmQZCO5bJzhcfDX/AAVo+HPhHwd8bPD/AIp8NWkVhd+K9Nkn1CKFQiyX EExT7QygAb5FYBj/ABFMnkknqpYXK6+LnlkaHK1dKV9brc0jTw86rw6hbzP2H/bN/aC8Q/s0/Bv/ AIWT4Y0y11a9Oo21kIbwuItk4clv3bK2Rs45r8qtX/4LCfFCXwpbQ6J4N0i38SNPKbiabz5LNLcB PKEcQmWRpCd+5mcKPlwp5Nek/tQ+IdV8Vf8ABLf4Za3rZka9lbRI5HlJZ5PIimhWRieSZFQNk8nO TVr/AIJDfC/whqngvxz8RdZ0q21DU31GLS4ZbiJJTDDFAJZFj3g7fMMw346hQD0rkwGX4LDZfPEY mlzyhNrtfW33dTOjRpU6DnUjdp2PC/2yfjL48+Pv7HHwr+KPxC0e00a+1TxDqCwpZeYIZreCJohM ElZ2Tc6uNpduAGB5wP0U/wCCX80Vv+x9o1xcOsUUWoaozuxCqqrOxJJPAAHU188/8FdNH0jw/wDB j4caLoNjBpun2msTJDbW0SwwxILdvlSNAFUewFUvgHq99on/AASd8Z3+nBvPNpr0OUOGCXExhds/ 7KOT+FaYqMcRlFONNcqlV0Xa7Y6iU8NFRVk5f5nL/Gn/AIK2+JIvGNz4c/Z+8L2N/plvL9niv9VS aaS8cNt3w28EkW1GP3NzMzDkqpO0fJn7V/7bPiH9pH4V6T8O/iF4S/4RrxXoOspfO1uHS2kg+zSx kGKcmWKQM4IBLgrk5BGD69/wSG8GeHNd+MvivxVq9rHdah4d0qM2BkAbyZLqXZJKgPRwi7A3YMR3 r3r/AILFeDPDv/CK+AfiAlvHFrgvp9NeZQBJNbPEZQrkcsI3T5c/d3tjqa9OhDAYXM6eBp0feX2r 63tf56f8MdEFRp4iNGMNe59Cf8Ep/wDk1C3/AOw1qP8A7Tr9Ja/Nr/glP/yahb/9hrUf/adfpLX5 1xJ/v9f/ABM8PH/xp+p+Sf7Y3/BQv4ifs3fGmb4ZeGfDOlapYxWNrdefeGfzS04YsP3bquBjjivn /wCJf/BW34pXWs3t78GfBNhD4TsZhELzV4bm5ml5+Uv5EsMcJcdEJc/7VfPn/BVT/k7K8/7A+nf+ gvX7q6T8LfBuhfslj4YWWlwJog8KvC9vsBV3ktC8kjZzl3kJkLHncd3WvsKtHL8JhMLWqUOaU1rq /K79ex6koUadOnKULtnhv7Ef7ddp+1PNqng/xNo8WgeMNIt/thjtnL2t3a7wjSRByXRo2ZQ6MW+8 CGPIXh/2wv8AgpBo/wCz/wCKp/hj8OdGi8S+K7DYb+W6dlsbMugdYsRkPLLggsAVCZxktkL+bn/B KWR0/atiVTgPoeohvcZiP8wK+VPBHxC1OH9oyH4o33hZvG+pf2zdaq2kS73a6uC0kwDhFkY+W/7w jac7eeM16K4Swv8AaFX3bwjFNRv1d+vbT+kbLLaftpaaJXsfpD4Q/wCCtfxh8Pa/ZQ/Gn4f2B0m6 ZZHOnxXNjdi3c/6yJbmWVJMdQDtDYxuH3q/bvwR8RPCPxD8B6X8SvDF+k/h/V7QXsNw/7sLFglvM 3fcaMghwfukEHpX89P7Vn7Snxb/ap8D2HhLXPgZe6LeaXeLd22oxQ3k80Q2skkQDW6fJICCwzjKq cZAx6x8Gtd8e+Cf+CYHxk0fXdP1DTLvTb97W2juYpbdlstVazhkCCQKdm6WZmxxyfU15+ccO0qlG nUhTVObkotJpqzdrmOKwMZRjJLld7Wvfc7D4xf8ABWjxHJ4wn8Lfs6eE7XVrONzDDfanHPNLduCQ Xhtbd42VDj5NzFiOSq/drqf2ff8AgqvceJPHNp4B/aC8M23huS/mS0TUbASxw29y7bALqC4d3RCT guHOz+JcZZfzY/Yw+OPiX4BeK9e8Y+EPhq/xA1We1itUlQTFrCN2ZnwYYpcGbaBk4OEIHBNXf2p/ F/xP/ab+IFr8RJPg/qHhXUEs0tLn7NaXU32oxsxSWQmBPnVWCZwTtAGcAAe7PhjB87wroJQt8fMr 39N/08rHW8BSv7Pk0731P6a/i/8AFfwj8Efh3rPxN8cTPFpOjRh3WIBpppHYJHFEpKhnkchVBIHO SQASPxEvv+Ctvx58Q+KJE+Hvw/0l9KiZ5BaSRXl7eGBT1eWGWNQQOpEWAfauk/b98WeJtU/Yi+Al vrsVzFd6mthNqP2gMkv2y004xsJVfDbmd3b5ueM19Rf8En/BnhzR/wBm2XxhY2sf9seINVuxd3OB 5pjtiI4ot3XYoBYL6sT3r5bB5dhcHgJYzEU/aScnFK9lo7fo/wADz6VCnSourOPM72PxW/a7/aJt P2nPiRpfxHh0iTQ7qLRrWwvLZ3EiLcwSzM5icYLRkOCNyqwOQQcbj/VP8JP+SVeDP+wLp3/pNHX8 2f8AwU18GeHfBv7Vus/8I5bx2ket2NnqVxFEAqLczKySttHAMhQSN6sxPU1/SZ8JP+SVeDP+wLp3 /pNHW/GEqcsBhJUVaLTsu2i0LzRxdGm4qyOw1fVtN0DSb3XdZuFtLDToJLm4mc4SKGFS7ux9FUEm vwq+IX/BW34ma14tuNE+Avgexm04SPHayalFc3l7dKp4kEFtJCI9w52fvCO59P258ezeDLfwTrs/ xF+y/wDCLx2U7an9tUNbG0CEyiVWBBXbnIwc9K/B/SP22/g38NPH+rx/sYfAZJdZ1dTai+ke4aS5 ijfcBFp8IdkRiA2FdCcLvUEADyeFMFTqqpKVB1GtrtKK9W3/AJnNl1JS5m4cz/A6v4Yf8Fb/AIgW XjG20H48+DtPt9LadYLqfTI7i1urME4aR4LiSbzNvVkBQ46c8H9345I5Y1liYOjgMrA5BB5BB9K/ kE/ar8YfGXx98WZvF/x18NDwp4n1Kzt3+xCzksT9mXckLGKZmlzhSuXJbCgdAK/rQ8AM7+A/Dbyn LtptmWPqTCma6+MspoUIUa1GCi5Xuk7rpsaZphoQUJRVrnXV+HEf/BWvxV4e+KWr+HfHHg6wPhvS bnUrctYGb7bI1ssq2ygySGMeZKqK7FTtUsQOAK/cev5O/gr4N0P4gftz6X4S8S2qX2l3viy8a4t5 BmOVIJpZijjurbMMOhGQax4Qy/DVoYiWJhdRjf8AO9icsoU5qbqK9kfVupf8FcP2h7TV4dTPgXQr PQrzL20E8N6ZZIs9VufPRXI6bliC/wCzX7Ifsw/tE+Gv2nPhZbfEfw/avpsyTPZ39jI4ka1u4grM m8AblKuro2ASrDIByB8uf8FVNA0q/wD2U59SntY2udG1awktZNo3ReYxhcIeoDK2CBwcD0FfLn/B NzxDqHhj9kT47+IdNL/adGW+vYAhwwlh0wuu3HfKDFdmMwWExeW/WsPS9nJSUd79v8zWrSpVKHtI Rs72PRf2m/8AgqWPh745vvhx8DPD9r4ivdJnktLvUb8yNatdI2xo7eGB0eUK2QXLqGPCgjDHzf4Y f8FavGml+LLbw9+0T4Kt9PsXIS4udMiuLe5tt2Nsj2tw8hdccsFZTjlQSAp/NL9lT4mat8JPi9bf EPRPAx+IOqaZbTtb2YErGCWTan2oeVHKcoGKgleC4OQQK98/a4+MXxV/avm8PahqPwWv/DWqaCJ4 /tcFvdzy3EE20iJ90CfKjKWXOcFmxjJz9O+GMJTnHDOgnG2s+ZJ39P6Xkd/9n0otU3DTvfU/Uv8A bX/bd+In7NWqeDb7wFoOk+IfC3jHTnura+uWnJeWNgWCGJ1UoYpYmU9TuPavpGL9pTTpf2Rv+GnB BFkeHW1Q224+V9vWMobbdnO37UPKz1/Gvy98efDfxH8Rf+CV3hbU/EGn3Vv4k+GV1NcCO7ieO4Fl FdzW7JtkAYRrbSxv6YiGOmK+QLT9o7y/2Ab/APZ/N1nUj4piVYs4I0iRTfHA9ryPnt835+FR4aoV 6MI04+9CpyyfdX3+6xyRwEJwSitVKz9D9Lf2QP8AgpB4y/aB+Nun/Crxx4d0vR4NXtbprWayM/mG 5t4/OCHzXZdpjSTtnIFdn+2/+374l/Zj+I2kfDzwRoena3cXGnLf3rXpl/dGaR0iRfKdcHbGWOc8 Fa/E/wABWviT9mr4s/B/4o6+DBBqK6f4jjwCM6bLdSQyKT3LwxsT7OPx901eMftjf8FEJbONvt2i at4hEOVO6NtG0gYZlPQCS3tyR23P3J59Wvwxg44v2/IvYqDb7XT/AMvyOmeX0lV57e6l+J/SJ8K9 e8UeKfhr4Y8T+NbKHTdd1fTra8u7W33COCW4jEhiG8s2U3bTknkGvFf21fivq3wY/Zo8Z+NvDs7W 2siCKysZU+/FPeyrAJVJ6NGrs6+6ivqcAAAAYAr8/P8Agp5o97qn7IXiS4s1Lrpt7ptzKF/55/aU iJx6AyAn061+a5RCFXHUoyXuuS0+ex4GGSlWins2fkJ/wTp/Zk8OftH/ABW1fVviHEb/AMM+EIIr m7ti7Kbu6unYW8cjKQ3lny5HfDAnaF6Ma/oS1/8AZs/Z/wDEvhqTwhqvw80I6VJG0Yih0+CAxBhg mF4kV4m9GRlYdjX5Ef8ABG7xbpFn4h+Jfgi5mSPUtUt9NvraMnDyRWbTxzY9dhnj468k/T95K+i4 3zDELMJQUmlG1rO3RO/3ndm1aftmr6LY/kg+O3gXXP2Ov2pr7SvBd+6SeFb+31PR7kkl/s8gWeBZ CMbiFPlS9A+G4wcV/V14O8TWnjLwfofjGxGy11ywtr+IHtHcxLKufwav5kf+CmXi3SfFf7WviOPS Jo7iPQ7Wy02V4+R58Me6VSe7I7lG9CpHav13+PXxLvP2cf8AgnxolvJK1r4jufDOkeG7ME4kW8ns khlYHqGiiSWQH+8or1uJcNPF4fBOX8Sdl96X/DnTj6bqQpX+Jn45fGTXNU/bU/bal0rw9cF7HX9X h0XTZV+dYdMtW8s3Cj+75ayXDD/aNM/Zi8Z6v+yL+2Ra6T4rl+zW9jqdx4b1on5YzbTS+SZT/wBM 0kWOcHuFGOtcX+xx8e/BX7N3xYk+J/i/w/c+IZbewntrGO2kjjME9wVV5SXB/wCWW9Bj++ayP2tv jR4M/aB+Mt78VPBmhXHh9NWtbZb2C5kSRnu4FMRlUxgABoljB77gxPWvtfqk3N4Fw/cclr6b/nt+ J6vs3f2NvctY/r3r8e/Hv/BRz4leE/2qbj4CWXhfSJtJh8RWujC6kNx9oMU80cbPxIE3AOSPlxX2 X+w58aP+F4/s3eFvEt7P5+s6TH/ZGpknLG7sgqb2P96WIxyn3evwh+NBC/8ABR2/ZuAPHWnk/wDg VDX5pw1ktOWJxFDExu4J/enueDgMJF1JwqK9kf0Z/tB/ErUvg98FvF3xN0e0hvr3w7YtdRQTlhFI 4YAB9hDY57EV+a3wg/4KR/Ez4ifCz4t+PdT8LaRbXXw902yvbSKE3HlzvdTmFll3SE4AGRtIOa+3 /wBuR1j/AGSvicznAOksPxaRAP1NfmD/AMEbAD4t+J4PI+w6Z/6NnqMmwOHeV1sVVp80oyX3Xjdf MWFpQ+ryqSV2n/kfmDoHxq13w/8AHiP4/W9hbS6vHrkuu/ZX3/ZjNNM0xj4bfsBYgfNnHev16/aS +OGvftEf8E1x8U/Emn22l3+oa5DC0Fpv8kC2vHiUr5hZuQvPPWvhb4aKD/wUkt1I4/4WHe8f9v8A LX7A/wDBUsAfsj6qAMD+1NN/9G19fnmJpPG4OCp+83Fp32V9rfqeni6kfa0ly66a/ofkt+yR+2rq f7M/ww17wR4J8KN4m8W+ItXW6gEu77LHCsCp9yI+bJIWX7g2gDndnivqn4Nf8FbfGM/jiy8O/Hjw vptppF3cC3mvdMSe2lsi7bRJLFcSyh0Q/fAZWC5I3EbW6z/gjr4L0D/hGfH3xCktI5NaN5b6ZHcM MvFbLGJnRD/CHdlLY67Vz0FfGP8AwVK0fTtJ/az1Oewt0gbUtL0+6n2KF8yYo0ZdsdWKoMnvilUo YDF5lWwdSj71ruV9b2Wy6bhKFGrXlSlHXuf08qysoZTkHkEdCKWuT8BSvP4F8OTSnc8mm2bMT3Jh Umusr8dnGzaPl2rOwUUUVIgooooAKKKKACvAP2Tv+TWfg3/2Jnh7/wBN0Fe/14B+yd/yaz8G/wDs TPD3/pugoA9/ooooAKKKKAPw2tv+Cf3xB+EHxu8b/FqG8h8RaDr095d82NrLJCLudpzmK4FwCEzg sqg4GeBxW7qsWj6JYS6lqRsoYIRyTpGlZJPAUAWeSSeAByTX7VkAjB5Br55v/wBmj4dan8Q7Px5f wtNFYlpotObH2Rbk/wDLXZ3x2B4B6ccV4eP4Zy/FVPa4ihGUu7V2dVLHVqa5YSaR8T+APgZ8XNa0 F/Heq6DpS6LcKXg0xbC1s9YEBHE8U9tDGElH3gh6j5ec88/d2smnSpFNKJ4JgxguNuwSqvDBlP3J E6SIfunp8pBr9fgAAABgCvmL4z/By41SC88S+CtLt9TvZv3lzpVwxjgu5lHyTKw5jkB4cj76bgeT z4tfIp5dL6zlFPT7VO9lJd430jNd9pLR9GumGKVZcmIfpLt691+R8PRR26W8WqanD58M+TZ2bHH2 sqf9ZJ3W3Q9T1c/KOvMpQao013Z20VtqYDS3VpbIY4blR964tkJYqw/5aR5J/iBPd+oab4lsLxn8 Y2slrrFwiPOsi7cYGAsYHAjXoirwB6nJPMa9rNvodtFdMZDd+YotEt/+Ph7j+ARdfmz+GOvBIOP+ rWMqf7fOrbFdLN8kV/z7t1i/tStzN+8rWSVfXaa/dKP7v8X5379lt0Nq2WXUpUttOKPI6GQuxxFF Ev3pZW/hRe56k4UAkgVn6yl1dwW9l4au2g0+CdZ7gyxru1R1GA02clI1/wCWKKfl6nJJJ7KTwb8Z m0b+0vFvg2LQdNliiuL5rR9xubvLfPKnVY1XB2D5Vcucc5PP9eldeBy7E42rHF5lDlUH7tO90mvt ya0b/lW0Vr8T0zq1oUounRd77v8ARdvPv6bwQXCzoWHDLwynqD6GuOTX9b1XxHbnwXdnT00ebfNq SqHO8cGCINlWyOJCQRj5evT0z4Z+BJ/jd4k1Pw/pDT2ulWUDx3mpxcIJmGFhRv4m/vEdBnBzVW98 KS+CLqTwtNafYTp58sRgYGB0YeobrnvX1eJw1OtTlSqxUotWaeqafRnBCbi1KLs0czpzatbSTf8A CRXv9o3l1K8jXbKEaUseA4HAIHAxxgcelGs6z/ZggtbWB77Ur5xFaWkQzLPKeigenqegpuvarDYx wWSW7319fuIbW0hG6WeVjgBQOmO57V+gPwU/Z40PwPeQ+PfECNeeKLq2iXExDrZZGWjiHQHPVupP 4U6NGFOCp01aKVklskuiCUm3d7nzdpn7K3xubwrZ3Gsa7pt42ZLg6RPp9pOLUS/MYbea4hk288kH jOema8ZvfDyabNPb6hBaW0tsWWVZNH0pShXqGzZ8Yr9lq8L+KvwB8G/Fie3uNYaWzYOn2r7Odn2q FDny5Pyxkc44ORivn63B2VVJupPDQbbu/dWre7OuOZV0rKb+8/ETXf2OPiR+098Q9I+Jnw8MWn6N 4elgRLo2ltZpPJDKJC0Qt0hDAEfeKk/hX9DHh+zvdP0OwsdRl8+6t4I0lkxjc6qAT+JqTRtG0vw9 pdtoui2yWdjZoI4ooxtVVXoAK0693CYSlQpqjRioxWyWyOWpUlNuUndhRRRXQQFFFFAH/9L9/KKK KACiiigAooooAKKKKACiiigAooooAKKKKAP459Y8d638Lv2lNY+IfhxIX1Tw74mvb23W4UvCZYbt 2UOqspK+oDA+9fXGsf8ABUr9rfxbYTaHoiaRpl1dLsWfTdOke5Xdx+7E0s67vQ7CfTnmv6YKK/Qa /GmGrcrrYRScVZXl/wDantTzWnK3NTvbz/4B/O1+w9+xB8UfiR8VbD42/HDSrzTPD2m3Y1UDVEZL zV74P5qExy/OYjJ+8kkcYk+6u7czL+gX/BSD9lXxJ+0L8PtI8UfDy2F74s8GtO0doCFe9s7jb5sa FiAZEKK6AnkblHzMAf0jorxcVxXiamMhi1ZOOy6W7fPqctTMakqqq9tj+YH4Eft7/Hf9lLwrc/B7 UfDtvqNrpkkhtbTWI57e5095GLvHgFGMZcltjAEEnDAHFO+B/wAA/jV+3l8c5fin8SLa4Xwzf3qT 61qxTyIDDEoC2lnu+82xViXZu8tcM56bv6ZtQ0DQtXlin1XTba9lhIMbzQpIyEcjaWBI/CtUAAAA YAr1avGcI89TDYdQqT3le/3K3z9d7nRLNUrypwtJ9T8n/wDgp9+y14p+LXhLQPib8NNMl1TWPCEc trdWFspeabT5CHVoYxy7QuD8ijJVyQDtxXwN8If+Cmfxb+C3wfh+D8nhq01S/wBChez03ULqSSKS 0iXISOe32kSmHO1fmj+UAMDgk/0tVh3Xhnw3f3y6nfaTaXF4nSaSCN5RjjhyCf1rgy/iWnHDRwuL oqpGLutbWMaOPiqap1I8yWx+QP8AwTlvf2yPiT4gm8c/FDxbrR+HNvbyiFNTCyPqdzMu2PyHnjaX yotxkMiMFLqqDcN4Hy18VPi5+3F+yP8AHy31v4keIta8TaFpt5J9lN1NKNF1e0kDKFKxgQiXyzkr t3xOAQMAE/0fgADA4AqGe3guomt7mNZonGGRwGUj3B4NOnxRD6xOrPDxcJK3LZLT1tvrq+vyQ45g udycFZ9D+Wz9p79qiz/a/fQvDfgz4P2fh/xD9sEpurEjUNVvnKMgt1aK2hcxktuKkOSyqRjBz+3X /BPr4F+K/gH+zxaeHfHERtdc1y+n1i5tS25rX7RHFEkLdg4jiUuB0YkdRmvsnTNA0LRN/wDY2nW1 h5hy32eFItxPrsAzWtWebcSRrYaODw9Pkgnfdyf3snE49TpqlCNl63Cv55P+CvfgTxHafGbw18Rv sUraDqOiQ6eLoIxiW7tri4domYDarGORWUE5YbsD5TX9DdV7q0tb63e0vYUuIJRh45FDow9CpyDX nZDnDwOJVdRvurbbmGDxXsZ89rn5A/sXfte+M/j34C8Z/C3xLo9jY2vgvwaqW09qsvmzmCE27NKX dkG4BSFUDnPOOB8Rf8EoR/xlWP8AsBah/wChQ1/SnpukaVo1v9k0eyhsYM58uCNYkz67VAFaFes+ JqUYYinRo8qqpddtN9tb/I6f7QilOMYWUvM/H7/gsT/ySPwGf+o5L/6SvXQ/sN/DTT/jD/wTy1D4 Y6pIYIfEcusWolHPlStLmKXHfZIFbHfGK/WCiuJcQSWBhg4xs4y5ua/r0t59zL661RVJLZ3ufyuf Cj4mfHX/AIJ1fGHWLLxL4XLC+j+y31hd74re+iicmKe1uVUg7STskUOuGYFc9PXLb9q79tf9rP44 Wo+BdxfeGUdIrZLDTpHk02yhDMzXF7JIhiJ5O6RkBICoqk4B/o41HStM1i3Npq1nDewE58ueNZEz 67WBFO0/TNO0m3FppdrFZwL0jhjWNB9FUAV7NbjChUbrTwsXVatdu6+639dzqlmkH7zprm7/APAK nh2w1LS9A03TNZ1F9X1C0toYbi9kRI3upo0CvMyRhUUyMCxVQFGcAYrYoor4WTu7njs/lc/4KO/C 3/hWX7VPiWa1h8rTvFyx67bYHBa7yLj2z9pSU/Qiv0B8Gfs6/a/+CUmp6QbXGsataT+MVwPmMkEg niK+pksoVT/gWB2r9oqK+yxHGVWdChRUbOm4u99+Xbp/mepPNJOEI2+G3zsfyW/sI/Cz/hbf7UXg vRLmHztO0i4/ti9yMr5On/vlDDuryiOM/wC9X9Bn7cn7ON9+0t8D7nwt4dMa+JdGuF1PSvMIRZZ4 kZGgZyQFEqOygk7Q+0twCR9jUVzZvxXVxOKp4qEeVw2V7/otyMTmMqlSNRK1j+Wj4FftVfH/APYX v9b+HGr+Gs2dzOZ5tI1mKa3aG5AEZmgdcHDqoBOGRwAV9Sy10D9oz/gpB8cU8S3dgUswYbWe8iia PTNH09XJ2Izt87Dc7BNxkkYk8DJX+ofU9F0bW41h1mwt7+NDlVuIklAPsHBq/FFFBEsMCLHGgAVV ACgDoAB0FepLjampSr0sOlVatzX/AEt/XmdDzaN3OMLSfU/Kz/gpP4P0f4f/ALEWg+BPDysumeHd Q0ewtg53P5NtBJEhc8ZYhQWPc81n/wDBH0f8WA8XH/qZ5v8A0itK/WeivBefN4CWCcbty5ua/wCl v1OP65+5dJrre5+PH/BYsH/hVXgE/wDUan/9Jmr0b/gn/wCCNM+JX7As3w91p2isfEh1zT5XTG9E uXeMuueNy5yPcV+oNFN5+/qEMFGNnGXNzX9elvPuH1x+xVJLZ3ufyieGta+Pf/BO349XNxeaSsV6 kctpJFdIxsNW093BDxSKRlSyK6sp3Iw2sPvobv7VHx9+Of7WGhaf8VPFHhv+xPAXhy4GnWn2cP8A ZPtt4pd/3smDNKyw87RiNQAQC2W/qg1HS9N1e2Nlq1pDe27EExzxrIhI6ZVgRVmCCC1hS2tY1hij AVEQBVUDoABwBX0C44p+0jiJ4ZOqtOa/T7tPxsdqzePMpun73c/N/wD4JUD/AIxQt/8AsNaj/OOv 0loor4zMsZ9YxE69rczbseXXq883PufzIf8ABVQH/hrG899H07/0F6/oenB/4UrIO/8Awjx/9JK9 Ror08xz36xQoUOS3s+t99vLTbzN6+M54Qhb4T+ZX/glOP+Mr4P8AsCaj/wC06q/tJ/Bz4s/sVftM N8YvA1hL/wAI8mqNqujaj5TTWiidiz2Vyy42kBniKsys8fzKeeP6dKjliinieCdFkjkBVlYAqwPU EHgg17M+NpPFyxHsvdlHlcW73WvW3n2Op5s/aOfLo1Zo/m2+LX/BSL9of4+DQPBnwl0i58Hailws rLoU891fX04QqI12IreVyWMW1skAknbX66fDr4L/ABd+In7I2p/C/wDaX8QS6n4s8YWdyJnkWHdp vmgfZYi0CIJGhZFkctuO8su4qAa+wdM8O+H9Fd5NG0y1sGl5c28KRFvqUAzWxXl5jn1KcIU8JRVN Rd77u/qc9fGRaUacOW33n8rnwo+Jnx1/4J1fGHWLLxL4XLC+j+y31hd74re+iicmKe1uVUg7STsk UOuGYFc9PXLb9q79tf8Aaz+OFqPgXcX3hlHSK2Sw06R5NNsoQzM1xeySIYieTukZASAqKpOAf6ON R0rTNYtzaatZw3sBOfLnjWRM+u1gRTtP0zTtJtxaaXaxWcC9I4Y1jQfRVAFerW4woVG608LF1WrX buvut/Xc6ZZpB+86a5u//APiL9tH9mrxR8eP2Z7fwVp9++t+NfC32XULS4kEUDald20LQzhwoSND cI7sANqiTaOFzX4n/s4/tnfGT9jOPXvhnc+HY7+zku2ml0vVFltp7K9CiOQqQAy7gqh0YEZUFdpL Fv6mqzLzRNG1G6gvtQsLe5ubU5hlliR3jP8AsMwJX8K8/KuJY0cPLC4mkqkG72vazMMNj1GDp1I3 R/H/APtG618YvG/j/wD4Wp8adNl0vVfG9umo2kckZgX7CrNbw+TE5LpEBEQm7lgN+W3bj/Wl8JRj 4VeDAf8AoC6d/wCk0deg0Vnn3EaxtKnSVPlUL7PS3TS2lhYzHe1jGPLax88ftY/DrxD8WP2dPHfg DwmN+sapp5+yx7gvmywSJOIgTwDJ5eznA+bkgc1/Ol+yd+1Frv7FXjfxUuu+B/7XudUhis7u0upG 06+tJbZ2YKHeGVkBLHzIynzEIcjbz/VpWXc6Hot5exand6fbz3kH+rmeJGkT/dcjI/A0ZNxDDD4e pha9LnhLW17fj8kGFxqhCVOcbp/I/ki/ar8Z/GD4tePbf41fFbw7N4dg8X24OjQvG0cX2C1wiiIu A7qC24uQN5YsPlIA/qd+BninTvG3wZ8D+LNJfzLbU9GsZl9VYwKHU+6sCp9wa9UoozviKOMo06Ma XJybWd1bta3prcMXjlVhGKjawV/LV+y4D/w8N0MY5HijVf5XNf1K0Vz5Nnn1SnWp8l/aK29rb+Tv v5GeFxfsoyVr3Vj88P8AgqN/yaJrn/YR0z/0oFfOn/BJDRrDxF8DvidoGqx+bY6nqYtZ0zjdFNZh HGe2VY1+zVFFHPXDL5YFR3le9/Tpby7jjjLUXRt1vc/lfuNG+OP/AATk/aL/AOEjj0prmztZJ7e1 uZ43+waxpsx+75qYAcqFYqDujkUZBAw3qHjz9u79q79p74haBonwKsb/AMK3FsGSHTdDnkuHuJJm UNLdyFERkTAwXRUjBYk8k1/SPd2dpf272l/AlzBJw0cih0b6q2Qaq6XomjaJEYNFsLewjbkrbxJE pPuEAFe7LjGjUarV8MpVUrXvp91v67o63mkZWlOmnLv/AMA8o8E/D/xXqPwItfhx8btX/wCEn1zV dJmstbu9kaCV7xGWZFESIhWNX8tW2gsFDN8xNfyO6l8M/Eum/Fa4+D0kW7XoNZbQ9mCA10Lj7MMD 0Z+nsa/tMorz8g4rngZVXyX59bbJPXy89tDHB5i6Lk7XufiF/wAFWvgrp3hr4QfCvxL4eg22ngzH hskDn7K9uptt2OgQ27Ae7+4rjv8Agj58LPt/ivxp8ZL6HMWk28ej2TEZBmuiJrgr6MkaRj6SGv3u opR4rqLLngHHf7V+jd2rW/UFmMvYOjb5hXK+OPBugfETwdrXgTxTB9p0nXrSazuUHBMcylSVPOGG cq3YgEciuqor5aE3FqUXqjzk7ao/lQ+Lf7PP7Rn7D/xPTxj4ba9isdMnaTS/Emnxlrd4myAs+Ayx uyZWSGUbW+YDenJ9K1//AIKr/tT694ak8OWo0TSbmeMxHUbKylF6N3G5PMnkiVvQiLjqMGv6ZGVW UqwyDwQehFc9beEPCdldjULPRLGC6B3CWO2iWTPruCg5r7z/AFzo1YxeMwynNddv0f8Al5Hsf2pG SXtaabXU/nT/AGLf2GfiR8a/iDYfFT4xabdaf4MtboahO+pK63OtTb/MCKsvztFI/MsrcMpIUliS vT/8Fa/jGfFXxf0b4P6bNmw8E2onulB4N/qCrJgjofLgEe09i7iv6J6K5lxlOWNji61O6imoxTsl frs7/wBdjP8AtRuqqso3tsj8x/2YP2AvgNH8BvB158V/BNtrPivU7JL++nuHnWRWuyZkhKpIoBij ZYyMdVJrM/az/YF+BqfADxbrHwh8GW+i+KdEtjqVtLbvM7yJaHzJ4dryMG3whwoxndt+lfqXRXkL iTGLEe39o972u7b3tbsc316rz8/M9+5/O3/wSU+MzeFfi5rPwc1ObFh41tjcWak8LqFgrPgdh5kH mbj3MaCvLv8Agod8MPH3wi/ao1b4pW9nNDpHiC8ttW0rUlj3Qi5jSMyRlsFRJHMhOw8ldrYwa/p1 qteWVnqNs9nqEEdzbyDDxyqHRh7q2Qa9mHGKjj5YyNKykrSV9/O9vJdDqWaWrOqo7qzR/OR8Vv21 f2iv2wfhLrnw78MeC4NM0bSrB9U8S31m0jq1rp6m4fc8uEgjZkDCPLO5AVWIJB9V/wCCNn/I2/E4 /wDTjpn/AKNnr93NO0vTNHthZaRaQ2VupyI4I1iQE99qgCr9ZYrimk8JUwdCgoRl5+aeumu3yJqZ jF05UoQsn5n8nvxrl8b/ALNX7a/iDxpc6XtvtJ8U3Ou6el0jrBd2s109xCwI2lkdG2kqeGyM5Br9 AP2g/j74g/aT/wCCcGofEvxNp1tpl+/iSC0eG0EghCQTjYQZGZidrDcc4JzgDpX7X6nomja3GkOs 2Fvfxxncq3ESShW9QHBwavQww20SW9vGsUUYCqiAKqgdAAOAK1xHF1Or7CcqPv02tb7pdNtL/OxU 8zUuRuGsbdT8hf8AgjsP+LP+Oj/1HY//AEljr4Z/4Kuf8nWP/wBgPT/5y1/TLRXNheKvZ5jPH+zv zdL+nW3l2Ip5jy13W5d+hx/w9GPAPhoH/oGWf/olK7Ciivk5yu2zzW7u4UUUVIgooooAKKKKACvA P2Tv+TWfg3/2Jnh7/wBN0Fe/14B+yd/yaz8G/wDsTPD3/pugoA9/ooooAKKKKACiviD9q39stf2Y df0LQ28If8JJ/bVrJc+Z9v8AsfleW+zbt+zzbs9c5H0r6N+C3xKHxg+GGgfEgad/ZP8AbkHnfZfO 8/yvmK48zZHu6ddorqqYKrGmq0l7r2EpK9j1KiiiuUZ5r8S/hrpPxE0c21yBDfwAm2uAPmRvQ+qn uK8I+DP7MZ8JeJpvHvxEuIdX1qJilhFGCbezi7FQwGXPc4rxT4+/8FEV+Bvxa134WnwAdaOiG2H2 v+1fs3m/aLeO4/1X2WTbt8zb985xnjOBe/Z5/wCCga/Hr4n2Pw3HgM6H9timk+1HVPtO3yl3Y8v7 LHnP+8K9N5PifZ+15fdtfdbfeR7RXsfo3JFHNG0Mqh0cEMpGQQeoIr4q+Jv7K+peJtcji8G6pHo+ iX0mb0HPnRRk/OkGOPm98Y7V9sUV5hZyHgbwN4b+HXhq08K+FrRbSxs1CgAcs3dmPdj3Jrkvir8K 9O+ImmGSLbb6vbKfInx1/wBh8dVP6dq8X/az/ayH7LkfhaQ+Fv8AhJh4lN6P+P77H5P2Pyf+mE2/ d53+zjHfPHxt/wAPak/6JWf/AAd//cNenh8nxNWCqU43T81/mQ6iWjPt74Ffs3R/D7VLjxx44ni1 fxVOSkToCYbOHskIbue7YzX1fXhv7OvxoHx++Fth8Sxo/wDYQvpriL7L9o+1bfIkMefM8uLOcZxt GPevcq4KtKUJOEt0WmFFFflT8TP+Cm6/Dn4ieJvAJ+G51A+HdRutP+0/2x5XnfZpWj37Psbbd23O 3ccdMnrW+EwNWu2qSvb0/UmUktz9VqK+B/2X/wBuJP2kfHF34LHgs+HTa2jXXnnUfte7aQNuz7PF jr13fhX3xUYnC1KM+SorMaknqgooornGFFFFAH//0/38ooooAKKKKACiiigAooooAKKKKACiiigA ooooAKK/Gz/gqB+0L8aPgt4y8Dab8LfFV14dttSsLua5S3WMiV0lVVJ3ox4BxX1TpPjj4ueI/wBg C08e+Gru+1T4h33hZLq3ntYfPvZr1h96OJEbc57AKfpXvSyCosPRxDkrVHZeXqdjwUlCM76SPuqi vyu/4J4eLf2tvEviXxlH+0nD4iisYLS0On/25p0lihlaR/M8oyQxbjtAyBnAxX6o1w5pl7wtZ0XJ St1WxjiKPs5uDdwooorzzEKKKKACiuM+I3jjS/hn4B8Q/EPW4ZrjT/DdhcahPHbhWmeO2jMjKgYq pYgYGSBnqa/Pn9jH9tnxr+1Z8avF+k3mlW2g+FdI0pbixso/31x5huETzJ5yBuYqT8qqqj0JG4+j hsqrVaNTEQXuw3ZvTw85Rc1sj9OaKK4z4jeONL+GfgHxD8Q9bhmuNP8ADdhcahPHbhWmeO2jMjKg YqpYgYGSBnqa4IQcpKMd2YpNuyOzor8xv2Mf22fGv7Vnxq8X6TeaVbaD4V0jSluLGyj/AH1x5huE TzJ5yBuYqT8qqqj0JG4/pzXbmOXVcLV9jWVpaP7zWvQlTlyy3CiiiuAxCiiigAor8t/+Cmv7UXi7 4G+FfCvg34Yay+jeKPEFzJdzXEIRpIbC2G3bhwwHnSuMHHSNhXzB/wAE8f21/it4z+On/CtfjP4p n16y8T2kkenNciNfJvrceaoBRV4ljEi4PVtgFfTYfhXEVME8dFrlV3brZbs74ZdOVL2y2P3noor8 mf8AgoV+3b4s+A+t2vwh+EBht/E1xapd3+pTRrN9ijlJEUcMbgoZWC7mZ1ZVUrhSWyvlZXldXGVl QorV/cvNnPh8PKrLkgfrNRX8y2mXn/BUXxJoqfEfSrrxvcadNH9ojZJZEEsbDcHjs8qXVhyu2Igj G3IIr6G/Yn/4KM/EzVPiVo3we+PV0ut2fiC4WwstTaFYr23vZnCQxzeWFWSN3OzJTerMCWKggfRY rgqvClKpSqRny7pPVHdUyqai5RknbsfvHRRRXxh5QUUUUAFFFFABRRXy1+1v+07pf7K3w0g8c3uj Ta9d6leLp9lbRyLDGbh4pJQ00hyVjCxnO1WJOBgZJHRhcLUrVI0qSvJ7F06bnJRjuz6lor44/Ya+ OnjX9on4L3PxI8eC2j1CbWL23jitI/KhhgiEZSNQSzHbuPzMxJ7mvy2+NP7V/wC0R4d/bf1D4b6J 43vbTwzD4osLJLFFi8oW8kkIePlC2CGOec817WC4ar1sRVwyaUoJt/I66WAnKcoX1R/QhRRRXzpw hRRRQAUUUUAFFFcZ8RvHGl/DPwD4h+IetwzXGn+G7C41CeO3CtM8dtGZGVAxVSxAwMkDPU1UIOUl GO7Gk27I7OivzG/Yx/bZ8a/tWfGrxfpN5pVtoPhXSNKW4sbKP99ceYbhE8yecgbmKk/Kqqo9CRuO J/wUO8Xftc+G/FXg6H9m2DxFLp81lctfnQ9NkvkEwkUJ5rRwy7TtzgEjjNe5Hh6ssWsHVajK19Xo tLnYsDP2nspOzP1UorxX9nK+8dal8C/BF/8AE1btPFVxpkD6kL6IwXQuSPn82NlUo3qCox6V7VXj V6XJOUL3s7HJONm0FFFFZEhRRRQAUV+Sf7WX/BRHxD8M/i+fgJ8L9ESHVbK9srfUdWvgJFUXIil2 2sAOCdkgBkkPByBGeGr7/wD2kL/x5pfwJ8bah8L1u38VwabK2mixhNxdG4GNvlRBXLN1wApPtXrV clr01RdXRVNvTTV/edMsLOPLzac2x7bRX5Xf8E8PFv7W3iXxL4yj/aTh8RRWMFpaHT/7c06SxQyt I/meUZIYtx2gZAzgYr9UaxzTL3hazouSlbqtiMRR9nNwbuFFFFeeYhRRRQAUUUUAFFFFABRRRQAU UUUAFFFfLX7W/wC07pf7K3w0g8c3ujTa9d6leLp9lbRyLDGbh4pJQ00hyVjCxnO1WJOBgZJHRhcL UrVI0qSvJ7F06bnJRjuz6lor44/Ya+OnjX9on4L3PxI8eC2j1CbWL23jitI/KhhgiEZSNQSzHbuP zMxJ7mvy2+NP7V/7RHh39t/UPhvonje9tPDMPiiwsksUWLyhbySQh4+ULYIY55zzXtYLhqvWxFXD JpSgm38jrpYCcpyhfVH9CFFFFfOnCFFFFABRRRQAUV8a/t8/EPxp8LP2YvEnjP4f6rLout2lxp6R XUIUuiy3caOBvDD5lJHSvA/+CYHxr+Kfxp8GeOdR+KXiK48RXOmX9pFbPcBAY0eJmZRsVepGea9i nktSWCljk1yxdrden+Z1RwknSda+iP1Gor8D/wBpr/gov8ZfGfxTuPhB+y3us7S3vf7PgvLW2W61 HVLlW2MIVkV1SIvkJtTewG4sAdo8z8X/ABB/4Kh/s26Zb/EP4iX+qw6I80Zke9ex1S1BcgCOdYmm aBXOFGTHycKQ1ezQ4KxEoxdSpGMpbRb1fyOqGVTaV5JN7J7n9HlFfHn7GH7V2n/tV/Di51y5sk0r xPoMqW2rWcW4wq0oLRTQliT5coVsKxLKyspJADN9h18vjMJUoVZUaqtJbnn1aUoScZboKKKK5jMK KKKACvAP2Tv+TWfg3/2Jnh7/ANN0Fe/14B+yd/yaz8G/+xM8Pf8ApugoA9/ooooAKKKKAPw//wCC rv8AyP8A4E/7Blz/AOjhX6OfsWf8mweAP+vH/wBqNWT+0j+x/wCD/wBpXWtH1vxNrd9pUmjW8lvG toIirrI+8lvMVjnPpXu3wn+HOnfCT4e6L8O9Iupb200SHyY5pwokcbi2W2gDPPYV7mKx1OeDp0Yv 3lv+JnGL5mz0SiiivDND+aj9vcM37XXjhUxuL6YBnpn+z7brmvrr/gnxoes6V8U72fxlPpEry6fi wEH2Mzh8gtt8lQ4+Xrz9a+pvjP8A8E//AId/Gv4l6x8Tdd8RanY3us+R5kNuIfKXyII4Bt3KTysY Jyepq58EP2C/h98DPiDZ/EPQPEGpX95ZxyxrFciHyyJRtOdig8V9hWzehLCKjza8qW3Wxgqb5rn3 XRRRXx5uefePvhf8PviTBbf8J5oFrrn9miU232lN/lGULv2+m7YufoK/mf8A2YPD+j+Jf2hvA/h3 xFZx32nXupxxT28o3JIhzlWHpX9T7LvUqe4xXwB8Ov8Agnl8Mfht8RNH+JGla/qdxfaNdi7jil8r yncZ4bCg457V9BlGZxo0qkJt6rT8TKpC7R9u+E/B/hjwLosXhzwfpsOk6ZCzulvAu2NWkO5iB7k5 NdJRRXgSk27s1Cv5V/2kEmk/aT+I0duN0reJtSCAgEFjdPjrx1r+qivzp8a/8E4fhv43+Ies/Ea+ 8U6tb3mtalNqUkMaweWkk8plKrlCdoJwMnOK93IcfTw85SqPdGVWDexS/Ym+Gnx98HeMfEGo/GfR LLT7WSxRLOSCysLZ/NMg3DdaxRsRt7E4r9I6KK8rF4p1pupJJehpFW0CiiiuYYUUUUAf/9T9/KKK KACiiigAooooAKKKKACiiigAr5y/aq/aC0r9mj4Oap8SLyFLzUN6WWl2jkhbm/nDGNGIwdiqrSPg g7EIByRX0bX5Bf8ABYiLUj8HfA08R/4l6a86zD/ps1rIYv8Ax0SV7HD+DhiMbSo1Nm9fz/E6sFSU 6sYy2PhfwR4n/wCCiH7Zepaz4k8AeJ9XSwsJv3xsdS/sXT4JSNyQRBJIgzKuDj5mAwztkgn0T9lj 9t34/wDwl+OVr8Fv2g9Tvdc0u51L+x72PVH8++027eQRCVbj5pJEV8b1LspTLJzjP3j/AMEodQ0e 6/ZZNnp7J9rs9cv1vFUjcJXEboWHXmMoAfb2r3vXP2pP2S/h/wDFfWfA+v8AiHTdD8bQSwx3zPZS o8kksSMga7SExu2xlBBkyPunGMV9pmObRdavgVhFKMdFyqzVut0n+R6tfErmnR9ndLtv6n5d/wDB Y/8A5KB8OP8AsF3v/o9K+1NC8Sa94P8A+CYNj4n8L38umatp3g2OW2uoG2SxSADDIw5BHrXxX/wW P/5KB8OP+wXe/wDo9K+uZ/8AlFIP+xJT+QpVYp5ZgE/5/wBWEl/s9H1PHf8Aglf8bfi58V/F/j6z +JXi3UfEsGn2NlJbpfXDTLE7yyBioY8EgAGvK/2vv26PjR49+M8/wE/Zqvp9OtLK/GlpcaZxf6nq AbynVJescSyZVdhG7BdmKkBX/wDBG7/kePiV/wBg6w/9HS1+dHwf074t6p+0bp2m/DbVIdI+INxq V4lrdzukaJeFZfMG6RXUFxuVcqcsQBzzXtU8qw7zPE1ZRj7kYtJ/Ddrd/cdSw8PrFSTS0S9Nj628 Z+JP+Cif7F93ofjL4geJtTu9L1CfCrf6kdasJZsF3tpw8jlGZQT8pUnBKPlSR+qXiX9pef4sfsE+ Jvjv4Bu30HXE0iYSi2kIlsNRgZUmRH6jBO5DwSjKe9fnz8a/2ef+Cg/jPwhFoHx1+IOhP4enu4jG mp6pZ2kL3aqxjCuYY8vt3YUNkjPHFex+Cfgj8QvgL/wTu+NXhHx7NYXAvzc6jZyaddLdxGOWG2ib 51AA+aLOB65rzcxhha1OjUnKDqqaXubNXMK6pzUJNrmutuqPiH4H/tPftz/E+41T4P8Awv8AEepe JPEHiXyZRdXE6vcWNtaCTzjFNcMI7dJPMXfIcNlUVDuIBzvGHxa/bp/ZB+J1vpfj/wAZaydT2per b6jqMmrafewMSucSSSIysVZWxtdSOqkA19Of8Eb7SF/H/wAR79lBmh0yyiVu4WSd2YfiUX8qP+Cy ESDx98N5wPnfTL5SfZZkI/ma9j61R/tZ5eqMeRrXTVvlv91tDp9pH6z7HkVn5eR9E/tueJPjX8a/ 2TPBnxR+DS3Vl4e1XSLjVPFMFvdxW6Jp81ojyRSrJIjTIp8xdqBicdORX49fsveGf2nvE/ijV7b9 l2a+h1uGzD3xsb+Cwc2vmKBueeWJWG/HAJPfFfuZ4e/5RYy/9k/vf/SaSvhX/gjsR/wuHx0P+oCn /pVHXnZVjvq+X4pQhFqnJpXW+vXuY4atyUKlkvdf9XP3/wBFS+i0awj1Mk3iW8QnJIYmUIN+SOD8 2ea/Of8A4KcaJ8dNW+Dltc/CSS6TQbCLUZvFAt7uK2RtNEAyJUkkRpUwH+RAxPp0r9K6+ef2tv8A k1/4rf8AYs6r/wCkz1+dZLiXTxlOoknr1210/wCGPDwtTlqxlbqfzI/sveGf2nvE/ijV7b9l2a+h 1uGzD3xsb+Cwc2vmKBueeWJWG/HAJPfFfuB+3R+2f4g/Zk8GeHvA3hARS/EXxBZLNJPcBZksIFHl tcFDlZJHlDCMHKZVmYEAK3xD/wAEdiP+Fw+Oh/1AU/8ASqOvJv8AgqvBqMP7V9xJe7vJn0XTnts9 PKAkU7fbzFf8c1+o46jTxmcxw1aK5YK/m9Fo+6R9DWjGrilTmtEr+ovhHQ/+Cmfxi8NP8aPCeueL L7S28yaCSPWTZi4VM7za2XnxeYnGAI4trH5V3EYr6k/YT/4KD+Pdb+IGn/Ar9oG7F/JqsptNO1W4 TyryO+LYjtbrAAcSNlEYqHEhCsWDZT9dfghe+HdQ+DXga78JNG2jPomn/ZPJxsES26BVAHA24wR2 IIPNfzOfFmay1v8A4KA6k/w2eMm68c2y2bw4MZvDeRqzrt4INxuOR1657152BxNLNPrGGrUYxUU2 mlZq3f8ApddDno1I4jnpyglbbyP6tKKK+U/21vjL/wAKN/Zw8WeLbSfyNXvof7L0wg4f7ZfAxq6f 7USb5v8AgFfmWEw0q1WNKG8ml954FKm5yUV1PwJ/aW8Vat+19+2pcaD4Xm8+1vtUt/DekOPnRLWC TyjMP+mbOZLg+isazf2sfhdefsg/tVA+AQ9jY2Utjr+guxLbUDBtpPcJcRyJjPKgeteCfBHxx8SP hV46sfid8MtO+2axo/mpDI9m15FE08TRMSoBAbY5weozXof7RPxx+PH7Q0mk638XdKCt4djmjhuI dNa0xHcMhKyPjBAZRtz0JOOtfv8ATwlWlWp0advYxjytX1v6fL8WfaRpSjOMV8KVj+rH4YeP9H+K nw78OfEbQDmx8RWMF5GucmMyqC0bH+9G2Ub3Br8Hv+Cr/wAC/F+kfFqH452FjJd+GdftLa2urmMM 62t5ar5QWbAwiyRhNhJwzBh1HP0t/wAEi/jR/wAJB8PPEPwQ1Wfdd+Fp/wC0dPVjybG8b96ij0in yx95hXVfHP8A4KX+H/hZ8Xdb+CPir4aSX1npt6ljf3VxfoI3tJgrGYW32aTerQuHCFhuBwSK/Nsr weLwOa1IYanz8t9LpXi7W3+XzPBw9KpRxElTV7fkfJXwd/4K5fEHwppdh4f+K3hO28Uw2kaQ/brK Y2V2yIMB5IyskUj4/uiIH+f0X8CdN/4JyftPfFCbxj4e0i80v4i3t++snT9RvLqyma7En2h5bdYJ /Ikw4L7I2JABJQDNfTXjn/gn7+yF8YbFPEGneGotFbU4lnhv/D0/2SN45V3JJHEu+1IYEEHyjke1 fzzfG3wTJ+zB+0drHhTwH4iOpT+CtQt5rHUY8LIkqpHcKr7CV8yFm8uQDjcp4HQe3l1LAY91I4Hm o1La2bS+dna1/Q66EaNa6o3jI/sFryD49fEjV/hJ8I/Enj/w9odx4k1bTLfNnYW0Ms7zXEjCOPcs QL+WrNukIxhAeRXqOl3Ut9plpezxGGW4hjkaM9UZ1BKn6E4rwX9qT9oDTP2afg/qXxNvrE6pcxyR WljaBtgnu587Fd8HaihWdiBnCkDkivzHA0ZTrwpqPM21p38rngUYNzStc/CzwOf+Cjv7W+ra3rfh vxVrllBpkwjucak+hWUMzDcsKQRNECwXGcIxGQXOSCdD4BftX/tR/An9o/S/hF8YvEOoa3ZvrMGj 6vp+r3J1B4ftEqxebDcOzuCm8Ou1yjr2III7X4beP/8Ago5+2+NU1PwH4vj8MeHLO4+zTXFtIuk2 kEzKHMSSQI945VGBPzPtBGSMjPxJrfgTxJ8N/wBrSx8B+MNbXxFreleI9MivNQWSSUTzNLC7HfL8 7FS20luciv2ilQp1XVw1eNPSPwxV3H1dl+SPqowUuanNR22XQ/aD/gqd8WfiX8KPAvgW++G3iW+8 N3GoaldR3EljM0LSokIKqxXkgE5xXvP/AAT38ceL/iL+y54d8VeOtXudd1i5utRSS7u5DLM6x3Ui ICx5IVQAPavkT/gscp/4V18OmxwNVuxn6wLX0X/wS/njm/ZA8ORowLQX2powHYm6dsH8GBr4XFUI f2DSqKK5ufe2v2up49SC+pxlbW/+Z+b3xi/aR+PWj/t233gLSvHmr2nhyPxbYWa2Ed0624t3mhVo ggONpBII75ra/wCCr+ifHSLx6mv61JdH4VTy2UOmI13E1sNSFq5lK2wkMivgSZdkAPIB5Gfmr4xa ja6p/wAFEtSu7KRZYh47s4tykEbobuKNhkejKRX6df8ABYP/AJIJ4Q/7GaL/ANIrqvqY8tDGYFQg vejZ6eS19T0FaFWjZbo+Rv8Agmz4W/asuvFnhTxJ4Wnv1+DcGqXY1NE1CCO0MwtyH3WjSiVjvMfK xnnB7Ej5f/bB1+78K/tueOPFGnokt1o/iCC8iSUExtJbiKRQwUglSVGcEHHcV+yv/BKEg/sq/TXt Q/8AQYa/I79o+0gv/wDgoXrdjdIJIbjxdp8bqRkMryQAgj3BrXLMb7TNsTzRSUYtadbPr5l0KvNi al1sv1PV/jCv/BS+z8GH9ovxxr2t6FoTGO7Nvp+p/YxZQ3JAiL2NvICifOFIdS6/8tMHJr9Bf+Cb n7WfjD45eC/FHhn4sXy3mseClt5hqUgWN7ixnEnM5GFLxGM7nwNysucsGY/Uf7asayfso/FFXGQN EuD+K4I/UV+Kf/BOX+0j4O/aKXRzi/Pgq5+z/wDXbyrjy/8Ax7FeLCrTzDK6s504xcZJKytZXX+Z yKUa+Hk3FJp6W+RsfFf9sz9pv9qz41f8Kv8A2ab+90XR5ria30uDS5TZ3V1DHkm7urklWjBRS+Ny Ki8HLfMcTVPjV+3h+wz480a1+LOsXmvabfI0kdpqt82qWV9AhAlWK4ZnkjkjJHQqykqSrIcN8x/s g6J8ePEPxZk0z9nPW4NB8XPp1wwmnkji8y2V4zLGhljkBY/K2AM7VJzgGvsX45/sxftz/EVND0f4 +ePfD1yI5Jn0yHUtXtLRmkIQS+SPKjLkDZuAzjI9a+kr4fCYerHCSVNU7ap/G99f68zvnClCSpvl 5bfM/WP43fGUeI/2LPEnxt+FuqTWDX/h/wDtCwuoW2T27vtBXcPuyRtuRsdGBFfh/wDA/wDae/bn +J9xqnwf+F/iPUvEniDxL5MouridXuLG2tBJ5ximuGEduknmLvkOGyqKh3EA/pjc/DTxp8Hv+CYP in4c+PGtZNS0jStS2tZzi4haG4vHuIyJAADxJj2r5Z/4I32kL+P/AIj37KDNDpllErdwsk7sw/Eo v5V85lcMPh8Di6sYKahP3bq/a3+Zw4dQhRqSSTs9D5j8YfFr9un9kH4nW+l+P/GWsnU9qXq2+o6j Jq2n3sDErnEkkiMrFWVsbXUjqpANfpL+254k+Nfxr/ZM8GfFH4NLdWXh7VdIuNU8UwW93FbomnzW iPJFKskiNMinzF2oGJx05FfO3/BZCJB4++G84Hzvpl8pPssyEfzNfaHh7/lFjL/2T+9/9JpK3xeJ hKjgswVOKm5WemnVf8FdiqlRONKtyq7Z+Gf7L3hn9p7xP4o1e2/Zdmvodbhsw98bG/gsHNr5igbn nliVhvxwCT3xX6d/8FNPjX8a/hHrnw00vwT4v1Lw5JeaPM98llcGIS3CPGpZyhwxHPP5V5N/wR2I /wCFw+Oh/wBQFP8A0qjrZ/4LH/8AJQPhx/2C73/0eleli6yrZ5Tw84JqKfTV3j1726HRVmpYtQaV l/kfpX8MvjpH4C/Yh8OfHb4n38+qS2Ph6C9u5pX3T3dzJhIk3nPzzSsqAnjLAnivxp0r42/t5/tt +PdUsPhdreoabb26CWWz0e8Ok2FjbsSEEkwdGcsQcb3Z3wcDaMD68+OUWpSf8ElvBz2BxBFZaE11 7w/aFUf+RTHU3/BG7UNHPg74k6XGyDVUv7CaRcjebdopFjOOpAcP9CfevEwlKlhcJisfGmpTU2ld XSV10+f5HJTjGnTqVlFN3sfJHgj9rr9rP9kT4z/8IH8dNU1HxDY2M8Sappmq3P8AaEht5VDLNa3T NI4Oxg6bX2MflcZzt+9f+CiP7Vfxi+HGmaD4V+BVrfWdrrdkuo3niKCykkjWCYlYoIJnjMaOwBd2 HzqCm0qSa+wPih+0f+y58IPibb+H/ihrVhovjCeyiuI55rGWWQWzvIsYa6ihcJ8ysQrOMA5xg5Pw 9+3L/wAFE9f+FWtWHw5+A5tn1C7sLbUbjWpoxcIkN7H5tultE/yFmjZZC7hlwwAXOSMcPOWNxdCr HBq9ru+kZee3T57oiDdWpCSpf5Pz2PiXxR8Mv+Ck3gv4aS/HLxF4w8TWmk21vHeTqfEk5u4bZ8ES SW4nJCjcNyfeUZ3KADj7o/YH/ai+Mf7QXwr+JXgPxRfNq3jDw1pxk0jUR5cNzMbuKZI0kb5E3xSo m2Q4zu+Y8ZPyl8V/gP8At+eMPgx4h+LHx9+ITaf4e0/Tn1CbRri/dHnXaGSNrO0RbVWbIG1yCpOC ucgdb/wRvX/ivviQ3ppliPzmevYzWNOtltWrLklKDVnBaLVaX6nViFGVCUnZtdj8y/ivo3xm0r4z ajovxYkuX+Isd1bLdNcXUdxcfaHjjMGbiN3QnYY8EPgDAyMV+43gwftdfCj9i74x678edV1Oy8ZW aTXGk3U+ow3lzDAIYgGjlt5ZQnz7sAkHOTjvX5mftqnH7fnikntrGj/+ktpX76/tsf8AJqHxQ/7A s/8AMVPEOYOcMFBwjafK3pt8Oi7LUWOrXVJNLW36HwB/wSv+Nvxc+K/i/wAfWfxK8W6j4lg0+xsp LdL64aZYneWQMVDHgkAA1x37df8AwUE+I2mfEfUfgZ8AL1tKXR5vsWo6nbxiS9uL7O2S2tiQ3lrG x2FlHmGQEKQo+bn/APgjd/yPHxK/7B1h/wCjpa+NvgtLp2i/t7aK/wAQGSNbXxrOly1xgKt2LqRY 2fd0xPtOT0PNaf2Xh3mmJqyppqnFNRtpe3b5fiV9Xh9YqSa+FbfI9S8T6L/wU0+CXhQfGDxPrniu y0jEcs8k+sf2gbdXxsa5tGmmMa8gHzIwFPyttJxX6rfsDftp3H7Tmh6l4S8dx29p468PRrNL9nXZ Hf2ZKp9pVOdjo5CyqPlBZSuA21fsH45Xvh3Tvgx46vPFzRro0eiah9r83Gxomt3BXngls4A7kgDm v58f+CUEGrTftVGTTji3g0HUHvPeAvCqj/v80ZryPbU8zy6vWq0oxlT1TirfL+u6OXmjiKE5Sik1 2NX9pr9rr9oH4W/te+LLfw/4y1FtD8Oa5FJFpD3MgsZIYRG5t3jUj90+CrAYyCaqfFyD/gpXpngw ftF+PfEPiDRdElMVwY7LVPsgs4rggRM9hayKIkO8KQybhnEgBrzb9oq0h1D/AIKF63YXKh4bnxhY ROp5BV5YFIP1Br9/v21okm/ZQ+KKSDIGiXDfiuGH6ivUxeNp4T6nGFGLc1G7a1tpt9501asafsko rW1/wPl7/gmh+1T47+PfhfxJ4L+J13/amueEvsskGoMoWW5tLneoE23AaSNo8b8AsGGcsCx/UOvw H/4I3/8AI/fEj/sGWP8A6Oev34r4jjDCU6OYVIUlZaO3qkeTmlOMa0lFH4Z/8FRPjz8ZvhX8ZvC+ h/DjxlqfhzT7rQI7mWCxuGhR5jd3CF2C9TtVRn0FfP8Armv/APBRr47/AAtuPj7Y6zquleCtFtGk jXTNROmmW3sV2zTrDFKs1wVKMzySbiTu2cDaOm/4LB/8l78If9izF/6W3VfrP8PLO3t/2DPD9tEg WN/hxbswA4Jk0gMx/Ekk19asXTwmX4SrGlFyk7Xa6dfmekqqpUKclFNs/Ej4SftvftoeLtAi/Z/8 B6rN4k8TeIblItP1KfbNqsMW1jLGLiY7cEDcZpiWjUMdwGCmD49+JX7dX7IfxOsLX4geN9ZGqzRR 38cN5qkmq6fdwMxUhkkkkjYbkZGGFdf4SMqx7r/gk3aQXP7U080qhmtfD1/JGSPusZbePI/4C5H4 169/wWPRR8Q/hzIB8zaVeAn2E64/ma9ydShDNFgI0Y8sld6at2f4aHW5QWI9ioKzWp+rHiD9qDw3 4W/ZWtP2mtatvLgvdFtNQisQ3L3t5GvlWqtjP+ubYWxwoLYwK/Ebwn8RP+CgP7bnizW9S+G/iXUd Os9NZJZotN1B9G02z358mFWR1Z2O0kbi78bmPevoj9pgaif+CV/wj+xHEIl0b7V/1x+z3OP/ACJs r5j/AGL/AAZ+2p4p8Da7N+zD4stdE0aDUdt9byTwRym5aFCJCskMjbWTAByBlW44NeNk2XUcPha2 IjyqXO4pz2ST/r8DlwtCEKc5q17212Pbv2b/ANtj9oD4H/HSL4E/tR30+oafPfR6feSaowkvNMnm AEUy3Kk+ZAxZCxZmGw70Yc7qf/BV/RPjpF49TX9akuj8Kp5bKHTEa7ia2GpC1cylbYSGRXwJMuyA HkA8jPmvxD/Yt/az+KXxJu734h+MPDOr+NwkCXEcutW0d6qqi+TugjRWX5NpX5RkYNfcf/BXL7af 2dPAx1IKt3/wkNv5wU5USfYbndg+mc4reM8NDMsNUw/K5TTUrbJ6O67X79i06ar05Qtd72/NHyl/ wTZ8LftWXXizwp4k8LT36/BuDVLsamiahBHaGYW5D7rRpRKx3mPlYzzg9iR8v/tg6/d+Ff23PHHi jT0SW60fxBBeRJKCY2ktxFIoYKQSpKjOCDjuK/ZX/glCQf2Vfpr2of8AoMNfkd+0faQX/wDwUL1u xukEkNx4u0+N1IyGV5IAQR7g11ZZjfaZtieaKSjFrTrZ9fM0oVebE1LrZfqer/GFf+Cl9n4MP7Rf jjXtb0LQmMd2bfT9T+xiyhuSBEXsbeQFE+cKQ6l1/wCWmDk1+hf/AATT/ar8b/H7wn4j8HfE26Gp a94QNs8V+VCSXVpc71HnbcBpI2jIL4G5WXOWDMfp39tWNZP2UfiirjIGiXB/FcEfqK/Hb/glnDqN 0vxutdI3fbpvDASDby3nN5wTAHfcRivD9tTx+VVak6cYuDSVlayuv8zj5o1sNKTik09LE/7TP/BQ D44fGH4pT/Cn9mm9u9K0MXZ0+yfSl/4mWrTBtnmrKoMkaMwJjWMqdvzOTnC+beMtS/4KR/snwad4 68eeIPENrpl1On7y81Rdas/OPzeVcIZrhELgY+YDdztJIOOf/wCCYl74esv2ufD39vNGk09lqEVg 0uP+PtoDgKT0Zo/MUdznA5NfuN+37e+HbL9kX4if8JK0YiuLOOK3WTGWu2nj+zhAerCQBuOQAT0B Nelj8TSwGLo5dSoRcJWu2rt3dv6/Q6K1SNGpGhGCadg/Yw/at079qX4Yz6/fwQ6Z4o0CRbfWbOEn ykZwWini3EsIplVsBiSrK65IAY/j18d/22/2if2kPjK3w4/Z61bUNJ0Se8ksNGtdGka0u9QUEj7R NOrK43hS+NyJGn3uQzHr/wDglTY+JruH43HQn2xt4eiiHB/4/ZBcfZT+AWSvGf8Agl1e6PaftcaI mqMiT3OnalFZ7+puDCWwv+0Ylk/DIqcPk+GwmIxlaMFL2aTinra6b/ryFDC06U6skr8u33E/7Rkf 7c3wY+Fc3w0/aDv7jW/B/i97dYrm8uxqhhubSRbhY47reZI5PkwUclWXcVBK7l+4P+COaCT4efEm Ns4bUrIHBKnmB+hHI+or3b/gqre6Jb/so3VrqboLu71jT0sVYjcZ1ZnfaDzkQiTOO1eGf8Eb/wDk QPiP/wBhOy/9EPXJisf9ZyKpVcFF8yvZWT1Wv9djOpW9pg5StbXp8j7e+Fv7Dv7OfwZ+Ilv8Tvh5 oM+n6xaRTRQiS9nuYo/PXY7KJ3dt20lQd3Rj618Vf8FKP2zfBGm+DNf/AGa/BLJrXiDVQlvq9yhD W+nRxyLI0OeQ9wdu1lHEeTk7xtH6u/ES817Tvh/4m1DwrDJc61a6Xey2MUS75JLpIHaFUX+Ji4AA 7nivwQ/YV/Yj8WeK/jNe+KP2lPBOq2uk6NAb6GLV7aWKHUNQeVdomMoHmqo3OyHO443ZXKt4uQTp 1JTzDH1HL2drJvVvpv2/4c5ME4ybrVpX5dj6o/4JLfBPxj4F8B+Kfil4pt5NPtfG5sk023kBR5La z84m5Kn+GRpcRkgEhSw+VlJ/XimoiRIsUShEQAKoGAAOgAp1fN5vmUsXiJ4ias3/AMMvwODE13Vm 5vqFFFFeaYBRRRQAV4B+yd/yaz8G/wDsTPD3/pugr3+vAP2Tv+TWfg3/ANiZ4e/9N0FAHv8ARRRQ AUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAH/9X9/KKKKACiiigA ooooAKKKKACiiigArxD9on4F+Gv2i/hRq/ww8Sv9mF6FltLsIJHs7yLmKdVJXOMlWXI3IzLkZzXt 9Fa0K86U1UpuzWqKhNxaktz+ayx/ZB/4KE/s2+ItTi+EMd81pesIWvdCv4PIu0XOxnt5JFkUrk4M kY2knDY5PuX7J/8AwTl+L198WLH4x/tMD7FDpt6NT+xT3SXt/qN8jiVHuHjaVBGZPnfc5dyNpUBi w/eGivrcRxvi6lOUVGKlJWcktX+P9dLHpTzapJNWSb69T8hf+Cln7Lvx0/aA8X+CtV+Efhn+3rXS LC6hun+22dr5ckkqsoxdTRFsgHlQR619Fy/Bj4kt/wAE+x8D10j/AIrX/hFl077B9og/4+wB+78/ zPJ/4F5m33r7vorynxBWdCjQsrU3db3vvrr/AJHO8bPkjDpHU/In/gml+y/8c/2f/FXjjUvi74a/ sG31iys4bVvttndeY8Ujs4xazSlcAjlsA9q8o/bF/wCCdfxUu/irf/G39m5Vu21S6GpTafDcJZXt nf7vMee1kdo0ZWkHmDDq6ucKCMY/c2iuqPFmKWLljFa8lZq2jX33/E0WZVFVdVbv7j+bjxP+zh/w Uk/aZvNJ8O/Fi2vZNO0x8RTavc2ltZ25I2mV0gO+VscbxHI+CeeTX6kXP7JNx8Mf2HvFX7PXwyi/ t7xHq1hO8spMdsb/AFK4Kb2zK6oihVVE3NwiKCSck/f9FGN4qr1lCKjGMYtNJKyuu+oVcxnKySSS 1sj8jP8Agmj+zB8cv2fvEvjrUPi74a/sG31i0sorRvtlndeY8UkjOMWs0pXAYfexnPGaZ/wUt/Zf +Of7QHirwPqXwi8Nf29baPZXkN0322ztfLeWRGQYupoi2QDyuQO9frtRWX+s1f699f5Vz9tbbW73 /En6/P23trK58k/DL4K+Ipf2MNO+AnjaH+xtZvPC0+i3a745vs01xC8Wd8TOjbCwPysQcV+G/hn9 jv8A4KA/BjxffQfDXQ9S0u+u43sn1DR9Rt4obi3Lg8TechVWKqw37HHBIU5r+n6itMt4pr4Z1bRj JTd2mtL/AHjoZjOnzWSdzm/Bqa5F4Q0OLxMpXWEsbYXoLiQi5ES+aN4JDfPnkE561jfFPwTH8Svh n4s+Hkk32YeJtKvdN83GfLN3C8QfH+yWz+Fd7RXzsarU+eOjvc4lJp3R/MD4Z/Y7/wCCgPwY8X30 Hw10PUtLvruN7J9Q0fUbeKG4ty4PE3nIVViqsN+xxwSFOa/Wb9rD9ivUP2o/hf4T1KS8i0b4neHN OhiM1wxkguWaNWntZ5I9xwJsskqhsEtwQ2R+jFFfTY3i/E1qtOulGM49Ut/W99Dvq5nUlJTsk0fz SaL+zl/wUw+Guk3Xwq8G2uuWWhXbSL5On6tbCyYSffaOTzwIg/U8oTn5hnNfbX7DP/BOnW/hF4st PjJ8cHt5PEFgHOm6RCy3CWkzfL9onmUlHlUZ2Km5VJD7iwAX9gaK0x3GWKrUpUlGMebdxVm/xKrZ rUlFxSSvvYK/Jb/gpP8AA/8Aaa/aD1fwl4U+EvhNtY8K6JDLe3E/2+xthJqE7GMKY7m4ic+TEmQw XH71hk44/WmivCyrMp4Suq9NJtbX2/Bo48PXdOamlqfHf7C3wD1T9nj9n7S/CXii0Wz8T6lcT6jq 0aukuy4mIRI/MjZkby4UjU7WK7txB5r6R+IvgfR/iX4D8QfD7X13af4hsbixmOMlVnQpvX/aQkMp 7EA12dFY4nHVKteWIk/ebv8AMmpWlKbm9z+fX9kr9kL9sr9nj9ovw745ufBO7QIrl7DU5o9U00pJ ptyfLkl8v7V5jBPlmVdu4lAMZ4r7E/bu/YCuv2h9Wj+Kfwtubaw8ZxQCG9tromOHUo4QBCRIARHM ijYCw2su0Ertyf1Gor3K/FuKniY4tJRmlbRPVed2zrnmVR1FV0TR/MZpf7PH/BS/4d6X/wAIT4at PFWlaScqtrputr9kUNy237PdGNA3fGM9691/Zc/4Jg/E7UPHem+PP2jIodI0XT7hLx9LM8d3eX8q tvVJmiZ40iZsGTLl2GVwpO4fv9RXdiOOsVOEoQhGLlu0tfzNZ5vUaaSSv2CvmD9r/wDZ+l/aV+CG qfDjT7yOw1dZor7Tpps+SLu3ztWUqCwR0ZkLAEru3YOMH6for5HC4mdGpGrTeqd0ebTqOMlKO6P5 wPhF8Cv+Cm/wGn1fwR8J9Iu9Fs9YfdclZ9Lns2ZRs8+OW4d1jcrjlNrkAZGVAGJ4l/4Jz/tk+E/i Bp3irQ9Ig8cX6yW+rXF/HqNpEpvzJ50sbm8nhmkYOMtJtAbORzmv6WqK+w/17xKm5xpwTe+j19Xe 56f9sVL3UV56bnxP+2x+zbrf7U3wOtdB0Ty9K8V6RcRapZQ3LjyzL5TJLaySJuUblc4cZXeq87ST X5C/Cf8AZ2/4KW/DYX/w3+HNlqnhLTNWm3XbLfWkdmrkBGmWYSOVO1QC0J3kADngV/SlRXm5ZxRW w1B4dQjKN7pSV7fiYUMwnThyWTXmfzg6b/wTe/aZ8A/Hvw7faTog8S+G9H1bSLybWVvbKBZQjQzX brBNcifbHJ5ijKbnC7gvIFfrF+33+zv4r/aQ+Bi+F/AnlSeIdE1GHVbSCWQRLcmOKWF4RI3yqzLK SpYhdygFgCTX25RRi+KsVWrUq87c1PbTf11/KwVMxqSlGb3R/P5+xt8Cv27/AIUfFjwvol/pGsaF 8P7PVvter2rahBHYujp5UrmNZj53y7TtQNkqDjjI0/jF+xX+0x4q/bRv/izoPg77V4Un8S2OoJe/ 2jp6ZtYXhZ38p7hZeArfLs3HHAPFfvhRXVLjLEe3liI04puPK9H3vffc0eaT53NJXtb+tTwn9p3w Z4k+If7P3j3wR4Ps/t+ta1pU9taW/mRxebK4+Vd8rIi59WYD3r8+f+Ca/wCy18cPgJ4r8cah8YfC 40Sy1qwtbe3LXlndiVkkdnUrbTSkAKf4gAa/XyivHw2dVaWFqYSKXLPV736ba+XY5aeKlGnKktmf z4fGr/gnb+0N8H/ixJ8TP2WC+oaZHdPeaeLK6jtdR0zzCcwlZWQSRqGKKULFk4dcZzx11+yB+33+ 1V4203UPjp59hbWq+T/aGsTWyR2sBYFxBZ2xyXbrhY1DEDc44I/pAor3KfHGLjFXjFzSspNe8dkc 3qJbK/fqfHvxK/Z7fQf2Mtc/Z3+EFgb+4g0NrCwheSKF7q4Zg8kjvIyRq8shZ2JKruY9BXyd/wAE 0f2YPjl+z94l8dah8XfDX9g2+sWllFaN9ss7rzHikkZxi1mlK4DD72M54zX650V41PPq8cNVwzs1 Ud23e99PPy7HLHGTUJU+5+RP/BS39l/45/tAeKvA+pfCLw1/b1to9leQ3TfbbO18t5ZEZBi6miLZ APK5A719gfDL4K+Ipf2MNO+AnjaH+xtZvPC0+i3a745vs01xC8Wd8TOjbCwPysQcV9bUUVc9rSw1 LDWSUHdPrfXfW3XsKWMk6cafRH8wPhn9jv8A4KA/BjxffQfDXQ9S0u+u43sn1DR9Rt4obi3Lg8Te chVWKqw37HHBIU5r7g/b6/Za/aQ+Pf8Awq3UPBPhj+3L/RtCNvq5N/ZQmK9fy2dS1xPH5mWDfMu4 H1r9nqK9etxriJ16eI5I80b9HrdW11+46pZrNzU7K6/rufKfwr+Bn9pfsh+HvgH8X9M8h5dAj0zU rUSRytDKF6pJGzxl4nAdGUkBlBHSvxl1f9hL9tr9m3x5da/8CJrnV7ZFMcOq6LdxW00sDnPlz2ks ofPALJiRMgEMeK/pGorhy7ifEYaVRxScZu7i1damNDMJwcmrNPofzv8Awo/4J1/tK/G74oL47/ag kn0rS5p0n1Ke9vY7rU79EAAiiETyeWMKEy5TYv3FOAK96/4KDfsFfEf4neObf4ufBCwh1VprO3sr /SVlit5kNovlRSweYUjZPKCqybgy7RtDA4X9pqK6pcZ4x4iNdWXKrKNtLP8A4Zdeho81q86n26dD +fy3/Z6/4KVftE+D7b4YfFrVJdE8GabEGUanJZo9w9sv7mORbX/SJ23BcNOdgPzliwGfZP8AgnH+ zR+0r+zz8WNevPif4L/snw7r+lGBroahYXBjuYZUkizHb3EjkMu8cLwSMkCv2foqcTxdXqUZ4dU4 RhLola3nvv6iqZnOUXDlST8j8F/2/P2Hvjt4y+PGqfGT4S6K3iPTPEMdrLNHazxR3Npc2sEduR5c jIzK4jV1ZNxBLA7cDPu/wq+F37ZPiz9k34yeCfjdbajqfirxNAI9Ch1PUbeWaQGLa8YLTFIF3KDh ygJJPvX640VEuK68sPToShF8lrOzvpa3Xy1E8xm4Rg0tLfgfkT/wTS/Zf+Of7P8A4q8cal8XfDX9 g2+sWVnDat9ts7rzHikdnGLWaUrgEctgHtXO/twf8E4PE3xO8bX/AMY/gS9u+q6uRLqej3Egt/Ou QMNPbTORGGkwN6OVG7LB/m2j9mKKz/1qxSxjxsbKT0a6Nff5dxf2jU9r7Vbn80up/s4/8FMPinol v8MfF9rrl3oFkYx5Op6tbraAR8IXZp8zBO33yOwr9fP2Kf2ONJ/ZT8J30mp3kWteMtf8s6hexIVi iijGVtrct8xjViWZiFMhwSoCqB9vUVWacVYjE0vYcsYQerUVa/qPEZjOpHkskvI/A/4u/sVftMeK P20774s6F4O+0+FJvE9jqKXv9o6embWKSFnk8p7hZuAp+XZuOOAeK/Xr9p3wZ4k+If7P3j3wR4Ps /t+ta1pU9taW/mRxebK4+Vd8rIi59WYD3r3aiuXGcQVq7ouaX7u1t+lt9fLyM6uNnNwb+yfkL/wT T/Zd+On7P/i/xtqnxc8M/wBg22r2NrDav9ts7rzJI5WZhi1mlK4BHLAD0r9eqKK5M1zSpjK7xFVJ N222008zLE4iVWbnLc/GP/gpF+yd8f8A4+fFzw34o+E3hb+3dMsNDSznl+3WVrsnW6nkKbbmeJj8 rqcgEc4znNfor4S8C+KdM/ZP0b4Z31l5fiS08E22kS2vmRttvo9NW3aLzAxjOJBt3BtvfOOa+h6K 6MRnlapQpYeSVqe29/nqXPFylCMHsj8Q/wDgnd+yD+0T8C/jzeeNPip4T/sPRpdEu7NZ/t9jc5nl mgZU2W08r8hGOduOOT0r0L/gpZ+y78dP2gPGHgrVfhH4Z/t610iwuobp/ttna+XJJKrKMXU0RbIB 5UEetfr1RXbLirEPGrHOMeZK1tbdu9/xNXmM3V9tZX/rzPjrwZ+zqfF37F+g/s7fFm0Om3j6DBY3 ao0U72d3Dh45EaNmjZopFVhtYqcYzg1+P+mfsk/8FBf2VvF+p3PwTS4ure9XyWvtGntpYLuJSShl tLk7g67jjfEdpLbGIyT/AEi0VOA4or0HUXLGUZu7i1dXYUcwnDm0TT6M/n++An/BOr48fFD4tR/F P9qvdZacLtb69hvLmO71DVZEIZYmETOscLY2uWYMEG1EAIZf0k/b7/Z28VftH/AtfC3gMRP4g0PU YdUtIJZFhW58qKWF4Q7fKrMspKliF3KAWAJNfbtFTiuJ8TVxFPEuycNklovl5iqZhUlOM+23Y/n8 /Y2+BX7d/wAKPix4X0S/0jWNC+H9nq32vV7VtQgjsXR08qVzGsx875dp2oGyVBxxkafxi/Yr/aY8 Vfto3/xZ0Hwd9q8KT+JbHUEvf7R09M2sLws7+U9wsvAVvl2bjjgHiv3wortlxliPbyxEacU3Hlej 73vvuavNJ87mkr2t/Wp4T+074M8SfEP9n7x74I8H2f2/Wta0qe2tLfzI4vNlcfKu+VkRc+rMB71+ ff8AwTT/AGXfjp+z/wCL/G2qfFzwz/YNtq9jaw2r/bbO68ySOVmYYtZpSuARywA9K/XqivHw2dVa WFqYOKXLPV736ba+XY5aeKlGnKktmfgx+1N/wTM+JVh8QL74n/szFLyzvbk3w0tLhbO9sLktvJtZ ZGRGjD5ZPnR04UBsA14rqn7K3/BRz9oa503w/wDFJNSl0vT5QqTa7qcItbcn5TKYlkaSRgv8axux HGea/pRor28Pxxi4QjGUYycdpNar8f66nXDNqiSTSbXXqfM/7Kv7M/hj9l34ZR+B9GnGp6peSm61 TUTH5bXdwRgYXLFY41+VF3HHLfeZifyS/ae/4JwfGXwj8Urr4m/szWp1LSbq7bUbe1sriOzvtIn3 +Zth8ySPeivzEYzvUfKV+UM39AtFeZl/EuKw9eeITu5fFfZ/10/yOejj6kJud733P5yvEX7G/wDw UB/aD8L3fin4v3V1eXugQKNH0rUr63NxdSSSosgjTzVhgxHud5JWV22qoDZBH6Cf8E0/2fPi9+z/ AOD/ABrpfxc0H+wbrV7+1mtU+1Wt15kccTKxzbSyhcEgYYg1+mNFdOYcWYjEYeWGcIqD7K1rdtTS tmU5wdNpJHn/AMWdF1fxJ8K/GXh3w/EZ9U1TRdRtbSMOsZe4ntpEiUOxVVy5AySAOpIFflD/AME6 /wBlz9pf4JfGzWvFXxk0CbSdEuvD9zZRSSalZ3ga6e7tZEXy7e4lYHZG53FQBjGckA/s9RXm4POa lDD1MNFK0977/LUwpYqUISppaMKKKK8k5gooooAKKKKACvAP2Tv+TWfg3/2Jnh7/ANN0Fe/14B+y d/yaz8G/+xM8Pf8ApugoA9/ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooA KKKKACiiigD/1v38ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACvAP2Tv+TWfg3/ANiZ4e/9 N0Fe/wBeS/APwlrXgD4FfDnwJ4kjWHV/DfhvSNNvERxIi3NnZxQyqrrwwDoQCOD1oA9aooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD/9f9/KKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooA//Q/fyiiigAooooAKKKKACiivAv2nfjdD+zx8E/EfxUNouoXWmpHFZ2zEhJ bq5kWGIOQQdis298EHapxzitsPQnVqRpQV23ZfMqEHJqK3Z77RX8u2if8FO/2ttN8YJ4k1LxFa6r p/m7pNJlsLaO0aLOfLVo41nXAOAwk3dNxbof6Uvhp470z4n/AA98N/EXRo2hsvEmn21/FG5BeIXE Yfy2I43ITtbHGQa9vO+GsTgFGVazT7flsjrxeAnRs5dTt6KKK+eOI/NP9uj48fFj4RfGz9mvwr8O 9ebSNK8d+JJLHWoBBbzC7thd6bGELTRuyfJPIMxlT83XIGP0W1rXtD8N6e+reItRttLsYyA091Mk ESk9MvIQo/OvyM/4KY/8nG/se/8AY3y/+l+kV5j/AMFKYbfRP2pfhx47/aH8Max4u+AOn6W0Ulrp bukMepu8wkMpWSLEhzA2DJH5iKFVjtdSAftz4f8AFXhjxbZ/2j4V1iz1m1GB51lcR3EfPT5o2Yfr VfxJ408HeDYop/F+vWGhxznEbX11FbK5HZTKyg9R0r8a/wBkjwh+x9r/AO03o3xQ/Y3+J7+D4VsZ o9X8C3cF2ZNSBWTdte7nUlUDrJiPz1Roww2jIHzz8cbn4T+Bf24fiRrP/BQLwZrnifw1rpjj8J3l u8/2G3sFJ2bVimhLhYyFIjclJA5MZZ9ygH9GWm6npusWceo6Rdw31pMMpNBIssbD/ZZSQfwNM0zW NI1qKSfR76C/iicxu8EqyqrgAlSVJAIBHHXmvy//AOCefgH4HeHPF/j7xR+zL8XP+En+HmuCJ4/C MsM6XGjz5UrM7XUolOcSRhjAN67QZHMeTgf8Ecv+SB/ED/sedQ/9IrKgD9X4dY0i41GfSLe+glv7 ZQ0tusqtNGpxgsgO5QcjkjuKy/EXjTwd4PSKTxbrthoiTnbGb66itg5JxhTKy5OfSvya+DmuW3hn /gpr+1D4kvBm30rwzbXcg6fJBbWEjfotfnZ8Evi/+xl8WNa8XfGL9vvVdS8T+N9fv5Vs9OCai1jp +n4DRiFrRlIAZ2RELbY1UEDcS1AH9SlneWeoWsV7YTx3NvMu6OWJg6Op7qy5BHuKqW2t6LeX8+lW d/bz3tqMzQRyo0sY/wBtASy9e4r8KP8AgnV8ZfA3h39rXxh8BPgX4iv9c+DniHT5NU0S31ITLLp9 7AEklijWYAhSHlDHGXCxliWBJ/Vj4dfss/Df4Y/G/wAbfH7w7c6jJ4k8eoyahHcTRvaIGkSQ+TGs SuvKD7ztxmgD6TooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiii gAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKA CiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAK KKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooA//9H9/KKKKACi iigAooooAK8a/aB+DOi/tAfCPxB8KdduGsotZiTyrlF3tb3MLrLDLtyNwWRRuXI3LlcjOa9lorWj WlTmqkHZp3XyKhJxaktz+cbRP+CR37QVz4wTSde1rRbHw+suJNShmkncw56x25jRi+P4WZVz/FX9 B/gbwdo3w88F6F4D8OoyaX4esrewtg53P5VtGI1LNxliFyx7nJrqqK9fOOIsTjlFV2rLsrfM6cVj qla3P0CiiivDOQ/Kj/goV8O/iB41+Pf7KuseDfDOp69YeHfFMlxqdxYWU91DYwm90txJcvEjLCm2 NzucgYVjnAOOp/ag+JH7WnwO+PmifEDw54e1D4m/A3ULBrbVPD+k2MNxd2lyVKvIdkLTsp+SRS7N GfnjbZlWr9LqKAPwX0X4c6p+09+2D8Lfi38HPgXqnwX8L+CbxNS1vV9S09NHOqeVMkqxrboojkc7 GiLIXZlkbeVCCvcPG/xt/ab+A3xu8feHP2hPh3rPxp+D/iObzvD82j6PbXiWNvvZo7eWOKJEZgri NxcEOWjDoWDEn9eKKAPxi/Yo+CfizV/2v/GH7T2i/C67+Cfw6utKfTrHRLyH7FPdzy+QWf7HtURR HyzK21QgfaEL/OR5r+zz41+Pn/BP3xB8Q/gr4j+CXiXx9o2ta7Pqeh6loNrJPFctKoiGZESRNskU cTFc+ZEdwZDnj956KAPxZ/Yv+Hnx71z9sP40fEL9oTwJe+GI/H/h1CxNvL9gVLxrYx2cd0y+VJND b4SRQxZWVgwBBA5D4HeIPjh/wTtPif4I/EH4Pa78SvA51Ce/0DXvD9n9sLJNhBHMFUrHvCBijMrx vuwsispH7q0UAfnD+yR4m/a2+L/xa8U/F34raHL8N/hdLbi30LwteWVvFfNN8i+fJI8CXSqFV2bc UDPIAilFr3j4ZfHD4p+NPj/49+FXif4Y6h4a8K+FkZtN8RzpcC11UiREAiaSBIjlWLfJI/C/jX1N RQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFF ABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUA FFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAU UUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAf//S/fyiiigAooooAKKKKACi iigAooooAKKKKACivkv9o744+Ifh3fWPhbwlsgv7qD7VLcyIJNkbOyIqK2VySjElgeMYHPGX+zt8 evE3jrXpvB/jJo7q4aFp7e5SNYmJjxuR1QBTwcggDoc5yMb/AFaXJz9Dy3nFFV/q/X8D7IooorA9 QK/LK8/bo/aM8SfF/wCJPwv+CfwGTxzD8N9UOnXl2uuxWbfM8iwu0c0S48zynOFZsY5PTP6m1+Vn 7B3/ACdj+2N/2M+nf+jdSoA7v4b/ALemtN8VtF+C37S/wr1L4PeIfFL+Xo1xc3SX2m3svQRi5VIg rsxCKF8wbmUMVLLnY/ab/bA+Jnwd+OXg/wCA3wo+GSfEPX/F+lzajbxnU109/wBwZjIg8yNk+WOF nyXGegGcZ8t/4K/2mlL+yrZ+IZwI9X0bxFp02mTgYkjnYSqwVuozHuJHQlQcZAI8e/a2+Ini74ff 8FBPgL4/0PwXe+NNetfCV6/9haacXUz3EV9HKsZ2v/qg7OflPyqfrQB674m/b6/aI+DdpB4q/aJ/ Zs1Hwt4NM8cN1qthrEGo/ZfNYKrPFHGFwSQo3yICxCgliAf0+8O+INH8WeH9M8U+Hrlb3StZtYb2 0nUELLb3CCSJwCAcMjAjIzzX5A/Hj4p/th/tbfDTU/gN4O/Zy1LwVb+KzDb3ur+IbxI4LaCOVJWK o8UfOUHzAuwGdqFsYs/ETw/8QNb+Mnwc/wCCdPgzxvqPhXwl4W8G2uoeJNV0mRrXUb+OzQ2yxRyc mNWMSnAO0eadwfYFoA/Y2vzF8bftvfHwftC+PPgP8FPginj+bwIbVrm5GtRWTGO6hjlVyk0QUfM5 XAZuma8z8SeGfF/7Bf7RXwft/A/jnXfEnwz+KurL4d1PRtfvWv8A7JdzskcNxbSMo2fNKHOACdhV iysNnlWm/Gfx58Gf+CiH7RGo+BPhfq/xPm1KLSIprfSG2vaqlrAwkk/dycMTgcDkUAfU2g/t+fEH wh8SvC/w6/am+C1/8K4vGVylnpmrLqEep2TXMjBFjkaKNVT5ioJDsV3BmULlq/TWvxf+KOkftS/t 7+L/AIe+EPEfwdufhL8P/Cutwa3qOo6xdJJeTeRlfLhjCROpZGcBQrAsVZmULz+0FAHiHwi+InxG 8c694903x34Fn8H2XhnW59P0i5mlMg1ixid1S9QFE2rIFDAAt97qa9vr8UPBPjv4/wB38OP23Jvh fqepax4u0LxrqdtokXmyXU1pbC8kWZLKNi+xo7feYkjH3lXaM4r5v+EniH4N+J4PB9/8Hf2kfFPg D42W9zZ/2tbeN7y5fTdQuMbbmGRCpgfdKcRo8xJX5WXcQygH9H9fl/8AFH/gqB8FvA/xh8PfD3S9 RtpdLttW1jS/Ft1dw3SS6X/ZgURywLHGy3CzSCRV2bido4Ga/T5d20b8bsc46Zr80/2gf+Cc9h+0 F8UvE3xa8QfEC/tNauYNMj8NslumzQXsphJMwVHjFyJAPk37WQsxLMQpUA+8fhf8SvCXxh8A6L8S /Al015oOvwme1ldDGxUMUIZG5VlZSCD0Irva/Dj/AIK6+NviV8KNF+Blt4D8V6lpl+kmpxzT2Uxs /tctsliEeaKDZE2WJOzbsG4gKAcV84/tk/Dr9pH9ie8+H/xzh+OGu+KfFGv3cq6kJ5pVtVu4VWYx xxeYUktW3OnlMgUKBhQDtUA/pVor8QP23/jp8aPjD+0j4C/Yr+DPiGbwRbeJILK61PUraSSK4c3c bzsheJlcww267zGrL5rnaxwBXivxQi+O3/BLr4yfDzWbb4oan4/+HnjCSRL+w1N5NpS1eIXa+VJJ Msb7JlkimjKtkFWBUEOAfr38T/2vPhz8M/jz4H/ZyntbvUvGPjWWAqkSbLa0tZ2kVZpZW+8SY2Co gY8fMVGM+G/tP/8ABRj4Z/AfxfH8NdFuLa+8WaZr2lWGtWt8lxFDb6ZfwGea8imjVkcwBowy5yCx GDivyw/a1+Amv6h/wUw0DwDH4/1O3uviBNBqNrqa7/tGjR3s9ztt7b98Dsh8s7NrIPmOAO/6k/Gz /gnZp3x9l8KQfEX4g6lqen+D/CLaFZwPEqsdXWJIk1aSUPvkLFd8kMjNuYD59pYEA+yvgr8cvhr+ 0J4Ofx98KtTbVtES8nsfPaGSAma3I3fu5QrgEMrLuUEqQcCvXK86+EngfUPhr8NPDngLVtbk8R3m hWUVrLqMsKW8l00Yx5jRx/KDjjqzHGWZmJY/FX7dCXc3iDwNH49+NMHwh+Ei/aX1qOx1CWy1/V7h RmOK1EUTl4Y/l37W4DsWUkR0Afo1RX8+3wI+LXw58Gftw/Dnwb+yv8UPEnjP4e+MkvbTW7LXJLyW 2F1FBLIjwG7ihJIIRtwUsCCNxV9tf0DSSJFG0srBUQFmJ6ADkk0APr5Z/at/aOuv2bPDngvXrXQU 19vFvijT/DrRvcG2EC3sczmcERybivlY24Gc9Rjn4C+AHwr8V/8ABQfw74p/aC+LfxK8UaFpuo6v d2fhrSPD2ovYWem2tphEnMRV1eYk4JIBO0liSwCch+094I+PXw5/Zo+DHgv9oXxLaeLtd0z4s6RH ZanbyzTTT6b5F15H2t5o42M4O4E5f5duXZgTQB+senfET4jXf7QOqfDC68Cz23gmz0RdRg8UGUmG 4vjLEhshHsADBHd87yfkPHPHt9fl+fiXrnhb/gpD8Tk1TVbybwx4d+Fj6wdNNzJ9kWS3uLR2lWEk xrIU3DeFzgn1Nfm94C+PH7P/AMctH1b4m/tZ/tGeLPCvj7V7u5fT9J0EapBY6DbqxW3ES21pLC7Y +bKvkqQHPmFmoA/phor+f+P9qX4i/Ez/AIJi/GK9u/F11qPif4e6zp2k2viO1eWzvL+wfVLI29yz Dy5UeSN3jbdh2UfvMsWJ6z41/s5/Ev4e/sop+1uPjT4yuPixpen6brdxI2pbdNP2uSEyWsdqqgJF GsnyrkqxXDJtbaoB+q3xR/aE8M/C34o/DL4Sajp91e6z8ULu7t7J4tiwW8dlGsk0kzMd2fnQKqqc 5OSuOffq/Br9oz4d2nxn/aH/AGSfGev+INc0+8+LumPc340/UGt1sHj06zl3acAp+zNIZD5hGd+B 6V+6ejaZHomj2OjQzTXEdhBFbrLcOZJpBEoQNI55ZzjLMepyaANKivxj/aN/4VqPjt4zu/2xv2iJ vDfhmNYE8OeEvCup3iT2tuU+aXUbe2tncTSYWReGzuPzbAgrlf2GvjBq+q6d+0r8OPDHjbWfF/gX wppbX3he+1l5hqMEFxb3J+9KEkUfKhA2qMrvVV3EUAfuNXi/7Qnxv8N/s5/CHX/jF4stLm/07QVh 3W9oFM0slzMlvEo3sqgGSRdzE8Lk4JGD81/sB+JPEXiT9grwb4j8Rapdapq09lrbSXl1O89w5j1C 8VC0shLkqqgDJ4AAHAFflx4t07VviZ/wSB0/4l+MvE2tahrPhzU7goZb+WSO8FzrcVvtvFkLGdYl 5iBb5GAIoA/Yb42ftR3HwmvvglbWfh1dTT4v6/pujMZLkxGwS/MQ80ARt5pTzfu/KDjqM19e1+DP 7Xnwi1PwJ8Mf2WPAXw48Uas2tar4xsZdP1TVbk6hdWd9epbiF0Zwo8uGQqyR9BjFdn8bfhB4u/Yg 8efB34qfDj4q+LvEA8T+LdP0DxBZa/qRvrfUI7zcZJCm1FBKI4G4MVJVkZWXJAP2zor8Cfj5+0n8 Nvib+1r46+G/7RXxb1r4a/DD4e7NP0/S9AF6kur6hjFzLczWUEx2xsCNrgcbAmD5hPqX7CP7RmiH 9pvxH+zv8O/iVqfxT+GOoaS2raFfa0tz/aGnXUDKJ7MvdRQySIUZmzt2Dau0AmTIB+0leafGP4p+ H/gl8MPEfxW8Uw3Fzpfhq1N1PFaqrzyAEKFQOyrkswHLADqTX4q/sN/s4+OP2uP2eW8b/Fz4yeNI EtL67sdDt9P1V4o7YxESNczlw7XEhmkYLuYFUUKGxtCZr6t4z+O//BLHxvqXxV8Tapf658L9YvrK K6iu2R9QS0MKol+Tk3CKLkjDHJKIxJIyQD9ZPF/x2+IEfwe+G/xT+Ffw8ufGE/jqbR3udPjnKvpu n6patcSXLusb7xAdiHhQS2cjpX1HX4UfFHw7qvwK/Yd/Z2uPAvi7xAs/i7xf4Pv7uS41OZ3jS+0i QyWcLJsKWYMalYOVB9a9++I//Cb/ALWf7afij9nB/GureD/ht8L9HtbrU4dAunsrvVb7UY4pEimn XOYlWT7pBA2EAbm3KAfqzRX53fCv9nv9pL9nnVviXo3g/wCI8PiD4dX+jSyeGD4qvp7m+0jWAg2v M/2cx/Y0JdnCnkBPkzvY/mL8QL79nTQ/hfqd/wCK/wBqPxR4u+P1vaXV1FdeH9T1G80z+00DSJDb tFbiNbUEBS/mIduXXaMIAD9zP2lv2hfDP7MnwvuPid4p0+61SBbqCygtrTYHluLkkRhmcgInBLNy QOiscCtD4lfET4jeEviL8OvCnhDwLP4m0LxVc3cOtatHKUj0SKARGKSRQjBxKXcDLLjYeuePxQ/a nu9c+OX/AATY+D/x08ea7qNx4khuYNPnWK4Mdreb7qW3NxcwgbZJwtupV+NpZzj5q+vPjXoWr/Av 49/se/Cnwj4t1+80afWPEaXj6jqc1zcX6O1pMq3b5UTrGZWWMOpCrwKAP1ior8cfAnhHxX+358b/ AIu618QfHev+Hvhz8Otbm8OaJougXraes01qzLJdXDAHcxCq4yC2XwCqptbmdM8b/Fj4G3/7T/7I /iLxrqXivTvDXw71jxT4V1m/uGbVbSH7GQYmuBh2ZHmXY24bTGWQKG2qAftpRX4PfDn9mP4gfFf9 iu3/AGi/Gfxn8aDx3a+H7vVNGW21V4bGzi06OQW0RjA3u0qRAyy71clskkgl/wBOP2I/iX4o+L/7 K3w7+IXjW5+265qVjJHdXBADTyWlxLbea2MDe4iDNgY3E0AfVNFflB/wUQuvilqHx2/Zp+Hvwv8A Gmo+Cbjxjf69p9zd2EzpthkWwjeQxghXeKKSQxFuUY5Uq3zDwD4mfBL4q/Ab9qj4c/An4PfGjxfb eH/jVaXdvqs+p6iL69gFoRLdz2zsipFO8S4jmVfMRi2G2nFAH7vUV+QHgDwX4h/ZV/4KCeCvg74T 8ceIfEfgv4leHtQvLyz16/a/aO8tEnl81GIUBiYV+baG+ZwSQQB8iyftL/A/9oH4r/EHxJ+1d8bv EfgbRNK1WbTvC/hzw8dQhhjs7dsLezSWdrOjyucEbsPuDZ+Ty1AB/RB4j12x8LeHtU8Tapu+x6Ra z3k+wbn8q3QyPtHGTtU4Ga+DPiH+3rY+Hf2OdK/a68J+EpL+y1q++y2+mXtyLeUR/bJrQPJJGkoD Hyd+0AgZxuOMn4r/AGffil/w0B8Hv2hv2c7/AOJGs+NfDPgixOq+G/Eyyz2OrXWnKkkot7h5o1mZ UeJEfeuXV3UHy9gHzVrvw007wt/wSO0/x/a6vqt5deMNUsjPZ3d201hafYtTvol+x25AEHmA5lwT vbBNAH9OtFfhn+1J+z18UP2Xvggn7VWhfGnxhqPxO0C506fVje6h5mmXj3dxHFJCtmFCrCkknyxM zpsypXkY9s/aA8ZfEf8AaL/aa+HP7J/hTxVf+BPC2o+Gl8V+JbvR5Tb6hPFIWCWsU3JVQVUf3T5h LB9gWgD9YKK/HnxJ4Z8X/sF/tFfB+38D+Odd8SfDP4q6svh3U9G1+9a/+yXc7JHDcW0jKNnzShzg AnYVYsrDYzwX4K8Q/t7fHj4va/498eeIPD/gX4Z63L4Z0DS/Dt++nq09oziW9lYBgznCupxk7gMh UCkA+5PhX+0bdfEj9on4t/AuXQksIfhl/Zmy+FwZGvP7QhMp3RbFEezGBhmz7V9S1+PP/BP3wX4r +HX7Xv7Svgnxr4gufFWqaQugw/2peNuurq28uU2rzt/FL9nMYducsCcnOa/YagAooooAKKKKACii igAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKK ACiiigAooooAKKKKACiiigAooooAKKKKAP/T/fyiiigAooooAKKKKACiiigAooooAKKKKAPnz43f Am1+LDWeqWV6NO1exQwh3UvHLESWCMAQRtJJBGepBB4xQ+CX7P0Hwtv7jxBqt+upatNGYU8tSkUM bEFsZOWZiByQMDjHJr6SorX28uXkvocDyyi63t+X3gooorI7wr8ZfCvg/wDbo/Z7/aI+Ovjj4XfB a08a6F8TNcS9trm513TrLEFtJcmNlja5D/OLg5DqpGOnNfs1RQB+Rd/+z9+1/wDth/EfwfqX7W+k 6N4C+Gvgq9XU/wDhHdNuhez6ndJjaJ2jkmjK4yjNvXajMqJly492+J3wS+J3iL/goP8AB3446Po3 2jwT4V0HU7LUtQ+0W6eRcXEF8kaeQ0gnfc0yDKRsBnkjBx9/UUAFfnb+1D8D/jfp/wAffBf7XX7N +n2niTxN4c06TRNX8PXlylmNT02R3dfJnk2okimVyS7D7sZAbaUb9EqKAPyyi+Fv7TH7WPx7+HPx N+PPgq3+FHgT4V3X9r6fpH9pQ6rqGoaorxvG8kkAVUjRolOGUEAEANv3J6f8Dfgl8TvB37bvx4+L 3iPRvsnhLxnbaXHpN79ot5PtLW8Mayjyo5Gmj2lSP3iLntmvv6igAooooA/Kj4ffs3/tN+HfDv7U 0fhK8PgDxR4+8Z32t+FNS8+1nW4tmuZJkLiMzGFZ4zsO9VkTdu2/KRXhfxm+F37Y37WvgPTPhD8R v2edC8NeKY5LKK+8fXWqWMzRpbshkmgjtwZx5wUh0R5BhiNoOCv7l0UAYfhnRv8AhHPDek+HvtMl 5/ZdpBa+fKcyS+RGqb3P95sZPua3KKKAPyb/AOCof7M/xt/aKk+FLfBzw5/wkA8NXepyah/plpae Qlx9k8s/6VNFv3eU/wBzcRjnGRnW/wCCpv7OHxn/AGjvh/4I0T4MeHv+EhvdH1S4uLqP7XaWnlxP BsVt13NCrZbjCkn2r9TqKAPyD/bH/Yz+Nut/EbwJ+1R+zPNE3xF8IWtjb3WlzyRRi4NmG2yRySss THaxiljZlV48bTnIbyOb9mX9tj9t340eDPGH7X+g6b4C8EeCX8xdPspYybkNIjzJFElxdSB5zGiy PK6qqKCgJGD+7FFAH4x/t0/s5/tQX/7W3w+/af8A2dvC9t4uk8O2NpAbaeeGJYru0uJ3AmSWe3Zo pEmA3I+QQ2SvBP61fDq88Z6h4A8N33xHsYdL8WXGm2j6va27K8MGoNEpuY42V5AUWXcFw7cY+Y9a 7KigAr8qP2vPgT8Zp/2rPAn7TPgj4d2Xxk8PaDo7aVdeG7y6t7ZoJt9w4uY/tQMZP75SpCSMGTkA bWX9V6KAPxzvvhV+2Z8Tv2q/gv8AtBeMfhpp/hTwn4Qu5rIaDZatZ3N1pVlOmyS8uZN0UUvmGTIS 33Oqx7THuILfsWQCMHkGlooA/IP4ZeCv2yf2IIvFfwl+Enwttfi54D1LU7jUfDl8msW2nTaeLogf Z7yKfDOFCgkqFXdkiTDbUxvHv7Kf7Wvin4CeAbHxxqE3jzx/L8TbHxdq9u2pI1to2mrFOrW1q95M qmKAuD5cRPLlUDKgY/srRQB+ftv8AfHepft8eO/itr+i/wDFuvE3w9PhwXwuLcmW6luLUyQ+SJDO v7tHO8x7OOuSAfnv4S+Hf24f2NfCOofAjwf8I7H4weGbG7uZPDWtxava6eYIbqRpvLvIJ8O2Hcu2 NgDFlWRl2lf2GooA/KL4h/s7/ta+N/2AfHvw2+Iupp46+LHjC8sb2GwhktLa3s4YtRtJzaRzv5ER 8uOKSRmZsZOxCwClvpD9o74T+P8Ax5+xHrfwh8J6X9u8W3fh/T7GKy8+GLdcQGAyJ5srrCMbG5Lg HHB6V9m0UAfkt8cfgR+0bpWj/sqfEn4WeD4fFXiT4Lactrq2hyX9vauZJrG0gcLO7iJgjQSKzIzc lWUMuSP1N8M32s6n4b0nUvEWm/2Nq13aQTXlj5qT/ZbiSNWlg82MlH8tyV3KSGxkcVuUUAfi/wCF vhD+0v8As3/tFfFnxlo/wK0/41Q/EHWZtV0jXn1WxsbmxSaWWUQO12rvGFEiqwVUUlBtZhgL6D+y 5+zr+0ponx0+Ofij9oTSbO3tPi5pEJOp6XdQzWkNw6lGs0hZxcgwRzFAzR7D5Rw5ypP6v0UAfi58 GPBv/BQb4MfBqf8AZA0X4ZaTdWUTX9lp/jZ9ZgWytbHUZpJJJ2tBm4ldGmd0GFcDAMTAc7Hh39kH 45XP/BLjU/2adT0WLTPiFJNLdRWEt3bOjmLV1vlT7RDI8IaWJCFJcAMQHKjJH7F0UAfkf4s+Gn7U /wAb9E/Zq1fxf8Ml8L6t8M/HOmXWsWy6rYzqmk2BtSb8ETDO/bJ+5TfINvAIIJ+g/wBu74M/En4z aJ8KbP4baR/a83hrx1pOs6gv2i3t/IsLZJhLNm4kjD7Sw+VNznPCnmvu2igD8tvF/wAJP2j/ANnD 9prxr8e/gB4Ltfij4Q+J8dvJrmgvfwade2t9aqQs8Ms42MpLOwChyd7qVGFevWv2atJ/a+8V/FXx J8Xf2hI4fAnha6tVtNG8F2s9te+Q4K5uZ7mFTlsK2AHBYucqgRVP3fRQB8I/8E5vgz8SfgN+zRY/ D74r6R/Yevw6nf3D232iC5xFM4KN5ltJLHyB03ZHcCvnv4Ufsl/Gq0/YY+NHwL8S6RFo3izxfrWs X2mQTXdvLHNFMLZ7cmW3klRPNaErhiCvVgBzX65UUAfjB4w+EH7W3xh/ZT+EXww8S/C1dA8R/DHx f4bDxLq1hKLrR9I0+W3kv93nhEO9gDEGZjnKgjOPcPi18Jf2hPgz+1Vqf7Vv7PPhe3+Iun+NNLg0 3xJ4dkvotOuvMtFRIbm2mmHl4CQxjHzNneNpDBk/S+igD8lL/wCCX7af7S+jfFzxV8WLxvhnF4q8 NNoXhzwdFqrXdnFJvWVrm9MDNDvlCtCXCb9srZVRGoPnPgTwF+2da/s7yfsu+EP2fdC+HmoXOjya Hqfi+fV7Iw3EMkRimnFvaq873Fwhb597qsjbjgcL+2NFAH4ya5+yb+0F4m/4JkeGvgGfDaad8RvC t/8Aaxpk17aOLhYr+eZRHcRSvBlopgwDSLyCCRxn1fxp4C/aW+OvxS/Zd+L3i74bjwndeBtW12bx JZrqllcrYQTm1S2lVhKGlEyxM22NXZDww6E/qJRQB+VFt8N/2pP2RPjj8SPF/wAD/AMHxb+HfxR1 Ftbk05NUg0q/0vU5mZpcNOCrRO8jABVf5AmShU787w7+y3+0B4zsf2hvj98YdPtLL4m/FLwdqvhj Q/DdjcxSxWNpLZ+XBDJdFxCZJZI4gW3BAQzsw3lU/WiigD4y+Dfwn8f+FP2F9O+Dev6X9l8YQeEr 3THsfPhfF3NDMiR+cjtDyzAbg+0Z5Nb37D3w08bfB/8AZX8B/Df4i6d/ZPiLRYLtLu186G48ppb2 eZB5kDyRtlHU/KxxnB5yK+r6KAPhH9pz4M/En4h/tL/s2fEHwfpH2/QPAGp6zca3c/aIIvskV0lo IW8uWRJJNxifiJXIxyBkZX45/Bn4k+Mf2y/gB8V/Dmkfa/CvgmPW11e8+0QR/ZTd2xjh/dSSLLJv bj92jY74FfdtFAHwn8S/g18SfEH7e3wg+NOkaR5/gzwtoWrWepX/ANogXyJ7mG5SJPJaQTPuMijK IwGeSMGvnvwr8N/2q/2LvH3xB0/4O/DS1+MPwz8b6rPrlhDHqltpl9pV5dYDxyfaFO9MKqfIrAqi tuRiyn9cKKAPgv4DfDf9qjxL4I+KGq/tKavb6fqnxAhubbSPDlu0MtroNvNFJGFaeBTvY71BAdwF TcSWchfz6uv2cv20PEf7Ct1+yTq3wpjttQ8IalazaVfRazp7LqkUl9c3M52vOqx+UJF2lmBcHoGB FfvzRQB8Z/t//Cjx/wDG39lXxd8N/hhpf9s+I9Tl01re18+G33i3voJpP3lw8cY2ojHlhnGBk4Fe L/HL4AfHnw18Uvhh+1P+z9plp4g8X+EdBi8Pa54cvLqO1XUbDDHENwxEayI0j5Znx8sZXcFKN+ml FAH5ZRfC39pj9rH49/Dn4m/HnwVb/CjwJ8K7r+19P0j+0odV1DUNUV43jeSSAKqRo0SnDKCACAG3 7kYfh/8AtP8A7Jfx4+Ivi/4GfD6H4teAfivfHWZrBdTt9Ju9L1eVnMvzz5VopGcnIQ8bQShU7/1Q ooA/Mr9ij4O/tLeEvj98avi9+0ToVrpVz8Qk0m4tnsruC5t90ayFrZBHI0o+yoyQlnUBipKM6/Mf 01oooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAC iiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD//U/fyiiigAooooAKKKKACi iigAooooAKKKKACivgX9r/xd4itte0vwjbXEltpUlmLp1RiomlaR0w+PvBAgwD3OfSsT9kjxd4jX xnP4SNxJcaTcWskxiZiyQvGVw6g/dznacdcjPQV1fVXyc9zw3nkVivq3L5X8/Q/RWiiiuU9wK/Fn wLqP7Z/7SPx/+PPhfwH8dn8C6L8N/Ekmn2lq+jWd8DBNNcrGqsVRgI1gxlixOevHP7TV+BnwM+BP xL+M37UX7Uk3w++L+s/C1dK8Xstwmkx+YL0zXF6UMn72PBi2Nt6/eNAH1N8Ivi5+0/8ABf8Aa10D 9lb9onxTY/ErT/HOlXGo6PrNrZx2V1bNaJNIyTxQoq7W8h1O7dyUIk+8o/Rvw78Q/A3i7Xde8L+G Nds9U1fwtLHBqtrbzLJNZSzbjGk6A5QtsbAPXB9K/GDSfA/xB/Yh/bZ+G+r/ABP8Sr8aD8aH/wCE etdc1RJk1nSnWWKIiEPPOixZuY95GcpuAEfO/wCk/wBigj/hr79sJe/9vaIcexS+oA+5da+Onwi0 I+LIdS8X6Xb3HgaOGTWo5LlFbTxc48g3IzmMSEjbnrmvmX9gb9rI/tQ/C+TVvF+r6WfHMd1eTXek 2JCPZ2XnlLcmIs0gTbgB2JLHqa8Q+AGm6B4r/bh/a+0rWLO31bTbiPQYpre5iSeGQxWzAq8bgq21 17jqK2f+CRfhvw7a/slaT4ntdLtYdYvb/Uobi9SCNbmaKO5OxJJgN7KvYEkDtQB+oF5eWenWc+oa hPHa2trG0sssrBI440G5ndmwFVQCSScAV4T4T/ar/Zu8d+Lh4D8HfErQtY16RtkVrbX0UjTsOdsL A7ZTjtGWPX0r5N/4Kp65qtp+z74b8H2d7NpuneOPF2k6HqlxC5j22E6TyyKxH8LGJcg8EAg8cHvv jl+xj+yHc/DjQoPEMGn/AAo0/wAG3dnPZ+INNks9IvLZ42CRI99cRsG8x2XPmbi0m1s78GgD7B0v 4h+Btb8Yaz8PtI12zvPEvh5IZNR06KZWurRLhQ8TSxg7lDqwKk9QRRZfEPwLqPjXUfhvY67Zz+Kd Jt0u7vTEmU3cFvJt2SyRZ3Kjb1wSMcj1r87f2eJoZv8AgpX+0tJDMJ0l0fwy6SAgh1On2pDArwQQ Qcjjnim/Cy4hm/4Kr/G6OJwzQeDNKRwP4WK2DYP/AAFgfxoA+wLL9rT9mXUtT0PRrD4n+H7i98Sn bp0aX8LG5bzDCApDYBaRSigkbmBVcmix/a0/Zl1LU9D0bT/id4fuL3xK23To0v4mNy3mGEBSGwC0 qlFBI3MCq5Nfmr/wSa/Zy+Dut/s+23xf8T+FrDWPFjeILi4tNRuoRLcWf9nmMQCBm/1e2QM+VwSS M5wMR/8ABKD9nf4Q6p+zxD8ZfEXhGx17xeuvXN1ZXtxCstzanTtgt1t3b/VkSKz5XGSRnOBgA/UL 4jftM/s/fCPW4vDXxK8f6P4e1aUIwtLq6RZ1R/uu8YJZFbszAA+td7c/EjwBaeBm+Js/iKwHhJbc XZ1YXEbWX2c9JROpKFPcHFfz8fsXX3xY8W+CvFnxT/4Ze0/47ar431m9l1LxFqmu6XbuXbaXtEtb 2GRokQsWOMBtw/hVQPQ/C3gP4u/DP9jD9q/wp488KDwT4XkY6hoGjDV7PWBpwu5HFzaCW2kdlEPl wj94qbiSQC280Afrdqf7XX7MGj69Z+GdT+KPh+31K+SKSKJtQi+7OqvEXbO2PerqyhypIII4rwP9 sD9smz+APxE+EvgLSdd0iy/4SjXbL/hInu2DTWOhPMge4ALBY0kAdfNYEAK23B5HzhP+y38C9O/4 JbNraeDdMfXZvAUfiZtVa1jOof2jJZLf+YLojzRhzsADY8v5MbcivHPHWh6F4p+H37AOreJNMtNT vdX1TQ9PvZ7mCOWS6tIvsyrBOzqTJGAT8jEjk8cmgD949B13RvFGiWHiTw7exalpWqwRXVpdQOJI p4JlDxyIw4ZWUggjqDXlfjH9o/4C/D691vTPG3j7RtFvfDhtl1C3uryOOe3a7j86BWjJ37pY/nRQ CSvIGK9e07TtP0fT7bSdJtYrKxs40hgggRY4oooxtRERQFVVAAAAAA4FfkL4C+EHw5+Jn/BVT48a 54+0q11yTwvpWgy2FpeRpPAJrnTLJGnMTgqzRqu1cghS+cbgpAB+o/w4+Knw3+L2gf8ACUfDDxJY +JtLWQxPPYzrMscoAJSQA5R8EHawBwQcYIrz7xx+1X+zf8NfEp8G+O/iPomi62hCyWk95GJYSRkC YAnysjn95t4x61+dOpQR/s4/t6/E3SfgfYJYaX4g+F174lvtKswIrKHVrJpPImECgIrExqOB1nY/ xGu1/wCCdP7O3wT8cfslaX488eeF9O8Y+IfiHLql1reoarbx3tzNJ9tng2ebKGdMKgJ2sD5hZ85O QAfqBL4t8KweGG8azazZJ4eS2+2HUmuIxZi227/OM+7y/L287923HOa8f8B/tWfs3/E7xGvhHwF8 R9F1rWpCyxWkN2nnTFRk+SrYMuBz8m7gE9q/HX4XfCjxF8Vf2Uf2kP2VvB3iiKw0jwR47uLTw7Nq VyI7WW3t7syCzeY9FkMPmDt5r7jwTS+KfFfhTwRqPw+0z9tD9meT4T/8IrqtidP8Y+DvJis47mDJ iWSS3V/3QK+aUFxJJ8u5VyCCAftR8Uf2g/gl8FJbS3+K3jXS/DNxfLvggvLhVnlQHaXWIZkKA8bt u3PGaoa98TPC3xB+Bni7xt8I/HulRW66RqX2XxFFPFc2Wm3MVs5FxMw3qBbNiSRWBwBytfnH+0P8 IfjJ4S/a58RftHfDn4eaB8eNH1jR7OyvNAv5oHv9ISKONCbeKYttE3lFlZI5GO+RdgHJ474SeLfg NqfwF/a20f4deCNY+FfjabwxrN54h8K6mdtvZt/Z10EayiCRiOMFyGXy0IBQbdmygD1/4sfHX4q/ DTwj+yi1t8TbTXk8Y+KtPsPEeu2SW5sdWsZJ4xMwd4wscZRmBZAhHJyMV93fD79pj9n74reIZvCX w4+IOjeIdZgDMbS0vI5JnVBlmjXOZFUdWTcB61+JvxD8H6H8Qv2WP2GfAfiZiukeIvEFnp95htjG 3upVikUN/CSrEA9ic19Mf8FI/hJ8NPgn8Lfh98Y/g/4b0/wl4x8F+J9Lh0qXSraK0eZGEjfZn8tQ JBmMMN+ejDozAgH3NpmseLT+1r4g0eX4mabd+H4fCyzReC0Ef9pWtz58A/tF/k3+SQWTlyMyDjpj 4S+D3xy+N/xS/wCCfVt8Std+Mlh4D8YT69NbN4n1mK2it1gjn2iAqIfKBccKdmfevT/C3/KWfx7/ ANkwj/8AS2xr8zpP+UNEX/Y3n/0qNAH6t/Gj9uHw98Mf2v8AwH8Eb3xRomleEGtL+48UXdzIomtL lbWV7O3kkZtsIdvKfldzblAIBIP3B4P+Jnw++IF5rWn+CPENlrl14cuTZ6lFaTLK9ncqWUxTKpyj ZVhg9wfSvzQ+PHgLwNrP/BT34H2Wr+HdNvrfWvD+tTX8c9pDKl3LDa3QjedWUiRkCKFL5I2jHQU7 UL/Tv2TP+CjGo63qcq6Z4C+POgTXk8h+SCHWNFjMsrH38tWY+r3NAH6Z2PxF8Can431H4a6fr9nc +KtIt0urzTI5la7t4JdpSSSIHcqsHUgkc7h618x/t3/tIp+zZ+z/AOIPEeg61Zab44v7fytAguSj SzzGeCGeSGF+JWto5vNIIZRgbgVyD45/wTe0PU/G2kfEf9rfxVbtFrHxl164uLNZOWh0ewd4bWIE 8gK29PdUQ88V0H/BU/w/oOpfsVePdc1DTba61LSBphsrmWFHntTPqtkkvkyMC0fmL8r7SNw4ORQB d/Yy8YXOmfBnV/i/8WP2gbP4lafdraSXt3P9ms7HQLpYfOubQzK+0n9/GG3BPurhBuxX0n8N/wBp j4AfF/WJfD3wz8faR4h1WFWc2lrdIbgon3nSM4Z1HdlBA9a/Ln9obwL4S1zxd+x3+z7NpVto3w+8 aTHVdZsrKNLS31O9tLO02CdYgoZmDFCx+YiTqCAa63/gpn8Kvhp8F/hN4P8Ajz8KNA0/wb418E+I tNGm3Ok20Vk0qNvJt3WFVEijYGAYHAVgPlZgQD9GvGv7TH7P/wAONQ1bSfHXxA0bRL/Q5LaG+trm 7RJ4JLyPzYFeLO/Mkfzrx93LdBmvXND13RfE+jWXiLw5fwappWpQpcWt1ayLNBPDINySRyISrKwO QQcGvx18I/A74afGn/gqN8e7n4peHrTxHZaFo2iPBZX8YmgWe606xTzGjOVZkRWAzkAtkcgEfsZo mi6T4b0aw8O6DaR2GmaXbxWtrbxLtjhggQJHGijoqqAAOwFAHlXxO/aL+BXwZuYrH4peOtJ8N3k6 eYltdXSLctGTgOIATIVzxu24966LwT8Xvhf8SPCc/jrwH4p07XtAtQ5nvLS4SWKHyl3uJSDmMqvJ DAEDnGK/JvUfFXwpj/al+LWofBP4H63+0T48nvI7TXb7VpLGPR9JuIA0X2OzuLi3YRKuzy23jJ8o BWZVJPE/sYwa3ovxO/bC8P6t4XtvAUh0mK5n8O2FzHc2enzvb3TGOJ4cRHbvP3AFXO0cAUAfqVqn 7ZP7KuijS21P4q+HoV1lBLan7fEweMsyByVJCIWVhufaMg816/4o+Jfw+8E+Gbfxp4s8RWGlaBdt AkN/PcIltIbn/U7JSdreZn5SDz2r8v8A/gm5+zB8BvFf7Fekav4q8J6b4gv/AB7/AGkdUubu3jmn xFdz2kcUUrKXiEaRArsIIclxyc18J69rOsat/wAEo9d8NarfS3em+FfiD/Yul3c7+Zu06GSN42U/ 3FaV1A6ADAwAAAD959G/am/Zy8Q+Oh8M9D+I+h33idpTbrYxXsbSSTglTFGQdryAgjYrFs9q98r8 p/22v2YPgT8OP2ItZn8FeHbLQNR+HltY3mjavaxJDqCXUNxCgka6jAkd59xDksdzMG+8FI/Qr4Je INa8WfBnwF4q8SKyavrOgaXe3iv94XNxaxySg++9jmgD5Y+D3xd+IviX9u348/CbXNZe68J+EdP0 KbS7AxxKltJd2cEkzB1QSNvd2Pzs2M8YFexeKv2xf2WvBPiCXwt4o+KGg2WqwSGGaA3iSNDIDgpK YywjIPUORjvXxN4C1PRNF/b1/bA1jxLqkuh6RY+GNGnvL+A7ZbS3j0qBpZ4ztfDxoCy/K3IHB6V8 0/DmTwrq/wAANU8Gfs4fsm3XjLwPeW2oE+MPGN1pthc3CMZN92ZWg3SGHkR+S4KbAB8wNAH7d6z8 YPhX4eg8N3WteLNMtLfxjNHb6NK91H5WoSzbfLS2cHbIX3Lt2k5yMVs+OPH3gr4Z+HZ/F3xB1y08 PaLbMiSXl9MsEKtKwRFLsQMsxAAr8Lvht8KtV+Nf/BISyXTHkl8ReA7zUte0WRSTLFJpl7PK6Rnr loGlVAP4ivoK9M8c/FeD9vDxN+y38H7DbPpetW6eOfGEScxIul77drd8fwPcxXEOD3aNsDggA/Vz 4j/HX4OfCDTLPWPid4x0zw3a6kC1qby4SN7hQASYY875AARnapxkZ6iug8AfEv4ffFTQF8U/DfxF Y+JdJLmM3NhOk8ayLyUcoTtcAglWwRkcV+Haat8SvHH7e/xx8XWvwMg+O174NltNHsLTUdXsdOg0 a0AcRvHBexyJKZ/LZgyrlCXJOZK92/ZP8AfG7wj+2T4o8ZXXwht/g34J8YaDjUtCtdd03UYBqEDh oLtILVo3jDjeoCw7QWc5+bAAPv8Asf2tP2ZdS1PQ9G0/4neH7i98Stt06NL+Jjct5hhAUhsAtKpR QSNzAquTX0N05Nfij/wSW/Zy+Dut/AC0+L/ifwtYax4sbxDPcWmo3UIluLP+zzGIBAzf6vbIGfK4 JJGc4GP1U+PWpeDtI+C3je++IWr3WheGl0i8TUL2xIW7htpIijm3JV8SkNiP5SdxGOcUAefax+2f +yjoGvnwxq3xW8PQaikhhdPt0bpHIpwyySoTGhB4O5hjvXtnib4geBvBnhOTx54s8QWGkeHIo0lb Ubm5jitdkuPLYSsQp35GzB+YkAZyK/Bh5NK1z9kvXPC3wS/ZLll+H8Og39ynjPxVdadZagYI4ZJT qh/ciSaZQPMQxSbeFVPkwK7ex+Dfj74/f8E4/wBnz/hDLvTdU17wrqY1GDQ9cnWOz1pLS7uYEs28 xkDkLtQIWVTGWXcpINAH65/DL9pH4DfGXUJtI+F/jvSfEeoW6NI9ra3Km4EanBfyWw5QEjLBccjn kV2vgb4leAPiZZ32ofD7xBZeIbfTLp7K6eymWYQXUYDPFJtPyuoYEg881+N3gvx/8OLX9qD4Wt+0 d+z9e/An4jxXb2Gh6topjj0bU7q4CwCKcwRosi/P5S7XlCiTDsEYEekaB4s0j9iz9uD4waN4iY2n gT4n+H7jxzYgfdF/pkcs99FH2DuFuXwOcCIYPFAH6S6z8e/gt4efxRHrnjbSbJvBX2Ya2JbuNf7O N46x24uef3fmOyqu7qTisKD9qH9nS58dRfDO3+JGgy+J5pVgSxW/hMrTs20QAhtvnFjgRZ35425r 8YNb8Ea1D/wSv+M/x58ax48WfGrWbDxHeMR8y2r65araRj/YwXlj9FlA9q7z9s39mr4MfDL/AIJz +G/EXg7wrYaZ4i0OPQLpdWgt401Cae8Ma3DzXIHmv5hkLEFsAhcABVAAP1ls/wBp/wDZ31D4gD4V 2PxF0S48WNMbYael7E0puASpgBB2mYMCpjB354xmun8X/Gv4Q/D/AFifQPHXjLSfD+o22njVZIL+ 8it3SwMvkC4IkYfuzKPLB7t8o5r8lf2+PgB8Ivg1+yN8Pde+HPhfT9D13wxrehC31S1t44r6RnRv Maa4UCSQyOBIxdjlwD1Fdv8AHv4WeCfi5/wVZ+Gvh74g6XDrWj2PgEag1lcoJLeeW3vdR8oSxtw6 B2DFGyrYwwIyCAfoToX7Uf7OfiXwhqvj3RfiPoVx4f0No1v7z7dEkdq0xKxCbeylDIQRGGA3kYXN dX8L/jT8KPjTplzrHwp8Vaf4otbJ1juGsplkaF2BKiVOHTcASu4DODjODX5Nj9mv4K3X/BVSbwm3 hPTk8NReD08RnR1to1019QSQWqyNaqoiOA5fBUjzPm610XgvTdL+CX7f37Q1r8LtKg0exg+HI1uP TbKJIbY30C2zKyQqAgLMzHAAGXY9zQB+ivjv9qX9nP4Y+Jf+EO8f/EXRND1sFQ9pcXkayxbxuXzl BPlZHI37eMHvXkP7bH7VNn+z1+zpffEnwLrGk3XiPVo4B4eS4kE8N8JZoUllgWNx5wihlMo2sV4B OVyD+VP7G2n/ABM1T4GT+Jbf9k3T/jU3jq71C51HxRqniLSorjUJGuJI5E8m7hkmgEbKRjcNz5lH 3hVPxd8MPiH4E/4JqfF7w18WvC0GkL4b8TWs/heGW/stYm0uyv8AUbTzrWK6tnkKFX3h87GcsxK4 OAAftl4R/aa+CeqfD3wv4y1P4gaKtvr4W1S6a8hjhmv4oVe4hViQoePOWXjaK8a+L/x+8J/E7wN4 e1f9nz47+HPC4tfFenWeo30s8MyXMUkdwTpoV0crLclN8Rwu4RsVbGa+OP25fhX4K1rwl+yb8MLP SbXStD8T+KtMs7uCyiW1Rlv0top2xCF+dlY5Yck85rsv+Chfwi+GHwh+Dfwx0r4X+F9P8L2d/wDF Dw9NcRafAkCSyJaXkYdgoGTtUDPfknkkkA/T/wCI/wAXPhf8INJj1z4o+KtN8L2U5ZYX1C5jgMzI AWWJWIaRgCCVQE+1Hw2+Lfwy+MOiv4h+F3iew8T6fC/lyy2M6zeVJjOyRQd0bEcgMAcc9K/NzQ/C fhn46f8ABTv4n2PxY0+LX7D4YeHtLj0HTNRVbi0ia9ht5prlYHDRlg0rYJB5YE/MqlfqT4a/s/fs 8/B79pTxN4u+HGtw+H/Fni3SYvtnhG0urOCz+zxuuL6PTUQTKS8ZHmAhMtJxljQB9d3d3aafazX1 /MltbW6NJLLIwRI0QZZmZsAAAZJPAFfNlh+2h+yhqfiSHwnp/wAVvD0+p3DiKNFvozG8jHCqs2fK LE8AB8k9KwP26NS+Eunfsx+Lo/jdq2raT4SvVt4Lk6G0a6lcuZlaO2g85HTMrKAwYBdm7cQua/IP 9p6TVPEP7Iup2/hz9kuD4b+CtBttPkt/E2q3Njbapbr9ohjjdbZYUuXluCwSQl23B2Lc80Af0Ca/ 8Q/A3hXxFoPhLxJrtnputeKXlj0qznmWOa9eAKZVgQnLlA65A6ZFHiX4h+BvBuraFoPivXbPSdR8 T3BtNLt7mZY5L24G3MUKsQXb5l4HPIr8mPiVfXWo/Fv/AIJ76nqEzT3F3p9zLLK5LM8kmnaaWYk8 kknJPqa9V/bxuIV/aT/ZEtGcCWTxlM6r3Ko9kGP4Fh+dAHVfCT9uPw58RP2vviB8GrnxToa+FdLh 0218MtBIvm6pfTRh7oLKWPmyI5MexAANvILZNcR+yV+2v4eg+H3jrWP2n/iZp9lqFr471nStL/tC SC2m+wWsVoY444oVVmSNpWy5U4z8zdKyP2cvAPgWD/gpB+0bFD4c02NNDtvD0+nqtnCBZzS2cTSS W4CfundiSzJgkkk8157/AME2v2d/g38QNI+M3xC+IPhHS/FGp3PjbVtGQ6naR3iw2sCRTFY1mVlQ u1w25lAYgAE4AoA/Ynwr4t8L+OdAs/FfgzV7TXNGv1L295ZTJcW8qglSUkjJU4YEHB4IIPIrxdP2 uP2YpPGA8BR/FDw+2umb7OLYX8XM+7Z5XmbvL8zd8uzduzxjNfi74e8Ra58Hf2IP2wfDXw+mmsLH w948u9GsRG5P2SyvLy3sZgpJJAaD5MjkE7s55rp7T4XfEvWv2WLb4W6Z+xZpZsLzQ0eDxOfFWjLe m4kgDpqplaJZQxYiUqZQu392SE4oA/dHxb8RfAfgO40m08a6/ZaHLrtx9lsFvJ0h+0z4z5ce8jc2 OcV534H/AGoP2d/iV4pbwT4B+Iuia7ro3bbS1vY5JJdg3N5ODiUAcnyy2ACe1fjr8fPA3jXxf8Af 2Mvhd8eomGs6l4uttB1RRdQ3TNaNcizjP2i1kkRy1rsO5XJyfmO7Ne7/ALfHwa+Fvwm1P9nnxz8L vC2m+EtY0/x/o+mpPpVrFZs1rITJskMIXzAGhGN+SMtj7zZAPcPFf7cfhzw9+23pvwFvPFOh6f4J tdEmfUbqSRRMNfa4aFLGSVm2oyKqkRhQxL8kjAr3n4K6v4rv/jP8ZLHXfiXpvjHTbG905dP0KzEf 2rw4jLcb4rvYitunwpXczf6tsY5z8ceKPAPgW/8A+Csmi2V94c024t7r4fPqU0clnC6SX3264/0l 1KENNwP3h+bgc14lB4x8QeAfEf8AwUT8WeFZZbfVrJNIFvPAxSWB5ob+LzkYYKtEHLgjkFcjmgD9 T9Y/a1/Zk8P+Lf8AhBdZ+KHh+011ZTA9s+oQ5imVthilcNsjcNwVdlYHtXpvjz4m/Dv4XaEPE3xG 8S6f4a0pmCJc6hcx28buwyFQuRvYjkKuTjtX5+fA39jv9mTxV+wx4W0jxZ4f02OPxR4YtdX1PxA8 UC6hb3d5arczXa3sqFozAzHaWO1UXawK7gfE/jW/7L3hLxR8BPCei2fiL9o/xH4W0WdPC2hWVzY6 npt3YqZIftl9IkBjkKmEqrR5UfZwXUBcsAfpx8Nf2lfgH8Ybi8svhn470rxBdafG008FvcL56RL9 6Tym2uUHdgNo456V8sfszftvaD8bv2hfin8NdQ8TaI2m6be2dp4OgtJF83VIEiupbudHLMZ22xqz bMKigYHUn4Zjk8Zf8PDvgL4j8T/Bew+CE2tx6nbCxsr60upNRthazK0l0lmkaIfnKAOu5hwchRX0 v+w14E8EWf7Wn7U1xZ+HtOgl8O+IdOj0x47SFWsY5UvVkW2IUGFXXhgmARwaAPrr9k/xLr0/wNHi H4jfFTSPidPb3V48/iLT2ijsRBGc7GZEiRfJGdxIGO5rqPB37WH7NXxA8Up4J8GfErQtX1yZ/Lht YL2MvO+M7YckCU4HSMtX4D+HNS1SX/gmp8M/AEd7Lpuh+OvicNH1i4ifZ/oUjPIY2PTBZA/PH7vo a/TH9vT9mD4BeFf2PPEmseEvCWmeFdT8BW1teaPqGn26W13BNDPEiqbhAJH83O1t7MWYhyd4DAA/ Qfxb8Xfhd4B1aDQvHHivTNAv7m1nvo4b66jt2a1tQWmmHmEDZGASzdBXO/DP9on4GfGTULvSfhb4 50rxLfWKl5rezuUeZUB2mTy+GKZIG8AryOeRX5GeP/D+m/tJ/tK/sUwfFyzXVofFXgv+19UgnUGO 5ni09tQIkUcFJJYxuUjBUlSMZFex/HD4aeA/hN/wUK/Zm1z4ZaDZeFpvEi63Z36aZbx2cVxFb2wC eZHCFRjtmYEkZICgn5VwAfrtXgHxD/aq/Zx+E+tP4b+IfxF0bRdWi2+ZZy3StcxbhlfMij3OmRyN wHHPSvfiQoLMcAdTX4S/CXxJ8ONQ1Lx6v7Ln7N+qftAQ+INbvZdR8WeLJ9Nt7e6upSDLHDcXNttN uCfMCEI53ksBkYAP2Zh+LXwxufh+/wAVrbxVps/g6OEzvq8d1G9ksSnazGZSVG08HJyDwea821P9 rr9mDR9es/DOp/FHw/b6lfJFJFE2oRfdnVXiLtnbHvV1ZQ5UkEEcV+LfwEF9Y/8ABO39rDw9c2y6 dHpeu6jGljFN58No2y3V4opOjKpUKGH3sZ719Mz/ALLfwL07/gls2tp4N0x9dm8BR+Jm1VrWM6h/ aMlkt/5guiPNGHOwANjy/kxtyKAP1o8aeP8AwR8OfDVx4y8ea7ZaBodsFMl5ezpDAC/3QHYgFmPC qMljwATX51/Gr9sTTPEfxZ/Z5039nb4iWWq6D4q8VNpviCLT3guDJATb7IpldWlhyGfBGwnnBOOP lDQ7dfjZ45/Yc+DvxR36p4MuPCMusT2lw2621C+sbKXyUmQ5EnlLAmQwOUdl/jbPsP7X3wR+Fnw+ /a7/AGW/HPgTQrHw5qes+KEsryGwgjto7mO2lt3ikaKJVXfHvKlsZIZQchRgA/ZCiiigAooooAKK KKACiiigAooooAKKKKACiiigAooooAKKKKAP/9X9/KKKKACiiigAooooAKKKKACiiigAooooA4Px 58NfCHxJsYbHxVZ+f9mJaGVGMcsRbG7aw7HAyDkHA4yBVbwB8K/Bfw0hnj8LWZjlusebPKxklcDo Cx6D2AAzzXotFVzu3LfQw+rU+f2nKubv1CiiipNwr8trv/gn/wDGvRPir8Q/iX8Iv2ibvwGnxF1a XVbyyttAjuAC8kkkaNK96u/y/NYBgi5z0r9Sa/Lb9n/9s3RtE8ZfHq1/aR+I9jplh4c8fano2gRa g8Fu8dlbTSIsMKRqskqxgKGYhiONzc0Ad98Kv2DJ9A+L2k/HP47fFLWPi94s8OIV0k38S2lnZMwI MiW4km+YZJUB1UN8xVmAIh+Iv7E3xFPx08RfHb9nT4w3Xwu1PxtFDFrtqdLh1S3uGiQIJY0mdFVs DI3KWDsxV1DFa+rPFXjzQ/GXwM8UeOPhf430y0tZtE1KWw8RxzRXFhYyx28m27kcb0KW7jfICDja QR1Fch8K/il4d8KfCH4eSfFf4m6P4g1jxJEtvb62k8UFtrN1kktbcIp47ADp0oA8x/Zb/Yui/Zp8 f+P/AB0/ji88ZS+P4bD7V/aFuFuRdW6u11PJcCVvN+0TSO4XYvlqQm58biz9kb9kbxn+ylqGteH7 T4mzeJvh1c+e+maDcadHDJYzzyo/mm7WVmkIRSjAIqsTvAU8H27wP+1B+zv8SvFLeCfAPxF0TXdd G7baWt7HJJLsG5vJwcSgDk+WWwAT2rpvih8bPhL8FdPtdU+K/izT/C9vfMyW/wBtnWN52TBYRR8u +3I3bQcZGcZFAGP+0F8B/BH7SPwt1X4U+PkkXT9R2SRXEBUXFrcwndFPCzBgGU8HIIZSyngmvieb 9gX4wfEN/D/hL9o34+X/AMQ/hz4angnj0NNKh0+S+Nt/q1vbpJXklAHDF97sMkMjfNXR+Df2ldT+ I37fNp4C8BeNLbxB8MLzwE2rQw2LW89s9+t6YWlEyKZN6gbWQvgHgrmvUP2dfipbeE/gBbeMfjh8 ZtC8dB9TmtT4ltpYYLB3kcLDbBlSNPMU/Ljbkk0AcX8Yv2LvG2v/AB1n/aK/Z8+Klx8LPF2r2EWm 6sP7Nh1O1vIIVSNG8qV0VWVI0GGVwSildhyTe/Zw/YjuvgH8aPE3xs1b4jX3jjWPF+kiy1JtQtFj mlvGmjmkuRKsrBYz5YRIAnyLgbzivd7P9qj9m/UPHI+Gll8SdCn8TGb7MLJL6Iu1wGKeSrZ2GXcN vlht2eMZr0X4hfEz4ffCfw8/iz4leIbHw1pCOsX2m+nWFGkYErGm45dyASFUEkAnHBoA8Z/ZG/Zw /wCGWPgxa/CH/hIf+En+zXd1dfbfsn2Ld9pbdt8rzpsbemd/PoKX9kX9nH/hlb4M2nwj/wCEh/4S f7LeXV39t+yfYt32l923yvOnxt6Z38+grqfCX7Tn7PfjybRbXwf8QtF1a48Qzy21hDBeRtNcTwIs kkSxZ3h1R1YqQDgg45r3SgD81bv9hb4o/Drxf4o1z9k/41XPwu0LxndPeahok2k2+q2kNzLnzJbM ysvkcYChV3AADftVVXqfCn7Afhbwd+zX4/8AgXpnim5uvEPxMEkut+J7238+4uLuRt3mGDzV+Rfm KoZScszFySa1NM+K3jL4y/tp6j8NvBGry6d4B+DFisviE2xGNV1rUlIt7ORsHEVugdyFIJkRlYEY x8leD9T/AGy/2jv2jPj14N8AfHR/AeifDXXUs7W2bRrO+VoLqS5EaqzKjDyxb4yxYnd145AP0Zvf gH9r/ZUH7Mn9u7MeEI/Cv9rfZc/6uxFl9p+zeb3xv8vzf9nf3r57+Iv7CF14w+BPwj+F/h34gzeH /FPwbmtLnSdfisFkV57VQN7WjTfLllRl/ettK87gSK8X1j4zftdfsU+P/CX/AA0/4r0/4n/Cjxhf ppcmu2+nx2N9pN1IpMe+OBUUocFznzSyK+0qwCt0H7Wvjr9ozVf2yvhf+zp8FfiQ/wAPbPxhoN5e TTiwtr5BPaC7mLFJl3HckATAcAZzjrkA/SfwDo3ifw74K0TQvGmu/wDCT67YWkUN7qn2dbT7bOi4 eYwIzLGXPJUEjPT0r8abn4RfET4mf8FNPjzq/wAJviJcfDfxV4b03QJIL2Ozi1C3uIbjTLJJbe5t piqujFVYEkhWUNtJAI7n42af/wAFDv2Uvh/ffHE/G3T/AImaN4aaGXUtHvtDtrLzLaSVYyyPCC5K lgWCyRkLkgkjafvXwv8AEz4Caf8ADrSv2qvEMWh+Bz4+0nTby81a7Fva3Uyz26PDbT3ZVJJ2iXCI pJ4X5RgUAcd+zn+yWnwh8ReK/ih8TvFU3xM+JfjdBb6nrd5bJbILJQuLSC2VnSOH5F3AHBCoAqqo FeHaZ+wb8X/hbca54b/Zq+PmofDz4f8AiK5luZdFk0m31KSxacfvPsN1LIjxZ6KUCsowSzuA1fbn wv8Aj38GPjUt0fhT4z0zxPJZANcRWVwrzQqxwGki4kVSeASoB7GvzN1DXf2u/jl+2d8ZPg98MfjS /wAPtB8CLp09tCdJtL9Sl1bxFkBdVcfOWbLM3XFAH01J/wAE9Pgqf2XLv9mGGa7S2vbldUm1okPf yawuP9ObPykkDy9nA8v5c5+evK7r9gb41/EyDQvBv7Sfx/vPH3w/8PXcN0mjw6Pb2Et6bcERi6u1 keRhzht/mEgnDK2GHnHj/wCJX7aH7EfjXwDr3xm+I1h8Wvhv4u1iDRb0tpkOm3llLOGIeMwJkkIG cZdw2wqVXIav2PoA/Pz4s/sXeNr/AON9/wDtEfs4fFCb4WeLtdtIbPWIjp0Op2N+kAREcwysFRgk aA5VwSuRtJYtL8Pv2GD4a8H/ABfPjbx/d+MfiL8Z9IutI1XxLdWUcKwQz2r20Yhs45MBYw4JXzQG CIo2AV9GftE/H7wf+zP8Mbz4r+OrO/v9Jsri3t3i02OKW4L3LiNCFmlhTAJ5y446A17lQB+a3xC/ 4J223xD+Bnwf+CV38QrnTIvhVN5rajZ2AS5veMZiBuCLVweVfMuD2q3o37DnxK8X+P8Awp4q/ag+ M938VdG8BXC3ejaR/ZNvpdu11EQYp70xO/nsuOQwLHu5UsrfoB4o8UeHPBXh++8V+LtSg0jR9MjM t1d3LiOGGMHBZ3bgDnqa8SuP2u/2YLXxJZ+Ebj4o+H01a/WJoYTfxYPnqrRBnzsQurKVVmBORgc0 AZOlfs2/2Z+1nr/7Uf8AwkXmf254XXw3/ZH2THlbZ4JvtH2nzju/1ONnlD72d3GD8zN/wTjDfsaJ +yP/AMLC+7rH9q/21/ZP/TUy+V9k+1++N3ne+O1foD41+J3w7+HB00eP/Elh4dGrytBaG/uEt1nk Rd7KhkIBIXk88Dmvkr4v/H7wn8TvA3h7V/2fPjv4c8Li18V6dZ6jfSzwzJcxSR3BOmhXRystyU3x HC7hGxVsZoA0f2nf2SPFHxr+JHgj4y/DD4jT/Dbxt4IhurW3vUsI9RR7e7Uq48p5IwGAdxk7gwbG AQDXx9/wU71X4dfGPw34H/Zz8L65b+IPjQPEtjZW9rZH9/a/aYGS6kukXd5MDo6Oyls/dblVYj9a PDXxJ8A+Mte1/wALeFfEFlquseFpVg1W0t5lknspXLBVnQHKFijYz1wa8/sdN/Zxtvjvfvp9j4dT 4vTWIvLqSOG3/ts2QVYRK7hfOCFSqE55XaDkYoA9B+G/gTRfhh4A8OfDrw4mzTPDWn22n2/GCyW0 YjDNj+JsbmPckmvNv2ofgb/w0l8CvE/wV/tv/hHf+EjFmPt/2b7X5P2S8hu/9T5kO7d5O374xnPO MHC1j9s/9lHQNfPhjVvit4eg1FJDC6fbo3SORThlklQmNCDwdzDHevF/23P2xLb9nrRPANv4N13S Bqvi7XNNS4Ny6zNFoE5kM99CoYKU+QIJDuQbicZwQAekfHX9kLwv8dPhV4R8Dajrd1oXiPwD9lm0 LxFYIEurK8tY0jEqpuzscorNGJFOVUhwVBrx7Tv2HfiP4+8Z+GPE37V/xkufitpfgy5F3pmix6Tb 6RZPcxjEc90Ldz5zDrhhn+EsUZlb7OvvjT8I9M+H1v8AFfUvGGlWvg67VWh1aW7iSzlDEqoSViFY sQQACSSMAVS+F/x6+DPxqS6b4U+MtM8TvYgNcRWVwrzQqxwrSRcOqkjAJUA9jQB554C/Zw/4Qj9p z4m/tG/8JD9t/wCFjWmmWv8AZf2Ty/sf9nW8UG77R5zeb5nlbseUm3OMnGT9PUVx/wAQtSvtF8A+ JdY0yXyLyx0y8nhkABKSxQuyNhgQcEA4IxQB8Cy/sO/GHwH8U/G/jj9mz43y/DvR/iLfPqOq6bPo ltqwjupWd3kt3ncBfmkbaAqlQQCzBVwz4dfsTH9mib4x/Eqx8f33iyHxt4Zuo76DVLZWvH1COFpJ LtrxZcMJHaU+WYcjeBvO35vRf2LvjzfeI/2J/CHxx+PniqBbiZdTfUtX1BobSILDqlzbRFyojjXC IiDAGTjqx5+nLz4o/CW7+Gr/ABJ1TxJpTeBb2BmbUrmeIadLA5MZzJIQjK5yoHO7oM5oA/F79iD9 lz4++OP2SPDuq/Cz4833gPwx47Gpf2tpH9lQXpieK+uLN3sblpEltzLFCu4IVO/LbjkAerf8FB/g v4J/Z/8A+CdNt8KfAEDQ6Vo+q6YPMkO6a4mklZpZ5W7ySOSxwAB91QFAA/RP4FfF39mXxhp3/CD/ ALPPiDw9NZ6KsjrpOiGC3W3jeQs7paRhNqNIxJZU2lmznJ56Yar8Dvj5a674KnbQ/H1t4dvRbarp 1xHBqEdpewswCTwSh1SRWVsblyCDjoaAPh24/YA+KPjCDQ/ht8YfjvqXjP4P+HLiCWDw8+mw2l1d Q2pzBb3uoRP5kyIAAWYEnGVEbBSv6cWlpa2FrDY2USwW9uixxxoAqIiDCqoHAAAwBXKWPxF8Can4 31H4a6fr9nc+KtIt0urzTI5la7t4JdpSSSIHcqsHUgkc7h612dAHxkf2OdD1L4v/ABv+JHibX31D SfjZo1tot1pcdr5EllDBZpaO6XXmvvZgu5f3S7CR97GT4D4Q/YG+O2g+B0+Beo/tF6i/wijEkB0m y0a1tdRksZnZntf7RZ5JY0bcQcBgVJXYFO0fVPxp1fxbYfGj4N2GhfEvTPB2mX15qI1DQrzy/tXi JEWDy4rTcjNugJYttZf9YM54x7b4K+I/gL4j2+o3XgPX7PXotIu5LC8azmWUW93EAXhk2k7XUMMg 80AfLPwO+H/gL9gP9n5fBPxT+IllceG4NTumttR1C3XTkVb0GUWrKZphJJlZGBBXcDgIMc/J3/BK X4KeG9Jm+J/7Qfh20mg8PeKNYvNK8J/aVKyLoNtcvLuXIHyyuUUj+9Cfx/R+O/8A2fv2nvBF0iy6 D8SfClnebJw3kahZxXluofDbtyLIiyA+oVvQ18UfHT9u34VfCnUfgt4R+B3irwv/AMIt4g1yztdW ltXiaDTdAhnWKR4VjZYoYztkj3lSECMFAIyAD1L4wfsaeI9c+Ms/7RH7PXxIufhV481K1W01V1sI dSsNTijCqhmtpWVQ4CqCx3j5VIUOCx1v2cP2O5fhB8QfEfxw+KHja6+JfxP8UQC0uNXubZLOKC1G 391b26M6pny0BOcbVAVUBYNzP7SPxx1r4NeKvhP+0l4f8Sf2t8H/ABHNBoev20brLZLa6oPOstYg YA48sg+YwJDoVUDJzX6AqysoZTkHkEdCKAPmP9kX9nH/AIZW+DNp8I/+Eh/4Sf7LeXV39t+yfYt3 2l923yvOnxt6Z38+gr1L4x/Czw78bPhf4k+FPitpY9L8S2j2sskJAliJIZJEyCN0bqrDIIJHIIrn fib+0j8Bvg1qVvovxR8d6T4c1G6QSR2t1cqLgxsdokMS5dUJBAYgKcHng16P4Q8aeEPiB4ftvFfg bWrPX9GvATDeWM6XED7ThgHjJGVPBHUHg80Afm1pP7A3x3vvh7B8CviD+0ZqOpfCyytlsYtK07Rb WxvJbOJQIbeW+Lyy+UmADGdwZPkyBjHR3H/BOyxv/wBmfwJ8DL7x9PF4m+GOoT6l4e8U2Vh9mmtJ prh7kBrY3Em5QzjpMpJRCCMHP0+n7XH7MUnjAeAo/ih4fbXTN9nFsL+Lmfds8rzN3l+Zu+XZu3Z4 xmvcPEPiPw/4R0S88S+KtSttH0nT4zLc3d3KkEEMY6tJI5CqPcmgD8/PDH7EvxU8T/Evwb8Rv2of jPcfE1Ph7ci90XTINJt9KtkvEKNHPO0LHzWBRWwVDZA+fbuVvmr/AIKRr8LP2n/Hvwn/AGf/AIca 1Dq3xNj8Sz6ddrYt5r6VpkkZTUjd7QdhQxo+0nO1H4x1/UH4b/tLfAH4v6zN4d+Gfj7SPEWqwKzt aWt0jTlE+86RkhnQZ5ZQVHrXJ6n4h/ZF+DvxC8T+KtWuvCXhHxt9mS81m9l+yWmotb3LqqvNKQsh Ez7eMne2OCcUASftA/s26T8af2atT/Zs0HUx4S0y7tdMs7W5W2+1rawaXc288aCHzIdwK24j++MZ zzjBxv2h/wBl7/hfX7Nafs8f8JL/AGFsi0yL+0/sf2r/AJBzRtn7P50X+s2f89Plz3xXb2X7Un7O eo+BLn4m2fxH0J/DFnMtvPfG+iWOK4ddyQuGIZZWUErGRvI5AIrtPh18Xvhh8W/Dsviz4aeJ7DxH pEDtHNcWc6yLC6jcVlGcxsFIOHAOOelAHjf7Uv7Mo/aV+Ddh8JP+Ek/4Rz7FfWF79t+x/bN32IMN nledDjfnrvOPQ1c1j9m/+1v2t9C/am/4SHyv7F8Mv4c/sj7Ju83fPPN9o+1ecNuPP27PKP3c7ucC 9ov7YP7LniLxSngvRPil4fvNYmlEEUKX8WJZWO1UikJ8uRieAEYknp2r6QoA+YYv2cPK/a3m/am/ 4SHPm+GB4c/sj7J0xOs32j7V53tt2eV77u1M0P8AZri0j9qvxZ+0zPrwu4/FPh6HQG0ZrMBYlieF jKbgytvDCHGzyh977xxz6l8S/jV8JPg3ZwX3xT8X6Z4Xiu93kC/uUhkm2fe8qMne+O+1Tiovhd8c fhD8a7K5v/hR4u07xPFZFRcCynV5IS33fMj4dA2DgsoBwcdKAPha2/YL+MPwtufEGifst/Hm9+HH gjxLcyXUuiT6TBqYsZJvvmzuJJEeIYwqhQjbQNzswDV6BY/8E+fhrpH7JPiT9lfSdZu4h4qkW9v9 dlRZbufUo5op0uHjyAUVoEXygw+QEb97Fz9kfErVb/Qvhz4q1vSpTb3un6VfXEEgAYpLFA7o2GBB wwBwQR61+afwz+L/AMYfiL+xD8FfiTq/xf0/wR4p17xIYtS1fV47eNdUt473UIf7OjURGMSypHHt 2qpxGeeuQD02D9iT4ja5oXwfsPid8XW8T6j8IvFVt4gtrttGSFrmztPI8qwIW5G3b5J/fnex38od uT7t+1R+zf8A8NM+FfCXhn/hIf8AhG/+EW8TWHiLzfsn2zz/ALDHPH9n2+dDs3+dnflsY+6c8eB+ K/24/Dnh79tvTfgLeeKdD0/wTa6JM+o3UkiiYa+1w0KWMkrNtRkVVIjChiX5JGBR8JP24/DnxE/a ++IHwaufFOhr4V0uHTbXwy0Ei+bql9NGHugspY+bIjkx7EAA28gtk0Ad78dv2QdY8efFjT/2g/gl 4/ufhb8SrOz/ALOub6Kyi1C01GzHKx3VrKyK5HygMxYYVfkJRCt79nH9kq/+EXjzxF8avin45uvi Z8TfE9sljPq9xbpZw29khVvs9tbRsyopZELEED5RtVPm3ct/wT7+MHxC+L/wz+IPiH4n622sXei+ NtY0y2mljihENjbQ2zxxfukRcIXY5IJ55Ne5aH+1r+zL4l8Xp4D0D4naBfa7NIIYraK/iYyyk4Ec T52SOSMBUYkntQA39qT9nPw1+1L8H9R+E/iW+l0pbiWG6tb2BRI9rdQEmOTy2IDrgsrLkZVjgqcE fHPjL9gX49fGnwJL8PPj9+0bqHiPRbWHGn21lolrYx/aoxi3uL5kk8y7WPqYmZSWAbzA3NfqdXA/ ET4p/Df4SaIPEfxN8S2HhjTXfy0mv7hIFkk67IwxBdsc7VBOOcUAfIfxW/Yel+Jnwf8AhP4Ng8e3 Gg+Ovg3DaJoniazswv7y2ihiZntDMcCQQRsQJuGUHJXKnz+0/YB+JfiX4q+APjd8aPjje+NvFfgb VLa9jV9IhtbE2luwkNtBBBMiwvI4y8+GLAAGPjJ+6vhj8bPhJ8Z7C41L4VeLdN8UQ2ZUT/YbhJXh L/d82MfOm7BxuUZwcdK5nxz+09+zz8NPFcfgbx/8Q9F0HXn2E2d3eRxyRCQbkM2TiIMCCPMK5BBH BFAHh2pfsh+MbD9rW7/ad+G3xMm8M2viU6cviPQ306O7j1GHT0ji8pJ2lQxCSOJRkIzIxZgSDtHp P7K/7N//AAzN4V8W+GR4h/4ST/hKfE1/4i837J9j8j7dHBH9n2+dNv2eTnflc5+6Mc+SfsJfGPx9 8X4vjNc+O9dOuQ+HPHWqaXpblIUWHT4NpijUwooZQDkM2SfU1N8ev20fgvD8JfiXY/CL4p6LN490 PQ9RuLCO1u4JpRdW8DuDCH3RzMhUkqu/pkjFAG98Of2LfCvhbwr8aPA/jbV/+Er0P4za7qGsXUH2 X7I1ml+SwiR/Nm3vE2GSXCEMAwUEV88z/wDBPr4+t4E/4UPD+0lqQ+ERX7P/AGU+i27agLDdxZ/b vNEhj2fL2THy+Vs+WvuD9lrxd4i8ffs4/Dbxr4uvW1HW9b0Gwu7y5ZURpp5oVZ3KoFUZJzgAD2r3 ugD4m8b/ALFHhTW9J+BfhnwRrB8MaH8D9csdYtrZrX7Y98tnIkrRPJ5sXlvKylnl2v8AMxOztXd/ tOfs4f8ADR1j4Dsv+Eh/4R7/AIQnxPY+I932T7X9p+xBx9nx50Pl79/3/mxj7pr6eooA+GPj9+yH 4x+Jnx38MftEfCj4mTfDrxXoWmf2NO39nR6jDc2PnSTbdjyxBSTK6tncCNpG0rk9V4C/ZI0Hwv4+ +O/irxRqyeJdH+OjWgvNKktPIW0gt4rmKSIy+c5m8xbg/MEjK7eMk8fXtFAH5Tj/AIJ6fGvTPB0/ wM8L/tGarp/wcuWljOjPpNvLqCWUzEyWa6h5iv5bhiDhVTk/uiCQe6+IP/BP/wCy+J/h98QP2Z/H c3ws8T/DzRl0C2meyj1SC5sE8wgTRSsimRjNIXdg4YkHaCoYfo9RQB+aGm/sB+O7n42+BP2i/iB8 a77xb468KXvm3clzpMMVjcWIG0WdrbQTItnhWlzIDIGZ9xjyDu9I8L/sh+Mfh/8AtUeIvj/4A+Jk 2l+GvG11FeeIPDMmnRzpeyxQyRoBdGVWjCvI0ikR5BO0lhX3PRQB+eXgr/gnn4F0v9kq6/ZQ8fa/ L4lsZb+bUoNWt7VbC4tbp33xSQxtJcANHypJYh1ZlIAJrkLv9gv4zfEbT9I8A/tEftBaj49+HOiz 28v9jQ6VDp02oLbkFEvb2OV5pAMDJYux+8GV8MP08ooA+VPFP7L1hrv7R3wq+PWl60mk2fwt02/0 yDRY7PclxFeW0tsm2cSr5IiWQEL5T5C4yM5F34s/s4f8LR+O/wAJPjZ/wkP9mf8ACrZNRk+wfZPO +3f2hGkePO85PJ2bM/cfdntX09RQBHNDFcQvbzqHjlUqynkFWGCD9RX5ceB/2BPjj8IbTWPh58Fv 2hr7wl8M9Xu5rr+zRottdajbLPhZI4L6STfGxUACVAmD82zdkn9S6KAPzX8Af8E7rX4cfBL4xfAf RPH89xoXxQmEtnNdaeJLrS+Nrea63Ci7ZlVBkLBypOPm4+n734B/a/2VB+zJ/buzHhCPwr/a32XP +rsRZfafs3m98b/L83/Z396+iaKAPgDxj+wfpXiX4IfDD4f6Z4xudC8dfCGGBdA8WWdtsmiljCiT fbeaQYpdilk83IKj5iNwbgoP2B/iz4s+L3w/+OXxu+Olz4z8R+A9St7uC3GiQWdibWBxIYIooJkW OSR1BebacjAKHaDX6eUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAf/W/fyi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAK/Gv9h34GfCfx1+0F+1J8QPHHh+w8SavZ+P tZ023j1G3juo7a3e8uJHZI5VZQ0pO0tjOEwCAWz+ylfl1Z/sBfGDwB8S/iD8W/gb8ernwdrnxD1v UNSvbdtDgvLH7Ne3D3EcDQzzOHmt2kfbcYBIOAiZYsAfNnhPR7H4Xa3+338D/Ai+R4E0vwteapaW kZ/0eyu73R53mjiX+EHcUwOixKO1eYfEjwjpXxA/ZT/YZ8B66pfTfEniOw026VSVJgvJ1hkAI5BK seRX6jfDX9iXQPhz8Dvib8Mx4outc8XfFyz1KHX/ABTfQiS5uLnULeWAS+QJB+7iMzOsZlJLM2ZP m4wp/wBhkT+BP2fPBX/CbY/4URrNlq/n/wBm/wDIV+xzLL5Wz7T/AKPu243bpcdcHpQB85/t8fBr 4W/CbU/2efHPwu8Lab4S1jT/AB/o+mpPpVrFZs1rITJskMIXzAGhGN+SMtj7zZ6Xwh4P8NfG3/gp l8X/APhbmmRa9B8N9D0i38P6bqSLc20Ed5BDLLcJDIGQsXdiDjjzP7wBH2P+05+zh/w0dY+A7L/h If8AhHv+EJ8T2PiPd9k+1/afsQcfZ8edD5e/f9/5sY+6a8++PH7ImveOfitp37QPwM8ezfC74k2l odPu76OzTULXUrLjbFc20rKjFMDDEMMBcrlEZQD5e+HXwo8A/CT/AIKw6tpnw60630jT9b8BSapN ZWqLHb29zNdRxSCONQFjDiJZNoGMscYBwPgM8/8ABHAj/qdP/a9frr8Cf2H/ABN8Kv2h7r9pPxx8 Vbvx/wCJ9Y0ebTtT+1adHaia4llRllhMUxWGGOKKONYBGQMFg4BCLxP/AA7gH/DHH/DJX/Cw/wDm Nf2x/bP9k/8ATTf5X2X7X+G7zvfFAHlX/BQ/9mH4IfCj9h+5vfAnhDTdG1fwTNpH2LUrW2jhvy73 MVtK0lygEshkEhZ97HLYbqARpePNO0v46f8ABQn4R/Df4twjV/DGg+Al8RWumXmJLO91Sd5FeaSF vlkwqg7SDkxc5XIP3v8AtV/AL/hpv4H678Gf7d/4Rv8AtqSzk+3fZftnlfZLmO4x5Pmw7t3l7fvj Gc84wfh79tKy+B2n/FP4P+EvG/i7WPhP4+0vT5H8PfEC1ihTTIlgUxzWl40kyHDYB2n5V83az7ZH BAOW/aC+Dnwu+Gv/AAUR/Zp8TfD7RrPQb7xPPqa6ja2ESW8L/YoVEM5ijCqHcTOrMB82wZ5GT+yd fz7+BvCNv4z/AOCh3wlu/D3xdvPj3rnh63vtQ8SeIIkhXStPtYoJEtLe3W1MkUQMpbeFkKl5U6MW r+gigD8t/wDglz52r+HPjj431Rt2sa38R9YF2W+/mOOGUBj/AL0747VU/YO/5Ox/bG/7GfTv/Rup V0/7OukS/s6fti/Fn4H6tiDQvitI3jbwvJ92OSUsy6nar282MsrBByIkDHgjGNqX7APxp0v4t/ET 4pfCH9oa78Aj4jam2o3tnbaBHc4w8jRI0r3q7/L81wGCLnPSgDO/4K/azYL+zBp3gpALnXfFPiHT 7fTbVfmnlki3u7RoOTjhCfV1HUivIv2ttC+MF9/wUE+AuhfCHX7LRvHg8JXqW2palD59qrxxXxuG kj2PnzIhIB8pwzA8YzX1B8MP+Cftvo/xT0f4z/Hz4m618Y/FHhsh9J/tRRBZWUoIZZUt/Mm+dGAZ AHChsMVLBSPavGn7Mv8Awl/7V/w+/af/AOEk+yf8IJpd7pv9k/Y/M+1fa4rmPzPtPnL5e37Rnb5T Z24yM8AHyR4z/Y//AG3fj/pK+Af2h/jppieB7maJ9QsfD+lpFNdpEwdUMjRQkfMAQGLICAxRiAK5 b4i/DLwZ41/4KG/CT9nbxdp6XHw4+HXgRb7RtEuSZbOeeFpbdDJG+RIFSJMhs7vJ+bKlgf2Jr4// AGl/2S7T47+IPC3xM8H+LLv4d/ErwSXGla/ZQpcFYZD88FxAzIJojlsKXAG9wQysykA+QP2t/APg n4E/tVfsz/FD4Q6Ta+Ftf8S+J4/D+pQaZDHax3+n3UkEMnmRRqqMUSZl3EZ+Zcn5VK+R6b4c/aU8 R/8ABRD9oiH9m3xZpHhPUIYtIa/k1e1+1JNCbWAIsY8qXaQ2STgcV9x/Df8AYx8VH4vaP8d/2lvi ZcfFjxX4ZhaPRYTp8OladprueZo7aBijy46MQvOCQzKhX0/4Z/szf8K6/aT+KH7Qv/CSf2h/wsmG xi/sz7H5X2L7HGkeftHnP5u/ZnHlpjPegD5is/2Jv2hPi98RPCfjL9sH4s2vi7RfBd4mo2Og6PYL Z2kl3GwZGmcJFuXjByjMVyoZQTn9RqKKAPwb/wCClHwj/ad8PfBLxX4y8dfGseJ/BE+tW7weHRot ta+THPdZtk+1RnzG8gEDJHzY5r9L/gD8I/2m/h/4pv8AVfjb8ah8StHuLJobewGi22m+TcmRGE/m wks2EVk2nj5s9hX0Z4x8D+DPiJocnhjx7oVj4j0iZ0kez1C3jurdnjO5GMcqspKnkHHBrqaAPkD9 vv8A5M2+LH/YFk/9DSvmHwd+yh+z3J/wTitba68M6bJPqXggeIJ9YaCM3q6jLp/203IuSvmDy5Dh RnAjGwgrkH6e/b7/AOTNvix/2BZP/Q0r4f8Agz+xP8bPiF+zR4B8G/8AC/8AUrD4S+LdB0rU73w+ ul273iR39tFc3FnDqO8SC3Z3YKpG1VO0o4zuAPm74jR6n8ev2Wv2I9D+JLzXL+KPFUei3kk0jGWa 0+2fYUcvncS9uqndnPOc55r6t/4KF/CL4YfCH4N/DHSvhf4X0/wvZ3/xQ8PTXEWnwJAksiWl5GHY KBk7VAz35J5JJ+vfif8Ase+GvGg+CGneD9UXwlonwT1ux1azsUtDdC6hsWjZbfzDNGYy3l8ykSEk lipPXqP2qP2b/wDhpnwr4S8M/wDCQ/8ACN/8It4msPEXm/ZPtnn/AGGOeP7Pt86HZv8AOzvy2Mfd OeAD5L+ITQfs0f8ABRvwt8TJXWx8H/HnSZdE1SRjthi1jT1QwSt0ALqsKKT13ynnmvNP2cpfC3xF 8F/tL/tvfFzUrzQvDvxDa/0myvrb5L218NafGbcG2JR8SSfJEMKT5sIIAJr71/bA/Zd0b9rX4Sj4 bahq58O31pf2+o2GprbfamtZ4cq37rzISweJ3THmLgkNztwdGP8AZc8BN+y1F+yndSSnw6uiJpEl zCoimaVQHa7CncokacecQcjccHIoA/IB5NK1z9kvXPC3wS/ZLll+H8Og39ynjPxVdadZagYI4ZJT qh/ciSaZQPMQxSbeFVPkwKxPF+kaPr/7A37Ieua3YW9/qMnjXTdLe5nhSSZrBbnUFFqXYFjDhVHl k7eBxxX3NpP7A3x3vvh7B8CviD+0ZqOpfCyytlsYtK07RbWxvJbOJQIbeW+Lyy+UmADGdwZPkyBj HR6t/wAE97nVv2R/B37M0vxFki1XwBrH9taP4gg00RFJ1muJUWS1Ny+4KLl1BEynIRscFWAPlv8A bLtdbv8A9ub4TfCHwp8Lbb4jeGvCXhmTWNO8GC8tdG064uZprpJZiZUMLLEIYz5RU7thGNpYGw3g b9oa9/au+D3xa0D9nOx+CL6dqIsdbmsfEejzJqelXTxxTh7WH7PvaCJnbKI7tlRjKpj7F+I37E/i b4n+GPh94g134pXll8avh4JhaeN7HT4oXuFmlZ/LuLFZArxhG2BRIAcuSCsjocnwT+xf4uX4vaP+ 0L+1X8WpPibq3giKSTSITp8GkabpzAbmuHjiYoWXG/O1MMqsxbauAD9Fa4H4rf8AJLvGP/YG1D/0 neuK/wCGoP2aP+iteEf/AAfaf/8AHqgu/jF8CPinp9/8OfC3xO8N6hqviO0ubGCGy1azu7hmmiZS Y4I5t8hUZbaOwPI60Afzk/AHV9d17w9+zr4Q/aksLmx/ZvOpapa6U0Uix2Ooaub2ebzdSIJYxLPM Yfm2AIjleBKT+gv/AAUOk8Ra3+03+z/8FtD8Cr4+8O21vearD4TF7BpNnqdzao6pE00oMSrBFFkI ykMjNGo+evrzRv2FPCK/sXWv7HfjHW/7dt7CO8e21pbMW8kF5PeT3kFzHAZZNphabYV8394gZSQH IGT4x/YX1D4h/B74feEfF/xKvH+I/wALn3aD41srL7LeRKhXy1nga4lMoCIgY+crMyBiQS4YA+Kf H/gX9ovXfjJ8Jfid4R/Zi0/4Laz4T1y38/ULDxLopF/pzkLcWj28QthJmLcARubYWUDnj3bUdQ0/ 9k3/AIKNalrmqzDTfAfx60Ce8nlb5YIdZ0WMyysfUmNWY+r3Nei+Hv2G/iP4v+K3hX4o/tVfGCf4 p/8ACCzi60XS4tKg0myjuVKss8yQMVkO5EYrtBJUBmZMqfCv+CpGtfDH406P4O/Z58FatBq/xffx TaWlnYWj77iyS7hZbhrraD5cJjeNmyQThW+6rYAPY/8Agm9oep+NtI+I/wC1v4qt2i1j4y69cXFm snLQ6PYO8NrECeQFbenuqIeeK/TKvF9KvPhF+zV8N/CngbX/ABLpfhXRNGsoNLsZNVvILFZ/ssSq cNM6BnIG58EnJJPWqn/DUH7NH/RWvCP/AIPtP/8Aj1AHxr+2f/yeZ+x5/wBhjxD/AOi7Cvmr4gfE X/hjL4y/tb+Gkl+xWnjzw1H4w8PEnaBqN9IbCQxjuxvLpmIH8MXbBr1j9oj4p/DX4v8A7b37KWk/ CvxTpni+40LUdeuL7+ybyK+W3SSG2dfMaBnVSVgkOCc4XPSvo39rX9hfwv8AtXeO/h5431fXf7Ef wVOftkIshdf2pZNNFN9mLmaLycbJAH2vjzCdpxggH5JfDvxZr/7DHws/aA+BOvXUi61r/hDQNZ0V D8sn27W7eKxvvKHGTBNcgL3xBk5r6C+NP7PfhL4R6b+w/wDDjVNBsZr+HxJp1jrDS20UjXLzSw3F 1DKWUmSI3E0pCNlfmPHJr7q/aL/YW8LftD/H34cfHLV9d/s4+B2t1u9P+xiddUgtLr7VDE03nJ5S hmcN8j5Vu2K7X9rb9ly6/aW0fwjN4e8XzeB/FPgXV49Y0nU4rZbxY548H5oWePPzKjKd3BXkMDig DjP+Ch/hfQz+wx8R9BtbaCwsNM06ze1hijWOKEWd3bvEkaKAEA2BVAAAHHSvoP8AZt1bUde/Z2+F uuawzNf6h4W0S4uGf7zSy2MLuT7liTXxP+2npvj7xH8Ffhz+xiniIeKPiJ8UryysdQ1QW62pbTtK ZLq/1KSCNmEaho48qDhssF/u1+lPh3QdN8LeH9M8MaLF5Gn6Raw2dtH/AHIbdBHGv4KoFAH43/Fr 4S/Gb4WftT/Ev45eEfhToH7Q/hnxjHZi8sbmW3l1bSBDEIzbpFKJCofaRhIZd6KgO0qc+Ry/Fr4U +G/2Ev2jD+zloGu/DnxJDqdpF4i8P6k5DaPLrF5HZyi2XC+XE0IkgA2rIhQBgNqk/eHjz9if4j6d 8Z/Evxv/AGYvi5N8LtT8b+W2uWMmlwarZ3U6Ajz1SZgqtlmbBRjvZirKCRXX/Cb9hfwP4M+H3xI8 KfEzXLr4i618XXaTxPq93ElrJcsN5i8iJC4g8lpGdPmYq/IIAVVAPzgtPhd8S9a/ZYtvhbpn7Fml mwvNDR4PE58VaMt6biSAOmqmVollDFiJSplC7f3ZITisD9oS4+Odz8IP2Pfgh8S/DUnivU9Svb/+ 1NA/ta1iTWpNGnigsLaTUY3lh+e2k5be2TJz+8HH2RP/AME+vj63gT/hQ8P7SWpD4RFfs/8AZT6L btqAsN3Fn9u80SGPZ8vZMfL5Wz5a+h/in+wz8KfiB8D/AAj8GPD1zd+EX+HbRT+GtXsmDXun3cXP nFjtMnmv+8lAZCzgMGVgCAD83/jx4D/aP8Uz+BfFngD9lDTPg54o8E6xa3dhrOn+J9DQyRRA5sni QWqyK+AQGY4CsANrMD7ZrHwj8A/F3/grTrll8RNGtte0/wAPeBrfVobS8jWa2e5SW3tkMkTgo4Vb hmAYEbgDjIFeqj9g/wCKfxM8ZeF9Y/at+Nlx8T/Dngy6W8sNFh0i30qCeeLGyS6aF28zgYYFSxBI 3gM2fpXRv2b/AOyP2t9d/am/4SHzf7b8Mp4d/sj7Jt8rZPBN9o+1ecd2fIxs8ofezu4wQD86/hT+ zZ8Fp/8Agp/8WvDlx4T06Xw3oGg2Gq2WjvbRnTYL67htFaVbXb5WV8yUqCpCmQlQCBir4F+EWlT/ AB9/bb+APgC8tvA+i65oulpb7MW9jZz3tmXJKrhY4i87qwUcIxCjoK/R7wl+zf8A8It+1R45/aZ/ 4SH7V/wmmkWelf2V9k2fZvsiwr5v2nzm8zd5P3fKXGepxz5/f/sS+F/EnxK+OXjLxnrj6po3xt06 w0+40yO18iTTxYQJEssdyZXEj70WRMxKFYDO4DkA/KPxBpUnwk+B+k/Cj9r/APZehl8E6Kloi+Ov Bj2z3AjWRNt09xGsnzXPAkaSaLzC2NgJUD+gz4f61oHiPwJ4c8QeFL19S0TUtOtLmxupSzST200K vFI5bDFmQgtuGcnnmvzNX/gnt8fNR8CRfAfxN+0hf3vwigEMH9kxaJbR3z2MLqyWv20ytIqKFABO 5OMeXt+Wv0+8IeFdE8C+E9G8FeGoPs2k6BZW9haRZzst7WNYo1z3IVRz3oA/KP8AaB8TfBq1/bSv Lnw58L9e+Pvxb0zQ7e1m0Y/ZW0LRLV9ksT5ngcxTMJAxdtyL5xwQzYHl/wCy4virS/8AgpnrR8Q/ Dey+EF3rvgqW4uPD2m3tveQBfOg2SyNaKkIkfYGZQoOfmIyxr7F+Jn7GHxHm/aB1n9oz9nb4sSfD XxD4rtIbPWoJtKg1a1uVhSONZESZ1VTtiQ4Kk7gSGXcwMPwg/YS1z4X/ALRdl+0nrHxW1Dxj4iut OubPXhqVhGDqMs4IV7doplW0ijCxBYdkoATAYBhtAPsr4wf8kk8bf9gPUv8A0mkr8D9T/wCUYf7L H/ZSbf8A9LtZr+hLxhoH/CWeEtb8Lef9l/tmxubLztu/y/tETR79uV3bd2cZGemRXwRc/wDBP8XP 7MPwr/Zw/wCE82/8Kz8SR+If7U/svP23y57ybyPs/wBq/dZ+17d/mv8Aczt+bAAPMfFHgHwLf/8A BWTRbK+8OabcW918Pn1KaOSzhdJL77dcf6S6lCGm4H7w/NwOaP2cvAPgWD/gpB+0bFD4c02NNDtv D0+nqtnCBZzS2cTSSW4CfundiSzJgkkk819A/H79kPxj8TPjv4Y/aI+FHxMm+HXivQtM/sadv7Oj 1GG5sfOkm27HliCkmV1bO4EbSNpXJNS/ZD8Y2H7Wt3+078NviZN4ZtfEp05fEehvp0d3HqMOnpHF 5STtKhiEkcSjIRmRizAkHaAD8iZPGXiTwf8A8E2vjinhuaS2bXfirqGl3csR2lbS4jtGlUnssgQR t6hiDwTXs3xJ+EPxW8Tfs7y/CTSv2KtL8Lw2VjGLHxCni3RDd2k8QBW8efy43lLEZl3SgSAkE9CP 0K+HX7CXgvw38BviJ+z/AOP9afxXovxC16+1ySeK1FjNZvdrB5YizJcAyQPArrIeCeCmMg+J6j/w T7+PninwbZfBLxz+0jqOrfCaz8mM6WmjW8N/NaQMGitpL7zXdlTau0vvXgfu8AAAH3l+zq/j5/gT 4EX4pKR4th0i0i1MtPFcs9zFGEeQywM8bmTbvLKxBJr899b8JeHvjv8A8FTdW8I/Fyyi1vQPhz4N hv8ARNLvAJrN7ieS28ydoHBRyGnYHIOSkZP3AB+pfg7wl4f8A+E9H8EeFLRbHRtBtIbGzgUkiOC3 QIi5OSTgDJJJJ5JJr5S/aI/ZDm+LXxB8P/G/4XeNrr4ZfE/w3AbSHWLW2jvIbm0JY+RdW0jIsoBZ gCWIwSGVwF2gHyf8ePB3hb9nv9vr4A+MPgxpEGiX3xBj1fS9c0zTI0toL23gSLy3eFAqbmaTcWwM tEp6rmj/AIJu/Bn4WfGf9nzxD8V/i54csPGni34ga3qh1m71W3S7uAFfYIEeUFogB8/ykHLA54XH 038Hf2OdZ8OfF9P2hvj78Qrn4q/EOztDZ6ZcSWUWm2OlxOHWQW1rCzJuZXZd3yj5mYrubcPPrz9h f4oeB/GHiq8/Zi+Nd38LPCHji5e81LRF0qHUUt7mVcSy2MksimBn6AoFZOMMQiBQD85/BM+o/BX9 gf8Aa00X4cXU6x6N46n0OC7ikIkWwe4tLJ3LjBO+AlCR/ez0r7c+On7Jf7O+l/8ABPLVItI8L6Zb XXhzwomsWesR28S30l7BbLcec1yF8xzcsCrgnaQ2AAAuPcfgD+wZ4I+DXwd+InwM8Ta3L438MfED Ubi7lW5g+zXENvNFHGkbSJI/mTR+WH89RH8/zBFxXh2o/wDBOz43a98NZvgFr37R2pXPwstYWi0/ S/7Gt/tSLGCbSK5uxKJJoLeQI3lZCuqhV8rClQD7F/Yq/wCTSPhD/wBixpn/AKIWvp6vMPgr8N/+ FPfCTwh8LP7R/tf/AIRTTLXTvtnk+R5/2aMJ5nlb5Nm7Gdu9sepr0+gAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD /9f9/KKKKACiiigAooooAKKKKACiiigAooooAKK/OL9vj9qb4hfCOTwb8DPgJbpc/FP4nXH2axkd VkFjbs4hE218rveRsIzgooSRmHyjPlFr/wAE1Pi5rOk/2/42/aZ8ZP48mQyG7s7qYWUE7DJWONpl laNTwNrxZA4VegAP10or81f2Ffin+0svi/x1+zj+0vp97q2q+A3BsPFBtZRa39vuVfLe68tY5JCj xyxEnzXRm3jKE191/Dv4qfDr4t6Vea58NPENp4jsLC6eynns5BIkdzGqu0TEfxBXUkehFAHf0VwG kfFT4da/481j4YaN4htLzxX4fiSfUNNjkDXNtFIEKtInYESJj/eFeN6v+2x+yfoVhbanqfxR0WO2 vLmWziZZzITNBt8wFYwzKE3rliAoz1oA+o6K+dPEf7XP7M/hKPVZPEPxI0a0/sUWpuh9pDun22Pz bfaqbmcyx/OoQMSuT0FdxYfG/wCEOp/DRfjHZ+MNMPghkaT+13uUjtAEcxsDI5ADBwUKnDbvlxni gD1OivnX4cftbfs1/FzxF/wiXw6+Iek6zrTFhHZpMY5pdgy3lJKEMuBz8m7jJ6A16P4t+LXwz8Ba /pHhfxp4lsdE1XX1next7uZYnnS1XfMy7sDbGvLEkADmgD0Oivmvwh+2L+y94+8Xx+A/B/xL0bU9 duJBFDbR3AHnyHokLsAkrHsI2YmvkX9u39sWf4NfFn4PfDTwh4zs9FjvfEdlL4wQBGuLbSBPauPN ZgfKiljaQuVwzKuMgZBAP1OrjfG/w78A/EzSP7A+IvhvTvE+mhhILbUrWK7iVx0dVlVgGHYjBHrV 7wf4w8L+P/DVh4x8F6nDrGiaohktbu3bfFMgYqSrdxkEfhXwX/wUn/aK+I3wE+E3h7T/AIVXMWk+ IPHWrppCarOB5dhC0bM8gZgUSQnaAzA7V3sBuAIAPtzwH8Lfhr8LrGTTPht4V0vwtazbfNj0yzht BIUztMnlKu8jJ5bJ5Nd5X5Hf8O2vjGNI/wCEgg/ai8aHx4Yci+N3cfY2lxnZs+0ed5WeP9YeOdv8 NezfsL/E39oLx18KvGPgn9pPT77SvFPgi7m05dbu7SS1S/tirqs6SFI0maFo2DSR43L5bN8xLMAf ceueCfCHiXWdE8Q6/o9rqGqeG5pJ9MupoleazllTZI0LkZQuvytg8jrXUV+UPhn4vaZ+zJ+wr4n8 XWnx0tviprgn1OPQ9fvnlnE+pmAPDYotxNOztHsLBS+OTxjOfXv2QP2t/h/4w/Zf0vxx8S/iFY3m veG7CKfxVdXEqI1lLeXEiQm4Cqqx7yAqADHQAUAfoBRWJofiTQfEvh2x8XaDfRX2janax3ttdxNm KW2mQSJKrd1ZCGB9K5v4f/FT4c/FXw1J4x+HXiGz8QaJDLJA95ayh4VkiAZ1LcAFQwJ9AaAO/or5 J1n9vD9j7QdYOg6j8V9E+1hzGfJma4iVgcENNCrxDB7lsV2nxu+Pfgr4bfATXPjFY+JdNW0fTLiX Rb1pVms7u+a3ke0jjZCVk8x1AAU88jNAH0FRX5O/szftG2v7RH7EOv6Z43+LkGjfEn+yddudZ1VX EV1osMl5cLBdtHAYfLSKIxlNjLhduCK+3/2bzp3hv9njwpJe/EFPiBZWFjI8niieVtl7GkkjNO8k 0khCoPlJaQ4C9cUAfQdFfK+lftv/ALJGt+JU8JaZ8VdCm1KSRYkU3OyGSRjtVUnYCFiTwNrnP417 d8Qfib8P/hToUfif4j69aeHtKmnjtUubyQRxtPKCUjB7swUkD2oA7qivmXXP2zP2V/DXjCTwFrvx Q0Oz1uGVoJYXugUhmRtrRyzAGKN1bgq7gg5yODX0tFLFPEk8DrJHIoZWUgqykZBBHBBHQ0AZmveH 9B8VaPd+HfFGm22saVfoY7i0vIUuLeZDyVkikDI6+xBFWNK0rS9C0uz0TQ7OHT9O0+GO3tra3jWG CCCFQkcccaAKiIoCqqgAAAAYq/RQAUUUUAFFFFABRRRQAVXu7S1v7WaxvoUuba5Ro5YpFDpIjjDK ynIKkHBB4IqxRQB4H/wyn+y7/wBEe8G/+E/p3/xitrw7+zv+z/4Q1q18SeE/hl4Y0TV7Fi9veWOi 2VtcwsQVJjliiV1JBIyCOCRXsVFABRRRQAV59a/Cb4XWPjy6+KVn4S0qHxjeoEm1hbKEahIoQR4N xt8z7gCH5uVAB4Ar0GigDifG3w0+HHxLtbax+I/hTSfFVtZOZIItWsYL5InYYLIs6OFYjgkYOK85 /wCGU/2Xf+iPeDf/AAn9O/8AjFe+UUAeR+CvgB8DPhvr0vij4e/D7QfDWrzRmJrvTtNtrSby2+8i vEilVbA3AYBwM165RRQAUUUUAcu3gnwg/jJPiG+j2reJ47I6aupGJTdLZGTzTAshG4Rl/mKg4J5r qKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAo oooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACii igAooooAKKKKACiiigD/0P38ooooAKKKKACiiigAr5h/bF+NGtfAL9nrxP8AEfwzEkutWywWtkZF 3xxT3cqwrKwIIIjDFwDwxAU8Gvp6vOviz8L/AAp8aPh3rnwy8awtLpGuweVKYyFljZWDxyxkggPH IqupIIyBkEZFdWBqU414SrK8U1deV9TSi4qactj+UnRP2xP2ntC8YJ43t/iVrdzqCy+a8Vzeyz2c nOdj2rsYDHyQECAL/Djiv6svg54+PxU+FHhH4kPbfYpPEul2l/JAMkRSTxK7opPJVWJCnuMGvyB0 T/gjgYvGCP4h+I4ufC8cu5ktrExX0sWf9XuaR442IwN+H9dtftf4d8P6P4T0DTfC/h62Wy0vR7aG ztIEztigt0EcaDPOFVQOa+z4zzPL8RGmsIldbtK2nbZf8A9XNcRRmo+y3Niiiivgjxj8WP2jzHpP /BXX4Dav4jjMml3ehx21qx4UXDNqccag9CyzyRsR/tCv2nr4Y/bi/ZEuv2nvCmhaz4G1ZPDfxH8D XRvtB1FyyJvyrNDI6AugLxo6SBWKOoIBBavmy0+Nf/BWLRdCHgy/+B2i634hiQwR66t/apbSlRtE 8kS3aR7j94jdGM/8s1+6AD9NLD4vfC/U/iLqPwjsfFFhL400mJJrrSBOovI4nRZA/lHDEbHViVzg MM4zX5q/8Ecv+SB/EH/sedQ/9IrKvWv2IP2P/G3wY17xZ8dvj1rUfiH4s+PiftssLeZDZ2zusrQq +1Qzs6rv2gRqERI/lXLfLnwr+GH7d/7Eni/x34D+DPw5074neBPFerS6lpd1JqMFp9mkkG1WmEks Tg+Usayqy7CyDy35OQD0j9ncg/8ABVf9o0g5/wCJHYfpFp9fMn/BMX9kr4I/Gzwp8TvH/wAXPDFv 4olHiCXSLVLpn2W8cMaTyNGEZSHczKN+cgLhSMtn6k/Ys/Zw/ae+G/7VvxK+Mn7QFpbXH/Ca6PE7 alZ3Fu1u99PJbzPaxQrIZlW2CtCGaMKfLyrMCCfVf+CbPwJ+KvwB+FPjTw18WtE/sLUtW8V3mpWs X2m2uvMtJba2jSTdbSyquWjYbWIYY5GCMgHxT8Pv2dvhl8b/APgqN8bLH4kaJDrHh/wrYwXEGnyZ W3a4eGzgi3ouAyJGXwvTdtPbFc5+33D4S8IftDfA39l3SvBWqa18LPDGnNrreE/DsUktxfSTXF2X REB3yAC3Yuc5VHlIIJJr75+BXwJ+Kvg39u344/GXxJon2Pwd4ws7SLSr77TbSfaXiW3DjyY5WmTG xuZEUHHHaof22v2YPit8QfGvgT9pH9nK7tofif8ADdmWG0vHEcOo2ZYv5G9iqA5eRSGZFdJHBdSF oA/NL9qHVvCXxV8B6fH8EP2TvG3w38e+Hbu1udI1ew8MmwEYhkUukxtEDOAo3RkqWWQAggFs+p/t o+Hbr9oD4qfsX6B8TrO4sbjxtZw/25ayI1rcRtcmxe9hZCA0T8umMAqe3Fe0eP73/gpr+07Bpvwv TwRD8B9IN1BJq3iG11lZLrbC2WFu1rP5u0n5giA7ioVplUtn1/8AaD/Zx+Kvib9o/wDZj8WeDLC4 8Q+G/hlI6azql5fQG5SNDbhZpvtEqzTySCNmdkV2LZJ5NAHzf/wVM/Zu+Cfww/Zx0X4g/C3wdpng 7X/DetWEMF3pNslnM0MiyArI0QUyMHVHDvucMuQ3LZs/8FBvCXhDXfi7+yTr+q6Bp1zqHi7xNYwa xM9pCz6hAZtOXybpiuZowrsoR8qFYgDBNfXn/BSH4K/Ez49/s2zeAfhNo39u682rWN0Lb7Rb2uYY d+9vMuZIo+Nw43ZPYV5n+3V+z58c/iB4Y+CXjj4KaPb654q+Eup2+oPpk9xFCZWQW8gIaSSONlSS 2AdRICQ3y5oA/SvQPD2geE9HtfDvhbTLXRtKsV2W9pZQpb28KZJ2xxRhUUZJOABya+b/ANqjwT+z r8Z/C2n/AAI+O2uWWm3fim4VtDhe8ittRN+mYo5rFHOXkUy7MbWU79rAhsV6z8GPEHxK8U/DPQ9e +MHhqPwh4wuklN/pcM6XMduyzOke2SN5FIeMI/3iRuwcEED5Y/bw/ZH179pjwx4Z8SfDbV00H4jf D68a/wBEupWZInLGN3iZ1DGNt8UbxvtIVlwQAxYAHyX/AMMQ/t7fs+2uf2Yvj2+vaTYrm30bWwyK I16QwxXAu7UEjjP7kd8rXv37Hv7Xnjb9oLwv8Svhj8Z9Bj8O/Er4cxS2+pxwKUhuFKyxFwhZ9kiS RlZAGKHKshwdq+T23xr/AOCt2g6XH4R1L4JaDrmtLGsUesrdW4hlIG3zpUjvkiDk/MceUv8AsAcV 7J+xt+yT8SPg/o/xJ+J3xp1SHW/ip8VTJPfi2ZTBbBvMcRBwEQu8kpL7QI1CqqfKuSAfB37Nvhnw 34i/4JF/EufxBpNpqcukTeIL2ye6gjma1uo7aNUnhLqTHKoYgOuGAJwea7q88FeDfD//AARs1DxJ oOg2Gm6vr2hac+o3ltaxQ3N60WrxhDcSooeUruO0uTjJx1r3j9l79lD4weG/+Cfnjz9nf4gaXH4b 8X+JRrcdrDNcwXESm8gRLdnltHmQKXX5sEsBzt6CuV+B/wAC/wBqfx5+yF4y/Y5+Ofgu08E2Wn6M LPw/rIvILgXV0ly1zGtwlvNOQiuseXVBlM8bsCgD7q/ZiIH7G3wuYnAHgfSMn/uHR1+Xn7EOleDN c/4Je/EDR/iJ4wl8B+GbzV9Sj1HV4QrSQ2zLab41VlbeZx+52KpZw+1RuIrt/hvZf8FOtI+EFh+y rH8O9I0OCwsxoieM7jUbeRLXTCDEsiQRTMZJI4flQqhbAUtHuyayPAf7CPx31H/gnT4m/Z28RWcf hvxvJ4jk1iytZruCWG6ii8gokkttJLGokCNtyflcKWAHNAHmfh34pfsa3vwc/wCFO/BH9mfxD8WF gsHtJNdHh6CKS6nVCr3r6gPOuInLZfdtXy/urtUADu/2IdL0nxv/AMEtviNpnjKwttctNBPieWwi voUuUtZYbAXEckKyBgjpLI7qy4KsxIIJr0zwjq//AAUh134QaX+zrpPwe0j4cyWmmw6JP4qudUtn t7e2jiWFpobO3aQ+ayA4MfmKHOQqiu7/AGHf2ZvjJ8Nf2S/iX+z58VtFTw9qmuXesRWFz9qt7qCe 31Kxjtlm/wBGkkZArqxKuFbBHGcgAHz9+zz4K8G6d/wSJ8V+NtP0GwtfEWreGPFEN5qUVrEl7cxx Xt2qJNcKokkVQqhQzEAAAdBXinxX8R+Ibn/gnV+zB8GNIvpdMsPiVqqWGozxnAa3iunCxP6qZJUk x3MYzxmvoP4DfCD9tLw7+yl8Sf2Q/HXw0tbTS7bw3rcOganDqNmz32oX05kS2P8ApJUK/nSMsjLG qhQHIPX0vWP2GfHvxP8A2Avh18F9ZZPCXxP8BY1CwaSdZIoL1JpiYpJrVpV2vHJkPGW2uFPOCCAe 5/Fn9gv9l68/Z51v4e6L4E0rSJdM0q4aw1WK2jTUobqCEtHPJeYE0hLqDIHchxwwxjH5CfEj4jeI viN/wSH8HyeJ7mS8uvDvjGHRo5peXe2tYbgwLnuI4nWMH0UZ5r7m8WeM/wDgqR8S/hxcfAu8+EWm eHdY1m1Om6j4s/ta2+z/AGaVfLlnjiilfy5HQnJTey5JSNTja79ov9g/xxov7BXhf9mf4FWLeMNf 0nXLfUr2RprayNzI63DXM4NzLFGqq8ioibywQKDuIJoA7b46fsR/s5+DP2GvFen6Z4I0xNc8MeFr jU49a+zp/akl/ZWxuGme7AEzeY6HcpbZg7QoXAH0D/wTs1jUdc/Ys+Fd7qk7XE8enTWys5yRFa3U 0EK/RI41UewFewfH3wb4j8a/s3/EDwD4YtPtuva34X1LTrO38yOPzbq4s3ijj8yRljXc5A3MwUdS QOa4b9iH4a+NfhB+yz4C+HHxE07+yfEWi290l3a+dFP5TSXk8qjzIHkjbKOp+Vj1x1yKAPqyiiig AooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAC iiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKK KKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD//R /fyiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK/ITRf2iP29/jL8a/jD4C+BUHgePR /hlrsul51qK8jneJpZ0gO6GRw7bYDvOFGcYHoAfr3RX5ufBb9qf9oLRf2ibD9l79rTwto+l+IfEt hLqGg6r4fkkNldpbpJJIjpNJIwbbFJg/IQVwUIdWr9GYL6yuppre2uI5pbYhZURwzRk9AwByCcd6 ALVFZN3rukWcV5LNeQg6eu6cGVQYwRkb8n5c9s9a+a/2Pf2kh+1L8Io/ihPp0Ghz3V9ewpp8c/ny Q28EpjiMjEKSzAZJ2qM9BQB9VUVUnv7G1nhtbm5jimuSREjuFaQjqFBOWxntRNf2Nvcw2dxcxxT3 GfKjZ1V3x12qTk49qALdFc94k1O4s9KvoNHmthrbWs8llDcOFWSZEJTcCVOzcBuIPAzyK+EPiV+1 X8V/2dv2RdG+K/xj0bRtT+JF9eGxmsdOugunK013MkMyMrzM6JAsZkVX5ckbl7AH6IUV8UfH39ov xZ8Ovj3+z98OfBh0+80D4o6hq1rqc0iNNII7FbYx/Z5EkVVOZnDEq3QdMHP19pXiPw/rslxFomp2 uoPaNsmW3nSUxN/dcITtPsaANmiisG/8VeGNKtZr7VNYs7O2t5PJklmuI40SX+4zMwAb2PNAG9RV P+0dPFiNTN1F9jZBIJ96+UUbkNvzjB7HOKrW2u6Je38mlWeo2897DGkskEcqNKkcn3HZAdwVuxIw e1AGrRWHN4n8NW2rx+H7jVrSLVJhlLR541uGH+zGTuP4CtygAoqtc3tnZCM3k8cAmcRp5jBdzt0V c4yxxwBzVbTdZ0fWRO2kX0F8LaRoZTBKsvlyL95G2k7WHcHkUAaVFYdj4o8NapqE+kabq1pd31r/ AK63hnjklj/30Ull/EVo3+oWGlWcuoancx2drAN0kszrHGg9WZiAB9aALdFY1j4j8PanDa3Om6pa 3cN9u+zvDOkizbfveWVJDY74zivH/hfrfxr1L4m/EvTviNBpEXhHTrqyXwu9hIHvHgdZvtJvVErl WBEezKpn5uD2APeaK5+28WeFbzVpdAtNZsp9TgyJLVLiNp0x13Rhtw6dxXzX8b/2nrf4SfG34R/B yGxtrlviReXsV3ezXIjGnwWUSPnywOXlMgClmAAB4bIwAfWlFZ1/q+k6VYNquqXsFnZIAzTzSLHE AehLsQuPxp+nanpusWceo6Rdw31rKMpNBIssbD2ZSQfwNAF6isRPE3huS4tLSPVbRp7/AH/ZoxPG Xm8v7/lruy+3vjOO9Gr+JvDnh94I9e1W001rltsQuZ44TI3ogcjcfYUAbdFIrK6h0IKsMgjkEGvA Pj/8Y4fhz8HfiN4t8Gajp154n8HaLe6hHaSSLMY5beJmTz4UdZAuRyMr9aAPoCivljwZ8fb1v2Ot N/aS8cJbpejwkPEF5HArRwNMtqZzHGrMzAM3yqNxPIGa6n9mTxb4+8X/ALPHgfx78Xp4P+Ej13S4 9UvHiiFtCkd2TPCNmcJsgZA2T1BJxQB79RWTo2v6F4itTfeH9SttTtlYoZbWZJ0DDqNyEjPtVfU/ FPhjRbyDT9Z1ezsLq6/1MNxcRxSSf7iuwLdO1AG9RVa6vbOwi8++njt4yQu6Rgi5PQZJAye1Zy+J PDr6w3h5NUtW1VF3m0E6G4C+pizvx74oA2qK/P39tj9pj4mfCTXvhp8JfgcNG/4TP4l6lPZLd6y7 Na6fFbrDl5UjIK7jOrBmDAKrYRyRj0P4Jar+1mvxHi8OfG268Lat4Zi8Om4bUNEZlnm1d7pNm2J3 Di3+zMfmMSguAQcHBAPr+isS68TeHLDVYNCvtVtLfUroZhtZJ40nkHqkZIZvwFWTrOji0lvzfQC2 gbZJL5q+Wj5A2s2cA5IGD60AaVFVp7yztbZr26njht1AJkdgqAHoSx4xUUuqaZCYBNdwxm5Vni3S KPMVRuYrk/MAOSR0HNAF6isux1vRdU07+2NMv7e7sMMftEMqSQ4X7x3qSvGOeeKj0bxF4f8AEUUk /h/U7XU4om2O1rMkyqw7EoSAeOhoA2KKyNZ8QaD4dtlvPEGpW2mQO4jWS6mSFC56KGcgEnsK+RvA v7QfjPxP+2z8QP2fLlLFvCfhnw5YatZTRRt9qea6FuW3y+YUZP3rYAQduT3APtCiisS58S+HLPVo NBvNVtINTuRmK1knjWeQeqxk7m/AUAbdFfGPxI+P/jjwn+2j8I/2ftLhsm8M+ONL1a8v5JIna7WS yt7iWIRSCQKq7ol3Ao2RnkdvVfgzrfxr1fxB8Q4fi1BpEOmWGu3EHhw6ZIJJX0pXcRNeASSbZ9u3 cCE5z8ooA95orDHijw0dY/4R4ataf2rjd9k8+P7Rj18rO/H4Vpz3tnavDFdTxwvcNsjV2Cl29FBP J9hQBZorFsPEnh3Vb650vTNUtby9s+J4IZ0kliP+2iksv4gV8x6z+1Da6d+15o/7MUdlarbXfh2b XLnVJLkblmE7wR2qR8AN+7LMWYk5ACjGSAfW1FFfF37CH7QfjT9pD9nq3+KvxHjsbXVH1C+tnFlG 0FusVswCnbJJIQcHklqAPtGiqdrqFhfW322yuYri35/eRurp8vX5gSOO9UNI8S+HPEBmXQdVtNSN s2yUW08c3lt6NsJ2n2NAG3RVS31Cwu5p7e0uYppbYhZUR1Zoyc4DAHKng9fSlN9ZC8GnG4j+1FPM 8nePM2Zxu25zjPfGKALVFc/beLPCt5q0ugWms2U+pwZElqlxG06Y67ow24dO4roKACivkH9rD47e KvhpH4K+F/wnW3m+JfxQ1VNM0f7SnmwWdvEVe9vpo8gvHBEfu55LZ5CkHub/AF742ad8f9I0H/iT v8LE8OtcajeTSJHqn9rJJKCVj80YtzGsZJ8vAJb5uMAA+haKpjULBrL+0luYjabS/nb18vaP4t+c Y980HULAWX9pG5i+ybd/nb18vb6784x75oAuUV8XeG/2hPGetft0+Iv2c2SxfwhpnguLxDbzRxsb t7qS5tYuZfMKGMpMxACA9Du9fsSLUtOmvJNOhuopLuEbnhV1MiDjllByByOo70AXaK5+28WeFbzV pdAtNZsp9TgyJLVLiNp0x13Rhtw6dxXQUAFFfIv7Y3xl8a/CXwR4V0r4XyQJ418feJtK8O6UbiIT pG13LumlaMkAqsSMCTwpYGvrqgAor56+A3iv4vajoOuSfH/+xNP1Y+ILu10hNKnRo5dMVIvs+/8A ey/6QXZwy5Bxt+Ud/eri/sbOWGG7uY4JLltkSu6q0jeigkZPPQUAW6KqzX1lbTw21xcRxTXJIiRn CtIV5O0E5OO+K+OP2EP2g/Gn7SH7PVv8VfiPHY2uqPqF9bOLKNoLdYrZgFO2SSQg4PJLUAfaNFZg 1rRzp76uL+A2MQJe481PKUL1JfO0Y781Ho3iDQfEdsb3w9qVtqluDgyWsyTpn03ISKANeiio5pob aF7i4dYoolLO7EKqqBkkk8AAdTQBJRVZLyzltRfRzxvbFd4lDApsHO7d0xjvVcavpLR28y3sBS7O 2FhIuJT6Ic/MfpQBo0V86fG3xp8VB4W8Pal+zlPoOsXk3iC1tNTfULlDbrpu2X7V5LLLGDcK4jCr knG75T24X4pfHLxh8F/2lfAHhvxdJBN8MvifG2j2c4iCT6b4hjYNCskufnhu0IRARkPk5CjBAPsW iisvV9c0Xw/aG/17ULfTbVestzKkMY/4E5A/WgDUorN07WtH1jT11bSL6C+sXBKzwSrLEQOpDqSv H1qheeLfCmnpaS3+tWVsl+dtu0tzGgmb0jLMNx+maAOhoo68iviz9s39pbUPgl+zp4o+Kfwlv9J1 fXdBurC3McrC7hjNzdRwuJUhlRg21jgFhg9qAPtOisvQ7yXUdF0/ULgAS3VvFK+3gbnQMce2TWpQ AUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAH/9L9/KKKKACiiigAooooAKKKKACiiigA ooooA+J/2pviv4u8Lavp3g7wxeSaYk9qLueeE7JX3u6KiuOVA2EnaQTn2rI/Zg+LnjLXfFM3gzxL fTatbTW7zQyzsZJYnjxkGQ5YqwP8RODjHU5+kPir8GPDPxXgtm1WSSyv7IFYbmHBYIxyUdTwy55A 4IPQ8nNP4UfA3wv8KZLi/sJpdQ1K6Ty2uZgAVjyCURV4UEgE8knA5rtVWn7LltqfOSwOK+u+15vc 9enax7XRRRXEfRhX4GfAzwv+1d4j/ai/akb9mnxnofhOGDxew1NdYtDdGdmuL3yDFiGXbtAfd0zk dcV++dfkZpf7Ln7eXwn+NHxc+IXwG8T+BLTSPibrkuqNFrDX8twkYlmeAMI7MqjBZm3BXYZ6HigD yTwqPjP8Bf27/APij9tyW38c634+t20DwjrukTiOw0yaR/Kki+x/Z4Duc3KIWIGBKWBkOdn0h+xR /wAne/thf9h7RP8A0C+qbwV+x/8AtE/EH46eEPjl+2B8QNJ8QN8PWefQ9E0C2eOyiun2t5rySxwt w6I5+RmYogLBV2lvir9mn9rD4XftG+OvjX+yn4g8LyaX8Txatq+meJ1ugtvdW6FFmjNqpLhSzup3 LjzCpRwA1AHA/CbwR4R+J37ZX7Y/gjxtYJq+hapB4djurZ2dUkEdvvALRsrDDoDwRyKt/wDBIH4Y eA9J/Zwtvitp2kRw+LNdub+xvb8PIXmtre5PlxlSxQBcDooPqa9e/ZF/ZN+LvwP+LfxW+JXxa8Va d4tm+JEWnSvc2glinN4iyPdh4WiWOOJZJSkGx2zGqllQ/KJP2GP2d/2if2X7TV/hR451jw9rXw1s 3urjRp7L7Quqm4uJlYeejxrEsZTeWUMxVyAGZeQAc1/wU60G/wBE+Gfgf9o3w9CZNY+DPifT9Yyv 3jZTTRxTx/R5RBu7bQc8V8Gftn/FLXfE/wC1fB+0X4GuTeeDv2dv+EQa7eIFklXXJzdOykf89I3W Fx7Y4Nfu98Xvh5p/xa+Fviz4ZaptW38T6Zd6eXYZEbTxMiSD3jYhx7gV+dfwI/4J9eK/An7IHxS+ BHxG1bTdU8X/ABE88rfW81xPaRfZ7aOPTFeSaGOUrBNHvIEZwDhc4FAHOTSQfHn9s343/E+B1vfD 3wZ8Dy+HNMlU5jbUNStppp5EPQsitPE2OxXPGK+EPHfgHwhrX/BJL4NeOtT01J9e0bWr6ytLos4a K3vtavvtEYAYKRJ5aZJBIxwRzX64/sj/ALI/ij9nz9mbxN8LfE+o2OpeNPF8uqXOoX1vLNLbPPdx fZ4P30sUcrKsaqzEx5DM+Aep8h1D9gz4lar/AME8fD/7KFxr2lW3jXw7eS6hFdxPPJpskp1K5u0Q yNCkwBinwW8k4cdCOaAPG/24v2dfANr8U/2R/wBnrwFbyeE/Cl7qviO1MVhPIssNtdSWE12IpZGd w0geTkkj5umOKvfGf9nf4Xfsh/tRfs1+LP2eNPn8It4s8Rf2Bq1vDeXM8N5aTNbxkOLiSQ8q7bhn DHa2Nyhq+ktY/Z2/aa+KXjv9nX4ofFzUfC6a98K9S1q610abLdpFcQXxtxbfZEeA5kCQnzQ7IucF SQcD1b9pz9nrxn8afiR8DvGHha90+1svhp4nj1rUkvJJUlmt0eFituI4pFaTEZ4dkHT5qAPsavwz /ZU/ZR+FPx8/aA/aX8XfGOwbxNpuifEDXbLT9KmnlS0hnnvJnuLoxxuuZHQRIp7BT1O0r+5lfgt+ zboX7WcHx7/ac8X/ALM+q+G5oD4/1my1LR/E63Qt3cXlw8N1BJa/MJE3MrKSoZcZ3ELtAOd1eK8+ D/w4/bS/ZK0u+uL/AMFeCLCx1TQI52Mv2CLVAk81sJWyxUeZGACfvI7feZjXqHw++APw9/Ze/Yri /bM8M21zefFuTwQt/Hqt1cy3Ajn1yGIRssDMYx9nSVVU7fug7i2a990j9hn4iJ+z58Z9I8VeJ7HX fjJ8b1EuranIZYtLikicm3gi2xNIsMSs/IiychQoVVr658P/AALs779lrRP2c/iM0d3FH4TsvDmp SWbtsLwWSW0kkDuqtgOu+NmQHgEqOlAH4PeBPCHwA8R/AWA+Mv2f/i/4r+JPiSy/tGbxrbaNc3LS alcr50d1az/bAskCsylGMf71PmYFmr9C/g7+2f4j+Bn7LXw2vv2ofB/jG88XX7ahpriHSZHvmTTJ FEU10l1JA+ZIZIwJDkyMrsec1naH+z9/wUe+G3w0b9nb4e+O/Bt74NhiksNO8Q3i30Gu2OnPlQip GrxK8aHEWPMKYAEgwu39CvgF8KJfgl8JvD/w2u9fvfFN5pUTfadT1CV5Z7qeVzJI37xnKoGbbGm4 7UCjJIJIB+Q/7d/x60H9qv8AZj8D6x8O9O1zwu0XxO0rSkbV7YWF0ly+n3brNEI5ZPlXzVw24EMD 6ZrY/bF+DvgX9hH9myfSP2bLXU9E1b4ra1pHh7Vb6Cea71CS1hhuZn+zlnGyWYgqUQqrh2AA4x9+ ftofs9eM/wBozwj4D0DwTe6fY3HhfxhpniC5bUJJY0e0sorhJEjMMUpMpMq7QwVSAcsOM9l+1h+z jpH7Ufwfu/hpf6k+iX8NzBqOl6jGpdrPULbcI5dgZdwKu6MMg4YkEMAaAPxD+JHg/wCFGj/D3Tp/ 2XP2dPjD4E+KvhiS2n0nxDLoV0rSyxuom+2MlzLkSpvPyRcNgACMsp+t/iR/aP7YP7U3wY+Anxkh u9N8IW/ga18ba3oDCWxN1q9wrKbeZcrKohJVSpIZMSr8rEkd74n+Bn/BSP4xeHdM+EXxO+IPhPw1 4Wglt/7S17w4b9Ncv4YGDDhkjjV2IBbZ5SkjnK5U2P2oPh74Xtv2gPhFD8IviXD4D+PHh/Rza6KN chubqy1vR4xKjW13dbHQyDEp+ZjIxckLvKMoB4j8Tf2Zvhv+zt+33+zfP8J4JNG0DxVfapK+jieW W1try0t0WS4hWV3KGdJI1YDj90Meg6f4XeH/AB54s+Ln7fnhr4X3hsPFmpnSrfTJhJ5LLcyW2ohA suR5bN91XyNhIbPFeZ6loXxw1P8A4KP/AAJg+NfjfRvFnjC1TULm40rw5DImnaHYwW8rp80uHMlw 4kLGRQ/yoMkFAPtjw9+xx43/AOEv/af1DW/E0Wjaf8b5NOfR7zR7i4XUNPayS5/eTjZCFIeVDtjl YOoZSVzyAfkTp+h/ss+D/Anhz4Z/tB/DTxj+z/8AE/SpLYr44iiurhJbyGRWluQ3mISJcEqI4pBF nKP8vzfaf7XPwW+D3j/9rn9l+81ixg8UW3xJS+j1m/ErhdZt7KztfskpMThVXaxZTFtBDdxXXa9+ zN/wUP8AiD8IR+y/4/8AFnga48DNHbWU+vtHfXWtS2NrIjR/JIgjaYBBksFYn/lrn569e/aB/Y9+ KV3Y/APWP2a9b0u01/4DwvZWUfiDzvs93bPb29uGdoEkbcBb8rgAhyQylQCAfEXx+8UeEvGf7b2t /Cv4pfD7xj8R/hj8INI0+z0fwv4Tspr2JLma1gkF1exrPE20CVo1bdlwqA/KGDehfsnXGqeCf2yI NN+Bnwq8f/Dv4O+NtLuV1fTfE+k3VtYWWrW0Us0dzBI0k6RiQRJGC8mSzsgGCgX6a+In7MH7R2l/ F/Sv2p/gH4h8P6b8S9T0S00zxdpGprctoeqSwRIrPDJGvnKFaNFjBVDtRTuUl1bq/gV8BP2mLn42 3v7Qn7T/AI2s5tRSxOn6X4b8NzXaaLaxuCGklSbb5jgM2Awc5bcX+VAoB8B/8Ew/2Pvg/wDEP4Oa V+0L8S7O71nxB4f12SbRx9qlEFnDpcizoi26sEffcGR2VgQcjABLFvDfgd4s+Fnxyh8W/Gf9p34I fEf40eKPFmo3KwXuiaXcXukadYrjy7Szkju4drREsCMHYAoXB3Fv2m/YW/Z78Z/sx/ACx+FXj290 +/1a2v726aXTJJZbcpcOGQBpooXyB1+THoTXzf4a/Zi/bE/Zd1jxToP7JHiDwnqnw88TX0uoWul+ KVvFn0a4uOHFu1sCHjVVUAsxzgZj3bmYA+TPA3xm+OnwK/Yo/aB0+30jxb4W0rwrf2Nv4HufFGnz Weo22ma3dG28oPICm61jXIMbERySDBAZAPUPjB/wTy+BPg79h/VfG3hu1ntfiBoPhp9an8QLdz+f ezC2868jlQyeWYbhC8YQLwCOSd2760+G37FWtz/s/wDxA+F37Q/jm98a+IfilK91q14k0rW1lNv8 2EWEc3CrFN+8zsQMcKUCqBXgHiD9mT/gon4w+CN1+zBrfjrwYng62sTYRa2iX39r6ha26f6La3Hy GONHKpHPIqlwmeZjuDgHPfEG/vNf/wCCeX7O3wC0aVo9S+MbeF/D5KHDx2QEdxdTf7qLGof/AGW9 K7z9pnwzY/HP9s74U/sd+Irie1+GGleHH8SahpNtI1vHqDwPPBbQM6FXKRiFeFPCl8YbDL6h8Mv2 UviZoPxJ/Z/vfG9xptz4b+CPgyexQ2s8khm8Q3aLazOkckUZMKwKGSRsNuH3R1rs/wBqH9mT4h+P /iR4K/aH+AHiGx8OfE/wLHLaRDVUkfTdS0+ctutrnygzqB5kmCqEneeVYK6gHAt+x74W/ZZ+IOtf tK/ADU5PCfh/RvDWpPq/hKNJrq01aW2t5ZYXEktxmFlcIQArDK4XbvfPz/8AscfsZfBv9pn4AR/H z9ou0uPHXjn4mzahdXWo3N5Oklokd1LbRpbCKRUTb5e4fKQudgGxQte/eA/2YP2gfij8ctM+On7Y usaBcJ4XsL2w0Xw54bFwbFP7QjaG4luJLgByWRj8oZskI25dm08V4D/Zt/bo/Zo0vVPhL+zl4v8A CGrfDq6ubibSZvEsd5/aeircsXdUWBWik2sxYbt6s+WKIGZaAPzw+JPjHxlb/sJfF74KeJNbuNdP wc+I8GhaZqMzlpmsoJ5EiXzMknY0TFOfkVlUfKqgfSv7bf7Ffwi/Z1/ZdHxo+HEV7p/xN8G32l3c niP7fcyX17d3FzHFPNMXkZNzySeaCqqQRgEAsD7P4z/4JxeJv+GOtU+BHgrxJZ6p488Ua9b+Itc1 rV3mhgur0HM20xRTyBQBhAVJY7mYgsQPsD9tb4GeLf2j/wBnPxJ8IfA93Y2Os6xLYPDLqMksVsot buKd97QxTOMqhAwh5xnA5oA/PT9sf4J/Cnx1+1P+y/r3iXw5BdXfxWubtfEreZMo1BLO0sFgVwrj YI1YgbNuR1zXWaa+jfBb/goT8S5fCuni30rwL8E91jZpucJb6ZJZGGFdxLEBYwoyST65r6s+L/7N Xjr4gfFn9nHx5o1/psOn/CCe8k1ZLiWZZpxcQ2sa/ZAkLq5BgbPmNHwRjPIEqfs6+IbL9svxn+0l 4hn0668D654Hbw49iGmkvmkE1vLIXhEPlmJo4XHyyliSBs5yAD41/ZG/Yu+D37Tn7OyfHf47RXXi j4h/E6bUL+41trqaK4sZI7qW3h+yiN1jTy/KDAFCAfkxsUKPlDwxZXem/wDBJL4+adqF2b+6tfHg iluWYs08iX+kK0hYkklyC2SSTnrX0h8DfCvxc8P/AAj16P8AZG/aC8Lp8A3uL2WPUdds7mPWvDkU jF7hI45I0XehLMpmKhj+8QLvzSfsMfs9r8dv+CcPj74S3uoyWVp438Q6hPYajJETuNo1mYJzGSCV Nxa/ON2eGGc0AfVn7aTon/BNvxMzsFB8OaKMk9zNaAfma+MP2pvh7b/Fi4/YN+G17dT2dj4j0qWy vJLaQxTGzlsdJFyiOOhkh3p3GDggjivUfG/7J/8AwUM+MnwM/wCGefiP448FWHhrSLS3ggnsVvWu 9Xax2G1S9leHbHErIrs8cW8sgyrZJr6U8WfspfEPXvGX7K/iKz1HS0tvgdaywa0sks4e4Z7SzgBs gICHG63cnzTFwV75AAPz8/a4+HPw1+APj74X/skfDvwz4lm+GPiq6vPFHiTQ/DPn6hq+svEgijt0 3yrJJEi2xZ08z5FLSj5lXGXHJpPgX45/DL4ifsffAH4n/DWe31S3sfE1tqOhXkel6hos7qkvmgT3 P7yMEkFgFBxITvRTX6h/tafsveLPjPq/gr4r/B7xJD4R+KHw4uJJ9JvLpGezuIp8CW2uQgZgjY+8 Ef5S6FSHyvk+mfAf9tj4yfFfwf4u/aU8Z6F4X8J+CLoXsej+Cp7+I6pcIVIF08xB8pioyC7fIWQI pYvQB5J4O+Ffg79tT9tD443/AMe7eXxF4d+Ec1loOg6JLLLDaw/aBN59wyxMjMzPAzAkndv5yEQC p+yH8GtB+Av/AAUY+MHw48JTzSaBaeFLSfTop5Wne1trma0lFuHcsxSJiypk52Yzk5J99+JP7N/7 Q3w+/aB139oj9kbWNCW58dW8EHiXQfE32gWNxParshuoWtRvDKvUblwS5ywcqK37L37LH7Qfw3/a W8cftD/HTxVoviS+8caPHazDTPtEZt7lZYSsMccsSr9miihCRtv3nA3JnJIB9P8A7VnxI1n4Q/s4 /ET4j+HHMWr6Lo9zJZSBBJ5V1IPKhk2sCCI5HViCCMDnivz2+E//AATf+CPxc/ZU0DxV4la5n+KH j3SLbxA/i2W6uJryDUtSiW6R9gmVJEjLhWU8vgtuDkMP1V+JHgHQPin4A8Q/DjxSjSaT4lsZ7C5C Ha4jnQoWQ9mXO5T2IFfl/afs0/8ABQ3wz8KZP2XfDXjzwdcfDwwS6XB4guIb1ddh0iUGMwCIK0IY RMVQAsVGAJhgFQCHXfC3iTwR+39+yh4P8X+In8W6xo3hTXbS41aSEwSXrRWN4oleMySkOygbiXYs csTk18+aZ8VvE3wX+EP7dvjzwZcPZ65D8RL2ztLhM77d7/UmtWmVh9140lZkbs4Wvujw1+xLrHw+ +OnwA8YeC9Ts5fB3wf0DUtJvBdySrqN3PfQXCedHGkTREPLPvcNKu0EhQcDMPgn9h3ULnw3+0n4G +K1/ZTaJ8bvEt9rFg+nSSyT2cM073Fs8yyxRKJoZPLfYpdCVxuIoA/LuHwH8CLv4CxadpH7O/wAY pfitLYLfQeMo9EuWlfXGTzVuhKt4QbdpumIy3l/MP3nz17N+0ZP8UfjJ8Bf2O9N+KJ1Xwr428R+K 4dG1CaaOWw1OGYziw+0lZAsiSyIBMGwM7twGCK+jx8Bf+ClVn8L4/wBnLT/H3g1PCUNuNMj8UKL+ LX00tR5aptVfLWURDaCMtj/ltu+evYfiZ+xz4w1rSv2cfD/hDxHHqdv8GvEun6zql7rtzcNe38Nt NHNO0bLHNuldlYqjsqKCF3gCgD5J/ao/Zi+En7IvjH4A/FX9nnTJvCOsHxrpmiXjQ3lzML21uss4 nE0j5LLGyNjAZXYMD8u3b8b/ALO3wX8Q/wDBVbT9B1nwvDdafq/g9/E13E0swEusfbph9qJEgO75 F+UEJx92vt/9sP8AZ78Z/tB6b8NLPwZe6fZP4N8Yab4gvDqEksYktLNZBIkPlRS5lO8bQ21TzlhX m37QX7Of7Q+o/tSeFP2nf2d9X8PRX+naF/wj+oWPiD7QsTW/2iWYyRtbxyElhLjHylSikbgxAAP0 Pr+TX9n34s+KPF3wq+Hf7J/ia8vfh98IfFXiS8tdd8TQRtjUJp9si6as7ARwocxrISW/1gZx5asr f1lV+Xnwv/4J93cX7EGpfsrfGO80661ee9vNRstQ01pZ4bO8dt1rOjTRQvlDlZFCjcjMmcNmgDxj /goW+j/B/wAN/Az9k/4c6Lq2n/DzxLfXP9r6V4VgaXVL/T9PMG60gXcpmkn893k3sSzhXcnnPzd4 3HhvwH4k8EfEn9jD9nT4q/Drxj4Z1GD7d9q0G9Fhqek/8vFvchbi5d2YhR90bgW3HcEK/ffib9jr 9oD4ofAP4daZ8QPGWl6Z8bfhBfG58PeI9PluLy1uI4xH5a3nnwQuHk8uMSsI5MmIOd+90pt/8BP2 7vjx4t8KWn7Q3jbw94Q8E+F72O9uYPBM2oQXurSQ8BZZJdpRHGQcMAu4kRltpUAy7+H/AIZt/wCC mVjqqj7N4S/aL0lraT+GJde00Dacf3nAQD1e5b615h8LvDnj39qPxP8AtS/tM/Dq8Nvq+q2l34H8 C3Qk8rbb2UQ82SGQkeX9oYRFJARsd3OeDj1f/grJH4VuP2etP1SDWFsfH3hzxBplz4bjtpB9vkvp JBG0cSqfMH7pzLwPvRp7V9C/Dv8AZZj8MfsYad+zLbatc+HNRl0TyLnUtPkaOeDVLg/aJ50eNlZl Fyx+XcN0Y2ZwaAPxD0/Q/wBlnwf4E8OfDP8AaD+GnjH9n/4n6VJbFfHEUV1cJLeQyK0tyG8xCRLg lRHFIIs5R/l+b+mjwvd22oeGdIv7PU11u3ubO3ljv02lbtHjVlnXZ8uJQd428c8cV+TGvfszf8FD /iD8IR+y/wCP/Fnga48DNHbWU+vtHfXWtS2NrIjR/JIgjaYBBksFYn/lrn56/VH4c+CNM+Gnw+8M /DrRZHlsPC+m2emQPIcu8VnCsKs3+0QuT70AfnVG8vjb/grc9tqYDwfD74etNYqw4SS6njSSRB/e ZbxlLDsMdqzPiz4b0rxl/wAFR/D/AIQ12Lz9N1z4TXtjdR/34Lm61CKRfxViK6f426bcfBb9v74V ftAzqYvC3xD06TwLqlx/BBfyM01jvJ4AnkEaA5wPLYn3oeJLm3v/APgrh4SWylWc2Pw0lSfYwby2 N7dsA2OhxIhwezA96APhnTfHfijT/wBg3V/2MJLnb46i+Ii/DWJeTJ5N3e/a/N25yYm2yxDnG3AB xioLf4geJte/YN8OfsYRXBTxzqHxCf4dXCf8tI7a1vReSSkdRHHviiPbbkHoa++dT/YO167/AG/L T9qO31OwTwNvi1S60oyzi6fWYLN7WOVYREYSocrNvMobcXG3nlnhb9gvW9D/AG+tX/aju9S0+TwS 73Op6fpqyTNeR6xe2sdvcSyQmIQBWYyyB1lLZ8vK8ZAB8MftMfFPxr+yp+2h4zl+BPhqTVNRs/hf aaLY+XC08ek2dsbeVr2WNVIZLeG2P3sIGKlsqCrfZ37PnwD0eT9i3xT46/Z/8RyeJPip8WtCurm5 8V3Unl39xqc6Nvt/NZi1v5c26P7+VkG9mJAI+iNJ/Zy8WW37bvij9o/UrnTbjwjr3g1fDi2ZeV70 3H2i2lYyRND5PklIWGfNJJIG3GSPDfh9+w/8TvhtJ8YfhB4U8XQaV8F/iFHLdaItrd3UWt+H9Tk2 MDCqxLG0AYbGH2gM6ImcEvkA/LfT9D/ZZ8H+BPDnwz/aD+GnjH9n/wCJ+lSWxXxxFFdXCS3kMitL chvMQkS4JURxSCLOUf5fm/po8L3dtqHhnSL+z1Ndbt7mzt5Y79NpW7R41ZZ12fLiUHeNvHPHFfkx r37M3/BQ/wCIPwhH7L/j/wAWeBrjwM0dtZT6+0d9da1LY2siNH8kiCNpgEGSwVif+Wufnr9Ufhz4 I0z4afD7wz8OtFkeWw8L6bZ6ZA8hy7xWcKwqzf7RC5PvQB8ReP8A/i7X/BRH4d+Cl/faT8HPDd/4 mux/yz/tHVmFnbRv/togWZPQZPrX6IV8l/s//BXxl4K+L3xs+MPxDa1fVfiHrcC6eLeUzeXomlw+ RYhyyrskZWJdBkAgcmvrGSWOFDLM4RF6sxwB+JoA/mx0jwLqev8A7Cfxc+I3hldviL4WfGDUPE1j Io+dfssdkk3P91Ucyt/1zHpXTft5fFXxJ8bPiX4V+K/wpl8zSfgf4T0Px04BLFbvW76zljjyOjCA wykkfdR+OlfZP/BNXw5o3j/9nP40+GtWUXWi+KfHXiW1k2kFZrW8s7SJyp5BDKTg1d/ZM/4J9eJv g78Fvi/8OvizrGna3q/xNtf7JW6spZ544tOgs3t7UM1xFE6vG0rEKoZVVU2scYAAug65pv7Tv/BR XQ/E+jv9s8JfBnwdBqEDfejOqeJIhLEfTJtZVb2aH16fkT+z78WfFHi74VfDv9k/xNeXvw++EPir xJeWuu+JoI2xqE0+2RdNWdgI4UOY1kJLf6wM48tWVv3P/wCCff7I3ij9k34c6/pPxC1Gx1jxX4i1 COae50+WaaAWVpAkNpAHnihc+X+8IGzADADgV5v8L/8Agn3dxfsQal+yt8Y7zTrrV57281Gy1DTW lnhs7x23Ws6NNFC+UOVkUKNyMyZw2aAOU/bt/Zy1zR/hd8I/C3wY+H9x4p+FngDVGn1/wdo8skM+ o2w8sxN+63TSsCJvMYB5C0u887mHk/7ImtfsfX37VWkap8Gx4h+CXi97C4stQ8D6pBJFaau+xznf JLKA8QIdU+QkxhlQHfu+gdZ/Zh/bO1r4TfC68/4WPpmnfF34UXUiwTw3l9Nouu2GI1jGoq0ETmdV TYzeU4cFiW3SZS94W/Zk/ac+Ln7QPgP48ftXan4VsIvhqs76VpnhaO5Lz3EwA3XM1z8wQMA4UO44 2hV3MSAfpvXz1+1v/wAmrfGP/sTtf/8ASCavoWuP+IfgzT/iP4A8TfDzV5GisfFGmXml3Dp99Yr2 F4HZc9wrkj3oA+F/gg6R/wDBL2wkdgqr8PdSJJOAALOfOa/MTxh4Ul8efsb/ALFHgSG8m08+JvE8 +lm4t32SxLfXz27MjdiFc19k+Hv2TP2/dL+DN3+ygfH3g+2+Gv2a6sI9YjgvH1qTTrguTabGQQos gYxuTuZEYhXfAFdxp37DnxYtPhd+y94Jk1bRDffBPxNFrWsuJ7nyri3S++0lbM/ZgzybOAJFiGf4 sc0AeJ/tp/sw/Bz9mT4K/DzRvg/pEml2+ufFLw3cXfnXEty8jw2d7GnzyszAD5jjOAWbGAcD6b/4 Ku6OLv8AY51vxNCwivvCeq6PqdnKOHin+1pah0PZgtw34Zr139tP9nrxn+0b4K8D+HPBF7p9jc+G fF+meILltRkljR7WyiuEkSMwxTEykzLtDBVIByw4z47/AMFII9S+J3hj4f8A7KXhMmTXviv4gt1m VefI0jSyLm8un64WJvLbkcgNjJGKAP0C8Fa1N4k8G6D4iuV2TapYWt06gYw08SyEY7YJr8d/2mn/ AGT1/az13Uv2gNR1z41a6mn21vpfgTQ9MuLlNCXYhdmaK5SOSSbh9p2lS+WU5jK/tHYWNrpljbab ZJ5dvaRpDEvXakahVH4AV+Yd9+zR+1p8G/2jviN8ZP2ZtS8I6tpXxTkhnvrbxV9sWazni3EeW1qu WjDuxGH5UhSmUVqAPkT9kW9sfDvx5/aS8BeBPC2ufDrwRfeCptXt/DGvK8d1Zz+TCqyPFI8jIXEz soLE7GVSSFFbv7FP7CfwO+N37F1l8RfilYXOu+JPEFtqsWn3kt7cqdJgsrm4t4I7WNJBGqrLG0xD IwZnIIK8V9J/Cf8AYw/aK8JfHb4i/Gb4j+NNE8WXXxN8JXmlahJGtxaSW2pT+UIY4IfJdGtII4Uj VzIshXkx5HP1P+yL8DPFnwC/Zc8M/BLxjd2N5rmjRanHNNYSSyWjG9vbm5j2PLFE5ASZQ2YxyDjI wSAfkXZfGP4maj/wTB+FHgy08QXNrqHj/wAWDwVPqRJaWLSpLi5zH5hORhESIDIJiBXOM13n/BQz 9hD4C/BT9le68f8Awg0ubw5qvhqWwtryRbueU6ra3FxHCyXSyOUZxM0cwKqMFeBjG36Z8F/8E+td m/YatP2X/iLrtpaeKdJ1K41jTdV0mSaWC01ATSSW0gMscEjALIUkG0EBjtOQDXm/xx/Zd/4KL/tN /CofCr4o+MPA2nWGlNBMj2H29JNauYHVVe+k8lhEioXkAiiAaUKDGBhkAP1z8Kf8ivo//Xnb/wDo ta36zNEspdN0aw06chpLW3iiYrypZECkjODjI9K06ACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooA//T/fyiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKyNZ8QaD4dt0u/EGpW2 mQSMEWS6mSFGc9FDOQCT6Vr1+Ln7MfwM+HH7cviz4wfH79o6zl8YSQ+Kb/w1oun3FxPBBpem2Kxy RrEkEkZVys6jJ5DKX++7MQD9n4pYp4kngcSRyAMrKcqynkEEcEEVi6f4p8Matfz6VpWr2d5e2v8A rYIbiOSWP/fRWLL+Ir8V/wBon4WfEj9kH9myw/Z+8D/Ee9vNE+KXju10fTpnhaGfQ9IvhI0lmtx5 zs4Yom4qIgR5vA3muy/av/YV+B/wB/Zx1D4ufAa1uvBfj34aRW+o2Wt297Obq4aORElE5aTYxlVm PyquGwANhKEA/YmW/sYLhLSa4jjnkUusbOA7KvUhSckDue1UNK8SeHddSeXQ9UtdRS1YpM1vOkwj YdQ5QnaRjoa/D3426PH+1j+0f+yHZ+L57jT7T4j+C5dQ1eOyle1aWCWxa+urYMhDCKYI0TAHlGOD 3rvfFHwL+Hn7KX7fXwDj+BNhJ4Z0f4i2+sadrOmx3E01rcx2sGQXWd5CcmRTjO3dGrABskgH7K2d 9ZajALrT7iO5hYkB4nDqSOvK5HFFvfWV3JNDa3Ec0lu22VUcMY29GAPB9jX4+/s0/EDSv2L/ABT+ 0p8A/FjeVoPw/wDtHjjw9EzYMuk3UakwRk9SrG3iGOsrPwDXyt4kv/iV8Ef+CeVp4/iuby08e/tM eMEvdYvbJG+3/YdSWeeOO3Ksp3TRxBlXIJE7rnnIAP6GbHxR4a1TUJ9I03VrS7vrX/XW8M8cksf+ +iksv4itFdQsHvX05LmJruNd7Qh1Mirx8xXOQORzjvX83XxI8H/CjR/h7p0/7Ln7Onxh8CfFXwxJ bT6T4hl0K6VpZY3UTfbGS5lyJU3n5IuGwABGWU/YXxn1nXPhP8f/ANmr9tXW9Pk0KLx9p1l4W8Z2 8sT232aXUrdZYvPjfDo0Lu5dW+ZfsyqeeKAP2EmvrK3uIbSe4jjnuc+VGzgPJt5O1ScnHfFeDfs9 eKPi/qXwug1n9o3+xNO8UPdzxv8A2ROrWPk7gIcP5so3kZyN/XtXx54IX/hor/gpB4r8dv8A6R4W /Z90tdCsD1jbXL8OLlwDwWjUzRP6FIzxxn8zY5ZYP+COgmgcxyR+NQyspwysLjIII6EGgD+l5fEn h19Ybw8mqWraqi7zaCdDcBfUxZ3498VwHgz4V/Cj4LXHjDxV4VsIvD7eMNSm1rXLmW6maOe9nYtJ MxuJHSIMzn5U2IM8AcV+Qv7bf7Ffwi/Z1/ZdHxo+HEV7p/xN8G32l3cniP7fcyX17d3FzHFPNMXk ZNzySeaCqqQRgEAsD6t8b7CP9qz9sv4Xfs4fEi5nb4f6Z4RTxhqWlxO1vHqWoSF40V3jKsUQbMYO QPMAILEgA/WSx8R+HtThtbnTdUtbuG+3fZ3hnSRZtv3vLKkhsd8ZxWtJJHDG0srBEQFmZjgADkkk 9AK/ED4m/szfDf8AZ2/b7/Zvn+E8EmjaB4qvtUlfRxPLLa215aW6LJcQrK7lDOkkasBx+6GPQftf rejaZ4j0a/8AD2twC607VLeW1uYWJAkhnQpIhKkEBlJHBBoA+NvhN+1tJ8XbP45Tafp9ppknwu1P VNM05DcfaHvRpsLk3LgbPkeRMhV6LxuJ5re/Y/8A2iLz4z/s2eBfir8U7/S9K8Q+Km1BDFEwtYZG tdQuLVBDHLIzE7IlyNxycn2r87P2LPgf8KtG/wCGp/FumeH4oNX8F6/4p0PR7gSSlrTTRDMggQFy pG0YywLe9Yv7EP7BPwI+Nf7Gth8RPilp91rPiDxDFqqWF019cR/2VBa3dxDGlrFG6xgecjzMHVgz O2eCRQB+9eRjPasPS/E/hrXLm4s9F1a01C4tDiaO3njleI+jqhJX8a/nD1L4+fEm7/4J3fA74cvq WtXQ8b+Jbvw/qEulBrjWLjR7K5KixtRuBeR1kSKOMsN6oIydhYVe+Juj+B/DGk+HPFv7G37Ofxa+ HPxN8JXltNaahcaFefZry3RgJ4b7FzcNIsi8nCfNyjfIxwAf0lV8+ftCfAL9n345eHbeP4+6JZX9 hpBZ7e8ubh7KS1MmN2y5ikidVbaNy7trYGQcCvbtC1CbVtE0/Vbi3ezlvbeGZ4JVKSRNIgYoytgh lJwQeQetfkj4f+GnhX9tb9tz40R/HNJvEHhH4Nf2dpGh6DLLJDaRzXqSefcOsTIzMXt3OSfmDqDl UQAA9x8VfC74LfsPfs5+P/jV+zD4W0y11yy0oSx39xLPqX2lVlUbXmkmZzGSclY3VSQCRwK9K0P4 l/tA+MdF/Z38W+FbbQ20XxvpVvqPjI3DeVPELmztZ4/7OjaYMfnklyMSEALn1Px58a/2SYP2Xv2Z P2kG8C+KZ5Ph74n02O407wzNHJIukzpJH5jxXUk7s4kyQQYwSoTczFcnlPFf/I1f8E3f+wT/AO4v SaAP2g1jX9C8O2wvfEGo22mW5IUSXUyQoSe25yBmr0V3aT2q3sEySW7rvEqsChXruDDjHvX87F14 78DfGr9qf4xeLf2ivhT48+Mmm+FNZufD3h7TvDmmzX2maVbWcskLmZUuIdk8ojV9vQsXYgnbt9t/ ZKuvGHhXX/jz8OvC/gXxr4N+C1/4ZvtY0C08X6bcWp068SJY7i2hlkaSPbKZndV8xmZIwx+YOSAf tDeeLfCmnpaS3+tWVsl+dtu0tzGgmb0jLMNx+ma8Q/ay/aAj/Zm+BXiL4ux6dHrV5pS26W1jJP5A nlubiO3BLYYlYzKHYKMkDGRnI/Kr9in9hP4HfG79i6y+IvxSsLnXfEniC21WLT7yW9uVOkwWVzcW 8EdrGkgjVVljaYhkYMzkEFeK8o8T2Vp8UP8Agjnpfj7x7G2s+IvAl4bTR76eSRpraGTWYbZlB3YY eQRENwOEAAxjNAH9C3gzxFD4s8KaT4ihlhlOoWsEz+QweNXkjVmUEE9CccnNeWeLdb+Ndr8efAuh +F4NIf4cXtrftr8lxIBqaTpDIbUWqeapZTIE34jbC7uR1Fv9nb4YeA/hL8I/D/hn4d6RHoumXFtD fSQxvI4a5uYkaWQmRmbLHrzj0FfGHx2/5Sefsz/9gbxL/wCm+8oA/SPVPEnh3Q5ra21vVLXT5r1t kCXE8cTSt6IHILH2Ga+TP2Zvj944+L/xd+PHgbxTDZR6d8NfEMel6WbWJ45WgYzgmdmkcO/7teVC jrxXxF+yr8Avhl+3BqPxZ/aF/aP0+XxdqV54nv8AQNMtLieeCPS9NsUjaKOJIXj2OBMBzyNu77zu T5b+z/qGtfsn/Dv9tuTwpqE2oaj4F1CC1028uT582f8ASYLaWQ87njDozZ4ypyMcUAfvBN4n8NW2 rx+H7jVrSLVJhlLR541uGH+zGTuP4CtOe9s7V4YrqeOF7htkauwUu3ooJ5PsK/mi8CeEPgB4j+As B8Zfs/8Axf8AFfxJ8SWX9ozeNbbRrm5aTUrlfOjurWf7YFkgVmUoxj/ep8zAs1d18V5vjH8Wv2ev 2S/Cfxi/trwx41vfHA8PXF5eRT2OqCN5ktoLrMwWXzPIdT5h5dgWJJJoA/oSsPEnh3Vb650vTNUt by9s+J4IZ0kliP8AtopLL+IFfMes/tQ2unfteaP+zFHZWq2134dm1y51SS5G5ZhO8EdqkfADfuyz FmJOQAoxk/nr+1R+zF8JP2RfGPwB+Kv7POmTeEdYPjXTNEvGhvLmYXtrdZZxOJpHyWWNkbGAyuwY H5du343/AGdvgv4h/wCCq2n6DrPheG60/V/B7+JruJpZgJdY+3TD7USJAd3yL8oITj7tAH6GeGvH /wAWtC8VfF3Vfi5Ho1t4I8OG3l8NPZTr9slgWKd7lbwGV9shKxiMFUzlsA9vhD4M/tCft9/Hf4S6 38evCE/gO10zUI5F0LQrgypcRyRajHbM9zJJIiqnlLPhmlBd1QhAGxXMeAPhz4K+KHxg/bv8N+Pd LTV9Niu9GvVhkZ0AuLW21KSF8xspyjgEDOPUGvmzRPhL8O/D3/BG/wAQ/FvRtFjtvF3iqGCDU9QD yGS5itfFqRwqysxQBEjUDaozjnNAH9EejX17D4YsNR8VSQW16LSGS9ZGAgSYoDLtYkjYGzg56d6s 6Pr2h+IrX7d4f1G21O2yV821mSZMjqNyEjNfg9+1h4+XxV8XfgT8AvG2geKPF/w207wZp/iHVfD3 hO3kuL7VbmRJI4hJGkkRaCEwISwYFQz7SGIKs+H80HgX9q34Y+LP2Uvgd8Sfhp4d1q9TSPGNjrOi XcOkT2d06RRXJ/fXAQwb3kdnKou1WGPn3AH394x/YG/YO1nxbd+OPFHg/TrS9uLofaY11O5srR7q Y5UNbx3EcSuxyQiqoY5+U19xeHPDmg+ENB0/wv4WsIdL0jS4Ut7W1tkEcMMMYwqIq8AAV+HHw0/Z P+Gf7Uf7bH7TafFyO71DQ/C+qWv2eygu5baM3eoLKBcHyipLxpbkLzj5vmB4Ffudomjab4d0aw8P 6NALbT9Mt4rW3iX7scMKBI0HsqgCgDxP4D+JPjHqXhrxPqPx9XRbG8s9dvItObSplaD+yESL7O07 ebIFm3GTeCRgbflHf2KbxR4atr+10q41a0ivb1Q1vA08ayzKehjQtuYe4Br8IPhV/wAo5f2tf+x0 8R/+itPra1D9hj4JP/wTvPxt1azu7/4kt4Mt/FS6/NfXLXKTJZpdwwKpk8oRRxBYFXZwoBBDAMAD 94q+SfiF+1Da+Cv2pPhz+zmllatD4ws9Rvr7UprkJ9kWzt5pI4Vj6b5HjGWZuFOApJyOt/ZH8Ua5 40/Zh+F3ijxLdPfarqHh7T3ubiQ7pJpBCqtI7Hks2Mse5JNfnL+0j+zz8GvG/wDwUw+FWheKfDMO oWHjvRdVvdbieWZRe3FnaXCwSOUkBUoIYwAhUHaMg80AfZXgD9o7xTrn7Yfxn+CHid9OsvCHw803 R7yyuSpin3X9rbzSmeZ5ChUNK23CrgYyT1r7L03VNM1myj1LR7uG+tJhlJoJFljceqspIP4GvxLi /Zv+H/7Q/wDwU/8AjlovxPgn1Hwv4f0vQbt9LjuZbeC7uTpljHAZ/JZGZIgXYAMPmxnK7lPTfAjS NJ/ZN/bG/aB+FvwyFxB4D0nwUniu30eSeW4iivII4CdhkZnO7zHXJJYrtUk7VwAfsBqfifw1ol1b 2Os6taWFzdnEMVxPHE8p9EVyC34VuV/Mp8Cbn4NfFTwFqvxJ/aR+BfxQ+MnjjxxdXk1x4h0rSbi6 0+KIStFHFp00d3EoEW3B+T5GBjHyIBX6n/8ABM/WPiy3wa13wT8UtI8Q6bB4U1ma10CTxNZTWeoS 6LIqvbrIJh85iO5TtZlQbUU7VFAH6J3N7Z2QjN5PHAJnEaeYwXc7dFXOMsccAc1W07WtH1hZ20i/ gvltpGilMEqyiORfvI+0naw7g8ivy2/4K76dfav8DfhvpOl3L2V7e/EHSIIJ42KPFLJZ3yo6sCCC rEEEHIIr5w/bL+Cnw7/Y1+G3hf4XfAKw1vTU+M2t2Gl+Ip9MllvtYv7DTwd1vaK7gedctcf6pCiy thMBCRQB+52l+J/DWuXNxZ6Lq1pqFxaHE0dvPHK8R9HVCSv41c1TVtK0Oxk1PWryHT7OHBea4kWK JM8Dc7kAc+pr+cX4m6P4H8MaT4c8W/sbfs5/Fr4c/E3wleW01pqFxoV59mvLdGAnhvsXNw0iyLyc J83KN8jHH2T440PT/wBsP9vXTvg38XIblvAXw+8G2/iT/hH5Wkt47nVL0wAtOqlJD5a3KqQT8pjK YAdwwB+ttprei34tzY39vci8QyQeXKj+ag6smCdwHqOKtW19ZXrSrZ3Ec5gcxyCNwxRx1VsHgj0P NfjBo/7Pngv9nr/gqB8MdE+Gqy6f4X13w/rGoQaU00ksFjcm3uIrjyBIzFEl2I+P72QOAAPbP+Cd 3/JQ/wBqf/spusf+j5aAP0zt76yu5JobW4jmkt22yqjhijejAHg+xrNm8T+GrbV4/D9xq1pFqkwy lo88a3DD/ZjJ3H8BX4peBvidrPwhj/b9+JPhZwuraNr2bOTbvEVzJJdQJJjofLdw2DxxzxmvmLwJ 4Q+AHiP4CwHxl+z/APF/xX8SfEll/aM3jW20a5uWk1K5Xzo7q1n+2BZIFZlKMY/3qfMwLNQB/S9d 3lpp9tJe386W1vCCzySsERFHdmbAA+tZ+j+IvD/iG1a+0DU7XU7ZTgy2syTID7shIr8GvH/hz9qf 4zfsh/AzW/iP4D8QeMofAus3SeMfC8y3VhqutWlrIi2Mzoyi4lIhDK7qrOzPv/vMOx/ZM1P9jnWP 2o9NuvhEniH4K+KrnTrmw1PwNqsEkVprLGOTPzyTSYeMHeqfISYwyoDv3AH0V8KNM/Z2/aL/AG1f ir431zwPY/8ACX/Cy90mx07U5dQmuDfTpFOPtS2u8W4MSwII8IxXG8tuxt/Rjxx4rsvAvg7W/GOo APBotlcXbIXEfmeRGzhAzcAvjaPc1+RP7B37Pvwd0T9rv9oXUNL8NQwXHw012ztvDriWY/2fDdw3 sU6oC5Db0+Ul9x9MV+lH7T3gXwn8RPgD468O+NNOTVNOXSbu7ELs6jz7OJp4HyjKcpIisOcHHII4 oAyv2Ufjs/7R/wADfDvxau7O30q91v7W8thbzef9lSK8ngiVmOGLFIgSSq5OSABwPb7bxT4YvNWl 0Gz1ezn1ODPmWsdxG06Y67ow24dO4r+e3w7La/s//wDBKjS/ib8JLU+H/HHxYu49E1bWbeWRZ2iT UL5EfcWIiKwo0QaMKRvyDuAI+sfjx/wTq+Afwp/Zg8QeL/hzBd6H8Qvh5pE+uW3iaG9uEv57zTYj cSM/73YPO2MAFA2EgoRjkA/Tz4p/CzwR8Z/BF/8ADz4h2H9o6JqJiaSNZHhkWSGRZY5I5Yyrxujq CGUg/gTX57+GdG/Z4/ZK/bK8I/Cj4X+Dre01r4nWGp3WteIb7VJ7m4t4beOW5Fuizu4QzTRK7nK7 hjIY7Sv2V+yn8SNb+Lv7OXw8+I/iUh9X1vSLeW8cLsElwg8uWQKOAHdS2BxzxxX5u/tI/s8/Brxv /wAFMPhVoXinwzDqFh470XVb3W4nlmUXtxZ2lwsEjlJAVKCGMAIVB2jIPNAH2V4A/aO8U65+2H8Z /gh4nfTrLwh8PNN0e8srkqYp91/a280pnmeQoVDSttwq4GMk9a+y9N1TTNZso9S0e7hvrSYZSaCR ZY3HqrKSD+Br8S4v2b/h/wDtD/8ABT/45aL8T4J9R8L+H9L0G7fS47mW3gu7k6ZYxwGfyWRmSIF2 ADD5sZyu5TD4E+zfsXftI/tO+BvhB51t4P8AD3w+k8X6fpE80t1bwalbwQlCPMZmKlpGDEsW2YDE hRgA/ay98UeGtN1KDR9R1a0tb+6/1VvLPGk0n+4jEM34Ctyv5l/g3o/wF8dfB9/EHxx+Avxa+J3j /wAZCe8vvF1hpE93G0srMIpLCcXaIyRqFwWjIZgQwKYUfrr/AME4vEXxi1r9my10r43abrGn674a 1K60u3fXrSe0v7mwjSKW3ldbgBnAWUxBxkfu8ZJUmgD7xd0jRpJGCqoJJJwAB1Jr8i/2dP8Agob4 2+LH7UTeAvFWlWVj8MfGVzrFn4M1KOJ45rubSnUjzZGlZWEkWeAi4kZFBPf6P/4KL/GuT4Kfsr+K LvSpSmv+LAvh/S1T/WGfUFZZWTHO6O3ErqR/EF9a/Gn4q/Fj4V6R+yh8IPCnwn0HxPpXxE+DF5aa 1b6hd6LLBam6dvP1ItNuO2Np8SgntGqk4oA/eX9rf9oyw/Zb+CupfFO403+2b5Z4LHT7HzPKFxeX JIRWfDEKqhnbAJIUgcnI/Pz45+D/APgpF8Sfgvrc3xd8N+AfEXhW7tor3UfCNlPqVvqAjtHW52Rz QyoDMjRhtounUlQAH+6frL4p6p+zp+15+y54WtPid4itfDmj/FOKyk0iSW7iguYtWbBSK38w4kmh lLRumDn5lPXNfN8nwp/4Kf8A7OmmH/hWnxD0b40eHNJjxFpmt25i1GSKMfdDMQ7HaMAG9JzwAaAP r/8AYX1n4OeIv2ZPCWu/Azw4PCfhq8W4ZtMMzXEtveJM0dysszlnlYyKSHc5ZNpwowo+uq+Wf2Of 2htE/aY+Cdl8QtK0RfDd3bXU+m6lpqEFLW+ttpdVIVTtZHRxlQQGwckZP1NQB+c/7Zn7Q/7QXwy+ L/wk+D3wBh0F9U+JB1CIvrsU7xLLa+SU+eGRSi4ds/K2TivOvGPxm/4KZfAjQ7n4j/EvwN4K8ceE tGQ3GqQeHpruG/itUGZJUaZjgIOWIhkwMkgAEi1+2F/yfj+yV/1+az/6DBX6d+Ip9ItfD+p3PiDZ /ZcNrM935uPL+zqhMu/PG3ZnOeMUAfH3xX/avtx+xRq/7VXwTkt70jTYLyyS9QyRxyvcx280M8aO h3xMzowD43LwSOvy3ZX/APwU5+OHwet9Tn034aan4W+IGgpM1lK2p288+n6tahjE7RSoY3aKXaSk oKno/Ga+WPg4dTP/AARn+J327P2X+0br7ED1Fv8AbbPIz3/e+Z0r6b+BvxB/4KVR/A/4faV4A+Fn g+TQY/DukxaXqF9qTb5LNbOIW800SXKsGaMKzKAME4wKAPPv2M/2eP2Rv2ibbxp4P+JXwW/4RH4i fDfUF07XLCDX9Zkti7mRVkhJv2IG+GRSu5wMBg7Bhj7++Fn7JX7HXwa+Jln4h+Gei22k+NdNSZYV /tu+up0WeNopM21xdyqcoxGWQ46jBwa+EvGXw3+M37Ff7J3x3/aA8YeI4b/4x/FK7sTe3mmAi301 bm58nEDlUIdFuZSHVQFbywv3Nzd7qv8AwTc+AGn/ALK02u2dvcRfEmy0JtcXxWL24F4dXjt/tRmP 73yxGZBjbjIXkN5nz0AfRf7fH7Q/xV/Z58FeB7/4Qw6ZNrfi3xJbaJ/xNYpJYFW5ilZT+6kjKneq 5PPGeK8l8Q+K/wDgq/4H0S98WX2g/DnxLa6XE1xNYWBvxdTRRjc4h8ySJS+0EgbsnsGOAfin4/8A xa8e/GD9gz9l/wCJGpY1XxfP4yt7cNcHaLy7057y0ieVyRzMYVMjZHzFjx2+2Ne8Vf8ABVnxpo95 4Z0/4f8AgrwbJqMTwf2o2otcPbCQbTJGqTy/OoOQTG4H900AfX37Kn7Q2j/tQfBTRfi3pVi2lS3p lt72yZxJ9mvLdtkqBxjch4ZCQCVYZAOQPQE+E/gS3+Klz8bprRpfFkmlrpAu5pndLewSQzGOGNm8 uIM/zOygFu5xXl37IP7Olr+y18DNG+FC6guq38Ek15qF2ilI5ru5bc5jU8hEUKi55IUE4JwPk79t yO8+NH7S/wADP2QdU1K50/wT4w/tHWPEEFs5hOoRadE88Nu0i4bbmCQFQeC6vjciEAH6aaN4i8P+ Io5ZfD+p2uppA2yRrWdJgjj+FihODx0NM1fxP4a8PyQQ69q1ppsl0dsS3M8cJkPogdhuP0r4S039 g/wB8FvjP4e+O37Pmoy+ALHQrS5j13QrZZ7231y32fJHma5HlMOTnDjeEYKGBLfKn7FP7Mvwv/bG +G2vftMftOWUnjrxX451S+jj+0XVxFFp1pbv5aQWyQyJsw24qf4V2hQvJYA/aye7tba2a8uZkit1 G4yOwVAPUseMUjXlmlp9veeNbbZ5nmlh5ezGd27pjHOelfgBp2qeIvB37Mv7Zf7L9/rFxrmgfCWW CLQ57pzLNDYX0sm22L5xtjECkKAAGZ8ADgfeHi50T/glVudgoPwoshknudIiA/M0Aei/Hv8AaG8Y /Dj9oP8AZ/8Ahl4TWwudB+KN5qsOpSyxtLKIrOO3aI28iSKq581skq2eMYr681nxBoPh22W88Qal baZA7iNZLqZIULnooZyASewr8ObD/kOf8E4f+wbf/wDpHYV6p4O+Ffg79tT9tD443/x7t5fEXh34 RzWWg6DoksssNrD9oE3n3DLEyMzM8DMCSd2/nIRAAD658C/tB+M/E/7bPxA/Z8uUsW8J+GfDlhq1 lNFG32p5roW5bfL5hRk/etgBB25Pf1P9qT4m+Ivg1+z545+KPhKO3l1jw5p7XVst0jSQGQMqjeqs hIwegYV+dH7Ifwa0H4C/8FGPjB8OPCU80mgWnhS0n06KeVp3tba5mtJRbh3LMUiYsqZOdmM5OSft T9v3/kzX4sf9gZ//AEYlAHq3wU+Klr4++Ffw78ReJtRsIPE/i3w7pWrT2cUqxsZb20inlMULO0mw M529cDHJr2hmVFLuQqqMkngACvxN8M/8E9vgde/sMWPxBvIbhviTP4Sg8SweIzeTi5trxLFbu2ij HmeWIIFCQhQo+RdwIbBHhvxo/aS+IHxV/Zc/Za8G+Kjr+qWfxLlv18UxaBE02taxaaDcrZmGFdy+ a9yu6SQE4LBWIxwQD+gvSPEvhzxAZl0HVbTUjbNslFtPHN5bejbCdp9jW3X84njceG/AfiTwR8Sf 2MP2dPir8OvGPhnUYPt32rQb0WGp6T/y8W9yFuLl3ZiFH3RuBbcdwQr/AEd0AY+teIvD/hu2F74i 1O10u3JwJLqZIEz/AL0hAq5p+o6fq1nFqOlXMV5aTjdHNC6yRuPVWUkEfQ1+H3xob9kJf2p/H+of G5/EP7Q3jC5MNvZeGdB0q5uIvDkMS7Tar5d0kUsh+XeQV2uHLKJGbHU/8Evb/wDsb43/AB++Hfh3 RNY8HeELObTL/T/Dmt71u9La584lHjdnZGZCoOWLFVTcSRmgD9pKKKKACiiigAooooAKKKKACiii gD//1P38ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACvzAk/Zn/aw/Z++I/jrxF+yDr3 he68JfES+fVLrRvFC3anTdRnz5s1q9sCGUnn5iBtCoUbYGr9P6yNZ8QaD4dt0u/EGpW2mQSMEWS6 mSFGc9FDOQCT6UAfmFb/APBN++8T/ATxh4W+J/jT7Z8VPG2vx+LLjxBaRsLey1iDzBCLeP8Ads0K rNMpOEP7wlVXaoEXjD9nX9vj9oXwnZfBX9oLxp4Q0nwGJrb+2b/w7Hdtq+sQW7rJsYTxrBGWZQzF VQB8Haygqfof9uz9oTxn+zl+z+3xS+G6WN3qR1KwtU+2xtPbtDdFtzARyRknAG07sexr1nU9b+Nc f7RmkeH9Ng0g/C2XQnnvJZJANWGq+bKFWOPzATBsEfPlnnd83YAHi/iP9ljXG/ai+BnxZ8GTafY+ CfhLomoaPJZSyzC8Mc1lNaWy26LE0bKm9NxeRCADgE8Hb+OH7PfjP4l/tK/A34yaFe6fBovwzl1a TUobmSVbqUX0UaR/ZlSJ0Ygod290wMYzX1Xq/ibw54feCPXtVtNNa5bbELmeOEyN6IHI3H2Fac13 a21u15cTJFAg3GR2CoF9Sx4xQB+aX7dH7CHiP9qXx54L8Y+CNctPD5gh/sjxMZ5ZopLzRftMdyiQ iKKQSSRuJGVJCqsxXLDbX0l+03+y94Y/aI+Bn/Cm4Lo+G20p7W50O8gQsNOurFSkDKgZcoI2aMjc CFYkEMAa+hpvFHhq2v7XSrjVrSK9vVDW8DTxrLMp6GNC25h7gGvmz9rH9phf2bNA8H3trpsGrX/i /wAR6foSpPceSttFeb2kunUAs6osZAGVG4glsDBAPlPxP8DP+Ckfxi8O6Z8Ivid8QfCfhrwtBLb/ ANpa94cN+muX8MDBhwyRxq7EAts8pSRzlcqfYv2+/DXwyg/Yo8Z+C/GOsJaR6Jo8MulyXk4lvHvr Db9iAaRvMkknkQRM3JYOxPevvS3ube8gS5tJUnhkGVdGDKw9QRwa+Zfjh+zV+zP8U/FuhfFP456L Z32oeGoxDaz397Lb2ojSQzKksXmpDKock7ZFYHJDAjigDzf/AIJ1/CTU/hb+zLoepeKTJL4q8fTS +J9YmnJM8lxqeHj8wt828QCPeDyHL9ya+W/+Hevxn/4YGP7LH9taB/wlf/CQf2t9q+0Xf9neR5u/ b5n2Xzd+O3lYz/F3r9etJ1XR9ZsItQ0K8gvrJxiOW2kWWIgf3WQlTj2NWLO+stRgF1p9xHcwsSA8 Th1JHXlSRQB8u/trfAzxb+0f+zn4k+EPge7sbHWdYlsHhl1GSWK2UWt3FO+9oYpnGVQgYQ84zgc1 8pftNeA9GHx6+DzfDf4k2Pw//aF0TRfs+mJqVrcS6VrWmKsiS200wiMY2sJiik7yHOF3bGX7j+P3 xy0j4I/BTxV8YIIoddHh62aSK1S5WIXEwZVEQkAfBy2ThSQAeK/On9ubxT4K+K/7L/wI+Jfizwlo niPUPGmueHrK4ErXGdPTW7GS6uo7aa1uIZkYPGgwzspAG9WOCADyTUtC+OGp/wDBR/4EwfGvxvo3 izxhapqFzcaV4chkTTtDsYLeV0+aXDmS4cSFjIof5UGSCgH7z18vfAX9nT9mD4AatqenfBPRtO03 X5YlivnF497qJjDbtsjTyyyopbkqNqkgccDH1DQB+ZPw3/ZY/aR+Fnxb+MVvoWteG774WfFm91vV pVnNymrW15qUM3kooWIxBUlkVZDvbdGu5QG+Svo39kL4HeLPgD+y/wCF/gn4xu7K81zRYtSSaawk lktGN5fXNzHseWOJzhJlDZjHzA4yME/St1rmi2KXb3uoW9utgoe4MkqIIVYZBkJI2gjkE4qJvEfh 5NH/AOEifVLVdK2eZ9rM6C32f3vNzsx75xQB+V/hn/gnT4ub9jfw18DPEviey0f4ieCdbn8QaJrW ltNPbW14ZmkiBMkcEhVlYBiEyjBWG7bg6/iX4Df8FCvjy2g+BPjd498M+D/Buk3UFxqN94Nkv4dX 1TyO26RUWPfkk7diq+G8tgAo/Uew1Cw1Wzi1DTLmK8tZxujmhdZI3HqrKSCPoazh4o8NHWP+EeGr Wn9q43fZPPj+0Y9fKzvx+FAGtbwR2sEdtDkRxKEXLFjhRgZZiST7k5Nfnb8Sf2af2g/AP7QOv/tH fska5oMd742tYYPEWgeJVuRY3M1soSK5hktsuJAB90lADvO5g5Ue0ftY/tML+zZoHg+9tdNg1a/8 X+I9P0JUnuPJW2ivN7SXTqAWdUWMgDKjcQS2Bg8z8Rv2ivFvhn9sX4N/AzQv7Pn8JePtN1i8v7hk Z7gNYWtxNEYZVkCKu6Jd2UbIzyKAPndP2Gvjf4w8AfGvxV8WfFekat8YPi9pkOlxm28+DRNNtLd4 2SFG8ppSCIk3HyjjaPvEs59N1v8AZI+I+pa1+yVqMGpaSsXwGsfs2uBppw1y/wBisrfNliAhxvtn P70xHBXvkD760jxBoHiCOWXQdSttSSBzHI1tMkwRx1VihOCPQ0ms+IdA8OW63niHU7bS4HbaJLqZ IELegZyBn2oA/OnxH+zJ+0v8Gvjh40+M37IOu+HZdO+I8ovNc8O+KFuhbDUMkm5t5LbLFnd3cgsg G4j5xtC9f8Ef2Z/jvpEPxP8AH3x68eR+I/HfxGsJ7GKwsZrldB0uJ4iiLDFIBzkICwiBVVIBcszN 9829zb3cCXVpKs8MoDI6MGVgehBHBFeX/FD4lad4R8EeM7/Q9SsZvEfhzRdQ1KKyklR5A9tbPNGZ IVcSbCVGemR3HWgDyr9kX4GeLPgF+y54Z+CXjG7sbzXNGi1OOaawklktGN7e3NzHseWKJyAkyhsx jkHGRgn5e8NfsI/EOH/gnlq37IfiDXNKh8U3k0l1De2zzzWAkXUEvoVZnhilCsIwjkRErkkBsYP1 3+yJ8WfE/wAc/wBnHwT8V/GcdtFrXiG3nluVs42igDR3MsQ2I7OwG1BnLHnNfSNAHgf7Nmi/HTw5 8LbLw/8AtCT6LdeJNNcW0MuhGY272MMUaQmXz0Q+cSH37RtxgjHIHmvxK/Z68Z+Mf2xfhB+0Lpl7 p8Xh34f2Gr2t/bzSSreyvqFrPBEYEWJo2UNKpbfIhABwCeD9jUUAfmL/AMM1/tY/AH4meNtY/ZF1 zwvceC/iLfSardaV4q+1/wDEr1O4/wBdPbG1X5kbjAJPyhUKNtDmb9mz9hvxv4J8M/HXwl+0J4js vF8PxlmSS4vbBpY7h2lSf7RLIkkSLFIJJt0YRnHAPH3a/TSigD8k9D/Z+/4KPfDb4aN+zt8PfHfg 298GwxSWGneIbxb6DXbHTnyoRUjV4leNDiLHmFMACQYXb6J4q/Yj8ct4a/Zz8M+H/Fia8/wh8VWf iDWtR125uTdX6R3CTz/ZwEn+bIKxRu6qqhQXzlj+lFFAHxz+2H+z34z/AGg9N+Gln4MvdPsn8G+M NN8QXh1CSWMSWlmsgkSHyopcyneNobap5ywrzb9oL9nP9ofUf2pPCn7Tv7O+r+Hor/TtC/4R/ULH xB9oWJrf7RLMZI2t45CSwlxj5SpRSNwYgfofRQB8KfDH9mHx74L+Jv7THjTVNQ0yWx+MxtP7HSGW ZpYPIt7uJvtYaFVTLXC48tpOAenAPlo/Yq+KY/4Js/8ADHX9q6N/wmf/AD9+fc/2X/yHv7U/1v2f zv8AU/L/AKj7/H3fmr9PaKAPzv8AjZ+yH8TNe1T4W/GT4HeJ7Dw38WvhlpUGkb79ZZdL1KzWPbJb zlFMioC8pUiMkhzkKwVlpeCfgP8AthfEn44eGfi5+074y0jRNE8Fh5LDw54Onvo7a7uGIO+8aYgs mQpKlpAwXbhQW3fo7RQB8c/s9/s9eM/hN8efj18UfEV7p9zpXxR1LTbzTIrWSV7iGOzW5EguVkiR FY+cu3Y7g4OSOM/Y1FFAH5heCv2Kvil4c/ZP+OPwJvtV0Z9e+JniDVtW02eOe5NnFBfparGtw5tx IrgwNuCRuBkYJ5x9Jah8DPFl1+xSv7OEd3YjxKPAsPhj7QZJfsP22PTlszJv8oy+T5gyG8rdt52Z 4r6rooA8W/Zy+HGt/CH4E+Bfhh4lnt7nVfDGk21jcy2jO9u8sK7WMbSJG5XPQsin2FfMf7VP7OXx 68ZfHD4cftE/s6axoVn4n8D2t9YPa+IBOLWWG8R03A26OzELK4K/Lj5SGJGK/QWigD4v+FH7PXxA 8Hftc/Ff9oXxJeaZJo/xA0zRbW2trSWZ7mKewtLeCcyLJCiBC8TGMrIxKkEhTkBND/Zs8UW37Z3j 39oHW7jTrrwf4v8ACkPh9LISTG981Wt/MMsZiEYiZYmGVlLcj5Rzj7RooA/J/wAF/s1/tz/sw6Zr Pwv/AGZPFXhHXPh5fXc9xpP/AAk63i6ho32li7onkK0bqCc5beGbL+Wu5lP2N+yj8CfE/wAAvhk/ hzx34yvfHPijVbyXUdS1G7mlljE8wA8q2WVmKRIB7FmLMQMhV+mqKAPjn9tD9nrxn+0Z4R8B6B4J vdPsbjwv4w0zxBctqEksaPaWUVwkiRmGKUmUmVdoYKpAOWHGdn9rz9mZf2mvh3YaLpOtt4Y8W+GN Qh1jQdVVS32W+t87d4Ug7GzyRyrBXAbbtP1bRQB+VviX4Df8FCvjy2g+BPjd498M+D/Buk3UFxqN 94Nkv4dX1TyO26RUWPfkk7diq+G8tgAo9X+P/wCzB8VLj4xeHf2mP2Xtd03RfH+i6d/Y19Y64J30 3V9NB3LHM8W6UOpxz1bCHehQE/fdFAH4ieF9B+Pum/8ABT/4X63+0VrOkah4j1rwzqksFnoSTLp2 m2kcF2iQRNcfvHJYO7s2fmbAYgDHt7fsy/ti/BP40/Ejxl+y54k8Jz+F/irqT6te2viZLvzdPvp2 eSWSEWyEN80jbSWII2q0fy7j9/ar8G/hvrfxU0X416no4m8aeHbObT7C/wDPnXybWff5kfkrIIW3 eY3LIWGeCMCvTqAPzN/Zv/YU8V+AfDnx28G/HTxHaeMLL4xypJNfWZkiu5HljnN1PLG0apFIZp98 YRpAMZJHSuF0P9n7/go98Nvho37O3w98d+Db3wbDFJYad4hvFvoNdsdOfKhFSNXiV40OIseYUwAJ Bhdv62UUAfmp41/Yx+NGhfC/4VWnwN+Kt4vj/wCF081y91rt1dPp+ttdMHnS7jVpSEUgpCu19sRK E5O8U/C37Mn7Tnxc/aB8B/Hj9q7U/CthF8NVnfStM8LR3Jee4mAG65mufmCBgHCh3HG0Ku5if03o oA/PD4d/s5/tD/CL9r7x18UfBmseHr34YfE++gv9atrz7QurQtbwyhFtgkZiyJZScs+GTghSK+7v F3h+Lxb4T1rwrPKYI9ZsrmyaQDcUW4iaMsBkZwGzjNdDRQB+S/ww/YW+NWofsxeJP2Q/j7rmgTeD 7RQ/hXU9GFzJqFrd/a5bszXMcyRI6bpANgbO0sm7kMLWv/s+/wDBRD4qfDpP2e/ih488HWXgqVIb PU9f02O9l17UbBGG6NklRIQ7oMSEBN3QswL7v1eooA4z4d+A/Dvwu8CaB8OfCUTQ6P4bsoLC1Vzu fyoECBnbA3O2NzNgZYk18W/tU/s5fHrxl8cPhx+0T+zprGhWfifwPa31g9r4gE4tZYbxHTcDbo7M Qsrgr8uPlIYkYr9BaKAPi/4Ufs9fEDwd+1z8V/2hfEl5pkmj/EDTNFtba2tJZnuYp7C0t4JzIskK IELxMYysjEqQSFOQMsfsq63q/wC1r8TPjH4tm0+88CfEDwYPCz2KSzC+PmCBJ/MXyljWNkjcBllL cj5R2+5KKAPyY8H/ALO3/BQn4A+Crv4GfA3xr4P1jwMHnTR9U1xLyLWNKt7hi5VVhR4SUZ2KZEoz yAq4Qfc/7MnwU1P4BfCPTPh/r3ii+8ZawjyXV/qd9NLK0tzNjcIhK7skSABUXPYsfmY19AUUAfDn x8/Zo8e/HP8AaX+EPjnVb/TU+GHw0kk1OaweWb7fdatuLxN5QhMLRI0UHLS5x5g288/ZniDQtK8U 6DqXhnXbdbvTdXtprO6hb7ssFwhjkQ+zKxBrXooA/IjwN/wTg8aXX7NOtfs3fFfxTaCHQfEEuueB 9a0mWaS705nD4W5ilhgAUsxdkjdstIxDgqjV0sHw7/4KxQ6N/wAIEfiJ4Ge18nyR4iaG5OphAuzd t+zeWZsc7jGeed+a/VKigD4J0D4KH9in9jHxb4c+Gniu3s/EOm2d7rM/iDWFAt31R0XzLiSPZMAu I1RE2uThQdzEk/RX7N3iPxv4x+Afw/8AF3xJbf4m1vRbK+v2MSwEy3MQlyY0CqhwwyoAweMV7LdW tte28lnewpcQTKUeORQ6Op4IZTwQe4NT0Afnf+2R+zT8ffi58WPhR8XfgHq/h7S9W+G51CQf29Jc iNpbrygm1Le3n3qAjbtxXGRjPOPL/GX7OP8AwUd+Omh3Pw9+MPxb8J+HPCGrr5OpJ4as7iW5uLZv vxZnggba44YCVQRwcrlT+sFFAHxj8V/2UrW8/Yx1X9lL4MNbaYh02CxsJNSkdYi6XMdxLLcSQxSN vlYO7FYzl26AdPoP4L+DdT+HPwd8CfD3W5YZ9R8L6Dpel3MluzNC81laxwSNGzqjFCyEqWVSRjIB 4r0uigDyX47fB7w58ffhH4m+EPit3h07xJbeSZoxl4Jo3WWCZRwCYpkRwp4O3B4Jr89W/Z8/4KMX /wAK2/Zp1Hx94Mj8FfY/7JbxJHFfNr0mk48nyTEVEPmGH5GOd2P+WxbLn9ZKKAPze+Nn7DN/rXwX +C/wX+C17ZWOmfC3xFY6rM+rSyo9xBB5rTspggkDTyyylyCqJknkcCv0hoooAK+LP2sv2ZPF3xj1 bwR8V/g74it/CvxP+G11JPpN1eI72VxDcACa2uQgZgjAfeCPwXXbh8r9p0UAfmt4W/Zx/ak+L3xy 8G/F/wDa313w5baV8N5JbrRdC8LLcmGW+kCjz7iS6G4BSiuBufJAGEBbdy/hD9mL9sX9l7VPEvhP 9lDxF4S1L4b+I7+W/s7DxSt6LjRJbjh1gNsCJI1AUDcxzgHywS7N+qNFAH55/DL9hGDw/wDAX4o/ D74geKH13xz8Zxc3HiPXkjwn2yXzDCYYjtJjgeQuFJUsS33FIVfnq4/ZO/4KC+KPgNJ+y14n8deD LLwPpmmHT7W/tEvX1O+gtY/9BtJ2aIJFAGSOOV0TzFjBx5vIb9kaKAPzVtv2N/ibDqX7Jl42qaOU +A9pcwa4BNcZuXmt7aJTZf6P84DQtnzfK4I46gafxJ/Zv/aG+H37QOu/tEfsjaxoS3Pjq3gg8S6D 4m+0CxuJ7VdkN1C1qN4ZV6jcuCXOWDlR+i9FAH5v/svfssftB/Df9pbxx+0P8dPFWi+JL7xxo8dr MNM+0Rm3uVlhKwxxyxKv2aKKEJG2/ecDcmck/VH7T3wu1/41fAHxv8K/C1xa2ureJdPa1tpb13S3 RyytmRo0kcLx/CjH2r3iigD8hLH9mH/goXZ/Bez/AGWB4/8ABw8ByWEWmXGurFfHW7fTnQJPZRJt ELoqloo2O1miAy8ZOF9y+MP7Cdlr/wAGPhj4L+C/iA+E/GHwXkjufDOrTqZEM42tOLlVz8tzKiyO QrYYfcZSVP6E0UAfl7f/AAE/bu+PHi3wpaftDeNvD3hDwT4XvY725g8EzahBe6tJDwFlkl2lEcZB wwC7iRGW2lf1CoooA/KjQP2Zv2yf2fvjF8T/ABP+zfqngvWPDXxS1WTV5j4oF8t3Y3EskspGbVcu qGZgCXfcACVU7i3ffslfsmfGv4D/AB4+I/xR+Jfi/TPGVt8Q7O2lubyFZbe9/tONw8i/ZjH5K24L yLGVmztVP3a5IX9GaKACiiigAooooAKKKKACiiigAooooA//1f38ooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACvxc/Zj+Bnw4/bl8WfGD4/ftHWcvjCSHxTf+GtF0+4uJ4INL02xWOSNYkg kjKuVnUZPIZS/wB92Y/tHX5gSfsz/tYfs/fEfx14i/ZB17wvdeEviJfPql1o3ihbtTpuoz582a1e 2BDKTz8xA2hUKNsDUAfLX7Y37OOq/sw/sKeIvh8PGU/inw3L4ysbvRLa5gMcmk2crvi0Eplk81Rg NkLGNxYhfmNfUHjydLX/AIKy+CLqQErD8MbhyFGSQt7fk4Hc1wPi3/gnV8VfEH7Nfi3wZc+LtM1r 4q/EXxPa+Jde1O7ae303fAznyLfyoJJNqeYxUmJcliMIoAH154g/Z68Z6r+3J4a/aZt73T18L6N4 Qk8PzWzySi/a6e4uZg6RiIxGLbMoyZQ2Qfl6EgH4t/A7xZ8LPjlD4t+M/wC078EPiP8AGjxR4s1G 5WC90TS7i90jTrFceXaWckd3DtaIlgRg7AFC4O4t7V4F1H4m6f8AsJ/tOfDbxZ4f8U6J4O8MxiTw j/wlthNZ340q8kfbakyfI/2cQqWEbMEMnZWUD6s8Nfsxftifsu6x4p0H9kjxB4T1T4eeJr6XULXS /FK3iz6NcXHDi3a2BDxqqqAWY5wMx7tzN1mj/safF6H9lf4p/DTxj4//AOEv+JfxTEs91e39xcjS bSd33LDbqUd44gSxLJCu4kDYFVQAD5F1D9hj4JP/AME7z8bdWs7u/wDiS3gy38VLr819ctcpMlml 3DAqmTyhFHEFgVdnCgEEMAw5/wDai8L+Hvit+yr+yZ8VvH1kNY8Wa9qnhjQr/UJpJPOudPuIJ3mi kIYAmV13s+N5bPzV+q+ofAzxZdfsUr+zhHd2I8SjwLD4Y+0GSX7D9tj05bMyb/KMvk+YMhvK3bed meK+c/ir+xd8U/F/7HXwn+C/hnXdKsfHvwru9J1KG4laZ9NuLrTYZYigk8rzQp83crGLkqFIAJIA P0L8DeBvCnw18JaZ4F8D6cmk6Fo8Xk2lrGzssUeS20FyzHkk8k1+Pv7TT/snr+1nrupftAajrnxq 11NPtrfS/Amh6ZcXKaEuxC7M0Vykckk3D7TtKl8spzGV/W34VL8T0+H+jr8Zm0tvGYjf+0ToxlOn l/MbYYfPCyY8vbuyOGzjIwT+fN9+zR+1p8G/2jviN8ZP2ZtS8I6tpXxTkhnvrbxV9sWazni3EeW1 quWjDuxGH5UhSmUVqAPn7/gnpe2Ph39sX4yeAvAnhbXPh14IvtBttXt/DGvK8d1Zz7rZVkeKR5GQ uJnZQWJ2MqkkKK+kP+CRn/JmWj/9hfVP/R1Xf2cP2Sv2gPhb+1T4m/aI+KvjHR/GB8c6EbTVWtkn tZ7e+86Bo4raAxNG1rDFbrEjtKrkclARz5p8Nv2UP25v2fNO8QfBb4E+OvCcHw01q/ubqy1PUobt 9a0mK6wr+REi+S0qgZXezIWG7Me4igD4+8D+CPCPjP8A4JZfF3WfEFgmoXHhnxZq+paZKWcfZ7r/ AEWESrsYBj5cjLhsjB6ZxXX/ALUPwd8H+C/+Cef7P2i/DSxHh258aeKPCepXk8Ekpd9U1DQ50kut zsxVyQp+UgDHAFfZnwg/YT8aeB/2KPiJ+yv4j1/T31LxVeajPY39qZpYEjmWD7MZw8cTBt0I8wKG Cg/KzVyOsfsi/tZfEX9nL4b/AAc+I+r+Ehqnw08WaHf2VxZzXqxS6Ho9lJahJGNsS10WcEYRUZep UjkA8S/bY/ZK+Dv7I/ww8D/HD4DWl74e8b+GPEemQtqn2+5mnvlmEnmtcCR2TfIwyxRVBBZNuw7R +69fHP7cn7PXjP8AaZ+C9v8ADnwJe6fYalFrNjqJk1KSWKDyrXfvAaGKZtx3DA249SK+xqAPxFT9 nfwF+0V/wU8+O2h/FOO41PwvoenaBfSaSlzNb295ef2XZxW7z+S6MwhV5SoyOW67Sytx37N/7H3w q8V/tVfHL4EeLlvtX+F3w1vra+0nw3Lf3S2KXmrxZE7hJQ7vDDGYlZmJIOWya/SX4a/s9eM/B37Y 3xf/AGhdTvdPl8O/EDT9ItbC3hkla9ifT7WCCUzo0SxqpaJiuyRyQRkA5APgn+z14z+G/wC018cP jPrl7p8+ifEt9JbTYbaSVrqIWMLxyfaFeJEXJYbdjvkdcUAfld4Z8eeIf2UPg1+2n4M+Fd9cWWne BfEOn2fh5WkeVtOGtXL2kjxuxLK8cQUq5Od6KxyTz5tD4D+BF38BYtO0j9nf4xS/FaWwW+g8ZR6J ctK+uMnmrdCVbwg27TdMRlvL+YfvPnr9RtE/Ye1DW9R/ac0n4oX9lJ4b+Ol9aXOnmwklkurMWpmk jlmSSKNBJHK8ciqrupKkMcdfLh8Bf+ClVn8L4/2ctP8AH3g1PCUNuNMj8UKL+LX00tR5aptVfLWU RDaCMtj/AJbbvnoA+YP2nvDF38Vf2Yf2Yfib8d/DFzbfEjUfFGleF9YfUorizvpLBJb2ORJoZChU 3BiWYttDHduUhSK9L/ao/Zy8AeIv2yP2af2dtEt5tA8Gvo2sW7W1jcSxP9ggSe5nthKWMgWdEeJ/ myVdhmvq39of9jPxp44/Zn+H/wAI/hj4sE/ir4a6tp+s2epeIJJpvt9zZpMshuJAJXXe8xdRhgu0 R8L8wt2f7PH7QXi79ob4E/tB/FO/8OLqPw/0vWrTxBBpkt0Flnv4bqG3NkksGGULLGZPMdCCG27g BkA+afEnwM+Hv7I/7e3wA/4UFaT+F9L+IkWsadrGnx3U81tcR2sClCwneRj80itjdjfGrABsks+A 3wb8Fftu/Hz44/FX9oy2l8VWXg7xHc+GNA0a4nlitdPtbRmUv5cLp87qEz2372O5iCv218c/2evG fxN/aS+Bnxi0G90+30b4ZT6tLqUNzJKt1ML6KJI/sypE6MQUO7e6YGMZrxfW/wBmb9pr4KfG3xt8 XP2Qtc8OT6R8Sbj7drXh7xSt0LePUSSz3NtJa5Yl3d3YFkxuK4cBNoB8d3XjXxH+wx8Rf2lPgf8A CnU7pvCWl+DV8U+HLWd2uzot7czW1qRF5hbCK92XO4HIRC+TuLehab/wT9+CWq/sPL8TJ4rmT4n6 p4UbxU/iY3tx9rbULmzN6ysfM8toTuMTZXLKSxO87q+nPhP+w/qdy3xT8cftO+IIfF3jz4v2Emj6 nLpatBZWGmMiqtvZeYgfK7EIdl48tPlJDM/jkP7MX/BQXT/hDffsraX498If8K7FpNplrr80V7/b o0llKJZmNV8lQY/3RPzFIyQshIUUAfTP/BN//kyX4W/9eV3/AOl1xX29Xzp+yX8IvEnwG/Z38F/C Txfc2l5rHh23miuJbF5JLZmkuZZh5bSxxORtcA5Rec/WvougAooooAKKKKACiiigAooooAKKKKAC iiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKK KKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooo oAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAP/9b9/KKKKACiiigAooooAKKKKACiiigAoooo AKK+F/2y/wBr3V/2dpPCXw++Gvhg+M/iZ8QZ2t9G09mK26bXRPMn2lWYMzhVUMoOGZnULz80eKfi 7/wVe+FXhy/+J3jDwH4M1/Q7CI3d9pmntK11a20Y3SlNlzliqg52tMR1AIFAH6/0V4F+zL+0F4Y/ ac+D2jfFvwvbvYJf+ZDd2UrB5LO8gO2WEuAAwBwyNgbkZWKqSVHvtABRRRQAUUUUAFFFFABRRRQA UUUUAFFUNV1CLSdMvNVnUvHZwyTMq/eKxqWIGcDOBXy3+yj+0pf/ALUvwX1D4t6ZoK6Ix1C/s7Gy abz2K2wXyjK+EG5y3zAYA6ZOMkA+s6K+dv2YPEv7Qniv4YjVf2mfDdl4V8ZfbZ4/sdiVMP2RQvlP 8txcjcxLZ/edug7/AETQAUUUUAFFFFABRVLUtRstH0661bU5lt7OyieeaRvupHEpZ2PsACTX5afD z9ov9tP4q/slP8cvhR4X0vxL4r1/xTdJpGnXEKwwxeHYS8O591zbh5UnjZd3mcj+E9aAP1YoqC2a d7aJ7pQkzIpdR0DEcgde/vXxZ+35+0X46/Zf+Ay/E34eW1hd6sdWtLHZqMUk0HlTrKWO2KWJt3yD B3Y68UAfbVFZ+k3cl/pVnfTACS4hjkYL0BdQTjOeOa0KACiiigAooooAKKKKACiiigAooprusal3 IVVGSTwAB3NADqK/H3wv+1j+2Z+1x4s8U3P7Huh+G9C+Hnhe7ayj1nxJ57PqEyfNhPK3bS6FX2CL 5FZd8gLAV7n+yP8AtefEb4lfFDxd+zZ+0T4WtvCvxS8Gwfa3+wMxsr203IDJGHeQqQJonXEjCRH3 ALtIoA/Q+iiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiii gAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKA CiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD//1/38ooooAKKKKACiiigA ryT46/GHw98BfhVr/wAVfE0T3FnokKstvGcPcTyusUMKnBxvkZQWwQoyxGBXrdfPH7VXwQk/aH+B fiT4XWl2lhqF+kU9lPLny0urWRZohJgEhHK7GIBIViQCQBXVgY0nXgqz9y6v6X1NKKjzrn26n436 J/wWB+McfjBL3xF4Q0Sfwy8v7yzthcR3iQ5/guXldDIB1Ji2tjgLnI/fPwb4s0Xx54S0Xxt4blM+ la/ZwX1q7DazQ3MYkQsp5U7WGQeQeK/l40T/AIJy/tb6t4wTwndeDDpkfm7JdRubmD7DGmcGXzI3 cuuBnCKz/wCzX9N3ws8BWPws+G3hj4cabM1zb+GtOtrBZmG1pTbxhDIQMgFyCxA6E19nxnhsupxp /Umubryu6t5nq5rToJR9la/kd7RRRXwR4x+en7cn7KXxF+NWoeCfjH8B9ch0L4nfDWaSbTvtAUQ3 cbuj+WzsrqrIyEoHUxuHZXwDkfLd/wDt4/tpfAmyltv2sv2fG1DQ4VMV3q2jl0thE3ylpJEN5asW H8JkiB9ulekftyal+0j8Bvj34F/ao+GUeseLvh9pNobHXvDdrc3BtVb98pnkt03ookjlG2byyEki Uv8AeUHO1v8A4LE/s03fhadNE8L+I9Z167jeCLRZ7KGPzZmG0RSyCaVQjE7SVV2x/AelAG74x/ay +CPwr/YK1r42/sh6TYaDb312un2VjFZxWn2PWbopHK1zAgKGeGEeaM7lcKnLIRXC+CP+CcHi74g/ CzT/AImePvjX4xg+L2v2Kail9DqLCzsbi5QSpAYseaypuCuUmTkfIFAAPgvw1/YZ+MWvf8E6/iDo Wp6K2keMPFWtReKNJ0GRDFLHFZKqrCY2OY5p4/NCI3I/dhsEnH0L4A/4KufB3wh8HNP0H4k6PrVh 8UvDllFpt14e+wSrJcahbIIvkkb5Y1kcAkSYdMkbWIG4AxvhP+0p8Uvin+wB8d9M+I+oSj4hfC6y 1bSbnUYZPLuJfLgYwzM8W3EqlXjLry2wOSWLV5N8Cf2Q/iR+0V+yjZfHX4nfGTxXH4iTTLqXwzaW d+Y7Oxi07zIrdp1KlpJJGiLO6OjlWBZi+TXXfCD4J/Eb4b/8E+v2i/iR8WLE6T4k+KdjquttYsCs sFs1u7R+ajfNG7vJI2wklVK7sNuUfa37FI/418eCh/1Ll9/6HcUAfAv7JXwO+KX7fnwSTx38fvi/ 4nt9P0J20PRLTSrpLcMbJEY3l8WR/tMpZwu5sSHZkyc8df8Asr/tTfEb4R/sW/G/WvHWqS+LNW+D erz6TpdzeyNIztM0dtaxyO7F2jS4bcASSEOwHAGPfP8AgkB/yZ1a/wDYd1P+cdfIH7OXwc1X49/s 3/tffCvQdn9rat4tnkshIdqvdWU4u4Yyxxt8x4gm48Ddk8UAcb8MvC3wG+Mnw+t/ir+0h+1rqOm/ FTxDG96iWmuRW0OjvLkxRG2K53KMGSONoVX/AFaBdu8/oD/wTM/aM8ZfGTwT41+HXxC16Pxbrfwx 1NLBNcjcSDUrCcyrbTF8ZkOYJMSnl0KlstuY/B3wX/aC/YO+GXwms/Af7UXwTs9I+KPg23XTtQtL jwxBNdahJbjYk3mSIMSyKAZDMyZfLAsCDX6I/wDBOtfE+veCfFHxK1z4SeHPhLpfiS9QaNa6NpZ0 29utPgMhSW9y580DzNsLbI84dwu11NAH1t+0F8VI/gh8E/GnxYaBLqTwzpk91BDISEluQu2CNiOQ rysqkjkA8V+Uv7Pn7GHjL9rP4WWP7RP7Q3xc8Wr4q8ZLJfaZFpN8tra6bAWZYCsRR1+YAOEi8tVR tv3ssP1M/aT+Ft18bPgL46+FenypDe+ItLnt7V5f9WtyBvgLkchfMVcnsOcGvyz/AGYv+ChPw4/Z u+C9h8Bv2nNJ1nwh45+HcL2H2M2EkhvYI2ZoDERwrbCFy5WNsB1cq3ABt/s7/Gj4x6T4I/aX/ZZ+ L3iGbxB4l+Eei6pJpeuNIwu57L7LMqMz58wlCI5EdmaQeZtLfKteU/sWfsh+Lf2sf2ftN+JPx3+K ni02Ltd2nhuz0/UjEltDbXEqyXUxkWTzZWufMC5wQigFiCoTsf2efA3xF8beGf2pf2zfiBoknhq0 +J/h7V4tDsbgEXJsEtpm8yRSMhdkcKI3HmEOwATYW89/YJ/4KG/Cn4Afs16X8M/jfZ6po76M99ca Jcw2Mk8Oq2c91LK4hcYXzI7lpYyWIj4A37gwAB6t+z1J8QviZ4M/aA/Yc+O3jbV768+GU8T6frtl dGDVLiwjkeRUM8glYx5iiJD7m2TNHuwq4zP+CTvwf0yx+AesfHeDxDrX9qTprOlDTDeD+yI0XypB OlsEDC4ygHmb+hPFekfsG/D74h/EbxP8c/2tPGmhzeHf+FtNJbaDY3KlJjYjeRIwbB2EeSiNwHKO wG0qT5X/AMEuPjp4S0X4UeI/2T/EFrf6V8QdLfXNQktrm3McflIkauhYncsqNkMjKCMGgDmvgB+1 F45+C3/BLzxJ8Wjqk+r+LpPEF1pel3GoyvdMlxdGFFcmUtu8mPzJVU5UsoBGCa9g8Ef8E4PF3xB+ Fmn/ABM8ffGvxjB8XtfsU1FL6HUWFnY3FyglSAxY81lTcFcpMnI+QKAAfm39n34GeJP2gf8Agk94 l8FeDYftXiCy8SXeqWFv3uJbPyWaFD/fkiLqnYsQDgHI+nfAH/BVz4O+EPg5p+g/EnR9asPil4cs otNuvD32CVZLjULZBF8kjfLGsjgEiTDpkjaxA3AHlemftN/Fj4l/8E4PjZp/j/VJ4fiJ8MLuLRrr U7eUw3Myi9gEcrPFsIkH7yJmH3wm4kszVp/Cv9h3x/8AtC/s1+H/AIz/ABJ+M3i3/hO9T0SK80OK 1vRHp1hDHBtskaHbvdnjVGldHjZmYklmy7eeaX8E/iN8N/8Agmx8f/iR8WLE6T4k+Kd5ba21iwKy wWzXsDR+ajfNG7vJI2wklVK7sNuUfrp+yV/yaF8Jv+xO0j/0ijoA/Mz4cftO/tC+Jv8AglT4t+JG jald6l458LXcmj/2suZb5bBZrcyXRYAs0sNvOy+b95Qvms25Sx8D+HHw6+B/xP8Ahvo/ib4DftQ6 3ofx8eG0mmi8Sa3Jp0E+oFkaeAq8QkdQd/l+XJODxu3gnHqf7DfjL40/D3/gmx4w8Z/AbQ7PxJ4n 0rxReytYXlvLdCaz+z2guDFDDLEzyIh3hcnIUgKxIFeM/G74tf8ABOj45fBS6v8ASPh/NoXxy1Gx EdvpuhabcWbx62ygEMIdtrND52d24NKydFEh4AP1J/bS+IPj/wCFH7BGrweO7u2vfiDr+l2fhqeX Tixgu9R1ELb3T2+Y4mG+LzpFGxcHgCvnT9vfw3rv7Of/AATr+H/gPwhqdzot94dvdE0+e4sZ3t5J JRazm5O+JlOJJtzkZwTXAaR4Z+JHizW/2MP2TviuZ5da8PJceNfEVvdEtJDa6fJM2lwzgknKxo1u wPQnHHNe/wD/AAWR/wCTR7T/ALGbTv8A0Rc0AZf7aXjf4qfE745fB79ij4Y+KbjwfF44sG1XXtRs nZLs2MaykoHUqwXy7acldwEjFFY7cg/GH/BRP9jjVP2avgjY618OviD4j13wTqGp21tq2j67eLeI t3ske3vISqRqnIZXAXdlx823IH1v+2foPjH4GftD/CH9u/Q9Fn8Q+GfCWmpoviK2tF3z29rKlwn2 jbwCDHduAxYKrogYgNmvlv8A4KNft1fDn9pH4IW3gD4GWmpaxpdvqFpqGt6pNZS29tZqodLe2JcD 95JK2cn5cJhSxJ2gH0x+3z+0L4n0nxd8J/2W/DfjpPhhpvjGwg1DxF4jMvkvbaaxaJUSQFWTd5Mp O1lLtsTcFLZ+Vfi1qHwj/ZX0XT/jP+x7+0teeKPEukXcH9p6BqesxalFq9vM6pIfJjSMEgnLhlYh MujIyAn6J/b9+Ft94X+K/wAHv2udQ8DJ8RfA/hrS4dJ8T6S1qt4qWa+ayzyQuGQgLcyFHYBUkSPc RkEeU/En9or9jbxraaP4I/Yu/Z+8PePPiNrtxAsVvfeFIltLWEt+984DynLDhSwcRICXaTC4IB9v /tNp8Zv2hvAvwo134e+N4fhZ8JfEtpa6x4p1kamljfR2t7FFNDDHK2zgIWBw4Duy7lKqQfzE/aWb 4IfssDQviX+x/wDtE6r4i8cWmpRLeac+tJq8F3bbWLySvbIsRAYKrpIWVw3ABHPtX7fuiR+D/jN+ z5D+0PoUjfAfQ9EtrXUrHw9HLb6VBqsYlSeOGNH3RxqBb+Wm4OYFZUbcGNfPP7aHxB/Zf8c/BN/D 37GnwrWPQNDv7W98QeLINGe0itk5gt7VrmaMTs00swJ3sB8oADbiVAPtX/gpB8Vdeh+JPwY8HePP FGt+Afgt4otmu9d1LQfME8k5yTCzRqxZY18s7cPw7P5bsiitL9nP4R22hfG7wn4w/Yq/aBi8afDo hv8AhKPDuu601zdrbFgC0FqlvuV8MWQyRxMrqAZCrsB2H7TP7S2rfDmP4Raj8QPAeleOv2a/GOi2 M2q3smmtqFxBczQny2+eQwKoV4ZI90QZx5iq24DHwvqmjfs6fFP9qf4RXv8AwTk0XVLDXNP1eK+8 QXtrDeW+l2tkk0RZ5EuWBRVTzFkRAkcit5YDs4FAH9K1FFfLP7SH7WHgz9mfVvAekeLNI1DVJfH+ oPp1o1iIisMiNCpaXzZEO3My42gng8dKAPqaivE/2iPjl4d/Zv8AhHrXxh8VWF1qemaI1qstvZCM zubq4jtl2+YyLw0gJy3QHHNbfhD4q6N4y+DWlfGqxtLiDStW0SLXY7eQJ9oWCW3FwI2AYpv2nHDY z3xzQB6jUU8EN1DJbXMaywyqUdHAZWVhggg8EEcEGvnT9lr9pjwn+1b8Np/ib4N0u+0iwg1CfTjD qAiExkgjjkZh5Tuu0iUAc5yDxX0hQB8yfFLxx8FP2Jfghrvjqy8O2Xh7QLCTzY9L0e2hs1vNQucI kcccaqgeQqNzY+VFLHha+RP2GPhF8WvHfxa8Vft2/Hqzj0TW/H9ilnomjIpBtNLPlFJXDcqWjhjV M/MwLuwG8Cuz/wCCn+sfBDS/gX4dj+Pln4gvvD03iS1MUXh2W2iuGuo7W6ZBMboFDDs35AG7dtIO Aa/Ry2eOS2ieJdiMilVxjAI4GB6UAT0UUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRR QAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFA BRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAf /9D9/KKKKACiiigAooooAKKKKACiiigAooooAKzV0bR11A6stjAL5uDOIl808Y5fG7p71pUUAFUp dM02e7j1Ca0ikuoRhJWjUyIPRWIyPwq7RQAUUV4J+0n+0R4J/Zf+F118VPHcNzd2UNzb2kNrZhDc 3M9w2AkQkdEJVA8hyw+VGxk4FAHvdFeU/BD4w+E/j58LPD/xb8E+Yuk+IIWljjnCiaF43aKWKQIz KHjkRlOCRxkHGK9WoApXOmabezQ3N5aRTy25zG8kasyH1UkEj8Ku14D8P/2hvCvxF+NHxF+CGk6d e2+r/DX7B9uuJxGLaf7fGZU8gq7OdoGG3KvPTNe56heR6dYXOoTAtHaxPKwXqQiliBnvxQBbqld6 Zpt+8Ul9aRXLwHdGZI1co3qpIOD9K8a/Zz+PXhr9pX4UaZ8XfCNhd6ZpmqS3MUcF8IxOptZmhYsI ndcEqSMN0p/xe+OOk/B/XPAWhaloWp6xJ4+1u30OCTT4lkjs5Lh1QT3RZl2QruyxAJwDxQB1Xxg8 Par4u+EnjbwpoUYm1LWtD1KytUZggee5tpI41LMQACzAZJwO9fO37C3wS8V/Br9lrwf8L/ixpNvB r+iz6jLLBviu0jM99PNEyyIXTJRwcg5Gcda93tPjV8PtQ+M178BLG9efxhpmk/21d26xOI4LRpYo k3SkBS7mVSFXJwCWxxn1egAqFbe3SZrlYlErgBnCjcQOgJ6mvLvhJ8avh98cNM1zWvhxevqOn+H9 WuNFnnaJ4ke7tUjeXyw4DMi+aFDYAJBxkYJ9XoAKpS6Zps93HqE1pFJdQjCStGpkQeisRkfhV2vK PHXxq+H3w78a+Cvh34lvXj8QfEG6ntdItY4ncym2QPM7MBsRIwy5LNklgFB5wAer0V4Bpf7Q/hXV f2ktX/Zjg069TxBo2gL4glvGEf2Nrd5oYRGpDmTzMzKeUAwDz0r3+gAqhHpemQ3smpRWkKXko2vM saiRh6FwMkfjXj/wJ+OOk/HjQ/EOu6RoWp6BH4e1u70OSPVIlhkmktEidp4grNmF/NAUkgkg8V7f QBSOm6cdQGrG1iN8I/KE+xfNEec7N+N23POM4q7RRQAhAYFWGQeCDVazsbHTofs+n28dtFktsiQI uT1OFAGT3rwv4f8A7Q3hX4i/Gj4i/BDSdOvbfV/hr9g+3XE4jFtP9vjMqeQVdnO0DDblXnpmvfqA CqVrpmm2Mks1laRW8k53SNHGqFz6sQBk/WrtFAENxbW95A9tdxJPDIMMjqGVh6EHg0ltbW1nAlta RJBDGMKiKFVR6ADgVPRQAySOOVGilUOjghlYZBB6gg1WsdPsNMtxaabbRWkAJIjhRY0BPU4UAVco oAKKKKACiiigAoryj4SfGr4ffHDTNc1r4cXr6jp/h/VrjRZ52ieJHu7VI3l8sOAzIvmhQ2ACQcZG CfV6ACivBvgn8e9C+O974zuPBunT/wDCOeFdVbR7bWHZTb6pcQLm6a2UcmKJyEEn3Xzlehr3mgAo oooAKK5Hx74j1Pwh4K1vxVo+jTeIbzSLSa7j063dUnujCpcxRFsjewBCg9Tgd6wfg58WPCPxx+Gm gfFPwNcefpGv26zIGx5kMgJWWCUAkCSKQMjjONwOCRgkA9MooooAKKKKACiiigAooooAKKKKACii igAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKK ACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooA KKKKAP/R/fyiiigAooooAKKKKACiiigAooooAKKKKAPnH47fHhvhTLZ6Lo9lHfavex+f++LCKKHc VDMFwWLFWAAIxjJPQHO+Bf7Qc3xP1K48N+ILGKy1SOIzxPblvJlRSAw2uWKsM5+8QRnpjmt+0N8C tX+Jd3Y+JfC80Q1K0h+zSQzNsWWIMXUq2CAylmyDwQeoxzmfs+/ADXPh9rU/i7xdLEt75LQW9vC3 mbA+Nzu2MZwMADPBOTXalS9l5nzkp4367ZfB+Fv8z67oooriPowr8hv2ovGvhX4tft6fCb4FeJNb sdL8J/C1D4v11r25it4JL8BXsoG85lVmX90dvdJ34IBr9bdRvU03T7rUZIpZ0tYnlMcEbSyuEUsV jjQFnY4wqgZJ4HNfkB+yP+yBofx2j+In7QX7X/w6lfxT488RXFxZaZrkFxbT6fp8PESiJ/LdQSxQ bl5SJCDg0AXv+CfXjLw/8LPj58Zf2QNK1e11Pw/Z6hJ4k8KzWtwlxAbG62GaBJEZlJiR4cqp+8sp wOa3rLxL+0h+2P8AHf4m6N8MvibN8Jvh58KNSbQYX0+zhvbrU9UgZ1mlkaTb+7Vkzt3bSpQBSS7D h/2mf2Wrf9mP4n/CD9pD9kj4d3cj+HNXaz8QaR4ftrm9nudPukw8nkp5jAeUJombGAzx56VteFNd +IX7C/x0+KcepfDPxJ47+G/xV1V/Euj33hbTnvrizvbpmaWzubdinlnLBV3MCAoIDbmEYB59+yJ4 s8efCH48fte+NPjxdw634j8FaVp15qdzaotsl/HptrcPFMiAbY2uII0faBgM2AB0rqvAmg/t2/HH 4I3f7Utl8Xxoup69bXepaR4MTTYJdKfTlL+XaSysQ4aeNcLJguoKln3Ela/7OPw2+MHxx+Jv7V2o /GfwLqfw+h+LujWNpY/2jayCOOCe0ngtwsxCpLNbwtEZlQ5SQFWVGBUS/CT4+ftD/Av4IL+ytqvw M8Vaz8TfDNvPoujahp9l5vh67iLMlrdyXzMqxxRqy7jgghRuaMswQA95/wCCUH/Jkng//r81f/0u mrpv20fi18RPhn8QP2d9I8Da1JpNp4x8eabpOrRokbi7sZ5oVkhYyKxUMGIyuG54NN/4JmeDfF/g L9kDwr4Z8c6HfeHdYt7vVGlstRtpbS5jWS9lZC0Uyq4DKQRkcg5HFYn7dXgjxp4u+I/7M994T0DU NattB+Iel3uoy2VrLcpZWsc8LPPcNGrCKJQCS74UAHJoA+XvBPww+Kc//BVLxvawfFO9guLDQ7XW bmcafblrzSWvbSQaOyk4SIIyx+cP3mFB6k1+yHjTRta8ReEtY0Lw5rUnhzVL+1lgtdShiSeSzmdS EmWOT5HKHkK3BxzX5j+Lrn4g/BT/AIKS3nxTn+HfiHxT4R+IPhqw0CHUNFsnvIrO4a5tw8lyyAiN IhCWcMQ20hlBGa/V6gD+ej9kLx742/Zj/Zc+NP7Rlz4vm1vTNB1/VdKtvDU1rFHbXOt3EljFFqLz qfNzl8PEuF2BiCDzX01d/Dr/AIKB6X8FG/aQPxzafxjBpv8Ab8vhRtKtf7J+zLH9paxDD/loIvl3 BRlvlD/8ta+ffh38GPir4v8Agj8d/wBh7xF8P9d0PxDq2van4m0fX7mzddCuHt57SS3txeHEe648 hlVwSu1ic5Uivfrv9rD9oTWfgNN8Cbf9n3xpH8XZ9IOgyzvp2zQkkaL7K18L4vt8vrIoxs3fL5hX 5yAfoV+zJ8aYf2hvgP4P+MUdqtjL4htGa4t0OUiureV7e4VCSTsE0b7MnO3Gec1+af7dHw7+I2uf tvfs+roXxGu9CPiWfVItIMdlBL/YUltb24nlh3n9+bkkFhJwuOK/RT9kb4J337O37Ovgv4Q6tcx3 mpaJbzNeSwkmM3V5cSXUwQkAsqPKUUkAkAHA6V8mft76d8QPDPxr/Z6+PnhTwTrHjnR/h/qGr/2r a6JbNd3ka3sdusRESAnDBH+Y4UEBWYFlyAfO/jnwl8ddf/4KX6p4F+EfjdPDOuXfgCxttY8Ry2Ud 1cR2ML27zTQ25IjE006RLyQFDtgggV9Efs8+O/2g/hR+2BrH7Jfxn8c/8LK0e98NjxDpGrXFolre RBZxEY5PLJ3BsSBtzPyqlSoLLWj8LdC8a65/wUc174xXPhLWdH8Ma/8ADGySK7v7Ca3iju5rixmN nJIy+WLmNQweLduUq2Rwa3NT8EeNJP8AgqBpHxAj0DUG8LxfDtrJ9WFrKbBbr7bM3kG52+UJdpB2 bt2CDjFAHy/of7XX7Q2kfsSfHT4vW2ovr/irwv48v9E0+7mt4nGm6d/oSq/lIiq4h85ypdWG5gX3 KCK1vhB4o+PWs674K8W/AT9pzTPjil5d2/8AwknhnVktNPnSzdd1xLBG5FzEUAIRQikNhjuUMtRf Ajwp+1P8M/2TfjU/wx8HND4zn+IusahBpOv6bKv9qaRNBaJKbeGfyhKJAGKNyrhGRcsRXzf8VvAW kftGX/hO2/Zp/Zl8V/CH4rw6taz32uSac+h6Tpix7mlJZWWJiG2upMUUh2/LknYwB/RpX5QWXiX9 pD9sf47/ABN0b4ZfE2b4TfDz4Uak2gwvp9nDe3Wp6pAzrNLI0m392rJnbu2lSgCkl2H6uRhlRVdt 7AAE4xk+uK/Inw1rPxE/YR+PPxWtdV+GfiLx58OPilq8niPSL7wpYHUJrO9uWczWdxDuQLksFUlh wqlQ25hGAeafsmeMfHXwa+Of7X3jj49XcOt+IvBWl6bd6lc2qLbJqC6fbTmGVEA2xtcwpG20DAZ8 YHSvRPhT4P8A27/2lvhXD+0VF8cD4D1TxHHLfaB4cs9Mt5dMitgzCBLl5NzMJducsshVSGO4koOc /Z5+GXxj+O3xH/axvvjF4I1T4dp8XdFsbTT21C1kEcUU1pNDbbZSFjmlt4miMyqcpICrKjZUbXwP /aS+O37NvwbsP2ePHnwB8Y69498HQSabpVxo9gbvRNSijJNvI16jYjRVKq5RZOBuO0kooBQ/4eD/ ABY8UfspeFr7wvpVnafGvxX4uHw/AcL9kttUG0teLE28H5JYhsbKLI5JDIu1vXZfhd+3/wDBfxn4 N8YeHviXL8btM1K/ht/E+iXtpY6YkFtIMy3NpI8qBQgB2qhU7tuVdWZV+XR+w/8AH7wH+zB4M8fa VYRaz8XvCvjr/hYtzo0bqTIZhB5lkj5AaVRbxOyqSCd6IWO3d9G65+1P+01+0BrvhL4dfs8fDDxZ 8ML19Qt5vEuveKNIigtLGxjB+028IuUlSV2yCpwsh2gBBuJUA9Y/ZX+LXxE8e/tJ/tL+CfF2tSaj ongjWNKt9GtnSNVs4rhbsyKrIqswby0++W6cd88b4G+NfxR1T9oz9q/wZqGvyzaL4B0qwuNDtjHE FsZZbCSV2QhAzZcBvnLCvILPxR8T/wBjj9rz41+JtY+FHijx54P+Lc2n6hpt/wCGLE6gyXFtHJiG RQVVCXnkVgzBhsDKrK2ap/sxeF/jrrHxY/aq+IfxQ+H+qeE7rx7o1pPp1tPbyOkiy2k5htoZwoSa aKJo0lWPJSTKMqsNtAHlfwx1j9vn4z/sjXn7Uf8AwvBtAPhmx1O80zTLfSrVzqkekmYzy3k7AASS NG8aJ5bRgIpKgsTXSf8ACV/tx/F39lG6/bPg+L0fgx9I0y41Oy8NaZpcJtJ7bSt0dxLcTSl2MlwY pJAjK8ajaAAGwv0d+y74B8deH/8Agl83w/17w5qWm+KD4b8Wwf2Tc2k0N/51zc6g0Mf2Z1Eu+UOh RduWDAjORTfhn4B8d2H/AASrvPh3feHNSt/FTeCtetRpElnMmoG4mF15cItiol8x9y7U27jkYHIo A4n45/tw+PdL/Z3+A9z4R1LSvCfjn44wW4m1rUjHHpujRJHCL67PnEooWSZSnmBlC7uGYCvIfEH7 SnjD9lvxL4P8ZWn7T2iftAeFNY1ODTvEOiiXTmv7WO4yWvbMWk0jhI9p+UkIpKhgwbKS/Er9mX4n a3+y5+zF8R9K+H//AAlmv/CC0jOs+DtTtMT39hcrEbiBra4XJkTyQBEULfOWCkqFLb8aP8bPFvhT wL+zn+x7Y+DGkvY28Raz428FWdrZWVovEscQAAkcZJHzBztCqnzEqAewfFbx3+1R48/bz1n9mr4Q fEFfBvhuTwza6pdXL2MF7Jp8SMnmy2qSAZmld0i+dsKrlhhgKT4V+If2m/Bn7S/jT9i/x/8AFObx NFrXhKTW/D3ih7CFNQ06VnEKuYuVk2t5mVd2BKKQVDMo9W8J+CPGlt/wVA8afEC40DUIvC918PIb KHVWtZVsJLoXlkxgS5K+U0oVGOwNuwpOMA0X/gjxo/8AwVA074gJoGoN4XT4dtZNqwtZTYC6+2yN 5BudvlCXaQdm7dg5xigDwX/gkp4J8c2Xhrx54tvfHNze+H4vE2s6bJobWkKwyagos3bUjOD5gkZA U8ofIAc9a+3/ANuX4m6p8If2TfiT460OZrfUrfThZ2sqHDxTajNHZJIh/vRmbePcV8o/8E7rn4g/ CXxL8Rf2c/iD8O/EOkXEviXWdfttdlsnGizW8v2eJI1usbGd9hdCpKsvGcjFfTX7f/w/1L4mfsef E3wvo0Rnvk05NRiRQWdzpdxFfMqAclmWEqAOSTigDzTw94s0r9ib/gnJoXjKxsFuZ/DXhmxultn4 WbVtXaNj5mCDsN3c5fB3bM45FfEL/GH402/wmPx6H7ZPhWX4gJZf2wfBXnaQdPKbfPOmBBN5nn7P 3eQm8v8AJuz+8r7X1/wY37aP/BN/SvDfhK5iXVPEnhnS5LVnYeWup6WYneBn6KDcW7wsx+7kkjjF fDVp4g0fR/hNa/DU/sPS3HxutbRNNFxN4Ps5tDlu4wIft73gT542I8wjGwnjzdvz0AfR1v8AtdfE HXfiJ+yx8ZLfUZNP+G3xjt7nQtY0cLG1vBrqs8EbrKymQbrl9q/PykXIBJrnpP2x/icP+Ck8Xw2G pyD4QtqLeEvK8uLyTrS2IkJ37fM8wXbCPG7G3tnivR/2hv2d/iHq37AWkeGdP8O6dZfErwG9n4ls dM8LWAgtYdUguGmmis7WANl/LmlH7sHzJcsB82K+Xb39nP4zj9gS0+KUXhnUP+F1xePD8Rm05bGc 6l9vkvfs+z7Nt8//AFO2cx4yAM9eaAPvT9nX4r/EX4x/tUfHW7/tqR/hp4CuLXw3pdgI4/JfU4gP t03mBPMLJJEwwX27ZRxxmvMf2HryT4d/tJ/tKfs3W5ZNE0TXIPEOlQH7tvHrCGWaNB2QBodoHHU9 SSfbf+Cfnwl1/wCEn7MugW3jS1ns/Fvime68Qa0l1G0VwL3UZNwE0bgMkiwrErqwBDAggdK8V/Y2 hf4h/te/tPfHq0G/RptVsfDNjOOUnfSYRDcFG6FQIoSMZyGH4gH6gUUUUAFFFFABRRRQAUUUUAFF FFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUU UAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQ AUUUUAFFFFAH/9L9/KKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoor8h9N/aI/bz+MH x2+MPw5+A0PgiPSPhhrI08trcV5HO8UzzrAd0Mjh2xA287VHTA54AP14or8t9G/a+/aS+BvxR8Mf D39tnwbomlaD41ufsWm+KfD00v2CG6IwsVykzyEbmIBYmLapLbWVWK/p5f6hYaVaSahqlzFZ2sIy 8szrHGg9WZiAPxoAuUVm6TrOj69ZrqOh30Go2j/dmtpVmjP0ZCQfzrSoAKK/PbxH+038Z/gN+x9r nxv+PmjaJqPjnTLnyodO0i7C2UyT3UVtARIrzk7PN3yBSTgY+XOR9x+DPEUPizwppPiKGWGU6haw TP5DB41eSNWZQQT0Jxyc0AdNRXg3i3W/jXa/HnwLofheDSH+HF7a37a/JcSAamk6QyG1FqnmqWUy BN+I2wu7kdR67e+JvDemWk+oalq1paWtrIYppZZ44445B1R2ZgFb2PNAG5RUFrdWt9bx3dlMlxBK AySRsHRlPQhhwR9KnoAKK5uz8ZeD9R1V9B0/XLC61NAS1rFdRPOAOuY1YsMfSukoAKKz5tW0u2ea K5vIYntk82VXkVTHH/fYE8L7nimaRreja/ZjUdBv7fUrViQJraVJoyR1AZCR+tAGnRWJq/ibw54f eCPXtVtNNa5bbELmeOEyN6IHI3H2FX7rUdPso45ry6igjmYIjSOqhmbkBSSMk9gKALlFVLu/sbDy zfXMdv5zBE8x1Tc56KuSMk+gpbi+srR4Y7u4jhe4bZGHcKXc/wAKgnk+woAtUUVyWu+MNC0v7bpk ep2Y1qC1luI7N5k89giFgfK3ByvuB070AdbRXyL+w38c/GX7Rf7OGgfFjx/FZwazqdxfxSrYxtDA FtrmSFNqO8hB2qM/Mea+ndK8U+GdeuJ7TQ9Xs9RntTiaO2uI5njPo4RiV/GgDdoqvdXdrY20l5ez Jb28KlnkkYIiKOpZjgAe5qlpmvaHren/ANraNqNvf2PP7+3mSWL5eT86Erx35oA1aKrW15Z3lst5 Zzxz27gkSRsGQgcHDDjjFVhrOjmzXURfQG0dtqzeanlls4wGzgnPGM0AaVFZMWv6FPqsugwajbSa nAoeS1WZDOiHozRg7gD6kUy38R+HrvVp9BtdUtZtTtl3S2qTo08a+rRg7lHuRQBs0VQ1LVNM0azk 1HWLuGxtIuXmnkWKNR7sxAH4ml07U9N1izj1HSLuG+tZRlJoJFljYezKSD+BoAvUhAIIIyDXP3ni 7wpp1pBf6hrVlbW1y/lxSy3MSRyPnG1GZgGOeMDmvM/2h/jPZfAX4LeJ/i5LZpqx0G0NxBaGcQfa pCQqIJMNjO7JIUnAOBQBz/7PfwHuP2f28Z+GtE1dLnwRrGryatoWliEo+ji7G+6tVk3kPB5vzxKF UoCwO4nNfRteafBvx7/wtD4U+EPiDJ5C3XiDSNPv7mK2ffHDPd20c8kQOSRsL4AY5xjNel0AFFFF AHI+PtL8Va34J1zRvA+qx6Fr9/ZzQWWoSxGdLSeRSqzeWGXcY87lGQMgZ44rjfgL8GvDfwB+E/h7 4VeGCZrfRoMTXLLiS8u5DvuLmTk/NLIWbGTgEKDgCvYKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooA//T/fyiiigAooooAKKKKACiiigAooooAKKKKAPif9qb4r+LvC2r6d4O8MXkmmJPai7nnhOy V97uiorjlQNhJ2kE59qyP2YPi54y13xTN4M8S302rW01u80Ms7GSWJ48ZBkOWKsD/ETg4x1OfpD4 q/Bjwz8V4LZtVkksr+yBWG5hwWCMclHU8MueQOCD0PJzT+FHwN8L/CmS4v7CaXUNSuk8trmYAFY8 glEVeFBIBPJJwOa7VVp+y5banzksDivrvteb3PXp2se10UUVxH0YV+Vn7B3/ACdj+2N/2M+nf+jd Sr9U6/I+z/Zc/bu+Fvxx+LvxK+AfifwLZ6T8T9XGoPFrLX8twkcLzNACsdmyIwE7bgHYHjB4oA6D /gsHcaXD+yVDFdgHUJvEWmjT8Y8wXIWZiU758oSDjnmuH8feD2/a1/b5T4B/Gqee58DfDDwla61N o0MzwW2o6pc/Z98kvlMrMo+0AZzx5e0YDvn0Pw5+xZ8f/ix8V/C3xR/bT+IuneLLTwPOLvSfD2h2 zQ6cLoMrrJM7xwlgGRSVMbF8BS4TKt6V+0H+zF8W7/44aN+1J+zF4i0zQ/H9jYHSdSsNbSZtL1aw 3blSVoA0ispwMADdtQh0KZYA+bte+Gvhz9in9uP4N2vwL87Q/B3xm/tDS9Z8PpPLNZ+dZrH5dyiS OxVt06EH+EK4XCuy1+xlfnd8NP2Yfjl43+P+jftLfta69o13q/hG1kg8O6B4bWcabYvOrLLNK9yP MeTDZ6tltp3bUVa/RGgD+Yqx8C+E/EP/AAR61DxnrOnJc614U8QzPpdyzOGtmvdTs4JyoVgp3xna dwOO2DzX9A/7O3ww8B/CX4R+H/DPw70iPRdMuLaG+khjeRw1zcxI0shMjM2WPXnHoK+FPCP7BHxG sv8Agn34k/ZJ8Ra7pMXifVb1763vbV55rBXS8hu4kdnhilAbydjkRnbuyA2MH7d/Zs0X46eHPhbZ eH/2hJ9FuvEmmuLaGXQjMbd7GGKNITL56IfOJD79o24wRjkAA+Pvjt/yk8/Zn/7A3iX/ANN95XzP +y1+yp8KP2h/j/8AtN638Z7GbxJpOg+P9bt9P0t7u4gs4bi5vLg3FyUgkjzKyJEgbPAXuQpX9D/i V+z14z8Y/ti/CD9oXTL3T4vDvw/sNXtb+3mklW9lfULWeCIwIsTRsoaVS2+RCADgE8E/ZY/Z68Z/ A/xn8bfEXiu90+7tviT4wvvEGnLZSSyPFa3UssiJcCSKMLKA4yELrnOGNAHzh/wTc0ub4eePf2jP gRpV7PN4T8BeKo49Gt55GlNrDdG53IrNz92JM+rAt1Yk/Rv7ecfhm4/Zt16w8Z/Ep/hZoV5NbxXm qQWz3dzPDv3GygiikjkZ5yoB2E/IHDKULEO/Zx/Z68Z/CD4y/Hb4ieJb3T7nTfifrVtqWmx2kkrz www/aNy3KyRRqr/vVwEZxweemYP25P2ZPEH7Unwk0/wr4O1m30XxF4d1e31vTnvVZ7Oae3jli8qc KrkKRKSG2PgjG0gmgD8Pf2lJ/wBmCw+Dun+Mv2V/g3428Gat4XvLGe18a3Fpc2ljgOEG+5kuJPMk kYhkOxWDAYIXIr+nXw3ez6n4d0vUbohprq1glcgYBZ0DHge5r8nfjz+y/wDt+ftZ/DKbwP8AFnxV 4H8K2tg0Vza2Gix37RaleRMFDX08yyNDGiF2QRK+XxuTgFf1V8E6frGk+DNA0rxD5H9q2Wn2sN39 mdng+0RxKsvlM6ozJvB2lkUkYJUHigD8fPiH8DPCX7Qn/BUvxD4G+IJuLnwvZeCrPVL7TobiW3i1 D7NNBHDDOYWRmjWWZZcZHzIK6P4OfDrwx+y9/wAFI9d+FnwoSfSPA/ifwKdcuNIWaWeCO6iuPLDx iVnbcPKYrliR5jKMKQB9g6B+z14z0r9uTxL+0zcXunt4X1nwfH4fhtlklN+t0lzbTF3jMQiEW2Fh kSlskfLjJBd/s9+M5/25bP8AaZS908eF7fwefD7Wxkl+3m7Ny828R+V5XlbWAz5u7P8ADjmgD8W/ gd4s+Fnxyh8W/Gf9p34IfEf40eKPFmo3KwXuiaXcXukadYrjy7Szkju4drREsCMHYAoXB3FvQtH+ H/xT+IP7Evx1+GmteHPFei6N8LdTtvE/gJ/FVhPZ6lFp8Bmke3UyfK7QW0UgxExCNLxwVWvtTw1+ zF+2J+y7rHinQf2SPEHhPVPh54mvpdQtdL8UreLPo1xccOLdrYEPGqqoBZjnAzHu3M30z+yz+zt4 0+EfgfxJbfGrxlP8QfFfjm7lvNYklllksIhKGBtrSKXG2L53LEIm7IG0KqgAH5E/txfFHxV+1Z4c +Ftz8OrnbceDPAMnxL1fyeRFMZIYHU44V7d45CPQMexFfXC+N7P9sD9s34CDTts/h34f+EE8e36L 9yPUdWjjFtC3/TSF/IkAPIG73rsf2L/+Cfmr/s9P8VbL4marZeIdO8ZWp0TS1tZppZINEZrgyRTC aKMI8vmoWRC6BlJyc89T/wAE9f2K/Fv7JWmeM7z4jatp+ueIfElxaQQT2Es8yR6bYRlYELXEUTKx Z23IoKhVTDHGAAfYnx98c6j8Mfgd4/8AiJo67tQ8N6DqWoWo2bx59tbPJEWU8FQ4BbPGM5r8t/gJ +wb8IPjD+yZZ/FjxubvUfit47sZ/EDeKmvZ1vLXUJy8sDx7ZAgER27wQSx3EkfLt/YbxR4c0jxj4 Z1fwjr8P2jS9ctLixu4skb7e5jaKRcjkZViM1+Wvhj9mP9vD4Y+BtR/Zp+G3jzwsfhdcNc21hruo RXbeItN0y7djJDFHGqwNKodthYkAk7XjGwIAfCPgTxD4p1b9h79m79nnQdWuNB0/4weNr/SNWvbV tkv2BdS2SQhv+mhmDY/i2bT8pYH6t/bQ/ZG+Ev7KfwQg/aN/ZqtJvAfjT4a3mnSx3Vtd3Ehv4Li6 itXhuVlkYSBjKGbj5lDIwKtgei6B/wAE7/GLfsdeDfgprfiey0X4lfD7WbjX9E1vTGmuLW3vGuZJ 4lJljhkKsrLuOzKOoYBguGv+Mv2Z/wBtT9p+z0T4b/tTeKfCekfDvTLuG51OLwot5/aGtG25QSNc oEiUtz8oUBvm8s7UAAOG8a2th+2v+2t4W+DfxLe4b4c+FPA1p4vm0JJHt4b7Ur0wgGUxssjKiXUY HzfLsZRje+fZ4/2J/Dv7PWvfEr4l/BjXpfDngjXfCWo21/4R8uW4tpLwW8hW6jnlnJjK4G1fLbGX UMqsFHUfHz9lr4ny/GDwx+0l+yzreleHvHPh/Tf7EutO1lJjpOp6YpJSKQ24aRCnQAKN2EIdCgJx PhX+yz8bfGfxl1H9oH9rrXtIvdb/ALFudA0nRvDgmWwsLO8DrO5knAdpSskijO/72S5wqqAL/wAE 7HSP/gnd4KkdgqrYa+SScAAalfZzX5e6nLLB/wAEYfD80DtHLH4oZlZThlYalOQQRyCD0Nfbfw5/ ZL/bu+Fvw/vf2YvCnxA8Jw/Cq5luootae3un1+10++kZriOCDaIFkfzHbDM21mJWUcYmvv2AvjFd f8E+tN/ZQj1nQR4ts9YbUHujcXX9nGI3ck+BJ9l87dtcDBhAznnHNAHz9+3F+x18PP2Y/hD8Pfih 8G7rUND+Jdt4ksLC88Ri/unvb2a+hnM1xIWlKrI0q78oF4LLgg12n7VP7Lfwm/ZM1j4A/FH4JWdz o3iePxzpWlX1+15cTTalFdB3me58x2UtIY2D7QoZZGUjbgD9AP23P2evGf7Sfwu0HwT4GvdPsb7S /EenavK+oySxRG3tFlDqphimYufMG0FQDzlhS/tjfs9+M/2hdG+HGneDL3T7KTwh4x0zxDdnUJJY 1e0s0lWRIvKilJlJcbQwVTzlh3APzR/aU8e6D8UP28/FHgf40eBPGXxQ+H/ww06zTT/DnhSylvI/ t93bwzveX0STQkL++dFYN8wVB90MG7X9kq41TwT+2Xbab8DPhV4/+Hfwd8baZcLq+m+J9Jurawst WtopJo7mCRpJ0jEgiSMF5MlnZAMFAv1n8a/2YfjZpn7QZ/ao/ZU8Q6Rpvi3VNPj03XtI8QLOdN1S CFVWNy9uGkWRVjjUABfuAh1y4fR+BHwF/aXn+N95+0L+0/42s5tRjsTYaX4b8NzXaaLaxuCGklSb b5jgM2Awc5bcX+VQoB+fv/BOH9ib4H/H79mufxv8adNufEt5dX19p2mh765ij0u0iIYi1SKRVV3n eSRiQQSRxy27lfCfh+z8ff8ABKL4iWXxBDa/P8Kde1K30Ce4kcvZ/Z2t1QphhkKtzKqq2VCtgDAG P1g/YV/Z68Z/sxfAGz+Ffj290/UNWt9QvLppdMklltylw4ZQGmihfcAOfkx6E14p8Mv2I/Hfh/8A ZB+K37OfizW9Mj1fx5quq6hZ3dk009tCt2sBtxN5kUL5Dw/vAqkAHKljxQB9B/sT/DDwH8Mf2avA i+BNIj0keJdG0rWtR2PI/wBo1C7sLfzp28xmwz7RkLhRjgCvq6vlz9kXwV8f/hv8JbD4ffH660G9 u/DcdtpukzaE07K2m2lvHDF9pM8ceZsocsoAIIyAc19R0AFFFFABRRRQAUUUUAFFFFABRRRQAUUU UAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQ AUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAB RRRQAUUUUAFFFFAH/9T9/KKKKACiiigAooooAKKKKACiiigAooooAKKo6jqem6PaPf6tdw2VtHjd LPIsca59WYgCmaXrGk63ai+0W9gv7YnAlt5FlTI7bkJFOxPMr2vqaNFFFIoKKK/FW9m1r9sH9sT4 rfBz4ofF7W/hv4c8AzwWOi+GtEv49LuNVVwRJcs7BhOMqr4KOwWVQuwA5AP2qor80vhf8Gf2lv2a P2jPD3hnwp4q1/4ofBHxNazrqTeILyK7vNCuYUbyWSWRo2KO+wYiQAqX3IWVWPh/w/8A2yfBHwH/ AGoP2nLX45eL9Rkszrej2/h/Sx9p1CQbIrxrhbO2XcsSD93vI2LkoCclaAP2dor54+EX7VHwP+Of gHWfiR8NfEI1PSvDqO+pI0MkV1aeXGZT5kEih+UVirAFXwQpJU47n4Y/GDwJ8YPhnp/xd8CXsl74 Y1OO4lgnkhkhdktZZIZcxyKHGHiYcjnGRwRQB6dRX5X/ALXn7ePhez/Y6k+KvwB8R3drqvjGZrLQ r4afKCrWl3FFfbvOjKwsIi4RnAy2Ch3Yr7h/Z2+L/hj43/CfRvG3hW6uby38tLWeW7t5baVrqCNB MSsyqzAsfvAYbsaAPb6K8l1/43fDvwz8W/C/wP1i+ki8XeMba6u9NthBI0csVmjySlpVUohCxsQG IzjjqKXxd8bfh34G+JPg74TeI76S38SePftX9kwLBJIk32NA826RVKJhTxuIz2oA9Zor4b8W/wDB RX9lrwfrWt+F7zXr2+8QeH9UvdIutMsdNuri7W409tlwwRUx5SNkCQsFbB2k4OPo74NfG34Z/H/w RB8QvhTrKa1o00jws4R4pYZ48b4popArxuuQcMOQQwypBIB6tRXP+K/FfhvwN4b1Hxf4w1GHSNF0 mFri7u7hwkUMSdWYn8gByTgAEnFfCtv/AMFQf2Qp9Us7SXX9StNN1CXyYNWuNIvIdOdycf614wwH qSgAHJIANAH6FUV8/wDxh/ah+CHwEu/DNt8VfEkeiR+Lor2bT7ho5JbeSPT445ZiZI1ZRlZUCDrI zBUBJxXmnwf/AG+P2Z/jf48i+GngvxBcReIbtWezt9Qsp7L7aiLvJgaVQGJUFgpKsQCQpANAH2XR Xy38d/2x/gR+zrruneFPiHq9w/iDVIvPh03TrSW+u/s+SPOdIgQiZU43EFsHaDg4+Rf2Yv2gNO+O n7fXxL1fwD4tu9e8BTeENPnsLZpbhbWGdWtUmItJdoilD7w/yBsk9QckA/V6iuJ+I/xC8LfCjwNr PxG8bXD2mhaBAbm7lSN5mSIEAkIgLNyRwBXxnqX/AAU+/Y303VLTT38X3FzbXPkh7+3066lsrd50 WRY5ZljI3hW+YKG2EENggigD9AqK8u8f/Gv4V/C74dn4seOfElppvhQxRTRXxfzEuFnXfELdYwzT NIvKLGGLDkDGa8F+Ev7e/wCzT8ZfGVr8P/DOv3On69qSl7C21WynsPty9jbvMoRyw5VdwducKcGg D7Lorx7wN8d/ht8RPiF4z+Fnhq/lfxN4Blhj1a0nt5YGj8/d5bxmRQJUYLnchIwVP8Qylp8ePhnf fGTVfgNaak8vjDQ9MXVr6AQSeTbWjlNrSXG3ylYiRCFLZwQcYoA9ior4G1T/AIKZfsgaX4hn0RvF dzd2lpcfZZ9WtdOurjS4ps4Cm6jjKsD2dAykchiOa+hvij+0l8Gfg74K8O/Efx14iitvDHiq9tbH T9RgVrm2lkvYnnhfzIQwETRxs/mH5QBnPNAHudFfNn7Pn7WfwT/afbX0+D+qXOpHw08S3hnsp7ZQ txv8l1aVFUh/LfAzvGPmUcVt/Hf9pX4P/s36Rp2qfFXWWsZNZmaDT7O3gkury8kXG4QwxKzELuG5 jhQSoJyyggHvFFfMPwI/bB+A/wC0Zq2o+Gvhxrcp8QaTH511pV/ay2V7FEGCl/LlUb1VmUMULbSR uxuGfJtb/wCClf7JujG5t4/EF/ql/ZXN1bXNnY6ZdT3MH2Ngk0sqhAEiBPDkjdg7c4NAH3vRXmPw 7+Mvwy+Kvw6g+LHgbxBbX/hSeKWY3zEwJCsGfO88ShGiMeDvEgXaOTxg18pJ/wAFNP2Pn8QjRR4r uRZG5+yDVzpt2NK8/dt2/ajHtx3342Y+bdt5oA++6K8l+Kvx1+E3wU8Br8S/iV4kttJ8OSmNYLn5 p/tLzKXjS3SEO8zOoLAID8oLfdBI+fPhv/wUJ/Zm+Jvj7T/hrper3+ka7rLKmnR6tp1xYpeu5wiw vIu3LnhA23ceFyxAoA+3aK/Nz4PeNPEc3/BRf9ovw7rOu3b+HdE0XQJrazuLqQ2VpvsbV5XjidvL i3EszsoGSST1NfWHwZ/aN+FX7QEmvN8KNQuNasfDtybS4vxaTxWMk4JytvcSIsc2ANx8ssApVujK SAe50VzHjPxn4V+HnhfUfGvjfVINF0PSYjNdXdy2yKJMgAk9ySQqgZLEgAEkCvjbwZ/wUm/ZK8be KLDwtZ+J7nTH1eXybC81PT7mysbt84wlxKgReeMybBnA6kCgD7wor8T/APgpT+0jo7fFb4efs7Qe M9f8I6LHqTyeM5tFiuYbo2kkNvLbJbyxofPzHNISib1V9pdCVAr9Tv2ffD/hbwz8FvB+meCNU1TW 9AksI7yxvNakeXUZre+Juka4aRI33YlxtZVKgBcDFAHsVFfkh8Dv27NN8e/tvfED4f6r4g1C48J3 66ZpnhOx/s6aOOO6EYN20wEQZC0u/Ek3BXAU7cV5X+yf+3v8Lvgx4J+Iel/H3xnqeq+IJfHmuNZ2 pW61S6h0yKK1VWydwit1cSbQWUZD7QcNQB+4dFfHfxC+Nfwc+NP7JXi74meD/iDc6R4PnsZo59e0 mOYX+nNGyiTEI2TpMmR8hCttYMPlIJin/ab+Bn7O/wCz/wDC/XPHfjO71ay17RNLi0a5lt57jVtb UWkJW4NuoeXzJFZXlL4Cu4Vm3MAQD7Jor5h+BH7YPwH/AGjNW1Hw18ONblPiDSY/OutKv7WWyvYo gwUv5cqjeqsyhihbaSN2Nwz9OkhQWY4A5JNAC0V+f3iT/gpv+yP4d1K8sofEF/rdrp03kXWoaZpl 1dWELg45uAgRx6NGWB7Zr6bvv2hfgzp3wdX4/wB34qtV8Avbi6TVBvaN0Z/LCqgXzDIZPk8sJv3/ AC7dwIoA9mor899P/wCCoP7H93ZS3l74kvtKZPKaKG80u7iluY5nCLJAuwiRcnnByBkkYBI+hPjp +1L8Ev2c10yH4pa8bLUNaLCxsLaCW8vbnacEpBArsFzxubCk8A54oA+hKK+VPgR+2f8AAX9onxFf +DPAGrXMHiXTYjPNpep2ktjdiFSAXVZBtcAsMhWJGQSADmvK/g98UfhR8NY/2h/iFf8AxK1rxXpf hnxTfy63FqFvcsmgyJNIr2VkrFzJBGx2r5Q24UYGKAPv+ivz91L/AIKffsb6bqlpp7+L7i5trnyQ 9/b6ddS2Vu86LIscsyxkbwrfMFDbCCGwQRX3ppmp6drWm2msaRcx3ljfxRz288LB45YZVDo6MOGV lIII4INAF6iiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACii igAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKK ACiiigD/1f38ooooAKKKKACiiigAooooAKKKKACiiigD89f2ybrW/wDhKdDspS40gWZkiHPltceY wlPoWCbPoD71ifsh3Wtp8Qryzsi502WydrpefLBVl8pj23ZJA74Le9foN4i8LeHfFth/ZniXT4dR tgdwSZQ21vVT1U+4INReGfB/hjwdaPY+F9Mh02GQ7nES4LkcAs3ViO2Sa7FiV7PksfPSyWbxn1nn 038/Q6SiiiuM+hCvyxuvAn7Gn/BRvxb43sfEvha+0Px78PL+TRb2czJYasUt2MYm2wySxyxB1ZEa ZGK7cfKCAf1Or4c+OX7AHwU+Nfjlvinb3useA/GsibZdW8NXa2M1wwxh5wY3VnAGCy7XYYDMcDAB 8WL4Y+Jn7AX7T3wd+HvhL4oar45+HvxT1I6TJ4f1mUXNzYqXihE8fIVVRplffEkX3GVlYV6x+xx4 X0O+/bu/ax8X3dpHLqukajpVpazsgLwxXq3LThGIyu8wR5x1xzX0L8DP2Dfg78E/HH/C07jUda8e +N1i8qLWPE14L+4tgQQxtwEQIWDEbjuYAkBgGbPsXwx/Z68F/Cf4l/En4qeHbzULjVvildWd3qcV 1JE9vDJZLMsYtlSJHVT5zbt7yE4GCOcgH51fDnTbTR/2tP23NG0W3W1tZvD9jcGGJQqNNNpryu20 cbmeV2J7lie9ew/8E+tc0rSv+Cb3hjWL65SO10rTfEUly5YYiWK/vnbdnpheeexBr6w8H/s6+BvB fxl+IPxw0+5vrrW/iTDZQalbXLwvYoljEIUEEawq43Kvz75HBOcYHFfKth/wS9+BmlapeWmm+KvF 9r4F1C7F7c+D4tYaPQp5AwOyWFYxI8eAFw0hfA+/QB+fWn/8oQNT/wCwkv8A6kUVfvz8OyD8P/DB ByDpdl/6ISvnTQ/2Kfg/ov7L95+yVJcapqPgu980tNc3EX9oLJJdfbFkWWKGOMNFMFZMxEcAMGGc +m/s/fA/T/2e/h8nw70rxPrfiqzhuHmiuNduUuriFGREWCNkjjCwoEyiY4JODjAAB8W/HWWK2/4K ffs3S3DCNJNE8QxqzHALmzvAFye5JAA7kgVT/ah1Sxm/4KK/ss6LHKrXlpFrs8sYI3LHcW7LGxHX DGJ8fQ19W/tKfsl/DX9p630C48XXep6Dr3hWZ59J1nRbkWt/aPJtLBXZXUqWRG5XcpXKMpJz5V4A /wCCefwi8C/Evwr8Zp/E/inxL448MXF1ctqusakl7PqBuYBbiO7MkJJjhXcYhGUILtvZxgAA8U/4 J5aP4Rb4/ftZa+kcL+KE8f6pbSOcGaOwa9unjC91SSUPuxgMUGc7RjU/Y+t7DS/25f2rdH8CJEnh GO60WWZITiKPVZIpDcBVHyhjMbgPjHKgEcYHzd+zh+yxo3xy+Nv7S/i6Hxp4o+H/AIj0n4h65Yx6 j4Z1E2Es1nPdzO8Mw2sHTcNwxtOeSTgAfrX+z/8As8fDf9mzwQfA/wAObeYx3E73V7fXkgmvr+6k +9NczBV3NjgAKFA6Ac5APJP2+vHfwm+H/wCzL4i1P4z+HJfF/h+8ltbVdHiu5bI3120okgjaeFle NFaPzGYZwE4VjgV+b37Yd5+2Vqf7HOuD4qeE/Anw5+G9jb6WkOkQS3N1rK7bmBLSCBlZrdGT5d2M EIrDpmv2R+OXwQ8A/tD/AA31L4W/Ei2kuNH1Io++B/KuIJom3RzQvhgroemQQQSGBUkH41m/4Jjf CvxHoDeGfij8RPHfj3Tra3e30yDV9b82DSyylEntYREIxNGpIUurpjgx4AFAHzR8a/D+keM/F/8A wTy0XxHbpf2F3ZmSaGZQ8cvlWWkShXU5DKWUZB4I4Ne5/t56bYw/tI/ska9DCseoDxmLTzlADmB5 bUmMsOSuc4HQZPqa+n5v2Qvh3dXnwTv7zWdauJ/gPDJBobPNbZuY3iggxfYth5hVLdADF5XcnOa7 X4u/s9+C/jP4t+HfjPxTe6ha3vwz1ZdZ01LOSJIpbhWjYLcCSKRmjzGOEZD1+agD4n/ZGt7DUP27 /wBqrVvFscTeL7K80qCwMhzNHpDRygeVnkKyJbeZjgHYO/Od8B9H8I6J/wAFTfjra+EI4YIpvDFl PdxwACNb6ZrJ5+F4DMx3v/ts2ec19O/HL9i74f8Axn8e2PxZ03xFr/w78c2dv9kfWvC96LC6urbo I7htjb8DgMMNjCklVUBn7Pv7EHwl/Zu+IGsfEvwPqmu6jrev6f8AYL+TVr1Lz7QzTLPJcu3krIZ5 HUFzv2dcIDzQBP8At9/8mbfFj/sCyf8AoaV8+3fgTwpp/wDwSUOjW2mwLaS/DSLV3QRrhr6XT1v2 nIx9/wC0HzN3XPOa++vi98L9A+NPw08Q/CvxTcXNrpPiW1a0uZbN0S4RGIOY2kSRA3H8SMPasC5+ BvhK6/Z/H7OEl3fDw0PDieGPtAki+3fYo7UWYk8zyvK87yxkt5W3dzsxxQB+GXxkfxtrPwj/AGCv Deif2VPDewK0EPiFpjos+pQJZJZpfLD8xjAYooHUOy9M17T+134G/bK8YaH4Lvfj14k+D/gdtC16 1u9D1W2utXsr1b+IMywQzTRzYV9oZlC9UU5BUV+kHib9jj4L+M/2fdA/Zu8WW95qnhzwxbwQ6bdy TKmpW0tshjjuEmjREEoViD+72MCQUI4rybwZ/wAE7PhnovjzQfH/AMQ/G/i/4o3PhRxJo9r4p1QX 1pZOhBRljEaZZCqkDIQkAlDgYAPKf2ir6w/Zd/bp+HP7S17Mun+D/iZYT+FPE054ijuYVD2c8p6A ttiGeyQv0zz85eCbLxj4k/Yu/af/AGxpYpbfxL8Ymv5bM5Ilt/D9nIbZUVhyAsZmU44KRoc9DX64 ftGfs8eAf2n/AIZ3Hws+IzXcGmy3MF3HcWDxx3dvPbtlXieWOVASpZGyh+RmAwcEdz4P+GnhDwT8 NNK+Emk2Sy+GtJ0yPSUt7gLIJbWOLySJhgK5kXPmHHzEkkc0Afjv8DfDH7Zl1+xvoOg+EbT4N/8A CqNT8ONJM2pHVxKbWaItdS37R/uRcK28zsPlWRWxgKK8R+K3gSew/wCCdvwJ+HGu+KdJ8Z2B+Jlp ZRahol1Ld2b2lwuo/u1lljibMZdkK7QFwAOlfoJff8EvPhIbe98MeHPiD458O+A9Tna4ufCtjrWN Icucsgikidth6NvLsf72QMfRHjz9jz4O+Ofhf4E+D0UV54c8MfDrVrLWNLg0qWONvtFisqoszTxT F1kMztKeHdzuL5JyAfSGj+H9C8PW62mg6dbadAkccSpbRJEojhG2NMIB8qDhR0A6V+dP7aPwwvfH nxu+FHiD4PfEjRfCXxt8MR302h6TrWJIdStJkbziI9kpUqscgDeWcjOCrIrD9La+X/2j/wBkv4Z/ tMx6HfeK7rUtA8ReGJHk0vW9EuRaajal8FlWQq4KkqDgrkHlSpJJAPiv4NfFvx5pv7ZnhzwF+1t8 JdF0T4seItGuIdF8V6HMXjurO1SaVo5I/NlADLHINxIcEKDGFKldP/glTo3hBPDXxn120ihbxLce O9Ttr2TA88WcaxvbIe4j3vMV7Ft3XHH0v8Ev2Jvh78HviC3xe1fxN4j+Ivjr7MbOHWPFGoG/ntYH 3B0txtTYGDEHcWIBIUqGYH82P2KP2RNC+N/hr4pePIPHXiz4f68vjrXNIuZ/DWpmxW909EtpkhuE KOG2vNIVIx9453YGADzPxRcah4b+BH7eGlfC7Fv4Pt/Fmmw2gtGKxR/aNQ8rU0iCfL5fl7IyBx5Z I+6BX0Ja+Df2ytV/Y5t/CEifBax+EF34Wj/0mZtYTydPktg4u3kwY1uFz5pkwcTfNya/UD4Z/s1f B74U/B2X4FeGtDSbwnewzw38V2RLLqBul2TyXUgCmR5F4JwMABVCqqgfIk3/AAS4+Ekll/wiEfxE 8dxfD03BuP8AhExredIBL+Z5YjMRbZn1Jkzzv3c0AfNGreJvDnw7/Zy/Zd+G2teG9L+PXxPnvrlP B72OrXCaIkljd7Ibhpm8kSrDG0EQjljCArINwVTu4j9sO9/aqvfHn7P+sftJweDNGU+NtP8A7K0/ w+11LqMeJoTO8805ZDGP3YPltgttJ6V+pPxq/Yq+DPxn8F+DfBzpe+ED8Oyp8OX2gzi0u9MChBth dlkGD5UZJI3blDBg3NeNaj/wTL+EfiZrLWvHvjzxv4q8Xabd2t3a+INS1hLrULUWhLpBCJoJIFhL kOymNm3AYcDIIB+a/wC1f8O/j/8AE39sH9qHw/8AA+7EVrb6Fod5rtojlLnUbG30yyYWcOxS7GQ5 YoCocLsJO4K37MfsT/EH4SfEf9m7wjrHwY0uDQNCs7cWc2lQHJ0+9hA+0QSE/M77zv8AMf5pVYSH l67fwn+z14L8HfHfxx+0Lpl7qEviPx/a2Npf280kTWUcdhDHDGYEWJZFYrEpbfI4JzgAYAwPg7+y v8PvgT8R/G/xC+HWoapZQePZvtN9obTQNo8Nzu3efbQiBZYnyXGPNK4cjbhUCAHyN/wVidH+EHw2 03XJfJ8I6h470mDXG3FF+xmKdiHYEYTALE9mCnOcV6X/AMFIPDfw7H7EHjS21iztLey0W1s20dVR EW3uknijtltgMbcg7MJ/yzLD7ua+wvip8LPAvxp8Cap8NviRpi6toGsIqTwszIwKMHR0dCGR0YBl YHII9MivivQf+Canwktb3RIfHPjfxn8QPDXhiaObS/D3iDVxdaRbGIYRTbrEgZVHAXhdvysGUkUA fOPxCv8AXdU8ff8ABO7U/FDSPrF3Zyy3jSkmRrh9O0tpC5bneWJLZ5zmv2krwb4lfs7+CPil8Rvh p8Tddur+01L4V3N3daVDZyQx20rXiwq63CPE7MqiFdojePHOSeMe80AfmH+zuQP+Ckv7UKnqbDw0 cf8AbjDXN/8ABKrwpoCeEvjR4w+xRHVtR8f6vp005RTI1raxwSxxFsZ2B55Dt6ZNfUPiP9jH4fa3 +0fbftPaT4j8Q+G/FBezbULbTL1IbDVBYhEjS7iaJ2ZGSNEkQOFYKCAGyx9I+AP7PXgv9nLQPEXh zwReahe23ibXbzxBctqMkUrpdXqRJIkZhihAiAiXaGDMCTljxgA/HLwRZWuj/sh/txeH9LiW207T fF+uRW0EYCxxIkiIqqo4ACooAHYCvV/EHwwvfHngf9kTxB8HviRovhL42+GPBGmTaHpOtYkh1K0m 0uLziI9kpUqscgDeWcjOCrIrD7wsf2LPhZYeAvi18O4dU1ltN+Mmp3eq6vI09uZ4J71t8i2jC2Co gP3RIsh9SazPib+wt8Hvif8AD34feB76/wBZ0e/+F9ha6doOv6bdJbavBDaQxwrvmWLy2LCJWbEa 4bJTZk0AfLfwa+LfjzTf2zPDngL9rb4S6LonxY8RaNcQ6L4r0OYvHdWdqk0rRyR+bKAGWOQbiQ4I UGMKVK/pn8WvEPhXwl8LfF/ifxykknh3StIvrnUUhZlle0igdpkjKsjB2QELhlOSMEHmvnb4JfsT fD34PfEFvi9q/ibxH8RfHX2Y2cOseKNQN/PawPuDpbjamwMGIO4sQCQpUMwP1d4m8N6J4y8N6r4R 8S2i3+ka3az2V5bvnbNb3CGOVDjBwysRwc0AfjB8MfE37Tnir9mO8PwG+GXgX4T/AANudN1SeH/h IL691K7fTn803Mp2MSzP8/M64xgZ27TXyN4Hlsr39lL9kPQ/GoR/AN38SrxdZE5xbcX37pJs/L5b RvOWz/DuPrX6oeHv+CZHwq0SyXwhd/ELx1qvw9jnM6+EZ9bKaK25zIY5IoY42aPed2AytnksTkng fj58FPhT+yX+yOvwvk8Daz8V/hfda/5+qrcXqDUNBt7oFje2r29qpKwSLlQ2DmQh5NjEAAp/8Fgd L8Ef8M8eFr7VIbePXbTxJZRaS2FEwR45PtEaY58vYoLAfLlUzztrb+PfxJmP7auneEv2efhXYeNv jfonh0yXOua1qM1vY6TpUrZ8tYBIEZj5wLOoVwJdo3bmx+bXjv4c/s2fHjU/A/wv/ZL1zxl8WPFt 7qloJdQ1+e8ks/DmjRZa4jXz4baNFPynowwmFbcVDftZ8c/2JvAXxo+JNh8ZNO8UeIvh945srYWT ar4avhZTXFupOElyj5wCVypXK4DbgFAAPz/8KN8bE/4KofDOX4/T+Gf+EuuvC1+zweFluBbQWv2e +8mOdrnLvNlWbJJ+Urg4xXH2H/JC/wDgoP8A9jlrP/pZLX6IfD7/AIJ8fBr4b/FTwx8bdH1/xPfe N/Dz3clxqepamt9Pq7XcJt2/tBpoW3bImKp5PlYBydxAI66L9iv4WQ+E/jF4OXVNZNl8btTutV1p zPb+bbz3cjSutmfs+1EDMdokWU46k0AfPl34E8Kaf/wSUOjW2mwLaS/DSLV3QRrhr6XT1v2nIx9/ 7QfM3dc85r6c/Yilkm/ZE+ETysWI8N6euSc8LEFA/AAAV39z8DfCV1+z+P2cJLu+HhoeHE8MfaBJ F9u+xR2osxJ5nleV53ljJbytu7nZjiun+Ffw40P4Q/Djw58MPDU9xc6V4YsorG2lu2R7h4oRtUyN GkaFj3Koo9qAO/ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiii gAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKA CiiigAooooA//9b9/KKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigCvbWlrZo0dpCkCsxYhFCgsepIHc9zViiigAooooAK KKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoo ooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiii gD//1/38ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigD/9D9/KKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo A//R/fyiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACop/O8mT7NtEu07N+du7HGcc4z1xUtFAH5gaPdftL6Hp37VWkW/iqb xn8RtJsNMn0lrWAwW9tc3WltN5OnWbPKEEecRglmldQz7mY0v7MPxI09P2hNL+Hfw313xd4h8Ia1 4NuNS1JvFf8AaUkkWtWF3bRyPC+pjzFcrclbmOE+SHZNvIIr7dl+CPg641X4j6rdTXkrfFC3trbV I/OCLHHa2hs0+zNGqyRsYzksXYh+VK9Ky/hl8BtI+HXiS58aah4l1rxn4imsI9Jh1DXJoJZrXTop DILaEW0FugVn2tI7K0kjKpdzgYAPdaKKKAP/0v38ooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD/9kA --_004_5F2D6022CA134255ADC278CCC1AED766mitreorg_-- From nobody Fri Dec 4 07:52:56 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D6A223A0DB2 for ; Fri, 4 Dec 2020 07:52:54 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.098 X-Spam-Level: X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=pingidentity.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OeDkG5-CTofw for ; Fri, 4 Dec 2020 07:52:52 -0800 (PST) Received: from mail-lf1-x129.google.com (mail-lf1-x129.google.com [IPv6:2a00:1450:4864:20::129]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1CD1A3A0DB4 for ; Fri, 4 Dec 2020 07:52:52 -0800 (PST) Received: by mail-lf1-x129.google.com with SMTP id r24so8257171lfm.8 for ; Fri, 04 Dec 2020 07:52:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=0X0Nvt3IxyCfU1pHfyiQ4nPTocIGWjQArj2Uq+6CRTw=; b=XVFK4a5DKNaBccYbjbEnuBVFTBxBoG6WTxW7v9EqXKP83gxjCE8NbfcMuxOb8WzTFX +GSxkXmLJcxZ12ky0gBycQTGiQ4J1aKg01GheVV3DE8pnRNycPKuw6EzCSLw01/sccKu SxON69TPs6wbClS3NBKTijI3E3qxaCLUZrDjKCePMISYm9zkLFQHqrjXzuewFpPx+Cd+ RZWEUOZdD4/xLloBYFU3DMCAmquCEAxn80HoElL7yq9HBptinXG/W8yu1y660EhqBLAB VxjrYE9f7pe9IcqnThLGqBjnsSB0etWxhU85h7i7aVCeiTWgiCnw3ZhPFEMvyDALlny6 Gdiw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=0X0Nvt3IxyCfU1pHfyiQ4nPTocIGWjQArj2Uq+6CRTw=; b=BfZJEtD7InQVHivIhhRvpN3cmEopqzLcTIpIsPL0ZNpBpX6zUyoG0JiahZCG7/3MZ2 jkHyT9gRGpZXQgRfVPUds5EULwBPHTRVNzYGnwZgsK5LpadDSVZYhvrqtnOtQN47UUUJ oCE4UVYXNCh1/gE9ZdsL5uPuhyqWfqAec1/X1pfvgeh/hzoj04hmEkTk9IrI4E+pku6Y 9oNOUFVp5GN0SwUk+CGtM5v5YNe4xGRmzzGhS2ckS3hI12FCM2+c8bG/Ss483ARSHJTi OPrMEzJeLzjxvIovWrsHPnyvFjLahEKUdRK03OfGqBtoj4iDTvt6uOYMBTmSPEuPL7Qn jM0A== X-Gm-Message-State: AOAM531Hn+gPB2DF4XSPLPwVQ5lu3hAdgeuWpa/3EWmhiS4es5yeVyaJ KPElkm5wyMStGwZ3me60C8Ixuq1yMNxorW5zm4XhMXKTw88aPzjuYur5JIqestXxmI5rpnyHZ+Y PN9fOO3t0DPb4Jg== X-Google-Smtp-Source: ABdhPJz9jBGYYHKVQQFWBVQ5QUDo/ZM7eQFLuzLINNzxRVdry5zTVkh1WyqMmmD/EwmRyeXoL0dJmFrZUoZA2NB2skI= X-Received: by 2002:a19:5215:: with SMTP id m21mr3578192lfb.407.1607097170095; Fri, 04 Dec 2020 07:52:50 -0800 (PST) MIME-Version: 1.0 References: <23A0EC1E-B161-4CDC-B3F5-1EA670458785@forgerock.com> In-Reply-To: <23A0EC1E-B161-4CDC-B3F5-1EA670458785@forgerock.com> From: Brian Campbell Date: Fri, 4 Dec 2020 08:52:23 -0700 Message-ID: To: Neil Madden Cc: oauth Content-Type: multipart/alternative; boundary="000000000000f18b7305b5a5775f" Archived-At: Subject: Re: [OAUTH-WG] PAR error for redirect URI? X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Dec 2020 15:52:55 -0000 --000000000000f18b7305b5a5775f Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable That's a good point. The context of the original discussion that led to this thread wasn't about a client programmatically acting on the information. Rather that banks (and similar entities) can be reluctant to include additional info in descriptive error messages so having a specific error code might help with the manual troubleshooting situation of problems with the presented redirect URI. That rationale seems rather dubious. On Fri, Dec 4, 2020 at 1:13 AM Neil Madden wrote: > Making it a specific error code rather than just an error message suggest= s > that the client can do something with that information. That doesn=E2=80= =99t seem > likely to me. It=E2=80=99s most likely caused by a misconfiguration that = somebody > needs to manually sort out rather than something that can be automaticall= y > corrected, so I don=E2=80=99t see a reason for this to get its own error = code. > > =E2=80=94 Neil > > On 2 Dec 2020, at 23:28, Brian Campbell 40pingidentity.com@dmarc.ietf.org> wrote: > > =EF=BB=BF > During the course of a recent OIDF FAPI WG discussion (the FAPI profiles > use PAR for authz requests) on this issue > > it was noted that there's no specific error code for problems with the > redirect_uri (the example in > https://www.ietf.org/archive/id/draft-ietf-oauth-par-04.html#section-2.3 > even shows a general error code with mention of the redirect_uri not bein= g > valid in the error description). Some folks on that call thought it would > be worthwhile to have a more specific error code for an invalid > redirect_uri and I reluctantly took an action item to raise the issue her= e. > At the time I'd forgotten that PAR had already passed WGLC. But it's been > sitting idle while awaiting the shepherd writeup since mid September so > it's maybe realistic to think the window for a small change is still open= . > > Presumably nothing like an "invalid_redirect_uri" error code was defined > in RFC 6749 because that class of errors could not be returned to the > client via redirection. But the data flow in PAR would allow for a > "invalid_redirect_uri" so it's not an unreasonable thing to do. > > As I write this message, however, I'm not personally convinced that it's > worth making a change to PAR at this point. But I did say I'd bring the > question up in the WG list and I'm just trying to be true to my word. So > here it is. Please weigh in, if you have opinions on the matter. > > > > *CONFIDENTIALITY NOTICE: This email may contain confidential and > privileged material for the sole use of the intended recipient(s). Any > review, use, distribution or disclosure by others is strictly prohibited. > If you have received this communication in error, please notify the sende= r > immediately by e-mail and delete the message and any file attachments fro= m > your computer. Thank you.*_______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > > > ForgeRock values your Privacy --=20 _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged= =20 material for the sole use of the intended recipient(s). Any review, use,=20 distribution or disclosure by others is strictly prohibited.=C2=A0 If you h= ave=20 received this communication in error, please notify the sender immediately= =20 by e-mail and delete the message and any file attachments from your=20 computer. Thank you._ --000000000000f18b7305b5a5775f Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
    That's a good point. The context of the original disc= ussion that led to this thread wasn't about a client programmatically a= cting on the information. Rather that banks (and similar entities) can be r= eluctant to include additional info in descriptive error messages so having= a specific error code might help with the manual troubleshooting situation= of problems with the presented redirect URI. That rationale seems rather d= ubious.

    On Fri, Dec 4, 2020 at 1:13 AM Neil Madden <neil.madden@forgerock.com>= wrote:
    Making it a specific error code rather than just= an error message suggests that the client can do something with that infor= mation. That doesn=E2=80=99t seem likely to me. It=E2=80=99s most likely ca= used by a misconfiguration that somebody needs to manually sort out rather = than something that can be automatically corrected, so I don=E2=80=99t see = a reason for this to get its own error code.=C2=A0
    =E2=80=94 Neil

    On 2 Dec 2020, at 23:28, Brian Campbell <bcampbell=3D40ping= identity.com@dmarc.ietf.org> wrote:

    =EF=BB=BF
    During = the course of a recent OIDF FAPI WG discussion (the FAPI profiles use PAR = for authz requests) on this issue= it was noted that there's no specific error code for problems with= the redirect_uri (the example in https://www.i= etf.org/archive/id/draft-ietf-oauth-par-04.html#section-2.3 even shows = a general error code with mention of the redirect_uri not being valid in th= e error description). Some folks on that call thought it would be worthwhil= e to have a more specific error code for an invalid redirect_uri and I relu= ctantly took an action item to raise the issue here. At the time I'd fo= rgotten that PAR had already passed WGLC. But it's been sitting idle wh= ile awaiting the shepherd writeup since mid September so it's maybe rea= listic to think the window for a small change is still open.
    =
    Presumably nothing like an "invalid_redirect_uri" = error code was defined in RFC 6749 because that class of errors could not b= e returned to the client via redirection. But the data flow in PAR would al= low for a "invalid_redirect_uri" so it's not an unreasonable = thing to do.

    As I write this message, however= , I'm not personally convinced that it's worth making a change to P= AR at this point. But I did say I'd bring the question up in the WG lis= t and I'm just trying to be true to my word. So here it is. Please weig= h in, if you have opinions on the matter.


    CONFIDENTIALITY NOTICE: This email m= ay contain confidential and privileged material for the sole use of the int= ended recipient(s). Any review, use, distribution or disclosure by others i= s strictly prohibited.=C2=A0 If you have received this communication in err= or, please notify the sender immediately by e-mail and delete the message a= nd any file attachments from your computer. Thank you._______________________________________________
    OAuth ma= iling list
    OAuth@ietf.org
    https://www.ietf.org/mailman/listinfo= /oauth

    ForgeRock values your Privacy
    <= span style=3D"margin:0px;padding:0px;border:0px;outline:0px;vertical-align:= baseline;background:transparent;font-family:proxima-nova-zendesk,system-ui,= -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ub= untu,Cantarell,"Helvetica Neue",Arial,sans-serif;font-weight:600"= >CONFIDENTIALITY NOTICE: This email may contain confidenti= al and privileged material for the sole use of the intended recipient(s). A= ny review, use, distribution or disclosure by others is strictly prohibited= .=C2=A0 If you have received this communication in error, please notify the= sender immediately by e-mail and delete the message and any file attachmen= ts from your computer. Thank you. --000000000000f18b7305b5a5775f-- From nobody Fri Dec 4 08:03:34 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 441E63A0DCF for ; Fri, 4 Dec 2020 08:03:33 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.097 X-Spam-Level: X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sTbLnuRR7oVD for ; Fri, 4 Dec 2020 08:03:32 -0800 (PST) Received: from mail-lj1-x232.google.com (mail-lj1-x232.google.com [IPv6:2a00:1450:4864:20::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BE6723A0DD5 for ; Fri, 4 Dec 2020 08:03:31 -0800 (PST) Received: by mail-lj1-x232.google.com with SMTP id y16so7202381ljk.1 for ; Fri, 04 Dec 2020 08:03:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=oYv0QDO53zuYPrs9Y+KQ9+zIQ3xMWXIh2bSpalzf25g=; b=c285SWypRvkd/0jSnTEh7e282XxBuzGQfEizjCFKCT83sX60UL7UpmOVxhD40B8KPe EGkMwYYFQ3a02k+WUzgzumK1di11+/XyuRm2q1ShVYzPr74RxKZIS0lQ1oA6YA78rm/5 ESscwdSUfEr+1EoCa8Ak15Y4CycT2azixa3sdODNDuGox02yMddcGy6iqsvfYavZXJYn U2dxQjSOW05vuAd7xDfY7S8ydMsbHHWk9mJRrbh2dsPdDPIipGePrtQOGL/7Qar27RIP F3O0o7b8UCIGEZL+hze8c2sOKimvmpAUeWD/0OP4qKBK1wZB+Ks2gkgwrBq/fm++U/+T eexQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=oYv0QDO53zuYPrs9Y+KQ9+zIQ3xMWXIh2bSpalzf25g=; b=o4bYrSjb5W3KFsbHgpI/xHuBbcdlcvOWOeXcc5eddSHl0p3PcjRZbBmwENaprSCQaC /4Xhn2+7zTkeNNuvvQHtLpE1aUPwWOJlNLKv4oFv2GnENrz3sl2WT2d+1h/mkX5Z2yAd oM/YrLeeZCOIHcQ2mAt84mE5WE85OPBB5vWkKwC0SN/LYIH0C9PB4HEGA+axVWwp5uhD iXHMDco8yGzuKBzlDwHdrA7N1mwQaoxE2bfgYcGnTdTEBXxVKm0+08oOR1SvqJxB3bKA QI2YnsDM5wN1ipw07Fw1/DDmb3PrEyIujjJ5hFxTIQYBKHlkHFz44kmxBb2xzZLPusep aIVA== X-Gm-Message-State: AOAM531ja0B6JvKEXbzI0D5t1iNy24YYau9I6nVCVh2Wgkvl4JhDj4qY uCkIMzDl372cbHjdSVPLs+9vm4FS1IiqkmeWnTMAFfRgJWs= X-Google-Smtp-Source: ABdhPJxLDli3CFUdzGtXOTBwRDZwhUMAtKy0K0kFWcaHaGOdvNBfhfNUkg66rctg2oNNENNWkgsJUATU5HmuNf8Df+k= X-Received: by 2002:a2e:90c1:: with SMTP id o1mr3559075ljg.130.1607097809754; Fri, 04 Dec 2020 08:03:29 -0800 (PST) MIME-Version: 1.0 From: Rifaat Shekh-Yusef Date: Fri, 4 Dec 2020 11:03:18 -0500 Message-ID: To: oauth Content-Type: multipart/alternative; boundary="00000000000011dd0205b5a59e22" Archived-At: Subject: [OAUTH-WG] Reminder - Interim Meeting on Dec 7th X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Dec 2020 16:03:33 -0000 --00000000000011dd0205b5a59e22 Content-Type: text/plain; charset="UTF-8" All, This is a reminder that we have an interim meeting this coming Monday to discuss the following document: https://datatracker.ietf.org/doc/draft-meyerzuselhausen-oauth-iss-auth-resp/ The following link has the details of the meeting and slides: https://datatracker.ietf.org/meeting/interim-2020-oauth-17/session/oauth Regards, Rifaat & Hannes --00000000000011dd0205b5a59e22 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
    All,

    This is a reminder that we have an= interim meeting this coming Monday to discuss=C2=A0the following document:=

    The following link = has the details of the meeting and slides:

    Regards,
    =C2=A0Rifaat & Hannes

    --00000000000011dd0205b5a59e22-- From nobody Fri Dec 4 08:09:24 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DA4C53A0DDF for ; Fri, 4 Dec 2020 08:09:23 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.098 X-Spam-Level: X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=pingidentity.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Yepu7yCOCO88 for ; Fri, 4 Dec 2020 08:09:21 -0800 (PST) Received: from mail-lf1-x12d.google.com (mail-lf1-x12d.google.com [IPv6:2a00:1450:4864:20::12d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 61C7F3A0DD5 for ; Fri, 4 Dec 2020 08:09:21 -0800 (PST) Received: by mail-lf1-x12d.google.com with SMTP id b4so741969lfo.6 for ; Fri, 04 Dec 2020 08:09:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=b9Y3U9DwnFceB2JhgO3gP7CJ2z9fkHGvezoLEfk72GM=; b=NhzNXjuz6iPq78XptDdkyeLbxQfSrjbr7l37FpBj8EVujkv+5/gAPmbq3OE1g8uIeV 0I/LzBSFzqtvGgM197WVexoXs7ityuNmky/Yi9dMLI28PmWDFLZjGfS8d4KXOwBNc8eP +AwP2uJKO0UwkGP6d6O3z6CPyj/8MoHl5i79QrojNEiQmPIacGkb7kKPO7RVGw/R/wZc Znx7naBHAVZUPBlGX9M0h6mgm80Erbrwx7utxlCRuYEABrrkJosGuJHv60Vhst8NvreU aevItB6ZMQX58WSNjmCfOLN6nS5jPdF5/xzb3s3AWHyvtjEmF18CaJdU6/oL/T+4oWHR vfIg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=b9Y3U9DwnFceB2JhgO3gP7CJ2z9fkHGvezoLEfk72GM=; b=jQ03Bw/hjMctJ8ZIWepUb80fEZh4h+6O5H5SGlErBQYzVfCbbxnwGzjUUmuJKxWWyO tASBKrTgVBUROQKxxIODOzNGUb0S4Al7xBkIfhFtW9Ean28ga3LDCuu0nk7IBzHFngBl zDJAbpCXea+ilOXpDqgHnPzVg6qTOXWKwEwMl57fje7ZnLevZoy7z6CpwtDDvM8YCwLg eXTFyxdjA6jHavBZpeujCFQmrXPzMbwtfc5xkcmq0glo4CjqbzuooWsjLFZL2G3ljHED NBXIezAglKKOuyX6UWaJbU0/RmxH4Gr2aYJFmlgVv6DlyAb4SBtWPEbA4/kJJM9NqgNL OYow== X-Gm-Message-State: AOAM5304ME4S89A57hp8mBoVNhGrV+vzV3Mjnq9qGRpZ0lfH6jaHDDkA 9kDhmSzWbAwM/bXQ7MwCOVAYjMldU54tyHO2Fror762NT1BI/ON/6b/3a83v8S94gj8JsiwVgwZ lwxe8bjivRtzSmjsLblgwwQ== X-Google-Smtp-Source: ABdhPJzjg/38Xcy8ya79wEaTGBKvs8kF0m99gEXK9OkTAEuCSQELsLG7ZlngZnMS0bRaZb7oATjlwMqFMmiMhwUS/Sc= X-Received: by 2002:a19:642:: with SMTP id 63mr3847765lfg.181.1607098159149; Fri, 04 Dec 2020 08:09:19 -0800 (PST) MIME-Version: 1.0 References: <9a58bd66-e259-ebb9-1ed5-3f5075f44d97@connect2id.com> In-Reply-To: <9a58bd66-e259-ebb9-1ed5-3f5075f44d97@connect2id.com> From: Brian Campbell Date: Fri, 4 Dec 2020 09:08:52 -0700 Message-ID: To: Vladimir Dzhuvinov Cc: oauth Content-Type: multipart/alternative; boundary="000000000000e55b5505b5a5b223" Archived-At: Subject: Re: [OAUTH-WG] PAR error for redirect URI? X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Dec 2020 16:09:24 -0000 --000000000000e55b5505b5a5b223 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Fri, Dec 4, 2020 at 12:30 AM Vladimir Dzhuvinov wrote: > If people have articulated a need to have an invalid_redirect_uri error > for the PAR endpoint, then let's register it properly. Rifaat says there'= s > still time to do this. > Following from the response I recently sent to Neil, I don't think a legitimate need has been articulated. https://mailarchive.ietf.org/arch/msg/oauth/gMiH1mTr0AKDvWpqO1zikcVUySY/ > I'm also okay with using the general invalid_request code for this. In > this case a sentence, next to the current example, spelling out what the > PAR endpoint must do on a invalid redirect URI will help. > I don't know that that's needed either. But do have some text to suggest that you think would be helpful? > Vladimir > On 03/12/2020 13:49, Rifaat Shekh-Yusef wrote: > > Torsten, Filip, > > You can absolutely make this change, as we are still very early in the > process. > So feel free to continue this effort and try to get WG agreement on this, > and update the document as needed. > > Regards, > Rifaat > > > On Thursday, December 3, 2020, Filip Skokan wrote: > >> To be clear, I'm not advocating to skip the registration, just wanted to >> mention a potential concern. If the process allows it and it will not >> introduce more delay to publication, I think we should go ahead and >> register the error code. >> >> Best, >> *Filip* >> >> >> On Thu, 3 Dec 2020 at 11:06, Torsten Lodderstedt >> wrote: >> >>> >>> >>> > Am 03.12.2020 um 09:56 schrieb Filip Skokan : >>> > >>> > There are several documents already mentioning "invalid_redirect_uri" >>> as an error code, specifically RFC7519 and OpenID Connect Dynamic Clien= t >>> Registration 1.0. But these don't register it in the IANA OAuth Extensi= ons >>> Error Registry, presumably because they're neither for the authorizatio= n or >>> token endpoints. >>> > >>> > While I think it'd be great if we had this error code registered, I >>> also worry that its registration could confuse implementers to think it= 's >>> okay to return it from the authorization endpoint. >>> >>> I understand your concern. On the other hand, registering the error cod= e >>> is in my opinion the proper way forward. The registration is scoped to = a >>> usage location, should be pushed authorization endpoint then, and RFC67= 49 >>> gives clear guidance on how to treat errors related to the redirect URI= at >>> the authorization endpoint. >>> >>> "If the request fails due to a missing, invalid, or mismatching >>> redirection URI, =E2=80=A6 authorization server ... MUST NOT automat= ically >>> redirect the user-agent to the >>> invalid redirection URI." >>> >>> I think if an implementor ignores this, it will ignore any advise. >>> >>> best regards, >>> Torsten. >>> >>> > >>> > Best, >>> > Filip >>> > >>> > >>> > On Thu, 3 Dec 2020 at 00:29, Brian Campbell >> 40pingidentity.com@dmarc.ietf.org> wrote: >>> > During the course of a recent OIDF FAPI WG discussion (the FAPI >>> profiles use PAR for authz requests) on this issue it was noted that >>> there's no specific error code for problems with the redirect_uri (the >>> example in >>> https://www.ietf.org/archive/id/draft-ietf-oauth-par-04.html#section-2.= 3 >>> even shows a general error code with mention of the redirect_uri not be= ing >>> valid in the error description). Some folks on that call thought it wou= ld >>> be worthwhile to have a more specific error code for an invalid >>> redirect_uri and I reluctantly took an action item to raise the issue h= ere. >>> At the time I'd forgotten that PAR had already passed WGLC. But it's be= en >>> sitting idle while awaiting the shepherd writeup since mid September so >>> it's maybe realistic to think the window for a small change is still op= en. >>> > >>> > Presumably nothing like an "invalid_redirect_uri" error code was >>> defined in RFC 6749 because that class of errors could not be returned = to >>> the client via redirection. But the data flow in PAR would allow for a >>> "invalid_redirect_uri" so it's not an unreasonable thing to do. >>> > >>> > As I write this message, however, I'm not personally convinced that >>> it's worth making a change to PAR at this point. But I did say I'd brin= g >>> the question up in the WG list and I'm just trying to be true to my wor= d. >>> So here it is. Please weigh in, if you have opinions on the matter. >>> > >>> > >>> > >>> > CONFIDENTIALITY NOTICE: This email may contain confidential and >>> privileged material for the sole use of the intended recipient(s). Any >>> review, use, distribution or disclosure by others is strictly prohibite= d. >>> If you have received this communication in error, please notify the sen= der >>> immediately by e-mail and delete the message and any file attachments f= rom >>> your computer. Thank you.______________________________________________= _ >>> > OAuth mailing list >>> > OAuth@ietf.org >>> > https://www.ietf.org/mailman/listinfo/oauth >>> > _______________________________________________ >>> > OAuth mailing list >>> > OAuth@ietf.org >>> > >>> https://www.google.com/url?q=3Dhttps://www.ietf.org/mailman/listinfo/oa= uth&source=3Dgmail-imap&ust=3D1607590629000000&usg=3DAOvVaw3aW1gdv4EEiLmNYz= lsJj-A >>> >>> > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > --=20 _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged= =20 material for the sole use of the intended recipient(s). Any review, use,=20 distribution or disclosure by others is strictly prohibited.=C2=A0 If you h= ave=20 received this communication in error, please notify the sender immediately= =20 by e-mail and delete the message and any file attachments from your=20 computer. Thank you._ --000000000000e55b5505b5a5b223 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable


    =
    On Fri, Dec 4, 2020 at 12:30 AM Vladi= mir Dzhuvinov <vladimir@conne= ct2id.com> wrote:
    =20 =20 =20

    If people have articulated a need to have an invalid_redirect_uri error for the PAR endpoint, then let's register it properly. Rifaat says there's still time to do this.

    =

    Following from the response I recently sent to Neil, I = don't think a legitimate need has been articulated. https://m= ailarchive.ietf.org/arch/msg/oauth/gMiH1mTr0AKDvWpqO1zikcVUySY/
    =C2=A0

    I'm also okay with using the general invalid_request code for this. In this case a sentence, next to the current example, spelling out what the PAR endpoint must do on a invalid redirect URI will help.

    I don't know that t= hat's needed either. But do have some text to suggest that you think wo= uld be helpful?

    =C2=A0

    Vladimir

    On 03/12/2020 13:49, Rifaat Shekh-Yusef wrote:
    =20 Torsten, Filip,

    You can absolutely make this change, as we are still very early in the process.=C2=A0
    So feel free to continue this effort and try to get WG agreement on this, and update the document as needed.=C2=A0

    Regards,
    =C2=A0Rifaat


    On Thursday, December 3, 2020, Filip Skokan <panva.ip@gmail.com> wrote:
    To be clear, I'm not advocating to skip the registration, just wanted to mention a potential concern. If the process allows it and it will not introduce more delay to publication, I think we should go ahead and register the error code.

    Best,
    Filip


    On Thu, 3 Dec 2020 at 11:06, Torsten Lodderstedt <torsten@lodderstedt.net> wrote:


    > Am 03.12.2020 um 09:56 schrieb Filip Skokan <panva.ip@gmail.com>= :
    >
    > There are several documents already mentioning "invalid_redirect_uri" as an error code, specifical= ly RFC7519 and OpenID Connect Dynamic Client Registration 1.0. But these don't register it in the IANA OAuth Extensions Error Registry, presumably because they're neither for the authorization or token endpoints.
    >
    > While I think it'd be great if we had this error cod= e registered, I also worry that its registration could confuse implementers to think it's okay to return it from the authorization endpoint.

    I understand your concern. On the other hand, registering the error code is in my opinion the proper way forward. The registration is scoped to a usage location, should be pushed authorization endpoint then, and RFC6749 gives clear guidance on how to treat errors related to the redirect URI at the authorization endpoint.

    "If the request fails due to a missing, invalid, or mismatching
    =C2=A0 =C2=A0redirection URI, =E2=80=A6 authorization server = ... MUST NOT automatically redirect the user-agent to the
    =C2=A0 =C2=A0invalid redirection URI."

    I think if an implementor ignores this, it will ignore any advise.

    best regards,
    Torsten.

    >
    > Best,
    > Filip
    >
    >
    > On Thu, 3 Dec 2020 at 00:29, Brian Campbell <bcampbell=3D40pingidentity.com@dmarc.ietf.org> wrote:
    > During the course of a recent OIDF FAPI WG discussion (the FAPI profiles use PAR for authz requests) on this issue it was noted that there's no specific error code fo= r problems with the redirect_uri (the example in https://www.ietf.org/archive/id/draft-iet= f-oauth-par-04.html#section-2.3 even shows a general error code with mention of the redirect_uri not being valid in the error description). Some folks on that call thought it would be worthwhile to have a more specific error code for an invalid redirect_uri and I reluctantly took an action item to raise the issue here. At the time I'd forgotten that PAR had already passed WGLC. But it's been sitting idle while awaiting the shepherd writeup since mid September so it's maybe realistic to think the window for a small change is still open.
    >
    > Presumably nothing like an "invalid_redirect_uri&qu= ot; error code was defined in RFC 6749 because that class of errors could not be returned to the client via redirection. But the data flow in PAR would allow for a "invalid_redirect_uri" so it's not an unreasona= ble thing to do.
    >
    > As I write this message, however, I'm not personally convinced that it's worth making a change to PAR at this point. But I did say I'd bring the question up in the WG list and I'm just trying to be true to my word. So here i= t is. Please weigh in, if you have opinions on the matter.
    >
    >
    >
    > CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.=C2=A0 If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you._______________________________________________
    > OAuth mailing list
    > OAut= h@ietf.org
    > https://www.ietf.org/mailman/listinfo/= oauth
    > _______________________________________________
    > OAuth mailing list
    > OAut= h@ietf.org
    > https://www.google.com/url?q=3Dhttps://www.ietf.org/mailman/listinf= o/oauth&source=3Dgmail-imap&ust=3D1607590629000000&usg=3DAOvVaw= 3aW1gdv4EEiLmNYzlsJj-A



    _______________________________________________
    OAuth mailing list
    OAuth@ietf.org
    https://www.ietf.org/mailman/listinfo/oauth

    <= span style=3D"margin:0px;padding:0px;border:0px;outline:0px;vertical-align:= baseline;background:transparent;font-family:proxima-nova-zendesk,system-ui,= -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ub= untu,Cantarell,"Helvetica Neue",Arial,sans-serif;font-weight:600"= >CONFIDENTIALITY NOTICE: This email may contain confidenti= al and privileged material for the sole use of the intended recipient(s). A= ny review, use, distribution or disclosure by others is strictly prohibited= .=C2=A0 If you have received this communication in error, please notify the= sender immediately by e-mail and delete the message and any file attachmen= ts from your computer. Thank you. --000000000000e55b5505b5a5b223-- From nobody Fri Dec 4 09:38:33 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0686D3A0E3C for ; Fri, 4 Dec 2020 09:38:32 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.497 X-Spam-Level: X-Spam-Status: No, score=-1.497 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, HTML_IMAGE_RATIO_06=0.001, HTML_MESSAGE=0.001, KHOP_HELO_FCRDNS=0.399, NICE_REPLY_A=-0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UqeWuWF9PrTw for ; Fri, 4 Dec 2020 09:38:29 -0800 (PST) Received: from smtp.smtpout.orange.fr (smtp05.smtpout.orange.fr [80.12.242.127]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 988943A0913 for ; Fri, 4 Dec 2020 09:38:28 -0800 (PST) Received: from [192.168.1.11] ([90.91.135.71]) by mwinf5d45 with ME id 0HeP2400G1Ybo4i03HePjs; Fri, 04 Dec 2020 18:38:24 +0100 X-ME-Helo: [192.168.1.11] X-ME-Auth: ZGVuaXMucGlua2FzQG9yYW5nZS5mcg== X-ME-Date: Fri, 04 Dec 2020 18:38:24 +0100 X-ME-IP: 90.91.135.71 To: oauth@ietf.org References: <3134_1606988830_5FC8B41D_3134_178_1_CALAqi_-6ovK4otw9JW+c5H3qjnFrUqbwn-AoyGnA_EHfCSgQNw@mail.gmail.com> <5F2D6022-CA13-4255-ADC2-78CCC1AED766@mitre.org> From: Denis Message-ID: <88df3b77-73e6-58f2-1392-61b4547700e9@free.fr> Date: Fri, 4 Dec 2020 18:38:28 +0100 User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.5.0 MIME-Version: 1.0 In-Reply-To: <5F2D6022-CA13-4255-ADC2-78CCC1AED766@mitre.org> Content-Type: multipart/alternative; boundary="------------C72957B4FBC7353E7026BBB1" Content-Language: en-GB Archived-At: Subject: Re: [OAUTH-WG] [EXT] Re: DPoP followup III: client auth X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Dec 2020 17:38:32 -0000 This is a multi-part message in MIME format. --------------C72957B4FBC7353E7026BBB1 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Hi Michael, > Hi Brian, > > I think I lean towards  “Shut up and never speak of this again”, but > could you clarify some things? > > I missed the interim meeting discussion on this slide – it looks like > DPoP for client authentication would have very similar properties as > private_key_jwt, but using DPoP instead? i.e. both use a private key > to sign a JWT that authenticates the client. > > Could you expand a bit on the advantage of using DPoP for both client > authentication and sender-constraining the token vs. using > private_key_jwt (for client authentication) + DPoP (for > sender-constraining the token)? > > Adding to Filip’s comment, is there just one DPoP proof sent in the > token request to cover both client authentication and > sender-constraining the token, meaning the same keypair would be used > for both DPoP usages?  That would go against DPoP’s key rotation > guidance, but maybe would be okay if freshness guarantees of the DPoP > proof get added? > One or more client-AS authentication methods using asymmetric cryptography might be developed in a separate draft. However this does not mean that they should be based on the DPoP protocol. FIDO is one example of such a protocol, but its public key registration protocol has a weakness: after registration, the server has no proof that the client indeed possesses the private key, unless/until an authentication exchange is performed afterwards. Different keys should be used for DPoP and client-AS authentication. See an email related to privacy considerations about which key pairs may be used for DPoP : https://mailarchive.ietf.org/arch/browse/oauth/?q=Proposed%20text%20for%20a%20Privacy%20considerations%20section%20in%20draft-ietf-oauth-dpop-02 Denis > Thanks, > > Mike > > *From: *OAuth on behalf of Filip Skokan > > *Date: *Thursday, December 3, 2020 at 4:49 AM > *To: *Brian Campbell > *Cc: *"oauth@ietf.org" > *Subject: *[EXT] Re: [OAUTH-WG] DPoP followup III: client auth > > 🤫, better not open up the possibility of thinking of DPoP Proof keys > as pre-registered (i.e. not "ephemeral"). > > Best, > *Filip* > > On Wed, 2 Dec 2020 at 23:30, Brian Campbell > > wrote: > > There were a few items discussed somewhat during the recent > interim > > that I committed to bringing back to the list. The slide below > (also available with a few extra spelling errors as slide #19 from > the interim presentation > ) > is the last of them. > > To summarize, I'm wondering if there's WG interest in working to > formalize a client-to-AS authentication mechanism based on DPoP. I > think it potentially would be problematic to put into the current > document (for a number of reasons) so am preemptively ruling out > that option. Thus, basically, I'm asking the WG if there is > some/much interest in the idea? In which case I'll find some time > (at some point) to write up an I-D for it and bring that back to > the group for consideration. Or if I should, as the slide says, > "shut up and never speak of this again"? > > > */CONFIDENTIALITY NOTICE: This email may contain confidential and > privileged material for the sole use of the intended recipient(s). > Any review, use, distribution or disclosure by others is strictly > prohibited.  If you have received this communication in error, > please notify the sender immediately by e-mail and delete the > message and any file attachments from your computer. Thank > you./*_______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth --------------C72957B4FBC7353E7026BBB1 Content-Type: multipart/related; boundary="------------9935E285BD1D8997CAECB45F" --------------9935E285BD1D8997CAECB45F Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 8bit
    Hi Michael,

    Hi Brian,

     

    I think I lean towards  “Shut up and never speak of this again”, but could you clarify some things?

     

    I missed the interim meeting discussion on this slide – it looks like DPoP for client authentication would have very similar properties as private_key_jwt, but using DPoP instead? i.e. both use a private key to sign a JWT that authenticates the client.

     

    Could you expand a bit on the advantage of using DPoP for both client authentication and sender-constraining the token vs. using private_key_jwt (for client authentication) + DPoP (for sender-constraining the token)?

     

    Adding to Filip’s comment, is there just one DPoP proof sent in the token request to cover both client authentication and sender-constraining the token, meaning the same keypair would be used for both DPoP usages?  That would go against DPoP’s key rotation guidance, but maybe would be okay if freshness guarantees of the DPoP proof get added?

    One or more client-AS authentication methods using asymmetric cryptography might be developed in a separate draft.
    However this does not mean that they should be based on the DPoP protocol. FIDO is one example of such a protocol, but its public key registration protocol
    has a weakness: after registration, the server has no proof that the client indeed possesses the private key, unless/until an authentication exchange is performed afterwards.

    Different keys should be used for DPoP and client-AS authentication. See an email related to privacy considerations about which key pairs may be used for DPoP :
    https://mailarchive.ietf.org/arch/browse/oauth/?q=Proposed%20text%20for%20a%20Privacy%20considerations%20section%20in%20draft-ietf-oauth-dpop-02

    Denis

    Thanks,

    Mike

     

     

    From: OAuth <oauth-bounces@ietf.org> on behalf of Filip Skokan <panva.ip@gmail.com>
    Date: Thursday, December 3, 2020 at 4:49 AM
    To: Brian Campbell <bcampbell=40pingidentity.com@dmarc.ietf.org>
    Cc: "oauth@ietf.org" <oauth@ietf.org>
    Subject: [EXT] Re: [OAUTH-WG] DPoP followup III: client auth

     

    🤫, better not open up the possibility of thinking of DPoP Proof keys as pre-registered (i.e. not "ephemeral").

     

    Best,
    Filip

     

     

    On Wed, 2 Dec 2020 at 23:30, Brian Campbell <bcampbell=40pingidentity.com@dmarc.ietf.org> wrote:

    There were a few items discussed somewhat during the recent interim that I committed to bringing back to the list. The slide below (also available with a few extra spelling errors as slide #19 from the interim presentation) is the last of them.

     

    To summarize, I'm wondering if there's WG interest in working to formalize a client-to-AS authentication mechanism based on DPoP. I think it potentially would be problematic to put into the current document (for a number of reasons) so am preemptively ruling out that option. Thus, basically, I'm asking the WG if there is some/much interest in the idea? In which case I'll find some time (at some point) to write up an I-D for it and bring that back to the group for consideration. Or if I should, as the slide says, "shut up and never speak of this again"?

     


    CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you._______________________________________________
    OAuth mailing list
    OAuth@ietf.org
    https://www.ietf.org/mailman/listinfo/oauth


    _______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth


    --------------9935E285BD1D8997CAECB45F Content-Type: image/jpeg; name="image001.jpg" Content-Transfer-Encoding: base64 Content-ID: Content-Disposition: inline; filename="image001.jpg" /9j/4AAQSkZJRgABAQAAZABkAAD/4QCARXhpZgAATU0AKgAAAAgABAEaAAUAAAABAAAAPgEb AAUAAAABAAAARgEoAAMAAAABAAIAAIdpAAQAAAABAAAATgAAAAAAAABkAAAAAQAAAGQAAAAB AAOgAQADAAAAAQABAACgAgAEAAAAAQAAA+igAwAEAAAAAQAAAjMAAAAA/+0AOFBob3Rvc2hv cCAzLjAAOEJJTQQEAAAAAAAAOEJJTQQlAAAAAAAQ1B2M2Y8AsgTpgAmY7PhCfv/AABEIAjMD 6AMBIgACEQEDEQH/xAAfAAABBQEBAQEBAQAAAAAAAAAAAQIDBAUGBwgJCgv/xAC1EAACAQMD AgQDBQUEBAAAAX0BAgMABBEFEiExQQYTUWEHInEUMoGRoQgjQrHBFVLR8CQzYnKCCQoWFxgZ GiUmJygpKjQ1Njc4OTpDREVGR0hJSlNUVVZXWFlaY2RlZmdoaWpzdHV2d3h5eoOEhYaHiImK kpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4eLj5OXm5+jp 6vHy8/T19vf4+fr/xAAfAQADAQEBAQEBAQEBAAAAAAAAAQIDBAUGBwgJCgv/xAC1EQACAQIE BAMEBwUEBAABAncAAQIDEQQFITEGEkFRB2FxEyIygQgUQpGhscEJIzNS8BVictEKFiQ04SXx FxgZGiYnKCkqNTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqCg4SFhoeI iYqSk5SVlpeYmZqio6Slpqeoqaqys7S1tre4ubrCw8TFxsfIycrS09TV1tfY2dri4+Tl5ufo 6ery8/T19vf4+fr/2wBDAAICAgICAgMCAgMFAwMDBQYFBQUFBggGBgYGBggKCAgICAgICgoK CgoKCgoMDAwMDAwODg4ODg8PDw8PDw8PDw//2wBDAQICAgQEBAcEBAcQCwkLEBAQEBAQEBAQ EBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBD/3QAEAD//2gAMAwEA AhEDEQA/AP38ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACvB/2Wbu6v /wBmP4Q319M9zc3Pg/QJJZZGLvI76fAWZmOSWJOSTyTXvFeAfsnf8ms/Bv8A7Ezw9/6boKAP f6KKKACiiigAooooAKKKKACiq91dW9jbSXd3IsUMKlndjgKB1JNRadqVhq9lFqOmTpc2043J IhyrD6igC7RRWU+uaRHqyaE93Gt/IhkWEsN5UdSBQBq0UVS1DUbHSbKXUNSnS3toF3PI5wqg epNAF2iq9pd21/bR3lnIs0MyhkdTkEHoQasUAFFFFABRRRQAUUUUAFFFFAH/0P38ooooAKKK KACiiigAooooAKKKKACiiigAooooAKK/DDxr/wAFc/Gvhbxjr3hmD4d6fPFpF/dWayNfShnW 3laMMQI8AkLk1hWv/BZPxekytffDGxliyMrHqUsbEd8MYHA/KvrI8EZk1zKn+K/zPSWU17Xt +KP3sor4r/ZY/bk+Ff7UbTaFpUM3hzxZaRGaXSbx1cyRrjdJbTLgTKuRuyqOOpTbzX2pXzuM wVXD1HSrRtJHDVpShLlkrMKKKK5TMKKKKACiiigAooooAKKK+W/2jv2v/g3+zLYKnjjUGvNf uYfOtNGsgJLyZSSquwJCxRlgRvkIBwdoYgiujDYWpWmqdKLcn0RdOnKb5Yq7PqSiuBtvG/27 4XRfEi3tNn2jRl1ZLdnzjfb+eIy4HbOCce+K/O79j/8A4KG+J/2mfi9/wrTV/B1nocH9n3N7 9ogupJn3QFAF2sijB3dc114fKK9WnUqwjpDfVaGsMNOUZSS0W5+p9FFFeYc4UUUUAFFFFABR RRQAUUUUAFFFFABRRRQAUV8U/ts/tWax+yj4P8O+JdG8PweIJdcv3tGjuJ2gWNUiMm4FFYkk jFeg/smfHfUf2j/gxp/xS1XSYtFuL25urc20MjSoot5CgIZgp5xnpXoyyqusMsW17jdr36+n yN3h5qn7XofStFFfG37av7UWr/sqfD/RPGWjaDBr82ramLBoriZoVRTBJLvBRWJOUAx71z4P B1MRVjRpK8nsRSpSnJRjuz7Jor5e/ZC/aB1P9pf4Px/E3VtHh0O4e+ubT7PBK0yYg24bcwU5 O7pivqGlisNOjUlSqLVOzFUpuEnGW6CiiiucgKKKKACiiigAooooAKKKKACivy4/bH/4KDeJ v2YPizb/AA30fwfaa7BNplvfm4nupIXDTySoU2qjDAEY5z3r9I/BuuyeKPCGh+JpohBJq9jb XbRqchDcRLIVBPUDdjNejisqr0aUK9RWjPbU3qYacIqclozpKKKK84wCiiigAooooAKKKKAC iiigAooooAKKKKACiiigAor8uP2m/wDgp78P/gv4mvvh/wDDvRj418QaY7wXk5n+z6fazocN HvCu8zoRh1UKoPG/cCB8Y2n/AAWI+MqXokvvA+gTWm4Zjja6jkK9wJDK4B99n4V9RhODswrU 1UjTsntdpHoUsrrSXMkf0K0V8Pfsqft3/C39p+VvDdvbyeF/GMUZlbSrqRZROijLtazgKJQg 5YFEcDJ2lQWr7hrwcbgauHqOlWjaSOOrRlCXLNWYUV+e/wC23+3Ef2UdR8M+HdC0K38R6zrk U91PDPO0At7WNgkb/KrEmV94H+43tWj+xJ+2qv7WEXifTtZ0WDw7rnh4wSrbwztMs9pPlfMB dVOUdcN2G5fWu55Divqv1zl9zvp3ttvubfU6ns/a20PveiiivHOUKKKKACivjnxT+2/8GNG+ NPh/4CeHbl/E3ijWNTj0y6+xEfZdPkZtriaY8NIhGDHHuIIIcoRiut/a2+Peo/s2/Bq8+KGl aRFrdxbXdrbC2mlaFCLh9pYsoY8fSvQjlWIc6dNws57X0ubrDTvGNt9j6Zor4t/Yn/ao1j9q 3wV4g8VazoEHh+XRdQWyWO3maZZFaJZNxLqpBy2MV9pVjjcHUw9WVGqrSW5FWlKEnGW6Ciii uUzCiiigAooooAKKKKACvAP2Tv8Ak1n4N/8AYmeHv/TdBXv9eAfsnf8AJrPwb/7Ezw9/6boK APf6KKKACiiigAor598Q/tNfBqyXUNM8L+MNG8S+IbFnifTNP1G3urmKWMlWE8ULs8YRhhtw BB46180+Gfjd4u0bxhP4l1GZr2C/YC5tycIUHQIOilB90j8eM0WA/RikYhVLHoOawNF8UaH4 g0KPxJpt0rWDoXZ2IXy9oywf+6V75/lXxT8X/jZfeJ7/APsfwrO9tpdpIG81CUeeRDkN6hQR lR+J7YAIPjN8Y7jxhdSeH9BdodGhbDNyrXDDuR1C+g/Osb4RfFu98A340/UC1xotw37yPqYi f40/qO/1rwe5u5obiS6vJC8UzF2duqsTkk+38q4e/wBZuPFl0+geFbgC0j4vL+JgyoD/AMso WGQZCOpH3R70AfrH8Rfi9onhDwzb6rpci39zqiFrIKcowwMux9FyMjrnivgG58Va/da+fE81 5J/aRk8wSg4II6Y9APT0rnfOv4NBtPD1pO4srA7oImJZQSoU9eeQOfz61FZNLqkxs7IpHNGp kneU4jtYl+9LKeyDsOrngc5I5cdjqWGoyr15csY6tv8Ar/hzSlSlOShBXbPvfwL+0P4d1XSY 4fExkt9TtgPtJijZ41iwf9IcrnamRg98ngEBiPnr4t/F+7+IF4bHS2MOhwHMSg8zHtI+P0Ha vG11Ge3EcPhy5msbWB/NSbhZ7qbG3zpxjBUjhYiCgT5SMHAjmWGaC41WwiW3+zjzL6zTO2AE 4NzBnJMBP3l5MRODkEM3yeH4mxMKkamPo+zo1HaD6xeyVRbR5unRP3Za2O+eCg01SleS38/T vb/go97+D3xnfwPKNG8RzbtCckmRj/x7HqW/3O5HbrX2x4Y8Z6F4tSc6TI4e3blJUMchQ/ck CtzsccqevYgHIH5YRqLBYNRvoRJeShZbKzlHyov8N1cqe2eYojyT8zdtvVeDviBrng/Vo9Ru b+aeIuXaeTMkkDucu2By0Ln/AFkY6feQBshprcUYic3XwdHnw8NJSXxS7umvtKPX+bVRu1qR wMElGpK03sui9e1/w6n6oUV51oPxL8Pap4an8QX08dmLGNXuVLBgoYZVkI++knVGH3unWvjr xn8dPFGt+KoNY0KZ7Cw01ybaH++OhaUdyw4x0A4Hcn7DB4uliKUa9CXNGSumtmjz6lOUJOMl Zo/Qqivnzw9+038GrxNP03xV4w0bwz4gvmSJNN1HUbe1uZZXIVfIjmkV5A7HC7QTnjr1+g66 CAooooAKKKKAP//R/fyiiigAooooAKKKKACiiigAooooAKKKKACiiigD+Tn4UaVpeuft4aTp GtWcOoWF343mjmt7iNZYZUa9fKujgqwPcEYr+kTxZ+yj+zZ410e40TXPhroAhuVKmS10+Czu Ez3juLdY5UPurCv5y/gp/wApANB/7HqT/wBLXr+rav0fjrE1KdWg6cmvd6O3U93N6koyhyvo fyN+OtG139jL9rW6sfD948tx4C1iC5tJTw89nIqTxpJjAPm20gSQDg5YdK/p5+NXx9+HvwI+ GM3xU8bXTjTMRi1hhAa4vJphuihhRioLsMk5ICqCxIANfzbf8FDtXtfE37ZXj99HP2gRTWFk NnzFprayt4ZF47iRWXHqK+qv+Csuoa7pc/wh+H93IwstL0WWZlz8r3WY4HJx1KrGMem446nP sZplqx88Aqz1lFuXdpJP8/zOnEUPbOjzbta/cin4j/4K+fHHUtYll8DeCdDsNKiJcQ3i3V9c CNepeWKa3XHqRGMetfY/7Jv/AAUx8OfHDxXZ/DT4m6NH4W8S6rJ5Wn3FtIz2F1IRkQnzPnhl Y8ICWVz8u4MVDe2/8E8/hv4Q8D/steD9U0CziW/8UWv9oaldBVMtxNK74V3xkrEuEVegAPck n8QP+ChfgXw58Jf2sNZh+Hsa6PBdRWWrJDafultLqZdz+UExsy6+YAPuluMDAHFhsJluOr1c BTocjje0r9nbX/g3MqdOhWnKjGFrbM/oh/aR/aM8Dfsy/DyTx740El080otrGxtyvn3dyylg iluFUBSXc5CjsWKqfxum/wCCtX7Rd9cz69ovgHRB4dtG2zBoL2cx7j8oe6WZEVvTMYz6dMc1 /wAFVvGuteJvGHwptNSjkgjfwnBqpibhUudRlYTLjpuHkqD+FbvwU/bU+I3wz+CWifCfQP2f H1rw+lj5U02y6MWpfaVzNPIotWVxPuJPLDBABwBSyjh6lTwUK8qKqTk9bySSWu1ww2CjGkpu PM352P1F/Y9/bQ8H/tW6Le2kVi2g+LdEjSS/05n8yNo3O0T28nBePdgMCoZCQDkFWb5K/aP/ AOCoGteDPibqHwn+AnhO38SajpF29jPeXonmSe7jOySG2trdo5G2OCu8v8xB2rjDH4a/4J+6 D8R/Bf7X/hTV7jwrq+i6NqbahaXIktLlIUgntZWjR5HQAqsqxnLd1B61S/aJ/Z4/aN/ZY+Pm r/FjwFY6gdMTUrrU9K1/ToWuY4IrpnPl3B2uEdUcxuJRtfkjKmtaXDmAp5hOm7NON4xb0vdq 1/K3no+tio4GjGu4+V0j6Bsv+CrH7SHgTxDBYfGX4badFbn5pLYW17pN6UPdGuZJl47Zj59e 9ft18K/iZ4V+Mfw+0T4l+C5mn0fXYPOh3gLIhDFJI5FBIDxurIwBI3A4JHNfziwf8FDvEHji XRrb9pX4d+HfirY6LI0kElzb/ZLuMyALIQyboCGCjKmDBIGegx+/v7M3xG+EvxS+EGk+LPgt pcGheHJWli/s6G2itPsdwjfvYnhh/dqwJ3ZXIYENnmvH4tymNGlCaw/I72bTvF/r+C+Zy5lh lCKfJZ+Wx77X8hv7XPx48QftCfGO88XeItOtdMn0mI6RHHa7yjQ2k8xV28xmO87znGB0wK/r yr+bD/graAP2n9NwMf8AFNWP/pTdUeHlWCxkoON21o+1t/vDJJL2rVtT7e/Yu/ay8YftA/C3 x/4D8R6NY6ba+BPC8MFtNaeb5kw+zyw5l8xmGcRA/LjkmvyH/ZC/aB0v9mj4pXnxM1HSptak TSLyztbWJljElzOYzH5jt9yP5TuYKx9FNf01+H1Vf2XNO2gD/ijYf/TcK/nt/wCCZvgvQPGf 7V2h/wDCQ2kd7Fodnd6nDHKNyC5gVVhcg8Exs4dfRgD1Fe1k2Kw86OOqOnaGl4p9k76+Z14W pBxrS5bLsfQqf8FcPj5oniZD4u8AaNHpMmyT7GI7y1u/JJzlZ5JXUlh0bycdOOuf28+FPxb8 I/F/4XaN8W/Dcxh0TWLVrnNwVRrfyyyzJKQSoaJ0ZXOcZUnOOa/Lj/gsbo+nSfD34e+IGt0+ 3wapc2qzbR5nkywb2Td127owcetcV8LPEepeH/8AgkT4vv7Bn83dfWQ2EgiK91CO3l6dtkzZ 9s15eOyzC4vBUMTh6fs5Smo6O+7aOerh6dSlCpCPK27E/wAYv+CtHiOTxhP4W/Z08J2urWcb mGG+1OOeaW7cEgvDa27xsqHHybmLEclV+7XU/s+/8FV7jxJ45tPAP7QXhm28NyX8yWiajYCW OG3uXbYBdQXDu6IScFw52fxLjLL+bH7GHxx8S/ALxXr3jHwh8NX+IGqz2sVqkqCYtYRuzM+D DFLgzbQMnBwhA4Jq7+1P4v8Aif8AtN/EC1+Iknwf1DwrqCWaWlz9mtLqb7UY2YpLITAnzqrB M4J2gDOAAPpZ8MYPneFdBKFvj5le/pv+nlY7ngKV/Z8mne+p/VrXy7+2D8afHX7PvwVvPip4 E0ez1qbSru1S8ivfM8tLS4YxGQeUytuErRjrjBJrvf2ddW1jW/gJ8O9T8RRzxatLoGmi8W5V lm+0pbokpkD4YMXBJzzXR/FnwBY/FT4Y+KfhxqOBD4j065st7DIjeaMrHJ9Y3w49xX5Lh1Cj iUqyvFS181fU+bhaNRc2qTPmb9hz9q7Uf2q/AWu674j0600jXNB1AW01tZlzEbeWJXhl/eMz AswkUjOPkr4T8S/8FZvFmi/GXUfCdr4Z0mbwdYa5JY/bi0/2l9PiufKacYk2b2jBcfLgHHBr 4u/Yy+PV7+zH4m+K2k645sLm98OalDDC52ka3poZrVG9wxlT6nivkmH4b+I7n4W3vxfCZ0S0 1i30VnwSTcz28tx17BVjGfdh+P6theEcJHFVnVj+7fLy/Pe3z2Po6eWU1UnzLTSx/UZ+2p+0 7c/su/Cez8baFZWuraxquow2NnbXLP5TBkeWWQ+WVYhUTGQfvMtcR+zb+2Fq3j/9nfxJ+0X8 c7LT/Cfh/R7qaKBrMSnzoYFQMwEjsXd5n8qNV5LjHcV+Kn7Xn7RMnx08F/BHw1ZTm8k8P+Go vt4Q5ZtVlf7LMGUclttqjr7Scda+wf2+PCOpfAz9i34LfBKzzBBFcK+phOFkvY7dppc46q08 8jgeoB5wDXiQ4ZowoUMNVVqtSbu+qir3t8kvvORYCKhCnJe9J/gjF8ff8FfPijqevS2vwh8E 6ZZaWGYQnVRPe3kqKchytvLCkZIGSg8zH949a9o/Z0/4Kwad418VWfg746aDbeHDqckcFvqu ns/2OOaRtoFzFMzPHGSR+8DsF/iAXLD0L/gk58OfCOj/AACufiRbWcUniLxBqV1BcXZUGZLe 2KpHbq2MqmQZCO5bJzhcfDX/AAVo+HPhHwd8bPD/AIp8NWkVhd+K9Nkn1CKFQiyXEExT7Qyg Ab5FYBj/ABFMnkknqpYXK6+LnlkaHK1dKV9brc0jTw86rw6hbzP2H/bN/aC8Q/s0/Bv/AIWT 4Y0y11a9Oo21kIbwuItk4clv3bK2Rs45r8qtX/4LCfFCXwpbQ6J4N0i38SNPKbiabz5LNLcB PKEcQmWRpCd+5mcKPlwp5Nek/tQ+IdV8Vf8ABLf4Za3rZka9lbRI5HlJZ5PIimhWRieSZFQN k8nOTVr/AIJDfC/whqngvxz8RdZ0q21DU31GLS4ZbiJJTDDFAJZFj3g7fMMw346hQD0rkwGX 4LDZfPEYmlzyhNrtfW33dTOjRpU6DnUjdp2PC/2yfjL48+Pv7HHwr+KPxC0e00a+1TxDqCwp ZeYIZreCJohMElZ2Tc6uNpduAGB5wP0U/wCCX80Vv+x9o1xcOsUUWoaozuxCqqrOxJJPAAHU 188/8FdNH0jw/wDBj4caLoNjBpun2msTJDbW0SwwxILdvlSNAFUewFUvgHq99on/AASd8Z3+ nBvPNpr0OUOGCXExhds/7KOT+FaYqMcRlFONNcqlV0Xa7Y6iU8NFRVk5f5nL/Gn/AIK2+JIv GNz4c/Z+8L2N/plvL9niv9VSaaS8cNt3w28EkW1GP3NzMzDkqpO0fJn7V/7bPiH9pH4V6T8O /iF4S/4RrxXoOspfO1uHS2kg+zSxkGKcmWKQM4IBLgrk5BGD69/wSG8GeHNd+MvivxVq9rHd ah4d0qM2BkAbyZLqXZJKgPRwi7A3YMR3r3r/AILFeDPDv/CK+AfiAlvHFrgvp9NeZQBJNbPE ZQrkcsI3T5c/d3tjqa9OhDAYXM6eBp0feX2r63tf56f8MdEFRp4iNGMNe59Cf8Ep/wDk1C3/ AOw1qP8A7Tr9Ja/Nr/glP/yahb/9hrUf/adfpLX51xJ/v9f/ABM8PH/xp+p+Sf7Y3/BQv4if s3fGmb4ZeGfDOlapYxWNrdefeGfzS04YsP3bquBjjivn/wCJf/BW34pXWs3t78GfBNhD4TsZ hELzV4bm5ml5+Uv5EsMcJcdEJc/7VfPn/BVT/k7K8/7A+nf+gvX7q6T8LfBuhfslj4YWWlwJ og8KvC9vsBV3ktC8kjZzl3kJkLHncd3WvsKtHL8JhMLWqUOaU1rq/K79ex6koUadOnKULtnh v7Ef7ddp+1PNqng/xNo8WgeMNIt/thjtnL2t3a7wjSRByXRo2ZQ6MW+8CGPIXh/2wv8AgpBo /wCz/wCKp/hj8OdGi8S+K7DYb+W6dlsbMugdYsRkPLLggsAVCZxktkL+bn/BKWR0/atiVTgP oeohvcZiP8wK+VPBHxC1OH9oyH4o33hZvG+pf2zdaq2kS73a6uC0kwDhFkY+W/7wjac7eeM1 6K4Swv8AaFX3bwjFNRv1d+vbT+kbLLaftpaaJXsfpD4Q/wCCtfxh8Pa/ZQ/Gn4f2B0m6ZZHO nxXNjdi3c/6yJbmWVJMdQDtDYxuH3q/bvwR8RPCPxD8B6X8SvDF+k/h/V7QXsNw/7sLFglvM 3fcaMghwfukEHpX89P7Vn7Snxb/ap8D2HhLXPgZe6LeaXeLd22oxQ3k80Q2skkQDW6fJICCw zjKqcZAx6x8Gtd8e+Cf+CYHxk0fXdP1DTLvTb97W2juYpbdlstVazhkCCQKdm6WZmxxyfU15 +ccO0qlGnUhTVObkotJpqzdrmOKwMZRjJLld7Wvfc7D4xf8ABWjxHJ4wn8Lfs6eE7XVrONzD DfanHPNLduCQXhtbd42VDj5NzFiOSq/drqf2ff8AgqvceJPHNp4B/aC8M23huS/mS0TUbASx w29y7bALqC4d3RCTguHOz+JcZZfzY/Yw+OPiX4BeK9e8Y+EPhq/xA1We1itUlQTFrCN2ZnwY YpcGbaBk4OEIHBNXf2p/F/xP/ab+IFr8RJPg/qHhXUEs0tLn7NaXU32oxsxSWQmBPnVWCZwT tAGcAAe7PhjB87wroJQt8fMr39N/08rHW8BSv7Pk0731P6a/i/8AFfwj8Efh3rPxN8cTPFpO jRh3WIBpppHYJHFEpKhnkchVBIHOSQASPxEvv+Ctvx58Q+KJE+Hvw/0l9KiZ5BaSRXl7eGBT 1eWGWNQQOpEWAfauk/b98WeJtU/Yi+AlvrsVzFd6mthNqP2gMkv2y004xsJVfDbmd3b5ueM1 9Rf8En/BnhzR/wBm2XxhY2sf9seINVuxd3OB5pjtiI4ot3XYoBYL6sT3r5bB5dhcHgJYzEU/ aScnFK9lo7fo/wADz6VCnSourOPM72PxW/a7/aJtP2nPiRpfxHh0iTQ7qLRrWwvLZ3EiLcwS zM5icYLRkOCNyqwOQQcbj/VP8JP+SVeDP+wLp3/pNHX82f8AwU18GeHfBv7Vus/8I5bx2ket 2NnqVxFEAqLczKySttHAMhQSN6sxPU1/SZ8JP+SVeDP+wLp3/pNHW/GEqcsBhJUVaLTsu2i0 LzRxdGm4qyOw1fVtN0DSb3XdZuFtLDToJLm4mc4SKGFS7ux9FUEmvwq+IX/BW34ma14tuNE+ Avgexm04SPHayalFc3l7dKp4kEFtJCI9w52fvCO59P258ezeDLfwTrs/xF+y/wDCLx2U7an9 tUNbG0CEyiVWBBXbnIwc9K/B/SP22/g38NPH+rx/sYfAZJdZ1dTai+ke4aS5ijfcBFp8IdkR iA2FdCcLvUEADyeFMFTqqpKVB1GtrtKK9W3/AJnNl1JS5m4cz/A6v4Yf8Fb/AIgWXjG20H48 +DtPt9LadYLqfTI7i1urME4aR4LiSbzNvVkBQ46c8H9345I5Y1liYOjgMrA5BB5BB9K/kE/a r8YfGXx98WZvF/x18NDwp4n1Kzt3+xCzksT9mXckLGKZmlzhSuXJbCgdAK/rQ8AM7+A/Dbyn LtptmWPqTCma6+MspoUIUa1GCi5Xuk7rpsaZphoQUJRVrnXV+HEf/BWvxV4e+KWr+HfHHg6w PhvSbnUrctYGb7bI1ssq2ygySGMeZKqK7FTtUsQOAK/cev5O/gr4N0P4gftz6X4S8S2qX2l3 viy8a4t5BmOVIJpZijjurbMMOhGQax4Qy/DVoYiWJhdRjf8AO9icsoU5qbqK9kfVupf8FcP2 h7TV4dTPgXQrPQrzL20E8N6ZZIs9VufPRXI6bliC/wCzX7Ifsw/tE+Gv2nPhZbfEfw/avpsy TPZ39jI4ka1u4grMm8AblKuro2ASrDIByB8uf8FVNA0q/wD2U59SntY2udG1awktZNo3ReYx hcIeoDK2CBwcD0FfLn/BNzxDqHhj9kT47+IdNL/adGW+vYAhwwlh0wuu3HfKDFdmMwWExeW/ WsPS9nJSUd79v8zWrSpVKHtIRs72PRf2m/8AgqWPh745vvhx8DPD9r4ivdJnktLvUb8yNatd I2xo7eGB0eUK2QXLqGPCgjDHzf4Yf8FavGml+LLbw9+0T4Kt9PsXIS4udMiuLe5tt2Nsj2tw 8hdccsFZTjlQSAp/NL9lT4mat8JPi9bfEPRPAx+IOqaZbTtb2YErGCWTan2oeVHKcoGKgleC 4OQQK98/a4+MXxV/avm8PahqPwWv/DWqaCJ4/tcFvdzy3EE20iJ90CfKjKWXOcFmxjJz9O+G MJTnHDOgnG2s+ZJ39P6Xkd/9n0otU3DTvfU/Uv8AbX/bd+In7NWqeDb7wFoOk+IfC3jHTnur a+uWnJeWNgWCGJ1UoYpYmU9TuPavpGL9pTTpf2Rv+GnBBFkeHW1Q224+V9vWMobbdnO37UPK z1/Gvy98efDfxH8Rf+CV3hbU/EGn3Vv4k+GV1NcCO7ieO4FlFdzW7JtkAYRrbSxv6YiGOmK+ QLT9o7y/2Ab/APZ/N1nUj4piVYs4I0iRTfHA9ryPnt835+FR4aoV6MI04+9CpyyfdX3+6xyR wEJwSitVKz9D9Lf2QP8AgpB4y/aB+Nun/Crxx4d0vR4NXtbprWayM/mG5t4/OCHzXZdpjSTt nIFdn+2/+374l/Zj+I2kfDzwRoena3cXGnLf3rXpl/dGaR0iRfKdcHbGWOc8Fa/E/wABWviT 9mr4s/B/4o6+DBBqK6f4jjwCM6bLdSQyKT3LwxsT7OPx901eMftjf8FEJbONvt2iat4hEOVO 6NtG0gYZlPQCS3tyR23P3J59Wvwxg44v2/IvYqDb7XT/AMvyOmeX0lV57e6l+J/SJ8K9e8Ue Kfhr4Y8T+NbKHTdd1fTra8u7W33COCW4jEhiG8s2U3bTknkGvFf21fivq3wY/Zo8Z+NvDs7W 2siCKysZU+/FPeyrAJVJ6NGrs6+6ivqcAAAAYAr8/P8Agp5o97qn7IXiS4s1Lrpt7ptzKF/5 5/aUiJx6AyAn061+a5RCFXHUoyXuuS0+ex4GGSlWins2fkJ/wTp/Zk8OftH/ABW1fVviHEb/ AMM+EIIrm7ti7Kbu6unYW8cjKQ3lny5HfDAnaF6Ma/oS1/8AZs/Z/wDEvhqTwhqvw80I6VJG 0Yih0+CAxBhgmF4kV4m9GRlYdjX5Ef8ABG7xbpFn4h+Jfgi5mSPUtUt9NvraMnDyRWbTxzY9 dhnj468k/T95K+i43zDELMJQUmlG1rO3RO/3ndm1aftmr6LY/kg+O3gXXP2Ov2pr7SvBd+6S eFb+31PR7kkl/s8gWeBZCMbiFPlS9A+G4wcV/V14O8TWnjLwfofjGxGy11ywtr+IHtHcxLKu fwav5kf+CmXi3SfFf7WviOPSJo7iPQ7Wy02V4+R58Me6VSe7I7lG9CpHav13+PXxLvP2cf8A gnxolvJK1r4jufDOkeG7ME4kW8nskhlYHqGiiSWQH+8or1uJcNPF4fBOX8Sdl96X/DnTj6bq QpX+Jn45fGTXNU/bU/bal0rw9cF7HX9Xh0XTZV+dYdMtW8s3Cj+75ayXDD/aNM/Zi8Z6v+yL +2Ra6T4rl+zW9jqdx4b1on5YzbTS+SZT/wBM0kWOcHuFGOtcX+xx8e/BX7N3xYk+J/i/w/c+ IZbewntrGO2kjjME9wVV5SXB/wCWW9Bj++ayP2tvjR4M/aB+Mt78VPBmhXHh9NWtbZb2C5kS Rnu4FMRlUxgABoljB77gxPWvtfqk3N4Fw/cclr6b/nt+J6vs3f2NvctY/r3r8e/Hv/BRz4le E/2qbj4CWXhfSJtJh8RWujC6kNx9oMU80cbPxIE3AOSPlxX2X+w58aP+F4/s3eFvEt7P5+s6 TH/ZGpknLG7sgqb2P96WIxyn3evwh+NBC/8ABR2/ZuAPHWnk/wDgVDX5pw1ktOWJxFDExu4J /enueDgMJF1JwqK9kf0Z/tB/ErUvg98FvF3xN0e0hvr3w7YtdRQTlhFI4YAB9hDY57EV+a3w g/4KR/Ez4ifCz4t+PdT8LaRbXXw902yvbSKE3HlzvdTmFll3SE4AGRtIOa+3/wBuR1j/AGSv icznAOksPxaRAP1NfmD/AMEbAD4t+J4PI+w6Z/6NnqMmwOHeV1sVVp80oyX3XjdfMWFpQ+ry qSV2n/kfmDoHxq13w/8AHiP4/W9hbS6vHrkuu/ZX3/ZjNNM0xj4bfsBYgfNnHev16/aS+OGv ftEf8E1x8U/Emn22l3+oa5DC0Fpv8kC2vHiUr5hZuQvPPWvhb4aKD/wUkt1I4/4WHe8f9v8A LX7A/wDBUsAfsj6qAMD+1NN/9G19fnmJpPG4OCp+83Fp32V9rfqeni6kfa0ly66a/ofkt+yR +2rqf7M/ww17wR4J8KN4m8W+ItXW6gEu77LHCsCp9yI+bJIWX7g2gDndnivqn4Nf8FbfGM/j iy8O/HjwvptppF3cC3mvdMSe2lsi7bRJLFcSyh0Q/fAZWC5I3EbW6z/gjr4L0D/hGfH3xCkt I5NaN5b6ZHcMMvFbLGJnRD/CHdlLY67Vz0FfGP8AwVK0fTtJ/az1Oewt0gbUtL0+6n2KF8yY o0ZdsdWKoMnvilUoYDF5lWwdSj71ruV9b2Wy6bhKFGrXlSlHXuf08qysoZTkHkEdCKWuT8BS vP4F8OTSnc8mm2bMT3JhUmusr8dnGzaPl2rOwUUUVIgooooAKKKKACvAP2Tv+TWfg3/2Jnh7 /wBN0Fe/14B+yd/yaz8G/wDsTPD3/pugoA9/ooooAKKKKAPw2tv+Cf3xB+EHxu8b/FqG8h8R aDr095d82NrLJCLudpzmK4FwCEzgsqg4GeBxW7qsWj6JYS6lqRsoYIRyTpGlZJPAUAWeSSeA ByTX7VkAjB5Br55v/wBmj4dan8Q7Px5fwtNFYlpotObH2Rbk/wDLXZ3x2B4B6ccV4eP4Zy/F VPa4ihGUu7V2dVLHVqa5YSaR8T+APgZ8XNa0F/Heq6DpS6LcKXg0xbC1s9YEBHE8U9tDGElH 3gh6j5ec88/d2smnSpFNKJ4JgxguNuwSqvDBlP3JE6SIfunp8pBr9fgAAABgCvmL4z/By41S C88S+CtLt9TvZv3lzpVwxjgu5lHyTKw5jkB4cj76bgeTz4tfIp5dL6zlFPT7VO9lJd430jNd 9pLR9GumGKVZcmIfpLt691+R8PRR26W8WqanD58M+TZ2bHH2sqf9ZJ3W3Q9T1c/KOvMpQao0 13Z20VtqYDS3VpbIY4blR964tkJYqw/5aR5J/iBPd+oab4lsLxn8Y2slrrFwiPOsi7cYGAsY HAjXoirwB6nJPMa9rNvodtFdMZDd+YotEt/+Ph7j+ARdfmz+GOvBIOP+rWMqf7fOrbFdLN8k V/z7t1i/tStzN+8rWSVfXaa/dKP7v8X5379lt0Nq2WXUpUttOKPI6GQuxxFFEv3pZW/hRe56 k4UAkgVn6yl1dwW9l4au2g0+CdZ7gyxru1R1GA02clI1/wCWKKfl6nJJJ7KTwb8Zm0b+0vFv g2LQdNliiuL5rR9xubvLfPKnVY1XB2D5Vcucc5PP9eldeBy7E42rHF5lDlUH7tO90mvtya0b /lW0Vr8T0zq1oUounRd77v8ARdvPv6bwQXCzoWHDLwynqD6GuOTX9b1XxHbnwXdnT00ebfNq SqHO8cGCINlWyOJCQRj5evT0z4Z+BJ/jd4k1Pw/pDT2ulWUDx3mpxcIJmGFhRv4m/vEdBnBz VW98KS+CLqTwtNafYTp58sRgYGB0YeobrnvX1eJw1OtTlSqxUotWaeqafRnBCbi1KLs0czpz atbSTf8ACRXv9o3l1K8jXbKEaUseA4HAIHAxxgcelGs6z/ZggtbWB77Ur5xFaWkQzLPKeige nqegpuvarDYxwWSW7319fuIbW0hG6WeVjgBQOmO57V+gPwU/Z40PwPeQ+PfECNeeKLq2iXEx DrZZGWjiHQHPVupP4U6NGFOCp01aKVklskuiCUm3d7nzdpn7K3xubwrZ3Gsa7pt42ZLg6RPp 9pOLUS/MYbea4hk288kHjOema8ZvfDyabNPb6hBaW0tsWWVZNH0pShXqGzZ8Yr9lq8L+KvwB 8G/Fie3uNYaWzYOn2r7Odn2qFDny5Pyxkc44ORivn63B2VVJupPDQbbu/dWre7OuOZV0rKb+ 8/ETXf2OPiR+098Q9I+Jnw8MWn6N4elgRLo2ltZpPJDKJC0Qt0hDAEfeKk/hX9DHh+zvdP0O wsdRl8+6t4I0lkxjc6qAT+JqTRtG0vw9pdtoui2yWdjZoI4ooxtVVXoAK0693CYSlQpqjRio xWyWyOWpUlNuUndhRRRXQQFFFFAH/9L9/KKKKACiiigAooooAKKKKACiiigAooooAKKKKAP4 59Y8d638Lv2lNY+IfhxIX1Tw74mvb23W4UvCZYbt2UOqspK+oDA+9fXGsf8ABUr9rfxbYTaH oiaRpl1dLsWfTdOke5Xdx+7E0s67vQ7CfTnmv6YKK/Qa/GmGrcrrYRScVZXl/wDantTzWnK3 NTvbz/4B/O1+w9+xB8UfiR8VbD42/HDSrzTPD2m3Y1UDVEZLzV74P5qExy/OYjJ+8kkcYk+6 u7czL+gX/BSD9lXxJ+0L8PtI8UfDy2F74s8GtO0doCFe9s7jb5saFiAZEKK6AnkblHzMAf0j orxcVxXiamMhi1ZOOy6W7fPqctTMakqqq9tj+YH4Eft7/Hf9lLwrc/B7UfDtvqNrpkkhtbTW I57e5095GLvHgFGMZcltjAEEnDAHFO+B/wAA/jV+3l8c5fin8SLa4Xwzf3qT61qxTyIDDEoC 2lnu+82xViXZu8tcM56bv6ZtQ0DQtXlin1XTba9lhIMbzQpIyEcjaWBI/CtUAAAAYAr1avGc I89TDYdQqT3le/3K3z9d7nRLNUrypwtJ9T8n/wDgp9+y14p+LXhLQPib8NNMl1TWPCEctrdW FspeabT5CHVoYxy7QuD8ijJVyQDtxXwN8If+Cmfxb+C3wfh+D8nhq01S/wBChez03ULqSSKS 0iXISOe32kSmHO1fmj+UAMDgk/0tVh3Xhnw3f3y6nfaTaXF4nSaSCN5RjjhyCf1rgy/iWnHD RwuLoqpGLutbWMaOPiqap1I8yWx+QP8AwTlvf2yPiT4gm8c/FDxbrR+HNvbyiFNTCyPqdzMu 2PyHnjaXyotxkMiMFLqqDcN4Hy18VPi5+3F+yP8AHy31v4keIta8TaFpt5J9lN1NKNF1e0kD KFKxgQiXyzkrt3xOAQMAE/0fgADA4AqGe3guomt7mNZonGGRwGUj3B4NOnxRD6xOrPDxcJK3 LZLT1tvrq+vyQ45gudycFZ9D+Wz9p79qiz/a/fQvDfgz4P2fh/xD9sEpurEjUNVvnKMgt1aK 2hcxktuKkOSyqRjBz+3X/BPr4F+K/gH+zxaeHfHERtdc1y+n1i5tS25rX7RHFEkLdg4jiUuB 0YkdRmvsnTNA0LRN/wDY2nW1h5hy32eFItxPrsAzWtWebcSRrYaODw9Pkgnfdyf3snE49Tpq lCNl63Cv55P+CvfgTxHafGbw18RvsUraDqOiQ6eLoIxiW7tri4domYDarGORWUE5YbsD5TX9 DdV7q0tb63e0vYUuIJRh45FDow9CpyDXnZDnDwOJVdRvurbbmGDxXsZ89rn5A/sXfte+M/j3 4C8Z/C3xLo9jY2vgvwaqW09qsvmzmCE27NKXdkG4BSFUDnPOOB8Rf8EoR/xlWP8AsBah/wCh Q1/SnpukaVo1v9k0eyhsYM58uCNYkz67VAFaFes+JqUYYinRo8qqpddtN9tb/I6f7QilOMYW UvM/H7/gsT/ySPwGf+o5L/6SvXQ/sN/DTT/jD/wTy1D4Y6pIYIfEcusWolHPlStLmKXHfZIF bHfGK/WCiuJcQSWBhg4xs4y5ua/r0t59zL661RVJLZ3ufyufCj4mfHX/AIJ1fGHWLLxL4XLC +j+y31hd74re+iicmKe1uVUg7STskUOuGYFc9PXLb9q79tf9rP44Wo+BdxfeGUdIrZLDTpHk 02yhDMzXF7JIhiJ5O6RkBICoqk4B/o41HStM1i3Npq1nDewE58ueNZEz67WBFO0/TNO0m3Fp pdrFZwL0jhjWNB9FUAV7NbjChUbrTwsXVatdu6+639dzqlmkH7zprm7/APAKnh2w1LS9A03T NZ1F9X1C0toYbi9kRI3upo0CvMyRhUUyMCxVQFGcAYrYoor4WTu7njs/lc/4KO/C3/hWX7VP iWa1h8rTvFyx67bYHBa7yLj2z9pSU/Qiv0B8Gfs6/a/+CUmp6QbXGsataT+MVwPmMkEgniK+ pksoVT/gWB2r9oqK+yxHGVWdChRUbOm4u99+Xbp/mepPNJOEI2+G3zsfyW/sI/Cz/hbf7UXg vRLmHztO0i4/ti9yMr5On/vlDDuryiOM/wC9X9Bn7cn7ON9+0t8D7nwt4dMa+JdGuF1PSvMI RZZ4kZGgZyQFEqOygk7Q+0twCR9jUVzZvxXVxOKp4qEeVw2V7/otyMTmMqlSNRK1j+Wj4Fft VfH/APYXv9b+HGr+Gs2dzOZ5tI1mKa3aG5AEZmgdcHDqoBOGRwAV9Sy10D9oz/gpB8cU8S3d gUswYbWe8iiaPTNH09XJ2Izt87Dc7BNxkkYk8DJX+ofU9F0bW41h1mwt7+NDlVuIklAPsHBq /FFFBEsMCLHGgAVVACgDoAB0FepLjampSr0sOlVatzX/AEt/XmdDzaN3OMLSfU/Kz/gpP4P0 f4f/ALEWg+BPDysumeHdQ0ewtg53P5NtBJEhc8ZYhQWPc81n/wDBH0f8WA8XH/qZ5v8A0itK /WeivBefN4CWCcbty5ua/wClv1OP65+5dJrre5+PH/BYsH/hVXgE/wDUan/9Jmr0b/gn/wCC NM+JX7As3w91p2isfEh1zT5XTG9EuXeMuueNy5yPcV+oNFN5+/qEMFGNnGXNzX9elvPuH1x+ xVJLZ3ufyieGta+Pf/BO349XNxeaSsV6kctpJFdIxsNW093BDxSKRlSyK6sp3Iw2sPvobv7V Hx9+Of7WGhaf8VPFHhv+xPAXhy4GnWn2cP8AZPtt4pd/3smDNKyw87RiNQAQC2W/qg1HS9N1 e2Nlq1pDe27EExzxrIhI6ZVgRVmCCC1hS2tY1hijAVEQBVUDoABwBX0C44p+0jiJ4ZOqtOa/ T7tPxsdqzePMpun73c/N/wD4JUD/AIxQt/8AsNaj/OOv0loor4zMsZ9YxE69rczbseXXq883 PufzIf8ABVQH/hrG899H07/0F6/oenB/4UrIO/8Awjx/9JK9Ror08xz36xQoUOS3s+t99vLT bzN6+M54Qhb4T+ZX/glOP+Mr4P8AsCaj/wC06q/tJ/Bz4s/sVftMN8YvA1hL/wAI8mqNquja j5TTWiidiz2Vyy42kBniKsys8fzKeeP6dKjliinieCdFkjkBVlYAqwPUEHgg17M+NpPFyxHs vdlHlcW73WvW3n2Op5s/aOfLo1Zo/m2+LX/BSL9of4+DQPBnwl0i58HailwsrLoU891fX04Q qI12IreVyWMW1skAknbX66fDr4L/ABd+In7I2p/C/wDaX8QS6n4s8YWdyJnkWHdpvmgfZYi0 CIJGhZFkctuO8su4qAa+wdM8O+H9Fd5NG0y1sGl5c28KRFvqUAzWxXl5jn1KcIU8JRVNRd77 u/qc9fGRaUacOW33n8rnwo+Jnx1/4J1fGHWLLxL4XLC+j+y31hd74re+iicmKe1uVUg7STsk UOuGYFc9PXLb9q79tf8Aaz+OFqPgXcX3hlHSK2Sw06R5NNsoQzM1xeySIYieTukZASAqKpOA f6ONR0rTNYtzaatZw3sBOfLnjWRM+u1gRTtP0zTtJtxaaXaxWcC9I4Y1jQfRVAFerW4woVG6 08LF1WrXbuvut/Xc6ZZpB+86a5u//APiL9tH9mrxR8eP2Z7fwVp9++t+NfC32XULS4kEUDal d20LQzhwoSNDcI7sANqiTaOFzX4n/s4/tnfGT9jOPXvhnc+HY7+zku2ml0vVFltp7K9CiOQq QAy7gqh0YEZUFdpLFv6mqzLzRNG1G6gvtQsLe5ubU5hlliR3jP8AsMwJX8K8/KuJY0cPLC4m kqkG72vazMMNj1GDp1I3R/H/APtG618YvG/j/wD4Wp8adNl0vVfG9umo2kckZgX7CrNbw+TE 5LpEBEQm7lgN+W3bj/Wl8JRj4VeDAf8AoC6d/wCk0deg0Vnn3EaxtKnSVPlUL7PS3TS2lhYz He1jGPLax88ftY/DrxD8WP2dPHfgDwmN+sapp5+yx7gvmywSJOIgTwDJ5eznA+bkgc1/Ol+y d+1Frv7FXjfxUuu+B/7XudUhis7u0upG06+tJbZ2YKHeGVkBLHzIynzEIcjbz/VpWXc6Hot5 exand6fbz3kH+rmeJGkT/dcjI/A0ZNxDDD4epha9LnhLW17fj8kGFxqhCVOcbp/I/ki/ar8Z /GD4tePbf41fFbw7N4dg8X24OjQvG0cX2C1wiiIuA7qC24uQN5YsPlIA/qd+BninTvG3wZ8D +LNJfzLbU9GsZl9VYwKHU+6sCp9wa9UoozviKOMo06MaXJybWd1bta3prcMXjlVhGKjawV/L V+y4D/w8N0MY5HijVf5XNf1K0Vz5Nnn1SnWp8l/aK29rb+Tvv5GeFxfsoyVr3Vj88P8AgqN/ yaJrn/YR0z/0oFfOn/BJDRrDxF8DvidoGqx+bY6nqYtZ0zjdFNZhHGe2VY1+zVFFHPXDL5YF R3le9/Tpby7jjjLUXRt1vc/lfuNG+OP/AATk/aL/AOEjj0prmztZJ7e1uZ43+waxpsx+75qY AcqFYqDujkUZBAw3qHjz9u79q79p74haBonwKsb/AMK3FsGSHTdDnkuHuJJmUNLdyFERkTAw XRUjBYk8k1/SPd2dpf272l/AlzBJw0cih0b6q2Qaq6XomjaJEYNFsLewjbkrbxJEpPuEAFe7 LjGjUarV8MpVUrXvp91v67o63mkZWlOmnLv/AMA8o8E/D/xXqPwItfhx8btX/wCEn1zVdJms tbu9kaCV7xGWZFESIhWNX8tW2gsFDN8xNfyO6l8M/Eum/Fa4+D0kW7XoNZbQ9mCA10Lj7MMD 0Z+nsa/tMorz8g4rngZVXyX59bbJPXy89tDHB5i6Lk7XufiF/wAFWvgrp3hr4QfCvxL4eg22 ngzHhskDn7K9uptt2OgQ27Ae7+4rjv8Agj58LPt/ivxp8ZL6HMWk28ej2TEZBmuiJrgr6Mka Rj6SGv3uopR4rqLLngHHf7V+jd2rW/UFmMvYOjb5hXK+OPBugfETwdrXgTxTB9p0nXrSazuU HBMcylSVPOGGcq3YgEciuqor5aE3FqUXqjzk7ao/lQ+Lf7PP7Rn7D/xPTxj4ba9isdMnaTS/ Emnxlrd4myAs+AyxuyZWSGUbW+YDenJ9K1//AIKr/tT694ak8OWo0TSbmeMxHUbKylF6N3G5 PMnkiVvQiLjqMGv6ZGVWUqwyDwQehFc9beEPCdldjULPRLGC6B3CWO2iWTPruCg5r7z/AFzo 1YxeMwynNddv0f8Al5Hsf2pGSXtaabXU/nT/AGLf2GfiR8a/iDYfFT4xabdaf4MtboahO+pK 63OtTb/MCKsvztFI/MsrcMpIUliSvT/8Fa/jGfFXxf0b4P6bNmw8E2onulB4N/qCrJgjofLg Ee09i7iv6J6K5lxlOWNji61O6imoxTslfrs7/wBdjP8AtRuqqso3tsj8x/2YP2AvgNH8BvB1 58V/BNtrPivU7JL++nuHnWRWuyZkhKpIoBijZYyMdVJrM/az/YF+BqfADxbrHwh8GW+i+KdE tjqVtLbvM7yJaHzJ4dryMG3whwoxndt+lfqXRXkLiTGLEe39o972u7b3tbsc316rz8/M9+5/ O3/wSU+MzeFfi5rPwc1ObFh41tjcWak8LqFgrPgdh5kHmbj3MaCvLv8Agod8MPH3wi/ao1b4 pW9nNDpHiC8ttW0rUlj3Qi5jSMyRlsFRJHMhOw8ldrYwa/p1qteWVnqNs9nqEEdzbyDDxyqH Rh7q2Qa9mHGKjj5YyNKykrSV9/O9vJdDqWaWrOqo7qzR/OR8Vv21f2iv2wfhLrnw78MeC4NM 0bSrB9U8S31m0jq1rp6m4fc8uEgjZkDCPLO5AVWIJB9V/wCCNn/I2/E4/wDTjpn/AKNnr93N O0vTNHthZaRaQ2VupyI4I1iQE99qgCr9ZYrimk8JUwdCgoRl5+aeumu3yJqZjF05UoQsn5n8 nvxrl8b/ALNX7a/iDxpc6XtvtJ8U3Ou6el0jrBd2s109xCwI2lkdG2kqeGyM5Br9AP2g/j74 g/aT/wCCcGofEvxNp1tpl+/iSC0eG0EghCQTjYQZGZidrDcc4JzgDpX7X6nomja3GkOs2Fvf xxncq3ESShW9QHBwavQww20SW9vGsUUYCqiAKqgdAAOAK1xHF1Or7CcqPv02tb7pdNtL/OxU 8zUuRuGsbdT8hf8AgjsP+LP+Oj/1HY//AEljr4Z/4Kuf8nWP/wBgPT/5y1/TLRXNheKvZ5jP H+zvzdL+nW3l2Ip5jy13W5d+hx/w9GPAPhoH/oGWf/olK7Ciivk5yu2zzW7u4UUUVIgooooA KKKKACvAP2Tv+TWfg3/2Jnh7/wBN0Fe/14B+yd/yaz8G/wDsTPD3/pugoA9/ooooAKKKKACi viD9q39stf2Ydf0LQ28If8JJ/bVrJc+Z9v8AsfleW+zbt+zzbs9c5H0r6N+C3xKHxg+GGgfE gad/ZP8AbkHnfZfO8/yvmK48zZHu6ddorqqYKrGmq0l7r2EpK9j1KiiiuUZ5r8S/hrpPxE0c 21yBDfwAm2uAPmRvQ+qnuK8I+DP7MZ8JeJpvHvxEuIdX1qJilhFGCbezi7FQwGXPc4rxT4+/ 8FEV+Bvxa134WnwAdaOiG2H2v+1fs3m/aLeO4/1X2WTbt8zb985xnjOBe/Z5/wCCga/Hr4n2 Pw3HgM6H9timk+1HVPtO3yl3Y8v7LHnP+8K9N5PifZ+15fdtfdbfeR7RXsfo3JFHNG0Mqh0c EMpGQQeoIr4q+Jv7K+peJtcji8G6pHo+iX0mb0HPnRRk/OkGOPm98Y7V9sUV5hZyHgbwN4b+ HXhq08K+FrRbSxs1CgAcs3dmPdj3Jrkvir8K9O+ImmGSLbb6vbKfInx1/wBh8dVP6dq8X/az /ayH7LkfhaQ+Fv8AhJh4lN6P+P77H5P2Pyf+mE2/d53+zjHfPHxt/wAPak/6JWf/AAd//cNe nh8nxNWCqU43T81/mQ6iWjPt74Ffs3R/D7VLjxx44ni1fxVOSkToCYbOHskIbue7YzX1fXhv 7OvxoHx++Fth8Sxo/wDYQvpriL7L9o+1bfIkMefM8uLOcZxtGPevcq4KtKUJOEt0WmFFFflT 8TP+Cm6/Dn4ieJvAJ+G51A+HdRutP+0/2x5XnfZpWj37Psbbd23O3ccdMnrW+EwNWu2qSvb0 /UmUktz9VqK+B/2X/wBuJP2kfHF34LHgs+HTa2jXXnnUfte7aQNuz7PFjr13fhX3xUYnC1KM +SorMaknqgooornGFFFFAH//0/38ooooAKKKKACiiigAooooAKKKKACiiigAooooAKK/Gz/g qB+0L8aPgt4y8Dab8LfFV14dttSsLua5S3WMiV0lVVJ3ox4BxX1TpPjj4ueI/wBgC08e+Gru +1T4h33hZLq3ntYfPvZr1h96OJEbc57AKfpXvSyCosPRxDkrVHZeXqdjwUlCM76SPuqivyu/ 4J4eLf2tvEviXxlH+0nD4iisYLS0On/25p0lihlaR/M8oyQxbjtAyBnAxX6o1w5pl7wtZ0XJ St1WxjiKPs5uDdwooorzzEKKKKACiuM+I3jjS/hn4B8Q/EPW4ZrjT/DdhcahPHbhWmeO2jMj KgYqpYgYGSBnqa/Pn9jH9tnxr+1Z8avF+k3mlW2g+FdI0pbixso/31x5huETzJ5yBuYqT8qq qj0JG4+jhsqrVaNTEQXuw3ZvTw85Rc1sj9OaKK4z4jeONL+GfgHxD8Q9bhmuNP8ADdhcahPH bhWmeO2jMjKgYqpYgYGSBnqa4IQcpKMd2YpNuyOzor8xv2Mf22fGv7Vnxq8X6TeaVbaD4V0j SluLGyj/AH1x5huETzJ5yBuYqT8qqqj0JG4/pzXbmOXVcLV9jWVpaP7zWvQlTlyy3CiiiuAx CiiigAor8t/+Cmv7UXi74G+FfCvg34Yay+jeKPEFzJdzXEIRpIbC2G3bhwwHnSuMHHSNhXzB /wAE8f21/it4z+On/CtfjP4pn16y8T2kkenNciNfJvrceaoBRV4ljEi4PVtgFfTYfhXEVME8 dFrlV3brZbs74ZdOVL2y2P3noor8mf8AgoV+3b4s+A+t2vwh+EBht/E1xapd3+pTRrN9ijlJ EUcMbgoZWC7mZ1ZVUrhSWyvlZXldXGVlQorV/cvNnPh8PKrLkgfrNRX8y2mXn/BUXxJoqfEf SrrxvcadNH9ojZJZEEsbDcHjs8qXVhyu2IgjG3IIr6G/Yn/4KM/EzVPiVo3we+PV0ut2fiC4 WwstTaFYr23vZnCQxzeWFWSN3OzJTerMCWKggfRYrgqvClKpSqRny7pPVHdUyqai5Rknbsfv HRRRXxh5QUUUUAFFFFABRRXy1+1v+07pf7K3w0g8c3ujTa9d6leLp9lbRyLDGbh4pJQ00hyV jCxnO1WJOBgZJHRhcLUrVI0qSvJ7F06bnJRjuz6lor44/Ya+OnjX9on4L3PxI8eC2j1CbWL2 3jitI/KhhgiEZSNQSzHbuPzMxJ7mvy2+NP7V/wC0R4d/bf1D4b6J43vbTwzD4osLJLFFi8oW 8kkIePlC2CGOec817WC4ar1sRVwyaUoJt/I66WAnKcoX1R/QhRRRXzpwhRRRQAUUUUAFFFcZ 8RvHGl/DPwD4h+IetwzXGn+G7C41CeO3CtM8dtGZGVAxVSxAwMkDPU1UIOUlGO7Gk27I7Oiv zG/Yx/bZ8a/tWfGrxfpN5pVtoPhXSNKW4sbKP99ceYbhE8yecgbmKk/Kqqo9CRuOJ/wUO8Xf tc+G/FXg6H9m2DxFLp81lctfnQ9NkvkEwkUJ5rRwy7TtzgEjjNe5Hh6ssWsHVajK19XotLnY sDP2nspOzP1UorxX9nK+8dal8C/BF/8AE1btPFVxpkD6kL6IwXQuSPn82NlUo3qCox6V7VXj V6XJOUL3s7HJONm0FFFFZEhRRRQAUV+Sf7WX/BRHxD8M/i+fgJ8L9ESHVbK9srfUdWvgJFUX Iil22sAOCdkgBkkPByBGeGr7/wD2kL/x5pfwJ8bah8L1u38VwabK2mixhNxdG4GNvlRBXLN1 wApPtXrVclr01RdXRVNvTTV/edMsLOPLzac2x7bRX5Xf8E8PFv7W3iXxL4yj/aTh8RRWMFpa HT/7c06SxQytI/meUZIYtx2gZAzgYr9UaxzTL3hazouSlbqtiMRR9nNwbuFFFFeeYhRRRQAU UUUAFFFFABRRRQAUUUUAFFFfLX7W/wC07pf7K3w0g8c3ujTa9d6leLp9lbRyLDGbh4pJQ00h yVjCxnO1WJOBgZJHRhcLUrVI0qSvJ7F06bnJRjuz6lor44/Ya+OnjX9on4L3PxI8eC2j1CbW L23jitI/KhhgiEZSNQSzHbuPzMxJ7mvy2+NP7V/7RHh39t/UPhvonje9tPDMPiiwsksUWLyh bySQh4+ULYIY55zzXtYLhqvWxFXDJpSgm38jrpYCcpyhfVH9CFFFFfOnCFFFFABRRRQAUV8a /t8/EPxp8LP2YvEnjP4f6rLout2lxp6RXUIUuiy3caOBvDD5lJHSvA/+CYHxr+Kfxp8GeOdR +KXiK48RXOmX9pFbPcBAY0eJmZRsVepGea9inktSWCljk1yxdrden+Z1RwknSda+iP1Gor8D /wBpr/gov8ZfGfxTuPhB+y3us7S3vf7PgvLW2W61HVLlW2MIVkV1SIvkJtTewG4sAdo8z8X/ ABB/4Kh/s26Zb/EP4iX+qw6I80Zke9ex1S1BcgCOdYmmaBXOFGTHycKQ1ezQ4KxEoxdSpGMp bRb1fyOqGVTaV5JN7J7n9HlFfHn7GH7V2n/tV/Di51y5sk0rxPoMqW2rWcW4wq0oLRTQliT5 coVsKxLKyspJADN9h18vjMJUoVZUaqtJbnn1aUoScZboKKKK5jMKKKKACvAP2Tv+TWfg3/2J nh7/ANN0Fe/14B+yd/yaz8G/+xM8Pf8ApugoA9/ooooAKKKKAPw//wCCrv8AyP8A4E/7Blz/ AOjhX6OfsWf8mweAP+vH/wBqNWT+0j+x/wCD/wBpXWtH1vxNrd9pUmjW8lvGtoIirrI+8lvM VjnPpXu3wn+HOnfCT4e6L8O9Iupb200SHyY5pwokcbi2W2gDPPYV7mKx1OeDp0Yv3lv+JnGL 5mz0SiiivDND+aj9vcM37XXjhUxuL6YBnpn+z7brmvrr/gnxoes6V8U72fxlPpEry6fiwEH2 Mzh8gtt8lQ4+Xrz9a+pvjP8A8E//AId/Gv4l6x8Tdd8RanY3us+R5kNuIfKXyII4Bt3KTysY Jyepq58EP2C/h98DPiDZ/EPQPEGpX95ZxyxrFciHyyJRtOdig8V9hWzehLCKjza8qW3Wxgqb 5rn3XRRRXx5uefePvhf8PviTBbf8J5oFrrn9miU232lN/lGULv2+m7YufoK/mf8A2YPD+j+J f2hvA/h3xFZx32nXupxxT28o3JIhzlWHpX9T7LvUqe4xXwB8Ov8Agnl8Mfht8RNH+JGla/qd xfaNdi7jil8ryncZ4bCg457V9BlGZxo0qkJt6rT8TKpC7R9u+E/B/hjwLosXhzwfpsOk6ZCz ulvAu2NWkO5iB7k5NdJRRXgSk27s1Cv5V/2kEmk/aT+I0duN0reJtSCAgEFjdPjrx1r+qivz p8a/8E4fhv43+Ies/Ea+8U6tb3mtalNqUkMaweWkk8plKrlCdoJwMnOK93IcfTw85SqPdGVW DexS/Ym+Gnx98HeMfEGo/GfRLLT7WSxRLOSCysLZ/NMg3DdaxRsRt7E4r9I6KK8rF4p1pupJ JehpFW0CiiiuYYUUUUAf/9T9/KKKKACiiigAooooAKKKKACiiigAr5y/aq/aC0r9mj4Oap8S LyFLzUN6WWl2jkhbm/nDGNGIwdiqrSPgg7EIByRX0bX5Bf8ABYiLUj8HfA08R/4l6a86zD/p s1rIYv8Ax0SV7HD+DhiMbSo1Nm9fz/E6sFSU6sYy2PhfwR4n/wCCiH7Zepaz4k8AeJ9XSwsJ v3xsdS/sXT4JSNyQRBJIgzKuDj5mAwztkgn0T9lj9t34/wDwl+OVr8Fv2g9Tvdc0u51L+x72 PVH8++027eQRCVbj5pJEV8b1LspTLJzjP3j/AMEodQ0e6/ZZNnp7J9rs9cv1vFUjcJXEboWH XmMoAfb2r3vXP2pP2S/h/wDFfWfA+v8AiHTdD8bQSwx3zPZSo8kksSMga7SExu2xlBBkyPun GMV9pmObRdavgVhFKMdFyqzVut0n+R6tfErmnR9ndLtv6n5d/wDBY/8A5KB8OP8AsF3v/o9K +1NC8Sa94P8A+CYNj4n8L38umatp3g2OW2uoG2SxSADDIw5BHrXxX/wWP/5KB8OP+wXe/wDo 9K+uZ/8AlFIP+xJT+QpVYp5ZgE/5/wBWEl/s9H1PHf8Aglf8bfi58V/F/j6z+JXi3UfEsGn2 NlJbpfXDTLE7yyBioY8EgAGvK/2vv26PjR49+M8/wE/Zqvp9OtLK/GlpcaZxf6nqAbynVJes cSyZVdhG7BdmKkBX/wDBG7/kePiV/wBg6w/9HS1+dHwf074t6p+0bp2m/DbVIdI+INxqV4lr dzukaJeFZfMG6RXUFxuVcqcsQBzzXtU8qw7zPE1ZRj7kYtJ/Ddrd/cdSw8PrFSTS0S9Nj628 Z+JP+Cif7F93ofjL4geJtTu9L1CfCrf6kdasJZsF3tpw8jlGZQT8pUnBKPlSR+qXiX9pef4s fsE+Jvjv4Bu30HXE0iYSi2kIlsNRgZUmRH6jBO5DwSjKe9fnz8a/2ef+Cg/jPwhFoHx1+IOh P4enu4jGmp6pZ2kL3aqxjCuYY8vt3YUNkjPHFex+Cfgj8QvgL/wTu+NXhHx7NYXAvzc6jZya ddLdxGOWG2ib51AA+aLOB65rzcxhha1OjUnKDqqaXubNXMK6pzUJNrmutuqPiH4H/tPftz/E +41T4P8Awv8AEepeJPEHiXyZRdXE6vcWNtaCTzjFNcMI7dJPMXfIcNlUVDuIBzvGHxa/bp/Z B+J1vpfj/wAZaydT2perb6jqMmrafewMSucSSSIysVZWxtdSOqkA19Of8Eb7SF/H/wAR79lB mh0yyiVu4WSd2YfiUX8qP+CyESDx98N5wPnfTL5SfZZkI/ma9j61R/tZ5eqMeRrXTVvlv91t Dp9pH6z7HkVn5eR9E/tueJPjX8a/2TPBnxR+DS3Vl4e1XSLjVPFMFvdxW6Jp81ojyRSrJIjT Ip8xdqBicdORX49fsveGf2nvE/ijV7b9l2a+h1uGzD3xsb+Cwc2vmKBueeWJWG/HAJPfFfuZ 4e/5RYy/9k/vf/SaSvhX/gjsR/wuHx0P+oCn/pVHXnZVjvq+X4pQhFqnJpXW+vXuY4atyUKl kvdf9XP3/wBFS+i0awj1Mk3iW8QnJIYmUIN+SOD82ea/Of8A4KcaJ8dNW+Dltc/CSS6TQbCL UZvFAt7uK2RtNEAyJUkkRpUwH+RAxPp0r9K6+ef2tv8Ak1/4rf8AYs6r/wCkz1+dZLiXTxlO oknr1210/wCGPDwtTlqxlbqfzI/sveGf2nvE/ijV7b9l2a+h1uGzD3xsb+Cwc2vmKBueeWJW G/HAJPfFfuB+3R+2f4g/Zk8GeHvA3hARS/EXxBZLNJPcBZksIFHltcFDlZJHlDCMHKZVmYEA K3xD/wAEdiP+Fw+Oh/1AU/8ASqOvJv8AgqvBqMP7V9xJe7vJn0XTnts9PKAkU7fbzFf8c1+o 46jTxmcxw1aK5YK/m9Fo+6R9DWjGrilTmtEr+ovhHQ/+Cmfxi8NP8aPCeueLL7S28yaCSPWT Zi4VM7za2XnxeYnGAI4trH5V3EYr6k/YT/4KD+Pdb+IGn/Ar9oG7F/JqsptNO1W4TyryO+LY jtbrAAcSNlEYqHEhCsWDZT9dfghe+HdQ+DXga78JNG2jPomn/ZPJxsES26BVAHA24wR2IIPN fzOfFmay1v8A4KA6k/w2eMm68c2y2bw4MZvDeRqzrt4INxuOR1657152BxNLNPrGGrUYxUU2 mlZq3f8ApddDno1I4jnpyglbbyP6tKKK+U/21vjL/wAKN/Zw8WeLbSfyNXvof7L0wg4f7ZfA xq6f7USb5v8AgFfmWEw0q1WNKG8ml954FKm5yUV1PwJ/aW8Vat+19+2pcaD4Xm8+1vtUt/De kOPnRLWCTyjMP+mbOZLg+isazf2sfhdefsg/tVA+AQ9jY2Utjr+guxLbUDBtpPcJcRyJjPKg eteCfBHxx8SPhV46sfid8MtO+2axo/mpDI9m15FE08TRMSoBAbY5weozXof7RPxx+PH7Q0mk 638XdKCt4djmjhuIdNa0xHcMhKyPjBAZRtz0JOOtfv8ATwlWlWp0advYxjytX1v6fL8WfaRp SjOMV8KVj+rH4YeP9H+Knw78OfEbQDmx8RWMF5GucmMyqC0bH+9G2Ub3Br8Hv+Cr/wAC/F+k fFqH452FjJd+GdftLa2urmMM62t5ar5QWbAwiyRhNhJwzBh1HP0t/wAEi/jR/wAJB8PPEPwQ 1Wfdd+Fp/wC0dPVjybG8b96ij0inyx95hXVfHP8A4KX+H/hZ8Xdb+CPir4aSX1npt6ljf3Vx foI3tJgrGYW32aTerQuHCFhuBwSK/NsrweLwOa1IYanz8t9LpXi7W3+XzPBw9KpRxElTV7fk fJXwd/4K5fEHwppdh4f+K3hO28Uw2kaQ/brKY2V2yIMB5IyskUj4/uiIH+f0X8CdN/4JyftP fFCbxj4e0i80v4i3t++snT9RvLqyma7En2h5bdYJ/Ikw4L7I2JABJQDNfTXjn/gn7+yF8YbF PEGneGotFbU4lnhv/D0/2SN45V3JJHEu+1IYEEHyjke1fzzfG3wTJ+zB+0drHhTwH4iOpT+C tQt5rHUY8LIkqpHcKr7CV8yFm8uQDjcp4HQe3l1LAY91I4Hmo1La2bS+dna1/Q66EaNa6o3j I/sFryD49fEjV/hJ8I/Enj/w9odx4k1bTLfNnYW0Ms7zXEjCOPcsQL+WrNukIxhAeRXqOl3U t9plpezxGGW4hjkaM9UZ1BKn6E4rwX9qT9oDTP2afg/qXxNvrE6pcxyRWljaBtgnu587Fd8H aihWdiBnCkDkivzHA0ZTrwpqPM21p38rngUYNzStc/CzwOf+Cjv7W+ra3rfhvxVrllBpkwju cak+hWUMzDcsKQRNECwXGcIxGQXOSCdD4BftX/tR/An9o/S/hF8YvEOoa3ZvrMGj6vp+r3J1 B4ftEqxebDcOzuCm8Ou1yjr2III7X4beP/8Ago5+2+NU1PwH4vj8MeHLO4+zTXFtIuk2kEzK HMSSQI945VGBPzPtBGSMjPxJrfgTxJ8N/wBrSx8B+MNbXxFreleI9MivNQWSSUTzNLC7HfL8 7FS20luciv2ilQp1XVw1eNPSPwxV3H1dl+SPqowUuanNR22XQ/aD/gqd8WfiX8KPAvgW++G3 iW+8N3GoaldR3EljM0LSokIKqxXkgE5xXvP/AAT38ceL/iL+y54d8VeOtXudd1i5utRSS7u5 DLM6x3UiICx5IVQAPavkT/gscp/4V18OmxwNVuxn6wLX0X/wS/njm/ZA8ORowLQX2powHYm6 dsH8GBr4XFUIf2DSqKK5ufe2v2up49SC+pxlbW/+Z+b3xi/aR+PWj/t233gLSvHmr2nhyPxb YWa2Ed0624t3mhVoggONpBII75ra/wCCr+ifHSLx6mv61JdH4VTy2UOmI13E1sNSFq5lK2wk MivgSZdkAPIB5Gfmr4xaja6p/wAFEtSu7KRZYh47s4tykEbobuKNhkejKRX6df8ABYP/AJIJ 4Q/7GaL/ANIrqvqY8tDGYFQgvejZ6eS19T0FaFWjZbo+Rv8Agmz4W/asuvFnhTxJ4Wnv1+Dc GqXY1NE1CCO0MwtyH3WjSiVjvMfKxnnB7Ej5f/bB1+78K/tueOPFGnokt1o/iCC8iSUExtJb iKRQwUglSVGcEHHcV+yv/BKEg/sq/TXtQ/8AQYa/I79o+0gv/wDgoXrdjdIJIbjxdp8bqRkM ryQAgj3BrXLMb7TNsTzRSUYtadbPr5l0KvNial1sv1PV/jCv/BS+z8GH9ovxxr2t6FoTGO7N vp+p/YxZQ3JAiL2NvICifOFIdS6/8tMHJr9Bf+Cbn7WfjD45eC/FHhn4sXy3mseClt5hqUgW N7ixnEnM5GFLxGM7nwNysucsGY/Uf7asayfso/FFXGQNEuD+K4I/UV+Kf/BOX+0j4O/aKXRz i/Pgq5+z/wDXbyrjy/8Ax7FeLCrTzDK6s504xcZJKytZXX+ZyKUa+Hk3FJp6W+RsfFf9sz9p v9qz41f8Kv8A2ab+90XR5ria30uDS5TZ3V1DHkm7urklWjBRS+NyKi8HLfMcTVPjV+3h+wz4 80a1+LOsXmvabfI0kdpqt82qWV9AhAlWK4ZnkjkjJHQqykqSrIcN8x/sg6J8ePEPxZk0z9nP W4NB8XPp1wwmnkji8y2V4zLGhljkBY/K2AM7VJzgGvsX45/sxftz/EVND0f4+ePfD1yI5Jn0 yHUtXtLRmkIQS+SPKjLkDZuAzjI9a+kr4fCYerHCSVNU7ap/G99f68zvnClCSpvl5bfM/WP4 3fGUeI/2LPEnxt+FuqTWDX/h/wDtCwuoW2T27vtBXcPuyRtuRsdGBFfh/wDA/wDae/bn+J9x qnwf+F/iPUvEniDxL5MouridXuLG2tBJ5ximuGEduknmLvkOGyqKh3EA/pjc/DTxp8Hv+CYP in4c+PGtZNS0jStS2tZzi4haG4vHuIyJAADxJj2r5Z/4I32kL+P/AIj37KDNDpllErdwsk7s w/Eov5V85lcMPh8Di6sYKahP3bq/a3+Zw4dQhRqSSTs9D5j8YfFr9un9kH4nW+l+P/GWsnU9 qXq2+o6jJq2n3sDErnEkkiMrFWVsbXUjqpANfpL+254k+Nfxr/ZM8GfFH4NLdWXh7VdIuNU8 UwW93FbomnzWiPJFKskiNMinzF2oGJx05FfO3/BZCJB4++G84Hzvpl8pPssyEfzNfaHh7/lF jL/2T+9/9JpK3xeJhKjgswVOKm5WemnVf8FdiqlRONKtyq7Z+Gf7L3hn9p7xP4o1e2/Zdmvo dbhsw98bG/gsHNr5igbnnliVhvxwCT3xX6d/8FNPjX8a/hHrnw00vwT4v1Lw5JeaPM98llcG IS3CPGpZyhwxHPP5V5N/wR2I/wCFw+Oh/wBQFP8A0qjrZ/4LH/8AJQPhx/2C73/0eleli6yr Z5Tw84JqKfTV3j1726HRVmpYtQaVl/kfpX8MvjpH4C/Yh8OfHb4n38+qS2Ph6C9u5pX3T3dz JhIk3nPzzSsqAnjLAnivxp0r42/t5/tt+PdUsPhdreoabb26CWWz0e8Ok2FjbsSEEkwdGcsQ cb3Z3wcDaMD68+OUWpSf8ElvBz2BxBFZaE117w/aFUf+RTHU3/BG7UNHPg74k6XGyDVUv7Ca RcjebdopFjOOpAcP9CfevEwlKlhcJisfGmpTU2ldXSV10+f5HJTjGnTqVlFN3sfJHgj9rr9r P9kT4z/8IH8dNU1HxDY2M8Sappmq3P8AaEht5VDLNa3TNI4Oxg6bX2MflcZzt+9f+CiP7Vfx i+HGmaD4V+BVrfWdrrdkuo3niKCykkjWCYlYoIJnjMaOwBd2HzqCm0qSa+wPih+0f+y58IPi bb+H/ihrVhovjCeyiuI55rGWWQWzvIsYa6ihcJ8ysQrOMA5xg5Pw9+3L/wAFE9f+FWtWHw5+ A5tn1C7sLbUbjWpoxcIkN7H5tultE/yFmjZZC7hlwwAXOSMcPOWNxdCrHBq9ru+kZee3T57o iDdWpCSpf5Pz2PiXxR8Mv+Ck3gv4aS/HLxF4w8TWmk21vHeTqfEk5u4bZ8ESSW4nJCjcNyfe UZ3KADj7o/YH/ai+Mf7QXwr+JXgPxRfNq3jDw1pxk0jUR5cNzMbuKZI0kb5E3xSom2Q4zu+Y 8ZPyl8V/gP8At+eMPgx4h+LHx9+ITaf4e0/Tn1CbRri/dHnXaGSNrO0RbVWbIG1yCpOCucgd b/wRvX/ivviQ3ppliPzmevYzWNOtltWrLklKDVnBaLVaX6nViFGVCUnZtdj8y/ivo3xm0r4z ajovxYkuX+Isd1bLdNcXUdxcfaHjjMGbiN3QnYY8EPgDAyMV+43gwftdfCj9i74x678edV1O y8ZWaTXGk3U+ow3lzDAIYgGjlt5ZQnz7sAkHOTjvX5mftqnH7fnikntrGj/+ktpX76/tsf8A JqHxQ/7As/8AMVPEOYOcMFBwjafK3pt8Oi7LUWOrXVJNLW36HwB/wSv+Nvxc+K/i/wAfWfxK 8W6j4lg0+xspLdL64aZYneWQMVDHgkAA1x37df8AwUE+I2mfEfUfgZ8AL1tKXR5vsWo6nbxi S9uL7O2S2tiQ3lrGx2FlHmGQEKQo+bn/APgjd/yPHxK/7B1h/wCjpa+NvgtLp2i/t7aK/wAQ GSNbXxrOly1xgKt2LqRY2fd0xPtOT0PNaf2Xh3mmJqyppqnFNRtpe3b5fiV9Xh9YqSa+FbfI 9S8T6L/wU0+CXhQfGDxPrniuy0jEcs8k+sf2gbdXxsa5tGmmMa8gHzIwFPyttJxX6rfsDftp 3H7Tmh6l4S8dx29p468PRrNL9nXZHf2ZKp9pVOdjo5CyqPlBZSuA21fsH45Xvh3Tvgx46vPF zRro0eiah9r83Gxomt3BXngls4A7kgDmv58f+CUEGrTftVGTTji3g0HUHvPeAvCqj/v80Zry PbU8zy6vWq0oxlT1TirfL+u6OXmjiKE5Sik12NX9pr9rr9oH4W/te+LLfw/4y1FtD8Oa5FJF pD3MgsZIYRG5t3jUj90+CrAYyCaqfFyD/gpXpngwftF+PfEPiDRdElMVwY7LVPsgs4rggRM9 hayKIkO8KQybhnEgBrzb9oq0h1D/AIKF63YXKh4bnxhYROp5BV5YFIP1Br9/v21okm/ZQ+KK SDIGiXDfiuGH6ivUxeNp4T6nGFGLc1G7a1tpt9501asafskorW1/wPl7/gmh+1T47+PfhfxJ 4L+J13/amueEvsskGoMoWW5tLneoE23AaSNo8b8AsGGcsCx/UOvwH/4I3/8AI/fEj/sGWP8A 6Oev34r4jjDCU6OYVIUlZaO3qkeTmlOMa0lFH4Z/8FRPjz8ZvhX8ZvC+h/DjxlqfhzT7rQI7 mWCxuGhR5jd3CF2C9TtVRn0FfP8Armv/APBRr47/AAtuPj7Y6zquleCtFtGkjXTNROmmW3sV 2zTrDFKs1wVKMzySbiTu2cDaOm/4LB/8l78If9izF/6W3VfrP8PLO3t/2DPD9tEgWN/hxbsw A4Jk0gMx/Ekk19asXTwmX4SrGlFyk7Xa6dfmekqqpUKclFNs/Ej4SftvftoeLtAi/Z/8B6rN 4k8TeIblItP1KfbNqsMW1jLGLiY7cEDcZpiWjUMdwGCmD49+JX7dX7IfxOsLX4geN9ZGqzRR 38cN5qkmq6fdwMxUhkkkkjYbkZGGFdf4SMqx7r/gk3aQXP7U080qhmtfD1/JGSPusZbePI/4 C5H4169/wWPRR8Q/hzIB8zaVeAn2E64/ma9ydShDNFgI0Y8sld6at2f4aHW5QWI9ioKzWp+r HiD9qDw34W/ZWtP2mtatvLgvdFtNQisQ3L3t5GvlWqtjP+ubYWxwoLYwK/Ebwn8RP+CgP7bn izW9S+G/iXUdOs9NZJZotN1B9G02z358mFWR1Z2O0kbi78bmPevoj9pgaif+CV/wj+xHEIl0 b7V/1x+z3OP/ACJsr5j/AGL/AAZ+2p4p8Da7N+zD4stdE0aDUdt9byTwRym5aFCJCskMjbWT AByBlW44NeNk2XUcPha2IjyqXO4pz2ST/r8DlwtCEKc5q17212Pbv2b/ANtj9oD4H/HSL4E/ tR30+oafPfR6feSaowkvNMnmAEUy3Kk+ZAxZCxZmGw70Yc7qf/BV/RPjpF49TX9akuj8Kp5b KHTEa7ia2GpC1cylbYSGRXwJMuyAHkA8jPmvxD/Yt/az+KXxJu734h+MPDOr+NwkCXEcutW0 d6qqi+TugjRWX5NpX5RkYNfcf/BXL7af2dPAx1IKt3/wkNv5wU5USfYbndg+mc4reM8NDMsN Uw/K5TTUrbJ6O67X79i06ar05Qtd72/NHyl/wTZ8LftWXXizwp4k8LT36/BuDVLsamiahBHa GYW5D7rRpRKx3mPlYzzg9iR8v/tg6/d+Ff23PHHijT0SW60fxBBeRJKCY2ktxFIoYKQSpKjO CDjuK/ZX/glCQf2Vfpr2of8AoMNfkd+0faQX/wDwUL1uxukEkNx4u0+N1IyGV5IAQR7g11ZZ jfaZtieaKSjFrTrZ9fM0oVebE1LrZfqer/GFf+Cl9n4MP7RfjjXtb0LQmMd2bfT9T+xiyhuS BEXsbeQFE+cKQ6l1/wCWmDk1+hf/AATT/ar8b/H7wn4j8HfE26Gpa94QNs8V+VCSXVpc71Hn bcBpI2jIL4G5WXOWDMfp39tWNZP2UfiirjIGiXB/FcEfqK/Hb/glnDqN0vxutdI3fbpvDASD by3nN5wTAHfcRivD9tTx+VVak6cYuDSVlayuv8zj5o1sNKTik09LE/7TP/BQD44fGH4pT/Cn 9mm9u9K0MXZ0+yfSl/4mWrTBtnmrKoMkaMwJjWMqdvzOTnC+beMtS/4KR/snwad468eeIPEN rpl1On7y81Rdas/OPzeVcIZrhELgY+YDdztJIOOf/wCCYl74esv2ufD39vNGk09lqEVg0uP+ PtoDgKT0Zo/MUdznA5NfuN+37e+HbL9kX4if8JK0YiuLOOK3WTGWu2nj+zhAerCQBuOQAT0B Nelj8TSwGLo5dSoRcJWu2rt3dv6/Q6K1SNGpGhGCadg/Yw/at079qX4Yz6/fwQ6Z4o0CRbfW bOEnykZwWini3EsIplVsBiSrK65IAY/j18d/22/2if2kPjK3w4/Z61bUNJ0Se8ksNGtdGka0 u9QUEj7RNOrK43hS+NyJGn3uQzHr/wDglTY+JruH43HQn2xt4eiiHB/4/ZBcfZT+AWSvGf8A gl1e6PaftcaImqMiT3OnalFZ7+puDCWwv+0Ylk/DIqcPk+GwmIxlaMFL2aTinra6b/ryFDC0 6U6skr8u33E/7Rkf7c3wY+Fc3w0/aDv7jW/B/i97dYrm8uxqhhubSRbhY47reZI5PkwUclWX cVBK7l+4P+COaCT4efEmNs4bUrIHBKnmB+hHI+or3b/gqre6Jb/so3VrqboLu71jT0sVYjcZ 1ZnfaDzkQiTOO1eGf8Eb/wDkQPiP/wBhOy/9EPXJisf9ZyKpVcFF8yvZWT1Wv9djOpW9pg5S tbXp8j7e+Fv7Dv7OfwZ+Ilv8Tvh5oM+n6xaRTRQiS9nuYo/PXY7KJ3dt20lQd3Rj618Vf8FK P2zfBGm+DNf/AGa/BLJrXiDVQlvq9yhDW+nRxyLI0OeQ9wdu1lHEeTk7xtH6u/ES817Tvh/4 m1DwrDJc61a6Xey2MUS75JLpIHaFUX+Ji4AA7nivwQ/YV/Yj8WeK/jNe+KP2lPBOq2uk6NAb 6GLV7aWKHUNQeVdomMoHmqo3OyHO443ZXKt4uQTp1JTzDH1HL2drJvVvpv2/4c5ME4ybrVpX 5dj6o/4JLfBPxj4F8B+Kfil4pt5NPtfG5sk023kBR5Laz84m5Kn+GRpcRkgEhSw+VlJ/Ximo iRIsUShEQAKoGAAOgAp1fN5vmUsXiJ4ias3/AMMvwODE13Vm5vqFFFFeaYBRRRQAV4B+yd/y az8G/wDsTPD3/pugr3+vAP2Tv+TWfg3/ANiZ4e/9N0FAHv8ARRRQAUUUUAFFFFABRRRQAUUU UAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAH/9X9/KKKKACiiigAooooAKKKKACiiigA rxD9on4F+Gv2i/hRq/ww8Sv9mF6FltLsIJHs7yLmKdVJXOMlWXI3IzLkZzXt9Fa0K86U1Upu zWqKhNxaktz+ayx/ZB/4KE/s2+ItTi+EMd81pesIWvdCv4PIu0XOxnt5JFkUrk4MkY2knDY5 PuX7J/8AwTl+L198WLH4x/tMD7FDpt6NT+xT3SXt/qN8jiVHuHjaVBGZPnfc5dyNpUBiw/eG ivrcRxvi6lOUVGKlJWcktX+P9dLHpTzapJNWSb69T8hf+Cln7Lvx0/aA8X+CtV+Efhn+3rXS LC6hun+22dr5ckkqsoxdTRFsgHlQR619Fy/Bj4kt/wAE+x8D10j/AIrX/hFl077B9og/4+wB +78/zPJ/4F5m33r7vorynxBWdCjQsrU3db3vvrr/AJHO8bPkjDpHU/In/gml+y/8c/2f/FXj jUvi74a/sG31iys4bVvttndeY8Ujs4xazSlcAjlsA9q8o/bF/wCCdfxUu/irf/G39m5Vu21S 6GpTafDcJZXtnf7vMee1kdo0ZWkHmDDq6ucKCMY/c2iuqPFmKWLljFa8lZq2jX33/E0WZVFV dVbv7j+bjxP+zh/wUk/aZvNJ8O/Fi2vZNO0x8RTavc2ltZ25I2mV0gO+VscbxHI+CeeTX6kX P7JNx8Mf2HvFX7PXwyi/t7xHq1hO8spMdsb/AFK4Kb2zK6oihVVE3NwiKCSck/f9FGN4qr1l CKjGMYtNJKyuu+oVcxnKySSS1sj8jP8Agmj+zB8cv2fvEvjrUPi74a/sG31i0sorRvtlndeY 8UkjOMWs0pXAYfexnPGaZ/wUt/Zf+Of7QHirwPqXwi8Nf29baPZXkN0322ztfLeWRGQYupoi 2QDyuQO9frtRWX+s1f699f5Vz9tbbW73/En6/P23trK58k/DL4K+Ipf2MNO+AnjaH+xtZvPC 0+i3a745vs01xC8Wd8TOjbCwPysQcV+G/hn9jv8A4KA/BjxffQfDXQ9S0u+u43sn1DR9Rt4o bi3Lg8TechVWKqw37HHBIU5r+n6itMt4pr4Z1bRjJTd2mtL/AHjoZjOnzWSdzm/Bqa5F4Q0O LxMpXWEsbYXoLiQi5ES+aN4JDfPnkE561jfFPwTH8Svhn4s+Hkk32YeJtKvdN83GfLN3C8Qf H+yWz+Fd7RXzsarU+eOjvc4lJp3R/MD4Z/Y7/wCCgPwY8X30Hw10PUtLvruN7J9Q0fUbeKG4 ty4PE3nIVViqsN+xxwSFOa/Wb9rD9ivUP2o/hf4T1KS8i0b4neHNOhiM1wxkguWaNWntZ5I9 xwJsskqhsEtwQ2R+jFFfTY3i/E1qtOulGM49Ut/W99Dvq5nUlJTsk0fzSaL+zl/wUw+Guk3X wq8G2uuWWhXbSL5On6tbCyYSffaOTzwIg/U8oTn5hnNfbX7DP/BOnW/hF4stPjJ8cHt5PEFg HOm6RCy3CWkzfL9onmUlHlUZ2Km5VJD7iwAX9gaK0x3GWKrUpUlGMebdxVm/xKrZrUlFxSSv vYK/Jb/gpP8AA/8Aaa/aD1fwl4U+EvhNtY8K6JDLe3E/2+xthJqE7GMKY7m4ic+TEmQwXH71 hk44/WmivCyrMp4Suq9NJtbX2/Bo48PXdOamlqfHf7C3wD1T9nj9n7S/CXii0Wz8T6lcT6jq 0aukuy4mIRI/MjZkby4UjU7WK7txB5r6R+IvgfR/iX4D8QfD7X13af4hsbixmOMlVnQpvX/a QkMp7EA12dFY4nHVKteWIk/ebv8AMmpWlKbm9z+fX9kr9kL9sr9nj9ovw745ufBO7QIrl7DU 5o9U00pJptyfLkl8v7V5jBPlmVdu4lAMZ4r7E/bu/YCuv2h9Wj+Kfwtubaw8ZxQCG9tromOH Uo4QBCRIARHMijYCw2su0Ertyf1Gor3K/FuKniY4tJRmlbRPVed2zrnmVR1FV0TR/MZpf7PH /BS/4d6X/wAIT4atPFWlaScqtrputr9kUNy237PdGNA3fGM9691/Zc/4Jg/E7UPHem+PP2jI odI0XT7hLx9LM8d3eX8qtvVJmiZ40iZsGTLl2GVwpO4fv9RXdiOOsVOEoQhGLlu0tfzNZ5vU aaSSv2CvmD9r/wDZ+l/aV+CGqfDjT7yOw1dZor7Tpps+SLu3ztWUqCwR0ZkLAEru3YOMH6fo r5HC4mdGpGrTeqd0ebTqOMlKO6P5wPhF8Cv+Cm/wGn1fwR8J9Iu9Fs9YfdclZ9Lns2ZRs8+O W4d1jcrjlNrkAZGVAGJ4l/4Jz/tk+E/iBp3irQ9Ig8cX6yW+rXF/HqNpEpvzJ50sbm8nhmkY OMtJtAbORzmv6WqK+w/17xKm5xpwTe+j19Xe56f9sVL3UV56bnxP+2x+zbrf7U3wOtdB0Ty9 K8V6RcRapZQ3LjyzL5TJLaySJuUblc4cZXeq87STX5C/Cf8AZ2/4KW/DYX/w3+HNlqnhLTNW m3XbLfWkdmrkBGmWYSOVO1QC0J3kADngV/SlRXm5ZxRWw1B4dQjKN7pSV7fiYUMwnThyWTXm fzg6b/wTe/aZ8A/Hvw7faTog8S+G9H1bSLybWVvbKBZQjQzXbrBNcifbHJ5ijKbnC7gvIFfr F+33+zv4r/aQ+Bi+F/AnlSeIdE1GHVbSCWQRLcmOKWF4RI3yqzLKSpYhdygFgCTX25RRi+Ks VWrUq87c1PbTf11/KwVMxqSlGb3R/P5+xt8Cv27/AIUfFjwvol/pGsaF8P7PVvter2rahBHY ujp5UrmNZj53y7TtQNkqDjjI0/jF+xX+0x4q/bRv/izoPg77V4Un8S2OoJe/2jp6ZtYXhZ38 p7hZeArfLs3HHAPFfvhRXVLjLEe3liI04puPK9H3vffc0eaT53NJXtb+tTwn9p3wZ4k+If7P 3j3wR4Ps/t+ta1pU9taW/mRxebK4+Vd8rIi59WYD3r8+f+Ca/wCy18cPgJ4r8cah8YfC40Sy 1qwtbe3LXlndiVkkdnUrbTSkAKf4gAa/XyivHw2dVaWFqYSKXLPV736ba+XY5aeKlGnKktmf z4fGr/gnb+0N8H/ixJ8TP2WC+oaZHdPeaeLK6jtdR0zzCcwlZWQSRqGKKULFk4dcZzx11+yB +33+1V4203UPjp59hbWq+T/aGsTWyR2sBYFxBZ2xyXbrhY1DEDc44I/pAor3KfHGLjFXjFzS spNe8dkc3qJbK/fqfHvxK/Z7fQf2Mtc/Z3+EFgb+4g0NrCwheSKF7q4Zg8kjvIyRq8shZ2JK ruY9BXyd/wAE0f2YPjl+z94l8dah8XfDX9g2+sWllFaN9ss7rzHikkZxi1mlK4DD72M54zX6 50V41PPq8cNVwzs1Ud23e99PPy7HLHGTUJU+5+RP/BS39l/45/tAeKvA+pfCLw1/b1to9leQ 3TfbbO18t5ZEZBi6miLZAPK5A719gfDL4K+Ipf2MNO+AnjaH+xtZvPC0+i3a745vs01xC8Wd 8TOjbCwPysQcV9bUUVc9rSw1LDWSUHdPrfXfW3XsKWMk6cafRH8wPhn9jv8A4KA/BjxffQfD XQ9S0u+u43sn1DR9Rt4obi3Lg8TechVWKqw37HHBIU5r7g/b6/Za/aQ+Pf8Awq3UPBPhj+3L /RtCNvq5N/ZQmK9fy2dS1xPH5mWDfMu4H1r9nqK9etxriJ16eI5I80b9HrdW11+46pZrNzU7 K6/rufKfwr+Bn9pfsh+HvgH8X9M8h5dAj0zUrUSRytDKF6pJGzxl4nAdGUkBlBHSvxl1f9hL 9tr9m3x5da/8CJrnV7ZFMcOq6LdxW00sDnPlz2ksofPALJiRMgEMeK/pGorhy7ifEYaVRxSc Zu7i1damNDMJwcmrNPofzv8Awo/4J1/tK/G74oL47/agkn0rS5p0n1Ke9vY7rU79EAAiiETy eWMKEy5TYv3FOAK96/4KDfsFfEf4neObf4ufBCwh1VprO3sr/SVlit5kNovlRSweYUjZPKCq ybgy7RtDA4X9pqK6pcZ4x4iNdWXKrKNtLP8A4Zdeho81q86n26dD+fy3/Z6/4KVftE+D7b4Y fFrVJdE8GabEGUanJZo9w9sv7mORbX/SJ23BcNOdgPzliwGfZP8AgnH+zR+0r+zz8WNevPif 4L/snw7r+lGBroahYXBjuYZUkizHb3EjkMu8cLwSMkCv2foqcTxdXqUZ4dU4RhLola3nvv6i qZnOUXDlST8j8F/2/P2Hvjt4y+PGqfGT4S6K3iPTPEMdrLNHazxR3Npc2sEduR5cjIzK4jV1 ZNxBLA7cDPu/wq+F37ZPiz9k34yeCfjdbajqfirxNAI9Ch1PUbeWaQGLa8YLTFIF3KDhygJJ PvX640VEuK68sPToShF8lrOzvpa3Xy1E8xm4Rg0tLfgfkT/wTS/Zf+Of7P8A4q8cal8XfDX9 g2+sWVnDat9ts7rzHikdnGLWaUrgEctgHtXO/twf8E4PE3xO8bX/AMY/gS9u+q6uRLqej3Eg t/OuQMNPbTORGGkwN6OVG7LB/m2j9mKKz/1qxSxjxsbKT0a6Nff5dxf2jU9r7Vbn80up/s4/ 8FMPinolv8MfF9rrl3oFkYx5Op6tbraAR8IXZp8zBO33yOwr9fP2Kf2ONJ/ZT8J30mp3kWte Mtf8s6hexIViiijGVtrct8xjViWZiFMhwSoCqB9vUVWacVYjE0vYcsYQerUVa/qPEZjOpHks kvI/A/4u/sVftMeKP20774s6F4O+0+FJvE9jqKXv9o6embWKSFnk8p7hZuAp+XZuOOAeK/Xr 9p3wZ4k+If7P3j3wR4Ps/t+ta1pU9taW/mRxebK4+Vd8rIi59WYD3r3aiuXGcQVq7ouaX7u1 t+lt9fLyM6uNnNwb+yfkL/wTT/Zd+On7P/i/xtqnxc8M/wBg22r2NrDav9ts7rzJI5WZhi1m lK4BHLAD0r9eqKK5M1zSpjK7xFVJN222008zLE4iVWbnLc/GP/gpF+yd8f8A4+fFzw34o+E3 hb+3dMsNDSznl+3WVrsnW6nkKbbmeJj8rqcgEc4znNfor4S8C+KdM/ZP0b4Z31l5fiS08E22 kS2vmRttvo9NW3aLzAxjOJBt3BtvfOOa+h6K6MRnlapQpYeSVqe29/nqXPFylCMHsj8Q/wDg nd+yD+0T8C/jzeeNPip4T/sPRpdEu7NZ/t9jc5nlmgZU2W08r8hGOduOOT0r0L/gpZ+y78dP 2gPGHgrVfhH4Z/t610iwuobp/ttna+XJJKrKMXU0RbIB5UEetfr1RXbLirEPGrHOMeZK1tbd u9/xNXmM3V9tZX/rzPjrwZ+zqfF37F+g/s7fFm0Om3j6DBY3ao0U72d3Dh45EaNmjZopFVht YqcYzg1+P+mfsk/8FBf2VvF+p3PwTS4ure9XyWvtGntpYLuJSShltLk7g67jjfEdpLbGIyT/ AEi0VOA4or0HUXLGUZu7i1dXYUcwnDm0TT6M/n++An/BOr48fFD4tR/FP9qvdZacLtb69hvL mO71DVZEIZYmETOscLY2uWYMEG1EAIZf0k/b7/Z28VftH/AtfC3gMRP4g0PUYdUtIJZFhW58 qKWF4Q7fKrMspKliF3KAWAJNfbtFTiuJ8TVxFPEuycNklovl5iqZhUlOM+23Y/n8/Y2+BX7d /wAKPix4X0S/0jWNC+H9nq32vV7VtQgjsXR08qVzGsx875dp2oGyVBxxkafxi/Yr/aY8Vfto 3/xZ0Hwd9q8KT+JbHUEvf7R09M2sLws7+U9wsvAVvl2bjjgHiv3wortlxliPbyxEacU3Hlej 73vvuavNJ87mkr2t/Wp4T+074M8SfEP9n7x74I8H2f2/Wta0qe2tLfzI4vNlcfKu+VkRc+rM B71+ff8AwTT/AGXfjp+z/wCL/G2qfFzwz/YNtq9jaw2r/bbO68ySOVmYYtZpSuARywA9K/Xq ivHw2dVaWFqYOKXLPV736ba+XY5aeKlGnKktmfgx+1N/wTM+JVh8QL74n/szFLyzvbk3w0tL hbO9sLktvJtZZGRGjD5ZPnR04UBsA14rqn7K3/BRz9oa503w/wDFJNSl0vT5QqTa7qcItbcn 5TKYlkaSRgv8axuxHGea/pRor28Pxxi4QjGUYycdpNar8f66nXDNqiSTSbXXqfM/7Kv7M/hj 9l34ZR+B9GnGp6peSm61TUTH5bXdwRgYXLFY41+VF3HHLfeZifyS/ae/4JwfGXwj8Urr4m/s zWp1LSbq7bUbe1sriOzvtIn3+Zth8ySPeivzEYzvUfKV+UM39AtFeZl/EuKw9eeITu5fFfZ/ 10/yOejj6kJud733P5yvEX7G/wDwUB/aD8L3fin4v3V1eXugQKNH0rUr63NxdSSSosgjTzVh gxHud5JWV22qoDZBH6Cf8E0/2fPi9+z/AOD/ABrpfxc0H+wbrV7+1mtU+1Wt15kccTKxzbSy hcEgYYg1+mNFdOYcWYjEYeWGcIqD7K1rdtTStmU5wdNpJHn/AMWdF1fxJ8K/GXh3w/EZ9U1T RdRtbSMOsZe4ntpEiUOxVVy5AySAOpIFflD/AME6/wBlz9pf4JfGzWvFXxk0CbSdEuvD9zZR SSalZ3ga6e7tZEXy7e4lYHZG53FQBjGckA/s9RXm4POalDD1MNFK0977/LUwpYqUISppaMKK KK8k5gooooAKKKKACvAP2Tv+TWfg3/2Jnh7/ANN0Fe/14B+yd/yaz8G/+xM8Pf8ApugoA9/o oooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD/1v38oooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACvAP2Tv+TWfg3/ANiZ4e/9N0Fe /wBeS/APwlrXgD4FfDnwJ4kjWHV/DfhvSNNvERxIi3NnZxQyqrrwwDoQCOD1oA9aooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD/9f9/KKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooA//Q/fyiiigAooooAKKKKACiivAv2nfjdD+z x8E/EfxUNouoXWmpHFZ2zEhJbq5kWGIOQQdis298EHapxzitsPQnVqRpQV23ZfMqEHJqK3Z7 7RX8u2if8FO/2ttN8YJ4k1LxFa6rp/m7pNJlsLaO0aLOfLVo41nXAOAwk3dNxbof6Uvhp470 z4n/AA98N/EXRo2hsvEmn21/FG5BeIXEYfy2I43ITtbHGQa9vO+GsTgFGVazT7flsjrxeAnR s5dTt6KKK+eOI/NP9uj48fFj4RfGz9mvwr8O9ebSNK8d+JJLHWoBBbzC7thd6bGELTRuyfJP IMxlT83XIGP0W1rXtD8N6e+reItRttLsYyA091MkESk9MvIQo/OvyM/4KY/8nG/se/8AY3y/ +l+kV5j/AMFKYbfRP2pfhx47/aH8Max4u+AOn6W0UlrpbukMepu8wkMpWSLEhzA2DJH5iKFV jtdSAftz4f8AFXhjxbZ/2j4V1iz1m1GB51lcR3EfPT5o2YfrVfxJ408HeDYop/F+vWGhxznE bX11FbK5HZTKyg9R0r8a/wBkjwh+x9r/AO03o3xQ/Y3+J7+D4VsZo9X8C3cF2ZNSBWTdte7n UlUDrJiPz1Roww2jIHzz8cbn4T+Bf24fiRrP/BQLwZrnifw1rpjj8J3lu8/2G3sFJ2bVimhL hYyFIjclJA5MZZ9ygH9GWm6npusWceo6Rdw31pMMpNBIssbD/ZZSQfwNM0zWNI1qKSfR76C/ iicxu8EqyqrgAlSVJAIBHHXmvy//AOCefgH4HeHPF/j7xR+zL8XP+En+HmuCJ4/CMsM6XGjz 5UrM7XUolOcSRhjAN67QZHMeTgf8Ecv+SB/ED/sedQ/9IrKgD9X4dY0i41GfSLe+glv7ZQ0t usqtNGpxgsgO5QcjkjuKy/EXjTwd4PSKTxbrthoiTnbGb66itg5JxhTKy5OfSvya+DmuW3hn /gpr+1D4kvBm30rwzbXcg6fJBbWEjfotfnZ8Evi/+xl8WNa8XfGL9vvVdS8T+N9fv5Vs9OCa i1jp+n4DRiFrRlIAZ2RELbY1UEDcS1AH9SlneWeoWsV7YTx3NvMu6OWJg6Op7qy5BHuKqW2t 6LeX8+lWd/bz3tqMzQRyo0sY/wBtASy9e4r8KP8AgnV8ZfA3h39rXxh8BPgX4iv9c+DniHT5 NU0S31ITLLp97AEklijWYAhSHlDHGXCxliWBJ/Vj4dfss/Df4Y/G/wAbfH7w7c6jJ4k8eoya hHcTRvaIGkSQ+TGsSuvKD7ztxmgD6TooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKA CiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoo ooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKA CiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoo ooAKKKKACiiigAooooA//9H9/KKKKACiiigAooooAK8a/aB+DOi/tAfCPxB8KdduGsotZiTy rlF3tb3MLrLDLtyNwWRRuXI3LlcjOa9lorWjWlTmqkHZp3XyKhJxaktz+cbRP+CR37QVz4wT Sde1rRbHw+suJNShmkncw56x25jRi+P4WZVz/FX9B/gbwdo3w88F6F4D8OoyaX4esrewtg53 P5VtGI1LNxliFyx7nJrqqK9fOOIsTjlFV2rLsrfM6cVjqla3P0CiiivDOQ/Kj/goV8O/iB41 +Pf7KuseDfDOp69YeHfFMlxqdxYWU91DYwm90txJcvEjLCm2NzucgYVjnAOOp/ag+JH7WnwO +PmifEDw54e1D4m/A3ULBrbVPD+k2MNxd2lyVKvIdkLTsp+SRS7NGfnjbZlWr9LqKAPwX0X4 c6p+09+2D8Lfi38HPgXqnwX8L+CbxNS1vV9S09NHOqeVMkqxrboojkc7GiLIXZlkbeVCCvcP G/xt/ab+A3xu8feHP2hPh3rPxp+D/iObzvD82j6PbXiWNvvZo7eWOKJEZgriNxcEOWjDoWDE n9eKKAPxi/Yo+CfizV/2v/GH7T2i/C67+Cfw6utKfTrHRLyH7FPdzy+QWf7HtURRHyzK21Qg faEL/OR5r+zz41+Pn/BP3xB8Q/gr4j+CXiXx9o2ta7Pqeh6loNrJPFctKoiGZESRNskUcTFc +ZEdwZDnj956KAPxZ/Yv+Hnx71z9sP40fEL9oTwJe+GI/H/h1CxNvL9gVLxrYx2cd0y+VJND b4SRQxZWVgwBBA5D4HeIPjh/wTtPif4I/EH4Pa78SvA51Ce/0DXvD9n9sLJNhBHMFUrHvCBi jMrxvuwsispH7q0UAfnD+yR4m/a2+L/xa8U/F34raHL8N/hdLbi30LwteWVvFfNN8i+fJI8C XSqFV2bcUDPIAilFr3j4ZfHD4p+NPj/49+FXif4Y6h4a8K+FkZtN8RzpcC11UiREAiaSBIjl WLfJI/C/jX1NRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFF ABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAU UUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFF ABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAU UUUAf//S/fyiiigAooooAKKKKACiiigAooooAKKKKACivkv9o744+Ifh3fWPhbwlsgv7qD7V LcyIJNkbOyIqK2VySjElgeMYHPGX+zt8evE3jrXpvB/jJo7q4aFp7e5SNYmJjxuR1QBTwcgg Doc5yMb/AFaXJz9Dy3nFFV/q/X8D7IooorA9QK/LK8/bo/aM8SfF/wCJPwv+CfwGTxzD8N9U OnXl2uuxWbfM8iwu0c0S48zynOFZsY5PTP6m1+Vn7B3/ACdj+2N/2M+nf+jdSoA7v4b/ALem tN8VtF+C37S/wr1L4PeIfFL+Xo1xc3SX2m3svQRi5VIgrsxCKF8wbmUMVLLnY/ab/bA+Jnwd +OXg/wCA3wo+GSfEPX/F+lzajbxnU109/wBwZjIg8yNk+WOFnyXGegGcZ8t/4K/2mlL+yrZ+ IZwI9X0bxFp02mTgYkjnYSqwVuozHuJHQlQcZAI8e/a2+Ini74ff8FBPgL4/0PwXe+NNetfC V6/9haacXUz3EV9HKsZ2v/qg7OflPyqfrQB674m/b6/aI+DdpB4q/aJ/Zs1Hwt4NM8cN1qth rEGo/ZfNYKrPFHGFwSQo3yICxCgliAf0+8O+INH8WeH9M8U+Hrlb3StZtYb20nUELLb3CCSJ wCAcMjAjIzzX5A/Hj4p/th/tbfDTU/gN4O/Zy1LwVb+KzDb3ur+IbxI4LaCOVJWKo8UfOUHz AuwGdqFsYs/ETw/8QNb+Mnwc/wCCdPgzxvqPhXwl4W8G2uoeJNV0mRrXUb+OzQ2yxRycmNWM SnAO0eadwfYFoA/Y2vzF8bftvfHwftC+PPgP8FPginj+bwIbVrm5GtRWTGO6hjlVyk0QUfM5 XAZuma8z8SeGfF/7Bf7RXwft/A/jnXfEnwz+KurL4d1PRtfvWv8A7JdzskcNxbSMo2fNKHOA CdhViysNnlWm/Gfx58Gf+CiH7RGo+BPhfq/xPm1KLSIprfSG2vaqlrAwkk/dycMTgcDkUAfU 2g/t+fEHwh8SvC/w6/am+C1/8K4vGVylnpmrLqEep2TXMjBFjkaKNVT5ioJDsV3BmULlq/TW vxf+KOkftS/t7+L/AIe+EPEfwdufhL8P/Cutwa3qOo6xdJJeTeRlfLhjCROpZGcBQrAsVZmU Lz+0FAHiHwi+InxG8c694903x34Fn8H2XhnW59P0i5mlMg1ixid1S9QFE2rIFDAAt97qa9vr 8UPBPjv4/wB38OP23Jvhfqepax4u0LxrqdtokXmyXU1pbC8kWZLKNi+xo7feYkjH3lXaM4r5 v+EniH4N+J4PB9/8Hf2kfFPgD42W9zZ/2tbeN7y5fTdQuMbbmGRCpgfdKcRo8xJX5WXcQygH 9H9fl/8AFH/gqB8FvA/xh8PfD3S9RtpdLttW1jS/Ft1dw3SS6X/ZgURywLHGy3CzSCRV2bid o4Ga/T5d20b8bsc46Zr80/2gf+Cc9h+0F8UvE3xa8QfEC/tNauYNMj8NslumzQXsphJMwVHj FyJAPk37WQsxLMQpUA+8fhf8SvCXxh8A6L8S/Al015oOvwme1ldDGxUMUIZG5VlZSCD0Irva /Dj/AIK6+NviV8KNF+Blt4D8V6lpl+kmpxzT2Uxs/tctsliEeaKDZE2WJOzbsG4gKAcV84/t k/Dr9pH9ie8+H/xzh+OGu+KfFGv3cq6kJ5pVtVu4VWYxxxeYUktW3OnlMgUKBhQDtUA/pVor 8QP23/jp8aPjD+0j4C/Yr+DPiGbwRbeJILK61PUraSSK4c3cbzsheJlcww267zGrL5rnaxwB XivxQi+O3/BLr4yfDzWbb4oan4/+HnjCSRL+w1N5NpS1eIXa+VJJMsb7JlkimjKtkFWBUEOA fr38T/2vPhz8M/jz4H/ZyntbvUvGPjWWAqkSbLa0tZ2kVZpZW+8SY2CogY8fMVGM+G/tP/8A BRj4Z/AfxfH8NdFuLa+8WaZr2lWGtWt8lxFDb6ZfwGea8imjVkcwBowy5yCxGDivyw/a1+Am v6h/wUw0DwDH4/1O3uviBNBqNrqa7/tGjR3s9ztt7b98Dsh8s7NrIPmOAO/6k/Gz/gnZp3x9 l8KQfEX4g6lqen+D/CLaFZwPEqsdXWJIk1aSUPvkLFd8kMjNuYD59pYEA+yvgr8cvhr+0J4O fx98KtTbVtES8nsfPaGSAma3I3fu5QrgEMrLuUEqQcCvXK86+EngfUPhr8NPDngLVtbk8R3m hWUVrLqMsKW8l00Yx5jRx/KDjjqzHGWZmJY/FX7dCXc3iDwNH49+NMHwh+Ei/aX1qOx1CWy1 /V7hRmOK1EUTl4Y/l37W4DsWUkR0Afo1RX8+3wI+LXw58Gftw/Dnwb+yv8UPEnjP4e+MkvbT W7LXJLyW2F1FBLIjwG7ihJIIRtwUsCCNxV9tf0DSSJFG0srBUQFmJ6ADkk0APr5Z/at/aOuv 2bPDngvXrXQU19vFvijT/DrRvcG2EC3sczmcERybivlY24Gc9Rjn4C+AHwr8V/8ABQfw74p/ aC+LfxK8UaFpuo6vd2fhrSPD2ovYWem2tphEnMRV1eYk4JIBO0liSwCch+094I+PXw5/Zo+D Hgv9oXxLaeLtd0z4s6RHZanbyzTTT6b5F15H2t5o42M4O4E5f5duXZgTQB+senfET4jXf7QO qfDC68Cz23gmz0RdRg8UGUmG4vjLEhshHsADBHd87yfkPHPHt9fl+fiXrnhb/gpD8Tk1TVby bwx4d+Fj6wdNNzJ9kWS3uLR2lWEkxrIU3DeFzgn1Nfm94C+PH7P/AMctH1b4m/tZ/tGeLPCv j7V7u5fT9J0EapBY6DbqxW3ES21pLC7Y+bKvkqQHPmFmoA/phor+f+P9qX4i/Ez/AIJi/GK9 u/F11qPif4e6zp2k2viO1eWzvL+wfVLI29yzDy5UeSN3jbdh2UfvMsWJ6z41/s5/Ev4e/sop +1uPjT4yuPixpen6brdxI2pbdNP2uSEyWsdqqgJFGsnyrkqxXDJtbaoB+q3xR/aE8M/C34o/ DL4Sajp91e6z8ULu7t7J4tiwW8dlGsk0kzMd2fnQKqqc5OSuOffq/Br9oz4d2nxn/aH/AGSf Gev+INc0+8+LumPc340/UGt1sHj06zl3acAp+zNIZD5hGd+B6V+6ejaZHomj2OjQzTXEdhBF brLcOZJpBEoQNI55ZzjLMepyaANKivxj/aN/4VqPjt4zu/2xv2iJvDfhmNYE8OeEvCup3iT2 tuU+aXUbe2tncTSYWReGzuPzbAgrlf2GvjBq+q6d+0r8OPDHjbWfF/gXwppbX3he+1l5hqME Fxb3J+9KEkUfKhA2qMrvVV3EUAfuNXi/7Qnxv8N/s5/CHX/jF4stLm/07QVh3W9oFM0slzMl vEo3sqgGSRdzE8Lk4JGD81/sB+JPEXiT9grwb4j8Rapdapq09lrbSXl1O89w5j1C8VC0shLk qqgDJ4AAHAFflx4t07VviZ/wSB0/4l+MvE2tahrPhzU7goZb+WSO8FzrcVvtvFkLGdYl5iBb 5GAIoA/Yb42ftR3HwmvvglbWfh1dTT4v6/pujMZLkxGwS/MQ80ARt5pTzfu/KDjqM19e1+DP 7Xnwi1PwJ8Mf2WPAXw48Uas2tar4xsZdP1TVbk6hdWd9epbiF0Zwo8uGQqyR9BjFdn8bfhB4 u/Yg8efB34qfDj4q+LvEA8T+LdP0DxBZa/qRvrfUI7zcZJCm1FBKI4G4MVJVkZWXJAP2zor8 Cfj5+0n8Nvib+1r46+G/7RXxb1r4a/DD4e7NP0/S9AF6kur6hjFzLczWUEx2xsCNrgcbAmD5 hPqX7CP7RmiH9pvxH+zv8O/iVqfxT+GOoaS2raFfa0tz/aGnXUDKJ7MvdRQySIUZmzt2Dau0 AmTIB+0leafGP4p+H/gl8MPEfxW8Uw3Fzpfhq1N1PFaqrzyAEKFQOyrkswHLADqTX4q/sN/s 4+OP2uP2eW8b/Fz4yeNIEtL67sdDt9P1V4o7YxESNczlw7XEhmkYLuYFUUKGxtCZr6t4z+O/ /BLHxvqXxV8Tapf658L9YvrKK6iu2R9QS0MKol+Tk3CKLkjDHJKIxJIyQD9ZPF/x2+IEfwe+ G/xT+Ffw8ufGE/jqbR3udPjnKvpun6patcSXLusb7xAdiHhQS2cjpX1HX4UfFHw7qvwK/Yd/ Z2uPAvi7xAs/i7xf4Pv7uS41OZ3jS+0iQyWcLJsKWYMalYOVB9a9++I//Cb/ALWf7afij9nB /GureD/ht8L9HtbrU4dAunsrvVb7UY4pEimnXOYlWT7pBA2EAbm3KAfqzRX53fCv9nv9pL9n nVviXo3g/wCI8PiD4dX+jSyeGD4qvp7m+0jWAg2vM/2cx/Y0JdnCnkBPkzvY/mL8QL79nTQ/ hfqd/wCK/wBqPxR4u+P1vaXV1FdeH9T1G80z+00DSJDbtFbiNbUEBS/mIduXXaMIAD9zP2lv 2hfDP7MnwvuPid4p0+61SBbqCygtrTYHluLkkRhmcgInBLNyQOiscCtD4lfET4jeEviL8OvC nhDwLP4m0LxVc3cOtatHKUj0SKARGKSRQjBxKXcDLLjYeuePxQ/anu9c+OX/AATY+D/x08ea 7qNx4khuYNPnWK4Mdreb7qW3NxcwgbZJwtupV+NpZzj5q+vPjXoWr/Av49/se/Cnwj4t1+80 afWPEaXj6jqc1zcX6O1pMq3b5UTrGZWWMOpCrwKAP1ior8cfAnhHxX+358b/AIu618QfHev+ Hvhz8Otbm8OaJougXraes01qzLJdXDAHcxCq4yC2XwCqptbmdM8b/Fj4G3/7T/7I/iLxrqXi vTvDXw71jxT4V1m/uGbVbSH7GQYmuBh2ZHmXY24bTGWQKG2qAftpRX4PfDn9mP4gfFf9iu3/ AGi/Gfxn8aDx3a+H7vVNGW21V4bGzi06OQW0RjA3u0qRAyy71clskkgl/wBOP2I/iX4o+L/7 K3w7+IXjW5+265qVjJHdXBADTyWlxLbea2MDe4iDNgY3E0AfVNFflB/wUQuvilqHx2/Zp+Hv wv8AGmo+Cbjxjf69p9zd2EzpthkWwjeQxghXeKKSQxFuUY5Uq3zDwD4mfBL4q/Ab9qj4c/An 4PfGjxfbeH/jVaXdvqs+p6iL69gFoRLdz2zsipFO8S4jmVfMRi2G2nFAH7vUV+QHgDwX4h/Z V/4KCeCvg74T8ceIfEfgv4leHtQvLyz16/a/aO8tEnl81GIUBiYV+baG+ZwSQQB8iyftL/A/ 9oH4r/EHxJ+1d8bvEfgbRNK1WbTvC/hzw8dQhhjs7dsLezSWdrOjyucEbsPuDZ+Ty1AB/RB4 j12x8LeHtU8Tapu+x6Raz3k+wbn8q3QyPtHGTtU4Ga+DPiH+3rY+Hf2OdK/a68J+EpL+y1q+ +y2+mXtyLeUR/bJrQPJJGkoDHyd+0AgZxuOMn4r/AGffil/w0B8Hv2hv2c7/AOJGs+NfDPgi xOq+G/Eyyz2OrXWnKkkot7h5o1mZUeJEfeuXV3UHy9gHzVrvw007wt/wSO0/x/a6vqt5deMN UsjPZ3d201hafYtTvol+x25AEHmA5lwTvbBNAH9OtFfhn+1J+z18UP2Xvggn7VWhfGnxhqPx O0C506fVje6h5mmXj3dxHFJCtmFCrCkknyxMzpsypXkY9s/aA8ZfEf8AaL/aa+HP7J/hTxVf +BPC2o+Gl8V+JbvR5Tb6hPFIWCWsU3JVQVUf3T5hLB9gWgD9YKK/HnxJ4Z8X/sF/tFfB+38D +Odd8SfDP4q6svh3U9G1+9a/+yXc7JHDcW0jKNnzShzgAnYVYsrDYzwX4K8Q/t7fHj4va/49 8eeIPD/gX4Z63L4Z0DS/Dt++nq09oziW9lYBgznCupxk7gMhUCkA+5PhX+0bdfEj9on4t/Au XQksIfhl/Zmy+FwZGvP7QhMp3RbFEezGBhmz7V9S1+PP/BP3wX4r+HX7Xv7Svgnxr4gufFWq aQugw/2peNuurq28uU2rzt/FL9nMYducsCcnOa/YagAooooAKKKKACiiigAooooAKKKKACii igAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooA KKKKACiiigAooooAKKKKAP/T/fyiiigAooooAKKKKACiiigAooooAKKKKAPnz43fAm1+LDWe qWV6NO1exQwh3UvHLESWCMAQRtJJBGepBB4xQ+CX7P0Hwtv7jxBqt+upatNGYU8tSkUMbEFs ZOWZiByQMDjHJr6SorX28uXkvocDyyi63t+X3gooorI7wr8ZfCvg/wDbo/Z7/aI+Ovjj4XfB a08a6F8TNcS9trm513TrLEFtJcmNlja5D/OLg5DqpGOnNfs1RQB+Rd/+z9+1/wDth/EfwfqX 7W+k6N4C+Gvgq9XU/wDhHdNuhez6ndJjaJ2jkmjK4yjNvXajMqJly492+J3wS+J3iL/goP8A B3446Po32jwT4V0HU7LUtQ+0W6eRcXEF8kaeQ0gnfc0yDKRsBnkjBx9/UUAFfnb+1D8D/jfp /wAffBf7XX7N+n2niTxN4c06TRNX8PXlylmNT02R3dfJnk2okimVyS7D7sZAbaUb9EqKAPyy i+Fv7TH7WPx7+HPxN+PPgq3+FHgT4V3X9r6fpH9pQ6rqGoaorxvG8kkAVUjRolOGUEAEANv3 J6f8Dfgl8TvB37bvx4+L3iPRvsnhLxnbaXHpN79ot5PtLW8Mayjyo5Gmj2lSP3iLntmvv6ig AooooA/Kj4ffs3/tN+HfDv7U0fhK8PgDxR4+8Z32t+FNS8+1nW4tmuZJkLiMzGFZ4zsO9VkT du2/KRXhfxm+F37Y37WvgPTPhD8Rv2edC8NeKY5LKK+8fXWqWMzRpbshkmgjtwZx5wUh0R5B hiNoOCv7l0UAYfhnRv8AhHPDek+HvtMl5/ZdpBa+fKcyS+RGqb3P95sZPua3KKKAPyb/AOCo f7M/xt/aKk+FLfBzw5/wkA8NXepyah/plpaeQlx9k8s/6VNFv3eU/wBzcRjnGRnW/wCCpv7O Hxn/AGjvh/4I0T4MeHv+EhvdH1S4uLqP7XaWnlxPBsVt13NCrZbjCkn2r9TqKAPyD/bH/Yz+ Nut/EbwJ+1R+zPNE3xF8IWtjb3WlzyRRi4NmG2yRySssTHaxiljZlV48bTnIbyOb9mX9tj9t 340eDPGH7X+g6b4C8EeCX8xdPspYybkNIjzJFElxdSB5zGiyPK6qqKCgJGD+7FFAH4x/t0/s 5/tQX/7W3w+/af8A2dvC9t4uk8O2NpAbaeeGJYru0uJ3AmSWe3ZopEmA3I+QQ2SvBP61fDq8 8Z6h4A8N33xHsYdL8WXGm2j6va27K8MGoNEpuY42V5AUWXcFw7cY+Y9a7KigAr8qP2vPgT8Z p/2rPAn7TPgj4d2Xxk8PaDo7aVdeG7y6t7ZoJt9w4uY/tQMZP75SpCSMGTkAbWX9V6KAPxzv vhV+2Z8Tv2q/gv8AtBeMfhpp/hTwn4Qu5rIaDZatZ3N1pVlOmyS8uZN0UUvmGTIS33Oqx7TH uILfsWQCMHkGlooA/IP4ZeCv2yf2IIvFfwl+Enwttfi54D1LU7jUfDl8msW2nTaeLogfZ7yK fDOFCgkqFXdkiTDbUxvHv7Kf7Wvin4CeAbHxxqE3jzx/L8TbHxdq9u2pI1to2mrFOrW1q95M qmKAuD5cRPLlUDKgY/srRQB+ftv8AfHepft8eO/itr+i/wDFuvE3w9PhwXwuLcmW6luLUyQ+ SJDOv7tHO8x7OOuSAfnv4S+Hf24f2NfCOofAjwf8I7H4weGbG7uZPDWtxava6eYIbqRpvLvI J8O2Hcu2NgDFlWRl2lf2GooA/KL4h/s7/ta+N/2AfHvw2+Iupp46+LHjC8sb2GwhktLa3s4Y tRtJzaRzv5ER8uOKSRmZsZOxCwClvpD9o74T+P8Ax5+xHrfwh8J6X9u8W3fh/T7GKy8+GLdc QGAyJ5srrCMbG5LgHHB6V9m0UAfkt8cfgR+0bpWj/sqfEn4WeD4fFXiT4Lactrq2hyX9vauZ JrG0gcLO7iJgjQSKzIzclWUMuSP1N8M32s6n4b0nUvEWm/2Nq13aQTXlj5qT/ZbiSNWlg82M lH8tyV3KSGxkcVuUUAfi/wCFvhD+0v8As3/tFfFnxlo/wK0/41Q/EHWZtV0jXn1WxsbmxSaW WUQO12rvGFEiqwVUUlBtZhgL6D+y5+zr+0ponx0+Ofij9oTSbO3tPi5pEJOp6XdQzWkNw6lG s0hZxcgwRzFAzR7D5Rw5ypP6v0UAfi58GPBv/BQb4MfBqf8AZA0X4ZaTdWUTX9lp/jZ9ZgWy tbHUZpJJJ2tBm4ldGmd0GFcDAMTAc7Hh39kH45XP/BLjU/2adT0WLTPiFJNLdRWEt3bOjmLV 1vlT7RDI8IaWJCFJcAMQHKjJH7F0UAfkf4s+Gn7U/wAb9E/Zq1fxf8Ml8L6t8M/HOmXWsWy6 rYzqmk2BtSb8ETDO/bJ+5TfINvAIIJ+g/wBu74M/En4zaJ8KbP4baR/a83hrx1pOs6gv2i3t /IsLZJhLNm4kjD7Sw+VNznPCnmvu2igD8tvF/wAJP2j/ANnD9prxr8e/gB4Ltfij4Q+J8dvJ rmgvfwade2t9aqQs8Ms42MpLOwChyd7qVGFevWv2atJ/a+8V/FXxJ8Xf2hI4fAnha6tVtNG8 F2s9te+Q4K5uZ7mFTlsK2AHBYucqgRVP3fRQB8I/8E5vgz8SfgN+zRY/D74r6R/Yevw6nf3D 232iC5xFM4KN5ltJLHyB03ZHcCvnv4Ufsl/Gq0/YY+NHwL8S6RFo3izxfrWsX2mQTXdvLHNF MLZ7cmW3klRPNaErhiCvVgBzX65UUAfjB4w+EH7W3xh/ZT+EXww8S/C1dA8R/DHxf4bDxLq1 hKLrR9I0+W3kv93nhEO9gDEGZjnKgjOPcPi18Jf2hPgz+1Vqf7Vv7PPhe3+Iun+NNLg03xJ4 dkvotOuvMtFRIbm2mmHl4CQxjHzNneNpDBk/S+igD8lL/wCCX7af7S+jfFzxV8WLxvhnF4q8 NNoXhzwdFqrXdnFJvWVrm9MDNDvlCtCXCb9srZVRGoPnPgTwF+2da/s7yfsu+EP2fdC+HmoX OjyaHqfi+fV7Iw3EMkRimnFvaq873Fwhb597qsjbjgcL+2NFAH4ya5+yb+0F4m/4JkeGvgGf Daad8RvCt/8Aaxpk17aOLhYr+eZRHcRSvBlopgwDSLyCCRxn1fxp4C/aW+OvxS/Zd+L3i74b jwndeBtW12bxJZrqllcrYQTm1S2lVhKGlEyxM22NXZDww6E/qJRQB+VFt8N/2pP2RPjj8SPF /wAD/AMHxb+HfxR1Ftbk05NUg0q/0vU5mZpcNOCrRO8jABVf5AmShU787w7+y3+0B4zsf2hv j98YdPtLL4m/FLwdqvhjQ/DdjcxSxWNpLZ+XBDJdFxCZJZI4gW3BAQzsw3lU/WiigD4y+Dfw n8f+FP2F9O+Dev6X9l8YQeEr3THsfPhfF3NDMiR+cjtDyzAbg+0Z5Nb37D3w08bfB/8AZX8B /Df4i6d/ZPiLRYLtLu186G48ppb2eZB5kDyRtlHU/KxxnB5yK+r6KAPhH9pz4M/En4h/tL/s 2fEHwfpH2/QPAGp6zca3c/aIIvskV0loIW8uWRJJNxifiJXIxyBkZX45/Bn4k+Mf2y/gB8V/ Dmkfa/CvgmPW11e8+0QR/ZTd2xjh/dSSLLJvbj92jY74FfdtFAHwn8S/g18SfEH7e3wg+NOk aR5/gzwtoWrWepX/ANogXyJ7mG5SJPJaQTPuMijKIwGeSMGvnvwr8N/2q/2LvH3xB0/4O/DS 1+MPwz8b6rPrlhDHqltpl9pV5dYDxyfaFO9MKqfIrAqituRiyn9cKKAPgv4DfDf9qjxL4I+K Gq/tKavb6fqnxAhubbSPDlu0MtroNvNFJGFaeBTvY71BAdwFTcSWchfz6uv2cv20PEf7Ct1+ yTq3wpjttQ8IalazaVfRazp7LqkUl9c3M52vOqx+UJF2lmBcHoGBFfvzRQB8Z/t//Cjx/wDG 39lXxd8N/hhpf9s+I9Tl01re18+G33i3voJpP3lw8cY2ojHlhnGBk4FeL/HL4AfHnw18Uvhh +1P+z9plp4g8X+EdBi8Pa54cvLqO1XUbDDHENwxEayI0j5Znx8sZXcFKN+mlFAH5ZRfC39pj 9rH49/Dn4m/HnwVb/CjwJ8K7r+19P0j+0odV1DUNUV43jeSSAKqRo0SnDKCACAG37kYfh/8A tP8A7Jfx4+Ivi/4GfD6H4teAfivfHWZrBdTt9Ju9L1eVnMvzz5VopGcnIQ8bQShU7/1QooA/ Mr9ij4O/tLeEvj98avi9+0ToVrpVz8Qk0m4tnsruC5t90ayFrZBHI0o+yoyQlnUBipKM6/Mf 01oooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKK KKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD//U/fyiiigAoooo AKKKKACiiigAooooAKKKKACivgX9r/xd4itte0vwjbXEltpUlmLp1RiomlaR0w+PvBAgwD3O fSsT9kjxd4jXxnP4SNxJcaTcWskxiZiyQvGVw6g/dznacdcjPQV1fVXyc9zw3nkVivq3L5X8 /Q/RWiiiuU9wK/FnwLqP7Z/7SPx/+PPhfwH8dn8C6L8N/Ekmn2lq+jWd8DBNNcrGqsVRgI1g xlixOevHP7TV+BnwM+BPxL+M37UX7Uk3w++L+s/C1dK8Xstwmkx+YL0zXF6UMn72PBi2Nt6/ eNAH1N8Ivi5+0/8ABf8Aa10D9lb9onxTY/ErT/HOlXGo6PrNrZx2V1bNaJNIyTxQoq7W8h1O 7dyUIk+8o/Rvw78Q/A3i7Xde8L+GNds9U1fwtLHBqtrbzLJNZSzbjGk6A5QtsbAPXB9K/GDS fA/xB/Yh/bZ+G+r/ABP8Sr8aD8aH/wCEetdc1RJk1nSnWWKIiEPPOixZuY95GcpuAEfO/wCk /wBigj/hr79sJe/9vaIcexS+oA+5da+Onwi0I+LIdS8X6Xb3HgaOGTWo5LlFbTxc48g3IzmM SEjbnrmvmX9gb9rI/tQ/C+TVvF+r6WfHMd1eTXek2JCPZ2XnlLcmIs0gTbgB2JLHqa8Q+AGm 6B4r/bh/a+0rWLO31bTbiPQYpre5iSeGQxWzAq8bgq2117jqK2f+CRfhvw7a/slaT4ntdLtY dYvb/Uobi9SCNbmaKO5OxJJgN7KvYEkDtQB+oF5eWenWc+oahPHa2trG0sssrBI440G5ndmw FVQCSScAV4T4T/ar/Zu8d+Lh4D8HfErQtY16RtkVrbX0UjTsOdsLA7ZTjtGWPX0r5N/4Kp65 qtp+z74b8H2d7NpuneOPF2k6HqlxC5j22E6TyyKxH8LGJcg8EAg8cHvvjl+xj+yHc/DjQoPE MGn/AAo0/wAG3dnPZ+INNks9IvLZ42CRI99cRsG8x2XPmbi0m1s78GgD7B0v4h+Btb8Yaz8P tI12zvPEvh5IZNR06KZWurRLhQ8TSxg7lDqwKk9QRRZfEPwLqPjXUfhvY67Zz+KdJt0u7vTE mU3cFvJt2SyRZ3Kjb1wSMcj1r87f2eJoZv8AgpX+0tJDMJ0l0fwy6SAgh1On2pDArwQQQcjj nim/Cy4hm/4Kr/G6OJwzQeDNKRwP4WK2DYP/AAFgfxoA+wLL9rT9mXUtT0PRrD4n+H7i98Sn bp0aX8LG5bzDCApDYBaRSigkbmBVcmix/a0/Zl1LU9D0bT/id4fuL3xK23To0v4mNy3mGEBS GwC0qlFBI3MCq5Nfmr/wSa/Zy+Dut/s+23xf8T+FrDWPFjeILi4tNRuoRLcWf9nmMQCBm/1e 2QM+VwSSM5wMR/8ABKD9nf4Q6p+zxD8ZfEXhGx17xeuvXN1ZXtxCstzanTtgt1t3b/VkSKz5 XGSRnOBgA/UL4jftM/s/fCPW4vDXxK8f6P4e1aUIwtLq6RZ1R/uu8YJZFbszAA+td7c/EjwB aeBm+Js/iKwHhJbcXZ1YXEbWX2c9JROpKFPcHFfz8fsXX3xY8W+CvFnxT/4Ze0/47ar431m9 l1LxFqmu6XbuXbaXtEtb2GRokQsWOMBtw/hVQPQ/C3gP4u/DP9jD9q/wp488KDwT4XkY6hoG jDV7PWBpwu5HFzaCW2kdlEPlwj94qbiSQC280Afrdqf7XX7MGj69Z+GdT+KPh+31K+SKSKJt Qi+7OqvEXbO2PerqyhypIII4rwP9sD9smz+APxE+EvgLSdd0iy/4SjXbL/hInu2DTWOhPMge 4ALBY0kAdfNYEAK23B5HzhP+y38C9O/4JbNraeDdMfXZvAUfiZtVa1jOof2jJZLf+YLojzRh zsADY8v5MbcivHPHWh6F4p+H37AOreJNMtNTvdX1TQ9PvZ7mCOWS6tIvsyrBOzqTJGAT8jEj k8cmgD949B13RvFGiWHiTw7exalpWqwRXVpdQOJIp4JlDxyIw4ZWUggjqDXlfjH9o/4C/D69 1vTPG3j7RtFvfDhtl1C3uryOOe3a7j86BWjJ37pY/nRQCSvIGK9e07TtP0fT7bSdJtYrKxs4 0hgggRY4oooxtRERQFVVAAAAAA4FfkL4C+EHw5+Jn/BVT48a54+0q11yTwvpWgy2FpeRpPAJ rnTLJGnMTgqzRqu1cghS+cbgpAB+o/w4+Knw3+L2gf8ACUfDDxJY+JtLWQxPPYzrMscoAJSQ A5R8EHawBwQcYIrz7xx+1X+zf8NfEp8G+O/iPomi62hCyWk95GJYSRkCYAnysjn95t4x61+d OpQR/s4/t6/E3SfgfYJYaX4g+F174lvtKswIrKHVrJpPImECgIrExqOB1nY/xGu1/wCCdP7O 3wT8cfslaX488eeF9O8Y+IfiHLql1reoarbx3tzNJ9tng2ebKGdMKgJ2sD5hZ85OQAfqBL4t 8KweGG8azazZJ4eS2+2HUmuIxZi227/OM+7y/L287923HOa8f8B/tWfs3/E7xGvhHwF8R9F1 rWpCyxWkN2nnTFRk+SrYMuBz8m7gE9q/HX4XfCjxF8Vf2Uf2kP2VvB3iiKw0jwR47uLTw7Nq VyI7WW3t7syCzeY9FkMPmDt5r7jwTS+KfFfhTwRqPw+0z9tD9meT4T/8IrqtidP8Y+DvJis4 7mDJiWSS3V/3QK+aUFxJJ8u5VyCCAftR8Uf2g/gl8FJbS3+K3jXS/DNxfLvggvLhVnlQHaXW IZkKA8btu3PGaoa98TPC3xB+Bni7xt8I/HulRW66RqX2XxFFPFc2Wm3MVs5FxMw3qBbNiSRW BwBytfnH+0P8IfjJ4S/a58RftHfDn4eaB8eNH1jR7OyvNAv5oHv9ISKONCbeKYttE3lFlZI5 GO+RdgHJ474SeLfgNqfwF/a20f4deCNY+FfjabwxrN54h8K6mdtvZt/Z10EayiCRiOMFyGXy 0IBQbdmygD1/4sfHX4q/DTwj+yi1t8TbTXk8Y+KtPsPEeu2SW5sdWsZJ4xMwd4wscZRmBZAh HJyMV93fD79pj9n74reIZvCXw4+IOjeIdZgDMbS0vI5JnVBlmjXOZFUdWTcB61+JvxD8H6H8 Qv2WP2GfAfiZiukeIvEFnp95htjG3upVikUN/CSrEA9ic19Mf8FI/hJ8NPgn8Lfh98Y/g/4b 0/wl4x8F+J9Lh0qXSraK0eZGEjfZn8tQJBmMMN+ejDozAgH3NpmseLT+1r4g0eX4mabd+H4f CyzReC0Ef9pWtz58A/tF/k3+SQWTlyMyDjpj4S+D3xy+N/xS/wCCfVt8Std+Mlh4D8YT69Nb N4n1mK2it1gjn2iAqIfKBccKdmfevT/C3/KWfx7/ANkwj/8AS2xr8zpP+UNEX/Y3n/0qNAH6 t/Gj9uHw98Mf2v8AwH8Eb3xRomleEGtL+48UXdzIomtLlbWV7O3kkZtsIdvKfldzblAIBIP3 B4P+Jnw++IF5rWn+CPENlrl14cuTZ6lFaTLK9ncqWUxTKpyjZVhg9wfSvzQ+PHgLwNrP/BT3 4H2Wr+HdNvrfWvD+tTX8c9pDKl3LDa3QjedWUiRkCKFL5I2jHQU7UL/Tv2TP+CjGo63qcq6Z 4C+POgTXk8h+SCHWNFjMsrH38tWY+r3NAH6Z2PxF8Can431H4a6fr9nc+KtIt0urzTI5la7t 4JdpSSSIHcqsHUgkc7h618x/t3/tIp+zZ+z/AOIPEeg61Zab44v7fytAguSjSzzGeCGeSGF+ JWto5vNIIZRgbgVyD45/wTe0PU/G2kfEf9rfxVbtFrHxl164uLNZOWh0ewd4bWIE8gK29PdU Q88V0H/BU/w/oOpfsVePdc1DTba61LSBphsrmWFHntTPqtkkvkyMC0fmL8r7SNw4ORQBd/Yy 8YXOmfBnV/i/8WP2gbP4lafdraSXt3P9ms7HQLpYfOubQzK+0n9/GG3BPurhBuxX0n8N/wBp j4AfF/WJfD3wz8faR4h1WFWc2lrdIbgon3nSM4Z1HdlBA9a/Ln9obwL4S1zxd+x3+z7NpVto 3w+8aTHVdZsrKNLS31O9tLO02CdYgoZmDFCx+YiTqCAa63/gpn8Kvhp8F/hN4P8Ajz8KNA0/ wb418E+ItNGm3Ok20Vk0qNvJt3WFVEijYGAYHAVgPlZgQD9GvGv7TH7P/wAONQ1bSfHXxA0b RL/Q5LaG+trm7RJ4JLyPzYFeLO/Mkfzrx93LdBmvXND13RfE+jWXiLw5fwappWpQpcWt1ayL NBPDINySRyISrKwOQQcGvx18I/A74afGn/gqN8e7n4peHrTxHZaFo2iPBZX8YmgWe606xTzG jOVZkRWAzkAtkcgEfsZomi6T4b0aw8O6DaR2GmaXbxWtrbxLtjhggQJHGijoqqAAOwFAHlXx O/aL+BXwZuYrH4peOtJ8N3k6eYltdXSLctGTgOIATIVzxu24966LwT8Xvhf8SPCc/jrwH4p0 7XtAtQ5nvLS4SWKHyl3uJSDmMqvJDAEDnGK/JvUfFXwpj/al+LWofBP4H63+0T48nvI7TXb7 VpLGPR9JuIA0X2OzuLi3YRKuzy23jJ8oBWZVJPE/sYwa3ovxO/bC8P6t4XtvAUh0mK5n8O2F zHc2enzvb3TGOJ4cRHbvP3AFXO0cAUAfqVqn7ZP7KuijS21P4q+HoV1lBLan7fEweMsyByVJ CIWVhufaMg816/4o+Jfw+8E+Gbfxp4s8RWGlaBdtAkN/PcIltIbn/U7JSdreZn5SDz2r8v8A /gm5+zB8BvFf7Fekav4q8J6b4gv/AB7/AGkdUubu3jmnxFdz2kcUUrKXiEaRArsIIclxyc18 J69rOsat/wAEo9d8NarfS3em+FfiD/Yul3c7+Zu06GSN42U/3FaV1A6ADAwAAAD959G/am/Z y8Q+Oh8M9D+I+h33idpTbrYxXsbSSTglTFGQdryAgjYrFs9q98r8p/22v2YPgT8OP2ItZn8F eHbLQNR+HltY3mjavaxJDqCXUNxCgka6jAkd59xDksdzMG+8FI/Qr4JeINa8WfBnwF4q8SKy avrOgaXe3iv94XNxaxySg++9jmgD5Y+D3xd+IviX9u348/CbXNZe68J+EdP0KbS7AxxKltJd 2cEkzB1QSNvd2Pzs2M8YFexeKv2xf2WvBPiCXwt4o+KGg2WqwSGGaA3iSNDIDgpKYywjIPUO RjvXxN4C1PRNF/b1/bA1jxLqkuh6RY+GNGnvL+A7ZbS3j0qBpZ4ztfDxoCy/K3IHB6V80/Dm Twrq/wAANU8Gfs4fsm3XjLwPeW2oE+MPGN1pthc3CMZN92ZWg3SGHkR+S4KbAB8wNAH7d6z8 YPhX4eg8N3WteLNMtLfxjNHb6NK91H5WoSzbfLS2cHbIX3Lt2k5yMVs+OPH3gr4Z+HZ/F3xB 1y08PaLbMiSXl9MsEKtKwRFLsQMsxAAr8Lvht8KtV+Nf/BISyXTHkl8ReA7zUte0WRSTLFJp l7PK6RnrloGlVAP4ivoK9M8c/FeD9vDxN+y38H7DbPpetW6eOfGEScxIul77drd8fwPcxXEO D3aNsDggA/Vz4j/HX4OfCDTLPWPid4x0zw3a6kC1qby4SN7hQASYY875AARnapxkZ6iug8Af Ev4ffFTQF8U/DfxFY+JdJLmM3NhOk8ayLyUcoTtcAglWwRkcV+Haat8SvHH7e/xx8XWvwMg+ O174NltNHsLTUdXsdOg0a0AcRvHBexyJKZ/LZgyrlCXJOZK92/ZP8AfG7wj+2T4o8ZXXwht/ g34J8YaDjUtCtdd03UYBqEDhoLtILVo3jDjeoCw7QWc5+bAAPv8Asf2tP2ZdS1PQ9G0/4neH 7i98Stt06NL+Jjct5hhAUhsAtKpRQSNzAquTX0N05Nfij/wSW/Zy+Dut/AC0+L/ifwtYax4s bxDPcWmo3UIluLP+zzGIBAzf6vbIGfK4JJGc4GP1U+PWpeDtI+C3je++IWr3WheGl0i8TUL2 xIW7htpIijm3JV8SkNiP5SdxGOcUAefax+2f+yjoGvnwxq3xW8PQaikhhdPt0bpHIpwyySoT GhB4O5hjvXtnib4geBvBnhOTx54s8QWGkeHIo0lbUbm5jitdkuPLYSsQp35GzB+YkAZyK/Bh 5NK1z9kvXPC3wS/ZLll+H8Og39ynjPxVdadZagYI4ZJTqh/ciSaZQPMQxSbeFVPkwK7ex+Df j74/f8E4/wBnz/hDLvTdU17wrqY1GDQ9cnWOz1pLS7uYEs28xkDkLtQIWVTGWXcpINAH65/D L9pH4DfGXUJtI+F/jvSfEeoW6NI9ra3Km4EanBfyWw5QEjLBccjnkV2vgb4leAPiZZ32ofD7 xBZeIbfTLp7K6eymWYQXUYDPFJtPyuoYEg881+N3gvx/8OLX9qD4Wt+0d+z9e/An4jxXb2Gh 6topjj0bU7q4CwCKcwRosi/P5S7XlCiTDsEYEekaB4s0j9iz9uD4waN4iY2ngT4n+H7jxzYg fdF/pkcs99FH2DuFuXwOcCIYPFAH6S6z8e/gt4efxRHrnjbSbJvBX2Ya2JbuNf7ON46x24ue f3fmOyqu7qTisKD9qH9nS58dRfDO3+JGgy+J5pVgSxW/hMrTs20QAhtvnFjgRZ35425r8YNb 8Ea1D/wSv+M/x58ax48WfGrWbDxHeMR8y2r65araRj/YwXlj9FlA9q7z9s39mr4MfDL/AIJz +G/EXg7wrYaZ4i0OPQLpdWgt401Cae8Ma3DzXIHmv5hkLEFsAhcABVAAP1ls/wBp/wDZ31D4 gD4V2PxF0S48WNMbYael7E0puASpgBB2mYMCpjB354xmun8X/Gv4Q/D/AFifQPHXjLSfD+o2 2njVZIL+8it3SwMvkC4IkYfuzKPLB7t8o5r8lf2+PgB8Ivg1+yN8Pde+HPhfT9D13wxrehC3 1S1t44r6RnRvMaa4UCSQyOBIxdjlwD1Fdv8AHv4WeCfi5/wVZ+Gvh74g6XDrWj2PgEag1lco JLeeW3vdR8oSxtw6B2DFGyrYwwIyCAfoToX7Uf7OfiXwhqvj3RfiPoVx4f0No1v7z7dEkdq0 xKxCbeylDIQRGGA3kYXNdX8L/jT8KPjTplzrHwp8Vaf4otbJ1juGsplkaF2BKiVOHTcASu4D ODjODX5Nj9mv4K3X/BVSbwm3hPTk8NReD08RnR1to1019QSQWqyNaqoiOA5fBUjzPm610Xgv TdL+CX7f37Q1r8LtKg0exg+HI1uPTbKJIbY30C2zKyQqAgLMzHAAGXY9zQB+ivjv9qX9nP4Y +Jf+EO8f/EXRND1sFQ9pcXkayxbxuXzlBPlZHI37eMHvXkP7bH7VNn+z1+zpffEnwLrGk3Xi PVo4B4eS4kE8N8JZoUllgWNx5wihlMo2sV4BOVyD+VP7G2n/ABM1T4GT+Jbf9k3T/jU3jq71 C51HxRqniLSorjUJGuJI5E8m7hkmgEbKRjcNz5lH3hVPxd8MPiH4E/4JqfF7w18WvC0GkL4b 8TWs/heGW/stYm0uyv8AUbTzrWK6tnkKFX3h87GcsxK4OAAftl4R/aa+CeqfD3wv4y1P4gaK tvr4W1S6a8hjhmv4oVe4hViQoePOWXjaK8a+L/x+8J/E7wN4e1f9nz47+HPC4tfFenWeo30s 8MyXMUkdwTpoV0crLclN8Rwu4RsVbGa+OP25fhX4K1rwl+yb8MLPSbXStD8T+KtMs7uCyiW1 Rlv0top2xCF+dlY5Yck85rsv+Chfwi+GHwh+Dfwx0r4X+F9P8L2d/wDFDw9NcRafAkCSyJaX kYdgoGTtUDPfknkkkA/T/wCI/wAXPhf8INJj1z4o+KtN8L2U5ZYX1C5jgMzIAWWJWIaRgCCV QE+1Hw2+Lfwy+MOiv4h+F3iew8T6fC/lyy2M6zeVJjOyRQd0bEcgMAcc9K/NzQ/Cfhn46f8A BTv4n2PxY0+LX7D4YeHtLj0HTNRVbi0ia9ht5prlYHDRlg0rYJB5YE/MqlfqT4a/s/fs8/B7 9pTxN4u+HGtw+H/Fni3SYvtnhG0urOCz+zxuuL6PTUQTKS8ZHmAhMtJxljQB9d3d3aafazX1 /MltbW6NJLLIwRI0QZZmZsAAAZJPAFfNlh+2h+yhqfiSHwnp/wAVvD0+p3DiKNFvozG8jHCq s2fKLE8AB8k9KwP26NS+Eunfsx+Lo/jdq2raT4SvVt4Lk6G0a6lcuZlaO2g85HTMrKAwYBdm 7cQua/IP9p6TVPEP7Iup2/hz9kuD4b+CtBttPkt/E2q3Njbapbr9ohjjdbZYUuXluCwSQl23 B2Lc80Af0Ca/8Q/A3hXxFoPhLxJrtnputeKXlj0qznmWOa9eAKZVgQnLlA65A6ZFHiX4h+Bv BuraFoPivXbPSdR8T3BtNLt7mZY5L24G3MUKsQXb5l4HPIr8mPiVfXWo/Fv/AIJ76nqEzT3F 3p9zLLK5LM8kmnaaWYk8kknJPqa9V/bxuIV/aT/ZEtGcCWTxlM6r3Ko9kGP4Fh+dAHVfCT9u Pw58RP2vviB8GrnxToa+FdLh0218MtBIvm6pfTRh7oLKWPmyI5MexAANvILZNcR+yV+2v4eg +H3jrWP2n/iZp9lqFr471nStL/tCSC2m+wWsVoY444oVVmSNpWy5U4z8zdKyP2cvAPgWD/gp B+0bFD4c02NNDtvD0+nqtnCBZzS2cTSSW4CfundiSzJgkkk8157/AME2v2d/g38QNI+M3xC+ IPhHS/FGp3PjbVtGQ6naR3iw2sCRTFY1mVlQu1w25lAYgAE4AoA/Ynwr4t8L+OdAs/FfgzV7 TXNGv1L295ZTJcW8qglSUkjJU4YEHB4IIPIrxdP2uP2YpPGA8BR/FDw+2umb7OLYX8XM+7Z5 XmbvL8zd8uzduzxjNfi74e8Ra58Hf2IP2wfDXw+mmsLHw948u9GsRG5P2SyvLy3sZgpJJAaD 5MjkE7s55rp7T4XfEvWv2WLb4W6Z+xZpZsLzQ0eDxOfFWjLem4kgDpqplaJZQxYiUqZQu392 SE4oA/dHxb8RfAfgO40m08a6/ZaHLrtx9lsFvJ0h+0z4z5ce8jc2OcV534H/AGoP2d/iV4pb wT4B+Iuia7ro3bbS1vY5JJdg3N5ODiUAcnyy2ACe1fjr8fPA3jXxf8Af2Mvhd8eomGs6l4ut tB1RRdQ3TNaNcizjP2i1kkRy1rsO5XJyfmO7Ne7/ALfHwa+Fvwm1P9nnxz8LvC2m+EtY0/x/ o+mpPpVrFZs1rITJskMIXzAGhGN+SMtj7zZAPcPFf7cfhzw9+23pvwFvPFOh6f4JtdEmfUbq SRRMNfa4aFLGSVm2oyKqkRhQxL8kjAr3n4K6v4rv/jP8ZLHXfiXpvjHTbG905dP0KzEf2rw4 jLcb4rvYitunwpXczf6tsY5z8ceKPAPgW/8A+Csmi2V94c024t7r4fPqU0clnC6SX3264/0l 1KENNwP3h+bgc14lB4x8QeAfEf8AwUT8WeFZZbfVrJNIFvPAxSWB5ob+LzkYYKtEHLgjkFcj mgD9T9Y/a1/Zk8P+Lf8AhBdZ+KHh+011ZTA9s+oQ5imVthilcNsjcNwVdlYHtXpvjz4m/Dv4 XaEPE3xG8S6f4a0pmCJc6hcx28buwyFQuRvYjkKuTjtX5+fA39jv9mTxV+wx4W0jxZ4f02OP xR4YtdX1PxA8UC6hb3d5arczXa3sqFozAzHaWO1UXawK7gfE/jW/7L3hLxR8BPCei2fiL9o/ xH4W0WdPC2hWVzY6npt3YqZIftl9IkBjkKmEqrR5UfZwXUBcsAfpx8Nf2lfgH8Ybi8svhn47 0rxBdafG008FvcL56RL96Tym2uUHdgNo456V8sfszftvaD8bv2hfin8NdQ8TaI2m6be2dp4O gtJF83VIEiupbudHLMZ22xqzbMKigYHUn4Zjk8Zf8PDvgL4j8T/Bew+CE2tx6nbCxsr60upN RthazK0l0lmkaIfnKAOu5hwchRX0v+w14E8EWf7Wn7U1xZ+HtOgl8O+IdOj0x47SFWsY5UvV kW2IUGFXXhgmARwaAPrr9k/xLr0/wNHiH4jfFTSPidPb3V48/iLT2ijsRBGc7GZEiRfJGdxI GO5rqPB37WH7NXxA8Up4J8GfErQtX1yZ/LhtYL2MvO+M7YckCU4HSMtX4D+HNS1SX/gmp8M/ AEd7Lpuh+OvicNH1i4ifZ/oUjPIY2PTBZA/PH7voa/TH9vT9mD4BeFf2PPEmseEvCWmeFdT8 BW1teaPqGn26W13BNDPEiqbhAJH83O1t7MWYhyd4DAA/Qfxb8Xfhd4B1aDQvHHivTNAv7m1n vo4b66jt2a1tQWmmHmEDZGASzdBXO/DP9on4GfGTULvSfhb450rxLfWKl5rezuUeZUB2mTy+ GKZIG8AryOeRX5GeP/D+m/tJ/tK/sUwfFyzXVofFXgv+19UgnUGO5ni09tQIkUcFJJYxuUjB UlSMZFex/HD4aeA/hN/wUK/Zm1z4ZaDZeFpvEi63Z36aZbx2cVxFb2wCeZHCFRjtmYEkZICg n5VwAfrtXgHxD/aq/Zx+E+tP4b+IfxF0bRdWi2+ZZy3StcxbhlfMij3OmRyNwHHPSvfiQoLM cAdTX4S/CXxJ8ONQ1Lx6v7Ln7N+qftAQ+INbvZdR8WeLJ9Nt7e6upSDLHDcXNttNuCfMCEI5 3ksBkYAP2Zh+LXwxufh+/wAVrbxVps/g6OEzvq8d1G9ksSnazGZSVG08HJyDwea821P9rr9m DR9es/DOp/FHw/b6lfJFJFE2oRfdnVXiLtnbHvV1ZQ5UkEEcV+LfwEF9Y/8ABO39rDw9c2y6 dHpeu6jGljFN58No2y3V4opOjKpUKGH3sZ719Mz/ALLfwL07/gls2tp4N0x9dm8BR+Jm1VrW M6h/aMlkt/5guiPNGHOwANjy/kxtyKAP1o8aeP8AwR8OfDVx4y8ea7ZaBodsFMl5ezpDAC/3 QHYgFmPCqMljwATX51/Gr9sTTPEfxZ/Z5039nb4iWWq6D4q8VNpviCLT3guDJATb7IpldWlh yGfBGwnnBOOPlDQ7dfjZ45/Yc+DvxR36p4MuPCMusT2lw2621C+sbKXyUmQ5EnlLAmQwOUdl /jbPsP7X3wR+Fnw+/a7/AGW/HPgTQrHw5qes+KEsryGwgjto7mO2lt3ikaKJVXfHvKlsZIZQ chRgA/ZCiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAP/9X9/KKKKACiiigA ooooAKKKKACiiigAooooA4Px58NfCHxJsYbHxVZ+f9mJaGVGMcsRbG7aw7HAyDkHA4yBVbwB 8K/Bfw0hnj8LWZjlusebPKxklcDoCx6D2AAzzXotFVzu3LfQw+rU+f2nKubv1CiiipNwr8tr v/gn/wDGvRPir8Q/iX8Iv2ibvwGnxF1aXVbyyttAjuAC8kkkaNK96u/y/NYBgi5z0r9Sa/Lb 9n/9s3RtE8ZfHq1/aR+I9jplh4c8fano2gRag8Fu8dlbTSIsMKRqskqxgKGYhiONzc0Ad98K v2DJ9A+L2k/HP47fFLWPi94s8OIV0k38S2lnZMwIMiW4km+YZJUB1UN8xVmAIh+Iv7E3xFPx 08RfHb9nT4w3Xwu1PxtFDFrtqdLh1S3uGiQIJY0mdFVsDI3KWDsxV1DFa+rPFXjzQ/GXwM8U eOPhf430y0tZtE1KWw8RxzRXFhYyx28m27kcb0KW7jfICDjaQR1Fch8K/il4d8KfCH4eSfFf 4m6P4g1jxJEtvb62k8UFtrN1kktbcIp47ADp0oA8x/Zb/Yui/Zp8f+P/AB0/ji88ZS+P4bD7 V/aFuFuRdW6u11PJcCVvN+0TSO4XYvlqQm58biz9kb9kbxn+ylqGteH7T4mzeJvh1c+e+maD cadHDJYzzyo/mm7WVmkIRSjAIqsTvAU8H27wP+1B+zv8SvFLeCfAPxF0TXddG7baWt7HJJLs G5vJwcSgDk+WWwAT2rpvih8bPhL8FdPtdU+K/izT/C9vfMyW/wBtnWN52TBYRR8u+3I3bQcZ GcZFAGP+0F8B/BH7SPwt1X4U+PkkXT9R2SRXEBUXFrcwndFPCzBgGU8HIIZSyngmvieb9gX4 wfEN/D/hL9o34+X/AMQ/hz4angnj0NNKh0+S+Nt/q1vbpJXklAHDF97sMkMjfNXR+Df2ldT+ I37fNp4C8BeNLbxB8MLzwE2rQw2LW89s9+t6YWlEyKZN6gbWQvgHgrmvUP2dfipbeE/gBbeM fjh8ZtC8dB9TmtT4ltpYYLB3kcLDbBlSNPMU/Ljbkk0AcX8Yv2LvG2v/AB1n/aK/Z8+Klx8L PF2r2EWm6sP7Nh1O1vIIVSNG8qV0VWVI0GGVwSildhyTe/Zw/YjuvgH8aPE3xs1b4jX3jjWP F+kiy1JtQtFjmlvGmjmkuRKsrBYz5YRIAnyLgbzivd7P9qj9m/UPHI+Gll8SdCn8TGb7MLJL 6Iu1wGKeSrZ2GXcNvlht2eMZr0X4hfEz4ffCfw8/iz4leIbHw1pCOsX2m+nWFGkYErGm45dy ASFUEkAnHBoA8Z/ZG/Zw/wCGWPgxa/CH/hIf+En+zXd1dfbfsn2Ld9pbdt8rzpsbemd/PoKX 9kX9nH/hlb4M2nwj/wCEh/4Sf7LeXV39t+yfYt32l923yvOnxt6Z38+grqfCX7Tn7PfjybRb Xwf8QtF1a48Qzy21hDBeRtNcTwIskkSxZ3h1R1YqQDgg45r3SgD81bv9hb4o/Drxf4o1z9k/ 41XPwu0LxndPeahok2k2+q2kNzLnzJbMysvkcYChV3AADftVVXqfCn7Afhbwd+zX4/8AgXpn im5uvEPxMEkut+J7238+4uLuRt3mGDzV+RfmKoZScszFySa1NM+K3jL4y/tp6j8NvBGry6d4 B+DFisviE2xGNV1rUlIt7ORsHEVugdyFIJkRlYEYx8leD9T/AGy/2jv2jPj14N8AfHR/Aeif DXXUs7W2bRrO+VoLqS5EaqzKjDyxb4yxYnd145AP0ZvfgH9r/ZUH7Mn9u7MeEI/Cv9rfZc/6 uxFl9p+zeb3xv8vzf9nf3r57+Iv7CF14w+BPwj+F/h34gzeH/FPwbmtLnSdfisFkV57VQN7W jTfLllRl/ettK87gSK8X1j4zftdfsU+P/CX/AA0/4r0/4n/Cjxhfppcmu2+nx2N9pN1IpMe+ OBUUocFznzSyK+0qwCt0H7Wvjr9ozVf2yvhf+zp8FfiQ/wAPbPxhoN5eTTiwtr5BPaC7mLFJ l3HckATAcAZzjrkA/SfwDo3ifw74K0TQvGmu/wDCT67YWkUN7qn2dbT7bOi4eYwIzLGXPJUE jPT0r8abn4RfET4mf8FNPjzq/wAJviJcfDfxV4b03QJIL2Ozi1C3uIbjTLJJbe5tpiqujFVY EkhWUNtJAI7n42af/wAFDv2Uvh/ffHE/G3T/AImaN4aaGXUtHvtDtrLzLaSVYyyPCC5KlgWC yRkLkgkjafvXwv8AEz4Caf8ADrSv2qvEMWh+Bz4+0nTby81a7Fva3Uyz26PDbT3ZVJJ2iXCI pJ4X5RgUAcd+zn+yWnwh8ReK/ih8TvFU3xM+JfjdBb6nrd5bJbILJQuLSC2VnSOH5F3AHBCo AqqoFeHaZ+wb8X/hbca54b/Zq+PmofDz4f8AiK5luZdFk0m31KSxacfvPsN1LIjxZ6KUCsow SzuA1fbnwv8Aj38GPjUt0fhT4z0zxPJZANcRWVwrzQqxwGki4kVSeASoB7GvzN1DXf2u/jl+ 2d8ZPg98MfjS/wAPtB8CLp09tCdJtL9Sl1bxFkBdVcfOWbLM3XFAH01J/wAE9Pgqf2XLv9mG Ga7S2vbldUm1okPfyawuP9ObPykkDy9nA8v5c5+evK7r9gb41/EyDQvBv7Sfx/vPH3w/8PXc N0mjw6Pb2Et6bcERi6u1keRhzht/mEgnDK2GHnHj/wCJX7aH7EfjXwDr3xm+I1h8Wvhv4u1i DRb0tpkOm3llLOGIeMwJkkIGcZdw2wqVXIav2PoA/Pz4s/sXeNr/AON9/wDtEfs4fFCb4WeL tdtIbPWIjp0Op2N+kAREcwysFRgkaA5VwSuRtJYtL8Pv2GD4a8H/ABfPjbx/d+MfiL8Z9Iut I1XxLdWUcKwQz2r20Yhs45MBYw4JXzQGCIo2AV9GftE/H7wf+zP8Mbz4r+OrO/v9Jsri3t3i 02OKW4L3LiNCFmlhTAJ5y446A17lQB+a3xC/4J223xD+Bnwf+CV38QrnTIvhVN5rajZ2AS5v eMZiBuCLVweVfMuD2q3o37DnxK8X+P8Awp4q/ag+M938VdG8BXC3ejaR/ZNvpdu11EQYp70x O/nsuOQwLHu5UsrfoB4o8UeHPBXh++8V+LtSg0jR9MjMt1d3LiOGGMHBZ3bgDnqa8SuP2u/2 YLXxJZ+Ebj4o+H01a/WJoYTfxYPnqrRBnzsQurKVVmBORgc0AZOlfs2/2Z+1nr/7Uf8AwkXm f254XXw3/ZH2THlbZ4JvtH2nzju/1ONnlD72d3GD8zN/wTjDfsaJ+yP/AMLC+7rH9q/21/ZP /TUy+V9k+1++N3ne+O1foD41+J3w7+HB00eP/Elh4dGrytBaG/uEt1nkRd7KhkIBIXk88Dmv kr4v/H7wn8TvA3h7V/2fPjv4c8Li18V6dZ6jfSzwzJcxSR3BOmhXRystyU3xHC7hGxVsZoA0 f2nf2SPFHxr+JHgj4y/DD4jT/Dbxt4IhurW3vUsI9RR7e7Uq48p5IwGAdxk7gwbGAQDXx9/w U71X4dfGPw34H/Zz8L65b+IPjQPEtjZW9rZH9/a/aYGS6kukXd5MDo6Oyls/dblVYj9aPDXx J8A+Mte1/wALeFfEFlquseFpVg1W0t5lknspXLBVnQHKFijYz1wa8/sdN/Zxtvjvfvp9j4dT 4vTWIvLqSOG3/ts2QVYRK7hfOCFSqE55XaDkYoA9B+G/gTRfhh4A8OfDrw4mzTPDWn22n2/G CyW0YjDNj+JsbmPckmvNv2ofgb/w0l8CvE/wV/tv/hHf+EjFmPt/2b7X5P2S8hu/9T5kO7d5 O374xnPOMHC1j9s/9lHQNfPhjVvit4eg1FJDC6fbo3SORThlklQmNCDwdzDHevF/23P2xLb9 nrRPANv4N13SBqvi7XNNS4Ny6zNFoE5kM99CoYKU+QIJDuQbicZwQAekfHX9kLwv8dPhV4R8 Dajrd1oXiPwD9lm0LxFYIEurK8tY0jEqpuzscorNGJFOVUhwVBrx7Tv2HfiP4+8Z+GPE37V/ xkufitpfgy5F3pmix6Tb6RZPcxjEc90Ldz5zDrhhn+EsUZlb7OvvjT8I9M+H1v8AFfUvGGlW vg67VWh1aW7iSzlDEqoSViFYsQQACSSMAVS+F/x6+DPxqS6b4U+MtM8TvYgNcRWVwrzQqxwr SRcOqkjAJUA9jQB554C/Zw/4Qj9pz4m/tG/8JD9t/wCFjWmmWv8AZf2Ty/sf9nW8UG77R5ze b5nlbseUm3OMnGT9PUVx/wAQtSvtF8A+JdY0yXyLyx0y8nhkABKSxQuyNhgQcEA4IxQB8Cy/ sO/GHwH8U/G/jj9mz43y/DvR/iLfPqOq6bPoltqwjupWd3kt3ncBfmkbaAqlQQCzBVwz4dfs TH9mib4x/Eqx8f33iyHxt4Zuo76DVLZWvH1COFpJLtrxZcMJHaU+WYcjeBvO35vRf2Lvjzfe I/2J/CHxx+PniqBbiZdTfUtX1BobSILDqlzbRFyojjXCIiDAGTjqx5+nLz4o/CW7+Gr/ABJ1 TxJpTeBb2BmbUrmeIadLA5MZzJIQjK5yoHO7oM5oA/F79iD9lz4++OP2SPDuq/Cz4833gPwx 47Gpf2tpH9lQXpieK+uLN3sblpEltzLFCu4IVO/LbjkAerf8FB/gv4J/Z/8A+CdNt8KfAEDQ 6Vo+q6YPMkO6a4mklZpZ5W7ySOSxwAB91QFAA/RP4FfF39mXxhp3/CD/ALPPiDw9NZ6Ksjrp OiGC3W3jeQs7paRhNqNIxJZU2lmznJ56Yar8Dvj5a674KnbQ/H1t4dvRbarp1xHBqEdpewsw CTwSh1SRWVsblyCDjoaAPh24/YA+KPjCDQ/ht8YfjvqXjP4P+HLiCWDw8+mw2l1dQ2pzBb3u oRP5kyIAAWYEnGVEbBSv6cWlpa2FrDY2USwW9uixxxoAqIiDCqoHAAAwBXKWPxF8Can431H4 a6fr9nc+KtIt0urzTI5la7t4JdpSSSIHcqsHUgkc7h612dAHxkf2OdD1L4v/ABv+JHibX31D SfjZo1tot1pcdr5EllDBZpaO6XXmvvZgu5f3S7CR97GT4D4Q/YG+O2g+B0+Beo/tF6i/wijE kB0my0a1tdRksZnZntf7RZ5JY0bcQcBgVJXYFO0fVPxp1fxbYfGj4N2GhfEvTPB2mX15qI1D Qrzy/tXiJEWDy4rTcjNugJYttZf9YM54x7b4K+I/gL4j2+o3XgPX7PXotIu5LC8azmWUW93E AXhk2k7XUMMg80AfLPwO+H/gL9gP9n5fBPxT+IllceG4NTumttR1C3XTkVb0GUWrKZphJJlZ GBBXcDgIMc/J3/BKX4KeG9Jm+J/7Qfh20mg8PeKNYvNK8J/aVKyLoNtcvLuXIHyyuUUj+9Cf x/R+O/8A2fv2nvBF0iy6D8SfClnebJw3kahZxXluofDbtyLIiyA+oVvQ18UfHT9u34VfCnUf gt4R+B3irwv/AMIt4g1yztdWltXiaDTdAhnWKR4VjZYoYztkj3lSECMFAIyAD1L4wfsaeI9c +Ms/7RH7PXxIufhV481K1W01V1sIdSsNTijCqhmtpWVQ4CqCx3j5VIUOCx1v2cP2O5fhB8Qf Efxw+KHja6+JfxP8UQC0uNXubZLOKC1G391b26M6pny0BOcbVAVUBYNzP7SPxx1r4NeKvhP+ 0l4f8Sf2t8H/ABHNBoev20brLZLa6oPOstYgYA48sg+YwJDoVUDJzX6AqysoZTkHkEdCKAPm P9kX9nH/AIZW+DNp8I/+Eh/4Sf7LeXV39t+yfYt32l923yvOnxt6Z38+gr1L4x/Czw78bPhf 4k+FPitpY9L8S2j2sskJAliJIZJEyCN0bqrDIIJHIIrnfib+0j8Bvg1qVvovxR8d6T4c1G6Q SR2t1cqLgxsdokMS5dUJBAYgKcHng16P4Q8aeEPiB4ftvFfgbWrPX9GvATDeWM6XED7ThgHj JGVPBHUHg80Afm1pP7A3x3vvh7B8CviD+0ZqOpfCyytlsYtK07RbWxvJbOJQIbeW+Lyy+UmA DGdwZPkyBjHR3H/BOyxv/wBmfwJ8DL7x9PF4m+GOoT6l4e8U2Vh9mmtJprh7kBrY3Em5Qzjp MpJRCCMHP0+n7XH7MUnjAeAo/ih4fbXTN9nFsL+Lmfds8rzN3l+Zu+XZu3Z4xmvcPEPiPw/4 R0S88S+KtSttH0nT4zLc3d3KkEEMY6tJI5CqPcmgD8/PDH7EvxU8T/Evwb8Rv2ofjPcfE1Ph 7ci90XTINJt9KtkvEKNHPO0LHzWBRWwVDZA+fbuVvmr/AIKRr8LP2n/Hvwn/AGf/AIca1Dq3 xNj8Sz6ddrYt5r6VpkkZTUjd7QdhQxo+0nO1H4x1/UH4b/tLfAH4v6zN4d+Gfj7SPEWqwKzt aWt0jTlE+86RkhnQZ5ZQVHrXJ6n4h/ZF+DvxC8T+KtWuvCXhHxt9mS81m9l+yWmotb3LqqvN KQshEz7eMne2OCcUASftA/s26T8af2atT/Zs0HUx4S0y7tdMs7W5W2+1rawaXc288aCHzIdw K24j++MZzzjBxv2h/wBl7/hfX7Nafs8f8JL/AGFsi0yL+0/sf2r/AJBzRtn7P50X+s2f89Pl z3xXb2X7Un7Oeo+BLn4m2fxH0J/DFnMtvPfG+iWOK4ddyQuGIZZWUErGRvI5AIrtPh18Xvhh 8W/Dsviz4aeJ7DxHpEDtHNcWc6yLC6jcVlGcxsFIOHAOOelAHjf7Uv7Mo/aV+Ddh8JP+Ek/4 Rz7FfWF79t+x/bN32IMNnledDjfnrvOPQ1c1j9m/+1v2t9C/am/4SHyv7F8Mv4c/sj7Ju83f PPN9o+1ecNuPP27PKP3c7ucC9ov7YP7LniLxSngvRPil4fvNYmlEEUKX8WJZWO1UikJ8uRie AEYknp2r6QoA+YYv2cPK/a3m/am/4SHPm+GB4c/sj7J0xOs32j7V53tt2eV77u1M0P8AZri0 j9qvxZ+0zPrwu4/FPh6HQG0ZrMBYlieFjKbgytvDCHGzyh977xxz6l8S/jV8JPg3ZwX3xT8X 6Z4Xiu93kC/uUhkm2fe8qMne+O+1Tiovhd8cfhD8a7K5v/hR4u07xPFZFRcCynV5IS33fMj4 dA2DgsoBwcdKAPha2/YL+MPwtufEGifst/Hm9+HHgjxLcyXUuiT6TBqYsZJvvmzuJJEeIYwq hQjbQNzswDV6BY/8E+fhrpH7JPiT9lfSdZu4h4qkW9v9dlRZbufUo5op0uHjyAUVoEXygw+Q Eb97Fz9kfErVb/Qvhz4q1vSpTb3un6VfXEEgAYpLFA7o2GBBwwBwQR61+afwz+L/AMYfiL+x D8FfiTq/xf0/wR4p17xIYtS1fV47eNdUt473UIf7OjURGMSypHHt2qpxGeeuQD02D9iT4ja5 oXwfsPid8XW8T6j8IvFVt4gtrttGSFrmztPI8qwIW5G3b5J/fnex38oduT7t+1R+zf8A8NM+ FfCXhn/hIf8AhG/+EW8TWHiLzfsn2zz/ALDHPH9n2+dDs3+dnflsY+6c8eB+K/24/Dnh79tv TfgLeeKdD0/wTa6JM+o3UkiiYa+1w0KWMkrNtRkVVIjChiX5JGBR8JP24/DnxE/a++IHwauf FOhr4V0uHTbXwy0Ei+bql9NGHugspY+bIjkx7EAA28gtk0Ad78dv2QdY8efFjT/2g/gl4/uf hb8SrOz/ALOub6Kyi1C01GzHKx3VrKyK5HygMxYYVfkJRCt79nH9kq/+EXjzxF8avin45uvi Z8TfE9sljPq9xbpZw29khVvs9tbRsyopZELEED5RtVPm3ct/wT7+MHxC+L/wz+IPiH4n622s Xei+NtY0y2mljihENjbQ2zxxfukRcIXY5IJ55Ne5aH+1r+zL4l8Xp4D0D4naBfa7NIIYraK/ iYyyk4EcT52SOSMBUYkntQA39qT9nPw1+1L8H9R+E/iW+l0pbiWG6tb2BRI9rdQEmOTy2IDr gsrLkZVjgqcEfHPjL9gX49fGnwJL8PPj9+0bqHiPRbWHGn21lolrYx/aoxi3uL5kk8y7WPqY mZSWAbzA3NfqdXA/ET4p/Df4SaIPEfxN8S2HhjTXfy0mv7hIFkk67IwxBdsc7VBOOcUAfIfx W/Yel+Jnwf8AhP4Ng8e3Gg+Ovg3DaJoniazswv7y2ihiZntDMcCQQRsQJuGUHJXKnz+0/YB+ JfiX4q+APjd8aPjje+NvFfgbVLa9jV9IhtbE2luwkNtBBBMiwvI4y8+GLAAGPjJ+6vhj8bPh J8Z7C41L4VeLdN8UQ2ZUT/YbhJXhL/d82MfOm7BxuUZwcdK5nxz+09+zz8NPFcfgbx/8Q9F0 HXn2E2d3eRxyRCQbkM2TiIMCCPMK5BBHBFAHh2pfsh+MbD9rW7/ad+G3xMm8M2viU6cviPQ3 06O7j1GHT0ji8pJ2lQxCSOJRkIzIxZgSDtHpP7K/7N//AAzN4V8W+GR4h/4ST/hKfE1/4i83 7J9j8j7dHBH9n2+dNv2eTnflc5+6Mc+SfsJfGPx98X4vjNc+O9dOuQ+HPHWqaXpblIUWHT4N pijUwooZQDkM2SfU1N8ev20fgvD8JfiXY/CL4p6LN490PQ9RuLCO1u4JpRdW8DuDCH3RzMhU kqu/pkjFAG98Of2LfCvhbwr8aPA/jbV/+Er0P4za7qGsXUH2X7I1ml+SwiR/Nm3vE2GSXCEM AwUEV88z/wDBPr4+t4E/4UPD+0lqQ+ERX7P/AGU+i27agLDdxZ/bvNEhj2fL2THy+Vs+WvuD 9lrxd4i8ffs4/Dbxr4uvW1HW9b0Gwu7y5ZURpp5oVZ3KoFUZJzgAD2r3ugD4m8b/ALFHhTW9 J+BfhnwRrB8MaH8D9csdYtrZrX7Y98tnIkrRPJ5sXlvKylnl2v8AMxOztXd/tOfs4f8ADR1j 4Dsv+Eh/4R7/AIQnxPY+I932T7X9p+xBx9nx50Pl79/3/mxj7pr6eooA+GPj9+yH4x+Jnx38 MftEfCj4mTfDrxXoWmf2NO39nR6jDc2PnSTbdjyxBSTK6tncCNpG0rk9V4C/ZI0Hwv4++O/i rxRqyeJdH+OjWgvNKktPIW0gt4rmKSIy+c5m8xbg/MEjK7eMk8fXtFAH5Tj/AIJ6fGvTPB0/ wM8L/tGarp/wcuWljOjPpNvLqCWUzEyWa6h5iv5bhiDhVTk/uiCQe6+IP/BP/wCy+J/h98QP 2Z/Hc3ws8T/DzRl0C2meyj1SC5sE8wgTRSsimRjNIXdg4YkHaCoYfo9RQB+aGm/sB+O7n42+ BP2i/iB8a77xb468KXvm3clzpMMVjcWIG0WdrbQTItnhWlzIDIGZ9xjyDu9I8L/sh+Mfh/8A tUeIvj/4A+Jk2l+GvG11FeeIPDMmnRzpeyxQyRoBdGVWjCvI0ikR5BO0lhX3PRQB+eXgr/gn n4F0v9kq6/ZQ8fa/L4lsZb+bUoNWt7VbC4tbp33xSQxtJcANHypJYh1ZlIAJrkLv9gv4zfEb T9I8A/tEftBaj49+HOiz28v9jQ6VDp02oLbkFEvb2OV5pAMDJYux+8GV8MP08ooA+VPFP7L1 hrv7R3wq+PWl60mk2fwt02/0yDRY7PclxFeW0tsm2cSr5IiWQEL5T5C4yM5F34s/s4f8LR+O /wAJPjZ/wkP9mf8ACrZNRk+wfZPO+3f2hGkePO85PJ2bM/cfdntX09RQBHNDFcQvbzqHjlUq ynkFWGCD9RX5ceB/2BPjj8IbTWPh58Fv2hr7wl8M9Xu5rr+zRottdajbLPhZI4L6STfGxUAC VAmD82zdkn9S6KAPzX8Af8E7rX4cfBL4xfAfRPH89xoXxQmEtnNdaeJLrS+Nrea63Ci7ZlVB kLBypOPm4+n734B/a/2VB+zJ/buzHhCPwr/a32XP+rsRZfafs3m98b/L83/Z396+iaKAPgDx j+wfpXiX4IfDD4f6Z4xudC8dfCGGBdA8WWdtsmiljCiTfbeaQYpdilk83IKj5iNwbgoP2B/i z4s+L3w/+OXxu+Olz4z8R+A9St7uC3GiQWdibWBxIYIooJkWOSR1BebacjAKHaDX6eUUAFFF FABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAf/W/fyiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAK/Gv9h34GfCfx1+0F+1J8QPHHh+w8SavZ+PtZ023j1G3juo7a3e 8uJHZI5VZQ0pO0tjOEwCAWz+ylfl1Z/sBfGDwB8S/iD8W/gb8ernwdrnxD1vUNSvbdtDgvLH 7Ne3D3EcDQzzOHmt2kfbcYBIOAiZYsAfNnhPR7H4Xa3+338D/Ai+R4E0vwteapaWkZ/0eyu7 3R53mjiX+EHcUwOixKO1eYfEjwjpXxA/ZT/YZ8B66pfTfEniOw026VSVJgvJ1hkAI5BKseRX 6jfDX9iXQPhz8Dvib8Mx4outc8XfFyz1KHX/ABTfQiS5uLnULeWAS+QJB+7iMzOsZlJLM2ZP m4wp/wBhkT+BP2fPBX/CbY/4URrNlq/n/wBm/wDIV+xzLL5Wz7T/AKPu243bpcdcHpQB85/t 8fBr4W/CbU/2efHPwu8Lab4S1jT/AB/o+mpPpVrFZs1rITJskMIXzAGhGN+SMtj7zZ6Xwh4P 8NfG3/gpl8X/APhbmmRa9B8N9D0i38P6bqSLc20Ed5BDLLcJDIGQsXdiDjjzP7wBH2P+05+z h/w0dY+A7L/hIf8AhHv+EJ8T2PiPd9k+1/afsQcfZ8edD5e/f9/5sY+6a8++PH7ImveOfitp 37QPwM8ezfC74k2lodPu76OzTULXUrLjbFc20rKjFMDDEMMBcrlEZQD5e+HXwo8A/CT/AIKw 6tpnw60630jT9b8BSapNZWqLHb29zNdRxSCONQFjDiJZNoGMscYBwPgM8/8ABHAj/qdP/a9f rr8Cf2H/ABN8Kv2h7r9pPxx8Vbvx/wCJ9Y0ebTtT+1adHaia4llRllhMUxWGGOKKONYBGQMF g4BCLxP/AA7gH/DHH/DJX/Cw/wDmNf2x/bP9k/8ATTf5X2X7X+G7zvfFAHlX/BQ/9mH4IfCj 9h+5vfAnhDTdG1fwTNpH2LUrW2jhvy73MVtK0lygEshkEhZ97HLYbqARpePNO0v46f8ABQn4 R/Df4twjV/DGg+Al8RWumXmJLO91Sd5FeaSFvlkwqg7SDkxc5XIP3v8AtV/AL/hpv4H678Gf 7d/4Rv8AtqSzk+3fZftnlfZLmO4x5Pmw7t3l7fvjGc84wfh79tKy+B2n/FP4P+EvG/i7WPhP 4+0vT5H8PfEC1ihTTIlgUxzWl40kyHDYB2n5V83az7ZHBAOW/aC+Dnwu+Gv/AAUR/Zp8TfD7 RrPQb7xPPqa6ja2ESW8L/YoVEM5ijCqHcTOrMB82wZ5GT+ydfz7+BvCNv4z/AOCh3wlu/D3x dvPj3rnh63vtQ8SeIIkhXStPtYoJEtLe3W1MkUQMpbeFkKl5U6MWr+gigD8t/wDglz52r+HP jj431Rt2sa38R9YF2W+/mOOGUBj/AL0747VU/YO/5Ox/bG/7GfTv/RupV0/7OukS/s6fti/F n4H6tiDQvitI3jbwvJ92OSUsy6nar282MsrBByIkDHgjGNqX7APxp0v4t/ET4pfCH9oa78Aj 4jam2o3tnbaBHc4w8jRI0r3q7/L81wGCLnPSgDO/4K/azYL+zBp3gpALnXfFPiHT7fTbVfmn lki3u7RoOTjhCfV1HUivIv2ttC+MF9/wUE+AuhfCHX7LRvHg8JXqW2palD59qrxxXxuGkj2P nzIhIB8pwzA8YzX1B8MP+Cftvo/xT0f4z/Hz4m618Y/FHhsh9J/tRRBZWUoIZZUt/Mm+dGAZ AHChsMVLBSPavGn7Mv8Awl/7V/w+/af/AOEk+yf8IJpd7pv9k/Y/M+1fa4rmPzPtPnL5e37R nb5TZ24yM8AHyR4z/Y//AG3fj/pK+Af2h/jppieB7maJ9QsfD+lpFNdpEwdUMjRQkfMAQGLI CAxRiAK5b4i/DLwZ41/4KG/CT9nbxdp6XHw4+HXgRb7RtEuSZbOeeFpbdDJG+RIFSJMhs7vJ +bKlgf2Jr4//AGl/2S7T47+IPC3xM8H+LLv4d/ErwSXGla/ZQpcFYZD88FxAzIJojlsKXAG9 wQysykA+QP2t/APgn4E/tVfsz/FD4Q6Ta+Ftf8S+J4/D+pQaZDHax3+n3UkEMnmRRqqMUSZl 3EZ+Zcn5VK+R6b4c/aU8R/8ABRD9oiH9m3xZpHhPUIYtIa/k1e1+1JNCbWAIsY8qXaQ2STgc V9x/Df8AYx8VH4vaP8d/2lviZcfFjxX4ZhaPRYTp8OladprueZo7aBijy46MQvOCQzKhX0/4 Z/szf8K6/aT+KH7Qv/CSf2h/wsmGxi/sz7H5X2L7HGkeftHnP5u/ZnHlpjPegD5is/2Jv2hP i98RPCfjL9sH4s2vi7RfBd4mo2Og6PYLZ2kl3GwZGmcJFuXjByjMVyoZQTn9RqKKAPwb/wCC lHwj/ad8PfBLxX4y8dfGseJ/BE+tW7weHRotta+THPdZtk+1RnzG8gEDJHzY5r9L/gD8I/2m /h/4pv8AVfjb8ah8StHuLJobewGi22m+TcmRGE/mwks2EVk2nj5s9hX0Z4x8D+DPiJocnhjx 7oVj4j0iZ0kez1C3jurdnjO5GMcqspKnkHHBrqaAPkD9vv8A5M2+LH/YFk/9DSvmHwd+yh+z 3J/wTitba68M6bJPqXggeIJ9YaCM3q6jLp/203IuSvmDy5DhRnAjGwgrkH6e/b7/AOTNvix/ 2BZP/Q0r4f8Agz+xP8bPiF+zR4B8G/8AC/8AUrD4S+LdB0rU73w+ul273iR39tFc3FnDqO8S C3Z3YKpG1VO0o4zuAPm74jR6n8ev2Wv2I9D+JLzXL+KPFUei3kk0jGWa0+2fYUcvncS9uqnd nPOc55r6t/4KF/CL4YfCH4N/DHSvhf4X0/wvZ3/xQ8PTXEWnwJAksiWl5GHYKBk7VAz35J5J J+vfif8Ase+GvGg+CGneD9UXwlonwT1ux1azsUtDdC6hsWjZbfzDNGYy3l8ykSEklipPXqP2 qP2b/wDhpnwr4S8M/wDCQ/8ACN/8It4msPEXm/ZPtnn/AGGOeP7Pt86HZv8AOzvy2MfdOeAD 5L+ITQfs0f8ABRvwt8TJXWx8H/HnSZdE1SRjthi1jT1QwSt0ALqsKKT13ynnmvNP2cpfC3xF 8F/tL/tvfFzUrzQvDvxDa/0myvrb5L218NafGbcG2JR8SSfJEMKT5sIIAJr71/bA/Zd0b9rX 4Sj4bahq58O31pf2+o2GprbfamtZ4cq37rzISweJ3THmLgkNztwdGP8AZc8BN+y1F+yndSSn w6uiJpElzCoimaVQHa7CncokacecQcjccHIoA/IB5NK1z9kvXPC3wS/ZLll+H8Og39ynjPxV dadZagYI4ZJTqh/ciSaZQPMQxSbeFVPkwKxPF+kaPr/7A37Ieua3YW9/qMnjXTdLe5nhSSZr BbnUFFqXYFjDhVHlk7eBxxX3NpP7A3x3vvh7B8CviD+0ZqOpfCyytlsYtK07RbWxvJbOJQIb eW+Lyy+UmADGdwZPkyBjHR6t/wAE97nVv2R/B37M0vxFki1XwBrH9taP4gg00RFJ1muJUWS1 Ny+4KLl1BEynIRscFWAPlv8AbLtdbv8A9ub4TfCHwp8Lbb4jeGvCXhmTWNO8GC8tdG064uZp rpJZiZUMLLEIYz5RU7thGNpYGw3gb9oa9/au+D3xa0D9nOx+CL6dqIsdbmsfEejzJqelXTxx Th7WH7PvaCJnbKI7tlRjKpj7F+I37E/ib4n+GPh94g134pXll8avh4JhaeN7HT4oXuFmlZ/L uLFZArxhG2BRIAcuSCsjocnwT+xf4uX4vaP+0L+1X8WpPibq3giKSTSITp8GkabpzAbmuHji YoWXG/O1MMqsxbauAD9Fa4H4rf8AJLvGP/YG1D/0neuK/wCGoP2aP+iteEf/AAfaf/8AHqgu /jF8CPinp9/8OfC3xO8N6hqviO0ubGCGy1azu7hmmiZSY4I5t8hUZbaOwPI60Afzk/AHV9d1 7w9+zr4Q/aksLmx/ZvOpapa6U0Uix2Ooaub2ebzdSIJYxLPMYfm2AIjleBKT+gv/AAUOk8Ra 3+03+z/8FtD8Cr4+8O21vearD4TF7BpNnqdzao6pE00oMSrBFFkIykMjNGo+evrzRv2FPCK/ sXWv7HfjHW/7dt7CO8e21pbMW8kF5PeT3kFzHAZZNphabYV8394gZSQHIGT4x/YX1D4h/B74 feEfF/xKvH+I/wALn3aD41srL7LeRKhXy1nga4lMoCIgY+crMyBiQS4YA+KfH/gX9ovXfjJ8 Jfid4R/Zi0/4Laz4T1y38/ULDxLopF/pzkLcWj28QthJmLcARubYWUDnj3bUdQ0/9k3/AIKN alrmqzDTfAfx60Ce8nlb5YIdZ0WMyysfUmNWY+r3Nei+Hv2G/iP4v+K3hX4o/tVfGCf4p/8A CCzi60XS4tKg0myjuVKss8yQMVkO5EYrtBJUBmZMqfCv+CpGtfDH406P4O/Z58FatBq/xffx TaWlnYWj77iyS7hZbhrraD5cJjeNmyQThW+6rYAPY/8Agm9oep+NtI+I/wC1v4qt2i1j4y69 cXFmsnLQ6PYO8NrECeQFbenuqIeeK/TKvF9KvPhF+zV8N/CngbX/ABLpfhXRNGsoNLsZNVvI LFZ/ssSqcNM6BnIG58EnJJPWqn/DUH7NH/RWvCP/AIPtP/8Aj1AHxr+2f/yeZ+x5/wBhjxD/ AOi7Cvmr4gfEX/hjL4y/tb+Gkl+xWnjzw1H4w8PEnaBqN9IbCQxjuxvLpmIH8MXbBr1j9oj4 p/DX4v8A7b37KWk/CvxTpni+40LUdeuL7+ybyK+W3SSG2dfMaBnVSVgkOCc4XPSvo39rX9hf wv8AtXeO/h5431fXf7EfwVOftkIshdf2pZNNFN9mLmaLycbJAH2vjzCdpxggH5JfDvxZr/7D Hws/aA+BOvXUi61r/hDQNZ0VD8sn27W7eKxvvKHGTBNcgL3xBk5r6C+NP7PfhL4R6b+w/wDD jVNBsZr+HxJp1jrDS20UjXLzSw3F1DKWUmSI3E0pCNlfmPHJr7q/aL/YW8LftD/H34cfHLV9 d/s4+B2t1u9P+xiddUgtLr7VDE03nJ5ShmcN8j5Vu2K7X9rb9ly6/aW0fwjN4e8XzeB/FPgX V49Y0nU4rZbxY548H5oWePPzKjKd3BXkMDigDjP+Ch/hfQz+wx8R9BtbaCwsNM06ze1hijWO KEWd3bvEkaKAEA2BVAAAHHSvoP8AZt1bUde/Z2+FuuawzNf6h4W0S4uGf7zSy2MLuT7liTXx P+2npvj7xH8Ffhz+xiniIeKPiJ8UryysdQ1QW62pbTtKZLq/1KSCNmEaho48qDhssF/u1+lP h3QdN8LeH9M8MaLF5Gn6Raw2dtH/AHIbdBHGv4KoFAH43/Fr4S/Gb4WftT/Ev45eEfhToH7Q /hnxjHZi8sbmW3l1bSBDEIzbpFKJCofaRhIZd6KgO0qc+Ry/Fr4U+G/2Ev2jD+zloGu/DnxJ DqdpF4i8P6k5DaPLrF5HZyi2XC+XE0IkgA2rIhQBgNqk/eHjz9if4j6d8Z/Evxv/AGYvi5N8 LtT8b+W2uWMmlwarZ3U6Ajz1SZgqtlmbBRjvZirKCRXX/Cb9hfwP4M+H3xI8KfEzXLr4i618 XXaTxPq93ElrJcsN5i8iJC4g8lpGdPmYq/IIAVVAPzgtPhd8S9a/ZYtvhbpn7FmlmwvNDR4P E58VaMt6biSAOmqmVollDFiJSplC7f3ZITisD9oS4+Odz8IP2Pfgh8S/DUnivU9Svb/+1NA/ ta1iTWpNGnigsLaTUY3lh+e2k5be2TJz+8HH2RP/AME+vj63gT/hQ8P7SWpD4RFfs/8AZT6L btqAsN3Fn9u80SGPZ8vZMfL5Wz5a+h/in+wz8KfiB8D/AAj8GPD1zd+EX+HbRT+GtXsmDXun 3cXPnFjtMnmv+8lAZCzgMGVgCAD83/jx4D/aP8Uz+BfFngD9lDTPg54o8E6xa3dhrOn+J9DQ yRRA5sniQWqyK+AQGY4CsANrMD7ZrHwj8A/F3/grTrll8RNGtte0/wAPeBrfVobS8jWa2e5S W3tkMkTgo4VbhmAYEbgDjIFeqj9g/wCKfxM8ZeF9Y/at+Nlx8T/Dngy6W8sNFh0i30qCeeLG yS6aF28zgYYFSxBI3gM2fpXRv2b/AOyP2t9d/am/4SHzf7b8Mp4d/sj7Jt8rZPBN9o+1ecd2 fIxs8ofezu4wQD86/hT+zZ8Fp/8Agp/8WvDlx4T06Xw3oGg2Gq2WjvbRnTYL67htFaVbXb5W V8yUqCpCmQlQCBir4F+EWlT/AB9/bb+APgC8tvA+i65oulpb7MW9jZz3tmXJKrhY4i87qwUc IxCjoK/R7wl+zf8A8It+1R45/aZ/4SH7V/wmmkWelf2V9k2fZvsiwr5v2nzm8zd5P3fKXGep xz5/f/sS+F/EnxK+OXjLxnrj6po3xt06w0+40yO18iTTxYQJEssdyZXEj70WRMxKFYDO4DkA /KPxBpUnwk+B+k/Cj9r/APZehl8E6Kloi+OvBj2z3AjWRNt09xGsnzXPAkaSaLzC2NgJUD+g z4f61oHiPwJ4c8QeFL19S0TUtOtLmxupSzST200KvFI5bDFmQgtuGcnnmvzNX/gnt8fNR8CR fAfxN+0hf3vwigEMH9kxaJbR3z2MLqyWv20ytIqKFABO5OMeXt+Wv0+8IeFdE8C+E9G8FeGo Ps2k6BZW9haRZzst7WNYo1z3IVRz3oA/KP8AaB8TfBq1/bSvLnw58L9e+Pvxb0zQ7e1m0Y/Z W0LRLV9ksT5ngcxTMJAxdtyL5xwQzYHl/wCy4virS/8AgpnrR8Q/Dey+EF3rvgqW4uPD2m3t veQBfOg2SyNaKkIkfYGZQoOfmIyxr7F+Jn7GHxHm/aB1n9oz9nb4sSfDXxD4rtIbPWoJtKg1 a1uVhSONZESZ1VTtiQ4Kk7gSGXcwMPwg/YS1z4X/ALRdl+0nrHxW1Dxj4iutOubPXhqVhGDq Ms4IV7doplW0ijCxBYdkoATAYBhtAPsr4wf8kk8bf9gPUv8A0mkr8D9T/wCUYf7LH/ZSbf8A 9LtZr+hLxhoH/CWeEtb8Lef9l/tmxubLztu/y/tETR79uV3bd2cZGemRXwRc/wDBP8XP7MPw r/Zw/wCE82/8Kz8SR+If7U/svP23y57ybyPs/wBq/dZ+17d/mv8Aczt+bAAPMfFHgHwLf/8A BWTRbK+8OabcW918Pn1KaOSzhdJL77dcf6S6lCGm4H7w/NwOaP2cvAPgWD/gpB+0bFD4c02N NDtvD0+nqtnCBZzS2cTSSW4CfundiSzJgkkk819A/H79kPxj8TPjv4Y/aI+FHxMm+HXivQtM /sadv7Oj1GG5sfOkm27HliCkmV1bO4EbSNpXJNS/ZD8Y2H7Wt3+078NviZN4ZtfEp05fEehv p0d3HqMOnpHF5STtKhiEkcSjIRmRizAkHaAD8iZPGXiTwf8A8E2vjinhuaS2bXfirqGl3csR 2lbS4jtGlUnssgQRt6hiDwTXs3xJ+EPxW8Tfs7y/CTSv2KtL8Lw2VjGLHxCni3RDd2k8QBW8 efy43lLEZl3SgSAkE9CP0K+HX7CXgvw38BviJ+z/AOP9afxXovxC16+1ySeK1FjNZvdrB5Yi zJcAyQPArrIeCeCmMg+J6j/wT7+PninwbZfBLxz+0jqOrfCaz8mM6WmjW8N/NaQMGitpL7zX dlTau0vvXgfu8AAAH3l+zq/j5/gT4EX4pKR4th0i0i1MtPFcs9zFGEeQywM8bmTbvLKxBJr8 99b8JeHvjv8A8FTdW8I/Fyyi1vQPhz4Nhv8ARNLvAJrN7ieS28ydoHBRyGnYHIOSkZP3AB+p fg7wl4f8A+E9H8EeFLRbHRtBtIbGzgUkiOC3QIi5OSTgDJJJJ5JJr5S/aI/ZDm+LXxB8P/G/ 4XeNrr4ZfE/w3AbSHWLW2jvIbm0JY+RdW0jIsoBZgCWIwSGVwF2gHyf8ePB3hb9nv9vr4A+M PgxpEGiX3xBj1fS9c0zTI0toL23gSLy3eFAqbmaTcWwMtEp6rmj/AIJu/Bn4WfGf9nzxD8V/ i54csPGni34ga3qh1m71W3S7uAFfYIEeUFogB8/ykHLA54XH038Hf2OdZ8OfF9P2hvj78Qrn 4q/EOztDZ6ZcSWUWm2OlxOHWQW1rCzJuZXZd3yj5mYrubcPPrz9hf4oeB/GHiq8/Zi+Nd38L PCHji5e81LRF0qHUUt7mVcSy2MksimBn6AoFZOMMQiBQD85/BM+o/BX9gf8Aa00X4cXU6x6N 46n0OC7ikIkWwe4tLJ3LjBO+AlCR/ez0r7c+On7Jf7O+l/8ABPLVItI8L6ZbXXhzwomsWesR 28S30l7BbLcec1yF8xzcsCrgnaQ2AAAuPcfgD+wZ4I+DXwd+InwM8Ta3L438MfEDUbi7lW5g +zXENvNFHGkbSJI/mTR+WH89RH8/zBFxXh2o/wDBOz43a98NZvgFr37R2pXPwstYWi0/S/7G t/tSLGCbSK5uxKJJoLeQI3lZCuqhV8rClQD7F/Yq/wCTSPhD/wBixpn/AKIWvp6vMPgr8N/+ FPfCTwh8LP7R/tf/AIRTTLXTvtnk+R5/2aMJ5nlb5Nm7Gdu9sepr0+gAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigD/9f9/KKKKACiiigAooooAKKKKACiiigAooooAKK/OL9vj9qb4hfCOTwb8DPgJbpc /FP4nXH2axkdVkFjbs4hE218rveRsIzgooSRmHyjPlFr/wAE1Pi5rOk/2/42/aZ8ZP48mQyG 7s7qYWUE7DJWONpllaNTwNrxZA4VegAP10or81f2Ffin+0svi/x1+zj+0vp97q2q+A3BsPFB tZRa39vuVfLe68tY5JCjxyxEnzXRm3jKE191/Dv4qfDr4t6Vea58NPENp4jsLC6eynns5BIk dzGqu0TEfxBXUkehFAHf0VwGkfFT4da/481j4YaN4htLzxX4fiSfUNNjkDXNtFIEKtInYESJ j/eFeN6v+2x+yfoVhbanqfxR0WO2vLmWziZZzITNBt8wFYwzKE3rliAoz1oA+o6K+dPEf7XP 7M/hKPVZPEPxI0a0/sUWpuh9pDun22Pzbfaqbmcyx/OoQMSuT0FdxYfG/wCEOp/DRfjHZ+MN MPghkaT+13uUjtAEcxsDI5ADBwUKnDbvlxnigD1OivnX4cftbfs1/FzxF/wiXw6+Iek6zrTF hHZpMY5pdgy3lJKEMuBz8m7jJ6A16P4t+LXwz8Ba/pHhfxp4lsdE1XX1next7uZYnnS1XfMy 7sDbGvLEkADmgD0Oivmvwh+2L+y94+8Xx+A/B/xL0bU9duJBFDbR3AHnyHokLsAkrHsI2Ymv kX9u39sWf4NfFn4PfDTwh4zs9FjvfEdlL4wQBGuLbSBPauPNZgfKiljaQuVwzKuMgZBAP1Or jfG/w78A/EzSP7A+IvhvTvE+mhhILbUrWK7iVx0dVlVgGHYjBHrV7wf4w8L+P/DVh4x8F6nD rGiaohktbu3bfFMgYqSrdxkEfhXwX/wUn/aK+I3wE+E3h7T/AIVXMWk+IPHWrppCarOB5dhC 0bM8gZgUSQnaAzA7V3sBuAIAPtzwH8Lfhr8LrGTTPht4V0vwtazbfNj0yzhtBIUztMnlKu8j J5bJ5Nd5X5Hf8O2vjGNI/wCEgg/ai8aHx4Yci+N3cfY2lxnZs+0ed5WeP9YeOdv8NezfsL/E 39oLx18KvGPgn9pPT77SvFPgi7m05dbu7SS1S/tirqs6SFI0maFo2DSR43L5bN8xLMAfceue CfCHiXWdE8Q6/o9rqGqeG5pJ9MupoleazllTZI0LkZQuvytg8jrXUV+UPhn4vaZ+zJ+wr4n8 XWnx0tviprgn1OPQ9fvnlnE+pmAPDYotxNOztHsLBS+OTxjOfXv2QP2t/h/4w/Zf0vxx8S/i FY3mveG7CKfxVdXEqI1lLeXEiQm4Cqqx7yAqADHQAUAfoBRWJofiTQfEvh2x8XaDfRX2jana x3ttdxNmKW2mQSJKrd1ZCGB9K5v4f/FT4c/FXw1J4x+HXiGz8QaJDLJA95ayh4VkiAZ1LcAF QwJ9AaAO/or5J1n9vD9j7QdYOg6j8V9E+1hzGfJma4iVgcENNCrxDB7lsV2nxu+Pfgr4bfAT XPjFY+JdNW0fTLiXRb1pVms7u+a3ke0jjZCVk8x1AAU88jNAH0FRX5O/szftG2v7RH7EOv6Z 43+LkGjfEn+yddudZ1VXEV1osMl5cLBdtHAYfLSKIxlNjLhduCK+3/2bzp3hv9njwpJe/EFP iBZWFjI8niieVtl7GkkjNO8k0khCoPlJaQ4C9cUAfQdFfK+lftv/ALJGt+JU8JaZ8VdCm1KS RYkU3OyGSRjtVUnYCFiTwNrnP417d8Qfib8P/hToUfif4j69aeHtKmnjtUubyQRxtPKCUjB7 swUkD2oA7qivmXXP2zP2V/DXjCTwFrvxQ0Oz1uGVoJYXugUhmRtrRyzAGKN1bgq7gg5yODX0 tFLFPEk8DrJHIoZWUgqykZBBHBBHQ0AZmveH9B8VaPd+HfFGm22saVfoY7i0vIUuLeZDyVki kDI6+xBFWNK0rS9C0uz0TQ7OHT9O0+GO3tra3jWGCCCFQkcccaAKiIoCqqgAAAAYq/RQAUUU UAFFFFABRRRQAVXu7S1v7WaxvoUuba5Ro5YpFDpIjjDKynIKkHBB4IqxRQB4H/wyn+y7/wBE e8G/+E/p3/xitrw7+zv+z/4Q1q18SeE/hl4Y0TV7Fi9veWOi2VtcwsQVJjliiV1JBIyCOCRX sVFABRRRQAV59a/Cb4XWPjy6+KVn4S0qHxjeoEm1hbKEahIoQR4Nxt8z7gCH5uVAB4Ar0Gig DifG3w0+HHxLtbax+I/hTSfFVtZOZIItWsYL5InYYLIs6OFYjgkYOK85/wCGU/2Xf+iPeDf/ AAn9O/8AjFe+UUAeR+CvgB8DPhvr0vij4e/D7QfDWrzRmJrvTtNtrSby2+8ivEilVbA3AYBw M165RRQAUUUUAcu3gnwg/jJPiG+j2reJ47I6aupGJTdLZGTzTAshG4Rl/mKg4J5rqKKKACii igAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooA KKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACii igAooooAKKKKACiiigD/0P38ooooAKKKKACiiigAr5h/bF+NGtfAL9nrxP8AEfwzEkutWywW tkZF3xxT3cqwrKwIIIjDFwDwxAU8Gvp6vOviz8L/AAp8aPh3rnwy8awtLpGuweVKYyFljZWD xyxkggPHIqupIIyBkEZFdWBqU414SrK8U1deV9TSi4qactj+UnRP2xP2ntC8YJ43t/iVrdzq Cy+a8Vzeyz2cnOdj2rsYDHyQECAL/Djiv6svg54+PxU+FHhH4kPbfYpPEul2l/JAMkRSTxK7 opPJVWJCnuMGvyB0T/gjgYvGCP4h+I4ufC8cu5ktrExX0sWf9XuaR442IwN+H9dtftf4d8P6 P4T0DTfC/h62Wy0vR7aGztIEztigt0EcaDPOFVQOa+z4zzPL8RGmsIldbtK2nbZf8A9XNcRR mo+y3Niiiivgjxj8WP2jzHpP/BXX4Dav4jjMml3ehx21qx4UXDNqccag9CyzyRsR/tCv2nr4 Y/bi/ZEuv2nvCmhaz4G1ZPDfxH8DXRvtB1FyyJvyrNDI6AugLxo6SBWKOoIBBavmy0+Nf/BW LRdCHgy/+B2i634hiQwR66t/apbSlRtE8kS3aR7j94jdGM/8s1+6AD9NLD4vfC/U/iLqPwjs fFFhL400mJJrrSBOovI4nRZA/lHDEbHViVzgMM4zX5q/8Ecv+SB/EH/sedQ/9IrKvWv2IP2P /G3wY17xZ8dvj1rUfiH4s+PiftssLeZDZ2zusrQq+1Qzs6rv2gRqERI/lXLfLnwr+GH7d/7E ni/x34D+DPw5074neBPFerS6lpd1JqMFp9mkkG1WmEksTg+Usayqy7CyDy35OQD0j9ncg/8A BVf9o0g5/wCJHYfpFp9fMn/BMX9kr4I/Gzwp8TvH/wAXPDFv4olHiCXSLVLpn2W8cMaTyNGE ZSHczKN+cgLhSMtn6k/Ys/Zw/ae+G/7VvxK+Mn7QFpbXH/Ca6PE7alZ3Fu1u99PJbzPaxQrI ZlW2CtCGaMKfLyrMCCfVf+CbPwJ+KvwB+FPjTw18WtE/sLUtW8V3mpWsX2m2uvMtJba2jSTd bSyquWjYbWIYY5GCMgHxT8Pv2dvhl8b/APgqN8bLH4kaJDrHh/wrYwXEGnyZW3a4eGzgi3ou AyJGXwvTdtPbFc5+33D4S8IftDfA39l3SvBWqa18LPDGnNrreE/DsUktxfSTXF2XREB3yAC3 Yuc5VHlIIJJr75+BXwJ+Kvg39u344/GXxJon2Pwd4ws7SLSr77TbSfaXiW3DjyY5WmTGxuZE UHHHaof22v2YPit8QfGvgT9pH9nK7tofif8ADdmWG0vHEcOo2ZYv5G9iqA5eRSGZFdJHBdSF oA/NL9qHVvCXxV8B6fH8EP2TvG3w38e+Hbu1udI1ew8MmwEYhkUukxtEDOAo3RkqWWQAggFs +p/to+Hbr9oD4qfsX6B8TrO4sbjxtZw/25ayI1rcRtcmxe9hZCA0T8umMAqe3Fe0eP73/gpr +07BpvwvTwRD8B9IN1BJq3iG11lZLrbC2WFu1rP5u0n5giA7ioVplUtn1/8AaD/Zx+Kvib9o /wDZj8WeDLC48Q+G/hlI6azql5fQG5SNDbhZpvtEqzTySCNmdkV2LZJ5NAHzf/wVM/Zu+Cfw w/Zx0X4g/C3wdpng7X/DetWEMF3pNslnM0MiyArI0QUyMHVHDvucMuQ3LZs/8FBvCXhDXfi7 +yTr+q6Bp1zqHi7xNYwaxM9pCz6hAZtOXybpiuZowrsoR8qFYgDBNfXn/BSH4K/Ez49/s2ze AfhNo39u682rWN0Lb7Rb2uYYd+9vMuZIo+Nw43ZPYV5n+3V+z58c/iB4Y+CXjj4KaPb654q+ Eup2+oPpk9xFCZWQW8gIaSSONlSS2AdRICQ3y5oA/SvQPD2geE9HtfDvhbTLXRtKsV2W9pZQ pb28KZJ2xxRhUUZJOABya+b/ANqjwT+zr8Z/C2n/AAI+O2uWWm3fim4VtDhe8ittRN+mYo5r FHOXkUy7MbWU79rAhsV6z8GPEHxK8U/DPQ9e+MHhqPwh4wuklN/pcM6XMduyzOke2SN5FIeM I/3iRuwcEED5Y/bw/ZH179pjwx4Z8SfDbV00H4jfD68a/wBEupWZInLGN3iZ1DGNt8UbxvtI VlwQAxYAHyX/AMMQ/t7fs+2uf2Yvj2+vaTYrm30bWwyKI16QwxXAu7UEjjP7kd8rXv37Hv7X njb9oLwv8Svhj8Z9Bj8O/Er4cxS2+pxwKUhuFKyxFwhZ9kiSRlZAGKHKshwdq+T23xr/AOCt 2g6XH4R1L4JaDrmtLGsUesrdW4hlIG3zpUjvkiDk/MceUv8AsAcV7J+xt+yT8SPg/o/xJ+J3 xp1SHW/ip8VTJPfi2ZTBbBvMcRBwEQu8kpL7QI1CqqfKuSAfB37Nvhnw34i/4JF/EufxBpNp qcukTeIL2ye6gjma1uo7aNUnhLqTHKoYgOuGAJwea7q88FeDfD//AARs1DxJoOg2Gm6vr2ha c+o3ltaxQ3N60WrxhDcSooeUruO0uTjJx1r3j9l79lD4weG/+Cfnjz9nf4gaXH4b8X+JRrcd rDNcwXESm8gRLdnltHmQKXX5sEsBzt6CuV+B/wAC/wBqfx5+yF4y/Y5+Ofgu08E2Wn6MLPw/ rIvILgXV0ly1zGtwlvNOQiuseXVBlM8bsCgD7q/ZiIH7G3wuYnAHgfSMn/uHR1+Xn7EOleDN c/4Je/EDR/iJ4wl8B+GbzV9Sj1HV4QrSQ2zLab41VlbeZx+52KpZw+1RuIrt/hvZf8FOtI+E Fh+yrH8O9I0OCwsxoieM7jUbeRLXTCDEsiQRTMZJI4flQqhbAUtHuyayPAf7CPx31H/gnT4m /Z28RWcfhvxvJ4jk1iytZruCWG6ii8gokkttJLGokCNtyflcKWAHNAHmfh34pfsa3vwc/wCF O/BH9mfxD8WFgsHtJNdHh6CKS6nVCr3r6gPOuInLZfdtXy/urtUADu/2IdL0nxv/AMEtviNp njKwttctNBPieWwivoUuUtZYbAXEckKyBgjpLI7qy4KsxIIJr0zwjq//AAUh134QaX+zrpPw e0j4cyWmmw6JP4qudUtnt7e2jiWFpobO3aQ+ayA4MfmKHOQqiu7/AGHf2ZvjJ8Nf2S/iX+z5 8VtFTw9qmuXesRWFz9qt7qCe31Kxjtlm/wBGkkZArqxKuFbBHGcgAHz9+zz4K8G6d/wSJ8V+ NtP0GwtfEWreGPFEN5qUVrEl7cxxXt2qJNcKokkVQqhQzEAAAdBXinxX8R+Ibn/gnV+zB8GN IvpdMsPiVqqWGozxnAa3iunCxP6qZJUkx3MYzxmvoP4DfCD9tLw7+yl8Sf2Q/HXw0tbTS7bw 3rcOganDqNmz32oX05kS2P8ApJUK/nSMsjLGqhQHIPX0vWP2GfHvxP8A2Avh18F9ZZPCXxP8 BY1CwaSdZIoL1JpiYpJrVpV2vHJkPGW2uFPOCCAe5/Fn9gv9l68/Z51v4e6L4E0rSJdM0q4a w1WK2jTUobqCEtHPJeYE0hLqDIHchxwwxjH5CfEj4jeIviN/wSH8HyeJ7mS8uvDvjGHRo5pe Xe2tYbgwLnuI4nWMH0UZ5r7m8WeM/wDgqR8S/hxcfAu8+EWmeHdY1m1Om6j4s/ta2+z/AGaV fLlnjiilfy5HQnJTey5JSNTja79ov9g/xxov7BXhf9mf4FWLeMNf0nXLfUr2RprayNzI63DX M4NzLFGqq8ioibywQKDuIJoA7b46fsR/s5+DP2GvFen6Z4I0xNc8MeFrjU49a+zp/akl/ZWx uGme7AEzeY6HcpbZg7QoXAH0D/wTs1jUdc/Ys+Fd7qk7XE8enTWys5yRFa3U0EK/RI41UewF ewfH3wb4j8a/s3/EDwD4YtPtuva34X1LTrO38yOPzbq4s3ijj8yRljXc5A3MwUdSQOa4b9iH 4a+NfhB+yz4C+HHxE07+yfEWi290l3a+dFP5TSXk8qjzIHkjbKOp+Vj1x1yKAPqyiiigAooo oAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAC iiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooo oAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAC iiigD//R/fyiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK/ITRf2iP29/jL8a/ jD4C+BUHgePR/hlrsul51qK8jneJpZ0gO6GRw7bYDvOFGcYHoAfr3RX5ufBb9qf9oLRf2ibD 9l79rTwto+l+IfEthLqGg6r4fkkNldpbpJJIjpNJIwbbFJg/IQVwUIdWr9GYL6yuppre2uI5 pbYhZURwzRk9AwByCcd6ALVFZN3rukWcV5LNeQg6eu6cGVQYwRkb8n5c9s9a+a/2Pf2kh+1L 8Io/ihPp0Ghz3V9ewpp8c/nyQ28EpjiMjEKSzAZJ2qM9BQB9VUVUnv7G1nhtbm5jimuSREju FaQjqFBOWxntRNf2Nvcw2dxcxxT3GfKjZ1V3x12qTk49qALdFc94k1O4s9KvoNHmthrbWs8l lDcOFWSZEJTcCVOzcBuIPAzyK+EPiV+1X8V/2dv2RdG+K/xj0bRtT+JF9eGxmsdOugunK013 MkMyMrzM6JAsZkVX5ckbl7AH6IUV8UfH39ovxZ8Ovj3+z98OfBh0+80D4o6hq1rqc0iNNII7 FbYx/Z5EkVVOZnDEq3QdMHP19pXiPw/rslxFomp2uoPaNsmW3nSUxN/dcITtPsaANmiisG/8 VeGNKtZr7VNYs7O2t5PJklmuI40SX+4zMwAb2PNAG9RVP+0dPFiNTN1F9jZBIJ96+UUbkNvz jB7HOKrW2u6Je38mlWeo2897DGkskEcqNKkcn3HZAdwVuxIwe1AGrRWHN4n8NW2rx+H7jVrS LVJhlLR541uGH+zGTuP4CtygAoqtc3tnZCM3k8cAmcRp5jBdzt0Vc4yxxwBzVbTdZ0fWRO2k X0F8LaRoZTBKsvlyL95G2k7WHcHkUAaVFYdj4o8NapqE+kabq1pd31r/AK63hnjklj/30Ull /EVo3+oWGlWcuoancx2drAN0kszrHGg9WZiAB9aALdFY1j4j8PanDa3Om6pa3cN9u+zvDOki zbfveWVJDY74zivH/hfrfxr1L4m/EvTviNBpEXhHTrqyXwu9hIHvHgdZvtJvVErlWBEezKpn 5uD2APeaK5+28WeFbzVpdAtNZsp9TgyJLVLiNp0x13Rhtw6dxXzX8b/2nrf4SfG34R/ByGxt rlviReXsV3ezXIjGnwWUSPnywOXlMgClmAAB4bIwAfWlFZ1/q+k6VYNquqXsFnZIAzTzSLHE AehLsQuPxp+nanpusWceo6Rdw31rKMpNBIssbD2ZSQfwNAF6isRPE3huS4tLSPVbRp7/AH/Z oxPGXm8v7/lruy+3vjOO9Gr+JvDnh94I9e1W001rltsQuZ44TI3ogcjcfYUAbdFIrK6h0IKs MgjkEGvAPj/8Y4fhz8HfiN4t8Gajp154n8HaLe6hHaSSLMY5beJmTz4UdZAuRyMr9aAPoCiv ljwZ8fb1v2OtN/aS8cJbpejwkPEF5HArRwNMtqZzHGrMzAM3yqNxPIGa6n9mTxb4+8X/ALPH gfx78Xp4P+Ej13S49UvHiiFtCkd2TPCNmcJsgZA2T1BJxQB79RWTo2v6F4itTfeH9SttTtlY oZbWZJ0DDqNyEjPtVfU/FPhjRbyDT9Z1ezsLq6/1MNxcRxSSf7iuwLdO1AG9RVa6vbOwi8++ njt4yQu6Rgi5PQZJAye1Zy+JPDr6w3h5NUtW1VF3m0E6G4C+pizvx74oA2qK/P39tj9pj4mf CTXvhp8JfgcNG/4TP4l6lPZLd6y7Na6fFbrDl5UjIK7jOrBmDAKrYRyRj0P4Jar+1mvxHi8O fG268Lat4Zi8Om4bUNEZlnm1d7pNm2J3Di3+zMfmMSguAQcHBAPr+isS68TeHLDVYNCvtVtL fUroZhtZJ40nkHqkZIZvwFWTrOji0lvzfQC2gbZJL5q+Wj5A2s2cA5IGD60AaVFVp7yztbZr 26njht1AJkdgqAHoSx4xUUuqaZCYBNdwxm5Vni3SKPMVRuYrk/MAOSR0HNAF6isux1vRdU07 +2NMv7e7sMMftEMqSQ4X7x3qSvGOeeKj0bxF4f8AEUUk/h/U7XU4om2O1rMkyqw7EoSAeOho A2KKyNZ8QaD4dtlvPEGpW2mQO4jWS6mSFC56KGcgEnsK+RvAv7QfjPxP+2z8QP2fLlLFvCfh nw5YatZTRRt9qea6FuW3y+YUZP3rYAQduT3APtCiisS58S+HLPVoNBvNVtINTuRmK1knjWeQ eqxk7m/AUAbdFfGPxI+P/jjwn+2j8I/2ftLhsm8M+ONL1a8v5JIna7WSyt7iWIRSCQKq7ol3 Ao2RnkdvVfgzrfxr1fxB8Q4fi1BpEOmWGu3EHhw6ZIJJX0pXcRNeASSbZ9u3cCE5z8ooA95o rDHijw0dY/4R4ataf2rjd9k8+P7Rj18rO/H4Vpz3tnavDFdTxwvcNsjV2Cl29FBPJ9hQBZor FsPEnh3Vb650vTNUtby9s+J4IZ0kliP+2iksv4gV8x6z+1Da6d+15o/7MUdlarbXfh2bXLnV JLkblmE7wR2qR8AN+7LMWYk5ACjGSAfW1FFfF37CH7QfjT9pD9nq3+KvxHjsbXVH1C+tnFlG 0FusVswCnbJJIQcHklqAPtGiqdrqFhfW322yuYri35/eRurp8vX5gSOO9UNI8S+HPEBmXQdV tNSNs2yUW08c3lt6NsJ2n2NAG3RVS31Cwu5p7e0uYppbYhZUR1Zoyc4DAHKng9fSlN9ZC8Gn G4j+1FPM8nePM2Zxu25zjPfGKALVFc/beLPCt5q0ugWms2U+pwZElqlxG06Y67ow24dO4roK ACivkH9rD47eKvhpH4K+F/wnW3m+JfxQ1VNM0f7SnmwWdvEVe9vpo8gvHBEfu55LZ5CkHub/ AF742ad8f9I0H/iTv8LE8OtcajeTSJHqn9rJJKCVj80YtzGsZJ8vAJb5uMAA+haKpjULBrL+ 0luYjabS/nb18vaP4t+cY980HULAWX9pG5i+ybd/nb18vb6784x75oAuUV8XeG/2hPGetft0 +Iv2c2SxfwhpnguLxDbzRxsbt7qS5tYuZfMKGMpMxACA9Du9fsSLUtOmvJNOhuopLuEbnhV1 MiDjllByByOo70AXaK5+28WeFbzVpdAtNZsp9TgyJLVLiNp0x13Rhtw6dxXQUAFFfIv7Y3xl 8a/CXwR4V0r4XyQJ418feJtK8O6UbiITpG13LumlaMkAqsSMCTwpYGvrqgAor56+A3iv4vaj oOuSfH/+xNP1Y+ILu10hNKnRo5dMVIvs+/8Aey/6QXZwy5Bxt+Ud/eri/sbOWGG7uY4JLltk Su6q0jeigkZPPQUAW6KqzX1lbTw21xcRxTXJIiRnCtIV5O0E5OO+K+OP2EP2g/Gn7SH7PVv8 VfiPHY2uqPqF9bOLKNoLdYrZgFO2SSQg4PJLUAfaNFZg1rRzp76uL+A2MQJe481PKUL1JfO0 Y781Ho3iDQfEdsb3w9qVtqluDgyWsyTpn03ISKANeiio5pobaF7i4dYoolLO7EKqqBkkk8AA dTQBJRVZLyzltRfRzxvbFd4lDApsHO7d0xjvVcavpLR28y3sBS7O2FhIuJT6Ic/MfpQBo0V8 6fG3xp8VB4W8Pal+zlPoOsXk3iC1tNTfULlDbrpu2X7V5LLLGDcK4jCrknG75T24X4pfHLxh 8F/2lfAHhvxdJBN8MvifG2j2c4iCT6b4hjYNCskufnhu0IRARkPk5CjBAPsWiisvV9c0Xw/a G/17ULfTbVestzKkMY/4E5A/WgDUorN07WtH1jT11bSL6C+sXBKzwSrLEQOpDqSvH1qheeLf CmnpaS3+tWVsl+dtu0tzGgmb0jLMNx+maAOhoo68iviz9s39pbUPgl+zp4o+Kfwlv9J1fXdB urC3McrC7hjNzdRwuJUhlRg21jgFhg9qAPtOisvQ7yXUdF0/ULgAS3VvFK+3gbnQMce2TWpQ AUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAH/9L9/KKKKACiiigAooooAKKKKACi iigAooooA+J/2pviv4u8Lavp3g7wxeSaYk9qLueeE7JX3u6KiuOVA2EnaQTn2rI/Zg+LnjLX fFM3gzxLfTatbTW7zQyzsZJYnjxkGQ5YqwP8RODjHU5+kPir8GPDPxXgtm1WSSyv7IFYbmHB YIxyUdTwy55A4IPQ8nNP4UfA3wv8KZLi/sJpdQ1K6Ty2uZgAVjyCURV4UEgE8knA5rtVWn7L ltqfOSwOK+u+15vc9enax7XRRRXEfRhX4GfAzwv+1d4j/ai/akb9mnxnofhOGDxew1NdYtDd GdmuL3yDFiGXbtAfd0zkdcV++dfkZpf7Ln7eXwn+NHxc+IXwG8T+BLTSPibrkuqNFrDX8twk YlmeAMI7MqjBZm3BXYZ6HigDyTwqPjP8Bf27/APij9tyW38c634+t20DwjrukTiOw0yaR/Kk i+x/Z4Duc3KIWIGBKWBkOdn0h+xR/wAne/thf9h7RP8A0C+qbwV+x/8AtE/EH46eEPjl+2B8 QNJ8QN8PWefQ9E0C2eOyiun2t5rySxwtw6I5+RmYogLBV2lvir9mn9rD4XftG+OvjX+yn4g8 LyaX8Txatq+meJ1ugtvdW6FFmjNqpLhSzup3LjzCpRwA1AHA/CbwR4R+J37ZX7Y/gjxtYJq+ hapB4djurZ2dUkEdvvALRsrDDoDwRyKt/wDBIH4YeA9J/Zwtvitp2kRw+LNdub+xvb8PIXmt re5PlxlSxQBcDooPqa9e/ZF/ZN+LvwP+LfxW+JXxa8Vad4tm+JEWnSvc2glinN4iyPdh4WiW OOJZJSkGx2zGqllQ/KJP2GP2d/2if2X7TV/hR451jw9rXw1s3urjRp7L7Quqm4uJlYeejxrE sZTeWUMxVyAGZeQAc1/wU60G/wBE+Gfgf9o3w9CZNY+DPifT9Yyv3jZTTRxTx/R5RBu7bQc8 V8Gftn/FLXfE/wC1fB+0X4GuTeeDv2dv+EQa7eIFklXXJzdOykf89I3WFx7Y4Nfu98Xvh5p/ xa+Fviz4ZaptW38T6Zd6eXYZEbTxMiSD3jYhx7gV+dfwI/4J9eK/An7IHxS+BHxG1bTdU8X/ ABE88rfW81xPaRfZ7aOPTFeSaGOUrBNHvIEZwDhc4FAHOTSQfHn9s343/E+B1vfD3wZ8Dy+H NMlU5jbUNStppp5EPQsitPE2OxXPGK+EPHfgHwhrX/BJL4NeOtT01J9e0bWr6ytLos4aK3vt avvtEYAYKRJ5aZJBIxwRzX64/sj/ALI/ij9nz9mbxN8LfE+o2OpeNPF8uqXOoX1vLNLbPPdx fZ4P30sUcrKsaqzEx5DM+Aep8h1D9gz4lar/AME8fD/7KFxr2lW3jXw7eS6hFdxPPJpskp1K 5u0QyNCkwBinwW8k4cdCOaAPG/24v2dfANr8U/2R/wBnrwFbyeE/Cl7qviO1MVhPIssNtdSW E12IpZGdw0geTkkj5umOKvfGf9nf4Xfsh/tRfs1+LP2eNPn8It4s8Rf2Bq1vDeXM8N5aTNbx kOLiSQ8q7bhnDHa2Nyhq+ktY/Z2/aa+KXjv9nX4ofFzUfC6a98K9S1q610abLdpFcQXxtxbf ZEeA5kCQnzQ7IucFSQcD1b9pz9nrxn8afiR8DvGHha90+1svhp4nj1rUkvJJUlmt0eFituI4 pFaTEZ4dkHT5qAPsavwz/ZU/ZR+FPx8/aA/aX8XfGOwbxNpuifEDXbLT9KmnlS0hnnvJnuLo xxuuZHQRIp7BT1O0r+5lfgt+zboX7WcHx7/ac8X/ALM+q+G5oD4/1my1LR/E63Qt3cXlw8N1 BJa/MJE3MrKSoZcZ3ELtAOd1eK8+D/w4/bS/ZK0u+uL/AMFeCLCx1TQI52Mv2CLVAk81sJWy xUeZGACfvI7feZjXqHw++APw9/Ze/Yri/bM8M21zefFuTwQt/Hqt1cy3Ajn1yGIRssDMYx9n SVVU7fug7i2a990j9hn4iJ+z58Z9I8VeJ7HXfjJ8b1EuranIZYtLikicm3gi2xNIsMSs/Iiy chQoVVr658P/AALs779lrRP2c/iM0d3FH4TsvDmpSWbtsLwWSW0kkDuqtgOu+NmQHgEqOlAH 4PeBPCHwA8R/AWA+Mv2f/i/4r+JPiSy/tGbxrbaNc3LSalcr50d1az/bAskCsylGMf71PmYF mr9C/g7+2f4j+Bn7LXw2vv2ofB/jG88XX7ahpriHSZHvmTTJFEU10l1JA+ZIZIwJDkyMrsec 1naH+z9/wUe+G3w0b9nb4e+O/Bt74NhiksNO8Q3i30Gu2OnPlQipGrxK8aHEWPMKYAEgwu39 CvgF8KJfgl8JvD/w2u9fvfFN5pUTfadT1CV5Z7qeVzJI37xnKoGbbGm47UCjJIJIB+Q/7d/x 60H9qv8AZj8D6x8O9O1zwu0XxO0rSkbV7YWF0ly+n3brNEI5ZPlXzVw24EMD6ZrY/bF+DvgX 9hH9myfSP2bLXU9E1b4ra1pHh7Vb6Cea71CS1hhuZn+zlnGyWYgqUQqrh2AA4x9+ftofs9eM /wBozwj4D0DwTe6fY3HhfxhpniC5bUJJY0e0sorhJEjMMUpMpMq7QwVSAcsOM9l+1h+zjpH7 Ufwfu/hpf6k+iX8NzBqOl6jGpdrPULbcI5dgZdwKu6MMg4YkEMAaAPxD+JHg/wCFGj/D3Tp/ 2XP2dPjD4E+KvhiS2n0nxDLoV0rSyxuom+2MlzLkSpvPyRcNgACMsp+t/iR/aP7YP7U3wY+A nxkhu9N8IW/ga18ba3oDCWxN1q9wrKbeZcrKohJVSpIZMSr8rEkd74n+Bn/BSP4xeHdM+EXx O+IPhPw14Wglt/7S17w4b9Ncv4YGDDhkjjV2IBbZ5SkjnK5U2P2oPh74Xtv2gPhFD8IviXD4 D+PHh/Rza6KNchubqy1vR4xKjW13dbHQyDEp+ZjIxckLvKMoB4j8Tf2Zvhv+zt+33+zfP8J4 JNG0DxVfapK+jieWW1try0t0WS4hWV3KGdJI1YDj90Meg6f4XeH/AB54s+Ln7fnhr4X3hsPF mpnSrfTJhJ5LLcyW2ohAsuR5bN91XyNhIbPFeZ6loXxw1P8A4KP/AAJg+NfjfRvFnjC1TULm 40rw5DImnaHYwW8rp80uHMlw4kLGRQ/yoMkFAPtjw9+xx43/AOEv/af1DW/E0Wjaf8b5NOfR 7zR7i4XUNPayS5/eTjZCFIeVDtjlYOoZSVzyAfkTp+h/ss+D/Anhz4Z/tB/DTxj+z/8AE/Sp LYr44iiurhJbyGRWluQ3mISJcEqI4pBFnKP8vzfaf7XPwW+D3j/9rn9l+81ixg8UW3xJS+j1 m/ErhdZt7KztfskpMThVXaxZTFtBDdxXXa9+zN/wUP8AiD8IR+y/4/8AFnga48DNHbWU+vtH fXWtS2NrIjR/JIgjaYBBksFYn/lrn569e/aB/Y9+KV3Y/APWP2a9b0u01/4DwvZWUfiDzvs9 3bPb29uGdoEkbcBb8rgAhyQylQCAfEXx+8UeEvGf7b2t/Cv4pfD7xj8R/hj8INI0+z0fwv4T spr2JLma1gkF1exrPE20CVo1bdlwqA/KGDehfsnXGqeCf2yINN+Bnwq8f/Dv4O+NtLuV1fTf E+k3VtYWWrW0Us0dzBI0k6RiQRJGC8mSzsgGCgX6a+In7MH7R2l/F/Sv2p/gH4h8P6b8S9T0 S00zxdpGprctoeqSwRIrPDJGvnKFaNFjBVDtRTuUl1bq/gV8BP2mLn423v7Qn7T/AI2s5tRS xOn6X4b8NzXaaLaxuCGklSbb5jgM2Awc5bcX+VAoB8B/8Ew/2Pvg/wDEP4OaV+0L8S7O71nx B4f12SbRx9qlEFnDpcizoi26sEffcGR2VgQcjABLFvDfgd4s+Fnxyh8W/Gf9p34IfEf40eKP Fmo3KwXuiaXcXukadYrjy7Szkju4drREsCMHYAoXB3Fv2m/YW/Z78Z/sx/ACx+FXj290+/1a 2v726aXTJJZbcpcOGQBpooXyB1+THoTXzf4a/Zi/bE/Zd1jxToP7JHiDwnqnw88TX0uoWul+ KVvFn0a4uOHFu1sCHjVVUAsxzgZj3bmYA+TPA3xm+OnwK/Yo/aB0+30jxb4W0rwrf2Nv4Huf FGnzWeo22ma3dG28oPICm61jXIMbERySDBAZAPUPjB/wTy+BPg79h/VfG3hu1ntfiBoPhp9a n8QLdz+fezC2868jlQyeWYbhC8YQLwCOSd2760+G37FWtz/s/wDxA+F37Q/jm98a+IfilK91 q14k0rW1lNv82EWEc3CrFN+8zsQMcKUCqBXgHiD9mT/gon4w+CN1+zBrfjrwYng62sTYRa2i X39r6ha26f6La3HyGONHKpHPIqlwmeZjuDgHPfEG/vNf/wCCeX7O3wC0aVo9S+MbeF/D5KHD x2QEdxdTf7qLGof/AGW9K7z9pnwzY/HP9s74U/sd+Irie1+GGleHH8SahpNtI1vHqDwPPBbQ M6FXKRiFeFPCl8YbDL6h8Mv2UviZoPxJ/Z/vfG9xptz4b+CPgyexQ2s8khm8Q3aLazOkckUZ MKwKGSRsNuH3R1rs/wBqH9mT4h+P/iR4K/aH+AHiGx8OfE/wLHLaRDVUkfTdS0+ctutrnygz qB5kmCqEneeVYK6gHAt+x74W/ZZ+IOtftK/ADU5PCfh/RvDWpPq/hKNJrq01aW2t5ZYXEktx mFlcIQArDK4XbvfPz/8AscfsZfBv9pn4AR/Hz9ou0uPHXjn4mzahdXWo3N5Oklokd1LbRpbC KRUTb5e4fKQudgGxQte/eA/2YP2gfij8ctM+On7YusaBcJ4XsL2w0Xw54bFwbFP7QjaG4luJ LgByWRj8oZskI25dm08V4D/Zt/bo/Zo0vVPhL+zl4v8ACGrfDq6ubibSZvEsd5/aeircsXdU WBWik2sxYbt6s+WKIGZaAPzw+JPjHxlb/sJfF74KeJNbuNdPwc+I8GhaZqMzlpmsoJ5EiXzM knY0TFOfkVlUfKqgfSv7bf7Ffwi/Z1/ZdHxo+HEV7p/xN8G32l3cniP7fcyX17d3FzHFPNMX kZNzySeaCqqQRgEAsD7P4z/4JxeJv+GOtU+BHgrxJZ6p488Ua9b+Itc1rV3mhgur0HM20xRT yBQBhAVJY7mYgsQPsD9tb4GeLf2j/wBnPxJ8IfA93Y2Os6xLYPDLqMksVsotbuKd97QxTOMq hAwh5xnA5oA/PT9sf4J/Cnx1+1P+y/r3iXw5BdXfxWubtfEreZMo1BLO0sFgVwrjYI1YgbNu R1zXWaa+jfBb/goT8S5fCuni30rwL8E91jZpucJb6ZJZGGFdxLEBYwoyST65r6s+L/7NXjr4 gfFn9nHx5o1/psOn/CCe8k1ZLiWZZpxcQ2sa/ZAkLq5BgbPmNHwRjPIEqfs6+IbL9svxn+0l 4hn0668D654Hbw49iGmkvmkE1vLIXhEPlmJo4XHyyliSBs5yAD41/ZG/Yu+D37Tn7OyfHf47 RXXij4h/E6bUL+41trqaK4sZI7qW3h+yiN1jTy/KDAFCAfkxsUKPlDwxZXem/wDBJL4+adqF 2b+6tfHgiluWYs08iX+kK0hYkklyC2SSTnrX0h8DfCvxc8P/AAj16P8AZG/aC8Lp8A3uL2WP Udds7mPWvDkUjF7hI45I0XehLMpmKhj+8QLvzSfsMfs9r8dv+CcPj74S3uoyWVp438Q6hPYa jJETuNo1mYJzGSCVNxa/ON2eGGc0AfVn7aTon/BNvxMzsFB8OaKMk9zNaAfma+MP2pvh7b/F i4/YN+G17dT2dj4j0qWyvJLaQxTGzlsdJFyiOOhkh3p3GDggjivUfG/7J/8AwUM+MnwM/wCG efiP448FWHhrSLS3ggnsVvWu9Xax2G1S9leHbHErIrs8cW8sgyrZJr6U8WfspfEPXvGX7K/i Kz1HS0tvgdaywa0sks4e4Z7SzgBsgICHG63cnzTFwV75AAPz8/a4+HPw1+APj74X/skfDvwz 4lm+GPiq6vPFHiTQ/DPn6hq+svEgijt03yrJJEi2xZ08z5FLSj5lXGXHJpPgX45/DL4ifsff AH4n/DWe31S3sfE1tqOhXkel6hos7qkvmgT3P7yMEkFgFBxITvRTX6h/tafsveLPjPq/gr4r /B7xJD4R+KHw4uJJ9JvLpGezuIp8CW2uQgZgjY+8Ef5S6FSHyvk+mfAf9tj4yfFfwf4u/aU8 Z6F4X8J+CLoXsej+Cp7+I6pcIVIF08xB8pioyC7fIWQIpYvQB5J4O+Ffg79tT9tD443/AMe7 eXxF4d+Ec1loOg6JLLLDaw/aBN59wyxMjMzPAzAkndv5yEQCp+yH8GtB+Av/AAUY+MHw48JT zSaBaeFLSfTop5Wne1trma0lFuHcsxSJiypk52Yzk5J99+JP7N/7Q3w+/aB139oj9kbWNCW5 8dW8EHiXQfE32gWNxParshuoWtRvDKvUblwS5ywcqK37L37LH7Qfw3/aW8cftD/HTxVoviS+ 8caPHazDTPtEZt7lZYSsMccsSr9miihCRtv3nA3JnJIB9P8A7VnxI1n4Q/s4/ET4j+HHMWr6 Lo9zJZSBBJ5V1IPKhk2sCCI5HViCCMDnivz2+E//AATf+CPxc/ZU0DxV4la5n+KHj3SLbxA/ i2W6uJryDUtSiW6R9gmVJEjLhWU8vgtuDkMP1V+JHgHQPin4A8Q/DjxSjSaT4lsZ7C5CHa4j nQoWQ9mXO5T2IFfl/afs0/8ABQ3wz8KZP2XfDXjzwdcfDwwS6XB4guIb1ddh0iUGMwCIK0IY RMVQAsVGAJhgFQCHXfC3iTwR+39+yh4P8X+In8W6xo3hTXbS41aSEwSXrRWN4oleMySkOygb iXYscsTk18+aZ8VvE3wX+EP7dvjzwZcPZ65D8RL2ztLhM77d7/UmtWmVh9140lZkbs4Wvujw 1+xLrHw++OnwA8YeC9Ts5fB3wf0DUtJvBdySrqN3PfQXCedHGkTREPLPvcNKu0EhQcDMPgn9 h3ULnw3+0n4G+K1/ZTaJ8bvEt9rFg+nSSyT2cM073Fs8yyxRKJoZPLfYpdCVxuIoA/LuHwH8 CLv4CxadpH7O/wAYpfitLYLfQeMo9EuWlfXGTzVuhKt4QbdpumIy3l/MP3nz17N+0ZP8UfjJ 8Bf2O9N+KJ1Xwr428R+K4dG1CaaOWw1OGYziw+0lZAsiSyIBMGwM7twGCK+jx8Bf+ClVn8L4 /wBnLT/H3g1PCUNuNMj8UKL+LX00tR5aptVfLWURDaCMtj/ltu+evYfiZ+xz4w1rSv2cfD/h DxHHqdv8GvEun6zql7rtzcNe38NtNHNO0bLHNuldlYqjsqKCF3gCgD5J/ao/Zi+En7IvjH4A /FX9nnTJvCOsHxrpmiXjQ3lzML21uss4nE0j5LLGyNjAZXYMD8u3b8b/ALO3wX8Q/wDBVbT9 B1nwvDdafq/g9/E13E0swEusfbph9qJEgO75F+UEJx92vt/9sP8AZ78Z/tB6b8NLPwZe6fZP 4N8Yab4gvDqEksYktLNZBIkPlRS5lO8bQ21TzlhXm37QX7Of7Q+o/tSeFP2nf2d9X8PRX+na F/wj+oWPiD7QsTW/2iWYyRtbxyElhLjHylSikbgxAAP0Pr+TX9n34s+KPF3wq+Hf7J/ia8vf h98IfFXiS8tdd8TQRtjUJp9si6as7ARwocxrISW/1gZx5asrf1lV+Xnwv/4J93cX7EGpfsrf GO80661ee9vNRstQ01pZ4bO8dt1rOjTRQvlDlZFCjcjMmcNmgDxj/goW+j/B/wAN/Az9k/4c 6Lq2n/DzxLfXP9r6V4VgaXVL/T9PMG60gXcpmkn893k3sSzhXcnnPzd43HhvwH4k8EfEn9jD 9nT4q/Drxj4Z1GD7d9q0G9Fhqek/8vFvchbi5d2YhR90bgW3HcEK/ffib9jr9oD4ofAP4daZ 8QPGWl6Z8bfhBfG58PeI9PluLy1uI4xH5a3nnwQuHk8uMSsI5MmIOd+90pt/8BP27vjx4t8K Wn7Q3jbw94Q8E+F72O9uYPBM2oQXurSQ8BZZJdpRHGQcMAu4kRltpUAy7+H/AIZt/wCCmVjq qj7N4S/aL0lraT+GJde00Dacf3nAQD1e5b615h8LvDnj39qPxP8AtS/tM/Dq8Nvq+q2l34H8 C3Qk8rbb2UQ82SGQkeX9oYRFJARsd3OeDj1f/grJH4VuP2etP1SDWFsfH3hzxBplz4bjtpB9 vkvpJBG0cSqfMH7pzLwPvRp7V9C/Dv8AZZj8MfsYad+zLbatc+HNRl0TyLnUtPkaOeDVLg/a J50eNlZlFyx+XcN0Y2ZwaAPxD0/Q/wBlnwf4E8OfDP8AaD+GnjH9n/4n6VJbFfHEUV1cJLeQ yK0tyG8xCRLglRHFIIs5R/l+b+mjwvd22oeGdIv7PU11u3ubO3ljv02lbtHjVlnXZ8uJQd42 8c8cV+TGvfszf8FD/iD8IR+y/wCP/Fnga48DNHbWU+vtHfXWtS2NrIjR/JIgjaYBBksFYn/l rn56/VH4c+CNM+Gnw+8M/DrRZHlsPC+m2emQPIcu8VnCsKs3+0QuT70AfnVG8vjb/grc9tqY DwfD74etNYqw4SS6njSSRB/eZbxlLDsMdqzPiz4b0rxl/wAFR/D/AIQ12Lz9N1z4TXtjdR/3 4Lm61CKRfxViK6f426bcfBb9v74VftAzqYvC3xD06TwLqlx/BBfyM01jvJ4AnkEaA5wPLYn3 oeJLm3v/APgrh4SWylWc2Pw0lSfYwby2N7dsA2OhxIhwezA96APhnTfHfijT/wBg3V/2MJLn b46i+Ii/DWJeTJ5N3e/a/N25yYm2yxDnG3ABxioLf4geJte/YN8OfsYRXBTxzqHxCf4dXCf8 tI7a1vReSSkdRHHviiPbbkHoa++dT/YO167/AG/LT9qO31OwTwNvi1S60oyzi6fWYLN7WOVY REYSocrNvMobcXG3nlnhb9gvW9D/AG+tX/aju9S0+TwS73Op6fpqyTNeR6xe2sdvcSyQmIQB WYyyB1lLZ8vK8ZAB8MftMfFPxr+yp+2h4zl+BPhqTVNRs/hfaaLY+XC08ek2dsbeVr2WNVIZ LeG2P3sIGKlsqCrfZ37PnwD0eT9i3xT46/Z/8RyeJPip8WtCurm58V3Unl39xqc6Nvt/NZi1 v5c26P7+VkG9mJAI+iNJ/Zy8WW37bvij9o/UrnTbjwjr3g1fDi2ZeV703H2i2lYyRND5PklI WGfNJJIG3GSPDfh9+w/8TvhtJ8YfhB4U8XQaV8F/iFHLdaItrd3UWt+H9Tk2MDCqxLG0AYbG H2gM6ImcEvkA/LfT9D/ZZ8H+BPDnwz/aD+GnjH9n/wCJ+lSWxXxxFFdXCS3kMitLchvMQkS4 JURxSCLOUf5fm/po8L3dtqHhnSL+z1Ndbt7mzt5Y79NpW7R41ZZ12fLiUHeNvHPHFfkxr37M 3/BQ/wCIPwhH7L/j/wAWeBrjwM0dtZT6+0d9da1LY2siNH8kiCNpgEGSwVif+Wufnr9Ufhz4 I0z4afD7wz8OtFkeWw8L6bZ6ZA8hy7xWcKwqzf7RC5PvQB8ReP8A/i7X/BRH4d+Cl/faT8HP Dd/4mux/yz/tHVmFnbRv/togWZPQZPrX6IV8l/s//BXxl4K+L3xs+MPxDa1fVfiHrcC6eLeU zeXomlw+RYhyyrskZWJdBkAgcmvrGSWOFDLM4RF6sxwB+JoA/mx0jwLqev8A7Cfxc+I3hldv iL4WfGDUPE1jIo+dfssdkk3P91Ucyt/1zHpXTft5fFXxJ8bPiX4V+K/wpl8zSfgf4T0Px04B LFbvW76zljjyOjCAwykkfdR+OlfZP/BNXw5o3j/9nP40+GtWUXWi+KfHXiW1k2kFZrW8s7SJ yp5BDKTg1d/ZM/4J9eJvg78Fvi/8OvizrGna3q/xNtf7JW6spZ544tOgs3t7UM1xFE6vG0rE KoZVVU2scYAAug65pv7Tv/BRXQ/E+jv9s8JfBnwdBqEDfejOqeJIhLEfTJtZVb2aH16fkT+z 78WfFHi74VfDv9k/xNeXvw++EPirxJeWuu+JoI2xqE0+2RdNWdgI4UOY1kJLf6wM48tWVv3P /wCCff7I3ij9k34c6/pPxC1Gx1jxX4i1COae50+WaaAWVpAkNpAHnihc+X+8IGzADADgV5v8 L/8Agn3dxfsQal+yt8Y7zTrrV57281Gy1DTWlnhs7x23Ws6NNFC+UOVkUKNyMyZw2aAOU/bt /Zy1zR/hd8I/C3wY+H9x4p+FngDVGn1/wdo8skM+o2w8sxN+63TSsCJvMYB5C0u887mHk/7I mtfsfX37VWkap8Gx4h+CXi97C4stQ8D6pBJFaau+xznfJLKA8QIdU+QkxhlQHfu+gdZ/Zh/b O1r4TfC68/4WPpmnfF34UXUiwTw3l9Nouu2GI1jGoq0ETmdVTYzeU4cFiW3SZS94W/Zk/ac+ Ln7QPgP48ftXan4VsIvhqs76VpnhaO5Lz3EwA3XM1z8wQMA4UO442hV3MSAfpvXz1+1v/wAm rfGP/sTtf/8ASCavoWuP+IfgzT/iP4A8TfDzV5GisfFGmXml3Dp99Yr2F4HZc9wrkj3oA+F/ gg6R/wDBL2wkdgqr8PdSJJOAALOfOa/MTxh4Ul8efsb/ALFHgSG8m08+JvE8+lm4t32SxLfX z27MjdiFc19k+Hv2TP2/dL+DN3+ygfH3g+2+Gv2a6sI9YjgvH1qTTrguTabGQQosgYxuTuZE YhXfAFdxp37DnxYtPhd+y94Jk1bRDffBPxNFrWsuJ7nyri3S++0lbM/ZgzybOAJFiGf4sc0A eJ/tp/sw/Bz9mT4K/DzRvg/pEml2+ufFLw3cXfnXEty8jw2d7GnzyszAD5jjOAWbGAcD6b/4 Ku6OLv8AY51vxNCwivvCeq6PqdnKOHin+1pah0PZgtw34Zr139tP9nrxn+0b4K8D+HPBF7p9 jc+GfF+meILltRkljR7WyiuEkSMwxTEykzLtDBVIByw4z47/AMFII9S+J3hj4f8A7KXhMmTX viv4gt1mVefI0jSyLm8un64WJvLbkcgNjJGKAP0C8Fa1N4k8G6D4iuV2TapYWt06gYw08SyE Y7YJr8d/2mn/AGT1/az13Uv2gNR1z41a6mn21vpfgTQ9MuLlNCXYhdmaK5SOSSbh9p2lS+WU 5jK/tHYWNrpljbabZJ5dvaRpDEvXakahVH4AV+Yd9+zR+1p8G/2jviN8ZP2ZtS8I6tpXxTkh nvrbxV9sWazni3EeW1quWjDuxGH5UhSmUVqAPkT9kW9sfDvx5/aS8BeBPC2ufDrwRfeCptXt /DGvK8d1Zz+TCqyPFI8jIXEzsoLE7GVSSFFbv7FP7CfwO+N37F1l8RfilYXOu+JPEFtqsWn3 kt7cqdJgsrm4t4I7WNJBGqrLG0xDIwZnIIK8V9J/Cf8AYw/aK8JfHb4i/Gb4j+NNE8WXXxN8 JXmlahJGtxaSW2pT+UIY4IfJdGtII4UjVzIshXkx5HP1P+yL8DPFnwC/Zc8M/BLxjd2N5rmj RanHNNYSSyWjG9vbm5j2PLFE5ASZQ2YxyDjIwSAfkXZfGP4maj/wTB+FHgy08QXNrqHj/wAW DwVPqRJaWLSpLi5zH5hORhESIDIJiBXOM13n/BQz9hD4C/BT9le68f8Awg0ubw5qvhqWwtry RbueU6ra3FxHCyXSyOUZxM0cwKqMFeBjG36Z8F/8E+tdm/YatP2X/iLrtpaeKdJ1K41jTdV0 mSaWC01ATSSW0gMscEjALIUkG0EBjtOQDXm/xx/Zd/4KL/tN/CofCr4o+MPA2nWGlNBMj2H2 9JNauYHVVe+k8lhEioXkAiiAaUKDGBhkAP1z8Kf8ivo//Xnb/wDota36zNEspdN0aw06chpL W3iiYrypZECkjODjI9K06ACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooA//T/fyi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKyNZ8QaD4dt0u/EGpW2mQSMEWS6mSFG c9FDOQCT6Vr1+Ln7MfwM+HH7cviz4wfH79o6zl8YSQ+Kb/w1oun3FxPBBpem2KxyRrEkEkZV ys6jJ5DKX++7MQD9n4pYp4kngcSRyAMrKcqynkEEcEEVi6f4p8Matfz6VpWr2d5e2v8ArYIb iOSWP/fRWLL+Ir8V/wBon4WfEj9kH9myw/Z+8D/Ee9vNE+KXju10fTpnhaGfQ9IvhI0lmtx5 zs4Yom4qIgR5vA3muy/av/YV+B/wB/Zx1D4ufAa1uvBfj34aRW+o2Wt297Obq4aORElE5aTY xlVmPyquGwANhKEA/YmW/sYLhLSa4jjnkUusbOA7KvUhSckDue1UNK8SeHddSeXQ9UtdRS1Y pM1vOkwjYdQ5QnaRjoa/D3426PH+1j+0f+yHZ+L57jT7T4j+C5dQ1eOyle1aWCWxa+urYMhD CKYI0TAHlGOD3rvfFHwL+Hn7KX7fXwDj+BNhJ4Z0f4i2+sadrOmx3E01rcx2sGQXWd5CcmRT jO3dGrABskgH7K2d9ZajALrT7iO5hYkB4nDqSOvK5HFFvfWV3JNDa3Ec0lu22VUcMY29GAPB 9jX4+/s0/EDSv2L/ABT+0p8A/FjeVoPw/wDtHjjw9EzYMuk3UakwRk9SrG3iGOsrPwDXyt4k v/iV8Ef+CeVp4/iuby08e/tMeMEvdYvbJG+3/YdSWeeOO3Ksp3TRxBlXIJE7rnnIAP6GbHxR 4a1TUJ9I03VrS7vrX/XW8M8cksf++iksv4itFdQsHvX05LmJruNd7Qh1Mirx8xXOQORzjvX8 3XxI8H/CjR/h7p0/7Ln7Onxh8CfFXwxJbT6T4hl0K6VpZY3UTfbGS5lyJU3n5IuGwABGWU/Y Xxn1nXPhP8f/ANmr9tXW9Pk0KLx9p1l4W8Z28sT232aXUrdZYvPjfDo0Lu5dW+ZfsyqeeKAP 2EmvrK3uIbSe4jjnuc+VGzgPJt5O1ScnHfFeDfs9eKPi/qXwug1n9o3+xNO8UPdzxv8A2ROr WPk7gIcP5so3kZyN/XtXx54IX/hor/gpB4r8dv8A6R4W/Z90tdCsD1jbXL8OLlwDwWjUzRP6 FIzxxn8zY5ZYP+COgmgcxyR+NQyspwysLjIII6EGgD+l5fEnh19Ybw8mqWraqi7zaCdDcBfU xZ3498VwHgz4V/Cj4LXHjDxV4VsIvD7eMNSm1rXLmW6maOe9nYtJMxuJHSIMzn5U2IM8AcV+ Qv7bf7Ffwi/Z1/ZdHxo+HEV7p/xN8G32l3cniP7fcyX17d3FzHFPNMXkZNzySeaCqqQRgEAs D6t8b7CP9qz9sv4Xfs4fEi5nb4f6Z4RTxhqWlxO1vHqWoSF40V3jKsUQbMYOQPMAILEgA/WS x8R+HtThtbnTdUtbuG+3fZ3hnSRZtv3vLKkhsd8ZxWtJJHDG0srBEQFmZjgADkkk9AK/ED4m /szfDf8AZ2/b7/Zvn+E8EmjaB4qvtUlfRxPLLa215aW6LJcQrK7lDOkkasBx+6GPQftfreja Z4j0a/8AD2twC607VLeW1uYWJAkhnQpIhKkEBlJHBBoA+NvhN+1tJ8XbP45Tafp9ppknwu1P VNM05DcfaHvRpsLk3LgbPkeRMhV6LxuJ5re/Y/8A2iLz4z/s2eBfir8U7/S9K8Q+Km1BDFEw tYZGtdQuLVBDHLIzE7IlyNxycn2r87P2LPgf8KtG/wCGp/FumeH4oNX8F6/4p0PR7gSSlrTT RDMggQFypG0YywLe9Yv7EP7BPwI+Nf7Gth8RPilp91rPiDxDFqqWF019cR/2VBa3dxDGlrFG 6xgecjzMHVgzO2eCRQB+9eRjPasPS/E/hrXLm4s9F1a01C4tDiaO3njleI+jqhJX8a/nD1L4 +fEm7/4J3fA74cvqWtXQ8b+Jbvw/qEulBrjWLjR7K5KixtRuBeR1kSKOMsN6oIydhYVe+Juj +B/DGk+HPFv7G37Ofxa+HPxN8JXltNaahcaFefZry3RgJ4b7FzcNIsi8nCfNyjfIxwAf0lV8 +ftCfAL9n345eHbeP4+6JZX9hpBZ7e8ubh7KS1MmN2y5ikidVbaNy7trYGQcCvbtC1CbVtE0 /Vbi3ezlvbeGZ4JVKSRNIgYoytghlJwQeQetfkj4f+GnhX9tb9tz40R/HNJvEHhH4Nf2dpGh 6DLLJDaRzXqSefcOsTIzMXt3OSfmDqDlUQAA9x8VfC74LfsPfs5+P/jV+zD4W0y11yy0oSx3 9xLPqX2lVlUbXmkmZzGSclY3VSQCRwK9K0P4l/tA+MdF/Z38W+FbbQ20XxvpVvqPjI3DeVPE LmztZ4/7OjaYMfnklyMSEALn1Px58a/2SYP2Xv2ZP2kG8C+KZ5Ph74n02O407wzNHJIukzpJ H5jxXUk7s4kyQQYwSoTczFcnlPFf/I1f8E3f+wT/AO4vSaAP2g1jX9C8O2wvfEGo22mW5IUS XUyQoSe25yBmr0V3aT2q3sEySW7rvEqsChXruDDjHvX87F1478DfGr9qf4xeLf2ivhT48+Mm m+FNZufD3h7TvDmmzX2maVbWcskLmZUuIdk8ojV9vQsXYgnbt9t/ZKuvGHhXX/jz8OvC/gXx r4N+C1/4ZvtY0C08X6bcWp068SJY7i2hlkaSPbKZndV8xmZIwx+YOSAftDeeLfCmnpaS3+tW Vsl+dtu0tzGgmb0jLMNx+ma8Q/ay/aAj/Zm+BXiL4ux6dHrV5pS26W1jJP5AnlubiO3BLYYl YzKHYKMkDGRnI/Kr9in9hP4HfG79i6y+IvxSsLnXfEniC21WLT7yW9uVOkwWVzcW8EdrGkgj VVljaYhkYMzkEFeK8o8T2Vp8UP8Agjnpfj7x7G2s+IvAl4bTR76eSRpraGTWYbZlB3YYeQRE NwOEAAxjNAH9C3gzxFD4s8KaT4ihlhlOoWsEz+QweNXkjVmUEE9CccnNeWeLdb+Ndr8efAuh +F4NIf4cXtrftr8lxIBqaTpDIbUWqeapZTIE34jbC7uR1Fv9nb4YeA/hL8I/D/hn4d6RHoum XFtDfSQxvI4a5uYkaWQmRmbLHrzj0FfGHx2/5Sefsz/9gbxL/wCm+8oA/SPVPEnh3Q5ra21v VLXT5r1tkCXE8cTSt6IHILH2Ga+TP2Zvj944+L/xd+PHgbxTDZR6d8NfEMel6WbWJ45WgYzg mdmkcO/7teVCjrxXxF+yr8Avhl+3BqPxZ/aF/aP0+XxdqV54nv8AQNMtLieeCPS9NsUjaKOJ IXj2OBMBzyNu77zuT5b+z/qGtfsn/Dv9tuTwpqE2oaj4F1CC1028uT582f8ASYLaWQ87njDo zZ4ypyMcUAfvBN4n8NW2rx+H7jVrSLVJhlLR541uGH+zGTuP4CtOe9s7V4YrqeOF7htkauwU u3ooJ5PsK/mi8CeEPgB4j+AsB8Zfs/8Axf8AFfxJ8SWX9ozeNbbRrm5aTUrlfOjurWf7YFkg VmUoxj/ep8zAs1d18V5vjH8Wv2ev2S/Cfxi/trwx41vfHA8PXF5eRT2OqCN5ktoLrMwWXzPI dT5h5dgWJJJoA/oSsPEnh3Vb650vTNUtby9s+J4IZ0kliP8AtopLL+IFfMes/tQ2unfteaP+ zFHZWq2134dm1y51SS5G5ZhO8EdqkfADfuyzFmJOQAoxk/nr+1R+zF8JP2RfGPwB+Kv7POmT eEdYPjXTNEvGhvLmYXtrdZZxOJpHyWWNkbGAyuwYH5du343/AGdvgv4h/wCCq2n6DrPheG60 /V/B7+JruJpZgJdY+3TD7USJAd3yL8oITj7tAH6GeGvH/wAWtC8VfF3Vfi5Ho1t4I8OG3l8N PZTr9slgWKd7lbwGV9shKxiMFUzlsA9vhD4M/tCft9/Hf4S638evCE/gO10zUI5F0LQrgypc RyRajHbM9zJJIiqnlLPhmlBd1QhAGxXMeAPhz4K+KHxg/bv8N+PdLTV9Niu9GvVhkZ0AuLW2 1KSF8xspyjgEDOPUGvmzRPhL8O/D3/BG/wAQ/FvRtFjtvF3iqGCDU9QDyGS5itfFqRwqysxQ BEjUDaozjnNAH9EejX17D4YsNR8VSQW16LSGS9ZGAgSYoDLtYkjYGzg56d6s6Pr2h+IrX7d4 f1G21O2yV821mSZMjqNyEjNfg9+1h4+XxV8XfgT8AvG2geKPF/w207wZp/iHVfD3hO3kuL7V bmRJI4hJGkkRaCEwISwYFQz7SGIKs+H80HgX9q34Y+LP2Uvgd8Sfhp4d1q9TSPGNjrOiXcOk T2d06RRXJ/fXAQwb3kdnKou1WGPn3AH394x/YG/YO1nxbd+OPFHg/TrS9uLofaY11O5srR7q Y5UNbx3EcSuxyQiqoY5+U19xeHPDmg+ENB0/wv4WsIdL0jS4Ut7W1tkEcMMMYwqIq8AAV+HH w0/ZP+Gf7Uf7bH7TafFyO71DQ/C+qWv2eygu5baM3eoLKBcHyipLxpbkLzj5vmB4Ffudomja b4d0aw8P6NALbT9Mt4rW3iX7scMKBI0HsqgCgDxP4D+JPjHqXhrxPqPx9XRbG8s9dvItObSp laD+yESL7O07ebIFm3GTeCRgbflHf2KbxR4atr+10q41a0ivb1Q1vA08ayzKehjQtuYe4Br8 IPhV/wAo5f2tf+x08R/+itPra1D9hj4JP/wTvPxt1azu7/4kt4Mt/FS6/NfXLXKTJZpdwwKp k8oRRxBYFXZwoBBDAMAD94q+SfiF+1Da+Cv2pPhz+zmllatD4ws9Rvr7UprkJ9kWzt5pI4Vj 6b5HjGWZuFOApJyOt/ZH8Ua540/Zh+F3ijxLdPfarqHh7T3ubiQ7pJpBCqtI7Hks2Mse5JNf nL+0j+zz8GvG/wDwUw+FWheKfDMOoWHjvRdVvdbieWZRe3FnaXCwSOUkBUoIYwAhUHaMg80A fZXgD9o7xTrn7Yfxn+CHid9OsvCHw803R7yyuSpin3X9rbzSmeZ5ChUNK23CrgYyT1r7L03V NM1myj1LR7uG+tJhlJoJFljceqspIP4GvxLi/Zv+H/7Q/wDwU/8AjlovxPgn1Hwv4f0vQbt9 LjuZbeC7uTpljHAZ/JZGZIgXYAMPmxnK7lPTfAjSNJ/ZN/bG/aB+FvwyFxB4D0nwUniu30eS eW4iivII4CdhkZnO7zHXJJYrtUk7VwAfsBqfifw1ol1b2Os6taWFzdnEMVxPHE8p9EVyC34V uV/Mp8Cbn4NfFTwFqvxJ/aR+BfxQ+MnjjxxdXk1x4h0rSbi60+KIStFHFp00d3EoEW3B+T5G BjHyIBX6n/8ABM/WPiy3wa13wT8UtI8Q6bB4U1ma10CTxNZTWeoS6LIqvbrIJh85iO5TtZlQ bUU7VFAH6J3N7Z2QjN5PHAJnEaeYwXc7dFXOMsccAc1W07WtH1hZ20i/gvltpGilMEqyiORf vI+0naw7g8ivy2/4K76dfav8DfhvpOl3L2V7e/EHSIIJ42KPFLJZ3yo6sCCCrEEEHIIr5w/b L+Cnw7/Y1+G3hf4XfAKw1vTU+M2t2Gl+Ip9MllvtYv7DTwd1vaK7gedctcf6pCiythMBCRQB +52l+J/DWuXNxZ6Lq1pqFxaHE0dvPHK8R9HVCSv41c1TVtK0Oxk1PWryHT7OHBea4kWKJM8D c7kAc+pr+cX4m6P4H8MaT4c8W/sbfs5/Fr4c/E3wleW01pqFxoV59mvLdGAnhvsXNw0iyLyc J83KN8jHH2T440PT/wBsP9vXTvg38XIblvAXw+8G2/iT/hH5Wkt47nVL0wAtOqlJD5a3KqQT 8pjKYAdwwB+ttprei34tzY39vci8QyQeXKj+ag6smCdwHqOKtW19ZXrSrZ3Ec5gcxyCNwxRx 1VsHgj0PNfjBo/7Pngv9nr/gqB8MdE+Gqy6f4X13w/rGoQaU00ksFjcm3uIrjyBIzFEl2I+P 72QOAAPbP+Cd3/JQ/wBqf/spusf+j5aAP0zt76yu5JobW4jmkt22yqjhijejAHg+xrNm8T+G rbV4/D9xq1pFqkwylo88a3DD/ZjJ3H8BX4peBvidrPwhj/b9+JPhZwuraNr2bOTbvEVzJJdQ JJjofLdw2DxxzxmvmLwJ4Q+AHiP4CwHxl+z/APF/xX8SfEll/aM3jW20a5uWk1K5Xzo7q1n+ 2BZIFZlKMY/3qfMwLNQB/S9d3lpp9tJe386W1vCCzySsERFHdmbAA+tZ+j+IvD/iG1a+0DU7 XU7ZTgy2syTID7shIr8GvH/hz9qf4zfsh/AzW/iP4D8QeMofAus3SeMfC8y3VhqutWlrIi2M zoyi4lIhDK7qrOzPv/vMOx/ZM1P9jnWP2o9NuvhEniH4K+KrnTrmw1PwNqsEkVprLGOTPzyT SYeMHeqfISYwyoDv3AH0V8KNM/Z2/aL/AG1fir431zwPY/8ACX/Cy90mx07U5dQmuDfTpFOP tS2u8W4MSwII8IxXG8tuxt/Rjxx4rsvAvg7W/GOoAPBotlcXbIXEfmeRGzhAzcAvjaPc1+RP 7B37Pvwd0T9rv9oXUNL8NQwXHw012ztvDriWY/2fDdw3sU6oC5Db0+Ul9x9MV+lH7T3gXwn8 RPgD468O+NNOTVNOXSbu7ELs6jz7OJp4HyjKcpIisOcHHII4oAyv2Ufjs/7R/wADfDvxau7O 30q91v7W8thbzef9lSK8ngiVmOGLFIgSSq5OSABwPb7bxT4YvNWl0Gz1ezn1ODPmWsdxG06Y 67ow24dO4r+e3w7La/s//wDBKjS/ib8JLU+H/HHxYu49E1bWbeWRZ2iTUL5EfcWIiKwo0QaM KRvyDuAI+sfjx/wTq+Afwp/Zg8QeL/hzBd6H8Qvh5pE+uW3iaG9uEv57zTYjcSM/73YPO2MA FA2EgoRjkA/Tz4p/CzwR8Z/BF/8ADz4h2H9o6JqJiaSNZHhkWSGRZY5I5YyrxujqCGUg/gTX 57+GdG/Z4/ZK/bK8I/Cj4X+Dre01r4nWGp3WteIb7VJ7m4t4beOW5Fuizu4QzTRK7nK7hjIY 7Sv2V+yn8SNb+Lv7OXw8+I/iUh9X1vSLeW8cLsElwg8uWQKOAHdS2BxzxxX5u/tI/s8/Brxv /wAFMPhVoXinwzDqFh470XVb3W4nlmUXtxZ2lwsEjlJAVKCGMAIVB2jIPNAH2V4A/aO8U65+ 2H8Z/gh4nfTrLwh8PNN0e8srkqYp91/a280pnmeQoVDSttwq4GMk9a+y9N1TTNZso9S0e7hv rSYZSaCRZY3HqrKSD+Br8S4v2b/h/wDtD/8ABT/45aL8T4J9R8L+H9L0G7fS47mW3gu7k6ZY xwGfyWRmSIF2ADD5sZyu5TD4E+zfsXftI/tO+BvhB51t4P8AD3w+k8X6fpE80t1bwalbwQlC PMZmKlpGDEsW2YDEhRgA/ay98UeGtN1KDR9R1a0tb+6/1VvLPGk0n+4jEM34Ctyv5l/g3o/w F8dfB9/EHxx+Avxa+J3j/wAZCe8vvF1hpE93G0srMIpLCcXaIyRqFwWjIZgQwKYUfrr/AME4 vEXxi1r9my10r43abrGn674a1K60u3fXrSe0v7mwjSKW3ldbgBnAWUxBxkfu8ZJUmgD7xd0j RpJGCqoJJJwAB1Jr8i/2dP8Agob42+LH7UTeAvFWlWVj8MfGVzrFn4M1KOJ45rubSnUjzZGl ZWEkWeAi4kZFBPf6P/4KL/GuT4Kfsr+KLvSpSmv+LAvh/S1T/WGfUFZZWTHO6O3ErqR/EF9a /Gn4q/Fj4V6R+yh8IPCnwn0HxPpXxE+DF5aa1b6hd6LLBam6dvP1ItNuO2Np8SgntGqk4oA/ eX9rf9oyw/Zb+CupfFO403+2b5Z4LHT7HzPKFxeXJIRWfDEKqhnbAJIUgcnI/Pz45+D/APgp F8Sfgvrc3xd8N+AfEXhW7tor3UfCNlPqVvqAjtHW52RzQyoDMjRhtounUlQAH+6frL4p6p+z p+15+y54WtPid4itfDmj/FOKyk0iSW7iguYtWbBSK38w4kmhlLRumDn5lPXNfN8nwp/4Kf8A 7OmmH/hWnxD0b40eHNJjxFpmt25i1GSKMfdDMQ7HaMAG9JzwAaAPr/8AYX1n4OeIv2ZPCWu/ Azw4PCfhq8W4ZtMMzXEtveJM0dysszlnlYyKSHc5ZNpwowo+uq+Wf2Of2htE/aY+Cdl8QtK0 RfDd3bXU+m6lpqEFLW+ttpdVIVTtZHRxlQQGwckZP1NQB+c/7Zn7Q/7QXwy+L/wk+D3wBh0F 9U+JB1CIvrsU7xLLa+SU+eGRSi4ds/K2TivOvGPxm/4KZfAjQ7n4j/EvwN4K8ceEtGQ3GqQe HpruG/itUGZJUaZjgIOWIhkwMkgAEi1+2F/yfj+yV/1+az/6DBX6d+Ip9ItfD+p3PiDZ/ZcN rM935uPL+zqhMu/PG3ZnOeMUAfH3xX/avtx+xRq/7VXwTkt70jTYLyyS9QyRxyvcx280M8aO h3xMzowD43LwSOvy3ZX/APwU5+OHwet9Tn034aan4W+IGgpM1lK2p288+n6tahjE7RSoY3aK XaSkoKno/Ga+WPg4dTP/AARn+J327P2X+0br7ED1Fv8AbbPIz3/e+Z0r6b+BvxB/4KVR/A/4 faV4A+Fng+TQY/DukxaXqF9qTb5LNbOIW800SXKsGaMKzKAME4wKAPPv2M/2eP2Rv2ibbxp4 P+JXwW/4RH4ifDfUF07XLCDX9Zkti7mRVkhJv2IG+GRSu5wMBg7Bhj7++Fn7JX7HXwa+Jln4 h+Gei22k+NdNSZYV/tu+up0WeNopM21xdyqcoxGWQ46jBwa+EvGXw3+M37Ff7J3x3/aA8YeI 4b/4x/FK7sTe3mmAi301bm58nEDlUIdFuZSHVQFbywv3Nzd7qv8AwTc+AGn/ALK02u2dvcRf Emy0JtcXxWL24F4dXjt/tRmP73yxGZBjbjIXkN5nz0AfRf7fH7Q/xV/Z58FeB7/4Qw6ZNrfi 3xJbaJ/xNYpJYFW5ilZT+6kjKneq5PPGeK8l8Q+K/wDgq/4H0S98WX2g/DnxLa6XE1xNYWBv xdTRRjc4h8ySJS+0EgbsnsGOAfin4/8Axa8e/GD9gz9l/wCJGpY1XxfP4yt7cNcHaLy7057y 0ieVyRzMYVMjZHzFjx2+2Ne8Vf8ABVnxpo954Z0/4f8AgrwbJqMTwf2o2otcPbCQbTJGqTy/ OoOQTG4H900AfX37Kn7Q2j/tQfBTRfi3pVi2lS3plt72yZxJ9mvLdtkqBxjch4ZCQCVYZAOQ PQE+E/gS3+Klz8bprRpfFkmlrpAu5pndLewSQzGOGNm8uIM/zOygFu5xXl37IP7Olr+y18DN G+FC6guq38Ek15qF2ilI5ru5bc5jU8hEUKi55IUE4JwPk79tyO8+NH7S/wADP2QdU1K50/wT 4w/tHWPEEFs5hOoRadE88Nu0i4bbmCQFQeC6vjciEAH6aaN4i8P+Io5ZfD+p2uppA2yRrWdJ gjj+FihODx0NM1fxP4a8PyQQ69q1ppsl0dsS3M8cJkPogdhuP0r4S039g/wB8FvjP4e+O37P moy+ALHQrS5j13QrZZ7231y32fJHma5HlMOTnDjeEYKGBLfKn7FP7Mvwv/bG+G2vftMftOWU njrxX451S+jj+0XVxFFp1pbv5aQWyQyJsw24qf4V2hQvJYA/aye7tba2a8uZkit1G4yOwVAP UseMUjXlmlp9veeNbbZ5nmlh5ezGd27pjHOelfgBp2qeIvB37Mv7Zf7L9/rFxrmgfCWWCLQ5 7pzLNDYX0sm22L5xtjECkKAAGZ8ADgfeHi50T/glVudgoPwoshknudIiA/M0Aei/Hv8AaG8Y /Dj9oP8AZ/8Ahl4TWwudB+KN5qsOpSyxtLKIrOO3aI28iSKq581skq2eMYr681nxBoPh22W8 8QalbaZA7iNZLqZIULnooZyASewr8ObD/kOf8E4f+wbf/wDpHYV6p4O+Ffg79tT9tD443/x7 t5fEXh34RzWWg6DoksssNrD9oE3n3DLEyMzM8DMCSd2/nIRAAD658C/tB+M/E/7bPxA/Z8uU sW8J+GfDlhq1lNFG32p5roW5bfL5hRk/etgBB25Pf1P9qT4m+Ivg1+z545+KPhKO3l1jw5p7 XVst0jSQGQMqjeqshIwegYV+dH7Ifwa0H4C/8FGPjB8OPCU80mgWnhS0n06KeVp3tba5mtJR bh3LMUiYsqZOdmM5OSftT9v3/kzX4sf9gZ//AEYlAHq3wU+Klr4++Ffw78ReJtRsIPE/i3w7 pWrT2cUqxsZb20inlMULO0mwM529cDHJr2hmVFLuQqqMkngACvxN8M/8E9vgde/sMWPxBvIb hviTP4Sg8SweIzeTi5trxLFbu2ijHmeWIIFCQhQo+RdwIbBHhvxo/aS+IHxV/Zc/Za8G+Kjr +qWfxLlv18UxaBE02taxaaDcrZmGFdy+a9yu6SQE4LBWIxwQD+gvSPEvhzxAZl0HVbTUjbNs lFtPHN5bejbCdp9jW3X84njceG/AfiTwR8Sf2MP2dPir8OvGPhnUYPt32rQb0WGp6T/y8W9y FuLl3ZiFH3RuBbcdwQr/AEd0AY+teIvD/hu2F74i1O10u3JwJLqZIEz/AL0hAq5p+o6fq1nF qOlXMV5aTjdHNC6yRuPVWUkEfQ1+H3xob9kJf2p/H+ofG5/EP7Q3jC5MNvZeGdB0q5uIvDkM S7Tar5d0kUsh+XeQV2uHLKJGbHU/8Evb/wDsb43/AB++Hfh3RNY8HeELObTL/T/Dmt71u9La 584lHjdnZGZCoOWLFVTcSRmgD9pKKKKACiiigAooooAKKKKACiiigD//1P38ooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACvzAk/Zn/aw/Z++I/jrxF+yDr3he68JfES+fVLrRvF C3anTdRnz5s1q9sCGUnn5iBtCoUbYGr9P6yNZ8QaD4dt0u/EGpW2mQSMEWS6mSFGc9FDOQCT 6UAfmFb/APBN++8T/ATxh4W+J/jT7Z8VPG2vx+LLjxBaRsLey1iDzBCLeP8Ads0KrNMpOEP7 wlVXaoEXjD9nX9vj9oXwnZfBX9oLxp4Q0nwGJrb+2b/w7Hdtq+sQW7rJsYTxrBGWZQzFVQB8 Haygqfof9uz9oTxn+zl+z+3xS+G6WN3qR1KwtU+2xtPbtDdFtzARyRknAG07sexr1nU9b+Nc f7RmkeH9Ng0g/C2XQnnvJZJANWGq+bKFWOPzATBsEfPlnnd83YAHi/iP9ljXG/ai+BnxZ8GT afY+CfhLomoaPJZSyzC8Mc1lNaWy26LE0bKm9NxeRCADgE8Hb+OH7PfjP4l/tK/A34yaFe6f Bovwzl1aTUobmSVbqUX0UaR/ZlSJ0Ygod290wMYzX1Xq/ibw54feCPXtVtNNa5bbELmeOEyN 6IHI3H2Fac13a21u15cTJFAg3GR2CoF9Sx4xQB+aX7dH7CHiP9qXx54L8Y+CNctPD5gh/sjx MZ5ZopLzRftMdyiQiKKQSSRuJGVJCqsxXLDbX0l+03+y94Y/aI+Bn/Cm4Lo+G20p7W50O8gQ sNOurFSkDKgZcoI2aMjcCFYkEMAa+hpvFHhq2v7XSrjVrSK9vVDW8DTxrLMp6GNC25h7gGvm z9rH9phf2bNA8H3trpsGrX/i/wAR6foSpPceSttFeb2kunUAs6osZAGVG4glsDBAPlPxP8DP +Ckfxi8O6Z8Ivid8QfCfhrwtBLb/ANpa94cN+muX8MDBhwyRxq7EAts8pSRzlcqfYv2+/DXw yg/Yo8Z+C/GOsJaR6Jo8MulyXk4lvHvrDb9iAaRvMkknkQRM3JYOxPevvS3ube8gS5tJUnhk GVdGDKw9QRwa+Zfjh+zV+zP8U/FuhfFP456LZ32oeGoxDaz397Lb2ojSQzKksXmpDKock7ZF YHJDAjigDzf/AIJ1/CTU/hb+zLoepeKTJL4q8fTS+J9YmnJM8lxqeHj8wt828QCPeDyHL9ya +W/+Hevxn/4YGP7LH9taB/wlf/CQf2t9q+0Xf9neR5u/b5n2Xzd+O3lYz/F3r9etJ1XR9ZsI tQ0K8gvrJxiOW2kWWIgf3WQlTj2NWLO+stRgF1p9xHcwsSA8Th1JHXlSRQB8u/trfAzxb+0f +zn4k+EPge7sbHWdYlsHhl1GSWK2UWt3FO+9oYpnGVQgYQ84zgc18pftNeA9GHx6+DzfDf4k 2Pw//aF0TRfs+mJqVrcS6VrWmKsiS200wiMY2sJiik7yHOF3bGX7j+P3xy0j4I/BTxV8YIIo ddHh62aSK1S5WIXEwZVEQkAfBy2ThSQAeK/On9ubxT4K+K/7L/wI+JfizwloniPUPGmueHrK 4ErXGdPTW7GS6uo7aa1uIZkYPGgwzspAG9WOCADyTUtC+OGp/wDBR/4EwfGvxvo3izxhapqF zcaV4chkTTtDsYLeV0+aXDmS4cSFjIof5UGSCgH7z18vfAX9nT9mD4AatqenfBPRtO03X5Yl ivnF497qJjDbtsjTyyyopbkqNqkgccDH1DQB+ZPw3/ZY/aR+Fnxb+MVvoWteG774WfFm91vV pVnNymrW15qUM3kooWIxBUlkVZDvbdGu5QG+Svo39kL4HeLPgD+y/wCF/gn4xu7K81zRYtSS aawklktGN5fXNzHseWOJzhJlDZjHzA4yME/St1rmi2KXb3uoW9utgoe4MkqIIVYZBkJI2gjk E4qJvEfh5NH/AOEifVLVdK2eZ9rM6C32f3vNzsx75xQB+V/hn/gnT4ub9jfw18DPEviey0f4 ieCdbn8QaJrWltNPbW14ZmkiBMkcEhVlYBiEyjBWG7bg6/iX4Df8FCvjy2g+BPjd498M+D/B uk3UFxqN94Nkv4dX1TyO26RUWPfkk7diq+G8tgAo/Uew1Cw1Wzi1DTLmK8tZxujmhdZI3Hqr KSCPoazh4o8NHWP+EeGrWn9q43fZPPj+0Y9fKzvx+FAGtbwR2sEdtDkRxKEXLFjhRgZZiST7 k5Nfnb8Sf2af2g/AP7QOv/tHfska5oMd742tYYPEWgeJVuRY3M1soSK5hktsuJAB90lADvO5 g5Ue0ftY/tML+zZoHg+9tdNg1a/8X+I9P0JUnuPJW2ivN7SXTqAWdUWMgDKjcQS2Bg8z8Rv2 ivFvhn9sX4N/AzQv7Pn8JePtN1i8v7hkZ7gNYWtxNEYZVkCKu6Jd2UbIzyKAPndP2Gvjf4w8 AfGvxV8WfFekat8YPi9pkOlxm28+DRNNtLd42SFG8ppSCIk3HyjjaPvEs59N1v8AZI+I+pa1 +yVqMGpaSsXwGsfs2uBppw1y/wBisrfNliAhxvtnP70xHBXvkD760jxBoHiCOWXQdSttSSBz HI1tMkwRx1VihOCPQ0ms+IdA8OW63niHU7bS4HbaJLqZIELegZyBn2oA/OnxH+zJ+0v8Gvjh 40+M37IOu+HZdO+I8ovNc8O+KFuhbDUMkm5t5LbLFnd3cgsgG4j5xtC9f8Ef2Z/jvpEPxP8A H3x68eR+I/HfxGsJ7GKwsZrldB0uJ4iiLDFIBzkICwiBVVIBcszN9829zb3cCXVpKs8MoDI6 MGVgehBHBFeX/FD4lad4R8EeM7/Q9SsZvEfhzRdQ1KKyklR5A9tbPNGZIVcSbCVGemR3HWgD yr9kX4GeLPgF+y54Z+CXjG7sbzXNGi1OOaawklktGN7e3NzHseWKJyAkyhsxjkHGRgn5e8Nf sI/EOH/gnlq37IfiDXNKh8U3k0l1De2zzzWAkXUEvoVZnhilCsIwjkRErkkBsYP13+yJ8WfE /wAc/wBnHwT8V/GcdtFrXiG3nluVs42igDR3MsQ2I7OwG1BnLHnNfSNAHgf7Nmi/HTw58LbL w/8AtCT6LdeJNNcW0MuhGY272MMUaQmXz0Q+cSH37RtxgjHIHmvxK/Z68Z+Mf2xfhB+0Lpl7 p8Xh34f2Gr2t/bzSSreyvqFrPBEYEWJo2UNKpbfIhABwCeD9jUUAfmL/AMM1/tY/AH4meNtY /ZF1zwvceC/iLfSardaV4q+1/wDEr1O4/wBdPbG1X5kbjAJPyhUKNtDmb9mz9hvxv4J8M/HX wl+0J4jsvF8PxlmSS4vbBpY7h2lSf7RLIkkSLFIJJt0YRnHAPH3a/TSigD8k9D/Z+/4KPfDb 4aN+zt8PfHfg298GwxSWGneIbxb6DXbHTnyoRUjV4leNDiLHmFMACQYXb6J4q/Yj8ct4a/Zz 8M+H/Fia8/wh8VWfiDWtR125uTdX6R3CTz/ZwEn+bIKxRu6qqhQXzlj+lFFAHxz+2H+z34z/ AGg9N+Gln4MvdPsn8G+MNN8QXh1CSWMSWlmsgkSHyopcyneNobap5ywrzb9oL9nP9ofUf2pP Cn7Tv7O+r+Hor/TtC/4R/ULHxB9oWJrf7RLMZI2t45CSwlxj5SpRSNwYgfofRQB8KfDH9mHx 74L+Jv7THjTVNQ0yWx+MxtP7HSGWZpYPIt7uJvtYaFVTLXC48tpOAenAPlo/Yq+KY/4Js/8A DHX9q6N/wmf/AD9+fc/2X/yHv7U/1v2fzv8AU/L/AKj7/H3fmr9PaKAPzv8AjZ+yH8TNe1T4 W/GT4HeJ7Dw38WvhlpUGkb79ZZdL1KzWPbJbzlFMioC8pUiMkhzkKwVlpeCfgP8AthfEn44e Gfi5+074y0jRNE8Fh5LDw54Onvo7a7uGIO+8aYgsmQpKlpAwXbhQW3fo7RQB8c/s9/s9eM/h N8efj18UfEV7p9zpXxR1LTbzTIrWSV7iGOzW5EguVkiRFY+cu3Y7g4OSOM/Y1FFAH5heCv2K vil4c/ZP+OPwJvtV0Z9e+JniDVtW02eOe5NnFBfparGtw5txIrgwNuCRuBkYJ5x9Jah8DPFl 1+xSv7OEd3YjxKPAsPhj7QZJfsP22PTlszJv8oy+T5gyG8rdt52Z4r6rooA8W/Zy+HGt/CH4 E+Bfhh4lnt7nVfDGk21jcy2jO9u8sK7WMbSJG5XPQsin2FfMf7VP7OXx68ZfHD4cftE/s6ax oVn4n8D2t9YPa+IBOLWWG8R03A26OzELK4K/Lj5SGJGK/QWigD4v+FH7PXxA8Hftc/Ff9oXx JeaZJo/xA0zRbW2trSWZ7mKewtLeCcyLJCiBC8TGMrIxKkEhTkBND/Zs8UW37Z3j39oHW7jT rrwf4v8ACkPh9LISTG981Wt/MMsZiEYiZYmGVlLcj5Rzj7RooA/J/wAF/s1/tz/sw6ZrPwv/ AGZPFXhHXPh5fXc9xpP/AAk63i6ho32li7onkK0bqCc5beGbL+Wu5lP2N+yj8CfE/wAAvhk/ hzx34yvfHPijVbyXUdS1G7mlljE8wA8q2WVmKRIB7FmLMQMhV+mqKAPjn9tD9nrxn+0Z4R8B 6B4JvdPsbjwv4w0zxBctqEksaPaWUVwkiRmGKUmUmVdoYKpAOWHGdn9rz9mZf2mvh3YaLpOt t4Y8W+GNQh1jQdVVS32W+t87d4Ug7GzyRyrBXAbbtP1bRQB+VviX4Df8FCvjy2g+BPjd498M +D/Buk3UFxqN94Nkv4dX1TyO26RUWPfkk7diq+G8tgAo9X+P/wCzB8VLj4xeHf2mP2Xtd03R fH+i6d/Y19Y64J303V9NB3LHM8W6UOpxz1bCHehQE/fdFAH4ieF9B+Pum/8ABT/4X63+0VrO kah4j1rwzqksFnoSTLp2m2kcF2iQRNcfvHJYO7s2fmbAYgDHt7fsy/ti/BP40/Ejxl+y54k8 Jz+F/irqT6te2viZLvzdPvp2eSWSEWyEN80jbSWII2q0fy7j9/ar8G/hvrfxU0X416no4m8a eHbObT7C/wDPnXybWff5kfkrIIW3eY3LIWGeCMCvTqAPzN/Zv/YU8V+AfDnx28G/HTxHaeML L4xypJNfWZkiu5HljnN1PLG0apFIZp98YRpAMZJHSuF0P9n7/go98Nvho37O3w98d+Db3wbD FJYad4hvFvoNdsdOfKhFSNXiV40OIseYUwAJBhdv62UUAfmp41/Yx+NGhfC/4VWnwN+Kt4vj /wCF081y91rt1dPp+ttdMHnS7jVpSEUgpCu19sRKE5O8U/C37Mn7Tnxc/aB8B/Hj9q7U/Cth F8NVnfStM8LR3Jee4mAG65mufmCBgHCh3HG0Ku5if03ooA/PD4d/s5/tD/CL9r7x18UfBmse Hr34YfE++gv9atrz7QurQtbwyhFtgkZiyJZScs+GTghSK+7vF3h+Lxb4T1rwrPKYI9Zsrmya QDcUW4iaMsBkZwGzjNdDRQB+S/ww/YW+NWofsxeJP2Q/j7rmgTeD7RQ/hXU9GFzJqFrd/a5b szXMcyRI6bpANgbO0sm7kMLWv/s+/wDBRD4qfDpP2e/ih488HWXgqVIbPU9f02O9l17UbBGG 6NklRIQ7oMSEBN3QswL7v1eooA4z4d+A/Dvwu8CaB8OfCUTQ6P4bsoLC1VzufyoECBnbA3O2 NzNgZYk18W/tU/s5fHrxl8cPhx+0T+zprGhWfifwPa31g9r4gE4tZYbxHTcDbo7MQsrgr8uP lIYkYr9BaKAPi/4Ufs9fEDwd+1z8V/2hfEl5pkmj/EDTNFtba2tJZnuYp7C0t4JzIskKIELx MYysjEqQSFOQMsfsq63q/wC1r8TPjH4tm0+88CfEDwYPCz2KSzC+PmCBJ/MXyljWNkjcBllL cj5R2+5KKAPyY8H/ALO3/BQn4A+Crv4GfA3xr4P1jwMHnTR9U1xLyLWNKt7hi5VVhR4SUZ2K ZEozyAq4Qfc/7MnwU1P4BfCPTPh/r3ii+8ZawjyXV/qd9NLK0tzNjcIhK7skSABUXPYsfmY1 9AUUAfDnx8/Zo8e/HP8AaX+EPjnVb/TU+GHw0kk1OaweWb7fdatuLxN5QhMLRI0UHLS5x5g2 88/ZniDQtK8U6DqXhnXbdbvTdXtprO6hb7ssFwhjkQ+zKxBrXooA/IjwN/wTg8aXX7NOtfs3 fFfxTaCHQfEEuueB9a0mWaS705nD4W5ilhgAUsxdkjdstIxDgqjV0sHw7/4KxQ6N/wAIEfiJ 4Ge18nyR4iaG5OphAuzdt+zeWZsc7jGeed+a/VKigD4J0D4KH9in9jHxb4c+Gniu3s/EOm2d 7rM/iDWFAt31R0XzLiSPZMAuI1RE2uThQdzEk/RX7N3iPxv4x+Afw/8AF3xJbf4m1vRbK+v2 MSwEy3MQlyY0CqhwwyoAweMV7LdWtte28lnewpcQTKUeORQ6Op4IZTwQe4NT0Afnf+2R+zT8 ffi58WPhR8XfgHq/h7S9W+G51CQf29JciNpbrygm1Le3n3qAjbtxXGRjPOPL/GX7OP8AwUd+ Omh3Pw9+MPxb8J+HPCGrr5OpJ4as7iW5uLZvvxZnggba44YCVQRwcrlT+sFFAHxj8V/2UrW8 /Yx1X9lL4MNbaYh02CxsJNSkdYi6XMdxLLcSQxSNvlYO7FYzl26AdPoP4L+DdT+HPwd8CfD3 W5YZ9R8L6Dpel3MluzNC81laxwSNGzqjFCyEqWVSRjIB4r0uigDyX47fB7w58ffhH4m+EPit 3h07xJbeSZoxl4Jo3WWCZRwCYpkRwp4O3B4Jr89W/Z8/4KMX/wAK2/Zp1Hx94Mj8FfY/7Jbx JHFfNr0mk48nyTEVEPmGH5GOd2P+WxbLn9ZKKAPze+Nn7DN/rXwX+C/wX+C17ZWOmfC3xFY6 rM+rSyo9xBB5rTspggkDTyyylyCqJknkcCv0hoooAK+LP2sv2ZPF3xj1bwR8V/g74it/CvxP +G11JPpN1eI72VxDcACa2uQgZgjAfeCPwXXbh8r9p0UAfmt4W/Zx/ak+L3xy8G/F/wDa313w 5baV8N5JbrRdC8LLcmGW+kCjz7iS6G4BSiuBufJAGEBbdy/hD9mL9sX9l7VPEvhP9lDxF4S1 L4b+I7+W/s7DxSt6LjRJbjh1gNsCJI1AUDcxzgHywS7N+qNFAH55/DL9hGDw/wDAX4o/D74g eKH13xz8Zxc3HiPXkjwn2yXzDCYYjtJjgeQuFJUsS33FIVfnq4/ZO/4KC+KPgNJ+y14n8deD LLwPpmmHT7W/tEvX1O+gtY/9BtJ2aIJFAGSOOV0TzFjBx5vIb9kaKAPzVtv2N/ibDqX7Jl42 qaOU+A9pcwa4BNcZuXmt7aJTZf6P84DQtnzfK4I46gafxJ/Zv/aG+H37QOu/tEfsjaxoS3Pj q3gg8S6D4m+0CxuJ7VdkN1C1qN4ZV6jcuCXOWDlR+i9FAH5v/svfssftB/Df9pbxx+0P8dPF Wi+JL7xxo8drMNM+0Rm3uVlhKwxxyxKv2aKKEJG2/ecDcmck/VH7T3wu1/41fAHxv8K/C1xa 2ureJdPa1tpb13S3RyytmRo0kcLx/CjH2r3iigD8hLH9mH/goXZ/Bez/AGWB4/8ABw8ByWEW mXGurFfHW7fTnQJPZRJtELoqloo2O1miAy8ZOF9y+MP7Cdlr/wAGPhj4L+C/iA+E/GHwXkju fDOrTqZEM42tOLlVz8tzKiyOQrYYfcZSVP6E0UAfl7f/AAE/bu+PHi3wpaftDeNvD3hDwT4X vY725g8EzahBe6tJDwFlkl2lEcZBwwC7iRGW2lf1CoooA/KjQP2Zv2yf2fvjF8T/ABP+zfqn gvWPDXxS1WTV5j4oF8t3Y3EskspGbVcuqGZgCXfcACVU7i3ffslfsmfGv4D/AB4+I/xR+Jfi /TPGVt8Q7O2lubyFZbe9/tONw8i/ZjH5K24LyLGVmztVP3a5IX9GaKACiiigAooooAKKKKAC iiigAooooA//1f38ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACvxc/Zj+Bnw4/b l8WfGD4/ftHWcvjCSHxTf+GtF0+4uJ4INL02xWOSNYkgkjKuVnUZPIZS/wB92Y/tHX5gSfsz /tYfs/fEfx14i/ZB17wvdeEviJfPql1o3ihbtTpuoz582a1e2BDKTz8xA2hUKNsDUAfLX7Y3 7OOq/sw/sKeIvh8PGU/inw3L4ysbvRLa5gMcmk2crvi0Eplk81RgNkLGNxYhfmNfUHjydLX/ AIKy+CLqQErD8MbhyFGSQt7fk4Hc1wPi3/gnV8VfEH7Nfi3wZc+LtM1r4q/EXxPa+Jde1O7a e303fAznyLfyoJJNqeYxUmJcliMIoAH154g/Z68Z6r+3J4a/aZt73T18L6N4Qk8PzWzySi/a 6e4uZg6RiIxGLbMoyZQ2Qfl6EgH4t/A7xZ8LPjlD4t+M/wC078EPiP8AGjxR4s1G5WC90TS7 i90jTrFceXaWckd3DtaIlgRg7AFC4O4t7V4F1H4m6f8AsJ/tOfDbxZ4f8U6J4O8MxiTwj/wl thNZ340q8kfbakyfI/2cQqWEbMEMnZWUD6s8Nfsxftifsu6x4p0H9kjxB4T1T4eeJr6XULXS /FK3iz6NcXHDi3a2BDxqqqAWY5wMx7tzN1mj/safF6H9lf4p/DTxj4//AOEv+JfxTEs91e39 xcjSbSd33LDbqUd44gSxLJCu4kDYFVQAD5F1D9hj4JP/AME7z8bdWs7u/wDiS3gy38VLr819 ctcpMlml3DAqmTyhFHEFgVdnCgEEMAw5/wDai8L+Hvit+yr+yZ8VvH1kNY8Wa9qnhjQr/UJp JPOudPuIJ3mikIYAmV13s+N5bPzV+q+ofAzxZdfsUr+zhHd2I8SjwLD4Y+0GSX7D9tj05bMy b/KMvk+YMhvK3bedmeK+c/ir+xd8U/F/7HXwn+C/hnXdKsfHvwru9J1KG4laZ9NuLrTYZYig k8rzQp83crGLkqFIAJIAP0L8DeBvCnw18JaZ4F8D6cmk6Fo8Xk2lrGzssUeS20FyzHkk8k1+ Pv7TT/snr+1nrupftAajrnxq11NPtrfS/Amh6ZcXKaEuxC7M0Vykckk3D7TtKl8spzGV/W34 VL8T0+H+jr8Zm0tvGYjf+0ToxlOnl/MbYYfPCyY8vbuyOGzjIwT+fN9+zR+1p8G/2jviN8ZP 2ZtS8I6tpXxTkhnvrbxV9sWazni3EeW1quWjDuxGH5UhSmUVqAPn7/gnpe2Ph39sX4yeAvAn hbXPh14IvtBttXt/DGvK8d1Zz7rZVkeKR5GQuJnZQWJ2MqkkKK+kP+CRn/JmWj/9hfVP/R1X f2cP2Sv2gPhb+1T4m/aI+KvjHR/GB8c6EbTVWtkntZ7e+86Bo4raAxNG1rDFbrEjtKrkclAR z5p8Nv2UP25v2fNO8QfBb4E+OvCcHw01q/ubqy1PUobt9a0mK6wr+REi+S0qgZXezIWG7Me4 igD4+8D+CPCPjP8A4JZfF3WfEFgmoXHhnxZq+paZKWcfZ7r/AEWESrsYBj5cjLhsjB6ZxXX/ ALUPwd8H+C/+Cef7P2i/DSxHh258aeKPCepXk8Ekpd9U1DQ50kutzsxVyQp+UgDHAFfZnwg/ YT8aeB/2KPiJ+yv4j1/T31LxVeajPY39qZpYEjmWD7MZw8cTBt0I8wKGCg/KzVyOsfsi/tZf EX9nL4b/AAc+I+r+Ehqnw08WaHf2VxZzXqxS6Ho9lJahJGNsS10WcEYRUZepUjkA8S/bY/ZK +Dv7I/ww8D/HD4DWl74e8b+GPEemQtqn2+5mnvlmEnmtcCR2TfIwyxRVBBZNuw7R+69fHP7c n7PXjP8AaZ+C9v8ADnwJe6fYalFrNjqJk1KSWKDyrXfvAaGKZtx3DA249SK+xqAPxFT9nfwF +0V/wU8+O2h/FOO41PwvoenaBfSaSlzNb295ef2XZxW7z+S6MwhV5SoyOW67Sytx37N/7H3w q8V/tVfHL4EeLlvtX+F3w1vra+0nw3Lf3S2KXmrxZE7hJQ7vDDGYlZmJIOWya/SX4a/s9eM/ B37Y3xf/AGhdTvdPl8O/EDT9ItbC3hkla9ifT7WCCUzo0SxqpaJiuyRyQRkA5APgn+z14z+G /wC018cPjPrl7p8+ifEt9JbTYbaSVrqIWMLxyfaFeJEXJYbdjvkdcUAfld4Z8eeIf2UPg1+2 n4M+Fd9cWWneBfEOn2fh5WkeVtOGtXL2kjxuxLK8cQUq5Od6KxyTz5tD4D+BF38BYtO0j9nf 4xS/FaWwW+g8ZR6JctK+uMnmrdCVbwg27TdMRlvL+YfvPnr9RtE/Ye1DW9R/ac0n4oX9lJ4b +Ol9aXOnmwklkurMWpmkjlmSSKNBJHK8ciqrupKkMcdfLh8Bf+ClVn8L4/2ctP8AH3g1PCUN uNMj8UKL+LX00tR5aptVfLWURDaCMtj/AJbbvnoA+YP2nvDF38Vf2Yf2Yfib8d/DFzbfEjUf FGleF9YfUorizvpLBJb2ORJoZChU3BiWYttDHduUhSK9L/ao/Zy8AeIv2yP2af2dtEt5tA8G vo2sW7W1jcSxP9ggSe5nthKWMgWdEeJ/myVdhmvq39of9jPxp44/Zn+H/wAI/hj4sE/ir4a6 tp+s2epeIJJpvt9zZpMshuJAJXXe8xdRhgu0R8L8wt2f7PH7QXi79ob4E/tB/FO/8OLqPw/0 vWrTxBBpkt0Flnv4bqG3NkksGGULLGZPMdCCG27gBkA+afEnwM+Hv7I/7e3wA/4UFaT+F9L+ IkWsadrGnx3U81tcR2sClCwneRj80itjdjfGrABsks+A3wb8Fftu/Hz44/FX9oy2l8VWXg7x Hc+GNA0a4nlitdPtbRmUv5cLp87qEz2372O5iCv218c/2evGfxN/aS+Bnxi0G90+30b4ZT6t LqUNzJKt1ML6KJI/sypE6MQUO7e6YGMZrxfW/wBmb9pr4KfG3xt8XP2Qtc8OT6R8Sbj7drXh 7xSt0LePUSSz3NtJa5Yl3d3YFkxuK4cBNoB8d3XjXxH+wx8Rf2lPgf8ACnU7pvCWl+DV8U+H LWd2uzot7czW1qRF5hbCK92XO4HIRC+TuLehab/wT9+CWq/sPL8TJ4rmT4n6p4UbxU/iY3tx 9rbULmzN6ysfM8toTuMTZXLKSxO87q+nPhP+w/qdy3xT8cftO+IIfF3jz4v2Emj6nLpatBZW GmMiqtvZeYgfK7EIdl48tPlJDM/jkP7MX/BQXT/hDffsraX498If8K7FpNplrr80V7/bo0ll KJZmNV8lQY/3RPzFIyQshIUUAfTP/BN//kyX4W/9eV3/AOl1xX29Xzp+yX8IvEnwG/Z38F/C Txfc2l5rHh23miuJbF5JLZmkuZZh5bSxxORtcA5Rec/WvougAooooAKKKKACiiigAooooAKK KKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiig AooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKK KKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAP/9b9/KKKKACiiigAoooo AKKKKACiiigAooooAKK+F/2y/wBr3V/2dpPCXw++Gvhg+M/iZ8QZ2t9G09mK26bXRPMn2lWY MzhVUMoOGZnULz80eKfi7/wVe+FXhy/+J3jDwH4M1/Q7CI3d9pmntK11a20Y3SlNlzliqg52 tMR1AIFAH6/0V4F+zL+0F4Y/ac+D2jfFvwvbvYJf+ZDd2UrB5LO8gO2WEuAAwBwyNgbkZWKq SVHvtABRRRQAUUUUAFFFFABRRRQAUUUUAFFUNV1CLSdMvNVnUvHZwyTMq/eKxqWIGcDOBXy3 +yj+0pf/ALUvwX1D4t6ZoK6Ix1C/s7Gyabz2K2wXyjK+EG5y3zAYA6ZOMkA+s6K+dv2YPEv7 Qniv4YjVf2mfDdl4V8ZfbZ4/sdiVMP2RQvlP8txcjcxLZ/edug7/AETQAUUUUAFFFFABRVLU tRstH0661bU5lt7OyieeaRvupHEpZ2PsACTX5afDz9ov9tP4q/slP8cvhR4X0vxL4r1/xTdJ pGnXEKwwxeHYS8O591zbh5UnjZd3mcj+E9aAP1YoqC2ad7aJ7pQkzIpdR0DEcgde/vXxZ+35 +0X46/Zf+Ay/E34eW1hd6sdWtLHZqMUk0HlTrKWO2KWJt3yDB3Y68UAfbVFZ+k3cl/pVnfTA CS4hjkYL0BdQTjOeOa0KACiiigAooooAKKKKACiiigAooprusal3IVVGSTwAB3NADqK/H3wv +1j+2Z+1x4s8U3P7Huh+G9C+Hnhe7ayj1nxJ57PqEyfNhPK3bS6FX2CL5FZd8gLAV7n+yP8A tefEb4lfFDxd+zZ+0T4WtvCvxS8Gwfa3+wMxsr203IDJGHeQqQJonXEjCRH3ALtIoA/Q+iii gAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAK KKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiii gAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD//1/38ooooAKKKKACiiigA ryT46/GHw98BfhVr/wAVfE0T3FnokKstvGcPcTyusUMKnBxvkZQWwQoyxGBXrdfPH7VXwQk/ aH+BfiT4XWl2lhqF+kU9lPLny0urWRZohJgEhHK7GIBIViQCQBXVgY0nXgqz9y6v6X1NKKjz rn26n436J/wWB+McfjBL3xF4Q0Sfwy8v7yzthcR3iQ5/guXldDIB1Ji2tjgLnI/fPwb4s0Xx 54S0Xxt4blM+la/ZwX1q7DazQ3MYkQsp5U7WGQeQeK/l40T/AIJy/tb6t4wTwndeDDpkfm7J dRubmD7DGmcGXzI3cuuBnCKz/wCzX9N3ws8BWPws+G3hj4cabM1zb+GtOtrBZmG1pTbxhDIQ MgFyCxA6E19nxnhsupxp/Umubryu6t5nq5rToJR9la/kd7RRRXwR4x+en7cn7KXxF+NWoeCf jH8B9ch0L4nfDWaSbTvtAUQ3cbuj+WzsrqrIyEoHUxuHZXwDkfLd/wDt4/tpfAmyltv2sv2f G1DQ4VMV3q2jl0thE3ylpJEN5asWH8JkiB9ulekftyal+0j8Bvj34F/ao+GUeseLvh9pNobH XvDdrc3BtVb98pnkt03ookjlG2byyEkiUv8AeUHO1v8A4LE/s03fhadNE8L+I9Z167jeCLRZ 7KGPzZmG0RSyCaVQjE7SVV2x/AelAG74x/ay+CPwr/YK1r42/sh6TYaDb312un2VjFZxWn2P WbopHK1zAgKGeGEeaM7lcKnLIRXC+CP+CcHi74g/CzT/AImePvjX4xg+L2v2Kail9DqLCzsb i5QSpAYseaypuCuUmTkfIFAAPgvw1/YZ+MWvf8E6/iDoWp6K2keMPFWtReKNJ0GRDFLHFZKq rCY2OY5p4/NCI3I/dhsEnH0L4A/4KufB3wh8HNP0H4k6PrVh8UvDllFpt14e+wSrJcahbIIv kkb5Y1kcAkSYdMkbWIG4AxvhP+0p8Uvin+wB8d9M+I+oSj4hfC6y1bSbnUYZPLuJfLgYwzM8 W3EqlXjLry2wOSWLV5N8Cf2Q/iR+0V+yjZfHX4nfGTxXH4iTTLqXwzaWd+Y7Oxi07zIrdp1K lpJJGiLO6OjlWBZi+TXXfCD4J/Eb4b/8E+v2i/iR8WLE6T4k+KdjquttYsCssFs1u7R+ajfN G7vJI2wklVK7sNuUfa37FI/418eCh/1Ll9/6HcUAfAv7JXwO+KX7fnwSTx38fvi/4nt9P0J2 0PRLTSrpLcMbJEY3l8WR/tMpZwu5sSHZkyc8df8Asr/tTfEb4R/sW/G/WvHWqS+LNW+Derz6 TpdzeyNIztM0dtaxyO7F2jS4bcASSEOwHAGPfP8AgkB/yZ1a/wDYd1P+cdfIH7OXwc1X49/s 3/tffCvQdn9rat4tnkshIdqvdWU4u4Yyxxt8x4gm48Ddk8UAcb8MvC3wG+Mnw+t/ir+0h+1r qOm/FTxDG96iWmuRW0OjvLkxRG2K53KMGSONoVX/AFaBdu8/oD/wTM/aM8ZfGTwT41+HXxC1 6Pxbrfwx1NLBNcjcSDUrCcyrbTF8ZkOYJMSnl0KlstuY/B3wX/aC/YO+GXwms/Af7UXwTs9I +KPg23XTtQtLjwxBNdahJbjYk3mSIMSyKAZDMyZfLAsCDX6I/wDBOtfE+veCfFHxK1z4SeHP hLpfiS9QaNa6NpZ029utPgMhSW9y580DzNsLbI84dwu11NAH1t+0F8VI/gh8E/GnxYaBLqTw zpk91BDISEluQu2CNiOQrysqkjkA8V+Uv7Pn7GHjL9rP4WWP7RP7Q3xc8Wr4q8ZLJfaZFpN8 tra6bAWZYCsRR1+YAOEi8tVRtv3ssP1M/aT+Ft18bPgL46+FenypDe+ItLnt7V5f9WtyBvgL kchfMVcnsOcGvyz/AGYv+ChPw4/Zu+C9h8Bv2nNJ1nwh45+HcL2H2M2EkhvYI2ZoDERwrbCF y5WNsB1cq3ABt/s7/Gj4x6T4I/aX/ZZ+L3iGbxB4l+Eei6pJpeuNIwu57L7LMqMz58wlCI5E dmaQeZtLfKteU/sWfsh+Lf2sf2ftN+JPx3+Kni02Ltd2nhuz0/UjEltDbXEqyXUxkWTzZWuf MC5wQigFiCoTsf2efA3xF8beGf2pf2zfiBoknhq0+J/h7V4tDsbgEXJsEtpm8yRSMhdkcKI3 HmEOwATYW89/YJ/4KG/Cn4Afs16X8M/jfZ6po76M99caJcw2Mk8Oq2c91LK4hcYXzI7lpYyW Ij4A37gwAB6t+z1J8QviZ4M/aA/Yc+O3jbV768+GU8T6frtldGDVLiwjkeRUM8glYx5iiJD7 m2TNHuwq4zP+CTvwf0yx+AesfHeDxDrX9qTprOlDTDeD+yI0XypBOlsEDC4ygHmb+hPFekfs G/D74h/EbxP8c/2tPGmhzeHf+FtNJbaDY3KlJjYjeRIwbB2EeSiNwHKOwG0qT5X/AMEuPjp4 S0X4UeI/2T/EFrf6V8QdLfXNQktrm3McflIkauhYncsqNkMjKCMGgDmvgB+1F45+C3/BLzxJ 8Wjqk+r+LpPEF1pel3GoyvdMlxdGFFcmUtu8mPzJVU5UsoBGCa9g8Ef8E4PF3xB+Fmn/ABM8 ffGvxjB8XtfsU1FL6HUWFnY3FyglSAxY81lTcFcpMnI+QKAAfm39n34GeJP2gf8Agk94l8Fe DYftXiCy8SXeqWFv3uJbPyWaFD/fkiLqnYsQDgHI+nfAH/BVz4O+EPg5p+g/EnR9asPil4cs otNuvD32CVZLjULZBF8kjfLGsjgEiTDpkjaxA3AHlemftN/Fj4l/8E4PjZp/j/VJ4fiJ8MLu LRrrU7eUw3Myi9gEcrPFsIkH7yJmH3wm4kszVp/Cv9h3x/8AtC/s1+H/AIz/ABJ+M3i3/hO9 T0SK80OK1vRHp1hDHBtskaHbvdnjVGldHjZmYklmy7eeaX8E/iN8N/8Agmx8f/iR8WLE6T4k +Kd5ba21iwKywWzXsDR+ajfNG7vJI2wklVK7sNuUfrp+yV/yaF8Jv+xO0j/0ijoA/Mz4cftO /tC+Jv8AglT4t+JGjald6l458LXcmj/2suZb5bBZrcyXRYAs0sNvOy+b95Qvms25Sx8D+HHw 6+B/xP8Ahvo/ib4DftQ63ofx8eG0mmi8Sa3Jp0E+oFkaeAq8QkdQd/l+XJODxu3gnHqf7Dfj L40/D3/gmx4w8Z/AbQ7PxJ4n0rxReytYXlvLdCaz+z2guDFDDLEzyIh3hcnIUgKxIFeM/G74 tf8ABOj45fBS6v8ASPh/NoXxy1GxEdvpuhabcWbx62ygEMIdtrND52d24NKydFEh4AP1J/bS +IPj/wCFH7BGrweO7u2vfiDr+l2fhqeXTixgu9R1ELb3T2+Y4mG+LzpFGxcHgCvnT9vfw3rv 7Of/AATr+H/gPwhqdzot94dvdE0+e4sZ3t5JJRazm5O+JlOJJtzkZwTXAaR4Z+JHizW/2MP2 TviuZ5da8PJceNfEVvdEtJDa6fJM2lwzgknKxo1uwPQnHHNe/wD/AAWR/wCTR7T/ALGbTv8A 0Rc0AZf7aXjf4qfE745fB79ij4Y+KbjwfF44sG1XXtRsnZLs2MaykoHUqwXy7acldwEjFFY7 cg/GH/BRP9jjVP2avgjY618OviD4j13wTqGp21tq2j67eLeIt3ske3vISqRqnIZXAXdlx823 IH1v+2foPjH4GftD/CH9u/Q9Fn8Q+GfCWmpoviK2tF3z29rKlwn2jbwCDHduAxYKrogYgNmv lv8A4KNft1fDn9pH4IW3gD4GWmpaxpdvqFpqGt6pNZS29tZqodLe2JcD95JK2cn5cJhSxJ2g H0x+3z+0L4n0nxd8J/2W/DfjpPhhpvjGwg1DxF4jMvkvbaaxaJUSQFWTd5MpO1lLtsTcFLZ+ Vfi1qHwj/ZX0XT/jP+x7+0teeKPEukXcH9p6BqesxalFq9vM6pIfJjSMEgnLhlYhMujIyAn6 J/b9+Ft94X+K/wAHv2udQ8DJ8RfA/hrS4dJ8T6S1qt4qWa+ayzyQuGQgLcyFHYBUkSPcRkEe U/En9or9jbxraaP4I/Yu/Z+8PePPiNrtxAsVvfeFIltLWEt+984DynLDhSwcRICXaTC4IB9v /tNp8Zv2hvAvwo134e+N4fhZ8JfEtpa6x4p1kamljfR2t7FFNDDHK2zgIWBw4Duy7lKqQfzE /aWb4IfssDQviX+x/wDtE6r4i8cWmpRLeac+tJq8F3bbWLySvbIsRAYKrpIWVw3ABHPtX7fu iR+D/jN+z5D+0PoUjfAfQ9EtrXUrHw9HLb6VBqsYlSeOGNH3RxqBb+Wm4OYFZUbcGNfPP7aH xB/Zf8c/BN/D37GnwrWPQNDv7W98QeLINGe0itk5gt7VrmaMTs00swJ3sB8oADbiVAPtX/gp B8Vdeh+JPwY8HePPFGt+Afgt4otmu9d1LQfME8k5yTCzRqxZY18s7cPw7P5bsiitL9nP4R22 hfG7wn4w/Yq/aBi8afDohv8AhKPDuu601zdrbFgC0FqlvuV8MWQyRxMrqAZCrsB2H7TP7S2r fDmP4Raj8QPAeleOv2a/GOi2M2q3smmtqFxBczQny2+eQwKoV4ZI90QZx5iq24DHwvqmjfs6 fFP9qf4RXv8AwTk0XVLDXNP1eK+8QXtrDeW+l2tkk0RZ5EuWBRVTzFkRAkcit5YDs4FAH9K1 FFfLP7SH7WHgz9mfVvAekeLNI1DVJfH+oPp1o1iIisMiNCpaXzZEO3My42gng8dKAPqaivE/ 2iPjl4d/Zv8AhHrXxh8VWF1qemaI1qstvZCMzubq4jtl2+YyLw0gJy3QHHNbfhD4q6N4y+DW lfGqxtLiDStW0SLXY7eQJ9oWCW3FwI2AYpv2nHDYz3xzQB6jUU8EN1DJbXMaywyqUdHAZWVh ggg8EEcEGvnT9lr9pjwn+1b8Np/ib4N0u+0iwg1CfTjDqAiExkgjjkZh5Tuu0iUAc5yDxX0h QB8yfFLxx8FP2Jfghrvjqy8O2Xh7QLCTzY9L0e2hs1vNQucIkcccaqgeQqNzY+VFLHha+RP2 GPhF8WvHfxa8Vft2/Hqzj0TW/H9ilnomjIpBtNLPlFJXDcqWjhjVM/MwLuwG8Cuz/wCCn+sf BDS/gX4dj+Pln4gvvD03iS1MUXh2W2iuGuo7W6ZBMboFDDs35AG7dtIOAa/Ry2eOS2ieJdiM ilVxjAI4GB6UAT0UUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFA BRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUU UUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAf/9D9 /KKKKACiiigAooooAKKKKACiiigAooooAKzV0bR11A6stjAL5uDOIl808Y5fG7p71pUUAFUp dM02e7j1Ca0ikuoRhJWjUyIPRWIyPwq7RQAUUV4J+0n+0R4J/Zf+F118VPHcNzd2UNzb2kNr ZhDc3M9w2AkQkdEJVA8hyw+VGxk4FAHvdFeU/BD4w+E/j58LPD/xb8E+Yuk+IIWljjnCiaF4 3aKWKQIzKHjkRlOCRxkHGK9WoApXOmabezQ3N5aRTy25zG8kasyH1UkEj8Ku14D8P/2hvCvx F+NHxF+CGk6de2+r/DX7B9uuJxGLaf7fGZU8gq7OdoGG3KvPTNe56heR6dYXOoTAtHaxPKwX qQiliBnvxQBbqld6Zpt+8Ul9aRXLwHdGZI1co3qpIOD9K8a/Zz+PXhr9pX4UaZ8XfCNhd6Zp mqS3MUcF8IxOptZmhYsIndcEqSMN0p/xe+OOk/B/XPAWhaloWp6xJ4+1u30OCTT4lkjs5Lh1 QT3RZl2QruyxAJwDxQB1Xxg8Par4u+EnjbwpoUYm1LWtD1KytUZggee5tpI41LMQACzAZJwO 9fO37C3wS8V/Br9lrwf8L/ixpNvBr+iz6jLLBviu0jM99PNEyyIXTJRwcg5Gcda93tPjV8Pt Q+M178BLG9efxhpmk/21d26xOI4LRpYok3SkBS7mVSFXJwCWxxn1egAqFbe3SZrlYlErgBnC jcQOgJ6mvLvhJ8avh98cNM1zWvhxevqOn+H9WuNFnnaJ4ke7tUjeXyw4DMi+aFDYAJBxkYJ9 XoAKpS6Zps93HqE1pFJdQjCStGpkQeisRkfhV2vKPHXxq+H3w78a+Cvh34lvXj8QfEG6ntdI tY4ncym2QPM7MBsRIwy5LNklgFB5wAer0V4Bpf7Q/hXVf2ktX/Zjg069TxBo2gL4glvGEf2N rd5oYRGpDmTzMzKeUAwDz0r3+gAqhHpemQ3smpRWkKXko2vMsaiRh6FwMkfjXj/wJ+OOk/Hj Q/EOu6RoWp6BH4e1u70OSPVIlhkmktEidp4grNmF/NAUkgkg8V7fQBSOm6cdQGrG1iN8I/KE +xfNEec7N+N23POM4q7RRQAhAYFWGQeCDVazsbHTofs+n28dtFktsiQIuT1OFAGT3rwv4f8A 7Q3hX4i/Gj4i/BDSdOvbfV/hr9g+3XE4jFtP9vjMqeQVdnO0DDblXnpmvfqACqVrpmm2Mks1 laRW8k53SNHGqFz6sQBk/WrtFAENxbW95A9tdxJPDIMMjqGVh6EHg0ltbW1nAltaRJBDGMKi KFVR6ADgVPRQAySOOVGilUOjghlYZBB6gg1WsdPsNMtxaabbRWkAJIjhRY0BPU4UAVcooAKK KKACiiigAoryj4SfGr4ffHDTNc1r4cXr6jp/h/VrjRZ52ieJHu7VI3l8sOAzIvmhQ2ACQcZG CfV6ACivBvgn8e9C+O974zuPBunT/wDCOeFdVbR7bWHZTb6pcQLm6a2UcmKJyEEn3Xzlehr3 mgAooooAKK5Hx74j1Pwh4K1vxVo+jTeIbzSLSa7j063dUnujCpcxRFsjewBCg9Tgd6wfg58W PCPxx+GmgfFPwNcefpGv26zIGx5kMgJWWCUAkCSKQMjjONwOCRgkA9MooooAKKKKACiiigAo oooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKK ACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAo oooAKKKKACiiigAooooAKKKKAP/R/fyiiigAooooAKKKKACiiigAooooAKKKKAPnH47fHhvh TLZ6Lo9lHfavex+f++LCKKHcVDMFwWLFWAAIxjJPQHO+Bf7Qc3xP1K48N+ILGKy1SOIzxPbl vJlRSAw2uWKsM5+8QRnpjmt+0N8CtX+Jd3Y+JfC80Q1K0h+zSQzNsWWIMXUq2CAylmyDwQeo xzmfs+/ADXPh9rU/i7xdLEt75LQW9vC3mbA+Nzu2MZwMADPBOTXalS9l5nzkp4367ZfB+Fv8 z67oooriPowr8hv2ovGvhX4tft6fCb4FeJNbsdL8J/C1D4v11r25it4JL8BXsoG85lVmX90d vdJ34IBr9bdRvU03T7rUZIpZ0tYnlMcEbSyuEUsVjjQFnY4wqgZJ4HNfkB+yP+yBofx2j+In 7QX7X/w6lfxT488RXFxZaZrkFxbT6fp8PESiJ/LdQSxQbl5SJCDg0AXv+CfXjLw/8LPj58Zf 2QNK1e11Pw/Z6hJ4k8KzWtwlxAbG62GaBJEZlJiR4cqp+8spwOa3rLxL+0h+2P8AHf4m6N8M vibN8Jvh58KNSbQYX0+zhvbrU9UgZ1mlkaTb+7Vkzt3bSpQBSS7Dh/2mf2Wrf9mP4n/CD9pD 9kj4d3cj+HNXaz8QaR4ftrm9nudPukw8nkp5jAeUJombGAzx56VteFNd+IX7C/x0+KcepfDP xJ47+G/xV1V/Euj33hbTnvrizvbpmaWzubdinlnLBV3MCAoIDbmEYB59+yJ4s8efCH48fte+ NPjxdw634j8FaVp15qdzaotsl/HptrcPFMiAbY2uII0faBgM2AB0rqvAmg/t2/HH4I3f7Utl 8Xxoup69bXepaR4MTTYJdKfTlL+XaSysQ4aeNcLJguoKln3Ela/7OPw2+MHxx+Jv7V2o/Gfw Lqfw+h+LujWNpY/2jayCOOCe0ngtwsxCpLNbwtEZlQ5SQFWVGBUS/CT4+ftD/Av4IL+ytqvw M8Vaz8TfDNvPoujahp9l5vh67iLMlrdyXzMqxxRqy7jgghRuaMswQA95/wCCUH/Jkng//r81 f/0umrpv20fi18RPhn8QP2d9I8Da1JpNp4x8eabpOrRokbi7sZ5oVkhYyKxUMGIyuG54NN/4 JmeDfF/gL9kDwr4Z8c6HfeHdYt7vVGlstRtpbS5jWS9lZC0Uyq4DKQRkcg5HFYn7dXgjxp4u +I/7M994T0DUNattB+Iel3uoy2VrLcpZWsc8LPPcNGrCKJQCS74UAHJoA+XvBPww+Kc//BVL xvawfFO9guLDQ7XWbmcafblrzSWvbSQaOyk4SIIyx+cP3mFB6k1+yHjTRta8ReEtY0Lw5rUn hzVL+1lgtdShiSeSzmdSEmWOT5HKHkK3BxzX5j+Lrn4g/BT/AIKS3nxTn+HfiHxT4R+IPhqw 0CHUNFsnvIrO4a5tw8lyyAiNIhCWcMQ20hlBGa/V6gD+ej9kLx742/Zj/Zc+NP7Rlz4vm1vT NB1/VdKtvDU1rFHbXOt3EljFFqLzqfNzl8PEuF2BiCDzX01d/Dr/AIKB6X8FG/aQPxzafxjB pv8Ab8vhRtKtf7J+zLH9paxDD/loIvl3BRlvlD/8ta+ffh38GPir4v8Agj8d/wBh7xF8P9d0 PxDq2van4m0fX7mzddCuHt57SS3txeHEe648hlVwSu1ic5Uivfrv9rD9oTWfgNN8Cbf9n3xp H8XZ9IOgyzvp2zQkkaL7K18L4vt8vrIoxs3fL5hX5yAfoV+zJ8aYf2hvgP4P+MUdqtjL4htG a4t0OUiureV7e4VCSTsE0b7MnO3Gec1+af7dHw7+I2uftvfs+roXxGu9CPiWfVItIMdlBL/Y Ultb24nlh3n9+bkkFhJwuOK/RT9kb4J337O37Ovgv4Q6tcx3mpaJbzNeSwkmM3V5cSXUwQkA sqPKUUkAkAHA6V8mft76d8QPDPxr/Z6+PnhTwTrHjnR/h/qGr/2ra6JbNd3ka3sdusRESAnD BH+Y4UEBWYFlyAfO/jnwl8ddf/4KX6p4F+EfjdPDOuXfgCxttY8Ry2Ud1cR2ML27zTQ25IjE 006RLyQFDtgggV9Efs8+O/2g/hR+2BrH7Jfxn8c/8LK0e98NjxDpGrXFolreRBZxEY5PLJ3B sSBtzPyqlSoLLWj8LdC8a65/wUc174xXPhLWdH8Ma/8ADGySK7v7Ca3iju5rixmNnJIy+WLm NQweLduUq2Rwa3NT8EeNJP8AgqBpHxAj0DUG8LxfDtrJ9WFrKbBbr7bM3kG52+UJdpB2bt2C DjFAHy/of7XX7Q2kfsSfHT4vW2ovr/irwv48v9E0+7mt4nGm6d/oSq/lIiq4h85ypdWG5gX3 KCK1vhB4o+PWs674K8W/AT9pzTPjil5d2/8AwknhnVktNPnSzdd1xLBG5FzEUAIRQikNhjuU MtRfAjwp+1P8M/2TfjU/wx8HND4zn+IusahBpOv6bKv9qaRNBaJKbeGfyhKJAGKNyrhGRcsR Xzf8VvAWkftGX/hO2/Zp/Zl8V/CH4rw6taz32uSac+h6Tpix7mlJZWWJiG2upMUUh2/LknYw B/RpX5QWXiX9pD9sf47/ABN0b4ZfE2b4TfDz4Uak2gwvp9nDe3Wp6pAzrNLI0m392rJnbu2l SgCkl2H6uRhlRVdt7AAE4xk+uK/Inw1rPxE/YR+PPxWtdV+GfiLx58OPilq8niPSL7wpYHUJ rO9uWczWdxDuQLksFUlhwqlQ25hGAeafsmeMfHXwa+Of7X3jj49XcOt+IvBWl6bd6lc2qLbJ qC6fbTmGVEA2xtcwpG20DAZ8YHSvRPhT4P8A27/2lvhXD+0VF8cD4D1TxHHLfaB4cs9Mt5dM itgzCBLl5NzMJducsshVSGO4koOc/Z5+GXxj+O3xH/axvvjF4I1T4dp8XdFsbTT21C1kEcUU 1pNDbbZSFjmlt4miMyqcpICrKjZUbXwP/aS+O37NvwbsP2ePHnwB8Y69498HQSabpVxo9gbv RNSijJNvI16jYjRVKq5RZOBuO0kooBQ/4eD/ABY8UfspeFr7wvpVnafGvxX4uHw/AcL9kttU G0teLE28H5JYhsbKLI5JDIu1vXZfhd+3/wDBfxn4N8YeHviXL8btM1K/ht/E+iXtpY6YkFtI My3NpI8qBQgB2qhU7tuVdWZV+XR+w/8AH7wH+zB4M8faVYRaz8XvCvjr/hYtzo0bqTIZhB5l kj5AaVRbxOyqSCd6IWO3d9G65+1P+01+0BrvhL4dfs8fDDxZ8ML19Qt5vEuveKNIigtLGxjB +028IuUlSV2yCpwsh2gBBuJUA9Y/ZX+LXxE8e/tJ/tL+CfF2tSajongjWNKt9GtnSNVs4rhb syKrIqswby0++W6cd88b4G+NfxR1T9oz9q/wZqGvyzaL4B0qwuNDtjHEFsZZbCSV2QhAzZcB vnLCvILPxR8T/wBjj9rz41+JtY+FHijx54P+Lc2n6hpt/wCGLE6gyXFtHJiGRQVVCXnkVgzB hsDKrK2ap/sxeF/jrrHxY/aq+IfxQ+H+qeE7rx7o1pPp1tPbyOkiy2k5htoZwoSaaKJo0lWP JSTKMqsNtAHlfwx1j9vn4z/sjXn7Uf8AwvBtAPhmx1O80zTLfSrVzqkekmYzy3k7AASSNG8a J5bRgIpKgsTXSf8ACV/tx/F39lG6/bPg+L0fgx9I0y41Oy8NaZpcJtJ7bSt0dxLcTSl2MlwY pJAjK8ajaAAGwv0d+y74B8deH/8Agl83w/17w5qWm+KD4b8Wwf2Tc2k0N/51zc6g0Mf2Z1Eu +UOhRduWDAjORTfhn4B8d2H/AASrvPh3feHNSt/FTeCtetRpElnMmoG4mF15cItiol8x9y7U 27jkYHIoA4n45/tw+PdL/Z3+A9z4R1LSvCfjn44wW4m1rUjHHpujRJHCL67PnEooWSZSnmBl C7uGYCvIfEH7SnjD9lvxL4P8ZWn7T2iftAeFNY1ODTvEOiiXTmv7WO4yWvbMWk0jhI9p+UkI pKhgwbKS/Er9mX4na3+y5+zF8R9K+H//AAlmv/CC0jOs+DtTtMT39hcrEbiBra4XJkTyQBEU LfOWCkqFLb8aP8bPFvhTwL+zn+x7Y+DGkvY28Raz428FWdrZWVovEscQAAkcZJHzBztCqnzE qAewfFbx3+1R48/bz1n9mr4QfEFfBvhuTwza6pdXL2MF7Jp8SMnmy2qSAZmld0i+dsKrlhhg KT4V+If2m/Bn7S/jT9i/x/8AFObxNFrXhKTW/D3ih7CFNQ06VnEKuYuVk2t5mVd2BKKQVDMo 9W8J+CPGlt/wVA8afEC40DUIvC918PIbKHVWtZVsJLoXlkxgS5K+U0oVGOwNuwpOMA0X/gjx o/8AwVA074gJoGoN4XT4dtZNqwtZTYC6+2yN5BudvlCXaQdm7dg5xigDwX/gkp4J8c2Xhrx5 4tvfHNze+H4vE2s6bJobWkKwyagos3bUjOD5gkZAU8ofIAc9a+3/ANuX4m6p8If2TfiT460O ZrfUrfThZ2sqHDxTajNHZJIh/vRmbePcV8o/8E7rn4g/CXxL8Rf2c/iD8O/EOkXEviXWdftt dlsnGizW8v2eJI1usbGd9hdCpKsvGcjFfTX7f/w/1L4mfsefE3wvo0Rnvk05NRiRQWdzpdxF fMqAclmWEqAOSTigDzTw94s0r9ib/gnJoXjKxsFuZ/DXhmxultn4WbVtXaNj5mCDsN3c5fB3 bM45FfEL/GH402/wmPx6H7ZPhWX4gJZf2wfBXnaQdPKbfPOmBBN5nn7P3eQm8v8AJuz+8r7X 1/wY37aP/BN/SvDfhK5iXVPEnhnS5LVnYeWup6WYneBn6KDcW7wsx+7kkjjFfDVp4g0fR/hN a/DU/sPS3HxutbRNNFxN4Ps5tDlu4wIft73gT542I8wjGwnjzdvz0AfR1v8AtdfEHXfiJ+yx 8ZLfUZNP+G3xjt7nQtY0cLG1vBrqs8EbrKymQbrl9q/PykXIBJrnpP2x/icP+Ck8Xw2GpyD4 QtqLeEvK8uLyTrS2IkJ37fM8wXbCPG7G3tnivR/2hv2d/iHq37AWkeGdP8O6dZfErwG9n4ls dM8LWAgtYdUguGmmis7WANl/LmlH7sHzJcsB82K+Xb39nP4zj9gS0+KUXhnUP+F1xePD8Rm0 5bGc6l9vkvfs+z7Nt8//AFO2cx4yAM9eaAPvT9nX4r/EX4x/tUfHW7/tqR/hp4CuLXw3pdgI 4/JfU4gPt03mBPMLJJEwwX27ZRxxmvMf2HryT4d/tJ/tKfs3W5ZNE0TXIPEOlQH7tvHrCGWa NB2QBodoHHU9SSfbf+Cfnwl1/wCEn7MugW3jS1ns/Fvime68Qa0l1G0VwL3UZNwE0bgMkiwr ErqwBDAggdK8V/Y2hf4h/te/tPfHq0G/RptVsfDNjOOUnfSYRDcFG6FQIoSMZyGH4gH6gUUU UAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAB RRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUU UAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAH/9L9/KKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAoor8h9N/aI/bz+MHx2+MPw5+A0PgiPSPhhrI08trcV5HO8UzzrAd0Mjh 2xA287VHTA54AP14or8t9G/a+/aS+BvxR8MfD39tnwbomlaD41ufsWm+KfD00v2CG6IwsVyk zyEbmIBYmLapLbWVWK/p5f6hYaVaSahqlzFZ2sIy8szrHGg9WZiAPxoAuUVm6TrOj69ZrqOh 30Go2j/dmtpVmjP0ZCQfzrSoAKK/PbxH+038Z/gN+x9rnxv+PmjaJqPjnTLnyodO0i7C2UyT 3UVtARIrzk7PN3yBSTgY+XOR9x+DPEUPizwppPiKGWGU6hawTP5DB41eSNWZQQT0Jxyc0AdN RXg3i3W/jXa/HnwLofheDSH+HF7a37a/JcSAamk6QyG1FqnmqWUyBN+I2wu7kdR67e+JvDem Wk+oalq1paWtrIYppZZ44445B1R2ZgFb2PNAG5RUFrdWt9bx3dlMlxBKAySRsHRlPQhhwR9K noAKK5uz8ZeD9R1V9B0/XLC61NAS1rFdRPOAOuY1YsMfSukoAKKz5tW0u2eaK5vIYntk82VX kVTHH/fYE8L7nimaRreja/ZjUdBv7fUrViQJraVJoyR1AZCR+tAGnRWJq/ibw54feCPXtVtN Na5bbELmeOEyN6IHI3H2FX7rUdPso45ry6igjmYIjSOqhmbkBSSMk9gKALlFVLu/sbDyzfXM dv5zBE8x1Tc56KuSMk+gpbi+srR4Y7u4jhe4bZGHcKXc/wAKgnk+woAtUUVyWu+MNC0v7bpk ep2Y1qC1luI7N5k89giFgfK3ByvuB070AdbRXyL+w38c/GX7Rf7OGgfFjx/FZwazqdxfxSrY xtDAFtrmSFNqO8hB2qM/Mea+ndK8U+GdeuJ7TQ9Xs9RntTiaO2uI5njPo4RiV/GgDdoqvdXd rY20l5ezJb28KlnkkYIiKOpZjgAe5qlpmvaHren/ANraNqNvf2PP7+3mSWL5eT86Erx35oA1 aKrW15Z3lst5Zzxz27gkSRsGQgcHDDjjFVhrOjmzXURfQG0dtqzeanlls4wGzgnPGM0AaVFZ MWv6FPqsugwajbSanAoeS1WZDOiHozRg7gD6kUy38R+HrvVp9BtdUtZtTtl3S2qTo08a+rRg 7lHuRQBs0VQ1LVNM0azk1HWLuGxtIuXmnkWKNR7sxAH4ml07U9N1izj1HSLuG+tZRlJoJFlj YezKSD+BoAvUhAIIIyDXP3ni7wpp1pBf6hrVlbW1y/lxSy3MSRyPnG1GZgGOeMDmvM/2h/jP ZfAX4LeJ/i5LZpqx0G0NxBaGcQfapCQqIJMNjO7JIUnAOBQBz/7PfwHuP2f28Z+GtE1dLnwR rGryatoWliEo+ji7G+6tVk3kPB5vzxKFUoCwO4nNfRteafBvx7/wtD4U+EPiDJ5C3XiDSNPv 7mK2ffHDPd20c8kQOSRsL4AY5xjNel0AFFFFAHI+PtL8Va34J1zRvA+qx6Fr9/ZzQWWoSxGd LSeRSqzeWGXcY87lGQMgZ44rjfgL8GvDfwB+E/h74VeGCZrfRoMTXLLiS8u5DvuLmTk/NLIW bGTgEKDgCvYKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooA//T/fyiiigAoooo AKKKKACiiigAooooAKKKKAPif9qb4r+LvC2r6d4O8MXkmmJPai7nnhOyV97uiorjlQNhJ2kE 59qyP2YPi54y13xTN4M8S302rW01u80Ms7GSWJ48ZBkOWKsD/ETg4x1OfpD4q/Bjwz8V4LZt Vkksr+yBWG5hwWCMclHU8MueQOCD0PJzT+FHwN8L/CmS4v7CaXUNSuk8trmYAFY8glEVeFBI BPJJwOa7VVp+y5banzksDivrvteb3PXp2se10UUVxH0YV+Vn7B3/ACdj+2N/2M+nf+jdSr9U 6/I+z/Zc/bu+Fvxx+LvxK+AfifwLZ6T8T9XGoPFrLX8twkcLzNACsdmyIwE7bgHYHjB4oA6D /gsHcaXD+yVDFdgHUJvEWmjT8Y8wXIWZiU758oSDjnmuH8feD2/a1/b5T4B/Gqee58DfDDwl a61No0MzwW2o6pc/Z98kvlMrMo+0AZzx5e0YDvn0Pw5+xZ8f/ix8V/C3xR/bT+IuneLLTwPO LvSfD2h2zQ6cLoMrrJM7xwlgGRSVMbF8BS4TKt6V+0H+zF8W7/44aN+1J+zF4i0zQ/H9jYHS dSsNbSZtL1aw3blSVoA0ispwMADdtQh0KZYA+bte+Gvhz9in9uP4N2vwL87Q/B3xm/tDS9Z8 PpPLNZ+dZrH5dyiSOxVt06EH+EK4XCuy1+xlfnd8NP2Yfjl43+P+jftLfta69o13q/hG1kg8 O6B4bWcabYvOrLLNK9yPMeTDZ6tltp3bUVa/RGgD+Yqx8C+E/EP/AAR61DxnrOnJc614U8Qz PpdyzOGtmvdTs4JyoVgp3xnadwOO2DzX9A/7O3ww8B/CX4R+H/DPw70iPRdMuLaG+khjeRw1 zcxI0shMjM2WPXnHoK+FPCP7BHxGsv8Agn34k/ZJ8Ra7pMXifVb1763vbV55rBXS8hu4kdnh ilAbydjkRnbuyA2MH7d/Zs0X46eHPhbZeH/2hJ9FuvEmmuLaGXQjMbd7GGKNITL56IfOJD79 o24wRjkAA+Pvjt/yk8/Zn/7A3iX/ANN95XzP+y1+yp8KP2h/j/8AtN638Z7GbxJpOg+P9bt9 P0t7u4gs4bi5vLg3FyUgkjzKyJEgbPAXuQpX9D/iV+z14z8Y/ti/CD9oXTL3T4vDvw/sNXtb +3mklW9lfULWeCIwIsTRsoaVS2+RCADgE8E/ZY/Z68Z/A/xn8bfEXiu90+7tviT4wvvEGnLZ SSyPFa3UssiJcCSKMLKA4yELrnOGNAHzh/wTc0ub4eePf2jPgRpV7PN4T8BeKo49Gt55GlNr DdG53IrNz92JM+rAt1Yk/Rv7ecfhm4/Zt16w8Z/Ep/hZoV5NbxXmqQWz3dzPDv3GygiikjkZ 5yoB2E/IHDKULEO/Zx/Z68Z/CD4y/Hb4ieJb3T7nTfifrVtqWmx2kkrzwww/aNy3KyRRqr/v VwEZxweemYP25P2ZPEH7Unwk0/wr4O1m30XxF4d1e31vTnvVZ7Oae3jli8qcKrkKRKSG2Pgj G0gmgD8Pf2lJ/wBmCw+Dun+Mv2V/g3428Gat4XvLGe18a3Fpc2ljgOEG+5kuJPMkkYhkOxWD AYIXIr+nXw3ez6n4d0vUbohprq1glcgYBZ0DHge5r8nfjz+y/wDt+ftZ/DKbwP8AFnxV4H8K 2tg0Vza2Gix37RaleRMFDX08yyNDGiF2QRK+XxuTgFf1V8E6frGk+DNA0rxD5H9q2Wn2sN39 mdng+0RxKsvlM6ozJvB2lkUkYJUHigD8fPiH8DPCX7Qn/BUvxD4G+IJuLnwvZeCrPVL7Tobi W3i1D7NNBHDDOYWRmjWWZZcZHzIK6P4OfDrwx+y9/wAFI9d+FnwoSfSPA/ifwKdcuNIWaWeC O6iuPLDxiVnbcPKYrliR5jKMKQB9g6B+z14z0r9uTxL+0zcXunt4X1nwfH4fhtlklN+t0lzb TF3jMQiEW2FhkSlskfLjJBd/s9+M5/25bP8AaZS908eF7fwefD7Wxkl+3m7Ny828R+V5XlbW Az5u7P8ADjmgD8W/gd4s+Fnxyh8W/Gf9p34IfEf40eKPFmo3KwXuiaXcXukadYrjy7Szkju4 drREsCMHYAoXB3FvQtH+H/xT+IP7Evx1+GmteHPFei6N8LdTtvE/gJ/FVhPZ6lFp8Bmke3Uy fK7QW0UgxExCNLxwVWvtTw1+zF+2J+y7rHinQf2SPEHhPVPh54mvpdQtdL8UreLPo1xccOLd rYEPGqqoBZjnAzHu3M30z+yz+zt40+EfgfxJbfGrxlP8QfFfjm7lvNYklllksIhKGBtrSKXG 2L53LEIm7IG0KqgAH5E/txfFHxV+1Z4c+Ftz8OrnbceDPAMnxL1fyeRFMZIYHU44V7d45CPQ MexFfXC+N7P9sD9s34CDTts/h34f+EE8e36L9yPUdWjjFtC3/TSF/IkAPIG73rsf2L/+Cfmr /s9P8VbL4marZeIdO8ZWp0TS1tZppZINEZrgyRTCaKMI8vmoWRC6BlJyc89T/wAE9f2K/Fv7 JWmeM7z4jatp+ueIfElxaQQT2Es8yR6bYRlYELXEUTKxZ23IoKhVTDHGAAfYnx98c6j8Mfgd 4/8AiJo67tQ8N6DqWoWo2bx59tbPJEWU8FQ4BbPGM5r8t/gJ+wb8IPjD+yZZ/FjxubvUfit4 7sZ/EDeKmvZ1vLXUJy8sDx7ZAgER27wQSx3EkfLt/YbxR4c0jxj4Z1fwjr8P2jS9ctLixu4s kb7e5jaKRcjkZViM1+Wvhj9mP9vD4Y+BtR/Zp+G3jzwsfhdcNc21hruoRXbeItN0y7djJDFH GqwNKodthYkAk7XjGwIAfCPgTxD4p1b9h79m79nnQdWuNB0/4weNr/SNWvbVtkv2BdS2SQhv +mhmDY/i2bT8pYH6t/bQ/ZG+Ev7KfwQg/aN/ZqtJvAfjT4a3mnSx3Vtd3Ehv4Li6itXhuVlk YSBjKGbj5lDIwKtgei6B/wAE7/GLfsdeDfgprfiey0X4lfD7WbjX9E1vTGmuLW3vGuZJ4lJl jhkKsrLuOzKOoYBguGv+Mv2Z/wBtT9p+z0T4b/tTeKfCekfDvTLuG51OLwot5/aGtG25QSNc oEiUtz8oUBvm8s7UAAOG8a2th+2v+2t4W+DfxLe4b4c+FPA1p4vm0JJHt4b7Ur0wgGUxssjK iXUYHzfLsZRje+fZ4/2J/Dv7PWvfEr4l/BjXpfDngjXfCWo21/4R8uW4tpLwW8hW6jnlnJjK 4G1fLbGXUMqsFHUfHz9lr4ny/GDwx+0l+yzreleHvHPh/Tf7EutO1lJjpOp6YpJSKQ24aRCn QAKN2EIdCgJxPhX+yz8bfGfxl1H9oH9rrXtIvdb/ALFudA0nRvDgmWwsLO8DrO5knAdpSski jO/72S5wqqAL/wAE7HSP/gnd4KkdgqrYa+SScAAalfZzX5e6nLLB/wAEYfD80DtHLH4oZlZT hlYalOQQRyCD0Nfbfw5/ZL/bu+Fvw/vf2YvCnxA8Jw/Cq5luootae3un1+10++kZriOCDaIF kfzHbDM21mJWUcYmvv2AvjFdf8E+tN/ZQj1nQR4ts9YbUHujcXX9nGI3ck+BJ9l87dtcDBhA znnHNAHz9+3F+x18PP2Y/hD8Pfih8G7rUND+Jdt4ksLC88Ri/unvb2a+hnM1xIWlKrI0q78o F4LLgg12n7VP7Lfwm/ZM1j4A/FH4JWdzo3iePxzpWlX1+15cTTalFdB3me58x2UtIY2D7QoZ ZGUjbgD9AP23P2evGf7Sfwu0HwT4GvdPsb7S/EenavK+oySxRG3tFlDqphimYufMG0FQDzlh S/tjfs9+M/2hdG+HGneDL3T7KTwh4x0zxDdnUJJY1e0s0lWRIvKilJlJcbQwVTzlh3APzR/a U8e6D8UP28/FHgf40eBPGXxQ+H/ww06zTT/DnhSylvI/t93bwzveX0STQkL++dFYN8wVB90M G7X9kq41TwT+2Xbab8DPhV4/+Hfwd8baZcLq+m+J9JurawstWtopJo7mCRpJ0jEgiSMF5Mln ZAMFAv1n8a/2YfjZpn7QZ/ao/ZU8Q6Rpvi3VNPj03XtI8QLOdN1SCFVWNy9uGkWRVjjUABfu Ah1y4fR+BHwF/aXn+N95+0L+0/42s5tRjsTYaX4b8NzXaaLaxuCGklSbb5jgM2Awc5bcX+VQ oB+fv/BOH9ib4H/H79mufxv8adNufEt5dX19p2mh765ij0u0iIYi1SKRVV3neSRiQQSRxy27 lfCfh+z8ff8ABKL4iWXxBDa/P8Kde1K30Ce4kcvZ/Z2t1QphhkKtzKqq2VCtgDAGP1g/YV/Z 68Z/sxfAGz+Ffj290/UNWt9QvLppdMklltylw4ZQGmihfcAOfkx6E14p8Mv2I/Hfh/8AZB+K 37OfizW9Mj1fx5quq6hZ3dk009tCt2sBtxN5kUL5Dw/vAqkAHKljxQB9B/sT/DDwH8Mf2avA i+BNIj0keJdG0rWtR2PI/wBo1C7sLfzp28xmwz7RkLhRjgCvq6vlz9kXwV8f/hv8JbD4ffH6 60G9u/DcdtpukzaE07K2m2lvHDF9pM8ceZsocsoAIIyAc19R0AFFFFABRRRQAUUUUAFFFFAB RRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUU UAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAB RRRQAUUUUAFFFFABRRRQAUUUUAFFFFAH/9T9/KKKKACiiigAooooAKKKKACiiigAooooAKKo 6jqem6PaPf6tdw2VtHjdLPIsca59WYgCmaXrGk63ai+0W9gv7YnAlt5FlTI7bkJFOxPMr2vq aNFFFIoKKK/FW9m1r9sH9sT4rfBz4ofF7W/hv4c8AzwWOi+GtEv49LuNVVwRJcs7BhOMqr4K OwWVQuwA5AP2qor80vhf8Gf2lv2aP2jPD3hnwp4q1/4ofBHxNazrqTeILyK7vNCuYUbyWSWR o2KO+wYiQAqX3IWVWPh/w/8A2yfBHwH/AGoP2nLX45eL9Rkszrej2/h/Sx9p1CQbIrxrhbO2 XcsSD93vI2LkoCclaAP2dor54+EX7VHwP+OfgHWfiR8NfEI1PSvDqO+pI0MkV1aeXGZT5kEi h+UVirAFXwQpJU47n4Y/GDwJ8YPhnp/xd8CXsl74Y1OO4lgnkhkhdktZZIZcxyKHGHiYcjnG RwRQB6dRX5X/ALXn7ePhez/Y6k+KvwB8R3drqvjGZrLQr4afKCrWl3FFfbvOjKwsIi4RnAy2 Ch3Yr7h/Z2+L/hj43/CfRvG3hW6uby38tLWeW7t5baVrqCNBMSsyqzAsfvAYbsaAPb6K8l1/ 43fDvwz8W/C/wP1i+ki8XeMba6u9NthBI0csVmjySlpVUohCxsQGIzjjqKXxd8bfh34G+JPg 74TeI76S38SePftX9kwLBJIk32NA826RVKJhTxuIz2oA9Zor4b8W/wDBRX9lrwfrWt+F7zXr 2+8QeH9UvdIutMsdNuri7W409tlwwRUx5SNkCQsFbB2k4OPo74NfG34Z/H/wRB8QvhTrKa1o 00jws4R4pYZ48b4popArxuuQcMOQQwypBIB6tRXP+K/FfhvwN4b1Hxf4w1GHSNF0mFri7u7h wkUMSdWYn8gByTgAEnFfCtv/AMFQf2Qp9Us7SXX9StNN1CXyYNWuNIvIdOdycf614wwHqSgA HJIANAH6FUV8/wDxh/ah+CHwEu/DNt8VfEkeiR+Lor2bT7ho5JbeSPT445ZiZI1ZRlZUCDrI zBUBJxXmnwf/AG+P2Z/jf48i+GngvxBcReIbtWezt9Qsp7L7aiLvJgaVQGJUFgpKsQCQpANA H2XRXy38d/2x/gR+zrruneFPiHq9w/iDVIvPh03TrSW+u/s+SPOdIgQiZU43EFsHaDg4+Rf2 Yv2gNO+On7fXxL1fwD4tu9e8BTeENPnsLZpbhbWGdWtUmItJdoilD7w/yBsk9QckA/V6iuJ+ I/xC8LfCjwNrPxG8bXD2mhaBAbm7lSN5mSIEAkIgLNyRwBXxnqX/AAU+/Y303VLTT38X3Fzb XPkh7+3066lsrd50WRY5ZljI3hW+YKG2EENggigD9AqK8u8f/Gv4V/C74dn4seOfElppvhQx RTRXxfzEuFnXfELdYwzTNIvKLGGLDkDGa8F+Ev7e/wCzT8ZfGVr8P/DOv3On69qSl7C21Wyn sPty9jbvMoRyw5VdwducKcGgD7Lorx7wN8d/ht8RPiF4z+Fnhq/lfxN4Blhj1a0nt5YGj8/d 5bxmRQJUYLnchIwVP8Qylp8ePhnffGTVfgNaak8vjDQ9MXVr6AQSeTbWjlNrSXG3ylYiRCFL ZwQcYoA9ior4G1T/AIKZfsgaX4hn0RvFdzd2lpcfZZ9WtdOurjS4ps4Cm6jjKsD2dAykchiO a+hvij+0l8Gfg74K8O/Efx14iitvDHiq9tbHT9RgVrm2lkvYnnhfzIQwETRxs/mH5QBnPNAH udFfNn7Pn7WfwT/afbX0+D+qXOpHw08S3hnsp7ZQtxv8l1aVFUh/LfAzvGPmUcVt/Hf9pX4P /s36Rp2qfFXWWsZNZmaDT7O3gkury8kXG4QwxKzELuG5jhQSoJyyggHvFFfMPwI/bB+A/wC0 Zq2o+Gvhxrcp8QaTH511pV/ay2V7FEGCl/LlUb1VmUMULbSRuxuGfJtb/wCClf7JujG5t4/E F/ql/ZXN1bXNnY6ZdT3MH2Ngk0sqhAEiBPDkjdg7c4NAH3vRXmPw7+Mvwy+Kvw6g+LHgbxBb X/hSeKWY3zEwJCsGfO88ShGiMeDvEgXaOTxg18pJ/wAFNP2Pn8QjRR4ruRZG5+yDVzpt2NK8 /dt2/ajHtx3342Y+bdt5oA++6K8l+Kvx1+E3wU8Br8S/iV4kttJ8OSmNYLn5p/tLzKXjS3SE O8zOoLAID8oLfdBI+fPhv/wUJ/Zm+Jvj7T/hrper3+ka7rLKmnR6tp1xYpeu5wiwvIu3LnhA 23ceFyxAoA+3aK/Nz4PeNPEc3/BRf9ovw7rOu3b+HdE0XQJrazuLqQ2VpvsbV5XjidvLi3Es zsoGSST1NfWHwZ/aN+FX7QEmvN8KNQuNasfDtybS4vxaTxWMk4JytvcSIsc2ANx8ssApVujK SAe50VzHjPxn4V+HnhfUfGvjfVINF0PSYjNdXdy2yKJMgAk9ySQqgZLEgAEkCvjbwZ/wUm/Z K8beKLDwtZ+J7nTH1eXybC81PT7mysbt84wlxKgReeMybBnA6kCgD7wor8T/APgpT+0jo7fF b4efs7QeM9f8I6LHqTyeM5tFiuYbo2kkNvLbJbyxofPzHNISib1V9pdCVAr9Tv2ffD/hbwz8 FvB+meCNU1TW9AksI7yxvNakeXUZre+Juka4aRI33YlxtZVKgBcDFAHsVFfkh8Dv27NN8e/t vfED4f6r4g1C48J366ZpnhOx/s6aOOO6EYN20wEQZC0u/Ek3BXAU7cV5X+yf+3v8Lvgx4J+I el/H3xnqeq+IJfHmuNZ2pW61S6h0yKK1VWydwit1cSbQWUZD7QcNQB+4dFfHfxC+Nfwc+NP7 JXi74meD/iDc6R4PnsZo59e0mOYX+nNGyiTEI2TpMmR8hCttYMPlIJin/ab+Bn7O/wCz/wDC /XPHfjO71ay17RNLi0a5lt57jVtbUWkJW4NuoeXzJFZXlL4Cu4Vm3MAQD7Jor5h+BH7YPwH/ AGjNW1Hw18ONblPiDSY/OutKv7WWyvYogwUv5cqjeqsyhihbaSN2Nwz9OkhQWY4A5JNAC0V+ f3iT/gpv+yP4d1K8sofEF/rdrp03kXWoaZpl1dWELg45uAgRx6NGWB7Zr6bvv2hfgzp3wdX4 /wB34qtV8Avbi6TVBvaN0Z/LCqgXzDIZPk8sJv3/AC7dwIoA9mor899P/wCCoP7H93ZS3l74 kvtKZPKaKG80u7iluY5nCLJAuwiRcnnByBkkYBI+hPjp+1L8Ev2c10yH4pa8bLUNaLCxsLaC W8vbnacEpBArsFzxubCk8A54oA+hKK+VPgR+2f8AAX9onxFf+DPAGrXMHiXTYjPNpep2ktjd iFSAXVZBtcAsMhWJGQSADmvK/g98UfhR8NY/2h/iFf8AxK1rxXpfhnxTfy63FqFvcsmgyJNI r2VkrFzJBGx2r5Q24UYGKAPv+ivz91L/AIKffsb6bqlpp7+L7i5trnyQ9/b6ddS2Vu86LIsc syxkbwrfMFDbCCGwQRX3ppmp6drWm2msaRcx3ljfxRz288LB45YZVDo6MOGVlIII4INAF6ii igAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooA KKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACii igD/1f38ooooAKKKKACiiigAooooAKKKKACiiigD89f2ybrW/wDhKdDspS40gWZkiHPltceY wlPoWCbPoD71ifsh3Wtp8Qryzsi502WydrpefLBVl8pj23ZJA74Le9foN4i8LeHfFth/ZniX T4dRtgdwSZQ21vVT1U+4INReGfB/hjwdaPY+F9Mh02GQ7nES4LkcAs3ViO2Sa7FiV7PksfPS yWbxn1nn038/Q6SiiiuM+hCvyxuvAn7Gn/BRvxb43sfEvha+0Px78PL+TRb2czJYasUt2MYm 2wySxyxB1ZEaZGK7cfKCAf1Or4c+OX7AHwU+Nfjlvinb3useA/GsibZdW8NXa2M1wwxh5wY3 VnAGCy7XYYDMcDAB8WL4Y+Jn7AX7T3wd+HvhL4oar45+HvxT1I6TJ4f1mUXNzYqXihE8fIVV RplffEkX3GVlYV6x+xx4X0O+/bu/ax8X3dpHLqukajpVpazsgLwxXq3LThGIyu8wR5x1xzX0 L8DP2Dfg78E/HH/C07jUda8e+N1i8qLWPE14L+4tgQQxtwEQIWDEbjuYAkBgGbPsXwx/Z68F /Cf4l/En4qeHbzULjVvildWd3qcV1JE9vDJZLMsYtlSJHVT5zbt7yE4GCOcgH51fDnTbTR/2 tP23NG0W3W1tZvD9jcGGJQqNNNpryu20cbmeV2J7lie9ew/8E+tc0rSv+Cb3hjWL65SO10rT fEUly5YYiWK/vnbdnpheeexBr6w8H/s6+BvBfxl+IPxw0+5vrrW/iTDZQalbXLwvYoljEIUE Eawq43Kvz75HBOcYHFfKth/wS9+BmlapeWmm+KvF9r4F1C7F7c+D4tYaPQp5AwOyWFYxI8eA Fw0hfA+/QB+fWn/8oQNT/wCwkv8A6kUVfvz8OyD8P/DBByDpdl/6ISvnTQ/2Kfg/ov7L95+y VJcapqPgu980tNc3EX9oLJJdfbFkWWKGOMNFMFZMxEcAMGGc+m/s/fA/T/2e/h8nw70rxPrf iqzhuHmiuNduUuriFGREWCNkjjCwoEyiY4JODjAAB8W/HWWK2/4Kffs3S3DCNJNE8QxqzHAL mzvAFye5JAA7kgVT/ah1Sxm/4KK/ss6LHKrXlpFrs8sYI3LHcW7LGxHXDGJ8fQ19W/tKfsl/ DX9p630C48XXep6Dr3hWZ59J1nRbkWt/aPJtLBXZXUqWRG5XcpXKMpJz5V4A/wCCefwi8C/E vwr8Zp/E/inxL448MXF1ctqusakl7PqBuYBbiO7MkJJjhXcYhGUILtvZxgAA8U/4J5aP4Rb4 /ftZa+kcL+KE8f6pbSOcGaOwa9unjC91SSUPuxgMUGc7RjU/Y+t7DS/25f2rdH8CJEnhGO60 WWZITiKPVZIpDcBVHyhjMbgPjHKgEcYHzd+zh+yxo3xy+Nv7S/i6Hxp4o+H/AIj0n4h65Yx6 j4Z1E2Es1nPdzO8Mw2sHTcNwxtOeSTgAfrX+z/8As8fDf9mzwQfA/wAObeYx3E73V7fXkgmv r+6k+9NczBV3NjgAKFA6Ac5APJP2+vHfwm+H/wCzL4i1P4z+HJfF/h+8ltbVdHiu5bI3120o kgjaeFleNFaPzGYZwE4VjgV+b37Yd5+2Vqf7HOuD4qeE/Anw5+G9jb6WkOkQS3N1rK7bmBLS CBlZrdGT5d2MEIrDpmv2R+OXwQ8A/tD/AA31L4W/Ei2kuNH1Io++B/KuIJom3RzQvhgroemQ QQSGBUkH41m/4JjfCvxHoDeGfij8RPHfj3Tra3e30yDV9b82DSyylEntYREIxNGpIUurpjgx 4AFAHzR8a/D+keM/F/8AwTy0XxHbpf2F3ZmSaGZQ8cvlWWkShXU5DKWUZB4I4Ne5/t56bYw/ tI/ska9DCseoDxmLTzlADmB5bUmMsOSuc4HQZPqa+n5v2Qvh3dXnwTv7zWdauJ/gPDJBobPN bZuY3iggxfYth5hVLdADF5XcnOa7X4u/s9+C/jP4t+HfjPxTe6ha3vwz1ZdZ01LOSJIpbhWj YLcCSKRmjzGOEZD1+agD4n/ZGt7DUP27/wBqrVvFscTeL7K80qCwMhzNHpDRygeVnkKyJbeZ jgHYO/Od8B9H8I6J/wAFTfjra+EI4YIpvDFlPdxwACNb6ZrJ5+F4DMx3v/ts2ec19O/HL9i7 4f8Axn8e2PxZ03xFr/w78c2dv9kfWvC96LC6urboI7htjb8DgMMNjCklVUBn7Pv7EHwl/Zu+ IGsfEvwPqmu6jrev6f8AYL+TVr1Lz7QzTLPJcu3krIZ5HUFzv2dcIDzQBP8At9/8mbfFj/sC yf8AoaV8+3fgTwpp/wDwSUOjW2mwLaS/DSLV3QRrhr6XT1v2nIx9/wC0HzN3XPOa++vi98L9 A+NPw08Q/CvxTcXNrpPiW1a0uZbN0S4RGIOY2kSRA3H8SMPasC5+BvhK6/Z/H7OEl3fDw0PD ieGPtAki+3fYo7UWYk8zyvK87yxkt5W3dzsxxQB+GXxkfxtrPwj/AGCvDeif2VPDewK0EPiF pjos+pQJZJZpfLD8xjAYooHUOy9M17T+134G/bK8YaH4Lvfj14k+D/gdtC161u9D1W2utXsr 1b+IMywQzTRzYV9oZlC9UU5BUV+kHib9jj4L+M/2fdA/Zu8WW95qnhzwxbwQ6bdyTKmpW0ts hjjuEmjREEoViD+72MCQUI4rybwZ/wAE7PhnovjzQfH/AMQ/G/i/4o3PhRxJo9r4p1QX1pZO hBRljEaZZCqkDIQkAlDgYAPKf2ir6w/Zd/bp+HP7S17Mun+D/iZYT+FPE054ijuYVD2c8p6A ttiGeyQv0zz85eCbLxj4k/Yu/af/AGxpYpbfxL8Ymv5bM5Ilt/D9nIbZUVhyAsZmU44KRoc9 DX64ftGfs8eAf2n/AIZ3Hws+IzXcGmy3MF3HcWDxx3dvPbtlXieWOVASpZGyh+RmAwcEdz4P +GnhDwT8NNK+Emk2Sy+GtJ0yPSUt7gLIJbWOLySJhgK5kXPmHHzEkkc0Afjv8DfDH7Zl1+xv oOg+EbT4N/8ACqNT8ONJM2pHVxKbWaItdS37R/uRcK28zsPlWRWxgKK8R+K3gSew/wCCdvwJ +HGu+KdJ8Z2B+JlpZRahol1Ld2b2lwuo/u1lljibMZdkK7QFwAOlfoJff8EvPhIbe98MeHPi D458O+A9Tna4ufCtjrWNIcucsgikidth6NvLsf72QMfRHjz9jz4O+Ofhf4E+D0UV54c8MfDr VrLWNLg0qWONvtFisqoszTxTF1kMztKeHdzuL5JyAfSGj+H9C8PW62mg6dbadAkccSpbRJEo jhG2NMIB8qDhR0A6V+dP7aPwwvfHnxu+FHiD4PfEjRfCXxt8MR302h6TrWJIdStJkbziI9kp UqscgDeWcjOCrIrD9La+X/2j/wBkv4Z/tMx6HfeK7rUtA8ReGJHk0vW9EuRaajal8FlWQq4K kqDgrkHlSpJJAPiv4NfFvx5pv7ZnhzwF+1t8JdF0T4seItGuIdF8V6HMXjurO1SaVo5I/NlA DLHINxIcEKDGFKldP/glTo3hBPDXxn120ihbxLceO9Ttr2TA88WcaxvbIe4j3vMV7Ft3XHH0 v8Ev2Jvh78HviC3xe1fxN4j+Ivjr7MbOHWPFGoG/ntYH3B0txtTYGDEHcWIBIUqGYH82P2KP 2RNC+N/hr4pePIPHXiz4f68vjrXNIuZ/DWpmxW909EtpkhuEKOG2vNIVIx9453YGADzPxRca h4b+BH7eGlfC7Fv4Pt/Fmmw2gtGKxR/aNQ8rU0iCfL5fl7IyBx5ZI+6BX0Ja+Df2ytV/Y5t/ CEifBax+EF34Wj/0mZtYTydPktg4u3kwY1uFz5pkwcTfNya/UD4Z/s1fB74U/B2X4FeGtDSb wnewzw38V2RLLqBul2TyXUgCmR5F4JwMABVCqqgfIk3/AAS4+Ekll/wiEfxE8dxfD03BuP8A hExredIBL+Z5YjMRbZn1Jkzzv3c0AfNGreJvDnw7/Zy/Zd+G2teG9L+PXxPnvrlPB72OrXCa Ikljd7Ibhpm8kSrDG0EQjljCArINwVTu4j9sO9/aqvfHn7P+sftJweDNGU+NtP8A7K0/w+11 LqMeJoTO8805ZDGP3YPltgttJ6V+pPxq/Yq+DPxn8F+DfBzpe+ED8Oyp8OX2gzi0u9MChBth dlkGD5UZJI3blDBg3NeNaj/wTL+EfiZrLWvHvjzxv4q8Xabd2t3a+INS1hLrULUWhLpBCJoJ IFhLkOymNm3AYcDIIB+a/wC1f8O/j/8AE39sH9qHw/8AA+7EVrb6Fod5rtojlLnUbG30yyYW cOxS7GQ5YoCocLsJO4K37MfsT/EH4SfEf9m7wjrHwY0uDQNCs7cWc2lQHJ0+9hA+0QSE/M77 zv8AMf5pVYSHl67fwn+z14L8HfHfxx+0Lpl7qEviPx/a2Npf280kTWUcdhDHDGYEWJZFYrEp bfI4JzgAYAwPg7+yv8PvgT8R/G/xC+HWoapZQePZvtN9obTQNo8Nzu3efbQiBZYnyXGPNK4c jbhUCAHyN/wVidH+EHw203XJfJ8I6h470mDXG3FF+xmKdiHYEYTALE9mCnOcV6X/AMFIPDfw 7H7EHjS21iztLey0W1s20dVREW3uknijtltgMbcg7MJ/yzLD7ua+wvip8LPAvxp8Cap8NviR pi6toGsIqTwszIwKMHR0dCGR0YBlYHII9MivivQf+Canwktb3RIfHPjfxn8QPDXhiaObS/D3 iDVxdaRbGIYRTbrEgZVHAXhdvysGUkUAfOPxCv8AXdU8ff8ABO7U/FDSPrF3Zyy3jSkmRrh9 O0tpC5bneWJLZ5zmv2krwb4lfs7+CPil8Rvhp8Tddur+01L4V3N3daVDZyQx20rXiwq63CPE 7MqiFdojePHOSeMe80AfmH+zuQP+Ckv7UKnqbDw0cf8AbjDXN/8ABKrwpoCeEvjR4w+xRHVt R8f6vp005RTI1raxwSxxFsZ2B55Dt6ZNfUPiP9jH4fa3+0fbftPaT4j8Q+G/FBezbULbTL1I bDVBYhEjS7iaJ2ZGSNEkQOFYKCAGyx9I+AP7PXgv9nLQPEXhzwReahe23ibXbzxBctqMkUrp dXqRJIkZhihAiAiXaGDMCTljxgA/HLwRZWuj/sh/txeH9LiW207TfF+uRW0EYCxxIkiIqqo4 ACooAHYCvV/EHwwvfHngf9kTxB8HviRovhL42+GPBGmTaHpOtYkh1K0m0uLziI9kpUqscgDe WcjOCrIrD7wsf2LPhZYeAvi18O4dU1ltN+Mmp3eq6vI09uZ4J71t8i2jC2CogP3RIsh9SazP ib+wt8Hvif8AD34feB76/wBZ0e/+F9ha6doOv6bdJbavBDaQxwrvmWLy2LCJWbEa4bJTZk0A fLfwa+LfjzTf2zPDngL9rb4S6LonxY8RaNcQ6L4r0OYvHdWdqk0rRyR+bKAGWOQbiQ4IUGMK VK/pn8WvEPhXwl8LfF/ifxykknh3StIvrnUUhZlle0igdpkjKsjB2QELhlOSMEHmvnb4JfsT fD34PfEFvi9q/ibxH8RfHX2Y2cOseKNQN/PawPuDpbjamwMGIO4sQCQpUMwP1d4m8N6J4y8N 6r4R8S2i3+ka3az2V5bvnbNb3CGOVDjBwysRwc0AfjB8MfE37Tnir9mO8PwG+GXgX4T/AANu dN1SeH/hIL691K7fTn803Mp2MSzP8/M64xgZ27TXyN4Hlsr39lL9kPQ/GoR/AN38SrxdZE5x bcX37pJs/L5bRvOWz/DuPrX6oeHv+CZHwq0SyXwhd/ELx1qvw9jnM6+EZ9bKaK25zIY5IoY4 2aPed2AytnksTkngfj58FPhT+yX+yOvwvk8Daz8V/hfda/5+qrcXqDUNBt7oFje2r29qpKwS LlQ2DmQh5NjEAAp/8FgdL8Ef8M8eFr7VIbePXbTxJZRaS2FEwR45PtEaY58vYoLAfLlUzztr b+PfxJmP7auneEv2efhXYeNvjfonh0yXOua1qM1vY6TpUrZ8tYBIEZj5wLOoVwJdo3bmx+bX jv4c/s2fHjU/A/wv/ZL1zxl8WPFt7qloJdQ1+e8ks/DmjRZa4jXz4baNFPynowwmFbcVDftZ 8c/2JvAXxo+JNh8ZNO8UeIvh945srYWTar4avhZTXFupOElyj5wCVypXK4DbgFAAPz/8KN8b E/4KofDOX4/T+Gf+EuuvC1+zweFluBbQWv2e+8mOdrnLvNlWbJJ+Urg4xXH2H/JC/wDgoP8A 9jlrP/pZLX6IfD7/AIJ8fBr4b/FTwx8bdH1/xPfeN/Dz3clxqepamt9Pq7XcJt2/tBpoW3bI mKp5PlYBydxAI66L9iv4WQ+E/jF4OXVNZNl8btTutV1pzPb+bbz3cjSutmfs+1EDMdokWU46 k0AfPl34E8Kaf/wSUOjW2mwLaS/DSLV3QRrhr6XT1v2nIx9/7QfM3dc85r6c/Yilkm/ZE+ET ysWI8N6euSc8LEFA/AAAV39z8DfCV1+z+P2cJLu+HhoeHE8MfaBJF9u+xR2osxJ5nleV53lj Jbytu7nZjiun+Ffw40P4Q/Djw58MPDU9xc6V4YsorG2lu2R7h4oRtUyNGkaFj3Koo9qAO/oo ooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKA CiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoo ooA//9b9/KKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigCvbWlrZo0dpCkCsxYhFCgsepIHc9zViiigAoo ooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKA CiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoo ooAKKKKACiiigD//1/38ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD/9D9 /KKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooA//R/fyiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACop/O8mT7NtEu07N+du7HGcc4z1xUtFAH5gaPdftL6Hp37VWkW/iqbxn8R tJsNMn0lrWAwW9tc3WltN5OnWbPKEEecRglmldQz7mY0v7MPxI09P2hNL+Hfw313xd4h8Ia1 4NuNS1JvFf8AaUkkWtWF3bRyPC+pjzFcrclbmOE+SHZNvIIr7dl+CPg641X4j6rdTXkrfFC3 trbVI/OCLHHa2hs0+zNGqyRsYzksXYh+VK9Ky/hl8BtI+HXiS58aah4l1rxn4imsI9Jh1DXJ oJZrXTopDILaEW0FugVn2tI7K0kjKpdzgYAPdaKKKAP/0v38ooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigD/9kA --------------9935E285BD1D8997CAECB45F-- --------------C72957B4FBC7353E7026BBB1-- From nobody Fri Dec 4 10:38:08 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8D6713A0B5D for ; Fri, 4 Dec 2020 10:38:06 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.098 X-Spam-Level: X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=pingidentity.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ecds8jrjPNwJ for ; Fri, 4 Dec 2020 10:38:03 -0800 (PST) Received: from mail-lf1-x12b.google.com (mail-lf1-x12b.google.com [IPv6:2a00:1450:4864:20::12b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 11FEA3A0B5C for ; Fri, 4 Dec 2020 10:38:02 -0800 (PST) Received: by mail-lf1-x12b.google.com with SMTP id u9so3461052lfm.1 for ; Fri, 04 Dec 2020 10:38:02 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=qj5tzuHniC2tJR2jgaaI0Tv3KF3TMGghImhemr7mrko=; b=WaYysmLHsinNuBAH834JAT+p68zSOaZnMw4x8v9ArExFlQFyYnqAM0m4bBzZaIvQfc 779OGr+inF+PA/4XUhuzu2TLQ+L03jPOxZZtO0QhYxcY/NsqqeMVgp4firVwwfnsx2QU XwZsXbbq9SvNMnkUWOe+cctLPwelkbEvfvaP7EL+GLBhP4S5j1uVAUbpCO0X9XEwtkhC ffyjmCXin8D2iZrCgTmFqS0Q9oZOniLi60C5Bk1oju9VnEGvH6IhsPoOW5LlflvDV1XC /Hw91jlNPCtuS4LxGAopCN0eiLy4zv2IrXkyRyql6DEvgj9Co36r6MGaVhFqVtOXScn+ Ap2w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=qj5tzuHniC2tJR2jgaaI0Tv3KF3TMGghImhemr7mrko=; b=qsQyYPK1OR2WlitQXGUr1z0FsedA4Xk6mQPTpVL8Xi9VE+MLPAFtb5BqHAwI9MEKQi wnGcd3AF3gGbJximjMedTI4vNxZZffjlLVPS+/ip7jSxJwSpiPkTOqFRWl8GAEl7uxUx 0kCjACH9LmOWcyAsDYBWRe67WjPiGpJeWTmXIztgQu4BFi5Svmt/WkLQEubOoG0KSvrC /zOH1aQpqNnCSuYqlUKBRFYNuW7vH8mWh89PoAY9TqUj4bbwvgtQpRknf4pPVHQqrMNF NSEW3NPCcgiffLqHIK/sCKzVqLZf1D2O4Bv3446TMAO3FJ3lUi4uIJPSe8Ss43eNQDIU AKtw== X-Gm-Message-State: AOAM532h1eU9+24coRQ6eM66WWNKXPjHktJVmGPGTEe1AT9oFdcSaje8 Cj4NkCSTrIx8nI/xI2sYUtJA16vP6PyuogaypygDb5xZ3E2diTlyip1ANskhXhlqOpYGAUIg8+2 9KxPFJY82xxweOw== X-Google-Smtp-Source: ABdhPJzaqa4IigQuwJiI+u61HxHkkpzP31QaFf2ousa5ZfiE1a4oLHigLHh5BsHH5+wUqnYxu4XrLooQKaomme1tazg= X-Received: by 2002:a05:6512:3218:: with SMTP id d24mr3718250lfe.358.1607107080781; Fri, 04 Dec 2020 10:38:00 -0800 (PST) MIME-Version: 1.0 References: <1b584adf-14f9-ba2e-657d-f22b57d87675@free.fr> <4cb35c85-e13a-aabe-1e74-d6eb244189cf@free.fr> <49cbbea5-df0e-f864-cf8b-ec9c3768bc18@danielfett.de> <699AB5C1-D9DE-4BCE-9D51-C10C7B88CD75@forgerock.com> In-Reply-To: <699AB5C1-D9DE-4BCE-9D51-C10C7B88CD75@forgerock.com> From: Brian Campbell Date: Fri, 4 Dec 2020 11:37:33 -0700 Message-ID: To: Neil Madden Cc: Denis , oauth Content-Type: multipart/alternative; boundary="000000000000aaa98c05b5a7c634" Archived-At: Subject: Re: [OAUTH-WG] Reminder - Interim Meeting to discuss DPoP X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Dec 2020 18:38:07 -0000 --000000000000aaa98c05b5a7c634 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable The client is not necessarily identified in requests to the RS (it could be via the access token but that's an implementation detail that can't be counted on in spec) so maintaining a per client list isn't viable. That as well as some other considerations/approaches were talked about in https://github.com/danielfett/draft-dpop/issues/47 with what's in the spec now maybe not being perfect but good enough. On Thu, Dec 3, 2020 at 5:09 AM Neil Madden wrote: > I think perhaps an assumption in the DPoP draft (and in the description o= f > =E2=80=9Cjti=E2=80=9D in RFC 7519) is that the server will maintain a sin= gle global list of > recently used jti values to prevent replay, rather than maintaining a > separate list per client. That could perhaps be spelled out more clearly = in > the draft, as I think the entropy discussions only really make sense in > that context. If the RS instead maintains a separate list per client then= a > simple counter is sufficient. > > =E2=80=94 Neil > > On 2 Dec 2020, at 15:17, Brian Campbell < > bcampbell=3D40pingidentity.com@dmarc.ietf.org> wrote: > > The conversation at > https://github.com/danielfett/draft-dpop/pull/51#discussion_r332377311 > has a bit more of the rational behind the choice of 96 bit minimum. > > On Wed, Dec 2, 2020 at 7:07 AM Denis wrote: > >> Hi Daniel, >> >> All your arguments make sense. I agree. >> >> A minor point however. The size of the jti" is currently mandated to 96 >> bits minimum. This is unnecessarily long for a time window of a few minu= tes. >> The jti" does not need to be a unique identifier valid for ever. It can >> simply be an identifier used during the time window which complements th= e >> "iat" claim. >> >> Using both the "iat" claim and a 32 bits pseudo-random number will be >> quite sufficient. It is also has the advantage of using less memory and >> it is easier to flush the entries looking at the 32 first bits only. >> >> Denis >> >> So what you are proposing is that the time window in which an RS accepts >> the DPoP proof is defined by the expiration time of the access token? >> >> DPoP proofs are intended to be generally be short-lived and fresh for >> each request in order to provide some level of replay protection. There = is >> no point in making the time window as long as the (typically longer) tim= e >> window in which an AT would be accepted. A DPoP proof that is valid for = 12 >> hours would not provide much replay protection. >> >> The time window is left unspecified because it is only meant to account >> for clock differences and network latency. Its precise value can depend = on >> deployment considerations. It is not intended to give the client an opti= on >> to re-use proofs, which is prevented together with the jti. >> >> Also this would introduce new, unwanted and potentially surprising >> dependencies between token lifetimes and the DPoP usage. >> >> And finally, as discussed before, not all access tokens are JWTs and we >> are not going to mandate JWT access tokens in this spec. >> >> -Daniel >> >> >> Am 01.12.20 um 09:54 schrieb Denis: >> >> Hi Brian, >> >> Hi Denis, >> >> The choice to use "iat" vs. "exp" was made in the summer of last year. >> You can see some of the discussion from then in >> https://github.com/danielfett/draft-dpop/issues/38. >> I believe it pretty well has consensus at this point and thus unlikely t= o >> be changed. >> >> I fear that you misread my email or read it too fast. My point had >> nothing to do whether using *either *of "iat" *o**r* "exp" in the DPoP >> proof JWT sent by the client. >> >> The first sentence of my email was: "One comment on slide 5 about the *t= ime >> window*". So the topic was all about how the RS SHALL handle the "jti" >> claim included >> in the DPoP proof JWT when using a time window. >> >> While I do believe there are reasonable arguments that can be made on >> both sides of using either of "iat" or "exp", it's difficult (and honest= ly >> time consuming and very frustrating) to try and have such discussions or >> even respond in a coherent way when fundamental aspects of the draft are >> misrepresented or misunderstood. For example, the DPoP proof JWT is crea= ted >> by the client not the AS so the advantages you put forward are >> nonsensical in the context of the actual workings of the draft. >> >> Section 8.1 addresses the topic of the *time window*, but this topic >> should not *only *be addressed in the "Security Considerations" section >> but in the main body of the document, since some checks MUST be done by >> the RS. "Security Considerations"are intended to provide >> explanations but are not intended to be normative. >> >> Section 8.1 states: >> >> " If an adversary is able to get hold of a DPoP proof JWT, the >> adversary could replay that token at the same endpoint (the HTTP >> endpoint and method are enforced via the respective claims in the >> JWTs). To prevent this, servers MUST only accept DPoP proofs >> for a limited time window after their "iat" time, preferably only for >> a relatively brief period. >> >> Servers SHOULD store, in the context of the request URI, the "jti" >> value of each DPoP proof for the time window in which the respective >> DPoP proof JWT would be accepted and decline HTTP requests to the sam= e >> URI for which the "jti" value has been seen before. In order >> to guard against memory exhaustion attacks a server SHOULD reject DPo= P >> proof JWTs with unnecessarily large "jti" values or store only >> a hash thereof. >> >> (...) ". >> >> The previous text makes the assumption that RSs MUST only accept DPoP >> proofs for a relatively brief period after their "iat" time included >> in the DPoP proof JWT. This assumption is rather restrictive. A client >> might get an access token and associate it with DPoP proof JWT that >> could be used during, e.g., 12 hours. A DPoP proof JWT/ access token JWT >> pair could thus be used by a client during, e.g., one day for >> several sessions with a RS. >> >> The *time window* is currently left at the discretion of each RS and is >> supposed to be short (without stating explicitly what "short" may mean).= . >> >> It would be possible to mandate in the JWT the inclusion of the exp >> (Expiration Time) Claim. (I am *not* advocating the inclusion of the >> "exp" >> claim in the DPoP proof JWT). >> >> In this way, for a RS, the *time window *would be defined using the >> "iat" claim defined in the DPoP proof JWT and the "exp" claim defined in >> the JWT. >> >> Such a description should not be done in section 8, but in a section >> earlier in the main body of the document. >> >> This would have the following advantages: >> >> - The RS would be able to better manage the "jti" claim values, >> because it would be able to discard "jti" claim values as soon as the= y are >> outside the time window as defined above. >> >> >> - The client would know whether a DPoP proof JWT/ access token JWT >> pair is still usable, in particular using the "expires_in" status cod= e >> returned in case of a successful response from the AS and is thus >> unlikely to get a rejection of both of them because of an unknown tim= e >> window used by a RS. >> >> Denis >> >> >> On Mon, Nov 30, 2020 at 8:45 AM Denis wrote: >> >>> One comment on slide 5 about the *time window*. >>> >>> At the bottom, on the left, it is written: "Only valid for a limited *t= ime >>> window* relative to creation time". >>> >>> While the creation time is defined by "iat", the *time window* is >>> currently left at the discretion of each RS. >>> >>> It would be preferable to mandate the inclusion in the JWT of the exp >>> (Expiration Time) Claim. >>> In this way, the *time window *would be defined by the AS using both >>> the "iat" and the "exp" claims. >>> >>> This would have the following advantages: >>> >>> - The client will know whether a token is still usable and is >>> unlikely to get a rejection of the token >>> because of an unknown time window defined by a RS. >>> >>> >>> - The RS is able to manage better the "jti" claim values, because it >>> will be able to discard "jti" claim values >>> as soon as they are outside the time window defined by the AS in a >>> JWT. >>> >>> Denis >>> >>> All, >>> >>> This is a reminder that we have an Interim meeting this Monday, Nov 30t= h >>> @ 12:00pm ET, to discuss the latest with the *DPoP *document: >>> https://datatracker.ietf.org/doc/draft-ietf-oauth-dpop/ >>> >>> You can find the details of the meeting and the slides here: >>> https://datatracker.ietf.org/meeting/interim-2020-oauth-16/session/oaut= h >>> >>> Regards, >>> Rifaat & Hannes >>> >>> >>> _______________________________________________ >>> OAuth mailing listOAuth@ietf.orghttps://www.ietf.org/mailman/listinfo/o= auth >>> >>> >>> _______________________________________________ >>> OAuth mailing list >>> OAuth@ietf.org >>> https://www.ietf.org/mailman/listinfo/oauth >>> >> >> *CONFIDENTIALITY NOTICE: This email may contain confidential and >> privileged material for the sole use of the intended recipient(s). Any >> review, use, distribution or disclosure by others is strictly prohibited= . >> If you have received this communication in error, please notify the send= er >> immediately by e-mail and delete the message and any file attachments fr= om >> your computer. Thank you.* >> >> >> >> _______________________________________________ >> OAuth mailing listOAuth@ietf.orghttps://www.ietf.org/mailman/listinfo/oa= uth >> >> >> -- https://danielfett.de >> >> >> _______________________________________________ >> OAuth mailing listOAuth@ietf.orghttps://www.ietf.org/mailman/listinfo/oa= uth >> >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth >> > > *CONFIDENTIALITY NOTICE: This email may contain confidential and > privileged material for the sole use of the intended recipient(s). Any > review, use, distribution or disclosure by others is strictly prohibited. > If you have received this communication in error, please notify the sende= r > immediately by e-mail and delete the message and any file attachments fro= m > your computer. Thank you.*_______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > > > > ForgeRock values your Privacy --=20 _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged= =20 material for the sole use of the intended recipient(s). Any review, use,=20 distribution or disclosure by others is strictly prohibited.=C2=A0 If you h= ave=20 received this communication in error, please notify the sender immediately= =20 by e-mail and delete the message and any file attachments from your=20 computer. Thank you._ --000000000000aaa98c05b5a7c634 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
    The client is not necessarily identified in requests = to the RS (it could be via the access token but that's an implementatio= n detail that can't be counted on in spec) so maintaining a per client = list isn't viable.=C2=A0

    That as well as = some other considerations/approaches were talked about in https://git= hub.com/danielfett/draft-dpop/issues/47 with what's in the spec now= maybe not being perfect but good enough.

    On Thu, Dec = 3, 2020 at 5:09 AM Neil Madden <neil.madden@forgerock.com> wrote:
    I think perhaps an ass= umption in the DPoP draft (and in the description of =E2=80=9Cjti=E2=80=9D = in RFC 7519) is that the server will maintain a single global list of recen= tly used jti values to prevent replay, rather than maintaining a separate l= ist per client. That could perhaps be spelled out more clearly in the draft= , as I think the entropy discussions only really make sense in that context= . If the RS instead maintains a separate list per client then a simple coun= ter is sufficient.

    =E2=80=94 Neil

    On 2 Dec 2020, at 15:17, Brian Camp= bell <bcampbell=3D40pingidentity.com@dmarc.ietf.org> wrot= e:

    The conversation at https://github.com/danielfett/draft-dpop/pull/51#discussion_r33= 2377311 has a bit more of the rational behind the choice of 96 bit mini= mum.

    On Wed, Dec 2, 2020 at 7:07 AM Denis <denis.ietf@free.fr> wrote:
    =
    =20 =20 =20
    Hi Daniel,

    All your arguments make sense. I agree.

    A minor point however. The size of the jti" is currently mandated to 96 bits minimum. This is unnecessarily long for a time window of a few minutes.
    The jti" does not need to be a unique identifier valid for ever. It can simply be an identifier used during the time window which complements the "iat" claim.

    Using both the "iat" claim and a 32 bits pseudo-random number will be quite sufficient.=C2=A0 It is also has the advantage of using less memory and
    it is easier to flush the entries looking at the 32 first bits only.

    Denis

    =20
    So what you are proposing is that the time window in which an RS accepts the DPoP proof is defined by the expiration time of the access token?

    DPoP proofs are intended to be generally be short-lived and fresh for each request in order to provide some level of replay protection. There is no point in making the time window as long as the (typically longer) time window in which an AT would be accepted. A DPoP proof that is valid for 12 hours would not provide much replay protection.

    The time window is left unspecified because it is only meant to account for clock differences and network latency. Its precise value can depend on deployment considerations. It is not intended to give the client an option to re-use proofs, which is prevented together with the jti.

    Also this would introduce new, unwanted and potentially surprising dependencies between token lifetimes and the DPoP usage.

    And finally, as discussed before, not all access tokens are JWTs and we are not going to mandate JWT access tokens in this spec.

    -Daniel


    Am 01.12.20 um 09:54 schrieb Denis:
    =20
    Hi=C2=A0 Brian,

    =20
    Hi Denis,

    The choice to use "iat" vs. "exp" was = made in the summer of last year. You can see some of the discussion from then in https://github.com/danielfett/draft-dpop/i= ssues/38.
    I believe it pretty well has consensus at this point and thus unlikely to be changed.

    I fear that you misread my ema= il or read it too fast. My point had nothing to do whether using either of "iat" or "exp" in the = DPoP proof JWT sent by the client.

    The first= sentence of my email was: "One comment on slide 5 about the time window". So the topic was all about how the RS SHALL handle the "jti"= claim included
    in the     DPoP proof JWT when using a time window.


    While I do believe there are reasonable arguments that can be made on both sides of using either of "iat" = or "exp", it's difficult (and honestly time consum= ing and very frustrating) to try and have such discussions or even respond in a coherent way when fundamental aspects of the draft are misrepresented or misunderstood. For example, the DPoP proof JWT is created by the client not the AS so the advantag= es you put forward are nonsensical in the context of the actual workings of the draft.

    Section 8= .1 addresses the topic of the time window, but this topic should not only be addressed in the "Security Considerations" section
    but in the main body of the document, since some checks MUST be done by the RS.     "Security Considerations"are intended to provide
    explanations but are not intended to be normative.

    = Section 8.1 states:

    =C2=A0=C2=A0 " If an adversary is able to get hold of a DPoP proof JWT, the adversary could replay that token at the same endpoint (the HTTP
    =C2=A0=C2=A0 endpoint and method are enforced via the respect= ive claims in the JWTs).=C2=A0 To prevent this, servers MUST only accept DPoP proofs
    =C2=A0=C2=A0 for a limited time window after their "iat&= quot; time, preferably only for a relatively brief period.=C2=A0

    = =C2=A0=C2=A0 Servers SHOULD store, in the context of the request URI, the "jti"= value of each DPoP proof for the time window in which the respective
    =C2=A0=C2=A0 DPoP proof JWT would be accepted and decline HTT= P requests to the same URI for which the "jti" value = has been seen before.=C2=A0 In order
    =C2=A0=C2=A0 to guard against memory exhaustion attacks a ser= ver SHOULD reject DPoP proof JWTs with unnecessarily large "jti" values or store only
    =C2=A0=C2=A0 a hash thereof.

    =C2=A0=C2=A0 (...) ".

    = The previous text makes the assumption that RSs MUST only accept DPoP proofs for a relatively brief period after their "iat" time included
    in the     <= font face=3D"Arial">DPoP proof JWT. This assumption is rather restrictive. A client might get an access token and associate it with <= /font>DPoP proof JWT that
    could be used during, e.g., 12 hours. A     DPoP proof JWT/ access token JWT pair could thus be used by a client during, e.g., one day for
    several sessions with a RS.
    <= /font>

    The time window is currently left at the discretion of each RS and is supposed to be short (without stating explicitly what "short" may mean)..<= br>
    It would be possible to mandate     in the JWT the inclusion of the exp (Expiration Time) Claim. (I am not advocating the inclusion of the "exp"
    claim in the DPoP proof JWT).

    In this way, for a RS, the time window would be defined using the "iat" claim d= efined in the DPoP proof JWT and the "exp" claim defined in =
    the JWT.

    Such a description s= hould not be done in section 8, but in a section earlier in the main body of the document.

    This would have the following advantages:

    • The RS would be able to better manage the "jti" claim values, because it would be able to discard "jti" claim values as soon as they are
      outside the time window as defined above.
    • The client would know whether a DPoP proof JWT/ access token JWT pair is still usable, in particular using the "e= xpires_in" status code
      returned in case of a       successful response from the AS and is thus unlikely to get a rejection of both of them because of an unknown time
      window used by a RS.

    Denis



    On Mon, Nov 30, 2020 at 8:45 AM Denis <denis.ietf@free.fr> wrote:

    One comment on slide 5 about the time window.

    At the bottom, on the left, it is written: "Only valid for a limited time window relative to creation time".

    While the creation time is defined by "iat"= , the time window is currently left at the discretion of each RS.

    It would be preferable to mandate the inclusion in the JWT of the exp (Expiration Time) Claim.
    In this way, the time window would be defined by the AS using both the "iat" and = the "exp" claims.

    This would have the following advantages:

    • The client will know whether a token is still usable and is unlikely to get a rejection of the token
      because of an unknown time window defined by a RS.
    • The RS is able to manage better the "jti"= claim values, because it will be able to discard "jt= i" claim values
      as soon as they are outside the time window defined by the AS in a JWT.

    Denis


    All,

    This is a reminder that we have an Interim meeting=C2=A0this Monday, Nov 30th @ 12:00pm ET, to discuss the latest with the DPoP document:

    You can find the details of the meeting and the slides here:

    Regards,
    =C2=A0Rifaat & Hannes


    _______________________________________________
OAuth mailing list
OAuth@ietf.org
h=
ttps://www.ietf.org/mailman/listinfo/oauth


    _______________________________________________
    OAuth mailing list
    OAuth@iet= f.org
    https://www.ietf.org/mailman/listinfo/oau= th

    CONFIDENTIALITY NOTICE: This email may = contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.=C2=A0 If yo= u have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you. 



    _______________________________________________
OAuth mailing list
OAuth@ietf.org
h=
ttps://www.ietf.org/mailman/listinfo/oauth



    --=20
https://danielfett.de<=
/a>

    _______________________________________________
OAuth mailing list
OAuth@ietf.org
h=
ttps://www.ietf.org/mailman/listinfo/oauth


    _______________________________________________
    OAuth mailing list
    OAuth@ietf.org
    https://www.ietf.org/mailman/listinfo/oauth

    CONFIDENTIALITY NOTICE: This email m= ay contain confidential and privileged material for the sole use of the int= ended recipient(s). Any review, use, distribution or disclosure by others i= s strictly prohibited.=C2=A0 If you have received this communication in err= or, please notify the sender immediately by e-mail and delete the message a= nd any file attachments from your computer. Thank you.___= ____________________________________________
    OAuth mailing list
    OAuth@ietf.org
    https:/= /www.ietf.org/mailman/listinfo/oauth


    ForgeRock values your Privacy

    <= span style=3D"margin:0px;padding:0px;border:0px;outline:0px;vertical-align:= baseline;background:transparent;font-family:proxima-nova-zendesk,system-ui,= -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ub= untu,Cantarell,"Helvetica Neue",Arial,sans-serif;font-weight:600"= >CONFIDENTIALITY NOTICE: This email may contain confidenti= al and privileged material for the sole use of the intended recipient(s). A= ny review, use, distribution or disclosure by others is strictly prohibited= .=C2=A0 If you have received this communication in error, please notify the= sender immediately by e-mail and delete the message and any file attachmen= ts from your computer. Thank you. --000000000000aaa98c05b5a7c634-- From nobody Fri Dec 4 10:58:39 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4938E3A0EBA for ; Fri, 4 Dec 2020 10:58:37 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.097 X-Spam-Level: X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_RATIO_08=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=pingidentity.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QJ2egKqvsCva for ; Fri, 4 Dec 2020 10:58:35 -0800 (PST) Received: from mail-lf1-x12c.google.com (mail-lf1-x12c.google.com [IPv6:2a00:1450:4864:20::12c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 487A93A0EB4 for ; Fri, 4 Dec 2020 10:58:34 -0800 (PST) Received: by mail-lf1-x12c.google.com with SMTP id s30so9078643lfc.4 for ; Fri, 04 Dec 2020 10:58:34 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=dFkDupzyISsgxwJWSVr7zqgvU92ZluYpk59BideyJTM=; b=MUcxbKNljzR3sDgekv+fa4R7VtlaWth90Fw4nmIdvKFreLig7e6yWuXZ4a30apnbxt 851d5rYZ9A6fflhRtet1NbdiXOTzYjdN+aR+ZQqV5ERkPyG6whMAb9B/GBzCQdTUEbiC mEO5u8YqeQSChD3zDbHRB4I/F5AovLUfvzkRwmL+bja7rKzjy2Mm+uBTux00ULadXxli wkE8yj1CBULUNiL3V4B037WEPTffkhJH/cH2j/ECY/+O2ekMO2SB9i/63V2DRXBO5b1A DkWRNyqA5AcuMqrFyCaRFZc1J/H6nwqus6IW+sn8u2OrEUG3HI050E7ehcMmLvaLK8DB bUUA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=dFkDupzyISsgxwJWSVr7zqgvU92ZluYpk59BideyJTM=; b=Frym7AeOmWxZpvedcjv46kU0TEJklUSDX55Q6l85JqBqjx0wBmneioNm41KE+YYCJf vvcHUFQ2RZ85d6o35RWNfbw/Sx7nbHPfejeRMy7KyoHLyymeZgWfyTsEWX25x9o8/2Wl uqj2OcOfXrKnsWEBA0X5bdb8AewZXo+QZc+fg2oyUK8v/ChR9wySF73u1UfySRljDsXA D0L/Zx8MfbdB5rsQj2XaS/BXZZzk4BbJRV1CO3Kxq1x8CvSCCzXHEQnByVCVUkGlQ0Pl Kihjj54Kg3S9d6LXjwCY7QUaHqjbuIsP19+mWpWGKMhMXfGscNslv/KvB8UXVGmmGL/a K88w== X-Gm-Message-State: AOAM531oyJItb95b66uRtSats+NM6MaxhF0dl8kBAYvcPgbPHreFYZl0 W0671bw1C/5xUXvIQWNq5S1RDvQCoS7Ee3qc+u/IEdgUTa8EOz2WxkZhMrwyhiq/Bpm5I99N0o6 8UCf8AUTCflw6pA== X-Google-Smtp-Source: ABdhPJzBcSeViqj4Art/rz6fF0HJj4lLxxKzKswGE0D8qzBPhIFc7tm903N9D07O8nP3bYE+oWwyNqucbSFQ352OzCc= X-Received: by 2002:a19:5215:: with SMTP id m21mr3882992lfb.407.1607108311524; Fri, 04 Dec 2020 10:58:31 -0800 (PST) MIME-Version: 1.0 References: <3134_1606988830_5FC8B41D_3134_178_1_CALAqi_-6ovK4otw9JW+c5H3qjnFrUqbwn-AoyGnA_EHfCSgQNw@mail.gmail.com> <5F2D6022-CA13-4255-ADC2-78CCC1AED766@mitre.org> In-Reply-To: <5F2D6022-CA13-4255-ADC2-78CCC1AED766@mitre.org> From: Brian Campbell Date: Fri, 4 Dec 2020 11:58:05 -0700 Message-ID: To: Michael A Peck Cc: Filip Skokan , oauth Content-Type: multipart/related; boundary="00000000000006612d05b5a810de" Archived-At: Subject: Re: [OAUTH-WG] [EXT] Re: DPoP followup III: client auth X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Dec 2020 18:58:37 -0000 --00000000000006612d05b5a810de Content-Type: multipart/alternative; boundary="00000000000006612c05b5a810dd" --00000000000006612c05b5a810dd Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Fri, Dec 4, 2020 at 8:21 AM Michael A Peck wrote: > Hi Brian, > > > > I think I lean towards =E2=80=9CShut up and never speak of this again=E2= =80=9D, but could > you clarify some things? > That seems to be where rough consensus is heading. So the clarifications are likely moot. But I'll try anyway. > > > I missed the interim meeting discussion on this slide =E2=80=93 it looks = like DPoP > for client authentication would have very similar properties as > private_key_jwt, but using DPoP instead? i.e. both use a private key to > sign a JWT that authenticates the client. > Time was running out in the meeting at the same time I somehow lost the ability to advance slides. So there wasn't any real discussion on this one. But yes they would have very similar properties AFAICT. > > Could you expand a bit on the advantage of using DPoP for both client > authentication and sender-constraining the token vs. using private_key_jw= t > (for client authentication) + DPoP (for sender-constraining the token)? > The only advantage would be avoiding sending two different JWTs in a one request that are doing very similar things. DPoP + private_key_jwt seemed awkward in that respect when I thought about it. That was really my only motivation for bringing it up. > > > Adding to Filip=E2=80=99s comment, is there just one DPoP proof sent in t= he token > request to cover both client authentication and sender-constraining the > token, meaning the same keypair would be used for both DPoP usages? > That was the idea, yes. > That would go against DPoP=E2=80=99s key rotation guidance, but maybe wou= ld be > okay if freshness guarantees of the DPoP proof get added? > Yes kinda but the kind of client's that could use DPoP for client auth are likely the kind that could rotate those keys via JWKS_URI and also be less prone to the vectors (like XSS) which most benefit from rotation. Improved (guarantee seems too strong a word) freshness probably makes it more okay too. > > > Thanks, > > Mike > > > > > > *From: *OAuth on behalf of Filip Skokan < > panva.ip@gmail.com> > *Date: *Thursday, December 3, 2020 at 4:49 AM > *To: *Brian Campbell > *Cc: *"oauth@ietf.org" > *Subject: *[EXT] Re: [OAUTH-WG] DPoP followup III: client auth > > > > =F0=9F=A4=AB, better not open up the possibility of thinking of DPoP Proo= f keys as > pre-registered (i.e. not "ephemeral"). > > > > Best, > *Filip* > > > > > > On Wed, 2 Dec 2020 at 23:30, Brian Campbell 40pingidentity.com@dmarc.ietf.org> wrote: > > There were a few items discussed somewhat during the recent interim > > that I committed to bringing back to the list. The slide below (also > available with a few extra spelling errors as slide #19 from the interim > presentation > ) > is the last of them. > > > > To summarize, I'm wondering if there's WG interest in working to formaliz= e > a client-to-AS authentication mechanism based on DPoP. I think it > potentially would be problematic to put into the current document (for a > number of reasons) so am preemptively ruling out that option. Thus, > basically, I'm asking the WG if there is some/much interest in the idea? = In > which case I'll find some time (at some point) to write up an I-D for it > and bring that back to the group for consideration. Or if I should, as th= e > slide says, "shut up and never speak of this again"? > > > > > *CONFIDENTIALITY NOTICE: This email may contain confidential and > privileged material for the sole use of the intended recipient(s). Any > review, use, distribution or disclosure by others is strictly prohibited. > If you have received this communication in error, please notify the sende= r > immediately by e-mail and delete the message and any file attachments fro= m > your computer. Thank you.*_______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > > --=20 _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged= =20 material for the sole use of the intended recipient(s). Any review, use,=20 distribution or disclosure by others is strictly prohibited.=C2=A0 If you h= ave=20 received this communication in error, please notify the sender immediately= =20 by e-mail and delete the message and any file attachments from your=20 computer. Thank you._ --00000000000006612c05b5a810dd Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable


    =
    On Fri, Dec 4, 2020 at 8:21 AM Michae= l A Peck <mpeck@mitre.org> wro= te:

    Hi Brian,

    =C2=A0

    I think I lean towards =C2=A0=E2=80=9CShut up and ne= ver speak of this again=E2=80=9D, but could you clarify some things?


    That seems to be where rough cons= ensus is heading. So the clarifications are likely moot. But I'll try a= nyway.
    =C2=A0

    =C2=A0

    I missed the interim meeting discussion on this slid= e =E2=80=93 it looks like DPoP for client authentication would have very si= milar properties as private_key_jwt, but using DPoP instead? i.e. both use = a private key to sign a JWT that authenticates the client.


    Time was runni= ng out in the meeting at the same time I somehow lost the ability to advanc= e slides.=C2=A0 So there wasn't any real discussion on this one. But ye= s they would have very similar properties AFAICT.
    =C2=A0

    =C2=A0

    Could you expand a bit on the advantage of using DPo= P for both client authentication and sender-constraining the token vs. usin= g private_key_jwt (for client authentication) + DPoP (for sender-constraini= ng the token)?


    The only adv= antage would be avoiding sending two different JWTs in a one request that a= re doing very similar things.=C2=A0 DPoP + private_key_jwt seemed awkward i= n that respect when I thought about it. That was really my only motivation = for bringing it up.

    =C2=A0
    =

    =C2=A0

    Adding to Filip=E2=80=99s comment, is there just one= DPoP proof sent in the token request to cover both client authentication a= nd sender-constraining the token, meaning the same keypair would be used fo= r both DPoP usages?=C2=A0


    T= hat was the idea, yes.

    =C2=A0

    That would go against DPoP=E2=80=99s key rotation guidance, but maybe would be okay if freshness= guarantees of the DPoP proof get added?

    <= br>
    Yes kinda but the kind of client's that could use DPoP fo= r client auth are likely the kind that could rotate those keys via JWKS_URI= and also be less prone to the vectors (like XSS) which most benefit from r= otation. Improved (guarantee seems too strong a word) freshness probably ma= kes it more okay too.

    =C2=A0

    =C2=A0

    Thanks,

    Mike

    =C2=A0

    =C2=A0

    From: = OAuth <oauth-bounces@ietf.org= > on behalf of Filip Skokan <panva.ip@gmail.com>
    Date: Thursday, December 3, 2020 at 4:49 AM
    To: Brian Campbell <bcampbell=3D40pingidentity.com@dmarc.ietf.org= >
    Cc: "oauth@= ietf.org" <= oauth@ietf.org>
    Subject: [EXT] Re: [OAUTH-WG] DPoP followup III: client auth<= u>

    =C2=A0

    =F0=9F=A4=AB, better not open up the possibility of thinking o= f DPoP Proof keys as pre-registered (i.e. not "ephemeral").

    =C2=A0

    Best,
    Filip

    =C2=A0

    =C2=A0

    On Wed, 2 Dec 2020 at 23:30, Brian Campbell <bcam= pbell=3D40pingidentity.com@dmarc.ietf.org> wrote:

    There were a few items discussed somewhat during the= recent interim that I committed to bringing back to the list. The slide= below (also available with a few extra spelling errors as slide #19 from the interim presentation) is the last of them.

    =C2=A0

    To summarize, I'm wondering if there's WG in= terest in working to formalize a client-to-AS authentication mechanism base= d on DPoP. I think it potentially would be problematic to put into the curr= ent document (for a number of reasons) so am preemptively ruling out that option. Thus, basically, I'm asking th= e WG if there is some/much interest in the idea? In which case I'll fin= d some time (at some point) to write up an I-D for it and bring that back t= o the group for consideration. Or if I should, as the slide says, "shut up and never speak of this again"?

    =C2=A0

    <= u>


    CONFIDENTI= ALITY NOTICE: This email may contain confidential and privileged material f= or the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibit= ed.=C2=A0 If you have received this communication in error, please notify t= he sender immediately by e-mail and delete the message and any file attachm= ents from your computer. Thank you._________________________= ______________________
    OAuth mailing list
    OAuth@ietf.org
    h= ttps://www.ietf.org/mailman/listinfo/oauth


    <= span style=3D"margin:0px;padding:0px;border:0px;outline:0px;vertical-align:= baseline;background:transparent;font-family:proxima-nova-zendesk,system-ui,= -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ub= untu,Cantarell,"Helvetica Neue",Arial,sans-serif;font-weight:600"= >CONFIDENTIALITY NOTICE: This email may contain confidenti= al and privileged material for the sole use of the intended recipient(s). A= ny review, use, distribution or disclosure by others is strictly prohibited= .=C2=A0 If you have received this communication in error, please notify the= sender immediately by e-mail and delete the message and any file attachmen= ts from your computer. Thank you. --00000000000006612c05b5a810dd-- --00000000000006612d05b5a810de Content-Type: image/jpeg; name="image001.jpg" Content-Disposition: inline; filename="image001.jpg" Content-Transfer-Encoding: base64 Content-ID: <1762f0cb2a64ce8e91> X-Attachment-Id: 1762f0cb2a64ce8e91 /9j/4AAQSkZJRgABAQAAZABkAAD/4QCARXhpZgAATU0AKgAAAAgABAEaAAUAAAABAAAAPgEbAAUA AAABAAAARgEoAAMAAAABAAIAAIdpAAQAAAABAAAATgAAAAAAAABkAAAAAQAAAGQAAAABAAOgAQAD AAAAAQABAACgAgAEAAAAAQAAA+igAwAEAAAAAQAAAjMAAAAA/+0AOFBob3Rvc2hvcCAzLjAAOEJJ TQQEAAAAAAAAOEJJTQQlAAAAAAAQ1B2M2Y8AsgTpgAmY7PhCfv/AABEIAjMD6AMBIgACEQEDEQH/ xAAfAAABBQEBAQEBAQAAAAAAAAAAAQIDBAUGBwgJCgv/xAC1EAACAQMDAgQDBQUEBAAAAX0BAgMA BBEFEiExQQYTUWEHInEUMoGRoQgjQrHBFVLR8CQzYnKCCQoWFxgZGiUmJygpKjQ1Njc4OTpDREVG R0hJSlNUVVZXWFlaY2RlZmdoaWpzdHV2d3h5eoOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0 tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4eLj5OXm5+jp6vHy8/T19vf4+fr/xAAfAQADAQEBAQEB AQEBAAAAAAAAAQIDBAUGBwgJCgv/xAC1EQACAQIEBAMEBwUEBAABAncAAQIDEQQFITEGEkFRB2Fx EyIygQgUQpGhscEJIzNS8BVictEKFiQ04SXxFxgZGiYnKCkqNTY3ODk6Q0RFRkdISUpTVFVWV1hZ WmNkZWZnaGlqc3R1dnd4eXqCg4SFhoeIiYqSk5SVlpeYmZqio6Slpqeoqaqys7S1tre4ubrCw8TF xsfIycrS09TV1tfY2dri4+Tl5ufo6ery8/T19vf4+fr/2wBDAAICAgICAgMCAgMFAwMDBQYFBQUF BggGBgYGBggKCAgICAgICgoKCgoKCgoMDAwMDAwODg4ODg8PDw8PDw8PDw//2wBDAQICAgQEBAcE BAcQCwkLEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBD/ 3QAEAD//2gAMAwEAAhEDEQA/AP38ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACvB/2Wbu6v /wBmP4Q319M9zc3Pg/QJJZZGLvI76fAWZmOSWJOSTyTXvFeAfsnf8ms/Bv8A7Ezw9/6boKAPf6KK KACiiigAooooAKKKKACiq91dW9jbSXd3IsUMKlndjgKB1JNRadqVhq9lFqOmTpc2043JIhyrD6ig C7RRWU+uaRHqyaE93Gt/IhkWEsN5UdSBQBq0UVS1DUbHSbKXUNSnS3toF3PI5wqgepNAF2iq9pd2 1/bR3lnIs0MyhkdTkEHoQasUAFFFFABRRRQAUUUUAFFFFAH/0P38ooooAKKKKACiiigAooooAKKK KACiiigAooooAKK/DDxr/wAFc/Gvhbxjr3hmD4d6fPFpF/dWayNfShnW3laMMQI8AkLk1hWv/BZP xekytffDGxliyMrHqUsbEd8MYHA/KvrI8EZk1zKn+K/zPSWU17Xt+KP3sor4r/ZY/bk+Ff7UbTaF pUM3hzxZaRGaXSbx1cyRrjdJbTLgTKuRuyqOOpTbzX2pXzuMwVXD1HSrRtJHDVpShLlkrMKKKK5T MKKKKACiiigAooooAKKK+W/2jv2v/g3+zLYKnjjUGvNfuYfOtNGsgJLyZSSquwJCxRlgRvkIBwdo YgiujDYWpWmqdKLcn0RdOnKb5Yq7PqSiuBtvG/274XRfEi3tNn2jRl1ZLdnzjfb+eIy4HbOCce+K /O79j/8A4KG+J/2mfi9/wrTV/B1nocH9n3N79ogupJn3QFAF2sijB3dc114fKK9WnUqwjpDfVaGs MNOUZSS0W5+p9FFFeYc4UUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUV8U/ts/tWax+yj4P8O+JdG8 PweIJdcv3tGjuJ2gWNUiMm4FFYkkjFeg/smfHfUf2j/gxp/xS1XSYtFuL25urc20MjSoot5CgIZg p5xnpXoyyqusMsW17jdr36+nyN3h5qn7XofStFFfG37av7UWr/sqfD/RPGWjaDBr82ramLBoriZo VRTBJLvBRWJOUAx71z4PB1MRVjRpK8nsRSpSnJRjuz7Jor5e/ZC/aB1P9pf4Px/E3VtHh0O4e+ub T7PBK0yYg24bcwU5O7pivqGlisNOjUlSqLVOzFUpuEnGW6CiiiucgKKKKACiiigAooooAKKKKACi vy4/bH/4KDeJv2YPizb/AA30fwfaa7BNplvfm4nupIXDTySoU2qjDAEY5z3r9I/BuuyeKPCGh+Jp ohBJq9jbXbRqchDcRLIVBPUDdjNejisqr0aUK9RWjPbU3qYacIqclozpKKKK84wCiiigAooooAKK KKACiiigAooooAKKKKACiiigAor8uP2m/wDgp78P/gv4mvvh/wDDvRj418QaY7wXk5n+z6fazocN HvCu8zoRh1UKoPG/cCB8Y2n/AAWI+MqXokvvA+gTWm4Zjja6jkK9wJDK4B99n4V9RhODswrU1UjT sntdpHoUsrrSXMkf0K0V8Pfsqft3/C39p+VvDdvbyeF/GMUZlbSrqRZROijLtazgKJQg5YFEcDJ2 lQWr7hrwcbgauHqOlWjaSOOrRlCXLNWYUV+e/wC23+3Ef2UdR8M+HdC0K38R6zrkU91PDPO0At7W Ngkb/KrEmV94H+43tWj+xJ+2qv7WEXifTtZ0WDw7rnh4wSrbwztMs9pPlfMBdVOUdcN2G5fWu55D ivqv1zl9zvp3ttvubfU6ns/a20PveiiivHOUKKKKACivjnxT+2/8GNG+NPh/4CeHbl/E3ijWNTj0 y6+xEfZdPkZtriaY8NIhGDHHuIIIcoRiut/a2+Peo/s2/Bq8+KGlaRFrdxbXdrbC2mlaFCLh9pYs oY8fSvQjlWIc6dNws57X0ubrDTvGNt9j6Zor4t/Yn/ao1j9q3wV4g8VazoEHh+XRdQWyWO3maZZF aJZNxLqpBy2MV9pVjjcHUw9WVGqrSW5FWlKEnGW6CiiiuUzCiiigAooooAKKKKACvAP2Tv8Ak1n4 N/8AYmeHv/TdBXv9eAfsnf8AJrPwb/7Ezw9/6boKAPf6KKKACiiigAor598Q/tNfBqyXUNM8L+MN G8S+IbFnifTNP1G3urmKWMlWE8ULs8YRhhtwBB46180+Gfjd4u0bxhP4l1GZr2C/YC5tycIUHQIO ilB90j8eM0WA/RikYhVLHoOawNF8UaH4g0KPxJpt0rWDoXZ2IXy9oywf+6V75/lXxT8X/jZfeJ7/ APsfwrO9tpdpIG81CUeeRDkN6hQRlR+J7YAIPjN8Y7jxhdSeH9BdodGhbDNyrXDDuR1C+g/Osb4R fFu98A340/UC1xotw37yPqYif40/qO/1rwe5u5obiS6vJC8UzF2duqsTkk+38q4e/wBZuPFl0+ge FbgC0j4vL+JgyoD/AMsoWGQZCOpH3R70AfrH8Rfi9onhDwzb6rpci39zqiFrIKcowwMux9FyMjrn ivgG58Va/da+fE815J/aRk8wSg4II6Y9APT0rnfOv4NBtPD1pO4srA7oImJZQSoU9eeQOfz61FZN Lqkxs7IpHNGpkneU4jtYl+9LKeyDsOrngc5I5cdjqWGoyr15csY6tv8Ar/hzSlSlOShBXbPvfwL+ 0P4d1XSY4fExkt9TtgPtJijZ41iwf9IcrnamRg98ngEBiPnr4t/F+7+IF4bHS2MOhwHMSg8zHtI+ P0HavG11Ge3EcPhy5msbWB/NSbhZ7qbG3zpxjBUjhYiCgT5SMHAjmWGaC41WwiW3+zjzL6zTO2AE 4NzBnJMBP3l5MRODkEM3yeH4mxMKkamPo+zo1HaD6xeyVRbR5unRP3Za2O+eCg01SleS38/Tvb/g o97+D3xnfwPKNG8RzbtCckmRj/x7HqW/3O5HbrX2x4Y8Z6F4tSc6TI4e3blJUMchQ/ckCtzsccqe vYgHIH5YRqLBYNRvoRJeShZbKzlHyov8N1cqe2eYojyT8zdtvVeDviBrng/Vo9Rub+aeIuXaeTMk kDucu2By0Ln/AFkY6feQBshprcUYic3XwdHnw8NJSXxS7umvtKPX+bVRu1qRwMElGpK03sui9e1/ w6n6oUV51oPxL8Pap4an8QX08dmLGNXuVLBgoYZVkI++knVGH3unWvjrxn8dPFGt+KoNY0KZ7Cw0 1ybaH++OhaUdyw4x0A4Hcn7DB4uliKUa9CXNGSumtmjz6lOUJOMlZo/Qqivnzw9+038GrxNP03xV 4w0bwz4gvmSJNN1HUbe1uZZXIVfIjmkV5A7HC7QTnjr1+g66CAooooAKKKKAP//R/fyiiigAoooo AKKKKACiiigAooooAKKKKACiiigD+Tn4UaVpeuft4aTpGtWcOoWF343mjmt7iNZYZUa9fKujgqwP cEYr+kTxZ+yj+zZ410e40TXPhroAhuVKmS10+CzuEz3juLdY5UPurCv5y/gp/wApANB/7HqT/wBL Xr+rav0fjrE1KdWg6cmvd6O3U93N6koyhyvofyN+OtG139jL9rW6sfD948tx4C1iC5tJTw89nIqT xpJjAPm20gSQDg5YdK/p5+NXx9+HvwI+GM3xU8bXTjTMRi1hhAa4vJphuihhRioLsMk5ICqCxIAN fzbf8FDtXtfE37ZXj99HP2gRTWFkNnzFprayt4ZF47iRWXHqK+qv+Csuoa7pc/wh+H93IwstL0WW Zlz8r3WY4HJx1KrGMem446nPsZplqx88Aqz1lFuXdpJP8/zOnEUPbOjzbta/cin4j/4K+fHHUtYl l8DeCdDsNKiJcQ3i3V9cCNepeWKa3XHqRGMetfY/7Jv/AAUx8OfHDxXZ/DT4m6NH4W8S6rJ5Wn3F tIz2F1IRkQnzPnhlY8ICWVz8u4MVDe2/8E8/hv4Q8D/steD9U0CziW/8UWv9oaldBVMtxNK74V3x krEuEVegAPckn8QP+ChfgXw58Jf2sNZh+Hsa6PBdRWWrJDafultLqZdz+UExsy6+YAPuluMDAHFh sJluOr1cBTocjje0r9nbX/g3MqdOhWnKjGFrbM/oh/aR/aM8Dfsy/DyTx740El080otrGxtyvn3d yylgiluFUBSXc5CjsWKqfxum/wCCtX7Rd9cz69ovgHRB4dtG2zBoL2cx7j8oe6WZEVvTMYz6dMc1 /wAFVvGuteJvGHwptNSjkgjfwnBqpibhUudRlYTLjpuHkqD+FbvwU/bU+I3wz+CWifCfQP2fH1rw +lj5U02y6MWpfaVzNPIotWVxPuJPLDBABwBSyjh6lTwUK8qKqTk9bySSWu1ww2CjGkpuPM352P1F /Y9/bQ8H/tW6Le2kVi2g+LdEjSS/05n8yNo3O0T28nBePdgMCoZCQDkFWb5K/aP/AOCoGteDPibq Hwn+AnhO38SajpF29jPeXonmSe7jOySG2trdo5G2OCu8v8xB2rjDH4a/4J+6D8R/Bf7X/hTV7jwr q+i6NqbahaXIktLlIUgntZWjR5HQAqsqxnLd1B61S/aJ/Z4/aN/ZY+Pmr/FjwFY6gdMTUrrU9K1/ ToWuY4IrpnPl3B2uEdUcxuJRtfkjKmtaXDmAp5hOm7NON4xb0vdq1/K3no+tio4GjGu4+V0j6Bsv +CrH7SHgTxDBYfGX4badFbn5pLYW17pN6UPdGuZJl47Zj59e9ft18K/iZ4V+Mfw+0T4l+C5mn0fX YPOh3gLIhDFJI5FBIDxurIwBI3A4JHNfziwf8FDvEHjiXRrb9pX4d+HfirY6LI0kElzb/ZLuMyAL IQyboCGCjKmDBIGegx+/v7M3xG+EvxS+EGk+LPgtpcGheHJWli/s6G2itPsdwjfvYnhh/dqwJ3ZX IYENnmvH4tymNGlCaw/I72bTvF/r+C+Zy5lhlCKfJZ+Wx77X8hv7XPx48QftCfGO88XeItOtdMn0 mI6RHHa7yjQ2k8xV28xmO87znGB0wK/ryr+bD/graAP2n9NwMf8AFNWP/pTdUeHlWCxkoON21o+1 t/vDJJL2rVtT7e/Yu/ay8YftA/C3x/4D8R6NY6ba+BPC8MFtNaeb5kw+zyw5l8xmGcRA/LjkmvyH /ZC/aB0v9mj4pXnxM1HSptakTSLyztbWJljElzOYzH5jt9yP5TuYKx9FNf01+H1Vf2XNO2gD/ijY f/TcK/nt/wCCZvgvQPGf7V2h/wDCQ2kd7Fodnd6nDHKNyC5gVVhcg8Exs4dfRgD1Fe1k2Kw86OOq OnaGl4p9k76+Z14WpBxrS5bLsfQqf8FcPj5oniZD4u8AaNHpMmyT7GI7y1u/JJzlZ5JXUlh0bycd OOuf28+FPxb8I/F/4XaN8W/Dcxh0TWLVrnNwVRrfyyyzJKQSoaJ0ZXOcZUnOOa/Lj/gsbo+nSfD3 4e+IGt0+3wapc2qzbR5nkywb2Td127owcetcV8LPEepeH/8AgkT4vv7Bn83dfWQ2EgiK91CO3l6d tkzZ9s15eOyzC4vBUMTh6fs5Smo6O+7aOerh6dSlCpCPK27E/wAYv+CtHiOTxhP4W/Z08J2urWcb mGG+1OOeaW7cEgvDa27xsqHHybmLEclV+7XU/s+/8FV7jxJ45tPAP7QXhm28NyX8yWiajYCWOG3u XbYBdQXDu6IScFw52fxLjLL+bH7GHxx8S/ALxXr3jHwh8NX+IGqz2sVqkqCYtYRuzM+DDFLgzbQM nBwhA4Jq7+1P4v8Aif8AtN/EC1+Iknwf1DwrqCWaWlz9mtLqb7UY2YpLITAnzqrBM4J2gDOAAPpZ 8MYPneFdBKFvj5le/pv+nlY7ngKV/Z8mne+p/VrXy7+2D8afHX7PvwVvPip4E0ez1qbSru1S8ivf M8tLS4YxGQeUytuErRjrjBJrvf2ddW1jW/gJ8O9T8RRzxatLoGmi8W5Vlm+0pbokpkD4YMXBJzzX R/FnwBY/FT4Y+KfhxqOBD4j065st7DIjeaMrHJ9Y3w49xX5Lh1CjiUqyvFS181fU+bhaNRc2qTPm b9hz9q7Uf2q/AWu674j0600jXNB1AW01tZlzEbeWJXhl/eMzAswkUjOPkr4T8S/8FZvFmi/GXUfC dr4Z0mbwdYa5JY/bi0/2l9PiufKacYk2b2jBcfLgHHBr4u/Yy+PV7+zH4m+K2k645sLm98OalDDC 52ka3poZrVG9wxlT6nivkmH4b+I7n4W3vxfCZ0S01i30VnwSTcz28tx17BVjGfdh+P6theEcJHFV nVj+7fLy/Pe3z2Po6eWU1UnzLTSx/UZ+2p+07c/su/Cez8baFZWuraxquow2NnbXLP5TBkeWWQ+W VYhUTGQfvMtcR+zb+2Fq3j/9nfxJ+0X8c7LT/Cfh/R7qaKBrMSnzoYFQMwEjsXd5n8qNV5LjHcV+ Kn7Xn7RMnx08F/BHw1ZTm8k8P+Govt4Q5ZtVlf7LMGUclttqjr7Scda+wf2+PCOpfAz9i34LfBKz zBBFcK+phOFkvY7dppc46q088jgeoB5wDXiQ4ZowoUMNVVqtSbu+qir3t8kvvORYCKhCnJe9J/gj F8ff8FfPijqevS2vwh8E6ZZaWGYQnVRPe3kqKchytvLCkZIGSg8zH949a9o/Z0/4Kwad418VWfg7 46aDbeHDqckcFvquns/2OOaRtoFzFMzPHGSR+8DsF/iAXLD0L/gk58OfCOj/AACufiRbWcUniLxB qV1BcXZUGZLe2KpHbq2MqmQZCO5bJzhcfDX/AAVo+HPhHwd8bPD/AIp8NWkVhd+K9Nkn1CKFQiyX EExT7QygAb5FYBj/ABFMnkknqpYXK6+LnlkaHK1dKV9brc0jTw86rw6hbzP2H/bN/aC8Q/s0/Bv/ AIWT4Y0y11a9Oo21kIbwuItk4clv3bK2Rs45r8qtX/4LCfFCXwpbQ6J4N0i38SNPKbiabz5LNLcB PKEcQmWRpCd+5mcKPlwp5Nek/tQ+IdV8Vf8ABLf4Za3rZka9lbRI5HlJZ5PIimhWRieSZFQNk8nO TVr/AIJDfC/whqngvxz8RdZ0q21DU31GLS4ZbiJJTDDFAJZFj3g7fMMw346hQD0rkwGX4LDZfPEY mlzyhNrtfW33dTOjRpU6DnUjdp2PC/2yfjL48+Pv7HHwr+KPxC0e00a+1TxDqCwpZeYIZreCJohM ElZ2Tc6uNpduAGB5wP0U/wCCX80Vv+x9o1xcOsUUWoaozuxCqqrOxJJPAAHU188/8FdNH0jw/wDB j4caLoNjBpun2msTJDbW0SwwxILdvlSNAFUewFUvgHq99on/AASd8Z3+nBvPNpr0OUOGCXExhds/ 7KOT+FaYqMcRlFONNcqlV0Xa7Y6iU8NFRVk5f5nL/Gn/AIK2+JIvGNz4c/Z+8L2N/plvL9niv9VS aaS8cNt3w28EkW1GP3NzMzDkqpO0fJn7V/7bPiH9pH4V6T8O/iF4S/4RrxXoOspfO1uHS2kg+zSx kGKcmWKQM4IBLgrk5BGD69/wSG8GeHNd+MvivxVq9rHdah4d0qM2BkAbyZLqXZJKgPRwi7A3YMR3 r3r/AILFeDPDv/CK+AfiAlvHFrgvp9NeZQBJNbPEZQrkcsI3T5c/d3tjqa9OhDAYXM6eBp0feX2r 63tf56f8MdEFRp4iNGMNe59Cf8Ep/wDk1C3/AOw1qP8A7Tr9Ja/Nr/glP/yahb/9hrUf/adfpLX5 1xJ/v9f/ABM8PH/xp+p+Sf7Y3/BQv4ifs3fGmb4ZeGfDOlapYxWNrdefeGfzS04YsP3bquBjjivn /wCJf/BW34pXWs3t78GfBNhD4TsZhELzV4bm5ml5+Uv5EsMcJcdEJc/7VfPn/BVT/k7K8/7A+nf+ gvX7q6T8LfBuhfslj4YWWlwJog8KvC9vsBV3ktC8kjZzl3kJkLHncd3WvsKtHL8JhMLWqUOaU1rq /K79ex6koUadOnKULtnhv7Ef7ddp+1PNqng/xNo8WgeMNIt/thjtnL2t3a7wjSRByXRo2ZQ6MW+8 CGPIXh/2wv8AgpBo/wCz/wCKp/hj8OdGi8S+K7DYb+W6dlsbMugdYsRkPLLggsAVCZxktkL+bn/B KWR0/atiVTgPoeohvcZiP8wK+VPBHxC1OH9oyH4o33hZvG+pf2zdaq2kS73a6uC0kwDhFkY+W/7w jac7eeM16K4Swv8AaFX3bwjFNRv1d+vbT+kbLLaftpaaJXsfpD4Q/wCCtfxh8Pa/ZQ/Gn4f2B0m6 ZZHOnxXNjdi3c/6yJbmWVJMdQDtDYxuH3q/bvwR8RPCPxD8B6X8SvDF+k/h/V7QXsNw/7sLFglvM 3fcaMghwfukEHpX89P7Vn7Snxb/ap8D2HhLXPgZe6LeaXeLd22oxQ3k80Q2skkQDW6fJICCwzjKq cZAx6x8Gtd8e+Cf+CYHxk0fXdP1DTLvTb97W2juYpbdlstVazhkCCQKdm6WZmxxyfU15+ccO0qlG nUhTVObkotJpqzdrmOKwMZRjJLld7Wvfc7D4xf8ABWjxHJ4wn8Lfs6eE7XVrONzDDfanHPNLduCQ Xhtbd42VDj5NzFiOSq/drqf2ff8AgqvceJPHNp4B/aC8M23huS/mS0TUbASxw29y7bALqC4d3RCT guHOz+JcZZfzY/Yw+OPiX4BeK9e8Y+EPhq/xA1We1itUlQTFrCN2ZnwYYpcGbaBk4OEIHBNXf2p/ F/xP/ab+IFr8RJPg/qHhXUEs0tLn7NaXU32oxsxSWQmBPnVWCZwTtAGcAAe7PhjB87wroJQt8fMr 39N/08rHW8BSv7Pk0731P6a/i/8AFfwj8Efh3rPxN8cTPFpOjRh3WIBpppHYJHFEpKhnkchVBIHO SQASPxEvv+Ctvx58Q+KJE+Hvw/0l9KiZ5BaSRXl7eGBT1eWGWNQQOpEWAfauk/b98WeJtU/Yi+Al vrsVzFd6mthNqP2gMkv2y004xsJVfDbmd3b5ueM19Rf8En/BnhzR/wBm2XxhY2sf9seINVuxd3OB 5pjtiI4ot3XYoBYL6sT3r5bB5dhcHgJYzEU/aScnFK9lo7fo/wADz6VCnSourOPM72PxW/a7/aJt P2nPiRpfxHh0iTQ7qLRrWwvLZ3EiLcwSzM5icYLRkOCNyqwOQQcbj/VP8JP+SVeDP+wLp3/pNHX8 2f8AwU18GeHfBv7Vus/8I5bx2ket2NnqVxFEAqLczKySttHAMhQSN6sxPU1/SZ8JP+SVeDP+wLp3 /pNHW/GEqcsBhJUVaLTsu2i0LzRxdGm4qyOw1fVtN0DSb3XdZuFtLDToJLm4mc4SKGFS7ux9FUEm vwq+IX/BW34ma14tuNE+Avgexm04SPHayalFc3l7dKp4kEFtJCI9w52fvCO59P258ezeDLfwTrs/ xF+y/wDCLx2U7an9tUNbG0CEyiVWBBXbnIwc9K/B/SP22/g38NPH+rx/sYfAZJdZ1dTai+ke4aS5 ijfcBFp8IdkRiA2FdCcLvUEADyeFMFTqqpKVB1GtrtKK9W3/AJnNl1JS5m4cz/A6v4Yf8Fb/AIgW XjG20H48+DtPt9LadYLqfTI7i1urME4aR4LiSbzNvVkBQ46c8H9345I5Y1liYOjgMrA5BB5BB9K/ kE/ar8YfGXx98WZvF/x18NDwp4n1Kzt3+xCzksT9mXckLGKZmlzhSuXJbCgdAK/rQ8AM7+A/Dbyn LtptmWPqTCma6+MspoUIUa1GCi5Xuk7rpsaZphoQUJRVrnXV+HEf/BWvxV4e+KWr+HfHHg6wPhvS bnUrctYGb7bI1ssq2ygySGMeZKqK7FTtUsQOAK/cev5O/gr4N0P4gftz6X4S8S2qX2l3viy8a4t5 BmOVIJpZijjurbMMOhGQax4Qy/DVoYiWJhdRjf8AO9icsoU5qbqK9kfVupf8FcP2h7TV4dTPgXQr PQrzL20E8N6ZZIs9VufPRXI6bliC/wCzX7Ifsw/tE+Gv2nPhZbfEfw/avpsyTPZ39jI4ka1u4grM m8AblKuro2ASrDIByB8uf8FVNA0q/wD2U59SntY2udG1awktZNo3ReYxhcIeoDK2CBwcD0FfLn/B NzxDqHhj9kT47+IdNL/adGW+vYAhwwlh0wuu3HfKDFdmMwWExeW/WsPS9nJSUd79v8zWrSpVKHtI Rs72PRf2m/8AgqWPh745vvhx8DPD9r4ivdJnktLvUb8yNatdI2xo7eGB0eUK2QXLqGPCgjDHzf4Y f8FavGml+LLbw9+0T4Kt9PsXIS4udMiuLe5tt2Nsj2tw8hdccsFZTjlQSAp/NL9lT4mat8JPi9bf EPRPAx+IOqaZbTtb2YErGCWTan2oeVHKcoGKgleC4OQQK98/a4+MXxV/avm8PahqPwWv/DWqaCJ4 /tcFvdzy3EE20iJ90CfKjKWXOcFmxjJz9O+GMJTnHDOgnG2s+ZJ39P6Xkd/9n0otU3DTvfU/Uv8A bX/bd+In7NWqeDb7wFoOk+IfC3jHTnura+uWnJeWNgWCGJ1UoYpYmU9TuPavpGL9pTTpf2Rv+GnB BFkeHW1Q224+V9vWMobbdnO37UPKz1/Gvy98efDfxH8Rf+CV3hbU/EGn3Vv4k+GV1NcCO7ieO4Fl FdzW7JtkAYRrbSxv6YiGOmK+QLT9o7y/2Ab/APZ/N1nUj4piVYs4I0iRTfHA9ryPnt835+FR4aoV 6MI04+9CpyyfdX3+6xyRwEJwSitVKz9D9Lf2QP8AgpB4y/aB+Nun/Crxx4d0vR4NXtbprWayM/mG 5t4/OCHzXZdpjSTtnIFdn+2/+374l/Zj+I2kfDzwRoena3cXGnLf3rXpl/dGaR0iRfKdcHbGWOc8 Fa/E/wABWviT9mr4s/B/4o6+DBBqK6f4jjwCM6bLdSQyKT3LwxsT7OPx901eMftjf8FEJbONvt2i at4hEOVO6NtG0gYZlPQCS3tyR23P3J59Wvwxg44v2/IvYqDb7XT/AMvyOmeX0lV57e6l+J/SJ8K9 e8UeKfhr4Y8T+NbKHTdd1fTra8u7W33COCW4jEhiG8s2U3bTknkGvFf21fivq3wY/Zo8Z+NvDs7W 2siCKysZU+/FPeyrAJVJ6NGrs6+6ivqcAAAAYAr8/P8Agp5o97qn7IXiS4s1Lrpt7ptzKF/55/aU iJx6AyAn061+a5RCFXHUoyXuuS0+ex4GGSlWins2fkJ/wTp/Zk8OftH/ABW1fVviHEb/AMM+EIIr m7ti7Kbu6unYW8cjKQ3lny5HfDAnaF6Ma/oS1/8AZs/Z/wDEvhqTwhqvw80I6VJG0Yih0+CAxBhg mF4kV4m9GRlYdjX5Ef8ABG7xbpFn4h+Jfgi5mSPUtUt9NvraMnDyRWbTxzY9dhnj468k/T95K+i4 3zDELMJQUmlG1rO3RO/3ndm1aftmr6LY/kg+O3gXXP2Ov2pr7SvBd+6SeFb+31PR7kkl/s8gWeBZ CMbiFPlS9A+G4wcV/V14O8TWnjLwfofjGxGy11ywtr+IHtHcxLKufwav5kf+CmXi3SfFf7WviOPS Jo7iPQ7Wy02V4+R58Me6VSe7I7lG9CpHav13+PXxLvP2cf8AgnxolvJK1r4jufDOkeG7ME4kW8ns khlYHqGiiSWQH+8or1uJcNPF4fBOX8Sdl96X/DnTj6bqQpX+Jn45fGTXNU/bU/bal0rw9cF7HX9X h0XTZV+dYdMtW8s3Cj+75ayXDD/aNM/Zi8Z6v+yL+2Ra6T4rl+zW9jqdx4b1on5YzbTS+SZT/wBM 0kWOcHuFGOtcX+xx8e/BX7N3xYk+J/i/w/c+IZbewntrGO2kjjME9wVV5SXB/wCWW9Bj++ayP2tv jR4M/aB+Mt78VPBmhXHh9NWtbZb2C5kSRnu4FMRlUxgABoljB77gxPWvtfqk3N4Fw/cclr6b/nt+ J6vs3f2NvctY/r3r8e/Hv/BRz4leE/2qbj4CWXhfSJtJh8RWujC6kNx9oMU80cbPxIE3AOSPlxX2 X+w58aP+F4/s3eFvEt7P5+s6TH/ZGpknLG7sgqb2P96WIxyn3evwh+NBC/8ABR2/ZuAPHWnk/wDg VDX5pw1ktOWJxFDExu4J/enueDgMJF1JwqK9kf0Z/tB/ErUvg98FvF3xN0e0hvr3w7YtdRQTlhFI 4YAB9hDY57EV+a3wg/4KR/Ez4ifCz4t+PdT8LaRbXXw902yvbSKE3HlzvdTmFll3SE4AGRtIOa+3 /wBuR1j/AGSvicznAOksPxaRAP1NfmD/AMEbAD4t+J4PI+w6Z/6NnqMmwOHeV1sVVp80oyX3Xjdf MWFpQ+ryqSV2n/kfmDoHxq13w/8AHiP4/W9hbS6vHrkuu/ZX3/ZjNNM0xj4bfsBYgfNnHev16/aS +OGvftEf8E1x8U/Emn22l3+oa5DC0Fpv8kC2vHiUr5hZuQvPPWvhb4aKD/wUkt1I4/4WHe8f9v8A LX7A/wDBUsAfsj6qAMD+1NN/9G19fnmJpPG4OCp+83Fp32V9rfqeni6kfa0ly66a/ofkt+yR+2rq f7M/ww17wR4J8KN4m8W+ItXW6gEu77LHCsCp9yI+bJIWX7g2gDndnivqn4Nf8FbfGM/jiy8O/Hjw vptppF3cC3mvdMSe2lsi7bRJLFcSyh0Q/fAZWC5I3EbW6z/gjr4L0D/hGfH3xCktI5NaN5b6ZHcM MvFbLGJnRD/CHdlLY67Vz0FfGP8AwVK0fTtJ/az1Oewt0gbUtL0+6n2KF8yYo0ZdsdWKoMnvilUo YDF5lWwdSj71ruV9b2Wy6bhKFGrXlSlHXuf08qysoZTkHkEdCKWuT8BSvP4F8OTSnc8mm2bMT3Jh Umusr8dnGzaPl2rOwUUUVIgooooAKKKKACvAP2Tv+TWfg3/2Jnh7/wBN0Fe/14B+yd/yaz8G/wDs TPD3/pugoA9/ooooAKKKKAPw2tv+Cf3xB+EHxu8b/FqG8h8RaDr095d82NrLJCLudpzmK4FwCEzg sqg4GeBxW7qsWj6JYS6lqRsoYIRyTpGlZJPAUAWeSSeAByTX7VkAjB5Br55v/wBmj4dan8Q7Px5f wtNFYlpotObH2Rbk/wDLXZ3x2B4B6ccV4eP4Zy/FVPa4ihGUu7V2dVLHVqa5YSaR8T+APgZ8XNa0 F/Heq6DpS6LcKXg0xbC1s9YEBHE8U9tDGElH3gh6j5ec88/d2smnSpFNKJ4JgxguNuwSqvDBlP3J E6SIfunp8pBr9fgAAABgCvmL4z/By41SC88S+CtLt9TvZv3lzpVwxjgu5lHyTKw5jkB4cj76bgeT z4tfIp5dL6zlFPT7VO9lJd430jNd9pLR9GumGKVZcmIfpLt691+R8PRR26W8WqanD58M+TZ2bHH2 sqf9ZJ3W3Q9T1c/KOvMpQao013Z20VtqYDS3VpbIY4blR964tkJYqw/5aR5J/iBPd+oab4lsLxn8 Y2slrrFwiPOsi7cYGAsYHAjXoirwB6nJPMa9rNvodtFdMZDd+YotEt/+Ph7j+ARdfmz+GOvBIOP+ rWMqf7fOrbFdLN8kV/z7t1i/tStzN+8rWSVfXaa/dKP7v8X5379lt0Nq2WXUpUttOKPI6GQuxxFF Ev3pZW/hRe56k4UAkgVn6yl1dwW9l4au2g0+CdZ7gyxru1R1GA02clI1/wCWKKfl6nJJJ7KTwb8Z m0b+0vFvg2LQdNliiuL5rR9xubvLfPKnVY1XB2D5Vcucc5PP9eldeBy7E42rHF5lDlUH7tO90mvt ya0b/lW0Vr8T0zq1oUounRd77v8ARdvPv6bwQXCzoWHDLwynqD6GuOTX9b1XxHbnwXdnT00ebfNq SqHO8cGCINlWyOJCQRj5evT0z4Z+BJ/jd4k1Pw/pDT2ulWUDx3mpxcIJmGFhRv4m/vEdBnBzVW98 KS+CLqTwtNafYTp58sRgYGB0YeobrnvX1eJw1OtTlSqxUotWaeqafRnBCbi1KLs0czpzatbSTf8A CRXv9o3l1K8jXbKEaUseA4HAIHAxxgcelGs6z/ZggtbWB77Ur5xFaWkQzLPKeigenqegpuvarDYx wWSW7319fuIbW0hG6WeVjgBQOmO57V+gPwU/Z40PwPeQ+PfECNeeKLq2iXExDrZZGWjiHQHPVupP 4U6NGFOCp01aKVklskuiCUm3d7nzdpn7K3xubwrZ3Gsa7pt42ZLg6RPp9pOLUS/MYbea4hk288kH jOema8ZvfDyabNPb6hBaW0tsWWVZNH0pShXqGzZ8Yr9lq8L+KvwB8G/Fie3uNYaWzYOn2r7Odn2q FDny5Pyxkc44ORivn63B2VVJupPDQbbu/dWre7OuOZV0rKb+8/ETXf2OPiR+098Q9I+Jnw8MWn6N 4elgRLo2ltZpPJDKJC0Qt0hDAEfeKk/hX9DHh+zvdP0OwsdRl8+6t4I0lkxjc6qAT+JqTRtG0vw9 pdtoui2yWdjZoI4ooxtVVXoAK0693CYSlQpqjRioxWyWyOWpUlNuUndhRRRXQQFFFFAH/9L9/KKK KACiiigAooooAKKKKACiiigAooooAKKKKAP459Y8d638Lv2lNY+IfhxIX1Tw74mvb23W4UvCZYbt 2UOqspK+oDA+9fXGsf8ABUr9rfxbYTaHoiaRpl1dLsWfTdOke5Xdx+7E0s67vQ7CfTnmv6YKK/Qa /GmGrcrrYRScVZXl/wDantTzWnK3NTvbz/4B/O1+w9+xB8UfiR8VbD42/HDSrzTPD2m3Y1UDVEZL zV74P5qExy/OYjJ+8kkcYk+6u7czL+gX/BSD9lXxJ+0L8PtI8UfDy2F74s8GtO0doCFe9s7jb5sa FiAZEKK6AnkblHzMAf0jorxcVxXiamMhi1ZOOy6W7fPqctTMakqqq9tj+YH4Eft7/Hf9lLwrc/B7 UfDtvqNrpkkhtbTWI57e5095GLvHgFGMZcltjAEEnDAHFO+B/wAA/jV+3l8c5fin8SLa4Xwzf3qT 61qxTyIDDEoC2lnu+82xViXZu8tcM56bv6ZtQ0DQtXlin1XTba9lhIMbzQpIyEcjaWBI/CtUAAAA YAr1avGcI89TDYdQqT3le/3K3z9d7nRLNUrypwtJ9T8n/wDgp9+y14p+LXhLQPib8NNMl1TWPCEc trdWFspeabT5CHVoYxy7QuD8ijJVyQDtxXwN8If+Cmfxb+C3wfh+D8nhq01S/wBChez03ULqSSKS 0iXISOe32kSmHO1fmj+UAMDgk/0tVh3Xhnw3f3y6nfaTaXF4nSaSCN5RjjhyCf1rgy/iWnHDRwuL oqpGLutbWMaOPiqap1I8yWx+QP8AwTlvf2yPiT4gm8c/FDxbrR+HNvbyiFNTCyPqdzMu2PyHnjaX yotxkMiMFLqqDcN4Hy18VPi5+3F+yP8AHy31v4keIta8TaFpt5J9lN1NKNF1e0kDKFKxgQiXyzkr t3xOAQMAE/0fgADA4AqGe3guomt7mNZonGGRwGUj3B4NOnxRD6xOrPDxcJK3LZLT1tvrq+vyQ45g udycFZ9D+Wz9p79qiz/a/fQvDfgz4P2fh/xD9sEpurEjUNVvnKMgt1aK2hcxktuKkOSyqRjBz+3X /BPr4F+K/gH+zxaeHfHERtdc1y+n1i5tS25rX7RHFEkLdg4jiUuB0YkdRmvsnTNA0LRN/wDY2nW1 h5hy32eFItxPrsAzWtWebcSRrYaODw9Pkgnfdyf3snE49TpqlCNl63Cv55P+CvfgTxHafGbw18Rv sUraDqOiQ6eLoIxiW7tri4domYDarGORWUE5YbsD5TX9DdV7q0tb63e0vYUuIJRh45FDow9CpyDX nZDnDwOJVdRvurbbmGDxXsZ89rn5A/sXfte+M/j34C8Z/C3xLo9jY2vgvwaqW09qsvmzmCE27NKX dkG4BSFUDnPOOB8Rf8EoR/xlWP8AsBah/wChQ1/SnpukaVo1v9k0eyhsYM58uCNYkz67VAFaFes+ JqUYYinRo8qqpddtN9tb/I6f7QilOMYWUvM/H7/gsT/ySPwGf+o5L/6SvXQ/sN/DTT/jD/wTy1D4 Y6pIYIfEcusWolHPlStLmKXHfZIFbHfGK/WCiuJcQSWBhg4xs4y5ua/r0t59zL661RVJLZ3ufyuf Cj4mfHX/AIJ1fGHWLLxL4XLC+j+y31hd74re+iicmKe1uVUg7STskUOuGYFc9PXLb9q79tf9rP44 Wo+BdxfeGUdIrZLDTpHk02yhDMzXF7JIhiJ5O6RkBICoqk4B/o41HStM1i3Npq1nDewE58ueNZEz 67WBFO0/TNO0m3FppdrFZwL0jhjWNB9FUAV7NbjChUbrTwsXVatdu6+639dzqlmkH7zprm7/APAK nh2w1LS9A03TNZ1F9X1C0toYbi9kRI3upo0CvMyRhUUyMCxVQFGcAYrYoor4WTu7njs/lc/4KO/C 3/hWX7VPiWa1h8rTvFyx67bYHBa7yLj2z9pSU/Qiv0B8Gfs6/a/+CUmp6QbXGsataT+MVwPmMkEg niK+pksoVT/gWB2r9oqK+yxHGVWdChRUbOm4u99+Xbp/mepPNJOEI2+G3zsfyW/sI/Cz/hbf7UXg vRLmHztO0i4/ti9yMr5On/vlDDuryiOM/wC9X9Bn7cn7ON9+0t8D7nwt4dMa+JdGuF1PSvMIRZZ4 kZGgZyQFEqOygk7Q+0twCR9jUVzZvxXVxOKp4qEeVw2V7/otyMTmMqlSNRK1j+Wj4FftVfH/APYX v9b+HGr+Gs2dzOZ5tI1mKa3aG5AEZmgdcHDqoBOGRwAV9Sy10D9oz/gpB8cU8S3dgUswYbWe8iia PTNH09XJ2Izt87Dc7BNxkkYk8DJX+ofU9F0bW41h1mwt7+NDlVuIklAPsHBq/FFFBEsMCLHGgAVV ACgDoAB0FepLjampSr0sOlVatzX/AEt/XmdDzaN3OMLSfU/Kz/gpP4P0f4f/ALEWg+BPDysumeHd Q0ewtg53P5NtBJEhc8ZYhQWPc81n/wDBH0f8WA8XH/qZ5v8A0itK/WeivBefN4CWCcbty5ua/wCl v1OP65+5dJrre5+PH/BYsH/hVXgE/wDUan/9Jmr0b/gn/wCCNM+JX7As3w91p2isfEh1zT5XTG9E uXeMuueNy5yPcV+oNFN5+/qEMFGNnGXNzX9elvPuH1x+xVJLZ3ufyieGta+Pf/BO349XNxeaSsV6 kctpJFdIxsNW093BDxSKRlSyK6sp3Iw2sPvobv7VHx9+Of7WGhaf8VPFHhv+xPAXhy4GnWn2cP8A ZPtt4pd/3smDNKyw87RiNQAQC2W/qg1HS9N1e2Nlq1pDe27EExzxrIhI6ZVgRVmCCC1hS2tY1hij AVEQBVUDoABwBX0C44p+0jiJ4ZOqtOa/T7tPxsdqzePMpun73c/N/wD4JUD/AIxQt/8AsNaj/OOv 0loor4zMsZ9YxE69rczbseXXq883PufzIf8ABVQH/hrG899H07/0F6/oenB/4UrIO/8Awjx/9JK9 Ror08xz36xQoUOS3s+t99vLTbzN6+M54Qhb4T+ZX/glOP+Mr4P8AsCaj/wC06q/tJ/Bz4s/sVftM N8YvA1hL/wAI8mqNqujaj5TTWiidiz2Vyy42kBniKsys8fzKeeP6dKjliinieCdFkjkBVlYAqwPU EHgg17M+NpPFyxHsvdlHlcW73WvW3n2Op5s/aOfLo1Zo/m2+LX/BSL9of4+DQPBnwl0i58Hailws rLoU891fX04QqI12IreVyWMW1skAknbX66fDr4L/ABd+In7I2p/C/wDaX8QS6n4s8YWdyJnkWHdp vmgfZYi0CIJGhZFkctuO8su4qAa+wdM8O+H9Fd5NG0y1sGl5c28KRFvqUAzWxXl5jn1KcIU8JRVN Rd77u/qc9fGRaUacOW33n8rnwo+Jnx1/4J1fGHWLLxL4XLC+j+y31hd74re+iicmKe1uVUg7STsk UOuGYFc9PXLb9q79tf8Aaz+OFqPgXcX3hlHSK2Sw06R5NNsoQzM1xeySIYieTukZASAqKpOAf6ON R0rTNYtzaatZw3sBOfLnjWRM+u1gRTtP0zTtJtxaaXaxWcC9I4Y1jQfRVAFerW4woVG608LF1WrX buvut/Xc6ZZpB+86a5u//APiL9tH9mrxR8eP2Z7fwVp9++t+NfC32XULS4kEUDald20LQzhwoSND cI7sANqiTaOFzX4n/s4/tnfGT9jOPXvhnc+HY7+zku2ml0vVFltp7K9CiOQqQAy7gqh0YEZUFdpL Fv6mqzLzRNG1G6gvtQsLe5ubU5hlliR3jP8AsMwJX8K8/KuJY0cPLC4mkqkG72vazMMNj1GDp1I3 R/H/APtG618YvG/j/wD4Wp8adNl0vVfG9umo2kckZgX7CrNbw+TE5LpEBEQm7lgN+W3bj/Wl8JRj 4VeDAf8AoC6d/wCk0deg0Vnn3EaxtKnSVPlUL7PS3TS2lhYzHe1jGPLax88ftY/DrxD8WP2dPHfg DwmN+sapp5+yx7gvmywSJOIgTwDJ5eznA+bkgc1/Ol+yd+1Frv7FXjfxUuu+B/7XudUhis7u0upG 06+tJbZ2YKHeGVkBLHzIynzEIcjbz/VpWXc6Hot5exand6fbz3kH+rmeJGkT/dcjI/A0ZNxDDD4e pha9LnhLW17fj8kGFxqhCVOcbp/I/ki/ar8Z/GD4tePbf41fFbw7N4dg8X24OjQvG0cX2C1wiiIu A7qC24uQN5YsPlIA/qd+BninTvG3wZ8D+LNJfzLbU9GsZl9VYwKHU+6sCp9wa9UoozviKOMo06Ma XJybWd1bta3prcMXjlVhGKjawV/LV+y4D/w8N0MY5HijVf5XNf1K0Vz5Nnn1SnWp8l/aK29rb+Tv v5GeFxfsoyVr3Vj88P8AgqN/yaJrn/YR0z/0oFfOn/BJDRrDxF8DvidoGqx+bY6nqYtZ0zjdFNZh HGe2VY1+zVFFHPXDL5YFR3le9/Tpby7jjjLUXRt1vc/lfuNG+OP/AATk/aL/AOEjj0prmztZJ7e1 uZ43+waxpsx+75qYAcqFYqDujkUZBAw3qHjz9u79q79p74haBonwKsb/AMK3FsGSHTdDnkuHuJJm UNLdyFERkTAwXRUjBYk8k1/SPd2dpf272l/AlzBJw0cih0b6q2Qaq6XomjaJEYNFsLewjbkrbxJE pPuEAFe7LjGjUarV8MpVUrXvp91v67o63mkZWlOmnLv/AMA8o8E/D/xXqPwItfhx8btX/wCEn1zV dJmstbu9kaCV7xGWZFESIhWNX8tW2gsFDN8xNfyO6l8M/Eum/Fa4+D0kW7XoNZbQ9mCA10Lj7MMD 0Z+nsa/tMorz8g4rngZVXyX59bbJPXy89tDHB5i6Lk7XufiF/wAFWvgrp3hr4QfCvxL4eg22ngzH hskDn7K9uptt2OgQ27Ae7+4rjv8Agj58LPt/ivxp8ZL6HMWk28ej2TEZBmuiJrgr6MkaRj6SGv3u opR4rqLLngHHf7V+jd2rW/UFmMvYOjb5hXK+OPBugfETwdrXgTxTB9p0nXrSazuUHBMcylSVPOGG cq3YgEciuqor5aE3FqUXqjzk7ao/lQ+Lf7PP7Rn7D/xPTxj4ba9isdMnaTS/Emnxlrd4myAs+Ayx uyZWSGUbW+YDenJ9K1//AIKr/tT694ak8OWo0TSbmeMxHUbKylF6N3G5PMnkiVvQiLjqMGv6ZGVW UqwyDwQehFc9beEPCdldjULPRLGC6B3CWO2iWTPruCg5r7z/AFzo1YxeMwynNddv0f8Al5Hsf2pG SXtaabXU/nT/AGLf2GfiR8a/iDYfFT4xabdaf4MtboahO+pK63OtTb/MCKsvztFI/MsrcMpIUliS vT/8Fa/jGfFXxf0b4P6bNmw8E2onulB4N/qCrJgjofLgEe09i7iv6J6K5lxlOWNji61O6imoxTsl frs7/wBdjP8AtRuqqso3tsj8x/2YP2AvgNH8BvB158V/BNtrPivU7JL++nuHnWRWuyZkhKpIoBij ZYyMdVJrM/az/YF+BqfADxbrHwh8GW+i+KdEtjqVtLbvM7yJaHzJ4dryMG3whwoxndt+lfqXRXkL iTGLEe39o972u7b3tbsc316rz8/M9+5/O3/wSU+MzeFfi5rPwc1ObFh41tjcWak8LqFgrPgdh5kH mbj3MaCvLv8Agod8MPH3wi/ao1b4pW9nNDpHiC8ttW0rUlj3Qi5jSMyRlsFRJHMhOw8ldrYwa/p1 qteWVnqNs9nqEEdzbyDDxyqHRh7q2Qa9mHGKjj5YyNKykrSV9/O9vJdDqWaWrOqo7qzR/OR8Vv21 f2iv2wfhLrnw78MeC4NM0bSrB9U8S31m0jq1rp6m4fc8uEgjZkDCPLO5AVWIJB9V/wCCNn/I2/E4 /wDTjpn/AKNnr93NO0vTNHthZaRaQ2VupyI4I1iQE99qgCr9ZYrimk8JUwdCgoRl5+aeumu3yJqZ jF05UoQsn5n8nvxrl8b/ALNX7a/iDxpc6XtvtJ8U3Ou6el0jrBd2s109xCwI2lkdG2kqeGyM5Br9 AP2g/j74g/aT/wCCcGofEvxNp1tpl+/iSC0eG0EghCQTjYQZGZidrDcc4JzgDpX7X6nomja3GkOs 2Fvfxxncq3ESShW9QHBwavQww20SW9vGsUUYCqiAKqgdAAOAK1xHF1Or7CcqPv02tb7pdNtL/OxU 8zUuRuGsbdT8hf8AgjsP+LP+Oj/1HY//AEljr4Z/4Kuf8nWP/wBgPT/5y1/TLRXNheKvZ5jPH+zv zdL+nW3l2Ip5jy13W5d+hx/w9GPAPhoH/oGWf/olK7Ciivk5yu2zzW7u4UUUVIgooooAKKKKACvA P2Tv+TWfg3/2Jnh7/wBN0Fe/14B+yd/yaz8G/wDsTPD3/pugoA9/ooooAKKKKACiviD9q39stf2Y df0LQ28If8JJ/bVrJc+Z9v8AsfleW+zbt+zzbs9c5H0r6N+C3xKHxg+GGgfEgad/ZP8AbkHnfZfO 8/yvmK48zZHu6ddorqqYKrGmq0l7r2EpK9j1KiiiuUZ5r8S/hrpPxE0c21yBDfwAm2uAPmRvQ+qn uK8I+DP7MZ8JeJpvHvxEuIdX1qJilhFGCbezi7FQwGXPc4rxT4+/8FEV+Bvxa134WnwAdaOiG2H2 v+1fs3m/aLeO4/1X2WTbt8zb985xnjOBe/Z5/wCCga/Hr4n2Pw3HgM6H9timk+1HVPtO3yl3Y8v7 LHnP+8K9N5PifZ+15fdtfdbfeR7RXsfo3JFHNG0Mqh0cEMpGQQeoIr4q+Jv7K+peJtcji8G6pHo+ iX0mb0HPnRRk/OkGOPm98Y7V9sUV5hZyHgbwN4b+HXhq08K+FrRbSxs1CgAcs3dmPdj3Jrkvir8K 9O+ImmGSLbb6vbKfInx1/wBh8dVP6dq8X/az/ayH7LkfhaQ+Fv8AhJh4lN6P+P77H5P2Pyf+mE2/ d53+zjHfPHxt/wAPak/6JWf/AAd//cNenh8nxNWCqU43T81/mQ6iWjPt74Ffs3R/D7VLjxx44ni1 fxVOSkToCYbOHskIbue7YzX1fXhv7OvxoHx++Fth8Sxo/wDYQvpriL7L9o+1bfIkMefM8uLOcZxt GPevcq4KtKUJOEt0WmFFFflT8TP+Cm6/Dn4ieJvAJ+G51A+HdRutP+0/2x5XnfZpWj37Psbbd23O 3ccdMnrW+EwNWu2qSvb0/UmUktz9VqK+B/2X/wBuJP2kfHF34LHgs+HTa2jXXnnUfte7aQNuz7PF jr13fhX3xUYnC1KM+SorMaknqgooornGFFFFAH//0/38ooooAKKKKACiiigAooooAKKKKACiiigA ooooAKK/Gz/gqB+0L8aPgt4y8Dab8LfFV14dttSsLua5S3WMiV0lVVJ3ox4BxX1TpPjj4ueI/wBg C08e+Gru+1T4h33hZLq3ntYfPvZr1h96OJEbc57AKfpXvSyCosPRxDkrVHZeXqdjwUlCM76SPuqi vyu/4J4eLf2tvEviXxlH+0nD4iisYLS0On/25p0lihlaR/M8oyQxbjtAyBnAxX6o1w5pl7wtZ0XJ St1WxjiKPs5uDdwooorzzEKKKKACiuM+I3jjS/hn4B8Q/EPW4ZrjT/DdhcahPHbhWmeO2jMjKgYq pYgYGSBnqa/Pn9jH9tnxr+1Z8avF+k3mlW2g+FdI0pbixso/31x5huETzJ5yBuYqT8qqqj0JG4+j hsqrVaNTEQXuw3ZvTw85Rc1sj9OaKK4z4jeONL+GfgHxD8Q9bhmuNP8ADdhcahPHbhWmeO2jMjKg YqpYgYGSBnqa4IQcpKMd2YpNuyOzor8xv2Mf22fGv7Vnxq8X6TeaVbaD4V0jSluLGyj/AH1x5huE TzJ5yBuYqT8qqqj0JG4/pzXbmOXVcLV9jWVpaP7zWvQlTlyy3CiiiuAxCiiigAor8t/+Cmv7UXi7 4G+FfCvg34Yay+jeKPEFzJdzXEIRpIbC2G3bhwwHnSuMHHSNhXzB/wAE8f21/it4z+On/CtfjP4p n16y8T2kkenNciNfJvrceaoBRV4ljEi4PVtgFfTYfhXEVME8dFrlV3brZbs74ZdOVL2y2P3noor8 mf8AgoV+3b4s+A+t2vwh+EBht/E1xapd3+pTRrN9ijlJEUcMbgoZWC7mZ1ZVUrhSWyvlZXldXGVl QorV/cvNnPh8PKrLkgfrNRX8y2mXn/BUXxJoqfEfSrrxvcadNH9ojZJZEEsbDcHjs8qXVhyu2Igj G3IIr6G/Yn/4KM/EzVPiVo3we+PV0ut2fiC4WwstTaFYr23vZnCQxzeWFWSN3OzJTerMCWKggfRY rgqvClKpSqRny7pPVHdUyqai5RknbsfvHRRRXxh5QUUUUAFFFFABRRXy1+1v+07pf7K3w0g8c3uj Ta9d6leLp9lbRyLDGbh4pJQ00hyVjCxnO1WJOBgZJHRhcLUrVI0qSvJ7F06bnJRjuz6lor44/Ya+ OnjX9on4L3PxI8eC2j1CbWL23jitI/KhhgiEZSNQSzHbuPzMxJ7mvy2+NP7V/wC0R4d/bf1D4b6J 43vbTwzD4osLJLFFi8oW8kkIePlC2CGOec817WC4ar1sRVwyaUoJt/I66WAnKcoX1R/QhRRRXzpw hRRRQAUUUUAFFFcZ8RvHGl/DPwD4h+IetwzXGn+G7C41CeO3CtM8dtGZGVAxVSxAwMkDPU1UIOUl GO7Gk27I7OivzG/Yx/bZ8a/tWfGrxfpN5pVtoPhXSNKW4sbKP99ceYbhE8yecgbmKk/Kqqo9CRuO J/wUO8Xftc+G/FXg6H9m2DxFLp81lctfnQ9NkvkEwkUJ5rRwy7TtzgEjjNe5Hh6ssWsHVajK19Xo tLnYsDP2nspOzP1UorxX9nK+8dal8C/BF/8AE1btPFVxpkD6kL6IwXQuSPn82NlUo3qCox6V7VXj V6XJOUL3s7HJONm0FFFFZEhRRRQAUV+Sf7WX/BRHxD8M/i+fgJ8L9ESHVbK9srfUdWvgJFUXIil2 2sAOCdkgBkkPByBGeGr7/wD2kL/x5pfwJ8bah8L1u38VwabK2mixhNxdG4GNvlRBXLN1wApPtXrV clr01RdXRVNvTTV/edMsLOPLzac2x7bRX5Xf8E8PFv7W3iXxL4yj/aTh8RRWMFpaHT/7c06SxQyt I/meUZIYtx2gZAzgYr9UaxzTL3hazouSlbqtiMRR9nNwbuFFFFeeYhRRRQAUUUUAFFFFABRRRQAU UUUAFFFfLX7W/wC07pf7K3w0g8c3ujTa9d6leLp9lbRyLDGbh4pJQ00hyVjCxnO1WJOBgZJHRhcL UrVI0qSvJ7F06bnJRjuz6lor44/Ya+OnjX9on4L3PxI8eC2j1CbWL23jitI/KhhgiEZSNQSzHbuP zMxJ7mvy2+NP7V/7RHh39t/UPhvonje9tPDMPiiwsksUWLyhbySQh4+ULYIY55zzXtYLhqvWxFXD JpSgm38jrpYCcpyhfVH9CFFFFfOnCFFFFABRRRQAUV8a/t8/EPxp8LP2YvEnjP4f6rLout2lxp6R XUIUuiy3caOBvDD5lJHSvA/+CYHxr+Kfxp8GeOdR+KXiK48RXOmX9pFbPcBAY0eJmZRsVepGea9i nktSWCljk1yxdrden+Z1RwknSda+iP1Gor8D/wBpr/gov8ZfGfxTuPhB+y3us7S3vf7PgvLW2W61 HVLlW2MIVkV1SIvkJtTewG4sAdo8z8X/ABB/4Kh/s26Zb/EP4iX+qw6I80Zke9ex1S1BcgCOdYmm aBXOFGTHycKQ1ezQ4KxEoxdSpGMpbRb1fyOqGVTaV5JN7J7n9HlFfHn7GH7V2n/tV/Di51y5sk0r xPoMqW2rWcW4wq0oLRTQliT5coVsKxLKyspJADN9h18vjMJUoVZUaqtJbnn1aUoScZboKKKK5jMK KKKACvAP2Tv+TWfg3/2Jnh7/ANN0Fe/14B+yd/yaz8G/+xM8Pf8ApugoA9/ooooAKKKKAPw//wCC rv8AyP8A4E/7Blz/AOjhX6OfsWf8mweAP+vH/wBqNWT+0j+x/wCD/wBpXWtH1vxNrd9pUmjW8lvG toIirrI+8lvMVjnPpXu3wn+HOnfCT4e6L8O9Iupb200SHyY5pwokcbi2W2gDPPYV7mKx1OeDp0Yv 3lv+JnGL5mz0SiiivDND+aj9vcM37XXjhUxuL6YBnpn+z7brmvrr/gnxoes6V8U72fxlPpEry6fi wEH2Mzh8gtt8lQ4+Xrz9a+pvjP8A8E//AId/Gv4l6x8Tdd8RanY3us+R5kNuIfKXyII4Bt3KTysY Jyepq58EP2C/h98DPiDZ/EPQPEGpX95ZxyxrFciHyyJRtOdig8V9hWzehLCKjza8qW3Wxgqb5rn3 XRRRXx5uefePvhf8PviTBbf8J5oFrrn9miU232lN/lGULv2+m7YufoK/mf8A2YPD+j+Jf2hvA/h3 xFZx32nXupxxT28o3JIhzlWHpX9T7LvUqe4xXwB8Ov8Agnl8Mfht8RNH+JGla/qdxfaNdi7jil8r yncZ4bCg457V9BlGZxo0qkJt6rT8TKpC7R9u+E/B/hjwLosXhzwfpsOk6ZCzulvAu2NWkO5iB7k5 NdJRRXgSk27s1Cv5V/2kEmk/aT+I0duN0reJtSCAgEFjdPjrx1r+qivzp8a/8E4fhv43+Ies/Ea+ 8U6tb3mtalNqUkMaweWkk8plKrlCdoJwMnOK93IcfTw85SqPdGVWDexS/Ym+Gnx98HeMfEGo/GfR LLT7WSxRLOSCysLZ/NMg3DdaxRsRt7E4r9I6KK8rF4p1pupJJehpFW0CiiiuYYUUUUAf/9T9/KKK KACiiigAooooAKKKKACiiigAr5y/aq/aC0r9mj4Oap8SLyFLzUN6WWl2jkhbm/nDGNGIwdiqrSPg g7EIByRX0bX5Bf8ABYiLUj8HfA08R/4l6a86zD/ps1rIYv8Ax0SV7HD+DhiMbSo1Nm9fz/E6sFSU 6sYy2PhfwR4n/wCCiH7Zepaz4k8AeJ9XSwsJv3xsdS/sXT4JSNyQRBJIgzKuDj5mAwztkgn0T9lj 9t34/wDwl+OVr8Fv2g9Tvdc0u51L+x72PVH8++027eQRCVbj5pJEV8b1LspTLJzjP3j/AMEodQ0e 6/ZZNnp7J9rs9cv1vFUjcJXEboWHXmMoAfb2r3vXP2pP2S/h/wDFfWfA+v8AiHTdD8bQSwx3zPZS o8kksSMga7SExu2xlBBkyPunGMV9pmObRdavgVhFKMdFyqzVut0n+R6tfErmnR9ndLtv6n5d/wDB Y/8A5KB8OP8AsF3v/o9K+1NC8Sa94P8A+CYNj4n8L38umatp3g2OW2uoG2SxSADDIw5BHrXxX/wW P/5KB8OP+wXe/wDo9K+uZ/8AlFIP+xJT+QpVYp5ZgE/5/wBWEl/s9H1PHf8Aglf8bfi58V/F/j6z +JXi3UfEsGn2NlJbpfXDTLE7yyBioY8EgAGvK/2vv26PjR49+M8/wE/Zqvp9OtLK/GlpcaZxf6nq AbynVJescSyZVdhG7BdmKkBX/wDBG7/kePiV/wBg6w/9HS1+dHwf074t6p+0bp2m/DbVIdI+INxq V4lrdzukaJeFZfMG6RXUFxuVcqcsQBzzXtU8qw7zPE1ZRj7kYtJ/Ddrd/cdSw8PrFSTS0S9Nj628 Z+JP+Cif7F93ofjL4geJtTu9L1CfCrf6kdasJZsF3tpw8jlGZQT8pUnBKPlSR+qXiX9pef4sfsE+ Jvjv4Bu30HXE0iYSi2kIlsNRgZUmRH6jBO5DwSjKe9fnz8a/2ef+Cg/jPwhFoHx1+IOhP4enu4jG mp6pZ2kL3aqxjCuYY8vt3YUNkjPHFex+Cfgj8QvgL/wTu+NXhHx7NYXAvzc6jZyaddLdxGOWG2ib 51AA+aLOB65rzcxhha1OjUnKDqqaXubNXMK6pzUJNrmutuqPiH4H/tPftz/E+41T4P8Awv8AEepe JPEHiXyZRdXE6vcWNtaCTzjFNcMI7dJPMXfIcNlUVDuIBzvGHxa/bp/ZB+J1vpfj/wAZaydT2per b6jqMmrafewMSucSSSIysVZWxtdSOqkA19Of8Eb7SF/H/wAR79lBmh0yyiVu4WSd2YfiUX8qP+Cy ESDx98N5wPnfTL5SfZZkI/ma9j61R/tZ5eqMeRrXTVvlv91tDp9pH6z7HkVn5eR9E/tueJPjX8a/ 2TPBnxR+DS3Vl4e1XSLjVPFMFvdxW6Jp81ojyRSrJIjTIp8xdqBicdORX49fsveGf2nvE/ijV7b9 l2a+h1uGzD3xsb+Cwc2vmKBueeWJWG/HAJPfFfuZ4e/5RYy/9k/vf/SaSvhX/gjsR/wuHx0P+oCn /pVHXnZVjvq+X4pQhFqnJpXW+vXuY4atyUKlkvdf9XP3/wBFS+i0awj1Mk3iW8QnJIYmUIN+SOD8 2ea/Of8A4KcaJ8dNW+Dltc/CSS6TQbCLUZvFAt7uK2RtNEAyJUkkRpUwH+RAxPp0r9K6+ef2tv8A k1/4rf8AYs6r/wCkz1+dZLiXTxlOoknr1210/wCGPDwtTlqxlbqfzI/sveGf2nvE/ijV7b9l2a+h 1uGzD3xsb+Cwc2vmKBueeWJWG/HAJPfFfuB+3R+2f4g/Zk8GeHvA3hARS/EXxBZLNJPcBZksIFHl tcFDlZJHlDCMHKZVmYEAK3xD/wAEdiP+Fw+Oh/1AU/8ASqOvJv8AgqvBqMP7V9xJe7vJn0XTnts9 PKAkU7fbzFf8c1+o46jTxmcxw1aK5YK/m9Fo+6R9DWjGrilTmtEr+ovhHQ/+Cmfxi8NP8aPCeueL L7S28yaCSPWTZi4VM7za2XnxeYnGAI4trH5V3EYr6k/YT/4KD+Pdb+IGn/Ar9oG7F/JqsptNO1W4 TyryO+LYjtbrAAcSNlEYqHEhCsWDZT9dfghe+HdQ+DXga78JNG2jPomn/ZPJxsES26BVAHA24wR2 IIPNfzOfFmay1v8A4KA6k/w2eMm68c2y2bw4MZvDeRqzrt4INxuOR1657152BxNLNPrGGrUYxUU2 mlZq3f8ApddDno1I4jnpyglbbyP6tKKK+U/21vjL/wAKN/Zw8WeLbSfyNXvof7L0wg4f7ZfAxq6f 7USb5v8AgFfmWEw0q1WNKG8ml954FKm5yUV1PwJ/aW8Vat+19+2pcaD4Xm8+1vtUt/DekOPnRLWC TyjMP+mbOZLg+isazf2sfhdefsg/tVA+AQ9jY2Utjr+guxLbUDBtpPcJcRyJjPKgeteCfBHxx8SP hV46sfid8MtO+2axo/mpDI9m15FE08TRMSoBAbY5weozXof7RPxx+PH7Q0mk638XdKCt4djmjhuI dNa0xHcMhKyPjBAZRtz0JOOtfv8ATwlWlWp0advYxjytX1v6fL8WfaRpSjOMV8KVj+rH4YeP9H+K nw78OfEbQDmx8RWMF5GucmMyqC0bH+9G2Ub3Br8Hv+Cr/wAC/F+kfFqH452FjJd+GdftLa2urmMM 62t5ar5QWbAwiyRhNhJwzBh1HP0t/wAEi/jR/wAJB8PPEPwQ1Wfdd+Fp/wC0dPVjybG8b96ij0in yx95hXVfHP8A4KX+H/hZ8Xdb+CPir4aSX1npt6ljf3VxfoI3tJgrGYW32aTerQuHCFhuBwSK/Nsr weLwOa1IYanz8t9LpXi7W3+XzPBw9KpRxElTV7fkfJXwd/4K5fEHwppdh4f+K3hO28Uw2kaQ/brK Y2V2yIMB5IyskUj4/uiIH+f0X8CdN/4JyftPfFCbxj4e0i80v4i3t++snT9RvLqyma7En2h5bdYJ /Ikw4L7I2JABJQDNfTXjn/gn7+yF8YbFPEGneGotFbU4lnhv/D0/2SN45V3JJHEu+1IYEEHyjke1 fzzfG3wTJ+zB+0drHhTwH4iOpT+CtQt5rHUY8LIkqpHcKr7CV8yFm8uQDjcp4HQe3l1LAY91I4Hm o1La2bS+dna1/Q66EaNa6o3jI/sFryD49fEjV/hJ8I/Enj/w9odx4k1bTLfNnYW0Ms7zXEjCOPcs QL+WrNukIxhAeRXqOl3Ut9plpezxGGW4hjkaM9UZ1BKn6E4rwX9qT9oDTP2afg/qXxNvrE6pcxyR WljaBtgnu587Fd8HaihWdiBnCkDkivzHA0ZTrwpqPM21p38rngUYNzStc/CzwOf+Cjv7W+ra3rfh vxVrllBpkwjucak+hWUMzDcsKQRNECwXGcIxGQXOSCdD4BftX/tR/An9o/S/hF8YvEOoa3ZvrMGj 6vp+r3J1B4ftEqxebDcOzuCm8Ou1yjr2III7X4beP/8Ago5+2+NU1PwH4vj8MeHLO4+zTXFtIuk2 kEzKHMSSQI945VGBPzPtBGSMjPxJrfgTxJ8N/wBrSx8B+MNbXxFreleI9MivNQWSSUTzNLC7HfL8 7FS20luciv2ilQp1XVw1eNPSPwxV3H1dl+SPqowUuanNR22XQ/aD/gqd8WfiX8KPAvgW++G3iW+8 N3GoaldR3EljM0LSokIKqxXkgE5xXvP/AAT38ceL/iL+y54d8VeOtXudd1i5utRSS7u5DLM6x3Ui ICx5IVQAPavkT/gscp/4V18OmxwNVuxn6wLX0X/wS/njm/ZA8ORowLQX2powHYm6dsH8GBr4XFUI f2DSqKK5ufe2v2up49SC+pxlbW/+Z+b3xi/aR+PWj/t233gLSvHmr2nhyPxbYWa2Ed0624t3mhVo ggONpBII75ra/wCCr+ifHSLx6mv61JdH4VTy2UOmI13E1sNSFq5lK2wkMivgSZdkAPIB5Gfmr4xa ja6p/wAFEtSu7KRZYh47s4tykEbobuKNhkejKRX6df8ABYP/AJIJ4Q/7GaL/ANIrqvqY8tDGYFQg vejZ6eS19T0FaFWjZbo+Rv8Agmz4W/asuvFnhTxJ4Wnv1+DcGqXY1NE1CCO0MwtyH3WjSiVjvMfK xnnB7Ej5f/bB1+78K/tueOPFGnokt1o/iCC8iSUExtJbiKRQwUglSVGcEHHcV+yv/BKEg/sq/TXt Q/8AQYa/I79o+0gv/wDgoXrdjdIJIbjxdp8bqRkMryQAgj3BrXLMb7TNsTzRSUYtadbPr5l0KvNi al1sv1PV/jCv/BS+z8GH9ovxxr2t6FoTGO7Nvp+p/YxZQ3JAiL2NvICifOFIdS6/8tMHJr9Bf+Cb n7WfjD45eC/FHhn4sXy3mseClt5hqUgWN7ixnEnM5GFLxGM7nwNysucsGY/Uf7asayfso/FFXGQN EuD+K4I/UV+Kf/BOX+0j4O/aKXRzi/Pgq5+z/wDXbyrjy/8Ax7FeLCrTzDK6s504xcZJKytZXX+Z yKUa+Hk3FJp6W+RsfFf9sz9pv9qz41f8Kv8A2ab+90XR5ria30uDS5TZ3V1DHkm7urklWjBRS+Ny Ki8HLfMcTVPjV+3h+wz480a1+LOsXmvabfI0kdpqt82qWV9AhAlWK4ZnkjkjJHQqykqSrIcN8x/s g6J8ePEPxZk0z9nPW4NB8XPp1wwmnkji8y2V4zLGhljkBY/K2AM7VJzgGvsX45/sxftz/EVND0f4 +ePfD1yI5Jn0yHUtXtLRmkIQS+SPKjLkDZuAzjI9a+kr4fCYerHCSVNU7ap/G99f68zvnClCSpvl 5bfM/WP43fGUeI/2LPEnxt+FuqTWDX/h/wDtCwuoW2T27vtBXcPuyRtuRsdGBFfh/wDA/wDae/bn +J9xqnwf+F/iPUvEniDxL5MouridXuLG2tBJ5ximuGEduknmLvkOGyqKh3EA/pjc/DTxp8Hv+CYP in4c+PGtZNS0jStS2tZzi4haG4vHuIyJAADxJj2r5Z/4I32kL+P/AIj37KDNDpllErdwsk7sw/Eo v5V85lcMPh8Di6sYKahP3bq/a3+Zw4dQhRqSSTs9D5j8YfFr9un9kH4nW+l+P/GWsnU9qXq2+o6j Jq2n3sDErnEkkiMrFWVsbXUjqpANfpL+254k+Nfxr/ZM8GfFH4NLdWXh7VdIuNU8UwW93FbomnzW iPJFKskiNMinzF2oGJx05FfO3/BZCJB4++G84Hzvpl8pPssyEfzNfaHh7/lFjL/2T+9/9JpK3xeJ hKjgswVOKm5WemnVf8FdiqlRONKtyq7Z+Gf7L3hn9p7xP4o1e2/Zdmvodbhsw98bG/gsHNr5igbn nliVhvxwCT3xX6d/8FNPjX8a/hHrnw00vwT4v1Lw5JeaPM98llcGIS3CPGpZyhwxHPP5V5N/wR2I /wCFw+Oh/wBQFP8A0qjrZ/4LH/8AJQPhx/2C73/0eleli6yrZ5Tw84JqKfTV3j1726HRVmpYtQaV l/kfpX8MvjpH4C/Yh8OfHb4n38+qS2Ph6C9u5pX3T3dzJhIk3nPzzSsqAnjLAnivxp0r42/t5/tt +PdUsPhdreoabb26CWWz0e8Ok2FjbsSEEkwdGcsQcb3Z3wcDaMD68+OUWpSf8ElvBz2BxBFZaE11 7w/aFUf+RTHU3/BG7UNHPg74k6XGyDVUv7CaRcjebdopFjOOpAcP9CfevEwlKlhcJisfGmpTU2ld XSV10+f5HJTjGnTqVlFN3sfJHgj9rr9rP9kT4z/8IH8dNU1HxDY2M8Sappmq3P8AaEht5VDLNa3T NI4Oxg6bX2MflcZzt+9f+CiP7Vfxi+HGmaD4V+BVrfWdrrdkuo3niKCykkjWCYlYoIJnjMaOwBd2 HzqCm0qSa+wPih+0f+y58IPibb+H/ihrVhovjCeyiuI55rGWWQWzvIsYa6ihcJ8ysQrOMA5xg5Pw 9+3L/wAFE9f+FWtWHw5+A5tn1C7sLbUbjWpoxcIkN7H5tultE/yFmjZZC7hlwwAXOSMcPOWNxdCr HBq9ru+kZee3T57oiDdWpCSpf5Pz2PiXxR8Mv+Ck3gv4aS/HLxF4w8TWmk21vHeTqfEk5u4bZ8ES SW4nJCjcNyfeUZ3KADj7o/YH/ai+Mf7QXwr+JXgPxRfNq3jDw1pxk0jUR5cNzMbuKZI0kb5E3xSo m2Q4zu+Y8ZPyl8V/gP8At+eMPgx4h+LHx9+ITaf4e0/Tn1CbRri/dHnXaGSNrO0RbVWbIG1yCpOC ucgdb/wRvX/ivviQ3ppliPzmevYzWNOtltWrLklKDVnBaLVaX6nViFGVCUnZtdj8y/ivo3xm0r4z ajovxYkuX+Isd1bLdNcXUdxcfaHjjMGbiN3QnYY8EPgDAyMV+43gwftdfCj9i74x678edV1Oy8ZW aTXGk3U+ow3lzDAIYgGjlt5ZQnz7sAkHOTjvX5mftqnH7fnikntrGj/+ktpX76/tsf8AJqHxQ/7A s/8AMVPEOYOcMFBwjafK3pt8Oi7LUWOrXVJNLW36HwB/wSv+Nvxc+K/i/wAfWfxK8W6j4lg0+xsp LdL64aZYneWQMVDHgkAA1x37df8AwUE+I2mfEfUfgZ8AL1tKXR5vsWo6nbxiS9uL7O2S2tiQ3lrG x2FlHmGQEKQo+bn/APgjd/yPHxK/7B1h/wCjpa+NvgtLp2i/t7aK/wAQGSNbXxrOly1xgKt2LqRY 2fd0xPtOT0PNaf2Xh3mmJqyppqnFNRtpe3b5fiV9Xh9YqSa+FbfI9S8T6L/wU0+CXhQfGDxPrniu y0jEcs8k+sf2gbdXxsa5tGmmMa8gHzIwFPyttJxX6rfsDftp3H7Tmh6l4S8dx29p468PRrNL9nXZ Hf2ZKp9pVOdjo5CyqPlBZSuA21fsH45Xvh3Tvgx46vPFzRro0eiah9r83Gxomt3BXngls4A7kgDm v58f+CUEGrTftVGTTji3g0HUHvPeAvCqj/v80ZryPbU8zy6vWq0oxlT1TirfL+u6OXmjiKE5Sik1 2NX9pr9rr9oH4W/te+LLfw/4y1FtD8Oa5FJFpD3MgsZIYRG5t3jUj90+CrAYyCaqfFyD/gpXpngw ftF+PfEPiDRdElMVwY7LVPsgs4rggRM9hayKIkO8KQybhnEgBrzb9oq0h1D/AIKF63YXKh4bnxhY ROp5BV5YFIP1Br9/v21okm/ZQ+KKSDIGiXDfiuGH6ivUxeNp4T6nGFGLc1G7a1tpt9501asafsko rW1/wPl7/gmh+1T47+PfhfxJ4L+J13/amueEvsskGoMoWW5tLneoE23AaSNo8b8AsGGcsCx/UOvw H/4I3/8AI/fEj/sGWP8A6Oev34r4jjDCU6OYVIUlZaO3qkeTmlOMa0lFH4Z/8FRPjz8ZvhX8ZvC+ h/DjxlqfhzT7rQI7mWCxuGhR5jd3CF2C9TtVRn0FfP8Armv/APBRr47/AAtuPj7Y6zquleCtFtGk jXTNROmmW3sV2zTrDFKs1wVKMzySbiTu2cDaOm/4LB/8l78If9izF/6W3VfrP8PLO3t/2DPD9tEg WN/hxbswA4Jk0gMx/Ekk19asXTwmX4SrGlFyk7Xa6dfmekqqpUKclFNs/Ej4SftvftoeLtAi/Z/8 B6rN4k8TeIblItP1KfbNqsMW1jLGLiY7cEDcZpiWjUMdwGCmD49+JX7dX7IfxOsLX4geN9ZGqzRR 38cN5qkmq6fdwMxUhkkkkjYbkZGGFdf4SMqx7r/gk3aQXP7U080qhmtfD1/JGSPusZbePI/4C5H4 169/wWPRR8Q/hzIB8zaVeAn2E64/ma9ydShDNFgI0Y8sld6at2f4aHW5QWI9ioKzWp+rHiD9qDw3 4W/ZWtP2mtatvLgvdFtNQisQ3L3t5GvlWqtjP+ubYWxwoLYwK/Ebwn8RP+CgP7bnizW9S+G/iXUd Os9NZJZotN1B9G02z358mFWR1Z2O0kbi78bmPevoj9pgaif+CV/wj+xHEIl0b7V/1x+z3OP/ACJs r5j/AGL/AAZ+2p4p8Da7N+zD4stdE0aDUdt9byTwRym5aFCJCskMjbWTAByBlW44NeNk2XUcPha2 IjyqXO4pz2ST/r8DlwtCEKc5q17212Pbv2b/ANtj9oD4H/HSL4E/tR30+oafPfR6feSaowkvNMnm AEUy3Kk+ZAxZCxZmGw70Yc7qf/BV/RPjpF49TX9akuj8Kp5bKHTEa7ia2GpC1cylbYSGRXwJMuyA HkA8jPmvxD/Yt/az+KXxJu734h+MPDOr+NwkCXEcutW0d6qqi+TugjRWX5NpX5RkYNfcf/BXL7af 2dPAx1IKt3/wkNv5wU5USfYbndg+mc4reM8NDMsNUw/K5TTUrbJ6O67X79i06ar05Qtd72/NHyl/ wTZ8LftWXXizwp4k8LT36/BuDVLsamiahBHaGYW5D7rRpRKx3mPlYzzg9iR8v/tg6/d+Ff23PHHi jT0SW60fxBBeRJKCY2ktxFIoYKQSpKjOCDjuK/ZX/glCQf2Vfpr2of8AoMNfkd+0faQX/wDwUL1u xukEkNx4u0+N1IyGV5IAQR7g11ZZjfaZtieaKSjFrTrZ9fM0oVebE1LrZfqer/GFf+Cl9n4MP7Rf jjXtb0LQmMd2bfT9T+xiyhuSBEXsbeQFE+cKQ6l1/wCWmDk1+hf/AATT/ar8b/H7wn4j8HfE26Gp a94QNs8V+VCSXVpc71HnbcBpI2jIL4G5WXOWDMfp39tWNZP2UfiirjIGiXB/FcEfqK/Hb/glnDqN 0vxutdI3fbpvDASDby3nN5wTAHfcRivD9tTx+VVak6cYuDSVlayuv8zj5o1sNKTik09LE/7TP/BQ D44fGH4pT/Cn9mm9u9K0MXZ0+yfSl/4mWrTBtnmrKoMkaMwJjWMqdvzOTnC+beMtS/4KR/snwad4 68eeIPENrpl1On7y81Rdas/OPzeVcIZrhELgY+YDdztJIOOf/wCCYl74esv2ufD39vNGk09lqEVg 0uP+PtoDgKT0Zo/MUdznA5NfuN+37e+HbL9kX4if8JK0YiuLOOK3WTGWu2nj+zhAerCQBuOQAT0B Nelj8TSwGLo5dSoRcJWu2rt3dv6/Q6K1SNGpGhGCadg/Yw/at079qX4Yz6/fwQ6Z4o0CRbfWbOEn ykZwWini3EsIplVsBiSrK65IAY/j18d/22/2if2kPjK3w4/Z61bUNJ0Se8ksNGtdGka0u9QUEj7R NOrK43hS+NyJGn3uQzHr/wDglTY+JruH43HQn2xt4eiiHB/4/ZBcfZT+AWSvGf8Agl1e6PaftcaI mqMiT3OnalFZ7+puDCWwv+0Ylk/DIqcPk+GwmIxlaMFL2aTinra6b/ryFDC06U6skr8u33E/7Rkf 7c3wY+Fc3w0/aDv7jW/B/i97dYrm8uxqhhubSRbhY47reZI5PkwUclWXcVBK7l+4P+COaCT4efEm Ns4bUrIHBKnmB+hHI+or3b/gqre6Jb/so3VrqboLu71jT0sVYjcZ1ZnfaDzkQiTOO1eGf8Eb/wDk QPiP/wBhOy/9EPXJisf9ZyKpVcFF8yvZWT1Wv9djOpW9pg5StbXp8j7e+Fv7Dv7OfwZ+Ilv8Tvh5 oM+n6xaRTRQiS9nuYo/PXY7KJ3dt20lQd3Rj618Vf8FKP2zfBGm+DNf/AGa/BLJrXiDVQlvq9yhD W+nRxyLI0OeQ9wdu1lHEeTk7xtH6u/ES817Tvh/4m1DwrDJc61a6Xey2MUS75JLpIHaFUX+Ji4AA 7nivwQ/YV/Yj8WeK/jNe+KP2lPBOq2uk6NAb6GLV7aWKHUNQeVdomMoHmqo3OyHO443ZXKt4uQTp 1JTzDH1HL2drJvVvpv2/4c5ME4ybrVpX5dj6o/4JLfBPxj4F8B+Kfil4pt5NPtfG5sk023kBR5La z84m5Kn+GRpcRkgEhSw+VlJ/XimoiRIsUShEQAKoGAAOgAp1fN5vmUsXiJ4ias3/AMMvwODE13Vm 5vqFFFFeaYBRRRQAV4B+yd/yaz8G/wDsTPD3/pugr3+vAP2Tv+TWfg3/ANiZ4e/9N0FAHv8ARRRQ AUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAH/9X9/KKKKACiiigA ooooAKKKKACiiigArxD9on4F+Gv2i/hRq/ww8Sv9mF6FltLsIJHs7yLmKdVJXOMlWXI3IzLkZzXt 9Fa0K86U1UpuzWqKhNxaktz+ayx/ZB/4KE/s2+ItTi+EMd81pesIWvdCv4PIu0XOxnt5JFkUrk4M kY2knDY5PuX7J/8AwTl+L198WLH4x/tMD7FDpt6NT+xT3SXt/qN8jiVHuHjaVBGZPnfc5dyNpUBi w/eGivrcRxvi6lOUVGKlJWcktX+P9dLHpTzapJNWSb69T8hf+Cln7Lvx0/aA8X+CtV+Efhn+3rXS LC6hun+22dr5ckkqsoxdTRFsgHlQR619Fy/Bj4kt/wAE+x8D10j/AIrX/hFl077B9og/4+wB+78/ zPJ/4F5m33r7vorynxBWdCjQsrU3db3vvrr/AJHO8bPkjDpHU/In/gml+y/8c/2f/FXjjUvi74a/ sG31iys4bVvttndeY8Ujs4xazSlcAjlsA9q8o/bF/wCCdfxUu/irf/G39m5Vu21S6GpTafDcJZXt nf7vMee1kdo0ZWkHmDDq6ucKCMY/c2iuqPFmKWLljFa8lZq2jX33/E0WZVFVdVbv7j+bjxP+zh/w Uk/aZvNJ8O/Fi2vZNO0x8RTavc2ltZ25I2mV0gO+VscbxHI+CeeTX6kXP7JNx8Mf2HvFX7PXwyi/ t7xHq1hO8spMdsb/AFK4Kb2zK6oihVVE3NwiKCSck/f9FGN4qr1lCKjGMYtNJKyuu+oVcxnKySSS 1sj8jP8Agmj+zB8cv2fvEvjrUPi74a/sG31i0sorRvtlndeY8UkjOMWs0pXAYfexnPGaZ/wUt/Zf +Of7QHirwPqXwi8Nf29baPZXkN0322ztfLeWRGQYupoi2QDyuQO9frtRWX+s1f699f5Vz9tbbW73 /En6/P23trK58k/DL4K+Ipf2MNO+AnjaH+xtZvPC0+i3a745vs01xC8Wd8TOjbCwPysQcV+G/hn9 jv8A4KA/BjxffQfDXQ9S0u+u43sn1DR9Rt4obi3Lg8TechVWKqw37HHBIU5r+n6itMt4pr4Z1bRj JTd2mtL/AHjoZjOnzWSdzm/Bqa5F4Q0OLxMpXWEsbYXoLiQi5ES+aN4JDfPnkE561jfFPwTH8Svh n4s+Hkk32YeJtKvdN83GfLN3C8QfH+yWz+Fd7RXzsarU+eOjvc4lJp3R/MD4Z/Y7/wCCgPwY8X30 Hw10PUtLvruN7J9Q0fUbeKG4ty4PE3nIVViqsN+xxwSFOa/Wb9rD9ivUP2o/hf4T1KS8i0b4neHN OhiM1wxkguWaNWntZ5I9xwJsskqhsEtwQ2R+jFFfTY3i/E1qtOulGM49Ut/W99Dvq5nUlJTsk0fz SaL+zl/wUw+Guk3Xwq8G2uuWWhXbSL5On6tbCyYSffaOTzwIg/U8oTn5hnNfbX7DP/BOnW/hF4st PjJ8cHt5PEFgHOm6RCy3CWkzfL9onmUlHlUZ2Km5VJD7iwAX9gaK0x3GWKrUpUlGMebdxVm/xKrZ rUlFxSSvvYK/Jb/gpP8AA/8Aaa/aD1fwl4U+EvhNtY8K6JDLe3E/2+xthJqE7GMKY7m4ic+TEmQw XH71hk44/WmivCyrMp4Suq9NJtbX2/Bo48PXdOamlqfHf7C3wD1T9nj9n7S/CXii0Wz8T6lcT6jq 0aukuy4mIRI/MjZkby4UjU7WK7txB5r6R+IvgfR/iX4D8QfD7X13af4hsbixmOMlVnQpvX/aQkMp 7EA12dFY4nHVKteWIk/ebv8AMmpWlKbm9z+fX9kr9kL9sr9nj9ovw745ufBO7QIrl7DU5o9U00pJ ptyfLkl8v7V5jBPlmVdu4lAMZ4r7E/bu/YCuv2h9Wj+Kfwtubaw8ZxQCG9tromOHUo4QBCRIARHM ijYCw2su0Ertyf1Gor3K/FuKniY4tJRmlbRPVed2zrnmVR1FV0TR/MZpf7PH/BS/4d6X/wAIT4at PFWlaScqtrputr9kUNy237PdGNA3fGM9691/Zc/4Jg/E7UPHem+PP2jIodI0XT7hLx9LM8d3eX8q tvVJmiZ40iZsGTLl2GVwpO4fv9RXdiOOsVOEoQhGLlu0tfzNZ5vUaaSSv2CvmD9r/wDZ+l/aV+CG qfDjT7yOw1dZor7Tpps+SLu3ztWUqCwR0ZkLAEru3YOMH6for5HC4mdGpGrTeqd0ebTqOMlKO6P5 wPhF8Cv+Cm/wGn1fwR8J9Iu9Fs9YfdclZ9Lns2ZRs8+OW4d1jcrjlNrkAZGVAGJ4l/4Jz/tk+E/i Bp3irQ9Ig8cX6yW+rXF/HqNpEpvzJ50sbm8nhmkYOMtJtAbORzmv6WqK+w/17xKm5xpwTe+j19Xe 56f9sVL3UV56bnxP+2x+zbrf7U3wOtdB0Ty9K8V6RcRapZQ3LjyzL5TJLaySJuUblc4cZXeq87ST X5C/Cf8AZ2/4KW/DYX/w3+HNlqnhLTNWm3XbLfWkdmrkBGmWYSOVO1QC0J3kADngV/SlRXm5ZxRW w1B4dQjKN7pSV7fiYUMwnThyWTXmfzg6b/wTe/aZ8A/Hvw7faTog8S+G9H1bSLybWVvbKBZQjQzX brBNcifbHJ5ijKbnC7gvIFfrF+33+zv4r/aQ+Bi+F/AnlSeIdE1GHVbSCWQRLcmOKWF4RI3yqzLK SpYhdygFgCTX25RRi+KsVWrUq87c1PbTf11/KwVMxqSlGb3R/P5+xt8Cv27/AIUfFjwvol/pGsaF 8P7PVvter2rahBHYujp5UrmNZj53y7TtQNkqDjjI0/jF+xX+0x4q/bRv/izoPg77V4Un8S2OoJe/ 2jp6ZtYXhZ38p7hZeArfLs3HHAPFfvhRXVLjLEe3liI04puPK9H3vffc0eaT53NJXtb+tTwn9p3w Z4k+If7P3j3wR4Ps/t+ta1pU9taW/mRxebK4+Vd8rIi59WYD3r8+f+Ca/wCy18cPgJ4r8cah8YfC 40Sy1qwtbe3LXlndiVkkdnUrbTSkAKf4gAa/XyivHw2dVaWFqYSKXLPV736ba+XY5aeKlGnKktmf z4fGr/gnb+0N8H/ixJ8TP2WC+oaZHdPeaeLK6jtdR0zzCcwlZWQSRqGKKULFk4dcZzx11+yB+33+ 1V4203UPjp59hbWq+T/aGsTWyR2sBYFxBZ2xyXbrhY1DEDc44I/pAor3KfHGLjFXjFzSspNe8dkc 3qJbK/fqfHvxK/Z7fQf2Mtc/Z3+EFgb+4g0NrCwheSKF7q4Zg8kjvIyRq8shZ2JKruY9BXyd/wAE 0f2YPjl+z94l8dah8XfDX9g2+sWllFaN9ss7rzHikkZxi1mlK4DD72M54zX650V41PPq8cNVwzs1 Ud23e99PPy7HLHGTUJU+5+RP/BS39l/45/tAeKvA+pfCLw1/b1to9leQ3TfbbO18t5ZEZBi6miLZ APK5A719gfDL4K+Ipf2MNO+AnjaH+xtZvPC0+i3a745vs01xC8Wd8TOjbCwPysQcV9bUUVc9rSw1 LDWSUHdPrfXfW3XsKWMk6cafRH8wPhn9jv8A4KA/BjxffQfDXQ9S0u+u43sn1DR9Rt4obi3Lg8Te chVWKqw37HHBIU5r7g/b6/Za/aQ+Pf8Awq3UPBPhj+3L/RtCNvq5N/ZQmK9fy2dS1xPH5mWDfMu4 H1r9nqK9etxriJ16eI5I80b9HrdW11+46pZrNzU7K6/rufKfwr+Bn9pfsh+HvgH8X9M8h5dAj0zU rUSRytDKF6pJGzxl4nAdGUkBlBHSvxl1f9hL9tr9m3x5da/8CJrnV7ZFMcOq6LdxW00sDnPlz2ks ofPALJiRMgEMeK/pGorhy7ifEYaVRxScZu7i1damNDMJwcmrNPofzv8Awo/4J1/tK/G74oL47/ag kn0rS5p0n1Ke9vY7rU79EAAiiETyeWMKEy5TYv3FOAK96/4KDfsFfEf4neObf4ufBCwh1VprO3sr /SVlit5kNovlRSweYUjZPKCqybgy7RtDA4X9pqK6pcZ4x4iNdWXKrKNtLP8A4Zdeho81q86n26dD +fy3/Z6/4KVftE+D7b4YfFrVJdE8GabEGUanJZo9w9sv7mORbX/SJ23BcNOdgPzliwGfZP8AgnH+ zR+0r+zz8WNevPif4L/snw7r+lGBroahYXBjuYZUkizHb3EjkMu8cLwSMkCv2foqcTxdXqUZ4dU4 RhLola3nvv6iqZnOUXDlST8j8F/2/P2Hvjt4y+PGqfGT4S6K3iPTPEMdrLNHazxR3Npc2sEduR5c jIzK4jV1ZNxBLA7cDPu/wq+F37ZPiz9k34yeCfjdbajqfirxNAI9Ch1PUbeWaQGLa8YLTFIF3KDh ygJJPvX640VEuK68sPToShF8lrOzvpa3Xy1E8xm4Rg0tLfgfkT/wTS/Zf+Of7P8A4q8cal8XfDX9 g2+sWVnDat9ts7rzHikdnGLWaUrgEctgHtXO/twf8E4PE3xO8bX/AMY/gS9u+q6uRLqej3Egt/Ou QMNPbTORGGkwN6OVG7LB/m2j9mKKz/1qxSxjxsbKT0a6Nff5dxf2jU9r7Vbn80up/s4/8FMPinol v8MfF9rrl3oFkYx5Op6tbraAR8IXZp8zBO33yOwr9fP2Kf2ONJ/ZT8J30mp3kWteMtf8s6hexIVi iijGVtrct8xjViWZiFMhwSoCqB9vUVWacVYjE0vYcsYQerUVa/qPEZjOpHkskvI/A/4u/sVftMeK P20774s6F4O+0+FJvE9jqKXv9o6embWKSFnk8p7hZuAp+XZuOOAeK/Xr9p3wZ4k+If7P3j3wR4Ps /t+ta1pU9taW/mRxebK4+Vd8rIi59WYD3r3aiuXGcQVq7ouaX7u1t+lt9fLyM6uNnNwb+yfkL/wT T/Zd+On7P/i/xtqnxc8M/wBg22r2NrDav9ts7rzJI5WZhi1mlK4BHLAD0r9eqKK5M1zSpjK7xFVJ N222008zLE4iVWbnLc/GP/gpF+yd8f8A4+fFzw34o+E3hb+3dMsNDSznl+3WVrsnW6nkKbbmeJj8 rqcgEc4znNfor4S8C+KdM/ZP0b4Z31l5fiS08E22kS2vmRttvo9NW3aLzAxjOJBt3BtvfOOa+h6K 6MRnlapQpYeSVqe29/nqXPFylCMHsj8Q/wDgnd+yD+0T8C/jzeeNPip4T/sPRpdEu7NZ/t9jc5nl mgZU2W08r8hGOduOOT0r0L/gpZ+y78dP2gPGHgrVfhH4Z/t610iwuobp/ttna+XJJKrKMXU0RbIB 5UEetfr1RXbLirEPGrHOMeZK1tbdu9/xNXmM3V9tZX/rzPjrwZ+zqfF37F+g/s7fFm0Om3j6DBY3 ao0U72d3Dh45EaNmjZopFVhtYqcYzg1+P+mfsk/8FBf2VvF+p3PwTS4ure9XyWvtGntpYLuJSShl tLk7g67jjfEdpLbGIyT/AEi0VOA4or0HUXLGUZu7i1dXYUcwnDm0TT6M/n++An/BOr48fFD4tR/F P9qvdZacLtb69hvLmO71DVZEIZYmETOscLY2uWYMEG1EAIZf0k/b7/Z28VftH/AtfC3gMRP4g0PU YdUtIJZFhW58qKWF4Q7fKrMspKliF3KAWAJNfbtFTiuJ8TVxFPEuycNklovl5iqZhUlOM+23Y/n8 /Y2+BX7d/wAKPix4X0S/0jWNC+H9nq32vV7VtQgjsXR08qVzGsx875dp2oGyVBxxkafxi/Yr/aY8 Vfto3/xZ0Hwd9q8KT+JbHUEvf7R09M2sLws7+U9wsvAVvl2bjjgHiv3wortlxliPbyxEacU3Hlej 73vvuavNJ87mkr2t/Wp4T+074M8SfEP9n7x74I8H2f2/Wta0qe2tLfzI4vNlcfKu+VkRc+rMB71+ ff8AwTT/AGXfjp+z/wCL/G2qfFzwz/YNtq9jaw2r/bbO68ySOVmYYtZpSuARywA9K/XqivHw2dVa WFqYOKXLPV736ba+XY5aeKlGnKktmfgx+1N/wTM+JVh8QL74n/szFLyzvbk3w0tLhbO9sLktvJtZ ZGRGjD5ZPnR04UBsA14rqn7K3/BRz9oa503w/wDFJNSl0vT5QqTa7qcItbcn5TKYlkaSRgv8axux HGea/pRor28Pxxi4QjGUYycdpNar8f66nXDNqiSTSbXXqfM/7Kv7M/hj9l34ZR+B9GnGp6peSm61 TUTH5bXdwRgYXLFY41+VF3HHLfeZifyS/ae/4JwfGXwj8Urr4m/szWp1LSbq7bUbe1sriOzvtIn3 +Zth8ySPeivzEYzvUfKV+UM39AtFeZl/EuKw9eeITu5fFfZ/10/yOejj6kJud733P5yvEX7G/wDw UB/aD8L3fin4v3V1eXugQKNH0rUr63NxdSSSosgjTzVhgxHud5JWV22qoDZBH6Cf8E0/2fPi9+z/ AOD/ABrpfxc0H+wbrV7+1mtU+1Wt15kccTKxzbSyhcEgYYg1+mNFdOYcWYjEYeWGcIqD7K1rdtTS tmU5wdNpJHn/AMWdF1fxJ8K/GXh3w/EZ9U1TRdRtbSMOsZe4ntpEiUOxVVy5AySAOpIFflD/AME6 /wBlz9pf4JfGzWvFXxk0CbSdEuvD9zZRSSalZ3ga6e7tZEXy7e4lYHZG53FQBjGckA/s9RXm4POa lDD1MNFK0977/LUwpYqUISppaMKKKK8k5gooooAKKKKACvAP2Tv+TWfg3/2Jnh7/ANN0Fe/14B+y d/yaz8G/+xM8Pf8ApugoA9/ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooA KKKKACiiigD/1v38ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACvAP2Tv+TWfg3/ANiZ4e/9 N0Fe/wBeS/APwlrXgD4FfDnwJ4kjWHV/DfhvSNNvERxIi3NnZxQyqrrwwDoQCOD1oA9aooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD/9f9/KKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooA//Q/fyiiigAooooAKKKKACiivAv2nfjdD+zx8E/EfxUNouoXWmpHFZ2zEhJ bq5kWGIOQQdis298EHapxzitsPQnVqRpQV23ZfMqEHJqK3Z77RX8u2if8FO/2ttN8YJ4k1LxFa6r p/m7pNJlsLaO0aLOfLVo41nXAOAwk3dNxbof6Uvhp470z4n/AA98N/EXRo2hsvEmn21/FG5BeIXE Yfy2I43ITtbHGQa9vO+GsTgFGVazT7flsjrxeAnRs5dTt6KKK+eOI/NP9uj48fFj4RfGz9mvwr8O 9ebSNK8d+JJLHWoBBbzC7thd6bGELTRuyfJPIMxlT83XIGP0W1rXtD8N6e+reItRttLsYyA091Mk ESk9MvIQo/OvyM/4KY/8nG/se/8AY3y/+l+kV5j/AMFKYbfRP2pfhx47/aH8Max4u+AOn6W0Ulrp bukMepu8wkMpWSLEhzA2DJH5iKFVjtdSAftz4f8AFXhjxbZ/2j4V1iz1m1GB51lcR3EfPT5o2Yfr VfxJ408HeDYop/F+vWGhxznEbX11FbK5HZTKyg9R0r8a/wBkjwh+x9r/AO03o3xQ/Y3+J7+D4VsZ o9X8C3cF2ZNSBWTdte7nUlUDrJiPz1Roww2jIHzz8cbn4T+Bf24fiRrP/BQLwZrnifw1rpjj8J3l u8/2G3sFJ2bVimhLhYyFIjclJA5MZZ9ygH9GWm6npusWceo6Rdw31pMMpNBIssbD/ZZSQfwNM0zW NI1qKSfR76C/iicxu8EqyqrgAlSVJAIBHHXmvy//AOCefgH4HeHPF/j7xR+zL8XP+En+HmuCJ4/C MsM6XGjz5UrM7XUolOcSRhjAN67QZHMeTgf8Ecv+SB/ED/sedQ/9IrKgD9X4dY0i41GfSLe+glv7 ZQ0tusqtNGpxgsgO5QcjkjuKy/EXjTwd4PSKTxbrthoiTnbGb66itg5JxhTKy5OfSvya+DmuW3hn /gpr+1D4kvBm30rwzbXcg6fJBbWEjfotfnZ8Evi/+xl8WNa8XfGL9vvVdS8T+N9fv5Vs9OCai1jp +n4DRiFrRlIAZ2RELbY1UEDcS1AH9SlneWeoWsV7YTx3NvMu6OWJg6Op7qy5BHuKqW2t6LeX8+lW d/bz3tqMzQRyo0sY/wBtASy9e4r8KP8AgnV8ZfA3h39rXxh8BPgX4iv9c+DniHT5NU0S31ITLLp9 7AEklijWYAhSHlDHGXCxliWBJ/Vj4dfss/Df4Y/G/wAbfH7w7c6jJ4k8eoyahHcTRvaIGkSQ+TGs SuvKD7ztxmgD6TooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiii gAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKA CiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAK KKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooA//9H9/KKKKACi iigAooooAK8a/aB+DOi/tAfCPxB8KdduGsotZiTyrlF3tb3MLrLDLtyNwWRRuXI3LlcjOa9lorWj WlTmqkHZp3XyKhJxaktz+cbRP+CR37QVz4wTSde1rRbHw+suJNShmkncw56x25jRi+P4WZVz/FX9 B/gbwdo3w88F6F4D8OoyaX4esrewtg53P5VtGI1LNxliFyx7nJrqqK9fOOIsTjlFV2rLsrfM6cVj qla3P0CiiivDOQ/Kj/goV8O/iB41+Pf7KuseDfDOp69YeHfFMlxqdxYWU91DYwm90txJcvEjLCm2 NzucgYVjnAOOp/ag+JH7WnwO+PmifEDw54e1D4m/A3ULBrbVPD+k2MNxd2lyVKvIdkLTsp+SRS7N GfnjbZlWr9LqKAPwX0X4c6p+09+2D8Lfi38HPgXqnwX8L+CbxNS1vV9S09NHOqeVMkqxrboojkc7 GiLIXZlkbeVCCvcPG/xt/ab+A3xu8feHP2hPh3rPxp+D/iObzvD82j6PbXiWNvvZo7eWOKJEZgri NxcEOWjDoWDEn9eKKAPxi/Yo+CfizV/2v/GH7T2i/C67+Cfw6utKfTrHRLyH7FPdzy+QWf7HtURR HyzK21QgfaEL/OR5r+zz41+Pn/BP3xB8Q/gr4j+CXiXx9o2ta7Pqeh6loNrJPFctKoiGZESRNskU cTFc+ZEdwZDnj956KAPxZ/Yv+Hnx71z9sP40fEL9oTwJe+GI/H/h1CxNvL9gVLxrYx2cd0y+VJND b4SRQxZWVgwBBA5D4HeIPjh/wTtPif4I/EH4Pa78SvA51Ce/0DXvD9n9sLJNhBHMFUrHvCBijMrx vuwsispH7q0UAfnD+yR4m/a2+L/xa8U/F34raHL8N/hdLbi30LwteWVvFfNN8i+fJI8CXSqFV2bc UDPIAilFr3j4ZfHD4p+NPj/49+FXif4Y6h4a8K+FkZtN8RzpcC11UiREAiaSBIjlWLfJI/C/jX1N RQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFF ABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUA FFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAU UUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAf//S/fyiiigAooooAKKKKACi iigAooooAKKKKACivkv9o744+Ifh3fWPhbwlsgv7qD7VLcyIJNkbOyIqK2VySjElgeMYHPGX+zt8 evE3jrXpvB/jJo7q4aFp7e5SNYmJjxuR1QBTwcggDoc5yMb/AFaXJz9Dy3nFFV/q/X8D7IooorA9 QK/LK8/bo/aM8SfF/wCJPwv+CfwGTxzD8N9UOnXl2uuxWbfM8iwu0c0S48zynOFZsY5PTP6m1+Vn 7B3/ACdj+2N/2M+nf+jdSoA7v4b/ALemtN8VtF+C37S/wr1L4PeIfFL+Xo1xc3SX2m3svQRi5VIg rsxCKF8wbmUMVLLnY/ab/bA+Jnwd+OXg/wCA3wo+GSfEPX/F+lzajbxnU109/wBwZjIg8yNk+WOF nyXGegGcZ8t/4K/2mlL+yrZ+IZwI9X0bxFp02mTgYkjnYSqwVuozHuJHQlQcZAI8e/a2+Ini74ff 8FBPgL4/0PwXe+NNetfCV6/9haacXUz3EV9HKsZ2v/qg7OflPyqfrQB674m/b6/aI+DdpB4q/aJ/ Zs1Hwt4NM8cN1qthrEGo/ZfNYKrPFHGFwSQo3yICxCgliAf0+8O+INH8WeH9M8U+Hrlb3StZtYb2 0nUELLb3CCSJwCAcMjAjIzzX5A/Hj4p/th/tbfDTU/gN4O/Zy1LwVb+KzDb3ur+IbxI4LaCOVJWK o8UfOUHzAuwGdqFsYs/ETw/8QNb+Mnwc/wCCdPgzxvqPhXwl4W8G2uoeJNV0mRrXUb+OzQ2yxRyc mNWMSnAO0eadwfYFoA/Y2vzF8bftvfHwftC+PPgP8FPginj+bwIbVrm5GtRWTGO6hjlVyk0QUfM5 XAZuma8z8SeGfF/7Bf7RXwft/A/jnXfEnwz+KurL4d1PRtfvWv8A7JdzskcNxbSMo2fNKHOACdhV iysNnlWm/Gfx58Gf+CiH7RGo+BPhfq/xPm1KLSIprfSG2vaqlrAwkk/dycMTgcDkUAfU2g/t+fEH wh8SvC/w6/am+C1/8K4vGVylnpmrLqEep2TXMjBFjkaKNVT5ioJDsV3BmULlq/TWvxf+KOkftS/t 7+L/AIe+EPEfwdufhL8P/Cutwa3qOo6xdJJeTeRlfLhjCROpZGcBQrAsVZmULz+0FAHiHwi+InxG 8c694903x34Fn8H2XhnW59P0i5mlMg1ixid1S9QFE2rIFDAAt97qa9vr8UPBPjv4/wB38OP23Jvh fqepax4u0LxrqdtokXmyXU1pbC8kWZLKNi+xo7feYkjH3lXaM4r5v+EniH4N+J4PB9/8Hf2kfFPg D42W9zZ/2tbeN7y5fTdQuMbbmGRCpgfdKcRo8xJX5WXcQygH9H9fl/8AFH/gqB8FvA/xh8PfD3S9 RtpdLttW1jS/Ft1dw3SS6X/ZgURywLHGy3CzSCRV2bido4Ga/T5d20b8bsc46Zr80/2gf+Cc9h+0 F8UvE3xa8QfEC/tNauYNMj8NslumzQXsphJMwVHjFyJAPk37WQsxLMQpUA+8fhf8SvCXxh8A6L8S /Al015oOvwme1ldDGxUMUIZG5VlZSCD0Irva/Dj/AIK6+NviV8KNF+Blt4D8V6lpl+kmpxzT2Uxs /tctsliEeaKDZE2WJOzbsG4gKAcV84/tk/Dr9pH9ie8+H/xzh+OGu+KfFGv3cq6kJ5pVtVu4VWYx xxeYUktW3OnlMgUKBhQDtUA/pVor8QP23/jp8aPjD+0j4C/Yr+DPiGbwRbeJILK61PUraSSK4c3c bzsheJlcww267zGrL5rnaxwBXivxQi+O3/BLr4yfDzWbb4oan4/+HnjCSRL+w1N5NpS1eIXa+VJJ Msb7JlkimjKtkFWBUEOAfr38T/2vPhz8M/jz4H/ZyntbvUvGPjWWAqkSbLa0tZ2kVZpZW+8SY2Co gY8fMVGM+G/tP/8ABRj4Z/AfxfH8NdFuLa+8WaZr2lWGtWt8lxFDb6ZfwGea8imjVkcwBowy5yCx GDivyw/a1+Amv6h/wUw0DwDH4/1O3uviBNBqNrqa7/tGjR3s9ztt7b98Dsh8s7NrIPmOAO/6k/Gz /gnZp3x9l8KQfEX4g6lqen+D/CLaFZwPEqsdXWJIk1aSUPvkLFd8kMjNuYD59pYEA+yvgr8cvhr+ 0J4Ofx98KtTbVtES8nsfPaGSAma3I3fu5QrgEMrLuUEqQcCvXK86+EngfUPhr8NPDngLVtbk8R3m hWUVrLqMsKW8l00Yx5jRx/KDjjqzHGWZmJY/FX7dCXc3iDwNH49+NMHwh+Ei/aX1qOx1CWy1/V7h RmOK1EUTl4Y/l37W4DsWUkR0Afo1RX8+3wI+LXw58Gftw/Dnwb+yv8UPEnjP4e+MkvbTW7LXJLyW 2F1FBLIjwG7ihJIIRtwUsCCNxV9tf0DSSJFG0srBUQFmJ6ADkk0APr5Z/at/aOuv2bPDngvXrXQU 19vFvijT/DrRvcG2EC3sczmcERybivlY24Gc9Rjn4C+AHwr8V/8ABQfw74p/aC+LfxK8UaFpuo6v d2fhrSPD2ovYWem2tphEnMRV1eYk4JIBO0liSwCch+094I+PXw5/Zo+DHgv9oXxLaeLtd0z4s6RH ZanbyzTTT6b5F15H2t5o42M4O4E5f5duXZgTQB+senfET4jXf7QOqfDC68Cz23gmz0RdRg8UGUmG 4vjLEhshHsADBHd87yfkPHPHt9fl+fiXrnhb/gpD8Tk1TVbybwx4d+Fj6wdNNzJ9kWS3uLR2lWEk xrIU3DeFzgn1Nfm94C+PH7P/AMctH1b4m/tZ/tGeLPCvj7V7u5fT9J0EapBY6DbqxW3ES21pLC7Y +bKvkqQHPmFmoA/phor+f+P9qX4i/Ez/AIJi/GK9u/F11qPif4e6zp2k2viO1eWzvL+wfVLI29yz Dy5UeSN3jbdh2UfvMsWJ6z41/s5/Ev4e/sop+1uPjT4yuPixpen6brdxI2pbdNP2uSEyWsdqqgJF GsnyrkqxXDJtbaoB+q3xR/aE8M/C34o/DL4Sajp91e6z8ULu7t7J4tiwW8dlGsk0kzMd2fnQKqqc 5OSuOffq/Br9oz4d2nxn/aH/AGSfGev+INc0+8+LumPc340/UGt1sHj06zl3acAp+zNIZD5hGd+B 6V+6ejaZHomj2OjQzTXEdhBFbrLcOZJpBEoQNI55ZzjLMepyaANKivxj/aN/4VqPjt4zu/2xv2iJ vDfhmNYE8OeEvCup3iT2tuU+aXUbe2tncTSYWReGzuPzbAgrlf2GvjBq+q6d+0r8OPDHjbWfF/gX wppbX3he+1l5hqMEFxb3J+9KEkUfKhA2qMrvVV3EUAfuNXi/7Qnxv8N/s5/CHX/jF4stLm/07QVh 3W9oFM0slzMlvEo3sqgGSRdzE8Lk4JGD81/sB+JPEXiT9grwb4j8Rapdapq09lrbSXl1O89w5j1C 8VC0shLkqqgDJ4AAHAFflx4t07VviZ/wSB0/4l+MvE2tahrPhzU7goZb+WSO8FzrcVvtvFkLGdYl 5iBb5GAIoA/Yb42ftR3HwmvvglbWfh1dTT4v6/pujMZLkxGwS/MQ80ARt5pTzfu/KDjqM19e1+DP 7Xnwi1PwJ8Mf2WPAXw48Uas2tar4xsZdP1TVbk6hdWd9epbiF0Zwo8uGQqyR9BjFdn8bfhB4u/Yg 8efB34qfDj4q+LvEA8T+LdP0DxBZa/qRvrfUI7zcZJCm1FBKI4G4MVJVkZWXJAP2zor8Cfj5+0n8 Nvib+1r46+G/7RXxb1r4a/DD4e7NP0/S9AF6kur6hjFzLczWUEx2xsCNrgcbAmD5hPqX7CP7RmiH 9pvxH+zv8O/iVqfxT+GOoaS2raFfa0tz/aGnXUDKJ7MvdRQySIUZmzt2Dau0AmTIB+0leafGP4p+ H/gl8MPEfxW8Uw3Fzpfhq1N1PFaqrzyAEKFQOyrkswHLADqTX4q/sN/s4+OP2uP2eW8b/Fz4yeNI EtL67sdDt9P1V4o7YxESNczlw7XEhmkYLuYFUUKGxtCZr6t4z+O//BLHxvqXxV8Tapf658L9YvrK K6iu2R9QS0MKol+Tk3CKLkjDHJKIxJIyQD9ZPF/x2+IEfwe+G/xT+Ffw8ufGE/jqbR3udPjnKvpu n6patcSXLusb7xAdiHhQS2cjpX1HX4UfFHw7qvwK/Yd/Z2uPAvi7xAs/i7xf4Pv7uS41OZ3jS+0i QyWcLJsKWYMalYOVB9a9++I//Cb/ALWf7afij9nB/GureD/ht8L9HtbrU4dAunsrvVb7UY4pEimn XOYlWT7pBA2EAbm3KAfqzRX53fCv9nv9pL9nnVviXo3g/wCI8PiD4dX+jSyeGD4qvp7m+0jWAg2v M/2cx/Y0JdnCnkBPkzvY/mL8QL79nTQ/hfqd/wCK/wBqPxR4u+P1vaXV1FdeH9T1G80z+00DSJDb tFbiNbUEBS/mIduXXaMIAD9zP2lv2hfDP7MnwvuPid4p0+61SBbqCygtrTYHluLkkRhmcgInBLNy QOiscCtD4lfET4jeEviL8OvCnhDwLP4m0LxVc3cOtatHKUj0SKARGKSRQjBxKXcDLLjYeuePxQ/a nu9c+OX/AATY+D/x08ea7qNx4khuYNPnWK4Mdreb7qW3NxcwgbZJwtupV+NpZzj5q+vPjXoWr/Av 49/se/Cnwj4t1+80afWPEaXj6jqc1zcX6O1pMq3b5UTrGZWWMOpCrwKAP1ior8cfAnhHxX+358b/ AIu618QfHev+Hvhz8Otbm8OaJougXraes01qzLJdXDAHcxCq4yC2XwCqptbmdM8b/Fj4G3/7T/7I /iLxrqXivTvDXw71jxT4V1m/uGbVbSH7GQYmuBh2ZHmXY24bTGWQKG2qAftpRX4PfDn9mP4gfFf9 iu3/AGi/Gfxn8aDx3a+H7vVNGW21V4bGzi06OQW0RjA3u0qRAyy71clskkgl/wBOP2I/iX4o+L/7 K3w7+IXjW5+265qVjJHdXBADTyWlxLbea2MDe4iDNgY3E0AfVNFflB/wUQuvilqHx2/Zp+Hvwv8A Gmo+Cbjxjf69p9zd2EzpthkWwjeQxghXeKKSQxFuUY5Uq3zDwD4mfBL4q/Ab9qj4c/An4PfGjxfb eH/jVaXdvqs+p6iL69gFoRLdz2zsipFO8S4jmVfMRi2G2nFAH7vUV+QHgDwX4h/ZV/4KCeCvg74T 8ceIfEfgv4leHtQvLyz16/a/aO8tEnl81GIUBiYV+baG+ZwSQQB8iyftL/A/9oH4r/EHxJ+1d8bv EfgbRNK1WbTvC/hzw8dQhhjs7dsLezSWdrOjyucEbsPuDZ+Ty1AB/RB4j12x8LeHtU8Tapu+x6Ra z3k+wbn8q3QyPtHGTtU4Ga+DPiH+3rY+Hf2OdK/a68J+EpL+y1q++y2+mXtyLeUR/bJrQPJJGkoD Hyd+0AgZxuOMn4r/AGffil/w0B8Hv2hv2c7/AOJGs+NfDPgixOq+G/Eyyz2OrXWnKkkot7h5o1mZ UeJEfeuXV3UHy9gHzVrvw007wt/wSO0/x/a6vqt5deMNUsjPZ3d201hafYtTvol+x25AEHmA5lwT vbBNAH9OtFfhn+1J+z18UP2Xvggn7VWhfGnxhqPxO0C506fVje6h5mmXj3dxHFJCtmFCrCkknyxM zpsypXkY9s/aA8ZfEf8AaL/aa+HP7J/hTxVf+BPC2o+Gl8V+JbvR5Tb6hPFIWCWsU3JVQVUf3T5h LB9gWgD9YKK/HnxJ4Z8X/sF/tFfB+38D+Odd8SfDP4q6svh3U9G1+9a/+yXc7JHDcW0jKNnzShzg AnYVYsrDYzwX4K8Q/t7fHj4va/498eeIPD/gX4Z63L4Z0DS/Dt++nq09oziW9lYBgznCupxk7gMh UCkA+5PhX+0bdfEj9on4t/AuXQksIfhl/Zmy+FwZGvP7QhMp3RbFEezGBhmz7V9S1+PP/BP3wX4r +HX7Xv7Svgnxr4gufFWqaQugw/2peNuurq28uU2rzt/FL9nMYducsCcnOa/YagAooooAKKKKACii igAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKK ACiiigAooooAKKKKACiiigAooooAKKKKAP/T/fyiiigAooooAKKKKACiiigAooooAKKKKAPnz43f Am1+LDWeqWV6NO1exQwh3UvHLESWCMAQRtJJBGepBB4xQ+CX7P0Hwtv7jxBqt+upatNGYU8tSkUM bEFsZOWZiByQMDjHJr6SorX28uXkvocDyyi63t+X3gooorI7wr8ZfCvg/wDbo/Z7/aI+Ovjj4XfB a08a6F8TNcS9trm513TrLEFtJcmNlja5D/OLg5DqpGOnNfs1RQB+Rd/+z9+1/wDth/EfwfqX7W+k 6N4C+Gvgq9XU/wDhHdNuhez6ndJjaJ2jkmjK4yjNvXajMqJly492+J3wS+J3iL/goP8AB3446Po3 2jwT4V0HU7LUtQ+0W6eRcXEF8kaeQ0gnfc0yDKRsBnkjBx9/UUAFfnb+1D8D/jfp/wAffBf7XX7N +n2niTxN4c06TRNX8PXlylmNT02R3dfJnk2okimVyS7D7sZAbaUb9EqKAPyyi+Fv7TH7WPx7+HPx N+PPgq3+FHgT4V3X9r6fpH9pQ6rqGoaorxvG8kkAVUjRolOGUEAEANv3J6f8Dfgl8TvB37bvx4+L 3iPRvsnhLxnbaXHpN79ot5PtLW8Mayjyo5Gmj2lSP3iLntmvv6igAooooA/Kj4ffs3/tN+HfDv7U 0fhK8PgDxR4+8Z32t+FNS8+1nW4tmuZJkLiMzGFZ4zsO9VkTdu2/KRXhfxm+F37Y37WvgPTPhD8R v2edC8NeKY5LKK+8fXWqWMzRpbshkmgjtwZx5wUh0R5BhiNoOCv7l0UAYfhnRv8AhHPDek+HvtMl 5/ZdpBa+fKcyS+RGqb3P95sZPua3KKKAPyb/AOCof7M/xt/aKk+FLfBzw5/wkA8NXepyah/plpae Qlx9k8s/6VNFv3eU/wBzcRjnGRnW/wCCpv7OHxn/AGjvh/4I0T4MeHv+EhvdH1S4uLqP7XaWnlxP BsVt13NCrZbjCkn2r9TqKAPyD/bH/Yz+Nut/EbwJ+1R+zPNE3xF8IWtjb3WlzyRRi4NmG2yRySss THaxiljZlV48bTnIbyOb9mX9tj9t340eDPGH7X+g6b4C8EeCX8xdPspYybkNIjzJFElxdSB5zGiy PK6qqKCgJGD+7FFAH4x/t0/s5/tQX/7W3w+/af8A2dvC9t4uk8O2NpAbaeeGJYru0uJ3AmSWe3Zo pEmA3I+QQ2SvBP61fDq88Z6h4A8N33xHsYdL8WXGm2j6va27K8MGoNEpuY42V5AUWXcFw7cY+Y9a 7KigAr8qP2vPgT8Zp/2rPAn7TPgj4d2Xxk8PaDo7aVdeG7y6t7ZoJt9w4uY/tQMZP75SpCSMGTkA bWX9V6KAPxzvvhV+2Z8Tv2q/gv8AtBeMfhpp/hTwn4Qu5rIaDZatZ3N1pVlOmyS8uZN0UUvmGTIS 33Oqx7THuILfsWQCMHkGlooA/IP4ZeCv2yf2IIvFfwl+Enwttfi54D1LU7jUfDl8msW2nTaeLogf Z7yKfDOFCgkqFXdkiTDbUxvHv7Kf7Wvin4CeAbHxxqE3jzx/L8TbHxdq9u2pI1to2mrFOrW1q95M qmKAuD5cRPLlUDKgY/srRQB+ftv8AfHepft8eO/itr+i/wDFuvE3w9PhwXwuLcmW6luLUyQ+SJDO v7tHO8x7OOuSAfnv4S+Hf24f2NfCOofAjwf8I7H4weGbG7uZPDWtxava6eYIbqRpvLvIJ8O2Hcu2 NgDFlWRl2lf2GooA/KL4h/s7/ta+N/2AfHvw2+Iupp46+LHjC8sb2GwhktLa3s4YtRtJzaRzv5ER 8uOKSRmZsZOxCwClvpD9o74T+P8Ax5+xHrfwh8J6X9u8W3fh/T7GKy8+GLdcQGAyJ5srrCMbG5Lg HHB6V9m0UAfkt8cfgR+0bpWj/sqfEn4WeD4fFXiT4Lactrq2hyX9vauZJrG0gcLO7iJgjQSKzIzc lWUMuSP1N8M32s6n4b0nUvEWm/2Nq13aQTXlj5qT/ZbiSNWlg82MlH8tyV3KSGxkcVuUUAfi/wCF vhD+0v8As3/tFfFnxlo/wK0/41Q/EHWZtV0jXn1WxsbmxSaWWUQO12rvGFEiqwVUUlBtZhgL6D+y 5+zr+0ponx0+Ofij9oTSbO3tPi5pEJOp6XdQzWkNw6lGs0hZxcgwRzFAzR7D5Rw5ypP6v0UAfi58 GPBv/BQb4MfBqf8AZA0X4ZaTdWUTX9lp/jZ9ZgWytbHUZpJJJ2tBm4ldGmd0GFcDAMTAc7Hh39kH 45XP/BLjU/2adT0WLTPiFJNLdRWEt3bOjmLV1vlT7RDI8IaWJCFJcAMQHKjJH7F0UAfkf4s+Gn7U /wAb9E/Zq1fxf8Ml8L6t8M/HOmXWsWy6rYzqmk2BtSb8ETDO/bJ+5TfINvAIIJ+g/wBu74M/En4z aJ8KbP4baR/a83hrx1pOs6gv2i3t/IsLZJhLNm4kjD7Sw+VNznPCnmvu2igD8tvF/wAJP2j/ANnD 9prxr8e/gB4Ltfij4Q+J8dvJrmgvfwade2t9aqQs8Ms42MpLOwChyd7qVGFevWv2atJ/a+8V/FXx J8Xf2hI4fAnha6tVtNG8F2s9te+Q4K5uZ7mFTlsK2AHBYucqgRVP3fRQB8I/8E5vgz8SfgN+zRY/ D74r6R/Yevw6nf3D232iC5xFM4KN5ltJLHyB03ZHcCvnv4Ufsl/Gq0/YY+NHwL8S6RFo3izxfrWs X2mQTXdvLHNFMLZ7cmW3klRPNaErhiCvVgBzX65UUAfjB4w+EH7W3xh/ZT+EXww8S/C1dA8R/DHx f4bDxLq1hKLrR9I0+W3kv93nhEO9gDEGZjnKgjOPcPi18Jf2hPgz+1Vqf7Vv7PPhe3+Iun+NNLg0 3xJ4dkvotOuvMtFRIbm2mmHl4CQxjHzNneNpDBk/S+igD8lL/wCCX7af7S+jfFzxV8WLxvhnF4q8 NNoXhzwdFqrXdnFJvWVrm9MDNDvlCtCXCb9srZVRGoPnPgTwF+2da/s7yfsu+EP2fdC+HmoXOjya Hqfi+fV7Iw3EMkRimnFvaq873Fwhb597qsjbjgcL+2NFAH4ya5+yb+0F4m/4JkeGvgGfDaad8RvC t/8Aaxpk17aOLhYr+eZRHcRSvBlopgwDSLyCCRxn1fxp4C/aW+OvxS/Zd+L3i74bjwndeBtW12bx JZrqllcrYQTm1S2lVhKGlEyxM22NXZDww6E/qJRQB+VFt8N/2pP2RPjj8SPF/wAD/AMHxb+HfxR1 Ftbk05NUg0q/0vU5mZpcNOCrRO8jABVf5AmShU787w7+y3+0B4zsf2hvj98YdPtLL4m/FLwdqvhj Q/DdjcxSxWNpLZ+XBDJdFxCZJZI4gW3BAQzsw3lU/WiigD4y+Dfwn8f+FP2F9O+Dev6X9l8YQeEr 3THsfPhfF3NDMiR+cjtDyzAbg+0Z5Nb37D3w08bfB/8AZX8B/Df4i6d/ZPiLRYLtLu186G48ppb2 eZB5kDyRtlHU/KxxnB5yK+r6KAPhH9pz4M/En4h/tL/s2fEHwfpH2/QPAGp6zca3c/aIIvskV0lo IW8uWRJJNxifiJXIxyBkZX45/Bn4k+Mf2y/gB8V/Dmkfa/CvgmPW11e8+0QR/ZTd2xjh/dSSLLJv bj92jY74FfdtFAHwn8S/g18SfEH7e3wg+NOkaR5/gzwtoWrWepX/ANogXyJ7mG5SJPJaQTPuMijK IwGeSMGvnvwr8N/2q/2LvH3xB0/4O/DS1+MPwz8b6rPrlhDHqltpl9pV5dYDxyfaFO9MKqfIrAqi tuRiyn9cKKAPgv4DfDf9qjxL4I+KGq/tKavb6fqnxAhubbSPDlu0MtroNvNFJGFaeBTvY71BAdwF TcSWchfz6uv2cv20PEf7Ct1+yTq3wpjttQ8IalazaVfRazp7LqkUl9c3M52vOqx+UJF2lmBcHoGB FfvzRQB8Z/t//Cjx/wDG39lXxd8N/hhpf9s+I9Tl01re18+G33i3voJpP3lw8cY2ojHlhnGBk4Fe L/HL4AfHnw18Uvhh+1P+z9plp4g8X+EdBi8Pa54cvLqO1XUbDDHENwxEayI0j5Znx8sZXcFKN+ml FAH5ZRfC39pj9rH49/Dn4m/HnwVb/CjwJ8K7r+19P0j+0odV1DUNUV43jeSSAKqRo0SnDKCACAG3 7kYfh/8AtP8A7Jfx4+Ivi/4GfD6H4teAfivfHWZrBdTt9Ju9L1eVnMvzz5VopGcnIQ8bQShU7/1Q ooA/Mr9ij4O/tLeEvj98avi9+0ToVrpVz8Qk0m4tnsruC5t90ayFrZBHI0o+yoyQlnUBipKM6/Mf 01oooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAC iiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD//U/fyiiigAooooAKKKKACi iigAooooAKKKKACivgX9r/xd4itte0vwjbXEltpUlmLp1RiomlaR0w+PvBAgwD3OfSsT9kjxd4jX xnP4SNxJcaTcWskxiZiyQvGVw6g/dznacdcjPQV1fVXyc9zw3nkVivq3L5X8/Q/RWiiiuU9wK/Fn wLqP7Z/7SPx/+PPhfwH8dn8C6L8N/Ekmn2lq+jWd8DBNNcrGqsVRgI1gxlixOevHP7TV+BnwM+BP xL+M37UX7Uk3w++L+s/C1dK8Xstwmkx+YL0zXF6UMn72PBi2Nt6/eNAH1N8Ivi5+0/8ABf8Aa10D 9lb9onxTY/ErT/HOlXGo6PrNrZx2V1bNaJNIyTxQoq7W8h1O7dyUIk+8o/Rvw78Q/A3i7Xde8L+G Nds9U1fwtLHBqtrbzLJNZSzbjGk6A5QtsbAPXB9K/GDSfA/xB/Yh/bZ+G+r/ABP8Sr8aD8aH/wCE etdc1RJk1nSnWWKIiEPPOixZuY95GcpuAEfO/wCk/wBigj/hr79sJe/9vaIcexS+oA+5da+Onwi0 I+LIdS8X6Xb3HgaOGTWo5LlFbTxc48g3IzmMSEjbnrmvmX9gb9rI/tQ/C+TVvF+r6WfHMd1eTXek 2JCPZ2XnlLcmIs0gTbgB2JLHqa8Q+AGm6B4r/bh/a+0rWLO31bTbiPQYpre5iSeGQxWzAq8bgq21 17jqK2f+CRfhvw7a/slaT4ntdLtYdYvb/Uobi9SCNbmaKO5OxJJgN7KvYEkDtQB+oF5eWenWc+oa hPHa2trG0sssrBI440G5ndmwFVQCSScAV4T4T/ar/Zu8d+Lh4D8HfErQtY16RtkVrbX0UjTsOdsL A7ZTjtGWPX0r5N/4Kp65qtp+z74b8H2d7NpuneOPF2k6HqlxC5j22E6TyyKxH8LGJcg8EAg8cHvv jl+xj+yHc/DjQoPEMGn/AAo0/wAG3dnPZ+INNks9IvLZ42CRI99cRsG8x2XPmbi0m1s78GgD7B0v 4h+Btb8Yaz8PtI12zvPEvh5IZNR06KZWurRLhQ8TSxg7lDqwKk9QRRZfEPwLqPjXUfhvY67Zz+Kd Jt0u7vTEmU3cFvJt2SyRZ3Kjb1wSMcj1r87f2eJoZv8AgpX+0tJDMJ0l0fwy6SAgh1On2pDArwQQ Qcjjnim/Cy4hm/4Kr/G6OJwzQeDNKRwP4WK2DYP/AAFgfxoA+wLL9rT9mXUtT0PRrD4n+H7i98Sn bp0aX8LG5bzDCApDYBaRSigkbmBVcmix/a0/Zl1LU9D0bT/id4fuL3xK23To0v4mNy3mGEBSGwC0 qlFBI3MCq5Nfmr/wSa/Zy+Dut/s+23xf8T+FrDWPFjeILi4tNRuoRLcWf9nmMQCBm/1e2QM+VwSS M5wMR/8ABKD9nf4Q6p+zxD8ZfEXhGx17xeuvXN1ZXtxCstzanTtgt1t3b/VkSKz5XGSRnOBgA/UL 4jftM/s/fCPW4vDXxK8f6P4e1aUIwtLq6RZ1R/uu8YJZFbszAA+td7c/EjwBaeBm+Js/iKwHhJbc XZ1YXEbWX2c9JROpKFPcHFfz8fsXX3xY8W+CvFnxT/4Ze0/47ar431m9l1LxFqmu6XbuXbaXtEtb 2GRokQsWOMBtw/hVQPQ/C3gP4u/DP9jD9q/wp488KDwT4XkY6hoGjDV7PWBpwu5HFzaCW2kdlEPl wj94qbiSQC280Afrdqf7XX7MGj69Z+GdT+KPh+31K+SKSKJtQi+7OqvEXbO2PerqyhypIII4rwP9 sD9smz+APxE+EvgLSdd0iy/4SjXbL/hInu2DTWOhPMge4ALBY0kAdfNYEAK23B5HzhP+y38C9O/4 JbNraeDdMfXZvAUfiZtVa1jOof2jJZLf+YLojzRhzsADY8v5MbcivHPHWh6F4p+H37AOreJNMtNT vdX1TQ9PvZ7mCOWS6tIvsyrBOzqTJGAT8jEjk8cmgD949B13RvFGiWHiTw7exalpWqwRXVpdQOJI p4JlDxyIw4ZWUggjqDXlfjH9o/4C/D691vTPG3j7RtFvfDhtl1C3uryOOe3a7j86BWjJ37pY/nRQ CSvIGK9e07TtP0fT7bSdJtYrKxs40hgggRY4oooxtRERQFVVAAAAAA4FfkL4C+EHw5+Jn/BVT48a 54+0q11yTwvpWgy2FpeRpPAJrnTLJGnMTgqzRqu1cghS+cbgpAB+o/w4+Knw3+L2gf8ACUfDDxJY +JtLWQxPPYzrMscoAJSQA5R8EHawBwQcYIrz7xx+1X+zf8NfEp8G+O/iPomi62hCyWk95GJYSRkC YAnysjn95t4x61+dOpQR/s4/t6/E3SfgfYJYaX4g+F174lvtKswIrKHVrJpPImECgIrExqOB1nY/ xGu1/wCCdP7O3wT8cfslaX488eeF9O8Y+IfiHLql1reoarbx3tzNJ9tng2ebKGdMKgJ2sD5hZ85O QAfqBL4t8KweGG8azazZJ4eS2+2HUmuIxZi227/OM+7y/L287923HOa8f8B/tWfs3/E7xGvhHwF8 R9F1rWpCyxWkN2nnTFRk+SrYMuBz8m7gE9q/HX4XfCjxF8Vf2Uf2kP2VvB3iiKw0jwR47uLTw7Nq VyI7WW3t7syCzeY9FkMPmDt5r7jwTS+KfFfhTwRqPw+0z9tD9meT4T/8IrqtidP8Y+DvJis47mDJ iWSS3V/3QK+aUFxJJ8u5VyCCAftR8Uf2g/gl8FJbS3+K3jXS/DNxfLvggvLhVnlQHaXWIZkKA8bt u3PGaoa98TPC3xB+Bni7xt8I/HulRW66RqX2XxFFPFc2Wm3MVs5FxMw3qBbNiSRWBwBytfnH+0P8 IfjJ4S/a58RftHfDn4eaB8eNH1jR7OyvNAv5oHv9ISKONCbeKYttE3lFlZI5GO+RdgHJ474SeLfg NqfwF/a20f4deCNY+FfjabwxrN54h8K6mdtvZt/Z10EayiCRiOMFyGXy0IBQbdmygD1/4sfHX4q/ DTwj+yi1t8TbTXk8Y+KtPsPEeu2SW5sdWsZJ4xMwd4wscZRmBZAhHJyMV93fD79pj9n74reIZvCX w4+IOjeIdZgDMbS0vI5JnVBlmjXOZFUdWTcB61+JvxD8H6H8Qv2WP2GfAfiZiukeIvEFnp95htjG 3upVikUN/CSrEA9ic19Mf8FI/hJ8NPgn8Lfh98Y/g/4b0/wl4x8F+J9Lh0qXSraK0eZGEjfZn8tQ JBmMMN+ejDozAgH3NpmseLT+1r4g0eX4mabd+H4fCyzReC0Ef9pWtz58A/tF/k3+SQWTlyMyDjpj 4S+D3xy+N/xS/wCCfVt8Std+Mlh4D8YT69NbN4n1mK2it1gjn2iAqIfKBccKdmfevT/C3/KWfx7/ ANkwj/8AS2xr8zpP+UNEX/Y3n/0qNAH6t/Gj9uHw98Mf2v8AwH8Eb3xRomleEGtL+48UXdzIomtL lbWV7O3kkZtsIdvKfldzblAIBIP3B4P+Jnw++IF5rWn+CPENlrl14cuTZ6lFaTLK9ncqWUxTKpyj ZVhg9wfSvzQ+PHgLwNrP/BT34H2Wr+HdNvrfWvD+tTX8c9pDKl3LDa3QjedWUiRkCKFL5I2jHQU7 UL/Tv2TP+CjGo63qcq6Z4C+POgTXk8h+SCHWNFjMsrH38tWY+r3NAH6Z2PxF8Can431H4a6fr9nc +KtIt0urzTI5la7t4JdpSSSIHcqsHUgkc7h618x/t3/tIp+zZ+z/AOIPEeg61Zab44v7fytAguSj SzzGeCGeSGF+JWto5vNIIZRgbgVyD45/wTe0PU/G2kfEf9rfxVbtFrHxl164uLNZOWh0ewd4bWIE 8gK29PdUQ88V0H/BU/w/oOpfsVePdc1DTba61LSBphsrmWFHntTPqtkkvkyMC0fmL8r7SNw4ORQB d/Yy8YXOmfBnV/i/8WP2gbP4lafdraSXt3P9ms7HQLpYfOubQzK+0n9/GG3BPurhBuxX0n8N/wBp j4AfF/WJfD3wz8faR4h1WFWc2lrdIbgon3nSM4Z1HdlBA9a/Ln9obwL4S1zxd+x3+z7NpVto3w+8 aTHVdZsrKNLS31O9tLO02CdYgoZmDFCx+YiTqCAa63/gpn8Kvhp8F/hN4P8Ajz8KNA0/wb418E+I tNGm3Ok20Vk0qNvJt3WFVEijYGAYHAVgPlZgQD9GvGv7TH7P/wAONQ1bSfHXxA0bRL/Q5LaG+trm 7RJ4JLyPzYFeLO/Mkfzrx93LdBmvXND13RfE+jWXiLw5fwappWpQpcWt1ayLNBPDINySRyISrKwO QQcGvx18I/A74afGn/gqN8e7n4peHrTxHZaFo2iPBZX8YmgWe606xTzGjOVZkRWAzkAtkcgEfsZo mi6T4b0aw8O6DaR2GmaXbxWtrbxLtjhggQJHGijoqqAAOwFAHlXxO/aL+BXwZuYrH4peOtJ8N3k6 eYltdXSLctGTgOIATIVzxu24966LwT8Xvhf8SPCc/jrwH4p07XtAtQ5nvLS4SWKHyl3uJSDmMqvJ DAEDnGK/JvUfFXwpj/al+LWofBP4H63+0T48nvI7TXb7VpLGPR9JuIA0X2OzuLi3YRKuzy23jJ8o BWZVJPE/sYwa3ovxO/bC8P6t4XtvAUh0mK5n8O2FzHc2enzvb3TGOJ4cRHbvP3AFXO0cAUAfqVqn 7ZP7KuijS21P4q+HoV1lBLan7fEweMsyByVJCIWVhufaMg816/4o+Jfw+8E+Gbfxp4s8RWGlaBdt AkN/PcIltIbn/U7JSdreZn5SDz2r8v8A/gm5+zB8BvFf7Fekav4q8J6b4gv/AB7/AGkdUubu3jmn xFdz2kcUUrKXiEaRArsIIclxyc18J69rOsat/wAEo9d8NarfS3em+FfiD/Yul3c7+Zu06GSN42U/ 3FaV1A6ADAwAAAD959G/am/Zy8Q+Oh8M9D+I+h33idpTbrYxXsbSSTglTFGQdryAgjYrFs9q98r8 p/22v2YPgT8OP2ItZn8FeHbLQNR+HltY3mjavaxJDqCXUNxCgka6jAkd59xDksdzMG+8FI/Qr4Je INa8WfBnwF4q8SKyavrOgaXe3iv94XNxaxySg++9jmgD5Y+D3xd+IviX9u348/CbXNZe68J+EdP0 KbS7AxxKltJd2cEkzB1QSNvd2Pzs2M8YFexeKv2xf2WvBPiCXwt4o+KGg2WqwSGGaA3iSNDIDgpK YywjIPUORjvXxN4C1PRNF/b1/bA1jxLqkuh6RY+GNGnvL+A7ZbS3j0qBpZ4ztfDxoCy/K3IHB6V8 0/DmTwrq/wAANU8Gfs4fsm3XjLwPeW2oE+MPGN1pthc3CMZN92ZWg3SGHkR+S4KbAB8wNAH7d6z8 YPhX4eg8N3WteLNMtLfxjNHb6NK91H5WoSzbfLS2cHbIX3Lt2k5yMVs+OPH3gr4Z+HZ/F3xB1y08 PaLbMiSXl9MsEKtKwRFLsQMsxAAr8Lvht8KtV+Nf/BISyXTHkl8ReA7zUte0WRSTLFJpl7PK6Rnr loGlVAP4ivoK9M8c/FeD9vDxN+y38H7DbPpetW6eOfGEScxIul77drd8fwPcxXEOD3aNsDggA/Vz 4j/HX4OfCDTLPWPid4x0zw3a6kC1qby4SN7hQASYY875AARnapxkZ6iug8AfEv4ffFTQF8U/DfxF Y+JdJLmM3NhOk8ayLyUcoTtcAglWwRkcV+Haat8SvHH7e/xx8XWvwMg+O174NltNHsLTUdXsdOg0 a0AcRvHBexyJKZ/LZgyrlCXJOZK92/ZP8AfG7wj+2T4o8ZXXwht/g34J8YaDjUtCtdd03UYBqEDh oLtILVo3jDjeoCw7QWc5+bAAPv8Asf2tP2ZdS1PQ9G0/4neH7i98Stt06NL+Jjct5hhAUhsAtKpR QSNzAquTX0N05Nfij/wSW/Zy+Dut/AC0+L/ifwtYax4sbxDPcWmo3UIluLP+zzGIBAzf6vbIGfK4 JJGc4GP1U+PWpeDtI+C3je++IWr3WheGl0i8TUL2xIW7htpIijm3JV8SkNiP5SdxGOcUAefax+2f +yjoGvnwxq3xW8PQaikhhdPt0bpHIpwyySoTGhB4O5hjvXtnib4geBvBnhOTx54s8QWGkeHIo0lb Ubm5jitdkuPLYSsQp35GzB+YkAZyK/Bh5NK1z9kvXPC3wS/ZLll+H8Og39ynjPxVdadZagYI4ZJT qh/ciSaZQPMQxSbeFVPkwK7ex+Dfj74/f8E4/wBnz/hDLvTdU17wrqY1GDQ9cnWOz1pLS7uYEs28 xkDkLtQIWVTGWXcpINAH65/DL9pH4DfGXUJtI+F/jvSfEeoW6NI9ra3Km4EanBfyWw5QEjLBccjn kV2vgb4leAPiZZ32ofD7xBZeIbfTLp7K6eymWYQXUYDPFJtPyuoYEg881+N3gvx/8OLX9qD4Wt+0 d+z9e/An4jxXb2Gh6topjj0bU7q4CwCKcwRosi/P5S7XlCiTDsEYEekaB4s0j9iz9uD4waN4iY2n gT4n+H7jxzYgfdF/pkcs99FH2DuFuXwOcCIYPFAH6S6z8e/gt4efxRHrnjbSbJvBX2Ya2JbuNf7O N46x24uef3fmOyqu7qTisKD9qH9nS58dRfDO3+JGgy+J5pVgSxW/hMrTs20QAhtvnFjgRZ35425r 8YNb8Ea1D/wSv+M/x58ax48WfGrWbDxHeMR8y2r65araRj/YwXlj9FlA9q7z9s39mr4MfDL/AIJz +G/EXg7wrYaZ4i0OPQLpdWgt401Cae8Ma3DzXIHmv5hkLEFsAhcABVAAP1ls/wBp/wDZ31D4gD4V 2PxF0S48WNMbYael7E0puASpgBB2mYMCpjB354xmun8X/Gv4Q/D/AFifQPHXjLSfD+o22njVZIL+ 8it3SwMvkC4IkYfuzKPLB7t8o5r8lf2+PgB8Ivg1+yN8Pde+HPhfT9D13wxrehC31S1t44r6RnRv Maa4UCSQyOBIxdjlwD1Fdv8AHv4WeCfi5/wVZ+Gvh74g6XDrWj2PgEag1lcoJLeeW3vdR8oSxtw6 B2DFGyrYwwIyCAfoToX7Uf7OfiXwhqvj3RfiPoVx4f0No1v7z7dEkdq0xKxCbeylDIQRGGA3kYXN dX8L/jT8KPjTplzrHwp8Vaf4otbJ1juGsplkaF2BKiVOHTcASu4DODjODX5Nj9mv4K3X/BVSbwm3 hPTk8NReD08RnR1to1019QSQWqyNaqoiOA5fBUjzPm610XgvTdL+CX7f37Q1r8LtKg0exg+HI1uP TbKJIbY30C2zKyQqAgLMzHAAGXY9zQB+ivjv9qX9nP4Y+Jf+EO8f/EXRND1sFQ9pcXkayxbxuXzl BPlZHI37eMHvXkP7bH7VNn+z1+zpffEnwLrGk3XiPVo4B4eS4kE8N8JZoUllgWNx5wihlMo2sV4B OVyD+VP7G2n/ABM1T4GT+Jbf9k3T/jU3jq71C51HxRqniLSorjUJGuJI5E8m7hkmgEbKRjcNz5lH 3hVPxd8MPiH4E/4JqfF7w18WvC0GkL4b8TWs/heGW/stYm0uyv8AUbTzrWK6tnkKFX3h87GcsxK4 OAAftl4R/aa+CeqfD3wv4y1P4gaKtvr4W1S6a8hjhmv4oVe4hViQoePOWXjaK8a+L/x+8J/E7wN4 e1f9nz47+HPC4tfFenWeo30s8MyXMUkdwTpoV0crLclN8Rwu4RsVbGa+OP25fhX4K1rwl+yb8MLP SbXStD8T+KtMs7uCyiW1Rlv0top2xCF+dlY5Yck85rsv+Chfwi+GHwh+Dfwx0r4X+F9P8L2d/wDF Dw9NcRafAkCSyJaXkYdgoGTtUDPfknkkkA/T/wCI/wAXPhf8INJj1z4o+KtN8L2U5ZYX1C5jgMzI AWWJWIaRgCCVQE+1Hw2+Lfwy+MOiv4h+F3iew8T6fC/lyy2M6zeVJjOyRQd0bEcgMAcc9K/NzQ/C fhn46f8ABTv4n2PxY0+LX7D4YeHtLj0HTNRVbi0ia9ht5prlYHDRlg0rYJB5YE/MqlfqT4a/s/fs 8/B79pTxN4u+HGtw+H/Fni3SYvtnhG0urOCz+zxuuL6PTUQTKS8ZHmAhMtJxljQB9d3d3aafazX1 /MltbW6NJLLIwRI0QZZmZsAAAZJPAFfNlh+2h+yhqfiSHwnp/wAVvD0+p3DiKNFvozG8jHCqs2fK LE8AB8k9KwP26NS+Eunfsx+Lo/jdq2raT4SvVt4Lk6G0a6lcuZlaO2g85HTMrKAwYBdm7cQua/IP 9p6TVPEP7Iup2/hz9kuD4b+CtBttPkt/E2q3Njbapbr9ohjjdbZYUuXluCwSQl23B2Lc80Af0Ca/ 8Q/A3hXxFoPhLxJrtnputeKXlj0qznmWOa9eAKZVgQnLlA65A6ZFHiX4h+BvBuraFoPivXbPSdR8 T3BtNLt7mZY5L24G3MUKsQXb5l4HPIr8mPiVfXWo/Fv/AIJ76nqEzT3F3p9zLLK5LM8kmnaaWYk8 kknJPqa9V/bxuIV/aT/ZEtGcCWTxlM6r3Ko9kGP4Fh+dAHVfCT9uPw58RP2vviB8GrnxToa+FdLh 0218MtBIvm6pfTRh7oLKWPmyI5MexAANvILZNcR+yV+2v4eg+H3jrWP2n/iZp9lqFr471nStL/tC SC2m+wWsVoY444oVVmSNpWy5U4z8zdKyP2cvAPgWD/gpB+0bFD4c02NNDtvD0+nqtnCBZzS2cTSS W4CfundiSzJgkkk8157/AME2v2d/g38QNI+M3xC+IPhHS/FGp3PjbVtGQ6naR3iw2sCRTFY1mVlQ u1w25lAYgAE4AoA/Ynwr4t8L+OdAs/FfgzV7TXNGv1L295ZTJcW8qglSUkjJU4YEHB4IIPIrxdP2 uP2YpPGA8BR/FDw+2umb7OLYX8XM+7Z5XmbvL8zd8uzduzxjNfi74e8Ra58Hf2IP2wfDXw+mmsLH w948u9GsRG5P2SyvLy3sZgpJJAaD5MjkE7s55rp7T4XfEvWv2WLb4W6Z+xZpZsLzQ0eDxOfFWjLe m4kgDpqplaJZQxYiUqZQu392SE4oA/dHxb8RfAfgO40m08a6/ZaHLrtx9lsFvJ0h+0z4z5ce8jc2 OcV534H/AGoP2d/iV4pbwT4B+Iuia7ro3bbS1vY5JJdg3N5ODiUAcnyy2ACe1fjr8fPA3jXxf8Af 2Mvhd8eomGs6l4uttB1RRdQ3TNaNcizjP2i1kkRy1rsO5XJyfmO7Ne7/ALfHwa+Fvwm1P9nnxz8L vC2m+EtY0/x/o+mpPpVrFZs1rITJskMIXzAGhGN+SMtj7zZAPcPFf7cfhzw9+23pvwFvPFOh6f4J tdEmfUbqSRRMNfa4aFLGSVm2oyKqkRhQxL8kjAr3n4K6v4rv/jP8ZLHXfiXpvjHTbG905dP0KzEf 2rw4jLcb4rvYitunwpXczf6tsY5z8ceKPAPgW/8A+Csmi2V94c024t7r4fPqU0clnC6SX3264/0l 1KENNwP3h+bgc14lB4x8QeAfEf8AwUT8WeFZZbfVrJNIFvPAxSWB5ob+LzkYYKtEHLgjkFcjmgD9 T9Y/a1/Zk8P+Lf8AhBdZ+KHh+011ZTA9s+oQ5imVthilcNsjcNwVdlYHtXpvjz4m/Dv4XaEPE3xG 8S6f4a0pmCJc6hcx28buwyFQuRvYjkKuTjtX5+fA39jv9mTxV+wx4W0jxZ4f02OPxR4YtdX1PxA8 UC6hb3d5arczXa3sqFozAzHaWO1UXawK7gfE/jW/7L3hLxR8BPCei2fiL9o/xH4W0WdPC2hWVzY6 npt3YqZIftl9IkBjkKmEqrR5UfZwXUBcsAfpx8Nf2lfgH8Ybi8svhn470rxBdafG008FvcL56RL9 6Tym2uUHdgNo456V8sfszftvaD8bv2hfin8NdQ8TaI2m6be2dp4OgtJF83VIEiupbudHLMZ22xqz bMKigYHUn4Zjk8Zf8PDvgL4j8T/Bew+CE2tx6nbCxsr60upNRthazK0l0lmkaIfnKAOu5hwchRX0 v+w14E8EWf7Wn7U1xZ+HtOgl8O+IdOj0x47SFWsY5UvVkW2IUGFXXhgmARwaAPrr9k/xLr0/wNHi H4jfFTSPidPb3V48/iLT2ijsRBGc7GZEiRfJGdxIGO5rqPB37WH7NXxA8Up4J8GfErQtX1yZ/Lht YL2MvO+M7YckCU4HSMtX4D+HNS1SX/gmp8M/AEd7Lpuh+OvicNH1i4ifZ/oUjPIY2PTBZA/PH7vo a/TH9vT9mD4BeFf2PPEmseEvCWmeFdT8BW1teaPqGn26W13BNDPEiqbhAJH83O1t7MWYhyd4DAA/ Qfxb8Xfhd4B1aDQvHHivTNAv7m1nvo4b66jt2a1tQWmmHmEDZGASzdBXO/DP9on4GfGTULvSfhb4 50rxLfWKl5rezuUeZUB2mTy+GKZIG8AryOeRX5GeP/D+m/tJ/tK/sUwfFyzXVofFXgv+19UgnUGO 5ni09tQIkUcFJJYxuUjBUlSMZFex/HD4aeA/hN/wUK/Zm1z4ZaDZeFpvEi63Z36aZbx2cVxFb2wC eZHCFRjtmYEkZICgn5VwAfrtXgHxD/aq/Zx+E+tP4b+IfxF0bRdWi2+ZZy3StcxbhlfMij3OmRyN wHHPSvfiQoLMcAdTX4S/CXxJ8ONQ1Lx6v7Ln7N+qftAQ+INbvZdR8WeLJ9Nt7e6upSDLHDcXNttN uCfMCEI53ksBkYAP2Zh+LXwxufh+/wAVrbxVps/g6OEzvq8d1G9ksSnazGZSVG08HJyDwea821P9 rr9mDR9es/DOp/FHw/b6lfJFJFE2oRfdnVXiLtnbHvV1ZQ5UkEEcV+LfwEF9Y/8ABO39rDw9c2y6 dHpeu6jGljFN58No2y3V4opOjKpUKGH3sZ719Mz/ALLfwL07/gls2tp4N0x9dm8BR+Jm1VrWM6h/ aMlkt/5guiPNGHOwANjy/kxtyKAP1o8aeP8AwR8OfDVx4y8ea7ZaBodsFMl5ezpDAC/3QHYgFmPC qMljwATX51/Gr9sTTPEfxZ/Z5039nb4iWWq6D4q8VNpviCLT3guDJATb7IpldWlhyGfBGwnnBOOP lDQ7dfjZ45/Yc+DvxR36p4MuPCMusT2lw2621C+sbKXyUmQ5EnlLAmQwOUdl/jbPsP7X3wR+Fnw+ /a7/AGW/HPgTQrHw5qes+KEsryGwgjto7mO2lt3ikaKJVXfHvKlsZIZQchRgA/ZCiiigAooooAKK KKACiiigAooooAKKKKACiiigAooooAKKKKAP/9X9/KKKKACiiigAooooAKKKKACiiigAooooA4Px 58NfCHxJsYbHxVZ+f9mJaGVGMcsRbG7aw7HAyDkHA4yBVbwB8K/Bfw0hnj8LWZjlusebPKxklcDo Cx6D2AAzzXotFVzu3LfQw+rU+f2nKubv1CiiipNwr8trv/gn/wDGvRPir8Q/iX8Iv2ibvwGnxF1a XVbyyttAjuAC8kkkaNK96u/y/NYBgi5z0r9Sa/Lb9n/9s3RtE8ZfHq1/aR+I9jplh4c8fano2gRa g8Fu8dlbTSIsMKRqskqxgKGYhiONzc0Ad98Kv2DJ9A+L2k/HP47fFLWPi94s8OIV0k38S2lnZMwI MiW4km+YZJUB1UN8xVmAIh+Iv7E3xFPx08RfHb9nT4w3Xwu1PxtFDFrtqdLh1S3uGiQIJY0mdFVs DI3KWDsxV1DFa+rPFXjzQ/GXwM8UeOPhf430y0tZtE1KWw8RxzRXFhYyx28m27kcb0KW7jfICDja QR1Fch8K/il4d8KfCH4eSfFf4m6P4g1jxJEtvb62k8UFtrN1kktbcIp47ADp0oA8x/Zb/Yui/Zp8 f+P/AB0/ji88ZS+P4bD7V/aFuFuRdW6u11PJcCVvN+0TSO4XYvlqQm58biz9kb9kbxn+ylqGteH7 T4mzeJvh1c+e+maDcadHDJYzzyo/mm7WVmkIRSjAIqsTvAU8H27wP+1B+zv8SvFLeCfAPxF0TXdd G7baWt7HJJLsG5vJwcSgDk+WWwAT2rpvih8bPhL8FdPtdU+K/izT/C9vfMyW/wBtnWN52TBYRR8u +3I3bQcZGcZFAGP+0F8B/BH7SPwt1X4U+PkkXT9R2SRXEBUXFrcwndFPCzBgGU8HIIZSyngmvieb 9gX4wfEN/D/hL9o34+X/AMQ/hz4angnj0NNKh0+S+Nt/q1vbpJXklAHDF97sMkMjfNXR+Df2ldT+ I37fNp4C8BeNLbxB8MLzwE2rQw2LW89s9+t6YWlEyKZN6gbWQvgHgrmvUP2dfipbeE/gBbeMfjh8 ZtC8dB9TmtT4ltpYYLB3kcLDbBlSNPMU/Ljbkk0AcX8Yv2LvG2v/AB1n/aK/Z8+Klx8LPF2r2EWm 6sP7Nh1O1vIIVSNG8qV0VWVI0GGVwSildhyTe/Zw/YjuvgH8aPE3xs1b4jX3jjWPF+kiy1JtQtFj mlvGmjmkuRKsrBYz5YRIAnyLgbzivd7P9qj9m/UPHI+Gll8SdCn8TGb7MLJL6Iu1wGKeSrZ2GXcN vlht2eMZr0X4hfEz4ffCfw8/iz4leIbHw1pCOsX2m+nWFGkYErGm45dyASFUEkAnHBoA8Z/ZG/Zw /wCGWPgxa/CH/hIf+En+zXd1dfbfsn2Ld9pbdt8rzpsbemd/PoKX9kX9nH/hlb4M2nwj/wCEh/4S f7LeXV39t+yfYt32l923yvOnxt6Z38+grqfCX7Tn7PfjybRbXwf8QtF1a48Qzy21hDBeRtNcTwIs kkSxZ3h1R1YqQDgg45r3SgD81bv9hb4o/Drxf4o1z9k/41XPwu0LxndPeahok2k2+q2kNzLnzJbM ysvkcYChV3AADftVVXqfCn7Afhbwd+zX4/8AgXpnim5uvEPxMEkut+J7238+4uLuRt3mGDzV+Rfm KoZScszFySa1NM+K3jL4y/tp6j8NvBGry6d4B+DFisviE2xGNV1rUlIt7ORsHEVugdyFIJkRlYEY x8leD9T/AGy/2jv2jPj14N8AfHR/AeifDXXUs7W2bRrO+VoLqS5EaqzKjDyxb4yxYnd145AP0Zvf gH9r/ZUH7Mn9u7MeEI/Cv9rfZc/6uxFl9p+zeb3xv8vzf9nf3r57+Iv7CF14w+BPwj+F/h34gzeH /FPwbmtLnSdfisFkV57VQN7WjTfLllRl/ettK87gSK8X1j4zftdfsU+P/CX/AA0/4r0/4n/Cjxhf ppcmu2+nx2N9pN1IpMe+OBUUocFznzSyK+0qwCt0H7Wvjr9ozVf2yvhf+zp8FfiQ/wAPbPxhoN5e TTiwtr5BPaC7mLFJl3HckATAcAZzjrkA/SfwDo3ifw74K0TQvGmu/wDCT67YWkUN7qn2dbT7bOi4 eYwIzLGXPJUEjPT0r8abn4RfET4mf8FNPjzq/wAJviJcfDfxV4b03QJIL2Ozi1C3uIbjTLJJbe5t piqujFVYEkhWUNtJAI7n42af/wAFDv2Uvh/ffHE/G3T/AImaN4aaGXUtHvtDtrLzLaSVYyyPCC5K lgWCyRkLkgkjafvXwv8AEz4Caf8ADrSv2qvEMWh+Bz4+0nTby81a7Fva3Uyz26PDbT3ZVJJ2iXCI pJ4X5RgUAcd+zn+yWnwh8ReK/ih8TvFU3xM+JfjdBb6nrd5bJbILJQuLSC2VnSOH5F3AHBCoAqqo FeHaZ+wb8X/hbca54b/Zq+PmofDz4f8AiK5luZdFk0m31KSxacfvPsN1LIjxZ6KUCsowSzuA1fbn wv8Aj38GPjUt0fhT4z0zxPJZANcRWVwrzQqxwGki4kVSeASoB7GvzN1DXf2u/jl+2d8ZPg98MfjS /wAPtB8CLp09tCdJtL9Sl1bxFkBdVcfOWbLM3XFAH01J/wAE9Pgqf2XLv9mGGa7S2vbldUm1okPf yawuP9ObPykkDy9nA8v5c5+evK7r9gb41/EyDQvBv7Sfx/vPH3w/8PXcN0mjw6Pb2Et6bcERi6u1 keRhzht/mEgnDK2GHnHj/wCJX7aH7EfjXwDr3xm+I1h8Wvhv4u1iDRb0tpkOm3llLOGIeMwJkkIG cZdw2wqVXIav2PoA/Pz4s/sXeNr/AON9/wDtEfs4fFCb4WeLtdtIbPWIjp0Op2N+kAREcwysFRgk aA5VwSuRtJYtL8Pv2GD4a8H/ABfPjbx/d+MfiL8Z9IutI1XxLdWUcKwQz2r20Yhs45MBYw4JXzQG CIo2AV9GftE/H7wf+zP8Mbz4r+OrO/v9Jsri3t3i02OKW4L3LiNCFmlhTAJ5y446A17lQB+a3xC/ 4J223xD+Bnwf+CV38QrnTIvhVN5rajZ2AS5veMZiBuCLVweVfMuD2q3o37DnxK8X+P8Awp4q/ag+ M938VdG8BXC3ejaR/ZNvpdu11EQYp70xO/nsuOQwLHu5UsrfoB4o8UeHPBXh++8V+LtSg0jR9MjM t1d3LiOGGMHBZ3bgDnqa8SuP2u/2YLXxJZ+Ebj4o+H01a/WJoYTfxYPnqrRBnzsQurKVVmBORgc0 AZOlfs2/2Z+1nr/7Uf8AwkXmf254XXw3/ZH2THlbZ4JvtH2nzju/1ONnlD72d3GD8zN/wTjDfsaJ +yP/AMLC+7rH9q/21/ZP/TUy+V9k+1++N3ne+O1foD41+J3w7+HB00eP/Elh4dGrytBaG/uEt1nk Rd7KhkIBIXk88Dmvkr4v/H7wn8TvA3h7V/2fPjv4c8Li18V6dZ6jfSzwzJcxSR3BOmhXRystyU3x HC7hGxVsZoA0f2nf2SPFHxr+JHgj4y/DD4jT/Dbxt4IhurW3vUsI9RR7e7Uq48p5IwGAdxk7gwbG AQDXx9/wU71X4dfGPw34H/Zz8L65b+IPjQPEtjZW9rZH9/a/aYGS6kukXd5MDo6Oyls/dblVYj9a PDXxJ8A+Mte1/wALeFfEFlquseFpVg1W0t5lknspXLBVnQHKFijYz1wa8/sdN/Zxtvjvfvp9j4dT 4vTWIvLqSOG3/ts2QVYRK7hfOCFSqE55XaDkYoA9B+G/gTRfhh4A8OfDrw4mzTPDWn22n2/GCyW0 YjDNj+JsbmPckmvNv2ofgb/w0l8CvE/wV/tv/hHf+EjFmPt/2b7X5P2S8hu/9T5kO7d5O374xnPO MHC1j9s/9lHQNfPhjVvit4eg1FJDC6fbo3SORThlklQmNCDwdzDHevF/23P2xLb9nrRPANv4N13S Bqvi7XNNS4Ny6zNFoE5kM99CoYKU+QIJDuQbicZwQAekfHX9kLwv8dPhV4R8Dajrd1oXiPwD9lm0 LxFYIEurK8tY0jEqpuzscorNGJFOVUhwVBrx7Tv2HfiP4+8Z+GPE37V/xkufitpfgy5F3pmix6Tb 6RZPcxjEc90Ldz5zDrhhn+EsUZlb7OvvjT8I9M+H1v8AFfUvGGlWvg67VWh1aW7iSzlDEqoSViFY sQQACSSMAVS+F/x6+DPxqS6b4U+MtM8TvYgNcRWVwrzQqxwrSRcOqkjAJUA9jQB554C/Zw/4Qj9p z4m/tG/8JD9t/wCFjWmmWv8AZf2Ty/sf9nW8UG77R5zeb5nlbseUm3OMnGT9PUVx/wAQtSvtF8A+ JdY0yXyLyx0y8nhkABKSxQuyNhgQcEA4IxQB8Cy/sO/GHwH8U/G/jj9mz43y/DvR/iLfPqOq6bPo ltqwjupWd3kt3ncBfmkbaAqlQQCzBVwz4dfsTH9mib4x/Eqx8f33iyHxt4Zuo76DVLZWvH1COFpJ LtrxZcMJHaU+WYcjeBvO35vRf2LvjzfeI/2J/CHxx+PniqBbiZdTfUtX1BobSILDqlzbRFyojjXC IiDAGTjqx5+nLz4o/CW7+Gr/ABJ1TxJpTeBb2BmbUrmeIadLA5MZzJIQjK5yoHO7oM5oA/F79iD9 lz4++OP2SPDuq/Cz4833gPwx47Gpf2tpH9lQXpieK+uLN3sblpEltzLFCu4IVO/LbjkAerf8FB/g v4J/Z/8A+CdNt8KfAEDQ6Vo+q6YPMkO6a4mklZpZ5W7ySOSxwAB91QFAA/RP4FfF39mXxhp3/CD/ ALPPiDw9NZ6KsjrpOiGC3W3jeQs7paRhNqNIxJZU2lmznJ56Yar8Dvj5a674KnbQ/H1t4dvRbarp 1xHBqEdpewswCTwSh1SRWVsblyCDjoaAPh24/YA+KPjCDQ/ht8YfjvqXjP4P+HLiCWDw8+mw2l1d Q2pzBb3uoRP5kyIAAWYEnGVEbBSv6cWlpa2FrDY2USwW9uixxxoAqIiDCqoHAAAwBXKWPxF8Can4 31H4a6fr9nc+KtIt0urzTI5la7t4JdpSSSIHcqsHUgkc7h612dAHxkf2OdD1L4v/ABv+JHibX31D SfjZo1tot1pcdr5EllDBZpaO6XXmvvZgu5f3S7CR97GT4D4Q/YG+O2g+B0+Beo/tF6i/wijEkB0m y0a1tdRksZnZntf7RZ5JY0bcQcBgVJXYFO0fVPxp1fxbYfGj4N2GhfEvTPB2mX15qI1DQrzy/tXi JEWDy4rTcjNugJYttZf9YM54x7b4K+I/gL4j2+o3XgPX7PXotIu5LC8azmWUW93EAXhk2k7XUMMg 80AfLPwO+H/gL9gP9n5fBPxT+IllceG4NTumttR1C3XTkVb0GUWrKZphJJlZGBBXcDgIMc/J3/BK X4KeG9Jm+J/7Qfh20mg8PeKNYvNK8J/aVKyLoNtcvLuXIHyyuUUj+9Cfx/R+O/8A2fv2nvBF0iy6 D8SfClnebJw3kahZxXluofDbtyLIiyA+oVvQ18UfHT9u34VfCnUfgt4R+B3irwv/AMIt4g1yztdW ltXiaDTdAhnWKR4VjZYoYztkj3lSECMFAIyAD1L4wfsaeI9c+Ms/7RH7PXxIufhV481K1W01V1sI dSsNTijCqhmtpWVQ4CqCx3j5VIUOCx1v2cP2O5fhB8QfEfxw+KHja6+JfxP8UQC0uNXubZLOKC1G 391b26M6pny0BOcbVAVUBYNzP7SPxx1r4NeKvhP+0l4f8Sf2t8H/ABHNBoev20brLZLa6oPOstYg YA48sg+YwJDoVUDJzX6AqysoZTkHkEdCKAPmP9kX9nH/AIZW+DNp8I/+Eh/4Sf7LeXV39t+yfYt3 2l923yvOnxt6Z38+gr1L4x/Czw78bPhf4k+FPitpY9L8S2j2sskJAliJIZJEyCN0bqrDIIJHIIrn fib+0j8Bvg1qVvovxR8d6T4c1G6QSR2t1cqLgxsdokMS5dUJBAYgKcHng16P4Q8aeEPiB4ftvFfg bWrPX9GvATDeWM6XED7ThgHjJGVPBHUHg80Afm1pP7A3x3vvh7B8CviD+0ZqOpfCyytlsYtK07Rb WxvJbOJQIbeW+Lyy+UmADGdwZPkyBjHR3H/BOyxv/wBmfwJ8DL7x9PF4m+GOoT6l4e8U2Vh9mmtJ prh7kBrY3Em5QzjpMpJRCCMHP0+n7XH7MUnjAeAo/ih4fbXTN9nFsL+Lmfds8rzN3l+Zu+XZu3Z4 xmvcPEPiPw/4R0S88S+KtSttH0nT4zLc3d3KkEEMY6tJI5CqPcmgD8/PDH7EvxU8T/Evwb8Rv2of jPcfE1Ph7ci90XTINJt9KtkvEKNHPO0LHzWBRWwVDZA+fbuVvmr/AIKRr8LP2n/Hvwn/AGf/AIca 1Dq3xNj8Sz6ddrYt5r6VpkkZTUjd7QdhQxo+0nO1H4x1/UH4b/tLfAH4v6zN4d+Gfj7SPEWqwKzt aWt0jTlE+86RkhnQZ5ZQVHrXJ6n4h/ZF+DvxC8T+KtWuvCXhHxt9mS81m9l+yWmotb3LqqvNKQsh Ez7eMne2OCcUASftA/s26T8af2atT/Zs0HUx4S0y7tdMs7W5W2+1rawaXc288aCHzIdwK24j++MZ zzjBxv2h/wBl7/hfX7Nafs8f8JL/AGFsi0yL+0/sf2r/AJBzRtn7P50X+s2f89Plz3xXb2X7Un7O eo+BLn4m2fxH0J/DFnMtvPfG+iWOK4ddyQuGIZZWUErGRvI5AIrtPh18Xvhh8W/Dsviz4aeJ7DxH pEDtHNcWc6yLC6jcVlGcxsFIOHAOOelAHjf7Uv7Mo/aV+Ddh8JP+Ek/4Rz7FfWF79t+x/bN32IMN nledDjfnrvOPQ1c1j9m/+1v2t9C/am/4SHyv7F8Mv4c/sj7Ju83fPPN9o+1ecNuPP27PKP3c7ucC 9ov7YP7LniLxSngvRPil4fvNYmlEEUKX8WJZWO1UikJ8uRieAEYknp2r6QoA+YYv2cPK/a3m/am/ 4SHPm+GB4c/sj7J0xOs32j7V53tt2eV77u1M0P8AZri0j9qvxZ+0zPrwu4/FPh6HQG0ZrMBYlieF jKbgytvDCHGzyh977xxz6l8S/jV8JPg3ZwX3xT8X6Z4Xiu93kC/uUhkm2fe8qMne+O+1Tiovhd8c fhD8a7K5v/hR4u07xPFZFRcCynV5IS33fMj4dA2DgsoBwcdKAPha2/YL+MPwtufEGifst/Hm9+HH gjxLcyXUuiT6TBqYsZJvvmzuJJEeIYwqhQjbQNzswDV6BY/8E+fhrpH7JPiT9lfSdZu4h4qkW9v9 dlRZbufUo5op0uHjyAUVoEXygw+QEb97Fz9kfErVb/Qvhz4q1vSpTb3un6VfXEEgAYpLFA7o2GBB wwBwQR61+afwz+L/AMYfiL+xD8FfiTq/xf0/wR4p17xIYtS1fV47eNdUt473UIf7OjURGMSypHHt 2qpxGeeuQD02D9iT4ja5oXwfsPid8XW8T6j8IvFVt4gtrttGSFrmztPI8qwIW5G3b5J/fnex38od uT7t+1R+zf8A8NM+FfCXhn/hIf8AhG/+EW8TWHiLzfsn2zz/ALDHPH9n2+dDs3+dnflsY+6c8eB+ K/24/Dnh79tvTfgLeeKdD0/wTa6JM+o3UkiiYa+1w0KWMkrNtRkVVIjChiX5JGBR8JP24/DnxE/a ++IHwaufFOhr4V0uHTbXwy0Ei+bql9NGHugspY+bIjkx7EAA28gtk0Ad78dv2QdY8efFjT/2g/gl 4/ufhb8SrOz/ALOub6Kyi1C01GzHKx3VrKyK5HygMxYYVfkJRCt79nH9kq/+EXjzxF8avin45uvi Z8TfE9sljPq9xbpZw29khVvs9tbRsyopZELEED5RtVPm3ct/wT7+MHxC+L/wz+IPiH4n622sXei+ NtY0y2mljihENjbQ2zxxfukRcIXY5IJ55Ne5aH+1r+zL4l8Xp4D0D4naBfa7NIIYraK/iYyyk4Ec T52SOSMBUYkntQA39qT9nPw1+1L8H9R+E/iW+l0pbiWG6tb2BRI9rdQEmOTy2IDrgsrLkZVjgqcE fHPjL9gX49fGnwJL8PPj9+0bqHiPRbWHGn21lolrYx/aoxi3uL5kk8y7WPqYmZSWAbzA3NfqdXA/ ET4p/Df4SaIPEfxN8S2HhjTXfy0mv7hIFkk67IwxBdsc7VBOOcUAfIfxW/Yel+Jnwf8AhP4Ng8e3 Gg+Ovg3DaJoniazswv7y2ihiZntDMcCQQRsQJuGUHJXKnz+0/YB+JfiX4q+APjd8aPjje+NvFfgb VLa9jV9IhtbE2luwkNtBBBMiwvI4y8+GLAAGPjJ+6vhj8bPhJ8Z7C41L4VeLdN8UQ2ZUT/YbhJXh L/d82MfOm7BxuUZwcdK5nxz+09+zz8NPFcfgbx/8Q9F0HXn2E2d3eRxyRCQbkM2TiIMCCPMK5BBH BFAHh2pfsh+MbD9rW7/ad+G3xMm8M2viU6cviPQ306O7j1GHT0ji8pJ2lQxCSOJRkIzIxZgSDtHp P7K/7N//AAzN4V8W+GR4h/4ST/hKfE1/4i837J9j8j7dHBH9n2+dNv2eTnflc5+6Mc+SfsJfGPx9 8X4vjNc+O9dOuQ+HPHWqaXpblIUWHT4NpijUwooZQDkM2SfU1N8ev20fgvD8JfiXY/CL4p6LN490 PQ9RuLCO1u4JpRdW8DuDCH3RzMhUkqu/pkjFAG98Of2LfCvhbwr8aPA/jbV/+Er0P4za7qGsXUH2 X7I1ml+SwiR/Nm3vE2GSXCEMAwUEV88z/wDBPr4+t4E/4UPD+0lqQ+ERX7P/AGU+i27agLDdxZ/b vNEhj2fL2THy+Vs+WvuD9lrxd4i8ffs4/Dbxr4uvW1HW9b0Gwu7y5ZURpp5oVZ3KoFUZJzgAD2r3 ugD4m8b/ALFHhTW9J+BfhnwRrB8MaH8D9csdYtrZrX7Y98tnIkrRPJ5sXlvKylnl2v8AMxOztXd/ tOfs4f8ADR1j4Dsv+Eh/4R7/AIQnxPY+I932T7X9p+xBx9nx50Pl79/3/mxj7pr6eooA+GPj9+yH 4x+Jnx38MftEfCj4mTfDrxXoWmf2NO39nR6jDc2PnSTbdjyxBSTK6tncCNpG0rk9V4C/ZI0Hwv4+ +O/irxRqyeJdH+OjWgvNKktPIW0gt4rmKSIy+c5m8xbg/MEjK7eMk8fXtFAH5Tj/AIJ6fGvTPB0/ wM8L/tGarp/wcuWljOjPpNvLqCWUzEyWa6h5iv5bhiDhVTk/uiCQe6+IP/BP/wCy+J/h98QP2Z/H c3ws8T/DzRl0C2meyj1SC5sE8wgTRSsimRjNIXdg4YkHaCoYfo9RQB+aGm/sB+O7n42+BP2i/iB8 a77xb468KXvm3clzpMMVjcWIG0WdrbQTItnhWlzIDIGZ9xjyDu9I8L/sh+Mfh/8AtUeIvj/4A+Jk 2l+GvG11FeeIPDMmnRzpeyxQyRoBdGVWjCvI0ikR5BO0lhX3PRQB+eXgr/gnn4F0v9kq6/ZQ8fa/ L4lsZb+bUoNWt7VbC4tbp33xSQxtJcANHypJYh1ZlIAJrkLv9gv4zfEbT9I8A/tEftBaj49+HOiz 28v9jQ6VDp02oLbkFEvb2OV5pAMDJYux+8GV8MP08ooA+VPFP7L1hrv7R3wq+PWl60mk2fwt02/0 yDRY7PclxFeW0tsm2cSr5IiWQEL5T5C4yM5F34s/s4f8LR+O/wAJPjZ/wkP9mf8ACrZNRk+wfZPO +3f2hGkePO85PJ2bM/cfdntX09RQBHNDFcQvbzqHjlUqynkFWGCD9RX5ceB/2BPjj8IbTWPh58Fv 2hr7wl8M9Xu5rr+zRottdajbLPhZI4L6STfGxUACVAmD82zdkn9S6KAPzX8Af8E7rX4cfBL4xfAf RPH89xoXxQmEtnNdaeJLrS+Nrea63Ci7ZlVBkLBypOPm4+n734B/a/2VB+zJ/buzHhCPwr/a32XP +rsRZfafs3m98b/L83/Z396+iaKAPgDxj+wfpXiX4IfDD4f6Z4xudC8dfCGGBdA8WWdtsmiljCiT fbeaQYpdilk83IKj5iNwbgoP2B/iz4s+L3w/+OXxu+Olz4z8R+A9St7uC3GiQWdibWBxIYIooJkW OSR1BebacjAKHaDX6eUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAf/W/fyi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAK/Gv9h34GfCfx1+0F+1J8QPHHh+w8SavZ+P tZ023j1G3juo7a3e8uJHZI5VZQ0pO0tjOEwCAWz+ylfl1Z/sBfGDwB8S/iD8W/gb8ernwdrnxD1v UNSvbdtDgvLH7Ne3D3EcDQzzOHmt2kfbcYBIOAiZYsAfNnhPR7H4Xa3+338D/Ai+R4E0vwteapaW kZ/0eyu73R53mjiX+EHcUwOixKO1eYfEjwjpXxA/ZT/YZ8B66pfTfEniOw026VSVJgvJ1hkAI5BK seRX6jfDX9iXQPhz8Dvib8Mx4outc8XfFyz1KHX/ABTfQiS5uLnULeWAS+QJB+7iMzOsZlJLM2ZP m4wp/wBhkT+BP2fPBX/CbY/4URrNlq/n/wBm/wDIV+xzLL5Wz7T/AKPu243bpcdcHpQB85/t8fBr 4W/CbU/2efHPwu8Lab4S1jT/AB/o+mpPpVrFZs1rITJskMIXzAGhGN+SMtj7zZ6Xwh4P8NfG3/gp l8X/APhbmmRa9B8N9D0i38P6bqSLc20Ed5BDLLcJDIGQsXdiDjjzP7wBH2P+05+zh/w0dY+A7L/h If8AhHv+EJ8T2PiPd9k+1/afsQcfZ8edD5e/f9/5sY+6a8++PH7ImveOfitp37QPwM8ezfC74k2l odPu76OzTULXUrLjbFc20rKjFMDDEMMBcrlEZQD5e+HXwo8A/CT/AIKw6tpnw60630jT9b8BSapN ZWqLHb29zNdRxSCONQFjDiJZNoGMscYBwPgM8/8ABHAj/qdP/a9frr8Cf2H/ABN8Kv2h7r9pPxx8 Vbvx/wCJ9Y0ebTtT+1adHaia4llRllhMUxWGGOKKONYBGQMFg4BCLxP/AA7gH/DHH/DJX/Cw/wDm Nf2x/bP9k/8ATTf5X2X7X+G7zvfFAHlX/BQ/9mH4IfCj9h+5vfAnhDTdG1fwTNpH2LUrW2jhvy73 MVtK0lygEshkEhZ97HLYbqARpePNO0v46f8ABQn4R/Df4twjV/DGg+Al8RWumXmJLO91Sd5FeaSF vlkwqg7SDkxc5XIP3v8AtV/AL/hpv4H678Gf7d/4Rv8AtqSzk+3fZftnlfZLmO4x5Pmw7t3l7fvj Gc84wfh79tKy+B2n/FP4P+EvG/i7WPhP4+0vT5H8PfEC1ihTTIlgUxzWl40kyHDYB2n5V83az7ZH BAOW/aC+Dnwu+Gv/AAUR/Zp8TfD7RrPQb7xPPqa6ja2ESW8L/YoVEM5ijCqHcTOrMB82wZ5GT+yd fz7+BvCNv4z/AOCh3wlu/D3xdvPj3rnh63vtQ8SeIIkhXStPtYoJEtLe3W1MkUQMpbeFkKl5U6MW r+gigD8t/wDglz52r+HPjj431Rt2sa38R9YF2W+/mOOGUBj/AL0747VU/YO/5Ox/bG/7GfTv/Rup V0/7OukS/s6fti/Fn4H6tiDQvitI3jbwvJ92OSUsy6nar282MsrBByIkDHgjGNqX7APxp0v4t/ET 4pfCH9oa78Aj4jam2o3tnbaBHc4w8jRI0r3q7/L81wGCLnPSgDO/4K/azYL+zBp3gpALnXfFPiHT 7fTbVfmnlki3u7RoOTjhCfV1HUivIv2ttC+MF9/wUE+AuhfCHX7LRvHg8JXqW2palD59qrxxXxuG kj2PnzIhIB8pwzA8YzX1B8MP+Cftvo/xT0f4z/Hz4m618Y/FHhsh9J/tRRBZWUoIZZUt/Mm+dGAZ AHChsMVLBSPavGn7Mv8Awl/7V/w+/af/AOEk+yf8IJpd7pv9k/Y/M+1fa4rmPzPtPnL5e37Rnb5T Z24yM8AHyR4z/Y//AG3fj/pK+Af2h/jppieB7maJ9QsfD+lpFNdpEwdUMjRQkfMAQGLICAxRiAK5 b4i/DLwZ41/4KG/CT9nbxdp6XHw4+HXgRb7RtEuSZbOeeFpbdDJG+RIFSJMhs7vJ+bKlgf2Jr4// AGl/2S7T47+IPC3xM8H+LLv4d/ErwSXGla/ZQpcFYZD88FxAzIJojlsKXAG9wQysykA+QP2t/APg n4E/tVfsz/FD4Q6Ta+Ftf8S+J4/D+pQaZDHax3+n3UkEMnmRRqqMUSZl3EZ+Zcn5VK+R6b4c/aU8 R/8ABRD9oiH9m3xZpHhPUIYtIa/k1e1+1JNCbWAIsY8qXaQ2STgcV9x/Df8AYx8VH4vaP8d/2lvi ZcfFjxX4ZhaPRYTp8OladprueZo7aBijy46MQvOCQzKhX0/4Z/szf8K6/aT+KH7Qv/CSf2h/wsmG xi/sz7H5X2L7HGkeftHnP5u/ZnHlpjPegD5is/2Jv2hPi98RPCfjL9sH4s2vi7RfBd4mo2Og6PYL Z2kl3GwZGmcJFuXjByjMVyoZQTn9RqKKAPwb/wCClHwj/ad8PfBLxX4y8dfGseJ/BE+tW7weHRot ta+THPdZtk+1RnzG8gEDJHzY5r9L/gD8I/2m/h/4pv8AVfjb8ah8StHuLJobewGi22m+TcmRGE/m wks2EVk2nj5s9hX0Z4x8D+DPiJocnhjx7oVj4j0iZ0kez1C3jurdnjO5GMcqspKnkHHBrqaAPkD9 vv8A5M2+LH/YFk/9DSvmHwd+yh+z3J/wTitba68M6bJPqXggeIJ9YaCM3q6jLp/203IuSvmDy5Dh RnAjGwgrkH6e/b7/AOTNvix/2BZP/Q0r4f8Agz+xP8bPiF+zR4B8G/8AC/8AUrD4S+LdB0rU73w+ ul273iR39tFc3FnDqO8SC3Z3YKpG1VO0o4zuAPm74jR6n8ev2Wv2I9D+JLzXL+KPFUei3kk0jGWa 0+2fYUcvncS9uqndnPOc55r6t/4KF/CL4YfCH4N/DHSvhf4X0/wvZ3/xQ8PTXEWnwJAksiWl5GHY KBk7VAz35J5JJ+vfif8Ase+GvGg+CGneD9UXwlonwT1ux1azsUtDdC6hsWjZbfzDNGYy3l8ykSEk lipPXqP2qP2b/wDhpnwr4S8M/wDCQ/8ACN/8It4msPEXm/ZPtnn/AGGOeP7Pt86HZv8AOzvy2Mfd OeAD5L+ITQfs0f8ABRvwt8TJXWx8H/HnSZdE1SRjthi1jT1QwSt0ALqsKKT13ynnmvNP2cpfC3xF 8F/tL/tvfFzUrzQvDvxDa/0myvrb5L218NafGbcG2JR8SSfJEMKT5sIIAJr71/bA/Zd0b9rX4Sj4 bahq58O31pf2+o2GprbfamtZ4cq37rzISweJ3THmLgkNztwdGP8AZc8BN+y1F+yndSSnw6uiJpEl zCoimaVQHa7CncokacecQcjccHIoA/IB5NK1z9kvXPC3wS/ZLll+H8Og39ynjPxVdadZagYI4ZJT qh/ciSaZQPMQxSbeFVPkwKxPF+kaPr/7A37Ieua3YW9/qMnjXTdLe5nhSSZrBbnUFFqXYFjDhVHl k7eBxxX3NpP7A3x3vvh7B8CviD+0ZqOpfCyytlsYtK07RbWxvJbOJQIbeW+Lyy+UmADGdwZPkyBj HR6t/wAE97nVv2R/B37M0vxFki1XwBrH9taP4gg00RFJ1muJUWS1Ny+4KLl1BEynIRscFWAPlv8A bLtdbv8A9ub4TfCHwp8Lbb4jeGvCXhmTWNO8GC8tdG064uZprpJZiZUMLLEIYz5RU7thGNpYGw3g b9oa9/au+D3xa0D9nOx+CL6dqIsdbmsfEejzJqelXTxxTh7WH7PvaCJnbKI7tlRjKpj7F+I37E/i b4n+GPh94g134pXll8avh4JhaeN7HT4oXuFmlZ/LuLFZArxhG2BRIAcuSCsjocnwT+xf4uX4vaP+ 0L+1X8WpPibq3giKSTSITp8GkabpzAbmuHjiYoWXG/O1MMqsxbauAD9Fa4H4rf8AJLvGP/YG1D/0 neuK/wCGoP2aP+iteEf/AAfaf/8AHqgu/jF8CPinp9/8OfC3xO8N6hqviO0ubGCGy1azu7hmmiZS Y4I5t8hUZbaOwPI60Afzk/AHV9d17w9+zr4Q/aksLmx/ZvOpapa6U0Uix2Ooaub2ebzdSIJYxLPM Yfm2AIjleBKT+gv/AAUOk8Ra3+03+z/8FtD8Cr4+8O21vearD4TF7BpNnqdzao6pE00oMSrBFFkI ykMjNGo+evrzRv2FPCK/sXWv7HfjHW/7dt7CO8e21pbMW8kF5PeT3kFzHAZZNphabYV8394gZSQH IGT4x/YX1D4h/B74feEfF/xKvH+I/wALn3aD41srL7LeRKhXy1nga4lMoCIgY+crMyBiQS4YA+Kf H/gX9ovXfjJ8Jfid4R/Zi0/4Laz4T1y38/ULDxLopF/pzkLcWj28QthJmLcARubYWUDnj3bUdQ0/ 9k3/AIKNalrmqzDTfAfx60Ce8nlb5YIdZ0WMyysfUmNWY+r3Nei+Hv2G/iP4v+K3hX4o/tVfGCf4 p/8ACCzi60XS4tKg0myjuVKss8yQMVkO5EYrtBJUBmZMqfCv+CpGtfDH406P4O/Z58FatBq/xffx TaWlnYWj77iyS7hZbhrraD5cJjeNmyQThW+6rYAPY/8Agm9oep+NtI+I/wC1v4qt2i1j4y69cXFm snLQ6PYO8NrECeQFbenuqIeeK/TKvF9KvPhF+zV8N/CngbX/ABLpfhXRNGsoNLsZNVvILFZ/ssSq cNM6BnIG58EnJJPWqn/DUH7NH/RWvCP/AIPtP/8Aj1AHxr+2f/yeZ+x5/wBhjxD/AOi7Cvmr4gfE X/hjL4y/tb+Gkl+xWnjzw1H4w8PEnaBqN9IbCQxjuxvLpmIH8MXbBr1j9oj4p/DX4v8A7b37KWk/ CvxTpni+40LUdeuL7+ybyK+W3SSG2dfMaBnVSVgkOCc4XPSvo39rX9hfwv8AtXeO/h5431fXf7Ef wVOftkIshdf2pZNNFN9mLmaLycbJAH2vjzCdpxggH5JfDvxZr/7DHws/aA+BOvXUi61r/hDQNZ0V D8sn27W7eKxvvKHGTBNcgL3xBk5r6C+NP7PfhL4R6b+w/wDDjVNBsZr+HxJp1jrDS20UjXLzSw3F 1DKWUmSI3E0pCNlfmPHJr7q/aL/YW8LftD/H34cfHLV9d/s4+B2t1u9P+xiddUgtLr7VDE03nJ5S hmcN8j5Vu2K7X9rb9ly6/aW0fwjN4e8XzeB/FPgXV49Y0nU4rZbxY548H5oWePPzKjKd3BXkMDig DjP+Ch/hfQz+wx8R9BtbaCwsNM06ze1hijWOKEWd3bvEkaKAEA2BVAAAHHSvoP8AZt1bUde/Z2+F uuawzNf6h4W0S4uGf7zSy2MLuT7liTXxP+2npvj7xH8Ffhz+xiniIeKPiJ8UryysdQ1QW62pbTtK ZLq/1KSCNmEaho48qDhssF/u1+lPh3QdN8LeH9M8MaLF5Gn6Raw2dtH/AHIbdBHGv4KoFAH43/Fr 4S/Gb4WftT/Ev45eEfhToH7Q/hnxjHZi8sbmW3l1bSBDEIzbpFKJCofaRhIZd6KgO0qc+Ry/Fr4U +G/2Ev2jD+zloGu/DnxJDqdpF4i8P6k5DaPLrF5HZyi2XC+XE0IkgA2rIhQBgNqk/eHjz9if4j6d 8Z/Evxv/AGYvi5N8LtT8b+W2uWMmlwarZ3U6Ajz1SZgqtlmbBRjvZirKCRXX/Cb9hfwP4M+H3xI8 KfEzXLr4i618XXaTxPq93ElrJcsN5i8iJC4g8lpGdPmYq/IIAVVAPzgtPhd8S9a/ZYtvhbpn7Fml mwvNDR4PE58VaMt6biSAOmqmVollDFiJSplC7f3ZITisD9oS4+Odz8IP2Pfgh8S/DUnivU9Svb/+ 1NA/ta1iTWpNGnigsLaTUY3lh+e2k5be2TJz+8HH2RP/AME+vj63gT/hQ8P7SWpD4RFfs/8AZT6L btqAsN3Fn9u80SGPZ8vZMfL5Wz5a+h/in+wz8KfiB8D/AAj8GPD1zd+EX+HbRT+GtXsmDXun3cXP nFjtMnmv+8lAZCzgMGVgCAD83/jx4D/aP8Uz+BfFngD9lDTPg54o8E6xa3dhrOn+J9DQyRRA5sni QWqyK+AQGY4CsANrMD7ZrHwj8A/F3/grTrll8RNGtte0/wAPeBrfVobS8jWa2e5SW3tkMkTgo4Vb hmAYEbgDjIFeqj9g/wCKfxM8ZeF9Y/at+Nlx8T/Dngy6W8sNFh0i30qCeeLGyS6aF28zgYYFSxBI 3gM2fpXRv2b/AOyP2t9d/am/4SHzf7b8Mp4d/sj7Jt8rZPBN9o+1ecd2fIxs8ofezu4wQD86/hT+ zZ8Fp/8Agp/8WvDlx4T06Xw3oGg2Gq2WjvbRnTYL67htFaVbXb5WV8yUqCpCmQlQCBir4F+EWlT/ AB9/bb+APgC8tvA+i65oulpb7MW9jZz3tmXJKrhY4i87qwUcIxCjoK/R7wl+zf8A8It+1R45/aZ/ 4SH7V/wmmkWelf2V9k2fZvsiwr5v2nzm8zd5P3fKXGepxz5/f/sS+F/EnxK+OXjLxnrj6po3xt06 w0+40yO18iTTxYQJEssdyZXEj70WRMxKFYDO4DkA/KPxBpUnwk+B+k/Cj9r/APZehl8E6Kloi+Ov Bj2z3AjWRNt09xGsnzXPAkaSaLzC2NgJUD+gz4f61oHiPwJ4c8QeFL19S0TUtOtLmxupSzST200K vFI5bDFmQgtuGcnnmvzNX/gnt8fNR8CRfAfxN+0hf3vwigEMH9kxaJbR3z2MLqyWv20ytIqKFABO 5OMeXt+Wv0+8IeFdE8C+E9G8FeGoPs2k6BZW9haRZzst7WNYo1z3IVRz3oA/KP8AaB8TfBq1/bSv Lnw58L9e+Pvxb0zQ7e1m0Y/ZW0LRLV9ksT5ngcxTMJAxdtyL5xwQzYHl/wCy4virS/8AgpnrR8Q/ Dey+EF3rvgqW4uPD2m3tveQBfOg2SyNaKkIkfYGZQoOfmIyxr7F+Jn7GHxHm/aB1n9oz9nb4sSfD XxD4rtIbPWoJtKg1a1uVhSONZESZ1VTtiQ4Kk7gSGXcwMPwg/YS1z4X/ALRdl+0nrHxW1Dxj4iut OubPXhqVhGDqMs4IV7doplW0ijCxBYdkoATAYBhtAPsr4wf8kk8bf9gPUv8A0mkr8D9T/wCUYf7L H/ZSbf8A9LtZr+hLxhoH/CWeEtb8Lef9l/tmxubLztu/y/tETR79uV3bd2cZGemRXwRc/wDBP8XP 7MPwr/Zw/wCE82/8Kz8SR+If7U/svP23y57ybyPs/wBq/dZ+17d/mv8Aczt+bAAPMfFHgHwLf/8A BWTRbK+8OabcW918Pn1KaOSzhdJL77dcf6S6lCGm4H7w/NwOaP2cvAPgWD/gpB+0bFD4c02NNDtv D0+nqtnCBZzS2cTSSW4CfundiSzJgkkk819A/H79kPxj8TPjv4Y/aI+FHxMm+HXivQtM/sadv7Oj 1GG5sfOkm27HliCkmV1bO4EbSNpXJNS/ZD8Y2H7Wt3+078NviZN4ZtfEp05fEehvp0d3HqMOnpHF 5STtKhiEkcSjIRmRizAkHaAD8iZPGXiTwf8A8E2vjinhuaS2bXfirqGl3csR2lbS4jtGlUnssgQR t6hiDwTXs3xJ+EPxW8Tfs7y/CTSv2KtL8Lw2VjGLHxCni3RDd2k8QBW8efy43lLEZl3SgSAkE9CP 0K+HX7CXgvw38BviJ+z/AOP9afxXovxC16+1ySeK1FjNZvdrB5YizJcAyQPArrIeCeCmMg+J6j/w T7+PninwbZfBLxz+0jqOrfCaz8mM6WmjW8N/NaQMGitpL7zXdlTau0vvXgfu8AAAH3l+zq/j5/gT 4EX4pKR4th0i0i1MtPFcs9zFGEeQywM8bmTbvLKxBJr899b8JeHvjv8A8FTdW8I/Fyyi1vQPhz4N hv8ARNLvAJrN7ieS28ydoHBRyGnYHIOSkZP3AB+pfg7wl4f8A+E9H8EeFLRbHRtBtIbGzgUkiOC3 QIi5OSTgDJJJJ5JJr5S/aI/ZDm+LXxB8P/G/4XeNrr4ZfE/w3AbSHWLW2jvIbm0JY+RdW0jIsoBZ gCWIwSGVwF2gHyf8ePB3hb9nv9vr4A+MPgxpEGiX3xBj1fS9c0zTI0toL23gSLy3eFAqbmaTcWwM tEp6rmj/AIJu/Bn4WfGf9nzxD8V/i54csPGni34ga3qh1m71W3S7uAFfYIEeUFogB8/ykHLA54XH 038Hf2OdZ8OfF9P2hvj78Qrn4q/EOztDZ6ZcSWUWm2OlxOHWQW1rCzJuZXZd3yj5mYrubcPPrz9h f4oeB/GHiq8/Zi+Nd38LPCHji5e81LRF0qHUUt7mVcSy2MksimBn6AoFZOMMQiBQD85/BM+o/BX9 gf8Aa00X4cXU6x6N46n0OC7ikIkWwe4tLJ3LjBO+AlCR/ez0r7c+On7Jf7O+l/8ABPLVItI8L6Zb XXhzwomsWesR28S30l7BbLcec1yF8xzcsCrgnaQ2AAAuPcfgD+wZ4I+DXwd+InwM8Ta3L438MfED Ubi7lW5g+zXENvNFHGkbSJI/mTR+WH89RH8/zBFxXh2o/wDBOz43a98NZvgFr37R2pXPwstYWi0/ S/7Gt/tSLGCbSK5uxKJJoLeQI3lZCuqhV8rClQD7F/Yq/wCTSPhD/wBixpn/AKIWvp6vMPgr8N/+ FPfCTwh8LP7R/tf/AIRTTLXTvtnk+R5/2aMJ5nlb5Nm7Gdu9sepr0+gAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD /9f9/KKKKACiiigAooooAKKKKACiiigAooooAKK/OL9vj9qb4hfCOTwb8DPgJbpc/FP4nXH2axkd VkFjbs4hE218rveRsIzgooSRmHyjPlFr/wAE1Pi5rOk/2/42/aZ8ZP48mQyG7s7qYWUE7DJWONpl laNTwNrxZA4VegAP10or81f2Ffin+0svi/x1+zj+0vp97q2q+A3BsPFBtZRa39vuVfLe68tY5JCj xyxEnzXRm3jKE191/Dv4qfDr4t6Vea58NPENp4jsLC6eynns5BIkdzGqu0TEfxBXUkehFAHf0VwG kfFT4da/481j4YaN4htLzxX4fiSfUNNjkDXNtFIEKtInYESJj/eFeN6v+2x+yfoVhbanqfxR0WO2 vLmWziZZzITNBt8wFYwzKE3rliAoz1oA+o6K+dPEf7XP7M/hKPVZPEPxI0a0/sUWpuh9pDun22Pz bfaqbmcyx/OoQMSuT0FdxYfG/wCEOp/DRfjHZ+MNMPghkaT+13uUjtAEcxsDI5ADBwUKnDbvlxni gD1OivnX4cftbfs1/FzxF/wiXw6+Iek6zrTFhHZpMY5pdgy3lJKEMuBz8m7jJ6A16P4t+LXwz8Ba /pHhfxp4lsdE1XX1next7uZYnnS1XfMy7sDbGvLEkADmgD0Oivmvwh+2L+y94+8Xx+A/B/xL0bU9 duJBFDbR3AHnyHokLsAkrHsI2YmvkX9u39sWf4NfFn4PfDTwh4zs9FjvfEdlL4wQBGuLbSBPauPN ZgfKiljaQuVwzKuMgZBAP1OrjfG/w78A/EzSP7A+IvhvTvE+mhhILbUrWK7iVx0dVlVgGHYjBHrV 7wf4w8L+P/DVh4x8F6nDrGiaohktbu3bfFMgYqSrdxkEfhXwX/wUn/aK+I3wE+E3h7T/AIVXMWk+ IPHWrppCarOB5dhC0bM8gZgUSQnaAzA7V3sBuAIAPtzwH8Lfhr8LrGTTPht4V0vwtazbfNj0yzht BIUztMnlKu8jJ5bJ5Nd5X5Hf8O2vjGNI/wCEgg/ai8aHx4Yci+N3cfY2lxnZs+0ed5WeP9YeOdv8 NezfsL/E39oLx18KvGPgn9pPT77SvFPgi7m05dbu7SS1S/tirqs6SFI0maFo2DSR43L5bN8xLMAf ceueCfCHiXWdE8Q6/o9rqGqeG5pJ9MupoleazllTZI0LkZQuvytg8jrXUV+UPhn4vaZ+zJ+wr4n8 XWnx0tviprgn1OPQ9fvnlnE+pmAPDYotxNOztHsLBS+OTxjOfXv2QP2t/h/4w/Zf0vxx8S/iFY3m veG7CKfxVdXEqI1lLeXEiQm4Cqqx7yAqADHQAUAfoBRWJofiTQfEvh2x8XaDfRX2janax3ttdxNm KW2mQSJKrd1ZCGB9K5v4f/FT4c/FXw1J4x+HXiGz8QaJDLJA95ayh4VkiAZ1LcAFQwJ9AaAO/or5 J1n9vD9j7QdYOg6j8V9E+1hzGfJma4iVgcENNCrxDB7lsV2nxu+Pfgr4bfATXPjFY+JdNW0fTLiX Rb1pVms7u+a3ke0jjZCVk8x1AAU88jNAH0FRX5O/szftG2v7RH7EOv6Z43+LkGjfEn+yddudZ1VX EV1osMl5cLBdtHAYfLSKIxlNjLhduCK+3/2bzp3hv9njwpJe/EFPiBZWFjI8niieVtl7GkkjNO8k 0khCoPlJaQ4C9cUAfQdFfK+lftv/ALJGt+JU8JaZ8VdCm1KSRYkU3OyGSRjtVUnYCFiTwNrnP417 d8Qfib8P/hToUfif4j69aeHtKmnjtUubyQRxtPKCUjB7swUkD2oA7qivmXXP2zP2V/DXjCTwFrvx Q0Oz1uGVoJYXugUhmRtrRyzAGKN1bgq7gg5yODX0tFLFPEk8DrJHIoZWUgqykZBBHBBHQ0AZmveH 9B8VaPd+HfFGm22saVfoY7i0vIUuLeZDyVkikDI6+xBFWNK0rS9C0uz0TQ7OHT9O0+GO3tra3jWG CCCFQkcccaAKiIoCqqgAAAAYq/RQAUUUUAFFFFABRRRQAVXu7S1v7WaxvoUuba5Ro5YpFDpIjjDK ynIKkHBB4IqxRQB4H/wyn+y7/wBEe8G/+E/p3/xitrw7+zv+z/4Q1q18SeE/hl4Y0TV7Fi9veWOi 2VtcwsQVJjliiV1JBIyCOCRXsVFABRRRQAV59a/Cb4XWPjy6+KVn4S0qHxjeoEm1hbKEahIoQR4N xt8z7gCH5uVAB4Ar0GigDifG3w0+HHxLtbax+I/hTSfFVtZOZIItWsYL5InYYLIs6OFYjgkYOK85 /wCGU/2Xf+iPeDf/AAn9O/8AjFe+UUAeR+CvgB8DPhvr0vij4e/D7QfDWrzRmJrvTtNtrSby2+8i vEilVbA3AYBwM165RRQAUUUUAcu3gnwg/jJPiG+j2reJ47I6aupGJTdLZGTzTAshG4Rl/mKg4J5r qKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAo oooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACii igAooooAKKKKACiiigD/0P38ooooAKKKKACiiigAr5h/bF+NGtfAL9nrxP8AEfwzEkutWywWtkZF 3xxT3cqwrKwIIIjDFwDwxAU8Gvp6vOviz8L/AAp8aPh3rnwy8awtLpGuweVKYyFljZWDxyxkggPH IqupIIyBkEZFdWBqU414SrK8U1deV9TSi4qactj+UnRP2xP2ntC8YJ43t/iVrdzqCy+a8Vzeyz2c nOdj2rsYDHyQECAL/Djiv6svg54+PxU+FHhH4kPbfYpPEul2l/JAMkRSTxK7opPJVWJCnuMGvyB0 T/gjgYvGCP4h+I4ufC8cu5ktrExX0sWf9XuaR442IwN+H9dtftf4d8P6P4T0DTfC/h62Wy0vR7aG ztIEztigt0EcaDPOFVQOa+z4zzPL8RGmsIldbtK2nbZf8A9XNcRRmo+y3Niiiivgjxj8WP2jzHpP /BXX4Dav4jjMml3ehx21qx4UXDNqccag9CyzyRsR/tCv2nr4Y/bi/ZEuv2nvCmhaz4G1ZPDfxH8D XRvtB1FyyJvyrNDI6AugLxo6SBWKOoIBBavmy0+Nf/BWLRdCHgy/+B2i634hiQwR66t/apbSlRtE 8kS3aR7j94jdGM/8s1+6AD9NLD4vfC/U/iLqPwjsfFFhL400mJJrrSBOovI4nRZA/lHDEbHViVzg MM4zX5q/8Ecv+SB/EH/sedQ/9IrKvWv2IP2P/G3wY17xZ8dvj1rUfiH4s+PiftssLeZDZ2zusrQq +1Qzs6rv2gRqERI/lXLfLnwr+GH7d/7Eni/x34D+DPw5074neBPFerS6lpd1JqMFp9mkkG1WmEks Tg+Usayqy7CyDy35OQD0j9ncg/8ABVf9o0g5/wCJHYfpFp9fMn/BMX9kr4I/Gzwp8TvH/wAXPDFv 4olHiCXSLVLpn2W8cMaTyNGEZSHczKN+cgLhSMtn6k/Ys/Zw/ae+G/7VvxK+Mn7QFpbXH/Ca6PE7 alZ3Fu1u99PJbzPaxQrIZlW2CtCGaMKfLyrMCCfVf+CbPwJ+KvwB+FPjTw18WtE/sLUtW8V3mpWs X2m2uvMtJba2jSTdbSyquWjYbWIYY5GCMgHxT8Pv2dvhl8b/APgqN8bLH4kaJDrHh/wrYwXEGnyZ W3a4eGzgi3ouAyJGXwvTdtPbFc5+33D4S8IftDfA39l3SvBWqa18LPDGnNrreE/DsUktxfSTXF2X REB3yAC3Yuc5VHlIIJJr75+BXwJ+Kvg39u344/GXxJon2Pwd4ws7SLSr77TbSfaXiW3DjyY5WmTG xuZEUHHHaof22v2YPit8QfGvgT9pH9nK7tofif8ADdmWG0vHEcOo2ZYv5G9iqA5eRSGZFdJHBdSF oA/NL9qHVvCXxV8B6fH8EP2TvG3w38e+Hbu1udI1ew8MmwEYhkUukxtEDOAo3RkqWWQAggFs+p/t o+Hbr9oD4qfsX6B8TrO4sbjxtZw/25ayI1rcRtcmxe9hZCA0T8umMAqe3Fe0eP73/gpr+07Bpvwv TwRD8B9IN1BJq3iG11lZLrbC2WFu1rP5u0n5giA7ioVplUtn1/8AaD/Zx+Kvib9o/wDZj8WeDLC4 8Q+G/hlI6azql5fQG5SNDbhZpvtEqzTySCNmdkV2LZJ5NAHzf/wVM/Zu+Cfww/Zx0X4g/C3wdpng 7X/DetWEMF3pNslnM0MiyArI0QUyMHVHDvucMuQ3LZs/8FBvCXhDXfi7+yTr+q6Bp1zqHi7xNYwa xM9pCz6hAZtOXybpiuZowrsoR8qFYgDBNfXn/BSH4K/Ez49/s2zeAfhNo39u682rWN0Lb7Rb2uYY d+9vMuZIo+Nw43ZPYV5n+3V+z58c/iB4Y+CXjj4KaPb654q+Eup2+oPpk9xFCZWQW8gIaSSONlSS 2AdRICQ3y5oA/SvQPD2geE9HtfDvhbTLXRtKsV2W9pZQpb28KZJ2xxRhUUZJOABya+b/ANqjwT+z r8Z/C2n/AAI+O2uWWm3fim4VtDhe8ittRN+mYo5rFHOXkUy7MbWU79rAhsV6z8GPEHxK8U/DPQ9e +MHhqPwh4wuklN/pcM6XMduyzOke2SN5FIeMI/3iRuwcEED5Y/bw/ZH179pjwx4Z8SfDbV00H4jf D68a/wBEupWZInLGN3iZ1DGNt8UbxvtIVlwQAxYAHyX/AMMQ/t7fs+2uf2Yvj2+vaTYrm30bWwyK I16QwxXAu7UEjjP7kd8rXv37Hv7Xnjb9oLwv8Svhj8Z9Bj8O/Er4cxS2+pxwKUhuFKyxFwhZ9kiS RlZAGKHKshwdq+T23xr/AOCt2g6XH4R1L4JaDrmtLGsUesrdW4hlIG3zpUjvkiDk/MceUv8AsAcV 7J+xt+yT8SPg/o/xJ+J3xp1SHW/ip8VTJPfi2ZTBbBvMcRBwEQu8kpL7QI1CqqfKuSAfB37Nvhnw 34i/4JF/EufxBpNpqcukTeIL2ye6gjma1uo7aNUnhLqTHKoYgOuGAJwea7q88FeDfD//AARs1DxJ oOg2Gm6vr2hac+o3ltaxQ3N60WrxhDcSooeUruO0uTjJx1r3j9l79lD4weG/+Cfnjz9nf4gaXH4b 8X+JRrcdrDNcwXESm8gRLdnltHmQKXX5sEsBzt6CuV+B/wAC/wBqfx5+yF4y/Y5+Ofgu08E2Wn6M LPw/rIvILgXV0ly1zGtwlvNOQiuseXVBlM8bsCgD7q/ZiIH7G3wuYnAHgfSMn/uHR1+Xn7EOleDN c/4Je/EDR/iJ4wl8B+GbzV9Sj1HV4QrSQ2zLab41VlbeZx+52KpZw+1RuIrt/hvZf8FOtI+EFh+y rH8O9I0OCwsxoieM7jUbeRLXTCDEsiQRTMZJI4flQqhbAUtHuyayPAf7CPx31H/gnT4m/Z28RWcf hvxvJ4jk1iytZruCWG6ii8gokkttJLGokCNtyflcKWAHNAHmfh34pfsa3vwc/wCFO/BH9mfxD8WF gsHtJNdHh6CKS6nVCr3r6gPOuInLZfdtXy/urtUADu/2IdL0nxv/AMEtviNpnjKwttctNBPieWwi voUuUtZYbAXEckKyBgjpLI7qy4KsxIIJr0zwjq//AAUh134QaX+zrpPwe0j4cyWmmw6JP4qudUtn t7e2jiWFpobO3aQ+ayA4MfmKHOQqiu7/AGHf2ZvjJ8Nf2S/iX+z58VtFTw9qmuXesRWFz9qt7qCe 31Kxjtlm/wBGkkZArqxKuFbBHGcgAHz9+zz4K8G6d/wSJ8V+NtP0GwtfEWreGPFEN5qUVrEl7cxx Xt2qJNcKokkVQqhQzEAAAdBXinxX8R+Ibn/gnV+zB8GNIvpdMsPiVqqWGozxnAa3iunCxP6qZJUk x3MYzxmvoP4DfCD9tLw7+yl8Sf2Q/HXw0tbTS7bw3rcOganDqNmz32oX05kS2P8ApJUK/nSMsjLG qhQHIPX0vWP2GfHvxP8A2Avh18F9ZZPCXxP8BY1CwaSdZIoL1JpiYpJrVpV2vHJkPGW2uFPOCCAe 5/Fn9gv9l68/Z51v4e6L4E0rSJdM0q4aw1WK2jTUobqCEtHPJeYE0hLqDIHchxwwxjH5CfEj4jeI viN/wSH8HyeJ7mS8uvDvjGHRo5peXe2tYbgwLnuI4nWMH0UZ5r7m8WeM/wDgqR8S/hxcfAu8+EWm eHdY1m1Om6j4s/ta2+z/AGaVfLlnjiilfy5HQnJTey5JSNTja79ov9g/xxov7BXhf9mf4FWLeMNf 0nXLfUr2RprayNzI63DXM4NzLFGqq8ioibywQKDuIJoA7b46fsR/s5+DP2GvFen6Z4I0xNc8MeFr jU49a+zp/akl/ZWxuGme7AEzeY6HcpbZg7QoXAH0D/wTs1jUdc/Ys+Fd7qk7XE8enTWys5yRFa3U 0EK/RI41UewFewfH3wb4j8a/s3/EDwD4YtPtuva34X1LTrO38yOPzbq4s3ijj8yRljXc5A3MwUdS QOa4b9iH4a+NfhB+yz4C+HHxE07+yfEWi290l3a+dFP5TSXk8qjzIHkjbKOp+Vj1x1yKAPqyiiig AooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAC iiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKK KKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD//R /fyiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK/ITRf2iP29/jL8a/jD4C+BUHgePR /hlrsul51qK8jneJpZ0gO6GRw7bYDvOFGcYHoAfr3RX5ufBb9qf9oLRf2ibD9l79rTwto+l+IfEt hLqGg6r4fkkNldpbpJJIjpNJIwbbFJg/IQVwUIdWr9GYL6yuppre2uI5pbYhZURwzRk9AwByCcd6 ALVFZN3rukWcV5LNeQg6eu6cGVQYwRkb8n5c9s9a+a/2Pf2kh+1L8Io/ihPp0Ghz3V9ewpp8c/ny Q28EpjiMjEKSzAZJ2qM9BQB9VUVUnv7G1nhtbm5jimuSREjuFaQjqFBOWxntRNf2Nvcw2dxcxxT3 GfKjZ1V3x12qTk49qALdFc94k1O4s9KvoNHmthrbWs8llDcOFWSZEJTcCVOzcBuIPAzyK+EPiV+1 X8V/2dv2RdG+K/xj0bRtT+JF9eGxmsdOugunK013MkMyMrzM6JAsZkVX5ckbl7AH6IUV8UfH39ov xZ8Ovj3+z98OfBh0+80D4o6hq1rqc0iNNII7FbYx/Z5EkVVOZnDEq3QdMHP19pXiPw/rslxFomp2 uoPaNsmW3nSUxN/dcITtPsaANmiisG/8VeGNKtZr7VNYs7O2t5PJklmuI40SX+4zMwAb2PNAG9RV P+0dPFiNTN1F9jZBIJ96+UUbkNvzjB7HOKrW2u6Je38mlWeo2897DGkskEcqNKkcn3HZAdwVuxIw e1AGrRWHN4n8NW2rx+H7jVrSLVJhlLR541uGH+zGTuP4CtygAoqtc3tnZCM3k8cAmcRp5jBdzt0V c4yxxwBzVbTdZ0fWRO2kX0F8LaRoZTBKsvlyL95G2k7WHcHkUAaVFYdj4o8NapqE+kabq1pd31r/ AK63hnjklj/30Ull/EVo3+oWGlWcuoancx2drAN0kszrHGg9WZiAB9aALdFY1j4j8PanDa3Om6pa 3cN9u+zvDOkizbfveWVJDY74zivH/hfrfxr1L4m/EvTviNBpEXhHTrqyXwu9hIHvHgdZvtJvVErl WBEezKpn5uD2APeaK5+28WeFbzVpdAtNZsp9TgyJLVLiNp0x13Rhtw6dxXzX8b/2nrf4SfG34R/B yGxtrlviReXsV3ezXIjGnwWUSPnywOXlMgClmAAB4bIwAfWlFZ1/q+k6VYNquqXsFnZIAzTzSLHE AehLsQuPxp+nanpusWceo6Rdw31rKMpNBIssbD2ZSQfwNAF6isRPE3huS4tLSPVbRp7/AH/ZoxPG Xm8v7/lruy+3vjOO9Gr+JvDnh94I9e1W001rltsQuZ44TI3ogcjcfYUAbdFIrK6h0IKsMgjkEGvA Pj/8Y4fhz8HfiN4t8Gajp154n8HaLe6hHaSSLMY5beJmTz4UdZAuRyMr9aAPoCivljwZ8fb1v2Ot N/aS8cJbpejwkPEF5HArRwNMtqZzHGrMzAM3yqNxPIGa6n9mTxb4+8X/ALPHgfx78Xp4P+Ej13S4 9UvHiiFtCkd2TPCNmcJsgZA2T1BJxQB79RWTo2v6F4itTfeH9SttTtlYoZbWZJ0DDqNyEjPtVfU/ FPhjRbyDT9Z1ezsLq6/1MNxcRxSSf7iuwLdO1AG9RVa6vbOwi8++njt4yQu6Rgi5PQZJAye1Zy+J PDr6w3h5NUtW1VF3m0E6G4C+pizvx74oA2qK/P39tj9pj4mfCTXvhp8JfgcNG/4TP4l6lPZLd6y7 Na6fFbrDl5UjIK7jOrBmDAKrYRyRj0P4Jar+1mvxHi8OfG268Lat4Zi8Om4bUNEZlnm1d7pNm2J3 Di3+zMfmMSguAQcHBAPr+isS68TeHLDVYNCvtVtLfUroZhtZJ40nkHqkZIZvwFWTrOji0lvzfQC2 gbZJL5q+Wj5A2s2cA5IGD60AaVFVp7yztbZr26njht1AJkdgqAHoSx4xUUuqaZCYBNdwxm5Vni3S KPMVRuYrk/MAOSR0HNAF6isux1vRdU07+2NMv7e7sMMftEMqSQ4X7x3qSvGOeeKj0bxF4f8AEUUk /h/U7XU4om2O1rMkyqw7EoSAeOhoA2KKyNZ8QaD4dtlvPEGpW2mQO4jWS6mSFC56KGcgEnsK+RvA v7QfjPxP+2z8QP2fLlLFvCfhnw5YatZTRRt9qea6FuW3y+YUZP3rYAQduT3APtCiisS58S+HLPVo NBvNVtINTuRmK1knjWeQeqxk7m/AUAbdFfGPxI+P/jjwn+2j8I/2ftLhsm8M+ONL1a8v5JIna7WS yt7iWIRSCQKq7ol3Ao2RnkdvVfgzrfxr1fxB8Q4fi1BpEOmWGu3EHhw6ZIJJX0pXcRNeASSbZ9u3 cCE5z8ooA95orDHijw0dY/4R4ataf2rjd9k8+P7Rj18rO/H4Vpz3tnavDFdTxwvcNsjV2Cl29FBP J9hQBZorFsPEnh3Vb650vTNUtby9s+J4IZ0kliP+2iksv4gV8x6z+1Da6d+15o/7MUdlarbXfh2b XLnVJLkblmE7wR2qR8AN+7LMWYk5ACjGSAfW1FFfF37CH7QfjT9pD9nq3+KvxHjsbXVH1C+tnFlG 0FusVswCnbJJIQcHklqAPtGiqdrqFhfW322yuYri35/eRurp8vX5gSOO9UNI8S+HPEBmXQdVtNSN s2yUW08c3lt6NsJ2n2NAG3RVS31Cwu5p7e0uYppbYhZUR1Zoyc4DAHKng9fSlN9ZC8GnG4j+1FPM 8nePM2Zxu25zjPfGKALVFc/beLPCt5q0ugWms2U+pwZElqlxG06Y67ow24dO4roKACivkH9rD47e KvhpH4K+F/wnW3m+JfxQ1VNM0f7SnmwWdvEVe9vpo8gvHBEfu55LZ5CkHub/AF742ad8f9I0H/iT v8LE8OtcajeTSJHqn9rJJKCVj80YtzGsZJ8vAJb5uMAA+haKpjULBrL+0luYjabS/nb18vaP4t+c Y980HULAWX9pG5i+ybd/nb18vb6784x75oAuUV8XeG/2hPGetft0+Iv2c2SxfwhpnguLxDbzRxsb t7qS5tYuZfMKGMpMxACA9Du9fsSLUtOmvJNOhuopLuEbnhV1MiDjllByByOo70AXaK5+28WeFbzV pdAtNZsp9TgyJLVLiNp0x13Rhtw6dxXQUAFFfIv7Y3xl8a/CXwR4V0r4XyQJ418feJtK8O6UbiIT pG13LumlaMkAqsSMCTwpYGvrqgAor56+A3iv4vajoOuSfH/+xNP1Y+ILu10hNKnRo5dMVIvs+/8A ey/6QXZwy5Bxt+Ud/eri/sbOWGG7uY4JLltkSu6q0jeigkZPPQUAW6KqzX1lbTw21xcRxTXJIiRn CtIV5O0E5OO+K+OP2EP2g/Gn7SH7PVv8VfiPHY2uqPqF9bOLKNoLdYrZgFO2SSQg4PJLUAfaNFZg 1rRzp76uL+A2MQJe481PKUL1JfO0Y781Ho3iDQfEdsb3w9qVtqluDgyWsyTpn03ISKANeiio5pob aF7i4dYoolLO7EKqqBkkk8AAdTQBJRVZLyzltRfRzxvbFd4lDApsHO7d0xjvVcavpLR28y3sBS7O 2FhIuJT6Ic/MfpQBo0V86fG3xp8VB4W8Pal+zlPoOsXk3iC1tNTfULlDbrpu2X7V5LLLGDcK4jCr knG75T24X4pfHLxh8F/2lfAHhvxdJBN8MvifG2j2c4iCT6b4hjYNCskufnhu0IRARkPk5CjBAPsW iisvV9c0Xw/aG/17ULfTbVestzKkMY/4E5A/WgDUorN07WtH1jT11bSL6C+sXBKzwSrLEQOpDqSv H1qheeLfCmnpaS3+tWVsl+dtu0tzGgmb0jLMNx+maAOhoo68iviz9s39pbUPgl+zp4o+Kfwlv9J1 fXdBurC3McrC7hjNzdRwuJUhlRg21jgFhg9qAPtOisvQ7yXUdF0/ULgAS3VvFK+3gbnQMce2TWpQ AUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAH/9L9/KKKKACiiigAooooAKKKKACiiigA ooooA+J/2pviv4u8Lavp3g7wxeSaYk9qLueeE7JX3u6KiuOVA2EnaQTn2rI/Zg+LnjLXfFM3gzxL fTatbTW7zQyzsZJYnjxkGQ5YqwP8RODjHU5+kPir8GPDPxXgtm1WSSyv7IFYbmHBYIxyUdTwy55A 4IPQ8nNP4UfA3wv8KZLi/sJpdQ1K6Ty2uZgAVjyCURV4UEgE8knA5rtVWn7LltqfOSwOK+u+15vc 9enax7XRRRXEfRhX4GfAzwv+1d4j/ai/akb9mnxnofhOGDxew1NdYtDdGdmuL3yDFiGXbtAfd0zk dcV++dfkZpf7Ln7eXwn+NHxc+IXwG8T+BLTSPibrkuqNFrDX8twkYlmeAMI7MqjBZm3BXYZ6HigD yTwqPjP8Bf27/APij9tyW38c634+t20DwjrukTiOw0yaR/Kki+x/Z4Duc3KIWIGBKWBkOdn0h+xR /wAne/thf9h7RP8A0C+qbwV+x/8AtE/EH46eEPjl+2B8QNJ8QN8PWefQ9E0C2eOyiun2t5rySxwt w6I5+RmYogLBV2lvir9mn9rD4XftG+OvjX+yn4g8LyaX8Txatq+meJ1ugtvdW6FFmjNqpLhSzup3 LjzCpRwA1AHA/CbwR4R+J37ZX7Y/gjxtYJq+hapB4djurZ2dUkEdvvALRsrDDoDwRyKt/wDBIH4Y eA9J/Zwtvitp2kRw+LNdub+xvb8PIXmtre5PlxlSxQBcDooPqa9e/ZF/ZN+LvwP+LfxW+JXxa8Va d4tm+JEWnSvc2glinN4iyPdh4WiWOOJZJSkGx2zGqllQ/KJP2GP2d/2if2X7TV/hR451jw9rXw1s 3urjRp7L7Quqm4uJlYeejxrEsZTeWUMxVyAGZeQAc1/wU60G/wBE+Gfgf9o3w9CZNY+DPifT9Yyv 3jZTTRxTx/R5RBu7bQc8V8Gftn/FLXfE/wC1fB+0X4GuTeeDv2dv+EQa7eIFklXXJzdOykf89I3W Fx7Y4Nfu98Xvh5p/xa+Fviz4ZaptW38T6Zd6eXYZEbTxMiSD3jYhx7gV+dfwI/4J9eK/An7IHxS+ BHxG1bTdU8X/ABE88rfW81xPaRfZ7aOPTFeSaGOUrBNHvIEZwDhc4FAHOTSQfHn9s343/E+B1vfD 3wZ8Dy+HNMlU5jbUNStppp5EPQsitPE2OxXPGK+EPHfgHwhrX/BJL4NeOtT01J9e0bWr6ytLos4a K3vtavvtEYAYKRJ5aZJBIxwRzX64/sj/ALI/ij9nz9mbxN8LfE+o2OpeNPF8uqXOoX1vLNLbPPdx fZ4P30sUcrKsaqzEx5DM+Aep8h1D9gz4lar/AME8fD/7KFxr2lW3jXw7eS6hFdxPPJpskp1K5u0Q yNCkwBinwW8k4cdCOaAPG/24v2dfANr8U/2R/wBnrwFbyeE/Cl7qviO1MVhPIssNtdSWE12IpZGd w0geTkkj5umOKvfGf9nf4Xfsh/tRfs1+LP2eNPn8It4s8Rf2Bq1vDeXM8N5aTNbxkOLiSQ8q7bhn DHa2Nyhq+ktY/Z2/aa+KXjv9nX4ofFzUfC6a98K9S1q610abLdpFcQXxtxbfZEeA5kCQnzQ7IucF SQcD1b9pz9nrxn8afiR8DvGHha90+1svhp4nj1rUkvJJUlmt0eFituI4pFaTEZ4dkHT5qAPsavwz /ZU/ZR+FPx8/aA/aX8XfGOwbxNpuifEDXbLT9KmnlS0hnnvJnuLoxxuuZHQRIp7BT1O0r+5lfgt+ zboX7WcHx7/ac8X/ALM+q+G5oD4/1my1LR/E63Qt3cXlw8N1BJa/MJE3MrKSoZcZ3ELtAOd1eK8+ D/w4/bS/ZK0u+uL/AMFeCLCx1TQI52Mv2CLVAk81sJWyxUeZGACfvI7feZjXqHw++APw9/Ze/Yri /bM8M21zefFuTwQt/Hqt1cy3Ajn1yGIRssDMYx9nSVVU7fug7i2a990j9hn4iJ+z58Z9I8VeJ7HX fjJ8b1EuranIZYtLikicm3gi2xNIsMSs/IiychQoVVr658P/AALs779lrRP2c/iM0d3FH4TsvDmp SWbtsLwWSW0kkDuqtgOu+NmQHgEqOlAH4PeBPCHwA8R/AWA+Mv2f/i/4r+JPiSy/tGbxrbaNc3LS alcr50d1az/bAskCsylGMf71PmYFmr9C/g7+2f4j+Bn7LXw2vv2ofB/jG88XX7ahpriHSZHvmTTJ FEU10l1JA+ZIZIwJDkyMrsec1naH+z9/wUe+G3w0b9nb4e+O/Bt74NhiksNO8Q3i30Gu2OnPlQip GrxK8aHEWPMKYAEgwu39CvgF8KJfgl8JvD/w2u9fvfFN5pUTfadT1CV5Z7qeVzJI37xnKoGbbGm4 7UCjJIJIB+Q/7d/x60H9qv8AZj8D6x8O9O1zwu0XxO0rSkbV7YWF0ly+n3brNEI5ZPlXzVw24EMD 6ZrY/bF+DvgX9hH9myfSP2bLXU9E1b4ra1pHh7Vb6Cea71CS1hhuZn+zlnGyWYgqUQqrh2AA4x9+ ftofs9eM/wBozwj4D0DwTe6fY3HhfxhpniC5bUJJY0e0sorhJEjMMUpMpMq7QwVSAcsOM9l+1h+z jpH7Ufwfu/hpf6k+iX8NzBqOl6jGpdrPULbcI5dgZdwKu6MMg4YkEMAaAPxD+JHg/wCFGj/D3Tp/ 2XP2dPjD4E+KvhiS2n0nxDLoV0rSyxuom+2MlzLkSpvPyRcNgACMsp+t/iR/aP7YP7U3wY+Anxkh u9N8IW/ga18ba3oDCWxN1q9wrKbeZcrKohJVSpIZMSr8rEkd74n+Bn/BSP4xeHdM+EXxO+IPhPw1 4Wglt/7S17w4b9Ncv4YGDDhkjjV2IBbZ5SkjnK5U2P2oPh74Xtv2gPhFD8IviXD4D+PHh/Rza6KN chubqy1vR4xKjW13dbHQyDEp+ZjIxckLvKMoB4j8Tf2Zvhv+zt+33+zfP8J4JNG0DxVfapK+jieW W1try0t0WS4hWV3KGdJI1YDj90Meg6f4XeH/AB54s+Ln7fnhr4X3hsPFmpnSrfTJhJ5LLcyW2ohA suR5bN91XyNhIbPFeZ6loXxw1P8A4KP/AAJg+NfjfRvFnjC1TULm40rw5DImnaHYwW8rp80uHMlw 4kLGRQ/yoMkFAPtjw9+xx43/AOEv/af1DW/E0Wjaf8b5NOfR7zR7i4XUNPayS5/eTjZCFIeVDtjl YOoZSVzyAfkTp+h/ss+D/Anhz4Z/tB/DTxj+z/8AE/SpLYr44iiurhJbyGRWluQ3mISJcEqI4pBF nKP8vzfaf7XPwW+D3j/9rn9l+81ixg8UW3xJS+j1m/ErhdZt7KztfskpMThVXaxZTFtBDdxXXa9+ zN/wUP8AiD8IR+y/4/8AFnga48DNHbWU+vtHfXWtS2NrIjR/JIgjaYBBksFYn/lrn569e/aB/Y9+ KV3Y/APWP2a9b0u01/4DwvZWUfiDzvs93bPb29uGdoEkbcBb8rgAhyQylQCAfEXx+8UeEvGf7b2t /Cv4pfD7xj8R/hj8INI0+z0fwv4Tspr2JLma1gkF1exrPE20CVo1bdlwqA/KGDehfsnXGqeCf2yI NN+Bnwq8f/Dv4O+NtLuV1fTfE+k3VtYWWrW0Us0dzBI0k6RiQRJGC8mSzsgGCgX6a+In7MH7R2l/ F/Sv2p/gH4h8P6b8S9T0S00zxdpGprctoeqSwRIrPDJGvnKFaNFjBVDtRTuUl1bq/gV8BP2mLn42 3v7Qn7T/AI2s5tRSxOn6X4b8NzXaaLaxuCGklSbb5jgM2Awc5bcX+VAoB8B/8Ew/2Pvg/wDEP4Oa V+0L8S7O71nxB4f12SbRx9qlEFnDpcizoi26sEffcGR2VgQcjABLFvDfgd4s+Fnxyh8W/Gf9p34I fEf40eKPFmo3KwXuiaXcXukadYrjy7Szkju4drREsCMHYAoXB3Fv2m/YW/Z78Z/sx/ACx+FXj290 +/1a2v726aXTJJZbcpcOGQBpooXyB1+THoTXzf4a/Zi/bE/Zd1jxToP7JHiDwnqnw88TX0uoWul+ KVvFn0a4uOHFu1sCHjVVUAsxzgZj3bmYA+TPA3xm+OnwK/Yo/aB0+30jxb4W0rwrf2Nv4HufFGnz Weo22ma3dG28oPICm61jXIMbERySDBAZAPUPjB/wTy+BPg79h/VfG3hu1ntfiBoPhp9an8QLdz+f ezC2868jlQyeWYbhC8YQLwCOSd2760+G37FWtz/s/wDxA+F37Q/jm98a+IfilK91q14k0rW1lNv8 2EWEc3CrFN+8zsQMcKUCqBXgHiD9mT/gon4w+CN1+zBrfjrwYng62sTYRa2iX39r6ha26f6La3Hy GONHKpHPIqlwmeZjuDgHPfEG/vNf/wCCeX7O3wC0aVo9S+MbeF/D5KHDx2QEdxdTf7qLGof/AGW9 K7z9pnwzY/HP9s74U/sd+Irie1+GGleHH8SahpNtI1vHqDwPPBbQM6FXKRiFeFPCl8YbDL6h8Mv2 UviZoPxJ/Z/vfG9xptz4b+CPgyexQ2s8khm8Q3aLazOkckUZMKwKGSRsNuH3R1rs/wBqH9mT4h+P /iR4K/aH+AHiGx8OfE/wLHLaRDVUkfTdS0+ctutrnygzqB5kmCqEneeVYK6gHAt+x74W/ZZ+IOtf tK/ADU5PCfh/RvDWpPq/hKNJrq01aW2t5ZYXEktxmFlcIQArDK4XbvfPz/8AscfsZfBv9pn4AR/H z9ou0uPHXjn4mzahdXWo3N5Oklokd1LbRpbCKRUTb5e4fKQudgGxQte/eA/2YP2gfij8ctM+On7Y usaBcJ4XsL2w0Xw54bFwbFP7QjaG4luJLgByWRj8oZskI25dm08V4D/Zt/bo/Zo0vVPhL+zl4v8A CGrfDq6ubibSZvEsd5/aeircsXdUWBWik2sxYbt6s+WKIGZaAPzw+JPjHxlb/sJfF74KeJNbuNdP wc+I8GhaZqMzlpmsoJ5EiXzMknY0TFOfkVlUfKqgfSv7bf7Ffwi/Z1/ZdHxo+HEV7p/xN8G32l3c niP7fcyX17d3FzHFPNMXkZNzySeaCqqQRgEAsD7P4z/4JxeJv+GOtU+BHgrxJZ6p488Ua9b+Itc1 rV3mhgur0HM20xRTyBQBhAVJY7mYgsQPsD9tb4GeLf2j/wBnPxJ8IfA93Y2Os6xLYPDLqMksVsot buKd97QxTOMqhAwh5xnA5oA/PT9sf4J/Cnx1+1P+y/r3iXw5BdXfxWubtfEreZMo1BLO0sFgVwrj YI1YgbNuR1zXWaa+jfBb/goT8S5fCuni30rwL8E91jZpucJb6ZJZGGFdxLEBYwoyST65r6s+L/7N Xjr4gfFn9nHx5o1/psOn/CCe8k1ZLiWZZpxcQ2sa/ZAkLq5BgbPmNHwRjPIEqfs6+IbL9svxn+0l 4hn0668D654Hbw49iGmkvmkE1vLIXhEPlmJo4XHyyliSBs5yAD41/ZG/Yu+D37Tn7OyfHf47RXXi j4h/E6bUL+41trqaK4sZI7qW3h+yiN1jTy/KDAFCAfkxsUKPlDwxZXem/wDBJL4+adqF2b+6tfHg iluWYs08iX+kK0hYkklyC2SSTnrX0h8DfCvxc8P/AAj16P8AZG/aC8Lp8A3uL2WPUdds7mPWvDkU jF7hI45I0XehLMpmKhj+8QLvzSfsMfs9r8dv+CcPj74S3uoyWVp438Q6hPYajJETuNo1mYJzGSCV Nxa/ON2eGGc0AfVn7aTon/BNvxMzsFB8OaKMk9zNaAfma+MP2pvh7b/Fi4/YN+G17dT2dj4j0qWy vJLaQxTGzlsdJFyiOOhkh3p3GDggjivUfG/7J/8AwUM+MnwM/wCGefiP448FWHhrSLS3ggnsVvWu 9Xax2G1S9leHbHErIrs8cW8sgyrZJr6U8WfspfEPXvGX7K/iKz1HS0tvgdaywa0sks4e4Z7SzgBs gICHG63cnzTFwV75AAPz8/a4+HPw1+APj74X/skfDvwz4lm+GPiq6vPFHiTQ/DPn6hq+svEgijt0 3yrJJEi2xZ08z5FLSj5lXGXHJpPgX45/DL4ifsffAH4n/DWe31S3sfE1tqOhXkel6hos7qkvmgT3 P7yMEkFgFBxITvRTX6h/tafsveLPjPq/gr4r/B7xJD4R+KHw4uJJ9JvLpGezuIp8CW2uQgZgjY+8 Ef5S6FSHyvk+mfAf9tj4yfFfwf4u/aU8Z6F4X8J+CLoXsej+Cp7+I6pcIVIF08xB8pioyC7fIWQI pYvQB5J4O+Ffg79tT9tD443/AMe7eXxF4d+Ec1loOg6JLLLDaw/aBN59wyxMjMzPAzAkndv5yEQC p+yH8GtB+Av/AAUY+MHw48JTzSaBaeFLSfTop5Wne1trma0lFuHcsxSJiypk52Yzk5J99+JP7N/7 Q3w+/aB139oj9kbWNCW58dW8EHiXQfE32gWNxParshuoWtRvDKvUblwS5ywcqK37L37LH7Qfw3/a W8cftD/HTxVoviS+8caPHazDTPtEZt7lZYSsMccsSr9miihCRtv3nA3JnJIB9P8A7VnxI1n4Q/s4 /ET4j+HHMWr6Lo9zJZSBBJ5V1IPKhk2sCCI5HViCCMDnivz2+E//AATf+CPxc/ZU0DxV4la5n+KH j3SLbxA/i2W6uJryDUtSiW6R9gmVJEjLhWU8vgtuDkMP1V+JHgHQPin4A8Q/DjxSjSaT4lsZ7C5C Ha4jnQoWQ9mXO5T2IFfl/afs0/8ABQ3wz8KZP2XfDXjzwdcfDwwS6XB4guIb1ddh0iUGMwCIK0IY RMVQAsVGAJhgFQCHXfC3iTwR+39+yh4P8X+In8W6xo3hTXbS41aSEwSXrRWN4oleMySkOygbiXYs csTk18+aZ8VvE3wX+EP7dvjzwZcPZ65D8RL2ztLhM77d7/UmtWmVh9140lZkbs4Wvujw1+xLrHw+ +OnwA8YeC9Ts5fB3wf0DUtJvBdySrqN3PfQXCedHGkTREPLPvcNKu0EhQcDMPgn9h3ULnw3+0n4G +K1/ZTaJ8bvEt9rFg+nSSyT2cM073Fs8yyxRKJoZPLfYpdCVxuIoA/LuHwH8CLv4CxadpH7O/wAY pfitLYLfQeMo9EuWlfXGTzVuhKt4QbdpumIy3l/MP3nz17N+0ZP8UfjJ8Bf2O9N+KJ1Xwr428R+K 4dG1CaaOWw1OGYziw+0lZAsiSyIBMGwM7twGCK+jx8Bf+ClVn8L4/wBnLT/H3g1PCUNuNMj8UKL+ LX00tR5aptVfLWURDaCMtj/ltu+evYfiZ+xz4w1rSv2cfD/hDxHHqdv8GvEun6zql7rtzcNe38Nt NHNO0bLHNuldlYqjsqKCF3gCgD5J/ao/Zi+En7IvjH4A/FX9nnTJvCOsHxrpmiXjQ3lzML21uss4 nE0j5LLGyNjAZXYMD8u3b8b/ALO3wX8Q/wDBVbT9B1nwvDdafq/g9/E13E0swEusfbph9qJEgO75 F+UEJx92vt/9sP8AZ78Z/tB6b8NLPwZe6fZP4N8Yab4gvDqEksYktLNZBIkPlRS5lO8bQ21TzlhX m37QX7Of7Q+o/tSeFP2nf2d9X8PRX+naF/wj+oWPiD7QsTW/2iWYyRtbxyElhLjHylSikbgxAAP0 Pr+TX9n34s+KPF3wq+Hf7J/ia8vfh98IfFXiS8tdd8TQRtjUJp9si6as7ARwocxrISW/1gZx5asr f1lV+Xnwv/4J93cX7EGpfsrfGO80661ee9vNRstQ01pZ4bO8dt1rOjTRQvlDlZFCjcjMmcNmgDxj /goW+j/B/wAN/Az9k/4c6Lq2n/DzxLfXP9r6V4VgaXVL/T9PMG60gXcpmkn893k3sSzhXcnnPzd4 3HhvwH4k8EfEn9jD9nT4q/Drxj4Z1GD7d9q0G9Fhqek/8vFvchbi5d2YhR90bgW3HcEK/ffib9jr 9oD4ofAP4daZ8QPGWl6Z8bfhBfG58PeI9PluLy1uI4xH5a3nnwQuHk8uMSsI5MmIOd+90pt/8BP2 7vjx4t8KWn7Q3jbw94Q8E+F72O9uYPBM2oQXurSQ8BZZJdpRHGQcMAu4kRltpUAy7+H/AIZt/wCC mVjqqj7N4S/aL0lraT+GJde00Dacf3nAQD1e5b615h8LvDnj39qPxP8AtS/tM/Dq8Nvq+q2l34H8 C3Qk8rbb2UQ82SGQkeX9oYRFJARsd3OeDj1f/grJH4VuP2etP1SDWFsfH3hzxBplz4bjtpB9vkvp JBG0cSqfMH7pzLwPvRp7V9C/Dv8AZZj8MfsYad+zLbatc+HNRl0TyLnUtPkaOeDVLg/aJ50eNlZl Fyx+XcN0Y2ZwaAPxD0/Q/wBlnwf4E8OfDP8AaD+GnjH9n/4n6VJbFfHEUV1cJLeQyK0tyG8xCRLg lRHFIIs5R/l+b+mjwvd22oeGdIv7PU11u3ubO3ljv02lbtHjVlnXZ8uJQd428c8cV+TGvfszf8FD /iD8IR+y/wCP/Fnga48DNHbWU+vtHfXWtS2NrIjR/JIgjaYBBksFYn/lrn56/VH4c+CNM+Gnw+8M /DrRZHlsPC+m2emQPIcu8VnCsKs3+0QuT70AfnVG8vjb/grc9tqYDwfD74etNYqw4SS6njSSRB/e ZbxlLDsMdqzPiz4b0rxl/wAFR/D/AIQ12Lz9N1z4TXtjdR/34Lm61CKRfxViK6f426bcfBb9v74V ftAzqYvC3xD06TwLqlx/BBfyM01jvJ4AnkEaA5wPLYn3oeJLm3v/APgrh4SWylWc2Pw0lSfYwby2 N7dsA2OhxIhwezA96APhnTfHfijT/wBg3V/2MJLnb46i+Ii/DWJeTJ5N3e/a/N25yYm2yxDnG3AB xioLf4geJte/YN8OfsYRXBTxzqHxCf4dXCf8tI7a1vReSSkdRHHviiPbbkHoa++dT/YO167/AG/L T9qO31OwTwNvi1S60oyzi6fWYLN7WOVYREYSocrNvMobcXG3nlnhb9gvW9D/AG+tX/aju9S0+TwS 73Op6fpqyTNeR6xe2sdvcSyQmIQBWYyyB1lLZ8vK8ZAB8MftMfFPxr+yp+2h4zl+BPhqTVNRs/hf aaLY+XC08ek2dsbeVr2WNVIZLeG2P3sIGKlsqCrfZ37PnwD0eT9i3xT46/Z/8RyeJPip8WtCurm5 8V3Unl39xqc6Nvt/NZi1v5c26P7+VkG9mJAI+iNJ/Zy8WW37bvij9o/UrnTbjwjr3g1fDi2ZeV70 3H2i2lYyRND5PklIWGfNJJIG3GSPDfh9+w/8TvhtJ8YfhB4U8XQaV8F/iFHLdaItrd3UWt+H9Tk2 MDCqxLG0AYbGH2gM6ImcEvkA/LfT9D/ZZ8H+BPDnwz/aD+GnjH9n/wCJ+lSWxXxxFFdXCS3kMitL chvMQkS4JURxSCLOUf5fm/po8L3dtqHhnSL+z1Ndbt7mzt5Y79NpW7R41ZZ12fLiUHeNvHPHFfkx r37M3/BQ/wCIPwhH7L/j/wAWeBrjwM0dtZT6+0d9da1LY2siNH8kiCNpgEGSwVif+Wufnr9Ufhz4 I0z4afD7wz8OtFkeWw8L6bZ6ZA8hy7xWcKwqzf7RC5PvQB8ReP8A/i7X/BRH4d+Cl/faT8HPDd/4 mux/yz/tHVmFnbRv/togWZPQZPrX6IV8l/s//BXxl4K+L3xs+MPxDa1fVfiHrcC6eLeUzeXomlw+ RYhyyrskZWJdBkAgcmvrGSWOFDLM4RF6sxwB+JoA/mx0jwLqev8A7Cfxc+I3hldviL4WfGDUPE1j Io+dfssdkk3P91Ucyt/1zHpXTft5fFXxJ8bPiX4V+K/wpl8zSfgf4T0Px04BLFbvW76zljjyOjCA wykkfdR+OlfZP/BNXw5o3j/9nP40+GtWUXWi+KfHXiW1k2kFZrW8s7SJyp5BDKTg1d/ZM/4J9eJv g78Fvi/8OvizrGna3q/xNtf7JW6spZ544tOgs3t7UM1xFE6vG0rEKoZVVU2scYAAug65pv7Tv/BR XQ/E+jv9s8JfBnwdBqEDfejOqeJIhLEfTJtZVb2aH16fkT+z78WfFHi74VfDv9k/xNeXvw++EPir xJeWuu+JoI2xqE0+2RdNWdgI4UOY1kJLf6wM48tWVv3P/wCCff7I3ij9k34c6/pPxC1Gx1jxX4i1 COae50+WaaAWVpAkNpAHnihc+X+8IGzADADgV5v8L/8Agn3dxfsQal+yt8Y7zTrrV57281Gy1DTW lnhs7x23Ws6NNFC+UOVkUKNyMyZw2aAOU/bt/Zy1zR/hd8I/C3wY+H9x4p+FngDVGn1/wdo8skM+ o2w8sxN+63TSsCJvMYB5C0u887mHk/7ImtfsfX37VWkap8Gx4h+CXi97C4stQ8D6pBJFaau+xznf JLKA8QIdU+QkxhlQHfu+gdZ/Zh/bO1r4TfC68/4WPpmnfF34UXUiwTw3l9Nouu2GI1jGoq0ETmdV TYzeU4cFiW3SZS94W/Zk/ac+Ln7QPgP48ftXan4VsIvhqs76VpnhaO5Lz3EwA3XM1z8wQMA4UO44 2hV3MSAfpvXz1+1v/wAmrfGP/sTtf/8ASCavoWuP+IfgzT/iP4A8TfDzV5GisfFGmXml3Dp99Yr2 F4HZc9wrkj3oA+F/gg6R/wDBL2wkdgqr8PdSJJOAALOfOa/MTxh4Ul8efsb/ALFHgSG8m08+JvE8 +lm4t32SxLfXz27MjdiFc19k+Hv2TP2/dL+DN3+ygfH3g+2+Gv2a6sI9YjgvH1qTTrguTabGQQos gYxuTuZEYhXfAFdxp37DnxYtPhd+y94Jk1bRDffBPxNFrWsuJ7nyri3S++0lbM/ZgzybOAJFiGf4 sc0AeJ/tp/sw/Bz9mT4K/DzRvg/pEml2+ufFLw3cXfnXEty8jw2d7GnzyszAD5jjOAWbGAcD6b/4 Ku6OLv8AY51vxNCwivvCeq6PqdnKOHin+1pah0PZgtw34Zr139tP9nrxn+0b4K8D+HPBF7p9jc+G fF+meILltRkljR7WyiuEkSMwxTEykzLtDBVIByw4z47/AMFII9S+J3hj4f8A7KXhMmTXviv4gt1m VefI0jSyLm8un64WJvLbkcgNjJGKAP0C8Fa1N4k8G6D4iuV2TapYWt06gYw08SyEY7YJr8d/2mn/ AGT1/az13Uv2gNR1z41a6mn21vpfgTQ9MuLlNCXYhdmaK5SOSSbh9p2lS+WU5jK/tHYWNrpljbab ZJ5dvaRpDEvXakahVH4AV+Yd9+zR+1p8G/2jviN8ZP2ZtS8I6tpXxTkhnvrbxV9sWazni3EeW1qu WjDuxGH5UhSmUVqAPkT9kW9sfDvx5/aS8BeBPC2ufDrwRfeCptXt/DGvK8d1Zz+TCqyPFI8jIXEz soLE7GVSSFFbv7FP7CfwO+N37F1l8RfilYXOu+JPEFtqsWn3kt7cqdJgsrm4t4I7WNJBGqrLG0xD IwZnIIK8V9J/Cf8AYw/aK8JfHb4i/Gb4j+NNE8WXXxN8JXmlahJGtxaSW2pT+UIY4IfJdGtII4Uj VzIshXkx5HP1P+yL8DPFnwC/Zc8M/BLxjd2N5rmjRanHNNYSSyWjG9vbm5j2PLFE5ASZQ2YxyDjI wSAfkXZfGP4maj/wTB+FHgy08QXNrqHj/wAWDwVPqRJaWLSpLi5zH5hORhESIDIJiBXOM13n/BQz 9hD4C/BT9le68f8Awg0ubw5qvhqWwtryRbueU6ra3FxHCyXSyOUZxM0cwKqMFeBjG36Z8F/8E+td m/YatP2X/iLrtpaeKdJ1K41jTdV0mSaWC01ATSSW0gMscEjALIUkG0EBjtOQDXm/xx/Zd/4KL/tN /CofCr4o+MPA2nWGlNBMj2H29JNauYHVVe+k8lhEioXkAiiAaUKDGBhkAP1z8Kf8ivo//Xnb/wDo ta36zNEspdN0aw06chpLW3iiYrypZECkjODjI9K06ACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooA//T/fyiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKyNZ8QaD4dt0u/EGpW2 mQSMEWS6mSFGc9FDOQCT6Vr1+Ln7MfwM+HH7cviz4wfH79o6zl8YSQ+Kb/w1oun3FxPBBpem2Kxy RrEkEkZVys6jJ5DKX++7MQD9n4pYp4kngcSRyAMrKcqynkEEcEEVi6f4p8Matfz6VpWr2d5e2v8A rYIbiOSWP/fRWLL+Ir8V/wBon4WfEj9kH9myw/Z+8D/Ee9vNE+KXju10fTpnhaGfQ9IvhI0lmtx5 zs4Yom4qIgR5vA3muy/av/YV+B/wB/Zx1D4ufAa1uvBfj34aRW+o2Wt297Obq4aORElE5aTYxlVm PyquGwANhKEA/YmW/sYLhLSa4jjnkUusbOA7KvUhSckDue1UNK8SeHddSeXQ9UtdRS1YpM1vOkwj YdQ5QnaRjoa/D3426PH+1j+0f+yHZ+L57jT7T4j+C5dQ1eOyle1aWCWxa+urYMhDCKYI0TAHlGOD 3rvfFHwL+Hn7KX7fXwDj+BNhJ4Z0f4i2+sadrOmx3E01rcx2sGQXWd5CcmRTjO3dGrABskgH7K2d 9ZajALrT7iO5hYkB4nDqSOvK5HFFvfWV3JNDa3Ec0lu22VUcMY29GAPB9jX4+/s0/EDSv2L/ABT+ 0p8A/FjeVoPw/wDtHjjw9EzYMuk3UakwRk9SrG3iGOsrPwDXyt4kv/iV8Ef+CeVp4/iuby08e/tM eMEvdYvbJG+3/YdSWeeOO3Ksp3TRxBlXIJE7rnnIAP6GbHxR4a1TUJ9I03VrS7vrX/XW8M8cksf+ +iksv4itFdQsHvX05LmJruNd7Qh1Mirx8xXOQORzjvX83XxI8H/CjR/h7p0/7Ln7Onxh8CfFXwxJ bT6T4hl0K6VpZY3UTfbGS5lyJU3n5IuGwABGWU/YXxn1nXPhP8f/ANmr9tXW9Pk0KLx9p1l4W8Z2 8sT232aXUrdZYvPjfDo0Lu5dW+ZfsyqeeKAP2EmvrK3uIbSe4jjnuc+VGzgPJt5O1ScnHfFeDfs9 eKPi/qXwug1n9o3+xNO8UPdzxv8A2ROrWPk7gIcP5so3kZyN/XtXx54IX/hor/gpB4r8dv8A6R4W /Z90tdCsD1jbXL8OLlwDwWjUzRP6FIzxxn8zY5ZYP+COgmgcxyR+NQyspwysLjIII6EGgD+l5fEn h19Ybw8mqWraqi7zaCdDcBfUxZ3498VwHgz4V/Cj4LXHjDxV4VsIvD7eMNSm1rXLmW6maOe9nYtJ MxuJHSIMzn5U2IM8AcV+Qv7bf7Ffwi/Z1/ZdHxo+HEV7p/xN8G32l3cniP7fcyX17d3FzHFPNMXk ZNzySeaCqqQRgEAsD6t8b7CP9qz9sv4Xfs4fEi5nb4f6Z4RTxhqWlxO1vHqWoSF40V3jKsUQbMYO QPMAILEgA/WSx8R+HtThtbnTdUtbuG+3fZ3hnSRZtv3vLKkhsd8ZxWtJJHDG0srBEQFmZjgADkkk 9AK/ED4m/szfDf8AZ2/b7/Zvn+E8EmjaB4qvtUlfRxPLLa215aW6LJcQrK7lDOkkasBx+6GPQftf rejaZ4j0a/8AD2twC607VLeW1uYWJAkhnQpIhKkEBlJHBBoA+NvhN+1tJ8XbP45Tafp9ppknwu1P VNM05DcfaHvRpsLk3LgbPkeRMhV6LxuJ5re/Y/8A2iLz4z/s2eBfir8U7/S9K8Q+Km1BDFEwtYZG tdQuLVBDHLIzE7IlyNxycn2r87P2LPgf8KtG/wCGp/FumeH4oNX8F6/4p0PR7gSSlrTTRDMggQFy pG0YywLe9Yv7EP7BPwI+Nf7Gth8RPilp91rPiDxDFqqWF019cR/2VBa3dxDGlrFG6xgecjzMHVgz O2eCRQB+9eRjPasPS/E/hrXLm4s9F1a01C4tDiaO3njleI+jqhJX8a/nD1L4+fEm7/4J3fA74cvq WtXQ8b+Jbvw/qEulBrjWLjR7K5KixtRuBeR1kSKOMsN6oIydhYVe+Juj+B/DGk+HPFv7G37Ofxa+ HPxN8JXltNaahcaFefZry3RgJ4b7FzcNIsi8nCfNyjfIxwAf0lV8+ftCfAL9n345eHbeP4+6JZX9 hpBZ7e8ubh7KS1MmN2y5ikidVbaNy7trYGQcCvbtC1CbVtE0/Vbi3ezlvbeGZ4JVKSRNIgYoytgh lJwQeQetfkj4f+GnhX9tb9tz40R/HNJvEHhH4Nf2dpGh6DLLJDaRzXqSefcOsTIzMXt3OSfmDqDl UQAA9x8VfC74LfsPfs5+P/jV+zD4W0y11yy0oSx39xLPqX2lVlUbXmkmZzGSclY3VSQCRwK9K0P4 l/tA+MdF/Z38W+FbbQ20XxvpVvqPjI3DeVPELmztZ4/7OjaYMfnklyMSEALn1Px58a/2SYP2Xv2Z P2kG8C+KZ5Ph74n02O407wzNHJIukzpJH5jxXUk7s4kyQQYwSoTczFcnlPFf/I1f8E3f+wT/AO4v SaAP2g1jX9C8O2wvfEGo22mW5IUSXUyQoSe25yBmr0V3aT2q3sEySW7rvEqsChXruDDjHvX87F14 78DfGr9qf4xeLf2ivhT48+Mmm+FNZufD3h7TvDmmzX2maVbWcskLmZUuIdk8ojV9vQsXYgnbt9t/ ZKuvGHhXX/jz8OvC/gXxr4N+C1/4ZvtY0C08X6bcWp068SJY7i2hlkaSPbKZndV8xmZIwx+YOSAf tDeeLfCmnpaS3+tWVsl+dtu0tzGgmb0jLMNx+ma8Q/ay/aAj/Zm+BXiL4ux6dHrV5pS26W1jJP5A nlubiO3BLYYlYzKHYKMkDGRnI/Kr9in9hP4HfG79i6y+IvxSsLnXfEniC21WLT7yW9uVOkwWVzcW 8EdrGkgjVVljaYhkYMzkEFeK8o8T2Vp8UP8Agjnpfj7x7G2s+IvAl4bTR76eSRpraGTWYbZlB3YY eQRENwOEAAxjNAH9C3gzxFD4s8KaT4ihlhlOoWsEz+QweNXkjVmUEE9CccnNeWeLdb+Ndr8efAuh +F4NIf4cXtrftr8lxIBqaTpDIbUWqeapZTIE34jbC7uR1Fv9nb4YeA/hL8I/D/hn4d6RHoumXFtD fSQxvI4a5uYkaWQmRmbLHrzj0FfGHx2/5Sefsz/9gbxL/wCm+8oA/SPVPEnh3Q5ra21vVLXT5r1t kCXE8cTSt6IHILH2Ga+TP2Zvj944+L/xd+PHgbxTDZR6d8NfEMel6WbWJ45WgYzgmdmkcO/7teVC jrxXxF+yr8Avhl+3BqPxZ/aF/aP0+XxdqV54nv8AQNMtLieeCPS9NsUjaKOJIXj2OBMBzyNu77zu T5b+z/qGtfsn/Dv9tuTwpqE2oaj4F1CC1028uT582f8ASYLaWQ87njDozZ4ypyMcUAfvBN4n8NW2 rx+H7jVrSLVJhlLR541uGH+zGTuP4CtOe9s7V4YrqeOF7htkauwUu3ooJ5PsK/mi8CeEPgB4j+As B8Zfs/8Axf8AFfxJ8SWX9ozeNbbRrm5aTUrlfOjurWf7YFkgVmUoxj/ep8zAs1d18V5vjH8Wv2ev 2S/Cfxi/trwx41vfHA8PXF5eRT2OqCN5ktoLrMwWXzPIdT5h5dgWJJJoA/oSsPEnh3Vb650vTNUt by9s+J4IZ0kliP8AtopLL+IFfMes/tQ2unfteaP+zFHZWq2134dm1y51SS5G5ZhO8EdqkfADfuyz FmJOQAoxk/nr+1R+zF8JP2RfGPwB+Kv7POmTeEdYPjXTNEvGhvLmYXtrdZZxOJpHyWWNkbGAyuwY H5du343/AGdvgv4h/wCCq2n6DrPheG60/V/B7+JruJpZgJdY+3TD7USJAd3yL8oITj7tAH6GeGvH /wAWtC8VfF3Vfi5Ho1t4I8OG3l8NPZTr9slgWKd7lbwGV9shKxiMFUzlsA9vhD4M/tCft9/Hf4S6 38evCE/gO10zUI5F0LQrgypcRyRajHbM9zJJIiqnlLPhmlBd1QhAGxXMeAPhz4K+KHxg/bv8N+Pd LTV9Niu9GvVhkZ0AuLW21KSF8xspyjgEDOPUGvmzRPhL8O/D3/BG/wAQ/FvRtFjtvF3iqGCDU9QD yGS5itfFqRwqysxQBEjUDaozjnNAH9EejX17D4YsNR8VSQW16LSGS9ZGAgSYoDLtYkjYGzg56d6s 6Pr2h+IrX7d4f1G21O2yV821mSZMjqNyEjNfg9+1h4+XxV8XfgT8AvG2geKPF/w207wZp/iHVfD3 hO3kuL7VbmRJI4hJGkkRaCEwISwYFQz7SGIKs+H80HgX9q34Y+LP2Uvgd8Sfhp4d1q9TSPGNjrOi XcOkT2d06RRXJ/fXAQwb3kdnKou1WGPn3AH394x/YG/YO1nxbd+OPFHg/TrS9uLofaY11O5srR7q Y5UNbx3EcSuxyQiqoY5+U19xeHPDmg+ENB0/wv4WsIdL0jS4Ut7W1tkEcMMMYwqIq8AAV+HHw0/Z P+Gf7Uf7bH7TafFyO71DQ/C+qWv2eygu5baM3eoLKBcHyipLxpbkLzj5vmB4Ffudomjab4d0aw8P 6NALbT9Mt4rW3iX7scMKBI0HsqgCgDxP4D+JPjHqXhrxPqPx9XRbG8s9dvItObSplaD+yESL7O07 ebIFm3GTeCRgbflHf2KbxR4atr+10q41a0ivb1Q1vA08ayzKehjQtuYe4Br8IPhV/wAo5f2tf+x0 8R/+itPra1D9hj4JP/wTvPxt1azu7/4kt4Mt/FS6/NfXLXKTJZpdwwKpk8oRRxBYFXZwoBBDAMAD 94q+SfiF+1Da+Cv2pPhz+zmllatD4ws9Rvr7UprkJ9kWzt5pI4Vj6b5HjGWZuFOApJyOt/ZH8Ua5 40/Zh+F3ijxLdPfarqHh7T3ubiQ7pJpBCqtI7Hks2Mse5JNfnL+0j+zz8GvG/wDwUw+FWheKfDMO oWHjvRdVvdbieWZRe3FnaXCwSOUkBUoIYwAhUHaMg80AfZXgD9o7xTrn7Yfxn+CHid9OsvCHw803 R7yyuSpin3X9rbzSmeZ5ChUNK23CrgYyT1r7L03VNM1myj1LR7uG+tJhlJoJFljceqspIP4GvxLi /Zv+H/7Q/wDwU/8AjlovxPgn1Hwv4f0vQbt9LjuZbeC7uTpljHAZ/JZGZIgXYAMPmxnK7lPTfAjS NJ/ZN/bG/aB+FvwyFxB4D0nwUniu30eSeW4iivII4CdhkZnO7zHXJJYrtUk7VwAfsBqfifw1ol1b 2Os6taWFzdnEMVxPHE8p9EVyC34VuV/Mp8Cbn4NfFTwFqvxJ/aR+BfxQ+MnjjxxdXk1x4h0rSbi6 0+KIStFHFp00d3EoEW3B+T5GBjHyIBX6n/8ABM/WPiy3wa13wT8UtI8Q6bB4U1ma10CTxNZTWeoS 6LIqvbrIJh85iO5TtZlQbUU7VFAH6J3N7Z2QjN5PHAJnEaeYwXc7dFXOMsccAc1W07WtH1hZ20i/ gvltpGilMEqyiORfvI+0naw7g8ivy2/4K76dfav8DfhvpOl3L2V7e/EHSIIJ42KPFLJZ3yo6sCCC rEEEHIIr5w/bL+Cnw7/Y1+G3hf4XfAKw1vTU+M2t2Gl+Ip9MllvtYv7DTwd1vaK7gedctcf6pCiy thMBCRQB+52l+J/DWuXNxZ6Lq1pqFxaHE0dvPHK8R9HVCSv41c1TVtK0Oxk1PWryHT7OHBea4kWK JM8Dc7kAc+pr+cX4m6P4H8MaT4c8W/sbfs5/Fr4c/E3wleW01pqFxoV59mvLdGAnhvsXNw0iyLyc J83KN8jHH2T440PT/wBsP9vXTvg38XIblvAXw+8G2/iT/hH5Wkt47nVL0wAtOqlJD5a3KqQT8pjK YAdwwB+ttprei34tzY39vci8QyQeXKj+ag6smCdwHqOKtW19ZXrSrZ3Ec5gcxyCNwxRx1VsHgj0P NfjBo/7Pngv9nr/gqB8MdE+Gqy6f4X13w/rGoQaU00ksFjcm3uIrjyBIzFEl2I+P72QOAAPbP+Cd 3/JQ/wBqf/spusf+j5aAP0zt76yu5JobW4jmkt22yqjhijejAHg+xrNm8T+GrbV4/D9xq1pFqkwy lo88a3DD/ZjJ3H8BX4peBvidrPwhj/b9+JPhZwuraNr2bOTbvEVzJJdQJJjofLdw2DxxzxmvmLwJ 4Q+AHiP4CwHxl+z/APF/xX8SfEll/aM3jW20a5uWk1K5Xzo7q1n+2BZIFZlKMY/3qfMwLNQB/S9d 3lpp9tJe386W1vCCzySsERFHdmbAA+tZ+j+IvD/iG1a+0DU7XU7ZTgy2syTID7shIr8GvH/hz9qf 4zfsh/AzW/iP4D8QeMofAus3SeMfC8y3VhqutWlrIi2Mzoyi4lIhDK7qrOzPv/vMOx/ZM1P9jnWP 2o9NuvhEniH4K+KrnTrmw1PwNqsEkVprLGOTPzyTSYeMHeqfISYwyoDv3AH0V8KNM/Z2/aL/AG1f ir431zwPY/8ACX/Cy90mx07U5dQmuDfTpFOPtS2u8W4MSwII8IxXG8tuxt/Rjxx4rsvAvg7W/GOo APBotlcXbIXEfmeRGzhAzcAvjaPc1+RP7B37Pvwd0T9rv9oXUNL8NQwXHw012ztvDriWY/2fDdw3 sU6oC5Db0+Ul9x9MV+lH7T3gXwn8RPgD468O+NNOTVNOXSbu7ELs6jz7OJp4HyjKcpIisOcHHII4 oAyv2Ufjs/7R/wADfDvxau7O30q91v7W8thbzef9lSK8ngiVmOGLFIgSSq5OSABwPb7bxT4YvNWl 0Gz1ezn1ODPmWsdxG06Y67ow24dO4r+e3w7La/s//wDBKjS/ib8JLU+H/HHxYu49E1bWbeWRZ2iT UL5EfcWIiKwo0QaMKRvyDuAI+sfjx/wTq+Afwp/Zg8QeL/hzBd6H8Qvh5pE+uW3iaG9uEv57zTYj cSM/73YPO2MAFA2EgoRjkA/Tz4p/CzwR8Z/BF/8ADz4h2H9o6JqJiaSNZHhkWSGRZY5I5Yyrxujq CGUg/gTX57+GdG/Z4/ZK/bK8I/Cj4X+Dre01r4nWGp3WteIb7VJ7m4t4beOW5Fuizu4QzTRK7nK7 hjIY7Sv2V+yn8SNb+Lv7OXw8+I/iUh9X1vSLeW8cLsElwg8uWQKOAHdS2BxzxxX5u/tI/s8/Brxv /wAFMPhVoXinwzDqFh470XVb3W4nlmUXtxZ2lwsEjlJAVKCGMAIVB2jIPNAH2V4A/aO8U65+2H8Z /gh4nfTrLwh8PNN0e8srkqYp91/a280pnmeQoVDSttwq4GMk9a+y9N1TTNZso9S0e7hvrSYZSaCR ZY3HqrKSD+Br8S4v2b/h/wDtD/8ABT/45aL8T4J9R8L+H9L0G7fS47mW3gu7k6ZYxwGfyWRmSIF2 ADD5sZyu5TD4E+zfsXftI/tO+BvhB51t4P8AD3w+k8X6fpE80t1bwalbwQlCPMZmKlpGDEsW2YDE hRgA/ay98UeGtN1KDR9R1a0tb+6/1VvLPGk0n+4jEM34Ctyv5l/g3o/wF8dfB9/EHxx+Avxa+J3j /wAZCe8vvF1hpE93G0srMIpLCcXaIyRqFwWjIZgQwKYUfrr/AME4vEXxi1r9my10r43abrGn674a 1K60u3fXrSe0v7mwjSKW3ldbgBnAWUxBxkfu8ZJUmgD7xd0jRpJGCqoJJJwAB1Jr8i/2dP8Agob4 2+LH7UTeAvFWlWVj8MfGVzrFn4M1KOJ45rubSnUjzZGlZWEkWeAi4kZFBPf6P/4KL/GuT4Kfsr+K LvSpSmv+LAvh/S1T/WGfUFZZWTHO6O3ErqR/EF9a/Gn4q/Fj4V6R+yh8IPCnwn0HxPpXxE+DF5aa 1b6hd6LLBam6dvP1ItNuO2Np8SgntGqk4oA/eX9rf9oyw/Zb+CupfFO403+2b5Z4LHT7HzPKFxeX JIRWfDEKqhnbAJIUgcnI/Pz45+D/APgpF8Sfgvrc3xd8N+AfEXhW7tor3UfCNlPqVvqAjtHW52Rz QyoDMjRhtounUlQAH+6frL4p6p+zp+15+y54WtPid4itfDmj/FOKyk0iSW7iguYtWbBSK38w4kmh lLRumDn5lPXNfN8nwp/4Kf8A7OmmH/hWnxD0b40eHNJjxFpmt25i1GSKMfdDMQ7HaMAG9JzwAaAP r/8AYX1n4OeIv2ZPCWu/Azw4PCfhq8W4ZtMMzXEtveJM0dysszlnlYyKSHc5ZNpwowo+uq+Wf2Of 2htE/aY+Cdl8QtK0RfDd3bXU+m6lpqEFLW+ttpdVIVTtZHRxlQQGwckZP1NQB+c/7Zn7Q/7QXwy+ L/wk+D3wBh0F9U+JB1CIvrsU7xLLa+SU+eGRSi4ds/K2TivOvGPxm/4KZfAjQ7n4j/EvwN4K8ceE tGQ3GqQeHpruG/itUGZJUaZjgIOWIhkwMkgAEi1+2F/yfj+yV/1+az/6DBX6d+Ip9ItfD+p3PiDZ /ZcNrM935uPL+zqhMu/PG3ZnOeMUAfH3xX/avtx+xRq/7VXwTkt70jTYLyyS9QyRxyvcx280M8aO h3xMzowD43LwSOvy3ZX/APwU5+OHwet9Tn034aan4W+IGgpM1lK2p288+n6tahjE7RSoY3aKXaSk oKno/Ga+WPg4dTP/AARn+J327P2X+0br7ED1Fv8AbbPIz3/e+Z0r6b+BvxB/4KVR/A/4faV4A+Fn g+TQY/DukxaXqF9qTb5LNbOIW800SXKsGaMKzKAME4wKAPPv2M/2eP2Rv2ibbxp4P+JXwW/4RH4i fDfUF07XLCDX9Zkti7mRVkhJv2IG+GRSu5wMBg7Bhj7++Fn7JX7HXwa+Jln4h+Gei22k+NdNSZYV /tu+up0WeNopM21xdyqcoxGWQ46jBwa+EvGXw3+M37Ff7J3x3/aA8YeI4b/4x/FK7sTe3mmAi301 bm58nEDlUIdFuZSHVQFbywv3Nzd7qv8AwTc+AGn/ALK02u2dvcRfEmy0JtcXxWL24F4dXjt/tRmP 73yxGZBjbjIXkN5nz0AfRf7fH7Q/xV/Z58FeB7/4Qw6ZNrfi3xJbaJ/xNYpJYFW5ilZT+6kjKneq 5PPGeK8l8Q+K/wDgq/4H0S98WX2g/DnxLa6XE1xNYWBvxdTRRjc4h8ySJS+0EgbsnsGOAfin4/8A xa8e/GD9gz9l/wCJGpY1XxfP4yt7cNcHaLy7057y0ieVyRzMYVMjZHzFjx2+2Ne8Vf8ABVnxpo95 4Z0/4f8AgrwbJqMTwf2o2otcPbCQbTJGqTy/OoOQTG4H900AfX37Kn7Q2j/tQfBTRfi3pVi2lS3p lt72yZxJ9mvLdtkqBxjch4ZCQCVYZAOQPQE+E/gS3+Klz8bprRpfFkmlrpAu5pndLewSQzGOGNm8 uIM/zOygFu5xXl37IP7Olr+y18DNG+FC6guq38Ek15qF2ilI5ru5bc5jU8hEUKi55IUE4JwPk79t yO8+NH7S/wADP2QdU1K50/wT4w/tHWPEEFs5hOoRadE88Nu0i4bbmCQFQeC6vjciEAH6aaN4i8P+ Io5ZfD+p2uppA2yRrWdJgjj+FihODx0NM1fxP4a8PyQQ69q1ppsl0dsS3M8cJkPogdhuP0r4S039 g/wB8FvjP4e+O37Pmoy+ALHQrS5j13QrZZ7231y32fJHma5HlMOTnDjeEYKGBLfKn7FP7Mvwv/bG +G2vftMftOWUnjrxX451S+jj+0XVxFFp1pbv5aQWyQyJsw24qf4V2hQvJYA/aye7tba2a8uZkit1 G4yOwVAPUseMUjXlmlp9veeNbbZ5nmlh5ezGd27pjHOelfgBp2qeIvB37Mv7Zf7L9/rFxrmgfCWW CLQ57pzLNDYX0sm22L5xtjECkKAAGZ8ADgfeHi50T/glVudgoPwoshknudIiA/M0Aei/Hv8AaG8Y /Dj9oP8AZ/8Ahl4TWwudB+KN5qsOpSyxtLKIrOO3aI28iSKq581skq2eMYr681nxBoPh22W88Qal baZA7iNZLqZIULnooZyASewr8ObD/kOf8E4f+wbf/wDpHYV6p4O+Ffg79tT9tD443/x7t5fEXh34 RzWWg6DoksssNrD9oE3n3DLEyMzM8DMCSd2/nIRAAD658C/tB+M/E/7bPxA/Z8uUsW8J+GfDlhq1 lNFG32p5roW5bfL5hRk/etgBB25Pf1P9qT4m+Ivg1+z545+KPhKO3l1jw5p7XVst0jSQGQMqjeqs hIwegYV+dH7Ifwa0H4C/8FGPjB8OPCU80mgWnhS0n06KeVp3tba5mtJRbh3LMUiYsqZOdmM5OSft T9v3/kzX4sf9gZ//AEYlAHq3wU+Klr4++Ffw78ReJtRsIPE/i3w7pWrT2cUqxsZb20inlMULO0mw M529cDHJr2hmVFLuQqqMkngACvxN8M/8E9vgde/sMWPxBvIbhviTP4Sg8SweIzeTi5trxLFbu2ij HmeWIIFCQhQo+RdwIbBHhvxo/aS+IHxV/Zc/Za8G+Kjr+qWfxLlv18UxaBE02taxaaDcrZmGFdy+ a9yu6SQE4LBWIxwQD+gvSPEvhzxAZl0HVbTUjbNslFtPHN5bejbCdp9jW3X84njceG/AfiTwR8Sf 2MP2dPir8OvGPhnUYPt32rQb0WGp6T/y8W9yFuLl3ZiFH3RuBbcdwQr/AEd0AY+teIvD/hu2F74i 1O10u3JwJLqZIEz/AL0hAq5p+o6fq1nFqOlXMV5aTjdHNC6yRuPVWUkEfQ1+H3xob9kJf2p/H+of G5/EP7Q3jC5MNvZeGdB0q5uIvDkMS7Tar5d0kUsh+XeQV2uHLKJGbHU/8Evb/wDsb43/AB++Hfh3 RNY8HeELObTL/T/Dmt71u9La584lHjdnZGZCoOWLFVTcSRmgD9pKKKKACiiigAooooAKKKKACiii gD//1P38ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACvzAk/Zn/aw/Z++I/jrxF+yDr3 he68JfES+fVLrRvFC3anTdRnz5s1q9sCGUnn5iBtCoUbYGr9P6yNZ8QaD4dt0u/EGpW2mQSMEWS6 mSFGc9FDOQCT6UAfmFb/APBN++8T/ATxh4W+J/jT7Z8VPG2vx+LLjxBaRsLey1iDzBCLeP8Ads0K rNMpOEP7wlVXaoEXjD9nX9vj9oXwnZfBX9oLxp4Q0nwGJrb+2b/w7Hdtq+sQW7rJsYTxrBGWZQzF VQB8Haygqfof9uz9oTxn+zl+z+3xS+G6WN3qR1KwtU+2xtPbtDdFtzARyRknAG07sexr1nU9b+Nc f7RmkeH9Ng0g/C2XQnnvJZJANWGq+bKFWOPzATBsEfPlnnd83YAHi/iP9ljXG/ai+BnxZ8GTafY+ CfhLomoaPJZSyzC8Mc1lNaWy26LE0bKm9NxeRCADgE8Hb+OH7PfjP4l/tK/A34yaFe6fBovwzl1a TUobmSVbqUX0UaR/ZlSJ0Ygod290wMYzX1Xq/ibw54feCPXtVtNNa5bbELmeOEyN6IHI3H2Fac13 a21u15cTJFAg3GR2CoF9Sx4xQB+aX7dH7CHiP9qXx54L8Y+CNctPD5gh/sjxMZ5ZopLzRftMdyiQ iKKQSSRuJGVJCqsxXLDbX0l+03+y94Y/aI+Bn/Cm4Lo+G20p7W50O8gQsNOurFSkDKgZcoI2aMjc CFYkEMAa+hpvFHhq2v7XSrjVrSK9vVDW8DTxrLMp6GNC25h7gGvmz9rH9phf2bNA8H3trpsGrX/i /wAR6foSpPceSttFeb2kunUAs6osZAGVG4glsDBAPlPxP8DP+Ckfxi8O6Z8Ivid8QfCfhrwtBLb/ ANpa94cN+muX8MDBhwyRxq7EAts8pSRzlcqfYv2+/DXwyg/Yo8Z+C/GOsJaR6Jo8MulyXk4lvHvr Db9iAaRvMkknkQRM3JYOxPevvS3ube8gS5tJUnhkGVdGDKw9QRwa+Zfjh+zV+zP8U/FuhfFP456L Z32oeGoxDaz397Lb2ojSQzKksXmpDKock7ZFYHJDAjigDzf/AIJ1/CTU/hb+zLoepeKTJL4q8fTS +J9YmnJM8lxqeHj8wt828QCPeDyHL9ya+W/+Hevxn/4YGP7LH9taB/wlf/CQf2t9q+0Xf9neR5u/ b5n2Xzd+O3lYz/F3r9etJ1XR9ZsItQ0K8gvrJxiOW2kWWIgf3WQlTj2NWLO+stRgF1p9xHcwsSA8 Th1JHXlSRQB8u/trfAzxb+0f+zn4k+EPge7sbHWdYlsHhl1GSWK2UWt3FO+9oYpnGVQgYQ84zgc1 8pftNeA9GHx6+DzfDf4k2Pw//aF0TRfs+mJqVrcS6VrWmKsiS200wiMY2sJiik7yHOF3bGX7j+P3 xy0j4I/BTxV8YIIoddHh62aSK1S5WIXEwZVEQkAfBy2ThSQAeK/On9ubxT4K+K/7L/wI+Jfizwlo niPUPGmueHrK4ErXGdPTW7GS6uo7aa1uIZkYPGgwzspAG9WOCADyTUtC+OGp/wDBR/4EwfGvxvo3 izxhapqFzcaV4chkTTtDsYLeV0+aXDmS4cSFjIof5UGSCgH7z18vfAX9nT9mD4AatqenfBPRtO03 X5YlivnF497qJjDbtsjTyyyopbkqNqkgccDH1DQB+ZPw3/ZY/aR+Fnxb+MVvoWteG774WfFm91vV pVnNymrW15qUM3kooWIxBUlkVZDvbdGu5QG+Svo39kL4HeLPgD+y/wCF/gn4xu7K81zRYtSSaawk lktGN5fXNzHseWOJzhJlDZjHzA4yME/St1rmi2KXb3uoW9utgoe4MkqIIVYZBkJI2gjkE4qJvEfh 5NH/AOEifVLVdK2eZ9rM6C32f3vNzsx75xQB+V/hn/gnT4ub9jfw18DPEviey0f4ieCdbn8QaJrW ltNPbW14ZmkiBMkcEhVlYBiEyjBWG7bg6/iX4Df8FCvjy2g+BPjd498M+D/Buk3UFxqN94Nkv4dX 1TyO26RUWPfkk7diq+G8tgAo/Uew1Cw1Wzi1DTLmK8tZxujmhdZI3HqrKSCPoazh4o8NHWP+EeGr Wn9q43fZPPj+0Y9fKzvx+FAGtbwR2sEdtDkRxKEXLFjhRgZZiST7k5Nfnb8Sf2af2g/AP7QOv/tH fska5oMd742tYYPEWgeJVuRY3M1soSK5hktsuJAB90lADvO5g5Ue0ftY/tML+zZoHg+9tdNg1a/8 X+I9P0JUnuPJW2ivN7SXTqAWdUWMgDKjcQS2Bg8z8Rv2ivFvhn9sX4N/AzQv7Pn8JePtN1i8v7hk Z7gNYWtxNEYZVkCKu6Jd2UbIzyKAPndP2Gvjf4w8AfGvxV8WfFekat8YPi9pkOlxm28+DRNNtLd4 2SFG8ppSCIk3HyjjaPvEs59N1v8AZI+I+pa1+yVqMGpaSsXwGsfs2uBppw1y/wBisrfNliAhxvtn P70xHBXvkD760jxBoHiCOWXQdSttSSBzHI1tMkwRx1VihOCPQ0ms+IdA8OW63niHU7bS4HbaJLqZ IELegZyBn2oA/OnxH+zJ+0v8Gvjh40+M37IOu+HZdO+I8ovNc8O+KFuhbDUMkm5t5LbLFnd3cgsg G4j5xtC9f8Ef2Z/jvpEPxP8AH3x68eR+I/HfxGsJ7GKwsZrldB0uJ4iiLDFIBzkICwiBVVIBcszN 9829zb3cCXVpKs8MoDI6MGVgehBHBFeX/FD4lad4R8EeM7/Q9SsZvEfhzRdQ1KKyklR5A9tbPNGZ IVcSbCVGemR3HWgDyr9kX4GeLPgF+y54Z+CXjG7sbzXNGi1OOaawklktGN7e3NzHseWKJyAkyhsx jkHGRgn5e8NfsI/EOH/gnlq37IfiDXNKh8U3k0l1De2zzzWAkXUEvoVZnhilCsIwjkRErkkBsYP1 3+yJ8WfE/wAc/wBnHwT8V/GcdtFrXiG3nluVs42igDR3MsQ2I7OwG1BnLHnNfSNAHgf7Nmi/HTw5 8LbLw/8AtCT6LdeJNNcW0MuhGY272MMUaQmXz0Q+cSH37RtxgjHIHmvxK/Z68Z+Mf2xfhB+0Lpl7 p8Xh34f2Gr2t/bzSSreyvqFrPBEYEWJo2UNKpbfIhABwCeD9jUUAfmL/AMM1/tY/AH4meNtY/ZF1 zwvceC/iLfSardaV4q+1/wDEr1O4/wBdPbG1X5kbjAJPyhUKNtDmb9mz9hvxv4J8M/HXwl+0J4js vF8PxlmSS4vbBpY7h2lSf7RLIkkSLFIJJt0YRnHAPH3a/TSigD8k9D/Z+/4KPfDb4aN+zt8PfHfg 298GwxSWGneIbxb6DXbHTnyoRUjV4leNDiLHmFMACQYXb6J4q/Yj8ct4a/Zz8M+H/Fia8/wh8VWf iDWtR125uTdX6R3CTz/ZwEn+bIKxRu6qqhQXzlj+lFFAHxz+2H+z34z/AGg9N+Gln4MvdPsn8G+M NN8QXh1CSWMSWlmsgkSHyopcyneNobap5ywrzb9oL9nP9ofUf2pPCn7Tv7O+r+Hor/TtC/4R/ULH xB9oWJrf7RLMZI2t45CSwlxj5SpRSNwYgfofRQB8KfDH9mHx74L+Jv7THjTVNQ0yWx+MxtP7HSGW ZpYPIt7uJvtYaFVTLXC48tpOAenAPlo/Yq+KY/4Js/8ADHX9q6N/wmf/AD9+fc/2X/yHv7U/1v2f zv8AU/L/AKj7/H3fmr9PaKAPzv8AjZ+yH8TNe1T4W/GT4HeJ7Dw38WvhlpUGkb79ZZdL1KzWPbJb zlFMioC8pUiMkhzkKwVlpeCfgP8AthfEn44eGfi5+074y0jRNE8Fh5LDw54Onvo7a7uGIO+8aYgs mQpKlpAwXbhQW3fo7RQB8c/s9/s9eM/hN8efj18UfEV7p9zpXxR1LTbzTIrWSV7iGOzW5EguVkiR FY+cu3Y7g4OSOM/Y1FFAH5heCv2Kvil4c/ZP+OPwJvtV0Z9e+JniDVtW02eOe5NnFBfparGtw5tx IrgwNuCRuBkYJ5x9Jah8DPFl1+xSv7OEd3YjxKPAsPhj7QZJfsP22PTlszJv8oy+T5gyG8rdt52Z 4r6rooA8W/Zy+HGt/CH4E+Bfhh4lnt7nVfDGk21jcy2jO9u8sK7WMbSJG5XPQsin2FfMf7VP7OXx 68ZfHD4cftE/s6axoVn4n8D2t9YPa+IBOLWWG8R03A26OzELK4K/Lj5SGJGK/QWigD4v+FH7PXxA 8Hftc/Ff9oXxJeaZJo/xA0zRbW2trSWZ7mKewtLeCcyLJCiBC8TGMrIxKkEhTkBND/Zs8UW37Z3j 39oHW7jTrrwf4v8ACkPh9LISTG981Wt/MMsZiEYiZYmGVlLcj5Rzj7RooA/J/wAF/s1/tz/sw6Zr Pwv/AGZPFXhHXPh5fXc9xpP/AAk63i6ho32li7onkK0bqCc5beGbL+Wu5lP2N+yj8CfE/wAAvhk/ hzx34yvfHPijVbyXUdS1G7mlljE8wA8q2WVmKRIB7FmLMQMhV+mqKAPjn9tD9nrxn+0Z4R8B6B4J vdPsbjwv4w0zxBctqEksaPaWUVwkiRmGKUmUmVdoYKpAOWHGdn9rz9mZf2mvh3YaLpOtt4Y8W+GN Qh1jQdVVS32W+t87d4Ug7GzyRyrBXAbbtP1bRQB+VviX4Df8FCvjy2g+BPjd498M+D/Buk3UFxqN 94Nkv4dX1TyO26RUWPfkk7diq+G8tgAo9X+P/wCzB8VLj4xeHf2mP2Xtd03RfH+i6d/Y19Y64J30 3V9NB3LHM8W6UOpxz1bCHehQE/fdFAH4ieF9B+Pum/8ABT/4X63+0VrOkah4j1rwzqksFnoSTLp2 m2kcF2iQRNcfvHJYO7s2fmbAYgDHt7fsy/ti/BP40/Ejxl+y54k8Jz+F/irqT6te2viZLvzdPvp2 eSWSEWyEN80jbSWII2q0fy7j9/ar8G/hvrfxU0X416no4m8aeHbObT7C/wDPnXybWff5kfkrIIW3 eY3LIWGeCMCvTqAPzN/Zv/YU8V+AfDnx28G/HTxHaeMLL4xypJNfWZkiu5HljnN1PLG0apFIZp98 YRpAMZJHSuF0P9n7/go98Nvho37O3w98d+Db3wbDFJYad4hvFvoNdsdOfKhFSNXiV40OIseYUwAJ Bhdv62UUAfmp41/Yx+NGhfC/4VWnwN+Kt4vj/wCF081y91rt1dPp+ttdMHnS7jVpSEUgpCu19sRK E5O8U/C37Mn7Tnxc/aB8B/Hj9q7U/CthF8NVnfStM8LR3Jee4mAG65mufmCBgHCh3HG0Ku5if03o oA/PD4d/s5/tD/CL9r7x18UfBmseHr34YfE++gv9atrz7QurQtbwyhFtgkZiyJZScs+GTghSK+7v F3h+Lxb4T1rwrPKYI9ZsrmyaQDcUW4iaMsBkZwGzjNdDRQB+S/ww/YW+NWofsxeJP2Q/j7rmgTeD 7RQ/hXU9GFzJqFrd/a5bszXMcyRI6bpANgbO0sm7kMLWv/s+/wDBRD4qfDpP2e/ih488HWXgqVIb PU9f02O9l17UbBGG6NklRIQ7oMSEBN3QswL7v1eooA4z4d+A/Dvwu8CaB8OfCUTQ6P4bsoLC1Vzu fyoECBnbA3O2NzNgZYk18W/tU/s5fHrxl8cPhx+0T+zprGhWfifwPa31g9r4gE4tZYbxHTcDbo7M Qsrgr8uPlIYkYr9BaKAPi/4Ufs9fEDwd+1z8V/2hfEl5pkmj/EDTNFtba2tJZnuYp7C0t4JzIskK IELxMYysjEqQSFOQMsfsq63q/wC1r8TPjH4tm0+88CfEDwYPCz2KSzC+PmCBJ/MXyljWNkjcBllL cj5R2+5KKAPyY8H/ALO3/BQn4A+Crv4GfA3xr4P1jwMHnTR9U1xLyLWNKt7hi5VVhR4SUZ2KZEoz yAq4Qfc/7MnwU1P4BfCPTPh/r3ii+8ZawjyXV/qd9NLK0tzNjcIhK7skSABUXPYsfmY19AUUAfDn x8/Zo8e/HP8AaX+EPjnVb/TU+GHw0kk1OaweWb7fdatuLxN5QhMLRI0UHLS5x5g288/ZniDQtK8U 6DqXhnXbdbvTdXtprO6hb7ssFwhjkQ+zKxBrXooA/IjwN/wTg8aXX7NOtfs3fFfxTaCHQfEEuueB 9a0mWaS705nD4W5ilhgAUsxdkjdstIxDgqjV0sHw7/4KxQ6N/wAIEfiJ4Ge18nyR4iaG5OphAuzd t+zeWZsc7jGeed+a/VKigD4J0D4KH9in9jHxb4c+Gniu3s/EOm2d7rM/iDWFAt31R0XzLiSPZMAu I1RE2uThQdzEk/RX7N3iPxv4x+Afw/8AF3xJbf4m1vRbK+v2MSwEy3MQlyY0CqhwwyoAweMV7LdW tte28lnewpcQTKUeORQ6Op4IZTwQe4NT0Afnf+2R+zT8ffi58WPhR8XfgHq/h7S9W+G51CQf29Jc iNpbrygm1Le3n3qAjbtxXGRjPOPL/GX7OP8AwUd+Omh3Pw9+MPxb8J+HPCGrr5OpJ4as7iW5uLZv vxZnggba44YCVQRwcrlT+sFFAHxj8V/2UrW8/Yx1X9lL4MNbaYh02CxsJNSkdYi6XMdxLLcSQxSN vlYO7FYzl26AdPoP4L+DdT+HPwd8CfD3W5YZ9R8L6Dpel3MluzNC81laxwSNGzqjFCyEqWVSRjIB 4r0uigDyX47fB7w58ffhH4m+EPit3h07xJbeSZoxl4Jo3WWCZRwCYpkRwp4O3B4Jr89W/Z8/4KMX /wAK2/Zp1Hx94Mj8FfY/7JbxJHFfNr0mk48nyTEVEPmGH5GOd2P+WxbLn9ZKKAPze+Nn7DN/rXwX +C/wX+C17ZWOmfC3xFY6rM+rSyo9xBB5rTspggkDTyyylyCqJknkcCv0hoooAK+LP2sv2ZPF3xj1 bwR8V/g74it/CvxP+G11JPpN1eI72VxDcACa2uQgZgjAfeCPwXXbh8r9p0UAfmt4W/Zx/ak+L3xy 8G/F/wDa313w5baV8N5JbrRdC8LLcmGW+kCjz7iS6G4BSiuBufJAGEBbdy/hD9mL9sX9l7VPEvhP 9lDxF4S1L4b+I7+W/s7DxSt6LjRJbjh1gNsCJI1AUDcxzgHywS7N+qNFAH55/DL9hGDw/wDAX4o/ D74geKH13xz8Zxc3HiPXkjwn2yXzDCYYjtJjgeQuFJUsS33FIVfnq4/ZO/4KC+KPgNJ+y14n8deD LLwPpmmHT7W/tEvX1O+gtY/9BtJ2aIJFAGSOOV0TzFjBx5vIb9kaKAPzVtv2N/ibDqX7Jl42qaOU +A9pcwa4BNcZuXmt7aJTZf6P84DQtnzfK4I46gafxJ/Zv/aG+H37QOu/tEfsjaxoS3Pjq3gg8S6D 4m+0CxuJ7VdkN1C1qN4ZV6jcuCXOWDlR+i9FAH5v/svfssftB/Df9pbxx+0P8dPFWi+JL7xxo8dr MNM+0Rm3uVlhKwxxyxKv2aKKEJG2/ecDcmck/VH7T3wu1/41fAHxv8K/C1xa2ureJdPa1tpb13S3 RyytmRo0kcLx/CjH2r3iigD8hLH9mH/goXZ/Bez/AGWB4/8ABw8ByWEWmXGurFfHW7fTnQJPZRJt ELoqloo2O1miAy8ZOF9y+MP7Cdlr/wAGPhj4L+C/iA+E/GHwXkjufDOrTqZEM42tOLlVz8tzKiyO QrYYfcZSVP6E0UAfl7f/AAE/bu+PHi3wpaftDeNvD3hDwT4XvY725g8EzahBe6tJDwFlkl2lEcZB wwC7iRGW2lf1CoooA/KjQP2Zv2yf2fvjF8T/ABP+zfqngvWPDXxS1WTV5j4oF8t3Y3EskspGbVcu qGZgCXfcACVU7i3ffslfsmfGv4D/AB4+I/xR+Jfi/TPGVt8Q7O2lubyFZbe9/tONw8i/ZjH5K24L yLGVmztVP3a5IX9GaKACiiigAooooAKKKKACiiigAooooA//1f38ooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACvxc/Zj+Bnw4/bl8WfGD4/ftHWcvjCSHxTf+GtF0+4uJ4INL02xWOSNYkg kjKuVnUZPIZS/wB92Y/tHX5gSfsz/tYfs/fEfx14i/ZB17wvdeEviJfPql1o3ihbtTpuoz582a1e 2BDKTz8xA2hUKNsDUAfLX7Y37OOq/sw/sKeIvh8PGU/inw3L4ysbvRLa5gMcmk2crvi0Eplk81Rg NkLGNxYhfmNfUHjydLX/AIKy+CLqQErD8MbhyFGSQt7fk4Hc1wPi3/gnV8VfEH7Nfi3wZc+LtM1r 4q/EXxPa+Jde1O7ae303fAznyLfyoJJNqeYxUmJcliMIoAH154g/Z68Z6r+3J4a/aZt73T18L6N4 Qk8PzWzySi/a6e4uZg6RiIxGLbMoyZQ2Qfl6EgH4t/A7xZ8LPjlD4t+M/wC078EPiP8AGjxR4s1G 5WC90TS7i90jTrFceXaWckd3DtaIlgRg7AFC4O4t7V4F1H4m6f8AsJ/tOfDbxZ4f8U6J4O8MxiTw j/wlthNZ340q8kfbakyfI/2cQqWEbMEMnZWUD6s8Nfsxftifsu6x4p0H9kjxB4T1T4eeJr6XULXS /FK3iz6NcXHDi3a2BDxqqqAWY5wMx7tzN1mj/safF6H9lf4p/DTxj4//AOEv+JfxTEs91e39xcjS bSd33LDbqUd44gSxLJCu4kDYFVQAD5F1D9hj4JP/AME7z8bdWs7u/wDiS3gy38VLr819ctcpMlml 3DAqmTyhFHEFgVdnCgEEMAw5/wDai8L+Hvit+yr+yZ8VvH1kNY8Wa9qnhjQr/UJpJPOudPuIJ3mi kIYAmV13s+N5bPzV+q+ofAzxZdfsUr+zhHd2I8SjwLD4Y+0GSX7D9tj05bMyb/KMvk+YMhvK3bed meK+c/ir+xd8U/F/7HXwn+C/hnXdKsfHvwru9J1KG4laZ9NuLrTYZYigk8rzQp83crGLkqFIAJIA P0L8DeBvCnw18JaZ4F8D6cmk6Fo8Xk2lrGzssUeS20FyzHkk8k1+Pv7TT/snr+1nrupftAajrnxq 11NPtrfS/Amh6ZcXKaEuxC7M0Vykckk3D7TtKl8spzGV/W34VL8T0+H+jr8Zm0tvGYjf+0ToxlOn l/MbYYfPCyY8vbuyOGzjIwT+fN9+zR+1p8G/2jviN8ZP2ZtS8I6tpXxTkhnvrbxV9sWazni3EeW1 quWjDuxGH5UhSmUVqAPn7/gnpe2Ph39sX4yeAvAnhbXPh14IvtBttXt/DGvK8d1Zz7rZVkeKR5GQ uJnZQWJ2MqkkKK+kP+CRn/JmWj/9hfVP/R1Xf2cP2Sv2gPhb+1T4m/aI+KvjHR/GB8c6EbTVWtkn tZ7e+86Bo4raAxNG1rDFbrEjtKrkclARz5p8Nv2UP25v2fNO8QfBb4E+OvCcHw01q/ubqy1PUobt 9a0mK6wr+REi+S0qgZXezIWG7Me4igD4+8D+CPCPjP8A4JZfF3WfEFgmoXHhnxZq+paZKWcfZ7r/ AEWESrsYBj5cjLhsjB6ZxXX/ALUPwd8H+C/+Cef7P2i/DSxHh258aeKPCepXk8Ekpd9U1DQ50kut zsxVyQp+UgDHAFfZnwg/YT8aeB/2KPiJ+yv4j1/T31LxVeajPY39qZpYEjmWD7MZw8cTBt0I8wKG Cg/KzVyOsfsi/tZfEX9nL4b/AAc+I+r+Ehqnw08WaHf2VxZzXqxS6Ho9lJahJGNsS10WcEYRUZep UjkA8S/bY/ZK+Dv7I/ww8D/HD4DWl74e8b+GPEemQtqn2+5mnvlmEnmtcCR2TfIwyxRVBBZNuw7R +69fHP7cn7PXjP8AaZ+C9v8ADnwJe6fYalFrNjqJk1KSWKDyrXfvAaGKZtx3DA249SK+xqAPxFT9 nfwF+0V/wU8+O2h/FOO41PwvoenaBfSaSlzNb295ef2XZxW7z+S6MwhV5SoyOW67Sytx37N/7H3w q8V/tVfHL4EeLlvtX+F3w1vra+0nw3Lf3S2KXmrxZE7hJQ7vDDGYlZmJIOWya/SX4a/s9eM/B37Y 3xf/AGhdTvdPl8O/EDT9ItbC3hkla9ifT7WCCUzo0SxqpaJiuyRyQRkA5APgn+z14z+G/wC018cP jPrl7p8+ifEt9JbTYbaSVrqIWMLxyfaFeJEXJYbdjvkdcUAfld4Z8eeIf2UPg1+2n4M+Fd9cWWne BfEOn2fh5WkeVtOGtXL2kjxuxLK8cQUq5Od6KxyTz5tD4D+BF38BYtO0j9nf4xS/FaWwW+g8ZR6J ctK+uMnmrdCVbwg27TdMRlvL+YfvPnr9RtE/Ye1DW9R/ac0n4oX9lJ4b+Ol9aXOnmwklkurMWpmk jlmSSKNBJHK8ciqrupKkMcdfLh8Bf+ClVn8L4/2ctP8AH3g1PCUNuNMj8UKL+LX00tR5aptVfLWU RDaCMtj/AJbbvnoA+YP2nvDF38Vf2Yf2Yfib8d/DFzbfEjUfFGleF9YfUorizvpLBJb2ORJoZChU 3BiWYttDHduUhSK9L/ao/Zy8AeIv2yP2af2dtEt5tA8Gvo2sW7W1jcSxP9ggSe5nthKWMgWdEeJ/ myVdhmvq39of9jPxp44/Zn+H/wAI/hj4sE/ir4a6tp+s2epeIJJpvt9zZpMshuJAJXXe8xdRhgu0 R8L8wt2f7PH7QXi79ob4E/tB/FO/8OLqPw/0vWrTxBBpkt0Flnv4bqG3NkksGGULLGZPMdCCG27g BkA+afEnwM+Hv7I/7e3wA/4UFaT+F9L+IkWsadrGnx3U81tcR2sClCwneRj80itjdjfGrABsks+A 3wb8Fftu/Hz44/FX9oy2l8VWXg7xHc+GNA0a4nlitdPtbRmUv5cLp87qEz2372O5iCv218c/2evG fxN/aS+Bnxi0G90+30b4ZT6tLqUNzJKt1ML6KJI/sypE6MQUO7e6YGMZrxfW/wBmb9pr4KfG3xt8 XP2Qtc8OT6R8Sbj7drXh7xSt0LePUSSz3NtJa5Yl3d3YFkxuK4cBNoB8d3XjXxH+wx8Rf2lPgf8A CnU7pvCWl+DV8U+HLWd2uzot7czW1qRF5hbCK92XO4HIRC+TuLehab/wT9+CWq/sPL8TJ4rmT4n6 p4UbxU/iY3tx9rbULmzN6ysfM8toTuMTZXLKSxO87q+nPhP+w/qdy3xT8cftO+IIfF3jz4v2Emj6 nLpatBZWGmMiqtvZeYgfK7EIdl48tPlJDM/jkP7MX/BQXT/hDffsraX498If8K7FpNplrr80V7/b o0llKJZmNV8lQY/3RPzFIyQshIUUAfTP/BN//kyX4W/9eV3/AOl1xX29Xzp+yX8IvEnwG/Z38F/C Txfc2l5rHh23miuJbF5JLZmkuZZh5bSxxORtcA5Rec/WvougAooooAKKKKACiiigAooooAKKKKAC iiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKK KKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooo oAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAP/9b9/KKKKACiiigAooooAKKKKACiiigAoooo AKK+F/2y/wBr3V/2dpPCXw++Gvhg+M/iZ8QZ2t9G09mK26bXRPMn2lWYMzhVUMoOGZnULz80eKfi 7/wVe+FXhy/+J3jDwH4M1/Q7CI3d9pmntK11a20Y3SlNlzliqg52tMR1AIFAH6/0V4F+zL+0F4Y/ ac+D2jfFvwvbvYJf+ZDd2UrB5LO8gO2WEuAAwBwyNgbkZWKqSVHvtABRRRQAUUUUAFFFFABRRRQA UUUUAFFUNV1CLSdMvNVnUvHZwyTMq/eKxqWIGcDOBXy3+yj+0pf/ALUvwX1D4t6ZoK6Ix1C/s7Gy abz2K2wXyjK+EG5y3zAYA6ZOMkA+s6K+dv2YPEv7Qniv4YjVf2mfDdl4V8ZfbZ4/sdiVMP2RQvlP 8txcjcxLZ/edug7/AETQAUUUUAFFFFABRVLUtRstH0661bU5lt7OyieeaRvupHEpZ2PsACTX5afD z9ov9tP4q/slP8cvhR4X0vxL4r1/xTdJpGnXEKwwxeHYS8O591zbh5UnjZd3mcj+E9aAP1YoqC2a d7aJ7pQkzIpdR0DEcgde/vXxZ+35+0X46/Zf+Ay/E34eW1hd6sdWtLHZqMUk0HlTrKWO2KWJt3yD B3Y68UAfbVFZ+k3cl/pVnfTACS4hjkYL0BdQTjOeOa0KACiiigAooooAKKKKACiiigAooprusal3 IVVGSTwAB3NADqK/H3wv+1j+2Z+1x4s8U3P7Huh+G9C+Hnhe7ayj1nxJ57PqEyfNhPK3bS6FX2CL 5FZd8gLAV7n+yP8AtefEb4lfFDxd+zZ+0T4WtvCvxS8Gwfa3+wMxsr203IDJGHeQqQJonXEjCRH3 ALtIoA/Q+iiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiii gAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKA CiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD//1/38ooooAKKKKACiiigA ryT46/GHw98BfhVr/wAVfE0T3FnokKstvGcPcTyusUMKnBxvkZQWwQoyxGBXrdfPH7VXwQk/aH+B fiT4XWl2lhqF+kU9lPLny0urWRZohJgEhHK7GIBIViQCQBXVgY0nXgqz9y6v6X1NKKjzrn26n436 J/wWB+McfjBL3xF4Q0Sfwy8v7yzthcR3iQ5/guXldDIB1Ji2tjgLnI/fPwb4s0Xx54S0Xxt4blM+ la/ZwX1q7DazQ3MYkQsp5U7WGQeQeK/l40T/AIJy/tb6t4wTwndeDDpkfm7JdRubmD7DGmcGXzI3 cuuBnCKz/wCzX9N3ws8BWPws+G3hj4cabM1zb+GtOtrBZmG1pTbxhDIQMgFyCxA6E19nxnhsupxp /Umubryu6t5nq5rToJR9la/kd7RRRXwR4x+en7cn7KXxF+NWoeCfjH8B9ch0L4nfDWaSbTvtAUQ3 cbuj+WzsrqrIyEoHUxuHZXwDkfLd/wDt4/tpfAmyltv2sv2fG1DQ4VMV3q2jl0thE3ylpJEN5asW H8JkiB9ulekftyal+0j8Bvj34F/ao+GUeseLvh9pNobHXvDdrc3BtVb98pnkt03ookjlG2byyEki Uv8AeUHO1v8A4LE/s03fhadNE8L+I9Z167jeCLRZ7KGPzZmG0RSyCaVQjE7SVV2x/AelAG74x/ay +CPwr/YK1r42/sh6TYaDb312un2VjFZxWn2PWbopHK1zAgKGeGEeaM7lcKnLIRXC+CP+CcHi74g/ CzT/AImePvjX4xg+L2v2Kail9DqLCzsbi5QSpAYseaypuCuUmTkfIFAAPgvw1/YZ+MWvf8E6/iDo Wp6K2keMPFWtReKNJ0GRDFLHFZKqrCY2OY5p4/NCI3I/dhsEnH0L4A/4KufB3wh8HNP0H4k6PrVh 8UvDllFpt14e+wSrJcahbIIvkkb5Y1kcAkSYdMkbWIG4AxvhP+0p8Uvin+wB8d9M+I+oSj4hfC6y 1bSbnUYZPLuJfLgYwzM8W3EqlXjLry2wOSWLV5N8Cf2Q/iR+0V+yjZfHX4nfGTxXH4iTTLqXwzaW d+Y7Oxi07zIrdp1KlpJJGiLO6OjlWBZi+TXXfCD4J/Eb4b/8E+v2i/iR8WLE6T4k+KdjquttYsCs sFs1u7R+ajfNG7vJI2wklVK7sNuUfa37FI/418eCh/1Ll9/6HcUAfAv7JXwO+KX7fnwSTx38fvi/ 4nt9P0J20PRLTSrpLcMbJEY3l8WR/tMpZwu5sSHZkyc8df8Asr/tTfEb4R/sW/G/WvHWqS+LNW+D erz6TpdzeyNIztM0dtaxyO7F2jS4bcASSEOwHAGPfP8AgkB/yZ1a/wDYd1P+cdfIH7OXwc1X49/s 3/tffCvQdn9rat4tnkshIdqvdWU4u4Yyxxt8x4gm48Ddk8UAcb8MvC3wG+Mnw+t/ir+0h+1rqOm/ FTxDG96iWmuRW0OjvLkxRG2K53KMGSONoVX/AFaBdu8/oD/wTM/aM8ZfGTwT41+HXxC16Pxbrfwx 1NLBNcjcSDUrCcyrbTF8ZkOYJMSnl0KlstuY/B3wX/aC/YO+GXwms/Af7UXwTs9I+KPg23XTtQtL jwxBNdahJbjYk3mSIMSyKAZDMyZfLAsCDX6I/wDBOtfE+veCfFHxK1z4SeHPhLpfiS9QaNa6NpZ0 29utPgMhSW9y580DzNsLbI84dwu11NAH1t+0F8VI/gh8E/GnxYaBLqTwzpk91BDISEluQu2CNiOQ rysqkjkA8V+Uv7Pn7GHjL9rP4WWP7RP7Q3xc8Wr4q8ZLJfaZFpN8tra6bAWZYCsRR1+YAOEi8tVR tv3ssP1M/aT+Ft18bPgL46+FenypDe+ItLnt7V5f9WtyBvgLkchfMVcnsOcGvyz/AGYv+ChPw4/Z u+C9h8Bv2nNJ1nwh45+HcL2H2M2EkhvYI2ZoDERwrbCFy5WNsB1cq3ABt/s7/Gj4x6T4I/aX/ZZ+ L3iGbxB4l+Eei6pJpeuNIwu57L7LMqMz58wlCI5EdmaQeZtLfKteU/sWfsh+Lf2sf2ftN+JPx3+K ni02Ltd2nhuz0/UjEltDbXEqyXUxkWTzZWufMC5wQigFiCoTsf2efA3xF8beGf2pf2zfiBoknhq0 +J/h7V4tDsbgEXJsEtpm8yRSMhdkcKI3HmEOwATYW89/YJ/4KG/Cn4Afs16X8M/jfZ6po76M99ca Jcw2Mk8Oq2c91LK4hcYXzI7lpYyWIj4A37gwAB6t+z1J8QviZ4M/aA/Yc+O3jbV768+GU8T6frtl dGDVLiwjkeRUM8glYx5iiJD7m2TNHuwq4zP+CTvwf0yx+AesfHeDxDrX9qTprOlDTDeD+yI0XypB OlsEDC4ygHmb+hPFekfsG/D74h/EbxP8c/2tPGmhzeHf+FtNJbaDY3KlJjYjeRIwbB2EeSiNwHKO wG0qT5X/AMEuPjp4S0X4UeI/2T/EFrf6V8QdLfXNQktrm3McflIkauhYncsqNkMjKCMGgDmvgB+1 F45+C3/BLzxJ8Wjqk+r+LpPEF1pel3GoyvdMlxdGFFcmUtu8mPzJVU5UsoBGCa9g8Ef8E4PF3xB+ Fmn/ABM8ffGvxjB8XtfsU1FL6HUWFnY3FyglSAxY81lTcFcpMnI+QKAAfm39n34GeJP2gf8Agk94 l8FeDYftXiCy8SXeqWFv3uJbPyWaFD/fkiLqnYsQDgHI+nfAH/BVz4O+EPg5p+g/EnR9asPil4cs otNuvD32CVZLjULZBF8kjfLGsjgEiTDpkjaxA3AHlemftN/Fj4l/8E4PjZp/j/VJ4fiJ8MLuLRrr U7eUw3Myi9gEcrPFsIkH7yJmH3wm4kszVp/Cv9h3x/8AtC/s1+H/AIz/ABJ+M3i3/hO9T0SK80OK 1vRHp1hDHBtskaHbvdnjVGldHjZmYklmy7eeaX8E/iN8N/8Agmx8f/iR8WLE6T4k+Kd5ba21iwKy wWzXsDR+ajfNG7vJI2wklVK7sNuUfrp+yV/yaF8Jv+xO0j/0ijoA/Mz4cftO/tC+Jv8AglT4t+JG jald6l458LXcmj/2suZb5bBZrcyXRYAs0sNvOy+b95Qvms25Sx8D+HHw6+B/xP8Ahvo/ib4DftQ6 3ofx8eG0mmi8Sa3Jp0E+oFkaeAq8QkdQd/l+XJODxu3gnHqf7DfjL40/D3/gmx4w8Z/AbQ7PxJ4n 0rxReytYXlvLdCaz+z2guDFDDLEzyIh3hcnIUgKxIFeM/G74tf8ABOj45fBS6v8ASPh/NoXxy1Gx EdvpuhabcWbx62ygEMIdtrND52d24NKydFEh4AP1J/bS+IPj/wCFH7BGrweO7u2vfiDr+l2fhqeX Tixgu9R1ELb3T2+Y4mG+LzpFGxcHgCvnT9vfw3rv7Of/AATr+H/gPwhqdzot94dvdE0+e4sZ3t5J JRazm5O+JlOJJtzkZwTXAaR4Z+JHizW/2MP2TviuZ5da8PJceNfEVvdEtJDa6fJM2lwzgknKxo1u wPQnHHNe/wD/AAWR/wCTR7T/ALGbTv8A0Rc0AZf7aXjf4qfE745fB79ij4Y+KbjwfF44sG1XXtRs nZLs2MaykoHUqwXy7acldwEjFFY7cg/GH/BRP9jjVP2avgjY618OviD4j13wTqGp21tq2j67eLeI t3ske3vISqRqnIZXAXdlx823IH1v+2foPjH4GftD/CH9u/Q9Fn8Q+GfCWmpoviK2tF3z29rKlwn2 jbwCDHduAxYKrogYgNmvlv8A4KNft1fDn9pH4IW3gD4GWmpaxpdvqFpqGt6pNZS29tZqodLe2JcD 95JK2cn5cJhSxJ2gH0x+3z+0L4n0nxd8J/2W/DfjpPhhpvjGwg1DxF4jMvkvbaaxaJUSQFWTd5Mp O1lLtsTcFLZ+Vfi1qHwj/ZX0XT/jP+x7+0teeKPEukXcH9p6BqesxalFq9vM6pIfJjSMEgnLhlYh MujIyAn6J/b9+Ft94X+K/wAHv2udQ8DJ8RfA/hrS4dJ8T6S1qt4qWa+ayzyQuGQgLcyFHYBUkSPc RkEeU/En9or9jbxraaP4I/Yu/Z+8PePPiNrtxAsVvfeFIltLWEt+984DynLDhSwcRICXaTC4IB9v /tNp8Zv2hvAvwo134e+N4fhZ8JfEtpa6x4p1kamljfR2t7FFNDDHK2zgIWBw4Duy7lKqQfzE/aWb 4IfssDQviX+x/wDtE6r4i8cWmpRLeac+tJq8F3bbWLySvbIsRAYKrpIWVw3ABHPtX7fuiR+D/jN+ z5D+0PoUjfAfQ9EtrXUrHw9HLb6VBqsYlSeOGNH3RxqBb+Wm4OYFZUbcGNfPP7aHxB/Zf8c/BN/D 37GnwrWPQNDv7W98QeLINGe0itk5gt7VrmaMTs00swJ3sB8oADbiVAPtX/gpB8Vdeh+JPwY8HePP FGt+Afgt4otmu9d1LQfME8k5yTCzRqxZY18s7cPw7P5bsiitL9nP4R22hfG7wn4w/Yq/aBi8afDo hv8AhKPDuu601zdrbFgC0FqlvuV8MWQyRxMrqAZCrsB2H7TP7S2rfDmP4Raj8QPAeleOv2a/GOi2 M2q3smmtqFxBczQny2+eQwKoV4ZI90QZx5iq24DHwvqmjfs6fFP9qf4RXv8AwTk0XVLDXNP1eK+8 QXtrDeW+l2tkk0RZ5EuWBRVTzFkRAkcit5YDs4FAH9K1FFfLP7SH7WHgz9mfVvAekeLNI1DVJfH+ oPp1o1iIisMiNCpaXzZEO3My42gng8dKAPqaivE/2iPjl4d/Zv8AhHrXxh8VWF1qemaI1qstvZCM zubq4jtl2+YyLw0gJy3QHHNbfhD4q6N4y+DWlfGqxtLiDStW0SLXY7eQJ9oWCW3FwI2AYpv2nHDY z3xzQB6jUU8EN1DJbXMaywyqUdHAZWVhggg8EEcEGvnT9lr9pjwn+1b8Np/ib4N0u+0iwg1CfTjD qAiExkgjjkZh5Tuu0iUAc5yDxX0hQB8yfFLxx8FP2Jfghrvjqy8O2Xh7QLCTzY9L0e2hs1vNQucI kcccaqgeQqNzY+VFLHha+RP2GPhF8WvHfxa8Vft2/Hqzj0TW/H9ilnomjIpBtNLPlFJXDcqWjhjV M/MwLuwG8Cuz/wCCn+sfBDS/gX4dj+Pln4gvvD03iS1MUXh2W2iuGuo7W6ZBMboFDDs35AG7dtIO Aa/Ry2eOS2ieJdiMilVxjAI4GB6UAT0UUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRR QAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFA BRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAf /9D9/KKKKACiiigAooooAKKKKACiiigAooooAKzV0bR11A6stjAL5uDOIl808Y5fG7p71pUUAFUp dM02e7j1Ca0ikuoRhJWjUyIPRWIyPwq7RQAUUV4J+0n+0R4J/Zf+F118VPHcNzd2UNzb2kNrZhDc 3M9w2AkQkdEJVA8hyw+VGxk4FAHvdFeU/BD4w+E/j58LPD/xb8E+Yuk+IIWljjnCiaF43aKWKQIz KHjkRlOCRxkHGK9WoApXOmabezQ3N5aRTy25zG8kasyH1UkEj8Ku14D8P/2hvCvxF+NHxF+CGk6d e2+r/DX7B9uuJxGLaf7fGZU8gq7OdoGG3KvPTNe56heR6dYXOoTAtHaxPKwXqQiliBnvxQBbqld6 Zpt+8Ul9aRXLwHdGZI1co3qpIOD9K8a/Zz+PXhr9pX4UaZ8XfCNhd6ZpmqS3MUcF8IxOptZmhYsI ndcEqSMN0p/xe+OOk/B/XPAWhaloWp6xJ4+1u30OCTT4lkjs5Lh1QT3RZl2QruyxAJwDxQB1Xxg8 Par4u+EnjbwpoUYm1LWtD1KytUZggee5tpI41LMQACzAZJwO9fO37C3wS8V/Br9lrwf8L/ixpNvB r+iz6jLLBviu0jM99PNEyyIXTJRwcg5Gcda93tPjV8PtQ+M178BLG9efxhpmk/21d26xOI4LRpYo k3SkBS7mVSFXJwCWxxn1egAqFbe3SZrlYlErgBnCjcQOgJ6mvLvhJ8avh98cNM1zWvhxevqOn+H9 WuNFnnaJ4ke7tUjeXyw4DMi+aFDYAJBxkYJ9XoAKpS6Zps93HqE1pFJdQjCStGpkQeisRkfhV2vK PHXxq+H3w78a+Cvh34lvXj8QfEG6ntdItY4ncym2QPM7MBsRIwy5LNklgFB5wAer0V4Bpf7Q/hXV f2ktX/Zjg069TxBo2gL4glvGEf2Nrd5oYRGpDmTzMzKeUAwDz0r3+gAqhHpemQ3smpRWkKXko2vM saiRh6FwMkfjXj/wJ+OOk/HjQ/EOu6RoWp6BH4e1u70OSPVIlhkmktEidp4grNmF/NAUkgkg8V7f QBSOm6cdQGrG1iN8I/KE+xfNEec7N+N23POM4q7RRQAhAYFWGQeCDVazsbHTofs+n28dtFktsiQI uT1OFAGT3rwv4f8A7Q3hX4i/Gj4i/BDSdOvbfV/hr9g+3XE4jFtP9vjMqeQVdnO0DDblXnpmvfqA CqVrpmm2Mks1laRW8k53SNHGqFz6sQBk/WrtFAENxbW95A9tdxJPDIMMjqGVh6EHg0ltbW1nAlta RJBDGMKiKFVR6ADgVPRQAySOOVGilUOjghlYZBB6gg1WsdPsNMtxaabbRWkAJIjhRY0BPU4UAVco oAKKKKACiiigAoryj4SfGr4ffHDTNc1r4cXr6jp/h/VrjRZ52ieJHu7VI3l8sOAzIvmhQ2ACQcZG CfV6ACivBvgn8e9C+O974zuPBunT/wDCOeFdVbR7bWHZTb6pcQLm6a2UcmKJyEEn3Xzlehr3mgAo oooAKK5Hx74j1Pwh4K1vxVo+jTeIbzSLSa7j063dUnujCpcxRFsjewBCg9Tgd6wfg58WPCPxx+Gm gfFPwNcefpGv26zIGx5kMgJWWCUAkCSKQMjjONwOCRgkA9MooooAKKKKACiiigAooooAKKKKACii igAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKK ACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooA KKKKAP/R/fyiiigAooooAKKKKACiiigAooooAKKKKAPnH47fHhvhTLZ6Lo9lHfavex+f++LCKKHc VDMFwWLFWAAIxjJPQHO+Bf7Qc3xP1K48N+ILGKy1SOIzxPblvJlRSAw2uWKsM5+8QRnpjmt+0N8C tX+Jd3Y+JfC80Q1K0h+zSQzNsWWIMXUq2CAylmyDwQeoxzmfs+/ADXPh9rU/i7xdLEt75LQW9vC3 mbA+Nzu2MZwMADPBOTXalS9l5nzkp4367ZfB+Fv8z67oooriPowr8hv2ovGvhX4tft6fCb4FeJNb sdL8J/C1D4v11r25it4JL8BXsoG85lVmX90dvdJ34IBr9bdRvU03T7rUZIpZ0tYnlMcEbSyuEUsV jjQFnY4wqgZJ4HNfkB+yP+yBofx2j+In7QX7X/w6lfxT488RXFxZaZrkFxbT6fp8PESiJ/LdQSxQ bl5SJCDg0AXv+CfXjLw/8LPj58Zf2QNK1e11Pw/Z6hJ4k8KzWtwlxAbG62GaBJEZlJiR4cqp+8sp wOa3rLxL+0h+2P8AHf4m6N8MvibN8Jvh58KNSbQYX0+zhvbrU9UgZ1mlkaTb+7Vkzt3bSpQBSS7D h/2mf2Wrf9mP4n/CD9pD9kj4d3cj+HNXaz8QaR4ftrm9nudPukw8nkp5jAeUJombGAzx56VteFNd +IX7C/x0+KcepfDPxJ47+G/xV1V/Euj33hbTnvrizvbpmaWzubdinlnLBV3MCAoIDbmEYB59+yJ4 s8efCH48fte+NPjxdw634j8FaVp15qdzaotsl/HptrcPFMiAbY2uII0faBgM2AB0rqvAmg/t2/HH 4I3f7Utl8Xxoup69bXepaR4MTTYJdKfTlL+XaSysQ4aeNcLJguoKln3Ela/7OPw2+MHxx+Jv7V2o /GfwLqfw+h+LujWNpY/2jayCOOCe0ngtwsxCpLNbwtEZlQ5SQFWVGBUS/CT4+ftD/Av4IL+ytqvw M8Vaz8TfDNvPoujahp9l5vh67iLMlrdyXzMqxxRqy7jgghRuaMswQA95/wCCUH/Jkng//r81f/0u mrpv20fi18RPhn8QP2d9I8Da1JpNp4x8eabpOrRokbi7sZ5oVkhYyKxUMGIyuG54NN/4JmeDfF/g L9kDwr4Z8c6HfeHdYt7vVGlstRtpbS5jWS9lZC0Uyq4DKQRkcg5HFYn7dXgjxp4u+I/7M994T0DU NattB+Iel3uoy2VrLcpZWsc8LPPcNGrCKJQCS74UAHJoA+XvBPww+Kc//BVLxvawfFO9guLDQ7XW bmcafblrzSWvbSQaOyk4SIIyx+cP3mFB6k1+yHjTRta8ReEtY0Lw5rUnhzVL+1lgtdShiSeSzmdS EmWOT5HKHkK3BxzX5j+Lrn4g/BT/AIKS3nxTn+HfiHxT4R+IPhqw0CHUNFsnvIrO4a5tw8lyyAiN IhCWcMQ20hlBGa/V6gD+ej9kLx742/Zj/Zc+NP7Rlz4vm1vTNB1/VdKtvDU1rFHbXOt3EljFFqLz qfNzl8PEuF2BiCDzX01d/Dr/AIKB6X8FG/aQPxzafxjBpv8Ab8vhRtKtf7J+zLH9paxDD/loIvl3 BRlvlD/8ta+ffh38GPir4v8Agj8d/wBh7xF8P9d0PxDq2van4m0fX7mzddCuHt57SS3txeHEe648 hlVwSu1ic5Uivfrv9rD9oTWfgNN8Cbf9n3xpH8XZ9IOgyzvp2zQkkaL7K18L4vt8vrIoxs3fL5hX 5yAfoV+zJ8aYf2hvgP4P+MUdqtjL4htGa4t0OUiureV7e4VCSTsE0b7MnO3Gec1+af7dHw7+I2uf tvfs+roXxGu9CPiWfVItIMdlBL/YUltb24nlh3n9+bkkFhJwuOK/RT9kb4J337O37Ovgv4Q6tcx3 mpaJbzNeSwkmM3V5cSXUwQkAsqPKUUkAkAHA6V8mft76d8QPDPxr/Z6+PnhTwTrHjnR/h/qGr/2r a6JbNd3ka3sdusRESAnDBH+Y4UEBWYFlyAfO/jnwl8ddf/4KX6p4F+EfjdPDOuXfgCxttY8Ry2Ud 1cR2ML27zTQ25IjE006RLyQFDtgggV9Efs8+O/2g/hR+2BrH7Jfxn8c/8LK0e98NjxDpGrXFolre RBZxEY5PLJ3BsSBtzPyqlSoLLWj8LdC8a65/wUc174xXPhLWdH8Ma/8ADGySK7v7Ca3iju5rixmN nJIy+WLmNQweLduUq2Rwa3NT8EeNJP8AgqBpHxAj0DUG8LxfDtrJ9WFrKbBbr7bM3kG52+UJdpB2 bt2CDjFAHy/of7XX7Q2kfsSfHT4vW2ovr/irwv48v9E0+7mt4nGm6d/oSq/lIiq4h85ypdWG5gX3 KCK1vhB4o+PWs674K8W/AT9pzTPjil5d2/8AwknhnVktNPnSzdd1xLBG5FzEUAIRQikNhjuUMtRf Ajwp+1P8M/2TfjU/wx8HND4zn+IusahBpOv6bKv9qaRNBaJKbeGfyhKJAGKNyrhGRcsRXzf8VvAW kftGX/hO2/Zp/Zl8V/CH4rw6taz32uSac+h6Tpix7mlJZWWJiG2upMUUh2/LknYwB/RpX5QWXiX9 pD9sf47/ABN0b4ZfE2b4TfDz4Uak2gwvp9nDe3Wp6pAzrNLI0m392rJnbu2lSgCkl2H6uRhlRVdt 7AAE4xk+uK/Inw1rPxE/YR+PPxWtdV+GfiLx58OPilq8niPSL7wpYHUJrO9uWczWdxDuQLksFUlh wqlQ25hGAeafsmeMfHXwa+Of7X3jj49XcOt+IvBWl6bd6lc2qLbJqC6fbTmGVEA2xtcwpG20DAZ8 YHSvRPhT4P8A27/2lvhXD+0VF8cD4D1TxHHLfaB4cs9Mt5dMitgzCBLl5NzMJducsshVSGO4koOc /Z5+GXxj+O3xH/axvvjF4I1T4dp8XdFsbTT21C1kEcUU1pNDbbZSFjmlt4miMyqcpICrKjZUbXwP /aS+O37NvwbsP2ePHnwB8Y69498HQSabpVxo9gbvRNSijJNvI16jYjRVKq5RZOBuO0kooBQ/4eD/ ABY8UfspeFr7wvpVnafGvxX4uHw/AcL9kttUG0teLE28H5JYhsbKLI5JDIu1vXZfhd+3/wDBfxn4 N8YeHviXL8btM1K/ht/E+iXtpY6YkFtIMy3NpI8qBQgB2qhU7tuVdWZV+XR+w/8AH7wH+zB4M8fa VYRaz8XvCvjr/hYtzo0bqTIZhB5lkj5AaVRbxOyqSCd6IWO3d9G65+1P+01+0BrvhL4dfs8fDDxZ 8ML19Qt5vEuveKNIigtLGxjB+028IuUlSV2yCpwsh2gBBuJUA9Y/ZX+LXxE8e/tJ/tL+CfF2tSaj ongjWNKt9GtnSNVs4rhbsyKrIqswby0++W6cd88b4G+NfxR1T9oz9q/wZqGvyzaL4B0qwuNDtjHE FsZZbCSV2QhAzZcBvnLCvILPxR8T/wBjj9rz41+JtY+FHijx54P+Lc2n6hpt/wCGLE6gyXFtHJiG RQVVCXnkVgzBhsDKrK2ap/sxeF/jrrHxY/aq+IfxQ+H+qeE7rx7o1pPp1tPbyOkiy2k5htoZwoSa aKJo0lWPJSTKMqsNtAHlfwx1j9vn4z/sjXn7Uf8AwvBtAPhmx1O80zTLfSrVzqkekmYzy3k7AASS NG8aJ5bRgIpKgsTXSf8ACV/tx/F39lG6/bPg+L0fgx9I0y41Oy8NaZpcJtJ7bSt0dxLcTSl2MlwY pJAjK8ajaAAGwv0d+y74B8deH/8Agl83w/17w5qWm+KD4b8Wwf2Tc2k0N/51zc6g0Mf2Z1Eu+UOh RduWDAjORTfhn4B8d2H/AASrvPh3feHNSt/FTeCtetRpElnMmoG4mF15cItiol8x9y7U27jkYHIo A4n45/tw+PdL/Z3+A9z4R1LSvCfjn44wW4m1rUjHHpujRJHCL67PnEooWSZSnmBlC7uGYCvIfEH7 SnjD9lvxL4P8ZWn7T2iftAeFNY1ODTvEOiiXTmv7WO4yWvbMWk0jhI9p+UkIpKhgwbKS/Er9mX4n a3+y5+zF8R9K+H//AAlmv/CC0jOs+DtTtMT39hcrEbiBra4XJkTyQBEULfOWCkqFLb8aP8bPFvhT wL+zn+x7Y+DGkvY28Raz428FWdrZWVovEscQAAkcZJHzBztCqnzEqAewfFbx3+1R48/bz1n9mr4Q fEFfBvhuTwza6pdXL2MF7Jp8SMnmy2qSAZmld0i+dsKrlhhgKT4V+If2m/Bn7S/jT9i/x/8AFObx NFrXhKTW/D3ih7CFNQ06VnEKuYuVk2t5mVd2BKKQVDMo9W8J+CPGlt/wVA8afEC40DUIvC918PIb KHVWtZVsJLoXlkxgS5K+U0oVGOwNuwpOMA0X/gjxo/8AwVA074gJoGoN4XT4dtZNqwtZTYC6+2yN 5BudvlCXaQdm7dg5xigDwX/gkp4J8c2Xhrx54tvfHNze+H4vE2s6bJobWkKwyagos3bUjOD5gkZA U8ofIAc9a+3/ANuX4m6p8If2TfiT460OZrfUrfThZ2sqHDxTajNHZJIh/vRmbePcV8o/8E7rn4g/ CXxL8Rf2c/iD8O/EOkXEviXWdfttdlsnGizW8v2eJI1usbGd9hdCpKsvGcjFfTX7f/w/1L4mfsef E3wvo0Rnvk05NRiRQWdzpdxFfMqAclmWEqAOSTigDzTw94s0r9ib/gnJoXjKxsFuZ/DXhmxultn4 WbVtXaNj5mCDsN3c5fB3bM45FfEL/GH402/wmPx6H7ZPhWX4gJZf2wfBXnaQdPKbfPOmBBN5nn7P 3eQm8v8AJuz+8r7X1/wY37aP/BN/SvDfhK5iXVPEnhnS5LVnYeWup6WYneBn6KDcW7wsx+7kkjjF fDVp4g0fR/hNa/DU/sPS3HxutbRNNFxN4Ps5tDlu4wIft73gT542I8wjGwnjzdvz0AfR1v8AtdfE HXfiJ+yx8ZLfUZNP+G3xjt7nQtY0cLG1vBrqs8EbrKymQbrl9q/PykXIBJrnpP2x/icP+Ck8Xw2G pyD4QtqLeEvK8uLyTrS2IkJ37fM8wXbCPG7G3tnivR/2hv2d/iHq37AWkeGdP8O6dZfErwG9n4ls dM8LWAgtYdUguGmmis7WANl/LmlH7sHzJcsB82K+Xb39nP4zj9gS0+KUXhnUP+F1xePD8Rm05bGc 6l9vkvfs+z7Nt8//AFO2cx4yAM9eaAPvT9nX4r/EX4x/tUfHW7/tqR/hp4CuLXw3pdgI4/JfU4gP t03mBPMLJJEwwX27ZRxxmvMf2HryT4d/tJ/tKfs3W5ZNE0TXIPEOlQH7tvHrCGWaNB2QBodoHHU9 SSfbf+Cfnwl1/wCEn7MugW3jS1ns/Fvime68Qa0l1G0VwL3UZNwE0bgMkiwrErqwBDAggdK8V/Y2 hf4h/te/tPfHq0G/RptVsfDNjOOUnfSYRDcFG6FQIoSMZyGH4gH6gUUUUAFFFFABRRRQAUUUUAFF FFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUU UAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQ AUUUUAFFFFAH/9L9/KKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoor8h9N/aI/bz+MH x2+MPw5+A0PgiPSPhhrI08trcV5HO8UzzrAd0Mjh2xA287VHTA54AP14or8t9G/a+/aS+BvxR8Mf D39tnwbomlaD41ufsWm+KfD00v2CG6IwsVykzyEbmIBYmLapLbWVWK/p5f6hYaVaSahqlzFZ2sIy 8szrHGg9WZiAPxoAuUVm6TrOj69ZrqOh30Go2j/dmtpVmjP0ZCQfzrSoAKK/PbxH+038Z/gN+x9r nxv+PmjaJqPjnTLnyodO0i7C2UyT3UVtARIrzk7PN3yBSTgY+XOR9x+DPEUPizwppPiKGWGU6haw TP5DB41eSNWZQQT0Jxyc0AdNRXg3i3W/jXa/HnwLofheDSH+HF7a37a/JcSAamk6QyG1FqnmqWUy BN+I2wu7kdR67e+JvDemWk+oalq1paWtrIYppZZ44445B1R2ZgFb2PNAG5RUFrdWt9bx3dlMlxBK AySRsHRlPQhhwR9KnoAKK5uz8ZeD9R1V9B0/XLC61NAS1rFdRPOAOuY1YsMfSukoAKKz5tW0u2ea K5vIYntk82VXkVTHH/fYE8L7nimaRreja/ZjUdBv7fUrViQJraVJoyR1AZCR+tAGnRWJq/ibw54f eCPXtVtNNa5bbELmeOEyN6IHI3H2FX7rUdPso45ry6igjmYIjSOqhmbkBSSMk9gKALlFVLu/sbDy zfXMdv5zBE8x1Tc56KuSMk+gpbi+srR4Y7u4jhe4bZGHcKXc/wAKgnk+woAtUUVyWu+MNC0v7bpk ep2Y1qC1luI7N5k89giFgfK3ByvuB070AdbRXyL+w38c/GX7Rf7OGgfFjx/FZwazqdxfxSrYxtDA FtrmSFNqO8hB2qM/Mea+ndK8U+GdeuJ7TQ9Xs9RntTiaO2uI5njPo4RiV/GgDdoqvdXdrY20l5ez Jb28KlnkkYIiKOpZjgAe5qlpmvaHren/ANraNqNvf2PP7+3mSWL5eT86Erx35oA1aKrW15Z3lst5 Zzxz27gkSRsGQgcHDDjjFVhrOjmzXURfQG0dtqzeanlls4wGzgnPGM0AaVFZMWv6FPqsugwajbSa nAoeS1WZDOiHozRg7gD6kUy38R+HrvVp9BtdUtZtTtl3S2qTo08a+rRg7lHuRQBs0VQ1LVNM0azk 1HWLuGxtIuXmnkWKNR7sxAH4ml07U9N1izj1HSLuG+tZRlJoJFljYezKSD+BoAvUhAIIIyDXP3ni 7wpp1pBf6hrVlbW1y/lxSy3MSRyPnG1GZgGOeMDmvM/2h/jPZfAX4LeJ/i5LZpqx0G0NxBaGcQfa pCQqIJMNjO7JIUnAOBQBz/7PfwHuP2f28Z+GtE1dLnwRrGryatoWliEo+ji7G+6tVk3kPB5vzxKF UoCwO4nNfRteafBvx7/wtD4U+EPiDJ5C3XiDSNPv7mK2ffHDPd20c8kQOSRsL4AY5xjNel0AFFFF AHI+PtL8Va34J1zRvA+qx6Fr9/ZzQWWoSxGdLSeRSqzeWGXcY87lGQMgZ44rjfgL8GvDfwB+E/h7 4VeGCZrfRoMTXLLiS8u5DvuLmTk/NLIWbGTgEKDgCvYKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooA//T/fyiiigAooooAKKKKACiiigAooooAKKKKAPif9qb4r+LvC2r6d4O8MXkmmJPai7nnhOy V97uiorjlQNhJ2kE59qyP2YPi54y13xTN4M8S302rW01u80Ms7GSWJ48ZBkOWKsD/ETg4x1OfpD4 q/Bjwz8V4LZtVkksr+yBWG5hwWCMclHU8MueQOCD0PJzT+FHwN8L/CmS4v7CaXUNSuk8trmYAFY8 glEVeFBIBPJJwOa7VVp+y5banzksDivrvteb3PXp2se10UUVxH0YV+Vn7B3/ACdj+2N/2M+nf+jd Sr9U6/I+z/Zc/bu+Fvxx+LvxK+AfifwLZ6T8T9XGoPFrLX8twkcLzNACsdmyIwE7bgHYHjB4oA6D /gsHcaXD+yVDFdgHUJvEWmjT8Y8wXIWZiU758oSDjnmuH8feD2/a1/b5T4B/Gqee58DfDDwla61N o0MzwW2o6pc/Z98kvlMrMo+0AZzx5e0YDvn0Pw5+xZ8f/ix8V/C3xR/bT+IuneLLTwPOLvSfD2h2 zQ6cLoMrrJM7xwlgGRSVMbF8BS4TKt6V+0H+zF8W7/44aN+1J+zF4i0zQ/H9jYHSdSsNbSZtL1aw 3blSVoA0ispwMADdtQh0KZYA+bte+Gvhz9in9uP4N2vwL87Q/B3xm/tDS9Z8PpPLNZ+dZrH5dyiS OxVt06EH+EK4XCuy1+xlfnd8NP2Yfjl43+P+jftLfta69o13q/hG1kg8O6B4bWcabYvOrLLNK9yP MeTDZ6tltp3bUVa/RGgD+Yqx8C+E/EP/AAR61DxnrOnJc614U8QzPpdyzOGtmvdTs4JyoVgp3xna dwOO2DzX9A/7O3ww8B/CX4R+H/DPw70iPRdMuLaG+khjeRw1zcxI0shMjM2WPXnHoK+FPCP7BHxG sv8Agn34k/ZJ8Ra7pMXifVb1763vbV55rBXS8hu4kdnhilAbydjkRnbuyA2MH7d/Zs0X46eHPhbZ eH/2hJ9FuvEmmuLaGXQjMbd7GGKNITL56IfOJD79o24wRjkAA+Pvjt/yk8/Zn/7A3iX/ANN95XzP +y1+yp8KP2h/j/8AtN638Z7GbxJpOg+P9bt9P0t7u4gs4bi5vLg3FyUgkjzKyJEgbPAXuQpX9D/i V+z14z8Y/ti/CD9oXTL3T4vDvw/sNXtb+3mklW9lfULWeCIwIsTRsoaVS2+RCADgE8E/ZY/Z68Z/ A/xn8bfEXiu90+7tviT4wvvEGnLZSSyPFa3UssiJcCSKMLKA4yELrnOGNAHzh/wTc0ub4eePf2jP gRpV7PN4T8BeKo49Gt55GlNrDdG53IrNz92JM+rAt1Yk/Rv7ecfhm4/Zt16w8Z/Ep/hZoV5NbxXm qQWz3dzPDv3GygiikjkZ5yoB2E/IHDKULEO/Zx/Z68Z/CD4y/Hb4ieJb3T7nTfifrVtqWmx2kkrz www/aNy3KyRRqr/vVwEZxweemYP25P2ZPEH7Unwk0/wr4O1m30XxF4d1e31vTnvVZ7Oae3jli8qc KrkKRKSG2PgjG0gmgD8Pf2lJ/wBmCw+Dun+Mv2V/g3428Gat4XvLGe18a3Fpc2ljgOEG+5kuJPMk kYhkOxWDAYIXIr+nXw3ez6n4d0vUbohprq1glcgYBZ0DHge5r8nfjz+y/wDt+ftZ/DKbwP8AFnxV 4H8K2tg0Vza2Gix37RaleRMFDX08yyNDGiF2QRK+XxuTgFf1V8E6frGk+DNA0rxD5H9q2Wn2sN39 mdng+0RxKsvlM6ozJvB2lkUkYJUHigD8fPiH8DPCX7Qn/BUvxD4G+IJuLnwvZeCrPVL7TobiW3i1 D7NNBHDDOYWRmjWWZZcZHzIK6P4OfDrwx+y9/wAFI9d+FnwoSfSPA/ifwKdcuNIWaWeCO6iuPLDx iVnbcPKYrliR5jKMKQB9g6B+z14z0r9uTxL+0zcXunt4X1nwfH4fhtlklN+t0lzbTF3jMQiEW2Fh kSlskfLjJBd/s9+M5/25bP8AaZS908eF7fwefD7Wxkl+3m7Ny828R+V5XlbWAz5u7P8ADjmgD8W/ gd4s+Fnxyh8W/Gf9p34IfEf40eKPFmo3KwXuiaXcXukadYrjy7Szkju4drREsCMHYAoXB3FvQtH+ H/xT+IP7Evx1+GmteHPFei6N8LdTtvE/gJ/FVhPZ6lFp8Bmke3UyfK7QW0UgxExCNLxwVWvtTw1+ zF+2J+y7rHinQf2SPEHhPVPh54mvpdQtdL8UreLPo1xccOLdrYEPGqqoBZjnAzHu3M30z+yz+zt4 0+EfgfxJbfGrxlP8QfFfjm7lvNYklllksIhKGBtrSKXG2L53LEIm7IG0KqgAH5E/txfFHxV+1Z4c +Ftz8OrnbceDPAMnxL1fyeRFMZIYHU44V7d45CPQMexFfXC+N7P9sD9s34CDTts/h34f+EE8e36L 9yPUdWjjFtC3/TSF/IkAPIG73rsf2L/+Cfmr/s9P8VbL4marZeIdO8ZWp0TS1tZppZINEZrgyRTC aKMI8vmoWRC6BlJyc89T/wAE9f2K/Fv7JWmeM7z4jatp+ueIfElxaQQT2Es8yR6bYRlYELXEUTKx Z23IoKhVTDHGAAfYnx98c6j8Mfgd4/8AiJo67tQ8N6DqWoWo2bx59tbPJEWU8FQ4BbPGM5r8t/gJ +wb8IPjD+yZZ/FjxubvUfit47sZ/EDeKmvZ1vLXUJy8sDx7ZAgER27wQSx3EkfLt/YbxR4c0jxj4 Z1fwjr8P2jS9ctLixu4skb7e5jaKRcjkZViM1+Wvhj9mP9vD4Y+BtR/Zp+G3jzwsfhdcNc21hruo RXbeItN0y7djJDFHGqwNKodthYkAk7XjGwIAfCPgTxD4p1b9h79m79nnQdWuNB0/4weNr/SNWvbV tkv2BdS2SQhv+mhmDY/i2bT8pYH6t/bQ/ZG+Ev7KfwQg/aN/ZqtJvAfjT4a3mnSx3Vtd3Ehv4Li6 itXhuVlkYSBjKGbj5lDIwKtgei6B/wAE7/GLfsdeDfgprfiey0X4lfD7WbjX9E1vTGmuLW3vGuZJ 4lJljhkKsrLuOzKOoYBguGv+Mv2Z/wBtT9p+z0T4b/tTeKfCekfDvTLuG51OLwot5/aGtG25QSNc oEiUtz8oUBvm8s7UAAOG8a2th+2v+2t4W+DfxLe4b4c+FPA1p4vm0JJHt4b7Ur0wgGUxssjKiXUY HzfLsZRje+fZ4/2J/Dv7PWvfEr4l/BjXpfDngjXfCWo21/4R8uW4tpLwW8hW6jnlnJjK4G1fLbGX UMqsFHUfHz9lr4ny/GDwx+0l+yzreleHvHPh/Tf7EutO1lJjpOp6YpJSKQ24aRCnQAKN2EIdCgJx PhX+yz8bfGfxl1H9oH9rrXtIvdb/ALFudA0nRvDgmWwsLO8DrO5knAdpSskijO/72S5wqqAL/wAE 7HSP/gnd4KkdgqrYa+SScAAalfZzX5e6nLLB/wAEYfD80DtHLH4oZlZThlYalOQQRyCD0Nfbfw5/ ZL/bu+Fvw/vf2YvCnxA8Jw/Cq5luootae3un1+10++kZriOCDaIFkfzHbDM21mJWUcYmvv2AvjFd f8E+tN/ZQj1nQR4ts9YbUHujcXX9nGI3ck+BJ9l87dtcDBhAznnHNAHz9+3F+x18PP2Y/hD8Pfih 8G7rUND+Jdt4ksLC88Ri/unvb2a+hnM1xIWlKrI0q78oF4LLgg12n7VP7Lfwm/ZM1j4A/FH4JWdz o3iePxzpWlX1+15cTTalFdB3me58x2UtIY2D7QoZZGUjbgD9AP23P2evGf7Sfwu0HwT4GvdPsb7S /EenavK+oySxRG3tFlDqphimYufMG0FQDzlhS/tjfs9+M/2hdG+HGneDL3T7KTwh4x0zxDdnUJJY 1e0s0lWRIvKilJlJcbQwVTzlh3APzR/aU8e6D8UP28/FHgf40eBPGXxQ+H/ww06zTT/DnhSylvI/ t93bwzveX0STQkL++dFYN8wVB90MG7X9kq41TwT+2Xbab8DPhV4/+Hfwd8baZcLq+m+J9Jurawst WtopJo7mCRpJ0jEgiSMF5MlnZAMFAv1n8a/2YfjZpn7QZ/ao/ZU8Q6Rpvi3VNPj03XtI8QLOdN1S CFVWNy9uGkWRVjjUABfuAh1y4fR+BHwF/aXn+N95+0L+0/42s5tRjsTYaX4b8NzXaaLaxuCGklSb b5jgM2Awc5bcX+VQoB+fv/BOH9ib4H/H79mufxv8adNufEt5dX19p2mh765ij0u0iIYi1SKRVV3n eSRiQQSRxy27lfCfh+z8ff8ABKL4iWXxBDa/P8Kde1K30Ce4kcvZ/Z2t1QphhkKtzKqq2VCtgDAG P1g/YV/Z68Z/sxfAGz+Ffj290/UNWt9QvLppdMklltylw4ZQGmihfcAOfkx6E14p8Mv2I/Hfh/8A ZB+K37OfizW9Mj1fx5quq6hZ3dk009tCt2sBtxN5kUL5Dw/vAqkAHKljxQB9B/sT/DDwH8Mf2avA i+BNIj0keJdG0rWtR2PI/wBo1C7sLfzp28xmwz7RkLhRjgCvq6vlz9kXwV8f/hv8JbD4ffH660G9 u/DcdtpukzaE07K2m2lvHDF9pM8ceZsocsoAIIyAc19R0AFFFFABRRRQAUUUUAFFFFABRRRQAUUU UAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQ AUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAB RRRQAUUUUAFFFFAH/9T9/KKKKACiiigAooooAKKKKACiiigAooooAKKo6jqem6PaPf6tdw2VtHjd LPIsca59WYgCmaXrGk63ai+0W9gv7YnAlt5FlTI7bkJFOxPMr2vqaNFFFIoKKK/FW9m1r9sH9sT4 rfBz4ofF7W/hv4c8AzwWOi+GtEv49LuNVVwRJcs7BhOMqr4KOwWVQuwA5AP2qor80vhf8Gf2lv2a P2jPD3hnwp4q1/4ofBHxNazrqTeILyK7vNCuYUbyWSWRo2KO+wYiQAqX3IWVWPh/w/8A2yfBHwH/ AGoP2nLX45eL9Rkszrej2/h/Sx9p1CQbIrxrhbO2XcsSD93vI2LkoCclaAP2dor54+EX7VHwP+Of gHWfiR8NfEI1PSvDqO+pI0MkV1aeXGZT5kEih+UVirAFXwQpJU47n4Y/GDwJ8YPhnp/xd8CXsl74 Y1OO4lgnkhkhdktZZIZcxyKHGHiYcjnGRwRQB6dRX5X/ALXn7ePhez/Y6k+KvwB8R3drqvjGZrLQ r4afKCrWl3FFfbvOjKwsIi4RnAy2Ch3Yr7h/Z2+L/hj43/CfRvG3hW6uby38tLWeW7t5baVrqCNB MSsyqzAsfvAYbsaAPb6K8l1/43fDvwz8W/C/wP1i+ki8XeMba6u9NthBI0csVmjySlpVUohCxsQG IzjjqKXxd8bfh34G+JPg74TeI76S38SePftX9kwLBJIk32NA826RVKJhTxuIz2oA9Zor4b8W/wDB RX9lrwfrWt+F7zXr2+8QeH9UvdIutMsdNuri7W409tlwwRUx5SNkCQsFbB2k4OPo74NfG34Z/H/w RB8QvhTrKa1o00jws4R4pYZ48b4popArxuuQcMOQQwypBIB6tRXP+K/FfhvwN4b1Hxf4w1GHSNF0 mFri7u7hwkUMSdWYn8gByTgAEnFfCtv/AMFQf2Qp9Us7SXX9StNN1CXyYNWuNIvIdOdycf614wwH qSgAHJIANAH6FUV8/wDxh/ah+CHwEu/DNt8VfEkeiR+Lor2bT7ho5JbeSPT445ZiZI1ZRlZUCDrI zBUBJxXmnwf/AG+P2Z/jf48i+GngvxBcReIbtWezt9Qsp7L7aiLvJgaVQGJUFgpKsQCQpANAH2XR Xy38d/2x/gR+zrruneFPiHq9w/iDVIvPh03TrSW+u/s+SPOdIgQiZU43EFsHaDg4+Rf2Yv2gNO+O n7fXxL1fwD4tu9e8BTeENPnsLZpbhbWGdWtUmItJdoilD7w/yBsk9QckA/V6iuJ+I/xC8LfCjwNr PxG8bXD2mhaBAbm7lSN5mSIEAkIgLNyRwBXxnqX/AAU+/Y303VLTT38X3FzbXPkh7+3066lsrd50 WRY5ZljI3hW+YKG2EENggigD9AqK8u8f/Gv4V/C74dn4seOfElppvhQxRTRXxfzEuFnXfELdYwzT NIvKLGGLDkDGa8F+Ev7e/wCzT8ZfGVr8P/DOv3On69qSl7C21WynsPty9jbvMoRyw5VdwducKcGg D7Lorx7wN8d/ht8RPiF4z+Fnhq/lfxN4Blhj1a0nt5YGj8/d5bxmRQJUYLnchIwVP8Qylp8ePhnf fGTVfgNaak8vjDQ9MXVr6AQSeTbWjlNrSXG3ylYiRCFLZwQcYoA9ior4G1T/AIKZfsgaX4hn0RvF dzd2lpcfZZ9WtdOurjS4ps4Cm6jjKsD2dAykchiOa+hvij+0l8Gfg74K8O/Efx14iitvDHiq9tbH T9RgVrm2lkvYnnhfzIQwETRxs/mH5QBnPNAHudFfNn7Pn7WfwT/afbX0+D+qXOpHw08S3hnsp7ZQ txv8l1aVFUh/LfAzvGPmUcVt/Hf9pX4P/s36Rp2qfFXWWsZNZmaDT7O3gkury8kXG4QwxKzELuG5 jhQSoJyyggHvFFfMPwI/bB+A/wC0Zq2o+Gvhxrcp8QaTH511pV/ay2V7FEGCl/LlUb1VmUMULbSR uxuGfJtb/wCClf7JujG5t4/EF/ql/ZXN1bXNnY6ZdT3MH2Ngk0sqhAEiBPDkjdg7c4NAH3vRXmPw 7+Mvwy+Kvw6g+LHgbxBbX/hSeKWY3zEwJCsGfO88ShGiMeDvEgXaOTxg18pJ/wAFNP2Pn8QjRR4r uRZG5+yDVzpt2NK8/dt2/ajHtx3342Y+bdt5oA++6K8l+Kvx1+E3wU8Br8S/iV4kttJ8OSmNYLn5 p/tLzKXjS3SEO8zOoLAID8oLfdBI+fPhv/wUJ/Zm+Jvj7T/hrper3+ka7rLKmnR6tp1xYpeu5wiw vIu3LnhA23ceFyxAoA+3aK/Nz4PeNPEc3/BRf9ovw7rOu3b+HdE0XQJrazuLqQ2VpvsbV5XjidvL i3EszsoGSST1NfWHwZ/aN+FX7QEmvN8KNQuNasfDtybS4vxaTxWMk4JytvcSIsc2ANx8ssApVujK SAe50VzHjPxn4V+HnhfUfGvjfVINF0PSYjNdXdy2yKJMgAk9ySQqgZLEgAEkCvjbwZ/wUm/ZK8be KLDwtZ+J7nTH1eXybC81PT7mysbt84wlxKgReeMybBnA6kCgD7wor8T/APgpT+0jo7fFb4efs7Qe M9f8I6LHqTyeM5tFiuYbo2kkNvLbJbyxofPzHNISib1V9pdCVAr9Tv2ffD/hbwz8FvB+meCNU1TW 9AksI7yxvNakeXUZre+Juka4aRI33YlxtZVKgBcDFAHsVFfkh8Dv27NN8e/tvfED4f6r4g1C48J3 66ZpnhOx/s6aOOO6EYN20wEQZC0u/Ek3BXAU7cV5X+yf+3v8Lvgx4J+Iel/H3xnqeq+IJfHmuNZ2 pW61S6h0yKK1VWydwit1cSbQWUZD7QcNQB+4dFfHfxC+Nfwc+NP7JXi74meD/iDc6R4PnsZo59e0 mOYX+nNGyiTEI2TpMmR8hCttYMPlIJin/ab+Bn7O/wCz/wDC/XPHfjO71ay17RNLi0a5lt57jVtb UWkJW4NuoeXzJFZXlL4Cu4Vm3MAQD7Jor5h+BH7YPwH/AGjNW1Hw18ONblPiDSY/OutKv7WWyvYo gwUv5cqjeqsyhihbaSN2Nwz9OkhQWY4A5JNAC0V+f3iT/gpv+yP4d1K8sofEF/rdrp03kXWoaZpl 1dWELg45uAgRx6NGWB7Zr6bvv2hfgzp3wdX4/wB34qtV8Avbi6TVBvaN0Z/LCqgXzDIZPk8sJv3/ AC7dwIoA9mor899P/wCCoP7H93ZS3l74kvtKZPKaKG80u7iluY5nCLJAuwiRcnnByBkkYBI+hPjp +1L8Ev2c10yH4pa8bLUNaLCxsLaCW8vbnacEpBArsFzxubCk8A54oA+hKK+VPgR+2f8AAX9onxFf +DPAGrXMHiXTYjPNpep2ktjdiFSAXVZBtcAsMhWJGQSADmvK/g98UfhR8NY/2h/iFf8AxK1rxXpf hnxTfy63FqFvcsmgyJNIr2VkrFzJBGx2r5Q24UYGKAPv+ivz91L/AIKffsb6bqlpp7+L7i5trnyQ 9/b6ddS2Vu86LIscsyxkbwrfMFDbCCGwQRX3ppmp6drWm2msaRcx3ljfxRz288LB45YZVDo6MOGV lIII4INAF6iiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACii igAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKK ACiiigD/1f38ooooAKKKKACiiigAooooAKKKKACiiigD89f2ybrW/wDhKdDspS40gWZkiHPltceY wlPoWCbPoD71ifsh3Wtp8Qryzsi502WydrpefLBVl8pj23ZJA74Le9foN4i8LeHfFth/ZniXT4dR tgdwSZQ21vVT1U+4INReGfB/hjwdaPY+F9Mh02GQ7nES4LkcAs3ViO2Sa7FiV7PksfPSyWbxn1nn 038/Q6SiiiuM+hCvyxuvAn7Gn/BRvxb43sfEvha+0Px78PL+TRb2czJYasUt2MYm2wySxyxB1ZEa ZGK7cfKCAf1Or4c+OX7AHwU+Nfjlvinb3useA/GsibZdW8NXa2M1wwxh5wY3VnAGCy7XYYDMcDAB 8WL4Y+Jn7AX7T3wd+HvhL4oar45+HvxT1I6TJ4f1mUXNzYqXihE8fIVVRplffEkX3GVlYV6x+xx4 X0O+/bu/ax8X3dpHLqukajpVpazsgLwxXq3LThGIyu8wR5x1xzX0L8DP2Dfg78E/HH/C07jUda8e +N1i8qLWPE14L+4tgQQxtwEQIWDEbjuYAkBgGbPsXwx/Z68F/Cf4l/En4qeHbzULjVvildWd3qcV 1JE9vDJZLMsYtlSJHVT5zbt7yE4GCOcgH51fDnTbTR/2tP23NG0W3W1tZvD9jcGGJQqNNNpryu20 cbmeV2J7lie9ew/8E+tc0rSv+Cb3hjWL65SO10rTfEUly5YYiWK/vnbdnpheeexBr6w8H/s6+BvB fxl+IPxw0+5vrrW/iTDZQalbXLwvYoljEIUEEawq43Kvz75HBOcYHFfKth/wS9+BmlapeWmm+KvF 9r4F1C7F7c+D4tYaPQp5AwOyWFYxI8eAFw0hfA+/QB+fWn/8oQNT/wCwkv8A6kUVfvz8OyD8P/DB ByDpdl/6ISvnTQ/2Kfg/ov7L95+yVJcapqPgu980tNc3EX9oLJJdfbFkWWKGOMNFMFZMxEcAMGGc +m/s/fA/T/2e/h8nw70rxPrfiqzhuHmiuNduUuriFGREWCNkjjCwoEyiY4JODjAAB8W/HWWK2/4K ffs3S3DCNJNE8QxqzHALmzvAFye5JAA7kgVT/ah1Sxm/4KK/ss6LHKrXlpFrs8sYI3LHcW7LGxHX DGJ8fQ19W/tKfsl/DX9p630C48XXep6Dr3hWZ59J1nRbkWt/aPJtLBXZXUqWRG5XcpXKMpJz5V4A /wCCefwi8C/Evwr8Zp/E/inxL448MXF1ctqusakl7PqBuYBbiO7MkJJjhXcYhGUILtvZxgAA8U/4 J5aP4Rb4/ftZa+kcL+KE8f6pbSOcGaOwa9unjC91SSUPuxgMUGc7RjU/Y+t7DS/25f2rdH8CJEnh GO60WWZITiKPVZIpDcBVHyhjMbgPjHKgEcYHzd+zh+yxo3xy+Nv7S/i6Hxp4o+H/AIj0n4h65Yx6 j4Z1E2Es1nPdzO8Mw2sHTcNwxtOeSTgAfrX+z/8As8fDf9mzwQfA/wAObeYx3E73V7fXkgmvr+6k +9NczBV3NjgAKFA6Ac5APJP2+vHfwm+H/wCzL4i1P4z+HJfF/h+8ltbVdHiu5bI3120okgjaeFle NFaPzGYZwE4VjgV+b37Yd5+2Vqf7HOuD4qeE/Anw5+G9jb6WkOkQS3N1rK7bmBLSCBlZrdGT5d2M EIrDpmv2R+OXwQ8A/tD/AA31L4W/Ei2kuNH1Io++B/KuIJom3RzQvhgroemQQQSGBUkH41m/4Jjf CvxHoDeGfij8RPHfj3Tra3e30yDV9b82DSyylEntYREIxNGpIUurpjgx4AFAHzR8a/D+keM/F/8A wTy0XxHbpf2F3ZmSaGZQ8cvlWWkShXU5DKWUZB4I4Ne5/t56bYw/tI/ska9DCseoDxmLTzlADmB5 bUmMsOSuc4HQZPqa+n5v2Qvh3dXnwTv7zWdauJ/gPDJBobPNbZuY3iggxfYth5hVLdADF5XcnOa7 X4u/s9+C/jP4t+HfjPxTe6ha3vwz1ZdZ01LOSJIpbhWjYLcCSKRmjzGOEZD1+agD4n/ZGt7DUP27 /wBqrVvFscTeL7K80qCwMhzNHpDRygeVnkKyJbeZjgHYO/Od8B9H8I6J/wAFTfjra+EI4YIpvDFl PdxwACNb6ZrJ5+F4DMx3v/ts2ec19O/HL9i74f8Axn8e2PxZ03xFr/w78c2dv9kfWvC96LC6urbo I7htjb8DgMMNjCklVUBn7Pv7EHwl/Zu+IGsfEvwPqmu6jrev6f8AYL+TVr1Lz7QzTLPJcu3krIZ5 HUFzv2dcIDzQBP8At9/8mbfFj/sCyf8AoaV8+3fgTwpp/wDwSUOjW2mwLaS/DSLV3QRrhr6XT1v2 nIx9/wC0HzN3XPOa++vi98L9A+NPw08Q/CvxTcXNrpPiW1a0uZbN0S4RGIOY2kSRA3H8SMPasC5+ BvhK6/Z/H7OEl3fDw0PDieGPtAki+3fYo7UWYk8zyvK87yxkt5W3dzsxxQB+GXxkfxtrPwj/AGCv Deif2VPDewK0EPiFpjos+pQJZJZpfLD8xjAYooHUOy9M17T+134G/bK8YaH4Lvfj14k+D/gdtC16 1u9D1W2utXsr1b+IMywQzTRzYV9oZlC9UU5BUV+kHib9jj4L+M/2fdA/Zu8WW95qnhzwxbwQ6bdy TKmpW0tshjjuEmjREEoViD+72MCQUI4rybwZ/wAE7PhnovjzQfH/AMQ/G/i/4o3PhRxJo9r4p1QX 1pZOhBRljEaZZCqkDIQkAlDgYAPKf2ir6w/Zd/bp+HP7S17Mun+D/iZYT+FPE054ijuYVD2c8p6A ttiGeyQv0zz85eCbLxj4k/Yu/af/AGxpYpbfxL8Ymv5bM5Ilt/D9nIbZUVhyAsZmU44KRoc9DX64 ftGfs8eAf2n/AIZ3Hws+IzXcGmy3MF3HcWDxx3dvPbtlXieWOVASpZGyh+RmAwcEdz4P+GnhDwT8 NNK+Emk2Sy+GtJ0yPSUt7gLIJbWOLySJhgK5kXPmHHzEkkc0Afjv8DfDH7Zl1+xvoOg+EbT4N/8A CqNT8ONJM2pHVxKbWaItdS37R/uRcK28zsPlWRWxgKK8R+K3gSew/wCCdvwJ+HGu+KdJ8Z2B+Jlp ZRahol1Ld2b2lwuo/u1lljibMZdkK7QFwAOlfoJff8EvPhIbe98MeHPiD458O+A9Tna4ufCtjrWN Icucsgikidth6NvLsf72QMfRHjz9jz4O+Ofhf4E+D0UV54c8MfDrVrLWNLg0qWONvtFisqoszTxT F1kMztKeHdzuL5JyAfSGj+H9C8PW62mg6dbadAkccSpbRJEojhG2NMIB8qDhR0A6V+dP7aPwwvfH nxu+FHiD4PfEjRfCXxt8MR302h6TrWJIdStJkbziI9kpUqscgDeWcjOCrIrD9La+X/2j/wBkv4Z/ tMx6HfeK7rUtA8ReGJHk0vW9EuRaajal8FlWQq4KkqDgrkHlSpJJAPiv4NfFvx5pv7ZnhzwF+1t8 JdF0T4seItGuIdF8V6HMXjurO1SaVo5I/NlADLHINxIcEKDGFKldP/glTo3hBPDXxn120ihbxLce O9Ttr2TA88WcaxvbIe4j3vMV7Ft3XHH0v8Ev2Jvh78HviC3xe1fxN4j+Ivjr7MbOHWPFGoG/ntYH 3B0txtTYGDEHcWIBIUqGYH82P2KP2RNC+N/hr4pePIPHXiz4f68vjrXNIuZ/DWpmxW909EtpkhuE KOG2vNIVIx9453YGADzPxRcah4b+BH7eGlfC7Fv4Pt/Fmmw2gtGKxR/aNQ8rU0iCfL5fl7IyBx5Z I+6BX0Ja+Df2ytV/Y5t/CEifBax+EF34Wj/0mZtYTydPktg4u3kwY1uFz5pkwcTfNya/UD4Z/s1f B74U/B2X4FeGtDSbwnewzw38V2RLLqBul2TyXUgCmR5F4JwMABVCqqgfIk3/AAS4+Ekll/wiEfxE 8dxfD03BuP8AhExredIBL+Z5YjMRbZn1Jkzzv3c0AfNGreJvDnw7/Zy/Zd+G2teG9L+PXxPnvrlP B72OrXCaIkljd7Ibhpm8kSrDG0EQjljCArINwVTu4j9sO9/aqvfHn7P+sftJweDNGU+NtP8A7K0/ w+11LqMeJoTO8805ZDGP3YPltgttJ6V+pPxq/Yq+DPxn8F+DfBzpe+ED8Oyp8OX2gzi0u9MChBth dlkGD5UZJI3blDBg3NeNaj/wTL+EfiZrLWvHvjzxv4q8Xabd2t3a+INS1hLrULUWhLpBCJoJIFhL kOymNm3AYcDIIB+a/wC1f8O/j/8AE39sH9qHw/8AA+7EVrb6Fod5rtojlLnUbG30yyYWcOxS7GQ5 YoCocLsJO4K37MfsT/EH4SfEf9m7wjrHwY0uDQNCs7cWc2lQHJ0+9hA+0QSE/M77zv8AMf5pVYSH l67fwn+z14L8HfHfxx+0Lpl7qEviPx/a2Npf280kTWUcdhDHDGYEWJZFYrEpbfI4JzgAYAwPg7+y v8PvgT8R/G/xC+HWoapZQePZvtN9obTQNo8Nzu3efbQiBZYnyXGPNK4cjbhUCAHyN/wVidH+EHw2 03XJfJ8I6h470mDXG3FF+xmKdiHYEYTALE9mCnOcV6X/AMFIPDfw7H7EHjS21iztLey0W1s20dVR EW3uknijtltgMbcg7MJ/yzLD7ua+wvip8LPAvxp8Cap8NviRpi6toGsIqTwszIwKMHR0dCGR0YBl YHII9MivivQf+Canwktb3RIfHPjfxn8QPDXhiaObS/D3iDVxdaRbGIYRTbrEgZVHAXhdvysGUkUA fOPxCv8AXdU8ff8ABO7U/FDSPrF3Zyy3jSkmRrh9O0tpC5bneWJLZ5zmv2krwb4lfs7+CPil8Rvh p8Tddur+01L4V3N3daVDZyQx20rXiwq63CPE7MqiFdojePHOSeMe80AfmH+zuQP+Ckv7UKnqbDw0 cf8AbjDXN/8ABKrwpoCeEvjR4w+xRHVtR8f6vp005RTI1raxwSxxFsZ2B55Dt6ZNfUPiP9jH4fa3 +0fbftPaT4j8Q+G/FBezbULbTL1IbDVBYhEjS7iaJ2ZGSNEkQOFYKCAGyx9I+AP7PXgv9nLQPEXh zwReahe23ibXbzxBctqMkUrpdXqRJIkZhihAiAiXaGDMCTljxgA/HLwRZWuj/sh/txeH9LiW207T fF+uRW0EYCxxIkiIqqo4ACooAHYCvV/EHwwvfHngf9kTxB8HviRovhL42+GPBGmTaHpOtYkh1K0m 0uLziI9kpUqscgDeWcjOCrIrD7wsf2LPhZYeAvi18O4dU1ltN+Mmp3eq6vI09uZ4J71t8i2jC2Co gP3RIsh9SazPib+wt8Hvif8AD34feB76/wBZ0e/+F9ha6doOv6bdJbavBDaQxwrvmWLy2LCJWbEa 4bJTZk0AfLfwa+LfjzTf2zPDngL9rb4S6LonxY8RaNcQ6L4r0OYvHdWdqk0rRyR+bKAGWOQbiQ4I UGMKVK/pn8WvEPhXwl8LfF/ifxykknh3StIvrnUUhZlle0igdpkjKsjB2QELhlOSMEHmvnb4JfsT fD34PfEFvi9q/ibxH8RfHX2Y2cOseKNQN/PawPuDpbjamwMGIO4sQCQpUMwP1d4m8N6J4y8N6r4R 8S2i3+ka3az2V5bvnbNb3CGOVDjBwysRwc0AfjB8MfE37Tnir9mO8PwG+GXgX4T/AANudN1SeH/h IL691K7fTn803Mp2MSzP8/M64xgZ27TXyN4Hlsr39lL9kPQ/GoR/AN38SrxdZE5xbcX37pJs/L5b RvOWz/DuPrX6oeHv+CZHwq0SyXwhd/ELx1qvw9jnM6+EZ9bKaK25zIY5IoY42aPed2AytnksTkng fj58FPhT+yX+yOvwvk8Daz8V/hfda/5+qrcXqDUNBt7oFje2r29qpKwSLlQ2DmQh5NjEAAp/8Fgd L8Ef8M8eFr7VIbePXbTxJZRaS2FEwR45PtEaY58vYoLAfLlUzztrb+PfxJmP7auneEv2efhXYeNv jfonh0yXOua1qM1vY6TpUrZ8tYBIEZj5wLOoVwJdo3bmx+bXjv4c/s2fHjU/A/wv/ZL1zxl8WPFt 7qloJdQ1+e8ks/DmjRZa4jXz4baNFPynowwmFbcVDftZ8c/2JvAXxo+JNh8ZNO8UeIvh945srYWT ar4avhZTXFupOElyj5wCVypXK4DbgFAAPz/8KN8bE/4KofDOX4/T+Gf+EuuvC1+zweFluBbQWv2e +8mOdrnLvNlWbJJ+Urg4xXH2H/JC/wDgoP8A9jlrP/pZLX6IfD7/AIJ8fBr4b/FTwx8bdH1/xPfe N/Dz3clxqepamt9Pq7XcJt2/tBpoW3bImKp5PlYBydxAI66L9iv4WQ+E/jF4OXVNZNl8btTutV1p zPb+bbz3cjSutmfs+1EDMdokWU46k0AfPl34E8Kaf/wSUOjW2mwLaS/DSLV3QRrhr6XT1v2nIx9/ 7QfM3dc85r6c/Yilkm/ZE+ETysWI8N6euSc8LEFA/AAAV39z8DfCV1+z+P2cJLu+HhoeHE8MfaBJ F9u+xR2osxJ5nleV53ljJbytu7nZjiun+Ffw40P4Q/Djw58MPDU9xc6V4YsorG2lu2R7h4oRtUyN GkaFj3Koo9qAO/ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiii gAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKA CiiigAooooA//9b9/KKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigCvbWlrZo0dpCkCsxYhFCgsepIHc9zViiigAooooAK KKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoo ooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiii gD//1/38ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigD/9D9/KKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo A//R/fyiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACop/O8mT7NtEu07N+du7HGcc4z1xUtFAH5gaPdftL6Hp37VWkW/iqb xn8RtJsNMn0lrWAwW9tc3WltN5OnWbPKEEecRglmldQz7mY0v7MPxI09P2hNL+Hfw313xd4h8Ia1 4NuNS1JvFf8AaUkkWtWF3bRyPC+pjzFcrclbmOE+SHZNvIIr7dl+CPg641X4j6rdTXkrfFC3trbV I/OCLHHa2hs0+zNGqyRsYzksXYh+VK9Ky/hl8BtI+HXiS58aah4l1rxn4imsI9Jh1DXJoJZrXTop DILaEW0FugVn2tI7K0kjKpdzgYAPdaKKKAP/0v38ooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD/9kA --00000000000006612d05b5a810de-- From nobody Fri Dec 4 11:02:32 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 525763A0EBC for ; Fri, 4 Dec 2020 11:02:31 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.097 X-Spam-Level: X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_RATIO_04=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=pingidentity.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id r-w2faIj7H_q for ; Fri, 4 Dec 2020 11:02:29 -0800 (PST) Received: from mail-lj1-x236.google.com (mail-lj1-x236.google.com [IPv6:2a00:1450:4864:20::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 72FF53A0C1E for ; Fri, 4 Dec 2020 11:02:28 -0800 (PST) Received: by mail-lj1-x236.google.com with SMTP id z1so7780359ljn.4 for ; Fri, 04 Dec 2020 11:02:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=q+PiUBxYYk9Bvk0j1oqMXYlrQ039fLqFX6kwENcGvgQ=; b=XzhqZ4I/AGOmw7YBYzyLN5Nxm737vtujnW1QRvvWXzbCO9uoU+ff9o7PXE20yb5ovP QOBQNrwIN2HMC5rpd6GT6Cp3YfCAU+c+n2IuIwgxDg+w3xutj0UcycNbUVqZUaOKfcGR MbsOrJEBQefs5qWVyeQwLdHvEeW+FHzwlNeDoEZ7/C3AHeHcfLcXOvQKjbSC3SVxqorW VydOebO9BMbJCyrTyWol2h0XSW7UhnDott3HjqGJoCIFvbPQoUaz7S35x8WwWAZaV+Qg kIWvjnoVQg+AOWSiKSQqc8DPdmmDSDFZHUV0up0aI93YWALl1DUr0AeBp87HA+bHykBE z/sQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=q+PiUBxYYk9Bvk0j1oqMXYlrQ039fLqFX6kwENcGvgQ=; b=d0eKE2saNi+2/cM3DtnTQ9crYcDOznI3C7htvkSgmIh33i8T07FujYdAfM6iL7Nwsz 3i5sJSPnzI7mGnxzOGNHU8+932sGROIZCKvQ1+54eGnfsiG/GNThV8+Qs+nYn2+QIe0Q 4TxBVByWEQMnJZ1xOU9gJ1fC05x9AT1JCx2GfO1CqCljadT6LI+H0fextjle9nVChOvV 18kcEo73V7wdtzvspBJ5UGHM2kP0/8mKdeorvRCaXdwQdoTCEzsiXW449VecwWThiUFq 4LhvsDizjE5LlrbPMPy3VsPN4p2jAP/vAsHwnIqOEHMxHplgghUKWJ0jzrd6NuJQph2a B2cQ== X-Gm-Message-State: AOAM533joCwzxoNKE/VWeJUbiGWnHpwmlsGyhfTITj4blMaEj+E9oXVN AsND6JcL8Hm9iir7wfGXsAADLvfanks0WGrKOSCz1TzYPEhTWIJGDOl409vUmgBXQmUGe5twPEs FQkuLZQwna1OYlJd6oRnLfA== X-Google-Smtp-Source: ABdhPJyyW6ieUX1Ah+nBWjFruLtSmLxkzuqAr8cTptkCjmpejuEbj0mpKSAgzoNVWvdy/sKzTzAvPi8c5MmYN2Q4qQM= X-Received: by 2002:a2e:2419:: with SMTP id k25mr3976108ljk.422.1607108545702; Fri, 04 Dec 2020 11:02:25 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: From: Brian Campbell Date: Fri, 4 Dec 2020 12:01:59 -0700 Message-ID: To: toshio9.ito@toshiba.co.jp Cc: oauth Content-Type: multipart/related; boundary="000000000000fe341805b5a81d18" Archived-At: Subject: Re: [OAUTH-WG] DPoP followup III: client auth X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Dec 2020 19:02:31 -0000 --000000000000fe341805b5a81d18 Content-Type: multipart/alternative; boundary="000000000000fe341705b5a81d17" --000000000000fe341705b5a81d17 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Thu, Dec 3, 2020 at 6:26 PM wrote: > Hi Brian, everyone > > > > I'm interested in a client authentication method based on DPoP. It'd be a > good > > option for application-layer client authentication with asymmetric keys. > > > > However, I don't think the DPoP draft should include DPoP as a client > > authentication method. It should be a different document. > Aggee. It'll go in a different document, if it happens at all. > In addition, I'm not > > sure we can (or should) use exactly the same DPoP Proof JWT structure for > client > > authentication. > If not, then RFC7523 private_key_jwt client auth is already defined and available for application-layer client authentication with asymmetric keys. > > > > > Toshio Ito > > > > *From:* OAuth *On Behalf Of *Brian Campbell > *Sent:* Thursday, December 3, 2020 7:29 AM > *To:* oauth > *Subject:* [OAUTH-WG] DPoP followup III: client auth > > > > There were a few items discussed somewhat during the recent interim > > that I committed to bringing back to the list. The slide below (also > available with a few extra spelling errors as slide #19 from the interim > presentation > ) > is the last of them. > > > > To summarize, I'm wondering if there's WG interest in working to formaliz= e > a client-to-AS authentication mechanism based on DPoP. I think it > potentially would be problematic to put into the current document (for a > number of reasons) so am preemptively ruling out that option. Thus, > basically, I'm asking the WG if there is some/much interest in the idea? = In > which case I'll find some time (at some point) to write up an I-D for it > and bring that back to the group for consideration. Or if I should, as th= e > slide says, "shut up and never speak of this again"? > > > > [image: Slide19.jpeg] > > > *CONFIDENTIALITY NOTICE: This email may contain confidential and > privileged material for the sole use of the intended recipient(s). Any > review, use, distribution or disclosure by others is strictly prohibited. > If you have received this communication in error, please notify the sende= r > immediately by e-mail and delete the message and any file attachments fro= m > your computer. Thank you.* > --=20 _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged= =20 material for the sole use of the intended recipient(s). Any review, use,=20 distribution or disclosure by others is strictly prohibited.=C2=A0 If you h= ave=20 received this communication in error, please notify the sender immediately= =20 by e-mail and delete the message and any file attachments from your=20 computer. Thank you._ --000000000000fe341705b5a81d17 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable


    =
    On Thu, Dec 3, 2020 at 6:26 PM <toshio9.ito@toshiba.co.jp>= ; wrote:

    Hi Brian, everyone

    =C2=A0

    I'm interested in a client authentication method based on DP= oP. It'd be a good

    option for application-layer client authentication with asymmetr= ic keys.

    =C2=A0

    However, I don't think the DPoP draft should include DPoP as= a client

    authentication method. It should be a different document.


    Aggee. It'll go in a = different document, if it happens at all.
    =C2=A0

    In addition, I'm not

    sure we can (or should) use exactly the same DPoP Proof JWT stru= cture for client

    authentication.


    If not, then RFC7523 private_key_jwt client auth is already defined = and available for application-layer client authentication with asymmetric k= eys.
    =C2=A0

    =C2=A0

    =C2=A0

    Toshio Ito

    =C2=A0

    From: OAut= h <oauth-bou= nces@ietf.org> On Behalf Of Brian Campbell
    Sent: Thursday, December 3, 2020 7:29 AM
    To: oauth <oa= uth@ietf.org>
    Subject: [OAUTH-WG] DPoP followup III: client auth

    =C2=A0

    There were a few items discusse= d somewhat during the recent interim that I committed to bringing back to the list. The slide= below (also available with a few extra spelling errors as slide #19 from the interim presentation) is the last of them.

    =C2=A0

    To summarize, I'm wondering= if there's WG interest in working to formalize a client-to-AS authenti= cation mechanism based on DPoP. I think it potentially would be problematic= to put into the current document (for a number of reasons) so am preemptively ruling out that option. Thus, basically, I&= #39;m asking the WG if there is some/much interest in the idea? In which ca= se I'll find some time (at some point) to write up an I-D for it and br= ing that back to the group for consideration. Or if I should, as the slide says, "shut up and never speak of this a= gain"?

    =C2=A0


    CONFIDENTIALITY NOTICE: This email may contain confidential and= privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is str= ictly prohibited.=C2=A0 If you have received this communication in error, p= lease notify the sender immediately by e-mail and delete the message and an= y file attachments from your computer. Thank you.


    <= span style=3D"margin:0px;padding:0px;border:0px;outline:0px;vertical-align:= baseline;background:transparent;font-family:proxima-nova-zendesk,system-ui,= -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ub= untu,Cantarell,"Helvetica Neue",Arial,sans-serif;font-weight:600"= >CONFIDENTIALITY NOTICE: This email may contain confidenti= al and privileged material for the sole use of the intended recipient(s). A= ny review, use, distribution or disclosure by others is strictly prohibited= .=C2=A0 If you have received this communication in error, please notify the= sender immediately by e-mail and delete the message and any file attachmen= ts from your computer. Thank you. --000000000000fe341705b5a81d17-- --000000000000fe341805b5a81d18 Content-Type: image/jpeg; name="image001.jpg" Content-Disposition: inline; filename="image001.jpg" Content-Transfer-Encoding: base64 Content-ID: <1762f1f12d44ce8e91> X-Attachment-Id: 1762f1f12d44ce8e91 /9j/4AAQSkZJRgABAQAAZABkAAD/4QCARXhpZgAATU0AKgAAAAgABAEaAAUAAAABAAAAPgEbAAUA AAABAAAARgEoAAMAAAABAAIAAIdpAAQAAAABAAAATgAAAAAAAABkAAAAAQAAAGQAAAABAAOgAQAD AAAAAQABAACgAgAEAAAAAQAAA+igAwAEAAAAAQAAAjMAAAAA/+0AOFBob3Rvc2hvcCAzLjAAOEJJ TQQEAAAAAAAAOEJJTQQlAAAAAAAQ1B2M2Y8AsgTpgAmY7PhCfv/AABEIAjMD6AMBIgACEQEDEQH/ xAAfAAABBQEBAQEBAQAAAAAAAAAAAQIDBAUGBwgJCgv/xAC1EAACAQMDAgQDBQUEBAAAAX0BAgMA BBEFEiExQQYTUWEHInEUMoGRoQgjQrHBFVLR8CQzYnKCCQoWFxgZGiUmJygpKjQ1Njc4OTpDREVG R0hJSlNUVVZXWFlaY2RlZmdoaWpzdHV2d3h5eoOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0 tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4eLj5OXm5+jp6vHy8/T19vf4+fr/xAAfAQADAQEBAQEB AQEBAAAAAAAAAQIDBAUGBwgJCgv/xAC1EQACAQIEBAMEBwUEBAABAncAAQIDEQQFITEGEkFRB2Fx EyIygQgUQpGhscEJIzNS8BVictEKFiQ04SXxFxgZGiYnKCkqNTY3ODk6Q0RFRkdISUpTVFVWV1hZ WmNkZWZnaGlqc3R1dnd4eXqCg4SFhoeIiYqSk5SVlpeYmZqio6Slpqeoqaqys7S1tre4ubrCw8TF xsfIycrS09TV1tfY2dri4+Tl5ufo6ery8/T19vf4+fr/2wBDAAICAgICAgMCAgMFAwMDBQYFBQUF BggGBgYGBggKCAgICAgICgoKCgoKCgoMDAwMDAwODg4ODg8PDw8PDw8PDw//2wBDAQICAgQEBAcE BAcQCwkLEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBD/ 3QAEAD//2gAMAwEAAhEDEQA/AP38ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACvB/2Wbu6v /wBmP4Q319M9zc3Pg/QJJZZGLvI76fAWZmOSWJOSTyTXvFeAfsnf8ms/Bv8A7Ezw9/6boKAPf6KK KACiiigAooooAKKKKACiq91dW9jbSXd3IsUMKlndjgKB1JNRadqVhq9lFqOmTpc2043JIhyrD6ig C7RRWU+uaRHqyaE93Gt/IhkWEsN5UdSBQBq0UVS1DUbHSbKXUNSnS3toF3PI5wqgepNAF2iq9pd2 1/bR3lnIs0MyhkdTkEHoQasUAFFFFABRRRQAUUUUAFFFFAH/0P38ooooAKKKKACiiigAooooAKKK KACiiigAooooAKK/DDxr/wAFc/Gvhbxjr3hmD4d6fPFpF/dWayNfShnW3laMMQI8AkLk1hWv/BZP xekytffDGxliyMrHqUsbEd8MYHA/KvrI8EZk1zKn+K/zPSWU17Xt+KP3sor4r/ZY/bk+Ff7UbTaF pUM3hzxZaRGaXSbx1cyRrjdJbTLgTKuRuyqOOpTbzX2pXzuMwVXD1HSrRtJHDVpShLlkrMKKKK5T MKKKKACiiigAooooAKKK+W/2jv2v/g3+zLYKnjjUGvNfuYfOtNGsgJLyZSSquwJCxRlgRvkIBwdo YgiujDYWpWmqdKLcn0RdOnKb5Yq7PqSiuBtvG/274XRfEi3tNn2jRl1ZLdnzjfb+eIy4HbOCce+K /O79j/8A4KG+J/2mfi9/wrTV/B1nocH9n3N79ogupJn3QFAF2sijB3dc114fKK9WnUqwjpDfVaGs MNOUZSS0W5+p9FFFeYc4UUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUV8U/ts/tWax+yj4P8O+JdG8 PweIJdcv3tGjuJ2gWNUiMm4FFYkkjFeg/smfHfUf2j/gxp/xS1XSYtFuL25urc20MjSoot5CgIZg p5xnpXoyyqusMsW17jdr36+nyN3h5qn7XofStFFfG37av7UWr/sqfD/RPGWjaDBr82ramLBoriZo VRTBJLvBRWJOUAx71z4PB1MRVjRpK8nsRSpSnJRjuz7Jor5e/ZC/aB1P9pf4Px/E3VtHh0O4e+ub T7PBK0yYg24bcwU5O7pivqGlisNOjUlSqLVOzFUpuEnGW6CiiiucgKKKKACiiigAooooAKKKKACi vy4/bH/4KDeJv2YPizb/AA30fwfaa7BNplvfm4nupIXDTySoU2qjDAEY5z3r9I/BuuyeKPCGh+Jp ohBJq9jbXbRqchDcRLIVBPUDdjNejisqr0aUK9RWjPbU3qYacIqclozpKKKK84wCiiigAooooAKK KKACiiigAooooAKKKKACiiigAor8uP2m/wDgp78P/gv4mvvh/wDDvRj418QaY7wXk5n+z6fazocN HvCu8zoRh1UKoPG/cCB8Y2n/AAWI+MqXokvvA+gTWm4Zjja6jkK9wJDK4B99n4V9RhODswrU1UjT sntdpHoUsrrSXMkf0K0V8Pfsqft3/C39p+VvDdvbyeF/GMUZlbSrqRZROijLtazgKJQg5YFEcDJ2 lQWr7hrwcbgauHqOlWjaSOOrRlCXLNWYUV+e/wC23+3Ef2UdR8M+HdC0K38R6zrkU91PDPO0At7W Ngkb/KrEmV94H+43tWj+xJ+2qv7WEXifTtZ0WDw7rnh4wSrbwztMs9pPlfMBdVOUdcN2G5fWu55D ivqv1zl9zvp3ttvubfU6ns/a20PveiiivHOUKKKKACivjnxT+2/8GNG+NPh/4CeHbl/E3ijWNTj0 y6+xEfZdPkZtriaY8NIhGDHHuIIIcoRiut/a2+Peo/s2/Bq8+KGlaRFrdxbXdrbC2mlaFCLh9pYs oY8fSvQjlWIc6dNws57X0ubrDTvGNt9j6Zor4t/Yn/ao1j9q3wV4g8VazoEHh+XRdQWyWO3maZZF aJZNxLqpBy2MV9pVjjcHUw9WVGqrSW5FWlKEnGW6CiiiuUzCiiigAooooAKKKKACvAP2Tv8Ak1n4 N/8AYmeHv/TdBXv9eAfsnf8AJrPwb/7Ezw9/6boKAPf6KKKACiiigAor598Q/tNfBqyXUNM8L+MN G8S+IbFnifTNP1G3urmKWMlWE8ULs8YRhhtwBB46180+Gfjd4u0bxhP4l1GZr2C/YC5tycIUHQIO ilB90j8eM0WA/RikYhVLHoOawNF8UaH4g0KPxJpt0rWDoXZ2IXy9oywf+6V75/lXxT8X/jZfeJ7/ APsfwrO9tpdpIG81CUeeRDkN6hQRlR+J7YAIPjN8Y7jxhdSeH9BdodGhbDNyrXDDuR1C+g/Osb4R fFu98A340/UC1xotw37yPqYif40/qO/1rwe5u5obiS6vJC8UzF2duqsTkk+38q4e/wBZuPFl0+ge FbgC0j4vL+JgyoD/AMsoWGQZCOpH3R70AfrH8Rfi9onhDwzb6rpci39zqiFrIKcowwMux9FyMjrn ivgG58Va/da+fE815J/aRk8wSg4II6Y9APT0rnfOv4NBtPD1pO4srA7oImJZQSoU9eeQOfz61FZN Lqkxs7IpHNGpkneU4jtYl+9LKeyDsOrngc5I5cdjqWGoyr15csY6tv8Ar/hzSlSlOShBXbPvfwL+ 0P4d1XSY4fExkt9TtgPtJijZ41iwf9IcrnamRg98ngEBiPnr4t/F+7+IF4bHS2MOhwHMSg8zHtI+ P0HavG11Ge3EcPhy5msbWB/NSbhZ7qbG3zpxjBUjhYiCgT5SMHAjmWGaC41WwiW3+zjzL6zTO2AE 4NzBnJMBP3l5MRODkEM3yeH4mxMKkamPo+zo1HaD6xeyVRbR5unRP3Za2O+eCg01SleS38/Tvb/g o97+D3xnfwPKNG8RzbtCckmRj/x7HqW/3O5HbrX2x4Y8Z6F4tSc6TI4e3blJUMchQ/ckCtzsccqe vYgHIH5YRqLBYNRvoRJeShZbKzlHyov8N1cqe2eYojyT8zdtvVeDviBrng/Vo9Rub+aeIuXaeTMk kDucu2By0Ln/AFkY6feQBshprcUYic3XwdHnw8NJSXxS7umvtKPX+bVRu1qRwMElGpK03sui9e1/ w6n6oUV51oPxL8Pap4an8QX08dmLGNXuVLBgoYZVkI++knVGH3unWvjrxn8dPFGt+KoNY0KZ7Cw0 1ybaH++OhaUdyw4x0A4Hcn7DB4uliKUa9CXNGSumtmjz6lOUJOMlZo/Qqivnzw9+038GrxNP03xV 4w0bwz4gvmSJNN1HUbe1uZZXIVfIjmkV5A7HC7QTnjr1+g66CAooooAKKKKAP//R/fyiiigAoooo AKKKKACiiigAooooAKKKKACiiigD+Tn4UaVpeuft4aTpGtWcOoWF343mjmt7iNZYZUa9fKujgqwP cEYr+kTxZ+yj+zZ410e40TXPhroAhuVKmS10+CzuEz3juLdY5UPurCv5y/gp/wApANB/7HqT/wBL Xr+rav0fjrE1KdWg6cmvd6O3U93N6koyhyvofyN+OtG139jL9rW6sfD948tx4C1iC5tJTw89nIqT xpJjAPm20gSQDg5YdK/p5+NXx9+HvwI+GM3xU8bXTjTMRi1hhAa4vJphuihhRioLsMk5ICqCxIAN fzbf8FDtXtfE37ZXj99HP2gRTWFkNnzFprayt4ZF47iRWXHqK+qv+Csuoa7pc/wh+H93IwstL0WW Zlz8r3WY4HJx1KrGMem446nPsZplqx88Aqz1lFuXdpJP8/zOnEUPbOjzbta/cin4j/4K+fHHUtYl l8DeCdDsNKiJcQ3i3V9cCNepeWKa3XHqRGMetfY/7Jv/AAUx8OfHDxXZ/DT4m6NH4W8S6rJ5Wn3F tIz2F1IRkQnzPnhlY8ICWVz8u4MVDe2/8E8/hv4Q8D/steD9U0CziW/8UWv9oaldBVMtxNK74V3x krEuEVegAPckn8QP+ChfgXw58Jf2sNZh+Hsa6PBdRWWrJDafultLqZdz+UExsy6+YAPuluMDAHFh sJluOr1cBTocjje0r9nbX/g3MqdOhWnKjGFrbM/oh/aR/aM8Dfsy/DyTx740El080otrGxtyvn3d yylgiluFUBSXc5CjsWKqfxum/wCCtX7Rd9cz69ovgHRB4dtG2zBoL2cx7j8oe6WZEVvTMYz6dMc1 /wAFVvGuteJvGHwptNSjkgjfwnBqpibhUudRlYTLjpuHkqD+FbvwU/bU+I3wz+CWifCfQP2fH1rw +lj5U02y6MWpfaVzNPIotWVxPuJPLDBABwBSyjh6lTwUK8qKqTk9bySSWu1ww2CjGkpuPM352P1F /Y9/bQ8H/tW6Le2kVi2g+LdEjSS/05n8yNo3O0T28nBePdgMCoZCQDkFWb5K/aP/AOCoGteDPibq Hwn+AnhO38SajpF29jPeXonmSe7jOySG2trdo5G2OCu8v8xB2rjDH4a/4J+6D8R/Bf7X/hTV7jwr q+i6NqbahaXIktLlIUgntZWjR5HQAqsqxnLd1B61S/aJ/Z4/aN/ZY+Pmr/FjwFY6gdMTUrrU9K1/ ToWuY4IrpnPl3B2uEdUcxuJRtfkjKmtaXDmAp5hOm7NON4xb0vdq1/K3no+tio4GjGu4+V0j6Bsv +CrH7SHgTxDBYfGX4badFbn5pLYW17pN6UPdGuZJl47Zj59e9ft18K/iZ4V+Mfw+0T4l+C5mn0fX YPOh3gLIhDFJI5FBIDxurIwBI3A4JHNfziwf8FDvEHjiXRrb9pX4d+HfirY6LI0kElzb/ZLuMyAL IQyboCGCjKmDBIGegx+/v7M3xG+EvxS+EGk+LPgtpcGheHJWli/s6G2itPsdwjfvYnhh/dqwJ3ZX IYENnmvH4tymNGlCaw/I72bTvF/r+C+Zy5lhlCKfJZ+Wx77X8hv7XPx48QftCfGO88XeItOtdMn0 mI6RHHa7yjQ2k8xV28xmO87znGB0wK/ryr+bD/graAP2n9NwMf8AFNWP/pTdUeHlWCxkoON21o+1 t/vDJJL2rVtT7e/Yu/ay8YftA/C3x/4D8R6NY6ba+BPC8MFtNaeb5kw+zyw5l8xmGcRA/LjkmvyH /ZC/aB0v9mj4pXnxM1HSptakTSLyztbWJljElzOYzH5jt9yP5TuYKx9FNf01+H1Vf2XNO2gD/ijY f/TcK/nt/wCCZvgvQPGf7V2h/wDCQ2kd7Fodnd6nDHKNyC5gVVhcg8Exs4dfRgD1Fe1k2Kw86OOq OnaGl4p9k76+Z14WpBxrS5bLsfQqf8FcPj5oniZD4u8AaNHpMmyT7GI7y1u/JJzlZ5JXUlh0bycd OOuf28+FPxb8I/F/4XaN8W/Dcxh0TWLVrnNwVRrfyyyzJKQSoaJ0ZXOcZUnOOa/Lj/gsbo+nSfD3 4e+IGt0+3wapc2qzbR5nkywb2Td127owcetcV8LPEepeH/8AgkT4vv7Bn83dfWQ2EgiK91CO3l6d tkzZ9s15eOyzC4vBUMTh6fs5Smo6O+7aOerh6dSlCpCPK27E/wAYv+CtHiOTxhP4W/Z08J2urWcb mGG+1OOeaW7cEgvDa27xsqHHybmLEclV+7XU/s+/8FV7jxJ45tPAP7QXhm28NyX8yWiajYCWOG3u XbYBdQXDu6IScFw52fxLjLL+bH7GHxx8S/ALxXr3jHwh8NX+IGqz2sVqkqCYtYRuzM+DDFLgzbQM nBwhA4Jq7+1P4v8Aif8AtN/EC1+Iknwf1DwrqCWaWlz9mtLqb7UY2YpLITAnzqrBM4J2gDOAAPpZ 8MYPneFdBKFvj5le/pv+nlY7ngKV/Z8mne+p/VrXy7+2D8afHX7PvwVvPip4E0ez1qbSru1S8ivf M8tLS4YxGQeUytuErRjrjBJrvf2ddW1jW/gJ8O9T8RRzxatLoGmi8W5Vlm+0pbokpkD4YMXBJzzX R/FnwBY/FT4Y+KfhxqOBD4j065st7DIjeaMrHJ9Y3w49xX5Lh1CjiUqyvFS181fU+bhaNRc2qTPm b9hz9q7Uf2q/AWu674j0600jXNB1AW01tZlzEbeWJXhl/eMzAswkUjOPkr4T8S/8FZvFmi/GXUfC dr4Z0mbwdYa5JY/bi0/2l9PiufKacYk2b2jBcfLgHHBr4u/Yy+PV7+zH4m+K2k645sLm98OalDDC 52ka3poZrVG9wxlT6nivkmH4b+I7n4W3vxfCZ0S01i30VnwSTcz28tx17BVjGfdh+P6theEcJHFV nVj+7fLy/Pe3z2Po6eWU1UnzLTSx/UZ+2p+07c/su/Cez8baFZWuraxquow2NnbXLP5TBkeWWQ+W VYhUTGQfvMtcR+zb+2Fq3j/9nfxJ+0X8c7LT/Cfh/R7qaKBrMSnzoYFQMwEjsXd5n8qNV5LjHcV+ Kn7Xn7RMnx08F/BHw1ZTm8k8P+Govt4Q5ZtVlf7LMGUclttqjr7Scda+wf2+PCOpfAz9i34LfBKz zBBFcK+phOFkvY7dppc46q088jgeoB5wDXiQ4ZowoUMNVVqtSbu+qir3t8kvvORYCKhCnJe9J/gj F8ff8FfPijqevS2vwh8E6ZZaWGYQnVRPe3kqKchytvLCkZIGSg8zH949a9o/Z0/4Kwad418VWfg7 46aDbeHDqckcFvquns/2OOaRtoFzFMzPHGSR+8DsF/iAXLD0L/gk58OfCOj/AACufiRbWcUniLxB qV1BcXZUGZLe2KpHbq2MqmQZCO5bJzhcfDX/AAVo+HPhHwd8bPD/AIp8NWkVhd+K9Nkn1CKFQiyX EExT7QygAb5FYBj/ABFMnkknqpYXK6+LnlkaHK1dKV9brc0jTw86rw6hbzP2H/bN/aC8Q/s0/Bv/ AIWT4Y0y11a9Oo21kIbwuItk4clv3bK2Rs45r8qtX/4LCfFCXwpbQ6J4N0i38SNPKbiabz5LNLcB PKEcQmWRpCd+5mcKPlwp5Nek/tQ+IdV8Vf8ABLf4Za3rZka9lbRI5HlJZ5PIimhWRieSZFQNk8nO TVr/AIJDfC/whqngvxz8RdZ0q21DU31GLS4ZbiJJTDDFAJZFj3g7fMMw346hQD0rkwGX4LDZfPEY mlzyhNrtfW33dTOjRpU6DnUjdp2PC/2yfjL48+Pv7HHwr+KPxC0e00a+1TxDqCwpZeYIZreCJohM ElZ2Tc6uNpduAGB5wP0U/wCCX80Vv+x9o1xcOsUUWoaozuxCqqrOxJJPAAHU188/8FdNH0jw/wDB j4caLoNjBpun2msTJDbW0SwwxILdvlSNAFUewFUvgHq99on/AASd8Z3+nBvPNpr0OUOGCXExhds/ 7KOT+FaYqMcRlFONNcqlV0Xa7Y6iU8NFRVk5f5nL/Gn/AIK2+JIvGNz4c/Z+8L2N/plvL9niv9VS aaS8cNt3w28EkW1GP3NzMzDkqpO0fJn7V/7bPiH9pH4V6T8O/iF4S/4RrxXoOspfO1uHS2kg+zSx kGKcmWKQM4IBLgrk5BGD69/wSG8GeHNd+MvivxVq9rHdah4d0qM2BkAbyZLqXZJKgPRwi7A3YMR3 r3r/AILFeDPDv/CK+AfiAlvHFrgvp9NeZQBJNbPEZQrkcsI3T5c/d3tjqa9OhDAYXM6eBp0feX2r 63tf56f8MdEFRp4iNGMNe59Cf8Ep/wDk1C3/AOw1qP8A7Tr9Ja/Nr/glP/yahb/9hrUf/adfpLX5 1xJ/v9f/ABM8PH/xp+p+Sf7Y3/BQv4ifs3fGmb4ZeGfDOlapYxWNrdefeGfzS04YsP3bquBjjivn /wCJf/BW34pXWs3t78GfBNhD4TsZhELzV4bm5ml5+Uv5EsMcJcdEJc/7VfPn/BVT/k7K8/7A+nf+ gvX7q6T8LfBuhfslj4YWWlwJog8KvC9vsBV3ktC8kjZzl3kJkLHncd3WvsKtHL8JhMLWqUOaU1rq /K79ex6koUadOnKULtnhv7Ef7ddp+1PNqng/xNo8WgeMNIt/thjtnL2t3a7wjSRByXRo2ZQ6MW+8 CGPIXh/2wv8AgpBo/wCz/wCKp/hj8OdGi8S+K7DYb+W6dlsbMugdYsRkPLLggsAVCZxktkL+bn/B KWR0/atiVTgPoeohvcZiP8wK+VPBHxC1OH9oyH4o33hZvG+pf2zdaq2kS73a6uC0kwDhFkY+W/7w jac7eeM16K4Swv8AaFX3bwjFNRv1d+vbT+kbLLaftpaaJXsfpD4Q/wCCtfxh8Pa/ZQ/Gn4f2B0m6 ZZHOnxXNjdi3c/6yJbmWVJMdQDtDYxuH3q/bvwR8RPCPxD8B6X8SvDF+k/h/V7QXsNw/7sLFglvM 3fcaMghwfukEHpX89P7Vn7Snxb/ap8D2HhLXPgZe6LeaXeLd22oxQ3k80Q2skkQDW6fJICCwzjKq cZAx6x8Gtd8e+Cf+CYHxk0fXdP1DTLvTb97W2juYpbdlstVazhkCCQKdm6WZmxxyfU15+ccO0qlG nUhTVObkotJpqzdrmOKwMZRjJLld7Wvfc7D4xf8ABWjxHJ4wn8Lfs6eE7XVrONzDDfanHPNLduCQ Xhtbd42VDj5NzFiOSq/drqf2ff8AgqvceJPHNp4B/aC8M23huS/mS0TUbASxw29y7bALqC4d3RCT guHOz+JcZZfzY/Yw+OPiX4BeK9e8Y+EPhq/xA1We1itUlQTFrCN2ZnwYYpcGbaBk4OEIHBNXf2p/ F/xP/ab+IFr8RJPg/qHhXUEs0tLn7NaXU32oxsxSWQmBPnVWCZwTtAGcAAe7PhjB87wroJQt8fMr 39N/08rHW8BSv7Pk0731P6a/i/8AFfwj8Efh3rPxN8cTPFpOjRh3WIBpppHYJHFEpKhnkchVBIHO SQASPxEvv+Ctvx58Q+KJE+Hvw/0l9KiZ5BaSRXl7eGBT1eWGWNQQOpEWAfauk/b98WeJtU/Yi+Al vrsVzFd6mthNqP2gMkv2y004xsJVfDbmd3b5ueM19Rf8En/BnhzR/wBm2XxhY2sf9seINVuxd3OB 5pjtiI4ot3XYoBYL6sT3r5bB5dhcHgJYzEU/aScnFK9lo7fo/wADz6VCnSourOPM72PxW/a7/aJt P2nPiRpfxHh0iTQ7qLRrWwvLZ3EiLcwSzM5icYLRkOCNyqwOQQcbj/VP8JP+SVeDP+wLp3/pNHX8 2f8AwU18GeHfBv7Vus/8I5bx2ket2NnqVxFEAqLczKySttHAMhQSN6sxPU1/SZ8JP+SVeDP+wLp3 /pNHW/GEqcsBhJUVaLTsu2i0LzRxdGm4qyOw1fVtN0DSb3XdZuFtLDToJLm4mc4SKGFS7ux9FUEm vwq+IX/BW34ma14tuNE+Avgexm04SPHayalFc3l7dKp4kEFtJCI9w52fvCO59P258ezeDLfwTrs/ xF+y/wDCLx2U7an9tUNbG0CEyiVWBBXbnIwc9K/B/SP22/g38NPH+rx/sYfAZJdZ1dTai+ke4aS5 ijfcBFp8IdkRiA2FdCcLvUEADyeFMFTqqpKVB1GtrtKK9W3/AJnNl1JS5m4cz/A6v4Yf8Fb/AIgW XjG20H48+DtPt9LadYLqfTI7i1urME4aR4LiSbzNvVkBQ46c8H9345I5Y1liYOjgMrA5BB5BB9K/ kE/ar8YfGXx98WZvF/x18NDwp4n1Kzt3+xCzksT9mXckLGKZmlzhSuXJbCgdAK/rQ8AM7+A/Dbyn LtptmWPqTCma6+MspoUIUa1GCi5Xuk7rpsaZphoQUJRVrnXV+HEf/BWvxV4e+KWr+HfHHg6wPhvS bnUrctYGb7bI1ssq2ygySGMeZKqK7FTtUsQOAK/cev5O/gr4N0P4gftz6X4S8S2qX2l3viy8a4t5 BmOVIJpZijjurbMMOhGQax4Qy/DVoYiWJhdRjf8AO9icsoU5qbqK9kfVupf8FcP2h7TV4dTPgXQr PQrzL20E8N6ZZIs9VufPRXI6bliC/wCzX7Ifsw/tE+Gv2nPhZbfEfw/avpsyTPZ39jI4ka1u4grM m8AblKuro2ASrDIByB8uf8FVNA0q/wD2U59SntY2udG1awktZNo3ReYxhcIeoDK2CBwcD0FfLn/B NzxDqHhj9kT47+IdNL/adGW+vYAhwwlh0wuu3HfKDFdmMwWExeW/WsPS9nJSUd79v8zWrSpVKHtI Rs72PRf2m/8AgqWPh745vvhx8DPD9r4ivdJnktLvUb8yNatdI2xo7eGB0eUK2QXLqGPCgjDHzf4Y f8FavGml+LLbw9+0T4Kt9PsXIS4udMiuLe5tt2Nsj2tw8hdccsFZTjlQSAp/NL9lT4mat8JPi9bf EPRPAx+IOqaZbTtb2YErGCWTan2oeVHKcoGKgleC4OQQK98/a4+MXxV/avm8PahqPwWv/DWqaCJ4 /tcFvdzy3EE20iJ90CfKjKWXOcFmxjJz9O+GMJTnHDOgnG2s+ZJ39P6Xkd/9n0otU3DTvfU/Uv8A bX/bd+In7NWqeDb7wFoOk+IfC3jHTnura+uWnJeWNgWCGJ1UoYpYmU9TuPavpGL9pTTpf2Rv+GnB BFkeHW1Q224+V9vWMobbdnO37UPKz1/Gvy98efDfxH8Rf+CV3hbU/EGn3Vv4k+GV1NcCO7ieO4Fl FdzW7JtkAYRrbSxv6YiGOmK+QLT9o7y/2Ab/APZ/N1nUj4piVYs4I0iRTfHA9ryPnt835+FR4aoV 6MI04+9CpyyfdX3+6xyRwEJwSitVKz9D9Lf2QP8AgpB4y/aB+Nun/Crxx4d0vR4NXtbprWayM/mG 5t4/OCHzXZdpjSTtnIFdn+2/+374l/Zj+I2kfDzwRoena3cXGnLf3rXpl/dGaR0iRfKdcHbGWOc8 Fa/E/wABWviT9mr4s/B/4o6+DBBqK6f4jjwCM6bLdSQyKT3LwxsT7OPx901eMftjf8FEJbONvt2i at4hEOVO6NtG0gYZlPQCS3tyR23P3J59Wvwxg44v2/IvYqDb7XT/AMvyOmeX0lV57e6l+J/SJ8K9 e8UeKfhr4Y8T+NbKHTdd1fTra8u7W33COCW4jEhiG8s2U3bTknkGvFf21fivq3wY/Zo8Z+NvDs7W 2siCKysZU+/FPeyrAJVJ6NGrs6+6ivqcAAAAYAr8/P8Agp5o97qn7IXiS4s1Lrpt7ptzKF/55/aU iJx6AyAn061+a5RCFXHUoyXuuS0+ex4GGSlWins2fkJ/wTp/Zk8OftH/ABW1fVviHEb/AMM+EIIr m7ti7Kbu6unYW8cjKQ3lny5HfDAnaF6Ma/oS1/8AZs/Z/wDEvhqTwhqvw80I6VJG0Yih0+CAxBhg mF4kV4m9GRlYdjX5Ef8ABG7xbpFn4h+Jfgi5mSPUtUt9NvraMnDyRWbTxzY9dhnj468k/T95K+i4 3zDELMJQUmlG1rO3RO/3ndm1aftmr6LY/kg+O3gXXP2Ov2pr7SvBd+6SeFb+31PR7kkl/s8gWeBZ CMbiFPlS9A+G4wcV/V14O8TWnjLwfofjGxGy11ywtr+IHtHcxLKufwav5kf+CmXi3SfFf7WviOPS Jo7iPQ7Wy02V4+R58Me6VSe7I7lG9CpHav13+PXxLvP2cf8AgnxolvJK1r4jufDOkeG7ME4kW8ns khlYHqGiiSWQH+8or1uJcNPF4fBOX8Sdl96X/DnTj6bqQpX+Jn45fGTXNU/bU/bal0rw9cF7HX9X h0XTZV+dYdMtW8s3Cj+75ayXDD/aNM/Zi8Z6v+yL+2Ra6T4rl+zW9jqdx4b1on5YzbTS+SZT/wBM 0kWOcHuFGOtcX+xx8e/BX7N3xYk+J/i/w/c+IZbewntrGO2kjjME9wVV5SXB/wCWW9Bj++ayP2tv jR4M/aB+Mt78VPBmhXHh9NWtbZb2C5kSRnu4FMRlUxgABoljB77gxPWvtfqk3N4Fw/cclr6b/nt+ J6vs3f2NvctY/r3r8e/Hv/BRz4leE/2qbj4CWXhfSJtJh8RWujC6kNx9oMU80cbPxIE3AOSPlxX2 X+w58aP+F4/s3eFvEt7P5+s6TH/ZGpknLG7sgqb2P96WIxyn3evwh+NBC/8ABR2/ZuAPHWnk/wDg VDX5pw1ktOWJxFDExu4J/enueDgMJF1JwqK9kf0Z/tB/ErUvg98FvF3xN0e0hvr3w7YtdRQTlhFI 4YAB9hDY57EV+a3wg/4KR/Ez4ifCz4t+PdT8LaRbXXw902yvbSKE3HlzvdTmFll3SE4AGRtIOa+3 /wBuR1j/AGSvicznAOksPxaRAP1NfmD/AMEbAD4t+J4PI+w6Z/6NnqMmwOHeV1sVVp80oyX3Xjdf MWFpQ+ryqSV2n/kfmDoHxq13w/8AHiP4/W9hbS6vHrkuu/ZX3/ZjNNM0xj4bfsBYgfNnHev16/aS +OGvftEf8E1x8U/Emn22l3+oa5DC0Fpv8kC2vHiUr5hZuQvPPWvhb4aKD/wUkt1I4/4WHe8f9v8A LX7A/wDBUsAfsj6qAMD+1NN/9G19fnmJpPG4OCp+83Fp32V9rfqeni6kfa0ly66a/ofkt+yR+2rq f7M/ww17wR4J8KN4m8W+ItXW6gEu77LHCsCp9yI+bJIWX7g2gDndnivqn4Nf8FbfGM/jiy8O/Hjw vptppF3cC3mvdMSe2lsi7bRJLFcSyh0Q/fAZWC5I3EbW6z/gjr4L0D/hGfH3xCktI5NaN5b6ZHcM MvFbLGJnRD/CHdlLY67Vz0FfGP8AwVK0fTtJ/az1Oewt0gbUtL0+6n2KF8yYo0ZdsdWKoMnvilUo YDF5lWwdSj71ruV9b2Wy6bhKFGrXlSlHXuf08qysoZTkHkEdCKWuT8BSvP4F8OTSnc8mm2bMT3Jh Umusr8dnGzaPl2rOwUUUVIgooooAKKKKACvAP2Tv+TWfg3/2Jnh7/wBN0Fe/14B+yd/yaz8G/wDs TPD3/pugoA9/ooooAKKKKAPw2tv+Cf3xB+EHxu8b/FqG8h8RaDr095d82NrLJCLudpzmK4FwCEzg sqg4GeBxW7qsWj6JYS6lqRsoYIRyTpGlZJPAUAWeSSeAByTX7VkAjB5Br55v/wBmj4dan8Q7Px5f wtNFYlpotObH2Rbk/wDLXZ3x2B4B6ccV4eP4Zy/FVPa4ihGUu7V2dVLHVqa5YSaR8T+APgZ8XNa0 F/Heq6DpS6LcKXg0xbC1s9YEBHE8U9tDGElH3gh6j5ec88/d2smnSpFNKJ4JgxguNuwSqvDBlP3J E6SIfunp8pBr9fgAAABgCvmL4z/By41SC88S+CtLt9TvZv3lzpVwxjgu5lHyTKw5jkB4cj76bgeT z4tfIp5dL6zlFPT7VO9lJd430jNd9pLR9GumGKVZcmIfpLt691+R8PRR26W8WqanD58M+TZ2bHH2 sqf9ZJ3W3Q9T1c/KOvMpQao013Z20VtqYDS3VpbIY4blR964tkJYqw/5aR5J/iBPd+oab4lsLxn8 Y2slrrFwiPOsi7cYGAsYHAjXoirwB6nJPMa9rNvodtFdMZDd+YotEt/+Ph7j+ARdfmz+GOvBIOP+ rWMqf7fOrbFdLN8kV/z7t1i/tStzN+8rWSVfXaa/dKP7v8X5379lt0Nq2WXUpUttOKPI6GQuxxFF Ev3pZW/hRe56k4UAkgVn6yl1dwW9l4au2g0+CdZ7gyxru1R1GA02clI1/wCWKKfl6nJJJ7KTwb8Z m0b+0vFvg2LQdNliiuL5rR9xubvLfPKnVY1XB2D5Vcucc5PP9eldeBy7E42rHF5lDlUH7tO90mvt ya0b/lW0Vr8T0zq1oUounRd77v8ARdvPv6bwQXCzoWHDLwynqD6GuOTX9b1XxHbnwXdnT00ebfNq SqHO8cGCINlWyOJCQRj5evT0z4Z+BJ/jd4k1Pw/pDT2ulWUDx3mpxcIJmGFhRv4m/vEdBnBzVW98 KS+CLqTwtNafYTp58sRgYGB0YeobrnvX1eJw1OtTlSqxUotWaeqafRnBCbi1KLs0czpzatbSTf8A CRXv9o3l1K8jXbKEaUseA4HAIHAxxgcelGs6z/ZggtbWB77Ur5xFaWkQzLPKeigenqegpuvarDYx wWSW7319fuIbW0hG6WeVjgBQOmO57V+gPwU/Z40PwPeQ+PfECNeeKLq2iXExDrZZGWjiHQHPVupP 4U6NGFOCp01aKVklskuiCUm3d7nzdpn7K3xubwrZ3Gsa7pt42ZLg6RPp9pOLUS/MYbea4hk288kH jOema8ZvfDyabNPb6hBaW0tsWWVZNH0pShXqGzZ8Yr9lq8L+KvwB8G/Fie3uNYaWzYOn2r7Odn2q FDny5Pyxkc44ORivn63B2VVJupPDQbbu/dWre7OuOZV0rKb+8/ETXf2OPiR+098Q9I+Jnw8MWn6N 4elgRLo2ltZpPJDKJC0Qt0hDAEfeKk/hX9DHh+zvdP0OwsdRl8+6t4I0lkxjc6qAT+JqTRtG0vw9 pdtoui2yWdjZoI4ooxtVVXoAK0693CYSlQpqjRioxWyWyOWpUlNuUndhRRRXQQFFFFAH/9L9/KKK KACiiigAooooAKKKKACiiigAooooAKKKKAP459Y8d638Lv2lNY+IfhxIX1Tw74mvb23W4UvCZYbt 2UOqspK+oDA+9fXGsf8ABUr9rfxbYTaHoiaRpl1dLsWfTdOke5Xdx+7E0s67vQ7CfTnmv6YKK/Qa /GmGrcrrYRScVZXl/wDantTzWnK3NTvbz/4B/O1+w9+xB8UfiR8VbD42/HDSrzTPD2m3Y1UDVEZL zV74P5qExy/OYjJ+8kkcYk+6u7czL+gX/BSD9lXxJ+0L8PtI8UfDy2F74s8GtO0doCFe9s7jb5sa FiAZEKK6AnkblHzMAf0jorxcVxXiamMhi1ZOOy6W7fPqctTMakqqq9tj+YH4Eft7/Hf9lLwrc/B7 UfDtvqNrpkkhtbTWI57e5095GLvHgFGMZcltjAEEnDAHFO+B/wAA/jV+3l8c5fin8SLa4Xwzf3qT 61qxTyIDDEoC2lnu+82xViXZu8tcM56bv6ZtQ0DQtXlin1XTba9lhIMbzQpIyEcjaWBI/CtUAAAA YAr1avGcI89TDYdQqT3le/3K3z9d7nRLNUrypwtJ9T8n/wDgp9+y14p+LXhLQPib8NNMl1TWPCEc trdWFspeabT5CHVoYxy7QuD8ijJVyQDtxXwN8If+Cmfxb+C3wfh+D8nhq01S/wBChez03ULqSSKS 0iXISOe32kSmHO1fmj+UAMDgk/0tVh3Xhnw3f3y6nfaTaXF4nSaSCN5RjjhyCf1rgy/iWnHDRwuL oqpGLutbWMaOPiqap1I8yWx+QP8AwTlvf2yPiT4gm8c/FDxbrR+HNvbyiFNTCyPqdzMu2PyHnjaX yotxkMiMFLqqDcN4Hy18VPi5+3F+yP8AHy31v4keIta8TaFpt5J9lN1NKNF1e0kDKFKxgQiXyzkr t3xOAQMAE/0fgADA4AqGe3guomt7mNZonGGRwGUj3B4NOnxRD6xOrPDxcJK3LZLT1tvrq+vyQ45g udycFZ9D+Wz9p79qiz/a/fQvDfgz4P2fh/xD9sEpurEjUNVvnKMgt1aK2hcxktuKkOSyqRjBz+3X /BPr4F+K/gH+zxaeHfHERtdc1y+n1i5tS25rX7RHFEkLdg4jiUuB0YkdRmvsnTNA0LRN/wDY2nW1 h5hy32eFItxPrsAzWtWebcSRrYaODw9Pkgnfdyf3snE49TpqlCNl63Cv55P+CvfgTxHafGbw18Rv sUraDqOiQ6eLoIxiW7tri4domYDarGORWUE5YbsD5TX9DdV7q0tb63e0vYUuIJRh45FDow9CpyDX nZDnDwOJVdRvurbbmGDxXsZ89rn5A/sXfte+M/j34C8Z/C3xLo9jY2vgvwaqW09qsvmzmCE27NKX dkG4BSFUDnPOOB8Rf8EoR/xlWP8AsBah/wChQ1/SnpukaVo1v9k0eyhsYM58uCNYkz67VAFaFes+ JqUYYinRo8qqpddtN9tb/I6f7QilOMYWUvM/H7/gsT/ySPwGf+o5L/6SvXQ/sN/DTT/jD/wTy1D4 Y6pIYIfEcusWolHPlStLmKXHfZIFbHfGK/WCiuJcQSWBhg4xs4y5ua/r0t59zL661RVJLZ3ufyuf Cj4mfHX/AIJ1fGHWLLxL4XLC+j+y31hd74re+iicmKe1uVUg7STskUOuGYFc9PXLb9q79tf9rP44 Wo+BdxfeGUdIrZLDTpHk02yhDMzXF7JIhiJ5O6RkBICoqk4B/o41HStM1i3Npq1nDewE58ueNZEz 67WBFO0/TNO0m3FppdrFZwL0jhjWNB9FUAV7NbjChUbrTwsXVatdu6+639dzqlmkH7zprm7/APAK nh2w1LS9A03TNZ1F9X1C0toYbi9kRI3upo0CvMyRhUUyMCxVQFGcAYrYoor4WTu7njs/lc/4KO/C 3/hWX7VPiWa1h8rTvFyx67bYHBa7yLj2z9pSU/Qiv0B8Gfs6/a/+CUmp6QbXGsataT+MVwPmMkEg niK+pksoVT/gWB2r9oqK+yxHGVWdChRUbOm4u99+Xbp/mepPNJOEI2+G3zsfyW/sI/Cz/hbf7UXg vRLmHztO0i4/ti9yMr5On/vlDDuryiOM/wC9X9Bn7cn7ON9+0t8D7nwt4dMa+JdGuF1PSvMIRZZ4 kZGgZyQFEqOygk7Q+0twCR9jUVzZvxXVxOKp4qEeVw2V7/otyMTmMqlSNRK1j+Wj4FftVfH/APYX v9b+HGr+Gs2dzOZ5tI1mKa3aG5AEZmgdcHDqoBOGRwAV9Sy10D9oz/gpB8cU8S3dgUswYbWe8iia PTNH09XJ2Izt87Dc7BNxkkYk8DJX+ofU9F0bW41h1mwt7+NDlVuIklAPsHBq/FFFBEsMCLHGgAVV ACgDoAB0FepLjampSr0sOlVatzX/AEt/XmdDzaN3OMLSfU/Kz/gpP4P0f4f/ALEWg+BPDysumeHd Q0ewtg53P5NtBJEhc8ZYhQWPc81n/wDBH0f8WA8XH/qZ5v8A0itK/WeivBefN4CWCcbty5ua/wCl v1OP65+5dJrre5+PH/BYsH/hVXgE/wDUan/9Jmr0b/gn/wCCNM+JX7As3w91p2isfEh1zT5XTG9E uXeMuueNy5yPcV+oNFN5+/qEMFGNnGXNzX9elvPuH1x+xVJLZ3ufyieGta+Pf/BO349XNxeaSsV6 kctpJFdIxsNW093BDxSKRlSyK6sp3Iw2sPvobv7VHx9+Of7WGhaf8VPFHhv+xPAXhy4GnWn2cP8A ZPtt4pd/3smDNKyw87RiNQAQC2W/qg1HS9N1e2Nlq1pDe27EExzxrIhI6ZVgRVmCCC1hS2tY1hij AVEQBVUDoABwBX0C44p+0jiJ4ZOqtOa/T7tPxsdqzePMpun73c/N/wD4JUD/AIxQt/8AsNaj/OOv 0loor4zMsZ9YxE69rczbseXXq883PufzIf8ABVQH/hrG899H07/0F6/oenB/4UrIO/8Awjx/9JK9 Ror08xz36xQoUOS3s+t99vLTbzN6+M54Qhb4T+ZX/glOP+Mr4P8AsCaj/wC06q/tJ/Bz4s/sVftM N8YvA1hL/wAI8mqNqujaj5TTWiidiz2Vyy42kBniKsys8fzKeeP6dKjliinieCdFkjkBVlYAqwPU EHgg17M+NpPFyxHsvdlHlcW73WvW3n2Op5s/aOfLo1Zo/m2+LX/BSL9of4+DQPBnwl0i58Hailws rLoU891fX04QqI12IreVyWMW1skAknbX66fDr4L/ABd+In7I2p/C/wDaX8QS6n4s8YWdyJnkWHdp vmgfZYi0CIJGhZFkctuO8su4qAa+wdM8O+H9Fd5NG0y1sGl5c28KRFvqUAzWxXl5jn1KcIU8JRVN Rd77u/qc9fGRaUacOW33n8rnwo+Jnx1/4J1fGHWLLxL4XLC+j+y31hd74re+iicmKe1uVUg7STsk UOuGYFc9PXLb9q79tf8Aaz+OFqPgXcX3hlHSK2Sw06R5NNsoQzM1xeySIYieTukZASAqKpOAf6ON R0rTNYtzaatZw3sBOfLnjWRM+u1gRTtP0zTtJtxaaXaxWcC9I4Y1jQfRVAFerW4woVG608LF1WrX buvut/Xc6ZZpB+86a5u//APiL9tH9mrxR8eP2Z7fwVp9++t+NfC32XULS4kEUDald20LQzhwoSND cI7sANqiTaOFzX4n/s4/tnfGT9jOPXvhnc+HY7+zku2ml0vVFltp7K9CiOQqQAy7gqh0YEZUFdpL Fv6mqzLzRNG1G6gvtQsLe5ubU5hlliR3jP8AsMwJX8K8/KuJY0cPLC4mkqkG72vazMMNj1GDp1I3 R/H/APtG618YvG/j/wD4Wp8adNl0vVfG9umo2kckZgX7CrNbw+TE5LpEBEQm7lgN+W3bj/Wl8JRj 4VeDAf8AoC6d/wCk0deg0Vnn3EaxtKnSVPlUL7PS3TS2lhYzHe1jGPLax88ftY/DrxD8WP2dPHfg DwmN+sapp5+yx7gvmywSJOIgTwDJ5eznA+bkgc1/Ol+yd+1Frv7FXjfxUuu+B/7XudUhis7u0upG 06+tJbZ2YKHeGVkBLHzIynzEIcjbz/VpWXc6Hot5exand6fbz3kH+rmeJGkT/dcjI/A0ZNxDDD4e pha9LnhLW17fj8kGFxqhCVOcbp/I/ki/ar8Z/GD4tePbf41fFbw7N4dg8X24OjQvG0cX2C1wiiIu A7qC24uQN5YsPlIA/qd+BninTvG3wZ8D+LNJfzLbU9GsZl9VYwKHU+6sCp9wa9UoozviKOMo06Ma XJybWd1bta3prcMXjlVhGKjawV/LV+y4D/w8N0MY5HijVf5XNf1K0Vz5Nnn1SnWp8l/aK29rb+Tv v5GeFxfsoyVr3Vj88P8AgqN/yaJrn/YR0z/0oFfOn/BJDRrDxF8DvidoGqx+bY6nqYtZ0zjdFNZh HGe2VY1+zVFFHPXDL5YFR3le9/Tpby7jjjLUXRt1vc/lfuNG+OP/AATk/aL/AOEjj0prmztZJ7e1 uZ43+waxpsx+75qYAcqFYqDujkUZBAw3qHjz9u79q79p74haBonwKsb/AMK3FsGSHTdDnkuHuJJm UNLdyFERkTAwXRUjBYk8k1/SPd2dpf272l/AlzBJw0cih0b6q2Qaq6XomjaJEYNFsLewjbkrbxJE pPuEAFe7LjGjUarV8MpVUrXvp91v67o63mkZWlOmnLv/AMA8o8E/D/xXqPwItfhx8btX/wCEn1zV dJmstbu9kaCV7xGWZFESIhWNX8tW2gsFDN8xNfyO6l8M/Eum/Fa4+D0kW7XoNZbQ9mCA10Lj7MMD 0Z+nsa/tMorz8g4rngZVXyX59bbJPXy89tDHB5i6Lk7XufiF/wAFWvgrp3hr4QfCvxL4eg22ngzH hskDn7K9uptt2OgQ27Ae7+4rjv8Agj58LPt/ivxp8ZL6HMWk28ej2TEZBmuiJrgr6MkaRj6SGv3u opR4rqLLngHHf7V+jd2rW/UFmMvYOjb5hXK+OPBugfETwdrXgTxTB9p0nXrSazuUHBMcylSVPOGG cq3YgEciuqor5aE3FqUXqjzk7ao/lQ+Lf7PP7Rn7D/xPTxj4ba9isdMnaTS/Emnxlrd4myAs+Ayx uyZWSGUbW+YDenJ9K1//AIKr/tT694ak8OWo0TSbmeMxHUbKylF6N3G5PMnkiVvQiLjqMGv6ZGVW UqwyDwQehFc9beEPCdldjULPRLGC6B3CWO2iWTPruCg5r7z/AFzo1YxeMwynNddv0f8Al5Hsf2pG SXtaabXU/nT/AGLf2GfiR8a/iDYfFT4xabdaf4MtboahO+pK63OtTb/MCKsvztFI/MsrcMpIUliS vT/8Fa/jGfFXxf0b4P6bNmw8E2onulB4N/qCrJgjofLgEe09i7iv6J6K5lxlOWNji61O6imoxTsl frs7/wBdjP8AtRuqqso3tsj8x/2YP2AvgNH8BvB158V/BNtrPivU7JL++nuHnWRWuyZkhKpIoBij ZYyMdVJrM/az/YF+BqfADxbrHwh8GW+i+KdEtjqVtLbvM7yJaHzJ4dryMG3whwoxndt+lfqXRXkL iTGLEe39o972u7b3tbsc316rz8/M9+5/O3/wSU+MzeFfi5rPwc1ObFh41tjcWak8LqFgrPgdh5kH mbj3MaCvLv8Agod8MPH3wi/ao1b4pW9nNDpHiC8ttW0rUlj3Qi5jSMyRlsFRJHMhOw8ldrYwa/p1 qteWVnqNs9nqEEdzbyDDxyqHRh7q2Qa9mHGKjj5YyNKykrSV9/O9vJdDqWaWrOqo7qzR/OR8Vv21 f2iv2wfhLrnw78MeC4NM0bSrB9U8S31m0jq1rp6m4fc8uEgjZkDCPLO5AVWIJB9V/wCCNn/I2/E4 /wDTjpn/AKNnr93NO0vTNHthZaRaQ2VupyI4I1iQE99qgCr9ZYrimk8JUwdCgoRl5+aeumu3yJqZ jF05UoQsn5n8nvxrl8b/ALNX7a/iDxpc6XtvtJ8U3Ou6el0jrBd2s109xCwI2lkdG2kqeGyM5Br9 AP2g/j74g/aT/wCCcGofEvxNp1tpl+/iSC0eG0EghCQTjYQZGZidrDcc4JzgDpX7X6nomja3GkOs 2Fvfxxncq3ESShW9QHBwavQww20SW9vGsUUYCqiAKqgdAAOAK1xHF1Or7CcqPv02tb7pdNtL/OxU 8zUuRuGsbdT8hf8AgjsP+LP+Oj/1HY//AEljr4Z/4Kuf8nWP/wBgPT/5y1/TLRXNheKvZ5jPH+zv zdL+nW3l2Ip5jy13W5d+hx/w9GPAPhoH/oGWf/olK7Ciivk5yu2zzW7u4UUUVIgooooAKKKKACvA P2Tv+TWfg3/2Jnh7/wBN0Fe/14B+yd/yaz8G/wDsTPD3/pugoA9/ooooAKKKKACiviD9q39stf2Y df0LQ28If8JJ/bVrJc+Z9v8AsfleW+zbt+zzbs9c5H0r6N+C3xKHxg+GGgfEgad/ZP8AbkHnfZfO 8/yvmK48zZHu6ddorqqYKrGmq0l7r2EpK9j1KiiiuUZ5r8S/hrpPxE0c21yBDfwAm2uAPmRvQ+qn uK8I+DP7MZ8JeJpvHvxEuIdX1qJilhFGCbezi7FQwGXPc4rxT4+/8FEV+Bvxa134WnwAdaOiG2H2 v+1fs3m/aLeO4/1X2WTbt8zb985xnjOBe/Z5/wCCga/Hr4n2Pw3HgM6H9timk+1HVPtO3yl3Y8v7 LHnP+8K9N5PifZ+15fdtfdbfeR7RXsfo3JFHNG0Mqh0cEMpGQQeoIr4q+Jv7K+peJtcji8G6pHo+ iX0mb0HPnRRk/OkGOPm98Y7V9sUV5hZyHgbwN4b+HXhq08K+FrRbSxs1CgAcs3dmPdj3Jrkvir8K 9O+ImmGSLbb6vbKfInx1/wBh8dVP6dq8X/az/ayH7LkfhaQ+Fv8AhJh4lN6P+P77H5P2Pyf+mE2/ d53+zjHfPHxt/wAPak/6JWf/AAd//cNenh8nxNWCqU43T81/mQ6iWjPt74Ffs3R/D7VLjxx44ni1 fxVOSkToCYbOHskIbue7YzX1fXhv7OvxoHx++Fth8Sxo/wDYQvpriL7L9o+1bfIkMefM8uLOcZxt GPevcq4KtKUJOEt0WmFFFflT8TP+Cm6/Dn4ieJvAJ+G51A+HdRutP+0/2x5XnfZpWj37Psbbd23O 3ccdMnrW+EwNWu2qSvb0/UmUktz9VqK+B/2X/wBuJP2kfHF34LHgs+HTa2jXXnnUfte7aQNuz7PF jr13fhX3xUYnC1KM+SorMaknqgooornGFFFFAH//0/38ooooAKKKKACiiigAooooAKKKKACiiigA ooooAKK/Gz/gqB+0L8aPgt4y8Dab8LfFV14dttSsLua5S3WMiV0lVVJ3ox4BxX1TpPjj4ueI/wBg C08e+Gru+1T4h33hZLq3ntYfPvZr1h96OJEbc57AKfpXvSyCosPRxDkrVHZeXqdjwUlCM76SPuqi vyu/4J4eLf2tvEviXxlH+0nD4iisYLS0On/25p0lihlaR/M8oyQxbjtAyBnAxX6o1w5pl7wtZ0XJ St1WxjiKPs5uDdwooorzzEKKKKACiuM+I3jjS/hn4B8Q/EPW4ZrjT/DdhcahPHbhWmeO2jMjKgYq pYgYGSBnqa/Pn9jH9tnxr+1Z8avF+k3mlW2g+FdI0pbixso/31x5huETzJ5yBuYqT8qqqj0JG4+j hsqrVaNTEQXuw3ZvTw85Rc1sj9OaKK4z4jeONL+GfgHxD8Q9bhmuNP8ADdhcahPHbhWmeO2jMjKg YqpYgYGSBnqa4IQcpKMd2YpNuyOzor8xv2Mf22fGv7Vnxq8X6TeaVbaD4V0jSluLGyj/AH1x5huE TzJ5yBuYqT8qqqj0JG4/pzXbmOXVcLV9jWVpaP7zWvQlTlyy3CiiiuAxCiiigAor8t/+Cmv7UXi7 4G+FfCvg34Yay+jeKPEFzJdzXEIRpIbC2G3bhwwHnSuMHHSNhXzB/wAE8f21/it4z+On/CtfjP4p n16y8T2kkenNciNfJvrceaoBRV4ljEi4PVtgFfTYfhXEVME8dFrlV3brZbs74ZdOVL2y2P3noor8 mf8AgoV+3b4s+A+t2vwh+EBht/E1xapd3+pTRrN9ijlJEUcMbgoZWC7mZ1ZVUrhSWyvlZXldXGVl QorV/cvNnPh8PKrLkgfrNRX8y2mXn/BUXxJoqfEfSrrxvcadNH9ojZJZEEsbDcHjs8qXVhyu2Igj G3IIr6G/Yn/4KM/EzVPiVo3we+PV0ut2fiC4WwstTaFYr23vZnCQxzeWFWSN3OzJTerMCWKggfRY rgqvClKpSqRny7pPVHdUyqai5RknbsfvHRRRXxh5QUUUUAFFFFABRRXy1+1v+07pf7K3w0g8c3uj Ta9d6leLp9lbRyLDGbh4pJQ00hyVjCxnO1WJOBgZJHRhcLUrVI0qSvJ7F06bnJRjuz6lor44/Ya+ OnjX9on4L3PxI8eC2j1CbWL23jitI/KhhgiEZSNQSzHbuPzMxJ7mvy2+NP7V/wC0R4d/bf1D4b6J 43vbTwzD4osLJLFFi8oW8kkIePlC2CGOec817WC4ar1sRVwyaUoJt/I66WAnKcoX1R/QhRRRXzpw hRRRQAUUUUAFFFcZ8RvHGl/DPwD4h+IetwzXGn+G7C41CeO3CtM8dtGZGVAxVSxAwMkDPU1UIOUl GO7Gk27I7OivzG/Yx/bZ8a/tWfGrxfpN5pVtoPhXSNKW4sbKP99ceYbhE8yecgbmKk/Kqqo9CRuO J/wUO8Xftc+G/FXg6H9m2DxFLp81lctfnQ9NkvkEwkUJ5rRwy7TtzgEjjNe5Hh6ssWsHVajK19Xo tLnYsDP2nspOzP1UorxX9nK+8dal8C/BF/8AE1btPFVxpkD6kL6IwXQuSPn82NlUo3qCox6V7VXj V6XJOUL3s7HJONm0FFFFZEhRRRQAUV+Sf7WX/BRHxD8M/i+fgJ8L9ESHVbK9srfUdWvgJFUXIil2 2sAOCdkgBkkPByBGeGr7/wD2kL/x5pfwJ8bah8L1u38VwabK2mixhNxdG4GNvlRBXLN1wApPtXrV clr01RdXRVNvTTV/edMsLOPLzac2x7bRX5Xf8E8PFv7W3iXxL4yj/aTh8RRWMFpaHT/7c06SxQyt I/meUZIYtx2gZAzgYr9UaxzTL3hazouSlbqtiMRR9nNwbuFFFFeeYhRRRQAUUUUAFFFFABRRRQAU UUUAFFFfLX7W/wC07pf7K3w0g8c3ujTa9d6leLp9lbRyLDGbh4pJQ00hyVjCxnO1WJOBgZJHRhcL UrVI0qSvJ7F06bnJRjuz6lor44/Ya+OnjX9on4L3PxI8eC2j1CbWL23jitI/KhhgiEZSNQSzHbuP zMxJ7mvy2+NP7V/7RHh39t/UPhvonje9tPDMPiiwsksUWLyhbySQh4+ULYIY55zzXtYLhqvWxFXD JpSgm38jrpYCcpyhfVH9CFFFFfOnCFFFFABRRRQAUV8a/t8/EPxp8LP2YvEnjP4f6rLout2lxp6R XUIUuiy3caOBvDD5lJHSvA/+CYHxr+Kfxp8GeOdR+KXiK48RXOmX9pFbPcBAY0eJmZRsVepGea9i nktSWCljk1yxdrden+Z1RwknSda+iP1Gor8D/wBpr/gov8ZfGfxTuPhB+y3us7S3vf7PgvLW2W61 HVLlW2MIVkV1SIvkJtTewG4sAdo8z8X/ABB/4Kh/s26Zb/EP4iX+qw6I80Zke9ex1S1BcgCOdYmm aBXOFGTHycKQ1ezQ4KxEoxdSpGMpbRb1fyOqGVTaV5JN7J7n9HlFfHn7GH7V2n/tV/Di51y5sk0r xPoMqW2rWcW4wq0oLRTQliT5coVsKxLKyspJADN9h18vjMJUoVZUaqtJbnn1aUoScZboKKKK5jMK KKKACvAP2Tv+TWfg3/2Jnh7/ANN0Fe/14B+yd/yaz8G/+xM8Pf8ApugoA9/ooooAKKKKAPw//wCC rv8AyP8A4E/7Blz/AOjhX6OfsWf8mweAP+vH/wBqNWT+0j+x/wCD/wBpXWtH1vxNrd9pUmjW8lvG toIirrI+8lvMVjnPpXu3wn+HOnfCT4e6L8O9Iupb200SHyY5pwokcbi2W2gDPPYV7mKx1OeDp0Yv 3lv+JnGL5mz0SiiivDND+aj9vcM37XXjhUxuL6YBnpn+z7brmvrr/gnxoes6V8U72fxlPpEry6fi wEH2Mzh8gtt8lQ4+Xrz9a+pvjP8A8E//AId/Gv4l6x8Tdd8RanY3us+R5kNuIfKXyII4Bt3KTysY Jyepq58EP2C/h98DPiDZ/EPQPEGpX95ZxyxrFciHyyJRtOdig8V9hWzehLCKjza8qW3Wxgqb5rn3 XRRRXx5uefePvhf8PviTBbf8J5oFrrn9miU232lN/lGULv2+m7YufoK/mf8A2YPD+j+Jf2hvA/h3 xFZx32nXupxxT28o3JIhzlWHpX9T7LvUqe4xXwB8Ov8Agnl8Mfht8RNH+JGla/qdxfaNdi7jil8r yncZ4bCg457V9BlGZxo0qkJt6rT8TKpC7R9u+E/B/hjwLosXhzwfpsOk6ZCzulvAu2NWkO5iB7k5 NdJRRXgSk27s1Cv5V/2kEmk/aT+I0duN0reJtSCAgEFjdPjrx1r+qivzp8a/8E4fhv43+Ies/Ea+ 8U6tb3mtalNqUkMaweWkk8plKrlCdoJwMnOK93IcfTw85SqPdGVWDexS/Ym+Gnx98HeMfEGo/GfR LLT7WSxRLOSCysLZ/NMg3DdaxRsRt7E4r9I6KK8rF4p1pupJJehpFW0CiiiuYYUUUUAf/9T9/KKK KACiiigAooooAKKKKACiiigAr5y/aq/aC0r9mj4Oap8SLyFLzUN6WWl2jkhbm/nDGNGIwdiqrSPg g7EIByRX0bX5Bf8ABYiLUj8HfA08R/4l6a86zD/ps1rIYv8Ax0SV7HD+DhiMbSo1Nm9fz/E6sFSU 6sYy2PhfwR4n/wCCiH7Zepaz4k8AeJ9XSwsJv3xsdS/sXT4JSNyQRBJIgzKuDj5mAwztkgn0T9lj 9t34/wDwl+OVr8Fv2g9Tvdc0u51L+x72PVH8++027eQRCVbj5pJEV8b1LspTLJzjP3j/AMEodQ0e 6/ZZNnp7J9rs9cv1vFUjcJXEboWHXmMoAfb2r3vXP2pP2S/h/wDFfWfA+v8AiHTdD8bQSwx3zPZS o8kksSMga7SExu2xlBBkyPunGMV9pmObRdavgVhFKMdFyqzVut0n+R6tfErmnR9ndLtv6n5d/wDB Y/8A5KB8OP8AsF3v/o9K+1NC8Sa94P8A+CYNj4n8L38umatp3g2OW2uoG2SxSADDIw5BHrXxX/wW P/5KB8OP+wXe/wDo9K+uZ/8AlFIP+xJT+QpVYp5ZgE/5/wBWEl/s9H1PHf8Aglf8bfi58V/F/j6z +JXi3UfEsGn2NlJbpfXDTLE7yyBioY8EgAGvK/2vv26PjR49+M8/wE/Zqvp9OtLK/GlpcaZxf6nq AbynVJescSyZVdhG7BdmKkBX/wDBG7/kePiV/wBg6w/9HS1+dHwf074t6p+0bp2m/DbVIdI+INxq V4lrdzukaJeFZfMG6RXUFxuVcqcsQBzzXtU8qw7zPE1ZRj7kYtJ/Ddrd/cdSw8PrFSTS0S9Nj628 Z+JP+Cif7F93ofjL4geJtTu9L1CfCrf6kdasJZsF3tpw8jlGZQT8pUnBKPlSR+qXiX9pef4sfsE+ Jvjv4Bu30HXE0iYSi2kIlsNRgZUmRH6jBO5DwSjKe9fnz8a/2ef+Cg/jPwhFoHx1+IOhP4enu4jG mp6pZ2kL3aqxjCuYY8vt3YUNkjPHFex+Cfgj8QvgL/wTu+NXhHx7NYXAvzc6jZyaddLdxGOWG2ib 51AA+aLOB65rzcxhha1OjUnKDqqaXubNXMK6pzUJNrmutuqPiH4H/tPftz/E+41T4P8Awv8AEepe JPEHiXyZRdXE6vcWNtaCTzjFNcMI7dJPMXfIcNlUVDuIBzvGHxa/bp/ZB+J1vpfj/wAZaydT2per b6jqMmrafewMSucSSSIysVZWxtdSOqkA19Of8Eb7SF/H/wAR79lBmh0yyiVu4WSd2YfiUX8qP+Cy ESDx98N5wPnfTL5SfZZkI/ma9j61R/tZ5eqMeRrXTVvlv91tDp9pH6z7HkVn5eR9E/tueJPjX8a/ 2TPBnxR+DS3Vl4e1XSLjVPFMFvdxW6Jp81ojyRSrJIjTIp8xdqBicdORX49fsveGf2nvE/ijV7b9 l2a+h1uGzD3xsb+Cwc2vmKBueeWJWG/HAJPfFfuZ4e/5RYy/9k/vf/SaSvhX/gjsR/wuHx0P+oCn /pVHXnZVjvq+X4pQhFqnJpXW+vXuY4atyUKlkvdf9XP3/wBFS+i0awj1Mk3iW8QnJIYmUIN+SOD8 2ea/Of8A4KcaJ8dNW+Dltc/CSS6TQbCLUZvFAt7uK2RtNEAyJUkkRpUwH+RAxPp0r9K6+ef2tv8A k1/4rf8AYs6r/wCkz1+dZLiXTxlOoknr1210/wCGPDwtTlqxlbqfzI/sveGf2nvE/ijV7b9l2a+h 1uGzD3xsb+Cwc2vmKBueeWJWG/HAJPfFfuB+3R+2f4g/Zk8GeHvA3hARS/EXxBZLNJPcBZksIFHl tcFDlZJHlDCMHKZVmYEAK3xD/wAEdiP+Fw+Oh/1AU/8ASqOvJv8AgqvBqMP7V9xJe7vJn0XTnts9 PKAkU7fbzFf8c1+o46jTxmcxw1aK5YK/m9Fo+6R9DWjGrilTmtEr+ovhHQ/+Cmfxi8NP8aPCeueL L7S28yaCSPWTZi4VM7za2XnxeYnGAI4trH5V3EYr6k/YT/4KD+Pdb+IGn/Ar9oG7F/JqsptNO1W4 TyryO+LYjtbrAAcSNlEYqHEhCsWDZT9dfghe+HdQ+DXga78JNG2jPomn/ZPJxsES26BVAHA24wR2 IIPNfzOfFmay1v8A4KA6k/w2eMm68c2y2bw4MZvDeRqzrt4INxuOR1657152BxNLNPrGGrUYxUU2 mlZq3f8ApddDno1I4jnpyglbbyP6tKKK+U/21vjL/wAKN/Zw8WeLbSfyNXvof7L0wg4f7ZfAxq6f 7USb5v8AgFfmWEw0q1WNKG8ml954FKm5yUV1PwJ/aW8Vat+19+2pcaD4Xm8+1vtUt/DekOPnRLWC TyjMP+mbOZLg+isazf2sfhdefsg/tVA+AQ9jY2Utjr+guxLbUDBtpPcJcRyJjPKgeteCfBHxx8SP hV46sfid8MtO+2axo/mpDI9m15FE08TRMSoBAbY5weozXof7RPxx+PH7Q0mk638XdKCt4djmjhuI dNa0xHcMhKyPjBAZRtz0JOOtfv8ATwlWlWp0advYxjytX1v6fL8WfaRpSjOMV8KVj+rH4YeP9H+K nw78OfEbQDmx8RWMF5GucmMyqC0bH+9G2Ub3Br8Hv+Cr/wAC/F+kfFqH452FjJd+GdftLa2urmMM 62t5ar5QWbAwiyRhNhJwzBh1HP0t/wAEi/jR/wAJB8PPEPwQ1Wfdd+Fp/wC0dPVjybG8b96ij0in yx95hXVfHP8A4KX+H/hZ8Xdb+CPir4aSX1npt6ljf3VxfoI3tJgrGYW32aTerQuHCFhuBwSK/Nsr weLwOa1IYanz8t9LpXi7W3+XzPBw9KpRxElTV7fkfJXwd/4K5fEHwppdh4f+K3hO28Uw2kaQ/brK Y2V2yIMB5IyskUj4/uiIH+f0X8CdN/4JyftPfFCbxj4e0i80v4i3t++snT9RvLqyma7En2h5bdYJ /Ikw4L7I2JABJQDNfTXjn/gn7+yF8YbFPEGneGotFbU4lnhv/D0/2SN45V3JJHEu+1IYEEHyjke1 fzzfG3wTJ+zB+0drHhTwH4iOpT+CtQt5rHUY8LIkqpHcKr7CV8yFm8uQDjcp4HQe3l1LAY91I4Hm o1La2bS+dna1/Q66EaNa6o3jI/sFryD49fEjV/hJ8I/Enj/w9odx4k1bTLfNnYW0Ms7zXEjCOPcs QL+WrNukIxhAeRXqOl3Ut9plpezxGGW4hjkaM9UZ1BKn6E4rwX9qT9oDTP2afg/qXxNvrE6pcxyR WljaBtgnu587Fd8HaihWdiBnCkDkivzHA0ZTrwpqPM21p38rngUYNzStc/CzwOf+Cjv7W+ra3rfh vxVrllBpkwjucak+hWUMzDcsKQRNECwXGcIxGQXOSCdD4BftX/tR/An9o/S/hF8YvEOoa3ZvrMGj 6vp+r3J1B4ftEqxebDcOzuCm8Ou1yjr2III7X4beP/8Ago5+2+NU1PwH4vj8MeHLO4+zTXFtIuk2 kEzKHMSSQI945VGBPzPtBGSMjPxJrfgTxJ8N/wBrSx8B+MNbXxFreleI9MivNQWSSUTzNLC7HfL8 7FS20luciv2ilQp1XVw1eNPSPwxV3H1dl+SPqowUuanNR22XQ/aD/gqd8WfiX8KPAvgW++G3iW+8 N3GoaldR3EljM0LSokIKqxXkgE5xXvP/AAT38ceL/iL+y54d8VeOtXudd1i5utRSS7u5DLM6x3Ui ICx5IVQAPavkT/gscp/4V18OmxwNVuxn6wLX0X/wS/njm/ZA8ORowLQX2powHYm6dsH8GBr4XFUI f2DSqKK5ufe2v2up49SC+pxlbW/+Z+b3xi/aR+PWj/t233gLSvHmr2nhyPxbYWa2Ed0624t3mhVo ggONpBII75ra/wCCr+ifHSLx6mv61JdH4VTy2UOmI13E1sNSFq5lK2wkMivgSZdkAPIB5Gfmr4xa ja6p/wAFEtSu7KRZYh47s4tykEbobuKNhkejKRX6df8ABYP/AJIJ4Q/7GaL/ANIrqvqY8tDGYFQg vejZ6eS19T0FaFWjZbo+Rv8Agmz4W/asuvFnhTxJ4Wnv1+DcGqXY1NE1CCO0MwtyH3WjSiVjvMfK xnnB7Ej5f/bB1+78K/tueOPFGnokt1o/iCC8iSUExtJbiKRQwUglSVGcEHHcV+yv/BKEg/sq/TXt Q/8AQYa/I79o+0gv/wDgoXrdjdIJIbjxdp8bqRkMryQAgj3BrXLMb7TNsTzRSUYtadbPr5l0KvNi al1sv1PV/jCv/BS+z8GH9ovxxr2t6FoTGO7Nvp+p/YxZQ3JAiL2NvICifOFIdS6/8tMHJr9Bf+Cb n7WfjD45eC/FHhn4sXy3mseClt5hqUgWN7ixnEnM5GFLxGM7nwNysucsGY/Uf7asayfso/FFXGQN EuD+K4I/UV+Kf/BOX+0j4O/aKXRzi/Pgq5+z/wDXbyrjy/8Ax7FeLCrTzDK6s504xcZJKytZXX+Z yKUa+Hk3FJp6W+RsfFf9sz9pv9qz41f8Kv8A2ab+90XR5ria30uDS5TZ3V1DHkm7urklWjBRS+Ny Ki8HLfMcTVPjV+3h+wz480a1+LOsXmvabfI0kdpqt82qWV9AhAlWK4ZnkjkjJHQqykqSrIcN8x/s g6J8ePEPxZk0z9nPW4NB8XPp1wwmnkji8y2V4zLGhljkBY/K2AM7VJzgGvsX45/sxftz/EVND0f4 +ePfD1yI5Jn0yHUtXtLRmkIQS+SPKjLkDZuAzjI9a+kr4fCYerHCSVNU7ap/G99f68zvnClCSpvl 5bfM/WP43fGUeI/2LPEnxt+FuqTWDX/h/wDtCwuoW2T27vtBXcPuyRtuRsdGBFfh/wDA/wDae/bn +J9xqnwf+F/iPUvEniDxL5MouridXuLG2tBJ5ximuGEduknmLvkOGyqKh3EA/pjc/DTxp8Hv+CYP in4c+PGtZNS0jStS2tZzi4haG4vHuIyJAADxJj2r5Z/4I32kL+P/AIj37KDNDpllErdwsk7sw/Eo v5V85lcMPh8Di6sYKahP3bq/a3+Zw4dQhRqSSTs9D5j8YfFr9un9kH4nW+l+P/GWsnU9qXq2+o6j Jq2n3sDErnEkkiMrFWVsbXUjqpANfpL+254k+Nfxr/ZM8GfFH4NLdWXh7VdIuNU8UwW93FbomnzW iPJFKskiNMinzF2oGJx05FfO3/BZCJB4++G84Hzvpl8pPssyEfzNfaHh7/lFjL/2T+9/9JpK3xeJ hKjgswVOKm5WemnVf8FdiqlRONKtyq7Z+Gf7L3hn9p7xP4o1e2/Zdmvodbhsw98bG/gsHNr5igbn nliVhvxwCT3xX6d/8FNPjX8a/hHrnw00vwT4v1Lw5JeaPM98llcGIS3CPGpZyhwxHPP5V5N/wR2I /wCFw+Oh/wBQFP8A0qjrZ/4LH/8AJQPhx/2C73/0eleli6yrZ5Tw84JqKfTV3j1726HRVmpYtQaV l/kfpX8MvjpH4C/Yh8OfHb4n38+qS2Ph6C9u5pX3T3dzJhIk3nPzzSsqAnjLAnivxp0r42/t5/tt +PdUsPhdreoabb26CWWz0e8Ok2FjbsSEEkwdGcsQcb3Z3wcDaMD68+OUWpSf8ElvBz2BxBFZaE11 7w/aFUf+RTHU3/BG7UNHPg74k6XGyDVUv7CaRcjebdopFjOOpAcP9CfevEwlKlhcJisfGmpTU2ld XSV10+f5HJTjGnTqVlFN3sfJHgj9rr9rP9kT4z/8IH8dNU1HxDY2M8Sappmq3P8AaEht5VDLNa3T NI4Oxg6bX2MflcZzt+9f+CiP7Vfxi+HGmaD4V+BVrfWdrrdkuo3niKCykkjWCYlYoIJnjMaOwBd2 HzqCm0qSa+wPih+0f+y58IPibb+H/ihrVhovjCeyiuI55rGWWQWzvIsYa6ihcJ8ysQrOMA5xg5Pw 9+3L/wAFE9f+FWtWHw5+A5tn1C7sLbUbjWpoxcIkN7H5tultE/yFmjZZC7hlwwAXOSMcPOWNxdCr HBq9ru+kZee3T57oiDdWpCSpf5Pz2PiXxR8Mv+Ck3gv4aS/HLxF4w8TWmk21vHeTqfEk5u4bZ8ES SW4nJCjcNyfeUZ3KADj7o/YH/ai+Mf7QXwr+JXgPxRfNq3jDw1pxk0jUR5cNzMbuKZI0kb5E3xSo m2Q4zu+Y8ZPyl8V/gP8At+eMPgx4h+LHx9+ITaf4e0/Tn1CbRri/dHnXaGSNrO0RbVWbIG1yCpOC ucgdb/wRvX/ivviQ3ppliPzmevYzWNOtltWrLklKDVnBaLVaX6nViFGVCUnZtdj8y/ivo3xm0r4z ajovxYkuX+Isd1bLdNcXUdxcfaHjjMGbiN3QnYY8EPgDAyMV+43gwftdfCj9i74x678edV1Oy8ZW aTXGk3U+ow3lzDAIYgGjlt5ZQnz7sAkHOTjvX5mftqnH7fnikntrGj/+ktpX76/tsf8AJqHxQ/7A s/8AMVPEOYOcMFBwjafK3pt8Oi7LUWOrXVJNLW36HwB/wSv+Nvxc+K/i/wAfWfxK8W6j4lg0+xsp LdL64aZYneWQMVDHgkAA1x37df8AwUE+I2mfEfUfgZ8AL1tKXR5vsWo6nbxiS9uL7O2S2tiQ3lrG x2FlHmGQEKQo+bn/APgjd/yPHxK/7B1h/wCjpa+NvgtLp2i/t7aK/wAQGSNbXxrOly1xgKt2LqRY 2fd0xPtOT0PNaf2Xh3mmJqyppqnFNRtpe3b5fiV9Xh9YqSa+FbfI9S8T6L/wU0+CXhQfGDxPrniu y0jEcs8k+sf2gbdXxsa5tGmmMa8gHzIwFPyttJxX6rfsDftp3H7Tmh6l4S8dx29p468PRrNL9nXZ Hf2ZKp9pVOdjo5CyqPlBZSuA21fsH45Xvh3Tvgx46vPFzRro0eiah9r83Gxomt3BXngls4A7kgDm v58f+CUEGrTftVGTTji3g0HUHvPeAvCqj/v80ZryPbU8zy6vWq0oxlT1TirfL+u6OXmjiKE5Sik1 2NX9pr9rr9oH4W/te+LLfw/4y1FtD8Oa5FJFpD3MgsZIYRG5t3jUj90+CrAYyCaqfFyD/gpXpngw ftF+PfEPiDRdElMVwY7LVPsgs4rggRM9hayKIkO8KQybhnEgBrzb9oq0h1D/AIKF63YXKh4bnxhY ROp5BV5YFIP1Br9/v21okm/ZQ+KKSDIGiXDfiuGH6ivUxeNp4T6nGFGLc1G7a1tpt9501asafsko rW1/wPl7/gmh+1T47+PfhfxJ4L+J13/amueEvsskGoMoWW5tLneoE23AaSNo8b8AsGGcsCx/UOvw H/4I3/8AI/fEj/sGWP8A6Oev34r4jjDCU6OYVIUlZaO3qkeTmlOMa0lFH4Z/8FRPjz8ZvhX8ZvC+ h/DjxlqfhzT7rQI7mWCxuGhR5jd3CF2C9TtVRn0FfP8Armv/APBRr47/AAtuPj7Y6zquleCtFtGk jXTNROmmW3sV2zTrDFKs1wVKMzySbiTu2cDaOm/4LB/8l78If9izF/6W3VfrP8PLO3t/2DPD9tEg WN/hxbswA4Jk0gMx/Ekk19asXTwmX4SrGlFyk7Xa6dfmekqqpUKclFNs/Ej4SftvftoeLtAi/Z/8 B6rN4k8TeIblItP1KfbNqsMW1jLGLiY7cEDcZpiWjUMdwGCmD49+JX7dX7IfxOsLX4geN9ZGqzRR 38cN5qkmq6fdwMxUhkkkkjYbkZGGFdf4SMqx7r/gk3aQXP7U080qhmtfD1/JGSPusZbePI/4C5H4 169/wWPRR8Q/hzIB8zaVeAn2E64/ma9ydShDNFgI0Y8sld6at2f4aHW5QWI9ioKzWp+rHiD9qDw3 4W/ZWtP2mtatvLgvdFtNQisQ3L3t5GvlWqtjP+ubYWxwoLYwK/Ebwn8RP+CgP7bnizW9S+G/iXUd Os9NZJZotN1B9G02z358mFWR1Z2O0kbi78bmPevoj9pgaif+CV/wj+xHEIl0b7V/1x+z3OP/ACJs r5j/AGL/AAZ+2p4p8Da7N+zD4stdE0aDUdt9byTwRym5aFCJCskMjbWTAByBlW44NeNk2XUcPha2 IjyqXO4pz2ST/r8DlwtCEKc5q17212Pbv2b/ANtj9oD4H/HSL4E/tR30+oafPfR6feSaowkvNMnm AEUy3Kk+ZAxZCxZmGw70Yc7qf/BV/RPjpF49TX9akuj8Kp5bKHTEa7ia2GpC1cylbYSGRXwJMuyA HkA8jPmvxD/Yt/az+KXxJu734h+MPDOr+NwkCXEcutW0d6qqi+TugjRWX5NpX5RkYNfcf/BXL7af 2dPAx1IKt3/wkNv5wU5USfYbndg+mc4reM8NDMsNUw/K5TTUrbJ6O67X79i06ar05Qtd72/NHyl/ wTZ8LftWXXizwp4k8LT36/BuDVLsamiahBHaGYW5D7rRpRKx3mPlYzzg9iR8v/tg6/d+Ff23PHHi jT0SW60fxBBeRJKCY2ktxFIoYKQSpKjOCDjuK/ZX/glCQf2Vfpr2of8AoMNfkd+0faQX/wDwUL1u xukEkNx4u0+N1IyGV5IAQR7g11ZZjfaZtieaKSjFrTrZ9fM0oVebE1LrZfqer/GFf+Cl9n4MP7Rf jjXtb0LQmMd2bfT9T+xiyhuSBEXsbeQFE+cKQ6l1/wCWmDk1+hf/AATT/ar8b/H7wn4j8HfE26Gp a94QNs8V+VCSXVpc71HnbcBpI2jIL4G5WXOWDMfp39tWNZP2UfiirjIGiXB/FcEfqK/Hb/glnDqN 0vxutdI3fbpvDASDby3nN5wTAHfcRivD9tTx+VVak6cYuDSVlayuv8zj5o1sNKTik09LE/7TP/BQ D44fGH4pT/Cn9mm9u9K0MXZ0+yfSl/4mWrTBtnmrKoMkaMwJjWMqdvzOTnC+beMtS/4KR/snwad4 68eeIPENrpl1On7y81Rdas/OPzeVcIZrhELgY+YDdztJIOOf/wCCYl74esv2ufD39vNGk09lqEVg 0uP+PtoDgKT0Zo/MUdznA5NfuN+37e+HbL9kX4if8JK0YiuLOOK3WTGWu2nj+zhAerCQBuOQAT0B Nelj8TSwGLo5dSoRcJWu2rt3dv6/Q6K1SNGpGhGCadg/Yw/at079qX4Yz6/fwQ6Z4o0CRbfWbOEn ykZwWini3EsIplVsBiSrK65IAY/j18d/22/2if2kPjK3w4/Z61bUNJ0Se8ksNGtdGka0u9QUEj7R NOrK43hS+NyJGn3uQzHr/wDglTY+JruH43HQn2xt4eiiHB/4/ZBcfZT+AWSvGf8Agl1e6PaftcaI mqMiT3OnalFZ7+puDCWwv+0Ylk/DIqcPk+GwmIxlaMFL2aTinra6b/ryFDC06U6skr8u33E/7Rkf 7c3wY+Fc3w0/aDv7jW/B/i97dYrm8uxqhhubSRbhY47reZI5PkwUclWXcVBK7l+4P+COaCT4efEm Ns4bUrIHBKnmB+hHI+or3b/gqre6Jb/so3VrqboLu71jT0sVYjcZ1ZnfaDzkQiTOO1eGf8Eb/wDk QPiP/wBhOy/9EPXJisf9ZyKpVcFF8yvZWT1Wv9djOpW9pg5StbXp8j7e+Fv7Dv7OfwZ+Ilv8Tvh5 oM+n6xaRTRQiS9nuYo/PXY7KJ3dt20lQd3Rj618Vf8FKP2zfBGm+DNf/AGa/BLJrXiDVQlvq9yhD W+nRxyLI0OeQ9wdu1lHEeTk7xtH6u/ES817Tvh/4m1DwrDJc61a6Xey2MUS75JLpIHaFUX+Ji4AA 7nivwQ/YV/Yj8WeK/jNe+KP2lPBOq2uk6NAb6GLV7aWKHUNQeVdomMoHmqo3OyHO443ZXKt4uQTp 1JTzDH1HL2drJvVvpv2/4c5ME4ybrVpX5dj6o/4JLfBPxj4F8B+Kfil4pt5NPtfG5sk023kBR5La z84m5Kn+GRpcRkgEhSw+VlJ/XimoiRIsUShEQAKoGAAOgAp1fN5vmUsXiJ4ias3/AMMvwODE13Vm 5vqFFFFeaYBRRRQAV4B+yd/yaz8G/wDsTPD3/pugr3+vAP2Tv+TWfg3/ANiZ4e/9N0FAHv8ARRRQ AUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAH/9X9/KKKKACiiigA ooooAKKKKACiiigArxD9on4F+Gv2i/hRq/ww8Sv9mF6FltLsIJHs7yLmKdVJXOMlWXI3IzLkZzXt 9Fa0K86U1UpuzWqKhNxaktz+ayx/ZB/4KE/s2+ItTi+EMd81pesIWvdCv4PIu0XOxnt5JFkUrk4M kY2knDY5PuX7J/8AwTl+L198WLH4x/tMD7FDpt6NT+xT3SXt/qN8jiVHuHjaVBGZPnfc5dyNpUBi w/eGivrcRxvi6lOUVGKlJWcktX+P9dLHpTzapJNWSb69T8hf+Cln7Lvx0/aA8X+CtV+Efhn+3rXS LC6hun+22dr5ckkqsoxdTRFsgHlQR619Fy/Bj4kt/wAE+x8D10j/AIrX/hFl077B9og/4+wB+78/ zPJ/4F5m33r7vorynxBWdCjQsrU3db3vvrr/AJHO8bPkjDpHU/In/gml+y/8c/2f/FXjjUvi74a/ sG31iys4bVvttndeY8Ujs4xazSlcAjlsA9q8o/bF/wCCdfxUu/irf/G39m5Vu21S6GpTafDcJZXt nf7vMee1kdo0ZWkHmDDq6ucKCMY/c2iuqPFmKWLljFa8lZq2jX33/E0WZVFVdVbv7j+bjxP+zh/w Uk/aZvNJ8O/Fi2vZNO0x8RTavc2ltZ25I2mV0gO+VscbxHI+CeeTX6kXP7JNx8Mf2HvFX7PXwyi/ t7xHq1hO8spMdsb/AFK4Kb2zK6oihVVE3NwiKCSck/f9FGN4qr1lCKjGMYtNJKyuu+oVcxnKySSS 1sj8jP8Agmj+zB8cv2fvEvjrUPi74a/sG31i0sorRvtlndeY8UkjOMWs0pXAYfexnPGaZ/wUt/Zf +Of7QHirwPqXwi8Nf29baPZXkN0322ztfLeWRGQYupoi2QDyuQO9frtRWX+s1f699f5Vz9tbbW73 /En6/P23trK58k/DL4K+Ipf2MNO+AnjaH+xtZvPC0+i3a745vs01xC8Wd8TOjbCwPysQcV+G/hn9 jv8A4KA/BjxffQfDXQ9S0u+u43sn1DR9Rt4obi3Lg8TechVWKqw37HHBIU5r+n6itMt4pr4Z1bRj JTd2mtL/AHjoZjOnzWSdzm/Bqa5F4Q0OLxMpXWEsbYXoLiQi5ES+aN4JDfPnkE561jfFPwTH8Svh n4s+Hkk32YeJtKvdN83GfLN3C8QfH+yWz+Fd7RXzsarU+eOjvc4lJp3R/MD4Z/Y7/wCCgPwY8X30 Hw10PUtLvruN7J9Q0fUbeKG4ty4PE3nIVViqsN+xxwSFOa/Wb9rD9ivUP2o/hf4T1KS8i0b4neHN OhiM1wxkguWaNWntZ5I9xwJsskqhsEtwQ2R+jFFfTY3i/E1qtOulGM49Ut/W99Dvq5nUlJTsk0fz SaL+zl/wUw+Guk3Xwq8G2uuWWhXbSL5On6tbCyYSffaOTzwIg/U8oTn5hnNfbX7DP/BOnW/hF4st PjJ8cHt5PEFgHOm6RCy3CWkzfL9onmUlHlUZ2Km5VJD7iwAX9gaK0x3GWKrUpUlGMebdxVm/xKrZ rUlFxSSvvYK/Jb/gpP8AA/8Aaa/aD1fwl4U+EvhNtY8K6JDLe3E/2+xthJqE7GMKY7m4ic+TEmQw XH71hk44/WmivCyrMp4Suq9NJtbX2/Bo48PXdOamlqfHf7C3wD1T9nj9n7S/CXii0Wz8T6lcT6jq 0aukuy4mIRI/MjZkby4UjU7WK7txB5r6R+IvgfR/iX4D8QfD7X13af4hsbixmOMlVnQpvX/aQkMp 7EA12dFY4nHVKteWIk/ebv8AMmpWlKbm9z+fX9kr9kL9sr9nj9ovw745ufBO7QIrl7DU5o9U00pJ ptyfLkl8v7V5jBPlmVdu4lAMZ4r7E/bu/YCuv2h9Wj+Kfwtubaw8ZxQCG9tromOHUo4QBCRIARHM ijYCw2su0Ertyf1Gor3K/FuKniY4tJRmlbRPVed2zrnmVR1FV0TR/MZpf7PH/BS/4d6X/wAIT4at PFWlaScqtrputr9kUNy237PdGNA3fGM9691/Zc/4Jg/E7UPHem+PP2jIodI0XT7hLx9LM8d3eX8q tvVJmiZ40iZsGTLl2GVwpO4fv9RXdiOOsVOEoQhGLlu0tfzNZ5vUaaSSv2CvmD9r/wDZ+l/aV+CG qfDjT7yOw1dZor7Tpps+SLu3ztWUqCwR0ZkLAEru3YOMH6for5HC4mdGpGrTeqd0ebTqOMlKO6P5 wPhF8Cv+Cm/wGn1fwR8J9Iu9Fs9YfdclZ9Lns2ZRs8+OW4d1jcrjlNrkAZGVAGJ4l/4Jz/tk+E/i Bp3irQ9Ig8cX6yW+rXF/HqNpEpvzJ50sbm8nhmkYOMtJtAbORzmv6WqK+w/17xKm5xpwTe+j19Xe 56f9sVL3UV56bnxP+2x+zbrf7U3wOtdB0Ty9K8V6RcRapZQ3LjyzL5TJLaySJuUblc4cZXeq87ST X5C/Cf8AZ2/4KW/DYX/w3+HNlqnhLTNWm3XbLfWkdmrkBGmWYSOVO1QC0J3kADngV/SlRXm5ZxRW w1B4dQjKN7pSV7fiYUMwnThyWTXmfzg6b/wTe/aZ8A/Hvw7faTog8S+G9H1bSLybWVvbKBZQjQzX brBNcifbHJ5ijKbnC7gvIFfrF+33+zv4r/aQ+Bi+F/AnlSeIdE1GHVbSCWQRLcmOKWF4RI3yqzLK SpYhdygFgCTX25RRi+KsVWrUq87c1PbTf11/KwVMxqSlGb3R/P5+xt8Cv27/AIUfFjwvol/pGsaF 8P7PVvter2rahBHYujp5UrmNZj53y7TtQNkqDjjI0/jF+xX+0x4q/bRv/izoPg77V4Un8S2OoJe/ 2jp6ZtYXhZ38p7hZeArfLs3HHAPFfvhRXVLjLEe3liI04puPK9H3vffc0eaT53NJXtb+tTwn9p3w Z4k+If7P3j3wR4Ps/t+ta1pU9taW/mRxebK4+Vd8rIi59WYD3r8+f+Ca/wCy18cPgJ4r8cah8YfC 40Sy1qwtbe3LXlndiVkkdnUrbTSkAKf4gAa/XyivHw2dVaWFqYSKXLPV736ba+XY5aeKlGnKktmf z4fGr/gnb+0N8H/ixJ8TP2WC+oaZHdPeaeLK6jtdR0zzCcwlZWQSRqGKKULFk4dcZzx11+yB+33+ 1V4203UPjp59hbWq+T/aGsTWyR2sBYFxBZ2xyXbrhY1DEDc44I/pAor3KfHGLjFXjFzSspNe8dkc 3qJbK/fqfHvxK/Z7fQf2Mtc/Z3+EFgb+4g0NrCwheSKF7q4Zg8kjvIyRq8shZ2JKruY9BXyd/wAE 0f2YPjl+z94l8dah8XfDX9g2+sWllFaN9ss7rzHikkZxi1mlK4DD72M54zX650V41PPq8cNVwzs1 Ud23e99PPy7HLHGTUJU+5+RP/BS39l/45/tAeKvA+pfCLw1/b1to9leQ3TfbbO18t5ZEZBi6miLZ APK5A719gfDL4K+Ipf2MNO+AnjaH+xtZvPC0+i3a745vs01xC8Wd8TOjbCwPysQcV9bUUVc9rSw1 LDWSUHdPrfXfW3XsKWMk6cafRH8wPhn9jv8A4KA/BjxffQfDXQ9S0u+u43sn1DR9Rt4obi3Lg8Te chVWKqw37HHBIU5r7g/b6/Za/aQ+Pf8Awq3UPBPhj+3L/RtCNvq5N/ZQmK9fy2dS1xPH5mWDfMu4 H1r9nqK9etxriJ16eI5I80b9HrdW11+46pZrNzU7K6/rufKfwr+Bn9pfsh+HvgH8X9M8h5dAj0zU rUSRytDKF6pJGzxl4nAdGUkBlBHSvxl1f9hL9tr9m3x5da/8CJrnV7ZFMcOq6LdxW00sDnPlz2ks ofPALJiRMgEMeK/pGorhy7ifEYaVRxScZu7i1damNDMJwcmrNPofzv8Awo/4J1/tK/G74oL47/ag kn0rS5p0n1Ke9vY7rU79EAAiiETyeWMKEy5TYv3FOAK96/4KDfsFfEf4neObf4ufBCwh1VprO3sr /SVlit5kNovlRSweYUjZPKCqybgy7RtDA4X9pqK6pcZ4x4iNdWXKrKNtLP8A4Zdeho81q86n26dD +fy3/Z6/4KVftE+D7b4YfFrVJdE8GabEGUanJZo9w9sv7mORbX/SJ23BcNOdgPzliwGfZP8AgnH+ zR+0r+zz8WNevPif4L/snw7r+lGBroahYXBjuYZUkizHb3EjkMu8cLwSMkCv2foqcTxdXqUZ4dU4 RhLola3nvv6iqZnOUXDlST8j8F/2/P2Hvjt4y+PGqfGT4S6K3iPTPEMdrLNHazxR3Npc2sEduR5c jIzK4jV1ZNxBLA7cDPu/wq+F37ZPiz9k34yeCfjdbajqfirxNAI9Ch1PUbeWaQGLa8YLTFIF3KDh ygJJPvX640VEuK68sPToShF8lrOzvpa3Xy1E8xm4Rg0tLfgfkT/wTS/Zf+Of7P8A4q8cal8XfDX9 g2+sWVnDat9ts7rzHikdnGLWaUrgEctgHtXO/twf8E4PE3xO8bX/AMY/gS9u+q6uRLqej3Egt/Ou QMNPbTORGGkwN6OVG7LB/m2j9mKKz/1qxSxjxsbKT0a6Nff5dxf2jU9r7Vbn80up/s4/8FMPinol v8MfF9rrl3oFkYx5Op6tbraAR8IXZp8zBO33yOwr9fP2Kf2ONJ/ZT8J30mp3kWteMtf8s6hexIVi iijGVtrct8xjViWZiFMhwSoCqB9vUVWacVYjE0vYcsYQerUVa/qPEZjOpHkskvI/A/4u/sVftMeK P20774s6F4O+0+FJvE9jqKXv9o6embWKSFnk8p7hZuAp+XZuOOAeK/Xr9p3wZ4k+If7P3j3wR4Ps /t+ta1pU9taW/mRxebK4+Vd8rIi59WYD3r3aiuXGcQVq7ouaX7u1t+lt9fLyM6uNnNwb+yfkL/wT T/Zd+On7P/i/xtqnxc8M/wBg22r2NrDav9ts7rzJI5WZhi1mlK4BHLAD0r9eqKK5M1zSpjK7xFVJ N222008zLE4iVWbnLc/GP/gpF+yd8f8A4+fFzw34o+E3hb+3dMsNDSznl+3WVrsnW6nkKbbmeJj8 rqcgEc4znNfor4S8C+KdM/ZP0b4Z31l5fiS08E22kS2vmRttvo9NW3aLzAxjOJBt3BtvfOOa+h6K 6MRnlapQpYeSVqe29/nqXPFylCMHsj8Q/wDgnd+yD+0T8C/jzeeNPip4T/sPRpdEu7NZ/t9jc5nl mgZU2W08r8hGOduOOT0r0L/gpZ+y78dP2gPGHgrVfhH4Z/t610iwuobp/ttna+XJJKrKMXU0RbIB 5UEetfr1RXbLirEPGrHOMeZK1tbdu9/xNXmM3V9tZX/rzPjrwZ+zqfF37F+g/s7fFm0Om3j6DBY3 ao0U72d3Dh45EaNmjZopFVhtYqcYzg1+P+mfsk/8FBf2VvF+p3PwTS4ure9XyWvtGntpYLuJSShl tLk7g67jjfEdpLbGIyT/AEi0VOA4or0HUXLGUZu7i1dXYUcwnDm0TT6M/n++An/BOr48fFD4tR/F P9qvdZacLtb69hvLmO71DVZEIZYmETOscLY2uWYMEG1EAIZf0k/b7/Z28VftH/AtfC3gMRP4g0PU YdUtIJZFhW58qKWF4Q7fKrMspKliF3KAWAJNfbtFTiuJ8TVxFPEuycNklovl5iqZhUlOM+23Y/n8 /Y2+BX7d/wAKPix4X0S/0jWNC+H9nq32vV7VtQgjsXR08qVzGsx875dp2oGyVBxxkafxi/Yr/aY8 Vfto3/xZ0Hwd9q8KT+JbHUEvf7R09M2sLws7+U9wsvAVvl2bjjgHiv3wortlxliPbyxEacU3Hlej 73vvuavNJ87mkr2t/Wp4T+074M8SfEP9n7x74I8H2f2/Wta0qe2tLfzI4vNlcfKu+VkRc+rMB71+ ff8AwTT/AGXfjp+z/wCL/G2qfFzwz/YNtq9jaw2r/bbO68ySOVmYYtZpSuARywA9K/XqivHw2dVa WFqYOKXLPV736ba+XY5aeKlGnKktmfgx+1N/wTM+JVh8QL74n/szFLyzvbk3w0tLhbO9sLktvJtZ ZGRGjD5ZPnR04UBsA14rqn7K3/BRz9oa503w/wDFJNSl0vT5QqTa7qcItbcn5TKYlkaSRgv8axux HGea/pRor28Pxxi4QjGUYycdpNar8f66nXDNqiSTSbXXqfM/7Kv7M/hj9l34ZR+B9GnGp6peSm61 TUTH5bXdwRgYXLFY41+VF3HHLfeZifyS/ae/4JwfGXwj8Urr4m/szWp1LSbq7bUbe1sriOzvtIn3 +Zth8ySPeivzEYzvUfKV+UM39AtFeZl/EuKw9eeITu5fFfZ/10/yOejj6kJud733P5yvEX7G/wDw UB/aD8L3fin4v3V1eXugQKNH0rUr63NxdSSSosgjTzVhgxHud5JWV22qoDZBH6Cf8E0/2fPi9+z/ AOD/ABrpfxc0H+wbrV7+1mtU+1Wt15kccTKxzbSyhcEgYYg1+mNFdOYcWYjEYeWGcIqD7K1rdtTS tmU5wdNpJHn/AMWdF1fxJ8K/GXh3w/EZ9U1TRdRtbSMOsZe4ntpEiUOxVVy5AySAOpIFflD/AME6 /wBlz9pf4JfGzWvFXxk0CbSdEuvD9zZRSSalZ3ga6e7tZEXy7e4lYHZG53FQBjGckA/s9RXm4POa lDD1MNFK0977/LUwpYqUISppaMKKKK8k5gooooAKKKKACvAP2Tv+TWfg3/2Jnh7/ANN0Fe/14B+y d/yaz8G/+xM8Pf8ApugoA9/ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooA KKKKACiiigD/1v38ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACvAP2Tv+TWfg3/ANiZ4e/9 N0Fe/wBeS/APwlrXgD4FfDnwJ4kjWHV/DfhvSNNvERxIi3NnZxQyqrrwwDoQCOD1oA9aooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD/9f9/KKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooA//Q/fyiiigAooooAKKKKACiivAv2nfjdD+zx8E/EfxUNouoXWmpHFZ2zEhJ bq5kWGIOQQdis298EHapxzitsPQnVqRpQV23ZfMqEHJqK3Z77RX8u2if8FO/2ttN8YJ4k1LxFa6r p/m7pNJlsLaO0aLOfLVo41nXAOAwk3dNxbof6Uvhp470z4n/AA98N/EXRo2hsvEmn21/FG5BeIXE Yfy2I43ITtbHGQa9vO+GsTgFGVazT7flsjrxeAnRs5dTt6KKK+eOI/NP9uj48fFj4RfGz9mvwr8O 9ebSNK8d+JJLHWoBBbzC7thd6bGELTRuyfJPIMxlT83XIGP0W1rXtD8N6e+reItRttLsYyA091Mk ESk9MvIQo/OvyM/4KY/8nG/se/8AY3y/+l+kV5j/AMFKYbfRP2pfhx47/aH8Max4u+AOn6W0Ulrp bukMepu8wkMpWSLEhzA2DJH5iKFVjtdSAftz4f8AFXhjxbZ/2j4V1iz1m1GB51lcR3EfPT5o2Yfr VfxJ408HeDYop/F+vWGhxznEbX11FbK5HZTKyg9R0r8a/wBkjwh+x9r/AO03o3xQ/Y3+J7+D4VsZ o9X8C3cF2ZNSBWTdte7nUlUDrJiPz1Roww2jIHzz8cbn4T+Bf24fiRrP/BQLwZrnifw1rpjj8J3l u8/2G3sFJ2bVimhLhYyFIjclJA5MZZ9ygH9GWm6npusWceo6Rdw31pMMpNBIssbD/ZZSQfwNM0zW NI1qKSfR76C/iicxu8EqyqrgAlSVJAIBHHXmvy//AOCefgH4HeHPF/j7xR+zL8XP+En+HmuCJ4/C MsM6XGjz5UrM7XUolOcSRhjAN67QZHMeTgf8Ecv+SB/ED/sedQ/9IrKgD9X4dY0i41GfSLe+glv7 ZQ0tusqtNGpxgsgO5QcjkjuKy/EXjTwd4PSKTxbrthoiTnbGb66itg5JxhTKy5OfSvya+DmuW3hn /gpr+1D4kvBm30rwzbXcg6fJBbWEjfotfnZ8Evi/+xl8WNa8XfGL9vvVdS8T+N9fv5Vs9OCai1jp +n4DRiFrRlIAZ2RELbY1UEDcS1AH9SlneWeoWsV7YTx3NvMu6OWJg6Op7qy5BHuKqW2t6LeX8+lW d/bz3tqMzQRyo0sY/wBtASy9e4r8KP8AgnV8ZfA3h39rXxh8BPgX4iv9c+DniHT5NU0S31ITLLp9 7AEklijWYAhSHlDHGXCxliWBJ/Vj4dfss/Df4Y/G/wAbfH7w7c6jJ4k8eoyahHcTRvaIGkSQ+TGs SuvKD7ztxmgD6TooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiii gAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKA CiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAK KKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooA//9H9/KKKKACi iigAooooAK8a/aB+DOi/tAfCPxB8KdduGsotZiTyrlF3tb3MLrLDLtyNwWRRuXI3LlcjOa9lorWj WlTmqkHZp3XyKhJxaktz+cbRP+CR37QVz4wTSde1rRbHw+suJNShmkncw56x25jRi+P4WZVz/FX9 B/gbwdo3w88F6F4D8OoyaX4esrewtg53P5VtGI1LNxliFyx7nJrqqK9fOOIsTjlFV2rLsrfM6cVj qla3P0CiiivDOQ/Kj/goV8O/iB41+Pf7KuseDfDOp69YeHfFMlxqdxYWU91DYwm90txJcvEjLCm2 NzucgYVjnAOOp/ag+JH7WnwO+PmifEDw54e1D4m/A3ULBrbVPD+k2MNxd2lyVKvIdkLTsp+SRS7N GfnjbZlWr9LqKAPwX0X4c6p+09+2D8Lfi38HPgXqnwX8L+CbxNS1vV9S09NHOqeVMkqxrboojkc7 GiLIXZlkbeVCCvcPG/xt/ab+A3xu8feHP2hPh3rPxp+D/iObzvD82j6PbXiWNvvZo7eWOKJEZgri NxcEOWjDoWDEn9eKKAPxi/Yo+CfizV/2v/GH7T2i/C67+Cfw6utKfTrHRLyH7FPdzy+QWf7HtURR HyzK21QgfaEL/OR5r+zz41+Pn/BP3xB8Q/gr4j+CXiXx9o2ta7Pqeh6loNrJPFctKoiGZESRNskU cTFc+ZEdwZDnj956KAPxZ/Yv+Hnx71z9sP40fEL9oTwJe+GI/H/h1CxNvL9gVLxrYx2cd0y+VJND b4SRQxZWVgwBBA5D4HeIPjh/wTtPif4I/EH4Pa78SvA51Ce/0DXvD9n9sLJNhBHMFUrHvCBijMrx vuwsispH7q0UAfnD+yR4m/a2+L/xa8U/F34raHL8N/hdLbi30LwteWVvFfNN8i+fJI8CXSqFV2bc UDPIAilFr3j4ZfHD4p+NPj/49+FXif4Y6h4a8K+FkZtN8RzpcC11UiREAiaSBIjlWLfJI/C/jX1N RQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFF ABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUA FFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAU UUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAf//S/fyiiigAooooAKKKKACi iigAooooAKKKKACivkv9o744+Ifh3fWPhbwlsgv7qD7VLcyIJNkbOyIqK2VySjElgeMYHPGX+zt8 evE3jrXpvB/jJo7q4aFp7e5SNYmJjxuR1QBTwcggDoc5yMb/AFaXJz9Dy3nFFV/q/X8D7IooorA9 QK/LK8/bo/aM8SfF/wCJPwv+CfwGTxzD8N9UOnXl2uuxWbfM8iwu0c0S48zynOFZsY5PTP6m1+Vn 7B3/ACdj+2N/2M+nf+jdSoA7v4b/ALemtN8VtF+C37S/wr1L4PeIfFL+Xo1xc3SX2m3svQRi5VIg rsxCKF8wbmUMVLLnY/ab/bA+Jnwd+OXg/wCA3wo+GSfEPX/F+lzajbxnU109/wBwZjIg8yNk+WOF nyXGegGcZ8t/4K/2mlL+yrZ+IZwI9X0bxFp02mTgYkjnYSqwVuozHuJHQlQcZAI8e/a2+Ini74ff 8FBPgL4/0PwXe+NNetfCV6/9haacXUz3EV9HKsZ2v/qg7OflPyqfrQB674m/b6/aI+DdpB4q/aJ/ Zs1Hwt4NM8cN1qthrEGo/ZfNYKrPFHGFwSQo3yICxCgliAf0+8O+INH8WeH9M8U+Hrlb3StZtYb2 0nUELLb3CCSJwCAcMjAjIzzX5A/Hj4p/th/tbfDTU/gN4O/Zy1LwVb+KzDb3ur+IbxI4LaCOVJWK o8UfOUHzAuwGdqFsYs/ETw/8QNb+Mnwc/wCCdPgzxvqPhXwl4W8G2uoeJNV0mRrXUb+OzQ2yxRyc mNWMSnAO0eadwfYFoA/Y2vzF8bftvfHwftC+PPgP8FPginj+bwIbVrm5GtRWTGO6hjlVyk0QUfM5 XAZuma8z8SeGfF/7Bf7RXwft/A/jnXfEnwz+KurL4d1PRtfvWv8A7JdzskcNxbSMo2fNKHOACdhV iysNnlWm/Gfx58Gf+CiH7RGo+BPhfq/xPm1KLSIprfSG2vaqlrAwkk/dycMTgcDkUAfU2g/t+fEH wh8SvC/w6/am+C1/8K4vGVylnpmrLqEep2TXMjBFjkaKNVT5ioJDsV3BmULlq/TWvxf+KOkftS/t 7+L/AIe+EPEfwdufhL8P/Cutwa3qOo6xdJJeTeRlfLhjCROpZGcBQrAsVZmULz+0FAHiHwi+InxG 8c694903x34Fn8H2XhnW59P0i5mlMg1ixid1S9QFE2rIFDAAt97qa9vr8UPBPjv4/wB38OP23Jvh fqepax4u0LxrqdtokXmyXU1pbC8kWZLKNi+xo7feYkjH3lXaM4r5v+EniH4N+J4PB9/8Hf2kfFPg D42W9zZ/2tbeN7y5fTdQuMbbmGRCpgfdKcRo8xJX5WXcQygH9H9fl/8AFH/gqB8FvA/xh8PfD3S9 RtpdLttW1jS/Ft1dw3SS6X/ZgURywLHGy3CzSCRV2bido4Ga/T5d20b8bsc46Zr80/2gf+Cc9h+0 F8UvE3xa8QfEC/tNauYNMj8NslumzQXsphJMwVHjFyJAPk37WQsxLMQpUA+8fhf8SvCXxh8A6L8S /Al015oOvwme1ldDGxUMUIZG5VlZSCD0Irva/Dj/AIK6+NviV8KNF+Blt4D8V6lpl+kmpxzT2Uxs /tctsliEeaKDZE2WJOzbsG4gKAcV84/tk/Dr9pH9ie8+H/xzh+OGu+KfFGv3cq6kJ5pVtVu4VWYx xxeYUktW3OnlMgUKBhQDtUA/pVor8QP23/jp8aPjD+0j4C/Yr+DPiGbwRbeJILK61PUraSSK4c3c bzsheJlcww267zGrL5rnaxwBXivxQi+O3/BLr4yfDzWbb4oan4/+HnjCSRL+w1N5NpS1eIXa+VJJ Msb7JlkimjKtkFWBUEOAfr38T/2vPhz8M/jz4H/ZyntbvUvGPjWWAqkSbLa0tZ2kVZpZW+8SY2Co gY8fMVGM+G/tP/8ABRj4Z/AfxfH8NdFuLa+8WaZr2lWGtWt8lxFDb6ZfwGea8imjVkcwBowy5yCx GDivyw/a1+Amv6h/wUw0DwDH4/1O3uviBNBqNrqa7/tGjR3s9ztt7b98Dsh8s7NrIPmOAO/6k/Gz /gnZp3x9l8KQfEX4g6lqen+D/CLaFZwPEqsdXWJIk1aSUPvkLFd8kMjNuYD59pYEA+yvgr8cvhr+ 0J4Ofx98KtTbVtES8nsfPaGSAma3I3fu5QrgEMrLuUEqQcCvXK86+EngfUPhr8NPDngLVtbk8R3m hWUVrLqMsKW8l00Yx5jRx/KDjjqzHGWZmJY/FX7dCXc3iDwNH49+NMHwh+Ei/aX1qOx1CWy1/V7h RmOK1EUTl4Y/l37W4DsWUkR0Afo1RX8+3wI+LXw58Gftw/Dnwb+yv8UPEnjP4e+MkvbTW7LXJLyW 2F1FBLIjwG7ihJIIRtwUsCCNxV9tf0DSSJFG0srBUQFmJ6ADkk0APr5Z/at/aOuv2bPDngvXrXQU 19vFvijT/DrRvcG2EC3sczmcERybivlY24Gc9Rjn4C+AHwr8V/8ABQfw74p/aC+LfxK8UaFpuo6v d2fhrSPD2ovYWem2tphEnMRV1eYk4JIBO0liSwCch+094I+PXw5/Zo+DHgv9oXxLaeLtd0z4s6RH ZanbyzTTT6b5F15H2t5o42M4O4E5f5duXZgTQB+senfET4jXf7QOqfDC68Cz23gmz0RdRg8UGUmG 4vjLEhshHsADBHd87yfkPHPHt9fl+fiXrnhb/gpD8Tk1TVbybwx4d+Fj6wdNNzJ9kWS3uLR2lWEk xrIU3DeFzgn1Nfm94C+PH7P/AMctH1b4m/tZ/tGeLPCvj7V7u5fT9J0EapBY6DbqxW3ES21pLC7Y +bKvkqQHPmFmoA/phor+f+P9qX4i/Ez/AIJi/GK9u/F11qPif4e6zp2k2viO1eWzvL+wfVLI29yz Dy5UeSN3jbdh2UfvMsWJ6z41/s5/Ev4e/sop+1uPjT4yuPixpen6brdxI2pbdNP2uSEyWsdqqgJF GsnyrkqxXDJtbaoB+q3xR/aE8M/C34o/DL4Sajp91e6z8ULu7t7J4tiwW8dlGsk0kzMd2fnQKqqc 5OSuOffq/Br9oz4d2nxn/aH/AGSfGev+INc0+8+LumPc340/UGt1sHj06zl3acAp+zNIZD5hGd+B 6V+6ejaZHomj2OjQzTXEdhBFbrLcOZJpBEoQNI55ZzjLMepyaANKivxj/aN/4VqPjt4zu/2xv2iJ vDfhmNYE8OeEvCup3iT2tuU+aXUbe2tncTSYWReGzuPzbAgrlf2GvjBq+q6d+0r8OPDHjbWfF/gX wppbX3he+1l5hqMEFxb3J+9KEkUfKhA2qMrvVV3EUAfuNXi/7Qnxv8N/s5/CHX/jF4stLm/07QVh 3W9oFM0slzMlvEo3sqgGSRdzE8Lk4JGD81/sB+JPEXiT9grwb4j8Rapdapq09lrbSXl1O89w5j1C 8VC0shLkqqgDJ4AAHAFflx4t07VviZ/wSB0/4l+MvE2tahrPhzU7goZb+WSO8FzrcVvtvFkLGdYl 5iBb5GAIoA/Yb42ftR3HwmvvglbWfh1dTT4v6/pujMZLkxGwS/MQ80ARt5pTzfu/KDjqM19e1+DP 7Xnwi1PwJ8Mf2WPAXw48Uas2tar4xsZdP1TVbk6hdWd9epbiF0Zwo8uGQqyR9BjFdn8bfhB4u/Yg 8efB34qfDj4q+LvEA8T+LdP0DxBZa/qRvrfUI7zcZJCm1FBKI4G4MVJVkZWXJAP2zor8Cfj5+0n8 Nvib+1r46+G/7RXxb1r4a/DD4e7NP0/S9AF6kur6hjFzLczWUEx2xsCNrgcbAmD5hPqX7CP7RmiH 9pvxH+zv8O/iVqfxT+GOoaS2raFfa0tz/aGnXUDKJ7MvdRQySIUZmzt2Dau0AmTIB+0leafGP4p+ H/gl8MPEfxW8Uw3Fzpfhq1N1PFaqrzyAEKFQOyrkswHLADqTX4q/sN/s4+OP2uP2eW8b/Fz4yeNI EtL67sdDt9P1V4o7YxESNczlw7XEhmkYLuYFUUKGxtCZr6t4z+O//BLHxvqXxV8Tapf658L9YvrK K6iu2R9QS0MKol+Tk3CKLkjDHJKIxJIyQD9ZPF/x2+IEfwe+G/xT+Ffw8ufGE/jqbR3udPjnKvpu n6patcSXLusb7xAdiHhQS2cjpX1HX4UfFHw7qvwK/Yd/Z2uPAvi7xAs/i7xf4Pv7uS41OZ3jS+0i QyWcLJsKWYMalYOVB9a9++I//Cb/ALWf7afij9nB/GureD/ht8L9HtbrU4dAunsrvVb7UY4pEimn XOYlWT7pBA2EAbm3KAfqzRX53fCv9nv9pL9nnVviXo3g/wCI8PiD4dX+jSyeGD4qvp7m+0jWAg2v M/2cx/Y0JdnCnkBPkzvY/mL8QL79nTQ/hfqd/wCK/wBqPxR4u+P1vaXV1FdeH9T1G80z+00DSJDb tFbiNbUEBS/mIduXXaMIAD9zP2lv2hfDP7MnwvuPid4p0+61SBbqCygtrTYHluLkkRhmcgInBLNy QOiscCtD4lfET4jeEviL8OvCnhDwLP4m0LxVc3cOtatHKUj0SKARGKSRQjBxKXcDLLjYeuePxQ/a nu9c+OX/AATY+D/x08ea7qNx4khuYNPnWK4Mdreb7qW3NxcwgbZJwtupV+NpZzj5q+vPjXoWr/Av 49/se/Cnwj4t1+80afWPEaXj6jqc1zcX6O1pMq3b5UTrGZWWMOpCrwKAP1ior8cfAnhHxX+358b/ AIu618QfHev+Hvhz8Otbm8OaJougXraes01qzLJdXDAHcxCq4yC2XwCqptbmdM8b/Fj4G3/7T/7I /iLxrqXivTvDXw71jxT4V1m/uGbVbSH7GQYmuBh2ZHmXY24bTGWQKG2qAftpRX4PfDn9mP4gfFf9 iu3/AGi/Gfxn8aDx3a+H7vVNGW21V4bGzi06OQW0RjA3u0qRAyy71clskkgl/wBOP2I/iX4o+L/7 K3w7+IXjW5+265qVjJHdXBADTyWlxLbea2MDe4iDNgY3E0AfVNFflB/wUQuvilqHx2/Zp+Hvwv8A Gmo+Cbjxjf69p9zd2EzpthkWwjeQxghXeKKSQxFuUY5Uq3zDwD4mfBL4q/Ab9qj4c/An4PfGjxfb eH/jVaXdvqs+p6iL69gFoRLdz2zsipFO8S4jmVfMRi2G2nFAH7vUV+QHgDwX4h/ZV/4KCeCvg74T 8ceIfEfgv4leHtQvLyz16/a/aO8tEnl81GIUBiYV+baG+ZwSQQB8iyftL/A/9oH4r/EHxJ+1d8bv EfgbRNK1WbTvC/hzw8dQhhjs7dsLezSWdrOjyucEbsPuDZ+Ty1AB/RB4j12x8LeHtU8Tapu+x6Ra z3k+wbn8q3QyPtHGTtU4Ga+DPiH+3rY+Hf2OdK/a68J+EpL+y1q++y2+mXtyLeUR/bJrQPJJGkoD Hyd+0AgZxuOMn4r/AGffil/w0B8Hv2hv2c7/AOJGs+NfDPgixOq+G/Eyyz2OrXWnKkkot7h5o1mZ UeJEfeuXV3UHy9gHzVrvw007wt/wSO0/x/a6vqt5deMNUsjPZ3d201hafYtTvol+x25AEHmA5lwT vbBNAH9OtFfhn+1J+z18UP2Xvggn7VWhfGnxhqPxO0C506fVje6h5mmXj3dxHFJCtmFCrCkknyxM zpsypXkY9s/aA8ZfEf8AaL/aa+HP7J/hTxVf+BPC2o+Gl8V+JbvR5Tb6hPFIWCWsU3JVQVUf3T5h LB9gWgD9YKK/HnxJ4Z8X/sF/tFfB+38D+Odd8SfDP4q6svh3U9G1+9a/+yXc7JHDcW0jKNnzShzg AnYVYsrDYzwX4K8Q/t7fHj4va/498eeIPD/gX4Z63L4Z0DS/Dt++nq09oziW9lYBgznCupxk7gMh UCkA+5PhX+0bdfEj9on4t/AuXQksIfhl/Zmy+FwZGvP7QhMp3RbFEezGBhmz7V9S1+PP/BP3wX4r +HX7Xv7Svgnxr4gufFWqaQugw/2peNuurq28uU2rzt/FL9nMYducsCcnOa/YagAooooAKKKKACii igAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKK ACiiigAooooAKKKKACiiigAooooAKKKKAP/T/fyiiigAooooAKKKKACiiigAooooAKKKKAPnz43f Am1+LDWeqWV6NO1exQwh3UvHLESWCMAQRtJJBGepBB4xQ+CX7P0Hwtv7jxBqt+upatNGYU8tSkUM bEFsZOWZiByQMDjHJr6SorX28uXkvocDyyi63t+X3gooorI7wr8ZfCvg/wDbo/Z7/aI+Ovjj4XfB a08a6F8TNcS9trm513TrLEFtJcmNlja5D/OLg5DqpGOnNfs1RQB+Rd/+z9+1/wDth/EfwfqX7W+k 6N4C+Gvgq9XU/wDhHdNuhez6ndJjaJ2jkmjK4yjNvXajMqJly492+J3wS+J3iL/goP8AB3446Po3 2jwT4V0HU7LUtQ+0W6eRcXEF8kaeQ0gnfc0yDKRsBnkjBx9/UUAFfnb+1D8D/jfp/wAffBf7XX7N +n2niTxN4c06TRNX8PXlylmNT02R3dfJnk2okimVyS7D7sZAbaUb9EqKAPyyi+Fv7TH7WPx7+HPx N+PPgq3+FHgT4V3X9r6fpH9pQ6rqGoaorxvG8kkAVUjRolOGUEAEANv3J6f8Dfgl8TvB37bvx4+L 3iPRvsnhLxnbaXHpN79ot5PtLW8Mayjyo5Gmj2lSP3iLntmvv6igAooooA/Kj4ffs3/tN+HfDv7U 0fhK8PgDxR4+8Z32t+FNS8+1nW4tmuZJkLiMzGFZ4zsO9VkTdu2/KRXhfxm+F37Y37WvgPTPhD8R v2edC8NeKY5LKK+8fXWqWMzRpbshkmgjtwZx5wUh0R5BhiNoOCv7l0UAYfhnRv8AhHPDek+HvtMl 5/ZdpBa+fKcyS+RGqb3P95sZPua3KKKAPyb/AOCof7M/xt/aKk+FLfBzw5/wkA8NXepyah/plpae Qlx9k8s/6VNFv3eU/wBzcRjnGRnW/wCCpv7OHxn/AGjvh/4I0T4MeHv+EhvdH1S4uLqP7XaWnlxP BsVt13NCrZbjCkn2r9TqKAPyD/bH/Yz+Nut/EbwJ+1R+zPNE3xF8IWtjb3WlzyRRi4NmG2yRySss THaxiljZlV48bTnIbyOb9mX9tj9t340eDPGH7X+g6b4C8EeCX8xdPspYybkNIjzJFElxdSB5zGiy PK6qqKCgJGD+7FFAH4x/t0/s5/tQX/7W3w+/af8A2dvC9t4uk8O2NpAbaeeGJYru0uJ3AmSWe3Zo pEmA3I+QQ2SvBP61fDq88Z6h4A8N33xHsYdL8WXGm2j6va27K8MGoNEpuY42V5AUWXcFw7cY+Y9a 7KigAr8qP2vPgT8Zp/2rPAn7TPgj4d2Xxk8PaDo7aVdeG7y6t7ZoJt9w4uY/tQMZP75SpCSMGTkA bWX9V6KAPxzvvhV+2Z8Tv2q/gv8AtBeMfhpp/hTwn4Qu5rIaDZatZ3N1pVlOmyS8uZN0UUvmGTIS 33Oqx7THuILfsWQCMHkGlooA/IP4ZeCv2yf2IIvFfwl+Enwttfi54D1LU7jUfDl8msW2nTaeLogf Z7yKfDOFCgkqFXdkiTDbUxvHv7Kf7Wvin4CeAbHxxqE3jzx/L8TbHxdq9u2pI1to2mrFOrW1q95M qmKAuD5cRPLlUDKgY/srRQB+ftv8AfHepft8eO/itr+i/wDFuvE3w9PhwXwuLcmW6luLUyQ+SJDO v7tHO8x7OOuSAfnv4S+Hf24f2NfCOofAjwf8I7H4weGbG7uZPDWtxava6eYIbqRpvLvIJ8O2Hcu2 NgDFlWRl2lf2GooA/KL4h/s7/ta+N/2AfHvw2+Iupp46+LHjC8sb2GwhktLa3s4YtRtJzaRzv5ER 8uOKSRmZsZOxCwClvpD9o74T+P8Ax5+xHrfwh8J6X9u8W3fh/T7GKy8+GLdcQGAyJ5srrCMbG5Lg HHB6V9m0UAfkt8cfgR+0bpWj/sqfEn4WeD4fFXiT4Lactrq2hyX9vauZJrG0gcLO7iJgjQSKzIzc lWUMuSP1N8M32s6n4b0nUvEWm/2Nq13aQTXlj5qT/ZbiSNWlg82MlH8tyV3KSGxkcVuUUAfi/wCF vhD+0v8As3/tFfFnxlo/wK0/41Q/EHWZtV0jXn1WxsbmxSaWWUQO12rvGFEiqwVUUlBtZhgL6D+y 5+zr+0ponx0+Ofij9oTSbO3tPi5pEJOp6XdQzWkNw6lGs0hZxcgwRzFAzR7D5Rw5ypP6v0UAfi58 GPBv/BQb4MfBqf8AZA0X4ZaTdWUTX9lp/jZ9ZgWytbHUZpJJJ2tBm4ldGmd0GFcDAMTAc7Hh39kH 45XP/BLjU/2adT0WLTPiFJNLdRWEt3bOjmLV1vlT7RDI8IaWJCFJcAMQHKjJH7F0UAfkf4s+Gn7U /wAb9E/Zq1fxf8Ml8L6t8M/HOmXWsWy6rYzqmk2BtSb8ETDO/bJ+5TfINvAIIJ+g/wBu74M/En4z aJ8KbP4baR/a83hrx1pOs6gv2i3t/IsLZJhLNm4kjD7Sw+VNznPCnmvu2igD8tvF/wAJP2j/ANnD 9prxr8e/gB4Ltfij4Q+J8dvJrmgvfwade2t9aqQs8Ms42MpLOwChyd7qVGFevWv2atJ/a+8V/FXx J8Xf2hI4fAnha6tVtNG8F2s9te+Q4K5uZ7mFTlsK2AHBYucqgRVP3fRQB8I/8E5vgz8SfgN+zRY/ D74r6R/Yevw6nf3D232iC5xFM4KN5ltJLHyB03ZHcCvnv4Ufsl/Gq0/YY+NHwL8S6RFo3izxfrWs X2mQTXdvLHNFMLZ7cmW3klRPNaErhiCvVgBzX65UUAfjB4w+EH7W3xh/ZT+EXww8S/C1dA8R/DHx f4bDxLq1hKLrR9I0+W3kv93nhEO9gDEGZjnKgjOPcPi18Jf2hPgz+1Vqf7Vv7PPhe3+Iun+NNLg0 3xJ4dkvotOuvMtFRIbm2mmHl4CQxjHzNneNpDBk/S+igD8lL/wCCX7af7S+jfFzxV8WLxvhnF4q8 NNoXhzwdFqrXdnFJvWVrm9MDNDvlCtCXCb9srZVRGoPnPgTwF+2da/s7yfsu+EP2fdC+HmoXOjya Hqfi+fV7Iw3EMkRimnFvaq873Fwhb597qsjbjgcL+2NFAH4ya5+yb+0F4m/4JkeGvgGfDaad8RvC t/8Aaxpk17aOLhYr+eZRHcRSvBlopgwDSLyCCRxn1fxp4C/aW+OvxS/Zd+L3i74bjwndeBtW12bx JZrqllcrYQTm1S2lVhKGlEyxM22NXZDww6E/qJRQB+VFt8N/2pP2RPjj8SPF/wAD/AMHxb+HfxR1 Ftbk05NUg0q/0vU5mZpcNOCrRO8jABVf5AmShU787w7+y3+0B4zsf2hvj98YdPtLL4m/FLwdqvhj Q/DdjcxSxWNpLZ+XBDJdFxCZJZI4gW3BAQzsw3lU/WiigD4y+Dfwn8f+FP2F9O+Dev6X9l8YQeEr 3THsfPhfF3NDMiR+cjtDyzAbg+0Z5Nb37D3w08bfB/8AZX8B/Df4i6d/ZPiLRYLtLu186G48ppb2 eZB5kDyRtlHU/KxxnB5yK+r6KAPhH9pz4M/En4h/tL/s2fEHwfpH2/QPAGp6zca3c/aIIvskV0lo IW8uWRJJNxifiJXIxyBkZX45/Bn4k+Mf2y/gB8V/Dmkfa/CvgmPW11e8+0QR/ZTd2xjh/dSSLLJv bj92jY74FfdtFAHwn8S/g18SfEH7e3wg+NOkaR5/gzwtoWrWepX/ANogXyJ7mG5SJPJaQTPuMijK IwGeSMGvnvwr8N/2q/2LvH3xB0/4O/DS1+MPwz8b6rPrlhDHqltpl9pV5dYDxyfaFO9MKqfIrAqi tuRiyn9cKKAPgv4DfDf9qjxL4I+KGq/tKavb6fqnxAhubbSPDlu0MtroNvNFJGFaeBTvY71BAdwF TcSWchfz6uv2cv20PEf7Ct1+yTq3wpjttQ8IalazaVfRazp7LqkUl9c3M52vOqx+UJF2lmBcHoGB FfvzRQB8Z/t//Cjx/wDG39lXxd8N/hhpf9s+I9Tl01re18+G33i3voJpP3lw8cY2ojHlhnGBk4Fe L/HL4AfHnw18Uvhh+1P+z9plp4g8X+EdBi8Pa54cvLqO1XUbDDHENwxEayI0j5Znx8sZXcFKN+ml FAH5ZRfC39pj9rH49/Dn4m/HnwVb/CjwJ8K7r+19P0j+0odV1DUNUV43jeSSAKqRo0SnDKCACAG3 7kYfh/8AtP8A7Jfx4+Ivi/4GfD6H4teAfivfHWZrBdTt9Ju9L1eVnMvzz5VopGcnIQ8bQShU7/1Q ooA/Mr9ij4O/tLeEvj98avi9+0ToVrpVz8Qk0m4tnsruC5t90ayFrZBHI0o+yoyQlnUBipKM6/Mf 01oooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAC iiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD//U/fyiiigAooooAKKKKACi iigAooooAKKKKACivgX9r/xd4itte0vwjbXEltpUlmLp1RiomlaR0w+PvBAgwD3OfSsT9kjxd4jX xnP4SNxJcaTcWskxiZiyQvGVw6g/dznacdcjPQV1fVXyc9zw3nkVivq3L5X8/Q/RWiiiuU9wK/Fn wLqP7Z/7SPx/+PPhfwH8dn8C6L8N/Ekmn2lq+jWd8DBNNcrGqsVRgI1gxlixOevHP7TV+BnwM+BP xL+M37UX7Uk3w++L+s/C1dK8Xstwmkx+YL0zXF6UMn72PBi2Nt6/eNAH1N8Ivi5+0/8ABf8Aa10D 9lb9onxTY/ErT/HOlXGo6PrNrZx2V1bNaJNIyTxQoq7W8h1O7dyUIk+8o/Rvw78Q/A3i7Xde8L+G Nds9U1fwtLHBqtrbzLJNZSzbjGk6A5QtsbAPXB9K/GDSfA/xB/Yh/bZ+G+r/ABP8Sr8aD8aH/wCE etdc1RJk1nSnWWKIiEPPOixZuY95GcpuAEfO/wCk/wBigj/hr79sJe/9vaIcexS+oA+5da+Onwi0 I+LIdS8X6Xb3HgaOGTWo5LlFbTxc48g3IzmMSEjbnrmvmX9gb9rI/tQ/C+TVvF+r6WfHMd1eTXek 2JCPZ2XnlLcmIs0gTbgB2JLHqa8Q+AGm6B4r/bh/a+0rWLO31bTbiPQYpre5iSeGQxWzAq8bgq21 17jqK2f+CRfhvw7a/slaT4ntdLtYdYvb/Uobi9SCNbmaKO5OxJJgN7KvYEkDtQB+oF5eWenWc+oa hPHa2trG0sssrBI440G5ndmwFVQCSScAV4T4T/ar/Zu8d+Lh4D8HfErQtY16RtkVrbX0UjTsOdsL A7ZTjtGWPX0r5N/4Kp65qtp+z74b8H2d7NpuneOPF2k6HqlxC5j22E6TyyKxH8LGJcg8EAg8cHvv jl+xj+yHc/DjQoPEMGn/AAo0/wAG3dnPZ+INNks9IvLZ42CRI99cRsG8x2XPmbi0m1s78GgD7B0v 4h+Btb8Yaz8PtI12zvPEvh5IZNR06KZWurRLhQ8TSxg7lDqwKk9QRRZfEPwLqPjXUfhvY67Zz+Kd Jt0u7vTEmU3cFvJt2SyRZ3Kjb1wSMcj1r87f2eJoZv8AgpX+0tJDMJ0l0fwy6SAgh1On2pDArwQQ Qcjjnim/Cy4hm/4Kr/G6OJwzQeDNKRwP4WK2DYP/AAFgfxoA+wLL9rT9mXUtT0PRrD4n+H7i98Sn bp0aX8LG5bzDCApDYBaRSigkbmBVcmix/a0/Zl1LU9D0bT/id4fuL3xK23To0v4mNy3mGEBSGwC0 qlFBI3MCq5Nfmr/wSa/Zy+Dut/s+23xf8T+FrDWPFjeILi4tNRuoRLcWf9nmMQCBm/1e2QM+VwSS M5wMR/8ABKD9nf4Q6p+zxD8ZfEXhGx17xeuvXN1ZXtxCstzanTtgt1t3b/VkSKz5XGSRnOBgA/UL 4jftM/s/fCPW4vDXxK8f6P4e1aUIwtLq6RZ1R/uu8YJZFbszAA+td7c/EjwBaeBm+Js/iKwHhJbc XZ1YXEbWX2c9JROpKFPcHFfz8fsXX3xY8W+CvFnxT/4Ze0/47ar431m9l1LxFqmu6XbuXbaXtEtb 2GRokQsWOMBtw/hVQPQ/C3gP4u/DP9jD9q/wp488KDwT4XkY6hoGjDV7PWBpwu5HFzaCW2kdlEPl wj94qbiSQC280Afrdqf7XX7MGj69Z+GdT+KPh+31K+SKSKJtQi+7OqvEXbO2PerqyhypIII4rwP9 sD9smz+APxE+EvgLSdd0iy/4SjXbL/hInu2DTWOhPMge4ALBY0kAdfNYEAK23B5HzhP+y38C9O/4 JbNraeDdMfXZvAUfiZtVa1jOof2jJZLf+YLojzRhzsADY8v5MbcivHPHWh6F4p+H37AOreJNMtNT vdX1TQ9PvZ7mCOWS6tIvsyrBOzqTJGAT8jEjk8cmgD949B13RvFGiWHiTw7exalpWqwRXVpdQOJI p4JlDxyIw4ZWUggjqDXlfjH9o/4C/D691vTPG3j7RtFvfDhtl1C3uryOOe3a7j86BWjJ37pY/nRQ CSvIGK9e07TtP0fT7bSdJtYrKxs40hgggRY4oooxtRERQFVVAAAAAA4FfkL4C+EHw5+Jn/BVT48a 54+0q11yTwvpWgy2FpeRpPAJrnTLJGnMTgqzRqu1cghS+cbgpAB+o/w4+Knw3+L2gf8ACUfDDxJY +JtLWQxPPYzrMscoAJSQA5R8EHawBwQcYIrz7xx+1X+zf8NfEp8G+O/iPomi62hCyWk95GJYSRkC YAnysjn95t4x61+dOpQR/s4/t6/E3SfgfYJYaX4g+F174lvtKswIrKHVrJpPImECgIrExqOB1nY/ xGu1/wCCdP7O3wT8cfslaX488eeF9O8Y+IfiHLql1reoarbx3tzNJ9tng2ebKGdMKgJ2sD5hZ85O QAfqBL4t8KweGG8azazZJ4eS2+2HUmuIxZi227/OM+7y/L287923HOa8f8B/tWfs3/E7xGvhHwF8 R9F1rWpCyxWkN2nnTFRk+SrYMuBz8m7gE9q/HX4XfCjxF8Vf2Uf2kP2VvB3iiKw0jwR47uLTw7Nq VyI7WW3t7syCzeY9FkMPmDt5r7jwTS+KfFfhTwRqPw+0z9tD9meT4T/8IrqtidP8Y+DvJis47mDJ iWSS3V/3QK+aUFxJJ8u5VyCCAftR8Uf2g/gl8FJbS3+K3jXS/DNxfLvggvLhVnlQHaXWIZkKA8bt u3PGaoa98TPC3xB+Bni7xt8I/HulRW66RqX2XxFFPFc2Wm3MVs5FxMw3qBbNiSRWBwBytfnH+0P8 IfjJ4S/a58RftHfDn4eaB8eNH1jR7OyvNAv5oHv9ISKONCbeKYttE3lFlZI5GO+RdgHJ474SeLfg NqfwF/a20f4deCNY+FfjabwxrN54h8K6mdtvZt/Z10EayiCRiOMFyGXy0IBQbdmygD1/4sfHX4q/ DTwj+yi1t8TbTXk8Y+KtPsPEeu2SW5sdWsZJ4xMwd4wscZRmBZAhHJyMV93fD79pj9n74reIZvCX w4+IOjeIdZgDMbS0vI5JnVBlmjXOZFUdWTcB61+JvxD8H6H8Qv2WP2GfAfiZiukeIvEFnp95htjG 3upVikUN/CSrEA9ic19Mf8FI/hJ8NPgn8Lfh98Y/g/4b0/wl4x8F+J9Lh0qXSraK0eZGEjfZn8tQ JBmMMN+ejDozAgH3NpmseLT+1r4g0eX4mabd+H4fCyzReC0Ef9pWtz58A/tF/k3+SQWTlyMyDjpj 4S+D3xy+N/xS/wCCfVt8Std+Mlh4D8YT69NbN4n1mK2it1gjn2iAqIfKBccKdmfevT/C3/KWfx7/ ANkwj/8AS2xr8zpP+UNEX/Y3n/0qNAH6t/Gj9uHw98Mf2v8AwH8Eb3xRomleEGtL+48UXdzIomtL lbWV7O3kkZtsIdvKfldzblAIBIP3B4P+Jnw++IF5rWn+CPENlrl14cuTZ6lFaTLK9ncqWUxTKpyj ZVhg9wfSvzQ+PHgLwNrP/BT34H2Wr+HdNvrfWvD+tTX8c9pDKl3LDa3QjedWUiRkCKFL5I2jHQU7 UL/Tv2TP+CjGo63qcq6Z4C+POgTXk8h+SCHWNFjMsrH38tWY+r3NAH6Z2PxF8Can431H4a6fr9nc +KtIt0urzTI5la7t4JdpSSSIHcqsHUgkc7h618x/t3/tIp+zZ+z/AOIPEeg61Zab44v7fytAguSj SzzGeCGeSGF+JWto5vNIIZRgbgVyD45/wTe0PU/G2kfEf9rfxVbtFrHxl164uLNZOWh0ewd4bWIE 8gK29PdUQ88V0H/BU/w/oOpfsVePdc1DTba61LSBphsrmWFHntTPqtkkvkyMC0fmL8r7SNw4ORQB d/Yy8YXOmfBnV/i/8WP2gbP4lafdraSXt3P9ms7HQLpYfOubQzK+0n9/GG3BPurhBuxX0n8N/wBp j4AfF/WJfD3wz8faR4h1WFWc2lrdIbgon3nSM4Z1HdlBA9a/Ln9obwL4S1zxd+x3+z7NpVto3w+8 aTHVdZsrKNLS31O9tLO02CdYgoZmDFCx+YiTqCAa63/gpn8Kvhp8F/hN4P8Ajz8KNA0/wb418E+I tNGm3Ok20Vk0qNvJt3WFVEijYGAYHAVgPlZgQD9GvGv7TH7P/wAONQ1bSfHXxA0bRL/Q5LaG+trm 7RJ4JLyPzYFeLO/Mkfzrx93LdBmvXND13RfE+jWXiLw5fwappWpQpcWt1ayLNBPDINySRyISrKwO QQcGvx18I/A74afGn/gqN8e7n4peHrTxHZaFo2iPBZX8YmgWe606xTzGjOVZkRWAzkAtkcgEfsZo mi6T4b0aw8O6DaR2GmaXbxWtrbxLtjhggQJHGijoqqAAOwFAHlXxO/aL+BXwZuYrH4peOtJ8N3k6 eYltdXSLctGTgOIATIVzxu24966LwT8Xvhf8SPCc/jrwH4p07XtAtQ5nvLS4SWKHyl3uJSDmMqvJ DAEDnGK/JvUfFXwpj/al+LWofBP4H63+0T48nvI7TXb7VpLGPR9JuIA0X2OzuLi3YRKuzy23jJ8o BWZVJPE/sYwa3ovxO/bC8P6t4XtvAUh0mK5n8O2FzHc2enzvb3TGOJ4cRHbvP3AFXO0cAUAfqVqn 7ZP7KuijS21P4q+HoV1lBLan7fEweMsyByVJCIWVhufaMg816/4o+Jfw+8E+Gbfxp4s8RWGlaBdt AkN/PcIltIbn/U7JSdreZn5SDz2r8v8A/gm5+zB8BvFf7Fekav4q8J6b4gv/AB7/AGkdUubu3jmn xFdz2kcUUrKXiEaRArsIIclxyc18J69rOsat/wAEo9d8NarfS3em+FfiD/Yul3c7+Zu06GSN42U/ 3FaV1A6ADAwAAAD959G/am/Zy8Q+Oh8M9D+I+h33idpTbrYxXsbSSTglTFGQdryAgjYrFs9q98r8 p/22v2YPgT8OP2ItZn8FeHbLQNR+HltY3mjavaxJDqCXUNxCgka6jAkd59xDksdzMG+8FI/Qr4Je INa8WfBnwF4q8SKyavrOgaXe3iv94XNxaxySg++9jmgD5Y+D3xd+IviX9u348/CbXNZe68J+EdP0 KbS7AxxKltJd2cEkzB1QSNvd2Pzs2M8YFexeKv2xf2WvBPiCXwt4o+KGg2WqwSGGaA3iSNDIDgpK YywjIPUORjvXxN4C1PRNF/b1/bA1jxLqkuh6RY+GNGnvL+A7ZbS3j0qBpZ4ztfDxoCy/K3IHB6V8 0/DmTwrq/wAANU8Gfs4fsm3XjLwPeW2oE+MPGN1pthc3CMZN92ZWg3SGHkR+S4KbAB8wNAH7d6z8 YPhX4eg8N3WteLNMtLfxjNHb6NK91H5WoSzbfLS2cHbIX3Lt2k5yMVs+OPH3gr4Z+HZ/F3xB1y08 PaLbMiSXl9MsEKtKwRFLsQMsxAAr8Lvht8KtV+Nf/BISyXTHkl8ReA7zUte0WRSTLFJpl7PK6Rnr loGlVAP4ivoK9M8c/FeD9vDxN+y38H7DbPpetW6eOfGEScxIul77drd8fwPcxXEOD3aNsDggA/Vz 4j/HX4OfCDTLPWPid4x0zw3a6kC1qby4SN7hQASYY875AARnapxkZ6iug8AfEv4ffFTQF8U/DfxF Y+JdJLmM3NhOk8ayLyUcoTtcAglWwRkcV+Haat8SvHH7e/xx8XWvwMg+O174NltNHsLTUdXsdOg0 a0AcRvHBexyJKZ/LZgyrlCXJOZK92/ZP8AfG7wj+2T4o8ZXXwht/g34J8YaDjUtCtdd03UYBqEDh oLtILVo3jDjeoCw7QWc5+bAAPv8Asf2tP2ZdS1PQ9G0/4neH7i98Stt06NL+Jjct5hhAUhsAtKpR QSNzAquTX0N05Nfij/wSW/Zy+Dut/AC0+L/ifwtYax4sbxDPcWmo3UIluLP+zzGIBAzf6vbIGfK4 JJGc4GP1U+PWpeDtI+C3je++IWr3WheGl0i8TUL2xIW7htpIijm3JV8SkNiP5SdxGOcUAefax+2f +yjoGvnwxq3xW8PQaikhhdPt0bpHIpwyySoTGhB4O5hjvXtnib4geBvBnhOTx54s8QWGkeHIo0lb Ubm5jitdkuPLYSsQp35GzB+YkAZyK/Bh5NK1z9kvXPC3wS/ZLll+H8Og39ynjPxVdadZagYI4ZJT qh/ciSaZQPMQxSbeFVPkwK7ex+Dfj74/f8E4/wBnz/hDLvTdU17wrqY1GDQ9cnWOz1pLS7uYEs28 xkDkLtQIWVTGWXcpINAH65/DL9pH4DfGXUJtI+F/jvSfEeoW6NI9ra3Km4EanBfyWw5QEjLBccjn kV2vgb4leAPiZZ32ofD7xBZeIbfTLp7K6eymWYQXUYDPFJtPyuoYEg881+N3gvx/8OLX9qD4Wt+0 d+z9e/An4jxXb2Gh6topjj0bU7q4CwCKcwRosi/P5S7XlCiTDsEYEekaB4s0j9iz9uD4waN4iY2n gT4n+H7jxzYgfdF/pkcs99FH2DuFuXwOcCIYPFAH6S6z8e/gt4efxRHrnjbSbJvBX2Ya2JbuNf7O N46x24uef3fmOyqu7qTisKD9qH9nS58dRfDO3+JGgy+J5pVgSxW/hMrTs20QAhtvnFjgRZ35425r 8YNb8Ea1D/wSv+M/x58ax48WfGrWbDxHeMR8y2r65araRj/YwXlj9FlA9q7z9s39mr4MfDL/AIJz +G/EXg7wrYaZ4i0OPQLpdWgt401Cae8Ma3DzXIHmv5hkLEFsAhcABVAAP1ls/wBp/wDZ31D4gD4V 2PxF0S48WNMbYael7E0puASpgBB2mYMCpjB354xmun8X/Gv4Q/D/AFifQPHXjLSfD+o22njVZIL+ 8it3SwMvkC4IkYfuzKPLB7t8o5r8lf2+PgB8Ivg1+yN8Pde+HPhfT9D13wxrehC31S1t44r6RnRv Maa4UCSQyOBIxdjlwD1Fdv8AHv4WeCfi5/wVZ+Gvh74g6XDrWj2PgEag1lcoJLeeW3vdR8oSxtw6 B2DFGyrYwwIyCAfoToX7Uf7OfiXwhqvj3RfiPoVx4f0No1v7z7dEkdq0xKxCbeylDIQRGGA3kYXN dX8L/jT8KPjTplzrHwp8Vaf4otbJ1juGsplkaF2BKiVOHTcASu4DODjODX5Nj9mv4K3X/BVSbwm3 hPTk8NReD08RnR1to1019QSQWqyNaqoiOA5fBUjzPm610XgvTdL+CX7f37Q1r8LtKg0exg+HI1uP TbKJIbY30C2zKyQqAgLMzHAAGXY9zQB+ivjv9qX9nP4Y+Jf+EO8f/EXRND1sFQ9pcXkayxbxuXzl BPlZHI37eMHvXkP7bH7VNn+z1+zpffEnwLrGk3XiPVo4B4eS4kE8N8JZoUllgWNx5wihlMo2sV4B OVyD+VP7G2n/ABM1T4GT+Jbf9k3T/jU3jq71C51HxRqniLSorjUJGuJI5E8m7hkmgEbKRjcNz5lH 3hVPxd8MPiH4E/4JqfF7w18WvC0GkL4b8TWs/heGW/stYm0uyv8AUbTzrWK6tnkKFX3h87GcsxK4 OAAftl4R/aa+CeqfD3wv4y1P4gaKtvr4W1S6a8hjhmv4oVe4hViQoePOWXjaK8a+L/x+8J/E7wN4 e1f9nz47+HPC4tfFenWeo30s8MyXMUkdwTpoV0crLclN8Rwu4RsVbGa+OP25fhX4K1rwl+yb8MLP SbXStD8T+KtMs7uCyiW1Rlv0top2xCF+dlY5Yck85rsv+Chfwi+GHwh+Dfwx0r4X+F9P8L2d/wDF Dw9NcRafAkCSyJaXkYdgoGTtUDPfknkkkA/T/wCI/wAXPhf8INJj1z4o+KtN8L2U5ZYX1C5jgMzI AWWJWIaRgCCVQE+1Hw2+Lfwy+MOiv4h+F3iew8T6fC/lyy2M6zeVJjOyRQd0bEcgMAcc9K/NzQ/C fhn46f8ABTv4n2PxY0+LX7D4YeHtLj0HTNRVbi0ia9ht5prlYHDRlg0rYJB5YE/MqlfqT4a/s/fs 8/B79pTxN4u+HGtw+H/Fni3SYvtnhG0urOCz+zxuuL6PTUQTKS8ZHmAhMtJxljQB9d3d3aafazX1 /MltbW6NJLLIwRI0QZZmZsAAAZJPAFfNlh+2h+yhqfiSHwnp/wAVvD0+p3DiKNFvozG8jHCqs2fK LE8AB8k9KwP26NS+Eunfsx+Lo/jdq2raT4SvVt4Lk6G0a6lcuZlaO2g85HTMrKAwYBdm7cQua/IP 9p6TVPEP7Iup2/hz9kuD4b+CtBttPkt/E2q3Njbapbr9ohjjdbZYUuXluCwSQl23B2Lc80Af0Ca/ 8Q/A3hXxFoPhLxJrtnputeKXlj0qznmWOa9eAKZVgQnLlA65A6ZFHiX4h+BvBuraFoPivXbPSdR8 T3BtNLt7mZY5L24G3MUKsQXb5l4HPIr8mPiVfXWo/Fv/AIJ76nqEzT3F3p9zLLK5LM8kmnaaWYk8 kknJPqa9V/bxuIV/aT/ZEtGcCWTxlM6r3Ko9kGP4Fh+dAHVfCT9uPw58RP2vviB8GrnxToa+FdLh 0218MtBIvm6pfTRh7oLKWPmyI5MexAANvILZNcR+yV+2v4eg+H3jrWP2n/iZp9lqFr471nStL/tC SC2m+wWsVoY444oVVmSNpWy5U4z8zdKyP2cvAPgWD/gpB+0bFD4c02NNDtvD0+nqtnCBZzS2cTSS W4CfundiSzJgkkk8157/AME2v2d/g38QNI+M3xC+IPhHS/FGp3PjbVtGQ6naR3iw2sCRTFY1mVlQ u1w25lAYgAE4AoA/Ynwr4t8L+OdAs/FfgzV7TXNGv1L295ZTJcW8qglSUkjJU4YEHB4IIPIrxdP2 uP2YpPGA8BR/FDw+2umb7OLYX8XM+7Z5XmbvL8zd8uzduzxjNfi74e8Ra58Hf2IP2wfDXw+mmsLH w948u9GsRG5P2SyvLy3sZgpJJAaD5MjkE7s55rp7T4XfEvWv2WLb4W6Z+xZpZsLzQ0eDxOfFWjLe m4kgDpqplaJZQxYiUqZQu392SE4oA/dHxb8RfAfgO40m08a6/ZaHLrtx9lsFvJ0h+0z4z5ce8jc2 OcV534H/AGoP2d/iV4pbwT4B+Iuia7ro3bbS1vY5JJdg3N5ODiUAcnyy2ACe1fjr8fPA3jXxf8Af 2Mvhd8eomGs6l4uttB1RRdQ3TNaNcizjP2i1kkRy1rsO5XJyfmO7Ne7/ALfHwa+Fvwm1P9nnxz8L vC2m+EtY0/x/o+mpPpVrFZs1rITJskMIXzAGhGN+SMtj7zZAPcPFf7cfhzw9+23pvwFvPFOh6f4J tdEmfUbqSRRMNfa4aFLGSVm2oyKqkRhQxL8kjAr3n4K6v4rv/jP8ZLHXfiXpvjHTbG905dP0KzEf 2rw4jLcb4rvYitunwpXczf6tsY5z8ceKPAPgW/8A+Csmi2V94c024t7r4fPqU0clnC6SX3264/0l 1KENNwP3h+bgc14lB4x8QeAfEf8AwUT8WeFZZbfVrJNIFvPAxSWB5ob+LzkYYKtEHLgjkFcjmgD9 T9Y/a1/Zk8P+Lf8AhBdZ+KHh+011ZTA9s+oQ5imVthilcNsjcNwVdlYHtXpvjz4m/Dv4XaEPE3xG 8S6f4a0pmCJc6hcx28buwyFQuRvYjkKuTjtX5+fA39jv9mTxV+wx4W0jxZ4f02OPxR4YtdX1PxA8 UC6hb3d5arczXa3sqFozAzHaWO1UXawK7gfE/jW/7L3hLxR8BPCei2fiL9o/xH4W0WdPC2hWVzY6 npt3YqZIftl9IkBjkKmEqrR5UfZwXUBcsAfpx8Nf2lfgH8Ybi8svhn470rxBdafG008FvcL56RL9 6Tym2uUHdgNo456V8sfszftvaD8bv2hfin8NdQ8TaI2m6be2dp4OgtJF83VIEiupbudHLMZ22xqz bMKigYHUn4Zjk8Zf8PDvgL4j8T/Bew+CE2tx6nbCxsr60upNRthazK0l0lmkaIfnKAOu5hwchRX0 v+w14E8EWf7Wn7U1xZ+HtOgl8O+IdOj0x47SFWsY5UvVkW2IUGFXXhgmARwaAPrr9k/xLr0/wNHi H4jfFTSPidPb3V48/iLT2ijsRBGc7GZEiRfJGdxIGO5rqPB37WH7NXxA8Up4J8GfErQtX1yZ/Lht YL2MvO+M7YckCU4HSMtX4D+HNS1SX/gmp8M/AEd7Lpuh+OvicNH1i4ifZ/oUjPIY2PTBZA/PH7vo a/TH9vT9mD4BeFf2PPEmseEvCWmeFdT8BW1teaPqGn26W13BNDPEiqbhAJH83O1t7MWYhyd4DAA/ Qfxb8Xfhd4B1aDQvHHivTNAv7m1nvo4b66jt2a1tQWmmHmEDZGASzdBXO/DP9on4GfGTULvSfhb4 50rxLfWKl5rezuUeZUB2mTy+GKZIG8AryOeRX5GeP/D+m/tJ/tK/sUwfFyzXVofFXgv+19UgnUGO 5ni09tQIkUcFJJYxuUjBUlSMZFex/HD4aeA/hN/wUK/Zm1z4ZaDZeFpvEi63Z36aZbx2cVxFb2wC eZHCFRjtmYEkZICgn5VwAfrtXgHxD/aq/Zx+E+tP4b+IfxF0bRdWi2+ZZy3StcxbhlfMij3OmRyN wHHPSvfiQoLMcAdTX4S/CXxJ8ONQ1Lx6v7Ln7N+qftAQ+INbvZdR8WeLJ9Nt7e6upSDLHDcXNttN uCfMCEI53ksBkYAP2Zh+LXwxufh+/wAVrbxVps/g6OEzvq8d1G9ksSnazGZSVG08HJyDwea821P9 rr9mDR9es/DOp/FHw/b6lfJFJFE2oRfdnVXiLtnbHvV1ZQ5UkEEcV+LfwEF9Y/8ABO39rDw9c2y6 dHpeu6jGljFN58No2y3V4opOjKpUKGH3sZ719Mz/ALLfwL07/gls2tp4N0x9dm8BR+Jm1VrWM6h/ aMlkt/5guiPNGHOwANjy/kxtyKAP1o8aeP8AwR8OfDVx4y8ea7ZaBodsFMl5ezpDAC/3QHYgFmPC qMljwATX51/Gr9sTTPEfxZ/Z5039nb4iWWq6D4q8VNpviCLT3guDJATb7IpldWlhyGfBGwnnBOOP lDQ7dfjZ45/Yc+DvxR36p4MuPCMusT2lw2621C+sbKXyUmQ5EnlLAmQwOUdl/jbPsP7X3wR+Fnw+ /a7/AGW/HPgTQrHw5qes+KEsryGwgjto7mO2lt3ikaKJVXfHvKlsZIZQchRgA/ZCiiigAooooAKK KKACiiigAooooAKKKKACiiigAooooAKKKKAP/9X9/KKKKACiiigAooooAKKKKACiiigAooooA4Px 58NfCHxJsYbHxVZ+f9mJaGVGMcsRbG7aw7HAyDkHA4yBVbwB8K/Bfw0hnj8LWZjlusebPKxklcDo Cx6D2AAzzXotFVzu3LfQw+rU+f2nKubv1CiiipNwr8trv/gn/wDGvRPir8Q/iX8Iv2ibvwGnxF1a XVbyyttAjuAC8kkkaNK96u/y/NYBgi5z0r9Sa/Lb9n/9s3RtE8ZfHq1/aR+I9jplh4c8fano2gRa g8Fu8dlbTSIsMKRqskqxgKGYhiONzc0Ad98Kv2DJ9A+L2k/HP47fFLWPi94s8OIV0k38S2lnZMwI MiW4km+YZJUB1UN8xVmAIh+Iv7E3xFPx08RfHb9nT4w3Xwu1PxtFDFrtqdLh1S3uGiQIJY0mdFVs DI3KWDsxV1DFa+rPFXjzQ/GXwM8UeOPhf430y0tZtE1KWw8RxzRXFhYyx28m27kcb0KW7jfICDja QR1Fch8K/il4d8KfCH4eSfFf4m6P4g1jxJEtvb62k8UFtrN1kktbcIp47ADp0oA8x/Zb/Yui/Zp8 f+P/AB0/ji88ZS+P4bD7V/aFuFuRdW6u11PJcCVvN+0TSO4XYvlqQm58biz9kb9kbxn+ylqGteH7 T4mzeJvh1c+e+maDcadHDJYzzyo/mm7WVmkIRSjAIqsTvAU8H27wP+1B+zv8SvFLeCfAPxF0TXdd G7baWt7HJJLsG5vJwcSgDk+WWwAT2rpvih8bPhL8FdPtdU+K/izT/C9vfMyW/wBtnWN52TBYRR8u +3I3bQcZGcZFAGP+0F8B/BH7SPwt1X4U+PkkXT9R2SRXEBUXFrcwndFPCzBgGU8HIIZSyngmvieb 9gX4wfEN/D/hL9o34+X/AMQ/hz4angnj0NNKh0+S+Nt/q1vbpJXklAHDF97sMkMjfNXR+Df2ldT+ I37fNp4C8BeNLbxB8MLzwE2rQw2LW89s9+t6YWlEyKZN6gbWQvgHgrmvUP2dfipbeE/gBbeMfjh8 ZtC8dB9TmtT4ltpYYLB3kcLDbBlSNPMU/Ljbkk0AcX8Yv2LvG2v/AB1n/aK/Z8+Klx8LPF2r2EWm 6sP7Nh1O1vIIVSNG8qV0VWVI0GGVwSildhyTe/Zw/YjuvgH8aPE3xs1b4jX3jjWPF+kiy1JtQtFj mlvGmjmkuRKsrBYz5YRIAnyLgbzivd7P9qj9m/UPHI+Gll8SdCn8TGb7MLJL6Iu1wGKeSrZ2GXcN vlht2eMZr0X4hfEz4ffCfw8/iz4leIbHw1pCOsX2m+nWFGkYErGm45dyASFUEkAnHBoA8Z/ZG/Zw /wCGWPgxa/CH/hIf+En+zXd1dfbfsn2Ld9pbdt8rzpsbemd/PoKX9kX9nH/hlb4M2nwj/wCEh/4S f7LeXV39t+yfYt32l923yvOnxt6Z38+grqfCX7Tn7PfjybRbXwf8QtF1a48Qzy21hDBeRtNcTwIs kkSxZ3h1R1YqQDgg45r3SgD81bv9hb4o/Drxf4o1z9k/41XPwu0LxndPeahok2k2+q2kNzLnzJbM ysvkcYChV3AADftVVXqfCn7Afhbwd+zX4/8AgXpnim5uvEPxMEkut+J7238+4uLuRt3mGDzV+Rfm KoZScszFySa1NM+K3jL4y/tp6j8NvBGry6d4B+DFisviE2xGNV1rUlIt7ORsHEVugdyFIJkRlYEY x8leD9T/AGy/2jv2jPj14N8AfHR/AeifDXXUs7W2bRrO+VoLqS5EaqzKjDyxb4yxYnd145AP0Zvf gH9r/ZUH7Mn9u7MeEI/Cv9rfZc/6uxFl9p+zeb3xv8vzf9nf3r57+Iv7CF14w+BPwj+F/h34gzeH /FPwbmtLnSdfisFkV57VQN7WjTfLllRl/ettK87gSK8X1j4zftdfsU+P/CX/AA0/4r0/4n/Cjxhf ppcmu2+nx2N9pN1IpMe+OBUUocFznzSyK+0qwCt0H7Wvjr9ozVf2yvhf+zp8FfiQ/wAPbPxhoN5e TTiwtr5BPaC7mLFJl3HckATAcAZzjrkA/SfwDo3ifw74K0TQvGmu/wDCT67YWkUN7qn2dbT7bOi4 eYwIzLGXPJUEjPT0r8abn4RfET4mf8FNPjzq/wAJviJcfDfxV4b03QJIL2Ozi1C3uIbjTLJJbe5t piqujFVYEkhWUNtJAI7n42af/wAFDv2Uvh/ffHE/G3T/AImaN4aaGXUtHvtDtrLzLaSVYyyPCC5K lgWCyRkLkgkjafvXwv8AEz4Caf8ADrSv2qvEMWh+Bz4+0nTby81a7Fva3Uyz26PDbT3ZVJJ2iXCI pJ4X5RgUAcd+zn+yWnwh8ReK/ih8TvFU3xM+JfjdBb6nrd5bJbILJQuLSC2VnSOH5F3AHBCoAqqo FeHaZ+wb8X/hbca54b/Zq+PmofDz4f8AiK5luZdFk0m31KSxacfvPsN1LIjxZ6KUCsowSzuA1fbn wv8Aj38GPjUt0fhT4z0zxPJZANcRWVwrzQqxwGki4kVSeASoB7GvzN1DXf2u/jl+2d8ZPg98MfjS /wAPtB8CLp09tCdJtL9Sl1bxFkBdVcfOWbLM3XFAH01J/wAE9Pgqf2XLv9mGGa7S2vbldUm1okPf yawuP9ObPykkDy9nA8v5c5+evK7r9gb41/EyDQvBv7Sfx/vPH3w/8PXcN0mjw6Pb2Et6bcERi6u1 keRhzht/mEgnDK2GHnHj/wCJX7aH7EfjXwDr3xm+I1h8Wvhv4u1iDRb0tpkOm3llLOGIeMwJkkIG cZdw2wqVXIav2PoA/Pz4s/sXeNr/AON9/wDtEfs4fFCb4WeLtdtIbPWIjp0Op2N+kAREcwysFRgk aA5VwSuRtJYtL8Pv2GD4a8H/ABfPjbx/d+MfiL8Z9IutI1XxLdWUcKwQz2r20Yhs45MBYw4JXzQG CIo2AV9GftE/H7wf+zP8Mbz4r+OrO/v9Jsri3t3i02OKW4L3LiNCFmlhTAJ5y446A17lQB+a3xC/ 4J223xD+Bnwf+CV38QrnTIvhVN5rajZ2AS5veMZiBuCLVweVfMuD2q3o37DnxK8X+P8Awp4q/ag+ M938VdG8BXC3ejaR/ZNvpdu11EQYp70xO/nsuOQwLHu5UsrfoB4o8UeHPBXh++8V+LtSg0jR9MjM t1d3LiOGGMHBZ3bgDnqa8SuP2u/2YLXxJZ+Ebj4o+H01a/WJoYTfxYPnqrRBnzsQurKVVmBORgc0 AZOlfs2/2Z+1nr/7Uf8AwkXmf254XXw3/ZH2THlbZ4JvtH2nzju/1ONnlD72d3GD8zN/wTjDfsaJ +yP/AMLC+7rH9q/21/ZP/TUy+V9k+1++N3ne+O1foD41+J3w7+HB00eP/Elh4dGrytBaG/uEt1nk Rd7KhkIBIXk88Dmvkr4v/H7wn8TvA3h7V/2fPjv4c8Li18V6dZ6jfSzwzJcxSR3BOmhXRystyU3x HC7hGxVsZoA0f2nf2SPFHxr+JHgj4y/DD4jT/Dbxt4IhurW3vUsI9RR7e7Uq48p5IwGAdxk7gwbG AQDXx9/wU71X4dfGPw34H/Zz8L65b+IPjQPEtjZW9rZH9/a/aYGS6kukXd5MDo6Oyls/dblVYj9a PDXxJ8A+Mte1/wALeFfEFlquseFpVg1W0t5lknspXLBVnQHKFijYz1wa8/sdN/Zxtvjvfvp9j4dT 4vTWIvLqSOG3/ts2QVYRK7hfOCFSqE55XaDkYoA9B+G/gTRfhh4A8OfDrw4mzTPDWn22n2/GCyW0 YjDNj+JsbmPckmvNv2ofgb/w0l8CvE/wV/tv/hHf+EjFmPt/2b7X5P2S8hu/9T5kO7d5O374xnPO MHC1j9s/9lHQNfPhjVvit4eg1FJDC6fbo3SORThlklQmNCDwdzDHevF/23P2xLb9nrRPANv4N13S Bqvi7XNNS4Ny6zNFoE5kM99CoYKU+QIJDuQbicZwQAekfHX9kLwv8dPhV4R8Dajrd1oXiPwD9lm0 LxFYIEurK8tY0jEqpuzscorNGJFOVUhwVBrx7Tv2HfiP4+8Z+GPE37V/xkufitpfgy5F3pmix6Tb 6RZPcxjEc90Ldz5zDrhhn+EsUZlb7OvvjT8I9M+H1v8AFfUvGGlWvg67VWh1aW7iSzlDEqoSViFY sQQACSSMAVS+F/x6+DPxqS6b4U+MtM8TvYgNcRWVwrzQqxwrSRcOqkjAJUA9jQB554C/Zw/4Qj9p z4m/tG/8JD9t/wCFjWmmWv8AZf2Ty/sf9nW8UG77R5zeb5nlbseUm3OMnGT9PUVx/wAQtSvtF8A+ JdY0yXyLyx0y8nhkABKSxQuyNhgQcEA4IxQB8Cy/sO/GHwH8U/G/jj9mz43y/DvR/iLfPqOq6bPo ltqwjupWd3kt3ncBfmkbaAqlQQCzBVwz4dfsTH9mib4x/Eqx8f33iyHxt4Zuo76DVLZWvH1COFpJ LtrxZcMJHaU+WYcjeBvO35vRf2LvjzfeI/2J/CHxx+PniqBbiZdTfUtX1BobSILDqlzbRFyojjXC IiDAGTjqx5+nLz4o/CW7+Gr/ABJ1TxJpTeBb2BmbUrmeIadLA5MZzJIQjK5yoHO7oM5oA/F79iD9 lz4++OP2SPDuq/Cz4833gPwx47Gpf2tpH9lQXpieK+uLN3sblpEltzLFCu4IVO/LbjkAerf8FB/g v4J/Z/8A+CdNt8KfAEDQ6Vo+q6YPMkO6a4mklZpZ5W7ySOSxwAB91QFAA/RP4FfF39mXxhp3/CD/ ALPPiDw9NZ6KsjrpOiGC3W3jeQs7paRhNqNIxJZU2lmznJ56Yar8Dvj5a674KnbQ/H1t4dvRbarp 1xHBqEdpewswCTwSh1SRWVsblyCDjoaAPh24/YA+KPjCDQ/ht8YfjvqXjP4P+HLiCWDw8+mw2l1d Q2pzBb3uoRP5kyIAAWYEnGVEbBSv6cWlpa2FrDY2USwW9uixxxoAqIiDCqoHAAAwBXKWPxF8Can4 31H4a6fr9nc+KtIt0urzTI5la7t4JdpSSSIHcqsHUgkc7h612dAHxkf2OdD1L4v/ABv+JHibX31D SfjZo1tot1pcdr5EllDBZpaO6XXmvvZgu5f3S7CR97GT4D4Q/YG+O2g+B0+Beo/tF6i/wijEkB0m y0a1tdRksZnZntf7RZ5JY0bcQcBgVJXYFO0fVPxp1fxbYfGj4N2GhfEvTPB2mX15qI1DQrzy/tXi JEWDy4rTcjNugJYttZf9YM54x7b4K+I/gL4j2+o3XgPX7PXotIu5LC8azmWUW93EAXhk2k7XUMMg 80AfLPwO+H/gL9gP9n5fBPxT+IllceG4NTumttR1C3XTkVb0GUWrKZphJJlZGBBXcDgIMc/J3/BK X4KeG9Jm+J/7Qfh20mg8PeKNYvNK8J/aVKyLoNtcvLuXIHyyuUUj+9Cfx/R+O/8A2fv2nvBF0iy6 D8SfClnebJw3kahZxXluofDbtyLIiyA+oVvQ18UfHT9u34VfCnUfgt4R+B3irwv/AMIt4g1yztdW ltXiaDTdAhnWKR4VjZYoYztkj3lSECMFAIyAD1L4wfsaeI9c+Ms/7RH7PXxIufhV481K1W01V1sI dSsNTijCqhmtpWVQ4CqCx3j5VIUOCx1v2cP2O5fhB8QfEfxw+KHja6+JfxP8UQC0uNXubZLOKC1G 391b26M6pny0BOcbVAVUBYNzP7SPxx1r4NeKvhP+0l4f8Sf2t8H/ABHNBoev20brLZLa6oPOstYg YA48sg+YwJDoVUDJzX6AqysoZTkHkEdCKAPmP9kX9nH/AIZW+DNp8I/+Eh/4Sf7LeXV39t+yfYt3 2l923yvOnxt6Z38+gr1L4x/Czw78bPhf4k+FPitpY9L8S2j2sskJAliJIZJEyCN0bqrDIIJHIIrn fib+0j8Bvg1qVvovxR8d6T4c1G6QSR2t1cqLgxsdokMS5dUJBAYgKcHng16P4Q8aeEPiB4ftvFfg bWrPX9GvATDeWM6XED7ThgHjJGVPBHUHg80Afm1pP7A3x3vvh7B8CviD+0ZqOpfCyytlsYtK07Rb WxvJbOJQIbeW+Lyy+UmADGdwZPkyBjHR3H/BOyxv/wBmfwJ8DL7x9PF4m+GOoT6l4e8U2Vh9mmtJ prh7kBrY3Em5QzjpMpJRCCMHP0+n7XH7MUnjAeAo/ih4fbXTN9nFsL+Lmfds8rzN3l+Zu+XZu3Z4 xmvcPEPiPw/4R0S88S+KtSttH0nT4zLc3d3KkEEMY6tJI5CqPcmgD8/PDH7EvxU8T/Evwb8Rv2of jPcfE1Ph7ci90XTINJt9KtkvEKNHPO0LHzWBRWwVDZA+fbuVvmr/AIKRr8LP2n/Hvwn/AGf/AIca 1Dq3xNj8Sz6ddrYt5r6VpkkZTUjd7QdhQxo+0nO1H4x1/UH4b/tLfAH4v6zN4d+Gfj7SPEWqwKzt aWt0jTlE+86RkhnQZ5ZQVHrXJ6n4h/ZF+DvxC8T+KtWuvCXhHxt9mS81m9l+yWmotb3LqqvNKQsh Ez7eMne2OCcUASftA/s26T8af2atT/Zs0HUx4S0y7tdMs7W5W2+1rawaXc288aCHzIdwK24j++MZ zzjBxv2h/wBl7/hfX7Nafs8f8JL/AGFsi0yL+0/sf2r/AJBzRtn7P50X+s2f89Plz3xXb2X7Un7O eo+BLn4m2fxH0J/DFnMtvPfG+iWOK4ddyQuGIZZWUErGRvI5AIrtPh18Xvhh8W/Dsviz4aeJ7DxH pEDtHNcWc6yLC6jcVlGcxsFIOHAOOelAHjf7Uv7Mo/aV+Ddh8JP+Ek/4Rz7FfWF79t+x/bN32IMN nledDjfnrvOPQ1c1j9m/+1v2t9C/am/4SHyv7F8Mv4c/sj7Ju83fPPN9o+1ecNuPP27PKP3c7ucC 9ov7YP7LniLxSngvRPil4fvNYmlEEUKX8WJZWO1UikJ8uRieAEYknp2r6QoA+YYv2cPK/a3m/am/ 4SHPm+GB4c/sj7J0xOs32j7V53tt2eV77u1M0P8AZri0j9qvxZ+0zPrwu4/FPh6HQG0ZrMBYlieF jKbgytvDCHGzyh977xxz6l8S/jV8JPg3ZwX3xT8X6Z4Xiu93kC/uUhkm2fe8qMne+O+1Tiovhd8c fhD8a7K5v/hR4u07xPFZFRcCynV5IS33fMj4dA2DgsoBwcdKAPha2/YL+MPwtufEGifst/Hm9+HH gjxLcyXUuiT6TBqYsZJvvmzuJJEeIYwqhQjbQNzswDV6BY/8E+fhrpH7JPiT9lfSdZu4h4qkW9v9 dlRZbufUo5op0uHjyAUVoEXygw+QEb97Fz9kfErVb/Qvhz4q1vSpTb3un6VfXEEgAYpLFA7o2GBB wwBwQR61+afwz+L/AMYfiL+xD8FfiTq/xf0/wR4p17xIYtS1fV47eNdUt473UIf7OjURGMSypHHt 2qpxGeeuQD02D9iT4ja5oXwfsPid8XW8T6j8IvFVt4gtrttGSFrmztPI8qwIW5G3b5J/fnex38od uT7t+1R+zf8A8NM+FfCXhn/hIf8AhG/+EW8TWHiLzfsn2zz/ALDHPH9n2+dDs3+dnflsY+6c8eB+ K/24/Dnh79tvTfgLeeKdD0/wTa6JM+o3UkiiYa+1w0KWMkrNtRkVVIjChiX5JGBR8JP24/DnxE/a ++IHwaufFOhr4V0uHTbXwy0Ei+bql9NGHugspY+bIjkx7EAA28gtk0Ad78dv2QdY8efFjT/2g/gl 4/ufhb8SrOz/ALOub6Kyi1C01GzHKx3VrKyK5HygMxYYVfkJRCt79nH9kq/+EXjzxF8avin45uvi Z8TfE9sljPq9xbpZw29khVvs9tbRsyopZELEED5RtVPm3ct/wT7+MHxC+L/wz+IPiH4n622sXei+ NtY0y2mljihENjbQ2zxxfukRcIXY5IJ55Ne5aH+1r+zL4l8Xp4D0D4naBfa7NIIYraK/iYyyk4Ec T52SOSMBUYkntQA39qT9nPw1+1L8H9R+E/iW+l0pbiWG6tb2BRI9rdQEmOTy2IDrgsrLkZVjgqcE fHPjL9gX49fGnwJL8PPj9+0bqHiPRbWHGn21lolrYx/aoxi3uL5kk8y7WPqYmZSWAbzA3NfqdXA/ ET4p/Df4SaIPEfxN8S2HhjTXfy0mv7hIFkk67IwxBdsc7VBOOcUAfIfxW/Yel+Jnwf8AhP4Ng8e3 Gg+Ovg3DaJoniazswv7y2ihiZntDMcCQQRsQJuGUHJXKnz+0/YB+JfiX4q+APjd8aPjje+NvFfgb VLa9jV9IhtbE2luwkNtBBBMiwvI4y8+GLAAGPjJ+6vhj8bPhJ8Z7C41L4VeLdN8UQ2ZUT/YbhJXh L/d82MfOm7BxuUZwcdK5nxz+09+zz8NPFcfgbx/8Q9F0HXn2E2d3eRxyRCQbkM2TiIMCCPMK5BBH BFAHh2pfsh+MbD9rW7/ad+G3xMm8M2viU6cviPQ306O7j1GHT0ji8pJ2lQxCSOJRkIzIxZgSDtHp P7K/7N//AAzN4V8W+GR4h/4ST/hKfE1/4i837J9j8j7dHBH9n2+dNv2eTnflc5+6Mc+SfsJfGPx9 8X4vjNc+O9dOuQ+HPHWqaXpblIUWHT4NpijUwooZQDkM2SfU1N8ev20fgvD8JfiXY/CL4p6LN490 PQ9RuLCO1u4JpRdW8DuDCH3RzMhUkqu/pkjFAG98Of2LfCvhbwr8aPA/jbV/+Er0P4za7qGsXUH2 X7I1ml+SwiR/Nm3vE2GSXCEMAwUEV88z/wDBPr4+t4E/4UPD+0lqQ+ERX7P/AGU+i27agLDdxZ/b vNEhj2fL2THy+Vs+WvuD9lrxd4i8ffs4/Dbxr4uvW1HW9b0Gwu7y5ZURpp5oVZ3KoFUZJzgAD2r3 ugD4m8b/ALFHhTW9J+BfhnwRrB8MaH8D9csdYtrZrX7Y98tnIkrRPJ5sXlvKylnl2v8AMxOztXd/ tOfs4f8ADR1j4Dsv+Eh/4R7/AIQnxPY+I932T7X9p+xBx9nx50Pl79/3/mxj7pr6eooA+GPj9+yH 4x+Jnx38MftEfCj4mTfDrxXoWmf2NO39nR6jDc2PnSTbdjyxBSTK6tncCNpG0rk9V4C/ZI0Hwv4+ +O/irxRqyeJdH+OjWgvNKktPIW0gt4rmKSIy+c5m8xbg/MEjK7eMk8fXtFAH5Tj/AIJ6fGvTPB0/ wM8L/tGarp/wcuWljOjPpNvLqCWUzEyWa6h5iv5bhiDhVTk/uiCQe6+IP/BP/wCy+J/h98QP2Z/H c3ws8T/DzRl0C2meyj1SC5sE8wgTRSsimRjNIXdg4YkHaCoYfo9RQB+aGm/sB+O7n42+BP2i/iB8 a77xb468KXvm3clzpMMVjcWIG0WdrbQTItnhWlzIDIGZ9xjyDu9I8L/sh+Mfh/8AtUeIvj/4A+Jk 2l+GvG11FeeIPDMmnRzpeyxQyRoBdGVWjCvI0ikR5BO0lhX3PRQB+eXgr/gnn4F0v9kq6/ZQ8fa/ L4lsZb+bUoNWt7VbC4tbp33xSQxtJcANHypJYh1ZlIAJrkLv9gv4zfEbT9I8A/tEftBaj49+HOiz 28v9jQ6VDp02oLbkFEvb2OV5pAMDJYux+8GV8MP08ooA+VPFP7L1hrv7R3wq+PWl60mk2fwt02/0 yDRY7PclxFeW0tsm2cSr5IiWQEL5T5C4yM5F34s/s4f8LR+O/wAJPjZ/wkP9mf8ACrZNRk+wfZPO +3f2hGkePO85PJ2bM/cfdntX09RQBHNDFcQvbzqHjlUqynkFWGCD9RX5ceB/2BPjj8IbTWPh58Fv 2hr7wl8M9Xu5rr+zRottdajbLPhZI4L6STfGxUACVAmD82zdkn9S6KAPzX8Af8E7rX4cfBL4xfAf RPH89xoXxQmEtnNdaeJLrS+Nrea63Ci7ZlVBkLBypOPm4+n734B/a/2VB+zJ/buzHhCPwr/a32XP +rsRZfafs3m98b/L83/Z396+iaKAPgDxj+wfpXiX4IfDD4f6Z4xudC8dfCGGBdA8WWdtsmiljCiT fbeaQYpdilk83IKj5iNwbgoP2B/iz4s+L3w/+OXxu+Olz4z8R+A9St7uC3GiQWdibWBxIYIooJkW OSR1BebacjAKHaDX6eUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAf/W/fyi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAK/Gv9h34GfCfx1+0F+1J8QPHHh+w8SavZ+P tZ023j1G3juo7a3e8uJHZI5VZQ0pO0tjOEwCAWz+ylfl1Z/sBfGDwB8S/iD8W/gb8ernwdrnxD1v UNSvbdtDgvLH7Ne3D3EcDQzzOHmt2kfbcYBIOAiZYsAfNnhPR7H4Xa3+338D/Ai+R4E0vwteapaW kZ/0eyu73R53mjiX+EHcUwOixKO1eYfEjwjpXxA/ZT/YZ8B66pfTfEniOw026VSVJgvJ1hkAI5BK seRX6jfDX9iXQPhz8Dvib8Mx4outc8XfFyz1KHX/ABTfQiS5uLnULeWAS+QJB+7iMzOsZlJLM2ZP m4wp/wBhkT+BP2fPBX/CbY/4URrNlq/n/wBm/wDIV+xzLL5Wz7T/AKPu243bpcdcHpQB85/t8fBr 4W/CbU/2efHPwu8Lab4S1jT/AB/o+mpPpVrFZs1rITJskMIXzAGhGN+SMtj7zZ6Xwh4P8NfG3/gp l8X/APhbmmRa9B8N9D0i38P6bqSLc20Ed5BDLLcJDIGQsXdiDjjzP7wBH2P+05+zh/w0dY+A7L/h If8AhHv+EJ8T2PiPd9k+1/afsQcfZ8edD5e/f9/5sY+6a8++PH7ImveOfitp37QPwM8ezfC74k2l odPu76OzTULXUrLjbFc20rKjFMDDEMMBcrlEZQD5e+HXwo8A/CT/AIKw6tpnw60630jT9b8BSapN ZWqLHb29zNdRxSCONQFjDiJZNoGMscYBwPgM8/8ABHAj/qdP/a9frr8Cf2H/ABN8Kv2h7r9pPxx8 Vbvx/wCJ9Y0ebTtT+1adHaia4llRllhMUxWGGOKKONYBGQMFg4BCLxP/AA7gH/DHH/DJX/Cw/wDm Nf2x/bP9k/8ATTf5X2X7X+G7zvfFAHlX/BQ/9mH4IfCj9h+5vfAnhDTdG1fwTNpH2LUrW2jhvy73 MVtK0lygEshkEhZ97HLYbqARpePNO0v46f8ABQn4R/Df4twjV/DGg+Al8RWumXmJLO91Sd5FeaSF vlkwqg7SDkxc5XIP3v8AtV/AL/hpv4H678Gf7d/4Rv8AtqSzk+3fZftnlfZLmO4x5Pmw7t3l7fvj Gc84wfh79tKy+B2n/FP4P+EvG/i7WPhP4+0vT5H8PfEC1ihTTIlgUxzWl40kyHDYB2n5V83az7ZH BAOW/aC+Dnwu+Gv/AAUR/Zp8TfD7RrPQb7xPPqa6ja2ESW8L/YoVEM5ijCqHcTOrMB82wZ5GT+yd fz7+BvCNv4z/AOCh3wlu/D3xdvPj3rnh63vtQ8SeIIkhXStPtYoJEtLe3W1MkUQMpbeFkKl5U6MW r+gigD8t/wDglz52r+HPjj431Rt2sa38R9YF2W+/mOOGUBj/AL0747VU/YO/5Ox/bG/7GfTv/Rup V0/7OukS/s6fti/Fn4H6tiDQvitI3jbwvJ92OSUsy6nar282MsrBByIkDHgjGNqX7APxp0v4t/ET 4pfCH9oa78Aj4jam2o3tnbaBHc4w8jRI0r3q7/L81wGCLnPSgDO/4K/azYL+zBp3gpALnXfFPiHT 7fTbVfmnlki3u7RoOTjhCfV1HUivIv2ttC+MF9/wUE+AuhfCHX7LRvHg8JXqW2palD59qrxxXxuG kj2PnzIhIB8pwzA8YzX1B8MP+Cftvo/xT0f4z/Hz4m618Y/FHhsh9J/tRRBZWUoIZZUt/Mm+dGAZ AHChsMVLBSPavGn7Mv8Awl/7V/w+/af/AOEk+yf8IJpd7pv9k/Y/M+1fa4rmPzPtPnL5e37Rnb5T Z24yM8AHyR4z/Y//AG3fj/pK+Af2h/jppieB7maJ9QsfD+lpFNdpEwdUMjRQkfMAQGLICAxRiAK5 b4i/DLwZ41/4KG/CT9nbxdp6XHw4+HXgRb7RtEuSZbOeeFpbdDJG+RIFSJMhs7vJ+bKlgf2Jr4// AGl/2S7T47+IPC3xM8H+LLv4d/ErwSXGla/ZQpcFYZD88FxAzIJojlsKXAG9wQysykA+QP2t/APg n4E/tVfsz/FD4Q6Ta+Ftf8S+J4/D+pQaZDHax3+n3UkEMnmRRqqMUSZl3EZ+Zcn5VK+R6b4c/aU8 R/8ABRD9oiH9m3xZpHhPUIYtIa/k1e1+1JNCbWAIsY8qXaQ2STgcV9x/Df8AYx8VH4vaP8d/2lvi ZcfFjxX4ZhaPRYTp8OladprueZo7aBijy46MQvOCQzKhX0/4Z/szf8K6/aT+KH7Qv/CSf2h/wsmG xi/sz7H5X2L7HGkeftHnP5u/ZnHlpjPegD5is/2Jv2hPi98RPCfjL9sH4s2vi7RfBd4mo2Og6PYL Z2kl3GwZGmcJFuXjByjMVyoZQTn9RqKKAPwb/wCClHwj/ad8PfBLxX4y8dfGseJ/BE+tW7weHRot ta+THPdZtk+1RnzG8gEDJHzY5r9L/gD8I/2m/h/4pv8AVfjb8ah8StHuLJobewGi22m+TcmRGE/m wks2EVk2nj5s9hX0Z4x8D+DPiJocnhjx7oVj4j0iZ0kez1C3jurdnjO5GMcqspKnkHHBrqaAPkD9 vv8A5M2+LH/YFk/9DSvmHwd+yh+z3J/wTitba68M6bJPqXggeIJ9YaCM3q6jLp/203IuSvmDy5Dh RnAjGwgrkH6e/b7/AOTNvix/2BZP/Q0r4f8Agz+xP8bPiF+zR4B8G/8AC/8AUrD4S+LdB0rU73w+ ul273iR39tFc3FnDqO8SC3Z3YKpG1VO0o4zuAPm74jR6n8ev2Wv2I9D+JLzXL+KPFUei3kk0jGWa 0+2fYUcvncS9uqndnPOc55r6t/4KF/CL4YfCH4N/DHSvhf4X0/wvZ3/xQ8PTXEWnwJAksiWl5GHY KBk7VAz35J5JJ+vfif8Ase+GvGg+CGneD9UXwlonwT1ux1azsUtDdC6hsWjZbfzDNGYy3l8ykSEk lipPXqP2qP2b/wDhpnwr4S8M/wDCQ/8ACN/8It4msPEXm/ZPtnn/AGGOeP7Pt86HZv8AOzvy2Mfd OeAD5L+ITQfs0f8ABRvwt8TJXWx8H/HnSZdE1SRjthi1jT1QwSt0ALqsKKT13ynnmvNP2cpfC3xF 8F/tL/tvfFzUrzQvDvxDa/0myvrb5L218NafGbcG2JR8SSfJEMKT5sIIAJr71/bA/Zd0b9rX4Sj4 bahq58O31pf2+o2GprbfamtZ4cq37rzISweJ3THmLgkNztwdGP8AZc8BN+y1F+yndSSnw6uiJpEl zCoimaVQHa7CncokacecQcjccHIoA/IB5NK1z9kvXPC3wS/ZLll+H8Og39ynjPxVdadZagYI4ZJT qh/ciSaZQPMQxSbeFVPkwKxPF+kaPr/7A37Ieua3YW9/qMnjXTdLe5nhSSZrBbnUFFqXYFjDhVHl k7eBxxX3NpP7A3x3vvh7B8CviD+0ZqOpfCyytlsYtK07RbWxvJbOJQIbeW+Lyy+UmADGdwZPkyBj HR6t/wAE97nVv2R/B37M0vxFki1XwBrH9taP4gg00RFJ1muJUWS1Ny+4KLl1BEynIRscFWAPlv8A bLtdbv8A9ub4TfCHwp8Lbb4jeGvCXhmTWNO8GC8tdG064uZprpJZiZUMLLEIYz5RU7thGNpYGw3g b9oa9/au+D3xa0D9nOx+CL6dqIsdbmsfEejzJqelXTxxTh7WH7PvaCJnbKI7tlRjKpj7F+I37E/i b4n+GPh94g134pXll8avh4JhaeN7HT4oXuFmlZ/LuLFZArxhG2BRIAcuSCsjocnwT+xf4uX4vaP+ 0L+1X8WpPibq3giKSTSITp8GkabpzAbmuHjiYoWXG/O1MMqsxbauAD9Fa4H4rf8AJLvGP/YG1D/0 neuK/wCGoP2aP+iteEf/AAfaf/8AHqgu/jF8CPinp9/8OfC3xO8N6hqviO0ubGCGy1azu7hmmiZS Y4I5t8hUZbaOwPI60Afzk/AHV9d17w9+zr4Q/aksLmx/ZvOpapa6U0Uix2Ooaub2ebzdSIJYxLPM Yfm2AIjleBKT+gv/AAUOk8Ra3+03+z/8FtD8Cr4+8O21vearD4TF7BpNnqdzao6pE00oMSrBFFkI ykMjNGo+evrzRv2FPCK/sXWv7HfjHW/7dt7CO8e21pbMW8kF5PeT3kFzHAZZNphabYV8394gZSQH IGT4x/YX1D4h/B74feEfF/xKvH+I/wALn3aD41srL7LeRKhXy1nga4lMoCIgY+crMyBiQS4YA+Kf H/gX9ovXfjJ8Jfid4R/Zi0/4Laz4T1y38/ULDxLopF/pzkLcWj28QthJmLcARubYWUDnj3bUdQ0/ 9k3/AIKNalrmqzDTfAfx60Ce8nlb5YIdZ0WMyysfUmNWY+r3Nei+Hv2G/iP4v+K3hX4o/tVfGCf4 p/8ACCzi60XS4tKg0myjuVKss8yQMVkO5EYrtBJUBmZMqfCv+CpGtfDH406P4O/Z58FatBq/xffx TaWlnYWj77iyS7hZbhrraD5cJjeNmyQThW+6rYAPY/8Agm9oep+NtI+I/wC1v4qt2i1j4y69cXFm snLQ6PYO8NrECeQFbenuqIeeK/TKvF9KvPhF+zV8N/CngbX/ABLpfhXRNGsoNLsZNVvILFZ/ssSq cNM6BnIG58EnJJPWqn/DUH7NH/RWvCP/AIPtP/8Aj1AHxr+2f/yeZ+x5/wBhjxD/AOi7Cvmr4gfE X/hjL4y/tb+Gkl+xWnjzw1H4w8PEnaBqN9IbCQxjuxvLpmIH8MXbBr1j9oj4p/DX4v8A7b37KWk/ CvxTpni+40LUdeuL7+ybyK+W3SSG2dfMaBnVSVgkOCc4XPSvo39rX9hfwv8AtXeO/h5431fXf7Ef wVOftkIshdf2pZNNFN9mLmaLycbJAH2vjzCdpxggH5JfDvxZr/7DHws/aA+BOvXUi61r/hDQNZ0V D8sn27W7eKxvvKHGTBNcgL3xBk5r6C+NP7PfhL4R6b+w/wDDjVNBsZr+HxJp1jrDS20UjXLzSw3F 1DKWUmSI3E0pCNlfmPHJr7q/aL/YW8LftD/H34cfHLV9d/s4+B2t1u9P+xiddUgtLr7VDE03nJ5S hmcN8j5Vu2K7X9rb9ly6/aW0fwjN4e8XzeB/FPgXV49Y0nU4rZbxY548H5oWePPzKjKd3BXkMDig DjP+Ch/hfQz+wx8R9BtbaCwsNM06ze1hijWOKEWd3bvEkaKAEA2BVAAAHHSvoP8AZt1bUde/Z2+F uuawzNf6h4W0S4uGf7zSy2MLuT7liTXxP+2npvj7xH8Ffhz+xiniIeKPiJ8UryysdQ1QW62pbTtK ZLq/1KSCNmEaho48qDhssF/u1+lPh3QdN8LeH9M8MaLF5Gn6Raw2dtH/AHIbdBHGv4KoFAH43/Fr 4S/Gb4WftT/Ev45eEfhToH7Q/hnxjHZi8sbmW3l1bSBDEIzbpFKJCofaRhIZd6KgO0qc+Ry/Fr4U +G/2Ev2jD+zloGu/DnxJDqdpF4i8P6k5DaPLrF5HZyi2XC+XE0IkgA2rIhQBgNqk/eHjz9if4j6d 8Z/Evxv/AGYvi5N8LtT8b+W2uWMmlwarZ3U6Ajz1SZgqtlmbBRjvZirKCRXX/Cb9hfwP4M+H3xI8 KfEzXLr4i618XXaTxPq93ElrJcsN5i8iJC4g8lpGdPmYq/IIAVVAPzgtPhd8S9a/ZYtvhbpn7Fml mwvNDR4PE58VaMt6biSAOmqmVollDFiJSplC7f3ZITisD9oS4+Odz8IP2Pfgh8S/DUnivU9Svb/+ 1NA/ta1iTWpNGnigsLaTUY3lh+e2k5be2TJz+8HH2RP/AME+vj63gT/hQ8P7SWpD4RFfs/8AZT6L btqAsN3Fn9u80SGPZ8vZMfL5Wz5a+h/in+wz8KfiB8D/AAj8GPD1zd+EX+HbRT+GtXsmDXun3cXP nFjtMnmv+8lAZCzgMGVgCAD83/jx4D/aP8Uz+BfFngD9lDTPg54o8E6xa3dhrOn+J9DQyRRA5sni QWqyK+AQGY4CsANrMD7ZrHwj8A/F3/grTrll8RNGtte0/wAPeBrfVobS8jWa2e5SW3tkMkTgo4Vb hmAYEbgDjIFeqj9g/wCKfxM8ZeF9Y/at+Nlx8T/Dngy6W8sNFh0i30qCeeLGyS6aF28zgYYFSxBI 3gM2fpXRv2b/AOyP2t9d/am/4SHzf7b8Mp4d/sj7Jt8rZPBN9o+1ecd2fIxs8ofezu4wQD86/hT+ zZ8Fp/8Agp/8WvDlx4T06Xw3oGg2Gq2WjvbRnTYL67htFaVbXb5WV8yUqCpCmQlQCBir4F+EWlT/ AB9/bb+APgC8tvA+i65oulpb7MW9jZz3tmXJKrhY4i87qwUcIxCjoK/R7wl+zf8A8It+1R45/aZ/ 4SH7V/wmmkWelf2V9k2fZvsiwr5v2nzm8zd5P3fKXGepxz5/f/sS+F/EnxK+OXjLxnrj6po3xt06 w0+40yO18iTTxYQJEssdyZXEj70WRMxKFYDO4DkA/KPxBpUnwk+B+k/Cj9r/APZehl8E6Kloi+Ov Bj2z3AjWRNt09xGsnzXPAkaSaLzC2NgJUD+gz4f61oHiPwJ4c8QeFL19S0TUtOtLmxupSzST200K vFI5bDFmQgtuGcnnmvzNX/gnt8fNR8CRfAfxN+0hf3vwigEMH9kxaJbR3z2MLqyWv20ytIqKFABO 5OMeXt+Wv0+8IeFdE8C+E9G8FeGoPs2k6BZW9haRZzst7WNYo1z3IVRz3oA/KP8AaB8TfBq1/bSv Lnw58L9e+Pvxb0zQ7e1m0Y/ZW0LRLV9ksT5ngcxTMJAxdtyL5xwQzYHl/wCy4virS/8AgpnrR8Q/ Dey+EF3rvgqW4uPD2m3tveQBfOg2SyNaKkIkfYGZQoOfmIyxr7F+Jn7GHxHm/aB1n9oz9nb4sSfD XxD4rtIbPWoJtKg1a1uVhSONZESZ1VTtiQ4Kk7gSGXcwMPwg/YS1z4X/ALRdl+0nrHxW1Dxj4iut OubPXhqVhGDqMs4IV7doplW0ijCxBYdkoATAYBhtAPsr4wf8kk8bf9gPUv8A0mkr8D9T/wCUYf7L H/ZSbf8A9LtZr+hLxhoH/CWeEtb8Lef9l/tmxubLztu/y/tETR79uV3bd2cZGemRXwRc/wDBP8XP 7MPwr/Zw/wCE82/8Kz8SR+If7U/svP23y57ybyPs/wBq/dZ+17d/mv8Aczt+bAAPMfFHgHwLf/8A BWTRbK+8OabcW918Pn1KaOSzhdJL77dcf6S6lCGm4H7w/NwOaP2cvAPgWD/gpB+0bFD4c02NNDtv D0+nqtnCBZzS2cTSSW4CfundiSzJgkkk819A/H79kPxj8TPjv4Y/aI+FHxMm+HXivQtM/sadv7Oj 1GG5sfOkm27HliCkmV1bO4EbSNpXJNS/ZD8Y2H7Wt3+078NviZN4ZtfEp05fEehvp0d3HqMOnpHF 5STtKhiEkcSjIRmRizAkHaAD8iZPGXiTwf8A8E2vjinhuaS2bXfirqGl3csR2lbS4jtGlUnssgQR t6hiDwTXs3xJ+EPxW8Tfs7y/CTSv2KtL8Lw2VjGLHxCni3RDd2k8QBW8efy43lLEZl3SgSAkE9CP 0K+HX7CXgvw38BviJ+z/AOP9afxXovxC16+1ySeK1FjNZvdrB5YizJcAyQPArrIeCeCmMg+J6j/w T7+PninwbZfBLxz+0jqOrfCaz8mM6WmjW8N/NaQMGitpL7zXdlTau0vvXgfu8AAAH3l+zq/j5/gT 4EX4pKR4th0i0i1MtPFcs9zFGEeQywM8bmTbvLKxBJr899b8JeHvjv8A8FTdW8I/Fyyi1vQPhz4N hv8ARNLvAJrN7ieS28ydoHBRyGnYHIOSkZP3AB+pfg7wl4f8A+E9H8EeFLRbHRtBtIbGzgUkiOC3 QIi5OSTgDJJJJ5JJr5S/aI/ZDm+LXxB8P/G/4XeNrr4ZfE/w3AbSHWLW2jvIbm0JY+RdW0jIsoBZ gCWIwSGVwF2gHyf8ePB3hb9nv9vr4A+MPgxpEGiX3xBj1fS9c0zTI0toL23gSLy3eFAqbmaTcWwM tEp6rmj/AIJu/Bn4WfGf9nzxD8V/i54csPGni34ga3qh1m71W3S7uAFfYIEeUFogB8/ykHLA54XH 038Hf2OdZ8OfF9P2hvj78Qrn4q/EOztDZ6ZcSWUWm2OlxOHWQW1rCzJuZXZd3yj5mYrubcPPrz9h f4oeB/GHiq8/Zi+Nd38LPCHji5e81LRF0qHUUt7mVcSy2MksimBn6AoFZOMMQiBQD85/BM+o/BX9 gf8Aa00X4cXU6x6N46n0OC7ikIkWwe4tLJ3LjBO+AlCR/ez0r7c+On7Jf7O+l/8ABPLVItI8L6Zb XXhzwomsWesR28S30l7BbLcec1yF8xzcsCrgnaQ2AAAuPcfgD+wZ4I+DXwd+InwM8Ta3L438MfED Ubi7lW5g+zXENvNFHGkbSJI/mTR+WH89RH8/zBFxXh2o/wDBOz43a98NZvgFr37R2pXPwstYWi0/ S/7Gt/tSLGCbSK5uxKJJoLeQI3lZCuqhV8rClQD7F/Yq/wCTSPhD/wBixpn/AKIWvp6vMPgr8N/+ FPfCTwh8LP7R/tf/AIRTTLXTvtnk+R5/2aMJ5nlb5Nm7Gdu9sepr0+gAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD /9f9/KKKKACiiigAooooAKKKKACiiigAooooAKK/OL9vj9qb4hfCOTwb8DPgJbpc/FP4nXH2axkd VkFjbs4hE218rveRsIzgooSRmHyjPlFr/wAE1Pi5rOk/2/42/aZ8ZP48mQyG7s7qYWUE7DJWONpl laNTwNrxZA4VegAP10or81f2Ffin+0svi/x1+zj+0vp97q2q+A3BsPFBtZRa39vuVfLe68tY5JCj xyxEnzXRm3jKE191/Dv4qfDr4t6Vea58NPENp4jsLC6eynns5BIkdzGqu0TEfxBXUkehFAHf0VwG kfFT4da/481j4YaN4htLzxX4fiSfUNNjkDXNtFIEKtInYESJj/eFeN6v+2x+yfoVhbanqfxR0WO2 vLmWziZZzITNBt8wFYwzKE3rliAoz1oA+o6K+dPEf7XP7M/hKPVZPEPxI0a0/sUWpuh9pDun22Pz bfaqbmcyx/OoQMSuT0FdxYfG/wCEOp/DRfjHZ+MNMPghkaT+13uUjtAEcxsDI5ADBwUKnDbvlxni gD1OivnX4cftbfs1/FzxF/wiXw6+Iek6zrTFhHZpMY5pdgy3lJKEMuBz8m7jJ6A16P4t+LXwz8Ba /pHhfxp4lsdE1XX1next7uZYnnS1XfMy7sDbGvLEkADmgD0Oivmvwh+2L+y94+8Xx+A/B/xL0bU9 duJBFDbR3AHnyHokLsAkrHsI2YmvkX9u39sWf4NfFn4PfDTwh4zs9FjvfEdlL4wQBGuLbSBPauPN ZgfKiljaQuVwzKuMgZBAP1OrjfG/w78A/EzSP7A+IvhvTvE+mhhILbUrWK7iVx0dVlVgGHYjBHrV 7wf4w8L+P/DVh4x8F6nDrGiaohktbu3bfFMgYqSrdxkEfhXwX/wUn/aK+I3wE+E3h7T/AIVXMWk+ IPHWrppCarOB5dhC0bM8gZgUSQnaAzA7V3sBuAIAPtzwH8Lfhr8LrGTTPht4V0vwtazbfNj0yzht BIUztMnlKu8jJ5bJ5Nd5X5Hf8O2vjGNI/wCEgg/ai8aHx4Yci+N3cfY2lxnZs+0ed5WeP9YeOdv8 NezfsL/E39oLx18KvGPgn9pPT77SvFPgi7m05dbu7SS1S/tirqs6SFI0maFo2DSR43L5bN8xLMAf ceueCfCHiXWdE8Q6/o9rqGqeG5pJ9MupoleazllTZI0LkZQuvytg8jrXUV+UPhn4vaZ+zJ+wr4n8 XWnx0tviprgn1OPQ9fvnlnE+pmAPDYotxNOztHsLBS+OTxjOfXv2QP2t/h/4w/Zf0vxx8S/iFY3m veG7CKfxVdXEqI1lLeXEiQm4Cqqx7yAqADHQAUAfoBRWJofiTQfEvh2x8XaDfRX2janax3ttdxNm KW2mQSJKrd1ZCGB9K5v4f/FT4c/FXw1J4x+HXiGz8QaJDLJA95ayh4VkiAZ1LcAFQwJ9AaAO/or5 J1n9vD9j7QdYOg6j8V9E+1hzGfJma4iVgcENNCrxDB7lsV2nxu+Pfgr4bfATXPjFY+JdNW0fTLiX Rb1pVms7u+a3ke0jjZCVk8x1AAU88jNAH0FRX5O/szftG2v7RH7EOv6Z43+LkGjfEn+yddudZ1VX EV1osMl5cLBdtHAYfLSKIxlNjLhduCK+3/2bzp3hv9njwpJe/EFPiBZWFjI8niieVtl7GkkjNO8k 0khCoPlJaQ4C9cUAfQdFfK+lftv/ALJGt+JU8JaZ8VdCm1KSRYkU3OyGSRjtVUnYCFiTwNrnP417 d8Qfib8P/hToUfif4j69aeHtKmnjtUubyQRxtPKCUjB7swUkD2oA7qivmXXP2zP2V/DXjCTwFrvx Q0Oz1uGVoJYXugUhmRtrRyzAGKN1bgq7gg5yODX0tFLFPEk8DrJHIoZWUgqykZBBHBBHQ0AZmveH 9B8VaPd+HfFGm22saVfoY7i0vIUuLeZDyVkikDI6+xBFWNK0rS9C0uz0TQ7OHT9O0+GO3tra3jWG CCCFQkcccaAKiIoCqqgAAAAYq/RQAUUUUAFFFFABRRRQAVXu7S1v7WaxvoUuba5Ro5YpFDpIjjDK ynIKkHBB4IqxRQB4H/wyn+y7/wBEe8G/+E/p3/xitrw7+zv+z/4Q1q18SeE/hl4Y0TV7Fi9veWOi 2VtcwsQVJjliiV1JBIyCOCRXsVFABRRRQAV59a/Cb4XWPjy6+KVn4S0qHxjeoEm1hbKEahIoQR4N xt8z7gCH5uVAB4Ar0GigDifG3w0+HHxLtbax+I/hTSfFVtZOZIItWsYL5InYYLIs6OFYjgkYOK85 /wCGU/2Xf+iPeDf/AAn9O/8AjFe+UUAeR+CvgB8DPhvr0vij4e/D7QfDWrzRmJrvTtNtrSby2+8i vEilVbA3AYBwM165RRQAUUUUAcu3gnwg/jJPiG+j2reJ47I6aupGJTdLZGTzTAshG4Rl/mKg4J5r qKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAo oooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACii igAooooAKKKKACiiigD/0P38ooooAKKKKACiiigAr5h/bF+NGtfAL9nrxP8AEfwzEkutWywWtkZF 3xxT3cqwrKwIIIjDFwDwxAU8Gvp6vOviz8L/AAp8aPh3rnwy8awtLpGuweVKYyFljZWDxyxkggPH IqupIIyBkEZFdWBqU414SrK8U1deV9TSi4qactj+UnRP2xP2ntC8YJ43t/iVrdzqCy+a8Vzeyz2c nOdj2rsYDHyQECAL/Djiv6svg54+PxU+FHhH4kPbfYpPEul2l/JAMkRSTxK7opPJVWJCnuMGvyB0 T/gjgYvGCP4h+I4ufC8cu5ktrExX0sWf9XuaR442IwN+H9dtftf4d8P6P4T0DTfC/h62Wy0vR7aG ztIEztigt0EcaDPOFVQOa+z4zzPL8RGmsIldbtK2nbZf8A9XNcRRmo+y3Niiiivgjxj8WP2jzHpP /BXX4Dav4jjMml3ehx21qx4UXDNqccag9CyzyRsR/tCv2nr4Y/bi/ZEuv2nvCmhaz4G1ZPDfxH8D XRvtB1FyyJvyrNDI6AugLxo6SBWKOoIBBavmy0+Nf/BWLRdCHgy/+B2i634hiQwR66t/apbSlRtE 8kS3aR7j94jdGM/8s1+6AD9NLD4vfC/U/iLqPwjsfFFhL400mJJrrSBOovI4nRZA/lHDEbHViVzg MM4zX5q/8Ecv+SB/EH/sedQ/9IrKvWv2IP2P/G3wY17xZ8dvj1rUfiH4s+PiftssLeZDZ2zusrQq +1Qzs6rv2gRqERI/lXLfLnwr+GH7d/7Eni/x34D+DPw5074neBPFerS6lpd1JqMFp9mkkG1WmEks Tg+Usayqy7CyDy35OQD0j9ncg/8ABVf9o0g5/wCJHYfpFp9fMn/BMX9kr4I/Gzwp8TvH/wAXPDFv 4olHiCXSLVLpn2W8cMaTyNGEZSHczKN+cgLhSMtn6k/Ys/Zw/ae+G/7VvxK+Mn7QFpbXH/Ca6PE7 alZ3Fu1u99PJbzPaxQrIZlW2CtCGaMKfLyrMCCfVf+CbPwJ+KvwB+FPjTw18WtE/sLUtW8V3mpWs X2m2uvMtJba2jSTdbSyquWjYbWIYY5GCMgHxT8Pv2dvhl8b/APgqN8bLH4kaJDrHh/wrYwXEGnyZ W3a4eGzgi3ouAyJGXwvTdtPbFc5+33D4S8IftDfA39l3SvBWqa18LPDGnNrreE/DsUktxfSTXF2X REB3yAC3Yuc5VHlIIJJr75+BXwJ+Kvg39u344/GXxJon2Pwd4ws7SLSr77TbSfaXiW3DjyY5WmTG xuZEUHHHaof22v2YPit8QfGvgT9pH9nK7tofif8ADdmWG0vHEcOo2ZYv5G9iqA5eRSGZFdJHBdSF oA/NL9qHVvCXxV8B6fH8EP2TvG3w38e+Hbu1udI1ew8MmwEYhkUukxtEDOAo3RkqWWQAggFs+p/t o+Hbr9oD4qfsX6B8TrO4sbjxtZw/25ayI1rcRtcmxe9hZCA0T8umMAqe3Fe0eP73/gpr+07Bpvwv TwRD8B9IN1BJq3iG11lZLrbC2WFu1rP5u0n5giA7ioVplUtn1/8AaD/Zx+Kvib9o/wDZj8WeDLC4 8Q+G/hlI6azql5fQG5SNDbhZpvtEqzTySCNmdkV2LZJ5NAHzf/wVM/Zu+Cfww/Zx0X4g/C3wdpng 7X/DetWEMF3pNslnM0MiyArI0QUyMHVHDvucMuQ3LZs/8FBvCXhDXfi7+yTr+q6Bp1zqHi7xNYwa xM9pCz6hAZtOXybpiuZowrsoR8qFYgDBNfXn/BSH4K/Ez49/s2zeAfhNo39u682rWN0Lb7Rb2uYY d+9vMuZIo+Nw43ZPYV5n+3V+z58c/iB4Y+CXjj4KaPb654q+Eup2+oPpk9xFCZWQW8gIaSSONlSS 2AdRICQ3y5oA/SvQPD2geE9HtfDvhbTLXRtKsV2W9pZQpb28KZJ2xxRhUUZJOABya+b/ANqjwT+z r8Z/C2n/AAI+O2uWWm3fim4VtDhe8ittRN+mYo5rFHOXkUy7MbWU79rAhsV6z8GPEHxK8U/DPQ9e +MHhqPwh4wuklN/pcM6XMduyzOke2SN5FIeMI/3iRuwcEED5Y/bw/ZH179pjwx4Z8SfDbV00H4jf D68a/wBEupWZInLGN3iZ1DGNt8UbxvtIVlwQAxYAHyX/AMMQ/t7fs+2uf2Yvj2+vaTYrm30bWwyK I16QwxXAu7UEjjP7kd8rXv37Hv7Xnjb9oLwv8Svhj8Z9Bj8O/Er4cxS2+pxwKUhuFKyxFwhZ9kiS RlZAGKHKshwdq+T23xr/AOCt2g6XH4R1L4JaDrmtLGsUesrdW4hlIG3zpUjvkiDk/MceUv8AsAcV 7J+xt+yT8SPg/o/xJ+J3xp1SHW/ip8VTJPfi2ZTBbBvMcRBwEQu8kpL7QI1CqqfKuSAfB37Nvhnw 34i/4JF/EufxBpNpqcukTeIL2ye6gjma1uo7aNUnhLqTHKoYgOuGAJwea7q88FeDfD//AARs1DxJ oOg2Gm6vr2hac+o3ltaxQ3N60WrxhDcSooeUruO0uTjJx1r3j9l79lD4weG/+Cfnjz9nf4gaXH4b 8X+JRrcdrDNcwXESm8gRLdnltHmQKXX5sEsBzt6CuV+B/wAC/wBqfx5+yF4y/Y5+Ofgu08E2Wn6M LPw/rIvILgXV0ly1zGtwlvNOQiuseXVBlM8bsCgD7q/ZiIH7G3wuYnAHgfSMn/uHR1+Xn7EOleDN c/4Je/EDR/iJ4wl8B+GbzV9Sj1HV4QrSQ2zLab41VlbeZx+52KpZw+1RuIrt/hvZf8FOtI+EFh+y rH8O9I0OCwsxoieM7jUbeRLXTCDEsiQRTMZJI4flQqhbAUtHuyayPAf7CPx31H/gnT4m/Z28RWcf hvxvJ4jk1iytZruCWG6ii8gokkttJLGokCNtyflcKWAHNAHmfh34pfsa3vwc/wCFO/BH9mfxD8WF gsHtJNdHh6CKS6nVCr3r6gPOuInLZfdtXy/urtUADu/2IdL0nxv/AMEtviNpnjKwttctNBPieWwi voUuUtZYbAXEckKyBgjpLI7qy4KsxIIJr0zwjq//AAUh134QaX+zrpPwe0j4cyWmmw6JP4qudUtn t7e2jiWFpobO3aQ+ayA4MfmKHOQqiu7/AGHf2ZvjJ8Nf2S/iX+z58VtFTw9qmuXesRWFz9qt7qCe 31Kxjtlm/wBGkkZArqxKuFbBHGcgAHz9+zz4K8G6d/wSJ8V+NtP0GwtfEWreGPFEN5qUVrEl7cxx Xt2qJNcKokkVQqhQzEAAAdBXinxX8R+Ibn/gnV+zB8GNIvpdMsPiVqqWGozxnAa3iunCxP6qZJUk x3MYzxmvoP4DfCD9tLw7+yl8Sf2Q/HXw0tbTS7bw3rcOganDqNmz32oX05kS2P8ApJUK/nSMsjLG qhQHIPX0vWP2GfHvxP8A2Avh18F9ZZPCXxP8BY1CwaSdZIoL1JpiYpJrVpV2vHJkPGW2uFPOCCAe 5/Fn9gv9l68/Z51v4e6L4E0rSJdM0q4aw1WK2jTUobqCEtHPJeYE0hLqDIHchxwwxjH5CfEj4jeI viN/wSH8HyeJ7mS8uvDvjGHRo5peXe2tYbgwLnuI4nWMH0UZ5r7m8WeM/wDgqR8S/hxcfAu8+EWm eHdY1m1Om6j4s/ta2+z/AGaVfLlnjiilfy5HQnJTey5JSNTja79ov9g/xxov7BXhf9mf4FWLeMNf 0nXLfUr2RprayNzI63DXM4NzLFGqq8ioibywQKDuIJoA7b46fsR/s5+DP2GvFen6Z4I0xNc8MeFr jU49a+zp/akl/ZWxuGme7AEzeY6HcpbZg7QoXAH0D/wTs1jUdc/Ys+Fd7qk7XE8enTWys5yRFa3U 0EK/RI41UewFewfH3wb4j8a/s3/EDwD4YtPtuva34X1LTrO38yOPzbq4s3ijj8yRljXc5A3MwUdS QOa4b9iH4a+NfhB+yz4C+HHxE07+yfEWi290l3a+dFP5TSXk8qjzIHkjbKOp+Vj1x1yKAPqyiiig AooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAC iiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKK KKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD//R /fyiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK/ITRf2iP29/jL8a/jD4C+BUHgePR /hlrsul51qK8jneJpZ0gO6GRw7bYDvOFGcYHoAfr3RX5ufBb9qf9oLRf2ibD9l79rTwto+l+IfEt hLqGg6r4fkkNldpbpJJIjpNJIwbbFJg/IQVwUIdWr9GYL6yuppre2uI5pbYhZURwzRk9AwByCcd6 ALVFZN3rukWcV5LNeQg6eu6cGVQYwRkb8n5c9s9a+a/2Pf2kh+1L8Io/ihPp0Ghz3V9ewpp8c/ny Q28EpjiMjEKSzAZJ2qM9BQB9VUVUnv7G1nhtbm5jimuSREjuFaQjqFBOWxntRNf2Nvcw2dxcxxT3 GfKjZ1V3x12qTk49qALdFc94k1O4s9KvoNHmthrbWs8llDcOFWSZEJTcCVOzcBuIPAzyK+EPiV+1 X8V/2dv2RdG+K/xj0bRtT+JF9eGxmsdOugunK013MkMyMrzM6JAsZkVX5ckbl7AH6IUV8UfH39ov xZ8Ovj3+z98OfBh0+80D4o6hq1rqc0iNNII7FbYx/Z5EkVVOZnDEq3QdMHP19pXiPw/rslxFomp2 uoPaNsmW3nSUxN/dcITtPsaANmiisG/8VeGNKtZr7VNYs7O2t5PJklmuI40SX+4zMwAb2PNAG9RV P+0dPFiNTN1F9jZBIJ96+UUbkNvzjB7HOKrW2u6Je38mlWeo2897DGkskEcqNKkcn3HZAdwVuxIw e1AGrRWHN4n8NW2rx+H7jVrSLVJhlLR541uGH+zGTuP4CtygAoqtc3tnZCM3k8cAmcRp5jBdzt0V c4yxxwBzVbTdZ0fWRO2kX0F8LaRoZTBKsvlyL95G2k7WHcHkUAaVFYdj4o8NapqE+kabq1pd31r/ AK63hnjklj/30Ull/EVo3+oWGlWcuoancx2drAN0kszrHGg9WZiAB9aALdFY1j4j8PanDa3Om6pa 3cN9u+zvDOkizbfveWVJDY74zivH/hfrfxr1L4m/EvTviNBpEXhHTrqyXwu9hIHvHgdZvtJvVErl WBEezKpn5uD2APeaK5+28WeFbzVpdAtNZsp9TgyJLVLiNp0x13Rhtw6dxXzX8b/2nrf4SfG34R/B yGxtrlviReXsV3ezXIjGnwWUSPnywOXlMgClmAAB4bIwAfWlFZ1/q+k6VYNquqXsFnZIAzTzSLHE AehLsQuPxp+nanpusWceo6Rdw31rKMpNBIssbD2ZSQfwNAF6isRPE3huS4tLSPVbRp7/AH/ZoxPG Xm8v7/lruy+3vjOO9Gr+JvDnh94I9e1W001rltsQuZ44TI3ogcjcfYUAbdFIrK6h0IKsMgjkEGvA Pj/8Y4fhz8HfiN4t8Gajp154n8HaLe6hHaSSLMY5beJmTz4UdZAuRyMr9aAPoCivljwZ8fb1v2Ot N/aS8cJbpejwkPEF5HArRwNMtqZzHGrMzAM3yqNxPIGa6n9mTxb4+8X/ALPHgfx78Xp4P+Ej13S4 9UvHiiFtCkd2TPCNmcJsgZA2T1BJxQB79RWTo2v6F4itTfeH9SttTtlYoZbWZJ0DDqNyEjPtVfU/ FPhjRbyDT9Z1ezsLq6/1MNxcRxSSf7iuwLdO1AG9RVa6vbOwi8++njt4yQu6Rgi5PQZJAye1Zy+J PDr6w3h5NUtW1VF3m0E6G4C+pizvx74oA2qK/P39tj9pj4mfCTXvhp8JfgcNG/4TP4l6lPZLd6y7 Na6fFbrDl5UjIK7jOrBmDAKrYRyRj0P4Jar+1mvxHi8OfG268Lat4Zi8Om4bUNEZlnm1d7pNm2J3 Di3+zMfmMSguAQcHBAPr+isS68TeHLDVYNCvtVtLfUroZhtZJ40nkHqkZIZvwFWTrOji0lvzfQC2 gbZJL5q+Wj5A2s2cA5IGD60AaVFVp7yztbZr26njht1AJkdgqAHoSx4xUUuqaZCYBNdwxm5Vni3S KPMVRuYrk/MAOSR0HNAF6isux1vRdU07+2NMv7e7sMMftEMqSQ4X7x3qSvGOeeKj0bxF4f8AEUUk /h/U7XU4om2O1rMkyqw7EoSAeOhoA2KKyNZ8QaD4dtlvPEGpW2mQO4jWS6mSFC56KGcgEnsK+RvA v7QfjPxP+2z8QP2fLlLFvCfhnw5YatZTRRt9qea6FuW3y+YUZP3rYAQduT3APtCiisS58S+HLPVo NBvNVtINTuRmK1knjWeQeqxk7m/AUAbdFfGPxI+P/jjwn+2j8I/2ftLhsm8M+ONL1a8v5JIna7WS yt7iWIRSCQKq7ol3Ao2RnkdvVfgzrfxr1fxB8Q4fi1BpEOmWGu3EHhw6ZIJJX0pXcRNeASSbZ9u3 cCE5z8ooA95orDHijw0dY/4R4ataf2rjd9k8+P7Rj18rO/H4Vpz3tnavDFdTxwvcNsjV2Cl29FBP J9hQBZorFsPEnh3Vb650vTNUtby9s+J4IZ0kliP+2iksv4gV8x6z+1Da6d+15o/7MUdlarbXfh2b XLnVJLkblmE7wR2qR8AN+7LMWYk5ACjGSAfW1FFfF37CH7QfjT9pD9nq3+KvxHjsbXVH1C+tnFlG 0FusVswCnbJJIQcHklqAPtGiqdrqFhfW322yuYri35/eRurp8vX5gSOO9UNI8S+HPEBmXQdVtNSN s2yUW08c3lt6NsJ2n2NAG3RVS31Cwu5p7e0uYppbYhZUR1Zoyc4DAHKng9fSlN9ZC8GnG4j+1FPM 8nePM2Zxu25zjPfGKALVFc/beLPCt5q0ugWms2U+pwZElqlxG06Y67ow24dO4roKACivkH9rD47e KvhpH4K+F/wnW3m+JfxQ1VNM0f7SnmwWdvEVe9vpo8gvHBEfu55LZ5CkHub/AF742ad8f9I0H/iT v8LE8OtcajeTSJHqn9rJJKCVj80YtzGsZJ8vAJb5uMAA+haKpjULBrL+0luYjabS/nb18vaP4t+c Y980HULAWX9pG5i+ybd/nb18vb6784x75oAuUV8XeG/2hPGetft0+Iv2c2SxfwhpnguLxDbzRxsb t7qS5tYuZfMKGMpMxACA9Du9fsSLUtOmvJNOhuopLuEbnhV1MiDjllByByOo70AXaK5+28WeFbzV pdAtNZsp9TgyJLVLiNp0x13Rhtw6dxXQUAFFfIv7Y3xl8a/CXwR4V0r4XyQJ418feJtK8O6UbiIT pG13LumlaMkAqsSMCTwpYGvrqgAor56+A3iv4vajoOuSfH/+xNP1Y+ILu10hNKnRo5dMVIvs+/8A ey/6QXZwy5Bxt+Ud/eri/sbOWGG7uY4JLltkSu6q0jeigkZPPQUAW6KqzX1lbTw21xcRxTXJIiRn CtIV5O0E5OO+K+OP2EP2g/Gn7SH7PVv8VfiPHY2uqPqF9bOLKNoLdYrZgFO2SSQg4PJLUAfaNFZg 1rRzp76uL+A2MQJe481PKUL1JfO0Y781Ho3iDQfEdsb3w9qVtqluDgyWsyTpn03ISKANeiio5pob aF7i4dYoolLO7EKqqBkkk8AAdTQBJRVZLyzltRfRzxvbFd4lDApsHO7d0xjvVcavpLR28y3sBS7O 2FhIuJT6Ic/MfpQBo0V86fG3xp8VB4W8Pal+zlPoOsXk3iC1tNTfULlDbrpu2X7V5LLLGDcK4jCr knG75T24X4pfHLxh8F/2lfAHhvxdJBN8MvifG2j2c4iCT6b4hjYNCskufnhu0IRARkPk5CjBAPsW iisvV9c0Xw/aG/17ULfTbVestzKkMY/4E5A/WgDUorN07WtH1jT11bSL6C+sXBKzwSrLEQOpDqSv H1qheeLfCmnpaS3+tWVsl+dtu0tzGgmb0jLMNx+maAOhoo68iviz9s39pbUPgl+zp4o+Kfwlv9J1 fXdBurC3McrC7hjNzdRwuJUhlRg21jgFhg9qAPtOisvQ7yXUdF0/ULgAS3VvFK+3gbnQMce2TWpQ AUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAH/9L9/KKKKACiiigAooooAKKKKACiiigA ooooA+J/2pviv4u8Lavp3g7wxeSaYk9qLueeE7JX3u6KiuOVA2EnaQTn2rI/Zg+LnjLXfFM3gzxL fTatbTW7zQyzsZJYnjxkGQ5YqwP8RODjHU5+kPir8GPDPxXgtm1WSSyv7IFYbmHBYIxyUdTwy55A 4IPQ8nNP4UfA3wv8KZLi/sJpdQ1K6Ty2uZgAVjyCURV4UEgE8knA5rtVWn7LltqfOSwOK+u+15vc 9enax7XRRRXEfRhX4GfAzwv+1d4j/ai/akb9mnxnofhOGDxew1NdYtDdGdmuL3yDFiGXbtAfd0zk dcV++dfkZpf7Ln7eXwn+NHxc+IXwG8T+BLTSPibrkuqNFrDX8twkYlmeAMI7MqjBZm3BXYZ6HigD yTwqPjP8Bf27/APij9tyW38c634+t20DwjrukTiOw0yaR/Kki+x/Z4Duc3KIWIGBKWBkOdn0h+xR /wAne/thf9h7RP8A0C+qbwV+x/8AtE/EH46eEPjl+2B8QNJ8QN8PWefQ9E0C2eOyiun2t5rySxwt w6I5+RmYogLBV2lvir9mn9rD4XftG+OvjX+yn4g8LyaX8Txatq+meJ1ugtvdW6FFmjNqpLhSzup3 LjzCpRwA1AHA/CbwR4R+J37ZX7Y/gjxtYJq+hapB4djurZ2dUkEdvvALRsrDDoDwRyKt/wDBIH4Y eA9J/Zwtvitp2kRw+LNdub+xvb8PIXmtre5PlxlSxQBcDooPqa9e/ZF/ZN+LvwP+LfxW+JXxa8Va d4tm+JEWnSvc2glinN4iyPdh4WiWOOJZJSkGx2zGqllQ/KJP2GP2d/2if2X7TV/hR451jw9rXw1s 3urjRp7L7Quqm4uJlYeejxrEsZTeWUMxVyAGZeQAc1/wU60G/wBE+Gfgf9o3w9CZNY+DPifT9Yyv 3jZTTRxTx/R5RBu7bQc8V8Gftn/FLXfE/wC1fB+0X4GuTeeDv2dv+EQa7eIFklXXJzdOykf89I3W Fx7Y4Nfu98Xvh5p/xa+Fviz4ZaptW38T6Zd6eXYZEbTxMiSD3jYhx7gV+dfwI/4J9eK/An7IHxS+ BHxG1bTdU8X/ABE88rfW81xPaRfZ7aOPTFeSaGOUrBNHvIEZwDhc4FAHOTSQfHn9s343/E+B1vfD 3wZ8Dy+HNMlU5jbUNStppp5EPQsitPE2OxXPGK+EPHfgHwhrX/BJL4NeOtT01J9e0bWr6ytLos4a K3vtavvtEYAYKRJ5aZJBIxwRzX64/sj/ALI/ij9nz9mbxN8LfE+o2OpeNPF8uqXOoX1vLNLbPPdx fZ4P30sUcrKsaqzEx5DM+Aep8h1D9gz4lar/AME8fD/7KFxr2lW3jXw7eS6hFdxPPJpskp1K5u0Q yNCkwBinwW8k4cdCOaAPG/24v2dfANr8U/2R/wBnrwFbyeE/Cl7qviO1MVhPIssNtdSWE12IpZGd w0geTkkj5umOKvfGf9nf4Xfsh/tRfs1+LP2eNPn8It4s8Rf2Bq1vDeXM8N5aTNbxkOLiSQ8q7bhn DHa2Nyhq+ktY/Z2/aa+KXjv9nX4ofFzUfC6a98K9S1q610abLdpFcQXxtxbfZEeA5kCQnzQ7IucF SQcD1b9pz9nrxn8afiR8DvGHha90+1svhp4nj1rUkvJJUlmt0eFituI4pFaTEZ4dkHT5qAPsavwz /ZU/ZR+FPx8/aA/aX8XfGOwbxNpuifEDXbLT9KmnlS0hnnvJnuLoxxuuZHQRIp7BT1O0r+5lfgt+ zboX7WcHx7/ac8X/ALM+q+G5oD4/1my1LR/E63Qt3cXlw8N1BJa/MJE3MrKSoZcZ3ELtAOd1eK8+ D/w4/bS/ZK0u+uL/AMFeCLCx1TQI52Mv2CLVAk81sJWyxUeZGACfvI7feZjXqHw++APw9/Ze/Yri /bM8M21zefFuTwQt/Hqt1cy3Ajn1yGIRssDMYx9nSVVU7fug7i2a990j9hn4iJ+z58Z9I8VeJ7HX fjJ8b1EuranIZYtLikicm3gi2xNIsMSs/IiychQoVVr658P/AALs779lrRP2c/iM0d3FH4TsvDmp SWbtsLwWSW0kkDuqtgOu+NmQHgEqOlAH4PeBPCHwA8R/AWA+Mv2f/i/4r+JPiSy/tGbxrbaNc3LS alcr50d1az/bAskCsylGMf71PmYFmr9C/g7+2f4j+Bn7LXw2vv2ofB/jG88XX7ahpriHSZHvmTTJ FEU10l1JA+ZIZIwJDkyMrsec1naH+z9/wUe+G3w0b9nb4e+O/Bt74NhiksNO8Q3i30Gu2OnPlQip GrxK8aHEWPMKYAEgwu39CvgF8KJfgl8JvD/w2u9fvfFN5pUTfadT1CV5Z7qeVzJI37xnKoGbbGm4 7UCjJIJIB+Q/7d/x60H9qv8AZj8D6x8O9O1zwu0XxO0rSkbV7YWF0ly+n3brNEI5ZPlXzVw24EMD 6ZrY/bF+DvgX9hH9myfSP2bLXU9E1b4ra1pHh7Vb6Cea71CS1hhuZn+zlnGyWYgqUQqrh2AA4x9+ ftofs9eM/wBozwj4D0DwTe6fY3HhfxhpniC5bUJJY0e0sorhJEjMMUpMpMq7QwVSAcsOM9l+1h+z jpH7Ufwfu/hpf6k+iX8NzBqOl6jGpdrPULbcI5dgZdwKu6MMg4YkEMAaAPxD+JHg/wCFGj/D3Tp/ 2XP2dPjD4E+KvhiS2n0nxDLoV0rSyxuom+2MlzLkSpvPyRcNgACMsp+t/iR/aP7YP7U3wY+Anxkh u9N8IW/ga18ba3oDCWxN1q9wrKbeZcrKohJVSpIZMSr8rEkd74n+Bn/BSP4xeHdM+EXxO+IPhPw1 4Wglt/7S17w4b9Ncv4YGDDhkjjV2IBbZ5SkjnK5U2P2oPh74Xtv2gPhFD8IviXD4D+PHh/Rza6KN chubqy1vR4xKjW13dbHQyDEp+ZjIxckLvKMoB4j8Tf2Zvhv+zt+33+zfP8J4JNG0DxVfapK+jieW W1try0t0WS4hWV3KGdJI1YDj90Meg6f4XeH/AB54s+Ln7fnhr4X3hsPFmpnSrfTJhJ5LLcyW2ohA suR5bN91XyNhIbPFeZ6loXxw1P8A4KP/AAJg+NfjfRvFnjC1TULm40rw5DImnaHYwW8rp80uHMlw 4kLGRQ/yoMkFAPtjw9+xx43/AOEv/af1DW/E0Wjaf8b5NOfR7zR7i4XUNPayS5/eTjZCFIeVDtjl YOoZSVzyAfkTp+h/ss+D/Anhz4Z/tB/DTxj+z/8AE/SpLYr44iiurhJbyGRWluQ3mISJcEqI4pBF nKP8vzfaf7XPwW+D3j/9rn9l+81ixg8UW3xJS+j1m/ErhdZt7KztfskpMThVXaxZTFtBDdxXXa9+ zN/wUP8AiD8IR+y/4/8AFnga48DNHbWU+vtHfXWtS2NrIjR/JIgjaYBBksFYn/lrn569e/aB/Y9+ KV3Y/APWP2a9b0u01/4DwvZWUfiDzvs93bPb29uGdoEkbcBb8rgAhyQylQCAfEXx+8UeEvGf7b2t /Cv4pfD7xj8R/hj8INI0+z0fwv4Tspr2JLma1gkF1exrPE20CVo1bdlwqA/KGDehfsnXGqeCf2yI NN+Bnwq8f/Dv4O+NtLuV1fTfE+k3VtYWWrW0Us0dzBI0k6RiQRJGC8mSzsgGCgX6a+In7MH7R2l/ F/Sv2p/gH4h8P6b8S9T0S00zxdpGprctoeqSwRIrPDJGvnKFaNFjBVDtRTuUl1bq/gV8BP2mLn42 3v7Qn7T/AI2s5tRSxOn6X4b8NzXaaLaxuCGklSbb5jgM2Awc5bcX+VAoB8B/8Ew/2Pvg/wDEP4Oa V+0L8S7O71nxB4f12SbRx9qlEFnDpcizoi26sEffcGR2VgQcjABLFvDfgd4s+Fnxyh8W/Gf9p34I fEf40eKPFmo3KwXuiaXcXukadYrjy7Szkju4drREsCMHYAoXB3Fv2m/YW/Z78Z/sx/ACx+FXj290 +/1a2v726aXTJJZbcpcOGQBpooXyB1+THoTXzf4a/Zi/bE/Zd1jxToP7JHiDwnqnw88TX0uoWul+ KVvFn0a4uOHFu1sCHjVVUAsxzgZj3bmYA+TPA3xm+OnwK/Yo/aB0+30jxb4W0rwrf2Nv4HufFGnz Weo22ma3dG28oPICm61jXIMbERySDBAZAPUPjB/wTy+BPg79h/VfG3hu1ntfiBoPhp9an8QLdz+f ezC2868jlQyeWYbhC8YQLwCOSd2760+G37FWtz/s/wDxA+F37Q/jm98a+IfilK91q14k0rW1lNv8 2EWEc3CrFN+8zsQMcKUCqBXgHiD9mT/gon4w+CN1+zBrfjrwYng62sTYRa2iX39r6ha26f6La3Hy GONHKpHPIqlwmeZjuDgHPfEG/vNf/wCCeX7O3wC0aVo9S+MbeF/D5KHDx2QEdxdTf7qLGof/AGW9 K7z9pnwzY/HP9s74U/sd+Irie1+GGleHH8SahpNtI1vHqDwPPBbQM6FXKRiFeFPCl8YbDL6h8Mv2 UviZoPxJ/Z/vfG9xptz4b+CPgyexQ2s8khm8Q3aLazOkckUZMKwKGSRsNuH3R1rs/wBqH9mT4h+P /iR4K/aH+AHiGx8OfE/wLHLaRDVUkfTdS0+ctutrnygzqB5kmCqEneeVYK6gHAt+x74W/ZZ+IOtf tK/ADU5PCfh/RvDWpPq/hKNJrq01aW2t5ZYXEktxmFlcIQArDK4XbvfPz/8AscfsZfBv9pn4AR/H z9ou0uPHXjn4mzahdXWo3N5Oklokd1LbRpbCKRUTb5e4fKQudgGxQte/eA/2YP2gfij8ctM+On7Y usaBcJ4XsL2w0Xw54bFwbFP7QjaG4luJLgByWRj8oZskI25dm08V4D/Zt/bo/Zo0vVPhL+zl4v8A CGrfDq6ubibSZvEsd5/aeircsXdUWBWik2sxYbt6s+WKIGZaAPzw+JPjHxlb/sJfF74KeJNbuNdP wc+I8GhaZqMzlpmsoJ5EiXzMknY0TFOfkVlUfKqgfSv7bf7Ffwi/Z1/ZdHxo+HEV7p/xN8G32l3c niP7fcyX17d3FzHFPNMXkZNzySeaCqqQRgEAsD7P4z/4JxeJv+GOtU+BHgrxJZ6p488Ua9b+Itc1 rV3mhgur0HM20xRTyBQBhAVJY7mYgsQPsD9tb4GeLf2j/wBnPxJ8IfA93Y2Os6xLYPDLqMksVsot buKd97QxTOMqhAwh5xnA5oA/PT9sf4J/Cnx1+1P+y/r3iXw5BdXfxWubtfEreZMo1BLO0sFgVwrj YI1YgbNuR1zXWaa+jfBb/goT8S5fCuni30rwL8E91jZpucJb6ZJZGGFdxLEBYwoyST65r6s+L/7N Xjr4gfFn9nHx5o1/psOn/CCe8k1ZLiWZZpxcQ2sa/ZAkLq5BgbPmNHwRjPIEqfs6+IbL9svxn+0l 4hn0668D654Hbw49iGmkvmkE1vLIXhEPlmJo4XHyyliSBs5yAD41/ZG/Yu+D37Tn7OyfHf47RXXi j4h/E6bUL+41trqaK4sZI7qW3h+yiN1jTy/KDAFCAfkxsUKPlDwxZXem/wDBJL4+adqF2b+6tfHg iluWYs08iX+kK0hYkklyC2SSTnrX0h8DfCvxc8P/AAj16P8AZG/aC8Lp8A3uL2WPUdds7mPWvDkU jF7hI45I0XehLMpmKhj+8QLvzSfsMfs9r8dv+CcPj74S3uoyWVp438Q6hPYajJETuNo1mYJzGSCV Nxa/ON2eGGc0AfVn7aTon/BNvxMzsFB8OaKMk9zNaAfma+MP2pvh7b/Fi4/YN+G17dT2dj4j0qWy vJLaQxTGzlsdJFyiOOhkh3p3GDggjivUfG/7J/8AwUM+MnwM/wCGefiP448FWHhrSLS3ggnsVvWu 9Xax2G1S9leHbHErIrs8cW8sgyrZJr6U8WfspfEPXvGX7K/iKz1HS0tvgdaywa0sks4e4Z7SzgBs gICHG63cnzTFwV75AAPz8/a4+HPw1+APj74X/skfDvwz4lm+GPiq6vPFHiTQ/DPn6hq+svEgijt0 3yrJJEi2xZ08z5FLSj5lXGXHJpPgX45/DL4ifsffAH4n/DWe31S3sfE1tqOhXkel6hos7qkvmgT3 P7yMEkFgFBxITvRTX6h/tafsveLPjPq/gr4r/B7xJD4R+KHw4uJJ9JvLpGezuIp8CW2uQgZgjY+8 Ef5S6FSHyvk+mfAf9tj4yfFfwf4u/aU8Z6F4X8J+CLoXsej+Cp7+I6pcIVIF08xB8pioyC7fIWQI pYvQB5J4O+Ffg79tT9tD443/AMe7eXxF4d+Ec1loOg6JLLLDaw/aBN59wyxMjMzPAzAkndv5yEQC p+yH8GtB+Av/AAUY+MHw48JTzSaBaeFLSfTop5Wne1trma0lFuHcsxSJiypk52Yzk5J99+JP7N/7 Q3w+/aB139oj9kbWNCW58dW8EHiXQfE32gWNxParshuoWtRvDKvUblwS5ywcqK37L37LH7Qfw3/a W8cftD/HTxVoviS+8caPHazDTPtEZt7lZYSsMccsSr9miihCRtv3nA3JnJIB9P8A7VnxI1n4Q/s4 /ET4j+HHMWr6Lo9zJZSBBJ5V1IPKhk2sCCI5HViCCMDnivz2+E//AATf+CPxc/ZU0DxV4la5n+KH j3SLbxA/i2W6uJryDUtSiW6R9gmVJEjLhWU8vgtuDkMP1V+JHgHQPin4A8Q/DjxSjSaT4lsZ7C5C Ha4jnQoWQ9mXO5T2IFfl/afs0/8ABQ3wz8KZP2XfDXjzwdcfDwwS6XB4guIb1ddh0iUGMwCIK0IY RMVQAsVGAJhgFQCHXfC3iTwR+39+yh4P8X+In8W6xo3hTXbS41aSEwSXrRWN4oleMySkOygbiXYs csTk18+aZ8VvE3wX+EP7dvjzwZcPZ65D8RL2ztLhM77d7/UmtWmVh9140lZkbs4Wvujw1+xLrHw+ +OnwA8YeC9Ts5fB3wf0DUtJvBdySrqN3PfQXCedHGkTREPLPvcNKu0EhQcDMPgn9h3ULnw3+0n4G +K1/ZTaJ8bvEt9rFg+nSSyT2cM073Fs8yyxRKJoZPLfYpdCVxuIoA/LuHwH8CLv4CxadpH7O/wAY pfitLYLfQeMo9EuWlfXGTzVuhKt4QbdpumIy3l/MP3nz17N+0ZP8UfjJ8Bf2O9N+KJ1Xwr428R+K 4dG1CaaOWw1OGYziw+0lZAsiSyIBMGwM7twGCK+jx8Bf+ClVn8L4/wBnLT/H3g1PCUNuNMj8UKL+ LX00tR5aptVfLWURDaCMtj/ltu+evYfiZ+xz4w1rSv2cfD/hDxHHqdv8GvEun6zql7rtzcNe38Nt NHNO0bLHNuldlYqjsqKCF3gCgD5J/ao/Zi+En7IvjH4A/FX9nnTJvCOsHxrpmiXjQ3lzML21uss4 nE0j5LLGyNjAZXYMD8u3b8b/ALO3wX8Q/wDBVbT9B1nwvDdafq/g9/E13E0swEusfbph9qJEgO75 F+UEJx92vt/9sP8AZ78Z/tB6b8NLPwZe6fZP4N8Yab4gvDqEksYktLNZBIkPlRS5lO8bQ21TzlhX m37QX7Of7Q+o/tSeFP2nf2d9X8PRX+naF/wj+oWPiD7QsTW/2iWYyRtbxyElhLjHylSikbgxAAP0 Pr+TX9n34s+KPF3wq+Hf7J/ia8vfh98IfFXiS8tdd8TQRtjUJp9si6as7ARwocxrISW/1gZx5asr f1lV+Xnwv/4J93cX7EGpfsrfGO80661ee9vNRstQ01pZ4bO8dt1rOjTRQvlDlZFCjcjMmcNmgDxj /goW+j/B/wAN/Az9k/4c6Lq2n/DzxLfXP9r6V4VgaXVL/T9PMG60gXcpmkn893k3sSzhXcnnPzd4 3HhvwH4k8EfEn9jD9nT4q/Drxj4Z1GD7d9q0G9Fhqek/8vFvchbi5d2YhR90bgW3HcEK/ffib9jr 9oD4ofAP4daZ8QPGWl6Z8bfhBfG58PeI9PluLy1uI4xH5a3nnwQuHk8uMSsI5MmIOd+90pt/8BP2 7vjx4t8KWn7Q3jbw94Q8E+F72O9uYPBM2oQXurSQ8BZZJdpRHGQcMAu4kRltpUAy7+H/AIZt/wCC mVjqqj7N4S/aL0lraT+GJde00Dacf3nAQD1e5b615h8LvDnj39qPxP8AtS/tM/Dq8Nvq+q2l34H8 C3Qk8rbb2UQ82SGQkeX9oYRFJARsd3OeDj1f/grJH4VuP2etP1SDWFsfH3hzxBplz4bjtpB9vkvp JBG0cSqfMH7pzLwPvRp7V9C/Dv8AZZj8MfsYad+zLbatc+HNRl0TyLnUtPkaOeDVLg/aJ50eNlZl Fyx+XcN0Y2ZwaAPxD0/Q/wBlnwf4E8OfDP8AaD+GnjH9n/4n6VJbFfHEUV1cJLeQyK0tyG8xCRLg lRHFIIs5R/l+b+mjwvd22oeGdIv7PU11u3ubO3ljv02lbtHjVlnXZ8uJQd428c8cV+TGvfszf8FD /iD8IR+y/wCP/Fnga48DNHbWU+vtHfXWtS2NrIjR/JIgjaYBBksFYn/lrn56/VH4c+CNM+Gnw+8M /DrRZHlsPC+m2emQPIcu8VnCsKs3+0QuT70AfnVG8vjb/grc9tqYDwfD74etNYqw4SS6njSSRB/e ZbxlLDsMdqzPiz4b0rxl/wAFR/D/AIQ12Lz9N1z4TXtjdR/34Lm61CKRfxViK6f426bcfBb9v74V ftAzqYvC3xD06TwLqlx/BBfyM01jvJ4AnkEaA5wPLYn3oeJLm3v/APgrh4SWylWc2Pw0lSfYwby2 N7dsA2OhxIhwezA96APhnTfHfijT/wBg3V/2MJLnb46i+Ii/DWJeTJ5N3e/a/N25yYm2yxDnG3AB xioLf4geJte/YN8OfsYRXBTxzqHxCf4dXCf8tI7a1vReSSkdRHHviiPbbkHoa++dT/YO167/AG/L T9qO31OwTwNvi1S60oyzi6fWYLN7WOVYREYSocrNvMobcXG3nlnhb9gvW9D/AG+tX/aju9S0+TwS 73Op6fpqyTNeR6xe2sdvcSyQmIQBWYyyB1lLZ8vK8ZAB8MftMfFPxr+yp+2h4zl+BPhqTVNRs/hf aaLY+XC08ek2dsbeVr2WNVIZLeG2P3sIGKlsqCrfZ37PnwD0eT9i3xT46/Z/8RyeJPip8WtCurm5 8V3Unl39xqc6Nvt/NZi1v5c26P7+VkG9mJAI+iNJ/Zy8WW37bvij9o/UrnTbjwjr3g1fDi2ZeV70 3H2i2lYyRND5PklIWGfNJJIG3GSPDfh9+w/8TvhtJ8YfhB4U8XQaV8F/iFHLdaItrd3UWt+H9Tk2 MDCqxLG0AYbGH2gM6ImcEvkA/LfT9D/ZZ8H+BPDnwz/aD+GnjH9n/wCJ+lSWxXxxFFdXCS3kMitL chvMQkS4JURxSCLOUf5fm/po8L3dtqHhnSL+z1Ndbt7mzt5Y79NpW7R41ZZ12fLiUHeNvHPHFfkx r37M3/BQ/wCIPwhH7L/j/wAWeBrjwM0dtZT6+0d9da1LY2siNH8kiCNpgEGSwVif+Wufnr9Ufhz4 I0z4afD7wz8OtFkeWw8L6bZ6ZA8hy7xWcKwqzf7RC5PvQB8ReP8A/i7X/BRH4d+Cl/faT8HPDd/4 mux/yz/tHVmFnbRv/togWZPQZPrX6IV8l/s//BXxl4K+L3xs+MPxDa1fVfiHrcC6eLeUzeXomlw+ RYhyyrskZWJdBkAgcmvrGSWOFDLM4RF6sxwB+JoA/mx0jwLqev8A7Cfxc+I3hldviL4WfGDUPE1j Io+dfssdkk3P91Ucyt/1zHpXTft5fFXxJ8bPiX4V+K/wpl8zSfgf4T0Px04BLFbvW76zljjyOjCA wykkfdR+OlfZP/BNXw5o3j/9nP40+GtWUXWi+KfHXiW1k2kFZrW8s7SJyp5BDKTg1d/ZM/4J9eJv g78Fvi/8OvizrGna3q/xNtf7JW6spZ544tOgs3t7UM1xFE6vG0rEKoZVVU2scYAAug65pv7Tv/BR XQ/E+jv9s8JfBnwdBqEDfejOqeJIhLEfTJtZVb2aH16fkT+z78WfFHi74VfDv9k/xNeXvw++EPir xJeWuu+JoI2xqE0+2RdNWdgI4UOY1kJLf6wM48tWVv3P/wCCff7I3ij9k34c6/pPxC1Gx1jxX4i1 COae50+WaaAWVpAkNpAHnihc+X+8IGzADADgV5v8L/8Agn3dxfsQal+yt8Y7zTrrV57281Gy1DTW lnhs7x23Ws6NNFC+UOVkUKNyMyZw2aAOU/bt/Zy1zR/hd8I/C3wY+H9x4p+FngDVGn1/wdo8skM+ o2w8sxN+63TSsCJvMYB5C0u887mHk/7ImtfsfX37VWkap8Gx4h+CXi97C4stQ8D6pBJFaau+xznf JLKA8QIdU+QkxhlQHfu+gdZ/Zh/bO1r4TfC68/4WPpmnfF34UXUiwTw3l9Nouu2GI1jGoq0ETmdV TYzeU4cFiW3SZS94W/Zk/ac+Ln7QPgP48ftXan4VsIvhqs76VpnhaO5Lz3EwA3XM1z8wQMA4UO44 2hV3MSAfpvXz1+1v/wAmrfGP/sTtf/8ASCavoWuP+IfgzT/iP4A8TfDzV5GisfFGmXml3Dp99Yr2 F4HZc9wrkj3oA+F/gg6R/wDBL2wkdgqr8PdSJJOAALOfOa/MTxh4Ul8efsb/ALFHgSG8m08+JvE8 +lm4t32SxLfXz27MjdiFc19k+Hv2TP2/dL+DN3+ygfH3g+2+Gv2a6sI9YjgvH1qTTrguTabGQQos gYxuTuZEYhXfAFdxp37DnxYtPhd+y94Jk1bRDffBPxNFrWsuJ7nyri3S++0lbM/ZgzybOAJFiGf4 sc0AeJ/tp/sw/Bz9mT4K/DzRvg/pEml2+ufFLw3cXfnXEty8jw2d7GnzyszAD5jjOAWbGAcD6b/4 Ku6OLv8AY51vxNCwivvCeq6PqdnKOHin+1pah0PZgtw34Zr139tP9nrxn+0b4K8D+HPBF7p9jc+G fF+meILltRkljR7WyiuEkSMwxTEykzLtDBVIByw4z47/AMFII9S+J3hj4f8A7KXhMmTXviv4gt1m VefI0jSyLm8un64WJvLbkcgNjJGKAP0C8Fa1N4k8G6D4iuV2TapYWt06gYw08SyEY7YJr8d/2mn/ AGT1/az13Uv2gNR1z41a6mn21vpfgTQ9MuLlNCXYhdmaK5SOSSbh9p2lS+WU5jK/tHYWNrpljbab ZJ5dvaRpDEvXakahVH4AV+Yd9+zR+1p8G/2jviN8ZP2ZtS8I6tpXxTkhnvrbxV9sWazni3EeW1qu WjDuxGH5UhSmUVqAPkT9kW9sfDvx5/aS8BeBPC2ufDrwRfeCptXt/DGvK8d1Zz+TCqyPFI8jIXEz soLE7GVSSFFbv7FP7CfwO+N37F1l8RfilYXOu+JPEFtqsWn3kt7cqdJgsrm4t4I7WNJBGqrLG0xD IwZnIIK8V9J/Cf8AYw/aK8JfHb4i/Gb4j+NNE8WXXxN8JXmlahJGtxaSW2pT+UIY4IfJdGtII4Uj VzIshXkx5HP1P+yL8DPFnwC/Zc8M/BLxjd2N5rmjRanHNNYSSyWjG9vbm5j2PLFE5ASZQ2YxyDjI wSAfkXZfGP4maj/wTB+FHgy08QXNrqHj/wAWDwVPqRJaWLSpLi5zH5hORhESIDIJiBXOM13n/BQz 9hD4C/BT9le68f8Awg0ubw5qvhqWwtryRbueU6ra3FxHCyXSyOUZxM0cwKqMFeBjG36Z8F/8E+td m/YatP2X/iLrtpaeKdJ1K41jTdV0mSaWC01ATSSW0gMscEjALIUkG0EBjtOQDXm/xx/Zd/4KL/tN /CofCr4o+MPA2nWGlNBMj2H29JNauYHVVe+k8lhEioXkAiiAaUKDGBhkAP1z8Kf8ivo//Xnb/wDo ta36zNEspdN0aw06chpLW3iiYrypZECkjODjI9K06ACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooA//T/fyiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKyNZ8QaD4dt0u/EGpW2 mQSMEWS6mSFGc9FDOQCT6Vr1+Ln7MfwM+HH7cviz4wfH79o6zl8YSQ+Kb/w1oun3FxPBBpem2Kxy RrEkEkZVys6jJ5DKX++7MQD9n4pYp4kngcSRyAMrKcqynkEEcEEVi6f4p8Matfz6VpWr2d5e2v8A rYIbiOSWP/fRWLL+Ir8V/wBon4WfEj9kH9myw/Z+8D/Ee9vNE+KXju10fTpnhaGfQ9IvhI0lmtx5 zs4Yom4qIgR5vA3muy/av/YV+B/wB/Zx1D4ufAa1uvBfj34aRW+o2Wt297Obq4aORElE5aTYxlVm PyquGwANhKEA/YmW/sYLhLSa4jjnkUusbOA7KvUhSckDue1UNK8SeHddSeXQ9UtdRS1YpM1vOkwj YdQ5QnaRjoa/D3426PH+1j+0f+yHZ+L57jT7T4j+C5dQ1eOyle1aWCWxa+urYMhDCKYI0TAHlGOD 3rvfFHwL+Hn7KX7fXwDj+BNhJ4Z0f4i2+sadrOmx3E01rcx2sGQXWd5CcmRTjO3dGrABskgH7K2d 9ZajALrT7iO5hYkB4nDqSOvK5HFFvfWV3JNDa3Ec0lu22VUcMY29GAPB9jX4+/s0/EDSv2L/ABT+ 0p8A/FjeVoPw/wDtHjjw9EzYMuk3UakwRk9SrG3iGOsrPwDXyt4kv/iV8Ef+CeVp4/iuby08e/tM eMEvdYvbJG+3/YdSWeeOO3Ksp3TRxBlXIJE7rnnIAP6GbHxR4a1TUJ9I03VrS7vrX/XW8M8cksf+ +iksv4itFdQsHvX05LmJruNd7Qh1Mirx8xXOQORzjvX83XxI8H/CjR/h7p0/7Ln7Onxh8CfFXwxJ bT6T4hl0K6VpZY3UTfbGS5lyJU3n5IuGwABGWU/YXxn1nXPhP8f/ANmr9tXW9Pk0KLx9p1l4W8Z2 8sT232aXUrdZYvPjfDo0Lu5dW+ZfsyqeeKAP2EmvrK3uIbSe4jjnuc+VGzgPJt5O1ScnHfFeDfs9 eKPi/qXwug1n9o3+xNO8UPdzxv8A2ROrWPk7gIcP5so3kZyN/XtXx54IX/hor/gpB4r8dv8A6R4W /Z90tdCsD1jbXL8OLlwDwWjUzRP6FIzxxn8zY5ZYP+COgmgcxyR+NQyspwysLjIII6EGgD+l5fEn h19Ybw8mqWraqi7zaCdDcBfUxZ3498VwHgz4V/Cj4LXHjDxV4VsIvD7eMNSm1rXLmW6maOe9nYtJ MxuJHSIMzn5U2IM8AcV+Qv7bf7Ffwi/Z1/ZdHxo+HEV7p/xN8G32l3cniP7fcyX17d3FzHFPNMXk ZNzySeaCqqQRgEAsD6t8b7CP9qz9sv4Xfs4fEi5nb4f6Z4RTxhqWlxO1vHqWoSF40V3jKsUQbMYO QPMAILEgA/WSx8R+HtThtbnTdUtbuG+3fZ3hnSRZtv3vLKkhsd8ZxWtJJHDG0srBEQFmZjgADkkk 9AK/ED4m/szfDf8AZ2/b7/Zvn+E8EmjaB4qvtUlfRxPLLa215aW6LJcQrK7lDOkkasBx+6GPQftf rejaZ4j0a/8AD2twC607VLeW1uYWJAkhnQpIhKkEBlJHBBoA+NvhN+1tJ8XbP45Tafp9ppknwu1P VNM05DcfaHvRpsLk3LgbPkeRMhV6LxuJ5re/Y/8A2iLz4z/s2eBfir8U7/S9K8Q+Km1BDFEwtYZG tdQuLVBDHLIzE7IlyNxycn2r87P2LPgf8KtG/wCGp/FumeH4oNX8F6/4p0PR7gSSlrTTRDMggQFy pG0YywLe9Yv7EP7BPwI+Nf7Gth8RPilp91rPiDxDFqqWF019cR/2VBa3dxDGlrFG6xgecjzMHVgz O2eCRQB+9eRjPasPS/E/hrXLm4s9F1a01C4tDiaO3njleI+jqhJX8a/nD1L4+fEm7/4J3fA74cvq WtXQ8b+Jbvw/qEulBrjWLjR7K5KixtRuBeR1kSKOMsN6oIydhYVe+Juj+B/DGk+HPFv7G37Ofxa+ HPxN8JXltNaahcaFefZry3RgJ4b7FzcNIsi8nCfNyjfIxwAf0lV8+ftCfAL9n345eHbeP4+6JZX9 hpBZ7e8ubh7KS1MmN2y5ikidVbaNy7trYGQcCvbtC1CbVtE0/Vbi3ezlvbeGZ4JVKSRNIgYoytgh lJwQeQetfkj4f+GnhX9tb9tz40R/HNJvEHhH4Nf2dpGh6DLLJDaRzXqSefcOsTIzMXt3OSfmDqDl UQAA9x8VfC74LfsPfs5+P/jV+zD4W0y11yy0oSx39xLPqX2lVlUbXmkmZzGSclY3VSQCRwK9K0P4 l/tA+MdF/Z38W+FbbQ20XxvpVvqPjI3DeVPELmztZ4/7OjaYMfnklyMSEALn1Px58a/2SYP2Xv2Z P2kG8C+KZ5Ph74n02O407wzNHJIukzpJH5jxXUk7s4kyQQYwSoTczFcnlPFf/I1f8E3f+wT/AO4v SaAP2g1jX9C8O2wvfEGo22mW5IUSXUyQoSe25yBmr0V3aT2q3sEySW7rvEqsChXruDDjHvX87F14 78DfGr9qf4xeLf2ivhT48+Mmm+FNZufD3h7TvDmmzX2maVbWcskLmZUuIdk8ojV9vQsXYgnbt9t/ ZKuvGHhXX/jz8OvC/gXxr4N+C1/4ZvtY0C08X6bcWp068SJY7i2hlkaSPbKZndV8xmZIwx+YOSAf tDeeLfCmnpaS3+tWVsl+dtu0tzGgmb0jLMNx+ma8Q/ay/aAj/Zm+BXiL4ux6dHrV5pS26W1jJP5A nlubiO3BLYYlYzKHYKMkDGRnI/Kr9in9hP4HfG79i6y+IvxSsLnXfEniC21WLT7yW9uVOkwWVzcW 8EdrGkgjVVljaYhkYMzkEFeK8o8T2Vp8UP8Agjnpfj7x7G2s+IvAl4bTR76eSRpraGTWYbZlB3YY eQRENwOEAAxjNAH9C3gzxFD4s8KaT4ihlhlOoWsEz+QweNXkjVmUEE9CccnNeWeLdb+Ndr8efAuh +F4NIf4cXtrftr8lxIBqaTpDIbUWqeapZTIE34jbC7uR1Fv9nb4YeA/hL8I/D/hn4d6RHoumXFtD fSQxvI4a5uYkaWQmRmbLHrzj0FfGHx2/5Sefsz/9gbxL/wCm+8oA/SPVPEnh3Q5ra21vVLXT5r1t kCXE8cTSt6IHILH2Ga+TP2Zvj944+L/xd+PHgbxTDZR6d8NfEMel6WbWJ45WgYzgmdmkcO/7teVC jrxXxF+yr8Avhl+3BqPxZ/aF/aP0+XxdqV54nv8AQNMtLieeCPS9NsUjaKOJIXj2OBMBzyNu77zu T5b+z/qGtfsn/Dv9tuTwpqE2oaj4F1CC1028uT582f8ASYLaWQ87njDozZ4ypyMcUAfvBN4n8NW2 rx+H7jVrSLVJhlLR541uGH+zGTuP4CtOe9s7V4YrqeOF7htkauwUu3ooJ5PsK/mi8CeEPgB4j+As B8Zfs/8Axf8AFfxJ8SWX9ozeNbbRrm5aTUrlfOjurWf7YFkgVmUoxj/ep8zAs1d18V5vjH8Wv2ev 2S/Cfxi/trwx41vfHA8PXF5eRT2OqCN5ktoLrMwWXzPIdT5h5dgWJJJoA/oSsPEnh3Vb650vTNUt by9s+J4IZ0kliP8AtopLL+IFfMes/tQ2unfteaP+zFHZWq2134dm1y51SS5G5ZhO8EdqkfADfuyz FmJOQAoxk/nr+1R+zF8JP2RfGPwB+Kv7POmTeEdYPjXTNEvGhvLmYXtrdZZxOJpHyWWNkbGAyuwY H5du343/AGdvgv4h/wCCq2n6DrPheG60/V/B7+JruJpZgJdY+3TD7USJAd3yL8oITj7tAH6GeGvH /wAWtC8VfF3Vfi5Ho1t4I8OG3l8NPZTr9slgWKd7lbwGV9shKxiMFUzlsA9vhD4M/tCft9/Hf4S6 38evCE/gO10zUI5F0LQrgypcRyRajHbM9zJJIiqnlLPhmlBd1QhAGxXMeAPhz4K+KHxg/bv8N+Pd LTV9Niu9GvVhkZ0AuLW21KSF8xspyjgEDOPUGvmzRPhL8O/D3/BG/wAQ/FvRtFjtvF3iqGCDU9QD yGS5itfFqRwqysxQBEjUDaozjnNAH9EejX17D4YsNR8VSQW16LSGS9ZGAgSYoDLtYkjYGzg56d6s 6Pr2h+IrX7d4f1G21O2yV821mSZMjqNyEjNfg9+1h4+XxV8XfgT8AvG2geKPF/w207wZp/iHVfD3 hO3kuL7VbmRJI4hJGkkRaCEwISwYFQz7SGIKs+H80HgX9q34Y+LP2Uvgd8Sfhp4d1q9TSPGNjrOi XcOkT2d06RRXJ/fXAQwb3kdnKou1WGPn3AH394x/YG/YO1nxbd+OPFHg/TrS9uLofaY11O5srR7q Y5UNbx3EcSuxyQiqoY5+U19xeHPDmg+ENB0/wv4WsIdL0jS4Ut7W1tkEcMMMYwqIq8AAV+HHw0/Z P+Gf7Uf7bH7TafFyO71DQ/C+qWv2eygu5baM3eoLKBcHyipLxpbkLzj5vmB4Ffudomjab4d0aw8P 6NALbT9Mt4rW3iX7scMKBI0HsqgCgDxP4D+JPjHqXhrxPqPx9XRbG8s9dvItObSplaD+yESL7O07 ebIFm3GTeCRgbflHf2KbxR4atr+10q41a0ivb1Q1vA08ayzKehjQtuYe4Br8IPhV/wAo5f2tf+x0 8R/+itPra1D9hj4JP/wTvPxt1azu7/4kt4Mt/FS6/NfXLXKTJZpdwwKpk8oRRxBYFXZwoBBDAMAD 94q+SfiF+1Da+Cv2pPhz+zmllatD4ws9Rvr7UprkJ9kWzt5pI4Vj6b5HjGWZuFOApJyOt/ZH8Ua5 40/Zh+F3ijxLdPfarqHh7T3ubiQ7pJpBCqtI7Hks2Mse5JNfnL+0j+zz8GvG/wDwUw+FWheKfDMO oWHjvRdVvdbieWZRe3FnaXCwSOUkBUoIYwAhUHaMg80AfZXgD9o7xTrn7Yfxn+CHid9OsvCHw803 R7yyuSpin3X9rbzSmeZ5ChUNK23CrgYyT1r7L03VNM1myj1LR7uG+tJhlJoJFljceqspIP4GvxLi /Zv+H/7Q/wDwU/8AjlovxPgn1Hwv4f0vQbt9LjuZbeC7uTpljHAZ/JZGZIgXYAMPmxnK7lPTfAjS NJ/ZN/bG/aB+FvwyFxB4D0nwUniu30eSeW4iivII4CdhkZnO7zHXJJYrtUk7VwAfsBqfifw1ol1b 2Os6taWFzdnEMVxPHE8p9EVyC34VuV/Mp8Cbn4NfFTwFqvxJ/aR+BfxQ+MnjjxxdXk1x4h0rSbi6 0+KIStFHFp00d3EoEW3B+T5GBjHyIBX6n/8ABM/WPiy3wa13wT8UtI8Q6bB4U1ma10CTxNZTWeoS 6LIqvbrIJh85iO5TtZlQbUU7VFAH6J3N7Z2QjN5PHAJnEaeYwXc7dFXOMsccAc1W07WtH1hZ20i/ gvltpGilMEqyiORfvI+0naw7g8ivy2/4K76dfav8DfhvpOl3L2V7e/EHSIIJ42KPFLJZ3yo6sCCC rEEEHIIr5w/bL+Cnw7/Y1+G3hf4XfAKw1vTU+M2t2Gl+Ip9MllvtYv7DTwd1vaK7gedctcf6pCiy thMBCRQB+52l+J/DWuXNxZ6Lq1pqFxaHE0dvPHK8R9HVCSv41c1TVtK0Oxk1PWryHT7OHBea4kWK JM8Dc7kAc+pr+cX4m6P4H8MaT4c8W/sbfs5/Fr4c/E3wleW01pqFxoV59mvLdGAnhvsXNw0iyLyc J83KN8jHH2T440PT/wBsP9vXTvg38XIblvAXw+8G2/iT/hH5Wkt47nVL0wAtOqlJD5a3KqQT8pjK YAdwwB+ttprei34tzY39vci8QyQeXKj+ag6smCdwHqOKtW19ZXrSrZ3Ec5gcxyCNwxRx1VsHgj0P NfjBo/7Pngv9nr/gqB8MdE+Gqy6f4X13w/rGoQaU00ksFjcm3uIrjyBIzFEl2I+P72QOAAPbP+Cd 3/JQ/wBqf/spusf+j5aAP0zt76yu5JobW4jmkt22yqjhijejAHg+xrNm8T+GrbV4/D9xq1pFqkwy lo88a3DD/ZjJ3H8BX4peBvidrPwhj/b9+JPhZwuraNr2bOTbvEVzJJdQJJjofLdw2DxxzxmvmLwJ 4Q+AHiP4CwHxl+z/APF/xX8SfEll/aM3jW20a5uWk1K5Xzo7q1n+2BZIFZlKMY/3qfMwLNQB/S9d 3lpp9tJe386W1vCCzySsERFHdmbAA+tZ+j+IvD/iG1a+0DU7XU7ZTgy2syTID7shIr8GvH/hz9qf 4zfsh/AzW/iP4D8QeMofAus3SeMfC8y3VhqutWlrIi2Mzoyi4lIhDK7qrOzPv/vMOx/ZM1P9jnWP 2o9NuvhEniH4K+KrnTrmw1PwNqsEkVprLGOTPzyTSYeMHeqfISYwyoDv3AH0V8KNM/Z2/aL/AG1f ir431zwPY/8ACX/Cy90mx07U5dQmuDfTpFOPtS2u8W4MSwII8IxXG8tuxt/Rjxx4rsvAvg7W/GOo APBotlcXbIXEfmeRGzhAzcAvjaPc1+RP7B37Pvwd0T9rv9oXUNL8NQwXHw012ztvDriWY/2fDdw3 sU6oC5Db0+Ul9x9MV+lH7T3gXwn8RPgD468O+NNOTVNOXSbu7ELs6jz7OJp4HyjKcpIisOcHHII4 oAyv2Ufjs/7R/wADfDvxau7O30q91v7W8thbzef9lSK8ngiVmOGLFIgSSq5OSABwPb7bxT4YvNWl 0Gz1ezn1ODPmWsdxG06Y67ow24dO4r+e3w7La/s//wDBKjS/ib8JLU+H/HHxYu49E1bWbeWRZ2iT UL5EfcWIiKwo0QaMKRvyDuAI+sfjx/wTq+Afwp/Zg8QeL/hzBd6H8Qvh5pE+uW3iaG9uEv57zTYj cSM/73YPO2MAFA2EgoRjkA/Tz4p/CzwR8Z/BF/8ADz4h2H9o6JqJiaSNZHhkWSGRZY5I5Yyrxujq CGUg/gTX57+GdG/Z4/ZK/bK8I/Cj4X+Dre01r4nWGp3WteIb7VJ7m4t4beOW5Fuizu4QzTRK7nK7 hjIY7Sv2V+yn8SNb+Lv7OXw8+I/iUh9X1vSLeW8cLsElwg8uWQKOAHdS2BxzxxX5u/tI/s8/Brxv /wAFMPhVoXinwzDqFh470XVb3W4nlmUXtxZ2lwsEjlJAVKCGMAIVB2jIPNAH2V4A/aO8U65+2H8Z /gh4nfTrLwh8PNN0e8srkqYp91/a280pnmeQoVDSttwq4GMk9a+y9N1TTNZso9S0e7hvrSYZSaCR ZY3HqrKSD+Br8S4v2b/h/wDtD/8ABT/45aL8T4J9R8L+H9L0G7fS47mW3gu7k6ZYxwGfyWRmSIF2 ADD5sZyu5TD4E+zfsXftI/tO+BvhB51t4P8AD3w+k8X6fpE80t1bwalbwQlCPMZmKlpGDEsW2YDE hRgA/ay98UeGtN1KDR9R1a0tb+6/1VvLPGk0n+4jEM34Ctyv5l/g3o/wF8dfB9/EHxx+Avxa+J3j /wAZCe8vvF1hpE93G0srMIpLCcXaIyRqFwWjIZgQwKYUfrr/AME4vEXxi1r9my10r43abrGn674a 1K60u3fXrSe0v7mwjSKW3ldbgBnAWUxBxkfu8ZJUmgD7xd0jRpJGCqoJJJwAB1Jr8i/2dP8Agob4 2+LH7UTeAvFWlWVj8MfGVzrFn4M1KOJ45rubSnUjzZGlZWEkWeAi4kZFBPf6P/4KL/GuT4Kfsr+K LvSpSmv+LAvh/S1T/WGfUFZZWTHO6O3ErqR/EF9a/Gn4q/Fj4V6R+yh8IPCnwn0HxPpXxE+DF5aa 1b6hd6LLBam6dvP1ItNuO2Np8SgntGqk4oA/eX9rf9oyw/Zb+CupfFO403+2b5Z4LHT7HzPKFxeX JIRWfDEKqhnbAJIUgcnI/Pz45+D/APgpF8Sfgvrc3xd8N+AfEXhW7tor3UfCNlPqVvqAjtHW52Rz QyoDMjRhtounUlQAH+6frL4p6p+zp+15+y54WtPid4itfDmj/FOKyk0iSW7iguYtWbBSK38w4kmh lLRumDn5lPXNfN8nwp/4Kf8A7OmmH/hWnxD0b40eHNJjxFpmt25i1GSKMfdDMQ7HaMAG9JzwAaAP r/8AYX1n4OeIv2ZPCWu/Azw4PCfhq8W4ZtMMzXEtveJM0dysszlnlYyKSHc5ZNpwowo+uq+Wf2Of 2htE/aY+Cdl8QtK0RfDd3bXU+m6lpqEFLW+ttpdVIVTtZHRxlQQGwckZP1NQB+c/7Zn7Q/7QXwy+ L/wk+D3wBh0F9U+JB1CIvrsU7xLLa+SU+eGRSi4ds/K2TivOvGPxm/4KZfAjQ7n4j/EvwN4K8ceE tGQ3GqQeHpruG/itUGZJUaZjgIOWIhkwMkgAEi1+2F/yfj+yV/1+az/6DBX6d+Ip9ItfD+p3PiDZ /ZcNrM935uPL+zqhMu/PG3ZnOeMUAfH3xX/avtx+xRq/7VXwTkt70jTYLyyS9QyRxyvcx280M8aO h3xMzowD43LwSOvy3ZX/APwU5+OHwet9Tn034aan4W+IGgpM1lK2p288+n6tahjE7RSoY3aKXaSk oKno/Ga+WPg4dTP/AARn+J327P2X+0br7ED1Fv8AbbPIz3/e+Z0r6b+BvxB/4KVR/A/4faV4A+Fn g+TQY/DukxaXqF9qTb5LNbOIW800SXKsGaMKzKAME4wKAPPv2M/2eP2Rv2ibbxp4P+JXwW/4RH4i fDfUF07XLCDX9Zkti7mRVkhJv2IG+GRSu5wMBg7Bhj7++Fn7JX7HXwa+Jln4h+Gei22k+NdNSZYV /tu+up0WeNopM21xdyqcoxGWQ46jBwa+EvGXw3+M37Ff7J3x3/aA8YeI4b/4x/FK7sTe3mmAi301 bm58nEDlUIdFuZSHVQFbywv3Nzd7qv8AwTc+AGn/ALK02u2dvcRfEmy0JtcXxWL24F4dXjt/tRmP 73yxGZBjbjIXkN5nz0AfRf7fH7Q/xV/Z58FeB7/4Qw6ZNrfi3xJbaJ/xNYpJYFW5ilZT+6kjKneq 5PPGeK8l8Q+K/wDgq/4H0S98WX2g/DnxLa6XE1xNYWBvxdTRRjc4h8ySJS+0EgbsnsGOAfin4/8A xa8e/GD9gz9l/wCJGpY1XxfP4yt7cNcHaLy7057y0ieVyRzMYVMjZHzFjx2+2Ne8Vf8ABVnxpo95 4Z0/4f8AgrwbJqMTwf2o2otcPbCQbTJGqTy/OoOQTG4H900AfX37Kn7Q2j/tQfBTRfi3pVi2lS3p lt72yZxJ9mvLdtkqBxjch4ZCQCVYZAOQPQE+E/gS3+Klz8bprRpfFkmlrpAu5pndLewSQzGOGNm8 uIM/zOygFu5xXl37IP7Olr+y18DNG+FC6guq38Ek15qF2ilI5ru5bc5jU8hEUKi55IUE4JwPk79t yO8+NH7S/wADP2QdU1K50/wT4w/tHWPEEFs5hOoRadE88Nu0i4bbmCQFQeC6vjciEAH6aaN4i8P+ Io5ZfD+p2uppA2yRrWdJgjj+FihODx0NM1fxP4a8PyQQ69q1ppsl0dsS3M8cJkPogdhuP0r4S039 g/wB8FvjP4e+O37Pmoy+ALHQrS5j13QrZZ7231y32fJHma5HlMOTnDjeEYKGBLfKn7FP7Mvwv/bG +G2vftMftOWUnjrxX451S+jj+0XVxFFp1pbv5aQWyQyJsw24qf4V2hQvJYA/aye7tba2a8uZkit1 G4yOwVAPUseMUjXlmlp9veeNbbZ5nmlh5ezGd27pjHOelfgBp2qeIvB37Mv7Zf7L9/rFxrmgfCWW CLQ57pzLNDYX0sm22L5xtjECkKAAGZ8ADgfeHi50T/glVudgoPwoshknudIiA/M0Aei/Hv8AaG8Y /Dj9oP8AZ/8Ahl4TWwudB+KN5qsOpSyxtLKIrOO3aI28iSKq581skq2eMYr681nxBoPh22W88Qal baZA7iNZLqZIULnooZyASewr8ObD/kOf8E4f+wbf/wDpHYV6p4O+Ffg79tT9tD443/x7t5fEXh34 RzWWg6DoksssNrD9oE3n3DLEyMzM8DMCSd2/nIRAAD658C/tB+M/E/7bPxA/Z8uUsW8J+GfDlhq1 lNFG32p5roW5bfL5hRk/etgBB25Pf1P9qT4m+Ivg1+z545+KPhKO3l1jw5p7XVst0jSQGQMqjeqs hIwegYV+dH7Ifwa0H4C/8FGPjB8OPCU80mgWnhS0n06KeVp3tba5mtJRbh3LMUiYsqZOdmM5OSft T9v3/kzX4sf9gZ//AEYlAHq3wU+Klr4++Ffw78ReJtRsIPE/i3w7pWrT2cUqxsZb20inlMULO0mw M529cDHJr2hmVFLuQqqMkngACvxN8M/8E9vgde/sMWPxBvIbhviTP4Sg8SweIzeTi5trxLFbu2ij HmeWIIFCQhQo+RdwIbBHhvxo/aS+IHxV/Zc/Za8G+Kjr+qWfxLlv18UxaBE02taxaaDcrZmGFdy+ a9yu6SQE4LBWIxwQD+gvSPEvhzxAZl0HVbTUjbNslFtPHN5bejbCdp9jW3X84njceG/AfiTwR8Sf 2MP2dPir8OvGPhnUYPt32rQb0WGp6T/y8W9yFuLl3ZiFH3RuBbcdwQr/AEd0AY+teIvD/hu2F74i 1O10u3JwJLqZIEz/AL0hAq5p+o6fq1nFqOlXMV5aTjdHNC6yRuPVWUkEfQ1+H3xob9kJf2p/H+of G5/EP7Q3jC5MNvZeGdB0q5uIvDkMS7Tar5d0kUsh+XeQV2uHLKJGbHU/8Evb/wDsb43/AB++Hfh3 RNY8HeELObTL/T/Dmt71u9La584lHjdnZGZCoOWLFVTcSRmgD9pKKKKACiiigAooooAKKKKACiii gD//1P38ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACvzAk/Zn/aw/Z++I/jrxF+yDr3 he68JfES+fVLrRvFC3anTdRnz5s1q9sCGUnn5iBtCoUbYGr9P6yNZ8QaD4dt0u/EGpW2mQSMEWS6 mSFGc9FDOQCT6UAfmFb/APBN++8T/ATxh4W+J/jT7Z8VPG2vx+LLjxBaRsLey1iDzBCLeP8Ads0K rNMpOEP7wlVXaoEXjD9nX9vj9oXwnZfBX9oLxp4Q0nwGJrb+2b/w7Hdtq+sQW7rJsYTxrBGWZQzF VQB8Haygqfof9uz9oTxn+zl+z+3xS+G6WN3qR1KwtU+2xtPbtDdFtzARyRknAG07sexr1nU9b+Nc f7RmkeH9Ng0g/C2XQnnvJZJANWGq+bKFWOPzATBsEfPlnnd83YAHi/iP9ljXG/ai+BnxZ8GTafY+ CfhLomoaPJZSyzC8Mc1lNaWy26LE0bKm9NxeRCADgE8Hb+OH7PfjP4l/tK/A34yaFe6fBovwzl1a TUobmSVbqUX0UaR/ZlSJ0Ygod290wMYzX1Xq/ibw54feCPXtVtNNa5bbELmeOEyN6IHI3H2Fac13 a21u15cTJFAg3GR2CoF9Sx4xQB+aX7dH7CHiP9qXx54L8Y+CNctPD5gh/sjxMZ5ZopLzRftMdyiQ iKKQSSRuJGVJCqsxXLDbX0l+03+y94Y/aI+Bn/Cm4Lo+G20p7W50O8gQsNOurFSkDKgZcoI2aMjc CFYkEMAa+hpvFHhq2v7XSrjVrSK9vVDW8DTxrLMp6GNC25h7gGvmz9rH9phf2bNA8H3trpsGrX/i /wAR6foSpPceSttFeb2kunUAs6osZAGVG4glsDBAPlPxP8DP+Ckfxi8O6Z8Ivid8QfCfhrwtBLb/ ANpa94cN+muX8MDBhwyRxq7EAts8pSRzlcqfYv2+/DXwyg/Yo8Z+C/GOsJaR6Jo8MulyXk4lvHvr Db9iAaRvMkknkQRM3JYOxPevvS3ube8gS5tJUnhkGVdGDKw9QRwa+Zfjh+zV+zP8U/FuhfFP456L Z32oeGoxDaz397Lb2ojSQzKksXmpDKock7ZFYHJDAjigDzf/AIJ1/CTU/hb+zLoepeKTJL4q8fTS +J9YmnJM8lxqeHj8wt828QCPeDyHL9ya+W/+Hevxn/4YGP7LH9taB/wlf/CQf2t9q+0Xf9neR5u/ b5n2Xzd+O3lYz/F3r9etJ1XR9ZsItQ0K8gvrJxiOW2kWWIgf3WQlTj2NWLO+stRgF1p9xHcwsSA8 Th1JHXlSRQB8u/trfAzxb+0f+zn4k+EPge7sbHWdYlsHhl1GSWK2UWt3FO+9oYpnGVQgYQ84zgc1 8pftNeA9GHx6+DzfDf4k2Pw//aF0TRfs+mJqVrcS6VrWmKsiS200wiMY2sJiik7yHOF3bGX7j+P3 xy0j4I/BTxV8YIIoddHh62aSK1S5WIXEwZVEQkAfBy2ThSQAeK/On9ubxT4K+K/7L/wI+Jfizwlo niPUPGmueHrK4ErXGdPTW7GS6uo7aa1uIZkYPGgwzspAG9WOCADyTUtC+OGp/wDBR/4EwfGvxvo3 izxhapqFzcaV4chkTTtDsYLeV0+aXDmS4cSFjIof5UGSCgH7z18vfAX9nT9mD4AatqenfBPRtO03 X5YlivnF497qJjDbtsjTyyyopbkqNqkgccDH1DQB+ZPw3/ZY/aR+Fnxb+MVvoWteG774WfFm91vV pVnNymrW15qUM3kooWIxBUlkVZDvbdGu5QG+Svo39kL4HeLPgD+y/wCF/gn4xu7K81zRYtSSaawk lktGN5fXNzHseWOJzhJlDZjHzA4yME/St1rmi2KXb3uoW9utgoe4MkqIIVYZBkJI2gjkE4qJvEfh 5NH/AOEifVLVdK2eZ9rM6C32f3vNzsx75xQB+V/hn/gnT4ub9jfw18DPEviey0f4ieCdbn8QaJrW ltNPbW14ZmkiBMkcEhVlYBiEyjBWG7bg6/iX4Df8FCvjy2g+BPjd498M+D/Buk3UFxqN94Nkv4dX 1TyO26RUWPfkk7diq+G8tgAo/Uew1Cw1Wzi1DTLmK8tZxujmhdZI3HqrKSCPoazh4o8NHWP+EeGr Wn9q43fZPPj+0Y9fKzvx+FAGtbwR2sEdtDkRxKEXLFjhRgZZiST7k5Nfnb8Sf2af2g/AP7QOv/tH fska5oMd742tYYPEWgeJVuRY3M1soSK5hktsuJAB90lADvO5g5Ue0ftY/tML+zZoHg+9tdNg1a/8 X+I9P0JUnuPJW2ivN7SXTqAWdUWMgDKjcQS2Bg8z8Rv2ivFvhn9sX4N/AzQv7Pn8JePtN1i8v7hk Z7gNYWtxNEYZVkCKu6Jd2UbIzyKAPndP2Gvjf4w8AfGvxV8WfFekat8YPi9pkOlxm28+DRNNtLd4 2SFG8ppSCIk3HyjjaPvEs59N1v8AZI+I+pa1+yVqMGpaSsXwGsfs2uBppw1y/wBisrfNliAhxvtn P70xHBXvkD760jxBoHiCOWXQdSttSSBzHI1tMkwRx1VihOCPQ0ms+IdA8OW63niHU7bS4HbaJLqZ IELegZyBn2oA/OnxH+zJ+0v8Gvjh40+M37IOu+HZdO+I8ovNc8O+KFuhbDUMkm5t5LbLFnd3cgsg G4j5xtC9f8Ef2Z/jvpEPxP8AH3x68eR+I/HfxGsJ7GKwsZrldB0uJ4iiLDFIBzkICwiBVVIBcszN 9829zb3cCXVpKs8MoDI6MGVgehBHBFeX/FD4lad4R8EeM7/Q9SsZvEfhzRdQ1KKyklR5A9tbPNGZ IVcSbCVGemR3HWgDyr9kX4GeLPgF+y54Z+CXjG7sbzXNGi1OOaawklktGN7e3NzHseWKJyAkyhsx jkHGRgn5e8NfsI/EOH/gnlq37IfiDXNKh8U3k0l1De2zzzWAkXUEvoVZnhilCsIwjkRErkkBsYP1 3+yJ8WfE/wAc/wBnHwT8V/GcdtFrXiG3nluVs42igDR3MsQ2I7OwG1BnLHnNfSNAHgf7Nmi/HTw5 8LbLw/8AtCT6LdeJNNcW0MuhGY272MMUaQmXz0Q+cSH37RtxgjHIHmvxK/Z68Z+Mf2xfhB+0Lpl7 p8Xh34f2Gr2t/bzSSreyvqFrPBEYEWJo2UNKpbfIhABwCeD9jUUAfmL/AMM1/tY/AH4meNtY/ZF1 zwvceC/iLfSardaV4q+1/wDEr1O4/wBdPbG1X5kbjAJPyhUKNtDmb9mz9hvxv4J8M/HXwl+0J4js vF8PxlmSS4vbBpY7h2lSf7RLIkkSLFIJJt0YRnHAPH3a/TSigD8k9D/Z+/4KPfDb4aN+zt8PfHfg 298GwxSWGneIbxb6DXbHTnyoRUjV4leNDiLHmFMACQYXb6J4q/Yj8ct4a/Zz8M+H/Fia8/wh8VWf iDWtR125uTdX6R3CTz/ZwEn+bIKxRu6qqhQXzlj+lFFAHxz+2H+z34z/AGg9N+Gln4MvdPsn8G+M NN8QXh1CSWMSWlmsgkSHyopcyneNobap5ywrzb9oL9nP9ofUf2pPCn7Tv7O+r+Hor/TtC/4R/ULH xB9oWJrf7RLMZI2t45CSwlxj5SpRSNwYgfofRQB8KfDH9mHx74L+Jv7THjTVNQ0yWx+MxtP7HSGW ZpYPIt7uJvtYaFVTLXC48tpOAenAPlo/Yq+KY/4Js/8ADHX9q6N/wmf/AD9+fc/2X/yHv7U/1v2f zv8AU/L/AKj7/H3fmr9PaKAPzv8AjZ+yH8TNe1T4W/GT4HeJ7Dw38WvhlpUGkb79ZZdL1KzWPbJb zlFMioC8pUiMkhzkKwVlpeCfgP8AthfEn44eGfi5+074y0jRNE8Fh5LDw54Onvo7a7uGIO+8aYgs mQpKlpAwXbhQW3fo7RQB8c/s9/s9eM/hN8efj18UfEV7p9zpXxR1LTbzTIrWSV7iGOzW5EguVkiR FY+cu3Y7g4OSOM/Y1FFAH5heCv2Kvil4c/ZP+OPwJvtV0Z9e+JniDVtW02eOe5NnFBfparGtw5tx IrgwNuCRuBkYJ5x9Jah8DPFl1+xSv7OEd3YjxKPAsPhj7QZJfsP22PTlszJv8oy+T5gyG8rdt52Z 4r6rooA8W/Zy+HGt/CH4E+Bfhh4lnt7nVfDGk21jcy2jO9u8sK7WMbSJG5XPQsin2FfMf7VP7OXx 68ZfHD4cftE/s6axoVn4n8D2t9YPa+IBOLWWG8R03A26OzELK4K/Lj5SGJGK/QWigD4v+FH7PXxA 8Hftc/Ff9oXxJeaZJo/xA0zRbW2trSWZ7mKewtLeCcyLJCiBC8TGMrIxKkEhTkBND/Zs8UW37Z3j 39oHW7jTrrwf4v8ACkPh9LISTG981Wt/MMsZiEYiZYmGVlLcj5Rzj7RooA/J/wAF/s1/tz/sw6Zr Pwv/AGZPFXhHXPh5fXc9xpP/AAk63i6ho32li7onkK0bqCc5beGbL+Wu5lP2N+yj8CfE/wAAvhk/ hzx34yvfHPijVbyXUdS1G7mlljE8wA8q2WVmKRIB7FmLMQMhV+mqKAPjn9tD9nrxn+0Z4R8B6B4J vdPsbjwv4w0zxBctqEksaPaWUVwkiRmGKUmUmVdoYKpAOWHGdn9rz9mZf2mvh3YaLpOtt4Y8W+GN Qh1jQdVVS32W+t87d4Ug7GzyRyrBXAbbtP1bRQB+VviX4Df8FCvjy2g+BPjd498M+D/Buk3UFxqN 94Nkv4dX1TyO26RUWPfkk7diq+G8tgAo9X+P/wCzB8VLj4xeHf2mP2Xtd03RfH+i6d/Y19Y64J30 3V9NB3LHM8W6UOpxz1bCHehQE/fdFAH4ieF9B+Pum/8ABT/4X63+0VrOkah4j1rwzqksFnoSTLp2 m2kcF2iQRNcfvHJYO7s2fmbAYgDHt7fsy/ti/BP40/Ejxl+y54k8Jz+F/irqT6te2viZLvzdPvp2 eSWSEWyEN80jbSWII2q0fy7j9/ar8G/hvrfxU0X416no4m8aeHbObT7C/wDPnXybWff5kfkrIIW3 eY3LIWGeCMCvTqAPzN/Zv/YU8V+AfDnx28G/HTxHaeMLL4xypJNfWZkiu5HljnN1PLG0apFIZp98 YRpAMZJHSuF0P9n7/go98Nvho37O3w98d+Db3wbDFJYad4hvFvoNdsdOfKhFSNXiV40OIseYUwAJ Bhdv62UUAfmp41/Yx+NGhfC/4VWnwN+Kt4vj/wCF081y91rt1dPp+ttdMHnS7jVpSEUgpCu19sRK E5O8U/C37Mn7Tnxc/aB8B/Hj9q7U/CthF8NVnfStM8LR3Jee4mAG65mufmCBgHCh3HG0Ku5if03o oA/PD4d/s5/tD/CL9r7x18UfBmseHr34YfE++gv9atrz7QurQtbwyhFtgkZiyJZScs+GTghSK+7v F3h+Lxb4T1rwrPKYI9ZsrmyaQDcUW4iaMsBkZwGzjNdDRQB+S/ww/YW+NWofsxeJP2Q/j7rmgTeD 7RQ/hXU9GFzJqFrd/a5bszXMcyRI6bpANgbO0sm7kMLWv/s+/wDBRD4qfDpP2e/ih488HWXgqVIb PU9f02O9l17UbBGG6NklRIQ7oMSEBN3QswL7v1eooA4z4d+A/Dvwu8CaB8OfCUTQ6P4bsoLC1Vzu fyoECBnbA3O2NzNgZYk18W/tU/s5fHrxl8cPhx+0T+zprGhWfifwPa31g9r4gE4tZYbxHTcDbo7M Qsrgr8uPlIYkYr9BaKAPi/4Ufs9fEDwd+1z8V/2hfEl5pkmj/EDTNFtba2tJZnuYp7C0t4JzIskK IELxMYysjEqQSFOQMsfsq63q/wC1r8TPjH4tm0+88CfEDwYPCz2KSzC+PmCBJ/MXyljWNkjcBllL cj5R2+5KKAPyY8H/ALO3/BQn4A+Crv4GfA3xr4P1jwMHnTR9U1xLyLWNKt7hi5VVhR4SUZ2KZEoz yAq4Qfc/7MnwU1P4BfCPTPh/r3ii+8ZawjyXV/qd9NLK0tzNjcIhK7skSABUXPYsfmY19AUUAfDn x8/Zo8e/HP8AaX+EPjnVb/TU+GHw0kk1OaweWb7fdatuLxN5QhMLRI0UHLS5x5g288/ZniDQtK8U 6DqXhnXbdbvTdXtprO6hb7ssFwhjkQ+zKxBrXooA/IjwN/wTg8aXX7NOtfs3fFfxTaCHQfEEuueB 9a0mWaS705nD4W5ilhgAUsxdkjdstIxDgqjV0sHw7/4KxQ6N/wAIEfiJ4Ge18nyR4iaG5OphAuzd t+zeWZsc7jGeed+a/VKigD4J0D4KH9in9jHxb4c+Gniu3s/EOm2d7rM/iDWFAt31R0XzLiSPZMAu I1RE2uThQdzEk/RX7N3iPxv4x+Afw/8AF3xJbf4m1vRbK+v2MSwEy3MQlyY0CqhwwyoAweMV7LdW tte28lnewpcQTKUeORQ6Op4IZTwQe4NT0Afnf+2R+zT8ffi58WPhR8XfgHq/h7S9W+G51CQf29Jc iNpbrygm1Le3n3qAjbtxXGRjPOPL/GX7OP8AwUd+Omh3Pw9+MPxb8J+HPCGrr5OpJ4as7iW5uLZv vxZnggba44YCVQRwcrlT+sFFAHxj8V/2UrW8/Yx1X9lL4MNbaYh02CxsJNSkdYi6XMdxLLcSQxSN vlYO7FYzl26AdPoP4L+DdT+HPwd8CfD3W5YZ9R8L6Dpel3MluzNC81laxwSNGzqjFCyEqWVSRjIB 4r0uigDyX47fB7w58ffhH4m+EPit3h07xJbeSZoxl4Jo3WWCZRwCYpkRwp4O3B4Jr89W/Z8/4KMX /wAK2/Zp1Hx94Mj8FfY/7JbxJHFfNr0mk48nyTEVEPmGH5GOd2P+WxbLn9ZKKAPze+Nn7DN/rXwX +C/wX+C17ZWOmfC3xFY6rM+rSyo9xBB5rTspggkDTyyylyCqJknkcCv0hoooAK+LP2sv2ZPF3xj1 bwR8V/g74it/CvxP+G11JPpN1eI72VxDcACa2uQgZgjAfeCPwXXbh8r9p0UAfmt4W/Zx/ak+L3xy 8G/F/wDa313w5baV8N5JbrRdC8LLcmGW+kCjz7iS6G4BSiuBufJAGEBbdy/hD9mL9sX9l7VPEvhP 9lDxF4S1L4b+I7+W/s7DxSt6LjRJbjh1gNsCJI1AUDcxzgHywS7N+qNFAH55/DL9hGDw/wDAX4o/ D74geKH13xz8Zxc3HiPXkjwn2yXzDCYYjtJjgeQuFJUsS33FIVfnq4/ZO/4KC+KPgNJ+y14n8deD LLwPpmmHT7W/tEvX1O+gtY/9BtJ2aIJFAGSOOV0TzFjBx5vIb9kaKAPzVtv2N/ibDqX7Jl42qaOU +A9pcwa4BNcZuXmt7aJTZf6P84DQtnzfK4I46gafxJ/Zv/aG+H37QOu/tEfsjaxoS3Pjq3gg8S6D 4m+0CxuJ7VdkN1C1qN4ZV6jcuCXOWDlR+i9FAH5v/svfssftB/Df9pbxx+0P8dPFWi+JL7xxo8dr MNM+0Rm3uVlhKwxxyxKv2aKKEJG2/ecDcmck/VH7T3wu1/41fAHxv8K/C1xa2ureJdPa1tpb13S3 RyytmRo0kcLx/CjH2r3iigD8hLH9mH/goXZ/Bez/AGWB4/8ABw8ByWEWmXGurFfHW7fTnQJPZRJt ELoqloo2O1miAy8ZOF9y+MP7Cdlr/wAGPhj4L+C/iA+E/GHwXkjufDOrTqZEM42tOLlVz8tzKiyO QrYYfcZSVP6E0UAfl7f/AAE/bu+PHi3wpaftDeNvD3hDwT4XvY725g8EzahBe6tJDwFlkl2lEcZB wwC7iRGW2lf1CoooA/KjQP2Zv2yf2fvjF8T/ABP+zfqngvWPDXxS1WTV5j4oF8t3Y3EskspGbVcu qGZgCXfcACVU7i3ffslfsmfGv4D/AB4+I/xR+Jfi/TPGVt8Q7O2lubyFZbe9/tONw8i/ZjH5K24L yLGVmztVP3a5IX9GaKACiiigAooooAKKKKACiiigAooooA//1f38ooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACvxc/Zj+Bnw4/bl8WfGD4/ftHWcvjCSHxTf+GtF0+4uJ4INL02xWOSNYkg kjKuVnUZPIZS/wB92Y/tHX5gSfsz/tYfs/fEfx14i/ZB17wvdeEviJfPql1o3ihbtTpuoz582a1e 2BDKTz8xA2hUKNsDUAfLX7Y37OOq/sw/sKeIvh8PGU/inw3L4ysbvRLa5gMcmk2crvi0Eplk81Rg NkLGNxYhfmNfUHjydLX/AIKy+CLqQErD8MbhyFGSQt7fk4Hc1wPi3/gnV8VfEH7Nfi3wZc+LtM1r 4q/EXxPa+Jde1O7ae303fAznyLfyoJJNqeYxUmJcliMIoAH154g/Z68Z6r+3J4a/aZt73T18L6N4 Qk8PzWzySi/a6e4uZg6RiIxGLbMoyZQ2Qfl6EgH4t/A7xZ8LPjlD4t+M/wC078EPiP8AGjxR4s1G 5WC90TS7i90jTrFceXaWckd3DtaIlgRg7AFC4O4t7V4F1H4m6f8AsJ/tOfDbxZ4f8U6J4O8MxiTw j/wlthNZ340q8kfbakyfI/2cQqWEbMEMnZWUD6s8Nfsxftifsu6x4p0H9kjxB4T1T4eeJr6XULXS /FK3iz6NcXHDi3a2BDxqqqAWY5wMx7tzN1mj/safF6H9lf4p/DTxj4//AOEv+JfxTEs91e39xcjS bSd33LDbqUd44gSxLJCu4kDYFVQAD5F1D9hj4JP/AME7z8bdWs7u/wDiS3gy38VLr819ctcpMlml 3DAqmTyhFHEFgVdnCgEEMAw5/wDai8L+Hvit+yr+yZ8VvH1kNY8Wa9qnhjQr/UJpJPOudPuIJ3mi kIYAmV13s+N5bPzV+q+ofAzxZdfsUr+zhHd2I8SjwLD4Y+0GSX7D9tj05bMyb/KMvk+YMhvK3bed meK+c/ir+xd8U/F/7HXwn+C/hnXdKsfHvwru9J1KG4laZ9NuLrTYZYigk8rzQp83crGLkqFIAJIA P0L8DeBvCnw18JaZ4F8D6cmk6Fo8Xk2lrGzssUeS20FyzHkk8k1+Pv7TT/snr+1nrupftAajrnxq 11NPtrfS/Amh6ZcXKaEuxC7M0Vykckk3D7TtKl8spzGV/W34VL8T0+H+jr8Zm0tvGYjf+0ToxlOn l/MbYYfPCyY8vbuyOGzjIwT+fN9+zR+1p8G/2jviN8ZP2ZtS8I6tpXxTkhnvrbxV9sWazni3EeW1 quWjDuxGH5UhSmUVqAPn7/gnpe2Ph39sX4yeAvAnhbXPh14IvtBttXt/DGvK8d1Zz7rZVkeKR5GQ uJnZQWJ2MqkkKK+kP+CRn/JmWj/9hfVP/R1Xf2cP2Sv2gPhb+1T4m/aI+KvjHR/GB8c6EbTVWtkn tZ7e+86Bo4raAxNG1rDFbrEjtKrkclARz5p8Nv2UP25v2fNO8QfBb4E+OvCcHw01q/ubqy1PUobt 9a0mK6wr+REi+S0qgZXezIWG7Me4igD4+8D+CPCPjP8A4JZfF3WfEFgmoXHhnxZq+paZKWcfZ7r/ AEWESrsYBj5cjLhsjB6ZxXX/ALUPwd8H+C/+Cef7P2i/DSxHh258aeKPCepXk8Ekpd9U1DQ50kut zsxVyQp+UgDHAFfZnwg/YT8aeB/2KPiJ+yv4j1/T31LxVeajPY39qZpYEjmWD7MZw8cTBt0I8wKG Cg/KzVyOsfsi/tZfEX9nL4b/AAc+I+r+Ehqnw08WaHf2VxZzXqxS6Ho9lJahJGNsS10WcEYRUZep UjkA8S/bY/ZK+Dv7I/ww8D/HD4DWl74e8b+GPEemQtqn2+5mnvlmEnmtcCR2TfIwyxRVBBZNuw7R +69fHP7cn7PXjP8AaZ+C9v8ADnwJe6fYalFrNjqJk1KSWKDyrXfvAaGKZtx3DA249SK+xqAPxFT9 nfwF+0V/wU8+O2h/FOO41PwvoenaBfSaSlzNb295ef2XZxW7z+S6MwhV5SoyOW67Sytx37N/7H3w q8V/tVfHL4EeLlvtX+F3w1vra+0nw3Lf3S2KXmrxZE7hJQ7vDDGYlZmJIOWya/SX4a/s9eM/B37Y 3xf/AGhdTvdPl8O/EDT9ItbC3hkla9ifT7WCCUzo0SxqpaJiuyRyQRkA5APgn+z14z+G/wC018cP jPrl7p8+ifEt9JbTYbaSVrqIWMLxyfaFeJEXJYbdjvkdcUAfld4Z8eeIf2UPg1+2n4M+Fd9cWWne BfEOn2fh5WkeVtOGtXL2kjxuxLK8cQUq5Od6KxyTz5tD4D+BF38BYtO0j9nf4xS/FaWwW+g8ZR6J ctK+uMnmrdCVbwg27TdMRlvL+YfvPnr9RtE/Ye1DW9R/ac0n4oX9lJ4b+Ol9aXOnmwklkurMWpmk jlmSSKNBJHK8ciqrupKkMcdfLh8Bf+ClVn8L4/2ctP8AH3g1PCUNuNMj8UKL+LX00tR5aptVfLWU RDaCMtj/AJbbvnoA+YP2nvDF38Vf2Yf2Yfib8d/DFzbfEjUfFGleF9YfUorizvpLBJb2ORJoZChU 3BiWYttDHduUhSK9L/ao/Zy8AeIv2yP2af2dtEt5tA8Gvo2sW7W1jcSxP9ggSe5nthKWMgWdEeJ/ myVdhmvq39of9jPxp44/Zn+H/wAI/hj4sE/ir4a6tp+s2epeIJJpvt9zZpMshuJAJXXe8xdRhgu0 R8L8wt2f7PH7QXi79ob4E/tB/FO/8OLqPw/0vWrTxBBpkt0Flnv4bqG3NkksGGULLGZPMdCCG27g BkA+afEnwM+Hv7I/7e3wA/4UFaT+F9L+IkWsadrGnx3U81tcR2sClCwneRj80itjdjfGrABsks+A 3wb8Fftu/Hz44/FX9oy2l8VWXg7xHc+GNA0a4nlitdPtbRmUv5cLp87qEz2372O5iCv218c/2evG fxN/aS+Bnxi0G90+30b4ZT6tLqUNzJKt1ML6KJI/sypE6MQUO7e6YGMZrxfW/wBmb9pr4KfG3xt8 XP2Qtc8OT6R8Sbj7drXh7xSt0LePUSSz3NtJa5Yl3d3YFkxuK4cBNoB8d3XjXxH+wx8Rf2lPgf8A CnU7pvCWl+DV8U+HLWd2uzot7czW1qRF5hbCK92XO4HIRC+TuLehab/wT9+CWq/sPL8TJ4rmT4n6 p4UbxU/iY3tx9rbULmzN6ysfM8toTuMTZXLKSxO87q+nPhP+w/qdy3xT8cftO+IIfF3jz4v2Emj6 nLpatBZWGmMiqtvZeYgfK7EIdl48tPlJDM/jkP7MX/BQXT/hDffsraX498If8K7FpNplrr80V7/b o0llKJZmNV8lQY/3RPzFIyQshIUUAfTP/BN//kyX4W/9eV3/AOl1xX29Xzp+yX8IvEnwG/Z38F/C Txfc2l5rHh23miuJbF5JLZmkuZZh5bSxxORtcA5Rec/WvougAooooAKKKKACiiigAooooAKKKKAC iiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKK KKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooo oAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAP/9b9/KKKKACiiigAooooAKKKKACiiigAoooo AKK+F/2y/wBr3V/2dpPCXw++Gvhg+M/iZ8QZ2t9G09mK26bXRPMn2lWYMzhVUMoOGZnULz80eKfi 7/wVe+FXhy/+J3jDwH4M1/Q7CI3d9pmntK11a20Y3SlNlzliqg52tMR1AIFAH6/0V4F+zL+0F4Y/ ac+D2jfFvwvbvYJf+ZDd2UrB5LO8gO2WEuAAwBwyNgbkZWKqSVHvtABRRRQAUUUUAFFFFABRRRQA UUUUAFFUNV1CLSdMvNVnUvHZwyTMq/eKxqWIGcDOBXy3+yj+0pf/ALUvwX1D4t6ZoK6Ix1C/s7Gy abz2K2wXyjK+EG5y3zAYA6ZOMkA+s6K+dv2YPEv7Qniv4YjVf2mfDdl4V8ZfbZ4/sdiVMP2RQvlP 8txcjcxLZ/edug7/AETQAUUUUAFFFFABRVLUtRstH0661bU5lt7OyieeaRvupHEpZ2PsACTX5afD z9ov9tP4q/slP8cvhR4X0vxL4r1/xTdJpGnXEKwwxeHYS8O591zbh5UnjZd3mcj+E9aAP1YoqC2a d7aJ7pQkzIpdR0DEcgde/vXxZ+35+0X46/Zf+Ay/E34eW1hd6sdWtLHZqMUk0HlTrKWO2KWJt3yD B3Y68UAfbVFZ+k3cl/pVnfTACS4hjkYL0BdQTjOeOa0KACiiigAooooAKKKKACiiigAooprusal3 IVVGSTwAB3NADqK/H3wv+1j+2Z+1x4s8U3P7Huh+G9C+Hnhe7ayj1nxJ57PqEyfNhPK3bS6FX2CL 5FZd8gLAV7n+yP8AtefEb4lfFDxd+zZ+0T4WtvCvxS8Gwfa3+wMxsr203IDJGHeQqQJonXEjCRH3 ALtIoA/Q+iiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiii gAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKA CiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD//1/38ooooAKKKKACiiigA ryT46/GHw98BfhVr/wAVfE0T3FnokKstvGcPcTyusUMKnBxvkZQWwQoyxGBXrdfPH7VXwQk/aH+B fiT4XWl2lhqF+kU9lPLny0urWRZohJgEhHK7GIBIViQCQBXVgY0nXgqz9y6v6X1NKKjzrn26n436 J/wWB+McfjBL3xF4Q0Sfwy8v7yzthcR3iQ5/guXldDIB1Ji2tjgLnI/fPwb4s0Xx54S0Xxt4blM+ la/ZwX1q7DazQ3MYkQsp5U7WGQeQeK/l40T/AIJy/tb6t4wTwndeDDpkfm7JdRubmD7DGmcGXzI3 cuuBnCKz/wCzX9N3ws8BWPws+G3hj4cabM1zb+GtOtrBZmG1pTbxhDIQMgFyCxA6E19nxnhsupxp /Umubryu6t5nq5rToJR9la/kd7RRRXwR4x+en7cn7KXxF+NWoeCfjH8B9ch0L4nfDWaSbTvtAUQ3 cbuj+WzsrqrIyEoHUxuHZXwDkfLd/wDt4/tpfAmyltv2sv2fG1DQ4VMV3q2jl0thE3ylpJEN5asW H8JkiB9ulekftyal+0j8Bvj34F/ao+GUeseLvh9pNobHXvDdrc3BtVb98pnkt03ookjlG2byyEki Uv8AeUHO1v8A4LE/s03fhadNE8L+I9Z167jeCLRZ7KGPzZmG0RSyCaVQjE7SVV2x/AelAG74x/ay +CPwr/YK1r42/sh6TYaDb312un2VjFZxWn2PWbopHK1zAgKGeGEeaM7lcKnLIRXC+CP+CcHi74g/ CzT/AImePvjX4xg+L2v2Kail9DqLCzsbi5QSpAYseaypuCuUmTkfIFAAPgvw1/YZ+MWvf8E6/iDo Wp6K2keMPFWtReKNJ0GRDFLHFZKqrCY2OY5p4/NCI3I/dhsEnH0L4A/4KufB3wh8HNP0H4k6PrVh 8UvDllFpt14e+wSrJcahbIIvkkb5Y1kcAkSYdMkbWIG4AxvhP+0p8Uvin+wB8d9M+I+oSj4hfC6y 1bSbnUYZPLuJfLgYwzM8W3EqlXjLry2wOSWLV5N8Cf2Q/iR+0V+yjZfHX4nfGTxXH4iTTLqXwzaW d+Y7Oxi07zIrdp1KlpJJGiLO6OjlWBZi+TXXfCD4J/Eb4b/8E+v2i/iR8WLE6T4k+KdjquttYsCs sFs1u7R+ajfNG7vJI2wklVK7sNuUfa37FI/418eCh/1Ll9/6HcUAfAv7JXwO+KX7fnwSTx38fvi/ 4nt9P0J20PRLTSrpLcMbJEY3l8WR/tMpZwu5sSHZkyc8df8Asr/tTfEb4R/sW/G/WvHWqS+LNW+D erz6TpdzeyNIztM0dtaxyO7F2jS4bcASSEOwHAGPfP8AgkB/yZ1a/wDYd1P+cdfIH7OXwc1X49/s 3/tffCvQdn9rat4tnkshIdqvdWU4u4Yyxxt8x4gm48Ddk8UAcb8MvC3wG+Mnw+t/ir+0h+1rqOm/ FTxDG96iWmuRW0OjvLkxRG2K53KMGSONoVX/AFaBdu8/oD/wTM/aM8ZfGTwT41+HXxC16Pxbrfwx 1NLBNcjcSDUrCcyrbTF8ZkOYJMSnl0KlstuY/B3wX/aC/YO+GXwms/Af7UXwTs9I+KPg23XTtQtL jwxBNdahJbjYk3mSIMSyKAZDMyZfLAsCDX6I/wDBOtfE+veCfFHxK1z4SeHPhLpfiS9QaNa6NpZ0 29utPgMhSW9y580DzNsLbI84dwu11NAH1t+0F8VI/gh8E/GnxYaBLqTwzpk91BDISEluQu2CNiOQ rysqkjkA8V+Uv7Pn7GHjL9rP4WWP7RP7Q3xc8Wr4q8ZLJfaZFpN8tra6bAWZYCsRR1+YAOEi8tVR tv3ssP1M/aT+Ft18bPgL46+FenypDe+ItLnt7V5f9WtyBvgLkchfMVcnsOcGvyz/AGYv+ChPw4/Z u+C9h8Bv2nNJ1nwh45+HcL2H2M2EkhvYI2ZoDERwrbCFy5WNsB1cq3ABt/s7/Gj4x6T4I/aX/ZZ+ L3iGbxB4l+Eei6pJpeuNIwu57L7LMqMz58wlCI5EdmaQeZtLfKteU/sWfsh+Lf2sf2ftN+JPx3+K ni02Ltd2nhuz0/UjEltDbXEqyXUxkWTzZWufMC5wQigFiCoTsf2efA3xF8beGf2pf2zfiBoknhq0 +J/h7V4tDsbgEXJsEtpm8yRSMhdkcKI3HmEOwATYW89/YJ/4KG/Cn4Afs16X8M/jfZ6po76M99ca Jcw2Mk8Oq2c91LK4hcYXzI7lpYyWIj4A37gwAB6t+z1J8QviZ4M/aA/Yc+O3jbV768+GU8T6frtl dGDVLiwjkeRUM8glYx5iiJD7m2TNHuwq4zP+CTvwf0yx+AesfHeDxDrX9qTprOlDTDeD+yI0XypB OlsEDC4ygHmb+hPFekfsG/D74h/EbxP8c/2tPGmhzeHf+FtNJbaDY3KlJjYjeRIwbB2EeSiNwHKO wG0qT5X/AMEuPjp4S0X4UeI/2T/EFrf6V8QdLfXNQktrm3McflIkauhYncsqNkMjKCMGgDmvgB+1 F45+C3/BLzxJ8Wjqk+r+LpPEF1pel3GoyvdMlxdGFFcmUtu8mPzJVU5UsoBGCa9g8Ef8E4PF3xB+ Fmn/ABM8ffGvxjB8XtfsU1FL6HUWFnY3FyglSAxY81lTcFcpMnI+QKAAfm39n34GeJP2gf8Agk94 l8FeDYftXiCy8SXeqWFv3uJbPyWaFD/fkiLqnYsQDgHI+nfAH/BVz4O+EPg5p+g/EnR9asPil4cs otNuvD32CVZLjULZBF8kjfLGsjgEiTDpkjaxA3AHlemftN/Fj4l/8E4PjZp/j/VJ4fiJ8MLuLRrr U7eUw3Myi9gEcrPFsIkH7yJmH3wm4kszVp/Cv9h3x/8AtC/s1+H/AIz/ABJ+M3i3/hO9T0SK80OK 1vRHp1hDHBtskaHbvdnjVGldHjZmYklmy7eeaX8E/iN8N/8Agmx8f/iR8WLE6T4k+Kd5ba21iwKy wWzXsDR+ajfNG7vJI2wklVK7sNuUfrp+yV/yaF8Jv+xO0j/0ijoA/Mz4cftO/tC+Jv8AglT4t+JG jald6l458LXcmj/2suZb5bBZrcyXRYAs0sNvOy+b95Qvms25Sx8D+HHw6+B/xP8Ahvo/ib4DftQ6 3ofx8eG0mmi8Sa3Jp0E+oFkaeAq8QkdQd/l+XJODxu3gnHqf7DfjL40/D3/gmx4w8Z/AbQ7PxJ4n 0rxReytYXlvLdCaz+z2guDFDDLEzyIh3hcnIUgKxIFeM/G74tf8ABOj45fBS6v8ASPh/NoXxy1Gx EdvpuhabcWbx62ygEMIdtrND52d24NKydFEh4AP1J/bS+IPj/wCFH7BGrweO7u2vfiDr+l2fhqeX Tixgu9R1ELb3T2+Y4mG+LzpFGxcHgCvnT9vfw3rv7Of/AATr+H/gPwhqdzot94dvdE0+e4sZ3t5J JRazm5O+JlOJJtzkZwTXAaR4Z+JHizW/2MP2TviuZ5da8PJceNfEVvdEtJDa6fJM2lwzgknKxo1u wPQnHHNe/wD/AAWR/wCTR7T/ALGbTv8A0Rc0AZf7aXjf4qfE745fB79ij4Y+KbjwfF44sG1XXtRs nZLs2MaykoHUqwXy7acldwEjFFY7cg/GH/BRP9jjVP2avgjY618OviD4j13wTqGp21tq2j67eLeI t3ske3vISqRqnIZXAXdlx823IH1v+2foPjH4GftD/CH9u/Q9Fn8Q+GfCWmpoviK2tF3z29rKlwn2 jbwCDHduAxYKrogYgNmvlv8A4KNft1fDn9pH4IW3gD4GWmpaxpdvqFpqGt6pNZS29tZqodLe2JcD 95JK2cn5cJhSxJ2gH0x+3z+0L4n0nxd8J/2W/DfjpPhhpvjGwg1DxF4jMvkvbaaxaJUSQFWTd5Mp O1lLtsTcFLZ+Vfi1qHwj/ZX0XT/jP+x7+0teeKPEukXcH9p6BqesxalFq9vM6pIfJjSMEgnLhlYh MujIyAn6J/b9+Ft94X+K/wAHv2udQ8DJ8RfA/hrS4dJ8T6S1qt4qWa+ayzyQuGQgLcyFHYBUkSPc RkEeU/En9or9jbxraaP4I/Yu/Z+8PePPiNrtxAsVvfeFIltLWEt+984DynLDhSwcRICXaTC4IB9v /tNp8Zv2hvAvwo134e+N4fhZ8JfEtpa6x4p1kamljfR2t7FFNDDHK2zgIWBw4Duy7lKqQfzE/aWb 4IfssDQviX+x/wDtE6r4i8cWmpRLeac+tJq8F3bbWLySvbIsRAYKrpIWVw3ABHPtX7fuiR+D/jN+ z5D+0PoUjfAfQ9EtrXUrHw9HLb6VBqsYlSeOGNH3RxqBb+Wm4OYFZUbcGNfPP7aHxB/Zf8c/BN/D 37GnwrWPQNDv7W98QeLINGe0itk5gt7VrmaMTs00swJ3sB8oADbiVAPtX/gpB8Vdeh+JPwY8HePP FGt+Afgt4otmu9d1LQfME8k5yTCzRqxZY18s7cPw7P5bsiitL9nP4R22hfG7wn4w/Yq/aBi8afDo hv8AhKPDuu601zdrbFgC0FqlvuV8MWQyRxMrqAZCrsB2H7TP7S2rfDmP4Raj8QPAeleOv2a/GOi2 M2q3smmtqFxBczQny2+eQwKoV4ZI90QZx5iq24DHwvqmjfs6fFP9qf4RXv8AwTk0XVLDXNP1eK+8 QXtrDeW+l2tkk0RZ5EuWBRVTzFkRAkcit5YDs4FAH9K1FFfLP7SH7WHgz9mfVvAekeLNI1DVJfH+ oPp1o1iIisMiNCpaXzZEO3My42gng8dKAPqaivE/2iPjl4d/Zv8AhHrXxh8VWF1qemaI1qstvZCM zubq4jtl2+YyLw0gJy3QHHNbfhD4q6N4y+DWlfGqxtLiDStW0SLXY7eQJ9oWCW3FwI2AYpv2nHDY z3xzQB6jUU8EN1DJbXMaywyqUdHAZWVhggg8EEcEGvnT9lr9pjwn+1b8Np/ib4N0u+0iwg1CfTjD qAiExkgjjkZh5Tuu0iUAc5yDxX0hQB8yfFLxx8FP2Jfghrvjqy8O2Xh7QLCTzY9L0e2hs1vNQucI kcccaqgeQqNzY+VFLHha+RP2GPhF8WvHfxa8Vft2/Hqzj0TW/H9ilnomjIpBtNLPlFJXDcqWjhjV M/MwLuwG8Cuz/wCCn+sfBDS/gX4dj+Pln4gvvD03iS1MUXh2W2iuGuo7W6ZBMboFDDs35AG7dtIO Aa/Ry2eOS2ieJdiMilVxjAI4GB6UAT0UUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRR QAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFA BRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAf /9D9/KKKKACiiigAooooAKKKKACiiigAooooAKzV0bR11A6stjAL5uDOIl808Y5fG7p71pUUAFUp dM02e7j1Ca0ikuoRhJWjUyIPRWIyPwq7RQAUUV4J+0n+0R4J/Zf+F118VPHcNzd2UNzb2kNrZhDc 3M9w2AkQkdEJVA8hyw+VGxk4FAHvdFeU/BD4w+E/j58LPD/xb8E+Yuk+IIWljjnCiaF43aKWKQIz KHjkRlOCRxkHGK9WoApXOmabezQ3N5aRTy25zG8kasyH1UkEj8Ku14D8P/2hvCvxF+NHxF+CGk6d e2+r/DX7B9uuJxGLaf7fGZU8gq7OdoGG3KvPTNe56heR6dYXOoTAtHaxPKwXqQiliBnvxQBbqld6 Zpt+8Ul9aRXLwHdGZI1co3qpIOD9K8a/Zz+PXhr9pX4UaZ8XfCNhd6ZpmqS3MUcF8IxOptZmhYsI ndcEqSMN0p/xe+OOk/B/XPAWhaloWp6xJ4+1u30OCTT4lkjs5Lh1QT3RZl2QruyxAJwDxQB1Xxg8 Par4u+EnjbwpoUYm1LWtD1KytUZggee5tpI41LMQACzAZJwO9fO37C3wS8V/Br9lrwf8L/ixpNvB r+iz6jLLBviu0jM99PNEyyIXTJRwcg5Gcda93tPjV8PtQ+M178BLG9efxhpmk/21d26xOI4LRpYo k3SkBS7mVSFXJwCWxxn1egAqFbe3SZrlYlErgBnCjcQOgJ6mvLvhJ8avh98cNM1zWvhxevqOn+H9 WuNFnnaJ4ke7tUjeXyw4DMi+aFDYAJBxkYJ9XoAKpS6Zps93HqE1pFJdQjCStGpkQeisRkfhV2vK PHXxq+H3w78a+Cvh34lvXj8QfEG6ntdItY4ncym2QPM7MBsRIwy5LNklgFB5wAer0V4Bpf7Q/hXV f2ktX/Zjg069TxBo2gL4glvGEf2Nrd5oYRGpDmTzMzKeUAwDz0r3+gAqhHpemQ3smpRWkKXko2vM saiRh6FwMkfjXj/wJ+OOk/HjQ/EOu6RoWp6BH4e1u70OSPVIlhkmktEidp4grNmF/NAUkgkg8V7f QBSOm6cdQGrG1iN8I/KE+xfNEec7N+N23POM4q7RRQAhAYFWGQeCDVazsbHTofs+n28dtFktsiQI uT1OFAGT3rwv4f8A7Q3hX4i/Gj4i/BDSdOvbfV/hr9g+3XE4jFtP9vjMqeQVdnO0DDblXnpmvfqA CqVrpmm2Mks1laRW8k53SNHGqFz6sQBk/WrtFAENxbW95A9tdxJPDIMMjqGVh6EHg0ltbW1nAlta RJBDGMKiKFVR6ADgVPRQAySOOVGilUOjghlYZBB6gg1WsdPsNMtxaabbRWkAJIjhRY0BPU4UAVco oAKKKKACiiigAoryj4SfGr4ffHDTNc1r4cXr6jp/h/VrjRZ52ieJHu7VI3l8sOAzIvmhQ2ACQcZG CfV6ACivBvgn8e9C+O974zuPBunT/wDCOeFdVbR7bWHZTb6pcQLm6a2UcmKJyEEn3Xzlehr3mgAo oooAKK5Hx74j1Pwh4K1vxVo+jTeIbzSLSa7j063dUnujCpcxRFsjewBCg9Tgd6wfg58WPCPxx+Gm gfFPwNcefpGv26zIGx5kMgJWWCUAkCSKQMjjONwOCRgkA9MooooAKKKKACiiigAooooAKKKKACii igAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKK ACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooA KKKKAP/R/fyiiigAooooAKKKKACiiigAooooAKKKKAPnH47fHhvhTLZ6Lo9lHfavex+f++LCKKHc VDMFwWLFWAAIxjJPQHO+Bf7Qc3xP1K48N+ILGKy1SOIzxPblvJlRSAw2uWKsM5+8QRnpjmt+0N8C tX+Jd3Y+JfC80Q1K0h+zSQzNsWWIMXUq2CAylmyDwQeoxzmfs+/ADXPh9rU/i7xdLEt75LQW9vC3 mbA+Nzu2MZwMADPBOTXalS9l5nzkp4367ZfB+Fv8z67oooriPowr8hv2ovGvhX4tft6fCb4FeJNb sdL8J/C1D4v11r25it4JL8BXsoG85lVmX90dvdJ34IBr9bdRvU03T7rUZIpZ0tYnlMcEbSyuEUsV jjQFnY4wqgZJ4HNfkB+yP+yBofx2j+In7QX7X/w6lfxT488RXFxZaZrkFxbT6fp8PESiJ/LdQSxQ bl5SJCDg0AXv+CfXjLw/8LPj58Zf2QNK1e11Pw/Z6hJ4k8KzWtwlxAbG62GaBJEZlJiR4cqp+8sp wOa3rLxL+0h+2P8AHf4m6N8MvibN8Jvh58KNSbQYX0+zhvbrU9UgZ1mlkaTb+7Vkzt3bSpQBSS7D h/2mf2Wrf9mP4n/CD9pD9kj4d3cj+HNXaz8QaR4ftrm9nudPukw8nkp5jAeUJombGAzx56VteFNd +IX7C/x0+KcepfDPxJ47+G/xV1V/Euj33hbTnvrizvbpmaWzubdinlnLBV3MCAoIDbmEYB59+yJ4 s8efCH48fte+NPjxdw634j8FaVp15qdzaotsl/HptrcPFMiAbY2uII0faBgM2AB0rqvAmg/t2/HH 4I3f7Utl8Xxoup69bXepaR4MTTYJdKfTlL+XaSysQ4aeNcLJguoKln3Ela/7OPw2+MHxx+Jv7V2o /GfwLqfw+h+LujWNpY/2jayCOOCe0ngtwsxCpLNbwtEZlQ5SQFWVGBUS/CT4+ftD/Av4IL+ytqvw M8Vaz8TfDNvPoujahp9l5vh67iLMlrdyXzMqxxRqy7jgghRuaMswQA95/wCCUH/Jkng//r81f/0u mrpv20fi18RPhn8QP2d9I8Da1JpNp4x8eabpOrRokbi7sZ5oVkhYyKxUMGIyuG54NN/4JmeDfF/g L9kDwr4Z8c6HfeHdYt7vVGlstRtpbS5jWS9lZC0Uyq4DKQRkcg5HFYn7dXgjxp4u+I/7M994T0DU NattB+Iel3uoy2VrLcpZWsc8LPPcNGrCKJQCS74UAHJoA+XvBPww+Kc//BVLxvawfFO9guLDQ7XW bmcafblrzSWvbSQaOyk4SIIyx+cP3mFB6k1+yHjTRta8ReEtY0Lw5rUnhzVL+1lgtdShiSeSzmdS EmWOT5HKHkK3BxzX5j+Lrn4g/BT/AIKS3nxTn+HfiHxT4R+IPhqw0CHUNFsnvIrO4a5tw8lyyAiN IhCWcMQ20hlBGa/V6gD+ej9kLx742/Zj/Zc+NP7Rlz4vm1vTNB1/VdKtvDU1rFHbXOt3EljFFqLz qfNzl8PEuF2BiCDzX01d/Dr/AIKB6X8FG/aQPxzafxjBpv8Ab8vhRtKtf7J+zLH9paxDD/loIvl3 BRlvlD/8ta+ffh38GPir4v8Agj8d/wBh7xF8P9d0PxDq2van4m0fX7mzddCuHt57SS3txeHEe648 hlVwSu1ic5Uivfrv9rD9oTWfgNN8Cbf9n3xpH8XZ9IOgyzvp2zQkkaL7K18L4vt8vrIoxs3fL5hX 5yAfoV+zJ8aYf2hvgP4P+MUdqtjL4htGa4t0OUiureV7e4VCSTsE0b7MnO3Gec1+af7dHw7+I2uf tvfs+roXxGu9CPiWfVItIMdlBL/YUltb24nlh3n9+bkkFhJwuOK/RT9kb4J337O37Ovgv4Q6tcx3 mpaJbzNeSwkmM3V5cSXUwQkAsqPKUUkAkAHA6V8mft76d8QPDPxr/Z6+PnhTwTrHjnR/h/qGr/2r a6JbNd3ka3sdusRESAnDBH+Y4UEBWYFlyAfO/jnwl8ddf/4KX6p4F+EfjdPDOuXfgCxttY8Ry2Ud 1cR2ML27zTQ25IjE006RLyQFDtgggV9Efs8+O/2g/hR+2BrH7Jfxn8c/8LK0e98NjxDpGrXFolre RBZxEY5PLJ3BsSBtzPyqlSoLLWj8LdC8a65/wUc174xXPhLWdH8Ma/8ADGySK7v7Ca3iju5rixmN nJIy+WLmNQweLduUq2Rwa3NT8EeNJP8AgqBpHxAj0DUG8LxfDtrJ9WFrKbBbr7bM3kG52+UJdpB2 bt2CDjFAHy/of7XX7Q2kfsSfHT4vW2ovr/irwv48v9E0+7mt4nGm6d/oSq/lIiq4h85ypdWG5gX3 KCK1vhB4o+PWs674K8W/AT9pzTPjil5d2/8AwknhnVktNPnSzdd1xLBG5FzEUAIRQikNhjuUMtRf Ajwp+1P8M/2TfjU/wx8HND4zn+IusahBpOv6bKv9qaRNBaJKbeGfyhKJAGKNyrhGRcsRXzf8VvAW kftGX/hO2/Zp/Zl8V/CH4rw6taz32uSac+h6Tpix7mlJZWWJiG2upMUUh2/LknYwB/RpX5QWXiX9 pD9sf47/ABN0b4ZfE2b4TfDz4Uak2gwvp9nDe3Wp6pAzrNLI0m392rJnbu2lSgCkl2H6uRhlRVdt 7AAE4xk+uK/Inw1rPxE/YR+PPxWtdV+GfiLx58OPilq8niPSL7wpYHUJrO9uWczWdxDuQLksFUlh wqlQ25hGAeafsmeMfHXwa+Of7X3jj49XcOt+IvBWl6bd6lc2qLbJqC6fbTmGVEA2xtcwpG20DAZ8 YHSvRPhT4P8A27/2lvhXD+0VF8cD4D1TxHHLfaB4cs9Mt5dMitgzCBLl5NzMJducsshVSGO4koOc /Z5+GXxj+O3xH/axvvjF4I1T4dp8XdFsbTT21C1kEcUU1pNDbbZSFjmlt4miMyqcpICrKjZUbXwP /aS+O37NvwbsP2ePHnwB8Y69498HQSabpVxo9gbvRNSijJNvI16jYjRVKq5RZOBuO0kooBQ/4eD/ ABY8UfspeFr7wvpVnafGvxX4uHw/AcL9kttUG0teLE28H5JYhsbKLI5JDIu1vXZfhd+3/wDBfxn4 N8YeHviXL8btM1K/ht/E+iXtpY6YkFtIMy3NpI8qBQgB2qhU7tuVdWZV+XR+w/8AH7wH+zB4M8fa VYRaz8XvCvjr/hYtzo0bqTIZhB5lkj5AaVRbxOyqSCd6IWO3d9G65+1P+01+0BrvhL4dfs8fDDxZ 8ML19Qt5vEuveKNIigtLGxjB+028IuUlSV2yCpwsh2gBBuJUA9Y/ZX+LXxE8e/tJ/tL+CfF2tSaj ongjWNKt9GtnSNVs4rhbsyKrIqswby0++W6cd88b4G+NfxR1T9oz9q/wZqGvyzaL4B0qwuNDtjHE FsZZbCSV2QhAzZcBvnLCvILPxR8T/wBjj9rz41+JtY+FHijx54P+Lc2n6hpt/wCGLE6gyXFtHJiG RQVVCXnkVgzBhsDKrK2ap/sxeF/jrrHxY/aq+IfxQ+H+qeE7rx7o1pPp1tPbyOkiy2k5htoZwoSa aKJo0lWPJSTKMqsNtAHlfwx1j9vn4z/sjXn7Uf8AwvBtAPhmx1O80zTLfSrVzqkekmYzy3k7AASS NG8aJ5bRgIpKgsTXSf8ACV/tx/F39lG6/bPg+L0fgx9I0y41Oy8NaZpcJtJ7bSt0dxLcTSl2MlwY pJAjK8ajaAAGwv0d+y74B8deH/8Agl83w/17w5qWm+KD4b8Wwf2Tc2k0N/51zc6g0Mf2Z1Eu+UOh RduWDAjORTfhn4B8d2H/AASrvPh3feHNSt/FTeCtetRpElnMmoG4mF15cItiol8x9y7U27jkYHIo A4n45/tw+PdL/Z3+A9z4R1LSvCfjn44wW4m1rUjHHpujRJHCL67PnEooWSZSnmBlC7uGYCvIfEH7 SnjD9lvxL4P8ZWn7T2iftAeFNY1ODTvEOiiXTmv7WO4yWvbMWk0jhI9p+UkIpKhgwbKS/Er9mX4n a3+y5+zF8R9K+H//AAlmv/CC0jOs+DtTtMT39hcrEbiBra4XJkTyQBEULfOWCkqFLb8aP8bPFvhT wL+zn+x7Y+DGkvY28Raz428FWdrZWVovEscQAAkcZJHzBztCqnzEqAewfFbx3+1R48/bz1n9mr4Q fEFfBvhuTwza6pdXL2MF7Jp8SMnmy2qSAZmld0i+dsKrlhhgKT4V+If2m/Bn7S/jT9i/x/8AFObx NFrXhKTW/D3ih7CFNQ06VnEKuYuVk2t5mVd2BKKQVDMo9W8J+CPGlt/wVA8afEC40DUIvC918PIb KHVWtZVsJLoXlkxgS5K+U0oVGOwNuwpOMA0X/gjxo/8AwVA074gJoGoN4XT4dtZNqwtZTYC6+2yN 5BudvlCXaQdm7dg5xigDwX/gkp4J8c2Xhrx54tvfHNze+H4vE2s6bJobWkKwyagos3bUjOD5gkZA U8ofIAc9a+3/ANuX4m6p8If2TfiT460OZrfUrfThZ2sqHDxTajNHZJIh/vRmbePcV8o/8E7rn4g/ CXxL8Rf2c/iD8O/EOkXEviXWdfttdlsnGizW8v2eJI1usbGd9hdCpKsvGcjFfTX7f/w/1L4mfsef E3wvo0Rnvk05NRiRQWdzpdxFfMqAclmWEqAOSTigDzTw94s0r9ib/gnJoXjKxsFuZ/DXhmxultn4 WbVtXaNj5mCDsN3c5fB3bM45FfEL/GH402/wmPx6H7ZPhWX4gJZf2wfBXnaQdPKbfPOmBBN5nn7P 3eQm8v8AJuz+8r7X1/wY37aP/BN/SvDfhK5iXVPEnhnS5LVnYeWup6WYneBn6KDcW7wsx+7kkjjF fDVp4g0fR/hNa/DU/sPS3HxutbRNNFxN4Ps5tDlu4wIft73gT542I8wjGwnjzdvz0AfR1v8AtdfE HXfiJ+yx8ZLfUZNP+G3xjt7nQtY0cLG1vBrqs8EbrKymQbrl9q/PykXIBJrnpP2x/icP+Ck8Xw2G pyD4QtqLeEvK8uLyTrS2IkJ37fM8wXbCPG7G3tnivR/2hv2d/iHq37AWkeGdP8O6dZfErwG9n4ls dM8LWAgtYdUguGmmis7WANl/LmlH7sHzJcsB82K+Xb39nP4zj9gS0+KUXhnUP+F1xePD8Rm05bGc 6l9vkvfs+z7Nt8//AFO2cx4yAM9eaAPvT9nX4r/EX4x/tUfHW7/tqR/hp4CuLXw3pdgI4/JfU4gP t03mBPMLJJEwwX27ZRxxmvMf2HryT4d/tJ/tKfs3W5ZNE0TXIPEOlQH7tvHrCGWaNB2QBodoHHU9 SSfbf+Cfnwl1/wCEn7MugW3jS1ns/Fvime68Qa0l1G0VwL3UZNwE0bgMkiwrErqwBDAggdK8V/Y2 hf4h/te/tPfHq0G/RptVsfDNjOOUnfSYRDcFG6FQIoSMZyGH4gH6gUUUUAFFFFABRRRQAUUUUAFF FFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUU UAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQ AUUUUAFFFFAH/9L9/KKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoor8h9N/aI/bz+MH x2+MPw5+A0PgiPSPhhrI08trcV5HO8UzzrAd0Mjh2xA287VHTA54AP14or8t9G/a+/aS+BvxR8Mf D39tnwbomlaD41ufsWm+KfD00v2CG6IwsVykzyEbmIBYmLapLbWVWK/p5f6hYaVaSahqlzFZ2sIy 8szrHGg9WZiAPxoAuUVm6TrOj69ZrqOh30Go2j/dmtpVmjP0ZCQfzrSoAKK/PbxH+038Z/gN+x9r nxv+PmjaJqPjnTLnyodO0i7C2UyT3UVtARIrzk7PN3yBSTgY+XOR9x+DPEUPizwppPiKGWGU6haw TP5DB41eSNWZQQT0Jxyc0AdNRXg3i3W/jXa/HnwLofheDSH+HF7a37a/JcSAamk6QyG1FqnmqWUy BN+I2wu7kdR67e+JvDemWk+oalq1paWtrIYppZZ44445B1R2ZgFb2PNAG5RUFrdWt9bx3dlMlxBK AySRsHRlPQhhwR9KnoAKK5uz8ZeD9R1V9B0/XLC61NAS1rFdRPOAOuY1YsMfSukoAKKz5tW0u2ea K5vIYntk82VXkVTHH/fYE8L7nimaRreja/ZjUdBv7fUrViQJraVJoyR1AZCR+tAGnRWJq/ibw54f eCPXtVtNNa5bbELmeOEyN6IHI3H2FX7rUdPso45ry6igjmYIjSOqhmbkBSSMk9gKALlFVLu/sbDy zfXMdv5zBE8x1Tc56KuSMk+gpbi+srR4Y7u4jhe4bZGHcKXc/wAKgnk+woAtUUVyWu+MNC0v7bpk ep2Y1qC1luI7N5k89giFgfK3ByvuB070AdbRXyL+w38c/GX7Rf7OGgfFjx/FZwazqdxfxSrYxtDA FtrmSFNqO8hB2qM/Mea+ndK8U+GdeuJ7TQ9Xs9RntTiaO2uI5njPo4RiV/GgDdoqvdXdrY20l5ez Jb28KlnkkYIiKOpZjgAe5qlpmvaHren/ANraNqNvf2PP7+3mSWL5eT86Erx35oA1aKrW15Z3lst5 Zzxz27gkSRsGQgcHDDjjFVhrOjmzXURfQG0dtqzeanlls4wGzgnPGM0AaVFZMWv6FPqsugwajbSa nAoeS1WZDOiHozRg7gD6kUy38R+HrvVp9BtdUtZtTtl3S2qTo08a+rRg7lHuRQBs0VQ1LVNM0azk 1HWLuGxtIuXmnkWKNR7sxAH4ml07U9N1izj1HSLuG+tZRlJoJFljYezKSD+BoAvUhAIIIyDXP3ni 7wpp1pBf6hrVlbW1y/lxSy3MSRyPnG1GZgGOeMDmvM/2h/jPZfAX4LeJ/i5LZpqx0G0NxBaGcQfa pCQqIJMNjO7JIUnAOBQBz/7PfwHuP2f28Z+GtE1dLnwRrGryatoWliEo+ji7G+6tVk3kPB5vzxKF UoCwO4nNfRteafBvx7/wtD4U+EPiDJ5C3XiDSNPv7mK2ffHDPd20c8kQOSRsL4AY5xjNel0AFFFF AHI+PtL8Va34J1zRvA+qx6Fr9/ZzQWWoSxGdLSeRSqzeWGXcY87lGQMgZ44rjfgL8GvDfwB+E/h7 4VeGCZrfRoMTXLLiS8u5DvuLmTk/NLIWbGTgEKDgCvYKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooA//T/fyiiigAooooAKKKKACiiigAooooAKKKKAPif9qb4r+LvC2r6d4O8MXkmmJPai7nnhOy V97uiorjlQNhJ2kE59qyP2YPi54y13xTN4M8S302rW01u80Ms7GSWJ48ZBkOWKsD/ETg4x1OfpD4 q/Bjwz8V4LZtVkksr+yBWG5hwWCMclHU8MueQOCD0PJzT+FHwN8L/CmS4v7CaXUNSuk8trmYAFY8 glEVeFBIBPJJwOa7VVp+y5banzksDivrvteb3PXp2se10UUVxH0YV+Vn7B3/ACdj+2N/2M+nf+jd Sr9U6/I+z/Zc/bu+Fvxx+LvxK+AfifwLZ6T8T9XGoPFrLX8twkcLzNACsdmyIwE7bgHYHjB4oA6D /gsHcaXD+yVDFdgHUJvEWmjT8Y8wXIWZiU758oSDjnmuH8feD2/a1/b5T4B/Gqee58DfDDwla61N o0MzwW2o6pc/Z98kvlMrMo+0AZzx5e0YDvn0Pw5+xZ8f/ix8V/C3xR/bT+IuneLLTwPOLvSfD2h2 zQ6cLoMrrJM7xwlgGRSVMbF8BS4TKt6V+0H+zF8W7/44aN+1J+zF4i0zQ/H9jYHSdSsNbSZtL1aw 3blSVoA0ispwMADdtQh0KZYA+bte+Gvhz9in9uP4N2vwL87Q/B3xm/tDS9Z8PpPLNZ+dZrH5dyiS OxVt06EH+EK4XCuy1+xlfnd8NP2Yfjl43+P+jftLfta69o13q/hG1kg8O6B4bWcabYvOrLLNK9yP MeTDZ6tltp3bUVa/RGgD+Yqx8C+E/EP/AAR61DxnrOnJc614U8QzPpdyzOGtmvdTs4JyoVgp3xna dwOO2DzX9A/7O3ww8B/CX4R+H/DPw70iPRdMuLaG+khjeRw1zcxI0shMjM2WPXnHoK+FPCP7BHxG sv8Agn34k/ZJ8Ra7pMXifVb1763vbV55rBXS8hu4kdnhilAbydjkRnbuyA2MH7d/Zs0X46eHPhbZ eH/2hJ9FuvEmmuLaGXQjMbd7GGKNITL56IfOJD79o24wRjkAA+Pvjt/yk8/Zn/7A3iX/ANN95XzP +y1+yp8KP2h/j/8AtN638Z7GbxJpOg+P9bt9P0t7u4gs4bi5vLg3FyUgkjzKyJEgbPAXuQpX9D/i V+z14z8Y/ti/CD9oXTL3T4vDvw/sNXtb+3mklW9lfULWeCIwIsTRsoaVS2+RCADgE8E/ZY/Z68Z/ A/xn8bfEXiu90+7tviT4wvvEGnLZSSyPFa3UssiJcCSKMLKA4yELrnOGNAHzh/wTc0ub4eePf2jP gRpV7PN4T8BeKo49Gt55GlNrDdG53IrNz92JM+rAt1Yk/Rv7ecfhm4/Zt16w8Z/Ep/hZoV5NbxXm qQWz3dzPDv3GygiikjkZ5yoB2E/IHDKULEO/Zx/Z68Z/CD4y/Hb4ieJb3T7nTfifrVtqWmx2kkrz www/aNy3KyRRqr/vVwEZxweemYP25P2ZPEH7Unwk0/wr4O1m30XxF4d1e31vTnvVZ7Oae3jli8qc KrkKRKSG2PgjG0gmgD8Pf2lJ/wBmCw+Dun+Mv2V/g3428Gat4XvLGe18a3Fpc2ljgOEG+5kuJPMk kYhkOxWDAYIXIr+nXw3ez6n4d0vUbohprq1glcgYBZ0DHge5r8nfjz+y/wDt+ftZ/DKbwP8AFnxV 4H8K2tg0Vza2Gix37RaleRMFDX08yyNDGiF2QRK+XxuTgFf1V8E6frGk+DNA0rxD5H9q2Wn2sN39 mdng+0RxKsvlM6ozJvB2lkUkYJUHigD8fPiH8DPCX7Qn/BUvxD4G+IJuLnwvZeCrPVL7TobiW3i1 D7NNBHDDOYWRmjWWZZcZHzIK6P4OfDrwx+y9/wAFI9d+FnwoSfSPA/ifwKdcuNIWaWeCO6iuPLDx iVnbcPKYrliR5jKMKQB9g6B+z14z0r9uTxL+0zcXunt4X1nwfH4fhtlklN+t0lzbTF3jMQiEW2Fh kSlskfLjJBd/s9+M5/25bP8AaZS908eF7fwefD7Wxkl+3m7Ny828R+V5XlbWAz5u7P8ADjmgD8W/ gd4s+Fnxyh8W/Gf9p34IfEf40eKPFmo3KwXuiaXcXukadYrjy7Szkju4drREsCMHYAoXB3FvQtH+ H/xT+IP7Evx1+GmteHPFei6N8LdTtvE/gJ/FVhPZ6lFp8Bmke3UyfK7QW0UgxExCNLxwVWvtTw1+ zF+2J+y7rHinQf2SPEHhPVPh54mvpdQtdL8UreLPo1xccOLdrYEPGqqoBZjnAzHu3M30z+yz+zt4 0+EfgfxJbfGrxlP8QfFfjm7lvNYklllksIhKGBtrSKXG2L53LEIm7IG0KqgAH5E/txfFHxV+1Z4c +Ftz8OrnbceDPAMnxL1fyeRFMZIYHU44V7d45CPQMexFfXC+N7P9sD9s34CDTts/h34f+EE8e36L 9yPUdWjjFtC3/TSF/IkAPIG73rsf2L/+Cfmr/s9P8VbL4marZeIdO8ZWp0TS1tZppZINEZrgyRTC aKMI8vmoWRC6BlJyc89T/wAE9f2K/Fv7JWmeM7z4jatp+ueIfElxaQQT2Es8yR6bYRlYELXEUTKx Z23IoKhVTDHGAAfYnx98c6j8Mfgd4/8AiJo67tQ8N6DqWoWo2bx59tbPJEWU8FQ4BbPGM5r8t/gJ +wb8IPjD+yZZ/FjxubvUfit47sZ/EDeKmvZ1vLXUJy8sDx7ZAgER27wQSx3EkfLt/YbxR4c0jxj4 Z1fwjr8P2jS9ctLixu4skb7e5jaKRcjkZViM1+Wvhj9mP9vD4Y+BtR/Zp+G3jzwsfhdcNc21hruo RXbeItN0y7djJDFHGqwNKodthYkAk7XjGwIAfCPgTxD4p1b9h79m79nnQdWuNB0/4weNr/SNWvbV tkv2BdS2SQhv+mhmDY/i2bT8pYH6t/bQ/ZG+Ev7KfwQg/aN/ZqtJvAfjT4a3mnSx3Vtd3Ehv4Li6 itXhuVlkYSBjKGbj5lDIwKtgei6B/wAE7/GLfsdeDfgprfiey0X4lfD7WbjX9E1vTGmuLW3vGuZJ 4lJljhkKsrLuOzKOoYBguGv+Mv2Z/wBtT9p+z0T4b/tTeKfCekfDvTLuG51OLwot5/aGtG25QSNc oEiUtz8oUBvm8s7UAAOG8a2th+2v+2t4W+DfxLe4b4c+FPA1p4vm0JJHt4b7Ur0wgGUxssjKiXUY HzfLsZRje+fZ4/2J/Dv7PWvfEr4l/BjXpfDngjXfCWo21/4R8uW4tpLwW8hW6jnlnJjK4G1fLbGX UMqsFHUfHz9lr4ny/GDwx+0l+yzreleHvHPh/Tf7EutO1lJjpOp6YpJSKQ24aRCnQAKN2EIdCgJx PhX+yz8bfGfxl1H9oH9rrXtIvdb/ALFudA0nRvDgmWwsLO8DrO5knAdpSskijO/72S5wqqAL/wAE 7HSP/gnd4KkdgqrYa+SScAAalfZzX5e6nLLB/wAEYfD80DtHLH4oZlZThlYalOQQRyCD0Nfbfw5/ ZL/bu+Fvw/vf2YvCnxA8Jw/Cq5luootae3un1+10++kZriOCDaIFkfzHbDM21mJWUcYmvv2AvjFd f8E+tN/ZQj1nQR4ts9YbUHujcXX9nGI3ck+BJ9l87dtcDBhAznnHNAHz9+3F+x18PP2Y/hD8Pfih 8G7rUND+Jdt4ksLC88Ri/unvb2a+hnM1xIWlKrI0q78oF4LLgg12n7VP7Lfwm/ZM1j4A/FH4JWdz o3iePxzpWlX1+15cTTalFdB3me58x2UtIY2D7QoZZGUjbgD9AP23P2evGf7Sfwu0HwT4GvdPsb7S /EenavK+oySxRG3tFlDqphimYufMG0FQDzlhS/tjfs9+M/2hdG+HGneDL3T7KTwh4x0zxDdnUJJY 1e0s0lWRIvKilJlJcbQwVTzlh3APzR/aU8e6D8UP28/FHgf40eBPGXxQ+H/ww06zTT/DnhSylvI/ t93bwzveX0STQkL++dFYN8wVB90MG7X9kq41TwT+2Xbab8DPhV4/+Hfwd8baZcLq+m+J9Jurawst WtopJo7mCRpJ0jEgiSMF5MlnZAMFAv1n8a/2YfjZpn7QZ/ao/ZU8Q6Rpvi3VNPj03XtI8QLOdN1S CFVWNy9uGkWRVjjUABfuAh1y4fR+BHwF/aXn+N95+0L+0/42s5tRjsTYaX4b8NzXaaLaxuCGklSb b5jgM2Awc5bcX+VQoB+fv/BOH9ib4H/H79mufxv8adNufEt5dX19p2mh765ij0u0iIYi1SKRVV3n eSRiQQSRxy27lfCfh+z8ff8ABKL4iWXxBDa/P8Kde1K30Ce4kcvZ/Z2t1QphhkKtzKqq2VCtgDAG P1g/YV/Z68Z/sxfAGz+Ffj290/UNWt9QvLppdMklltylw4ZQGmihfcAOfkx6E14p8Mv2I/Hfh/8A ZB+K37OfizW9Mj1fx5quq6hZ3dk009tCt2sBtxN5kUL5Dw/vAqkAHKljxQB9B/sT/DDwH8Mf2avA i+BNIj0keJdG0rWtR2PI/wBo1C7sLfzp28xmwz7RkLhRjgCvq6vlz9kXwV8f/hv8JbD4ffH660G9 u/DcdtpukzaE07K2m2lvHDF9pM8ceZsocsoAIIyAc19R0AFFFFABRRRQAUUUUAFFFFABRRRQAUUU UAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQ AUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAB RRRQAUUUUAFFFFAH/9T9/KKKKACiiigAooooAKKKKACiiigAooooAKKo6jqem6PaPf6tdw2VtHjd LPIsca59WYgCmaXrGk63ai+0W9gv7YnAlt5FlTI7bkJFOxPMr2vqaNFFFIoKKK/FW9m1r9sH9sT4 rfBz4ofF7W/hv4c8AzwWOi+GtEv49LuNVVwRJcs7BhOMqr4KOwWVQuwA5AP2qor80vhf8Gf2lv2a P2jPD3hnwp4q1/4ofBHxNazrqTeILyK7vNCuYUbyWSWRo2KO+wYiQAqX3IWVWPh/w/8A2yfBHwH/ AGoP2nLX45eL9Rkszrej2/h/Sx9p1CQbIrxrhbO2XcsSD93vI2LkoCclaAP2dor54+EX7VHwP+Of gHWfiR8NfEI1PSvDqO+pI0MkV1aeXGZT5kEih+UVirAFXwQpJU47n4Y/GDwJ8YPhnp/xd8CXsl74 Y1OO4lgnkhkhdktZZIZcxyKHGHiYcjnGRwRQB6dRX5X/ALXn7ePhez/Y6k+KvwB8R3drqvjGZrLQ r4afKCrWl3FFfbvOjKwsIi4RnAy2Ch3Yr7h/Z2+L/hj43/CfRvG3hW6uby38tLWeW7t5baVrqCNB MSsyqzAsfvAYbsaAPb6K8l1/43fDvwz8W/C/wP1i+ki8XeMba6u9NthBI0csVmjySlpVUohCxsQG IzjjqKXxd8bfh34G+JPg74TeI76S38SePftX9kwLBJIk32NA826RVKJhTxuIz2oA9Zor4b8W/wDB RX9lrwfrWt+F7zXr2+8QeH9UvdIutMsdNuri7W409tlwwRUx5SNkCQsFbB2k4OPo74NfG34Z/H/w RB8QvhTrKa1o00jws4R4pYZ48b4popArxuuQcMOQQwypBIB6tRXP+K/FfhvwN4b1Hxf4w1GHSNF0 mFri7u7hwkUMSdWYn8gByTgAEnFfCtv/AMFQf2Qp9Us7SXX9StNN1CXyYNWuNIvIdOdycf614wwH qSgAHJIANAH6FUV8/wDxh/ah+CHwEu/DNt8VfEkeiR+Lor2bT7ho5JbeSPT445ZiZI1ZRlZUCDrI zBUBJxXmnwf/AG+P2Z/jf48i+GngvxBcReIbtWezt9Qsp7L7aiLvJgaVQGJUFgpKsQCQpANAH2XR Xy38d/2x/gR+zrruneFPiHq9w/iDVIvPh03TrSW+u/s+SPOdIgQiZU43EFsHaDg4+Rf2Yv2gNO+O n7fXxL1fwD4tu9e8BTeENPnsLZpbhbWGdWtUmItJdoilD7w/yBsk9QckA/V6iuJ+I/xC8LfCjwNr PxG8bXD2mhaBAbm7lSN5mSIEAkIgLNyRwBXxnqX/AAU+/Y303VLTT38X3FzbXPkh7+3066lsrd50 WRY5ZljI3hW+YKG2EENggigD9AqK8u8f/Gv4V/C74dn4seOfElppvhQxRTRXxfzEuFnXfELdYwzT NIvKLGGLDkDGa8F+Ev7e/wCzT8ZfGVr8P/DOv3On69qSl7C21WynsPty9jbvMoRyw5VdwducKcGg D7Lorx7wN8d/ht8RPiF4z+Fnhq/lfxN4Blhj1a0nt5YGj8/d5bxmRQJUYLnchIwVP8Qylp8ePhnf fGTVfgNaak8vjDQ9MXVr6AQSeTbWjlNrSXG3ylYiRCFLZwQcYoA9ior4G1T/AIKZfsgaX4hn0RvF dzd2lpcfZZ9WtdOurjS4ps4Cm6jjKsD2dAykchiOa+hvij+0l8Gfg74K8O/Efx14iitvDHiq9tbH T9RgVrm2lkvYnnhfzIQwETRxs/mH5QBnPNAHudFfNn7Pn7WfwT/afbX0+D+qXOpHw08S3hnsp7ZQ txv8l1aVFUh/LfAzvGPmUcVt/Hf9pX4P/s36Rp2qfFXWWsZNZmaDT7O3gkury8kXG4QwxKzELuG5 jhQSoJyyggHvFFfMPwI/bB+A/wC0Zq2o+Gvhxrcp8QaTH511pV/ay2V7FEGCl/LlUb1VmUMULbSR uxuGfJtb/wCClf7JujG5t4/EF/ql/ZXN1bXNnY6ZdT3MH2Ngk0sqhAEiBPDkjdg7c4NAH3vRXmPw 7+Mvwy+Kvw6g+LHgbxBbX/hSeKWY3zEwJCsGfO88ShGiMeDvEgXaOTxg18pJ/wAFNP2Pn8QjRR4r uRZG5+yDVzpt2NK8/dt2/ajHtx3342Y+bdt5oA++6K8l+Kvx1+E3wU8Br8S/iV4kttJ8OSmNYLn5 p/tLzKXjS3SEO8zOoLAID8oLfdBI+fPhv/wUJ/Zm+Jvj7T/hrper3+ka7rLKmnR6tp1xYpeu5wiw vIu3LnhA23ceFyxAoA+3aK/Nz4PeNPEc3/BRf9ovw7rOu3b+HdE0XQJrazuLqQ2VpvsbV5XjidvL i3EszsoGSST1NfWHwZ/aN+FX7QEmvN8KNQuNasfDtybS4vxaTxWMk4JytvcSIsc2ANx8ssApVujK SAe50VzHjPxn4V+HnhfUfGvjfVINF0PSYjNdXdy2yKJMgAk9ySQqgZLEgAEkCvjbwZ/wUm/ZK8be KLDwtZ+J7nTH1eXybC81PT7mysbt84wlxKgReeMybBnA6kCgD7wor8T/APgpT+0jo7fFb4efs7Qe M9f8I6LHqTyeM5tFiuYbo2kkNvLbJbyxofPzHNISib1V9pdCVAr9Tv2ffD/hbwz8FvB+meCNU1TW 9AksI7yxvNakeXUZre+Juka4aRI33YlxtZVKgBcDFAHsVFfkh8Dv27NN8e/tvfED4f6r4g1C48J3 66ZpnhOx/s6aOOO6EYN20wEQZC0u/Ek3BXAU7cV5X+yf+3v8Lvgx4J+Iel/H3xnqeq+IJfHmuNZ2 pW61S6h0yKK1VWydwit1cSbQWUZD7QcNQB+4dFfHfxC+Nfwc+NP7JXi74meD/iDc6R4PnsZo59e0 mOYX+nNGyiTEI2TpMmR8hCttYMPlIJin/ab+Bn7O/wCz/wDC/XPHfjO71ay17RNLi0a5lt57jVtb UWkJW4NuoeXzJFZXlL4Cu4Vm3MAQD7Jor5h+BH7YPwH/AGjNW1Hw18ONblPiDSY/OutKv7WWyvYo gwUv5cqjeqsyhihbaSN2Nwz9OkhQWY4A5JNAC0V+f3iT/gpv+yP4d1K8sofEF/rdrp03kXWoaZpl 1dWELg45uAgRx6NGWB7Zr6bvv2hfgzp3wdX4/wB34qtV8Avbi6TVBvaN0Z/LCqgXzDIZPk8sJv3/ AC7dwIoA9mor899P/wCCoP7H93ZS3l74kvtKZPKaKG80u7iluY5nCLJAuwiRcnnByBkkYBI+hPjp +1L8Ev2c10yH4pa8bLUNaLCxsLaCW8vbnacEpBArsFzxubCk8A54oA+hKK+VPgR+2f8AAX9onxFf +DPAGrXMHiXTYjPNpep2ktjdiFSAXVZBtcAsMhWJGQSADmvK/g98UfhR8NY/2h/iFf8AxK1rxXpf hnxTfy63FqFvcsmgyJNIr2VkrFzJBGx2r5Q24UYGKAPv+ivz91L/AIKffsb6bqlpp7+L7i5trnyQ 9/b6ddS2Vu86LIscsyxkbwrfMFDbCCGwQRX3ppmp6drWm2msaRcx3ljfxRz288LB45YZVDo6MOGV lIII4INAF6iiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACii igAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKK ACiiigD/1f38ooooAKKKKACiiigAooooAKKKKACiiigD89f2ybrW/wDhKdDspS40gWZkiHPltceY wlPoWCbPoD71ifsh3Wtp8Qryzsi502WydrpefLBVl8pj23ZJA74Le9foN4i8LeHfFth/ZniXT4dR tgdwSZQ21vVT1U+4INReGfB/hjwdaPY+F9Mh02GQ7nES4LkcAs3ViO2Sa7FiV7PksfPSyWbxn1nn 038/Q6SiiiuM+hCvyxuvAn7Gn/BRvxb43sfEvha+0Px78PL+TRb2czJYasUt2MYm2wySxyxB1ZEa ZGK7cfKCAf1Or4c+OX7AHwU+Nfjlvinb3useA/GsibZdW8NXa2M1wwxh5wY3VnAGCy7XYYDMcDAB 8WL4Y+Jn7AX7T3wd+HvhL4oar45+HvxT1I6TJ4f1mUXNzYqXihE8fIVVRplffEkX3GVlYV6x+xx4 X0O+/bu/ax8X3dpHLqukajpVpazsgLwxXq3LThGIyu8wR5x1xzX0L8DP2Dfg78E/HH/C07jUda8e +N1i8qLWPE14L+4tgQQxtwEQIWDEbjuYAkBgGbPsXwx/Z68F/Cf4l/En4qeHbzULjVvildWd3qcV 1JE9vDJZLMsYtlSJHVT5zbt7yE4GCOcgH51fDnTbTR/2tP23NG0W3W1tZvD9jcGGJQqNNNpryu20 cbmeV2J7lie9ew/8E+tc0rSv+Cb3hjWL65SO10rTfEUly5YYiWK/vnbdnpheeexBr6w8H/s6+BvB fxl+IPxw0+5vrrW/iTDZQalbXLwvYoljEIUEEawq43Kvz75HBOcYHFfKth/wS9+BmlapeWmm+KvF 9r4F1C7F7c+D4tYaPQp5AwOyWFYxI8eAFw0hfA+/QB+fWn/8oQNT/wCwkv8A6kUVfvz8OyD8P/DB ByDpdl/6ISvnTQ/2Kfg/ov7L95+yVJcapqPgu980tNc3EX9oLJJdfbFkWWKGOMNFMFZMxEcAMGGc +m/s/fA/T/2e/h8nw70rxPrfiqzhuHmiuNduUuriFGREWCNkjjCwoEyiY4JODjAAB8W/HWWK2/4K ffs3S3DCNJNE8QxqzHALmzvAFye5JAA7kgVT/ah1Sxm/4KK/ss6LHKrXlpFrs8sYI3LHcW7LGxHX DGJ8fQ19W/tKfsl/DX9p630C48XXep6Dr3hWZ59J1nRbkWt/aPJtLBXZXUqWRG5XcpXKMpJz5V4A /wCCefwi8C/Evwr8Zp/E/inxL448MXF1ctqusakl7PqBuYBbiO7MkJJjhXcYhGUILtvZxgAA8U/4 J5aP4Rb4/ftZa+kcL+KE8f6pbSOcGaOwa9unjC91SSUPuxgMUGc7RjU/Y+t7DS/25f2rdH8CJEnh GO60WWZITiKPVZIpDcBVHyhjMbgPjHKgEcYHzd+zh+yxo3xy+Nv7S/i6Hxp4o+H/AIj0n4h65Yx6 j4Z1E2Es1nPdzO8Mw2sHTcNwxtOeSTgAfrX+z/8As8fDf9mzwQfA/wAObeYx3E73V7fXkgmvr+6k +9NczBV3NjgAKFA6Ac5APJP2+vHfwm+H/wCzL4i1P4z+HJfF/h+8ltbVdHiu5bI3120okgjaeFle NFaPzGYZwE4VjgV+b37Yd5+2Vqf7HOuD4qeE/Anw5+G9jb6WkOkQS3N1rK7bmBLSCBlZrdGT5d2M EIrDpmv2R+OXwQ8A/tD/AA31L4W/Ei2kuNH1Io++B/KuIJom3RzQvhgroemQQQSGBUkH41m/4Jjf CvxHoDeGfij8RPHfj3Tra3e30yDV9b82DSyylEntYREIxNGpIUurpjgx4AFAHzR8a/D+keM/F/8A wTy0XxHbpf2F3ZmSaGZQ8cvlWWkShXU5DKWUZB4I4Ne5/t56bYw/tI/ska9DCseoDxmLTzlADmB5 bUmMsOSuc4HQZPqa+n5v2Qvh3dXnwTv7zWdauJ/gPDJBobPNbZuY3iggxfYth5hVLdADF5XcnOa7 X4u/s9+C/jP4t+HfjPxTe6ha3vwz1ZdZ01LOSJIpbhWjYLcCSKRmjzGOEZD1+agD4n/ZGt7DUP27 /wBqrVvFscTeL7K80qCwMhzNHpDRygeVnkKyJbeZjgHYO/Od8B9H8I6J/wAFTfjra+EI4YIpvDFl PdxwACNb6ZrJ5+F4DMx3v/ts2ec19O/HL9i74f8Axn8e2PxZ03xFr/w78c2dv9kfWvC96LC6urbo I7htjb8DgMMNjCklVUBn7Pv7EHwl/Zu+IGsfEvwPqmu6jrev6f8AYL+TVr1Lz7QzTLPJcu3krIZ5 HUFzv2dcIDzQBP8At9/8mbfFj/sCyf8AoaV8+3fgTwpp/wDwSUOjW2mwLaS/DSLV3QRrhr6XT1v2 nIx9/wC0HzN3XPOa++vi98L9A+NPw08Q/CvxTcXNrpPiW1a0uZbN0S4RGIOY2kSRA3H8SMPasC5+ BvhK6/Z/H7OEl3fDw0PDieGPtAki+3fYo7UWYk8zyvK87yxkt5W3dzsxxQB+GXxkfxtrPwj/AGCv Deif2VPDewK0EPiFpjos+pQJZJZpfLD8xjAYooHUOy9M17T+134G/bK8YaH4Lvfj14k+D/gdtC16 1u9D1W2utXsr1b+IMywQzTRzYV9oZlC9UU5BUV+kHib9jj4L+M/2fdA/Zu8WW95qnhzwxbwQ6bdy TKmpW0tshjjuEmjREEoViD+72MCQUI4rybwZ/wAE7PhnovjzQfH/AMQ/G/i/4o3PhRxJo9r4p1QX 1pZOhBRljEaZZCqkDIQkAlDgYAPKf2ir6w/Zd/bp+HP7S17Mun+D/iZYT+FPE054ijuYVD2c8p6A ttiGeyQv0zz85eCbLxj4k/Yu/af/AGxpYpbfxL8Ymv5bM5Ilt/D9nIbZUVhyAsZmU44KRoc9DX64 ftGfs8eAf2n/AIZ3Hws+IzXcGmy3MF3HcWDxx3dvPbtlXieWOVASpZGyh+RmAwcEdz4P+GnhDwT8 NNK+Emk2Sy+GtJ0yPSUt7gLIJbWOLySJhgK5kXPmHHzEkkc0Afjv8DfDH7Zl1+xvoOg+EbT4N/8A CqNT8ONJM2pHVxKbWaItdS37R/uRcK28zsPlWRWxgKK8R+K3gSew/wCCdvwJ+HGu+KdJ8Z2B+Jlp ZRahol1Ld2b2lwuo/u1lljibMZdkK7QFwAOlfoJff8EvPhIbe98MeHPiD458O+A9Tna4ufCtjrWN Icucsgikidth6NvLsf72QMfRHjz9jz4O+Ofhf4E+D0UV54c8MfDrVrLWNLg0qWONvtFisqoszTxT F1kMztKeHdzuL5JyAfSGj+H9C8PW62mg6dbadAkccSpbRJEojhG2NMIB8qDhR0A6V+dP7aPwwvfH nxu+FHiD4PfEjRfCXxt8MR302h6TrWJIdStJkbziI9kpUqscgDeWcjOCrIrD9La+X/2j/wBkv4Z/ tMx6HfeK7rUtA8ReGJHk0vW9EuRaajal8FlWQq4KkqDgrkHlSpJJAPiv4NfFvx5pv7ZnhzwF+1t8 JdF0T4seItGuIdF8V6HMXjurO1SaVo5I/NlADLHINxIcEKDGFKldP/glTo3hBPDXxn120ihbxLce O9Ttr2TA88WcaxvbIe4j3vMV7Ft3XHH0v8Ev2Jvh78HviC3xe1fxN4j+Ivjr7MbOHWPFGoG/ntYH 3B0txtTYGDEHcWIBIUqGYH82P2KP2RNC+N/hr4pePIPHXiz4f68vjrXNIuZ/DWpmxW909EtpkhuE KOG2vNIVIx9453YGADzPxRcah4b+BH7eGlfC7Fv4Pt/Fmmw2gtGKxR/aNQ8rU0iCfL5fl7IyBx5Z I+6BX0Ja+Df2ytV/Y5t/CEifBax+EF34Wj/0mZtYTydPktg4u3kwY1uFz5pkwcTfNya/UD4Z/s1f B74U/B2X4FeGtDSbwnewzw38V2RLLqBul2TyXUgCmR5F4JwMABVCqqgfIk3/AAS4+Ekll/wiEfxE 8dxfD03BuP8AhExredIBL+Z5YjMRbZn1Jkzzv3c0AfNGreJvDnw7/Zy/Zd+G2teG9L+PXxPnvrlP B72OrXCaIkljd7Ibhpm8kSrDG0EQjljCArINwVTu4j9sO9/aqvfHn7P+sftJweDNGU+NtP8A7K0/ w+11LqMeJoTO8805ZDGP3YPltgttJ6V+pPxq/Yq+DPxn8F+DfBzpe+ED8Oyp8OX2gzi0u9MChBth dlkGD5UZJI3blDBg3NeNaj/wTL+EfiZrLWvHvjzxv4q8Xabd2t3a+INS1hLrULUWhLpBCJoJIFhL kOymNm3AYcDIIB+a/wC1f8O/j/8AE39sH9qHw/8AA+7EVrb6Fod5rtojlLnUbG30yyYWcOxS7GQ5 YoCocLsJO4K37MfsT/EH4SfEf9m7wjrHwY0uDQNCs7cWc2lQHJ0+9hA+0QSE/M77zv8AMf5pVYSH l67fwn+z14L8HfHfxx+0Lpl7qEviPx/a2Npf280kTWUcdhDHDGYEWJZFYrEpbfI4JzgAYAwPg7+y v8PvgT8R/G/xC+HWoapZQePZvtN9obTQNo8Nzu3efbQiBZYnyXGPNK4cjbhUCAHyN/wVidH+EHw2 03XJfJ8I6h470mDXG3FF+xmKdiHYEYTALE9mCnOcV6X/AMFIPDfw7H7EHjS21iztLey0W1s20dVR EW3uknijtltgMbcg7MJ/yzLD7ua+wvip8LPAvxp8Cap8NviRpi6toGsIqTwszIwKMHR0dCGR0YBl YHII9MivivQf+Canwktb3RIfHPjfxn8QPDXhiaObS/D3iDVxdaRbGIYRTbrEgZVHAXhdvysGUkUA fOPxCv8AXdU8ff8ABO7U/FDSPrF3Zyy3jSkmRrh9O0tpC5bneWJLZ5zmv2krwb4lfs7+CPil8Rvh p8Tddur+01L4V3N3daVDZyQx20rXiwq63CPE7MqiFdojePHOSeMe80AfmH+zuQP+Ckv7UKnqbDw0 cf8AbjDXN/8ABKrwpoCeEvjR4w+xRHVtR8f6vp005RTI1raxwSxxFsZ2B55Dt6ZNfUPiP9jH4fa3 +0fbftPaT4j8Q+G/FBezbULbTL1IbDVBYhEjS7iaJ2ZGSNEkQOFYKCAGyx9I+AP7PXgv9nLQPEXh zwReahe23ibXbzxBctqMkUrpdXqRJIkZhihAiAiXaGDMCTljxgA/HLwRZWuj/sh/txeH9LiW207T fF+uRW0EYCxxIkiIqqo4ACooAHYCvV/EHwwvfHngf9kTxB8HviRovhL42+GPBGmTaHpOtYkh1K0m 0uLziI9kpUqscgDeWcjOCrIrD7wsf2LPhZYeAvi18O4dU1ltN+Mmp3eq6vI09uZ4J71t8i2jC2Co gP3RIsh9SazPib+wt8Hvif8AD34feB76/wBZ0e/+F9ha6doOv6bdJbavBDaQxwrvmWLy2LCJWbEa 4bJTZk0AfLfwa+LfjzTf2zPDngL9rb4S6LonxY8RaNcQ6L4r0OYvHdWdqk0rRyR+bKAGWOQbiQ4I UGMKVK/pn8WvEPhXwl8LfF/ifxykknh3StIvrnUUhZlle0igdpkjKsjB2QELhlOSMEHmvnb4JfsT fD34PfEFvi9q/ibxH8RfHX2Y2cOseKNQN/PawPuDpbjamwMGIO4sQCQpUMwP1d4m8N6J4y8N6r4R 8S2i3+ka3az2V5bvnbNb3CGOVDjBwysRwc0AfjB8MfE37Tnir9mO8PwG+GXgX4T/AANudN1SeH/h IL691K7fTn803Mp2MSzP8/M64xgZ27TXyN4Hlsr39lL9kPQ/GoR/AN38SrxdZE5xbcX37pJs/L5b RvOWz/DuPrX6oeHv+CZHwq0SyXwhd/ELx1qvw9jnM6+EZ9bKaK25zIY5IoY42aPed2AytnksTkng fj58FPhT+yX+yOvwvk8Daz8V/hfda/5+qrcXqDUNBt7oFje2r29qpKwSLlQ2DmQh5NjEAAp/8Fgd L8Ef8M8eFr7VIbePXbTxJZRaS2FEwR45PtEaY58vYoLAfLlUzztrb+PfxJmP7auneEv2efhXYeNv jfonh0yXOua1qM1vY6TpUrZ8tYBIEZj5wLOoVwJdo3bmx+bXjv4c/s2fHjU/A/wv/ZL1zxl8WPFt 7qloJdQ1+e8ks/DmjRZa4jXz4baNFPynowwmFbcVDftZ8c/2JvAXxo+JNh8ZNO8UeIvh945srYWT ar4avhZTXFupOElyj5wCVypXK4DbgFAAPz/8KN8bE/4KofDOX4/T+Gf+EuuvC1+zweFluBbQWv2e +8mOdrnLvNlWbJJ+Urg4xXH2H/JC/wDgoP8A9jlrP/pZLX6IfD7/AIJ8fBr4b/FTwx8bdH1/xPfe N/Dz3clxqepamt9Pq7XcJt2/tBpoW3bImKp5PlYBydxAI66L9iv4WQ+E/jF4OXVNZNl8btTutV1p zPb+bbz3cjSutmfs+1EDMdokWU46k0AfPl34E8Kaf/wSUOjW2mwLaS/DSLV3QRrhr6XT1v2nIx9/ 7QfM3dc85r6c/Yilkm/ZE+ETysWI8N6euSc8LEFA/AAAV39z8DfCV1+z+P2cJLu+HhoeHE8MfaBJ F9u+xR2osxJ5nleV53ljJbytu7nZjiun+Ffw40P4Q/Djw58MPDU9xc6V4YsorG2lu2R7h4oRtUyN GkaFj3Koo9qAO/ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiii gAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKA CiiigAooooA//9b9/KKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigCvbWlrZo0dpCkCsxYhFCgsepIHc9zViiigAooooAK KKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoo ooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiii gD//1/38ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigD/9D9/KKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo A//R/fyiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACop/O8mT7NtEu07N+du7HGcc4z1xUtFAH5gaPdftL6Hp37VWkW/iqb xn8RtJsNMn0lrWAwW9tc3WltN5OnWbPKEEecRglmldQz7mY0v7MPxI09P2hNL+Hfw313xd4h8Ia1 4NuNS1JvFf8AaUkkWtWF3bRyPC+pjzFcrclbmOE+SHZNvIIr7dl+CPg641X4j6rdTXkrfFC3trbV I/OCLHHa2hs0+zNGqyRsYzksXYh+VK9Ky/hl8BtI+HXiS58aah4l1rxn4imsI9Jh1DXJoJZrXTop DILaEW0FugVn2tI7K0kjKpdzgYAPdaKKKAP/0v38ooooAKKKKACiiigAooooAKKKKACiiigAoooo AKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigA ooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACi iigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKK KACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigD/9k= --000000000000fe341805b5a81d18-- From nobody Fri Dec 4 13:38:32 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4EA813A0E11 for ; Fri, 4 Dec 2020 13:38:30 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.098 X-Spam-Level: X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=pingidentity.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rXMfcDR4b3GU for ; Fri, 4 Dec 2020 13:38:29 -0800 (PST) Received: from mail-lf1-x134.google.com (mail-lf1-x134.google.com [IPv6:2a00:1450:4864:20::134]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D38423A0DDC for ; Fri, 4 Dec 2020 13:38:28 -0800 (PST) Received: by mail-lf1-x134.google.com with SMTP id r24so9640770lfm.8 for ; Fri, 04 Dec 2020 13:38:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=BOmSSUSa8qtxdm7FXvJmI1ZnxSB07b/KkigBB+1jqKw=; b=Mhff1Sy7Mp6KQyKKHnktQvAdL+MUL0x4i2eaL7DabAe4oGC74a0F/jH0A1/4RHfbIM cOjSvJmd8/jnzEly67k2OXxomKlSXqogP6fdHFZRO6GSIqVjaVwJDW1wYYWyiL0Ll4U4 hupssS8xOoKMFprEMQZaQmOyfPacEtYeJgROn5YRUW2Lpcj9/yQwtzRfxrVwY9cSwFR2 qnmfQfxBC1yXH592SBLmN34KuY3Salhs635vgz2te17i0pxB16OJifF+Q/XvrAi0K6sV jYKPfS669hQv91sLSdKktYBu1OYfJZ2kB9wc8u3DC++WSDKjrssbR1DrcCOUg0f1Qf1l bDjA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=BOmSSUSa8qtxdm7FXvJmI1ZnxSB07b/KkigBB+1jqKw=; b=e/D10r3FNbv8lDK8DiceCJ7P+1pDoEHctnYKSfNGv6DScFJR7Be3+pQT2wMAxNI6kh lvwv/t/2WaD5WhtQL/mMp+O7BapqtIjc+UQtJPw37fvRDQmMwQj4dmqPrH6vNF2EW2aZ 3hwjrB7uNDWUCBoV/fhBnA3rMXnsKgnPs5gDgTk2JGj5wkaHZfRwyV0RnLaU6LVmhM2y izUxaiCyGz3Y8Zg9pyMR3GEUycGIH45L/ecV+5a7uJXS63b9+jlgmQqS6qZ/RmbpEC7J YSADakwG+8ihGYxZg1fakoKE5RkSJNumrszzRd+LwM5wlEpB3j64fFHUUXDbMEhPyNdI XLJQ== X-Gm-Message-State: AOAM5325C0fJ9EK1U9t/J5ynmY364FJx/R1ug9WaTJrWXvAK0qEAdvFO CEpcdppS7FComVM7zdwcgDNHHeudafaJbsNuDq1vlRAT4ipPMEEQWpxYDSbNaV6aBu+EgUXX/vL K8oag05z2oEw1EA== X-Google-Smtp-Source: ABdhPJwDgsJ/fyXHoeUZ2Ijq8GNFq5l3Xmomn4pW+kVzVZ4BRRuPKPh8Wg2GngF6jwdEwFGwY84U0KqhEAoaKhs4iK8= X-Received: by 2002:a19:5215:: with SMTP id m21mr4102187lfb.407.1607117905759; Fri, 04 Dec 2020 13:38:25 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: From: Brian Campbell Date: Fri, 4 Dec 2020 14:37:59 -0700 Message-ID: To: toshio9.ito@toshiba.co.jp Cc: oauth Content-Type: multipart/alternative; boundary="000000000000e2abbf05b5aa4b45" Archived-At: Subject: Re: [OAUTH-WG] DPoP followup II: confirmation style X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Dec 2020 21:38:30 -0000 --000000000000e2abbf05b5aa4b45 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Thu, Dec 3, 2020 at 5:55 PM wrote: > I think this topic is related to the question of "followup I: freshness a= nd > > coverage of signature". The option 2 for the followup I will also break > AS/RS > > symmetry. If we choose the option 2 for followup I, I think we might as > well > > choose the option 2 for followup II, too. > I've had similar thoughts, for whatever it's worth. --=20 _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged= =20 material for the sole use of the intended recipient(s). Any review, use,=20 distribution or disclosure by others is strictly prohibited.=C2=A0 If you h= ave=20 received this communication in error, please notify the sender immediately= =20 by e-mail and delete the message and any file attachments from your=20 computer. Thank you._ --000000000000e2abbf05b5aa4b45 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable


    =
    On Thu, Dec 3, 2020 at 5:55 PM <toshio9.ito@toshiba.co.jp>= ; wrote:

    I think this topic is related to the question of "followup = I: freshness and

    coverage of signature". The option 2 for the followup I wil= l also break AS/RS

    symmetry. If we choose the option 2 for followup I, I think we m= ight as well

    choose the option 2 for followup II, too.


    =C2=A0I've had similar tho= ughts, for whatever it's worth.

    <= span style=3D"margin:0px;padding:0px;border:0px;outline:0px;vertical-align:= baseline;background:transparent;font-family:proxima-nova-zendesk,system-ui,= -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ub= untu,Cantarell,"Helvetica Neue",Arial,sans-serif;font-weight:600"= >CONFIDENTIALITY NOTICE: This email may contain confidenti= al and privileged material for the sole use of the intended recipient(s). A= ny review, use, distribution or disclosure by others is strictly prohibited= .=C2=A0 If you have received this communication in error, please notify the= sender immediately by e-mail and delete the message and any file attachmen= ts from your computer. Thank you. --000000000000e2abbf05b5aa4b45-- From nobody Mon Dec 7 00:32:07 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 278633A1176 for ; Mon, 7 Dec 2020 00:32:05 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.48 X-Spam-Level: X-Spam-Status: No, score=-1.48 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, KHOP_HELO_FCRDNS=0.399, NICE_REPLY_A=-0.001, T_SPF_HELO_TEMPERROR=0.01, T_SPF_TEMPERROR=0.01] autolearn=no autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HrVD_vbnPekX for ; Mon, 7 Dec 2020 00:31:49 -0800 (PST) Received: from smtp.smtpout.orange.fr (smtp11.smtpout.orange.fr [80.12.242.133]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B15F23A0E3D for ; Mon, 7 Dec 2020 00:31:39 -0800 (PST) Received: from [192.168.1.11] ([90.91.135.71]) by mwinf5d34 with ME id 1LXQ2400V1Ybo4i03LXQNy; Mon, 07 Dec 2020 09:31:25 +0100 X-ME-Helo: [192.168.1.11] X-ME-Auth: ZGVuaXMucGlua2FzQG9yYW5nZS5mcg== X-ME-Date: Mon, 07 Dec 2020 09:31:25 +0100 X-ME-IP: 90.91.135.71 To: Brian Campbell , Neil Madden Cc: oauth References: <1b584adf-14f9-ba2e-657d-f22b57d87675@free.fr> <4cb35c85-e13a-aabe-1e74-d6eb244189cf@free.fr> <49cbbea5-df0e-f864-cf8b-ec9c3768bc18@danielfett.de> <699AB5C1-D9DE-4BCE-9D51-C10C7B88CD75@forgerock.com> From: Denis Message-ID: <18c2602c-168b-f6ba-e74e-57b577e5b441@free.fr> Date: Mon, 7 Dec 2020 09:31:24 +0100 User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.5.0 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/alternative; boundary="------------975D29CC63441C9E35B368B9" Content-Language: en-GB Archived-At: Subject: Re: [OAUTH-WG] Reminder - Interim Meeting to discuss DPoP X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Dec 2020 08:32:05 -0000 This is a multi-part message in MIME format. --------------975D29CC63441C9E35B368B9 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Hi Brian, > The client is not necessarily identified in requests to the RS (it > could be via the access token but that's an implementation detail that > can't be counted on in spec) so maintaining a per client list isn't > viable. > > That as well as some other considerations/approaches were talked about > in https://github.com/danielfett/draft-dpop/issues/47 > with what's in > the spec now maybe not being perfect but good enough. The message sent by b---c on September 23, 2019 states: I think there are a number of options. The ones that come to mind are: 1. servers track only the jti value and require that jti be globally unique (a UUID or >= ~128 bit random) 2. servers track the public key (or hash of it) + a jti that is incrementing or otherwise unique within that instance of the client (like random >= ~32 bits but I'm not sure and it really depends on how many requests are being made in the allowed timeframe) 3. servers track the whole dpop jwt (or probably a hash of it) and jti is not required at all (or could be very very small). I think the iat and jwk and signature in the dpop jwt would provide more than sufficient entropy for this to work. Although I guess multiple requests to the same URI & same method during the same second (iat) when using a deterministic signature scheme would need to be differentiated somehow. I think 1 is the most straightforward to describe in a document. I'm drawn to 3 because it would allow for smaller dpops and move some of the complexity burden from the client to the server. 2 kinda does also but feels to me like not a great compromise that's maybe harder for both parties to implement. Thoughts? Preferences? Alternatives? Method 1 is not "good enough" as you write: it is over-engineering. A method for flushing the cache of "whatever data is being stored" has not be considered in the discussion. There are alternatives methods that have not been proposed, nor discussed. In an earlier email, I proposed a pseudo random number with 2 ^ 32 values associated with the"iat" time. For more details, see item 9 (Section 4.2. DPoP Proof JWT Syntax) from: https://mailarchive.ietf.org/arch/browse/oauth/?q=Proposed%20changes%20to%20draft-ietf-oauth-dpop-02 The text is as follows:            *"jti": JWT identifier that complements the "iat" claim to handle replay protection for a given server (REQUIRED).       The value MUST be assigned such that there is a negligible probability that the same value will be assigned to any other DPoP proof received by the server within the same second during a short time window of validity (i.e. a few minutes only). This MUST be accomplished by encoding 32 bits of pseudorandom data. I would add the following sentence: In case of a replay detection, an "replay_dpop_proof" error code MUST be returned This will allow both to recover from an error by sending a new DPoP proof and to test that replay detection is indeed working. Note that 64 bits of pseudorandom data would also make it, but 96 bits (or more) is oversized. The following guidance in section 8.1 will then become unnecessary: In order to guard against memory exhaustion attacks a server SHOULD reject DPoP proof JWTs with unnecessarily large "jti" values or store only a hash thereof. Denis > > On Thu, Dec 3, 2020 at 5:09 AM Neil Madden > wrote: > > I think perhaps an assumption in the DPoP draft (and in the > description of “jti” in RFC 7519) is that the server will maintain > a single global list of recently used jti values to prevent > replay, rather than maintaining a separate list per client. That > could perhaps be spelled out more clearly in the draft, as I think > the entropy discussions only really make sense in that context. If > the RS instead maintains a separate list per client then a simple > counter is sufficient. > > — Neil > >> On 2 Dec 2020, at 15:17, Brian Campbell >> > > wrote: >> >> The conversation at >> https://github.com/danielfett/draft-dpop/pull/51#discussion_r332377311 >> >> has a bit more of the rational behind the choice of 96 bit minimum. >> >> On Wed, Dec 2, 2020 at 7:07 AM Denis > > wrote: >> >> Hi Daniel, >> >> All your arguments make sense. I agree. >> >> A minor point however. The size of the jti" is currently >> mandated to 96 bits minimum. This is unnecessarily long for a >> time window of a few minutes. >> The jti" does not need to be a unique identifier valid for >> ever. It can simply be an identifier used during the time >> window which complements the "iat" claim. >> >> Using both the "iat" claim and a 32 bits pseudo-random number >> will be quite sufficient.  It is also has the advantage of >> using less memory and >> it is easier to flush the entries looking at the 32 first >> bits only. >> >> Denis >> >>> So what you are proposing is that the time window in which >>> an RS accepts the DPoP proof is defined by the expiration >>> time of the access token? >>> >>> DPoP proofs are intended to be generally be short-lived and >>> fresh for each request in order to provide some level of >>> replay protection. There is no point in making the time >>> window as long as the (typically longer) time window in >>> which an AT would be accepted. A DPoP proof that is valid >>> for 12 hours would not provide much replay protection. >>> >>> The time window is left unspecified because it is only meant >>> to account for clock differences and network latency. Its >>> precise value can depend on deployment considerations. It is >>> not intended to give the client an option to re-use proofs, >>> which is prevented together with the jti. >>> >>> Also this would introduce new, unwanted and potentially >>> surprising dependencies between token lifetimes and the DPoP >>> usage. >>> >>> And finally, as discussed before, not all access tokens are >>> JWTs and we are not going to mandate JWT access tokens in >>> this spec. >>> >>> -Daniel >>> >>> >>> Am 01.12.20 um 09:54 schrieb Denis: >>>> Hi  Brian, >>>> >>>>> Hi Denis, >>>>> >>>>> The choice to use "iat" vs. "exp" was made in the summer >>>>> of last year. You can see some of the discussion from then >>>>> in https://github.com/danielfett/draft-dpop/issues/38 >>>>> . >>>>> I believe it pretty well has consensus at this point and >>>>> thus unlikely to be changed. >>>> >>>> I fear that you misread my email or read it too fast. My >>>> point had nothing to do whether using *either *of "iat" >>>> *o**r* "exp" in the DPoP proof JWT sent by the client. >>>> >>>> The first sentence of my email was: "One comment on slide 5 >>>> about the /time window/". So the topic was all about how >>>> the RS SHALL handle the "jti" claim included >>>> in the DPoP proof JWT when using a time window. >>>> >>>> >>>>> While I do believe there are reasonable arguments that can >>>>> be made on both sides of using either of "iat" or "exp", >>>>> it's difficult (and honestly time consuming and very >>>>> frustrating) to try and have such discussions or even >>>>> respond in a coherent way when fundamental aspects of the >>>>> draft are misrepresented or misunderstood. For example, >>>>> the DPoP proof JWT is created by the client not the AS so >>>>> the advantages you put forward are nonsensical in the >>>>> context of the actual workings of the draft. >>>> >>>> Section 8.1 addresses the topic of the /time window/, but >>>> this topic should not /only /be addressed in the "Security >>>> Considerations" section >>>> but in the main body of the document, since some checks >>>> MUST be done by the RS. "Security Considerations"are >>>> intended to provide >>>> explanations but are not intended to be normative. >>>> >>>> Section 8.1 states: >>>> >>>> " If an adversary is able to get hold of a DPoP proof JWT, >>>> the adversary could replay that token at the same endpoint >>>> (the HTTP >>>>    endpoint and method are enforced via the respective >>>> claims in the JWTs).  To prevent this, servers MUST only >>>> accept DPoP proofs >>>>    for a limited time window after their "iat" time, >>>> preferably only for a relatively brief period. >>>> >>>> Servers SHOULD store, in the context of the request URI, >>>> the "jti" value of each DPoP proof for the time window in >>>> which the respective >>>>    DPoP proof JWT would be accepted and decline HTTP >>>> requests to the same URI for which the "jti" value has been >>>> seen before.  In order >>>>    to guard against memory exhaustion attacks a server >>>> SHOULD reject DPoP proof JWTs with unnecessarily large >>>> "jti" values or store only >>>>    a hash thereof. >>>> >>>> (...) ". >>>> >>>> The previous text makes the assumption that RSs MUST only >>>> accept DPoP proofs for a relatively brief period after >>>> their "iat" time included >>>> in the DPoP proof JWT. This assumption is rather >>>> restrictive. A client might get an access token and >>>> associate it with DPoP proof JWT that >>>> could be used during, e.g., 12 hours. A DPoP proof JWT/ >>>> access token JWT pair could thus be used by a client >>>> during, e.g., one day for >>>> several sessions with a RS. >>>> >>>> The /time window/ is currently left at the discretion of >>>> each RS and is supposed to be short (without stating >>>> explicitly what "short" may mean).. >>>> >>>> It would be possible to mandate in the JWT the inclusion of >>>> the exp (Expiration Time) Claim. (I am _not_ advocating the >>>> inclusion of the "exp" >>>> claim in the DPoP proof JWT). >>>> >>>> In this way, for a RS, the /time window /would be defined >>>> using the "iat" claim defined in the DPoP proof JWT and the >>>> "exp" claim defined in >>>> the JWT. >>>> >>>> Such a description should not be done in section 8, but in >>>> a section earlier in the main body of the document. >>>> >>>> This would have the following advantages: >>>> >>>> * The RS would be able to better manage the "jti" claim >>>> values, because it would be able to discard "jti" claim >>>> values as soon as they are >>>> outside the time window as defined above. >>>> >>>> * The client would know whether a DPoP proof JWT/ access >>>> token JWT pair is still usable, in particular using the >>>> "expires_in" status code >>>> returned in case of a successful response from the AS >>>> and is thus unlikely to get a rejection of both of them >>>> because of an unknown time >>>> window used by a RS. >>>> >>>> Denis >>>> >>>> >>>>> >>>>> On Mon, Nov 30, 2020 at 8:45 AM Denis >>>> > wrote: >>>>> >>>>> One comment on slide 5 about the /time window/. >>>>> >>>>> At the bottom, on the left, it is written: "Only valid >>>>> for a limited /time window/ relative to creation time". >>>>> >>>>> While the creation time is defined by "iat", the /time >>>>> window/ is currently left at the discretion of each RS. >>>>> >>>>> It would be preferable to mandate the inclusion in the >>>>> JWT of the exp (Expiration Time) Claim. >>>>> In this way, the /time window /would be defined by the >>>>> AS using both the "iat" and the "exp" claims. >>>>> >>>>> This would have the following advantages: >>>>> >>>>> * The client will know whether a token is still >>>>> usable and is unlikely to get a rejection of the >>>>> token >>>>> because of an unknown time window defined by a RS. >>>>> >>>>> * The RS is able to manage better the "jti" claim >>>>> values, because it will be able to discard "jti" >>>>> claim values >>>>> as soon as they are outside the time window >>>>> defined by the AS in a JWT. >>>>> >>>>> Denis >>>>> >>>>> >>>>>> All, >>>>>> >>>>>> This is a reminder that we have an Interim >>>>>> meeting this Monday, Nov 30th @ 12:00pm ET, to >>>>>> discuss the latest with the *DPoP *document: >>>>>> https://datatracker.ietf.org/doc/draft-ietf-oauth-dpop/ >>>>>> >>>>>> >>>>>> You can find the details of the meeting and the >>>>>> slides here: >>>>>> https://datatracker.ietf.org/meeting/interim-2020-oauth-16/session/oauth >>>>>> >>>>>> >>>>>> Regards, >>>>>>  Rifaat & Hannes >>>>>> >>>>>> >>>>>> _______________________________________________ >>>>>> OAuth mailing list >>>>>> OAuth@ietf.org >>>>>> https://www.ietf.org/mailman/listinfo/oauth >>>>> >>>>> >>>>> _______________________________________________ >>>>> OAuth mailing list >>>>> OAuth@ietf.org >>>>> https://www.ietf.org/mailman/listinfo/oauth >>>>> >>>>> >>>>> >>>>> /CONFIDENTIALITY NOTICE: This email may contain >>>>> confidential and privileged material for the sole use of >>>>> the intended recipient(s). Any review, use, distribution >>>>> or disclosure by others is strictly prohibited.  If you >>>>> have received this communication in error, please notify >>>>> the sender immediately by e-mail and delete the message >>>>> and any file attachments from your computer. Thank you./ >>>> >>>> >>>> >>>> _______________________________________________ >>>> OAuth mailing list >>>> OAuth@ietf.org >>>> https://www.ietf.org/mailman/listinfo/oauth >>> >>> >>> -- >>> https://danielfett.de >>> >>> _______________________________________________ >>> OAuth mailing list >>> OAuth@ietf.org >>> https://www.ietf.org/mailman/listinfo/oauth >> >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth >> >> >> >> /CONFIDENTIALITY NOTICE: This email may contain confidential and >> privileged material for the sole use of the intended >> recipient(s). Any review, use, distribution or disclosure by >> others is strictly prohibited. If you have received this >> communication in error, please notify the sender immediately by >> e-mail and delete the message and any file attachments from your >> computer. Thank you./_______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth >> > > > ForgeRock values your Privacy > > > /CONFIDENTIALITY NOTICE: This email may contain confidential and > privileged material for the sole use of the intended recipient(s). Any > review, use, distribution or disclosure by others is strictly > prohibited.  If you have received this communication in error, please > notify the sender immediately by e-mail and delete the message and any > file attachments from your computer. Thank you./ --------------975D29CC63441C9E35B368B9 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 8bit
    Hi Brian,

    The client is not necessarily identified in requests to the RS (it could be via the access token but that's an implementation detail that can't be counted on in spec) so maintaining a per client list isn't viable. 

    That as well as some other considerations/approaches were talked about in https://github.com/danielfett/draft-dpop/issues/47 with what's in the spec now maybe not being perfect but good enough.

    The message sent by b---c on September 23, 2019 states:

    I think there are a number of options. The ones that come to mind are:

    1. servers track only the jti value and require that jti be globally unique (a UUID or >= ~128 bit random)
    2. servers track the public key (or hash of it) + a jti that is incrementing or otherwise unique within that instance of the client (like random >= ~32 bits but I'm not sure and it really depends on how many requests are being made in the allowed timeframe)
    3. servers track the whole dpop jwt (or probably a hash of it) and jti is not required at all (or could be very very small). I think the iat and jwk and signature in the dpop jwt would provide more than sufficient entropy for this to work. Although I guess multiple requests to the same URI & same method during the same second (iat) when using a deterministic signature scheme would need to be differentiated somehow.

    I think 1 is the most straightforward to describe in a document. I'm drawn to 3 because it would allow for smaller dpops and move some of the complexity burden from the client to the server. 2 kinda does also but feels to me like not a great compromise that's maybe harder for both parties to implement.

    Thoughts? Preferences? Alternatives?

    Method 1 is not "good enough" as you write: it is over-engineering. A method for flushing the cache of "whatever data is being stored" has not be considered in the discussion.
    There are alternatives methods that have not been proposed, nor discussed.

    In an earlier email, I proposed a pseudo random number with 2 ^ 32 values associated with the"iat" time. For more details, see item 9 (Section 4.2. DPoP Proof JWT Syntax)
    from: https://mailarchive.ietf.org/arch/browse/oauth/?q=Proposed%20changes%20to%20draft-ietf-oauth-dpop-02

    The text is as follows:

               *"jti": JWT identifier that complements the "iat" claim to handle replay protection for a given server (REQUIRED). 
                 The value MUST be assigned such that there is a negligible probability that the same value will be assigned 
             to any other DPoP proof received by the server within the same second during a short time window of validity
             (i.e. a few minutes only). This MUST be accomplished by encoding 32 bits of pseudorandom data.

I would add the following sentence:

      In case of a replay detection, an "replay_dpop_proof" error code MUST be returned

    This will allow both to recover from an error by sending a new DPoP proof and to test that replay detection is indeed working.
    Note that 64 bits of pseudorandom data would also make it, but 96 bits (or more) is oversized.

    The following guidance in section 8.1 will then become unnecessary:

    In order to guard against memory exhaustion attacks a server SHOULD reject DPoP proof JWTs with unnecessarily large "jti" values or store only a hash thereof.

    Denis



    On Thu, Dec 3, 2020 at 5:09 AM Neil Madden <neil.madden@forgerock.com> wrote:
    I think perhaps an assumption in the DPoP draft (and in the description of “jti” in RFC 7519) is that the server will maintain a single global list of recently used jti values to prevent replay, rather than maintaining a separate list per client. That could perhaps be spelled out more clearly in the draft, as I think the entropy discussions only really make sense in that context. If the RS instead maintains a separate list per client then a simple counter is sufficient.

    — Neil

    On 2 Dec 2020, at 15:17, Brian Campbell <bcampbell=40pingidentity.com@dmarc.ietf.org> wrote:

    The conversation at https://github.com/danielfett/draft-dpop/pull/51#discussion_r332377311 has a bit more of the rational behind the choice of 96 bit minimum.

    On Wed, Dec 2, 2020 at 7:07 AM Denis <denis.ietf@free.fr> wrote:
    Hi Daniel,

    All your arguments make sense. I agree.

    A minor point however. The size of the jti" is currently mandated to 96 bits minimum. This is unnecessarily long for a time window of a few minutes.
    The jti" does not need to be a unique identifier valid for ever. It can simply be an identifier used during the time window which complements the "iat" claim.

    Using both the "iat" claim and a 32 bits pseudo-random number will be quite sufficient.  It is also has the advantage of using less memory and
    it is easier to flush the entries looking at the 32 first bits only.

    Denis

    So what you are proposing is that the time window in which an RS accepts the DPoP proof is defined by the expiration time of the access token?

    DPoP proofs are intended to be generally be short-lived and fresh for each request in order to provide some level of replay protection. There is no point in making the time window as long as the (typically longer) time window in which an AT would be accepted. A DPoP proof that is valid for 12 hours would not provide much replay protection.

    The time window is left unspecified because it is only meant to account for clock differences and network latency. Its precise value can depend on deployment considerations. It is not intended to give the client an option to re-use proofs, which is prevented together with the jti.

    Also this would introduce new, unwanted and potentially surprising dependencies between token lifetimes and the DPoP usage.

    And finally, as discussed before, not all access tokens are JWTs and we are not going to mandate JWT access tokens in this spec.

    -Daniel


    Am 01.12.20 um 09:54 schrieb Denis:
    Hi  Brian,

    Hi Denis,

    The choice to use "iat" vs. "exp" was made in the summer of last year. You can see some of the discussion from then in https://github.com/danielfett/draft-dpop/issues/38.
    I believe it pretty well has consensus at this point and thus unlikely to be changed.

    I fear that you misread my email or read it too fast. My point had nothing to do whether using either of "iat" or "exp" in the DPoP proof JWT sent by the client.

    The first sentence of my email was: "One comment on slide 5 about the time window". So the topic was all about how the RS SHALL handle the "jti" claim included
    in the     DPoP proof JWT when using a time window.


    While I do believe there are reasonable arguments that can be made on both sides of using either of "iat" or "exp", it's difficult (and honestly time consuming and very frustrating) to try and have such discussions or even respond in a coherent way when fundamental aspects of the draft are misrepresented or misunderstood. For example, the DPoP proof JWT is created by the client not the AS so the advantages you put forward are nonsensical in the context of the actual workings of the draft.

    Section 8.1 addresses the topic of the time window, but this topic should not only be addressed in the "Security Considerations" section
    but in the main body of the document, since some checks MUST be done by the RS.     "Security Considerations"are intended to provide
    explanations but are not intended to be normative.

    Section 8.1 states:

       " If an adversary is able to get hold of a DPoP proof JWT, the adversary could replay that token at the same endpoint (the HTTP
       endpoint and method are enforced via the respective claims in the JWTs).  To prevent this, servers MUST only accept DPoP proofs
       for a limited time window after their "iat" time, preferably only for a relatively brief period. 

       Servers SHOULD store, in the context of the request URI, the "jti" value of each DPoP proof for the time window in which the respective
       DPoP proof JWT would be accepted and decline HTTP requests to the same URI for which the "jti" value has been seen before.  In order
       to guard against memory exhaustion attacks a server SHOULD reject DPoP proof JWTs with unnecessarily large "jti" values or store only
       a hash thereof.

       (...) ".

    The previous text makes the assumption that RSs MUST only accept DPoP proofs for a relatively brief period after their "iat" time included
    in the     DPoP proof JWT. This assumption is rather restrictive. A client might get an access token and associate it with DPoP proof JWT that
    could be used during, e.g., 12 hours. A     DPoP proof JWT/ access token JWT pair could thus be used by a client during, e.g., one day for
    several sessions with a RS.

    The time window is currently left at the discretion of each RS and is supposed to be short (without stating explicitly what "short" may mean)..
    It would be possible to mandate     in the JWT the inclusion of the exp (Expiration Time) Claim. (I am not advocating the inclusion of the "exp"
    claim in the DPoP proof JWT).

    In this way, for a RS, the time window would be defined using the "iat" claim defined in the DPoP proof JWT and the "exp" claim defined in
    the JWT.

    Such a description should not be done in section 8, but in a section earlier in the main body of the document.

    This would have the following advantages:

    • The RS would be able to better manage the "jti" claim values, because it would be able to discard "jti" claim values as soon as they are
      outside the time window as defined above.
    • The client would know whether a DPoP proof JWT/ access token JWT pair is still usable, in particular using the "expires_in" status code
      returned in case of a       successful response from the AS and is thus unlikely to get a rejection of both of them because of an unknown time
      window used by a RS.

    Denis



    On Mon, Nov 30, 2020 at 8:45 AM Denis <denis.ietf@free.fr> wrote:

    One comment on slide 5 about the time window.

    At the bottom, on the left, it is written: "Only valid for a limited time window relative to creation time".

    While the creation time is defined by "iat", the time window is currently left at the discretion of each RS.

    It would be preferable to mandate the inclusion in the JWT of the exp (Expiration Time) Claim.
    In this way, the time window would be defined by the AS using both the "iat" and the "exp" claims.

    This would have the following advantages:

    • The client will know whether a token is still usable and is unlikely to get a rejection of the token
      because of an unknown time window defined by a RS.
    • The RS is able to manage better the "jti" claim values, because it will be able to discard "jti" claim values
      as soon as they are outside the time window defined by the AS in a JWT.

    Denis


    All,

    This is a reminder that we have an Interim meeting this Monday, Nov 30th @ 12:00pm ET, to discuss the latest with the DPoP document:

    You can find the details of the meeting and the slides here:

    Regards,
     Rifaat & Hannes


    _______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth


    _______________________________________________
    OAuth mailing list
    OAuth@ietf.org
    https://www.ietf.org/mailman/listinfo/oauth

    CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you. 



    _______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth



    -- 
https://danielfett.de

    _______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth


    _______________________________________________
    OAuth mailing list
    OAuth@ietf.org
    https://www.ietf.org/mailman/listinfo/oauth

    CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you._______________________________________________
    OAuth mailing list
    OAuth@ietf.org
    https://www.ietf.org/mailman/listinfo/oauth


    ForgeRock values your Privacy

    CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.


    --------------975D29CC63441C9E35B368B9-- From nobody Mon Dec 7 13:43:58 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5CA9E3A0B62 for ; Mon, 7 Dec 2020 13:43:56 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.098 X-Spam-Level: X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=pingidentity.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KOujiBaJPFkX for ; Mon, 7 Dec 2020 13:43:53 -0800 (PST) Received: from mail-lj1-x232.google.com (mail-lj1-x232.google.com [IPv6:2a00:1450:4864:20::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 925113A0A42 for ; Mon, 7 Dec 2020 13:43:52 -0800 (PST) Received: by mail-lj1-x232.google.com with SMTP id m13so579079ljo.11 for ; Mon, 07 Dec 2020 13:43:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=sh7hRSnj51Ly9BsZLchYGrr+u/rS9Y/eNt3oPViaMno=; b=CK0XWTYWmFB2MMaG4JcOFG2vA2CLJtHeMWYfrzr3aMHB0Z7Hw9bzrD9zXoz3wVWPte kKKu/meMqepqr+dJnL0aM7NpqMdV5HYGP6MVgWQ//9aKWtaJNihDkHZXoSaYFVT0x6GO m0tdScCxZszXAMSdMUewH+XEKo0dR/oUqnUpBlVM+8T2lPj6GecVL5R6LBdKJ9U7l3NM omrpB+w20N7f81Il7qZL/7Vx9g7JK5i9gjkjxFJ+Gbu4UfD1gHKmzIoaaNr5h8q40/4w DSvSWmJgzR1h1EwWRds1oc+9mcNo963fLPZ+U0aEn+fRlmmXUMr1d8iwehc+y3Y4cbd8 9RPg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=sh7hRSnj51Ly9BsZLchYGrr+u/rS9Y/eNt3oPViaMno=; b=US7LsxOS2ATAyRrKilPN68xPvZQsSs5iVIxhFQrEdakcScbeOCbPBetK0H7aMIvMlM oNJDbQjq5CUGLcPe785nPJyqWoM9huACu6jU8C12JF5Ej5m7YIlN5XZp2esG59/ahBDI SdDPNOyRtdS4dvBpp1PuDaU3IMcI+5miABjioJ7vmF0S6eudsQDY/GeYkrK7OUHvLkPZ AucJMPphEZXUDAqN7rwoObM69e7AxYHQTs0sFuuuAGN9H0QsNLymcv11M6bLGWUMvZ90 2BmPzUGGbBr4jGv+LvMZy7rcsPQ2Ix27MGS/D8EQNqgwaaWv3kBvCkskr0a6vZMbZt9D NAmQ== X-Gm-Message-State: AOAM530n5SrifV3MvJWhfwyRl2YR8BJaD/DAB+U/1+2sw4Nf/5agnCtt +OtPRdpapPPCbiXBiTYx7KzPMts/saCL17sWTTidvaxP5f2k0855QEu+s5sV6W7bTumcBolADYD GTdDNHq3xrhRAyg== X-Google-Smtp-Source: ABdhPJwFopX7Ab5Nc3WvX33HNAnbnoTcRoGPQ80qaIIGFezlEV1ytRKXPgHMw1J/VP91cRp8ObU8bhUNUQkVxRHPqzQ= X-Received: by 2002:a2e:8110:: with SMTP id d16mr9409522ljg.280.1607377430600; Mon, 07 Dec 2020 13:43:50 -0800 (PST) MIME-Version: 1.0 References: <1b584adf-14f9-ba2e-657d-f22b57d87675@free.fr> <4cb35c85-e13a-aabe-1e74-d6eb244189cf@free.fr> <49cbbea5-df0e-f864-cf8b-ec9c3768bc18@danielfett.de> <699AB5C1-D9DE-4BCE-9D51-C10C7B88CD75@forgerock.com> <18c2602c-168b-f6ba-e74e-57b577e5b441@free.fr> In-Reply-To: <18c2602c-168b-f6ba-e74e-57b577e5b441@free.fr> From: Brian Campbell Date: Mon, 7 Dec 2020 14:43:24 -0700 Message-ID: To: Denis Cc: Neil Madden , oauth Content-Type: multipart/alternative; boundary="000000000000c5894505b5e6b8c8" Archived-At: Subject: Re: [OAUTH-WG] Reminder - Interim Meeting to discuss DPoP X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Dec 2020 21:43:56 -0000 --000000000000c5894505b5e6b8c8 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable While there are certainly more than a few different ways of approaching it, I am still not convinced of any significant advantage to tracking iat + a slightly smaller jti value vs. what is currently in the draft. And as we are trying to reflect WG consensus here rather than one person's opinion, I do not plan to engage in discussing this item any further unless others from the WG indicate their interest in making a change. On Mon, Dec 7, 2020 at 1:31 AM Denis wrote: > Hi Brian, > > The client is not necessarily identified in requests to the RS (it could > be via the access token but that's an implementation detail that can't be > counted on in spec) so maintaining a per client list isn't viable. > > That as well as some other considerations/approaches were talked about in > https://github.com/danielfett/draft-dpop/issues/47 with what's in the > spec now maybe not being perfect but good enough. > > The message sent by b---c on September 23, 2019 states: > > I think there are a number of options. The ones that come to mind are: > > 1. servers track only the jti value and require that jti be globally > unique (a UUID or >=3D ~128 bit random) > 2. servers track the public key (or hash of it) + a jti that is > incrementing or otherwise unique within that instance of the client (l= ike > random >=3D ~32 bits but I'm not sure and it really depends on how man= y > requests are being made in the allowed timeframe) > 3. servers track the whole dpop jwt (or probably a hash of it) and jti > is not required at all (or could be very very small). I think the iat = and > jwk and signature in the dpop jwt would provide more than sufficient > entropy for this to work. Although I guess multiple requests to the sa= me > URI & same method during the same second (iat) when using a determinis= tic > signature scheme would need to be differentiated somehow. > > I think 1 is the most straightforward to describe in a document. I'm draw= n > to 3 because it would allow for smaller dpops and move some of the > complexity burden from the client to the server. 2 kinda does also but > feels to me like not a great compromise that's maybe harder for both > parties to implement. > > Thoughts? Preferences? Alternatives? > > Method 1 is not "good enough" as you write: it is over-engineering. A > method for flushing the cache of "whatever data is being stored" has not = be > considered in the discussion. > There are alternatives methods that have not been proposed, nor discussed= . > > In an earlier email, I proposed a pseudo random number with 2 ^ 32 values > associated with the"iat" time. For more details, see item 9 (Section 4.2. > DPoP Proof JWT Syntax) > from: > https://mailarchive.ietf.org/arch/browse/oauth/?q=3DProposed%20changes%20= to%20draft-ietf-oauth-dpop-02 > > The text is as follows: > *"jti": JWT identifier that complements the "iat" claim to > handle replay protection for a given server (REQUIRED). > > The value MUST be assigned such that there is a negligible p= robability that the same value will be assigned > to any other DPoP proof received by the server within the sa= me second during a short time window of validity > (i.e. a few minutes only). This MUST be accomplished by enco= ding 32 bits of pseudorandom data. > > I would add the following sentence: > > In case of a replay detection, an "replay_dpop_proof" error code MU= ST be returned > > This will allow both to recover from an error by sending a new DPoP proof > and to test that replay detection is indeed working. > Note that 64 bits of pseudorandom data would also make it, but 96 bits (o= r > more) is oversized. > The following guidance in section 8.1 will then become unnecessary: > > In order to guard against memory exhaustion attacks a server SHOULD rejec= t > DPoP proof JWTs with unnecessarily large "jti" values or store only a has= h > thereof. > > Denis > > > On Thu, Dec 3, 2020 at 5:09 AM Neil Madden > wrote: > >> I think perhaps an assumption in the DPoP draft (and in the description >> of =E2=80=9Cjti=E2=80=9D in RFC 7519) is that the server will maintain a= single global list >> of recently used jti values to prevent replay, rather than maintaining a >> separate list per client. That could perhaps be spelled out more clearly= in >> the draft, as I think the entropy discussions only really make sense in >> that context. If the RS instead maintains a separate list per client the= n a >> simple counter is sufficient. >> >> =E2=80=94 Neil >> >> On 2 Dec 2020, at 15:17, Brian Campbell < >> bcampbell=3D40pingidentity.com@dmarc.ietf.org> wrote: >> >> The conversation at >> https://github.com/danielfett/draft-dpop/pull/51#discussion_r332377311 >> has a bit more of the rational behind the choice of 96 bit minimum. >> >> On Wed, Dec 2, 2020 at 7:07 AM Denis wrote: >> >>> Hi Daniel, >>> >>> All your arguments make sense. I agree. >>> >>> A minor point however. The size of the jti" is currently mandated to 96 >>> bits minimum. This is unnecessarily long for a time window of a few min= utes. >>> The jti" does not need to be a unique identifier valid for ever. It can >>> simply be an identifier used during the time window which complements t= he >>> "iat" claim. >>> >>> Using both the "iat" claim and a 32 bits pseudo-random number will be >>> quite sufficient. It is also has the advantage of using less memory an= d >>> it is easier to flush the entries looking at the 32 first bits only. >>> >>> Denis >>> >>> So what you are proposing is that the time window in which an RS accept= s >>> the DPoP proof is defined by the expiration time of the access token? >>> >>> DPoP proofs are intended to be generally be short-lived and fresh for >>> each request in order to provide some level of replay protection. There= is >>> no point in making the time window as long as the (typically longer) ti= me >>> window in which an AT would be accepted. A DPoP proof that is valid for= 12 >>> hours would not provide much replay protection. >>> >>> The time window is left unspecified because it is only meant to account >>> for clock differences and network latency. Its precise value can depend= on >>> deployment considerations. It is not intended to give the client an opt= ion >>> to re-use proofs, which is prevented together with the jti. >>> >>> Also this would introduce new, unwanted and potentially surprising >>> dependencies between token lifetimes and the DPoP usage. >>> >>> And finally, as discussed before, not all access tokens are JWTs and we >>> are not going to mandate JWT access tokens in this spec. >>> >>> -Daniel >>> >>> >>> Am 01.12.20 um 09:54 schrieb Denis: >>> >>> Hi Brian, >>> >>> Hi Denis, >>> >>> The choice to use "iat" vs. "exp" was made in the summer of last year. >>> You can see some of the discussion from then in >>> https://github.com/danielfett/draft-dpop/issues/38. >>> I believe it pretty well has consensus at this point and thus unlikely >>> to be changed. >>> >>> I fear that you misread my email or read it too fast. My point had >>> nothing to do whether using *either *of "iat" *o**r* "exp" in the DPoP >>> proof JWT sent by the client. >>> >>> The first sentence of my email was: "One comment on slide 5 about the *= time >>> window*". So the topic was all about how the RS SHALL handle the "jti" >>> claim included >>> in the DPoP proof JWT when using a time window. >>> >>> While I do believe there are reasonable arguments that can be made on >>> both sides of using either of "iat" or "exp", it's difficult (and hones= tly >>> time consuming and very frustrating) to try and have such discussions o= r >>> even respond in a coherent way when fundamental aspects of the draft ar= e >>> misrepresented or misunderstood. For example, the DPoP proof JWT is cre= ated >>> by the client not the AS so the advantages you put forward are >>> nonsensical in the context of the actual workings of the draft. >>> >>> Section 8.1 addresses the topic of the *time window*, but this topic >>> should not *only *be addressed in the "Security Considerations" section >>> but in the main body of the document, since some checks MUST be done by >>> the RS. "Security Considerations"are intended to provide >>> explanations but are not intended to be normative. >>> >>> Section 8.1 states: >>> >>> " If an adversary is able to get hold of a DPoP proof JWT, the >>> adversary could replay that token at the same endpoint (the HTTP >>> endpoint and method are enforced via the respective claims in the >>> JWTs). To prevent this, servers MUST only accept DPoP proofs >>> for a limited time window after their "iat" time, preferably only fo= r >>> a relatively brief period. >>> >>> Servers SHOULD store, in the context of the request URI, the "jti" >>> value of each DPoP proof for the time window in which the respective >>> DPoP proof JWT would be accepted and decline HTTP requests to the >>> same URI for which the "jti" value has been seen before. In order >>> to guard against memory exhaustion attacks a server SHOULD reject >>> DPoP proof JWTs with unnecessarily large "jti" values or store only >>> a hash thereof. >>> >>> (...) ". >>> >>> The previous text makes the assumption that RSs MUST only accept DPoP >>> proofs for a relatively brief period after their "iat" time included >>> in the DPoP proof JWT. This assumption is rather restrictive. A client >>> might get an access token and associate it with DPoP proof JWT that >>> could be used during, e.g., 12 hours. A DPoP proof JWT/ access token >>> JWT pair could thus be used by a client during, e.g., one day for >>> several sessions with a RS. >>> >>> The *time window* is currently left at the discretion of each RS and is >>> supposed to be short (without stating explicitly what "short" may mean)= .. >>> >>> It would be possible to mandate in the JWT the inclusion of the exp >>> (Expiration Time) Claim. (I am *not* advocating the inclusion of the >>> "exp" >>> claim in the DPoP proof JWT). >>> >>> In this way, for a RS, the *time window *would be defined using the >>> "iat" claim defined in the DPoP proof JWT and the "exp" claim defined i= n >>> the JWT. >>> >>> Such a description should not be done in section 8, but in a section >>> earlier in the main body of the document. >>> >>> This would have the following advantages: >>> >>> - The RS would be able to better manage the "jti" claim values, >>> because it would be able to discard "jti" claim values as soon as th= ey are >>> outside the time window as defined above. >>> >>> >>> - The client would know whether a DPoP proof JWT/ access token JWT >>> pair is still usable, in particular using the "expires_in" status >>> code >>> returned in case of a successful response from the AS and is thus >>> unlikely to get a rejection of both of them because of an unknown ti= me >>> window used by a RS. >>> >>> Denis >>> >>> >>> On Mon, Nov 30, 2020 at 8:45 AM Denis wrote: >>> >>>> One comment on slide 5 about the *time window*. >>>> >>>> At the bottom, on the left, it is written: "Only valid for a limited *= time >>>> window* relative to creation time". >>>> >>>> While the creation time is defined by "iat", the *time window* is >>>> currently left at the discretion of each RS. >>>> >>>> It would be preferable to mandate the inclusion in the JWT of the exp >>>> (Expiration Time) Claim. >>>> In this way, the *time window *would be defined by the AS using both >>>> the "iat" and the "exp" claims. >>>> >>>> This would have the following advantages: >>>> >>>> - The client will know whether a token is still usable and is >>>> unlikely to get a rejection of the token >>>> because of an unknown time window defined by a RS. >>>> >>>> >>>> - The RS is able to manage better the "jti" claim values, because >>>> it will be able to discard "jti" claim values >>>> as soon as they are outside the time window defined by the AS in a >>>> JWT. >>>> >>>> Denis >>>> >>>> All, >>>> >>>> This is a reminder that we have an Interim meeting this Monday, Nov >>>> 30th @ 12:00pm ET, to discuss the latest with the *DPoP *document: >>>> https://datatracker.ietf.org/doc/draft-ietf-oauth-dpop/ >>>> >>>> You can find the details of the meeting and the slides here: >>>> https://datatracker.ietf.org/meeting/interim-2020-oauth-16/session/oau= th >>>> >>>> Regards, >>>> Rifaat & Hannes >>>> >>>> >>>> _______________________________________________ >>>> OAuth mailing listOAuth@ietf.orghttps://www.ietf.org/mailman/listinfo/= oauth >>>> >>>> >>>> _______________________________________________ >>>> OAuth mailing list >>>> OAuth@ietf.org >>>> https://www.ietf.org/mailman/listinfo/oauth >>>> >>> >>> *CONFIDENTIALITY NOTICE: This email may contain confidential and >>> privileged material for the sole use of the intended recipient(s). Any >>> review, use, distribution or disclosure by others is strictly prohibite= d. >>> If you have received this communication in error, please notify the sen= der >>> immediately by e-mail and delete the message and any file attachments f= rom >>> your computer. Thank you.* >>> >>> >>> >>> _______________________________________________ >>> OAuth mailing listOAuth@ietf.orghttps://www.ietf.org/mailman/listinfo/o= auth >>> >>> >>> -- https://danielfett.de >>> >>> >>> _______________________________________________ >>> OAuth mailing listOAuth@ietf.orghttps://www.ietf.org/mailman/listinfo/o= auth >>> >>> >>> _______________________________________________ >>> OAuth mailing list >>> OAuth@ietf.org >>> https://www.ietf.org/mailman/listinfo/oauth >>> >> >> *CONFIDENTIALITY NOTICE: This email may contain confidential and >> privileged material for the sole use of the intended recipient(s). Any >> review, use, distribution or disclosure by others is strictly prohibited= . >> If you have received this communication in error, please notify the send= er >> immediately by e-mail and delete the message and any file attachments fr= om >> your computer. Thank you.*______________________________________________= _ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth >> >> >> >> ForgeRock values your Privacy > > > *CONFIDENTIALITY NOTICE: This email may contain confidential and > privileged material for the sole use of the intended recipient(s). Any > review, use, distribution or disclosure by others is strictly prohibited. > If you have received this communication in error, please notify the sende= r > immediately by e-mail and delete the message and any file attachments fro= m > your computer. Thank you.* > > > --=20 _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged= =20 material for the sole use of the intended recipient(s). Any review, use,=20 distribution or disclosure by others is strictly prohibited.=C2=A0 If you h= ave=20 received this communication in error, please notify the sender immediately= =20 by e-mail and delete the message and any file attachments from your=20 computer. Thank you._ --000000000000c5894505b5e6b8c8 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
    While there are certainly more than a few different ways o= f approaching it, I am still not convinced of any significant advantage to tracking iat + a slightly smalle= r jti value vs. what is currently in the draft. And as we are trying to ref= lect WG consensus here rather than one person's opinion, I do not plan = to engage in discussing this item any further unless others from the WG ind= icate their interest in making a change.


    <= span style=3D"margin:0px;padding:0px;border:0px;outline:0px;vertical-align:= baseline;background:transparent;font-family:proxima-nova-zendesk,system-ui,= -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ub= untu,Cantarell,"Helvetica Neue",Arial,sans-serif;font-weight:600"= >CONFIDENTIALITY NOTICE: This email may contain confidenti= al and privileged material for the sole use of the intended recipient(s). A= ny review, use, distribution or disclosure by others is strictly prohibited= .=C2=A0 If you have received this communication in error, please notify the= sender immediately by e-mail and delete the message and any file attachmen= ts from your computer. Thank you. --000000000000c5894505b5e6b8c8-- From nobody Mon Dec 7 15:58:54 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EC27D3A0CBD for ; Mon, 7 Dec 2020 15:58:52 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.097 X-Spam-Level: X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2XQGt3eR-Ibs for ; Mon, 7 Dec 2020 15:58:51 -0800 (PST) Received: from mail-lf1-x129.google.com (mail-lf1-x129.google.com [IPv6:2a00:1450:4864:20::129]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7F48A3A0CB9 for ; Mon, 7 Dec 2020 15:58:51 -0800 (PST) Received: by mail-lf1-x129.google.com with SMTP id r24so20607021lfm.8 for ; Mon, 07 Dec 2020 15:58:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=iSKAGUCBCVm9Ueh51/xnz64b8PD1kZ3wZbubxulp0oo=; b=i05EEB19xooOUuFCMOLKR1x9lXyjzafzQ2jQpiA0l6Oikyodp/0v+EFwTh21SaOy2V hOpPt6UH7lbfhzZQax9LVLKL2r+vPgqYa8Mp3hSxCL8DlHtO8NIdhAnqbBm78tbcb+2j IcNoZi5hKxNAWgACiO78rRecmKiAQsKZaBds+xy4asFdWYhiye30zGn5DIlsdXb1MbIO z3F5oDl6UZK/kwhpDdbELtMgIKlGtj1tF7FQAhoHbLY5m6w12exef1i46LtA/I4K2QWg osVDcwciIbhUFy6oV/h3W92Wh9f4e6CvwAttRZXFMn07aqxHTulEU48XUg5qUllrh6yP Et+Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=iSKAGUCBCVm9Ueh51/xnz64b8PD1kZ3wZbubxulp0oo=; b=pEz1twm9nTIQ/tfh+Gx3KUME/+7Ti5YVEQ86CkGztnpRWv7RmospPI/QCCCqkqCvO+ vbuaykfnb0iw94qKiJspHJfjpRMOZHP7fA424iGe8sMimCK6pzVlTLK+Jzsj1QcbA2x1 LnEziiQIgq+EoTFJpWJtj0IbeyTlXhoD2F2CGuECgmagRZpROQ5ypZWeAbZMhBKu6I7c IrwCi8G9VaxrL54WRWiaBBKu42zfqIqI7v05kPAvoPLwoNo77uF5WD7dD/mV+6tktNOX Q+GV/f2Ody25JAcYFBUZ+o2F9nMMRU8LLBRs1JSIyZuPZ8QJTB5TzFzfwpWDsoTuc1ON rnlQ== X-Gm-Message-State: AOAM533pCZXITqpSgbd5/KgafzdlDMtW1SM44bXD32oVO61mos3Yj4xF fBbP8Qrf5giNZFNc0eHjEaQriq+Y2nlkNDmPVZzQFG1Tyn0= X-Google-Smtp-Source: ABdhPJwzIH+o1MmQpOh22plVIpxZjzGk3jUnPCneu+wZRjyuC1pcekM9ltV6qL3vmT6Qrznd9V4KEMHMpwrmIvCcixk= X-Received: by 2002:a19:c842:: with SMTP id y63mr926044lff.341.1607385529332; Mon, 07 Dec 2020 15:58:49 -0800 (PST) MIME-Version: 1.0 From: Rifaat Shekh-Yusef Date: Mon, 7 Dec 2020 18:58:38 -0500 Message-ID: To: oauth Content-Type: multipart/alternative; boundary="0000000000007e37c505b5e89b7f" Archived-At: Subject: [OAUTH-WG] Dec 7th Interim Meeting Minutes X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Dec 2020 23:58:53 -0000 --0000000000007e37c505b5e89b7f Content-Type: text/plain; charset="UTF-8" All, You can find the minutes of the Dec 7th meeting here: https://datatracker.ietf.org/meeting/interim-2020-oauth-17/materials/minutes-interim-2020-oauth-17-202012071200-00 and here: https://codimd.ietf.org/s/notes-ietf-interim-2020-oauth-17-oauth Thanks to *Justin Richer *for taking these notes. Regards, Rifaat & Hannes --0000000000007e37c505b5e89b7f Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
    All,

    You can find the minutes of the De= c 7th meeting here:
    and here:<= /div>

    Thanks to=C2=A0Justin Richer for = taking these notes.

    Regards,
    =C2=A0Rifaa= t & Hannes
    --0000000000007e37c505b5e89b7f-- From nobody Tue Dec 8 04:50:50 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 204013A0CEB for ; Tue, 8 Dec 2020 04:50:49 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.097 X-Spam-Level: X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tAP5Pju4mlbg for ; Tue, 8 Dec 2020 04:50:47 -0800 (PST) Received: from mail-lj1-x22d.google.com (mail-lj1-x22d.google.com [IPv6:2a00:1450:4864:20::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 67F8D3A0CD2 for ; Tue, 8 Dec 2020 04:50:47 -0800 (PST) Received: by mail-lj1-x22d.google.com with SMTP id j10so19066175lja.5 for ; Tue, 08 Dec 2020 04:50:47 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=CKzFzNxxM6s6NtohIne+/vHCa3fvGleuI+Jf8IM6rr8=; b=LNwP87xBgHi+hLuvKL5naxHm1e1Qj1YhOiFTkmDdr4FBnr5J29x96B09DbwrHDsRbE HJUSY9ji18mSh80tO5EWe2Sr5siIPFIIvRHYErykd7R8omE22z0ZnB5QHS8RTm0A+DXa xcK19IJ7Lq58EAqeS5ndlei96WJVZ1OjuDC1hcd8pKEoyVlttSpdTzSRHE+QEfhcDxYP iZ7m2FUohW0rmEfSaEplMifh325BI1FxpJ1QpCfg3jmWvANvuXZGz+ZapxalJAtwLKQ9 4mSU2e3z7VdescmgGJQcy/doi8x/eXVgbMYw3OJ4ECJdOyl9VQSgTRz6kvyeg/FszIuE 5PAw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=CKzFzNxxM6s6NtohIne+/vHCa3fvGleuI+Jf8IM6rr8=; b=T3kWyw0jOGAhc+Qp3kCbVed4Jy2TKCtdzXEf0y8hmzrp8zIjPZ7WVYQ2c0dH26PfJP K8Pa4p9UuUFqUbSKHtzkVrJzIRRRVjptNVanuOeov1B9TOzKOJKRYMBetS1P7w2HN0wt 2OXqVJ/7ITLBZCeMUposnRx7GMsCiwdF3NsOsYRm37+6hu4Vr77CiVeQ+rMmPOp57yPq Kdiq0YrEYR7Q/fZm12sjr7PT6uCXrzAvTLGsZXC0eoZmNzxDQjVRlqixsUPsU+8DgExC 3fa+tSr87amR07iiIwaQwBgz1ppHBL0EQUPJ3aQrgqc/wt9L494PuEFyQr6TMPAqlPVH 8GoQ== X-Gm-Message-State: AOAM531sl01gYa0f0OQGU7SOl+rdLYMbKTTcEUerkwB0EuByYMVMR/y8 tkhUWTQp5gc5DVbpR5qdS+2GPYBxE2sVayUR6MtCzpLV4wU= X-Google-Smtp-Source: ABdhPJwDRzk2OQSpWduSgvWj6i/CXanSdNaaucONGZnaE8q0f5jUBcVXv2KayKalEvhbEJHmfDKOjsd7YVKJhU9sr0c= X-Received: by 2002:a05:651c:506:: with SMTP id o6mr5914404ljp.278.1607431844542; Tue, 08 Dec 2020 04:50:44 -0800 (PST) MIME-Version: 1.0 From: Rifaat Shekh-Yusef Date: Tue, 8 Dec 2020 07:50:33 -0500 Message-ID: To: oauth Content-Type: multipart/alternative; boundary="00000000000018416d05b5f364c0" Archived-At: Subject: [OAUTH-WG] Call for Adoption - AS Issuer Identifier in Authorization Response X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Dec 2020 12:50:49 -0000 --00000000000018416d05b5f364c0 Content-Type: text/plain; charset="UTF-8" All, This is a call for adoption for the following AS Issuer Identifier in Authorization Response as a WG document: https://datatracker.ietf.org/doc/draft-meyerzuselhausen-oauth-iss-auth-resp/ Please, provide your feedback on the mailing list by Dec 22nd. Regards, Rifaat & Hannes --00000000000018416d05b5f364c0 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
    All,

    This is a call for adoption for the following = AS Issuer Identifier in Authorization Response as a WG document:
    https://datatracker.ietf.org/doc/draft-meyerzuselhausen-oauth-iss-au= th-resp/

    Please, provide your feedback on the mailing list by De= c 22nd.

    Regards,
    =C2=A0Rifaat & Hannes
    --00000000000018416d05b5f364c0-- From nobody Tue Dec 8 05:05:09 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4753B3A0D25 for ; Tue, 8 Dec 2020 05:05:08 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.098 X-Spam-Level: X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=forgerock.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yW8CeBTJK_Yi for ; Tue, 8 Dec 2020 05:05:05 -0800 (PST) Received: from mail-ed1-x534.google.com (mail-ed1-x534.google.com [IPv6:2a00:1450:4864:20::534]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 423F13A0D20 for ; Tue, 8 Dec 2020 05:05:04 -0800 (PST) Received: by mail-ed1-x534.google.com with SMTP id b2so17508089edm.3 for ; Tue, 08 Dec 2020 05:05:04 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=forgerock.com; s=google; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=DSjVlgtGH+xXBhM3+Mczmwj/S2CC/wyf0+QKtHVxl5E=; b=XI3IuDClWXrjKXpdT6xAbPlCAH/IYMCnoB/TR5gX5Z/FyQx/7gw54JX3MsNRPZMNwD ywfAGKHwtt3TAncWmRad11PLC3x8pUuLHnDyUPSsyfh7jgYjXZ8YEFiFKL8TQgBc7sNR UGEZp6R3uYmEvYjRX95KvaIbcuW+LprTtMpgs= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=DSjVlgtGH+xXBhM3+Mczmwj/S2CC/wyf0+QKtHVxl5E=; b=hKFpBIOHE1p6IfG0BHs/GbVTSMeq/akQLeiAK9KNVlicoZiWVpW6UIwpNePMMjA6Ug r0jDURdsQe4PH7tjNzzVwWzg6dOqsl/vH51YCe0iuvLoO1uVuTCh9BO978xwf649t2Z8 zDtuvp2Lk+Yo+51kAzQvXVsX9S9Q2aRZQlP5WTxQQRRUDt8fcWvW55p0FRS2MlS08UbG IDc+d3A2F3FRJRZ+9ek1osOd6N33uuGN9/KE/juL3FddMMHIrYfI9WJ/IXYvUmf4qtLX EzdgW0jGRmsefd7VzDlPaysia/PwxPvB7zpQxLNHr1LHhg1YdnFIMg5761XNcRDGRlnn J7jg== X-Gm-Message-State: AOAM532lQv4EiXuAdL9EVxBR+CYtxT4a1VOXdSHetUDVTD4tFJoJdHYX hknxKBQja+odb0Ogi2JyS4uC/Q8Aq2GyQwi9Cd7E9RK6RHI6V0U0LNw11RmKBeXr39eJS4k8Bg= = X-Google-Smtp-Source: ABdhPJw7Hhk2dLcNlrUYW0WxLcZLaor4jn8KWL7igmtPmHApNcYfnfjopzvk4obTd3qqXKUNCX6jPQ== X-Received: by 2002:aa7:d354:: with SMTP id m20mr24048619edr.195.1607432702665; Tue, 08 Dec 2020 05:05:02 -0800 (PST) Received: from [10.0.0.4] ([213.31.218.193]) by smtp.gmail.com with ESMTPSA id d4sm17431166edq.36.2020.12.08.05.05.01 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 08 Dec 2020 05:05:02 -0800 (PST) From: Neil Madden Message-Id: <3DEEBE89-2414-4D6B-9AFE-8EEFACA63456@forgerock.com> Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.4\)) Date: Tue, 8 Dec 2020 13:05:01 +0000 In-Reply-To: Cc: oauth To: Rifaat Shekh-Yusef References: X-Mailer: Apple Mail (2.3608.120.23.2.4) Content-Type: multipart/alternative; boundary="Apple-Mail=_4A7667CE-D5BA-4ECD-AD36-A025D795682E" Archived-At: Subject: Re: [OAUTH-WG] Call for Adoption - AS Issuer Identifier in Authorization Response X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Dec 2020 13:05:08 -0000 --Apple-Mail=_4A7667CE-D5BA-4ECD-AD36-A025D795682E Content-Type: text/plain; charset="ISO-8859-1" I support adoption of this draft. > On 8 Dec 2020, at 12:50, Rifaat Shekh-Yusef wrote: > > All, > > This is a call for adoption for the following AS Issuer Identifier in Authorization Response as a WG document: > https://datatracker.ietf.org/doc/draft-meyerzuselhausen-oauth-iss-auth-resp/ > > Please, provide your feedback on the mailing list by Dec 22nd. > > Regards, > Rifaat & Hannes > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth -- ForgeRock values your Privacy --Apple-Mail=_4A7667CE-D5BA-4ECD-AD36-A025D795682E Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset="US-ASCII" I support adoption of t= his draft.

    On= 8 Dec 2020, at 12:50, Rifaat Shekh-Yusef <rifaat.s.ietf@gmail.com> wrote:

    All,

    This is a call for adoption for the fo= llowing AS Issuer Identifier in Authorization Response as a WG document:https://datatracker.ietf.org/doc/draft= -meyerzuselhausen-oauth-iss-auth-resp/

    Ple= ase, provide your feedback on the mailing list by Dec 22nd.
    <= br class=3D"">Regards,
     Rifaat & Hannes
    _______________________________________________
    OAuth mailing= list
    OAuth@ietf= .org
    https://www.ietf.org/mailman/listinfo/oauth


    ForgeRock values your Privacy --Apple-Mail=_4A7667CE-D5BA-4ECD-AD36-A025D795682E-- From nobody Tue Dec 8 05:06:08 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0DBC33A0D06 for ; Tue, 8 Dec 2020 05:06:07 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.099 X-Spam-Level: X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lodderstedt.net Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fEww6Fpe39Dq for ; Tue, 8 Dec 2020 05:06:02 -0800 (PST) Received: from mail-ed1-x52b.google.com (mail-ed1-x52b.google.com [IPv6:2a00:1450:4864:20::52b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 956EA3A0D21 for ; Tue, 8 Dec 2020 05:06:02 -0800 (PST) Received: by mail-ed1-x52b.google.com with SMTP id dk8so14618954edb.1 for ; Tue, 08 Dec 2020 05:06:02 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lodderstedt.net; s=google; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=JOYhZ1+XyqV2y+vT7NhShecW/u5Tff9VmFX16spIULM=; b=4nxvgYg/W/2aP8X14/JzfB4xFJoY6WdbpyeMG48a3IslYEBtDoW0eW/BR9iXrcY75Z 5rO19bGaA89CI97y6MM52Uvg85KxR+YnyGvTeQByGV/iFf8jfGYpsxch1w5/l8E/72Ju bNGxhzWQtN9Pb8lOXLjM5p9f6GwiuGEve4hVHZyR2x7hJ48ph9jWc74qFgktKU/dNaVG CBHtSVDWCJ01nGOj/tBhMbyvE46ehQt6+YXcL2Qb5opLcefY98dXL+0zFmQWki/H3CrW jFIUgUxGfwViTMkpFD6FgI7cx2xwn1raIORNYAq5tFux0iSLtvLpZ5D+MG4Dg3X7Cv8t Z+4A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=JOYhZ1+XyqV2y+vT7NhShecW/u5Tff9VmFX16spIULM=; b=ETc87UFuBVtXbh4Lq+WjdNxmA5nfyo1zO1CDefsF8UeHvQCv5pvHCRvnAnXdB28itX Kx7KOvG2jKHsp/3/jJBcqLZgiZ1sbYoDJ9VrtZCv6zugqNT9xsISxkxff0mw8M6Klf3G n8baU8DzRoAp8VXTG9830HYO7l1CQdiSLsRKW8bEYf8ZKfoI5v9Q7EJLGx7B2nDg/6i1 IfMUIKDDYOXkAlz4wFIeRlwGZFH1MBayrJTqnfZOIe95sK2qHQHR9rnGwrE18LmmaCTE TkZNKgWONxaQKEQe87+14X8Q3I3NGPJloqysPMrldtQz2mXRkS9t7EFz3pdBenvvy1Zy /sBA== X-Gm-Message-State: AOAM532gQ5WcWwFkXaXF4QGKsK7luILQIvDvOy50aDb7XCCht4D1wUBZ c3NrMI4+Trp9FrphstKS+acHUA== X-Google-Smtp-Source: ABdhPJzCreJKpadW6BfR3+h/rT8uMU/rWGjJUhXwI2OJL5+m4xIQ2JQFJ3be7gnCXsSRhN1o7oqLWQ== X-Received: by 2002:a50:e68a:: with SMTP id z10mr24759955edm.66.1607432760822; Tue, 08 Dec 2020 05:06:00 -0800 (PST) Received: from [192.168.71.123] (p4fc08d1c.dip0.t-ipconnect.de. [79.192.141.28]) by smtp.gmail.com with ESMTPSA id q25sm12144575eds.85.2020.12.08.05.05.58 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 08 Dec 2020 05:05:59 -0800 (PST) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.20.0.2.21\)) From: Torsten Lodderstedt In-Reply-To: Date: Tue, 8 Dec 2020 14:05:58 +0100 Cc: oauth Content-Transfer-Encoding: quoted-printable Message-Id: <52F75D60-ACB8-4303-9205-665DCF217592@lodderstedt.net> References: To: Rifaat Shekh-Yusef X-Mailer: Apple Mail (2.3654.20.0.2.21) Archived-At: Subject: Re: [OAUTH-WG] Call for Adoption - AS Issuer Identifier in Authorization Response X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Dec 2020 13:06:07 -0000 I support the WG adoption of this draft.=20 > Am 08.12.2020 um 13:50 schrieb Rifaat Shekh-Yusef = : >=20 > All, >=20 > This is a call for adoption for the following AS Issuer Identifier in = Authorization Response as a WG document: > = https://datatracker.ietf.org/doc/draft-meyerzuselhausen-oauth-iss-auth-res= p/ >=20 > Please, provide your feedback on the mailing list by Dec 22nd. >=20 > Regards, > Rifaat & Hannes > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > = https://www.google.com/url?q=3Dhttps://www.ietf.org/mailman/listinfo/oauth= &source=3Dgmail-imap&ust=3D1608036656000000&usg=3DAOvVaw3LQv8gGHF-mvbizMYx= f_54 From nobody Tue Dec 8 05:40:24 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 48FB83A0D4B for ; Tue, 8 Dec 2020 05:40:23 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.096 X-Spam-Level: X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_NONE=0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=danielfett.de Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zpUVnBj61rte for ; Tue, 8 Dec 2020 05:40:21 -0800 (PST) Received: from d3f.me (redstone.d3f.me [5.9.29.41]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0FD6C3A0D64 for ; Tue, 8 Dec 2020 05:40:21 -0800 (PST) Received: from authenticated-user (PRIMARY_HOSTNAME [PUBLIC_IP]) by d3f.me (Postfix) with ESMTPA id 753DE18206 for ; Tue, 8 Dec 2020 13:40:17 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=danielfett.de; s=dkim; t=1607434817; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=9Ysbyzx6nQ21af2Dp2Il8huutYkeip/Kj0/sUJcL1RU=; b=tlexRE1GmTlRHcLBmar+TLPWoBU+u/LQDzg+xlhc5DhjSgg72SYsKt3LzuImntYQbkEnD0 3RvXheLzdx413b5RzNl0hoB/VmlduySIvviVHOxZ4o83OUUl9Q0YAzd3iEuvxC3J1HGcnw rKZ7bUTInwj8dEhbG6MIa5+8ZZCEXRg= To: oauth@ietf.org References: From: Daniel Fett Message-ID: <8d8220cc-09fb-5666-93b4-6dc2cdf2eec6@danielfett.de> Date: Tue, 8 Dec 2020 14:40:16 +0100 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/alternative; boundary="------------56AAAA4019A52CD94DE98A0C" Content-Language: de-DE ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=danielfett.de; s=dkim; t=1607434817; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=9Ysbyzx6nQ21af2Dp2Il8huutYkeip/Kj0/sUJcL1RU=; b=tAUWR4loH6LsP4TDDLMBHFV58KPgi9qmORyx3bs4cm6gyAoBr4TCcZ0c/QmcdDGoQKDZgZ 42oTrzHPNn89pgwZrsZYC7lCrTkidJI3tl2b1LpnNhfy/uclvXKDFblIlA3ngZP7hWtYcZ 2APMDjaLISJntQfN4UKgHbvccEFcN/o= ARC-Seal: i=1; s=dkim; d=danielfett.de; t=1607434817; a=rsa-sha256; cv=none; b=PVCfqxBtYpOdsRSrgpVIeT2Hq6Nqn4pPc26j3e9RmlrhLJXtSkZzY40MYaGvN7C2iqiPPx zcwiUGTzrbMvEszD3QQFJDfUCoCjiKaXhzoajdbG9/A0f+MCcY4RMx3q5Rg1llRP2qIQM+ JW0Rb9XaiDeqcMJH9dDP91Y5HTI8nBo= ARC-Authentication-Results: i=1; d3f.me; auth=pass smtp.auth=fett@danielfett.de smtp.mailfrom=fett@danielfett.de Authentication-Results: d3f.me; auth=pass smtp.auth=fett@danielfett.de smtp.mailfrom=fett@danielfett.de X-Spamd-Bar: / Archived-At: Subject: Re: [OAUTH-WG] Call for Adoption - AS Issuer Identifier in Authorization Response X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Dec 2020 13:40:23 -0000 This is a multi-part message in MIME format. --------------56AAAA4019A52CD94DE98A0C Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Obviously, +1. Am 08.12.20 um 13:50 schrieb Rifaat Shekh-Yusef: > All, > > This is a call for adoption for the following AS Issuer Identifier in > Authorization Response as a WG document: > https://datatracker.ietf.org/doc/draft-meyerzuselhausen-oauth-iss-auth-resp/ > > Please, provide your feedback on the mailing list by Dec 22nd. > > Regards, >  Rifaat & Hannes > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth -- https://danielfett.de --------------56AAAA4019A52CD94DE98A0C Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 8bit
    Obviously, +1.

    Am 08.12.20 um 13:50 schrieb Rifaat Shekh-Yusef:
    All,

    This is a call for adoption for the following AS Issuer Identifier in Authorization Response as a WG document:
    https://datatracker.ietf.org/doc/draft-meyerzuselhausen-oauth-iss-auth-resp/

    Please, provide your feedback on the mailing list by Dec 22nd.

    Regards,
     Rifaat & Hannes

    _______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth



    -- 
https://danielfett.de
    --------------56AAAA4019A52CD94DE98A0C-- From nobody Tue Dec 8 06:33:29 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 44D0E3A0F0B for ; Tue, 8 Dec 2020 06:33:26 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.896 X-Spam-Level: X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=authlete-com.20150623.gappssmtp.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id X3-8YIngUQNV for ; Tue, 8 Dec 2020 06:33:24 -0800 (PST) Received: from mail-wm1-x32a.google.com (mail-wm1-x32a.google.com [IPv6:2a00:1450:4864:20::32a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 086723A0EFC for ; Tue, 8 Dec 2020 06:33:23 -0800 (PST) Received: by mail-wm1-x32a.google.com with SMTP id a3so2535509wmb.5 for ; Tue, 08 Dec 2020 06:33:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=authlete-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=5QlJFfaLorfQQPe1Q+QREdJZAh9bHpfyk+JGzDSuWAI=; b=dwOHz/Dmxk8Wu12ilwGQ1b9SKnkTMJbHMk6zHAIYMgd+qEX1OOevNSi1Mag1y933WC p5H1y9dX1CAuZM3+v8t4rt9vJmM1aJyI70p51bb1Q3HYqNdVm0rlwbFo77sFv2riXcAU jUwZDly4yHxtyqGZuCYnTrX1STf67fKDuJru82UxbXyyQH1eUNWknEW4PNG6t2LZIBGC TVFMuu7x9NEbT2Bq0tZdYkDTneEdrbsPaz+8+rthhMCAY7LRujQPZ7r0YNRT2JNfyQ+b rwdK/CPJ9CVlena4vJfLlqBaVxVrgwvDHzhYcSRowjnDbqYgusJbNcsEFBkaumBLk6kq WVNA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=5QlJFfaLorfQQPe1Q+QREdJZAh9bHpfyk+JGzDSuWAI=; b=QkkwjnWV+9fDbpnA2luwyJSBd+dCqGSkdLuebPofh09Cp2COLCXmroeaY0UAqD5ZiP /cUDnqqGwAaAD1NvaJPyH/rpc/Mz63uf8AQQg+HFbklvSyVRQVQu1DFnw6iO1eBGzP7k z/4cFHcYsXZC0+bYt4+nksaAxJso0Oy3AtSiU2kZSeSUwX/0cBgEI8IH5OTmifRr0oIb 7/eY8j2234uY/f8KEN5REd314r5QHjkhRoIr7JQhP+zxP9Apq1cK+DPG2QXZ8/qQMJyL NZR1zuUZKbwfMBW7Q7HUtT9QbvW2Oy2e4XmgTzDmFzGPalvO5ulTmsEI+PjtTD9xavZ0 i7dg== X-Gm-Message-State: AOAM533m5ebIlAaUVBHW99oc16VAjAO4P6wgA03MMbxkUq+/0klJTfR3 2BDuYzD5KClMu51Pyp/6fNJMZXM9Fa5RjpHweaVwLA== X-Google-Smtp-Source: ABdhPJxj/TQFsB5h3FOlglyCn6g172CqlfgZR7tlYaxMyz0CKmMTUew+I00bZBbmiaJ0Dcb7krkkao59rCHbeXDf5gQ= X-Received: by 2002:a1c:7f93:: with SMTP id a141mr4087140wmd.132.1607438002212; Tue, 08 Dec 2020 06:33:22 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: From: Takahiko Kawasaki Date: Tue, 8 Dec 2020 23:33:11 +0900 Message-ID: To: Rifaat Shekh-Yusef Cc: oauth Content-Type: multipart/alternative; boundary="0000000000001ee85f05b5f4d345" Archived-At: Subject: Re: [OAUTH-WG] Call for Adoption - AS Issuer Identifier in Authorization Response X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Dec 2020 14:33:26 -0000 --0000000000001ee85f05b5f4d345 Content-Type: text/plain; charset="UTF-8" +1. I've implemented the specification. I think that the current draft is already good enough for implementers. Thank you, authors. Taka On Tue, Dec 8, 2020 at 9:50 PM Rifaat Shekh-Yusef wrote: > All, > > This is a call for adoption for the following AS Issuer Identifier in > Authorization Response as a WG document: > > https://datatracker.ietf.org/doc/draft-meyerzuselhausen-oauth-iss-auth-resp/ > > Please, provide your feedback on the mailing list by Dec 22nd. > > Regards, > Rifaat & Hannes > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > --0000000000001ee85f05b5f4d345 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
    +1. I've implemented the specification. I think that t= he current draft is already good enough for implementers. Thank you, author= s.

    Taka

    On Tue, Dec 8, 2020 at 9:50 PM Rifaat S= hekh-Yusef <rifaat.s.ietf@gma= il.com> wrote:
    All,

    This is a call for adoption for the foll= owing AS Issuer Identifier in Authorization Response as a WG document:
    <= a href=3D"https://datatracker.ietf.org/doc/draft-meyerzuselhausen-oauth-iss= -auth-resp/" target=3D"_blank">https://datatracker.ietf.org/doc/draft-meyer= zuselhausen-oauth-iss-auth-resp/

    Please, provide your feedback o= n the mailing list by Dec 22nd.

    Regards,
    =C2=A0Rifaat & Hanne= s
    _______________________________________________
    OAuth mailing list
    OAuth@ietf.org
    https://www.ietf.org/mailman/listinfo/oauth
    --0000000000001ee85f05b5f4d345-- From nobody Tue Dec 8 06:51:00 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 63F473A0F3D for ; Tue, 8 Dec 2020 06:50:59 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.099 X-Spam-Level: X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=hackmanit.de Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a2l3zGIatV8E for ; Tue, 8 Dec 2020 06:50:57 -0800 (PST) Received: from mail-wr1-x436.google.com (mail-wr1-x436.google.com [IPv6:2a00:1450:4864:20::436]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6CB813A0F3A for ; Tue, 8 Dec 2020 06:50:57 -0800 (PST) Received: by mail-wr1-x436.google.com with SMTP id y17so7087171wrr.10 for ; Tue, 08 Dec 2020 06:50:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hackmanit.de; s=google; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to; bh=zEb/oCkj2NwZvyaldM3Y9kdf3lbEVpJD1X2WGIrqX4g=; b=ctJPHQspkUJGprmrzTnvmfToirQV1yHKhlxHKfcdhsOGKZ+xTLQWbjoIumfAgV0Ik5 hVrtx6R8LfSOa3+eS6t4CFShv6HnAPYMs4hBhpXsE8QqT3CvcG2/CSHraw11sf0bezw+ U5IKfqUSTOuAzfDxNUAoI7tnEk4ADEZ8eqyNNZoOIzZtP4hE2/tXAj0iV3ubNfB1bcrJ PNQVjcox9u/kbzTU+dxS3O4Uk6KcDog/ibpDWd4pNlAQ9Z7em0R0b48MxFCgj9dujZZX 3iwei+3QLdb+hCUTAAGHtLwc+VhFvO+lw+hxw+Qmd/1VN8VkLTyX8A+GFwZg5OGpfawr tWsw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to; bh=zEb/oCkj2NwZvyaldM3Y9kdf3lbEVpJD1X2WGIrqX4g=; b=sAt+rQBFv8mswZhUBTdlRROSYcxaCfsSHt0eccMmDvA8ozBRBgOku64poG8+ydbxLH A1VIaYGEvOI4R7LtWhxAQhmU/fDf4yu95PL67GRctcBUR+M0x3GHvnoXfm6punVd/TVm 2rjgpTcduQFfNjdTGa1l+Q5Ig0a2oqkN3UtI/imfrVgZP1ZX7tH9vAhGipcK5UHAA9sY fh4awgG5phTgsN2F3aXZ60r3sf95zVpleHQ+pm6LmwsedK4i09cvuvDgfYLnxrj9GCob dMCQN2ZgBPZFI9yOV5xB2eo/TcOq6QgNJnvYSALQVGQwvs4k9Ygf15pkhNe0bnXmsp1Z WEEA== X-Gm-Message-State: AOAM533pg+yzhFAZW3VmO0YkMlXjNEiwrK8LU+XiQC4Q3XuFZZHawyYV F96vgi7fBT/9bI5gmTRFkrEzMozFd8pHCw== X-Google-Smtp-Source: ABdhPJyS7QTqquOgDEYy/mh0uHYmTqVWjYB2zRa6oZp5zWELJYRQmYBF3ZStt1XP40xn/SKD62Uvxg== X-Received: by 2002:a5d:554e:: with SMTP id g14mr8399744wrw.264.1607439055089; Tue, 08 Dec 2020 06:50:55 -0800 (PST) Received: from [192.168.178.22] (b2b-37-24-87-133.unitymedia.biz. [37.24.87.133]) by smtp.gmail.com with ESMTPSA id e16sm10255391wra.94.2020.12.08.06.50.53 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 08 Dec 2020 06:50:54 -0800 (PST) To: oauth@ietf.org References: From: Karsten Meyer zu Selhausen Message-ID: <89a6048c-dc45-b3af-07d3-703cd8976d6f@hackmanit.de> Date: Tue, 8 Dec 2020 15:50:53 +0100 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.5.1 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="lFp6ATjilRAfqHPW1C9sqeIv64lTxNy3c" Archived-At: Subject: Re: [OAUTH-WG] Call for Adoption - AS Issuer Identifier in Authorization Response X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Dec 2020 14:50:59 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --lFp6ATjilRAfqHPW1C9sqeIv64lTxNy3c Content-Type: multipart/mixed; boundary="aLCfC5LQjJmISpp43BF31ojW6O9n2PkwM"; protected-headers="v1" From: Karsten Meyer zu Selhausen To: oauth@ietf.org Message-ID: <89a6048c-dc45-b3af-07d3-703cd8976d6f@hackmanit.de> Subject: Re: [OAUTH-WG] Call for Adoption - AS Issuer Identifier in Authorization Response References: In-Reply-To: --aLCfC5LQjJmISpp43BF31ojW6O9n2PkwM Content-Type: multipart/alternative; boundary="------------DCD17E48F9CC7BA27BF0D591" Content-Language: en-US This is a multi-part message in MIME format. --------------DCD17E48F9CC7BA27BF0D591 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: quoted-printable +1 On 08.12.2020 13:50, Rifaat Shekh-Yusef wrote: > All, > > This is a call for adoption for the following AS Issuer Identifier in=20 > Authorization Response as a WG document: > https://datatracker.ietf.org/doc/draft-meyerzuselhausen-oauth-iss-auth-= resp/=20 > > > Please, provide your feedback on the mailing list by Dec 22nd. > > Regards, > =C2=A0Rifaat & Hannes > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth --=20 Karsten Meyer zu Selhausen IT Security Consultant Phone: +49 (0)234 / 54456499 Web: https://hackmanit.de | IT Security Consulting, Penetration Testing, = Security Training Nehmen Sie an unserer n=C3=A4chsten Live Online-Schulung zur Sicherheit v= on OAuth und OpenID Connect am 27.01 + 28.01.2021 teil: https://www.hackmanit.de/de/schulungen/127-live-online-schulung-single-si= gn-on-sicherheit-oauth-openid-connect-am-27-01-28-01-2021 Hackmanit GmbH Universit=C3=A4tsstra=C3=9Fe 60 (Exzenterhaus) 44789 Bochum Registergericht: Amtsgericht Bochum, HRB 14896 Gesch=C3=A4ftsf=C3=BChrer: Prof. Dr. J=C3=B6rg Schwenk, Prof. Dr. Juraj S= omorovsky, Dr. Christian Mainka, Dr. Marcus Niemietz --------------DCD17E48F9CC7BA27BF0D591 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable

    +1

    On 08.12.2020 13:50, Rifaat Shekh-Yuse= f wrote:
    All,

    This is a call for adoption for the following AS Issuer Identifier in Authorization Response as a WG document:
    https://datatracker.ietf.org/doc/draft= -meyerzuselhausen-oauth-iss-auth-resp/

    Please, provide your feedback on the mailing list by Dec 22nd.
    Regards,
    =C2=A0Rifaat & Hannes

    ____________________________=
___________________
OAuth mailing list
OAut=
h@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

    --=20
Karsten Meyer zu Selhausen
IT Security Consultant
Phone:	+49 (0)234 / 54456499
Web:	htt=
ps://hackmanit.de | IT Security Consulting, Penetration Testing, Secu=
rity Training

Nehmen Sie an unserer n=C3=A4chsten Live Online-Schulung zur Sicherheit v=
on OAuth und OpenID Connect am 27.01 + 28.01.2021 teil:
https://www.hackmanit.de/de/schulungen/127-l=
ive-online-schulung-single-sign-on-sicherheit-oauth-openid-connect-am-27-=
01-28-01-2021

Hackmanit GmbH
Universit=C3=A4tsstra=C3=9Fe 60 (Exzenterhaus)
44789 Bochum

Registergericht: Amtsgericht Bochum, HRB 14896
Gesch=C3=A4ftsf=C3=BChrer: Prof. Dr. J=C3=B6rg Schwenk, Prof. Dr. Juraj S=
omorovsky, Dr. Christian Mainka, Dr. Marcus Niemietz
    --------------DCD17E48F9CC7BA27BF0D591-- --aLCfC5LQjJmISpp43BF31ojW6O9n2PkwM-- --lFp6ATjilRAfqHPW1C9sqeIv64lTxNy3c Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="OpenPGP_signature" -----BEGIN PGP SIGNATURE----- wsF5BAABCAAjFiEEDtqqxgHePX8hI3D4RTXA59sW8UgFAl/Pks0FAwAAAAAACgkQRTXA59sW8Ui/ aw/+JfAcT11svyTGQYDc8HX0RcaBJNz/kgc8gWe1rI8xrWF98r9fhgNFWVq1H3HEuwnTFP5YwMRu 9EHGdGwRO0Yu6PQRsOPDpMIOH4m0XFMluPu6Us/rtWnkUXWAaU6vhzEPZ6lUR+fAZqmNdSjgFCpJ ummRry8DjLu5+ABAEi3vROH3EWDF/PV8iyJnRo/idtCH4A6m7KBafy8vS1NtQVoHdGn9j5t5cunS I/avVcxBKNx/CctDCt1Jiu6l5Mvt06oeBZlK0xusp2wyJ8K2B6BNSKvfX8IFd9uDiO5DfY6/Kksg 2eYIpPvSYd2T3UAFAsF2icAthXwYj+mepX8BmEtUbb5QCTQtAygCTR/OdEDMnuBRkijZs05hhhS5 aw60+yNUcyJVn5BfxvPcRhhHQxmzovX/MLnlDhBDK8bLKRZ2GtO2nL6bPhMj/wDwHw5i6TE9zGwy ZjrV44rWVWJ5aL6UxGlImeaelp5mp5DemK6eTbAP446HtAZtl8XXMsOQCgcOkyVrLyhaKqvTXC1L 5ocHyjoCR0Mezjbm8Lp5c1wwVJwRLJSeNjzOT2CS5FA9pFodYfbgjE/xu4GURIKlPlk0FsE4Hh3Z Q69Syr17PK9TkmfoHdJLRoHk/xVkElG9/GMm7vOHXufkJrfQDEUSis/6QosKs6j5IlZUSkE/zH6p Aww= =l2A+ -----END PGP SIGNATURE----- --lFp6ATjilRAfqHPW1C9sqeIv64lTxNy3c-- From nobody Tue Dec 8 07:13:07 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2D1C43A0F5E for ; Tue, 8 Dec 2020 07:13:06 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.098 X-Spam-Level: X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=pingidentity.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HEIH5I96dj3u for ; Tue, 8 Dec 2020 07:13:04 -0800 (PST) Received: from mail-lj1-x22a.google.com (mail-lj1-x22a.google.com [IPv6:2a00:1450:4864:20::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 874EA3A0F61 for ; Tue, 8 Dec 2020 07:13:04 -0800 (PST) Received: by mail-lj1-x22a.google.com with SMTP id f11so8092474ljn.2 for ; Tue, 08 Dec 2020 07:13:04 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=dInZj9jYX2SaaMHRgolr6tOqjv/vnGarJn0MMmT8ezc=; b=LNDOOU7ePGvDB3iGzmhVX3zbvewCPGzZ6vc7CBK8a/190HnUF/2gdruRcZOhaGabYU lrQN86Reg+CLy9F/CTOp1IqneNiEzot5EdM/rTZK1XthWcCokOwqS12B3OHrb5+hNp7i RD58hq/ARXBDJOs8JXNBxM/0WLeHt8o0PCJaES42bUKk6iR7CGj4I6QG5tF4efBou/lx c9s+T3Srbeq28IgwmduUCa2GcD1t1MVH4yLiW6IKxTYn0ckVq1ePGGtzItQ0+Ch3qB3z 0j9eGmXImXXDlrEtP68t3eC0vrPwctmE/+/IieZI3d0RMdE7CYxR1i0zXxgQbrp7BANp U28w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=dInZj9jYX2SaaMHRgolr6tOqjv/vnGarJn0MMmT8ezc=; b=CXCAm/Feq0plwgcNqPgkvYHjHULUPkmbti2yldKeIlX+bPkO3DTW5b4neTa2Lq8YIW dbAemQ3ot85YZS/8aPRjxDMIXMSnhi7aSbNQjLJVbSHpeoooC3d+cecKeeipYyWQlBmC vg8Pu00W0PFQRKpHkYbHhtJwm4OzPdn+opEJMETnNsRBtZZZfjATFtACifo6U4bLb+GT gJ2mlB0DYVgsz2mQGj9pI7iG55m5Hr9ATEw6NSTrAKfZv8TQaNYKkC5KN2/JjdcaDF8b kuF1dRZIUVfORB9I03YqpbjIKqbTOuNi14yqXUS9rwP4lvDOV2KhxZftI9aF9iGcBOzo nlLw== X-Gm-Message-State: AOAM533Vwk/PVqCWChv4Uy2xLV2n6L4obmQ5Q6ChOU7I3lMOF5M5yUuV w0DEE2wYgOscShXktIuW8FWW9CXqqTEKcOAkTv/RCxhk2xnTyyyGxuOUcU056DqoPSdO9xYNB4Z bcScgeWquyJZEGQ== X-Google-Smtp-Source: ABdhPJwUdG7wJWXH6S5Z2M5TUj/45HBcskex9eL6U4Ko97pOYqo43Gb5TS7tQ3YKfYqrt9D/PaX5ZSrFCJU0lr2Bbgc= X-Received: by 2002:a2e:9248:: with SMTP id v8mr10909881ljg.114.1607440382513; Tue, 08 Dec 2020 07:13:02 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: From: Brian Campbell Date: Tue, 8 Dec 2020 08:12:36 -0700 Message-ID: To: Rifaat Shekh-Yusef Cc: oauth Content-Type: multipart/alternative; boundary="000000000000ff7dea05b5f560d9" Archived-At: Subject: Re: [OAUTH-WG] Call for Adoption - AS Issuer Identifier in Authorization Response X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Dec 2020 15:13:06 -0000 --000000000000ff7dea05b5f560d9 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable support adoption On Tue, Dec 8, 2020 at 5:51 AM Rifaat Shekh-Yusef wrote: > All, > > This is a call for adoption for the following AS Issuer Identifier in > Authorization Response as a WG document: > > https://datatracker.ietf.org/doc/draft-meyerzuselhausen-oauth-iss-auth-re= sp/ > > Please, provide your feedback on the mailing list by Dec 22nd. > > Regards, > Rifaat & Hannes > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > --=20 _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged= =20 material for the sole use of the intended recipient(s). Any review, use,=20 distribution or disclosure by others is strictly prohibited.=C2=A0 If you h= ave=20 received this communication in error, please notify the sender immediately= =20 by e-mail and delete the message and any file attachments from your=20 computer. Thank you._ --000000000000ff7dea05b5f560d9 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
    support adoption

    =
    On Tue, Dec 8, 2020 at 5:51 AM Rifaat= Shekh-Yusef <rifaat.s.ietf@g= mail.com> wrote:
    All,

    This is a call for adoption for the fo= llowing AS Issuer Identifier in Authorization Response as a WG document:https://datatracker.ietf.org/doc/draft-mey= erzuselhausen-oauth-iss-auth-resp/

    Please, provide your feedback= on the mailing list by Dec 22nd.

    Regards,
    =C2=A0Rifaat & Han= nes
    _______________________________________________
    OAuth mailing list
    OAuth@ietf.org
    https://www.ietf.org/mailman/listinfo/oauth

    <= span style=3D"margin:0px;padding:0px;border:0px;outline:0px;vertical-align:= baseline;background:transparent;font-family:proxima-nova-zendesk,system-ui,= -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ub= untu,Cantarell,"Helvetica Neue",Arial,sans-serif;font-weight:600"= >CONFIDENTIALITY NOTICE: This email may contain confidenti= al and privileged material for the sole use of the intended recipient(s). A= ny review, use, distribution or disclosure by others is strictly prohibited= .=C2=A0 If you have received this communication in error, please notify the= sender immediately by e-mail and delete the message and any file attachmen= ts from your computer. Thank you. --000000000000ff7dea05b5f560d9-- From nobody Tue Dec 8 07:14:39 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2987A3A0F74 for ; Tue, 8 Dec 2020 07:14:38 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.739 X-Spam-Level: X-Spam-Status: No, score=-1.739 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=momentumft.co.uk Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Z3LoKgETIZ5z for ; Tue, 8 Dec 2020 07:14:35 -0800 (PST) Received: from mail-ed1-x52a.google.com (mail-ed1-x52a.google.com [IPv6:2a00:1450:4864:20::52a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 211383A0F61 for ; Tue, 8 Dec 2020 07:14:35 -0800 (PST) Received: by mail-ed1-x52a.google.com with SMTP id v22so17920169edt.9 for ; Tue, 08 Dec 2020 07:14:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=momentumft.co.uk; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=mCIC3i/vm0UH8j93j7sz4NxMekilaXsI+yYYRRBJ6Tc=; b=ITkESVQQeDqCQ11CDMW2Tant44PiOYWKIu6knksNPrKpajXBeqPOmYXGAU5+8M5uPy HbPb864n6I7vDsiva8JEskoshab8nA6aDrO8HKq5xwTErh0EWpJ412D5zJLNydHJe015 7WfsAnesTrKIb0RdUB67P3zyED8lRTDa7FMUA= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=mCIC3i/vm0UH8j93j7sz4NxMekilaXsI+yYYRRBJ6Tc=; b=SdhO76Kh0YeGvDqwRyo2nG041jXyqyzoKEPZwUM3r2XxyxUCSib3RAqZzB7E/6rpsK PUXiZF2aZkUqVaqeL2/KGSO5kr3PXPbQyiltdJk/2WSkennE1V3uU1E0R/fnxvLSD69N JjQCN/EblNvg4RnAHsLtzn7rVSr1+DkXbkmwr0j0u1EDqp23ThOY/DOlAsde/iTDUt0k A9WR1WZ7P83cnu0Qe8a4oVw2BUWJZgP1LZVHw0X+A7G6agG2FQJMW8y0aHuVZcgKfiGT ywEYR36doVtMvD102RLqrEwnQls/i08QPATMh2k802zemy0S5As6B8H5vYJL82E9imxT WXbA== X-Gm-Message-State: AOAM530WWJgKqr74LoOPR9UPgFagSRWrmkE0GPZkKqJx8/OrknzOHsyl cLCFZNBCo48PCcDW5+i8emGN/N3+un+D9Vm3T4uU8BWTOs25ZoB/fWEPqJ6+hpN3TrPQYRYDY5z k2DcL91pb3czilPhJ51ZxOw== X-Google-Smtp-Source: ABdhPJzpUaK3MUlS/F4bFgYA/DGnL2qOr5Go1a5OLarhOkBiTN88EQuk24DCMkhKPUWRZFgdI3tGKCgNg8UyCK9DEuI= X-Received: by 2002:a50:e00b:: with SMTP id e11mr25072375edl.303.1607440473107; Tue, 08 Dec 2020 07:14:33 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: From: Dave Tonge Date: Tue, 8 Dec 2020 16:14:21 +0100 Message-ID: To: oauth Content-Type: multipart/alternative; boundary="00000000000065c61805b5f566df" Archived-At: Subject: Re: [OAUTH-WG] Call for Adoption - AS Issuer Identifier in Authorization Response X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Dec 2020 15:14:38 -0000 --00000000000065c61805b5f566df Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable I support adoption On Tue, 8 Dec 2020 at 13:51, Rifaat Shekh-Yusef wrote: > All, > > This is a call for adoption for the following AS Issuer Identifier in > Authorization Response as a WG document: > > https://datatracker.ietf.org/doc/draft-meyerzuselhausen-oauth-iss-auth-re= sp/ > > Please, provide your feedback on the mailing list by Dec 22nd. > > Regards, > Rifaat & Hannes > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > --=20 Dave Tonge CTO [image: Moneyhub Enterprise] Moneyhub Financial Technology, 5th Floor, 10 Temple Back, Bristol, BS1 6FL t: +44 (0)117 280 5120 Moneyhub Enterprise is a trading style of Moneyhub Financial Technology Limited which is authorised and regulated by the Financial Conduct Authority ("FCA"). Moneyhub Financial Technology is entered on the Financial Services Register (FRN 809360) at fca.org.uk/register. Moneyhub Financial Technology is registered in England & Wales, company registration number 06909772 . Moneyhub Financial Technology Limited 2018 =C2=A9 DISCLAIMER: This email (including any attachments) is subject to copyright, and the information in it is confidential. Use of this email or of any information in it other than by the addressee is unauthorised and unlawful. Whilst reasonable efforts are made to ensure that any attachments are virus-free, it is the recipient's sole responsibility to scan all attachments for viruses. All calls and emails to and from this company may be monitored and recorded for legitimate purposes relating to this company's business. Any opinions expressed in this email (or in any attachments) are those of the author and do not necessarily represent the opinions of Moneyhub Financial Technology Limited or of any other group company. --=20 Moneyhub Enterprise is a trading style of Moneyhub Financial Technology=20 Limited which is authorised and regulated by the Financial Conduct=20 Authority ("FCA"). Moneyhub Financial Technology is entered on the=20 Financial Services Register (FRN 809360) at https://register.fca.org.uk/=20 . Moneyhub Financial Technology is registered= =20 in England & Wales, company registration number 06909772. Moneyhub=20 Financial Technology Limited 2020 =C2=A9 Moneyhub Enterprise, Regus Buildin= g,=20 Temple Quay, 1 Friary, Bristol, BS1 6EA.=C2=A0 DISCLAIMER: This email=20 (including any attachments) is subject to copyright, and the information in= =20 it is confidential. Use of this email or of any information in it other=20 than by the addressee is unauthorised and unlawful. Whilst reasonable=20 efforts are made to ensure that any attachments are virus-free, it is the= =20 recipient's sole responsibility to scan all attachments for viruses. All=20 calls and emails to and from this company may be monitored and recorded for= =20 legitimate purposes relating to this company's business. Any opinions=20 expressed in this email (or in any attachments) are those of the author and= =20 do not necessarily represent the opinions of Moneyhub Financial Technology= =20 Limited or of any other group company. --00000000000065c61805b5f566df Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
    I support adoption

    On Tue, 8 Dec 2020 at 13:51, Rifaa= t Shekh-Yusef <rifaat.s.ietf@= gmail.com> wrote:
    All,

    This is a call for adoption for the= following AS Issuer Identifier in Authorization Response as a WG document:=
    https://datatracker.ietf.org/doc/draft-= meyerzuselhausen-oauth-iss-auth-resp/

    Please, provide your feedb= ack on the mailing list by Dec 22nd.

    Regards,
    =C2=A0Rifaat & = Hannes
    _______________________________________________
    OAuth mailing list
    OAuth@ietf.org
    https://www.ietf.org/mailman/listinfo/oauth


    --
    Da= ve Tonge
    CTO
    3D"Moneyhub
    Moneyhub Financial Technology, 5th Fl= oor, 10 Temple Back, Bristol, BS1 6FL
    t:=C2=A0+44 (0)117 280 512= 0

    Moneyhub = Enterprise is a trading style of Moneyhub Financial Technology Limited whic= h is authorised and regulated by the Financial Conduct Authority ("FCA= ").=C2=A0Moneyhub Financial Technology is entered on the Financial Ser= vices Register=C2=A0(FRN=C2=A0809360) at fca.= org.uk/register. Moneyhub=C2=A0Financial Technology is registered in England &= ; Wales, company registration number=C2=A0=C2=A006909772=C2=A0.<= /span>
    Moneyhub=C2=A0Financial Technology L= imited 2018=C2=A0=C2=A9<= /div>

    DISCLAIMER: This email (including any attachments) is subject to co= pyright, and the information in it is confidential. Use of this email or of= any information in it other than by the addressee is unauthorised and unla= wful. Whilst reasonable efforts are made to ensure that any attachments are= virus-free, it is the recipient's sole responsibility to scan all atta= chments for viruses. All calls and emails to and from this company may be m= onitored and recorded for legitimate purposes relating to this company'= s business. Any opinions expressed in this email (or in any attachments) ar= e those of the author and do not necessarily represent the opinions of Mone= yhub Financial Technology Limited or of any other group company.
    <= /div>

    Moneyhub Enterprise is a trading style of Moneyhub Financi= al Technology Limited which is authorised and regulated by the Financial Co= nduct Authority ("FCA"). Moneyhub Financial Technology is entered= on the Financial Services Register (FRN 809360) at https://register.fca.org.uk/. Moneyhub Financial Technology is registered in England & Wales,= company registration number 06909772. Moneyhub Financial Technology Limite= d 2020 =C2=A9 Moneyhub Enterprise, Regus Building, Temple Quay, 1 Friary, B= ristol, BS1 6EA.=C2=A0

    = DISCLAIMER: This email (including any attachments) is subjec= t to copyright, and the information in it is confidential. Use of this emai= l or of any information in it other than by the addressee is unauthorised a= nd unlawful. Whilst reasonable efforts are made to ensure that any attachme= nts are virus-free, it is the recipient's sole responsibility to scan a= ll attachments for viruses. All calls and emails to and from this company m= ay be monitored and recorded for legitimate purposes relating to this compa= ny's business. Any opinions expressed in this email (or in any attachme= nts) are those of the author and do not necessarily represent the opinions = of Moneyhub Financial Technology Limited or of any other group company.


    --00000000000065c61805b5f566df-- From nobody Tue Dec 8 09:29:10 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 34F883A1050 for ; Tue, 8 Dec 2020 09:29:09 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.099 X-Spam-Level: X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mitre.org Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YX_MeDfnNR0C for ; Tue, 8 Dec 2020 09:29:07 -0800 (PST) Received: from smtpvbsrv1.mitre.org (smtpvbsrv1.mitre.org [198.49.146.234]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9203A3A105A for ; Tue, 8 Dec 2020 09:29:07 -0800 (PST) Received: from smtpvbsrv1.mitre.org (localhost.localdomain [127.0.0.1]) by localhost (Postfix) with SMTP id 4EDB5332015; Tue, 8 Dec 2020 12:29:06 -0500 (EST) Received: from smtprhbv1.mitre.org (unknown [129.83.19.196]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtpvbsrv1.mitre.org (Postfix) with ESMTPS id EA91233200E; Tue, 8 Dec 2020 12:29:05 -0500 (EST) Received: from mbfesmtp-mgt.mitre.org (mbfesmtp-in.mitre.org [198.49.146.235]) by smtprhbv1.mitre.org (Postfix) with ESMTP id DD24880C453; Tue, 8 Dec 2020 12:29:05 -0500 (EST) Received: by mbfesmtp-mgt.mitre.org (Postfix, from userid 600) id 4Cr6c16Mkgz3D4F4; Tue, 8 Dec 2020 17:28:30 +0000 (UTC) Received: from GCC02-DM3-obe.outbound.protection.outlook.com (mail-dm3gcc02lp2106.outbound.protection.outlook.com [104.47.65.106]) by mbfesmtp-mgt.mitre.org (Postfix) with ESMTPS id 4Cr6bK49ySz3D4JK; Tue, 8 Dec 2020 17:28:29 +0000 (UTC) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=CNDK38YBZbq7fKfghLD+Q9vG/kOXXjI21X5t3IP4HMdXPwE1ZiWcv0P14JakFeqFc6rot4AQqTgUd20vFq7ZiiLCJFT23D5QrJ2ZN7tSp8XgkuoiDrPYAlnpbK7Tb+O3+8AjDynmB+o8/ob18OQLVEOs3CLCCFHDHYBoetIHWRL8UDAFTvMl5BN3EldgMaG4tPLSfJFMab0Gk8BdFHbAXIpagaZ4D3/I/sCPE5XNbAr+qjvm6ppme7rZbSEnS7I3lpQZwahGtoVW3b962xkIOvDqmDYw1QvkFAKvz7tX7tsbvM53nWFVQY+zb523OFCNgePS7kwPzYQhkUo08kyUQQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=bVSZbtpmWBoEhbnjZOw1ypU3RYqdtfIPr5Oh/OkqNa8=; b=CIluk8iteZfo023rQPVvBYhWzjNulFt8x9b6pk4SghKMWPvSH672SO08ZPrxPf7W46+y5m9s8w7T/O5j55IKIqzya8xeEPDQfvwXpIgKmlde8SCUIWEv3XBi5mBWvjDR0/9Hi+xlDmfjgOMzguDEV7FyMFHAbZyej48dXXFm3jO8lqPmEb/lPizWB4D+dLClSbk3V0JRKiMPgZY1MOBb5h9A+KfeyUyVLH7RCpebSp1/CjJptcxnk5q1RxYpOC2X7Ht9gKwxpI08JUHwNjkdT1xuEyg8M6W6E8aGWJlOvolXM+at46pl8anlyczhlf5oOyZHlQeIsk9wb9bJckbsMw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=mitre.org; dmarc=pass action=none header.from=mitre.org; dkim=pass header.d=mitre.org; arc=none Received: from MN2PR09MB5724.namprd09.prod.outlook.com (2603:10b6:208:213::14) by BLAPR09MB7170.namprd09.prod.outlook.com (2603:10b6:208:2a9::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3632.21; Tue, 8 Dec 2020 17:28:28 +0000 Received: from MN2PR09MB5724.namprd09.prod.outlook.com ([fe80::3d02:236:8c19:c290]) by MN2PR09MB5724.namprd09.prod.outlook.com ([fe80::3d02:236:8c19:c290%3]) with mapi id 15.20.3632.021; Tue, 8 Dec 2020 17:28:23 +0000 From: Michael A Peck To: Rifaat Shekh-Yusef , oauth Thread-Topic: [EXT] [OAUTH-WG] Call for Adoption - AS Issuer Identifier in Authorization Response Thread-Index: AQHWzWDufUB3OFaCmEyX0Jw4kkWOWqntIHoA Date: Tue, 8 Dec 2020 17:28:23 +0000 Message-ID: <2FA1FA35-D14C-41FD-8A4D-3071EADDEF9C@mitre.org> References: <27322_1607431860_5FCF76B0_27322_368_1_CADNypP9D1G94LuPcgczSVYL+0KyMYoAK_s3H4JZK80Bj2mJKtA@mail.gmail.com> In-Reply-To: <27322_1607431860_5FCF76B0_27322_368_1_CADNypP9D1G94LuPcgczSVYL+0KyMYoAK_s3H4JZK80Bj2mJKtA@mail.gmail.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/16.43.20110804 authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=mitre.org; x-originating-ip: [192.80.55.88] x-ms-publictraffictype: Email x-ms-office365-filtering-ht: Tenant x-ms-office365-filtering-correlation-id: 9d09771d-13b5-44df-fc6d-08d89b9ea9fe x-ms-traffictypediagnostic: BLAPR09MB7170: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:4714; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 9inE/g/h4VTBp2wbgIqfShprK6OZqSrnMgHBZpae30s4jnD+w5qzH2k5UpVGBuheQfM3c2vSv3qSlTcUogNZylU++6V6viqaFfot8Wk8fxcUK/FyawPAyw+pS24dH43PwNVPKo02JN/cEV+TKiVLYIib/8ZlB+KkgtZsgyzJ6/KO8HdhudLm0CTZ/KedgVC8uI4HEnFNU1HNtdWi8z5V8T7C+/rcipnt8gGlbYtXx41eqf+kLo9/mIV9BAQtWjgjev8t2FwoRZ7Qv3vXfKERo2N9ZDVbFLh5l0kTX5qZRS15uaafxz3Eb94wBPtgz01TSJGjndN/0QXAf13d66ujxOGZbXCaBF2RLgsEG0kqISKNcJ/QWKr0EEBDwMJdhxY3882dUvkC+8TeWhSW2W4MKUeUIFBmRMGYgNzyJfxlxSE0em4d9ZZVyTjCIQ2KJPXcROHWP2g4/QO5rlYwMJt5kQ== x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR09MB5724.namprd09.prod.outlook.com; PTR:; CAT:NONE; SFS:(366004)(376002)(136003)(346002)(4744005)(33656002)(166002)(8676002)(6506007)(966005)(186003)(66556008)(6486002)(5660300002)(66476007)(36756003)(53546011)(110136005)(66946007)(76116006)(71200400001)(86362001)(64756008)(66446008)(508600001)(6512007)(26005)(2616005)(8936002)(2906002)(45980500001); DIR:OUT; SFP:1101; x-ms-exchange-antispam-messagedata: =?utf-8?B?b1NYemV5bEhxSDEwbUdlazRMdUlzTWQzcUR2Nk41bzluSXQvVGdhVk1USmdN?= =?utf-8?B?dC9JSEJIYXVsekJjNXc0RzBCd1BNaGxOKys3cFdib1VLZENQSGFJTmg5eUxi?= =?utf-8?B?Zy9IVW9WckpTVHpUSjQ4dklSSjZsRXpTaGE3dS9uNzJoT0UyT25ZNVh0VDFm?= =?utf-8?B?d0szVlJhZmFoTnpTY1ZvYjZGUmtQS241SS9UazBQaGdwTGJDY1pISXNwbnVQ?= =?utf-8?B?L1krQ3BwUWJBeTBtT0FVMXBLdXIreEh2a0FOZ0Yyb3Z4clYzeWtEL0gveFJU?= =?utf-8?B?bm5mdGNSY0R1WmgzcjJCVFJEK3hUZzk3ejRhUFM2R21QNzl4N003Q1NxSnBu?= =?utf-8?B?TEF0Q0J1WUVoeWhjVUtaYXM1aFJ5OG5lUjlkcmFrVVdxZUtZczhrclZSMDFy?= =?utf-8?B?Qmh5VXJGUVVCRjM2WDl0b2EwWUFodmxmQzBTYTUvS0FjYTZVR1g2NGUvV0pw?= =?utf-8?B?bE93ZHpnL1Q3T2NUV0FxSURHejVTMUVuR1F5NUw1VWQrTE15NmN0Tzg1Yk4y?= =?utf-8?B?TXQxelBSZzJ4YW5OeGxHclNLRjM4VUw2YTdIbG5BODkyRXFrWFkvMjVZMktk?= =?utf-8?B?bkw4bnk4U0poVit3Q1Zwa0lWQ21sZWpwOTJPUThBdjFrQ2NPTU9lU0pGbDk2?= =?utf-8?B?YzU5L0tHLzE4SXQrZTMrT1NLT3AvS1dLUDQ4bGg3RlFBYitTNTNtYXRta04v?= =?utf-8?B?YnM3eE96djExRER5eHNOanNQTWtEZFdYNFBXS1FPME0wY0ZITktRdG5NYitj?= =?utf-8?B?VERqSGVWVTBnc3g0T3pPWTg4bDJKSzhSdjFnc3gxajdzODh2TFJBZE0xSzJk?= =?utf-8?B?UExqUHFBNlJtem11cTZXZDZhNENRNFBQSVJXSEhQRHVvdWhZd1hqeGd2MjNF?= =?utf-8?B?UGxkY3ZYY1lmUFY1RkJtc3RUR3NPNkVERExuOGpaVndwMVFyUEpabi8xQXJ4?= =?utf-8?B?aysrdTZUcHdqSG8wdWQ5K3Rzc1ppNkxIbmZUU2hQbmdaRUZIMVQ5dVhuTWNa?= =?utf-8?B?TElCQm5WTVJvUWp1WFhOMVVXd3NvbnFqZ3kxZ3lqeTJiK1hESklqMTRncTR0?= =?utf-8?B?NjBXSW9jWWdmbU1JRTFwY2N4ZzZhTWNpV2dldnNRbmRrcXY4SllzK0Z0amxB?= =?utf-8?B?VnFORnd4N0pTVkVHOG85NXVxYTgrL3UrRkowWWZIaEFBNURMZnU3dUJwVDV2?= =?utf-8?B?TjAveFlxMjhCY3hiZURqa3Jvb2lFeFpyUGxwcGw4QnJGa0JyS1dpOVYvZnMr?= =?utf-8?B?ZWpoRGZrQU1xaDZ4RU9McUNmVDdRcXFqYUhWcVBMWFViNVNIQ2ZnUCtjdFNY?= =?utf-8?Q?H4EpragjUwiEk40dfPNeJBDJybTYEydUqV?= x-ms-exchange-transport-forked: True Content-Type: multipart/alternative; boundary="_000_2FA1FA35D14C41FD8A4D3071EADDEF9Cmitreorg_" MIME-Version: 1.0 X-OriginatorOrg: mitre.org X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: MN2PR09MB5724.namprd09.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 9d09771d-13b5-44df-fc6d-08d89b9ea9fe X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Dec 2020 17:28:23.1346 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: c620dc48-1d50-4952-8b39-df4d54d74d82 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: XzB/K9s06BgZR3ovksIvCjQR5LOopFCOJBYbA9OhyntlIXsow1Bl9lxYAhH2lYiY X-MS-Exchange-Transport-CrossTenantHeadersStamped: BLAPR09MB7170 X-MITRE: 8GQsMWxq66rxk57w DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mitre.org; h=from:to:subject:date:message-id:references:in-reply-to:content-type:mime-version; s=selector1; bh=bVSZbtpmWBoEhbnjZOw1ypU3RYqdtfIPr5Oh/OkqNa8=; b=ODBTo016bK4Ry934B2GwdFl+PlUDYNYiBHbZeK4yNgvM1z6DkYIlL5OH/X7nKiaIA1W7RCIBv3ZFBBbFaywqDPOTLVpEbxUKZ/qFMuHbav/dZ30Hy5B9TbKQyw61e0IMRzY++etiIw2lBY9REklAu9nzJM2XcBswP0KShuWfckM= Archived-At: Subject: Re: [OAUTH-WG] [EXT] Call for Adoption - AS Issuer Identifier in Authorization Response X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Dec 2020 17:29:09 -0000 --_000_2FA1FA35D14C41FD8A4D3071EADDEF9Cmitreorg_ Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 SSBzdXBwb3J0IHdvcmtpbmcgZ3JvdXAgYWRvcHRpb24gb2YgdGhpcyBkcmFmdC4NCg0KRnJvbTog T0F1dGggPG9hdXRoLWJvdW5jZXNAaWV0Zi5vcmc+IG9uIGJlaGFsZiBvZiBSaWZhYXQgU2hla2gt WXVzZWYgPHJpZmFhdC5zLmlldGZAZ21haWwuY29tPg0KRGF0ZTogVHVlc2RheSwgRGVjZW1iZXIg OCwgMjAyMCBhdCA3OjUyIEFNDQpUbzogIm9hdXRoQGlldGYub3JnIiA8b2F1dGhAaWV0Zi5vcmc+ DQpTdWJqZWN0OiBbRVhUXSBbT0FVVEgtV0ddIENhbGwgZm9yIEFkb3B0aW9uIC0gQVMgSXNzdWVy IElkZW50aWZpZXIgaW4gQXV0aG9yaXphdGlvbiBSZXNwb25zZQ0KDQpBbGwsDQoNClRoaXMgaXMg YSBjYWxsIGZvciBhZG9wdGlvbiBmb3IgdGhlIGZvbGxvd2luZyBBUyBJc3N1ZXIgSWRlbnRpZmll ciBpbiBBdXRob3JpemF0aW9uIFJlc3BvbnNlIGFzIGEgV0cgZG9jdW1lbnQ6DQpodHRwczovL2Rh dGF0cmFja2VyLmlldGYub3JnL2RvYy9kcmFmdC1tZXllcnp1c2VsaGF1c2VuLW9hdXRoLWlzcy1h dXRoLXJlc3AvDQoNClBsZWFzZSwgcHJvdmlkZSB5b3VyIGZlZWRiYWNrIG9uIHRoZSBtYWlsaW5n IGxpc3QgYnkgRGVjIDIybmQuDQoNClJlZ2FyZHMsDQogUmlmYWF0ICYgSGFubmVzDQo= --_000_2FA1FA35D14C41FD8A4D3071EADDEF9Cmitreorg_ Content-Type: text/html; charset="utf-8" Content-ID: <9CF9C24EB99DAF46B4B2903F3A756549@namprd09.prod.outlook.com> Content-Transfer-Encoding: base64 PGh0bWwgeG1sbnM6bz0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6b2ZmaWNlIiB4 bWxuczp3PSJ1cm46c2NoZW1hcy1taWNyb3NvZnQtY29tOm9mZmljZTp3b3JkIiB4bWxuczptPSJo dHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS8yMDA0LzEyL29tbWwiIHhtbG5zPSJo dHRwOi8vd3d3LnczLm9yZy9UUi9SRUMtaHRtbDQwIj4NCjxoZWFkPg0KPG1ldGEgaHR0cC1lcXVp dj0iQ29udGVudC1UeXBlIiBjb250ZW50PSJ0ZXh0L2h0bWw7IGNoYXJzZXQ9dXRmLTgiPg0KPG1l dGEgbmFtZT0iR2VuZXJhdG9yIiBjb250ZW50PSJNaWNyb3NvZnQgV29yZCAxNSAoZmlsdGVyZWQg bWVkaXVtKSI+DQo8c3R5bGU+PCEtLQ0KLyogRm9udCBEZWZpbml0aW9ucyAqLw0KQGZvbnQtZmFj ZQ0KCXtmb250LWZhbWlseToiQ2FtYnJpYSBNYXRoIjsNCglwYW5vc2UtMToyIDQgNSAzIDUgNCA2 IDMgMiA0O30NCkBmb250LWZhY2UNCgl7Zm9udC1mYW1pbHk6Q2FsaWJyaTsNCglwYW5vc2UtMToy IDE1IDUgMiAyIDIgNCAzIDIgNDt9DQovKiBTdHlsZSBEZWZpbml0aW9ucyAqLw0KcC5Nc29Ob3Jt YWwsIGxpLk1zb05vcm1hbCwgZGl2Lk1zb05vcm1hbA0KCXttYXJnaW46MGluOw0KCWZvbnQtc2l6 ZToxMS4wcHQ7DQoJZm9udC1mYW1pbHk6IkNhbGlicmkiLHNhbnMtc2VyaWY7fQ0KYTpsaW5rLCBz cGFuLk1zb0h5cGVybGluaw0KCXttc28tc3R5bGUtcHJpb3JpdHk6OTk7DQoJY29sb3I6Ymx1ZTsN Cgl0ZXh0LWRlY29yYXRpb246dW5kZXJsaW5lO30NCnNwYW4uRW1haWxTdHlsZTE4DQoJe21zby1z dHlsZS10eXBlOnBlcnNvbmFsLXJlcGx5Ow0KCWZvbnQtZmFtaWx5OiJDYWxpYnJpIixzYW5zLXNl cmlmOw0KCWNvbG9yOndpbmRvd3RleHQ7fQ0KLk1zb0NocERlZmF1bHQNCgl7bXNvLXN0eWxlLXR5 cGU6ZXhwb3J0LW9ubHk7DQoJZm9udC1zaXplOjEwLjBwdDt9DQpAcGFnZSBXb3JkU2VjdGlvbjEN Cgl7c2l6ZTo4LjVpbiAxMS4waW47DQoJbWFyZ2luOjEuMGluIDEuMGluIDEuMGluIDEuMGluO30N CmRpdi5Xb3JkU2VjdGlvbjENCgl7cGFnZTpXb3JkU2VjdGlvbjE7fQ0KLS0+PC9zdHlsZT4NCjwv aGVhZD4NCjxib2R5IGxhbmc9IkVOLVVTIiBsaW5rPSJibHVlIiB2bGluaz0icHVycGxlIiBzdHls ZT0id29yZC13cmFwOmJyZWFrLXdvcmQiPg0KPGRpdiBjbGFzcz0iV29yZFNlY3Rpb24xIj4NCjxw IGNsYXNzPSJNc29Ob3JtYWwiPkkgc3VwcG9ydCB3b3JraW5nIGdyb3VwIGFkb3B0aW9uIG9mIHRo aXMgZHJhZnQuPG86cD48L286cD48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpwPiZuYnNw OzwvbzpwPjwvcD4NCjxkaXYgc3R5bGU9ImJvcmRlcjpub25lO2JvcmRlci10b3A6c29saWQgI0I1 QzRERiAxLjBwdDtwYWRkaW5nOjMuMHB0IDBpbiAwaW4gMGluIj4NCjxwIGNsYXNzPSJNc29Ob3Jt YWwiPjxiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTIuMHB0O2NvbG9yOmJsYWNrIj5Gcm9tOiA8 L3NwYW4+PC9iPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTIuMHB0O2NvbG9yOmJsYWNrIj5PQXV0 aCAmbHQ7b2F1dGgtYm91bmNlc0BpZXRmLm9yZyZndDsgb24gYmVoYWxmIG9mIFJpZmFhdCBTaGVr aC1ZdXNlZiAmbHQ7cmlmYWF0LnMuaWV0ZkBnbWFpbC5jb20mZ3Q7PGJyPg0KPGI+RGF0ZTogPC9i PlR1ZXNkYXksIERlY2VtYmVyIDgsIDIwMjAgYXQgNzo1MiBBTTxicj4NCjxiPlRvOiA8L2I+JnF1 b3Q7b2F1dGhAaWV0Zi5vcmcmcXVvdDsgJmx0O29hdXRoQGlldGYub3JnJmd0Ozxicj4NCjxiPlN1 YmplY3Q6IDwvYj5bRVhUXSBbT0FVVEgtV0ddIENhbGwgZm9yIEFkb3B0aW9uIC0gQVMgSXNzdWVy IElkZW50aWZpZXIgaW4gQXV0aG9yaXphdGlvbiBSZXNwb25zZTxvOnA+PC9vOnA+PC9zcGFuPjwv cD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+ PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+QWxsLDxicj4NCjxicj4N ClRoaXMgaXMgYSBjYWxsIGZvciBhZG9wdGlvbiBmb3IgdGhlIGZvbGxvd2luZyBBUyBJc3N1ZXIg SWRlbnRpZmllciBpbiBBdXRob3JpemF0aW9uIFJlc3BvbnNlIGFzIGEgV0cgZG9jdW1lbnQ6PGJy Pg0KPGEgaHJlZj0iaHR0cHM6Ly9kYXRhdHJhY2tlci5pZXRmLm9yZy9kb2MvZHJhZnQtbWV5ZXJ6 dXNlbGhhdXNlbi1vYXV0aC1pc3MtYXV0aC1yZXNwLyI+aHR0cHM6Ly9kYXRhdHJhY2tlci5pZXRm Lm9yZy9kb2MvZHJhZnQtbWV5ZXJ6dXNlbGhhdXNlbi1vYXV0aC1pc3MtYXV0aC1yZXNwLzwvYT48 YnI+DQo8YnI+DQpQbGVhc2UsIHByb3ZpZGUgeW91ciBmZWVkYmFjayBvbiB0aGUgbWFpbGluZyBs aXN0IGJ5IERlYyAyMm5kLjxicj4NCjxicj4NClJlZ2FyZHMsPGJyPg0KJm5ic3A7UmlmYWF0ICZh bXA7IEhhbm5lczxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8L2Rpdj4NCjwvYm9keT4NCjwvaHRt bD4NCg== --_000_2FA1FA35D14C41FD8A4D3071EADDEF9Cmitreorg_-- From nobody Tue Dec 8 09:40:40 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C11373A105E for ; Tue, 8 Dec 2020 09:40:31 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.918 X-Spam-Level: X-Spam-Status: No, score=-1.918 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-0.001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hERd5vsyVfUW for ; Tue, 8 Dec 2020 09:40:30 -0800 (PST) Received: from p3plsmtpa12-08.prod.phx3.secureserver.net (p3plsmtpa12-08.prod.phx3.secureserver.net [68.178.252.237]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7E41C3A10A0 for ; Tue, 8 Dec 2020 09:40:30 -0800 (PST) Received: from [192.168.88.250] ([94.155.17.31]) by :SMTPAUTH: with ESMTPSA id mgySk0YE32w3kmgySkKl1Y; Tue, 08 Dec 2020 10:40:29 -0700 X-CMAE-Analysis: v=2.4 cv=beCu7MDB c=1 sm=1 tr=0 ts=5fcfba8d a=+I3yL00+yDwT8KNLgfs+4A==:117 a=+I3yL00+yDwT8KNLgfs+4A==:17 a=q0rX5H01Qin5IyBaTmIA:9 a=48vgC7mUAAAA:8 a=Il_vuG2bGH-TJ8qQF5cA:9 a=QEXdDO2ut3YA:10 a=D8lnhvtxf0AONpHuB7QA:9 a=ZVk8-NSrHBgA:10 a=30ssDGKg3p0A:10 a=w1C3t2QeGrPiZgrLijVG:22 X-SECURESERVER-ACCT: vladimir@connect2id.com To: oauth@ietf.org References: From: Vladimir Dzhuvinov Autocrypt: addr=vladimir@connect2id.com; prefer-encrypt=mutual; keydata= mQENBFQZaoEBCACnP2YMDex9fnf+niLglTHGKuoypUSVKPQeKDHHeFQVzhRke+HBEZBwmA9T kZ+kEhyrNqibDPkPYVPmo23tM8mbNcTVQqpmN7NwgMpqkqcAqNsIyBtt09DjWOQVm57A3K+y uXI7SdNErdt79p2xQseOhqSC9+LgWuyh+mZsl2oFD4glFFfKSCMp2jATXrAMeGzigTnW+Xe0 tRzrwFN9zqykKxhUq9oHg1cNvoDtfxgsc9ysVHbxM/PM8o9lgj3YTQwKMBcCFclTqohji7ML fQ08eQo+acKTwC1WRzeLt9PknGt3C4TmvdCl0c1BQTTTNiF96Hu4kbaiBIbsfxJOR8+VABEB AAG0LFZsYWRpbWlyIER6aHV2aW5vdiA8dmxhZGltaXJAY29ubmVjdDJpZC5jb20+iQE+BBMB AgAoBQJUGWqBAhsjBQkJZgGABgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRAZ0vUyOqri Ql62B/wOO0s2JC/QvO6w9iSsRhCOa/JZi+wO+l01V7eGCQ1cYf1W26Y7iKiUlY4/Kz+cr69D pMtkv3UpDTGejKEfspLUxz5Vo3T4oAKbTtNtVIZL/XxH3/JhJ719Jj4eLoe9/djKkGYTX2O5 bMk8TpO1DDjbIw4r9XKI9ZIk96zlKnZvrg7Ho7oOl0ZIf8AzcvdqZEUogDwyr8uwOU+jIyux mOTthepBzXCNjjBjnc8I1//9YppAIaGJ5nnXelVVD1/dyOszogervzFNANEIOvNvCd9G5u4e s7qkDKWKY7/Lj1tF+tMrDTrOh6JqUKbGNeTUB8DlPvIoNyqHUYfBELdpw1Nd Organization: Connect2id Ltd. Message-ID: <0e74d260-a5ea-223c-3ed0-5a792294b631@connect2id.com> Date: Tue, 8 Dec 2020 19:40:27 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-256; boundary="------------ms050005010006060101020801" X-CMAE-Envelope: MS4xfCWIC4EeMyR00vJNZTPKNTnZTsmWSE5ceIK8ZCA1FLzVshKbP/SeVXE3O7yIQAZaFwg8xPNYe6kbZrP08lJQJARlxLhkqLzZoqc92BdpuJsPB6Kwos9d fcMEqnhPKZIbU6BYhdWVMTvl+d7hnyEvLwWRsXKWj6mFOXl+W2k/kBzv3ZszrjkXF52+NJNMQKq2Sg== Archived-At: Subject: Re: [OAUTH-WG] Call for Adoption - AS Issuer Identifier in Authorization Response X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Dec 2020 17:40:39 -0000 This is a cryptographically signed message in MIME format. --------------ms050005010006060101020801 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Content-Language: en-US Support with both hands! Vladimir On 08/12/2020 14:50, Rifaat Shekh-Yusef wrote: > All, > > This is a call for adoption for the following AS Issuer Identifier in > Authorization Response as a WG document: > https://datatracker.ietf.org/doc/draft-meyerzuselhausen-oauth-iss-auth-= resp/ > > Please, provide your feedback on the mailing list by Dec 22nd. > > Regards, > =C2=A0Rifaat & Hannes --------------ms050005010006060101020801 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADCABgkqhkiG9w0BBwEAAKCC CzMwggUbMIIEA6ADAgECAhBs/e7jES6a32XKZxs4R01iMA0GCSqGSIb3DQEBCwUAMIGWMQsw CQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxm b3JkMRgwFgYDVQQKEw9TZWN0aWdvIExpbWl0ZWQxPjA8BgNVBAMTNVNlY3RpZ28gUlNBIENs aWVudCBBdXRoZW50aWNhdGlvbiBhbmQgU2VjdXJlIEVtYWlsIENBMB4XDTE5MTEwMjAwMDAw MFoXDTIxMTEwMTIzNTk1OVowKDEmMCQGCSqGSIb3DQEJARYXdmxhZGltaXJAY29ubmVjdDJp ZC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG5mL+CcvSppMj/W8Kd0/E 1/y5/s94gmbIFzEugHyMPV2dd6lusiALe35QCtu3e8Wy6FkCwzxWmmzhF4FY/e4uPbDjco3w /GgHhz2KXe385u31c32/uM3jRqhYT5JvmXxte/GgmjcW1yWcPkKEz/sCezdIYpI9Pek+P4Gr xmbt8H+wJrwfrXKTJXXT+gFjCcZDRLm67X4U57TsaCoezTe7zOoPX9zxMTyZD/cvC/SfuVxQ U60ZsfZzdcgPwScgy3JaiPegcbnqqebjJqtRx42eRjrBZ1/u411rHN2QQLgiih7D1/4PJC9f /8nHgaerLy3ogdu1dw5+vQ1TRIYBmcIXAgMBAAGjggHQMIIBzDAfBgNVHSMEGDAWgBQJwPL8 C9qU21/+K9+omULPyeCtADAdBgNVHQ4EFgQU446sriG/NgywLZA2oBG79Yr2qyAwDgYDVR0P AQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwQGCCsGAQUFBwMC MEAGA1UdIAQ5MDcwNQYMKwYBBAGyMQECAQEBMCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8vc2Vj dGlnby5jb20vQ1BTMFoGA1UdHwRTMFEwT6BNoEuGSWh0dHA6Ly9jcmwuc2VjdGlnby5jb20v U2VjdGlnb1JTQUNsaWVudEF1dGhlbnRpY2F0aW9uYW5kU2VjdXJlRW1haWxDQS5jcmwwgYoG CCsGAQUFBwEBBH4wfDBVBggrBgEFBQcwAoZJaHR0cDovL2NydC5zZWN0aWdvLmNvbS9TZWN0 aWdvUlNBQ2xpZW50QXV0aGVudGljYXRpb25hbmRTZWN1cmVFbWFpbENBLmNydDAjBggrBgEF BQcwAYYXaHR0cDovL29jc3Auc2VjdGlnby5jb20wIgYDVR0RBBswGYEXdmxhZGltaXJAY29u bmVjdDJpZC5jb20wDQYJKoZIhvcNAQELBQADggEBAEE73kCtUigl/bhLrqS6AsCU+jKm1fxq BY09+ktBwVcu5WgM18Uov3WvzVnjXn5BNNVM3RwhWFXyW3pPnDPyjqgxcpfoyY5SJEzvcPlu wm69z/dzqasVhsHPIFSjACnUBrFZPsq/abMQr4yFOMVyX/EudYgmZVu2Er9Ui7YbTO1Nolap xlseQIgQhVcr7aSs02PLDANuwW/asgKExYzhPdt9MF1lezj968Mv74kRo1T/lm5RFNfh2QdM 9C0n1t+qRCrRF1VbsiTgChjazgNGbvl12bOAujX0up4hqw+7PaCcI3Mpyv/rKKKrRG52iCcv cMHX344tOqKM/DIdF/0WNpkwggYQMIID+KADAgECAhBNlCwQ1DvglAnFgS06KwZPMA0GCSqG SIb3DQEBDAUAMIGIMQswCQYDVQQGEwJVUzETMBEGA1UECBMKTmV3IEplcnNleTEUMBIGA1UE BxMLSmVyc2V5IENpdHkxHjAcBgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29yazEuMCwGA1UE AxMlVVNFUlRydXN0IFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0xODExMDIwMDAw MDBaFw0zMDEyMzEyMzU5NTlaMIGWMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBN YW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRgwFgYDVQQKEw9TZWN0aWdvIExpbWl0ZWQx PjA8BgNVBAMTNVNlY3RpZ28gUlNBIENsaWVudCBBdXRoZW50aWNhdGlvbiBhbmQgU2VjdXJl IEVtYWlsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjztlApB/975Rrno 1jvm2pK/KxBOqhq8gr2+JhwpKirSzZxQgT9tlC7zl6hn1fXjSo5MqXUfItMltrMaXqcESJuK 8dtK56NCSrq4iDKaKq9NxOXFmqXX2zN8HHGjQ2b2Xv0v1L5Nk1MQPKA19xeWQcpGEGFUUd0k N+oHox+L9aV1rjfNiCj3bJk6kJaOPabPi2503nn/ITX5e8WfPnGw4VuZ79Khj1YBrf24k5Ee 1sLTHsLtpiK9OjG4iQRBdq6Z/TlVx/hGAez5h36bBJMxqdHLpdwIUkTqT8se3ed0PewDch/8 kHPo5fZl5u1B0ecpq/sDN/5sCG52Ds+QU5O5EwIDAQABo4IBZDCCAWAwHwYDVR0jBBgwFoAU U3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFAnA8vwL2pTbX/4r36iZQs/J4K0AMA4G A1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMC BggrBgEFBQcDBDARBgNVHSAECjAIMAYGBFUdIAAwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDov L2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUNlcnRpZmljYXRpb25BdXRob3JpdHku Y3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3Qu Y29tL1VTRVJUcnVzdFJTQUFkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2Nz cC51c2VydHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQBBRHUAqznCFfXejpVtMnFojADd F9d6HBA4kMjjsb0XMZHztuOCtKF+xswhh2GqkW5JQrM8zVlU+A2VP72Ky2nlRA1GwmIPgou7 4TZ/XTarHG8zdMSgaDrkVYzz1g3nIVO9IHk96VwsacIvBF8JfqIs+8aWH2PfSUrNxP6Ys7U0 sZYx4rXD6+cqFq/ZW5BUfClN/rhk2ddQXyn7kkmka2RQb9d90nmNHdgKrwfQ49mQ2hWQNDkJ JIXwKjYA6VUR/fZUFeCUisdDe/0ABLTI+jheXUV1eoYV7lNwNBKpeHdNuO6Aacb533JlfeUH xvBz9OfYWUiXu09sMAviM11Q0DuMZ5760CdO2VnpsXP4KxaYIhvqPqUMWqRdWyn7crItNkZe roXaecG03i3mM7dkiPaCkgocBg0EBYsbZDZ8bsG3a08LwEsL1Ygz3SBsyECa0waq4hOf/Z85 F2w2ZpXfP+w8q4ifwO90SGZZV+HR/Jh6rEaVPDRF/CEGVqR1hiuQOZ1YL5ezMTX0ZSLwrymU E0pwi/KDaiYB15uswgeIAcA6JzPFf9pLkAFFWs1QNyN++niFhsM47qodx/PL+5jR87myx5uY dBEQkkDc+lKB1Wct6ucXqm2EmsaQ0M95QjTmy+rDWjkDYdw3Ms6mSWE3Bn7i5ZgtwCLXgAIe 5W8mybM2JzGCBDIwggQuAgEBMIGrMIGWMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRl ciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRgwFgYDVQQKEw9TZWN0aWdvIExpbWl0 ZWQxPjA8BgNVBAMTNVNlY3RpZ28gUlNBIENsaWVudCBBdXRoZW50aWNhdGlvbiBhbmQgU2Vj dXJlIEVtYWlsIENBAhBs/e7jES6a32XKZxs4R01iMA0GCWCGSAFlAwQCAQUAoIICVzAYBgkq hkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0yMDEyMDgxNzQwMjdaMC8G CSqGSIb3DQEJBDEiBCB+9nDuJK8iRrFHeKVu3/gEBrONi+RCCpAMZIvEE6w/pzBsBgkqhkiG 9w0BCQ8xXzBdMAsGCWCGSAFlAwQBKjALBglghkgBZQMEAQIwCgYIKoZIhvcNAwcwDgYIKoZI hvcNAwICAgCAMA0GCCqGSIb3DQMCAgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMIG8Bgkr BgEEAYI3EAQxga4wgaswgZYxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNo ZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE+MDwG A1UEAxM1U2VjdGlnbyBSU0EgQ2xpZW50IEF1dGhlbnRpY2F0aW9uIGFuZCBTZWN1cmUgRW1h aWwgQ0ECEGz97uMRLprfZcpnGzhHTWIwgb4GCyqGSIb3DQEJEAILMYGuoIGrMIGWMQswCQYD VQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3Jk MRgwFgYDVQQKEw9TZWN0aWdvIExpbWl0ZWQxPjA8BgNVBAMTNVNlY3RpZ28gUlNBIENsaWVu dCBBdXRoZW50aWNhdGlvbiBhbmQgU2VjdXJlIEVtYWlsIENBAhBs/e7jES6a32XKZxs4R01i MA0GCSqGSIb3DQEBAQUABIIBADAcwEqMahky0gLOWYcu4Af/RTr32Zi2EP1yWVbf1DP9Xz0n BemsZdc8Ac8eNoMBxNoThwlcKVVdkdmLpByG4ge8yIQh/Ndq31F0+jyJ29mJV0ZNyJkbYz0A 0OXin34JIG4aagKlelYv/Nf5tgCqDSWe+ijOLi27gQvpZsfM4FYYtPTny50qGSH8H2EwZpX4 ZxTVlENIePBYXcDFCWZWkaSibVepWQMmNIZkQcABAFZT5tVCazuMj8FUhRYoLDdfK9r/3AjP E0YVjwh/Tg3oyb3TVn+3Azk0IAwoljqKEbWRc5W9pU1gH0ssqpmEYfN5F8JAw4HRNGQhrmO5 V4KV0DQAAAAAAAA= --------------ms050005010006060101020801-- From nobody Tue Dec 8 11:01:24 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 787B23A10C7 for ; Tue, 8 Dec 2020 11:01:23 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.994 X-Spam-Level: X-Spam-Status: No, score=-0.994 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_FONT_LOW_CONTRAST=0.001, HTML_IMAGE_ONLY_16=1.092, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_REMOTE_IMAGE=0.01, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EdB3ih-yLMIJ for ; Tue, 8 Dec 2020 11:01:22 -0800 (PST) Received: from mail-lj1-x22c.google.com (mail-lj1-x22c.google.com [IPv6:2a00:1450:4864:20::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 02D103A10C5 for ; Tue, 8 Dec 2020 11:01:21 -0800 (PST) Received: by mail-lj1-x22c.google.com with SMTP id o24so21318560ljj.6 for ; Tue, 08 Dec 2020 11:01:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=ZvR4ZfBKqdeoX1ANjk+aj7OS0gNQ6v5WcJX/5Qv2PAw=; b=IQvqZTNd0+DG5e7B/bw/1GtM6e5FfzRCE7GmR/9UCSgjHQNljVxNHkcXOvQeBfrtWv lyI5MWc3SNyWVM+D5cZsg9ZFZQSuPV5wnxN8cAah7ByHgZ3DOJmzhP96xq5jqF1lpuwQ 5ByAB9iljmZFwhlOwqi/Cu42KfTPmRl6kPuuWdcIT0nVdUQvCARk1FaR6A7qYxvSIgqC WCPYsBiDH3TYaNobyPVtpMwNBe3/TrB+X6BaU+hTjaXp200GNmWhTmuHNCVyi+pDGvU+ WQfXkSJb4MA+qwSM4EhRRaMfxX/C/Q/1tbNVnLQGUiyv7hySDBtFSPda+CVfuGjeTgLm Ytig== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ZvR4ZfBKqdeoX1ANjk+aj7OS0gNQ6v5WcJX/5Qv2PAw=; b=tFntSfha+VFVENwfdACheIp5wShCHemvZ+NP0SHyKFpaLgZEHEtwfBqfbjiRe5GNiu Rpqj3znbwa1CIWpPPLXEYEB/2Z2CyucGl3rPi7tLGBG9B98thoxV4fZnqYWLOXZfEm1r NVoXH4PtTd4Ud/YX2dDZuNVj28tQR6Y6KTV+Stmk5UDGrm+zsefnk7wB0XLAATC6X//M B0Nnew+BQ8AMy+PwcEl1PzbfeqdXtoyXV0EI0OHDkh3j1+YHCSmKE45SzkDtXdWW/kRa Xpo8gBpkUCrySDeEyBOsJkBkMraz9fHOPY2C0nuETFTD5dfFjrGgdnEKXj+7LRvbdX4N 4gQQ== X-Gm-Message-State: AOAM531iIEA+eJ97PdcWA25Tt/ajEQSZwrWFFF94kbFK6oAdkGoa1Th/ KwtZFKOPU3anFy9Ra/ZA/BsM/zuE6Jq9u2Tm3fo= X-Google-Smtp-Source: ABdhPJwdEZx4gpBPU3lzrrX0FfKovsmcdJiafUQldrQ5hrr5tzIVG05pxOSe8ilW49FuzKqCqWryp32inp4TfWV2TsU= X-Received: by 2002:a2e:904e:: with SMTP id n14mr7569632ljg.154.1607454079857; Tue, 08 Dec 2020 11:01:19 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: From: Dick Hardt Date: Tue, 8 Dec 2020 11:00:43 -0800 Message-ID: To: Rifaat Shekh-Yusef Cc: oauth Content-Type: multipart/alternative; boundary="0000000000006c370705b5f8916c" Archived-At: Subject: Re: [OAUTH-WG] Call for Adoption - AS Issuer Identifier in Authorization Response X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Dec 2020 19:01:24 -0000 --0000000000006c370705b5f8916c Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable +1 =E1=90=A7 On Tue, Dec 8, 2020 at 4:51 AM Rifaat Shekh-Yusef wrote: > All, > > This is a call for adoption for the following AS Issuer Identifier in > Authorization Response as a WG document: > > https://datatracker.ietf.org/doc/draft-meyerzuselhausen-oauth-iss-auth-re= sp/ > > Please, provide your feedback on the mailing list by Dec 22nd. > > Regards, > Rifaat & Hannes > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > --0000000000006c370705b5f8916c Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
    +1
    3D""=E1=90=A7

    On Tue, Dec 8, 2020 = at 4:51 AM Rifaat Shekh-Yusef <rifaat.s.ietf@gmail.com> wrote:
    All,

    This is a call for ad= option for the following AS Issuer Identifier in Authorization Response as = a WG document:
    https://datatracker.ietf.= org/doc/draft-meyerzuselhausen-oauth-iss-auth-resp/

    Please, prov= ide your feedback on the mailing list by Dec 22nd.

    Regards,
    =C2= =A0Rifaat & Hannes
    _______________________________________________
    OAuth mailing list
    OAuth@ietf.org
    https://www.ietf.org/mailman/listinfo/oauth
    --0000000000006c370705b5f8916c-- From nobody Tue Dec 8 11:15:52 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 22BC43A10F9 for ; Tue, 8 Dec 2020 11:15:51 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.087 X-Spam-Level: X-Spam-Status: No, score=-2.087 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=rhosys.ch Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Lmq-cpSYgEGS for ; Tue, 8 Dec 2020 11:15:49 -0800 (PST) Received: from mail-io1-xd29.google.com (mail-io1-xd29.google.com [IPv6:2607:f8b0:4864:20::d29]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 68CE93A10FE for ; Tue, 8 Dec 2020 11:15:49 -0800 (PST) Received: by mail-io1-xd29.google.com with SMTP id r9so17987041ioo.7 for ; Tue, 08 Dec 2020 11:15:49 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rhosys.ch; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=G+H0HpDl9wiwG2/Hnut7r83Q0jTNKnlzfIc8lAS9p4M=; b=mwncC7uoXhard9vxAApTlfqCQbU65jfrKMWYr6nxyl5zF0kqNrWeumzo8BG5GQU3n3 fPyhLSpq+JeV6LH3ULAaDn6Qv4FwAHuw8HNwN2d2LEX0pAonJaYeCIC7gVeQK42gSghE J2GcOWKfRgfa4aAnfh+KBiuI7TON5zCqM4Bjo= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=G+H0HpDl9wiwG2/Hnut7r83Q0jTNKnlzfIc8lAS9p4M=; b=NnJe0mvbjBprXoIum1rZRfTeCMY3l7Z0rMEJkbhxshk3HgTJf/YLF1IddKS8OIyVMc c1+n8jkMaV3xVHQj/ehCDZX1gfQQDR0jiY/Q25y7515qXmHQa6FKr5WdVrrWCCdbfToV L83U6raEZRao56IAFqFUW58M9H97DLjTqd37DVH8BA4DqBdSwFDHbHA22kQi4AjI8ZS2 XUudSn60QBmgJyUiKuKIJ++2oe3PKlFZghrL6ttBrIKt6SDOHd7j08aDSSGk8tSBnGEh /xA2jLz1H8KLxOk1nfI9vgyZsOP9q5TW1gehGjovVdS/QGdggDyChbRnAPMUWrQ7YUnv oQ7Q== X-Gm-Message-State: AOAM531GItD/2+wg+goijkp92psaezNarCzalwwNEbr7SpckPCmFwgX2 MoGo9PASOqYz2JXAi0+MR+EZx8fPYdb50Jw/16L6 X-Google-Smtp-Source: ABdhPJyg6xeq/TlvEbuwTJr6pZXxYZ+wwVwtN7Ha80RanbIcw/lT4/1rd6PZyCOuPoUhDNvKXIpNN0uBpwG//6Aznf8= X-Received: by 2002:a5e:db4b:: with SMTP id r11mr25320718iop.148.1607454948281; Tue, 08 Dec 2020 11:15:48 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: From: Warren Parad Date: Tue, 8 Dec 2020 20:15:37 +0100 Message-ID: To: karsten.meyerzuselhausen@hackmanit.de Cc: Rifaat Shekh-Yusef , oauth Content-Type: multipart/alternative; boundary="0000000000002f68e005b5f8c50f" Archived-At: Subject: Re: [OAUTH-WG] Call for Adoption - AS Issuer Identifier in Authorization Response X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Dec 2020 19:15:51 -0000 --0000000000002f68e005b5f8c50f Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable As an implementer on both sides of the issue I'm struggling to understand how this problem would occur. I'm finding issues with the proposed problems= : 1. Honest AS is compromised, assuming this does happen details on why adding iss to the AS response would prevent attacks is necessary for me.= In other words, how would an AS be compromised in a way that would be identifiable through the issuer value? (my ignorant assumption is that a compromised AS is compromised enough that an attacker would be able to s= end the correct ISS) 2. Attacker AS is registered. I fully support the idea that this can and will happen, however from attempting to test-implement this proposal, I can't see how the authorization would be sent to the wrong token endpoin= t. Since there is no information in the AS auth code response, the client m= ust already have the knowledge of where they are going to send the token, no mix-up can be executed. I would argue, if anything, adding the ISS parameter would open a new attack surface by providing clients an opportunity to blatantly trust the ISS parameter as the honest AS and th= us actually sending the code there instead of sending it to one specified i= n the metadata document. My confusion is the following: - Are multi AS services utilizing authorization codes in a way where there could be a mix up attack for #2. - Is there a #3 that I'm missing which even in light of #1 & #2 I brought up that would still make this change valuable? Warren Parad Founder, CTO Secure your user data and complete your authorization architecture. Implement Authress . On Tue, Dec 8, 2020 at 8:01 PM Dick Hardt wrote: > +1 > =E1=90=A7 > > On Tue, Dec 8, 2020 at 4:51 AM Rifaat Shekh-Yusef > wrote: > >> All, >> >> This is a call for adoption for the following AS Issuer Identifier in >> Authorization Response as a WG document: >> >> https://datatracker.ietf.org/doc/draft-meyerzuselhausen-oauth-iss-auth-r= esp/ >> >> Please, provide your feedback on the mailing list by Dec 22nd. >> >> Regards, >> Rifaat & Hannes >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth >> > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > --0000000000002f68e005b5f8c50f Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
    As an implementer=C2=A0on both sides of the issue I'm = struggling to understand how this problem would occur. I'm finding issu= es with the proposed problems:
    1. Honest AS is compromised, assumi= ng this does happen details on why adding iss to the AS response would prev= ent attacks is necessary for me. In other words, how would an AS be comprom= ised in a way that would be identifiable through the issuer value? (my igno= rant assumption is that a compromised AS is compromised enough that an atta= cker would be able to send the correct ISS)
    2. Attacker AS is register= ed. I fully support the idea that this can and will happen, however from at= tempting to test-implement this proposal, I can't see how the authoriza= tion would be sent to the wrong token endpoint. Since there is no informati= on in the AS auth code response, the client must already have the knowledge= of where they are going to send the token, no mix-up can be executed. I wo= uld argue, if anything, adding the ISS parameter would open a new attack su= rface by providing clients an opportunity to blatantly=C2=A0trust the ISS p= arameter as the honest AS and thus actually sending the code there instead = of sending it to one specified in the metadata document.
    My c= onfusion is the following:
    • Are multi AS services utilizin= g authorization codes in a way where there could be a mix up attack for #2.=
    • Is there a #3 that I'm missing which even in light of #1 &= #2 I brought up that would still make this change valuable?
    =

    Warren Parad

    Founder, CTO

    Secure your user data and complet= e your authorization architecture. Implement=C2=A0Authress= .

    <= br>
    On Tue,= Dec 8, 2020 at 8:01 PM Dick Hardt <dick.hardt@gmail.com> wrote:
    +1
    3D""=E1=90=A7<= /font>

    On Tue, Dec 8, 2020 at 4:51 AM Rifaat Shekh-Yusef <rifaat.s.ietf@gmail.com&g= t; wrote:
    All,

    This is a call for adoption for the following AS Iss= uer Identifier in Authorization Response as a WG document:
    https://datatracker.ietf.org/doc/draft-meyerzuselhausen-= oauth-iss-auth-resp/

    Please, provide your feedback on the mailin= g list by Dec 22nd.

    Regards,
    =C2=A0Rifaat & Hannes
    _______________________________________________
    OAuth mailing list
    OAuth@ietf.org
    https://www.ietf.org/mailman/listinfo/oauth
    _______________________________________________
    OAuth mailing list
    OAuth@ietf.org
    https://www.ietf.org/mailman/listinfo/oauth
    --0000000000002f68e005b5f8c50f-- From nobody Tue Dec 8 11:16:42 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6C3763A10F9 for ; Tue, 8 Dec 2020 11:16:41 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.098 X-Spam-Level: X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=pingidentity.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Li0geKrI_Urg for ; Tue, 8 Dec 2020 11:16:37 -0800 (PST) Received: from mail-lj1-x229.google.com (mail-lj1-x229.google.com [IPv6:2a00:1450:4864:20::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C0E623A10FE for ; Tue, 8 Dec 2020 11:16:36 -0800 (PST) Received: by mail-lj1-x229.google.com with SMTP id t22so21460106ljk.0 for ; Tue, 08 Dec 2020 11:16:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=O5oTn7M/5rAZa3xpig7RpJuItco0fnjKd7OlrVaqEXI=; b=SphTMxxIvdZK/jVcmcrggNkgq9gJpEfVQ8l1RGHuxdx+LO9j9n3rW/ECRbzTI1mCnL L6zHcYLkpGMFV2n1OwGLeuzG1xASnf5w0u+my1/H/yGUIQ2+7/IkTLG5ZHlyLC7oiODC Z2ELKU4+9SEhOSDDu9x+CvQOH9oLsTOpSdXkIKkURqQjhroLfA8Sz66XzbL+krg1lnYv lRwWAnALRxHVQcnVlQOXwKL+jSo0mercdLW1Q1exHz01Aov+TuWlU3nN3bMwS+H6eIhD kHOqjStzy11Sj8y+J1JK0lHBOAIP/07gh74N3t6QUdjFOXD9J7lYqZ5+MeNqc8nGyfFQ oEiQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=O5oTn7M/5rAZa3xpig7RpJuItco0fnjKd7OlrVaqEXI=; b=rVclPVjIvCXlv4PAPKmUQnuri3+9NQgAnpZmPhfBEHdap9c0k7eZQlgsyJZqRW0iqY IT4t9ub3swlSWJlnAgWYkmfUBntAgFq9TmhEND2XJ2ASBt7kNWukZYaVvmOCc9CwjHLX fcoTpMgNhZA5Y3PrJoA5FUIWzSmJXqz0moeTGH6cwxTEYMvZziKVGPLXcL1Ent6+V3oa zWurV2BHCbitFH6sQ7MT+tUPrZJJLytHIXSTmqWHsuBGfwb7hF51sFu+RvhSiaBySOVs RH8Wp1mk7JHaZ7wnGz0iU2o9YusZ5Vzat9ql/oy7b93q5EeYitU6tEQn6wASq5sQV9G9 feoQ== X-Gm-Message-State: AOAM531jOxh7+ZsF9boEh+EI7TRvP/YvQLBG/EFk+eqSMBbRVQ/L8fCR mslZaG4wSxrOPeFEYUYF1B6eEBq+BtfiC01+ke2HhDKZXGnkOaGKtiYuyMJszsQjuFclIj223Tn aPfN/q6DtjA4fxQ== X-Google-Smtp-Source: ABdhPJxZd9Aj6B4QrxnfnlEeJQGlieSdP/p9G9SE2l+T2r7/KJe7giG9Kso43DhgNXVcGV/+2FLQGM7FYv5UYL+MVVg= X-Received: by 2002:a2e:321a:: with SMTP id y26mr11348214ljy.293.1607454994645; Tue, 08 Dec 2020 11:16:34 -0800 (PST) MIME-Version: 1.0 References: <5233025a-a958-a5c0-238c-ea6f1df371bc@free.fr> In-Reply-To: <5233025a-a958-a5c0-238c-ea6f1df371bc@free.fr> From: Brian Campbell Date: Tue, 8 Dec 2020 12:16:07 -0700 Message-ID: To: Denis Cc: oauth Content-Type: multipart/alternative; boundary="000000000000f2e2cf05b5f8c77e" Archived-At: Subject: Re: [OAUTH-WG] Proposed changes to draft-ietf-oauth-dpop-02 X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Dec 2020 19:16:42 -0000 --000000000000f2e2cf05b5f8c77e Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable attempts at replies are inline On Wed, Dec 2, 2020 at 8:42 AM Denis wrote: > I have reviewed the whole draft and you will find comments below starting > with five editorials comments. Every other comment is numbered. > Let us start with five typos where there is a duplication of the word > "the": > Will fix, thank you. 1. Section 1. Introduction > > The text states: > > The value of the header is a JWT [RFC7519] that enables the > authorization server to bind issued tokens to the public part of the > client=E2=80=99s key pair. > > A client may use different key pairs. > > Change : > > "the client=E2=80=99s key pair" > > into : > > " a client=E2=80=99s key pair". > Okay, sure. 2. Section 2. Objectives > > The text states: > > The primary aim of DPoP is to prevent unauthorized or illegitimate > parties from using leaked or stolen access tokens by binding a token to a > public key > upon issuance and requiring that the client demonstrate possession of > the corresponding private key when using the token. > > The objective needs to be described in terms of what ,the mechanism does > and not yet at this time for which reasons. > > Change into: > > The aim of DPoP is first to require a client to demonstrate > possession of a public key when requesting an access token or a refresh > token to an AS > where the AS will then bind that public key upon a token issuance > and, then to demonstrate the possession of a public key included into a > token > when presenting a refresh token to an AS or an access token to a RS. > I'm of the opinion that the current text is fine. 3. The next sentence looks odd as far as the English grammar is considered. > > This constrains the legitimate sender of the token to only the party > with access to the private key and gives the server receiving the token > added assurances > that the sender is legitimately authorized to use it. > > With the proposed change above, this sentence looks unnecessary and could > be deleted. > Grammar has admittedly never been my strong suit but, even after rereading the text a few times, I don't see reason to change it. Perhaps the RFC editor will help out later in the process, if need be. 4. Section 3 Concepts Page 5 > > In order to make crystal clear that they are to different DPoP Proofs, > (DPoP Proof 1) and (DPoP Proof 2) should be shown on the figure as propos= ed > below: > > > > > > > > > > > > > > > > > > *+--------+ +---------------+ > | |--(A)-- Token Request ------------------->| | | > Client | (DPoP Proof 1) | Authorization | > | | | Server | > | |<-(B)-- DPoP-bound Access Token ----------| | > | | (token_type=3DDPoP) +---------------+ > | | | | | | > +---------------+ | |--(C)-- DPoP-bound Access Token > --------->| | | | (DPoP Proof > 2) | Resource | | > | | Server | | > |<-(D)-- Protected Resource ---------------| | | > | +---------------+ +--------+ > Figure 1: Basic DPoP Flow * > 5. The text states: > > The basic steps of an OAuth flow with DPoP are shown in Figure 1: > > * (A) In the Token Request, the client sends an authorization grant > (e.g., an authorization code, refresh token, etc.) to the authorization > server > in order to obtain an access token (and potentially a refresh > token). The client attaches a DPoP proof to the request in an HTTP > header. > > At the end of the sentence, add : (DPoP Proof 2). > I don't think having the proofs labeled with 1 & 2 detracts more than it adds. And that would be the wrong one in the context of that sentence, if they were labeled. > > > 6. The text states: > > * (C) To use the access token the client has to prove possession of > the private key by, again, adding a header to the request that carries th= e > DPoP proof. > > Change into: > > * (C) To use the access token the client has to prove possession of > the private key by using a header to the request that carries another DPo= P > proof (DPoP Proof 2). > Will add/adjust some text to try and make it more clear that the proof is specific and unique to that request. > > 7. Section 4. DPoP Proof JWTs > > The text states: > > A valid DPoP proof demonstrates to the server that the client holds > the private key that was used to sign the JWT. > > For avoiding misunderstandings, it would be better to say that this > applies to DPoP Proof JWTs and that it applicable for both ASs and RSs. > > Proposed change: > > A valid DPoP proof demonstrates to a server, (i.e. an AS or a RS), > that the client holds the private key that was used to sign a DPoP Proof > JWT. > What other server could there be in the context of this work? I think AS/RS there just clutters the text. And please try and use language and abbreviations that are consistent with the draft when you propose text - the AS and RS abbreviations are not used currently. Otherwise it's even more difficult to consider/incorporate suggestions. The JWT in question in that sentence seemed rather self evident but I can make it more explicit in an effort at avoiding misunderstandings. 8. The text states: > > This enables authorization servers to bind issued tokens to the > corresponding public key (as described in Section 5) and for resource > servers to verify > the key-binding of tokens that it receives (see Section 7.1), which > prevents said tokens from being used by any entity that does not have > access to the private key. > > The end of the sentence is using the wording "(...) which prevents said > tokens from being used by any entity that does not have access to the > private key". > > a) It is proposed to remove the end of the sentence, i.e.: "), which > prevents said tokens from being used by any entity that does not have > access to the private key". > A new section 8.2 is being proposed (DPoP private key usage). See > comment 17 which addresses this issue. > Here, as is/was the case with many other drafts, we are not going to make changes to the draft to cover something that is not a reasonable expectation of this work or OAuth in general. I believe WG consensus has been consistent about this general issue and I expect the draft(s) to reflect that (unless that WG consensus shifts, which is possible but I'm not seeing anything to suggest that's the case). At this time, it would be adequate to add that a DPoP Proof JWT can only be > used once. > > b) Additional proposed text: > > A DPoP proof JWT is intended to be only usable once: it includes > claims that allows an AS or a RS to detect replays. > This is something that I expected would be understood from the general context of the document. But perhaps that was too much of an assumption. I'll add something to that effect. > > 9. Section 4.2. DPoP Proof JWT Syntax > > The text states: > > The body of a DPoP proof contains at least the following claims: > > (...) > > * "jti": Unique identifier for the DPoP proof JWT (REQUIRED). The > value MUST be assigned such that there is a negligible probability that t= he > same value > will be assigned to any other DPoP proof used in the same context > during the time window of validity. Such uniqueness can be accomplished > by encoding > (base64url or any other suitable encoding) at least 96 bits of > pseudorandom data or by using a version 4 UUID string according to > [RFC4122]. The "jti" can > be used by the server for replay detection and prevention, see > Section 8.1. > > This looks like over engineering. 32 bits of pseudorandom data will be > sufficient if used in conjunction with the "iat" claim. If the server (AS > or RS) uses a concatenation > of both the "iat" and the "jti" this makes 2 ^ 32 possibilities within th= e > same second during a time windows of a few minutes (about 120 seconds). > > To highlight the fact that "jti" is a complement of "iat", it should be > placed after "iat" in the description". > > Proposed change: > > * "jti": JWT identifier that complements the "iat" claim to handle > replay protection for a given server (REQUIRED). > > The value MUST be assigned such that there is a negligible > probability that the same value will be assigned to any other DPoP proof > received by the server > within the same second during a short time window of validity (i.e. > a few minutes only) . This MUST be accomplished by encoding 32 bits of > pseudorandom data. > > > 10. Figure 3. > > The end of figure 3 is as follows: > > (...) > { > "jti":"-BwC3ESc6acc2lTc", > "htm":"POST", > "htu":"https://server.example.com/token" > , > "iat":1562262616 > } > Figure 3: Example JWT content of a "DPoP" proof > > In order to follow the ordering of the claims, as proposed before, it > would be more adequate to write it as follows: > > (...) > { > "htm":"POST", > "htu":"https://server.example.com/token" > , > "iat":1562262616 > "jti": EE238F3F, > > } > Figure 3: Example JWT content of a "DPoP" proof > > Please note that the "jti" value is shorter. > The 'jti' value in that example does not conform to the definition of the claim from RFC 7519 / JWT. It's a relatively minor issue in the scheme of things but I feel it typifies a larger dynamic at play in some of the WG exchanges here. Comprehending and responding to comments and suggestions can be arduous and very time consuming, which is further exacerbated by outright errors, mischaracterization, or misunderstandings in such feedback. I'd humbly request that, out of respect for everyone=E2=80=99s ti= me, we all please be a little more careful and precise in our exchanges. I don't want to discourage discourse - that's much of the point of a WG after all - I'd just request that a little more consideration be given for the impact to others. > 11. The text below figure 3 states: > > Of the HTTP content in the request, only the HTTP method and URI ar= e > included in the DPoP JWT, and therefore only these 2 headers of the reque= st > are covered by the DPoP proof and its signature. > > The four claims should be covered by the signature. > The point here is about the HTTP content. Not the claims. > Proposed change: > > Of the HTTP content in the request, only the HTTP method ("htm" > claim"), the URI ("htu" claim), the issuance time of the DPoP proof JWT > ("iat" claim) > and the DPoP proof JWT identifier ( jti "claim") are included in the > DPoP JWT, and therefore only these 4 headers of the request are covered b= y > the DPoP proof > and its signature. > > 12. Section 4.3. Checking DPoP Proofs > > The text states: > > To check if a string that was received as part of an HTTP Request is > a valid DPoP proof, the receiving server MUST ensure that > > 1. the string value is a well-formed JWT, > 2. all required claims are contained in the JWT, > > It would be wise to indicate what are "all the required claims" > > Change the last above sentence into: > > 2. all required claims are contained in the JWT, at least the "htm" > claim, the "htu" claim, the "iat" claim and the "jti "claim. > The required claims are listed in sec 4.2 and I don't believe it's wise to duplicate that normative requirement here. Perhaps a back reference to that section would be good. > > 13. The text states: > > 5. that the JWT is signed using the public key contained in the > "jwk" header of the JWT > > Typo: Since the sentence above all these conditions already includes the > word "that" (*the receiving server MUST ensure that*), > the word "that" in this sentence should be removed. > > Change into: > > 5. the JWT is signed using the public key contained in the "jwk" > header of the JWT > Okay. I guess the same would apply to #9 of that list too. The list could benefit from some tidying up in general. 14. The text continues with: > > 8. the token was issued within an acceptable timeframe (see > Section 8.1), and > 9. that, within a reasonable consideration of accuracy and > resource utilization, a JWT with the same "jti" value has not previously > been received > at the same URI (see Section 8.1). > > References to text located in the "Security considerations" section shoul= d > be avoided. > If that's problematic, I expect that it'll come up in chair/shepherd/AD/IESG reviews. And can be addressed then. > > In addition this text needs to be revised in order to take benefit of the > use of a combination of "iat" and "jti". > > Change the two last above sentences into: > > [the receiving server MUST ensure that] > > 8. the "iat" time is within an acceptable timeframe (a few > seconds skew SHOULD be allowed). > > Note: To accommodate for clock offsets, the server SHOULD > accept DPoP proofs that carry an "iat" time in the reasonably near future > (e.g., a few seconds in the future). > > 9. and that, in order to accept the DPoP proof JWT, both the > "iat" claim and the associated "jti" claim have not already been seen > before during the time window > used by the server; otherwise refuse the DPoP proof JWT. > > > 15. Section 5. DPoP Access Token Request (Page 12) > > The text states: > > An authorization server MAY elect to issue access tokens which are > not DPoP bound, which is signaled to the client with a value of "Bearer" = in > the "token_type" parameter > of the access token response per [RFC6750]. > > This has a consequence for the client which is not mentioned but should b= e > mentioned. > > Proposed additional text: > > When the client receives an access token, it MUST check whether th= e > "token_type" parameter of the access token response contains a value of > "Bearer" or a value of " DPoP". > If a "Bearer" token is received whereas the client indeed wanted a > "DPoP" token, then the client SHALL discard the response. > I'd presumed it was understood that not proceeding was always an option to the client. But we can mention it more explicitly here. 16. Section 8.1. DPoP Proof Replay > > Replace the current text with: > > In order to prevent the replay of a token at the same endpoint (the > HTTP endpoint), only a single DPoP proof JWT which contains the same clai= ms > is accepted during a time window > set by the server. This prevents both legitimate and illegitimate > clients to use twice a same DPoP proof JWT. A JWT that is still valid can > be associated with a new DPoP proof JWT > and hence can be re-used during its validity period. > > The mechanism which is based on both the "iat" and the "jti" claims > occupies 64 bits of memory (32 +32 bits) per DPoP proof JWT that has been > accepted. > The entries can be flushed after the end of the time window. > > Clients have no way to know in advance the exact value of a time > window used by a server. If they wait too long for using a DPoP proof > JWT, a DPoP proof JWT / access token pair > may be rejected, even it is cryptographically correct. > > 17. Add a new section 8.2: > > 8.2. DPoP private key usage > > A legitimate client does not necessarily need to "have access to" > the private key that is being used to sign a DPoP proof JWT, but can simp= ly > "use" the private key without knowing its value. > This means that it is able to perform cryptographic computations > either for its own benefit or for the benefit of other users. In the late= r > case, an illegitimate client may be given both an access token > and a DPoP Proof JWT by a legitimate client. The fact that a DPoP > proof JWT can only be used once does not protect against this collaborati= ve > attack. > > > 18. Currently there is no "Privacy considerations" section, whereas there > should be one. > > This point is addressed in a separate email since it proposes new text. > > Denis > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > --=20 _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged= =20 material for the sole use of the intended recipient(s). Any review, use,=20 distribution or disclosure by others is strictly prohibited.=C2=A0 If you h= ave=20 received this communication in error, please notify the sender immediately= =20 by e-mail and delete the message and any file attachments from your=20 computer. Thank you._ --000000000000f2e2cf05b5f8c77e Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
    attempts at replies are inline

    =
    On Wed, De= c 2, 2020 at 8:42 AM Denis <denis.ietf@free.fr> wrote:
    =20 =20 =20

    I have reviewed the whole draft and you will find comments below starting with five editorials comments. Every other comment is numbered.

    Let us start with five typos where there is a duplication of the word "the":

    Will fix, thank you.=C2=A0

    1. Section 1. Introduction

    The text states:

    =C2=A0=C2=A0=C2=A0=C2=A0 The va= lue of the header is a JWT [RFC7519] that enables the authorization server to bind issued tokens to the public part of the client=E2=80=99s key pair.

    A client may use different key pairs.

    Change :

    <= span lang=3D"EN-US"> "the client=E2=80=99s key pair"

    <= span lang=3D"EN-US"> into :

    <= span lang=3D"EN-US"> " a client=E2=80=99s key pair".


    Okay, sure.=C2=A0
    <= div>

    <= span lang=3D"EN-US">2. Section 2.=C2=A0 Objectives

    The text states:

    =C2=A0=C2=A0=C2=A0= The primary aim of DPoP is to prevent unauthorized or illegitimate parties from using leaked or stolen access tokens by binding a token to a public key
    =C2=A0=C2=A0=C2=A0 upon issuance and requiring that the client demonstrate possession of the corresponding private key when using the token.

    The objective needs to be described in terms of what ,the mechanism does and not yet at this time for which reasons.

    Change into:

    =C2=A0=C2=A0=C2=A0=C2=A0 The aim of DPoP is first to require a = client to demonstrate possession of a public key when requesting an access token or a refresh token to an AS
    =C2=A0=C2=A0=C2=A0=C2=A0 where the AS will then bind that public key upon a token issuance and, then to demonstrate the possession of a public key included into a token
    =C2=A0=C2=A0=C2=A0=C2=A0 when presenting a refresh token to an AS or an access token to a RS.

    I'm of the opinion that the current tex= t is fine.

    3. The next sentence looks odd as far as the English grammar is considered.

    =C2=A0=C2=A0=C2=A0 This constrains the legitimate sender of the= token to only the party with access to the private key and gives the server receiving the token added assurances
    =C2=A0=C2=A0=C2=A0 that the sender is legitimately authorized t= o use it.

    With the proposed change above, this sentence looks unnecessary and could be deleted.

    Grammar has admittedly never been my strong suit but, eve= n after rereading the text a few times, I don't see reason to change it= . Perhaps the RFC editor will help out later in the process, if need be.
    =C2=A0

    4. Section 3 Concepts Page 5

    In order to make crystal clear that they are to different DPoP Proofs, (DPoP Proof 1) and (DPoP Proof 2) should be shown on the figure as proposed below:

    +--------+=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0 +---------------+
    |=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 |--(= A)-- Token Request ------------------->|=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 |
    | Client |=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 (DPoP Proof 1)=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 | Authorization |
    |=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 |=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0     |=C2=A0=C2=A0=C2=A0=C2=A0 Serv= er=C2=A0=C2=A0=C2=A0 |
    |=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 |<= ;-(B)-- DPoP-bound Access Token ----------|=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 |
    |=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 |=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0     (token_type=3DDPoP)=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0     +---------------+
    |=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 | |=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 | |=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 |=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0 +---------------+
    |=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 |--(= C)-- DPoP-bound Access Token --------->|=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 |
    |=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 |=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 (DPoP Proof 2)= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 |=C2=A0=C2=A0=C2=A0 Resource=C2=A0=C2=A0 |
    |=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 |=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0 |=C2=A0=C2=A0=C2=A0=C2=A0 Serv= er=C2=A0=C2=A0=C2=A0 |
    |=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 |<= ;-(D)-- Protected Resource ---------------|=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 |
    |=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 |=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0+---------------+
    +--------+
    =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Figure 1: Basic DPoP Flow

    5. The text states:

    =C2=A0=C2=A0=C2=A0=C2=A0 The basic steps of an OAuth flow with = DPoP are shown in Figure 1:

    =C2=A0=C2=A0=C2=A0=C2=A0 *=C2=A0 (A) In the Token Request, the client sends an authorization grant (e.g., an authorization code, refresh token, etc.) to the authorization server
    =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 in order to obtain a= n access token (and potentially a refresh token).=C2=A0 The client attaches a DPoP proof to the request in an HTTP header.

    At the end of the sentence, add : (DPoP Proof 2).


    I don't think hav= ing the proofs labeled with 1 & 2 detracts more than it adds. And that = would be the wrong one in the context of that sentence, if they were labele= d.
    =C2=A0



    6. The text states:

    =C2=A0=C2=A0=C2=A0=C2=A0 *=C2=A0 (C) To use the access token the client has to prove possession of the private key by, again, adding a header to the request that carries the DPoP proof.=C2=A0

    Change into:
    =C2=A0
    =C2=A0=C2=A0=C2=A0=C2=A0 *=C2=A0 (C) To use the access token the client has to prove possession of the private key by using a header to the request that carries another DPoP proof (DPoP Proof 2).


    Will add/adjus= t some text to try and make it more clear that the proof is specific and un= ique to that request.
    =C2=A0


    7. Section 4.=C2=A0 DPoP Proof JWTs

    The text states:

    =C2=A0=C2=A0=C2=A0=C2=A0 A valid DPoP proof demonstrates to the= server that the client holds the private key that was used to sign the JWT.

    For avoiding misunderstandings, it would be better to say that this applies to DPoP Proof JWTs and that it applicable for both ASs and RSs.
    Proposed change:

    =C2=A0=C2=A0=C2=A0=C2=A0 A valid DPoP proof demonstrates to a s= erver, (i.e. an AS or a RS), that the client holds the private key that was used to sign a DPoP Proof JWT.

    =
    What other server could there be in the context of this work= ? I think AS/RS there just clutters the text. And please try and use langua= ge and abbreviations that are consistent with the draft when you propose te= xt - the AS and RS abbreviations are not used currently. Otherwise it's= even more difficult to consider/incorporate suggestions.=C2=A0
    =
    The JWT in question in that sentence seemed rather self evid= ent but I can make it more explicit in an effort at avoiding misunderstandi= ngs.

    8. The text states:

    =C2=A0=C2=A0=C2=A0=C2=A0 This enables authorization servers to = bind issued tokens to the corresponding public key (as described in Section 5) and for resource servers to verify
    =C2=A0=C2=A0=C2=A0=C2=A0 the key-binding of tokens that it receives (see Section 7.1), which prevents said tokens from being used by any entity that does not have access to the private key.

    The end of the sentence is using the wording "(...) which prevents said tokens from being used by any entity that does not have access to the private key".

    a) It is proposed to remove the end of the sentence, i.e.: "), which prevents said tokens from being used by any entity that does not have access to the private key".
    =C2=A0=C2=A0=C2=A0 A new section 8.2 is being proposed (DPoP pr= ivate key usage). See comment 17 which addresses this issue.

    <= /blockquote>
    Here, as is/was the case with many other drafts, we are no= t going to make changes to the draft to cover something that is not a reaso= nable expectation of this work or OAuth in general. I believe WG consensus = has been consistent about this general issue and I expect the draft(s) to r= eflect that (unless that WG consensus shifts, which is possible but I'm= not seeing anything to suggest that's the case). =C2=A0
    =C2= =A0

    At this time, it would be adequate to add that a DPoP Proof JWT can only be used once.

    b) Additional proposed text:

    =C2=A0=C2=A0=C2=A0=C2=A0 A DPoP proof JWT is intended to be onl= y usable once: it includes claims that allows an AS or a RS to detect replays.

    This is something that I expected would be und= erstood from the general context of the document. But perhaps that was too = much of an assumption. I'll add something to that effect.
    =C2=A0


    9. Section 4.2.=C2=A0 DPoP Proof JWT Syntax

    The text states:

    =C2=A0=C2=A0=C2=A0=C2=A0 The body of a DPoP proof contains at l= east the following claims:

    (...)

    =C2=A0=C2=A0=C2=A0=C2=A0 *=C2=A0 "jti": Unique identifier for the DPoP proof JWT (REQUIRED).=C2=A0 The value MUST be assigned such that there is a negligible probability that the same value
    =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 will be assigned to = any other DPoP proof used in the same context during the time window of validity.=C2=A0 Such uniqueness can be accomplished by encoding
    =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 (base64url or any ot= her suitable encoding) at least 96 bits of pseudorandom data or by using a version 4 UUID string according to [RFC4122].=C2=A0 The "jti" can
    =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 be used by the serve= r for replay detection and prevention, see Section 8.1.

    This looks like over engineering. 32 bits of pseudorandom data will be sufficient if used in conjunction with the "iat" clai= m. If the server (AS or RS) uses a concatenation
    of both the "iat" and the "jti" this makes 2 ^ 32 possibilities within the same= second during a time windows of a few minutes (about 120 seconds).

    To highlight the fact that "jti" is a complement of &= quot;iat", it should be placed after "iat" in the description&qu= ot;.

    Proposed change:

    =C2=A0=C2=A0 *=C2=A0 "jti": JWT identifier that complements the &qu= ot;iat" claim to handle replay protection for a given server (REQUIRED).
    =C2=A0=C2=A0=C2=A0=C2=A0
    =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 The value MUST be assigned such = that there is a negligible probability that the same value will be assigned to any other DPoP proof received by the server
    =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 within the same second during a = short time window of validity (i.e. a few minutes only) . This MUST be accomplished by encoding 32 bits of pseudorandom data.


    10. Figure 3.

    The end of figure 3 is as follows:

    (...)
    =C2=A0=C2=A0=C2=A0=C2=A0 {
    =C2=A0=C2=A0=C2=A0=C2=A0 "jti":"-BwC3ESc6acc2lTc",
    =C2=A0=C2=A0=C2=A0=C2=A0 "htm":"POS= T",
    =C2=A0=C2=A0=C2=A0=C2=A0 "htu":"https://server.example.com/token", =C2=A0=C2=A0=C2=A0=C2=A0 "iat":156226261= 6
    =C2=A0=C2=A0=C2=A0 }
    =C2=A0 =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0Figure 3: Example JWT content of= a "DPoP" proof

    In order to follow the ordering of the claims, as proposed before, it would be more adequate to write it as follows:

    (...)
    =C2=A0=C2=A0=C2=A0=C2=A0 {
    =C2=A0=C2=A0=C2=A0=C2=A0 "htm":"POS= T",
    =C2=A0=C2=A0=C2=A0=C2=A0 "htu":"https://server.example.com/token", =C2=A0=C2=A0 =C2=A0=C2=A0"iat&qu= ot;:1562262616
    =C2=A0=C2=A0=C2=A0=C2=A0 "jti": EE238F3F,

    =C2=A0 =C2=A0 }
    =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0 Figure 3: Example JWT content of a "DPoP" proof

    <= span lang=3D"EN-US">Please note that the "jti" value is shorter.


    =C2=A0The 'jti' value in= that example does not conform to the definition of the claim from RFC 7519= / JWT. It's a relatively minor issue in the scheme of things but I fee= l it typifies a larger dynamic at play in some of the WG exchanges here. Co= mprehending and responding to comments and suggestions can be arduous and v= ery time consuming, which is further exacerbated by outright errors, mischa= racterization, or misunderstandings in such feedback. I'd humbly reques= t that, out of respect for everyone=E2=80=99s time, we all please be a litt= le more careful and precise in our exchanges. I don't want to discourag= e discourse - that's much of the point of a WG after all - I'd just= request that a little more consideration be given for the impact to others= .

    =C2=A0

    <= span lang=3D"EN-US">11. The text below figure 3 states:

    =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Of the HTTP content in the reque= st, only the HTTP method and URI are included in the DPoP JWT, and therefore only these 2 headers of the request
    =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 are covered by the DPoP proof and its signature.

    The four claims should be covered by the signature.
    <= /span>


    The point here= is about the HTTP content.=C2=A0 Not the claims.
    =C2=A0

    Proposed change:

    =C2=A0 =C2=A0 Of the HTTP content in the request, only the HTTP method ("htm" claim"), the URI (&q= uot;htu" claim), the issuance time of the DPoP proof JWT ("iat"= ; claim)
    =C2=A0=C2=A0=C2=A0 and the DPoP proof JWT identifier ( jti "claim") are included= in the DPoP JWT, and therefore only these 4 headers of the request are covered by the DPoP proof
    =C2=A0=C2=A0=C2=A0 and its signature.

    12. Section 4.3.=C2=A0 Checking DPoP Proofs

    The text states:

    =C2=A0=C2=A0=C2=A0=C2=A0 To check if a string that was received= as part of an HTTP Request is a valid DPoP proof, the receiving server MUST ensure that

    =C2=A0 =C2=A0=C2=A0 =C2=A0=C2=A0 1.=C2=A0 the string value is a well-formed JWT,
    =C2=A0 =C2=A0=C2=A0 =C2=A0=C2=A0 2.=C2=A0 all required claims are contained in the JWT,

    It would be wise to indicate what are "all the required claims"

    Change the last above sentence into:

    =C2=A0=C2=A0 2.=C2=A0 all required claims are contained in the JWT, at least the "htm" claim, the "htu" claim, the "iat= " claim and the "jti "claim.


    The required claims are listed in sec 4.2 an= d I don't believe it's wise to duplicate that normative requirement= here. Perhaps a back reference to that section would be good.

    =C2=A0


    13. The text states:

    =C2=A0=C2=A0=C2=A0=C2=A0 5.=C2=A0 that the JWT is signed using the public key contained in the "jwk" header of the JWT
    Typo: Since the sentence above all these conditions already includes the word "that" (the receiving server MUST ensure that)= ,
    the word "that" in this sentence should be removed.

    Change into:

    =C2=A0=C2=A0=C2=A0=C2=A0 5.=C2=A0 the JWT is signed using the public key contained in the "jwk" header of the JWT


    Okay. I guess th= e same would apply to #9 of that list too. The list could benefit from some= tidying up in general.
    =C2=A0

    <= span style=3D"font-size:12pt" lang=3D"EN-US">
    14. The text continues with:

    =C2=A0 =C2=A0 =C2=A0=C2=A0 8.=C2=A0 the token was issued within an acceptable timeframe (see Section 8.1), and
    =C2=A0 =C2=A0 =C2=A0=C2=A0 9.=C2=A0 that, within a reasonable consideration of accuracy and resource utilization, a JWT with the same "jti" value has not previously been received
    =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0 at the same URI (see Section 8.1).

    References to text located in the "Security considerations= " section should be avoided.


    If that's problematic, I expect that it'll c= ome up in chair/shepherd/AD/IESG reviews. And can be addressed then.
    <= div>=C2=A0

    <= font face=3D"Arial">
    In addition this text needs to be revised in order to take benefit of the use of a combination of "iat" and "jti".

    Change the two last above sentences into:

    [the receiving server MUST ensure that]

    =C2=A0 =C2=A0 =C2=A0=C2=A0 8.=C2=A0 the "iat" time is within an acceptable timefra= me (a few seconds skew SHOULD be allowed).

    =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 No= te: To accommodate for clock offsets, the server SHOULD accept DPoP proofs that carry an "iat" time in the reasonably near futur= e (e.g., a few seconds in the future).

    =C2=A0 =C2=A0 =C2=A0=C2=A0 9.=C2=A0 and that, in order to accept the DPoP proof JWT, both the "iat" claim and the associated "jti" claim = have not already been seen before during the time window
    =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0 used by the server; otherwise refuse the DPoP proof JWT.


    15. Section 5.=C2=A0 DPoP Access Token Request (Page 12)

    The text states:

    =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 An authorization server MAY elect to issue access tokens which are not DPoP bound, which is signaled to the client with a value of "Bearer" in the "token_type"= ; parameter
    =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 of the access token response per [RFC6750].=C2=A0

    This has a consequence for the client which is not mentioned but should be mentioned.

    Proposed additional text:

    =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 When the client receives a= n access token, it MUST check whether the "token_type" parameter of the access token response c= ontains a value of "Bearer" or a value of " DPoP".
    =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 If a "Bearer" token is received whereas the client indeed wanted a "DPoP= " token, then the client SHALL discard the response.


    I'd presumed it was und= erstood that not proceeding was always an option to the client. But we can = mention it more explicitly here.=C2=A0
    =C2=A0

    16. Section 8.1.=C2=A0 DPoP Proof Replay

    Replace the current text with:

    =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 In order to prevent the replay o= f a token at the same endpoint (the HTTP endpoint), only a single DPoP proof JWT which contains the same claims is accepted during a time window
    =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 set by the server.=C2=A0 <= /span>This prevents both legitimate and illegitimate clients to use twice a same DPoP proof JWT. A JWT that is still valid can be associated with a new DPoP proof JWT
    =C2=A0=C2=A0=C2=A0=C2=A0 and hence can be re-used during its va= lidity period.=C2=A0

    =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 The mechanism which is based on = both the "iat" and the "jti" claims occupies 64 bits of memory (32 +32 bits)= per DPoP proof JWT that has been accepted.=C2=A0
    =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 The entries can be flushed after the end of the time window.

    =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Clients have no way to know in a= dvance the exact value of a time window used by a server.=C2=A0 If they wait too long for using a DPoP proof JWT, a DPoP proof JWT / access token pair
    =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 may be rejected, even it is cryptographically correct.

    17. Add a new section 8.2:

    =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 8.2.=C2=A0 DPoP private key usage

    =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 A legitimate client does not nec= essarily need to "have access to" the private key that is being used to sign a DPoP proof JWT, but can simply "use" the private key without knowing its value.
    =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 This means that it is able to perform cryptographic computations either for its own benefit or for the benefit of other users. In the later case, an illegitimate client may be given both an access token
    =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 and a DPoP Proof JWT by a legiti= mate client.=C2=A0 The fact that a DPoP proof JWT can only be used once does not protect against this collaborative attack.


    18. Currently there is no "Privacy considerations" se= ction, whereas there should be one.

    <= span lang=3D"EN-US">This point is addressed in a separate email since it proposes new text.

    <= span lang=3D"EN-US">Denis
    _______________________________________________
    OAuth mailing list
    OAuth@ietf.org
    https://www.ietf.org/mailman/listinfo/oauth
    On Mon, Dec 7, 2020 at = 1:31 AM Denis <d= enis.ietf@free.fr> wrote:
    =20 =20 =20
    Hi Brian,

    =20
    The client is not necessarily identified in requests to the RS (it could be via the access token but that's an implementation detail that can't be counted on in spec) so maintaining a per client list isn't viable.=C2=A0

    That as well as some other considerations/approaches were talked about in https://github.com/danielfett/draft-dpop/is= sues/47 with what's in the spec now maybe not being perfect but good enough.

    The message sent by b---c on September 23, 2019 states:

    I think there are a number of options. The ones that come to mind are:

    1. servers track only the jti value and require that jti be globally unique (a UUID or >=3D ~128 bit random)
    2. servers track the public key (or hash of it) + a jti that is incrementing or otherwise unique within that instance of the client (like random >=3D ~32 bits but I'm not sure and it really depends on how many requests are being made in the allowed timeframe)
    3. servers track the whole dpop jwt (or probably a hash of it) and jti is not required at all (or could be very very small). I think the iat and jwk and signature in the dpop jwt would provide more than sufficient entropy for this to work. Although I guess multiple requests to the same URI & same method during the same second (iat) when using a deterministic signature scheme would need to be differentiated somehow.

    I think 1 is the most straightforward to describe in a document. I'm drawn to 3 because it would allow for smaller dpops and move some of the complexity burden from the client to the server. 2 kinda does also but feels to me like not a great compromise that's maybe harder for both parties to implement.

    Thoughts? Preferences? Alternatives?

    Method 1 is not "good enough" as you = write: it is over-engineering. A method for flushing the cache of "whatever data is being stored" has not be considered in = the discussion.
    There are alternatives methods that have not been proposed, nor discussed.

    In an earlier email, I proposed a pseudo random number with 2 ^ 32 values associated with the"iat" time. For more details= , see item 9 (Section 4.2. DPoP Proof JWT Syntax)
    from: https://mailarchive.ietf.org/arch/browse/oauth/?q=3DPr= oposed%20changes%20to%20draft-ietf-oauth-dpop-02

    The text is as follows:

    =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0 *"jti": JWT identifier that complements the "iat" claim to handle replay protection for= a given server (REQUIRED). 
     =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0       The val=
ue MUST be assigned such that there is a negligible probability that the sa=
me value will be assigned=20
             to any other DPoP proof received by the server within the same=
 second during a short time window of validity
             (i.e. a few minutes only). This MUST be accomplished by encodi=
ng 32 bits of pseudorandom data.

I would add the following sentence:

      In case of a replay detection, an "replay_dpop_proof" error=
 code MUST be returned

    This will allow both to recover from an error by sending a new DPoP proof and to test that replay detection is indeed working.
    Note that 64 bits of pseudorandom data would also make it, but 96 bits (or more) is oversized.

    The following guidance in section 8.1 will then become unnecessary:

    In order to guard against memory exhaustion attacks a server SHOULD reject DPoP proof JWTs with unnecessarily large "jti" values or store only a hash t= hereof.

    Denis



    On Thu, Dec 3, 2020 at 5:09 A= M Neil Madden <neil.madden@forgerock.com> wrote:
    I think perhaps an assumption in the DPoP draft (and in the description of =E2=80=9Cjti=E2=80=9D in RFC 7519) is that t= he server will maintain a single global list of recently used jti values to prevent replay, rather than maintaining a separate list per client. That could perhaps be spelled out more clearly in the draft, as I think the entropy discussions only really make sense in that context. If the RS instead maintains a separate list per client then a simple counter is sufficient.

    =E2=80=94 Neil

    On 2 Dec 2020, at 15:17, Brian Campbell <bcampbell=3D40pingidentity.com@dmarc.ietf.org> wrote:

    The conversation at ht= tps://github.com/danielfett/draft-dpop/pull/51#discussion_r332377311 has a bit more of the rational behind the choice of 96 bit minimum.

    On Wed, Dec 2, 2020 at 7:07 AM Denis <denis.ietf@free.fr> wrote:
    Hi Daniel,

    All your arguments make sense. I agree.

    A minor point however. The size of the jti" is currently mandated to 96 bits minimum. This is unnecessarily long for a time window of a few minutes.
    The jti" does not need to be a unique identifier valid for ever. It can simply be an identifier used during the time window which complements the "iat" claim.

    Using both the "iat" claim and a 3= 2 bits pseudo-random number will be quite sufficient.=C2=A0 It is also has the advantage = of using less memory and
    it is easier to flush the entries looking at the 32 first bits only.

    Denis

    So what you are proposing is that the time window in which an RS accepts the DPoP proof is defined by the expiration time of the access token?

    DPoP proofs are intended to be generally be short-lived and fresh for each request in order to provide some level of replay protection. There is no point in making the time window as long as the (typically longer) time window in which an AT would be accepted. A DPoP proof that is valid for 12 hours would not provide much replay protection.

    The time window is left unspecified because it is only meant to account for clock differences and network latency. Its precise value can depend on deployment considerations. It is not intended to give the client an option to re-use proofs, which is prevented together with the jti.

    Also this would introduce new, unwanted and potentially surprising dependencies between token lifetimes and the DPoP usage.

    And finally, as discussed before, not all access tokens are JWTs and we are not going to mandate JWT access tokens in this spec.

    -Daniel


    Am 01.12.20 um 09:54 schrieb Denis:
    Hi=C2=A0 Brian,

    Hi Denis,

    The choice to use "iat" vs= . "exp" was made in the summer of last year. You can see some of the discussion from then in https://github.com/d= anielfett/draft-dpop/issues/38.
    I believe it pretty well has consensus at this point and thus unlikely to be changed.

    I fear that you misread my email or read it too fast. My point had nothing to do whether using either of "iat" or "exp" in the DPoP proof JWT sen= t by the client.

    The first sentence of my email was: "One comment on sli= de 5 about the time window". So the topic was all about how the RS SHALL handle the "jti" claim in= cluded
    in the     DPoP proof JWT when using a time window.


    While I do believe there are reasonable arguments that can be made on both sides of using either of "iat" or "exp", = it's difficult (and honestly time consuming and very frustrating) to try and have such discussions or even respond in a coherent way when fundamental aspects of the draft are misrepresented or misunderstood. For example, the DPoP proof JWT is created by the client not the AS so the advantages you put forward are nonsensical in the context of the actual workings of the draft.

    = Section 8.1 addresses the topic of the <= /font>tim= e window, but this topic should not only b= e addressed in the "Security Considerations" section
    but in the main body of the document, since some checks MUST be done by the RS.     "Security Considerations"are intended to provide
    explanations but are not intended to be normative.

    = Section 8.1 states:

    = =C2=A0=C2=A0 " If an adversary is able to get hold of a DPoP proof JWT, the adversary could replay that token at the same endpoint (the HTTP
    =C2=A0=C2=A0 endpoint and method are en= forced via the respective claims in the JWTs).=C2=A0 To prevent this, servers MUST only accept DPoP proofs
    =C2=A0=C2=A0 for a limited time window = after their "iat" time, preferably = only for a relatively brief period.=C2=A0

    = =C2=A0=C2=A0 Servers SHOULD store, in the context of the request URI, the "jti"= value of each DPoP proof for the time window in which the respective
    =C2=A0=C2=A0 DPoP proof JWT would be ac= cepted and decline HTTP requests to the same URI for which the "jti" = value has been seen before.=C2=A0 In order =C2=A0=C2=A0 to guard against memory exhaustion attacks a server SHOULD reject DPoP proof JWTs with unnecessarily large "jti" val= ues or store only
    =C2=A0=C2=A0 a hash thereof.

    = =C2=A0=C2=A0 (...) ".

    = The previous text makes the assumption that RSs MUST only accept DPoP proofs for a relatively brief period a= fter their "iat" time included=
    in the     = DPoP proof JWT<= /font>. This assumption is rather restrictive. A client might get an access token and associate it with DPoP proof JWT that
    could be used during, e.g., 12 hours. A     <= font face=3D"Arial">DPoP proof JWT/ access token JWT pair could thus be used by a client during, e.g., one day for
    several sessions with a RS.
    =

    The time window is currently left at the discretion of each RS and is supposed to be short (without stating explicitly what "short" may mean)..
    It would be possible to mandate     in the JWT the inclusion of the exp (Expiration Time) Claim. (I am not advocating the inclusion of the "exp= "
    claim in the DPoP proof JWT).

    In this way, for a RS, the time window would be defined using the "iat" claim d= efined in the DPoP proof JWT and the "exp&q= uot; claim defined in
    the JWT.

    Such a description should not be done in section 8, but in a section earlier in the main body of the document.

    This would have the following advantages:

    • The RS would be able to better manage the "jti&quo= t; claim values, because it would be able to discard "jti" claim v= alues as soon as they are
      outside the time window as defined above.
    • The client would know whether a DPoP proof JWT/ access token JWT pair is still usable, in particular using the "expires_in" status code
      returned in case of a       successful response from the AS = and is thus unlikely to get a rejection of both of them because of an unknown time
      window used by a RS.

    Denis



    On Mon, Nov 30, 2020 at 8:45 AM Denis <denis.ietf@free.fr> wrote:

    One comment on slide 5 about the time window.

    At the bottom, on the left, it is written: "Only valid for a limited time window relative to creation time".

    While the creation time is defined by "iat", the= time window is currently left at the discretion of each RS.

    It would be preferable to mandate the inclusion in the JWT of the exp (Expiration Time) Claim.
    In this way, the time window would be defined by the AS using both the "iat" and the &qu= ot;exp" claims.

    This would have the following advantages:

    • The client will know whether a token is still usable and is unlikely to get a rejection of the token
      because of an unknown time window defined by a RS.
    • The RS is able to manage better the "jti" claim values, because it will be able to discard "jti" claim= values
      as soon as they are outside the time window defined by the AS in a JWT.

    Denis


    All,

    This is a reminder that we have an Interim meeting=C2=A0this Monday, Nov 30th @ 12:00pm ET, to discuss the latest with the DPoP document:

    You can find the details of the meeting and the slides here:

    Regards,
    =C2=A0Rifaat & Hannes 


    ______________________________=
_________________
OAuth mailing list
OAuth@ietf.org
h=
ttps://www.ietf.org/mailman/listinfo/oauth


    _______________________________________________
    OAuth mailing list
    OAuth@ietf.org
    https://www.ietf.org/= mailman/listinfo/oauth

    CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.=C2=A0 = If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you. 



    ________________________________________=
_______
OAuth mailing list
OAuth@ietf.org
h=
ttps://www.ietf.org/mailman/listinfo/oauth



    --=20
https://danielfett.de<=
/a>

    __________________________________________=
_____
OAuth mailing list
OAuth@ietf.org
h=
ttps://www.ietf.org/mailman/listinfo/oauth


    _______________________________________________
    OAuth mailing list
    OAuth@ietf.org
    https://www.ietf.org/mailman/list= info/oauth

    CONFIDENTIALITY NOTICE: This = email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.=C2= =A0 If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.= _______________________________________________
    OAuth mailing list
    OAu= th@ietf.org
    https://www.ietf.org/mailman/listinfo/oauth


    ForgeRock values your Privacy<= /blockquote>

    CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.=C2=A0 If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.



    <= span style=3D"margin:0px;padding:0px;border:0px;outline:0px;vertical-align:= baseline;background:transparent;font-family:proxima-nova-zendesk,system-ui,= -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ub= untu,Cantarell,"Helvetica Neue",Arial,sans-serif;font-weight:600"= >CONFIDENTIALITY NOTICE: This email may contain confidenti= al and privileged material for the sole use of the intended recipient(s). A= ny review, use, distribution or disclosure by others is strictly prohibited= .=C2=A0 If you have received this communication in error, please notify the= sender immediately by e-mail and delete the message and any file attachmen= ts from your computer. Thank you. --000000000000f2e2cf05b5f8c77e-- From nobody Tue Dec 8 13:48:30 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CEEC83A119A for ; Tue, 8 Dec 2020 13:48:24 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.097 X-Spam-Level: X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_FONT_FACE_BAD=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=pingidentity.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TJdvalekrzhR for ; Tue, 8 Dec 2020 13:48:22 -0800 (PST) Received: from mail-lf1-x136.google.com (mail-lf1-x136.google.com [IPv6:2a00:1450:4864:20::136]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DBD8E3A0FC0 for ; Tue, 8 Dec 2020 13:48:21 -0800 (PST) Received: by mail-lf1-x136.google.com with SMTP id r24so374819lfm.8 for ; Tue, 08 Dec 2020 13:48:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=QlsiFj/nJwHPcIMZ9EPK5s1Ts7hyAYCO5T/oSFOa0yM=; b=D9gEeJcP078skeWeNbjDGRnsmBeCXNCGk+uWdW7pEdUlJu8hAEXKeNu5Y/KtwEYMz2 HAle+ycS/bxXV8D+4qxziW+6PVtffUVqWWicOaXdoY/4dH4qoVGvcdDpqwELuEUUu2xa ObaSzbFsf+L32SfNcgWLpJTzDP9K8SmsMk7+wdw3suMsBQs0YQWpNKllIUVM2w4vEs9l t14E0YdYdDD3+tslNdgW3D0BKWT0bz1reXh+1PpM7Cw9WZJoeO2EwMizFw2kEK6XXUga h3d6cagUPFMfUnefJ6IKp5zuOgCrLg47IcjKFp8uEj9tZOBnjfUIz6TcLqz9plkVEm9A nKOg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=QlsiFj/nJwHPcIMZ9EPK5s1Ts7hyAYCO5T/oSFOa0yM=; b=Yq54DVInnG4dgCfvdSBYdzmYJj/YLh+lKvn5wCNLJDiXMl6DQ7d4ouSVgpp0ooOyLg Q1mKnon+Yc+dZpDn3fsX0aKR6dHjR4pw1CYCwt/tOvAVfpzocOG/g5u5t1gVmH+9MM3S MU7afpxMe/rlhg+Ez7O+7OwMBGRBuft4bA9jnyqvtXo5wUAfaxiocOmhY4b//MHP7u1c qhKOdDtg/QJk4p09sSal7pHcMMNs1NR5RlJMOLcLriHU+ivqbTIjYmTMIBdVn7kN0ouw XuHb23u9fKB/jwqNGP8WO3qcpCYfTuM5U8UVtv6f93ccas25yRoGOyCW76VwPSJC+GDD uiPA== X-Gm-Message-State: AOAM533lpEeJFQ1NkGl2cgRRi0JEmZOhRv/uc9Mb3A9EkHcPaA/RVD3h iZE/l6fC/hOVR7EEj98ytSSgyz8nDh4jCd04n+OnejdjefIHZsKfwapYAWm2MBF21+y6KoweGK2 x7wWwGh1P4nIA0Q== X-Google-Smtp-Source: ABdhPJzBPXBI+iwXmAyqcuL9Hxr/mNijgDXm3sybUM0elvk65887Cy8KpnX/it8ZVm8xJWBZ+zulSNvP0G1N9eUVCho= X-Received: by 2002:a05:6512:330d:: with SMTP id k13mr4687885lfe.173.1607464099922; Tue, 08 Dec 2020 13:48:19 -0800 (PST) MIME-Version: 1.0 References: <30D5F7BA-EA54-4E40-A2FC-222AA0C9AF8D@lodderstedt.net> <353E4494-2F80-44BC-9267-6FB8B37AA0FE@lodderstedt.net> <1B663AA7-563D-4D25-A408-9ED10FD818AC@forgerock.com> In-Reply-To: From: Brian Campbell Date: Tue, 8 Dec 2020 14:47:53 -0700 Message-ID: To: Philippe De Ryck Cc: Neil Madden , Torsten Lodderstedt , oauth Content-Type: multipart/alternative; boundary="000000000000aa7cff05b5fae683" Archived-At: Subject: Re: [OAUTH-WG] DPoP followup I: freshness and coverage of signature X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Dec 2020 21:48:25 -0000 --000000000000aa7cff05b5fae683 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Danial recently added some text to the working copy of the draft with https://github.com/danielfett/draft-dpop/commit/f4b42058 that I think aims to better convey the "nutshell: XSS =3D Game over" sentiment and maybe dissuade folks from looking to DPoP as a cure-all for browser based applications. Admittedly a lot of the initial impetus behind producing the draft in the first place was born out of discussions around browser based apps. But it's neither specific to browser based apps nor a panacea for them. I hope the language in the document and how it's recently been presented is reflective of that reality. The more specific discussions/recommendations around in-browser apps are valuable (if somewhat over my head) but might be more appropriate in the OA= uth 2.0 for Browser-Based Apps draft. With respect to the contents of the DPoP draft, I am still keen to try and flush out some consensus around the question posed in the start of this thread, which is effectively whether or not to include a hash of the access token in the proof. Acknowledging that "XSS =3D Game over" does sort of evoke a tendency to not even bother with such incremental protections (what I've tried to humorously coin as "XSS Nihilism" with no success). And as such, I do think that leaving it how it is (no AT hash in the proof) is not unreasonable. But, as Filip previously articulated, including the AT hash in the proof would prevent potentially prolonged access to protected resources even when the victim is offline. And that seems maybe worthwhile to have in the protocol, given that it's not a huge change to the spec. But it's a trade-off either way and I'm personally on the fence about it. Including an RT hash in the proof seems more niche. Best I can tell, it would guard against prolonged offline access to protected resources when access tokens are bearer and the RT was DPoP-bound and also gets rotated. The trade-off there seems less worth it (I think an RT hash would be more awkward in the protocol too). On Fri, Dec 4, 2020 at 5:40 AM Philippe De Ryck < philippe@pragmaticwebsecurity.com> wrote: > > The suggestion to use a web worker to ensure that proofs cannot be > pre-computed is a good one I think. (You could also use a sandboxed ifram= e > for a separate sub/sibling-domain - dpop.example.com). > > > An iframe with a different origin would also work (not really sandboxing, > as that implies the use of the sandbox attribute to enforce behavioral > restrictions). The downside of an iframe is the need to host additional > HTML, vs a script file for the worker, but the effect is indeed the same. > > For scenario 4, I think this only works if the attacker can trick/spoof > the AS into using their redirect_uri? Otherwise the AC will go to the > legitimate app which will reject it due to mismatched state/PKCE. Or are > you thinking of XSS on the redirect_uri itself? I think probably a good > practice is that the target of a redirect_uri should be a very minimal an= d > locked down page to avoid this kind of possibility. (Again, using a > separate sub-domain to handle tokens and DPoP seems like a good idea). > > > My original thought was to use a silent flow with Web Messaging. The > scenario would go as follows: > > 1. Setup a Web Messaging listener to receive the incoming code > 2. Create a hidden iframe with the DOM APIs > 3. Create an authorization request such as =E2=80=9C*/authorize?response_= type=3Dcode&client_id=3D...&redirect_uri=3Dhttps%3A%2F%example.com > &state=3D...&code_challenge=3D7-ffnU1EzHtMfxOAdlkp_Wi= xnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256&prompt=3Dnone&response_mo= de=3Dweb_message* > =E2=80=9D > 4. Load this URL in the iframe, and wait for the result > 5. Retrieve code in the listener, and use PKCE (+ DPoP if needed) to > exchange it for tokens > > This puts the attacker in full control over every aspect of the flow, so > no need to manipulate any of the parameters. > > > After your comment, I also believe an attacker can run the same scenario > without the =E2=80=9C*response_mode=3Dweb_message*=E2=80=9D. This would g= o as follows: > > 1. Create a hidden iframe with the DOM APIs > 2. Setup polling to read the URL (this will be possible for same-origin > pages, not for cross-origin pages) > 3. Create an authorization request such as =E2=80=9C*/authorize?response_= type=3Dcode&client_id=3D...&redirect_uri=3Dhttps%3A%2F%example.com > &state=3D...&code_challenge=3D7-ffnU1EzHtMfxOAdlkp_Wi= xnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256* > =E2=80=9D > 4. Load this URL in the iframe, and keep polling > 5. Detect the redirect back to the application with the code in the URL, > retrieve code, and use PKCE (+ DPoP if needed) to exchange it for tokens > > In step 5, the application is likely to also try to exchange the code. > This will fail due to a mismatching PKCE verifier. While noisy, I don=E2= =80=99t > think it affects the scenario. > > > IMO, the online attack scenario (i.e., proxying malicious requests throug= h > the victim=E2=80=99s browser) is quite appealing to an attacker, despite = the > apparent inconvenience: > > - the victim=E2=80=99s browser may be inside a corporate firewall or VPN= , > allowing the attacker to effectively bypass these restrictions > - the attacker=E2=80=99s traffic is mixed in with the user=E2=80=99s own= requests, making > them harder to distinguish or to block > > Overall, DPoP can only protect against XSS to the same level as HttpOnly > cookies. This is not nothing, but it means it only prevents relatively > naive attacks. Given the association of public key signatures with strong > authentication, people may have overinflated expectations if DPoP is > pitched as an XSS defence. > > > Yes, in the cookie world this is known as =E2=80=9CSession Riding=E2=80= =9D. Having the > worker for token isolation would make it possible to enforce a > coarse-grained policy on outgoing requests to prevent total abuse of the = AT. > > My main concern here is the effort of doing DPoP in a browser versus the > limited gains. It may also give a false sense of security. > > > > With all this said, I believe that the AS can lock down its configuration > to reduce these attack vectors. A few initial ideas: > > 1. Disable silent flows for SPAs using RT rotation > 2. Use the sec-fetch headers to detect and reject non-silent iframe-based > flows > > For example, an OAuth 2.0 flow in an iframe in Brave/Chrome carries thes= e > headers: > *sec-fetch-dest: iframesec-fetch-mode: navigatesec-fetch-site: > cross-sitesec-fetch-user: ?1* > > > Philippe > > > --=20 _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged= =20 material for the sole use of the intended recipient(s). Any review, use,=20 distribution or disclosure by others is strictly prohibited.=C2=A0 If you h= ave=20 received this communication in error, please notify the sender immediately= =20 by e-mail and delete the message and any file attachments from your=20 computer. Thank you._ --000000000000aa7cff05b5fae683 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
    <= div class=3D"gmail_quote">
    On Wed, Dec= 9, 2020 at 8:55 AM Karsten Meyer zu Selhausen <karsten.meyerzuselhausen@hackmanit.de&= gt; wrote:
    =20 =20 =20

    Hi Warren,

    I think there is some misunderstanding on how mix-up attacks work. I will try to clear things up.

    Have a look at the following mix-up attack example (slide 4 from the interim meeting):

    3D""

    I marked the important parts:

    • In step 1 the client stores the attacker's AS (A-AS) as the selected AS.
    • Step 5: The authorization response is issued by the honest (=3D not compromised) AS, not by the attacker's AS. The H-AS will use its own correct issuer identifier as the value for the AS parameter.
      • In a mix-up attack the attacker cannot directly influence the value of the iss parameter in the authorization response as it is issued by the H-AS.
    • Step 6: The client sends the token request to the token endpoint of the A-AS, because it stored the A-AS as the selected AS in step 1. This leaks the authorization code to the attacker who can use it in a code injection attack, for example.

    With an iss parameter present in step 5 the client would be able to recognize that the code was issued by the H-AS, not by the A-AS. The client would be able to abort the authorization grant instead of leaking the code to the A-AS.

    I hope this addresses your concerns.

    Best regards,
    Karsten

    On 08.12.2020 20:15, Warren Parad wrote:
    =20
    As an implementer=C2=A0on both sides of the issue I&= #39;m struggling to understand how this problem would occur. I'm finding issues with the proposed problems:
    1. Honest AS is compromised, assuming this does happen details on why adding iss to the AS response would prevent attacks is necessary for me. In other words, how would an AS be compromised in a way that would be identifiable through the issuer value? (my ignorant assumption is that a compromised AS is compromised enough that an attacker would be able to send the correct ISS)
    2. Attacker AS is registered. I fully support the idea that this can and will happen, however from attempting to test-implement this proposal, I can't see how the authorization would be sent to the wrong token endpoint. Since there is no information in the AS auth code response, the client must already have the knowledge of where they are going to send the token, no mix-up can be executed. I would argue, if anything, adding the ISS parameter would open a new attack surface by providing clients an opportunity to blatantly=C2=A0trust the ISS parameter as the honest AS and thus actually sending the code there instead of sending it to one specified in the metadata document.
    My confusion is the following:
    • Are multi AS services utilizing authorization codes in a way where there could be a mix up attack for #2.
    • Is there a #3 that I'm missing which even in light of #1 & #2 I brought up that would still make this change valuable?
    =

    Warren Parad=

    Founder, CTO
    Secure your user data and complete your authorization architecture. Implement=C2=A0Authress.


    On Tue, Dec 8, 2020 at 8:01 P= M Dick Hardt <dick.hardt@gmail.com> wrote:
    +1
    =3D""=E1=90=A7

    On Tue, Dec 8, 2020 at 4:51 AM Rifaat Shekh-Yusef <rifaat.s.ietf@gmail.com> wrote:
    All,

    This is a call for adoption for the following AS Issuer Identifier in Authorization Response as a WG document:
    https://datatracker.ietf.or= g/doc/draft-meyerzuselhausen-oauth-iss-auth-resp/

    Please, provide your feedback on the mailing list by Dec 22nd.

    Regards,
    =C2=A0Rifaat & Hannes
    _______________________________________________
    OAuth mailing list
    OAuth@iet= f.org
    https://www.ietf.org/mailman/listinfo/oau= th
    _______________________________________________
    OAuth mailing list
    OAuth@ietf.or= g
    https://www.ietf.org/mailman/listinfo/oauth= 
    --=20
Karsten Meyer zu Selhausen
IT Security Consultant
Phone:	+49 (0)234 / 54456499
Web:	https://hackmanit.d=
e | IT Security Consulting, Penetration Testing, Security Training

Nehmen Sie an unserer n=C3=A4chsten Live Online-Schulung zur Sicherheit von=
 OAuth und OpenID Connect am 27.01 + 28.01.2021 teil:
https://www.hackmanit.de/de/schulungen/127-live-online-schulung=
-single-sign-on-sicherheit-oauth-openid-connect-am-27-01-28-01-2021

Hackmanit GmbH
Universit=C3=A4tsstra=C3=9Fe 60 (Exzenterhaus)
44789 Bochum

Registergericht: Amtsgericht Bochum, HRB 14896
Gesch=C3=A4ftsf=C3=BChrer: Prof. Dr. J=C3=B6rg Schwenk, Prof. Dr. Juraj Som=
orovsky, Dr. Christian Mainka, Dr. Marcus Niemietz
    --00000000000003473805b604f47c-- --00000000000003473905b604f47d Content-Type: image/png; name="fmliihgbmokgaako.png" Content-Disposition: inline; filename="fmliihgbmokgaako.png" Content-Transfer-Encoding: base64 Content-ID: <17646e1e61acff9eafb1> X-Attachment-Id: 17646e1e61acff9eafb1 iVBORw0KGgoAAAANSUhEUgAAA+gAAAIzCAYAAACTLTO8AAAgAElEQVR4nOzdZ1QUZ+M2cD4kvoa/ Aord2DWaoqmaZhJN8mh68sS02aWDgmDBir33hrH3LtgVC/ZewYIVARVUOtJh2Tp7vR92mQV2aYq6 +ly/c/Ycj8zO3HPP7O5cc5exARERERERERE9dzbPuwBERERERERExIBOREREREREZBUY0ImIiIiI iIisAAM6ERERERERkRVgQCciIiIiIiKyAgzoRERERERERFaAAZ2IiIiIiIjICjCgExEREREREVkB BnQiIiIiIiIiK8CATkRERERERGQFGNCJiIiIiIiIrAADOhEREREREZEVYEAnIiIiIiIisgIM6ERE RERERERWgAGdiIiIiIiIyAowoBMRERERERFZAQZ0IiIiIiIiIivAgE5ERERERERkBRjQiYiIiIiI iKwAAzoRERERERGRFWBAJyIiIiIiIrICDOhEREREREREVoABnYiIiIiIiMgKMKATERERERERWQEG dCIiIiIiIiIrwIBOREREREREZAUY0ImIiIiIiIisAAM6ERERERERkRVgQCciIiIiIiKyAgzoRERE RERERFaAAZ2IiIiIiIjICjCgExEREREREVkBBnQiIiIiIiIiK8CATkRERERERGQFGNCJiIiIiIiI rAADOhEREREREZEVYEAnIiIiIiIisgIM6ERERERERERWgAGdiIiIiIiIyAowoBMRERERERFZAQZ0 IiIiIiIiIivAgE5ERERERERkBRjQiYiIiIiIiKwAAzoRERERERGRFWBAJyIiIiIiIrICDOhERERE REREVoABnYiIiIiIiMgKMKATERERERERWQEGdCIiIiIiIiIrwIBOREREREREZAUY0ImIiIiIiIis AAM6ERERERERkRVgQCciIiIiIiKyAgzoRERERERERFaAAZ2IiIiIiIjICjCgExEREREREVkBBnQi IiIiIiIiK8CATkRERERERGQFGNCJiIiIiIiIrAADOhEREREREZEVYEAnIiIiIiIisgIM6ERERERE RERWgAGdiIiIiIiIyAowoBMRERERERFZAQZ0IiIiIiIiIivAgE5ERERERERkBV7YgB55aCsChgzB kKKv4aNx/FbqY6/z0b0wDC+xzhFT5+Jhtqr4gnot9qwPlJZZvTPsCffm6VDlJGLetDGmch6KgKiv /HpEZQaWzpokrWfe6gNQacWqL/BT8ij2MiaNGiaVf83+COgeox5KEsWK10FllrU6eh3CD22U6m/u 8r1QPsXjr1PnYd2iqdL2ho2dhltJOU+83nthBzFS+myPxMnI5CoobRXQa7FtxXRjuQIQFBrxvEtU xUS8yKc/ERER0bP0wgb0veN74f9sbGBT7FUTfw1bi8fJXnpRg83jXUqszwaObTshPD63xMJqDP6n o3GZV/Fb35VVsk9VLS8xAp++1UDal/9OCIb2cQJ6dhy6v9tKWs9n/x2FPPULcsWt12DDRE9UL3JM W3d2Q1Ke+glWKiIn7QGWBW2GQqMre0mtGncjjiH42KXHOi+tgl6L1ePkUv11+mEwslVl7/cTbU5U I2iiK16VjlltDF506InqT6/Nwci/Okv7UKvppwh/kF1lZX4iehW8f3zLWLYacB4R/LxLVGWUuRnY u2sjbiXnPe+iEBEREb0QXrKAboNm7/+Fh/naSq9Pk5+Cvz9rxYBuwYsc0JXpMfi5Y8vix7VGE6w4 Hv1Y61MXZONI0Dx89nYLNPpSQI7K8rmmF0VkpdzD/BG90LRebcimb2JAr4T4y7vQqrattM33vx+I dOXjbzMr7jw6tm4gfWb/4z4L+RorOYdfwoCu0yhx/cxu/PPNh3Bs0R7H71nJzRAiIiIiK/dSBPRX q9nB3r4mbGxsUKNOC6w5FVfp9SVF7MTrNQwX7zVq1CwnoGswtd9vaNeuHdq1awef8VuqZqeqGAO6 iOuhS9DEvjpsbGxgX8sBttUM+/Cl29THCGgits3zh31Nw/rKCuja/FR4/dZJqjMG9MrRFaSjzw8f Sdt0aPoRjkSmPd7K9DqELhmKWtWNN2hsm2LV0aiqLfCT0Ksx0rOb8fvkbQycved5l+iJ3TkThIZ1 7AzHjgGdiIiIqMJeioBuV+tjuPxS2H3VDn8PX1OpsdZ6USt1b3/NoQG6/fSfsgP6C+J/PaDrNbmY 6PK11E26p39/tKrvYLiR0+A9nL6XWck1ilgyxlmqh7ICuiYnAT9+9gYD+mNvU4dT6yagVjVTN/dB iw4+1hwKuoJU9O72gVT+lp/KEZelrPoyk+TGgUWmmysM6EREREQV9lIEdIc6X2LdwmHSOOMWH/6D +7maCq9Lq0zD35+2MISutt0wb3pfBvQiXtSA/ij6JDo1rwsbGxv8vwbvYPf5S5B91ta4H7bwmLQT ukrtBgP6MwvoALLjL6NL24bSdt/+1guJuZWfOyDpWijeeb22NE+F17SdeIHmOHwhMaATERERPZ6X JKB/hcu3TqNDfUPXdNu6rbD25L0Kryv12i40sjWEtm4+c7Bv2SAG9CJexICuF7XYt2Aw7IxlbvOZ DHFZBVg/wQM1ja2y9d/+FQ8qFfgY0J9lQNfrCjC/73+l7b5Wtx12hD+o3DpENTZO8EDNwt42r3+E o4/bVZ4qjAGdiIiI6PG8NAE9OjML/r8Wjlm1w9+j11ewO6yIzeOcjd3bGyJwz00cXM6AXtSTB3QR eVmPcPX8KRw+fBiHT51HfEo6dE/x2Uua3AQ4dSmceKs6/hixGhoRSAjfghb1HIz/Xw+Be25Waj+e TUAXkZuVgQd3b+Po4cOGOjt8GOcu3UJKeia0lWv2L0aRm4XYyGs4Zlzn6bBrSEnLLPuz8pwCOgDc PrEWzR1rSBOouU/ZWqnWb3X2A/z1WTup7J8LY5FVRtlFrQqPUpIREXZWqvfDR08iOi4BWXkFj70f Oo0SdyMjcPjwYYTfiEa2QlX+m8qhFzXIeJSGyIhwHCks65GjuB51H+lZTzZrul7UIScjFZcvnJHq ICYuCQXqik3AyYBORERE9HhemoB+J0+DEyuHw9b4f2928UZqBWZ9FjUZ+LtTM0OLapvuiMpUlh/Q 9RrMH+2Ozp07o3PnLzC0yKROelGLs9vm49uvOhv/3hUTlh2ApswHb4u4cXAVunQ2vueLrhi5aPdj heminm1AF3F517/Gfe4Mv8Bg6AEoc1KwdvYIdP6wPRrUNkwa9YpdbbR9uz1+/tsHe45ffyrdjaNO rEOTWoZg91qd1lhrnLVdVKbCo9t70r6898twKMsJvPnJN+HSozs6d+6Mti0bS+/9v7qN8Onnhv39 ouvX2H0rHbeOrULnzp3x+acfo34dB2nZxm3eluqmu8dgpOabt9zrVPm4cHgnhvR2wofvdUCbFk2K PR6udr0meKvDu/j+d3ds2H0KucqKhSW9qMWD2xcxe4w/vuj4Hlo1aSit196xId5u/y56uPTHnhNX YXHevEoEdFGnwbltC9G98Fzu/BU8Bs5G8mN0TQcATc5DyLq8I237za/cK9XNPfL4ajRzNM4GX7Mh Zu64aPFGSU5qHNYunoXfu3VG+7ffQgNH07GzqVYTzVq1xXsffo6+I2fiUlRCqUMjNIpk+P/TzXCc f/NAZKoSOUm3Mczzv2jZxPBZrNO4GT746kcs3HYcGp0I6DWYPvBvqb7GLz5c5j4VZCVjV9AyuP7e HR3av4MmDeuYymrzKho1a4MO73WCi+8IHAuPMmzDEr0CM/r/I52XW6+lQS+KiI8Ox8RBXvigw9uo X9teqoPmrd/EV9/9gWVbjiC7wHwIkagrwDi/39G5c2d81KGtVKbX7GrhvU6fStuZuu1MOUeNiIiI 6H/XSxTQdci4dxrvNTLOHNzoHeyJSC53Pek3Q1C/uqF7+3985kKn11UgoJf9mDVlZhw8u78vraNu y07YF/Gw1DIUPIrC9+82k5Zv2qE7wuKyHqteinqmAV2vw9GlA6Rlvu4/B4qM+whw6Q4H46znll61 6jSB78yNyK3CFllRq8A8/9+lbbT5RIa47MJQJ+LAoqGoZVvN8Hf71giNyihzfdkPLuD9NvVK3Qcb GxtUs3PAirBEhG+dWOZyNjY2qP/xT4jPKd6CmpsSjQF/dkf9osGwjFfNWvXws9dkpJTzPHetMgeb 541ChxaNijxXvJRjUa8pvIYvQ0ZBieBfwYCuF7U4t3Ue2tUrHO9dA+99Jcf5qJTH796v12L3vIHS UIXXHFtj45m7FXurToF5fX6Tyt3s/V9xO01htv6wPSvR+a3WxW6GlP6qjsatO2LxrnCLIV2V9wDf vW04V+q1+BhnIu9g0J9fSMMqir6+6zkXSq1Y8ces6XWIPr8Hv332Phxq2FagrK+i7uttMXxeiGE7 ZuvLg2+3t6Tl551+gIshS/B+i0ZlrreGQ1387DcFSSXOYVGbD+evzR9VWfLVc8HeF3e4BxEREdFT 9lIFdJ0yC/6/GoNztVrwnRNS7oXg5nFOhgt/+/oI3HcbqIKADoi4d34b3mnsKF3Ud/ptoMWWP702 HzN6fieFgxq1mmD6pguPNVt1Sc8zoHfxHY/AgX/DvjAIlxVu7R3hMXkj1GX2MqjEfiddw1dt6xvX Xws+U7cXa6UvSLqEjs3qmuolYF2Z63vaAV2rSEKvbh9VMCAWeVW3h+vkraW25uo0+dgwyQ/17GtW eJ3Va9SB2/gNxY9FBQK6XtThwrZ5aFu3lnE5W3zQ1RPXHlR2pnxzqbeO4gPpeL2K3wasgKoC54oi LQrd3m1qfF9NOI1eh5Kn7a2DK9G6gWPl6t3GBrVbfIrjUeZj2YsF9GYfYOwwXzhaukFl2xTrTt0x Vl7FAnpCxAF0frNZuTdaSr7s6rfFsoMWhnKUCOhD5wQWublSzquGA3pO2VqsdZ4BnYiIiOjJvVQB HXodjhfp5t7hG1+kFpTeMqvXZeLvjwwX8HVadcOdbE0VBXRA1CmxdY4/6toZLs6r1aiLwfNDzboQ h2+ahlo1jBfw1e3QY/BiKDRV05r8PAP662++haaONWFjUx1t3u2C6Ys34eqNSMRER+HM4R3w7dHN tN82NqhZpxlWHr3z5Dut1+HEmjGwM7ZY1nr9A+y/nlJ8EVGJyW7fSoHYoeVXhmNfioL0uxg50Aeu rq7o/KGp6659kzaQO7vA1dUVbh6eOHEvC7Hhu+Dq6goX2V9o0djU9bjtx13h6uoKV1dX9B4zGxlF ugiHzOkjncs2NrZo074LJgWuwemwK4iJiUFMTAxuXr2I7esX458fOxfrkWDf4lvcy7HUii7iauhi tKhjCuev2NdBlx5eWLdzP25FRiEmJgYXzxzDxKE90bSBqeXevkE7BJ2OLVJh5Qf0W0fX4u2GDtI+ vPeVB64/fPJeIACg12Rj9D9fmM6tD/6LuxnljQcXcWHbDNQ23iCyq/8OdpaYYE6XG4uf3m9pujlh Wx8//NkHm3cfxI3b0Ya6j47C+ZOHMGfsALzfrqm0rI1NdQijNpl9nosG9Oq2NVHbwQ6vOTji955j cDI8AjHRt3F8TxC8BozGw2zjo94qENBF5SMM6NG5yE2c2vjsWzlWBu1CxM3b0nly5fwJLA8cjy8/ alukrK/i87/HIbdkYUsEdEdHQziv6dgEf/Ychj3HziImJgbRt29i/7bV6NH1A2myPRsbG9R5oxsi U/NNZdSpsHjKALi6uuK37p9Jy9nWro8fesik83/l4YiKHnoiIiKi/zkvV0AHkH7nFN5vbBg3ad/o Hey9Wno394wbu1CvRnXY2LyKL92nG1qtqyigA4AmLxkDe5iChWPzjjh4PUn6e87DcHzSuoG0nlYf /IGY9MefiKqk5xnQDS87dPl9MKISM1FyPjitKg8HVoxDk1q20v6/+50/siwOgq44bUE6+nxveuZ1 pz9GIsfCOmMOLUUde+PkY9VqYsTK8xVYe9VPEqcviEf3NqZzoN0nAq49yCy1hVFdkIkFw5xMPRNe qY+gK6nm289Lgtd/TGPt7eu2xPjle0oZO6zBjWPr0bKBKWB37TUTmsJClBPQo46vwzuNClvOq6PD F+64kVCVk4KJiAhZgMbGm102tk2w+kRM2e9Q52Ks8JVU5ve/G4BHJeakCNswCY6FN4mq1Uaf6Tuh KGUSNL2oQ+LtU/jm3RbSOt/q5ovsEvMAFA3ohZ+BPwfOR1aJetdqNKZjXIGAfu/MJrSpayet87fe c5CWW9qz3EVkJ0fBrbvpc/B6h+8QmVbiu6VEQDd8R7XHmkNXodKa3yRUZDzA4D+/LHKToC4WHY22 WAJOEkdERET0eF66gK5TZsD/58Lw7ADfwN2lhp1NY50N3UVt7TB6/UXDf1ZhQAeApBuH8XELUwD7 6JeBSM3XQK/OQN8fP5S6q9as2xorj1u+2H1czzugt/vCCbdTSp9NWi+qsWqUXKqDGo7NsP5CQuUL WETKjX1o7WAIXa/YNcCkYMvBW6dIwH8/Mo37b9ulN3LLrZyqD+jJ4UFwMIZEW/tGmH/gdrn7mBt7 Em80MnXLHr/X/D33L2xBc/vC4QW10GvKJsvjkI30ogYbx7hI62z8RjdEphu74ZcR0KOOr0P7RoXd oqvjnc5uuJVU9U89UKZH46cPWkifo5/7LYOqjMn9Mu6dw0fNjD0YqtfH2DWni9e/Xo1xHl2lfWr6 qQsyypsHQa/DukleUg8dxw9/RmKJOQBKBvQ6zT/C8ehyuvmXF9D1Wmya3kv6nNRr9w0uPSwv8IoI 2z5TavG2b/k+jt8tUY4SAb1a9VoYvvJ0md3PY89tQssG9tJ7ei45ZnE4DgM6ERER0eN56QI69Drs W2QKiu9+42exm7tem46/OxoCmn39johIU0nvr8qArhe1OLR6POoZZxS3qV4fkzedx76Fg6VgZlO9 BjymbC91LPHjep4B/RW7hpiyKbzcdaszb6Fjw8ILfnv0mrS78gUsLIKoxqohf5taDd/sjhsppfVI ELF+tBNsjV3hbe2bYMOFxHK2UPUBXadV437MDZw/dwZLF29AZgUeX6fPj8P3RSbyGrTpSokFNNgy 0VX6e4N2X+Hiw/JDc078NcxdvBEXwsJxP6nIY/BKCegPL+/Cu687Sp+DDl28EJX6ZI/3KpVeg9Vj nU3DElp1wc0i3auLL6vDoSVDpEDboF1XXLLwqERlXjoiwsNwInQzgg/eqlAxzq+ZjHrG9dq+1R2x OcVbsUsG9Le7+SOzvMcUVKAFXV2Qg1tXL+P0kT1Yu+1UheZrSAjfgZavGMN3k/bYV/L57yUCes16 XyAmt+wnA6hTb6JT29el9/wzYhssFYUBnYiIiOjxvHwBHUDC5d1oa3x2cs2G7yD0mnk39/RrO1Df 2MX5wz9HmoJrFQd0ABDV2Zjg1k0KF/WatUGLOnbSNt743ANpZYyVf1zPM6A3bfcjojMq8DgsvRaD /+wkve+dvwJMXasrSZl5F/95q6EUdP4ascpieCiUF3cCzWsVHofq+LbnnDKXf3bPQS9l66IIdX4W wkJXoUORybxKBnRRlYX+P5rq9ON/JiD/SSbgsxDQb5wPQcc3Gkr/1/Zzt0o9/uxxJEXsxhvSxIu1 MXP3Ncs3PZSZ6C0Nc7DFD/0Xmk0OVzkiRFGHR4kxmNW7BxwqHNBt8d8RK8o/7hWdxb2ipRVF5KbH I3jGAOlmQkUCepsf+pb7/aAvSIT83TbSe/4evpUBnYiIiKgKvZQBXZuXBKevCp+dbAffubtLdMMU sXGMsfW0mi1GBxWZtOgpBHQAyH54EV3fMrU8Fb5qNHoT+26YzwYtbUoUoSwogEKhKPelLjG53PMM 6O1/CUB+BUPRnnGm1t4m7WVIfayELuLGvrmmSayq10a3P7wwfPjwMl4D0P51U1fxWo074kJiKa2y xm087YAuijpo1Crk5WTi1rXLOHNkNyaNGo7ens748dvPUcvCjOAlA7oqJx4/fVzYHbwG3KZtqXg1 WlIioDdp9S7aNatfrAy1W3TGrUeq8tf1JMVQpaPP9x2lbXZxnmGx237S1T1oaZwc7//qtcaGohPe lUGn00JZoMCjxFhcuhSOrcvnImDIAMj//h0fvtnMrN7LD+i14D9nX0V2rNIBXdTpoFIWIDstAVcu X8LBzcsxfFgAXGR/oEvHN83KWpGA/pXrjPKLqkxiQCciIiJ6il7KgA69Blun+0hdXD/6bggyVKYL eb06DX93NAQY27of4UbRlt6nFNABEeG75qGRo32RC2cHDF18vMx3qdIi8Wn7pmYX3OYvO/SZcrjY e0sG9N/GBz2zgP6tf2CFW4zDN4yU3tew+S+4r6h8c6eoyceAXztWoJ7KeFW3h8/ssgLV0wvoOq0a dyJOYqSPC77s9Falyl0yoCvSo9D1rcKQWBfjV5+udH0WUyKgS69q1WFrW13690/+S56wpbp8J9eM Q53CmdlbfIlbacVvqOhFDbZMMN3webOrJ5Lyy+62rcpNw9618yD0+AktGtaqcL2XH9BrY/C/B8vf qUoEdE1BNk7vWY9eTj3wdquGFS5rRQL6T77Lyi8qAzoRERHRU/VyBnQA8ZdC0NY463Htlp/h7D3T BEkpl7eisaPhbx/8Obr4BeZTDOg3D60s8pxoG9jY1MOkLeFlBrcnCeiKlJv4vH1jaZnv+yyD6jEC ui4rFv951/Q4qq5/TUdByZbLYgG9JpzGbajw+iM2j3vigJ794Cza1634875LezX78E8k5JUW6J5O QFfnpWDKYBc0qFmBUFjDHg0aNoS9raklvWRAz0+7hS5tC58b/pQCerUa6PijH8b0/gU1Csfx2zXF ooORT7atcihTruMraQx0DQxaeaZYvapzE/D7x8abSdVrY8C8/WXslw73Lu7Dd53aVuDZ4q+ilmNd 1K/rKA1VebYBXURyzAW4/vw57KuXf57YOdRGg/r1pAntGNCJiIiIXgwvbUDX5iUW6eZeB2PXFc5O LGLDeFdjqLDF6OASz+R9SgE9P/kmfu70hvmFdOP3cDKm9FmenySga7Li8H1H08V0l79nIP8xmtDz Ei7jgyLjjX/uvdK8pbRYQK+On4curnAL+ulF/U2ht+VveFhQ2YAuYs+MXqYQW7M2WrRqjdatK/Zq 3sS0b7YOjTA35Eap26nqgC5qsjHW4zuz41nd1h4NGzdG02Yt0Lr1O+jh1Asjx07G+q378SD2Gn4o Y5K4/Ee30bVdYUCvg7ErT1ayPksoGdBt7fCVEIC4DAXUWXfx4/vNpc9C8/d+w+00xZNtr8yyqDDL 9ycpJL/70xAoigztuHNiFWob/1avxac4G5dT6qoSIkLxXqsGJer+VdRyrI/XX2+Clq1ao8P7XeHn PwQzAhfj+PkbOLpsQiUmiau6gJ7x4Ap++rSdhSBeB40bN0bzlq3Qpm1HePcfhInT5mLPkTDcOB6M VpWYJI4BnYiIiOj5e2kDOvQabJ7mI7UgffrHGGSrdNBrs+D9H0Nwf61eR1xPLzFu9ikEdJ0mF/MG /gU7Y8tXjVp18XqDOlKr3fs/D0RmKY940imzsXfXFqxdu7ac13qE3Ugq9l698hF8upqehd3+ax+k ltPd15KESzvRtsijlZyn7Ta/KC/Rxb2jy4QKt9avHvC79L4WX3oju5L5XKdKRY/3m0rH44P/DkZu eTNnF/Ho2g7Uk8Z2V8cXwlgoLE6qVvUB/UZIIByqV5PK3qDZO/AdNhkbt+xHTOx9pGWaz4ou5tzB 181NNxVKBnR1bgJ++bSwx0NNeEzb+mQT1JUI6G98Jse9DNPs+DFHV6CRQ+FTCmriN/9F5j0sqlDc qXVoapxk8RXH93DB+PnU69RY2OdXYzlt8Y3rNBSUMjmeqMlCv587mlrOqzug47d/YPb8ZThy+ioe PExAgdr8M3lyxTjUecYBXa9TYOHAv0zPH69WE292+hbjp8/D7oPnEXf/AXILzM/D+2c3oQkDOhER EdEL5eUN6AAehu9E2/r2xovEz3AuNhNZ0UfwRgPDDNgf/TkaGgstwVX9mLUzwbPQVBp7XhO/D1mK 8D2LpW721WwdMXjhoSp/zBr0Sizo97O0LzWbf4wL97MquRIRR1aOQm2pW60j5uy9ZmFbxQN6y/f+ xv1yHtkEAHqxAN7fvS2F46+9Z1l8rnJZ7p9aLbWa2tRwxMgVlevSLWpy4P6NaWItx0Yf4NCtR5aW rNqAri+A/68fSMvUbvwBdoXHlVve/Ptn0KaxaXI781ncszHgl0+kv3/6x5gK3bDQKtMxY9QorAkK xq79J5CcbhzfXcZz0A1/V2OGl6kXQE3HVlgQev2JZ60vja4gGU5fFZ4zNTBoxVnoASjTb6NzC8Oz z1+r1QTz95b+6LSUiB1oVtd00+nLf8YjvUBT9ob1Oqyf3POZd3HPSbiCz9uZbsi07+KByKTSewYY iLi4c7b0HcmATkRERPRieKkDujYvAc5fFnZzd8SY9Wew99+BxhbLmhgTfMl8xVUc0B/dOYevOzSX 1tey05+ITM6FXqfEgn49UN04frd2k/bYfuH+k1ZLCSKOrR0Hh2qF4boORq04XqkbAVplGgb8anpk 12v1PsSZexa65JcI6DXqtsLqE3fKXX929GG0cDSOHbetjZErzldi/wDoNZjq/rW03TrNO+Hcw8o+ i1vEieXDi7RQOsB5bJCF4FG1AV2vTsD3repK59HXXhW5OSHi9LrxqGtX+hh0vajB5klu0t/rte6M M/cyyq2FjOgjaGMcB1/NrjH+DTEG3PICOoC8pAh82bahtC+tP/wd15Of0jPRIWLnrL6wN/Y8eOfH IVDpRFzbMV3qMdP8o3/wMK/0wB2+fiLq1DD2XHilAbZetXRDpjitIhne3Uw9Up5VQL9/fgveqFV4 vB0xMehcuTc/RE0eZvv8IJWVAZ2IiIjoxfBSB3TotQgq0uLVuccguHxjuMD+v4adcDXFwljZKgzo mvxUjPf43lTOuu2w/MB1KYSpMqLxw3um8YhzZxEAACAASURBVLtvfe2JhzlV+yzpR9En0Kl5XWl/ Gr7ZFYduJFSodVMvanB26xw0dTRNvvbhL4ORbqE7bcmAbmNTHZ/8MQjx2UrzZY20ygyMFrqa6rrp 57icXLnxy+q0CHSo74DCbs1dPWc+1kz1BalX8VFjB6ksTTr8hMhHBSWWquKArohF14a1pePfxW1a Oc9hB5IjT6F7h5ZF6tkGveedMlvu7tlgNKtV2O3cHn8NWYxcC122pT3TFmDx4D+kddZv9SUuJVaw Bd1YN2FbZ6Guva3xZos9evgvRL5ZF5WqkXv/LDoU9iKo1QFhiTkY7/yFcX8d4DF5W5nn+KlFI1C7 8MbVK/URfCmlzO3pNArsDByKBoVd+W1s8OrrX+JWevHz9WkE9LvH1qH5azbSOsetP13mvomiBmE7 F6F1kR4Cr9Rph23h8SW2y4BOREREZG1e7oAOIOroajSrbQgNtR0bwLGm4QL747/GWHyGclUFdL2o xr5Fw1HXzhhYqteC5+Qgs21GHlqGBg6GZarb1obnxM3m3e6fgKjNQ6Dff6W6srGxQbMPvsWG0AtQ lBHYFNkp2LZ8Mt4t8rxrQ7fhq5bDgVlAt0G1mg740Xsc7qSad8fNexSHyb5/oXbh+OtqNdBjyMpK h+ujy4ZKvRCq2dXDjJ2lTfBWNlGnwqyepm7a1ewbYMLGcyWXwsbJvaRWWru3vsODXMs3VHR5KfhH 6oZtg279FkBV8riKWXD5zBS2azfugI1Hb1oMPBpVHsIPBuHb99uaWvqNL89ph82W1yrSMPD3z6Rl 7Go3Rf8pq5CcY37DRKvMwc4lo9Gg8EZMtZr4sfe/pvJWKKADOnUOJjiZejPY1W2NhftKOV+elKjA GFkX4xhyWwxasAPftjHciKrVuD0O3C67x8CdI8vRoJYpbH/++1DEZ5W8IQMAIrJSYrFwrC9eL/aI RBvY1P0EV1OLP+btaQT0tNtH8V4T09Mf3uosw+XYRxbrVZGdiu1LJqBtQ8diZX3FoTWCzsSV2O7T C+h3TqyGQ2FPg4ZtsDn8Yfn1QEREREQvf0BXZ8Tgp/eLtzja2NhhbHApjzerooCecP0QPm5tmiG6 /beeuJdu3jqs1ykR6POjqbWp4RtYfvDmY9RI6dKiz+Drd1sUq4NadRrho69/xaRpgdi6KwQhISEI CdmF9SsWY/wIf3z+7luoVXhzwXiDocfgechSljKuvERAt7V1gJ1dTdjY2qFtp64YM30etu3YhZBd 27Bg2lh88cGbqC5NjmaDph1+wq3UyrWe6zVZcO3S1tQ74J0fcS/7cXsgiLh7ai0a2dpIx/X9n/2R rix+Xh2aH4BaUp3Uxu/9JmDnrl0I2b0H97NM4VevysSA70xDA2o3a4+x/65ESEgIQk+cR4FGB0DE 5oke0g0GG5tXUa/xG3DrNxprNm4xHJMdW7FgzhT89Z8v8Xq92iXOY8Orh7+lR9qJuHtuK94tMlb9 Nbta6Pj1b5gauBg7du5CSMgurFg0Ez2+/QSO9qZj3aDtlzgVnV6koisW0AEgJfIoPmpu6rbfpuMf uJaYa3HZJ3Vrz3zUM56jb7T9AHbGbXb8c3ipk8MV0mbF4Ns3iz4doSbe+eQnTA5chB0hhs/Dlg2r MHZoH3R6sw3sa1Qzr3vbt3C8xBMYnkZA1ylS4ft9xyLbtkXLt79AwMTZ2LJjJ0JCQrBr60ZMmzgC X737NmoXGf4gvao1waKSTyd4igE9+UoImr1SuO2a6PizBzZu3YGQkBBExJXdW4GIiIjof9lLH9D1 ogqLBv9ZrNXx/17/GFdKCw1VENCVmffh3d00Q3StRu0RfCqm1JbE7IeX0Ll1fWl9bTr9gZsp+aUs /Rj0OkSf24HOHUreqKjY6xW72vjZewoSLLYwmrZRNKC/3upLDPT+Gw4VeGZzwxafIiQ8ttK7lXRx k9T7wMbGFr8PXv1ErbXqvET884mpjhwatsO2Cw+KLXP32Cq87mjheeu29pi4y/QMcL2owsqAfyzu 7/+1/go30wzHV5kWif+83bhCx8HwcsA3f/SF/JePTTd/fh1qcey6qFPh8NrpaFPPscLrt2vUBnN2 XCi+vkoEdL2owYFlI+BYeKOjugP+HLDoqXR11yke4pcOrxcrf3W7epi+I6L8N+t1OLZyNOrUtK1w 3TjWfxNDRw5Dc+mmhyPmH4oqttqn85g1ETcPr0KbBg4VLmtN+9fh6T8KH7cvrB979Pl3b/HPx1MM 6HnJ1/FFq7oWy/br8HXQPK0ZBImIiIhecC99QAeAyMPL0dTR1J3107/GIl9TyvJPGNBFnRLBU/1g b1vNGG7rwHvaJsvd6QtXJ+pwbvM01Kth2Ga16g74a+CSKn5UlYiEmIsIcPsFDe0tBEyLr+po8fan mLp0Jx7lqcpefYmA3vTNH3Hj/gPM6PMn6hQZt1v8VQMffPk3Dl2Oq3yw1muxsN+vphm17Rpg9dn4 8t9X1ipFLfYG9i1Svpr4fcDSYs981+Ylwqf7h1I3d+lVrQZ8ZxTvav7g8m582NRCSHF4B0ejTC3U cRf34qu3m5V7PBq0eRcj/g1CanYB9s8bJD2e7bX6nXA7y/KEaKJWhbC9q/Hth+Zd44u/XkXr97oh 6Ng1aEomrkoEdADQ5KWg/6+mGwg167XBotCn0NVdr8OaMU6wrVakjtp+h7vZ5czGbqRT52D5eF80 dig7pL9SsxY++UGGvWcjocx5iL86muYW+LX/ymL19bSegy5qC7B35RS0a1jOzZZqtnjz0+5YtTcM ivxMjPr7K+lvHX8egoxis+8/vYAuahRYNlwudXMv+vriz8nIe4qP4SMiIiJ6kb2wAf3qrtXw8vSA h4cHvH2nIlVZ+gWfJvshJgT0g4eHYfkluy+XMVu2iJsnN0nL+gSMR2xmiXG7ei02LxovLfPvBtMk XQWZDzB1aB/pb4NGL0BSKeOUi9KpcrB0coD0vt4DRuFqfNVPrKRVKxATcQGBk4bjt5+648uP2xe7 eK5hVx+fdfkWv//jjsUb9uB+SlbFZn23ENDvZGqgUebg8KbF+LN7V9SvbRjD27hVB/zw6z9YuvUI MnLLaJUva3PabMwfYTqmPsPnIqsKWmmz4q9iUC9Pab2Dxy5EmqJ4t/6c5BhMGdwTX3R8W+qe3rhl Bwyfu7vYcqJOg6hz++Al/Iq3WhTOcG6HDp2+R+iVxGLLZiffxaqZo/HTd9+gVePCUF8dzd98H9// 9AemLNqIqIep0BoPRs7Dy+jbu5ehnJ49cTS6rDHXIrJTH2Djkuno8fP3eLtNE+k41W/6Jrr99Bsm z9uEuLTcUod9nA5ZItXJuDmboSizrkU8jDiMPsbPp4eHB8bNCi5zkrrHlRV7Ht49vYzb8cTM1Ycq dSNA1KpwK+wQBrn9ga6dP5Ju+tna1cHHX34Dmac/dhwOQ2a+8TtAr8X+jXOl/eo3aSkURW72aZXp mDXCz3hcfLD5cAXmRNBrsWbOMON7vLBs2wXLZdVpEHfzHCb6e6H715+hjl3hja8aeP/TLvjvn25Y s/MYUrLzjXUg4tqxYKmsvsMmI67od5leiXUzh0t/D1x3ovyiqrOwdNRQ6T2Ltl4s9btUlfcIG+eO Qbcun6COcQiFY/3mEPrMQIaliSaJiIiI6MUN6PTk1Col8nOzkJiYKL2SklORpyiAWlvJMFVKQDcQ oVYqkJqSjMTERKRlZEOprlgrp7USdVrk52YhyVhvaeml75NWo0JWepqxjpOQnZsPjcX6FaFSFiAj LVU6HumZOVCq1FXW+qxRKZGV8Uhaf+qjTBSoqvbJAS8iUauBIj9HOp5JSSnIzS8o5Tg9X6JOC6Ui DynJSaZzKk8BdWm9gp4jvaiDUpErlTUlNR0KpQoiG9CJiIiILGJAp6pRZkAnIiIiIiKi8jCgU9Vg QCciIiIiInoiDOhUNRjQiYiIiIiInggDOlUNBnQiIiIiIqInwoBOVYMBnYiIiIiI6IkwoFPVYEAn IiIiIiJ6IgzoVEVEJN2+gBUrVmDFihUI2nIA2So+S4mIiIiIiKiiGNCJiIiIiIiIrAADOhERERER EZEVYEAnIiIiIiIisgIM6ERERERERERWgAGdiIiIiIiIyAowoBMRERERERFZAQZ0IiIiIiIiIivA gE5ERERERERkBRjQiYiIiIiIiKwAAzoRERERERGRFWBAJyIiIiIiIrICDOhEREREREREVoABnYiI iIiIiMgKMKATERERERERWQEGdCIiIiIiIiIrwIBOREREREREZAUY0ImIiIiIiIisAAM6ERERERER kRVgQCciIiIiIiKyAgzoRERERERERFaAAZ2IiIiIiIjICjCgExEREREREVkBBnQiIiIiIiIiK8CA TkRERERERGQFGNCJiIiIiIiIrAADOhEREREREZEVYEAnIiIiIiIisgIM6ERERERERERWgAGdiIiI iIiIyAowoBMRERERERFZAQZ0IiIiIiIiIivAgE5ERERERERkBRjQiYiIiIiIiKwAAzoRERERERGR FWBAJyIiIiIiIrICDOhEREREREREVoABnYiIiIiIiMgKMKA/R7mp8YiIiCjzdTPyDtIys6HVic+7 uC+UvIwkREREIDL6PjQ6vfT/jxLvISIiArHx6dCbvUuEVqcr9j85aYZjFB2bBNH8DS8UZW46blw1 nFcPUnMq/D6dVmuhrgzEMv72dIlIiL2NiIgI3E/Kei4lIOsnalW4e/sGIiJuID1X+bxKgczkOERE RODOw7Qq/bzotNoqXFvZRFEHnVj0d0hEYlwUIiIiEJeY+czKUR5FbiZu37iKiIgIXLseiczc3Odw Dpj/ltDT8Sw/A0REzwoD+nN0dfcKyAUBQhkvZxcP9Onnj8mzl+FGXMpzCkMvnsgTQRAEAf2Gz0Om uvCiUsSBdTMgCAJmrDyKIrkdyrx0HN6xAcevJxVZi4jL+1dCEASMnLEZBS/yPRK9Dhd2L4OLzHBe DZ8ThAJN2Tuk0ypxO+wINuw8BY3ZiSciJfYmli7fhBzNc7gQ1WuwfuZACIKAecEX+Lkgi7R5qZgc 4A1B7oNj1xOfTyH0OpzeOheCIGD8kn3QVsHJqlXl4eKRndh+7MYzuHEoIiftAbYHBeFmQrbpv/Ua BAcOhSAICFx/xipuYMZdO45RA/vB1VkGQRAgd+6JXUcvPNNzQGX8LTl2Lan8hemxaVV5uHxsF7Yd vWYV5x4RUVViQH+OCgO63KkXZgQGItDCa/qU8fB2d4UgCPDsOwIX76U972K/ECoT0PViPpZO6A8n JzfsCntQZC0vT0DXFaQhcGQ/yFxd4e7kBLlbf1xNKKMVXa/Dxb0r4enqjFHzdpgF9LSoUxjg4wmZ 70RkqRnQyTq9lAFdr8beldPh6iTHvK0Xnno4UWTEYWqAL+Qe/XExNqNIOawroOtVqRjn5wFBkMGn 71DMCgzE3AVLcT367rM7B0QFlk7wh5OTG3ZceFD+8vR49GrsXzMTrs5yzN189rmfe0REVY0B/Tkq DOguHuOQXkr402qUeBh5ASP6ekEQBAybuR75zyMQvWAsB3QgPycDSUlJyMhWSP8n6rIxydcJgllA B5T52UhKSsKjjNwXOgTGXzsCb1c5+o6eiaXTh0MQZAgMOolSR07oNTi6biYEQbAY0OMv7YG7s4wB nayaqNMiPS0FSUkpUKg0z6cQVR7QC7B+2hDDuf8MAnpuSiSGeMkhWHlAz39wHs5yGZxceuPcvQzp O+GZngNiDib7GX5LGNCfIr0SQTMDIAgCAzoRvZQY0J+jigR0AIBeh4hDG+AmFyBzH4ibSRUfP/y/ qrSAbklZAf1loBeV2L5gPGSCgFnrjyHy9Da4O8ng4jcBKfnqUt7EgE5UJRjQn4m82NOQy2Vw8RiN lHKG7zw1DOjPBgM6Eb3kGNCfowoHdAAZ986jj6cTBMENR2+lAAAKHt3Hgf37ceH6PeQm38GSWRPg 7e2DUZNm41h4VJEu3BrERV7E+mXzMaivH7y9vTFw2Fis2rAT9x/llbpNvU6D2FthWLt0Hgb2M7xv wNBRWLFuG+4mZ1kMRZr8TJw4sAOBU8fB29sb3t6+GD81ECGHziJLoS65AVy/cBT79x9EYo4aBdnJ 2LtpFYYN7mfY1ojxCNp5CGmlTeyj1+HetXNYOW8afLy94dO7L+Ys2YDI+PRSA/r9yIsIDQ3F5Vvx 0ANIiLqC0H07MNBLDkHujBlLghAaegDX7xrGD6bev4XQ0FCcvRht8cI6MyEaWzaswugAf3h7e6O3 3wD8u2QNLly/C63ZMRVx99o5hIbux92UHGgKsnA0ZBPGDh8Ab29v+A0aiTVBO/EwPd9sO2kPb2N/ aChCj5xBVkHlWoHyU6Iw3M8TgpMPTtxKgiYrFiP6eEEQnLH17F2z5VU5KTgSuhf/TjCEgL4jpmNP aCiOn7uCAlU+wk4cRdCyWXCRCxA8B2D73n3Yf+AI0gtMQV2rzMGFY6FY8u8s+PfxMZ4LPhg7ZTa2 7juOjFJuDOhFEcmxN7Bx1RIEDOoLb29v9PUPwKKVQbgRm2y6ECszoBvGx4eGhiJ0/yFEx6eX2IYa MdfOYc3iQPT37Q1vb28MGTkR6zfvRWJWgVmZNIpMnDl2EMfPXkZOViq2r5mPvn4+GBgwFltCz0Fp fqDN90unxp3r57B68Vz49/U1fAYDxmDl+h2ISzO/4aYXdUh5cBvb1q/C5DEBxvrzRt8BAViwfC0u 3Y436/2Ql3IXoaGhOHftDkSdGpHhRzFvmvFz6NcfcxautPi+0olIib2G0ND9uHo3CWpFBo7t3ozx wwcaPp8BYxC0+zhylIZJmgoy47F17TIM6d8b3t4+GDlhJkJPRUBloX70OjVirp3HuhVLMGJQH2n/ Bo4Yh9Ubt+Fucnax5QuPweFTYchTaZESdxMblgair/H4jZk8B6Enr0CtK3EmqBUIP3MUofuPIr7I 5+p+5CWEhobiVnwGCtIfYsv6ZRjc18d4jgZi97FwKMxuPIm4fyscoaGhuBSVYPH7T5ubggOhoTh0 5DzyC78wygno+RnxCN0WVOQ70xu9ffth9vxlOHLhRrH6y0q6h0OhuzFxcG/DXBJTl2BfaCjOXolG 0fnbdOo8XDyxHwtmTYKvtze8vXtj7JQ52HXgDLIr+P2hF7WIunwOOzevRm83GQSXnli2YTtCQw/i Xkq2WUAvyE1F6Jb1GBXQ33CuDhmFdZv3IDFTUeo2FFmJCN0WhCnSOd4XcxauxOkrlr9vLdHkpuDw wQPYtWEhZDIBTq7+2BYaajhvYxJKnAOm3ztVdjKOHT6AM5ciociMx7qFht+RoaOnYO/Jq9DqDa3v cTfDsHrpPAzqb/jc9vEfivnL1uDCzdhik7cmRF1BaOhOw2+JrPC3ZD+u3S1nLLpeh8iLJxAaeggp eSpcOrIdwwb1QW+/AVi8bjviM0z1p8pPx4nQHZg9aQx6e3vD29sPU2cvxMHTEVCV+sEWkZl0F9vW LcOwgYbf1hETZ+No2C1otEpcOXEUoaHH8UhhOi9ykmIQGhqKY+dvQGfhOOjVuTh74ghCQ48iOcf8 9zkr5R62r1+FMQGG7wq/fkOwYNkGXIlOKDVMp8dHYdP6lRgxxPC979O7L2bNW4pD566hoMhnMTs5 FodCd2PyUF8IgoCAKYsMn4HLUZX4biMism7/GwFdr8WDyEtYu3Qhhg30Q99BI7B4xXpcufN8J3Gp TEDPjAtDX2NAP2IM6KnXQ+Ekl2HE9IWYMNC7yORycsxYdxiiHhA1ChwMWghPN2cLk9DJ4OrVD/vD zUOaTpWHkLVz4ObsZPl93v44cjmu2EVqZvwNjBvsB7lMZvYemcwJ/iNn405qrukNeg2WjOsNmdwV B8MuY/RAH8hkJd8nR//RgYjPKn4RoNcpcWjjPLi5mJfPo9cALJ4/vUJj0E9unAOZ2f45YdGOsyhz DLpehytHguHj4Wpxcj8nVw8Ert6H/KITqOm12LloNATBCZuPnsPssQMhl5nXbS//MbiVVKSeAEQc WguZIEDWaxjuPDIP8KUTcfXIejgLAnxHzEFqngbQ67Bv5RTIBAF9J640u7DLvB+GXhb2qd/ouUjP SsLE/t5mf5M79cKNNEPozku9g6nD+sFJbn4eCIIAQSaH/5gFSC0R0kWdBqdDlsPT1dK5KsDF0xdb jlw1XISVGtBFJN0+i4E+HhDkLpi2eBsyigQSUZ2LXStmwd3CeSMIMnj6DsHxaw+LlSs/NRoBfi7w GzwGcyePLnbM/MYtgaKcSfJ0yhxsWzGj9M+Sz0CcLDI2Vq9T48ye1ehVSj0IggAnl17YdvJWsYvd +PDtEAQBI+YH41DQXLg4yc0nnXT3wfZTkRVscRIRHrIIgiDDzNVbsHBSgNlnWyaTY9zCnchIuImR /XqafZZkzu5Yvjus2PZEVRaCFkyBq8X6MB4Hn6EIu2e6sZKfEoWhvi7wGjwRp47shJ+Xu/l3jNwZ E5fsLtbbw/IYdBEH1hu+BxZu3YtJxgv9kusaPWsN0ouEFui1OLBmCgRBwMz1xy0Gl4L4cDgJAjy9 RyOx8AujjIB+9/IB+PfysPAdVPi5csOctQdR+BUWc3YH3CwsNzxwkxROVDmJWDBhqMXPn0zmhP4j ZiIqqfgNEEv0ugIEzRploVyuCAm7Vyygj5+1zPD9bfZZl6H34EmISTX/zkqMPIvh/XqZfecLggC5 sxsmL9yKbFX5vXPyH16Ep5ulc0mOfzefLHUegsx759DbwwmDxs7E9JH+Rcouw/DALdDqNDi3eyXc SzlPnZw9sHT7KWiMFX8yKNDib8nC7WfKqWgN1kzzhyC4Y/WapXApctxcvPxxJd7wW5CZcAtTh/W1 /Psqd8bQSUvNvlMBEbGXDsLfx/wckzu5Y/HWXZjWtxcEwQ83Uk03AmLPbYYgCPAdswxKC+e5mPMQ w/v3hCD44ELRXhUAYs7vQR9PV4vntLNbTyzZfNTspmbcpf3w83Qr5TPggvH/Bknnwt0LIXC3sNyw 2UHFnthCRPQie+kDuqjJw941gXBzNr9YlTu5InDDEQszVD8blQnoVw9vMMzA7TIQt1IMP9iFAV0m k8HFezBOXo+DsiAPYUf34srdR4Bei7A9K+Eqk8HVsw+C9p5EalYe1Go1HiXdwYZ/JxlaHDz74eID UyueXtTiwu4VcJYJkLt6YWlQKBIzcqBWq5AcewP/TgyAXBDg5D0CCbmGCwJNbiImDugFQZChz5CJ OHHxJvIKVFDm5+D6hcMYNcAQ6vqNno+0wosIY0AXZE7o6+cLnwFjcOJiJPKUaijyMnBs+0p4ucgh CE5YEhJW7GbA7ZOb4eokgyC4YsGm/UjLyodapcS9a6cxfogfZMaLmPICeuzVMwgOXou+HnIIMidM mLMMwcGbceHmA5QV0O9f3AtPVycIghyT/t2A6IQ0qNVq5DxKwP4tK9HTTQ5B5oqFW0+bLuSlgC6D Xx8/ePoMwp7jl5FToIJKmYdLR7ajt7scgiDDhOV7i4Waxw3oojID88b6QxDkWLzLFGTTo07Cy80J grwnLtwv3oJbkBWPncFBmD5qgOEibfB4bAwOxu5DZ6EoyMWxPTuxLHCSoQXdvS/WbAzCps07kZKv g6hRYGPgCAiCAA/fYTgSdhO5CqWhbjKScWTnani7u0AQ5Fh14HqxY3rv3A64yGSQObli5tKtiEvJ hFqtRnrCHaz6dyKcBQFyrwG4cj+j1ICecf8KBni7QZA5Y9ryEOQVbQXVa3B80zy4yAS49fLHjkPn kZ5TALVajZT421gx3RBG3HoPw40kU0tbYUAXZDLIXHthw4Ew5BcoEXv1OA6cjS6ze71e1ODUtkVw lglwcu+FlZsPIjkzD2q1Col3r2L22EGQCQKceo9GqtJQ1tToU/BxkUOQu2Dqwk2ITc6AWq2GWqXA vZsXMWfcYMgFAa79Jxe7IC8M6D19/eDl6oH56/ciIT0barUSDyLDpRYnryFTkZxbytCG4mePMaAL cHVzg3vP/th88AKy8wugzMvCoU0L4OIkgyBzQ+/eXug7bArCbj2AWq1GVkoslk83nAc9+49FXJZa WufF0FVwlcsgOHth3a7jSM3Kh1qthqogB1fPHsSwvj0hCAKGztgItbFyCwO6q6cXfDw8MGLaUtyM TYRSpUb2o4fYEDgWMkGA3MUTp+6YHrtXXkB3dXOD3N0P2w9eMHwOFdk4G7rZ8DmUOWP66gOmQF3F AV2VeQ+jjHOLDBgzHzfiEg3HWa1CyoNobFg4Gc6C4fs57J4hBD16EIltwRsw2r8XBEHA4HFzEBwc jINnrkEUAVGrwOrJgyEIAvwGT8CpS5HILVBBrVQg5tpZTBnWz/C9OH4RHuWX3ZKuFzW4dvoQ1q1c AG9XGQRnT8xdshrBwVsRGZ9RLKDLZDJ49B6KA2euIVephrIgB2GHtqKPp+GzPmP94WLfZ3nJtzDc 1wuCIMeY2asRGZcElVoNVV4mzh3chr5eLhDkLpiz8Vi5N5M02QnYvnUz1i2Zafg9c+mD1cHBCA7e jHPXY8sN6DKZDDJ3P+w9fxsqlRK3zoXi5NVE5CXfQD9XOZzce2H93jPIyDGcp9mp97Fm7gQ4CQJk rn0Qft9wbOKunsGm4LXoZ/G3pKyKLgzohnocM38T0rLzkZVyD1u3H4JKBFQ5CZgxzA+CIMPg8f/i UmQcFEo11ArDZyagjxcEQYZhc7cWOy/zkiMxxNsVgiBHwOQFuHEvCSq1CqkPbmPx9NFwdnGBq5O8 ygJ6xp3T6OUsh0zuglkrdiAuOR1qtRp5mck4sGUlero7QebsgY1HTN/9elUqJvXvBUGQY9ba3Uh6 lAO1Wo2CnEcI3bQYrjIBgpM7Np+4BQBIj7+NbcEbMMZ4TTFo7CwEBQfjwOmrbEEnopfGSx3Q9aIG Z7YvhnMprROGO/zOWHvw+nMpX0UCf/Xk/AAAIABJREFUuqjTIvnORYzsZ7hoHT57o9RiVxjQBZkh 7JSUlxKFYb7ukLn74sjVh2Z/h16LvcsmQhAEBMzZLP2wF2TEYXQfDwhO7li3/7LZhahOkYyJA3tB 7uSEVftvAhBxapPhArTXwEl4kGXe5S036RZG9jFckC3fc9lw0VUY0AUBLr0CEJNevHuxXlRix4Lx hgvRiSuQaxxXqNdmYc5QHwiCgDmbTpkFpIL0WIz171mhgG6o49LGoFsO6KLyEaYZtz9l5QGzrux6 UYfrx4LhJhPg0nMQrjzIkurbENAFCK59cCH2UYk36nB2yzwIggCf/lOQonzysd3Jt0/B100OZ++h uFFk1na9LhuBAYa6n7h8v/kbH3MMen5qJPzdnSF37Ym94XEW1qvF7uWGc27ior1S3YnaHMwc3BOC zAlz1h81694qqjKxZOJgyOVOmLXuOLQWAnrmw2sY4mtoOZ++fDcUJcahZt2/gv49XSH37I/zd8yf hiDqlNg8dyQEQY6Jy/ZK54cU0AUB4xbsqFCXdlN9RGO4rxsEJw9sOnrdLGzoFIkY08cTTk7O2HAs BnpRgwOrZsBJLkf/cUukc76o3Pgr6NvTFYKsL64nm24kFAZ0QeaCxTvOm20rOfIkfN3kEGTeOB2d WoHSmwK64OSJHWejiv1Vr0rBBGPAlHsFIC5bVezv2QnX4O8ug+DeB2djDOe6Xp2J+WMGQC6XY+a6 oxaGgQD3L2yHTBDg3W8q0lSGBQoDuiAIGDplNbKUxZ99rNdmYIKvIYgs2HJO+v/yArog98Tei7Fm QyTunN8Fd5kA116DcC0ht3AjVRrQbx4LhruzE+S9RiA+R2W2Lk1+GqYGeEMQPLDjTEyRnS19DHrc eUPdeQ2ahIQc85swquyHmBbgC0FwQdCJyArN3VCRMeiCqx/C4oo/C10vanAiKBCCIKDP0DlINx5L vajCzsWG74AJS0Msfp5So07Bx0UG154DcTUh1+zvlkhj0L3GF/s9LS+gC4KAwOBTJcKdiOhTGw03 T6ashbJEEXWKFEwP8IPcyQmLdl40HYPHGYNeJKDLvUcitaDE975ei3M7FkMmCBg8ZTkyC8yf+61I uYWBPV0hCG44EW04DnpRi+MbZhvqf2QgUkrckNGps7Fq+jDjtVAVBHRRgUVj+kKQybFgx3kLOyri 5skt8HCSodegKYg3fl9k3T2Dnu5OkPeegAxV8X0TtQXYPG8M5HInjJizRbphxzHoRPSye6kDuiIt BsP7eJQezo0vV7+xSFE8+4mupMesOfth2br1WL++xGvtasycPBburoaLCK8+I3A93tQ6VBjQ5c5e uBhvPs7v5vEgOAkChk1bh/xSQoUiIRxuggAXj8GIzTH8OD68shfOgoBe/uNxP8tyS9udW1cRfS8e alGEqM3H7ABPCDIXrN5/1fLO6nU4uWU+nAQB/ScsNbRsFgnoI+Zvt/i2a0fWQyYI6DcqUBrjnHXv LHq5O0FwG4zYbPMLW+i1OL994VML6I+iThhayN0Gmt1UKKRVpGH2yD4QBGes3H9ZKldhQO83YanF 2fhTbhw0XGD7jcD9bPMLscrQiyrsX23o6j9qdhAUJc6BiNDVcJYJkHkMwcO8Ett67EniRGSmJuBK eDgyFCXLL0Kr0eDo5n8hEwSMnx+CwvypSLgIF0GAi2d/3Ey1POdAYtxt3IyKQ75aW6IF/TwyjOFc 5uSKwLX7kW8WbEWE7VkGuSBg3PwdUJXSFTLt9lG4CAJ6+o1BvLFOTAHdGRv/P3vv/RxVliZo/xkb X2xs7HYNJaVMVVeb6tme2dmN3Yn95lsz04WUKXHz3pup9CmLhIeCwvsUILwTtii8B+EEEvLeYAXC e49wcpk3n++HmwgJpQoViK6i+jwRJ0BKXZPXnuec97yn4GzY5friUvkuVEnCO3Imt5+H77FsOlVH 89VbXcc40PGSy02naTzfu4KvaQHaH1wgK9mBJKVQf/uNvLwWdIsjjca7va9L/9NrjMt0I0lJ5NWH abDrvbUuQXdlTeb628+CYCcb5uhRFuMX7eole+0tt5icmYRkdnO02/Zanz/mbF0VV+71HnsfCPi5 f/Y4iiThTpvGvba3BV3lh8JzYfd104LRSJKZWWsPv/nO7xD00XM3hRVEf+tjfOO8SJKVDUdCz7QB FvRgoIPbNy5RWXOmV89fUNPoePmYnMmZSFIS20+e7/ZhX4KusSl7FJJZZc3BPp7DaJTvXY4iSYyd vTHMfdKb/gh65sy1XaHe3blZdwBZkvBkTebWc/1+6nxyhXEZLiRLBnXd3mc99rLzJaumZyFJFtYc rH3nPsKHCLqVo6fv9VrflfLtmCWJJNdwTtRfpq29g4D25l1y+XwDF6/cot3f7fn3gYI+bO6mXh8H Wh8zb0I6kuLiUO3VPlaisWf5JCRJYtbaY/r3bn3MnNFuJLONzcfPhF3q3pkTuJOUARH0tjt1OFQZ xTmWO2+3aITofH6b6SO9SGYHh+v14/P8WhUeu4pktvNDfh2v2toJdLuWHtxo4nTTVZ63dnv+CEEX CAS/cn7Vgn6pYg/Wd8i5JEmYFSuHGvvTozSwvBb0H9s3RbVid7iY4lvB2euPelSCXwu6ah3Nrbdf iMFOjqyZpbeej55M7po1rAlXVi3CaZYwW+wUXnwKwQDlOxeFKq9baO/Hi8//4gpDzRJykoviS+Er XAC36o/gVs3IyRO5/by9m6CbWbytIuwy54q2IL8l6BdObiPJLOH6bnGfvZm3T+dj+0iCfuroRl3i vs3pe/xxsINDK/XK/MSl+/RKeTdBn7pkP+Hqxo+aClAGSNBbH11hwlAHkpTE5vw6WlpaepT7V6pI t6lIkpk1h06/tf8flsU9qGm0t77kycN7nGmso+zkMTbkrmT2tIldY8y7C/rlYj2pn2v0Ql71p7LV TdCnZa9iVKpDX35UNi3hsvYH29m5UD/2WeNn9nk/rFqajd0soThSqbquy++bEHcPhWd/Qt6KoJ+T m+chSRITFu560/vTTwKdHTx/3sKNKxeoq61i/7YfWLZoHqOzUkPjO8MLusM7iXvtvY+B9vwWE4Z5 3kvQsyYsp+XtC7aboC/4oazX0n0J+ms6O9p41vKU5nON1NWWs2XtGnJ8Mxnq1c9lWEE3ezl57m7Y vd2+ZMJPFvSVB+rD9iIHtU6O5OqNWxNXHdD/5iOMQQc9Surli+c8uH2Nurpajh/YxeoVS5g4bgSK JPVf0IMvmJluQTIrTJyzOPzzfs0aFsz8DlWSsI2a9c4wd+ifoM9ZEz4U/XbDoV6C/uBCCak2GbMt mYXLV/Wxn6uZOCI1dPz396un/70F3ZzB2Qe9hw21PrnCxHRH6F0skz58HAtXrONkRT0PHrfQEe7Z /4GC7ttwstfHLx82M9atIFnszMlZ3ud5nT1BHy6TPC2XIND65BIjrGYURxqVV8PnHAi+vMHYZOeA CPrVsh2osoTsymJ1X/WN3BWMTNbD8ZcfqAl9/RaWTRnWNWbdlTIMX84y8k6UcfPeY9o6wlyjQtAF AsGvnF+xoGvUhOTqnUVW2V569a++h68FXbFmsufoMY4d612q6s9y7+HTsC+gLkG3T+wVIh/UWtnu m9C/7y9JSGoSR88+gmAnR19XTFcf7FfFyN9ygWRJwurI4PzDvse2Pr1aqWeit4zk0pNX3QRdZvW+ xrDLhBP06v25qJLE0Bm5dPQh6I9v1JIhfxxBrzm4BlWSGDlnQ9heIwCCASp2L0aSJMbM+kFftpug z16dHzZL8cAJusaZgs0/PryjW/GOyeFld+P4AEFve/6Qw9vWMX5k+lvbMZNkd2APJdbrLugN+1Yg SRKpM9f1b8q0boKu38MWrBYFs2Jj84kzvdehvWDN5BH9vh/Mdi+ll/XGpi5Bl9OouPSw1670vY/t HFg6DUmSmL4xv99TwWman6tnK1gyeyouu6XHfsmKBafTGUoAFl7QnamzeRLmsvwQQR85ZT0v315n N0FftKWy19J9CXqg8xV1RQeZO2lcr0R2qiUJl/NHBF1Op/LtoSEhfrqgK+yuuhb+qwf9lG7L0b/7 nB/0xpUBF3SNx7cvsH7JfDK8jp7Xn1nG4XBitSj9F3TtPmOUfj7vJQl12FTu9yMXwYdMsxZO0K/X HsYdJjFcX2XMkt0fV9CVkVxuCRcJpXHrfBlTxw7rlYzUYnczdfZiShuae74DPlDQF2+r6vXx01sN DJX7f7zsE5cRBF7crsMjSVg9mZwOE1Gj7+9TsjM9AyLopw6uCTUo9a/k7H7TKP/ifjOLZozHkdQz 6aqsWBk7aQ4HC2p40T38XQi6QCD4lfMrFnS4ULoTS38q4z9zD3p/ksSF452Cnv2dLpe+VRQUFlL4 Y+VkEbeetulitk4Xs+9WHujXi++1oFscaZy5HybkPMSjiyWk2GUkx1iutbS+t6DXhgQ5bdqqvgX9 eg3pH1nQh89a1+f2CQYo3qZXyr/N3q5HIvwVBT3Q3kLujFFIkhmXJ4XMzMzwJSMVxSxhlm0cO9Pt HnhPQe9sfczqWXrFSbHaSMvIZPrcHNZu2MThY4Wcv3SDo2FC3E/nrdYrhNPX9K+y1V3QFSsLNh3l +NaFmCUJe+o4zt19a9yq9oK1U0YiSWamLNr47vuhuIz7z/Vr+f0F/U0UxbT1R/sp6BqXq/Pw2lQk s4zTncyIMeNZtmoNW3btp6yynjtXTjEsxflJCnpQ66Bg+1KsqhlJVvGmpDNm4gzWrFnLnoPHqG08 z7WGY32HuA+ooMvsqrwa/qsH/RRv1sdPj1mwvSsC5l2C/upGZb8F/cmNBsaGcoskOdwMzRzOwuW5 bNi8g5PFFVy/fo2cqcN+gqA/YKxFf58t35L349d3YSFFlQ20vmMGAhh4Qb9Rdxi3LKEmj2Tf4ePv 3M+aMEM9wjHwgh5avv0F5+vK2bZxNeNGZeF1O7sy5JstTraeOPVmiMJHEPSW240MVSQURwo/7D3y zuNVUtdEEHh5/zRpZgmLO5NTd/qY6u69Bf16L0E/nbcWRZKwD5vMiXc9XwsLOXu9Zx6QYKCDa02N 7Nu5mSkTRpLidetJKCW9ATZ7/aE3EXNC0AUCwa+cX7WgP7nRwHBX+Gmwuhere2zvMbh/BT6moBPs JH99SLQX7iRMxGt4ggFq9uu9mSNnbOBVH8u9annCk5bndAY0Aq03GWU1Y7Y6yD/TO/nWay6V7cEu S1iypuuZ3N9T0K+U78GmmLEOn8PzMOHVoIe426WPI+jnC7diNUvYRsztc/vBQCvbcyYiSRLT1x0N JcX76wn6wyuVpCfJmK1ejjfe6vPvgh0PmJzmQJLMjMvZ0S3j/PsIusaFoq0okoTVmcG+klO8au89 Dv345vm9BP1m5Q5dLrN8POtjfHj7y2c8ftJCe2egh6BPXLib9oBGx/PbzBjpQZJkxs/7gRc9prjr YPcSfYzmzNwjYYcX9MX7C3qA0tBwkXG+Lb0STXWt/+ljnjx7TmcgiL/9CdmjQ98hey1X7j7pJfad Dy+QlWz/JAW95WYDw9xJSGYri7cc4eGz3uLw4Owx5L+KoJtZndcYPsQ90M6uhZORJDNzNh0P/fKN oM9YfTT8/XvuGOb+CHqwg52L9MzzKaNnUt98u3cCwbYWFkxM77+gB18yJysJSbaw5eRFBoqBFvSH zWV6JJVzFE33X/Re6D35WILeHc3fwYM71yk5cZDpYzIwmyXsw2e9mUP8Iwj6q0eXGZdsQUpK4eTZ 8MM7wtH+/Abj3Spmm5fCc+Hfy1rbHSal9h3injxmce/7Hmh/cIHhKfYegn6jcjeqbEZNncbTn5BI MxxBTePpw7vUVRSweMZ4VLOE6sqi7nooVF8IukAg+JXzqxb0YKCNvPXZqH3NxyxJSGaVZbsr+h1+ OpB8VEEHmst3k2SWcA6dyKUH4VvQ2x5cYO26LRSW1fIyJLK3T+djlyWcaRO4GG65YID9q2YxdNgo Vu4qQgu0sTQ0XVr298fDviyDWjv7Vs3ELEmMmfs9rZ3aewt6273TpDusSEoyldd6j3kPap0U79DD y/sn6M/0sZv9FPRn16pItqtIipvSSz3ngH1N6+NrTMnSE/S8nh7mryXoQa2T4xtD2XvHzePeyx9f T3EoA7/qzOLs/daufS3clN2noN+uy8P+lqAHNT8HV+gCkzV7Y1gJ1jqfsWKKLtaTFu7umre2/f4p vVfNltZjyr83XypA2Z5VpA8dRs66fbR2doSZZk3jRsMx3FYZWXWw5fjpHvOjNxzbiMUs4R45i9vh kgsCT26cYsPG7ZRUndKvUT5A0IFrtQexyRLuzClceRxGAoJ+di6eQuaI0azdX07ro3OkmSXMSS6O nwkf1XOtJg+nVUaSkqnrlpn/UxD05tLd2CQJJW0C15/0Ph5BLUDZTv3edadN5W7rxxR0idGzNobN I9HecpPJmQ7MFhd5NaEw+GCAI+v1vB4T5+8K2+hZu285Uj8EPdjxgBlD9WmiVr813eBrXtw7z0i3 iiQlsa17YrxucvJ2krg9SyciSWbGzttMR9iGLo3z5cfYtusAdeev92taqhf3mxjtVgZM0P3PbzJ1 mBdJUtl0/EzY5TR/K8d2bmb/0QKu3H33nO0w0IKu8eBGE0cP7uVgYV3Y83P3zAk8NhlJ7ba89pyZ GZYBFfRAewvLpw5DkhQWbD4RduYDggHKDu5gd94RzoV6prXOV2yYOwZJUlm4pTDsub575oSecPUt Qb9Wvk2/B9Nn8yjMBm815uO1yj0EvePROVKTFMyyjfyz4RsE/C8fsnfLFg6dKObuU317Lx7d5OTx I2zZkx92yNirR5f5NtWCJHs4Vh9qbA62s3XeWCHoAoHgV8uvWtAB2p/fZ9Pi6aG5Pt8ee25lxpKt PGv/62dwh48v6K2PruiSKKnMWr2Hp696Jlvxt7Xw/Xx97mdn+mTuhDLZd7y4y9yxKUhmC9nr83qO /QIe32hglNeOJCmsO3oa0Dh9fCOqJGH1DKfo9M0eL8yg5qe55ggZTiuSbGNHSWju6PcU9KDWxg/z vsUsSYycsZoHz9u7bUvj7sVKRiXb+y3oQa2NBWMdSHISO0uvdNt6eEEP+p+zesZIzJJE1pRl3H/e M+u4v+0ZeRvno0oSzoyJbxo5/kqC3t5ykymZTiRJZemu0nc2PrXebcCrmJHMCot3lHZ999dyNm7e 9l4Jzh41FeJMkjF7JvGoI7SfwQCFoYaBlHELeszRDRDobKXi4EYcofGcY+Z+T3uo8qcFWlk9LQtJ kpkwfxNPW3teqy/uX2LGqBQkSWb+Dyfo1MLPg64F2ji83ocsSTgzxnPm9huBfXHnLGNS7UiShZxN R3td1+0vHrJyht4zmTY6m4ehae4+RNDbW24yY6QXyWxl4eZ8Xr0VcfHoag1ZTiuSpLK58ALtz64w MsmMpOpj6XtWPDVa7jbjG58ZeobZKenWQPQpCPr12sO4FTNmZxY1YaYZvHWujOHuJF1yU8Z23QMf S9Ali4v95Rd6yEug4xXHt+ozTqSMmsOdF51dy1UdXI0iSbiypnD5Qc/e3xcPLjNlmKt/gh54Ss5o PQna7HXH6HhLTNqeP2TLoqmh86yy7nBdt+PkZ88yffjSgi095eROwyGSZAnF6mbnyTNdDWCv9//x zTNMHOZBksxMWxZ+irO3aX18jQkZVqSkDCouPeq2H+8n6AQ7ObLehxJqPD517WGPZ1RQ83OhfB9O ixmzYmdH0fneKw7DQAp6UPNzcrN+zrwjZnHl0VtJ5IIBzhZuw66aScqcwYPQuzWotZMzzoEkW9lR coV+8Q5BJxig7vA6LGaJJM8IChuv9ZoS7s75EjKcFiTJzNJdlV2/by7dhVWWsCWPorzpbo/j3NZy lxUzx4SSs/UU9MfNJ7FIEqothYIzPRNjtj9/wPp5E0LLdZtmLdjOhtl6no/08fO58bjnMQv42yjZ l4tVMaMkpVFyXs+c31y6iyTFjGTLpLrXva1x/3IlQx0KijOT6qtvpizdt1KfgjV7U1HY4SYCgUDw KfOrF3QAf9tzqk/sY+aU7xg+bBjDhg1nwtRsjhTX9Z2F+6/Axxb0oOansWA77iQVSbHy7bR5HC4s p7GxkcqS4+RMH6tPs6U62Hayew9NgIsVB0i2W5BVG1OzV3KyoprGxnry925mdKY3NPVZTlfFxN/2 lNzZY0OV00xWfb+L6rpG6msq2bFhGWkuG5Ik8928TTx5LV/vKegAj6/XMzpFzwabNX42R4sqaGxs 4OjeTQxPdeFKTcVm7q+gd7Bssi5/4+fkUtvQwPmrd+lL0AEeXa5ieGj7Q0dPY19+kX5ci4+zZM5k vRJidbPlWP2bytQHCHpz9WGmTJ7MlLkruPWj4ZgaVyr26JUr51AqLj/6kb99vV/trJqiJ3Rzj5jN w9YAoNFwdC2SJOFKHUd+WTWNZ851Cebza5W4baGpcQ4V0Vhfy91nndw7ewKHxYxZVhk/exlF5dU0 NjZSdvIoS31TuzK4S5JE5vRVXb3UAPcvlDHUlYRZtjB2Wg75Jfo5PXl4D5PGDkWWJLzDp3Hx3vMe Ie7dBR2g9ck1pma59OttwQ9dwxCCWieVB9frDQSqjUmzF3G8pIrGxkbKTx7FN2mEnrTRnsyByuau 9X2IoBMMcLZoN16bimKxM33+aoora2hsrOfo7k2MSHdjliQyJy7laXsArfMV6+fq0mNPHsb3Ow9T 19hIQ101e7etZ2xWSreZH3pOD/UpCHr7k6tMGq73HKeMmsKBY8U0NjZSX1XKD7mLSXO9mRbT5hlB 08NQHoCPJOiqaiHJmcLSDbv141xdysp500hSzShJyewpbepxbT25VhdqQJAZNdnH8VL9+i48vINv M5NxDx1Nml3uR4h7gIKtOShmCdnqZNHaHdQ0NNLY2EB+3k6mfzusW4JHhWV7us0rHQyQt26mLkKj Z1NeW0/DuctoGmj+V+xYNg1ZklDtHuat2EhZVZ3+7N6/jW+Hp+gh+BnjOXWz57zlfdHRcospw51I koV5uTupb6jjyt2n7y/owKsHl5g5Jh2zJOFOG8m6HXk0NDTS2FDDjnVLSHZYkcwyY2ev4XGYeb/D MdAh7s9un2G014ZklskcO4VdhwpoaGyksa6avVvXkuXVRXzl3vKuZ3xQ62R56F3y7ezVoXfJO2Z+ eJegAx3P77F8hi7Tdk8GyzbupLqugcbGOg5sW0dWslNvTBg1h7sv3jRu+tuesGnBJGRJwpU2iu93 HaG+sZHyoiPM/W4kVosF2WzuJej+tkfMHelGkswkZ41jz9Hi0HPyMHMnjcHpTScrxdlT0IGn1+sZ 5rEjmc2kjZjAtoMnaGxspK66jA1L5+BMUpHMKnPWHOBV6Nnvf3mP7G8z9HdNygg27jxEfePre2EH E4fr0XmTFm17My1gMMCRjXoy27RRsyirqafhXHO/IkIEAoHgU+BvQtBfE+hsp+XpU54+bek5d+nP xMcWdADN30ZN/k6Gp7rChvg7vJlsOVzVqwdHC3RwqvgAo9LCLacyamoOF98KPWx9epsNC2d0zdve vVhsbubn7uRu94rQBwg6aNw8W8rkEWlvbctM2ojJ5Bce7neSONCoPpiLpVtm4bGLdqIF+xZ00Lh5 roypo4d2TQ/TfR+8GWPYfaKWth7joN9f0OuPrscsSZjdY2h+2HtKoK696gprlBgxYy0v+zkWsLl4 i75+1cbeCr3n5/H1ekZ6bW/OYdp4rjzSK3Fa2yMWTsx6891llQMN9/XQ1M1LcIS5BiTZwvDxM9i8 YRl2i4wlfUqPXvagFuBK40kmDksJc80pZH47k+qLd7qiL/oS9KAWoKlkNw7VjGxxsuX4qS550Dpf UXJgE5lvZc1+XTzpo9hd0NCj5/GDBB3Q/O3UFewONei8PcTGwpgZS7jSrTf28fVTTB2VGnb/bK40 cnK/Z864NCTJzKqDb6YJ+xQEnWCApvKDoXncwx//NVu2MtpjwZzk4USoAeJjCfqU+RtZPufbkKS8 uX9dKSPYdbzurR5ovTGvPG8Tac6kXvd8+qgZ1F1qZkqy0q8kce0tt1g+6+1th7JXW51MzV5G7gK9 l3DCwp10nz3wat1hUmxvGruso+d19YZ3vHrMztXzcHb7vPt9lDV+JhVnb/ZbZoL+VvblzumRoXvR rgqCHyDoAI9unmPh1LFdCdd6fH/FxtSF67jxds/1jzDQgh7U/FyoOsLoDE/Ya9Vq97Jk0yGetXX/ Xho1eWt6vEvGLNzx4yHY/RB0gBePrrN2/rReGeX1YmHM9IU03eo95OvV0ztsWjSTJEvPKMIkZzpb d+0g1WXrJeigcf1UIaPT3b225U4bzaHyejbMGtVL0EHjVlMF00ZnhHkvSlhsHhas28PD5z2HGD24 Ws+McVmYw2T3l1UbU3M2cOtJz+F21xuOktptlgvrKB8v+sgJIxAIBJ8af1OC/kvjatUxsn0+5i/a wvP3EPSWa3XMn5fN/IWbf3T5oBbgyf0blBYcZsWiBfh8Pnw5y8k7Xsz1e72TUHVf7um9GxTnH2TJ wvn4fD5WrNlMWc0ZnrWGn57H39HKlfMN7N22Qd9Odg7b9h2h6fKt3o0iQT+HtyzD58smv+pq2PXd PFvCPJ+PVZv28TzMoM+XT+9TfvIQS7J9ZM+bz/b9J7j58BkvHl5m1Twfqzce5EXnG0GvL9iFz+dj d/6pHpWmQMdL6suOszwnG58vm80HSukMwuXafHw+H9/vKgk7j3Xrs0fUVhSxbsVCfD4fCxau5Fhx JXcetvQ+rsEAFYd+0Ld/rDFspe357TPM8/lYvOJ77r98c7yuNBSQ7fORvWQjd5619V4wRMfzu6xb PB+fbz6HK5r6/Lu38b+8w+rX3/2QPq41qPm5dfkUW9Ysx+fzsXDFDz22/eLRTQ7v3ER2to/s7Bxq QhW1gL+dq+fr2fXDGv0a8M0T4I44AAAgAElEQVTnh50HqD3VRMvLNvwv7rBu2SJ82Ys5f+/tJFEa Lx7fpaLoGKuW5uDz+Vi8fD0nK+p59Lx7446fwt36+g8WX+j1fQIdLzi8Rf98xYbdPH71phId1Pw8 unuV4vw8liyYh8/nI3vhSo4WlnE7zHlra7nNhhUL8M1byYW7YcbH94OgFuDx3WucPLqfxTn6vbRy 3VbKa8/xvO3teX41Xjy5R1nhYZYv0vdv0bI1HD1ZxtVbD+kMBDhbeoB5Ph8b9pzsGrf58GK5frxW 7Aqb2ElrfcQPa5bh8+VQe7UfkRVoNFcdwufzsW5rQe8x10E/Ba/PQUnvpGSdrx6zJTcHX/ZSGrpt L6gFeHTrMvkHdrBgXrZ+jtZtoaiilruPnqEF2snfua7HNdz29FbXObh4L/w5KM3bhM+Xzc7jb8LB A60t7NiwFF/2Mk5ffy0SbwR9Tu5xWl+1UFt2jKXzssmel8PeI8XcuB9+aksALdDJvesXOLx3C/Pn ZePLXsKhkxU8fNZKwP+crcvns2jpDzxuf/PcOVe6H5/Px9YjNT3CcTtetdBYXcK65fq1nj1vMQeO FXD+ym3aOv08uFLDAp+PZWu387hbA6UW6KD5dCXrlunPnaXr9vKqW2Oc1tnOjctnObJvOwt8Pv1v cjdRVFHP4+f9S4jWnfYXjyk9to9F87Px+eZxqOw8WjBA0b71+Hw+9heeC/seeXytnnk+H0tzt77V wPr6+z/jTF0lO77PJdvnw5edzcbt+6k7fYnWzp82xKft3nnmZWezYPHWHu/D8NcAvLx3Qb+/5q3j 3svw77OgFqDl4W3Ki/JZu2Jx6J22kB37j3L+yu2wY6YDna9o6PYu+WF/aa8cHj034ufErlx8Ph95 pc0/8ofgb39J89k69m37nnmh85r7/Y4+niPdl3tF85kaNoee5au+3835a3fpfNxMpsceRtD14WIt D25RfPwASxdk48tewLb9x7h29zGa1sHJ3evx+ZZxIUyiv9Znj6irKGJT7jL9mM3T6wFnL93ss3Ok 9flj6iqL2bp+Zeg4z2PD1n3UnW7mVUfva0ELdHDpTBXrly/Sr++1e3j5M0ZECgQCwUAiBF0gEAgE f0P0FHQxflXwt4r29FKfgi4QCASCnw8h6AKBQCD4G0IIukAAQtAFAoHgl4oQdIFAIBD8DSEEXSAA IegCwd8a1x0jORf1j6IMYGk713uI30AgBF0gEAgEf0MIQRcIQAi6QPC3xtU4F6f+fYQoA1heNZ57 94F/D4SgCwQCgeBvCI0LtQVs2rSJwqrmH8+wLRD8itFaH7F351Y2bdrN3RfhE+UJBIJfD0LQhaAL BAKBQCAQCAQCgeAXgBB0IegCgUAgEAgEAoFAIPgF8LagX/jT/+LejMWi9LPcHDpRCLpAIBAIBAKB QCAQCD6ctwX96pDkn3uXPile1Z0Wgi4QCAQCgUAgEAgEgg9HCPqHIQRdIBAIBAKBQCAQCAQDghD0 D0MIukAgEAgEAoFAIBAIBgQh6B+GEHSBQCAQCAQCgUAgEAwIQtA/DCHoAoFAIBAIBAKBQCAYEISg fxhC0AUCgUAgEAgEAoFAMCAIQf8whKALBAKBQCAQCAQCgWBAEIL+YQhBFwgEAoFAIBAIBALBgCAE /cMQgi4QCAQCgUAgEAgEggFBCPqHIQRdIBAIBAKBQCAQCAQDghD0D0MIei80NK0TTeskEAigBTQC AY3OTj8BTUPT+MUXfT81gkAgtP+BTj9awE8wCFoQgj/3YRYIfsFomkanP4A/oOEPaGih++bnvrd/ /L6HTn+AzkAATdN+7kMoEAgEgl8hwSD4NY1ge5DOoJ9AZwedgQCdmkZnQP/ZH+ikI9hBZ7CdgNZB QNM+2dLW0UlHRztaoI1W7RVt/k78nRrBgKhJ/xjvEnQt5CqBUJ0lEAjgDwQIhPwlyM9frxrYon9f f8DfrzqaEPRuBIMAGgT9BEIHsNOvcfnqDfILijiSX8DR44WfRDmSX8CxEyc5fbaJtrZOtECAoBYQ gi4Q9IOAptHhD3D2/AUOHD7Kzj379bL3wC+27D90hKbmy7xqaycgBF0gEAgEHwFd0CHYEaQzqNHR 2UFHoJPAqxfcry/n8roN3Fu6ikdLl3N/8VLuLF7K7aXLPtlyZekSri1bxO1li7i5ahUPSsvxv2ol EAj83KfiF01/etC7i/mV67c4fOwEu/bsf1N+AXWrDym79h5g1x697Nl/kIrqWl6196+OJgS9G8HX 1hoMEAgE6PRr7Ms7huJII9HixqQ4MSmuX3xJUF0kqKH9Ndv5btJMnj970fX9hKALBH0TBDoDGrv2 HUS1u0lQ7cTLDuJlB3GygzjzL7MYzUmodjf78o4IQRcIBALBRyEY1CO2gp0BOoJ6g3a7/xUPVm2g 0hDL6cgYGj43UBQdybEvIjgeE0GNIfKTLVVRf0dp9GdURg3i3OfR7P/ya+pnz0Bre/Vzn4pfNOEF XYOg3rDxuhc5EAhQVlGN2ZZCosWN0ezAaLZjNNuJN9t/9rrVh5R4sxOj2YnR7MCkOEm0upm9YBkv XrW98/gJQe9GMBDUe5g1PbS1rUPDmz4ak+LFqHgxqV5MyqdRjF3/ujFKdioqa9FC4TivQ0cEAsEb gpoG6KFV9x49xpM+DKNix6g4iVc9v/hiVF2YFDvDxozn6fMXoXtciLpAIBAIBg499FgjGGjHHwjS 6dd49fQ2Nf/fv1IRFU21IZqKqChKo6OoMUTRGBlFreHTLaciYimPiqUoOoYzEVE0RhjIjxzEi5rq n/tU/KLpW9D9PSS9rbWD7yZND+8yqvdnr1t9UL1MScakpGBSkjEqHuJkJ0bVTWlFTVdof18IQQ8R DL4RdAB/QOP23ceo9vSfXbY/pMTLHkyKm30HjvD6OhByLhD0prugN1+9jsWVRrzqJF51Y/wESrzi wqg6cSQP5dqtO6FvJQRdIBAIBAOHnpMlQDDwCn9nEH+nxpNrZygxxFBliKXaoAttWVQs9ZGxnI6I pcrwxSdbTkV8SY3hC8qiYqkyRHPaEM2pyAjuH8j7uU/FL5qwgh4MQLBTl3T0MdlPnzzH7kjpu8Px F1C/et9i6i7osgej4sakuNmfd/Sdx08IeohgEIJ+XdCDQfAHgty+/yQk6J73KO73XG5gi1FJJs7s YseevC4xF4IuEPQmqIXyNKALuupKI051YbR4MKmu9yxOTKr7A5bvf4lX3cSrLuzJmVy5cVtvmQ2K MXICgUAgGDgCQQhofoKBlwTag3S2azy9UEPVZ7+hNDqWps9juDIohobIWIqjv6A4OppTkZ/1XQx/ R2PkZ3oxhPvs7zhl+Ls+l9c//6zn3xgGdS3ffV09l9NL12d9bKM05jMqogdRY4igODqaoqhoagyx PDh45Oc+Fb9o+hb0Dgjqeb78fo1HD5+SZE/u22V+tO7jDtWzPqT+5CShxzoGsM6meDHJyXpDg9mF SXGToLo5EBJ00YPeT4IAwQDBUObG2/cfojjSMKkeTGqo5UMNybfsxCQ7MSpe4pRUTEoKibKHBNmF UbWTqCQRZ7YTZ00nzuzGpLhCIQ/ubheEPiZBb2nxEK96Mb5ev+LCpHhIUFIwml9fuE79X9mLSXm9 vCv0s7drP7sXfX0udu3tKehC0gWCtwgG9PsfXdCtrqF6eJWSglFO0+9L1REqbgYrHgarXkyymyGy iwTZgUmxI5ltfKOm8k1SKmZJxSinYlJcJCo2TJZkjIoLo6I/qI2KHgZlUl0kKk6GyE4SFCdG1RV6 Lrj0ooRkX3GEnjPJmFRvV+9+gqyvy6h4cHizuHLjjh6CqAlBFwgEAsHAoQUhoHUSCIIWbEfzd/Ck 6SKVn/17agzR/S6nIw2cioii2vAlZVEGSqM/pzgmivqIGOoNBk4ZImiMiKU46itqI2OpMRjCrqfC 8BXV0f+JusivqI2MoNbwd1Qb/kh51OfURkZTFWWgPmoQdVGx1BliqYiKpDIqgjqDgdpIA7WRUTRE RFMXGX4/aw1R1BhiqDbEUmWIpTbSQH1kBPcPih70HyOcoHf3j9eudf/xUxR7cliH6bs4SLDYMUoT iVcTSVCdJKo2hpg9JCo24q12TLILSXZjNCcTZ7WGXc83agYmq4IqKZhUF3+xphI/ZDhms41EWa+b xSvJGOVUEhR9GKEx5Fbxirvr/yY1vIP1cjJZ77wVPeg/kXcKuuwmweIlzuxEsroxW+wkqE59nHe3 8ekJFjdykpNEqwejLY3EJA+JqrNXr7pR1ceIJ1qTSbB4Q79PxqSkkqAm6xes4tFbX+TXku7VwyXU 161KntDPQtAFgg+iT0F/3QD2ukfchUlJJl52M8SWjGpPRU3yYrV5Ue0ezLKNv6ipGB0ZWNUkjJIX sz0Fs9VOguoiXnaG7luvHvak6s+DBNmjy7ei37s9x5d7iFNcxMkuElUvCWYXCaonFNbuJkERgi4Q CASCj89ACbouvTEUxho4+3kEDRExFBn+yLY//xOVhhhKoiIoi4ml0vBbqgyxVESFF/Sa6N9TZxjE sdjfs+fv/xv5MVE0GiKpiDJQFmWgITKW8sjfUh3zJw7//s/s+/t/5Mgf/p6amD9QF/kF1YYYSqIN VEQJQR9IPqagJ1hdxKs2Es2TMdtVjFISJrOFIbJXT+xrdWO2p2JWHJjkZIxJ9j6E2Uu8kkSCNR0p yYNsc5Aop5EgO0iQX7taCgmWFCyOFCyOZMy2ZFRHGlKSN5T8zYXxdb1OCPrHoT896K970Tdu3cPx ggIkqw2TYtfDSy3JxKkppA6bwMVL13GlDmPrwXxOlFYgW50kyG4SusZVJGNUUjAqHhIsHhYu38DY 72ZjklMwyulM963kzMXLyI5UXdrllJCkJxOvJhOvvK68e4lXk/UGAiHoAsH706egvw6heh2uro8p mjh9PsUVNZw5f5Wa2nOca7pCVW0DM2bM5d/UFA6VNbBx7VqMkpsTZbUcPHqMRIudeMVJvKK/GPTo F8+bhjjzm8Y4o+ruEvQ4i5c4SzIjJ89jWe4PmIZYMclOEizerns8Xgi6QCAQCD4yAyXodZG68BbF fkbT55HUDvo9px2j6LjVzA1PGsejdSGvNnxBjSGW8qioPnrQf0vj55E0pQ9De/yAS2npnIn4j9QZ YqkxRFJh+Iqq/1fh7v4tvKot4F5hHs9qj/M4fxdnPW7ODIqmxBBBeYwQ9IHkYwq60eLEaHEwb+Ee dh3chUm2YTRbSJC9mFQb3yhe9h0pYVXuWkxmF3GqLex6hshOTKqXf00aTfO125QUHCNhiAWjGopY VlJRXcPYvPsAp881U9vYRN2pCzSevciWnftIVOwMUULRzELQPx79FXSj7GbMxBncvvcAb/pQEhQb JsVFnJpMvDWdA0eKqK5twJzkxjV0LClZI0lUbHrPmOzWxyGYXV29XmZHGvWnz7Ny1UYSzE5MSgqK K5OhY8aR0DWGQR+/YJSdGBW9N94ou0Phsro4dO3f61B8IegCQf/pS9DV16Ht7lCETCqpwydy72EL W7fvwp08jPhEG57UESxfvY4ly1bzb2oKJ2pOsXn9GkySE0/WOFIyMhmi2jBZvAwOtcwmmO0kKvZu Q1VSu4awmGQ7RtmOSXXpveeql0XrdnK+uRlpiESC2U7C69AqIegCgUAg+CswUIJeG/kl5yJiKY/5 jzRExFLx1T/TXFPMg8ZKWgoOU/Xl7zllMHAmIobyqBhO9xGCXhMZS23s11w6eoCLBcXc2rOVuggD pdGx1Bs+56Th91zYmsf9zeuo/4f/Sd1nf0/FH/+Z+uFDuTr1O4qiomkc9DkNhvANAELQ34+PKejx qos4q4ucxXs5cGQPJslKgmrTx3qrDr5RhnLgWAW5a1eSIDneRBy/VRIVB/HmNEbOWEnD6SYunj1L xtBkjKoNo+ImXh6Kb8lamm9cZ8y33yGZHQxRHUyYPJutuw+g2LwMUUPTqAlB/3j0R9DjZX3sqOxI p6qxibkLlpBotmGSXRiVFBwZ33Lj7kPmL8ghQbYhuzKxuzNIVB3EyW4SLB4mT89m7vzFuD2pJFg8 pAwbz7mmS2zevBVvajomi50hdg/25AxMihPFkY7VlYnFlU72oqUMGzMeo2TDYk9lyoxsJk2brY9l V9yhCrvoQRcIfjJ9CnpoOIniJd7swSh72LTrAEXllahWO4mqpysaxiTbSTAn8RdrKser6tm8biWJ ZgeqNxOb00OiZCde8RJvSWH0xJksWLgYT0qa3sinupGdWVjdmVgcHuZm5zBr7nwsdg9G2YbFk8W6 7Qe5dLUZj8uOzZmCSXZ3hd8LQRcIBALBx2agBL0s6kvORMRSFf0ZtZF/pFZO5dXdRspkN50NtVT8 y79QERXBmYhoSqNjONWHoDdERdPkGsvtigK2/+6/0FJykpP/+19ojPiCxshBVMT+mXsnz3LTZqMm chCHY76kNPZ3VBtiOfl5BCd/+wXFMdFU9DHGXQj6+/FRBd3iZrDVzcLFezh4eBemISpGxUa84iFO tfNvUpYu6OuWkCjZSFDd4YXZ6kayj+T85WvM8i1m24489uzZQqJqIc7sJE4axvc7D1FcVYxZsSCF coolqG6MslNfr/I6sZwQ9I/GuwS9ey96vOJm0tyVVNadxeF0Y5I9xJlTmJ6zhuKKKqx2B0MsDtbv zKOwqIwE1Ysz81uKK6spqajm0JECysqrmTJnMQfzS3jwpIWLF85ztOAESSlpfDtzLlV19Ui2FBat /J6yqhr2HS3kwNETXLh6kz37DnLseDFH8os5deY8G7fsCPXIe0PzIXuFoAsEP4U+Q9xDGThVj54w zuzlVNMlfKFGOKPiIU5JDc136SRBtvONNYVjVfVsWb+SRMnO/hNl7D9wiCGKF1f6OI6cLOdkeTWH 809QUVvL9Dk+4sx25ixdz5mLVzh49BgH8o5QXl1PUVkFLk86i1d9T0PzTZ623Kf45HEWLdtAvKRn CtWnWfMKQRcIBALBR2WgBL0i6gsqomI5FfkZRZ//IzdWbuD83O+ojPwd1xeu5tz8aRRHDaLSYKDW EENFVDR1BgPVhmhqo6KpMURSHR1NVfRvub31MNeyZ3NqUAyX5izmytallBt+S2W0gULDH7m1IZ97 hzZy3vgNBb//miLD31Ef+Tn1hmjKQ1nZ6yJjhKAPIB+3B93NYIub+Yv3UnjyEEOzRpE28lvSRown ZeRYXJnTKCytY+26pSQOsYWywXtDWdRdIbF2843Vy5zFP9Dy5AE2Zwbjpy3l1q0ruD26Q8XLw5m7 ZB2Xbl1h/sLFpGWMJc7s0HMJKS5MipN4xU2c0s/QfCHo70d/BP1NcTLEPYFzF6+zevVM/qKmYLKN JL+hiRmzfZjMNkyKm5V7jlFedJR4Sya5m/NoqCtBVZKIS/AiO7OQvCMYotioOH2aFcuXMTjRSpzi ZOysJZytLSTRlkxO7mZabp3BmTGWuCFucrfn8+ThTTIys4hLtDN81HdcunKOZE8m8Uo6cRabPmZd SSbe4hKCLhD0hz4E3SinY1JSGWy1MtiSSoJ5OHduXWfshAkY1VTizB499F12kyi7Qpk/vRypOsuW dasYItk5WFTNibz9fCOnsu94Ceca61AVO/86xIFrxHecPnsOiyuTmct+4Nbt64waMxaj2YbqHcXV h/eZNm0Gf5FcZOfu5vKFOhLi4vlGGkqcmozJqhKnpoYaCYSgCwQCgeDjMWBj0A0xVERFcSbiP3L4 vyfRVlFN8T9GUx85iJJ/NvGqoZZT//zfaIiKpjIygprf/YHar7+m9E//SNUf/0TjoEEUR0VT8HUi z8+f4fT//jMNEV/REJfG/Ys1VP75n6iNiqU4OpaK//4XLm/fx8OzF7hUUcy1RTNp+r//wunYrykN zW9+KkII+kDyUZPEyR7iLU5mrMjj6aM7nG+6SOPFy5w918SZC000nD/Pg4f3WZ+7hoREB4lJ6SR5 RmNzZ2BzelDsTuLNdv632UNRw3nyDh4kQbYju7KoajiFb042iZIdo5qCyZ7F4rVbOHf5Os1XrpFf WMKseYtxJ2egWmwMll0MVvu3/0LQ35OfIuhxFjdGNYUtO/NpunQRmzONGfNXceHSRezODBJCk9Gv 2nOU8uI8/u8QD42XHjB71hQkyYLRnIxRcfONJQWr3UPlmbPkrl6NSdHHnI6dtTgk6CksWL2Z8qPb 9RYaxcvs5dtoOlOLKUHCJHtISR/J9RsXyRw6Wgi6QPC+9CnoKfrLwJrEYDWFOCmT5qvXmDpzVmi6 RVfPGRpkb3hBP7iXv0heTl+7zbXLzZSV1VJYdZqCmrPcvneftBETmL50E5WVpUiySoLiJNE+lIt3 brNgfg5xipec9fu5dKERWZIxKkOJV70kqFbi1BTiQmH2QtAFAoFA8LEYKEE/9XksFyNjKIz5ghtr dnBj107yv/qaxtg/cOTr/8md0nKaJ42iOiKKo4MiubZiHo8v1tNyrpzHJ3dRERlL8ed/5N7q7zmd u4jKL6Mp/f1vKfzDf+HSvq2c+dZFScT/w/nI/0RZpIGGyK9o/Pprzv+feM4PW8bDhrNc37iS2kFf Uh6aek0I+sDxMQU9UfZgsrqZtfIQhfl5uJwpWJIzcLjSsHkyUFzpnDhRxvrctSQMcTJmso+ma3do vn6bS9dvMmfeEuLNHlJGTuL63fsMTUvDaveQmORlui+H+tp6FMlCguzAqCYTr7hJcmeQmjmSSbPm c7KynqbmqzgcDhJVJ3GKCHH/qPw0QfdgkpPwDp1AfdNNJk6YRF7+cbZ+vzKUcV0PLV+95wjlJQf5 v5KT2vM3mTVrDpKsj1k3yQ4Gq8koSU4qzpxl1epcTIqdBMXOuJk5nKstIjEplQWrt1B2eFsosZSX OSu2c6axmoREBaPkISVjJFdvNpM1dDRxchrxQtAFgp9OH4Jukr16pk+LXU8EqWSyZe9hThSXISk2 TFKSnlFd9RAv68NdTKqXo9Xnegh6wcE9xCup1F26ye6dO8gaNhZv1liSR3xL5tBMEpOSmb5iCyXl JUiylQTFSYJtKJfu3Gb+vAUMlj34cnfRfOEskmQmTvaSoHpJVOzEWTzEqSLEXSAQCAQfl4ES9NLI LyiL/oKy2P/Kk3ONPCw4yIMdO2nbvIanWzbx8ngZ9woPUP3FH6iK+B2V//UfuP7f/w/V/+t/UPvP /5mKqM+p/vO/4L97lYf5h3m+ZSfPNm/hybbtPC4o4lFFAWV/+jOVkYM4FjWIIkMspyK/oCryM0oi o6gcPoFnNxo499m/ozoilvrIr4SgDyAfW9ATLC5mrcjjaN5eJCmJwRYHQxQ3JiWZODmZw0fKWJe7 DuMQO2ZnGikjviVt+DjSh43D4hxKvJxCQWk9Fy82U3C8gKPHCzl8ooijReU8fPiIVctWIJmTMJrt Xc6WoDr5RnJgsnq4euMO48aOIVG29UjOLQT9I/BTBD1e9TJEsTLY7GLBqgNUllfQcKqOrBQnRiUd k5JMouomd89hyooPYrSnseqH3ZSUVIfC3+1IFgdm5zDMFgfFjafZuGkLRrMN2epg/Iz5nKstYogt nZzVWyg7soNvzHoPnW/1Ds401GBKtGCSk0nJGMG1W7qgmywZxFmShKALBD+VvgRd8ZAo62O94xQv 8ZY0hn03i5bWDhYvXUWiOQmTbCNeSiJj1HdMmp5DgjW5qwddMts5UFhJwcE9DJY87C+q5tKlS6gW N0bZgVG2M3xoJoPNNmas3kZxeSmKxYFJdmBKSufS7VvMn7eAOMXLrOXbuHHjBqZEs55rQnYzRNaz mcapIkmcQCAQCD4uAyXo1dFfUhwZS42SxatD+8j77Z/Y89v/Qf6XX1Nq+AMnvvqfXDt5hJtpqdRF fElxjIHGSAM1hkgaIz+nLuJLzjhG09ZYytE//Z7S6K+oio2mKDqCgn/8Z1rOldKUnEqlIZYmt4Py 3/09pZ9HUmMYxIlBsTTNWczDcyWc+s2/ozrqC2ojY4WgDyAfVdDNbkyKk9krDnH4wF6GDLHxF9VN gtmLUUllsJzCoSNlrMldh1GyE2916T4UGn+eoHqxpYzl2as2Ro8YhWpzo9rcKEkuhiQlsz/vGE1N F7AmOZk0bS4jxk3BaHZgNNsZLDtxpI3i1t0HZKanI1mcoel4haB/NH7SGHTFi0m2E6/acGVM4dbD J+Tl7UORbAxW0zEqXhIUJ7l7jlBWfITBSSm4s8ZRU3uR0qpGDuQXUFXbyLAJc0hUbExbvIFzTRfI yy8kNT2TCdN9nK8tYYgtg4W52yk7vJPBcjJGs4vZK7Zw7lQDRpMFkzmF1KEjuHLjApkZo4hXRYi7 QPBe9JkkzqsniVNSMKrJxKkujEmpzMlZSXFFDSWVtezNO0pJRQ21jWeZM28ZJouXI9Xn2LJ+NUMk O3lF1RQc2IVRScYxYgIFhUXUNpxl35ETlFY3sG3TJhKTPExbvZWiilLMqoMExYkpKZ2Lt2+xYH4O RjWZBNdoyipqqKprYOGqtSTIToaYPcRZ7cSpbiHoAoFAIPioDJSgn42I5HTMf+ZRTTU1GTbKP4+h wvA7ag1fUB8Zw+GoaOonzeTJsc2c++JLqg1fUB71FY0Rf6A08o+URP2ZR0XllHiSKY+KoD4ykjpD pJ74zfAFdfOWcG/zbo59+U80zJ7N/eKTXNq1nTur1/JgTwnNx45SZlM5/flXVEUNoiZqkBD0AeRj CvoQs4sExcHclYc4krcfSXLwjTUFk+wlXvHwF7ObQ8dKWbNmLUbJzmCLPhW2UfFikj3Em90sWrOZ mvpTKLI+b7pJdTJETsKkeEgdPoHmG3cYMW4Sk2fMo7SqkbKqRg4eLeBwQQl1Z5vJXfc9iqyQaHET F0rMLQT9I/FG0APvFPREsxejkky8aiXRmsbknKUMGzGcBDmDwZYUjKqHBMVJxsQFzJ06hX+T3Rit XhTLUOYuXEXOitWkZ9t27agAACAASURBVI4kwZKKSbbzb0oKw8eMZ9maTbi9aXiHjmXhzKmY1BTS Rk/H990YjJZUjLIbz6gp+Ob6SBhixySnYHGkMC8nG7s9hXgllXiLPSToXoyhKQCEoAsE70IDtJCg XyPJlaFPraZ4iVdTiFfS9B51y5vxRoojhamzF7B89Xpm+RZgs7sYIjuIVzx8O3cZ40aPxiTZGDM1 m5mTJmBSk/mLxUuC2cLUGfNZmruJydOzsSoWjKoT2+iZTJ4xl0TZQYLiwpSUhm9xLllZI4lXvQxO Goqa5CVn2Uomz87GZHYwxJxMvNWuNxwobhzeTK7cuC0EXSAQCAQDTkDT8Ac66QhCINBOoLODRxea qPjsP4RkNiokttFUh0pY8Y0eRNUf/onzw7+j/PdfUBJt4ELEIEoNETRGRnAuchD1//lfaUpJpuK3 kZRGf0GVIYqKqFiqDDHUff0VzcM8HI+MoT4qljrD5xREx1Br+D3VEbHk//6PXHa7qIyOpcAQS82f /weXUlK4MH4cV9wKDbGfczoiivKYKCqjImnsa571twXdEEWDEPR38jEF3SQ5GaK68I5cyaSJE0mQ nHxjScGkeIhXncRZXHw3dS4jR4/FJLuIt3qIU1MxKikkWPSEuhPnLmLYmAkkyi7+Yh2KyeolUdbn Uo+zpPHtzBySh32LSXGh2FKZMmMBK3I3sXjlOlIy9dB2SUkiTnZhtKb+BEH3sj/v2DuPnxD0bgSD GgT9EAwJ+r0fy+L+1kFX3YSbB0+f5uzt37u7lbf+Xun2++7LKa63evDdP/5z1/b1aQV27T0kBF0g +BGCQb1oGly6eg2bK50E2RtK+vZj9787lCSu5z1t7LrX+75HjW8t12uZruV6P0N6jXlS9DFSTm8G 127cRtNAb3QQCAQCgWBgCAY68AfaeR4Ef7ufQLvGvUunKf/Nb6gzRFJtMFBjiKIuMoYqQywVUbHU hoT97VJjiKYqJMG1hmjqun1WZ4gOiXFU1+c9l42i+q3f17z1/7c/rzZEUdX1+6ge2+urVHfNjx5L eVQslYYo6iMjeHBACPqPEU7QQa9n6f+GBP3RUyyOnyjo3R2nzznIw3tWOG8zhv08zO+66mzdt/GO +mHX3yRjlJMxyqnsz8t/5/ETgt6N8D3o/WsV+aUWMQ+6QNA/egt6Ggmypx+C/gspQtAFAoFA8LEJ dhLQOghoEPC30+H38+RCI9W/+Q0VUQZKo6Moi46m2hBDXWTf84t/KqUhMor6yGiqDDGURkVTERVB jWEQ9w4e/LnPxC+anyToP7UH/ZMpbwu6F5OSInrQfyrhxqCrvwpBd74R9NAYWyHoAkFPul4awKWr V7G5UvXpEoWgCwQCgUAAgBb00xnsJNgehGAbHcFOnp1rpOY3n1Efqfd6l0fFUBYVS11kLKc+cUFv jNR786uioqk1GGiIjKAhcpAIcX8H/RX0B4/fvwf9l1+6C7pXhLi/L5oW6kXTAmhagOetbSS500OV X/0AJ1i8v/jSfX+NqpsE1cnxwiICAT8E/QRDki4QCN7Q/aVx684dXMnpJIYypRs/gZKghvJeDBvL oydPQ99KCLpAIBAIBo5g0E9HsJNgWxB/sI32oJ/WW7cp/Yf/xqnILzgfEUtjRCylMbFURcdSb4jp Gov+aZYYKqNiqI6O5uznUTQaYjkeGcXTktKf+1T8onmXoGvBAAENXrS2kzF8HAkWL4nWZIzKz1+f GtCiuDEqLuJlJwkWNybVxbETJ9G0H6+fCUHvxhtB11t1OjWNhSvWdgmvUXZ9GkVxd5V4xYU9OZNb d++haQEIdhIM+vXx9gKBoAv9paERDAZo7WjHl7NEn//yU3lZmJ0YzXaW525A62qBE/e5QCAQCAaO oOanQ9N70APBDjoDAfyt7Zye8h3Hor+gPiKWUxFfUBwVQ3lUNLWRUVR+wqXCEEVZVBSVhihORcRw JPor8k2J+B8++LlPxS+a/vagt3UE2LbrIEbZzf/P3nu/WVVn+f5/w33uzHfu/c7M7Z470zN37Kud 7KRtxixBEcmhoMhJMgZoMEsb29CGVlExtLYYUHLOqShiEQoKKqeTzw6f/Lo/7H2qQLGD4kDLfj3P etCqU2enT3qvtT5r9+xX/q0V6L0GltNrYDmjJ82guS2FtfZPivREoJ9E6T5ZYzDGoB3kAsk7Hy5l 7JR7GXPn3Yz+G7GRE2YydvI9PPm712hozxBKhXOJQE9I+HJsx6vWjDV4QvLy6+8ycvwMysdO+4Zs 6hn7rlHjZzD/rQ/IeQHGnnRNCQkJCQkJZwhnNEIrnHYYpzHaEWiLSh3nwENz2Hbltez95VXs+NWV VF56BQd+cTm7L/36tueSy6js+P/L2HNJ53+fie//Mtt7yeVUXno5lZdeQeWlXdj36/vQbSdwVpzt R3FO85cKdGUsvtS8vXAJYyffw/Bx39R66yQb8/m115lbi51q0zu+f/j4qcx6cB51be2YPyPOIRHo fxHW2kiwa33GLVAaX2mk0igl0VqhtEZ+ze9VSqG1/rMNICEh4fQYY7DWIoQgCIKvbb7v4fs+2YJH thiQ93x83yMI/DPy/WEY/lmPbEJCQkJCwjeBsxZnLDIQiKKPKAax+cii97VN5bOkg4DALyL8Vky6 SJjPEWbbEMUCwisSeh7CCxCFAFk4M8eVhej7RDFA+iFWm2Se/Qv4MoF+OkprFyklvn9m1kSnrL9i i9ZbPkXPIx+E8TrM/0aOeTorrSv/EhKB/hdQajjfhFXuO8DO3fviiJeNBjjAuq933NJ5JyQkfHVO 7ktf15y1kfPMGD5bvgqhdFQXgjM7piQkJCQkJJwNSttEnTnVbFzb6WuZlnjWYpUCm8cJhX/oIKkt m3Ba4qzGWRMdU1usOQPHtAanbaeZeK51SbHlP8dfI9ChMyjyzVi8jdlGbVFpQ2s6R8Xuvd/wcb+6 PksE+l/IN7X4fe3Nd3jl9bfQ8QAGNqmynpBwDnAmxbm1pQWKxReKLtffTK7gxwuI//qBPyEhISEh 4UziXOf69eQ1rLVg3JkwQ+gsVmms81BGc+SN+WycPhOrBNYqrDPReTii18CdgePaUn2qWJQbZ9E2 Ss9O+HK+SgT9v8aiV2nvO3iYhx59rCPb+L9apP85EoF+lpm/4F1eef2taECLH1oi0BMSvo1E/TvU hmtvvAUvCOOfJZN8QkJCQsLfPicLdOsiMxaccV/brLVIB9ZonBWEDupff4m9k+7EGYW1CuMsJhbS zp2Z457u+pII+p/nr42gf5N0PisbFwKHqsPVPDzv8W8sAPt1SQT6WSYR6AkJ5wuJQE9ISEhI+HbS IYjdSYXAiMXsGTBrLdpZtFMYJREWahe8wIE7J+C0whrVEcXvOJ8zYF+4xtP8POGLJAL965EI9LPM /Dff5tXXF3yhol/S9xMSvm1E/VsoTZfrb8ILgrjPn3sTQ0JCQkJCwl/D6QQ6nBpN/1pmDcZZlNVo qZDWUPPmy+ycOAmrFE5HNV1KnJFjfj7FPRHofzHnkkCPsB1mLFQdOszD8x47ZQ/6uUQi0M8yixcv 5qOPPkIpdc41joSEhDOHtRalFGEYUlZWhud5f1VFz4SEhISEhPOXKH3dGIcyjsCGtCxewp6XX0/e WnQOcm4J9Pg1unFRXmMMx4+fYP5r81FKRZ84x9pPItDPMlJKhBBIKc+5xpGQkHDmKAl0KeUpr0M0 xpztU0tISEhISDincYB2IBxoa7FS4hmfopUdoivh3OHcFugWrTRK6b+6eNt/FYlAP8uc/H71c61x JCQknDlKCwgpZUe/TxYU5xdh1RHSb3yQWGKJJZbYX2ntb3xAav4HtL3+AS1vvE/q1fdpf+UDCnur MMYkGWnnGOe2QDcYHQn1JMU9EeinpaOhJANLQsK3GmtthygvRc6Tfn9+0frUK1+YcBNLLLHEEvvq 1vLI8+dsFPR85lwV6ABaG4yxWPvNvUb765II9LNMaZGeLNQTEr7dlCYBKWVHzYmkz59fJAI9scQS S+zMWssjz5/toT3hNJyrAr0ULNHaoJQ+i+f0p0kE+llmy9ZtbNi46QtV3BMSEr5dlJxwUikenTeP IAwTkX6ekQj0xBJLLLEza0fufrgj0JUUVz93OLcEOh0CPWorlsamZpYsXd7Rds41EoF+lpm/4B1+ //qC5D3oCQnfeuLXrGlNlxuS96CfjyQCPbHEEkvszNqBibOxWqOt7nglmrXJOvpscy4J9C++B91y 4HA1D8977JwtMJgI9LPM/AXv8srrbyUCPSHhW0/Uv0NtuPbGRKCfj3xeoB/4t4txxiSWWGKJJfbn TCt8oznwfy75nECfhUsE+jnHuS3QoepwNQ/Pe/yczWRMBPpZ5rU33+GVN97G2ESgJyR8m3HxJPD5 CLo7ByeGhG+G0wn0hISEhIQ/j3MG5expBbpVCm1NItDPIc5VgW6tQZtSBP3xc7YGWCLQzzKvv/UH fv/6W/Ee9CjFIhHoCQnfRiKB7gvFNdfdRN7z40nh3JsYEr4ZEoGekJCQ8NUwziJPI9D3T7gXpzTG RanLiUA/NzhnBbrRGGvZf+gIj/zmiXMyvR0SgX7W2bB5G+s2b8dYEoGekPAtxtrIS+uFkkceexIv DNFanZOe24RvhkSgJyQkJHw17JdE0I/NfBindBJBP8f4vECv6T4UWdd0VkzEJusakXWNhCcaqNmx m4UvzSc80UB4ouGsnduXWW7J2kSgn020A2ksynRWEUwEekLCt49SIZJQGVTc5xOBfn6RCPSEhISE r4azBn0agd7y0HNxkTiTRNDPIT4v0BP7+pYI9P9CHGBd50DiXKclJCR8eyg53py1OBMvIlyyiDif SAR6QkJCwlfF4jm+INCbHn0eU1o7Gxf9SzK3nm0SgZ4I9L9pEoGekHB+0CHQT+rjiUA/v0gEekJC QsJXw1lLYL8YQW9+5PkvzK2JQD/7JAI9Eeh/0wipEFJh4ixXZy3OmqSyc0LCtwznLNZZrAVjon+t s8ki4jwiEegJCQkJXw1nHNKaL6a4P/x8Etw6B0kEeiLQ/6b58ONFLPzok3jBbsEZcCr6NyEh4VuD tQZlNEIbnn7uZXwh48KQiTPufCER6AkJCQlfDWcc1hqqPifQj971CE4anDk332d9vuLvPkB+5cZz wgorN1BYuY7Cyg3Rz1ZspPqtD/nw7vvJLl9PbsWGs36Of4mZgveNPKtEoJ+GNxe8w/w33sKYqIAU TscCXZ+R7/9LB6tkUEtI+KaxKKPxpOaq67qRLYYYazre3pDw7ScR6AkJCQlfjSiG9UWBvm/CLFyo YwGfrGUTToftCH5aa7HGcbDqMPPmPY7WZ0Zv/S2TCPTTMP/1t3j1tTfR2pwk0GXUkP4q4ug7Flva 22oNQSHHoRNH0TpqkMYprA4p5Hz8MHoXoDWKbLaN5rbWuNBGnGZP5x4eUcyQy/mY+BUWylm0Vej4 7wuFDKlsAb/QRnshwLiTzusksy5yBjgr4oqb0aArQ5/2bCvKaKw1GKc69hH9yWvGRufLSfv53anv lnZWd6Q9dXw2vj/OgbYB+WwWTwi0i87plP1LzoAznd/R8b2d12WsQRmJtBpnJbp0nY5TzrH0nKL0 ZoOzCllIkfOKOCcxNnqPp7UaZwzFXAviNO9oLJ1DdL3RuRkHgZchnQ/jSqYyOo6V8XPShIFPLt1O JtWGCIM/uQfaxffSWoMzBmUM1oTYhqNYYXHaop2KJkXj0C56dtpZrHZobdBOYkoVVZXDaYd2oOLj KhdFlo3RqPi+mPiY2unovLXA1rZjpTlpn5lFOhOliGuHsxbtLNqCMxblDMpG36OcwjrdUZit1Oa0 A+EsxmicUlE7sRbrNMbPEeY8rNUY4zCW6BUuRkfP7eR7byXWgSn1XYhT2aNnGO01tygnkc4QBIZr b+5JuxdE91QbnDVYq1AdKfAO62x071zcH2z8OxeNE85F91o4sMZRWpdEhehMx3ignESb6JmUnqeJ IxFOO3Aaq0NcuhEXRGMC2I6CdqU2q0v75uNn5Fx0fdaq6LNGY41GG4czGqcDbGsDoVJoZ9DGoozD uPgZl8YZp6JzcSb6uXE444CofZX6mIifnbEWZ8Oon1ob3R8bFweKr7PU/3DRdqHovGV0LOMw2kTn qwW2uR2tNNaF0XdY2dFWTt7LaEvXHvcpK4rYxlaclPGxXcd9t85gwyK2pQnb0ITLpnFW0PrkS18q 0DvHnKjtKBmSTafIZLMEstTGLFYHtGQ8tLEYLUin25GmdC87n5uL22Hp+kvjYuc4pKN2BNEztLaj TXeM2Se19ZPnmNLPS/c1cHQcp7QIclGnP+melL7n5EEmavsnj2nxyHbScTuv58uIxox4nDWCXCFL aNwX5oKTx7ZStpq1pTnBYk1IWzZPIHU8F0ZjjDZRv7FGUcxnSafayeZy8XhNx5zRca6l8T52tnfc F+zn5o/4Gt3pMmkszsp4LI/GJWsCWtuzCCOjdugUxkbzyOfvb0c7sCc9z88d43R7dU9+3tHf247z zXmtFEMZLXCticZVG90jGxfoMpZT5v/SuBXdD42zGuHAmXhcLo2jpc+fNJ93PCtsxxwngiLZoviS Pcad52zj51vqF6fPVLLxtWi01Vir47WToJAvUJA6cqLG85R1nW21836ftC3RiY61QjQv26gNGUEq nccLJSYuYlY6/qnZkqUCorLj76N7ZrFWYWz0vI2JREZQyJLNFeK2wBefr9V0jOXE6x930thWGhM+ 1wY/3xdP/nlnvz/p+kvtKB5PTraT73PH9VCaO23H2BD9znSc76nXEf0uGv/0FwX6+Fk4YbDGnnKO CQmddAp0sBhtOXjwCI88/FhHfzqfnTuJQD8N819/i9fmvxWLstKi6asKdIW1GhkLD2tCXnpyHvc8 9QhhYNCB5mjTIaaMHMolP7+e7buPoGwkug5WbWHuw7+hoCzGapwJOgSCAw5tW8VtPXrjq2ih7VtN oIv4RlDItDBm+CheePM93l/wW+Y+8QLSdg641sYZAc4gHRipaGzYx9I1W5Haooxl46pljJo6mrZc Cq0DhCtgtYsFZuc7pDsWU5QmQB0tXOIFQknwOas7P28ETkeeVdOxmLc4LdHa4usmZsyYzsZ9B/Gc QqlIPJQEAE7ibCREOxbr8QIFp7FGUgzyLProfQ63NOJUjqIFrXUkHp3EuNLEH4kLayzKSozI88yc KTz18qsYlUEqTWg0SvuEuSzTJwziUFPqC3urXLwgVZbI6aIMYZhjxoRybu09lKxXxNkiWjmULpIL cjw1bx5TJk9izr0zuWf6ZKZOnsScBx8lnS+ctkUZC8YYlFHYUOGZgOz29Sy64gfs+WQ1oTIIW0CH DhNYMscOUfvOexRlDi0lKvBp2PIJDdt3o3RAUQb4KkTokFAKjJII5VBGI7UksAqrHUpZjNAI6yOk JmypoeLaMjL1LfjKRL9XmsAIpDGY0KGMQRoTCUBjEEYTCouRBmlCtJE4EYn50BqUNQjl8JRFSYGU Ak9KnLRo49O89D22vfIhQvoI7dChI5SaglaEocEqhzEOaQRS59DCoU2AswWccITGoIyIhJ9ySGkI VEgoNZnQ0HfIcHLFAKls9IyMxtiQUFqs79CBwxiL1A5tNNoKnLBY5dDWRItbqRHKEhiHVVE/stKh tUNZjTUKbSxCF1FCYz2HtYrACLRwSBOglMPZANlWw/IJvckdbMYog1OR0JXGYrXBao0ILcI4Qu1Q oSF0EqEVSgco4xCFNFV//IRUY4aCDghaGqgYM47GqjqE0oTaRP3dgrIGLXV03U5gtMIITegMWjmk crjQIkyUZaCNxjcOHVikCGl8ewGte48TSI0f/40NHVIZTBA5AkJtybjIOWWURZsAYwK0skgdYpRH zWfvsujKWyjsOYSxaZSxaJuPHIXGdjifjHYY5TDSIrVB6SJ1n8xn5aXdyFefIFACLR1aSXLGo/7T 5eybeg8Vd89i25z7qZx8LzunzubI2Lv+pEC3xpBJtXHfA3MYO2YEc2fdyz2zZzNu8lR+89SztOTS WNHMbQPG0dLaTkv9UcaMKqemPYtVMrpXFpyKnFXKGayJHDEmHrNMqfaBFdFY5CAIUrz/znscOlaP drJjDMWJSKC6ePFtRTzuiuh7tOXwvq28sXIDVkusjhyUzkZzUWnsxCm0s8iS4C7VYLASZyWlqAaU xshovNSOU877dPtMHSCtRWmFMoL925fT5ZpreX/lJpSLHD8ufpYdQsK4WEwV43Eu6huH9m7iZ7+8 gj98vBjhQFuJdgapNTt3bmf8uFHMmDaF++bOYdKUKYwYM5b3PvqEQJvYKRQ9Q+N0fL4FsD5OObAe zqloTrU2chBZi+pwakRiCkpznmbHxuUsXroebTTS+sjCCXr1H0WDl0Fpi7BFfC2wJh/NrbGTNBKo kfPc2SB2PppT6ts4B9bYDkFt4/tqYiersxanTeezUpJxUwfx/pKNKKUxRqKsj1USYTWhBScdwjiC 2NHsYudu5OC0YD32VWxmSeUBrAwIbYBTNhoDrMVaiXQW7TSm5HBV0c+dsXhWs+qz95n72O8j5+Yp Iqx0PIU1BmVFNB4bGTlLS9dNpyMsWicYCrkUL7z8Cm2pdoQDJZqZOnEya6pq8I1EW7BGIK3oEKYq bp/OGpzWOGXApTrmd+dCrFVoI8m11lA+YjKbKvajhYnWNsbFz112tmsbfY9zGYyNt0A5D6MNocyz cNHHnGhuQgqFUoY3nn+CF15+k9C4yOltS07TUj8LYwdKyaEQO3tL45qLHKSRk7uzDXY4rOJxoOQg KzkCSmNi5BzWHesr68J47XRSoCheq1lbcsrGDh6n4mejkA600zgniQI5sVMqXv+VnH3WKayQXxDo Byb+GictRptT2nIi0hNO5uQ2YYzj4KFqHnnkyfNenEMi0E/LGwve5pXX3kB3VIkzfJUU95JodLFH X2uNFTkG3TGQdQcOIYWhkMnQrdctPDx9Gv/6jxeyadeheCGq8IqNTJ8yg6qaRqQxkag9SaBrGTKi fzf21LQjrcaoSGBqU2Dnjm307TmCE5kMqWKGTLaAM50RvMg7ZbBWI0wkrtatXsi0e56I3wdtCfJZ mnMppAmxWmJcGE3M8SIm8tie5O2OJ0d7UnQ7imDFHv3SAoF4ojkpqmPjBUMUZQ3xgzrKho1i74kG lI0WHs6Wzrkz6hQJbBVPMApjdRxxN+Sz9fTq0ZUte/fijIdnwWiN0xZjfEwcSY6iyVE0V1mNDj3G 9O/FY8/9HqNDlNZIG4niYnsTPbt2obq1/Yse5Y77EZ2nNCF7NixmSP8B9LrlevYeO47WIdqEhNqy af0HXHrZ1RyurSdUCikCao/XcM+s2dTWNZy2TZWi+do4PAuy2Mie0WOovucedg8ejggtRngExuJ0 iuaP3qf6hiEUwiLChPjK59C0cVQ8u5DAGArOIJ3BaYvSmoI1GG0xwqGMQ2mN1hLPKDwdRSiFkrTU 72bTL2/GSzUjrEYFFqXjdHFrsKHGOhEvFCRWW5xwaBm1LWkswlqE0WirEE4jlcFKjWd1lL2iDW3a 0mYsQgrqn3uGQ+8sRUgfKxWB0QgLoQUdOtqtjBZJ0ie0Hja0WGkxxqK1wbeagpEoJUlZQ1o4RGCx nqHVKhoz7fhaIbUhtJGwcsohtSU0lsBIAiuRWkV9TTq0MXhWIUz0rlerLU5arDQUjSZQFt8YpFZo Gb8TVhustuSMo6AtTgiEC/CMJDAF8s5gjUTXHGLLzVfSUteCsLrDCaeEJLAWT7uor0qLcAbfWFRo 8KWhYDXKGLymg+y4sQ+pvUfxlCAni8iW45iiRkuJVkF0fwIRiXEdOSciR1gU5c8aTWAkvlY0GIvw XBx51zilkTpAqha2/OpyDn64Gi0M2nfkrUUYQ6hDcqaIsBqpHUI6tAVtBMIWMIFF2oDAhgRtjay7 5Wb29hlAzVPPo5XGc1EmTGAtInbkmFJkzSqklUhpMNk6dg4ZQe3YyVR/sAIZZsg7g1QGr/kEK6+7 hYaPPyTIp5FBFtHawPZXX2dz7+F/IsXdIv08T/7mIUaOH0vVsRq0MigpqaurY9TYiRw6ehhbqOWW nmUUcllkIGhLpchpjVMOYwXKSmwsyFXJ0ahNx1jhbJSZIjsWzJpcqo4uV17HivXbo7/vEOhxxMGZ +B7EAjB2OFqjefvlZxk85X6sUR1CypkQbB6tDcKaOOPCxlGzOJvF2CjLJc4kioRV5MDpEF7x543R GGNOK9AhEpraCAIvzZiBvel648306FNOygs7HaMn/V3kPI6zZrTDGYkI2pl111QG9e3DnVNnoXTU rq2VWO0zePAgZj/wCO3FIsJYfL/IZ58tYuZdMxFKdYoCayJHhnHgAqwN4wyXOOIcOwyssVF2jusU yFByUBicCbnv3klMmX4fSmmEVRSaq+jRexjtsohRDm2KcfZElN2GLeCswGqNtQJtNNbJk8T5SWY0 Vqtoe90px1dRhpuJnD2lNYANC3S//Vo+W70lcsQYgbECqw3SapS1cRs06Djyb02nQDfWgi3y/G8e 4Mk330Urg2d1PM8LlLEY7RG4KKvNOEVgo35vrMQaS2A1f3zjdzz6zIIou+q0Aj3K5DFWxiJX46zq FG7QcQ/AYrWiubaGf/vuf1JTV4+0EBROMHTQECrrmwmNRBsTOfStiQVjnDllIseCtnHhT+d1OPNx CucMwhiUzFGfTpEPBVYJnCl95uTsvCgC74zGuQLaKEzsSHJOomSWfv0GsevgIYS2BNrgZVrI5H2U MWgtcEbGzzXKSIgylaIMh0j4RgENp02c9RY76zqcHZ2ZNdaquM12RsJLbTPqb1EWW2l8cUbFThXT 4VQrrZsiZ1UxXs8pnPOj+dqKDidR6Vyi45TGmjjz09Ih2J1UXxDo+yf+OnYqdzojEoGe8HlOFeg2 FuiPJwKdRKCfKBx3vAAAIABJREFUluqjxzhcfTROK4WSV7eU9veXUkq/dHGqq9OK9mO7GVU+leZA IZXCyICGVCOZE7V8/59/xIbKg/HEZ7CmwOwZU3js+VcJjcVqGYn9eLBTJuTdN55m9Iz7kEahjEPa kLDYQvnQvny2fCXKaJqbW2htS2G1wFlFGAZUVFaybNky6mpPIKyltamJV16cx4zZv6X6WC3pbI5c extHG9rQRlLMpWhubiHX1sqmdSvZXVmBEIpi0WPN6lVs2bSOolTIONUWZyJxrg1OFTl69CiLl69i 584KisVi5OV1RZxVHD10jKWLF3Ow+gie0QTWJ5c+xIBBo6lLFzAqirK1NDaydvVStm/fjJQ6jjJY rAlItTWyfPliNm3bTFs2QyHw2b99BV2uuppFK9dSV1dLUUm0EhyrPs6KFZ+yfcdmQmVQcSTBGYey BhV49O7WnRdeex+jTMcCWFlDuv4w119zNcfbU2ijOh0UcTRIW1BSYpWhtf0E111xJa+9+S5vvvgI r7z7CVILlA0QVvPH159ixuz7yOsoiqWNQSmJ1iraWnEanDYYaTDCUbQG8dH7rO3fn6CtkV19e2Ka AoQSSBWi6ndR9+TjHL5pAOLAfmRtLfLAHg4OuYPjj89H7zmK8rIYW8DW1BKsXE9u1VpkIY1QBiUt GZdH5hspbN1M87JlmAO7CIVHat9mtl7TF53Nk1c+QbEZsbcGWbTkTYgu1uKv20xx+Xp0/WG0DFHa UiymCZtqMC1Z/NUVyGMn8IzAV5ZQWbTNUfTaUHuqKH6yjHzFPnTBx/oF9j0+i8bFq5D7DxB8shS9 ZzdGyShKKhVBvo1CxV4yi5cSVO7CD4tRhFgqwvoabLYNvbmS4oo1FOtO4EuJEhanQmRrPXLdRuSn GxAN9XgtBzFNbejQUjAeYSZDsHET3pJV6JojiMDDUw6l85iaGoJl68mv2YRJpdEyuh4jHEI4claj gwz+vr1kF69EbN2BCSRKSKTyscV2ivsqCD5Zhj50EBUIlJYEB3ZQdfnPaWtpITRFpCmiq6sRH6+i sGMvuWyRvLVIIxBhjtyJExQWrcZfuQbdlkZn2wlX/5HKq68ms2or2cMn8PJp/CP7kYEmtFmEbkHU NJBaspji9gqyhTTWNwjtsO316Np6TG0j/tKVFLZtwitmUWEsYky86M+3I/Zv5MCPLqT+D4sIDtRi 0gGeLSIa68muWkO4Zg2qvYUwVJiCw0pHYAO089HS4dsCykhOLPg9W8beRXrjUlYOHkhgiQRHoLEy ylZwykULPxUV+JNKI6Vg27yJbB09j+DIGqrGzkEVg6gvCUNq/y423XAdxdojyMAQKoMJNaFQ1P/m hS8I9Mi5anBGsm7FEn72kx9xrKkxzsJxkcixilBKtAlRrYfoM3AMwsshvJC6uuizThqkLHLwaBUr Vqxjz+7dhEohHEgvzYnjx8h5Aft3b2fFqlU0pjMIB34+y76d6/jVJVeyaMVGqmuPEoYhxsSLZCNw JqSpqYllq9ayZfMmCsUixloa647xxNx7KL/rSY4ePUIqk8FaRS7Txsb1q1m3YSMtuTxBHBE22qOu 9hhBEFJbc5yKvftR1uIVc2xat4aVK1bS0p6OM6E0zoS0tbawbPlydm7djFf0IrFrTl1MWSEJZciR 3esoLx/DgcptXPyDn7Bi/ZZI8HcICx3Pl3EqsnZRxFJ7bF3/GZdefiUnjh5i5PBxNLRmEPE5a7+N W3v0YNehYxQthMZGWQJGokQQf2+nk93ZECM1hw8dYOmyTzlQdQghdbT9xwhC32Pz1p0sX7mG2hPH 8ZXuEMLOarT0aao7zJjhA5g5Zx7V1UdpyWap27OaspHTaCpkWbV8A5vWL8MLfIwVGGWxOkMq1cqa 1ZvYsmUV6VwecVJ2go0d8lZLWpsbWLNqJevXb6Dg+ZFD1kRb4Joba1m+YhUVew8Q6khwiWIbl15+ CRt3VEZbYmxIJp9h1ao1bNq+ifZ0a+Q00AFYj1Q2x9at21i3eg1NzW34YUht9W5mTBzFC+/8gUPH 6mj1fJyyFPIZdmzfxYbln3G8pR1lAoyV+Fbi5Qts3LqZDWvXkwvzvPn0gyxYuPoUp0I0L2r8YoG9 uytZ9tkiDh+qQsVZc36+lapjxynGhTmNCmlqbCCby5NOtbB59XK++88XUFG5l9qmZrKtVQwZVEZ1 W5r1Wzezad0a/Gw7Ms7QM1pQyLayY9M6Vq1eQ1MqTWAc2mqUDqmvraOQK1BbX8v23VVkcll21zXg SYGXa6Gmeh/Hqms4duwoR2uOUdfQFGecBBSLabZuXc+a1etobmrHWoMXZDlWtZM+vfqyausOqo/X UVSGlvqjpPJ+9NxUkba2ZlavXEHltq14nofnQFlFIDwa6uvI5fPsrNjBxtUrSLW1Eeo4CGNF5GCJ 22cm3cqG9WtZsWoVTe3pyEFhNc4o0qk2Vq5ew+atm5EyJHSgVUBL3TFasx4Nzc1s27YVr5inob4O qaOAitUBVoccqa0jl2/HmCJt2RwbNm5h47q15ItelJFgDNl0K+3tbbS2tlKxqxIvFBhHlFGhv7gH /cjMh7DaJinuCV9KZ5ZK7Kyyltq6Rha89YeOFPfzmUSgn4aOyGzp/0ve/r+ysXQI9NJ+L6PYuuQ9 7pr1KHnjohRfrQidIVdfy4X/dBGbdh/EWYExFmc9XnziQXr0HU5OmDg1rjNdyNgC+/ds5l/+44ek coUordTmqNywjMtvuJ6GdDMiEIzvV8Zjz/8eowOa6o4zdcoU7ujTn+EjRtK3d28WLVvOy8//jssv +TGXXtaNsmEj2b5jJy8//RQDh05GKsEHf5jPVVffwrRJExg7soxf/Oxinn3uRe65dw5jRo2k603X MWHqPXhSoUy8Z8mBVYo3X3yanrf3onzMRPr17cvsWffS7ocUvUaeeuJx+t0xkJEjhtG9R1fe/eBD CjYg1VhJv4HDafUCrPB4++3X6XpTN4aXD6Zfvz7cddccsjkP4wTLlyzi1u5dKR82lIFDBjNgyGBW rF5NWa+u/Ot3L+DWXgOYOGkarakm3nj5BW6+uScjRw+nX/8+3HXPLHwRnXNJoIdejh43d+e1txeR z3vkClny+TSpYpEjFau58vJrqE+nsVZiTCSmTRx5URakiFIMP/pgAVfc0IcTza3s2rqCnr0nkM4V UVYjTZGNK5fxs0suYfXmraS9EKk1UspI4H9JW7PGopRFKoM2BSoGDSM/fwHNVrDnkamkP9pCXmtU Mcva385j8U03sfmnl/Hh6HIOv7GAVdNGsfEXF7Ghe18Wj5xI8dheajYtYfXYCewYMY71Q4eydOY0 ZD6H0pJU3W62zJjCyrLR7Bw9hSVlwzm4fC0NO9ay7oYhuKxP0N7EthkT2ThnHoFvaTmymz2Tyllf diebRs5gbfkg2qqrSGvJwXdeYceoMjbe8wDLh04ns2YDWafRRUsoNLpQy5Enn2Rx7zJ2jZ7M+rLx 7Hj2RUS6iV33jqB69jw2zfw1O8ZPZdVNt3Ng4SeoQCGLefY+8TRrh0+iYtxUPuw3jMN//BhPCmR7 G+tHjmD3c79jzaR72dq3nPU33k6muppQC7y6I2wbMoK1Q8dSOfwuls26l72zJ3Pis6UIo2ir2cnG ab9mw6CJbB85g4Ujysju2o6SluYty1nVZwibh09mzbAxLB47laCuiYKFwDhU0ZELfQ6+/ALLB5az dfwUVpUPZdujrxD6KcL2Q+y8cyaLhoxgx+jpLBxcTt17nyCkpL1iLft+fjGFdArp1bP3vTdYOXQs O0ZPZ0WfUVQ8+xI5T+GLHK0fLmRx3+HsGnEnm8aMZMvkWRxctYzFQ3pS+eMfs3zwnayaMw+vcgfr eg6k2NKGlvWkl7/L6n7j2TFyAkuGTmT/XfdSbK/HF5J9rz3P2iHjWHr3HCruvItVN3an6unn0Up1 RGgKTpLfu49Fo0ex73v/xuK+o1g47X685iYat69m5cBhbCufzrqhU9gwcBRNlZWE2mEKjoIJsUYj rcC3EptupLJ8MO27jxK2HmXbsDJaGluwKkRJiVSSQDuEilLbrYyyFZSwhF4TG3vdTGpDHWHuKFtv 7UrzniaUUvjKUNd4lN1XXs/xV+fjtWbxhcILNSpwtPzmi0XiTLyFx2mfZ5/4DQMHDcHT+qTaAjbe GxtlAuVO7KH/4AlY5VO5fQu3396HgrFIL8ezzz1Fjzt6MWzESPr3vp3f/e5FMkJxtGorP7roJzz8 xAuMHjmMAX3uoMsNXWkp+BzYs5v+t3fjX77zPW7rPYQxd46jsakZpaItCFb57Nm6lr59+lI2fAxD Bg9i0qQpZItFHvj1XXT56Y/4yZV9GDx4ECtXrGH//h2UDxvG4EHlDCnrT9nQ4ew4cAwpQ/LttVx4 4QXc9+Aj9Ly1J7995hkOHjrEkCFDKBsyhOHDhtK31x1sqdiN0pJP//g2t956K+UjRzN4YD8mTpxM seAhhOycQ63FSo+8V+TxubN54a2FCC/P3ZPG8/Rzvyc0URaGMdEYqpTC2DCKeCqHVQLlp5kzazqP P/cyUgRMnTCJ1/+4As9IlC5iVY7+/XozbspM9h6pwZcKoyMnhtG6Y76MFn4G4ed4Yt5vGDp4KKNG DuPKqy7nvvufxpMSL9PM1IkT6DtwKMOGj6L3bd1ZvX5ztL3CGKyW5LPt3DN9Ej+68AIuu+YWBg0c yLK1G9i98i1u6z2UKbPmMm7EeHr1uInhwyeQCwJMGLKnYiNDy4czuGwEZYP6Me7O6RxvS3esMUr7 6LdtWk+3W25m6NBhDC4bytBhw2lubkJLjw/ff5dut3RjxIhR9OrTl5mzZtOWyeAVmrjgwp+xfW8V ThWo2LaJAYOjvx00pD+97+hB9dEmtCqyf+9m+g0aSv8Bgxg+rJwhZeUsXrKE8SOG8JMLL+Sm226j 36ChVJ2ooaWunuHDhzGob39GDSund/8yKnbtRhtFQ1M9QwYNo1ffvowYVs7M2dOZObI/Hy7bdkoE 3RhDIZ/j7pnTGTp0CGNHDqN716689/FSQq1ZvvBNfnDxpRxvao0cT7JIzx49WLp8JR8vfI/bu97M P/yPf6N/v0E88dtnaDmxk9tuvZ3Z855mxOgR9O7ejZ43duNIXSvWCBrraujb6zYG9R9A+bCh3H5H H9Zu2Yk0hnwhxa09ejBh/HR69enDI48/x4HdO/nlNd043tDM1k2rGTpkAIMHDGbAwH5c9MMf0K9/ GVpraqr3M2Z0OcOHDWPI4EF0u6UnNSea2H9oD6OG9OMHF1zM7QMGM3n6XWR9n/HD+vHx8nVo5bNm +Uf06nMHQ4eVM7DPHYwfPZIjbe2EJuRg1W6uufpq7r53NqNHj6Lv7T3o1rUrOS8gUAZroyi8MZL6 E9X07dOLsqFDGVI+gsHDRlFdXY0zko8+eI9be3RnSPlwBvTvw6hhZbR6IUGYprxfL4aMnknP3n2Y NeteTtQcoestN3Hg4EECY9HCUFezn0uuvp4jhw+yc9tibry1H4PLhjJ88ADKR4zhWH0TVoU89tBc xk2YxKCyoUyZNo1MLhdF7E2U9fN5gd7y0LMdFdzPd6GVcHpOEejxViBlLKHoXAOfz20nEein4bQC /Suk5nQWrIpTD63m+Xn3MWfeEygb702SlqKDTMNhfvCP32dL5UGcCaPUVeez5P1X+NHPrqMuXUAr GaUWltLvTJGiLNLl0otZun4TzimUSjF76p08/d5alAkxYZZe197IM299jAqz9OvZg/79+lEMQqTU FHJZWjIZhB8w+55xLHj/E7xQIaXisQfmMOOep1Ba8OqrT3PJlT1pSrWiRYqKHVv4ycWXUHXoOFoF VB+s4H995wJa2zKRZze+j/lsmqt/djGfrlhO3hhC4ZFrb6KoDM8//QDdbu5BJucTqhyp1lp6d+3J kfY2GvevYPDQoeREnqOVFQwaMIi2tgyhyCBEgT69y1jy2Qq0TvGf/+dCKnftRQqFFIp8roDvhxzY uoRf/PQaDh5vwpMao1rocf21bNtzBE8KhPRpbW2P0qK1wmmLtJpioZ0brriK//53/8R///t/4O/+ v7/nf/79P/B3f/+/+Ze/+2/89OIuNGYyOCOwOhIOyljCeI+ttQLpNTJxzAQ+2rgboUNy6Rau/dXl rNm8E99JnPZRgWDl8o/54UUX8f0LLmD6jJlU7tlLIKL0vdOhHeSdILA5mitXsmHYZGzOI9SG3JKF rO9aTuALpMoiA8WuR++jeurThEJSCDQNQY5D/cup3bqHoi9wBYNO+WTCkIyWhIUMW3v0Qq/YilNF Gu65mxMz51L0ighRRIRt6LYcras/YUPvMuSx/ey5pRfHn59PVhXw/DaOdBvCwSefwOQKhEGB9Lq3 2Xbno+i8oO7Zh6ju3guvsYVm5ZMy+ajGQNERej5VLz7J+lv74OeyKOGhwyy1xaOEfivrh/Xk8Euv ExbS5HQje558iiW9hqP9IlKGyGwGExQIdBvFfVWsvnkkJiPwmuvYd11X6ndUEPhZpDzBgfIxHHxj Ib712TZsDHve/B2ezKKkIFe5lpU/+j7Nq9eiQ48jgwdw9LlX8D2fVu2T3vgpO8ZNRgQhVXPvIv3x EgJVxAZpsu0NFFVAwYFRjlAZdGsDB4aMJTxURUF5GD9FWJciH7TQ9szT7HzwEWQuRc4UKR7dy76y MpSQtKz9mH2X3ULoBzSsfJ9N13YnfbAKobOoQiMn+o4gdfAYaud2Nl16HaK9AU/7SJ0iaKoj9AMy +zdR03sYqi2DzhfR2zeyruft+JkGwv0beO9HP6SxYjdtKovJZNjbvx9bJ00nZzQHHn+A6h7lFApZ tMyhDu9g+4Bx+KlcFOExhpwD34TkW6r54P9eSNvhY/iBQBea2DF2JIWVSwmLPjnp0/jy79kz5W60 Eti8Q+gQox1KR6n2TU8/yPph4wi0wgUBVY8/SdXDv8FqQ+g0yqVxroCzPlaHaCUIbZTe3/zh76mY dD/K00gVsmRuf/YNfgCpLTo0COOT3r+PXbeOpPJ7v2Tn4PHsW7Msioo+/uKXCHSN0x6z7pnFg4+9 hDCl9GAd7922cQTJUL9nM0PG/BqjA9asXkiv3kPwjGLFopcYMmg4qbxHqItkWmq44pIrWFN5mD07 lvGdf/oeby7ZgVQeymth8tgxvPnBYqRW1Nce4sbru1PTkqWoBFJZlI4yeazMU97rZl5+6SVyyiBE QFsqiycFSrRy/7Rx/Pb9NfhhSCGf4qbru/C7V16lIBRS5Hnxsblcek0/2rM50s1H+R//+D/545KV 5Is+wksxfeqdLF2zgYJQiMBn5R9fZ8rd95Hzilx/xS947c23KGhDGHpkUlmU1Gh16phljGD7prVc eNFPqW9PI7TlyLaljJ8wlYKMUtW1CbE2yhpSWkQpvtqgdI6KXVu59ba+tIUSp4ssXPAKN97aj1ZP YqxCCY90exP3z53Nv373O3S9+Qbmv/YyqaJPqF1UBTius2KsRUtBMV9AeBKt8uyuXMtVV95GUzrN soULuLnL1WQCQaA1oZ8mny8iZZQlpbVEa4ESRUYMH8mCT1fhBxl8bVn1xgNce0N36lJpwnxArq2G f/7//4Od+6ppPlHNjy/6CQve/5iiyKH9Io/Oe4BHn14QpWBboloPKuCe6ZPZsmUTntZ4StPQ1IQM i9RU7aBfn740pLJIKShmmxnYvzcLP11Ca6qG/7zgevZVn8CZLLfccB0r1lXg6yJSNLN66fs89tsF ZLINdL/5ej5dsY5ASJRQpDI5isUCKmxjaNkwdhyuxgsloUgxql9v3v34M4SfpqBCln60kOtuuJ1A CH770Cx+++yr5EOBCAIq9mzhh//yHTZW1MQp0fFcpTVKCorFPKEI0CLN+++8zWVX9yQbKt57+Rl+ 9qubaMwWMEbhVIErr7iMij17UbLAtrUruPCnV5MteARScXzfKq66/Coqqw4SKh+RbeHKH/+C+e+t QIdprrvmKt54+118pZBBkfUrP+GHP/05hUJILtvEZb/6Jfc9+Fta8xkCpdlfsY2ruvWmMZ0lVCF+ GCJFkcrd27jq2i4cPdGENQ4ZehQLOZRQSNHOfXNn8cGHqwm0oO3EIYYNGUlT1iMUglB59Ln+V3y6 cS91ddV8/3vfYdm69RSkQoYe9989leF3P0hRF9m5cxvf//4P2V65DylCpN/CyPJhbNu1P84GKWC0 wJmAV194mhdf+B0FISlqQyqbIww8Ui31DB08kOO19fha4wU5JpcP5Q8rtuD5jfS88WpGTHqATNEj DH2El2XQgL68vuAtisaiRCsLXnyEZ954l1y6gZ43Xcu+2hZ8FaL8Nh58+FHmPPwYVueYc/ckbu83 lNZcAV+EcSZPVNDVnE6gP/r8nykonHC+06GrOors6tMXLj1PSQT6aTA2qj4dpbadWjn4ryFK6Yka no7TsO67awoPPfUsRoXRIkNbQgfZ+gP84B//L5srD0eFpKxGaMGaD9/k3//zl+yvbY4FemdlWKcD PG1Y8eEfmDz3CaySbN2wlIFl5bSEGm18gmIDl112Fe9+vIGWhkNc8L0LWLNqO9IKjA2QsoAwChUU GFF2Bx8tXYWvHUr5PDB9Mk+9+DHKKF54fDbld96PpxVWehzet4Mh4yYjpERpScPxffyv7/6I1vZs xz5pY0EqwUvPPEm3Hrfy6ONPUF19GK1CQgvlvbvS/eYe3Dl1FtOmTWDqhNH84ie/YGd1AzXr32XE iOGEIsNbTz7CpZdezeRpM5kybSKTJ0/k6quu57133mbfziX0GziaIF68ai2jvW7KsHPdEn7202tp SmcJrUGLel545nG63NCdF158jiOHq6L9xiquWG4M0iqy7c3c1OUWNu3cix+GeKGPH2TIhT6fvflb rujSl3S+SFjI06/X7Vx11VVcdfXVlI0cRaaYR6uQBb9/jFGjJuFpj1AJjPR55L57eeSpl8iZqACa 0hqri4R+jprjNSx871369LyVqTPvJVRxRW8n4jQ2F29rcLgghyrUcOiq62ldthKRK2LzafLHq1h8 xdUU9x/BSh8TSrbfN4Njj7+BkhJfh/iFVg6PGErbseMYXcTIAratnpqXX2TV7F/z6ewHWPPzK8mu 34bKtbBj5ChS+yqjPb7CEJoCSvg0Ll3Aum4D2NLrVo4v+gDpSTxPkW09zI5Lb+Hju2azbPb9LJl7 H4snD2fBgCnIYoY9D0yn+rGno73enkEGiqKT0T7vIEXFDT3Y8ujj5IQmDB2+NNgwwLTUsaFsEO0H 9xMogVIhVb97hnU9ypG+QKg28ut3sGvW71k++0E+vGsmH9xQjsuEyCOV7Bw9DNEWEoYK37VyZMIY Ds//BD/bztYLLqa+5jAZoVBKk8udoKJHV5q2bKPYWEfF5RezZPR4Vt/1BEt//RBLpt3JH/oOIsim yK5fzAc39aLi148Trq3EDwVCC5yUUWE8rcnLLDufnsfH/ftSv+AN9J7D2KJBBylW33E7L829kxWz HmDJrNmsnj2HD/vcgSgo6ha9yZ4b7yCUhsOPzGHZDV1YdN9c1twzj48enMPCK6+kZtM2Wp5+kl1l ZRxzGhM4rLCERiCVJrN1K3vvnkPal+SNJb1xCZ8MvoMwm6HuqcfY2nMwYS6gKC02H7Lng6eo+M9L SIWSvQ/cy96n3kX5hkBJivVHqSybhGjJE5qocKKVjsBIUvWHOHDhzyikCnhKUji8kz2390LmsvjK ogJJumYLu4aNIOenCZRDKoVWBisDcrUVLPrxReRWbMDkA4TfQmb9MvZecwOZ1ia0VGx45knmd7+d l3r25OXbBpPafhDnC3RVJYt++hPyu7ZTzLRgsk0UN33K1l9eSqE5i1IBoRVYqdGilWz7blpWL+bg pElUdhtIzfQHvyDQrTVRNXldZPasWTz46PMEcY0FZ+JaF0YQOos0kl2rFnLn7KcItc+HCx5n+IiJ 5KRgxqheXHt1DyZNncP0aeOZPnk8//7v/8HS1ZvZvnEJXW7qR00xRCuNk43MvXcG8/+4lFApmmp2 Uz5sFI0FhXQSrQw6blNG+Wxbs5TbevTg3tlz2b9nFwUZ10eQKaaMG8OirQfQRtNwYh+3XNuVoyda CY3FCEHV1vf4p+/8jL0HjtJ0dDv/ftElNGbSSKVor6vi0p/+iPGTpzFh6kymTpnM2CF3MGb8ZHwp eP+t+Vx+1dXc/eu5HDqwKyqiKQ1Clt5QEUWsgyDD3Lsm8tYf348KB2qNDtsYMGgom3ZUI4ylqfEY 3bvdwHVdbuTqa65n5szZGJ0jm2mky3VdeO6F+fhaY1WBptoj/Pznv2Tphs0EOhqzrZbI0COfbqNi +xaeeuIxLvnVVWzesQ9po8rbuKhAmZEFNu05zMMPPc7dUydxZ/kAfvnLm2nNZEm31DJ2eDnDykex fNlSitkWQh3d6+itEdHeXy3yTJ44nlU79yO1h9Ca9+dN55HHXiDUGitDvHwTF33vInbsP8yapZ/w 3X/4HqPGT+fOGRO4687JdO9+CyPG3xd9dyk9Wwk2rF7BpT//BXfPvp8tO7YidIBUPs8+PJ2Lf3IJ 46ffy9Rp05gxdTxXXXkZr731Lg11+7j4/7H35l9eVle+/z/xveu77urOTU83uUmbdN+kk2g0MY7R OAKCiMook4oK4iyIiqIIiqKiDCo4z3MckXmGYq4BCoqiipqrPtMznGGf8/r+cJ4qEIlJG/NNp3le a51lQeFnPM95znufvd/7Z/3Y09xJ1F7Nz/7950yYdDOTJ9/ELTdOYNzoK7lt6j1s2rick3/5S5o7 Cpkzus7qyy2ucpBhV1zKnvYujFh6Ohr4/t/9T0aMv46bb7yO6ybfxFVDB/OLk37FwaZGrujXn627 69ESIVajdBNDB/Vj5/7OI1LcQ6cPk1ZYvnI10+6Zzh2TrmFI/4v51ZmXUEw0ix++j7POH0N3pBGt 8WkTJ/4VNMgCAAAgAElEQVTklzS192BtwqfvvsK5/YaSaIsyht3LXmH0VeOIdBKyzFQn5/36NJ55 7TOaG6r5zt//b+qbmknEI7pI58Gt/N+f/5SGhgba2/dx7llnsWnbLpRojDFUrfucC664jq6yQUmM spYt27Zw0imnsLtuD9oKVqXE5QKvvf05U2+/jVtvHs+5Z5/Fa299TCqGpj1VXHPdVMoqRtmINOrg vJP/jXU1B/j03Vfof/GF9CiDzubqx68s5Ce/HExjd5GNq1fQ79Jr6IkqiDE4ibh10hhWbzoQasZ9 mvkmJOyt3cE5vz2bm++4k9Xr11OsRMRW89GrSzjjtNO44ZY7uHHyzdx44w387sxzWPLqW1SiFs47 83Q+XLszGH8agzMpn3zyNhNvupmydtTvfpf+Fw6goa2T5R88yw/+5aeMn3QLkybfxG2Trqb/gEFM vG0KXrdzz63jefOTFSjxwWjV2nBdWYNxjt1HC/QHnsy6LRyumc9T3HOOpq8jROZxYJx8KQvneCYX 6MfAelDishZWh1t4/GfXlt42FX1p6U6YOfV2ps9+HDExxlu0s1jrKTVW82/fOYHVW/dgxWO8whjL 0jdf5oc//jV1LZ2ZgYc5/LhSJDVCoauRCy68gtbWNq4aOZT5S95AOYN2KeVyI6eceBq/X7qNQwd3 8oPv/Yg1qw+QuALaFhBbCK2moi4GXXg6Hy1bSdGBkwJ3jBvFwrdWoRzMufNabp7+aDAxUpbNKz9k wj0zMDbFOqF+9xq+808n0l1JggFKZrjjnMGJoa56J7MeuI9+F1/MI4/NpWIsI/ufw2uvvUEkHqcq iIkoa0vJOLa+s5DxYyciJmLx7GlMnjqDkkoxVmO0IVUaUUW2r3uPEaNvJM5Ov62kiNVYY1n20Tuc eNIZFCpFEqdRaRPKJOzdW8f0qbfT7+KLWfj8S8TWYcWSuiDQu1tbOPu0ftQ2tITUdedCupkT3po/ h7MvGk8UpTitSKMKxoQU+ZJSKJtSaG/i7DPO4MwzzmfgoMsYOOgyLh00gPPPv4AL+g+moxwTZ6Zs 1kRYCbX73iZsWbeUf/7eCbR3lRFr0BLhRGeOz5CKYFU7LV+8TdUvf8UHo67lg2E38MaYUXw0cgSr zzyLfc++gdEeZctsuHUCexf+HtEmGH311FM78ioKTa0kSUT3oR0s/dVpNL7yOq7uAKqxjmVnXkBU tQPb0crmMeMo1WzHaE1iUrTtRKsSXa88wcoBN7HiwgtoefENpGKo2IS0eSfVZ19Cd/0+dGcHrqsV 29WMLmhE9bB87FCanlyCE40WT2I8ymft25IeNp52PhvnPkmihCQW0lTjYsEe2scnQy6np2Efxhq0 9Wx58l4+H3Y1JhLqXnuCjy4bhl21C916kGjTx6wdfCtJOaZr6+dUXT0a6QlGbyJt7BvRj73vfkFa bGXVD/+dlvoDFJOURGsKzTWsOe1sujftpNzcwJYzf0m6cjXSUsF0NmHa2/HdMTaOqaQFdNMBWp99 hlVjJ7L8/oeQOMJpjfEGow0mFXQUkWzdwOYpd/D5sOHsfWclvtzBqv79SPdsx7b1IJ2tVNq6kZ5D lJWn+pV5bB9yOdZ6dky/g0N33EHc04E6WCLp6sK0NeCjhPYHHmLv8LF0O4VTLqR1SwVnLV0rPqZ+ 2t3YkqFkHK3vv8q6wYNIIsWBWTPYOPh64qhCxRp0krBp7j2s+tlZqHJC9S0TqX52dZbGmBLXb2f7 2OuxPQnGWiIf3PCV0zRXr6fm5JNRUYKWlOKedWy99FJcpENJhlZ0bF/G+jHXEkcVrPYoEZQxpK5M 3Zw5bDjtHJYNG8H7w67nvZGj+WLIcFb85ER2vvEGJWPQhQ58Vzu+pxHbUUJVPJGqUHfXnXz+qzN5 b/RIPhs5nnfHjOKjkVew4dRzObR0LYmJkViTKkGZFKsSXKood9Ty/r+eQl2/cV8V6NZknh0J8+fN pX+/QRQSRZo5gnurcLpE0VoSk/LR4jnc/fCTlGzEgvtuYOKkmygYxaQrLuGRR+ZRsBqXFEhSTVkn iDasXPoBA4ZeR5vWOO3x9hDXXT2aT9btwIimYedyJl5/HZ3aY1wSjLmMCyLchpZvHa3NzJ83l0H9 LuK+R+ZhxWHTHkaOHMn2xjasaJr2V3P+WRfS3NKDEY/TirUfLeS7/3IKtQ0t7N/2KT85ZTDluIIT Q9fBWi767RkolRIrQ6qDV0pqsvp3G9PZ1c5jjz7M4H7ncefUB4m0zlo6gtjgl7Jh2Qf88mf/Tr+L L2LAoEEMGDSIgYMu4cRf/IKx4+4gNoJIhFEtmNQRaUGpMk4X+ODtV/nXE07ggosHMPiSIVx2yUAG DxzAz376H0y7ZwapdRijEWvRqQleIVnK/FXDL+fa628jFo/zSRA51rJp1SecO3AUK1avIo26+Pyd 5zn93Evp7CkgEk44l378IdePG81Zp/6Kqj2NKOeCeZgL7dhs3Mmk665i676DGBujjWbuTRN4fP4b WfCmQrGziX/6ux9Sc7CRzz58i5P/7Re09VQoW42ohCgtUdIu+J5AFmgwOKOodDfz1FNPM2zYYKZM m0ZiNLOnjGfCtZNJrZCkCqUUqdIkRti/ex2n/KofjV1lKk1VDLlkKEWjsZHGahc6OugeNqz9gp// 7Je0dRWwTuNcFESgseiuGi7vfzYHeipo0XS3NfH9//UdGlvbSI3FKBWCBVKivaOFi86/jKrqA1jp wRiNKu3g/AvOp6Gj0Ne5xTmLMxEvP/c0I64ax9ZdtUjUzYsLnuR3w64m0sKjUydz6dDbKCuL1RZR eznhhyfSWtQYk/LWi09x5Zjr0Tbcg1e/OZ9rxt+MOI1XHomaOenffsEbn67n4P5avvP3/0pLexuJ 8TjbReOedXzvR/9KS/MBDjXt5byzzmNf0wGsaJwxrP3iTQZcdTulxJGaLjZs2swF/QezeUd1MM61 BqvK3D/1Dq67dSYtzfuIKt2MHTWWz1esQnlN1fqPuO7m+0h0hcRHlIpN/PQH/0R14yE+ffM5Bl06 hIIK14NYzZvzH+bUs66iK0nY8NnvGTh2GqmN8dYiVrhhzCC21iUhq8SHLBTngvFpudTD80ueZcSw K7jmuok0FUp8/Pxcpt41jQ4HOukhVmU6tGBtSlJs5bRTT2frvqZgAmc93lpKlUbGjh/HwcZ2Jl19 Obfd+yTWpHz82lzOPvtKyqlGacGbmNgIJWORqIk7bxjBym27+2rOvQ1tXo01KCdfEeitMx4P5sFO +uZ6bhKXcyRHzonQFUTQLiubcHl5RC7Qj8Hq9RtZs3FLViMXDGz+PIFu+3rBvvPsHO6YMYtUfLbZ SfDWUmzezw++ewJrq2r60ivFCq8+M58Tf30hraXQmoOsfZn3FusVXhms6WHQ+Rdx5+1TuGTICMpK EGfQTtHV2cDJp5zBFxtrUWk7v/n1r7nuuruJTQkjEYWezmAyVenh/LNP5oPPllIWi9gSY4Zezlur q0gd3DVhNA/NWxIMQ0zC2y/OY+qsR3FWY0Sza+NHnPB/f0tZZ/1XrUOMIU2KlIs9iFGIUaxbt5Z+ AwZSiBLunzKJiy/uRzFRQewmMW3dFYxzvP/cY4yacCdWHFXL3mHQJZfS3t2NMeFkcH9zazjZLrXw w3/9MY1NzSirSI2mpa0TZRyfvvcmP//5qXR3d6GtJu5poLurHSsGbyOqqjZz1nkXUVLh1F1lrrft h5o587R+tPREfQZ/zmnEO5bMeYD+l92AMiFy7MRibehTbcRhjeGLT9/mpkl3oLTCWo9ImkWaFQMH DWbpilWU45jXX32ZcrEzCHTjcSbhw3df5Sc/O4lyuYPutiZKiUJ78D7NHI41jas+YukVw2jZtgxn DV4bnOtApJt4z0a2XHMThUTjXSfbr7uBPfNewKoyWgxx4SA7Lr+SpGEviU6pWraIg9/9Z4pdKUal tFW9ydsnnULxQCMqLrHrptupfewxdFqkR8qolj20xYc4MH8G6596m6R2I6tP+i3733wfMQUqhWpq zr6Abc8vwCeCr1hsd5G2JCVOi7x6xtm0vvIBTgzGQWp96EPuDGVTYe3tU1l35bUklQoFKdFTbieq FJD6nXxx0SAqzU0orelysGH2XawZdxs2FbaNGceau+4ltmWiyn5WT7+Fbbc8hI8rFN5/hX0jxiCp Q3uNxG0cuOhMDi5fi7eKlaOGseuhJ7BxO7ZrP03zn2DLCWdQ2bmf9rTMmn4XceCJFzBakUiJtNBD MUroFKHQ2oFRMWlcRKJaXj7nXGxzC6I82pTQUqBcaSdt60EZwRUqtC19njfG34gvNNJ0771semAe vlvjEyGNuomaavDaU/vwbPaOvwHjYM9bb7D91MtpbmggTVKU1iStPRixlNYt4+0zz8EXWkldmbJu p6cU5lXH0o/ZPmUKcaWCV4amF56mtt/l2JIh+vxDXvzZmSS1O7HSQRr18OmAgax9diHORNRePZb9 X1SHVjsuRW1dz9aJE/GRwTqIPUFYakXntnVs/cXJdFbaSVSK62hk2+WjSbZsw5gipbSDgzffw/r7 ZxNZh9ce71KMi+ls3srO35xH2t1OyVeQuI2yj7Gui62vPELd8NswcWiRF3twklJ0mpI3qJZq3rng IlRzM0ZifGJCuzYp0fX5UrZNuYuCSti7porOvbXEUYorCYmJiPbvZvG/n0PDVXceI8XdYTNj0IP1 tfzqpF/w3sefE5vQwtFaxZ66alZv24kSzZypE5m74BliG3HzqEu54867KDvDq/NnMmz4aApKIapC kmoOtB3CpppPPnqdqydNoyfzv/CmlSsvH0RNcyvWwZ5tqxg1YgTtUei17IwNPhdiiSplWg41YVSC 1QlJpchFV4yjlBhM1MbwIQPZuKMmlL50dHHO6b/h7XfeIbWCMRVun3gtQ0ZMpqQ0W1a+x+kXjEap 0LrJVLoYM/wKVq9eHbKKjKVU6KazuweVxJQLnVkGkGZ/7TZ+/ZsL6CrH6N6+tcZQ7mnjtN/8hgUL F4SWei67f3phy6ZVnHveebR3lzCmjFhNokMQx0kBVSoyevQQtm7fTSqqr0ZRrGHPnj2MHDWennLM zp1VrFm9Aq0UYkw4zU1LXPi783l83hIiE9pqeZfixfLacwu4++H5JComjgtcd9UwzjhvEMVyhda2 FuKoHISUSnjkwQdY8voHISAtoU94EOjdjBl1Bet2VGMkRVnDrWNHsPCVD7Pe54quQ/v57t/9kJZC gfqa7Xzvf32XN9/9MJiUqoS2jjYKiT7CoV2wOqWlqRFJC6QqoVDo4uRTzqC1vYctq97hvHMvoqsQ erwrpTnU2kasNDs2LufsswbRVozxqpXTfnUan69djRiDtpZClFIplWlvbuS3p5/G2g0bEWeCmVyh jEo1lfY6Ljj71+xp6SAxGhWVOO+M03nvo4+IdIQymu5iREd3FyqNuP7qa3j25XfRuoTWlteee5h/ +Zfv01woHW7l5QSTlBg99DLefP/3pGJRpQ5unDCeUTdNJTaOR6bdyjkXjaC7WEJrxYdvP833TjiZ bhvcz19e/BSDLh+BseEU9s0Fs5kw6a5Q5249UcdBfvp/fsryDXWoSjc//tGP+P3HnxJrh9EFXn7h ac65eDBpLBxsqOfCi0bQ3hVeo9iU37/1EiMnP0CsFXtqNvCLE8/go8+XoyS0stRGExU7GTtiONv3 NmFUxJ663fzyFyezccsWjDNsWPE+46+fTJxqUrG0d+/nO//v33GgtYN9uzbzf773fbZX78VaQxSV mXj1OB575nW0S/j0rUWMuv0hUh9KZ9JUMeLS8znQpY7IujQYk3Ko+SBaJzgx6LTAjTffxoYd+2ne 8wVDLhtBbUsRozqCCe6hNrSOiUrtnHHmb9nb3h26MojHiwXXxZQ7bmLKzbdw3iUjaenuwdqIpsZ6 fv2Tf2dfa2gX6ExKU3snneUYXWnh+tHDqW5sDR00pEJ7axPlchwyMTxfEej1t89ArP6S63wu0HOO pG9OZOusNpqmtnY+/uxzjDG5QP9rv4D/ijz34issfO4FTNYGB/58ge6cw9uUPes/4bpb7qbbhp7o SaWTxQueZsGjj/C9f/4Rd907i+dfepGenm68CLPuu5vh195GxXicDfV0QaBrUi94acdZ4bm50/nO 33+H1z9ahckir6loWg8d4JxzL2RLXTNOSqxY/jEXXDCI+x+czuNPPMm4sddQjAqIiXl2wVyGXDmC Ja+8TKVSYOyYMazavQ/lYdLVY1ny+ntZm5YyT82axuwnFiAmxUjKus9e5ddnDc5Oo0MbKWct9XU7 GD92NLNnzWTRwoWMGjWK++6fQao1B/fvYvCggdx4y+0snL+AqXfexbynF2NNzJKnHmHi1AdRDmzc zq2TJzFsxEjmPfE4Dz40m0uHj6G9UMJZxdSpd3DxxRfw9IJ53DH1LsZcPZFKqjlYX8sF513EvdOm 8d7777Nr82rGjx3DQ7Nns+jpuVx7zXieWPhMSJe0CiUWI57W5v2cdXZ/ehKDy9rEhf7zjnkzpnHl mFswmYuuzTalvY6The5uBg/sz5pscytO+rIIvFU8MGMGkydPplAocNvNkxk+dAiPznmUZxY+x0MP zODSQQP4bOlymg5U8dMffY93fv8Fset1vFfYcpH1Q8bx4UVXYAqFcJJkHQUfEYnCdh1iw4WDadxc h7Ud1L/8EqsvHsaehS9RbuykpCrsmXQja669iT3vv0Zp/1Y2XDiI7dPuYMczj7J7wm18ePYFmLYu KlrTs+wzPux/GbsefIz6R5ewZfgEujevZu/Mu6l7awMlrWjfV8OqQRfT8OmH6FjY++rbrPntmWx/ 5Al2PrWIDRNuomPrFuJiEy+dcw6tn6/ua8tnxCPeoRIhjhXl5jp2XXo9VTc/yP7HF7L21ns4uGIt escW1g0czsGOdhKtMYljx73TWH7bTBIj1L35PCvPHUnt/BfZNfMxVt10I1vmLkR0mQOvL6HmhluJ TBDouquVNeecysFNm7GiKLbvpLr/aNZfeTWr75jM9tum8dIvTsM0tmBcRNPnL7Jq6GiqZz1OzdNz WXf1zZSXL6fS1UDVlTewa/pMahYvZN2d09gw8TakHOMSh3WKxMY0f/4pK8aNZdfTD1L79CNsHzGW ze99hjYlums3sOzCQWy59XZ2vTSHDTdOo3rBEsrWsfmRR9l7zyy0dajWemrHTWTT2GvZ8/TjVN03 i91T52IrMUm5nepp97Hs+luoX7iIrffO4MAjr2PSlKi6mo39rmLzA4/TvHMHB+c/xb6rbkBFBltp Z/3d01kzbgJ75j3Jxuvupu66qcQdHeikyOYbrqW1tgXjFU4ntK5cwfIpt+JVMLEMwbognFRnE2/9 7lxW33Y/Bz9dSaIqNC5+lY9HjmfPk/PZPuMhNg0YS8fWXRSNR5TNyjAUu6bfxqqb7iTSCUVnSH0p tCxyCeVDm1k/bDJpaxltQlaO9YK1IVOg+r651M59itRYoqyllBJH2aXETfv5+OILUNXV1Lz5Cjsv HcDW6dM58OQSap58iBVXjeXgw0/Sev/DX24P9C//EXp4+2DK6HXCyi8+4sJ+F3P7lKksXDCPe6ff y5Chw3j/8+Voa7njuvEseekVUh0x8pJ+3DfjYSrOUu6s4Zqrx3DNpNuY/9STTLt7OrdNuZO4EvH2 W88y85GFRFmmlrOdXHD+OXSUuxAHPR1NXHj+77h16r2sXLUOa0xo0eWEPXU1XDHkMu6bfi+LFi1g 8qSJTJv9ZMjE0QUWPPYgF/cfyKIXX6PYE/HS4icYMuRS5jw2j2nTbmf45SPZVXcA7SyrPn2bAcMn YbRkp98pn370Pueddx6PPPoo8556ipEjhvPxp5/RsK+ecVeNZPr0+1i4aBHjRg3jxlvuoaINKmsf 6I1m2ecfcMZvz+dQRxeJkT6B7p2jUmxlxMjBVG3fg0gFZ13o/mEUolM+ePc1hlx2BcpqEusOG62K EFUixo+fwNqNm1m1ailXXD6YyZMm8tS8J1i4YB6TJl7LtWOupVhJSSW0yMIrnLNUb9nIqWecx6xZ s3jooQe54rKBDBgygjhNmD17FteMH8eCp59izuxZXHj++eyorQ8ZB73t7XB4m3DPtDu5dOgIXnzl ZXrKJa4aNpg3Pl6WtaxzHNyzjf/9vZ/QE6WYpMKieY9zyaBLmfPEE8x99GHGXzOBvQea+/YTToS2 lmaGD72C2Q/dz8L587n99tu4YdJNGG3RaTsz7p3BqFGjeWr+AqbdfQ+XXzGUg82HWL9yGQMHjaAY pXhTZOGCZ7hwQD/mPz2P2Y8+xqgxN7JjWw1epbzx8rMMHnIZsx+ezZyHZ3P7nXdRKJZwusA9U25h zISJvPXB+2iVsGrpUvpfcgkzH36Ax5+ax7hrbuGD33+K2JTN61fy6zPOZ+b9M5j7xNPcOmEcJ570 K9pKleDbQNZ+y6a8/8ZLXDxgEI898TT3T7mVSy48j7tnPYFxjg3Lfs9Pf3oyU++6i8efeJy77pzE r8/tT5cNKfi7tm/mxJ+fyIMPzaGqqor5j0xnyr2zMQ7Eeg7V1/GzE/6DDVv343SZT3//LpcOvoxH 5z7OgzNnMmDgxSzfsh0lnn11VQy96kZ6KhW0tThX4fUli5k+ZwmlqJMxIy+j34BRLFj0LPMXPcvT C59h7br1WBXzyMwHOb//lSyaN49775nGmaefSdX2LRgxlDoOMHjwxdx77yw2b9tOc2sN3/37E+gs VVBJhbun3sGVw0Ywf/58Jt04iQkTJtHaU0abiDeen809jy8hyUpCypUKgy88h85E4cRkgQRDqdDD DddP4K6pU5n/9Dym330X102cTEehhFNd3HXXXfS7bCTzHnuE2TMfol//Syn0dFPobqf/pYM5VCxn B0RBoHsp8NE7r/Dj73+PBa9+RGIjYhtMal9c9DD9LxnKnEfn8tichxk64ip21tQSFVsYN3IkTZ1F rCRElRYuPO9slix5JZh+uq/WoG+7/k68zURWLtBzjsHhsoeQaWyssLu2jhkzZ4W21LlAzzma5154 hUWLX+zbUMA3F+ihlUyoNRMxqEITI0aMYm93GWNSVFRgzcovWL1iGevWb2LZqg2s3biWqFLGac3k yTfw9qcrQiTfakLfTMDb0L/alfHOkpSaWb9hLd2pwfjQbkY5IYkiNm/eSkek0DpC6wpJElO1tYrN m6tIkiScOBmFMTF79tSzafN6EpWwq6aGzigNi+/u7TR3dGXp3hENtdvY09SC0wWU1bQf2seGbXUh mtp7IiQO7xQqjdixYwer16yhpa0t/N4JohO8s1TX1LJ27Xra2jpCL2xJaWzYS03DwdCOxySI1bS2 trNpwzrq6vYQWwmbURGcKDraD7F69UoaGg+ibDjNdqKJk5hNG9azc8d2rEmoRBW2bN/B+jXLaWs7 FE6UHDiTZq3qhDTpZOPWbaH2MQukqKzVWlPdZrbW7gvv4avfOIWeTjauX0+iSmFz5+PQh9iFPqtt rS1s2riBJK7grCKOI7Zv28Hq5aupramlkiakxpAUm9i8bjntPSWUB+8TvDOYSgm9Yg3Rrhp6tOBS j1MebYVEPBVdobh9E50HWzC2TGIizP4G0i9WEXWVKEtKpA6hN+8i2byDYpJQVjF6w3rSqq0klZiO reuwKsVGJvSpLnVgV2zGrNqELrQRmQKl2nVUWiqUxZKqCupgPT2rtuMiIdUaV2xBr1iLWbmFtKcp pGXGMV3rNmDaC6FFlz/cz1dZR2osFZ/g4yLpjl2YpeuRg80UdUrcdYhk01oKKiWVULMe1VRRrj5A 0Rm07UT2dRItXY2t20epaT96XzOpTWhtrsPs3hlca71ByhXiFe+TdncjrkxS2Y+JEgrNrcRRkfbl H/D6Kb/FdEfo2NJle0i7utBfbEWvXIduayGyZbSN8MUiZvcuOld+gdmyB6mYYPokCiUOqy0m1pS6 2lFrl5Ku/Azd0I5LHEYJyiqSQg+6ajfJ8lXIgUOYOKHHWbr31lJp2IdOXEjTTnuQ2mrM8lVI7QF0 OUInhpIkFHWJ9GA95rOV2LrdxFqhJUJLgjnYhl6xDnWojXR/LdHOrSiXIBKRpN2ke3aTLluGq91L KS1jYkEnMT3Vm0krCu1iJElIDx2iWL0Fp9K+ntleLImzKJvgC61UNmwlqqpGWUPJFTCtjZS/WI/e sJGkUiJVhqQSWh9FTlFJE7o3ryDuPojJWvu5NMGnkgm+Lko1uyi3FUOKtVcYZ0MJUlnRsmU7qqcn 68vu8EaCOZUYrI4oVW2l0thGZGJM0oCu2ULlszWoNRtx7Z2ITmh55FgmcVmrIw/eplhTITGKfQf2 s27tCur37yM2NvS7toa6bVtpbmnHmpSdW7aw/0BL8OuwRaxOqG9oZO2GNRxoPBic2LWhqXkXjQdb sx7nDmfLrFuzEqVjxBmstpRLXVRVbaW+vimkvUqK0QprNcZoamtrWbNmDQebmomza8pLgpiIffV7 WbNpK1qZkHpd7GD9hk1U1+wkikLduxJDR1s9a2oPIDqksFsb5nCxWGTDxo1s3ryZcqkUAo7WoOIy e/buZeWqNbQ1N6JM6LPsvAulOFqzt3Yb9U2toYWluC9typ1JOHBwN40tnaF8Rzziw/3AqIid2zey f18TJsuyOdzLPPRU3lu/j/2NjYikiCi6OjvYuGE969aupKuzGdEebR0mE9a+twe0VnT1FFi/bh2H Wg6xb38923fXYMVgjKKjo521a9aye9duokp8RO93d0Sfck2aRNTta2DTli0kKmb79k0c6urB+9Au M+pp5Iu1a0i0xWmNk4Tu7k7Wb1jPzl3bSFKFtvZwaqcIRqcYnbB9x1bWrl5HY1MzxtgsIJUixtDe 3saq1WvYu68htBY0ms62FnbsrA5+JibFiqVYLrFm9XJ27d5FIUt1dyrFmQqdhU62bNlCzc5q0tSE 06SIgwUAACAASURBVGjR6CRmx+5qdtTWho4mxlKuFNmybQMbN2+mu5iE68uleEnoiRI2b9jMnvr9 pIUSGzdVUVIWEd1nsutEI2mZppYWVq5ZR7mnnQP76tjf1IxxGrExlbjM5o3r2bO3hjSK2LhzOyUR xIZytmJ3O6vWb6LhQAMNe3dQ23AAm5XOVXo6WL3qC9qKadjbpBVKhRJbtqylautWKkmF2IW1oFRu pGp3LamNMVajbYXWA03sbeogSstsWruUz1euZe2aNaxZu47Va9ezr6ExpLkbxd7GZjauXk93dzfb d2ygGHWE02FJKJQ62LRxO82th4jiLtauqiIxYR/mTJnuzlZWrV1PQ0M9kbIY63G2QmtTNfVNnSgn eO9ItKZq9Woq1iIm83OQMOet1jTs38+6tWvZU1eH1ilWEkRZrFW0d7ewYe0Gdm7biU4V1lriNGHb rl3Exh6+9lwInMTFDqo2raMcpRiXUpEIYyOUrdDd2cXmzZuo2rqNKNVoa0M23Y7twRPGaawtU7V5 Pe1tnegsiHW0QN95wxS8DbXqveTiPOdI+qaDl5Al5aC6bi8zZuZ90CEX6Mfk2xLoENLXnBOMB+Mc zibcOGEcc194G20NqVE4J2hJsU5nRmUJzmjaDjYy+fZbaY/SkG4paYhM+6y3ugjGhw2IdqH9jhGD zXqsKicYZdGJJTYWa0NPb2MSTPZnyaLVxhq0TnHGILYcaotccNm1uhI2MRLMWlKr0SqhRxu8dJB6 UDrUI1mrstNin7UjCgY71graCspYrAk1fTa78Yi1KBPqlKwNZibGSnZaFDZ/VgQRj7M6pISLC63o jMJkhlyHa1YEbTTiBGNV+EzEoKwOfZOzwIFzhiSro3I2RUv4t+IKRNYQW4M1YSMRZy3VnOohsSHd 9MvR4N42EQZjbXgsJ4g3WR912/faxJq+XufiHNYIPlYYIySZ94E3GjE6vGZr8VktvLaSmV0Jnc7i jA3i3IFRFiMK40K6pzEOk1gk1TjdjVEGk1iMrZBaS1k7TCqhn3pqsJFFpY5YwmlYKoIVTWJTKsaQ uhStNMqmKNeDWIeYFKcTusVS1sFMLDEWFRmUSkmNo8cZXGKJxFFwoW7ZZUaMvSLIiASBlola0Qmi UyIx9IgjlQTjOjESzLlisSRSQuvwOkUiiloT2wqx1aQ2BFuMCKkoEtFhY2cNXhlKtgWrNTaK2HL9 KD5/4EGeHXcDO199llUDr6TtubepaKGsHZI6UqtIjCU1glbhdRrtwgmyERKlqWhNyWgi53BKMN6g xKKVoGOL1YZIbDCTcgZjHJJ4yiJhE6QsxhqsFmwsmMTQ7UIrMNEOSYVIWyoiJFaCMDKWogixCaZm 2ihMbDCRYHyZxGlsqoPXhBhiMRStRkwJYxWJpJRshUjC6WWqDbbiManNenw7ElcO7f9MgrGlcC26 IM6908FJ3QlaldFJgk0ilLEYVUF0iURZuo1CqXBdpxIEoLIWrVMqJrTN0lYTS6ivdjrFWoc4hbZR EFxiMVbjY0eqBZtYlLVZFsvhNTGcEoVrLrI21NGmjrLTKGuItMEqiyhPoh2Njyz8ag16tp4EYRhM 4bSEdcjbULJiXOhh7XWaXYchTdtI+N5TscFMyYT/XzkVrnkbvm/jwibf2krICLBpVossiKtgrMuM HGOM9hhJMa4STDAz0zLJ5rg4Drd89JmzsglC0IrKSnEMxuhsLVY4k6LEokxMt3MhEOqSzF1dsvaR IeAhIkFoWxO+GwnXgLMm6wlvw+vSHqN08NZwZPMk+06yz9NqjbYK5RTOSvi9V1m7tbCeW6uwve8x C+I5cRgV7hfiTGjRlgVRrbFYo0P5gQ7lCUZUFij2GOfQxuAkC25IbxDXZq3e7BHtMsNae/Q9v1ek O2uDm76xGBWHtdw5nLdEHrxqJ9JJqJ3WBmsrOBuHtHNJg/B2+ku1l07Ca1dWYXTI5DLGI9YT+3Bt i9V9a5oVF8xkJdxfxKhg2CqCMRpnwlzT4hGj8VZlZl7hXum1x1qHdi48lg7vP8m+V28d1iRZEETQ 1ofUZpdm5WAh28I4h4uDwWpsNU5UqKv3hN7uJsYYE+5bTuNsgliFuJDV4F0S7uEuxcSW2KZUtEJM TCoGp4okYtE2xUqKduH7FhehdURiCkQ6lNlZSbFK46QHZ222TzBYU8FKAW0N2oVgvxKD1wolCcpa vBZSV+7zGghtbMn60AevIEmDEaJ1RYx0Y02KtjFGZy7/kqK1RqygnCbyDm+LWF0M91Ibh+tOe8RG Ya1XoUe9+OBJoCJL5HR28OCzzJoswyYLiooVrDXZXsOFn0Vhe69RF/ZZqe3dU5ns2gvXkmSHFyIq PJYolEkwNg1mdtmBiHHhvhzmZ7a3dJkxnNbhM7Y27E+c/YpA33XDFLyxeJML9JxjE6aDO6LbBlTX 1TNj5sO5QCcX6Mdk8Qsv8czi58NN+ogJ8s0EephkxpOlTFo2rFrKzDlPkWoTNn3OYZ1GfKjXsV7j rGFnVRUvv/Ea2oPzNtQgZ6/Di8dbj/ahNY3KzDhEVBCFniAQM8GjrEbEZ2kjOiz2vaf7rneTGzZS ziaIC+2DvAs1fC47QQ61maGFSiwO54poD9r4IJJFZzX3oQe8ZCZ5ztF30+tNGbS29xRODt8MrcmE PXjRIe0lE3Iua03nXLYhEsHbEGm2JnuO3pRyZxAfehUbsYgLrUBM9nm7IzZ/VsLJiHW9KaQRqUjY fLhwQt97gu5tEk6LRL4i0L2XvueXPnEeshlc9v7cUSNsEj3ehs9A925qrWRBh3By7q1HPGgf6u+8 8dl3qDMxAsZbnA/frRVNyUGaid7enqpGfPizdpje4IFR4WROFGXvMMbj0vD+e934pddVPnF4bfFW hXpVH04KxGl0KqG9kRGKXuGMDaZVTuOVxluDFZWljYaSgb7TseykIPIQZanFktWoexXMbbyLwwZF TGZSozHWZcEgg1OS1aL6UENnw1z12oX0XeP6nqfdx9jssyntq2Pfo7N5+oTvU3fTFHa/v5TYVrA2 xXiLeIt1Md4kxK43UOQxWaDMutCbvuxdqJN2Dl/2iEvRPgQ2vCtnvhIebUNGhfIS/AVMivVJOCnz jsiDtQ5rw89e+74AlFiXCSWX1QIK0jsfPBQ9JA6ccohP0F5CIM4nQWQpj41CZofXkm34XMjC8KCN UPaQaodoj4hDuyDItDMkXgVvjl5vDWew1vVds4nTaKdCPbJVOKdC3/IkiA0ngngdSnWMQ3uDNVnW jTVhfZJQHhA6F7g+czSTCQ5vPEY8ZW9wqQ7zNBNxxh9u0RIcpVOcjbJrMqTka61RYsP3Jpb2h+d/ RaAHMeay9TucDtvModxL5gruCMJTp+G7ya5d4yzGaawPcyVcyybMpWzdDetoOVsLe4MRJnu8IECM dThJgiGd+CBKXZpt1m32nIeHExXqmT194jOsc2HzHoIOJls3UrworLNoG4JKvlc4ZWvtkaU7vf89 HPwI79dZG67FrOe4mCBwXbbm+b5ATibQIas1NBiXBnHuDHjd9356N20uC2731WofeZLubDBXE3eE 0M0M1xzZZxVO532WqWN9+IycE2zfPcb2BdHDmtx7jzr2vdxna7/0ZYplKbwieC+kHnwW4BYXyrxE kvC8VjL3//Cev9wDOATPJbtejfjwGsWT+syoToIY6i0XCK85a00kJpRhucyZPbuOwj3H4EVn7633 PubDfsD3ru/h8zS+93t1WYuvLIvMOZw3fd+r9dnjZ/cjcSEg6Z05fILuBO90VgrmsGJCYEkO38OD gV+vx4IPAUaxwQE+MyRU2bw10vvaw/1MJEVL3LeH0lbhrAEf9QXYwolxjLhgHKt7g1Xi8KLDdSbB E0P7Unj92RyUvo4E2VprwgGC8wnOxyG45oLPTNhTqWwdDHuJ8L3FOBtlewkdPj/jcZJmho3Bi8P5 zMMmEbTTYV/UW2Ljeg13s9civWaNLgtUhbVUnM2+72w/5XsDZPbw/iTbg/WZF2ePp4wEY67s2vU+ y3DrvYZ9Zvznsj2N+MyUMQsQHcMkbscNU/oCcH3XUC7Qc75CWP/wYc9bU1vHAzNn991zjmdygX4M 3nzzTV577bW/2ATpPZX4usd22WnyH/t3OTk535ze08Eoihg0aBClUim/MRxntM9Z9BWBnpOTk5Pz x+kNjB4t0HfdfG9fm6z8fprzpyAi1NfX89hjj2GPKI04XskF+jHQWqOU+ott1A9HQv/w4/+x3+fk 5Pz59F5nxhiSJMmNSY5DcoGek5OT883oqx0+SqAfum/ul7IFc3K+jt6Sqt69WO/e7HgmF+h/gCNF 9F/yOb7u8fOFLSfn2+Xo66n3z703h96Rc/yQC/ScnJycb4aXYwv0tgeezPewOX8yvVnDvfMlF+i5 QD8m+YKSk/Pfi6Nr/3NyeskFek5OTs43o9ez4isC/cEn/9ovLSfnb5pcoB+DfBOfk/Pfi1KpRBzH X+vpkF/3xye5QM/Jycn5ZhgfTGRzgZ7zbZDvww6TC/RjsHPXbnbs2p05cDsgnyw5OX/LfLb0C+57 YCYd3T2Zc3xwu8ULEBx0X3ntTRKtya/344tcoOfk5OR8M6wLXUCOFugH75odHOh9fj/N+WMcbmfd 1VNgw6bN4W+Pc6GeC/RjsGjxC8x/ZknWuia0YfmmfdBzcnL++nz42Rf0v3wE19x4Cy+98RaFcjn0 oTWh7VJsLCedfg49cZq1Bzq+a5+OJ3KBnpOTk/PNcE6IxX3Vxf36O/FisM6Etm5ZK8x8H53TS99c 8NLXfnRXzR6m3z8zP0knF+jH5JnnX2bRkpf6em1DVmeTryw5OX+TfPDpMvpffhWXXD6KS4aM4Orr JrNyzQbKlQgrjthYTj/3IkqJOiJzJud4IBfoOTk5Od8M64Wic+zKBXrOf5IvC3RBxLG7rp4ZM2fn Ap1coB+T5158lYVLXg6pO87hAfFh9C4w+chHPv52xvsfL2PA5WMYNHQcAy8fzaVXjuGyoWO4buKt 1Dc0EWnLGedcRDlWOMkF+vFELtBzcnJyvhneOkS+muK+6/o7cUbnAj3nD9I3F7zgnGDFUb1nHzNm PtzXZvp4Fum5QD8Gz774GjfecRcLnl3Ms8+FsWjx8yxa/DzPPLckH/nIx9/YmHrvTC65YiyXXDGW gX1jDJcMGcXQUVdz/4NzuKDfIMqVGGvluL4pHG8cLdB3/sOPaLv/8XzkIx/5yMcfG/c9zqH7HmfX P/7fLwc6r78Tp1LEW5yXXKDnfIVjCfRdtXu4/8HZaK2B47sOPRfox+CpZ19g9IQbeWzefB57/Eke nfsEjzw+j0cef4o5c5/MRz7y8TcwHn18Ho8+EcYtU+5h4BWjuaR3XDmGS64cy8ArxzLgspE8+sQi TjzpVEqlCGvy+vPjiaMFej7ykY985OPPGzWT7sJbnQv0nD/IkQLdO4eIY2d1HVOmTf/ajjvHC7lA PwbWOYxz2My0wHO4Bj0f+cjH39748NPlDBgyhgFDruKSy69i0JVjGHjFVUyd/hC7a/ehrSDW4cRl J+h/7VUo5/8vcoGej3zkIx/f7mi5by7iwsmocyHF3flcoOd8Ge8Jbv8STtCtc2ibp7dDLtD/AHlr tZyc/058+MkKBlw2hkFXjuOyYeO4/qY7ef2dD4iUDkE4cXiRrC1Mvok4nsgFej7ykY98fLuj5cEn sT4TYNkNNb+35hzNkfPDA867fI5k5AI9Jyfnvz0ffrKUgVeMZMTYCbz29vtESoUMmWzD0Bvhh3wT cbzRueBlqn9wcj7ykY985OMbjN3ZOPLv2p9YHO6luUDP+Rq+KtDzOdJLLtCPgfccleLqwFvweW1q Ts7fIstWrOCpRc/Q3NaOdYLzval3FnGCsQ5xIM5hRfA+z6DJycnJycn5Orz1GCcoJ3jjEQfexHid 4OVwmrInF145R+PwztKbsWwllBVLlt6ep7jnfIVDza00NbUgIohIEObe5AI9J+dvlDiJSbXKauKy YJsPP1sRUiOs2VBFanqFe36t5+Tk5OTkfB1ePM4Jxlm89sTWkTbuoWf7NrwNLUt7xXku0HO+jOvT Vs45tLH0FMvU72vIBTq5QD8mzz33PM8+8zwiLmzUvc0mkf1rv7ScnJxvgHOCsRpjNeD60qqcE7Q1 VJThl6eeTTFKMZIH43JycnJycv4YLruPOtF45Sk6R/3ieaydOBmvpU+g56nLOV/hS4efDiuO3dW1 3D9jJtYGvXU8i/RcoB+DJUte4rnnXkIkRP++qUDvdZAOaRzSd2rns3rXvqiiB+8s3mW/O2r0Tt7e NJAjazaOSSYuep+j9zkPP8ZfZsJ7cXiv8F6C8ZZX4X3n5PzVcYjYLznKhusuzNXIWE797UUUE52f oOfk5OTk5PwJiAdnLFYU1jg6vaP5uTnsvn4iXgnOSvg3f2zfmnMckqW4Z5rFiqO2rp4ZD8xCJHdy zwX6MVjy/Ms8+9yLOJctKL73FP0/J9D7FiXnMvEt+CyttrfOvU+gizmiFuOo0ffcXxbof3Cxy15n 3++/JPD/cpPdG4f3FZwziBO8r+AlzzrI+a9LbwAptsKp51xEKekNKh2/N4WcnJycnJw/BefBaY12 GmM8iYOm5+ay8/pJeO2QowR6LtJzjuTIOSHiqa2r54EHHjnuxTnkAv2YLHn+JZ597oW+dJzek7b/ /GmwO3xaLr6vD6TrE+tHiO2jjDS+XLPzVXH99Ytc9lhHOFMfFul/Obw48KrvlBKv8JKfROb8VyZc E4kVTjvnQsqJOiLbJCcnJycnJ+cPIR6ctYi3OO1xxtO4aD4bJ96KNw5npS+bNBfnOUfzJYHuyAT6 w7lAJxfox+Td9z7krXfeR7K5cbSI/lPpOzUXH4w0xGfuhOHv3VGp7r3uhUcP9wcGcMxJHBbCrCZI XHhub3HijuFQ/+3hj36NWYrKt8XR7z0n58+ld84mxjJyzNVUkjRLb8/nWE5OTk5OztfhIRPhgrMe MY79777N2lmP4Wy2D+zd5+YCPecIvqStstLY/Q2NLFy0OE9xJxfox6QSx8RJGtpFeP54Svkfwtu+ k3LpXahsghGDER9q3I/s/+cEsaZvOLFYo3EupAlZa7Nh+upprbVfmcRGPOI0Xsp4Y3HWY73GGMGJ x2h7xHv5dia/cw7nDWJ89voVYnxwzP6WnqPXVf94vmBzvl2cc2it0drQ2dWF1jp0bsjJycnJycn5 Wrxz+KxNqXGgnKCjIqpQQGwusnL+MEcKdOcMVixKG8qVKBfo5AL9mBw+vaavDv2bCHTvbTjJ9kFc OhOzd/tqnn/pVUraoTPR7sXiRVi9/As+/f37bFy3ilHDh4YxbCjDh41gxIiRDBs2nJEjR/Luu+8w ZuxVjBgxguHDhzNs2LAvjcUvvMah1oNcf80oRg0dybChY7lyxHBuvXUK27fuRqtvX6ArrXhw9n3U Vh8gjSvMmvkAi599HW3Vt2K45ZxDRCiXy33ujjk5fy69NwCR3sDX4aBXTk5OTk5Oztfh8D7sl60n HNAYwYjk/axzvpY+XZW5uRurEOcwxzh4PB7JBfoxcB5sb3q5HNmS6T/3ON4L4i3agTOClohPX3+a e+97kIoDZWw4VReDsxFPzryfJxYuoNDTwd7qXdRV7+S1FxbyT//4A97/6DNqq6upqa2lu7uN2rrd 1NRWU7N7G//8D//Ea2+9Q03NLqpramhra2fXzs2cfubZ7NpdQ211A9t372DO7Ec46cRTWL1qG96l mXuixXkJ71dM34IqEt67k/Dz4XR7CX+fOc6Hi8gSRSV+d+5v2Lytligu89CMB3n+hTcxohFnEbGI Fbw4RHxIiXIG29eiw2JdCI54cTjpvUBBnMU5RUdLIzffciflKAn/zoWMgJycb0pv4Mc7i5Msc+U4 vynk5OTk5OT8KYR9rsNlZZxeW8R4dLZnzMn5OnzW6SqYS1uMhGBPnsmYC/RjYrJUHXHgskly2LDt T8c5sN6QiMMnQkUSFj96BzMffJjEk/VZd4gzOOlm6jXjmffWe0G0Woc2hs/efYUf/Ph09ja1ISbF ePAuRZxGvEOXW/n7//EP7N7fhJM0E64JW9d9wtmXXUvkbDgVFMEmZcaMHsyIUXdgXQ/eKrxXWDEY JyirUGIxRrBGQhQ01ThxWOswIuHisRbnDMYYjAk/93S1cdqJP2Z3YxNaFC51xCJorVBpTJpqxCjS VLDaItqiTEziQesUa1IS67FW4bTFWZWdaHq0tVhb5mDdRkaNu4ViZEjF4kyKmFyg53xzegW6MfpL JRS5SM/JycnJyfkj+HDw4q3HiMM4i7eCtZKVbub30pw/TF+Zrw8BHSMObYPuOt73YrlAPwZ7GxrZ 09CI6e2DzjcT6N6DOEMqgleW2JWZPW0ss+c8TurpO6F2zmJ1B6OGDGHJJ19gfAgMGJ3wwcvP8B8n XUhzTxkn6ssC3Qnljgb+5//zjzR2FL4k0Fd9vISRk+8h8jY7GTc4VWHMmCsZNmIy4iK8BIHuraZq ywbe+uBDFr/4ApNuuonOzg462ttYMH8+E669lhtvvInPPl+GMoKzEd1dnTw0axZXX3stU+6Ywsql n/LTE75PQ0sHcVTm6Yfn/H/snWeUVUW+t+/HWbNmxhxQMaNjAMyIOSCSVCRIzogYQVCUnHPOSJCc dMwiooIokiSnbkIDTewcTtqh0vN+2PucbhDQGee+d5yuZ61aiz6cs2Pt2vWrf2LN1l3EIgXMnDKB Zd+uYuTAvowcPxMRj7Bt61a6v/sOL3d+h2GDBpGelkZcKKQfISPjEH379uKVV17m3Xd68+OadXz6 2T/o/GIL7q1ag+49+vHp8m9QfgIlyu7Da/n9JF8AUkqOnzhhcxxYLBaLxfIbMQaMMEgNjoG48ZEF 2bjZ2eH81r5PLWcnZUE3EqU1cdcjv6AwZUEvy/3HCvQzMGfBEmbOXRAkifudAl0bGcTiCIFQBbzV sQF16r5Azz4D6NWrN3369KV3794M6tGVe+96gE9+2hS61gdCeMm0kTz2VFMKXYlW/mkCXXIycw9X XHYj+XE/JdCVSvDJ3MH0GT2NhJYo5eH7Dlt/Xsttt9/O8m/XB/HxykMbF+0nmPPeOCrcfhcffvwR BZEiPK+AVzq+yJhx44lGizh29CjPP/8C+w8ew41n88TjTzFh6hSiTpxIfjGvtmnJteVvILcgSkF2 Fo/dX4Wl36wl9+RhHr2nCo1admDf7s3kuXH2bFzFPVXuZ9++NKKez6rlX1KjZm1crdix4Rtur1yF 79d8Tzwe5diRk8yduxjXjfPtp3N4tUt3imMxIp6Hlo61oFt+F6WzuD9RrQbRuIPN4G6xWCwWy69j CAS6b8DVILRP2vw5fNujTxDKqHRJ2WA7XbOcRlKgmzCLe9re/QwZNsoaS7AC/YzMWbCEWXMXBgPK 77agS6RU+CJwY29c8zHe7TucFV9/y4oVK1i+4hu+WbGCFR/Pp9It9/Ht1l1hnLbG6ASThnTn2Vad iCuFOl2gG0Xa1jVcW+FuokKmBLpUCd4b3IEHqz1H61df4cX2benQoQO9e77Dz5u3khAyiBXSLto4 aJXgvdF9eGvAGHzpIpRg38avaN+6FUdP5lJQkENxUT7jxk/i21Ub2LLxW5589BlyigrxlYNyNT8u /4DrKlQlGnc5cfggD993J99t28fJzD08VvVRftiyGy19HBllaK/XeX/pp+QXFpObX0w09yTtO77O yaIoHZvUo3GrznhKoZQIsoMKg1Qei2eOoVvv/vhK4hsZxNHbGHTL76KkDvqTNZ8j6njhZ2X7xWCx WCwWy68hDWhhEEYhpEFrxfEZU9neudsZ66BbkW75BUalEg2m78tg6PDRZd69HaxAPyP/NoGuJUpL jFB4UqK8Ip6ofC+ffrMRoxRaq6AshedSdHwvf7++MtsyMjDCIJRCGpchvTrTsfcY4lKi5C9d3Nev +pIqjz5DQpUIdE/EGPTKc3zw2UpiKkj+FsR0R0n4Alf5aKFBx1HGQaooEwe+wcJvf8DzYwglWP/R DB6r+jg9+g6lb59e9O3Tg759+7J7fyarv/6AFo06E/EcXB1DOYod6z7l9ir1caVHxq4tPHDXrWzI yCJj72Zq16zHoewiXKnQIo9XWten7Zu96d13AH369mNQ7570HzqS3GiUJk8/yZDxH+Eog1QCo8L6 7dpjzOAe9BkyCl8nBbpjB3vL78KEFQYSUvF4rbpEXC985sv2i8FisVgsll9DGtCej9I+UhiKDRyd O4Hdnbpg/KBEsLIC3XI2jApKUhtVSqCPsQIdK9DPyNz5C3h/zrxfuFj88xZ0gdYyENzSxYmd5M6/ 38mP63YEAt1opAatBMfTNnP1VZU5kHUSKR2UUChVSI+uXRk2ZT5OWHogKP0mUEYgpcfyzz7huQYt cLUOFgOMwPcivNSkHstX/hTEumuFVj5GByUMpFGB5dn4GCNQspgeb7Tjp01bgsRswiPtp2W0bdWO gpiLUEEcu+u5CKVZv2Y5Nao9S25xMUIJlOOzePp4Hq7dAaEctmz4gUqV7uTA8RzSt/1IredakVXs ILWPFvn0eedNPvzsO3ypERpcIYh5Pp4bpf0L9Xi58wDiQuFLhRASISRKOnR7vQ0jRo7GVwpXBVkf jfb/vTffUqbQOkig6AjJY9XqEEm4KB2s5losFovFYjk72oAnXZT00J6hWMOxmRPY3rkLxk9W/SFM GPd/fbSW/yw0GAlGhXMxTVr6PkaMGG1d3LEC/YysXr2aVatW/e4Ooo0flCOTBiXj5Bcc5MYKt7Jr 516MDlYVg6zoLtvXreTq8pU5XlSEEFFUQmFUHp1f6cqcpV/gmiCrvFGBC5EyEuUl+MeSJXTo+Bqe JrCuG59YJJ96devyw7oNQcI5ozHK52xWQZHIo33r5hw4cBCpNFp4+PE8OnXqTPPW7Vn903pmqxrf ngAAIABJREFUzJrDa290Jisnj3gkm+eeqcWLL7/Kj2s3MHrIYOpWe4JGHXohZZwfVi7j/oeeIrcg wq6fV9Kq47vkJwRSOUg/wo5tm7nv3geZOHkK6zZtod/gEQwaMhztJ9i85luqVH2EwcNGsXrNenr2 7su6DT8jpMvHS6bzbJ3arFj5EzlFDkJppIz9y/fHYtE6iHuKJ1yefa4BkWjcCnSLxWKxWH4DRhlc 7SGli/Y0EQ2HFsxiff9+GBGUzTUmFOjmnzd0Wf6bCQU6JeWd9+xJZ/SoMVagYwX6GUmWW/q9HcQY idEaE8Z7n8zO4Iknq3P40NGghrcJ6n4r4bF+9QoeeeQZ8qNRlIphfIUU+bzbrRfLVq3FC8u+GRMm tjIKLX0++fBD+g8YjDCBqxFGEI0U0OHF9mzftRuhQ4GuBWcT6NIr4o3XXiY7Nw+hggfGqDjZOSfo 0aM7d9x5J889X4/Pli0nISRKxsnLy6Jpq9ZUvutexoweycK579Nj4AS0TvD9ymU0a9WBwmiCbetX 0nfoKCKeQEiF9F2UcFm9+jtq1XyaipUq8VqnruxJ34cUHtKNsidtD3Xr1uXeKlXo238AOQWFeMLF jecwsH8/Kt95P3v2Hcb1BUa7//L9sVhSJQiV5viJLIQMxLkV6BaLxWKxnBsjDEIrfO2glCDPaPzi HETWiUCch9WQrEC3nBGjSAp0rTWe51NUVJT6uyyLdCvQz8K/p2PoVMxN4I7tBfHUKuiQyRqRWiuM ctGhK7nRPloG5dKkEvg6EN+pLJhGYYwK3OdVUDswGeODURgtQxEffkZJrO0ZMQKtBVLrIJ4oKeiN j9E+SvlIrZCGsAScQEkRusuD0BKhfaQmiAvXDkoTuO9rF1/7SKNRUqOlDt3tg7JxRgdxJ0oHx6q1 DK6T9tE6yIAvtEYoiVZOcI2SixWAUtbF3fKvc+pLoGy/DCwWi8Vi+Wcw0iA0+MbBaC/4d1iJKJj7 luRxsgLdci5O111lfT5mBfr/IklxboxGm0AAJC3gv/yyKklOZVQoxGVgKU9Z9Er+P7nqlPo5pQe+ fzZuPnlsQamD1L6S+zEqNbjqcMA1WmN0sFCgjEYajS4V1651EG9kjEQbEfzGlCwwYFyMlqljPeX4 w5iU1CJGuGgQfHb2c7VY/hWSzxpGlDx7FovFYrFYzonWBAYiLTAqCOtUyqTizk9vFktpTp1v6V9o m7KMFej/i5S4owuUCWtBanVGa3ZgHS8RrKV/H4gHeYpgTorXf+dxJkWK0SUxQ+b07yVj4bXGKIHR gfjWJoyPDxcjUp4DRqe2V3obye2f8Xg4NZnIL79vs2xb/n0EAt0H4wX9384iLBaLxWL5VZQJrJ7G Nyil8Y2PVgqtTIlR5wzzSYsFTs/sX5I0zmIF+hk5kZ3DsawcVGgpTmJS5QBO61DnFIuhZbrU32f6 vkn93y9//8v2v8Wp2z/bgHquc0mtlP6Gchrn2v65f2oFuuXfQ5CYRCGUZNvOXXh+OLko465VFovF YrH8GloqjAxc2qUSeFIROXGQot3b0FIgjQy9M61It5yNINRXa000keBQZqZNEocV6Gdk9vzFzJiz IMhorku5VRv9Lwh0i8Xyn0sg0B1f8FTNOkTiCaQUZf7FYLFYLBbLr2G0Jq41vpFIFZRa27dwLmvf fgsjBVILK9AtZ6S0sc+EpaR3793PsJGjkVKW+XmYFehnYM6CxcyatwihFEpKIJngIrCGl8RXh/Hl 50rAZrFY/mPRWiGlJOH5oUB3UEqdOU+ExWKxWCyWFMZoEhqkEkjtIKTh6Kzp7OjUOSXQdZjbxQp0 S2lKC3QdVtTZs3c/Q0cEAh3KdqI4K9DPwOz5i5g1b1GQHV3KVIkIpUEoQ05+IV9/vRLXFanszxaL 5Y9HUqC7QlKtRm2KY3GUsiu3FovFYrH8GkZrjDQY30eaBDGjOTZ7Kjs6vY6WAqH9MPmwFeiWUykt 0JWUSKXYvXc/w0eNTZW6LstYgX4GZs1bmHJxV1KkaiXHXZ91m3fQrUd/Xn29G67jhR3ITuYtlj8i SgUC3fEFNZ+pm3JxtxZ0i8VisVjOjTKaiAGpBUq7yITm6Iz32Nm5C1r61sXdclZOsaBrhZCSHbvT GTZyjBXoWIF+RmbOmc/k6e/jC4mUAikle/fupXf/QTRp8zKNmr/Ia290x3X8VLkxi8XyxyMoCSOJ xBPcV/VhimNxhPDL/IvBYrFYLJZfQ2tFTGs8IxHSx3iGtPlzWN21C0b6SGMFuuXMnC7QpVLsTt9H n/4DUwK9LHszliGBfmZXdK1KapMnE78VFBaTX1CELxVZufl89NmXtG77Io1btKVh8w40bP4Sr3bu QcLxw3hVhdHSNtts+4O15KqtKyTp+zLwpSzzLwWLxWKxWH4LWmmU0igt8ZTEVQa/IIvE4YwgM7dR KYEOVqBbzoxWCqU00YRDVk5uag5WludiZUSg61L1wwNSNb2VRkqFlEHngKCjSCFY9cM6OrzejYYt OtCoVQcaNGlLw+Ydadi8I6906UVx3EMqjZAKqbHNNtv+oE1p8HxhM4daLBaLxfIb0SZMmqwEyii8 pMHLepZaLL+LMiLQ4ZT63qE4F1KzN+MQw0eNY8Lk93h/7kLmLljCgsWL+fTLL2japj0NmrWnXtMO 1G/akYbNX6Zh85do2OIlmrZ7jZHjJjNu/ARGjBnP8PHTbLPNtj9YGzFuMiPHjGfk6LF89PEnNu7J YrFYLJbfiNbgGVDaxQgfIw0iXPS2WH4d21HORhkS6AFaa5TUFBdFWbBwCWMmTmFX2l4coZAGhAah NQkhWLlmHT37D6NRy1do2PyVUKB3oEGLDrzSpQcx10frwH1HGWyzzbY/WAss6BoVTiiSSeOsFd1i sVgslnNjlMHV4GsPI3xcrYkbFbi3K516lxoCa7v5vz1cy38UGowkKdK1DsIlkv2mrBtLypRANwa0 MkQjcUaPmkBa+j58KRFKo7QOXHUMFMUTFMUTOL7A9QSrVq+lbYfONGjajgbN2lG/eXte6dqTuOcH 8TVaYrSwzTbb/mBNa4UrFK4vyMrJRUqJEMIKdIvFYrFYfgUjDZ4GXym00OQahYzk4mbnYpTGhGJL h4viVqBbStBgBBgVGkcUnutTVFicEuhleS5WZgR6KuZcat6fNY/lX30bWsoEWstgFSds02bOZtLU mUHiCyEQvuDAwUymzpxLyw5v0KB5e17p0p2476PD32itbLPNtj9YU1rjSYXr+9xzXxWi0ViZX7W1 WCwWi+W3YLTC1QIhDUoYIkaQOWs6a9/qgREqZQ3VBqQV6JbSGAXGDzVU4N28a2caffsOsJ6MlBGB rjVIGbhObN68lY8//hTPD0Q1oStOKomcUcxdsIRZcxeitMYomZrIawOHjhyn34AhdOn2LgnXDX5r Yygslj8kWmsMkBCSajWfI+q4GK3D59pisVgsFsvZkEbjGYFQEuEbXK3ImjWZ9E5voT0VZOdOWtC1 FeiW0uiUYVRriVSatL37GTZiTJm3nkMZEegGUFpTHInSp28/srKzkee4+XNCgW4IslGW3oZSing8 Tnp6esoVtqx3Iovlj0oy02xCKh6vVZeI64XPvH2mLRaLxWI5F1qD9iVSCYQyeEZzeOEkdnXqivE1 WipUGD6a9GS1WCC5WJMU6QqlIW1fBkNHjLHaijIi0LUGIRUbf97M9z/8iJDydwl0pRRCiNQKT1nv RBbLH5fg2XWl4smazxF1vPAz+0xbLBaLxXIuVDi/Flria9DSJ3POZDZ37oYRgUDXVqBbzkCqKxiF CZP1BgJ9tNVWlBGBrnRQq/z92XPJzS9Iie2zjRMz5y5g2qw5gTvOaRkoS3east55LJY/PhqtFI7v U/Xhx4jEEzYG3WKxWCyW34AyEDMa32hcrTGJBAfen8HKN7ujhUyFkVldbjkdQ3LBRmN0YPzclb6X gUOGWQ9lyohA1xoOZBxi1OixuJ6fGizONmAcPHKM/YczETKIn+FXvm+xWP6YaK0RQuD5Pt9+txLX 9RBC/F8flsVisVgs//FoHVRBktLgGYURDtHMA+TuSkNJG0dsOTtJgW50INClkuQVR9idlp4ylJTl /lMmBLoBFi5aymeff5mynJ9LcAsNjlBWoFss/+UkS3l4npcqsZYMX7FYLBaLxXJ2tFZIo9C+QRiN lj5xLRBKoY2tZW05OymBbkBJgVQSXylEaDm3FvQygOcLho4YzeHMo+FgcW6XG6HBUwqhJEpJILDC /7MCXRkwRmKUj1ZBfAVGIf0TRAscXBVB6wKM66O0h1AGXygS0kUIB88pJprwAlf75HaSsTzJVUst MDqBEQKjI0SkwZV+IDaUxmgPoxyk0Wjthx0ejDIYLTFGI4RBe3Gk0SjtB3XhfQffcyhUGqMUUvkY GQvclbSHMQpZqmyG0QoTXttkvcsgRECiVQQRK2Jr2lb2pO0nKnyUKHnoSq5rsIqW3J7WyeQiGmUk ngalfLRw8ZUKMvNrj8yDe9m9bQ/5voerYwgtkOFxKwPKBLUWTfLcjQ63n7xHCqPdVM4BrYNj1yqB EUVBDJVWqWvjqQSu1PhShddUYcL7Io1GlgqFCO6VwGgvdd211igjwm2GfUt7GCNQJuyb2gcjgm0Z BUagjEJqwMTBxML6ogJtEihlQMcRWqN0FKniCOUjzT/3cvxlfJhOxQdpqdCexpcRhBRB+RTjpwZY ozVK+mjlobXA0RohfbQSqYFYl7q/wXWR4f8F52hM2DcNYCRGl2T41NpDqTha+WD8cBuntrPFjgfH 54UrtQ5KeQgZZGs3OpxIaI0O+0bQR1y0KkIohW98tE78r8fPJa9jquwj+tz7NApjFCrsdymXMeMj k3VntQ6eQ6NPedZSmwBE8t5IgVYGIQ1aBceRHG+08JDCw/0nx0JD8jhkeK2TY4Y8LSZRh5U0JNII lFAIDa40CGUwUqOVAOOiS//2HH3cGB2OmTqsex/8XXINSkKYUu+E8BiCaxvmHtECIwXGRPGFQopk f7NYLJayizQSx2i0MCihMb5ESIOnNVLbPE2Ws3OKQFcSISW+1shSNdDLct8pEwK9OBpj0LCRxOKJ cLJaMik7E77SoUBXJeLrXxToWiuMCsSM1BqtEixaMIGePccRF1F27VnL2290otObnejU9R06tu/A Txs34ErB7k1rGD12Iq4mmJBqUSLQVSDOg4mjJJJ/nMaNn6ZazSYcOlGAUDqs9RzUeVc6FHNJDwJl QlGjcf0E29d9zZZdO/Clg68EKz9byCMPP843OzMQvkAoDyOLg4luOHnVRqcm/UbrUgI9/DwUO0oK sjK3cc/9Fan/wkvkJzyUinAmMZUS0eF9Sp6vMiq4JyLG7i0bWLdpE64n8bWkyxttqXDDrRzIjwfC XXtoHQrYlEBXvxDoJrmIYDTG+OHiQyDcfSlJRHNp37wBd95VhTvvuoc77rqbe+95gGfq1GLKtDnk Rx2E8tCqRCwYI9BaYELhLkPRrow6RaDLsO6jViY837AWZOp6Jq9xiXjVYZZLYxwwiVCg+xgTQyuD 0S6+Fkjpk5ubyXerv2Df4aP/ZK89M0YrEokom77fxHerPmfzxp8RrgzONSXQFVr57Ny+iXff7UZW URSpRKrfBtc9KTpL+khKmIWCySTLHqLDfuCHLYHWiWCxyIh/QaA7GK3IzzvCW291In3fQVSy1KLR weKICbbj+z6bN/3Emh++5FhWHp4RKB39/yLQg3/8NoFuTIkALqkxq8F4qQU0rXQwBp0i0E9Fhgsi Srhs3byZ71auJjPzaEqga61RXoJpUyezdsu2f3os1CkhXSKQk8/gmQW6QgmNr8GVOhiLwxe41l6J QE8uZpx9zyXiO7nwco5vJ+PhThfoWguM8Nm0eSUTJs5D+BItbSiExWIp2xgTzKu0NIEBQ0uk9JBS BJ+XYYFlOTelBbrROrCga41v3duBMiLQT2RlM37Ke0ilQxF2boGe8AURxw0zvf9egU4opEAogVHF tGzViG9Wb8FRHu/2eotF8xeQW1hIYTTO8H49adSkGVGliOYe4Z233+FIQSxwzQ+tjUmLltQ+SjkY X7B0wUQuOO9PnH/eFYydvgQnFDYpy5qSKUFutC45J61IuHnUfaoqrV96BVf4CO3z1ZKJXHHV1Xy6 JQ0hBUK5GFmMMBoVTrYD0SRKhLQmsHoaH2P80GqtkFKSl51Bly4dGTxiGhHPR+ooJWLqNEtWeHzJ yXLKMq0EbiKPDi2bUqvu80QSHo6BWTOn0q5DB44WR1DSBBbWUEwlLWa61CCQnKQn/w4s6fo0ga5w o3nUeKwqt99RhQVLPuQf//iQJfM/oNFzNbnkgssZNWk2QgmU9MMFj8DqGljLRWgp1wiTtFDqsC+U snamzlWHQvw0Dw+jTrlvwTYV2iQFigjEeni/feMhhebH77/i8ssvYuS4Sb+xt2pK34fTMVqRkbGH xnUb8sTjD/Dog09TnOyX4YOhtUQrj6+++JgKN97IkZN5aCXRSqQ8IZJ9Rhnww+sSnF9ykUOFVnmZ sqZjPIz2Ag8BGeNETh6elKcd87kzr5cW6JmH93DtteVZtXodQiVFsEwtPIGmqKiINq2bU7XKvcyc tzSs81r8/0+g/8ZM8kmBXtLHkyLXLyXQw0XClIA/fSxL9j2Jkyim44ttqVy5EsNHjiol0BXSifJC g/rM/8dn/0K4T2mvpVLP+i82FJy3MqCkQRoQSiOVQ27OCU7mFgbulElxr4PFq1/bd3L/JX+Xspgn j69UXy69OBII9MBzZ+nS6dR5tg2OK9HqXAsDFovF8t+PMWCEQSqDYzQR46FjeciCgpI51//1QVr+ Iyk9D5cyMGrFfUE04ZR56zn8lwv05M3dd+Agy7/9PhS5vy7QF37wEXMXfRBOzH7dJf6s+08JdINS BqV8InkHaN+hI8cLY/haEYlHECqwtHpSkn14N/UbvECeUGi/gHffeoM5/1iOH7psa50U6ApfC7Ty EE4O1Z+qSsVbq9Hwuaep80JrIkqjpIdQCkdIfM8PPQIkSji4QuArjRQ+jpNHjUeq0KjVKyQ8jSsU yxZOotwV1/Dhz2kUFOZz6MghhJNHPFzdUkqg/TjZxzM5mJGB64tAhBqJUnGEV4SUDkL6eNLBFR46 4RGVAl+5ONIP4309pO+gpY8vVWD5FwmkUuTl5XLs8AFcz8NREiUS+LFsWjWqxxO1apMfdSkWEifq E9c+MZNAex7aFfi+x9GjRzlx9DBCSFwNQimUn0AIga810WiUwwf3EUskcJMCWpdYzZxoHtUffpCH Hm1A3NMoKTGex4Hdq7i63NU0avUKrvRQ0kP7PrnZWRw8tI+EkDha4wuBFjGkHycrO4uTWceRIo5S AkdIlNIY6eILj7gM3MGMclEiQVzIIA5HuijhUVBQxNHDmbhOAk+ZQPAqgZIuRQU5ZBzYS3FxIFyl X8zq7z7nr38+j4HDxyCkQiqNLyWeEKjQhb9UTw1CB3TQkq5FQTlBGYRnSIFUUSIFRWQeSqPWU3Up KogFLvfhNrQWKOVSXJjNzp1biHky2JYSgcuSlmiZQEkPV2ocDa4ygYgXAiU1QkmE9lFGIoVCCh1Y TKWLUREK8k/S5Z0+xHyBlPI3D+DGgFYOWko8t5AdOzZTFImjkr83QRiCUj5KaaRSFBXlsOyLD5k8 fSGuFigVLPr8M/s969igS0o2nv756S+mc+0ruZAlhUTK8PlWAqV8fBU8q1r6KN/FEwohPJSSSJ1c QAzcxo1yEVIglSBalMX4CaPpO2hwcE+T3jd+nIMZB8guip4yFiavR3BOOky8J5Ei+blCSwcR9kEl XGQ4/iSvQcnvFVIqhNTBMWoQUqBEETOmjWPE2Ol4WuPLoL8YFYRKnPHaQNDnlINWHr7W4bYcINh2 sA+NEh5aCrTUQX8PrfVCBf1WigRGeBQWZZK+/zi+SIb0WCwWS9nFAMY3wVitQWrBgQ8WsGbAkKAG uiwV1mSVuqUUpy6QK5TWpB84yOjxk844PyprlAmBvmPXbjZv3/WbBfqcBUuZNXdRSR10o/4lgZ6y kIbx50oJtv7wGW/1GEJEuejQ9V0YEcY8e/z03Wc826AJRUqh/AJGD+tN/ZavEA8nhElrNSZIpGBU gsP7V3JF+SuYPPU7Vi+fx403VGDVhi14SqNEgiUL5/L3SvexdmsaSiSIFBzj9sp3MGTUBNasXsm1 V5fn8r+dx/kXX0P5a/7OlPdm8/XCaZS7/EreGDKBSrffwpVXXEWdp59ib04+vkiQdeIIbVq34sor ruSKyy/nkQceYNmq9XhSkpd9lKceuZ/WrVrSf8BQbr75TqbPm0Ldh+6j7Ss9ceOC7gPfovzV5bn6 qqu4tvxVXHt1eSpWupPcSDGZ+7bStGVrrrrqKq4rdxnVnqrJuu27Kc7P5omHqlDuovO54MKLuOaa m+j45lsM6N2Fivc9SEFEIByHtB2bqVGnBuWuuJJrypWjw4svsWbzTlwhmTdjErffehvj35vN/VWr Uv6yS6lWvTYb0o78UqDH8qj+8EM8/GgDYo5GSoHyEmzf/AVXlbuaZu3ewJcuiUg+wwYO4qqrynN5 uXJUefBxvt+0HU96eJETDOn7LldddTVXXFmOfn3epkqVKjRp/hLxuEv69nXccP01LF2xGk9JivOO UavaI7Tr2oOo1hQXnKB/n15cdc2NXFXuSh594H42bdmF62qUKGbsqKFcXf46LrviMipVrsSs2UsY 2KsT5a+4jL/++WIuuvRKbru9Irv2pPHaG2/Stt2LxBIOQqlS1kKFEA6OW8wXX37ESx1fonXr1ixe tIRpU2cSiyYCEW0ctPQoyj9K7acaUFQQCVyjw20UF+fTp3cPBg/sw6hRw8iOBqJMy2BxSCmfgxl7 GTx0OM1atKZH7z6sXrMWoTSuE2PcyKGMHz+e3Wn76N2nDx1fbMeyZV/haoUSLvkn9rF7+wbatn+D tIwjHM48wrHjJxBS/mriRy0NrlvM5IkT6dO7O3379iTj0DEc4YeeCh5aJcjYn8agQUNo3qIFc95/ j08/XsLk9xaHLu4xlFShiPx9Il1KiZTyDAK9JPRBSh3u5+z7ksonJyeLIQMGMmLIMPJy81m8eCnt 27Vj/OSpOMJHK5d9absYPGQULZs1o/u777Jxy/ZUGIxRHscO76NPv8E0atqcKWOGMmrEYHoNGgZG IpRk7U/fM6hPDwb2H8TWPQdPuc5ZWVkMHDiQsWPHkp9XwKKFS2jbrj0zZswKRbQgln+M9xcspW27 DrzeoR1fLVtGvhO4qgvpk5WVxZgxY2jTpi1vde3GgvmLmDx7Lp6vicfiHD+8kyEDuvPWO0M4eOQo BzMPk5WdixAqXET9JQYQyuPH775k9PDBHDyZRSwRYdr4kfTr14/VP63HlRrPF3zx8QcM7T+A77/5 ga2bttKlSxc6dHyZPen7EEpw5PBehg0YTN++bzN7/pd4wq7uWywWizSgfR28p4RBac3xmZPZ0elt Wwfdck5SXSH0FC2pgz7GWtD5LxfoEIj0Ldt2sDNtXyqW8tcF+gfMmrv4lIRBJhTp/xQmmQhLIZVB a8X74wYzYOh4YqYQLR2MVAjjoJUmEcmhVvUnGT9zETGlUH4+ny2azl1Va3K8IBa4qiZjyI3Clxot T9K84eNUr92aHCeGGyugWd1nqPV8M4p9iRIFLHl/DBdfX4mVW/ailUNx3kGuvPoauvcfSqQ4n/U/ /sgTVSpRs14DNm7fQuaJE6xYOJ1L/3oBNeu349ih/cyZM4/LL76EwdMW4Lp5PPZgFSrdXYV1m7eT l5vD6+1aU+7qyqTtPUhe1jGqVK7IZRddROMmbfj482Vsy9hBnTsr0bRdJ5yo4MDx/WzavInNG9cz Z/okLjjvr3Tq2o2Y71OQvZ+lH3/CsZMnOLp/O1Xuq0q7N3rgeQ47tvxE3RpPUuXhR1izfjO7Dx6i 91sdufqmu4lEJMf3refW66/h6Tot2bN3L+nbN1Lxltu5o8qTHMvOY8bEEVzw17/RuG1H9h88wM6f V3HVlVfT+o1+Zxboj9xP+Wsq0Kh5S5q1bEmD+s245uorufb629m4Ix2jHfr3eJubrr+Rzdt3cezk EQb378X9j1QjKzeHaWOGcMkllzNo3Axyco4zdnR/LrzgQp55rhWO45G29QfOP++vzFv+A55SRPOP 8sDdFan/cmcKtOLVl9tz1513snr9z2RnZzG4f08qVqzCe1PmsTdtHZddcjmzZy/maP4JVq5eyfjJ 0zh+eB9zp4/nvL/8hVe79mDrjl0URuN8v+Ynvln5Pa6QYSx7sp9KpHKYv2AWjz/xMBkZB8jLy2Pu 3PlUq1aLgrziQJgaDy0divMzeeapBhQWFiBSMeQSIRLs2L6R7775jKeqP8H+nPzAC0AF7v65J4/x 2EMPMWvhh+Tl5bJ5w088Xe0JDh47iSejHNr3M/fdW4WGDVuTtnsv6bs20rJVS44VxnATUbp3asfD 993FNdfczIMPV+PBhx6hXv2GxBKJkgnAWR5FJQ1SJjh4IIOfN/7Ac8/VZtXqdYGF2QDGw/OKqf7U E7w3YyZZOdl8+vEH3FHpdiZPX3KKQPc8j4KCgt+1uiuEoLi4GClPdZOWyic/P5+cnLxgYSR0rz6b u7vWCaRMcORQBhVvvo3GDZszfvwUcnNyyTx+Ak8KcrKO0Lj+8yxa9AG52Vn8/PNG7rz3fjZv34lU ikS0kOerP8mnX35Ddn4hG3/4hr9XuIFeg0egtUAoQX7eCXZuWUvbNu2Y/+FXv7CgHzp0iPvuu48+ ffozedJUcrLzOHb0BFJopJtgVN+3eaXLuxw8epRjh9J59tlneLvvUIT0SDgxmjRpwrhx48jOyiHr ZDbNmzejXdcueJ5ix+atPPXgvdx20w3ccMPdPPDQI1R96EF69emPK9Rp3iClro0JBHo95UN3AAAg AElEQVT2sXSaN36elRs24UmHjL1b6NixI0NHjsVTJrwGBfR6uxttmrWlRrUaHDx4kJPZORTFEnjS JxHPZ+fmLSz5YAaNW7xNzLHlgywWi0UYUJ4fJGEVhoiBI/MmsKvTmxhfh3MHK9Atv6S0xsJYgX46 ZUKgb9uxkz17M1Iu678m0OcvWMTc+QvD7/96fOvZMKns4YGLr9CSgb3fYeToKQjtY1QUJTw8RxDL y6R9q+b0HjaEwqiDUkU42uG7zxdx0233k34sK3BF1TIlRKRy2L3pWy7729+YMfcTTjpxnGgBS6eO 5IprbmH1rkP4ophFM8Zw6fV3sGrrXrRKEMs9QPkryvHu0KkI5eE5Eeo9Upn6bV7C03E8o1ixYCJX XFqOmT9uRruSIwfSuOO6a2nSazgZe7dwfblyDBw3E6kTCOGza9MK/nrhZSz89HtyszN5uOJt3PPU s+TGI3jSoyD/KDXvuJUmL3Ym4kmkr9AqytFD+6h4e2UaNWlFcTyBVB7x/OOMGjuSl197idbN21Kh wt+pUa8VxUKgnBzaNX6OarWfI9/x8JWm15svcXWFO3AjPotnD+SiCy9j7per8aWLjhczZHBXLi1f gc3bDvL+1MFccnF5NqUfQWofI7O4p3Jlnmn0dhiHHoQRSK1xYrk8/fD9XHf9jXTu9i7d3n6bO2+5 ibvueYI9R7NwpY8RuTzx6EPceHNFmrdpS+uWLWhS7xmuvvZGVnz3LTWrPcijtZtyPO6gpKQ4/wh3 3XwdNZ5vS9xz2LN1DeedfwFzVqwjoQWRgkM8fE9Fnu34DsdyM6lR9S5urnwfLdp1pE3LNtSuXZfz z7+EFs3bkJN1hJsqVKDu8/UYMnwo6emHiHsCKQQ/fP8Ffz7vf+g3emRg+VfyNFdiH6OcIPZbanwv h/ov1GP34WNhvwfP8Vk0fzHRaAKlJUo7GOVQXJBB7eqNKCiIIY2Xcg8PkhEKCnIO8Vyt6mRkHUKq RCDSfckPK2bTvGlbvv1xLRs2rmPjutUMGtCXLt174UiPgtwMbr71BhZ+8lngXu8XMbjXm6QdORG4 vscLyTqSzkuv9eJoYYRoNEYi4YRu1ZQknDvTswgYE7i4S7+QNm2a8N3qdfhGBgn2ZITDB7bQsUNn EiKBLx3iIs6MaSOYPH0xCaOJKg9fSjatXkzNp55ly/59QViGPvukwwBKKqRx0MlcDqqQTV9+yBNP 1mB/5n7yjMLTGlGcTb/+/Zj+/iwWLJjP+AmTmThtdmAlViKs2qDDhJHhpEcKXJ2guCCP6y4pz4z5 S/GkRiodhKHIBLOm9aVx/dasWb+BH39aw4a1P9C+Q0dGTJ6JqwXLF02idoOX8JSP0ArlJujzVmv6 DhmB1GG2fu1hZITeXd9h3kdfh1b9ZLiNS3HeSa6+8BLe6Tss8NzROqxe4ZOxdytPPnY///j8G37a uI4NP63j/dkDefDxOpwoKmL5R7N4snoLIlLhiWKUr9i6dSPT585FKIMQEieaxcSRQ+nZbxoF0QiR WBGu44c5ELyzX3utUG4uvV5syI+bdiOlh5IxBvbqyqDR0/CUwVMaLYoY3rMPj1R9jBNFxUHeCKmR QuNqD6U8jBRs3/E9rZsOwHeDUIjUGlc4JicnohaLxVIWECbwDjXaQQlJjoFjcyayq1MXjKfCai8l At1iKaEkIWsQaqlJ37ufESNG/1tCCf/o/FcL9KQY2bZjF7v3HgxdOn/dgj537lzmz5//u1dwkpZu jAyyLGvJgJ5vM2rMBDxN4DYsHXwvwjtvvEqtp+uQHQvK+GgVwTGSVZ8t5aZb7yft6EmSpamSAl2r AmZMHMH5f/orfz3/Ev583gWc/7e/cPGf/8z5513AwAmzcaXHopkTKHftrazckoZSHkVZByhf7jK6 DZuBr31cJ0q9ByvSqP3ruCKGqxUrFk7kynJXs3B7Oto3HD+Uzh3XXcsLPUeye/t6rrv0Uka9Nx+l omgt2bvzR/5y/vnMXPoNubkHeaTiLTzaqDWRMIY1mn+EGpVvpsmL3Sj2FEY45J/Yz/333k2Vqo9y NDs/jIlPMG94Vy6/8kamz1/A3i2bqVXtcarX7UBESEwim3Yv1OHJGs9Q4AZx6326duDaCpVxiyWT x3Xnkosu46NVP+FLD+MlmDK1HxeVu5oNPx9g1tQBXHb5jew7mhckWpPZ3Fv5Dmq/0A2RzOJN0oKe S42HH+Chh6qRG3cR0mHm+EFceFE5PvthE46SGC+HB++9i+p16rIjfR97du9mb/omdqenk3n0AA9V uYMa9dpQ5HvIhEA4+dx98w1Ur9eemOeQtnUtF5z/N+YuX0tcehQXZPDQPZV57rWeHMk9RLV7KvFs 8xfZmb6fvbt3siv9ILt2p3H48BGk8NizewevvNKRv996C+Uvu5T+46cTU5K1337I3/70P/QePTFI ShcOdkmRjhGgE6FAN0SLMni+3jPke6ZkpVsZtNRBWSktgyRryqOo4CC1qzemoMBBGA8dJgzUoXgs zM6gfq2nOJy9H6Vi+Aa0K/jyg1Fcekl5zr/wYi688HwuPP88LrrwQho2bUlCaopyD1LprlvZnXks SNwnIozo05m0o1mBCBYORbmZvNa5P1EZnIcUOnCjNnCuhbTgnJwg3MQvoE3rRqFAVxhpMCLCji3f 887bA/G1hy8VUjmsXjGfMTM/wdMKVwk86TJrxFBmLljI+4s/wVc+QoSJE880BigTiFnjB140QiPc KC+3bUvffoMYNWkqvnLxtCQvbS1Tps3CEUEMt+MLThYU4UsHKRyUIcxmHizUKQNGKDzjEinI5bpL ypNxMgdfmbDEocDIBAP7tOb8v1zJ+RdewgUXXsglF5zPhRdeTM/Bo4n5Pu8NfJem7XsijYcrBEYI 5k7tR++Bw/FN0D+09jEySt83uzH3o+Upga7C6xrNP8l1F1zGht378cJkdUYGyf22bFzJ9deW47zz y3HehZdw4QVXctElf+PWyo9yJD+PcQN70LxVd2IalC5Gi6CUo1AaV+gwyV2EaePH0G/wLIQRQV4C ZcLJn3vWMVhp0F4BfdvX5YcNO8OFjgQDerxB/9Fz8LXA1wLjOwzr3p3Or75J3ICnQUqD8g2u8cLn RLJ9x2raNBmM73qpOH5Tqp3Li8NisVj+2wjerRKtXYxUFBg4MH8G67p2x3iyJNGmHRstvyBZhSWY t0mp2Ju+l5EjRlmBThkR6Fu27SDtwOHfnMU9NzeX7Ozs352gIJUkTuswxtxn7vjB9Bk6nKgB7ftI P5/+A7vyVreeFBZEcISHK02QmEgqPp87kypVa3K8MB6U80rWMzaS/BPbufXWW2j9Ule+WvYlK776 kM+XL+ezr5Yx4M0XuenvldmYnsmyD+dT7vIrmffRVzjCZ83qb7jkwgt4Z+h0hFY4TpTGTz/Eg0/W pChahCMlyxZO4/Jy17F061609jiWmUbF62+geffRFBae5LabrqVRi9coKs7Fcz0WzJzEhRdfzvcb dpGXe4AHKt7M4w2bEpVBjfHiwuNUu+N2Grd9i5jnUJifwROPPcitt95KWsZhij1JzJfE4kV0eLYK lao+x+H8GCcPbeG+O26m+rNvEBMC7RXyevsW3FrpDg5l5eD4kn5vvsS1FSqRiGg2rV/BlRedR+++ Q4jF40QK8qld53Eq3FqRQ4ezmTllCJdediMHDucELw1ZzD2V76Z2wy54YZI7AyilcSP51Hi4KlUe rkVO3MeXDrHcozSuV4MKt9/Ppv3HMX6EF5s24O8VbiLj8BEczycSKWDLjj0kYoW89Wpbbrq5Ej9u WI9wBWtWLqPC5RdTvf6LxDyHI2lbuPj8v9Jz8BhiXpyf13/DlZdeRJ1X3iHPLaZJ7WrcdfcD7NuX gefHyYvEWLfhZwqLiolFiti3dw8JJ0HcSTB2ZHcuv+5m9ufksW3151z8P3+iY5e+OH6QkCvuesQ9 H6mDhHTK+EgTPA/Sz6ZViwas27KtpP8qTWF+UZCsTcogA7vSFBUcoXb1BhQUxvGNLKmhrYMkZUXZ GdSvVY2j2YdQysHVoDzJuu+X0qN7H6IJByl9lPRxXQdPaXzlkp+1j7srV2J/xvGgNJhfwPA+Xdhz JBvfgFEexblH6NixM8UJJ7SyS4Qvf1WgB65UgUCXfiGtWzdm5eq1QRZ5aTDKIfvkAeo935Ds/BN4 ShOPZtGjS0vGzPwEqV2MLmbLtx/QrusAIkXZ9B08isJYJLDinmUMUBpcLVHaQ2oP5UfZvWsLb/Qf RUFBDq927UE8WoCSLsVZ6bR98Q22bNtNPBrDlxJHCaSKI0WMhOMQ92UY6hKGKYjg+YoV5nL9pdeQ m1eMTJZ01D5G+iyYPYqub3TD9T1EmFXf9QVRofCVYP2KD6ny4NO4IoaUCi8ep2mjGvQaNAxP66D+ uA48Lvp0eYcFH31RkmU/vK7FeSe5/Zob2HvkBH6YeM2EpSEzM3ZTr3Y1MjNP4Poe0tP4soBiR+L6 DhtWLuHxx+qE1R3iGKlxnBhZOblB/XOtMTLO9IljGTBgHNoEyQwTiSARnjpHHfRAoBfTu2NDfly/ BSUFBcU51KnxOP1Gz0FoB6F8jJdgSI9udH+rJ54Jkx0pgxIG34gg/4dUbNv+E62a9cb1BL7RweJT UqDr0tYAi8Vi+e/HqGC+6huB8YPkr/Gso+SnpwfvDlWq1OX/9cFa/gMJ5mxJA1IsGuPYseOnGJbK Kv/VAj3Jth072bozLRBk6tdd3EtnUv49nePULO5BRu6tqz7mzR6DKJQarYr5/KM5lLviCia+N41F ixewaOFC5i3+gD17D6F9jynDBtC49etE/SCTdpCsK5gwjx7UjYsvLUf6sVykcjGqAE8rYsonc/u3 3HDNdbTv0oejB/fw5CMPUeG2O2nUrDV16tTl4vP/RvchUxFKIYTPtFEDKHdFeWrWrs0Hn3zK54tm cnm56/h4UxpKx8k8tIfbbriBNt2GI/w4Hyyezd9vvouna1an/vP1uPP2irRp9zJFsRh5eYeoWukW qtV/IUhup2MUFmXxeOWKNG3bBddLMGTA2/zlT3/irrvvpn6jZjRs2ppmbV7k8LFMPl88jGuurki1 p5+lUYNnueXmG6jzbAcSQqBVgqUL3ueq8uWpVuMZhgwfQ59OHbm+wm0kihUJt4ixg/tx60038cwz dalVvSa3VbyF3v3747qCGVOGcell13Pw4EmEUEgR5d477qZOg9dDgR4knZJKkygqoMbDD3D/QzXJ iwukcjB+gu+Wz+Pii6/kxc79kJ7LtnXf89B993DX3VWo36AZteo8Q/NWHYgWF7Fn21oeuf8h/n7b LTRv1JIWjRtyc7mLebp+B2Kei0wU8OTD91Huimt4oUlj6tWtzTVXXUHdl7tQpATbflrJI1Uf4b67 76VR4wZUr1Obus/X5+uvv2Hdmh954P4qPP98XRo1acy9Ve6jQdNWFESj5B7P4Pna1alw0y00btaK tP0H6TdwCD369CeScBE6EDaB14BAi2KWffEhT9eqwZzZs1m4cCFDhw7jjTc6E40EsddHjxxi2uT3 GD1iEHdUvI+Ro8YwbvJUNu/ag5SCvWlpTJ48iVFD+3FfpdsYPHQQkydO4OcdO1CeJOt4Oi80asLQ YcNZvHgRCxbMp1+/fqz7eTO+iLJ43hRuvu4Gxo6dTtzxWfbRAurXeYq+Q8dx8PhJlPKRiUJaNG3B uPFTWbBwAb1792XF19+FbtjJuuq/RGlNbu5RZk1/n0kTR/PgQ/fSucu7jJs0ma+WfYsUHk6iiFYt W9GidTPGjR9P504vU6vmk7Ro+SJbdu7A8/Lo/XoHPv5uDY4bZeyQ/sz9/Bs8L3C1zs/P5/Dhw2Rm ZnL48GEOHz5MRuZh9h/KpCBSgFQeUsZZNG8a3+9Mw3WLWDRvLivW7UCLOJ6I8vGyFfTo2Z1hgwcw cfIUtuxMR0hJxv491Hn2GT5Z9vUp5QC1VBzcu4txI4dR7qLLGTVsLJMmTeGnjT+jdBwjJXlZGbz2 8muMGDmKhYsXM3/BAnr27svan7cGdUdjubRs0ZaOr3VgyqQp9OvRg0cer0qd+o3YmpZONDef+XNn MWnSeJ59qhZtX3qZCRPHs2TJh7iuT9qebYwbNZTyl1xOv0FDGD95Chs3bUkdp/TjjBvRn7feepf5 CxawaN6HDBk2mJHjZuG5MYRzgjdf68zb3Xowf/FcFs1byKuvvsK48RNDTwCNUS4/fPs1LZu1YdHC +Uyf8R5vdn2HnPyikkz8Z7nvWjrMmzyUZs1aMn7cWNq/2IGnn3yUOo1ac/xkLgk3xhdLplG/Zh3q 1KzDuAmTmDl7NpF4HOUrHOGxasUKpk6aRK9eb/Ng1XqMnTCJqbNmklMcRWpdSqALK9AtFkuZwUiD r1XK20ppEMJH+34gzktXJLEK3XIOSnt5JrWXFej/5aTv3ceqNesCa8pviEH/d5GsS2x0kIhKKZ9E /kFat+1CVrGDUTms/fEbhg1/jxFjRjBy9DDGjhjN8NFj+HnLLpRbxDtdO7Hg4+X4yVrGKkikoKXP R0vnMmfePBypw7rYDtpoPC3xio4wf9Eips79gEh+FsePHmTy1BnMXfwhB44eZebkCXz901aE7yOl RLgRNv28gVFjx7Nu42b279rCuImT2XM8H1/GKMjLYdZ7U/h4+U8IIfCkx8lDx3h/3lwmjR7Pts3b 8LRGSpdovJBFM2byweefBRm4VYKiWIQPpk/nH198h3ATrFj+GaNGjWbUqNGMHD2K4aNGM3HKe5zI ycXzo+xc/zNTJoxj/dZdLP1oKZ/94yt8JfCEhxQuO7ZvZdz4iXzy5desW7GCqTPeR8ZUmGk9zr70 7bz33ntMmT6VYydPIGXgrr1981pGT5hKbk4hvu/jixhz35/FB59+F2QkD+the1LjxhN8MG8O8xf/ g4Tro1Tg5horPs60qVOYMmsRjuuhhUOsMJflX33F6JFjWPzxpxTGEgjPR6sE+VknmbNwPgtmLiT3 +CHuu6UCT9d/iZgX/Db7ZCbz5y1k1pzZHMw8wJw5M1n8xdeBG7d0iRXms+yLL/h/7L13tF1Vuff/ /vWOOxz3vgKiiA3LRcR29cq9XK+IIiBgl2IDRCkRREhoghRFAumF0DupBJQiICRAKCGVVEgjlfSe U3dZa87neebn98dce599kpOC4I9y5meMZyQ52WfVueZe3/m0ITcM46+PPkprW3ucxMSzetUKxowZ zYAhg3lswnSyisN8Tq5GJWvn+acf4cabb2Xj5s38/Ylx/PWhR8hcR+ssHwQNGeYd6sosXDSfSy6+ mLPPPpsRo0bT1NyC94p6ZeWKpdww+BaGDh7I4EFDGXL9AAZefzOTZ8xB8oyF8+YzaPBQhg4ZxPWD +jBs6BCGDhrCpDlzYrs0l9NWauP2W2/jrDPP5IorruSRR/5G7hWREg+MHc7Ng4dyx+330JzlPPrA SIYNGcjAIbexZOVqcl/GV9t5ec5MLrnkCnr16smEZ57DO0Ul1g9onNw7m7Jp42vcfMNtDBkyiAGD rmPwkBsZNGQoDz70KN4L3jvaW1u5687bOPs3PRj3zHhWrF/LbQP6M23ubJYvmckxx/6Qq6++iquv 6c/lF5zGiSedRVu1inrl2WefZdiwYQwZMoSBAwcycOBABgztz/WDb2DGK7MRyXhtzav88HtH88c/ XcW1va/iTxf14NiTL6RSLVNWpWo5wdoIWmLK1Gl894cnU64Imzes4aweZzH24ccK73Scx7wqy+a/ zOABfeg/eCg3DhjG0OuH8uyLU3HajPqAZBlbNq5m2PXDOLNHDy659HKefWES5XIFU8VUKLe1MuSW G/jt2b/l4bFjmLNoDoOG3cjUl+fRvnkTd952A4OuH8oNA4cxcPBAhgwdzMiRY6hWcubPm81NNwzm hkHXM3DgQAYNHsLEKVNj+DexJaTPKjw94Wl6nt+LC393CSNH3c/KdVvwPifTMq68lb/+5S+cc965 /OHii5gybRrVLC+imDq88Y8+/FfOOedsru3Tl8XLl5N7qdcK2bkJ5VIzNw4dzMUXXsis2fOYM+NZ +gwbzLo1WylVtvHQiOsY2v9mBg0exA1DhnLjrTeztb0VzWNrwqf+/hjXDxnI0OuHMHDgLQwePJib br2ZTU0tRXRUkWZR5NIlEolEdyCoxfe8ok1W7J4RYuva7QrDpTD3xPZ0rktg6Tu0gW4h0FevXc/d I8d0eGP+fxLoMfxTIHh8iEXigrRw+um/5u9PPot6QVTItIp5wYtizhDLcc7TtnkJvS6/itUtVdQ0 9mmuhcuLxt7gEgVZZka5KBqlroJTpaqGExd7EIug3pGLUvI5IW8lUyFIHotYicd8FV+89AfJUauQ mVD1ZST3+LyEyx3Oe6riCeW4H3MxV7RqFYLPyMUTMqXiq2Qa+y7namheoSwae5VLLOxltfPS+DKu YljuyFXJNENyw6SEF4+Z4MxQU8RVEO8oO8HnnnKeEaoOKQSHK3paO3PkYpg3zCsmOVWrIL6CqMNJ GdMMJ6HwghUCXQ3vfVwFlmrs0+0Ur4KKoNKKSJWKGLlI7COuFUyqtGsM18+cJ/NlxGdUzLAsINUW vvrZT3PMCWdTyh1eNLYgEyMXxZmi4lEvMbpBclTaEZPY17roEe29ElTQoq91bGNWIlclV8VcFXF5 vB5WWL3ntMae7pIhwcUCZnn8Ha9ajEtFLO5PxVBnqKtiLkZxqCpeWnBiZF6xvIo5h5MQx4Q5JHdI rrSbIWKYU0Szojdq7AMfW4lFL2cuMYetKiWaJUddGyrVYtzG8GfNc8S341yx0qoB75RqJaO9vZ1y uUS5XN7BsmqFYKUYEi9lRNuLSAlBTci9K66Rx7xSUcFXN+KlFXGeqmtl9B29eeT5qby2YhmrVi5l xcoV3HlDbxYvX0tWhGNtv0CgWiWXHJ97KtlWLv3DBQy9fTQrV61i+ZqVLF+zjD/0/CUjHn6cDcsW Men5F2lraaLc1sT48eM5+fSzqOQ5lfI2/nzNn1m2dgNi1AV6FsBchpMKJTNCVcglp+IdzrYiPqAu Q30zJh5RxRm4ov2d+Bxn4LMS7cFwTjBXJQsep55WNUKljEiZikgcB5rFcxVDnOFdBZUsPtMSn+NM NLbfCTFdxHvBaTXOM05QH/Aq5E5pDYr5LahzVMURpFSM/bhoUmujZuYJVkHE8FqkaYin3N71PS+V SrS1teG8x4kjuFLsAa+G+hbKFtMFxDxBNuMkhvyHzJGJUrG4MBXz/nNES/Vn0tShUsGJ1MW5GfVz TiQSie5A/XtIlFxzfMjQPOBCMR9aEuiJndO5sn9KE2ukWwj0bc0t9Ok/iEqW7zIcskZrqURLewnZ LjznH5tY4opQrGJpBHPcd99oLrjgYnzuoygIEvPUNRSTWXzRf2nKC/QdNCjmyYaOfuy1CU/rub/R i+RD7cXdx4JS9ar1RTisWSHwhaBRzNb+L9TCZoN1eOiCL6okF5U4az2azWLuctGiKqjFfM0gBJWi t3IU0rGAWFEgRAVfXFOtV9Uqro8VvxcgiMYCTMV2YmG8osJ6w7VQiRXt1UBUCFJrfRTDt63Yf62l mBXnq0Hq+zPzxf4b8kgpFkHMit7zEv8s7mGtyJoVFfVr9yEKCEGCFcdVu3bFz8TIq2W+9+2jOPM3 Pcmci4W2aqE8AbQI0a6104vXpzj/4pLVPh+sVnXeikiNPFaiLxYaTKS4l1b/bMffa/dYYz6xhvr1 NC3GWcOXaaiPrYYFrhCPv+YlDY2/F4ygMf+s/iWtRRG++jEUI6AQnLE6uaEh5veaunrF8o7ra0Xr wlo1c08wx8033cBJJx7PCSccz/HH72hXXnE1eTVHfOzHHkIe740panExZe2GjeTOo7VFE61CyBE1 mpu2cMXve7G5pbWoGu9RVWbNmMgdd96LNIRmNRKCFONY2bJ1A78773zWbW6OItEUDcprS2dx4aV/ oNy8jSuvuIKze/yGHmeexYUXXsyixYtj/rd5cueiOK+NC4oiZcW18cGKfMDi2bMsPvcqmOb1sdJx XxvGunokgGroNA/E4nwdY71W9C6EWHG17jUOWh8jcYxu/zJmWLEyHuqCNi7+xHkrj978UEQK1Z+L xroCxT0vflekyuqVr3LKz3/e5T0/4YQTOenEU5k8aQYiGqvKm49RMubjHBZqz4LriLAq5hQtxq3W xlqQhkVFrc/HnWb79AKaSCS6EcFi3rmZIJZTMaHc3Exl/dqYlhk0vg/UIqre6gNOvC2paYtylrOt ubnL96nuRrcQ6Fme06f/QDZu3hLF2m4+f/+Df2PMXx6q56zDmzuxZFnG1q1bdzsAK5UKbW1t3X6Q vhuo5daISOHpLb/hGgfdGytEkmDmWLN6GXPnvsTLL89m7ty5O9jixcsQF6u+WyGuouCLz2DVeX54 wk8oVTNUO/cmV1Wcc5RKpU73a2c/3xnee0ql0o69z4sxYWZ4ySmVSrS3l6hW82JhzO80t767UbvM wQTTjEp5K6+8PLPLez537svMnT2fpm2tWK1Zeqjd+0QikUi8UYIZFQMNPkYaVQOvPvQgL/XuTfAu Om5qC7gkgZ7ooHEBPxQOxFeXreD6m26pF4jrzu/I3UKgqxm333UvL7w4eZcVl2vcM+o+7hoxpugl HF+m38yJpSbWdlUl/s0oUpd4+9B4zxurU6b7+4/TERoVPZyqvh4OvT3iNebSSy3ioCOqQlWp5J6j v/N9StUYot2psE1D+Hojtfu5u2e58fNdbafzfNDhiVftyJ9P46Qg1BZl4v1WdTu95/G+FSkaanQO pUskEonEG6XmQdfgUCkTSsaqO+5gTq8L6gLdkkBPdEGnCLuiOPO8hYvpN3DIDsXiuiPdQqAHYMr0 Gdx4863k3u92ghg+5n7uGXVfEdr45nvQ92TAdedB+W4lVab851AX27YrAdbwLD2n0okAACAASURB VDcUrgmFOM5FOPKY71CqZtRWc/eE13Mfd3XvbbsFgde77e5BLT+t1jfV9mDBtSNEvvG+JxKJROKN E9SKlESPtyomgTV338LLPc8niI81PlKIe6ILuvKgL1yynH4DB9cdF92ZbiPQS9WcG26+laaW1vqg 2NkL8D2j7uOOe0f90wR6IpF4oxT57KFzj9WdPqONedINnvdQeKczLxx17HcpFwL9raoiWhePDaHY SVA2UMtjh476D6/j+qRrmUgkEm8esa5PjDb1weECrBx+G7N7nU/QJNATO6crgb5oyTL6Dhjc7b3n 0E0Euhp4g2dfeJHZc1/e7U2//6G/MfbBR5JATyTepoSgWHBYiEVoLOymQFdN2DV6UIOD4GIOuhcO O+JIStVqvdDgW0FHP+3Y/aG2qJCI1BdYiOJcgtULK+7s8x1YykFPJBKJN5EQlDwUXXJMUAmsufsu Xu7ZKwn0xC7p0oO+eCnX9h2QBDrdRKBbUdV4/YYN9Os/gFK5ihetVxre3krldkqltnqF6PhnsmTJ 3j7mtrN/cBuaY5LhsjLPT3gKl1fewPb+Gef3Vh/H29ssXddkyZIl+6ebmURnl2gsYGpgarEWiHiC M8QHxKB1xVI2vTw3dubYSY2QRGJ7zIzWtjbmzZ+fqrjTTQR6IBaKy73nvrH3M/HFyTi/Y4ucxs+H ogVPsmTJ3r2mxaqtWey7Xe8b/zY4tmTJkiVLluztYFa0O/VeuOPOexgxaixbm9vwXjAVVItipxbD 3aUosNzdRVZiz2gsjF3LPe/uY6dbCPRa/28nnlKlws233s7KVWsQaeyz22G1/MZkyZK9+83Xi9w0 9L9OlixZsmTJkkWzGMLuvKdP/8H87NQzuOCyq3n62Sm0V6pkQVDzBKdkZmQpRDnxOmkU6WnsdBOB Dh25L2rGytVruKZ3X5qamztaGhXtj8wMExdNo73VoUXJkiX755ipI6gjSPGcF8/+W31cyZIlS5Ys 2dvFzAQRIfdKnwHXc9IpZ3HCKb/hpFPO5rcXXMrLy5aSiyc4JfdKrh3e0CS2Ertj+1bESah3U4Gu Zqxes45+AwYz5v6/UqrmeLW6OZG6eVXUkiVL9m405z2i0Svgxdf/9CJv+bElS5YsWbJkbwcTM5wZ VTGu6RcF+omn9OD4U3vwk1PO4rTTzuPa/jexct0GrD1DylkS54k9plGQi0hqN0s3FeiihhpUcs/9 Dz3K+RddxsDrb+bhx5/ksXHP0GfwjVx2dT9uuGM4N901MlmyZO9iu/me0Vx/272c2uM8ht56Nzfc ce9bfkzJkiVLlizZ28luvXcUN901gnMuuJyTTjmLk04+i+NPO4ufnXw2p550HieefD4/P6sHd51/ AX8fOqyT0EokdkXNg7502TJuueUWnHP1n3dXuo1Ab8SswwJQyXJWr13HwkWvsmDhIobceBv9htzI tJlzmD5jNtNnzmH6zDnx38mSJXtX2ZQZs5n00my+e/zPeW7KjPScJ0uWLFmyZJ1sNtNemsWUl2bz +yt7c9IpPTjplHM48dTfceJPe3D8yT048Rfn86drBjP+msuYfvFlmBdMOqq4p5ahia4x6n3QFy+h 74BBnULduyvdUqDvjNpguHvkGO4eOaZeGCNYQ+G47XIjkiVL9s42Nah44chjv0dbJUPNOs0HyZIl S5YsWTLIvXJt36GcdPJZnHTK2Zxw8m85+dSzOf+Sy/nro0+TZZ41I29ifq+LCF4IIvV37CTQE410 DIeaQIdFS5bRd8Dg+pjrziSBXtA4Cd07eix3j7wPtSTQkyV79xtUvXDUsd+jrVzt1OIjWbJkyZIl SxbNiXJdv8H89OQzOPEXZ3LyGecxfMT9tLWUqYripMyae27glV6XEEQwTR70RNfsKNCNhUmg10kC vQvuGTmGO+4dhWgcNDWBnuaWROLdhRVVQytZzreOPpbW9hKqcVEukUgkEolEx4K1V6VP/0Gcdvpv GDnmryxZuQavhrpAHhTTdpYMv50XLrmcIB4zxUJRByokkZ7ooFGgmylelAWLl3Btn/6pfgFJoHfJ jDnzeGnOK6hZffUvCfRE4t2HmWKqlCpVbrn9TqpZjqkkgZ5IJBKJREGtyHLuPXfceTcvTp5G7jwi ig8gPlAJgrkq216Zw7IJz8fv0hA9o0mgJ7anUaCrCl6EjVu38ezESZ0iGbsrSaB3gQTIRHGiSaAn Eu9iTAUVhxfFq+JFMPWYyu5/OZFIJBKJbkCtRbETTzXLUDW8F9QLFTOcQSUYoeTJfGxRbCaIKRpi imgS6IlGtvegiyreIJcYrSHSvd/DkkDvAgugIU5IZlafVNLEkki8u4irs51z7KD7rtgmEolEIrE9 gaIV1na5wcEsetANXDCCF0QC3sCCEYIl51ZipzRqKzVDg2Eh9UCHJNC7pFYQrjEkJwn0RCKRSCQS iUQiYsHQAEECQYwQBBcMn4R5Yg9o1FZRe8VFnUQS6F2SBHoi0b2w0GGJRCKRSCR2T4w2haBG8AEJ ivoylmUEDem9ObFLQqCo+WOdtFciCfQueejhv3H/Aw/FSSd0DKBUOCqReHdRe6bLznPiz06hvZpR a62YSCQSiURi55hB8IozwWtAg7H68ceYNeRmghim1snhlUjU6HB8GgRFzVi2YiU33nRbTKdoaNHX HUkCvQtGjLyP4SPuQzXEyceMYAqhew+WROLdRjDFzCg54Yhjf0BbJQr0lIeeSCQSicSuCQFCLlQt J1dDAqy763Ze7nkpwcdOSLXotBSJmmikPh6CQpDYB33RMvr2HZIEOkmgd8mIkWMZMfJ+RA2NsTsQ JFoikXjXEIo2axVRvnnsj2ituqLNWvf+YkgkEolEYndoAMsFsQx1SjnAqpE38sr5FxLyKNBTFfdE V+wg0FV5dfEK+va9Pgl0kkDvklEjxzJi+H2YhlhFMAgEB8G/ru0EDZgJah4NLVjm2LBsBk88M452 iS0EtLa6qMLSmc8wfcrLLFw4i+t6X07f3n3pd10fru07mD9f15/eva+h93V9ePbFSfTt35e+1/aj T+8/0rf3YP7cpz/9rrma3r378uCzz9G6fi03DrqJ/r2v45rrenPNtX249e7bWfzaaireEbwRLENC jgaHhNheTgOE4CBUMIs9LEPIo5kWOUWChli5Uw2CCZqXeHT4PSxZs4Wqz3ho5C089sSTVJ3izQjq CObj9SgeyOA9IWSIKcEchFbUJEYtACFIQ9SC4V2JLeU2nFRiGLL6uK1E4h9ENbaDKeWeI7/zY9qq DlEpvOiJRCKRSCR2hhpYruSW43MjN1g3/AbmndeLUBVULQn0xE4o9BW1tmrG4iUr6NtvMCKSqri/ 1QfwdmT06LEMv3dUnFi0CG0P/nV70DsEukNCC+YcTz14O3+6tg8lDYgqIcT8HJMqN1x3CbfccT/l UjPr1ixn/doNPPnIWA488LM8PXEqGzasZ9XatTS1t7N2/RrWr13HmtVL+NwnDubR8c+ycd1K1q7f wLrWVpbPmcHRR36fVWvWsXr9etavWcVDD47ly//1VSa8OCeKb82wkKFBsWCYUbSVUzQIIWgUKiFa bENF/HnNTDEVqqU2Tjj6m7w0fxmlrMz4h0YwecYsxGIvzGDxXGttFIJ5gnYIdDXBQiG8LSeoxzS2 uIv7FbasW8FZ515ES2sTakpQlwR64g1hFvOeyrnw9SO/Q0sphbgnEolEIrEn+BC/RyvB4/OA98aK 4XcwrefvCXl8bxSzJNATXdAo0EE1sHDREvoPGIz3vqH1bfckCfQumDhxEhMnTkZFCw96LcT99XnV gloUsOZQK2EuZ8TNvbmu3yDKEuICgMWef+Zb+MOFZ3L32EdQEUwEyYUX/v4An//cISxdswHnHF6V TApBK0JW3spH9v0EryxZRdAMNaNqnvmTxnPM8adRkYAzCOKQchPHn3AsZ53zJ5yVCVqFUImrm+aj d1wdXuMqqIYcgke8Ij5ghZfdQi2qIEd8FTOlqbmZI7/6JRa8thqvHnWtlDUgWsW0jBa/m2ko9pWj 6nG+gpjigiEhhhtjLQR1SC6oD8XiQM761xZx5m8vplQpRa97EuiJN4iZ4kUoZ54r/3QtbeUqXnzy oCcSiUQisRs0gIkiJqgLVA1WT3uRZQ/+rchBt0456IlEB0V9rwaBvnbdBh5+5NHkQScJ9C7pcpUv vH6vWjAhmGHmCJZhrkq/P53LoKE3k1usfulV8Zoj2QZOO+WnPDB+QvS8i2HqeeaBe/nvQ7/NuuZ2 RIqVpkAMPVejtWkt++/1SVZtbo+i1xTRCtOeGsnPe11JSQPelOAFq7bwu3N/wcm/upzMWguBXkLF mDp5PKPvGcvokXdy5lnnsXZTE22VZm6//SaOOeo4fvbTX/HCpOmURVF1VMut9OtzDccecxRnnnE6 06ZN5stf/AxrNm2mUmpj4NVXMH7qHCptGxh89aU8+fw0Lr70cq7pPwxXbWHFqlX8+owzOPJb3+KS Sy5m9ZYmMjFMKzRtfY1Lep3PMUcdS48zz2XBgnncP3YEp534Q750yDfo0eNsxvzlEdRVkG7+ACfe GKFmDav7qc1HIpFIJBK7JxaJ09gD3QfaA7SZEsTX26yl79NE13QIdCC1WduOJND/mQQXQ7vNEyQj SCsXnHsSxx33E3pe/HsuvOgiLrz4Ii685AIu7dmD//zi//L45BkEyYpc7SoP3TaMI47+KVsq0bsc TDtaVpixdtWr7P++A9la0kKgC6olHhndm8uG3kpb5slcO6VSxvPPPsN/fOkrjH9uej3EPYSMkOXc e29/DvnvY7h79AhenvsKldZVXHDR7+g7YBBrVq/kpenT+MlPT+bVleuolpr43nHHMWDoMJauWsXc WVO47Pyz+NgBn2VrcxtNW9ZwxP8eyn3PTGHbhpUcfsh/c+o5l/DMuEdZsmI5r86cyNePPYlnnp/E 5nWbeOQvoznhF6eSizJnymP896GH8ZeHHmHV6lVMmTqZsWPHsnLFMu65vi+nnP4bXpo9k1UbN6NS RZKnM/EG6CTQi5eJ9AWRSCQSicTu0WBkoQh1VyN4JfjU/zyxZ4R6lLLW02dDSI43SAJ9JxhvSg5q J4GeE/xWfnbCN/nlL39Hn3796Nv3Ovr068t1ffvQ/0+XcuAn/otnZs4jSDuiDm8l7uh7DT8+5Vxa JaA+CvS6qFBh3pwpfPIT/0W7i+Hpah7Vdu4cei6H/fBHnH/BhfS64BzOOfdCfvGrXzHuuUlURTDp KBIXsjK33HIFvf4wmDZpR5xnxcvjOO20k1mycg2r1yxl3boV9OvXn6efm8b8WZM47GuHs2pbC2Uz 1Lcx8fGRfPJTh9Fezlm/ZhFfO/TLPDFzAetXLuPrh36Np2cuRH0LTqrc0Psqrr71PlauXc+GFWtZ t3IRp5zRg1Il57ennsD3TzidTI2qZOS+jHjBvOevd9/E76+8mlw9VRWC5UmgJ94QHc9SjEgJZkmg JxKJRCKxB5hZ7H9usbBv8DleDVd8lyYSu2JHgR7rXyWSQO8Sb0YmhmhsEQEdL/Kvh1AUSHPBYrh7 vo3DDzmEh5+ZRm0RQCzmwbZuXMyBn/o005cvQTQUgqHENVf24pzLe9NuseJ0LLZW9GbXCpOffYJD DvsumcSq6l4F8RWu/M0vGPPYY3jnKWmGammnxy8m3Nz7TEY8MQmXlRHvmHr/XRz5tSO4pv8w+vTr S7++1zGgfz+WL3+NFyaM4+c/OYe23OPUYVnGwmmP8alDf0yWtbJ0wUt86SuHsmjZayxfNItjjj6R 5eu3ICFDK+2cecqvOP+yP3NdvwEM7nMNg669hn6Db6atdTOnHHME1wx9gKqBqBGcol7wfhs39jmP P/YZRnsw1DuCC+Sh8o/f6ES3RzXWmSjnjkwUMUu5T4lEIpFI7AHRCWU482SaE7JAmy8RylsIIkUR 4FrB37T4neigYywYKrEPujMjF0VVU5u1t/oA3o5MmDiZcROex6u+QYFudYFuJvjyFr7y2S8zYfp8 YvXC2B9SVNm4bA4HfOxzvLphE6qBoAKhwh8u6cm1N9xNJRA98XWBrgQp89Rjf+W440/DmyLBokDP Slzw8xN47Pnn8M5TsRyzys4Fugh9Lj6Zp19aiPcZIp75zz9Oj1+dTlvm8OLwPi+K1BnTXnyW7x13 EltbS+TiCc7x8Khb+ep3z8D7EnNfep7P/8d/8tra9Sx+ZTrf/cGprG8tocERXJXLL7iYR5+cQK6x 0FsQT1mMcqmZ04//Hr+9qB9lJ3gfC+VlmcdLK1dddArXDhhGm8aHOfiAf52t7xKJRswM7z1V57ns qj9RrmaoJoGeSCQSicTuCMGQYIg6RKuEtsDaic8xf/jdBO/RontPEuiJ7WkU6MEML8KKNet54MFH ur04hyTQu+SekfcxfMwDeHljAh3ATJAQq663b1vPlw/6Ai8tXBm3WeSTW4CFM1/kYx/7EuuaSzGP x3KCVbnwvF7cfd/fyYJh6qLnnNqqZcYj94/i1LMuRsyjQfEqZO0tnPHjH/HsjOl4JzjzWMh3eozq hF5nnMS8ZesR7xFTSi3rOe0XP+XmW25l9ZpVLF78KsNHjWFzUxstWzfwlf/4CnfdO5LVa9cxe8YM jj3i65x4+kWoVpn8/Di++rXD2bytifmzp3FqjwvZWnVIEMxnvDD+Kb7+P4cxffZcNmxYz0vTZ3DP mIdwkvPgyFs5+HOH8sLEiaxds5oXn5/CgkXLcFLijhuu5tc9zmbxqrVUs5zgY1hVIvGPYqqICFXn +dbRx1GqVFGNxRgTiUQikUjsHA2GC2DeEayC+cCqe+5i1gUXElx8L43teZNAT3Rme4Euaixaspw+ /QfVIxm7s7MkCfQuGD76fu4aMTqu+llHdcHXO7HU2peZKU49TVs2cM4Zv2bJ+m1xmyaIxjD3eTMm 88tfnkdLuUIQRbRK5kvcdP3NvDhtAb7wNlvRN52geJ/x7BOPcvNdD6DmCMHjVSm3NtP/ysuZu3wJ 4jxqObaLnA5XyRly3eVs2NIcW7wFQzVj9WvLuXHYUHr2PI+rr/kzj497irZKjvmc15Yv5uqrr+Hi iy/jgbFjuG/UCAbeMgL1GTOmTuTSy6+krVxh4SuzGHb3KNpyj6ii6vHVKi+Me4Yr/vhHzuvZi+uH 3cTceQtw4pG8nZemz+KPf7yCCy/sxW233sWGTdtw4ii1buDmW4fR8+LLWLd+U3yAJU33iX+c2hdA LsJRx36PUjXjTatBkUgkEonEu5pCoItHQpU2gzX33sL8nj1ju2CTJNATXbK9QFfrEOi19MMk0BOd GD76fu4eMaZeKR3+MYHuA5jlBPNk6qn6nCzfRqUYb8E8qopTQ32VPHOothG8xfZrliO+hNeA1ft+ GxJiMY7Yd7JCZiCaEULsk27isDyjZFXEO9TKyC7GuIoh0oL4Sn1BwUwxEdS7GDZfPDwihjghWBkT j3qJq6biydUwFUxjLokvBHlFBe8Vq5+XYZlg6rBi1Uy8xMUB06L/fBXVHBVDNaCiqHOItJA7wamg VsVcmu4Tb4T4YGSiSaAnEolEIvE6CGpULEaLmjlaA6wcdQuv9OxZ5KAngZ7omh0FOixasoy+AwZ3 e3EOSaB3yZsl0F0As4xgOVXzVDXH+SaqVmuTFsVwFLYen2cE3UpwhmjAhRzVtnpO+vYC3ZugeRTo ZlVCyBFVTDzmlYpleJ8j1o7bxTjPxXBaQn170bO9JpQlCuNgsdCHKuY9zgmibZj3BC+otqKSo9pR YEvNEFVEPV4dlnmCNypmlINhXos2b4paDI8y9UUuU4wgEM07esJ7RxDBtBkVxZtHQjvBd+8HOPFG SQI9kUgkEol/hCBGi0EelOAVkcCa4bczLwn0xG5IAn3XJIHeBbPmzGHmrNk7VBG0ACaGU6EcfCEc d54HbYHYLiBoDBs3ix7q+qg0QrBikEZRECyPReCIvxuKImihCLfvWCgofte0aG9R7Kf2OTOs9u8g u2x3EYirn4Ra7q116kMY6p8ptltss7Yfgq8vZHQ6f7N6mErQWCRELYb+hyJMvyaEgsW/1w4zhOjF b9hafV9x/4YFn3ptJt4QVlRtz3LHHXfeRTXLime+e38xJBKJRCKxO4IZLhgiAfFGST1bp89g1aPj 6+/Q3V1oJXaPFU69TZs3M/HFF9PYIQn0LhERvPeISCeB7oKhVUGqnoo5zHnEKT503wGUSLyTqVVx 997jnNvhmU8kEolEIrFzJESLKZtCJTicSWpZmthjas4SVcU5l3LQSQK9S2qe3+1Xb8yM3AwnFiuI B0NCDqnVVyLxjqT2nNdMJL5UJBKJRCKR2DUawFxARMnNEaqCKxterVMUZSKxOxort3d3cQ5JoHfJ zgR6UCMTpU09Fe+xqiHO0ORBTyTekdRWbWsrtymsKpFIJBKJPcMCmA94NXLzhIpDMsEXkWhJaCX2 hO11V23MdOexkwR6F+zsRT2I4fMM2biBZWMfQMvt5BIwTYnQicQ7kcawqlpqS+2LIpFIJBKJxK4w LBg+EAsa+xxn7ZSlHP+3GwusxJ7T6DV3znX6WXclCfQuGD9+PE8++eQO+TMur/LKffcx65gfMemb RyLtKymZTwI9kXiHUhPjeZ5z/vnnU6lUuvUXQiKRSCQSe0wQLAjqAyIBpxU2Pvk4c2+7K+WgJ14X qsrq1asZPXo03sfU4e48frqFQI8VyCFozBvPgyEGpob6ou+2xqrh3oS7R9/LXWOGUzHFqWLtZZpe mMqMc3vx0qf/nVmf+QwvfeM7SHsrWa29RPDJkiV7h5kVLWByLxx1zPdpL2eYBszkLT+2ZMmSJUuW 7O1tggsZJlVUlfYgrBw1jFkXXFC0xtX4Dl7r3pNIFOzYZs2KNmuDUqoh3USgayhae2kgSIhiXQJe lSw4fHBYcJjliGSMuvshRtz7CCJC9dUFzDvzdCZ99tPMPujTzP/MF5h68OeYfOT3ce0tOFG8Wezf nSxZsneWmaJBqYrnyO/8gNZqBTVBg771x5YsWbJkyZK9nU0NZ0IuHqeGc8bGO29nYa9LokAXSQI9 0SWpD/qu6V4C3QeCjznjQQMmAZWAGGTiqeZVfLXMLffdxW03DWDqn65i4v/8L1MP+jSzDj6YGZ/5 PPM+/QWmHPxZJh3xbdy21UjLFrStFStVkyVL9o6zMlYq4UoVfnDMdyhva0Lb27BS5W1wbMmSJUuW LNnb1/JKRiUv49rLVCs55azCsntuY9oFlyUPemKXJIG+a7qFQAeL3vMiRyYP4DRH/VZKa2Yz549/ Zv7hP2DBt45n6g9P4PnDvs0r/3UU8z/zZeYedDDTDvo8sw86hBkHfYXZn/kMSz/976z85EE8cOAX Gf+xLzLpYx9j2gF7J0uW7B1m0w/Yh5cO+ADTPvEhpn/iI0w54ANMO2Bfph2wz1t+bMmSJUuWLNnb 3aYesDcvH7APCz7+fl4+YC+e+vf38vKFPQnOE8ySQE90yfYCXVSZt2gJ/QcNTe1u6TYCPU4MZiBm iK9SXbuC+3tdyrwhd7P+5VdorrZQ0hJeSsxbuoC5C15m6eSpzD67J5MO/BxzD/4M0w8+iAUHHcTM gw9k+reOxG9ZhmRb8dJO1VeTJUv2DrPMValkORXnuPq6AbSWK2R5Tuazt/zYkiVLlixZsrezZb6K d1VKPmObr2CtbayYOImF9/8tedATu6RRoJspqsbq9Rt54KFH6p20ujPdRqBrUYDATCmvWM4Lfa5j zTPPYu3tmORURamK4n3AciH3Qlk9vmUrW+8dwZyjvsNLn/8Scw/6PDM/83mmf+O7+NYmcufIRfFG smTJ3mmmiheHVyX3Qi6CF49Pz3SyZMmSJUu2a9OA+YDzgUyVUMkpq2C5EFQJqmjhRU8CPdFIJ4Fe jBOnhjS0XOvOYe7dQqAHCbRqhs8r+GqZJT0vZcXU53GykxsfhBAUDcWqnwqu1MrSe0cx/T8PY/5B /8HMbx5Lc2UDzT4QKmnWSSTe2RjBFOi+XwaJRCKRSLxe6u/KwQhOCFlALf4skdgVoSGyIkZaGCGk 9zDoJgLdTDFRMudYfPsIVowaQznPCPlOZo+gHXkzBqaeYI5cSqxf+yrL+w3imWN/gjRtpaqW+qAn EolEIpFIJLodQQOhKMZcDUa1+HsisTt2FOiNnvXuTTcR6J6KCaXVm5nymwsorV1FVQQT3+Xngxmm jSEWipnHe0/ZHK7cRmnePKpZG7lqEuiJxDscCyBpxT+RSCQSiT0mBMM0hrObBkoBMnFY5urCPX2t JnZGMN1BoGs3DmtvpJsIdEeLeVb+5XnanngKtQxVRYLr8vNTp77EtGkvoWpADLewYGjRpk0thsP6 IFSLUPhEIvHOI5hiZpSdMuSm2ynnDlPFunlxkkQikUgkdocEUHUE84Q84A02z5jKigcfIziNzq5C pKcc9ERnDIJQSy1UVTZu3sK48U+jqt06/xy6jUBXpNzM/KsH07J+NeYVNcVC1y/hd48Yw10jRiOq qEp9BVAthvKYxvwaNQjeCDvLZU8kEm9rzBQRoeSEbxzzfVoqGSpC6OZfDIlEIpFI7A4JoOIRc2hu ZGosH347M3pdSsijyFKzehX3JNITHRgEDyGOE1Fl4aLF9Os/MAl0uotAD8bmF19kwqUXU66WUWd4 8wTt+ubfO+YB7ho9Fl8T6BZ79LmgmAnBGVr0U/fF5LObI+j8z6AxbD7E/4vFqWorjBYnMYue+2A7 7wUY6PhcbfIzYxcFFrb/ecyz19Dxf8FiS4zatuuTasPnXy9mFILHOm17x2OrWdfUj6H+u/HzZh3b 7WLve/izHfdV21/j50On/3v92905Vt9+5/3v6XY7H2Pn6/RGjqlhu9ZxjHFs7rj9eqjSTsLadjV+ Oq739sew6+N6/XT8rqngvaciwhHf+TEt1bz+zL+5+3wr2f01rM0ZIVAUCimhvwAAIABJREFUyQR2 WMDseIb3bF+N+3irr93u7t/O5p/tz6c2z76Tx0MikUi8OVgAy5WqOTJntJixdtSNLDr/IkJVMLWG InJJoCca6RDoYKgai5csZ8DAIakPOt1GoAvLrxrK3MfH4vMyXgPOlKBdD4ARo8Zyz/D7EI256AQt Xlrj5xvzJXYnOEJQCHkUvrV8HC2j5qmI4tUTpISa4s1w6rBcUOcQaUelHVOrT2yNJgYhF7wKpaBo buReUJNOoh8KcRUkTqaBmC9kggRoCxAki30IfYVcFa8O7zLaLbbLcCYEy9Hi5b0mwDod0w7XxDAT nAgmOSZZXPQwCFILa4kLFNEkWhcLDGrggmGaE8THe2MKVsbEIwaZhGI7hYgI0vHv2jFabdGjQWxC x3UpjsEbiComeX3yiCvBkIni1aKQo+NlvX4e212DjvPb0WLrv7hfs/hF1ng89d/fzXUOFnPANIAE w6Qar4uGTp/v/LsdgqPR4g8VgotWiP0givoYPSKWY8U5dBIuaqhT1Mf7bEU6SG0hSENNDNbSR6gX l9FinyHExSsz4jMatL74FHfko70OGq9nLPpYrOyLR9XTnnuOOO6HtJSrxc8k3pvaM2tKMFc/17cP 1vm+Ff82o/4MEHzHGKp9xlxhtXtTjecqRrDNqDNMS8XzSDH2c0TjmKpdz+2N4BvGkCv2bfXnsEZ9 HHYxr4VijDTOrTu+2O3pfSjGWvAQqvWx1Pj81I4vXqvaeGuc9xULhgVf9GoNiHjMuk6RSiQSie5C FOiCtwzvlHYzVo8YxoKeFxFyRUWTQE/slNr7uZkhYry6eBn9B1wf3zm6eaphtxDo4irMPftS2l5b gLgqYuDMCDu5+SNHjeWue0YVIrBD1NVE754SvdlCaBTopmzetJq/Pf4obblD1FNu2cQT48Zx34N/ Zc3y1ajLqahj5dI5TJ0+D1+IlPrLZah5cYTgQyHsS0x/9mkee+YF8rBj78C617P2d7W6hzwPYL4V b4qoo+qFVcvn85cHH2TxtmbMK7l5glYIIesseHcx6db2qepp3baBW24Ywuj7HqCce0x2IVprk3lt O0WUgguGSpUgOWqGmGJaZdxjDzNg0BCa2iv1aAcNHbktOx7vji/3VhOPhUDPxKhWK0x46gnuf+CB aPc/wH1jxzJ7zlwy7/EaolCviaGaN7+raw9dn2+niIkOYdUo9jvEj+50DFoxnqPQNdSXUXHITqJE drhXOxXoPl5DVcxFUe5VEfPodgtHpoZ6j3lHVimTS1wRrYn42jXu4ugLAWT1xZBAg3DaXoQWz8Lr oXYdgykqOXlWJfceEY+Kp+KFbx33A1pKlSjQJZ6rqaEaihC9t2Mbtu0FesO9LBblosi0DtFeF+i+ YYxFT0dQIdg6zAdEXDF/1b48qziX4XLdhUBvWPSsCd4uvO6153TnAn27z8MO29gTOo8Z6dhnF89o h5jXhjFWFAoNhgWHmZDlgvMO0STQE4lE90YDmBck5DE6VZWV99zC7At+X0SbJoGe2Dl1J40a3iuv Ll5B335DUNVuH+beLQR61ryNZ867DGndHF+8QwxN31mI+9+fGM/fn3gKL3H1r8Pz+voGShx4WrzY aSGKMwYNGchve11IOXdMnzaFIw7/Gkcf/W2O+cFJHH3ooTz52Hi2mGfulOe47KprqapiwRPqgikK OTOPBJCgtG14lSO//Dk+dtCXWbh2cxRCxUspWN17Wfe2NnjTJG9n9guPM2nmy4X3XBk36hb23//j PDzrZUSUzBxBSxDKdPZ8W138QKMI7QifN3OsW7mEgw/8d4797o9pq+YdntUuPGs7CPQQqzp6EyRv Z+7MqbwwaRJl5wlB+N0Zv2Tf9+/H+q3NdS+r1tMDrJO3ru6lbhAxtWtRE3BmSi5Ge2szRx72v/yf //Ne/s///Tf+77/8K+/51/dwwEc/wlV//COb28r4QF2g16pPNp5Tfbs7HSRRpNfPufb76gkaIx58 iF7xKJjzBo9kh5iV0HDtTGjatJpxTzzOoqUr9kgA7ezY6t5xMyrlVp5/fjzjnxrHpMnTcD5HJXS6 lmaOSRMn8K1vHcGmbc1FFEqxuERxrWqCvlHUhYbFiFqUQxHx0fg81a7p6/2O71jsUdavXc03Dj+c qdNnIip45ylVM848+1xK1SriM7wrMWXic0x4ZgJrN2zBW7wPb7d3i1A807XFu0jD+AgdiyOdrqV1 XuypLfBgFdasmcmT455i1twFSHEPQhBMq1w/eDDn//YSRLpeIImLAjXPc8exdX4GbIf9d3VeO/ZG 7Ryt0Xi+u6ZztEZ9DtzuGa0fY9Bi/GlxbSjOKWfx4kV897s/ZsWqVZi9viiORCKReLdhAUwUCYJ6 QwzWPfU4c2+5kyCWisQldkrnd0fFi/LayjUMH3Ff3XueBPq7nNYVK3iuzwBcXo5COUSP7M4mCy9F WHaDmPhHVv46BLqPL5gqmGvmV2ecyYyXFyEi/P3xx5g0eTKtLc20lUo88Ze7OOmEE9kqSqW0hksu +j3zV2zAmaIW+7HXXnjNlMwMl+fccO1V7LfX/2P/j3ycPw+8kaqBqcOkiqgjD5AVYtm0gjfDayCI x1eaOOHowzi5x3lUDJwqT426kQ9/6FM8PGse3imZOnzWitcMVYnb9hW8q+LVyNWQ4piCekzyKH7U yMXR3rqNv459gL+Pn0DFC95lDS/BVnjEQcww85hJrLQvMQxc1GJ4bbWJHr8+me//6Mc0VzOcKlMn Ps3wkaNorjpEBfU53ueoeLxaFFcWPfmq0fMtoqh3mAjOC1WnHV5qwKtRbW/i24cdxn8e8k0mTJzK xClTeXHic/S+8vfs/4EPcvk1/XEaw3C8yxG1IvRdUTVEpDAfr4UXvMTQ6dq5mc9iFIWBmBI0I2jW ce5qiAqiEhdk1CGqePFF2kBc/HFqiMX9mzomPz+e9++7L/2H3oiq1S0u7IBsV9jQioUJM6kXTrMi xSMei7Bl80Zuu20I1/a+mqOO+hHNrRuQRi+6KcFyXpo2kV+e+gs2bmuJxRRFMI331FQI4qNHthhr qoJJFfU5FQk47whSQdWR1a+px3xOtVzh7088Q+46Vlf3ZAKvt0sUx+aN6/npT3/K7Ffmx2cgxGtS qlTiuJOMarmZEffcxe/Ou4A7ho/FBfDBuoy+eCtRMUSrmJURX3j7NS/GiiCieC/F+UsM3a9d09rC kmm8R1JFfAtTpjzNH666iF+dcS6ZxfFm6gha4Z677+HqqwcVHS6KYyjuoWqMOBCpRnMB9YpZXhTc 7LhnIlJ8AXfkqNfHXRHqVht3tXG5ddsmJkx4qv58mYb6/+30+qgU18fH9Az1qFbqxysax71zDq+G k7h4YD7HRIp5JyCSoVph+fKl/PqMc1i5dj36OiOqEolE4t1IkIAGwwVoD4rP27FSuePd4K0+wMTb ku2j/UKI7ybOp/xz6CYCvfmVV1jx8IPkkuNr+b6dPE6dafR6vhkCXYMv8lkdzRsWcsY5F7C17DDv Ue+o+igc1FdYt2IhP//5z2hzgupGrrrkYq6/bRSZ1byznlqOrho4y8nbmjjsP/+LQw8/nN/1+DXf OuaHbK1UMcsxX2Lj5vVMmjmbzaUywTIkb2LyjFmsWL2Olk0beeG58Rx+yBc46gcn8PzUaaxct57x 993KRz78CR6aMpOZU2fyxPinWLTgFUpecOJxWYl1q5fy7NPjePyJJ5g1byEVLULRswpzZkxl2eJF NLW0MG3WTDZs2MDsmXOZv3AZmVdWLF3I9CmTmDZ1ClOnTmXy1GlMnTGbcu7QvJV1a5bz3HMTeHLc Uyx4dRmZKC6vMnf6C3zv2G9x6NcO46mJk1m4fCWrVrzK1JmzaBfFi8NV21i+eD7PPP0U455+hpXr N1IVxUvGhvWrmTZtBqXWVubNmc34J8cxb+FS8nrObhToYkbWvpXjvv51Dj/ieNpzi2JSqry2YAaf /MjH+MmpZ1LJPeKqtLdsY8LTTzPuqaeZt2ARmfOIxIWILZvW8/xzE3jq6WfYtHkLs+fMYeGiV/Gi lNq2MXXqZF5rbiM3wVebmDdrMvOXrqAihoijadMaXnzuacaPH8/sVxbEa6GGSUZ7yxYmT3yevz/x JFNnzqa9XGXlsiXcdcMg/vU9/8rZPS9m+sxZtJUrLF2+glfmLyDzQufgESuEuUc0Z9OmjWzYsJE8 87S2tkcxJYp4h2kLTdvWcty3f8aWpuX4usiK47tSbqVcaqalaTNZURxGNYaVmzpMc7JSE+vXr2dL c1v8jIH5drJyE9uqjlw81dbNbNq8mTaneA2xjYtUadq6jZ69rqC97OvifE/ylOKikqdabqPS3kpL Swul3Mf5oHiuTQWVnFKpibVrVpBlVcZPmMhNd47CF5EJrze0/p+N+oBZiSzfSqk9I888ImU2bNnI 5m3b6lFA6nN83s7mTRvYvGULmShiFOPAMMmptDezfs0KWptamb/keX555lnkFheA1JXJq820tbXR 2pY1FEkzxDsq5RLVShmXCSJlNm1ew7YtrYgzREr4vIxKzrZtW1m/YSNV55Gat51Yz0HEs3XrFtat W0s592xpakZUEYnjZvnShfz5z3+KwtrHXHCzGEXTFTFszuF8M+VKS3EsVXLfTHs1o5Llxdh0qM8o Vyq0VxySO6qlVtatWU25muFEEV8lz1spV9ppai1Rrh1/IpFIdGNCgFB0NvIBsiD4IKmXdWK3NEa1 ddR7SQs6NbqHQH9pBq3TJ5KJj0LMOnIru+LNFOhmigZBg2G+wsQnRnDZNf1pk1CIckduoJpTal5M r9+cxsUX96FqGZo7ht/cl2O/cwotWfTkxPD0uL34gt3K3Oce50MfPJC/zHiFZS+N4+CPf5K7//Io ZhlYmVGjh/PRAz/LxDnzMSnTsm0lHz/wYHpfN4SpT41jn/d/gH3e8y+8Z6/3sc/79mXozTfzt/vu ZP/9PsJRJ/6SD+79fvbe+338+ycPZvaS1Ygpr8ydwRcOOpD37f1e3rv3Prx//49y2bVDyUTZtnUT hx96CD/8zrf52lf/h73fvx833nI7//vVIzjjrJ6Uq44rLjmP9+29F/vsvRd7770Pe7/vAxzwyQPZ 0trGjIlP8KmP7M++++zNXvu8n333/wT3jHmQtm1bOew/v8De//oe/m2vvdhr3w9z+tkXctmlF3Hg 57/ENmdkWYmnH3uAT314f/bZey/eu/f7+PiBB3PjHXehlnHHrTfwyQMO4MTvf48P7fs+9n7vPuz7 gQN4aPxEasXLYii2kbdv5rjDDuOwb5xIS7WWA19m2viH+Mi+H+BXPc7Di7Blwyq+dsh/sG9xLvt/ 9FPcM3IMIkJr0xZO+P6xfGCfvXnf+z/AUUd/m4M+81mOP/EkKlnOopdnsN9++zFy3HM487Q3reab /3MIvzj3YprUWLtmGT/4xv/wob32Yu+9389+HzqQEX95jNbM4/My3z3qCD6wz97ss/d72ft9H+DE k37K1Zf9ng/v9f/4t395D/+2z34c8Ml/Z/a8+Zx1zrmcesZZtGc5vnEsB8XM0da2jfN7/pb99/8g ++//IX7yk1M4/fTf0NzcEqMACoHe0rSGY4/+BVuaFyAWw+4JjrVrV/LRD3+ID++/P1/64hdZvbkJ bxReU4dzFSY89Rhf+8oX+eB++3HAJz5N38E34lXJWzfy3186iC8e+g3+9tjjfO5Tn+CD+32Ui68s ohQkY8mC2Tz1xDh+8tOzePb56UydOpUZM2bskUA3FSqlVo484ht86IP78cH99+eFqdOjB11DTBtQ z4RnnuDLX/oCH/7w/nz3+z/itnsf4MY7R0fvueVvO4FuEshdE8efeAwf+cinWDBvKX37Xc1HP/5x Pv+l//r/2Hvv6KrqrP//v+/6rVnjjGNBQh8F6TAoRUUsiEgHAVFRQUEUBEFQ7A1UFAE7FgQRKYoN VMoA0iGNUAMhPYSQXm875dNevz/OvQEUeGbmmUdd5LzW2isSk5tzzz3t/dl7vzcFhaVopTl6aC+3 9+tF/cvqERfXgAmTp1FRE4qaFCqKi3K5qUd3GtZvQLMmHfl02WvcN24sUnueAsk7t9Ky+d+Ja9CY kaMeRQpZW6YuHJsB/frStHFjft6wmzdmz6Bp00Z06tiD4qJKpKjBCpTx0nNP0axpUy6r34AePfsQ n3LQK1s3ikCgmjvuGEaDBnHExcVx79hxjBrzILbjIhybI/tS+O7LpYwdO5pdu+LZtTORfXsPIaVz TrM2oy1+WreMuAb1+ezT5SgVYvbc57msQVPuuPteLNvGKIfkXVto3LAJD46bSOqBg3T5R0fq16vH q7NmI5TmWG4mnTp1oH79OFq3vYr03GOIP1g1hY+Pj89vjTGx6sloi54r0K6pbdvz8TkbtbrKKDyD WeEL9FM47wW61pqKXbuoOZiCUJ4TudYy6uJ+5h5CSyhsGSsXPmUE2r/5t2MriybWw6nDvPfaC8x6 820iUfGupSQSDPPspElMuP8Bel53I6vWr8ExgrC2WPvNR3Tocgs55dXRDJ6s7SdXjkHY2VzXuSVj H36WoFAIu5LHx93PNTf04ljIRsgAKxfO4dJmbdm+JxNpXCqrcmncoD5PvbaAYCRIXm4at17TkSF3 jiT3+HFqagJsXP4Jl15wEROee5eqsnJ2rP+J5nH1mfzOQioqC7mqXSv6jRhP/vF0Kiuq+Wjuq1wS 15hdew5RWZrHTe1a0+jvrXjv4yWkHjpIwfEj3PyPttw99glCrqKi8jjH83I5lp/Bi888Sr2L41i6 ci2WcKgJBUjdv4eqkiJKj5dwy203cMfoKVTYgpJjh7hvSC+69RpOas4xykvLeX7aBBpf2ZlIyOFA /A80i4vj4adepaC0nKL8QwzqeS3N21zFwYJSPn//Ver/+VJef2sBRWUVFOUeoNXlTRkx7qlo3/rJ DLoVKue2Htdy6aXNuLpzN667pjNdOnUkrnETxk5+kYyCYoxbwYQHR9Dt+r5k5pdQHSjgp6/m06lb b/Znp/PKsw9yxZVdWLtmO8FAOWtXfcPfL72E3kPHEHZd0vZt5m8X/Jn5m3bgKEWoMp9bOnVg0CNP Um5VMWZ4X27pN5gDxwqoqSlj6aL3aNa8C0+/PI+jBzZw2SVxfLn6R6qrA2RlHGHT9iQqy4pY9fUS LvjzX3j8xdc4nn8Cyw6QlZlOVlZOtGzYjd5YtTdFQISZ+9oMJj89k9LSMkLBKhJ2b+fO4SMprwzg KonSDkZbhMuOMejWO6gqK/cMCQ0YpZFCceJEIWn74xnc+2aOlxailMDVGm3bZKYlcn3P29i0I4mq YDX5eelMGvsA6xISEUpQWJDGVa1bMH7iNHJKKijKO8rjD99PbkkVjmuxZuUiZr/4NN1v7s2Ls+fw +htv8uGCz4gIbxrBuR4GlAYhBaWlheRlH+LBYX3YsDMJrQWW8ea4RipPMHDAcDbt3E2wOsCBfVsY NLwXby/4AUvZVJXnEKmJILWNdiURaVCF+dScqCIgo20Y0qCkibbHCK9iQCuMMES0RiiBFgJb2oQz s3FCYbTS2EohpcCSQXR2NipxP3Z2LhEnQsCWSHWyn/zU64trvKqHSKSakUP70ff2cXzw6RLKq0oo qwygHIEdKmL8uNEsWPYdRRXlVFfk8/wz03j9/Y8IGXCsSp6Z+CBLvvuZqpoglRVpPP3IKIbf8aBX Gm4UbihMwYl8PvpgNgOHTSEiTNRkzkFqiFghRvbvxcCRY1nw+RIqqqsorQ7gCM+74uvF7/DI9OdJ LygiUF3Khh+/pnf/gRyrDqBFDTOmT2L2h4vIK6kiVF3I+jWr6dN/MAFHYUVCfPn5pzz3xKP0vW0o L8x5h1mz3uDzhcuosRxv0saZrr+AUDZOpIpvl87jmfmfY2lJJFTN1/Pn0Pf2+6gOO7hCElSK/Ylr 6dblVkaNnkRGbh7VwQqC1UFsA8IRnCjOJyM1meuvG8m+zDyMPNtoNh8fH5+6gfe8BFJZCBlAOoZK 6aCdIKa2RelM3iE+dZ3TfWk0Ilod6kjlu7hzngv0WAls5e7dhA7tRSlRK9Cdcwj0nfGJ/Lx9J47r uTzDfybQ4VSBrjA6witPT2XO2x8QVAatBEq5aA3KcVG2xdZNGxk0aAjVloNQNj+v/oIrWnXlcH5R NNskTxqKuS4pCT/xtz/9haVfrqKgupxARTlfLl5Aw8ZNWb8/lYi2WLloNpf+vT3b9mQgjKCi6hhN GtTnmVkLcZVEWOX0v6ELd455uLaUftOyD2lQvzErE1PRyuVE9iE6Xt6Mkc/OJf1IEpfH1Wf2R0tw ZRglJdkHt/LnS+rz5ff/pLzkGNe3b8sN/YcQktHS/socbvlHG0Y+OJ2IqzE6gBIRco8m0qRpE+4f NxXHcbGUIFBRwIyZM7lj+Ahuu74njRpdSp9h46kSGm2V8NDIQfTocyeVlo3W8OK0h2na4iqsoM3y BW9Q76JL+WbTdmylkaKSD2c/R70GV7B9fzqff/AKjeo15XBeCZYQaKeM666+igF3Px41YvMuCLUC /YZruLx5G55+/nmef246HVq3oWevPhQFI4Q1GLeKm7p3omHTdlzTYxA397yBXtdeTeNmV/DjxrX0 7XE1fYaMptqSaGXjhirp2vIKeg8dGxXoW/jbBX/mw03bcaQkVHWcWzp1YPDEpzleWUyvrp1ofHkr rr1lEDfddAPXdu1IvUsaMvr+h6muPs7V7Ttw7c29eXPGDNIPJlMjFBErTMLmVVz4pz/x0twPon3B tie2pEbJ6NgpvKywbUBGihgyZAhVgZpof6+DY4X4+svvCIQshI6Keu0QLs9n4K3DqSqrxI4JdB3r B5dUFmUwrH8v8kuLUEp4It522PzjF4x5aCIbtyeydec2dmzfyJxXZzBm6jQcV1FVmUOnli34ad02 IkahrABvvPgYqXnFCGVhZBk1ZflMeOxZqh231rfAiZrQnEsseb33CqlsHLuKKaOHsWFnEsa42AaU dMlPS2HixCeJRL0QlCzjy2Xv8v6nq3ClRe6G1RyPz0BIjZIGS2kyVn+P/c/dSCFxjMSJ9uFpE/VS cKRnpOcYpDRopRFSYwePs6r3ICp//hktNGHtlYqnfTWfH8Y/wIbHn+C7qU+wbc4HWJURjDzduT72 oCOMQEgXJW3uGTaAR6e+iqs1QllYSmGkJP3gTkbePZx1OxLYsms3u7dt4IfvvuTuMeOpsG0Clce5 7boeBLVAaIFWQfZt2cTd9zzg7TOjUK6LUIIvl37CwKGTTxlpKDyfASUYOeBWbh18HyFHIlwn2ueu cYKVPHLPQD78fBkbd8azc/smErb9k2F33kNKZgGV5WkMuKknlY4gojTGEQRrKlnw2RcEnZjfhUV+ 1kFmzniVGo3n6eBoHM05BbrWAqMsNq9ZxDPzF2NFt3nD8k/oN3Q0NWEXISWWgfRD22gY15r07AJc rXG1hXIVrvF6/YWyCZQXcGOPe9mXmYeW/pOmj49P3UZH73lKuigVwTiG4uRkcn5cHRXoUc8nfHHu czqnCnQlBVIpjheVsPqnNXXewR3Oc4EO1Ar0mv3JntGWsv9Hgb542Zcs+mIFQqr/VQa91jk4OqbJ aIs3X3iSN+a+Q9iAMS5aO7hRUayFTcSq5IlHpnIw/ThKhtn4/TLadLyOjMLS2h5YHRP8ooyXnprK hX++lIsuqcdF9S7i4osbcOnF9an3178wYvzjVCiXbz59k7imbdmekobUitKSPBrHXcZTsz5GaIUI FTHghs4Mf2A8wegIus3LP6RhgytYuTcDpW1O5BzgH5dfwahn3iXryG7+Xr8+sz5YiFDemKr0lE38 +aLLWP7dPyktLaB7h3b0GnY3QenNna6uzKVXp7aMHDMN21WgA2z8YSWtmzbkocemUxpxkMLBtoLM ePhO2nW7ju37DlGSn8vgvt25bfBEqlyJtCsYe9cgbuwznGrbG5n38tRxNGvRETtos2TBHOpdVJ+v N2wh4kpct4Z3Zj3HZXHN2Ln/KIvef524y5qTdqwIoR2UU063jl0YeMcTpwl0oTyB3rtHN665vifl gRBShlnz3fc0rN+AN99eTEBojBuiZ4/O9O4zlIKSKgpLT1BeeoLC8hJKS/Lp170LvQbdRantGfZF qkq5usXlpwj0bVx8wZ9ZsGEzrtZUluXTvX0bBk14ivyKUm7uejXD7x5NXmkFpaWllJUWUlJYQml5 DUJWUVpUxHfrNzJ/9mx6XdeZfiMepspy2bP5W/72//0/XpjzftQczhNYQujo+EAXY1yMsQkbjVNz nAGDBxOwLLRUaOWglUAK45lkxQS60gTLTzDg1qFUldZga6LlbTJqQmZTWZrO0P63cKy0GKkEttEo 2+af33zC3SNHMuOV2cx89RVenfkSb7z8El+sWo10BZWlOXTt1IH0nHxsrVB2Ga+/9BSH80txtI1R JVSVHeORKS8RcIS3wKVPcYg9R494zMTOyzZXMOneoWzYmYjRbrR1wSVj/26mTH2BsAZXSbSqZtPq Jby7cAW2ilC1+htKdx/BUi6OlkS0IH3VSuytid7sd3WyukUrjXE12vH2n1IKIzRGGlytyVz4Hpkf vcfm6dMJuRJpR1A11aRPfhVdU4MQEhWyiRzJJeiGvTLuqD/Cqa03yjhI6SKlzb0jBrJu8x7sqHGc rb0M/oHkzQwacBsvzXqDma/M4rUZL/PqKzNY8MVyAq5DaUkOva7tQUi6UUNDh7SEeO6/f5y3CGI0 ynVwpWTlsoUMHjbRE+jRa5xnDOlw58A+PPfucmxl0MJGK89oM1xTxajbezPpscd56ZXXeWXmy7w+ 8yVmvjqL7KJyiopSua17D4KuwlYK4yjvWiA1EeEZ1ClhkZd5kBkvzaBKSYR0kY72jC/PMUpQKq/q Y/O6z3nhg0+xlUIrwbefvMttg0YRtFyUkggDRw7uoGevEdhaYyv0lc02AAAgAElEQVSJ1C7ajX5V GqEFwYrj3NjjbvZHBfpp7u8+Pj4+dQxtJMJotNBIo5DCcHzRQvY+9hhGCLRSvkD3OSOnCnStFFJp Dh/N5I05b9UaxtZlznuBDlCxazfV+5KQ/2IG/fNlX7FoyfLaWczwHwr02NzdqEBXKsJXC9/mpVdn E1QGIcKsWfMdx4qKiAiBcG1SD6cwavg9FJTWoITF14s/5rqb+lMciCCkW+tAr7VL+sGNXN6oGW/O XcDx4nxOlORxorCMwhPFfPH2KzT7e3s27Exh549f0jSuCa/Pe48jRzNYtOATLv3bX3nmjQ9xlUaE Kxk1pDcdu93AntQ0iiurWLfiE+Ia/J2v92bgSpui3CP844rmjHn6bUKBAm7uejU39xvC3uQU0jOO MOO5qVzWqAkph7IoKz1B944d6D3iHkLKywxWVebQ6x9tuGfMY1i2IPNoAl07tKHtP64lcc8BjmTn kHrsOKGqYh6/sy/tu13H1pQD7Pp5Ex1aNaX/kAne3HgnyPRHx9KseRt2xO8kt6iUl6c+xBXN2+OG bA4f2kXrFi0Y/eAkDqQeITklme5drqLjP7qSU1TGwvlvcllcCzLz8tHaRoogXTt2ZdDwabUC3QCu VFjBMvrccB1drh1AWcATQm6okikT7qZJs8vZGr8H5QqenDqOJo0uZ836zaRlprI3ZR/f/bCFSKCS t2ZM5vIWLVmw4gcyj6ay+OP5NLv4b9w27EFCrqDwWBqNL7mYeyZPJiM7h+UrltD4ogsZMn46lY7N xAdG0bJVB75fvYasrGz27k1i0dcbOVJQTXl+At+vWktq2kEyM/KY8eKTxDXtwLHiSlKTfqbehRdw 1/3jycjMJWQFyc7LJSMzF1doT7gYh4jRGFVNWLhMnjiBhd+tQ9gOQthUVlWSkLgPy/ZmPksRIRK0 KCnIZOBtgynJr6DSsrCUZ2anhI1lBTlx/DC3D+xNdkEuoXCIkFIoR7B31088OnkSJWUVuFLiuILK kkpOhMNox6G86CidOnYmLes4rgzjBMuY+cLjHMoqICwttKogVFXIg+OmUl4dQAqHouJiiktKo/1v 8uxz4qVECoegFaI6UMbEe4eydstOrHCAsJAIx6K6OIt+/Yew98gRIpEgeTnpjL3rduZ8upAyFaZk zUpKV64mkr6HSNoBwmnppH/8EZXbkwhJ7ZmQKeO56RvPMCeiNbZyCZsItvIM25yqElJHPkE4L5eD 731MIL8cGQ5jWVXsffplinYmUlNcgQwFkG4A1wmjpMXRtMPkHsuvHannVS1YKNchGKrhnjsGsGFr CsFwANuJEFEOQkYoL8rjsYkPkZWfjeu6SFdSEwpRXFmJqwS2E2Dk0P5s3b2fcMCiInCc156fztCh ownbAlsLhBUkEIywfPEnDL59HIGQRdB2omaFDk6kmmED+/Pagq8JWDaubXmTAzQo4TBn5nN89+3X hCwLpRW2FaKwpJCQK4mEwzx49xB2JsQTjrhIN0BpWRk7k1KwpZfx1lpwPPcoz05/jjLbwXEsThwv oqCy+jRH+V+itEAqi10/f8mk516kMhiitLSEyfffRe8B91EZsr3JDq5kf9IWbus7khrboiYSxhES ZQlcFUY6NkErRHlROj26DyU59ShWMFxr2BhzxPfx8fGpUxiBMF5VmWugxkDh4vmkPTbFy6BL+T+P m/Wpk/yyxF1pSMvI4vU35/3LE3rOZ+qEQK9MSKAiJQGl5W8s0EV0prXncGm0TdbBHUx8/CWqhcZ1 Qnw8/y3adWjPgw89xPgJj9CtS1c++ehDpFY4UjLn5eeYNP15IsrLVKnoOCyjbJ5//BGubNmR8rCF VDbG1UhlI5VNUc4huvyjM3fe9xA1ZWWMGjaUevUvI65BE3r17E3zZg14Yd5H2FLhCMk/v/+CJk0v 57J69Xjjrbf56bulXNG8JT/sS0dJTXFOJt3btmXcs29iiQi5GWlc070bTS6rz2Vx9bjyyiv5aMFH OFJSWVZAr66dGXjPaMJSoqQgUHOMAdd2YuyEp7BtwbNPTCDukvo0aNyKepc05NLLLqVpiytJy0zn UNJmWrVqRf36jencsRu39OzC0BEPE7YFQtgk7dpAy1ZtiWtQj+H3jmXmk5Np26ErViCMK8pJ2r6B Dm3bU/+yOC6Na8i1Xbvww+o1RKRmyYJ5NL28Lbl5uQhp47phbrzuRu64d8qvBHokWMaQ3j25qedg KkIuUkqMEyElcR0tmrfgzvseIhxxCFTncc/wYTRocAWXxV1KgwZNGHHfBMpKywlXnGD0vXdxWVxj GtWvz6g77+Sqy5tw27BxhFyBcYPcP+x26jWKI65BQ27odTPXX9WJOx99mhopqS7KZfSoMTRu0ID6 9eNo0LAJ/YdP5Muf4on/eTkd219F/QaNaRTXiMZNm/LsjNnYrk1NuJJnn5lGo4ZN+PsVrUnck8SE SY9y/5jxhCIOKprxtoxnpCWUS8ahRK7qci1jH3iARyY8xC239GL0/eOxIg5K2uxPiefuO0YzdEhf 2rRoz90DhnP7iDv5dt0GhGuzbctmhg4dxuCB/WjTogVDhgzhjmEj+GbNOpSjsIIneGDMAwwZNJDJ U6Yw/uEJ3HDtjXzx0xqkXcIL0x6h6d+bcd+YR6iujDDrpSe55qpuDBgynL2HDiJEAG1XMfre+xg5 ciQTJ06ia7furPjm+9pyan2WniUtBTnZGYwafT/Dhg2ja6vm3HLbYO4cNoxX31yE4wqUVcZLL79C 69YtGTawP1d17sykSQ9z/Y038dX6HyhYu5L19zzCj09MZc0TT7Jm6rNsHnYP1oZkXOmN2guXlhIu LiZSWkywvISa0mIiJwoI15QQNgpHOpRtW0vi519jh8o5lridhJlvY7k2trKROQfYP2sGXz14P9ue e4aKlGSEcBFuhNt692LK408gdPRhR0mMjhAsK+OBe+6mfasW9Lz1dobfMZzpTzxFtR1Gaa8y5cP5 73Ht9dcw/qFxTHhkEj179WXmq7NQ0WvKrh1radDoCob0HUyv/jcxccxdXH/tDTz/8luEZYSF781l +LC76dWjO61admXYsBHcNXocuUXlBCtLuP+uYbRqeSWdr7+F24fewTPPvUC17TmdG+WQl32Ynjdc wwP3j2bio1O4Y8QIbrz5RoorKnCkJCVxKy2vbMl99zzAxEce5sabevLg+EcJ2Y53nTYKK1LB+DFj uHfcOB4aN5bu1/Tgx5+3n3Ume2w6gWtcTmQncs1119Gvbz+u7tyZ56c9QKeuvfjosy9whMOXny/n 9j69aHllF4YMv50Rd49i/cYdKEfhyjApCTsZfuddDBt8K80v70KfgYMYOfwO1m3egasMUnPK/aJu P1T4+PjUHYyShLX27iVKEjaQv+RjDj42BSM8ga5jlWW+SPc5BV+gn5vzWqDHPtyqffs4vOaH6Cxp 96RJnD6zQF+y7EsWLVkWFdX/JYGuDEY7OKEiRo56mKzCcpR0UCJEWVkxe1P2kJicQlFBKZYIoVSE sGvx/LQp/Lxrr9drGb0IxgR6Rupe9h5MI6AclHYxjsHoIEoFESJEaup+Ug4eosZ2CFaVkLwviUOH j1BRVcnePTtILSzySrk1KKeGwhP5JCfsILewkOLyQhKTd5EbsNHS4AYDpCbtYP+xQi8j6roEgiUc 2bufnUmJZJcUo5Tt9YbaNRxJjmff0aPY0kUrieuWk568k0OZx5BCkpeZzO6EBJJ3J7ErPoXdybtJ 2rOTciuClDbFJ46xN3EPpYUVpKYlcejIURwpEVKgRIDCklISknezP/MY+dlHiU85gLBchKxCO9VU lhaTkrKPxH0HqK6qREqDqzQlJ44Sn5JEOBKMzkh22L//AAcy8lBRN0kD3kxzN0jawV0cTN2PJSVK C7QrEVY1KXv2kbTvMCFLoUUlbiRIZlYuO+N3cfhoJlWuhSs12tJEaspIPZzAof0pBCtL6dLqSvoO G0fI8fpjIxVlJB3ez96DBympqSJ1bwp7snMJShctAoTDIbIzjpCQGM/hzGxCYYEtDUoFqSovI+Vw Gim7t5Oae8wTc3aQoJKEHYucrHQS9+wnEA6RkZ3N0QxvNJrUEh2txggbr5fedQNUFOexbfNmNm5Y z8HUVIJhGym9io2a6lKS4lNISNhGQnwye7ensCMxgeyiYqR0KS8tJTEhmaSEZJITE0hK2Epi/G6y i0uQQqNFFRE7wt6UZNatX8+2bTvJOppFtVQoWU76oSR2JyWSuHcfVliQkZZEcnwK8UnJVFRXoaWD EQHKinPZumUNmzZv5mh2LhGhENEZ8Gc7R7WShALVJO5JYlfCTvbt3sCuJG8796Ufw1UaowJYdoj9 +5LYuG4NR3KPUVpTxd7diZwoLKBi7WpCWw+ghY0jbYS0yf5mJeHNCQgpsMrLydm8lfwNmzj+z43k bdpI9s+bKVi7ifLDh4kogR2oZO9Tk9k69il+fmI6ux+ZTPLVvcjPzMF2XYQtqXEsVGUpkSMpbJ04 nUBhMcIJs37dGj74+FPc0wS6hbAskhLjSU7YxI7de0hM2MWB/QcJCRupBUpKHNsiO+comzetY8Om TexPPUIoHEFGx60JYZGWuY/N/1zN1t27CVUVs3dfIofScrCURV5mKgnxSSTGb2VXYrI3GjHlAJWW i2sH2ZuwjaSkJOITdhOfEM/ew0cIKB1dCLVQToiKknx27tjK2g0biU9OprSsxPPA0GG0oyg6kc+2 bRvZsO5njhxNJ+QIT/hqEV2cjFBQkMm6rT+zZfMm8vMKCCt5DiMZjdIS1wiMLONA+hE2bdzIodRU AhU57Nizn8z8EzhScDw7n727t5CwO4HdSTvYlZTI8cJylFA4yqKyvJD4xHiSEjcSn3CAXYkJJMXv pqCsAld7Jkmxv+kLdB8fn7qCUZpqrXG1RLsuUiqOLV5EypTH0UJ6LXMxY2NfoPucwq8Fuo4K9Ll+ DzrnuUCPUZWZxY6576Icz/HXNgotzu4O+PXXX7NixYr/uoOg1hopJQ8++CCrVq36VY/FyZEDLkZb FJcU8uSTzxEKhv+r2+Hz22MMaGnhuqV07NieQYNHE7YdlDn7iCifcxAdy4ERaO1SUVHCsfwcCgry KSgo+FWUFJcjXYOSnnkbRp3TUdbWGulER7C5mpCIEPj2R2p2H0Arg1IaR9rkfLMJe0sKWjtn3kwD RnqO50EZJLgziZ3jplF2JIeC3Fyq0o9wYPFi9r4yFxOpIpB5nMqaCkKBIuzMDNZNe5bqwjyEcFi5 ciVbt279v9unf3CM0QgjvAc97bUtaBWgpDjvjJ95QUEBx48fp7q6us7f6H18fHz+TzDKm18tDUIZ bBOhcPlXJL7u9xH7/HsopcjKyuLdd99FCC+BWpePnzoh0O2KMrZMegarpgrtSpyYidNZPnittder +V+8uMTKNbTWJCYm8tFHH9X+jRgnBbrXK596+CCrV/1IHT4+zxs8oWYjRBXz57/PihU/YbkCdY4Z zj7nQoOJjh1ULnPnvkm/fn3p378v/fr1+1U88fizuHbMwV7+jwJdG4kSCmFA2xpLuuRt3UbpvjSM MmitsLQga/02qhIPIMyZq3FqDd2UIuiE+eG1eRz/cQvaUkSkQIswurKEne99jHRD5Py4moRXX2fD 40+x9a23yduZiF3tIm2FlPK060VdwxiNik2x0KCkRIoA4x8ec8bPvF+/fvTv358VK1b83pvu4+Pj c96iDLgGb5SxcHBkiJCM+GXKPv8ysQSmlBIhxGmaqa5SJwS6sMMcHP8MNTkZaNetdU0/m6GUUt7D 8H+7xCL2WkopXNf91eufFOheKb6QLlIoX6CfB3gu4gKjI9FxZybqQF635zz+50Qd96OjByOREIFA NcFggFAo9KsIhyyk8Macae3NEz9VoMfOw9qvykUpQcRotK1xhMSybHQkOhZRa8JGogMWdtjCMWcW zjqa7TXSYAmBUxrArXZQjiaiNa4RaGkhKgLezHhRg6ooRhcXIQOV2EriOt6MeaVUnZ4Laox3vnjj 00ApiVYWoWDVGT/zYDBITU0NkUikTt/kfXx8fP6vUAa0MAilsY3A2AJhS1ypfJHl8y8T00Oxr/4c 9Doi0I2RZLz0Numrv8UIy+sZNGfvQY89CMdE+m/PyT5GfyzF+UQ0exsTh7Hv+fyH6DPEmTk9W37y 57TSOI5TWy0jhPBWb6XnHG4ZjXa9UWlWdGSi1KCU8cS7VAilEOYss7iNxo0KdKUM2jE4yqBcg9Be 1gE0xvXK6V1pTjGBMxhpkOfora9rmF/uZ3P20Xo+Pj4+Pv+3KANKGISMCXSF4xhc5Qt0n3+PX2bO 6/pxU0cEuubE7ni2Tn8aYVV5hmtKYc7S/xt7SPdNCnz+25ioIIsJdZ/fijML+Ng57rouruvWllnF Fua0jpWoe5MYtAZHg5IGYUBKT3AbdWYJraX2fl4ZtDII12DHXjP2+tIT4jr2c9p76HEMhLUiYgTq LAsAPj4+Pj4+vx8nx4oqZXC0JqgjuNrxRZbPv0wsMRp7Hqvr2XOoIwJda41bVULSlOmESwuwNUgh Udo5JYupMcbLbGZmZpGWdvQPItB/77/v89/h5PFltI4anCm/QuI3Q58106q1xhWCVatW194YlNa1 4tkb36YxUavumEA3eALdlgYjzibQDa7yzHPUKQJdah110ff+xskxNA7aOBgj0Nrrx1JCntUvo67x y/PFP318fHx8fj+MlkgjvUVroanSgsCBwxRvS/AqUVXd9U3xiaFPJiSU+dW4PYPXNuhKSXlFJfv3 H/Cz6NQZgQ6ODpP77Wpqft6OrRSOEihlR3vRXbRx0UZipGHxkhV8unipdxD9b8as+fj4/MGJim4p 6dmrDyHL5n8sl/8f/n2un49lzs/+O6eX65/LyM7Hx8fHx+f3xEhFQGtcraItX4Zjny9k/2PT0FJ6 I12jVWNa+8/RdRGjFbZS3mQcS1ElHCJK4QovcaGUQRmNrTWHj2Yy6425p/Wj11XqhEBXGrQtqS4o YN34aUQK8xHCRUntlZcKjZEyOmsXPlv6FYuWLPcepH2B7uNzHuOd37ZU3Np3AOF/QaD7+Pj4+Pj4 eBNKIlqjtWduXG0gb+nHHJwyBeMLdB/AKI0rNcqVVBzLImKV4UoL4XqiXAmJFgJHCo6mZTDv9Tl1 PnsOdUSga6ORlibiSvZ+/AknFn+GcMNIaZC1M3W9PlBlYNGyr1i4ZJlXfuoLdB+f85bY+W0JSa/b +hO2HeDsIxh9fHx8fHx8PIxRuEajpYs0FkENBYs/JtUX6D5RjDJElMZSEfY89yxpYx6mavcOXCeM 0C5SS6TSaEdzJCOLmXPnnObmXlepEwIdNI7WKEejrQB7Hn+G4r0pCOFiaUGNkQh10qhp0dIVLFnx NUKq2rnDvkD38Tn/iBmSBC2bW/sOIBCKeOO7zjKC0cfHx8fHx8dDnSLQtY6gXEPeZ5+xd9oTaNdF GeUL9DqOUd4YPiHCZEyeSuqVbVnTqQu7xk3BPVEYzaZLlGU4kJXDC3Pn1Tq612XqiEAHoTVaKLQW FO3fz4ZHn6Y6Lx1lhQhpB6G1Z16gDN+vWcfK739EKIVSvkD38Tlf0VohhMByBQ+Me5hgOIKUAr/E 3cfHx8fH59xo440ZVcpFKgsTMOSsWUPSW/MwrkBpz3TVF+h1F2PACINxLQ5Pnc7Blq3Z06oNB5p3 YOeAOyhYv4ZIoAIhJFkZx/n0k8/8DDp1RKAbQDsuSlkEjCYS1jiZh/l2QH8Of7gA7QZQWtZm0G2l sIREKoUUAhM9SDxDOT/88ON8Ca0kSkocqQg7AqEUUgqMVr/7tvnhhx9++OHHHzqU9HqMtYslbbSl qREhdLgcLQRSe0LLqJOu3L/7Nvvxm4bSGqE9c+60ac+S1aItu9r8ncS2zdjf8nIOXNGe3TcMoWzf PiLKQSpZO3atLlMnBPrZUMEQxzZs5NDsd1k79RnWT32SrY9OI2nsOLYMGcT2wf3ZObAPuwb1Y9eg AeweNICEQf398MOP8yTiBw0g4bTzegDxgwYQ/wfYNj/88MMPP/z4I0fSwL4kDepH/OD+xA/uQ8rA XiQM6sfOIQNPub+eGr//NvvxW8cAkgYOIeHWQRy8qivxrZoT37oNR1t0JLlVB7a3aUtyqys51Loj Gx95HBWxfm95+IegTgt0VwuEEuigg8ovRaYfw92bRmRbAkfmvEXGvLfImjuXrLlzyZz3Flnz3iJn 3jw//PDjvIm3zhK/93b54Ycffvjhxx878ubO5fibc8ibM5djb87h+JtvkvfmHHLmzsO/t/qRM28e OXPnkj3nHfLmvkNy34EktmlDcqs2HGrZjp1tW7K3VTsOtOlE6h13UbR2DcZ1f295+IegTgv0iNZU abA0CO31qUutcJTG1RpHShwpcY3GNt73tPDDDz/Oq3A1SqjT/v27b5Mffvjhhx9+/MFDSok2FsI4 aK2IGHBkBGNZaEedfj/17611MoyjsYXCliHSpjxOVotWJLZuxZa2LSlo3pp9PQaQvXEdIVmKUpFa 76+6Tp0W6Fp6zu4ietEwUqG15GDqIQ4eOoAUIYwOgw6jjIXUFkJF/PDDj/MkXBnGlSECVpDPVywn ZIdwRQihwr/7tvnhhx9++OHHHzls5WALQVgJLGGoVobiI/so3LIJKbz7qKsiuCqMf1+tmyGlg6MV QobZ9/hUklu1IqVlaw5cdT0pM2ZQeSwXS7pEpKCspIrEXSm1JnF1mbot0LVGKYVtFForjPLMDBYt /YoFny1HSo1W2nN31968dKmMH374cb6ElEipCdmCnr2HUBNyUEKhpP79t80PP/zwww8//sChpMFE FEIJpK1xXUPOZwtInvI0xvbmWwulEEqjlEb9AbbZj982hDJYWqNci9Qpz7Cz4zUkjHkIKyEJHbFw hSKiFWEpST2SyazX3/YqM7Su0yK9Tgv02Fg1x3jiO+bivnDZCj5duhypNVpJTnN0Bj/88OM8Ca0l UgrCruTG2wYSsByUcNFK/O7b5ocffvjhhx9/5FAGtHAJGQvblUSM5MSSdzgyZSrGlSglkUahjMIY hTH+c3RdC61BSoO2JDnf/kDF9q24gQpcJXGVRgqFFC5SRDiSkc2sOW/7Lu7UcYF+NpZ8sZzPPl+G 0l6WHSPBuGDE771pPj4+/0VMdARMRCpu7DOYgO1gtMafg+7j4+Pj43NutPHGGAvtIoQhZOD4kndJ nTIV42qUVJ6IN3jzsM3vvcU+vwexbPgvRfepx4RShqPpWbwx++06nz0HX6CfkS+WrmDJFyuiKz8a jPLEufGNC3x8zi+8m0BEKHr2HUzQF+g+Pj4+Pj7/EsaAsQUhLbCUQRgo/PQjDk95EiM0WipPxPsC vc5zJsF96jGhNaRnZDPbF+iAL9DPyM9btvLzlm2cvI7Esuh1u9zit6Kun5Q+vyXeim7EFYy8/0GC lu35UfjHoI+Pj4+PzznRGoyQOFrhKoM0kPv91+x94y2M1GjlCXSDL859TicmzmNJEaU1OTnH+Pjj hX6JO75APyMGai8ocPIA8h/afxuklL6Do89vQmyV1hWSopIyXCHr/E3Bx8fHx8fnX0Eb7z5qlMG4 BtcoIqEy7IpytPKzoD5n5zSBbiRaKxwhqa4JnrEcvq7hC/QzcEaB7pfm/GYopWpFuo/P/yUxgR67 Gfg3BR8fHx8fn38NY7T3vKyMJ8iNxNES1yiUL859zsFJXRUT6BKlvUy6v7DjC/Qzoo1GnnKQ/Kfi 3HAy8x4b02aMxkiHsC0xWqC0RBtQSmK0jZISVyvv+zKM4ziewYZWYNRJZ0TjGVwprTFaoEUEaUBr ET3IQSp9uvv8Ke/h1O+fud9WgxEYA9ootPH2A8YBI2sXMTjl972LdPQEi16wlYm+Z4P3e9GefhPd r945qGvdPZXWZB3dx8pVPxEREq1cXANKhtDaQmowRqKNNxZP1C6kaM9tn5MLLMoItFZIE9332omO 0xMYpYlojdHeNulTPuPT97F3w1FGY7SLNgpldHSfeJ8BRmIFyykqLKQydC4jwV/2Nkf/2wgwCq2l t0+URmlvnwvhUlF8nKLKoPcelIp6IngR6+0itr2nHHex9xLbTqNV7fd8TqKUQivv5qCjZVX+zcHH x8fHx+fcGK0QRiM0OEajHYkjNELr2mc6Vfus6eNzOjGBHtMuQp1c2Knrz2G+QD8DQoOrYgL9pKj5 dy8wOiqsjVRoZZAatHZI3r6Bx56aiRMJYCsbV2uEtHAixcx78x3W7NyDLS0Sd65iwaJFhIw3Dspo F2W8sRZGa5QbxhYSaVex+uvPmTT9WcY+cB/PP/c0u/fsxRLe3EmjVNSR/mQYJTFKegLZSH4l0o0E Hfa227hILdDSgK7xhK4BEXt/2hPXrgEjbFwtsTUY1+BojdYuRmkwoei+iKCli3Q1Unj7WGuBMRIp bd599VGGj51ElZBoGSKkNMlbv2X8mDH89PM+hLaQxsU4knDt/pAYJaLC3AthLLR0sISNIwVS1iCk wKopZdqjU3nmnYUIN4KRAlefFLjyVEMTJRDaxjYKrQII7WAbhdQOUnuLLY4b4NvlH3FF02bM/WDl 2Y6GU4wGozer2EKFttBaIIWNkgIlNK4SCOVy4kQ+/Xp0Y/DIRwhaAiVF9FgQGC1RBqSJLjQoXfv+ Y6MBvf/vLU54CxTe93w8YhlzpbxxMFr7fU8+Pj4+Pj7/CkZLwkYhNNhGYyICRylc5SUdlFHeyGK/ EtXnF9QmwqKaRiqJMCD81gjAF+hnJL+wmLwTxf9rgR7LfNcKdOWJvEkPjWXZd+uR0kUoB6UFSgTZ uG4VjRs04f3P1+BIh/LCLJ5+cjqlIcvLGGtRKz69nh+HssJchgzqx5UtWzJhwgRmzJzJqPvu4+9X XMmW3ck40vs9reUpmeXo758Sv8TLbrteX5GxMdr25sQb1yc2JzUAACAASURBVHtPRp8UisYbo+EY MFIgtUBoMMIgtYsyNtpIT6ArF+GWMfGhUTz1zIs4UiGVQUmFUTblxdnc0r0zi1etxdYSJV2EDDP+ gbv40/+7kBH3TaHKcbxqA2VQRkYzyNpbBCA2d1EhlYVUNp9/+AYD+g4kNS8fKSU1lYU0b9qMm4fc i2NH0EpGqw+iiyommtHXCqMkUklco9HKRmqJMApdm41XOFqya+taHh4zhu/W7T7HERGbCHAyjJHe exAGoyz27dlEz1v6smtPKkIJyitKmfnkFF6Ys4CwIxCujRsV3Tp6fBrtYlSkdqGkNoMeq0owRBcD 5Mlqin/zWD5fOSnQFcnJyUgp/RuDj4+Pj4/Pv4AxCttohDRYRmGETaTgOFXpWSjlVTEqc7oY8/GB 0ytVvZG3ippIhMzc3NpESV1+HvMF+hlYtGQ5C5cs/18LdBkTe1pGhYCNG8zn/tFjyS8LIrVCShut whzan0CP63tw9T+68P6SrQgpUXaYZ6c9zA8bd+AqHV2N1LVl41qEePfVp7n44jjWbt2NcmoIK5ew HebAwVRySspxtcIYCyWDBCNhHOGijMYxeGVH0vZEvwYhXCKREEp7Il7GBKCysCMBbMfB0WBpr5Te yADSjRAIhwi7LrbW0TJ+C6UiaGlQKkQoEsAWAqE1Sglcq4x+N3ZmxH0PEHQ9508jFcYN8N3y92na 9HKSM48jtIurBGnJ67myRQsmTJ5Gu3bXsGZnElpZ3nYIF61dZG2mWEYzxQKhLbQIMvuFyTRrcjn7 0jNxpKK8ooDmTRrS8/ZRRBwb27YI2xbCgNIqWsZvo7XAilg4YQcpNVqZ6DEh0Nr1yqKlIWxAyBBK WISljparq9rqgphQrjVT0V71QiQSwXJcHKURUmPcahI2f83F9Rqzbms8Qrq40kbblZRJhaMERka8 G55WhCIWrhNBSTd6XIja964MCCWwrBqElAgd/by19C6E/k0yikZKieUKet3Wl2A4Urt45ePj4+Pj 43N2ZLSKTwpNxCiMiZD1xSJ2PPUiyvUSOtoX6D5n4JcCXWnNkYwsXn9zLkKIOj9qzRfoZ+DzZV+x aMnyX/Xy/icZdBMT6EZjtEN6yiamTn8ZS2qvN1pZWOFyBg8axMpvvuGu24cy/4utKGXQwubdWc9w /4QnCImo4Kt9XYVTfYz2LZpw+z0PEVAaI8PYWiCipeuu0Uhlc3B/PMOG3s6VrVrSrWtnZs6cQYXl 4kjJso/epXe/EXz7/U906Xw17dq25rnnXyTsGoSUFBZmM/Kuu2jdqg2du3bmjbnzKQtFkG6Q3Vt/ YuDgQbRs047rrruG79f8iK1h774d3HT9Nbwy6wPuGTWStq3b0Kf/7exLzSW/oJCBfW+j2SV/Ja7J FXS7vhdz3/sMpTTCquLe2wfSskN3qmyJUi6uE2Ly/cO4te8wSqvLuX3wAAYNH03EsghrgXYkb77+ MgOH30WVrTHKpuREJv0G9Of9RV/w2rSxtGrWgAv+ehFdu3XhoUnTKCjKoXXThtw08G6mTX+a9m3b 0q1rV5Z9vxZbSqQIUV1ZxCMTHqZVq3Z0atuRyY9MoqSiCqUF2zet4aabbuDHn9YwZvSDPDBhKlt+ XsuN3bvz3fp4KivKuGPYUG7scT0333gDPbpfR48eN/Djuo04jsOP33/DwH59aXnllVzV6Rq++Oob AkLxyVuz6N6uNX+64BLade5Kv/79SUpM5JH77mTaq+9jSRcjK1nz/Zc8MHoUrdt1oH27Nkx9/AmK bYOrJQeSdtK3V0/e/Xgxt9zam/ZtruSuESPILinDUjqabXf8MvdavPPblopefQcRtBx+7RXg4+Pj 4+Pj80tiz6NCSi/xY1wKPv+QA49Nx0jP1yWGL859TqX2cIi2e54U6PPqvDgHX6Cfkf+WQNc6tjIk o9lTyZL5s3lp1hyUlrhaI0WAN2a+xLsffkbQsrh3yBA+WLI2mrG1WL10Ad2u60tRTSR6odO1F8SM lDX85S9/Y+YHX3o91FqhjVNrNmaMRU56Cq1bNGfQ0Hv4bvVq3p79Ks2bNmHS9BmELJt3n3+aCy++ gmEjRvPTj6t5ZPw44uKasH5zIuFgNaPvHUT3G/qw/Juf+GzpIh4Y9RAZ2TmUFmbTrlUL7n1oIt/+ 9BPvznmFRo0aknAwg9071nPRny6gbac+fLLoM1Z8/int2rbh2h5DySkoYtmSpVzbvjnXXNeLjz5b yq49+5BKEKwsplv7Djzz9hco5aK0Q17GXtq2uII58xcjhc2n81+naaMWpOWW4moX42omP3I/zdt2 otTWaBmiMO8QzZpezovzFrJ93TfcM7Q3l1zWkJmz32DV2g0Ulh6jY9MGXNqoNW/MeY/V333H7f1u o0GzDuw7nEF1RRF9et1Et67XsPyr71i2eAHdr+5InyF3UlRaxPofv+Siiy+l49XX8sSUJ/jqq2/4 8ZtlXPCXi5i/YgORUIBvVn7Jks8WsmTxQnrf0pO4Bo3YGr+HcCjMy889w+JPP+aHVat56/U3aNQo ju0HM0nYvYNXn3yMi/5Wn8eff4lly5eRnZXFrddczfCHpmNLh83rVlLv4kto0+Eqln79PV8tXUj7 VlfSb/hoKiNhkrdv4pILLuDmPsNZ+f0PvDV7Jg3rxzHjnQWEo20RRkWQpm5f+GLEjPMiUnFz3yEE bKd2JqePj4+Pj4/P2Yl5GgktcJRBa83xLz4g9bFpGCExUtb+rC/QfU4lZvCMkWA8r6y0jGxef/Mt X6DjC/QzsmTZCj5bsixaEnzyAPl3ry2eyZiKmnl5JeqvP/cUr731PkJaSOWwL2k7t9xyKxUhi5Bt ce+Qwcxf+j1SCBwdZOuqFbRp352ME6XR14qWCxlN3v71/PVv9Xj5vaWImGO6ttDaRsswUodZ89Un xF3WgPW79uJIiXZqeHbqRC68tBknikr58MXnuPDiluw5lI6WNmkHk2hYvwnvfPQlkVA5E8YMo8+A 4WzYvoucgmNYIQchHD55bxZNGjdi7oIvWLJyOUsXvkOndm354psNxO9cQ9xf/srDT8zBVhGUW87o UUOo16QLqdnZ2FaQ23t24o57xlMlFba0EMri6J6tdGh3LcnHy9EyhOMG+WTeDJpf0YYdSSkEq0vI OrqTru2v5omX3yHihJHKMHnCfVzRrjNFrkHJEIV5+7ni8st54Z2lOCLE3Bcm0KhJCxIz8nGkoKLy GB2bNeSaG4dSE3ZRrmDxR3P484WXs+SbteSl7aNBvUt5e/4CbKlQIsC6bz7l4ksasn7rTjasXsyF FzXg0WdfR7kOUkjWr/ycv1xwEe+s3IySDlpEcMLVLFm0kJYtWzHz9TcI2g6uHab4xDG2bN3GihVf seTjedSv9xdefGs1rhQkblnBJRc3ZN3mRJSW1FSV07tbJ+6Y8DQREeLpqWNodmVnXn1/CSGl0W4F i997hYsuvIgNifvYv/2fXHLhxcxfthpXC8qLc7juHx0YOPoxglGBrpWFrOMXvhgmehOICMktfQcT sOxoa4K/f3x8fHx8fM6F1t4kFEdLbKFRyiV3yYekTHsSIzwPphi+QPf5NSfbQpXWpKVn8vrsubXe QHUZX6CfgaVLl/LZZ5/9rw2jPLMxAcYbz6W14LXnnmDWOx/haHCrC+l/681sTj5E6pHDHDy4j/69 evPim0vIzcqlSip2rP6K1m26kVZQjJKuZ/gW7edxaoro1K4lg4eNIKI1rgYtJa6wUf8/e+8ZJVWV 7v//X/3WvXfduXfGNIZhdEwTdRxn1DHrjDniCCoIioGgjgqYxVEkSVDEQJIMEgwYBxQF8yCOgJJT k2PTdKquOufsvZ9nf/4vzqnuRltUUIHL/qz1Xb26u7rq1OldVee7nxSvpVKVEU8/ws8P/TUfLl6f pr4n1Qx+rDv/9ZN9WbxyLU916sQ+BxzP3LXr8C5ixdyPOHz/X/Dok+NxrkBF2Toe6nQfp518Kvv/ 9EBuuKEdm8vKuPeuv3PYwYczcsxEXnnjFV59/SXefOVlFqwpZfqHL3Pgf+5Fh0eGYCTB22qub3Up ezc6k/krVhPHlVx1ytFc2rwd60WxcY7ERDxyz/Vce9vjFJyiNs+a5XP53a9/yY/++7/50X/8P378 H/8f//Uf/8H/+6//Ya/9GzFv6Uoi8dx2S0sOP+oENjjFmgJrl83gsEMO5qF+Y3DJRh558O8cePDB zFqynMQpVRXLOeznB3LGJbeTMw7vPKOH9OBHPz6U/i++xZJ/vcHeP96LARNexUiEsZaZ08Zz0AGH Mu6NfzP1hSf4yd6H8sS4qeBzJArTxo9i7x/9mN4vvoe1BrEVjH7mKf73v3/CA916UymKcwnzZ7zN Lw46gLMvbsKz4yfw4uj+/HS/H/OP3v/EJpaP33mWvfc+mDemfYT1jurKUi7+8++5+OYHqYrKaXvl 6fzxhEt56Y1/k7cxklTzyvMD2ft/9mfo5A9Y/P4L7LNfI0ZP/Ri0hurNa/jrH37HBVffQ1581uld 8SHHHaibg14oFDj77LOpqakJO7eBQCAQCHwDPOlEH+88IkLscywdM4q3HuweRpYGvjGqaT+gxYsX 07NnT6zd1sjiPYNg0BugpqaGmpqaHX5z0SwVnWwet5eEoY91pUuvvuTFU7lpFa2ubs4VLa6j2VVX ctVVTfjNYUdywilXcvcd91OexEweP5w/nXAOa8pzqLjadHnvFW8q6PrQvey1z7688c775OIEa2Kq qiv47OO3WLmlnLdeGcP++/+Msa9OJU4SqrdspM01zWl05FGs31xG/073sO8BxzFvzXq8Myyf+zGH 738ojz05jsgaSlasoLqqilxlBS+OH8uB++zDsBFjGTd2KAfu14gXJ75NIYkxUcLq5UvZnI+Z8eFr HPCfe3Fnj4FYsXhbw/WtGrN3o1NYuGI1sami5dkncsZZl7C+poY4MVRt2cgxv/klgydMSudnuhrG jxjEzw44gL/f1p77Oz3AP/7xD+6/71463n4b++y9L/2HjqLKKvd0uJFGh/6WZZvLSfJ53nvzBX66 30/5xxOjsGYLT3S7hwMOOIh3ZsykYC3lFas4/OBGnHFRO2qMxTtl1JCe/NePD2XAxLdZv3Q2h/zs QO7t9hhRUk1NFDG6XxcO+NkRvDNrKW+/PJCf7H0Ij4+bCj6PU+GtCSP53x/9mD4vvIdN8rz3zmRO OelEWl5zIyvWbqDGWoyJeHZIP/b67/9i0MhnKSQJM6a9xj57/Yj7e75C4pR/fzCRvX+yHxNeep3I GsorSjnvz7/nkps6kbc19P7HTfys0a+4675u5KICUb6Khx7oyE/3P5z35i9l/rsvsO++BzHm7emo RlRtXseZfziKi66+K61BL2ZaBIMOpDv/1lqcc6xZswbn3B6/axsIBAKBwDfBi08bC2vaWLjgY6Ri E/HGTbWb3cGkB76OokGP45jKysqwdggGvUGKo5d2PIJebBKnaZ2OS5gxeQL3/KMb1c7jTIxK2qxN JSGJK7nissYMGjEFsZ7ExQzu15ULmlxPzqTzzIsdwb23qFRTWbGOk045kcOOOIKrr2lJ1y4P0axZ Cw5v1IhX33qfjRtKOOOUU/jDsSfyjwfu49ILL+Cgg35O/3ETiWzM053u5Kf7/575a9ajzrF07qcc +tND6fvUGMrKyznn7LO5omlTenTtwjVXN+eQRj9j4mtvki+UcebpZ3LooUfx4IMPcN+d93DsMccw Y9YiPv7wTfb7z725t8fjOFG8i7ju2svZp9GxLFm+Cqd5+tzXkf322o/mV13Fc6++xacfTmG//Q5n 1oJliDiiqo1c2fhCTj/9DMprChiFREHFIEk1TRpfzF/Ou4S1uYgpr47kp/sexDkXXsJ9d93PsUf/ jr322ocHnxyBdXk+ees1fvWLQznp9DPo/fTTlKxdweG/OJi/XHgNhSTBO8OoZx7lv358CM9MnEKS r+T6a5tz+BG/5Y47/06bm2/j8EaNaH/vA5THCW+/NJS99m5E33Fv4n3adG3ycyP4jx/tzeMT3qZi 8zr++MdjOOSI33DPAz3o0rU7Xbs9zOQ33mTmx+9z5GGHceLJp3PvfZ04/bg/sM///jcP9JpApLB6 5Rx+98sjOeZPx/Nw90f4bN48zjrpj1zW9m4il7Dw8w/43S8P5+CfN+Kue+6h9Q03sP/+B3DbvY+Q F8Nn77zCvvvuz4QpH2DVUb55E6ceezQXN+uIEYtqNr/eBYMO1G7CFdOp9vQPhEAgEAgEvile0uvb xINTEKckYrDe1n62BgLfhC9ei+3pY2+DQf8eqTPoafMDEUf1hmXc2LodpbkYK9kYN+/AO4ytYeyo oXz86WKcpA3k7rvzFvqPfpFY0mZzkI7rwjtE0nrz6lw5b775Tx7v15fOnTszYOAgPvzwI6oKMWIT 1q9eyZgxY+ny8EM8+cSTfPDhDHLOYcXw8ZTX6da5H2sryhFr2LJpDY/36MNHn3xGnN/CnJn/YtTw IXTp1o0+TzzFhzNnkzcG1XLWrF7G8xMn8nDX+3isd3fenPYGFeU1rFqxjJ6dezP5g/cxxuGs4aWJ z9Kl7yDKysqxvoaosoJXXnyBHv94kFfffIdBj3XjxNMak4vzGGNYu2IRfXt1Z+q77xNZwanWjlFT V2D+3Nl07/kony1dhYvLmPrGJLp17czQZ0Yy89Pp9H60L5M+mol1BhdVM+uTj+nVpzcDR45iQ8UW +vXqwsBnJ2JMOkN89ox/0bnr43z8+UKMcVSVb2DyP1+nZ68u9Or9KJMmTaIyn8eKZen8mXTu2oN3 Zi9AJR1Vt3DODLp0781Hs5eQq9jM4088RuduPencpQ9dunSlS5eH+Ocbb2FMwuezZ/HUk0/Sr98T LFswl17dujD5nU+JRBEpMPfzf/PoE0/xSM9eLFlRwsgh/Rn18htYZxGbsHjBx7z+2gS6de9Jn169 eHPKu1QkBussG1YsoVuPR5i1YCmJKDW5Kp55ui/Dx72JSAFRiD2oCx+agUAgEAgEtp9iyaXLxvX6 gkesJ8QAAoEdIxj07xUFb/HeYj0YEdTVcMP11/Pu9E8xCiKKV5s1kTOIi7AiWLHEFWu4/467WLi+ PPvbpHaetlfBisOJy/4uQcVlGwEW4xQrHnWKNwkiDuMs6hRxihWLU4t1FjVKQQ3WJYgUsCaPlUJq 6EyEswlO0vFtRi3GOlSqURth1WE1j0hCQQvYRDHGIJEn1qj275wrUJ2lExvNIXFaK6/GYGzMh9Mm 8+Ir03BSSGeN2whnYmKn2UaGq23epSpYa7DOYZxDtYDYAioR1grWFbDOkjiPisW5CCcGVSUSocYa vKkgp4I4QSSPGotzipEEIx51NaiJcFKDswYjinGCiMWJxbiYRBLUedQZrCtgnMPa9DYiUWqoxWfN L2yaBeAE5yxiY5xz6bx7cSQuwjqDiMFJQiyCdXEa9XYFCuKwJsJaj0olTnM48ahLUKcUJJeeD2ux IiROiJ3gbIxzEQXrcK4GpxB5UBfqewKBQCAQCGw/1oOIx4lPN/9NatBDFV0gsGMEg94Am0o3s3FT 6bfu2v4lvIA3eG9JPCSqiMQMGjSANu1upWBd1ineZbuPDhGLFYPVhNkfTqHbQ92oUbDi0hnWtQZd cQpOFLEJXl02RxBUTZZq5PHi01mU6nCq6YaAk6yTtyVW8FZJ1GDFohrjbB6nhew4QFQQSVAp4KUG tYI6g9r0Po2mNfaxTxDjscYhRrE+j6rFZg3SIhXEOawvIFYRNYgxqMulhtaks+KtgjiDqmAke75i 8JqabPFgJU2F8S7BaoJKgrgCVgTRBBWLt4qKw0mCU5vWG4sSOcG7KmIVnPOoj9M0LZs+T6ugEqEu HfWmLsGopk32xGYfSBFoHnUeyUaMiLOotThxeE3wavE+3WEWD0ZTWWdRlyCi2f9d8VqNuggVS+JS M+9shHEWr0m6NlycmnLN43ycbsBIjFrFaQXWOqz49Bw4wYrgbISIITaC1o+gSzDoRXz2P/h8zlxc SMcLBAKBQOAbYb0i1mOtJ+cV44VoYym5FSvTMcNhpGvgW5AvRKxZu25nH8YuQTDoDTB89DiGjBxT a4Rh++agfxWVlZV88sknGGO+sr5CRNiwYQMlJSV7dA1GIPB94n1aMxdbx+l/OZeaQpyORwy7/4FA IBAIbBsvOK+IE5x3GA9rhg/h8/bt8VmmZto36bu9jg7s/tStBa0debtgyTK69+wT+gERDHqDjHh2 PENHjU3fTL4Hg15shGCt/coFWGyQEMZUBALfH96nZSaJE8469yLyURLMeSAQCAQC3wDvhcgr6hxe DKKwbMxA/t3xtmDQA9vkiwZdVFm4pIRHej8WDDrBoDfIyGfHM2z02AYj6PUXzPZ2p/wmHeLDiIFA 4PunOGEhto6/nnMR+ShGxQeTHggEAoHA1+BViTw4tTiN8NazZvhAPmt/G94Fgx7Ymvq+pkGDvrSE Hr0ere3mvicTDHoDjMwi6JI1JIPMnPutxzLV/xoIBHY/0s0yIR9bzjr3IqprIlTCxlggEAgEAl+H d0qskPeGgi/gI8+GQUOZe3sHvE0Q71AvwaDv4dQfoVZf2W8RcTgR5i9eSs8+fWszjPfka7Fg0Btg 8PBRDBgyHCeCSp1Bl2yx1I+A7+k7PIHA7oyqoqIUEstxfz6VqlweZ11t5kwgEAgEAoGG8ZIadOMt VmLUeOY9O4Z377obbw3iHT4Y9D2eYllv/eCm1F5nFcdRK3MXLqZz1+57/Ax0CAa9QcorqymrqEwN ehZF12zxOIWFS0oY9ex4ojipNfCBQGD3w3tQURJrWbZiVTZCUINBDwQCgUDgG5AoqAhOHHmFysot FNauwksxeq61ZWPBoO95aJa+LqpMmvwm73/4MfkowWVd/lXTay4P5OOEjaWbQ/CTYNAbpH4XZ+8V yWaOl1dV8crkt2l9yx20u+1uosSgIuFiPhDYrdEGFAgEAoFAYNsoXiSNgGYN40TDJJTAl1EPTw8c wpUtb6Tv00NZWLKSxNl0hHGxLj1M0aklGPQGSS/SPem87dg63nz7Xdre0oGrrm3DFS1bc3OH+ygk JkTbAoFAIBAIBAJ7Ht6hPkJ8gleLNw4vQtjoDtTHA+LhqYFDaHr1DTRt0Ybm193CsJHjqMwV0k0d IARJ6ggGvQFEFSuCFeXDjz/l7k5dueLq1jS9+kaatLiBy1vcyM0d76cmMYhobV1NUFDQ7iX14BSs +LQJpAfR9Oc7+9iCgoKCgoJ2ZRXLQGOfloCq9RgF49PPUidaa76C9lyJglV4YuBQmrZoTZMWbWna oh1XXN2am267mzETJlKZyyNZqvue3iAOgkFvkMgYNm2p5JkRz9Li+pto0vxGml7dhitatqNpy9Y0 admGtu3vp7SihqrqGqpzNeTyhaCgoN1MVTUFKmoKbKnOU11IqKgpUF5dQ1U+2unHFhQUFBQUtCur piaikEuoyBvKCgmVhYRcdQ25qhzV+QK5QpR+DdpjVZ0vUF6Voyof8diTg2jasjWXt2hLkxY30fTq tqlhb9aKTg91Z9GyFeTyhWDQCQa9QUaMnkCHux/imhtu5YqWbWjasg1NW7alacs2NGnZhstbtqVF 6/YMGDqGYSNGM2ToCAYNGR4UFLS7adgoBo94lv5DRnJh46Y8OXg4z4wax6Dwmg4KCgoKCtqmBg4d zpBnRjFk8LM8OWwUg0cNY2CHO3noujYMGjKMwUNHMDh8nu7RGjx0BM8MT6+1/n7H/TRt2ZbLW7Tj by3acXmL1qnHatGaJs1v4O4HutGtRx+ccwB7tEkPBr0Bho1+jqGjX2DZynU8MWAY19xwS23kvEnL NvytRRtuuqMT1bFBtC4lNigoaPeSUyURT8EJZ5x3CZVRgpEsVW8XOL6goKCgoKBdVYnXdOKRS8tC E82zbNgg3rm7E8Zm3bv91uVjQXuWRNN+XkaUfgOG0qRFa5q0aMflLdvRpEVrmrVqw/0PdeOjGZ8x Z8Eyuvd8rHbMWjDoga0YPnYCQ0aPTdv/O0NJyQrufqArza6/hSYtb6TptW1p2/4e8sbUm+MXCAR2 N7ymozwKTjjzgsuojpOs6WN4XQcCgUAgsC3EgxqDU4MYT6SwetSTzL29I94o4iS9jSd06N5DKf7f VeGpAUNo0uw6mrZozZXX3kTrmzvy3nsf4EyMqjB/yTIe6fPYHm/OYTc06Ovu7Mbq6zp+r3rnL02Y dublrG7VkdWtOrCqVUcWN7+VyadcwujfnMzo353KC8eexfJr27Oq1fd7LEFBQd+jstfv8lYdGHLE cZRc0772Z0FBQUFBQUFfrVXXdWT1tR1Y2aoDq67tmF4vn3kxc479C6uv7ciqVh1YVbxdq47h83VP VKs6vXXapTz721MZ/ZtTGHfU6cxp0ppV13Zg1bXptdfcpm2YdNJFrG6VrqUdWS9Vr729sy3rDrHb GfRFR5/B3IOODAoKCgoKCgoKCgoKCgraSpt6PL2zLesOEQx6UFBQUFBQUFBQUFBQ0P8JBYP+AxMM elBQUFBQUFBQUFBQUFBDCgb9B+aLBn3R0WdQcn6L71TLzm/B0uzrsvOv/o7u92qWZWrodyXf2eME BQVtj5adV3yN7vxjCQoKCgoK2h209PwWlJxX/Ho1i8+vu4be2ccWtHtp2fnbv27mHfzbYNB3Jl80 6Bs7P/6dP4ZVSCQdD6GSdnn2mb4Nxb/xXlEvtfI+7RLtVTK5VF6/MJ5AUO/4rjpK1z5O7ePKd3bf 6QNIwwoEdlFUFRHBGIMxBucszjlEwroNBAKBQGCbeCHxglqP8YI3CbFYxAmqDtW6z9LQwT1Qn9Qf FTu8C6pCIum4vmIX92/TyX3hb04JBn1n8kMY9A2by1i9sRTjpPbNZbsMutc6k15PWmvKpd5IpwZu 6wXvv0sTXe+xtjLp3xX6FQoEdk1UFecczjk+++xzkNxXBgAAIABJREFUrE0NeiAQCAQCga9DMV5x zpN4wScFonWrqSpZGQx6YJvUGnRVVAXrLOW5GlauWVtrzINB3434IQz62OdeZNS45xAlM9Dba9Cz iDnpIhSn2WKs21lUTY15OiNSszezzNjWRqC3XqDFqN9XPm7xqzi8pBH4YlReVLMIPt+5QS8eV/1d r+96juGePhcx8N1SXKuRsZx/cWNy+QJhUykQCAQCgW+G84pVJfGKTwosnTCKdx/ojBiDitQLOu3s Iw3sStStiTRoKKosWracPo8/gbU2RNB39gF8W34Igz7y2QkMGzU2XTw7YNDVu1qDruJR6xAbk5gE UcVlafTF+3ZiUDWImMzApyZeZGsVU3CLqm+MRQTj0oXuJcG7BFWHU4idYDV9zOwIv1OD7mwaiRRX PE5B5LsxO8UXakg9Dny3pOszdsJfz7+UXJQQMj8CgUAgEPh6itmeVh1GwTvD6pH9mdX+Lrx1qLja AFExnTkQgHqeyqfZxKKwcEkJj/R+7FubcwgGfaez2xp0J6iLqNiygvmL5xM5xSpYydLdxbBh3UpW rVpKaek6pk19i2lT32ba1KlMmzaNadOmMXXqVN566y1WrFjBu+++y9Tsd1OnTq3VtGnTWLBoCdW5 Gj58bxrvTn2TaVPfYsrUd5gx63OqCjGJSzcF0hfFd5POKyLMmjWL8i0VxLFh9uzPWLBgIc59d4b6 i9H5QGBHKW5QFZxw5gWNqY6TemUngUAgEAgEvgrxoOoQtRjnsR7WPPs0C2/viDcOcS69TTDogS9Q 9CF4B17qGfS+waATDHqDjBozlpFjxqZR6HoL5FsbdBXEO6yCN0IiBd6fNJou3XuSU3CqiCiqFpUc o/s/ytNDhjJ//ud079qZ7l26cftN1/Pznx/GbXfcRY8e3ejSrRsfvP8uXbs+zCOPPEKPrg9x2MGH cfPfO9Cjeze6duvCm29PYfG8eZxy4ul07f4w3Xt04eEuPbjqb1dw2eXNWFdahfMOr3VpJeoBL7WN GoqN7IDsGIsyaJaK77Pz49USRwUuu+h8Pv18ATX5PHfdfiePP/kUzgnWOUQc3ilOBVUQnzasKzaR S9P+bVq3nzWMcJKdH1G8GqrKNzD4mVHkCwmS1fF/RwH6wB6KqmCspWAdZ55zCdVRUq/MJBAIBAKB wFchHqxaxMY4o+Q9rB/Rn4W334E3DpU0MqoeQmwl8GXScl4Rh6iycPESevZ+tDYg920IBn0n84PU oI8dy+jRo3e4WZT34NRSUMXHSrVEvDzkEbr36EONT42vF0XUolrBo/f8nSfHv4hTi4rBJMqHbzzH kb86ibnLV6NqsB5U4tQoq0NypRx60JHMnFeCikG8oBqx4JPpnH3RNVR7g/UFjBFym9dx2il/pnP3 p0k0yha/Yp3DiCCSdrEW57DW4ZzFWoNzkr7JisO5CCcW7x3qBJdYVBJyVVu44PTj+WzpGhKXYHIJ NVlnbOsssU3wUULsHIlxGEkQl+C9wznB2xivCVYUsQ5RQ+IcxipiLSo1bFz5Oddc35HK6oSCsXgx WAnbsYHtR7MNqii2nHveJeTyUbr548OVRCAQCAQC20IVIm9QU0ATxxYPa54ZzKcd78EbwbsskEMW Rd/ZBxzYJSmWsC5YsIDevXtvVzlrMOg7mR/CoDvnars570jNs/cgaolU8MZR0BxP97iVXo89QSHb TfSSNm1ztoxbrmvOsElTiNXhfIJxyusvjuKY4y5k7eYqVFKD7jVG1GCdIdqylp/uczjL11fWGnSv ETPfmUzztveS94L4CCseH+W45+5buKrlrSSST980s8h5xZbNrFy1lo0bNvHe+9OpqsqjErFxwype njiR99//iMrqArFTvEaINSxdupQXX5zIp5/OZOP61Zz0h99Ssm4j1kasWLiANRXVJCaiZPHnbC6v YsXS+bw/Yx5JUkMSR0yfPp2xY59jzrx5GGuRbBPAxDHz5s9k3HNj+NeMf1MoRKxbX8LU18dw1bW3 MHPWXFZv2Ii6CBd8VGAH8F4RFZwIn/x7drpZZe3OPqxAIBAIBHZ5vPM4dThJcE7Y4CG3oYSKhXNT c+4kTW0nGPTAtlFVampqWLZsWe2EnW9DMOg7mR/CoG/P/L2G8OJRdVhNG7vFUsaDt7fggS69WLBs OUuXLmXJ0hJKlpewZM6HXHL+hbz27sc46/CaIOJ4ccRTnHrmVZTXWNQlGA/exzhvEHWUrVnCAfsc TmmVrTXo4gq8OX4A9/XsT14V1QgRZfP6tRx3/B95avB4RHPp5oAq4mLGDH2K0866lHvu6sTosc9T VVnBU0/04dprmvP8c2N58smnafy3ZqzdXI4zW3jo/s7ccGNrnnvhOYYNHs6t7a7n8EOPYNOWLZSX ruf0E/7EyFemUrpxFWeeeDJNmrflkd7deGPah6xfvZDzz7uUXo/25ZWXJnH3vXdw0223ERvHpnWL ubr5dTzwwD28OHE8Tz79FJ27duX9j6bx4N3tOO+SKxk2fBQffzoTlYgQQA/sKLWvdV/XaDEQCAQC gcC28c5jVTDq8M6TKMRqUWfqjdAKEfTAN2NHJkAFg76T+SEM+ndF0aA7EYyzONlC2ysu4vhTzuKy v13OZZddxmWX/Y3GjRtz1SXnctjBv+ad6Z+naUGaoM4w7LGHObdJO3LG1Rl0LRp0Yfm8T2jU6Cgq Y19n0CVizOP3c0nzNjzefzADnuhLn0cf49Y27Xi464NsqY5RX43PajyMrWHYUz248IobyeXyWFE2 rPiMG1pdzep1a4jjHHFc4KHO3Xl3+mxWl8zmD0f9mSXLl2MlQhPl+TEDOfgXx1BZnaN0zQpOO+EP vPrRHDauW8qff388o56bRGwKJDbP6Gce5f6H+1BVU8AWLBXla7mq1bUUIscjD3bgzydfQFVNFaIx 1hnyUYSTiFfGD6BjpwcxzmU19HEw6IEdpphFUmxUEprYBAKBQCDw9aSlnIrzmkXMfTqi2NdNKKqv QOD7Ihj0ncxuZdBVEE1rtWPncKaSC44/kQmTPgCyRmia7hRVbVrKr488ipkLSvDWIZpgNebRBztw 7Z1dqJHUoH+xBn3W+29yzPHnknd+qwh6j/ZX0HvQGBauWM3KksWUrFpJdWUlViqJncf7ylqDHkue Ab3uYtCLb5KYGqwYpr8+jOOPPY42f+/ITTe14e83taFx48a8/e5HvP/OS1zV9GZySYTVAhopC/79 T355zKUUTMKqxfM49bjf8dGS9axYMovzz76QBas3YgsGNWXcen0TGl97Czfd0p7bW99J+5uv5+yL L6J8c55mF5zFw73HEStYsai4LKMg5pknutPp4Z71DHqIoAd2nNSgG/AJeBsMeiAQCAQC34DiLGuv Ct7gNcGLr42Y145YIxj0wPdLMOg7mR/CoG8s3czG0s1pWs4OpLmr2tSgW00bp+U386ffHMeUD2aj 4hAVrCjOGjavms/BjX7LgjUbEJtgxWC0kofuuZ17ew+gkHU5F1W0OCddLO9MfpW/nt+UKIvWq7eI zdG+1eW8POUDYlVEEqyk4y6cpPXo+GINumJdDT3uu4k3PpqBcWm0+uPJI2lz403kjGCcQSTGJHms M7w/7TWubHIDVVEBIxGaJHwwaQzHnnEtiYuZP+tj/vT7o5m3ejNL53/MhRdcydotlagxqN1I+5uu 5a3Zi4hNgkQOa8uoMRFRTQ3NLz6bB3oMIRJPUpypbgV1BR6+/2Ye6d2PxDqMWrxGuODQAztAsQ+D qqOiqjybqKDBpAcCgUAg8DWkZWEe7wRxCU4SoriapGoLIoJ4RetF0wOBhiiWQRjnyNXkQ4o7waA3 yJCRY3hmxGisCJrVo27Pm4v3cZZy7vGuQK56HUcceRSfzp6XRtd9NkPSxiz9fDo/P+j3rCmvwrk8 Pnagm7jz9vYMHPEcsScd+yaajSkDtQmvTJxIi2uvJ1HSBnLekMSVXNGkKe999AlG03nsXr662YIm Fdza9kYWLliU1uO6iE1r5nN18yuZMXMWuXyBLVsqWLKkhKhQYOWSuRxz1O+YMeszKvN5Nm1cy21t rufCZrcikmf6+29x7PFnsGFzBfNnv0/Ta26nrCZBNUZcjrGjR3LDjTdTurmMmqSStWVrmb9oBWoi uj94OyeceCqr12+kMpdn5Zq1lFdUIlLDw53a8MB9D7GlIqLgEpzGiA1v+YEdIW1EEjuhRasbyOUL yDZeK4FAIBAIBFK8CgVVEnVYsUjsWf7aROb06o63STpS19c1igtXbIEidWsh64clwtIVq+g/aEgY s0Yw6A0ycuwEho8Zl0Wrt9+g4xPUS1qP4yLKNq3k2ONOZvGylencb086H1IMH7/3Jn/4w5mUVecR iVAjiCvjjg4defGf04gVnNQZdPWgzvLihAncdc/9WA/OA95Skyuj2VXNmPnZPJzPDLp+deMrSSpp fcN1rFm3Pk25F4faAm+99Sp/u/wimjVrRtOmV9Ppge5UVkZIUs1rr07k3Asu4srmLbm5bVse7nQf t9zbE5EC77z9Ty5p3IyKqhrm/Hsatz3YmS2JSTc8bEyuvIz777iDxpf+jRbXNKfJVU0Y/9xrqHPk qtbxVP8BXHTxpTRvcQ2trr+RBYuWYFyBdStn06JZK5peeQNLVqzASoyzoY17YEdQjDHE1vGXc86n JoqzJnFhXQUCgUAgsC28VyIPRiyJRljnWTX8GWa3b4+a1KBrMOiBBqhv0FXSaToLFi/lkd6PbdeY 62DQdzI/hEEfMWYcQ0eNTQ267ohBd6hXxIMXi4nzzJ2/kEIcA2k6h2Tdo3MVpSyYvwjjHCoG7xSR GlatWUVZVQ1Oswh6dhDq0xr2ss2bWb9hQ200Hi84W2DZshJqChHiFe/tNlP1VSKWr1hGZAwu2zTw oqhLyFWVs2D+fNauXU9shMR5VCLwhnXr1zN33nyS2FBWupmS9aV4jamsLGVpyUqMceSqN7Fy42oS STMJ1CnOJlhXzeqVq1i4YB4VVVVY59Pfi0WcYfXqVcxfsIDK6hxWFacWcdVUbKlk7rzFFJK0gZxI MFKB7cdnozwia/nrORekrxmR2td9IBAIBAKBhlGv6TVjZPA2T+Jh+eiBzOxwO94ZnLchgh5okK0M utY36I+GCDrBoDfIqLHPZQadWmO7XSnuqqgXXDa+yUv6RqYN3ZGXOhOddZPGZzXnPq0VB+rVxir1 o3xb3aV3dbfN7mfbtfTp/fusVkg1a/ohPpUv3sbhvcF7yY5X6tXwgorH+7QOXn2xcYjFi0lHukna 3dN6IfFxek6y26lS97haF8GsazSSbmSkx5HetnjeAoHtRTV9bRaM5ZwLL8kMugsGPRAIBAKBr0WJ swh6rBHOetYOfYYFHe5AxWLVZNeXwaAHtqbBCPqSZfTs0zftX/AtTXow6DuZH6oGfdCwkVgnSJZm sV0GvTgHPTPa3vm0xtt/ecGlnTCLBj011UUzire1RrRoaNNxUF+xcOvdNjX72+5MXdeB02bdrF36 2Fo04ml9iBfBS1o77wGvLjXgxSwBV7chUezsqapolpbvSY21ZNkA9U15epwu/RvPF2pTJDNSxXPj 6p2HUC8c2H5UBOcc+dhw6plnUZ0v4JytLW0JBAKBQCDQMF6ESJXYOxIx+MSzdOQIPurYIY2ga4ig Bxrmi9f5zqUR9Ie79ggRdIJBb5DFy5azaNlyXG2TuDRaXTSdW7N1JLs+PktDF++yCLrPosZfvn0a cS5GiOui3nXmtZ7phlqDXvut1u88rVsbWO/Y1jrf+ram3uaAxXtDcTa0F5/OuKw16FJr0LXWoGua Vl98/lnqvRSj4NTdj9a7XfFx06yDuiyD9DHSGnqfPe+iQU9vEAx6YEfImsQZy8uvTSKxLvtQCKUT gUAgEAhsizTymUVAjSUxnsoVCyj95MN0WpF3IYIe+FpEHCLK5vJKZs+ZF7q4Ewz6V5ClUzck6hla 2OrngUAgEAgEAoHAnkBaFplmiDqFOAtMbasxcSDwfRAM+k7mBzPoDclLWodNfZMeom2BQCAQCAQC gT0LDxgPIoq3iorPmhrv7CML7GkEg76T+SEMuqrWauvvBaeWyCQsK1mBNW670jACgcCuQ0Ov90Ag EAgEAtvGiydWsCp4azEq5Iud3UW3alAcUtwD26L+dRiQjbz95gSDvpP5oQy6c662i6CI4pyQOMfq jZvo0r0PHe/sRFRIEPftGxkEAoFdA1VFRDDGoKpYa7/0IREIBAKBQODLeOdJFIx41AllPkKTPJKL s+k9WQo81PYvCgS+SJ3fShv3Fq/NQhf33YgfwqA//9zzTJjwPOLSBeKsUF2dY8rU97jx5rtp2qwN t97eiTgy9ZrIBQKB3Y3iB0AcxzRp0oRcLhcMeiAQCAQC3wAvQqyKdR5nlSqfZ/XYscx4qCfeCipa Oy7XBYMe+AqK110lJSX079+/1qx/G4JB38lsv0FvuFa8doSYFlNxlFGjxjJixLM4UYwVps+YSZt2 t9GsZRuatriJK1rezM3tOxEl6XxHFffVTeWCgoJ2XaE4ERJrOf+ii6muyWemfRc4tqCgoKCgoF1Y qpbYW8QpajyVvpo1z/Rn5m13o3GCdxZVh/eCesmmFAUFSTalKe3vpWoRZ1m8eDG9e/epDZ6ECPpu xPYZdKX+qDIA70GyNIp0FrJFxGGtZcTIcQwbOZ5PZ8/lgc7dueqaG2l6dWuuaNGOpi3a0LRlG27q cD9VhRgngqhDVIOCgnYzWXEk1lGwjjPOvoDqQrzTjykoKCgoKGh3kBNFnGBFcc5TrQnrBw9h9u33 oUlaKupUa7Wzjzdo15NTwalgVZi3cAk9ej22XZmMwaDvZLbfoG9tzr0HJ0rplnLe+/Ajnpv4MmMn vMD45yfS6aEe3HFvZ5q3asOV19xA0xY30KRFW5pc3bbWoLe48Vb69R/M0/3706//IB4fOCIoKGg3 U78BQ3hq4BD6DRzGJVe0pN+AofR7ehD9Bgzd6ccWFBQUFBS0K+vJ/iMY1m84A58cyZNPj+b+scPp /kAHerRqy5P9h9N3wDAeGzSCxwaNoO8ucLxBu576DhxO38HDeXTgcDr3GUjXno8Hg84eY9DrUM3M uXW8+vpk7n3gId7/1wxqEoNVsArDR09g8LCxvPTPN7nxlvY0aXE9TVq0oWmLtjRt0ZqmLdtyU4f7 ycUJTgTjXO3fBgUF7T5KnBI7JWccp559EZurC8ROsaI7/diCgoKCgoJ2ZdUoVHqoVCUynlyNY87o F3j53q4kiSN2SiRZI7ld4HiDdiGJx4rHKCQKkShzFi6le89Ht6thbzDoO5kdMejeg4onn4+YPGkK Q4aOYMOmzSRWEE07TIqH2XPmM+PTz0mcMG/RYno//hTXtr6VJs2vp2mLNjRp0YabO95PPjGo13q1 FEFBQbuTpF6Ke/8hI8gnFis7/7iCgoKCgoJ2dTlRTKLEajHOoYlQNnsOq979AHUWVVtbe76zjzVo 1xTe4b3FiWVTaRnvvvdhbYO4YNB3I7bXoBfT2sUpLzz/MiOGj8Ektl6nwLpFUNfm3+HEElvLv2fN 4aGuvbmq1U00adGGdu3v+4JBd0FBQbuZ1BmcMyTGkliHdQ5xBnVmpx9bUFBQUFDQriyrgliPeIN1 FmOFUk2INEHVoT6V9zv/WIN2NQlpkziHSIJ1Ju1pIL42eh4M+m7E9hh0D2mEXJSFixYzbvwEClGM FOczqlLX5T1rWiCCk9Sgp43klHw+4l8zZnLnPZ24tf0dRHHyrccABAKBXQdVQcUhzuKcxVmDOBte 14FAIBAIfA2iinEeJ4q1gk8sYhUjivi6RmBhvFqgIbwvejQhcS5dN5kxD3PQdzO2N4LuxFOTL9Cj Z2+Wr1iJ3cY/3oqmC8U5nDigXgRehA0bNjBp0iSMMd96AQUCgV0HEcHa1Jxba7KvdmcfViAQCAQC uzzeK6Jp+agTRWyalWZFUnMeNrsD28BnOzfqBSsOK4pxUmvQvw3BoO9kdiSCPnf+Aia+9ArG2too eUMYp0QmrUVV/2WDXndR77ar02AgENg1KL5+E2OIkyR9X3AuXFQEAoFAIPA1eA/eeqyHggo1kqBJ Do2i7ZplHdizSA264sSSOEvihNjY7Qp+BoO+k9keg64K1inPv/AS69avx4mgWepNQ7w+aQoTX/ln mmbh0/r0okGvXxcRoueBwO6Nz17LsXVc3/omaqIYLdZFBQKBQCAQ+Eq8B288iVeMeKw4Vk56jU+e Hoy69Dq5mOLuQ5574AsUDbr3ghWhZOVqho0YXRsMDSnuuxHba9DXrd9I7z59KURx+kaRqSFGjZnA 8FHjUE9tE7hAIPB/j6IRj5zw1/MvJRcl1PWjCAQCgUAg8FWoBzWCVYezHnWetUMHMav93XirqJPs WrouEzUQ2AovtaUSi5aU8Eivx8IcdPYQgy6ivPTKa4wb/3zdTh7bMujPMXzk+OxNJR0BEEx6IPB/ D6/p67rghDMvaEx1nNRrGhkIBAKBQOCrEA9qHE4tYjyxwppRTzD39g54o4iT9DbBoAcawhfHrEk9 g943GHT2EINunKN33ydYuGhJ2rXd67YN+qhxjBw1HmsF1aJBt+nXb4GHbJSAQTV9k/Je8a6KWIRY LM4lJKqoWkQtai1GPKIFjLVYMdnjp8dQ9waXdp/33iA+QZyi1qNqcd7h1eLFIl6xHrQ41oDsjVIl 3bUCIg/eZQ3vxOKU9HjEYEURsdn3gvcRvpj2Lz5V1oXR13sDTr9Psw9EFZUENI9zgnXpeKv0+Xxh dzX7/2x1Hj21nUBVDOps2oHfK14TvBhUHUaV4uvZe5d26M6yINL/Q12alde0f4AUf+9dvZF5WdMT FVTSc5um2rh0GoBPEE2/d87VHr96EJ+tr+z+NSuLKI6TKD7H9A2poXWYmkNPmvnhPXXnuLh+tK7k QrykM0bFI570flXq/r72Da7OdNb9b1zdh2W9Uo6viiD72ueYqviz2r/xdWtKa5+UbmV408eO8JIe s3WCy8axFNeNfmE9fZ+oCk6Emtjx13Mak4vS16oPG3KBQCAQCGwT50Gd4DVBrVLmlTWj+zGnfXt8 ImkEXbNrJP3q6+7AnojWeqv0WkxZvHgpPXs+ul09voJB38lsj0HP5Qt0faQPFVVVqbnROrPQEM+O Gc+okWNT07uDBl3V4iVKzZxPDUG+fAUz5q4l7yy5yk2UrN/Ehg1rWLV6DWtXrWbNulLipJrNW8pY uWYDXoqLOKln8lJDpd6iPkasoWJzBetLS4l9avi9TXAqGJ8dh9q0YV729z4zsDUKavNYVZwkJAqF 6s2sXrOC8ijdJFBNcM7hfTXeW75o0Itm8kvnwAtOLJVb1jNsyGM8/8JkclGE2LjWoItPm/jVPa8v ox6MOsRFqDOIKlYErzFvT3qRAQOHUZ6P8D4Bn5msLxj09HwVjWtqZIs7u6rpZoZXi6pgFKwYSjet YP36daxZu5q161ayes0mNleUYqxDJJubnRnx9LlIZvQt3tc36Onj1xl0Q50hbvj51m5a1NsEUZ+N BszOvfMO8YJ3Hle7ESF1Jvcr3tx88RhrdzTqNhC+KnpcNOguU/Fn3pOZ8/Q1sq3Nr9R45/HOoWJw 4jCSzzbOqF2fP9Ruu4gjsZYkcZx77mXkakzt5ksgEAgEAoGvpnjto2rwzlPmlZLR/fn4jrvQxOFF v7T5HgikFL1NWmvunLJg/iJ69UoN+rclGPSdzPYY9E2lZTz2ZH+sE1Tkaw360qXLWLhwMSJZm/9a 8/HtompaG7lO0gh6Fknu2+0hHuwzlMgaXhk/nPMat6RPn9707v0Y3Xr1YtCT/SgrLWXB/E95+OEe RNanUVJvtjLoJksJ8c6ybuU8/nzCsfzqqOOY8fkiYqeoNVkUN40Qp5Hpught+vyVOM4zelBfxr30 WjZiTpj6wgh+85ujmPLpIowKohbnBO9r0MxYe23ojbfeY2Rm1EnCquUL+fUvD+Hc85tTkY9qG3EV zb3Wj8I2eC4VUYeLq3hxwrMMGzmKvEmzDtrdeBV77/ML1pRW430F+BpUtp67WTw2nxlo/UI0uljO kBp0xSnkaypp2vg8Dj3iV5x02mmcePJJnHD8aRz7+6O57rp2LF+7ESuamjlvwRu8t/XMdV1Evrih Ut+g1xnihp9v8f9V/xy7esbbi9RGs7342uelmWGuf/++ntIfSJ3qn6ev2CCpfx5rH4Mvmuh6x/tV jwu12R1JXMbggQPo0v0B5i9aUXsfPqtHKt7/94mqYKwlSSwTJ75OFBmss1/K4ggEAoFAILA1Xjyi aQ26N56cUyqWzWXN9I/wToNBD2yDrQ26OGFLWQWzZs4OY9bYQwx6yYqVvDp5SmqQv0EEPR2npvXS K7RBM/N1aBYx92qyxxZcVMk1VzbjX4uW4Zxh4piB3HZfX5wkOCvUqEPiapy1JNEm7rnjPuaXbMKo pMa4aLq8EHuHiEeThB6d7+R/9/pvDjjwUDp160dBfBrxztLTVR1OUzPpJclStUHFYeNKzj/lT1zR qg2xglNl6riBHHjgIUz69wJiEYwzOCuoRjiJ6+6zOOtSNcsQcIgYxFlUFBHFiSHOlzNvzofMX7ya vM2izk5rI8TF8yOabqJovfNfvH8RiyuUc02zJpx93vlUxQmJCCtLFvDJzHnkjOA1QlwBcekoPZ8d h1UQdYhEOHXEotji+ZEsy8BLlpoOVpSa6s2cdeqJnHDSuSxavppV61azZuUaBvTryr4/+Sk3d/xH ukkgCSoRKklaVqCCyTZ3vMSoZCP7VLJ1JVlqvuAla6IixckAmqZ9i8nOcXqerbg0GyI7F14dXmKs SPp/FYc6h/VgVPFq0tR/qeui6oppZuLwYtIMAknS9H3nURFE8mi9rIit1nO96QXF7ppeFZX0hsWZ p2oFXywL8GAVbLFEQdPnKmpwdjM9u3XltDNAffVHAAAgAElEQVRP4Lnn305faz7d0MLbrSYmfF+j WlSLHwzZcxYfRqwFAoFAIPAN8M5jVUg0zeQTBeci1ERfylgNBj2wNZplJqdrRFVxVrLs5VCDvkcY 9LnzFzDz83kYlxqLrzPo3xV1Udo07VecZePyz2l74x2sj2PEGCaOfop2dw0gMTFqDYlziM1Mr1Tz 0L130PPxwRRUEV8vXcgLsRe8WEz1Zo45+recff7Z3H/3HZx86llsiWxq3Fye8rK1zF64mC351ES6 qIL5i0tYtamMqooy5n72CWcefzQXNGnO7PkL2FBWxhtjB3DQQYcw6V+f88msT3jt1YksL1lJJAnO RlgbUVq6galTp/Di889TsrSESMFYS1zIsWThHNauWkkhipi/ZBmlmzawdOksSlZtInKO9evWMn/u fOZ/Po8F8+Yzf958Pps7j3xiUFugbPMGpk17m1dfe52SlauxIpiohmXzZvC3S87hpNPO4KNZcyhZ u4H1a9Ywf8kC8iKo9dgoYvWapbw6eQpvvjyR8tIyckaxatm8qYR58+dQEVvmzpvHy+NGULJ8BVWa ZRmoRbNNijhXyrmnnMypp11JLlaMOMQVWLfyXxx24ME0adaOfOJQyRPntzDtrbd47aWXWbJkKdVW Mc7gkwo2bljNy5Mn8+qk1yndXI6I4GyBBXPnUbpuI2tXreblFycy/V8zyNUUSJzHWYOaPBXlm5jy 9hu89MrLrFq1isSldToqESuXfsa8eQupzBWYMuV1przyCuvLq8mrILYKNTmWLVvOyy+9xHsfTaes MkdsHDYp4KIcn3/2ORNfHs9H//qQKO9w1lJTWMf8eYuII4u4ehF4r+lmjHPYxGDihLKyMkySEOXz RFGUbhZYQY0gUcKWsjIqcjXE4klE0znjNo+zBSqjPOUVq9CC44n+9zBmwtR07KE34COsy7NlyxYq Kqu+97nkW/VO+AHS6gOBQCAQ+L+Ad0qsaZmiiMcDTiEpZvt9QYHA90Uw6DuZb2vQVZVZn81h3qKl WeTx6yPo39WYpTqDnhluF/PWc0N4sHMf1mslmsS8NOYJTvjrzdz895u4p+Ot/O28C+jRbzSxj/Fi GTuwL2efd2VmuCWNuqrivcU6wdsKXntxMI1+8Vumz1nGioXvcfSvf8VjT4/CiENtFaNHDGD/X/yW 9z6dh9oCVWWraHTwEXR6uBezZnzIiaedwc/23YsDfn4IJ51yMsPHjuOfzw9nv3334/S/NuGqpo05 /rhjaNToCD78fC7ORLz03FgO+8XBnHbKSTRv0oRfHnoYzW+4jeqaiM2b1vPnY3/PySccz7F//CM/ O+xXjHx2HH86/ve0bNWeKInp16sbp596Cmecegqnn3QiP/6fvTj08KMorczxyfS3+NOxv6PJ5Zdx 2d+u4GeNjmDwM6PJbSnlmssv4pCDfsq+BxzIcaeezT2d+3DXnbdy6JHHsKVgiaJS+vbuQqNGh3DW eRdzyVl/4deHHcndD/YglxQY8nQPDtx3P07+y4Vc3uRKzjrlBA44sBFPjXkVnzXj86TR4Di3kfNP OYGTT76ANRu3sLmynNKNm3l2cB/22+sA7nmgD06UuZ9P59ijf8ufTzyVZle24LBDDqdHvyHk4wKT XxjBr444jHMuvpSLGl/Kkb/8Le9/8AGVFaX88vDDOe8vZ9P4oou5tkVLDjigERdc2Jjy6gIuiZg+ bQq/PeJQTj35RBo3bszPG/2c5s1bUV6Vw9oa2l53BUce+TvOPf9vNG9xBScefTSH/epYZi5eSpzf wL3tb+LII3/FFU2bcsZfz+Gv517Exs1lVJRt4rrmzTjyyN/QvEUTjvnD77no/OZUlFexcNF7HHbo b1i+fF09g65ZLwHBJYa+PXtz4Tnn0rZtW1q2uJpLLjyf8RMmpB/KseXZocO58Mwzufmmdlx59bU0 a9WWtaVbcCJ4qeTR3l0587zGtG3TmpuvvoUOd1/KuInvpY35pMCihTO59JLzuOHGG7nhxtZccMEF TJ8+/XuJoEOx90Hde0Mw6IFAIBAIfD1eldiDWk8igvMJYrLmxPUUDHrgm7H9/isY9J3M9hj0z+bM ZfHyVWkN+jcw6IlzJC5N366/UL7tm0tdQzJFVBAp8HT3B+nRqx8VPkZNxAvPDubk05tQunkzIjFz Pp3JuWddzPzlK3EiTH5+DH847q+UlFZinMVL2o282PFQ8us5809Hck27Dmw0Hok2cNuNLTjhtIv+ f/bOO8qKKnvb88+31qzfmmBCwYTkHEdRVEQkqGDABDqACKgYRjFiwBEFJIMEJUdJKhgRRFERURAU aBpooCPddM43VdWJz/dH3Q4oKDAohnrWOksaL11V955bdd6z9343RTEXraIsWzidc+o058sdB9Ay SrgojfPPPZ9nX5mO8KLkl4W4/vLW3Hb3QEKREqJS8uGyWdT42+kMGjIa4cX47pv11DvvAp6dPIdI eR7N6tShe6+BhMrL8TzB7EmjOaPm+WzemkRR3kHat2zCObXqMHXm6xSUlVJYlM+V/2pJ3wGP4wqB ciNEy4oIl2UzZfI4TjutFrPnLEVqB9ctJicnAycapqywlGuv7Ua/AUNwhIdXmsXdvW+kY5cbOFQW Iewohj35IBc1bEs4bNi9/RPO+uffeOSZMZTFYpQX5tLtikuo1+xi9mXlsHDGKM78vzMYMe51HCEI F2fQpGE9eg0cWpni7gt0jRvJ47oO7ahxVi1at72MVm1a07JFC848rSZdrr+DzLxCjIgyeNBdtL3k MgqKynGi5ax+722atGzHgbQUHn2gL92vu4niSDmuEny16RuKCgspLj1Im7oNOK9ea7JzMjDSY9bU SZz5zzNYsHId0aJ0enS8nCuu6UFWdibCizDs6SGcV6MWX21JxNMRHu53G//395q898lWtBWsf38V Z555Lm+u/ZTsg9tp2bgOjzzyDBEpicYibNu5i6jrsGDWVM6tVZMt3+8kFg1RVJTBuefVZ+7CN4np MoqLylFSHyZUjdFopUlO3Ua3a28kcc8urIkSi5TRs1tn5r71NlLEKCrI4Kr2nfjgw9VILSgJh3js kft4deYCIlJQmr2L3r36sudgHp5yyDyQQduG57No1QZ/Totyhr/4KK+8MomYiOF6DkuXvMHjTwzF kXGn/Z8w1zteKlL0hVQ4nldZ2hIQEBAQEBDwcxhiFozUSCnwrCTqxFDhMrRWlca5FQ7ugUgP+DHx ckkDQmk8IU8oazIQ6KeY4xHoFTUMOxISSUrJqGyd9XMC/d0P17Dyg4+Qyk/prXjt8d5YLFXu5toq jIky8rknGD9luu+crl2i4RJC4RhK+y3ShPaYOOJZRk6ciTTw+Qdv06DxpezOzIkbzlW1WjPG8O0X q6nx178y9MWXWbrmM9a8v4pRzz7I2TUv4KOvdiJUlDfnT+Ls2s35YkcyWjqEC1O5oFZNho6dizAK x4nQs30zet/7KJ6KISysWzqd888+n7e+2YPSltz0BNrUqc3dw6ZwYO9m6p1Tk5Gzl6GFRBrDgcQv +NsZp7N8xecUF6RxZYumXNXjTkIihjWC8pI8OrduwV0Dn8CR8Y0Gt5zP1q7i/AvPY+ToV3GlQesY h9ITufeBB7i55y3c1PlaLrqwFtfd8gAhqTBOEYP63Ezn63tT7DhYZXnp8fup3bAVTrlm4WsjqXFG Dd78/Cs846eJz5n8HDVqXcSG7aksnDGCWmdfxJ7UXJQxaFXIxS2bc8MdjyHjpQO+QFc4kTyu7XAp zVv8i5XvfMTqD1fRpdMVtG13JRlFpThaYr0yrmrfmgvqtaBLt1706HINXTpeSeOmLdi0dSuffbGG Nq3bcWPPngwfMZwtm7fgCUlpKIN2F9Sh/3OvEhOlWONRkp9M64a16fPoOFI3r6Hm3/7B8CmLEFqA iZGS+BWNL7yQKbPeISSjDOlzK+c1a0+u438Ge77/knP+eTYL3l9DJHaQ0aOG0axpO+4acC9TJo1m 94FUPOXy3yce5Mwza3BV5xu4rls3enS9mrp16/LiqLE4h7V0qzaXtcFKxYhxQ5g07Q1cLTG2GONF SU74nu9S05FeKUlbPuKZ5yYS1RqhBVK67N+1jptv7UNBKML7iyYz/OVxRLRBaoGQLlOf7M/iVV+g lCJSkk3XbpczYtRMJk4dz5RXJzJu7Ctc3+MWsgqKUVbH26Ad55fxaN/R+D0i6gn6DRhEOOrE3UMD kR4QEBAQEPBTWG1wDEgjUdpFScv+NavZOmE8Vgq/NNPqqva7p/qEA34zVDctrjDSPpCeycw5Cyrb rB0PgUA/xZyYQN9FUnJaPIX25wX6oqVvMv+N5XHXdV352hMW6Nr6u4gmxvjhzzBm0hSiBoz2MMrx e40bg9UuWjmMHz+aFya8hrCKz99dTPNWHUnOK45vLsTFg5UYN4+nhjzIBRfW59JLr+Lyy9rT/vJL ubz9pTSpfS69BwyjxI2yau54al3YlPXbklDGkJN1gPNqnc0zY+YgjUFGi+jZoQ039RuMawzCwvol 0zj33It4e/t+tPLISdtB6zp16Pf8dFIPbKNuzZq8NHU2Wrkoo0nYtp6/n34Ob767gYLCNNq3bEyX 2/oR8vxNhbKSPDq3bs5dAx/Dlb6B2ZoP3uLss2ry9LPDKXViuFrhxGK8dP8dNGp1Cd/s3ocIl3JT jw5c2/MhIlKg3RIG9OlJp663UOI4aGUZ/vgDXNSwJW65Ztn8iZx92hmsWLseaSRaOkwY/gTnnHcR mxJSmP/aGGqeU5/9GQUoI1G6iItbtaXHHU/hWTBxt3tjNG64kOs6XMqll19PSURidJjPP/qAiy48 lxdHz6RYKKzn0uWqS7juhp6ElcFTAi00UaFwpESpGOlpB1i4cDFDhjxEvYbNWP7OGgpDh7js/Avp /eBzxEQIo11ys/bTuM6F3PvkODJ2fMUFZ53B8yMn4WmF0Q7bN6+n7vnnMWvxGkLKZUjfXtRpezV5 nkJY2LP9c876+1ksem8dSobwnBJ2bE/gtenTufO2W2hx8VXs2p/GqKFDqH9RA1LyC1A2jPEMMS+G NLFKs7QfCXQLRiiee/FBZsxegdAaa8swUqCVh2MMUkXY/fXHPD9iMlIqjJQYIUje8xU33nAHRUVl rJg1keEvjyZmDFIJlHSZ9OxglrzzKdoYQsV5dOt6Jc8NG8WwF5/nhWHP88ILzzN2/KvkFZf5LeVO Yhq61hqlFFFX0Pna7oQisbgBXmAUFxAQEBAQ8FNYZfAMRK0gZmJYx5I7ax67hjyGlZ4fnAoEesAR qC7QdTxrec++ZMZOeBUpq4yCj5VAoJ9iTsQkbnvCLhKTDsSdtH8+xX3R0jeZt3hppet0xWuPW6DH WwdUuJRrE2PlomkMGzkuHkH3WP/xh+zctYtQOIwbC5GdmUKfAQPZuHM3jhG8tWAyHTrdTGHE893N jYpH0l32bvmAmmefw4w33sd1FMYtx1EuERFjzbLXOa92Q1Z+vpGtny3hwgsuYtjIyaQezGbqtKmc 8Y+/8ewrM/CUQbvFDLy9O/WbtWXrnmQKy0N8svR1ap1fh5Xb92FkjJz0RFrWrceg56cSc4vo1vEy 2l5+NTu2f0tGVgZDHh7MeRc1J2F/JvlFGbRv1YzOt95JVPou7mWl+XGB/iiO57J313fUuehCLm/f haTkQxzISiMtJ5NQeTnP9O5Onaat+GzbDr7+9FMa1z+P624eTEw6GBXhmScHc+559di4ZQu5BaW8 +MTD1G3YAqdMkpm6nRYN63PTbX3ZvXcP3333LW2bNubiS68kvaCYea9NpkbNBqRl5KKMi9SlXNy2 HTfe8WQ1ge67zDvlxVzXoT3tLr+BwohEyDJMzOW/z97HmTUuYtUnmzCeYvjzD1Cr1rkseusjDmRm sfP77cycu5SyUDmzZ03gvXffIyNzP3v2fE+r1u14ZOhIckozufyCCznnwias//xzDqYn8/QTQ6hZ sxYffL4FESnhkUH9adysBR9/tpHU5CRuuakHtWvX5rvdmYSU4LG+d3FRmyvJcyXKQuL2DdT4x5ks fGcdJfnZDB/2FFu2fE1OZjorly/hnHMb8e7aL/l01VIuPKcm/xn6AgdS0sjMTOW/L71Ebn4Bwill X9IBPFegdbXyDgtGSj7bsIL77v8PuXkFxJwCwuFy9u5IZPeBVLQUFOYmc8P1t7Bn726isRiRUDkz Z0/i6eeHI6Qmefdm7u47iH0pqYTKS0hL3stlLRoxf9m7xIRAuDEeeXgQm7/dTjQWwYlFKS0tJb+w xHfGt1X95E8GFd9vVyq6XNeDqOsGLu4BAQEBAQHHQEUNujQSaWJYaTk0bwY7H3sUqyTK+G1LA4Ee 8EOqC3S/JbMhKTmN0eMmVXYLOh4CgX6KORGBvjdpP5u+/S6e4n5sAn3+4mW+sUW11x6/QFfVBDpo 45C5dwsPPfY85VJjtCB5XyKD7r2XXr17c0//u7njlpuYvWQFrlZ4WjD6xad4evhYHGUqDeKM0Rjl 8twj99KqdVuKHeH3Q9cuympc7VF4MJmrOlzCbf0GUFqWymMPD6Je3Sa0aXcl/QcOonnDOrw8bgZK GpQX5psv19GocVMaNW/FrLnzWP3mAho1bcGH2/djlUPmwf1c1qYljw9/FSEiHMpM5o5ed9CkcSOa Nm3CFVe058O1nxNTDvkFmXRr356e/QcQFQalFSUludxyVXvu/c+zOJ7DsKcf4fzzz6dhoxa0aNWO lq1bccnll3MgNZXUhG+48ooONG7aihuvu5kePa7kjrsewJEOxgh27/qGS9q2o0mLptz/yDBGPvsE rdq2xykVeG4Ru77bxDWdutCseTOaNG9K/7v68vU33xJVkoWzplG/UWvSUzNRWqB0mE4dO3FX/6f8 HuPW72mujCFcWsRt13ehS7fbKAr7zuLW1SQlfkWzJi24+Y57iEYF4VAar4z8L42atKF5yza0bNWW l0dOpqSkgMULJtP+0itp/a8WNG3WiN533c3+9GyKwpm0v/Ai7hw0hFtv783FbVtRv0F9Xho1mqjQ KCkpOJRGv9630aR5W1o2b0GHK65g6VtvEXIFUSkYNnAAra7qQr7nobQlcfsWGlxYm+Wr11OSd4gn hzxEsxbNaduqNS0aNeTRoS+SXx5GRwp5/523adn2Ylq0uIQ2Fzfn1l7/Ji39EAf2fk3z5q3IysxB K11tLuOXM8h8Ro0cTdcu3enV+xZu7tmTnj1uYc+BJGRM4IgwKxe/RddrO9Hrzl7c2vNm7hzUj4y8 AoRSCBlizCujuezy9nS/vge33HwDL73wNB2u6crqdR+jPcGO77fQ7fpr6dW7F33u6kPPnj15ecQY Io7rtxq0J9PIzf9+e0rR9fobiLpuXLQHKe4BAQEBAQE/hbUaxxqMqmrhm7JkJlufeBSrA4EecHR+ KNC1gaQDqYwZPzlos8afRKCnZRxk5XurUfrYXNwXLlnBvEVLT4JAl35aelygG+OiozncM+hBMgpD GCUwykFISXJKMjsTd1NYlEu5lGgVwZUOQ594nLVfbkYaE28B5vfKNlKQun8v+/ftw9N+/2uLL6Sk 1mgnTMr+vew8kEzIi+FFSjiQtI8D6Qcpc8LsT/iGtJwCrIr3yFYuZSU57N67h9yCAkqK89i1eztZ YQejPMqdEPv2biXjUD5KCqRwkW6YlJRkEhISKC4tQ2mD0FFi0RApCXtJzDhATBq0UQgZIX3HtyQe zEZpj6z03ezcmUBC4nZ2JW5nV2ISO3ftpTwawpGCcHEuSTsTKCtySEr5jpSUNJSW8RZjEaKhEIl7 tpGUmUNuRgrf7d6Pdg3ahNFOCbFwiL1Je0nYl0S03EV4Blc7FOVmsH13Am4kipYKpR32Je3hQEZ2 vBxB+Q75xiClR1pSIvuSDuBID6UlxjUoESUpKYHExN04SiN1McIrJyczl10J28nISsNRCqlclFdC WXExu/YmkLhvN47joLSiNJROuwvr8uiwMZSEwuxO3E5qViZRZZFSE5MW6YWQsWL2ZWSzZ/ceiktK iWoXTypcIcjdk8jWfXsolx5GGSLhUvbs+IbM0jK0F0FLh6y8PLZu30l2xgHCrsBTEiNCuFJRXFLM 3j0J7Nm7m7CQSKPwIsXsTtyL43io6gJdW4yQGF2KFoq9u/fw7vvL+fbbrcRiHsIrRyqLp1yU45GX k8zaj1bz1WfryY9F8ZTFSIXSMYQb4/sd3/LB++9xMG0fZeVFfJ+wi9ziYqz053ZBYTZrPlrD2tVr 2ZuURCTqIqT/2VQYzpwcqgR6527d/U2AaveIgICAgICAgKNgNdIajNIY669FMxbNZfvjQwKBHvCT /Figm0CgV+NPIdCLiksYO/FVPCmP6eZwKDuHrOyc+E//y0K9ynHaF88aazwef+JJZs6Zi/QEWqm4 c7Qv5rXWSCMx2uHgwXSee+YFwjEPa03cSKHKGd5UbDhUuGRWM4+zRlWm1isDVkus1n4k32qsFpVt 5/z+lf7f+TdSE/9yKFS8Hltb7de9x19bcYyKL1GFAV/FdVhlUPFUceMr3/jN2sTfB4nRBuIR64rr Msa/wRstsEqhtcVYURnVNAa/FZrWWOundluj49doq4z04ukxOl6vbLRBG4nRAmMlRvs95f1z9t8X W7khY+IO/BprdNV7XHkM4/8eo/zrtgJjJFZbrPHraKqyNap+v/9eSKxxKQ/l0fii+jz93HCEUr7b acV12HhPUSXinxPxjRmNNrryPbdCoKz22+/Fz9dogbIGq2Wl6Ya2/mel4zdAa1R888mfj1oblDFV dWKV86hqJvvvocYYEf93frmFrrhWLSvfMz/Dw/Pnp9boim4GFe/3YaUaqvI8TfwhXjWPKuaWqZwf YE7qA74ixd1xXV57fQaOGwj0gICAgICAY0Fb37fIGI1nJcoqCrdsJWX12vizPigZCzg2tDHkFxTy 8bpPKnXG8RAI9FPMiQj0mOMw8pWxFJWU+kLsVzjPn+L777cxd95cHMdFq/gEtKrK/Mr6AmX37t18 8MHqw2qBA36/+J+tQmuHSLSMsWPHs3r1WqSUAEF7r1NAxcaHUgohROXPAQEBAQEBAT+NMaCVjW+m a5RWGKnQsiqAExBwLFQGorQ+obkTCPRTzIkIdKU1k6e9xnc7EvzI4a9wnj95PkpWioKqCWioitYb lJJIKQ9LMw74fVMh0K3xMMY3YVOyapcweJCdGiq+hz98OAQEBAQEBAQcHav9sktlwWiL9QxCKj8r LxDoAceBMeZH7u2Bi/vviBMR6Bb44qtNzJwzF6X1zwr06gv1X5Kfm3jBze2PSDytv6L04VTvFv3J qf5A+F92bgMCAgICAv58GITVRC14BpSnUcbEyyMDkR5wbFQPkvzw746VQKCfYk5EoGsDhaVljBk/ gXA09rMC3XVdYrHYLxZJqxJlfm12FdVq1qu/JiAg4Beh4oEgZVVWSxBBDwgICAgI+HmsNhhPo5TF tRA2GqEdpHSD52jAcVEhyA/PLj52AoF+ijnRCLo0hg/XfMzBzEM/K9BXrlzJihUrTniS/Oz5VJxA 3CCNuDkXVlf++bDXBCI9IOAXQymFlJIRI0bgBn3QAwICAgICjgll/VI961mENnjGJf/LjSSufO8X W0MH/DHRWpObm8sHH3xwQt5MgUA/xZyIQPfNKxQZBzOZM3chMceLu0ZXtX2oPhYtXca8N96IO2Yr v5+5rXCZVv/zqHSwthJrRbwdW8XP8gf/v2L878cNRjD+rMOTAhV3hFdxd3+tNUb7C4iYlFzdtTuh mBO4uAcEBAQEBBwDyhiENXhaI6VCakXaovlsfWKobxQXLyv9Lfg/Bfx2qWyztn8/Y8ZNOKFyw0Cg n2JOTKBrtJYoqRg/YQo7E3YjtEbbI3/wC5e+xbzFyytbb4F/czHB3SUg4HfJxk2bWfDGCvKLSxFK I5RCaYU1CoCY0nS6vichN97SMMhaCQgICAgI+Bl8gzhpFVoKPAsHl81mz2NDsEphlKoU6MG+d0B1 qiRVVcvnpAMpjBk/KXBx508k0I3RCCEoKw8z9bWZFJWVYyoX4oePRUveYsGiNyv7Xlttqd4fOhjB CMbva3z08efc/u+BDLjvP7z/0TpcKatEOuAoTefrbybseNXuBQEBAQEBAQFHJ24IpyXWOAgL2Ytn s/exx3yBHn/GWvxncUBABVXTIRDoR+JPIdChyklSG8OHH61l1twFuEKilKwU8Cae8rpoyXLmL1qC 1ip+01GVr7HBCEYwfndjzbovuKPPYO7ocy+9+w1kxJjx7Nl/AKk1yoCjFNdc24NQ1Ik/FAKBHhAQ EBAQ8FNYqxHWYKTE2ijKKNIXzuO7J57yBbrRgUAPOCLVBboxfunh3gMpjA5S3IE/jUCvwlhfpH+9 ZRsvvPgyefkFKO33bayoS1/3xResXv8JnnKxxsUaD20lyiq0kcEIRjB+Z+ODj9fT865B3N73fnr1 u587+w/mtjsHMGbiaxSFokSF5NlhLxJz3HhJjPqF7mABAQEBAQF/DKxRRK3BKIWxEaw25GzcyJ5l y7FaYa2pFGIV2agBAfADgR73BsrIzmH526uCCDp/NoFuNdZqpNZ4ypCcnsni5W8zZuJU3nz3A77e up2de/bz2dffM2H6fKbOXMjU1+cw9fW5TJkxnykzFjD19WAEIxi/t/HM8NHc0ncQt/a7n9v7PsCt dw3m9rseole/B7nn/keYt3gpkagT74WuCEziAgICAgICfhqrJSXG4FmNMjGsaxBKoqWL0fEMVRtv HxwI9IBq/DCCrpRGaIPUJhDo/NkEOgZrdeWOnjb+RMjKyeP91WuYM38RM2bPZcqMebwwcgIvvTKB EaMn8vLoibw8elIwghGM3+n4z1PD6NV/MLf1uZfb+w7m9r4Pcnvfh7j93/dz96AHGTN2AtnZh9Ba ouMpeQEBAQEBAQFHx2pNLO7kLq3ECmYn/1oAACAASURBVI3UBmX86Lkx1SLowYM14Af4c8KA9btX KWNQcV1+vC1vA4F+ivlfU9yPRmWNutZ4UuFKhdQWaUDZYAQjGL/n8dGnG7jt3/dxe5/76NVvML36 3Ufvfvfz2NAX2ZechpLKT2u3Cl0tJS8gICAgICDgyBhr0DYeHTd+K2LXGjxL8BwN+EkqTHwrBLq1 6n9qxxcI9FPMLynQK1BaI6SMp7vqyr7kFSYGwQhGMH5fY/UnG+h51730uvt+evUZwMOPPsmXG78m FI4itUUpP8XKWhP0aw0ICAgICDgGtAVtwGqDlRZhNULF0MKrJsACAn5MZacdY+IlyP/b+isQ6KeY X0qgQ5VI37xlC99s3uynwhuNNQprZPy/JhjBCMbvbHy07nNu73sv/e/7D69On0VBYZG/Aaf8dHah FK9OmYYrZCDOAwICAgICjgFjwEqDNNrPOrWGoi1fk7HqA6yyGG0CF/eAI3KYQMcPpuTmFfDxuvVB DTqBQD8ii5csY9GSZRhLvLWawhqBNYGzc0DA75FP1n/BS6PGsndfMjHX8yPrOt5e0Rhcqeh63Q1E HOe4HwoBAQEBAQF/RqwF6yliRuBqg7SQNX8uOx9/DisNRml/LW0JIuoBP6L6nDAG9u1PYfyEKYFA JxDoR2TBkuXMXbwcVXFTMYbKCDoEIxjB+J2NsrIywuGQHzWP3/h9ka4wxuBIRZfrbiDiuIFADwgI CAgIOAa0BeMppHFRUhO2hoNLprNryJNYYdBK+6+xBAI94EdUnxNKWZL2pTBuXCDQIRDoR2TRG8tZ sHhZfAHv10ZgBVh5yoVGMIIRjOMfFX02oeqGbyEeQddEhOLq628m5HgoKbHm+NxDj4a14N8/pL/R Z/1z8Utnqs7n8HOtoNr/s0ceOj4q6rYOM13hxw83a038+AZtDcoajD15GxK24h4Zv+6Ka67a6IwP /L/7LVFxTlVlTfoIn8kveNyKn+Pv1S+NtaZqPlSfV8aAFRgrMNb4KaxGcaT5dOrwz7HyfbLSn2/V PqwffleqvhM/HL9n4uuTw34W+IZL1f7ud3+dAb9VjAUjNI7xEJ7BM4achVPZO+RxrGcw2gQCPeCI +K334msEA1IZkvanMXrspHiGYyDQf1f8GgL9jSXLWbBoKVr7xlFYFV8ABCnuAQF/JIxWKKWICMlV 195EWczDaPULCHRRJdDt4RsF1c7muH9/ZepgteP91ALI70ersVaj48Pak3Ot/vF15XlUXKcxhy/O rOV3JdB/6fM8okD/Fd6bIx/CxAW6xFgZny/mNyrQq51T/PlcfWPjRwLd6h+P39Q1nQBW/3hdEt+s CAj4NbD4At01EiEsrjakvTGLbY8Pxbq+yNIV5l+BQA+ohjWmUqBrbVDasndfMmPHT0ZKedxR9ECg n2J+DYH+0Zp1fLRmHVL5Lu4VEbDgoRcQ8MfCGoNSirArGDT4Ecqjjt9u7SQt3I8m0O0PWrn5kWV9 uMD44e860rBVkcDDItRHXASZuEuqv2DyhdfJja79KFIZFxAVIre6QP+trdOqn1P19+XXiKBb+2Nh +UtzWLQZqGx1E5+DfoRdxf/utypmq8+zI4jVI732jxRBr1ib/Og6fr35G/DnxgJWapRVaGmJGkj9 bC07Zs3HCl9gVa9BDwiojtXWj6Bri9aWtIwsFixcglIqiKCf6hM4Xn4Nga60QWpdtag8wuI5ICDg j4MyBk9ptOGk1qBbC0oJrPH8jBxtsVZXtnKseAhVpNobLdBa+eU1FULWKLSWGKNQSlRr++iLKR3/ HVKIypr6w0WeHzXHKqz209o9Gz8XbTmZtzWrDNZ4GO3EH7gKraNIJZHaIJTx32N7uCj9LWDixoEn sjD4346rUcqrTOlTSmP0r5Dirv3jKG1QBpT2M8WMUZWp7tY4GBPznZh/Y4tr/7vkl57pCrdoEzvs PP3WiRXfF3NCaZO/NarP04rvu1JVGxP+Ylegtedvxhkqy05+a59hwB8Dq/zvlVWWmAVXSkzMqxRf wbQLOBo/LEvSxqBO8D4dCPRTzK8h0I+Wchg83AICAo4Hoy1GKwqLclm16h2cmOeLVuWRm53FsiVL WLZsOanpB5Fa4zkRNmz4AqE1jlTxlGuJVh5aeXz91Qbmz50VH7OZO3cBc+bMY86c+cyZN5+c/EKk idcNV69BtRJrBR+/+yFrP15HWEtf4CiLOpkCXUhCZVksWTSbebMXM3vWPObMfZ3Fbyxif2oaMamR ldGU31ZGkjUaraS/OWJMZVT5F9+Ytdr/fLXEaB3fIPaF1S96WBXDaunPO22RWqOUxFivsjbQ6Aiu V0pZqYvRv50HoLVglMHaCNbEKC6KoKVB68MFutb+5pgxXuXmh1a/rXl3vGitq4bSlZsTVfXo/iaZ FBGKSksQOp5eHBdLAQEnk4qsLb/rkX/vVIZf/P4VEPBDAoF+ivlVBHo8DTQQ6AEBfxZ+mZRXoy1K CZYtW8SgQffiOgKlJN9v/pJet9xEv3/fRf8BA7mt1795fd5iXCfC6FdGkbB7L8LE70NaoIWDkR7j Ro2gdfOmtG7ejAtqnsNf//pP6jdsSrOWbWnV9lK27dqNF18cVd6v4mmwWrv0uPJqunfvQannYpQv 0L2TKtA9stK/44Jza1D7gsa0aNGO5i2a0bRZExo1acGchctxVdw06DfWtjISLmfalMls+HJjlalR pZnfL4ffIcQjJeUAEydOYvrrMykpC/3iC9z8rH3Meu1VJk+ZyrKVH+Ap7UfvTdTf4FEGrcNs27aR 7t3vwXNP/gOwIhp8Qv9WK6wtIxwt4OK215B7qBxjxGEbU1p7WOOSlJTAq5On8NprMygqKv5dP9Mz MzOZOnUqU6ZM4Y3Fy4hFPLS21UrxFJgYX29aT6u2bTiUX+Bn42h7Ujeb/gjZCD/FH/36ThYVpp9+ 1yONVX62mAwi5wHHzf+2DgsE+inm1xDo0oCnbWUbJvht1kwGBAT8bxjjR6KkNkgTT69SJ68GXRhQ bjlDX3iKTzdsQ0tByaFk2lx+E5u+3ITnRghJTVm4hF27d6CNw3tvzmfgfcMIa4k20Xgaqx9djTgO 5WXllIQKGdqnN2f85f/xyVdbCJWXkBMOo2Q51rhIJdHCIFUUz0g8YdAyj55XdKDLDQ8S9cIY5WCF IaY8YlL5qefad90V2uBpjZBhHCMQriKkFFYIrHFR2uBa/FR5o7FxNamNoTB1C7Vr1WDExEWESkKU l5VQWHCQ/9x9A81bdGDvoUJKjEEJF608rFRYYVHSIqXG6ghCWZQUKC9MVFu0KkeoKJ4WSK0wMorU AiMjGKWxwkMohacVUrrEtMJ6hSgtkdpilMLKKJ6SRLXCqChKKqSyaANSScqz9nHeGX9n6MtzkcpD KoXQrh9ZjqfeVSzYLf4mSMSAESUIY5BKEhICK8sQ2sEzBqvKUMZBaYuWNp6+p7A6ijbKX8Rqi1Il ZOZls+6zD2nfrDnb9qeilcAoiTUhrDZo6aA9iyfj81X70aoKKjK/TPxcrdFY7WcEKKFRohwpPFzj p7WXl5Sy+ZuNfLhiJp26/xvPlRgLyhO4RmCVQBtJ6oFdDHtxKq7QGBPvGqA8rI6htEAZg1bST5m3 +J+PdhBaIYRGei6OjBGTAk8qtDJYJRFak/DtF0x+dRJCRNHaxI1Zj2VT3KCVgxKCsJvHI48+T36J g2v9+aC1RhiFlaUYLcnJzuOTtWtp3+EGNu7Yi6osN6l2rOqf7U8ct6LOveLfmXj9pKcMVnkIq9DC 4laI5uNAW3/9YV0HYRQxoxHaYj0d7yktyC0t4rNvvmLj6ne4tfMt5BaVY7TESI1UHloqlJbs27uX Jx+4l/zyiJ/ir8Jo68bvJzG0duLlNzE8JTDSYF2NlhbHRvzP2MQwRvifs/b8zRsdRijJjKnTScws xhqNUo6/CXCU963SM8NotHLR2kVqATaK1h7aCKyyWOOiDWjlIpXy3w8p0EqgjSEmDSZmMMohplxM TKOMQQlJWEs8pbGuxdMazxpc45c/WGUxRiOt9OeXNCihELYM5WmM9L8nQgg8JbFKsfrtmew7WIAy Gqk0RmuMVFjte4jo6saDx8iPTD3jpZPWuFjtgfX8jUsTOamlR78kFdcgjMTVHtY1hHQM45RilEJV y+gyJlhHB1RRNRf855U2BlfFn23xLKHjIRDop5hfQ6B/t3MXW77fgYqn/EEg0AMC/ohorZFS4gjJ rLkLKI9E45GTkxM1lcYQKsxg8KMPc6goglKKzZ+upXvvRygvKyNUVkheKIIUDsooPBlj//avaFz/ SvZllfoLaaMwNl5rakErg7QO/72nD6f/5S9s3J6INZKwMRivlJKiAtasXcNby99m/WcfURIpwxMW I/O45Yor6XJjX2KOixIOmzd9wsfrv6SorAQpJYkJu1j19kpWvfMuSQdScJUiplwSNn/Llu3fczAl jXffW8X7739ISuYhHFMh0HW8fgyK0nyBPnbaCozUGK3QXpR5U0ZQ4+wGbEncT8QopBNh544drFqx jPdWvUdOfgmeshjl4YgY27ZtZuWKxXyycTPFBbl8tmET6dk5SKXYvXMrX23egvAiKKWJhYr5ZP3n pOUVopRL2PNI2vUtq1atZO2aNeTnFyKVX+stvDDffruJ5W++yXsfriErJ4/8/FzWvrmAc/72V+4c OJzP1n9Kbm4B23d9z86EBEQ8K+GHAj2qLNotIbewiOQD+8ktKaEsP538ogJfoMtShIpRVFJGenIq hUVFCKVRWsbr8wXS9UhPTyQ9K4visnw6tm7LdykHMVphlETrCOWl5aSlHiDvUAGu8IWIiHsmVFC9 NMvfXJY40TBpaWlkHcohVp5H8qEsokL4jrlCYYwge/8WOvXoi/Ck37ZPGhzjoT2H4pJiSouzyS8t 831Z4v4BRrkYFcP1HLJycklPTSVWXu5vdmiNFBFKS0sIlYbwPI+M7IOkZmXiCIVUBiN8Ab/x41Xc M2AgnheOR+99kX4sAt1oh1BpGbmlGWTnFRMRhli8Xt5ojTYKzykj62AGOdm5lBfn06nrHWzYXk2g G33YcapvchztuD8U6OBvbAllsFohrMZIi3ciAt0YpFIY4ZGdn0NSSgrl5WUUFpVSFophlEJojTCG WH4md3S7g5yisrhANyjtoaWkpLiQ0pISygoycAxxgR5CmZhfxmAcysqKSE1NIT8/i5CrMdEwUkUI FRWQUh5DyjD5hVmkZaRQHi5DKhEX6OVIpbi33wA27UpFS4ExLp46uuNyheeENQqtXJxYhINZmaSm 7CYcCZNfVIBwte/VYQxGxYhGIySnpZN9KAvXieFqi6M0xtFo6ZJXVMDBfSlk5+UTKglxsLQEqQ3W s5SWl1JSXkRUeUhXkpOZQ1Z2NjHpoZVBex6OG+ZAxiEyM9NxHQeh/ffeVR5GKmaMH8q23ek4UsQF g6n0YjC2YhPn+FR0dXEOVIoSbQXSSrACbRVaR35zXS6OhrUaZU18E8fFhiz5O78n9aMPsEKi4tcY CPSAH1JdoButUFqTnV/IZxu+rHRwD1zcf0f8GgJ93uKlLFz6JlLrIIIeEPAHxhiDEB5hx6XLdTcQ ibkYffJSr6XWJG1Zxz0PPEhEWbTRLJ87m1dmLeO//32BNi2bcmG9BtzTrw/lURdlJOX56bRtfDHz VqzGxCOgFSZXPxTop/3lL3yxYw9YhWMM+xO/pUXzVtQ67wKaNmzCWWecxq2330F2bhlS5nPz5VfQ 9ca7cZw8pk6dyJln1GTYi5MQXoi3ly2mZo0aNKhXj3p161Cnbn0+/SYRx41yT/futP5Xay5peykN mzThzNNOp227y8krK4+b1cn4wtVQlLqZ2ueezZjpK9BCopUmVFpGr9tuovXF13CooAity1k+fyZn nVmTJg3rUa/eBZxfrx7rN23GE5LhLz3HP08/jfp1LqJOgxZceXE7zj6nDvOXv4/Umnvv6cfFHbtR Fg7jKUnGgQTOOPNsFrz3KbFwMY8++jhnnH4GDRo2pO4F59K0RVt2H8pHiDKef6Q/Z51Tg/qNm3Je 7bq0bN2WD1a/T91zTufMv/6Vf9RoQ+3aF7Du4/X07tObvn3v9hfvFW038Z8FSitcIXhr6QJq165D y+bNaXfxJXTpcCkjRo5BaIOI5DNx0njqN2xMm6aNadK4CW8sXU6Z8LMiImW5PPnoEzRsWIdGzVrw 4EP30aFVW7anZWOU71Xw5orlNGzYkKZNm9GkUWuGPvMc4ZiDJ9Vhi/iqxb+/2Dl4MIOOHTvSsEFD mrRsxfWXt6PbdTdTUFyGMv5iWSuP7P2buaa6QFcGR3uk7EmkQf16XHh+La64+t9EYlV94a12CZcX 0rff3dRr0JDWLVvStmVLdiclI41m/75E2jRrwu09b2bipKk0b9GCOg3qM+TpUYRdRSxSzoI3lvHM I/fSsVMnZs6cyqyZs3j77VUopX9WoBujcaJFdOp4NbVq16TGOfXJyI7iGD/SqZQiUpbPfQ89QoN6 dWnSpBl33X4rV3S8iQ3f7UarCoEuK7seVF5b/D08ypErRXdV5F1hjfKzJIyf6mtVlTnbcWEl0fIS xo0bS8OGDWjWognt27Tims7dWL5mPUr4522MwSnI5PZqAt0qi9QeBTl51Dz7HM6vVZPmdetyML8Y YxRahTDGQQmPFSveoHXr1rRo0ZK6devwwCND8UIhHJFH56v+Rb02VzJu4hiaNG9K/fr1GDjofoQS KBUhef93vD5zJl0u78iTI6YzZ+ZMZs2aTk5+4VGjvqayI4AgHCrhrjvvpGHDJjRr0ZSrr+lMx2uu ITO3zM8uMR47vv2STh070rRZcxo0qE//AQMpijp4WqM9l1XvvU/LVi1p07gRLVq14fqu3Xlh/Hhc qTFRycABfWjRqB5bExJ48L77adKgIY2bNGfD19/guQ57E77hphuvp0GjdjRudhE33HwTh4ojCE+Q kZPFvJmzGdjrWp55aQKvz57N7PmLSE7NqPxMfYFufjBnjuHjrf5n429YKKPxtCGmDUYpP2NHuOjf mInm0dBWI6yf3WFMDCMs6QsX8v0TT2E84bdYCyLoAUfghxF0T0p27zvAmPETK9usHQ+BQD/F/BoC fdGyN5m3eClKm8PS3oIbS0DAH4uK77cjFV2u7UHU9c2kTlatprGKT1fO4Z77H8I1EmUEr08YRZur b+K9Dz/A9aIUl5UzbcJoBj/yHJ5WuOE8unfuzPjpCzHC+CnDPyHQP9uZhLEGT0p69+jMubUbkbgv GSMkWzat47zzzueVMdORupibrriKbt0HsGDOGM67oDaPPz6S0pBDTsZuap15BpMmTKS0pIyiogIe uH8wPXo9QixSSv8u19CoaRO2b0/EkR4vPvMYNc48l4Skgxgr46mZfg1iUepmatc6i3Nrt6JF4yY0 btiIOrXr0bhFSz5e/xVSS/YmrKNx7dpMe30hpSV55OWn0vayi+k36H7yikqoX7sB9z3wBK7nEnYi vDZ2GP88rQbz3lyDMYqB/e6i1ZXdKApHkVaRvm8rp/3zNOZ8+CWHDiRQ54LzGT15BqWhUjJS9tD+ 8k5MXriK4txk2jeuy+CHHybieoRiLol7k4h6LtlJ31PrH39lyAtzKA+V4nke+SX5FBYXVZY/VG9d ZYzgnbeW0vHqa8g+lIvWmlBZHjd1v5YRI8cgteLdpfO4p/8A8kqKsSpKfm4OV3e4iiWrP0aKMKOH PkyfPgOJOiXEhObD91ZR96yafHvgIEYpkvZ8zR239yE5ZT9SCSKhEH3v7s/CN5b6G8jV5mlV1xFF qLyUnj178vY77+J5gohSfLJ8CR2vuY6ikpAffVcGayTZB7YcLtClwTUCLQXlkRD79uzghlsGE/Pi feHjEc7BA/vzytgJhGMxtPJI2P4djZq1oigURmmPUP4hbry+M+Mmz8SJeSTs2krTpp3YsnM/MSfM sjdX8fyjD9CpU2dmzpzO3DnzePfd949JoGM1Rju4TpSSSCldrrmJjOworqUy823000MY/PhwPM/B E4LPP15D3Qbt2LCtukD3yExPY9XKVX6UtCIqetR2bdXmgDYYpTHSYeeObcyeNZeoMn57VungxaK8 vepdHnvsMYYNG8bmzZvjzutHr202OsKXa96hQ5euFOYV4KkY4cI8HhzyGMvWbUDKeOcFbXAKs7j9 2l6HRdCNkViliUXD5BxM5bZrO5OeVxQX6GG0cTiwbzudr7mahMRdSKUoLy/lqaef4u2PvkGqEGXh fFq1vIhRE2cSiTmEw8UMeeJRMrPy0cYlI30Xs+fNoesVnRg6Yibz585l/txZ5BeV/IRA19j4fSIx YTu9evWmsKgER7oUFRUwacpkskujSKNRbjE3XNuJd9591y8zcWOMHPUKT/z3FaKeR/r+7Vx1zbVs +T4Bo6JE3CivT5/J8ImT8aTBCo01ZUx9+Rl69hnI2rVrUJ6L6wpcISkszKTz1Vcw8/UFOJ5AyGIW L32Nex96GSfmkl2Yx7yZcxjYuzvPj5jEjDlzmDV/EakHs5DxTRhjFJ4XZfjwERxISfM37yrKHY5h oWiNxmhJeWkRc+YvoNwVONpgpEZJj6Qduxgx8mWGDBnCrFmzKC0t/flfeoqw1QS6sjEiBg4tnMXu IUOwSqGMCgR6wBE5XKD7WSp7D6TwytgJlSnuQQT9d8SvItCXvsn8xcviNVOBQA8I+OPif79dpel6 /Q1EHZeTaRanrOKtBeMZ+NDjuMZB6RiLZ4zhX1d094WM8XukH0xOoNaFTSmOSEQkj549OvHypBlo R8cFuj6iQD/jL39h/c59fhTDDdG+VVP+dc1NlAqNlYq8Q0k0b9qUB/7zHI4tp2fHq2nQqAXnn3Um /e99hDLXQWnF1o0fcvr//ZV/XXwpnbveSOfOXejatRv3PPgs4ZIsBl3XlW633ElRuYPRUd54fSxn n34e2xLS0VaAjcXbpymKUr+hdq2zuHvws6z54H1eGfkyLRo34pUp0yiJ+Omjb88Zw2n/93faXd6N bl2vpXu3znTp1oWhw54nOWUfZ/69FtPmrfTdxU2M3d++T63zL2TuWx9jdZT7+vaiZYfrKIzE0EZy aP83nP7PfzBt9SY2rXmbs/5xGq079KRL1670uP56unbtztRZC/HcEFPGDueyyy6lb59+TJk8lc1b viMiFCWZ+zn3H3/lqRGL/Jp/o5DGr31V1aLTEE8j1y739r2doSOnIFTcw0CV883Xm/hy4yaibpSH 776T2bPm4RiFUQ5GCuZMeoUnR01GRAro0KwZS977HG3DSG0oLc7lknqN+DblIEp4zJvzAh2uuJ6J U8cxYfJUJk+cxr/79OWZZ4cdMYIOYI1g/95dtGzZMj7HQGhDef5B3njrHSIxF6F0ZQQ55wgC3TMS q/301KyDydx464NEPV3ZVSBckkvzxg35z2NDGT9pElMmjWfiuDHUa9yC7/fuw9OCUH4ud915I3lh FyU0hbl7+FfrG1j/zS6k8RBa89XaVdx9z0A8GfYXY9r4PgTHkOJutcRqD2kN3breSnpOGNeCNpqY 4/DAbT1Z8HlCvDWhprzoEB2v6clX25PQ0k9X1jLCU0P+w+233UFmTp7/OVuNNeLox7UVfeLxPQJ0 jGHPP8k9/QeSFXbjIivEq6NG8tLLY0hJSWHnzp1MmjSJrKysn27jZ8NMGP40cz5ahxYGT7mYWIwt CbvYk3IQLXW8LZ7BLTxEr269DougW+t7AVgjKS/K5o7ru5CRV+gLdB1GiSjr1y7jxh7dGTthAhMm TWLShMn858GB3Nr/JTwvQnFpEZ1bnUNCRp5/LFXGiFHPkJyWhdQCbcpRRnFv3wFsSkzFKIXR8RT3 ozgbVnZtsJK83Cx69ryJAQMHMWb8GObOnMHWb7+iTGk8LRFF+7jskla8MnYSkyZPYeqk8Tz88MM0 btmO/KJCNqxbxpAXRuFqidKlCO2SlpbOlh07kSK+0DelvPrco9x571O4Svh19NIvQdi3ZzNt27Tj xZcnMXHKGF6dOIH//ncozdp0Ji8n36+jVorXxz3Ntt3pKOO3xfTLN6xfiqGi7E3cSr9+A5m3YAmu 9Ovl/XH0sobKlr1aoYXLgjkzuabTNWzYvBWpXH/jpbyEgYMe4utNX5Oens7KlSuZP3/+UX/nqcZq HS918ktmyixkLJnFrkCgB/wMPxLoBpIOpDBm/KTjTm+HQKCfcgKBHhAQcPL4ZQW6tIqP3p5B/8GP 49goSkXYsGYJHbrcRmF5xG+BpGNkJX9PjVoNKIoq3NAhenRrx5hpc9FhhdTyqAK9xl/+wmc7fIEu RRkdL21NnX9dTb4jMUJwKC2Bpg0a8OgTw4naMD06dODS9tdyReuWNGzWns07klE6xO7vPuWMv/+N RcveIqotUhs86eBohYxm0f+6rnS8pR/FYYnxilkxcwznnHYe3+3KRFvPN3syYKykKPVrap97FiMm LsBIDyVizJ4ykTNq1eb9jz7HKM1HK6Zw+j/OYOXHG/E8hREKrTRCOmRlJHD26TUYNW0ujjZI7bLt 83c4++wLmPvmx1hdzuB+t9P8iq4UhmMY47Ln6/c5/R9/Y+qab9m+4UPOOfNMpr2/EWOUHy2WCitd hJK4SiKiYbZv3caQBx/hwgvrs3NvCoUHD3DuP/7KE8MXHJNAN8Zl4F238NzkRXja4hpQugxhNJ4U RJ0SBt91O3NnL8IxCq09pOeybMooho4cjwjlckXT1sx8ZxPKliG1ojDvIJc2aMjWtIMoKZg143G6 de3FlNcmMGXaNKZNnc6U6dP4ctPXR4+ga4+9idtp06YthaEwnjFo5RvtxbwYXtwkzh63QDeVAj1U kkPrZk155oWXmDp9GtOnTua1aa8yZcZssopLcZQgnJfP/Q/1o1RalKMoyd1Bu9Y38Ok3iXhx871N a9+h/z0DcUS40iDu2EzifGFghptasgAAIABJREFUtRsX6LeQnlPmR9CNwnUdHu55I699sgulBFJL ygoyuPKqG9m4bS9a+psBhzKSePyhwSxbtpzho8b6Bm3WT7M+4jGhSqBrg1WCcHEOkye9wsYvNzF6 9jJETBN1Cnmgz79JTjuEMQYpZWX0XCl1WN/yww8QYsywIby27nPfrE24mKiD0BajDEZJhNW4VuMW HKJ316MJdEGo6BB3XN+ZjLwCjI0LdBlj/ZpF9O/XlynTpjFl2lSmT53G9KkTWfnRV3giQqS4nKtb 1iWrpASpJVoXMeKVJ9mXnIHUCqUjKKO4r58v0K3WcdO3o7dxqyi/sEYjRRTHCZGSlswbyxYx6sVh XNGuDV/u2IejHbzc77i269VMfG0Wr057jamTxjF96qvMX7KCSDTEZ2vm89jwcThKInQpQsdQwvXN 4jzfwE2ZEl5/8Snmr/kK1ypf/EqDlR77Er/iyqt6MGrSJCZPm8b0KVOY/uprzFwwl0g4gqc9jJDM GDeUrbvT8ZTEaIlS1XwLZDkrFkwncc8+XhkzmYKSsmMU6Do+JOGyYgbc3YeN69dz5z2DKSkrQRpD 9r69vDpvEcIRlXPmRDsd/BpYpSk3Bs9qrFJIbclcNJfEIY8FAj3gJwkE+k8TCPQj8MWGjXyy/rPD XHshuLEEBPzRqHgICCl59vlhxFz3pLbX0VqzZdMaBtz30P9v786jq6rvvY///6zVde961up6bm8d OkpvWztdra0KiEARQcEqijLjANYK1VptHaodRRS9dcIRRVBwCorWEQc0ZABCck4gARJIQshMhpMz 7L1/0/v5Y+9zcgIBwXpJxO9rre/SBeEM+wzZn/0bvqSCAM+maWmIM/zMs3m5oIBEbzf79jVz/z+W MGfeb8gEPh37dnL6Kafw6LJX0UEX2pjcFHdjw/7PRme4adY0/u3//F/Wl1WirMWoFLfecA3/+R/H sfTJZygq+Yi77v4TJ574bZavLCClOzn3jOFMHD+VDes/5NQfncJpp42guKKMnq5mTv3vHzN67DjW vvE6JaUlLF/xDC++8R4q1ca0c89hzHmX0ZbwsaaHZx+5m//371+hrHw3xnk4l8Jqh7EBrbUlnPif X+aOux8gMAar0jTUxvj+d7/H5VdeR08qoK1xG+NGnsHIs8fy7jvvUlRYzCOPPsmata/Rnehg+Ck/ ZuwvxvPeh+tZ9/46rpx5KV/60pd59Ll/Yk0Xt/32Kk78+kkUvP4W773/DrOn/pIvfenfeGzN27Q1 1fGD75zEz34+inXr3uPj4lIeX/YMtTXb6Wjfy92LF/H62lfZVLqRlStX8R9fOYFX3nyfVHcTPznp OEaNvYAPN2xkb2s7xaUfU7SxiEy0+Zk1Opye6sBan+VPPsTYib+kbm8TSc+nu6uN1/75JhtKSjA6 w8rHHmLelfPY296OF/g0Nu5h0rnjeObFV9AqzS2/+TWTp15OXdMe2lv3sHr5Uo778pdZv6USZXxK S15n1sy5NDXtxvc8/HSG7btqaWrtwBhN+ZYSSoo3h2tv86a4d3Z2MH78eF557XWSXoqM71FdvY0X Xiyg1/PQNsDPJOnubKWyrJAx486ntb2Dju5u0r5CGY2XStDV2U5lbAvnTrqM5rZ97EuEa/5VJsFF kyby9PLlJFNJgsAj0dNN6eYyMkoRqIDGmq1cNnsGe3tT6MCjYWcZPzr5LF5/rxjfaLQOKPnwbaZc eCHJVIJMJkNJ6Sb2trSGO4LDIZaaWLSXoWdfG52dnYw++xyqtu+mvauHVBAQqIA//eZa5s6/gebm vTS3trLmuWf45kk/4p0Nm8PdwIMUrz3/FB8UFpHo6uG66xeQ8BXKWpzujS6K9f8usNaibTid3Bkf o3t46umHeeOfb5Lo7uT8C2fR1t5OoNOseOJx/nTHnyhY8yobSzfS2dWNMhat09Ttquajj0vwVf5G fxZsktcLVjLh4qm0t7STSWfoaevgjXffp3pXA8po0n4vnV1ttOzayfljJlG9ew/7unrwPIU2isDP 0NPdTv2uas4bN5qt1dXs6+4i7aXQOqCyooi5c+dSV7+bQAX4Xob6hgYaW9oxJkl7Ux0//eHJ1NQ3 EqgMyUQzt9x2I1viVXgq3DtBaZ/5l1/Oa2++hed5tLS18N76j1G6b00/RBvDOR39N7y4U7W1nDvu uI36pkZ8r5dUbzd/+MNNrHr1TZQJ0KlmLrnwAjYUlYTT0jMZGvY0sn1XA1p77KgqYey4CZSXl+P7 vSSTvXy8oYSSsvJwZogN6O3ew503LeDRl16nsbub9kRPtIeEormphvHjJvLaG2tJZzJ4vkdLcztb d1RFF70UVmd46N4/s+a1N8j4Pl3traz7uIikl8GpBPW1m1jwm+vo7O7mgf+5j+deeBnfaAJrMGbg 2Rc26hZhtMIEKUqLClm69BF8L8GCa69hQ0kZnraku5u5/ne3sOzxZaxbt46a2l1h9wPLpwot/9uc 1XjOoLRFK0vSGFrfWcfOJ1dgtMZEn6HPY0tDcfQ4a9HG0NDYyIsvF8gUdySgD0hrjVJqyF+5FEL8 a7J9mIMgyG1Kkh21+Cw4bWlr2c38+dfS0Z0hbTM43UVZaSnjx45m6iUXcd75E5k4aTKdPb3oIGDH jk1884RT2FRej3FdUVskHZ74Ghf+0goy3Parq/jqCd+mZEssbCVmNYmOJm773QK+/rVv89UTvsJ3 vj+Mx55YSSqj8E0XF0+YyPRL5pDyFGVF7/Hj73+PcZNn0NLSTH39bkaOHM6JJ57A8ccfx8k//CEP r3gJlexi9oW/ZMrFc9iX8rEmxeplDzHsa98hHqvFOg/n0tEmVQFNu7fww+9+i0X3P0hSG6xOY4Je /v7n2/nWsJN5a30xWvvUbNvI6aedxtdOPJETTvga3//BT1j2zCo8bXjv9Zc49Uc/5LjjjuPkk3/A bbfcxFe/cgIPP/s6xiaoKv+Yn59yKscd/zVOGnYSSxbfzYlf/zbPr32DjFK88cpLjD3jZxx//Ikc f+I3OOVnwynduImmhp3MnX4R3/rmNzjuuOP5+je+za+v+x1d6QAv6GX10w/yzW9+kxO+8R1WvFDA vHlXcMVV80lb0NGmTtmAbmyAUr0sWvw3zhgxghkzZzN50mRGjBzFh4VFGOXhp7q56YbrGfOL8cye M5cxY8dx+1/upCfjYa2hq62RaZdcwimnncmoEadzyQWTGH7GcCZfNItEKoWX6eHuRX9j9FmjmDNz DjOnzeKH//0TVr/wKkYH3HzTQiZPvpSUr7B5m0pprYnH45x++ulMnTaVWXNnc+aIUfz5L4tIeR7K eixf9igTx49l7OhRDBs2jLHnjGfcuRP5uGQTgVI8sfRBJp4zlrNHjWLYf53MmHHnMumiqcSrtqMD j6b6GiadP5FLLrmEuXPnMnnyZE477TR6enpoaWpiyriz+e4PfszcXy2gu6uF3y24mq9/42RmXn4N nb29WO3R29nGpPPOZeas2Uy77FL+67++x8Yt5QfMWDjwc2vY8ME6LjxvIhPGjWPYScMYM3oc4845 jxdf/SfGGtqb9zBl8nn8909+whlnjuAXZ53FmWeNZuZVv6atp5fEvhYWXnU5ZVXbadlTz8P3L+Gj zZXRWuAk27dXUVa2mfLycsrKyijbvIVNZZvYXFFOsieFDXx6euo4d+J5VFTEaNm7hz/e/gcWLX44 2lAtzb72Nt5++23+cOPvmTZ9Do1t+1A6wzNPLWXc+Mkkkul+m8k5myGT7uC6Bdcw4ZzxzJ09h/PO ncD4iZOJ1dShnOGF1Ss4b9wYJo79Bd8bdjKjxp7PuPGTee75l9Ha8P777zJh/C8YN/psvjvsJM4+ +2zOGT+BFc89jzYa38/whz/8ntGjRzNnzlymXTadn/18JC8VrMXoXm68fj7f+PrXuPjSOSQS3fzx 5pv4ySmncsGUy9jd2BReMDQBjz/yEGee/nNmzZrN6DHjWPDbG8l46dzO+JDdUC2cARRO7w4o37KR CRPGc8GFFzJ31gymXnIJZwwfRVNHZ3hBRHsUvPA8Z5z2My6fezmzZl3O8JFjuOmWP6GUj1ZpHn7g fxg96izmzJrFpVMu5pRTz+Cjoo0oo1FBinkzL+XMH/2AU0eOYeyESVw253Jau7pwLgzp7775GiOH n8H06dOYO/cKRp09hnnXLMTXOtx/wKV55+1X+OlPT2HWrNlcNHkCM+ctoLWrG+N3csftt/L3+x5m b9NeyjeVMmvGdPYlMyhrSXW3he+X/WvLFuoaGtGqB5VJ8Pe/3sKGkmLq99RRWvwui+9ZStqosLND 0Ebtjj08snQpM2bN4emVq3JtFT+rDiOfHUvgoj7oxuJbS9KkUNb/VDtxiy+m7LmYjdodfpqBEgno g+xoBPTsG+WQa8WEEJ972TZr2VCulPpUu4cejDMWHfRw0w03sL6wDN8pjEridLiRV2W8gtraGpKp NJlAY33NywVPMG36fNKewVgfo73cCa61EFhLoD321u2gvCJOT28yaqulCbwMfibF7vp6KuJl7Glq wA90uEbaJKnZXk1tbT1eFJwb62rZEttGc3MzWiuSySS1tbXE43HaOjro8TVWedTX1FBVXUM6MFjj 0dXRxNaKraRTPtYpnPNxxqG0wU91sW3rFva0teMbjdFpnLb0dLZSHtvMrr1NaK1xvk8mlaK6upqq qmoSvSm0tQTGYZRPZ0cHFRUxmpsaiW8p4fivnMDDq/6JcuF67s59+yiPxWltbSGVTFJRuZXmjk68 QGGUh9fbyfbqbWyrrqarN4XWBqMU2vdoamqiIhajdvdu0n6AshD4AcZL09yyh/LKLXR0d1JXV8fu hj0kAx22cLJh3+NwBF2jtYdSPpWVlWzYUERFeQXJdCZspaZ8rPJIJRPEt26jsKiYysqt4f1FO8Jb laG3u4PS0lJKNm6iJ5lkZ00t27ZWo3wvakmVomrrNkqKSigtLqWxeW+4LEAHvPt2ATfecAtBNFKV /74OgoDW1laKSzewoXgDu+rqw5E4Z1EmoKVpD5XxcuKxCmKxGBXxOLHKSjq6utHG0NrcSLy8jHg8 xpZYJeUVMcrj2+hJhZvCWZWmvb2NjZs2UVhYSGVlJalUCq01nuexrayE8ngllTtr8P0ku2u2U16x laqdu8gECqt8jPLY19FGUVERRUVF9CQSBPutrR/wc2Utia59VMYqiJVXEKuIEauIE49V0rovnHVi tE9PVwelJSVs2lxGZ3cPO3dsp3bndrTyeOC++7nyiqt5cOmTLHtkCffdvYSJF06lNwh//9fV7SIe D49NZbySyngl8coY8a1b6U30YJXhvXVruf76m1m69DGefPRh7rv3Aa64cj6+7+FnUig/jdU+yk+z 8tlVvLO+CF8rmvY2cOfi+8j44RKK3NN1CqPT+F6KyliMog1FxMor6OruQUXrfDvamqisqKAyFqe8 Is6WeIwtsQqaW1sx1tLV1Uk8VkE8Fr62FRUVVMRiNLe1o41G6QDPy1BTU8OGDUVs2rSJXbvD94YK ktTtriJWUUZ863YymTR1u3ZSHotRua2aZMYLl3won8BPE4/HKCwspKp6O6mMj7Wq3wZ7YUDXuWUB OENvopuGhnrqGuop3vARpSUlNDY3h7OAjAl3A1eKvXsaKfy4kOLiUmp21YfrvI3CWoVWPrtqayja UMjG0lJaW1vxfB+lAqxR7KiqpLK8jHiskliskqrq7QRB1GnCWnTg0dHeQklJCUXFxWzfURO+J234 GHE+QdBLVdVWCgs/pjJeSsLrwlcBrXt3M+PSK7jn/odYuvRhHn1kKQuvvpL4jl34WuGluqmsrDyg 4vE4DXvqMdqnuPADpk65mIeWPsZjjz/OE4/cz9TpV4WzFoIUWiVQKuxIULNrN+ddcFHu2LshFtDD zg/RsiircZ4h41s8I+FcHJnsuVc2nEsf9M+ZoxXQP2m3VSHE51/2BCI7Yya7PvSz+txba7Cmh2WP P8J1v/0zqSCFUgoXTZV20f07wl3CAy9g8eJb+XB9Sdir2Sqs8XJ9ZJ0D5SzKGazxw+Ce9zzCqYTZ kZZw5ErrMNgbG07fN1Ev63CTLY3RLlr72/cLMZxOH629tibcCCrbA9uqcCQ5WnMabv6kc33QrQn/ 3jjQzuBcEI4SGg/nwjXD4RrovL7C0fE2Ub/x7DTZcMdwn4qNhRz/n8fx8LMFYbg10bRZ8v+tza11 Daeiq+hxRTssZ9c2m76Txr6WSeHfWx2uP7bOw9ggOpag++3iHt2vC/+//7En1yPdRiPuNtvrOLpP Gx2nbF9oZwOcVejofnS0O7jLjTrm9QU3DmuD8O+NYv2Hb7A1VhVe8Mhb+9pvaZazuWPlcs/Z9Hv/ ZV/v7PGwNrteVgPR0gprotc0eg8c5P2XO7ZG9bUdcxpnVG6ZRjZoZI9P30lZ2Np0S9lmCl5+mYKC AtasWdOvCgoKKCwsxGiFNdFziOaJ27zXKv/2jbWo6HFbnaKzdS+zZ17OzpoGtHFgE1gdcOPNt1K8 eQs6F9RM3nEkOl4BVivS6QR/uuNWmprq0Sq8YGK0ZuXK5ax7933WvFTAcytXsOblF3jhueXcfvvt VNftQRlDe3sbxZs2h8smcrMFiN5PKlrSonOvvYk+1zbaYMxF73VtDcapcFp23lTi8JjofqOt1oXP yeYd8+zPZz8bOBVukBdNWQ5/LjoXytuhPLuWOv9z5IDy8k2sKXiRgpdfCl+rNWt4eU34OhYUFPDB Bx/kvl/DMK7yvv/Ie479vxuMcdH70vZ9JqLHFj6nqIzJ+zsT7VPQd1t9rfH6P/7sJnDhyL+NvjdU +HqYsD+7tT7GKF596QVeX/tPPB19rnWaeLyCm275I+2JJCoYeP8Cay1KByjfZ8ndi3nv3fdRWqNN gAnSrFi9gr8tupf21j08+dhTFKx9iTVrCnjwoaXce/9D4XvFfnYdRj4rxoFVDqUtngtwGYXOZH/v SEgXhyf7nZDNXRLQJaAPSAK6EF8M2elU2WUt+ctbPpvb1xjdQXtLHctXvko66CYwLhd8+m+EZcl4 Pu+8uYZ0kEaZIBo5V9EuyGFpRxQ2Bj5ZcxCeYNr827fRyK/tv9lZFFgP8Qz6hYeB/r7fz+btcB3e v0G7MBw5G2CtyoW8fsHzIAUWo332te1l9epVVOyoRwXRhlkuezEhb4pw9t/mjsPhv47ZcBoGswCc PmTbJJd/f9Frkf9YDv+O8/rI277bO+hGhc6LgodG6160H045PpLn+qlEx8NEswecVYfs1ZwLfX1/ Eo2uDvxvsmvOjfb5yx23c9bIEQwfPoIzzzwzV8OHD2fEiBEsXLiQQKmB73e/wJsNYyZ70cF47Gvb S3FRCYHKbkwXbgTW0d7CtqoqPG2j45l/oSP72ng4o0gkOnhv3XsEqhutAqwxGJOgo72Nwo8+Ip3q oaS4hOVPL+O1V16ktb0Fzzi0sSjfx1Nhj+h+I+hkg7KJplr3f4/nr+8O35s27+f6PnsHd/Dnlfv7 f2GDzMWL/saI4WcyYviZ0WsXvn7DRwxn5MiRXHHlPLxoJPvQ3zsDO/D9FF5EcdFzyv/820N8x3zS 7fe7GJG9QGI0VvsUF35EZ2cbvh+EF4N0L77KsObVtbQlUvhq4A0ArQ1n8Kigh82bNuL53eFsAG0w vk9vJsm6999Hez6NDXtY9dJqnn7qKUo2bsLTNm9fhqE1gu4IvxP86IKRCzw8kyJtAwnn4rBlc1f+ CPqRvn8koA+yoxHQS0pK2LBhgwR0IY5x2VHzIAi455578D7jTeK0NWjdjfZTpLRC2V78aIQM+gdR nCKwmrSXJhUkUCaDtT7OBhhnciOo2d2CnXEDhMEotLtgv9uORrijE/rsCLdx5MLhAWVtFMLCn8v+ u+zJa7ZtUu5+nMI5lRuNdtEv28CBlw11JhxBVdlR1QPuz+bWsGZHuqxRWBOgTYDSGqscTpuw/zpg o9G1cI1+NOKYvQiwX9jPjibny96vyV5IyB7b6HiZaN35/nIhIDciZ/cLh/uHdZv7b353kDBkRaN9 2kSj5IfYzdxlcgHd2RTat+jAjy76HEr/8DXQ7efeLwc8/mi0n/0D+sHvLXcRJrupnrPg/GjWQN/z z7+vMED7BF4S38uQ8bzcspMgCPB9H9/38TzvgGOde5zZ28rebjSSHu5yTjSrJMCaaIdsG7Ytw6Zx KkXgZaL2hwcL6AYXzUZRSmOUxphw9NwZH6szGJVBBz5+oFDGoLWHNgGBJdxBXisCo8INtNwAAR3A 9U0Xz816yb43o4tfzhkG+uzuf2yzx6ZvVsB+z8se5DXPe2z5F40cA9++CnpRKonnpcPXTGn8aNNA XykyQfiecQ6ctgf5fAx0+9FnJO8CRd/zCb/L8o8P9IXs/Mef20V9gMef3ePDWnLfednPiLEWpxVO +xitwu+iIOxyYI2PMSkCo/D1wS/uZqfWa5XBaA+tfbRR6MBitSYwPoH2sIHFmPB3gdFhF4rADOGA Hn13auPQxhHYFF2F69n5ylpZJiqOiDGG5uZm3nrrrVynCwnonyNHI6Avf3YVTzy9IpomN9AvLiHE sSA7xdfXmjG/OJdkOsO/OorU7/YhDLXZqeW2b7TnQBbrLMaEJ2guezLtzIGh8hPvef/bzw9EfdO0 3YA/2//f9f85u9/Jbf8R9PwR9/4hNPqzfuHh8I5xXzCIbj//wsPB/g1H/n094Ek7HHDsP+k2jlT/ AHEY9+VM3/PPBrRDjbh/ZgZ+Dx30YR7i333y/RwY4POZIz7pt/3ee3a/5QoOogAYTZP+pJvLrbMO R+Chb7p49nb6lg+Qm4Kdve/8pS2HeswDXywZ+O+HgtweDQO8PrlZANmf/cxOqA5+HD/tMdv/uyD8 Hu9bbpK/nCh87bM71R/6M5zdSyT7OPIvxIW/G/JH/PsvxRns88+DznTSmqS14RR8pVHGUP/U42xe eD1W63BUnexzHPznIYai8PNgrKVqx07uXHxPv1H0wyUBfZBJH3QhxGcn/Hz/b/VBF0IIIT7vDh7Q DSlrMVbhTEDaQd0zS6lYuFD6oItD6j9DS/qg708C+gAkoAvxRSEBXQghhPgkAy+FMvjOYlWAtRl6 HTQ+vZStEtDFJ5CAfmgS0Afw1MpVPLViVbibbrSeSAK6EMeeflPcx02gN52RNXNCCCFEnux0fKOz y7DC3fG1NQTOYoMAbBqrHY1PPEblwuuxQbiRpAR0MZD8gG6MxlhLZfUO7rrnvtwa9CMhAX2QHY2A /nFxKeuLSqO2FhLQhThWZQN62lfMvnwevekMxsjGNkIIIUSWtWELyEBpNpdVkEp7aGMxNuzUYbTC GA/nOWpfW0v5kntwKtpITwK6GED/EfRww86a+gaWPv5kruXakZCAPsiORkAPjCOIvoxkBF2IY1e2 H7Ayln09SbS1GNl5VgghhMixFpSx+Mrw17/dxa1/vIPyWCWZjBf9DlUENsD4joSXwHS1YLVG2XBk VAK62F9+QLfGoI0howwpz+vXbu1wSUAfZEcjoDtn+7U+OZz+mUKIz59wd9lsz+EAZ4Pov7qvJY+U lJSUlNQXusJN4JRS/P2uJUyZfgVTZl7N72/6C+17OrDaERgFLoNvA9LO5rp3CHEwYVvYbLcajXVR B5tPQQL6IDsqAZ39+mdKQBfiGBVOrcq2STJSUlJSUlJSB5R14GnLXxbdx5TpV3LR9HlcMPMqfjln Pnc/+Dh7W/ehlcJkNE7LCbP4ZM7mt5M12AHayh4uCeiD7GgE9OyXUb+Abg+zR60Q4nPDWYMz4Ro5 X2vSQUA6CMhISUlJSUlJkQkCUkFAjxfQnQn4813/4OIZ85gyYx4XzpjPlGnzuPiyq7hy3g0UV+8k kfFwysqglvgEti+gY6PBUfupl0FIQB9kRyOgf/Dhet7/8CN0bv2DJTvlVQhx7HBWY1WA0pa/3nkv 1/72ZhZcfzPXXncjC66XkpKSkpKSuva3v+fXN9zMtb+7lelXXMuUGVdx0bSruGj61Vw25UqmXnol 06Zfw7jZV3DbLTfSUR7HqfAcOjsjVQK76K9vBiOE75HuRC/xyq1HvP4cJKAPuqPSB335Sp54cjlK R7sIOgNOhetUhRDHDGc1RitSgWbU+El09GbwAkWgFIHSUlJSUlJSX/jyAoWvDUlP5U1xv4pJs3/F xTPnMWnmbH519Y089XwBpUsWU3L9zTjf5JaOWVkqKg4QDn5mA7q1UFW9gzsX3Y3+FJv1SkAfZEcj oK9YuYplT6/EWMI3SLSBFE595vclhBg81mqU1qS1ZuQ559OZTKO1j7WK8JeGlJSUlJTUF7ucNVgT Xrz+26Jwk7iLps/nohnXMH/61Sx+4B80N+8jaS1Ny/5B9cLrcRmNNRbjkIAuBmCjgc9wOYSxULV9 J4sW3SMBHQnoA1r+zHM8tfxZCehCHONs1PO8N9Ccde4FdKe9qJ+rfNaFEEIIAGs1Roe7uP/1ziVM mX4lU6bP55Y/30ttbDsZlSEILAlnaVj+ANULbsD5FqONBHRxEOHeXs6BNQ5jHNXba1h01725NmtH QgL6IDs6Af3ZvhF0k23BJFPchTjWOGuw1pBS4RT3MKBr2RBSCCGEiFhrMFrhBwF3Ll7C1QtuYO3b H9CZ9rC+Rlkf7VuUhT3LHqbiN7/DBVFAlynuYkC2X5csrR3bd9Ry5533SB90JKAP6IWXCnjxpYK+ TeJyfZJlkzghjiXGGJRSJDIev5w6g0Q6gzVGAroQQggRcTZsReoHAZu3bKGprRXfKHxrsNqirEIr i7aWuoLnKblzCU6FAV02iRMHkw3n1oI2jp21u3nwoUfCzQVlivvny9EI6MlUit5UOjfFPWyxJift QhyLspvYtHZ0YuQzLoQQQvSTDUvW2ly/auNU2LdaO7SzKGtJOo1KtKPaO3DGhT8/yI9dDF35syqs hYwf0JPo/VS3JQF9kB04iX9+AAAEcUlEQVSNgB724qN/H3SZmiOEEEIIIb7Q8jePi9YQOwicJe0U gVM4mXEqDkN+tto/ex0pCeiD7KgEdGexzkpAF+ILo38/TiGEEEIcyDlwxuVGyHU0Rdlag1M+Vrnw z+ScWXyCfgHd2XBGhvt052ES0AfZ0Qjo2oGyhBtbRNN6HJ/+qo4QYmjKbhKnTFjhZ76vL6cQQggh Bua0RhtL2hkyJsBlLO1GoU0Ga3UY2skL9XIiLQ4QzsTQxhAYm1tefKSt1iSgD7KjEdB3NTRS29AY nayH03QkoAtx7LHWYIwmMJoPCovIBL4EdCGEEOIwOKtR1hJYTWB8XMrRU1dHd7w8ugCeNxtVArrI 0/dWCGcwGmvp6OmlekeNtFlDAvqAlj+7mqdXrkYbG7ZZQwK6EMeiMKAbPKUZN/F8Esl0eMXfyvo5 IYQQ4lCcMwTOYrXC6jQubalbvoKNv78FpzXG6NzmqxLQRb78gG6NQRvDtu07uWvJ/xxxizWQgD7o jkZAf3rlap585tkwlMsUdyGOWdnPt6cNY86ZSCrjyQmEEEIIcRictQSOMKA7n7SFxqceoeK6hTit sUbnzp/ld6vI138EPeymU7WjhjsXL5E2a0hAH9DTK1fz5HIJ6EIc67InDJ42jD3nPFIZX04ihBBC iMPgjCNjwdoAawMSDhqeeYTYb6KArnXf7tzyu1XkOTCgIwE9jwT0AUhAF+KLoX9AP18CuhBCCHGY nHb0WtA2wCmFZxx7lj9KfKCAPtgPVgwpEtAPTQL6ACriWymPVR7wZSJfLkIcm7SxrHh2FYHSg/1Q hBBCiM8FZxy+BeM0zhiMcfRUlNH29ls4E/VJRwa5xCcJ3yftnZ0UFhVLQEcCuhBCCCGEEEKIzykJ 6INMAroQQgghhBBCCJCAPugkoAshhBBCCCGEAAnog04CuhBCCCGEEEIIkIA+6PYP6I3X3EK6YpuU lJSUlJSUlJSUlJTUF6y2DfuZBPTBtH9Al5KSkpKSkpKSkpKSkpKKf1UC+lEnAV1KSkpKSkpKSkpK SkpqoJKAfpRJQJeSkpKSkpKSkpKSkpIaqCSgH2US0KWkpKSkpKSkpKSkpKQGKgnoR1lm6w7SWyql pKSkpKSkpKSkpKSkpPqVamkf7Mj6L/ncBXQhhBBCCCGEEOJYJAFdCCGEEEIIIYQYAiSgCyGEEEII IYQQQ4AEdCGEEEIIIYQQYgiQgC6EEEIIIYQQQgwBEtCFEEIIIYQQQoghQAK6EEIIIYQQQggxBEhA F0IIIYQQQgghhgAJ6EIIIYQQQgghxBAgAV0IIYQQQgghhBgCJKALIYQQQgghhBBDgAR0IYQQQggh hBBiCJCALoQQQgghhBBCDAES0IUQQgghhBBCiCFAAroQQgghhBBCCDEESEAXQgghhBBCCCGGAAno QgghhBBCCCHEECABXQghhBBCCCGEGAIkoAshhBBCCCGEEEOABHQhhBBCCCGEEGIIkIAuhBBCCCGE EEIMARLQhRBCCCGEEEKIIeD/A+emdm2x82CRAAAAAElFTkSuQmCC --00000000000003473905b604f47d-- From nobody Wed Dec 9 01:54:59 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B3D7F3A13BB for ; Wed, 9 Dec 2020 01:54:57 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.087 X-Spam-Level: X-Spam-Status: No, score=-2.087 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=willeke.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S2HlOYeCkMlB for ; Wed, 9 Dec 2020 01:54:54 -0800 (PST) Received: from mail-lf1-x130.google.com (mail-lf1-x130.google.com [IPv6:2a00:1450:4864:20::130]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 897D13A13BE for ; Wed, 9 Dec 2020 01:54:53 -0800 (PST) Received: by mail-lf1-x130.google.com with SMTP id r24so2243104lfm.8 for ; Wed, 09 Dec 2020 01:54:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=willeke.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=vXm++qdEJ59uG79j9LyZwIZmsI6SRUAHbIQ57Mqzn04=; b=K8rh0fl7udyfDubjmfor6pMhBZOzUK7CjsWTr5LQwct0GFeMp4HOsHTVzW2nge5RM0 wMlmZRo0XItD6tLUHaBySuM4yFJ6iiRQ1w7Gb4HrMJqgSSGTG93WTuY7E36RhxXeo3lG E2I5QCwu/TGNkdxVb6exH4kPzQUzwRhIuCPXNLlbrNK6gLXiqA6ExBlW0+xE3idF46M2 fl35YFd8JZDg16TL8On38X9Ll1OdRROZOg/GsKnAIS1jP/Cn2h6R8dtmcuU46/JKomCV bYxx3SyRh1Iod5mtMOeSmUkLSjljYUzNLkEkQwkIrKc4N0U3u0jaHvjND7TmfA13wyM3 NmLg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=vXm++qdEJ59uG79j9LyZwIZmsI6SRUAHbIQ57Mqzn04=; b=h3WRP1wBOWhhtaB0D1DieRX6BuqfT8etytF7217wPIGhCTFqEfvnWbOD3c4C9r0KB5 K/N6/BUIc8D1eo6sYthHDlaanyjf5qNX62CcBAr2DznzMnUnxPUhHBrqew736deNzAao NX+SCvDoWDpIUAcFQsGqW6avxty7L34rM6CX5dl4Y8l4g0ClmXd16hX4NLFYVeAFE8PZ ddFex93Ko/AzTQD2UYLRg42Slx+in1njHWbmz1RRtJ68adXLHSlMjoi0ZJMQEEsa5not 7+KkA4Gkb7dnMpEaYMtdM4yvULjGrgM8+MLIONSAhsOBmeRpdVAf23WAEY/JhogoXHhJ Dh7g== X-Gm-Message-State: AOAM533qS+WmMd8ZAmn+bkIQzwFrA05YoWcNzrzgLkrVNXYyGPXo/NQM Bp6WEM5B+RSp6ssHx4Fb0zRc/4JH1cK/e99FvOE+BFXyZtbXvQ== X-Google-Smtp-Source: ABdhPJzs4pd5RNFS+5wNwttD5YUH4BJN2MEnUXCxwK+LCTpv+Aykw0G835lk2ydEiXrwUsMnZXQRdFn7m9uKxm2x4HA= X-Received: by 2002:a19:4ad8:: with SMTP id x207mr799650lfa.9.1607507690057; Wed, 09 Dec 2020 01:54:50 -0800 (PST) MIME-Version: 1.0 References: <09d3639d-7d7e-9582-d728-cc223d21bcb6@hackmanit.de> In-Reply-To: From: Jim Willeke Date: Wed, 9 Dec 2020 04:54:13 -0500 Message-ID: To: oauth Content-Type: multipart/related; boundary="000000000000d7587e05b6050c86" Archived-At: Subject: Re: [OAUTH-WG] Call for Adoption - AS Issuer Identifier in Authorization Response X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Dec 2020 09:54:58 -0000 --000000000000d7587e05b6050c86 Content-Type: multipart/alternative; boundary="000000000000d7587d05b6050c85" --000000000000d7587d05b6050c85 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable I support the adoption of AS Issuer Identifier in Authorization Response. -- -jim Jim Willeke On Wed, Dec 9, 2020 at 4:48 AM Warren Parad wrote: > Okay, it wasn't clear that the user agent was required to be compromised > for this to be a problem. Here's where it breaks down for me, if the > attacker can manipulate the first request, why would they not be able to > manipulate the AS where the Auth Response code is sent? Unless we can > guarantee there is an attack surface that would only affect the > authorization request AS selection and not the auth response, the solutio= n > the draft lacks purpose for me. > > Warren Parad > > Founder, CTO > Secure your user data and complete your authorization architecture. > Implement Authress . > > > On Wed, Dec 9, 2020 at 8:55 AM Karsten Meyer zu Selhausen < > karsten.meyerzuselhausen@hackmanit.de> wrote: > >> Hi Warren, >> >> I think there is some misunderstanding on how mix-up attacks work. I wil= l >> try to clear things up. >> >> Have a look at the following mix-up attack example (slide 4 >> >> from the interim meeting): >> >> I marked the important parts: >> >> - In step 1 the client stores the attacker's AS (A-AS) as the >> selected AS. >> - Step 5: The authorization response is issued by the honest *(=3D no= t >> compromised)* AS, not by the attacker's AS. The H-AS will use its own >> correct issuer identifier as the value for the AS parameter. >> - In a mix-up attack the attacker cannot directly influence the >> value of the iss parameter in the authorization response as it is = issued by >> the H-AS. >> - Step 6: The client sends the token request to the token endpoint of >> the A-AS, because it stored the A-AS as the selected AS in step 1. Th= is >> leaks the authorization code to the attacker who can use it in a code >> injection attack, for example. >> >> With an iss parameter present in step 5 the client would be able to >> recognize that the code was issued by the H-AS, not by the A-AS. The cli= ent >> would be able to abort the authorization grant instead of leaking the co= de >> to the A-AS. >> >> I hope this addresses your concerns. >> >> Best regards, >> Karsten >> On 08.12.2020 20:15, Warren Parad wrote: >> >> As an implementer on both sides of the issue I'm struggling to understan= d >> how this problem would occur. I'm finding issues with the proposed >> problems: >> >> 1. Honest AS is compromised, assuming this does happen details on why >> adding iss to the AS response would prevent attacks is necessary for = me. In >> other words, how would an AS be compromised in a way that would be >> identifiable through the issuer value? (my ignorant assumption is tha= t a >> compromised AS is compromised enough that an attacker would be able t= o send >> the correct ISS) >> 2. Attacker AS is registered. I fully support the idea that this can >> and will happen, however from attempting to test-implement this propo= sal, I >> can't see how the authorization would be sent to the wrong token endp= oint. >> Since there is no information in the AS auth code response, the clien= t must >> already have the knowledge of where they are going to send the token,= no >> mix-up can be executed. I would argue, if anything, adding the ISS >> parameter would open a new attack surface by providing clients an >> opportunity to blatantly trust the ISS parameter as the honest AS and= thus >> actually sending the code there instead of sending it to one specifie= d in >> the metadata document. >> >> My confusion is the following: >> >> - Are multi AS services utilizing authorization codes in a way where >> there could be a mix up attack for #2. >> - Is there a #3 that I'm missing which even in light of #1 & #2 I >> brought up that would still make this change valuable? >> >> Warren Parad >> >> Founder, CTO >> Secure your user data and complete your authorization architecture. >> Implement Authress . >> >> >> On Tue, Dec 8, 2020 at 8:01 PM Dick Hardt wrote: >> >>> +1 >>> =E1=90=A7 >>> >>> On Tue, Dec 8, 2020 at 4:51 AM Rifaat Shekh-Yusef < >>> rifaat.s.ietf@gmail.com> wrote: >>> >>>> All, >>>> >>>> This is a call for adoption for the following AS Issuer Identifier in >>>> Authorization Response as a WG document: >>>> >>>> https://datatracker.ietf.org/doc/draft-meyerzuselhausen-oauth-iss-auth= -resp/ >>>> >>>> Please, provide your feedback on the mailing list by Dec 22nd. >>>> >>>> Regards, >>>> Rifaat & Hannes >>>> _______________________________________________ >>>> OAuth mailing list >>>> OAuth@ietf.org >>>> https://www.ietf.org/mailman/listinfo/oauth >>>> >>> _______________________________________________ >>> OAuth mailing list >>> OAuth@ietf.org >>> https://www.ietf.org/mailman/listinfo/oauth >>> >> -- >> Karsten Meyer zu Selhausen >> IT Security Consultant >> Phone: +49 (0)234 / 54456499 >> Web: https://hackmanit.de | IT Security Consulting, Penetration Testing,= Security Training >> >> Nehmen Sie an unserer n=C3=A4chsten Live Online-Schulung zur Sicherheit = von OAuth und OpenID Connect am 27.01 + 28.01.2021 teil:https://www.hackman= it.de/de/schulungen/127-live-online-schulung-single-sign-on-sicherheit-oaut= h-openid-connect-am-27-01-28-01-2021 >> >> Hackmanit GmbH >> Universit=C3=A4tsstra=C3=9Fe 60 (Exzenterhaus) >> 44789 Bochum >> >> Registergericht: Amtsgericht Bochum, HRB 14896 >> Gesch=C3=A4ftsf=C3=BChrer: Prof. Dr. J=C3=B6rg Schwenk, Prof. Dr. Juraj = Somorovsky, Dr. Christian Mainka, Dr. Marcus Niemietz >> >> _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > --000000000000d7587d05b6050c85 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
    I support the adoption of=C2=A0AS Issuer Identifier in Aut= horization Response.
    --
    -jim
    Jim Willeke


    On Wed, Dec 9, 20= 20 at 4:48 AM Warren Parad <wparad@r= hosys.ch> wrote:
    Okay, it wasn't clear that the user agent was = required to be compromised for this to be a problem. Here's where it br= eaks down for me, if the attacker can manipulate the first request, why wou= ld they not be able to manipulate the AS where the Auth Response code is se= nt?=C2=A0 Unless we can guarantee there is an attack surface that would onl= y affect the authorization request AS selection and not the auth response, = the solution the draft lacks purpose for me.

    <= tbody>

    Warren Parad

    Founder, CTO

    Secure your user data and com= plete your authorization architecture. Implement=C2=A0Authress= .


    On Wed, Dec 9, 2020 at 8:55 AM Karsten Meyer zu Selhausen <kars= ten.meyerzuselhausen@hackmanit.de> wrote:
    =20 =20 =20

    Hi Warren,

    I think there is some misunderstanding on how mix-up attacks work. I will try to clear things up.

    Have a look at the following mix-up attack example (slide 4 from the interim meeting):

    3D""

    I marked the important parts:

    • In step 1 the client stores the attacker's AS (A-AS) as the selected AS.
    • Step 5: The authorization response is issued by the honest (=3D not compromised) AS, not by the attacker's AS. The H-AS will use its own correct issuer identifier as the value for the AS parameter.
      • In a mix-up attack the attacker cannot directly influence the value of the iss parameter in the authorization response as it is issued by the H-AS.
    • Step 6: The client sends the token request to the token endpoint of the A-AS, because it stored the A-AS as the selected AS in step 1. This leaks the authorization code to the attacker who can use it in a code injection attack, for example.

    With an iss parameter present in step 5 the client would be able to recognize that the code was issued by the H-AS, not by the A-AS. The client would be able to abort the authorization grant instead of leaking the code to the A-AS.

    I hope this addresses your concerns.

    Best regards,
    Karsten

    On 08.12.2020 20:15, Warren Parad wrote:
    =20
    As an implementer=C2=A0on both sides of the issue I&= #39;m struggling to understand how this problem would occur. I'm finding issues with the proposed problems:
    1. Honest AS is compromised, assuming this does happen details on why adding iss to the AS response would prevent attacks is necessary for me. In other words, how would an AS be compromised in a way that would be identifiable through the issuer value? (my ignorant assumption is that a compromised AS is compromised enough that an attacker would be able to send the correct ISS)
    2. Attacker AS is registered. I fully support the idea that this can and will happen, however from attempting to test-implement this proposal, I can't see how the authorization would be sent to the wrong token endpoint. Since there is no information in the AS auth code response, the client must already have the knowledge of where they are going to send the token, no mix-up can be executed. I would argue, if anything, adding the ISS parameter would open a new attack surface by providing clients an opportunity to blatantly=C2=A0trust the ISS parameter as the honest AS and thus actually sending the code there instead of sending it to one specified in the metadata document.
    My confusion is the following:
    • Are multi AS services utilizing authorization codes in a way where there could be a mix up attack for #2.
    • Is there a #3 that I'm missing which even in light of #1 & #2 I brought up that would still make this change valuable?
    =

    Warren Parad=

    Founder, CTO
    Secure your user data and complete your authorization architecture. Implement=C2=A0Authress.


    On Tue, Dec 8, 2020 at 8:01 P= M Dick Hardt <dick.hardt@gmail.com> wrote:
    +1
    =3D""=E1=90=A7

    On Tue, Dec 8, 2020 at 4:51 AM Rifaat Shekh-Yusef <rifaat.s.ietf@gmail.com> wrote:
    All,

    This is a call for adoption for the following AS Issuer Identifier in Authorization Response as a WG document:
    https://datatracker.ietf.or= g/doc/draft-meyerzuselhausen-oauth-iss-auth-resp/

    Please, provide your feedback on the mailing list by Dec 22nd.

    Regards,
    =C2=A0Rifaat & Hannes
    _______________________________________________
    OAuth mailing list
    OAuth@iet= f.org
    https://www.ietf.org/mailman/listinfo/oau= th
    _______________________________________________
    OAuth mailing list
    OAuth@ietf.or= g
    https://www.ietf.org/mailman/listinfo/oauth= 
    --=20
Karsten Meyer zu Selhausen
IT Security Consultant
Phone:	+49 (0)234 / 54456499
Web:	https://hackmanit.d=
e | IT Security Consulting, Penetration Testing, Security Training

Nehmen Sie an unserer n=C3=A4chsten Live Online-Schulung zur Sicherheit von=
 OAuth und OpenID Connect am 27.01 + 28.01.2021 teil:
https://www.hackmanit.de/de/schulungen/127-live-online-schulung=
-single-sign-on-sicherheit-oauth-openid-connect-am-27-01-28-01-2021

Hackmanit GmbH
Universit=C3=A4tsstra=C3=9Fe 60 (Exzenterhaus)
44789 Bochum

Registergericht: Amtsgericht Bochum, HRB 14896
Gesch=C3=A4ftsf=C3=BChrer: Prof. Dr. J=C3=B6rg Schwenk, Prof. Dr. Juraj Som=
orovsky, Dr. Christian Mainka, Dr. Marcus Niemietz
    _______________________________________________
    OAuth mailing list
    OAuth@ietf.org
    https://www.ietf.org/mailman/listinfo/oauth
    --000000000000d7587d05b6050c85-- --000000000000d7587e05b6050c86 Content-Type: image/png; name="fmliihgbmokgaako.png" Content-Disposition: inline; filename="fmliihgbmokgaako.png" Content-Transfer-Encoding: base64 Content-ID: <17646e1e61acff9eafb1> X-Attachment-Id: 17646e1e61acff9eafb1 iVBORw0KGgoAAAANSUhEUgAAA+gAAAIzCAYAAACTLTO8AAAgAElEQVR4nOzdZ1QUZ+M2cD4kvoa/ Aord2DWaoqmaZhJN8mh68sS02aWDgmDBir33hrH3LtgVC/ZewYIVARVUOtJh2Tp7vR92mQV2aYq6 +ly/c/Ycj8zO3HPP7O5cc5exARERERERERE9dzbPuwBERERERERExIBOREREREREZBUY0ImIiIiI iIisAAM6ERERERERkRVgQCciIiIiIiKyAgzoRERERERERFaAAZ2IiIiIiIjICjCgExEREREREVkB BnQiIiIiIiIiK8CATkRERERERGQFGNCJiIiIiIiIrAADOhEREREREZEVYEAnIiIiIiIisgIM6ERE RERERERWgAGdiIiIiIiIyAowoBMRERERERFZAQZ0IiIiIiIiIivAgE5ERERERERkBRjQiYiIiIiI iKwAAzoRERERERGRFWBAJyIiIiIiIrICDOhEREREREREVoABnYiIiIiIiMgKMKATERERERERWQEG dCIiIiIiIiIrwIBOREREREREZAUY0ImIiIiIiIisAAM6ERERERERkRVgQCciIiIiIiKyAgzoRERE RERERFaAAZ2IiIiIiIjICjCgExEREREREVkBBnQiIiIiIiIiK8CATkRERERERGQFGNCJiIiIiIiI rAADOhEREREREZEVYEAnIiIiIiIisgIM6ERERERERERWgAGdiIiIiIiIyAowoBMRERERERFZAQZ0 IiIiIiIiIivAgE5ERERERERkBRjQiYiIiIiIiKwAAzoRERERERGRFWBAJyIiIiIiIrICDOhERERE REREVoABnYiIiIiIiMgKMKATERERERERWQEGdCIiIiIiIiIrwIBOREREREREZAUY0ImIiIiIiIis AAM6ERERERERkRVgQCciIiIiIiKyAgzoRERERERERFaAAZ2IiIiIiIjICjCgExEREREREVkBBnQi IiIiIiIiK8CATkRERERERGQFGNCJiIiIiIiIrAADOhEREREREZEVYEAnIiIiIiIisgIM6ERERERE RERWgAGdiIiIiIiIyAowoBMRERERERFZAQZ0IiIiIiIiIivAgE5ERERERERkBV7YgB55aCsChgzB kKKv4aNx/FbqY6/z0b0wDC+xzhFT5+Jhtqr4gnot9qwPlJZZvTPsCffm6VDlJGLetDGmch6KgKiv /HpEZQaWzpokrWfe6gNQacWqL/BT8ij2MiaNGiaVf83+COgeox5KEsWK10FllrU6eh3CD22U6m/u 8r1QPsXjr1PnYd2iqdL2ho2dhltJOU+83nthBzFS+myPxMnI5CoobRXQa7FtxXRjuQIQFBrxvEtU xUS8yKc/ERER0bP0wgb0veN74f9sbGBT7FUTfw1bi8fJXnpRg83jXUqszwaObTshPD63xMJqDP6n o3GZV/Fb35VVsk9VLS8xAp++1UDal/9OCIb2cQJ6dhy6v9tKWs9n/x2FPPULcsWt12DDRE9UL3JM W3d2Q1Ke+glWKiIn7QGWBW2GQqMre0mtGncjjiH42KXHOi+tgl6L1ePkUv11+mEwslVl7/cTbU5U I2iiK16VjlltDF506InqT6/Nwci/Okv7UKvppwh/kF1lZX4iehW8f3zLWLYacB4R/LxLVGWUuRnY u2sjbiXnPe+iEBEREb0QXrKAboNm7/+Fh/naSq9Pk5+Cvz9rxYBuwYsc0JXpMfi5Y8vix7VGE6w4 Hv1Y61MXZONI0Dx89nYLNPpSQI7K8rmmF0VkpdzD/BG90LRebcimb2JAr4T4y7vQqrattM33vx+I dOXjbzMr7jw6tm4gfWb/4z4L+RorOYdfwoCu0yhx/cxu/PPNh3Bs0R7H71nJzRAiIiIiK/dSBPRX q9nB3r4mbGxsUKNOC6w5FVfp9SVF7MTrNQwX7zVq1CwnoGswtd9vaNeuHdq1awef8VuqZqeqGAO6 iOuhS9DEvjpsbGxgX8sBttUM+/Cl29THCGgits3zh31Nw/rKCuja/FR4/dZJqjMG9MrRFaSjzw8f Sdt0aPoRjkSmPd7K9DqELhmKWtWNN2hsm2LV0aiqLfCT0Ksx0rOb8fvkbQycved5l+iJ3TkThIZ1 7AzHjgGdiIiIqMJeioBuV+tjuPxS2H3VDn8PX1OpsdZ6USt1b3/NoQG6/fSfsgP6C+J/PaDrNbmY 6PK11E26p39/tKrvYLiR0+A9nL6XWck1ilgyxlmqh7ICuiYnAT9+9gYD+mNvU4dT6yagVjVTN/dB iw4+1hwKuoJU9O72gVT+lp/KEZelrPoyk+TGgUWmmysM6EREREQV9lIEdIc6X2LdwmHSOOMWH/6D +7maCq9Lq0zD35+2MISutt0wb3pfBvQiXtSA/ij6JDo1rwsbGxv8vwbvYPf5S5B91ta4H7bwmLQT ukrtBgP6MwvoALLjL6NL24bSdt/+1guJuZWfOyDpWijeeb22NE+F17SdeIHmOHwhMaATERERPZ6X JKB/hcu3TqNDfUPXdNu6rbD25L0Kryv12i40sjWEtm4+c7Bv2SAG9CJexICuF7XYt2Aw7IxlbvOZ DHFZBVg/wQM1ja2y9d/+FQ8qFfgY0J9lQNfrCjC/73+l7b5Wtx12hD+o3DpENTZO8EDNwt42r3+E o4/bVZ4qjAGdiIiI6PG8NAE9OjML/r8Wjlm1w9+j11ewO6yIzeOcjd3bGyJwz00cXM6AXtSTB3QR eVmPcPX8KRw+fBiHT51HfEo6dE/x2Uua3AQ4dSmceKs6/hixGhoRSAjfghb1HIz/Xw+Be25Waj+e TUAXkZuVgQd3b+Po4cOGOjt8GOcu3UJKeia0lWv2L0aRm4XYyGs4Zlzn6bBrSEnLLPuz8pwCOgDc PrEWzR1rSBOouU/ZWqnWb3X2A/z1WTup7J8LY5FVRtlFrQqPUpIREXZWqvfDR08iOi4BWXkFj70f Oo0SdyMjcPjwYYTfiEa2QlX+m8qhFzXIeJSGyIhwHCks65GjuB51H+lZTzZrul7UIScjFZcvnJHq ICYuCQXqik3AyYBORERE9HhemoB+J0+DEyuHw9b4f2928UZqBWZ9FjUZ+LtTM0OLapvuiMpUlh/Q 9RrMH+2Ozp07o3PnLzC0yKROelGLs9vm49uvOhv/3hUTlh2ApswHb4u4cXAVunQ2vueLrhi5aPdj heminm1AF3F517/Gfe4Mv8Bg6AEoc1KwdvYIdP6wPRrUNkwa9YpdbbR9uz1+/tsHe45ffyrdjaNO rEOTWoZg91qd1lhrnLVdVKbCo9t70r6898twKMsJvPnJN+HSozs6d+6Mti0bS+/9v7qN8Onnhv39 ouvX2H0rHbeOrULnzp3x+acfo34dB2nZxm3eluqmu8dgpOabt9zrVPm4cHgnhvR2wofvdUCbFk2K PR6udr0meKvDu/j+d3ds2H0KucqKhSW9qMWD2xcxe4w/vuj4Hlo1aSit196xId5u/y56uPTHnhNX YXHevEoEdFGnwbltC9G98Fzu/BU8Bs5G8mN0TQcATc5DyLq8I237za/cK9XNPfL4ajRzNM4GX7Mh Zu64aPFGSU5qHNYunoXfu3VG+7ffQgNH07GzqVYTzVq1xXsffo6+I2fiUlRCqUMjNIpk+P/TzXCc f/NAZKoSOUm3Mczzv2jZxPBZrNO4GT746kcs3HYcGp0I6DWYPvBvqb7GLz5c5j4VZCVjV9AyuP7e HR3av4MmDeuYymrzKho1a4MO73WCi+8IHAuPMmzDEr0CM/r/I52XW6+lQS+KiI8Ox8RBXvigw9uo X9teqoPmrd/EV9/9gWVbjiC7wHwIkagrwDi/39G5c2d81KGtVKbX7GrhvU6fStuZuu1MOUeNiIiI 6H/XSxTQdci4dxrvNTLOHNzoHeyJSC53Pek3Q1C/uqF7+3985kKn11UgoJf9mDVlZhw8u78vraNu y07YF/Gw1DIUPIrC9+82k5Zv2qE7wuKyHqteinqmAV2vw9GlA6Rlvu4/B4qM+whw6Q4H46znll61 6jSB78yNyK3CFllRq8A8/9+lbbT5RIa47MJQJ+LAoqGoZVvN8Hf71giNyihzfdkPLuD9NvVK3Qcb GxtUs3PAirBEhG+dWOZyNjY2qP/xT4jPKd6CmpsSjQF/dkf9osGwjFfNWvXws9dkpJTzPHetMgeb 541ChxaNijxXvJRjUa8pvIYvQ0ZBieBfwYCuF7U4t3Ue2tUrHO9dA+99Jcf5qJTH796v12L3vIHS UIXXHFtj45m7FXurToF5fX6Tyt3s/V9xO01htv6wPSvR+a3WxW6GlP6qjsatO2LxrnCLIV2V9wDf vW04V+q1+BhnIu9g0J9fSMMqir6+6zkXSq1Y8ces6XWIPr8Hv332Phxq2FagrK+i7uttMXxeiGE7 ZuvLg2+3t6Tl551+gIshS/B+i0ZlrreGQ1387DcFSSXOYVGbD+evzR9VWfLVc8HeF3e4BxEREdFT 9lIFdJ0yC/6/GoNztVrwnRNS7oXg5nFOhgt/+/oI3HcbqIKADoi4d34b3mnsKF3Ud/ptoMWWP702 HzN6fieFgxq1mmD6pguPNVt1Sc8zoHfxHY/AgX/DvjAIlxVu7R3hMXkj1GX2MqjEfiddw1dt6xvX Xws+U7cXa6UvSLqEjs3qmuolYF2Z63vaAV2rSEKvbh9VMCAWeVW3h+vkraW25uo0+dgwyQ/17GtW eJ3Va9SB2/gNxY9FBQK6XtThwrZ5aFu3lnE5W3zQ1RPXHlR2pnxzqbeO4gPpeL2K3wasgKoC54oi LQrd3m1qfF9NOI1eh5Kn7a2DK9G6gWPl6t3GBrVbfIrjUeZj2YsF9GYfYOwwXzhaukFl2xTrTt0x Vl7FAnpCxAF0frNZuTdaSr7s6rfFsoMWhnKUCOhD5wQWublSzquGA3pO2VqsdZ4BnYiIiOjJvVQB HXodjhfp5t7hG1+kFpTeMqvXZeLvjwwX8HVadcOdbE0VBXRA1CmxdY4/6toZLs6r1aiLwfNDzboQ h2+ahlo1jBfw1e3QY/BiKDRV05r8PAP662++haaONWFjUx1t3u2C6Ys34eqNSMRER+HM4R3w7dHN tN82NqhZpxlWHr3z5Dut1+HEmjGwM7ZY1nr9A+y/nlJ8EVGJyW7fSoHYoeVXhmNfioL0uxg50Aeu rq7o/KGp6659kzaQO7vA1dUVbh6eOHEvC7Hhu+Dq6goX2V9o0djU9bjtx13h6uoKV1dX9B4zGxlF ugiHzOkjncs2NrZo074LJgWuwemwK4iJiUFMTAxuXr2I7esX458fOxfrkWDf4lvcy7HUii7iauhi tKhjCuev2NdBlx5eWLdzP25FRiEmJgYXzxzDxKE90bSBqeXevkE7BJ2OLVJh5Qf0W0fX4u2GDtI+ vPeVB64/fPJeIACg12Rj9D9fmM6tD/6LuxnljQcXcWHbDNQ23iCyq/8OdpaYYE6XG4uf3m9pujlh Wx8//NkHm3cfxI3b0Ya6j47C+ZOHMGfsALzfrqm0rI1NdQijNpl9nosG9Oq2NVHbwQ6vOTji955j cDI8AjHRt3F8TxC8BozGw2zjo94qENBF5SMM6NG5yE2c2vjsWzlWBu1CxM3b0nly5fwJLA8cjy8/ alukrK/i87/HIbdkYUsEdEdHQziv6dgEf/Ychj3HziImJgbRt29i/7bV6NH1A2myPRsbG9R5oxsi U/NNZdSpsHjKALi6uuK37p9Jy9nWro8fesik83/l4YiKHnoiIiKi/zkvV0AHkH7nFN5vbBg3ad/o Hey9Wno394wbu1CvRnXY2LyKL92nG1qtqyigA4AmLxkDe5iChWPzjjh4PUn6e87DcHzSuoG0nlYf /IGY9MefiKqk5xnQDS87dPl9MKISM1FyPjitKg8HVoxDk1q20v6/+50/siwOgq44bUE6+nxveuZ1 pz9GIsfCOmMOLUUde+PkY9VqYsTK8xVYe9VPEqcviEf3NqZzoN0nAq49yCy1hVFdkIkFw5xMPRNe qY+gK6nm289Lgtd/TGPt7eu2xPjle0oZO6zBjWPr0bKBKWB37TUTmsJClBPQo46vwzuNClvOq6PD F+64kVCVk4KJiAhZgMbGm102tk2w+kRM2e9Q52Ks8JVU5ve/G4BHJeakCNswCY6FN4mq1Uaf6Tuh KGUSNL2oQ+LtU/jm3RbSOt/q5ovsEvMAFA3ohZ+BPwfOR1aJetdqNKZjXIGAfu/MJrSpayet87fe c5CWW9qz3EVkJ0fBrbvpc/B6h+8QmVbiu6VEQDd8R7XHmkNXodKa3yRUZDzA4D+/LHKToC4WHY22 WAJOEkdERET0eF66gK5TZsD/58Lw7ADfwN2lhp1NY50N3UVt7TB6/UXDf1ZhQAeApBuH8XELUwD7 6JeBSM3XQK/OQN8fP5S6q9as2xorj1u+2H1czzugt/vCCbdTSp9NWi+qsWqUXKqDGo7NsP5CQuUL WETKjX1o7WAIXa/YNcCkYMvBW6dIwH8/Mo37b9ulN3LLrZyqD+jJ4UFwMIZEW/tGmH/gdrn7mBt7 Em80MnXLHr/X/D33L2xBc/vC4QW10GvKJsvjkI30ogYbx7hI62z8RjdEphu74ZcR0KOOr0P7RoXd oqvjnc5uuJVU9U89UKZH46cPWkifo5/7LYOqjMn9Mu6dw0fNjD0YqtfH2DWni9e/Xo1xHl2lfWr6 qQsyypsHQa/DukleUg8dxw9/RmKJOQBKBvQ6zT/C8ehyuvmXF9D1Wmya3kv6nNRr9w0uPSwv8IoI 2z5TavG2b/k+jt8tUY4SAb1a9VoYvvJ0md3PY89tQssG9tJ7ei45ZnE4DgM6ERER0eN56QI69Drs W2QKiu9+42exm7tem46/OxoCmn39johIU0nvr8qArhe1OLR6POoZZxS3qV4fkzedx76Fg6VgZlO9 BjymbC91LPHjep4B/RW7hpiyKbzcdaszb6Fjw8ILfnv0mrS78gUsLIKoxqohf5taDd/sjhsppfVI ELF+tBNsjV3hbe2bYMOFxHK2UPUBXadV437MDZw/dwZLF29AZgUeX6fPj8P3RSbyGrTpSokFNNgy 0VX6e4N2X+Hiw/JDc078NcxdvBEXwsJxP6nIY/BKCegPL+/Cu687Sp+DDl28EJX6ZI/3KpVeg9Vj nU3DElp1wc0i3auLL6vDoSVDpEDboF1XXLLwqERlXjoiwsNwInQzgg/eqlAxzq+ZjHrG9dq+1R2x OcVbsUsG9Le7+SOzvMcUVKAFXV2Qg1tXL+P0kT1Yu+1UheZrSAjfgZavGMN3k/bYV/L57yUCes16 XyAmt+wnA6hTb6JT29el9/wzYhssFYUBnYiIiOjxvHwBHUDC5d1oa3x2cs2G7yD0mnk39/RrO1Df 2MX5wz9HmoJrFQd0ABDV2Zjg1k0KF/WatUGLOnbSNt743ANpZYyVf1zPM6A3bfcjojMq8DgsvRaD /+wkve+dvwJMXasrSZl5F/95q6EUdP4ascpieCiUF3cCzWsVHofq+LbnnDKXf3bPQS9l66IIdX4W wkJXoUORybxKBnRRlYX+P5rq9ON/JiD/SSbgsxDQb5wPQcc3Gkr/1/Zzt0o9/uxxJEXsxhvSxIu1 MXP3Ncs3PZSZ6C0Nc7DFD/0Xmk0OVzkiRFGHR4kxmNW7BxwqHNBt8d8RK8o/7hWdxb2ipRVF5KbH I3jGAOlmQkUCepsf+pb7/aAvSIT83TbSe/4evpUBnYiIiKgKvZQBXZuXBKevCp+dbAffubtLdMMU sXGMsfW0mi1GBxWZtOgpBHQAyH54EV3fMrU8Fb5qNHoT+26YzwYtbUoUoSwogEKhKPelLjG53PMM 6O1/CUB+BUPRnnGm1t4m7WVIfayELuLGvrmmSayq10a3P7wwfPjwMl4D0P51U1fxWo074kJiKa2y xm087YAuijpo1Crk5WTi1rXLOHNkNyaNGo7ens748dvPUcvCjOAlA7oqJx4/fVzYHbwG3KZtqXg1 WlIioDdp9S7aNatfrAy1W3TGrUeq8tf1JMVQpaPP9x2lbXZxnmGx237S1T1oaZwc7//qtcaGohPe lUGn00JZoMCjxFhcuhSOrcvnImDIAMj//h0fvtnMrN7LD+i14D9nX0V2rNIBXdTpoFIWIDstAVcu X8LBzcsxfFgAXGR/oEvHN83KWpGA/pXrjPKLqkxiQCciIiJ6il7KgA69Blun+0hdXD/6bggyVKYL eb06DX93NAQY27of4UbRlt6nFNABEeG75qGRo32RC2cHDF18vMx3qdIi8Wn7pmYX3OYvO/SZcrjY e0sG9N/GBz2zgP6tf2CFW4zDN4yU3tew+S+4r6h8c6eoyceAXztWoJ7KeFW3h8/ssgLV0wvoOq0a dyJOYqSPC77s9Falyl0yoCvSo9D1rcKQWBfjV5+udH0WUyKgS69q1WFrW13690/+S56wpbp8J9eM Q53CmdlbfIlbacVvqOhFDbZMMN3webOrJ5Lyy+62rcpNw9618yD0+AktGtaqcL2XH9BrY/C/B8vf qUoEdE1BNk7vWY9eTj3wdquGFS5rRQL6T77Lyi8qAzoRERHRU/VyBnQA8ZdC0NY463Htlp/h7D3T BEkpl7eisaPhbx/8Obr4BeZTDOg3D60s8pxoG9jY1MOkLeFlBrcnCeiKlJv4vH1jaZnv+yyD6jEC ui4rFv951/Q4qq5/TUdByZbLYgG9JpzGbajw+iM2j3vigJ794Cza1634875LezX78E8k5JUW6J5O QFfnpWDKYBc0qFmBUFjDHg0aNoS9raklvWRAz0+7hS5tC58b/pQCerUa6PijH8b0/gU1Csfx2zXF ooORT7atcihTruMraQx0DQxaeaZYvapzE/D7x8abSdVrY8C8/WXslw73Lu7Dd53aVuDZ4q+ilmNd 1K/rKA1VebYBXURyzAW4/vw57KuXf57YOdRGg/r1pAntGNCJiIiIXgwvbUDX5iUW6eZeB2PXFc5O LGLDeFdjqLDF6OASz+R9SgE9P/kmfu70hvmFdOP3cDKm9FmenySga7Li8H1H08V0l79nIP8xmtDz Ei7jgyLjjX/uvdK8pbRYQK+On4curnAL+ulF/U2ht+VveFhQ2YAuYs+MXqYQW7M2WrRqjdatK/Zq 3sS0b7YOjTA35Eap26nqgC5qsjHW4zuz41nd1h4NGzdG02Yt0Lr1O+jh1Asjx07G+q378SD2Gn4o Y5K4/Ee30bVdYUCvg7ErT1ayPksoGdBt7fCVEIC4DAXUWXfx4/vNpc9C8/d+w+00xZNtr8yyqDDL 9ycpJL/70xAoigztuHNiFWob/1avxac4G5dT6qoSIkLxXqsGJer+VdRyrI/XX2+Clq1ao8P7XeHn PwQzAhfj+PkbOLpsQiUmiau6gJ7x4Ap++rSdhSBeB40bN0bzlq3Qpm1HePcfhInT5mLPkTDcOB6M VpWYJI4BnYiIiOj5e2kDOvQabJ7mI7UgffrHGGSrdNBrs+D9H0Nwf61eR1xPLzFu9ikEdJ0mF/MG /gU7Y8tXjVp18XqDOlKr3fs/D0RmKY940imzsXfXFqxdu7ac13qE3Ugq9l698hF8upqehd3+ax+k ltPd15KESzvRtsijlZyn7Ta/KC/Rxb2jy4QKt9avHvC79L4WX3oju5L5XKdKRY/3m0rH44P/DkZu eTNnF/Ho2g7Uk8Z2V8cXwlgoLE6qVvUB/UZIIByqV5PK3qDZO/AdNhkbt+xHTOx9pGWaz4ou5tzB 181NNxVKBnR1bgJ++bSwx0NNeEzb+mQT1JUI6G98Jse9DNPs+DFHV6CRQ+FTCmriN/9F5j0sqlDc qXVoapxk8RXH93DB+PnU69RY2OdXYzlt8Y3rNBSUMjmeqMlCv587mlrOqzug47d/YPb8ZThy+ioe PExAgdr8M3lyxTjUecYBXa9TYOHAv0zPH69WE292+hbjp8/D7oPnEXf/AXILzM/D+2c3oQkDOhER EdEL5eUN6AAehu9E2/r2xovEz3AuNhNZ0UfwRgPDDNgf/TkaGgstwVX9mLUzwbPQVBp7XhO/D1mK 8D2LpW721WwdMXjhoSp/zBr0Sizo97O0LzWbf4wL97MquRIRR1aOQm2pW60j5uy9ZmFbxQN6y/f+ xv1yHtkEAHqxAN7fvS2F46+9Z1l8rnJZ7p9aLbWa2tRwxMgVlevSLWpy4P6NaWItx0Yf4NCtR5aW rNqAri+A/68fSMvUbvwBdoXHlVve/Ptn0KaxaXI781ncszHgl0+kv3/6x5gK3bDQKtMxY9QorAkK xq79J5CcbhzfXcZz0A1/V2OGl6kXQE3HVlgQev2JZ60vja4gGU5fFZ4zNTBoxVnoASjTb6NzC8Oz z1+r1QTz95b+6LSUiB1oVtd00+nLf8YjvUBT9ob1Oqyf3POZd3HPSbiCz9uZbsi07+KByKTSewYY iLi4c7b0HcmATkRERPRieKkDujYvAc5fFnZzd8SY9Wew99+BxhbLmhgTfMl8xVUc0B/dOYevOzSX 1tey05+ITM6FXqfEgn49UN04frd2k/bYfuH+k1ZLCSKOrR0Hh2qF4boORq04XqkbAVplGgb8anpk 12v1PsSZexa65JcI6DXqtsLqE3fKXX929GG0cDSOHbetjZErzldi/wDoNZjq/rW03TrNO+Hcw8o+ i1vEieXDi7RQOsB5bJCF4FG1AV2vTsD3repK59HXXhW5OSHi9LrxqGtX+hh0vajB5klu0t/rte6M M/cyyq2FjOgjaGMcB1/NrjH+DTEG3PICOoC8pAh82bahtC+tP/wd15Of0jPRIWLnrL6wN/Y8eOfH IVDpRFzbMV3qMdP8o3/wMK/0wB2+fiLq1DD2XHilAbZetXRDpjitIhne3Uw9Up5VQL9/fgveqFV4 vB0xMehcuTc/RE0eZvv8IJWVAZ2IiIjoxfBSB3TotQgq0uLVuccguHxjuMD+v4adcDXFwljZKgzo mvxUjPf43lTOuu2w/MB1KYSpMqLxw3um8YhzZxEAACAASURBVLtvfe2JhzlV+yzpR9En0Kl5XWl/ Gr7ZFYduJFSodVMvanB26xw0dTRNvvbhL4ORbqE7bcmAbmNTHZ/8MQjx2UrzZY20ygyMFrqa6rrp 57icXLnxy+q0CHSo74DCbs1dPWc+1kz1BalX8VFjB6ksTTr8hMhHBSWWquKArohF14a1pePfxW1a Oc9hB5IjT6F7h5ZF6tkGveedMlvu7tlgNKtV2O3cHn8NWYxcC122pT3TFmDx4D+kddZv9SUuJVaw Bd1YN2FbZ6Guva3xZos9evgvRL5ZF5WqkXv/LDoU9iKo1QFhiTkY7/yFcX8d4DF5W5nn+KlFI1C7 8MbVK/URfCmlzO3pNArsDByKBoVd+W1s8OrrX+JWevHz9WkE9LvH1qH5azbSOsetP13mvomiBmE7 F6F1kR4Cr9Rph23h8SW2y4BOREREZG1e7oAOIOroajSrbQgNtR0bwLGm4QL747/GWHyGclUFdL2o xr5Fw1HXzhhYqteC5+Qgs21GHlqGBg6GZarb1obnxM3m3e6fgKjNQ6Dff6W6srGxQbMPvsWG0AtQ lBHYFNkp2LZ8Mt4t8rxrQ7fhq5bDgVlAt0G1mg740Xsc7qSad8fNexSHyb5/oXbh+OtqNdBjyMpK h+ujy4ZKvRCq2dXDjJ2lTfBWNlGnwqyepm7a1ewbYMLGcyWXwsbJvaRWWru3vsODXMs3VHR5KfhH 6oZtg279FkBV8riKWXD5zBS2azfugI1Hb1oMPBpVHsIPBuHb99uaWvqNL89ph82W1yrSMPD3z6Rl 7Go3Rf8pq5CcY37DRKvMwc4lo9Gg8EZMtZr4sfe/pvJWKKADOnUOJjiZejPY1W2NhftKOV+elKjA GFkX4xhyWwxasAPftjHciKrVuD0O3C67x8CdI8vRoJYpbH/++1DEZ5W8IQMAIrJSYrFwrC9eL/aI RBvY1P0EV1OLP+btaQT0tNtH8V4T09Mf3uosw+XYRxbrVZGdiu1LJqBtQ8diZX3FoTWCzsSV2O7T C+h3TqyGQ2FPg4ZtsDn8Yfn1QEREREQvf0BXZ8Tgp/eLtzja2NhhbHApjzerooCecP0QPm5tmiG6 /beeuJdu3jqs1ykR6POjqbWp4RtYfvDmY9RI6dKiz+Drd1sUq4NadRrho69/xaRpgdi6KwQhISEI CdmF9SsWY/wIf3z+7luoVXhzwXiDocfgechSljKuvERAt7V1gJ1dTdjY2qFtp64YM30etu3YhZBd 27Bg2lh88cGbqC5NjmaDph1+wq3UyrWe6zVZcO3S1tQ74J0fcS/7cXsgiLh7ai0a2dpIx/X9n/2R rix+Xh2aH4BaUp3Uxu/9JmDnrl0I2b0H97NM4VevysSA70xDA2o3a4+x/65ESEgIQk+cR4FGB0DE 5oke0g0GG5tXUa/xG3DrNxprNm4xHJMdW7FgzhT89Z8v8Xq92iXOY8Orh7+lR9qJuHtuK94tMlb9 Nbta6Pj1b5gauBg7du5CSMgurFg0Ez2+/QSO9qZj3aDtlzgVnV6koisW0AEgJfIoPmpu6rbfpuMf uJaYa3HZJ3Vrz3zUM56jb7T9AHbGbXb8c3ipk8MV0mbF4Ns3iz4doSbe+eQnTA5chB0hhs/Dlg2r MHZoH3R6sw3sa1Qzr3vbt3C8xBMYnkZA1ylS4ft9xyLbtkXLt79AwMTZ2LJjJ0JCQrBr60ZMmzgC X737NmoXGf4gvao1waKSTyd4igE9+UoImr1SuO2a6PizBzZu3YGQkBBExJXdW4GIiIjof9lLH9D1 ogqLBv9ZrNXx/17/GFdKCw1VENCVmffh3d00Q3StRu0RfCqm1JbE7IeX0Ll1fWl9bTr9gZsp+aUs /Rj0OkSf24HOHUreqKjY6xW72vjZewoSLLYwmrZRNKC/3upLDPT+Gw4VeGZzwxafIiQ8ttK7lXRx k9T7wMbGFr8PXv1ErbXqvET884mpjhwatsO2Cw+KLXP32Cq87mjheeu29pi4y/QMcL2owsqAfyzu 7/+1/go30wzHV5kWif+83bhCx8HwcsA3f/SF/JePTTd/fh1qcey6qFPh8NrpaFPPscLrt2vUBnN2 XCi+vkoEdL2owYFlI+BYeKOjugP+HLDoqXR11yke4pcOrxcrf3W7epi+I6L8N+t1OLZyNOrUtK1w 3TjWfxNDRw5Dc+mmhyPmH4oqttqn85g1ETcPr0KbBg4VLmtN+9fh6T8KH7cvrB979Pl3b/HPx1MM 6HnJ1/FFq7oWy/br8HXQPK0ZBImIiIhecC99QAeAyMPL0dTR1J3107/GIl9TyvJPGNBFnRLBU/1g b1vNGG7rwHvaJsvd6QtXJ+pwbvM01Kth2Ga16g74a+CSKn5UlYiEmIsIcPsFDe0tBEyLr+po8fan mLp0Jx7lqcpefYmA3vTNH3Hj/gPM6PMn6hQZt1v8VQMffPk3Dl2Oq3yw1muxsN+vphm17Rpg9dn4 8t9X1ipFLfYG9i1Svpr4fcDSYs981+Ylwqf7h1I3d+lVrQZ8ZxTvav7g8m582NRCSHF4B0ejTC3U cRf34qu3m5V7PBq0eRcj/g1CanYB9s8bJD2e7bX6nXA7y/KEaKJWhbC9q/Hth+Zd44u/XkXr97oh 6Ng1aEomrkoEdADQ5KWg/6+mGwg167XBotCn0NVdr8OaMU6wrVakjtp+h7vZ5czGbqRT52D5eF80 dig7pL9SsxY++UGGvWcjocx5iL86muYW+LX/ymL19bSegy5qC7B35RS0a1jOzZZqtnjz0+5YtTcM ivxMjPr7K+lvHX8egoxis+8/vYAuahRYNlwudXMv+vriz8nIe4qP4SMiIiJ6kb2wAf3qrtXw8vSA h4cHvH2nIlVZ+gWfJvshJgT0g4eHYfkluy+XMVu2iJsnN0nL+gSMR2xmiXG7ei02LxovLfPvBtMk XQWZDzB1aB/pb4NGL0BSKeOUi9KpcrB0coD0vt4DRuFqfNVPrKRVKxATcQGBk4bjt5+648uP2xe7 eK5hVx+fdfkWv//jjsUb9uB+SlbFZn23ENDvZGqgUebg8KbF+LN7V9SvbRjD27hVB/zw6z9YuvUI MnLLaJUva3PabMwfYTqmPsPnIqsKWmmz4q9iUC9Pab2Dxy5EmqJ4t/6c5BhMGdwTX3R8W+qe3rhl Bwyfu7vYcqJOg6hz++Al/Iq3WhTOcG6HDp2+R+iVxGLLZiffxaqZo/HTd9+gVePCUF8dzd98H9// 9AemLNqIqIep0BoPRs7Dy+jbu5ehnJ49cTS6rDHXIrJTH2Djkuno8fP3eLtNE+k41W/6Jrr99Bsm z9uEuLTcUod9nA5ZItXJuDmboSizrkU8jDiMPsbPp4eHB8bNCi5zkrrHlRV7Ht49vYzb8cTM1Ycq dSNA1KpwK+wQBrn9ga6dP5Ju+tna1cHHX34Dmac/dhwOQ2a+8TtAr8X+jXOl/eo3aSkURW72aZXp mDXCz3hcfLD5cAXmRNBrsWbOMON7vLBs2wXLZdVpEHfzHCb6e6H715+hjl3hja8aeP/TLvjvn25Y s/MYUrLzjXUg4tqxYKmsvsMmI67od5leiXUzh0t/D1x3ovyiqrOwdNRQ6T2Ltl4s9btUlfcIG+eO Qbcun6COcQiFY/3mEPrMQIaliSaJiIiI6MUN6PTk1Col8nOzkJiYKL2SklORpyiAWlvJMFVKQDcQ oVYqkJqSjMTERKRlZEOprlgrp7USdVrk52YhyVhvaeml75NWo0JWepqxjpOQnZsPjcX6FaFSFiAj LVU6HumZOVCq1FXW+qxRKZGV8Uhaf+qjTBSoqvbJAS8iUauBIj9HOp5JSSnIzS8o5Tg9X6JOC6Ui DynJSaZzKk8BdWm9gp4jvaiDUpErlTUlNR0KpQoiG9CJiIiILGJAp6pRZkAnIiIiIiKi8jCgU9Vg QCciIiIiInoiDOhUNRjQiYiIiIiInggDOlUNBnQiIiIiIqInwoBOVYMBnYiIiIiI6IkwoFPVYEAn IiIiIiJ6IgzoVEVEJN2+gBUrVmDFihUI2nIA2So+S4mIiIiIiKiiGNCJiIiIiIiIrAADOhERERER EZEVYEAnIiIiIiIisgIM6ERERERERERWgAGdiIiIiIiIyAowoBMRERERERFZAQZ0IiIiIiIiIivA gE5ERERERERkBRjQiYiIiIiIiKwAAzoRERERERGRFWBAJyIiIiIiIrICDOhEREREREREVoABnYiI iIiIiMgKMKATERERERERWQEGdCIiIiIiIiIrwIBOREREREREZAUY0ImIiIiIiIisAAM6ERERERER kRVgQCciIiIiIiKyAgzoRERERERERFaAAZ2IiIiIiIjICjCgExEREREREVkBBnQiIiIiIiIiK8CA TkRERERERGQFGNCJiIiIiIiIrAADOhEREREREZEVYEAnIiIiIiIisgIM6ERERERERERWgAGdiIiI iIiIyAowoBMRERERERFZAQZ0IiIiIiIiIivAgE5ERERERERkBRjQiYiIiIiIiKwAAzoRERERERGR FWBAJyIiIiIiIrICDOhEREREREREVoABnYiIiIiIiMgKMKA/R7mp8YiIiCjzdTPyDtIys6HVic+7 uC+UvIwkREREIDL6PjQ6vfT/jxLvISIiArHx6dCbvUuEVqcr9j85aYZjFB2bBNH8DS8UZW46blw1 nFcPUnMq/D6dVmuhrgzEMv72dIlIiL2NiIgI3E/Kei4lIOsnalW4e/sGIiJuID1X+bxKgczkOERE RODOw7Qq/bzotNoqXFvZRFEHnVj0d0hEYlwUIiIiEJeY+czKUR5FbiZu37iKiIgIXLseiczc3Odw Dpj/ltDT8Sw/A0REzwoD+nN0dfcKyAUBQhkvZxcP9Onnj8mzl+FGXMpzCkMvnsgTQRAEAf2Gz0Om uvCiUsSBdTMgCAJmrDyKIrkdyrx0HN6xAcevJxVZi4jL+1dCEASMnLEZBS/yPRK9Dhd2L4OLzHBe DZ8ThAJN2Tuk0ypxO+wINuw8BY3ZiSciJfYmli7fhBzNc7gQ1WuwfuZACIKAecEX+Lkgi7R5qZgc 4A1B7oNj1xOfTyH0OpzeOheCIGD8kn3QVsHJqlXl4eKRndh+7MYzuHEoIiftAbYHBeFmQrbpv/Ua BAcOhSAICFx/xipuYMZdO45RA/vB1VkGQRAgd+6JXUcvPNNzQGX8LTl2Lan8hemxaVV5uHxsF7Yd vWYV5x4RUVViQH+OCgO63KkXZgQGItDCa/qU8fB2d4UgCPDsOwIX76U972K/ECoT0PViPpZO6A8n JzfsCntQZC0vT0DXFaQhcGQ/yFxd4e7kBLlbf1xNKKMVXa/Dxb0r4enqjFHzdpgF9LSoUxjg4wmZ 70RkqRnQyTq9lAFdr8beldPh6iTHvK0Xnno4UWTEYWqAL+Qe/XExNqNIOawroOtVqRjn5wFBkMGn 71DMCgzE3AVLcT367rM7B0QFlk7wh5OTG3ZceFD+8vR49GrsXzMTrs5yzN189rmfe0REVY0B/Tkq DOguHuOQXkr402qUeBh5ASP6ekEQBAybuR75zyMQvWAsB3QgPycDSUlJyMhWSP8n6rIxydcJgllA B5T52UhKSsKjjNwXOgTGXzsCb1c5+o6eiaXTh0MQZAgMOolSR07oNTi6biYEQbAY0OMv7YG7s4wB nayaqNMiPS0FSUkpUKg0z6cQVR7QC7B+2hDDuf8MAnpuSiSGeMkhWHlAz39wHs5yGZxceuPcvQzp O+GZngNiDib7GX5LGNCfIr0SQTMDIAgCAzoRvZQY0J+jigR0AIBeh4hDG+AmFyBzH4ibSRUfP/y/ qrSAbklZAf1loBeV2L5gPGSCgFnrjyHy9Da4O8ng4jcBKfnqUt7EgE5UJRjQn4m82NOQy2Vw8RiN lHKG7zw1DOjPBgM6Eb3kGNCfowoHdAAZ986jj6cTBMENR2+lAAAKHt3Hgf37ceH6PeQm38GSWRPg 7e2DUZNm41h4VJEu3BrERV7E+mXzMaivH7y9vTFw2Fis2rAT9x/llbpNvU6D2FthWLt0Hgb2M7xv wNBRWLFuG+4mZ1kMRZr8TJw4sAOBU8fB29sb3t6+GD81ECGHziJLoS65AVy/cBT79x9EYo4aBdnJ 2LtpFYYN7mfY1ojxCNp5CGmlTeyj1+HetXNYOW8afLy94dO7L+Ys2YDI+PRSA/r9yIsIDQ3F5Vvx 0ANIiLqC0H07MNBLDkHujBlLghAaegDX7xrGD6bev4XQ0FCcvRht8cI6MyEaWzaswugAf3h7e6O3 3wD8u2QNLly/C63ZMRVx99o5hIbux92UHGgKsnA0ZBPGDh8Ab29v+A0aiTVBO/EwPd9sO2kPb2N/ aChCj5xBVkHlWoHyU6Iw3M8TgpMPTtxKgiYrFiP6eEEQnLH17F2z5VU5KTgSuhf/TjCEgL4jpmNP aCiOn7uCAlU+wk4cRdCyWXCRCxA8B2D73n3Yf+AI0gtMQV2rzMGFY6FY8u8s+PfxMZ4LPhg7ZTa2 7juOjFJuDOhFEcmxN7Bx1RIEDOoLb29v9PUPwKKVQbgRm2y6ECszoBvGx4eGhiJ0/yFEx6eX2IYa MdfOYc3iQPT37Q1vb28MGTkR6zfvRWJWgVmZNIpMnDl2EMfPXkZOViq2r5mPvn4+GBgwFltCz0Fp fqDN90unxp3r57B68Vz49/U1fAYDxmDl+h2ISzO/4aYXdUh5cBvb1q/C5DEBxvrzRt8BAViwfC0u 3Y436/2Ql3IXoaGhOHftDkSdGpHhRzFvmvFz6NcfcxautPi+0olIib2G0ND9uHo3CWpFBo7t3ozx wwcaPp8BYxC0+zhylIZJmgoy47F17TIM6d8b3t4+GDlhJkJPRUBloX70OjVirp3HuhVLMGJQH2n/ Bo4Yh9Ubt+Fucnax5QuPweFTYchTaZESdxMblgair/H4jZk8B6Enr0CtK3EmqBUIP3MUofuPIr7I 5+p+5CWEhobiVnwGCtIfYsv6ZRjc18d4jgZi97FwKMxuPIm4fyscoaGhuBSVYPH7T5ubggOhoTh0 5DzyC78wygno+RnxCN0WVOQ70xu9ffth9vxlOHLhRrH6y0q6h0OhuzFxcG/DXBJTl2BfaCjOXolG 0fnbdOo8XDyxHwtmTYKvtze8vXtj7JQ52HXgDLIr+P2hF7WIunwOOzevRm83GQSXnli2YTtCQw/i Xkq2WUAvyE1F6Jb1GBXQ33CuDhmFdZv3IDFTUeo2FFmJCN0WhCnSOd4XcxauxOkrlr9vLdHkpuDw wQPYtWEhZDIBTq7+2BYaajhvYxJKnAOm3ztVdjKOHT6AM5ciociMx7qFht+RoaOnYO/Jq9DqDa3v cTfDsHrpPAzqb/jc9vEfivnL1uDCzdhik7cmRF1BaOhOw2+JrPC3ZD+u3S1nLLpeh8iLJxAaeggp eSpcOrIdwwb1QW+/AVi8bjviM0z1p8pPx4nQHZg9aQx6e3vD29sPU2cvxMHTEVCV+sEWkZl0F9vW LcOwgYbf1hETZ+No2C1otEpcOXEUoaHH8UhhOi9ykmIQGhqKY+dvQGfhOOjVuTh74ghCQ48iOcf8 9zkr5R62r1+FMQGG7wq/fkOwYNkGXIlOKDVMp8dHYdP6lRgxxPC979O7L2bNW4pD566hoMhnMTs5 FodCd2PyUF8IgoCAKYsMn4HLUZX4biMism7/GwFdr8WDyEtYu3Qhhg30Q99BI7B4xXpcufN8J3Gp TEDPjAtDX2NAP2IM6KnXQ+Ekl2HE9IWYMNC7yORycsxYdxiiHhA1ChwMWghPN2cLk9DJ4OrVD/vD zUOaTpWHkLVz4ObsZPl93v44cjmu2EVqZvwNjBvsB7lMZvYemcwJ/iNn405qrukNeg2WjOsNmdwV B8MuY/RAH8hkJd8nR//RgYjPKn4RoNcpcWjjPLi5mJfPo9cALJ4/vUJj0E9unAOZ2f45YdGOsyhz DLpehytHguHj4Wpxcj8nVw8Ert6H/KITqOm12LloNATBCZuPnsPssQMhl5nXbS//MbiVVKSeAEQc WguZIEDWaxjuPDIP8KUTcfXIejgLAnxHzEFqngbQ67Bv5RTIBAF9J640u7DLvB+GXhb2qd/ouUjP SsLE/t5mf5M79cKNNEPozku9g6nD+sFJbn4eCIIAQSaH/5gFSC0R0kWdBqdDlsPT1dK5KsDF0xdb jlw1XISVGtBFJN0+i4E+HhDkLpi2eBsyigQSUZ2LXStmwd3CeSMIMnj6DsHxaw+LlSs/NRoBfi7w GzwGcyePLnbM/MYtgaKcSfJ0yhxsWzGj9M+Sz0CcLDI2Vq9T48ye1ehVSj0IggAnl17YdvJWsYvd +PDtEAQBI+YH41DQXLg4yc0nnXT3wfZTkRVscRIRHrIIgiDDzNVbsHBSgNlnWyaTY9zCnchIuImR /XqafZZkzu5Yvjus2PZEVRaCFkyBq8X6MB4Hn6EIu2e6sZKfEoWhvi7wGjwRp47shJ+Xu/l3jNwZ E5fsLtbbw/IYdBEH1hu+BxZu3YtJxgv9kusaPWsN0ouEFui1OLBmCgRBwMz1xy0Gl4L4cDgJAjy9 RyOx8AujjIB+9/IB+PfysPAdVPi5csOctQdR+BUWc3YH3CwsNzxwkxROVDmJWDBhqMXPn0zmhP4j ZiIqqfgNEEv0ugIEzRploVyuCAm7Vyygj5+1zPD9bfZZl6H34EmISTX/zkqMPIvh/XqZfecLggC5 sxsmL9yKbFX5vXPyH16Ep5ulc0mOfzefLHUegsx759DbwwmDxs7E9JH+Rcouw/DALdDqNDi3eyXc SzlPnZw9sHT7KWiMFX8yKNDib8nC7WfKqWgN1kzzhyC4Y/WapXApctxcvPxxJd7wW5CZcAtTh/W1 /Psqd8bQSUvNvlMBEbGXDsLfx/wckzu5Y/HWXZjWtxcEwQ83Uk03AmLPbYYgCPAdswxKC+e5mPMQ w/v3hCD44ELRXhUAYs7vQR9PV4vntLNbTyzZfNTspmbcpf3w83Qr5TPggvH/Bknnwt0LIXC3sNyw 2UHFnthCRPQie+kDuqjJw941gXBzNr9YlTu5InDDEQszVD8blQnoVw9vMMzA7TIQt1IMP9iFAV0m k8HFezBOXo+DsiAPYUf34srdR4Bei7A9K+Eqk8HVsw+C9p5EalYe1Go1HiXdwYZ/JxlaHDz74eID UyueXtTiwu4VcJYJkLt6YWlQKBIzcqBWq5AcewP/TgyAXBDg5D0CCbmGCwJNbiImDugFQZChz5CJ OHHxJvIKVFDm5+D6hcMYNcAQ6vqNno+0wosIY0AXZE7o6+cLnwFjcOJiJPKUaijyMnBs+0p4ucgh CE5YEhJW7GbA7ZOb4eokgyC4YsGm/UjLyodapcS9a6cxfogfZMaLmPICeuzVMwgOXou+HnIIMidM mLMMwcGbceHmA5QV0O9f3AtPVycIghyT/t2A6IQ0qNVq5DxKwP4tK9HTTQ5B5oqFW0+bLuSlgC6D Xx8/ePoMwp7jl5FToIJKmYdLR7ajt7scgiDDhOV7i4Waxw3oojID88b6QxDkWLzLFGTTo07Cy80J grwnLtwv3oJbkBWPncFBmD5qgOEibfB4bAwOxu5DZ6EoyMWxPTuxLHCSoQXdvS/WbAzCps07kZKv g6hRYGPgCAiCAA/fYTgSdhO5CqWhbjKScWTnani7u0AQ5Fh14HqxY3rv3A64yGSQObli5tKtiEvJ hFqtRnrCHaz6dyKcBQFyrwG4cj+j1ICecf8KBni7QZA5Y9ryEOQVbQXVa3B80zy4yAS49fLHjkPn kZ5TALVajZT421gx3RBG3HoPw40kU0tbYUAXZDLIXHthw4Ew5BcoEXv1OA6cjS6ze71e1ODUtkVw lglwcu+FlZsPIjkzD2q1Col3r2L22EGQCQKceo9GqtJQ1tToU/BxkUOQu2Dqwk2ITc6AWq2GWqXA vZsXMWfcYMgFAa79Jxe7IC8M6D19/eDl6oH56/ciIT0barUSDyLDpRYnryFTkZxbytCG4mePMaAL cHVzg3vP/th88AKy8wugzMvCoU0L4OIkgyBzQ+/eXug7bArCbj2AWq1GVkoslk83nAc9+49FXJZa WufF0FVwlcsgOHth3a7jSM3Kh1qthqogB1fPHsSwvj0hCAKGztgItbFyCwO6q6cXfDw8MGLaUtyM TYRSpUb2o4fYEDgWMkGA3MUTp+6YHrtXXkB3dXOD3N0P2w9eMHwOFdk4G7rZ8DmUOWP66gOmQF3F AV2VeQ+jjHOLDBgzHzfiEg3HWa1CyoNobFg4Gc6C4fs57J4hBD16EIltwRsw2r8XBEHA4HFzEBwc jINnrkEUAVGrwOrJgyEIAvwGT8CpS5HILVBBrVQg5tpZTBnWz/C9OH4RHuWX3ZKuFzW4dvoQ1q1c AG9XGQRnT8xdshrBwVsRGZ9RLKDLZDJ49B6KA2euIVephrIgB2GHtqKPp+GzPmP94WLfZ3nJtzDc 1wuCIMeY2asRGZcElVoNVV4mzh3chr5eLhDkLpiz8Vi5N5M02QnYvnUz1i2Zafg9c+mD1cHBCA7e jHPXY8sN6DKZDDJ3P+w9fxsqlRK3zoXi5NVE5CXfQD9XOZzce2H93jPIyDGcp9mp97Fm7gQ4CQJk rn0Qft9wbOKunsGm4LXoZ/G3pKyKLgzohnocM38T0rLzkZVyD1u3H4JKBFQ5CZgxzA+CIMPg8f/i UmQcFEo11ArDZyagjxcEQYZhc7cWOy/zkiMxxNsVgiBHwOQFuHEvCSq1CqkPbmPx9NFwdnGBq5O8 ygJ6xp3T6OUsh0zuglkrdiAuOR1qtRp5mck4sGUlero7QebsgY1HTN/9elUqJvXvBUGQY9ba3Uh6 lAO1Wo2CnEcI3bQYrjIBgpM7Np+4BQBIj7+NbcEbMMZ4TTFo7CwEBQfjwOmrbEEnopfGSx3Q9aIG Z7YvhnMprROGO/zOWHvw+nMpX0UCf/Xk/AAAIABJREFUuqjTIvnORYzsZ7hoHT57o9RiVxjQBZkh 7JSUlxKFYb7ukLn74sjVh2Z/h16LvcsmQhAEBMzZLP2wF2TEYXQfDwhO7li3/7LZhahOkYyJA3tB 7uSEVftvAhBxapPhArTXwEl4kGXe5S036RZG9jFckC3fc9lw0VUY0AUBLr0CEJNevHuxXlRix4Lx hgvRiSuQaxxXqNdmYc5QHwiCgDmbTpkFpIL0WIz171mhgG6o49LGoFsO6KLyEaYZtz9l5QGzrux6 UYfrx4LhJhPg0nMQrjzIkurbENAFCK59cCH2UYk36nB2yzwIggCf/lOQonzysd3Jt0/B100OZ++h uFFk1na9LhuBAYa6n7h8v/kbH3MMen5qJPzdnSF37Ym94XEW1qvF7uWGc27ior1S3YnaHMwc3BOC zAlz1h81694qqjKxZOJgyOVOmLXuOLQWAnrmw2sY4mtoOZ++fDcUJcahZt2/gv49XSH37I/zd8yf hiDqlNg8dyQEQY6Jy/ZK54cU0AUB4xbsqFCXdlN9RGO4rxsEJw9sOnrdLGzoFIkY08cTTk7O2HAs BnpRgwOrZsBJLkf/cUukc76o3Pgr6NvTFYKsL64nm24kFAZ0QeaCxTvOm20rOfIkfN3kEGTeOB2d WoHSmwK64OSJHWejiv1Vr0rBBGPAlHsFIC5bVezv2QnX4O8ug+DeB2djDOe6Xp2J+WMGQC6XY+a6 oxaGgQD3L2yHTBDg3W8q0lSGBQoDuiAIGDplNbKUxZ99rNdmYIKvIYgs2HJO+v/yArog98Tei7Fm QyTunN8Fd5kA116DcC0ht3AjVRrQbx4LhruzE+S9RiA+R2W2Lk1+GqYGeEMQPLDjTEyRnS19DHrc eUPdeQ2ahIQc85swquyHmBbgC0FwQdCJyArN3VCRMeiCqx/C4oo/C10vanAiKBCCIKDP0DlINx5L vajCzsWG74AJS0Msfp5So07Bx0UG154DcTUh1+zvlkhj0L3GF/s9LS+gC4KAwOBTJcKdiOhTGw03 T6ashbJEEXWKFEwP8IPcyQmLdl40HYPHGYNeJKDLvUcitaDE975ei3M7FkMmCBg8ZTkyC8yf+61I uYWBPV0hCG44EW04DnpRi+MbZhvqf2QgUkrckNGps7Fq+jDjtVAVBHRRgUVj+kKQybFgx3kLOyri 5skt8HCSodegKYg3fl9k3T2Dnu5OkPeegAxV8X0TtQXYPG8M5HInjJizRbphxzHoRPSye6kDuiIt BsP7eJQezo0vV7+xSFE8+4mupMesOfth2br1WL++xGvtasycPBburoaLCK8+I3A93tQ6VBjQ5c5e uBhvPs7v5vEgOAkChk1bh/xSQoUiIRxuggAXj8GIzTH8OD68shfOgoBe/uNxP8tyS9udW1cRfS8e alGEqM3H7ABPCDIXrN5/1fLO6nU4uWU+nAQB/ScsNbRsFgnoI+Zvt/i2a0fWQyYI6DcqUBrjnHXv LHq5O0FwG4zYbPMLW+i1OL994VML6I+iThhayN0Gmt1UKKRVpGH2yD4QBGes3H9ZKldhQO83YanF 2fhTbhw0XGD7jcD9bPMLscrQiyrsX23o6j9qdhAUJc6BiNDVcJYJkHkMwcO8Ett67EniRGSmJuBK eDgyFCXLL0Kr0eDo5n8hEwSMnx+CwvypSLgIF0GAi2d/3Ey1POdAYtxt3IyKQ75aW6IF/TwyjOFc 5uSKwLX7kW8WbEWE7VkGuSBg3PwdUJXSFTLt9lG4CAJ6+o1BvLFOTAHdGRv/P3vv/RxVliZo/xkb X2xs7HYNJaVMVVeb6tme2dmN3Yn95lsz04WUKXHz3pup9CmLhIeCwvsUILwTtii8B+EEEvLeYAXC e49wcpk3n++HmwgJpQoViK6i+jwRJ0BKXZPXnuec97yn4GzY5friUvkuVEnCO3Imt5+H77FsOlVH 89VbXcc40PGSy02naTzfu4KvaQHaH1wgK9mBJKVQf/uNvLwWdIsjjca7va9L/9NrjMt0I0lJ5NWH abDrvbUuQXdlTeb628+CYCcb5uhRFuMX7eole+0tt5icmYRkdnO02/Zanz/mbF0VV+71HnsfCPi5 f/Y4iiThTpvGvba3BV3lh8JzYfd104LRSJKZWWsPv/nO7xD00XM3hRVEf+tjfOO8SJKVDUdCz7QB FvRgoIPbNy5RWXOmV89fUNPoePmYnMmZSFIS20+e7/ZhX4KusSl7FJJZZc3BPp7DaJTvXY4iSYyd vTHMfdKb/gh65sy1XaHe3blZdwBZkvBkTebWc/1+6nxyhXEZLiRLBnXd3mc99rLzJaumZyFJFtYc rH3nPsKHCLqVo6fv9VrflfLtmCWJJNdwTtRfpq29g4D25l1y+XwDF6/cot3f7fn3gYI+bO6mXh8H Wh8zb0I6kuLiUO3VPlaisWf5JCRJYtbaY/r3bn3MnNFuJLONzcfPhF3q3pkTuJOUARH0tjt1OFQZ xTmWO2+3aITofH6b6SO9SGYHh+v14/P8WhUeu4pktvNDfh2v2toJdLuWHtxo4nTTVZ63dnv+CEEX CAS/cn7Vgn6pYg/Wd8i5JEmYFSuHGvvTozSwvBb0H9s3RbVid7iY4lvB2euPelSCXwu6ah3Nrbdf iMFOjqyZpbeej55M7po1rAlXVi3CaZYwW+wUXnwKwQDlOxeFKq9baO/Hi8//4gpDzRJykoviS+Er XAC36o/gVs3IyRO5/by9m6CbWbytIuwy54q2IL8l6BdObiPJLOH6bnGfvZm3T+dj+0iCfuroRl3i vs3pe/xxsINDK/XK/MSl+/RKeTdBn7pkP+Hqxo+aClAGSNBbH11hwlAHkpTE5vw6WlpaepT7V6pI t6lIkpk1h06/tf8flsU9qGm0t77kycN7nGmso+zkMTbkrmT2tIldY8y7C/rlYj2pn2v0Ql71p7LV TdCnZa9iVKpDX35UNi3hsvYH29m5UD/2WeNn9nk/rFqajd0soThSqbquy++bEHcPhWd/Qt6KoJ+T m+chSRITFu560/vTTwKdHTx/3sKNKxeoq61i/7YfWLZoHqOzUkPjO8MLusM7iXvtvY+B9vwWE4Z5 3kvQsyYsp+XtC7aboC/4oazX0n0J+ms6O9p41vKU5nON1NWWs2XtGnJ8Mxnq1c9lWEE3ezl57m7Y vd2+ZMJPFvSVB+rD9iIHtU6O5OqNWxNXHdD/5iOMQQc9Surli+c8uH2Nurpajh/YxeoVS5g4bgSK JPVf0IMvmJluQTIrTJyzOPzzfs0aFsz8DlWSsI2a9c4wd+ifoM9ZEz4U/XbDoV6C/uBCCak2GbMt mYXLV/Wxn6uZOCI1dPz396un/70F3ZzB2Qe9hw21PrnCxHRH6F0skz58HAtXrONkRT0PHrfQEe7Z /4GC7ttwstfHLx82M9atIFnszMlZ3ud5nT1BHy6TPC2XIND65BIjrGYURxqVV8PnHAi+vMHYZOeA CPrVsh2osoTsymJ1X/WN3BWMTNbD8ZcfqAl9/RaWTRnWNWbdlTIMX84y8k6UcfPeY9o6wlyjQtAF AsGvnF+xoGvUhOTqnUVW2V569a++h68FXbFmsufoMY4d612q6s9y7+HTsC+gLkG3T+wVIh/UWtnu m9C/7y9JSGoSR88+gmAnR19XTFcf7FfFyN9ygWRJwurI4PzDvse2Pr1aqWeit4zk0pNX3QRdZvW+ xrDLhBP06v25qJLE0Bm5dPQh6I9v1JIhfxxBrzm4BlWSGDlnQ9heIwCCASp2L0aSJMbM+kFftpug z16dHzZL8cAJusaZgs0/PryjW/GOyeFld+P4AEFve/6Qw9vWMX5k+lvbMZNkd2APJdbrLugN+1Yg SRKpM9f1b8q0boKu38MWrBYFs2Jj84kzvdehvWDN5BH9vh/Mdi+ll/XGpi5Bl9OouPSw1670vY/t HFg6DUmSmL4xv99TwWman6tnK1gyeyouu6XHfsmKBafTGUoAFl7QnamzeRLmsvwQQR85ZT0v315n N0FftKWy19J9CXqg8xV1RQeZO2lcr0R2qiUJl/NHBF1Op/LtoSEhfrqgK+yuuhb+qwf9lG7L0b/7 nB/0xpUBF3SNx7cvsH7JfDK8jp7Xn1nG4XBitSj9F3TtPmOUfj7vJQl12FTu9yMXwYdMsxZO0K/X HsYdJjFcX2XMkt0fV9CVkVxuCRcJpXHrfBlTxw7rlYzUYnczdfZiShuae74DPlDQF2+r6vXx01sN DJX7f7zsE5cRBF7crsMjSVg9mZwOE1Gj7+9TsjM9AyLopw6uCTUo9a/k7H7TKP/ifjOLZozHkdQz 6aqsWBk7aQ4HC2p40T38XQi6QCD4lfMrFnS4ULoTS38q4z9zD3p/ksSF452Cnv2dLpe+VRQUFlL4 Y+VkEbeetulitk4Xs+9WHujXi++1oFscaZy5HybkPMSjiyWk2GUkx1iutbS+t6DXhgQ5bdqqvgX9 eg3pH1nQh89a1+f2CQYo3qZXyr/N3q5HIvwVBT3Q3kLujFFIkhmXJ4XMzMzwJSMVxSxhlm0cO9Pt HnhPQe9sfczqWXrFSbHaSMvIZPrcHNZu2MThY4Wcv3SDo2FC3E/nrdYrhNPX9K+y1V3QFSsLNh3l +NaFmCUJe+o4zt19a9yq9oK1U0YiSWamLNr47vuhuIz7z/Vr+f0F/U0UxbT1R/sp6BqXq/Pw2lQk s4zTncyIMeNZtmoNW3btp6yynjtXTjEsxflJCnpQ66Bg+1KsqhlJVvGmpDNm4gzWrFnLnoPHqG08 z7WGY32HuA+ooMvsqrwa/qsH/RRv1sdPj1mwvSsC5l2C/upGZb8F/cmNBsaGcoskOdwMzRzOwuW5 bNi8g5PFFVy/fo2cqcN+gqA/YKxFf58t35L349d3YSFFlQ20vmMGAhh4Qb9Rdxi3LKEmj2Tf4ePv 3M+aMEM9wjHwgh5avv0F5+vK2bZxNeNGZeF1O7sy5JstTraeOPVmiMJHEPSW240MVSQURwo/7D3y zuNVUtdEEHh5/zRpZgmLO5NTd/qY6u69Bf16L0E/nbcWRZKwD5vMiXc9XwsLOXu9Zx6QYKCDa02N 7Nu5mSkTRpLidetJKCW9ATZ7/aE3EXNC0AUCwa+cX7WgP7nRwHBX+Gmwuhere2zvMbh/BT6moBPs JH99SLQX7iRMxGt4ggFq9uu9mSNnbOBVH8u9annCk5bndAY0Aq03GWU1Y7Y6yD/TO/nWay6V7cEu S1iypuuZ3N9T0K+U78GmmLEOn8PzMOHVoIe426WPI+jnC7diNUvYRsztc/vBQCvbcyYiSRLT1x0N JcX76wn6wyuVpCfJmK1ejjfe6vPvgh0PmJzmQJLMjMvZ0S3j/PsIusaFoq0okoTVmcG+klO8au89 Dv345vm9BP1m5Q5dLrN8POtjfHj7y2c8ftJCe2egh6BPXLib9oBGx/PbzBjpQZJkxs/7gRc9prjr YPcSfYzmzNwjYYcX9MX7C3qA0tBwkXG+Lb0STXWt/+ljnjx7TmcgiL/9CdmjQ98hey1X7j7pJfad Dy+QlWz/JAW95WYDw9xJSGYri7cc4eGz3uLw4Owx5L+KoJtZndcYPsQ90M6uhZORJDNzNh0P/fKN oM9YfTT8/XvuGOb+CHqwg52L9MzzKaNnUt98u3cCwbYWFkxM77+gB18yJysJSbaw5eRFBoqBFvSH zWV6JJVzFE33X/Re6D35WILeHc3fwYM71yk5cZDpYzIwmyXsw2e9mUP8Iwj6q0eXGZdsQUpK4eTZ 8MM7wtH+/Abj3Spmm5fCc+Hfy1rbHSal9h3injxmce/7Hmh/cIHhKfYegn6jcjeqbEZNncbTn5BI MxxBTePpw7vUVRSweMZ4VLOE6sqi7nooVF8IukAg+JXzqxb0YKCNvPXZqH3NxyxJSGaVZbsr+h1+ OpB8VEEHmst3k2SWcA6dyKUH4VvQ2x5cYO26LRSW1fIyJLK3T+djlyWcaRO4GG65YID9q2YxdNgo Vu4qQgu0sTQ0XVr298fDviyDWjv7Vs3ELEmMmfs9rZ3aewt6273TpDusSEoyldd6j3kPap0U79DD y/sn6M/0sZv9FPRn16pItqtIipvSSz3ngH1N6+NrTMnSE/S8nh7mryXoQa2T4xtD2XvHzePeyx9f T3EoA7/qzOLs/daufS3clN2noN+uy8P+lqAHNT8HV+gCkzV7Y1gJ1jqfsWKKLtaTFu7umre2/f4p vVfNltZjyr83XypA2Z5VpA8dRs66fbR2doSZZk3jRsMx3FYZWXWw5fjpHvOjNxzbiMUs4R45i9vh kgsCT26cYsPG7ZRUndKvUT5A0IFrtQexyRLuzClceRxGAoJ+di6eQuaI0azdX07ro3OkmSXMSS6O nwkf1XOtJg+nVUaSkqnrlpn/UxD05tLd2CQJJW0C15/0Ph5BLUDZTv3edadN5W7rxxR0idGzNobN I9HecpPJmQ7MFhd5NaEw+GCAI+v1vB4T5+8K2+hZu285Uj8EPdjxgBlD9WmiVr813eBrXtw7z0i3 iiQlsa17YrxucvJ2krg9SyciSWbGzttMR9iGLo3z5cfYtusAdeev92taqhf3mxjtVgZM0P3PbzJ1 mBdJUtl0/EzY5TR/K8d2bmb/0QKu3H33nO0w0IKu8eBGE0cP7uVgYV3Y83P3zAk8NhlJ7ba89pyZ GZYBFfRAewvLpw5DkhQWbD4RduYDggHKDu5gd94RzoV6prXOV2yYOwZJUlm4pTDsub575oSecPUt Qb9Wvk2/B9Nn8yjMBm815uO1yj0EvePROVKTFMyyjfyz4RsE/C8fsnfLFg6dKObuU317Lx7d5OTx I2zZkx92yNirR5f5NtWCJHs4Vh9qbA62s3XeWCHoAoHgV8uvWtAB2p/fZ9Pi6aG5Pt8ee25lxpKt PGv/62dwh48v6K2PruiSKKnMWr2Hp696Jlvxt7Xw/Xx97mdn+mTuhDLZd7y4y9yxKUhmC9nr83qO /QIe32hglNeOJCmsO3oa0Dh9fCOqJGH1DKfo9M0eL8yg5qe55ggZTiuSbGNHSWju6PcU9KDWxg/z vsUsSYycsZoHz9u7bUvj7sVKRiXb+y3oQa2NBWMdSHISO0uvdNt6eEEP+p+zesZIzJJE1pRl3H/e M+u4v+0ZeRvno0oSzoyJbxo5/kqC3t5ykymZTiRJZemu0nc2PrXebcCrmJHMCot3lHZ999dyNm7e 9l4Jzh41FeJMkjF7JvGoI7SfwQCFoYaBlHELeszRDRDobKXi4EYcofGcY+Z+T3uo8qcFWlk9LQtJ kpkwfxNPW3teqy/uX2LGqBQkSWb+Dyfo1MLPg64F2ji83ocsSTgzxnPm9huBfXHnLGNS7UiShZxN R3td1+0vHrJyht4zmTY6m4ehae4+RNDbW24yY6QXyWxl4eZ8Xr0VcfHoag1ZTiuSpLK58ALtz64w MsmMpOpj6XtWPDVa7jbjG58ZeobZKenWQPQpCPr12sO4FTNmZxY1YaYZvHWujOHuJF1yU8Z23QMf S9Ali4v95Rd6yEug4xXHt+ozTqSMmsOdF51dy1UdXI0iSbiypnD5Qc/e3xcPLjNlmKt/gh54Ss5o PQna7HXH6HhLTNqeP2TLoqmh86yy7nBdt+PkZ88yffjSgi095eROwyGSZAnF6mbnyTNdDWCv9//x zTNMHOZBksxMWxZ+irO3aX18jQkZVqSkDCouPeq2H+8n6AQ7ObLehxJqPD517WGPZ1RQ83OhfB9O ixmzYmdH0fneKw7DQAp6UPNzcrN+zrwjZnHl0VtJ5IIBzhZuw66aScqcwYPQuzWotZMzzoEkW9lR coV+8Q5BJxig7vA6LGaJJM8IChuv9ZoS7s75EjKcFiTJzNJdlV2/by7dhVWWsCWPorzpbo/j3NZy lxUzx4SSs/UU9MfNJ7FIEqothYIzPRNjtj9/wPp5E0LLdZtmLdjOhtl6no/08fO58bjnMQv42yjZ l4tVMaMkpVFyXs+c31y6iyTFjGTLpLrXva1x/3IlQx0KijOT6qtvpizdt1KfgjV7U1HY4SYCgUDw KfOrF3QAf9tzqk/sY+aU7xg+bBjDhg1nwtRsjhTX9Z2F+6/Axxb0oOansWA77iQVSbHy7bR5HC4s p7GxkcqS4+RMH6tPs6U62Hayew9NgIsVB0i2W5BVG1OzV3KyoprGxnry925mdKY3NPVZTlfFxN/2 lNzZY0OV00xWfb+L6rpG6msq2bFhGWkuG5Ik8928TTx5LV/vKegAj6/XMzpFzwabNX42R4sqaGxs 4OjeTQxPdeFKTcVm7q+gd7Bssi5/4+fkUtvQwPmrd+lL0AEeXa5ieGj7Q0dPY19+kX5ci4+zZM5k vRJidbPlWP2bytQHCHpz9WGmTJ7MlLkruPWj4ZgaVyr26JUr51AqLj/6kb99vV/trJqiJ3Rzj5jN w9YAoNFwdC2SJOFKHUd+WTWNZ851Cebza5W4baGpcQ4V0Vhfy91nndw7ewKHxYxZVhk/exlF5dU0 NjZSdvIoS31TuzK4S5JE5vRVXb3UAPcvlDHUlYRZtjB2Wg75Jfo5PXl4D5PGDkWWJLzDp3Hx3vMe Ie7dBR2g9ck1pma59OttwQ9dwxCCWieVB9frDQSqjUmzF3G8pIrGxkbKTx7FN2mEnrTRnsyByuau 9X2IoBMMcLZoN16bimKxM33+aoora2hsrOfo7k2MSHdjliQyJy7laXsArfMV6+fq0mNPHsb3Ow9T 19hIQ101e7etZ2xWSreZH3pOD/UpCHr7k6tMGq73HKeMmsKBY8U0NjZSX1XKD7mLSXO9mRbT5hlB 08NQHoCPJOiqaiHJmcLSDbv141xdysp500hSzShJyewpbepxbT25VhdqQJAZNdnH8VL9+i48vINv M5NxDx1Nml3uR4h7gIKtOShmCdnqZNHaHdQ0NNLY2EB+3k6mfzusW4JHhWV7us0rHQyQt26mLkKj Z1NeW0/DuctoGmj+V+xYNg1ZklDtHuat2EhZVZ3+7N6/jW+Hp+gh+BnjOXWz57zlfdHRcospw51I koV5uTupb6jjyt2n7y/owKsHl5g5Jh2zJOFOG8m6HXk0NDTS2FDDjnVLSHZYkcwyY2ev4XGYeb/D MdAh7s9un2G014ZklskcO4VdhwpoaGyksa6avVvXkuXVRXzl3vKuZ3xQ62R56F3y7ezVoXfJO2Z+ eJegAx3P77F8hi7Tdk8GyzbupLqugcbGOg5sW0dWslNvTBg1h7sv3jRu+tuesGnBJGRJwpU2iu93 HaG+sZHyoiPM/W4kVosF2WzuJej+tkfMHelGkswkZ41jz9Hi0HPyMHMnjcHpTScrxdlT0IGn1+sZ 5rEjmc2kjZjAtoMnaGxspK66jA1L5+BMUpHMKnPWHOBV6Nnvf3mP7G8z9HdNygg27jxEfePre2EH E4fr0XmTFm17My1gMMCRjXoy27RRsyirqafhXHO/IkIEAoHgU+BvQtBfE+hsp+XpU54+bek5d+nP xMcWdADN30ZN/k6Gp7rChvg7vJlsOVzVqwdHC3RwqvgAo9LCLacyamoOF98KPWx9epsNC2d0zdve vVhsbubn7uRu94rQBwg6aNw8W8rkEWlvbctM2ojJ5Bce7neSONCoPpiLpVtm4bGLdqIF+xZ00Lh5 roypo4d2TQ/TfR+8GWPYfaKWth7joN9f0OuPrscsSZjdY2h+2HtKoK696gprlBgxYy0v+zkWsLl4 i75+1cbeCr3n5/H1ekZ6bW/OYdp4rjzSK3Fa2yMWTsx6891llQMN9/XQ1M1LcIS5BiTZwvDxM9i8 YRl2i4wlfUqPXvagFuBK40kmDksJc80pZH47k+qLd7qiL/oS9KAWoKlkNw7VjGxxsuX4qS550Dpf UXJgE5lvZc1+XTzpo9hd0NCj5/GDBB3Q/O3UFewONei8PcTGwpgZS7jSrTf28fVTTB2VGnb/bK40 cnK/Z864NCTJzKqDb6YJ+xQEnWCApvKDoXncwx//NVu2MtpjwZzk4USoAeJjCfqU+RtZPufbkKS8 uX9dKSPYdbzurR5ovTGvPG8Tac6kXvd8+qgZ1F1qZkqy0q8kce0tt1g+6+1th7JXW51MzV5G7gK9 l3DCwp10nz3wat1hUmxvGruso+d19YZ3vHrMztXzcHb7vPt9lDV+JhVnb/ZbZoL+VvblzumRoXvR rgqCHyDoAI9unmPh1LFdCdd6fH/FxtSF67jxds/1jzDQgh7U/FyoOsLoDE/Ya9Vq97Jk0yGetXX/ Xho1eWt6vEvGLNzx4yHY/RB0gBePrrN2/rReGeX1YmHM9IU03eo95OvV0ztsWjSTJEvPKMIkZzpb d+0g1WXrJeigcf1UIaPT3b225U4bzaHyejbMGtVL0EHjVlMF00ZnhHkvSlhsHhas28PD5z2HGD24 Ws+McVmYw2T3l1UbU3M2cOtJz+F21xuOktptlgvrKB8v+sgJIxAIBJ8af1OC/kvjatUxsn0+5i/a wvP3EPSWa3XMn5fN/IWbf3T5oBbgyf0blBYcZsWiBfh8Pnw5y8k7Xsz1e72TUHVf7um9GxTnH2TJ wvn4fD5WrNlMWc0ZnrWGn57H39HKlfMN7N22Qd9Odg7b9h2h6fKt3o0iQT+HtyzD58smv+pq2PXd PFvCPJ+PVZv28TzMoM+XT+9TfvIQS7J9ZM+bz/b9J7j58BkvHl5m1Twfqzce5EXnG0GvL9iFz+dj d/6pHpWmQMdL6suOszwnG58vm80HSukMwuXafHw+H9/vKgk7j3Xrs0fUVhSxbsVCfD4fCxau5Fhx JXcetvQ+rsEAFYd+0Ld/rDFspe357TPM8/lYvOJ77r98c7yuNBSQ7fORvWQjd5619V4wRMfzu6xb PB+fbz6HK5r6/Lu38b+8w+rX3/2QPq41qPm5dfkUW9Ysx+fzsXDFDz22/eLRTQ7v3ER2to/s7Bxq QhW1gL+dq+fr2fXDGv0a8M0T4I44AAAgAElEQVTnh50HqD3VRMvLNvwv7rBu2SJ82Ys5f+/tJFEa Lx7fpaLoGKuW5uDz+Vi8fD0nK+p59Lx7446fwt36+g8WX+j1fQIdLzi8Rf98xYbdPH71phId1Pw8 unuV4vw8liyYh8/nI3vhSo4WlnE7zHlra7nNhhUL8M1byYW7YcbH94OgFuDx3WucPLqfxTn6vbRy 3VbKa8/xvO3teX41Xjy5R1nhYZYv0vdv0bI1HD1ZxtVbD+kMBDhbeoB5Ph8b9pzsGrf58GK5frxW 7Aqb2ElrfcQPa5bh8+VQe7UfkRVoNFcdwufzsW5rQe8x10E/Ba/PQUnvpGSdrx6zJTcHX/ZSGrpt L6gFeHTrMvkHdrBgXrZ+jtZtoaiilruPnqEF2snfua7HNdz29FbXObh4L/w5KM3bhM+Xzc7jb8LB A60t7NiwFF/2Mk5ffy0SbwR9Tu5xWl+1UFt2jKXzssmel8PeI8XcuB9+aksALdDJvesXOLx3C/Pn ZePLXsKhkxU8fNZKwP+crcvns2jpDzxuf/PcOVe6H5/Px9YjNT3CcTtetdBYXcK65fq1nj1vMQeO FXD+ym3aOv08uFLDAp+PZWu387hbA6UW6KD5dCXrlunPnaXr9vKqW2Oc1tnOjctnObJvOwt8Pv1v cjdRVFHP4+f9S4jWnfYXjyk9to9F87Px+eZxqOw8WjBA0b71+Hw+9heeC/seeXytnnk+H0tzt77V wPr6+z/jTF0lO77PJdvnw5edzcbt+6k7fYnWzp82xKft3nnmZWezYPHWHu/D8NcAvLx3Qb+/5q3j 3svw77OgFqDl4W3Ki/JZu2Jx6J22kB37j3L+yu2wY6YDna9o6PYu+WF/aa8cHj034ufErlx8Ph95 pc0/8ofgb39J89k69m37nnmh85r7/Y4+niPdl3tF85kaNoee5au+3835a3fpfNxMpsceRtD14WIt D25RfPwASxdk48tewLb9x7h29zGa1sHJ3evx+ZZxIUyiv9Znj6irKGJT7jL9mM3T6wFnL93ss3Ok 9flj6iqL2bp+Zeg4z2PD1n3UnW7mVUfva0ELdHDpTBXrly/Sr++1e3j5M0ZECgQCwUAiBF0gEAgE f0P0FHQxflXwt4r29FKfgi4QCASCnw8h6AKBQCD4G0IIukAAQtAFAoHgl4oQdIFAIBD8DSEEXSAA IegCwd8a1x0jORf1j6IMYGk713uI30AgBF0gEAgEf0MIQRcIQAi6QPC3xtU4F6f+fYQoA1heNZ57 94F/D4SgCwQCgeBvCI0LtQVs2rSJwqrmH8+wLRD8itFaH7F351Y2bdrN3RfhE+UJBIJfD0LQhaAL BAKBQCAQCAQCgeAXgBB0IegCgUAgEAgEAoFAIPgF8LagX/jT/+LejMWi9LPcHDpRCLpAIBAIBAKB QCAQCD6ctwX96pDkn3uXPile1Z0Wgi4QCAQCgUAgEAgEgg9HCPqHIQRdIBAIBAKBQCAQCAQDghD0 D0MIukAgEAgEAoFAIBAIBgQh6B+GEHSBQCAQCAQCgUAgEAwIQtA/DCHoAoFAIBAIBAKBQCAYEISg fxhC0AUCgUAgEAgEAoFAMCAIQf8whKALBAKBQCAQCAQCgWBAEIL+YQhBFwgEAoFAIBAIBALBgCAE /cMQgi4QCAQCgUAgEAgEggFBCPqHIQRdIBAIBAKBQCAQCAQDghD0D0MIei80NK0TTeskEAigBTQC AY3OTj8BTUPT+MUXfT81gkAgtP+BTj9awE8wCFoQgj/3YRYIfsFomkanP4A/oOEPaGih++bnvrd/ /L6HTn+AzkAATdN+7kMoEAgEgl8hwSD4NY1ge5DOoJ9AZwedgQCdmkZnQP/ZH+ikI9hBZ7CdgNZB QNM+2dLW0UlHRztaoI1W7RVt/k78nRrBgKhJ/xjvEnQt5CqBUJ0lEAjgDwQIhPwlyM9frxrYon9f f8DfrzqaEPRuBIMAGgT9BEIHsNOvcfnqDfILijiSX8DR44WfRDmSX8CxEyc5fbaJtrZOtECAoBYQ gi4Q9IOAptHhD3D2/AUOHD7Kzj379bL3wC+27D90hKbmy7xqaycgBF0gEAgEHwFd0CHYEaQzqNHR 2UFHoJPAqxfcry/n8roN3Fu6ikdLl3N/8VLuLF7K7aXLPtlyZekSri1bxO1li7i5ahUPSsvxv2ol EAj83KfiF01/etC7i/mV67c4fOwEu/bsf1N+AXWrDym79h5g1x697Nl/kIrqWl6196+OJgS9G8HX 1hoMEAgE6PRr7Ms7huJII9HixqQ4MSmuX3xJUF0kqKH9Ndv5btJMnj970fX9hKALBH0TBDoDGrv2 HUS1u0lQ7cTLDuJlB3GygzjzL7MYzUmodjf78o4IQRcIBALBRyEY1CO2gp0BOoJ6g3a7/xUPVm2g 0hDL6cgYGj43UBQdybEvIjgeE0GNIfKTLVVRf0dp9GdURg3i3OfR7P/ya+pnz0Bre/Vzn4pfNOEF XYOg3rDxuhc5EAhQVlGN2ZZCosWN0ezAaLZjNNuJN9t/9rrVh5R4sxOj2YnR7MCkOEm0upm9YBkv XrW98/gJQe9GMBDUe5g1PbS1rUPDmz4ak+LFqHgxqV5MyqdRjF3/ujFKdioqa9FC4TivQ0cEAsEb gpoG6KFV9x49xpM+DKNix6g4iVc9v/hiVF2YFDvDxozn6fMXoXtciLpAIBAIBg499FgjGGjHHwjS 6dd49fQ2Nf/fv1IRFU21IZqKqChKo6OoMUTRGBlFreHTLaciYimPiqUoOoYzEVE0RhjIjxzEi5rq n/tU/KLpW9D9PSS9rbWD7yZND+8yqvdnr1t9UL1MScakpGBSkjEqHuJkJ0bVTWlFTVdof18IQQ8R DL4RdAB/QOP23ceo9vSfXbY/pMTLHkyKm30HjvD6OhByLhD0prugN1+9jsWVRrzqJF51Y/wESrzi wqg6cSQP5dqtO6FvJQRdIBAIBAOHnpMlQDDwCn9nEH+nxpNrZygxxFBliKXaoAttWVQs9ZGxnI6I pcrwxSdbTkV8SY3hC8qiYqkyRHPaEM2pyAjuH8j7uU/FL5qwgh4MQLBTl3T0MdlPnzzH7kjpu8Px F1C/et9i6i7osgej4sakuNmfd/Sdx08IeohgEIJ+XdCDQfAHgty+/yQk6J73KO73XG5gi1FJJs7s YseevC4xF4IuEPQmqIXyNKALuupKI051YbR4MKmu9yxOTKr7A5bvf4lX3cSrLuzJmVy5cVtvmQ2K MXICgUAgGDgCQQhofoKBlwTag3S2azy9UEPVZ7+hNDqWps9juDIohobIWIqjv6A4OppTkZ/1XQx/ R2PkZ3oxhPvs7zhl+Ls+l9c//6zn3xgGdS3ffV09l9NL12d9bKM05jMqogdRY4igODqaoqhoagyx PDh45Oc+Fb9o+hb0Dgjqeb78fo1HD5+SZE/u22V+tO7jDtWzPqT+5CShxzoGsM6meDHJyXpDg9mF SXGToLo5EBJ00YPeT4IAwQDBUObG2/cfojjSMKkeTGqo5UMNybfsxCQ7MSpe4pRUTEoKibKHBNmF UbWTqCQRZ7YTZ00nzuzGpLhCIQ/ubheEPiZBb2nxEK96Mb5ev+LCpHhIUFIwml9fuE79X9mLSXm9 vCv0s7drP7sXfX0udu3tKehC0gWCtwgG9PsfXdCtrqF6eJWSglFO0+9L1REqbgYrHgarXkyymyGy iwTZgUmxI5ltfKOm8k1SKmZJxSinYlJcJCo2TJZkjIoLo6I/qI2KHgZlUl0kKk6GyE4SFCdG1RV6 Lrj0ooRkX3GEnjPJmFRvV+9+gqyvy6h4cHizuHLjjh6CqAlBFwgEAsHAoQUhoHUSCIIWbEfzd/Ck 6SKVn/17agzR/S6nIw2cioii2vAlZVEGSqM/pzgmivqIGOoNBk4ZImiMiKU46itqI2OpMRjCrqfC 8BXV0f+JusivqI2MoNbwd1Qb/kh51OfURkZTFWWgPmoQdVGx1BliqYiKpDIqgjqDgdpIA7WRUTRE RFMXGX4/aw1R1BhiqDbEUmWIpTbSQH1kBPcPih70HyOcoHf3j9eudf/xUxR7cliH6bs4SLDYMUoT iVcTSVCdJKo2hpg9JCo24q12TLILSXZjNCcTZ7WGXc83agYmq4IqKZhUF3+xphI/ZDhms41EWa+b xSvJGOVUEhR9GKEx5Fbxirvr/yY1vIP1cjJZ77wVPeg/kXcKuuwmweIlzuxEsroxW+wkqE59nHe3 8ekJFjdykpNEqwejLY3EJA+JqrNXr7pR1ceIJ1qTSbB4Q79PxqSkkqAm6xes4tFbX+TXku7VwyXU 161KntDPQtAFgg+iT0F/3QD2ukfchUlJJl52M8SWjGpPRU3yYrV5Ue0ezLKNv6ipGB0ZWNUkjJIX sz0Fs9VOguoiXnaG7luvHvak6s+DBNmjy7ei37s9x5d7iFNcxMkuElUvCWYXCaonFNbuJkERgi4Q CASCj89ACbouvTEUxho4+3kEDRExFBn+yLY//xOVhhhKoiIoi4ml0vBbqgyxVESFF/Sa6N9TZxjE sdjfs+fv/xv5MVE0GiKpiDJQFmWgITKW8sjfUh3zJw7//s/s+/t/5Mgf/p6amD9QF/kF1YYYSqIN VEQJQR9IPqagJ1hdxKs2Es2TMdtVjFISJrOFIbJXT+xrdWO2p2JWHJjkZIxJ9j6E2Uu8kkSCNR0p yYNsc5Aop5EgO0iQX7taCgmWFCyOFCyOZMy2ZFRHGlKSN5T8zYXxdb1OCPrHoT896K970Tdu3cPx ggIkqw2TYtfDSy3JxKkppA6bwMVL13GlDmPrwXxOlFYgW50kyG4SusZVJGNUUjAqHhIsHhYu38DY 72ZjklMwyulM963kzMXLyI5UXdrllJCkJxOvJhOvvK68e4lXk/UGAiHoAsH706egvw6heh2uro8p mjh9PsUVNZw5f5Wa2nOca7pCVW0DM2bM5d/UFA6VNbBx7VqMkpsTZbUcPHqMRIudeMVJvKK/GPTo F8+bhjjzm8Y4o+ruEvQ4i5c4SzIjJ89jWe4PmIZYMclOEizerns8Xgi6QCAQCD4yAyXodZG68BbF fkbT55HUDvo9px2j6LjVzA1PGsejdSGvNnxBjSGW8qioPnrQf0vj55E0pQ9De/yAS2npnIn4j9QZ YqkxRFJh+Iqq/1fh7v4tvKot4F5hHs9qj/M4fxdnPW7ODIqmxBBBeYwQ9IHkYwq60eLEaHEwb+Ee dh3chUm2YTRbSJC9mFQb3yhe9h0pYVXuWkxmF3GqLex6hshOTKqXf00aTfO125QUHCNhiAWjGopY VlJRXcPYvPsAp881U9vYRN2pCzSevciWnftIVOwMUULRzELQPx79FXSj7GbMxBncvvcAb/pQEhQb JsVFnJpMvDWdA0eKqK5twJzkxjV0LClZI0lUbHrPmOzWxyGYXV29XmZHGvWnz7Ny1UYSzE5MSgqK K5OhY8aR0DWGQR+/YJSdGBW9N94ou0Phsro4dO3f61B8IegCQf/pS9DV16Ht7lCETCqpwydy72EL W7fvwp08jPhEG57UESxfvY4ly1bzb2oKJ2pOsXn9GkySE0/WOFIyMhmi2jBZvAwOtcwmmO0kKvZu Q1VSu4awmGQ7RtmOSXXpveeql0XrdnK+uRlpiESC2U7C69AqIegCgUAg+CswUIJeG/kl5yJiKY/5 jzRExFLx1T/TXFPMg8ZKWgoOU/Xl7zllMHAmIobyqBhO9xGCXhMZS23s11w6eoCLBcXc2rOVuggD pdGx1Bs+56Th91zYmsf9zeuo/4f/Sd1nf0/FH/+Z+uFDuTr1O4qiomkc9DkNhvANAELQ34+PKejx qos4q4ucxXs5cGQPJslKgmrTx3qrDr5RhnLgWAW5a1eSIDneRBy/VRIVB/HmNEbOWEnD6SYunj1L xtBkjKoNo+ImXh6Kb8lamm9cZ8y33yGZHQxRHUyYPJutuw+g2LwMUUPTqAlB/3j0R9DjZX3sqOxI p6qxibkLlpBotmGSXRiVFBwZ33Lj7kPmL8ghQbYhuzKxuzNIVB3EyW4SLB4mT89m7vzFuD2pJFg8 pAwbz7mmS2zevBVvajomi50hdg/25AxMihPFkY7VlYnFlU72oqUMGzMeo2TDYk9lyoxsJk2brY9l V9yhCrvoQRcIfjJ9CnpoOIniJd7swSh72LTrAEXllahWO4mqpysaxiTbSTAn8RdrKser6tm8biWJ ZgeqNxOb00OiZCde8RJvSWH0xJksWLgYT0qa3sinupGdWVjdmVgcHuZm5zBr7nwsdg9G2YbFk8W6 7Qe5dLUZj8uOzZmCSXZ3hd8LQRcIBALBx2agBL0s6kvORMRSFf0ZtZF/pFZO5dXdRspkN50NtVT8 y79QERXBmYhoSqNjONWHoDdERdPkGsvtigK2/+6/0FJykpP/+19ojPiCxshBVMT+mXsnz3LTZqMm chCHY76kNPZ3VBtiOfl5BCd/+wXFMdFU9DHGXQj6+/FRBd3iZrDVzcLFezh4eBemISpGxUa84iFO tfNvUpYu6OuWkCjZSFDd4YXZ6kayj+T85WvM8i1m24489uzZQqJqIc7sJE4axvc7D1FcVYxZsSCF coolqG6MslNfr/I6sZwQ9I/GuwS9ey96vOJm0tyVVNadxeF0Y5I9xJlTmJ6zhuKKKqx2B0MsDtbv zKOwqIwE1Ysz81uKK6spqajm0JECysqrmTJnMQfzS3jwpIWLF85ztOAESSlpfDtzLlV19Ui2FBat /J6yqhr2HS3kwNETXLh6kz37DnLseDFH8os5deY8G7fsCPXIe0PzIXuFoAsEP4U+Q9xDGThVj54w zuzlVNMlfKFGOKPiIU5JDc136SRBtvONNYVjVfVsWb+SRMnO/hNl7D9wiCGKF1f6OI6cLOdkeTWH 809QUVvL9Dk+4sx25ixdz5mLVzh49BgH8o5QXl1PUVkFLk86i1d9T0PzTZ623Kf45HEWLdtAvKRn CtWnWfMKQRcIBALBR2WgBL0i6gsqomI5FfkZRZ//IzdWbuD83O+ojPwd1xeu5tz8aRRHDaLSYKDW EENFVDR1BgPVhmhqo6KpMURSHR1NVfRvub31MNeyZ3NqUAyX5izmytallBt+S2W0gULDH7m1IZ97 hzZy3vgNBb//miLD31Ef+Tn1hmjKQ1nZ6yJjhKAPIB+3B93NYIub+Yv3UnjyEEOzRpE28lvSRown ZeRYXJnTKCytY+26pSQOsYWywXtDWdRdIbF2843Vy5zFP9Dy5AE2Zwbjpy3l1q0ruD26Q8XLw5m7 ZB2Xbl1h/sLFpGWMJc7s0HMJKS5MipN4xU2c0s/QfCHo70d/BP1NcTLEPYFzF6+zevVM/qKmYLKN JL+hiRmzfZjMNkyKm5V7jlFedJR4Sya5m/NoqCtBVZKIS/AiO7OQvCMYotioOH2aFcuXMTjRSpzi ZOysJZytLSTRlkxO7mZabp3BmTGWuCFucrfn8+ThTTIys4hLtDN81HdcunKOZE8m8Uo6cRabPmZd SSbe4hKCLhD0hz4E3SinY1JSGWy1MtiSSoJ5OHduXWfshAkY1VTizB499F12kyi7Qpk/vRypOsuW dasYItk5WFTNibz9fCOnsu94Ceca61AVO/86xIFrxHecPnsOiyuTmct+4Nbt64waMxaj2YbqHcXV h/eZNm0Gf5FcZOfu5vKFOhLi4vlGGkqcmozJqhKnpoYaCYSgCwQCgeDjMWBj0A0xVERFcSbiP3L4 vyfRVlFN8T9GUx85iJJ/NvGqoZZT//zfaIiKpjIygprf/YHar7+m9E//SNUf/0TjoEEUR0VT8HUi z8+f4fT//jMNEV/REJfG/Ys1VP75n6iNiqU4OpaK//4XLm/fx8OzF7hUUcy1RTNp+r//wunYrykN zW9+KkII+kDyUZPEyR7iLU5mrMjj6aM7nG+6SOPFy5w918SZC000nD/Pg4f3WZ+7hoREB4lJ6SR5 RmNzZ2BzelDsTuLNdv632UNRw3nyDh4kQbYju7KoajiFb042iZIdo5qCyZ7F4rVbOHf5Os1XrpFf WMKseYtxJ2egWmwMll0MVvu3/0LQ35OfIuhxFjdGNYUtO/NpunQRmzONGfNXceHSRezODBJCk9Gv 2nOU8uI8/u8QD42XHjB71hQkyYLRnIxRcfONJQWr3UPlmbPkrl6NSdHHnI6dtTgk6CksWL2Z8qPb 9RYaxcvs5dtoOlOLKUHCJHtISR/J9RsXyRw6Wgi6QPC+9CnoKfrLwJrEYDWFOCmT5qvXmDpzVmi6 RVfPGRpkb3hBP7iXv0heTl+7zbXLzZSV1VJYdZqCmrPcvneftBETmL50E5WVpUiySoLiJNE+lIt3 brNgfg5xipec9fu5dKERWZIxKkOJV70kqFbi1BTiQmH2QtAFAoFA8LEYKEE/9XksFyNjKIz5ghtr dnBj107yv/qaxtg/cOTr/8md0nKaJ42iOiKKo4MiubZiHo8v1tNyrpzHJ3dRERlL8ed/5N7q7zmd u4jKL6Mp/f1vKfzDf+HSvq2c+dZFScT/w/nI/0RZpIGGyK9o/Pprzv+feM4PW8bDhrNc37iS2kFf Uh6aek0I+sDxMQU9UfZgsrqZtfIQhfl5uJwpWJIzcLjSsHkyUFzpnDhRxvrctSQMcTJmso+ma3do vn6bS9dvMmfeEuLNHlJGTuL63fsMTUvDaveQmORlui+H+tp6FMlCguzAqCYTr7hJcmeQmjmSSbPm c7KynqbmqzgcDhJVJ3GKCHH/qPw0QfdgkpPwDp1AfdNNJk6YRF7+cbZ+vzKUcV0PLV+95wjlJQf5 v5KT2vM3mTVrDpKsj1k3yQ4Gq8koSU4qzpxl1epcTIqdBMXOuJk5nKstIjEplQWrt1B2eFsosZSX OSu2c6axmoREBaPkISVjJFdvNpM1dDRxchrxQtAFgp9OH4Jukr16pk+LXU8EqWSyZe9hThSXISk2 TFKSnlFd9RAv68NdTKqXo9Xnegh6wcE9xCup1F26ye6dO8gaNhZv1liSR3xL5tBMEpOSmb5iCyXl JUiylQTFSYJtKJfu3Gb+vAUMlj34cnfRfOEskmQmTvaSoHpJVOzEWTzEqSLEXSAQCAQfl4ES9NLI LyiL/oKy2P/Kk3ONPCw4yIMdO2nbvIanWzbx8ngZ9woPUP3FH6iK+B2V//UfuP7f/w/V/+t/UPvP /5mKqM+p/vO/4L97lYf5h3m+ZSfPNm/hybbtPC4o4lFFAWV/+jOVkYM4FjWIIkMspyK/oCryM0oi o6gcPoFnNxo499m/ozoilvrIr4SgDyAfW9ATLC5mrcjjaN5eJCmJwRYHQxQ3JiWZODmZw0fKWJe7 DuMQO2ZnGikjviVt+DjSh43D4hxKvJxCQWk9Fy82U3C8gKPHCzl8ooijReU8fPiIVctWIJmTMJrt Xc6WoDr5RnJgsnq4euMO48aOIVG29UjOLQT9I/BTBD1e9TJEsTLY7GLBqgNUllfQcKqOrBQnRiUd k5JMouomd89hyooPYrSnseqH3ZSUVIfC3+1IFgdm5zDMFgfFjafZuGkLRrMN2epg/Iz5nKstYogt nZzVWyg7soNvzHoPnW/1Ds401GBKtGCSk0nJGMG1W7qgmywZxFmShKALBD+VvgRd8ZAo62O94xQv 8ZY0hn03i5bWDhYvXUWiOQmTbCNeSiJj1HdMmp5DgjW5qwddMts5UFhJwcE9DJY87C+q5tKlS6gW N0bZgVG2M3xoJoPNNmas3kZxeSmKxYFJdmBKSufS7VvMn7eAOMXLrOXbuHHjBqZEs55rQnYzRNaz mcapIkmcQCAQCD4uAyXo1dFfUhwZS42SxatD+8j77Z/Y89v/Qf6XX1Nq+AMnvvqfXDt5hJtpqdRF fElxjIHGSAM1hkgaIz+nLuJLzjhG09ZYytE//Z7S6K+oio2mKDqCgn/8Z1rOldKUnEqlIZYmt4Py 3/09pZ9HUmMYxIlBsTTNWczDcyWc+s2/ozrqC2ojY4WgDyAfVdDNbkyKk9krDnH4wF6GDLHxF9VN gtmLUUllsJzCoSNlrMldh1GyE2916T4UGn+eoHqxpYzl2as2Ro8YhWpzo9rcKEkuhiQlsz/vGE1N F7AmOZk0bS4jxk3BaHZgNNsZLDtxpI3i1t0HZKanI1mcoel4haB/NH7SGHTFi0m2E6/acGVM4dbD J+Tl7UORbAxW0zEqXhIUJ7l7jlBWfITBSSm4s8ZRU3uR0qpGDuQXUFXbyLAJc0hUbExbvIFzTRfI yy8kNT2TCdN9nK8tYYgtg4W52yk7vJPBcjJGs4vZK7Zw7lQDRpMFkzmF1KEjuHLjApkZo4hXRYi7 QPBe9JkkzqsniVNSMKrJxKkujEmpzMlZSXFFDSWVtezNO0pJRQ21jWeZM28ZJouXI9Xn2LJ+NUMk O3lF1RQc2IVRScYxYgIFhUXUNpxl35ETlFY3sG3TJhKTPExbvZWiilLMqoMExYkpKZ2Lt2+xYH4O RjWZBNdoyipqqKprYOGqtSTIToaYPcRZ7cSpbiHoAoFAIPioDJSgn42I5HTMf+ZRTTU1GTbKP4+h wvA7ag1fUB8Zw+GoaOonzeTJsc2c++JLqg1fUB71FY0Rf6A08o+URP2ZR0XllHiSKY+KoD4ykjpD pJ74zfAFdfOWcG/zbo59+U80zJ7N/eKTXNq1nTur1/JgTwnNx45SZlM5/flXVEUNoiZqkBD0AeRj CvoQs4sExcHclYc4krcfSXLwjTUFk+wlXvHwF7ObQ8dKWbNmLUbJzmCLPhW2UfFikj3Em90sWrOZ mvpTKLI+b7pJdTJETsKkeEgdPoHmG3cYMW4Sk2fMo7SqkbKqRg4eLeBwQQl1Z5vJXfc9iqyQaHET F0rMLQT9I/FG0APvFPREsxejkky8aiXRmsbknKUMGzGcBDmDwZYUjKqHBMVJxsQFzJ06hX+T3Rit XhTLUOYuXEXOitWkZ9t27agAACAASURBVI4kwZKKSbbzb0oKw8eMZ9maTbi9aXiHjmXhzKmY1BTS Rk/H990YjJZUjLIbz6gp+Ob6SBhixySnYHGkMC8nG7s9hXgllXiLPSToXoyhKQCEoAsE70IDtJCg XyPJlaFPraZ4iVdTiFfS9B51y5vxRoojhamzF7B89Xpm+RZgs7sYIjuIVzx8O3cZ40aPxiTZGDM1 m5mTJmBSk/mLxUuC2cLUGfNZmruJydOzsSoWjKoT2+iZTJ4xl0TZQYLiwpSUhm9xLllZI4lXvQxO Goqa5CVn2Uomz87GZHYwxJxMvNWuNxwobhzeTK7cuC0EXSAQCAQDTkDT8Ac66QhCINBOoLODRxea qPjsP4RkNiokttFUh0pY8Y0eRNUf/onzw7+j/PdfUBJt4ELEIEoNETRGRnAuchD1//lfaUpJpuK3 kZRGf0GVIYqKqFiqDDHUff0VzcM8HI+MoT4qljrD5xREx1Br+D3VEbHk//6PXHa7qIyOpcAQS82f /weXUlK4MH4cV9wKDbGfczoiivKYKCqjImnsa571twXdEEWDEPR38jEF3SQ5GaK68I5cyaSJE0mQ nHxjScGkeIhXncRZXHw3dS4jR4/FJLuIt3qIU1MxKikkWPSEuhPnLmLYmAkkyi7+Yh2KyeolUdbn Uo+zpPHtzBySh32LSXGh2FKZMmMBK3I3sXjlOlIy9dB2SUkiTnZhtKb+BEH3sj/v2DuPnxD0bgSD GgT9EAwJ+r0fy+L+1kFX3YSbB0+f5uzt37u7lbf+Xun2++7LKa63evDdP/5z1/b1aQV27T0kBF0g +BGCQb1oGly6eg2bK50E2RtK+vZj9787lCSu5z1t7LrX+75HjW8t12uZruV6P0N6jXlS9DFSTm8G 127cRtNAb3QQCAQCgWBgCAY68AfaeR4Ef7ufQLvGvUunKf/Nb6gzRFJtMFBjiKIuMoYqQywVUbHU hoT97VJjiKYqJMG1hmjqun1WZ4gOiXFU1+c9l42i+q3f17z1/7c/rzZEUdX1+6ge2+urVHfNjx5L eVQslYYo6iMjeHBACPqPEU7QQa9n6f+GBP3RUyyOnyjo3R2nzznIw3tWOG8zhv08zO+66mzdt/GO +mHX3yRjlJMxyqnsz8t/5/ETgt6N8D3o/WsV+aUWMQ+6QNA/egt6Ggmypx+C/gspQtAFAoFA8LEJ dhLQOghoEPC30+H38+RCI9W/+Q0VUQZKo6Moi46m2hBDXWTf84t/KqUhMor6yGiqDDGURkVTERVB jWEQ9w4e/LnPxC+anyToP7UH/ZMpbwu6F5OSInrQfyrhxqCrvwpBd74R9NAYWyHoAkFPul4awKWr V7G5UvXpEoWgCwQCgUAAgBb00xnsJNgehGAbHcFOnp1rpOY3n1Efqfd6l0fFUBYVS11kLKc+cUFv jNR786uioqk1GGiIjKAhcpAIcX8H/RX0B4/fvwf9l1+6C7pXhLi/L5oW6kXTAmhagOetbSS500OV X/0AJ1i8v/jSfX+NqpsE1cnxwiICAT8E/QRDki4QCN7Q/aVx684dXMnpJIYypRs/gZKghvJeDBvL oydPQ99KCLpAIBAIBo5g0E9HsJNgWxB/sI32oJ/WW7cp/Yf/xqnILzgfEUtjRCylMbFURcdSb4jp Gov+aZYYKqNiqI6O5uznUTQaYjkeGcXTktKf+1T8onmXoGvBAAENXrS2kzF8HAkWL4nWZIzKz1+f GtCiuDEqLuJlJwkWNybVxbETJ9G0H6+fCUHvxhtB11t1OjWNhSvWdgmvUXZ9GkVxd5V4xYU9OZNb d++haQEIdhIM+vXx9gKBoAv9paERDAZo7WjHl7NEn//yU3lZmJ0YzXaW525A62qBE/e5QCAQCAaO oOanQ9N70APBDjoDAfyt7Zye8h3Hor+gPiKWUxFfUBwVQ3lUNLWRUVR+wqXCEEVZVBSVhihORcRw JPor8k2J+B8++LlPxS+a/vagt3UE2LbrIEbZzf/P3nu/WVVn+f5/w33uzHfu/c7M7Z470zN37Kud 7KRtxixBEcmhoMhJMgZoMEsb29CGVlExtLYYUHLOqShiEQoKKqeTzw6f/Lo/7H2qQLGD4kDLfj3P etCqU2enT3qvtT5r9+xX/q0V6L0GltNrYDmjJ82guS2FtfZPivREoJ9E6T5ZYzDGoB3kAsk7Hy5l 7JR7GXPn3Yz+G7GRE2YydvI9PPm712hozxBKhXOJQE9I+HJsx6vWjDV4QvLy6+8ycvwMysdO+4Zs 6hn7rlHjZzD/rQ/IeQHGnnRNCQkJCQkJZwhnNEIrnHYYpzHaEWiLSh3nwENz2Hbltez95VXs+NWV VF56BQd+cTm7L/36tueSy6js+P/L2HNJ53+fie//Mtt7yeVUXno5lZdeQeWlXdj36/vQbSdwVpzt R3FO85cKdGUsvtS8vXAJYyffw/Bx39R66yQb8/m115lbi51q0zu+f/j4qcx6cB51be2YPyPOIRHo fxHW2kiwa33GLVAaX2mk0igl0VqhtEZ+ze9VSqG1/rMNICEh4fQYY7DWIoQgCIKvbb7v4fs+2YJH thiQ93x83yMI/DPy/WEY/lmPbEJCQkJCwjeBsxZnLDIQiKKPKAax+cii97VN5bOkg4DALyL8Vky6 SJjPEWbbEMUCwisSeh7CCxCFAFk4M8eVhej7RDFA+iFWm2Se/Qv4MoF+OkprFyklvn9m1kSnrL9i i9ZbPkXPIx+E8TrM/0aOeTorrSv/EhKB/hdQajjfhFXuO8DO3fviiJeNBjjAuq933NJ5JyQkfHVO 7ktf15y1kfPMGD5bvgqhdFQXgjM7piQkJCQkJJwNSttEnTnVbFzb6WuZlnjWYpUCm8cJhX/oIKkt m3Ba4qzGWRMdU1usOQPHtAanbaeZeK51SbHlP8dfI9ChMyjyzVi8jdlGbVFpQ2s6R8Xuvd/wcb+6 PksE+l/IN7X4fe3Nd3jl9bfQ8QAGNqmynpBwDnAmxbm1pQWKxReKLtffTK7gxwuI//qBPyEhISEh 4UziXOf69eQ1rLVg3JkwQ+gsVmms81BGc+SN+WycPhOrBNYqrDPReTii18CdgePaUn2qWJQbZ9E2 Ss9O+HK+SgT9v8aiV2nvO3iYhx59rCPb+L9apP85EoF+lpm/4F1eef2taECLH1oi0BMSvo1E/TvU hmtvvAUvCOOfJZN8QkJCQsLfPicLdOsiMxaccV/brLVIB9ZonBWEDupff4m9k+7EGYW1CuMsJhbS zp2Z457u+pII+p/nr42gf5N0PisbFwKHqsPVPDzv8W8sAPt1SQT6WSYR6AkJ5wuJQE9ISEhI+HbS IYjdSYXAiMXsGTBrLdpZtFMYJREWahe8wIE7J+C0whrVEcXvOJ8zYF+4xtP8POGLJAL965EI9LPM /Dff5tXXF3yhol/S9xMSvm1E/VsoTZfrb8ILgrjPn3sTQ0JCQkJCwl/D6QQ6nBpN/1pmDcZZlNVo qZDWUPPmy+ycOAmrFE5HNV1KnJFjfj7FPRHofzHnkkCPsB1mLFQdOszD8x47ZQ/6uUQi0M8yixcv 5qOPPkIpdc41joSEhDOHtRalFGEYUlZWhud5f1VFz4SEhISEhPOXKH3dGIcyjsCGtCxewp6XX0/e WnQOcm4J9Pg1unFRXmMMx4+fYP5r81FKRZ84x9pPItDPMlJKhBBIKc+5xpGQkHDmKAl0KeUpr0M0 xpztU0tISEhISDincYB2IBxoa7FS4hmfopUdoivh3OHcFugWrTRK6b+6eNt/FYlAP8uc/H71c61x JCQknDlKCwgpZUe/TxYU5xdh1RHSb3yQWGKJJZbYX2ntb3xAav4HtL3+AS1vvE/q1fdpf+UDCnur MMYkGWnnGOe2QDcYHQn1JMU9EeinpaOhJANLQsK3GmtthygvRc6Tfn9+0frUK1+YcBNLLLHEEvvq 1vLI8+dsFPR85lwV6ABaG4yxWPvNvUb765II9LNMaZGeLNQTEr7dlCYBKWVHzYmkz59fJAI9scQS S+zMWssjz5/toT3hNJyrAr0ULNHaoJQ+i+f0p0kE+llmy9ZtbNi46QtV3BMSEr5dlJxwUikenTeP IAwTkX6ekQj0xBJLLLEza0fufrgj0JUUVz93OLcEOh0CPWorlsamZpYsXd7Rds41EoF+lpm/4B1+ //qC5D3oCQnfeuLXrGlNlxuS96CfjyQCPbHEEkvszNqBibOxWqOt7nglmrXJOvpscy4J9C++B91y 4HA1D8977JwtMJgI9LPM/AXv8srrbyUCPSHhW0/Uv0NtuPbGRKCfj3xeoB/4t4txxiSWWGKJJfbn TCt8oznwfy75nECfhUsE+jnHuS3QoepwNQ/Pe/yczWRMBPpZ5rU33+GVN97G2ESgJyR8m3HxJPD5 CLo7ByeGhG+G0wn0hISEhIQ/j3MG5expBbpVCm1NItDPIc5VgW6tQZtSBP3xc7YGWCLQzzKvv/UH fv/6W/Ee9CjFIhHoCQnfRiKB7gvFNdfdRN7z40nh3JsYEr4ZEoGekJCQ8NUwziJPI9D3T7gXpzTG RanLiUA/NzhnBbrRGGvZf+gIj/zmiXMyvR0SgX7W2bB5G+s2b8dYEoGekPAtxtrIS+uFkkceexIv DNFanZOe24RvhkSgJyQkJHw17JdE0I/NfBindBJBP8f4vECv6T4UWdd0VkzEJusakXWNhCcaqNmx m4UvzSc80UB4ouGsnduXWW7J2kSgn020A2ksynRWEUwEekLCt49SIZJQGVTc5xOBfn6RCPSEhISE r4azBn0agd7y0HNxkTiTRNDPIT4v0BP7+pYI9P9CHGBd50DiXKclJCR8eyg53py1OBMvIlyyiDif SAR6QkJCwlfF4jm+INCbHn0eU1o7Gxf9SzK3nm0SgZ4I9L9pEoGekHB+0CHQT+rjiUA/v0gEekJC QsJXw1lLYL8YQW9+5PkvzK2JQD/7JAI9Eeh/0wipEFJh4ixXZy3OmqSyc0LCtwznLNZZrAVjon+t s8ki4jwiEegJCQkJXw1nHNKaL6a4P/x8Etw6B0kEeiLQ/6b58ONFLPzok3jBbsEZcCr6NyEh4VuD tQZlNEIbnn7uZXwh48KQiTPufCER6AkJCQlfDWcc1hqqPifQj971CE4anDk332d9vuLvPkB+5cZz wgorN1BYuY7Cyg3Rz1ZspPqtD/nw7vvJLl9PbsWGs36Of4mZgveNPKtEoJ+GNxe8w/w33sKYqIAU TscCXZ+R7/9LB6tkUEtI+KaxKKPxpOaq67qRLYYYazre3pDw7ScR6AkJCQlfjSiG9UWBvm/CLFyo YwGfrGUTToftCH5aa7HGcbDqMPPmPY7WZ0Zv/S2TCPTTMP/1t3j1tTfR2pwk0GXUkP4q4ug7Flva 22oNQSHHoRNH0TpqkMYprA4p5Hz8MHoXoDWKbLaN5rbWuNBGnGZP5x4eUcyQy/mY+BUWylm0Vej4 7wuFDKlsAb/QRnshwLiTzusksy5yBjgr4oqb0aArQ5/2bCvKaKw1GKc69hH9yWvGRufLSfv53anv lnZWd6Q9dXw2vj/OgbYB+WwWTwi0i87plP1LzoAznd/R8b2d12WsQRmJtBpnJbp0nY5TzrH0nKL0 ZoOzCllIkfOKOCcxNnqPp7UaZwzFXAviNO9oLJ1DdL3RuRkHgZchnQ/jSqYyOo6V8XPShIFPLt1O JtWGCIM/uQfaxffSWoMzBmUM1oTYhqNYYXHaop2KJkXj0C56dtpZrHZobdBOYkoVVZXDaYd2oOLj KhdFlo3RqPi+mPiY2unovLXA1rZjpTlpn5lFOhOliGuHsxbtLNqCMxblDMpG36OcwjrdUZit1Oa0 A+EsxmicUlE7sRbrNMbPEeY8rNUY4zCW6BUuRkfP7eR7byXWgSn1XYhT2aNnGO01tygnkc4QBIZr b+5JuxdE91QbnDVYq1AdKfAO62x071zcH2z8OxeNE85F91o4sMZRWpdEhehMx3ignESb6JmUnqeJ IxFOO3Aaq0NcuhEXRGMC2I6CdqU2q0v75uNn5Fx0fdaq6LNGY41GG4czGqcDbGsDoVJoZ9DGoozD uPgZl8YZp6JzcSb6uXE444CofZX6mIifnbEWZ8Oon1ob3R8bFweKr7PU/3DRdqHovGV0LOMw2kTn qwW2uR2tNNaF0XdY2dFWTt7LaEvXHvcpK4rYxlaclPGxXcd9t85gwyK2pQnb0ITLpnFW0PrkS18q 0DvHnKjtKBmSTafIZLMEstTGLFYHtGQ8tLEYLUin25GmdC87n5uL22Hp+kvjYuc4pKN2BNEztLaj TXeM2Se19ZPnmNLPS/c1cHQcp7QIclGnP+melL7n5EEmavsnj2nxyHbScTuv58uIxox4nDWCXCFL aNwX5oKTx7ZStpq1pTnBYk1IWzZPIHU8F0ZjjDZRv7FGUcxnSafayeZy8XhNx5zRca6l8T52tnfc F+zn5o/4Gt3pMmkszsp4LI/GJWsCWtuzCCOjdugUxkbzyOfvb0c7sCc9z88d43R7dU9+3tHf247z zXmtFEMZLXCticZVG90jGxfoMpZT5v/SuBXdD42zGuHAmXhcLo2jpc+fNJ93PCtsxxwngiLZoviS Pcad52zj51vqF6fPVLLxtWi01Vir47WToJAvUJA6cqLG85R1nW21836ftC3RiY61QjQv26gNGUEq nccLJSYuYlY6/qnZkqUCorLj76N7ZrFWYWz0vI2JREZQyJLNFeK2wBefr9V0jOXE6x930thWGhM+ 1wY/3xdP/nlnvz/p+kvtKB5PTraT73PH9VCaO23H2BD9znSc76nXEf0uGv/0FwX6+Fk4YbDGnnKO CQmddAp0sBhtOXjwCI88/FhHfzqfnTuJQD8N819/i9fmvxWLstKi6asKdIW1GhkLD2tCXnpyHvc8 9QhhYNCB5mjTIaaMHMolP7+e7buPoGwkug5WbWHuw7+hoCzGapwJOgSCAw5tW8VtPXrjq2ih7VtN oIv4RlDItDBm+CheePM93l/wW+Y+8QLSdg641sYZAc4gHRipaGzYx9I1W5Haooxl46pljJo6mrZc Cq0DhCtgtYsFZuc7pDsWU5QmQB0tXOIFQknwOas7P28ETkeeVdOxmLc4LdHa4usmZsyYzsZ9B/Gc QqlIPJQEAE7ibCREOxbr8QIFp7FGUgzyLProfQ63NOJUjqIFrXUkHp3EuNLEH4kLayzKSozI88yc KTz18qsYlUEqTWg0SvuEuSzTJwziUFPqC3urXLwgVZbI6aIMYZhjxoRybu09lKxXxNkiWjmULpIL cjw1bx5TJk9izr0zuWf6ZKZOnsScBx8lnS+ctkUZC8YYlFHYUOGZgOz29Sy64gfs+WQ1oTIIW0CH DhNYMscOUfvOexRlDi0lKvBp2PIJDdt3o3RAUQb4KkTokFAKjJII5VBGI7UksAqrHUpZjNAI6yOk JmypoeLaMjL1LfjKRL9XmsAIpDGY0KGMQRoTCUBjEEYTCouRBmlCtJE4EYn50BqUNQjl8JRFSYGU Ak9KnLRo49O89D22vfIhQvoI7dChI5SaglaEocEqhzEOaQRS59DCoU2AswWccITGoIyIhJ9ySGkI VEgoNZnQ0HfIcHLFAKls9IyMxtiQUFqs79CBwxiL1A5tNNoKnLBY5dDWRItbqRHKEhiHVVE/stKh tUNZjTUKbSxCF1FCYz2HtYrACLRwSBOglMPZANlWw/IJvckdbMYog1OR0JXGYrXBao0ILcI4Qu1Q oSF0EqEVSgco4xCFNFV//IRUY4aCDghaGqgYM47GqjqE0oTaRP3dgrIGLXV03U5gtMIITegMWjmk crjQIkyUZaCNxjcOHVikCGl8ewGte48TSI0f/40NHVIZTBA5AkJtybjIOWWURZsAYwK0skgdYpRH zWfvsujKWyjsOYSxaZSxaJuPHIXGdjifjHYY5TDSIrVB6SJ1n8xn5aXdyFefIFACLR1aSXLGo/7T 5eybeg8Vd89i25z7qZx8LzunzubI2Lv+pEC3xpBJtXHfA3MYO2YEc2fdyz2zZzNu8lR+89SztOTS WNHMbQPG0dLaTkv9UcaMKqemPYtVMrpXFpyKnFXKGayJHDEmHrNMqfaBFdFY5CAIUrz/znscOlaP drJjDMWJSKC6ePFtRTzuiuh7tOXwvq28sXIDVkusjhyUzkZzUWnsxCm0s8iS4C7VYLASZyWlqAaU xshovNSOU877dPtMHSCtRWmFMoL925fT5ZpreX/lJpSLHD8ufpYdQsK4WEwV43Eu6huH9m7iZ7+8 gj98vBjhQFuJdgapNTt3bmf8uFHMmDaF++bOYdKUKYwYM5b3PvqEQJvYKRQ9Q+N0fL4FsD5OObAe zqloTrU2chBZi+pwakRiCkpznmbHxuUsXroebTTS+sjCCXr1H0WDl0Fpi7BFfC2wJh/NrbGTNBKo kfPc2SB2PppT6ts4B9bYDkFt4/tqYiersxanTeezUpJxUwfx/pKNKKUxRqKsj1USYTWhBScdwjiC 2NHsYudu5OC0YD32VWxmSeUBrAwIbYBTNhoDrMVaiXQW7TSm5HBV0c+dsXhWs+qz95n72O8j5+Yp Iqx0PIU1BmVFNB4bGTlLS9dNpyMsWicYCrkUL7z8Cm2pdoQDJZqZOnEya6pq8I1EW7BGIK3oEKYq bp/OGpzWOGXApTrmd+dCrFVoI8m11lA+YjKbKvajhYnWNsbFz112tmsbfY9zGYyNt0A5D6MNocyz cNHHnGhuQgqFUoY3nn+CF15+k9C4yOltS07TUj8LYwdKyaEQO3tL45qLHKSRk7uzDXY4rOJxoOQg KzkCSmNi5BzWHesr68J47XRSoCheq1lbcsrGDh6n4mejkA600zgniQI5sVMqXv+VnH3WKayQXxDo Byb+GictRptT2nIi0hNO5uQ2YYzj4KFqHnnkyfNenEMi0E/LGwve5pXX3kB3VIkzfJUU95JodLFH X2uNFTkG3TGQdQcOIYWhkMnQrdctPDx9Gv/6jxeyadeheCGq8IqNTJ8yg6qaRqQxkag9SaBrGTKi fzf21LQjrcaoSGBqU2Dnjm307TmCE5kMqWKGTLaAM50RvMg7ZbBWI0wkrtatXsi0e56I3wdtCfJZ mnMppAmxWmJcGE3M8SIm8tie5O2OJ0d7UnQ7imDFHv3SAoF4ojkpqmPjBUMUZQ3xgzrKho1i74kG lI0WHs6Wzrkz6hQJbBVPMApjdRxxN+Sz9fTq0ZUte/fijIdnwWiN0xZjfEwcSY6iyVE0V1mNDj3G 9O/FY8/9HqNDlNZIG4niYnsTPbt2obq1/Yse5Y77EZ2nNCF7NixmSP8B9LrlevYeO47WIdqEhNqy af0HXHrZ1RyurSdUCikCao/XcM+s2dTWNZy2TZWi+do4PAuy2Mie0WOovucedg8ejggtRngExuJ0 iuaP3qf6hiEUwiLChPjK59C0cVQ8u5DAGArOIJ3BaYvSmoI1GG0xwqGMQ2mN1hLPKDwdRSiFkrTU 72bTL2/GSzUjrEYFFqXjdHFrsKHGOhEvFCRWW5xwaBm1LWkswlqE0WirEE4jlcFKjWd1lL2iDW3a 0mYsQgrqn3uGQ+8sRUgfKxWB0QgLoQUdOtqtjBZJ0ie0Hja0WGkxxqK1wbeagpEoJUlZQ1o4RGCx nqHVKhoz7fhaIbUhtJGwcsohtSU0lsBIAiuRWkV9TTq0MXhWIUz0rlerLU5arDQUjSZQFt8YpFZo Gb8TVhustuSMo6AtTgiEC/CMJDAF8s5gjUTXHGLLzVfSUteCsLrDCaeEJLAWT7uor0qLcAbfWFRo 8KWhYDXKGLymg+y4sQ+pvUfxlCAni8iW45iiRkuJVkF0fwIRiXEdOSciR1gU5c8aTWAkvlY0GIvw XBx51zilkTpAqha2/OpyDn64Gi0M2nfkrUUYQ6hDcqaIsBqpHUI6tAVtBMIWMIFF2oDAhgRtjay7 5Wb29hlAzVPPo5XGc1EmTGAtInbkmFJkzSqklUhpMNk6dg4ZQe3YyVR/sAIZZsg7g1QGr/kEK6+7 hYaPPyTIp5FBFtHawPZXX2dz7+F/IsXdIv08T/7mIUaOH0vVsRq0MigpqaurY9TYiRw6ehhbqOWW nmUUcllkIGhLpchpjVMOYwXKSmwsyFXJ0ahNx1jhbJSZIjsWzJpcqo4uV17HivXbo7/vEOhxxMGZ +B7EAjB2OFqjefvlZxk85X6sUR1CypkQbB6tDcKaOOPCxlGzOJvF2CjLJc4kioRV5MDpEF7x543R GGNOK9AhEpraCAIvzZiBvel648306FNOygs7HaMn/V3kPI6zZrTDGYkI2pl111QG9e3DnVNnoXTU rq2VWO0zePAgZj/wCO3FIsJYfL/IZ58tYuZdMxFKdYoCayJHhnHgAqwN4wyXOOIcOwyssVF2jusU yFByUBicCbnv3klMmX4fSmmEVRSaq+jRexjtsohRDm2KcfZElN2GLeCswGqNtQJtNNbJk8T5SWY0 Vqtoe90px1dRhpuJnD2lNYANC3S//Vo+W70lcsQYgbECqw3SapS1cRs06Djyb02nQDfWgi3y/G8e 4Mk330Urg2d1PM8LlLEY7RG4KKvNOEVgo35vrMQaS2A1f3zjdzz6zIIou+q0Aj3K5DFWxiJX46zq FG7QcQ/AYrWiubaGf/vuf1JTV4+0EBROMHTQECrrmwmNRBsTOfStiQVjnDllIseCtnHhT+d1OPNx CucMwhiUzFGfTpEPBVYJnCl95uTsvCgC74zGuQLaKEzsSHJOomSWfv0GsevgIYS2BNrgZVrI5H2U MWgtcEbGzzXKSIgylaIMh0j4RgENp02c9RY76zqcHZ2ZNdaquM12RsJLbTPqb1EWW2l8cUbFThXT 4VQrrZsiZ1UxXs8pnPOj+dqKDidR6Vyi45TGmjjz09Ih2J1UXxDo+yf+OnYqdzojEoGe8HlOFeg2 FuiPJwKdRKCfKBx3vAAAIABJREFUluqjxzhcfTROK4WSV7eU9veXUkq/dHGqq9OK9mO7GVU+leZA IZXCyICGVCOZE7V8/59/xIbKg/HEZ7CmwOwZU3js+VcJjcVqGYn9eLBTJuTdN55m9Iz7kEahjEPa kLDYQvnQvny2fCXKaJqbW2htS2G1wFlFGAZUVFaybNky6mpPIKyltamJV16cx4zZv6X6WC3pbI5c extHG9rQRlLMpWhubiHX1sqmdSvZXVmBEIpi0WPN6lVs2bSOolTIONUWZyJxrg1OFTl69CiLl69i 584KisVi5OV1RZxVHD10jKWLF3Ow+gie0QTWJ5c+xIBBo6lLFzAqirK1NDaydvVStm/fjJQ6jjJY rAlItTWyfPliNm3bTFs2QyHw2b99BV2uuppFK9dSV1dLUUm0EhyrPs6KFZ+yfcdmQmVQcSTBGYey BhV49O7WnRdeex+jTMcCWFlDuv4w119zNcfbU2ijOh0UcTRIW1BSYpWhtf0E111xJa+9+S5vvvgI r7z7CVILlA0QVvPH159ixuz7yOsoiqWNQSmJ1iraWnEanDYYaTDCUbQG8dH7rO3fn6CtkV19e2Ka AoQSSBWi6ndR9+TjHL5pAOLAfmRtLfLAHg4OuYPjj89H7zmK8rIYW8DW1BKsXE9u1VpkIY1QBiUt GZdH5hspbN1M87JlmAO7CIVHat9mtl7TF53Nk1c+QbEZsbcGWbTkTYgu1uKv20xx+Xp0/WG0DFHa UiymCZtqMC1Z/NUVyGMn8IzAV5ZQWbTNUfTaUHuqKH6yjHzFPnTBx/oF9j0+i8bFq5D7DxB8shS9 ZzdGyShKKhVBvo1CxV4yi5cSVO7CD4tRhFgqwvoabLYNvbmS4oo1FOtO4EuJEhanQmRrPXLdRuSn GxAN9XgtBzFNbejQUjAeYSZDsHET3pJV6JojiMDDUw6l85iaGoJl68mv2YRJpdEyuh4jHEI4claj gwz+vr1kF69EbN2BCSRKSKTyscV2ivsqCD5Zhj50EBUIlJYEB3ZQdfnPaWtpITRFpCmiq6sRH6+i sGMvuWyRvLVIIxBhjtyJExQWrcZfuQbdlkZn2wlX/5HKq68ms2or2cMn8PJp/CP7kYEmtFmEbkHU NJBaspji9gqyhTTWNwjtsO316Np6TG0j/tKVFLZtwitmUWEsYky86M+3I/Zv5MCPLqT+D4sIDtRi 0gGeLSIa68muWkO4Zg2qvYUwVJiCw0pHYAO089HS4dsCykhOLPg9W8beRXrjUlYOHkhgiQRHoLEy ylZwykULPxUV+JNKI6Vg27yJbB09j+DIGqrGzkEVg6gvCUNq/y423XAdxdojyMAQKoMJNaFQ1P/m hS8I9Mi5anBGsm7FEn72kx9xrKkxzsJxkcixilBKtAlRrYfoM3AMwsshvJC6uuizThqkLHLwaBUr Vqxjz+7dhEohHEgvzYnjx8h5Aft3b2fFqlU0pjMIB34+y76d6/jVJVeyaMVGqmuPEoYhxsSLZCNw JqSpqYllq9ayZfMmCsUixloa647xxNx7KL/rSY4ePUIqk8FaRS7Txsb1q1m3YSMtuTxBHBE22qOu 9hhBEFJbc5yKvftR1uIVc2xat4aVK1bS0p6OM6E0zoS0tbawbPlydm7djFf0IrFrTl1MWSEJZciR 3esoLx/DgcptXPyDn7Bi/ZZI8HcICx3Pl3EqsnZRxFJ7bF3/GZdefiUnjh5i5PBxNLRmEPE5a7+N W3v0YNehYxQthMZGWQJGokQQf2+nk93ZECM1hw8dYOmyTzlQdQghdbT9xwhC32Pz1p0sX7mG2hPH 8ZXuEMLOarT0aao7zJjhA5g5Zx7V1UdpyWap27OaspHTaCpkWbV8A5vWL8MLfIwVGGWxOkMq1cqa 1ZvYsmUV6VwecVJ2go0d8lZLWpsbWLNqJevXb6Dg+ZFD1kRb4Joba1m+YhUVew8Q6khwiWIbl15+ CRt3VEZbYmxIJp9h1ao1bNq+ifZ0a+Q00AFYj1Q2x9at21i3eg1NzW34YUht9W5mTBzFC+/8gUPH 6mj1fJyyFPIZdmzfxYbln3G8pR1lAoyV+Fbi5Qts3LqZDWvXkwvzvPn0gyxYuPoUp0I0L2r8YoG9 uytZ9tkiDh+qQsVZc36+lapjxynGhTmNCmlqbCCby5NOtbB59XK++88XUFG5l9qmZrKtVQwZVEZ1 W5r1Wzezad0a/Gw7Ms7QM1pQyLayY9M6Vq1eQ1MqTWAc2mqUDqmvraOQK1BbX8v23VVkcll21zXg SYGXa6Gmeh/Hqms4duwoR2uOUdfQFGecBBSLabZuXc+a1etobmrHWoMXZDlWtZM+vfqyausOqo/X UVSGlvqjpPJ+9NxUkba2ZlavXEHltq14nofnQFlFIDwa6uvI5fPsrNjBxtUrSLW1Eeo4CGNF5GCJ 22cm3cqG9WtZsWoVTe3pyEFhNc4o0qk2Vq5ew+atm5EyJHSgVUBL3TFasx4Nzc1s27YVr5inob4O qaOAitUBVoccqa0jl2/HmCJt2RwbNm5h47q15ItelJFgDNl0K+3tbbS2tlKxqxIvFBhHlFGhv7gH /cjMh7DaJinuCV9KZ5ZK7Kyyltq6Rha89YeOFPfzmUSgn4aOyGzp/0ve/r+ysXQI9NJ+L6PYuuQ9 7pr1KHnjohRfrQidIVdfy4X/dBGbdh/EWYExFmc9XnziQXr0HU5OmDg1rjNdyNgC+/ds5l/+44ek coUordTmqNywjMtvuJ6GdDMiEIzvV8Zjz/8eowOa6o4zdcoU7ujTn+EjRtK3d28WLVvOy8//jssv +TGXXtaNsmEj2b5jJy8//RQDh05GKsEHf5jPVVffwrRJExg7soxf/Oxinn3uRe65dw5jRo2k603X MWHqPXhSoUy8Z8mBVYo3X3yanrf3onzMRPr17cvsWffS7ocUvUaeeuJx+t0xkJEjhtG9R1fe/eBD CjYg1VhJv4HDafUCrPB4++3X6XpTN4aXD6Zfvz7cddccsjkP4wTLlyzi1u5dKR82lIFDBjNgyGBW rF5NWa+u/Ot3L+DWXgOYOGkarakm3nj5BW6+uScjRw+nX/8+3HXPLHwRnXNJoIdejh43d+e1txeR z3vkClny+TSpYpEjFau58vJrqE+nsVZiTCSmTRx5URakiFIMP/pgAVfc0IcTza3s2rqCnr0nkM4V UVYjTZGNK5fxs0suYfXmraS9EKk1UspI4H9JW7PGopRFKoM2BSoGDSM/fwHNVrDnkamkP9pCXmtU Mcva385j8U03sfmnl/Hh6HIOv7GAVdNGsfEXF7Ghe18Wj5xI8dheajYtYfXYCewYMY71Q4eydOY0 ZD6H0pJU3W62zJjCyrLR7Bw9hSVlwzm4fC0NO9ay7oYhuKxP0N7EthkT2ThnHoFvaTmymz2Tyllf diebRs5gbfkg2qqrSGvJwXdeYceoMjbe8wDLh04ns2YDWafRRUsoNLpQy5Enn2Rx7zJ2jZ7M+rLx 7Hj2RUS6iV33jqB69jw2zfw1O8ZPZdVNt3Ng4SeoQCGLefY+8TRrh0+iYtxUPuw3jMN//BhPCmR7 G+tHjmD3c79jzaR72dq3nPU33k6muppQC7y6I2wbMoK1Q8dSOfwuls26l72zJ3Pis6UIo2ir2cnG ab9mw6CJbB85g4Ujysju2o6SluYty1nVZwibh09mzbAxLB47laCuiYKFwDhU0ZELfQ6+/ALLB5az dfwUVpUPZdujrxD6KcL2Q+y8cyaLhoxgx+jpLBxcTt17nyCkpL1iLft+fjGFdArp1bP3vTdYOXQs O0ZPZ0WfUVQ8+xI5T+GLHK0fLmRx3+HsGnEnm8aMZMvkWRxctYzFQ3pS+eMfs3zwnayaMw+vcgfr eg6k2NKGlvWkl7/L6n7j2TFyAkuGTmT/XfdSbK/HF5J9rz3P2iHjWHr3HCruvItVN3an6unn0Up1 RGgKTpLfu49Fo0ex73v/xuK+o1g47X685iYat69m5cBhbCufzrqhU9gwcBRNlZWE2mEKjoIJsUYj rcC3EptupLJ8MO27jxK2HmXbsDJaGluwKkRJiVSSQDuEilLbrYyyFZSwhF4TG3vdTGpDHWHuKFtv 7UrzniaUUvjKUNd4lN1XXs/xV+fjtWbxhcILNSpwtPzmi0XiTLyFx2mfZ5/4DQMHDcHT+qTaAjbe GxtlAuVO7KH/4AlY5VO5fQu3396HgrFIL8ezzz1Fjzt6MWzESPr3vp3f/e5FMkJxtGorP7roJzz8 xAuMHjmMAX3uoMsNXWkp+BzYs5v+t3fjX77zPW7rPYQxd46jsakZpaItCFb57Nm6lr59+lI2fAxD Bg9i0qQpZItFHvj1XXT56Y/4yZV9GDx4ECtXrGH//h2UDxvG4EHlDCnrT9nQ4ew4cAwpQ/LttVx4 4QXc9+Aj9Ly1J7995hkOHjrEkCFDKBsyhOHDhtK31x1sqdiN0pJP//g2t956K+UjRzN4YD8mTpxM seAhhOycQ63FSo+8V+TxubN54a2FCC/P3ZPG8/Rzvyc0URaGMdEYqpTC2DCKeCqHVQLlp5kzazqP P/cyUgRMnTCJ1/+4As9IlC5iVY7+/XozbspM9h6pwZcKoyMnhtG6Y76MFn4G4ed4Yt5vGDp4KKNG DuPKqy7nvvufxpMSL9PM1IkT6DtwKMOGj6L3bd1ZvX5ztL3CGKyW5LPt3DN9Ej+68AIuu+YWBg0c yLK1G9i98i1u6z2UKbPmMm7EeHr1uInhwyeQCwJMGLKnYiNDy4czuGwEZYP6Me7O6RxvS3esMUr7 6LdtWk+3W25m6NBhDC4bytBhw2lubkJLjw/ff5dut3RjxIhR9OrTl5mzZtOWyeAVmrjgwp+xfW8V ThWo2LaJAYOjvx00pD+97+hB9dEmtCqyf+9m+g0aSv8Bgxg+rJwhZeUsXrKE8SOG8JMLL+Sm226j 36ChVJ2ooaWunuHDhzGob39GDSund/8yKnbtRhtFQ1M9QwYNo1ffvowYVs7M2dOZObI/Hy7bdkoE 3RhDIZ/j7pnTGTp0CGNHDqN716689/FSQq1ZvvBNfnDxpRxvao0cT7JIzx49WLp8JR8vfI/bu97M P/yPf6N/v0E88dtnaDmxk9tuvZ3Z855mxOgR9O7ejZ43duNIXSvWCBrraujb6zYG9R9A+bCh3H5H H9Zu2Yk0hnwhxa09ejBh/HR69enDI48/x4HdO/nlNd043tDM1k2rGTpkAIMHDGbAwH5c9MMf0K9/ GVpraqr3M2Z0OcOHDWPI4EF0u6UnNSea2H9oD6OG9OMHF1zM7QMGM3n6XWR9n/HD+vHx8nVo5bNm +Uf06nMHQ4eVM7DPHYwfPZIjbe2EJuRg1W6uufpq7r53NqNHj6Lv7T3o1rUrOS8gUAZroyi8MZL6 E9X07dOLsqFDGVI+gsHDRlFdXY0zko8+eI9be3RnSPlwBvTvw6hhZbR6IUGYprxfL4aMnknP3n2Y NeteTtQcoestN3Hg4EECY9HCUFezn0uuvp4jhw+yc9tibry1H4PLhjJ88ADKR4zhWH0TVoU89tBc xk2YxKCyoUyZNo1MLhdF7E2U9fN5gd7y0LMdFdzPd6GVcHpOEejxViBlLKHoXAOfz20nEein4bQC /Suk5nQWrIpTD63m+Xn3MWfeEygb702SlqKDTMNhfvCP32dL5UGcCaPUVeez5P1X+NHPrqMuXUAr GaUWltLvTJGiLNLl0otZun4TzimUSjF76p08/d5alAkxYZZe197IM299jAqz9OvZg/79+lEMQqTU FHJZWjIZhB8w+55xLHj/E7xQIaXisQfmMOOep1Ba8OqrT3PJlT1pSrWiRYqKHVv4ycWXUHXoOFoF VB+s4H995wJa2zKRZze+j/lsmqt/djGfrlhO3hhC4ZFrb6KoDM8//QDdbu5BJucTqhyp1lp6d+3J kfY2GvevYPDQoeREnqOVFQwaMIi2tgyhyCBEgT69y1jy2Qq0TvGf/+dCKnftRQqFFIp8roDvhxzY uoRf/PQaDh5vwpMao1rocf21bNtzBE8KhPRpbW2P0qK1wmmLtJpioZ0brriK//53/8R///t/4O/+ v7/nf/79P/B3f/+/+Ze/+2/89OIuNGYyOCOwOhIOyljCeI+ttQLpNTJxzAQ+2rgboUNy6Rau/dXl rNm8E99JnPZRgWDl8o/54UUX8f0LLmD6jJlU7tlLIKL0vdOhHeSdILA5mitXsmHYZGzOI9SG3JKF rO9aTuALpMoiA8WuR++jeurThEJSCDQNQY5D/cup3bqHoi9wBYNO+WTCkIyWhIUMW3v0Qq/YilNF Gu65mxMz51L0ighRRIRt6LYcras/YUPvMuSx/ey5pRfHn59PVhXw/DaOdBvCwSefwOQKhEGB9Lq3 2Xbno+i8oO7Zh6ju3guvsYVm5ZMy+ajGQNERej5VLz7J+lv74OeyKOGhwyy1xaOEfivrh/Xk8Euv ExbS5HQje558iiW9hqP9IlKGyGwGExQIdBvFfVWsvnkkJiPwmuvYd11X6ndUEPhZpDzBgfIxHHxj Ib712TZsDHve/B2ezKKkIFe5lpU/+j7Nq9eiQ48jgwdw9LlX8D2fVu2T3vgpO8ZNRgQhVXPvIv3x EgJVxAZpsu0NFFVAwYFRjlAZdGsDB4aMJTxURUF5GD9FWJciH7TQ9szT7HzwEWQuRc4UKR7dy76y MpSQtKz9mH2X3ULoBzSsfJ9N13YnfbAKobOoQiMn+o4gdfAYaud2Nl16HaK9AU/7SJ0iaKoj9AMy +zdR03sYqi2DzhfR2zeyruft+JkGwv0beO9HP6SxYjdtKovJZNjbvx9bJ00nZzQHHn+A6h7lFApZ tMyhDu9g+4Bx+KlcFOExhpwD34TkW6r54P9eSNvhY/iBQBea2DF2JIWVSwmLPjnp0/jy79kz5W60 Eti8Q+gQox1KR6n2TU8/yPph4wi0wgUBVY8/SdXDv8FqQ+g0yqVxroCzPlaHaCUIbZTe3/zh76mY dD/K00gVsmRuf/YNfgCpLTo0COOT3r+PXbeOpPJ7v2Tn4PHsW7Msioo+/uKXCHSN0x6z7pnFg4+9 hDCl9GAd7922cQTJUL9nM0PG/BqjA9asXkiv3kPwjGLFopcYMmg4qbxHqItkWmq44pIrWFN5mD07 lvGdf/oeby7ZgVQeymth8tgxvPnBYqRW1Nce4sbru1PTkqWoBFJZlI4yeazMU97rZl5+6SVyyiBE QFsqiycFSrRy/7Rx/Pb9NfhhSCGf4qbru/C7V16lIBRS5Hnxsblcek0/2rM50s1H+R//+D/545KV 5Is+wksxfeqdLF2zgYJQiMBn5R9fZ8rd95Hzilx/xS947c23KGhDGHpkUlmU1Gh16phljGD7prVc eNFPqW9PI7TlyLaljJ8wlYKMUtW1CbE2yhpSWkQpvtqgdI6KXVu59ba+tIUSp4ssXPAKN97aj1ZP YqxCCY90exP3z53Nv373O3S9+Qbmv/YyqaJPqF1UBTius2KsRUtBMV9AeBKt8uyuXMtVV95GUzrN soULuLnL1WQCQaA1oZ8mny8iZZQlpbVEa4ESRUYMH8mCT1fhBxl8bVn1xgNce0N36lJpwnxArq2G f/7//4Od+6ppPlHNjy/6CQve/5iiyKH9Io/Oe4BHn14QpWBboloPKuCe6ZPZsmUTntZ4StPQ1IQM i9RU7aBfn740pLJIKShmmxnYvzcLP11Ca6qG/7zgevZVn8CZLLfccB0r1lXg6yJSNLN66fs89tsF ZLINdL/5ej5dsY5ASJRQpDI5isUCKmxjaNkwdhyuxgsloUgxql9v3v34M4SfpqBCln60kOtuuJ1A CH770Cx+++yr5EOBCAIq9mzhh//yHTZW1MQp0fFcpTVKCorFPKEI0CLN+++8zWVX9yQbKt57+Rl+ 9qubaMwWMEbhVIErr7iMij17UbLAtrUruPCnV5MteARScXzfKq66/Coqqw4SKh+RbeHKH/+C+e+t QIdprrvmKt54+118pZBBkfUrP+GHP/05hUJILtvEZb/6Jfc9+Fta8xkCpdlfsY2ruvWmMZ0lVCF+ GCJFkcrd27jq2i4cPdGENQ4ZehQLOZRQSNHOfXNn8cGHqwm0oO3EIYYNGUlT1iMUglB59Ln+V3y6 cS91ddV8/3vfYdm69RSkQoYe9989leF3P0hRF9m5cxvf//4P2V65DylCpN/CyPJhbNu1P84GKWC0 wJmAV194mhdf+B0FISlqQyqbIww8Ui31DB08kOO19fha4wU5JpcP5Q8rtuD5jfS88WpGTHqATNEj DH2El2XQgL68vuAtisaiRCsLXnyEZ954l1y6gZ43Xcu+2hZ8FaL8Nh58+FHmPPwYVueYc/ckbu83 lNZcAV+EcSZPVNDVnE6gP/r8nykonHC+06GrOors6tMXLj1PSQT6aTA2qj4dpbadWjn4ryFK6Yka no7TsO67awoPPfUsRoXRIkNbQgfZ+gP84B//L5srD0eFpKxGaMGaD9/k3//zl+yvbY4FemdlWKcD PG1Y8eEfmDz3CaySbN2wlIFl5bSEGm18gmIDl112Fe9+vIGWhkNc8L0LWLNqO9IKjA2QsoAwChUU GFF2Bx8tXYWvHUr5PDB9Mk+9+DHKKF54fDbld96PpxVWehzet4Mh4yYjpERpScPxffyv7/6I1vZs xz5pY0EqwUvPPEm3Hrfy6ONPUF19GK1CQgvlvbvS/eYe3Dl1FtOmTWDqhNH84ie/YGd1AzXr32XE iOGEIsNbTz7CpZdezeRpM5kybSKTJ0/k6quu57133mbfziX0GziaIF68ai2jvW7KsHPdEn7202tp SmcJrUGLel545nG63NCdF158jiOHq6L9xiquWG4M0iqy7c3c1OUWNu3cix+GeKGPH2TIhT6fvflb rujSl3S+SFjI06/X7Vx11VVcdfXVlI0cRaaYR6uQBb9/jFGjJuFpj1AJjPR55L57eeSpl8iZqACa 0hqri4R+jprjNSx871369LyVqTPvJVRxRW8n4jQ2F29rcLgghyrUcOiq62ldthKRK2LzafLHq1h8 xdUU9x/BSh8TSrbfN4Njj7+BkhJfh/iFVg6PGErbseMYXcTIAratnpqXX2TV7F/z6ewHWPPzK8mu 34bKtbBj5ChS+yqjPb7CEJoCSvg0Ll3Aum4D2NLrVo4v+gDpSTxPkW09zI5Lb+Hju2azbPb9LJl7 H4snD2fBgCnIYoY9D0yn+rGno73enkEGiqKT0T7vIEXFDT3Y8ujj5IQmDB2+NNgwwLTUsaFsEO0H 9xMogVIhVb97hnU9ypG+QKg28ut3sGvW71k++0E+vGsmH9xQjsuEyCOV7Bw9DNEWEoYK37VyZMIY Ds//BD/bztYLLqa+5jAZoVBKk8udoKJHV5q2bKPYWEfF5RezZPR4Vt/1BEt//RBLpt3JH/oOIsim yK5fzAc39aLi148Trq3EDwVCC5yUUWE8rcnLLDufnsfH/ftSv+AN9J7D2KJBBylW33E7L829kxWz HmDJrNmsnj2HD/vcgSgo6ha9yZ4b7yCUhsOPzGHZDV1YdN9c1twzj48enMPCK6+kZtM2Wp5+kl1l ZRxzGhM4rLCERiCVJrN1K3vvnkPal+SNJb1xCZ8MvoMwm6HuqcfY2nMwYS6gKC02H7Lng6eo+M9L SIWSvQ/cy96n3kX5hkBJivVHqSybhGjJE5qocKKVjsBIUvWHOHDhzyikCnhKUji8kz2390LmsvjK ogJJumYLu4aNIOenCZRDKoVWBisDcrUVLPrxReRWbMDkA4TfQmb9MvZecwOZ1ia0VGx45knmd7+d l3r25OXbBpPafhDnC3RVJYt++hPyu7ZTzLRgsk0UN33K1l9eSqE5i1IBoRVYqdGilWz7blpWL+bg pElUdhtIzfQHvyDQrTVRNXldZPasWTz46PMEcY0FZ+JaF0YQOos0kl2rFnLn7KcItc+HCx5n+IiJ 5KRgxqheXHt1DyZNncP0aeOZPnk8//7v/8HS1ZvZvnEJXW7qR00xRCuNk43MvXcG8/+4lFApmmp2 Uz5sFI0FhXQSrQw6blNG+Wxbs5TbevTg3tlz2b9nFwUZ10eQKaaMG8OirQfQRtNwYh+3XNuVoyda CY3FCEHV1vf4p+/8jL0HjtJ0dDv/ftElNGbSSKVor6vi0p/+iPGTpzFh6kymTpnM2CF3MGb8ZHwp eP+t+Vx+1dXc/eu5HDqwKyqiKQ1Clt5QEUWsgyDD3Lsm8tYf348KB2qNDtsYMGgom3ZUI4ylqfEY 3bvdwHVdbuTqa65n5szZGJ0jm2mky3VdeO6F+fhaY1WBptoj/Pznv2Tphs0EOhqzrZbI0COfbqNi +xaeeuIxLvnVVWzesQ9po8rbuKhAmZEFNu05zMMPPc7dUydxZ/kAfvnLm2nNZEm31DJ2eDnDykex fNlSitkWQh3d6+itEdHeXy3yTJ44nlU79yO1h9Ca9+dN55HHXiDUGitDvHwTF33vInbsP8yapZ/w 3X/4HqPGT+fOGRO4687JdO9+CyPG3xd9dyk9Wwk2rF7BpT//BXfPvp8tO7YidIBUPs8+PJ2Lf3IJ 46ffy9Rp05gxdTxXXXkZr731Lg11+7j4/7H35l9eVle+/z/xveu77urOTU83uUmbdN+kk2g0MY7R OAKCiMook4oK4iyIiqIIiqKiDCo4z3MckXmGYq4BCoqiipqrPtMznGGf8/r+cJ4qEIlJG/NNp3le a51lQeFnPM95znufvd/7Z/3Y09xJ1F7Nz/7950yYdDOTJ9/ELTdOYNzoK7lt6j1s2rick3/5S5o7 Cpkzus7qyy2ucpBhV1zKnvYujFh6Ohr4/t/9T0aMv46bb7yO6ybfxFVDB/OLk37FwaZGrujXn627 69ESIVajdBNDB/Vj5/7OI1LcQ6cPk1ZYvnI10+6Zzh2TrmFI/4v51ZmXUEw0ix++j7POH0N3pBGt 8WkTJ/4VNMgCAAAgAElEQVTklzS192BtwqfvvsK5/YaSaIsyht3LXmH0VeOIdBKyzFQn5/36NJ55 7TOaG6r5zt//b+qbmknEI7pI58Gt/N+f/5SGhgba2/dx7llnsWnbLpRojDFUrfucC664jq6yQUmM spYt27Zw0imnsLtuD9oKVqXE5QKvvf05U2+/jVtvHs+5Z5/Fa299TCqGpj1VXHPdVMoqRtmINOrg vJP/jXU1B/j03Vfof/GF9CiDzubqx68s5Ce/HExjd5GNq1fQ79Jr6IkqiDE4ibh10hhWbzoQasZ9 mvkmJOyt3cE5vz2bm++4k9Xr11OsRMRW89GrSzjjtNO44ZY7uHHyzdx44w387sxzWPLqW1SiFs47 83Q+XLszGH8agzMpn3zyNhNvupmydtTvfpf+Fw6goa2T5R88yw/+5aeMn3QLkybfxG2Trqb/gEFM vG0KXrdzz63jefOTFSjxwWjV2nBdWYNxjt1HC/QHnsy6LRyumc9T3HOOpq8jROZxYJx8KQvneCYX 6MfAelDishZWh1t4/GfXlt42FX1p6U6YOfV2ps9+HDExxlu0s1jrKTVW82/fOYHVW/dgxWO8whjL 0jdf5oc//jV1LZ2ZgYc5/LhSJDVCoauRCy68gtbWNq4aOZT5S95AOYN2KeVyI6eceBq/X7qNQwd3 8oPv/Yg1qw+QuALaFhBbCK2moi4GXXg6Hy1bSdGBkwJ3jBvFwrdWoRzMufNabp7+aDAxUpbNKz9k wj0zMDbFOqF+9xq+808n0l1JggFKZrjjnMGJoa56J7MeuI9+F1/MI4/NpWIsI/ufw2uvvUEkHqcq iIkoa0vJOLa+s5DxYyciJmLx7GlMnjqDkkoxVmO0IVUaUUW2r3uPEaNvJM5Ov62kiNVYY1n20Tuc eNIZFCpFEqdRaRPKJOzdW8f0qbfT7+KLWfj8S8TWYcWSuiDQu1tbOPu0ftQ2tITUdedCupkT3po/ h7MvGk8UpTitSKMKxoQU+ZJSKJtSaG/i7DPO4MwzzmfgoMsYOOgyLh00gPPPv4AL+g+moxwTZ6Zs 1kRYCbX73iZsWbeUf/7eCbR3lRFr0BLhRGeOz5CKYFU7LV+8TdUvf8UHo67lg2E38MaYUXw0cgSr zzyLfc++gdEeZctsuHUCexf+HtEmGH311FM78ioKTa0kSUT3oR0s/dVpNL7yOq7uAKqxjmVnXkBU tQPb0crmMeMo1WzHaE1iUrTtRKsSXa88wcoBN7HiwgtoefENpGKo2IS0eSfVZ19Cd/0+dGcHrqsV 29WMLmhE9bB87FCanlyCE40WT2I8ymft25IeNp52PhvnPkmihCQW0lTjYsEe2scnQy6np2Efxhq0 9Wx58l4+H3Y1JhLqXnuCjy4bhl21C916kGjTx6wdfCtJOaZr6+dUXT0a6QlGbyJt7BvRj73vfkFa bGXVD/+dlvoDFJOURGsKzTWsOe1sujftpNzcwJYzf0m6cjXSUsF0NmHa2/HdMTaOqaQFdNMBWp99 hlVjJ7L8/oeQOMJpjfEGow0mFXQUkWzdwOYpd/D5sOHsfWclvtzBqv79SPdsx7b1IJ2tVNq6kZ5D lJWn+pV5bB9yOdZ6dky/g0N33EHc04E6WCLp6sK0NeCjhPYHHmLv8LF0O4VTLqR1SwVnLV0rPqZ+ 2t3YkqFkHK3vv8q6wYNIIsWBWTPYOPh64qhCxRp0krBp7j2s+tlZqHJC9S0TqX52dZbGmBLXb2f7 2OuxPQnGWiIf3PCV0zRXr6fm5JNRUYKWlOKedWy99FJcpENJhlZ0bF/G+jHXEkcVrPYoEZQxpK5M 3Zw5bDjtHJYNG8H7w67nvZGj+WLIcFb85ER2vvEGJWPQhQ58Vzu+pxHbUUJVPJGqUHfXnXz+qzN5 b/RIPhs5nnfHjOKjkVew4dRzObR0LYmJkViTKkGZFKsSXKood9Ty/r+eQl2/cV8V6NZknh0J8+fN pX+/QRQSRZo5gnurcLpE0VoSk/LR4jnc/fCTlGzEgvtuYOKkmygYxaQrLuGRR+ZRsBqXFEhSTVkn iDasXPoBA4ZeR5vWOO3x9hDXXT2aT9btwIimYedyJl5/HZ3aY1wSjLmMCyLchpZvHa3NzJ83l0H9 LuK+R+ZhxWHTHkaOHMn2xjasaJr2V3P+WRfS3NKDEY/TirUfLeS7/3IKtQ0t7N/2KT85ZTDluIIT Q9fBWi767RkolRIrQ6qDV0pqsvp3G9PZ1c5jjz7M4H7ncefUB4m0zlo6gtjgl7Jh2Qf88mf/Tr+L L2LAoEEMGDSIgYMu4cRf/IKx4+4gNoJIhFEtmNQRaUGpMk4X+ODtV/nXE07ggosHMPiSIVx2yUAG DxzAz376H0y7ZwapdRijEWvRqQleIVnK/FXDL+fa628jFo/zSRA51rJp1SecO3AUK1avIo26+Pyd 5zn93Evp7CkgEk44l378IdePG81Zp/6Kqj2NKOeCeZgL7dhs3Mmk665i676DGBujjWbuTRN4fP4b WfCmQrGziX/6ux9Sc7CRzz58i5P/7Re09VQoW42ohCgtUdIu+J5AFmgwOKOodDfz1FNPM2zYYKZM m0ZiNLOnjGfCtZNJrZCkCqUUqdIkRti/ex2n/KofjV1lKk1VDLlkKEWjsZHGahc6OugeNqz9gp// 7Je0dRWwTuNcFESgseiuGi7vfzYHeipo0XS3NfH9//UdGlvbSI3FKBWCBVKivaOFi86/jKrqA1jp wRiNKu3g/AvOp6Gj0Ne5xTmLMxEvP/c0I64ax9ZdtUjUzYsLnuR3w64m0sKjUydz6dDbKCuL1RZR eznhhyfSWtQYk/LWi09x5Zjr0Tbcg1e/OZ9rxt+MOI1XHomaOenffsEbn67n4P5avvP3/0pLexuJ 8TjbReOedXzvR/9KS/MBDjXt5byzzmNf0wGsaJwxrP3iTQZcdTulxJGaLjZs2swF/QezeUd1MM61 BqvK3D/1Dq67dSYtzfuIKt2MHTWWz1esQnlN1fqPuO7m+0h0hcRHlIpN/PQH/0R14yE+ffM5Bl06 hIIK14NYzZvzH+bUs66iK0nY8NnvGTh2GqmN8dYiVrhhzCC21iUhq8SHLBTngvFpudTD80ueZcSw K7jmuok0FUp8/Pxcpt41jQ4HOukhVmU6tGBtSlJs5bRTT2frvqZgAmc93lpKlUbGjh/HwcZ2Jl19 Obfd+yTWpHz82lzOPvtKyqlGacGbmNgIJWORqIk7bxjBym27+2rOvQ1tXo01KCdfEeitMx4P5sFO +uZ6bhKXcyRHzonQFUTQLiubcHl5RC7Qj8Hq9RtZs3FLViMXDGz+PIFu+3rBvvPsHO6YMYtUfLbZ SfDWUmzezw++ewJrq2r60ivFCq8+M58Tf30hraXQmoOsfZn3FusVXhms6WHQ+Rdx5+1TuGTICMpK EGfQTtHV2cDJp5zBFxtrUWk7v/n1r7nuuruJTQkjEYWezmAyVenh/LNP5oPPllIWi9gSY4Zezlur q0gd3DVhNA/NWxIMQ0zC2y/OY+qsR3FWY0Sza+NHnPB/f0tZZ/1XrUOMIU2KlIs9iFGIUaxbt5Z+ AwZSiBLunzKJiy/uRzFRQewmMW3dFYxzvP/cY4yacCdWHFXL3mHQJZfS3t2NMeFkcH9zazjZLrXw w3/9MY1NzSirSI2mpa0TZRyfvvcmP//5qXR3d6GtJu5poLurHSsGbyOqqjZz1nkXUVLh1F1lrrft h5o587R+tPREfQZ/zmnEO5bMeYD+l92AMiFy7MRibehTbcRhjeGLT9/mpkl3oLTCWo9ImkWaFQMH DWbpilWU45jXX32ZcrEzCHTjcSbhw3df5Sc/O4lyuYPutiZKiUJ78D7NHI41jas+YukVw2jZtgxn DV4bnOtApJt4z0a2XHMThUTjXSfbr7uBPfNewKoyWgxx4SA7Lr+SpGEviU6pWraIg9/9Z4pdKUal tFW9ydsnnULxQCMqLrHrptupfewxdFqkR8qolj20xYc4MH8G6596m6R2I6tP+i3733wfMQUqhWpq zr6Abc8vwCeCr1hsd5G2JCVOi7x6xtm0vvIBTgzGQWp96EPuDGVTYe3tU1l35bUklQoFKdFTbieq FJD6nXxx0SAqzU0orelysGH2XawZdxs2FbaNGceau+4ltmWiyn5WT7+Fbbc8hI8rFN5/hX0jxiCp Q3uNxG0cuOhMDi5fi7eKlaOGseuhJ7BxO7ZrP03zn2DLCWdQ2bmf9rTMmn4XceCJFzBakUiJtNBD MUroFKHQ2oFRMWlcRKJaXj7nXGxzC6I82pTQUqBcaSdt60EZwRUqtC19njfG34gvNNJ0771semAe vlvjEyGNuomaavDaU/vwbPaOvwHjYM9bb7D91MtpbmggTVKU1iStPRixlNYt4+0zz8EXWkldmbJu p6cU5lXH0o/ZPmUKcaWCV4amF56mtt/l2JIh+vxDXvzZmSS1O7HSQRr18OmAgax9diHORNRePZb9 X1SHVjsuRW1dz9aJE/GRwTqIPUFYakXntnVs/cXJdFbaSVSK62hk2+WjSbZsw5gipbSDgzffw/r7 ZxNZh9ce71KMi+ls3srO35xH2t1OyVeQuI2yj7Gui62vPELd8NswcWiRF3twklJ0mpI3qJZq3rng IlRzM0ZifGJCuzYp0fX5UrZNuYuCSti7porOvbXEUYorCYmJiPbvZvG/n0PDVXceI8XdYTNj0IP1 tfzqpF/w3sefE5vQwtFaxZ66alZv24kSzZypE5m74BliG3HzqEu54867KDvDq/NnMmz4aApKIapC kmoOtB3CpppPPnqdqydNoyfzv/CmlSsvH0RNcyvWwZ5tqxg1YgTtUei17IwNPhdiiSplWg41YVSC 1QlJpchFV4yjlBhM1MbwIQPZuKMmlL50dHHO6b/h7XfeIbWCMRVun3gtQ0ZMpqQ0W1a+x+kXjEap 0LrJVLoYM/wKVq9eHbKKjKVU6KazuweVxJQLnVkGkGZ/7TZ+/ZsL6CrH6N6+tcZQ7mnjtN/8hgUL F4SWei67f3phy6ZVnHveebR3lzCmjFhNokMQx0kBVSoyevQQtm7fTSqqr0ZRrGHPnj2MHDWennLM zp1VrFm9Aq0UYkw4zU1LXPi783l83hIiE9pqeZfixfLacwu4++H5JComjgtcd9UwzjhvEMVyhda2 FuKoHISUSnjkwQdY8voHISAtoU94EOjdjBl1Bet2VGMkRVnDrWNHsPCVD7Pe54quQ/v57t/9kJZC gfqa7Xzvf32XN9/9MJiUqoS2jjYKiT7CoV2wOqWlqRFJC6QqoVDo4uRTzqC1vYctq97hvHMvoqsQ erwrpTnU2kasNDs2LufsswbRVozxqpXTfnUan69djRiDtpZClFIplWlvbuS3p5/G2g0bEWeCmVyh jEo1lfY6Ljj71+xp6SAxGhWVOO+M03nvo4+IdIQymu5iREd3FyqNuP7qa3j25XfRuoTWlteee5h/ +Zfv01woHW7l5QSTlBg99DLefP/3pGJRpQ5unDCeUTdNJTaOR6bdyjkXjaC7WEJrxYdvP833TjiZ bhvcz19e/BSDLh+BseEU9s0Fs5kw6a5Q5249UcdBfvp/fsryDXWoSjc//tGP+P3HnxJrh9EFXn7h ac65eDBpLBxsqOfCi0bQ3hVeo9iU37/1EiMnP0CsFXtqNvCLE8/go8+XoyS0stRGExU7GTtiONv3 NmFUxJ663fzyFyezccsWjDNsWPE+46+fTJxqUrG0d+/nO//v33GgtYN9uzbzf773fbZX78VaQxSV mXj1OB575nW0S/j0rUWMuv0hUh9KZ9JUMeLS8znQpY7IujQYk3Ko+SBaJzgx6LTAjTffxoYd+2ne 8wVDLhtBbUsRozqCCe6hNrSOiUrtnHHmb9nb3h26MojHiwXXxZQ7bmLKzbdw3iUjaenuwdqIpsZ6 fv2Tf2dfa2gX6ExKU3snneUYXWnh+tHDqW5sDR00pEJ7axPlchwyMTxfEej1t89ArP6S63wu0HOO pG9OZOusNpqmtnY+/uxzjDG5QP9rv4D/ijz34issfO4FTNYGB/58ge6cw9uUPes/4bpb7qbbhp7o SaWTxQueZsGjj/C9f/4Rd907i+dfepGenm68CLPuu5vh195GxXicDfV0QaBrUi94acdZ4bm50/nO 33+H1z9ahckir6loWg8d4JxzL2RLXTNOSqxY/jEXXDCI+x+czuNPPMm4sddQjAqIiXl2wVyGXDmC Ja+8TKVSYOyYMazavQ/lYdLVY1ny+ntZm5YyT82axuwnFiAmxUjKus9e5ddnDc5Oo0MbKWct9XU7 GD92NLNnzWTRwoWMGjWK++6fQao1B/fvYvCggdx4y+0snL+AqXfexbynF2NNzJKnHmHi1AdRDmzc zq2TJzFsxEjmPfE4Dz40m0uHj6G9UMJZxdSpd3DxxRfw9IJ53DH1LsZcPZFKqjlYX8sF513EvdOm 8d7777Nr82rGjx3DQ7Nns+jpuVx7zXieWPhMSJe0CiUWI57W5v2cdXZ/ehKDy9rEhf7zjnkzpnHl mFswmYuuzTalvY6The5uBg/sz5pscytO+rIIvFU8MGMGkydPplAocNvNkxk+dAiPznmUZxY+x0MP zODSQQP4bOlymg5U8dMffY93fv8Fset1vFfYcpH1Q8bx4UVXYAqFcJJkHQUfEYnCdh1iw4WDadxc h7Ud1L/8EqsvHsaehS9RbuykpCrsmXQja669iT3vv0Zp/1Y2XDiI7dPuYMczj7J7wm18ePYFmLYu KlrTs+wzPux/GbsefIz6R5ewZfgEujevZu/Mu6l7awMlrWjfV8OqQRfT8OmH6FjY++rbrPntmWx/ 5Al2PrWIDRNuomPrFuJiEy+dcw6tn6/ua8tnxCPeoRIhjhXl5jp2XXo9VTc/yP7HF7L21ns4uGIt escW1g0czsGOdhKtMYljx73TWH7bTBIj1L35PCvPHUnt/BfZNfMxVt10I1vmLkR0mQOvL6HmhluJ TBDouquVNeecysFNm7GiKLbvpLr/aNZfeTWr75jM9tum8dIvTsM0tmBcRNPnL7Jq6GiqZz1OzdNz WXf1zZSXL6fS1UDVlTewa/pMahYvZN2d09gw8TakHOMSh3WKxMY0f/4pK8aNZdfTD1L79CNsHzGW ze99hjYlums3sOzCQWy59XZ2vTSHDTdOo3rBEsrWsfmRR9l7zyy0dajWemrHTWTT2GvZ8/TjVN03 i91T52IrMUm5nepp97Hs+luoX7iIrffO4MAjr2PSlKi6mo39rmLzA4/TvHMHB+c/xb6rbkBFBltp Z/3d01kzbgJ75j3Jxuvupu66qcQdHeikyOYbrqW1tgXjFU4ntK5cwfIpt+JVMLEMwbognFRnE2/9 7lxW33Y/Bz9dSaIqNC5+lY9HjmfPk/PZPuMhNg0YS8fWXRSNR5TNyjAUu6bfxqqb7iTSCUVnSH0p tCxyCeVDm1k/bDJpaxltQlaO9YK1IVOg+r651M59itRYoqyllBJH2aXETfv5+OILUNXV1Lz5Cjsv HcDW6dM58OQSap58iBVXjeXgw0/Sev/DX24P9C//EXp4+2DK6HXCyi8+4sJ+F3P7lKksXDCPe6ff y5Chw3j/8+Voa7njuvEseekVUh0x8pJ+3DfjYSrOUu6s4Zqrx3DNpNuY/9STTLt7OrdNuZO4EvH2 W88y85GFRFmmlrOdXHD+OXSUuxAHPR1NXHj+77h16r2sXLUOa0xo0eWEPXU1XDHkMu6bfi+LFi1g 8qSJTJv9ZMjE0QUWPPYgF/cfyKIXX6PYE/HS4icYMuRS5jw2j2nTbmf45SPZVXcA7SyrPn2bAcMn YbRkp98pn370Pueddx6PPPoo8556ipEjhvPxp5/RsK+ecVeNZPr0+1i4aBHjRg3jxlvuoaINKmsf 6I1m2ecfcMZvz+dQRxeJkT6B7p2jUmxlxMjBVG3fg0gFZ13o/mEUolM+ePc1hlx2BcpqEusOG62K EFUixo+fwNqNm1m1ailXXD6YyZMm8tS8J1i4YB6TJl7LtWOupVhJSSW0yMIrnLNUb9nIqWecx6xZ s3jooQe54rKBDBgygjhNmD17FteMH8eCp59izuxZXHj++eyorQ8ZB73t7XB4m3DPtDu5dOgIXnzl ZXrKJa4aNpg3Pl6WtaxzHNyzjf/9vZ/QE6WYpMKieY9zyaBLmfPEE8x99GHGXzOBvQea+/YTToS2 lmaGD72C2Q/dz8L587n99tu4YdJNGG3RaTsz7p3BqFGjeWr+AqbdfQ+XXzGUg82HWL9yGQMHjaAY pXhTZOGCZ7hwQD/mPz2P2Y8+xqgxN7JjWw1epbzx8rMMHnIZsx+ezZyHZ3P7nXdRKJZwusA9U25h zISJvPXB+2iVsGrpUvpfcgkzH36Ax5+ax7hrbuGD33+K2JTN61fy6zPOZ+b9M5j7xNPcOmEcJ570 K9pKleDbQNZ+y6a8/8ZLXDxgEI898TT3T7mVSy48j7tnPYFxjg3Lfs9Pf3oyU++6i8efeJy77pzE r8/tT5cNKfi7tm/mxJ+fyIMPzaGqqor5j0xnyr2zMQ7Eeg7V1/GzE/6DDVv343SZT3//LpcOvoxH 5z7OgzNnMmDgxSzfsh0lnn11VQy96kZ6KhW0tThX4fUli5k+ZwmlqJMxIy+j34BRLFj0LPMXPcvT C59h7br1WBXzyMwHOb//lSyaN49775nGmaefSdX2LRgxlDoOMHjwxdx77yw2b9tOc2sN3/37E+gs VVBJhbun3sGVw0Ywf/58Jt04iQkTJtHaU0abiDeen809jy8hyUpCypUKgy88h85E4cRkgQRDqdDD DddP4K6pU5n/9Dym330X102cTEehhFNd3HXXXfS7bCTzHnuE2TMfol//Syn0dFPobqf/pYM5VCxn B0RBoHsp8NE7r/Dj73+PBa9+RGIjYhtMal9c9DD9LxnKnEfn8tichxk64ip21tQSFVsYN3IkTZ1F rCRElRYuPO9slix5JZh+uq/WoG+7/k68zURWLtBzjsHhsoeQaWyssLu2jhkzZ4W21LlAzzma5154 hUWLX+zbUMA3F+ihlUyoNRMxqEITI0aMYm93GWNSVFRgzcovWL1iGevWb2LZqg2s3biWqFLGac3k yTfw9qcrQiTfakLfTMDb0L/alfHOkpSaWb9hLd2pwfjQbkY5IYkiNm/eSkek0DpC6wpJElO1tYrN m6tIkiScOBmFMTF79tSzafN6EpWwq6aGzigNi+/u7TR3dGXp3hENtdvY09SC0wWU1bQf2seGbXUh mtp7IiQO7xQqjdixYwer16yhpa0t/N4JohO8s1TX1LJ27Xra2jpCL2xJaWzYS03DwdCOxySI1bS2 trNpwzrq6vYQWwmbURGcKDraD7F69UoaGg+ibDjNdqKJk5hNG9azc8d2rEmoRBW2bN/B+jXLaWs7 FE6UHDiTZq3qhDTpZOPWbaH2MQukqKzVWlPdZrbW7gvv4avfOIWeTjauX0+iSmFz5+PQh9iFPqtt rS1s2riBJK7grCKOI7Zv28Hq5aupramlkiakxpAUm9i8bjntPSWUB+8TvDOYSgm9Yg3Rrhp6tOBS j1MebYVEPBVdobh9E50HWzC2TGIizP4G0i9WEXWVKEtKpA6hN+8i2byDYpJQVjF6w3rSqq0klZiO reuwKsVGJvSpLnVgV2zGrNqELrQRmQKl2nVUWiqUxZKqCupgPT2rtuMiIdUaV2xBr1iLWbmFtKcp pGXGMV3rNmDaC6FFlz/cz1dZR2osFZ/g4yLpjl2YpeuRg80UdUrcdYhk01oKKiWVULMe1VRRrj5A 0Rm07UT2dRItXY2t20epaT96XzOpTWhtrsPs3hlca71ByhXiFe+TdncjrkxS2Y+JEgrNrcRRkfbl H/D6Kb/FdEfo2NJle0i7utBfbEWvXIduayGyZbSN8MUiZvcuOld+gdmyB6mYYPokCiUOqy0m1pS6 2lFrl5Ku/Azd0I5LHEYJyiqSQg+6ajfJ8lXIgUOYOKHHWbr31lJp2IdOXEjTTnuQ2mrM8lVI7QF0 OUInhpIkFHWJ9GA95rOV2LrdxFqhJUJLgjnYhl6xDnWojXR/LdHOrSiXIBKRpN2ke3aTLluGq91L KS1jYkEnMT3Vm0krCu1iJElIDx2iWL0Fp9K+ntleLImzKJvgC61UNmwlqqpGWUPJFTCtjZS/WI/e sJGkUiJVhqQSWh9FTlFJE7o3ryDuPojJWvu5NMGnkgm+Lko1uyi3FUOKtVcYZ0MJUlnRsmU7qqcn 68vu8EaCOZUYrI4oVW2l0thGZGJM0oCu2ULlszWoNRtx7Z2ITmh55FgmcVmrIw/eplhTITGKfQf2 s27tCur37yM2NvS7toa6bVtpbmnHmpSdW7aw/0BL8OuwRaxOqG9oZO2GNRxoPBic2LWhqXkXjQdb sx7nDmfLrFuzEqVjxBmstpRLXVRVbaW+vimkvUqK0QprNcZoamtrWbNmDQebmomza8pLgpiIffV7 WbNpK1qZkHpd7GD9hk1U1+wkikLduxJDR1s9a2oPIDqksFsb5nCxWGTDxo1s3ryZcqkUAo7WoOIy e/buZeWqNbQ1N6JM6LPsvAulOFqzt3Yb9U2toYWluC9typ1JOHBwN40tnaF8Rzziw/3AqIid2zey f18TJsuyOdzLPPRU3lu/j/2NjYikiCi6OjvYuGE969aupKuzGdEebR0mE9a+twe0VnT1FFi/bh2H Wg6xb38923fXYMVgjKKjo521a9aye9duokp8RO93d0Sfck2aRNTta2DTli0kKmb79k0c6urB+9Au M+pp5Iu1a0i0xWmNk4Tu7k7Wb1jPzl3bSFKFtvZwaqcIRqcYnbB9x1bWrl5HY1MzxtgsIJUixtDe 3saq1WvYu68htBY0ms62FnbsrA5+JibFiqVYLrFm9XJ27d5FIUt1dyrFmQqdhU62bNlCzc5q0tSE 06SIgwUAACAASURBVGjR6CRmx+5qdtTWho4mxlKuFNmybQMbN2+mu5iE68uleEnoiRI2b9jMnvr9 pIUSGzdVUVIWEd1nsutEI2mZppYWVq5ZR7mnnQP76tjf1IxxGrExlbjM5o3r2bO3hjSK2LhzOyUR xIZytmJ3O6vWb6LhQAMNe3dQ23AAm5XOVXo6WL3qC9qKadjbpBVKhRJbtqylautWKkmF2IW1oFRu pGp3LamNMVajbYXWA03sbeogSstsWruUz1euZe2aNaxZu47Va9ezr6ExpLkbxd7GZjauXk93dzfb d2ygGHWE02FJKJQ62LRxO82th4jiLtauqiIxYR/mTJnuzlZWrV1PQ0M9kbIY63G2QmtTNfVNnSgn eO9ItKZq9Woq1iIm83OQMOet1jTs38+6tWvZU1eH1ilWEkRZrFW0d7ewYe0Gdm7biU4V1lriNGHb rl3Exh6+9lwInMTFDqo2raMcpRiXUpEIYyOUrdDd2cXmzZuo2rqNKNVoa0M23Y7twRPGaawtU7V5 Pe1tnegsiHW0QN95wxS8DbXqveTiPOdI+qaDl5Al5aC6bi8zZuZ90CEX6Mfk2xLoENLXnBOMB+Mc zibcOGEcc194G20NqVE4J2hJsU5nRmUJzmjaDjYy+fZbaY/SkG4paYhM+6y3ugjGhw2IdqH9jhGD zXqsKicYZdGJJTYWa0NPb2MSTPZnyaLVxhq0TnHGILYcaotccNm1uhI2MRLMWlKr0SqhRxu8dJB6 UDrUI1mrstNin7UjCgY71graCspYrAk1fTa78Yi1KBPqlKwNZibGSnZaFDZ/VgQRj7M6pISLC63o jMJkhlyHa1YEbTTiBGNV+EzEoKwOfZOzwIFzhiSro3I2RUv4t+IKRNYQW4M1YSMRZy3VnOohsSHd 9MvR4N42EQZjbXgsJ4g3WR912/faxJq+XufiHNYIPlYYIySZ94E3GjE6vGZr8VktvLaSmV0Jnc7i jA3i3IFRFiMK40K6pzEOk1gk1TjdjVEGk1iMrZBaS1k7TCqhn3pqsJFFpY5YwmlYKoIVTWJTKsaQ uhStNMqmKNeDWIeYFKcTusVS1sFMLDEWFRmUSkmNo8cZXGKJxFFwoW7ZZUaMvSLIiASBlola0Qmi UyIx9IgjlQTjOjESzLlisSRSQuvwOkUiiloT2wqx1aQ2BFuMCKkoEtFhY2cNXhlKtgWrNTaK2HL9 KD5/4EGeHXcDO199llUDr6TtubepaKGsHZI6UqtIjCU1glbhdRrtwgmyERKlqWhNyWgi53BKMN6g xKKVoGOL1YZIbDCTcgZjHJJ4yiJhE6QsxhqsFmwsmMTQ7UIrMNEOSYVIWyoiJFaCMDKWogixCaZm 2ihMbDCRYHyZxGlsqoPXhBhiMRStRkwJYxWJpJRshUjC6WWqDbbiManNenw7ElcO7f9MgrGlcC26 IM6908FJ3QlaldFJgk0ilLEYVUF0iURZuo1CqXBdpxIEoLIWrVMqJrTN0lYTS6ivdjrFWoc4hbZR EFxiMVbjY0eqBZtYlLVZFsvhNTGcEoVrLrI21NGmjrLTKGuItMEqiyhPoh2Njyz8ag16tp4EYRhM 4bSEdcjbULJiXOhh7XWaXYchTdtI+N5TscFMyYT/XzkVrnkbvm/jwibf2krICLBpVossiKtgrMuM HGOM9hhJMa4STDAz0zLJ5rg4Drd89JmzsglC0IrKSnEMxuhsLVY4k6LEokxMt3MhEOqSzF1dsvaR IeAhIkFoWxO+GwnXgLMm6wlvw+vSHqN08NZwZPMk+06yz9NqjbYK5RTOSvi9V1m7tbCeW6uwve8x C+I5cRgV7hfiTGjRlgVRrbFYo0P5gQ7lCUZUFij2GOfQxuAkC25IbxDXZq3e7BHtMsNae/Q9v1ek O2uDm76xGBWHtdw5nLdEHrxqJ9JJqJ3WBmsrOBuHtHNJg/B2+ku1l07Ca1dWYXTI5DLGI9YT+3Bt i9V9a5oVF8xkJdxfxKhg2CqCMRpnwlzT4hGj8VZlZl7hXum1x1qHdi48lg7vP8m+V28d1iRZEETQ 1ofUZpdm5WAh28I4h4uDwWpsNU5UqKv3hN7uJsYYE+5bTuNsgliFuJDV4F0S7uEuxcSW2KZUtEJM TCoGp4okYtE2xUqKduH7FhehdURiCkQ6lNlZSbFK46QHZ222TzBYU8FKAW0N2oVgvxKD1wolCcpa vBZSV+7zGghtbMn60AevIEmDEaJ1RYx0Y02KtjFGZy7/kqK1RqygnCbyDm+LWF0M91Ibh+tOe8RG Ya1XoUe9+OBJoCJL5HR28OCzzJoswyYLiooVrDXZXsOFn0Vhe69RF/ZZqe3dU5ns2gvXkmSHFyIq PJYolEkwNg1mdtmBiHHhvhzmZ7a3dJkxnNbhM7Y27E+c/YpA33XDFLyxeJML9JxjE6aDO6LbBlTX 1TNj5sO5QCcX6Mdk8Qsv8czi58NN+ogJ8s0EephkxpOlTFo2rFrKzDlPkWoTNn3OYZ1GfKjXsV7j rGFnVRUvv/Ea2oPzNtQgZ6/Di8dbj/ahNY3KzDhEVBCFniAQM8GjrEbEZ2kjOiz2vaf7rneTGzZS ziaIC+2DvAs1fC47QQ61maGFSiwO54poD9r4IJJFZzX3oQe8ZCZ5ztF30+tNGbS29xRODt8MrcmE PXjRIe0lE3Iua03nXLYhEsHbEGm2JnuO3pRyZxAfehUbsYgLrUBM9nm7IzZ/VsLJiHW9KaQRqUjY fLhwQt97gu5tEk6LRL4i0L2XvueXPnEeshlc9v7cUSNsEj3ehs9A925qrWRBh3By7q1HPGgf6u+8 8dl3qDMxAsZbnA/frRVNyUGaid7enqpGfPizdpje4IFR4WROFGXvMMbj0vD+e934pddVPnF4bfFW hXpVH04KxGl0KqG9kRGKXuGMDaZVTuOVxluDFZWljYaSgb7TseykIPIQZanFktWoexXMbbyLwwZF TGZSozHWZcEgg1OS1aL6UENnw1z12oX0XeP6nqfdx9jssyntq2Pfo7N5+oTvU3fTFHa/v5TYVrA2 xXiLeIt1Md4kxK43UOQxWaDMutCbvuxdqJN2Dl/2iEvRPgQ2vCtnvhIebUNGhfIS/AVMivVJOCnz jsiDtQ5rw89e+74AlFiXCSWX1QIK0jsfPBQ9JA6ccohP0F5CIM4nQWQpj41CZofXkm34XMjC8KCN UPaQaodoj4hDuyDItDMkXgVvjl5vDWew1vVds4nTaKdCPbJVOKdC3/IkiA0ngngdSnWMQ3uDNVnW jTVhfZJQHhA6F7g+czSTCQ5vPEY8ZW9wqQ7zNBNxxh9u0RIcpVOcjbJrMqTka61RYsP3Jpb2h+d/ RaAHMeay9TucDtvModxL5gruCMJTp+G7ya5d4yzGaawPcyVcyybMpWzdDetoOVsLe4MRJnu8IECM dThJgiGd+CBKXZpt1m32nIeHExXqmT194jOsc2HzHoIOJls3UrworLNoG4JKvlc4ZWvtkaU7vf89 HPwI79dZG67FrOe4mCBwXbbm+b5ATibQIas1NBiXBnHuDHjd9356N20uC2731WofeZLubDBXE3eE 0M0M1xzZZxVO532WqWN9+IycE2zfPcb2BdHDmtx7jzr2vdxna7/0ZYplKbwieC+kHnwW4BYXyrxE kvC8VjL3//Cev9wDOATPJbtejfjwGsWT+syoToIY6i0XCK85a00kJpRhucyZPbuOwj3H4EVn7633 PubDfsD3ru/h8zS+93t1WYuvLIvMOZw3fd+r9dnjZ/cjcSEg6Z05fILuBO90VgrmsGJCYEkO38OD gV+vx4IPAUaxwQE+MyRU2bw10vvaw/1MJEVL3LeH0lbhrAEf9QXYwolxjLhgHKt7g1Xi8KLDdSbB E0P7Unj92RyUvo4E2VprwgGC8wnOxyG45oLPTNhTqWwdDHuJ8L3FOBtlewkdPj/jcZJmho3Bi8P5 zMMmEbTTYV/UW2Ljeg13s9civWaNLgtUhbVUnM2+72w/5XsDZPbw/iTbg/WZF2ePp4wEY67s2vU+ y3DrvYZ9Zvznsj2N+MyUMQsQHcMkbscNU/oCcH3XUC7Qc75CWP/wYc9bU1vHAzNn991zjmdygX4M 3nzzTV577bW/2ATpPZX4usd22WnyH/t3OTk535ze08Eoihg0aBClUim/MRxntM9Z9BWBnpOTk5Pz x+kNjB4t0HfdfG9fm6z8fprzpyAi1NfX89hjj2GPKI04XskF+jHQWqOU+ott1A9HQv/w4/+x3+fk 5Pz59F5nxhiSJMmNSY5DcoGek5OT883oqx0+SqAfum/ul7IFc3K+jt6Sqt69WO/e7HgmF+h/gCNF 9F/yOb7u8fOFLSfn2+Xo66n3z703h96Rc/yQC/ScnJycb4aXYwv0tgeezPewOX8yvVnDvfMlF+i5 QD8m+YKSk/Pfi6Nr/3NyeskFek5OTs43o9ez4isC/cEn/9ovLSfnb5pcoB+DfBOfk/Pfi1KpRBzH X+vpkF/3xye5QM/Jycn5ZhgfTGRzgZ7zbZDvww6TC/RjsHPXbnbs2p05cDsgnyw5OX/LfLb0C+57 YCYd3T2Zc3xwu8ULEBx0X3ntTRKtya/344tcoOfk5OR8M6wLXUCOFugH75odHOh9fj/N+WMcbmfd 1VNgw6bN4W+Pc6GeC/RjsGjxC8x/ZknWuia0YfmmfdBzcnL++nz42Rf0v3wE19x4Cy+98RaFcjn0 oTWh7VJsLCedfg49cZq1Bzq+a5+OJ3KBnpOTk/PNcE6IxX3Vxf36O/FisM6Etm5ZK8x8H53TS99c 8NLXfnRXzR6m3z8zP0knF+jH5JnnX2bRkpf6em1DVmeTryw5OX+TfPDpMvpffhWXXD6KS4aM4Orr JrNyzQbKlQgrjthYTj/3IkqJOiJzJud4IBfoOTk5Od8M64Wic+zKBXrOf5IvC3RBxLG7rp4ZM2fn Ap1coB+T5158lYVLXg6pO87hAfFh9C4w+chHPv52xvsfL2PA5WMYNHQcAy8fzaVXjuGyoWO4buKt 1Dc0EWnLGedcRDlWOMkF+vFELtBzcnJyvhneOkS+muK+6/o7cUbnAj3nD9I3F7zgnGDFUb1nHzNm PtzXZvp4Fum5QD8Gz774GjfecRcLnl3Ms8+FsWjx8yxa/DzPPLckH/nIx9/YmHrvTC65YiyXXDGW gX1jDJcMGcXQUVdz/4NzuKDfIMqVGGvluL4pHG8cLdB3/sOPaLv/8XzkIx/5yMcfG/c9zqH7HmfX P/7fLwc6r78Tp1LEW5yXXKDnfIVjCfRdtXu4/8HZaK2B47sOPRfox+CpZ19g9IQbeWzefB57/Eke nfsEjzw+j0cef4o5c5/MRz7y8TcwHn18Ho8+EcYtU+5h4BWjuaR3XDmGS64cy8ArxzLgspE8+sQi TjzpVEqlCGvy+vPjiaMFej7ykY985OPPGzWT7sJbnQv0nD/IkQLdO4eIY2d1HVOmTf/ajjvHC7lA PwbWOYxz2My0wHO4Bj0f+cjH39748NPlDBgyhgFDruKSy69i0JVjGHjFVUyd/hC7a/ehrSDW4cRl J+h/7VUo5/8vcoGej3zkIx/f7mi5by7iwsmocyHF3flcoOd8Ge8Jbv8STtCtc2ibp7dDLtD/AHlr tZyc/058+MkKBlw2hkFXjuOyYeO4/qY7ef2dD4iUDkE4cXiRrC1Mvok4nsgFej7ykY98fLuj5cEn sT4TYNkNNb+35hzNkfPDA867fI5k5AI9Jyfnvz0ffrKUgVeMZMTYCbz29vtESoUMmWzD0Bvhh3wT cbzRueBlqn9wcj7ykY985OMbjN3ZOPLv2p9YHO6luUDP+Rq+KtDzOdJLLtCPgfccleLqwFvweW1q Ts7fIstWrOCpRc/Q3NaOdYLzval3FnGCsQ5xIM5hRfA+z6DJycnJycn5Orz1GCcoJ3jjEQfexHid 4OVwmrInF145R+PwztKbsWwllBVLlt6ep7jnfIVDza00NbUgIohIEObe5AI9J+dvlDiJSbXKauKy YJsPP1sRUiOs2VBFanqFe36t5+Tk5OTkfB1ePM4Jxlm89sTWkTbuoWf7NrwNLUt7xXku0HO+jOvT Vs45tLH0FMvU72vIBTq5QD8mzz33PM8+8zwiLmzUvc0mkf1rv7ScnJxvgHOCsRpjNeD60qqcE7Q1 VJThl6eeTTFKMZIH43JycnJycv4YLruPOtF45Sk6R/3ieaydOBmvpU+g56nLOV/hS4efDiuO3dW1 3D9jJtYGvXU8i/RcoB+DJUte4rnnXkIkRP++qUDvdZAOaRzSd2rns3rXvqiiB+8s3mW/O2r0Tt7e NJAjazaOSSYuep+j9zkPP8ZfZsJ7cXiv8F6C8ZZX4X3n5PzVcYjYLznKhusuzNXIWE797UUUE52f oOfk5OTk5PwJiAdnLFYU1jg6vaP5uTnsvn4iXgnOSvg3f2zfmnMckqW4Z5rFiqO2rp4ZD8xCJHdy zwX6MVjy/Ms8+9yLOJctKL73FP0/J9D7FiXnMvEt+CyttrfOvU+gizmiFuOo0ffcXxbof3Cxy15n 3++/JPD/cpPdG4f3FZwziBO8r+AlzzrI+a9LbwAptsKp51xEKekNKh2/N4WcnJycnJw/BefBaY12 GmM8iYOm5+ay8/pJeO2QowR6LtJzjuTIOSHiqa2r54EHHjnuxTnkAv2YLHn+JZ597oW+dJzek7b/ /GmwO3xaLr6vD6TrE+tHiO2jjDS+XLPzVXH99Ytc9lhHOFMfFul/Obw48KrvlBKv8JKfROb8VyZc E4kVTjvnQsqJOiLbJCcnJycnJ+cPIR6ctYi3OO1xxtO4aD4bJ96KNw5npS+bNBfnOUfzJYHuyAT6 w7lAJxfox+Td9z7krXfeR7K5cbSI/lPpOzUXH4w0xGfuhOHv3VGp7r3uhUcP9wcGcMxJHBbCrCZI XHhub3HijuFQ/+3hj36NWYrKt8XR7z0n58+ld84mxjJyzNVUkjRLb8/nWE5OTk5OztfhIRPhgrMe MY79777N2lmP4Wy2D+zd5+YCPecIvqStstLY/Q2NLFy0OE9xJxfox6QSx8RJGtpFeP54Svkfwtu+ k3LpXahsghGDER9q3I/s/+cEsaZvOLFYo3EupAlZa7Nh+upprbVfmcRGPOI0Xsp4Y3HWY73GGMGJ x2h7xHv5dia/cw7nDWJ89voVYnxwzP6WnqPXVf94vmBzvl2cc2it0drQ2dWF1jp0bsjJycnJycn5 Wrxz+KxNqXGgnKCjIqpQQGwusnL+MEcKdOcMVixKG8qVKBfo5AL9mBw+vaavDv2bCHTvbTjJ9kFc OhOzd/tqnn/pVUraoTPR7sXiRVi9/As+/f37bFy3ilHDh4YxbCjDh41gxIiRDBs2nJEjR/Luu+8w ZuxVjBgxguHDhzNs2LAvjcUvvMah1oNcf80oRg0dybChY7lyxHBuvXUK27fuRqtvX6ArrXhw9n3U Vh8gjSvMmvkAi599HW3Vt2K45ZxDRCiXy33ujjk5fy69NwCR3sDX4aBXTk5OTk5Oztfh8D7sl60n HNAYwYjk/axzvpY+XZW5uRurEOcwxzh4PB7JBfoxcB5sb3q5HNmS6T/3ON4L4i3agTOClohPX3+a e+97kIoDZWw4VReDsxFPzryfJxYuoNDTwd7qXdRV7+S1FxbyT//4A97/6DNqq6upqa2lu7uN2rrd 1NRWU7N7G//8D//Ea2+9Q03NLqpramhra2fXzs2cfubZ7NpdQ211A9t372DO7Ec46cRTWL1qG96l mXuixXkJ71dM34IqEt67k/Dz4XR7CX+fOc6Hi8gSRSV+d+5v2Lytligu89CMB3n+hTcxohFnEbGI Fbw4RHxIiXIG29eiw2JdCI54cTjpvUBBnMU5RUdLIzffciflKAn/zoWMgJycb0pv4Mc7i5Msc+U4 vynk5OTk5OT8KYR9rsNlZZxeW8R4dLZnzMn5OnzW6SqYS1uMhGBPnsmYC/RjYrJUHXHgskly2LDt T8c5sN6QiMMnQkUSFj96BzMffJjEk/VZd4gzOOlm6jXjmffWe0G0Woc2hs/efYUf/Ph09ja1ISbF ePAuRZxGvEOXW/n7//EP7N7fhJM0E64JW9d9wtmXXUvkbDgVFMEmZcaMHsyIUXdgXQ/eKrxXWDEY JyirUGIxRrBGQhQ01ThxWOswIuHisRbnDMYYjAk/93S1cdqJP2Z3YxNaFC51xCJorVBpTJpqxCjS VLDaItqiTEziQesUa1IS67FW4bTFWZWdaHq0tVhb5mDdRkaNu4ViZEjF4kyKmFyg53xzegW6MfpL JRS5SM/JycnJyfkj+HDw4q3HiMM4i7eCtZKVbub30pw/TF+Zrw8BHSMObYPuOt73YrlAPwZ7GxrZ 09CI6e2DzjcT6N6DOEMqgleW2JWZPW0ss+c8TurpO6F2zmJ1B6OGDGHJJ19gfAgMGJ3wwcvP8B8n XUhzTxkn6ssC3Qnljgb+5//zjzR2FL4k0Fd9vISRk+8h8jY7GTc4VWHMmCsZNmIy4iK8BIHuraZq ywbe+uBDFr/4ApNuuonOzg462ttYMH8+E669lhtvvInPPl+GMoKzEd1dnTw0axZXX3stU+6Ywsql n/LTE75PQ0sHcVTm6Yfn/H/snWeUVUW+t+/HWbNmxhxQMaNjAMyIOSCSVCRIzogYQVCUnHPOSJCc dMwiooIokiSnbkIDTewcTtqh0vN+2PucbhDQGee+d5yuZ61aiz6cs2Pt2vWrf2LN1l3EIgXMnDKB Zd+uYuTAvowcPxMRj7Bt61a6v/sOL3d+h2GDBpGelkZcKKQfISPjEH379uKVV17m3Xd68+OadXz6 2T/o/GIL7q1ag+49+vHp8m9QfgIlyu7Da/n9JF8AUkqOnzhhcxxYLBaLxfIbMQaMMEgNjoG48ZEF 2bjZ2eH81r5PLWcnZUE3EqU1cdcjv6AwZUEvy/3HCvQzMGfBEmbOXRAkifudAl0bGcTiCIFQBbzV sQF16r5Azz4D6NWrN3369KV3794M6tGVe+96gE9+2hS61gdCeMm0kTz2VFMKXYlW/mkCXXIycw9X XHYj+XE/JdCVSvDJ3MH0GT2NhJYo5eH7Dlt/Xsttt9/O8m/XB/HxykMbF+0nmPPeOCrcfhcffvwR BZEiPK+AVzq+yJhx44lGizh29CjPP/8C+w8ew41n88TjTzFh6hSiTpxIfjGvtmnJteVvILcgSkF2 Fo/dX4Wl36wl9+RhHr2nCo1admDf7s3kuXH2bFzFPVXuZ9++NKKez6rlX1KjZm1crdix4Rtur1yF 79d8Tzwe5diRk8yduxjXjfPtp3N4tUt3imMxIp6Hlo61oFt+F6WzuD9RrQbRuIPN4G6xWCwWy69j CAS6b8DVILRP2vw5fNujTxDKqHRJ2WA7XbOcRlKgmzCLe9re/QwZNsoaS7AC/YzMWbCEWXMXBgPK 77agS6RU+CJwY29c8zHe7TucFV9/y4oVK1i+4hu+WbGCFR/Pp9It9/Ht1l1hnLbG6ASThnTn2Vad iCuFOl2gG0Xa1jVcW+FuokKmBLpUCd4b3IEHqz1H61df4cX2benQoQO9e77Dz5u3khAyiBXSLto4 aJXgvdF9eGvAGHzpIpRg38avaN+6FUdP5lJQkENxUT7jxk/i21Ub2LLxW5589BlyigrxlYNyNT8u /4DrKlQlGnc5cfggD993J99t28fJzD08VvVRftiyGy19HBllaK/XeX/pp+QXFpObX0w09yTtO77O yaIoHZvUo3GrznhKoZQIsoMKg1Qei2eOoVvv/vhK4hsZxNHbGHTL76KkDvqTNZ8j6njhZ2X7xWCx WCwWy68hDWhhEEYhpEFrxfEZU9neudsZ66BbkW75BUalEg2m78tg6PDRZd69HaxAPyP/NoGuJUpL jFB4UqK8Ip6ofC+ffrMRoxRaq6AshedSdHwvf7++MtsyMjDCIJRCGpchvTrTsfcY4lKi5C9d3Nev +pIqjz5DQpUIdE/EGPTKc3zw2UpiKkj+FsR0R0n4Alf5aKFBx1HGQaooEwe+wcJvf8DzYwglWP/R DB6r+jg9+g6lb59e9O3Tg759+7J7fyarv/6AFo06E/EcXB1DOYod6z7l9ir1caVHxq4tPHDXrWzI yCJj72Zq16zHoewiXKnQIo9XWten7Zu96d13AH369mNQ7570HzqS3GiUJk8/yZDxH+Eog1QCo8L6 7dpjzOAe9BkyCl8nBbpjB3vL78KEFQYSUvF4rbpEXC985sv2i8FisVgsll9DGtCej9I+UhiKDRyd O4Hdnbpg/KBEsLIC3XI2jApKUhtVSqCPsQIdK9DPyNz5C3h/zrxfuFj88xZ0gdYyENzSxYmd5M6/ 38mP63YEAt1opAatBMfTNnP1VZU5kHUSKR2UUChVSI+uXRk2ZT5OWHogKP0mUEYgpcfyzz7huQYt cLUOFgOMwPcivNSkHstX/hTEumuFVj5GByUMpFGB5dn4GCNQspgeb7Tjp01bgsRswiPtp2W0bdWO gpiLUEEcu+u5CKVZv2Y5Nao9S25xMUIJlOOzePp4Hq7dAaEctmz4gUqV7uTA8RzSt/1IredakVXs ILWPFvn0eedNPvzsO3ypERpcIYh5Pp4bpf0L9Xi58wDiQuFLhRASISRKOnR7vQ0jRo7GVwpXBVkf jfb/vTffUqbQOkig6AjJY9XqEEm4KB2s5losFovFYjk72oAnXZT00J6hWMOxmRPY3rkLxk9W/SFM GPd/fbSW/yw0GAlGhXMxTVr6PkaMGG1d3LEC/YysXr2aVatW/e4Ooo0flCOTBiXj5Bcc5MYKt7Jr 516MDlYVg6zoLtvXreTq8pU5XlSEEFFUQmFUHp1f6cqcpV/gmiCrvFGBC5EyEuUl+MeSJXTo+Bqe JrCuG59YJJ96devyw7oNQcI5ozHK52xWQZHIo33r5hw4cBCpNFp4+PE8OnXqTPPW7Vn903pmqxrf ngAAIABJREFUzJrDa290Jisnj3gkm+eeqcWLL7/Kj2s3MHrIYOpWe4JGHXohZZwfVi7j/oeeIrcg wq6fV9Kq47vkJwRSOUg/wo5tm7nv3geZOHkK6zZtod/gEQwaMhztJ9i85luqVH2EwcNGsXrNenr2 7su6DT8jpMvHS6bzbJ3arFj5EzlFDkJppIz9y/fHYtE6iHuKJ1yefa4BkWjcCnSLxWKxWH4DRhlc 7SGli/Y0EQ2HFsxiff9+GBGUzTUmFOjmnzd0Wf6bCQU6JeWd9+xJZ/SoMVagYwX6GUmWW/q9HcQY idEaE8Z7n8zO4Iknq3P40NGghrcJ6n4r4bF+9QoeeeQZ8qNRlIphfIUU+bzbrRfLVq3FC8u+GRMm tjIKLX0++fBD+g8YjDCBqxFGEI0U0OHF9mzftRuhQ4GuBWcT6NIr4o3XXiY7Nw+hggfGqDjZOSfo 0aM7d9x5J889X4/Pli0nISRKxsnLy6Jpq9ZUvutexoweycK579Nj4AS0TvD9ymU0a9WBwmiCbetX 0nfoKCKeQEiF9F2UcFm9+jtq1XyaipUq8VqnruxJ34cUHtKNsidtD3Xr1uXeKlXo238AOQWFeMLF jecwsH8/Kt95P3v2Hcb1BUa7//L9sVhSJQiV5viJLIQMxLkV6BaLxWKxnBsjDEIrfO2glCDPaPzi HETWiUCch9WQrEC3nBGjSAp0rTWe51NUVJT6uyyLdCvQz8K/p2PoVMxN4I7tBfHUKuiQyRqRWiuM ctGhK7nRPloG5dKkEvg6EN+pLJhGYYwK3OdVUDswGeODURgtQxEffkZJrO0ZMQKtBVLrIJ4oKeiN j9E+SvlIrZCGsAScQEkRusuD0BKhfaQmiAvXDkoTuO9rF1/7SKNRUqOlDt3tg7JxRgdxJ0oHx6q1 DK6T9tE6yIAvtEYoiVZOcI2SixWAUtbF3fKvc+pLoGy/DCwWi8Vi+Wcw0iA0+MbBaC/4d1iJKJj7 luRxsgLdci5O111lfT5mBfr/IklxboxGm0AAJC3gv/yyKklOZVQoxGVgKU9Z9Er+P7nqlPo5pQe+ fzZuPnlsQamD1L6S+zEqNbjqcMA1WmN0sFCgjEYajS4V1651EG9kjEQbEfzGlCwwYFyMlqljPeX4 w5iU1CJGuGgQfHb2c7VY/hWSzxpGlDx7FovFYrFYzonWBAYiLTAqCOtUyqTizk9vFktpTp1v6V9o m7KMFej/i5S4owuUCWtBanVGa3ZgHS8RrKV/H4gHeYpgTorXf+dxJkWK0SUxQ+b07yVj4bXGKIHR gfjWJoyPDxcjUp4DRqe2V3obye2f8Xg4NZnIL79vs2xb/n0EAt0H4wX9384iLBaLxWL5VZQJrJ7G Nyil8Y2PVgqtTIlR5wzzSYsFTs/sX5I0zmIF+hk5kZ3DsawcVGgpTmJS5QBO61DnFIuhZbrU32f6 vkn93y9//8v2v8Wp2z/bgHquc0mtlP6Gchrn2v65f2oFuuXfQ5CYRCGUZNvOXXh+OLko465VFovF YrH8GloqjAxc2qUSeFIROXGQot3b0FIgjQy9M61It5yNINRXa000keBQZqZNEocV6Gdk9vzFzJiz IMhorku5VRv9Lwh0i8Xyn0sg0B1f8FTNOkTiCaQUZf7FYLFYLBbLr2G0Jq41vpFIFZRa27dwLmvf fgsjBVILK9AtZ6S0sc+EpaR3793PsJGjkVKW+XmYFehnYM6CxcyatwihFEpKIJngIrCGl8RXh/Hl 50rAZrFY/mPRWiGlJOH5oUB3UEqdOU+ExWKxWCyWFMZoEhqkEkjtIKTh6Kzp7OjUOSXQdZjbxQp0 S2lKC3QdVtTZs3c/Q0cEAh3KdqI4K9DPwOz5i5g1b1GQHV3KVIkIpUEoQ05+IV9/vRLXFanszxaL 5Y9HUqC7QlKtRm2KY3GUsiu3FovFYrH8GkZrjDQY30eaBDGjOTZ7Kjs6vY6WAqH9MPmwFeiWUykt 0JWUSKXYvXc/w0eNTZW6LstYgX4GZs1bmHJxV1KkaiXHXZ91m3fQrUd/Xn29G67jhR3ITuYtlj8i SgUC3fEFNZ+pm3JxtxZ0i8VisVjOjTKaiAGpBUq7yITm6Iz32Nm5C1r61sXdclZOsaBrhZCSHbvT GTZyjBXoWIF+RmbOmc/k6e/jC4mUAikle/fupXf/QTRp8zKNmr/Ia290x3X8VLkxi8XyxyMoCSOJ xBPcV/VhimNxhPDL/IvBYrFYLJZfQ2tFTGs8IxHSx3iGtPlzWN21C0b6SGMFuuXMnC7QpVLsTt9H n/4DUwK9LHszliGBfmZXdK1KapMnE78VFBaTX1CELxVZufl89NmXtG77Io1btKVh8w40bP4Sr3bu QcLxw3hVhdHSNtts+4O15KqtKyTp+zLwpSzzLwWLxWKxWH4LWmmU0igt8ZTEVQa/IIvE4YwgM7dR KYEOVqBbzoxWCqU00YRDVk5uag5WludiZUSg61L1wwNSNb2VRkqFlEHngKCjSCFY9cM6OrzejYYt OtCoVQcaNGlLw+Ydadi8I6906UVx3EMqjZAKqbHNNtv+oE1p8HxhM4daLBaLxfIb0SZMmqwEyii8 pMHLepZaLL+LMiLQ4ZT63qE4F1KzN+MQw0eNY8Lk93h/7kLmLljCgsWL+fTLL2japj0NmrWnXtMO 1G/akYbNX6Zh85do2OIlmrZ7jZHjJjNu/ARGjBnP8PHTbLPNtj9YGzFuMiPHjGfk6LF89PEnNu7J YrFYLJbfiNbgGVDaxQgfIw0iXPS2WH4d21HORhkS6AFaa5TUFBdFWbBwCWMmTmFX2l4coZAGhAah NQkhWLlmHT37D6NRy1do2PyVUKB3oEGLDrzSpQcx10frwH1HGWyzzbY/WAss6BoVTiiSSeOsFd1i sVgslnNjlMHV4GsPI3xcrYkbFbi3K516lxoCa7v5vz1cy38UGowkKdK1DsIlkv2mrBtLypRANwa0 MkQjcUaPmkBa+j58KRFKo7QOXHUMFMUTFMUTOL7A9QSrVq+lbYfONGjajgbN2lG/eXte6dqTuOcH 8TVaYrSwzTbb/mBNa4UrFK4vyMrJRUqJEMIKdIvFYrFYfgUjDZ4GXym00OQahYzk4mbnYpTGhGJL h4viVqBbStBgBBgVGkcUnutTVFicEuhleS5WZgR6KuZcat6fNY/lX30bWsoEWstgFSds02bOZtLU mUHiCyEQvuDAwUymzpxLyw5v0KB5e17p0p2476PD32itbLPNtj9YU1rjSYXr+9xzXxWi0ViZX7W1 WCwWi+W3YLTC1QIhDUoYIkaQOWs6a9/qgREqZQ3VBqQV6JbSGAXGDzVU4N28a2caffsOsJ6MlBGB rjVIGbhObN68lY8//hTPD0Q1oStOKomcUcxdsIRZcxeitMYomZrIawOHjhyn34AhdOn2LgnXDX5r Yygslj8kWmsMkBCSajWfI+q4GK3D59pisVgsFsvZkEbjGYFQEuEbXK3ImjWZ9E5voT0VZOdOWtC1 FeiW0uiUYVRriVSatL37GTZiTJm3nkMZEegGUFpTHInSp28/srKzkee4+XNCgW4IslGW3oZSing8 Tnp6esoVtqx3Iovlj0oy02xCKh6vVZeI64XPvH2mLRaLxWI5F1qD9iVSCYQyeEZzeOEkdnXqivE1 WipUGD6a9GS1WCC5WJMU6QqlIW1fBkNHjLHaijIi0LUGIRUbf97M9z/8iJDydwl0pRRCiNQKT1nv RBbLH5fg2XWl4smazxF1vPAz+0xbLBaLxXIuVDi/Flria9DSJ3POZDZ37oYRgUDXVqBbzkCqKxiF CZP1BgJ9tNVWlBGBrnRQq/z92XPJzS9Iie2zjRMz5y5g2qw5gTvOaRkoS3east55LJY/PhqtFI7v U/Xhx4jEEzYG3WKxWCyW34AyEDMa32hcrTGJBAfen8HKN7ujhUyFkVldbjkdQ3LBRmN0YPzclb6X gUOGWQ9lyohA1xoOZBxi1OixuJ6fGizONmAcPHKM/YczETKIn+FXvm+xWP6YaK0RQuD5Pt9+txLX 9RBC/F8flsVisVgs//FoHVRBktLgGYURDtHMA+TuSkNJG0dsOTtJgW50INClkuQVR9idlp4ylJTl /lMmBLoBFi5aymeff5mynJ9LcAsNjlBWoFss/+UkS3l4npcqsZYMX7FYLBaLxXJ2tFZIo9C+QRiN lj5xLRBKoY2tZW05OymBbkBJgVQSXylEaDm3FvQygOcLho4YzeHMo+FgcW6XG6HBUwqhJEpJILDC /7MCXRkwRmKUj1ZBfAVGIf0TRAscXBVB6wKM66O0h1AGXygS0kUIB88pJprwAlf75HaSsTzJVUst MDqBEQKjI0SkwZV+IDaUxmgPoxyk0Wjthx0ejDIYLTFGI4RBe3Gk0SjtB3XhfQffcyhUGqMUUvkY GQvclbSHMQpZqmyG0QoTXttkvcsgRECiVQQRK2Jr2lb2pO0nKnyUKHnoSq5rsIqW3J7WyeQiGmUk ngalfLRw8ZUKMvNrj8yDe9m9bQ/5voerYwgtkOFxKwPKBLUWTfLcjQ63n7xHCqPdVM4BrYNj1yqB EUVBDJVWqWvjqQSu1PhShddUYcL7Io1GlgqFCO6VwGgvdd211igjwm2GfUt7GCNQJuyb2gcjgm0Z BUagjEJqwMTBxML6ogJtEihlQMcRWqN0FKniCOUjzT/3cvxlfJhOxQdpqdCexpcRhBRB+RTjpwZY ozVK+mjlobXA0RohfbQSqYFYl7q/wXWR4f8F52hM2DcNYCRGl2T41NpDqTha+WD8cBuntrPFjgfH 54UrtQ5KeQgZZGs3OpxIaI0O+0bQR1y0KkIohW98tE78r8fPJa9jquwj+tz7NApjFCrsdymXMeMj k3VntQ6eQ6NPedZSmwBE8t5IgVYGIQ1aBceRHG+08JDCw/0nx0JD8jhkeK2TY4Y8LSZRh5U0JNII lFAIDa40CGUwUqOVAOOiS//2HH3cGB2OmTqsex/8XXINSkKYUu+E8BiCaxvmHtECIwXGRPGFQopk f7NYLJayizQSx2i0MCihMb5ESIOnNVLbPE2Ws3OKQFcSISW+1shSNdDLct8pEwK9OBpj0LCRxOKJ cLJaMik7E77SoUBXJeLrXxToWiuMCsSM1BqtEixaMIGePccRF1F27VnL2290otObnejU9R06tu/A Txs34ErB7k1rGD12Iq4mmJBqUSLQVSDOg4mjJJJ/nMaNn6ZazSYcOlGAUDqs9RzUeVc6FHNJDwJl QlGjcf0E29d9zZZdO/Clg68EKz9byCMPP843OzMQvkAoDyOLg4luOHnVRqcm/UbrUgI9/DwUO0oK sjK3cc/9Fan/wkvkJzyUinAmMZUS0eF9Sp6vMiq4JyLG7i0bWLdpE64n8bWkyxttqXDDrRzIjwfC XXtoHQrYlEBXvxDoJrmIYDTG+OHiQyDcfSlJRHNp37wBd95VhTvvuoc77rqbe+95gGfq1GLKtDnk Rx2E8tCqRCwYI9BaYELhLkPRrow6RaDLsO6jViY837AWZOp6Jq9xiXjVYZZLYxwwiVCg+xgTQyuD 0S6+Fkjpk5ubyXerv2Df4aP/ZK89M0YrEokom77fxHerPmfzxp8RrgzONSXQFVr57Ny+iXff7UZW URSpRKrfBtc9KTpL+khKmIWCySTLHqLDfuCHLYHWiWCxyIh/QaA7GK3IzzvCW291In3fQVSy1KLR weKICbbj+z6bN/3Emh++5FhWHp4RKB39/yLQg3/8NoFuTIkALqkxq8F4qQU0rXQwBp0i0E9Fhgsi Srhs3byZ71auJjPzaEqga61RXoJpUyezdsu2f3os1CkhXSKQk8/gmQW6QgmNr8GVOhiLwxe41l6J QE8uZpx9zyXiO7nwco5vJ+PhThfoWguM8Nm0eSUTJs5D+BItbSiExWIp2xgTzKu0NIEBQ0uk9JBS BJ+XYYFlOTelBbrROrCga41v3duBMiLQT2RlM37Ke0ilQxF2boGe8AURxw0zvf9egU4opEAogVHF tGzViG9Wb8FRHu/2eotF8xeQW1hIYTTO8H49adSkGVGliOYe4Z233+FIQSxwzQ+tjUmLltQ+SjkY X7B0wUQuOO9PnH/eFYydvgQnFDYpy5qSKUFutC45J61IuHnUfaoqrV96BVf4CO3z1ZKJXHHV1Xy6 JQ0hBUK5GFmMMBoVTrYD0SRKhLQmsHoaH2P80GqtkFKSl51Bly4dGTxiGhHPR+ooJWLqNEtWeHzJ yXLKMq0EbiKPDi2bUqvu80QSHo6BWTOn0q5DB44WR1DSBBbWUEwlLWa61CCQnKQn/w4s6fo0ga5w o3nUeKwqt99RhQVLPuQf//iQJfM/oNFzNbnkgssZNWk2QgmU9MMFj8DqGljLRWgp1wiTtFDqsC+U snamzlWHQvw0Dw+jTrlvwTYV2iQFigjEeni/feMhhebH77/i8ssvYuS4Sb+xt2pK34fTMVqRkbGH xnUb8sTjD/Dog09TnOyX4YOhtUQrj6+++JgKN97IkZN5aCXRSqQ8IZJ9Rhnww+sSnF9ykUOFVnmZ sqZjPIz2Ag8BGeNETh6elKcd87kzr5cW6JmH93DtteVZtXodQiVFsEwtPIGmqKiINq2bU7XKvcyc tzSs81r8/0+g/8ZM8kmBXtLHkyLXLyXQw0XClIA/fSxL9j2Jkyim44ttqVy5EsNHjiol0BXSifJC g/rM/8dn/0K4T2mvpVLP+i82FJy3MqCkQRoQSiOVQ27OCU7mFgbulElxr4PFq1/bd3L/JX+Xspgn j69UXy69OBII9MBzZ+nS6dR5tg2OK9HqXAsDFovF8t+PMWCEQSqDYzQR46FjeciCgpI51//1QVr+ Iyk9D5cyMGrFfUE04ZR56zn8lwv05M3dd+Agy7/9PhS5vy7QF37wEXMXfRBOzH7dJf6s+08JdINS BqV8InkHaN+hI8cLY/haEYlHECqwtHpSkn14N/UbvECeUGi/gHffeoM5/1iOH7psa50U6ApfC7Ty EE4O1Z+qSsVbq9Hwuaep80JrIkqjpIdQCkdIfM8PPQIkSji4QuArjRQ+jpNHjUeq0KjVKyQ8jSsU yxZOotwV1/Dhz2kUFOZz6MghhJNHPFzdUkqg/TjZxzM5mJGB64tAhBqJUnGEV4SUDkL6eNLBFR46 4RGVAl+5ONIP4309pO+gpY8vVWD5FwmkUuTl5XLs8AFcz8NREiUS+LFsWjWqxxO1apMfdSkWEifq E9c+MZNAex7aFfi+x9GjRzlx9DBCSFwNQimUn0AIga810WiUwwf3EUskcJMCWpdYzZxoHtUffpCH Hm1A3NMoKTGex4Hdq7i63NU0avUKrvRQ0kP7PrnZWRw8tI+EkDha4wuBFjGkHycrO4uTWceRIo5S AkdIlNIY6eILj7gM3MGMclEiQVzIIA5HuijhUVBQxNHDmbhOAk+ZQPAqgZIuRQU5ZBzYS3FxIFyl X8zq7z7nr38+j4HDxyCkQiqNLyWeEKjQhb9UTw1CB3TQkq5FQTlBGYRnSIFUUSIFRWQeSqPWU3Up KogFLvfhNrQWKOVSXJjNzp1biHky2JYSgcuSlmiZQEkPV2ocDa4ygYgXAiU1QkmE9lFGIoVCCh1Y TKWLUREK8k/S5Z0+xHyBlPI3D+DGgFYOWko8t5AdOzZTFImjkr83QRiCUj5KaaRSFBXlsOyLD5k8 fSGuFigVLPr8M/s969igS0o2nv756S+mc+0ruZAlhUTK8PlWAqV8fBU8q1r6KN/FEwohPJSSSJ1c QAzcxo1yEVIglSBalMX4CaPpO2hwcE+T3jd+nIMZB8guip4yFiavR3BOOky8J5Ei+blCSwcR9kEl XGQ4/iSvQcnvFVIqhNTBMWoQUqBEETOmjWPE2Ol4WuPLoL8YFYRKnPHaQNDnlINWHr7W4bYcINh2 sA+NEh5aCrTUQX8PrfVCBf1WigRGeBQWZZK+/zi+SIb0WCwWS9nFAMY3wVitQWrBgQ8WsGbAkKAG uiwV1mSVuqUUpy6QK5TWpB84yOjxk844PyprlAmBvmPXbjZv3/WbBfqcBUuZNXdRSR10o/4lgZ6y kIbx50oJtv7wGW/1GEJEuejQ9V0YEcY8e/z03Wc826AJRUqh/AJGD+tN/ZavEA8nhElrNSZIpGBU gsP7V3JF+SuYPPU7Vi+fx403VGDVhi14SqNEgiUL5/L3SvexdmsaSiSIFBzj9sp3MGTUBNasXsm1 V5fn8r+dx/kXX0P5a/7OlPdm8/XCaZS7/EreGDKBSrffwpVXXEWdp59ib04+vkiQdeIIbVq34sor ruSKyy/nkQceYNmq9XhSkpd9lKceuZ/WrVrSf8BQbr75TqbPm0Ldh+6j7Ss9ceOC7gPfovzV5bn6 qqu4tvxVXHt1eSpWupPcSDGZ+7bStGVrrrrqKq4rdxnVnqrJuu27Kc7P5omHqlDuovO54MKLuOaa m+j45lsM6N2Fivc9SEFEIByHtB2bqVGnBuWuuJJrypWjw4svsWbzTlwhmTdjErffehvj35vN/VWr Uv6yS6lWvTYb0o78UqDH8qj+8EM8/GgDYo5GSoHyEmzf/AVXlbuaZu3ewJcuiUg+wwYO4qqrynN5 uXJUefBxvt+0HU96eJETDOn7LldddTVXXFmOfn3epkqVKjRp/hLxuEv69nXccP01LF2xGk9JivOO UavaI7Tr2oOo1hQXnKB/n15cdc2NXFXuSh594H42bdmF62qUKGbsqKFcXf46LrviMipVrsSs2UsY 2KsT5a+4jL/++WIuuvRKbru9Irv2pPHaG2/Stt2LxBIOQqlS1kKFEA6OW8wXX37ESx1fonXr1ixe tIRpU2cSiyYCEW0ctPQoyj9K7acaUFQQCVyjw20UF+fTp3cPBg/sw6hRw8iOBqJMy2BxSCmfgxl7 GTx0OM1atKZH7z6sXrMWoTSuE2PcyKGMHz+e3Wn76N2nDx1fbMeyZV/haoUSLvkn9rF7+wbatn+D tIwjHM48wrHjJxBS/mriRy0NrlvM5IkT6dO7O3379iTj0DEc4YeeCh5aJcjYn8agQUNo3qIFc95/ j08/XsLk9xaHLu4xlFShiPx9Il1KiZTyDAK9JPRBSh3u5+z7ksonJyeLIQMGMmLIMPJy81m8eCnt 27Vj/OSpOMJHK5d9absYPGQULZs1o/u777Jxy/ZUGIxRHscO76NPv8E0atqcKWOGMmrEYHoNGgZG IpRk7U/fM6hPDwb2H8TWPQdPuc5ZWVkMHDiQsWPHkp9XwKKFS2jbrj0zZswKRbQgln+M9xcspW27 DrzeoR1fLVtGvhO4qgvpk5WVxZgxY2jTpi1vde3GgvmLmDx7Lp6vicfiHD+8kyEDuvPWO0M4eOQo BzMPk5WdixAqXET9JQYQyuPH775k9PDBHDyZRSwRYdr4kfTr14/VP63HlRrPF3zx8QcM7T+A77/5 ga2bttKlSxc6dHyZPen7EEpw5PBehg0YTN++bzN7/pd4wq7uWywWizSgfR28p4RBac3xmZPZ0elt Wwfdck5SXSH0FC2pgz7GWtD5LxfoEIj0Ldt2sDNtXyqW8tcF+gfMmrv4lIRBJhTp/xQmmQhLIZVB a8X74wYzYOh4YqYQLR2MVAjjoJUmEcmhVvUnGT9zETGlUH4+ny2azl1Va3K8IBa4qiZjyI3Clxot T9K84eNUr92aHCeGGyugWd1nqPV8M4p9iRIFLHl/DBdfX4mVW/ailUNx3kGuvPoauvcfSqQ4n/U/ /sgTVSpRs14DNm7fQuaJE6xYOJ1L/3oBNeu349ih/cyZM4/LL76EwdMW4Lp5PPZgFSrdXYV1m7eT l5vD6+1aU+7qyqTtPUhe1jGqVK7IZRddROMmbfj482Vsy9hBnTsr0bRdJ5yo4MDx/WzavInNG9cz Z/okLjjvr3Tq2o2Y71OQvZ+lH3/CsZMnOLp/O1Xuq0q7N3rgeQ47tvxE3RpPUuXhR1izfjO7Dx6i 91sdufqmu4lEJMf3refW66/h6Tot2bN3L+nbN1Lxltu5o8qTHMvOY8bEEVzw17/RuG1H9h88wM6f V3HVlVfT+o1+Zxboj9xP+Wsq0Kh5S5q1bEmD+s245uorufb629m4Ix2jHfr3eJubrr+Rzdt3cezk EQb378X9j1QjKzeHaWOGcMkllzNo3Axyco4zdnR/LrzgQp55rhWO45G29QfOP++vzFv+A55SRPOP 8sDdFan/cmcKtOLVl9tz1513snr9z2RnZzG4f08qVqzCe1PmsTdtHZddcjmzZy/maP4JVq5eyfjJ 0zh+eB9zp4/nvL/8hVe79mDrjl0URuN8v+Ynvln5Pa6QYSx7sp9KpHKYv2AWjz/xMBkZB8jLy2Pu 3PlUq1aLgrziQJgaDy0divMzeeapBhQWFiBSMeQSIRLs2L6R7775jKeqP8H+nPzAC0AF7v65J4/x 2EMPMWvhh+Tl5bJ5w088Xe0JDh47iSejHNr3M/fdW4WGDVuTtnsv6bs20rJVS44VxnATUbp3asfD 993FNdfczIMPV+PBhx6hXv2GxBKJkgnAWR5FJQ1SJjh4IIOfN/7Ac8/VZtXqdYGF2QDGw/OKqf7U E7w3YyZZOdl8+vEH3FHpdiZPX3KKQPc8j4KCgt+1uiuEoLi4GClPdZOWyic/P5+cnLxgYSR0rz6b u7vWCaRMcORQBhVvvo3GDZszfvwUcnNyyTx+Ak8KcrKO0Lj+8yxa9AG52Vn8/PNG7rz3fjZv34lU ikS0kOerP8mnX35Ddn4hG3/4hr9XuIFeg0egtUAoQX7eCXZuWUvbNu2Y/+FXv7CgHzp0iPvuu48+ ffozedJUcrLzOHb0BFJopJtgVN+3eaXLuxw8epRjh9J59tlneLvvUIT0SDgxmjRpwrhx48jOyiHr ZDbNmzejXdcueJ5ix+atPPXgvdx20w3ccMPdPPDQI1R96EF69emPK9Rp3iClro0JBHo95UN3AAAg AElEQVT2sXSaN36elRs24UmHjL1b6NixI0NHjsVTJrwGBfR6uxttmrWlRrUaHDx4kJPZORTFEnjS JxHPZ+fmLSz5YAaNW7xNzLHlgywWi0UYUJ4fJGEVhoiBI/MmsKvTmxhfh3MHK9Atv6S0xsJYgX46 ZUKgb9uxkz17M1Iu678m0OcvWMTc+QvD7/96fOvZMKns4YGLr9CSgb3fYeToKQjtY1QUJTw8RxDL y6R9q+b0HjaEwqiDUkU42uG7zxdx0233k34sK3BF1TIlRKRy2L3pWy7729+YMfcTTjpxnGgBS6eO 5IprbmH1rkP4ophFM8Zw6fV3sGrrXrRKEMs9QPkryvHu0KkI5eE5Eeo9Upn6bV7C03E8o1ixYCJX XFqOmT9uRruSIwfSuOO6a2nSazgZe7dwfblyDBw3E6kTCOGza9MK/nrhZSz89HtyszN5uOJt3PPU s+TGI3jSoyD/KDXvuJUmL3Ym4kmkr9AqytFD+6h4e2UaNWlFcTyBVB7x/OOMGjuSl197idbN21Kh wt+pUa8VxUKgnBzaNX6OarWfI9/x8JWm15svcXWFO3AjPotnD+SiCy9j7per8aWLjhczZHBXLi1f gc3bDvL+1MFccnF5NqUfQWofI7O4p3Jlnmn0dhiHHoQRSK1xYrk8/fD9XHf9jXTu9i7d3n6bO2+5 ibvueYI9R7NwpY8RuTzx6EPceHNFmrdpS+uWLWhS7xmuvvZGVnz3LTWrPcijtZtyPO6gpKQ4/wh3 3XwdNZ5vS9xz2LN1DeedfwFzVqwjoQWRgkM8fE9Fnu34DsdyM6lR9S5urnwfLdp1pE3LNtSuXZfz z7+EFs3bkJN1hJsqVKDu8/UYMnwo6emHiHsCKQQ/fP8Ffz7vf+g3emRg+VfyNFdiH6OcIPZbanwv h/ov1GP34WNhvwfP8Vk0fzHRaAKlJUo7GOVQXJBB7eqNKCiIIY2Xcg8PkhEKCnIO8Vyt6mRkHUKq RCDSfckPK2bTvGlbvv1xLRs2rmPjutUMGtCXLt174UiPgtwMbr71BhZ+8lngXu8XMbjXm6QdORG4 vscLyTqSzkuv9eJoYYRoNEYi4YRu1ZQknDvTswgYE7i4S7+QNm2a8N3qdfhGBgn2ZITDB7bQsUNn EiKBLx3iIs6MaSOYPH0xCaOJKg9fSjatXkzNp55ly/59QViGPvukwwBKKqRx0MlcDqqQTV9+yBNP 1mB/5n7yjMLTGlGcTb/+/Zj+/iwWLJjP+AmTmThtdmAlViKs2qDDhJHhpEcKXJ2guCCP6y4pz4z5 S/GkRiodhKHIBLOm9aVx/dasWb+BH39aw4a1P9C+Q0dGTJ6JqwXLF02idoOX8JSP0ArlJujzVmv6 DhmB1GG2fu1hZITeXd9h3kdfh1b9ZLiNS3HeSa6+8BLe6Tss8NzROqxe4ZOxdytPPnY///j8G37a uI4NP63j/dkDefDxOpwoKmL5R7N4snoLIlLhiWKUr9i6dSPT585FKIMQEieaxcSRQ+nZbxoF0QiR WBGu44c5ELyzX3utUG4uvV5syI+bdiOlh5IxBvbqyqDR0/CUwVMaLYoY3rMPj1R9jBNFxUHeCKmR QuNqD6U8jBRs3/E9rZsOwHeDUIjUGlc4JicnohaLxVIWECbwDjXaQQlJjoFjcyayq1MXjKfCai8l At1iKaEkIWsQaqlJ37ufESNG/1tCCf/o/FcL9KQY2bZjF7v3HgxdOn/dgj537lzmz5//u1dwkpZu jAyyLGvJgJ5vM2rMBDxN4DYsHXwvwjtvvEqtp+uQHQvK+GgVwTGSVZ8t5aZb7yft6EmSpamSAl2r AmZMHMH5f/orfz3/Ev583gWc/7e/cPGf/8z5513AwAmzcaXHopkTKHftrazckoZSHkVZByhf7jK6 DZuBr31cJ0q9ByvSqP3ruCKGqxUrFk7kynJXs3B7Oto3HD+Uzh3XXcsLPUeye/t6rrv0Uka9Nx+l omgt2bvzR/5y/vnMXPoNubkHeaTiLTzaqDWRMIY1mn+EGpVvpsmL3Sj2FEY45J/Yz/333k2Vqo9y NDs/jIlPMG94Vy6/8kamz1/A3i2bqVXtcarX7UBESEwim3Yv1OHJGs9Q4AZx6326duDaCpVxiyWT x3Xnkosu46NVP+FLD+MlmDK1HxeVu5oNPx9g1tQBXHb5jew7mhckWpPZ3Fv5Dmq/0A2RzOJN0oKe S42HH+Chh6qRG3cR0mHm+EFceFE5PvthE46SGC+HB++9i+p16rIjfR97du9mb/omdqenk3n0AA9V uYMa9dpQ5HvIhEA4+dx98w1Ur9eemOeQtnUtF5z/N+YuX0tcehQXZPDQPZV57rWeHMk9RLV7KvFs 8xfZmb6fvbt3siv9ILt2p3H48BGk8NizewevvNKRv996C+Uvu5T+46cTU5K1337I3/70P/QePTFI ShcOdkmRjhGgE6FAN0SLMni+3jPke6ZkpVsZtNRBWSktgyRryqOo4CC1qzemoMBBGA8dJgzUoXgs zM6gfq2nOJy9H6Vi+Aa0K/jyg1Fcekl5zr/wYi688HwuPP88LrrwQho2bUlCaopyD1LprlvZnXks SNwnIozo05m0o1mBCBYORbmZvNa5P1EZnIcUOnCjNnCuhbTgnJwg3MQvoE3rRqFAVxhpMCLCji3f 887bA/G1hy8VUjmsXjGfMTM/wdMKVwk86TJrxFBmLljI+4s/wVc+QoSJE880BigTiFnjB140QiPc KC+3bUvffoMYNWkqvnLxtCQvbS1Tps3CEUEMt+MLThYU4UsHKRyUIcxmHizUKQNGKDzjEinI5bpL ypNxMgdfmbDEocDIBAP7tOb8v1zJ+RdewgUXXsglF5zPhRdeTM/Bo4n5Pu8NfJem7XsijYcrBEYI 5k7tR++Bw/FN0D+09jEySt83uzH3o+Upga7C6xrNP8l1F1zGht378cJkdUYGyf22bFzJ9deW47zz y3HehZdw4QVXctElf+PWyo9yJD+PcQN70LxVd2IalC5Gi6CUo1AaV+gwyV2EaePH0G/wLIQRQV4C ZcLJn3vWMVhp0F4BfdvX5YcNO8OFjgQDerxB/9Fz8LXA1wLjOwzr3p3Or75J3ICnQUqD8g2u8cLn RLJ9x2raNBmM73qpOH5Tqp3Li8NisVj+2wjerRKtXYxUFBg4MH8G67p2x3iyJNGmHRstvyBZhSWY t0mp2Ju+l5EjRlmBThkR6Fu27SDtwOHfnMU9NzeX7Ozs352gIJUkTuswxtxn7vjB9Bk6nKgB7ftI P5/+A7vyVreeFBZEcISHK02QmEgqPp87kypVa3K8MB6U80rWMzaS/BPbufXWW2j9Ule+WvYlK776 kM+XL+ezr5Yx4M0XuenvldmYnsmyD+dT7vIrmffRVzjCZ83qb7jkwgt4Z+h0hFY4TpTGTz/Eg0/W pChahCMlyxZO4/Jy17F061609jiWmUbF62+geffRFBae5LabrqVRi9coKs7Fcz0WzJzEhRdfzvcb dpGXe4AHKt7M4w2bEpVBjfHiwuNUu+N2Grd9i5jnUJifwROPPcitt95KWsZhij1JzJfE4kV0eLYK lao+x+H8GCcPbeG+O26m+rNvEBMC7RXyevsW3FrpDg5l5eD4kn5vvsS1FSqRiGg2rV/BlRedR+++ Q4jF40QK8qld53Eq3FqRQ4ezmTllCJdediMHDucELw1ZzD2V76Z2wy54YZI7AyilcSP51Hi4KlUe rkVO3MeXDrHcozSuV4MKt9/Ppv3HMX6EF5s24O8VbiLj8BEczycSKWDLjj0kYoW89Wpbbrq5Ej9u WI9wBWtWLqPC5RdTvf6LxDyHI2lbuPj8v9Jz8BhiXpyf13/DlZdeRJ1X3iHPLaZJ7WrcdfcD7NuX gefHyYvEWLfhZwqLiolFiti3dw8JJ0HcSTB2ZHcuv+5m9ufksW3151z8P3+iY5e+OH6QkCvuesQ9 H6mDhHTK+EgTPA/Sz6ZViwas27KtpP8qTWF+UZCsTcogA7vSFBUcoXb1BhQUxvGNLKmhrYMkZUXZ GdSvVY2j2YdQysHVoDzJuu+X0qN7H6IJByl9lPRxXQdPaXzlkp+1j7srV2J/xvGgNJhfwPA+Xdhz JBvfgFEexblH6NixM8UJJ7SyS4Qvf1WgB65UgUCXfiGtWzdm5eq1QRZ5aTDKIfvkAeo935Ds/BN4 ShOPZtGjS0vGzPwEqV2MLmbLtx/QrusAIkXZ9B08isJYJLDinmUMUBpcLVHaQ2oP5UfZvWsLb/Qf RUFBDq927UE8WoCSLsVZ6bR98Q22bNtNPBrDlxJHCaSKI0WMhOMQ92UY6hKGKYjg+YoV5nL9pdeQ m1eMTJZ01D5G+iyYPYqub3TD9T1EmFXf9QVRofCVYP2KD6ny4NO4IoaUCi8ep2mjGvQaNAxP66D+ uA48Lvp0eYcFH31RkmU/vK7FeSe5/Zob2HvkBH6YeM2EpSEzM3ZTr3Y1MjNP4Poe0tP4soBiR+L6 DhtWLuHxx+qE1R3iGKlxnBhZOblB/XOtMTLO9IljGTBgHNoEyQwTiSARnjpHHfRAoBfTu2NDfly/ BSUFBcU51KnxOP1Gz0FoB6F8jJdgSI9udH+rJ54Jkx0pgxIG34gg/4dUbNv+E62a9cb1BL7RweJT UqDr0tYAi8Vi+e/HqGC+6huB8YPkr/Gso+SnpwfvDlWq1OX/9cFa/gMJ5mxJA1IsGuPYseOnGJbK Kv/VAj3Jth072bozLRBk6tdd3EtnUv49nePULO5BRu6tqz7mzR6DKJQarYr5/KM5lLviCia+N41F ixewaOFC5i3+gD17D6F9jynDBtC49etE/SCTdpCsK5gwjx7UjYsvLUf6sVykcjGqAE8rYsonc/u3 3HDNdbTv0oejB/fw5CMPUeG2O2nUrDV16tTl4vP/RvchUxFKIYTPtFEDKHdFeWrWrs0Hn3zK54tm cnm56/h4UxpKx8k8tIfbbriBNt2GI/w4Hyyezd9vvouna1an/vP1uPP2irRp9zJFsRh5eYeoWukW qtV/IUhup2MUFmXxeOWKNG3bBddLMGTA2/zlT3/irrvvpn6jZjRs2ppmbV7k8LFMPl88jGuurki1 p5+lUYNnueXmG6jzbAcSQqBVgqUL3ueq8uWpVuMZhgwfQ59OHbm+wm0kihUJt4ixg/tx60038cwz dalVvSa3VbyF3v3747qCGVOGcell13Pw4EmEUEgR5d477qZOg9dDgR4knZJKkygqoMbDD3D/QzXJ iwukcjB+gu+Wz+Pii6/kxc79kJ7LtnXf89B993DX3VWo36AZteo8Q/NWHYgWF7Fn21oeuf8h/n7b LTRv1JIWjRtyc7mLebp+B2Kei0wU8OTD91Huimt4oUlj6tWtzTVXXUHdl7tQpATbflrJI1Uf4b67 76VR4wZUr1Obus/X5+uvv2Hdmh954P4qPP98XRo1acy9Ve6jQdNWFESj5B7P4Pna1alw0y00btaK tP0H6TdwCD369CeScBE6EDaB14BAi2KWffEhT9eqwZzZs1m4cCFDhw7jjTc6E40EsddHjxxi2uT3 GD1iEHdUvI+Ro8YwbvJUNu/ag5SCvWlpTJ48iVFD+3FfpdsYPHQQkydO4OcdO1CeJOt4Oi80asLQ YcNZvHgRCxbMp1+/fqz7eTO+iLJ43hRuvu4Gxo6dTtzxWfbRAurXeYq+Q8dx8PhJlPKRiUJaNG3B uPFTWbBwAb1792XF19+FbtjJuuq/RGlNbu5RZk1/n0kTR/PgQ/fSucu7jJs0ma+WfYsUHk6iiFYt W9GidTPGjR9P504vU6vmk7Ro+SJbdu7A8/Lo/XoHPv5uDY4bZeyQ/sz9/Bs8L3C1zs/P5/Dhw2Rm ZnL48GEOHz5MRuZh9h/KpCBSgFQeUsZZNG8a3+9Mw3WLWDRvLivW7UCLOJ6I8vGyFfTo2Z1hgwcw cfIUtuxMR0hJxv491Hn2GT5Z9vUp5QC1VBzcu4txI4dR7qLLGTVsLJMmTeGnjT+jdBwjJXlZGbz2 8muMGDmKhYsXM3/BAnr27svan7cGdUdjubRs0ZaOr3VgyqQp9OvRg0cer0qd+o3YmpZONDef+XNn MWnSeJ59qhZtX3qZCRPHs2TJh7iuT9qebYwbNZTyl1xOv0FDGD95Chs3bUkdp/TjjBvRn7feepf5 CxawaN6HDBk2mJHjZuG5MYRzgjdf68zb3Xowf/FcFs1byKuvvsK48RNDTwCNUS4/fPs1LZu1YdHC +Uyf8R5vdn2HnPyikkz8Z7nvWjrMmzyUZs1aMn7cWNq/2IGnn3yUOo1ac/xkLgk3xhdLplG/Zh3q 1KzDuAmTmDl7NpF4HOUrHOGxasUKpk6aRK9eb/Ng1XqMnTCJqbNmklMcRWpdSqALK9AtFkuZwUiD r1XK20ppEMJH+34gzktXJLEK3XIOSnt5JrWXFej/5aTv3ceqNesCa8pviEH/d5GsS2x0kIhKKZ9E /kFat+1CVrGDUTms/fEbhg1/jxFjRjBy9DDGjhjN8NFj+HnLLpRbxDtdO7Hg4+X4yVrGKkikoKXP R0vnMmfePBypw7rYDtpoPC3xio4wf9Eips79gEh+FsePHmTy1BnMXfwhB44eZebkCXz901aE7yOl RLgRNv28gVFjx7Nu42b279rCuImT2XM8H1/GKMjLYdZ7U/h4+U8IIfCkx8lDx3h/3lwmjR7Pts3b 8LRGSpdovJBFM2byweefBRm4VYKiWIQPpk/nH198h3ATrFj+GaNGjWbUqNGMHD2K4aNGM3HKe5zI ycXzo+xc/zNTJoxj/dZdLP1oKZ/94yt8JfCEhxQuO7ZvZdz4iXzy5desW7GCqTPeR8ZUmGk9zr70 7bz33ntMmT6VYydPIGXgrr1981pGT5hKbk4hvu/jixhz35/FB59+F2QkD+the1LjxhN8MG8O8xf/ g4Tro1Tg5horPs60qVOYMmsRjuuhhUOsMJflX33F6JFjWPzxpxTGEgjPR6sE+VknmbNwPgtmLiT3 +CHuu6UCT9d/iZgX/Db7ZCbz5y1k1pzZHMw8wJw5M1n8xdeBG7d0iRXms+yLL/h/7L13tF1Vuff/ /vWOOxz3vgKiiA3LRcR29cq9XK+IIiBgl2IDRCkRREhoghRFAumF0DupBJQiICRAKCGVVEgjlfSe U3dZa87neebn98dce599kpOC4I9y5meMZyQ52WfVueZe3/m0ITcM46+PPkprW3ucxMSzetUKxowZ zYAhg3lswnSyisN8Tq5GJWvn+acf4cabb2Xj5s38/Ylx/PWhR8hcR+ssHwQNGeYd6sosXDSfSy6+ mLPPPpsRo0bT1NyC94p6ZeWKpdww+BaGDh7I4EFDGXL9AAZefzOTZ8xB8oyF8+YzaPBQhg4ZxPWD +jBs6BCGDhrCpDlzYrs0l9NWauP2W2/jrDPP5IorruSRR/5G7hWREg+MHc7Ng4dyx+330JzlPPrA SIYNGcjAIbexZOVqcl/GV9t5ec5MLrnkCnr16smEZ57DO0Ul1g9onNw7m7Jp42vcfMNtDBkyiAGD rmPwkBsZNGQoDz70KN4L3jvaW1u5687bOPs3PRj3zHhWrF/LbQP6M23ubJYvmckxx/6Qq6++iquv 6c/lF5zGiSedRVu1inrl2WefZdiwYQwZMoSBAwcycOBABgztz/WDb2DGK7MRyXhtzav88HtH88c/ XcW1va/iTxf14NiTL6RSLVNWpWo5wdoIWmLK1Gl894cnU64Imzes4aweZzH24ccK73Scx7wqy+a/ zOABfeg/eCg3DhjG0OuH8uyLU3HajPqAZBlbNq5m2PXDOLNHDy659HKefWES5XIFU8VUKLe1MuSW G/jt2b/l4bFjmLNoDoOG3cjUl+fRvnkTd952A4OuH8oNA4cxcPBAhgwdzMiRY6hWcubPm81NNwzm hkHXM3DgQAYNHsLEKVNj+DexJaTPKjw94Wl6nt+LC393CSNH3c/KdVvwPifTMq68lb/+5S+cc965 /OHii5gybRrVLC+imDq88Y8+/FfOOedsru3Tl8XLl5N7qdcK2bkJ5VIzNw4dzMUXXsis2fOYM+NZ +gwbzLo1WylVtvHQiOsY2v9mBg0exA1DhnLjrTeztb0VzWNrwqf+/hjXDxnI0OuHMHDgLQwePJib br2ZTU0tRXRUkWZR5NIlEolEdyCoxfe8ok1W7J4RYuva7QrDpTD3xPZ0rktg6Tu0gW4h0FevXc/d I8d0eGP+fxLoMfxTIHh8iEXigrRw+um/5u9PPot6QVTItIp5wYtizhDLcc7TtnkJvS6/itUtVdQ0 9mmuhcuLxt7gEgVZZka5KBqlroJTpaqGExd7EIug3pGLUvI5IW8lUyFIHotYicd8FV+89AfJUauQ mVD1ZST3+LyEyx3Oe6riCeW4H3MxV7RqFYLPyMUTMqXiq2Qa+y7namheoSwae5VLLOxltfPS+DKu YljuyFXJNENyw6SEF4+Z4MxQU8RVEO8oO8HnnnKeEaoOKQSHK3paO3PkYpg3zCsmOVWrIL6CqMNJ GdMMJ6HwghUCXQ3vfVwFlmrs0+0Ur4KKoNKKSJWKGLlI7COuFUyqtGsM18+cJ/NlxGdUzLAsINUW vvrZT3PMCWdTyh1eNLYgEyMXxZmi4lEvMbpBclTaEZPY17roEe29ElTQoq91bGNWIlclV8VcFXF5 vB5WWL3ntMae7pIhwcUCZnn8Ha9ajEtFLO5PxVBnqKtiLkZxqCpeWnBiZF6xvIo5h5MQx4Q5JHdI rrSbIWKYU0Szojdq7AMfW4lFL2cuMYetKiWaJUddGyrVYtzG8GfNc8S341yx0qoB75RqJaO9vZ1y uUS5XN7BsmqFYKUYEi9lRNuLSAlBTci9K66Rx7xSUcFXN+KlFXGeqmtl9B29eeT5qby2YhmrVi5l xcoV3HlDbxYvX0tWhGNtv0CgWiWXHJ97KtlWLv3DBQy9fTQrV61i+ZqVLF+zjD/0/CUjHn6cDcsW Men5F2lraaLc1sT48eM5+fSzqOQ5lfI2/nzNn1m2dgNi1AV6FsBchpMKJTNCVcglp+IdzrYiPqAu Q30zJh5RxRm4ov2d+Bxn4LMS7cFwTjBXJQsep55WNUKljEiZikgcB5rFcxVDnOFdBZUsPtMSn+NM NLbfCTFdxHvBaTXOM05QH/Aq5E5pDYr5LahzVMURpFSM/bhoUmujZuYJVkHE8FqkaYin3N71PS+V SrS1teG8x4kjuFLsAa+G+hbKFtMFxDxBNuMkhvyHzJGJUrG4MBXz/nNES/Vn0tShUsGJ1MW5GfVz TiQSie5A/XtIlFxzfMjQPOBCMR9aEuiJndO5sn9KE2ukWwj0bc0t9Ok/iEqW7zIcskZrqURLewnZ LjznH5tY4opQrGJpBHPcd99oLrjgYnzuoygIEvPUNRSTWXzRf2nKC/QdNCjmyYaOfuy1CU/rub/R i+RD7cXdx4JS9ar1RTisWSHwhaBRzNb+L9TCZoN1eOiCL6okF5U4az2azWLuctGiKqjFfM0gBJWi t3IU0rGAWFEgRAVfXFOtV9Uqro8VvxcgiMYCTMV2YmG8osJ6w7VQiRXt1UBUCFJrfRTDt63Yf62l mBXnq0Hq+zPzxf4b8kgpFkHMit7zEv8s7mGtyJoVFfVr9yEKCEGCFcdVu3bFz8TIq2W+9+2jOPM3 Pcmci4W2aqE8AbQI0a6104vXpzj/4pLVPh+sVnXeikiNPFaiLxYaTKS4l1b/bMffa/dYYz6xhvr1 NC3GWcOXaaiPrYYFrhCPv+YlDY2/F4ygMf+s/iWtRRG++jEUI6AQnLE6uaEh5veaunrF8o7ra0Xr wlo1c08wx8033cBJJx7PCSccz/HH72hXXnE1eTVHfOzHHkIe740panExZe2GjeTOo7VFE61CyBE1 mpu2cMXve7G5pbWoGu9RVWbNmMgdd96LNIRmNRKCFONY2bJ1A78773zWbW6OItEUDcprS2dx4aV/ oNy8jSuvuIKze/yGHmeexYUXXsyixYtj/rd5cueiOK+NC4oiZcW18cGKfMDi2bMsPvcqmOb1sdJx XxvGunokgGroNA/E4nwdY71W9C6EWHG17jUOWh8jcYxu/zJmWLEyHuqCNi7+xHkrj978UEQK1Z+L xroCxT0vflekyuqVr3LKz3/e5T0/4YQTOenEU5k8aQYiGqvKm49RMubjHBZqz4LriLAq5hQtxq3W xlqQhkVFrc/HnWb79AKaSCS6EcFi3rmZIJZTMaHc3Exl/dqYlhk0vg/UIqre6gNOvC2paYtylrOt ubnL96nuRrcQ6Fme06f/QDZu3hLF2m4+f/+Df2PMXx6q56zDmzuxZFnG1q1bdzsAK5UKbW1t3X6Q vhuo5daISOHpLb/hGgfdGytEkmDmWLN6GXPnvsTLL89m7ty5O9jixcsQF6u+WyGuouCLz2DVeX54 wk8oVTNUO/cmV1Wcc5RKpU73a2c/3xnee0ql0o69z4sxYWZ4ySmVSrS3l6hW82JhzO80t767UbvM wQTTjEp5K6+8PLPLez537svMnT2fpm2tWK1Zeqjd+0QikUi8UYIZFQMNPkYaVQOvPvQgL/XuTfAu Om5qC7gkgZ7ooHEBPxQOxFeXreD6m26pF4jrzu/I3UKgqxm333UvL7w4eZcVl2vcM+o+7hoxpugl HF+m38yJpSbWdlUl/s0oUpd4+9B4zxurU6b7+4/TERoVPZyqvh4OvT3iNebSSy3ioCOqQlWp5J6j v/N9StUYot2psE1D+Hojtfu5u2e58fNdbafzfNDhiVftyJ9P46Qg1BZl4v1WdTu95/G+FSkaanQO pUskEonEG6XmQdfgUCkTSsaqO+5gTq8L6gLdkkBPdEGnCLuiOPO8hYvpN3DIDsXiuiPdQqAHYMr0 Gdx4863k3u92ghg+5n7uGXVfEdr45nvQ92TAdedB+W4lVab851AX27YrAdbwLD2n0okAACAASURB VDcUrgmFOM5FOPKY71CqZtRWc/eE13Mfd3XvbbsFgde77e5BLT+t1jfV9mDBtSNEvvG+JxKJROKN E9SKlESPtyomgTV338LLPc8niI81PlKIe6ILuvKgL1yynH4DB9cdF92ZbiPQS9WcG26+laaW1vqg 2NkL8D2j7uOOe0f90wR6IpF4oxT57KFzj9WdPqONedINnvdQeKczLxx17HcpFwL9raoiWhePDaHY SVA2UMtjh476D6/j+qRrmUgkEm8esa5PjDb1weECrBx+G7N7nU/QJNATO6crgb5oyTL6Dhjc7b3n 0E0Euhp4g2dfeJHZc1/e7U2//6G/MfbBR5JATyTepoSgWHBYiEVoLOymQFdN2DV6UIOD4GIOuhcO O+JIStVqvdDgW0FHP+3Y/aG2qJCI1BdYiOJcgtULK+7s8x1YykFPJBKJN5EQlDwUXXJMUAmsufsu Xu7ZKwn0xC7p0oO+eCnX9h2QBDrdRKBbUdV4/YYN9Os/gFK5ihetVxre3krldkqltnqF6PhnsmTJ 3j7mtrN/cBuaY5LhsjLPT3gKl1fewPb+Gef3Vh/H29ssXddkyZIl+6ebmURnl2gsYGpgarEWiHiC M8QHxKB1xVI2vTw3dubYSY2QRGJ7zIzWtjbmzZ+fqrjTTQR6IBaKy73nvrH3M/HFyTi/Y4ucxs+H ogVPsmTJ3r2mxaqtWey7Xe8b/zY4tmTJkiVLluztYFa0O/VeuOPOexgxaixbm9vwXjAVVItipxbD 3aUosNzdRVZiz2gsjF3LPe/uY6dbCPRa/28nnlKlws233s7KVWsQaeyz22G1/MZkyZK9+83Xi9w0 9L9OlixZsmTJkkWzGMLuvKdP/8H87NQzuOCyq3n62Sm0V6pkQVDzBKdkZmQpRDnxOmkU6WnsdBOB Dh25L2rGytVruKZ3X5qamztaGhXtj8wMExdNo73VoUXJkiX755ipI6gjSPGcF8/+W31cyZIlS5Ys 2dvFzAQRIfdKnwHXc9IpZ3HCKb/hpFPO5rcXXMrLy5aSiyc4JfdKrh3e0CS2Ertj+1bESah3U4Gu Zqxes45+AwYz5v6/UqrmeLW6OZG6eVXUkiVL9m405z2i0Svgxdf/9CJv+bElS5YsWbJkbwcTM5wZ VTGu6RcF+omn9OD4U3vwk1PO4rTTzuPa/jexct0GrD1DylkS54k9plGQi0hqN0s3FeiihhpUcs/9 Dz3K+RddxsDrb+bhx5/ksXHP0GfwjVx2dT9uuGM4N901MlmyZO9iu/me0Vx/272c2uM8ht56Nzfc ce9bfkzJkiVLlizZ28luvXcUN901gnMuuJyTTjmLk04+i+NPO4ufnXw2p550HieefD4/P6sHd51/ AX8fOqyT0EokdkXNg7502TJuueUWnHP1n3dXuo1Ab8SswwJQyXJWr13HwkWvsmDhIobceBv9htzI tJlzmD5jNtNnzmH6zDnx38mSJXtX2ZQZs5n00my+e/zPeW7KjPScJ0uWLFmyZJ1sNtNemsWUl2bz +yt7c9IpPTjplHM48dTfceJPe3D8yT048Rfn86drBjP+msuYfvFlmBdMOqq4p5ahia4x6n3QFy+h 74BBnULduyvdUqDvjNpguHvkGO4eOaZeGCNYQ+G47XIjkiVL9s42Nah44chjv0dbJUPNOs0HyZIl S5YsWTLIvXJt36GcdPJZnHTK2Zxw8m85+dSzOf+Sy/nro0+TZZ41I29ifq+LCF4IIvV37CTQE410 DIeaQIdFS5bRd8Dg+pjrziSBXtA4Cd07eix3j7wPtSTQkyV79xtUvXDUsd+jrVzt1OIjWbJkyZIl SxbNiXJdv8H89OQzOPEXZ3LyGecxfMT9tLWUqYripMyae27glV6XEEQwTR70RNfsKNCNhUmg10kC vQvuGTmGO+4dhWgcNDWBnuaWROLdhRVVQytZzreOPpbW9hKqcVEukUgkEolEx4K1V6VP/0Gcdvpv GDnmryxZuQavhrpAHhTTdpYMv50XLrmcIB4zxUJRByokkZ7ooFGgmylelAWLl3Btn/6pfgFJoHfJ jDnzeGnOK6hZffUvCfRE4t2HmWKqlCpVbrn9TqpZjqkkgZ5IJBKJREGtyHLuPXfceTcvTp5G7jwi ig8gPlAJgrkq216Zw7IJz8fv0hA9o0mgJ7anUaCrCl6EjVu38ezESZ0iGbsrSaB3gQTIRHGiSaAn Eu9iTAUVhxfFq+JFMPWYyu5/OZFIJBKJbkCtRbETTzXLUDW8F9QLFTOcQSUYoeTJfGxRbCaIKRpi imgS6IlGtvegiyreIJcYrSHSvd/DkkDvAgugIU5IZlafVNLEkki8u4irs51z7KD7rtgmEolEIrE9 gaIV1na5wcEsetANXDCCF0QC3sCCEYIl51ZipzRqKzVDg2Eh9UCHJNC7pFYQrjEkJwn0RCKRSCQS iUQiYsHQAEECQYwQBBcMn4R5Yg9o1FZRe8VFnUQS6F2SBHoi0b2w0GGJRCKRSCR2T4w2haBG8AEJ ivoylmUEDem9ObFLQqCo+WOdtFciCfQueejhv3H/Aw/FSSd0DKBUOCqReHdRe6bLznPiz06hvZpR a62YSCQSiURi55hB8IozwWtAg7H68ceYNeRmghim1snhlUjU6HB8GgRFzVi2YiU33nRbTKdoaNHX HUkCvQtGjLyP4SPuQzXEyceMYAqhew+WROLdRjDFzCg54Yhjf0BbJQr0lIeeSCQSicSuCQFCLlQt J1dDAqy763Ze7nkpwcdOSLXotBSJmmikPh6CQpDYB33RMvr2HZIEOkmgd8mIkWMZMfJ+RA2NsTsQ JFoikXjXEIo2axVRvnnsj2ituqLNWvf+YkgkEolEYndoAMsFsQx1SjnAqpE38sr5FxLyKNBTFfdE V+wg0FV5dfEK+va9Pgl0kkDvklEjxzJi+H2YhlhFMAgEB8G/ru0EDZgJah4NLVjm2LBsBk88M452 iS0EtLa6qMLSmc8wfcrLLFw4i+t6X07f3n3pd10fru07mD9f15/eva+h93V9ePbFSfTt35e+1/aj T+8/0rf3YP7cpz/9rrma3r378uCzz9G6fi03DrqJ/r2v45rrenPNtX249e7bWfzaaireEbwRLENC jgaHhNheTgOE4CBUMIs9LEPIo5kWOUWChli5Uw2CCZqXeHT4PSxZs4Wqz3ho5C089sSTVJ3izQjq CObj9SgeyOA9IWSIKcEchFbUJEYtACFIQ9SC4V2JLeU2nFRiGLL6uK1E4h9ENbaDKeWeI7/zY9qq DlEpvOiJRCKRSCR2hhpYruSW43MjN1g3/AbmndeLUBVULQn0xE4o9BW1tmrG4iUr6NtvMCKSqri/ 1QfwdmT06LEMv3dUnFi0CG0P/nV70DsEukNCC+YcTz14O3+6tg8lDYgqIcT8HJMqN1x3CbfccT/l UjPr1ixn/doNPPnIWA488LM8PXEqGzasZ9XatTS1t7N2/RrWr13HmtVL+NwnDubR8c+ycd1K1q7f wLrWVpbPmcHRR36fVWvWsXr9etavWcVDD47ly//1VSa8OCeKb82wkKFBsWCYUbSVUzQIIWgUKiFa bENF/HnNTDEVqqU2Tjj6m7w0fxmlrMz4h0YwecYsxGIvzGDxXGttFIJ5gnYIdDXBQiG8LSeoxzS2 uIv7FbasW8FZ515ES2sTakpQlwR64g1hFvOeyrnw9SO/Q0sphbgnEolEIrEn+BC/RyvB4/OA98aK 4XcwrefvCXl8bxSzJNATXdAo0EE1sHDREvoPGIz3vqH1bfckCfQumDhxEhMnTkZFCw96LcT99XnV gloUsOZQK2EuZ8TNvbmu3yDKEuICgMWef+Zb+MOFZ3L32EdQEUwEyYUX/v4An//cISxdswHnHF6V TApBK0JW3spH9v0EryxZRdAMNaNqnvmTxnPM8adRkYAzCOKQchPHn3AsZ53zJ5yVCVqFUImrm+aj d1wdXuMqqIYcgke8Ij5ghZfdQi2qIEd8FTOlqbmZI7/6JRa8thqvHnWtlDUgWsW0jBa/m2ko9pWj 6nG+gpjigiEhhhtjLQR1SC6oD8XiQM761xZx5m8vplQpRa97EuiJN4iZ4kUoZ54r/3QtbeUqXnzy oCcSiUQisRs0gIkiJqgLVA1WT3uRZQ/+rchBt0456IlEB0V9rwaBvnbdBh5+5NHkQScJ9C7pcpUv vH6vWjAhmGHmCJZhrkq/P53LoKE3k1usfulV8Zoj2QZOO+WnPDB+QvS8i2HqeeaBe/nvQ7/NuuZ2 RIqVpkAMPVejtWkt++/1SVZtbo+i1xTRCtOeGsnPe11JSQPelOAFq7bwu3N/wcm/upzMWguBXkLF mDp5PKPvGcvokXdy5lnnsXZTE22VZm6//SaOOeo4fvbTX/HCpOmURVF1VMut9OtzDccecxRnnnE6 06ZN5stf/AxrNm2mUmpj4NVXMH7qHCptGxh89aU8+fw0Lr70cq7pPwxXbWHFqlX8+owzOPJb3+KS Sy5m9ZYmMjFMKzRtfY1Lep3PMUcdS48zz2XBgnncP3YEp534Q750yDfo0eNsxvzlEdRVkG7+ACfe GKFmDav7qc1HIpFIJBK7JxaJ09gD3QfaA7SZEsTX26yl79NE13QIdCC1WduOJND/mQQXQ7vNEyQj SCsXnHsSxx33E3pe/HsuvOgiLrz4Ii685AIu7dmD//zi//L45BkEyYpc7SoP3TaMI47+KVsq0bsc TDtaVpixdtWr7P++A9la0kKgC6olHhndm8uG3kpb5slcO6VSxvPPPsN/fOkrjH9uej3EPYSMkOXc e29/DvnvY7h79AhenvsKldZVXHDR7+g7YBBrVq/kpenT+MlPT+bVleuolpr43nHHMWDoMJauWsXc WVO47Pyz+NgBn2VrcxtNW9ZwxP8eyn3PTGHbhpUcfsh/c+o5l/DMuEdZsmI5r86cyNePPYlnnp/E 5nWbeOQvoznhF6eSizJnymP896GH8ZeHHmHV6lVMmTqZsWPHsnLFMu65vi+nnP4bXpo9k1UbN6NS RZKnM/EG6CTQi5eJ9AWRSCQSicTu0WBkoQh1VyN4JfjU/zyxZ4R6lLLW02dDSI43SAJ9JxhvSg5q J4GeE/xWfnbCN/nlL39Hn3796Nv3Ovr068t1ffvQ/0+XcuAn/otnZs4jSDuiDm8l7uh7DT8+5Vxa JaA+CvS6qFBh3pwpfPIT/0W7i+Hpah7Vdu4cei6H/fBHnH/BhfS64BzOOfdCfvGrXzHuuUlURTDp KBIXsjK33HIFvf4wmDZpR5xnxcvjOO20k1mycg2r1yxl3boV9OvXn6efm8b8WZM47GuHs2pbC2Uz 1Lcx8fGRfPJTh9Fezlm/ZhFfO/TLPDFzAetXLuPrh36Np2cuRH0LTqrc0Psqrr71PlauXc+GFWtZ t3IRp5zRg1Il57ennsD3TzidTI2qZOS+jHjBvOevd9/E76+8mlw9VRWC5UmgJ94QHc9SjEgJZkmg JxKJRCKxB5hZ7H9usbBv8DleDVd8lyYSu2JHgR7rXyWSQO8Sb0YmhmhsEQEdL/Kvh1AUSHPBYrh7 vo3DDzmEh5+ZRm0RQCzmwbZuXMyBn/o005cvQTQUgqHENVf24pzLe9NuseJ0LLZW9GbXCpOffYJD DvsumcSq6l4F8RWu/M0vGPPYY3jnKWmGammnxy8m3Nz7TEY8MQmXlRHvmHr/XRz5tSO4pv8w+vTr S7++1zGgfz+WL3+NFyaM4+c/OYe23OPUYVnGwmmP8alDf0yWtbJ0wUt86SuHsmjZayxfNItjjj6R 5eu3ICFDK+2cecqvOP+yP3NdvwEM7nMNg669hn6Db6atdTOnHHME1wx9gKqBqBGcol7wfhs39jmP P/YZRnsw1DuCC+Sh8o/f6ES3RzXWmSjnjkwUMUu5T4lEIpFI7AHRCWU482SaE7JAmy8RylsIIkUR 4FrB37T4neigYywYKrEPujMjF0VVU5u1t/oA3o5MmDiZcROex6u+QYFudYFuJvjyFr7y2S8zYfp8 YvXC2B9SVNm4bA4HfOxzvLphE6qBoAKhwh8u6cm1N9xNJRA98XWBrgQp89Rjf+W440/DmyLBokDP Slzw8xN47Pnn8M5TsRyzys4Fugh9Lj6Zp19aiPcZIp75zz9Oj1+dTlvm8OLwPi+K1BnTXnyW7x13 EltbS+TiCc7x8Khb+ep3z8D7EnNfep7P/8d/8tra9Sx+ZTrf/cGprG8tocERXJXLL7iYR5+cQK6x 0FsQT1mMcqmZ04//Hr+9qB9lJ3gfC+VlmcdLK1dddArXDhhGm8aHOfiAf52t7xKJRswM7z1V57ns qj9RrmaoJoGeSCQSicTuCMGQYIg6RKuEtsDaic8xf/jdBO/RontPEuiJ7WkU6MEML8KKNet54MFH ur04hyTQu+SekfcxfMwDeHljAh3ATJAQq663b1vPlw/6Ai8tXBm3WeSTW4CFM1/kYx/7EuuaSzGP x3KCVbnwvF7cfd/fyYJh6qLnnNqqZcYj94/i1LMuRsyjQfEqZO0tnPHjH/HsjOl4JzjzWMh3eozq hF5nnMS8ZesR7xFTSi3rOe0XP+XmW25l9ZpVLF78KsNHjWFzUxstWzfwlf/4CnfdO5LVa9cxe8YM jj3i65x4+kWoVpn8/Di++rXD2bytifmzp3FqjwvZWnVIEMxnvDD+Kb7+P4cxffZcNmxYz0vTZ3DP mIdwkvPgyFs5+HOH8sLEiaxds5oXn5/CgkXLcFLijhuu5tc9zmbxqrVUs5zgY1hVIvGPYqqICFXn +dbRx1GqVFGNxRgTiUQikUjsHA2GC2DeEayC+cCqe+5i1gUXElx8L43teZNAT3Rme4Euaixaspw+ /QfVIxm7s7MkCfQuGD76fu4aMTqu+llHdcHXO7HU2peZKU49TVs2cM4Zv2bJ+m1xmyaIxjD3eTMm 88tfnkdLuUIQRbRK5kvcdP3NvDhtAb7wNlvRN52geJ/x7BOPcvNdD6DmCMHjVSm3NtP/ysuZu3wJ 4jxqObaLnA5XyRly3eVs2NIcW7wFQzVj9WvLuXHYUHr2PI+rr/kzj497irZKjvmc15Yv5uqrr+Hi iy/jgbFjuG/UCAbeMgL1GTOmTuTSy6+krVxh4SuzGHb3KNpyj6ii6vHVKi+Me4Yr/vhHzuvZi+uH 3cTceQtw4pG8nZemz+KPf7yCCy/sxW233sWGTdtw4ii1buDmW4fR8+LLWLd+U3yAJU33iX+c2hdA LsJRx36PUjXjTatBkUgkEonEu5pCoItHQpU2gzX33sL8nj1ju2CTJNATXbK9QFfrEOi19MMk0BOd GD76fu4eMaZeKR3+MYHuA5jlBPNk6qn6nCzfRqUYb8E8qopTQ32VPHOothG8xfZrliO+hNeA1ft+ GxJiMY7Yd7JCZiCaEULsk27isDyjZFXEO9TKyC7GuIoh0oL4Sn1BwUwxEdS7GDZfPDwihjghWBkT j3qJq6biydUwFUxjLokvBHlFBe8Vq5+XYZlg6rBi1Uy8xMUB06L/fBXVHBVDNaCiqHOItJA7wamg VsVcmu4Tb4T4YGSiSaAnEolEIvE6CGpULEaLmjlaA6wcdQuv9OxZ5KAngZ7omh0FOixasoy+AwZ3 e3EOSaB3yZsl0F0As4xgOVXzVDXH+SaqVmuTFsVwFLYen2cE3UpwhmjAhRzVtnpO+vYC3ZugeRTo ZlVCyBFVTDzmlYpleJ8j1o7bxTjPxXBaQn170bO9JpQlCuNgsdCHKuY9zgmibZj3BC+otqKSo9pR YEvNEFVEPV4dlnmCNypmlINhXos2b4paDI8y9UUuU4wgEM07esJ7RxDBtBkVxZtHQjvBd+8HOPFG SQI9kUgkEol/hCBGi0EelOAVkcCa4bczLwn0xG5IAn3XJIHeBbPmzGHmrNk7VBG0ACaGU6EcfCEc d54HbYHYLiBoDBs3ix7q+qg0QrBikEZRECyPReCIvxuKImihCLfvWCgofte0aG9R7Kf2OTOs9u8g u2x3EYirn4Ra7q116kMY6p8ptltss7Yfgq8vZHQ6f7N6mErQWCRELYb+hyJMvyaEgsW/1w4zhOjF b9hafV9x/4YFn3ptJt4QVlRtz3LHHXfeRTXLime+e38xJBKJRCKxO4IZLhgiAfFGST1bp89g1aPj 6+/Q3V1oJXaPFU69TZs3M/HFF9PYIQn0LhERvPeISCeB7oKhVUGqnoo5zHnEKT503wGUSLyTqVVx 997jnNvhmU8kEolEIrFzJESLKZtCJTicSWpZmthjas4SVcU5l3LQSQK9S2qe3+1Xb8yM3AwnFiuI B0NCDqnVVyLxjqT2nNdMJL5UJBKJRCKR2DUawFxARMnNEaqCKxterVMUZSKxOxort3d3cQ5JoHfJ zgR6UCMTpU09Fe+xqiHO0ORBTyTekdRWbWsrtymsKpFIJBKJPcMCmA94NXLzhIpDMsEXkWhJaCX2 hO11V23MdOexkwR6F+zsRT2I4fMM2biBZWMfQMvt5BIwTYnQicQ7kcawqlpqS+2LIpFIJBKJxK4w LBg+EAsa+xxn7ZSlHP+3GwusxJ7T6DV3znX6WXclCfQuGD9+PE8++eQO+TMur/LKffcx65gfMemb RyLtKymZTwI9kXiHUhPjeZ5z/vnnU6lUuvUXQiKRSCQSe0wQLAjqAyIBpxU2Pvk4c2+7K+WgJ14X qsrq1asZPXo03sfU4e48frqFQI8VyCFozBvPgyEGpob6ou+2xqrh3oS7R9/LXWOGUzHFqWLtZZpe mMqMc3vx0qf/nVmf+QwvfeM7SHsrWa29RPDJkiV7h5kVLWByLxx1zPdpL2eYBszkLT+2ZMmSJUuW 7O1tggsZJlVUlfYgrBw1jFkXXFC0xtX4Dl7r3pNIFOzYZs2KNmuDUqoh3USgayhae2kgSIhiXQJe lSw4fHBYcJjliGSMuvshRtz7CCJC9dUFzDvzdCZ99tPMPujTzP/MF5h68OeYfOT3ce0tOFG8Wezf nSxZsneWmaJBqYrnyO/8gNZqBTVBg771x5YsWbJkyZK9nU0NZ0IuHqeGc8bGO29nYa9LokAXSQI9 0SWpD/qu6V4C3QeCjznjQQMmAZWAGGTiqeZVfLXMLffdxW03DWDqn65i4v/8L1MP+jSzDj6YGZ/5 PPM+/QWmHPxZJh3xbdy21UjLFrStFStVkyVL9o6zMlYq4UoVfnDMdyhva0Lb27BS5W1wbMmSJUuW LNnb1/JKRiUv49rLVCs55azCsntuY9oFlyUPemKXJIG+a7qFQAeL3vMiRyYP4DRH/VZKa2Yz549/ Zv7hP2DBt45n6g9P4PnDvs0r/3UU8z/zZeYedDDTDvo8sw86hBkHfYXZn/kMSz/976z85EE8cOAX Gf+xLzLpYx9j2gF7J0uW7B1m0w/Yh5cO+ADTPvEhpn/iI0w54ANMO2Bfph2wz1t+bMmSJUuWLNnb 3aYesDcvH7APCz7+fl4+YC+e+vf38vKFPQnOE8ySQE90yfYCXVSZt2gJ/QcNTe1u6TYCPU4MZiBm iK9SXbuC+3tdyrwhd7P+5VdorrZQ0hJeSsxbuoC5C15m6eSpzD67J5MO/BxzD/4M0w8+iAUHHcTM gw9k+reOxG9ZhmRb8dJO1VeTJUv2DrPMValkORXnuPq6AbSWK2R5Tuazt/zYkiVLlixZsrezZb6K d1VKPmObr2CtbayYOImF9/8tedATu6RRoJspqsbq9Rt54KFH6p20ujPdRqBrUYDATCmvWM4Lfa5j zTPPYu3tmORURamK4n3AciH3Qlk9vmUrW+8dwZyjvsNLn/8Scw/6PDM/83mmf+O7+NYmcufIRfFG smTJ3mmmiheHVyX3Qi6CF49Pz3SyZMmSJUu2a9OA+YDzgUyVUMkpq2C5EFQJqmjhRU8CPdFIJ4Fe jBOnhjS0XOvOYe7dQqAHCbRqhs8r+GqZJT0vZcXU53GykxsfhBAUDcWqnwqu1MrSe0cx/T8PY/5B /8HMbx5Lc2UDzT4QKmnWSSTe2RjBFOi+XwaJRCKRSLxe6u/KwQhOCFlALf4skdgVoSGyIkZaGCGk 9zDoJgLdTDFRMudYfPsIVowaQznPCPlOZo+gHXkzBqaeYI5cSqxf+yrL+w3imWN/gjRtpaqW+qAn EolEIpFIJLodQQOhKMZcDUa1+HsisTt2FOiNnvXuTTcR6J6KCaXVm5nymwsorV1FVQQT3+Xngxmm jSEWipnHe0/ZHK7cRmnePKpZG7lqEuiJxDscCyBpxT+RSCQSiT0mBMM0hrObBkoBMnFY5urCPX2t JnZGMN1BoGs3DmtvpJsIdEeLeVb+5XnanngKtQxVRYLr8vNTp77EtGkvoWpADLewYGjRpk0thsP6 IFSLUPhEIvHOI5hiZpSdMuSm2ynnDlPFunlxkkQikUgkdocEUHUE84Q84A02z5jKigcfIziNzq5C pKcc9ERnDIJQSy1UVTZu3sK48U+jqt06/xy6jUBXpNzM/KsH07J+NeYVNcVC1y/hd48Yw10jRiOq qEp9BVAthvKYxvwaNQjeCDvLZU8kEm9rzBQRoeSEbxzzfVoqGSpC6OZfDIlEIpFI7A4JoOIRc2hu ZGosH347M3pdSsijyFKzehX3JNITHRgEDyGOE1Fl4aLF9Os/MAl0uotAD8bmF19kwqUXU66WUWd4 8wTt+ubfO+YB7ho9Fl8T6BZ79LmgmAnBGVr0U/fF5LObI+j8z6AxbD7E/4vFqWorjBYnMYue+2A7 7wUY6PhcbfIzYxcFFrb/ecyz19Dxf8FiS4zatuuTasPnXy9mFILHOm17x2OrWdfUj6H+u/HzZh3b 7WLve/izHfdV21/j50On/3v92905Vt9+5/3v6XY7H2Pn6/RGjqlhu9ZxjHFs7rj9eqjSTsLadjV+ Oq739sew6+N6/XT8rqngvaciwhHf+TEt1bz+zL+5+3wr2f01rM0ZIVAUCimhvwAAIABJREFUyQR2 WMDseIb3bF+N+3irr93u7t/O5p/tz6c2z76Tx0MikUi8OVgAy5WqOTJntJixdtSNLDr/IkJVMLWG InJJoCca6RDoYKgai5csZ8DAIakPOt1GoAvLrxrK3MfH4vMyXgPOlKBdD4ARo8Zyz/D7EI256AQt Xlrj5xvzJXYnOEJQCHkUvrV8HC2j5qmI4tUTpISa4s1w6rBcUOcQaUelHVOrT2yNJgYhF7wKpaBo buReUJNOoh8KcRUkTqaBmC9kggRoCxAki30IfYVcFa8O7zLaLbbLcCYEy9Hi5b0mwDod0w7XxDAT nAgmOSZZXPQwCFILa4kLFNEkWhcLDGrggmGaE8THe2MKVsbEIwaZhGI7hYgI0vHv2jFabdGjQWxC x3UpjsEbiComeX3yiCvBkIni1aKQo+NlvX4e212DjvPb0WLrv7hfs/hF1ng89d/fzXUOFnPANIAE w6Qar4uGTp/v/LsdgqPR4g8VgotWiP0givoYPSKWY8U5dBIuaqhT1Mf7bEU6SG0hSENNDNbSR6gX l9FinyHExSsz4jMatL74FHfko70OGq9nLPpYrOyLR9XTnnuOOO6HtJSrxc8k3pvaM2tKMFc/17cP 1vm+Ff82o/4MEHzHGKp9xlxhtXtTjecqRrDNqDNMS8XzSDH2c0TjmKpdz+2N4BvGkCv2bfXnsEZ9 HHYxr4VijDTOrTu+2O3pfSjGWvAQqvWx1Pj81I4vXqvaeGuc9xULhgVf9GoNiHjMuk6RSiQSie5C FOiCtwzvlHYzVo8YxoKeFxFyRUWTQE/slNr7uZkhYry6eBn9B1wf3zm6eaphtxDo4irMPftS2l5b gLgqYuDMCDu5+SNHjeWue0YVIrBD1NVE754SvdlCaBTopmzetJq/Pf4obblD1FNu2cQT48Zx34N/ Zc3y1ajLqahj5dI5TJ0+D1+IlPrLZah5cYTgQyHsS0x/9mkee+YF8rBj78C617P2d7W6hzwPYL4V b4qoo+qFVcvn85cHH2TxtmbMK7l5glYIIesseHcx6db2qepp3baBW24Ywuj7HqCce0x2IVprk3lt O0WUgguGSpUgOWqGmGJaZdxjDzNg0BCa2iv1aAcNHbktOx7vji/3VhOPhUDPxKhWK0x46gnuf+CB aPc/wH1jxzJ7zlwy7/EaolCviaGaN7+raw9dn2+niIkOYdUo9jvEj+50DFoxnqPQNdSXUXHITqJE drhXOxXoPl5DVcxFUe5VEfPodgtHpoZ6j3lHVimTS1wRrYn42jXu4ugLAWT1xZBAg3DaXoQWz8Lr oXYdgykqOXlWJfceEY+Kp+KFbx33A1pKlSjQJZ6rqaEaihC9t2Mbtu0FesO9LBblosi0DtFeF+i+ YYxFT0dQIdg6zAdEXDF/1b48qziX4XLdhUBvWPSsCd4uvO6153TnAn27z8MO29gTOo8Z6dhnF89o h5jXhjFWFAoNhgWHmZDlgvMO0STQE4lE90YDmBck5DE6VZWV99zC7At+X0SbJoGe2Dl1J40a3iuv Ll5B335DUNVuH+beLQR61ryNZ867DGndHF+8QwxN31mI+9+fGM/fn3gKL3H1r8Pz+voGShx4WrzY aSGKMwYNGchve11IOXdMnzaFIw7/Gkcf/W2O+cFJHH3ooTz52Hi2mGfulOe47KprqapiwRPqgikK OTOPBJCgtG14lSO//Dk+dtCXWbh2cxRCxUspWN17Wfe2NnjTJG9n9guPM2nmy4X3XBk36hb23//j PDzrZUSUzBxBSxDKdPZ8W138QKMI7QifN3OsW7mEgw/8d4797o9pq+YdntUuPGs7CPQQqzp6EyRv Z+7MqbwwaRJl5wlB+N0Zv2Tf9+/H+q3NdS+r1tMDrJO3ru6lbhAxtWtRE3BmSi5Ge2szRx72v/yf //Ne/s///Tf+77/8K+/51/dwwEc/wlV//COb28r4QF2g16pPNp5Tfbs7HSRRpNfPufb76gkaIx58 iF7xKJjzBo9kh5iV0HDtTGjatJpxTzzOoqUr9kgA7ezY6t5xMyrlVp5/fjzjnxrHpMnTcD5HJXS6 lmaOSRMn8K1vHcGmbc1FFEqxuERxrWqCvlHUhYbFiFqUQxHx0fg81a7p6/2O71jsUdavXc03Dj+c qdNnIip45ylVM848+1xK1SriM7wrMWXic0x4ZgJrN2zBW7wPb7d3i1A807XFu0jD+AgdiyOdrqV1 XuypLfBgFdasmcmT455i1twFSHEPQhBMq1w/eDDn//YSRLpeIImLAjXPc8exdX4GbIf9d3VeO/ZG 7Ryt0Xi+u6ZztEZ9DtzuGa0fY9Bi/GlxbSjOKWfx4kV897s/ZsWqVZi9viiORCKReLdhAUwUCYJ6 QwzWPfU4c2+5kyCWisQldkrnd0fFi/LayjUMH3Ff3XueBPq7nNYVK3iuzwBcXo5COUSP7M4mCy9F WHaDmPhHVv46BLqPL5gqmGvmV2ecyYyXFyEi/P3xx5g0eTKtLc20lUo88Ze7OOmEE9kqSqW0hksu +j3zV2zAmaIW+7HXXnjNlMwMl+fccO1V7LfX/2P/j3ycPw+8kaqBqcOkiqgjD5AVYtm0gjfDayCI x1eaOOHowzi5x3lUDJwqT426kQ9/6FM8PGse3imZOnzWitcMVYnb9hW8q+LVyNWQ4piCekzyKH7U yMXR3rqNv459gL+Pn0DFC95lDS/BVnjEQcww85hJrLQvMQxc1GJ4bbWJHr8+me//6Mc0VzOcKlMn Ps3wkaNorjpEBfU53ueoeLxaFFcWPfmq0fMtoqh3mAjOC1WnHV5qwKtRbW/i24cdxn8e8k0mTJzK xClTeXHic/S+8vfs/4EPcvk1/XEaw3C8yxG1IvRdUTVEpDAfr4UXvMTQ6dq5mc9iFIWBmBI0I2jW ce5qiAqiEhdk1CGqePFF2kBc/HFqiMX9mzomPz+e9++7L/2H3oiq1S0u7IBsV9jQioUJM6kXTrMi xSMei7Bl80Zuu20I1/a+mqOO+hHNrRuQRi+6KcFyXpo2kV+e+gs2bmuJxRRFMI331FQI4qNHthhr qoJJFfU5FQk47whSQdWR1a+px3xOtVzh7088Q+46Vlf3ZAKvt0sUx+aN6/npT3/K7Ffmx2cgxGtS qlTiuJOMarmZEffcxe/Ou4A7ho/FBfDBuoy+eCtRMUSrmJURX3j7NS/GiiCieC/F+UsM3a9d09rC kmm8R1JFfAtTpjzNH666iF+dcS6ZxfFm6gha4Z677+HqqwcVHS6KYyjuoWqMOBCpRnMB9YpZXhTc 7LhnIlJ8AXfkqNfHXRHqVht3tXG5ddsmJkx4qv58mYb6/+30+qgU18fH9Az1qFbqxysax71zDq+G k7h4YD7HRIp5JyCSoVph+fKl/PqMc1i5dj36OiOqEolE4t1IkIAGwwVoD4rP27FSuePd4K0+wMTb ku2j/UKI7ybOp/xz6CYCvfmVV1jx8IPkkuNr+b6dPE6dafR6vhkCXYMv8lkdzRsWcsY5F7C17DDv Ue+o+igc1FdYt2IhP//5z2hzgupGrrrkYq6/bRSZ1byznlqOrho4y8nbmjjsP/+LQw8/nN/1+DXf OuaHbK1UMcsxX2Lj5vVMmjmbzaUywTIkb2LyjFmsWL2Olk0beeG58Rx+yBc46gcn8PzUaaxct57x 993KRz78CR6aMpOZU2fyxPinWLTgFUpecOJxWYl1q5fy7NPjePyJJ5g1byEVLULRswpzZkxl2eJF NLW0MG3WTDZs2MDsmXOZv3AZmVdWLF3I9CmTmDZ1ClOnTmXy1GlMnTGbcu7QvJV1a5bz3HMTeHLc Uyx4dRmZKC6vMnf6C3zv2G9x6NcO46mJk1m4fCWrVrzK1JmzaBfFi8NV21i+eD7PPP0U455+hpXr N1IVxUvGhvWrmTZtBqXWVubNmc34J8cxb+FS8nrObhToYkbWvpXjvv51Dj/ieNpzi2JSqry2YAaf /MjH+MmpZ1LJPeKqtLdsY8LTTzPuqaeZt2ARmfOIxIWILZvW8/xzE3jq6WfYtHkLs+fMYeGiV/Gi lNq2MXXqZF5rbiM3wVebmDdrMvOXrqAihoijadMaXnzuacaPH8/sVxbEa6GGSUZ7yxYmT3yevz/x JFNnzqa9XGXlsiXcdcMg/vU9/8rZPS9m+sxZtJUrLF2+glfmLyDzQufgESuEuUc0Z9OmjWzYsJE8 87S2tkcxJYp4h2kLTdvWcty3f8aWpuX4usiK47tSbqVcaqalaTNZURxGNYaVmzpMc7JSE+vXr2dL c1v8jIH5drJyE9uqjlw81dbNbNq8mTaneA2xjYtUadq6jZ69rqC97OvifE/ylOKikqdabqPS3kpL Swul3Mf5oHiuTQWVnFKpibVrVpBlVcZPmMhNd47CF5EJrze0/p+N+oBZiSzfSqk9I888ImU2bNnI 5m3b6lFA6nN83s7mTRvYvGULmShiFOPAMMmptDezfs0KWptamb/keX555lnkFheA1JXJq820tbXR 2pY1FEkzxDsq5RLVShmXCSJlNm1ew7YtrYgzREr4vIxKzrZtW1m/YSNV55Gat51Yz0HEs3XrFtat W0s592xpakZUEYnjZvnShfz5z3+KwtrHXHCzGEXTFTFszuF8M+VKS3EsVXLfTHs1o5Llxdh0qM8o Vyq0VxySO6qlVtatWU25muFEEV8lz1spV9ppai1Rrh1/IpFIdGNCgFB0NvIBsiD4IKmXdWK3NEa1 ddR7SQs6NbqHQH9pBq3TJ5KJj0LMOnIru+LNFOhmigZBg2G+wsQnRnDZNf1pk1CIckduoJpTal5M r9+cxsUX96FqGZo7ht/cl2O/cwotWfTkxPD0uL34gt3K3Oce50MfPJC/zHiFZS+N4+CPf5K7//Io ZhlYmVGjh/PRAz/LxDnzMSnTsm0lHz/wYHpfN4SpT41jn/d/gH3e8y+8Z6/3sc/79mXozTfzt/vu ZP/9PsJRJ/6SD+79fvbe+338+ycPZvaS1Ygpr8ydwRcOOpD37f1e3rv3Prx//49y2bVDyUTZtnUT hx96CD/8zrf52lf/h73fvx833nI7//vVIzjjrJ6Uq44rLjmP9+29F/vsvRd7770Pe7/vAxzwyQPZ 0trGjIlP8KmP7M++++zNXvu8n333/wT3jHmQtm1bOew/v8De//oe/m2vvdhr3w9z+tkXctmlF3Hg 57/ENmdkWYmnH3uAT314f/bZey/eu/f7+PiBB3PjHXehlnHHrTfwyQMO4MTvf48P7fs+9n7vPuz7 gQN4aPxEasXLYii2kbdv5rjDDuOwb5xIS7WWA19m2viH+Mi+H+BXPc7Di7Blwyq+dsh/sG9xLvt/ 9FPcM3IMIkJr0xZO+P6xfGCfvXnf+z/AUUd/m4M+81mOP/EkKlnOopdnsN9++zFy3HM487Q3reab /3MIvzj3YprUWLtmGT/4xv/wob32Yu+9389+HzqQEX95jNbM4/My3z3qCD6wz97ss/d72ft9H+DE k37K1Zf9ng/v9f/4t395D/+2z34c8Ml/Z/a8+Zx1zrmcesZZtGc5vnEsB8XM0da2jfN7/pb99/8g ++//IX7yk1M4/fTf0NzcEqMACoHe0rSGY4/+BVuaFyAWw+4JjrVrV/LRD3+ID++/P1/64hdZvbkJ bxReU4dzFSY89Rhf+8oX+eB++3HAJz5N38E34lXJWzfy3186iC8e+g3+9tjjfO5Tn+CD+32Ui68s ohQkY8mC2Tz1xDh+8tOzePb56UydOpUZM2bskUA3FSqlVo484ht86IP78cH99+eFqdOjB11DTBtQ z4RnnuDLX/oCH/7w/nz3+z/itnsf4MY7R0fvueVvO4FuEshdE8efeAwf+cinWDBvKX37Xc1HP/5x Pv+l//r/2Hvv6KrqrP//v+/6rVnjjGNBQh8F6TAoRUUsiEgHAVFRQUEUBEFQ7A1UFAE7FgQRKYoN VMoA0iGNUAMhPYSQXm875dNevz/OvQEUeGbmmUdd5LzW2isSk5tzzz3t/dl7vzcFhaVopTl6aC+3 9+tF/cvqERfXgAmTp1FRE4qaFCqKi3K5qUd3GtZvQLMmHfl02WvcN24sUnueAsk7t9Ky+d+Ja9CY kaMeRQpZW6YuHJsB/frStHFjft6wmzdmz6Bp00Z06tiD4qJKpKjBCpTx0nNP0axpUy6r34AePfsQ n3LQK1s3ikCgmjvuGEaDBnHExcVx79hxjBrzILbjIhybI/tS+O7LpYwdO5pdu+LZtTORfXsPIaVz TrM2oy1+WreMuAb1+ezT5SgVYvbc57msQVPuuPteLNvGKIfkXVto3LAJD46bSOqBg3T5R0fq16vH q7NmI5TmWG4mnTp1oH79OFq3vYr03GOIP1g1hY+Pj89vjTGx6sloi54r0K6pbdvz8TkbtbrKKDyD WeEL9FM47wW61pqKXbuoOZiCUJ4TudYy6uJ+5h5CSyhsGSsXPmUE2r/5t2MriybWw6nDvPfaC8x6 820iUfGupSQSDPPspElMuP8Bel53I6vWr8ExgrC2WPvNR3Tocgs55dXRDJ6s7SdXjkHY2VzXuSVj H36WoFAIu5LHx93PNTf04ljIRsgAKxfO4dJmbdm+JxNpXCqrcmncoD5PvbaAYCRIXm4at17TkSF3 jiT3+HFqagJsXP4Jl15wEROee5eqsnJ2rP+J5nH1mfzOQioqC7mqXSv6jRhP/vF0Kiuq+Wjuq1wS 15hdew5RWZrHTe1a0+jvrXjv4yWkHjpIwfEj3PyPttw99glCrqKi8jjH83I5lp/Bi888Sr2L41i6 ci2WcKgJBUjdv4eqkiJKj5dwy203cMfoKVTYgpJjh7hvSC+69RpOas4xykvLeX7aBBpf2ZlIyOFA /A80i4vj4adepaC0nKL8QwzqeS3N21zFwYJSPn//Ver/+VJef2sBRWUVFOUeoNXlTRkx7qlo3/rJ DLoVKue2Htdy6aXNuLpzN667pjNdOnUkrnETxk5+kYyCYoxbwYQHR9Dt+r5k5pdQHSjgp6/m06lb b/Znp/PKsw9yxZVdWLtmO8FAOWtXfcPfL72E3kPHEHZd0vZt5m8X/Jn5m3bgKEWoMp9bOnVg0CNP Um5VMWZ4X27pN5gDxwqoqSlj6aL3aNa8C0+/PI+jBzZw2SVxfLn6R6qrA2RlHGHT9iQqy4pY9fUS LvjzX3j8xdc4nn8Cyw6QlZlOVlZOtGzYjd5YtTdFQISZ+9oMJj89k9LSMkLBKhJ2b+fO4SMprwzg KonSDkZbhMuOMejWO6gqK/cMCQ0YpZFCceJEIWn74xnc+2aOlxailMDVGm3bZKYlcn3P29i0I4mq YDX5eelMGvsA6xISEUpQWJDGVa1bMH7iNHJKKijKO8rjD99PbkkVjmuxZuUiZr/4NN1v7s2Ls+fw +htv8uGCz4gIbxrBuR4GlAYhBaWlheRlH+LBYX3YsDMJrQWW8ea4RipPMHDAcDbt3E2wOsCBfVsY NLwXby/4AUvZVJXnEKmJILWNdiURaVCF+dScqCIgo20Y0qCkibbHCK9iQCuMMES0RiiBFgJb2oQz s3FCYbTS2EohpcCSQXR2NipxP3Z2LhEnQsCWSHWyn/zU64trvKqHSKSakUP70ff2cXzw6RLKq0oo qwygHIEdKmL8uNEsWPYdRRXlVFfk8/wz03j9/Y8IGXCsSp6Z+CBLvvuZqpoglRVpPP3IKIbf8aBX Gm4UbihMwYl8PvpgNgOHTSEiTNRkzkFqiFghRvbvxcCRY1nw+RIqqqsorQ7gCM+74uvF7/DI9OdJ LygiUF3Khh+/pnf/gRyrDqBFDTOmT2L2h4vIK6kiVF3I+jWr6dN/MAFHYUVCfPn5pzz3xKP0vW0o L8x5h1mz3uDzhcuosRxv0saZrr+AUDZOpIpvl87jmfmfY2lJJFTN1/Pn0Pf2+6gOO7hCElSK/Ylr 6dblVkaNnkRGbh7VwQqC1UFsA8IRnCjOJyM1meuvG8m+zDyMPNtoNh8fH5+6gfe8BFJZCBlAOoZK 6aCdIKa2RelM3iE+dZ3TfWk0Ilod6kjlu7hzngv0WAls5e7dhA7tRSlRK9Cdcwj0nfGJ/Lx9J47r uTzDfybQ4VSBrjA6witPT2XO2x8QVAatBEq5aA3KcVG2xdZNGxk0aAjVloNQNj+v/oIrWnXlcH5R NNskTxqKuS4pCT/xtz/9haVfrqKgupxARTlfLl5Aw8ZNWb8/lYi2WLloNpf+vT3b9mQgjKCi6hhN GtTnmVkLcZVEWOX0v6ELd455uLaUftOyD2lQvzErE1PRyuVE9iE6Xt6Mkc/OJf1IEpfH1Wf2R0tw ZRglJdkHt/LnS+rz5ff/pLzkGNe3b8sN/YcQktHS/socbvlHG0Y+OJ2IqzE6gBIRco8m0qRpE+4f NxXHcbGUIFBRwIyZM7lj+Ahuu74njRpdSp9h46kSGm2V8NDIQfTocyeVlo3W8OK0h2na4iqsoM3y BW9Q76JL+WbTdmylkaKSD2c/R70GV7B9fzqff/AKjeo15XBeCZYQaKeM666+igF3Px41YvMuCLUC /YZruLx5G55+/nmef246HVq3oWevPhQFI4Q1GLeKm7p3omHTdlzTYxA397yBXtdeTeNmV/DjxrX0 7XE1fYaMptqSaGXjhirp2vIKeg8dGxXoW/jbBX/mw03bcaQkVHWcWzp1YPDEpzleWUyvrp1ofHkr rr1lEDfddAPXdu1IvUsaMvr+h6muPs7V7Ttw7c29eXPGDNIPJlMjFBErTMLmVVz4pz/x0twPon3B tie2pEbJ6NgpvKywbUBGihgyZAhVgZpof6+DY4X4+svvCIQshI6Keu0QLs9n4K3DqSqrxI4JdB3r B5dUFmUwrH8v8kuLUEp4It522PzjF4x5aCIbtyeydec2dmzfyJxXZzBm6jQcV1FVmUOnli34ad02 IkahrABvvPgYqXnFCGVhZBk1ZflMeOxZqh231rfAiZrQnEsseb33CqlsHLuKKaOHsWFnEsa42AaU dMlPS2HixCeJRL0QlCzjy2Xv8v6nq3ClRe6G1RyPz0BIjZIGS2kyVn+P/c/dSCFxjMSJ9uFpE/VS cKRnpOcYpDRopRFSYwePs6r3ICp//hktNGHtlYqnfTWfH8Y/wIbHn+C7qU+wbc4HWJURjDzduT72 oCOMQEgXJW3uGTaAR6e+iqs1QllYSmGkJP3gTkbePZx1OxLYsms3u7dt4IfvvuTuMeOpsG0Clce5 7boeBLVAaIFWQfZt2cTd9zzg7TOjUK6LUIIvl37CwKGTTxlpKDyfASUYOeBWbh18HyFHIlwn2ueu cYKVPHLPQD78fBkbd8azc/smErb9k2F33kNKZgGV5WkMuKknlY4gojTGEQRrKlnw2RcEnZjfhUV+ 1kFmzniVGo3n6eBoHM05BbrWAqMsNq9ZxDPzF2NFt3nD8k/oN3Q0NWEXISWWgfRD22gY15r07AJc rXG1hXIVrvF6/YWyCZQXcGOPe9mXmYeW/pOmj49P3UZH73lKuigVwTiG4uRkcn5cHRXoUc8nfHHu czqnCnQlBVIpjheVsPqnNXXewR3Oc4EO1Ar0mv3JntGWsv9Hgb542Zcs+mIFQqr/VQa91jk4OqbJ aIs3X3iSN+a+Q9iAMS5aO7hRUayFTcSq5IlHpnIw/ThKhtn4/TLadLyOjMLS2h5YHRP8ooyXnprK hX++lIsuqcdF9S7i4osbcOnF9an3178wYvzjVCiXbz59k7imbdmekobUitKSPBrHXcZTsz5GaIUI FTHghs4Mf2A8wegIus3LP6RhgytYuTcDpW1O5BzgH5dfwahn3iXryG7+Xr8+sz5YiFDemKr0lE38 +aLLWP7dPyktLaB7h3b0GnY3QenNna6uzKVXp7aMHDMN21WgA2z8YSWtmzbkocemUxpxkMLBtoLM ePhO2nW7ju37DlGSn8vgvt25bfBEqlyJtCsYe9cgbuwznGrbG5n38tRxNGvRETtos2TBHOpdVJ+v N2wh4kpct4Z3Zj3HZXHN2Ln/KIvef524y5qTdqwIoR2UU063jl0YeMcTpwl0oTyB3rtHN665vifl gRBShlnz3fc0rN+AN99eTEBojBuiZ4/O9O4zlIKSKgpLT1BeeoLC8hJKS/Lp170LvQbdRantGfZF qkq5usXlpwj0bVx8wZ9ZsGEzrtZUluXTvX0bBk14ivyKUm7uejXD7x5NXmkFpaWllJUWUlJYQml5 DUJWUVpUxHfrNzJ/9mx6XdeZfiMepspy2bP5W/72//0/XpjzftQczhNYQujo+EAXY1yMsQkbjVNz nAGDBxOwLLRUaOWglUAK45lkxQS60gTLTzDg1qFUldZga6LlbTJqQmZTWZrO0P63cKy0GKkEttEo 2+af33zC3SNHMuOV2cx89RVenfkSb7z8El+sWo10BZWlOXTt1IH0nHxsrVB2Ga+/9BSH80txtI1R JVSVHeORKS8RcIS3wKVPcYg9R494zMTOyzZXMOneoWzYmYjRbrR1wSVj/26mTH2BsAZXSbSqZtPq Jby7cAW2ilC1+htKdx/BUi6OlkS0IH3VSuytid7sd3WyukUrjXE12vH2n1IKIzRGGlytyVz4Hpkf vcfm6dMJuRJpR1A11aRPfhVdU4MQEhWyiRzJJeiGvTLuqD/Cqa03yjhI6SKlzb0jBrJu8x7sqHGc rb0M/oHkzQwacBsvzXqDma/M4rUZL/PqKzNY8MVyAq5DaUkOva7tQUi6UUNDh7SEeO6/f5y3CGI0 ynVwpWTlsoUMHjbRE+jRa5xnDOlw58A+PPfucmxl0MJGK89oM1xTxajbezPpscd56ZXXeWXmy7w+ 8yVmvjqL7KJyiopSua17D4KuwlYK4yjvWiA1EeEZ1ClhkZd5kBkvzaBKSYR0kY72jC/PMUpQKq/q Y/O6z3nhg0+xlUIrwbefvMttg0YRtFyUkggDRw7uoGevEdhaYyv0lc02AAAgAElEQVSJ1C7ajX5V GqEFwYrj3NjjbvZHBfpp7u8+Pj4+dQxtJMJotNBIo5DCcHzRQvY+9hhGCLRSvkD3OSOnCnStFFJp Dh/N5I05b9UaxtZlznuBDlCxazfV+5KQ/2IG/fNlX7FoyfLaWczwHwr02NzdqEBXKsJXC9/mpVdn E1QGIcKsWfMdx4qKiAiBcG1SD6cwavg9FJTWoITF14s/5rqb+lMciCCkW+tAr7VL+sGNXN6oGW/O XcDx4nxOlORxorCMwhPFfPH2KzT7e3s27Exh549f0jSuCa/Pe48jRzNYtOATLv3bX3nmjQ9xlUaE Kxk1pDcdu93AntQ0iiurWLfiE+Ia/J2v92bgSpui3CP844rmjHn6bUKBAm7uejU39xvC3uQU0jOO MOO5qVzWqAkph7IoKz1B944d6D3iHkLKywxWVebQ6x9tuGfMY1i2IPNoAl07tKHtP64lcc8BjmTn kHrsOKGqYh6/sy/tu13H1pQD7Pp5Ex1aNaX/kAne3HgnyPRHx9KseRt2xO8kt6iUl6c+xBXN2+OG bA4f2kXrFi0Y/eAkDqQeITklme5drqLjP7qSU1TGwvlvcllcCzLz8tHaRoogXTt2ZdDwabUC3QCu VFjBMvrccB1drh1AWcATQm6okikT7qZJs8vZGr8H5QqenDqOJo0uZ836zaRlprI3ZR/f/bCFSKCS t2ZM5vIWLVmw4gcyj6ay+OP5NLv4b9w27EFCrqDwWBqNL7mYeyZPJiM7h+UrltD4ogsZMn46lY7N xAdG0bJVB75fvYasrGz27k1i0dcbOVJQTXl+At+vWktq2kEyM/KY8eKTxDXtwLHiSlKTfqbehRdw 1/3jycjMJWQFyc7LJSMzF1doT7gYh4jRGFVNWLhMnjiBhd+tQ9gOQthUVlWSkLgPy/ZmPksRIRK0 KCnIZOBtgynJr6DSsrCUZ2anhI1lBTlx/DC3D+xNdkEuoXCIkFIoR7B31088OnkSJWUVuFLiuILK kkpOhMNox6G86CidOnYmLes4rgzjBMuY+cLjHMoqICwttKogVFXIg+OmUl4dQAqHouJiiktKo/1v 8uxz4qVECoegFaI6UMbEe4eydstOrHCAsJAIx6K6OIt+/Yew98gRIpEgeTnpjL3rduZ8upAyFaZk zUpKV64mkr6HSNoBwmnppH/8EZXbkwhJ7ZmQKeO56RvPMCeiNbZyCZsItvIM25yqElJHPkE4L5eD 731MIL8cGQ5jWVXsffplinYmUlNcgQwFkG4A1wmjpMXRtMPkHsuvHannVS1YKNchGKrhnjsGsGFr CsFwANuJEFEOQkYoL8rjsYkPkZWfjeu6SFdSEwpRXFmJqwS2E2Dk0P5s3b2fcMCiInCc156fztCh ownbAlsLhBUkEIywfPEnDL59HIGQRdB2omaFDk6kmmED+/Pagq8JWDaubXmTAzQo4TBn5nN89+3X hCwLpRW2FaKwpJCQK4mEwzx49xB2JsQTjrhIN0BpWRk7k1KwpZfx1lpwPPcoz05/jjLbwXEsThwv oqCy+jRH+V+itEAqi10/f8mk516kMhiitLSEyfffRe8B91EZsr3JDq5kf9IWbus7khrboiYSxhES ZQlcFUY6NkErRHlROj26DyU59ShWMFxr2BhzxPfx8fGpUxiBMF5VmWugxkDh4vmkPTbFy6BL+T+P m/Wpk/yyxF1pSMvI4vU35/3LE3rOZ+qEQK9MSKAiJQGl5W8s0EV0prXncGm0TdbBHUx8/CWqhcZ1 Qnw8/y3adWjPgw89xPgJj9CtS1c++ehDpFY4UjLn5eeYNP15IsrLVKnoOCyjbJ5//BGubNmR8rCF VDbG1UhlI5VNUc4huvyjM3fe9xA1ZWWMGjaUevUvI65BE3r17E3zZg14Yd5H2FLhCMk/v/+CJk0v 57J69Xjjrbf56bulXNG8JT/sS0dJTXFOJt3btmXcs29iiQi5GWlc070bTS6rz2Vx9bjyyiv5aMFH OFJSWVZAr66dGXjPaMJSoqQgUHOMAdd2YuyEp7BtwbNPTCDukvo0aNyKepc05NLLLqVpiytJy0zn UNJmWrVqRf36jencsRu39OzC0BEPE7YFQtgk7dpAy1ZtiWtQj+H3jmXmk5Np26ErViCMK8pJ2r6B Dm3bU/+yOC6Na8i1Xbvww+o1RKRmyYJ5NL28Lbl5uQhp47phbrzuRu64d8qvBHokWMaQ3j25qedg KkIuUkqMEyElcR0tmrfgzvseIhxxCFTncc/wYTRocAWXxV1KgwZNGHHfBMpKywlXnGD0vXdxWVxj GtWvz6g77+Sqy5tw27BxhFyBcYPcP+x26jWKI65BQ27odTPXX9WJOx99mhopqS7KZfSoMTRu0ID6 9eNo0LAJ/YdP5Muf4on/eTkd219F/QaNaRTXiMZNm/LsjNnYrk1NuJJnn5lGo4ZN+PsVrUnck8SE SY9y/5jxhCIOKprxtoxnpCWUS8ahRK7qci1jH3iARyY8xC239GL0/eOxIg5K2uxPiefuO0YzdEhf 2rRoz90DhnP7iDv5dt0GhGuzbctmhg4dxuCB/WjTogVDhgzhjmEj+GbNOpSjsIIneGDMAwwZNJDJ U6Yw/uEJ3HDtjXzx0xqkXcIL0x6h6d+bcd+YR6iujDDrpSe55qpuDBgynL2HDiJEAG1XMfre+xg5 ciQTJ06ia7furPjm+9pyan2WniUtBTnZGYwafT/Dhg2ja6vm3HLbYO4cNoxX31yE4wqUVcZLL79C 69YtGTawP1d17sykSQ9z/Y038dX6HyhYu5L19zzCj09MZc0TT7Jm6rNsHnYP1oZkXOmN2guXlhIu LiZSWkywvISa0mIiJwoI15QQNgpHOpRtW0vi519jh8o5lridhJlvY7k2trKROQfYP2sGXz14P9ue e4aKlGSEcBFuhNt692LK408gdPRhR0mMjhAsK+OBe+6mfasW9Lz1dobfMZzpTzxFtR1Gaa8y5cP5 73Ht9dcw/qFxTHhkEj179WXmq7NQ0WvKrh1radDoCob0HUyv/jcxccxdXH/tDTz/8luEZYSF781l +LC76dWjO61admXYsBHcNXocuUXlBCtLuP+uYbRqeSWdr7+F24fewTPPvUC17TmdG+WQl32Ynjdc wwP3j2bio1O4Y8QIbrz5RoorKnCkJCVxKy2vbMl99zzAxEce5sabevLg+EcJ2Y53nTYKK1LB+DFj uHfcOB4aN5bu1/Tgx5+3n3Ume2w6gWtcTmQncs1119Gvbz+u7tyZ56c9QKeuvfjosy9whMOXny/n 9j69aHllF4YMv50Rd49i/cYdKEfhyjApCTsZfuddDBt8K80v70KfgYMYOfwO1m3egasMUnPK/aJu P1T4+PjUHYyShLX27iVKEjaQv+RjDj42BSM8ga5jlWW+SPc5BV+gn5vzWqDHPtyqffs4vOaH6Cxp 96RJnD6zQF+y7EsWLVkWFdX/JYGuDEY7OKEiRo56mKzCcpR0UCJEWVkxe1P2kJicQlFBKZYIoVSE sGvx/LQp/Lxrr9drGb0IxgR6Rupe9h5MI6AclHYxjsHoIEoFESJEaup+Ug4eosZ2CFaVkLwviUOH j1BRVcnePTtILSzySrk1KKeGwhP5JCfsILewkOLyQhKTd5EbsNHS4AYDpCbtYP+xQi8j6roEgiUc 2bufnUmJZJcUo5Tt9YbaNRxJjmff0aPY0kUrieuWk568k0OZx5BCkpeZzO6EBJJ3J7ErPoXdybtJ 2rOTciuClDbFJ46xN3EPpYUVpKYlcejIURwpEVKgRIDCklISknezP/MY+dlHiU85gLBchKxCO9VU lhaTkrKPxH0HqK6qREqDqzQlJ44Sn5JEOBKMzkh22L//AAcy8lBRN0kD3kxzN0jawV0cTN2PJSVK C7QrEVY1KXv2kbTvMCFLoUUlbiRIZlYuO+N3cfhoJlWuhSs12tJEaspIPZzAof0pBCtL6dLqSvoO G0fI8fpjIxVlJB3ez96DBympqSJ1bwp7snMJShctAoTDIbIzjpCQGM/hzGxCYYEtDUoFqSovI+Vw Gim7t5Oae8wTc3aQoJKEHYucrHQS9+wnEA6RkZ3N0QxvNJrUEh2txggbr5fedQNUFOexbfNmNm5Y z8HUVIJhGym9io2a6lKS4lNISNhGQnwye7ensCMxgeyiYqR0KS8tJTEhmaSEZJITE0hK2Epi/G6y i0uQQqNFFRE7wt6UZNatX8+2bTvJOppFtVQoWU76oSR2JyWSuHcfVliQkZZEcnwK8UnJVFRXoaWD EQHKinPZumUNmzZv5mh2LhGhENEZ8Gc7R7WShALVJO5JYlfCTvbt3sCuJG8796Ufw1UaowJYdoj9 +5LYuG4NR3KPUVpTxd7diZwoLKBi7WpCWw+ghY0jbYS0yf5mJeHNCQgpsMrLydm8lfwNmzj+z43k bdpI9s+bKVi7ifLDh4kogR2oZO9Tk9k69il+fmI6ux+ZTPLVvcjPzMF2XYQtqXEsVGUpkSMpbJ04 nUBhMcIJs37dGj74+FPc0wS6hbAskhLjSU7YxI7de0hM2MWB/QcJCRupBUpKHNsiO+comzetY8Om TexPPUIoHEFGx60JYZGWuY/N/1zN1t27CVUVs3dfIofScrCURV5mKgnxSSTGb2VXYrI3GjHlAJWW i2sH2ZuwjaSkJOITdhOfEM/ew0cIKB1dCLVQToiKknx27tjK2g0biU9OprSsxPPA0GG0oyg6kc+2 bRvZsO5njhxNJ+QIT/hqEV2cjFBQkMm6rT+zZfMm8vMKCCt5DiMZjdIS1wiMLONA+hE2bdzIodRU AhU57Nizn8z8EzhScDw7n727t5CwO4HdSTvYlZTI8cJylFA4yqKyvJD4xHiSEjcSn3CAXYkJJMXv pqCsAld7Jkmxv+kLdB8fn7qCUZpqrXG1RLsuUiqOLV5EypTH0UJ6LXMxY2NfoPucwq8Fuo4K9Ll+ DzrnuUCPUZWZxY6576Icz/HXNgotzu4O+PXXX7NixYr/uoOg1hopJQ8++CCrVq36VY/FyZEDLkZb FJcU8uSTzxEKhv+r2+Hz22MMaGnhuqV07NieQYNHE7YdlDn7iCifcxAdy4ERaO1SUVHCsfwcCgry KSgo+FWUFJcjXYOSnnkbRp3TUdbWGulER7C5mpCIEPj2R2p2H0Arg1IaR9rkfLMJe0sKWjtn3kwD RnqO50EZJLgziZ3jplF2JIeC3Fyq0o9wYPFi9r4yFxOpIpB5nMqaCkKBIuzMDNZNe5bqwjyEcFi5 ciVbt279v9unf3CM0QgjvAc97bUtaBWgpDjvjJ95QUEBx48fp7q6us7f6H18fHz+TzDKm18tDUIZ bBOhcPlXJL7u9xH7/HsopcjKyuLdd99FCC+BWpePnzoh0O2KMrZMegarpgrtSpyYidNZPnittder +V+8uMTKNbTWJCYm8tFHH9X+jRgnBbrXK596+CCrV/1IHT4+zxs8oWYjRBXz57/PihU/YbkCdY4Z zj7nQoOJjh1ULnPnvkm/fn3p378v/fr1+1U88fizuHbMwV7+jwJdG4kSCmFA2xpLuuRt3UbpvjSM MmitsLQga/02qhIPIMyZq3FqDd2UIuiE+eG1eRz/cQvaUkSkQIswurKEne99jHRD5Py4moRXX2fD 40+x9a23yduZiF3tIm2FlPK060VdwxiNik2x0KCkRIoA4x8ec8bPvF+/fvTv358VK1b83pvu4+Pj c96iDLgGb5SxcHBkiJCM+GXKPv8ysQSmlBIhxGmaqa5SJwS6sMMcHP8MNTkZaNetdU0/m6GUUt7D 8H+7xCL2WkopXNf91eufFOheKb6QLlIoX6CfB3gu4gKjI9FxZybqQF635zz+50Qd96OjByOREIFA NcFggFAo9KsIhyyk8Macae3NEz9VoMfOw9qvykUpQcRotK1xhMSybHQkOhZRa8JGogMWdtjCMWcW zjqa7TXSYAmBUxrArXZQjiaiNa4RaGkhKgLezHhRg6ooRhcXIQOV2EriOt6MeaVUnZ4Laox3vnjj 00ApiVYWoWDVGT/zYDBITU0NkUikTt/kfXx8fP6vUAa0MAilsY3A2AJhS1ypfJHl8y8T00Oxr/4c 9Doi0I2RZLz0Numrv8UIy+sZNGfvQY89CMdE+m/PyT5GfyzF+UQ0exsTh7Hv+fyH6DPEmTk9W37y 57TSOI5TWy0jhPBWb6XnHG4ZjXa9UWlWdGSi1KCU8cS7VAilEOYss7iNxo0KdKUM2jE4yqBcg9Be 1gE0xvXK6V1pTjGBMxhpkOfora9rmF/uZ3P20Xo+Pj4+Pv+3KANKGISMCXSF4xhc5Qt0n3+PX2bO 6/pxU0cEuubE7ni2Tn8aYVV5hmtKYc7S/xt7SPdNCnz+25ioIIsJdZ/fijML+Ng57rouruvWllnF Fua0jpWoe5MYtAZHg5IGYUBKT3AbdWYJraX2fl4ZtDII12DHXjP2+tIT4jr2c9p76HEMhLUiYgTq LAsAPj4+Pj4+vx8nx4oqZXC0JqgjuNrxRZbPv0wsMRp7Hqvr2XOoIwJda41bVULSlOmESwuwNUgh Udo5JYupMcbLbGZmZpGWdvQPItB/77/v89/h5PFltI4anCm/QuI3Q58106q1xhWCVatW194YlNa1 4tkb36YxUavumEA3eALdlgYjzibQDa7yzHPUKQJdah110ff+xskxNA7aOBgj0Nrrx1JCntUvo67x y/PFP318fHx8fj+MlkgjvUVroanSgsCBwxRvS/AqUVXd9U3xiaFPJiSU+dW4PYPXNuhKSXlFJfv3 H/Cz6NQZgQ6ODpP77Wpqft6OrRSOEihlR3vRXbRx0UZipGHxkhV8unipdxD9b8as+fj4/MGJim4p 6dmrDyHL5n8sl/8f/n2un49lzs/+O6eX65/LyM7Hx8fHx+f3xEhFQGtcraItX4Zjny9k/2PT0FJ6 I12jVWNa+8/RdRGjFbZS3mQcS1ElHCJK4QovcaGUQRmNrTWHj2Yy6425p/Wj11XqhEBXGrQtqS4o YN34aUQK8xHCRUntlZcKjZEyOmsXPlv6FYuWLPcepH2B7uNzHuOd37ZU3Np3AOF/QaD7+Pj4+Pj4 eBNKIlqjtWduXG0gb+nHHJwyBeMLdB/AKI0rNcqVVBzLImKV4UoL4XqiXAmJFgJHCo6mZTDv9Tl1 PnsOdUSga6ORlibiSvZ+/AknFn+GcMNIaZC1M3W9PlBlYNGyr1i4ZJlXfuoLdB+f85bY+W0JSa/b +hO2HeDsIxh9fHx8fHx8PIxRuEajpYs0FkENBYs/JtUX6D5RjDJElMZSEfY89yxpYx6mavcOXCeM 0C5SS6TSaEdzJCOLmXPnnObmXlepEwIdNI7WKEejrQB7Hn+G4r0pCOFiaUGNkQh10qhp0dIVLFnx NUKq2rnDvkD38Tn/iBmSBC2bW/sOIBCKeOO7zjKC0cfHx8fHx8dDnSLQtY6gXEPeZ5+xd9oTaNdF GeUL9DqOUd4YPiHCZEyeSuqVbVnTqQu7xk3BPVEYzaZLlGU4kJXDC3Pn1Tq612XqiEAHoTVaKLQW FO3fz4ZHn6Y6Lx1lhQhpB6G1Z16gDN+vWcfK739EKIVSvkD38Tlf0VohhMByBQ+Me5hgOIKUAr/E 3cfHx8fH59xo440ZVcpFKgsTMOSsWUPSW/MwrkBpz3TVF+h1F2PACINxLQ5Pnc7Blq3Z06oNB5p3 YOeAOyhYv4ZIoAIhJFkZx/n0k8/8DDp1RKAbQDsuSlkEjCYS1jiZh/l2QH8Of7gA7QZQWtZm0G2l sIREKoUUAhM9SDxDOT/88ON8Ca0kSkocqQg7AqEUUgqMVr/7tvnhhx9++OHHHzqU9HqMtYslbbSl qREhdLgcLQRSe0LLqJOu3L/7Nvvxm4bSGqE9c+60ac+S1aItu9r8ncS2zdjf8nIOXNGe3TcMoWzf PiLKQSpZO3atLlMnBPrZUMEQxzZs5NDsd1k79RnWT32SrY9OI2nsOLYMGcT2wf3ZObAPuwb1Y9eg AeweNICEQf398MOP8yTiBw0g4bTzegDxgwYQ/wfYNj/88MMPP/z4I0fSwL4kDepH/OD+xA/uQ8rA XiQM6sfOIQNPub+eGr//NvvxW8cAkgYOIeHWQRy8qivxrZoT37oNR1t0JLlVB7a3aUtyqys51Loj Gx95HBWxfm95+IegTgt0VwuEEuigg8ovRaYfw92bRmRbAkfmvEXGvLfImjuXrLlzyZz3Flnz3iJn 3jw//PDjvIm3zhK/93b54Ycffvjhxx878ubO5fibc8ibM5djb87h+JtvkvfmHHLmzsO/t/qRM28e OXPnkj3nHfLmvkNy34EktmlDcqs2HGrZjp1tW7K3VTsOtOlE6h13UbR2DcZ1f295+IegTgv0iNZU abA0CO31qUutcJTG1RpHShwpcY3GNt73tPDDDz/Oq3A1SqjT/v27b5Mffvjhhx9+/MFDSok2FsI4 aK2IGHBkBGNZaEedfj/17611MoyjsYXCliHSpjxOVotWJLZuxZa2LSlo3pp9PQaQvXEdIVmKUpFa 76+6Tp0W6Fp6zu4ietEwUqG15GDqIQ4eOoAUIYwOgw6jjIXUFkJF/PDDj/MkXBnGlSECVpDPVywn ZIdwRQihwr/7tvnhhx9++OHHHzls5WALQVgJLGGoVobiI/so3LIJKbz7qKsiuCqMf1+tmyGlg6MV QobZ9/hUklu1IqVlaw5cdT0pM2ZQeSwXS7pEpKCspIrEXSm1JnF1mbot0LVGKYVtFForjPLMDBYt /YoFny1HSo1W2nN31968dKmMH374cb6ElEipCdmCnr2HUBNyUEKhpP79t80PP/zwww8//sChpMFE FEIJpK1xXUPOZwtInvI0xvbmWwulEEqjlEb9AbbZj982hDJYWqNci9Qpz7Cz4zUkjHkIKyEJHbFw hSKiFWEpST2SyazX3/YqM7Su0yK9Tgv02Fg1x3jiO+bivnDZCj5duhypNVpJTnN0Bj/88OM8Ca0l UgrCruTG2wYSsByUcNFK/O7b5ocffvjhhx9/5FAGtHAJGQvblUSM5MSSdzgyZSrGlSglkUahjMIY hTH+c3RdC61BSoO2JDnf/kDF9q24gQpcJXGVRgqFFC5SRDiSkc2sOW/7Lu7UcYF+NpZ8sZzPPl+G 0l6WHSPBuGDE771pPj4+/0VMdARMRCpu7DOYgO1gtMafg+7j4+Pj43NutPHGGAvtIoQhZOD4kndJ nTIV42qUVJ6IN3jzsM3vvcU+vwexbPgvRfepx4RShqPpWbwx++06nz0HX6CfkS+WrmDJFyuiKz8a jPLEufGNC3x8zi+8m0BEKHr2HUzQF+g+Pj4+Pj7/EsaAsQUhLbCUQRgo/PQjDk95EiM0WipPxPsC vc5zJsF96jGhNaRnZDPbF+iAL9DPyM9btvLzlm2cvI7Esuh1u9zit6Kun5Q+vyXeim7EFYy8/0GC lu35UfjHoI+Pj4+PzznRGoyQOFrhKoM0kPv91+x94y2M1GjlCXSDL859TicmzmNJEaU1OTnH+Pjj hX6JO75APyMGai8ocPIA8h/afxuklL6Do89vQmyV1hWSopIyXCHr/E3Bx8fHx8fnX0Eb7z5qlMG4 BtcoIqEy7IpytPKzoD5n5zSBbiRaKxwhqa4JnrEcvq7hC/QzcEaB7pfm/GYopWpFuo/P/yUxgR67 Gfg3BR8fHx8fn38NY7T3vKyMJ8iNxNES1yiUL859zsFJXRUT6BKlvUy6v7DjC/Qzoo1GnnKQ/Kfi 3HAy8x4b02aMxkiHsC0xWqC0RBtQSmK0jZISVyvv+zKM4ziewYZWYNRJZ0TjGVwprTFaoEUEaUBr ET3IQSp9uvv8Ke/h1O+fud9WgxEYA9ootPH2A8YBI2sXMTjl972LdPQEi16wlYm+Z4P3e9GefhPd r945qGvdPZXWZB3dx8pVPxEREq1cXANKhtDaQmowRqKNNxZP1C6kaM9tn5MLLMoItFZIE9332omO 0xMYpYlojdHeNulTPuPT97F3w1FGY7SLNgpldHSfeJ8BRmIFyykqLKQydC4jwV/2Nkf/2wgwCq2l t0+URmlvnwvhUlF8nKLKoPcelIp6IngR6+0itr2nHHex9xLbTqNV7fd8TqKUQivv5qCjZVX+zcHH x8fHx+fcGK0QRiM0OEajHYkjNELr2mc6Vfus6eNzOjGBHtMuQp1c2Knrz2G+QD8DQoOrYgL9pKj5 dy8wOiqsjVRoZZAatHZI3r6Bx56aiRMJYCsbV2uEtHAixcx78x3W7NyDLS0Sd65iwaJFhIw3Dspo F2W8sRZGa5QbxhYSaVex+uvPmTT9WcY+cB/PP/c0u/fsxRLe3EmjVNSR/mQYJTFKegLZSH4l0o0E Hfa227hILdDSgK7xhK4BEXt/2hPXrgEjbFwtsTUY1+BojdYuRmkwoei+iKCli3Q1Unj7WGuBMRIp bd599VGGj51ElZBoGSKkNMlbv2X8mDH89PM+hLaQxsU4knDt/pAYJaLC3AthLLR0sISNIwVS1iCk wKopZdqjU3nmnYUIN4KRAlefFLjyVEMTJRDaxjYKrQII7WAbhdQOUnuLLY4b4NvlH3FF02bM/WDl 2Y6GU4wGozer2EKFttBaIIWNkgIlNK4SCOVy4kQ+/Xp0Y/DIRwhaAiVF9FgQGC1RBqSJLjQoXfv+ Y6MBvf/vLU54CxTe93w8YhlzpbxxMFr7fU8+Pj4+Pj7/CkZLwkYhNNhGYyICRylc5SUdlFHeyGK/ EtXnF9QmwqKaRiqJMCD81gjAF+hnJL+wmLwTxf9rgR7LfNcKdOWJvEkPjWXZd+uR0kUoB6UFSgTZ uG4VjRs04f3P1+BIh/LCLJ5+cjqlIcvLGGtRKz69nh+HssJchgzqx5UtWzJhwgRmzJzJqPvu4+9X XMmW3ck40vs9reUpmeXo758Sv8TLbrteX5GxMdr25sQb1yc2JzUAACAASURBVHtPRp8UisYbo+EY MFIgtUBoMMIgtYsyNtpIT6ArF+GWMfGhUTz1zIs4UiGVQUmFUTblxdnc0r0zi1etxdYSJV2EDDP+ gbv40/+7kBH3TaHKcbxqA2VQRkYzyNpbBCA2d1EhlYVUNp9/+AYD+g4kNS8fKSU1lYU0b9qMm4fc i2NH0EpGqw+iiyommtHXCqMkUklco9HKRmqJMApdm41XOFqya+taHh4zhu/W7T7HERGbCHAyjJHe exAGoyz27dlEz1v6smtPKkIJyitKmfnkFF6Ys4CwIxCujRsV3Tp6fBrtYlSkdqGkNoMeq0owRBcD 5Mlqin/zWD5fOSnQFcnJyUgp/RuDj4+Pj4/Pv4AxCttohDRYRmGETaTgOFXpWSjlVTEqc7oY8/GB 0ytVvZG3ippIhMzc3NpESV1+HvMF+hlYtGQ5C5cs/18LdBkTe1pGhYCNG8zn/tFjyS8LIrVCShut whzan0CP63tw9T+68P6SrQgpUXaYZ6c9zA8bd+AqHV2N1LVl41qEePfVp7n44jjWbt2NcmoIK5ew HebAwVRySspxtcIYCyWDBCNhHOGijMYxeGVH0vZEvwYhXCKREEp7Il7GBKCysCMBbMfB0WBpr5Te yADSjRAIhwi7LrbW0TJ+C6UiaGlQKkQoEsAWAqE1Sglcq4x+N3ZmxH0PEHQ9508jFcYN8N3y92na 9HKSM48jtIurBGnJ67myRQsmTJ5Gu3bXsGZnElpZ3nYIF61dZG2mWEYzxQKhLbQIMvuFyTRrcjn7 0jNxpKK8ooDmTRrS8/ZRRBwb27YI2xbCgNIqWsZvo7XAilg4YQcpNVqZ6DEh0Nr1yqKlIWxAyBBK WISljparq9rqgphQrjVT0V71QiQSwXJcHKURUmPcahI2f83F9Rqzbms8Qrq40kbblZRJhaMERka8 G55WhCIWrhNBSTd6XIja964MCCWwrBqElAgd/by19C6E/k0yikZKieUKet3Wl2A4Urt45ePj4+Pj 43N2ZLSKTwpNxCiMiZD1xSJ2PPUiyvUSOtoX6D5n4JcCXWnNkYwsXn9zLkKIOj9qzRfoZ+DzZV+x aMnyX/Xy/icZdBMT6EZjtEN6yiamTn8ZS2qvN1pZWOFyBg8axMpvvuGu24cy/4utKGXQwubdWc9w /4QnCImo4Kt9XYVTfYz2LZpw+z0PEVAaI8PYWiCipeuu0Uhlc3B/PMOG3s6VrVrSrWtnZs6cQYXl 4kjJso/epXe/EXz7/U906Xw17dq25rnnXyTsGoSUFBZmM/Kuu2jdqg2du3bmjbnzKQtFkG6Q3Vt/ YuDgQbRs047rrruG79f8iK1h774d3HT9Nbwy6wPuGTWStq3b0Kf/7exLzSW/oJCBfW+j2SV/Ja7J FXS7vhdz3/sMpTTCquLe2wfSskN3qmyJUi6uE2Ly/cO4te8wSqvLuX3wAAYNH03EsghrgXYkb77+ MgOH30WVrTHKpuREJv0G9Of9RV/w2rSxtGrWgAv+ehFdu3XhoUnTKCjKoXXThtw08G6mTX+a9m3b 0q1rV5Z9vxZbSqQIUV1ZxCMTHqZVq3Z0atuRyY9MoqSiCqUF2zet4aabbuDHn9YwZvSDPDBhKlt+ XsuN3bvz3fp4KivKuGPYUG7scT0333gDPbpfR48eN/Djuo04jsOP33/DwH59aXnllVzV6Rq++Oob AkLxyVuz6N6uNX+64BLade5Kv/79SUpM5JH77mTaq+9jSRcjK1nz/Zc8MHoUrdt1oH27Nkx9/AmK bYOrJQeSdtK3V0/e/Xgxt9zam/ZtruSuESPILinDUjqabXf8MvdavPPblopefQcRtBx+7RXg4+Pj 4+Pj80tiz6NCSi/xY1wKPv+QA49Nx0jP1yWGL859TqX2cIi2e54U6PPqvDgHX6Cfkf+WQNc6tjIk o9lTyZL5s3lp1hyUlrhaI0WAN2a+xLsffkbQsrh3yBA+WLI2mrG1WL10Ad2u60tRTSR6odO1F8SM lDX85S9/Y+YHX3o91FqhjVNrNmaMRU56Cq1bNGfQ0Hv4bvVq3p79Ks2bNmHS9BmELJt3n3+aCy++ gmEjRvPTj6t5ZPw44uKasH5zIuFgNaPvHUT3G/qw/Juf+GzpIh4Y9RAZ2TmUFmbTrlUL7n1oIt/+ 9BPvznmFRo0aknAwg9071nPRny6gbac+fLLoM1Z8/int2rbh2h5DySkoYtmSpVzbvjnXXNeLjz5b yq49+5BKEKwsplv7Djzz9hco5aK0Q17GXtq2uII58xcjhc2n81+naaMWpOWW4moX42omP3I/zdt2 otTWaBmiMO8QzZpezovzFrJ93TfcM7Q3l1zWkJmz32DV2g0Ulh6jY9MGXNqoNW/MeY/V333H7f1u o0GzDuw7nEF1RRF9et1Et67XsPyr71i2eAHdr+5InyF3UlRaxPofv+Siiy+l49XX8sSUJ/jqq2/4 8ZtlXPCXi5i/YgORUIBvVn7Jks8WsmTxQnrf0pO4Bo3YGr+HcCjMy889w+JPP+aHVat56/U3aNQo ju0HM0nYvYNXn3yMi/5Wn8eff4lly5eRnZXFrddczfCHpmNLh83rVlLv4kto0+Eqln79PV8tXUj7 VlfSb/hoKiNhkrdv4pILLuDmPsNZ+f0PvDV7Jg3rxzHjnQWEo20RRkWQpm5f+GLEjPMiUnFz3yEE bKd2JqePj4+Pj4/P2Yl5GgktcJRBa83xLz4g9bFpGCExUtb+rC/QfU4lZvCMkWA8r6y0jGxef/Mt X6DjC/QzsmTZCj5bsixaEnzyAPl3ry2eyZiKmnl5JeqvP/cUr731PkJaSOWwL2k7t9xyKxUhi5Bt ce+Qwcxf+j1SCBwdZOuqFbRp352ME6XR14qWCxlN3v71/PVv9Xj5vaWImGO6ttDaRsswUodZ89Un xF3WgPW79uJIiXZqeHbqRC68tBknikr58MXnuPDiluw5lI6WNmkHk2hYvwnvfPQlkVA5E8YMo8+A 4WzYvoucgmNYIQchHD55bxZNGjdi7oIvWLJyOUsXvkOndm354psNxO9cQ9xf/srDT8zBVhGUW87o UUOo16QLqdnZ2FaQ23t24o57xlMlFba0EMri6J6tdGh3LcnHy9EyhOMG+WTeDJpf0YYdSSkEq0vI OrqTru2v5omX3yHihJHKMHnCfVzRrjNFrkHJEIV5+7ni8st54Z2lOCLE3Bcm0KhJCxIz8nGkoKLy GB2bNeSaG4dSE3ZRrmDxR3P484WXs+SbteSl7aNBvUt5e/4CbKlQIsC6bz7l4ksasn7rTjasXsyF FzXg0WdfR7kOUkjWr/ycv1xwEe+s3IySDlpEcMLVLFm0kJYtWzHz9TcI2g6uHab4xDG2bN3GihVf seTjedSv9xdefGs1rhQkblnBJRc3ZN3mRJSW1FSV07tbJ+6Y8DQREeLpqWNodmVnXn1/CSGl0W4F i997hYsuvIgNifvYv/2fXHLhxcxfthpXC8qLc7juHx0YOPoxglGBrpWFrOMXvhgmehOICMktfQcT sOxoa4K/f3x8fHx8fM6F1t4kFEdLbKFRyiV3yYekTHsSIzwPphi+QPf5NSfbQpXWpKVn8vrsubXe QHUZX6CfgaVLl/LZZ5/9rw2jPLMxAcYbz6W14LXnnmDWOx/haHCrC+l/681sTj5E6pHDHDy4j/69 evPim0vIzcqlSip2rP6K1m26kVZQjJKuZ/gW7edxaoro1K4lg4eNIKI1rgYtJa6wUf8/e+8ZJVWV 7v//X/3WvXfduXfGNIZhdEwTdRxn1DHrjDniCCoIioGgjgqYxVEkSVDEQJIMEgwYBxQF8yCOgJJT k2PTdKquOufsvZ9nf/4vzqnuRltUUIHL/qz1Xb26u7rq1OldVee7nxSvpVKVEU8/ws8P/TUfLl6f pr4n1Qx+rDv/9ZN9WbxyLU916sQ+BxzP3LXr8C5ixdyPOHz/X/Dok+NxrkBF2Toe6nQfp518Kvv/ 9EBuuKEdm8vKuPeuv3PYwYczcsxEXnnjFV59/SXefOVlFqwpZfqHL3Pgf+5Fh0eGYCTB22qub3Up ezc6k/krVhPHlVx1ytFc2rwd60WxcY7ERDxyz/Vce9vjFJyiNs+a5XP53a9/yY/++7/50X/8P378 H/8f//Uf/8H/+6//Ya/9GzFv6Uoi8dx2S0sOP+oENjjFmgJrl83gsEMO5qF+Y3DJRh558O8cePDB zFqynMQpVRXLOeznB3LGJbeTMw7vPKOH9OBHPz6U/i++xZJ/vcHeP96LARNexUiEsZaZ08Zz0AGH Mu6NfzP1hSf4yd6H8sS4qeBzJArTxo9i7x/9mN4vvoe1BrEVjH7mKf73v3/CA916UymKcwnzZ7zN Lw46gLMvbsKz4yfw4uj+/HS/H/OP3v/EJpaP33mWvfc+mDemfYT1jurKUi7+8++5+OYHqYrKaXvl 6fzxhEt56Y1/k7cxklTzyvMD2ft/9mfo5A9Y/P4L7LNfI0ZP/Ri0hurNa/jrH37HBVffQ1581uld 8SHHHaibg14oFDj77LOpqakJO7eBQCAQCHwDPOlEH+88IkLscywdM4q3HuweRpYGvjGqaT+gxYsX 07NnT6zd1sjiPYNg0BugpqaGmpqaHX5z0SwVnWwet5eEoY91pUuvvuTFU7lpFa2ubs4VLa6j2VVX ctVVTfjNYUdywilXcvcd91OexEweP5w/nXAOa8pzqLjadHnvFW8q6PrQvey1z7688c775OIEa2Kq qiv47OO3WLmlnLdeGcP++/+Msa9OJU4SqrdspM01zWl05FGs31xG/073sO8BxzFvzXq8Myyf+zGH 738ojz05jsgaSlasoLqqilxlBS+OH8uB++zDsBFjGTd2KAfu14gXJ75NIYkxUcLq5UvZnI+Z8eFr HPCfe3Fnj4FYsXhbw/WtGrN3o1NYuGI1sami5dkncsZZl7C+poY4MVRt2cgxv/klgydMSudnuhrG jxjEzw44gL/f1p77Oz3AP/7xD+6/71463n4b++y9L/2HjqLKKvd0uJFGh/6WZZvLSfJ53nvzBX66 30/5xxOjsGYLT3S7hwMOOIh3ZsykYC3lFas4/OBGnHFRO2qMxTtl1JCe/NePD2XAxLdZv3Q2h/zs QO7t9hhRUk1NFDG6XxcO+NkRvDNrKW+/PJCf7H0Ij4+bCj6PU+GtCSP53x/9mD4vvIdN8rz3zmRO OelEWl5zIyvWbqDGWoyJeHZIP/b67/9i0MhnKSQJM6a9xj57/Yj7e75C4pR/fzCRvX+yHxNeep3I GsorSjnvz7/nkps6kbc19P7HTfys0a+4675u5KICUb6Khx7oyE/3P5z35i9l/rsvsO++BzHm7emo RlRtXseZfziKi66+K61BL2ZaBIMOpDv/1lqcc6xZswbn3B6/axsIBAKBwDfBi08bC2vaWLjgY6Ri E/HGTbWb3cGkB76OokGP45jKysqwdggGvUGKo5d2PIJebBKnaZ2OS5gxeQL3/KMb1c7jTIxK2qxN JSGJK7nissYMGjEFsZ7ExQzu15ULmlxPzqTzzIsdwb23qFRTWbGOk045kcOOOIKrr2lJ1y4P0axZ Cw5v1IhX33qfjRtKOOOUU/jDsSfyjwfu49ILL+Cgg35O/3ETiWzM053u5Kf7/575a9ajzrF07qcc +tND6fvUGMrKyznn7LO5omlTenTtwjVXN+eQRj9j4mtvki+UcebpZ3LooUfx4IMPcN+d93DsMccw Y9YiPv7wTfb7z725t8fjOFG8i7ju2svZp9GxLFm+Cqd5+tzXkf322o/mV13Fc6++xacfTmG//Q5n 1oJliDiiqo1c2fhCTj/9DMprChiFREHFIEk1TRpfzF/Ou4S1uYgpr47kp/sexDkXXsJ9d93PsUf/ jr322ocHnxyBdXk+ees1fvWLQznp9DPo/fTTlKxdweG/OJi/XHgNhSTBO8OoZx7lv358CM9MnEKS r+T6a5tz+BG/5Y47/06bm2/j8EaNaH/vA5THCW+/NJS99m5E33Fv4n3adG3ycyP4jx/tzeMT3qZi 8zr++MdjOOSI33DPAz3o0rU7Xbs9zOQ33mTmx+9z5GGHceLJp3PvfZ04/bg/sM///jcP9JpApLB6 5Rx+98sjOeZPx/Nw90f4bN48zjrpj1zW9m4il7Dw8w/43S8P5+CfN+Kue+6h9Q03sP/+B3DbvY+Q F8Nn77zCvvvuz4QpH2DVUb55E6ceezQXN+uIEYtqNr/eBYMO1G7CFdOp9vQPhEAgEAgEvile0uvb xINTEKckYrDe1n62BgLfhC9ei+3pY2+DQf8eqTPoafMDEUf1hmXc2LodpbkYK9kYN+/AO4ytYeyo oXz86WKcpA3k7rvzFvqPfpFY0mZzkI7rwjtE0nrz6lw5b775Tx7v15fOnTszYOAgPvzwI6oKMWIT 1q9eyZgxY+ny8EM8+cSTfPDhDHLOYcXw8ZTX6da5H2sryhFr2LJpDY/36MNHn3xGnN/CnJn/YtTw IXTp1o0+TzzFhzNnkzcG1XLWrF7G8xMn8nDX+3isd3fenPYGFeU1rFqxjJ6dezP5g/cxxuGs4aWJ z9Kl7yDKysqxvoaosoJXXnyBHv94kFfffIdBj3XjxNMak4vzGGNYu2IRfXt1Z+q77xNZwanWjlFT V2D+3Nl07/kony1dhYvLmPrGJLp17czQZ0Yy89Pp9H60L5M+mol1BhdVM+uTj+nVpzcDR45iQ8UW +vXqwsBnJ2JMOkN89ox/0bnr43z8+UKMcVSVb2DyP1+nZ68u9Or9KJMmTaIyn8eKZen8mXTu2oN3 Zi9AJR1Vt3DODLp0781Hs5eQq9jM4088RuduPencpQ9dunSlS5eH+Ocbb2FMwuezZ/HUk0/Sr98T LFswl17dujD5nU+JRBEpMPfzf/PoE0/xSM9eLFlRwsgh/Rn18htYZxGbsHjBx7z+2gS6de9Jn169 eHPKu1QkBussG1YsoVuPR5i1YCmJKDW5Kp55ui/Dx72JSAFRiD2oCx+agUAgEAgEtp9iyaXLxvX6 gkesJ8QAAoEdIxj07xUFb/HeYj0YEdTVcMP11/Pu9E8xCiKKV5s1kTOIi7AiWLHEFWu4/467WLi+ PPvbpHaetlfBisOJy/4uQcVlGwEW4xQrHnWKNwkiDuMs6hRxihWLU4t1FjVKQQ3WJYgUsCaPlUJq 6EyEswlO0vFtRi3GOlSqURth1WE1j0hCQQvYRDHGIJEn1qj275wrUJ2lExvNIXFaK6/GYGzMh9Mm 8+Ir03BSSGeN2whnYmKn2UaGq23epSpYa7DOYZxDtYDYAioR1grWFbDOkjiPisW5CCcGVSUSocYa vKkgp4I4QSSPGotzipEEIx51NaiJcFKDswYjinGCiMWJxbiYRBLUedQZrCtgnMPa9DYiUWqoxWfN L2yaBeAE5yxiY5xz6bx7cSQuwjqDiMFJQiyCdXEa9XYFCuKwJsJaj0olTnM48ahLUKcUJJeeD2ux IiROiJ3gbIxzEQXrcK4GpxB5UBfqewKBQCAQCGw/1oOIx4lPN/9NatBDFV0gsGMEg94Am0o3s3FT 6bfu2v4lvIA3eG9JPCSqiMQMGjSANu1upWBd1ineZbuPDhGLFYPVhNkfTqHbQ92oUbDi0hnWtQZd cQpOFLEJXl02RxBUTZZq5PHi01mU6nCq6YaAk6yTtyVW8FZJ1GDFohrjbB6nhew4QFQQSVAp4KUG tYI6g9r0Po2mNfaxTxDjscYhRrE+j6rFZg3SIhXEOawvIFYRNYgxqMulhtaks+KtgjiDqmAke75i 8JqabPFgJU2F8S7BaoJKgrgCVgTRBBWLt4qKw0mCU5vWG4sSOcG7KmIVnPOoj9M0LZs+T6ugEqEu HfWmLsGopk32xGYfSBFoHnUeyUaMiLOotThxeE3wavE+3WEWD0ZTWWdRlyCi2f9d8VqNuggVS+JS M+9shHEWr0m6NlycmnLN43ycbsBIjFrFaQXWOqz49Bw4wYrgbISIITaC1o+gSzDoRXz2P/h8zlxc SMcLBAKBQOAbYb0i1mOtJ+cV44VoYym5FSvTMcNhpGvgW5AvRKxZu25nH8YuQTDoDTB89DiGjBxT a4Rh++agfxWVlZV88sknGGO+sr5CRNiwYQMlJSV7dA1GIPB94n1aMxdbx+l/OZeaQpyORwy7/4FA IBAIbBsvOK+IE5x3GA9rhg/h8/bt8VmmZto36bu9jg7s/tStBa0debtgyTK69+wT+gERDHqDjHh2 PENHjU3fTL4Hg15shGCt/coFWGyQEMZUBALfH96nZSaJE8469yLyURLMeSAQCAQC3wDvhcgr6hxe DKKwbMxA/t3xtmDQA9vkiwZdVFm4pIRHej8WDDrBoDfIyGfHM2z02AYj6PUXzPZ2p/wmHeLDiIFA 4PunOGEhto6/nnMR+ShGxQeTHggEAoHA1+BViTw4tTiN8NazZvhAPmt/G94Fgx7Ymvq+pkGDvrSE Hr0ere3mvicTDHoDjMwi6JI1JIPMnPutxzLV/xoIBHY/0s0yIR9bzjr3IqprIlTCxlggEAgEAl+H d0qskPeGgi/gI8+GQUOZe3sHvE0Q71AvwaDv4dQfoVZf2W8RcTgR5i9eSs8+fWszjPfka7Fg0Btg 8PBRDBgyHCeCSp1Bl2yx1I+A7+k7PIHA7oyqoqIUEstxfz6VqlweZ11t5kwgEAgEAoGG8ZIadOMt VmLUeOY9O4Z377obbw3iHT4Y9D2eYllv/eCm1F5nFcdRK3MXLqZz1+57/Ax0CAa9QcorqymrqEwN ehZF12zxOIWFS0oY9ex4ojipNfCBQGD3w3tQURJrWbZiVTZCUINBDwQCgUDgG5AoqAhOHHmFysot FNauwksxeq61ZWPBoO95aJa+LqpMmvwm73/4MfkowWVd/lXTay4P5OOEjaWbQ/CTYNAbpH4XZ+8V yWaOl1dV8crkt2l9yx20u+1uosSgIuFiPhDYrdEGFAgEAoFAYNsoXiSNgGYN40TDJJTAl1EPTw8c wpUtb6Tv00NZWLKSxNl0hHGxLj1M0aklGPQGSS/SPem87dg63nz7Xdre0oGrrm3DFS1bc3OH+ygk JkTbAoFAIBAIBAJ7Ht6hPkJ8gleLNw4vQtjoDtTHA+LhqYFDaHr1DTRt0Ybm193CsJHjqMwV0k0d IARJ6ggGvQFEFSuCFeXDjz/l7k5dueLq1jS9+kaatLiBy1vcyM0d76cmMYhobV1NUFDQ7iX14BSs +LQJpAfR9Oc7+9iCgoKCgoJ2ZRXLQGOfloCq9RgF49PPUidaa76C9lyJglV4YuBQmrZoTZMWbWna oh1XXN2am267mzETJlKZyyNZqvue3iAOgkFvkMgYNm2p5JkRz9Li+pto0vxGml7dhitatqNpy9Y0 admGtu3vp7SihqrqGqpzNeTyhaCgoN1MVTUFKmoKbKnOU11IqKgpUF5dQ1U+2unHFhQUFBQUtCur piaikEuoyBvKCgmVhYRcdQ25qhzV+QK5QpR+DdpjVZ0vUF6Voyof8diTg2jasjWXt2hLkxY30fTq tqlhb9aKTg91Z9GyFeTyhWDQCQa9QUaMnkCHux/imhtu5YqWbWjasg1NW7alacs2NGnZhstbtqVF 6/YMGDqGYSNGM2ToCAYNGR4UFLS7adgoBo94lv5DRnJh46Y8OXg4z4wax6Dwmg4KCgoKCtqmBg4d zpBnRjFk8LM8OWwUg0cNY2CHO3noujYMGjKMwUNHMDh8nu7RGjx0BM8MT6+1/n7H/TRt2ZbLW7Tj by3acXmL1qnHatGaJs1v4O4HutGtRx+ccwB7tEkPBr0Bho1+jqGjX2DZynU8MWAY19xwS23kvEnL NvytRRtuuqMT1bFBtC4lNigoaPeSUyURT8EJZ5x3CZVRgpEsVW8XOL6goKCgoKBdVYnXdOKRS8tC E82zbNgg3rm7E8Zm3bv91uVjQXuWRNN+XkaUfgOG0qRFa5q0aMflLdvRpEVrmrVqw/0PdeOjGZ8x Z8Eyuvd8rHbMWjDoga0YPnYCQ0aPTdv/O0NJyQrufqArza6/hSYtb6TptW1p2/4e8sbUm+MXCAR2 N7ymozwKTjjzgsuojpOs6WN4XQcCgUAgsC3EgxqDU4MYT6SwetSTzL29I94o4iS9jSd06N5DKf7f VeGpAUNo0uw6mrZozZXX3kTrmzvy3nsf4EyMqjB/yTIe6fPYHm/OYTc06Ovu7Mbq6zp+r3rnL02Y dublrG7VkdWtOrCqVUcWN7+VyadcwujfnMzo353KC8eexfJr27Oq1fd7LEFBQd+jstfv8lYdGHLE cZRc0772Z0FBQUFBQUFfrVXXdWT1tR1Y2aoDq67tmF4vn3kxc479C6uv7ciqVh1YVbxdq47h83VP VKs6vXXapTz721MZ/ZtTGHfU6cxp0ppV13Zg1bXptdfcpm2YdNJFrG6VrqUdWS9Vr729sy3rDrHb GfRFR5/B3IOODAoKCgoKCgoKCgoKCgraSpt6PL2zLesOEQx6UFBQUFBQUFBQUFBQ0P8JBYP+AxMM elBQUFBQUFBQUFBQUFBDCgb9B+aLBn3R0WdQcn6L71TLzm/B0uzrsvOv/o7u92qWZWrodyXf2eME BQVtj5adV3yN7vxjCQoKCgoK2h209PwWlJxX/Ho1i8+vu4be2ccWtHtp2fnbv27mHfzbYNB3Jl80 6Bs7P/6dP4ZVSCQdD6GSdnn2mb4Nxb/xXlEvtfI+7RLtVTK5VF6/MJ5AUO/4rjpK1z5O7ePKd3bf 6QNIwwoEdlFUFRHBGIMxBucszjlEwroNBAKBQGCbeCHxglqP8YI3CbFYxAmqDtW6z9LQwT1Qn9Qf FTu8C6pCIum4vmIX92/TyX3hb04JBn1n8kMY9A2by1i9sRTjpPbNZbsMutc6k15PWmvKpd5IpwZu 6wXvv0sTXe+xtjLp3xX6FQoEdk1UFecczjk+++xzkNxXBgAAIABJREFUrE0NeiAQCAQCga9DMV5x zpN4wScFonWrqSpZGQx6YJvUGnRVVAXrLOW5GlauWVtrzINB3434IQz62OdeZNS45xAlM9Dba9Cz iDnpIhSn2WKs21lUTY15OiNSszezzNjWRqC3XqDFqN9XPm7xqzi8pBH4YlReVLMIPt+5QS8eV/1d r+96juGePhcx8N1SXKuRsZx/cWNy+QJhUykQCAQCgW+G84pVJfGKTwosnTCKdx/ojBiDitQLOu3s Iw3sStStiTRoKKosWracPo8/gbU2RNB39gF8W34Igz7y2QkMGzU2XTw7YNDVu1qDruJR6xAbk5gE UcVlafTF+3ZiUDWImMzApyZeZGsVU3CLqm+MRQTj0oXuJcG7BFWHU4idYDV9zOwIv1OD7mwaiRRX PE5B5LsxO8UXakg9Dny3pOszdsJfz7+UXJQQMj8CgUAgEPh6itmeVh1GwTvD6pH9mdX+Lrx1qLja AFExnTkQgHqeyqfZxKKwcEkJj/R+7FubcwgGfaez2xp0J6iLqNiygvmL5xM5xSpYydLdxbBh3UpW rVpKaek6pk19i2lT32ba1KlMmzaNadOmMXXqVN566y1WrFjBu+++y9Tsd1OnTq3VtGnTWLBoCdW5 Gj58bxrvTn2TaVPfYsrUd5gx63OqCjGJSzcF0hfFd5POKyLMmjWL8i0VxLFh9uzPWLBgIc59d4b6 i9H5QGBHKW5QFZxw5gWNqY6TemUngUAgEAgEvgrxoOoQtRjnsR7WPPs0C2/viDcOcS69TTDogS9Q 9CF4B17qGfS+waATDHqDjBozlpFjxqZR6HoL5FsbdBXEO6yCN0IiBd6fNJou3XuSU3CqiCiqFpUc o/s/ytNDhjJ//ud079qZ7l26cftN1/Pznx/GbXfcRY8e3ejSrRsfvP8uXbs+zCOPPEKPrg9x2MGH cfPfO9Cjeze6duvCm29PYfG8eZxy4ul07f4w3Xt04eEuPbjqb1dw2eXNWFdahfMOr3VpJeoBL7WN GoqN7IDsGIsyaJaK77Pz49USRwUuu+h8Pv18ATX5PHfdfiePP/kUzgnWOUQc3ilOBVUQnzasKzaR S9P+bVq3nzWMcJKdH1G8GqrKNzD4mVHkCwmS1fF/RwH6wB6KqmCspWAdZ55zCdVRUq/MJBAIBAKB wFchHqxaxMY4o+Q9rB/Rn4W334E3DpU0MqoeQmwl8GXScl4Rh6iycPESevZ+tDYg920IBn0n84PU oI8dy+jRo3e4WZT34NRSUMXHSrVEvDzkEbr36EONT42vF0XUolrBo/f8nSfHv4hTi4rBJMqHbzzH kb86ibnLV6NqsB5U4tQoq0NypRx60JHMnFeCikG8oBqx4JPpnH3RNVR7g/UFjBFym9dx2il/pnP3 p0k0yha/Yp3DiCCSdrEW57DW4ZzFWoNzkr7JisO5CCcW7x3qBJdYVBJyVVu44PTj+WzpGhKXYHIJ NVlnbOsssU3wUULsHIlxGEkQl+C9wznB2xivCVYUsQ5RQ+IcxipiLSo1bFz5Oddc35HK6oSCsXgx WAnbsYHtR7MNqii2nHveJeTyUbr548OVRCAQCAQC20IVIm9QU0ATxxYPa54ZzKcd78EbwbsskEMW Rd/ZBxzYJSmWsC5YsIDevXtvVzlrMOg7mR/CoDvnars570jNs/cgaolU8MZR0BxP97iVXo89QSHb TfSSNm1ztoxbrmvOsElTiNXhfIJxyusvjuKY4y5k7eYqVFKD7jVG1GCdIdqylp/uczjL11fWGnSv ETPfmUzztveS94L4CCseH+W45+5buKrlrSSST980s8h5xZbNrFy1lo0bNvHe+9OpqsqjErFxwype njiR99//iMrqArFTvEaINSxdupQXX5zIp5/OZOP61Zz0h99Ssm4j1kasWLiANRXVJCaiZPHnbC6v YsXS+bw/Yx5JUkMSR0yfPp2xY59jzrx5GGuRbBPAxDHz5s9k3HNj+NeMf1MoRKxbX8LU18dw1bW3 MHPWXFZv2Ii6CBd8VGAH8F4RFZwIn/x7drpZZe3OPqxAIBAIBHZ5vPM4dThJcE7Y4CG3oYSKhXNT c+4kTW0nGPTAtlFVampqWLZsWe2EnW9DMOg7mR/CoG/P/L2G8OJRdVhNG7vFUsaDt7fggS69WLBs OUuXLmXJ0hJKlpewZM6HXHL+hbz27sc46/CaIOJ4ccRTnHrmVZTXWNQlGA/exzhvEHWUrVnCAfsc TmmVrTXo4gq8OX4A9/XsT14V1QgRZfP6tRx3/B95avB4RHPp5oAq4mLGDH2K0866lHvu6sTosc9T VVnBU0/04dprmvP8c2N58smnafy3ZqzdXI4zW3jo/s7ccGNrnnvhOYYNHs6t7a7n8EOPYNOWLZSX ruf0E/7EyFemUrpxFWeeeDJNmrflkd7deGPah6xfvZDzz7uUXo/25ZWXJnH3vXdw0223ERvHpnWL ubr5dTzwwD28OHE8Tz79FJ27duX9j6bx4N3tOO+SKxk2fBQffzoTlYgQQA/sKLWvdV/XaDEQCAQC gcC28c5jVTDq8M6TKMRqUWfqjdAKEfTAN2NHJkAFg76T+SEM+ndF0aA7EYyzONlC2ysu4vhTzuKy v13OZZddxmWX/Y3GjRtz1SXnctjBv+ad6Z+naUGaoM4w7LGHObdJO3LG1Rl0LRp0Yfm8T2jU6Cgq Y19n0CVizOP3c0nzNjzefzADnuhLn0cf49Y27Xi464NsqY5RX43PajyMrWHYUz248IobyeXyWFE2 rPiMG1pdzep1a4jjHHFc4KHO3Xl3+mxWl8zmD0f9mSXLl2MlQhPl+TEDOfgXx1BZnaN0zQpOO+EP vPrRHDauW8qff388o56bRGwKJDbP6Gce5f6H+1BVU8AWLBXla7mq1bUUIscjD3bgzydfQFVNFaIx 1hnyUYSTiFfGD6BjpwcxzmU19HEw6IEdpphFUmxUEprYBAKBQCDw9aSlnIrzmkXMfTqi2NdNKKqv QOD7Ihj0ncxuZdBVEE1rtWPncKaSC44/kQmTPgCyRmia7hRVbVrKr488ipkLSvDWIZpgNebRBztw 7Z1dqJHUoH+xBn3W+29yzPHnknd+qwh6j/ZX0HvQGBauWM3KksWUrFpJdWUlViqJncf7ylqDHkue Ab3uYtCLb5KYGqwYpr8+jOOPPY42f+/ITTe14e83taFx48a8/e5HvP/OS1zV9GZySYTVAhopC/79 T355zKUUTMKqxfM49bjf8dGS9axYMovzz76QBas3YgsGNWXcen0TGl97Czfd0p7bW99J+5uv5+yL L6J8c55mF5zFw73HEStYsai4LKMg5pknutPp4Z71DHqIoAd2nNSgG/AJeBsMeiAQCAQC34DiLGuv Ct7gNcGLr42Y145YIxj0wPdLMOg7mR/CoG8s3czG0s1pWs4OpLmr2tSgW00bp+U386ffHMeUD2aj 4hAVrCjOGjavms/BjX7LgjUbEJtgxWC0kofuuZ17ew+gkHU5F1W0OCddLO9MfpW/nt+UKIvWq7eI zdG+1eW8POUDYlVEEqyk4y6cpPXo+GINumJdDT3uu4k3PpqBcWm0+uPJI2lz403kjGCcQSTGJHms M7w/7TWubHIDVVEBIxGaJHwwaQzHnnEtiYuZP+tj/vT7o5m3ejNL53/MhRdcydotlagxqN1I+5uu 5a3Zi4hNgkQOa8uoMRFRTQ3NLz6bB3oMIRJPUpypbgV1BR6+/2Ye6d2PxDqMWrxGuODQAztAsQ+D qqOiqjybqKDBpAcCgUAg8DWkZWEe7wRxCU4SoriapGoLIoJ4RetF0wOBhiiWQRjnyNXkQ4o7waA3 yJCRY3hmxGisCJrVo27Pm4v3cZZy7vGuQK56HUcceRSfzp6XRtd9NkPSxiz9fDo/P+j3rCmvwrk8 Pnagm7jz9vYMHPEcsScd+yaajSkDtQmvTJxIi2uvJ1HSBnLekMSVXNGkKe999AlG03nsXr662YIm Fdza9kYWLliU1uO6iE1r5nN18yuZMXMWuXyBLVsqWLKkhKhQYOWSuRxz1O+YMeszKvN5Nm1cy21t rufCZrcikmf6+29x7PFnsGFzBfNnv0/Ta26nrCZBNUZcjrGjR3LDjTdTurmMmqSStWVrmb9oBWoi uj94OyeceCqr12+kMpdn5Zq1lFdUIlLDw53a8MB9D7GlIqLgEpzGiA1v+YEdIW1EEjuhRasbyOUL yDZeK4FAIBAIBFK8CgVVEnVYsUjsWf7aROb06o63STpS19c1igtXbIEidWsh64clwtIVq+g/aEgY s0Yw6A0ycuwEho8Zl0Wrt9+g4xPUS1qP4yLKNq3k2ONOZvGylencb086H1IMH7/3Jn/4w5mUVecR iVAjiCvjjg4defGf04gVnNQZdPWgzvLihAncdc/9WA/OA95Skyuj2VXNmPnZPJzPDLp+deMrSSpp fcN1rFm3Pk25F4faAm+99Sp/u/wimjVrRtOmV9Ppge5UVkZIUs1rr07k3Asu4srmLbm5bVse7nQf t9zbE5EC77z9Ty5p3IyKqhrm/Hsatz3YmS2JSTc8bEyuvIz777iDxpf+jRbXNKfJVU0Y/9xrqHPk qtbxVP8BXHTxpTRvcQ2trr+RBYuWYFyBdStn06JZK5peeQNLVqzASoyzoY17YEdQjDHE1vGXc86n JoqzJnFhXQUCgUAgsC28VyIPRiyJRljnWTX8GWa3b4+a1KBrMOiBBqhv0FXSaToLFi/lkd6PbdeY 62DQdzI/hEEfMWYcQ0eNTQ267ohBd6hXxIMXi4nzzJ2/kEIcA2k6h2Tdo3MVpSyYvwjjHCoG7xSR GlatWUVZVQ1Oswh6dhDq0xr2ss2bWb9hQ200Hi84W2DZshJqChHiFe/tNlP1VSKWr1hGZAwu2zTw oqhLyFWVs2D+fNauXU9shMR5VCLwhnXr1zN33nyS2FBWupmS9aV4jamsLGVpyUqMceSqN7Fy42oS STMJ1CnOJlhXzeqVq1i4YB4VVVVY59Pfi0WcYfXqVcxfsIDK6hxWFacWcdVUbKlk7rzFFJK0gZxI MFKB7cdnozwia/nrORekrxmR2td9IBAIBAKBhlGv6TVjZPA2T+Jh+eiBzOxwO94ZnLchgh5okK0M utY36I+GCDrBoDfIqLHPZQadWmO7XSnuqqgXXDa+yUv6RqYN3ZGXOhOddZPGZzXnPq0VB+rVxir1 o3xb3aV3dbfN7mfbtfTp/fusVkg1a/ohPpUv3sbhvcF7yY5X6tXwgorH+7QOXn2xcYjFi0lHukna 3dN6IfFxek6y26lS97haF8GsazSSbmSkx5HetnjeAoHtRTV9bRaM5ZwLL8kMugsGPRAIBAKBr0WJ swh6rBHOetYOfYYFHe5AxWLVZNeXwaAHtqbBCPqSZfTs0zftX/AtTXow6DuZH6oGfdCwkVgnSJZm sV0GvTgHPTPa3vm0xtt/ecGlnTCLBj011UUzire1RrRoaNNxUF+xcOvdNjX72+5MXdeB02bdrF36 2Fo04ml9iBfBS1o77wGvLjXgxSwBV7chUezsqapolpbvSY21ZNkA9U15epwu/RvPF2pTJDNSxXPj 6p2HUC8c2H5UBOcc+dhw6plnUZ0v4JytLW0JBAKBQCDQMF6ESJXYOxIx+MSzdOQIPurYIY2ga4ig Bxrmi9f5zqUR9Ie79ggRdIJBb5DFy5azaNlyXG2TuDRaXTSdW7N1JLs+PktDF++yCLrPosZfvn0a cS5GiOui3nXmtZ7phlqDXvut1u88rVsbWO/Y1jrf+ram3uaAxXtDcTa0F5/OuKw16FJr0LXWoGua Vl98/lnqvRSj4NTdj9a7XfFx06yDuiyD9DHSGnqfPe+iQU9vEAx6YEfImsQZy8uvTSKxLvtQCKUT gUAgEAhsizTymUVAjSUxnsoVCyj95MN0WpF3IYIe+FpEHCLK5vJKZs+ZF7q4Ewz6V5ClUzck6hla 2OrngUAgEAgEAoHAnkBaFplmiDqFOAtMbasxcSDwfRAM+k7mBzPoDclLWodNfZMeom2BQCAQCAQC gT0LDxgPIoq3iorPmhrv7CML7GkEg76T+SEMuqrWauvvBaeWyCQsK1mBNW670jACgcCuQ0Ov90Ag EAgEAtvGiydWsCp4azEq5Iud3UW3alAcUtwD26L+dRiQjbz95gSDvpP5oQy6c662i6CI4pyQOMfq jZvo0r0PHe/sRFRIEPftGxkEAoFdA1VFRDDGoKpYa7/0IREIBAKBQODLeOdJFIx41AllPkKTPJKL s+k9WQo81PYvCgS+SJ3fShv3Fq/NQhf33YgfwqA//9zzTJjwPOLSBeKsUF2dY8rU97jx5rtp2qwN t97eiTgy9ZrIBQKB3Y3iB0AcxzRp0oRcLhcMeiAQCAQC3wAvQqyKdR5nlSqfZ/XYscx4qCfeCipa Oy7XBYMe+AqK110lJSX079+/1qx/G4JB38lsv0FvuFa8doSYFlNxlFGjxjJixLM4UYwVps+YSZt2 t9GsZRuatriJK1rezM3tOxEl6XxHFffVTeWCgoJ2XaE4ERJrOf+ii6muyWemfRc4tqCgoKCgoF1Y qpbYW8QpajyVvpo1z/Rn5m13o3GCdxZVh/eCesmmFAUFSTalKe3vpWoRZ1m8eDG9e/epDZ6ECPpu xPYZdKX+qDIA70GyNIp0FrJFxGGtZcTIcQwbOZ5PZ8/lgc7dueqaG2l6dWuuaNGOpi3a0LRlG27q cD9VhRgngqhDVIOCgnYzWXEk1lGwjjPOvoDqQrzTjykoKCgoKGh3kBNFnGBFcc5TrQnrBw9h9u33 oUlaKupUa7Wzjzdo15NTwalgVZi3cAk9ej22XZmMwaDvZLbfoG9tzr0HJ0rplnLe+/Ajnpv4MmMn vMD45yfS6aEe3HFvZ5q3asOV19xA0xY30KRFW5pc3bbWoLe48Vb69R/M0/3706//IB4fOCIoKGg3 U78BQ3hq4BD6DRzGJVe0pN+AofR7ehD9Bgzd6ccWFBQUFBS0K+vJ/iMY1m84A58cyZNPj+b+scPp /kAHerRqy5P9h9N3wDAeGzSCxwaNoO8ucLxBu576DhxO38HDeXTgcDr3GUjXno8Hg84eY9DrUM3M uXW8+vpk7n3gId7/1wxqEoNVsArDR09g8LCxvPTPN7nxlvY0aXE9TVq0oWmLtjRt0ZqmLdtyU4f7 ycUJTgTjXO3fBgUF7T5KnBI7JWccp559EZurC8ROsaI7/diCgoKCgoJ2ZdUoVHqoVCUynlyNY87o F3j53q4kiSN2SiRZI7ld4HiDdiGJx4rHKCQKkShzFi6le89Ht6thbzDoO5kdMejeg4onn4+YPGkK Q4aOYMOmzSRWEE07TIqH2XPmM+PTz0mcMG/RYno//hTXtr6VJs2vp2mLNjRp0YabO95PPjGo13q1 FEFBQbuTpF6Ke/8hI8gnFis7/7iCgoKCgoJ2dTlRTKLEajHOoYlQNnsOq979AHUWVVtbe76zjzVo 1xTe4b3FiWVTaRnvvvdhbYO4YNB3I7bXoBfT2sUpLzz/MiOGj8Ektl6nwLpFUNfm3+HEElvLv2fN 4aGuvbmq1U00adGGdu3v+4JBd0FBQbuZ1BmcMyTGkliHdQ5xBnVmpx9bUFBQUFDQriyrgliPeIN1 FmOFUk2INEHVoT6V9zv/WIN2NQlpkziHSIJ1Ju1pIL42eh4M+m7E9hh0D2mEXJSFixYzbvwEClGM FOczqlLX5T1rWiCCk9Sgp43klHw+4l8zZnLnPZ24tf0dRHHyrccABAKBXQdVQcUhzuKcxVmDOBte 14FAIBAIfA2iinEeJ4q1gk8sYhUjivi6RmBhvFqgIbwvejQhcS5dN5kxD3PQdzO2N4LuxFOTL9Cj Z2+Wr1iJ3cY/3oqmC8U5nDigXgRehA0bNjBp0iSMMd96AQUCgV0HEcHa1Jxba7KvdmcfViAQCAQC uzzeK6Jp+agTRWyalWZFUnMeNrsD28BnOzfqBSsOK4pxUmvQvw3BoO9kdiSCPnf+Aia+9ArG2too eUMYp0QmrUVV/2WDXndR77ar02AgENg1KL5+E2OIkyR9X3AuXFQEAoFAIPA1eA/eeqyHggo1kqBJ Do2i7ZplHdizSA264sSSOEvihNjY7Qp+BoO+k9keg64K1inPv/AS69avx4mgWepNQ7w+aQoTX/ln mmbh0/r0okGvXxcRoueBwO6Nz17LsXVc3/omaqIYLdZFBQKBQCAQ+Eq8B288iVeMeKw4Vk56jU+e Hoy69Dq5mOLuQ5574AsUDbr3ghWhZOVqho0YXRsMDSnuuxHba9DXrd9I7z59KURx+kaRqSFGjZnA 8FHjUE9tE7hAIPB/j6IRj5zw1/MvJRcl1PWjCAQCgUAg8FWoBzWCVYezHnWetUMHMav93XirqJPs WrouEzUQ2AovtaUSi5aU8Eivx8IcdPYQgy6ivPTKa4wb/3zdTh7bMujPMXzk+OxNJR0BEEx6IPB/ D6/p67rghDMvaEx1nNRrGhkIBAKBQOCrEA9qHE4tYjyxwppRTzD39g54o4iT9DbBoAcawhfHrEk9 g943GHT2EINunKN33ydYuGhJ2rXd67YN+qhxjBw1HmsF1aJBt+nXb4GHbJSAQTV9k/Je8a6KWIRY LM4lJKqoWkQtai1GPKIFjLVYMdnjp8dQ9waXdp/33iA+QZyi1qNqcd7h1eLFIl6xHrQ41oDsjVIl 3bUCIg/eZQ3vxOKU9HjEYEURsdn3gvcRvpj2Lz5V1oXR13sDTr9Psw9EFZUENI9zgnXpeKv0+Xxh dzX7/2x1Hj21nUBVDOps2oHfK14TvBhUHUaV4uvZe5d26M6yINL/Q12alde0f4AUf+9dvZF5WdMT FVTSc5um2rh0GoBPEE2/d87VHr96EJ+tr+z+NSuLKI6TKD7H9A2poXWYmkNPmvnhPXXnuLh+tK7k QrykM0bFI570flXq/r72Da7OdNb9b1zdh2W9Uo6viiD72ueYqviz2r/xdWtKa5+UbmV408eO8JIe s3WCy8axFNeNfmE9fZ+oCk6Emtjx13Mak4vS16oPG3KBQCAQCGwT50Gd4DVBrVLmlTWj+zGnfXt8 ImkEXbNrJP3q6+7AnojWeqv0WkxZvHgpPXs+ul09voJB38lsj0HP5Qt0faQPFVVVqbnROrPQEM+O Gc+okWNT07uDBl3V4iVKzZxPDUG+fAUz5q4l7yy5yk2UrN/Ehg1rWLV6DWtXrWbNulLipJrNW8pY uWYDXoqLOKln8lJDpd6iPkasoWJzBetLS4l9avi9TXAqGJ8dh9q0YV729z4zsDUKavNYVZwkJAqF 6s2sXrOC8ijdJFBNcM7hfTXeW75o0Itm8kvnwAtOLJVb1jNsyGM8/8JkclGE2LjWoItPm/jVPa8v ox6MOsRFqDOIKlYErzFvT3qRAQOHUZ6P8D4Bn5msLxj09HwVjWtqZIs7u6rpZoZXi6pgFKwYSjet YP36daxZu5q161ayes0mNleUYqxDJJubnRnx9LlIZvQt3tc36Onj1xl0Q50hbvj51m5a1NsEUZ+N BszOvfMO8YJ3Hle7ESF1Jvcr3tx88RhrdzTqNhC+KnpcNOguU/Fn3pOZ8/Q1sq3Nr9R45/HOoWJw 4jCSzzbOqF2fP9Ruu4gjsZYkcZx77mXkakzt5ksgEAgEAoGvpnjto2rwzlPmlZLR/fn4jrvQxOFF v7T5HgikFL1NWmvunLJg/iJ69UoN+rclGPSdzPYY9E2lZTz2ZH+sE1Tkaw360qXLWLhwMSJZm/9a 8/HtompaG7lO0gh6Fknu2+0hHuwzlMgaXhk/nPMat6RPn9707v0Y3Xr1YtCT/SgrLWXB/E95+OEe RNanUVJvtjLoJksJ8c6ybuU8/nzCsfzqqOOY8fkiYqeoNVkUN40Qp5Hpught+vyVOM4zelBfxr30 WjZiTpj6wgh+85ujmPLpIowKohbnBO9r0MxYe23ojbfeY2Rm1EnCquUL+fUvD+Hc85tTkY9qG3EV zb3Wj8I2eC4VUYeLq3hxwrMMGzmKvEmzDtrdeBV77/ML1pRW430F+BpUtp67WTw2nxlo/UI0uljO kBp0xSnkaypp2vg8Dj3iV5x02mmcePJJnHD8aRz7+6O57rp2LF+7ESuamjlvwRu8t/XMdV1Evrih Ut+g1xnihp9v8f9V/xy7esbbi9RGs7342uelmWGuf/++ntIfSJ3qn6ev2CCpfx5rH4Mvmuh6x/tV jwu12R1JXMbggQPo0v0B5i9aUXsfPqtHKt7/94mqYKwlSSwTJ75OFBmss1/K4ggEAoFAILA1Xjyi aQ26N56cUyqWzWXN9I/wToNBD2yDrQ26OGFLWQWzZs4OY9bYQwx6yYqVvDp5SmqQv0EEPR2npvXS K7RBM/N1aBYx92qyxxZcVMk1VzbjX4uW4Zxh4piB3HZfX5wkOCvUqEPiapy1JNEm7rnjPuaXbMKo pMa4aLq8EHuHiEeThB6d7+R/9/pvDjjwUDp160dBfBrxztLTVR1OUzPpJclStUHFYeNKzj/lT1zR qg2xglNl6riBHHjgIUz69wJiEYwzOCuoRjiJ6+6zOOtSNcsQcIgYxFlUFBHFiSHOlzNvzofMX7ya vM2izk5rI8TF8yOabqJovfNfvH8RiyuUc02zJpx93vlUxQmJCCtLFvDJzHnkjOA1QlwBcekoPZ8d h1UQdYhEOHXEotji+ZEsy8BLlpoOVpSa6s2cdeqJnHDSuSxavppV61azZuUaBvTryr4/+Sk3d/xH ukkgCSoRKklaVqCCyTZ3vMSoZCP7VLJ1JVlqvuAla6IixckAmqZ9i8nOcXqerbg0GyI7F14dXmKs SPp/FYc6h/VgVPFq0tR/qeui6oppZuLwYtIMAknS9H3nURFE8mi9rIit1nO96QXF7ppeFZX0hsWZ p2oFXywL8GAVbLFEQdPnKmpwdjM9u3XltDNAffVHAAAgAElEQVRP4Lnn305faz7d0MLbrSYmfF+j WlSLHwzZcxYfRqwFAoFAIPAN8M5jVUg0zeQTBeci1ERfylgNBj2wNZplJqdrRFVxVrLs5VCDvkcY 9LnzFzDz83kYlxqLrzPo3xV1Udo07VecZePyz2l74x2sj2PEGCaOfop2dw0gMTFqDYlziM1Mr1Tz 0L130PPxwRRUEV8vXcgLsRe8WEz1Zo45+recff7Z3H/3HZx86llsiWxq3Fye8rK1zF64mC351ES6 qIL5i0tYtamMqooy5n72CWcefzQXNGnO7PkL2FBWxhtjB3DQQYcw6V+f88msT3jt1YksL1lJJAnO RlgbUVq6galTp/Di889TsrSESMFYS1zIsWThHNauWkkhipi/ZBmlmzawdOksSlZtInKO9evWMn/u fOZ/Po8F8+Yzf958Pps7j3xiUFugbPMGpk17m1dfe52SlauxIpiohmXzZvC3S87hpNPO4KNZcyhZ u4H1a9Ywf8kC8iKo9dgoYvWapbw6eQpvvjyR8tIyckaxatm8qYR58+dQEVvmzpvHy+NGULJ8BVWa ZRmoRbNNijhXyrmnnMypp11JLlaMOMQVWLfyXxx24ME0adaOfOJQyRPntzDtrbd47aWXWbJkKdVW Mc7gkwo2bljNy5Mn8+qk1yndXI6I4GyBBXPnUbpuI2tXreblFycy/V8zyNUUSJzHWYOaPBXlm5jy 9hu89MrLrFq1isSldToqESuXfsa8eQupzBWYMuV1przyCuvLq8mrILYKNTmWLVvOyy+9xHsfTaes MkdsHDYp4KIcn3/2ORNfHs9H//qQKO9w1lJTWMf8eYuII4u4ehF4r+lmjHPYxGDihLKyMkySEOXz RFGUbhZYQY0gUcKWsjIqcjXE4klE0znjNo+zBSqjPOUVq9CC44n+9zBmwtR07KE34COsy7NlyxYq Kqu+97nkW/VO+AHS6gOBQCAQ+L+Ad0qsaZmiiMcDTiEpZvt9QYHA90Uw6DuZb2vQVZVZn81h3qKl WeTx6yPo39WYpTqDnhluF/PWc0N4sHMf1mslmsS8NOYJTvjrzdz895u4p+Ot/O28C+jRbzSxj/Fi GTuwL2efd2VmuCWNuqrivcU6wdsKXntxMI1+8Vumz1nGioXvcfSvf8VjT4/CiENtFaNHDGD/X/yW 9z6dh9oCVWWraHTwEXR6uBezZnzIiaedwc/23YsDfn4IJ51yMsPHjuOfzw9nv3334/S/NuGqpo05 /rhjaNToCD78fC7ORLz03FgO+8XBnHbKSTRv0oRfHnoYzW+4jeqaiM2b1vPnY3/PySccz7F//CM/ O+xXjHx2HH86/ve0bNWeKInp16sbp596Cmecegqnn3QiP/6fvTj08KMorczxyfS3+NOxv6PJ5Zdx 2d+u4GeNjmDwM6PJbSnlmssv4pCDfsq+BxzIcaeezT2d+3DXnbdy6JHHsKVgiaJS+vbuQqNGh3DW eRdzyVl/4deHHcndD/YglxQY8nQPDtx3P07+y4Vc3uRKzjrlBA44sBFPjXkVnzXj86TR4Di3kfNP OYGTT76ANRu3sLmynNKNm3l2cB/22+sA7nmgD06UuZ9P59ijf8ufTzyVZle24LBDDqdHvyHk4wKT XxjBr444jHMuvpSLGl/Kkb/8Le9/8AGVFaX88vDDOe8vZ9P4oou5tkVLDjigERdc2Jjy6gIuiZg+ bQq/PeJQTj35RBo3bszPG/2c5s1bUV6Vw9oa2l53BUce+TvOPf9vNG9xBScefTSH/epYZi5eSpzf wL3tb+LII3/FFU2bcsZfz+Gv517Exs1lVJRt4rrmzTjyyN/QvEUTjvnD77no/OZUlFexcNF7HHbo b1i+fF09g65ZLwHBJYa+PXtz4Tnn0rZtW1q2uJpLLjyf8RMmpB/KseXZocO58Mwzufmmdlx59bU0 a9WWtaVbcCJ4qeTR3l0587zGtG3TmpuvvoUOd1/KuInvpY35pMCihTO59JLzuOHGG7nhxtZccMEF TJ8+/XuJoEOx90Hde0Mw6IFAIBAIfD1eldiDWk8igvMJYrLmxPUUDHrgm7H9/isY9J3M9hj0z+bM ZfHyVWkN+jcw6IlzJC5N366/UL7tm0tdQzJFVBAp8HT3B+nRqx8VPkZNxAvPDubk05tQunkzIjFz Pp3JuWddzPzlK3EiTH5+DH847q+UlFZinMVL2o282PFQ8us5809Hck27Dmw0Hok2cNuNLTjhtIv+ f/bOO8qKKnvb88+31qzfmmBCwYTkHEdRVEQkqGDABDqACKgYRjFiwBEFJIMEJUdJKhgRRFERURAU aBpooCPddM43VdWJz/dH3Q4oKDAohnrWOksaL11V955bdd6z9343RTEXraIsWzidc+o058sdB9Ay SrgojfPPPZ9nX5mO8KLkl4W4/vLW3Hb3QEKREqJS8uGyWdT42+kMGjIa4cX47pv11DvvAp6dPIdI eR7N6tShe6+BhMrL8TzB7EmjOaPm+WzemkRR3kHat2zCObXqMHXm6xSUlVJYlM+V/2pJ3wGP4wqB ciNEy4oIl2UzZfI4TjutFrPnLEVqB9ctJicnAycapqywlGuv7Ua/AUNwhIdXmsXdvW+kY5cbOFQW Iewohj35IBc1bEs4bNi9/RPO+uffeOSZMZTFYpQX5tLtikuo1+xi9mXlsHDGKM78vzMYMe51HCEI F2fQpGE9eg0cWpni7gt0jRvJ47oO7ahxVi1at72MVm1a07JFC848rSZdrr+DzLxCjIgyeNBdtL3k MgqKynGi5ax+722atGzHgbQUHn2gL92vu4niSDmuEny16RuKCgspLj1Im7oNOK9ea7JzMjDSY9bU SZz5zzNYsHId0aJ0enS8nCuu6UFWdibCizDs6SGcV6MWX21JxNMRHu53G//395q898lWtBWsf38V Z555Lm+u/ZTsg9tp2bgOjzzyDBEpicYibNu5i6jrsGDWVM6tVZMt3+8kFg1RVJTBuefVZ+7CN4np MoqLylFSHyZUjdFopUlO3Ua3a28kcc8urIkSi5TRs1tn5r71NlLEKCrI4Kr2nfjgw9VILSgJh3js kft4deYCIlJQmr2L3r36sudgHp5yyDyQQduG57No1QZ/Totyhr/4KK+8MomYiOF6DkuXvMHjTwzF kXGn/Z8w1zteKlL0hVQ4nldZ2hIQEBAQEBDwcxhiFozUSCnwrCTqxFDhMrRWlca5FQ7ugUgP+DHx ckkDQmk8IU8oazIQ6KeY4xHoFTUMOxISSUrJqGyd9XMC/d0P17Dyg4+Qyk/prXjt8d5YLFXu5toq jIky8rknGD9luu+crl2i4RJC4RhK+y3ShPaYOOJZRk6ciTTw+Qdv06DxpezOzIkbzlW1WjPG8O0X q6nx178y9MWXWbrmM9a8v4pRzz7I2TUv4KOvdiJUlDfnT+Ls2s35YkcyWjqEC1O5oFZNho6dizAK x4nQs30zet/7KJ6KISysWzqd888+n7e+2YPSltz0BNrUqc3dw6ZwYO9m6p1Tk5Gzl6GFRBrDgcQv +NsZp7N8xecUF6RxZYumXNXjTkIihjWC8pI8OrduwV0Dn8CR8Y0Gt5zP1q7i/AvPY+ToV3GlQesY h9ITufeBB7i55y3c1PlaLrqwFtfd8gAhqTBOEYP63Ezn63tT7DhYZXnp8fup3bAVTrlm4WsjqXFG Dd78/Cs846eJz5n8HDVqXcSG7aksnDGCWmdfxJ7UXJQxaFXIxS2bc8MdjyHjpQO+QFc4kTyu7XAp zVv8i5XvfMTqD1fRpdMVtG13JRlFpThaYr0yrmrfmgvqtaBLt1706HINXTpeSeOmLdi0dSuffbGG Nq3bcWPPngwfMZwtm7fgCUlpKIN2F9Sh/3OvEhOlWONRkp9M64a16fPoOFI3r6Hm3/7B8CmLEFqA iZGS+BWNL7yQKbPeISSjDOlzK+c1a0+u438Ge77/knP+eTYL3l9DJHaQ0aOG0axpO+4acC9TJo1m 94FUPOXy3yce5Mwza3BV5xu4rls3enS9mrp16/LiqLE4h7V0qzaXtcFKxYhxQ5g07Q1cLTG2GONF SU74nu9S05FeKUlbPuKZ5yYS1RqhBVK67N+1jptv7UNBKML7iyYz/OVxRLRBaoGQLlOf7M/iVV+g lCJSkk3XbpczYtRMJk4dz5RXJzJu7Ctc3+MWsgqKUVbH26Ad55fxaN/R+D0i6gn6DRhEOOrE3UMD kR4QEBAQEPBTWG1wDEgjUdpFScv+NavZOmE8Vgq/NNPqqva7p/qEA34zVDctrjDSPpCeycw5Cyrb rB0PgUA/xZyYQN9FUnJaPIX25wX6oqVvMv+N5XHXdV352hMW6Nr6u4gmxvjhzzBm0hSiBoz2MMrx e40bg9UuWjmMHz+aFya8hrCKz99dTPNWHUnOK45vLsTFg5UYN4+nhjzIBRfW59JLr+Lyy9rT/vJL ubz9pTSpfS69BwyjxI2yau54al3YlPXbklDGkJN1gPNqnc0zY+YgjUFGi+jZoQ039RuMawzCwvol 0zj33It4e/t+tPLISdtB6zp16Pf8dFIPbKNuzZq8NHU2Wrkoo0nYtp6/n34Ob767gYLCNNq3bEyX 2/oR8vxNhbKSPDq3bs5dAx/Dlb6B2ZoP3uLss2ry9LPDKXViuFrhxGK8dP8dNGp1Cd/s3ocIl3JT jw5c2/MhIlKg3RIG9OlJp663UOI4aGUZ/vgDXNSwJW65Ztn8iZx92hmsWLseaSRaOkwY/gTnnHcR mxJSmP/aGGqeU5/9GQUoI1G6iItbtaXHHU/hWTBxt3tjNG64kOs6XMqll19PSURidJjPP/qAiy48 lxdHz6RYKKzn0uWqS7juhp6ElcFTAi00UaFwpESpGOlpB1i4cDFDhjxEvYbNWP7OGgpDh7js/Avp /eBzxEQIo11ys/bTuM6F3PvkODJ2fMUFZ53B8yMn4WmF0Q7bN6+n7vnnMWvxGkLKZUjfXtRpezV5 nkJY2LP9c876+1ksem8dSobwnBJ2bE/gtenTufO2W2hx8VXs2p/GqKFDqH9RA1LyC1A2jPEMMS+G NLFKs7QfCXQLRiiee/FBZsxegdAaa8swUqCVh2MMUkXY/fXHPD9iMlIqjJQYIUje8xU33nAHRUVl rJg1keEvjyZmDFIJlHSZ9OxglrzzKdoYQsV5dOt6Jc8NG8WwF5/nhWHP88ILzzN2/KvkFZf5LeVO Yhq61hqlFFFX0Pna7oQisbgBXmAUFxAQEBAQ8FNYZfAMRK0gZmJYx5I7ax67hjyGlZ4fnAoEesAR qC7QdTxrec++ZMZOeBUpq4yCj5VAoJ9iTsQkbnvCLhKTDsSdtH8+xX3R0jeZt3hppet0xWuPW6DH WwdUuJRrE2PlomkMGzkuHkH3WP/xh+zctYtQOIwbC5GdmUKfAQPZuHM3jhG8tWAyHTrdTGHE893N jYpH0l32bvmAmmefw4w33sd1FMYtx1EuERFjzbLXOa92Q1Z+vpGtny3hwgsuYtjIyaQezGbqtKmc 8Y+/8ewrM/CUQbvFDLy9O/WbtWXrnmQKy0N8svR1ap1fh5Xb92FkjJz0RFrWrceg56cSc4vo1vEy 2l5+NTu2f0tGVgZDHh7MeRc1J2F/JvlFGbRv1YzOt95JVPou7mWl+XGB/iiO57J313fUuehCLm/f haTkQxzISiMtJ5NQeTnP9O5Onaat+GzbDr7+9FMa1z+P624eTEw6GBXhmScHc+559di4ZQu5BaW8 +MTD1G3YAqdMkpm6nRYN63PTbX3ZvXcP3333LW2bNubiS68kvaCYea9NpkbNBqRl5KKMi9SlXNy2 HTfe8WQ1ge67zDvlxVzXoT3tLr+BwohEyDJMzOW/z97HmTUuYtUnmzCeYvjzD1Cr1rkseusjDmRm sfP77cycu5SyUDmzZ03gvXffIyNzP3v2fE+r1u14ZOhIckozufyCCznnwias//xzDqYn8/QTQ6hZ sxYffL4FESnhkUH9adysBR9/tpHU5CRuuakHtWvX5rvdmYSU4LG+d3FRmyvJcyXKQuL2DdT4x5ks fGcdJfnZDB/2FFu2fE1OZjorly/hnHMb8e7aL/l01VIuPKcm/xn6AgdS0sjMTOW/L71Ebn4Bwill X9IBPFegdbXyDgtGSj7bsIL77v8PuXkFxJwCwuFy9u5IZPeBVLQUFOYmc8P1t7Bn726isRiRUDkz Z0/i6eeHI6Qmefdm7u47iH0pqYTKS0hL3stlLRoxf9m7xIRAuDEeeXgQm7/dTjQWwYlFKS0tJb+w xHfGt1X95E8GFd9vVyq6XNeDqOsGLu4BAQEBAQHHQEUNujQSaWJYaTk0bwY7H3sUqyTK+G1LA4Ee 8EOqC3S/JbMhKTmN0eMmVXYLOh4CgX6KORGBvjdpP5u+/S6e4n5sAn3+4mW+sUW11x6/QFfVBDpo 45C5dwsPPfY85VJjtCB5XyKD7r2XXr17c0//u7njlpuYvWQFrlZ4WjD6xad4evhYHGUqDeKM0Rjl 8twj99KqdVuKHeH3Q9cuympc7VF4MJmrOlzCbf0GUFqWymMPD6Je3Sa0aXcl/QcOonnDOrw8bgZK GpQX5psv19GocVMaNW/FrLnzWP3mAho1bcGH2/djlUPmwf1c1qYljw9/FSEiHMpM5o5ed9CkcSOa Nm3CFVe058O1nxNTDvkFmXRr356e/QcQFQalFSUludxyVXvu/c+zOJ7DsKcf4fzzz6dhoxa0aNWO lq1bccnll3MgNZXUhG+48ooONG7aihuvu5kePa7kjrsewJEOxgh27/qGS9q2o0mLptz/yDBGPvsE rdq2xykVeG4Ru77bxDWdutCseTOaNG9K/7v68vU33xJVkoWzplG/UWvSUzNRWqB0mE4dO3FX/6f8 HuPW72mujCFcWsRt13ehS7fbKAr7zuLW1SQlfkWzJi24+Y57iEYF4VAar4z8L42atKF5yza0bNWW l0dOpqSkgMULJtP+0itp/a8WNG3WiN533c3+9GyKwpm0v/Ai7hw0hFtv783FbVtRv0F9Xho1mqjQ KCkpOJRGv9630aR5W1o2b0GHK65g6VtvEXIFUSkYNnAAra7qQr7nobQlcfsWGlxYm+Wr11OSd4gn hzxEsxbNaduqNS0aNeTRoS+SXx5GRwp5/523adn2Ylq0uIQ2Fzfn1l7/Ji39EAf2fk3z5q3IysxB K11tLuOXM8h8Ro0cTdcu3enV+xZu7tmTnj1uYc+BJGRM4IgwKxe/RddrO9Hrzl7c2vNm7hzUj4y8 AoRSCBlizCujuezy9nS/vge33HwDL73wNB2u6crqdR+jPcGO77fQ7fpr6dW7F33u6kPPnj15ecQY Io7rtxq0J9PIzf9+e0rR9fobiLpuXLQHKe4BAQEBAQE/hbUaxxqMqmrhm7JkJlufeBSrA4EecHR+ KNC1gaQDqYwZPzlos8afRKCnZRxk5XurUfrYXNwXLlnBvEVLT4JAl35aelygG+OiozncM+hBMgpD GCUwykFISXJKMjsTd1NYlEu5lGgVwZUOQ594nLVfbkYaE28B5vfKNlKQun8v+/ftw9N+/2uLL6Sk 1mgnTMr+vew8kEzIi+FFSjiQtI8D6Qcpc8LsT/iGtJwCrIr3yFYuZSU57N67h9yCAkqK89i1eztZ YQejPMqdEPv2biXjUD5KCqRwkW6YlJRkEhISKC4tQ2mD0FFi0RApCXtJzDhATBq0UQgZIX3HtyQe zEZpj6z03ezcmUBC4nZ2JW5nV2ISO3ftpTwawpGCcHEuSTsTKCtySEr5jpSUNJSW8RZjEaKhEIl7 tpGUmUNuRgrf7d6Pdg3ahNFOCbFwiL1Je0nYl0S03EV4Blc7FOVmsH13Am4kipYKpR32Je3hQEZ2 vBxB+Q75xiClR1pSIvuSDuBID6UlxjUoESUpKYHExN04SiN1McIrJyczl10J28nISsNRCqlclFdC WXExu/YmkLhvN47joLSiNJROuwvr8uiwMZSEwuxO3E5qViZRZZFSE5MW6YWQsWL2ZWSzZ/ceiktK iWoXTypcIcjdk8jWfXsolx5GGSLhUvbs+IbM0jK0F0FLh6y8PLZu30l2xgHCrsBTEiNCuFJRXFLM 3j0J7Nm7m7CQSKPwIsXsTtyL43io6gJdW4yQGF2KFoq9u/fw7vvL+fbbrcRiHsIrRyqLp1yU45GX k8zaj1bz1WfryY9F8ZTFSIXSMYQb4/sd3/LB++9xMG0fZeVFfJ+wi9ziYqz053ZBYTZrPlrD2tVr 2ZuURCTqIqT/2VQYzpwcqgR6527d/U2AaveIgICAgICAgKNgNdIajNIY669FMxbNZfvjQwKBHvCT /Figm0CgV+NPIdCLiksYO/FVPCmP6eZwKDuHrOyc+E//y0K9ynHaF88aazwef+JJZs6Zi/QEWqm4 c7Qv5rXWSCMx2uHgwXSee+YFwjEPa03cSKHKGd5UbDhUuGRWM4+zRlWm1isDVkus1n4k32qsFpVt 5/z+lf7f+TdSE/9yKFS8Hltb7de9x19bcYyKL1GFAV/FdVhlUPFUceMr3/jN2sTfB4nRBuIR64rr Msa/wRstsEqhtcVYURnVNAa/FZrWWOundluj49doq4z04ukxOl6vbLRBG4nRAmMlRvs95f1z9t8X W7khY+IO/BprdNV7XHkM4/8eo/zrtgJjJFZbrPHraKqyNap+v/9eSKxxKQ/l0fii+jz93HCEUr7b acV12HhPUSXinxPxjRmNNrryPbdCoKz22+/Fz9dogbIGq2Wl6Ya2/mel4zdAa1R888mfj1oblDFV dWKV86hqJvvvocYYEf93frmFrrhWLSvfMz/Dw/Pnp9boim4GFe/3YaUaqvI8TfwhXjWPKuaWqZwf YE7qA74ixd1xXV57fQaOGwj0gICAgICAY0Fb37fIGI1nJcoqCrdsJWX12vizPigZCzg2tDHkFxTy 8bpPKnXG8RAI9FPMiQj0mOMw8pWxFJWU+kLsVzjPn+L777cxd95cHMdFq/gEtKrK/Mr6AmX37t18 8MHqw2qBA36/+J+tQmuHSLSMsWPHs3r1WqSUAEF7r1NAxcaHUgohROXPAQEBAQEBAT+NMaCVjW+m a5RWGKnQsiqAExBwLFQGorQ+obkTCPRTzIkIdKU1k6e9xnc7EvzI4a9wnj95PkpWioKqCWioitYb lJJIKQ9LMw74fVMh0K3xMMY3YVOyapcweJCdGiq+hz98OAQEBAQEBAQcHav9sktlwWiL9QxCKj8r LxDoAceBMeZH7u2Bi/vviBMR6Bb44qtNzJwzF6X1zwr06gv1X5Kfm3jBze2PSDytv6L04VTvFv3J qf5A+F92bgMCAgICAv58GITVRC14BpSnUcbEyyMDkR5wbFQPkvzw746VQKCfYk5EoGsDhaVljBk/ gXA09rMC3XVdYrHYLxZJqxJlfm12FdVq1qu/JiAg4Beh4oEgZVVWSxBBDwgICAgI+HmsNhhPo5TF tRA2GqEdpHSD52jAcVEhyA/PLj52AoF+ijnRCLo0hg/XfMzBzEM/K9BXrlzJihUrTniS/Oz5VJxA 3CCNuDkXVlf++bDXBCI9IOAXQymFlJIRI0bgBn3QAwICAgICjgll/VI961mENnjGJf/LjSSufO8X W0MH/DHRWpObm8sHH3xwQt5MgUA/xZyIQPfNKxQZBzOZM3chMceLu0ZXtX2oPhYtXca8N96IO2Yr v5+5rXCZVv/zqHSwthJrRbwdW8XP8gf/v2L878cNRjD+rMOTAhV3hFdxd3+tNUb7C4iYlFzdtTuh mBO4uAcEBAQEBBwDyhiENXhaI6VCakXaovlsfWKobxQXLyv9Lfg/Bfx2qWyztn8/Y8ZNOKFyw0Cg n2JOTKBrtJYoqRg/YQo7E3YjtEbbI3/wC5e+xbzFyytbb4F/czHB3SUg4HfJxk2bWfDGCvKLSxFK I5RCaYU1CoCY0nS6vichN97SMMhaCQgICAgI+Bl8gzhpFVoKPAsHl81mz2NDsEphlKoU6MG+d0B1 qiRVVcvnpAMpjBk/KXBx508k0I3RCCEoKw8z9bWZFJWVYyoX4oePRUveYsGiNyv7Xlttqd4fOhjB CMbva3z08efc/u+BDLjvP7z/0TpcKatEOuAoTefrbybseNXuBQEBAQEBAQFHJ24IpyXWOAgL2Ytn s/exx3yBHn/GWvxncUBABVXTIRDoR+JPIdChyklSG8OHH61l1twFuEKilKwU8Cae8rpoyXLmL1qC 1ip+01GVr7HBCEYwfndjzbovuKPPYO7ocy+9+w1kxJjx7Nl/AKk1yoCjFNdc24NQ1Ik/FAKBHhAQ EBAQ8FNYqxHWYKTE2ijKKNIXzuO7J57yBbrRgUAPOCLVBboxfunh3gMpjA5S3IE/jUCvwlhfpH+9 ZRsvvPgyefkFKO33bayoS1/3xResXv8JnnKxxsUaD20lyiq0kcEIRjB+Z+ODj9fT865B3N73fnr1 u587+w/mtjsHMGbiaxSFokSF5NlhLxJz3HhJjPqF7mABAQEBAQF/DKxRRK3BKIWxEaw25GzcyJ5l y7FaYa2pFGIV2agBAfADgR73BsrIzmH526uCCDp/NoFuNdZqpNZ4ypCcnsni5W8zZuJU3nz3A77e up2de/bz2dffM2H6fKbOXMjU1+cw9fW5TJkxnykzFjD19WAEIxi/t/HM8NHc0ncQt/a7n9v7PsCt dw3m9rseole/B7nn/keYt3gpkagT74WuCEziAgICAgICfhqrJSXG4FmNMjGsaxBKoqWL0fEMVRtv HxwI9IBq/DCCrpRGaIPUJhDo/NkEOgZrdeWOnjb+RMjKyeP91WuYM38RM2bPZcqMebwwcgIvvTKB EaMn8vLoibw8elIwghGM3+n4z1PD6NV/MLf1uZfb+w7m9r4Pcnvfh7j93/dz96AHGTN2AtnZh9Ba ouMpeQEBAQEBAQFHx2pNLO7kLq3ECmYn/1oAACAASURBVI3UBmX86Lkx1SLowYM14Af4c8KA9btX KWNQcV1+vC1vA4F+ivlfU9yPRmWNutZ4UuFKhdQWaUDZYAQjGL/n8dGnG7jt3/dxe5/76NVvML36 3Ufvfvfz2NAX2ZechpLKT2u3Cl0tJS8gICAgICDgyBhr0DYeHTd+K2LXGjxL8BwN+EkqTHwrBLq1 6n9qxxcI9FPMLynQK1BaI6SMp7vqyr7kFSYGwQhGMH5fY/UnG+h51730uvt+evUZwMOPPsmXG78m FI4itUUpP8XKWhP0aw0ICAgICDgGtAVtwGqDlRZhNULF0MKrJsACAn5MZacdY+IlyP/b+isQ6KeY X0qgQ5VI37xlC99s3uynwhuNNQprZPy/JhjBCMbvbHy07nNu73sv/e/7D69On0VBYZG/Aaf8dHah FK9OmYYrZCDOAwICAgICjgFjwEqDNNrPOrWGoi1fk7HqA6yyGG0CF/eAI3KYQMcPpuTmFfDxuvVB DTqBQD8ii5csY9GSZRhLvLWawhqBNYGzc0DA75FP1n/BS6PGsndfMjHX8yPrOt5e0Rhcqeh63Q1E HOe4HwoBAQEBAQF/RqwF6yliRuBqg7SQNX8uOx9/DisNRml/LW0JIuoBP6L6nDAG9u1PYfyEKYFA JxDoR2TBkuXMXbwcVXFTMYbKCDoEIxjB+J2NsrIywuGQHzWP3/h9ka4wxuBIRZfrbiDiuIFADwgI CAgIOAa0BeMppHFRUhO2hoNLprNryJNYYdBK+6+xBAI94EdUnxNKWZL2pTBuXCDQIRDoR2TRG8tZ sHhZfAHv10ZgBVh5yoVGMIIRjOMfFX02oeqGbyEeQddEhOLq628m5HgoKbHm+NxDj4a14N8/pL/R Z/1z8Utnqs7n8HOtoNr/s0ceOj4q6rYOM13hxw83a038+AZtDcoajD15GxK24h4Zv+6Ka67a6IwP /L/7LVFxTlVlTfoIn8kveNyKn+Pv1S+NtaZqPlSfV8aAFRgrMNb4KaxGcaT5dOrwz7HyfbLSn2/V PqwffleqvhM/HL9n4uuTw34W+IZL1f7ud3+dAb9VjAUjNI7xEJ7BM4achVPZO+RxrGcw2gQCPeCI +K334msEA1IZkvanMXrspHiGYyDQf1f8GgL9jSXLWbBoKVr7xlFYFV8ABCnuAQF/JIxWKKWICMlV 195EWczDaPULCHRRJdDt4RsF1c7muH9/ZepgteP91ALI70ersVaj48Pak3Ot/vF15XlUXKcxhy/O rOV3JdB/6fM8okD/Fd6bIx/CxAW6xFgZny/mNyrQq51T/PlcfWPjRwLd6h+P39Q1nQBW/3hdEt+s CAj4NbD4At01EiEsrjakvTGLbY8Pxbq+yNIV5l+BQA+ohjWmUqBrbVDasndfMmPHT0ZKedxR9ECg n2J+DYH+0Zp1fLRmHVL5Lu4VEbDgoRcQ8MfCGoNSirArGDT4Ecqjjt9u7SQt3I8m0O0PWrn5kWV9 uMD44e860rBVkcDDItRHXASZuEuqv2DyhdfJja79KFIZFxAVIre6QP+trdOqn1P19+XXiKBb+2Nh +UtzWLQZqGx1E5+DfoRdxf/utypmq8+zI4jVI732jxRBr1ib/Og6fr35G/DnxgJWapRVaGmJGkj9 bC07Zs3HCl9gVa9BDwiojtXWj6Bri9aWtIwsFixcglIqiKCf6hM4Xn4Nga60QWpdtag8wuI5ICDg j4MyBk9ptOGk1qBbC0oJrPH8jBxtsVZXtnKseAhVpNobLdBa+eU1FULWKLSWGKNQSlRr++iLKR3/ HVKIypr6w0WeHzXHKqz209o9Gz8XbTmZtzWrDNZ4GO3EH7gKraNIJZHaIJTx32N7uCj9LWDixoEn sjD4346rUcqrTOlTSmP0r5Dirv3jKG1QBpT2M8WMUZWp7tY4GBPznZh/Y4tr/7vkl57pCrdoEzvs PP3WiRXfF3NCaZO/NarP04rvu1JVGxP+Ylegtedvxhkqy05+a59hwB8Dq/zvlVWWmAVXSkzMqxRf wbQLOBo/LEvSxqBO8D4dCPRTzK8h0I+Wchg83AICAo4Hoy1GKwqLclm16h2cmOeLVuWRm53FsiVL WLZsOanpB5Fa4zkRNmz4AqE1jlTxlGuJVh5aeXz91Qbmz50VH7OZO3cBc+bMY86c+cyZN5+c/EKk idcNV69BtRJrBR+/+yFrP15HWEtf4CiLOpkCXUhCZVksWTSbebMXM3vWPObMfZ3Fbyxif2oaMamR ldGU31ZGkjUaraS/OWJMZVT5F9+Ytdr/fLXEaB3fIPaF1S96WBXDaunPO22RWqOUxFivsjbQ6Aiu V0pZqYvRv50HoLVglMHaCNbEKC6KoKVB68MFutb+5pgxXuXmh1a/rXl3vGitq4bSlZsTVfXo/iaZ FBGKSksQOp5eHBdLAQEnk4qsLb/rkX/vVIZf/P4VEPBDAoF+ivlVBHo8DTQQ6AEBfxZ+mZRXoy1K CZYtW8SgQffiOgKlJN9v/pJet9xEv3/fRf8BA7mt1795fd5iXCfC6FdGkbB7L8LE70NaoIWDkR7j Ro2gdfOmtG7ejAtqnsNf//pP6jdsSrOWbWnV9lK27dqNF18cVd6v4mmwWrv0uPJqunfvQannYpQv 0L2TKtA9stK/44Jza1D7gsa0aNGO5i2a0bRZExo1acGchctxVdw06DfWtjISLmfalMls+HJjlalR pZnfL4ffIcQjJeUAEydOYvrrMykpC/3iC9z8rH3Meu1VJk+ZyrKVH+Ap7UfvTdTf4FEGrcNs27aR 7t3vwXNP/gOwIhp8Qv9WK6wtIxwt4OK215B7qBxjxGEbU1p7WOOSlJTAq5On8NprMygqKv5dP9Mz MzOZOnUqU6ZM4Y3Fy4hFPLS21UrxFJgYX29aT6u2bTiUX+Bn42h7Ujeb/gjZCD/FH/36ThYVpp9+ 1yONVX62mAwi5wHHzf+2DgsE+inm1xDo0oCnbWUbJvht1kwGBAT8bxjjR6KkNkgTT69SJ68GXRhQ bjlDX3iKTzdsQ0tByaFk2lx+E5u+3ITnRghJTVm4hF27d6CNw3tvzmfgfcMIa4k20Xgaqx9djTgO 5WXllIQKGdqnN2f85f/xyVdbCJWXkBMOo2Q51rhIJdHCIFUUz0g8YdAyj55XdKDLDQ8S9cIY5WCF IaY8YlL5qefad90V2uBpjZBhHCMQriKkFFYIrHFR2uBa/FR5o7FxNamNoTB1C7Vr1WDExEWESkKU l5VQWHCQ/9x9A81bdGDvoUJKjEEJF608rFRYYVHSIqXG6ghCWZQUKC9MVFu0KkeoKJ4WSK0wMorU AiMjGKWxwkMohacVUrrEtMJ6hSgtkdpilMLKKJ6SRLXCqChKKqSyaANSScqz9nHeGX9n6MtzkcpD KoXQrh9ZjqfeVSzYLf4mSMSAESUIY5BKEhICK8sQ2sEzBqvKUMZBaYuWNp6+p7A6ijbKX8Rqi1Il ZOZls+6zD2nfrDnb9qeilcAoiTUhrDZo6aA9iyfj81X70aoKKjK/TPxcrdFY7WcEKKFRohwpPFzj p7WXl5Sy+ZuNfLhiJp26/xvPlRgLyhO4RmCVQBtJ6oFdDHtxKq7QGBPvGqA8rI6htEAZg1bST5m3 +J+PdhBaIYRGei6OjBGTAk8qtDJYJRFak/DtF0x+dRJCRNHaxI1Zj2VT3KCVgxKCsJvHI48+T36J g2v9+aC1RhiFlaUYLcnJzuOTtWtp3+EGNu7Yi6osN6l2rOqf7U8ct6LOveLfmXj9pKcMVnkIq9DC 4laI5uNAW3/9YV0HYRQxoxHaYj0d7yktyC0t4rNvvmLj6ne4tfMt5BaVY7TESI1UHloqlJbs27uX Jx+4l/zyiJ/ir8Jo68bvJzG0duLlNzE8JTDSYF2NlhbHRvzP2MQwRvifs/b8zRsdRijJjKnTScws xhqNUo6/CXCU963SM8NotHLR2kVqATaK1h7aCKyyWOOiDWjlIpXy3w8p0EqgjSEmDSZmMMohplxM TKOMQQlJWEs8pbGuxdMazxpc45c/WGUxRiOt9OeXNCihELYM5WmM9L8nQgg8JbFKsfrtmew7WIAy Gqk0RmuMVFjte4jo6saDx8iPTD3jpZPWuFjtgfX8jUsTOamlR78kFdcgjMTVHtY1hHQM45RilEJV y+gyJlhHB1RRNRf855U2BlfFn23xLKHjIRDop5hfQ6B/t3MXW77fgYqn/EEg0AMC/ohorZFS4gjJ rLkLKI9E45GTkxM1lcYQKsxg8KMPc6goglKKzZ+upXvvRygvKyNUVkheKIIUDsooPBlj//avaFz/ SvZllfoLaaMwNl5rakErg7QO/72nD6f/5S9s3J6INZKwMRivlJKiAtasXcNby99m/WcfURIpwxMW I/O45Yor6XJjX2KOixIOmzd9wsfrv6SorAQpJYkJu1j19kpWvfMuSQdScJUiplwSNn/Llu3fczAl jXffW8X7739ISuYhHFMh0HW8fgyK0nyBPnbaCozUGK3QXpR5U0ZQ4+wGbEncT8QopBNh544drFqx jPdWvUdOfgmeshjl4YgY27ZtZuWKxXyycTPFBbl8tmET6dk5SKXYvXMrX23egvAiKKWJhYr5ZP3n pOUVopRL2PNI2vUtq1atZO2aNeTnFyKVX+stvDDffruJ5W++yXsfriErJ4/8/FzWvrmAc/72V+4c OJzP1n9Kbm4B23d9z86EBEQ8K+GHAj2qLNotIbewiOQD+8ktKaEsP538ogJfoMtShIpRVFJGenIq hUVFCKVRWsbr8wXS9UhPTyQ9K4visnw6tm7LdykHMVphlETrCOWl5aSlHiDvUAGu8IWIiHsmVFC9 NMvfXJY40TBpaWlkHcohVp5H8qEsokL4jrlCYYwge/8WOvXoi/Ck37ZPGhzjoT2H4pJiSouzyS8t 831Z4v4BRrkYFcP1HLJycklPTSVWXu5vdmiNFBFKS0sIlYbwPI+M7IOkZmXiCIVUBiN8Ab/x41Xc M2AgnheOR+99kX4sAt1oh1BpGbmlGWTnFRMRhli8Xt5ojTYKzykj62AGOdm5lBfn06nrHWzYXk2g G33YcapvchztuD8U6OBvbAllsFohrMZIi3ciAt0YpFIY4ZGdn0NSSgrl5WUUFpVSFophlEJojTCG WH4md3S7g5yisrhANyjtoaWkpLiQ0pISygoycAxxgR5CmZhfxmAcysqKSE1NIT8/i5CrMdEwUkUI FRWQUh5DyjD5hVmkZaRQHi5DKhEX6OVIpbi33wA27UpFS4ExLp46uuNyheeENQqtXJxYhINZmaSm 7CYcCZNfVIBwte/VYQxGxYhGIySnpZN9KAvXieFqi6M0xtFo6ZJXVMDBfSlk5+UTKglxsLQEqQ3W s5SWl1JSXkRUeUhXkpOZQ1Z2NjHpoZVBex6OG+ZAxiEyM9NxHQeh/ffeVR5GKmaMH8q23ek4UsQF g6n0YjC2YhPn+FR0dXEOVIoSbQXSSrACbRVaR35zXS6OhrUaZU18E8fFhiz5O78n9aMPsEKi4tcY CPSAH1JdoButUFqTnV/IZxu+rHRwD1zcf0f8GgJ93uKlLFz6JlLrIIIeEPAHxhiDEB5hx6XLdTcQ ibkYffJSr6XWJG1Zxz0PPEhEWbTRLJ87m1dmLeO//32BNi2bcmG9BtzTrw/lURdlJOX56bRtfDHz VqzGxCOgFSZXPxTop/3lL3yxYw9YhWMM+xO/pUXzVtQ67wKaNmzCWWecxq2330F2bhlS5nPz5VfQ 9ca7cZw8pk6dyJln1GTYi5MQXoi3ly2mZo0aNKhXj3p161Cnbn0+/SYRx41yT/futP5Xay5peykN mzThzNNOp227y8krK4+b1cn4wtVQlLqZ2ueezZjpK9BCopUmVFpGr9tuovXF13CooAity1k+fyZn nVmTJg3rUa/eBZxfrx7rN23GE5LhLz3HP08/jfp1LqJOgxZceXE7zj6nDvOXv4/Umnvv6cfFHbtR Fg7jKUnGgQTOOPNsFrz3KbFwMY8++jhnnH4GDRo2pO4F59K0RVt2H8pHiDKef6Q/Z51Tg/qNm3Je 7bq0bN2WD1a/T91zTufMv/6Vf9RoQ+3aF7Du4/X07tObvn3v9hfvFW038Z8FSitcIXhr6QJq165D y+bNaXfxJXTpcCkjRo5BaIOI5DNx0njqN2xMm6aNadK4CW8sXU6Z8LMiImW5PPnoEzRsWIdGzVrw 4EP30aFVW7anZWOU71Xw5orlNGzYkKZNm9GkUWuGPvMc4ZiDJ9Vhi/iqxb+/2Dl4MIOOHTvSsEFD mrRsxfWXt6PbdTdTUFyGMv5iWSuP7P2buaa6QFcGR3uk7EmkQf16XHh+La64+t9EYlV94a12CZcX 0rff3dRr0JDWLVvStmVLdiclI41m/75E2jRrwu09b2bipKk0b9GCOg3qM+TpUYRdRSxSzoI3lvHM I/fSsVMnZs6cyqyZs3j77VUopX9WoBujcaJFdOp4NbVq16TGOfXJyI7iGD/SqZQiUpbPfQ89QoN6 dWnSpBl33X4rV3S8iQ3f7UarCoEuK7seVF5b/D08ypErRXdV5F1hjfKzJIyf6mtVlTnbcWEl0fIS xo0bS8OGDWjWognt27Tims7dWL5mPUr4522MwSnI5PZqAt0qi9QeBTl51Dz7HM6vVZPmdetyML8Y YxRahTDGQQmPFSveoHXr1rRo0ZK6devwwCND8UIhHJFH56v+Rb02VzJu4hiaNG9K/fr1GDjofoQS KBUhef93vD5zJl0u78iTI6YzZ+ZMZs2aTk5+4VGjvqayI4AgHCrhrjvvpGHDJjRr0ZSrr+lMx2uu ITO3zM8uMR47vv2STh070rRZcxo0qE//AQMpijp4WqM9l1XvvU/LVi1p07gRLVq14fqu3Xlh/Hhc qTFRycABfWjRqB5bExJ48L77adKgIY2bNGfD19/guQ57E77hphuvp0GjdjRudhE33HwTh4ojCE+Q kZPFvJmzGdjrWp55aQKvz57N7PmLSE7NqPxMfYFufjBnjuHjrf5n429YKKPxtCGmDUYpP2NHuOjf mInm0dBWI6yf3WFMDCMs6QsX8v0TT2E84bdYCyLoAUfghxF0T0p27zvAmPETK9usHQ+BQD/F/BoC fdGyN5m3eClKm8PS3oIbS0DAH4uK77cjFV2u7UHU9c2kTlatprGKT1fO4Z77H8I1EmUEr08YRZur b+K9Dz/A9aIUl5UzbcJoBj/yHJ5WuOE8unfuzPjpCzHC+CnDPyHQP9uZhLEGT0p69+jMubUbkbgv GSMkWzat47zzzueVMdORupibrriKbt0HsGDOGM67oDaPPz6S0pBDTsZuap15BpMmTKS0pIyiogIe uH8wPXo9QixSSv8u19CoaRO2b0/EkR4vPvMYNc48l4Skgxgr46mZfg1iUepmatc6i3Nrt6JF4yY0 btiIOrXr0bhFSz5e/xVSS/YmrKNx7dpMe30hpSV55OWn0vayi+k36H7yikqoX7sB9z3wBK7nEnYi vDZ2GP88rQbz3lyDMYqB/e6i1ZXdKApHkVaRvm8rp/3zNOZ8+CWHDiRQ54LzGT15BqWhUjJS9tD+ 8k5MXriK4txk2jeuy+CHHybieoRiLol7k4h6LtlJ31PrH39lyAtzKA+V4nke+SX5FBYXVZY/VG9d ZYzgnbeW0vHqa8g+lIvWmlBZHjd1v5YRI8cgteLdpfO4p/8A8kqKsSpKfm4OV3e4iiWrP0aKMKOH PkyfPgOJOiXEhObD91ZR96yafHvgIEYpkvZ8zR239yE5ZT9SCSKhEH3v7s/CN5b6G8jV5mlV1xFF qLyUnj178vY77+J5gohSfLJ8CR2vuY6ikpAffVcGayTZB7YcLtClwTUCLQXlkRD79uzghlsGE/Pi feHjEc7BA/vzytgJhGMxtPJI2P4djZq1oigURmmPUP4hbry+M+Mmz8SJeSTs2krTpp3YsnM/MSfM sjdX8fyjD9CpU2dmzpzO3DnzePfd949JoGM1Rju4TpSSSCldrrmJjOworqUy823000MY/PhwPM/B E4LPP15D3Qbt2LCtukD3yExPY9XKVX6UtCIqetR2bdXmgDYYpTHSYeeObcyeNZeoMn57VungxaK8 vepdHnvsMYYNG8bmzZvjzutHr202OsKXa96hQ5euFOYV4KkY4cI8HhzyGMvWbUDKeOcFbXAKs7j9 2l6HRdCNkViliUXD5BxM5bZrO5OeVxQX6GG0cTiwbzudr7mahMRdSKUoLy/lqaef4u2PvkGqEGXh fFq1vIhRE2cSiTmEw8UMeeJRMrPy0cYlI30Xs+fNoesVnRg6Yibz585l/txZ5BeV/IRA19j4fSIx YTu9evWmsKgER7oUFRUwacpkskujSKNRbjE3XNuJd9591y8zcWOMHPUKT/z3FaKeR/r+7Vx1zbVs +T4Bo6JE3CivT5/J8ImT8aTBCo01ZUx9+Rl69hnI2rVrUJ6L6wpcISkszKTz1Vcw8/UFOJ5AyGIW L32Nex96GSfmkl2Yx7yZcxjYuzvPj5jEjDlzmDV/EakHs5DxTRhjFJ4XZfjwERxISfM37yrKHY5h oWiNxmhJeWkRc+YvoNwVONpgpEZJj6Qduxgx8mWGDBnCrFmzKC0t/flfeoqw1QS6sjEiBg4tnMXu IUOwSqGMCgR6wBE5XKD7WSp7D6TwytgJlSnuQQT9d8SvItCXvsn8xcviNVOBQA8I+OPif79dpel6 /Q1EHZeTaRanrOKtBeMZ+NDjuMZB6RiLZ4zhX1d094WM8XukH0xOoNaFTSmOSEQkj549OvHypBlo R8cFuj6iQD/jL39h/c59fhTDDdG+VVP+dc1NlAqNlYq8Q0k0b9qUB/7zHI4tp2fHq2nQqAXnn3Um /e99hDLXQWnF1o0fcvr//ZV/XXwpnbveSOfOXejatRv3PPgs4ZIsBl3XlW633ElRuYPRUd54fSxn n34e2xLS0VaAjcXbpymKUr+hdq2zuHvws6z54H1eGfkyLRo34pUp0yiJ+Omjb88Zw2n/93faXd6N bl2vpXu3znTp1oWhw54nOWUfZ/69FtPmrfTdxU2M3d++T63zL2TuWx9jdZT7+vaiZYfrKIzE0EZy aP83nP7PfzBt9SY2rXmbs/5xGq079KRL1670uP56unbtztRZC/HcEFPGDueyyy6lb59+TJk8lc1b viMiFCWZ+zn3H3/lqRGL/Jp/o5DGr31V1aLTEE8j1y739r2doSOnIFTcw0CV883Xm/hy4yaibpSH 776T2bPm4RiFUQ5GCuZMeoUnR01GRAro0KwZS977HG3DSG0oLc7lknqN+DblIEp4zJvzAh2uuJ6J U8cxYfJUJk+cxr/79OWZZ4cdMYIOYI1g/95dtGzZMj7HQGhDef5B3njrHSIxF6F0ZQQ55wgC3TMS q/301KyDydx464NEPV3ZVSBckkvzxg35z2NDGT9pElMmjWfiuDHUa9yC7/fuw9OCUH4ud915I3lh FyU0hbl7+FfrG1j/zS6k8RBa89XaVdx9z0A8GfYXY9r4PgTHkOJutcRqD2kN3breSnpOGNeCNpqY 4/DAbT1Z8HlCvDWhprzoEB2v6clX25PQ0k9X1jLCU0P+w+233UFmTp7/OVuNNeLox7UVfeLxPQJ0 jGHPP8k9/QeSFXbjIivEq6NG8tLLY0hJSWHnzp1MmjSJrKysn27jZ8NMGP40cz5ahxYGT7mYWIwt CbvYk3IQLXW8LZ7BLTxEr269DougW+t7AVgjKS/K5o7ru5CRV+gLdB1GiSjr1y7jxh7dGTthAhMm TWLShMn858GB3Nr/JTwvQnFpEZ1bnUNCRp5/LFXGiFHPkJyWhdQCbcpRRnFv3wFsSkzFKIXR8RT3 ozgbVnZtsJK83Cx69ryJAQMHMWb8GObOnMHWb7+iTGk8LRFF+7jskla8MnYSkyZPYeqk8Tz88MM0 btmO/KJCNqxbxpAXRuFqidKlCO2SlpbOlh07kSK+0DelvPrco9x571O4Svh19NIvQdi3ZzNt27Tj xZcnMXHKGF6dOIH//ncozdp0Ji8n36+jVorXxz3Ntt3pKOO3xfTLN6xfiqGi7E3cSr9+A5m3YAmu 9Ovl/XH0sobKlr1aoYXLgjkzuabTNWzYvBWpXH/jpbyEgYMe4utNX5Oens7KlSuZP3/+UX/nqcZq HS918ktmyixkLJnFrkCgB/wMPxLoBpIOpDBm/KTjTm+HQKCfcgKBHhAQcPL4ZQW6tIqP3p5B/8GP 49goSkXYsGYJHbrcRmF5xG+BpGNkJX9PjVoNKIoq3NAhenRrx5hpc9FhhdTyqAK9xl/+wmc7fIEu RRkdL21NnX9dTb4jMUJwKC2Bpg0a8OgTw4naMD06dODS9tdyReuWNGzWns07klE6xO7vPuWMv/+N RcveIqotUhs86eBohYxm0f+6rnS8pR/FYYnxilkxcwznnHYe3+3KRFvPN3syYKykKPVrap97FiMm LsBIDyVizJ4ykTNq1eb9jz7HKM1HK6Zw+j/OYOXHG/E8hREKrTRCOmRlJHD26TUYNW0ujjZI7bLt 83c4++wLmPvmx1hdzuB+t9P8iq4UhmMY47Ln6/c5/R9/Y+qab9m+4UPOOfNMpr2/EWOUHy2WCitd hJK4SiKiYbZv3caQBx/hwgvrs3NvCoUHD3DuP/7KE8MXHJNAN8Zl4F238NzkRXja4hpQugxhNJ4U RJ0SBt91O3NnL8IxCq09pOeybMooho4cjwjlckXT1sx8ZxPKliG1ojDvIJc2aMjWtIMoKZg143G6 de3FlNcmMGXaNKZNnc6U6dP4ctPXR4+ga4+9idtp06YthaEwnjFo5RvtxbwYXtwkzh63QDeVAj1U kkPrZk155oWXmDp9GtOnTua1aa8yZcZssopLcZQgnJfP/Q/1o1RalKMoyd1Bu9Y38Ok3iXhx871N a9+h/z0DcUS40iDu2EzifGFghptasgAAIABJREFUtRsX6LeQnlPmR9CNwnUdHu55I699sgulBFJL ygoyuPKqG9m4bS9a+psBhzKSePyhwSxbtpzho8b6Bm3WT7M+4jGhSqBrg1WCcHEOkye9wsYvNzF6 9jJETBN1Cnmgz79JTjuEMQYpZWX0XCl1WN/yww8QYsywIby27nPfrE24mKiD0BajDEZJhNW4VuMW HKJ316MJdEGo6BB3XN+ZjLwCjI0LdBlj/ZpF9O/XlynTpjFl2lSmT53G9KkTWfnRV3giQqS4nKtb 1iWrpASpJVoXMeKVJ9mXnIHUCqUjKKO4r58v0K3WcdO3o7dxqyi/sEYjRRTHCZGSlswbyxYx6sVh XNGuDV/u2IejHbzc77i269VMfG0Wr057jamTxjF96qvMX7KCSDTEZ2vm89jwcThKInQpQsdQwvXN 4jzfwE2ZEl5/8Snmr/kK1ypf/EqDlR77Er/iyqt6MGrSJCZPm8b0KVOY/uprzFwwl0g4gqc9jJDM GDeUrbvT8ZTEaIlS1XwLZDkrFkwncc8+XhkzmYKSsmMU6Do+JOGyYgbc3YeN69dz5z2DKSkrQRpD 9r69vDpvEcIRlXPmRDsd/BpYpSk3Bs9qrFJIbclcNJfEIY8FAj3gJwkE+k8TCPQj8MWGjXyy/rPD XHshuLEEBPzRqHgICCl59vlhxFz3pLbX0VqzZdMaBtz30P9v786jq6rvvY///6zVde961up6bm8d OkpvWztdra0KiEARQcEqijLjANYK1VptHaodRRS9dcIRRVBwCorWEQc0ZABCck4gARJIQshMhpMz 7L1/0/v5Y+9zcgIBwXpJxO9rre/SBeEM+wzZn/0bvqSCAM+maWmIM/zMs3m5oIBEbzf79jVz/z+W MGfeb8gEPh37dnL6Kafw6LJX0UEX2pjcFHdjw/7PRme4adY0/u3//F/Wl1WirMWoFLfecA3/+R/H sfTJZygq+Yi77v4TJ574bZavLCClOzn3jOFMHD+VDes/5NQfncJpp42guKKMnq5mTv3vHzN67DjW vvE6JaUlLF/xDC++8R4q1ca0c89hzHmX0ZbwsaaHZx+5m//371+hrHw3xnk4l8Jqh7EBrbUlnPif X+aOux8gMAar0jTUxvj+d7/H5VdeR08qoK1xG+NGnsHIs8fy7jvvUlRYzCOPPsmata/Rnehg+Ck/ ZuwvxvPeh+tZ9/46rpx5KV/60pd59Ll/Yk0Xt/32Kk78+kkUvP4W773/DrOn/pIvfenfeGzN27Q1 1fGD75zEz34+inXr3uPj4lIeX/YMtTXb6Wjfy92LF/H62lfZVLqRlStX8R9fOYFX3nyfVHcTPznp OEaNvYAPN2xkb2s7xaUfU7SxiEy0+Zk1Opye6sBan+VPPsTYib+kbm8TSc+nu6uN1/75JhtKSjA6 w8rHHmLelfPY296OF/g0Nu5h0rnjeObFV9AqzS2/+TWTp15OXdMe2lv3sHr5Uo778pdZv6USZXxK S15n1sy5NDXtxvc8/HSG7btqaWrtwBhN+ZYSSoo3h2tv86a4d3Z2MH78eF557XWSXoqM71FdvY0X Xiyg1/PQNsDPJOnubKWyrJAx486ntb2Dju5u0r5CGY2XStDV2U5lbAvnTrqM5rZ97EuEa/5VJsFF kyby9PLlJFNJgsAj0dNN6eYyMkoRqIDGmq1cNnsGe3tT6MCjYWcZPzr5LF5/rxjfaLQOKPnwbaZc eCHJVIJMJkNJ6Sb2trSGO4LDIZaaWLSXoWdfG52dnYw++xyqtu+mvauHVBAQqIA//eZa5s6/gebm vTS3trLmuWf45kk/4p0Nm8PdwIMUrz3/FB8UFpHo6uG66xeQ8BXKWpzujS6K9f8usNaibTid3Bkf o3t46umHeeOfb5Lo7uT8C2fR1t5OoNOseOJx/nTHnyhY8yobSzfS2dWNMhat09Ttquajj0vwVf5G fxZsktcLVjLh4qm0t7STSWfoaevgjXffp3pXA8po0n4vnV1ttOzayfljJlG9ew/7unrwPIU2isDP 0NPdTv2uas4bN5qt1dXs6+4i7aXQOqCyooi5c+dSV7+bQAX4Xob6hgYaW9oxJkl7Ux0//eHJ1NQ3 EqgMyUQzt9x2I1viVXgq3DtBaZ/5l1/Oa2++hed5tLS18N76j1G6b00/RBvDOR39N7y4U7W1nDvu uI36pkZ8r5dUbzd/+MNNrHr1TZQJ0KlmLrnwAjYUlYTT0jMZGvY0sn1XA1p77KgqYey4CZSXl+P7 vSSTvXy8oYSSsvJwZogN6O3ew503LeDRl16nsbub9kRPtIeEormphvHjJvLaG2tJZzJ4vkdLcztb d1RFF70UVmd46N4/s+a1N8j4Pl3traz7uIikl8GpBPW1m1jwm+vo7O7mgf+5j+deeBnfaAJrMGbg 2Rc26hZhtMIEKUqLClm69BF8L8GCa69hQ0kZnraku5u5/ne3sOzxZaxbt46a2l1h9wPLpwot/9uc 1XjOoLRFK0vSGFrfWcfOJ1dgtMZEn6HPY0tDcfQ4a9HG0NDYyIsvF8gUdySgD0hrjVJqyF+5FEL8 a7J9mIMgyG1Kkh21+Cw4bWlr2c38+dfS0Z0hbTM43UVZaSnjx45m6iUXcd75E5k4aTKdPb3oIGDH jk1884RT2FRej3FdUVskHZ74Ghf+0goy3Parq/jqCd+mZEssbCVmNYmOJm773QK+/rVv89UTvsJ3 vj+Mx55YSSqj8E0XF0+YyPRL5pDyFGVF7/Hj73+PcZNn0NLSTH39bkaOHM6JJ57A8ccfx8k//CEP r3gJlexi9oW/ZMrFc9iX8rEmxeplDzHsa98hHqvFOg/n0tEmVQFNu7fww+9+i0X3P0hSG6xOY4Je /v7n2/nWsJN5a30xWvvUbNvI6aedxtdOPJETTvga3//BT1j2zCo8bXjv9Zc49Uc/5LjjjuPkk3/A bbfcxFe/cgIPP/s6xiaoKv+Yn59yKscd/zVOGnYSSxbfzYlf/zbPr32DjFK88cpLjD3jZxx//Ikc f+I3OOVnwynduImmhp3MnX4R3/rmNzjuuOP5+je+za+v+x1d6QAv6GX10w/yzW9+kxO+8R1WvFDA vHlXcMVV80lb0NGmTtmAbmyAUr0sWvw3zhgxghkzZzN50mRGjBzFh4VFGOXhp7q56YbrGfOL8cye M5cxY8dx+1/upCfjYa2hq62RaZdcwimnncmoEadzyQWTGH7GcCZfNItEKoWX6eHuRX9j9FmjmDNz DjOnzeKH//0TVr/wKkYH3HzTQiZPvpSUr7B5m0pprYnH45x++ulMnTaVWXNnc+aIUfz5L4tIeR7K eixf9igTx49l7OhRDBs2jLHnjGfcuRP5uGQTgVI8sfRBJp4zlrNHjWLYf53MmHHnMumiqcSrtqMD j6b6GiadP5FLLrmEuXPnMnnyZE477TR6enpoaWpiyriz+e4PfszcXy2gu6uF3y24mq9/42RmXn4N nb29WO3R29nGpPPOZeas2Uy77FL+67++x8Yt5QfMWDjwc2vY8ME6LjxvIhPGjWPYScMYM3oc4845 jxdf/SfGGtqb9zBl8nn8909+whlnjuAXZ53FmWeNZuZVv6atp5fEvhYWXnU5ZVXbadlTz8P3L+Gj zZXRWuAk27dXUVa2mfLycsrKyijbvIVNZZvYXFFOsieFDXx6euo4d+J5VFTEaNm7hz/e/gcWLX44 2lAtzb72Nt5++23+cOPvmTZ9Do1t+1A6wzNPLWXc+Mkkkul+m8k5myGT7uC6Bdcw4ZzxzJ09h/PO ncD4iZOJ1dShnOGF1Ss4b9wYJo79Bd8bdjKjxp7PuPGTee75l9Ha8P777zJh/C8YN/psvjvsJM4+ +2zOGT+BFc89jzYa38/whz/8ntGjRzNnzlymXTadn/18JC8VrMXoXm68fj7f+PrXuPjSOSQS3fzx 5pv4ySmncsGUy9jd2BReMDQBjz/yEGee/nNmzZrN6DHjWPDbG8l46dzO+JDdUC2cARRO7w4o37KR CRPGc8GFFzJ31gymXnIJZwwfRVNHZ3hBRHsUvPA8Z5z2My6fezmzZl3O8JFjuOmWP6GUj1ZpHn7g fxg96izmzJrFpVMu5pRTz+Cjoo0oo1FBinkzL+XMH/2AU0eOYeyESVw253Jau7pwLgzp7775GiOH n8H06dOYO/cKRp09hnnXLMTXOtx/wKV55+1X+OlPT2HWrNlcNHkCM+ctoLWrG+N3csftt/L3+x5m b9NeyjeVMmvGdPYlMyhrSXW3he+X/WvLFuoaGtGqB5VJ8Pe/3sKGkmLq99RRWvwui+9ZStqosLND 0Ebtjj08snQpM2bN4emVq3JtFT+rDiOfHUvgoj7oxuJbS9KkUNb/VDtxiy+m7LmYjdodfpqBEgno g+xoBPTsG+WQa8WEEJ972TZr2VCulPpUu4cejDMWHfRw0w03sL6wDN8pjEridLiRV2W8gtraGpKp NJlAY33NywVPMG36fNKewVgfo73cCa61EFhLoD321u2gvCJOT28yaqulCbwMfibF7vp6KuJl7Glq wA90uEbaJKnZXk1tbT1eFJwb62rZEttGc3MzWiuSySS1tbXE43HaOjro8TVWedTX1FBVXUM6MFjj 0dXRxNaKraRTPtYpnPNxxqG0wU91sW3rFva0teMbjdFpnLb0dLZSHtvMrr1NaK1xvk8mlaK6upqq qmoSvSm0tQTGYZRPZ0cHFRUxmpsaiW8p4fivnMDDq/6JcuF67s59+yiPxWltbSGVTFJRuZXmjk68 QGGUh9fbyfbqbWyrrqarN4XWBqMU2vdoamqiIhajdvdu0n6AshD4AcZL09yyh/LKLXR0d1JXV8fu hj0kAx22cLJh3+NwBF2jtYdSPpWVlWzYUERFeQXJdCZspaZ8rPJIJRPEt26jsKiYysqt4f1FO8Jb laG3u4PS0lJKNm6iJ5lkZ00t27ZWo3wvakmVomrrNkqKSigtLqWxeW+4LEAHvPt2ATfecAtBNFKV /74OgoDW1laKSzewoXgDu+rqw5E4Z1EmoKVpD5XxcuKxCmKxGBXxOLHKSjq6utHG0NrcSLy8jHg8 xpZYJeUVMcrj2+hJhZvCWZWmvb2NjZs2UVhYSGVlJalUCq01nuexrayE8ngllTtr8P0ku2u2U16x laqdu8gECqt8jPLY19FGUVERRUVF9CQSBPutrR/wc2Utia59VMYqiJVXEKuIEauIE49V0rovnHVi tE9PVwelJSVs2lxGZ3cPO3dsp3bndrTyeOC++7nyiqt5cOmTLHtkCffdvYSJF06lNwh//9fV7SIe D49NZbySyngl8coY8a1b6U30YJXhvXVruf76m1m69DGefPRh7rv3Aa64cj6+7+FnUig/jdU+yk+z 8tlVvLO+CF8rmvY2cOfi+8j44RKK3NN1CqPT+F6KyliMog1FxMor6OruQUXrfDvamqisqKAyFqe8 Is6WeIwtsQqaW1sx1tLV1Uk8VkE8Fr62FRUVVMRiNLe1o41G6QDPy1BTU8OGDUVs2rSJXbvD94YK ktTtriJWUUZ863YymTR1u3ZSHotRua2aZMYLl3won8BPE4/HKCwspKp6O6mMj7Wq3wZ7YUDXuWUB OENvopuGhnrqGuop3vARpSUlNDY3h7OAjAl3A1eKvXsaKfy4kOLiUmp21YfrvI3CWoVWPrtqayja UMjG0lJaW1vxfB+lAqxR7KiqpLK8jHiskliskqrq7QRB1GnCWnTg0dHeQklJCUXFxWzfURO+J234 GHE+QdBLVdVWCgs/pjJeSsLrwlcBrXt3M+PSK7jn/odYuvRhHn1kKQuvvpL4jl34WuGluqmsrDyg 4vE4DXvqMdqnuPADpk65mIeWPsZjjz/OE4/cz9TpV4WzFoIUWiVQKuxIULNrN+ddcFHu2LshFtDD zg/RsiircZ4h41s8I+FcHJnsuVc2nEsf9M+ZoxXQP2m3VSHE51/2BCI7Yya7PvSz+txba7Cmh2WP P8J1v/0zqSCFUgoXTZV20f07wl3CAy9g8eJb+XB9Sdir2Sqs8XJ9ZJ0D5SzKGazxw+Ce9zzCqYTZ kZZw5ErrMNgbG07fN1Ev63CTLY3RLlr72/cLMZxOH629tibcCCrbA9uqcCQ5WnMabv6kc33QrQn/ 3jjQzuBcEI4SGg/nwjXD4RrovL7C0fE2Ub/x7DTZcMdwn4qNhRz/n8fx8LMFYbg10bRZ8v+tza11 Daeiq+hxRTssZ9c2m76Txr6WSeHfWx2uP7bOw9ggOpag++3iHt2vC/+//7En1yPdRiPuNtvrOLpP Gx2nbF9oZwOcVejofnS0O7jLjTrm9QU3DmuD8O+NYv2Hb7A1VhVe8Mhb+9pvaZazuWPlcs/Z9Hv/ ZV/v7PGwNrteVgPR0gprotc0eg8c5P2XO7ZG9bUdcxpnVG6ZRjZoZI9P30lZ2Np0S9lmCl5+mYKC AtasWdOvCgoKKCwsxGiFNdFziOaJ27zXKv/2jbWo6HFbnaKzdS+zZ17OzpoGtHFgE1gdcOPNt1K8 eQs6F9RM3nEkOl4BVivS6QR/uuNWmprq0Sq8YGK0ZuXK5ax7933WvFTAcytXsOblF3jhueXcfvvt VNftQRlDe3sbxZs2h8smcrMFiN5PKlrSonOvvYk+1zbaYMxF73VtDcapcFp23lTi8JjofqOt1oXP yeYd8+zPZz8bOBVukBdNWQ5/LjoXytuhPLuWOv9z5IDy8k2sKXiRgpdfCl+rNWt4eU34OhYUFPDB Bx/kvl/DMK7yvv/Ie479vxuMcdH70vZ9JqLHFj6nqIzJ+zsT7VPQd1t9rfH6P/7sJnDhyL+NvjdU +HqYsD+7tT7GKF596QVeX/tPPB19rnWaeLyCm275I+2JJCoYeP8Cay1KByjfZ8ndi3nv3fdRWqNN gAnSrFi9gr8tupf21j08+dhTFKx9iTVrCnjwoaXce/9D4XvFfnYdRj4rxoFVDqUtngtwGYXOZH/v SEgXhyf7nZDNXRLQJaAPSAK6EF8M2elU2WUt+ctbPpvb1xjdQXtLHctXvko66CYwLhd8+m+EZcl4 Pu+8uYZ0kEaZIBo5V9EuyGFpRxQ2Bj5ZcxCeYNr827fRyK/tv9lZFFgP8Qz6hYeB/r7fz+btcB3e v0G7MBw5G2CtyoW8fsHzIAUWo332te1l9epVVOyoRwXRhlkuezEhb4pw9t/mjsPhv47ZcBoGswCc PmTbJJd/f9Frkf9YDv+O8/rI277bO+hGhc6LgodG6160H045PpLn+qlEx8NEswecVYfs1ZwLfX1/ Eo2uDvxvsmvOjfb5yx23c9bIEQwfPoIzzzwzV8OHD2fEiBEsXLiQQKmB73e/wJsNYyZ70cF47Gvb S3FRCYHKbkwXbgTW0d7CtqoqPG2j45l/oSP72ng4o0gkOnhv3XsEqhutAqwxGJOgo72Nwo8+Ip3q oaS4hOVPL+O1V16ktb0Fzzi0sSjfx1Nhj+h+I+hkg7KJplr3f4/nr+8O35s27+f6PnsHd/Dnlfv7 f2GDzMWL/saI4WcyYviZ0WsXvn7DRwxn5MiRXHHlPLxoJPvQ3zsDO/D9FF5EcdFzyv/820N8x3zS 7fe7GJG9QGI0VvsUF35EZ2cbvh+EF4N0L77KsObVtbQlUvhq4A0ArQ1n8Kigh82bNuL53eFsAG0w vk9vJsm6999Hez6NDXtY9dJqnn7qKUo2bsLTNm9fhqE1gu4IvxP86IKRCzw8kyJtAwnn4rBlc1f+ CPqRvn8koA+yoxHQS0pK2LBhgwR0IY5x2VHzIAi455578D7jTeK0NWjdjfZTpLRC2V78aIQM+gdR nCKwmrSXJhUkUCaDtT7OBhhnciOo2d2CnXEDhMEotLtgv9uORrijE/rsCLdx5MLhAWVtFMLCn8v+ u+zJa7ZtUu5+nMI5lRuNdtEv28CBlw11JhxBVdlR1QPuz+bWsGZHuqxRWBOgTYDSGqscTpuw/zpg o9G1cI1+NOKYvQiwX9jPjibny96vyV5IyB7b6HiZaN35/nIhIDciZ/cLh/uHdZv7b353kDBkRaN9 2kSj5IfYzdxlcgHd2RTat+jAjy76HEr/8DXQ7efeLwc8/mi0n/0D+sHvLXcRJrupnrPg/GjWQN/z z7+vMED7BF4S38uQ8bzcspMgCPB9H9/38TzvgGOde5zZ28rebjSSHu5yTjSrJMCaaIdsG7Ytw6Zx KkXgZaL2hwcL6AYXzUZRSmOUxphw9NwZH6szGJVBBz5+oFDGoLWHNgGBJdxBXisCo8INtNwAAR3A 9U0Xz816yb43o4tfzhkG+uzuf2yzx6ZvVsB+z8se5DXPe2z5F40cA9++CnpRKonnpcPXTGn8aNNA XykyQfiecQ6ctgf5fAx0+9FnJO8CRd/zCb/L8o8P9IXs/Mef20V9gMef3ePDWnLfednPiLEWpxVO +xitwu+iIOxyYI2PMSkCo/D1wS/uZqfWa5XBaA+tfbRR6MBitSYwPoH2sIHFmPB3gdFhF4rADOGA Hn13auPQxhHYFF2F69n5ylpZJiqOiDGG5uZm3nrrrVynCwnonyNHI6Avf3YVTzy9IpomN9AvLiHE sSA7xdfXmjG/OJdkOsO/OorU7/YhDLXZqeW2b7TnQBbrLMaEJ2guezLtzIGh8hPvef/bzw9EfdO0 3YA/2//f9f85u9/Jbf8R9PwR9/4hNPqzfuHh8I5xXzCIbj//wsPB/g1H/n094Ek7HHDsP+k2jlT/ AHEY9+VM3/PPBrRDjbh/ZgZ+Dx30YR7i333y/RwY4POZIz7pt/3ee3a/5QoOogAYTZP+pJvLrbMO R+Chb7p49nb6lg+Qm4Kdve/8pS2HeswDXywZ+O+HgtweDQO8PrlZANmf/cxOqA5+HD/tMdv/uyD8 Hu9bbpK/nCh87bM71R/6M5zdSyT7OPIvxIW/G/JH/PsvxRns88+DznTSmqS14RR8pVHGUP/U42xe eD1W63BUnexzHPznIYai8PNgrKVqx07uXHxPv1H0wyUBfZBJH3QhxGcn/Hz/b/VBF0IIIT7vDh7Q DSlrMVbhTEDaQd0zS6lYuFD6oItD6j9DS/qg708C+gAkoAvxRSEBXQghhPgkAy+FMvjOYlWAtRl6 HTQ+vZStEtDFJ5CAfmgS0Afw1MpVPLViVbibbrSeSAK6EMeeflPcx02gN52RNXNCCCFEnux0fKOz y7DC3fG1NQTOYoMAbBqrHY1PPEblwuuxQbiRpAR0MZD8gG6MxlhLZfUO7rrnvtwa9CMhAX2QHY2A /nFxKeuLSqO2FhLQhThWZQN62lfMvnwevekMxsjGNkIIIUSWtWELyEBpNpdVkEp7aGMxNuzUYbTC GA/nOWpfW0v5kntwKtpITwK6GED/EfRww86a+gaWPv5kruXakZCAPsiORkAPjCOIvoxkBF2IY1e2 H7Ayln09SbS1GNl5VgghhMixFpSx+Mrw17/dxa1/vIPyWCWZjBf9DlUENsD4joSXwHS1YLVG2XBk VAK62F9+QLfGoI0howwpz+vXbu1wSUAfZEcjoDtn+7U+OZz+mUKIz59wd9lsz+EAZ4Pov7qvJY+U lJSUlNQXusJN4JRS/P2uJUyZfgVTZl7N72/6C+17OrDaERgFLoNvA9LO5rp3CHEwYVvYbLcajXVR B5tPQQL6IDsqAZ39+mdKQBfiGBVOrcq2STJSUlJSUlJSB5R14GnLXxbdx5TpV3LR9HlcMPMqfjln Pnc/+Dh7W/ehlcJkNE7LCbP4ZM7mt5M12AHayh4uCeiD7GgE9OyXUb+Abg+zR60Q4nPDWYMz4Ro5 X2vSQUA6CMhISUlJSUlJkQkCUkFAjxfQnQn4813/4OIZ85gyYx4XzpjPlGnzuPiyq7hy3g0UV+8k kfFwysqglvgEti+gY6PBUfupl0FIQB9kRyOgf/Dhet7/8CN0bv2DJTvlVQhx7HBWY1WA0pa/3nkv 1/72ZhZcfzPXXncjC66XkpKSkpKSuva3v+fXN9zMtb+7lelXXMuUGVdx0bSruGj61Vw25UqmXnol 06Zfw7jZV3DbLTfSUR7HqfAcOjsjVQK76K9vBiOE75HuRC/xyq1HvP4cJKAPuqPSB335Sp54cjlK R7sIOgNOhetUhRDHDGc1RitSgWbU+El09GbwAkWgFIHSUlJSUlJSX/jyAoWvDUlP5U1xv4pJs3/F xTPnMWnmbH519Y089XwBpUsWU3L9zTjf5JaOWVkqKg4QDn5mA7q1UFW9gzsX3Y3+FJv1SkAfZEcj oK9YuYplT6/EWMI3SLSBFE595vclhBg81mqU1qS1ZuQ559OZTKO1j7WK8JeGlJSUlJTUF7ucNVgT Xrz+26Jwk7iLps/nohnXMH/61Sx+4B80N+8jaS1Ny/5B9cLrcRmNNRbjkIAuBmCjgc9wOYSxULV9 J4sW3SMBHQnoA1r+zHM8tfxZCehCHONs1PO8N9Ccde4FdKe9qJ+rfNaFEEIIAGs1Roe7uP/1ziVM mX4lU6bP55Y/30ttbDsZlSEILAlnaVj+ANULbsD5FqONBHRxEOHeXs6BNQ5jHNXba1h01725NmtH QgL6IDs6Af3ZvhF0k23BJFPchTjWOGuw1pBS4RT3MKBr2RBSCCGEiFhrMFrhBwF3Ll7C1QtuYO3b H9CZ9rC+Rlkf7VuUhT3LHqbiN7/DBVFAlynuYkC2X5csrR3bd9Ry5533SB90JKAP6IWXCnjxpYK+ TeJyfZJlkzghjiXGGJRSJDIev5w6g0Q6gzVGAroQQggRcTZsReoHAZu3bKGprRXfKHxrsNqirEIr i7aWuoLnKblzCU6FAV02iRMHkw3n1oI2jp21u3nwoUfCzQVlivvny9EI6MlUit5UOjfFPWyxJift QhyLspvYtHZ0YuQzLoQQQvSTDUvW2ly/auNU2LdaO7SzKGtJOo1KtKPaO3DGhT8/yI9dDF35syqs hYwf0JPo/VS3JQF9kB04iX9+AAAEcUlEQVSNgB724qN/H3SZmiOEEEIIIb7Q8jePi9YQOwicJe0U gVM4mXEqDkN+tto/ex0pCeiD7KgEdGexzkpAF+ILo38/TiGEEEIcyDlwxuVGyHU0Rdlag1M+Vrnw z+ScWXyCfgHd2XBGhvt052ES0AfZ0Qjo2oGyhBtbRNN6HJ/+qo4QYmjKbhKnTFjhZ76vL6cQQggh Bua0RhtL2hkyJsBlLO1GoU0Ga3UY2skL9XIiLQ4QzsTQxhAYm1tefKSt1iSgD7KjEdB3NTRS29AY nayH03QkoAtx7LHWYIwmMJoPCovIBL4EdCGEEOIwOKtR1hJYTWB8XMrRU1dHd7w8ugCeNxtVArrI 0/dWCGcwGmvp6OmlekeNtFlDAvqAlj+7mqdXrkYbG7ZZQwK6EMeiMKAbPKUZN/F8Esl0eMXfyvo5 IYQQ4lCcMwTOYrXC6jQubalbvoKNv78FpzXG6NzmqxLQRb78gG6NQRvDtu07uWvJ/xxxizWQgD7o jkZAf3rlap585tkwlMsUdyGOWdnPt6cNY86ZSCrjyQmEEEIIcRictQSOMKA7n7SFxqceoeK6hTit sUbnzp/ld6vI138EPeymU7WjhjsXL5E2a0hAH9DTK1fz5HIJ6EIc67InDJ42jD3nPFIZX04ihBBC iMPgjCNjwdoAawMSDhqeeYTYb6KArnXf7tzyu1XkOTCgIwE9jwT0AUhAF+KLoX9AP18CuhBCCHGY nHb0WtA2wCmFZxx7lj9KfKCAPtgPVgwpEtAPTQL6ACriWymPVR7wZSJfLkIcm7SxrHh2FYHSg/1Q hBBCiM8FZxy+BeM0zhiMcfRUlNH29ls4E/VJRwa5xCcJ3yftnZ0UFhVLQEcCuhBCCCGEEEKIzykJ 6INMAroQQgghhBBCCJCAPugkoAshhBBCCCGEAAnog04CuhBCCCGEEEIIkIA+6PYP6I3X3EK6YpuU lJSUlJSUlJSUlJTUF6y2DfuZBPTBtH9Al5KSkpKSkpKSkpKSkpKKf1UC+lEnAV1KSkpKSkpKSkpK SkpqoJKAfpRJQJeSkpKSkpKSkpKSkpIaqCSgH2US0KWkpKSkpKSkpKSkpKQGKgnoR1lm6w7SWyql pKSkpKSkpKSkpKSkpPqVamkf7Mj6L/ncBXQhhBBCCCGEEOJYJAFdCCGEEEIIIYQYAiSgCyGEEEII IYQQQ4AEdCGEEEIIIYQQYgiQgC6EEEIIIYQQQgwBEtCFEEIIIYQQQoghQAK6EEIIIYQQQggxBEhA F0IIIYQQQgghhgAJ6EIIIYQQQgghxBAgAV0IIYQQQgghhBgCJKALIYQQQgghhBBDgAR0IYQQQggh hBBiCJCALoQQQgghhBBCDAES0IUQQgghhBBCiCFAAroQQgghhBBCCDEESEAXQgghhBBCCCGGAAno QgghhBBCCCHEECABXQghhBBCCCGEGAIkoAshhBBCCCGEEEOABHQhhBBCCCGEEGIIkIAuhBBCCCGE EEIMARLQhRBCCCGEEEKIIeD/A+emdm2x82CRAAAAAElFTkSuQmCC --000000000000d7587e05b6050c86-- From nobody Wed Dec 9 02:40:24 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 713C73A1CA7 for ; Wed, 9 Dec 2020 02:40:22 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.088 X-Spam-Level: X-Spam-Status: No, score=-2.088 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=hackmanit.de Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1DvE7ooPTNxk for ; Wed, 9 Dec 2020 02:40:19 -0800 (PST) Received: from mail-wm1-x329.google.com (mail-wm1-x329.google.com [IPv6:2a00:1450:4864:20::329]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 71E783A1CA5 for ; Wed, 9 Dec 2020 02:40:18 -0800 (PST) Received: by mail-wm1-x329.google.com with SMTP id k10so1006846wmi.3 for ; Wed, 09 Dec 2020 02:40:18 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hackmanit.de; s=google; h=to:cc:references:from:subject:message-id:date:user-agent :mime-version:in-reply-to; bh=uuTJpiZS8FpsiCaslCPl2CgNUN4NTGPYU56kZvWIZeI=; b=gtpWltpSf/ZQpoEYmVjDlcpJs6GByMedTm0B6HunSTg14GioyE1+VApYeWQqRS+1i6 3Ok8SyeTl+Lg9vnCSzlaM5ctdygufoOvZ0rXcOBNGDUXN1eseYtTFIC6UDkJ7cpvslm/ iYzO8Ns9T1UuM2CpTsBQdrQBn33ibNPOxIn0kpHXoOuUdjJLQZOBUkLSh6XDgDdJtGe6 BKXLQ2f7tJwXRKCwTSOxfa5ecsFZv+6XER0QrUY4rPn3S5hpWCzG51Tf5MdY0uJb0Hc6 kvnips+HF33AVc+PHcKYUNMbU/XjPceKS1RA13ckPicJUil4ShFsl1l3iXOvH/qoTwfi sOLg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:to:cc:references:from:subject:message-id:date :user-agent:mime-version:in-reply-to; bh=uuTJpiZS8FpsiCaslCPl2CgNUN4NTGPYU56kZvWIZeI=; b=pqVwb4pO0HLBXUBOfUeJReF0mBKl7nuOuz7mEyAJDNdKAg0sB9JPFhuIfhRq0xuN59 IO1JR46pN9oQ/E9DpCata0kt7wX3We5+fuOVeHL4aMyT/uDdjIS40nn6/3Rdv7kfdUQN kBrdrbdndnbCC29s/QrTBWKWSWm2LnA26/QXXlYaVRolcXSlpy7hl1kGNj5kRPq5xDY5 88UwK2ffyTSSmxDIb/HjjMMy9D9M9TsQgQ49F9rgrFWKW80w6JjWHJ3z+qSckLm2O4Rc 1QFhMqJOCvR7VfQ+cmUC3Qsu13HyKGqYJC+A5aQyewplL5UnDbNMzF2lBJsNaj9JGeDN 3poA== X-Gm-Message-State: AOAM532eOzScrr0Mb4FiFUhNPXucJVQZFhtXKKYKRSIZRRYi0dgTeuCs IQRdKWci8zsnRy98kqabTLzdmxaRLUkbvQ== X-Google-Smtp-Source: ABdhPJxfmGXqNa0YoZzVNUcBpMv/N7uOW735vrkW9ucmIQM4nM/wD5KkrZf2wdrUGGu4I993evPs3A== X-Received: by 2002:a7b:c40b:: with SMTP id k11mr2095411wmi.36.1607510416091; Wed, 09 Dec 2020 02:40:16 -0800 (PST) Received: from [192.168.178.22] (b2b-37-24-87-133.unitymedia.biz. [37.24.87.133]) by smtp.gmail.com with ESMTPSA id i9sm2917564wrs.70.2020.12.09.02.40.14 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 09 Dec 2020 02:40:14 -0800 (PST) To: Warren Parad Cc: oauth References: <09d3639d-7d7e-9582-d728-cc223d21bcb6@hackmanit.de> From: Karsten Meyer zu Selhausen Message-ID: <7dacfb6c-4fca-5dda-8b4f-db5c8dadade1@hackmanit.de> Date: Wed, 9 Dec 2020 11:40:13 +0100 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.5.1 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="3D2K66SGM5183wG5pE72XF5wbTYVMBoa2" Archived-At: Subject: Re: [OAUTH-WG] Call for Adoption - AS Issuer Identifier in Authorization Response X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Dec 2020 10:40:23 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --3D2K66SGM5183wG5pE72XF5wbTYVMBoa2 Content-Type: multipart/mixed; boundary="EDZz1QUwuc1wJw9XJJddMNtp0wMcPIA4Q"; protected-headers="v1" From: Karsten Meyer zu Selhausen To: Warren Parad Cc: oauth Message-ID: <7dacfb6c-4fca-5dda-8b4f-db5c8dadade1@hackmanit.de> Subject: Re: [OAUTH-WG] Call for Adoption - AS Issuer Identifier in Authorization Response References: <09d3639d-7d7e-9582-d728-cc223d21bcb6@hackmanit.de> In-Reply-To: --EDZz1QUwuc1wJw9XJJddMNtp0wMcPIA4Q Content-Type: multipart/alternative; boundary="------------AF5C7FFA43EFFBE0F36E4483" Content-Language: en-US This is a multi-part message in MIME format. --------------AF5C7FFA43EFFBE0F36E4483 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: quoted-printable The attacker being able to manipulate the first request is an additional = precondition for the mix-up attack variant we used as an example. The=20 precondition is based on the attacker A2 defined in section 3=20 =20 of the security BCP. There are other mix-up variants which work without this precondition.=20 One variant is described in the security BCP=20 ,=20 for example: > *Mix-Up Without Interception*: A variant of the above attack works > even if the first request/response pair cannot be intercepted, f= or > example, because TLS is used to protect these messages: Here, it= > is assumed that the user wants to start the grant using A-AS (an= d > not H-AS, see Attacker A1). After the client redirected the use= r > to the authorization endpoint at A-AS, the attacker immediately > redirects the user to H-AS (changing the client ID to "7ZGZldHQ"= ). > Note that a vigilant user might at this point detect that she > intended to use A-AS instead of H-AS. On 09.12.2020 10:47, Warren Parad wrote: > Okay, it wasn't clear that the user agent was required to be=20 > compromised for this to be a problem. Here's where it breaks down for=20 > me, if the attacker can manipulate the first request, why would they=20 > not be able to manipulate the AS where the Auth Response code is=20 > sent?=C2=A0 Unless we can guarantee there is an attack surface that wou= ld=20 > only affect the authorization request AS selection and not the auth=20 > response, the solution the draft lacks purpose for me. > > =09 > > Warren Parad > > Founder, CTO > > Secure your user data and complete your authorization architecture.=20 > Implement Authress . > > > On Wed, Dec 9, 2020 at 8:55 AM Karsten Meyer zu Selhausen=20 > > wrote: > > Hi Warren, > > I think there is some misunderstanding on how mix-up attacks work. > I will try to clear things up. > > Have a look at the following mix-up attack example (slide 4 > > from the interim meeting): > > I marked the important parts: > > * In step 1 the client stores the attacker's AS (A-AS) as the > selected AS. > * Step 5: The authorization response is issued by the honest *(=3D= > not compromised)* AS, not by the attacker's AS. The H-AS will > use its own correct issuer identifier as the value for the AS > parameter. > o In a mix-up attack the attacker cannot directly influence > the value of the iss parameter in the authorization > response as it is issued by the H-AS. > * Step 6: The client sends the token request to the token > endpoint of the A-AS, because it stored the A-AS as the > selected AS in step 1. This leaks the authorization code to > the attacker who can use it in a code injection attack, for > example. > > With an iss parameter present in step 5 the client would be able > to recognize that the code was issued by the H-AS, not by the > A-AS. The client would be able to abort the authorization grant > instead of leaking the code to the A-AS. > > I hope this addresses your concerns. > > Best regards, > Karsten > > On 08.12.2020 20:15, Warren Parad wrote: >> As an implementer=C2=A0on both sides of the issue I'm struggling t= o >> understand how this problem would occur. I'm finding issues with >> the proposed problems: >> >> 1. Honest AS is compromised, assuming this does happen details >> on why adding iss to the AS response would prevent attacks is >> necessary for me. In other words, how would an AS be >> compromised in a way that would be identifiable through the >> issuer value? (my ignorant assumption is that a compromised >> AS is compromised enough that an attacker would be able to >> send the correct ISS) >> 2. Attacker AS is registered. I fully support the idea that this >> can and will happen, however from attempting to >> test-implement this proposal, I can't see how the >> authorization would be sent to the wrong token endpoint. >> Since there is no information in the AS auth code response, >> the client must already have the knowledge of where they are >> going to send the token, no mix-up can be executed. I would >> argue, if anything, adding the ISS parameter would open a new >> attack surface by providing clients an opportunity to >> blatantly=C2=A0trust the ISS parameter as the honest AS and th= us >> actually sending the code there instead of sending it to one >> specified in the metadata document. >> >> My confusion is the following: >> >> * Are multi AS services utilizing authorization codes in a way >> where there could be a mix up attack for #2. >> * Is there a #3 that I'm missing which even in light of #1 & #2 >> I brought up that would still make this change valuable? >> >> =09 >> >> Warren Parad >> >> Founder, CTO >> >> Secure your user data and complete your authorization >> architecture. Implement Authress . >> >> >> On Tue, Dec 8, 2020 at 8:01 PM Dick Hardt > > wrote: >> >> +1 >> =E1=90=A7 >> >> On Tue, Dec 8, 2020 at 4:51 AM Rifaat Shekh-Yusef >> > wro= te: >> >> All, >> >> This is a call for adoption for the following AS Issuer >> Identifier in Authorization Response as a WG document: >> https://datatracker.ietf.org/doc/draft-meyerzuselhausen-oa= uth-iss-auth-resp/ >> >> >> Please, provide your feedback on the mailing list by Dec >> 22nd. >> >> Regards, >> =C2=A0Rifaat & Hannes >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth >> >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth >> >> > --=20 > Karsten Meyer zu Selhausen > IT Security Consultant > Phone: +49 (0)234 / 54456499 > Web: https://hackmanit.de | IT Security Co= nsulting, Penetration Testing, Security Training > > Nehmen Sie an unserer n=C3=A4chsten Live Online-Schulung zur Sicher= heit von OAuth und OpenID Connect am 27.01 + 28.01.2021 teil: > https://www.hackmanit.de/de/schulungen/127-live-online-schulung-sin= gle-sign-on-sicherheit-oauth-openid-connect-am-27-01-28-01-2021 > > Hackmanit GmbH > Universit=C3=A4tsstra=C3=9Fe 60 (Exzenterhaus) > 44789 Bochum > > Registergericht: Amtsgericht Bochum, HRB 14896 > Gesch=C3=A4ftsf=C3=BChrer: Prof. Dr. J=C3=B6rg Schwenk, Prof. Dr. J= uraj Somorovsky, Dr. Christian Mainka, Dr. Marcus Niemietz > --=20 Karsten Meyer zu Selhausen IT Security Consultant Phone: +49 (0)234 / 54456499 Web: https://hackmanit.de | IT Security Consulting, Penetration Testing, = Security Training Nehmen Sie an unserer n=C3=A4chsten Live Online-Schulung zur Sicherheit v= on OAuth und OpenID Connect am 27.01 + 28.01.2021 teil: https://www.hackmanit.de/de/schulungen/127-live-online-schulung-single-si= gn-on-sicherheit-oauth-openid-connect-am-27-01-28-01-2021 Hackmanit GmbH Universit=C3=A4tsstra=C3=9Fe 60 (Exzenterhaus) 44789 Bochum Registergericht: Amtsgericht Bochum, HRB 14896 Gesch=C3=A4ftsf=C3=BChrer: Prof. Dr. J=C3=B6rg Schwenk, Prof. Dr. Juraj S= omorovsky, Dr. Christian Mainka, Dr. Marcus Niemietz --------------AF5C7FFA43EFFBE0F36E4483 Content-Type: multipart/related; boundary="------------E11A4A0264BCE7E419539828" --------------E11A4A0264BCE7E419539828 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable

    The attacker being ab= le to manipulate the first request is an additional precondition for the mix-up attack variant we used as an example. The precondition is based on the attacker A2 defined in section 3 of the security BCP.

    There are other mix-u= p variants which work without this precondition. One variant is described in the security BCP, for example:

    *Mix-Up Without Interception*: A variant o=
f the above attack works
      even if the first request/response pair cannot be intercepted, for
      example, because TLS is used to protect these messages: Here, it
      is assumed that the user wants to start the grant using A-AS (and
      not H-AS, see Attacker A1).  After the client redirected the user
      to the authorization endpoint at A-AS, the attacker immediately
      redirects the user to H-AS (changing the client ID to "7ZGZldHQ").
      Note that a vigilant user might at this point detect that she
      intended to use A-AS instead of H-AS.


    On 09.12.2020 10:47, Warren Parad wrote:
    Okay, it wasn't clear that the user agent was required to be compromised for this to be a problem. Here's where it breaks down for me, if the attacker can manipulate the first request, why would they not be able to manipulate the AS where the Auth Response code is sent?=C2=A0 Unless we can guarant= ee there is an attack surface that would only affect the authorization request AS selection and not the auth response, the solution the draft lacks purpose for me.

    Warren Parad

    Founder, CTO
    Secure your user data= and complete your authorization architecture. Implement=C2=A0Authress.


    On Wed, Dec 9, 2020 at 8:55= AM Karsten Meyer zu Selhausen <karsten.meyerzuselhausen@hackmanit.d= e> wrote:
    =

    Hi Warren,

    I think there= is some misunderstanding on how mix-up attacks work. I will try to clear things up.

    Have a look = at the following mix-up attack example (slide 4 from the interim meeting):

    3D""

    I marked the important parts:

    • In step 1 = the client stores the attacker's AS (A-AS) as the selected AS.
    • Step 5: Th= e authorization response is issued by the honest (=3D= not compromised) AS, not by the attacker's AS. The H-AS will use its own correct issuer identifier as the value for the AS parameter.
      • =
      • In a mix= -up attack the attacker cannot directly influence the value of the iss parameter in the authorization response as it is issued by the H-AS.=
    • Step 6: Th= e client sends the token request to the token endpoint of the A-AS, because it stored the A-AS as the selected AS in step 1. This leaks the authorization code to the attacker who can use it in a code injection attack, for example.

    With an iss parameter present in step 5 the client would be able to recognize that the code was issued by the H-AS, not by the A-AS. The client would be able to abort the authorization grant instead of leaking the code to the A-AS.

    I hope this address= es your concerns.

    Best regards,
    Karsten

    On 08.12.2020 20:15, Warren Parad wrote:
    As an implementer=C2=A0on both sides of th= e issue I'm struggling to understand how this problem would occur. I'm finding issues with the proposed problems:
    1. Honest AS is compromised, assuming this does happen details on why adding iss to the AS response would prevent attacks is necessary for me. In other words, how would an AS be compromised in a way that would be identifiable through the issuer value? (my ignorant assumption is that a compromised AS is compromised enough that an attacker would be able to send the correct ISS)
    2. Attacker AS is registered. I fully support the idea that this can and will happen, however from attempting to test-implement this proposal, I can't see how the authorization would be sent to the wrong token endpoint. Since there is no information in the AS auth code response, the client must already have the knowledge of where they are going to send the token, no mix-up can be executed. I would argue, if anything, adding the ISS parameter would open a new attack surface by providing clients an opportunity to blatantly=C2=A0trust the ISS parameter as the hones= t AS and thus actually sending the code there instead of sending it to one specified in the metadata document.
    My confusion is the following:
    • Are multi AS services utilizing authorization codes in a way where there could be a mix up attack for #2.
    • Is there a #3 that I'm missing which even in light of #1 & #2 I brought up that would still make this change valuable?

    On Tue, Dec 8, 2020= at 8:01 PM Dick Hardt <dick.hardt@gmail.com>= wrote:
    +1
    3D""=E1=90=A7
    =
    On Tue, Dec 8, 2020 at 4:51 AM Rifaat Shekh-Yusef <rifaat= =2Es.ietf@gmail.com> wrote:
    _______________________________________________
    = OAuth mailing list
    OAuth@ietf.org
    https://www.ietf.org/mai= lman/listinfo/oauth
    _______________________________________________
    OAuth mailing list
    OAuth@ietf.org
    https://www.ietf.org/mailman= /listinfo/oauth
    --=20
Karsten Meyer zu Selhausen
IT Security Consultant
Phone:	+49 (0)234 / 54456499
Web:	https://hackmanit.de | IT Security Consulting, Penetration Tes=
ting, Security Training

Nehmen Sie an unserer n=C3=A4chsten Live Online-Schulung zur Sicherheit v=
on OAuth und OpenID Connect am 27.01 + 28.01.2021 teil:
https://www.hackmanit.de/de/schul=
ungen/127-live-online-schulung-single-sign-on-sicherheit-oauth-openid-con=
nect-am-27-01-28-01-2021

Hackmanit GmbH
Universit=C3=A4tsstra=C3=9Fe 60 (Exzenterhaus)
44789 Bochum

Registergericht: Amtsgericht Bochum, HRB 14896
Gesch=C3=A4ftsf=C3=BChrer: Prof. Dr. J=C3=B6rg Schwenk, Prof. Dr. Juraj S=
omorovsky, Dr. Christian Mainka, Dr. Marcus Niemietz
    --=20
Karsten Meyer zu Selhausen
IT Security Consultant
Phone:	+49 (0)234 / 54456499
Web:	htt=
ps://hackmanit.de | IT Security Consulting, Penetration Testing, Secu=
rity Training

Nehmen Sie an unserer n=C3=A4chsten Live Online-Schulung zur Sicherheit v=
on OAuth und OpenID Connect am 27.01 + 28.01.2021 teil:
https://www.hackmanit.de/de/schulungen/127-l=
ive-online-schulung-single-sign-on-sicherheit-oauth-openid-connect-am-27-=
01-28-01-2021

Hackmanit GmbH
Universit=C3=A4tsstra=C3=9Fe 60 (Exzenterhaus)
44789 Bochum

Registergericht: Amtsgericht Bochum, HRB 14896
Gesch=C3=A4ftsf=C3=BChrer: Prof. Dr. J=C3=B6rg Schwenk, Prof. Dr. Juraj S=
omorovsky, Dr. Christian Mainka, Dr. Marcus Niemietz
    --------------E11A4A0264BCE7E419539828 Content-Type: image/png; name="fmliihgbmokgaako.png" Content-Transfer-Encoding: base64 Content-ID: Content-Disposition: inline; filename="fmliihgbmokgaako.png" iVBORw0KGgoAAAANSUhEUgAAA+gAAAIzCAYAAACTLTO8AAAgAElEQVR4nOzdZ1QUZ+M2cD4k voa/Aord2DWaoqmaZhJN8mh68sS02aWDgmDBir33hrH3LtgVC/ZewYIVARVUOtJh2Tp7vR92 mQV2aYq6+ly/c/Ycj8zO3HPP7O5cc5exARERERERERE9dzbPuwBERERERERExIBORERERERE ZBUY0ImIiIiIiIisAAM6ERERERERkRVgQCciIiIiIiKyAgzoRERERERERFaAAZ2IiIiIiIjI CjCgExEREREREVkBBnQiIiIiIiIiK8CATkRERERERGQFGNCJiIiIiIiIrAADOhEREREREZEV YEAnIiIiIiIisgIM6ERERERERERWgAGdiIiIiIiIyAowoBMRERERERFZAQZ0IiIiIiIiIivA gE5ERERERERkBRjQiYiIiIiIiKwAAzoRERERERGRFWBAJyIiIiIiIrICDOhEREREREREVoAB nYiIiIiIiMgKMKATERERERERWQEGdCIiIiIiIiIrwIBOREREREREZAUY0ImIiIiIiIisAAM6 ERERERERkRVgQCciIiIiIiKyAgzoRERERERERFaAAZ2IiIiIiIjICjCgExEREREREVkBBnQi IiIiIiIiK8CATkRERERERGQFGNCJiIiIiIiIrAADOhEREREREZEVYEAnIiIiIiIisgIM6ERE RERERERWgAGdiIiIiIiIyAowoBMRERERERFZAQZ0IiIiIiIiIivAgE5ERERERERkBRjQiYiI iIiIiKwAAzoRERERERGRFWBAJyIiIiIiIrICDOhEREREREREVoABnYiIiIiIiMgKMKATERER ERERWQEGdCIiIiIiIiIrwIBOREREREREZAUY0ImIiIiIiIisAAM6ERERERERkRVgQCciIiIi IiKyAgzoRERERERERFaAAZ2IiIiIiIjICjCgExEREREREVkBBnQiIiIiIiIiK8CATkRERERE RGQFGNCJiIiIiIiIrAADOhEREREREZEVYEAnIiIiIiIisgIM6ERERERERERWgAGdiIiIiIiI yAowoBMRERERERFZAQZ0IiIiIiIiIivAgE5ERERERERkBV7YgB55aCsChgzBkKKv4aNx/Fbq Y6/z0b0wDC+xzhFT5+Jhtqr4gnot9qwPlJZZvTPsCffm6VDlJGLetDGmch6KgKiv/HpEZQaW zpokrWfe6gNQacWqL/BT8ij2MiaNGiaVf83+COgeox5KEsWK10FllrU6eh3CD22U6m/u8r1Q PsXjr1PnYd2iqdL2ho2dhltJOU+83nthBzFS+myPxMnI5CoobRXQa7FtxXRjuQIQFBrxvEtU xUS8yKc/ERER0bP0wgb0veN74f9sbGBT7FUTfw1bi8fJXnpRg83jXUqszwaObTshPD63xMJq DP6no3GZV/Fb35VVsk9VLS8xAp++1UDal/9OCIb2cQJ6dhy6v9tKWs9n/x2FPPULcsWt12DD RE9UL3JMW3d2Q1Ke+glWKiIn7QGWBW2GQqMre0mtGncjjiH42KXHOi+tgl6L1ePkUv11+mEw slVl7/cTbU5UI2iiK16VjlltDF506InqT6/Nwci/Okv7UKvppwh/kF1lZX4iehW8f3zLWLYa cB4R/LxLVGWUuRnYu2sjbiXnPe+iEBEREb0QXrKAboNm7/+Fh/naSq9Pk5+Cvz9rxYBuwYsc 0JXpMfi5Y8vix7VGE6w4Hv1Y61MXZONI0Dx89nYLNPpSQI7K8rmmF0VkpdzD/BG90LRebcim b2JAr4T4y7vQqrattM33vx+IdOXjbzMr7jw6tm4gfWb/4z4L+RorOYdfwoCu0yhx/cxu/PPN h3Bs0R7H71nJzRAiIiIiK/dSBPRXq9nB3r4mbGxsUKNOC6w5FVfp9SVF7MTrNQwX7zVq1Cwn oGswtd9vaNeuHdq1awef8VuqZqeqGAO6iOuhS9DEvjpsbGxgX8sBttUM+/Cl29THCGgits3z h31Nw/rKCuja/FR4/dZJqjMG9MrRFaSjzw8fSdt0aPoRjkSmPd7K9DqELhmKWtWNN2hsm2LV 0aiqLfCT0Ksx0rOb8fvkbQycved5l+iJ3TkThIZ17AzHjgGdiIiIqMJeioBuV+tjuPxS2H3V Dn8PX1OpsdZ6USt1b3/NoQG6/fSfsgP6C+J/PaDrNbmY6PK11E26p39/tKrvYLiR0+A9nL6X Wck1ilgyxlmqh7ICuiYnAT9+9gYD+mNvU4dT6yagVjVTN/dBiw4+1hwKuoJU9O72gVT+lp/K EZelrPoyk+TGgUWmmysM6EREREQV9lIEdIc6X2LdwmHSOOMWH/6D+7maCq9Lq0zD35+2MISu tt0wb3pfBvQiXtSA/ij6JDo1rwsbGxv8vwbvYPf5S5B91ta4H7bwmLQTukrtBgP6MwvoALLj L6NL24bSdt/+1guJuZWfOyDpWijeeb22NE+F17SdeIHmOHwhMaATERERPZ6XJKB/hcu3TqND fUPXdNu6rbD25L0Kryv12i40sjWEtm4+c7Bv2SAG9CJexICuF7XYt2Aw7IxlbvOZDHFZBVg/ wQM1ja2y9d/+FQ8qFfgY0J9lQNfrCjC/73+l7b5Wtx12hD+o3DpENTZO8EDNwt42r3+Eo4/b VZ4qjAGdiIiI6PG8NAE9OjML/r8Wjlm1w9+j11ewO6yIzeOcjd3bGyJwz00cXM6AXtSTB3QR eVmPcPX8KRw+fBiHT51HfEo6dE/x2Uua3AQ4dSmceKs6/hixGhoRSAjfghb1HIz/Xw+Be25W aj+eTUAXkZuVgQd3b+Po4cOGOjt8GOcu3UJKeia0lWv2L0aRm4XYyGs4Zlzn6bBrSEnLLPuz 8pwCOgDcPrEWzR1rSBOouU/ZWqnWb3X2A/z1WTup7J8LY5FVRtlFrQqPUpIREXZWqvfDR08i Oi4BWXkFj70fOo0SdyMjcPjwYYTfiEa2QlX+m8qhFzXIeJSGyIhwHCks65GjuB51H+lZTzZr ul7UIScjFZcvnJHqICYuCQXqik3AyYBORERE9HhemoB+J0+DEyuHw9b4f2928UZqBWZ9FjUZ +LtTM0OLapvuiMpUlh/Q9RrMH+2Ozp07o3PnLzC0yKROelGLs9vm49uvOhv/3hUTlh2ApswH b4u4cXAVunQ2vueLrhi5aPdjheminm1AF3F517/Gfe4Mv8Bg6AEoc1KwdvYIdP6wPRrUNkwa 9YpdbbR9uz1+/tsHe45ffyrdjaNOrEOTWoZg91qd1lhrnLVdVKbCo9t70r6898twKMsJvPnJ N+HSozs6d+6Mti0bS+/9v7qN8Onnhv39ouvX2H0rHbeOrULnzp3x+acfo34dB2nZxm3eluqm u8dgpOabt9zrVPm4cHgnhvR2wofvdUCbFk2KPR6udr0meKvDu/j+d3ds2H0KucqKhSW9qMWD 2xcxe4w/vuj4Hlo1aSit196xId5u/y56uPTHnhNXYXHevEoEdFGnwbltC9G98Fzu/BU8Bs5G 8mN0TQcATc5DyLq8I237za/cK9XNPfL4ajRzNM4GX7MhZu64aPFGSU5qHNYunoXfu3VG+7ff QgNH07GzqVYTzVq1xXsffo6+I2fiUlRCqUMjNIpk+P/TzXCcf/NAZKoSOUm3Mczzv2jZxPBZ rNO4GT746kcs3HYcGp0I6DWYPvBvqb7GLz5c5j4VZCVjV9AyuP7eHR3av4MmDeuYymrzKho1 a4MO73WCi+8IHAuPMmzDEr0CM/r/I52XW6+lQS+KiI8Ox8RBXvigw9uoX9teqoPmrd/EV9/9 gWVbjiC7wHwIkagrwDi/39G5c2d81KGtVKbX7GrhvU6fStuZuu1MOUeNiIiI6H/XSxTQdci4 dxrvNTLOHNzoHeyJSC53Pek3Q1C/uqF7+3985kKn11UgoJf9mDVlZhw8u78vraNuy07YF/Gw 1DIUPIrC9+82k5Zv2qE7wuKyHqteinqmAV2vw9GlA6Rlvu4/B4qM+whw6Q4H46znll616jSB 78yNyK3CFllRq8A8/9+lbbT5RIa47MJQJ+LAoqGoZVvN8Hf71giNyihzfdkPLuD9NvVK3Qcb GxtUs3PAirBEhG+dWOZyNjY2qP/xT4jPKd6CmpsSjQF/dkf9osGwjFfNWvXws9dkpJTzPHet Mgeb541ChxaNijxXvJRjUa8pvIYvQ0ZBieBfwYCuF7U4t3Ue2tUrHO9dA+99Jcf5qJTH796v 12L3vIHSUIXXHFtj45m7FXurToF5fX6Tyt3s/V9xO01htv6wPSvR+a3WxW6GlP6qjsatO2Lx rnCLIV2V9wDfvW04V+q1+BhnIu9g0J9fSMMqir6+6zkXSq1Y8ces6XWIPr8Hv332Phxq2Fag rK+i7uttMXxeiGE7ZuvLg2+3t6Tl551+gIshS/B+i0ZlrreGQ1387DcFSSXOYVGbD+evzR9V WfLVc8HeF3e4BxEREdFT9lIFdJ0yC/6/GoNztVrwnRNS7oXg5nFOhgt/+/oI3HcbqIKADoi4 d34b3mnsKF3Ud/ptoMWWP702HzN6fieFgxq1mmD6pguPNVt1Sc8zoHfxHY/AgX/DvjAIlxVu 7R3hMXkj1GX2MqjEfiddw1dt6xvXXws+U7cXa6UvSLqEjs3qmuolYF2Z63vaAV2rSEKvbh9V MCAWeVW3h+vkraW25uo0+dgwyQ/17GtWeJ3Va9SB2/gNxY9FBQK6XtThwrZ5aFu3lnE5W3zQ 1RPXHlR2pnxzqbeO4gPpeL2K3wasgKoC54oiLQrd3m1qfF9NOI1eh5Kn7a2DK9G6gWPl6t3G BrVbfIrjUeZj2YsF9GYfYOwwXzhaukFl2xTrTt0xVl7FAnpCxAF0frNZuTdaSr7s6rfFsoMW hnKUCOhD5wQWublSzquGA3pO2VqsdZ4BnYiIiOjJvVQBHXodjhfp5t7hG1+kFpTeMqvXZeLv jwwX8HVadcOdbE0VBXRA1CmxdY4/6toZLs6r1aiLwfNDzboQh2+ahlo1jBfw1e3QY/BiKDRV 05r8PAP662++haaONWFjUx1t3u2C6Ys34eqNSMRER+HM4R3w7dHNtN82NqhZpxlWHr3z5Dut 1+HEmjGwM7ZY1nr9A+y/nlJ8EVGJyW7fSoHYoeVXhmNfioL0uxg50Aeurq7o/KGp6659kzaQ O7vA1dUVbh6eOHEvC7Hhu+Dq6goX2V9o0djU9bjtx13h6uoKV1dX9B4zGxlFugiHzOkjncs2 NrZo074LJgWuwemwK4iJiUFMTAxuXr2I7esX458fOxfrkWDf4lvcy7HUii7iauhitKhjCuev 2NdBlx5eWLdzP25FRiEmJgYXzxzDxKE90bSBqeXevkE7BJ2OLVJh5Qf0W0fX4u2GDtI+vPeV B64/fPJeIACg12Rj9D9fmM6tD/6LuxnljQcXcWHbDNQ23iCyq/8OdpaYYE6XG4uf3m9pujlh Wx8//NkHm3cfxI3b0Ya6j47C+ZOHMGfsALzfrqm0rI1NdQijNpl9nosG9Oq2NVHbwQ6vOTji 955jcDI8AjHRt3F8TxC8BozGw2zjo94qENBF5SMM6NG5yE2c2vjsWzlWBu1CxM3b0nly5fwJ LA8cjy8/alukrK/i87/HIbdkYUsEdEdHQziv6dgEf/Ychj3HziImJgbRt29i/7bV6NH1A2my PRsbG9R5oxsiU/NNZdSpsHjKALi6uuK37p9Jy9nWro8fesik83/l4YiKHnoiIiKi/zkvV0AH kH7nFN5vbBg3ad/oHey9Wno394wbu1CvRnXY2LyKL92nG1qtqyigA4AmLxkDe5iChWPzjjh4 PUn6e87DcHzSuoG0nlYf/IGY9MefiKqk5xnQDS87dPl9MKISM1FyPjitKg8HVoxDk1q20v6/ +50/siwOgq44bUE6+nxveuZ1pz9GIsfCOmMOLUUde+PkY9VqYsTK8xVYe9VPEqcviEf3NqZz oN0nAq49yCy1hVFdkIkFw5xMPRNeqY+gK6nm289Lgtd/TGPt7eu2xPjle0oZO6zBjWPr0bKB KWB37TUTmsJClBPQo46vwzuNClvOq6PDF+64kVCVk4KJiAhZgMbGm102tk2w+kRM2e9Q52Ks 8JVU5ve/G4BHJeakCNswCY6FN4mq1Uaf6TuhKGUSNL2oQ+LtU/jm3RbSOt/q5ovsEvMAFA3o hZ+BPwfOR1aJetdqNKZjXIGAfu/MJrSpayet87fec5CWW9qz3EVkJ0fBrbvpc/B6h+8QmVbi u6VEQDd8R7XHmkNXodKa3yRUZDzA4D+/LHKToC4WHY22WAJOEkdERET0eF66gK5TZsD/58Lw 7ADfwN2lhp1NY50N3UVt7TB6/UXDf1ZhQAeApBuH8XELUwD76JeBSM3XQK/OQN8fP5S6q9as 2xorj1u+2H1czzugt/vCCbdTSp9NWi+qsWqUXKqDGo7NsP5CQuULWETKjX1o7WAIXa/YNcCk YMvBW6dIwH8/Mo37b9ulN3LLrZyqD+jJ4UFwMIZEW/tGmH/gdrn7mBt7Em80MnXLHr/X/D33 L2xBc/vC4QW10GvKJsvjkI30ogYbx7hI62z8RjdEphu74ZcR0KOOr0P7RoXdoqvjnc5uuJVU 9U89UKZH46cPWkifo5/7LYOqjMn9Mu6dw0fNjD0YqtfH2DWni9e/Xo1xHl2lfWr6qQsyypsH Qa/DukleUg8dxw9/RmKJOQBKBvQ6zT/C8ehyuvmXF9D1Wmya3kv6nNRr9w0uPSwv8IoI2z5T avG2b/k+jt8tUY4SAb1a9VoYvvJ0md3PY89tQssG9tJ7ei45ZnE4DgM6ERER0eN56QI69Drs W2QKiu9+42exm7tem46/OxoCmn39johIU0nvr8qArhe1OLR6POoZZxS3qV4fkzedx76Fg6Vg ZlO9BjymbC91LPHjep4B/RW7hpiyKbzcdaszb6Fjw8ILfnv0mrS78gUsLIKoxqohf5taDd/s jhsppfVIELF+tBNsjV3hbe2bYMOFxHK2UPUBXadV437MDZw/dwZLF29AZgUeX6fPj8P3RSby GrTpSokFNNgy0VX6e4N2X+Hiw/JDc078NcxdvBEXwsJxP6nIY/BKCegPL+/Cu687Sp+DDl28 EJX6ZI/3KpVeg9VjnU3DElp1wc0i3auLL6vDoSVDpEDboF1XXLLwqERlXjoiwsNwInQzgg/e qlAxzq+ZjHrG9dq+1R2xOcVbsUsG9Le7+SOzvMcUVKAFXV2Qg1tXL+P0kT1Yu+1UheZrSAjf gZavGMN3k/bYV/L57yUCes16XyAmt+wnA6hTb6JT29el9/wzYhssFYUBnYiIiOjxvHwBHUDC 5d1oa3x2cs2G7yD0mnk39/RrO1Df2MX5wz9HmoJrFQd0ABDV2Zjg1k0KF/WatUGLOnbSNt74 3ANpZYyVf1zPM6A3bfcjojMq8DgsvRaD/+wkve+dvwJMXasrSZl5F/95q6EUdP4ascpieCiU F3cCzWsVHofq+LbnnDKXf3bPQS9l66IIdX4WwkJXoUORybxKBnRRlYX+P5rq9ON/JiD/SSbg sxDQb5wPQcc3Gkr/1/Zzt0o9/uxxJEXsxhvSxIu1MXP3Ncs3PZSZ6C0Nc7DFD/0Xmk0OVzki RFGHR4kxmNW7BxwqHNBt8d8RK8o/7hWdxb2ipRVF5KbHI3jGAOlmQkUCepsf+pb7/aAvSIT8 3TbSe/4evpUBnYiIiKgKvZQBXZuXBKevCp+dbAffubtLdMMUsXGMsfW0mi1GBxWZtOgpBHQA yH54EV3fMrU8Fb5qNHoT+26YzwYtbUoUoSwogEKhKPelLjG53PMM6O1/CUB+BUPRnnGm1t4m 7WVIfayELuLGvrmmSayq10a3P7wwfPjwMl4D0P51U1fxWo074kJiKa2yxm087YAuijpo1Crk 5WTi1rXLOHNkNyaNGo7ens748dvPUcvCjOAlA7oqJx4/fVzYHbwG3KZtqXg1WlIioDdp9S7a NatfrAy1W3TGrUeq8tf1JMVQpaPP9x2lbXZxnmGx237S1T1oaZwc7//qtcaGohPelUGn00JZ oMCjxFhcuhSOrcvnImDIAMj//h0fvtnMrN7LD+i14D9nX0V2rNIBXdTpoFIWIDstAVcuX8LB zcsxfFgAXGR/oEvHN83KWpGA/pXrjPKLqkxiQCciIiJ6il7KgA69Blun+0hdXD/6bggyVKYL eb06DX93NAQY27of4UbRlt6nFNABEeG75qGRo32RC2cHDF18vMx3qdIi8Wn7pmYX3OYvO/SZ crjYe0sG9N/GBz2zgP6tf2CFW4zDN4yU3tew+S+4r6h8c6eoyceAXztWoJ7KeFW3h8/ssgLV 0wvoOq0adyJOYqSPC77s9Falyl0yoCvSo9D1rcKQWBfjV5+udH0WUyKgS69q1WFrW13690/+ S56wpbp8J9eMQ53CmdlbfIlbacVvqOhFDbZMMN3webOrJ5Lyy+62rcpNw9618yD0+AktGtaq cL2XH9BrY/C/B8vfqUoEdE1BNk7vWY9eTj3wdquGFS5rRQL6T77Lyi8qAzoRERHRU/VyBnQA 8ZdC0NY463Htlp/h7D3TBEkpl7eisaPhbx/8Obr4BeZTDOg3D60s8pxoG9jY1MOkLeFlBrcn CeiKlJv4vH1jaZnv+yyD6jECui4rFv951/Q4qq5/TUdByZbLYgG9JpzGbajw+iM2j3vigJ79 4Cza1634875LezX78E8k5JUW6J5OQFfnpWDKYBc0qFmBUFjDHg0aNoS9raklvWRAz0+7hS5t C58b/pQCerUa6PijH8b0/gU1Csfx2zXFooORT7atcihTruMraQx0DQxaeaZYvapzE/D7x8ab SdVrY8C8/WXslw73Lu7Dd53aVuDZ4q+ilmNd1K/rKA1VebYBXURyzAW4/vw57KuXf57YOdRG g/r1pAntGNCJiIiIXgwvbUDX5iUW6eZeB2PXFc5OLGLDeFdjqLDF6OASz+R9SgE9P/kmfu70 hvmFdOP3cDKm9FmenySga7Li8H1H08V0l79nIP8xmtDzEi7jgyLjjX/uvdK8pbRYQK+On4cu rnAL+ulF/U2ht+VveFhQ2YAuYs+MXqYQW7M2WrRqjdatK/Zq3sS0b7YOjTA35Eap26nqgC5q sjHW4zuz41nd1h4NGzdG02Yt0Lr1O+jh1Asjx07G+q378SD2Gn4oY5K4/Ee30bVdYUCvg7Er T1ayPksoGdBt7fCVEIC4DAXUWXfx4/vNpc9C8/d+w+00xZNtr8yyqDDL9ycpJL/70xAoigzt uHNiFWob/1avxac4G5dT6qoSIkLxXqsGJer+VdRyrI/XX2+Clq1ao8P7XeHnPwQzAhfj+Pkb OLpsQiUmiau6gJ7x4Ap++rSdhSBeB40bN0bzlq3Qpm1HePcfhInT5mLPkTDcOB6MVpWYJI4B nYiIiOj5e2kDOvQabJ7mI7UgffrHGGSrdNBrs+D9H0Nwf61eR1xPLzFu9ikEdJ0mF/MG/gU7 Y8tXjVp18XqDOlKr3fs/D0RmKY940imzsXfXFqxdu7ac13qE3Ugq9l698hF8upqehd3+ax+k ltPd15KESzvRtsijlZyn7Ta/KC/Rxb2jy4QKt9avHvC79L4WX3oju5L5XKdKRY/3m0rH44P/ DkZueTNnF/Ho2g7Uk8Z2V8cXwlgoLE6qVvUB/UZIIByqV5PK3qDZO/AdNhkbt+xHTOx9pGWa z4ou5tzB181NNxVKBnR1bgJ++bSwx0NNeEzb+mQT1JUI6G98Jse9DNPs+DFHV6CRQ+FTCmri N/9F5j0sqlDcqXVoapxk8RXH93DB+PnU69RY2OdXYzlt8Y3rNBSUMjmeqMlCv587mlrOqzug 47d/YPb8ZThy+ioePExAgdr8M3lyxTjUecYBXa9TYOHAv0zPH69WE292+hbjp8/D7oPnEXf/ AXILzM/D+2c3oQkDOhEREdEL5eUN6AAehu9E2/r2xovEz3AuNhNZ0UfwRgPDDNgf/TkaGgst wVX9mLUzwbPQVBp7XhO/D1mK8D2LpW721WwdMXjhoSp/zBr0Sizo97O0LzWbf4wL97MquRIR R1aOQm2pW60j5uy9ZmFbxQN6y/f+xv1yHtkEAHqxAN7fvS2F46+9Z1l8rnJZ7p9aLbWa2tRw xMgVlevSLWpy4P6NaWItx0Yf4NCtR5aWrNqAri+A/68fSMvUbvwBdoXHlVve/Ptn0KaxaXI7 81ncszHgl0+kv3/6x5gK3bDQKtMxY9QorAkKxq79J5CcbhzfXcZz0A1/V2OGl6kXQE3HVlgQ ev2JZ60vja4gGU5fFZ4zNTBoxVnoASjTb6NzC8Ozz1+r1QTz95b+6LSUiB1oVtd00+nLf8Yj vUBT9ob1Oqyf3POZd3HPSbiCz9uZbsi07+KByKTSewYYiLi4c7b0HcmATkRERPRieKkDujYv Ac5fFnZzd8SY9Wew99+BxhbLmhgTfMl8xVUc0B/dOYevOzSX1tey05+ITM6FXqfEgn49UN04 frd2k/bYfuH+k1ZLCSKOrR0Hh2qF4boORq04XqkbAVplGgb8anpk12v1PsSZexa65JcI6DXq tsLqE3fKXX929GG0cDSOHbetjZErzldi/wDoNZjq/rW03TrNO+Hcw8o+i1vEieXDi7RQOsB5 bJCF4FG1AV2vTsD3repK59HXXhW5OSHi9LrxqGtX+hh0vajB5klu0t/rte6MM/cyyq2FjOgj aGMcB1/NrjH+DTEG3PICOoC8pAh82bahtC+tP/wd15Of0jPRIWLnrL6wN/Y8eOfHIVDpRFzb MV3qMdP8o3/wMK/0wB2+fiLq1DD2XHilAbZetXRDpjitIhne3Uw9Up5VQL9/fgveqFV4vB0x MehcuTc/RE0eZvv8IJWVAZ2IiIjoxfBSB3TotQgq0uLVuccguHxjuMD+v4adcDXFwljZKgzo mvxUjPf43lTOuu2w/MB1KYSpMqLxw3um8YhzZxEAACAASURBVLtvfe2JhzlV+yzpR9En0Kl5 XWl/Gr7ZFYduJFSodVMvanB26xw0dTRNvvbhL4ORbqE7bcmAbmNTHZ/8MQjx2UrzZY20ygyM Frqa6rrp57icXLnxy+q0CHSo74DCbs1dPWc+1kz1BalX8VFjB6ksTTr8hMhHBSWWquKArohF 14a1pePfxW1aOc9hB5IjT6F7h5ZF6tkGveedMlvu7tlgNKtV2O3cHn8NWYxcC122pT3TFmDx 4D+kddZv9SUuJVawBd1YN2FbZ6Guva3xZos9evgvRL5ZF5WqkXv/LDoU9iKo1QFhiTkY7/yF cX8d4DF5W5nn+KlFI1C78MbVK/URfCmlzO3pNArsDByKBoVd+W1s8OrrX+JWevHz9WkE9LvH 1qH5azbSOsetP13mvomiBmE7F6F1kR4Cr9Rph23h8SW2y4BOREREZG1e7oAOIOroajSrbQgN tR0bwLGm4QL747/GWHyGclUFdL2oxr5Fw1HXzhhYqteC5+Qgs21GHlqGBg6GZarb1obnxM3m 3e6fgKjNQ6Dff6W6srGxQbMPvsWG0AtQlBHYFNkp2LZ8Mt4t8rxrQ7fhq5bDgVlAt0G1mg74 0Xsc7qSad8fNexSHyb5/oXbh+OtqNdBjyMpKh+ujy4ZKvRCq2dXDjJ2lTfBWNlGnwqyepm7a 1ewbYMLGcyWXwsbJvaRWWru3vsODXMs3VHR5KfhH6oZtg279FkBV8riKWXD5zBS2azfugI1H b1oMPBpVHsIPBuHb99uaWvqNL89ph82W1yrSMPD3z6Rl7Go3Rf8pq5CcY37DRKvMwc4lo9Gg 8EZMtZr4sfe/pvJWKKADOnUOJjiZejPY1W2NhftKOV+elKjAGFkX4xhyWwxasAPftjHciKrV uD0O3C67x8CdI8vRoJYpbH/++1DEZ5W8IQMAIrJSYrFwrC9eL/aIRBvY1P0EV1OLP+btaQT0 tNtH8V4T09Mf3uosw+XYRxbrVZGdiu1LJqBtQ8diZX3FoTWCzsSV2O7TC+h3TqyGQ2FPg4Zt sDn8Yfn1QEREREQvf0BXZ8Tgp/eLtzja2NhhbHApjzerooCecP0QPm5tmiG6/beeuJdu3jqs 1ykR6POjqbWp4RtYfvDmY9RI6dKiz+Drd1sUq4NadRrho69/xaRpgdi6KwQhISEICdmF9SsW Y/wIf3z+7luoVXhzwXiDocfgechSljKuvERAt7V1gJ1dTdjY2qFtp64YM30etu3YhZBd27Bg 2lh88cGbqC5NjmaDph1+wq3UyrWe6zVZcO3S1tQ74J0fcS/7cXsgiLh7ai0a2dpIx/X9n/2R rix+Xh2aH4BaUp3Uxu/9JmDnrl0I2b0H97NM4VevysSA70xDA2o3a4+x/65ESEgIQk+cR4FG B0DE5oke0g0GG5tXUa/xG3DrNxprNm4xHJMdW7FgzhT89Z8v8Xq92iXOY8Orh7+lR9qJuHtu K94tMlb9Nbta6Pj1b5gauBg7du5CSMgurFg0Ez2+/QSO9qZj3aDtlzgVnV6koisW0AEgJfIo Pmpu6rbfpuMfuJaYa3HZJ3Vrz3zUM56jb7T9AHbGbXb8c3ipk8MV0mbF4Ns3iz4doSbe+eQn TA5chB0hhs/Dlg2rMHZoH3R6sw3sa1Qzr3vbt3C8xBMYnkZA1ylS4ft9xyLbtkXLt79AwMTZ 2LJjJ0JCQrBr60ZMmzgCX737NmoXGf4gvao1waKSTyd4igE9+UoImr1SuO2a6PizBzZu3YGQ kBBExJXdW4GIiIjof9lLH9D1ogqLBv9ZrNXx/17/GFdKCw1VENCVmffh3d00Q3StRu0RfCqm 1JbE7IeX0Ll1fWl9bTr9gZsp+aUs/Rj0OkSf24HOHUreqKjY6xW72vjZewoSLLYwmrZRNKC/ 3upLDPT+Gw4VeGZzwxafIiQ8ttK7lXRxk9T7wMbGFr8PXv1ErbXqvET884mpjhwatsO2Cw+K LXP32Cq87mjheeu29pi4y/QMcL2owsqAfyzu7/+1/go30wzHV5kWif+83bhCx8HwcsA3f/SF /JePTTd/fh1qcey6qFPh8NrpaFPPscLrt2vUBnN2XCi+vkoEdL2owYFlI+BYeKOjugP+HLDo qXR11yke4pcOrxcrf3W7epi+I6L8N+t1OLZyNOrUtK1w3TjWfxNDRw5Dc+mmhyPmH4oqttqn 85g1ETcPr0KbBg4VLmtN+9fh6T8KH7cvrB979Pl3b/HPx1MM6HnJ1/FFq7oWy/br8HXQPK0Z BImIiIhecC99QAeAyMPL0dTR1J3107/GIl9TyvJPGNBFnRLBU/1gb1vNGG7rwHvaJsvd6QtX J+pwbvM01Kth2Ga16g74a+CSKn5UlYiEmIsIcPsFDe0tBEyLr+po8fanmLp0Jx7lqcpefYmA 3vTNH3Hj/gPM6PMn6hQZt1v8VQMffPk3Dl2Oq3yw1muxsN+vphm17Rpg9dn48t9X1ipFLfYG 9i1Svpr4fcDSYs981+Ylwqf7h1I3d+lVrQZ8ZxTvav7g8m582NRCSHF4B0ejTC3UcRf34qu3 m5V7PBq0eRcj/g1CanYB9s8bJD2e7bX6nXA7y/KEaKJWhbC9q/Hth+Zd44u/XkXr97oh6Ng1 aEomrkoEdADQ5KWg/6+mGwg167XBotCn0NVdr8OaMU6wrVakjtp+h7vZ5czGbqRT52D5eF80 dig7pL9SsxY++UGGvWcjocx5iL86muYW+LX/ymL19bSegy5qC7B35RS0a1jOzZZqtnjz0+5Y tTcMivxMjPr7K+lvHX8egoxis+8/vYAuahRYNlwudXMv+vriz8nIe4qP4SMiIiJ6kb2wAf3q rtXw8vSAh4cHvH2nIlVZ+gWfJvshJgT0g4eHYfkluy+XMVu2iJsnN0nL+gSMR2xmiXG7ei02 LxovLfPvBtMkXQWZDzB1aB/pb4NGL0BSKeOUi9KpcrB0coD0vt4DRuFqfNVPrKRVKxATcQGB k4bjt5+648uP2xe7eK5hVx+fdfkWv//jjsUb9uB+SlbFZn23ENDvZGqgUebg8KbF+LN7V9Sv bRjD27hVB/zw6z9YuvUIMnLLaJUva3PabMwfYTqmPsPnIqsKWmmz4q9iUC9Pab2Dxy5EmqJ4 t/6c5BhMGdwTX3R8W+qe3rhlBwyfu7vYcqJOg6hz++Al/Iq3WhTOcG6HDp2+R+iVxGLLZiff xaqZo/HTd9+gVePCUF8dzd98H9//9AemLNqIqIep0BoPRs7Dy+jbu5ehnJ49cTS6rDHXIrJT H2Djkuno8fP3eLtNE+k41W/6Jrr99Bsmz9uEuLTcUod9nA5ZItXJuDmboSizrkU8jDiMPsbP p4eHB8bNCi5zkrrHlRV7Ht49vYzb8cTM1YcqdSNA1KpwK+wQBrn9ga6dP5Ju+tna1cHHX34D mac/dhwOQ2a+8TtAr8X+jXOl/eo3aSkURW72aZXpmDXCz3hcfLD5cAXmRNBrsWbOMON7vLBs 2wXLZdVpEHfzHCb6e6H715+hjl3hja8aeP/TLvjvn25Ys/MYUrLzjXUg4tqxYKmsvsMmI67o d5leiXUzh0t/D1x3ovyiqrOwdNRQ6T2Ltl4s9btUlfcIG+eOQbcun6COcQiFY/3mEPrMQIal iSaJiIiI6MUN6PTk1Col8nOzkJiYKL2SklORpyiAWlvJMFVKQDcQoVYqkJqSjMTERKRlZEOp rlgrp7USdVrk52YhyVhvaeml75NWo0JWepqxjpOQnZsPjcX6FaFSFiAjLVU6HumZOVCq1FXW +qxRKZGV8Uhaf+qjTBSoqvbJAS8iUauBIj9HOp5JSSnIzS8o5Tg9X6JOC6UiDynJSaZzKk8B dWm9gp4jvaiDUpErlTUlNR0KpQoiG9CJiIiILGJAp6pRZkAnIiIiIiKi8jCgU9VgQCciIiIi InoiDOhUNRjQiYiIiIiInggDOlUNBnQiIiIiIqInwoBOVYMBnYiIiIiI6IkwoFPVYEAnIiIi IiJ6IgzoVEVEJN2+gBUrVmDFihUI2nIA2So+S4mIiIiIiKiiGNCJiIiIiIiIrAADOhERERER EZEVYEAnIiIiIiIisgIM6ERERERERERWgAGdiIiIiIiIyAowoBMRERERERFZAQZ0IiIiIiIi IivAgE5ERERERERkBRjQiYiIiIiIiKwAAzoRERERERGRFWBAJyIiIiIiIrICDOhERERERERE VoABnYiIiIiIiMgKMKATERERERERWQEGdCIiIiIiIiIrwIBOREREREREZAUY0ImIiIiIiIis AAM6ERERERERkRVgQCciIiIiIiKyAgzoRERERERERFaAAZ2IiIiIiIjICjCgExEREREREVkB BnQiIiIiIiIiK8CATkRERERERGQFGNCJiIiIiIiIrAADOhEREREREZEVYEAnIiIiIiIisgIM 6ERERERERERWgAGdiIiIiIiIyAowoBMRERERERFZAQZ0IiIiIiIiIivAgE5ERERERERkBRjQ iYiIiIiIiKwAAzoRERERERGRFWBAJyIiIiIiIrICDOhEREREREREVoABnYiIiIiIiMgKMKA/ R7mp8YiIiCjzdTPyDtIys6HVic+7uC+UvIwkREREIDL6PjQ6vfT/jxLvISIiArHx6dCbvUuE Vqcr9j85aYZjFB2bBNH8DS8UZW46blw1nFcPUnMq/D6dVmuhrgzEMv72dIlIiL2NiIgI3E/K ei4lIOsnalW4e/sGIiJuID1X+bxKgczkOERERODOw7Qq/bzotNoqXFvZRFEHnVj0d0hEYlwU IiIiEJeY+czKUR5FbiZu37iKiIgIXLseiczc3OdwDpj/ltDT8Sw/A0REzwoD+nN0dfcKyAUB QhkvZxcP9Onnj8mzl+FGXMpzCkMvnsgTQRAEAf2Gz0OmuvCiUsSBdTMgCAJmrDyKIrkdyrx0 HN6xAcevJxVZi4jL+1dCEASMnLEZBS/yPRK9Dhd2L4OLzHBeDZ8ThAJN2Tuk0ypxO+wINuw8 BY3ZiSciJfYmli7fhBzNc7gQ1WuwfuZACIKAecEX+Lkgi7R5qZgc4A1B7oNj1xOfTyH0Opze OheCIGD8kn3QVsHJqlXl4eKRndh+7MYzuHEoIiftAbYHBeFmQrbpv/UaBAcOhSAICFx/xipu YMZdO45RA/vB1VkGQRAgd+6JXUcvPNNzQGX8LTl2Lan8hemxaVV5uHxsF7YdvWYV5x4RUVVi QH+OCgO63KkXZgQGItDCa/qU8fB2d4UgCPDsOwIX76U972K/ECoT0PViPpZO6A8nJzfsCntQ ZC0vT0DXFaQhcGQ/yFxd4e7kBLlbf1xNKKMVXa/Dxb0r4enqjFHzdpgF9LSoUxjg4wmZ70Rk qRnQyTq9lAFdr8beldPh6iTHvK0Xnno4UWTEYWqAL+Qe/XExNqNIOawroOtVqRjn5wFBkMGn 71DMCgzE3AVLcT367rM7B0QFlk7wh5OTG3ZceFD+8vR49GrsXzMTrs5yzN189rmfe0REVY0B /TkqDOguHuOQXkr402qUeBh5ASP6ekEQBAybuR75zyMQvWAsB3QgPycDSUlJyMhWSP8n6rIx ydcJgllAB5T52UhKSsKjjNwXOgTGXzsCb1c5+o6eiaXTh0MQZAgMOolSR07oNTi6biYEQbAY 0OMv7YG7s4wBnayaqNMiPS0FSUkpUKg0z6cQVR7QC7B+2hDDuf8MAnpuSiSGeMkhWHlAz39w Hs5yGZxceuPcvQzpO+GZngNiDib7GX5LGNCfIr0SQTMDIAgCAzoRvZQY0J+jigR0AIBeh4hD G+AmFyBzH4ibSRUfP/y/qrSAbklZAf1loBeV2L5gPGSCgFnrjyHy9Da4O8ng4jcBKfnqUt7E gE5UJRjQn4m82NOQy2Vw8RiNlHKG7zw1DOjPBgM6Eb3kGNCfowoHdAAZ986jj6cTBMENR2+l AAAKHt3Hgf37ceH6PeQm38GSWRPg7e2DUZNm41h4VJEu3BrERV7E+mXzMaivH7y9vTFw2Fis 2rAT9x/llbpNvU6D2FthWLt0Hgb2M7xvwNBRWLFuG+4mZ1kMRZr8TJw4sAOBU8fB29sb3t6+ GD81ECGHziJLoS65AVy/cBT79x9EYo4aBdnJ2LtpFYYN7mfY1ojxCNp5CGmlTeyj1+HetXNY OW8afLy94dO7L+Ys2YDI+PRSA/r9yIsIDQ3F5Vvx0ANIiLqC0H07MNBLDkHujBlLghAaegDX 7xrGD6bev4XQ0FCcvRht8cI6MyEaWzaswugAf3h7e6O33wD8u2QNLly/C63ZMRVx99o5hIbu x92UHGgKsnA0ZBPGDh8Ab29v+A0aiTVBO/EwPd9sO2kPb2N/aChCj5xBVkHlWoHyU6Iw3M8T gpMPTtxKgiYrFiP6eEEQnLH17F2z5VU5KTgSuhf/TjCEgL4jpmNPaCiOn7uCAlU+wk4cRdCy WXCRCxA8B2D73n3Yf+AI0gtMQV2rzMGFY6FY8u8s+PfxMZ4LPhg7ZTa27juOjFJuDOhFEcmx N7Bx1RIEDOoLb29v9PUPwKKVQbgRm2y6ECszoBvGx4eGhiJ0/yFEx6eX2IYaMdfOYc3iQPT3 7Q1vb28MGTkR6zfvRWJWgVmZNIpMnDl2EMfPXkZOViq2r5mPvn4+GBgwFltCz0FpfqDN90un xp3r57B68Vz49/U1fAYDxmDl+h2ISzO/4aYXdUh5cBvb1q/C5DEBxvrzRt8BAViwfC0u3Y43 6/2Ql3IXoaGhOHftDkSdGpHhRzFvmvFz6NcfcxautPi+0olIib2G0ND9uHo3CWpFBo7t3ozx wwcaPp8BYxC0+zhylIZJmgoy47F17TIM6d8b3t4+GDlhJkJPRUBloX70OjVirp3HuhVLMGJQ H2n/Bo4Yh9Ubt+Fucnax5QuPweFTYchTaZESdxMblgair/H4jZk8B6Enr0CtK3EmqBUIP3MU ofuPIr7I5+p+5CWEhobiVnwGCtIfYsv6ZRjc18d4jgZi97FwKMxuPIm4fyscoaGhuBSVYPH7 T5ubggOhoTh05DzyC78wygno+RnxCN0WVOQ70xu9ffth9vxlOHLhRrH6y0q6h0OhuzFxcG/D XBJTl2BfaCjOXolG0fnbdOo8XDyxHwtmTYKvtze8vXtj7JQ52HXgDLIr+P2hF7WIunwOOzev Rm83GQSXnli2YTtCQw/iXkq2WUAvyE1F6Jb1GBXQ33CuDhmFdZv3IDFTUeo2FFmJCN0WhCnS Od4XcxauxOkrlr9vLdHkpuDwwQPYtWEhZDIBTq7+2BYaajhvYxJKnAOm3ztVdjKOHT6AM5ci ociMx7qFht+RoaOnYO/Jq9DqDa3vcTfDsHrpPAzqb/jc9vEfivnL1uDCzdhik7cmRF1BaOhO w2+JrPC3ZD+u3S1nLLpeh8iLJxAaeggpeSpcOrIdwwb1QW+/AVi8bjviM0z1p8pPx4nQHZg9 aQx6e3vD29sPU2cvxMHTEVCV+sEWkZl0F9vWLcOwgYbf1hETZ+No2C1otEpcOXEUoaHH8Uhh Oi9ykmIQGhqKY+dvQGfhOOjVuTh74ghCQ48iOcf89zkr5R62r1+FMQGG7wq/fkOwYNkGXIlO KDVMp8dHYdP6lRgxxPC979O7L2bNW4pD566hoMhnMTs5FodCd2PyUF8IgoCAKYsMn4HLUZX4 biMism7/GwFdr8WDyEtYu3Qhhg30Q99BI7B4xXpcufN8J3GpTEDPjAtDX2NAP2IM6KnXQ+Ek l2HE9IWYMNC7yORycsxYdxiiHhA1ChwMWghPN2cLk9DJ4OrVD/vDzUOaTpWHkLVz4ObsZPl9 3v44cjmu2EVqZvwNjBvsB7lMZvYemcwJ/iNn405qrukNeg2WjOsNmdwVB8MuY/RAH8hkJd8n R//RgYjPKn4RoNcpcWjjPLi5mJfPo9cALJ4/vUJj0E9unAOZ2f45YdGOsyhzDLpehytHguHj 4Wpxcj8nVw8Ert6H/KITqOm12LloNATBCZuPnsPssQMhl5nXbS//MbiVVKSeAEQcWguZIEDW axjuPDIP8KUTcfXIejgLAnxHzEFqngbQ67Bv5RTIBAF9J640u7DLvB+GXhb2qd/ouUjPSsLE /t5mf5M79cKNNEPozku9g6nD+sFJbn4eCIIAQSaH/5gFSC0R0kWdBqdDlsPT1dK5KsDF0xdb jlw1XISVGtBFJN0+i4E+HhDkLpi2eBsyigQSUZ2LXStmwd3CeSMIMnj6DsHxaw+LlSs/NRoB fi7wGzwGcyePLnbM/MYtgaKcSfJ0yhxsWzGj9M+Sz0CcLDI2Vq9T48ye1ehVSj0IggAnl17Y dvJWsYvd+PDtEAQBI+YH41DQXLg4yc0nnXT3wfZTkRVscRIRHrIIgiDDzNVbsHBSgNlnWyaT Y9zCnchIuImR/XqafZZkzu5Yvjus2PZEVRaCFkyBq8X6MB4Hn6EIu2e6sZKfEoWhvi7wGjwR p47shJ+Xu/l3jNwZE5fsLtbbw/IYdBEH1hu+BxZu3YtJxgv9kusaPWsN0ouEFui1OLBmCgRB wMz1xy0Gl4L4cDgJAjy9RyOx8AujjIB+9/IB+PfysPAdVPi5csOctQdR+BUWc3YH3CwsNzxw kxROVDmJWDBhqMXPn0zmhP4jZiIqqfgNEEv0ugIEzRploVyuCAm7Vyygj5+1zPD9bfZZl6H3 4EmISTX/zkqMPIvh/XqZfecLggC5sxsmL9yKbFX5vXPyH16Ep5ulc0mOfzefLHUegsx759Db wwmDxs7E9JH+Rcouw/DALdDqNDi3eyXcSzlPnZw9sHT7KWiMFX8yKNDib8nC7WfKqWgN1kzz hyC4Y/WapXApctxcvPxxJd7wW5CZcAtTh/W1/Psqd8bQSUvNvlMBEbGXDsLfx/wckzu5Y/HW XZjWtxcEwQ83Uk03AmLPbYYgCPAdswxKC+e5mPMQw/v3hCD44ELRXhUAYs7vQR9PV4vntLNb TyzZfNTspmbcpf3w83Qr5TPggvH/Bknnwt0LIXC3sNyw2UHFnthCRPQie+kDuqjJw941gXBz Nr9YlTu5InDDEQszVD8blQnoVw9vMMzA7TIQt1IMP9iFAV0mk8HFezBOXo+DsiAPYUf34srd R4Bei7A9K+Eqk8HVsw+C9p5EalYe1Go1HiXdwYZ/JxlaHDz74eIDUyueXtTiwu4VcJYJkLt6 YWlQKBIzcqBWq5AcewP/TgyAXBDg5D0CCbmGCwJNbiImDugFQZChz5CJOHHxJvIKVFDm5+D6 hcMYNcAQ6vqNno+0wosIY0AXZE7o6+cLnwFjcOJiJPKUaijyMnBs+0p4ucghCE5YEhJW7GbA 7ZOb4eokgyC4YsGm/UjLyodapcS9a6cxfogfZMaLmPICeuzVMwgOXou+HnIIMidMmLMMwcGb ceHmA5QV0O9f3AtPVycIghyT/t2A6IQ0qNVq5DxKwP4tK9HTTQ5B5oqFW0+bLuSlgC6DXx8/ ePoMwp7jl5FToIJKmYdLR7ajt7scgiDDhOV7i4Waxw3oojID88b6QxDkWLzLFGTTo07Cy80J grwnLtwv3oJbkBWPncFBmD5qgOEibfB4bAwOxu5DZ6EoyMWxPTuxLHCSoQXdvS/WbAzCps07 kZKvg6hRYGPgCAiCAA/fYTgSdhO5CqWhbjKScWTnani7u0AQ5Fh14HqxY3rv3A64yGSQObli 5tKtiEvJhFqtRnrCHaz6dyKcBQFyrwG4cj+j1ICecf8KBni7QZA5Y9ryEOQVbQXVa3B80zy4 yAS49fLHjkPnkZ5TALVajZT421gx3RBG3HoPw40kU0tbYUAXZDLIXHthw4Ew5BcoEXv1OA6c jS6ze71e1ODUtkVwlglwcu+FlZsPIjkzD2q1Col3r2L22EGQCQKceo9GqtJQ1tToU/BxkUOQ u2Dqwk2ITc6AWq2GWqXAvZsXMWfcYMgFAa79Jxe7IC8M6D19/eDl6oH56/ciIT0barUSDyLD pRYnryFTkZxbytCG4mePMaALcHVzg3vP/th88AKy8wugzMvCoU0L4OIkgyBzQ+/eXug7bArC bj2AWq1GVkoslk83nAc9+49FXJZaWufF0FVwlcsgOHth3a7jSM3Kh1qthqogB1fPHsSwvj0h CAKGztgItbFyCwO6q6cXfDw8MGLaUtyMTYRSpUb2o4fYEDgWMkGA3MUTp+6YHrtXXkB3dXOD 3N0P2w9eMHwOFdk4G7rZ8DmUOWP66gOmQF3FAV2VeQ+jjHOLDBgzHzfiEg3HWa1CyoNobFg4 Gc6C4fs57J4hBD16EIltwRsw2r8XBEHA4HFzEBwcjINnrkEUAVGrwOrJgyEIAvwGT8CpS5HI LVBBrVQg5tpZTBnWz/C9OH4RHuWX3ZKuFzW4dvoQ1q1cAG9XGQRnT8xdshrBwVsRGZ9RLKDL ZDJ49B6KA2euIVephrIgB2GHtqKPp+GzPmP94WLfZ3nJtzDc1wuCIMeY2asRGZcElVoNVV4m zh3chr5eLhDkLpiz8Vi5N5M02QnYvnUz1i2Zafg9c+mD1cHBCA7ejHPXY8sN6DKZDDJ3P+w9 fxsqlRK3zoXi5NVE5CXfQD9XOZzce2H93jPIyDGcp9mp97Fm7gQ4CQJkrn0Qft9wbOKunsGm 4LXoZ/G3pKyKLgzohnocM38T0rLzkZVyD1u3H4JKBFQ5CZgxzA+CIMPg8f/iUmQcFEo11ArD ZyagjxcEQYZhc7cWOy/zkiMxxNsVgiBHwOQFuHEvCSq1CqkPbmPx9NFwdnGBq5O8ygJ6xp3T 6OUsh0zuglkrdiAuOR1qtRp5mck4sGUlero7QebsgY1HTN/9elUqJvXvBUGQY9ba3Uh6lAO1 Wo2CnEcI3bQYrjIBgpM7Np+4BQBIj7+NbcEbMMZ4TTFo7CwEBQfjwOmrbEEnopfGSx3Q9aIG Z7YvhnMprROGO/zOWHvw+nMpX0UCf/Xk/AAAIABJREFUuqjTIvnORYzsZ7hoHT57o9RiVxjQ BZkh7JSUlxKFYb7ukLn74sjVh2Z/h16LvcsmQhAEBMzZLP2wF2TEYXQfDwhO7li3/7LZhahO kYyJA3tB7uSEVftvAhBxapPhArTXwEl4kGXe5S036RZG9jFckC3fc9lw0VUY0AUBLr0CEJNe vHuxXlRix4LxhgvRiSuQaxxXqNdmYc5QHwiCgDmbTpkFpIL0WIz171mhgG6o49LGoFsO6KLy EaYZtz9l5QGzrux6UYfrx4LhJhPg0nMQrjzIkurbENAFCK59cCH2UYk36nB2yzwIggCf/lOQ onzysd3Jt0/B100OZ++huFFk1na9LhuBAYa6n7h8v/kbH3MMen5qJPzdnSF37Ym94XEW1qvF 7uWGc27ior1S3YnaHMwc3BOCzAlz1h81694qqjKxZOJgyOVOmLXuOLQWAnrmw2sY4mtoOZ++ fDcUJcahZt2/gv49XSH37I/zd8yfhiDqlNg8dyQEQY6Jy/ZK54cU0AUB4xbsqFCXdlN9RGO4 rxsEJw9sOnrdLGzoFIkY08cTTk7O2HAsBnpRgwOrZsBJLkf/cUukc76o3Pgr6NvTFYKsL64n m24kFAZ0QeaCxTvOm20rOfIkfN3kEGTeOB2dWoHSmwK64OSJHWejiv1Vr0rBBGPAlHsFIC5b Vezv2QnX4O8ug+DeB2djDOe6Xp2J+WMGQC6XY+a6oxaGgQD3L2yHTBDg3W8q0lSGBQoDuiAI GDplNbKUxZ99rNdmYIKvIYgs2HJO+v/yArog98Tei7FmQyTunN8Fd5kA116DcC0ht3AjVRrQ bx4LhruzE+S9RiA+R2W2Lk1+GqYGeEMQPLDjTEyRnS19DHrceUPdeQ2ahIQc85swquyHmBbg C0FwQdCJyArN3VCRMeiCqx/C4oo/C10vanAiKBCCIKDP0DlINx5LvajCzsWG74AJS0Msfp5S o07Bx0UG154DcTUh1+zvlkhj0L3GF/s9LS+gC4KAwOBTJcKdiOhTGw03T6ashbJEEXWKFEwP 8IPcyQmLdl40HYPHGYNeJKDLvUcitaDE975ei3M7FkMmCBg8ZTkyC8yf+61IuYWBPV0hCG44 EW04DnpRi+MbZhvqf2QgUkrckNGps7Fq+jDjtVAVBHRRgUVj+kKQybFgx3kLOyri5skt8HCS odegKYg3fl9k3T2Dnu5OkPeegAxV8X0TtQXYPG8M5HInjJizRbphxzHoRPSye6kDuiItBsP7 eJQezo0vV7+xSFE8+4mupMesOfth2br1WL++xGvtasycPBburoaLCK8+I3A93tQ6VBjQ5c5e uBhvPs7v5vEgOAkChk1bh/xSQoUiIRxuggAXj8GIzTH8OD68shfOgoBe/uNxP8tyS9udW1cR fS8ealGEqM3H7ABPCDIXrN5/1fLO6nU4uWU+nAQB/ScsNbRsFgnoI+Zvt/i2a0fWQyYI6Dcq UBrjnHXvLHq5O0FwG4zYbPMLW+i1OL994VML6I+iThhayN0Gmt1UKKRVpGH2yD4QBGes3H9Z KldhQO83YanF2fhTbhw0XGD7jcD9bPMLscrQiyrsX23o6j9qdhAUJc6BiNDVcJYJkHkMwcO8 Ett67EniRGSmJuBKeDgyFCXLL0Kr0eDo5n8hEwSMnx+CwvypSLgIF0GAi2d/3Ey1POdAYtxt 3IyKQ75aW6IF/TwyjOFc5uSKwLX7kW8WbEWE7VkGuSBg3PwdUJXSFTLt9lG4CAJ6+o1BvLFO TAHdGRv/P3vv/RxVliZo/xkbX2xs7HYNJaVMVVeb6tme2dmN3Yn95lsz04WUKXHz3pup9CmL hIeCwvsUILwTtii8B+EEEvLeYAXCe49wcpk3n++HmwgJpQoViK6i+jwRJ0BKXZPXnuec97yn 4GzY5friUvkuVEnCO3Imt5+H77FsOlVH89VbXcc40PGSy02naTzfu4KvaQHaH1wgK9mBJKVQ f/uNvLwWdIsjjca7va9L/9NrjMt0I0lJ5NWHabDrvbUuQXdlTeb628+CYCcb5uhRFuMX7eol e+0tt5icmYRkdnO02/Zanz/mbF0VV+71HnsfCPi5f/Y4iiThTpvGvba3BV3lh8JzYfd104LR SJKZWWsPv/nO7xD00XM3hRVEf+tjfOO8SJKVDUdCz7QBFvRgoIPbNy5RWXOmV89fUNPoePmY nMmZSFIS20+e7/ZhX4KusSl7FJJZZc3BPp7DaJTvXY4iSYydvTHMfdKb/gh65sy1XaHe3blZ dwBZkvBkTebWc/1+6nxyhXEZLiRLBnXd3mc99rLzJaumZyFJFtYcrH3nPsKHCLqVo6fv9Vrf lfLtmCWJJNdwTtRfpq29g4D25l1y+XwDF6/cot3f7fn3gYI+bO6mXh8HWh8zb0I6kuLiUO3V PlaisWf5JCRJYtbaY/r3bn3MnNFuJLONzcfPhF3q3pkTuJOUARH0tjt1OFQZxTmWO2+3aITo fH6b6SO9SGYHh+v14/P8WhUeu4pktvNDfh2v2toJdLuWHtxo4nTTVZ63dnv+CEEXCAS/cn7V gn6pYg/Wd8i5JEmYFSuHGvvTozSwvBb0H9s3RbVid7iY4lvB2euPelSCXwu6ah3NrbdfiMFO jqyZpbeej55M7po1rAlXVi3CaZYwW+wUXnwKwQDlOxeFKq9baO/Hi8//4gpDzRJykoviS+Er XAC36o/gVs3IyRO5/by9m6CbWbytIuwy54q2IL8l6BdObiPJLOH6bnGfvZm3T+dj+0iCfuro Rl3ivs3pe/xxsINDK/XK/MSl+/RKeTdBn7pkP+Hqxo+aClAGSNBbH11hwlAHkpTE5vw6Wlpa epT7V6pIt6lIkpk1h06/tf8flsU9qGm0t77kycN7nGmso+zkMTbkrmT2tIldY8y7C/rlYj2p n2v0Ql71p7LVTdCnZa9iVKpDX35UNi3hsvYH29m5UD/2WeNn9nk/rFqajd0soThSqbquy++b EHcPhWd/Qt6KoJ+Tm+chSRITFu560/vTTwKdHTx/3sKNKxeoq61i/7YfWLZoHqOzUkPjO8ML usM7iXvtvY+B9vwWE4Z53kvQsyYsp+XtC7aboC/4oazX0n0J+ms6O9p41vKU5nON1NWWs2Xt GnJ8Mxnq1c9lWEE3ezl57m7Yvd2+ZMJPFvSVB+rD9iIHtU6O5OqNWxNXHdD/5iOMQQc9Surl i+c8uH2Nurpajh/YxeoVS5g4bgSKJPVf0IMvmJluQTIrTJyzOPzzfs0aFsz8DlWSsI2a9c4w d+ifoM9ZEz4U/XbDoV6C/uBCCak2GbMtmYXLV/Wxn6uZOCI1dPz396un/70F3ZzB2Qe9hw21 PrnCxHRH6F0skz58HAtXrONkRT0PHrfQEe7Z/4GC7ttwstfHLx82M9atIFnszMlZ3ud5nT1B Hy6TPC2XIND65BIjrGYURxqVV8PnHAi+vMHYZOeACPrVsh2osoTsymJ1X/WN3BWMTNbD8Zcf qAl9/RaWTRnWNWbdlTIMX84y8k6UcfPeY9o6wlyjQtAFAsGvnF+xoGvUhOTqnUVW2V569a++ h68FXbFmsufoMY4d612q6s9y7+HTsC+gLkG3T+wVIh/UWtnum9C/7y9JSGoSR88+gmAnR19X TFcf7FfFyN9ygWRJwurI4PzDvse2Pr1aqWeit4zk0pNX3QRdZvW+xrDLhBP06v25qJLE0Bm5 dPQh6I9v1JIhfxxBrzm4BlWSGDlnQ9heIwCCASp2L0aSJMbM+kFftpugz16dHzZL8cAJusaZ gs0/PryjW/GOyeFld+P4AEFve/6Qw9vWMX5k+lvbMZNkd2APJdbrLugN+1YgSRKpM9f1b8q0 boKu38MWrBYFs2Jj84kzvdehvWDN5BH9vh/Mdi+ll/XGpi5Bl9OouPSw1670vY/tHFg6DUmS mL4xv99TwWman6tnK1gyeyouu6XHfsmKBafTGUoAFl7QnamzeRLmsvwQQR85ZT0v315nN0Ff tKWy19J9CXqg8xV1RQeZO2lcr0R2qiUJl/NHBF1Op/LtoSEhfrqgK+yuuhb+qwf9lG7L0b/7 nB/0xpUBF3SNx7cvsH7JfDK8jp7Xn1nG4XBitSj9F3TtPmOUfj7vJQl12FTu9yMXwYdMsxZO 0K/XHsYdJjFcX2XMkt0fV9CVkVxuCRcJpXHrfBlTxw7rlYzUYnczdfZiShuae74DPlDQF2+r 6vXx01sNDJX7f7zsE5cRBF7crsMjSVg9mZwOE1Gj7+9TsjM9AyLopw6uCTUo9a/k7H7TKP/i fjOLZozHkdQz6aqsWBk7aQ4HC2p40T38XQi6QCD4lfMrFnS4ULoTS38q4z9zD3p/ksSF452C nv2dLpe+VRQUFlL4Y+VkEbeetulitk4Xs+9WHujXi++1oFscaZy5HybkPMSjiyWk2GUkx1iu tbS+t6DXhgQ5bdqqvgX9eg3pH1nQh89a1+f2CQYo3qZXyr/N3q5HIvwVBT3Q3kLujFFIkhmX J4XMzMzwJSMVxSxhlm0cO9PtHnhPQe9sfczqWXrFSbHaSMvIZPrcHNZu2MThY4Wcv3SDo2FC 3E/nrdYrhNPX9K+y1V3QFSsLNh3l+NaFmCUJe+o4zt19a9yq9oK1U0YiSWamLNr47vuhuIz7 z/Vr+f0F/U0UxbT1R/sp6BqXq/Pw2lQks4zTncyIMeNZtmoNW3btp6yynjtXTjEsxflJCnpQ 66Bg+1KsqhlJVvGmpDNm4gzWrFnLnoPHqG08z7WGY32HuA+ooMvsqrwa/qsH/RRv1sdPj1mw vSsC5l2C/upGZb8F/cmNBsaGcoskOdwMzRzOwuW5bNi8g5PFFVy/fo2cqcN+gqA/YKxFf58t 35L349d3YSFFlQ20vmMGAhh4Qb9Rdxi3LKEmj2Tf4ePv3M+aMEM9wjHwgh5avv0F5+vK2bZx NeNGZeF1O7sy5JstTraeOPVmiMJHEPSW240MVSQURwo/7D3yzuNVUtdEEHh5/zRpZgmLO5NT d/qY6u69Bf16L0E/nbcWRZKwD5vMiXc9XwsLOXu9Zx6QYKCDa02N7Nu5mSkTRpLidetJKCW9 ATZ7/aE3EXNC0AUCwa+cX7WgP7nRwHBX+Gmwuhere2zvMbh/BT6moBPsJH99SLQX7iRMxGt4 ggFq9uu9mSNnbOBVH8u9annCk5bndAY0Aq03GWU1Y7Y6yD/TO/nWay6V7cEuS1iypuuZ3N9T 0K+U78GmmLEOn8PzMOHVoIe426WPI+jnC7diNUvYRsztc/vBQCvbcyYiSRLT1x0NJcX76wn6 wyuVpCfJmK1ejjfe6vPvgh0PmJzmQJLMjMvZ0S3j/PsIusaFoq0okoTVmcG+klO8au89Dv34 5vm9BP1m5Q5dLrN8POtjfHj7y2c8ftJCe2egh6BPXLib9oBGx/PbzBjpQZJkxs/7gRc9prjr YPcSfYzmzNwjYYcX9MX7C3qA0tBwkXG+Lb0STXWt/+ljnjx7TmcgiL/9CdmjQ98hey1X7j7p JfadDy+QlWz/JAW95WYDw9xJSGYri7cc4eGz3uLw4Owx5L+KoJtZndcYPsQ90M6uhZORJDNz Nh0P/fKNoM9YfTT8/XvuGOb+CHqwg52L9MzzKaNnUt98u3cCwbYWFkxM77+gB18yJysJSbaw 5eRFBoqBFvSHzWV6JJVzFE33X/Re6D35WILeHc3fwYM71yk5cZDpYzIwmyXsw2e9mUP8Iwj6 q0eXGZdsQUpK4eTZ8MM7wtH+/Abj3Spmm5fCc+Hfy1rbHSal9h3injxmce/7Hmh/cIHhKfYe gn6jcjeqbEZNncbTn5BIMxxBTePpw7vUVRSweMZ4VLOE6sqi7nooVF8IukAg+JXzqxb0YKCN vPXZqH3NxyxJSGaVZbsr+h1+OpB8VEEHmst3k2SWcA6dyKUH4VvQ2x5cYO26LRSW1fIyJLK3 T+djlyWcaRO4GG65YID9q2YxdNgoVu4qQgu0sTQ0XVr298fDviyDWjv7Vs3ELEmMmfs9rZ3a ewt6273TpDusSEoyldd6j3kPap0U79DDy/sn6M/0sZv9FPRn16pItqtIipvSSz3ngH1N6+Nr TMnSE/S8nh7mryXoQa2T4xtD2XvHzePeyx9fT3EoA7/qzOLs/daufS3clN2noN+uy8P+lqAH NT8HV+gCkzV7Y1gJ1jqfsWKKLtaTFu7umre2/f4pvVfNltZjyr83XypA2Z5VpA8dRs66fbR2 doSZZk3jRsMx3FYZWXWw5fjpHvOjNxzbiMUs4R45i9vhkgsCT26cYsPG7ZRUndKvUT5A0IFr tQexyRLuzClceRxGAoJ+di6eQuaI0azdX07ro3OkmSXMSS6Onwkf1XOtJg+nVUaSkqnrlpn/ UxD05tLd2CQJJW0C15/0Ph5BLUDZTv3edadN5W7rxxR0idGzNobNI9HecpPJmQ7MFhd5NaEw +GCAI+v1vB4T5+8K2+hZu285Uj8EPdjxgBlD9WmiVr813eBrXtw7z0i3iiQlsa17YrxucvJ2 krg9SyciSWbGzttMR9iGLo3z5cfYtusAdeev92taqhf3mxjtVgZM0P3PbzJ1mBdJUtl0/EzY 5TR/K8d2bmb/0QKu3H33nO0w0IKu8eBGE0cP7uVgYV3Y83P3zAk8NhlJ7ba89pyZGZYBFfRA ewvLpw5DkhQWbD4RduYDggHKDu5gd94RzoV6prXOV2yYOwZJUlm4pTDsub575oSecPUtQb9W vk2/B9Nn8yjMBm815uO1yj0EvePROVKTFMyyjfyz4RsE/C8fsnfLFg6dKObuU317Lx7d5OTx I2zZkx92yNirR5f5NtWCJHs4Vh9qbA62s3XeWCHoAoHgV8uvWtAB2p/fZ9Pi6aG5Pt8ee25l xpKtPGv/62dwh48v6K2PruiSKKnMWr2Hp696Jlvxt7Xw/Xx97mdn+mTuhDLZd7y4y9yxKUhm C9nr83qO/QIe32hglNeOJCmsO3oa0Dh9fCOqJGH1DKfo9M0eL8yg5qe55ggZTiuSbGNHSWju 6PcU9KDWxg/zvsUsSYycsZoHz9u7bUvj7sVKRiXb+y3oQa2NBWMdSHISO0uvdNt6eEEP+p+z esZIzJJE1pRl3H/eM+u4v+0ZeRvno0oSzoyJbxo5/kqC3t5ykymZTiRJZemu0nc2PrXebcCr mJHMCot3lHZ999dyNm7e9l4Jzh41FeJMkjF7JvGoI7SfwQCFoYaBlHELeszRDRDobKXi4EYc ofGcY+Z+T3uo8qcFWlk9LQtJkpkwfxNPW3teqy/uX2LGqBQkSWb+Dyfo1MLPg64F2ji83ocs STgzxnPm9huBfXHnLGNS7UiShZxNR3td1+0vHrJyht4zmTY6m4ehae4+RNDbW24yY6QXyWxl 4eZ8Xr0VcfHoag1ZTiuSpLK58ALtz64wMsmMpOpj6XtWPDVa7jbjG58ZeobZKenWQPQpCPr1 2sO4FTNmZxY1YaYZvHWujOHuJF1yU8Z23QMfS9Ali4v95Rd6yEug4xXHt+ozTqSMmsOdF51d y1UdXI0iSbiypnD5Qc/e3xcPLjNlmKt/gh54Ss5oPQna7HXH6HhLTNqeP2TLoqmh86yy7nBd t+PkZ88yffjSgi095eROwyGSZAnF6mbnyTNdDWCv9//xzTNMHOZBksxMWxZ+irO3aX18jQkZ VqSkDCouPeq2H+8n6AQ7ObLehxJqPD517WGPZ1RQ83OhfB9OixmzYmdH0fneKw7DQAp6UPNz crN+zrwjZnHl0VtJ5IIBzhZuw66aScqcwYPQuzWotZMzzoEkW9lRcoV+8Q5BJxig7vA6LGaJ JM8IChuv9ZoS7s75EjKcFiTJzNJdlV2/by7dhVWWsCWPorzpbo/j3NZylxUzx4SSs/UU9MfN J7FIEqothYIzPRNjtj9/wPp5E0LLdZtmLdjOhtl6no/08fO58bjnMQv42yjZl4tVMaMkpVFy Xs+c31y6iyTFjGTLpLrXva1x/3IlQx0KijOT6qtvpizdt1KfgjV7U1HY4SYCgUDwKfOrF3QA f9tzqk/sY+aU7xg+bBjDhg1nwtRsjhTX9Z2F+6/Axxb0oOansWA77iQVSbHy7bR5HC4sp7Gx kcqS4+RMH6tPs6U62Hayew9NgIsVB0i2W5BVG1OzV3KyoprGxnry925mdKY3NPVZTlfFxN/2 lNzZY0OV00xWfb+L6rpG6msq2bFhGWkuG5Ik8928TTx5LV/vKegAj6/XMzpFzwabNX42R4sq aGxs4OjeTQxPdeFKTcVm7q+gd7Bssi5/4+fkUtvQwPmrd+lL0AEeXa5ieGj7Q0dPY19+kX5c i4+zZM5kvRJidbPlWP2bytQHCHpz9WGmTJ7MlLkruPWj4ZgaVyr26JUr51AqLj/6kb99vV/t rJqiJ3Rzj5jNw9YAoNFwdC2SJOFKHUd+WTWNZ851Cebza5W4baGpcQ4V0Vhfy91nndw7ewKH xYxZVhk/exlF5dU0NjZSdvIoS31TuzK4S5JE5vRVXb3UAPcvlDHUlYRZtjB2Wg75Jfo5PXl4 D5PGDkWWJLzDp3Hx3vMeIe7dBR2g9ck1pma59OttwQ9dwxCCWieVB9frDQSqjUmzF3G8pIrG xkbKTx7FN2mEnrTRnsyByuau9X2IoBMMcLZoN16bimKxM33+aoora2hsrOfo7k2MSHdjliQy Jy7laXsArfMV6+fq0mNPHsb3Ow9T19hIQ101e7etZ2xWSreZH3pOD/UpCHr7k6tMGq73HKeM msKBY8U0NjZSX1XKD7mLSXO9mRbT5hlB08NQHoCPJOiqaiHJmcLSDbv141xdysp500hSzShJ yewpbepxbT25VhdqQJAZNdnH8VL9+i48vINvM5NxDx1Nml3uR4h7gIKtOShmCdnqZNHaHdQ0 NNLY2EB+3k6mfzusW4JHhWV7us0rHQyQt26mLkKjZ1NeW0/DuctoGmj+V+xYNg1ZklDtHuat 2EhZVZ3+7N6/jW+Hp+gh+BnjOXWz57zlfdHRcospw51IkoV5uTupb6jjyt2n7y/owKsHl5g5 Jh2zJOFOG8m6HXk0NDTS2FDDjnVLSHZYkcwyY2ev4XGYeb/DMdAh7s9un2G014ZklskcO4Vd hwpoaGyksa6avVvXkuXVRXzl3vKuZ3xQ62R56F3y7ezVoXfJO2Z+eJegAx3P77F8hi7Tdk8G yzbupLqugcbGOg5sW0dWslNvTBg1h7sv3jRu+tuesGnBJGRJwpU2iu93HaG+sZHyoiPM/W4k VosF2WzuJej+tkfMHelGkswkZ41jz9Hi0HPyMHMnjcHpTScrxdlT0IGn1+sZ5rEjmc2kjZjA toMnaGxspK66jA1L5+BMUpHMKnPWHOBV6Nnvf3mP7G8z9HdNygg27jxEfePre2EHE4fr0XmT Fm17My1gMMCRjXoy27RRsyirqafhXHO/IkIEAoHgU+BvQtBfE+hsp+XpU54+bek5d+nPxMcW dADN30ZN/k6Gp7rChvg7vJlsOVzVqwdHC3RwqvgAo9LCLacyamoOF98KPWx9epsNC2d0zdve vVhsbubn7uRu94rQBwg6aNw8W8rkEWlvbctM2ojJ5Bce7neSONCoPpiLpVtm4bGLdqIF+xZ0 0Lh5roypo4d2TQ/TfR+8GWPYfaKWth7joN9f0OuPrscsSZjdY2h+2HtKoK696gprlBgxYy0v +zkWsLl4i75+1cbeCr3n5/H1ekZ6bW/OYdp4rjzSK3Fa2yMWTsx6891llQMN9/XQ1M1LcIS5 BiTZwvDxM9i8YRl2i4wlfUqPXvagFuBK40kmDksJc80pZH47k+qLd7qiL/oS9KAWoKlkNw7V jGxxsuX4qS550DpfUXJgE5lvZc1+XTzpo9hd0NCj5/GDBB3Q/O3UFewONei8PcTGwpgZS7jS rTf28fVTTB2VGnb/bK40cnK/Z864NCTJzKqDb6YJ+xQEnWCApvKDoXncwx//NVu2MtpjwZzk 4USoAeJjCfqU+RtZPufbkKS8uX9dKSPYdbzurR5ovTGvPG8Tac6kXvd8+qgZ1F1qZkqy0q8k ce0tt1g+6+1th7JXW51MzV5G7gK9l3DCwp10nz3wat1hUmxvGruso+d19YZ3vHrMztXzcHb7 vPt9lDV+JhVnb/ZbZoL+VvblzumRoXvRrgqCHyDoAI9unmPh1LFdCdd6fH/FxtSF67jxds/1 jzDQgh7U/FyoOsLoDE/Ya9Vq97Jk0yGetXX/Xho1eWt6vEvGLNzx4yHY/RB0gBePrrN2/rRe GeX1YmHM9IU03eo95OvV0ztsWjSTJEvPKMIkZzpbd+0g1WXrJeigcf1UIaPT3b225U4bzaHy ejbMGtVL0EHjVlMF00ZnhHkvSlhsHhas28PD5z2HGD24Ws+McVmYw2T3l1UbU3M2cOtJz+F2 1xuOktptlgvrKB8v+sgJIxAIBJ8af1OC/kvjatUxsn0+5i/awvP3EPSWa3XMn5fN/IWbf3T5 oBbgyf0blBYcZsWiBfh8Pnw5y8k7Xsz1e72TUHVf7um9GxTnH2TJwvn4fD5WrNlMWc0ZnrWG n57H39HKlfMN7N22Qd9Odg7b9h2h6fKt3o0iQT+HtyzD58smv+pq2PXdPFvCPJ+PVZv28TzM oM+XT+9TfvIQS7J9ZM+bz/b9J7j58BkvHl5m1Twfqzce5EXnG0GvL9iFz+djd/6pHpWmQMdL 6suOszwnG58vm80HSukMwuXafHw+H9/vKgk7j3Xrs0fUVhSxbsVCfD4fCxau5FhxJXcetvQ+ rsEAFYd+0Ld/rDFspe357TPM8/lYvOJ77r98c7yuNBSQ7fORvWQjd5619V4wRMfzu6xbPB+f bz6HK5r6/Lu38b+8w+rX3/2QPq41qPm5dfkUW9Ysx+fzsXDFDz22/eLRTQ7v3ER2to/s7Bxq QhW1gL+dq+fr2fXDGv0a8M0T4I44AAAgAElEQVTnh50HqD3VRMvLNvwv7rBu2SJ82Ys5f+/t JFEaLx7fpaLoGKuW5uDz+Vi8fD0nK+p59Lx7446fwt36+g8WX+j1fQIdLzi8Rf98xYbdPH71 phId1Pw8unuV4vw8liyYh8/nI3vhSo4WlnE7zHlra7nNhhUL8M1byYW7YcbH94OgFuDx3Wuc PLqfxTn6vbRy3VbKa8/xvO3teX41Xjy5R1nhYZYv0vdv0bI1HD1ZxtVbD+kMBDhbeoB5Ph8b 9pzsGrf58GK5frxW7Aqb2ElrfcQPa5bh8+VQe7UfkRVoNFcdwufzsW5rQe8x10E/Ba/PQUnv pGSdrx6zJTcHX/ZSGrptL6gFeHTrMvkHdrBgXrZ+jtZtoaiilruPnqEF2snfua7HNdz29FbX Obh4L/w5KM3bhM+Xzc7jb8LBA60t7NiwFF/2Mk5ffy0SbwR9Tu5xWl+1UFt2jKXzssmel8Pe I8XcuB9+aksALdDJvesXOLx3C/PnZePLXsKhkxU8fNZKwP+crcvns2jpDzxuf/PcOVe6H5/P x9YjNT3CcTtetdBYXcK65fq1nj1vMQeOFXD+ym3aOv08uFLDAp+PZWu387hbA6UW6KD5dCXr lunPnaXr9vKqW2Oc1tnOjctnObJvOwt8Pv1vcjdRVFHP4+f9S4jWnfYXjyk9to9F87Px+eZx qOw8WjBA0b71+Hw+9heeC/seeXytnnk+H0tzt77VwPr6+z/jTF0lO77PJdvnw5edzcbt+6k7 fYnWzp82xKft3nnmZWezYPHWHu/D8NcAvLx3Qb+/5q3j3svw77OgFqDl4W3Ki/JZu2Jx6J22 kB37j3L+yu2wY6YDna9o6PYu+WF/aa8cHj034ufErlx8Ph95pc0/8ofgb39J89k69m37nnmh 85r7/Y4+niPdl3tF85kaNoee5au+3835a3fpfNxMpsceRtD14WItD25RfPwASxdk48tewLb9 x7h29zGa1sHJ3evx+ZZxIUyiv9Znj6irKGJT7jL9mM3T6wFnL93ss3Ok9flj6iqL2bp+Zeg4 z2PD1n3UnW7mVUfva0ELdHDpTBXrly/Sr++1e3j5M0ZECgQCwUAiBF0gEAgEf0P0FHQxflXw t4r29FKfgi4QCASCnw8h6AKBQCD4G0IIukAAQtAFAoHgl4oQdIFAIBD8DSEEXSAAIegCwd8a 1x0jORf1j6IMYGk713uI30AgBF0gEAgEf0MIQRcIQAi6QPC3xtU4F6f+fYQoA1heNZ5794F/ D4SgCwQCgeBvCI0LtQVs2rSJwqrmH8+wLRD8itFaH7F351Y2bdrN3RfhE+UJBIJfD0LQhaAL BAKBQCAQCAQCgeAXgBB0IegCgUAgEAgEAoFAIPgF8LagX/jT/+LejMWi9LPcHDpRCLpAIBAI BAKBQCAQCD6ctwX96pDkn3uXPile1Z0Wgi4QCAQCgUAgEAgEgg9HCPqHIQRdIBAIBAKBQCAQ CAQDghD0D0MIukAgEAgEAoFAIBAIBgQh6B+GEHSBQCAQCAQCgUAgEAwIQtA/DCHoAoFAIBAI BAKBQCAYEISgfxhC0AUCgUAgEAgEAoFAMCAIQf8whKALBAKBQCAQCAQCgWBAEIL+YQhBFwgE AoFAIBAIBALBgCAE/cMQgi4QCAQCgUAgEAgEggFBCPqHIQRdIBAIBAKBQCAQCAQDghD0D0MI ei80NK0TTeskEAigBTQCAY3OTj8BTUPT+MUXfT81gkAgtP+BTj9awE8wCFoQgj/3YRYIfsFo mkanP4A/oOEPaGih++bnvrd//L6HTn+AzkAATdN+7kMoEAgEgl8hwSD4NY1ge5DOoJ9AZwed gQCdmkZnQP/ZH+ikI9hBZ7CdgNZBQNM+2dLW0UlHRztaoI1W7RVt/k78nRrBgKhJ/xjvEnQt 5CqBUJ0lEAjgDwQIhPwlyM9frxrYon9ff8DfrzqaEPRuBIMAGgT9BEIHsNOvcfnqDfILijiS X8DR44WfRDmSX8CxEyc5fbaJtrZOtECAoBYQgi4Q9IOAptHhD3D2/AUOHD7Kzj379bL3wC+2 7D90hKbmy7xqaycgBF0gEAgEHwFd0CHYEaQzqNHR2UFHoJPAqxfcry/n8roN3Fu6ikdLl3N/ 8VLuLF7K7aXLPtlyZekSri1bxO1li7i5ahUPSsvxv2olEAj83KfiF01/etC7i/mV67c4fOwE u/bsf1N+AXWrDym79h5g1x697Nl/kIrqWl6196+OJgS9G8HX1hoMEAgE6PRr7Ms7huJII9Hi xqQ4MSmuX3xJUF0kqKH9Ndv5btJMnj970fX9hKALBH0TBDoDGrv2HUS1u0lQ7cTLDuJlB3Gy gzjzL7MYzUmodjf78o4IQRcIBALBRyEY1CO2gp0BOoJ6g3a7/xUPVm2g0hDL6cgYGj43UBQd ybEvIjgeE0GNIfKTLVVRf0dp9GdURg3i3OfR7P/ya+pnz0Bre/Vzn4pfNOEFXYOg3rDxuhc5 EAhQVlGN2ZZCosWN0ezAaLZjNNuJN9t/9rrVh5R4sxOj2YnR7MCkOEm0upm9YBkvXrW98/gJ Qe9GMBDUe5g1PbS1rUPDmz4ak+LFqHgxqV5MyqdRjF3/ujFKdioqa9FC4TivQ0cEAsEbgpoG 6KFV9x49xpM+DKNix6g4iVc9v/hiVF2YFDvDxozn6fMXoXtciLpAIBAIBg499FgjGGjHHwjS 6dd49fQ2Nf/fv1IRFU21IZqKqChKo6OoMUTRGBlFreHTLaciYimPiqUoOoYzEVE0RhjIjxzE i5rqn/tU/KLpW9D9PSS9rbWD7yZND+8yqvdnr1t9UL1MScakpGBSkjEqHuJkJ0bVTWlFTVdo f18IQQ8RDL4RdAB/QOP23ceo9vSfXbY/pMTLHkyKm30HjvD6OhByLhD0prugN1+9jsWVRrzq JF51Y/wESrziwqg6cSQP5dqtO6FvJQRdIBAIBAOHnpMlQDDwCn9nEH+nxpNrZygxxFBliKXa oAttWVQs9ZGxnI6IpcrwxSdbTkV8SY3hC8qiYqkyRHPaEM2pyAjuH8j7uU/FL5qwgh4MQLBT l3T0MdlPnzzH7kjpu8PxF1C/et9i6i7osgej4sakuNmfd/Sdx08IeohgEIJ+XdCDQfAHgty+ /yQk6J73KO73XG5gi1FJJs7sYseevC4xF4IuEPQmqIXyNKALuupKI051YbR4MKmu9yxOTKr7 A5bvf4lX3cSrLuzJmVy5cVtvmQ2KMXICgUAgGDgCQQhofoKBlwTag3S2azy9UEPVZ7+hNDqW ps9juDIohobIWIqjv6A4OppTkZ/1XQx/R2PkZ3oxhPvs7zhl+Ls+l9c//6zn3xgGdS3ffV09 l9NL12d9bKM05jMqogdRY4igODqaoqhoagyxPDh45Oc+Fb9o+hb0Dgjqeb78fo1HD5+SZE/u 22V+tO7jDtWzPqT+5CShxzoGsM6meDHJyXpDg9mFSXGToLo5EBJ00YPeT4IAwQDBUObG2/cf ojjSMKkeTGqo5UMNybfsxCQ7MSpe4pRUTEoKibKHBNmFUbWTqCQRZ7YTZ00nzuzGpLhCIQ/u bheEPiZBb2nxEK96Mb5ev+LCpHhIUFIwml9fuE79X9mLSXm9vCv0s7drP7sXfX0udu3tKehC 0gWCtwgG9PsfXdCtrqF6eJWSglFO0+9L1REqbgYrHgarXkyymyGyiwTZgUmxI5ltfKOm8k1S KmZJxSinYlJcJCo2TJZkjIoLo6I/qI2KHgZlUl0kKk6GyE4SFCdG1RV6Lrj0ooRkX3GEnjPJ mFRvV+9+gqyvy6h4cHizuHLjjh6CqAlBFwgEAsHAoQUhoHUSCIIWbEfzd/Ck6SKVn/17agzR /S6nIw2cioii2vAlZVEGSqM/pzgmivqIGOoNBk4ZImiMiKU46itqI2OpMRjCrqfC8BXV0f+J usivqI2MoNbwd1Qb/kh51OfURkZTFWWgPmoQdVGx1BliqYiKpDIqgjqDgdpIA7WRUTRERFMX GX4/aw1R1BhiqDbEUmWIpTbSQH1kBPcPih70HyOcoHf3j9eudf/xUxR7cliH6bs4SLDYMUoT iVcTSVCdJKo2hpg9JCo24q12TLILSXZjNCcTZ7WGXc83agYmq4IqKZhUF3+xphI/ZDhms41E Wa+bxSvJGOVUEhR9GKEx5Fbxirvr/yY1vIP1cjJZ77wVPeg/kXcKuuwmweIlzuxEsroxW+wk qE59nHe38ekJFjdykpNEqwejLY3EJA+JqrNXr7pR1ceIJ1qTSbB4Q79PxqSkkqAm6xes4tFb X+TXku7VwyXU161KntDPQtAFgg+iT0F/3QD2ukfchUlJJl52M8SWjGpPRU3yYrV5Ue0ezLKN v6ipGB0ZWNUkjJIXsz0Fs9VOguoiXnaG7luvHvak6s+DBNmjy7ei37s9x5d7iFNcxMkuElUv CWYXCaonFNbuJkERgi4QCASCj89ACbouvTEUxho4+3kEDRExFBn+yLY//xOVhhhKoiIoi4ml 0vBbqgyxVESFF/Sa6N9TZxjEsdjfs+fv/xv5MVE0GiKpiDJQFmWgITKW8sjfUh3zJw7//s/s +/t/5Mgf/p6amD9QF/kF1YYYSqINVEQJQR9IPqagJ1hdxKs2Es2TMdtVjFISJrOFIbJXT+xr dWO2p2JWHJjkZIxJ9j6E2Uu8kkSCNR0pyYNsc5Aop5EgO0iQX7taCgmWFCyOFCyOZMy2ZFRH GlKSN5T8zYXxdb1OCPrHoT896K970Tdu3cPxggIkqw2TYtfDSy3JxKkppA6bwMVL13GlDmPr wXxOlFYgW50kyG4SusZVJGNUUjAqHhIsHhYu38DY72ZjklMwyulM963kzMXLyI5UXdrllJCk JxOvJhOvvK68e4lXk/UGAiHoAsH706egvw6heh2uro8pmjh9PsUVNZw5f5Wa2nOca7pCVW0D M2bM5d/UFA6VNbBx7VqMkpsTZbUcPHqMRIudeMVJvKK/GPToF8+bhjjzm8Y4o+ruEvQ4i5c4 SzIjJ89jWe4PmIZYMclOEizerns8Xgi6QCAQCD4yAyXodZG68BbFfkbT55HUDvo9px2j6LjV zA1PGsejdSGvNnxBjSGW8qioPnrQf0vj55E0pQ9De/yAS2npnIn4j9QZYqkxRFJh+Iqq/1fh 7v4tvKot4F5hHs9qj/M4fxdnPW7ODIqmxBBBeYwQ9IHkYwq60eLEaHEwb+Eedh3chUm2YTRb SJC9mFQb3yhe9h0pYVXuWkxmF3GqLex6hshOTKqXf00aTfO125QUHCNhiAWjGopYVlJRXcPY vPsAp881U9vYRN2pCzSevciWnftIVOwMUULRzELQPx79FXSj7GbMxBncvvcAb/pQEhQbJsVF nJpMvDWdA0eKqK5twJzkxjV0LClZI0lUbHrPmOzWxyGYXV29XmZHGvWnz7Ny1UYSzE5MSgqK K5OhY8aR0DWGQR+/YJSdGBW9N94ou0Phsro4dO3f61B8IegCQf/pS9DV16Ht7lCETCqpwydy 72ELW7fvwp08jPhEG57UESxfvY4ly1bzb2oKJ2pOsXn9GkySE0/WOFIyMhmi2jBZvAwOtcwm mO0kKvZuQ1VSu4awmGQ7RtmOSXXpveeql0XrdnK+uRlpiESC2U7C69AqIegCgUAg+CswUIJe G/kl5yJiKY/5jzRExFLx1T/TXFPMg8ZKWgoOU/Xl7zllMHAmIobyqBhO9xGCXhMZS23s11w6 eoCLBcXc2rOVuggDpdGx1Bs+56Th91zYmsf9zeuo/4f/Sd1nf0/FH/+Z+uFDuTr1O4qiomkc 9DkNhvANAELQ34+PKejxqos4q4ucxXs5cGQPJslKgmrTx3qrDr5RhnLgWAW5a1eSIDneRBy/ VRIVB/HmNEbOWEnD6SYunj1LxtBkjKoNo+ImXh6Kb8lamm9cZ8y33yGZHQxRHUyYPJutuw+g 2LwMUUPTqAlB/3j0R9DjZX3sqOxIp6qxibkLlpBotmGSXRiVFBwZ33Lj7kPmL8ghQbYhuzKx uzNIVB3EyW4SLB4mT89m7vzFuD2pJFg8pAwbz7mmS2zevBVvajomi50hdg/25AxMihPFkY7V lYnFlU72oqUMGzMeo2TDYk9lyoxsJk2brY9lV9yhCrvoQRcIfjJ9CnpoOIniJd7swSh72LTr AEXllahWO4mqpysaxiTbSTAn8RdrKser6tm8biWJZgeqNxOb00OiZCde8RJvSWH0xJksWLgY T0qa3sinupGdWVjdmVgcHuZm5zBr7nwsdg9G2YbFk8W67Qe5dLUZj8uOzZmCSXZ3hd8LQRcI BALBx2agBL0s6kvORMRSFf0ZtZF/pFZO5dXdRspkN50NtVT8y79QERXBmYhoSqNjONWHoDdE RdPkGsvtigK2/+6/0FJykpP/+19ojPiCxshBVMT+mXsnz3LTZqMmchCHY76kNPZ3VBtiOfl5 BCd/+wXFMdFU9DHGXQj6+/FRBd3iZrDVzcLFezh4eBemISpGxUa84iFOtfNvUpYu6OuWkCjZ SFDd4YXZ6kayj+T85WvM8i1m24489uzZQqJqIc7sJE4axvc7D1FcVYxZsSCFcoolqG6MslNf r/I6sZwQ9I/GuwS9ey96vOJm0tyVVNadxeF0Y5I9xJlTmJ6zhuKKKqx2B0MsDtbvzKOwqIwE 1Ysz81uKK6spqajm0JECysqrmTJnMQfzS3jwpIWLF85ztOAESSlpfDtzLlV19Ui2FBat/J6y qhr2HS3kwNETXLh6kz37DnLseDFH8os5deY8G7fsCPXIe0PzIXuFoAsEP4U+Q9xDGThVj54w zuzlVNMlfKFGOKPiIU5JDc136SRBtvONNYVjVfVsWb+SRMnO/hNl7D9wiCGKF1f6OI6cLOdk eTWH809QUVvL9Dk+4sx25ixdz5mLVzh49BgH8o5QXl1PUVkFLk86i1d9T0PzTZ623Kf45HEW LdtAvKRnCtWnWfMKQRcIBALBR2WgBL0i6gsqomI5FfkZRZ//IzdWbuD83O+ojPwd1xeu5tz8 aRRHDaLSYKDWEENFVDR1BgPVhmhqo6KpMURSHR1NVfRvub31MNeyZ3NqUAyX5izmytallBt+ S2W0gULDH7m1IZ97hzZy3vgNBb//miLD31Ef+Tn1hmjKQ1nZ6yJjhKAPIB+3B93NYIub+Yv3 UnjyEEOzRpE28lvSRownZeRYXJnTKCytY+26pSQOsYWywXtDWdRdIbF2843Vy5zFP9Dy5AE2 Zwbjpy3l1q0ruD26Q8XLw5m7ZB2Xbl1h/sLFpGWMJc7s0HMJKS5MipN4xU2c0s/QfCHo70d/ BP1NcTLEPYFzF6+zevVM/qKmYLKNJL+hiRmzfZjMNkyKm5V7jlFedJR4Sya5m/NoqCtBVZKI S/AiO7OQvCMYotioOH2aFcuXMTjRSpziZOysJZytLSTRlkxO7mZabp3BmTGWuCFucrfn8+Th TTIys4hLtDN81HdcunKOZE8m8Uo6cRabPmZdSSbe4hKCLhD0hz4E3SinY1JSGWy1MtiSSoJ5 OHduXWfshAkY1VTizB499F12kyi7Qpk/vRypOsuWdasYItk5WFTNibz9fCOnsu94Ceca61AV O/86xIFrxHecPnsOiyuTmct+4Nbt64waMxaj2YbqHcXVh/eZNm0Gf5FcZOfu5vKFOhLi4vlG GkqcmozJqhKnpoYaCYSgCwQCgeDjMWBj0A0xVERFcSbiP3L4vyfRVlFN8T9GUx85iJJ/NvGq oZZT//zfaIiKpjIygprf/YHar7+m9E//SNUf/0TjoEEUR0VT8HUiz8+f4fT//jMNEV/REJfG /Ys1VP75n6iNiqU4OpaK//4XLm/fx8OzF7hUUcy1RTNp+r//wunYrykNzW9+KkII+kDyUZPE yR7iLU5mrMjj6aM7nG+6SOPFy5w918SZC000nD/Pg4f3WZ+7hoREB4lJ6SR5RmNzZ2BzelDs TuLNdv632UNRw3nyDh4kQbYju7KoajiFb042iZIdo5qCyZ7F4rVbOHf5Os1XrpFfWMKseYtx J2egWmwMll0MVvu3/0LQ35OfIuhxFjdGNYUtO/NpunQRmzONGfNXceHSRezODBJCk9Gv2nOU 8uI8/u8QD42XHjB71hQkyYLRnIxRcfONJQWr3UPlmbPkrl6NSdHHnI6dtTgk6CksWL2Z8qPb 9RYaxcvs5dtoOlOLKUHCJHtISR/J9RsXyRw6Wgi6QPC+9CnoKfrLwJrEYDWFOCmT5qvXmDpz Vmi6RVfPGRpkb3hBP7iXv0heTl+7zbXLzZSV1VJYdZqCmrPcvneftBETmL50E5WVpUiySoLi JNE+lIt3brNgfg5xipec9fu5dKERWZIxKkOJV70kqFbi1BTiQmH2QtAFAoFA8LEYKEE/9Xks FyNjKIz5ghtrdnBj107yv/qaxtg/cOTr/8md0nKaJ42iOiKKo4MiubZiHo8v1tNyrpzHJ3dR ERlL8ed/5N7q7zmdu4jKL6Mp/f1vKfzDf+HSvq2c+dZFScT/w/nI/0RZpIGGyK9o/Pprzv+f eM4PW8bDhrNc37iS2kFfUh6aek0I+sDxMQU9UfZgsrqZtfIQhfl5uJwpWJIzcLjSsHkyUFzp nDhRxvrctSQMcTJmso+ma3dovn6bS9dvMmfeEuLNHlJGTuL63fsMTUvDaveQmORlui+H+tp6 FMlCguzAqCYTr7hJcmeQmjmSSbPmc7KynqbmqzgcDhJVJ3GKCHH/qPw0QfdgkpPwDp1AfdNN Jk6YRF7+cbZ+vzKUcV0PLV+95wjlJQf5v5KT2vM3mTVrDpKsj1k3yQ4Gq8koSU4qzpxl1epc TIqdBMXOuJk5nKstIjEplQWrt1B2eFsosZSXOSu2c6axmoREBaPkISVjJFdvNpM1dDRxchrx QtAFgp9OH4Jukr16pk+LXU8EqWSyZe9hThSXISk2TFKSnlFd9RAv68NdTKqXo9Xnegh6wcE9 xCup1F26ye6dO8gaNhZv1liSR3xL5tBMEpOSmb5iCyXlJUiylQTFSYJtKJfu3Gb+vAUMlj34 cnfRfOEskmQmTvaSoHpJVOzEWTzEqSLEXSAQCAQfl4ES9NLILyiL/oKy2P/Kk3ONPCw4yIMd O2nbvIanWzbx8ngZ9woPUP3FH6iK+B2V//UfuP7f/w/V/+t/UPvP/5mKqM+p/vO/4L97lYf5 h3m+ZSfPNm/hybbtPC4o4lFFAWV/+jOVkYM4FjWIIkMspyK/oCryM0oio6gcPoFnNxo499m/ ozoilvrIr4SgDyAfW9ATLC5mrcjjaN5eJCmJwRYHQxQ3JiWZODmZw0fKWJe7DuMQO2ZnGikj viVt+DjSh43D4hxKvJxCQWk9Fy82U3C8gKPHCzl8ooijReU8fPiIVctWIJmTMJrtXc6WoDr5 RnJgsnq4euMO48aOIVG29UjOLQT9I/BTBD1e9TJEsTLY7GLBqgNUllfQcKqOrBQnRiUdk5JM ouomd89hyooPYrSnseqH3ZSUVIfC3+1IFgdm5zDMFgfFjafZuGkLRrMN2epg/Iz5nKstYogt nZzVWyg7soNvzHoPnW/1Ds401GBKtGCSk0nJGMG1W7qgmywZxFmShKALBD+VvgRd8ZAo62O9 4xQv8ZY0hn03i5bWDhYvXUWiOQmTbCNeSiJj1HdMmp5DgjW5qwddMts5UFhJwcE9DJY87C+q 5tKlS6gWN0bZgVG2M3xoJoPNNmas3kZxeSmKxYFJdmBKSufS7VvMn7eAOMXLrOXbuHHjBqZE s55rQnYzRNazmcapIkmcQCAQCD4uAyXo1dFfUhwZS42SxatD+8j77Z/Y89v/Qf6XX1Nq+AMn vvqfXDt5hJtpqdRFfElxjIHGSAM1hkgaIz+nLuJLzjhG09ZYytE//Z7S6K+oio2mKDqCgn/8 Z1rOldKUnEqlIZYmt4Py3/09pZ9HUmMYxIlBsTTNWczDcyWc+s2/ozrqC2ojY4WgDyAfVdDN bkyKk9krDnH4wF6GDLHxF9VNgtmLUUllsJzCoSNlrMldh1GyE2916T4UGn+eoHqxpYzl2as2 Ro8YhWpzo9rcKEkuhiQlsz/vGE1NF7AmOZk0bS4jxk3BaHZgNNsZLDtxpI3i1t0HZKanI1mc oel4haB/NH7SGHTFi0m2E6/acGVM4dbDJ+Tl7UORbAxW0zEqXhIUJ7l7jlBWfITBSSm4s8ZR U3uR0qpGDuQXUFXbyLAJc0hUbExbvIFzTRfIyy8kNT2TCdN9nK8tYYgtg4W52yk7vJPBcjJG s4vZK7Zw7lQDRpMFkzmF1KEjuHLjApkZo4hXRYi7QPBe9JkkzqsniVNSMKrJxKkujEmpzMlZ SXFFDSWVtezNO0pJRQ21jWeZM28ZJouXI9Xn2LJ+NUMkO3lF1RQc2IVRScYxYgIFhUXUNpxl 35ETlFY3sG3TJhKTPExbvZWiilLMqoMExYkpKZ2Lt2+xYH4ORjWZBNdoyipqqKprYOGqtSTI ToaYPcRZ7cSpbiHoAoFAIPioDJSgn42I5HTMf+ZRTTU1GTbKP4+hwvA7ag1fUB8Zw+GoaOon zeTJsc2c++JLqg1fUB71FY0Rf6A08o+URP2ZR0XllHiSKY+KoD4ykjpDpJ74zfAFdfOWcG/z bo59+U80zJ7N/eKTXNq1nTur1/JgTwnNx45SZlM5/flXVEUNoiZqkBD0AeRjCvoQs4sExcHc lYc4krcfSXLwjTUFk+wlXvHwF7ObQ8dKWbNmLUbJzmCLPhW2UfFikj3Em90sWrOZmvpTKLI+ b7pJdTJETsKkeEgdPoHmG3cYMW4Sk2fMo7SqkbKqRg4eLeBwQQl1Z5vJXfc9iqyQaHETF0rM LQT9I/FG0APvFPREsxejkky8aiXRmsbknKUMGzGcBDmDwZYUjKqHBMVJxsQFzJ06hX+T3Rit XhTLUOYuXEXOitWkZ9t27agAACAASURBVI4kwZKKSbbzb0oKw8eMZ9maTbi9aXiHjmXhzKmY 1BTSRk/H990YjJZUjLIbz6gp+Ob6SBhixySnYHGkMC8nG7s9hXgllXiLPSToXoyhKQCEoAsE 70IDtJCgXyPJlaFPraZ4iVdTiFfS9B51y5vxRoojhamzF7B89Xpm+RZgs7sYIjuIVzx8O3cZ 40aPxiTZGDM1m5mTJmBSk/mLxUuC2cLUGfNZmruJydOzsSoWjKoT2+iZTJ4xl0TZQYLiwpSU hm9xLllZI4lXvQxOGoqa5CVn2Uomz87GZHYwxJxMvNWuNxwobhzeTK7cuC0EXSAQCAQDTkDT 8Ac66QhCINBOoLODRxeaqPjsP4RkNiokttFUh0pY8Y0eRNUf/onzw7+j/PdfUBJt4ELEIEoN ETRGRnAuchD1//lfaUpJpuK3kZRGf0GVIYqKqFiqDDHUff0VzcM8HI+MoT4qljrD5xREx1Br +D3VEbHk//6PXHa7qIyOpcAQS82f/weXUlK4MH4cV9wKDbGfczoiivKYKCqjImnsa571twXd EEWDEPR38jEF3SQ5GaK68I5cyaSJE0mQnHxjScGkeIhXncRZXHw3dS4jR4/FJLuIt3qIU1Mx KikkWPSEuhPnLmLYmAkkyi7+Yh2KyeolUdbnUo+zpPHtzBySh32LSXGh2FKZMmMBK3I3sXjl OlIy9dB2SUkiTnZhtKb+BEH3sj/v2DuPnxD0bgSDGgT9EAwJ+r0fy+L+1kFX3YSbB0+f5uzt 37u7lbf+Xun2++7LKa63evDdP/5z1/b1aQV27T0kBF0g+BGCQb1oGly6eg2bK50E2RtK+vZj 9787lCSu5z1t7LrX+75HjW8t12uZruV6P0N6jXlS9DFSTm8G127cRtNAb3QQCAQCgWBgCAY6 8AfaeR4Ef7ufQLvGvUunKf/Nb6gzRFJtMFBjiKIuMoYqQywVUbHUhoT97VJjiKYqJMG1hmjq un1WZ4gOiXFU1+c9l42i+q3f17z1/7c/rzZEUdX1+6ge2+urVHfNjx5LeVQslYYo6iMjeHBA CPqPEU7QQa9n6f+GBP3RUyyOnyjo3R2nzznIw3tWOG8zhv08zO+66mzdt/GO+mHX3yRjlJMx yqnsz8t/5/ETgt6N8D3o/WsV+aUWMQ+6QNA/egt6Ggmypx+C/gspQtAFAoFA8LEJdhLQOgho EPC30+H38+RCI9W/+Q0VUQZKo6Moi46m2hBDXWTf84t/KqUhMor6yGiqDDGURkVTERVBjWEQ 9w4e/LnPxC+anyToP7UH/ZMpbwu6F5OSInrQfyrhxqCrvwpBd74R9NAYWyHoAkFPul4awKWr V7G5UvXpEoWgCwQCgUAAgBb00xnsJNgehGAbHcFOnp1rpOY3n1Efqfd6l0fFUBYVS11kLKc+ cUFvjNR786uioqk1GGiIjKAhcpAIcX8H/RX0B4/fvwf9l1+6C7pXhLi/L5oW6kXTAmhagOet bSS500OVX/0AJ1i8v/jSfX+NqpsE1cnxwiICAT8E/QRDki4QCN7Q/aVx684dXMnpJIYypRs/ gZKghvJeDBvLoydPQ99KCLpAIBAIBo5g0E9HsJNgWxB/sI32oJ/WW7cp/Yf/xqnILzgfEUtj RCylMbFURcdSb4jpGov+aZYYKqNiqI6O5uznUTQaYjkeGcXTktKf+1T8onmXoGvBAAENXrS2 kzF8HAkWL4nWZIzKz1+fGtCiuDEqLuJlJwkWNybVxbETJ9G0H6+fCUHvxhtB11t1OjWNhSvW dgmvUXZ9GkVxd5V4xYU9OZNbd++haQEIdhIM+vXx9gKBoAv9paERDAZo7WjHl7NEn//yU3lZ mJ0YzXaW525A62qBE/e5QCAQCAaOoOanQ9N70APBDjoDAfyt7Zye8h3Hor+gPiKWUxFfUBwV Q3lUNLWRUVR+wqXCEEVZVBSVhihORcRwJPor8k2J+B8++LlPxS+a/vagt3UE2LbrIEbZzf/P 3nu/WVVn+f5/w33uzHfu/c7M7Z470zN37Kud7KRtxixBEcmhoMhJMgZoMEsb29CGVlExtLYY UHLOqShiEQoKKqeTzw6f/Lo/7H2qQLGD4kDLfj3PetCqU2enT3qvtT5r9+xX/q0V6L0GltNr YDmjJ82guS2FtfZPivREoJ9E6T5ZYzDGoB3kAsk7Hy5l7JR7GXPn3Yz+G7GRE2YydvI9PPm7 12hozxBKhXOJQE9I+HJsx6vWjDV4QvLy6+8ycvwMysdO+4Zs6hn7rlHjZzD/rQ/IeQHGnnRN CQkJCQkJZwhnNEIrnHYYpzHaEWiLSh3nwENz2Hbltez95VXs+NWVVF56BQd+cTm7L/36tueS y6js+P/L2HNJ53+fie//Mtt7yeVUXno5lZdeQeWlXdj36/vQbSdwVpztR3FO85cKdGUsvtS8 vXAJYyffw/Bx39R66yQb8/m115lbi51q0zu+f/j4qcx6cB51be2YPyPOIRHofxHW2kiwa33G LVAaX2mk0igl0VqhtEZ+ze9VSqG1/rMNICEh4fQYY7DWIoQgCIKvbb7v4fs+2YJHthiQ93x8 3yMI/DPy/WEY/lmPbEJCQkJCwjeBsxZnLDIQiKKPKAax+cii97VN5bOkg4DALyL8Vky6SJjP EWbbEMUCwisSeh7CCxCFAFk4M8eVhej7RDFA+iFWm2Se/Qv4MoF+OkprFyklvn9m1kSnrL9i i9ZbPkXPIx+E8TrM/0aOeTorrSv/EhKB/hdQajjfhFXuO8DO3fviiJeNBjjAuq933NJ5JyQk fHVO7ktf15y1kfPMGD5bvgqhdFQXgjM7piQkJCQkJJwNSttEnTnVbFzb6WuZlnjWYpUCm8cJ hX/oIKktm3Ba4qzGWRMdU1usOQPHtAanbaeZeK51SbHlP8dfI9ChMyjyzVi8jdlGbVFpQ2s6 R8Xuvd/wcb+6PksE+l/IN7X4fe3Nd3jl9bfQ8QAGNqmynpBwDnAmxbm1pQWKxReKLtffTK7g xwuI//qBPyEhISEh4UziXOf69eQ1rLVg3JkwQ+gsVmms81BGc+SN+WycPhOrBNYqrDPReTii 18CdgePaUn2qWJQbZ9E2Ss9O+HK+SgT9v8aiV2nvO3iYhx59rCPb+L9apP85EoF+lpm/4F1e ef2taECLH1oi0BMSvo1E/TvUhmtvvAUvCOOfJZN8QkJCQsLfPicLdOsiMxaccV/brLVIB9Zo nBWEDupff4m9k+7EGYW1CuMsJhbSzp2Z457u+pII+p/nr42gf5N0PisbFwKHqsPVPDzv8W8s APt1SQT6WSYR6AkJ5wuJQE9ISEhI+HbSIYjdSYXAiMXsGTBrLdpZtFMYJREWahe8wIE7J+C0 whrVEcXvOJ8zYF+4xtP8POGLJAL965EI9LPM/Dff5tXXF3yhol/S9xMSvm1E/VsoTZfrb8IL grjPn3sTQ0JCQkJCwl/D6QQ6nBpN/1pmDcZZlNVoqZDWUPPmy+ycOAmrFE5HNV1KnJFjfj7F PRHofzHnkkCPsB1mLFQdOszD8x47ZQ/6uUQi0M8yixcv5qOPPkIpdc41joSEhDOHtRalFGEY UlZWhud5f1VFz4SEhISEhPOXKH3dGIcyjsCGtCxewp6XX0/eWnQOcm4J9Pg1unFRXmMMx4+f YP5r81FKRZ84x9pPItDPMlJKhBBIKc+5xpGQkHDmKAl0KeUpr0M0xpztU0tISEhISDincYB2 IBxoa7FS4hmfopUdoivh3OHcFugWrTRK6b+6eNt/FYlAP8uc/H71c61xJCQknDlKCwgpZUe/ TxYU5xdh1RHSb3yQWGKJJZbYX2ntb3xAav4HtL3+AS1vvE/q1fdpf+UDCnurMMYkGWnnGOe2 QDcYHQn1JMU9EeinpaOhJANLQsK3GmtthygvRc6Tfn9+0frUK1+YcBNLLLHEEvvq1vLI8+ds FPR85lwV6ABaG4yxWPvNvUb765II9LNMaZGeLNQTEr7dlCYBKWVHzYmkz59fJAI9scQSS+zM Wssjz5/toT3hNJyrAr0ULNHaoJQ+i+f0p0kE+llmy9ZtbNi46QtV3BMSEr5dlJxwUikenTeP IAwTkX6ekQj0xBJLLLEza0fufrgj0JUUVz93OLcEOh0CPWorlsamZpYsXd7Rds41EoF+lpm/ 4B1+//qC5D3oCQnfeuLXrGlNlxuS96CfjyQCPbHEEkvszNqBibOxWqOt7nglmrXJOvpscy4J 9C++B91y4HA1D8977JwtMJgI9LPM/AXv8srrbyUCPSHhW0/Uv0NtuPbGRKCfj3xeoB/4t4tx xiSWWGKJJfbnTCt8oznwfy75nECfhUsE+jnHuS3QoepwNQ/Pe/yczWRMBPpZ5rU33+GVN97G 2ESgJyR8m3HxJPD5CLo7ByeGhG+G0wn0hISEhIQ/j3MG5expBbpVCm1NItDPIc5VgW6tQZtS BP3xc7YGWCLQzzKvv/UHfv/6W/Ee9CjFIhHoCQnfRiKB7gvFNdfdRN7z40nh3JsYEr4ZEoGe kJCQ8NUwziJPI9D3T7gXpzTGRanLiUA/NzhnBbrRGGvZf+gIj/zmiXMyvR0SgX7W2bB5G+s2 b8dYEoGekPAtxtrIS+uFkkceexIvDNFanZOe24RvhkSgJyQkJHw17JdE0I/NfBindBJBP8f4 vECv6T4UWdd0VkzEJusakXWNhCcaqNmxm4UvzSc80UB4ouGsnduXWW7J2kSgn020A2ksynRW EUwEekLCt49SIZJQGVTc5xOBfn6RCPSEhISEr4azBn0agd7y0HNxkTiTRNDPIT4v0BP7+pYI 9P9CHGBd50DiXKclJCR8eyg53py1OBMvIlyyiDifSAR6QkJCwlfF4jm+INCbHn0eU1o7Gxf9 SzK3nm0SgZ4I9L9pEoGekHB+0CHQT+rjiUA/v0gEekJCQsJXw1lLYL8YQW9+5PkvzK2JQD/7 JAI9Eeh/0wipEFJh4ixXZy3OmqSyc0LCtwznLNZZrAVjon+ts8ki4jwiEegJCQkJXw1nHNKa L6a4P/x8Etw6B0kEeiLQ/6b58ONFLPzok3jBbsEZcCr6NyEh4VuDtQZlNEIbnn7uZXwh48KQ iTPufCER6AkJCQlfDWcc1hqqPifQj971CE4anDk332d9vuLvPkB+5cZzwgorN1BYuY7Cyg3R z1ZspPqtD/nw7vvJLl9PbsWGs36Of4mZgveNPKtEoJ+GNxe8w/w33sKYqIAUTscCXZ+R7/9L B6tkUEtI+KaxKKPxpOaq67qRLYYYazre3pDw7ScR6AkJCQlfjSiG9UWBvm/CLFyoYwGfrGUT ToftCH5aa7HGcbDqMPPmPY7WZ0Zv/S2TCPTTMP/1t3j1tTfR2pwk0GXUkP4q4ug7Flva22oN QSHHoRNH0TpqkMYprA4p5Hz8MHoXoDWKbLaN5rbWuNBGnGZP5x4eUcyQy/mY+BUWylm0Vej4 7wuFDKlsAb/QRnshwLiTzusksy5yBjgr4oqb0aArQ5/2bCvKaKw1GKc69hH9yWvGRufLSfv5 3anvlnZWd6Q9dXw2vj/OgbYB+WwWTwi0i87plP1LzoAznd/R8b2d12WsQRmJtBpnJbp0nY5T zrH0nKL0ZoOzCllIkfOKOCcxNnqPp7UaZwzFXAviNO9oLJ1DdL3RuRkHgZchnQ/jSqYyOo6V 8XPShIFPLt1OJtWGCIM/uQfaxffSWoMzBmUM1oTYhqNYYXHaop2KJkXj0C56dtpZrHZobdBO YkoVVZXDaYd2oOLjKhdFlo3RqPi+mPiY2unovLXA1rZjpTlpn5lFOhOliGuHsxbtLNqCMxbl DMpG36OcwjrdUZit1Oa0A+EsxmicUlE7sRbrNMbPEeY8rNUY4zCW6BUuRkfP7eR7byXWgSn1 XYhT2aNnGO01tygnkc4QBIZrb+5JuxdE91QbnDVYq1AdKfAO62x071zcH2z8OxeNE85F91o4 sMZRWpdEhehMx3ignESb6JmUnqeJIxFOO3Aaq0NcuhEXRGMC2I6CdqU2q0v75uNn5Fx0fdaq 6LNGY41GG4czGqcDbGsDoVJoZ9DGoozDuPgZl8YZp6JzcSb6uXE444CofZX6mIifnbEWZ8Oo n1ob3R8bFweKr7PU/3DRdqHovGV0LOMw2kTnqwW2uR2tNNaF0XdY2dFWTt7LaEvXHvcpK4rY xlaclPGxXcd9t85gwyK2pQnb0ITLpnFW0PrkS18q0DvHnKjtKBmSTafIZLMEstTGLFYHtGQ8 tLEYLUin25GmdC87n5uL22Hp+kvjYuc4pKN2BNEztLajTXeM2Se19ZPnmNLPS/c1cHQcp7QI clGnP+melL7n5EEmavsnj2nxyHbScTuv58uIxox4nDWCXCFLaNwX5oKTx7ZStpq1pTnBYk1I WzZPIHU8F0ZjjDZRv7FGUcxnSafayeZy8XhNx5zRca6l8T52tnfcF+zn5o/4Gt3pMmkszsp4 LI/GJWsCWtuzCCOjdugUxkbzyOfvb0c7sCc9z88d43R7dU9+3tHf247zzXmtFEMZLXCticZV G90jGxfoMpZT5v/SuBXdD42zGuHAmXhcLo2jpc+fNJ93PCtsxxwngiLZoviSPcad52zj51vq F6fPVLLxtWi01Vir47WToJAvUJA6cqLG85R1nW21836ftC3RiY61QjQv26gNGUEqnccLJSYu YlY6/qnZkqUCorLj76N7ZrFWYWz0vI2JREZQyJLNFeK2wBefr9V0jOXE6x930thWGhM+1wY/ 3xdP/nlnvz/p+kvtKB5PTraT73PH9VCaO23H2BD9znSc76nXEf0uGv/0FwX6+Fk4YbDGnnKO CQmddAp0sBhtOXjwCI88/FhHfzqfnTuJQD8N819/i9fmvxWLstKi6asKdIW1GhkLD2tCXnpy Hvc89QhhYNCB5mjTIaaMHMolP7+e7buPoGwkug5WbWHuw7+hoCzGapwJOgSCAw5tW8VtPXrj q2ih7VtNoIv4RlDItDBm+CheePM93l/wW+Y+8QLSdg641sYZAc4gHRipaGzYx9I1W5Haooxl 46pljJo6mrZcCq0DhCtgtYsFZuc7pDsWU5QmQB0tXOIFQknwOas7P28ETkeeVdOxmLc4LdHa 4usmZsyYzsZ9B/GcQqlIPJQEAE7ibCREOxbr8QIFp7FGUgzyLProfQ63NOJUjqIFrXUkHp3E uNLEH4kLayzKSozI88ycKTz18qsYlUEqTWg0SvuEuSzTJwziUFPqC3urXLwgVZbI6aIMYZhj xoRybu09lKxXxNkiWjmULpILcjw1bx5TJk9izr0zuWf6ZKZOnsScBx8lnS+ctkUZC8YYlFHY UOGZgOz29Sy64gfs+WQ1oTIIW0CHDhNYMscOUfvOexRlDi0lKvBp2PIJDdt3o3RAUQb4KkTo kFAKjJII5VBGI7UksAqrHUpZjNAI6yOkJmypoeLaMjL1LfjKRL9XmsAIpDGY0KGMQRoTCUBj EEYTCouRBmlCtJE4EYn50BqUNQjl8JRFSYGUAk9KnLRo49O89D22vfIhQvoI7dChI5SaglaE ocEqhzEOaQRS59DCoU2AswWccITGoIyIhJ9ySGkIVEgoNZnQ0HfIcHLFAKls9IyMxtiQUFqs 79CBwxiL1A5tNNoKnLBY5dDWRItbqRHKEhiHVVE/stKhtUNZjTUKbSxCF1FCYz2HtYrACLRw SBOglMPZANlWw/IJvckdbMYog1OR0JXGYrXBao0ILcI4Qu1QoSF0EqEVSgco4xCFNFV//IRU Y4aCDghaGqgYM47GqjqE0oTaRP3dgrIGLXV03U5gtMIITegMWjmkcrjQIkyUZaCNxjcOHVik CGl8ewGte48TSI0f/40NHVIZTBA5AkJtybjIOWWURZsAYwK0skgdYpRHzWfvsujKWyjsOYSx aZSxaJuPHIXGdjifjHYY5TDSIrVB6SJ1n8xn5aXdyFefIFACLR1aSXLGo/7T5eybeg8Vd89i 25z7qZx8LzunzubI2Lv+pEC3xpBJtXHfA3MYO2YEc2fdyz2zZzNu8lR+89SztOTSWNHMbQPG 0dLaTkv9UcaMKqemPYtVMrpXFpyKnFXKGayJHDEmHrNMqfaBFdFY5CAIUrz/znscOlaPdrJj DMWJSKC6ePFtRTzuiuh7tOXwvq28sXIDVkusjhyUzkZzUWnsxCm0s8iS4C7VYLASZyWlqAaU xshovNSOU877dPtMHSCtRWmFMoL925fT5ZpreX/lJpSLHD8ufpYdQsK4WEwV43Eu6huH9m7i Z7+8gj98vBjhQFuJdgapNTt3bmf8uFHMmDaF++bOYdKUKYwYM5b3PvqEQJvYKRQ9Q+N0fL4F sD5OObAezqloTrU2chBZi+pwakRiCkpznmbHxuUsXroebTTS+sjCCXr1H0WDl0Fpi7BFfC2w Jh/NrbGTNBKokfPc2SB2PppT6ts4B9bYDkFt4/tqYiersxanTeezUpJxUwfx/pKNKKUxRqKs j1USYTWhBScdwjiC2NHsYudu5OC0YD32VWxmSeUBrAwIbYBTNhoDrMVaiXQW7TSm5HBV0c+d sXhWs+qz95n72O8j5+YpIqx0PIU1BmVFNB4bGTlLS9dNpyMsWicYCrkUL7z8Cm2pdoQDJZqZ OnEya6pq8I1EW7BGIK3oEKYqbp/OGpzWOGXApTrmd+dCrFVoI8m11lA+YjKbKvajhYnWNsbF z112tmsbfY9zGYyNt0A5D6MNocyzcNHHnGhuQgqFUoY3nn+CF15+k9C4yOltS07TUj8LYwdK yaEQO3tL45qLHKSRk7uzDXY4rOJxoOQgKzkCSmNi5BzWHesr68J47XRSoCheq1lbcsrGDh6n 4mejkA600zgniQI5sVMqXv+VnH3WKayQXxDoByb+GictRptT2nIi0hNO5uQ2YYzj4KFqHnnk yfNenEMi0E/LGwve5pXX3kB3VIkzfJUU95JodLFHX2uNFTkG3TGQdQcOIYWhkMnQrdctPDx9 Gv/6jxeyadeheCGq8IqNTJ8yg6qaRqQxkag9SaBrGTKifzf21LQjrcaoSGBqU2Dnjm307TmC E5kMqWKGTLaAM50RvMg7ZbBWI0wkrtatXsi0e56I3wdtCfJZmnMppAmxWmJcGE3M8SIm8tie 5O2OJ0d7UnQ7imDFHv3SAoF4ojkpqmPjBUMUZQ3xgzrKho1i74kGlI0WHs6Wzrkz6hQJbBVP MApjdRxxN+Sz9fTq0ZUte/fijIdnwWiN0xZjfEwcSY6iyVE0V1mNDj3G9O/FY8/9HqNDlNZI G4niYnsTPbt2obq1/Yse5Y77EZ2nNCF7NixmSP8B9LrlevYeO47WIdqEhNqyaf0HXHrZ1Ryu rSdUCikCao/XcM+s2dTWNZy2TZWi+do4PAuy2Mie0WOovucedg8ejggtRngExuJ0iuaP3qf6 hiEUwiLChPjK59C0cVQ8u5DAGArOIJ3BaYvSmoI1GG0xwqGMQ2mN1hLPKDwdRSiFkrTU72bT L2/GSzUjrEYFFqXjdHFrsKHGOhEvFCRWW5xwaBm1LWkswlqE0WirEE4jlcFKjWd1lL2iDW3a 0mYsQgrqn3uGQ+8sRUgfKxWB0QgLoQUdOtqtjBZJ0ie0Hja0WGkxxqK1wbeagpEoJUlZQ1o4 RGCxnqHVKhoz7fhaIbUhtJGwcsohtSU0lsBIAiuRWkV9TTq0MXhWIUz0rlerLU5arDQUjSZQ Ft8YpFZoGb8TVhustuSMo6AtTgiEC/CMJDAF8s5gjUTXHGLLzVfSUteCsLrDCaeEJLAWT7uo r0qLcAbfWFRo8KWhYDXKGLymg+y4sQ+pvUfxlCAni8iW45iiRkuJVkF0fwIRiXEdOSciR1gU 5c8aTWAkvlY0GIvwXBx51zilkTpAqha2/OpyDn64Gi0M2nfkrUUYQ6hDcqaIsBqpHUI6tAVt BMIWMIFF2oDAhgRtjay75Wb29hlAzVPPo5XGc1EmTGAtInbkmFJkzSqklUhpMNk6dg4ZQe3Y yVR/sAIZZsg7g1QGr/kEK6+7hYaPPyTIp5FBFtHawPZXX2dz7+F/IsXdIv08T/7mIUaOH0vV sRq0MigpqaurY9TYiRw6ehhbqOWWnmUUcllkIGhLpchpjVMOYwXKSmwsyFXJ0ahNx1jhbJSZ IjsWzJpcqo4uV17HivXbo7/vEOhxxMGZ+B7EAjB2OFqjefvlZxk85X6sUR1CypkQbB6tDcKa OOPCxlGzOJvF2CjLJc4kioRV5MDpEF7x543RGGNOK9AhEpraCAIvzZiBvel648306FNOygs7 HaMn/V3kPI6zZrTDGYkI2pl111QG9e3DnVNnoXTUrq2VWO0zePAgZj/wCO3FIsJYfL/IZ58t YuZdMxFKdYoCayJHhnHgAqwN4wyXOOIcOwyssVF2jusUyFByUBicCbnv3klMmX4fSmmEVRSa q+jRexjtsohRDm2KcfZElN2GLeCswGqNtQJtNNbJk8T5SWY0Vqtoe90px1dRhpuJnD2lNYAN C3S//Vo+W70lcsQYgbECqw3SapS1cRs06Djyb02nQDfWgi3y/G8e4Mk330Urg2d1PM8LlLEY 7RG4KKvNOEVgo35vrMQaS2A1f3zjdzz6zIIou+q0Aj3K5DFWxiJX46zqFG7QcQ/AYrWiubaG f/vuf1JTV4+0EBROMHTQECrrmwmNRBsTOfStiQVjnDllIseCtnHhT+d1OPNxCucMwhiUzFGf TpEPBVYJnCl95uTsvCgC74zGuQLaKEzsSHJOomSWfv0GsevgIYS2BNrgZVrI5H2UMWgtcEbG zzXKSIgylaIMh0j4RgENp02c9RY76zqcHZ2ZNdaquM12RsJLbTPqb1EWW2l8cUbFThXT4VQr rZsiZ1UxXs8pnPOj+dqKDidR6Vyi45TGmjjz09Ih2J1UXxDo+yf+OnYqdzojEoGe8HlOFeg2 FuiPJwKdRKCfKBx3vAAAIABJREFUluqjxzhcfTROK4WSV7eU9veXUkq/dHGqq9OK9mO7GVU+ leZAIZXCyICGVCOZE7V8/59/xIbKg/HEZ7CmwOwZU3js+VcJjcVqGYn9eLBTJuTdN55m9Iz7 kEahjEPakLDYQvnQvny2fCXKaJqbW2htS2G1wFlFGAZUVFaybNky6mpPIKyltamJV16cx4zZ v6X6WC3pbI5cextHG9rQRlLMpWhubiHX1sqmdSvZXVmBEIpi0WPN6lVs2bSOolTIONUWZyJx rg1OFTl69CiLl69i584KisVi5OV1RZxVHD10jKWLF3Ow+gie0QTWJ5c+xIBBo6lLFzAqirK1 NDaydvVStm/fjJQ6jjJYrAlItTWyfPliNm3bTFs2QyHw2b99BV2uuppFK9dSV1dLUUm0Ehyr Ps6KFZ+yfcdmQmVQcSTBGYeyBhV49O7WnRdeex+jTMcCWFlDuv4w119zNcfbU2ijOh0UcTRI W1BSYpWhtf0E111xJa+9+S5vvvgIr7z7CVILlA0QVvPH159ixuz7yOsoiqWNQSmJ1iraWnEa nDYYaTDCUbQG8dH7rO3fn6CtkV19e2KaAoQSSBWi6ndR9+TjHL5pAOLAfmRtLfLAHg4OuYPj j89H7zmK8rIYW8DW1BKsXE9u1VpkIY1QBiUtGZdH5hspbN1M87JlmAO7CIVHat9mtl7TF53N k1c+QbEZsbcGWbTkTYgu1uKv20xx+Xp0/WG0DFHaUiymCZtqMC1Z/NUVyGMn8IzAV5ZQWbTN UfTaUHuqKH6yjHzFPnTBx/oF9j0+i8bFq5D7DxB8shS9ZzdGyShKKhVBvo1CxV4yi5cSVO7C D4tRhFgqwvoabLYNvbmS4oo1FOtO4EuJEhanQmRrPXLdRuSnGxAN9XgtBzFNbejQUjAeYSZD sHET3pJV6JojiMDDUw6l85iaGoJl68mv2YRJpdEyuh4jHEI4clajgwz+vr1kF69EbN2BCSRK SKTyscV2ivsqCD5Zhj50EBUIlJYEB3ZQdfnPaWtpITRFpCmiq6sRH6+isGMvuWyRvLVIIxBh jtyJExQWrcZfuQbdlkZn2wlX/5HKq68ms2or2cMn8PJp/CP7kYEmtFmEbkHUNJBaspji9gqy hTTWNwjtsO316Np6TG0j/tKVFLZtwitmUWEsYky86M+3I/Zv5MCPLqT+D4sIDtRi0gGeLSIa 68muWkO4Zg2qvYUwVJiCw0pHYAO089HS4dsCykhOLPg9W8beRXrjUlYOHkhgiQRHoLEyylZw ykULPxUV+JNKI6Vg27yJbB09j+DIGqrGzkEVg6gvCUNq/y423XAdxdojyMAQKoMJNaFQ1P/m hS8I9Mi5anBGsm7FEn72kx9xrKkxzsJxkcixilBKtAlRrYfoM3AMwsshvJC6uuizThqkLHLw aBUrVqxjz+7dhEohHEgvzYnjx8h5Aft3b2fFqlU0pjMIB34+y76d6/jVJVeyaMVGqmuPEoYh xsSLZCNwJqSpqYllq9ayZfMmCsUixloa647xxNx7KL/rSY4ePUIqk8FaRS7Txsb1q1m3YSMt uTxBHBE22qOu9hhBEFJbc5yKvftR1uIVc2xat4aVK1bS0p6OM6E0zoS0tbawbPlydm7djFf0 IrFrTl1MWSEJZciR3esoLx/DgcptXPyDn7Bi/ZZI8HcICx3Pl3EqsnZRxFJ7bF3/GZdefiUn jh5i5PBxNLRmEPE5a7+NW3v0YNehYxQthMZGWQJGokQQf2+nk93ZECM1hw8dYOmyTzlQdQgh dbT9xwhC32Pz1p0sX7mG2hPH8ZXuEMLOarT0aao7zJjhA5g5Zx7V1UdpyWap27OaspHTaCpk WbV8A5vWL8MLfIwVGGWxOkMq1cqa1ZvYsmUV6VwecVJ2go0d8lZLWpsbWLNqJevXb6Dg+ZFD 1kRb4Joba1m+YhUVew8Q6khwiWIbl15+CRt3VEZbYmxIJp9h1ao1bNq+ifZ0a+Q00AFYj1Q2 x9at21i3eg1NzW34YUht9W5mTBzFC+/8gUPH6mj1fJyyFPIZdmzfxYbln3G8pR1lAoyV+Fbi 5Qts3LqZDWvXkwvzvPn0gyxYuPoUp0I0L2r8YoG9uytZ9tkiDh+qQsVZc36+lapjxynGhTmN CmlqbCCby5NOtbB59XK++88XUFG5l9qmZrKtVQwZVEZ1W5r1Wzezad0a/Gw7Ms7QM1pQyLay Y9M6Vq1eQ1MqTWAc2mqUDqmvraOQK1BbX8v23VVkcll21zXgSYGXa6Gmeh/Hqms4duwoR2uO UdfQFGecBBSLabZuXc+a1etobmrHWoMXZDlWtZM+vfqyausOqo/XUVSGlvqjpPJ+9NxUkba2 ZlavXEHltq14nofnQFlFIDwa6uvI5fPsrNjBxtUrSLW1Eeo4CGNF5GCJ22cm3cqG9WtZsWoV Te3pyEFhNc4o0qk2Vq5ew+atm5EyJHSgVUBL3TFasx4Nzc1s27YVr5inob4OqaOAitUBVocc qa0jl2/HmCJt2RwbNm5h47q15ItelJFgDNl0K+3tbbS2tlKxqxIvFBhHlFGhv7gH/cjMh7Da JinuCV9KZ5ZK7Kyyltq6Rha89YeOFPfzmUSgn4aOyGzp/0ve/r+ysXQI9NJ+L6PYuuQ97pr1 KHnjohRfrQidIVdfy4X/dBGbdh/EWYExFmc9XnziQXr0HU5OmDg1rjNdyNgC+/ds5l/+44ek coUordTmqNywjMtvuJ6GdDMiEIzvV8Zjz/8eowOa6o4zdcoU7ujTn+EjRtK3d28WLVvOy8// jssv+TGXXtaNsmEj2b5jJy8//RQDh05GKsEHf5jPVVffwrRJExg7soxf/Oxinn3uRe65dw5j Ro2k603XMWHqPXhSoUy8Z8mBVYo3X3yanrf3onzMRPr17cvsWffS7ocUvUaeeuJx+t0xkJEj htG9R1fe/eBDCjYg1VhJv4HDafUCrPB4++3X6XpTN4aXD6Zfvz7cddccsjkP4wTLlyzi1u5d KR82lIFDBjNgyGBWrF5NWa+u/Ot3L+DWXgOYOGkarakm3nj5BW6+uScjRw+nX/8+3HXPLHwR nXNJoIdejh43d+e1txeRz3vkClny+TSpYpEjFau58vJrqE+nsVZiTCSmTRx5URakiFIMP/pg AVfc0IcTza3s2rqCnr0nkM4VUVYjTZGNK5fxs0suYfXmraS9EKk1UspI4H9JW7PGopRFKoM2 BSoGDSM/fwHNVrDnkamkP9pCXmtUMcva385j8U03sfmnl/Hh6HIOv7GAVdNGsfEXF7Ghe18W j5xI8dheajYtYfXYCewYMY71Q4eydOY0ZD6H0pJU3W62zJjCyrLR7Bw9hSVlwzm4fC0NO9ay 7oYhuKxP0N7EthkT2ThnHoFvaTmymz2TyllfdiebRs5gbfkg2qqrSGvJwXdeYceoMjbe8wDL h04ns2YDWafRRUsoNLpQy5Enn2Rx7zJ2jZ7M+rLx7Hj2RUS6iV33jqB69jw2zfw1O8ZPZdVN t3Ng4SeoQCGLefY+8TRrh0+iYtxUPuw3jMN//BhPCmR7G+tHjmD3c79jzaR72dq3nPU33k6m uppQC7y6I2wbMoK1Q8dSOfwuls26l72zJ3Pis6UIo2ir2cnGab9mw6CJbB85g4Ujysju2o6S luYty1nVZwibh09mzbAxLB47laCuiYKFwDhU0ZELfQ6+/ALLB5azdfwUVpUPZdujrxD6KcL2 Q+y8cyaLhoxgx+jpLBxcTt17nyCkpL1iLft+fjGFdArp1bP3vTdYOXQsO0ZPZ0WfUVQ8+xI5 T+GLHK0fLmRx3+HsGnEnm8aMZMvkWRxctYzFQ3pS+eMfs3zwnayaMw+vcgfreg6k2NKGlvWk l7/L6n7j2TFyAkuGTmT/XfdSbK/HF5J9rz3P2iHjWHr3HCruvItVN3an6unn0Up1RGgKTpLf u49Fo0ex73v/xuK+o1g47X685iYat69m5cBhbCufzrqhU9gwcBRNlZWE2mEKjoIJsUYjrcC3 EptupLJ8MO27jxK2HmXbsDJaGluwKkRJiVSSQDuEilLbrYyyFZSwhF4TG3vdTGpDHWHuKFtv 7UrzniaUUvjKUNd4lN1XXs/xV+fjtWbxhcILNSpwtPzmi0XiTLyFx2mfZ5/4DQMHDcHT+qTa AjbeGxtlAuVO7KH/4AlY5VO5fQu3396HgrFIL8ezzz1Fjzt6MWzESPr3vp3f/e5FMkJxtGor P7roJzz8xAuMHjmMAX3uoMsNXWkp+BzYs5v+t3fjX77zPW7rPYQxd46jsakZpaItCFb57Nm6 lr59+lI2fAxDBg9i0qQpZItFHvj1XXT56Y/4yZV9GDx4ECtXrGH//h2UDxvG4EHlDCnrT9nQ 4ew4cAwpQ/LttVx44QXc9+Aj9Ly1J7995hkOHjrEkCFDKBsyhOHDhtK31x1sqdiN0pJP//g2 t956K+UjRzN4YD8mTpxMseAhhOycQ63FSo+8V+TxubN54a2FCC/P3ZPG8/Rzvyc0URaGMdEY qpTC2DCKeCqHVQLlp5kzazqPP/cyUgRMnTCJ1/+4As9IlC5iVY7+/XozbspM9h6pwZcKoyMn htG6Y76MFn4G4ed4Yt5vGDp4KKNGDuPKqy7nvvufxpMSL9PM1IkT6DtwKMOGj6L3bd1ZvX5z tL3CGKyW5LPt3DN9Ej+68AIuu+YWBg0cyLK1G9i98i1u6z2UKbPmMm7EeHr1uInhwyeQCwJM GLKnYiNDy4czuGwEZYP6Me7O6RxvS3esMUr76LdtWk+3W25m6NBhDC4bytBhw2lubkJLjw/f f5dut3RjxIhR9OrTl5mzZtOWyeAVmrjgwp+xfW8VThWo2LaJAYOjvx00pD+97+hB9dEmtCqy f+9m+g0aSv8Bgxg+rJwhZeUsXrKE8SOG8JMLL+Sm226j36ChVJ2ooaWunuHDhzGob39GDSun d/8yKnbtRhtFQ1M9QwYNo1ffvowYVs7M2dOZObI/Hy7bdkoE3RhDIZ/j7pnTGTp0CGNHDqN7 16689/FSQq1ZvvBNfnDxpRxvao0cT7JIzx49WLp8JR8vfI/bu97MP/yPf6N/v0E88dtnaDmx k9tuvZ3Z855mxOgR9O7ejZ43duNIXSvWCBrraujb6zYG9R9A+bCh3H5HH9Zu2Yk0hnwhxa09 ejBh/HR69enDI48/x4HdO/nlNd043tDM1k2rGTpkAIMHDGbAwH5c9MMf0K9/GVpraqr3M2Z0 OcOHDWPI4EF0u6UnNSea2H9oD6OG9OMHF1zM7QMGM3n6XWR9n/HD+vHx8nVo5bNm+Uf06nMH Q4eVM7DPHYwfPZIjbe2EJuRg1W6uufpq7r53NqNHj6Lv7T3o1rUrOS8gUAZroyi8MZL6E9X0 7dOLsqFDGVI+gsHDRlFdXY0zko8+eI9be3RnSPlwBvTvw6hhZbR6IUGYprxfL4aMnknP3n2Y NeteTtQcoestN3Hg4EECY9HCUFezn0uuvp4jhw+yc9tibry1H4PLhjJ88ADKR4zhWH0TVoU8 9tBcxk2YxKCyoUyZNo1MLhdF7E2U9fN5gd7y0LMdFdzPd6GVcHpOEejxViBlLKHoXAOfz20n Eein4bQC/Suk5nQWrIpTD63m+Xn3MWfeEygb702SlqKDTMNhfvCP32dL5UGcCaPUVeez5P1X +NHPrqMuXUArGaUWltLvTJGiLNLl0otZun4TzimUSjF76p08/d5alAkxYZZe197IM299jAqz 9OvZg/79+lEMQqTUFHJZWjIZhB8w+55xLHj/E7xQIaXisQfmMOOep1Ba8OqrT3PJlT1pSrWi RYqKHVv4ycWXUHXoOFoFVB+s4H995wJa2zKRZze+j/lsmqt/djGfrlhO3hhC4ZFrb6KoDM8/ /QDdbu5BJucTqhyp1lp6d+3JkfY2GvevYPDQoeREnqOVFQwaMIi2tgyhyCBEgT69y1jy2Qq0 TvGf/+dCKnftRQqFFIp8roDvhxzYuoRf/PQaDh5vwpMao1rocf21bNtzBE8KhPRpbW2P0qK1 wmmLtJpioZ0brriK//53/8R///t/4O/+v7/nf/79P/B3f/+/+Ze/+2/89OIuNGYyOCOwOhIO yljCeI+ttQLpNTJxzAQ+2rgboUNy6Rau/dXlrNm8E99JnPZRgWDl8o/54UUX8f0LLmD6jJlU 7tlLIKL0vdOhHeSdILA5mitXsmHYZGzOI9SG3JKFrO9aTuALpMoiA8WuR++jeurThEJSCDQN QY5D/cup3bqHoi9wBYNO+WTCkIyWhIUMW3v0Qq/YilNFGu65mxMz51L0ighRRIRt6LYcras/ YUPvMuSx/ey5pRfHn59PVhXw/DaOdBvCwSefwOQKhEGB9Lq32Xbno+i8oO7Zh6ju3guvsYVm 5ZMy+ajGQNERej5VLz7J+lv74OeyKOGhwyy1xaOEfivrh/Xk8EuvExbS5HQje558iiW9hqP9 IlKGyGwGExQIdBvFfVWsvnkkJiPwmuvYd11X6ndUEPhZpDzBgfIxHHxjIb712TZsDHve/B2e zKKkIFe5lpU/+j7Nq9eiQ48jgwdw9LlX8D2fVu2T3vgpO8ZNRgQhVXPvIv3xEgJVxAZpsu0N FFVAwYFRjlAZdGsDB4aMJTxURUF5GD9FWJciH7TQ9szT7HzwEWQuRc4UKR7dy76yMpSQtKz9 mH2X3ULoBzSsfJ9N13YnfbAKobOoQiMn+o4gdfAYaud2Nl16HaK9AU/7SJ0iaKoj9AMy+zdR 03sYqi2DzhfR2zeyruft+JkGwv0beO9HP6SxYjdtKovJZNjbvx9bJ00nZzQHHn+A6h7lFApZ tMyhDu9g+4Bx+KlcFOExhpwD34TkW6r54P9eSNvhY/iBQBea2DF2JIWVSwmLPjnp0/jy79kz 5W60Eti8Q+gQox1KR6n2TU8/yPph4wi0wgUBVY8/SdXDv8FqQ+g0yqVxroCzPlaHaCUIbZTe 3/zh76mYdD/K00gVsmRuf/YNfgCpLTo0COOT3r+PXbeOpPJ7v2Tn4PHsW7Msioo+/uKXCHSN 0x6z7pnFg4+9hDCl9GAd7922cQTJUL9nM0PG/BqjA9asXkiv3kPwjGLFopcYMmg4qbxHqItk Wmq44pIrWFN5mD07lvGdf/oeby7ZgVQeymth8tgxvPnBYqRW1Nce4sbru1PTkqWoBFJZlI4y eazMU97rZl5+6SVyyiBEQFsqiycFSrRy/7Rx/Pb9NfhhSCGf4qbru/C7V16lIBRS5Hnxsblc ek0/2rM50s1H+R//+D/545KV5Is+wksxfeqdLF2zgYJQiMBn5R9fZ8rd95Hzilx/xS947c23 KGhDGHpkUlmU1Gh16phljGD7prVceNFPqW9PI7TlyLaljJ8wlYKMUtW1CbE2yhpSWkQpvtqg dI6KXVu59ba+tIUSp4ssXPAKN97aj1ZPYqxCCY90exP3z53Nv373O3S9+Qbmv/YyqaJPqF1U BTius2KsRUtBMV9AeBKt8uyuXMtVV95GUzrNsoULuLnL1WQCQaA1oZ8mny8iZZQlpbVEa4ES RUYMH8mCT1fhBxl8bVn1xgNce0N36lJpwnxArq2Gf/7//4Od+6ppPlHNjy/6CQve/5iiyKH9 Io/Oe4BHn14QpWBboloPKuCe6ZPZsmUTntZ4StPQ1IQMi9RU7aBfn740pLJIKShmmxnYvzcL P11Ca6qG/7zgevZVn8CZLLfccB0r1lXg6yJSNLN66fs89tsFZLINdL/5ej5dsY5ASJRQpDI5 isUCKmxjaNkwdhyuxgsloUgxql9v3v34M4SfpqBCln60kOtuuJ1ACH770Cx+++yr5EOBCAIq 9mzhh//yHTZW1MQp0fFcpTVKCorFPKEI0CLN+++8zWVX9yQbKt57+Rl+9qubaMwWMEbhVIEr r7iMij17UbLAtrUruPCnV5MteARScXzfKq66/Coqqw4SKh+RbeHKH/+C+e+tQIdprrvmKt54 +118pZBBkfUrP+GHP/05hUJILtvEZb/6Jfc9+Fta8xkCpdlfsY2ruvWmMZ0lVCF+GCJFkcrd 27jq2i4cPdGENQ4ZehQLOZRQSNHOfXNn8cGHqwm0oO3EIYYNGUlT1iMUglB59Ln+V3y6cS91 ddV8/3vfYdm69RSkQoYe9989leF3P0hRF9m5cxvf//4P2V65DylCpN/CyPJhbNu1P84GKWC0 wJmAV194mhdf+B0FISlqQyqbIww8Ui31DB08kOO19fha4wU5JpcP5Q8rtuD5jfS88WpGTHqA TNEjDH2El2XQgL68vuAtisaiRCsLXnyEZ954l1y6gZ43Xcu+2hZ8FaL8Nh58+FHmPPwYVueY c/ckbu83lNZcAV+EcSZPVNDVnE6gP/r8nykonHC+06GrOors6tMXLj1PSQT6aTA2qj4dpbad Wjn4ryFK6Ykano7TsO67awoPPfUsRoXRIkNbQgfZ+gP84B//L5srD0eFpKxGaMGaD9/k3//z l+yvbY4FemdlWKcDPG1Y8eEfmDz3CaySbN2wlIFl5bSEGm18gmIDl112Fe9+vIGWhkNc8L0L WLNqO9IKjA2QsoAwChUUGFF2Bx8tXYWvHUr5PDB9Mk+9+DHKKF54fDbld96PpxVWehzet4Mh 4yYjpERpScPxffyv7/6I1vZsxz5pY0EqwUvPPEm3Hrfy6ONPUF19GK1CQgvlvbvS/eYe3Dl1 FtOmTWDqhNH84ie/YGd1AzXr32XEiOGEIsNbTz7CpZdezeRpM5kybSKTJ0/k6quu57133mbf ziX0GziaIF68ai2jvW7KsHPdEn7202tpSmcJrUGLel545nG63NCdF158jiOHq6L9xiquWG4M 0iqy7c3c1OUWNu3cix+GeKGPH2TIhT6fvflbrujSl3S+SFjI06/X7Vx11VVcdfXVlI0cRaaY R6uQBb9/jFGjJuFpj1AJjPR55L57eeSpl8iZqACa0hqri4R+jprjNSx871369LyVqTPvJVRx RW8n4jQ2F29rcLgghyrUcOiq62ldthKRK2LzafLHq1h8xdUU9x/BSh8TSrbfN4Njj7+BkhJf h/iFVg6PGErbseMYXcTIAratnpqXX2TV7F/z6ewHWPPzK8mu34bKtbBj5ChS+yqjPb7CEJoC Svg0Ll3Aum4D2NLrVo4v+gDpSTxPkW09zI5Lb+Hju2azbPb9LJl7H4snD2fBgCnIYoY9D0yn +rGno73enkEGiqKT0T7vIEXFDT3Y8ujj5IQmDB2+NNgwwLTUsaFsEO0H9xMogVIhVb97hnU9 ypG+QKg28ut3sGvW71k++0E+vGsmH9xQjsuEyCOV7Bw9DNEWEoYK37VyZMIYDs//BD/bztYL Lqa+5jAZoVBKk8udoKJHV5q2bKPYWEfF5RezZPR4Vt/1BEt//RBLpt3JH/oOIsimyK5fzAc3 9aLi148Trq3EDwVCC5yUUWE8rcnLLDufnsfH/ftSv+AN9J7D2KJBBylW33E7L829kxWzHmDJ rNmsnj2HD/vcgSgo6ha9yZ4b7yCUhsOPzGHZDV1YdN9c1twzj48enMPCK6+kZtM2Wp5+kl1l ZRxzGhM4rLCERiCVJrN1K3vvnkPal+SNJb1xCZ8MvoMwm6HuqcfY2nMwYS6gKC02H7Lng6eo +M9LSIWSvQ/cy96n3kX5hkBJivVHqSybhGjJE5qocKKVjsBIUvWHOHDhzyikCnhKUji8kz23 90LmsvjKogJJumYLu4aNIOenCZRDKoVWBisDcrUVLPrxReRWbMDkA4TfQmb9MvZecwOZ1ia0 VGx45knmd7+dl3r25OXbBpPafhDnC3RVJYt++hPyu7ZTzLRgsk0UN33K1l9eSqE5i1IBoRVY qdGilWz7blpWL+bgpElUdhtIzfQHvyDQrTVRNXldZPasWTz46PMEcY0FZ+JaF0YQOos0kl2r FnLn7KcItc+HCx5n+IiJ5KRgxqheXHt1DyZNncP0aeOZPnk8//7v/8HS1ZvZvnEJXW7qR00x RCuNk43MvXcG8/+4lFApmmp2Uz5sFI0FhXQSrQw6blNG+Wxbs5TbevTg3tlz2b9nFwUZ10eQ KaaMG8OirQfQRtNwYh+3XNuVoydaCY3FCEHV1vf4p+/8jL0HjtJ0dDv/ftElNGbSSKVor6vi 0p/+iPGTpzFh6kymTpnM2CF3MGb8ZHwpeP+t+Vx+1dXc/eu5HDqwKyqiKQ1Clt5QEUWsgyDD 3Lsm8tYf348KB2qNDtsYMGgom3ZUI4ylqfEY3bvdwHVdbuTqa65n5szZGJ0jm2mky3VdeO6F +fhaY1WBptoj/Pznv2Tphs0EOhqzrZbI0COfbqNi+xaeeuIxLvnVVWzesQ9po8rbuKhAmZEF Nu05zMMPPc7dUydxZ/kAfvnLm2nNZEm31DJ2eDnDykexfNlSitkWQh3d6+itEdHeXy3yTJ44 nlU79yO1h9Ca9+dN55HHXiDUGitDvHwTF33vInbsP8yapZ/w3X/4HqPGT+fOGRO4687JdO9+ CyPG3xd9dyk9Wwk2rF7BpT//BXfPvp8tO7YidIBUPs8+PJ2Lf3IJ46ffy9Rp05gxdTxXXXkZ r731Lg11+7j4/7H35l9eVle+/z/xveu77urOTU83uUmbdN+kk2g0MY7ROAKCiMook4oK4iyI iqIIiqKiDCo4z3MckXmGYq4BCoqiipqrPtMznGGf8/r+cJ4qEIlJG/NNp3lea51lQeFnPM95 znufvd/7Z/3Y09xJ1F7Nz/7950yYdDOTJ9/ELTdOYNzoK7lt6j1s2rick3/5S5o7Cpkzus7q yy2ucpBhV1zKnvYujFh6Ohr4/t/9T0aMv46bb7yO6ybfxFVDB/OLk37FwaZGrujXn62769ES IVajdBNDB/Vj5/7OI1LcQ6cPk1ZYvnI10+6Zzh2TrmFI/4v51ZmXUEw0ix++j7POH0N3pBGt 8WkTJ/4VNMgCAAAgAElEQVTklzS192BtwqfvvsK5/YaSaIsyht3LXmH0VeOIdBKyzFQn5/36 NJ557TOaG6r5zt//b+qbmknEI7pI58Gt/N+f/5SGhgba2/dx7llnsWnbLpRojDFUrfucC664 jq6yQUmMspYt27Zw0imnsLtuD9oKVqXE5QKvvf05U2+/jVtvHs+5Z5/Fa299TCqGpj1VXHPd VMoqRtmINOrgvJP/jXU1B/j03Vfof/GF9CiDzubqx68s5Ce/HExjd5GNq1fQ79Jr6IkqiDE4 ibh10hhWbzoQasZ9mvkmJOyt3cE5vz2bm++4k9Xr11OsRMRW89GrSzjjtNO44ZY7uHHyzdx4 4w387sxzWPLqW1SiFs4783Q+XLszGH8agzMpn3zyNhNvupmydtTvfpf+Fw6goa2T5R88yw/+ 5aeMn3QLkybfxG2Trqb/gEFMvG0KXrdzz63jefOTFSjxwWjV2nBdWYNxjt1HC/QHnsy6LRyu mc9T3HOOpq8jROZxYJx8KQvneCYX6MfAelDishZWh1t4/GfXlt42FX1p6U6YOfV2ps9+HDEx xlu0s1jrKTVW82/fOYHVW/dgxWO8whjL0jdf5oc//jV1LZ2ZgYc5/LhSJDVCoauRCy68gtbW Nq4aOZT5S95AOYN2KeVyI6eceBq/X7qNQwd38oPv/Yg1qw+QuALaFhBbCK2moi4GXXg6Hy1b SdGBkwJ3jBvFwrdWoRzMufNabp7+aDAxUpbNKz9kwj0zMDbFOqF+9xq+808n0l1JggFKZrjj nMGJoa56J7MeuI9+F1/MI4/NpWIsI/ufw2uvvUEkHqcqiIkoa0vJOLa+s5DxYyciJmLx7GlM njqDkkoxVmO0IVUaUUW2r3uPEaNvJM5Ov62kiNVYY1n20TuceNIZFCpFEqdRaRPKJOzdW8f0 qbfT7+KLWfj8S8TWYcWSuiDQu1tbOPu0ftQ2tITUdedCupkT3po/h7MvGk8UpTitSKMKxoQU +ZJSKJtSaG/i7DPO4MwzzmfgoMsYOOgyLh00gPPPv4AL+g+moxwTZ6Zs1kRYCbX73iZsWbeU f/7eCbR3lRFr0BLhRGeOz5CKYFU7LV+8TdUvf8UHo67lg2E38MaYUXw0cgSrzzyLfc++gdEe ZctsuHUCexf+HtEmGH311FM78ioKTa0kSUT3oR0s/dVpNL7yOq7uAKqxjmVnXkBUtQPb0crm MeMo1WzHaE1iUrTtRKsSXa88wcoBN7HiwgtoefENpGKo2IS0eSfVZ19Cd/0+dGcHrqsV29WM LmhE9bB87FCanlyCE40WT2I8ymft25IeNp52PhvnPkmihCQW0lTjYsEe2scnQy6np2Efxhq0 9Wx58l4+H3Y1JhLqXnuCjy4bhl21C916kGjTx6wdfCtJOaZr6+dUXT0a6QlGbyJt7BvRj73v fkFabGXVD/+dlvoDFJOURGsKzTWsOe1sujftpNzcwJYzf0m6cjXSUsF0NmHa2/HdMTaOqaQF dNMBWp99hlVjJ7L8/oeQOMJpjfEGow0mFXQUkWzdwOYpd/D5sOHsfWclvtzBqv79SPdsx7b1 IJ2tVNq6kZ5DlJWn+pV5bB9yOdZ6dky/g0N33EHc04E6WCLp6sK0NeCjhPYHHmLv8LF0O4VT LqR1SwVnLV0rPqZ+2t3YkqFkHK3vv8q6wYNIIsWBWTPYOPh64qhCxRp0krBp7j2s+tlZqHJC 9S0TqX52dZbGmBLXb2f72OuxPQnGWiIf3PCV0zRXr6fm5JNRUYKWlOKedWy99FJcpENJhlZ0 bF/G+jHXEkcVrPYoEZQxpK5M3Zw5bDjtHJYNG8H7w67nvZGj+WLIcFb85ER2vvEGJWPQhQ58 Vzu+pxHbUUJVPJGqUHfXnXz+qzN5b/RIPhs5nnfHjOKjkVew4dRzObR0LYmJkViTKkGZFKsS XKood9Ty/r+eQl2/cV8V6NZknh0J8+fNpX+/QRQSRZo5gnurcLpE0VoSk/LR4jnc/fCTlGzE gvtuYOKkmygYxaQrLuGRR+ZRsBqXFEhSTVkniDasXPoBA4ZeR5vWOO3x9hDXXT2aT9btwIim YedyJl5/HZ3aY1wSjLmMCyLchpZvHa3NzJ83l0H9LuK+R+ZhxWHTHkaOHMn2xjasaJr2V3P+ WRfS3NKDEY/TirUfLeS7/3IKtQ0t7N/2KT85ZTDluIITQ9fBWi767RkolRIrQ6qDV0pqsvp3 G9PZ1c5jjz7M4H7ncefUB4m0zlo6gtjgl7Jh2Qf88mf/Tr+LL2LAoEEMGDSIgYMu4cRf/IKx 4+4gNoJIhFEtmNQRaUGpMk4X+ODtV/nXE07ggosHMPiSIVx2yUAGDxzAz376H0y7ZwapdRij EWvRqQleIVnK/FXDL+fa628jFo/zSRA51rJp1SecO3AUK1avIo26+Pyd5zn93Evp7CkgEk44 l378IdePG81Zp/6Kqj2NKOeCeZgL7dhs3Mmk665i676DGBujjWbuTRN4fP4bWfCmQrGziX/6 ux9Sc7CRzz58i5P/7Re09VQoW42ohCgtUdIu+J5AFmgwOKOodDfz1FNPM2zYYKZMm0ZiNLOn jGfCtZNJrZCkCqUUqdIkRti/ex2n/KofjV1lKk1VDLlkKEWjsZHGahc6OugeNqz9gp//7Je0 dRWwTuNcFESgseiuGi7vfzYHeipo0XS3NfH9//UdGlvbSI3FKBWCBVKivaOFi86/jKrqA1jp wRiNKu3g/AvOp6Gj0Ne5xTmLMxEvP/c0I64ax9ZdtUjUzYsLnuR3w64m0sKjUydz6dDbKCuL 1RZReznhhyfSWtQYk/LWi09x5Zjr0Tbcg1e/OZ9rxt+MOI1XHomaOenffsEbn67n4P5avvP3 /0pLexuJ8TjbReOedXzvR/9KS/MBDjXt5byzzmNf0wGsaJwxrP3iTQZcdTulxJGaLjZs2swF /QezeUd1MM61BqvK3D/1Dq67dSYtzfuIKt2MHTWWz1esQnlN1fqPuO7m+0h0hcRHlIpN/PQH /0R14yE+ffM5Bl06hIIK14NYzZvzH+bUs66iK0nY8NnvGTh2GqmN8dYiVrhhzCC21iUhq8SH LBTngvFpudTD80ueZcSwK7jmuok0FUp8/Pxcpt41jQ4HOukhVmU6tGBtSlJs5bRTT2frvqZg Amc93lpKlUbGjh/HwcZ2Jl19Obfd+yTWpHz82lzOPvtKyqlGacGbmNgIJWORqIk7bxjBym27 +2rOvQ1tXo01KCdfEeitMx4P5sFO+uZ6bhKXcyRHzonQFUTQLiubcHl5RC7Qj8Hq9RtZs3FL ViMXDGz+PIFu+3rBvvPsHO6YMYtUfLbZSfDWUmzezw++ewJrq2r60ivFCq8+M58Tf30hraXQ moOsfZn3FusVXhms6WHQ+Rdx5+1TuGTICMpKEGfQTtHV2cDJp5zBFxtrUWk7v/n1r7nuuruJ TQkjEYWezmAyVenh/LNP5oPPllIWi9gSY4Zezlurq0gd3DVhNA/NWxIMQ0zC2y/OY+qsR3FW Y0Sza+NHnPB/f0tZZ/1XrUOMIU2KlIs9iFGIUaxbt5Z+AwZSiBLunzKJiy/uRzFRQewmMW3d FYxzvP/cY4yacCdWHFXL3mHQJZfS3t2NMeFkcH9zazjZLrXww3/9MY1NzSirSI2mpa0TZRyf vvcmP//5qXR3d6GtJu5poLurHSsGbyOqqjZz1nkXUVLh1F1lrrfth5o587R+tPREfQZ/zmnE O5bMeYD+l92AMiFy7MRibehTbcRhjeGLT9/mpkl3oLTCWo9ImkWaFQMHDWbpilWU45jXX32Z crEzCHTjcSbhw3df5Sc/O4lyuYPutiZKiUJ78D7NHI41jas+YukVw2jZtgxnDV4bnOtApJt4 z0a2XHMThUTjXSfbr7uBPfNewKoyWgxx4SA7Lr+SpGEviU6pWraIg9/9Z4pdKUaltFW9ydsn nULxQCMqLrHrptupfewxdFqkR8qolj20xYc4MH8G6596m6R2I6tP+i3733wfMQUqhWpqzr6A bc8vwCeCr1hsd5G2JCVOi7x6xtm0vvIBTgzGQWp96EPuDGVTYe3tU1l35bUklQoFKdFTbieq FJD6nXxx0SAqzU0orelysGH2XawZdxs2FbaNGceau+4ltmWiyn5WT7+Fbbc8hI8rFN5/hX0j xiCpQ3uNxG0cuOhMDi5fi7eKlaOGseuhJ7BxO7ZrP03zn2DLCWdQ2bmf9rTMmn4XceCJFzBa kUiJtNBDMUroFKHQ2oFRMWlcRKJaXj7nXGxzC6I82pTQUqBcaSdt60EZwRUqtC19njfG34gv NNJ0771semAevlvjEyGNuomaavDaU/vwbPaOvwHjYM9bb7D91MtpbmggTVKU1iStPRixlNYt 4+0zz8EXWkldmbJup6cU5lXH0o/ZPmUKcaWCV4amF56mtt/l2JIh+vxDXvzZmSS1O7HSQRr1 8OmAgax9diHORNRePZb9X1SHVjsuRW1dz9aJE/GRwTqIPUFYakXntnVs/cXJdFbaSVSK62hk 2+WjSbZsw5gipbSDgzffw/r7ZxNZh9ce71KMi+ls3srO35xH2t1OyVeQuI2yj7Gui62vPELd 8NswcWiRF3twklJ0mpI3qJZq3rngIlRzM0ZifGJCuzYp0fX5UrZNuYuCSti7porOvbXEUYor CYmJiPbvZvG/n0PDVXceI8XdYTNj0IP1tfzqpF/w3sefE5vQwtFaxZ66alZv24kSzZypE5m7 4BliG3HzqEu54867KDvDq/NnMmz4aApKIapCkmoOtB3CpppPPnqdqydNoyfzv/CmlSsvH0RN cyvWwZ5tqxg1YgTtUei17IwNPhdiiSplWg41YVSC1QlJpchFV4yjlBhM1MbwIQPZuKMmlL50 dHHO6b/h7XfeIbWCMRVun3gtQ0ZMpqQ0W1a+x+kXjEap0LrJVLoYM/wKVq9eHbKKjKVU6Kaz uweVxJQLnVkGkGZ/7TZ+/ZsL6CrH6N6+tcZQ7mnjtN/8hgULF4SWei67f3phy6ZVnHveebR3 lzCmjFhNokMQx0kBVSoyevQQtm7fTSqqr0ZRrGHPnj2MHDWennLMzp1VrFm9Aq0UYkw4zU1L XPi783l83hIiE9pqeZfixfLacwu4++H5JComjgtcd9UwzjhvEMVyhda2FuKoHISUSnjkwQdY 8voHISAtoU94EOjdjBl1Bet2VGMkRVnDrWNHsPCVD7Pe54quQ/v57t/9kJZCgfqa7Xzvf32X N9/9MJiUqoS2jjYKiT7CoV2wOqWlqRFJC6QqoVDo4uRTzqC1vYctq97hvHMvoqsQerwrpTnU 2kasNDs2LufsswbRVozxqpXTfnUan69djRiDtpZClFIplWlvbuS3p5/G2g0bEWeCmVyhjEo1 lfY6Ljj71+xp6SAxGhWVOO+M03nvo4+IdIQymu5iREd3FyqNuP7qa3j25XfRuoTWlteee5h/ +Zfv01woHW7l5QSTlBg99DLefP/3pGJRpQ5unDCeUTdNJTaOR6bdyjkXjaC7WEJrxYdvP833 TjiZbhvcz19e/BSDLh+BseEU9s0Fs5kw6a5Q5249UcdBfvp/fsryDXWoSjc//tGP+P3HnxJr h9EFXn7hac65eDBpLBxsqOfCi0bQ3hVeo9iU37/1EiMnP0CsFXtqNvCLE8/go8+XoyS0stRG ExU7GTtiONv3NmFUxJ663fzyFyezccsWjDNsWPE+46+fTJxqUrG0d+/nO//v33GgtYN9uzbz f773fbZX78VaQxSVmXj1OB575nW0S/j0rUWMuv0hUh9KZ9JUMeLS8znQpY7IujQYk3Ko+SBa Jzgx6LTAjTffxoYd+2ne8wVDLhtBbUsRozqCCe6hNrSOiUrtnHHmb9nb3h26MojHiwXXxZQ7 bmLKzbdw3iUjaenuwdqIpsZ6fv2Tf2dfa2gX6ExKU3snneUYXWnh+tHDqW5sDR00pEJ7axPl chwyMTxfEej1t89ArP6S63wu0HOOpG9OZOusNpqmtnY+/uxzjDG5QP9rv4D/ijz34issfO4F TNYGB/58ge6cw9uUPes/4bpb7qbbhp7oSaWTxQueZsGjj/C9f/4Rd907i+dfepGenm68CLPu u5vh195GxXicDfV0QaBrUi94acdZ4bm50/nO33+H1z9ahckir6loWg8d4JxzL2RLXTNOSqxY /jEXXDCI+x+czuNPPMm4sddQjAqIiXl2wVyGXDmCJa+8TKVSYOyYMazavQ/lYdLVY1ny+ntZ m5YyT82axuwnFiAmxUjKus9e5ddnDc5Oo0MbKWct9XU7GD92NLNnzWTRwoWMGjWK++6fQao1 B/fvYvCggdx4y+0snL+AqXfexbynF2NNzJKnHmHi1AdRDmzczq2TJzFsxEjmPfE4Dz40m0uH j6G9UMJZxdSpd3DxxRfw9IJ53DH1LsZcPZFKqjlYX8sF513EvdOm8d7777Nr82rGjx3DQ7Nn s+jpuVx7zXieWPhMSJe0CiUWI57W5v2cdXZ/ehKDy9rEhf7zjnkzpnHlmFswmYuuzTalvY6T he5uBg/sz5pscytO+rIIvFU8MGMGkydPplAocNvNkxk+dAiPznmUZxY+x0MPzODSQQP4bOly mg5U8dMffY93fv8Fset1vFfYcpH1Q8bx4UVXYAqFcJJkHQUfEYnCdh1iw4WDadxch7Ud1L/8 EqsvHsaehS9RbuykpCrsmXQja669iT3vv0Zp/1Y2XDiI7dPuYMczj7J7wm18ePYFmLYuKlrT s+wzPux/GbsefIz6R5ewZfgEujevZu/Mu6l7awMlrWjfV8OqQRfT8OmH6FjY++rbrPntmWx/ 5Al2PrWIDRNuomPrFuJiEy+dcw6tn6/ua8tnxCPeoRIhjhXl5jp2XXo9VTc/yP7HF7L21ns4 uGItescW1g0czsGOdhKtMYljx73TWH7bTBIj1L35PCvPHUnt/BfZNfMxVt10I1vmLkR0mQOv L6HmhluJTBDouquVNeecysFNm7GiKLbvpLr/aNZfeTWr75jM9tum8dIvTsM0tmBcRNPnL7Jq 6GiqZz1OzdNzWXf1zZSXL6fS1UDVlTewa/pMahYvZN2d09gw8TakHOMSh3WKxMY0f/4pK8aN ZdfTD1L79CNsHzGWze99hjYlums3sOzCQWy59XZ2vTSHDTdOo3rBEsrWsfmRR9l7zyy0dajW emrHTWTT2GvZ8/TjVN03i91T52IrMUm5nepp97Hs+luoX7iIrffO4MAjr2PSlKi6mo39rmLz A4/TvHMHB+c/xb6rbkBFBltpZ/3d01kzbgJ75j3Jxuvupu66qcQdHeikyOYbrqW1tgXjFU4n tK5cwfIpt+JVMLEMwbognFRnE2/97lxW33Y/Bz9dSaIqNC5+lY9HjmfPk/PZPuMhNg0YS8fW XRSNR5TNyjAUu6bfxqqb7iTSCUVnSH0ptCxyCeVDm1k/bDJpaxltQlaO9YK1IVOg+r651M59 itRYoqyllBJH2aXETfv5+OILUNXV1Lz5CjsvHcDW6dM58OQSap58iBVXjeXgw0/Sev/DX24P 9C//EXp4+2DK6HXCyi8+4sJ+F3P7lKksXDCPe6ffy5Chw3j/8+Voa7njuvEseekVUh0x8pJ+ 3DfjYSrOUu6s4Zqrx3DNpNuY/9STTLt7OrdNuZO4EvH2W88y85GFRFmmlrOdXHD+OXSUuxAH PR1NXHj+77h16r2sXLUOa0xo0eWEPXU1XDHkMu6bfi+LFi1g8qSJTJv9ZMjE0QUWPPYgF/cf yKIXX6PYE/HS4icYMuRS5jw2j2nTbmf45SPZVXcA7SyrPn2bAcMnYbRkp98pn370Pueddx6P PPoo8556ipEjhvPxp5/RsK+ecVeNZPr0+1i4aBHjRg3jxlvuoaINKmsf6I1m2ecfcMZvz+dQ RxeJkT6B7p2jUmxlxMjBVG3fg0gFZ13o/mEUolM+ePc1hlx2BcpqEusOG62KEFUixo+fwNqN m1m1ailXXD6YyZMm8tS8J1i4YB6TJl7LtWOupVhJSSW0yMIrnLNUb9nIqWecx6xZs3jooQe5 4rKBDBgygjhNmD17FteMH8eCp59izuxZXHj++eyorQ8ZB73t7XB4m3DPtDu5dOgIXnzlZXrK Ja4aNpg3Pl6WtaxzHNyzjf/9vZ/QE6WYpMKieY9zyaBLmfPEE8x99GHGXzOBvQea+/YTToS2 lmaGD72C2Q/dz8L587n99tu4YdJNGG3RaTsz7p3BqFGjeWr+AqbdfQ+XXzGUg82HWL9yGQMH jaAYpXhTZOGCZ7hwQD/mPz2P2Y8+xqgxN7JjWw1epbzx8rMMHnIZsx+ezZyHZ3P7nXdRKJZw usA9U25hzISJvPXB+2iVsGrpUvpfcgkzH36Ax5+ax7hrbuGD33+K2JTN61fy6zPOZ+b9M5j7 xNPcOmEcJ570K9pKleDbQNZ+y6a8/8ZLXDxgEI898TT3T7mVSy48j7tnPYFxjg3Lfs9Pf3oy U++6i8efeJy77pzEr8/tT5cNKfi7tm/mxJ+fyIMPzaGqqor5j0xnyr2zMQ7Eeg7V1/GzE/6D DVv343SZT3//LpcOvoxH5z7OgzNnMmDgxSzfsh0lnn11VQy96kZ6KhW0tThX4fUli5k+Zwml qJMxIy+j34BRLFj0LPMXPcvTC59h7br1WBXzyMwHOb//lSyaN49775nGmaefSdX2LRgxlDoO MHjwxdx77yw2b9tOc2sN3/37E+gsVVBJhbun3sGVw0Ywf/58Jt04iQkTJtHaU0abiDeen809 jy8hyUpCypUKgy88h85E4cRkgQRDqdDDDddP4K6pU5n/9Dym330X102cTEehhFNd3HXXXfS7 bCTzHnuE2TMfol//Syn0dFPobqf/pYM5VCxnB0RBoHsp8NE7r/Dj73+PBa9+RGIjYhtMal9c 9DD9LxnKnEfn8tichxk64ip21tQSFVsYN3IkTZ1FrCRElRYuPO9slix5JZh+uq/WoG+7/k68 zURWLtBzjsHhsoeQaWyssLu2jhkzZ4W21LlAzzma5154hUWLX+zbUMA3F+ihlUyoNRMxqEIT I0aMYm93GWNSVFRgzcovWL1iGevWb2LZqg2s3biWqFLGac3kyTfw9qcrQiTfakLfTMDb0L/a lfHOkpSaWb9hLd2pwfjQbkY5IYkiNm/eSkek0DpC6wpJElO1tYrNm6tIkiScOBmFMTF79tSz afN6EpWwq6aGzigNi+/u7TR3dGXp3hENtdvY09SC0wWU1bQf2seGbXUhmtp7IiQO7xQqjdix Ywer16yhpa0t/N4JohO8s1TX1LJ27Xra2jpCL2xJaWzYS03DwdCOxySI1bS2trNpwzrq6vYQ WwmbURGcKDraD7F69UoaGg+ibDjNdqKJk5hNG9azc8d2rEmoRBW2bN/B+jXLaWs7FE6UHDiT Zq3qhDTpZOPWbaH2MQukqKzVWlPdZrbW7gvv4avfOIWeTjauX0+iSmFz5+PQh9iFPqttrS1s 2riBJK7grCKOI7Zv28Hq5aupramlkiakxpAUm9i8bjntPSWUB+8TvDOYSgm9Yg3Rrhp6tOBS j1MebYVEPBVdobh9E50HWzC2TGIizP4G0i9WEXWVKEtKpA6hN+8i2byDYpJQVjF6w3rSqq0k lZiOreuwKsVGJvSpLnVgV2zGrNqELrQRmQKl2nVUWiqUxZKqCupgPT2rtuMiIdUaV2xBr1iL WbmFtKcppGXGMV3rNmDaC6FFlz/cz1dZR2osFZ/g4yLpjl2YpeuRg80UdUrcdYhk01oKKiWV ULMe1VRRrj5A0Rm07UT2dRItXY2t20epaT96XzOpTWhtrsPs3hlca71ByhXiFe+TdncjrkxS 2Y+JEgrNrcRRkfblH/D6Kb/FdEfo2NJle0i7utBfbEWvXIduayGyZbSN8MUiZvcuOld+gdmy B6mYYPokCiUOqy0m1pS62lFrl5Ku/Azd0I5LHEYJyiqSQg+6ajfJ8lXIgUOYOKHHWbr31lJp 2IdOXEjTTnuQ2mrM8lVI7QF0OUInhpIkFHWJ9GA95rOV2LrdxFqhJUJLgjnYhl6xDnWojXR/ LdHOrSiXIBKRpN2ke3aTLluGq91LKS1jYkEnMT3Vm0krCu1iJElIDx2iWL0Fp9K+ntleLImz KJvgC61UNmwlqqpGWUPJFTCtjZS/WI/esJGkUiJVhqQSWh9FTlFJE7o3ryDuPojJWvu5NMGn kgm+Lko1uyi3FUOKtVcYZ0MJUlnRsmU7qqcn68vu8EaCOZUYrI4oVW2l0thGZGJM0oCu2ULl szWoNRtx7Z2ITmh55FgmcVmrIw/eplhTITGKfQf2s27tCur37yM2NvS7toa6bVtpbmnHmpSd W7aw/0BL8OuwRaxOqG9oZO2GNRxoPBic2LWhqXkXjQdbsx7nDmfLrFuzEqVjxBmstpRLXVRV baW+vimkvUqK0QprNcZoamtrWbNmDQebmomza8pLgpiIffV7WbNpK1qZkHpd7GD9hk1U1+wk ikLduxJDR1s9a2oPIDqksFsb5nCxWGTDxo1s3ryZcqkUAo7WoOIye/buZeWqNbQ1N6JM6LPs vAulOFqzt3Yb9U2toYWluC9typ1JOHBwN40tnaF8Rzziw/3AqIid2zeyf18TJsuyOdzLPPRU 3lu/j/2NjYikiCi6OjvYuGE969aupKuzGdEebR0mE9a+twe0VnT1FFi/bh2HWg6xb38923fX YMVgjKKjo521a9aye9duokp8RO93d0Sfck2aRNTta2DTli0kKmb79k0c6urB+9AuM+pp5Iu1 a0i0xWmNk4Tu7k7Wb1jPzl3bSFKFtvZwaqcIRqcYnbB9x1bWrl5HY1MzxtgsIJUixtDe3saq 1WvYu68htBY0ms62FnbsrA5+JibFiqVYLrFm9XJ27d5FIUt1dyrFmQqdhU62bNlCzc5q0tSE 06SIgwUAACAASURBVGjR6CRmx+5qdtTWho4mxlKuFNmybQMbN2+mu5iE68uleEnoiRI2b9jM nvr9pIUSGzdVUVIWEd1nsutEI2mZppYWVq5ZR7mnnQP76tjf1IxxGrExlbjM5o3r2bO3hjSK 2LhzOyURxIZytmJ3O6vWb6LhQAMNe3dQ23AAm5XOVXo6WL3qC9qKadjbpBVKhRJbtqylautW KkmF2IW1oFRupGp3LamNMVajbYXWA03sbeogSstsWruUz1euZe2aNaxZu47Va9ezr6ExpLkb xd7GZjauXk93dzfbd2ygGHWE02FJKJQ62LRxO82th4jiLtauqiIxYR/mTJnuzlZWrV1PQ0M9 kbIY63G2QmtTNfVNnSgneO9ItKZq9Woq1iIm83OQMOet1jTs38+6tWvZU1eH1ilWEkRZrFW0 d7ewYe0Gdm7biU4V1lriNGHbrl3Exh6+9lwInMTFDqo2raMcpRiXUpEIYyOUrdDd2cXmzZuo 2rqNKNVoa0M23Y7twRPGaawtU7V5Pe1tnegsiHW0QN95wxS8DbXqveTiPOdI+qaDl5Al5aC6 bi8zZuZ90CEX6Mfk2xLoENLXnBOMB+MczibcOGEcc194G20NqVE4J2hJsU5nRmUJzmjaDjYy +fZbaY/SkG4paYhM+6y3ugjGhw2IdqH9jhGDzXqsKicYZdGJJTYWa0NPb2MSTPZnyaLVxhq0 TnHGILYcaotccNm1uhI2MRLMWlKr0SqhRxu8dJB6UDrUI1mrstNin7UjCgY71graCspYrAk1 fTa78Yi1KBPqlKwNZibGSnZaFDZ/VgQRj7M6pISLC63ojMJkhlyHa1YEbTTiBGNV+EzEoKwO fZOzwIFzhiSro3I2RUv4t+IKRNYQW4M1YSMRZy3VnOohsSHd9MvR4N42EQZjbXgsJ4g3WR91 2/faxJq+XufiHNYIPlYYIySZ94E3GjE6vGZr8VktvLaSmV0Jnc7ijA3i3IFRFiMK40K6pzEO k1gk1TjdjVEGk1iMrZBaS1k7TCqhn3pqsJFFpY5YwmlYKoIVTWJTKsaQuhStNMqmKNeDWIeY FKcTusVS1sFMLDEWFRmUSkmNo8cZXGKJxFFwoW7ZZUaMvSLIiASBlola0QmiUyIx9IgjlQTj OjESzLlisSRSQuvwOkUiiloT2wqx1aQ2BFuMCKkoEtFhY2cNXhlKtgWrNTaK2HL9KD5/4EGe HXcDO199llUDr6TtubepaKGsHZI6UqtIjCU1glbhdRrtwgmyERKlqWhNyWgi53BKMN6gxKKV oGOL1YZIbDCTcgZjHJJ4yiJhE6QsxhqsFmwsmMTQ7UIrMNEOSYVIWyoiJFaCMDKWogixCaZm 2ihMbDCRYHyZxGlsqoPXhBhiMRStRkwJYxWJpJRshUjC6WWqDbbiManNenw7ElcO7f9MgrGl cC26IM6908FJ3QlaldFJgk0ilLEYVUF0iURZuo1CqXBdpxIEoLIWrVMqJrTN0lYTS6ivdjrF Woc4hbZREFxiMVbjY0eqBZtYlLVZFsvhNTGcEoVrLrI21NGmjrLTKGuItMEqiyhPoh2Njyz8 ag16tp4EYRhM4bSEdcjbULJiXOhh7XWaXYchTdtI+N5TscFMyYT/XzkVrnkbvm/jwibf2krI CLBpVossiKtgrMuMHGOM9hhJMa4STDAz0zLJ5rg4Drd89JmzsglC0IrKSnEMxuhsLVY4k6LE okxMt3MhEOqSzF1dsvaRIeAhIkFoWxO+GwnXgLMm6wlvw+vSHqN08NZwZPMk+06yz9NqjbYK 5RTOSvi9V1m7tbCeW6uwve8xC+I5cRgV7hfiTGjRlgVRrbFYo0P5gQ7lCUZUFij2GOfQxuAk C25IbxDXZq3e7BHtMsNae/Q9v1ekO2uDm76xGBWHtdw5nLdEHrxqJ9JJqJ3WBmsrOBuHtHNJ g/B2+ku1l07Ca1dWYXTI5DLGI9YT+3Bti9V9a5oVF8xkJdxfxKhg2CqCMRpnwlzT4hGj8VZl Zl7hXum1x1qHdi48lg7vP8m+V28d1iRZEETQ1ofUZpdm5WAh28I4h4uDwWpsNU5UqKv3hN7u JsYYE+5bTuNsgliFuJDV4F0S7uEuxcSW2KZUtEJMTCoGp4okYtE2xUqKduH7FhehdURiCkQ6 lNlZSbFK46QHZ222TzBYU8FKAW0N2oVgvxKD1wolCcpavBZSV+7zGghtbMn60AevIEmDEaJ1 RYx0Y02KtjFGZy7/kqK1RqygnCbyDm+LWF0M91Ibh+tOe8RGYa1XoUe9+OBJoCJL5HR28OCz zJoswyYLiooVrDXZXsOFn0Vhe69RF/ZZqe3dU5ns2gvXkmSHFyIqPJYolEkwNg1mdtmBiHHh vhzmZ7a3dJkxnNbhM7Y27E+c/YpA33XDFLyxeJML9JxjE6aDO6LbBlTX1TNj5sO5QCcX6Mdk 8Qsv8czi58NN+ogJ8s0EephkxpOlTFo2rFrKzDlPkWoTNn3OYZ1GfKjXsV7jrGFnVRUvv/Ea 2oPzNtQgZ6/Di8dbj/ahNY3KzDhEVBCFniAQM8GjrEbEZ2kjOiz2vaf7rneTGzZSziaIC+2D vAs1fC47QQ61maGFSiwO54poD9r4IJJFZzX3oQe8ZCZ5ztF30+tNGbS29xRODt8MrcmEPXjR Ie0lE3Iua03nXLYhEsHbEGm2JnuO3pRyZxAfehUbsYgLrUBM9nm7IzZ/VsLJiHW9KaQRqUjY fLhwQt97gu5tEk6LRL4i0L2XvueXPnEeshlc9v7cUSNsEj3ehs9A925qrWRBh3By7q1HPGgf 6u+88dl3qDMxAsZbnA/frRVNyUGaid7enqpGfPizdpje4IFR4WROFGXvMMbj0vD+e934pddV PnF4bfFWhXpVH04KxGl0KqG9kRGKXuGMDaZVTuOVxluDFZWljYaSgb7TseykIPIQZanFktWo exXMbbyLwwZFTGZSozHWZcEgg1OS1aL6UENnw1z12oX0XeP6nqfdx9jssyntq2Pfo7N5+oTv U3fTFHa/v5TYVrA2xXiLeIt1Md4kxK43UOQxWaDMutCbvuxdqJN2Dl/2iEvRPgQ2vCtnvhIe bUNGhfIS/AVMivVJOCnzjsiDtQ5rw89e+74AlFiXCSWX1QIK0jsfPBQ9JA6ccohP0F5CIM4n QWQpj41CZofXkm34XMjC8KCNUPaQaodoj4hDuyDItDMkXgVvjl5vDWew1vVds4nTaKdCPbJV OKdC3/IkiA0ngngdSnWMQ3uDNVnWjTVhfZJQHhA6F7g+czSTCQ5vPEY8ZW9wqQ7zNBNxxh9u 0RIcpVOcjbJrMqTka61RYsP3Jpb2h+d/RaAHMeay9TucDtvModxL5gruCMJTp+G7ya5d4yzG aawPcyVcyybMpWzdDetoOVsLe4MRJnu8IECMdThJgiGd+CBKXZpt1m32nIeHExXqmT194jOs c2HzHoIOJls3UrworLNoG4JKvlc4ZWvtkaU7vf89HPwI79dZG67FrOe4mCBwXbbm+b5ATibQ Ias1NBiXBnHuDHjd9356N20uC2731WofeZLubDBXE3eE0M0M1xzZZxVO532WqWN9+IycE2zf Pcb2BdHDmtx7jzr2vdxna7/0ZYplKbwieC+kHnwW4BYXyrxEkvC8VjL3//Cev9wDOATPJbte jfjwGsWT+syoToIY6i0XCK85a00kJpRhucyZPbuOwj3H4EVn7633PubDfsD3ru/h8zS+93t1 WYuvLIvMOZw3fd+r9dnjZ/cjcSEg6Z05fILuBO90VgrmsGJCYEkO38ODgV+vx4IPAUaxwQE+ MyRU2bw10vvaw/1MJEVL3LeH0lbhrAEf9QXYwolxjLhgHKt7g1Xi8KLDdSbBE0P7Unj92RyU vo4E2VprwgGC8wnOxyG45oLPTNhTqWwdDHuJ8L3FOBtlewkdPj/jcZJmho3Bi8P5zMMmEbTT YV/UW2Ljeg13s9civWaNLgtUhbVUnM2+72w/5XsDZPbw/iTbg/WZF2ePp4wEY67s2vU+y3Dr vYZ9Zvznsj2N+MyUMQsQHcMkbscNU/oCcH3XUC7Qc75CWP/wYc9bU1vHAzNn991zjmdygX4M 3nzzTV577bW/2ATpPZX4usd22WnyH/t3OTk535ze08Eoihg0aBClUim/MRxntM9Z9BWBnpOT k5Pzx+kNjB4t0HfdfG9fm6z8fprzpyAi1NfX89hjj2GPKI04XskF+jHQWqOU+ott1A9HQv/w 4/+x3+fk5Pz59F5nxhiSJMmNSY5DcoGek5OT883oqx0+SqAfum/ul7IFc3K+jt6Sqt69WO/e 7HgmF+h/gCNF9F/yOb7u8fOFLSfn2+Xo66n3z703h96Rc/yQC/ScnJycb4aXYwv0tgeezPew OX8yvVnDvfMlF+i5QD8m+YKSk/Pfi6Nr/3NyeskFek5OTs43o9ez4isC/cEn/9ovLSfnb5pc oB+DfBOfk/Pfi1KpRBzHX+vpkF/3xye5QM/Jycn5ZhgfTGRzgZ7zbZDvww6TC/RjsHPXbnbs 2p05cDsgnyw5OX/LfLb0C+57YCYd3T2Zc3xwu8ULEBx0X3ntTRKtya/344tcoOfk5OR8M6wL XUCOFugH75odHOh9fj/N+WMcbmfd1VNgw6bN4W+Pc6GeC/RjsGjxC8x/ZknWuia0YfmmfdBz cnL++nz42Rf0v3wE19x4Cy+98RaFcjn0oTWh7VJsLCedfg49cZq1Bzq+a5+OJ3KBnpOTk/PN cE6IxX3Vxf36O/FisM6Etm5ZK8x8H53TS99c8NLXfnRXzR6m3z8zP0knF+jH5JnnX2bRkpf6 em1DVmeTryw5OX+TfPDpMvpffhWXXD6KS4aM4OrrJrNyzQbKlQgrjthYTj/3IkqJOiJzJud4 IBfoOTk5Od8M64Wic+zKBXrOf5IvC3RBxLG7rp4ZM2fnAp1coB+T5158lYVLXg6pO87hAfFh 9C4w+chHPv52xvsfL2PA5WMYNHQcAy8fzaVXjuGyoWO4buKt1Dc0EWnLGedcRDlWOMkF+vFE LtBzcnJyvhneOkS+muK+6/o7cUbnAj3nD9I3F7zgnGDFUb1nHzNmPtzXZvp4Fum5QD8Gz774 GjfecRcLnl3Ms8+FsWjx8yxa/DzPPLckH/nIx9/YmHrvTC65YiyXXDGWgX1jDJcMGcXQUVdz /4NzuKDfIMqVGGvluL4pHG8cLdB3/sOPaLv/8XzkIx/5yMcfG/c9zqH7HmfXP/7fLwc6r78T p1LEW5yXXKDnfIVjCfRdtXu4/8HZaK2B47sOPRfox+CpZ19g9IQbeWzefB57/EkenfsEjzw+ j0cef4o5c5/MRz7y8TcwHn18Ho8+EcYtU+5h4BWjuaR3XDmGS64cy8ArxzLgspE8+sQiTjzp VEqlCGvy+vPjiaMFej7ykY985OPPGzWT7sJbnQv0nD/IkQLdO4eIY2d1HVOmTf/ajjvHC7lA PwbWOYxz2My0wHO4Bj0f+cjH39748NPlDBgyhgFDruKSy69i0JVjGHjFVUyd/hC7a/ehrSDW 4cRlJ+h/7VUo5/8vcoGej3zkIx/f7mi5by7iwsmocyHF3flcoOd8Ge8Jbv8STtCtc2ibp7dD LtD/AHlrtZyc/058+MkKBlw2hkFXjuOyYeO4/qY7ef2dD4iUDkE4cXiRrC1Mvok4nsgFej7y kY98fLuj5cEnsT4TYNkNNb+35hzNkfPDA867fI5k5AI9Jyfnvz0ffrKUgVeMZMTYCbz29vtE SoUMmWzD0Bvhh3wTcbzRueBlqn9wcj7ykY985OMbjN3ZOPLv2p9YHO6luUDP+Rq+KtDzOdJL LtCPgfccleLqwFvweW1qTs7fIstWrOCpRc/Q3NaOdYLzval3FnGCsQ5xIM5hRfA+z6DJycnJ ycn5Orz1GCcoJ3jjEQfexHid4OVwmrInF145R+PwztKbsWwllBVLlt6ep7jnfIVDza00NbUg IohIEObe5AI9J+dvlDiJSbXKauKyYJsPP1sRUiOs2VBFanqFe36t5+Tk5OTkfB1ePM4Jxlm8 9sTWkTbuoWf7NrwNLUt7xXku0HO+jOvTVs45tLH0FMvU72vIBTq5QD8mzz33PM8+8zwiLmzU vc0mkf1rv7ScnJxvgHOCsRpjNeD60qqcE7Q1VJThl6eeTTFKMZIH43JycnJycv4YLruPOtF4 5Sk6R/3ieaydOBmvpU+g56nLOV/hS4efDiuO3dW13D9jJtYGvXU8i/RcoB+DJUte4rnnXkIk RP++qUDvdZAOaRzSd2rns3rXvqiiB+8s3mW/O2r0Tt7eNJAjazaOSSYuep+j9zkPP8ZfZsJ7 cXiv8F6C8ZZX4X3n5PzVcYjYLznKhusuzNXIWE797UUUE52foOfk5OTk5PwJiAdnLFYU1jg6 vaP5uTnsvn4iXgnOSvg3f2zfmnMckqW4Z5rFiqO2rp4ZD8xCJHdyzwX6MVjy/Ms8+9yLOJct KL73FP0/J9D7FiXnMvEt+CyttrfOvU+gizmiFuOo0ffcXxbof3Cxy15n3++/JPD/cpPdG4f3 FZwziBO8r+AlzzrI+a9LbwAptsKp51xEKekNKh2/N4WcnJycnJw/BefBaY12GmM8iYOm5+ay 8/pJeO2QowR6LtJzjuTIOSHiqa2r54EHHjnuxTnkAv2YLHn+JZ597oW+dJzek7b//GmwO3xa Lr6vD6TrE+tHiO2jjDS+XLPzVXH99Ytc9lhHOFMfFul/Obw48KrvlBKv8JKfROb8VyZcE4kV TjvnQsqJOiLbJCcnJycnJ+cPIR6ctYi3OO1xxtO4aD4bJ96KNw5npS+bNBfnOUfzJYHuyAT6 w7lAJxfox+Td9z7krXfeR7K5cbSI/lPpOzUXH4w0xGfuhOHv3VGp7r3uhUcP9wcGcMxJHBbC rCZIXHhub3HijuFQ/+3hj36NWYrKt8XR7z0n58+ld84mxjJyzNVUkjRLb8/nWE5OTk5Oztfh IRPhgrMeMY79777N2lmP4Wy2D+zd5+YCPecIvqStstLY/Q2NLFy0OE9xJxfox6QSx8RJGtpF eP54Svkfwtu+k3LpXahsghGDER9q3I/s/+cEsaZvOLFYo3EupAlZa7Nh+upprbVfmcRGPOI0 Xsp4Y3HWY73GGMGJx2h7xHv5dia/cw7nDWJ89voVYnxwzP6WnqPXVf94vmBzvl2cc2it0drQ 2dWF1jp0bsjJycnJycn5Wrxz+KxNqXGgnKCjIqpQQGwusnL+MEcKdOcMVixKG8qVKBfo5AL9 mBw+vaavDv2bCHTvbTjJ9kFcOhOzd/tqnn/pVUraoTPR7sXiRVi9/As+/f37bFy3ilHDh4Yx bCjDh41gxIiRDBs2nJEjR/Luu+8wZuxVjBgxguHDhzNs2LAvjcUvvMah1oNcf80oRg0dybCh Y7lyxHBuvXUK27fuRqtvX6ArrXhw9n3UVh8gjSvMmvkAi599HW3Vt2K45ZxDRCiXy33ujjk5 fy69NwCR3sDX4aBXTk5OTk5Oztfh8D7sl60nHNAYwYjk/axzvpY+XZW5uRurEOcwxzh4PB7J BfoxcB5sb3q5HNmS6T/3ON4L4i3agTOClohPX3+ae+97kIoDZWw4VReDsxFPzryfJxYuoNDT wd7qXdRV7+S1FxbyT//4A97/6DNqq6upqa2lu7uN2rrd1NRWU7N7G//8D//Ea2+9Q03NLqpr amhra2fXzs2cfubZ7NpdQ211A9t372DO7Ec46cRTWL1qG96lmXuixXkJ71dM34IqEt67k/Dz 4XR7CX+fOc6Hi8gSRSV+d+5v2Lytligu89CMB3n+hTcxohFnEbGIFbw4RHxIiXIG29eiw2Jd CI54cTjpvUBBnMU5RUdLIzffciflKAn/zoWMgJycb0pv4Mc7i5Msc+U4vynk5OTk5OT8KYR9 rsNlZZxeW8R4dLZnzMn5OnzW6SqYS1uMhGBPnsmYC/RjYrJUHXHgskly2LDtT8c5sN6QiMMn QkUSFj96BzMffJjEk/VZd4gzOOlm6jXjmffWe0G0Woc2hs/efYUf/Ph09ja1ISbFePAuRZxG vEOXW/n7//EP7N7fhJM0E64JW9d9wtmXXUvkbDgVFMEmZcaMHsyIUXdgXQ/eKrxXWDEYJyir UGIxRrBGQhQ01ThxWOswIuHisRbnDMYYjAk/93S1cdqJP2Z3YxNaFC51xCJorVBpTJpqxCjS VLDaItqiTEziQesUa1IS67FW4bTFWZWdaHq0tVhb5mDdRkaNu4ViZEjF4kyKmFyg53xzegW6 MfpLJRS5SM/JycnJyfkj+HDw4q3HiMM4i7eCtZKVbub30pw/TF+Zrw8BHSMObYPuOt73YrlA PwZ7GxrZ09CI6e2DzjcT6N6DOEMqgleW2JWZPW0ss+c8TurpO6F2zmJ1B6OGDGHJJ19gfAgM GJ3wwcvP8B8nXUhzTxkn6ssC3Qnljgb+5//zjzR2FL4k0Fd9vISRk+8h8jY7GTc4VWHMmCsZ NmIy4iK8BIHuraZqywbe+uBDFr/4ApNuuonOzg462ttYMH8+E669lhtvvInPPl+GMoKzEd1d nTw0axZXX3stU+6Ywsqln/LTE75PQ0sHcVTm6Yfn/H/snWeUVUW+t+/HWbNmxhxQMaNjAMyI OSCSVCRIzogYQVCUnHPOSJCcdMwiooIokiSnbkIDTewcTtqh0vN+2PucbhDQGee+d5yuZ61a iz6cs2Pt2vWrf2LN1l3EIgXMnDKBZd+uYuTAvowcPxMRj7Bt61a6v/sOL3d+h2GDBpGelkZc KKQfISPjEH379uKVV17m3Xd68+OadXz62T/o/GIL7q1ag+49+vHp8m9QfgIlyu7Da/n9JF8A UkqOnzhhcxxYLBaLxfIbMQaMMEgNjoG48ZEF2bjZ2eH81r5PLWcnZUE3EqU1cdcjv6AwZUEv y/3HCvQzMGfBEmbOXRAkifudAl0bGcTiCIFQBbzVsQF16r5Azz4D6NWrN3369KV3794M6tGV e+96gE9+2hS61gdCeMm0kTz2VFMKXYlW/mkCXXIycw9XXHYj+XE/JdCVSvDJ3MH0GT2NhJYo 5eH7Dlt/Xsttt9/O8m/XB/HxykMbF+0nmPPeOCrcfhcffvwRBZEiPK+AVzq+yJhx44lGizh2 9CjPP/8C+w8ew41n88TjTzFh6hSiTpxIfjGvtmnJteVvILcgSkF2Fo/dX4Wl36wl9+RhHr2n Co1admDf7s3kuXH2bFzFPVXuZ9++NKKez6rlX1KjZm1crdix4Rtur1yF79d8Tzwe5diRk8yd uxjXjfPtp3N4tUt3imMxIp6Hlo61oFt+F6WzuD9RrQbRuIPN4G6xWCwWy69jCAS6b8DVILRP 2vw5fNujTxDKqHRJ2WA7XbOcRlKgmzCLe9re/QwZNsoaS7AC/YzMWbCEWXMXBgPK77agS6RU +CJwY29c8zHe7TucFV9/y4oVK1i+4hu+WbGCFR/Pp9It9/Ht1l1hnLbG6ASThnTn2VadiCuF Ol2gG0Xa1jVcW+FuokKmBLpUCd4b3IEHqz1H61df4cX2benQoQO9e77Dz5u3khAyiBXSLto4 aJXgvdF9eGvAGHzpIpRg38avaN+6FUdP5lJQkENxUT7jxk/i21Ub2LLxW5589BlyigrxlYNy NT8u/4DrKlQlGnc5cfggD993J99t28fJzD08VvVRftiyGy19HBllaK/XeX/pp+QXFpObX0w0 9yTtO77OyaIoHZvUo3GrznhKoZQIsoMKg1Qei2eOoVvv/vhK4hsZxNHbGHTL76KkDvqTNZ8j 6njhZ2X7xWCxWCwWy68hDWhhEEYhpEFrxfEZU9neudsZ66BbkW75BUalEg2m78tg6PDRZd69 HaxAPyP/NoGuJUpLjFB4UqK8Ip6ofC+ffrMRoxRaq6AshedSdHwvf7++MtsyMjDCIJRCGpch vTrTsfcY4lKi5C9d3Nev+pIqjz5DQpUIdE/EGPTKc3zw2UpiKkj+FsR0R0n4Alf5aKFBx1HG QaooEwe+wcJvf8DzYwglWP/RDB6r+jg9+g6lb59e9O3Tg759+7J7fyarv/6AFo06E/EcXB1D OYod6z7l9ir1caVHxq4tPHDXrWzIyCJj72Zq16zHoewiXKnQIo9XWten7Zu96d13AH369mNQ 7570HzqS3GiUJk8/yZDxH+Eog1QCo8L67dpjzOAe9BkyCl8nBbpjB3vL78KEFQYSUvF4rbpE XC985sv2i8FisVgsll9DGtCej9I+UhiKDRydO4Hdnbpg/KBEsLIC3XI2jApKUhtVSqCPsQId K9DPyNz5C3h/zrxfuFj88xZ0gdYyENzSxYmd5M6/38mP63YEAt1opAatBMfTNnP1VZU5kHUS KR2UUChVSI+uXRk2ZT5OWHogKP0mUEYgpcfyzz7huQYtcLUOFgOMwPcivNSkHstX/hTEumuF Vj5GByUMpFGB5dn4GCNQspgeb7Tjp01bgsRswiPtp2W0bdWOgpiLUEEcu+u5CKVZv2Y5Nao9 S25xMUIJlOOzePp4Hq7dAaEctmz4gUqV7uTA8RzSt/1IredakVXsILWPFvn0eedNPvzsO3yp ERpcIYh5Pp4bpf0L9Xi58wDiQuFLhRASISRKOnR7vQ0jRo7GVwpXBVkfjfb/vTffUqbQOkig 6AjJY9XqEEm4KB2s5losFovFYjk72oAnXZT00J6hWMOxmRPY3rkLxk9W/SFMGPd/fbSW/yw0 GAlGhXMxTVr6PkaMGG1d3LEC/YysXr2aVatW/e4Ooo0flCOTBiXj5Bcc5MYKt7Jr516MDlYV g6zoLtvXreTq8pU5XlSEEFFUQmFUHp1f6cqcpV/gmiCrvFGBC5EyEuUl+MeSJXTo+BqeJrCu G59YJJ96devyw7oNQcI5ozHK52xWQZHIo33r5hw4cBCpNFp4+PE8OnXqTPPW7Vn903pmqxrf ngAAIABJREFUzJrDa290Jisnj3gkm+eeqcWLL7/Kj2s3MHrIYOpWe4JGHXohZZwfVi7j/oee Ircgwq6fV9Kq47vkJwRSOUg/wo5tm7nv3geZOHkK6zZtod/gEQwaMhztJ9i85luqVH2EwcNG sXrNenr27su6DT8jpMvHS6bzbJ3arFj5EzlFDkJppIz9y/fHYtE6iHuKJ1yefa4BkWjcCnSL xWKxWH4DRhlc7SGli/Y0EQ2HFsxiff9+GBGUzTUmFOjmnzd0Wf6bCQU6JeWd9+xJZ/SoMVag YwX6GUmWW/q9HcQYidEaE8Z7n8zO4Iknq3P40NGghrcJ6n4r4bF+9QoeeeQZ8qNRlIphfIUU +bzbrRfLVq3FC8u+GRMmtjIKLX0++fBD+g8YjDCBqxFGEI0U0OHF9mzftRuhQ4GuBWcT6NIr 4o3XXiY7Nw+hggfGqDjZOSfo0aM7d9x5J889X4/Pli0nISRKxsnLy6Jpq9ZUvutexoweycK5 79Nj4AS0TvD9ymU0a9WBwmiCbetX0nfoKCKeQEiF9F2UcFm9+jtq1XyaipUq8VqnruxJ34cU HtKNsidtD3Xr1uXeKlXo238AOQWFeMLFjecwsH8/Kt95P3v2Hcb1BUa7//L9sVhSJQiV5viJ LIQMxLkV6BaLxWKxnBsjDEIrfO2glCDPaPziHETWiUCch9WQrEC3nBGjSAp0rTWe51NUVJT6 uyyLdCvQz8K/p2PoVMxN4I7tBfHUKuiQyRqRWiuMctGhK7nRPloG5dKkEvg6EN+pLJhGYYwK 3OdVUDswGeODURgtQxEffkZJrO0ZMQKtBVLrIJ4oKeiNj9E+SvlIrZCGsAScQEkRusuD0BKh faQmiAvXDkoTuO9rF1/7SKNRUqOlDt3tg7JxRgdxJ0oHx6q1DK6T9tE6yIAvtEYoiVZOcI2S ixWAUtbF3fKvc+pLoGy/DCwWi8Vi+Wcw0iA0+MbBaC/4d1iJKJj7luRxsgLdci5O111lfT5m Bfr/IklxboxGm0AAJC3gv/yyKklOZVQoxGVgKU9Z9Er+P7nqlPo5pQe+fzZuPnlsQamD1L6S +zEqNbjqcMA1WmN0sFCgjEYajS4V1651EG9kjEQbEfzGlCwwYFyMlqljPeX4w5iU1CJGuGgQ fHb2c7VY/hWSzxpGlDx7FovFYrFYzonWBAYiLTAqCOtUyqTizk9vFktpTp1v6V9om7KMFej/ i5S4owuUCWtBanVGa3ZgHS8RrKV/H4gHeYpgTorXf+dxJkWK0SUxQ+b07yVj4bXGKIHRgfjW JoyPDxcjUp4DRqe2V3obye2f8Xg4NZnIL79vs2xb/n0EAt0H4wX9384iLBaLxWL5VZQJrJ7G Nyil8Y2PVgqtTIlR5wzzSYsFTs/sX5I0zmIF+hk5kZ3DsawcVGgpTmJS5QBO61DnFIuhZbrU 32f6vkn93y9//8v2v8Wp2z/bgHquc0mtlP6Gchrn2v65f2oFuuXfQ5CYRCGUZNvOXXh+OLko 465VFovFYrH8GloqjAxc2qUSeFIROXGQot3b0FIgjQy9M61It5yNINRXa000keBQZqZNEocV 6Gdk9vzFzJizIMhorku5VRv9Lwh0i8Xyn0sg0B1f8FTNOkTiCaQUZf7FYLFYLBbLr2G0Jq41 vpFIFZRa27dwLmvffgsjBVILK9AtZ6S0sc+EpaR3793PsJGjkVKW+XmYFehnYM6Cxcyatwih FEpKIJngIrCGl8RXh/Hl50rAZrFY/mPRWiGlJOH5oUB3UEqdOU+ExWKxWCyWFMZoEhqkEkjt IKTh6Kzp7OjUOSXQdZjbxQp0S2lKC3QdVtTZs3c/Q0cEAh3KdqI4K9DPwOz5i5g1b1GQHV3K VIkIpUEoQ05+IV9/vRLXFanszxaL5Y9HUqC7QlKtRm2KY3GUsiu3FovFYrH8GkZrjDQY30ea BDGjOTZ7Kjs6vY6WAqH9MPmwFeiWUykt0JWUSKXYvXc/w0eNTZW6LstYgX4GZs1bmHJxV1Kk aiXHXZ91m3fQrUd/Xn29G67jhR3ITuYtlj8iSgUC3fEFNZ+pm3JxtxZ0i8VisVjOjTKaiAGp BUq7yITm6Iz32Nm5C1r61sXdclZOsaBrhZCSHbvTGTZyjBXoWIF+RmbOmc/k6e/jC4mUAikl e/fupXf/QTRp8zKNmr/Ia290x3X8VLkxi8XyxyMoCSOJxBPcV/VhimNxhPDL/IvBYrFYLJZf Q2tFTGs8IxHSx3iGtPlzWN21C0b6SGMFuuXMnC7QpVLsTt9Hn/4DUwK9LHszliGBfmZXdK1K apMnE78VFBaTX1CELxVZufl89NmXtG77Io1btKVh8w40bP4Sr3buQcLxw3hVhdHSNtts+4O1 5KqtKyTp+zLwpSzzLwWLxWKxWH4LWmmU0igt8ZTEVQa/IIvE4YwgM7dRKYEOVqBbzoxWCqU0 0YRDVk5uag5WludiZUSg61L1wwNSNb2VRkqFlEHngKCjSCFY9cM6OrzejYYtOtCoVQcaNGlL w+Ydadi8I6906UVx3EMqjZAKqbHNNtv+oE1p8HxhM4daLBaLxfIb0SZMmqwEyii8pMHLepZa LL+LMiLQ4ZT63qE4F1KzN+MQw0eNY8Lk93h/7kLmLljCgsWL+fTLL2japj0NmrWnXtMO1G/a kYbNX6Zh85do2OIlmrZ7jZHjJjNu/ARGjBnP8PHTbLPNtj9YGzFuMiPHjGfk6LF89PEnNu7J YrFYLJbfiNbgGVDaxQgfIw0iXPS2WH4d21HORhkS6AFaa5TUFBdFWbBwCWMmTmFX2l4coZAG hAahNQkhWLlmHT37D6NRy1do2PyVUKB3oEGLDrzSpQcx10frwH1HGWyzzbY/WAss6BoVTiiS SeOsFd1isVgslnNjlMHV4GsPI3xcrYkbFbi3K516lxoCa7v5vz1cy38UGowkKdK1DsIlkv2m rBtLypRANwa0MkQjcUaPmkBa+j58KRFKo7QOXHUMFMUTFMUTOL7A9QSrVq+lbYfONGjajgbN 2lG/eXte6dqTuOcH8TVaYrSwzTbb/mBNa4UrFK4vyMrJRUqJEMIKdIvFYrFYfgUjDZ4GXym0 0OQahYzk4mbnYpTGhGJLh4viVqBbStBgBBgVGkcUnutTVFicEuhleS5WZgR6KuZcat6fNY/l X30bWsoEWstgFSds02bOZtLUmUHiCyEQvuDAwUymzpxLyw5v0KB5e17p0p2476PD32itbLPN tj9YU1rjSYXr+9xzXxWi0ViZX7W1WCwWi+W3YLTC1QIhDUoYIkaQOWs6a9/qgREqZQ3VBqQV 6JbSGAXGDzVU4N28a2caffsOsJ6MlBGBrjVIGbhObN68lY8//hTPD0Q1oStOKomcUcxdsIRZ cxeitMYomZrIawOHjhyn34AhdOn2LgnXDX5rYygslj8kWmsMkBCSajWfI+q4GK3D59pisVgs FsvZkEbjGYFQEuEbXK3ImjWZ9E5voT0VZOdOWtC1FeiW0uiUYVRriVSatL37GTZiTJm3nkMZ EegGUFpTHInSp28/srKzkee4+XNCgW4IslGW3oZSing8Tnp6esoVtqx3Iovlj0oy02xCKh6v VZeI64XPvH2mLRaLxWI5F1qD9iVSCYQyeEZzeOEkdnXqivE1WipUGD6a9GS1WCC5WJMU6Qql IW1fBkNHjLHaijIi0LUGIRUbf97M9z/8iJDydwl0pRRCiNQKT1nvRBbLH5fg2XWl4smazxF1 vPAz+0xbLBaLxXIuVDi/Flria9DSJ3POZDZ37oYRgUDXVqBbzkCqKxiFCZP1BgJ9tNVWlBGB rnRQq/z92XPJzS9Iie2zjRMz5y5g2qw5gTvOaRkoS3east55LJY/PhqtFI7vU/Xhx4jEEzYG 3WKxWCyW34AyEDMa32hcrTGJBAfen8HKN7ujhUyFkVldbjkdQ3LBRmN0YPzclb6XgUOGWQ9l yohA1xoOZBxi1OixuJ6fGizONmAcPHKM/YczETKIn+FXvm+xWP6YaK0RQuD5Pt9+txLX9RBC /F8flsVisVgs//FoHVRBktLgGYURDtHMA+TuSkNJG0dsOTtJgW50INClkuQVR9idlp4ylJTl /lMmBLoBFi5aymeff5mynJ9LcAsNjlBWoFss/+UkS3l4npcqsZYMX7FYLBaLxXJ2tFZIo9C+ QRiNlj5xLRBKoY2tZW05OymBbkBJgVQSXylEaDm3FvQygOcLho4YzeHMo+FgcW6XG6HBUwqh JEpJILDC/7MCXRkwRmKUj1ZBfAVGIf0TRAscXBVB6wKM66O0h1AGXygS0kUIB88pJprwAlf7 5HaSsTzJVUstMDqBEQKjI0SkwZV+IDaUxmgPoxyk0Wjthx0ejDIYLTFGI4RBe3Gk0SjtB3Xh fQffcyhUGqMUUvkYGQvclbSHMQpZqmyG0QoTXttkvcsgRECiVQQRK2Jr2lb2pO0nKnyUKHno Sq5rsIqW3J7WyeQiGmUkngalfLRw8ZUKMvNrj8yDe9m9bQ/5voerYwgtkOFxKwPKBLUWTfLc jQ63n7xHCqPdVM4BrYNj1yqBEUVBDJVWqWvjqQSu1PhShddUYcL7Io1GlgqFCO6VwGgvdd21 1igjwm2GfUt7GCNQJuyb2gcjgm0ZBUagjEJqwMTBxML6ogJtEihlQMcRWqN0FKniCOUjzT/3 cvxlfJhOxQdpqdCexpcRhBRB+RTjpwZYozVK+mjlobXA0RohfbQSqYFYl7q/wXWR4f8F52hM 2DcNYCRGl2T41NpDqTha+WD8cBuntrPFjgfH54UrtQ5KeQgZZGs3OpxIaI0O+0bQR1y0KkIo hW98tE78r8fPJa9jquwj+tz7NApjFCrsdymXMeMjk3VntQ6eQ6NPedZSmwBE8t5IgVYGIQ1a BceRHG+08JDCw/0nx0JD8jhkeK2TY4Y8LSZRh5U0JNIIlFAIDa40CGUwUqOVAOOiS//2HH3c GB2OmTqsex/8XXINSkKYUu+E8BiCaxvmHtECIwXGRPGFQopkf7NYLJayizQSx2i0MCihMb5E SIOnNVLbPE2Ws3OKQFcSISW+1shSNdDLct8pEwK9OBpj0LCRxOKJcLJaMik7E77SoUBXJeLr XxToWiuMCsSM1BqtEixaMIGePccRF1F27VnL2290otObnejU9R06tu/ATxs34ErB7k1rGD12 Iq4mmJBqUSLQVSDOg4mjJJJ/nMaNn6ZazSYcOlGAUDqs9RzUeVc6FHNJDwJlQlGjcf0E29d9 zZZdO/Clg68EKz9byCMPP843OzMQvkAoDyOLg4luOHnVRqcm/UbrUgI9/DwUO0oKsjK3cc/9 Fan/wkvkJzyUinAmMZUS0eF9Sp6vMiq4JyLG7i0bWLdpE64n8bWkyxttqXDDrRzIjwfCXXto HQrYlEBXvxDoJrmIYDTG+OHiQyDcfSlJRHNp37wBd95VhTvvuoc77rqbe+95gGfq1GLKtDnk Rx2E8tCqRCwYI9BaYELhLkPRrow6RaDLsO6jViY837AWZOp6Jq9xiXjVYZZLYxwwiVCg+xgT QyuD0S6+Fkjpk5ubyXerv2Df4aP/ZK89M0YrEokom77fxHerPmfzxp8RrgzONSXQFVr57Ny+ iXff7UZWURSpRKrfBtc9KTpL+khKmIWCySTLHqLDfuCHLYHWiWCxyIh/QaA7GK3IzzvCW291 In3fQVSy1KLRweKICbbj+z6bN/3Emh++5FhWHp4RKB39/yLQg3/8NoFuTIkALqkxq8F4qQU0 rXQwBp0i0E9FhgsiSrhs3byZ71auJjPzaEqga61RXoJpUyezdsu2f3os1CkhXSKQk8/gmQW6 QgmNr8GVOhiLwxe41l6JQE8uZpx9zyXiO7nwco5vJ+PhThfoWguM8Nm0eSUTJs5D+BItbSiE xWIp2xgTzKu0NIEBQ0uk9JBSBJ+XYYFlOTelBbrROrCga41v3duBMiLQT2RlM37Ke0ilQxF2 boGe8AURxw0zvf9egU4opEAogVHFtGzViG9Wb8FRHu/2eotF8xeQW1hIYTTO8H49adSkGVGl iOYe4Z233+FIQSxwzQ+tjUmLltQ+SjkYX7B0wUQuOO9PnH/eFYydvgQnFDYpy5qSKUFutC45 J61IuHnUfaoqrV96BVf4CO3z1ZKJXHHV1Xy6JQ0hBUK5GFmMMBoVTrYD0SRKhLQmsHoaH2P8 0GqtkFKSl51Bly4dGTxiGhHPR+ooJWLqNEtWeHzJyXLKMq0EbiKPDi2bUqvu80QSHo6BWTOn 0q5DB44WR1DSBBbWUEwlLWa61CCQnKQn/w4s6fo0ga5wo3nUeKwqt99RhQVLPuQf//iQJfM/ oNFzNbnkgssZNWk2QgmU9MMFj8DqGljLRWgp1wiTtFDqsC+UsnamzlWHQvw0Dw+jTrlvwTYV 2iQFigjEeni/feMhhebH77/i8ssvYuS4Sb+xt2pK34fTMVqRkbGHxnUb8sTjD/Dog09TnOyX 4YOhtUQrj6+++JgKN97IkZN5aCXRSqQ8IZJ9Rhnww+sSnF9ykUOFVnmZsqZjPIz2Ag8BGeNE Th6elKcd87kzr5cW6JmH93DtteVZtXodQiVFsEwtPIGmqKiINq2bU7XKvcyctzSs81r8/0+g /8ZM8kmBXtLHkyLXLyXQw0XClIA/fSxL9j2Jkyim44ttqVy5EsNHjiol0BXSifJCg/rM/8dn /0K4T2mvpVLP+i82FJy3MqCkQRoQSiOVQ27OCU7mFgbulElxr4PFq1/bd3L/JX+Xspgnj69U Xy69OBII9MBzZ+nS6dR5tg2OK9HqXAsDFovF8t+PMWCEQSqDYzQR46FjeciCgpI51//1QVr+ Iyk9D5cyMGrFfUE04ZR56zn8lwv05M3dd+Agy7/9PhS5vy7QF37wEXMXfRBOzH7dJf6s+08J dINSBqV8InkHaN+hI8cLY/haEYlHECqwtHpSkn14N/UbvECeUGi/gHffeoM5/1iOH7psa50U 6ApfC7TyEE4O1Z+qSsVbq9Hwuaep80JrIkqjpIdQCkdIfM8PPQIkSji4QuArjRQ+jpNHjUeq 0KjVKyQ8jSsUyxZOotwV1/Dhz2kUFOZz6MghhJNHPFzdUkqg/TjZxzM5mJGB64tAhBqJUnGE V4SUDkL6eNLBFR464RGVAl+5ONIP4309pO+gpY8vVWD5FwmkUuTl5XLs8AFcz8NREiUS+LFs WjWqxxO1apMfdSkWEifqE9c+MZNAex7aFfi+x9GjRzlx9DBCSFwNQimUn0AIga810WiUwwf3 EUskcJMCWpdYzZxoHtUffpCHHm1A3NMoKTGex4Hdq7i63NU0avUKrvRQ0kP7PrnZWRw8tI+E kDha4wuBFjGkHycrO4uTWceRIo5SAkdIlNIY6eILj7gM3MGMclEiQVzIIA5HuijhUVBQxNHD mbhOAk+ZQPAqgZIuRQU5ZBzYS3FxIFylX8zq7z7nr38+j4HDxyCkQiqNLyWeEKjQhb9UTw1C B3TQkq5FQTlBGYRnSIFUUSIFRWQeSqPWU3UpKogFLvfhNrQWKOVSXJjNzp1biHky2JYSgcuS lmiZQEkPV2ocDa4ygYgXAiU1QkmE9lFGIoVCCh1YTKWLUREK8k/S5Z0+xHyBlPI3D+DGgFYO Wko8t5AdOzZTFImjkr83QRiCUj5KaaRSFBXlsOyLD5k8fSGuFigVLPr8M/s969igS0o2nv75 6S+mc+0ruZAlhUTK8PlWAqV8fBU8q1r6KN/FEwohPJSSSJ1cQAzcxo1yEVIglSBalMX4CaPp O2hwcE+T3jd+nIMZB8guip4yFiavR3BOOky8J5Ei+blCSwcR9kElXGQ4/iSvQcnvFVIqhNTB MWoQUqBEETOmjWPE2Ol4WuPLoL8YFYRKnPHaQNDnlINWHr7W4bYcINh2sA+NEh5aCrTUQX8P rfVCBf1WigRGeBQWZZK+/zi+SIb0WCwWS9nFAMY3wVitQWrBgQ8WsGbAkKAGuiwV1mSVuqUU py6QK5TWpB84yOjxk844PyprlAmBvmPXbjZv3/WbBfqcBUuZNXdRSR10o/4lgZ6ykIbx50oJ tv7wGW/1GEJEuejQ9V0YEcY8e/z03Wc826AJRUqh/AJGD+tN/ZavEA8nhElrNSZIpGBUgsP7 V3JF+SuYPPU7Vi+fx403VGDVhi14SqNEgiUL5/L3SvexdmsaSiSIFBzj9sp3MGTUBNasXsm1 V5fn8r+dx/kXX0P5a/7OlPdm8/XCaZS7/EreGDKBSrffwpVXXEWdp59ib04+vkiQdeIIbVq3 4sorruSKyy/nkQceYNmq9XhSkpd9lKceuZ/WrVrSf8BQbr75TqbPm0Ldh+6j7Ss9ceOC7gPf ovzV5bn6qqu4tvxVXHt1eSpWupPcSDGZ+7bStGVrrrrqKq4rdxnVnqrJuu27Kc7P5omHqlDu ovO54MKLuOaam+j45lsM6N2Fivc9SEFEIByHtB2bqVGnBuWuuJJrypWjw4svsWbzTlwhmTdj Erffehvj35vN/VWrUv6yS6lWvTYb0o78UqDH8qj+8EM8/GgDYo5GSoHyEmzf/AVXlbuaZu3e wJcuiUg+wwYO4qqrynN5uXJUefBxvt+0HU96eJETDOn7LldddTVXXFmOfn3epkqVKjRp/hLx uEv69nXccP01LF2xGk9JivOOUavaI7Tr2oOo1hQXnKB/n15cdc2NXFXuSh594H42bdmF62qU KGbsqKFcXf46LrviMipVrsSs2UsY2KsT5a+4jL/++WIuuvRKbru9Irv2pPHaG2/Stt2LxBIO QqlS1kKFEA6OW8wXX37ESx1fonXr1ixetIRpU2cSiyYCEW0ctPQoyj9K7acaUFQQCVyjw20U F+fTp3cPBg/sw6hRw8iOBqJMy2BxSCmfgxl7GTx0OM1atKZH7z6sXrMWoTSuE2PcyKGMHz+e 3Wn76N2nDx1fbMeyZV/haoUSLvkn9rF7+wbatn+DtIwjHM48wrHjJxBS/mriRy0NrlvM5IkT 6dO7O3379iTj0DEc4YeeCh5aJcjYn8agQUNo3qIFc95/j08/XsLk9xaHLu4xlFShiPx9Il1K iZTyDAK9JPRBSh3u5+z7ksonJyeLIQMGMmLIMPJy81m8eCnt27Vj/OSpOMJHK5d9absYPGQU LZs1o/u777Jxy/ZUGIxRHscO76NPv8E0atqcKWOGMmrEYHoNGgZGIpRk7U/fM6hPDwb2H8TW PQdPuc5ZWVkMHDiQsWPHkp9XwKKFS2jbrj0zZswKRbQgln+M9xcspW27DrzeoR1fLVtGvhO4 qgvpk5WVxZgxY2jTpi1vde3GgvmLmDx7Lp6vicfiHD+8kyEDuvPWO0M4eOQoBzMPk5WdixAq XET9JQYQyuPH775k9PDBHDyZRSwRYdr4kfTr14/VP63HlRrPF3zx8QcM7T+A77/5ga2bttKl Sxc6dHyZPen7EEpw5PBehg0YTN++bzN7/pd4wq7uWywWizSgfR28p4RBac3xmZPZ0eltWwfd ck5SXSH0FC2pgz7GWtD5LxfoEIj0Ldt2sDNtXyqW8tcF+gfMmrv4lIRBJhTp/xQmmQhLIZVB a8X74wYzYOh4YqYQLR2MVAjjoJUmEcmhVvUnGT9zETGlUH4+ny2azl1Va3K8IBa4qiZjyI3C lxotT9K84eNUr92aHCeGGyugWd1nqPV8M4p9iRIFLHl/DBdfX4mVW/ailUNx3kGuvPoauvcf SqQ4n/U//sgTVSpRs14DNm7fQuaJE6xYOJ1L/3oBNeu349ih/cyZM4/LL76EwdMW4Lp5PPZg FSrdXYV1m7eTl5vD6+1aU+7qyqTtPUhe1jGqVK7IZRddROMmbfj482Vsy9hBnTsr0bRdJ5yo 4MDx/WzavInNG9czZ/okLjjvr3Tq2o2Y71OQvZ+lH3/CsZMnOLp/O1Xuq0q7N3rgeQ47tvxE 3RpPUuXhR1izfjO7Dx6i91sdufqmu4lEJMf3refW66/h6Tot2bN3L+nbN1Lxltu5o8qTHMvO Y8bEEVzw17/RuG1H9h88wM6fV3HVlVfT+o1+Zxboj9xP+Wsq0Kh5S5q1bEmD+s245uorufb6 29m4Ix2jHfr3eJubrr+Rzdt3cezkEQb378X9j1QjKzeHaWOGcMkllzNo3Axyco4zdnR/Lrzg Qp55rhWO45G29QfOP++vzFv+A55SRPOP8sDdFan/cmcKtOLVl9tz1513snr9z2RnZzG4f08q VqzCe1PmsTdtHZddcjmzZy/maP4JVq5eyfjJ0zh+eB9zp4/nvL/8hVe79mDrjl0URuN8v+Yn vln5Pa6QYSx7sp9KpHKYv2AWjz/xMBkZB8jLy2Pu3PlUq1aLgrziQJgaDy0divMzeeapBhQW FiBSMeQSIRLs2L6R7775jKeqP8H+nPzAC0AF7v65J4/x2EMPMWvhh+Tl5bJ5w088Xe0JDh47 iSejHNr3M/fdW4WGDVuTtnsv6bs20rJVS44VxnATUbp3asfD993FNdfczIMPV+PBhx6hXv2G xBKJkgnAWR5FJQ1SJjh4IIOfN/7Ac8/VZtXqdYGF2QDGw/OKqf7UE7w3YyZZOdl8+vEH3FHp diZPX3KKQPc8j4KCgt+1uiuEoLi4GClPdZOWyic/P5+cnLxgYSR0rz6bu7vWCaRMcORQBhVv vo3GDZszfvwUcnNyyTx+Ak8KcrKO0Lj+8yxa9AG52Vn8/PNG7rz3fjZv34lUikS0kOerP8mn X35Ddn4hG3/4hr9XuIFeg0egtUAoQX7eCXZuWUvbNu2Y/+FXv7CgHzp0iPvuu48+ffozedJU crLzOHb0BFJopJtgVN+3eaXLuxw8epRjh9J59tlneLvvUIT0SDgxmjRpwrhx48jOyiHrZDbN mzejXdcueJ5ix+atPPXgvdx20w3ccMPdPPDQI1R96EF69emPK9Rp3iClro0JBHo95UN3AAAg AElEQVT2sXSaN36elRs24UmHjL1b6NixI0NHjsVTJrwGBfR6uxttmrWlRrUaHDx4kJPZORTF EnjSJxHPZ+fmLSz5YAaNW7xNzLHlgywWi0UYUJ4fJGEVhoiBI/MmsKvTmxhfh3MHK9Atv6S0 xsJYgX46ZUKgb9uxkz17M1Iu678m0OcvWMTc+QvD7/96fOvZMKns4YGLr9CSgb3fYeToKQjt Y1QUJTw8RxDLy6R9q+b0HjaEwqiDUkU42uG7zxdx0233k34sK3BF1TIlRKRy2L3pWy7729+Y MfcTTjpxnGgBS6eO5IprbmH1rkP4ophFM8Zw6fV3sGrrXrRKEMs9QPkryvHu0KkI5eE5Eeo9 Upn6bV7C03E8o1ixYCJXXFqOmT9uRruSIwfSuOO6a2nSazgZe7dwfblyDBw3E6kTCOGza9MK /nrhZSz89HtyszN5uOJt3PPUs+TGI3jSoyD/KDXvuJUmL3Ym4kmkr9AqytFD+6h4e2UaNWlF cTyBVB7x/OOMGjuSl197idbN21Khwt+pUa8VxUKgnBzaNX6OarWfI9/x8JWm15svcXWFO3Aj PotnD+SiCy9j7per8aWLjhczZHBXLi1fgc3bDvL+1MFccnF5NqUfQWofI7O4p3Jlnmn0dhiH HoQRSK1xYrk8/fD9XHf9jXTu9i7d3n6bO2+5ibvueYI9R7NwpY8RuTzx6EPceHNFmrdpS+uW LWhS7xmuvvZGVnz3LTWrPcijtZtyPO6gpKQ4/wh33XwdNZ5vS9xz2LN1DeedfwFzVqwjoQWR gkM8fE9Fnu34DsdyM6lR9S5urnwfLdp1pE3LNtSuXZfzz7+EFs3bkJN1hJsqVKDu8/UYMnwo 6emHiHsCKQQ/fP8Ffz7vf+g3emRg+VfyNFdiH6OcIPZbanwvh/ov1GP34WNhvwfP8Vk0fzHR aAKlJUo7GOVQXJBB7eqNKCiIIY2Xcg8PkhEKCnIO8Vyt6mRkHUKqRCDSfckPK2bTvGlbvv1x LRs2rmPjutUMGtCXLt174UiPgtwMbr71BhZ+8lngXu8XMbjXm6QdORG4vscLyTqSzkuv9eJo YYRoNEYi4YRu1ZQknDvTswgYE7i4S7+QNm2a8N3qdfhGBgn2ZITDB7bQsUNnEiKBLx3iIs6M aSOYPH0xCaOJKg9fSjatXkzNp55ly/59QViGPvukwwBKKqRx0MlcDqqQTV9+yBNP1mB/5n7y jMLTGlGcTb/+/Zj+/iwWLJjP+AmTmThtdmAlViKs2qDDhJHhpEcKXJ2guCCP6y4pz4z5S/Gk RiodhKHIBLOm9aVx/dasWb+BH39aw4a1P9C+Q0dGTJ6JqwXLF02idoOX8JSP0ArlJujzVmv6 DhmB1GG2fu1hZITeXd9h3kdfh1b9ZLiNS3HeSa6+8BLe6Tss8NzROqxe4ZOxdytPPnY///j8 G37auI4NP63j/dkDefDxOpwoKmL5R7N4snoLIlLhiWKUr9i6dSPT585FKIMQEieaxcSRQ+nZ bxoF0QiRWBGu44c5ELyzX3utUG4uvV5syI+bdiOlh5IxBvbqyqDR0/CUwVMaLYoY3rMPj1R9 jBNFxUHeCKmRQuNqD6U8jBRs3/E9rZsOwHeDUIjUGlc4JicnohaLxVIWECbwDjXaQQlJjoFj cyayq1MXjKfCai8lAt1iKaEkIWsQaqlJ37ufESNG/1tCCf/o/FcL9KQY2bZjF7v3HgxdOn/d gj537lzmz5//u1dwkpZujAyyLGvJgJ5vM2rMBDxN4DYsHXwvwjtvvEqtp+uQHQvK+GgVwTGS VZ8t5aZb7yft6EmSpamSAl2rAmZMHMH5f/orfz3/Ev583gWc/7e/cPGf/8z5513AwAmzcaXH opkTKHftrazckoZSHkVZByhf7jK6DZuBr31cJ0q9ByvSqP3ruCKGqxUrFk7kynJXs3B7Oto3 HD+Uzh3XXcsLPUeye/t6rrv0Uka9Nx+lomgt2bvzR/5y/vnMXPoNubkHeaTiLTzaqDWRMIY1 mn+EGpVvpsmL3Sj2FEY45J/Yz/333k2Vqo9yNDs/jIlPMG94Vy6/8kamz1/A3i2bqVXtcarX 7UBESEwim3Yv1OHJGs9Q4AZx6326duDaCpVxiyWTx3Xnkosu46NVP+FLD+MlmDK1HxeVu5oN Px9g1tQBXHb5jew7mhckWpPZ3Fv5Dmq/0A2RzOJN0oKeS42HH+Chh6qRG3cR0mHm+EFceFE5 PvthE46SGC+HB++9i+p16rIjfR97du9mb/omdqenk3n0AA9VuYMa9dpQ5HvIhEA4+dx98w1U r9eemOeQtnUtF5z/N+YuX0tcehQXZPDQPZV57rWeHMk9RLV7KvFs8xfZmb6fvbt3siv9ILt2 p3H48BGk8NizewevvNKRv996C+Uvu5T+46cTU5K1337I3/70P/QePTFIShcOdkmRjhGgE6FA N0SLMni+3jPke6ZkpVsZtNRBWSktgyRryqOo4CC1qzemoMBBGA8dJgzUoXgszM6gfq2nOJy9 H6Vi+Aa0K/jyg1Fcekl5zr/wYi688HwuPP88LrrwQho2bUlCaopyD1LprlvZnXksSNwnIozo 05m0o1mBCBYORbmZvNa5P1EZnIcUOnCjNnCuhbTgnJwg3MQvoE3rRqFAVxhpMCLCji3f887b A/G1hy8VUjmsXjGfMTM/wdMKVwk86TJrxFBmLljI+4s/wVc+QoSJE880BigTiFnjB140QiPc KC+3bUvffoMYNWkqvnLxtCQvbS1Tps3CEUEMt+MLThYU4UsHKRyUIcxmHizUKQNGKDzjEinI 5bpLypNxMgdfmbDEocDIBAP7tOb8v1zJ+RdewgUXXsglF5zPhRdeTM/Bo4n5Pu8NfJem7Xsi jYcrBEYI5k7tR++Bw/FN0D+09jEySt83uzH3o+Upga7C6xrNP8l1F1zGht378cJkdUYGyf22 bFzJ9deW47zzy3HehZdw4QVXctElf+PWyo9yJD+PcQN70LxVd2IalC5Gi6CUo1AaV+gwyV2E aePH0G/wLIQRQV4CZcLJn3vWMVhp0F4BfdvX5YcNO8OFjgQDerxB/9Fz8LXA1wLjOwzr3p3O r75J3ICnQUqD8g2u8cLnRLJ9x2raNBmM73qpOH5Tqp3Li8NisVj+2wjerRKtXYxUFBg4MH8G 67p2x3iyJNGmHRstvyBZhSWYt0mp2Ju+l5EjRlmBThkR6Fu27SDtwOHfnMU9NzeX7Ozs352g IJUkTuswxtxn7vjB9Bk6nKgB7ftIP5/+A7vyVreeFBZEcISHK02QmEgqPp87kypVa3K8MB6U 80rWMzaS/BPbufXWW2j9Ule+WvYlK776kM+XL+ezr5Yx4M0XuenvldmYnsmyD+dT7vIrmffR VzjCZ83qb7jkwgt4Z+h0hFY4TpTGTz/Eg0/WpChahCMlyxZO4/Jy17F061609jiWmUbF62+g effRFBae5LabrqVRi9coKs7Fcz0WzJzEhRdfzvcbdpGXe4AHKt7M4w2bEpVBjfHiwuNUu+N2 Grd9i5jnUJifwROPPcitt95KWsZhij1JzJfE4kV0eLYKlao+x+H8GCcPbeG+O26m+rNvEBMC 7RXyevsW3FrpDg5l5eD4kn5vvsS1FSqRiGg2rV/BlRedR+++Q4jF40QK8qld53Eq3FqRQ4ez mTllCJdediMHDucELw1ZzD2V76Z2wy54YZI7AyilcSP51Hi4KlUerkVO3MeXDrHcozSuV4MK t9/Ppv3HMX6EF5s24O8VbiLj8BEczycSKWDLjj0kYoW89Wpbbrq5Ej9uWI9wBWtWLqPC5RdT vf6LxDyHI2lbuPj8v9Jz8BhiXpyf13/DlZdeRJ1X3iHPLaZJ7WrcdfcD7NuXgefHyYvEWLfh ZwqLiolFiti3dw8JJ0HcSTB2ZHcuv+5m9ufksW3151z8P3+iY5e+OH6QkCvuesQ9H6mDhHTK +EgTPA/Sz6ZViwas27KtpP8qTWF+UZCsTcogA7vSFBUcoXb1BhQUxvGNLKmhrYMkZUXZGdSv VY2j2YdQysHVoDzJuu+X0qN7H6IJByl9lPRxXQdPaXzlkp+1j7srV2J/xvGgNJhfwPA+Xdhz JBvfgFEexblH6NixM8UJJ7SyS4Qvf1WgB65UgUCXfiGtWzdm5eq1QRZ5aTDKIfvkAeo935Ds /BN4ShOPZtGjS0vGzPwEqV2MLmbLtx/QrusAIkXZ9B08isJYJLDinmUMUBpcLVHaQ2oP5UfZ vWsLb/QfRUFBDq927UE8WoCSLsVZ6bR98Q22bNtNPBrDlxJHCaSKI0WMhOMQ92UY6hKGKYjg +YoV5nL9pdeQm1eMTJZ01D5G+iyYPYqub3TD9T1EmFXf9QVRofCVYP2KD6ny4NO4IoaUCi8e p2mjGvQaNAxP66D+uA48Lvp0eYcFH31RkmU/vK7FeSe5/Zob2HvkBH6YeM2EpSEzM3ZTr3Y1 MjNP4Poe0tP4soBiR+L6DhtWLuHxx+qE1R3iGKlxnBhZOblB/XOtMTLO9IljGTBgHNoEyQwT iSARnjpHHfRAoBfTu2NDfly/BSUFBcU51KnxOP1Gz0FoB6F8jJdgSI9udH+rJ54Jkx0pgxIG 34gg/4dUbNv+E62a9cb1BL7RweJTUqDr0tYAi8Vi+e/HqGC+6huB8YPkr/Gso+SnpwfvDlWq 1OX/9cFa/gMJ5mxJA1IsGuPYseOnGJbKKv/VAj3Jth072bozLRBk6tdd3EtnUv49nePULO5B Ru6tqz7mzR6DKJQarYr5/KM5lLviCia+N41FixewaOFC5i3+gD17D6F9jynDBtC49etE/SCT dpCsK5gwjx7UjYsvLUf6sVykcjGqAE8rYsonc/u33HDNdbTv0oejB/fw5CMPUeG2O2nUrDV1 6tTl4vP/RvchUxFKIYTPtFEDKHdFeWrWrs0Hn3zK54tmcnm56/h4UxpKx8k8tIfbbriBNt2G I/w4Hyyezd9vvouna1an/vP1uPP2irRp9zJFsRh5eYeoWukWqtV/IUhup2MUFmXxeOWKNG3b BddLMGTA2/zlT3/irrvvpn6jZjRs2ppmbV7k8LFMPl88jGuurki1p5+lUYNnueXmG6jzbAcS QqBVgqUL3ueq8uWpVuMZhgwfQ59OHbm+wm0kihUJt4ixg/tx60038cwzdalVvSa3VbyF3v37 47qCGVOGcell13Pw4EmEUEgR5d477qZOg9dDgR4knZJKkygqoMbDD3D/QzXJiwukcjB+gu+W z+Pii6/kxc79kJ7LtnXf89B993DX3VWo36AZteo8Q/NWHYgWF7Fn21oeuf8h/n7bLTRv1JIW jRtyc7mLebp+B2Kei0wU8OTD91Huimt4oUlj6tWtzTVXXUHdl7tQpATbflrJI1Uf4b6776VR 4wZUr1Obus/X5+uvv2Hdmh954P4qPP98XRo1acy9Ve6jQdNWFESj5B7P4Pna1alw0y00btaK tP0H6TdwCD369CeScBE6EDaB14BAi2KWffEhT9eqwZzZs1m4cCFDhw7jjTc6E40EsddHjxxi 2uT3GD1iEHdUvI+Ro8YwbvJUNu/ag5SCvWlpTJ48iVFD+3FfpdsYPHQQkydO4OcdO1CeJOt4 Oi80asLQYcNZvHgRCxbMp1+/fqz7eTO+iLJ43hRuvu4Gxo6dTtzxWfbRAurXeYq+Q8dx8PhJ lPKRiUJaNG3BuPFTWbBwAb1792XF19+FbtjJuuq/RGlNbu5RZk1/n0kTR/PgQ/fSucu7jJs0 ma+WfYsUHk6iiFYtW9GidTPGjR9P504vU6vmk7Ro+SJbdu7A8/Lo/XoHPv5uDY4bZeyQ/sz9 /Bs8L3C1zs/P5/Dhw2RmZnL48GEOHz5MRuZh9h/KpCBSgFQeUsZZNG8a3+9Mw3WLWDRvLivW 7UCLOJ6I8vGyFfTo2Z1hgwcwcfIUtuxMR0hJxv491Hn2GT5Z9vUp5QC1VBzcu4txI4dR7qLL GTVsLJMmTeGnjT+jdBwjJXlZGbz28muMGDmKhYsXM3/BAnr27svan7cGdUdjubRs0ZaOr3Vg yqQp9OvRg0cer0qd+o3YmpZONDef+XNnMWnSeJ59qhZtX3qZCRPHs2TJh7iuT9qebYwbNZTy l1xOv0FDGD95Chs3bUkdp/TjjBvRn7feepf5CxawaN6HDBk2mJHjZuG5MYRzgjdf68zb3Xow f/FcFs1byKuvvsK48RNDTwCNUS4/fPs1LZu1YdHC+Uyf8R5vdn2HnPyikkz8Z7nvWjrMmzyU Zs1aMn7cWNq/2IGnn3yUOo1ac/xkLgk3xhdLplG/Zh3q1KzDuAmTmDl7NpF4HOUrHOGxasUK pk6aRK9eb/Ng1XqMnTCJqbNmklMcRWpdSqALK9AtFkuZwUiDr1XK20ppEMJH+34gzktXJLEK 3XIOSnt5JrWXFej/5aTv3ceqNesCa8pviEH/d5GsS2x0kIhKKZ9E/kFat+1CVrGDUTms/fEb hg1/jxFjRjBy9DDGjhjN8NFj+HnLLpRbxDtdO7Hg4+X4yVrGKkikoKXPR0vnMmfePBypw7rY DtpoPC3xio4wf9Eips79gEh+FsePHmTy1BnMXfwhB44eZebkCXz901aE7yOlRLgRNv28gVFj x7Nu42b279rCuImT2XM8H1/GKMjLYdZ7U/h4+U8IIfCkx8lDx3h/3lwmjR7Pts3b8LRGSpdo vJBFM2byweefBRm4VYKiWIQPpk/nH198h3ATrFj+GaNGjWbUqNGMHD2K4aNGM3HKe5zIycXz o+xc/zNTJoxj/dZdLP1oKZ/94yt8JfCEhxQuO7ZvZdz4iXzy5desW7GCqTPeR8ZUmGk9zr70 7bz33ntMmT6VYydPIGXgrr1981pGT5hKbk4hvu/jixhz35/FB59+F2QkD+the1LjxhN8MG8O 8xf/g4Tro1Tg5horPs60qVOYMmsRjuuhhUOsMJflX33F6JFjWPzxpxTGEgjPR6sE+VknmbNw PgtmLiT3+CHuu6UCT9d/iZgX/Db7ZCbz5y1k1pzZHMw8wJw5M1n8xdeBG7d0iRXms+yLL/h/ 7L13tF1Vuff//vWOOxz3vgKiiA3LRcR29cq9XK+IIiBgl2IDRCkRREhoghRFAumF0DupBJQi ICRAKCGVVEgjlfSeU3dZa87neebn98dce599kpOC4I9y5meMZyQ52WfVueZe3/m0ITcM46+P PkprW3ucxMSzetUKxowZzYAhg3lswnSyisN8Tq5GJWvn+acf4cabb2Xj5s38/Ylx/PWhR8hc R+ssHwQNGeYd6sosXDSfSy6+mLPPPpsRo0bT1NyC94p6ZeWKpdww+BaGDh7I4EFDGXL9AAZe fzOTZ8xB8oyF8+YzaPBQhg4ZxPWD+jBs6BCGDhrCpDlzYrs0l9NWauP2W2/jrDPP5IorruSR R/5G7hWREg+MHc7Ng4dyx+330JzlPPrASIYNGcjAIbexZOVqcl/GV9t5ec5MLrnkCnr16smE Z57DO0Ul1g9onNw7m7Jp42vcfMNtDBkyiAGDrmPwkBsZNGQoDz70KN4L3jvaW1u5687bOPs3 PRj3zHhWrF/LbQP6M23ubJYvmckxx/6Qq6++iquv6c/lF5zGiSedRVu1inrl2WefZdiwYQwZ MoSBAwcycOBABgztz/WDb2DGK7MRyXhtzav88HtH88c/XcW1va/iTxf14NiTL6RSLVNWpWo5 wdoIWmLK1Gl894cnU64Imzes4aweZzH24ccK73Scx7wqy+a/zOABfeg/eCg3DhjG0OuH8uyL U3HajPqAZBlbNq5m2PXDOLNHDy659HKefWES5XIFU8VUKLe1MuSWG/jt2b/l4bFjmLNoDoOG 3cjUl+fRvnkTd952A4OuH8oNA4cxcPBAhgwdzMiRY6hWcubPm81NNwzmhkHXM3DgQAYNHsLE KVNj+DexJaTPKjw94Wl6nt+LC393CSNH3c/KdVvwPifTMq68lb/+5S+cc965/OHii5gybRrV LC+imDq88Y8+/FfOOedsru3Tl8XLl5N7qdcK2bkJ5VIzNw4dzMUXXsis2fOYM+NZ+gwbzLo1 WylVtvHQiOsY2v9mBg0exA1DhnLjrTeztb0VzWNrwqf+/hjXDxnI0OuHMHDgLQwePJibbr2Z TU0tRXRUkWZR5NIlEolEdyCoxfe8ok1W7J4RYuva7QrDpTD3xPZ0rktg6Tu0gW4h0FevXc/d I8d0eGP+fxLoMfxTIHh8iEXigrRw+um/5u9PPot6QVTItIp5wYtizhDLcc7TtnkJvS6/itUt VdQ09mmuhcuLxt7gEgVZZka5KBqlroJTpaqGExd7EIug3pGLUvI5IW8lUyFIHotYicd8FV+8 9AfJUauQmVD1ZST3+LyEyx3Oe6riCeW4H3MxV7RqFYLPyMUTMqXiq2Qa+y7namheoSwae5VL LOxltfPS+DKuYljuyFXJNENyw6SEF4+Z4MxQU8RVEO8oO8HnnnKeEaoOKQSHK3paO3PkYpg3 zCsmOVWrIL6CqMNJGdMMJ6HwghUCXQ3vfVwFlmrs0+0Ur4KKoNKKSJWKGLlI7COuFUyqtGsM 18+cJ/NlxGdUzLAsINUWvvrZT3PMCWdTyh1eNLYgEyMXxZmi4lEvMbpBclTaEZPY17roEe29 ElTQoq91bGNWIlclV8VcFXF5vB5WWL3ntMae7pIhwcUCZnn8Ha9ajEtFLO5PxVBnqKtiLkZx qCpeWnBiZF6xvIo5h5MQx4Q5JHdIrrSbIWKYU0Szojdq7AMfW4lFL2cuMYetKiWaJUddGyrV YtzG8GfNc8S341yx0qoB75RqJaO9vZ1yuUS5XN7BsmqFYKUYEi9lRNuLSAlBTci9K66Rx7xS UcFXN+KlFXGeqmtl9B29eeT5qby2YhmrVi5lxcoV3HlDbxYvX0tWhGNtv0CgWiWXHJ97KtlW Lv3DBQy9fTQrV61i+ZqVLF+zjD/0/CUjHn6cDcsWMen5F2lraaLc1sT48eM5+fSzqOQ5lfI2 /nzNn1m2dgNi1AV6FsBchpMKJTNCVcglp+IdzrYiPqAuQ30zJh5RxRm4ov2d+Bxn4LMS7cFw TjBXJQsep55WNUKljEiZikgcB5rFcxVDnOFdBZUsPtMSn+NMNLbfCTFdxHvBaTXOM05QH/Aq 5E5pDYr5LahzVMURpFSM/bhoUmujZuYJVkHE8FqkaYin3N71PS+VSrS1teG8x4kjuFLsAa+G +hbKFtMFxDxBNuMkhvyHzJGJUrG4MBXz/nNES/Vn0tShUsGJ1MW5GfVzTiQSie5A/XtIlFxz fMjQPOBCMR9aEuiJndO5sn9KE2ukWwj0bc0t9Ok/iEqW7zIcskZrqURLewnZLjznH5tY4opQ rGJpBHPcd99oLrjgYnzuoygIEvPUNRSTWXzRf2nKC/QdNCjmyYaOfuy1CU/rub/Ri+RD7cXd x4JS9ar1RTisWSHwhaBRzNb+L9TCZoN1eOiCL6okF5U4az2azWLuctGiKqjFfM0gBJWit3IU 0rGAWFEgRAVfXFOtV9Uqro8VvxcgiMYCTMV2YmG8osJ6w7VQiRXt1UBUCFJrfRTDt63Yf62l mBXnq0Hq+zPzxf4b8kgpFkHMit7zEv8s7mGtyJoVFfVr9yEKCEGCFcdVu3bFz8TIq2W+9+2j OPM3Pcmci4W2aqE8AbQI0a6104vXpzj/4pLVPh+sVnXeikiNPFaiLxYaTKS4l1b/bMffa/dY Yz6xhvr1NC3GWcOXaaiPrYYFrhCPv+YlDY2/F4ygMf+s/iWtRRG++jEUI6AQnLE6uaEh5vea unrF8o7ra0Xrwlo1c08wx8033cBJJx7PCSccz/HH72hXXnE1eTVHfOzHHkIe740panExZe2G jeTOo7VFE61CyBE1mpu2cMXve7G5pbWoGu9RVWbNmMgdd96LNIRmNRKCFONY2bJ1A78773zW bW6OItEUDcprS2dx4aV/oNy8jSuvuIKze/yGHmeexYUXXsyixYtj/rd5cueiOK+NC4oiZcW1 8cGKfMDi2bMsPvcqmOb1sdJxXxvGunokgGroNA/E4nwdY71W9C6EWHG17jUOWh8jcYxu/zJm WLEyHuqCNi7+xHkrj978UEQK1Z+LxroCxT0vflekyuqVr3LKz3/e5T0/4YQTOenEU5k8aQYi GqvKm49RMubjHBZqz4LriLAq5hQtxq3WxlqQhkVFrc/HnWb79AKaSCS6EcFi3rmZIJZTMaHc 3Exl/dqYlhk0vg/UIqre6gNOvC2paYtylrOtubnL96nuRrcQ6Fme06f/QDZu3hLF2m4+f/+D f2PMXx6q56zDmzuxZFnG1q1bdzsAK5UKbW1t3X6Qvhuo5daISOHpLb/hGgfdGytEkmDmWLN6 GXPnvsTLL89m7ty5O9jixcsQF6u+WyGuouCLz2DVeX54wk8oVTNUO/cmV1Wcc5RKpU73a2c/ 3xnee0ql0o69z4sxYWZ4ySmVSrS3l6hW82JhzO80t767UbvMwQTTjEp5K6+8PLPLez537svM nT2fpm2tWK1Zeqjd+0QikUi8UYIZFQMNPkYaVQOvPvQgL/XuTfAuOm5qC7gkgZ7ooHEBPxQO xFeXreD6m26pF4jrzu/I3UKgqxm333UvL7w4eZcVl2vcM+o+7hoxpuglHF+m38yJpSbWdlUl /s0oUpd4+9B4zxurU6b7+4/TERoVPZyqvh4OvT3iNebSSy3ioCOqQlWp5J6jv/N9StUYot2p sE1D+Hojtfu5u2e58fNdbafzfNDhiVftyJ9P46Qg1BZl4v1WdTu95/G+FSkaanQOpUskEonE G6XmQdfgUCkTSsaqO+5gTq8L6gLdkkBPdEGnCLuiOPO8hYvpN3DIDsXiuiPdQqAHYMr0Gdx4 863k3u92ghg+5n7uGXVfEdr45nvQ92TAdedB+W4lVab851AX27YrAdbwLD2n0okAACAASURB VDcUrgmFOM5FOPKY71CqZtRWc/eE13Mfd3XvbbsFgde77e5BLT+t1jfV9mDBtSNEvvG+JxKJ ROKNE9SKlESPtyomgTV338LLPc8niI81PlKIe6ILuvKgL1yynH4DB9cdF92ZbiPQS9WcG26+ laaW1vqg2NkL8D2j7uOOe0f90wR6IpF4oxT57KFzj9WdPqONedINnvdQeKczLxx17HcpFwL9 raoiWhePDaHYSVA2UMtjh476D6/j+qRrmUgkEm8esa5PjDb1weECrBx+G7N7nU/QJNATO6cr gb5oyTL6Dhjc7b3n0E0Euhp4g2dfeJHZc1/e7U2//6G/MfbBR5JATyTepoSgWHBYiEVoLOym QFdN2DV6UIOD4GIOuhcOO+JIStVqvdDgW0FHP+3Y/aG2qJCI1BdYiOJcgtULK+7s8x1YykFP JBKJN5EQlDwUXXJMUAmsufsuXu7ZKwn0xC7p0oO+eCnX9h2QBDrdRKBbUdV4/YYN9Os/gFK5 ihetVxre3krldkqltnqF6PhnsmTJ3j7mtrN/cBuaY5LhsjLPT3gKl1fewPb+Gef3Vh/H29ss XddkyZIl+6ebmURnl2gsYGpgarEWiHiCM8QHxKB1xVI2vTw3dubYSY2QRGJ7zIzWtjbmzZ+f qrjTTQR6IBaKy73nvrH3M/HFyTi/Y4ucxs+HogVPsmTJ3r2mxaqtWey7Xe8b/zY4tmTJkiVL luztYFa0O/VeuOPOexgxaixbm9vwXjAVVItipxbD3aUosNzdRVZiz2gsjF3LPe/uY6dbCPRa /28nnlKlws233s7KVWsQaeyz22G1/MZkyZK9+83Xi9w09L9OlixZsmTJkkWzGMLuvKdP/8H8 7NQzuOCyq3n62Sm0V6pkQVDzBKdkZmQpRDnxOmkU6WnsdBOBDh25L2rGytVruKZ3X5qamzta GhXtj8wMExdNo73VoUXJkiX755ipI6gjSPGcF8/+W31cyZIlS5Ys2dvFzAQRIfdKnwHXc9Ip Z3HCKb/hpFPO5rcXXMrLy5aSiyc4JfdKrh3e0CS2Ertj+1bESah3U4GuZqxes45+AwYz5v6/ UqrmeLW6OZG6eVXUkiVL9m405z2i0Svgxdf/9CJv+bElS5YsWbJkbwcTM5wZVTGu6RcF+omn 9OD4U3vwk1PO4rTTzuPa/jexct0GrD1DylkS54k9plGQi0hqN0s3FeiihhpUcs/9Dz3K+Rdd xsDrb+bhx5/ksXHP0GfwjVx2dT9uuGM4N901MlmyZO9iu/me0Vx/272c2uM8ht56Nzfcce9b fkzJkiVLlizZ28luvXcUN901gnMuuJyTTjmLk04+i+NPO4ufnXw2p550HieefD4/P6sHd51/ AX8fOqyT0EokdkXNg7502TJuueUWnHP1n3dXuo1Ab8SswwJQyXJWr13HwkWvsmDhIobceBv9 htzItJlzmD5jNtNnzmH6zDnx38mSJXtX2ZQZs5n00my+e/zPeW7KjPScJ0uWLFmyZJ1sNtNe msWUl2bz+yt7c9IpPTjplHM48dTfceJPe3D8yT048Rfn86drBjP+msuYfvFlmBdMOqq4p5ah ia4x6n3QFy+h74BBnULduyvdUqDvjNpguHvkGO4eOaZeGCNYQ+G47XIjkiVL9s42Nah44chj v0dbJUPNOs0HyZIlS5YsWTLIvXJt36GcdPJZnHTK2Zxw8m85+dSzOf+Sy/nro0+TZZ41I29i fq+LCF4IIvV37CTQE410DIeaQIdFS5bRd8Dg+pjrziSBXtA4Cd07eix3j7wPtSTQkyV79xtU vXDUsd+jrVzt1OIjWbJkyZIlSxbNiXJdv8H89OQzOPEXZ3LyGecxfMT9tLWUqYripMyae27g lV6XEEQwTR70RNfsKNCNhUmg10kCvQvuGTmGO+4dhWgcNDWBnuaWROLdhRVVQytZzreOPpbW 9hKqcVEukUgkEolEx4K1V6VP/0GcdvpvGDnmryxZuQavhrpAHhTTdpYMv50XLrmcIB4zxUJR ByokkZ7ooFGgmylelAWLl3Btn/6pfgFJoHfJjDnzeGnOK6hZffUvCfRE4t2HmWKqlCpVbrn9 TqpZjqkkgZ5IJBKJREGtyHLuPXfceTcvTp5G7jwiig8gPlAJgrkq216Zw7IJz8fv0hA9o0mg J7anUaCrCl6EjVu38ezESZ0iGbsrSaB3gQTIRHGiSaAnEu9iTAUVhxfFq+JFMPWYyu5/OZFI JBKJbkCtRbETTzXLUDW8F9QLFTOcQSUYoeTJfGxRbCaIKRpiimgS6IlGtvegiyreIJcYrSHS vd/DkkDvAgugIU5IZlafVNLEkki8u4irs51z7KD7rtgmEolEIrE9gaIV1na5wcEsetANXDCC F0QC3sCCEYIl51ZipzRqKzVDg2Eh9UCHJNC7pFYQrjEkJwn0RCKRSCQSiUQiYsHQAEECQYwQ BBcMn4R5Yg9o1FZRe8VFnUQS6F2SBHoi0b2w0GGJRCKRSCR2T4w2haBG8AEJivoylmUEDem9 ObFLQqCo+WOdtFciCfQueejhv3H/Aw/FSSd0DKBUOCqReHdRe6bLznPiz06hvZpRa62YSCQS iURi55hB8IozwWtAg7H68ceYNeRmghim1snhlUjU6HB8GgRFzVi2YiU33nRbTKdoaNHXHUkC vQtGjLyP4SPuQzXEyceMYAqhew+WROLdRjDFzCg54Yhjf0BbJQr0lIeeSCQSicSuCQFCLlQt J1dDAqy763Ze7nkpwcdOSLXotBSJmmikPh6CQpDYB33RMvr2HZIEOkmgd8mIkWMZMfJ+RA2N sTsQJFoikXjXEIo2axVRvnnsj2ituqLNWvf+YkgkEolEYndoAMsFsQx1SjnAqpE38sr5FxLy KNBTFfdEV+wg0FV5dfEK+va9Pgl0kkDvklEjxzJi+H2YhlhFMAgEB8G/ru0EDZgJah4NLVjm 2LBsBk88M452iS0EtLa6qMLSmc8wfcrLLFw4i+t6X07f3n3pd10fru07mD9f15/eva+h93V9 ePbFSfTt35e+1/ajT+8/0rf3YP7cpz/9rrma3r378uCzz9G6fi03DrqJ/r2v45rrenPNtX24 9e7bWfzaaireEbwRLENCjgaHhNheTgOE4CBUMIs9LEPIo5kWOUWChli5Uw2CCZqXeHT4PSxZ s4Wqz3ho5C089sSTVJ3izQjqCObj9SgeyOA9IWSIKcEchFbUJEYtACFIQ9SC4V2JLeU2nFRi GLL6uK1E4h9ENbaDKeWeI7/zY9qqDlEpvOiJRCKRSCR2hhpYruSW43MjN1g3/AbmndeLUBVU LQn0xE4o9BW1tmrG4iUr6NtvMCKSqri/1QfwdmT06LEMv3dUnFi0CG0P/nV70DsEukNCC+Yc Tz14O3+6tg8lDYgqIcT8HJMqN1x3CbfccT/lUjPr1ixn/doNPPnIWA488LM8PXEqGzasZ9Xa tTS1t7N2/RrWr13HmtVL+NwnDubR8c+ycd1K1q7fwLrWVpbPmcHRR36fVWvWsXr9etavWcVD D47ly//1VSa8OCeKb82wkKFBsWCYUbSVUzQIIWgUKiFabENF/HnNTDEVqqU2Tjj6m7w0fxml rMz4h0YwecYsxGIvzGDxXGttFIJ5gnYIdDXBQiG8LSeoxzS2uIv7FbasW8FZ515ES2sTakpQ lwR64g1hFvOeyrnw9SO/Q0sphbgnEolEIrEn+BC/RyvB4/OA98aK4XcwrefvCXl8bxSzJNAT XdAo0EE1sHDREvoPGIz3vqH1bfckCfQumDhxEhMnTkZFCw96LcT99XnVgloUsOZQK2EuZ8TN vbmu3yDKEuICgMWef+Zb+MOFZ3L32EdQEUwEyYUX/v4An//cISxdswHnHF6VTApBK0JW3spH 9v0EryxZRdAMNaNqnvmTxnPM8adRkYAzCOKQchPHn3AsZ53zJ5yVCVqFUImrm+ajd1wdXuMq qIYcgke8Ij5ghZfdQi2qIEd8FTOlqbmZI7/6JRa8thqvHnWtlDUgWsW0jBa/m2ko9pWj6nG+ gpjigiEhhhtjLQR1SC6oD8XiQM761xZx5m8vplQpRa97EuiJN4iZ4kUoZ54r/3QtbeUqXnzy oCcSiUQisRs0gIkiJqgLVA1WT3uRZQ/+rchBt0456IlEB0V9rwaBvnbdBh5+5NHkQScJ9C7p cpUvvH6vWjAhmGHmCJZhrkq/P53LoKE3k1usfulV8Zoj2QZOO+WnPDB+QvS8i2HqeeaBe/nv Q7/NuuZ2RIqVpkAMPVejtWkt++/1SVZtbo+i1xTRCtOeGsnPe11JSQPelOAFq7bwu3N/wcm/ upzMWguBXkLFmDp5PKPvGcvokXdy5lnnsXZTE22VZm6//SaOOeo4fvbTX/HCpOmURVF1VMut 9OtzDccecxRnnnE606ZN5stf/AxrNm2mUmpj4NVXMH7qHCptGxh89aU8+fw0Lr70cq7pPwxX bWHFqlX8+owzOPJb3+KSSy5m9ZYmMjFMKzRtfY1Lep3PMUcdS48zz2XBgnncP3YEp534Q750 yDfo0eNsxvzlEdRVkG7+ACfeGKFmDav7qc1HIpFIJBK7JxaJ09gD3QfaA7SZEsTX26yl79NE 13QIdCC1WduOJND/mQQXQ7vNEyQjSCsXnHsSxx33E3pe/HsuvOgiLrz4Ii685AIu7dmD//zi //L45BkEyYpc7SoP3TaMI47+KVsq0bscTDtaVpixdtWr7P++A9la0kKgC6olHhndm8uG3kpb 5slcO6VSxvPPPsN/fOkrjH9uej3EPYSMkOXce29/DvnvY7h79AhenvsKldZVXHDR7+g7YBBr Vq/kpenT+MlPT+bVleuolpr43nHHMWDoMJauWsXcWVO47Pyz+NgBn2VrcxtNW9ZwxP8eyn3P TGHbhpUcfsh/c+o5l/DMuEdZsmI5r86cyNePPYlnnp/E5nWbeOQvoznhF6eSizJnymP896GH 8ZeHHmHV6lVMmTqZsWPHsnLFMu65vi+nnP4bXpo9k1UbN6NSRZKnM/EG6CTQi5eJ9AWRSCQS icTu0WBkoQh1VyN4JfjU/zyxZ4R6lLLW02dDSI43SAJ9JxhvSg5qJ4GeE/xWfnbCN/nlL39H n3796Nv3Ovr068t1ffvQ/0+XcuAn/otnZs4jSDuiDm8l7uh7DT8+5VxaJaA+CvS6qFBh3pwp fPIT/0W7i+Hpah7Vdu4cei6H/fBHnH/BhfS64BzOOfdCfvGrXzHuuUlURTDpKBIXsjK33HIF vf4wmDZpR5xnxcvjOO20k1mycg2r1yxl3boV9OvXn6efm8b8WZM47GuHs2pbC2Uz1Lcx8fGR fPJTh9Fezlm/ZhFfO/TLPDFzAetXLuPrh36Np2cuRH0LTqrc0Psqrr71PlauXc+GFWtZt3IR p5zRg1Il57ennsD3TzidTI2qZOS+jHjBvOevd9/E76+8mlw9VRWC5UmgJ94QHc9SjEgJZkmg JxKJRCKxB5hZ7H9usbBv8DleDVd8lyYSu2JHgR7rXyWSQO8Sb0YmhmhsEQEdL/Kvh1AUSHPB Yrh7vo3DDzmEh5+ZRm0RQCzmwbZuXMyBn/o005cvQTQUgqHENVf24pzLe9NuseJ0LLZW9GbX CpOffYJDDvsumcSq6l4F8RWu/M0vGPPYY3jnKWmGammnxy8m3Nz7TEY8MQmXlRHvmHr/XRz5 tSO4pv8w+vTrS7++1zGgfz+WL3+NFyaM4+c/OYe23OPUYVnGwmmP8alDf0yWtbJ0wUt86SuH smjZayxfNItjjj6R5eu3ICFDK+2cecqvOP+yP3NdvwEM7nMNg669hn6Db6atdTOnHHME1wx9 gKqBqBGcol7wfhs39jmPP/YZRnsw1DuCC+Sh8o/f6ES3RzXWmSjnjkwUMUu5T4lEIpFI7AHR CWU482SaE7JAmy8RylsIIkUR4FrB37T4neigYywYKrEPujMjF0VVU5u1t/oA3o5MmDiZcROe x6u+QYFudYFuJvjyFr7y2S8zYfp8YvXC2B9SVNm4bA4HfOxzvLphE6qBoAKhwh8u6cm1N9xN JRA98XWBrgQp89Rjf+W440/DmyLBokDPSlzw8xN47Pnn8M5TsRyzys4Fugh9Lj6Zp19aiPcZ Ip75zz9Oj1+dTlvm8OLwPi+K1BnTXnyW7x13EltbS+TiCc7x8Khb+ep3z8D7EnNfep7P/8d/ 8tra9Sx+ZTrf/cGprG8tocERXJXLL7iYR5+cQK6x0FsQT1mMcqmZ04//Hr+9qB9lJ3gfC+Vl mcdLK1dddArXDhhGm8aHOfiAf52t7xKJRswM7z1V57nsqj9RrmaoJoGeSCQSicTuCMGQYIg6 RKuEtsDaic8xf/jdBO/RontPEuiJ7WkU6MEML8KKNet54MFHur04hyTQu+SekfcxfMwDeHlj Ah3ATJAQq663b1vPlw/6Ai8tXBm3WeSTW4CFM1/kYx/7EuuaSzGPx3KCVbnwvF7cfd/fyYJh 6qLnnNqqZcYj94/i1LMuRsyjQfEqZO0tnPHjH/HsjOl4JzjzWMh3eozqhF5nnMS8ZesR7xFT Si3rOe0XP+XmW25l9ZpVLF78KsNHjWFzUxstWzfwlf/4CnfdO5LVa9cxe8YMjj3i65x4+kWo Vpn8/Di++rXD2bytifmzp3FqjwvZWnVIEMxnvDD+Kb7+P4cxffZcNmxYz0vTZ3DPmIdwkvPg yFs5+HOH8sLEiaxds5oXn5/CgkXLcFLijhuu5tc9zmbxqrVUs5zgY1hVIvGPYqqICFXn+dbR x1GqVFGNxRgTiUQikUjsHA2GC2DeEayC+cCqe+5i1gUXElx8L43teZNAT3Rme4Euaixaspw+ /QfVIxm7s7MkCfQuGD76fu4aMTqu+llHdcHXO7HU2peZKU49TVs2cM4Zv2bJ+m1xmyaIxjD3 eTMm88tfnkdLuUIQRbRK5kvcdP3NvDhtAb7wNlvRN52geJ/x7BOPcvNdD6DmCMHjVSm3NtP/ ysuZu3wJ4jxqObaLnA5XyRly3eVs2NIcW7wFQzVj9WvLuXHYUHr2PI+rr/kzj497irZKjvmc 15Yv5uqrr+Hiiy/jgbFjuG/UCAbeMgL1GTOmTuTSy6+krVxh4SuzGHb3KNpyj6ii6vHVKi+M e4Yr/vhHzuvZi+uH3cTceQtw4pG8nZemz+KPf7yCCy/sxW233sWGTdtw4ii1buDmW4fR8+LL WLd+U3yAJU33iX+c2hdALsJRx36PUjXjTatBkUgkEonEu5pCoItHQpU2gzX33sL8nj1ju2CT JNATXbK9QFfrEOi19MMk0BOdGD76fu4eMaZeKR3+MYHuA5jlBPNk6qn6nCzfRqUYb8E8qopT Q32VPHOothG8xfZrliO+hNeA1ft+GxJiMY7Yd7JCZiCaEULsk27isDyjZFXEO9TKyC7GuIoh 0oL4Sn1BwUwxEdS7GDZfPDwihjghWBkTj3qJq6biydUwFUxjLokvBHlFBe8Vq5+XYZlg6rBi 1Uy8xMUB06L/fBXVHBVDNaCiqHOItJA7wamgVsVcmu4Tb4T4YGSiSaAnEolEIvE6CGpULEaL mjlaA6wcdQuv9OxZ5KAngZ7omh0FOixasoy+AwZ3e3EOSaB3yZsl0F0As4xgOVXzVDXH+Saq VmuTFsVwFLYen2cE3UpwhmjAhRzVtnpO+vYC3ZugeRToZlVCyBFVTDzmlYpleJ8j1o7bxTjP xXBaQn170bO9JpQlCuNgsdCHKuY9zgmibZj3BC+otqKSo9pRYEvNEFVEPV4dlnmCNypmlINh Xos2b4paDI8y9UUuU4wgEM07esJ7RxDBtBkVxZtHQjvBd+8HOPFGSQI9kUgkEol/hCBGi0Ee lOAVkcCa4bczLwn0xG5IAn3XJIHeBbPmzGHmrNk7VBG0ACaGU6EcfCEcd54HbYHYLiBoDBs3 ix7q+qg0QrBikEZRECyPReCIvxuKImihCLfvWCgofte0aG9R7Kf2OTOs9u8gu2x3EYirn4Ra 7q116kMY6p8ptltss7Yfgq8vZHQ6f7N6mErQWCRELYb+hyJMvyaEgsW/1w4zhOjFb9hafV9x /4YFn3ptJt4QVlRtz3LHHXfeRTXLime+e38xJBKJRCKxO4IZLhgiAfFGST1bp89g1aPj6+/Q 3V1oJXaPFU69TZs3M/HFF9PYIQn0LhERvPeISCeB7oKhVUGqnoo5zHnEKT503wGUSLyTqVVx 997jnNvhmU8kEolEIrFzJESLKZtCJTicSWpZmthjas4SVcU5l3LQSQK9S2qe3+1Xb8yM3Awn FiuIB0NCDqnVVyLxjqT2nNdMJL5UJBKJRCKR2DUawFxARMnNEaqCKxterVMUZSKxOxort3d3 cQ5JoHfJzgR6UCMTpU09Fe+xqiHO0ORBTyTekdRWbWsrtymsKpFIJBKJPcMCmA94NXLzhIpD MsEXkWhJaCX2hO11V23MdOexkwR6F+zsRT2I4fMM2biBZWMfQMvt5BIwTYnQicQ7kcawqlpq S+2LIpFIJBKJxK4wLBg+EAsa+xxn7ZSlHP+3GwusxJ7T6DV3znX6WXclCfQuGD9+PE8++eQO +TMur/LKffcx65gfMembRyLtKymZTwI9kXiHUhPjeZ5z/vnnU6lUuvUXQiKRSCQSe0wQLAjq AyIBpxU2Pvk4c2+7K+WgJ14Xqsrq1asZPXo03sfU4e48frqFQI8VyCFozBvPgyEGpob6ou+2 xqrh3oS7R9/LXWOGUzHFqWLtZZpemMqMc3vx0qf/nVmf+QwvfeM7SHsrWa29RPDJkiV7h5kV LWByLxx1zPdpL2eYBszkLT+2ZMmSJUuW7O1tggsZJlVUlfYgrBw1jFkXXFC0xtX4Dl7r3pNI FOzYZs2KNmuDUqoh3USgayhae2kgSIhiXQJelSw4fHBYcJjliGSMuvshRtz7CCJC9dUFzDvz dCZ99tPMPujTzP/MF5h68OeYfOT3ce0tOFG8WezfnSxZsneWmaJBqYrnyO/8gNZqBTVBg771 x5YsWbJkyZK9nU0NZ0IuHqeGc8bGO29nYa9LokAXSQI90SWpD/qu6V4C3QeCjznjQQMmAZWA GGTiqeZVfLXMLffdxW03DWDqn65i4v/8L1MP+jSzDj6YGZ/5PPM+/QWmHPxZJh3xbdy21UjL FrStFStVkyVL9o6zMlYq4UoVfnDMdyhva0Lb27BS5W1wbMmSJUuWLNnb1/JKRiUv49rLVCs5 5azCsntuY9oFlyUPemKXJIG+a7qFQAeL3vMiRyYP4DRH/VZKa2Yz549/Zv7hP2DBt45n6g9P 4PnDvs0r/3UU8z/zZeYedDDTDvo8sw86hBkHfYXZn/kMSz/976z85EE8cOAXGf+xLzLpYx9j 2gF7J0uW7B1m0w/Yh5cO+ADTPvEhpn/iI0w54ANMO2Bfph2wz1t+bMmSJUuWLNnb3aYesDcv H7APCz7+fl4+YC+e+vf38vKFPQnOE8ySQE90yfYCXVSZt2gJ/QcNTe1u6TYCPU4MZiBmiK9S XbuC+3tdyrwhd7P+5VdorrZQ0hJeSsxbuoC5C15m6eSpzD67J5MO/BxzD/4M0w8+iAUHHcTM gw9k+reOxG9ZhmRb8dJO1VeTJUv2DrPMValkORXnuPq6AbSWK2R5Tuazt/zYkiVLlixZsrez Zb6Kd1VKPmObr2CtbayYOImF9/8tedATu6RRoJspqsbq9Rt54KFH6p20ujPdRqBrUYDATCmv WM4Lfa5jzTPPYu3tmORURamK4n3AciH3Qlk9vmUrW+8dwZyjvsNLn/8Scw/6PDM/83mmf+O7 +NYmcufIRfFGsmTJ3mmmiheHVyX3Qi6CF49Pz3SyZMmSJUu2a9OA+YDzgUyVUMkpq2C5EFQJ qmjhRU8CPdFIJ4FejBOnhjS0XOvOYe7dQqAHCbRqhs8r+GqZJT0vZcXU53GykxsfhBAUDcWq nwqu1MrSe0cx/T8PY/5B/8HMbx5Lc2UDzT4QKmnWSSTe2RjBFOi+XwaJRCKRSLxe6u/KwQhO CFlALf4skdgVoSGyIkZaGCGk9zDoJgLdTDFRMudYfPsIVowaQznPCPlOZo+gHXkzBqaeYI5c Sqxf+yrL+w3imWN/gjRtpaqW+qAnEolEIpFIJLodQQOhKMZcDUa1+HsisTt2FOiNnvXuTTcR 6J6KCaXVm5nymwsorV1FVQQT3+XngxmmjSEWipnHe0/ZHK7cRmnePKpZG7lqEuiJxDscCyBp xT+RSCQSiT0mBMM0hrObBkoBMnFY5urCPX2tJnZGMN1BoGs3DmtvpJsIdEeLeVb+5XnanngK tQxVRYLr8vNTp77EtGkvoWpADLewYGjRpk0thsP6IFSLUPhEIvHOI5hiZpSdMuSm2ynnDlPF unlxkkQikUgkdocEUHUE84Q84A02z5jKigcfIziNzq5CpKcc9ERnDIJQSy1UVTZu3sK48U+j qt06/xy6jUBXpNzM/KsH07J+NeYVNcVC1y/hd48Yw10jRiOqqEp9BVAthvKYxvwaNQjeCDvL ZU8kEm9rzBQRoeSEbxzzfVoqGSpC6OZfDIlEIpFI7A4JoOIRc2huZGosH347M3pdSsijyFKz ehX3JNITHRgEDyGOE1Fl4aLF9Os/MAl0uotAD8bmF19kwqUXU66WUWd48wTt+ubfO+YB7ho9 Fl8T6BZ79LmgmAnBGVr0U/fF5LObI+j8z6AxbD7E/4vFqWorjBYnMYue+2A77wUY6PhcbfIz YxcFFrb/ecyz19Dxf8FiS4zatuuTasPnXy9mFILHOm17x2OrWdfUj6H+u/HzZh3b7WLve/iz HfdV21/j50On/3v92905Vt9+5/3v6XY7H2Pn6/RGjqlhu9ZxjHFs7rj9eqjSTsLadjV+Oq73 9sew6+N6/XT8rqngvaciwhHf+TEt1bz+zL+5+3wr2f01rM0ZIVAUCimhvwAAIABJREFUyQR2 WMDseIb3bF+N+3irr93u7t/O5p/tz6c2z76Tx0MikUi8OVgAy5WqOTJntJixdtSNLDr/IkJV MLWGInJJoCca6RDoYKgai5csZ8DAIakPOt1GoAvLrxrK3MfH4vMyXgPOlKBdD4ARo8Zyz/D7 EI256AQtXlrj5xvzJXYnOEJQCHkUvrV8HC2j5qmI4tUTpISa4s1w6rBcUOcQaUelHVOrT2yN JgYhF7wKpaBobuReUJNOoh8KcRUkTqaBmC9kggRoCxAki30IfYVcFa8O7zLaLbbLcCYEy9Hi 5b0mwDod0w7XxDATnAgmOSZZXPQwCFILa4kLFNEkWhcLDGrggmGaE8THe2MKVsbEIwaZhGI7 hYgI0vHv2jFabdGjQWxCx3UpjsEbiComeX3yiCvBkIni1aKQo+NlvX4e212DjvPb0WLrv7hf s/hF1ng89d/fzXUOFnPANIAEw6Qar4uGTp/v/LsdgqPR4g8VgotWiP0givoYPSKWY8U5dBIu aqhT1Mf7bEU6SG0hSENNDNbSR6gXl9FinyHExSsz4jMatL74FHfko70OGq9nLPpYrOyLR9XT nnuOOO6HtJSrxc8k3pvaM2tKMFc/17cP1vm+Ff82o/4MEHzHGKp9xlxhtXtTjecqRrDNqDNM S8XzSDH2c0TjmKpdz+2N4BvGkCv2bfXnsEZ9HHYxr4VijDTOrTu+2O3pfSjGWvAQqvWx1Pj8 1I4vXqvaeGuc9xULhgVf9GoNiHjMuk6RSiQSie5CFOiCtwzvlHYzVo8YxoKeFxFyRUWTQE/s lNr7uZkhYry6eBn9B1wf3zm6eaphtxDo4irMPftS2l5bgLgqYuDMCDu5+SNHjeWue0YVIrBD 1NVE754SvdlCaBTopmzetJq/Pf4obblD1FNu2cQT48Zx34N/Zc3y1ajLqahj5dI5TJ0+D1+I lPrLZah5cYTgQyHsS0x/9mkee+YF8rBj78C617P2d7W6hzwPYL4Vb4qoo+qFVcvn85cHH2Tx tmbMK7l5glYIIesseHcx6db2qepp3baBW24Ywuj7HqCce0x2IVprk3ltO0WUgguGSpUgOWqG mGJaZdxjDzNg0BCa2iv1aAcNHbktOx7vji/3VhOPhUDPxKhWK0x46gnuf+CBaPc/wH1jxzJ7 zlwy7/EaolCviaGaN7+raw9dn2+niIkOYdUo9jvEj+50DFoxnqPQNdSXUXHITqJEdrhXOxXo Pl5DVcxFUe5VEfPodgtHpoZ6j3lHVimTS1wRrYn42jXu4ugLAWT1xZBAg3DaXoQWz8LroXYd gykqOXlWJfceEY+Kp+KFbx33A1pKlSjQJZ6rqaEaihC9t2Mbtu0FesO9LBblosi0DtFeF+i+ YYxFT0dQIdg6zAdEXDF/1b48qziX4XLdhUBvWPSsCd4uvO6153TnAn27z8MO29gTOo8Z6dhn F89oh5jXhjFWFAoNhgWHmZDlgvMO0STQE4lE90YDmBck5DE6VZWV99zC7At+X0SbJoGe2Dl1 J40a3iuvLl5B335DUNVuH+beLQR61ryNZ867DGndHF+8QwxN31mI+9+fGM/fn3gKL3H1r8Pz +voGShx4WrzYaSGKMwYNGchve11IOXdMnzaFIw7/Gkcf/W2O+cFJHH3ooTz52Hi2mGfulOe4 7KprqapiwRPqgikKOTOPBJCgtG14lSO//Dk+dtCXWbh2cxRCxUspWN17Wfe2NnjTJG9n9guP M2nmy4X3XBk36hb23//jPDzrZUSUzBxBSxDKdPZ8W138QKMI7QifN3OsW7mEgw/8d4797o9p q+YdntUuPGs7CPQQqzp6EyRvZ+7MqbwwaRJl5wlB+N0Zv2Tf9+/H+q3NdS+r1tMDrJO3ru6l bhAxtWtRE3BmSi5Ge2szRx72v/yf//Ne/s///Tf+77/8K+/51/dwwEc/wlV//COb28r4QF2g 16pPNp5Tfbs7HSRRpNfPufb76gkaIx58iF7xKJjzBo9kh5iV0HDtTGjatJpxTzzOoqUr9kgA 7ezY6t5xMyrlVp5/fjzjnxrHpMnTcD5HJXS6lmaOSRMn8K1vHcGmbc1FFEqxuERxrWqCvlHU hYbFiFqUQxHx0fg81a7p6/2O71jsUdavXc03Dj+cqdNnIip45ylVM848+1xK1SriM7wrMWXi c0x4ZgJrN2zBW7wPb7d3i1A807XFu0jD+AgdiyOdrqV1XuypLfBgFdasmcmT455i1twFSHEP QhBMq1w/eDDn//YSRLpeIImLAjXPc8exdX4GbIf9d3VeO/ZG7Ryt0Xi+u6ZztEZ9DtzuGa0f Y9Bi/GlxbSjOKWfx4kV897s/ZsWqVZi9viiORCKReLdhAUwUCYJ6QwzWPfU4c2+5kyCWisQl dkrnd0fFi/LayjUMH3Ff3XueBPq7nNYVK3iuzwBcXo5COUSP7M4mCy9FWHaDmPhHVv46BLqP L5gqmGvmV2ecyYyXFyEi/P3xx5g0eTKtLc20lUo88Ze7OOmEE9kqSqW0hksu+j3zV2zAmaIW +7HXXnjNlMwMl+fccO1V7LfX/2P/j3ycPw+8kaqBqcOkiqgjD5AVYtm0gjfDayCIx1eaOOHo wzi5x3lUDJwqT426kQ9/6FM8PGse3imZOnzWitcMVYnb9hW8q+LVyNWQ4piCekzyKH7UyMXR 3rqNv459gL+Pn0DFC95lDS/BVnjEQcww85hJrLQvMQxc1GJ4bbWJHr8+me//6Mc0VzOcKlMn Ps3wkaNorjpEBfU53ueoeLxaFFcWPfmq0fMtoqh3mAjOC1WnHV5qwKtRbW/i24cdxn8e8k0m TJzKxClTeXHic/S+8vfs/4EPcvk1/XEaw3C8yxG1IvRdUTVEpDAfr4UXvMTQ6dq5mc9iFIWB mBI0I2jWce5qiAqiEhdk1CGqePFF2kBc/HFqiMX9mzomPz+e9++7L/2H3oiq1S0u7IBsV9jQ ioUJM6kXTrMixSMei7Bl80Zuu20I1/a+mqOO+hHNrRuQRi+6KcFyXpo2kV+e+gs2bmuJxRRF MI331FQI4qNHthhrqoJJFfU5FQk47whSQdWR1a+px3xOtVzh7088Q+46Vlf3ZAKvt0sUx+aN 6/npT3/K7Ffmx2cgxGtSqlTiuJOMarmZEffcxe/Ou4A7ho/FBfDBuoy+eCtRMUSrmJURX3j7 NS/GiiCieC/F+UsM3a9d09rCkmm8R1JFfAtTpjzNH666iF+dcS6ZxfFm6gha4Z677+HqqwcV HS6KYyjuoWqMOBCpRnMB9YpZXhTc7LhnIlJ8AXfkqNfHXRHqVht3tXG5ddsmJkx4qv58mYb6 /+30+qgU18fH9Az1qFbqxysax71zDq+Gk7h4YD7HRIp5JyCSoVph+fKl/PqMc1i5dj36OiOq EolE4t1IkIAGwwVoD4rP27FSuePd4K0+wMTbku2j/UKI7ybOp/xz6CYCvfmVV1jx8IPkkuNr +b6dPE6dafR6vhkCXYMv8lkdzRsWcsY5F7C17DDvUe+o+igc1FdYt2IhP//5z2hzgupGrrrk Yq6/bRSZ1byznlqOrho4y8nbmjjsP/+LQw8/nN/1+DXfOuaHbK1UMcsxX2Lj5vVMmjmbzaUy wTIkb2LyjFmsWL2Olk0beeG58Rx+yBc46gcn8PzUaaxct57x993KRz78CR6aMpOZU2fyxPin WLTgFUpecOJxWYl1q5fy7NPjePyJJ5g1byEVLULRswpzZkxl2eJFNLW0MG3WTDZs2MDsmXOZ v3AZmVdWLF3I9CmTmDZ1ClOnTmXy1GlMnTGbcu7QvJV1a5bz3HMTeHLcUyx4dRmZKC6vMnf6 C3zv2G9x6NcO46mJk1m4fCWrVrzK1JmzaBfFi8NV21i+eD7PPP0U455+hpXrN1IVxUvGhvWr mTZtBqXWVubNmc34J8cxb+FS8nrObhToYkbWvpXjvv51Dj/ieNpzi2JSqry2YAaf/MjH+Mmp Z1LJPeKqtLdsY8LTTzPuqaeZt2ARmfOIxIWILZvW8/xzE3jq6WfYtHkLs+fMYeGiV/GilNq2 MXXqZF5rbiM3wVebmDdrMvOXrqAihoijadMaXnzuacaPH8/sVxbEa6GGSUZ7yxYmT3yevz/x JFNnzqa9XGXlsiXcdcMg/vU9/8rZPS9m+sxZtJUrLF2+glfmLyDzQufgESuEuUc0Z9OmjWzY sJE887S2tkcxJYp4h2kLTdvWcty3f8aWpuX4usiK47tSbqVcaqalaTNZURxGNYaVmzpMc7JS E+vXr2dLc1v8jIH5drJyE9uqjlw81dbNbNq8mTaneA2xjYtUadq6jZ69rqC97OvifE/ylOKi kqdabqPS3kpLSwul3Mf5oHiuTQWVnFKpibVrVpBlVcZPmMhNd47CF5EJrze0/p+N+oBZiSzf Sqk9I888ImU2bNnI5m3b6lFA6nN83s7mTRvYvGULmShiFOPAMMmptDezfs0KWptamb/keX55 5lnkFheA1JXJq820tbXR2pY1FEkzxDsq5RLVShmXCSJlNm1ew7YtrYgzREr4vIxKzrZtW1m/ YSNV55Gat51Yz0HEs3XrFtatW0s592xpakZUEYnjZvnShfz5z3+KwtrHXHCzGEXTFTFszuF8 M+VKS3EsVXLfTHs1o5Llxdh0qM8oVyq0VxySO6qlVtatWU25muFEEV8lz1spV9ppai1Rrh1/ IpFIdGNCgFB0NvIBsiD4IKmXdWK3NEa1ddR7SQs6NbqHQH9pBq3TJ5KJj0LMOnIru+LNFOhm igZBg2G+wsQnRnDZNf1pk1CIckduoJpTal5Mr9+cxsUX96FqGZo7ht/cl2O/cwotWfTkxPD0 uL34gt3K3Oce50MfPJC/zHiFZS+N4+CPf5K7//IoZhlYmVGjh/PRAz/LxDnzMSnTsm0lHz/w YHpfN4SpT41jn/d/gH3e8y+8Z6/3sc/79mXozTfzt/vuZP/9PsJRJ/6SD+79fvbe+338+ycP ZvaS1Ygpr8ydwRcOOpD37f1e3rv3Prx//49y2bVDyUTZtnUThx96CD/8zrf52lf/h73fvx83 3nI7//vVIzjjrJ6Uq44rLjmP9+29F/vsvRd7770Pe7/vAxzwyQPZ0trGjIlP8KmP7M++++zN Xvu8n333/wT3jHmQtm1bOew/v8De//oe/m2vvdhr3w9z+tkXctmlF3Hg57/ENmdkWYmnH3uA T314f/bZey/eu/f7+PiBB3PjHXehlnHHrTfwyQMO4MTvf48P7fs+9n7vPuz7gQN4aPxEasXL Yii2kbdv5rjDDuOwb5xIS7WWA19m2viH+Mi+H+BXPc7Di7Blwyq+dsh/sG9xLvt/9FPcM3IM IkJr0xZO+P6xfGCfvXnf+z/AUUd/m4M+81mOP/EkKlnOopdnsN9++zFy3HM487Q3reab/3MI vzj3YprUWLtmGT/4xv/wob32Yu+9389+HzqQEX95jNbM4/My3z3qCD6wz97ss/d72ft9H+DE k37K1Zf9ng/v9f/4t395D/+2z34c8Ml/Z/a8+Zx1zrmcesZZtGc5vnEsB8XM0da2jfN7/pb9 9/8g++//IX7yk1M4/fTf0NzcEqMACoHe0rSGY4/+BVuaFyAWw+4JjrVrV/LRD3+ID++/P1/6 4hdZvbkJbxReU4dzFSY89Rhf+8oX+eB++3HAJz5N38E34lXJWzfy3186iC8e+g3+9tjjfO5T n+CD+32Ui68sohQkY8mC2Tz1xDh+8tOzePb56UydOpUZM2bskUA3FSqlVo484ht86IP78cH9 9+eFqdOjB11DTBtQz4RnnuDLX/oCH/7w/nz3+z/itnsf4MY7R0fvueVvO4FuEshdE8efeAwf +cinWDBvKX37Xc1HP/5xPv+l//r/2Hvv6KrqrP//v+/6rVnjjGNBQh8F6TAoRUUsiEgHAVFR QUEUBEFQ7A1UFAE7FgQRKYoNVMoA0iGNUAMhPYSQXm875dNevz/OvQEUeGbmmUdd5LzW2isS k5tzzz3t/dl7vzcFhaVopTl6aC+39+tF/cvqERfXgAmTp1FRE4qaFCqKi3K5qUd3GtZvQLMm Hfl02WvcN24sUnueAsk7t9Ky+d+Ja9CYkaMeRQpZW6YuHJsB/frStHFjft6wmzdmz6Bp00Z0 6tiD4qJKpKjBCpTx0nNP0axpUy6r34AePfsQn3LQK1s3ikCgmjvuGEaDBnHExcVx79hxjBrz ILbjIhybI/tS+O7LpYwdO5pdu+LZtTORfXsPIaVzTrM2oy1+WreMuAb1+ezT5SgVYvbc57ms QVPuuPteLNvGKIfkXVto3LAJD46bSOqBg3T5R0fq16vHq7NmI5TmWG4mnTp1oH79OFq3vYr0 3GOIP1g1hY+Pj89vjTGx6sloi54r0K6pbdvz8TkbtbrKKDyDWeEL9FM47wW61pqKXbuoOZiC UJ4TudYy6uJ+5h5CSyhsGSsXPmUE2r/5t2MriybWw6nDvPfaC8x6820iUfGupSQSDPPspElM uP8Bel53I6vWr8ExgrC2WPvNR3Tocgs55dXRDJ6s7SdXjkHY2VzXuSVjH36WoFAIu5LHx93P NTf04ljIRsgAKxfO4dJmbdm+JxNpXCqrcmncoD5PvbaAYCRIXm4at17TkSF3jiT3+HFqagJs XP4Jl15wEROee5eqsnJ2rP+J5nH1mfzOQioqC7mqXSv6jRhP/vF0Kiuq+Wjuq1wS15hdew5R WZrHTe1a0+jvrXjv4yWkHjpIwfEj3PyPttw99glCrqKi8jjH83I5lp/Bi888Sr2L41i6ci2W cKgJBUjdv4eqkiJKj5dwy203cMfoKVTYgpJjh7hvSC+69RpOas4xykvLeX7aBBpf2ZlIyOFA /A80i4vj4adepaC0nKL8QwzqeS3N21zFwYJSPn//Ver/+VJef2sBRWUVFOUeoNXlTRkx7qlo 3/rJDLoVKue2Htdy6aXNuLpzN667pjNdOnUkrnETxk5+kYyCYoxbwYQHR9Dt+r5k5pdQHSjg p6/m06lbb/Znp/PKsw9yxZVdWLtmO8FAOWtXfcPfL72E3kPHEHZd0vZt5m8X/Jn5m3bgKEWo Mp9bOnVg0CNPUm5VMWZ4X27pN5gDxwqoqSlj6aL3aNa8C0+/PI+jBzZw2SVxfLn6R6qrA2Rl HGHT9iQqy4pY9fUSLvjzX3j8xdc4nn8Cyw6QlZlOVlZOtGzYjd5YtTdFQISZ+9oMJj89k9LS MkLBKhJ2b+fO4SMprwzgKonSDkZbhMuOMejWO6gqK/cMCQ0YpZFCceJEIWn74xnc+2aOlxai lMDVGm3bZKYlcn3P29i0I4mqYDX5eelMGvsA6xISEUpQWJDGVa1bMH7iNHJKKijKO8rjD99P bkkVjmuxZuUiZr/4NN1v7s2Ls+fw+htv8uGCz4gIbxrBuR4GlAYhBaWlheRlH+LBYX3YsDMJ rQWW8ea4RipPMHDAcDbt3E2wOsCBfVsYNLwXby/4AUvZVJXnEKmJILWNdiURaVCF+dScqCIg o20Y0qCkibbHCK9iQCuMMES0RiiBFgJb2oQzs3FCYbTS2EohpcCSQXR2NipxP3Z2LhEnQsCW SHWyn/zU64trvKqHSKSakUP70ff2cXzw6RLKq0ooqwygHIEdKmL8uNEsWPYdRRXlVFfk8/wz 03j9/Y8IGXCsSp6Z+CBLvvuZqpoglRVpPP3IKIbf8aBXGm4UbihMwYl8PvpgNgOHTSEiTNRk zkFqiFghRvbvxcCRY1nw+RIqqqsorQ7gCM+74uvF7/DI9OdJLygiUF3Khh+/pnf/gRyrDqBF DTOmT2L2h4vIK6kiVF3I+jWr6dN/MAFHYUVCfPn5pzz3xKP0vW0oL8x5h1mz3uDzhcuosRxv 0saZrr+AUDZOpIpvl87jmfmfY2lJJFTN1/Pn0Pf2+6gOO7hCElSK/Ylr6dblVkaNnkRGbh7V wQqC1UFsA8IRnCjOJyM1meuvG8m+zDyMPNtoNh8fH5+6gfe8BFJZCBlAOoZK6aCdIKa2RelM 3iE+dZ3TfWk0Ilod6kjlu7hzngv0WAls5e7dhA7tRSlRK9Cdcwj0nfGJ/Lx9J47ruTzDfybQ 4VSBrjA6witPT2XO2x8QVAatBEq5aA3KcVG2xdZNGxk0aAjVloNQNj+v/oIrWnXlcH5RNNsk TxqKuS4pCT/xtz/9haVfrqKgupxARTlfLl5Aw8ZNWb8/lYi2WLloNpf+vT3b9mQgjKCi6hhN GtTnmVkLcZVEWOX0v6ELd455uLaUftOyD2lQvzErE1PRyuVE9iE6Xt6Mkc/OJf1IEpfH1Wf2 R0twZRglJdkHt/LnS+rz5ff/pLzkGNe3b8sN/YcQktHS/socbvlHG0Y+OJ2IqzE6gBIRco8m 0qRpE+4fNxXHcbGUIFBRwIyZM7lj+Ahuu74njRpdSp9h46kSGm2V8NDIQfTocyeVlo3W8OK0 h2na4iqsoM3yBW9Q76JL+WbTdmylkaKSD2c/R70GV7B9fzqff/AKjeo15XBeCZYQaKeM666+ igF3Px41YvMuCLUC/YZruLx5G55+/nmef246HVq3oWevPhQFI4Q1GLeKm7p3omHTdlzTYxA3 97yBXtdeTeNmV/DjxrX07XE1fYaMptqSaGXjhirp2vIKeg8dGxXoW/jbBX/mw03bcaQkVHWc Wzp1YPDEpzleWUyvrp1ofHkrrr1lEDfddAPXdu1IvUsaMvr+h6muPs7V7Ttw7c29eXPGDNIP JlMjFBErTMLmVVz4pz/x0twPon3Btie2pEbJ6NgpvKywbUBGihgyZAhVgZpof6+DY4X4+svv CIQshI6Keu0QLs9n4K3DqSqrxI4JdB3rB5dUFmUwrH8v8kuLUEp4It522PzjF4x5aCIbtyey dec2dmzfyJxXZzBm6jQcV1FVmUOnli34ad02IkahrABvvPgYqXnFCGVhZBk1ZflMeOxZqh23 1rfAiZrQnEsseb33CqlsHLuKKaOHsWFnEsa42AaUdMlPS2HixCeJRL0QlCzjy2Xv8v6nq3Cl Re6G1RyPz0BIjZIGS2kyVn+P/c/dSCFxjMSJ9uFpE/VScKRnpOcYpDRopRFSYwePs6r3ICp/ /hktNGHtlYqnfTWfH8Y/wIbHn+C7qU+wbc4HWJURjDzduT72oCOMQEgXJW3uGTaAR6e+iqs1 QllYSmGkJP3gTkbePZx1OxLYsms3u7dt4IfvvuTuMeOpsG0Clce57boeBLVAaIFWQfZt2cTd 9zzg7TOjUK6LUIIvl37CwKGTTxlpKDyfASUYOeBWbh18HyFHIlwn2ueucYKVPHLPQD78fBkb d8azc/smErb9k2F33kNKZgGV5WkMuKknlY4gojTGEQRrKlnw2RcEnZjfhUV+1kFmzniVGo3n 6eBoHM05BbrWAqMsNq9ZxDPzF2NFt3nD8k/oN3Q0NWEXISWWgfRD22gY15r07AJcrXG1hXIV rvF6/YWyCZQXcGOPe9mXmYeW/pOmj49P3UZH73lKuigVwTiG4uRkcn5cHRXoUc8nfHHuczqn CnQlBVIpjheVsPqnNXXewR3Oc4EO1Ar0mv3JntGWsv9Hgb542Zcs+mIFQqr/VQa91jk4OqbJ aIs3X3iSN+a+Q9iAMS5aO7hRUayFTcSq5IlHpnIw/ThKhtn4/TLadLyOjMLS2h5YHRP8ooyX nprKhX++lIsuqcdF9S7i4osbcOnF9an3178wYvzjVCiXbz59k7imbdmekobUitKSPBrHXcZT sz5GaIUIFTHghs4Mf2A8wegIus3LP6RhgytYuTcDpW1O5BzgH5dfwahn3iXryG7+Xr8+sz5Y iFDemKr0lE38+aLLWP7dPyktLaB7h3b0GnY3QenNna6uzKVXp7aMHDMN21WgA2z8YSWtmzbk ocemUxpxkMLBtoLMePhO2nW7ju37DlGSn8vgvt25bfBEqlyJtCsYe9cgbuwznGrbG5n38tRx NGvRETtos2TBHOpdVJ+vN2wh4kpct4Z3Zj3HZXHN2Ln/KIvef524y5qTdqwIoR2UU063jl0Y eMcTpwl0oTyB3rtHN665viflgRBShlnz3fc0rN+AN99eTEBojBuiZ4/O9O4zlIKSKgpLT1Be eoLC8hJKS/Lp170LvQbdRantGfZFqkq5usXlpwj0bVx8wZ9ZsGEzrtZUluXTvX0bBk14ivyK Um7uejXD7x5NXmkFpaWllJUWUlJYQml5DUJWUVpUxHfrNzJ/9mx6XdeZfiMepspy2bP5W/72 //0/XpjzftQczhNYQujo+EAXY1yMsQkbjVNznAGDBxOwLLRUaOWglUAK45lkxQS60gTLTzDg 1qFUldZga6LlbTJqQmZTWZrO0P63cKy0GKkEttEo2+af33zC3SNHMuOV2cx89RVenfkSb7z8 El+sWo10BZWlOXTt1IH0nHxsrVB2Ga+/9BSH80txtI1RJVSVHeORKS8RcIS3wKVPcYg9R494 zMTOyzZXMOneoWzYmYjRbrR1wSVj/26mTH2BsAZXSbSqZtPqJby7cAW2ilC1+htKdx/BUi6O lkS0IH3VSuytid7sd3WyukUrjXE12vH2n1IKIzRGGlytyVz4Hpkfvcfm6dMJuRJpR1A11aRP fhVdU4MQEhWyiRzJJeiGvTLuqD/Cqa03yjhI6SKlzb0jBrJu8x7sqHGcrb0M/oHkzQwacBsv zXqDma/M4rUZL/PqKzNY8MVyAq5DaUkOva7tQUi6UUNDh7SEeO6/f5y3CGI0ynVwpWTlsoUM HjbRE+jRa5xnDOlw58A+PPfucmxl0MJGK89oM1xTxajbezPpscd56ZXXeWXmy7w+8yVmvjqL 7KJyiopSua17D4KuwlYK4yjvWiA1EeEZ1ClhkZd5kBkvzaBKSYR0kY72jC/PMUpQKq/qY/O6 z3nhg0+xlUIrwbefvMttg0YRtFyUkggDRw7uoGevEdhaYyv0lc02AAAgAElEQVSJ1C7ajX5V GqEFwYrj3NjjbvZHBfpp7u8+Pj4+dQxtJMJotNBIo5DCcHzRQvY+9hhGCLRSvkD3OSOnCnSt FFJpDh/N5I05b9UaxtZlznuBDlCxazfV+5KQ/2IG/fNlX7FoyfLaWczwHwr02NzdqEBXKsJX C9/mpVdnE1QGIcKsWfMdx4qKiAiBcG1SD6cwavg9FJTWoITF14s/5rqb+lMciCCkW+tAr7VL +sGNXN6oGW/OXcDx4nxOlORxorCMwhPFfPH2KzT7e3s27Exh549f0jSuCa/Pe48jRzNYtOAT Lv3bX3nmjQ9xlUaEKxk1pDcdu93AntQ0iiurWLfiE+Ia/J2v92bgSpui3CP844rmjHn6bUKB Am7uejU39xvC3uQU0jOOMOO5qVzWqAkph7IoKz1B944d6D3iHkLKywxWVebQ6x9tuGfMY1i2 IPNoAl07tKHtP64lcc8BjmTnkHrsOKGqYh6/sy/tu13H1pQD7Pp5Ex1aNaX/kAne3HgnyPRH x9KseRt2xO8kt6iUl6c+xBXN2+OGbA4f2kXrFi0Y/eAkDqQeITklme5drqLjP7qSU1TGwvlv cllcCzLz8tHaRoogXTt2ZdDwabUC3QCuVFjBMvrccB1drh1AWcATQm6okikT7qZJs8vZGr8H 5QqenDqOJo0uZ836zaRlprI3ZR/f/bCFSKCSt2ZM5vIWLVmw4gcyj6ay+OP5NLv4b9w27EFC rqDwWBqNL7mYeyZPJiM7h+UrltD4ogsZMn46lY7NxAdG0bJVB75fvYasrGz27k1i0dcbOVJQ TXl+At+vWktq2kEyM/KY8eKTxDXtwLHiSlKTfqbehRdw1/3jycjMJWQFyc7LJSMzF1doT7gY h4jRGFVNWLhMnjiBhd+tQ9gOQthUVlWSkLgPy/ZmPksRIRK0KCnIZOBtgynJr6DSsrCUZ2an hI1lBTlx/DC3D+xNdkEuoXCIkFIoR7B31088OnkSJWUVuFLiuILKkkpOhMNox6G86CidOnYm Les4rgzjBMuY+cLjHMoqICwttKogVFXIg+OmUl4dQAqHouJiiktKo/1v8uxz4qVECoegFaI6 UMbEe4eydstOrHCAsJAIx6K6OIt+/Yew98gRIpEgeTnpjL3rduZ8upAyFaZkzUpKV64mkr6H SNoBwmnppH/8EZXbkwhJ7ZmQKeO56RvPMCeiNbZyCZsItvIM25yqElJHPkE4L5eD731MIL8c GQ5jWVXsffplinYmUlNcgQwFkG4A1wmjpMXRtMPkHsuvHannVS1YKNchGKrhnjsGsGFrCsFw ANuJEFEOQkYoL8rjsYkPkZWfjeu6SFdSEwpRXFmJqwS2E2Dk0P5s3b2fcMCiInCc156fztCh ownbAlsLhBUkEIywfPEnDL59HIGQRdB2omaFDk6kmmED+/Pagq8JWDaubXmTAzQo4TBn5nN8 9+3XhCwLpRW2FaKwpJCQK4mEwzx49xB2JsQTjrhIN0BpWRk7k1KwpZfx1lpwPPcoz05/jjLb wXEsThwvoqCy+jRH+V+itEAqi10/f8mk516kMhiitLSEyfffRe8B91EZsr3JDq5kf9IWbus7 khrboiYSxhESZQlcFUY6NkErRHlROj26DyU59ShWMFxr2BhzxPfx8fGpUxiBMF5VmWugxkDh 4vmkPTbFy6BL+T+Pm/Wpk/yyxF1pSMvI4vU35/3LE3rOZ+qEQK9MSKAiJQGl5W8s0EV0prXn cGm0TdbBHUx8/CWqhcZ1Qnw8/y3adWjPgw89xPgJj9CtS1c++ehDpFY4UjLn5eeYNP15IsrL VKnoOCyjbJ5//BGubNmR8rCFVDbG1UhlI5VNUc4huvyjM3fe9xA1ZWWMGjaUevUvI65BE3r1 7E3zZg14Yd5H2FLhCMk/v/+CJk0v57J69Xjjrbf56bulXNG8JT/sS0dJTXFOJt3btmXcs29i iQi5GWlc070bTS6rz2Vx9bjyyiv5aMFHOFJSWVZAr66dGXjPaMJSoqQgUHOMAdd2YuyEp7Bt wbNPTCDukvo0aNyKepc05NLLLqVpiytJy0znUNJmWrVqRf36jencsRu39OzC0BEPE7YFQtgk 7dpAy1ZtiWtQj+H3jmXmk5Np26ErViCMK8pJ2r6BDm3bU/+yOC6Na8i1Xbvww+o1RKRmyYJ5 NL28Lbl5uQhp47phbrzuRu64d8qvBHokWMaQ3j25qedgKkIuUkqMEyElcR0tmrfgzvseIhxx CFTncc/wYTRocAWXxV1KgwZNGHHfBMpKywlXnGD0vXdxWVxjGtWvz6g77+Sqy5tw27BxhFyB cYPcP+x26jWKI65BQ27odTPXX9WJOx99mhopqS7KZfSoMTRu0ID69eNo0LAJ/YdP5Muf4on/ eTkd219F/QaNaRTXiMZNm/LsjNnYrk1NuJJnn5lGo4ZN+PsVrUnck8SESY9y/5jxhCIOKprx toxnpCWUS8ahRK7qci1jH3iARyY8xC239GL0/eOxIg5K2uxPiefuO0YzdEhf2rRoz90DhnP7 iDv5dt0GhGuzbctmhg4dxuCB/WjTogVDhgzhjmEj+GbNOpSjsIIneGDMAwwZNJDJU6Yw/uEJ 3HDtjXzx0xqkXcIL0x6h6d+bcd+YR6iujDDrpSe55qpuDBgynL2HDiJEAG1XMfre+xg5ciQT J06ia7furPjm+9pyan2WniUtBTnZGYwafT/Dhg2ja6vm3HLbYO4cNoxX31yE4wqUVcZLL79C 69YtGTawP1d17sykSQ9z/Y038dX6HyhYu5L19zzCj09MZc0TT7Jm6rNsHnYP1oZkXOmN2guX lhIuLiZSWkywvISa0mIiJwoI15QQNgpHOpRtW0vi519jh8o5lridhJlvY7k2trKROQfYP2sG Xz14P9uee4aKlGSEcBFuhNt692LK408gdPRhR0mMjhAsK+OBe+6mfasW9Lz1dobfMZzpTzxF tR1Gaa8y5cP573Ht9dcw/qFxTHhkEj179WXmq7NQ0WvKrh1radDoCob0HUyv/jcxccxdXH/t DTz/8luEZYSF781l+LC76dWjO61admXYsBHcNXocuUXlBCtLuP+uYbRqeSWdr7+F24fewTPP vUC17TmdG+WQl32YnjdcwwP3j2bio1O4Y8QIbrz5RoorKnCkJCVxKy2vbMl99zzAxEce5sab evLg+EcJ2Y53nTYKK1LB+DFjuHfcOB4aN5bu1/Tgx5+3n3Ume2w6gWtcTmQncs1119Gvbz+u 7tyZ56c9QKeuvfjosy9whMOXny/n9j69aHllF4YMv50Rd49i/cYdKEfhyjApCTsZfuddDBt8 K80v70KfgYMYOfwO1m3egasMUnPK/aJuP1T4+PjUHYyShLX27iVKEjaQv+RjDj42BSM8ga5j lWW+SPc5BV+gn5vzWqDHPtyqffs4vOaH6Cxp96RJnD6zQF+y7EsWLVkWFdX/JYGuDEY7OKEi Ro56mKzCcpR0UCJEWVkxe1P2kJicQlFBKZYIoVSEsGvx/LQp/Lxrr9drGb0IxgR6Rupe9h5M I6AclHYxjsHoIEoFESJEaup+Ug4eosZ2CFaVkLwviUOHj1BRVcnePTtILSzySrk1KKeGwhP5 JCfsILewkOLyQhKTd5EbsNHS4AYDpCbtYP+xQi8j6roEgiUc2bufnUmJZJcUo5Tt9YbaNRxJ jmff0aPY0kUrieuWk568k0OZx5BCkpeZzO6EBJJ3J7ErPoXdybtJ2rOTciuClDbFJ46xN3EP pYUVpKYlcejIURwpEVKgRIDCklISknezP/MY+dlHiU85gLBchKxCO9VUlhaTkrKPxH0HqK6q REqDqzQlJ44Sn5JEOBKMzkh22L//AAcy8lBRN0kD3kxzN0jawV0cTN2PJSVKC7QrEVY1KXv2 kbTvMCFLoUUlbiRIZlYuO+N3cfhoJlWuhSs12tJEaspIPZzAof0pBCtL6dLqSvoOG0fI8fpj IxVlJB3ez96DBympqSJ1bwp7snMJShctAoTDIbIzjpCQGM/hzGxCYYEtDUoFqSovI+VwGim7 t5Oae8wTc3aQoJKEHYucrHQS9+wnEA6RkZ3N0QxvNJrUEh2txggbr5fedQNUFOexbfNmNm5Y z8HUVIJhGym9io2a6lKS4lNISNhGQnwye7ensCMxgeyiYqR0KS8tJTEhmaSEZJITE0hK2Epi /G6yi0uQQqNFFRE7wt6UZNatX8+2bTvJOppFtVQoWU76oSR2JyWSuHcfVliQkZZEcnwK8UnJ VFRXoaWDEQHKinPZumUNmzZv5mh2LhGhENEZ8Gc7R7WShALVJO5JYlfCTvbt3sCuJG8796Uf w1UaowJYdoj9+5LYuG4NR3KPUVpTxd7diZwoLKBi7WpCWw+ghY0jbYS0yf5mJeHNCQgpsMrL ydm8lfwNmzj+z43kbdpI9s+bKVi7ifLDh4kogR2oZO9Tk9k69il+fmI6ux+ZTPLVvcjPzMF2 XYQtqXEsVGUpkSMpbJ04nUBhMcIJs37dGj74+FPc0wS6hbAskhLjSU7YxI7de0hM2MWB/QcJ CRupBUpKHNsiO+comzetY8OmTexPPUIoHEFGx60JYZGWuY/N/1zN1t27CVUVs3dfIofScrCU RV5mKgnxSSTGb2VXYrI3GjHlAJWWi2sH2ZuwjaSkJOITdhOfEM/ew0cIKB1dCLVQToiKknx2 7tjK2g0biU9OprSsxPPA0GG0oyg6kc+2bRvZsO5njhxNJ+QIT/hqEV2cjFBQkMm6rT+zZfMm 8vMKCCt5DiMZjdIS1wiMLONA+hE2bdzIodRUAhU57Nizn8z8EzhScDw7n727t5CwO4HdSTvY lZTI8cJylFA4yqKyvJD4xHiSEjcSn3CAXYkJJMXvpqCsAld7Jkmxv+kLdB8fn7qCUZpqrXG1 RLsuUiqOLV5EypTH0UJ6LXMxY2NfoPucwq8Fuo4K9Ll+DzrnuUCPUZWZxY6576Icz/HXNgot zu4O+PXXX7NixYr/uoOg1hopJQ8++CCrVq36VY/FyZEDLkZbFJcU8uSTzxEKhv+r2+Hz22MM aGnhuqV07NieQYNHE7YdlDn7iCifcxAdy4ERaO1SUVHCsfwcCgryKSgo+FWUFJcjXYOSnnkb Rp3TUdbWGulER7C5mpCIEPj2R2p2H0Arg1IaR9rkfLMJe0sKWjtn3kwDRnqO50EZJLgziZ3j plF2JIeC3Fyq0o9wYPFi9r4yFxOpIpB5nMqaCkKBIuzMDNZNe5bqwjyEcFi5ciVbt279v9un f3CM0QgjvAc97bUtaBWgpDjvjJ95QUEBx48fp7q6us7f6H18fHz+TzDKm18tDUIZbBOhcPlX JL7u9xH7/HsopcjKyuLdd99FCC+BWpePnzoh0O2KMrZMegarpgrtSpyYidNZPnittder+V+8 uMTKNbTWJCYm8tFHH9X+jRgnBbrXK596+CCrV/1IHT4+zxs8oWYjRBXz57/PihU/YbkCdY4Z zj7nQoOJjh1ULnPnvkm/fn3p378v/fr1+1U88fizuHbMwV7+jwJdG4kSCmFA2xpLuuRt3Ubp vjSMMmitsLQga/02qhIPIMyZq3FqDd2UIuiE+eG1eRz/cQvaUkSkQIswurKEne99jHRD5Py4 moRXX2fD40+x9a23yduZiF3tIm2FlPK060VdwxiNik2x0KCkRIoA4x8ec8bPvF+/fvTv358V K1b83pvu4+Pjc96iDLgGb5SxcHBkiJCM+GXKPv8ysQSmlBIhxGmaqa5SJwS6sMMcHP8MNTkZ aNetdU0/m6GUUt7D8H+7xCL2WkopXNf91eufFOheKb6QLlIoX6CfB3gu4gKjI9FxZybqQF63 5zz+50Qd96OjByOREIFANcFggFAo9KsIhyyk8Macae3NEz9VoMfOw9qvykUpQcRotK1xhMSy bHQkOhZRa8JGogMWdtjCMWcWzjqa7TXSYAmBUxrArXZQjiaiNa4RaGkhKgLezHhRg6ooRhcX IQOV2EriOt6MeaVUnZ4Laox3vnjj00ApiVYWoWDVGT/zYDBITU0NkUikTt/kfXx8fP6vUAa0 MAilsY3A2AJhS1ypfJHl8y8T00Oxr/4c9Doi0I2RZLz0Numrv8UIy+sZNGfvQY89CMdE+m/P yT5GfyzF+UQ0exsTh7Hv+fyH6DPEmTk9W37y57TSOI5TWy0jhPBWb6XnHG4ZjXa9UWlWdGSi 1KCU8cS7VAilEOYss7iNxo0KdKUM2jE4yqBcg9Be1gE0xvXK6V1pTjGBMxhpkOfora9rmF/u Z3P20Xo+Pj4+Pv+3KANKGISMCXSF4xhc5Qt0n3+PX2bO6/pxU0cEuubE7ni2Tn8aYVV5hmtK Yc7S/xt7SPdNCnz+25ioIIsJdZ/fijML+Ng57rouruvWllnFFua0jpWoe5MYtAZHg5IGYUBK T3AbdWYJraX2fl4ZtDII12DHXjP2+tIT4jr2c9p76HEMhLUiYgTqLAsAPj4+Pj4+vx8nx4oq ZXC0JqgjuNrxRZbPv0wsMRp7Hqvr2XOoIwJda41bVULSlOmESwuwNUghUdo5JYupMcbLbGZm ZpGWdvQPItB/77/v89/h5PFltI4anCm/QuI3Q58106q1xhWCVatW194YlNa14tkb36YxUavu mEA3eALdlgYjzibQDa7yzHPUKQJdah110ff+xskxNA7aOBgj0Nrrx1JCntUvo67xy/PFP318 fHx8fj+MlkgjvUVroanSgsCBwxRvS/AqUVXd9U3xiaFPJiSU+dW4PYPXNuhKSXlFJfv3H/Cz 6NQZgQ6ODpP77Wpqft6OrRSOEihlR3vRXbRx0UZipGHxkhV8unipdxD9b8as+fj4/MGJim4p 6dmrDyHL5n8sl/8f/n2un49lzs/+O6eX65/LyM7Hx8fHx+f3xEhFQGtcraItX4Zjny9k/2PT 0FJ6I12jVWNa+8/RdRGjFbZS3mQcS1ElHCJK4QovcaGUQRmNrTWHj2Yy6425p/Wj11XqhEBX GrQtqS4oYN34aUQK8xHCRUntlZcKjZEyOmsXPlv6FYuWLPcepH2B7uNzHuOd37ZU3Np3AOF/ QaD7+Pj4+Pj4eBNKIlqjtWduXG0gb+nHHJwyBeMLdB/AKI0rNcqVVBzLImKV4UoL4XqiXAmJ FgJHCo6mZTDv9Tl1PnsOdUSga6ORlibiSvZ+/AknFn+GcMNIaZC1M3W9PlBlYNGyr1i4ZJlX fuoLdB+f85bY+W0JSa/b+hO2HeDsIxh9fHx8fHx8PIxRuEajpYs0FkENBYs/JtUX6D5RjDJE lMZSEfY89yxpYx6mavcOXCeM0C5SS6TSaEdzJCOLmXPnnObmXlepEwIdNI7WKEejrQB7Hn+G 4r0pCOFiaUGNkQh10qhp0dIVLFnxNUKq2rnDvkD38Tn/iBmSBC2bW/sOIBCKeOO7zjKC0cfH x8fHx8dDnSLQtY6gXEPeZ5+xd9oTaNdFGeUL9DqOUd4YPiHCZEyeSuqVbVnTqQu7xk3BPVEY zaZLlGU4kJXDC3Pn1Tq612XqiEAHoTVaKLQWFO3fz4ZHn6Y6Lx1lhQhpB6G1Z16gDN+vWcfK 739EKIVSvkD38Tlf0VohhMByBQ+Me5hgOIKUAr/E3cfHx8fH59xo440ZVcpFKgsTMOSsWUPS W/MwrkBpz3TVF+h1F2PACINxLQ5Pnc7Blq3Z06oNB5p3YOeAOyhYv4ZIoAIhJFkZx/n0k8/8 DDp1RKAbQDsuSlkEjCYS1jiZh/l2QH8Of7gA7QZQWtZm0G2lsIREKoUUAhM9SDxDOT/88ON8 Ca0kSkocqQg7AqEUUgqMVr/7tvnhhx9++OHHHzqU9HqMtYslbbSlqREhdLgcLQRSe0LLqJOu 3L/7Nvvxm4bSGqE9c+60ac+S1aItu9r8ncS2zdjf8nIOXNGe3TcMoWzfPiLKQSpZO3atLlMn BPrZUMEQxzZs5NDsd1k79RnWT32SrY9OI2nsOLYMGcT2wf3ZObAPuwb1Y9egAeweNICEQf39 8MOP8yTiBw0g4bTzegDxgwYQ/wfYNj/88MMPP/z4I0fSwL4kDepH/OD+xA/uQ8rAXiQM6sfO IQNPub+eGr//NvvxW8cAkgYOIeHWQRy8qivxrZoT37oNR1t0JLlVB7a3aUtyqys51LojGx95 HBWxfm95+IegTgt0VwuEEuigg8ovRaYfw92bRmRbAkfmvEXGvLfImjuXrLlzyZz3Flnz3iJn 3jw//PDjvIm3zhK/93b54Ycffvjhxx878ubO5fibc8ibM5djb87h+JtvkvfmHHLmzsO/t/qR M28eOXPnkj3nHfLmvkNy34EktmlDcqs2HGrZjp1tW7K3VTsOtOlE6h13UbR2DcZ1f295+Ieg Tgv0iNZUabA0CO31qUutcJTG1RpHShwpcY3GNt73tPDDDz/Oq3A1SqjT/v27b5Mffvjhhx9+ /MFDSok2FsI4aK2IGHBkBGNZaEedfj/17611MoyjsYXCliHSpjxOVotWJLZuxZa2LSlo3pp9 PQaQvXEdIVmKUpFa76+6Tp0W6Fp6zu4ietEwUqG15GDqIQ4eOoAUIYwOgw6jjIXUFkJF/PDD j/MkXBnGlSECVpDPVywnZIdwRQihwr/7tvnhhx9++OHHHzls5WALQVgJLGGoVobiI/so3LIJ Kbz7qKsiuCqMf1+tmyGlg6MVQobZ9/hUklu1IqVlaw5cdT0pM2ZQeSwXS7pEpKCspIrEXSm1 JnF1mbot0LVGKYVtFForjPLMDBYt/YoFny1HSo1W2nN31968dKmMH374cb6ElEipCdmCnr2H UBNyUEKhpP79t80PP/zwww8//sChpMFEFEIJpK1xXUPOZwtInvI0xvbmWwulEEqjlEb9AbbZ j982hDJYWqNci9Qpz7Cz4zUkjHkIKyEJHbFwhSKiFWEpST2SyazX3/YqM7Su0yK9Tgv02Fg1 x3jiO+bivnDZCj5duhypNVpJTnN0Bj/88OM8Ca0lUgrCruTG2wYSsByUcNFK/O7b5ocffvjh hx9/5FAGtHAJGQvblUSM5MSSdzgyZSrGlSglkUahjMIYhTH+c3RdC61BSoO2JDnf/kDF9q24 gQpcJXGVRgqFFC5SRDiSkc2sOW/7Lu7UcYF+NpZ8sZzPPl+G0l6WHSPBuGDE771pPj4+/0VM dARMRCpu7DOYgO1gtMafg+7j4+Pj43NutPHGGAvtIoQhZOD4kndJnTIV42qUVJ6IN3jzsM3v vcU+vwexbPgvRfepx4RShqPpWbwx++06nz0HX6CfkS+WrmDJFyuiKz8ajPLEufGNC3x8zi+8 m0BEKHr2HUzQF+g+Pj4+Pj7/EsaAsQUhLbCUQRgo/PQjDk95EiM0WipPxPsCvc5zJsF96jGh NaRnZDPbF+iAL9DPyM9btvLzlm2cvI7Esuh1u9zit6Kun5Q+vyXeim7EFYy8/0GClu35UfjH oI+Pj4+PzznRGoyQOFrhKoM0kPv91+x94y2M1GjlCXSDL859TicmzmNJEaU1OTnH+PjjhX6J O75APyMGai8ocPIA8h/afxuklL6Do89vQmyV1hWSopIyXCHr/E3Bx8fHx8fnX0Eb7z5qlMG4 BtcoIqEy7IpytPKzoD5n5zSBbiRaKxwhqa4JnrEcvq7hC/QzcEaB7pfm/GYopWpFuo/P/yUx gR67Gfg3BR8fHx8fn38NY7T3vKyMJ8iNxNES1yiUL859zsFJXRUT6BKlvUy6v7DjC/Qzoo1G nnKQ/Kfi3HAy8x4b02aMxkiHsC0xWqC0RBtQSmK0jZISVyvv+zKM4ziewYZWYNRJZ0TjGVwp rTFaoEUEaUBrET3IQSp9uvv8Ke/h1O+fud9WgxEYA9ootPH2A8YBI2sXMTjl972LdPQEi16w lYm+Z4P3e9GefhPdr945qGvdPZXWZB3dx8pVPxEREq1cXANKhtDaQmowRqKNNxZP1C6kaM9t n5MLLMoItFZIE9332omO0xMYpYlojdHeNulTPuPT97F3w1FGY7SLNgpldHSfeJ8BRmIFyykq LKQydC4jwV/2Nkf/2wgwCq2lt0+URmlvnwvhUlF8nKLKoPcelIp6IngR6+0itr2nHHex9xLb TqNV7fd8TqKUQivv5qCjZVX+zcHHx8fHx+fcGK0QRiM0OEajHYkjNELr2mc6Vfus6eNzOjGB HtMuQp1c2Knrz2G+QD8DQoOrYgL9pKj5dy8wOiqsjVRoZZAatHZI3r6Bx56aiRMJYCsbV2uE tHAixcx78x3W7NyDLS0Sd65iwaJFhIw3DspoF2W8sRZGa5QbxhYSaVex+uvPmTT9WcY+cB/P P/c0u/fsxRLe3EmjVNSR/mQYJTFKegLZSH4l0o0EHfa227hILdDSgK7xhK4BEXt/2hPXrgEj bFwtsTUY1+BojdYuRmkwoei+iKCli3Q1Unj7WGuBMRIpbd599VGGj51ElZBoGSKkNMlbv2X8 mDH89PM+hLaQxsU4knDt/pAYJaLC3AthLLR0sISNIwVS1iCkwKopZdqjU3nmnYUIN4KRAlef FLjyVEMTJRDaxjYKrQII7WAbhdQOUnuLLY4b4NvlH3FF02bM/WDl2Y6GU4wGozer2EKFttBa IIWNkgIlNK4SCOVy4kQ+/Xp0Y/DIRwhaAiVF9FgQGC1RBqSJLjQoXfv+Y6MBvf/vLU54CxTe 93w8YhlzpbxxMFr7fU8+Pj4+Pj7/CkZLwkYhNNhGYyICRylc5SUdlFHeyGK/EtXnF9QmwqKa RiqJMCD81gjAF+hnJL+wmLwTxf9rgR7LfNcKdOWJvEkPjWXZd+uR0kUoB6UFSgTZuG4VjRs0 4f3P1+BIh/LCLJ5+cjqlIcvLGGtRKz69nh+HssJchgzqx5UtWzJhwgRmzJzJqPvu4+9XXMmW 3ck40vs9reUpmeXo758Sv8TLbrteX5GxMdr25sQb1yc2JzUAACAASURBVHtPRp8UisYbo+EY MFIgtUBoMMIgtYsyNtpIT6ArF+GWMfGhUTz1zIs4UiGVQUmFUTblxdnc0r0zi1etxdYSJV2E DDP+gbv40/+7kBH3TaHKcbxqA2VQRkYzyNpbBCA2d1EhlYVUNp9/+AYD+g4kNS8fKSU1lYU0 b9qMm4fci2NH0EpGqw+iiyommtHXCqMkUklco9HKRmqJMApdm41XOFqya+taHh4zhu/W7T7H ERGbCHAyjJHeexAGoyz27dlEz1v6smtPKkIJyitKmfnkFF6Ys4CwIxCujRsV3Tp6fBrtYlSk dqGkNoMeq0owRBcD5Mlqin/zWD5fOSnQFcnJyUgp/RuDj4+Pj4/Pv4AxCttohDRYRmGETaTg OFXpWSjlVTEqc7oY8/GB0ytVvZG3ippIhMzc3NpESV1+HvMF+hlYtGQ5C5cs/18LdBkTe1pG hYCNG8zn/tFjyS8LIrVCShutwhzan0CP63tw9T+68P6SrQgpUXaYZ6c9zA8bd+AqHV2N1LVl 41qEePfVp7n44jjWbt2NcmoIK5ewHebAwVRySspxtcIYCyWDBCNhHOGijMYxeGVH0vZEvwYh XCKREEp7Il7GBKCysCMBbMfB0WBpr5TeyADSjRAIhwi7LrbW0TJ+C6UiaGlQKkQoEsAWAqE1 Sglcq4x+N3ZmxH0PEHQ9508jFcYN8N3y92na9HKSM48jtIurBGnJ67myRQsmTJ5Gu3bXsGZn ElpZ3nYIF61dZG2mWEYzxQKhLbQIMvuFyTRrcjn70jNxpKK8ooDmTRrS8/ZRRBwb27YI2xbC gNIqWsZvo7XAilg4YQcpNVqZ6DEh0Nr1yqKlIWxAyBBKWISljparq9rqgphQrjVT0V71QiQS wXJcHKURUmPcahI2f83F9Rqzbms8Qrq40kbblZRJhaMERka8G55WhCIWrhNBSTd6XIja964M CCWwrBqElAgd/by19C6E/k0yikZKieUKet3Wl2A4Urt45ePj4+Pj43N2ZLSKTwpNxCiMiZD1 xSJ2PPUiyvUSOtoX6D5n4JcCXWnNkYwsXn9zLkKIOj9qzRfoZ+DzZV+xaMnyX/Xy/icZdBMT 6EZjtEN6yiamTn8ZS2qvN1pZWOFyBg8axMpvvuGu24cy/4utKGXQwubdWc9w/4QnCImo4Kt9 XYVTfYz2LZpw+z0PEVAaI8PYWiCipeuu0Uhlc3B/PMOG3s6VrVrSrWtnZs6cQYXl4kjJso/e pXe/EXz7/U906Xw17dq25rnnXyTsGoSUFBZmM/Kuu2jdqg2du3bmjbnzKQtFkG6Q3Vt/YuDg QbRs047rrruG79f8iK1h774d3HT9Nbwy6wPuGTWStq3b0Kf/7exLzSW/oJCBfW+j2SV/Ja7J FXS7vhdz3/sMpTTCquLe2wfSskN3qmyJUi6uE2Ly/cO4te8wSqvLuX3wAAYNH03EsghrgXYk b77+MgOH30WVrTHKpuREJv0G9Of9RV/w2rSxtGrWgAv+ehFdu3XhoUnTKCjKoXXThtw08G6m TX+a9m3b0q1rV5Z9vxZbSqQIUV1ZxCMTHqZVq3Z0atuRyY9MoqSiCqUF2zet4aabbuDHn9Yw ZvSDPDBhKlt+XsuN3bvz3fp4KivKuGPYUG7scT0333gDPbpfR48eN/Djuo04jsOP33/DwH59 aXnllVzV6Rq++OobAkLxyVuz6N6uNX+64BLade5Kv/79SUpM5JH77mTaq+9jSRcjK1nz/Zc8 MHoUrdt1oH27Nkx9/AmKbYOrJQeSdtK3V0/e/Xgxt9zam/ZtruSuESPILinDUjqabXf8Mvda vPPblopefQcRtBx+7RXg4+Pj4+Pj80tiz6NCSi/xY1wKPv+QA49Nx0jP1yWGL859TqX2cIi2 e54U6PPqvDgHX6Cfkf+WQNc6tjIko9lTyZL5s3lp1hyUlrhaI0WAN2a+xLsffkbQsrh3yBA+ WLI2mrG1WL10Ad2u60tRTSR6odO1F8SMlDX85S9/Y+YHX3o91FqhjVNrNmaMRU56Cq1bNGfQ 0Hv4bvVq3p79Ks2bNmHS9BmELJt3n3+aCy++gmEjRvPTj6t5ZPw44uKasH5zIuFgNaPvHUT3 G/qw/Juf+GzpIh4Y9RAZ2TmUFmbTrlUL7n1oIt/+9BPvznmFRo0aknAwg9071nPRny6gbac+ fLLoM1Z8/int2rbh2h5DySkoYtmSpVzbvjnXXNeLjz5byq49+5BKEKwsplv7Djzz9hco5aK0 Q17GXtq2uII58xcjhc2n81+naaMWpOWW4moX42omP3I/zdt2otTWaBmiMO8QzZpezovzFrJ9 3TfcM7Q3l1zWkJmz32DV2g0Ulh6jY9MGXNqoNW/MeY/V333H7f1uo0GzDuw7nEF1RRF9et1E t67XsPyr71i2eAHdr+5InyF3UlRaxPofv+Siiy+l49XX8sSUJ/jqq2/48ZtlXPCXi5i/YgOR UIBvVn7Jks8WsmTxQnrf0pO4Bo3YGr+HcCjMy889w+JPP+aHVat56/U3aNQoju0HM0nYvYNX n3yMi/5Wn8eff4lly5eRnZXFrddczfCHpmNLh83rVlLv4kto0+Eqln79PV8tXUj7VlfSb/ho KiNhkrdv4pILLuDmPsNZ+f0PvDV7Jg3rxzHjnQWEo20RRkWQpm5f+GLEjPMiUnFz3yEEbKd2 JqePj4+Pj4/P2Yl5GgktcJRBa83xLz4g9bFpGCExUtb+rC/QfU4lZvCMkWA8r6y0jGxef/Mt X6DjC/QzsmTZCj5bsixaEnzyAPl3ry2eyZiKmnl5JeqvP/cUr731PkJaSOWwL2k7t9xyKxUh i5Btce+Qwcxf+j1SCBwdZOuqFbRp352ME6XR14qWCxlN3v71/PVv9Xj5vaWImGO6ttDaRssw UodZ89UnxF3WgPW79uJIiXZqeHbqRC68tBknikr58MXnuPDiluw5lI6WNmkHk2hYvwnvfPQl kVA5E8YMo8+A4WzYvoucgmNYIQchHD55bxZNGjdi7oIvWLJyOUsXvkOndm354psNxO9cQ9xf /srDT8zBVhGUW87oUUOo16QLqdnZ2FaQ23t24o57xlMlFba0EMri6J6tdGh3LcnHy9EyhOMG +WTeDJpf0YYdSSkEq0vIOrqTru2v5omX3yHihJHKMHnCfVzRrjNFrkHJEIV5+7ni8st54Z2l OCLE3Bcm0KhJCxIz8nGkoKLyGB2bNeSaG4dSE3ZRrmDxR3P484WXs+SbteSl7aNBvUt5e/4C bKlQIsC6bz7l4ksasn7rTjasXsyFFzXg0WdfR7kOUkjWr/ycv1xwEe+s3IySDlpEcMLVLFm0 kJYtWzHz9TcI2g6uHab4xDG2bN3GihVfseTjedSv9xdefGs1rhQkblnBJRc3ZN3mRJSW1FSV 07tbJ+6Y8DQREeLpqWNodmVnXn1/CSGl0W4Fi997hYsuvIgNifvYv/2fXHLhxcxfthpXC8qL c7juHx0YOPoxglGBrpWFrOMXvhgmehOICMktfQcTsOxoa4K/f3x8fHx8fM6F1t4kFEdLbKFR yiV3yYekTHsSIzwPphi+QPf5NSfbQpXWpKVn8vrsubXeQHUZX6CfgaVLl/LZZ5/9rw2jPLMx AcYbz6W14LXnnmDWOx/haHCrC+l/681sTj5E6pHDHDy4j/69evPim0vIzcqlSip2rP6K1m26 kVZQjJKuZ/gW7edxaoro1K4lg4eNIKI1rgYtJa6wUf8/e+8ZJVWV7v//X/3WvXfduXfGNIZh dEwTdRxn1DHrjDniCCoIioGgjgqYxVEkSVDEQJIMEgwYBxQF8yCOgJJTk2PTdKquOufsvZ9n f/4vzqnuRltUUIHL/qz1Xb26u7rq1OldVee7nxSvpVKVEU8/ws8P/TUfLl6fpr4n1Qx+rDv/ 9ZN9WbxyLU916sQ+BxzP3LXr8C5ixdyPOHz/X/Dok+NxrkBF2Toe6nQfp518Kvv/9EBuuKEd m8vKuPeuv3PYwYczcsxEXnnjFV59/SXefOVlFqwpZfqHL3Pgf+5Fh0eGYCTB22qub3Upezc6 k/krVhPHlVx1ytFc2rwd60WxcY7ERDxyz/Vce9vjFJyiNs+a5XP53a9/yY/++7/50X/8P378 H/8f//Uf/8H/+6//Ya/9GzFv6Uoi8dx2S0sOP+oENjjFmgJrl83gsEMO5qF+Y3DJRh558O8c ePDBzFqynMQpVRXLOeznB3LGJbeTMw7vPKOH9OBHPz6U/i++xZJ/vcHeP96LARNexUiEsZaZ 08Zz0AGHMu6NfzP1hSf4yd6H8sS4qeBzJArTxo9i7x/9mN4vvoe1BrEVjH7mKf73v3/CA916 UymKcwnzZ7zNLw46gLMvbsKz4yfw4uj+/HS/H/OP3v/EJpaP33mWvfc+mDemfYT1jurKUi7+ 8++5+OYHqYrKaXvl6fzxhEt56Y1/k7cxklTzyvMD2ft/9mfo5A9Y/P4L7LNfI0ZP/Ri0hurN a/jrH37HBVffQ1581uld8SHHHaibg14oFDj77LOpqakJO7eBQCAQCHwDPOlEH+88IkLscywd M4q3HuweRpYGvjGqaT+gxYsX07NnT6zd1sjiPYNg0BugpqaGmpqaHX5z0SwVnWwet5eEoY91 pUuvvuTFU7lpFa2ubs4VLa6j2VVXctVVTfjNYUdywilXcvcd91OexEweP5w/nXAOa8pzqLja dHnvFW8q6PrQvey1z7688c775OIEa2Kqqiv47OO3WLmlnLdeGcP++/+Msa9OJU4SqrdspM01 zWl05FGs31xG/073sO8BxzFvzXq8Myyf+zGH738ojz05jsgaSlasoLqqilxlBS+OH8uB++zD sBFjGTd2KAfu14gXJ75NIYkxUcLq5UvZnI+Z8eFrHPCfe3Fnj4FYsXhbw/WtGrN3o1NYuGI1 sami5dkncsZZl7C+poY4MVRt2cgxv/klgydMSudnuhrGjxjEzw44gL/f1p77Oz3AP/7xD+6/ 71463n4b++y9L/2HjqLKKvd0uJFGh/6WZZvLSfJ53nvzBX6630/5xxOjsGYLT3S7hwMOOIh3 ZsykYC3lFas4/OBGnHFRO2qMxTtl1JCe/NePD2XAxLdZv3Q2h/zsQO7t9hhRUk1NFDG6XxcO +NkRvDNrKW+/PJCf7H0Ij4+bCj6PU+GtCSP53x/9mD4vvIdN8rz3zmROOelEWl5zIyvWbqDG WoyJeHZIP/b67/9i0MhnKSQJM6a9xj57/Yj7e75C4pR/fzCRvX+yHxNeep3IGsorSjnvz7/n kps6kbc19P7HTfys0a+4675u5KICUb6Khx7oyE/3P5z35i9l/rsvsO++BzHm7emoRlRtXseZ fziKi66+K61BL2ZaBIMOpDv/1lqcc6xZswbn3B6/axsIBAKBwDfBi08bC2vaWLjgY6RiE/HG TbWb3cGkB76OokGP45jKysqwdggGvUGKo5d2PIJebBKnaZ2OS5gxeQL3/KMb1c7jTIxK2qxN JSGJK7nissYMGjEFsZ7ExQzu15ULmlxPzqTzzIsdwb23qFRTWbGOk045kcOOOIKrr2lJ1y4P 0axZCw5v1IhX33qfjRtKOOOUU/jDsSfyjwfu49ILL+Cgg35O/3ETiWzM053u5Kf7/575a9aj zrF07qcc+tND6fvUGMrKyznn7LO5omlTenTtwjVXN+eQRj9j4mtvki+UcebpZ3LooUfx4IMP cN+d93DsMccwY9YiPv7wTfb7z725t8fjOFG8i7ju2svZp9GxLFm+Cqd5+tzXkf322o/mV13F c6++xacfTmG//Q5n1oJliDiiqo1c2fhCTj/9DMprChiFREHFIEk1TRpfzF/Ou4S1uYgpr47k p/sexDkXXsJ9d93PsUf/jr322ocHnxyBdXk+ees1fvWLQznp9DPo/fTTlKxdweG/OJi/XHgN hSTBO8OoZx7lv358CM9MnEKSr+T6a5tz+BG/5Y47/06bm2/j8EaNaH/vA5THCW+/NJS99m5E 33Fv4n3adG3ycyP4jx/tzeMT3qZi8zr++MdjOOSI33DPAz3o0rU7Xbs9zOQ33mTmx+9z5GGH ceLJp3PvfZ04/bg/sM///jcP9JpApLB65Rx+98sjOeZPx/Nw90f4bN48zjrpj1zW9m4il7Dw 8w/43S8P5+CfN+Kue+6h9Q03sP/+B3DbvY+QF8Nn77zCvvvuz4QpH2DVUb55E6ceezQXN+uI EYtqNr/eBYMO1G7CFdOp9vQPhEAgEAgEvile0uvbxINTEKckYrDe1n62BgLfhC9ei+3pY2+D Qf8eqTPoafMDEUf1hmXc2LodpbkYK9kYN+/AO4ytYeyooXz86WKcpA3k7rvzFvqPfpFY0mZz kI7rwjtE0nrz6lw5b775Tx7v15fOnTszYOAgPvzwI6oKMWIT1q9eyZgxY+ny8EM8+cSTfPDh DHLOYcXw8ZTX6da5H2sryhFr2LJpDY/36MNHn3xGnN/CnJn/YtTwIXTp1o0+TzzFhzNnkzcG 1XLWrF7G8xMn8nDX+3isd3fenPYGFeU1rFqxjJ6dezP5g/cxxuGs4aWJz9Kl7yDKysqxvoao soJXXnyBHv94kFfffIdBj3XjxNMak4vzGGNYu2IRfXt1Z+q77xNZwanWjlFTV2D+3Nl07/ko ny1dhYvLmPrGJLp17czQZ0Yy89Pp9H60L5M+mol1BhdVM+uTj+nVpzcDR45iQ8UW+vXqwsBn J2JMOkN89ox/0bnr43z8+UKMcVSVb2DyP1+nZ68u9Or9KJMmTaIyn8eKZen8mXTu2oN3Zi9A JR1Vt3DODLp0781Hs5eQq9jM4088RuduPencpQ9dunSlS5eH+Ocbb2FMwuezZ/HUk0/Sr98T LFswl17dujD5nU+JRBEpMPfzf/PoE0/xSM9eLFlRwsgh/Rn18htYZxGbsHjBx7z+2gS6de9J n169eHPKu1QkBussG1YsoVuPR5i1YCmJKDW5Kp55ui/Dx72JSAFRiD2oCx+agUAgEAgEtp9i yaXLxvX6gkesJ8QAAoEdIxj07xUFb/HeYj0YEdTVcMP11/Pu9E8xCiKKV5s1kTOIi7AiWLHE FWu4/467WLi+PPvbpHaetlfBisOJy/4uQcVlGwEW4xQrHnWKNwkiDuMs6hRxihWLU4t1FjVK QQ3WJYgUsCaPlUJq6EyEswlO0vFtRi3GOlSqURth1WE1j0hCQQvYRDHGIJEn1qj275wrUJ2l ExvNIXFaK6/GYGzMh9Mm8+Ir03BSSGeN2whnYmKn2UaGq23epSpYa7DOYZxDtYDYAioR1grW FbDOkjiPisW5CCcGVSUSocYavKkgp4I4QSSPGotzipEEIx51NaiJcFKDswYjinGCiMWJxbiY RBLUedQZrCtgnMPa9DYiUWqoxWfNL2yaBeAE5yxiY5xz6bx7cSQuwjqDiMFJQiyCdXEa9XYF CuKwJsJaj0olTnM48ahLUKcUJJeeD2uxIiROiJ3gbIxzEQXrcK4GpxB5UBfqewKBQCAQCGw/ 1oOIx4lPN/9NatBDFV0gsGMEg94Am0o3s3FT6bfu2v4lvIA3eG9JPCSqiMQMGjSANu1upWBd 1ineZbuPDhGLFYPVhNkfTqHbQ92oUbDi0hnWtQZdcQpOFLEJXl02RxBUTZZq5PHi01mU6nCq 6YaAk6yTtyVW8FZJ1GDFohrjbB6nhew4QFQQSVAp4KUGtYI6g9r0Po2mNfaxTxDjscYhRrE+ j6rFZg3SIhXEOawvIFYRNYgxqMulhtaks+KtgjiDqmAke75i8JqabPFgJU2F8S7BaoJKgrgC VgTRBBWLt4qKw0mCU5vWG4sSOcG7KmIVnPOoj9M0LZs+T6ugEqEuHfWmLsGopk32xGYfSBFo HnUeyUaMiLOotThxeE3wavE+3WEWD0ZTWWdRlyCi2f9d8VqNuggVS+JSM+9shHEWr0m6Nlyc mnLN43ycbsBIjFrFaQXWOqz49Bw4wYrgbISIITaC1o+gSzDoRXz2P/h8zlxcSMcLBAKBQOAb Yb0i1mOtJ+cV44VoYym5FSvTMcNhpGvgW5AvRKxZu25nH8YuQTDoDTB89DiGjBxTa4Rh++ag fxWVlZV88sknGGO+sr5CRNiwYQMlJSV7dA1GIPB94n1aMxdbx+l/OZeaQpyORwy7/4FAIBAI bBsvOK+IE5x3GA9rhg/h8/bt8VmmZto36bu9jg7s/tStBa0debtgyTK69+wT+gERDHqDjHh2 PENHjU3fTL4Hg15shGCt/coFWGyQEMZUBALfH96nZSaJE8469yLyURLMeSAQCAQC3wDvhcgr 6hxeDKKwbMxA/t3xtmDQA9vkiwZdVFm4pIRHej8WDDrBoDfIyGfHM2z02AYj6PUXzPZ2p/wm HeLDiIFA4PunOGEhto6/nnMR+ShGxQeTHggEAoHA1+BViTw4tTiN8NazZvhAPmt/G94Fgx7Y mvq+pkGDvrSEHr0ere3mvicTDHoDjMwi6JI1JIPMnPutxzLV/xoIBHY/0s0yIR9bzjr3Iqpr IlTCxlggEAgEAl+Hd0qskPeGgi/gI8+GQUOZe3sHvE0Q71AvwaDv4dQfoVZf2W8RcTgR5i9e Ss8+fWszjPfka7Fg0Btg8PBRDBgyHCeCSp1Bl2yx1I+A7+k7PIHA7oyqoqIUEstxfz6Vqlwe Z11t5kwgEAgEAoGG8ZIadOMtVmLUeOY9O4Z377obbw3iHT4Y9D2eYllv/eCm1F5nFcdRK3MX LqZz1+57/Ax0CAa9QcorqymrqEwNehZF12zxOIWFS0oY9ex4ojipNfCBQGD3w3tQURJrWbZi VTZCUINBDwQCgUDgG5AoqAhOHHmFysotFNauwksxeq61ZWPBoO95aJa+LqpMmvwm73/4Mfko wWVd/lXTay4P5OOEjaWbQ/CTYNAbpH4XZ+8VyWaOl1dV8crkt2l9yx20u+1uosSgIuFiPhDY rdEGFAgEAoFAYNsoXiSNgGYN40TDJJTAl1EPTw8cwpUtb6Tv00NZWLKSxNl0hHGxLj1M0akl GPQGSS/SPem87dg63nz7Xdre0oGrrm3DFS1bc3OH+ygkJkTbAoFAIBAIBAJ7Ht6hPkJ8gleL Nw4vQtjoDtTHA+LhqYFDaHr1DTRt0Ybm193CsJHjqMwV0k0dIARJ6ggGvQFEFSuCFeXDjz/l 7k5dueLq1jS9+kaatLiBy1vcyM0d76cmMYhobV1NUFDQ7iX14BSs+LQJpAfR9Oc7+9iCgoKC goJ2ZRXLQGOfloCq9RgF49PPUidaa76C9lyJglV4YuBQmrZoTZMWbWnaoh1XXN2am267mzET JlKZyyNZqvue3iAOgkFvkMgYNm2p5JkRz9Li+pto0vxGml7dhitatqNpy9Y0admGtu3vp7Si hqrqGqpzNeTyhaCgoN1MVTUFKmoKbKnOU11IqKgpUF5dQ1U+2unHFhQUFBQUtCurpiaikEuo yBvKCgmVhYRcdQ25qhzV+QK5QpR+DdpjVZ0vUF6Voyof8diTg2jasjWXt2hLkxY30fTqtqlh b9aKTg91Z9GyFeTyhWDQCQa9QUaMnkCHux/imhtu5YqWbWjasg1NW7alacs2NGnZhstbtqVF 6/YMGDqGYSNGM2ToCAYNGR4UFLS7adgoBo94lv5DRnJh46Y8OXg4z4wax6Dwmg4KCgoKCtqm Bg4dzpBnRjFk8LM8OWwUg0cNY2CHO3noujYMGjKMwUNHMDh8nu7RGjx0BM8MT6+1/n7H/TRt 2ZbLW7Tjby3acXmL1qnHatGaJs1v4O4HutGtRx+ccwB7tEkPBr0Bho1+jqGjX2DZynU8MWAY 19xwS23kvEnLNvytRRtuuqMT1bFBtC4lNigoaPeSUyURT8EJZ5x3CZVRgpEsVW8XOL6goKCg oKBdVYnXdOKRS8tCE82zbNgg3rm7E8Zm3bv91uVjQXuWRNN+XkaUfgOG0qRFa5q0aMflLdvR pEVrmrVqw/0PdeOjGZ8xZ8Eyuvd8rHbMWjDoga0YPnYCQ0aPTdv/O0NJyQrufqArza6/hSYt b6TptW1p2/4e8sbUm+MXCAR2N7ymozwKTjjzgsuojpOs6WN4XQcCgUAgsC3EgxqDU4MYT6Sw etSTzL29I94o4iS9jSd06N5DKf7fVeGpAUNo0uw6mrZozZXX3kTrmzvy3nsf4EyMqjB/yTIe 6fPYHm/OYTc06Ovu7Mbq6zp+r3rnL02YdublrG7VkdWtOrCqVUcWN7+VyadcwujfnMzo353K C8eexfJr27Oq1fd7LEFBQd+jstfv8lYdGHLEcZRc0772Z0FBQUFBQUFfrVXXdWT1tR1Y2aoD q67tmF4vn3kxc479C6uv7ciqVh1YVbxdq47h83VPVKs6vXXapTz721MZ/ZtTGHfU6cxp0ppV 13Zg1bXptdfcpm2YdNJFrG6VrqUdWS9Vr729sy3rDrHbGfRFR5/B3IOODAoKCgoKCgoKCgoK CgraSpt6PL2zLesOEQx6UFBQUFBQUFBQUFBQ0P8JBYP+AxMMelBQUFBQUFBQUFBQUFBDCgb9 B+aLBn3R0WdQcn6L71TLzm/B0uzrsvOv/o7u92qWZWrodyXf2eMEBQVtj5adV3yN7vxjCQoK CgoK2h209PwWlJxX/Ho1i8+vu4be2ccWtHtp2fnbv27mHfzbYNB3Jl806Bs7P/6dP4ZVSCQd D6GSdnn2mb4Nxb/xXlEvtfI+7RLtVTK5VF6/MJ5AUO/4rjpK1z5O7ePKd3bf6QNIwwoEdlFU FRHBGIMxBucszjlEwroNBAKBQGCbeCHxglqP8YI3CbFYxAmqDtW6z9LQwT1Qn9QfFTu8C6pC Ium4vmIX92/TyX3hb04JBn1n8kMY9A2by1i9sRTjpPbNZbsMutc6k15PWmvKpd5IpwZu6wXv v0sTXe+xtjLp3xX6FQoEdk1UFecczjk+++xzkNxXBgAAIABJREFUrE0NeiAQCAQCga9DMV5x zpN4wScFonWrqSpZGQx6YJvUGnRVVAXrLOW5GlauWVtrzINB3434IQz62OdeZNS45xAlM9Db a9CziDnpIhSn2WKs21lUTY15OiNSszezzNjWRqC3XqDFqN9XPm7xqzi8pBH4YlReVLMIPt+5 QS8eV/1dr+96juGePhcx8N1SXKuRsZx/cWNy+QJhUykQCAQCgW+G84pVJfGKTwosnTCKdx/o jBiDitQLOu3sIw3sStStiTRoKKosWracPo8/gbU2RNB39gF8W34Igz7y2QkMGzU2XTw7YNDV u1qDruJR6xAbk5gEUcVlafTF+3ZiUDWImMzApyZeZGsVU3CLqm+MRQTj0oXuJcG7BFWHU4id YDV9zOwIv1OD7mwaiRRXPE5B5LsxO8UXakg9Dny3pOszdsJfz7+UXJQQMj8CgUAgEPh6itme Vh1GwTvD6pH9mdX+Lrx1qLjaAFExnTkQgHqeyqfZxKKwcEkJj/R+7FubcwgGfaez2xp0J6iL qNiygvmL5xM5xSpYydLdxbBh3UpWrVpKaek6pk19i2lT32ba1KlMmzaNadOmMXXqVN566y1W rFjBu+++y9Tsd1OnTq3VtGnTWLBoCdW5Gj58bxrvTn2TaVPfYsrUd5gx63OqCjGJSzcF0hfF d5POKyLMmjWL8i0VxLFh9uzPWLBgIc59d4b6i9H5QGBHKW5QFZxw5gWNqY6TemUngUAgEAgE vgrxoOoQtRjnsR7WPPs0C2/viDcOcS69TTDogS9Q9CF4B17qGfS+waATDHqDjBozlpFjxqZR 6HoL5FsbdBXEO6yCN0IiBd6fNJou3XuSU3CqiCiqFpUco/s/ytNDhjJ//ud079qZ7l26cftN 1/Pznx/GbXfcRY8e3ejSrRsfvP8uXbs+zCOPPEKPrg9x2MGHcfPfO9Cjeze6duvCm29PYfG8 eZxy4ul07f4w3Xt04eEuPbjqb1dw2eXNWFdahfMOr3VpJeoBL7WNGoqN7IDsGIsyaJaK77Pz 49USRwUuu+h8Pv18ATX5PHfdfiePP/kUzgnWOUQc3ilOBVUQnzasKzaRS9P+bVq3nzWMcJKd H1G8GqrKNzD4mVHkCwmS1fF/RwH6wB6KqmCspWAdZ55zCdVRUq/MJBAIBAKBwFchHqxaxMY4 o+Q9rB/Rn4W334E3DpU0MqoeQmwl8GXScl4Rh6iycPESevZ+tDYg920IBn0n84PUoI8dy+jR o3e4WZT34NRSUMXHSrVEvDzkEbr36EONT42vF0XUolrBo/f8nSfHv4hTi4rBJMqHbzzHkb86 ibnLV6NqsB5U4tQoq0NypRx60JHMnFeCikG8oBqx4JPpnH3RNVR7g/UFjBFym9dx2il/pnP3 p0k0yha/Yp3DiCCSdrEW57DW4ZzFWoNzkr7JisO5CCcW7x3qBJdYVBJyVVu44PTj+WzpGhKX YHIJNVlnbOsssU3wUULsHIlxGEkQl+C9wznB2xivCVYUsQ5RQ+IcxipiLSo1bFz5Oddc35HK 6oSCsXgxWAnbsYHtR7MNqii2nHveJeTyUbr548OVRCAQCAQC20IVIm9QU0ATxxYPa54ZzKcd 78EbwbsskEMWRd/ZBxzYJSmWsC5YsIDevXtvVzlrMOg7mR/CoDvnars570jNs/cgaolU8MZR 0BxP97iVXo89QSHbTfSSNm1ztoxbrmvOsElTiNXhfIJxyusvjuKY4y5k7eYqVFKD7jVG1GCd Idqylp/uczjL11fWGnSvETPfmUzztveS94L4CCseH+W45+5buKrlrSSST980s8h5xZbNrFy1 lo0bNvHe+9OpqsqjErFxwypenjiR99//iMrqArFTvEaINSxdupQXX5zIp5/OZOP61Zz0h99S sm4j1kasWLiANRXVJCaiZPHnbC6vYsXS+bw/Yx5JUkMSR0yfPp2xY59jzrx5GGuRbBPAxDHz 5s9k3HNj+NeMf1MoRKxbX8LU18dw1bW3MHPWXFZv2Ii6CBd8VGAH8F4RFZwIn/x7drpZZe3O PqxAIBAIBHZ5vPM4dThJcE7Y4CG3oYSKhXNTc+4kTW0nGPTAtlFVampqWLZsWe2EnW9DMOg7 mR/CoG/P/L2G8OJRdVhNG7vFUsaDt7fggS69WLBsOUuXLmXJ0hJKlpewZM6HXHL+hbz27sc4 6/CaIOJ4ccRTnHrmVZTXWNQlGA/exzhvEHWUrVnCAfscTmmVrTXo4gq8OX4A9/XsT14V1QgR ZfP6tRx3/B95avB4RHPp5oAq4mLGDH2K0866lHvu6sTosc9TVVnBU0/04dprmvP8c2N58smn afy3ZqzdXI4zW3jo/s7ccGNrnnvhOYYNHs6t7a7n8EOPYNOWLZSXruf0E/7EyFemUrpxFWee eDJNmrflkd7deGPah6xfvZDzz7uUXo/25ZWXJnH3vXdw0223ERvHpnWLubr5dTzwwD28OHE8 Tz79FJ27duX9j6bx4N3tOO+SKxk2fBQffzoTlYgQQA/sKLWvdV/XaDEQCAQCgcC28c5jVTDq 8M6TKMRqUWfqjdAKEfTAN2NHJkAFg76T+SEM+ndF0aA7EYyzONlC2ysu4vhTzuKyv13OZZdd xmWX/Y3GjRtz1SXnctjBv+ad6Z+naUGaoM4w7LGHObdJO3LG1Rl0LRp0Yfm8T2jU6CgqY19n 0CVizOP3c0nzNjzefzADnuhLn0cf49Y27Xi464NsqY5RX43PajyMrWHYUz248IobyeXyWFE2 rPiMG1pdzep1a4jjHHFc4KHO3Xl3+mxWl8zmD0f9mSXLl2MlQhPl+TEDOfgXx1BZnaN0zQpO O+EPvPrRHDauW8qff388o56bRGwKJDbP6Gce5f6H+1BVU8AWLBXla7mq1bUUIscjD3bgzydf QFVNFaIx1hnyUYSTiFfGD6BjpwcxzmU19HEw6IEdpphFUmxUEprYBAKBQCDw9aSlnIrzmkXM fTqi2NdNKKqvQOD7Ihj0ncxuZdBVEE1rtWPncKaSC44/kQmTPgCyRmia7hRVbVrKr488ipkL SvDWIZpgNebRBztw7Z1dqJHUoH+xBn3W+29yzPHnknd+qwh6j/ZX0HvQGBauWM3KksWUrFpJ dWUlViqJncf7ylqDHkueAb3uYtCLb5KYGqwYpr8+jOOPPY42f+/ITTe14e83taFx48a8/e5H vP/OS1zV9GZySYTVAhopC/79T355zKUUTMKqxfM49bjf8dGS9axYMovzz76QBas3YgsGNWXc en0TGl97Czfd0p7bW99J+5uv5+yLL6J8c55mF5zFw73HEStYsai4LKMg5pknutPp4Z71DHqI oAd2nNSgG/AJeBsMeiAQCAQC34DiLGuvCt7gNcGLr42Y145YIxj0wPdLMOg7mR/CoG8s3czG 0s1pWs4OpLmr2tSgW00bp+U386ffHMeUD2aj4hAVrCjOGjavms/BjX7LgjUbEJtgxWC0kofu uZ17ew+gkHU5F1W0OCddLO9MfpW/nt+UKIvWq7eIzdG+1eW8POUDYlVEEqyk4y6cpPXo+GIN umJdDT3uu4k3PpqBcWm0+uPJI2lz403kjGCcQSTGJHmsM7w/7TWubHIDVVEBIxGaJHwwaQzH nnEtiYuZP+tj/vT7o5m3ejNL53/MhRdcydotlagxqN1I+5uu5a3Zi4hNgkQOa8uoMRFRTQ3N Lz6bB3oMIRJPUpypbgV1BR6+/2Ye6d2PxDqMWrxGuODQAztAsQ+DqqOiqjybqKDBpAcCgUAg 8DWkZWEe7wRxCU4SoriapGoLIoJ4RetF0wOBhiiWQRjnyNXkQ4o7waA3yJCRY3hmxGisCJrV o27Pm4v3cZZy7vGuQK56HUcceRSfzp6XRtd9NkPSxiz9fDo/P+j3rCmvwrk8Pnagm7jz9vYM HPEcsScd+yaajSkDtQmvTJxIi2uvJ1HSBnLekMSVXNGkKe999AlG03nsXr662YImFdza9kYW LliU1uO6iE1r5nN18yuZMXMWuXyBLVsqWLKkhKhQYOWSuRxz1O+YMeszKvN5Nm1cy21trufC Zrcikmf6+29x7PFnsGFzBfNnv0/Ta26nrCZBNUZcjrGjR3LDjTdTurmMmqSStWVrmb9oBWoi uj94OyeceCqr12+kMpdn5Zq1lFdUIlLDw53a8MB9D7GlIqLgEpzGiA1v+YEdIW1EEjuhRasb yOULyDZeK4FAIBAIBFK8CgVVEnVYsUjsWf7aROb06o63STpS19c1igtXbIEidWsh64clwtIV q+g/aEgYs0Yw6A0ycuwEho8Zl0Wrt9+g4xPUS1qP4yLKNq3k2ONOZvGylencb086H1IMH7/3 Jn/4w5mUVecRiVAjiCvjjg4defGf04gVnNQZdPWgzvLihAncdc/9WA/OA95Skyuj2VXNmPnZ PJzPDLp+deMrSSppfcN1rFm3Pk25F4faAm+99Sp/u/wimjVrRtOmV9Ppge5UVkZIUs1rr07k 3Asu4srmLbm5bVse7nQft9zbE5EC77z9Ty5p3IyKqhrm/Hsatz3YmS2JSTc8bEyuvIz777iD xpf+jRbXNKfJVU0Y/9xrqHPkqtbxVP8BXHTxpTRvcQ2trr+RBYuWYFyBdStn06JZK5peeQNL VqzASoyzoY17YEdQjDHE1vGXc86nJoqzJnFhXQUCgUAgsC28VyIPRiyJRljnWTX8GWa3b4+a 1KBrMOiBBqhv0FXSaToLFi/lkd6PbdeY62DQdzI/hEEfMWYcQ0eNTQ267ohBd6hXxIMXi4nz zJ2/kEIcA2k6h2Tdo3MVpSyYvwjjHCoG7xSRGlatWUVZVQ1Oswh6dhDq0xr2ss2bWb9hQ200 Hi84W2DZshJqChHiFe/tNlP1VSKWr1hGZAwu2zTwoqhLyFWVs2D+fNauXU9shMR5VCLwhnXr 1zN33nyS2FBWupmS9aV4jamsLGVpyUqMceSqN7Fy42oSSTMJ1CnOJlhXzeqVq1i4YB4VVVVY 59Pfi0WcYfXqVcxfsIDK6hxWFacWcdVUbKlk7rzFFJK0gZxIMFKB7cdnozwia/nrORekrxmR 2td9IBAIBAKBhlGv6TVjZPA2T+Jh+eiBzOxwO94ZnLchgh5okK0MutY36I+GCDrBoDfIqLHP ZQadWmO7XSnuqqgXXDa+yUv6RqYN3ZGXOhOddZPGZzXnPq0VB+rVxir1o3xb3aV3dbfN7mfb tfTp/fusVkg1a/ohPpUv3sbhvcF7yY5X6tXwgorH+7QOXn2xcYjFi0lHukna3dN6IfFxek6y 26lS97haF8GsazSSbmSkx5HetnjeAoHtRTV9bRaM5ZwLL8kMugsGPRAIBAKBr0WJswh6rBHO etYOfYYFHe5AxWLVZNeXwaAHtqbBCPqSZfTs0zftX/AtTXow6DuZH6oGfdCwkVgnSJZmsV0G vTgHPTPa3vm0xtt/ecGlnTCLBj011UUzire1RrRoaNNxUF+xcOvdNjX72+5MXdeB02bdrF36 2Fo04ml9iBfBS1o77wGvLjXgxSwBV7chUezsqapolpbvSY21ZNkA9U15epwu/RvPF2pTJDNS xXPj6p2HUC8c2H5UBOcc+dhw6plnUZ0v4JytLW0JBAKBQCDQMF6ESJXYOxIx+MSzdOQIPurY IY2ga4igBxrmi9f5zqUR9Ie79ggRdIJBb5DFy5azaNlyXG2TuDRaXTSdW7N1JLs+PktDF++y CLrPosZfvn0acS5GiOui3nXmtZ7phlqDXvut1u88rVsbWO/Y1jrf+ram3uaAxXtDcTa0F5/O uKw16FJr0LXWoGuaVl98/lnqvRSj4NTdj9a7XfFx06yDuiyD9DHSGnqfPe+iQU9vEAx6YEfI msQZy8uvTSKxLvtQCKUTgUAgEAhsizTymUVAjSUxnsoVCyj95MN0WpF3IYIe+FpEHCLK5vJK Zs+ZF7q4Ewz6V5ClUzck6hla2OrngUAgEAgEAoHAnkBaFplmiDqFOAtMbasxcSDwfRAM+k7m BzPoDclLWodNfZMeom2BQCAQCAQCgT0LDxgPIoq3iorPmhrv7CML7GkEg76T+SEMuqrWauvv BaeWyCQsK1mBNW670jACgcCuQ0Ov90AgEAgEAtvGiydWsCp4azEq5Iud3UW3alAcUtwD26L+ dRiQjbz95gSDvpP5oQy6c662i6CI4pyQOMfqjZvo0r0PHe/sRFRIEPftGxkEAoFdA1VFRDDG oKpYa7/0IREIBAKBQODLeOdJFIx41AllPkKTPJKLs+k9WQo81PYvCgS+SJ3fShv3Fq/NQhf3 3YgfwqA//9zzTJjwPOLSBeKsUF2dY8rU97jx5rtp2qwNt97eiTgy9ZrIBQKB3Y3iB0AcxzRp 0oRcLhcMeiAQCAQC3wAvQqyKdR5nlSqfZ/XYscx4qCfeCipaOy7XBYMe+AqK110lJSX079+/ 1qx/G4JB38lsv0FvuFa8doSYFlNxlFGjxjJixLM4UYwVps+YSZt2t9GsZRuatriJK1rezM3t OxEl6XxHFffVTeWCgoJ2XaE4ERJrOf+ii6muyWemfRc4tqCgoKCgoF1YqpbYW8QpajyVvpo1 z/Rn5m13o3GCdxZVh/eCesmmFAUFSTalKe3vpWoRZ1m8eDG9e/epDZ6ECPpuxPYZdKX+qDIA 70GyNIp0FrJFxGGtZcTIcQwbOZ5PZ8/lgc7dueqaG2l6dWuuaNGOpi3a0LRlG27qcD9VhRgn gqhDVIOCgnYzWXEk1lGwjjPOvoDqQrzTjykoKCgoKGh3kBNFnGBFcc5TrQnrBw9h9u33oUla KupUa7Wzjzdo15NTwalgVZi3cAk9ej22XZmMwaDvZLbfoG9tzr0HJ0rplnLe+/Ajnpv4MmMn vMD45yfS6aEe3HFvZ5q3asOV19xA0xY30KRFW5pc3bbWoLe48Vb69R/M0/3706//IB4fOCIo KGg3U78BQ3hq4BD6DRzGJVe0pN+AofR7ehD9Bgzd6ccWFBQUFBS0K+vJ/iMY1m84A58cyZNP j+b+scPp/kAHerRqy5P9h9N3wDAeGzSCxwaNoO8ucLxBu576DhxO38HDeXTgcDr3GUjXno8H g84eY9DrUM3MuXW8+vpk7n3gId7/1wxqEoNVsArDR09g8LCxvPTPN7nxlvY0aXE9TVq0oWmL tjRt0ZqmLdtyU4f7ycUJTgTjXO3fBgUF7T5KnBI7JWccp559EZurC8ROsaI7/diCgoKCgoJ2 ZdUoVHqoVCUynlyNY87oF3j53q4kiSN2SiRZI7ld4HiDdiGJx4rHKCQKkShzFi6le89Ht6th bzDoO5kdMejeg4onn4+YPGkKQ4aOYMOmzSRWEE07TIqH2XPmM+PTz0mcMG/RYno//hTXtr6V Js2vp2mLNjRp0YabO95PPjGo13q1FEFBQbuTpF6Ke/8hI8gnFis7/7iCgoKCgoJ2dTlRTKLE ajHOoYlQNnsOq979AHUWVVtbe76zjzVo1xTe4b3FiWVTaRnvvvdhbYO4YNB3I7bXoBfT2sUp Lzz/MiOGj8Ektl6nwLpFUNfm3+HEElvLv2fN4aGuvbmq1U00adGGdu3v+4JBd0FBQbuZ1Bmc MyTGkliHdQ5xBnVmpx9bUFBQUFDQriyrgliPeIN1FmOFUk2INEHVoT6V9zv/WIN2NQlpkziH SIJ1Ju1pIL42eh4M+m7E9hh0D2mEXJSFixYzbvwEClGMFOczqlLX5T1rWiCCk9Sgp43klHw+ 4l8zZnLnPZ24tf0dRHHyrccABAKBXQdVQcUhzuKcxVmDOBte14FAIBAIfA2iinEeJ4q1gk8s YhUjivi6RmBhvFqgIbwvejQhcS5dN5kxD3PQdzO2N4LuxFOTL9CjZ2+Wr1iJ3cY/3oqmC8U5 nDigXgRehA0bNjBp0iSMMd96AQUCgV0HEcHa1Jxba7KvdmcfViAQCAQCuzzeK6Jp+agTRWya lWZFUnMeNrsD28BnOzfqBSsOK4pxUmvQvw3BoO9kdiSCPnf+Aia+9ArG2tooeUMYp0QmrUVV /2WDXndR77ar02AgENg1KL5+E2OIkyR9X3AuXFQEAoFAIPA1eA/eeqyHggo1kqBJDo2i7Zpl HdizSA264sSSOEvihNjY7Qp+BoO+k9keg64K1inPv/AS69avx4mgWepNQ7w+aQoTX/lnmmbh 0/r0okGvXxcRoueBwO6Nz17LsXVc3/omaqIYLdZFBQKBQCAQ+Eq8B288iVeMeKw4Vk56jU+e Hoy69Dq5mOLuQ5574AsUDbr3ghWhZOVqho0YXRsMDSnuuxHba9DXrd9I7z59KURx+kaRqSFG jZnA8FHjUE9tE7hAIPB/j6IRj5zw1/MvJRcl1PWjCAQCgUAg8FWoBzWCVYezHnWetUMHMav9 3XirqJPsWrouEzUQ2AovtaUSi5aU8Eivx8IcdPYQgy6ivPTKa4wb/3zdTh7bMujPMXzk+OxN JR0BEEx6IPB/D6/p67rghDMvaEx1nNRrGhkIBAKBQOCrEA9qHE4tYjyxwppRTzD39g54o4iT 9DbBoAcawhfHrEk9g943GHT2EINunKN33ydYuGhJ2rXd67YN+qhxjBw1HmsF1aJBt+nXb4GH bJSAQTV9k/Je8a6KWIRYLM4lJKqoWkQtai1GPKIFjLVYMdnjp8dQ9waXdp/33iA+QZyi1qNq cd7h1eLFIl6xHrQ41oDsjVIl3bUCIg/eZQ3vxOKU9HjEYEURsdn3gvcRvpj2Lz5V1oXR13sD Tr9Psw9EFZUENI9zgnXpeKv0+XxhdzX7/2x1Hj21nUBVDOps2oHfK14TvBhUHUaV4uvZe5d2 6M6yINL/Q12alde0f4AUf+9dvZF5WdMTFVTSc5um2rh0GoBPEE2/d87VHr96EJ+tr+z+NSuL KI6TKD7H9A2poXWYmkNPmvnhPXXnuLh+tK7kQrykM0bFI570flXq/r72Da7OdNb9b1zdh2W9 Uo6viiD72ueYqviz2r/xdWtKa5+UbmV408eO8JIes3WCy8axFNeNfmE9fZ+oCk6Emtjx13Ma k4vS16oPG3KBQCAQCGwT50Gd4DVBrVLmlTWj+zGnfXt8ImkEXbNrJP3q6+7AnojWeqv0WkxZ vHgpPXs+ul09voJB38lsj0HP5Qt0faQPFVVVqbnROrPQEM+OGc+okWNT07uDBl3V4iVKzZxP DUG+fAUz5q4l7yy5yk2UrN/Ehg1rWLV6DWtXrWbNulLipJrNW8pYuWYDXoqLOKln8lJDpd6i PkasoWJzBetLS4l9avi9TXAqGJ8dh9q0YV729z4zsDUKavNYVZwkJAqF6s2sXrOC8ijdJFBN cM7hfTXeW75o0Itm8kvnwAtOLJVb1jNsyGM8/8JkclGE2LjWoItPm/jVPa8vox6MOsRFqDOI KlYErzFvT3qRAQOHUZ6P8D4Bn5msLxj09HwVjWtqZIs7u6rpZoZXi6pgFKwYSjetYP36daxZ u5q161ayes0mNleUYqxDJJubnRnx9LlIZvQt3tc36Onj1xl0Q50hbvj51m5a1NsEUZ+NBszO vfMO8YJ3Hle7ESF1Jvcr3tx88RhrdzTqNhC+KnpcNOguU/Fn3pOZ8/Q1sq3Nr9R45/HOoWJw 4jCSzzbOqF2fP9Ruu4gjsZYkcZx77mXkakzt5ksgEAgEAoGvpnjto2rwzlPmlZLR/fn4jrvQ xOFFv7T5HgikFL1NWmvunLJg/iJ69UoN+rclGPSdzPYY9E2lZTz2ZH+sE1Tkaw360qXLWLhw MSJZm/9a8/HtompaG7lO0gh6Fknu2+0hHuwzlMgaXhk/nPMat6RPn9707v0Y3Xr1YtCT/Sgr LWXB/E95+OEeRNanUVJvtjLoJksJ8c6ybuU8/nzCsfzqqOOY8fkiYqeoNVkUN40Qp5Hpught +vyVOM4zelBfxr30WjZiTpj6wgh+85ujmPLpIowKohbnBO9r0MxYe23ojbfeY2Rm1EnCquUL +fUvD+Hc85tTkY9qG3EVzb3Wj8I2eC4VUYeLq3hxwrMMGzmKvEmzDtrdeBV77/ML1pRW430F +BpUtp67WTw2nxlo/UI0uljOkBp0xSnkaypp2vg8Dj3iV5x02mmcePJJnHD8aRz7+6O57rp2 LF+7ESuamjlvwRu8t/XMdV1EvrihUt+g1xnihp9v8f9V/xy7esbbi9RGs7342uelmWGuf/++ ntIfSJ3qn6ev2CCpfx5rH4Mvmuh6x/tVjwu12R1JXMbggQPo0v0B5i9aUXsfPqtHKt7/94mq YKwlSSwTJ75OFBmss1/K4ggEAoFAILA1XjyiaQ26N56cUyqWzWXN9I/wToNBD2yDrQ26OGFL WQWzZs4OY9bYQwx6yYqVvDp5SmqQv0EEPR2npvXSK7RBM/N1aBYx92qyxxZcVMk1VzbjX4uW 4Zxh4piB3HZfX5wkOCvUqEPiapy1JNEm7rnjPuaXbMKopMa4aLq8EHuHiEeThB6d7+R/9/pv DjjwUDp160dBfBrxztLTVR1OUzPpJclStUHFYeNKzj/lT1zRqg2xglNl6riBHHjgIUz69wJi EYwzOCuoRjiJ6+6zOOtSNcsQcIgYxFlUFBHFiSHOlzNvzofMX7yavM2izk5rI8TF8yOabqJo vfNfvH8RiyuUc02zJpx93vlUxQmJCCtLFvDJzHnkjOA1QlwBcekoPZ8dh1UQdYhEOHXEotji +ZEsy8BLlpoOVpSa6s2cdeqJnHDSuSxavppV61azZuUaBvTryr4/+Sk3d/xHukkgCSoRKkla VqCCyTZ3vMSoZCP7VLJ1JVlqvuAla6IixckAmqZ9i8nOcXqerbg0GyI7F14dXmKsSPp/FYc6 h/VgVPFq0tR/qeui6oppZuLwYtIMAknS9H3nURFE8mi9rIit1nO96QXF7ppeFZX0hsWZp2oF XywL8GAVbLFEQdPnKmpwdjM9u3XltDNAffVHAAAgAElEQVRP4Lnn305faz7d0MLbrSYmfF+j WlSLHwzZcxYfRqwFAoFAIPAN8M5jVUg0zeQTBeci1ERfylgNBj2wNZplJqdrRFVxVrLs5VCD vkcY9LnzFzDz83kYlxqLrzPo3xV1Udo07VecZePyz2l74x2sj2PEGCaOfop2dw0gMTFqDYlz iM1Mr1Tz0L130PPxwRRUEV8vXcgLsRe8WEz1Zo45+recff7Z3H/3HZx86llsiWxq3Fye8rK1 zF64mC351ES6qIL5i0tYtamMqooy5n72CWcefzQXNGnO7PkL2FBWxhtjB3DQQYcw6V+f88ms T3jt1YksL1lJJAnORlgbUVq6galTp/Di889TsrSESMFYS1zIsWThHNauWkkhipi/ZBmlmzaw dOksSlZtInKO9evWMn/ufOZ/Po8F8+Yzf958Pps7j3xiUFugbPMGpk17m1dfe52SlauxIpio hmXzZvC3S87hpNPO4KNZcyhZu4H1a9Ywf8kC8iKo9dgoYvWapbw6eQpvvjyR8tIyckaxatm8 qYR58+dQEVvmzpvHy+NGULJ8BVWaZRmoRbNNijhXyrmnnMypp11JLlaMOMQVWLfyXxx24ME0 adaOfOJQyRPntzDtrbd47aWXWbJkKdVWMc7gkwo2bljNy5Mn8+qk1yndXI6I4GyBBXPnUbpu I2tXreblFycy/V8zyNUUSJzHWYOaPBXlm5jy9hu89MrLrFq1isSldToqESuXfsa8eQupzBWY MuV1przyCuvLq8mrILYKNTmWLVvOyy+9xHsfTaesMkdsHDYp4KIcn3/2ORNfHs9H//qQKO9w 1lJTWMf8eYuII4u4ehF4r+lmjHPYxGDihLKyMkySEOXzRFGUbhZYQY0gUcKWsjIqcjXE4klE 0znjNo+zBSqjPOUVq9CC44n+9zBmwtR07KE34COsy7NlyxYqKqu+97nkW/VO+AHS6gOBQCAQ +L+Ad0qsaZmiiMcDTiEpZvt9QYHA90Uw6DuZb2vQVZVZn81h3qKlWeTx6yPo39WYpTqDnhlu F/PWc0N4sHMf1mslmsS8NOYJTvjrzdz895u4p+Ot/O28C+jRbzSxj/FiGTuwL2efd2VmuCWN uqrivcU6wdsKXntxMI1+8Vumz1nGioXvcfSvf8VjT4/CiENtFaNHDGD/X/yW9z6dh9oCVWWr aHTwEXR6uBezZnzIiaedwc/23YsDfn4IJ51yMsPHjuOfzw9nv3334/S/NuGqpo05/rhjaNTo CD78fC7ORLz03FgO+8XBnHbKSTRv0oRfHnoYzW+4jeqaiM2b1vPnY3/PySccz7F//CM/O+xX jHx2HH86/ve0bNWeKInp16sbp596Cmecegqnn3QiP/6fvTj08KMorczxyfS3+NOxv6PJ5Zdx 2d+u4GeNjmDwM6PJbSnlmssv4pCDfsq+BxzIcaeezT2d+3DXnbdy6JHHsKVgiaJS+vbuQqNG h3DWeRdzyVl/4deHHcndD/YglxQY8nQPDtx3P07+y4Vc3uRKzjrlBA44sBFPjXkVnzXj86TR 4Di3kfNPOYGTT76ANRu3sLmynNKNm3l2cB/22+sA7nmgD06UuZ9P59ijf8ufTzyVZle24LBD DqdHvyHk4wKTXxjBr444jHMuvpSLGl/Kkb/8Le9/8AGVFaX88vDDOe8vZ9P4oou5tkVLDjig ERdc2Jjy6gIuiZg+bQq/PeJQTj35RBo3bszPG/2c5s1bUV6Vw9oa2l53BUce+TvOPf9vNG9x BScefTSH/epYZi5eSpzfwL3tb+LII3/FFU2bcsZfz+Gv517Exs1lVJRt4rrmzTjyyN/QvEUT jvnD77no/OZUlFexcNF7HHbob1i+fF09g65ZLwHBJYa+PXtz4Tnn0rZtW1q2uJpLLjyf8RMm pB/KseXZocO58Mwzufmmdlx59bU0a9WWtaVbcCJ4qeTR3l0587zGtG3TmpuvvoUOd1/KuInv pY35pMCihTO59JLzuOHGG7nhxtZccMEFTJ8+/XuJoEOx90Hde0Mw6IFAIBAIfD1eldiDWk8i gvMJYrLmxPUUDHrgm7H9/isY9J3M9hj0z+bMZfHyVWkN+jcw6IlzJC5N366/UL7tm0tdQzJF VBAp8HT3B+nRqx8VPkZNxAvPDubk05tQunkzIjFzPp3JuWddzPzlK3EiTH5+DH847q+UlFZi nMVL2o282PFQ8us5809Hck27Dmw0Hok2cNuNLTjhtIv+f/bOO8qKKnvb88+31qzfmmBCwYTk HEdRVEQkqGDABDqACKgYRjFiwBEFJIMEJUdJKhgRRFERURAUaBpooCPddM43VdWJz/dH3Q4o KDAohnrWOksaL11V955bdd6z9343RTEXraIsWzidc+o058sdB9AySrgojfPPPZ9nX5mO8KLk l4W4/vLW3Hb3QEKREqJS8uGyWdT42+kMGjIa4cX47pv11DvvAp6dPIdIeR7N6tShe6+BhMrL 8TzB7EmjOaPm+WzemkRR3kHat2zCObXqMHXm6xSUlVJYlM+V/2pJ3wGP4wqBciNEy4oIl2Uz ZfI4TjutFrPnLEVqB9ctJicnAycapqywlGuv7Ua/AUNwhIdXmsXdvW+kY5cbOFQWIewohj35 IBc1bEs4bNi9/RPO+uffeOSZMZTFYpQX5tLtikuo1+xi9mXlsHDGKM78vzMYMe51HCEIF2fQ pGE9eg0cWpni7gt0jRvJ47oO7ahxVi1at72MVm1a07JFC848rSZdrr+DzLxCjIgyeNBdtL3k MgqKynGi5ax+722atGzHgbQUHn2gL92vu4niSDmuEny16RuKCgspLj1Im7oNOK9ea7JzMjDS Y9bUSZz5zzNYsHId0aJ0enS8nCuu6UFWdibCizDs6SGcV6MWX21JxNMRHu53G//395q898lW tBWsf38VZ555Lm+u/ZTsg9tp2bgOjzzyDBEpicYibNu5i6jrsGDWVM6tVZMt3+8kFg1RVJTB uefVZ+7CN4npMoqLylFSHyZUjdFopUlO3Ua3a28kcc8urIkSi5TRs1tn5r71NlLEKCrI4Kr2 nfjgw9VILSgJh3jskft4deYCIlJQmr2L3r36sudgHp5yyDyQQduG57No1QZ/Totyhr/4KK+8 MomYiOF6DkuXvMHjTwzFkXGn/Z8w1zteKlL0hVQ4nldZ2hIQEBAQEBDwcxhiFozUSCnwrCTq xFDhMrRWlca5FQ7ugUgP+DHxckkDQmk8IU8oazIQ6KeY4xHoFTUMOxISSUrJqGyd9XMC/d0P 17Dyg4+Qyk/prXjt8d5YLFXu5toqjIky8rknGD9luu+crl2i4RJC4RhK+y3ShPaYOOJZRk6c iTTw+Qdv06DxpezOzIkbzlW1WjPG8O0Xq6nx178y9MWXWbrmM9a8v4pRzz7I2TUv4KOvdiJU lDfnT+Ls2s35YkcyWjqEC1O5oFZNho6dizAKx4nQs30zet/7KJ6KISysWzqd888+n7e+2YPS ltz0BNrUqc3dw6ZwYO9m6p1Tk5Gzl6GFRBrDgcQv+NsZp7N8xecUF6RxZYumXNXjTkIihjWC 8pI8OrduwV0Dn8CR8Y0Gt5zP1q7i/AvPY+ToV3GlQesYh9ITufeBB7i55y3c1PlaLrqwFtfd 8gAhqTBOEYP63Ezn63tT7DhYZXnp8fup3bAVTrlm4WsjqXFGDd78/Cs846eJz5n8HDVqXcSG 7aksnDGCWmdfxJ7UXJQxaFXIxS2bc8MdjyHjpQO+QFc4kTyu7XApzVv8i5XvfMTqD1fRpdMV tG13JRlFpThaYr0yrmrfmgvqtaBLt1706HINXTpeSeOmLdi0dSuffbGGNq3bcWPPngwfMZwt m7fgCUlpKIN2F9Sh/3OvEhOlWONRkp9M64a16fPoOFI3r6Hm3/7B8CmLEFqAiZGS+BWNL7yQ KbPeISSjDOlzK+c1a0+u438Ge77/knP+eTYL3l9DJHaQ0aOG0axpO+4acC9TJo1m94FUPOXy 3yce5Mwza3BV5xu4rls3enS9mrp16/LiqLE4h7V0qzaXtcFKxYhxQ5g07Q1cLTG2GONFSU74 nu9S05FeKUlbPuKZ5yYS1RqhBVK67N+1jptv7UNBKML7iyYz/OVxRLRBaoGQLlOf7M/iVV+g lCJSkk3XbpczYtRMJk4dz5RXJzJu7Ctc3+MWsgqKUVbH26Ad55fxaN/R+D0i6gn6DRhEOOrE 3UMDkR4QEBAQEPBTWG1wDEgjUdpFScv+NavZOmE8Vgq/NNPqqva7p/qEA34zVDctrjDSPpCe ycw5CyrbrB0PgUA/xZyYQN9FUnJaPIX25wX6oqVvMv+N5XHXdV352hMW6Nr6u4gmxvjhzzBm 0hSiBoz2MMrxe40bg9UuWjmMHz+aFya8hrCKz99dTPNWHUnOK45vLsTFg5UYN4+nhjzIBRfW 59JLr+Lyy9rT/vJLubz9pTSpfS69BwyjxI2yau54al3YlPXbklDGkJN1gPNqnc0zY+YgjUFG i+jZoQ039RuMawzCwvol0zj33It4e/t+tPLISdtB6zp16Pf8dFIPbKNuzZq8NHU2Wrkoo0nY tp6/n34Ob767gYLCNNq3bEyX2/oR8vxNhbKSPDq3bs5dAx/Dlb6B2ZoP3uLss2ry9LPDKXVi uFrhxGK8dP8dNGp1Cd/s3ocIl3JTjw5c2/MhIlKg3RIG9OlJp663UOI4aGUZ/vgDXNSwJW65 Ztn8iZx92hmsWLseaSRaOkwY/gTnnHcRmxJSmP/aGGqeU5/9GQUoI1G6iItbtaXHHU/hWTBx t3tjNG64kOs6XMqll19PSURidJjPP/qAiy48lxdHz6RYKKzn0uWqS7juhp6ElcFTAi00UaFw pESpGOlpB1i4cDFDhjxEvYbNWP7OGgpDh7js/Avp/eBzxEQIo11ys/bTuM6F3PvkODJ2fMUF Z53B8yMn4WmF0Q7bN6+n7vnnMWvxGkLKZUjfXtRpezV5nkJY2LP9c876+1ksem8dSobwnBJ2 bE/gtenTufO2W2hx8VXs2p/GqKFDqH9RA1LyC1A2jPEMMS+GNLFKs7QfCXQLRiiee/FBZsxe gdAaa8swUqCVh2MMUkXY/fXHPD9iMlIqjJQYIUje8xU33nAHRUVlrJg1keEvjyZmDFIJlHSZ 9OxglrzzKdoYQsV5dOt6Jc8NG8WwF5/nhWHP88ILzzN2/KvkFZf5LeVOYhq61hqlFFFX0Pna 7oQisbgBXmAUFxAQEBAQ8FNYZfAMRK0gZmJYx5I7ax67hjyGlZ4fnAoEesARqC7QdTxrec++ ZMZOeBUpq4yCj5VAoJ9iTsQkbnvCLhKTDsSdtH8+xX3R0jeZt3hppet0xWuPW6DHWwdUuJRr E2PlomkMGzkuHkH3WP/xh+zctYtQOIwbC5GdmUKfAQPZuHM3jhG8tWAyHTrdTGHE893NjYpH 0l32bvmAmmefw4w33sd1FMYtx1EuERFjzbLXOa92Q1Z+vpGtny3hwgsuYtjIyaQezGbqtKmc 8Y+/8ewrM/CUQbvFDLy9O/WbtWXrnmQKy0N8svR1ap1fh5Xb92FkjJz0RFrWrceg56cSc4vo 1vEy2l5+NTu2f0tGVgZDHh7MeRc1J2F/JvlFGbRv1YzOt95JVPou7mWl+XGB/iiO57J313fU uehCLm/fhaTkQxzISiMtJ5NQeTnP9O5Onaat+GzbDr7+9FMa1z+P624eTEw6GBXhmScHc+55 9di4ZQu5BaW8+MTD1G3YAqdMkpm6nRYN63PTbX3ZvXcP3333LW2bNubiS68kvaCYea9NpkbN BqRl5KKMi9SlXNy2HTfe8WQ1ge67zDvlxVzXoT3tLr+BwohEyDJMzOW/z97HmTUuYtUnmzCe YvjzD1Cr1rkseusjDmRmsfP77cycu5SyUDmzZ03gvXffIyNzP3v2fE+r1u14ZOhIckozufyC Cznnwias//xzDqYn8/QTQ6hZsxYffL4FESnhkUH9adysBR9/tpHU5CRuuakHtWvX5rvdmYSU 4LG+d3FRmyvJcyXKQuL2DdT4x5ksfGcdJfnZDB/2FFu2fE1OZjorly/hnHMb8e7aL/l01VIu PKcm/xn6AgdS0sjMTOW/L71Ebn4BwillX9IBPFegdbXyDgtGSj7bsIL77v8PuXkFxJwCwuFy 9u5IZPeBVLQUFOYmc8P1t7Bn726isRiRUDkzZ0/i6eeHI6Qmefdm7u47iH0pqYTKS0hL3stl LRoxf9m7xIRAuDEeeXgQm7/dTjQWwYlFKS0tJb+wxHfGt1X95E8GFd9vVyq6XNeDqOsGLu4B AQEBAQHHQEUNujQSaWJYaTk0bwY7H3sUqyTK+G1LA4Ee8EOqC3S/JbMhKTmN0eMmVXYLOh4C gX6KORGBvjdpP5u+/S6e4n5sAn3+4mW+sUW11x6/QFfVBDpo45C5dwsPPfY85VJjtCB5XyKD 7r2XXr17c0//u7njlpuYvWQFrlZ4WjD6xad4evhYHGUqDeKM0Rjl8twj99KqdVuKHeH3Q9cu ympc7VF4MJmrOlzCbf0GUFqWymMPD6Je3Sa0aXcl/QcOonnDOrw8bgZKGpQX5psv19GocVMa NW/FrLnzWP3mAho1bcGH2/djlUPmwf1c1qYljw9/FSEiHMpM5o5ed9CkcSOaNm3CFVe058O1 nxNTDvkFmXRr356e/QcQFQalFSUludxyVXvu/c+zOJ7DsKcf4fzzz6dhoxa0aNWOlq1bccnl l3MgNZXUhG+48ooONG7aihuvu5kePa7kjrsewJEOxgh27/qGS9q2o0mLptz/yDBGPvsErdq2 xykVeG4Ru77bxDWdutCseTOaNG9K/7v68vU33xJVkoWzplG/UWvSUzNRWqB0mE4dO3FX/6f8 HuPW72mujCFcWsRt13ehS7fbKAr7zuLW1SQlfkWzJi24+Y57iEYF4VAar4z8L42atKF5yza0 bNWWl0dOpqSkgMULJtP+0itp/a8WNG3WiN533c3+9GyKwpm0v/Ai7hw0hFtv783FbVtRv0F9 Xho1mqjQKCkpOJRGv9630aR5W1o2b0GHK65g6VtvEXIFUSkYNnAAra7qQr7nobQlcfsWGlxY m+Wr11OSd4gnhzxEsxbNaduqNS0aNeTRoS+SXx5GRwp5/523adn2Ylq0uIQ2Fzfn1l7/Ji39 EAf2fk3z5q3IysxBK11tLuOXM8h8Ro0cTdcu3enV+xZu7tmTnj1uYc+BJGRM4IgwKxe/Rddr O9Hrzl7c2vNm7hzUj4y8AoRSCBlizCujuezy9nS/vge33HwDL73wNB2u6crqdR+jPcGO77fQ 7fpr6dW7F33u6kPPnj15ecQYIo7rtxq0J9PIzf9+e0rR9fobiLpuXLQHKe4BAQEBAQE/hbUa xxqMqmrhm7JkJlufeBSrA4EecHR+KNC1gaQDqYwZPzlos8afRKCnZRxk5XurUfrYXNwXLlnB vEVLT4JAl35aelygG+OiozncM+hBMgpDGCUwykFISXJKMjsTd1NYlEu5lGgVwZUOQ594nLVf bkYaE28B5vfKNlKQun8v+/ftw9N+/2uLL6Sk1mgnTMr+vew8kEzIi+FFSjiQtI8D6Qcpc8Ls T/iGtJwCrIr3yFYuZSU57N67h9yCAkqK89i1eztZYQejPMqdEPv2biXjUD5KCqRwkW6YlJRk EhISKC4tQ2mD0FFi0RApCXtJzDhATBq0UQgZIX3HtyQezEZpj6z03ezcmUBC4nZ2JW5nV2IS O3ftpTwawpGCcHEuSTsTKCtySEr5jpSUNJSW8RZjEaKhEIl7tpGUmUNuRgrf7d6Pdg3ahNFO CbFwiL1Je0nYl0S03EV4Blc7FOVmsH13Am4kipYKpR32Je3hQEZ2vBxB+Q75xiClR1pSIvuS DuBID6UlxjUoESUpKYHExN04SiN1McIrJyczl10J28nISsNRCqlclFdCWXExu/YmkLhvN47j oLSiNJROuwvr8uiwMZSEwuxO3E5qViZRZZFSE5MW6YWQsWL2ZWSzZ/ceiktKiWoXTypcIcjd k8jWfXsolx5GGSLhUvbs+IbM0jK0F0FLh6y8PLZu30l2xgHCrsBTEiNCuFJRXFLM3j0J7Nm7 m7CQSKPwIsXsTtyL43io6gJdW4yQGF2KFoq9u/fw7vvL+fbbrcRiHsIrRyqLp1yU45GXk8za j1bz1WfryY9F8ZTFSIXSMYQb4/sd3/LB++9xMG0fZeVFfJ+wi9ziYqz053ZBYTZrPlrD2tVr 2ZuURCTqIqT/2VQYzpwcqgR6527d/U2AaveIgICAgICAgKNgNdIajNIY669FMxbNZfvjQwKB HvCT/Figm0CgV+NPIdCLiksYO/FVPCmP6eZwKDuHrOyc+E//y0K9ynHaF88aazwef+JJZs6Z i/QEWqm4c7Qv5rXWSCMx2uHgwXSee+YFwjEPa03cSKHKGd5UbDhUuGRWM4+zRlWm1isDVkus 1n4k32qsFpVt5/z+lf7f+TdSE/9yKFS8Hltb7de9x19bcYyKL1GFAV/FdVhlUPFUceMr3/jN 2sTfB4nRBuIR64rrMsa/wRstsEqhtcVYURnVNAa/FZrWWOundluj49doq4z04ukxOl6vbLRB G4nRAmMlRvs95f1z9t8XW7khY+IO/BprdNV7XHkM4/8eo/zrtgJjJFZbrPHraKqyNap+v/9e SKxxKQ/l0fii+jz93HCEUr7bacV12HhPUSXinxPxjRmNNrryPbdCoKz22+/Fz9dogbIGq2Wl 6Ya2/mel4zdAa1R888mfj1oblDFVdWKV86hqJvvvocYYEf93frmFrrhWLSvfMz/Dw/Pnp9bo im4GFe/3YaUaqvI8TfwhXjWPKuaWqZwfYE7qA74ixd1xXV57fQaOGwj0gICAgICAY0Fb37fI GI1nJcoqCrdsJWX12vizPigZCzg2tDHkFxTy8bpPKnXG8RAI9FPMiQj0mOMw8pWxFJWU+kLs VzjPn+L777cxd95cHMdFq/gEtKrK/Mr6AmX37t188MHqw2qBA36/+J+tQmuHSLSMsWPHs3r1 WqSUAEF7r1NAxcaHUgohROXPAQEBAQEBAT+NMaCVjW+ma5RWGKnQsiqAExBwLFQGorQ+obkT CPRTzIkIdKU1k6e9xnc7EvzI4a9wnj95PkpWioKqCWioitYblJJIKQ9LMw74fVMh0K3xMMY3 YVOyapcweJCdGiq+hz98OAQEBAQEBAQcHav9sktlwWiL9QxCKj8rLxDoAceBMeZH7u2Bi/vv iBMR6Bb44qtNzJwzF6X1zwr06gv1X5Kfm3jBze2PSDytv6L04VTvFv3Jqf5A+F92bgMCAgIC Av58GITVRC14BpSnUcbEyyMDkR5wbFQPkvzw746VQKCfYk5EoGsDhaVljBk/gXA09rMC3XVd YrHYLxZJqxJlfm12FdVq1qu/JiAg4Beh4oEgZVVWSxBBDwgICAgI+HmsNhhPo5TFtRA2GqEd pHSD52jAcVEhyA/PLj52AoF+ijnRCLo0hg/XfMzBzEM/K9BXrlzJihUrTniS/Oz5VJxA3CCN uDkXVlf++bDXBCI9IOAXQymFlJIRI0bgBn3QAwICAgICjgll/VI961mENnjGJf/LjSSufO8X W0MH/DHRWpObm8sHH3xwQt5MgUA/xZyIQPfNKxQZBzOZM3chMceLu0ZXtX2oPhYtXca8N96I O2Yrv5+5rXCZVv/zqHSwthJrRbwdW8XP8gf/v2L878cNRjD+rMOTAhV3hFdxd3+tNUb7C4iY lFzdtTuhmBO4uAcEBAQEBBwDyhiENXhaI6VCakXaovlsfWKobxQXLyv9Lfg/Bfx2qWyztn8/ Y8ZNOKFyw0Cgn2JOTKBrtJYoqRg/YQo7E3YjtEbbI3/wC5e+xbzFyytbb4F/czHB3SUg4HfJ xk2bWfDGCvKLSxFKI5RCaYU1CoCY0nS6vichN97SMMhaCQgICAgI+Bl8gzhpFVoKPAsHl81m z2NDsEphlKoU6MG+d0B1qiRVVcvnpAMpjBk/KXBx508k0I3RCCEoKw8z9bWZFJWVYyoX4oeP RUveYsGiNyv7Xlttqd4fOhjBCMbva3z08efc/u+BDLjvP7z/0TpcKatEOuAoTefrbybseNXu BQEBAQEBAQFHJ24IpyXWOAgL2Ytns/exx3yBHn/GWvxncUBABVXTIRDoR+JPIdChyklSG8OH H61l1twFuEKilKwU8Cae8rpoyXLmL1qC1ip+01GVr7HBCEYwfndjzbovuKPPYO7ocy+9+w1k xJjx7Nl/AKk1yoCjFNdc24NQ1Ik/FAKBHhAQEBAQ8FNYqxHWYKTE2ijKKNIXzuO7J57yBbrR gUAPOCLVBboxfunh3gMpjA5S3IE/jUCvwlhfpH+9ZRsvvPgyefkFKO33bayoS1/3xResXv8J nnKxxsUaD20lyiq0kcEIRjB+Z+ODj9fT865B3N73fnr1u587+w/mtjsHMGbiaxSFokSF5Nlh LxJz3HhJjPqF7mABAQEBAQF/DKxRRK3BKIWxEaw25GzcyJ5ly7FaYa2pFGIV2agBAfADgR73 BsrIzmH526uCCDp/NoFuNdZqpNZ4ypCcnsni5W8zZuJU3nz3A77eup2de/bz2dffM2H6fKbO XMjU1+cw9fW5TJkxnykzFjD19WAEIxi/t/HM8NHc0ncQt/a7n9v7PsCtdw3m9rseole/B7nn /keYt3gpkagT74WuCEziAgICAgICfhqrJSXG4FmNMjGsaxBKoqWL0fEMVRtvHxwI9IBq/DCC rpRGaIPUJhDo/NkEOgZrdeWOnjb+RMjKyeP91WuYM38RM2bPZcqMebwwcgIvvTKBEaMn8vLo ibw8elIwghGM3+n4z1PD6NV/MLf1uZfb+w7m9r4Pcnvfh7j93/dz96AHGTN2AtnZh9BaouMp eQEBAQEBAQFHx2pNLO7kLq3ECmYn/1oAACAASURBVI3UBmX86Lkx1SLowYM14Af4c8KA9btX KWNQcV1+vC1vA4F+ivlfU9yPRmWNutZ4UuFKhdQWaUDZYAQjGL/n8dGnG7jt3/dxe5/76NVv ML363Ufvfvfz2NAX2ZechpLKT2u3Cl0tJS8gICAgICDgyBhr0DYeHTd+K2LXGjxL8BwN+Ekq THwrBLq16n9qxxcI9FPMLynQK1BaI6SMp7vqyr7kFSYGwQhGMH5fY/UnG+h51730uvt+evUZ wMOPPsmXG78mFI4itUUpP8XKWhP0aw0ICAgICDgGtAVtwGqDlRZhNULF0MKrJsACAn5MZacd Y+IlyP/b+isQ6KeYX0qgQ5VI37xlC99s3uynwhuNNQprZPy/JhjBCMbvbHy07nNu73sv/e/7 D69On0VBYZG/Aaf8dHahFK9OmYYrZCDOAwICAgICjgFjwEqDNNrPOrWGoi1fk7HqA6yyGG0C F/eAI3KYQMcPpuTmFfDxuvVBDTqBQD8ii5csY9GSZRhLvLWawhqBNYGzc0DA75FP1n/BS6PG sndfMjHX8yPrOt5e0Rhcqeh63Q1EHOe4HwoBAQEBAQF/RqwF6yliRuBqg7SQNX8uOx9/DisN Rml/LW0JIuoBP6L6nDAG9u1PYfyEKYFAJxDoR2TBkuXMXbwcVXFTMYbKCDoEIxjB+J2NsrIy wuGQHzWP3/h9ka4wxuBIRZfrbiDiuIFADwgICAgIOAa0BeMppHFRUhO2hoNLprNryJNYYdBK +6+xBAI94EdUnxNKWZL2pTBuXCDQIRDoR2TRG8tZsHhZfAHv10ZgBVh5yoVGMIIRjOMfFX02 oeqGbyEeQddEhOLq628m5HgoKbHm+NxDj4a14N8/pL/RZ/1z8Utnqs7n8HOtoNr/s0ceOj4q 6rYOM13hxw83a038+AZtDcoajD15GxK24h4Zv+6Ka67a6IwP/L/7LVFxTlVlTfoIn8kveNyK n+Pv1S+NtaZqPlSfV8aAFRgrMNb4KaxGcaT5dOrwz7HyfbLSn2/VPqwffleqvhM/HL9n4uuT w34W+IZL1f7ud3+dAb9VjAUjNI7xEJ7BM4achVPZO+RxrGcw2gQCPeCI+K334msEA1IZkvan MXrspHiGYyDQf1f8GgL9jSXLWbBoKVr7xlFYFV8ABCnuAQF/JIxWKKWICMlV195EWczDaPUL CHRRJdDt4RsF1c7muH9/ZepgteP91ALI70ersVaj48Pak3Ot/vF15XlUXKcxhy/OrOV3JdB/ 6fM8okD/Fd6bIx/CxAW6xFgZny/mNyrQq51T/PlcfWPjRwLd6h+P39Q1nQBW/3hdEt+sCAj4 NbD4At01EiEsrjakvTGLbY8Pxbq+yNIV5l+BQA+ohjWmUqBrbVDasndfMmPHT0ZKedxR9ECg n2J+DYH+0Zp1fLRmHVL5Lu4VEbDgoRcQ8MfCGoNSirArGDT4Ecqjjt9u7SQt3I8m0O0PWrn5 kWV9uMD44e860rBVkcDDItRHXASZuEuqv2DyhdfJja79KFIZFxAVIre6QP+trdOqn1P19+XX iKBb+2Nh+UtzWLQZqGx1E5+DfoRdxf/utypmq8+zI4jVI732jxRBr1ib/Og6fr35G/DnxgJW apRVaGmJGkj9bC07Zs3HCl9gVa9BDwiojtXWj6Bri9aWtIwsFixcglIqiKCf6hM4Xn4Nga60 QWpdtag8wuI5ICDgj4MyBk9ptOGk1qBbC0oJrPH8jBxtsVZXtnKseAhVpNobLdBa+eU1FULW KLSWGKNQSlRr++iLKR3/HVKIypr6w0WeHzXHKqz209o9Gz8XbTmZtzWrDNZ4GO3EH7gKraNI JZHaIJTx32N7uCj9LWDixoEnsjD4346rUcqrTOlTSmP0r5Dirv3jKG1QBpT2M8WMUZWp7tY4 GBPznZh/Y4tr/7vkl57pCrdoEzvsPP3WiRXfF3NCaZO/NarP04rvu1JVGxP+Ylegtedvxhkq y05+a59hwB8Dq/zvlVWWmAVXSkzMqxRfwbQLOBo/LEvSxqBO8D4dCPRTzK8h0I+Wchg83AIC Ao4Hoy1GKwqLclm16h2cmOeLVuWRm53FsiVLWLZsOanpB5Fa4zkRNmz4AqE1jlTxlGuJVh5a eXz91Qbmz50VH7OZO3cBc+bMY86c+cyZN5+c/EKkidcNV69BtRJrBR+/+yFrP15HWEtf4CiL OpkCXUhCZVksWTSbebMXM3vWPObMfZ3Fbyxif2oaMamRldGU31ZGkjUaraS/OWJMZVT5F9+Y tdr/fLXEaB3fIPaF1S96WBXDaunPO22RWqOUxFivsjbQ6AiuV0pZqYvRv50HoLVglMHaCNbE KC6KoKVB68MFutb+5pgxXuXmh1a/rXl3vGitq4bSlZsTVfXo/iaZFBGKSksQOp5eHBdLAQEn k4qsLb/rkX/vVIZf/P4VEPBDAoF+ivlVBHo8DTQQ6AEBfxZ+mZRXoy1KCZYtW8SgQffiOgKl JN9v/pJet9xEv3/fRf8BA7mt1795fd5iXCfC6FdGkbB7L8LE70NaoIWDkR7jRo2gdfOmtG7e jAtqnsNf//pP6jdsSrOWbWnV9lK27dqNF18cVd6v4mmwWrv0uPJqunfvQannYpQv0L2TKtA9 stK/44Jza1D7gsa0aNGO5i2a0bRZExo1acGchctxVdw06DfWtjISLmfalMls+HJjlalRpZnf L4ffIcQjJeUAEydOYvrrMykpC/3iC9z8rH3Meu1VJk+ZyrKVH+Ap7UfvTdTf4FEGrcNs27aR 7t3vwXNP/gOwIhp8Qv9WK6wtIxwt4OK215B7qBxjxGEbU1p7WOOSlJTAq5On8NprMygqKv5d P9MzMzOZOnUqU6ZM4Y3Fy4hFPLS21UrxFJgYX29aT6u2bTiUX+Bn42h7Ujeb/gjZCD/FH/36 ThYVpp9+1yONVX62mAwi5wHHzf+2DgsE+inm1xDo0oCnbWUbJvht1kwGBAT8bxjjR6KkNkgT T69SJ68GXRhQbjlDX3iKTzdsQ0tByaFk2lx+E5u+3ITnRghJTVm4hF27d6CNw3tvzmfgfcMI a4k20Xgaqx9djTgO5WXllIQKGdqnN2f85f/xyVdbCJWXkBMOo2Q51rhIJdHCIFUUz0g8YdAy j55XdKDLDQ8S9cIY5WCFIaY8YlL5qefad90V2uBpjZBhHCMQriKkFFYIrHFR2uBa/FR5o7Fx NamNoTB1C7Vr1WDExEWESkKUl5VQWHCQ/9x9A81bdGDvoUJKjEEJF608rFRYYVHSIqXG6ghC WZQUKC9MVFu0KkeoKJ4WSK0wMorUAiMjGKWxwkMohacVUrrEtMJ6hSgtkdpilMLKKJ6SRLXC qChKKqSyaANSScqz9nHeGX9n6MtzkcpDKoXQrh9ZjqfeVSzYLf4mSMSAESUIY5BKEhICK8sQ 2sEzBqvKUMZBaYuWNp6+p7A6ijbKX8Rqi1IlZOZls+6zD2nfrDnb9qeilcAoiTUhrDZo6aA9 iyfj81X70aoKKjK/TPxcrdFY7WcEKKFRohwpPFzjp7WXl5Sy+ZuNfLhiJp26/xvPlRgLyhO4 RmCVQBtJ6oFdDHtxKq7QGBPvGqA8rI6htEAZg1bST5m3+J+PdhBaIYRGei6OjBGTAk8qtDJY JRFak/DtF0x+dRJCRNHaxI1Zj2VT3KCVgxKCsJvHI48+T36Jg2v9+aC1RhiFlaUYLcnJzuOT tWtp3+EGNu7Yi6osN6l2rOqf7U8ct6LOveLfmXj9pKcMVnkIq9DC4laI5uNAW3/9YV0HYRQx oxHaYj0d7yktyC0t4rNvvmLj6ne4tfMt5BaVY7TESI1UHloqlJbs27uXJx+4l/zyiJ/ir8Jo 68bvJzG0duLlNzE8JTDSYF2NlhbHRvzP2MQwRvifs/b8zRsdRijJjKnTScwsxhqNUo6/CXCU 963SM8NotHLR2kVqATaK1h7aCKyyWOOiDWjlIpXy3w8p0EqgjSEmDSZmMMohplxMTKOMQQlJ WEs8pbGuxdMazxpc45c/WGUxRiOt9OeXNCihELYM5WmM9L8nQgg8JbFKsfrtmew7WIAyGqk0 RmuMVFjte4jo6saDx8iPTD3jpZPWuFjtgfX8jUsTOamlR78kFdcgjMTVHtY1hHQM45RilEJV y+gyJlhHB1RRNRf855U2BlfFn23xLKHjIRDop5hfQ6B/t3MXW77fgYqn/EEg0AMC/ohorZFS 4gjJrLkLKI9E45GTkxM1lcYQKsxg8KMPc6goglKKzZ+upXvvRygvKyNUVkheKIIUDsooPBlj //avaFz/SvZllfoLaaMwNl5rakErg7QO/72nD6f/5S9s3J6INZKwMRivlJKiAtasXcNby99m /WcfURIpwxMWI/O45Yor6XJjX2KOixIOmzd9wsfrv6SorAQpJYkJu1j19kpWvfMuSQdScJUi plwSNn/Llu3fczAljXffW8X7739ISuYhHFMh0HW8fgyK0nyBPnbaCozUGK3QXpR5U0ZQ4+wG bEncT8QopBNh544drFqxjPdWvUdOfgmeshjl4YgY27ZtZuWKxXyycTPFBbl8tmET6dk5SKXY vXMrX23egvAiKKWJhYr5ZP3npOUVopRL2PNI2vUtq1atZO2aNeTnFyKVX+stvDDffruJ5W++ yXsfriErJ4/8/FzWvrmAc/72V+4cOJzP1n9Kbm4B23d9z86EBEQ8K+GHAj2qLNotIbewiOQD +8ktKaEsP538ogJfoMtShIpRVFJGenIqhUVFCKVRWsbr8wXS9UhPTyQ9K4visnw6tm7LdykH MVphlETrCOWl5aSlHiDvUAGu8IWIiHsmVFC9NMvfXJY40TBpaWlkHcohVp5H8qEsokL4jrlC YYwge/8WOvXoi/Ck37ZPGhzjoT2H4pJiSouzyS8t831Z4v4BRrkYFcP1HLJycklPTSVWXu5v dmiNFBFKS0sIlYbwPI+M7IOkZmXiCIVUBiN8Ab/x41XcM2AgnheOR+99kX4sAt1oh1BpGbml GWTnFRMRhli8Xt5ojTYKzykj62AGOdm5lBfn06nrHWzYXk2gG33YcapvchztuD8U6OBvbAll sFohrMZIi3ciAt0YpFIY4ZGdn0NSSgrl5WUUFpVSFophlEJojTCGWH4md3S7g5yisrhANyjt oaWkpLiQ0pISygoycAxxgR5CmZhfxmAcysqKSE1NIT8/i5CrMdEwUkUIFRWQUh5DyjD5hVmk ZaRQHi5DKhEX6OVIpbi33wA27UpFS4ExLp46uuNyheeENQqtXJxYhINZmaSm7CYcCZNfVIBw te/VYQxGxYhGIySnpZN9KAvXieFqi6M0xtFo6ZJXVMDBfSlk5+UTKglxsLQEqQ3Ws5SWl1JS XkRUeUhXkpOZQ1Z2NjHpoZVBex6OG+ZAxiEyM9NxHQeh/ffeVR5GKmaMH8q23ek4UsQFg6n0 YjC2YhPn+FR0dXEOVIoSbQXSSrACbRVaR35zXS6OhrUaZU18E8fFhiz5O78n9aMPsEKi4tcY CPSAH1JdoButUFqTnV/IZxu+rHRwD1zcf0f8GgJ93uKlLFz6JlLrIIIeEPAHxhiDEB5hx6XL dTcQibkYffJSr6XWJG1Zxz0PPEhEWbTRLJ87m1dmLeO//32BNi2bcmG9BtzTrw/lURdlJOX5 6bRtfDHzVqzGxCOgFSZXPxTop/3lL3yxYw9YhWMM+xO/pUXzVtQ67wKaNmzCWWecxq2330F2 bhlS5nPz5VfQ9ca7cZw8pk6dyJln1GTYi5MQXoi3ly2mZo0aNKhXj3p161Cnbn0+/SYRx41y T/futP5Xay5peykNmzThzNNOp227y8krK4+b1cn4wtVQlLqZ2ueezZjpK9BCopUmVFpGr9tu ovXF13CooAity1k+fyZnnVmTJg3rUa/eBZxfrx7rN23GE5LhLz3HP08/jfp1LqJOgxZceXE7 zj6nDvOXv4/Umnvv6cfFHbtRFg7jKUnGgQTOOPNsFrz3KbFwMY8++jhnnH4GDRo2pO4F59K0 RVt2H8pHiDKef6Q/Z51Tg/qNm3Je7bq0bN2WD1a/T91zTufMv/6Vf9RoQ+3aF7Du4/X07tOb vn3v9hfvFW038Z8FSitcIXhr6QJq165Dy+bNaXfxJXTpcCkjRo5BaIOI5DNx0njqN2xMm6aN adK4CW8sXU6Z8LMiImW5PPnoEzRsWIdGzVrw4EP30aFVW7anZWOU71Xw5orlNGzYkKZNm9Gk UWuGPvMc4ZiDJ9Vhi/iqxb+/2Dl4MIOOHTvSsEFDmrRsxfWXt6PbdTdTUFyGMv5iWSuP7P2b uaa6QFcGR3uk7EmkQf16XHh+La64+t9EYlV94a12CZcX0rff3dRr0JDWLVvStmVLdiclI41m /75E2jRrwu09b2bipKk0b9GCOg3qM+TpUYRdRSxSzoI3lvHMI/fSsVMnZs6cyqyZs3j77VUo pX9WoBujcaJFdOp4NbVq16TGOfXJyI7iGD/SqZQiUpbPfQ89QoN6dWnSpBl33X4rV3S8iQ3f 7UarCoEuK7seVF5b/D08ypErRXdV5F1hjfKzJIyf6mtVlTnbcWEl0fISxo0bS8OGDWjWognt 27Tims7dWL5mPUr4522MwSnI5PZqAt0qi9QeBTl51Dz7HM6vVZPmdetyML8YYxRahTDGQQmP FSveoHXr1rRo0ZK6devwwCND8UIhHJFH56v+Rb02VzJu4hiaNG9K/fr1GDjofoQSKBUhef93 vD5zJl0u78iTI6YzZ+ZMZs2aTk5+4VGjvqayI4AgHCrhrjvvpGHDJjRr0ZSrr+lMx2uuITO3 zM8uMR47vv2STh070rRZcxo0qE//AQMpijp4WqM9l1XvvU/LVi1p07gRLVq14fqu3Xlh/Hhc qTFRycABfWjRqB5bExJ48L77adKgIY2bNGfD19/guQ57E77hphuvp0GjdjRudhE33HwTh4oj CE+QkZPFvJmzGdjrWp55aQKvz57N7PmLSE7NqPxMfYFufjBnjuHjrf5n429YKKPxtCGmDUYp P2NHuOjfmInm0dBWI6yf3WFMDCMs6QsX8v0TT2E84bdYCyLoAUfghxF0T0p27zvAmPETK9us HQ+BQD/F/BoCfdGyN5m3eClKm8PS3oIbS0DAH4uK77cjFV2u7UHU9c2kTlatprGKT1fO4Z77 H8I1EmUEr08YRZurb+K9Dz/A9aIUl5UzbcJoBj/yHJ5WuOE8unfuzPjpCzHC+CnDPyHQP9uZ hLEGT0p69+jMubUbkbgvGSMkWzat47zzzueVMdORupibrriKbt0HsGDOGM67oDaPPz6S0pBD TsZuap15BpMmTKS0pIyiogIeuH8wPXo9QixSSv8u19CoaRO2b0/EkR4vPvMYNc48l4Skgxgr 46mZfg1iUepmatc6i3Nrt6JF4yY0btiIOrXr0bhFSz5e/xVSS/YmrKNx7dpMe30hpSV55OWn 0vayi+k36H7yikqoX7sB9z3wBK7nEnYivDZ2GP88rQbz3lyDMYqB/e6i1ZXdKApHkVaRvm8r p/3zNOZ8+CWHDiRQ54LzGT15BqWhUjJS9tD+8k5MXriK4txk2jeuy+CHHybieoRiLol7k4h6 LtlJ31PrH39lyAtzKA+V4nke+SX5FBYXVZY/VG9dZYzgnbeW0vHqa8g+lIvWmlBZHjd1v5YR I8cgteLdpfO4p/8A8kqKsSpKfm4OV3e4iiWrP0aKMKOHPkyfPgOJOiXEhObD91ZR96yafHvg IEYpkvZ8zR239yE5ZT9SCSKhEH3v7s/CN5b6G8jV5mlV1xFFqLyUnj178vY77+J5gohSfLJ8 CR2vuY6ikpAffVcGayTZB7YcLtClwTUCLQXlkRD79uzghlsGE/PifeHjEc7BA/vzytgJhGMx tPJI2P4djZq1oigURmmPUP4hbry+M+Mmz8SJeSTs2krTpp3YsnM/MSfMsjdX8fyjD9CpU2dm zpzO3DnzePfd949JoGM1Rju4TpSSSCldrrmJjOworqUy823000MY/PhwPM/BE4LPP15D3Qbt 2LCtukD3yExPY9XKVX6UtCIqetR2bdXmgDYYpTHSYeeObcyeNZeoMn57VungxaK8vepdHnvs MYYNG8bmzZvjzutHr202OsKXa96hQ5euFOYV4KkY4cI8HhzyGMvWbUDKeOcFbXAKs7j92l6H RdCNkViliUXD5BxM5bZrO5OeVxQX6GG0cTiwbzudr7mahMRdSKUoLy/lqaef4u2PvkGqEGXh fFq1vIhRE2cSiTmEw8UMeeJRMrPy0cYlI30Xs+fNoesVnRg6Yibz585l/txZ5BeV/IRA19j4 fSIxYTu9evWmsKgER7oUFRUwacpkskujSKNRbjE3XNuJd9591y8zcWOMHPUKT/z3FaKeR/r+ 7Vx1zbVs+T4Bo6JE3CivT5/J8ImT8aTBCo01ZUx9+Rl69hnI2rVrUJ6L6wpcISkszKTz1Vcw 8/UFOJ5AyGIWL32Nex96GSfmkl2Yx7yZcxjYuzvPj5jEjDlzmDV/EakHs5DxTRhjFJ4XZfjw ERxISfM37yrKHY5hoWiNxmhJeWkRc+YvoNwVONpgpEZJj6Qduxgx8mWGDBnCrFmzKC0t/flf eoqw1QS6sjEiBg4tnMXuIUOwSqGMCgR6wBE5XKD7WSp7D6TwytgJlSnuQQT9d8SvItCXvsn8 xcviNVOBQA8I+OPif79dpel6/Q1EHZeTaRanrOKtBeMZ+NDjuMZB6RiLZ4zhX1d094WM8Xuk H0xOoNaFTSmOSEQkj549OvHypBloR8cFuj6iQD/jL39h/c59fhTDDdG+VVP+dc1NlAqNlYq8 Q0k0b9qUB/7zHI4tp2fHq2nQqAXnn3Um/e99hDLXQWnF1o0fcvr//ZV/XXwpnbveSOfOXeja tRv3PPgs4ZIsBl3XlW633ElRuYPRUd54fSxnn34e2xLS0VaAjcXbpymKUr+hdq2zuHvws6z5 4H1eGfkyLRo34pUp0yiJ+Omjb88Zw2n/93faXd6Nbl2vpXu3znTp1oWhw54nOWUfZ/69FtPm rfTdxU2M3d++T63zL2TuWx9jdZT7+vaiZYfrKIzE0EZyaP83nP7PfzBt9SY2rXmbs/5xGq07 9KRL1670uP56unbtztRZC/HcEFPGDueyyy6lb59+TJk8lc1bviMiFCWZ+zn3H3/lqRGL/Jp/ o5DGr31V1aLTEE8j1y739r2doSOnIFTcw0CV883Xm/hy4yaibpSH776T2bPm4RiFUQ5GCuZM eoUnR01GRAro0KwZS977HG3DSG0oLc7lknqN+DblIEp4zJvzAh2uuJ6JU8cxYfJUJk+cxr/7 9OWZZ4cdMYIOYI1g/95dtGzZMj7HQGhDef5B3njrHSIxF6F0ZQQ55wgC3TMSq/301KyDydx4 64NEPV3ZVSBckkvzxg35z2NDGT9pElMmjWfiuDHUa9yC7/fuw9OCUH4ud915I3lhFyU0hbl7 +FfrG1j/zS6k8RBa89XaVdx9z0A8GfYXY9r4PgTHkOJutcRqD2kN3breSnpOGNeCNpqY4/DA bT1Z8HlCvDWhprzoEB2v6clX25PQ0k9X1jLCU0P+w+233UFmTp7/OVuNNeLox7UVfeLxPQJ0 jGHPP8k9/QeSFXbjIivEq6NG8tLLY0hJSWHnzp1MmjSJrKysn27jZ8NMGP40cz5ahxYGT7mY WIwtCbvYk3IQLXW8LZ7BLTxEr269DougW+t7AVgjKS/K5o7ru5CRV+gLdB1GiSjr1y7jxh7d GTthAhMmTWLShMn858GB3Nr/JTwvQnFpEZ1bnUNCRp5/LFXGiFHPkJyWhdQCbcpRRnFv3wFs SkzFKIXR8RT3ozgbVnZtsJK83Cx69ryJAQMHMWb8GObOnMHWb7+iTGk8LRFF+7jskla8MnYS kyZPYeqk8Tz88MM0btmO/KJCNqxbxpAXRuFqidKlCO2SlpbOlh07kSK+0DelvPrco9x571O4 Svh19NIvQdi3ZzNt27TjxZcnMXHKGF6dOIH//ncozdp0Ji8n36+jVorXxz3Ntt3pKOO3xfTL N6xfiqGi7E3cSr9+A5m3YAmu9Ovl/XH0sobKlr1aoYXLgjkzuabTNWzYvBWpXH/jpbyEgYMe 4utNX5Oens7KlSuZP3/+UX/nqcZqHS918ktmyixkLJnFrkCgB/wMPxLoBpIOpDBm/KTjTm+H QKCfcgKBHhAQcPL4ZQW6tIqP3p5B/8GP49goSkXYsGYJHbrcRmF5xG+BpGNkJX9PjVoNKIoq 3NAhenRrx5hpc9FhhdTyqAK9xl/+wmc7fIEuRRkdL21NnX9dTb4jMUJwKC2Bpg0a8OgTw4na MD06dODS9tdyReuWNGzWns07klE6xO7vPuWMv/+NRcveIqotUhs86eBohYxm0f+6rnS8pR/F YYnxilkxcwznnHYe3+3KRFvPN3syYKykKPVrap97FiMmLsBIDyVizJ4ykTNq1eb9jz7HKM1H K6Zw+j/OYOXHG/E8hREKrTRCOmRlJHD26TUYNW0ujjZI7bLt83c4++wLmPvmx1hdzuB+t9P8 iq4UhmMY47Ln6/c5/R9/Y+qab9m+4UPOOfNMpr2/EWOUHy2WCitdhJK4SiKiYbZv3caQBx/h wgvrs3NvCoUHD3DuP/7KE8MXHJNAN8Zl4F238NzkRXja4hpQugxhNJ4URJ0SBt91O3NnL8Ix Cq09pOeybMooho4cjwjlckXT1sx8ZxPKliG1ojDvIJc2aMjWtIMoKZg143G6de3FlNcmMGXa NKZNnc6U6dP4ctPXR4+ga4+9idtp06YthaEwnjFo5RvtxbwYXtwkzh63QDeVAj1UkkPrZk15 5oWXmDp9GtOnTua1aa8yZcZssopLcZQgnJfP/Q/1o1RalKMoyd1Bu9Y38Ok3iXhx871Na9+h /z0DcUS40iDu2EzifGFghptasgAAIABJREFUtRsX6LeQnlPmR9CNwnUdHu55I699sgulBFJL ygoyuPKqG9m4bS9a+psBhzKSePyhwSxbtpzho8b6Bm3WT7M+4jGhSqBrg1WCcHEOkye9wsYv NzF69jJETBN1Cnmgz79JTjuEMQYpZWX0XCl1WN/yww8QYsywIby27nPfrE24mKiD0BajDEZJ hNW4VuMWHKJ316MJdEGo6BB3XN+ZjLwCjI0LdBlj/ZpF9O/XlynTpjFl2lSmT53G9KkTWfnR V3giQqS4nKtb1iWrpASpJVoXMeKVJ9mXnIHUCqUjKKO4r58v0K3WcdO3o7dxqyi/sEYjRRTH CZGSlswbyxYx6sVhXNGuDV/u2IejHbzc77i269VMfG0Wr057jamTxjF96qvMX7KCSDTEZ2vm 89jwcThKInQpQsdQwvXN4jzfwE2ZEl5/8Snmr/kK1ypf/EqDlR77Er/iyqt6MGrSJCZPm8b0 KVOY/uprzFwwl0g4gqc9jJDMGDeUrbvT8ZTEaIlS1XwLZDkrFkwncc8+XhkzmYKSsmMU6Do+ JOGyYgbc3YeN69dz5z2DKSkrQRpD9r69vDpvEcIRlXPmRDsd/BpYpSk3Bs9qrFJIbclcNJfE IY8FAj3gJwkE+k8TCPQj8MWGjXyy/rPDXHshuLEEBPzRqHgICCl59vlhxFz3pLbX0VqzZdMa Btz30P9v786jq6rvvY///6zVde961up6bm8dOkpvWztdra0KiEARQcEqijLjANYK1VptHaod RRS9dcIRRVBwCorWEQc0ZABCck4gARJIQshMhpMz7L1/0/v5Y+9zcgIBwXpJxO9rre/SBeEM +wzZn/0bvqSCAM+maWmIM/zMs3m5oIBEbzf79jVz/z+WMGfeb8gEPh37dnL6Kafw6LJX0UEX 2pjcFHdjw/7PRme4adY0/u3//F/Wl1WirMWoFLfecA3/+R/HsfTJZygq+Yi77v4TJ574bZav LCClOzn3jOFMHD+VDes/5NQfncJpp42guKKMnq5mTv3vHzN67DjWvvE6JaUlLF/xDC++8R4q 1ca0c89hzHmX0ZbwsaaHZx+5m//371+hrHw3xnk4l8Jqh7EBrbUlnPifX+aOux8gMAar0jTU xvj+d7/H5VdeR08qoK1xG+NGnsHIs8fy7jvvUlRYzCOPPsmata/Rnehg+Ck/ZuwvxvPeh+tZ 9/46rpx5KV/60pd59Ll/Yk0Xt/32Kk78+kkUvP4W773/DrOn/pIvfenfeGzN27Q11fGD75zE z34+inXr3uPj4lIeX/YMtTXb6Wjfy92LF/H62lfZVLqRlStX8R9fOYFX3nyfVHcTPznpOEaN vYAPN2xkb2s7xaUfU7SxiEy0+Zk1Opye6sBan+VPPsTYib+kbm8TSc+nu6uN1/75JhtKSjA6 w8rHHmLelfPY296OF/g0Nu5h0rnjeObFV9AqzS2/+TWTp15OXdMe2lv3sHr5Uo778pdZv6US ZXxKS15n1sy5NDXtxvc8/HSG7btqaWrtwBhN+ZYSSoo3h2tv86a4d3Z2MH78eF557XWSXoqM 71FdvY0XXiyg1/PQNsDPJOnubKWyrJAx486ntb2Dju5u0r5CGY2XStDV2U5lbAvnTrqM5rZ9 7EuEa/5VJsFFkyby9PLlJFNJgsAj0dNN6eYyMkoRqIDGmq1cNnsGe3tT6MCjYWcZPzr5LF5/ rxjfaLQOKPnwbaZceCHJVIJMJkNJ6Sb2trSGO4LDIZaaWLSXoWdfG52dnYw++xyqtu+mvauH VBAQqIA//eZa5s6/gebmvTS3trLmuWf45kk/4p0Nm8PdwIMUrz3/FB8UFpHo6uG66xeQ8BXK WpzujS6K9f8usNaibTid3Bkfo3t46umHeeOfb5Lo7uT8C2fR1t5OoNOseOJx/nTHnyhY8yob SzfS2dWNMhat09Ttquajj0vwVf5GfxZsktcLVjLh4qm0t7STSWfoaevgjXffp3pXA8po0n4v nV1ttOzayfljJlG9ew/7unrwPIU2isDP0NPdTv2uas4bN5qt1dXs6+4i7aXQOqCyooi5c+dS V7+bQAX4Xob6hgYaW9oxJkl7Ux0//eHJ1NQ3EqgMyUQzt9x2I1viVXgq3DtBaZ/5l1/Oa2++ hed5tLS18N76j1G6b00/RBvDOR39N7y4U7W1nDvuuI36pkZ8r5dUbzd/+MNNrHr1TZQJ0Klm LrnwAjYUlYTT0jMZGvY0sn1XA1p77KgqYey4CZSXl+P7vSSTvXy8oYSSsvJwZogN6O3ew503 LeDRl16nsbub9kRPtIeEormphvHjJvLaG2tJZzJ4vkdLcztbd1RFF70UVmd46N4/s+a1N8j4 Pl3traz7uIikl8GpBPW1m1jwm+vo7O7mgf+5j+deeBnfaAJrMGbg2Rc26hZhtMIEKUqLClm6 9BF8L8GCa69hQ0kZnraku5u5/ne3sOzxZaxbt46a2l1h9wPLpwot/9uc1XjOoLRFK0vSGFrf WcfOJ1dgtMZEn6HPY0tDcfQ4a9HG0NDYyIsvF8gUdySgD0hrjVJqyF+5FEL8a7J9mIMgyG1K kh21+Cw4bWlr2c38+dfS0Z0hbTM43UVZaSnjx45m6iUXcd75E5k4aTKdPb3oIGDHjk1884RT 2FRej3FdUVskHZ74Ghf+0goy3Parq/jqCd+mZEssbCVmNYmOJm773QK+/rVv89UTvsJ3vj+M x55YSSqj8E0XF0+YyPRL5pDyFGVF7/Hj73+PcZNn0NLSTH39bkaOHM6JJ57A8ccfx8k//CEP r3gJlexi9oW/ZMrFc9iX8rEmxeplDzHsa98hHqvFOg/n0tEmVQFNu7fww+9+i0X3P0hSG6xO Y4Je/v7n2/nWsJN5a30xWvvUbNvI6aedxtdOPJETTvga3//BT1j2zCo8bXjv9Zc49Uc/5Ljj juPkk3/AbbfcxFe/cgIPP/s6xiaoKv+Yn59yKscd/zVOGnYSSxbfzYlf/zbPr32DjFK88cpL jD3jZxx//Ikcf+I3OOVnwynduImmhp3MnX4R3/rmNzjuuOP5+je+za+v+x1d6QAv6GX10w/y zW9+kxO+8R1WvFDAvHlXcMVV80lb0NGmTtmAbmyAUr0sWvw3zhgxghkzZzN50mRGjBzFh4VF GOXhp7q56YbrGfOL8cyeM5cxY8dx+1/upCfjYa2hq62RaZdcwimnncmoEadzyQWTGH7GcCZf NItEKoWX6eHuRX9j9FmjmDNzDjOnzeKH//0TVr/wKkYH3HzTQiZPvpSUr7B5m0pprYnH45x+ +ulMnTaVWXNnc+aIUfz5L4tIeR7Keixf9igTx49l7OhRDBs2jLHnjGfcuRP5uGQTgVI8sfRB Jp4zlrNHjWLYf53MmHHnMumiqcSrtqMDj6b6GiadP5FLLrmEuXPnMnnyZE477TR6enpoaWpi yriz+e4PfszcXy2gu6uF3y24mq9/42RmXn4Nnb29WO3R29nGpPPOZeas2Uy77FL+67++x8Yt 5QfMWDjwc2vY8ME6LjxvIhPGjWPYScMYM3oc4845jxdf/SfGGtqb9zBl8nn8909+whlnjuAX Z53FmWeNZuZVv6atp5fEvhYWXnU5ZVXbadlTz8P3L+GjzZXRWuAk27dXUVa2mfLycsrKyijb vIVNZZvYXFFOsieFDXx6euo4d+J5VFTEaNm7hz/e/gcWLX442lAtzb72Nt5++23+cOPvmTZ9 Do1t+1A6wzNPLWXc+Mkkkul+m8k5myGT7uC6Bdcw4ZzxzJ09h/POncD4iZOJ1dShnOGF1Ss4 b9wYJo79Bd8bdjKjxp7PuPGTee75l9Ha8P777zJh/C8YN/psvjvsJM4++2zOGT+BFc89jzYa 38/whz/8ntGjRzNnzlymXTadn/18JC8VrMXoXm68fj7f+PrXuPjSOSQS3fzx5pv4ySmncsGU y9jd2BReMDQBjz/yEGee/nNmzZrN6DHjWPDbG8l46dzO+JDdUC2cARRO7w4o37KRCRPGc8GF FzJ31gymXnIJZwwfRVNHZ3hBRHsUvPA8Z5z2My6fezmzZl3O8JFjuOmWP6GUj1ZpHn7gfxg9 6izmzJrFpVMu5pRTz+Cjoo0oo1FBinkzL+XMH/2AU0eOYeyESVw253Jau7pwLgzp7775GiOH n8H06dOYO/cKRp09hnnXLMTXOtx/wKV55+1X+OlPT2HWrNlcNHkCM+ctoLWrG+N3csftt/L3 +x5mb9NeyjeVMmvGdPYlMyhrSXW3he+X/WvLFuoaGtGqB5VJ8Pe/3sKGkmLq99RRWvwui+9Z StqosLND0Ebtjj08snQpM2bN4emVq3JtFT+rDiOfHUvgoj7oxuJbS9KkUNb/VDtxiy+m7LmY jdodfpqBEgnog+xoBPTsG+WQa8WEEJ972TZr2VCulPpUu4cejDMWHfRw0w03sL6wDN8pjEri dLiRV2W8gtraGpKpNJlAY33NywVPMG36fNKewVgfo73cCa61EFhLoD321u2gvCJOT28yaqul CbwMfibF7vp6KuJl7GlqwA90uEbaJKnZXk1tbT1eFJwb62rZEttGc3MzWiuSySS1tbXE43Ha Ojro8TVWedTX1FBVXUM6MFjj0dXRxNaKraRTPtYpnPNxxqG0wU91sW3rFva0teMbjdFpnLb0 dLZSHtvMrr1NaK1xvk8mlaK6upqqqmoSvSm0tQTGYZRPZ0cHFRUxmpsaiW8p4fivnMDDq/6J cuF67s59+yiPxWltbSGVTFJRuZXmjk68QGGUh9fbyfbqbWyrrqarN4XWBqMU2vdoamqiIhaj dvdu0n6AshD4AcZL09yyh/LKLXR0d1JXV8fuhj0kAx22cLJh3+NwBF2jtYdSPpWVlWzYUERF eQXJdCZspaZ8rPJIJRPEt26jsKiYysqt4f1FO8JblaG3u4PS0lJKNm6iJ5lkZ00t27ZWo3wv akmVomrrNkqKSigtLqWxeW+4LEAHvPt2ATfecAtBNFKV/74OgoDW1laKSzewoXgDu+rqw5E4 Z1EmoKVpD5XxcuKxCmKxGBXxOLHKSjq6utHG0NrcSLy8jHg8xpZYJeUVMcrj2+hJhZvCWZWm vb2NjZs2UVhYSGVlJalUCq01nuexrayE8ngllTtr8P0ku2u2U16xlaqdu8gECqt8jPLY19FG UVERRUVF9CQSBPutrR/wc2Utia59VMYqiJVXEKuIEauIE49V0rovnHVitE9PVwelJSVs2lxG Z3cPO3dsp3bndrTyeOC++7nyiqt5cOmTLHtkCffdvYSJF06lNwh//9fV7SIeD49NZbySyngl 8coY8a1b6U30YJXhvXVruf76m1m69DGefPRh7rv3Aa64cj6+7+FnUig/jdU+yk+z8tlVvLO+ CF8rmvY2cOfi+8j44RKK3NN1CqPT+F6KyliMog1FxMor6OruQUXrfDvamqisqKAyFqe8Is6W eIwtsQqaW1sx1tLV1Uk8VkE8Fr62FRUVVMRiNLe1o41G6QDPy1BTU8OGDUVs2rSJXbvD94YK ktTtriJWUUZ863YymTR1u3ZSHotRua2aZMYLl3won8BPE4/HKCwspKp6O6mMj7Wq3wZ7YUDX uWUBOENvopuGhnrqGuop3vARpSUlNDY3h7OAjAl3A1eKvXsaKfy4kOLiUmp21YfrvI3CWoVW PrtqayjaUMjG0lJaW1vxfB+lAqxR7KiqpLK8jHiskliskqrq7QRB1GnCWnTg0dHeQklJCUXF xWzfURO+J234GHE+QdBLVdVWCgs/pjJeSsLrwlcBrXt3M+PSK7jn/odYuvRhHn1kKQuvvpL4 jl34WuGluqmsrDyg4vE4DXvqMdqnuPADpk65mIeWPsZjjz/OE4/cz9TpV4WzFoIUWiVQKuxI ULNrN+ddcFHu2LshFtDDzg/RsiircZ4h41s8I+FcHJnsuVc2nEsf9M+ZoxXQP2m3VSHE51/2 BCI7Yya7PvSz+txba7Cmh2WPP8J1v/0zqSCFUgoXTZV20f07wl3CAy9g8eJb+XB9Sdir2Sqs 8XJ9ZJ0D5SzKGazxw+Ce9zzCqYTZkZZw5ErrMNgbG07fN1Ev63CTLY3RLlr72/cLMZxOH629 tibcCCrbA9uqcCQ5WnMabv6kc33QrQn/3jjQzuBcEI4SGg/nwjXD4RrovL7C0fE2Ub/x7DTZ cMdwn4qNhRz/n8fx8LMFYbg10bRZ8v+tza11Daeiq+hxRTssZ9c2m76Txr6WSeHfWx2uP7bO w9ggOpag++3iHt2vC/+//7En1yPdRiPuNtvrOLpPGx2nbF9oZwOcVejofnS0O7jLjTrm9QU3 DmuD8O+NYv2Hb7A1VhVe8Mhb+9pvaZazuWPlcs/Z9Hv/ZV/v7PGwNrteVgPR0gprotc0eg8c 5P2XO7ZG9bUdcxpnVG6ZRjZoZI9P30lZ2Np0S9lmCl5+mYKCAtasWdOvCgoKKCwsxGiFNdFz iOaJ27zXKv/2jbWo6HFbnaKzdS+zZ17OzpoGtHFgE1gdcOPNt1K8eQs6F9RM3nEkOl4BVivS 6QR/uuNWmprq0Sq8YGK0ZuXK5ax7933WvFTAcytXsOblF3jhueXcfvvtVNftQRlDe3sbxZs2 h8smcrMFiN5PKlrSonOvvYk+1zbaYMxF73VtDcapcFp23lTi8JjofqOt1oXPyeYd8+zPZz8b OBVukBdNWQ5/LjoXytuhPLuWOv9z5IDy8k2sKXiRgpdfCl+rNWt4eU34OhYUFPDBBx/kvl/D MK7yvv/Ie479vxuMcdH70vZ9JqLHFj6nqIzJ+zsT7VPQd1t9rfH6P/7sJnDhyL+NvjdU+HqY sD+7tT7GKF596QVeX/tPPB19rnWaeLyCm275I+2JJCoYeP8Cay1KByjfZ8ndi3nv3fdRWqNN gAnSrFi9gr8tupf21j08+dhTFKx9iTVrCnjwoaXce/9D4XvFfnYdRj4rxoFVDqUtngtwGYXO ZH/vSEgXhyf7nZDNXRLQJaAPSAK6EF8M2elU2WUt+ctbPpvb1xjdQXtLHctXvko66CYwLhd8 +m+EZcl4Pu+8uYZ0kEaZIBo5V9EuyGFpRxQ2Bj5ZcxCeYNr827fRyK/tv9lZFFgP8Qz6hYeB /r7fz+btcB3ev0G7MBw5G2CtyoW8fsHzIAUWo332te1l9epVVOyoRwXRhlkuezEhb4pw9t/m jsPhv47ZcBoGswCcPmTbJJd/f9Frkf9YDv+O8/rI277bO+hGhc6LgodG6160H045PpLn+qlE x8NEswecVYfs1ZwLfX1/Eo2uDvxvsmvOjfb5yx23c9bIEQwfPoIzzzwzV8OHD2fEiBEsXLiQ QKmB73e/wJsNYyZ70cF47GvbS3FRCYHKbkwXbgTW0d7CtqoqPG2j45l/oSP72ng4o0gkOnhv 3XsEqhutAqwxGJOgo72Nwo8+Ip3qoaS4hOVPL+O1V16ktb0Fzzi0sSjfx1Nhj+h+I+hkg7KJ plr3f4/nr+8O35s27+f6PnsHd/Dnlfv7f2GDzMWL/saI4WcyYviZ0WsXvn7DRwxn5MiRXHHl PLxoJPvQ3zsDO/D9FF5EcdFzyv/820N8x3zS7fe7GJG9QGI0VvsUF35EZ2cbvh+EF4N0L77K sObVtbQlUvhq4A0ArQ1n8Kigh82bNuL53eFsAG0wvk9vJsm6999Hez6NDXtY9dJqnn7qKUo2 bsLTNm9fhqE1gu4IvxP86IKRCzw8kyJtAwnn4rBlc1f+CPqRvn8koA+yoxHQS0pK2LBhgwR0 IY5x2VHzIAi455578D7jTeK0NWjdjfZTpLRC2V78aIQM+gdRnCKwmrSXJhUkUCaDtT7OBhhn ciOo2d2CnXEDhMEotLtgv9uORrijE/rsCLdx5MLhAWVtFMLCn8v+u+zJa7ZtUu5+nMI5lRuN dtEv28CBlw11JhxBVdlR1QPuz+bWsGZHuqxRWBOgTYDSGqscTpuw/zpgo9G1cI1+NOKYvQiw X9jPjibny96vyV5IyB7b6HiZaN35/nIhIDciZ/cLh/uHdZv7b353kDBkRaN92kSj5IfYzdxl cgHd2RTat+jAjy76HEr/8DXQ7efeLwc8/mi0n/0D+sHvLXcRJrupnrPg/GjWQN/zz7+vMED7 BF4S38uQ8bzcspMgCPB9H9/38TzvgGOde5zZ28rebjSSHu5yTjSrJMCaaIdsG7Ytw6ZxKkXg ZaL2hwcL6AYXzUZRSmOUxphw9NwZH6szGJVBBz5+oFDGoLWHNgGBJdxBXisCo8INtNwAAR3A 9U0Xz816yb43o4tfzhkG+uzuf2yzx6ZvVsB+z8se5DXPe2z5F40cA9++CnpRKonnpcPXTGn8 aNNAXykyQfiecQ6ctgf5fAx0+9FnJO8CRd/zCb/L8o8P9IXs/Mef20V9gMef3ePDWnLfednP iLEWpxVO+xitwu+iIOxyYI2PMSkCo/D1wS/uZqfWa5XBaA+tfbRR6MBitSYwPoH2sIHFmPB3 gdFhF4rADOGAHn13auPQxhHYFF2F69n5ylpZJiqOiDGG5uZm3nrrrVynCwnonyNHI6Avf3YV Tzy9IpomN9AvLiHEsSA7xdfXmjG/OJdkOsO/OorU7/YhDLXZqeW2b7TnQBbrLMaEJ2guezLt zIGh8hPvef/bzw9EfdO03YA/2//f9f85u9/Jbf8R9PwR9/4hNPqzfuHh8I5xXzCIbj//wsPB /g1H/n094Ek7HHDsP+k2jlT/AHEY9+VM3/PPBrRDjbh/ZgZ+Dx30YR7i333y/RwY4POZIz7p t/3ee3a/5QoOogAYTZP+pJvLrbMOR+Chb7p49nb6lg+Qm4Kdve/8pS2HeswDXywZ+O+Hgtwe DQO8PrlZANmf/cxOqA5+HD/tMdv/uyD8Hu9bbpK/nCh87bM71R/6M5zdSyT7OPIvxIW/G/JH /PsvxRns88+DznTSmqS14RR8pVHGUP/U42xeeD1W63BUnexzHPznIYai8PNgrKVqx07uXHxP v1H0wyUBfZBJH3QhxGcn/Hz/b/VBF0IIIT7vDh7QDSlrMVbhTEDaQd0zS6lYuFD6oItD6j9D S/qg708C+gAkoAvxRSEBXQghhPgkAy+FMvjOYlWAtRl6HTQ+vZStEtDFJ5CAfmgS0Afw1MpV PLViVbibbrSeSAK6EMeeflPcx02gN52RNXNCCCFEnux0fKOzy7DC3fG1NQTOYoMAbBqrHY1P PEblwuuxQbiRpAR0MZD8gG6MxlhLZfUO7rrnvtwa9CMhAX2QHY2A/nFxKeuLSqO2FhLQhThW ZQN62lfMvnwevekMxsjGNkIIIUSWtWELyEBpNpdVkEp7aGMxNuzUYbTCGA/nOWpfW0v5kntw KtpITwK6GED/EfRww86a+gaWPv5kruXakZCAPsiORkAPjCOIvoxkBF2IY1e2H7Ayln09SbS1 GNl5VgghhMixFpSx+Mrw17/dxa1/vIPyWCWZjBf9DlUENsD4joSXwHS1YLVG2XBkVAK62F9+ QLfGoI0howwpz+vXbu1wSUAfZEcjoDtn+7U+OZz+mUKIz59wd9lsz+EAZ4Pov7qvJY+UlJSU lNQXusJN4JRS/P2uJUyZfgVTZl7N72/6C+17OrDaERgFLoNvA9LO5rp3CHEwYVvYbLcajXVR B5tPQQL6IDsqAZ39+mdKQBfiGBVOrcq2STJSUlJSUlJSB5R14GnLXxbdx5TpV3LR9HlcMPMq fjlnPnc/+Dh7W/ehlcJkNE7LCbP4ZM7mt5M12AHayh4uCeiD7GgE9OyXUb+Abg+zR60Q4nPD WYMz4Ro5X2vSQUA6CMhISUlJSUlJkQkCUkFAjxfQnQn4813/4OIZ85gyYx4XzpjPlGnzuPiy q7hy3g0UV+8kkfFwysqglvgEti+gY6PBUfupl0FIQB9kRyOgf/Dhet7/8CN0bv2DJTvlVQhx 7HBWY1WA0pa/3nkv1/72ZhZcfzPXXncjC66XkpKSkpKSuva3v+fXN9zMtb+7lelXXMuUGVdx 0bSruGj61Vw25UqmXnol06Zfw7jZV3DbLTfSUR7HqfAcOjsjVQK76K9vBiOE75HuRC/xyq1H vP4cJKAPuqPSB335Sp54cjlKR7sIOgNOhetUhRDHDGc1RitSgWbU+El09GbwAkWgFIHSUlJS UlJSX/jyAoWvDUlP5U1xv4pJs3/FxTPnMWnmbH519Y089XwBpUsWU3L9zTjf5JaOWVkqKg4Q Dn5mA7q1UFW9gzsX3Y3+FJv1SkAfZEcjoK9YuYplT6/EWMI3SLSBFE595vclhBg81mqU1qS1 ZuQ559OZTKO1j7WK8JeGlJSUlJTUF7ucNVgTXrz+26Jwk7iLps/nohnXMH/61Sx+4B80N+8j aS1Ny/5B9cLrcRmNNRbjkIAuBmCjgc9wOYSxULV9J4sW3SMBHQnoA1r+zHM8tfxZCehCHONs 1PO8N9Ccde4FdKe9qJ+rfNaFEEIIAGs1Roe7uP/1ziVMmX4lU6bP55Y/30ttbDsZlSEILAln aVj+ANULbsD5FqONBHRxEOHeXs6BNQ5jHNXba1h01725NmtHQgL6IDs6Af3ZvhF0k23BJFPc hTjWOGuw1pBS4RT3MKBr2RBSCCGEiFhrMFrhBwF3Ll7C1QtuYO3bH9CZ9rC+Rlkf7VuUhT3L HqbiN7/DBVFAlynuYkC2X5csrR3bd9Ry5533SB90JKAP6IWXCnjxpYK+TeJyfZJlkzghjiXG GJRSJDIev5w6g0Q6gzVGAroQQggRcTZsReoHAZu3bKGprRXfKHxrsNqirEIri7aWuoLnKblz CU6FAV02iRMHkw3n1oI2jp21u3nwoUfCzQVlivvny9EI6MlUit5UOjfFPWyxJiftQhyLspvY tHZ0YuQzLoQQQvSTDUvW2ly/auNU2LdaO7SzKGtJOo1KtKPaO3DGhT8/yI9dDF35syqshYwf 0JPo/VS3JQF9kB04iX9+AAAEcUlEQVSNgB724qN/H3SZmiOEEEIIIb7Q8jePi9YQOwicJe0U gVM4mXEqDkN+tto/ex0pCeiD7KgEdGexzkpAF+ILo38/TiGEEEIcyDlwxuVGyHU0Rdlag1M+ Vrnwz+ScWXyCfgHd2XBGhvt052ES0AfZ0Qjo2oGyhBtbRNN6HJ/+qo4QYmjKbhKnTFjhZ76v L6cQQgghBua0RhtL2hkyJsBlLO1GoU0Ga3UY2skL9XIiLQ4QzsTQxhAYm1tefKSt1iSgD7Kj EdB3NTRS29AYnayH03QkoAtx7LHWYIwmMJoPCovIBL4EdCGEEOIwOKtR1hJYTWB8XMrRU1dH d7w8ugCeNxtVArrI0/dWCGcwGmvp6OmlekeNtFlDAvqAlj+7mqdXrkYbG7ZZQwK6EMeiMKAb PKUZN/F8Esl0eMXfyvo5IYQQ4lCcMwTOYrXC6jQubalbvoKNv78FpzXG6NzmqxLQRb78gG6N QRvDtu07uWvJ/xxxizWQgD7ojkZAf3rlap585tkwlMsUdyGOWdnPt6cNY86ZSCrjyQmEEEII cRictQSOMKA7n7SFxqceoeK6hTitsUbnzp/ld6vI138EPeymU7WjhjsXL5E2a0hAH9DTK1fz 5HIJ6EIc67InDJ42jD3nPFIZX04ihBBCiMPgjCNjwdoAawMSDhqeeYTYb6KArnXf7tzyu1Xk OTCgIwE9jwT0AUhAF+KLoX9AP18CuhBCCHGYnHb0WtA2wCmFZxx7lj9KfKCAPtgPVgwpEtAP TQL6ACriWymPVR7wZSJfLkIcm7SxrHh2FYHSg/1QhBBCiM8FZxy+BeM0zhiMcfRUlNH29ls4 E/VJRwa5xCcJ3yftnZ0UFhVLQEcCuhBCCCGEEEKIzykJ6INMAroQQgghhBBCCJCAPugkoAsh hBBCCCGEAAnog04CuhBCCCGEEEIIkIA+6PYP6I3X3EK6YpuUlJSUlJSUlJSUlJTUF6y2DfuZ BPTBtH9Al5KSkpKSkpKSkpKSkpKKf1UC+lEnAV1KSkpKSkpKSkpKSkpqoJKAfpRJQJeSkpKS kpKSkpKSkpIaqCSgH2US0KWkpKSkpKSkpKSkpKQGKgnoR1lm6w7SWyqlpKSkpKSkpKSkpKSk pPqVamkf7Mj6L/ncBXQhhBBCCCGEEOJYJAFdCCGEEEIIIYQYAiSgCyGEEEIIIYQQQ4AEdCGE EEIIIYQQYgiQgC6EEEIIIYQQQgwBEtCFEEIIIYQQQoghQAK6EEIIIYQQQggxBEhAF0IIIYQQ QgghhgAJ6EIIIYQQQgghxBAgAV0IIYQQQgghhBgCJKALIYQQQgghhBBDgAR0IYQQQgghhBBi CJCALoQQQgghhBBCDAES0IUQQgghhBBCiCFAAroQQgghhBBCCDEESEAXQgghhBBCCCGGAAno QgghhBBCCCHEECABXQghhBBCCCGEGAIkoAshhBBCCCGEEEOABHQhhBBCCCGEEGIIkIAuhBBC CCGEEEIMARLQhRBCCCGEEEKIIeD/A+emdm2x82CRAAAAAElFTkSuQmCC --------------E11A4A0264BCE7E419539828-- --------------AF5C7FFA43EFFBE0F36E4483-- --EDZz1QUwuc1wJw9XJJddMNtp0wMcPIA4Q-- --3D2K66SGM5183wG5pE72XF5wbTYVMBoa2 Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="OpenPGP_signature" -----BEGIN PGP SIGNATURE----- wsF5BAABCAAjFiEEDtqqxgHePX8hI3D4RTXA59sW8UgFAl/QqY0FAwAAAAAACgkQRTXA59sW8UjS Rg//fVjmIMDN/e5r8gZHvAFM4R9fF27Smknh6WxFivZbrLUGURdH6TjJD86H0fQk86P+CNPOX95Y lt+6U0Mvl/9mzMRoxgNRKUD+R1B8m24lp75xclmT+mLMaHZFluP/xe3iaRtj3BBWWupB9ztllsgJ GFsxKh/mQN8KPO0CSXZy0UmJHIAKyv9CMgfk8W2uwGilZngeUULT6uvYAFSKud0srciFmrRx17K1 BSiLhCO+uRU9Ot/GhA5rcrR4kAYjkQ7PQwhN7Y97F8fLBrr97ZAqU9tczYOgETqiJsDl3XrO+8fH DGZ4FkWj1LVA68HCaySrJCFlghK6I443E2scyM4K/m5NqZGYvhWdjDRtAqMGpoTT1LYKC6MgIGQV S6kv6xLuDgjG5a4wh4518TT01VWhftzsEudyrqKxRoN2G4VqRlXWmLAuaFsPtnnQTWCTlkaUeu3v Pn4r2ggs7eB4QgstePPaAkmDqVAouszKTHChFgl52T8ZKIce40fIHPNr4hkxLcOj81xTwuQay0jn 86VtNs/Hs4aBdh1jiNgr4Nb2wx4alAqZ44NoX5DB9qsC1AGJTHeH+S/8mgslhu/8bRsM7QjL+r5y ot4BCi0lQWGJYOhYRk+8UWHaeDx0nnZfu0GheKA10b1RkQ1x7fmUngBdABNNq0L64IiDh4cAKhPe r64= =whl5 -----END PGP SIGNATURE----- --3D2K66SGM5183wG5pE72XF5wbTYVMBoa2-- From nobody Wed Dec 9 05:35:13 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0D30F3A166A for ; Wed, 9 Dec 2020 05:35:11 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.087 X-Spam-Level: X-Spam-Status: No, score=-2.087 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=rhosys.ch Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Z10aI9UJ_1uZ for ; Wed, 9 Dec 2020 05:35:08 -0800 (PST) Received: from mail-io1-xd2e.google.com (mail-io1-xd2e.google.com [IPv6:2607:f8b0:4864:20::d2e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F27833A1669 for ; Wed, 9 Dec 2020 05:35:07 -0800 (PST) Received: by mail-io1-xd2e.google.com with SMTP id t8so1632323iov.8 for ; Wed, 09 Dec 2020 05:35:07 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rhosys.ch; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=PN6eVZ/joSM6RzlAt+jM7UCmI9Z9ja8fo31db0K9qiw=; b=FxzsQjYDqja4HXPaMU08DPBYgwqnUvbG6gt2R4krUxEH2UxXys4mgoU2otgpgGq7gL cbbDGIrI2v6Sg35HDciM5dWe7nBwMTb5h02rs6NmBRFRdypABtaE6aO1ZyQup/3pPvtO 4yiuk1DMIDyTsje/FCUa3qFhEs7SntiWN6HlY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=PN6eVZ/joSM6RzlAt+jM7UCmI9Z9ja8fo31db0K9qiw=; b=qfzVDZdj71WsBbEI9nhKw0RMKDzi+6rTVkod3/kjPtYGkvOjCNhZMJa07IEBi3lLUL cWvedA9V0w8DAfOGRgqNpz3n34RwjrY2PSReQdH65idNbZozULn/n0KYDubNYukNaaFq AxfgeOLQYuS6EQlykVfUKOVWbM31gEDdRTO9pbwAPgsaAsZ7kARExTSJMw4kmce64XSq 76ZpeYSG6wGTemwkcLEPD73CwKmNpOQRpzCGmmEOdP37K4OxONTvilPoU6BFRbIT3NFp rqfLUXAHw2xc/YTQ3GwMZgU34ymwaA7Og/A08KCLlfJiua5G285cFtHVm/y87DTmozBr y7Ew== X-Gm-Message-State: AOAM531htNMyCsiQEem8Zjw3dYcu5Zl9vewq9uLZwFZTD6k0i4ow/GRD 3poJ2JB5D3rrq8w/XIbdzGcWgalsL0R8hDs5CMnb X-Google-Smtp-Source: ABdhPJzeaHcL5baoPYwozcN5jt69BgmthvzAa2vXXzfdvYAZPQqQ0e5hPljKM8cJ5oGpx9v7q+35hwgf3ocCkzCPxJ8= X-Received: by 2002:a05:6638:153:: with SMTP id y19mr3178088jao.47.1607520905511; Wed, 09 Dec 2020 05:35:05 -0800 (PST) MIME-Version: 1.0 References: <09d3639d-7d7e-9582-d728-cc223d21bcb6@hackmanit.de> <7dacfb6c-4fca-5dda-8b4f-db5c8dadade1@hackmanit.de> In-Reply-To: <7dacfb6c-4fca-5dda-8b4f-db5c8dadade1@hackmanit.de> From: Warren Parad Date: Wed, 9 Dec 2020 14:34:53 +0100 Message-ID: To: Karsten Meyer zu Selhausen Cc: oauth Content-Type: multipart/mixed; boundary="0000000000008cb0e405b60820e1" Archived-At: Subject: Re: [OAUTH-WG] Call for Adoption - AS Issuer Identifier in Authorization Response X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Dec 2020 13:35:11 -0000 --0000000000008cb0e405b60820e1 Content-Type: multipart/alternative; boundary="0000000000008cb0e205b60820df" --0000000000008cb0e205b60820df Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Since there is a potentially valid TLS case, let's shelve the non-TLS case without the precondition. I agree a MITM attack on the authorization code is a legitimate case which would be mitigated by resolving the ISS parameter to determine the valid token endpoint. I would suggest to improve the language in the *Introduction* to specifically indicate this as a solution to the authorization code interception. (It wasn't clear to me before this conversation that it helped solved that problem) So +1 On Wed, Dec 9, 2020, 11:40 Karsten Meyer zu Selhausen < karsten.meyerzuselhausen@hackmanit.de> wrote: > The attacker being able to manipulate the first request is an additional > precondition for the mix-up attack variant we used as an example. The > precondition is based on the attacker A2 defined in section 3 > > of the security BCP. > > There are other mix-up variants which work without this precondition. One > variant is described in the security BCP > , > for example: > > *Mix-Up Without Interception*: A variant of the above attack works > even if the first request/response pair cannot be intercepted, for > example, because TLS is used to protect these messages: Here, it > is assumed that the user wants to start the grant using A-AS (and > not H-AS, see Attacker A1). After the client redirected the user > to the authorization endpoint at A-AS, the attacker immediately > redirects the user to H-AS (changing the client ID to "7ZGZldHQ"). > Note that a vigilant user might at this point detect that she > intended to use A-AS instead of H-AS. > > > On 09.12.2020 10:47, Warren Parad wrote: > > Okay, it wasn't clear that the user agent was required to be compromised > for this to be a problem. Here's where it breaks down for me, if the > attacker can manipulate the first request, why would they not be able to > manipulate the AS where the Auth Response code is sent? Unless we can > guarantee there is an attack surface that would only affect the > authorization request AS selection and not the auth response, the solutio= n > the draft lacks purpose for me. > > Warren Parad > > Founder, CTO > Secure your user data and complete your authorization architecture. > Implement Authress . > > > On Wed, Dec 9, 2020 at 8:55 AM Karsten Meyer zu Selhausen < > karsten.meyerzuselhausen@hackmanit.de> wrote: > >> Hi Warren, >> >> I think there is some misunderstanding on how mix-up attacks work. I wil= l >> try to clear things up. >> >> Have a look at the following mix-up attack example (slide 4 >> >> from the interim meeting): >> >> I marked the important parts: >> >> - In step 1 the client stores the attacker's AS (A-AS) as the >> selected AS. >> - Step 5: The authorization response is issued by the honest *(=3D no= t >> compromised)* AS, not by the attacker's AS. The H-AS will use its own >> correct issuer identifier as the value for the AS parameter. >> - In a mix-up attack the attacker cannot directly influence the >> value of the iss parameter in the authorization response as it is = issued by >> the H-AS. >> - Step 6: The client sends the token request to the token endpoint of >> the A-AS, because it stored the A-AS as the selected AS in step 1. Th= is >> leaks the authorization code to the attacker who can use it in a code >> injection attack, for example. >> >> With an iss parameter present in step 5 the client would be able to >> recognize that the code was issued by the H-AS, not by the A-AS. The cli= ent >> would be able to abort the authorization grant instead of leaking the co= de >> to the A-AS. >> >> I hope this addresses your concerns. >> >> Best regards, >> Karsten >> On 08.12.2020 20:15, Warren Parad wrote: >> >> As an implementer on both sides of the issue I'm struggling to understan= d >> how this problem would occur. I'm finding issues with the proposed >> problems: >> >> 1. Honest AS is compromised, assuming this does happen details on why >> adding iss to the AS response would prevent attacks is necessary for = me. In >> other words, how would an AS be compromised in a way that would be >> identifiable through the issuer value? (my ignorant assumption is tha= t a >> compromised AS is compromised enough that an attacker would be able t= o send >> the correct ISS) >> 2. Attacker AS is registered. I fully support the idea that this can >> and will happen, however from attempting to test-implement this propo= sal, I >> can't see how the authorization would be sent to the wrong token endp= oint. >> Since there is no information in the AS auth code response, the clien= t must >> already have the knowledge of where they are going to send the token,= no >> mix-up can be executed. I would argue, if anything, adding the ISS >> parameter would open a new attack surface by providing clients an >> opportunity to blatantly trust the ISS parameter as the honest AS and= thus >> actually sending the code there instead of sending it to one specifie= d in >> the metadata document. >> >> My confusion is the following: >> >> - Are multi AS services utilizing authorization codes in a way where >> there could be a mix up attack for #2. >> - Is there a #3 that I'm missing which even in light of #1 & #2 I >> brought up that would still make this change valuable? >> >> Warren Parad >> >> Founder, CTO >> Secure your user data and complete your authorization architecture. >> Implement Authress . >> >> >> On Tue, Dec 8, 2020 at 8:01 PM Dick Hardt wrote: >> >>> +1 >>> =E1=90=A7 >>> >>> On Tue, Dec 8, 2020 at 4:51 AM Rifaat Shekh-Yusef < >>> rifaat.s.ietf@gmail.com> wrote: >>> >>>> All, >>>> >>>> This is a call for adoption for the following AS Issuer Identifier in >>>> Authorization Response as a WG document: >>>> >>>> https://datatracker.ietf.org/doc/draft-meyerzuselhausen-oauth-iss-auth= -resp/ >>>> >>>> Please, provide your feedback on the mailing list by Dec 22nd. >>>> >>>> Regards, >>>> Rifaat & Hannes >>>> _______________________________________________ >>>> OAuth mailing list >>>> OAuth@ietf.org >>>> https://www.ietf.org/mailman/listinfo/oauth >>>> >>> _______________________________________________ >>> OAuth mailing list >>> OAuth@ietf.org >>> https://www.ietf.org/mailman/listinfo/oauth >>> >> -- >> Karsten Meyer zu Selhausen >> IT Security Consultant >> Phone: +49 (0)234 / 54456499 >> Web: https://hackmanit.de | IT Security Consulting, Penetration Testing,= Security Training >> >> Nehmen Sie an unserer n=C3=A4chsten Live Online-Schulung zur Sicherheit = von OAuth und OpenID Connect am 27.01 + 28.01.2021 teil:https://www.hackman= it.de/de/schulungen/127-live-online-schulung-single-sign-on-sicherheit-oaut= h-openid-connect-am-27-01-28-01-2021 >> >> Hackmanit GmbH >> Universit=C3=A4tsstra=C3=9Fe 60 (Exzenterhaus) >> 44789 Bochum >> >> Registergericht: Amtsgericht Bochum, HRB 14896 >> Gesch=C3=A4ftsf=C3=BChrer: Prof. Dr. J=C3=B6rg Schwenk, Prof. Dr. Juraj = Somorovsky, Dr. Christian Mainka, Dr. Marcus Niemietz >> >> -- > Karsten Meyer zu Selhausen > IT Security Consultant > Phone: +49 (0)234 / 54456499 > Web: https://hackmanit.de | IT Security Consulting, Penetration Testing, = Security Training > > Nehmen Sie an unserer n=C3=A4chsten Live Online-Schulung zur Sicherheit v= on OAuth und OpenID Connect am 27.01 + 28.01.2021 teil:https://www.hackmani= t.de/de/schulungen/127-live-online-schulung-single-sign-on-sicherheit-oauth= -openid-connect-am-27-01-28-01-2021 > > Hackmanit GmbH > Universit=C3=A4tsstra=C3=9Fe 60 (Exzenterhaus) > 44789 Bochum > > Registergericht: Amtsgericht Bochum, HRB 14896 > Gesch=C3=A4ftsf=C3=BChrer: Prof. Dr. J=C3=B6rg Schwenk, Prof. Dr. Juraj S= omorovsky, Dr. Christian Mainka, Dr. Marcus Niemietz > > --0000000000008cb0e205b60820df Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
    Since there is a poten= tially valid TLS case, let's shelve the non-TLS case without the precon= dition. I agree a MITM attack on the authorization code is a legitimate=C2= =A0case which would be mitigated by resolving the ISS parameter to determin= e the valid token endpoint. I would suggest to improve the language in the = Introduction=C2=A0to specifically indicate this as a solution to the= authorization code interception. (It wasn't clear to me before this co= nversation that it helped solved that problem)
    <= br>
    So=C2=A0+1

    On Wed, Dec 9, 2020,= 11:40 Karsten Meyer zu Selhausen <karsten.meyerzuselhausen@hackmanit.de= > wrote:
    =20 =20 =20

    The attacker being able to manipulate the first request is an additional precondition for the mix-up attack variant we used as an example. The precondition is based on the attacker A2 defined in section 3 of the security BCP.

    There are other mix-up variants which work without this precondition. One variant is described in the security BCP, for example:

    *Mix-Up Without Interception*: A variant of the above attack w=
orks
      even if the first request/response pair cannot be intercepted, for
      example, because TLS is used to protect these messages: Here, it
      is assumed that the user wants to start the grant using A-AS (and
      not H-AS, see Attacker A1).  After the client redirected the user
      to the authorization endpoint at A-AS, the attacker immediately
      redirects the user to H-AS (changing the client ID to "7ZGZldHQ&=
quot;).
      Note that a vigilant user might at this point detect that she
      intended to use A-AS instead of H-AS.


    On 09.12.2020 10:47, Warren Parad wrote:
    =20
    Okay, it wasn't clear that the user agent was required to be compromised for this to be a problem. Here's where it breaks down for me, if the attacker can manipulate the first request, why would they not be able to manipulate the AS where the Auth Response code is sent?=C2=A0 Unless we can guarantee there is an attack surface that would only affect the authorization request AS selection and not the auth response, the solution the draft lacks purpose for me.

    Warren Pa= rad

    Founder, CTO
    Secure your user data and complete your authorization architecture. Implement=C2=A0Authress= .


    On Wed, Dec 9, 2020 at 8:55 A= M Karsten Meyer zu Selhausen <karsten.meyerzu= selhausen@hackmanit.de> wrote:

    Hi Warren,

    I think there i= s some misunderstanding on how mix-up attacks work. I will try to clear things up.

    Have a look at the following mix-up attack example (slide 4 from the interim meeting):

    3D""

    I marked the important parts:

    • In step 1 th= e client stores the attacker's AS (A-AS) as the selected AS.
    • Step 5: The authorization response is issued by the honest (=3D not compromised) AS, not by the attacker's AS= . The H-AS will use its own correct issuer identifier as the value for the AS parameter.
      • In a mix-u= p attack the attacker cannot directly influence the value of the iss parameter in the authorization response as it is issued by the H-AS.
    • Step 6: The client sends the token request to the token endpoint of the A-AS, because it stored the A-AS as the selected AS in step 1. This leaks the authorization code to the attacker who can use it in a code injection attack, for example.

    With an iss parameter present in step 5 the client would be able to recognize that the code was issued by the H-AS, not by the A-AS. The client would be able to abort the authorization grant instead of leaking the code to the A-AS.

    I hope this addresses your concerns.

    Best regards,
    Karsten

    On 08.12.2020 20:15, Warren Parad wrote:
    As an implementer=C2=A0on both sides of the issue I'm struggling to understand how this problem would occur. I'm finding issues with the proposed problems:
    1. Honest AS is compromised, assuming this does happen details on why adding iss to the AS response would prevent attacks is necessary for me. In other words, how would an AS be compromised in a way that would be identifiable through the issuer value? (my ignorant assumption is that a compromised AS is compromised enough that an attacker would be able to send the correct ISS)
    2. Attacker AS is registered. I fully support the idea that this can and will happen, however from attempting to test-implement this proposal, I can't see how the authorization would be sent to the wrong token endpoint. Since there is no information in the AS auth code response, the client must already have the knowledge of where they are going to send the token, no mix-up can be executed. I would argue, if anything, adding the ISS parameter would open a new attack surface by providing clients an opportunity to blatantly=C2=A0trust the ISS parameter as the honest = AS and thus actually sending the code there instead of sending it to one specified in the metadata document.
    My confusion is the following:
    • Are multi AS services utilizing authorization codes in a way where there could be a mix up attack for #2.
    • Is there a #3 that I'm missing which even in light of #1 & #2 I brought up that would still make this change valuable?

    Warre= n Parad

    <= font face=3D"Lato, sans-serif">Founder, CTO
    Secure your user data and complete your authorization architecture. Implement=C2=A0Authress.


    On Tue, Dec 8, 2020 a= t 8:01 PM Dick Hardt <dick.hardt@gmail.com> wrote:
    +1
    <= img alt=3D"" style=3D"width: 0px; max-height: 0px; overflow: hidden;">=E1=90=A7

    On Tue, Dec 8, 2020 at 4:51 AM Rifaat Shekh-Yusef <rifaat.s.= ietf@gmail.com> wrote:
    All,

    This is a call for adoption for the following AS Issuer Identifier in Authorization Response as a WG document:
    = https://datatracker.ietf.org/doc/draft-meyerzuselhausen-oauth-iss-auth-resp= /

    Please, provide your feedback on the mailing list by Dec 22nd.

    Regards,
    =C2=A0Rifaat & Hannes
    _______________________________________________
    OAuth mailing list
    OAuth@ietf.org
    https://www.ietf.org/mai= lman/listinfo/oauth
    _______________________________________________
    OAuth mailing list
    OAuth@ietf.org
    https://www.ietf.org/mailman= /listinfo/oauth
    --=20
Karsten Meyer zu Selhausen
IT Security Consultant
Phone:	+49 (0)234 / 54456499
Web:	=
https://hackmanit.de | IT Security Consulting, Penetration Testing, Sec=
urity Training

Nehmen Sie an unserer n=C3=A4chsten Live Online-Schulung zur Sicherheit von=
 OAuth und OpenID Connect am 27.01 + 28.01.2021 teil:
https://www.hackmanit.de/de/schulungen/127-li=
ve-online-schulung-single-sign-on-sicherheit-oauth-openid-connect-am-27-01-=
28-01-2021

Hackmanit GmbH
Universit=C3=A4tsstra=C3=9Fe 60 (Exzenterhaus)
44789 Bochum

Registergericht: Amtsgericht Bochum, HRB 14896
Gesch=C3=A4ftsf=C3=BChrer: Prof. Dr. J=C3=B6rg Schwenk, Prof. Dr. Juraj Som=
orovsky, Dr. Christian Mainka, Dr. Marcus Niemietz
    --=20
Karsten Meyer zu Selhausen
IT Security Consultant
Phone:	+49 (0)234 / 54456499
Web:	=
https://hackmanit.de | IT Security Consulting, Penetration Testing, Sec=
urity Training

Nehmen Sie an unserer n=C3=A4chsten Live Online-Schulung zur Sicherheit von=
 OAuth und OpenID Connect am 27.01 + 28.01.2021 teil:
https://www.hackmanit.de/de/schulungen/127-li=
ve-online-schulung-single-sign-on-sicherheit-oauth-openid-connect-am-27-01-=
28-01-2021

Hackmanit GmbH
Universit=C3=A4tsstra=C3=9Fe 60 (Exzenterhaus)
44789 Bochum

Registergericht: Amtsgericht Bochum, HRB 14896
Gesch=C3=A4ftsf=C3=BChrer: Prof. Dr. J=C3=B6rg Schwenk, Prof. Dr. Juraj Som=
orovsky, Dr. Christian Mainka, Dr. Marcus Niemietz
    --0000000000008cb0e205b60820df-- --0000000000008cb0e405b60820e1 Content-Type: image/png; name="fmliihgbmokgaako.png" Content-Disposition: attachment; filename="fmliihgbmokgaako.png" Content-Transfer-Encoding: base64 Content-ID: <176477d9a67cff9eafb1> X-Attachment-Id: 176477d9a67cff9eafb1 iVBORw0KGgoAAAANSUhEUgAAA+gAAAIzCAYAAACTLTO8AAAgAElEQVR4nOzdZ1QUZ+M2cD4kvoa/ Aord2DWaoqmaZhJN8mh68sS02aWDgmDBir33hrH3LtgVC/ZewYIVARVUOtJh2Tp7vR92mQV2aYq6 +ly/c/Ycj8zO3HPP7O5cc5exARERERERERE9dzbPuwBERERERERExIBOREREREREZBUY0ImIiIiI iIisAAM6ERERERERkRVgQCciIiIiIiKyAgzoRERERERERFaAAZ2IiIiIiIjICjCgExEREREREVkB BnQiIiIiIiIiK8CATkRERERERGQFGNCJiIiIiIiIrAADOhEREREREZEVYEAnIiIiIiIisgIM6ERE RERERERWgAGdiIiIiIiIyAowoBMRERERERFZAQZ0IiIiIiIiIivAgE5ERERERERkBRjQiYiIiIiI iKwAAzoRERERERGRFWBAJyIiIiIiIrICDOhEREREREREVoABnYiIiIiIiMgKMKATERERERERWQEG dCIiIiIiIiIrwIBOREREREREZAUY0ImIiIiIiIisAAM6ERERERERkRVgQCciIiIiIiKyAgzoRERE RERERFaAAZ2IiIiIiIjICjCgExEREREREVkBBnQiIiIiIiIiK8CATkRERERERGQFGNCJiIiIiIiI rAADOhEREREREZEVYEAnIiIiIiIisgIM6ERERERERERWgAGdiIiIiIiIyAowoBMRERERERFZAQZ0 IiIiIiIiIivAgE5ERERERERkBRjQiYiIiIiIiKwAAzoRERERERGRFWBAJyIiIiIiIrICDOhERERE REREVoABnYiIiIiIiMgKMKATERERERERWQEGdCIiIiIiIiIrwIBOREREREREZAUY0ImIiIiIiIis AAM6ERERERERkRVgQCciIiIiIiKyAgzoRERERERERFaAAZ2IiIiIiIjICjCgExEREREREVkBBnQi IiIiIiIiK8CATkRERERERGQFGNCJiIiIiIiIrAADOhEREREREZEVYEAnIiIiIiIisgIM6ERERERE RERWgAGdiIiIiIiIyAowoBMRERERERFZAQZ0IiIiIiIiIivAgE5ERERERERkBV7YgB55aCsChgzB kKKv4aNx/FbqY6/z0b0wDC+xzhFT5+Jhtqr4gnot9qwPlJZZvTPsCffm6VDlJGLetDGmch6KgKiv /HpEZQaWzpokrWfe6gNQacWqL/BT8ij2MiaNGiaVf83+COgeox5KEsWK10FllrU6eh3CD22U6m/u 8r1QPsXjr1PnYd2iqdL2ho2dhltJOU+83nthBzFS+myPxMnI5CoobRXQa7FtxXRjuQIQFBrxvEtU xUS8yKc/ERER0bP0wgb0veN74f9sbGBT7FUTfw1bi8fJXnpRg83jXUqszwaObTshPD63xMJqDP6n o3GZV/Fb35VVsk9VLS8xAp++1UDal/9OCIb2cQJ6dhy6v9tKWs9n/x2FPPULcsWt12DDRE9UL3JM W3d2Q1Ke+glWKiIn7QGWBW2GQqMre0mtGncjjiH42KXHOi+tgl6L1ePkUv11+mEwslVl7/cTbU5U I2iiK16VjlltDF506InqT6/Nwci/Okv7UKvppwh/kF1lZX4iehW8f3zLWLYacB4R/LxLVGWUuRnY u2sjbiXnPe+iEBEREb0QXrKAboNm7/+Fh/naSq9Pk5+Cvz9rxYBuwYsc0JXpMfi5Y8vix7VGE6w4 Hv1Y61MXZONI0Dx89nYLNPpSQI7K8rmmF0VkpdzD/BG90LRebcimb2JAr4T4y7vQqrattM33vx+I dOXjbzMr7jw6tm4gfWb/4z4L+RorOYdfwoCu0yhx/cxu/PPNh3Bs0R7H71nJzRAiIiIiK/dSBPRX q9nB3r4mbGxsUKNOC6w5FVfp9SVF7MTrNQwX7zVq1CwnoGswtd9vaNeuHdq1awef8VuqZqeqGAO6 iOuhS9DEvjpsbGxgX8sBttUM+/Cl29THCGgits3zh31Nw/rKCuja/FR4/dZJqjMG9MrRFaSjzw8f Sdt0aPoRjkSmPd7K9DqELhmKWtWNN2hsm2LV0aiqLfCT0Ksx0rOb8fvkbQycved5l+iJ3TkThIZ1 7AzHjgGdiIiIqMJeioBuV+tjuPxS2H3VDn8PX1OpsdZ6USt1b3/NoQG6/fSfsgP6C+J/PaDrNbmY 6PK11E26p39/tKrvYLiR0+A9nL6XWck1ilgyxlmqh7ICuiYnAT9+9gYD+mNvU4dT6yagVjVTN/dB iw4+1hwKuoJU9O72gVT+lp/KEZelrPoyk+TGgUWmmysM6EREREQV9lIEdIc6X2LdwmHSOOMWH/6D +7maCq9Lq0zD35+2MISutt0wb3pfBvQiXtSA/ij6JDo1rwsbGxv8vwbvYPf5S5B91ta4H7bwmLQT ukrtBgP6MwvoALLjL6NL24bSdt/+1guJuZWfOyDpWijeeb22NE+F17SdeIHmOHwhMaATERERPZ6X JKB/hcu3TqNDfUPXdNu6rbD25L0Kryv12i40sjWEtm4+c7Bv2SAG9CJexICuF7XYt2Aw7IxlbvOZ DHFZBVg/wQM1ja2y9d/+FQ8qFfgY0J9lQNfrCjC/73+l7b5Wtx12hD+o3DpENTZO8EDNwt42r3+E o4/bVZ4qjAGdiIiI6PG8NAE9OjML/r8Wjlm1w9+j11ewO6yIzeOcjd3bGyJwz00cXM6AXtSTB3QR eVmPcPX8KRw+fBiHT51HfEo6dE/x2Uua3AQ4dSmceKs6/hixGhoRSAjfghb1HIz/Xw+Be25Waj+e TUAXkZuVgQd3b+Po4cOGOjt8GOcu3UJKeia0lWv2L0aRm4XYyGs4Zlzn6bBrSEnLLPuz8pwCOgDc PrEWzR1rSBOouU/ZWqnWb3X2A/z1WTup7J8LY5FVRtlFrQqPUpIREXZWqvfDR08iOi4BWXkFj70f Oo0SdyMjcPjwYYTfiEa2QlX+m8qhFzXIeJSGyIhwHCks65GjuB51H+lZTzZrul7UIScjFZcvnJHq ICYuCQXqik3AyYBORERE9HhemoB+J0+DEyuHw9b4f2928UZqBWZ9FjUZ+LtTM0OLapvuiMpUlh/Q 9RrMH+2Ozp07o3PnLzC0yKROelGLs9vm49uvOhv/3hUTlh2ApswHb4u4cXAVunQ2vueLrhi5aPdj heminm1AF3F517/Gfe4Mv8Bg6AEoc1KwdvYIdP6wPRrUNkwa9YpdbbR9uz1+/tsHe45ffyrdjaNO rEOTWoZg91qd1lhrnLVdVKbCo9t70r6898twKMsJvPnJN+HSozs6d+6Mti0bS+/9v7qN8Onnhv39 ouvX2H0rHbeOrULnzp3x+acfo34dB2nZxm3eluqmu8dgpOabt9zrVPm4cHgnhvR2wofvdUCbFk2K PR6udr0meKvDu/j+d3ds2H0KucqKhSW9qMWD2xcxe4w/vuj4Hlo1aSit196xId5u/y56uPTHnhNX YXHevEoEdFGnwbltC9G98Fzu/BU8Bs5G8mN0TQcATc5DyLq8I237za/cK9XNPfL4ajRzNM4GX7Mh Zu64aPFGSU5qHNYunoXfu3VG+7ffQgNH07GzqVYTzVq1xXsffo6+I2fiUlRCqUMjNIpk+P/TzXCc f/NAZKoSOUm3Mczzv2jZxPBZrNO4GT746kcs3HYcGp0I6DWYPvBvqb7GLz5c5j4VZCVjV9AyuP7e HR3av4MmDeuYymrzKho1a4MO73WCi+8IHAuPMmzDEr0CM/r/I52XW6+lQS+KiI8Ox8RBXvigw9uo X9teqoPmrd/EV9/9gWVbjiC7wHwIkagrwDi/39G5c2d81KGtVKbX7GrhvU6fStuZuu1MOUeNiIiI 6H/XSxTQdci4dxrvNTLOHNzoHeyJSC53Pek3Q1C/uqF7+3985kKn11UgoJf9mDVlZhw8u78vraNu y07YF/Gw1DIUPIrC9+82k5Zv2qE7wuKyHqteinqmAV2vw9GlA6Rlvu4/B4qM+whw6Q4H46znll61 6jSB78yNyK3CFllRq8A8/9+lbbT5RIa47MJQJ+LAoqGoZVvN8Hf71giNyihzfdkPLuD9NvVK3Qcb GxtUs3PAirBEhG+dWOZyNjY2qP/xT4jPKd6CmpsSjQF/dkf9osGwjFfNWvXws9dkpJTzPHetMgeb 541ChxaNijxXvJRjUa8pvIYvQ0ZBieBfwYCuF7U4t3Ue2tUrHO9dA+99Jcf5qJTH796v12L3vIHS UIXXHFtj45m7FXurToF5fX6Tyt3s/V9xO01htv6wPSvR+a3WxW6GlP6qjsatO2LxrnCLIV2V9wDf vW04V+q1+BhnIu9g0J9fSMMqir6+6zkXSq1Y8ces6XWIPr8Hv332Phxq2FagrK+i7uttMXxeiGE7 ZuvLg2+3t6Tl551+gIshS/B+i0ZlrreGQ1387DcFSSXOYVGbD+evzR9VWfLVc8HeF3e4BxEREdFT 9lIFdJ0yC/6/GoNztVrwnRNS7oXg5nFOhgt/+/oI3HcbqIKADoi4d34b3mnsKF3Ud/ptoMWWP702 HzN6fieFgxq1mmD6pguPNVt1Sc8zoHfxHY/AgX/DvjAIlxVu7R3hMXkj1GX2MqjEfiddw1dt6xvX Xws+U7cXa6UvSLqEjs3qmuolYF2Z63vaAV2rSEKvbh9VMCAWeVW3h+vkraW25uo0+dgwyQ/17GtW eJ3Va9SB2/gNxY9FBQK6XtThwrZ5aFu3lnE5W3zQ1RPXHlR2pnxzqbeO4gPpeL2K3wasgKoC54oi LQrd3m1qfF9NOI1eh5Kn7a2DK9G6gWPl6t3GBrVbfIrjUeZj2YsF9GYfYOwwXzhaukFl2xTrTt0x Vl7FAnpCxAF0frNZuTdaSr7s6rfFsoMWhnKUCOhD5wQWublSzquGA3pO2VqsdZ4BnYiIiOjJvVQB HXodjhfp5t7hG1+kFpTeMqvXZeLvjwwX8HVadcOdbE0VBXRA1CmxdY4/6toZLs6r1aiLwfNDzboQ h2+ahlo1jBfw1e3QY/BiKDRV05r8PAP662++haaONWFjUx1t3u2C6Ys34eqNSMRER+HM4R3w7dHN tN82NqhZpxlWHr3z5Dut1+HEmjGwM7ZY1nr9A+y/nlJ8EVGJyW7fSoHYoeVXhmNfioL0uxg50Aeu rq7o/KGp6659kzaQO7vA1dUVbh6eOHEvC7Hhu+Dq6goX2V9o0djU9bjtx13h6uoKV1dX9B4zGxlF ugiHzOkjncs2NrZo074LJgWuwemwK4iJiUFMTAxuXr2I7esX458fOxfrkWDf4lvcy7HUii7iauhi tKhjCuev2NdBlx5eWLdzP25FRiEmJgYXzxzDxKE90bSBqeXevkE7BJ2OLVJh5Qf0W0fX4u2GDtI+ vPeVB64/fPJeIACg12Rj9D9fmM6tD/6LuxnljQcXcWHbDNQ23iCyq/8OdpaYYE6XG4uf3m9pujlh Wx8//NkHm3cfxI3b0Ya6j47C+ZOHMGfsALzfrqm0rI1NdQijNpl9nosG9Oq2NVHbwQ6vOTji955j cDI8AjHRt3F8TxC8BozGw2zjo94qENBF5SMM6NG5yE2c2vjsWzlWBu1CxM3b0nly5fwJLA8cjy8/ alukrK/i87/HIbdkYUsEdEdHQziv6dgEf/Ychj3HziImJgbRt29i/7bV6NH1A2myPRsbG9R5oxsi U/NNZdSpsHjKALi6uuK37p9Jy9nWro8fesik83/l4YiKHnoiIiKi/zkvV0AHkH7nFN5vbBg3ad/o Hey9Wno394wbu1CvRnXY2LyKL92nG1qtqyigA4AmLxkDe5iChWPzjjh4PUn6e87DcHzSuoG0nlYf /IGY9MefiKqk5xnQDS87dPl9MKISM1FyPjitKg8HVoxDk1q20v6/+50/siwOgq44bUE6+nxveuZ1 pz9GIsfCOmMOLUUde+PkY9VqYsTK8xVYe9VPEqcviEf3NqZzoN0nAq49yCy1hVFdkIkFw5xMPRNe qY+gK6nm289Lgtd/TGPt7eu2xPjle0oZO6zBjWPr0bKBKWB37TUTmsJClBPQo46vwzuNClvOq6PD F+64kVCVk4KJiAhZgMbGm102tk2w+kRM2e9Q52Ks8JVU5ve/G4BHJeakCNswCY6FN4mq1Uaf6Tuh KGUSNL2oQ+LtU/jm3RbSOt/q5ovsEvMAFA3ohZ+BPwfOR1aJetdqNKZjXIGAfu/MJrSpayet87fe c5CWW9qz3EVkJ0fBrbvpc/B6h+8QmVbiu6VEQDd8R7XHmkNXodKa3yRUZDzA4D+/LHKToC4WHY22 WAJOEkdERET0eF66gK5TZsD/58Lw7ADfwN2lhp1NY50N3UVt7TB6/UXDf1ZhQAeApBuH8XELUwD7 6JeBSM3XQK/OQN8fP5S6q9as2xorj1u+2H1czzugt/vCCbdTSp9NWi+qsWqUXKqDGo7NsP5CQuUL WETKjX1o7WAIXa/YNcCkYMvBW6dIwH8/Mo37b9ulN3LLrZyqD+jJ4UFwMIZEW/tGmH/gdrn7mBt7 Em80MnXLHr/X/D33L2xBc/vC4QW10GvKJsvjkI30ogYbx7hI62z8RjdEphu74ZcR0KOOr0P7RoXd oqvjnc5uuJVU9U89UKZH46cPWkifo5/7LYOqjMn9Mu6dw0fNjD0YqtfH2DWni9e/Xo1xHl2lfWr6 qQsyypsHQa/DukleUg8dxw9/RmKJOQBKBvQ6zT/C8ehyuvmXF9D1Wmya3kv6nNRr9w0uPSwv8IoI 2z5TavG2b/k+jt8tUY4SAb1a9VoYvvJ0md3PY89tQssG9tJ7ei45ZnE4DgM6ERER0eN56QI69Drs W2QKiu9+42exm7tem46/OxoCmn39johIU0nvr8qArhe1OLR6POoZZxS3qV4fkzedx76Fg6VgZlO9 BjymbC91LPHjep4B/RW7hpiyKbzcdaszb6Fjw8ILfnv0mrS78gUsLIKoxqohf5taDd/sjhsppfVI ELF+tBNsjV3hbe2bYMOFxHK2UPUBXadV437MDZw/dwZLF29AZgUeX6fPj8P3RSbyGrTpSokFNNgy 0VX6e4N2X+Hiw/JDc078NcxdvBEXwsJxP6nIY/BKCegPL+/Cu687Sp+DDl28EJX6ZI/3KpVeg9Vj nU3DElp1wc0i3auLL6vDoSVDpEDboF1XXLLwqERlXjoiwsNwInQzgg/eqlAxzq+ZjHrG9dq+1R2x OcVbsUsG9Le7+SOzvMcUVKAFXV2Qg1tXL+P0kT1Yu+1UheZrSAjfgZavGMN3k/bYV/L57yUCes16 XyAmt+wnA6hTb6JT29el9/wzYhssFYUBnYiIiOjxvHwBHUDC5d1oa3x2cs2G7yD0mnk39/RrO1Df 2MX5wz9HmoJrFQd0ABDV2Zjg1k0KF/WatUGLOnbSNt743ANpZYyVf1zPM6A3bfcjojMq8DgsvRaD /+wkve+dvwJMXasrSZl5F/95q6EUdP4ascpieCiUF3cCzWsVHofq+LbnnDKXf3bPQS9l66IIdX4W wkJXoUORybxKBnRRlYX+P5rq9ON/JiD/SSbgsxDQb5wPQcc3Gkr/1/Zzt0o9/uxxJEXsxhvSxIu1 MXP3Ncs3PZSZ6C0Nc7DFD/0Xmk0OVzkiRFGHR4kxmNW7BxwqHNBt8d8RK8o/7hWdxb2ipRVF5KbH I3jGAOlmQkUCepsf+pb7/aAvSIT83TbSe/4evpUBnYiIiKgKvZQBXZuXBKevCp+dbAffubtLdMMU sXGMsfW0mi1GBxWZtOgpBHQAyH54EV3fMrU8Fb5qNHoT+26YzwYtbUoUoSwogEKhKPelLjG53PMM 6O1/CUB+BUPRnnGm1t4m7WVIfayELuLGvrmmSayq10a3P7wwfPjwMl4D0P51U1fxWo074kJiKa2y xm087YAuijpo1Crk5WTi1rXLOHNkNyaNGo7ens748dvPUcvCjOAlA7oqJx4/fVzYHbwG3KZtqXg1 WlIioDdp9S7aNatfrAy1W3TGrUeq8tf1JMVQpaPP9x2lbXZxnmGx237S1T1oaZwc7//qtcaGohPe lUGn00JZoMCjxFhcuhSOrcvnImDIAMj//h0fvtnMrN7LD+i14D9nX0V2rNIBXdTpoFIWIDstAVcu X8LBzcsxfFgAXGR/oEvHN83KWpGA/pXrjPKLqkxiQCciIiJ6il7KgA69Blun+0hdXD/6bggyVKYL eb06DX93NAQY27of4UbRlt6nFNABEeG75qGRo32RC2cHDF18vMx3qdIi8Wn7pmYX3OYvO/SZcrjY e0sG9N/GBz2zgP6tf2CFW4zDN4yU3tew+S+4r6h8c6eoyceAXztWoJ7KeFW3h8/ssgLV0wvoOq0a dyJOYqSPC77s9Falyl0yoCvSo9D1rcKQWBfjV5+udH0WUyKgS69q1WFrW13690/+S56wpbp8J9eM Q53CmdlbfIlbacVvqOhFDbZMMN3webOrJ5Lyy+62rcpNw9618yD0+AktGtaqcL2XH9BrY/C/B8vf qUoEdE1BNk7vWY9eTj3wdquGFS5rRQL6T77Lyi8qAzoRERHRU/VyBnQA8ZdC0NY463Htlp/h7D3T BEkpl7eisaPhbx/8Obr4BeZTDOg3D60s8pxoG9jY1MOkLeFlBrcnCeiKlJv4vH1jaZnv+yyD6jEC ui4rFv951/Q4qq5/TUdByZbLYgG9JpzGbajw+iM2j3vigJ794Cza1634875LezX78E8k5JUW6J5O QFfnpWDKYBc0qFmBUFjDHg0aNoS9raklvWRAz0+7hS5tC58b/pQCerUa6PijH8b0/gU1Csfx2zXF ooORT7atcihTruMraQx0DQxaeaZYvapzE/D7x8abSdVrY8C8/WXslw73Lu7Dd53aVuDZ4q+ilmNd 1K/rKA1VebYBXURyzAW4/vw57KuXf57YOdRGg/r1pAntGNCJiIiIXgwvbUDX5iUW6eZeB2PXFc5O LGLDeFdjqLDF6OASz+R9SgE9P/kmfu70hvmFdOP3cDKm9FmenySga7Li8H1H08V0l79nIP8xmtDz Ei7jgyLjjX/uvdK8pbRYQK+On4curnAL+ulF/U2ht+VveFhQ2YAuYs+MXqYQW7M2WrRqjdatK/Zq 3sS0b7YOjTA35Eap26nqgC5qsjHW4zuz41nd1h4NGzdG02Yt0Lr1O+jh1Asjx07G+q378SD2Gn4o Y5K4/Ee30bVdYUCvg7ErT1ayPksoGdBt7fCVEIC4DAXUWXfx4/vNpc9C8/d+w+00xZNtr8yyqDDL 9ycpJL/70xAoigztuHNiFWob/1avxac4G5dT6qoSIkLxXqsGJer+VdRyrI/XX2+Clq1ao8P7XeHn PwQzAhfj+PkbOLpsQiUmiau6gJ7x4Ap++rSdhSBeB40bN0bzlq3Qpm1HePcfhInT5mLPkTDcOB6M VpWYJI4BnYiIiOj5e2kDOvQabJ7mI7UgffrHGGSrdNBrs+D9H0Nwf61eR1xPLzFu9ikEdJ0mF/MG /gU7Y8tXjVp18XqDOlKr3fs/D0RmKY940imzsXfXFqxdu7ac13qE3Ugq9l698hF8upqehd3+ax+k ltPd15KESzvRtsijlZyn7Ta/KC/Rxb2jy4QKt9avHvC79L4WX3oju5L5XKdKRY/3m0rH44P/DkZu eTNnF/Ho2g7Uk8Z2V8cXwlgoLE6qVvUB/UZIIByqV5PK3qDZO/AdNhkbt+xHTOx9pGWaz4ou5tzB 181NNxVKBnR1bgJ++bSwx0NNeEzb+mQT1JUI6G98Jse9DNPs+DFHV6CRQ+FTCmriN/9F5j0sqlDc qXVoapxk8RXH93DB+PnU69RY2OdXYzlt8Y3rNBSUMjmeqMlCv587mlrOqzug47d/YPb8ZThy+ioe PExAgdr8M3lyxTjUecYBXa9TYOHAv0zPH69WE292+hbjp8/D7oPnEXf/AXILzM/D+2c3oQkDOhER EdEL5eUN6AAehu9E2/r2xovEz3AuNhNZ0UfwRgPDDNgf/TkaGgstwVX9mLUzwbPQVBp7XhO/D1mK 8D2LpW721WwdMXjhoSp/zBr0Sizo97O0LzWbf4wL97MquRIRR1aOQm2pW60j5uy9ZmFbxQN6y/f+ xv1yHtkEAHqxAN7fvS2F46+9Z1l8rnJZ7p9aLbWa2tRwxMgVlevSLWpy4P6NaWItx0Yf4NCtR5aW rNqAri+A/68fSMvUbvwBdoXHlVve/Ptn0KaxaXI781ncszHgl0+kv3/6x5gK3bDQKtMxY9QorAkK xq79J5CcbhzfXcZz0A1/V2OGl6kXQE3HVlgQev2JZ60vja4gGU5fFZ4zNTBoxVnoASjTb6NzC8Oz z1+r1QTz95b+6LSUiB1oVtd00+nLf8YjvUBT9ob1Oqyf3POZd3HPSbiCz9uZbsi07+KByKTSewYY iLi4c7b0HcmATkRERPRieKkDujYvAc5fFnZzd8SY9Wew99+BxhbLmhgTfMl8xVUc0B/dOYevOzSX 1tey05+ITM6FXqfEgn49UN04frd2k/bYfuH+k1ZLCSKOrR0Hh2qF4boORq04XqkbAVplGgb8anpk 12v1PsSZexa65JcI6DXqtsLqE3fKXX929GG0cDSOHbetjZErzldi/wDoNZjq/rW03TrNO+Hcw8o+ i1vEieXDi7RQOsB5bJCF4FG1AV2vTsD3repK59HXXhW5OSHi9LrxqGtX+hh0vajB5klu0t/rte6M M/cyyq2FjOgjaGMcB1/NrjH+DTEG3PICOoC8pAh82bahtC+tP/wd15Of0jPRIWLnrL6wN/Y8eOfH IVDpRFzbMV3qMdP8o3/wMK/0wB2+fiLq1DD2XHilAbZetXRDpjitIhne3Uw9Up5VQL9/fgveqFV4 vB0xMehcuTc/RE0eZvv8IJWVAZ2IiIjoxfBSB3TotQgq0uLVuccguHxjuMD+v4adcDXFwljZKgzo mvxUjPf43lTOuu2w/MB1KYSpMqLxw3um8YhzZxEAACAASURBVLtvfe2JhzlV+yzpR9En0Kl5XWl/ Gr7ZFYduJFSodVMvanB26xw0dTRNvvbhL4ORbqE7bcmAbmNTHZ/8MQjx2UrzZY20ygyMFrqa6rrp 57icXLnxy+q0CHSo74DCbs1dPWc+1kz1BalX8VFjB6ksTTr8hMhHBSWWquKArohF14a1pePfxW1a Oc9hB5IjT6F7h5ZF6tkGveedMlvu7tlgNKtV2O3cHn8NWYxcC122pT3TFmDx4D+kddZv9SUuJVaw Bd1YN2FbZ6Guva3xZos9evgvRL5ZF5WqkXv/LDoU9iKo1QFhiTkY7/yFcX8d4DF5W5nn+KlFI1C7 8MbVK/URfCmlzO3pNArsDByKBoVd+W1s8OrrX+JWevHz9WkE9LvH1qH5azbSOsetP13mvomiBmE7 F6F1kR4Cr9Rph23h8SW2y4BOREREZG1e7oAOIOroajSrbQgNtR0bwLGm4QL747/GWHyGclUFdL2o xr5Fw1HXzhhYqteC5+Qgs21GHlqGBg6GZarb1obnxM3m3e6fgKjNQ6Dff6W6srGxQbMPvsWG0AtQ lBHYFNkp2LZ8Mt4t8rxrQ7fhq5bDgVlAt0G1mg740Xsc7qSad8fNexSHyb5/oXbh+OtqNdBjyMpK h+ujy4ZKvRCq2dXDjJ2lTfBWNlGnwqyepm7a1ewbYMLGcyWXwsbJvaRWWru3vsODXMs3VHR5KfhH 6oZtg279FkBV8riKWXD5zBS2azfugI1Hb1oMPBpVHsIPBuHb99uaWvqNL89ph82W1yrSMPD3z6Rl 7Go3Rf8pq5CcY37DRKvMwc4lo9Gg8EZMtZr4sfe/pvJWKKADOnUOJjiZejPY1W2NhftKOV+elKjA GFkX4xhyWwxasAPftjHciKrVuD0O3C67x8CdI8vRoJYpbH/++1DEZ5W8IQMAIrJSYrFwrC9eL/aI RBvY1P0EV1OLP+btaQT0tNtH8V4T09Mf3uosw+XYRxbrVZGdiu1LJqBtQ8diZX3FoTWCzsSV2O7T C+h3TqyGQ2FPg4ZtsDn8Yfn1QEREREQvf0BXZ8Tgp/eLtzja2NhhbHApjzerooCecP0QPm5tmiG6 /beeuJdu3jqs1ykR6POjqbWp4RtYfvDmY9RI6dKiz+Drd1sUq4NadRrho69/xaRpgdi6KwQhISEI CdmF9SsWY/wIf3z+7luoVXhzwXiDocfgechSljKuvERAt7V1gJ1dTdjY2qFtp64YM30etu3YhZBd 27Bg2lh88cGbqC5NjmaDph1+wq3UyrWe6zVZcO3S1tQ74J0fcS/7cXsgiLh7ai0a2dpIx/X9n/2R rix+Xh2aH4BaUp3Uxu/9JmDnrl0I2b0H97NM4VevysSA70xDA2o3a4+x/65ESEgIQk+cR4FGB0DE 5oke0g0GG5tXUa/xG3DrNxprNm4xHJMdW7FgzhT89Z8v8Xq92iXOY8Orh7+lR9qJuHtuK94tMlb9 Nbta6Pj1b5gauBg7du5CSMgurFg0Ez2+/QSO9qZj3aDtlzgVnV6koisW0AEgJfIoPmpu6rbfpuMf uJaYa3HZJ3Vrz3zUM56jb7T9AHbGbXb8c3ipk8MV0mbF4Ns3iz4doSbe+eQnTA5chB0hhs/Dlg2r MHZoH3R6sw3sa1Qzr3vbt3C8xBMYnkZA1ylS4ft9xyLbtkXLt79AwMTZ2LJjJ0JCQrBr60ZMmzgC X737NmoXGf4gvao1waKSTyd4igE9+UoImr1SuO2a6PizBzZu3YGQkBBExJXdW4GIiIjof9lLH9D1 ogqLBv9ZrNXx/17/GFdKCw1VENCVmffh3d00Q3StRu0RfCqm1JbE7IeX0Ll1fWl9bTr9gZsp+aUs /Rj0OkSf24HOHUreqKjY6xW72vjZewoSLLYwmrZRNKC/3upLDPT+Gw4VeGZzwxafIiQ8ttK7lXRx k9T7wMbGFr8PXv1ErbXqvET884mpjhwatsO2Cw+KLXP32Cq87mjheeu29pi4y/QMcL2owsqAfyzu 7/+1/go30wzHV5kWif+83bhCx8HwcsA3f/SF/JePTTd/fh1qcey6qFPh8NrpaFPPscLrt2vUBnN2 XCi+vkoEdL2owYFlI+BYeKOjugP+HLDoqXR11yke4pcOrxcrf3W7epi+I6L8N+t1OLZyNOrUtK1w 3TjWfxNDRw5Dc+mmhyPmH4oqttqn85g1ETcPr0KbBg4VLmtN+9fh6T8KH7cvrB979Pl3b/HPx1MM 6HnJ1/FFq7oWy/br8HXQPK0ZBImIiIhecC99QAeAyMPL0dTR1J3107/GIl9TyvJPGNBFnRLBU/1g b1vNGG7rwHvaJsvd6QtXJ+pwbvM01Kth2Ga16g74a+CSKn5UlYiEmIsIcPsFDe0tBEyLr+po8fan mLp0Jx7lqcpefYmA3vTNH3Hj/gPM6PMn6hQZt1v8VQMffPk3Dl2Oq3yw1muxsN+vphm17Rpg9dn4 8t9X1ipFLfYG9i1Svpr4fcDSYs981+Ylwqf7h1I3d+lVrQZ8ZxTvav7g8m582NRCSHF4B0ejTC3U cRf34qu3m5V7PBq0eRcj/g1CanYB9s8bJD2e7bX6nXA7y/KEaKJWhbC9q/Hth+Zd44u/XkXr97oh 6Ng1aEomrkoEdADQ5KWg/6+mGwg167XBotCn0NVdr8OaMU6wrVakjtp+h7vZ5czGbqRT52D5eF80 dig7pL9SsxY++UGGvWcjocx5iL86muYW+LX/ymL19bSegy5qC7B35RS0a1jOzZZqtnjz0+5YtTcM ivxMjPr7K+lvHX8egoxis+8/vYAuahRYNlwudXMv+vriz8nIe4qP4SMiIiJ6kb2wAf3qrtXw8vSA h4cHvH2nIlVZ+gWfJvshJgT0g4eHYfkluy+XMVu2iJsnN0nL+gSMR2xmiXG7ei02LxovLfPvBtMk XQWZDzB1aB/pb4NGL0BSKeOUi9KpcrB0coD0vt4DRuFqfNVPrKRVKxATcQGBk4bjt5+648uP2xe7 eK5hVx+fdfkWv//jjsUb9uB+SlbFZn23ENDvZGqgUebg8KbF+LN7V9SvbRjD27hVB/zw6z9YuvUI MnLLaJUva3PabMwfYTqmPsPnIqsKWmmz4q9iUC9Pab2Dxy5EmqJ4t/6c5BhMGdwTX3R8W+qe3rhl Bwyfu7vYcqJOg6hz++Al/Iq3WhTOcG6HDp2+R+iVxGLLZiffxaqZo/HTd9+gVePCUF8dzd98H9// 9AemLNqIqIep0BoPRs7Dy+jbu5ehnJ49cTS6rDHXIrJTH2Djkuno8fP3eLtNE+k41W/6Jrr99Bsm z9uEuLTcUod9nA5ZItXJuDmboSizrkU8jDiMPsbPp4eHB8bNCi5zkrrHlRV7Ht49vYzb8cTM1Ycq dSNA1KpwK+wQBrn9ga6dP5Ju+tna1cHHX34Dmac/dhwOQ2a+8TtAr8X+jXOl/eo3aSkURW72aZXp mDXCz3hcfLD5cAXmRNBrsWbOMON7vLBs2wXLZdVpEHfzHCb6e6H715+hjl3hja8aeP/TLvjvn25Y s/MYUrLzjXUg4tqxYKmsvsMmI67od5leiXUzh0t/D1x3ovyiqrOwdNRQ6T2Ltl4s9btUlfcIG+eO Qbcun6COcQiFY/3mEPrMQIaliSaJiIiI6MUN6PTk1Col8nOzkJiYKL2SklORpyiAWlvJMFVKQDcQ oVYqkJqSjMTERKRlZEOprlgrp7USdVrk52YhyVhvaeml75NWo0JWepqxjpOQnZsPjcX6FaFSFiAj LVU6HumZOVCq1FXW+qxRKZGV8Uhaf+qjTBSoqvbJAS8iUauBIj9HOp5JSSnIzS8o5Tg9X6JOC6Ui DynJSaZzKk8BdWm9gp4jvaiDUpErlTUlNR0KpQoiG9CJiIiILGJAp6pRZkAnIiIiIiKi8jCgU9Vg QCciIiIiInoiDOhUNRjQiYiIiIiInggDOlUNBnQiIiIiIqInwoBOVYMBnYiIiIiI6IkwoFPVYEAn IiIiIiJ6IgzoVEVEJN2+gBUrVmDFihUI2nIA2So+S4mIiIiIiKiiGNCJiIiIiIiIrAADOhERERER EZEVYEAnIiIiIiIisgIM6ERERERERERWgAGdiIiIiIiIyAowoBMRERERERFZAQZ0IiIiIiIiIivA gE5ERERERERkBRjQiYiIiIiIiKwAAzoRERERERGRFWBAJyIiIiIiIrICDOhEREREREREVoABnYiI iIiIiMgKMKATERERERERWQEGdCIiIiIiIiIrwIBOREREREREZAUY0ImIiIiIiIisAAM6ERERERER kRVgQCciIiIiIiKyAgzoRERERERERFaAAZ2IiIiIiIjICjCgExEREREREVkBBnQiIiIiIiIiK8CA TkRERERERGQFGNCJiIiIiIiIrAADOhEREREREZEVYEAnIiIiIiIisgIM6ERERERERERWgAGdiIiI iIiIyAowoBMRERERERFZAQZ0IiIiIiIiIivAgE5ERERERERkBRjQiYiIiIiIiKwAAzoRERERERGR FWBAJyIiIiIiIrICDOhEREREREREVoABnYiIiIiIiMgKMKA/R7mp8YiIiCjzdTPyDtIys6HVic+7 uC+UvIwkREREIDL6PjQ6vfT/jxLvISIiArHx6dCbvUuEVqcr9j85aYZjFB2bBNH8DS8UZW46blw1 nFcPUnMq/D6dVmuhrgzEMv72dIlIiL2NiIgI3E/Kei4lIOsnalW4e/sGIiJuID1X+bxKgczkOERE RODOw7Qq/bzotNoqXFvZRFEHnVj0d0hEYlwUIiIiEJeY+czKUR5FbiZu37iKiIgIXLseiczc3Odw Dpj/ltDT8Sw/A0REzwoD+nN0dfcKyAUBQhkvZxcP9Onnj8mzl+FGXMpzCkMvnsgTQRAEAf2Gz0Om uvCiUsSBdTMgCAJmrDyKIrkdyrx0HN6xAcevJxVZi4jL+1dCEASMnLEZBS/yPRK9Dhd2L4OLzHBe DZ8ThAJN2Tuk0ypxO+wINuw8BY3ZiSciJfYmli7fhBzNc7gQ1WuwfuZACIKAecEX+Lkgi7R5qZgc 4A1B7oNj1xOfTyH0OpzeOheCIGD8kn3QVsHJqlXl4eKRndh+7MYzuHEoIiftAbYHBeFmQrbpv/Ua BAcOhSAICFx/xipuYMZdO45RA/vB1VkGQRAgd+6JXUcvPNNzQGX8LTl2Lan8hemxaVV5uHxsF7Yd vWYV5x4RUVViQH+OCgO63KkXZgQGItDCa/qU8fB2d4UgCPDsOwIX76U972K/ECoT0PViPpZO6A8n JzfsCntQZC0vT0DXFaQhcGQ/yFxd4e7kBLlbf1xNKKMVXa/Dxb0r4enqjFHzdpgF9LSoUxjg4wmZ 70RkqRnQyTq9lAFdr8beldPh6iTHvK0Xnno4UWTEYWqAL+Qe/XExNqNIOawroOtVqRjn5wFBkMGn 71DMCgzE3AVLcT367rM7B0QFlk7wh5OTG3ZceFD+8vR49GrsXzMTrs5yzN189rmfe0REVY0B/Tkq DOguHuOQXkr402qUeBh5ASP6ekEQBAybuR75zyMQvWAsB3QgPycDSUlJyMhWSP8n6rIxydcJgllA B5T52UhKSsKjjNwXOgTGXzsCb1c5+o6eiaXTh0MQZAgMOolSR07oNTi6biYEQbAY0OMv7YG7s4wB nayaqNMiPS0FSUkpUKg0z6cQVR7QC7B+2hDDuf8MAnpuSiSGeMkhWHlAz39wHs5yGZxceuPcvQzp O+GZngNiDib7GX5LGNCfIr0SQTMDIAgCAzoRvZQY0J+jigR0AIBeh4hDG+AmFyBzH4ibSRUfP/y/ qrSAbklZAf1loBeV2L5gPGSCgFnrjyHy9Da4O8ng4jcBKfnqUt7EgE5UJRjQn4m82NOQy2Vw8RiN lHKG7zw1DOjPBgM6Eb3kGNCfowoHdAAZ986jj6cTBMENR2+lAAAKHt3Hgf37ceH6PeQm38GSWRPg 7e2DUZNm41h4VJEu3BrERV7E+mXzMaivH7y9vTFw2Fis2rAT9x/llbpNvU6D2FthWLt0Hgb2M7xv wNBRWLFuG+4mZ1kMRZr8TJw4sAOBU8fB29sb3t6+GD81ECGHziJLoS65AVy/cBT79x9EYo4aBdnJ 2LtpFYYN7mfY1ojxCNp5CGmlTeyj1+HetXNYOW8afLy94dO7L+Ys2YDI+PRSA/r9yIsIDQ3F5Vvx 0ANIiLqC0H07MNBLDkHujBlLghAaegDX7xrGD6bev4XQ0FCcvRht8cI6MyEaWzaswugAf3h7e6O3 3wD8u2QNLly/C63ZMRVx99o5hIbux92UHGgKsnA0ZBPGDh8Ab29v+A0aiTVBO/EwPd9sO2kPb2N/ aChCj5xBVkHlWoHyU6Iw3M8TgpMPTtxKgiYrFiP6eEEQnLH17F2z5VU5KTgSuhf/TjCEgL4jpmNP aCiOn7uCAlU+wk4cRdCyWXCRCxA8B2D73n3Yf+AI0gtMQV2rzMGFY6FY8u8s+PfxMZ4LPhg7ZTa2 7juOjFJuDOhFEcmxN7Bx1RIEDOoLb29v9PUPwKKVQbgRm2y6ECszoBvGx4eGhiJ0/yFEx6eX2IYa MdfOYc3iQPT37Q1vb28MGTkR6zfvRWJWgVmZNIpMnDl2EMfPXkZOViq2r5mPvn4+GBgwFltCz0Fp fqDN90unxp3r57B68Vz49/U1fAYDxmDl+h2ISzO/4aYXdUh5cBvb1q/C5DEBxvrzRt8BAViwfC0u 3Y436/2Ql3IXoaGhOHftDkSdGpHhRzFvmvFz6NcfcxautPi+0olIib2G0ND9uHo3CWpFBo7t3ozx wwcaPp8BYxC0+zhylIZJmgoy47F17TIM6d8b3t4+GDlhJkJPRUBloX70OjVirp3HuhVLMGJQH2n/ Bo4Yh9Ubt+Fucnax5QuPweFTYchTaZESdxMblgair/H4jZk8B6Enr0CtK3EmqBUIP3MUofuPIr7I 5+p+5CWEhobiVnwGCtIfYsv6ZRjc18d4jgZi97FwKMxuPIm4fyscoaGhuBSVYPH7T5ubggOhoTh0 5DzyC78wygno+RnxCN0WVOQ70xu9ffth9vxlOHLhRrH6y0q6h0OhuzFxcG/DXBJTl2BfaCjOXolG 0fnbdOo8XDyxHwtmTYKvtze8vXtj7JQ52HXgDLIr+P2hF7WIunwOOzevRm83GQSXnli2YTtCQw/i Xkq2WUAvyE1F6Jb1GBXQ33CuDhmFdZv3IDFTUeo2FFmJCN0WhCnSOd4XcxauxOkrlr9vLdHkpuDw wQPYtWEhZDIBTq7+2BYaajhvYxJKnAOm3ztVdjKOHT6AM5ciociMx7qFht+RoaOnYO/Jq9DqDa3v cTfDsHrpPAzqb/jc9vEfivnL1uDCzdhik7cmRF1BaOhOw2+JrPC3ZD+u3S1nLLpeh8iLJxAaeggp eSpcOrIdwwb1QW+/AVi8bjviM0z1p8pPx4nQHZg9aQx6e3vD29sPU2cvxMHTEVCV+sEWkZl0F9vW LcOwgYbf1hETZ+No2C1otEpcOXEUoaHH8UhhOi9ykmIQGhqKY+dvQGfhOOjVuTh74ghCQ48iOcf8 9zkr5R62r1+FMQGG7wq/fkOwYNkGXIlOKDVMp8dHYdP6lRgxxPC979O7L2bNW4pD566hoMhnMTs5 FodCd2PyUF8IgoCAKYsMn4HLUZX4biMism7/GwFdr8WDyEtYu3Qhhg30Q99BI7B4xXpcufN8J3Gp TEDPjAtDX2NAP2IM6KnXQ+Ekl2HE9IWYMNC7yORycsxYdxiiHhA1ChwMWghPN2cLk9DJ4OrVD/vD zUOaTpWHkLVz4ObsZPl93v44cjmu2EVqZvwNjBvsB7lMZvYemcwJ/iNn405qrukNeg2WjOsNmdwV B8MuY/RAH8hkJd8nR//RgYjPKn4RoNcpcWjjPLi5mJfPo9cALJ4/vUJj0E9unAOZ2f45YdGOsyhz DLpehytHguHj4Wpxcj8nVw8Ert6H/KITqOm12LloNATBCZuPnsPssQMhl5nXbS//MbiVVKSeAEQc WguZIEDWaxjuPDIP8KUTcfXIejgLAnxHzEFqngbQ67Bv5RTIBAF9J640u7DLvB+GXhb2qd/ouUjP SsLE/t5mf5M79cKNNEPozku9g6nD+sFJbn4eCIIAQSaH/5gFSC0R0kWdBqdDlsPT1dK5KsDF0xdb jlw1XISVGtBFJN0+i4E+HhDkLpi2eBsyigQSUZ2LXStmwd3CeSMIMnj6DsHxaw+LlSs/NRoBfi7w GzwGcyePLnbM/MYtgaKcSfJ0yhxsWzGj9M+Sz0CcLDI2Vq9T48ye1ehVSj0IggAnl17YdvJWsYvd +PDtEAQBI+YH41DQXLg4yc0nnXT3wfZTkRVscRIRHrIIgiDDzNVbsHBSgNlnWyaTY9zCnchIuImR /XqafZZkzu5Yvjus2PZEVRaCFkyBq8X6MB4Hn6EIu2e6sZKfEoWhvi7wGjwRp47shJ+Xu/l3jNwZ E5fsLtbbw/IYdBEH1hu+BxZu3YtJxgv9kusaPWsN0ouEFui1OLBmCgRBwMz1xy0Gl4L4cDgJAjy9 RyOx8AujjIB+9/IB+PfysPAdVPi5csOctQdR+BUWc3YH3CwsNzxwkxROVDmJWDBhqMXPn0zmhP4j ZiIqqfgNEEv0ugIEzRploVyuCAm7Vyygj5+1zPD9bfZZl6H34EmISTX/zkqMPIvh/XqZfecLggC5 sxsmL9yKbFX5vXPyH16Ep5ulc0mOfzefLHUegsx759DbwwmDxs7E9JH+Rcouw/DALdDqNDi3eyXc SzlPnZw9sHT7KWiMFX8yKNDib8nC7WfKqWgN1kzzhyC4Y/WapXApctxcvPxxJd7wW5CZcAtTh/W1 /Psqd8bQSUvNvlMBEbGXDsLfx/wckzu5Y/HWXZjWtxcEwQ83Uk03AmLPbYYgCPAdswxKC+e5mPMQ w/v3hCD44ELRXhUAYs7vQR9PV4vntLNbTyzZfNTspmbcpf3w83Qr5TPggvH/Bknnwt0LIXC3sNyw 2UHFnthCRPQie+kDuqjJw941gXBzNr9YlTu5InDDEQszVD8blQnoVw9vMMzA7TIQt1IMP9iFAV0m k8HFezBOXo+DsiAPYUf34srdR4Bei7A9K+Eqk8HVsw+C9p5EalYe1Go1HiXdwYZ/JxlaHDz74eID UyueXtTiwu4VcJYJkLt6YWlQKBIzcqBWq5AcewP/TgyAXBDg5D0CCbmGCwJNbiImDugFQZChz5CJ OHHxJvIKVFDm5+D6hcMYNcAQ6vqNno+0wosIY0AXZE7o6+cLnwFjcOJiJPKUaijyMnBs+0p4ucgh CE5YEhJW7GbA7ZOb4eokgyC4YsGm/UjLyodapcS9a6cxfogfZMaLmPICeuzVMwgOXou+HnIIMidM mLMMwcGbceHmA5QV0O9f3AtPVycIghyT/t2A6IQ0qNVq5DxKwP4tK9HTTQ5B5oqFW0+bLuSlgC6D Xx8/ePoMwp7jl5FToIJKmYdLR7ajt7scgiDDhOV7i4Waxw3oojID88b6QxDkWLzLFGTTo07Cy80J grwnLtwv3oJbkBWPncFBmD5qgOEibfB4bAwOxu5DZ6EoyMWxPTuxLHCSoQXdvS/WbAzCps07kZKv g6hRYGPgCAiCAA/fYTgSdhO5CqWhbjKScWTnani7u0AQ5Fh14HqxY3rv3A64yGSQObli5tKtiEvJ hFqtRnrCHaz6dyKcBQFyrwG4cj+j1ICecf8KBni7QZA5Y9ryEOQVbQXVa3B80zy4yAS49fLHjkPn kZ5TALVajZT421gx3RBG3HoPw40kU0tbYUAXZDLIXHthw4Ew5BcoEXv1OA6cjS6ze71e1ODUtkVw lglwcu+FlZsPIjkzD2q1Col3r2L22EGQCQKceo9GqtJQ1tToU/BxkUOQu2Dqwk2ITc6AWq2GWqXA vZsXMWfcYMgFAa79Jxe7IC8M6D19/eDl6oH56/ciIT0barUSDyLDpRYnryFTkZxbytCG4mePMaAL cHVzg3vP/th88AKy8wugzMvCoU0L4OIkgyBzQ+/eXug7bArCbj2AWq1GVkoslk83nAc9+49FXJZa WufF0FVwlcsgOHth3a7jSM3Kh1qthqogB1fPHsSwvj0hCAKGztgItbFyCwO6q6cXfDw8MGLaUtyM TYRSpUb2o4fYEDgWMkGA3MUTp+6YHrtXXkB3dXOD3N0P2w9eMHwOFdk4G7rZ8DmUOWP66gOmQF3F AV2VeQ+jjHOLDBgzHzfiEg3HWa1CyoNobFg4Gc6C4fs57J4hBD16EIltwRsw2r8XBEHA4HFzEBwc jINnrkEUAVGrwOrJgyEIAvwGT8CpS5HILVBBrVQg5tpZTBnWz/C9OH4RHuWX3ZKuFzW4dvoQ1q1c AG9XGQRnT8xdshrBwVsRGZ9RLKDLZDJ49B6KA2euIVephrIgB2GHtqKPp+GzPmP94WLfZ3nJtzDc 1wuCIMeY2asRGZcElVoNVV4mzh3chr5eLhDkLpiz8Vi5N5M02QnYvnUz1i2Zafg9c+mD1cHBCA7e jHPXY8sN6DKZDDJ3P+w9fxsqlRK3zoXi5NVE5CXfQD9XOZzce2H93jPIyDGcp9mp97Fm7gQ4CQJk rn0Qft9wbOKunsGm4LXoZ/G3pKyKLgzohnocM38T0rLzkZVyD1u3H4JKBFQ5CZgxzA+CIMPg8f/i UmQcFEo11ArDZyagjxcEQYZhc7cWOy/zkiMxxNsVgiBHwOQFuHEvCSq1CqkPbmPx9NFwdnGBq5O8 ygJ6xp3T6OUsh0zuglkrdiAuOR1qtRp5mck4sGUlero7QebsgY1HTN/9elUqJvXvBUGQY9ba3Uh6 lAO1Wo2CnEcI3bQYrjIBgpM7Np+4BQBIj7+NbcEbMMZ4TTFo7CwEBQfjwOmrbEEnopfGSx3Q9aIG Z7YvhnMprROGO/zOWHvw+nMpX0UCf/Xk/AAAIABJREFUuqjTIvnORYzsZ7hoHT57o9RiVxjQBZkh 7JSUlxKFYb7ukLn74sjVh2Z/h16LvcsmQhAEBMzZLP2wF2TEYXQfDwhO7li3/7LZhahOkYyJA3tB 7uSEVftvAhBxapPhArTXwEl4kGXe5S036RZG9jFckC3fc9lw0VUY0AUBLr0CEJNevHuxXlRix4Lx hgvRiSuQaxxXqNdmYc5QHwiCgDmbTpkFpIL0WIz171mhgG6o49LGoFsO6KLyEaYZtz9l5QGzrux6 UYfrx4LhJhPg0nMQrjzIkurbENAFCK59cCH2UYk36nB2yzwIggCf/lOQonzysd3Jt0/B100OZ++h uFFk1na9LhuBAYa6n7h8v/kbH3MMen5qJPzdnSF37Ym94XEW1qvF7uWGc27ior1S3YnaHMwc3BOC zAlz1h81694qqjKxZOJgyOVOmLXuOLQWAnrmw2sY4mtoOZ++fDcUJcahZt2/gv49XSH37I/zd8yf hiDqlNg8dyQEQY6Jy/ZK54cU0AUB4xbsqFCXdlN9RGO4rxsEJw9sOnrdLGzoFIkY08cTTk7O2HAs BnpRgwOrZsBJLkf/cUukc76o3Pgr6NvTFYKsL64nm24kFAZ0QeaCxTvOm20rOfIkfN3kEGTeOB2d WoHSmwK64OSJHWejiv1Vr0rBBGPAlHsFIC5bVezv2QnX4O8ug+DeB2djDOe6Xp2J+WMGQC6XY+a6 oxaGgQD3L2yHTBDg3W8q0lSGBQoDuiAIGDplNbKUxZ99rNdmYIKvIYgs2HJO+v/yArog98Tei7Fm QyTunN8Fd5kA116DcC0ht3AjVRrQbx4LhruzE+S9RiA+R2W2Lk1+GqYGeEMQPLDjTEyRnS19DHrc eUPdeQ2ahIQc85swquyHmBbgC0FwQdCJyArN3VCRMeiCqx/C4oo/C10vanAiKBCCIKDP0DlINx5L vajCzsWG74AJS0Msfp5So07Bx0UG154DcTUh1+zvlkhj0L3GF/s9LS+gC4KAwOBTJcKdiOhTGw03 T6ashbJEEXWKFEwP8IPcyQmLdl40HYPHGYNeJKDLvUcitaDE975ei3M7FkMmCBg8ZTkyC8yf+61I uYWBPV0hCG44EW04DnpRi+MbZhvqf2QgUkrckNGps7Fq+jDjtVAVBHRRgUVj+kKQybFgx3kLOyri 5skt8HCSodegKYg3fl9k3T2Dnu5OkPeegAxV8X0TtQXYPG8M5HInjJizRbphxzHoRPSye6kDuiIt BsP7eJQezo0vV7+xSFE8+4mupMesOfth2br1WL++xGvtasycPBburoaLCK8+I3A93tQ6VBjQ5c5e uBhvPs7v5vEgOAkChk1bh/xSQoUiIRxuggAXj8GIzTH8OD68shfOgoBe/uNxP8tyS9udW1cRfS8e alGEqM3H7ABPCDIXrN5/1fLO6nU4uWU+nAQB/ScsNbRsFgnoI+Zvt/i2a0fWQyYI6DcqUBrjnHXv LHq5O0FwG4zYbPMLW+i1OL994VML6I+iThhayN0Gmt1UKKRVpGH2yD4QBGes3H9ZKldhQO83YanF 2fhTbhw0XGD7jcD9bPMLscrQiyrsX23o6j9qdhAUJc6BiNDVcJYJkHkMwcO8Ett67EniRGSmJuBK eDgyFCXLL0Kr0eDo5n8hEwSMnx+CwvypSLgIF0GAi2d/3Ey1POdAYtxt3IyKQ75aW6IF/TwyjOFc 5uSKwLX7kW8WbEWE7VkGuSBg3PwdUJXSFTLt9lG4CAJ6+o1BvLFOTAHdGRv/P3vv/RxVliZo/xkb X2xs7HYNJaVMVVeb6tme2dmN3Yn95lsz04WUKXHz3pup9CmLhIeCwvsUILwTtii8B+EEEvLeYAXC e49wcpk3n++HmwgJpQoViK6i+jwRJ0BKXZPXnuec97yn4GzY5friUvkuVEnCO3Imt5+H77FsOlVH 89VbXcc40PGSy02naTzfu4KvaQHaH1wgK9mBJKVQf/uNvLwWdIsjjca7va9L/9NrjMt0I0lJ5NWH abDrvbUuQXdlTeb628+CYCcb5uhRFuMX7eole+0tt5icmYRkdnO02/Zanz/mbF0VV+71HnsfCPi5 f/Y4iiThTpvGvba3BV3lh8JzYfd104LRSJKZWWsPv/nO7xD00XM3hRVEf+tjfOO8SJKVDUdCz7QB FvRgoIPbNy5RWXOmV89fUNPoePmYnMmZSFIS20+e7/ZhX4KusSl7FJJZZc3BPp7DaJTvXY4iSYyd vTHMfdKb/gh65sy1XaHe3blZdwBZkvBkTebWc/1+6nxyhXEZLiRLBnXd3mc99rLzJaumZyFJFtYc rH3nPsKHCLqVo6fv9VrflfLtmCWJJNdwTtRfpq29g4D25l1y+XwDF6/cot3f7fn3gYI+bO6mXh8H Wh8zb0I6kuLiUO3VPlaisWf5JCRJYtbaY/r3bn3MnNFuJLONzcfPhF3q3pkTuJOUARH0tjt1OFQZ xTmWO2+3aITofH6b6SO9SGYHh+v14/P8WhUeu4pktvNDfh2v2toJdLuWHtxo4nTTVZ63dnv+CEEX CAS/cn7Vgn6pYg/Wd8i5JEmYFSuHGvvTozSwvBb0H9s3RbVid7iY4lvB2euPelSCXwu6ah3Nrbdf iMFOjqyZpbeej55M7po1rAlXVi3CaZYwW+wUXnwKwQDlOxeFKq9baO/Hi8//4gpDzRJykoviS+Er XAC36o/gVs3IyRO5/by9m6CbWbytIuwy54q2IL8l6BdObiPJLOH6bnGfvZm3T+dj+0iCfuroRl3i vs3pe/xxsINDK/XK/MSl+/RKeTdBn7pkP+Hqxo+aClAGSNBbH11hwlAHkpTE5vw6WlpaepT7V6pI t6lIkpk1h06/tf8flsU9qGm0t77kycN7nGmso+zkMTbkrmT2tIldY8y7C/rlYj2pn2v0Ql71p7LV TdCnZa9iVKpDX35UNi3hsvYH29m5UD/2WeNn9nk/rFqajd0soThSqbquy++bEHcPhWd/Qt6KoJ+T m+chSRITFu560/vTTwKdHTx/3sKNKxeoq61i/7YfWLZoHqOzUkPjO8MLusM7iXvtvY+B9vwWE4Z5 3kvQsyYsp+XtC7aboC/4oazX0n0J+ms6O9p41vKU5nON1NWWs2XtGnJ8Mxnq1c9lWEE3ezl57m7Y vd2+ZMJPFvSVB+rD9iIHtU6O5OqNWxNXHdD/5iOMQQc9Surli+c8uH2Nurpajh/YxeoVS5g4bgSK JPVf0IMvmJluQTIrTJyzOPzzfs0aFsz8DlWSsI2a9c4wd+ifoM9ZEz4U/XbDoV6C/uBCCak2GbMt mYXLV/Wxn6uZOCI1dPz396un/70F3ZzB2Qe9hw21PrnCxHRH6F0skz58HAtXrONkRT0PHrfQEe7Z /4GC7ttwstfHLx82M9atIFnszMlZ3ud5nT1BHy6TPC2XIND65BIjrGYURxqVV8PnHAi+vMHYZOeA CPrVsh2osoTsymJ1X/WN3BWMTNbD8ZcfqAl9/RaWTRnWNWbdlTIMX84y8k6UcfPeY9o6wlyjQtAF AsGvnF+xoGvUhOTqnUVW2V569a++h68FXbFmsufoMY4d612q6s9y7+HTsC+gLkG3T+wVIh/UWtnu m9C/7y9JSGoSR88+gmAnR19XTFcf7FfFyN9ygWRJwurI4PzDvse2Pr1aqWeit4zk0pNX3QRdZvW+ xrDLhBP06v25qJLE0Bm5dPQh6I9v1JIhfxxBrzm4BlWSGDlnQ9heIwCCASp2L0aSJMbM+kFftpug z16dHzZL8cAJusaZgs0/PryjW/GOyeFld+P4AEFve/6Qw9vWMX5k+lvbMZNkd2APJdbrLugN+1Yg SRKpM9f1b8q0boKu38MWrBYFs2Jj84kzvdehvWDN5BH9vh/Mdi+ll/XGpi5Bl9OouPSw1670vY/t HFg6DUmSmL4xv99TwWman6tnK1gyeyouu6XHfsmKBafTGUoAFl7QnamzeRLmsvwQQR85ZT0v315n N0FftKWy19J9CXqg8xV1RQeZO2lcr0R2qiUJl/NHBF1Op/LtoSEhfrqgK+yuuhb+qwf9lG7L0b/7 nB/0xpUBF3SNx7cvsH7JfDK8jp7Xn1nG4XBitSj9F3TtPmOUfj7vJQl12FTu9yMXwYdMsxZO0K/X HsYdJjFcX2XMkt0fV9CVkVxuCRcJpXHrfBlTxw7rlYzUYnczdfZiShuae74DPlDQF2+r6vXx01sN DJX7f7zsE5cRBF7crsMjSVg9mZwOE1Gj7+9TsjM9AyLopw6uCTUo9a/k7H7TKP/ifjOLZozHkdQz 6aqsWBk7aQ4HC2p40T38XQi6QCD4lfMrFnS4ULoTS38q4z9zD3p/ksSF452Cnv2dLpe+VRQUFlL4 Y+VkEbeetulitk4Xs+9WHujXi++1oFscaZy5HybkPMSjiyWk2GUkx1iutbS+t6DXhgQ5bdqqvgX9 eg3pH1nQh89a1+f2CQYo3qZXyr/N3q5HIvwVBT3Q3kLujFFIkhmXJ4XMzMzwJSMVxSxhlm0cO9Pt HnhPQe9sfczqWXrFSbHaSMvIZPrcHNZu2MThY4Wcv3SDo2FC3E/nrdYrhNPX9K+y1V3QFSsLNh3l +NaFmCUJe+o4zt19a9yq9oK1U0YiSWamLNr47vuhuIz7z/Vr+f0F/U0UxbT1R/sp6BqXq/Pw2lQk s4zTncyIMeNZtmoNW3btp6yynjtXTjEsxflJCnpQ66Bg+1KsqhlJVvGmpDNm4gzWrFnLnoPHqG08 z7WGY32HuA+ooMvsqrwa/qsH/RRv1sdPj1mwvSsC5l2C/upGZb8F/cmNBsaGcoskOdwMzRzOwuW5 bNi8g5PFFVy/fo2cqcN+gqA/YKxFf58t35L349d3YSFFlQ20vmMGAhh4Qb9Rdxi3LKEmj2Tf4ePv 3M+aMEM9wjHwgh5avv0F5+vK2bZxNeNGZeF1O7sy5JstTraeOPVmiMJHEPSW240MVSQURwo/7D3y zuNVUtdEEHh5/zRpZgmLO5NTd/qY6u69Bf16L0E/nbcWRZKwD5vMiXc9XwsLOXu9Zx6QYKCDa02N 7Nu5mSkTRpLidetJKCW9ATZ7/aE3EXNC0AUCwa+cX7WgP7nRwHBX+Gmwuhere2zvMbh/BT6moBPs JH99SLQX7iRMxGt4ggFq9uu9mSNnbOBVH8u9annCk5bndAY0Aq03GWU1Y7Y6yD/TO/nWay6V7cEu S1iypuuZ3N9T0K+U78GmmLEOn8PzMOHVoIe426WPI+jnC7diNUvYRsztc/vBQCvbcyYiSRLT1x0N JcX76wn6wyuVpCfJmK1ejjfe6vPvgh0PmJzmQJLMjMvZ0S3j/PsIusaFoq0okoTVmcG+klO8au89 Dv345vm9BP1m5Q5dLrN8POtjfHj7y2c8ftJCe2egh6BPXLib9oBGx/PbzBjpQZJkxs/7gRc9prjr YPcSfYzmzNwjYYcX9MX7C3qA0tBwkXG+Lb0STXWt/+ljnjx7TmcgiL/9CdmjQ98hey1X7j7pJfad Dy+QlWz/JAW95WYDw9xJSGYri7cc4eGz3uLw4Owx5L+KoJtZndcYPsQ90M6uhZORJDNzNh0P/fKN oM9YfTT8/XvuGOb+CHqwg52L9MzzKaNnUt98u3cCwbYWFkxM77+gB18yJysJSbaw5eRFBoqBFvSH zWV6JJVzFE33X/Re6D35WILeHc3fwYM71yk5cZDpYzIwmyXsw2e9mUP8Iwj6q0eXGZdsQUpK4eTZ 8MM7wtH+/Abj3Spmm5fCc+Hfy1rbHSal9h3injxmce/7Hmh/cIHhKfYegn6jcjeqbEZNncbTn5BI MxxBTePpw7vUVRSweMZ4VLOE6sqi7nooVF8IukAg+JXzqxb0YKCNvPXZqH3NxyxJSGaVZbsr+h1+ OpB8VEEHmst3k2SWcA6dyKUH4VvQ2x5cYO26LRSW1fIyJLK3T+djlyWcaRO4GG65YID9q2YxdNgo Vu4qQgu0sTQ0XVr298fDviyDWjv7Vs3ELEmMmfs9rZ3aewt6273TpDusSEoyldd6j3kPap0U79DD y/sn6M/0sZv9FPRn16pItqtIipvSSz3ngH1N6+NrTMnSE/S8nh7mryXoQa2T4xtD2XvHzePeyx9f T3EoA7/qzOLs/daufS3clN2noN+uy8P+lqAHNT8HV+gCkzV7Y1gJ1jqfsWKKLtaTFu7umre2/f4p vVfNltZjyr83XypA2Z5VpA8dRs66fbR2doSZZk3jRsMx3FYZWXWw5fjpHvOjNxzbiMUs4R45i9vh kgsCT26cYsPG7ZRUndKvUT5A0IFrtQexyRLuzClceRxGAoJ+di6eQuaI0azdX07ro3OkmSXMSS6O nwkf1XOtJg+nVUaSkqnrlpn/UxD05tLd2CQJJW0C15/0Ph5BLUDZTv3edadN5W7rxxR0idGzNobN I9HecpPJmQ7MFhd5NaEw+GCAI+v1vB4T5+8K2+hZu285Uj8EPdjxgBlD9WmiVr813eBrXtw7z0i3 iiQlsa17YrxucvJ2krg9SyciSWbGzttMR9iGLo3z5cfYtusAdeev92taqhf3mxjtVgZM0P3PbzJ1 mBdJUtl0/EzY5TR/K8d2bmb/0QKu3H33nO0w0IKu8eBGE0cP7uVgYV3Y83P3zAk8NhlJ7ba89pyZ GZYBFfRAewvLpw5DkhQWbD4RduYDggHKDu5gd94RzoV6prXOV2yYOwZJUlm4pTDsub575oSecPUt Qb9Wvk2/B9Nn8yjMBm815uO1yj0EvePROVKTFMyyjfyz4RsE/C8fsnfLFg6dKObuU317Lx7d5OTx I2zZkx92yNirR5f5NtWCJHs4Vh9qbA62s3XeWCHoAoHgV8uvWtAB2p/fZ9Pi6aG5Pt8ee25lxpKt PGv/62dwh48v6K2PruiSKKnMWr2Hp696Jlvxt7Xw/Xx97mdn+mTuhDLZd7y4y9yxKUhmC9nr83qO /QIe32hglNeOJCmsO3oa0Dh9fCOqJGH1DKfo9M0eL8yg5qe55ggZTiuSbGNHSWju6PcU9KDWxg/z vsUsSYycsZoHz9u7bUvj7sVKRiXb+y3oQa2NBWMdSHISO0uvdNt6eEEP+p+zesZIzJJE1pRl3H/e M+u4v+0ZeRvno0oSzoyJbxo5/kqC3t5ykymZTiRJZemu0nc2PrXebcCrmJHMCot3lHZ999dyNm7e 9l4Jzh41FeJMkjF7JvGoI7SfwQCFoYaBlHELeszRDRDobKXi4EYcofGcY+Z+T3uo8qcFWlk9LQtJ kpkwfxNPW3teqy/uX2LGqBQkSWb+Dyfo1MLPg64F2ji83ocsSTgzxnPm9huBfXHnLGNS7UiShZxN R3td1+0vHrJyht4zmTY6m4ehae4+RNDbW24yY6QXyWxl4eZ8Xr0VcfHoag1ZTiuSpLK58ALtz64w MsmMpOpj6XtWPDVa7jbjG58ZeobZKenWQPQpCPr12sO4FTNmZxY1YaYZvHWujOHuJF1yU8Z23QMf S9Ali4v95Rd6yEug4xXHt+ozTqSMmsOdF51dy1UdXI0iSbiypnD5Qc/e3xcPLjNlmKt/gh54Ss5o PQna7HXH6HhLTNqeP2TLoqmh86yy7nBdt+PkZ88yffjSgi095eROwyGSZAnF6mbnyTNdDWCv9//x zTNMHOZBksxMWxZ+irO3aX18jQkZVqSkDCouPeq2H+8n6AQ7ObLehxJqPD517WGPZ1RQ83OhfB9O ixmzYmdH0fneKw7DQAp6UPNzcrN+zrwjZnHl0VtJ5IIBzhZuw66aScqcwYPQuzWotZMzzoEkW9lR coV+8Q5BJxig7vA6LGaJJM8IChuv9ZoS7s75EjKcFiTJzNJdlV2/by7dhVWWsCWPorzpbo/j3NZy lxUzx4SSs/UU9MfNJ7FIEqothYIzPRNjtj9/wPp5E0LLdZtmLdjOhtl6no/08fO58bjnMQv42yjZ l4tVMaMkpVFyXs+c31y6iyTFjGTLpLrXva1x/3IlQx0KijOT6qtvpizdt1KfgjV7U1HY4SYCgUDw KfOrF3QAf9tzqk/sY+aU7xg+bBjDhg1nwtRsjhTX9Z2F+6/Axxb0oOansWA77iQVSbHy7bR5HC4s p7GxkcqS4+RMH6tPs6U62Hayew9NgIsVB0i2W5BVG1OzV3KyoprGxnry925mdKY3NPVZTlfFxN/2 lNzZY0OV00xWfb+L6rpG6msq2bFhGWkuG5Ik8928TTx5LV/vKegAj6/XMzpFzwabNX42R4sqaGxs 4OjeTQxPdeFKTcVm7q+gd7Bssi5/4+fkUtvQwPmrd+lL0AEeXa5ieGj7Q0dPY19+kX5ci4+zZM5k vRJidbPlWP2bytQHCHpz9WGmTJ7MlLkruPWj4ZgaVyr26JUr51AqLj/6kb99vV/trJqiJ3Rzj5jN w9YAoNFwdC2SJOFKHUd+WTWNZ851Cebza5W4baGpcQ4V0Vhfy91nndw7ewKHxYxZVhk/exlF5dU0 NjZSdvIoS31TuzK4S5JE5vRVXb3UAPcvlDHUlYRZtjB2Wg75Jfo5PXl4D5PGDkWWJLzDp3Hx3vMe Ie7dBR2g9ck1pma59OttwQ9dwxCCWieVB9frDQSqjUmzF3G8pIrGxkbKTx7FN2mEnrTRnsyByuau 9X2IoBMMcLZoN16bimKxM33+aoora2hsrOfo7k2MSHdjliQyJy7laXsArfMV6+fq0mNPHsb3Ow9T 19hIQ101e7etZ2xWSreZH3pOD/UpCHr7k6tMGq73HKeMmsKBY8U0NjZSX1XKD7mLSXO9mRbT5hlB 08NQHoCPJOiqaiHJmcLSDbv141xdysp500hSzShJyewpbepxbT25VhdqQJAZNdnH8VL9+i48vINv M5NxDx1Nml3uR4h7gIKtOShmCdnqZNHaHdQ0NNLY2EB+3k6mfzusW4JHhWV7us0rHQyQt26mLkKj Z1NeW0/DuctoGmj+V+xYNg1ZklDtHuat2EhZVZ3+7N6/jW+Hp+gh+BnjOXWz57zlfdHRcospw51I koV5uTupb6jjyt2n7y/owKsHl5g5Jh2zJOFOG8m6HXk0NDTS2FDDjnVLSHZYkcwyY2ev4XGYeb/D MdAh7s9un2G014ZklskcO4VdhwpoaGyksa6avVvXkuXVRXzl3vKuZ3xQ62R56F3y7ezVoXfJO2Z+ eJegAx3P77F8hi7Tdk8GyzbupLqugcbGOg5sW0dWslNvTBg1h7sv3jRu+tuesGnBJGRJwpU2iu93 HaG+sZHyoiPM/W4kVosF2WzuJej+tkfMHelGkswkZ41jz9Hi0HPyMHMnjcHpTScrxdlT0IGn1+sZ 5rEjmc2kjZjAtoMnaGxspK66jA1L5+BMUpHMKnPWHOBV6Nnvf3mP7G8z9HdNygg27jxEfePre2EH E4fr0XmTFm17My1gMMCRjXoy27RRsyirqafhXHO/IkIEAoHgU+BvQtBfE+hsp+XpU54+bek5d+nP xMcWdADN30ZN/k6Gp7rChvg7vJlsOVzVqwdHC3RwqvgAo9LCLacyamoOF98KPWx9epsNC2d0zdve vVhsbubn7uRu94rQBwg6aNw8W8rkEWlvbctM2ojJ5Bce7neSONCoPpiLpVtm4bGLdqIF+xZ00Lh5 roypo4d2TQ/TfR+8GWPYfaKWth7joN9f0OuPrscsSZjdY2h+2HtKoK696gprlBgxYy0v+zkWsLl4 i75+1cbeCr3n5/H1ekZ6bW/OYdp4rjzSK3Fa2yMWTsx6891llQMN9/XQ1M1LcIS5BiTZwvDxM9i8 YRl2i4wlfUqPXvagFuBK40kmDksJc80pZH47k+qLd7qiL/oS9KAWoKlkNw7VjGxxsuX4qS550Dpf UXJgE5lvZc1+XTzpo9hd0NCj5/GDBB3Q/O3UFewONei8PcTGwpgZS7jSrTf28fVTTB2VGnb/bK40 cnK/Z864NCTJzKqDb6YJ+xQEnWCApvKDoXncwx//NVu2MtpjwZzk4USoAeJjCfqU+RtZPufbkKS8 uX9dKSPYdbzurR5ovTGvPG8Tac6kXvd8+qgZ1F1qZkqy0q8kce0tt1g+6+1th7JXW51MzV5G7gK9 l3DCwp10nz3wat1hUmxvGruso+d19YZ3vHrMztXzcHb7vPt9lDV+JhVnb/ZbZoL+VvblzumRoXvR rgqCHyDoAI9unmPh1LFdCdd6fH/FxtSF67jxds/1jzDQgh7U/FyoOsLoDE/Ya9Vq97Jk0yGetXX/ Xho1eWt6vEvGLNzx4yHY/RB0gBePrrN2/rReGeX1YmHM9IU03eo95OvV0ztsWjSTJEvPKMIkZzpb d+0g1WXrJeigcf1UIaPT3b225U4bzaHyejbMGtVL0EHjVlMF00ZnhHkvSlhsHhas28PD5z2HGD24 Ws+McVmYw2T3l1UbU3M2cOtJz+F21xuOktptlgvrKB8v+sgJIxAIBJ8af1OC/kvjatUxsn0+5i/a wvP3EPSWa3XMn5fN/IWbf3T5oBbgyf0blBYcZsWiBfh8Pnw5y8k7Xsz1e72TUHVf7um9GxTnH2TJ wvn4fD5WrNlMWc0ZnrWGn57H39HKlfMN7N22Qd9Odg7b9h2h6fKt3o0iQT+HtyzD58smv+pq2PXd PFvCPJ+PVZv28TzMoM+XT+9TfvIQS7J9ZM+bz/b9J7j58BkvHl5m1Twfqzce5EXnG0GvL9iFz+dj d/6pHpWmQMdL6suOszwnG58vm80HSukMwuXafHw+H9/vKgk7j3Xrs0fUVhSxbsVCfD4fCxau5Fhx JXcetvQ+rsEAFYd+0Ld/rDFspe357TPM8/lYvOJ77r98c7yuNBSQ7fORvWQjd5619V4wRMfzu6xb PB+fbz6HK5r6/Lu38b+8w+rX3/2QPq41qPm5dfkUW9Ysx+fzsXDFDz22/eLRTQ7v3ER2to/s7Bxq QhW1gL+dq+fr2fXDGv0a8M0T4I44AAAgAElEQVTnh50HqD3VRMvLNvwv7rBu2SJ82Ys5f+/tJFEa Lx7fpaLoGKuW5uDz+Vi8fD0nK+p59Lx7446fwt36+g8WX+j1fQIdLzi8Rf98xYbdPH71phId1Pw8 unuV4vw8liyYh8/nI3vhSo4WlnE7zHlra7nNhhUL8M1byYW7YcbH94OgFuDx3WucPLqfxTn6vbRy 3VbKa8/xvO3teX41Xjy5R1nhYZYv0vdv0bI1HD1ZxtVbD+kMBDhbeoB5Ph8b9pzsGrf58GK5frxW 7Aqb2ElrfcQPa5bh8+VQe7UfkRVoNFcdwufzsW5rQe8x10E/Ba/PQUnvpGSdrx6zJTcHX/ZSGrpt L6gFeHTrMvkHdrBgXrZ+jtZtoaiilruPnqEF2snfua7HNdz29FbXObh4L/w5KM3bhM+Xzc7jb8LB A60t7NiwFF/2Mk5ffy0SbwR9Tu5xWl+1UFt2jKXzssmel8PeI8XcuB9+aksALdDJvesXOLx3C/Pn ZePLXsKhkxU8fNZKwP+crcvns2jpDzxuf/PcOVe6H5/Px9YjNT3CcTtetdBYXcK65fq1nj1vMQeO FXD+ym3aOv08uFLDAp+PZWu387hbA6UW6KD5dCXrlunPnaXr9vKqW2Oc1tnOjctnObJvOwt8Pv1v cjdRVFHP4+f9S4jWnfYXjyk9to9F87Px+eZxqOw8WjBA0b71+Hw+9heeC/seeXytnnk+H0tzt77V wPr6+z/jTF0lO77PJdvnw5edzcbt+6k7fYnWzp82xKft3nnmZWezYPHWHu/D8NcAvLx3Qb+/5q3j 3svw77OgFqDl4W3Ki/JZu2Jx6J22kB37j3L+yu2wY6YDna9o6PYu+WF/aa8cHj034ufErlx8Ph95 pc0/8ofgb39J89k69m37nnmh85r7/Y4+niPdl3tF85kaNoee5au+3835a3fpfNxMpsceRtD14WIt D25RfPwASxdk48tewLb9x7h29zGa1sHJ3evx+ZZxIUyiv9Znj6irKGJT7jL9mM3T6wFnL93ss3Ok 9flj6iqL2bp+Zeg4z2PD1n3UnW7mVUfva0ELdHDpTBXrly/Sr++1e3j5M0ZECgQCwUAiBF0gEAgE f0P0FHQxflXwt4r29FKfgi4QCASCnw8h6AKBQCD4G0IIukAAQtAFAoHgl4oQdIFAIBD8DSEEXSAA IegCwd8a1x0jORf1j6IMYGk713uI30AgBF0gEAgEf0MIQRcIQAi6QPC3xtU4F6f+fYQoA1heNZ57 94F/D4SgCwQCgeBvCI0LtQVs2rSJwqrmH8+wLRD8itFaH7F351Y2bdrN3RfhE+UJBIJfD0LQhaAL BAKBQCAQCAQCgeAXgBB0IegCgUAgEAgEAoFAIPgF8LagX/jT/+LejMWi9LPcHDpRCLpAIBAIBAKB QCAQCD6ctwX96pDkn3uXPile1Z0Wgi4QCAQCgUAgEAgEgg9HCPqHIQRdIBAIBAKBQCAQCAQDghD0 D0MIukAgEAgEAoFAIBAIBgQh6B+GEHSBQCAQCAQCgUAgEAwIQtA/DCHoAoFAIBAIBAKBQCAYEISg fxhC0AUCgUAgEAgEAoFAMCAIQf8whKALBAKBQCAQCAQCgWBAEIL+YQhBFwgEAoFAIBAIBALBgCAE /cMQgi4QCAQCgUAgEAgEggFBCPqHIQRdIBAIBAKBQCAQCAQDghD0D0MIei80NK0TTeskEAigBTQC AY3OTj8BTUPT+MUXfT81gkAgtP+BTj9awE8wCFoQgj/3YRYIfsFomkanP4A/oOEPaGih++bnvrd/ /L6HTn+AzkAATdN+7kMoEAgEgl8hwSD4NY1ge5DOoJ9AZwedgQCdmkZnQP/ZH+ikI9hBZ7CdgNZB QNM+2dLW0UlHRztaoI1W7RVt/k78nRrBgKhJ/xjvEnQt5CqBUJ0lEAjgDwQIhPwlyM9frxrYon9f f8DfrzqaEPRuBIMAGgT9BEIHsNOvcfnqDfILijiSX8DR44WfRDmSX8CxEyc5fbaJtrZOtECAoBYQ gi4Q9IOAptHhD3D2/AUOHD7Kzj379bL3wC+27D90hKbmy7xqaycgBF0gEAgEHwFd0CHYEaQzqNHR 2UFHoJPAqxfcry/n8roN3Fu6ikdLl3N/8VLuLF7K7aXLPtlyZekSri1bxO1li7i5ahUPSsvxv2ol EAj83KfiF01/etC7i/mV67c4fOwEu/bsf1N+AXWrDym79h5g1x697Nl/kIrqWl6196+OJgS9G8HX 1hoMEAgE6PRr7Ms7huJII9HixqQ4MSmuX3xJUF0kqKH9Ndv5btJMnj970fX9hKALBH0TBDoDGrv2 HUS1u0lQ7cTLDuJlB3GygzjzL7MYzUmodjf78o4IQRcIBALBRyEY1CO2gp0BOoJ6g3a7/xUPVm2g 0hDL6cgYGj43UBQdybEvIjgeE0GNIfKTLVVRf0dp9GdURg3i3OfR7P/ya+pnz0Bre/Vzn4pfNOEF XYOg3rDxuhc5EAhQVlGN2ZZCosWN0ezAaLZjNNuJN9t/9rrVh5R4sxOj2YnR7MCkOEm0upm9YBkv XrW98/gJQe9GMBDUe5g1PbS1rUPDmz4ak+LFqHgxqV5MyqdRjF3/ujFKdioqa9FC4TivQ0cEAsEb gpoG6KFV9x49xpM+DKNix6g4iVc9v/hiVF2YFDvDxozn6fMXoXtciLpAIBAIBg499FgjGGjHHwjS 6dd49fQ2Nf/fv1IRFU21IZqKqChKo6OoMUTRGBlFreHTLaciYimPiqUoOoYzEVE0RhjIjxzEi5rq n/tU/KLpW9D9PSS9rbWD7yZND+8yqvdnr1t9UL1MScakpGBSkjEqHuJkJ0bVTWlFTVdof18IQQ8R DL4RdAB/QOP23ceo9vSfXbY/pMTLHkyKm30HjvD6OhByLhD0prugN1+9jsWVRrzqJF51Y/wESrzi wqg6cSQP5dqtO6FvJQRdIBAIBAOHnpMlQDDwCn9nEH+nxpNrZygxxFBliKXaoAttWVQs9ZGxnI6I pcrwxSdbTkV8SY3hC8qiYqkyRHPaEM2pyAjuH8j7uU/FL5qwgh4MQLBTl3T0MdlPnzzH7kjpu8Px F1C/et9i6i7osgej4sakuNmfd/Sdx08IeohgEIJ+XdCDQfAHgty+/yQk6J73KO73XG5gi1FJJs7s YseevC4xF4IuEPQmqIXyNKALuupKI051YbR4MKmu9yxOTKr7A5bvf4lX3cSrLuzJmVy5cVtvmQ2K MXICgUAgGDgCQQhofoKBlwTag3S2azy9UEPVZ7+hNDqWps9juDIohobIWIqjv6A4OppTkZ/1XQx/ R2PkZ3oxhPvs7zhl+Ls+l9c//6zn3xgGdS3ffV09l9NL12d9bKM05jMqogdRY4igODqaoqhoagyx PDh45Oc+Fb9o+hb0Dgjqeb78fo1HD5+SZE/u22V+tO7jDtWzPqT+5CShxzoGsM6meDHJyXpDg9mF SXGToLo5EBJ00YPeT4IAwQDBUObG2/cfojjSMKkeTGqo5UMNybfsxCQ7MSpe4pRUTEoKibKHBNmF UbWTqCQRZ7YTZ00nzuzGpLhCIQ/ubheEPiZBb2nxEK96Mb5ev+LCpHhIUFIwml9fuE79X9mLSXm9 vCv0s7drP7sXfX0udu3tKehC0gWCtwgG9PsfXdCtrqF6eJWSglFO0+9L1REqbgYrHgarXkyymyGy iwTZgUmxI5ltfKOm8k1SKmZJxSinYlJcJCo2TJZkjIoLo6I/qI2KHgZlUl0kKk6GyE4SFCdG1RV6 Lrj0ooRkX3GEnjPJmFRvV+9+gqyvy6h4cHizuHLjjh6CqAlBFwgEAsHAoQUhoHUSCIIWbEfzd/Ck 6SKVn/17agzR/S6nIw2cioii2vAlZVEGSqM/pzgmivqIGOoNBk4ZImiMiKU46itqI2OpMRjCrqfC 8BXV0f+JusivqI2MoNbwd1Qb/kh51OfURkZTFWWgPmoQdVGx1BliqYiKpDIqgjqDgdpIA7WRUTRE RFMXGX4/aw1R1BhiqDbEUmWIpTbSQH1kBPcPih70HyOcoHf3j9eudf/xUxR7cliH6bs4SLDYMUoT iVcTSVCdJKo2hpg9JCo24q12TLILSXZjNCcTZ7WGXc83agYmq4IqKZhUF3+xphI/ZDhms41EWa+b xSvJGOVUEhR9GKEx5Fbxirvr/yY1vIP1cjJZ77wVPeg/kXcKuuwmweIlzuxEsroxW+wkqE59nHe3 8ekJFjdykpNEqwejLY3EJA+JqrNXr7pR1ceIJ1qTSbB4Q79PxqSkkqAm6xes4tFbX+TXku7VwyXU 161KntDPQtAFgg+iT0F/3QD2ukfchUlJJl52M8SWjGpPRU3yYrV5Ue0ezLKNv6ipGB0ZWNUkjJIX sz0Fs9VOguoiXnaG7luvHvak6s+DBNmjy7ei37s9x5d7iFNcxMkuElUvCWYXCaonFNbuJkERgi4Q CASCj89ACbouvTEUxho4+3kEDRExFBn+yLY//xOVhhhKoiIoi4ml0vBbqgyxVESFF/Sa6N9TZxjE sdjfs+fv/xv5MVE0GiKpiDJQFmWgITKW8sjfUh3zJw7//s/s+/t/5Mgf/p6amD9QF/kF1YYYSqIN VEQJQR9IPqagJ1hdxKs2Es2TMdtVjFISJrOFIbJXT+xrdWO2p2JWHJjkZIxJ9j6E2Uu8kkSCNR0p yYNsc5Aop5EgO0iQX7taCgmWFCyOFCyOZMy2ZFRHGlKSN5T8zYXxdb1OCPrHoT896K970Tdu3cPx ggIkqw2TYtfDSy3JxKkppA6bwMVL13GlDmPrwXxOlFYgW50kyG4SusZVJGNUUjAqHhIsHhYu38DY 72ZjklMwyulM963kzMXLyI5UXdrllJCkJxOvJhOvvK68e4lXk/UGAiHoAsH706egvw6heh2uro8p mjh9PsUVNZw5f5Wa2nOca7pCVW0DM2bM5d/UFA6VNbBx7VqMkpsTZbUcPHqMRIudeMVJvKK/GPTo F8+bhjjzm8Y4o+ruEvQ4i5c4SzIjJ89jWe4PmIZYMclOEizerns8Xgi6QCAQCD4yAyXodZG68BbF fkbT55HUDvo9px2j6LjVzA1PGsejdSGvNnxBjSGW8qioPnrQf0vj55E0pQ9De/yAS2npnIn4j9QZ YqkxRFJh+Iqq/1fh7v4tvKot4F5hHs9qj/M4fxdnPW7ODIqmxBBBeYwQ9IHkYwq60eLEaHEwb+Ee dh3chUm2YTRbSJC9mFQb3yhe9h0pYVXuWkxmF3GqLex6hshOTKqXf00aTfO125QUHCNhiAWjGopY VlJRXcPYvPsAp881U9vYRN2pCzSevciWnftIVOwMUULRzELQPx79FXSj7GbMxBncvvcAb/pQEhQb JsVFnJpMvDWdA0eKqK5twJzkxjV0LClZI0lUbHrPmOzWxyGYXV29XmZHGvWnz7Ny1UYSzE5MSgqK K5OhY8aR0DWGQR+/YJSdGBW9N94ou0Phsro4dO3f61B8IegCQf/pS9DV16Ht7lCETCqpwydy72EL W7fvwp08jPhEG57UESxfvY4ly1bzb2oKJ2pOsXn9GkySE0/WOFIyMhmi2jBZvAwOtcwmmO0kKvZu Q1VSu4awmGQ7RtmOSXXpveeql0XrdnK+uRlpiESC2U7C69AqIegCgUAg+CswUIJeG/kl5yJiKY/5 jzRExFLx1T/TXFPMg8ZKWgoOU/Xl7zllMHAmIobyqBhO9xGCXhMZS23s11w6eoCLBcXc2rOVuggD pdGx1Bs+56Th91zYmsf9zeuo/4f/Sd1nf0/FH/+Z+uFDuTr1O4qiomkc9DkNhvANAELQ34+PKejx qos4q4ucxXs5cGQPJslKgmrTx3qrDr5RhnLgWAW5a1eSIDneRBy/VRIVB/HmNEbOWEnD6SYunj1L xtBkjKoNo+ImXh6Kb8lamm9cZ8y33yGZHQxRHUyYPJutuw+g2LwMUUPTqAlB/3j0R9DjZX3sqOxI p6qxibkLlpBotmGSXRiVFBwZ33Lj7kPmL8ghQbYhuzKxuzNIVB3EyW4SLB4mT89m7vzFuD2pJFg8 pAwbz7mmS2zevBVvajomi50hdg/25AxMihPFkY7VlYnFlU72oqUMGzMeo2TDYk9lyoxsJk2brY9l V9yhCrvoQRcIfjJ9CnpoOIniJd7swSh72LTrAEXllahWO4mqpysaxiTbSTAn8RdrKser6tm8biWJ ZgeqNxOb00OiZCde8RJvSWH0xJksWLgYT0qa3sinupGdWVjdmVgcHuZm5zBr7nwsdg9G2YbFk8W6 7Qe5dLUZj8uOzZmCSXZ3hd8LQRcIBALBx2agBL0s6kvORMRSFf0ZtZF/pFZO5dXdRspkN50NtVT8 y79QERXBmYhoSqNjONWHoDdERdPkGsvtigK2/+6/0FJykpP/+19ojPiCxshBVMT+mXsnz3LTZqMm chCHY76kNPZ3VBtiOfl5BCd/+wXFMdFU9DHGXQj6+/FRBd3iZrDVzcLFezh4eBemISpGxUa84iFO tfNvUpYu6OuWkCjZSFDd4YXZ6kayj+T85WvM8i1m24489uzZQqJqIc7sJE4axvc7D1FcVYxZsSCF coolqG6MslNfr/I6sZwQ9I/GuwS9ey96vOJm0tyVVNadxeF0Y5I9xJlTmJ6zhuKKKqx2B0MsDtbv zKOwqIwE1Ysz81uKK6spqajm0JECysqrmTJnMQfzS3jwpIWLF85ztOAESSlpfDtzLlV19Ui2FBat /J6yqhr2HS3kwNETXLh6kz37DnLseDFH8os5deY8G7fsCPXIe0PzIXuFoAsEP4U+Q9xDGThVj54w zuzlVNMlfKFGOKPiIU5JDc136SRBtvONNYVjVfVsWb+SRMnO/hNl7D9wiCGKF1f6OI6cLOdkeTWH 809QUVvL9Dk+4sx25ixdz5mLVzh49BgH8o5QXl1PUVkFLk86i1d9T0PzTZ623Kf45HEWLdtAvKRn CtWnWfMKQRcIBALBR2WgBL0i6gsqomI5FfkZRZ//IzdWbuD83O+ojPwd1xeu5tz8aRRHDaLSYKDW EENFVDR1BgPVhmhqo6KpMURSHR1NVfRvub31MNeyZ3NqUAyX5izmytallBt+S2W0gULDH7m1IZ97 hzZy3vgNBb//miLD31Ef+Tn1hmjKQ1nZ6yJjhKAPIB+3B93NYIub+Yv3UnjyEEOzRpE28lvSRown ZeRYXJnTKCytY+26pSQOsYWywXtDWdRdIbF2843Vy5zFP9Dy5AE2Zwbjpy3l1q0ruD26Q8XLw5m7 ZB2Xbl1h/sLFpGWMJc7s0HMJKS5MipN4xU2c0s/QfCHo70d/BP1NcTLEPYFzF6+zevVM/qKmYLKN JL+hiRmzfZjMNkyKm5V7jlFedJR4Sya5m/NoqCtBVZKIS/AiO7OQvCMYotioOH2aFcuXMTjRSpzi ZOysJZytLSTRlkxO7mZabp3BmTGWuCFucrfn8+ThTTIys4hLtDN81HdcunKOZE8m8Uo6cRabPmZd SSbe4hKCLhD0hz4E3SinY1JSGWy1MtiSSoJ5OHduXWfshAkY1VTizB499F12kyi7Qpk/vRypOsuW dasYItk5WFTNibz9fCOnsu94Ceca61AVO/86xIFrxHecPnsOiyuTmct+4Nbt64waMxaj2YbqHcXV h/eZNm0Gf5FcZOfu5vKFOhLi4vlGGkqcmozJqhKnpoYaCYSgCwQCgeDjMWBj0A0xVERFcSbiP3L4 vyfRVlFN8T9GUx85iJJ/NvGqoZZT//zfaIiKpjIygprf/YHar7+m9E//SNUf/0TjoEEUR0VT8HUi z8+f4fT//jMNEV/REJfG/Ys1VP75n6iNiqU4OpaK//4XLm/fx8OzF7hUUcy1RTNp+r//wunYrykN zW9+KkII+kDyUZPEyR7iLU5mrMjj6aM7nG+6SOPFy5w918SZC000nD/Pg4f3WZ+7hoREB4lJ6SR5 RmNzZ2BzelDsTuLNdv632UNRw3nyDh4kQbYju7KoajiFb042iZIdo5qCyZ7F4rVbOHf5Os1XrpFf WMKseYtxJ2egWmwMll0MVvu3/0LQ35OfIuhxFjdGNYUtO/NpunQRmzONGfNXceHSRezODBJCk9Gv 2nOU8uI8/u8QD42XHjB71hQkyYLRnIxRcfONJQWr3UPlmbPkrl6NSdHHnI6dtTgk6CksWL2Z8qPb 9RYaxcvs5dtoOlOLKUHCJHtISR/J9RsXyRw6Wgi6QPC+9CnoKfrLwJrEYDWFOCmT5qvXmDpzVmi6 RVfPGRpkb3hBP7iXv0heTl+7zbXLzZSV1VJYdZqCmrPcvneftBETmL50E5WVpUiySoLiJNE+lIt3 brNgfg5xipec9fu5dKERWZIxKkOJV70kqFbi1BTiQmH2QtAFAoFA8LEYKEE/9XksFyNjKIz5ghtr dnBj107yv/qaxtg/cOTr/8md0nKaJ42iOiKKo4MiubZiHo8v1tNyrpzHJ3dRERlL8ed/5N7q7zmd u4jKL6Mp/f1vKfzDf+HSvq2c+dZFScT/w/nI/0RZpIGGyK9o/Pprzv+feM4PW8bDhrNc37iS2kFf Uh6aek0I+sDxMQU9UfZgsrqZtfIQhfl5uJwpWJIzcLjSsHkyUFzpnDhRxvrctSQMcTJmso+ma3do vn6bS9dvMmfeEuLNHlJGTuL63fsMTUvDaveQmORlui+H+tp6FMlCguzAqCYTr7hJcmeQmjmSSbPm c7KynqbmqzgcDhJVJ3GKCHH/qPw0QfdgkpPwDp1AfdNNJk6YRF7+cbZ+vzKUcV0PLV+95wjlJQf5 v5KT2vM3mTVrDpKsj1k3yQ4Gq8koSU4qzpxl1epcTIqdBMXOuJk5nKstIjEplQWrt1B2eFsosZSX OSu2c6axmoREBaPkISVjJFdvNpM1dDRxchrxQtAFgp9OH4Jukr16pk+LXU8EqWSyZe9hThSXISk2 TFKSnlFd9RAv68NdTKqXo9Xnegh6wcE9xCup1F26ye6dO8gaNhZv1liSR3xL5tBMEpOSmb5iCyXl JUiylQTFSYJtKJfu3Gb+vAUMlj34cnfRfOEskmQmTvaSoHpJVOzEWTzEqSLEXSAQCAQfl4ES9NLI LyiL/oKy2P/Kk3ONPCw4yIMdO2nbvIanWzbx8ngZ9woPUP3FH6iK+B2V//UfuP7f/w/V/+t/UPvP /5mKqM+p/vO/4L97lYf5h3m+ZSfPNm/hybbtPC4o4lFFAWV/+jOVkYM4FjWIIkMspyK/oCryM0oi o6gcPoFnNxo499m/ozoilvrIr4SgDyAfW9ATLC5mrcjjaN5eJCmJwRYHQxQ3JiWZODmZw0fKWJe7 DuMQO2ZnGikjviVt+DjSh43D4hxKvJxCQWk9Fy82U3C8gKPHCzl8ooijReU8fPiIVctWIJmTMJrt Xc6WoDr5RnJgsnq4euMO48aOIVG29UjOLQT9I/BTBD1e9TJEsTLY7GLBqgNUllfQcKqOrBQnRiUd k5JMouomd89hyooPYrSnseqH3ZSUVIfC3+1IFgdm5zDMFgfFjafZuGkLRrMN2epg/Iz5nKstYogt nZzVWyg7soNvzHoPnW/1Ds401GBKtGCSk0nJGMG1W7qgmywZxFmShKALBD+VvgRd8ZAo62O94xQv 8ZY0hn03i5bWDhYvXUWiOQmTbCNeSiJj1HdMmp5DgjW5qwddMts5UFhJwcE9DJY87C+q5tKlS6gW N0bZgVG2M3xoJoPNNmas3kZxeSmKxYFJdmBKSufS7VvMn7eAOMXLrOXbuHHjBqZEs55rQnYzRNaz mcapIkmcQCAQCD4uAyXo1dFfUhwZS42SxatD+8j77Z/Y89v/Qf6XX1Nq+AMnvvqfXDt5hJtpqdRF fElxjIHGSAM1hkgaIz+nLuJLzjhG09ZYytE//Z7S6K+oio2mKDqCgn/8Z1rOldKUnEqlIZYmt4Py 3/09pZ9HUmMYxIlBsTTNWczDcyWc+s2/ozrqC2ojY4WgDyAfVdDNbkyKk9krDnH4wF6GDLHxF9VN gtmLUUllsJzCoSNlrMldh1GyE2916T4UGn+eoHqxpYzl2as2Ro8YhWpzo9rcKEkuhiQlsz/vGE1N F7AmOZk0bS4jxk3BaHZgNNsZLDtxpI3i1t0HZKanI1mcoel4haB/NH7SGHTFi0m2E6/acGVM4dbD J+Tl7UORbAxW0zEqXhIUJ7l7jlBWfITBSSm4s8ZRU3uR0qpGDuQXUFXbyLAJc0hUbExbvIFzTRfI yy8kNT2TCdN9nK8tYYgtg4W52yk7vJPBcjJGs4vZK7Zw7lQDRpMFkzmF1KEjuHLjApkZo4hXRYi7 QPBe9JkkzqsniVNSMKrJxKkujEmpzMlZSXFFDSWVtezNO0pJRQ21jWeZM28ZJouXI9Xn2LJ+NUMk O3lF1RQc2IVRScYxYgIFhUXUNpxl35ETlFY3sG3TJhKTPExbvZWiilLMqoMExYkpKZ2Lt2+xYH4O RjWZBNdoyipqqKprYOGqtSTIToaYPcRZ7cSpbiHoAoFAIPioDJSgn42I5HTMf+ZRTTU1GTbKP4+h wvA7ag1fUB8Zw+GoaOonzeTJsc2c++JLqg1fUB71FY0Rf6A08o+URP2ZR0XllHiSKY+KoD4ykjpD pJ74zfAFdfOWcG/zbo59+U80zJ7N/eKTXNq1nTur1/JgTwnNx45SZlM5/flXVEUNoiZqkBD0AeRj CvoQs4sExcHclYc4krcfSXLwjTUFk+wlXvHwF7ObQ8dKWbNmLUbJzmCLPhW2UfFikj3Em90sWrOZ mvpTKLI+b7pJdTJETsKkeEgdPoHmG3cYMW4Sk2fMo7SqkbKqRg4eLeBwQQl1Z5vJXfc9iqyQaHET F0rMLQT9I/FG0APvFPREsxejkky8aiXRmsbknKUMGzGcBDmDwZYUjKqHBMVJxsQFzJ06hX+T3Rit XhTLUOYuXEXOitWkZ9t27agAACAASURBVI4kwZKKSbbzb0oKw8eMZ9maTbi9aXiHjmXhzKmY1BTS Rk/H990YjJZUjLIbz6gp+Ob6SBhixySnYHGkMC8nG7s9hXgllXiLPSToXoyhKQCEoAsE70IDtJCg XyPJlaFPraZ4iVdTiFfS9B51y5vxRoojhamzF7B89Xpm+RZgs7sYIjuIVzx8O3cZ40aPxiTZGDM1 m5mTJmBSk/mLxUuC2cLUGfNZmruJydOzsSoWjKoT2+iZTJ4xl0TZQYLiwpSUhm9xLllZI4lXvQxO Goqa5CVn2Uomz87GZHYwxJxMvNWuNxwobhzeTK7cuC0EXSAQCAQDTkDT8Ac66QhCINBOoLODRxea qPjsP4RkNiokttFUh0pY8Y0eRNUf/onzw7+j/PdfUBJt4ELEIEoNETRGRnAuchD1//lfaUpJpuK3 kZRGf0GVIYqKqFiqDDHUff0VzcM8HI+MoT4qljrD5xREx1Br+D3VEbHk//6PXHa7qIyOpcAQS82f /weXUlK4MH4cV9wKDbGfczoiivKYKCqjImnsa571twXdEEWDEPR38jEF3SQ5GaK68I5cyaSJE0mQ nHxjScGkeIhXncRZXHw3dS4jR4/FJLuIt3qIU1MxKikkWPSEuhPnLmLYmAkkyi7+Yh2KyeolUdbn Uo+zpPHtzBySh32LSXGh2FKZMmMBK3I3sXjlOlIy9dB2SUkiTnZhtKb+BEH3sj/v2DuPnxD0bgSD GgT9EAwJ+r0fy+L+1kFX3YSbB0+f5uzt37u7lbf+Xun2++7LKa63evDdP/5z1/b1aQV27T0kBF0g +BGCQb1oGly6eg2bK50E2RtK+vZj9787lCSu5z1t7LrX+75HjW8t12uZruV6P0N6jXlS9DFSTm8G 127cRtNAb3QQCAQCgWBgCAY68AfaeR4Ef7ufQLvGvUunKf/Nb6gzRFJtMFBjiKIuMoYqQywVUbHU hoT97VJjiKYqJMG1hmjqun1WZ4gOiXFU1+c9l42i+q3f17z1/7c/rzZEUdX1+6ge2+urVHfNjx5L eVQslYYo6iMjeHBACPqPEU7QQa9n6f+GBP3RUyyOnyjo3R2nzznIw3tWOG8zhv08zO+66mzdt/GO +mHX3yRjlJMxyqnsz8t/5/ETgt6N8D3o/WsV+aUWMQ+6QNA/egt6Ggmypx+C/gspQtAFAoFA8LEJ dhLQOghoEPC30+H38+RCI9W/+Q0VUQZKo6Moi46m2hBDXWTf84t/KqUhMor6yGiqDDGURkVTERVB jWEQ9w4e/LnPxC+anyToP7UH/ZMpbwu6F5OSInrQfyrhxqCrvwpBd74R9NAYWyHoAkFPul4awKWr V7G5UvXpEoWgCwQCgUAAgBb00xnsJNgehGAbHcFOnp1rpOY3n1Efqfd6l0fFUBYVS11kLKc+cUFv jNR786uioqk1GGiIjKAhcpAIcX8H/RX0B4/fvwf9l1+6C7pXhLi/L5oW6kXTAmhagOetbSS500OV X/0AJ1i8v/jSfX+NqpsE1cnxwiICAT8E/QRDki4QCN7Q/aVx684dXMnpJIYypRs/gZKghvJeDBvL oydPQ99KCLpAIBAIBo5g0E9HsJNgWxB/sI32oJ/WW7cp/Yf/xqnILzgfEUtjRCylMbFURcdSb4jp Gov+aZYYKqNiqI6O5uznUTQaYjkeGcXTktKf+1T8onmXoGvBAAENXrS2kzF8HAkWL4nWZIzKz1+f GtCiuDEqLuJlJwkWNybVxbETJ9G0H6+fCUHvxhtB11t1OjWNhSvWdgmvUXZ9GkVxd5V4xYU9OZNb d++haQEIdhIM+vXx9gKBoAv9paERDAZo7WjHl7NEn//yU3lZmJ0YzXaW525A62qBE/e5QCAQCAaO oOanQ9N70APBDjoDAfyt7Zye8h3Hor+gPiKWUxFfUBwVQ3lUNLWRUVR+wqXCEEVZVBSVhihORcRw JPor8k2J+B8++LlPxS+a/vagt3UE2LbrIEbZzf/P3nu/WVVn+f5/w33uzHfu/c7M7Z470zN37Kud 7KRtxixBEcmhoMhJMgZoMEsb29CGVlExtLYYUHLOqShiEQoKKqeTzw6f/Lo/7H2qQLGD4kDLfj3P etCqU2enT3qvtT5r9+xX/q0V6L0GltNrYDmjJ82guS2FtfZPivREoJ9E6T5ZYzDGoB3kAsk7Hy5l 7JR7GXPn3Yz+G7GRE2YydvI9PPm712hozxBKhXOJQE9I+HJsx6vWjDV4QvLy6+8ycvwMysdO+4Zs 6hn7rlHjZzD/rQ/IeQHGnnRNCQkJCQkJZwhnNEIrnHYYpzHaEWiLSh3nwENz2Hbltez95VXs+NWV VF56BQd+cTm7L/36tueSy6js+P/L2HNJ53+fie//Mtt7yeVUXno5lZdeQeWlXdj36/vQbSdwVpzt R3FO85cKdGUsvtS8vXAJYyffw/Bx39R66yQb8/m115lbi51q0zu+f/j4qcx6cB51be2YPyPOIRHo fxHW2kiwa33GLVAaX2mk0igl0VqhtEZ+ze9VSqG1/rMNICEh4fQYY7DWIoQgCIKvbb7v4fs+2YJH thiQ93x83yMI/DPy/WEY/lmPbEJCQkJCwjeBsxZnLDIQiKKPKAax+cii97VN5bOkg4DALyL8Vky6 SJjPEWbbEMUCwisSeh7CCxCFAFk4M8eVhej7RDFA+iFWm2Se/Qv4MoF+OkprFyklvn9m1kSnrL9i i9ZbPkXPIx+E8TrM/0aOeTorrSv/EhKB/hdQajjfhFXuO8DO3fviiJeNBjjAuq933NJ5JyQkfHVO 7ktf15y1kfPMGD5bvgqhdFQXgjM7piQkJCQkJJwNSttEnTnVbFzb6WuZlnjWYpUCm8cJhX/oIKkt m3Ba4qzGWRMdU1usOQPHtAanbaeZeK51SbHlP8dfI9ChMyjyzVi8jdlGbVFpQ2s6R8Xuvd/wcb+6 PksE+l/IN7X4fe3Nd3jl9bfQ8QAGNqmynpBwDnAmxbm1pQWKxReKLtffTK7gxwuI//qBPyEhISEh 4UziXOf69eQ1rLVg3JkwQ+gsVmms81BGc+SN+WycPhOrBNYqrDPReTii18CdgePaUn2qWJQbZ9E2 Ss9O+HK+SgT9v8aiV2nvO3iYhx59rCPb+L9apP85EoF+lpm/4F1eef2taECLH1oi0BMSvo1E/TvU hmtvvAUvCOOfJZN8QkJCQsLfPicLdOsiMxaccV/brLVIB9ZonBWEDupff4m9k+7EGYW1CuMsJhbS zp2Z457u+pII+p/nr42gf5N0PisbFwKHqsPVPDzv8W8sAPt1SQT6WSYR6AkJ5wuJQE9ISEhI+HbS IYjdSYXAiMXsGTBrLdpZtFMYJREWahe8wIE7J+C0whrVEcXvOJ8zYF+4xtP8POGLJAL965EI9LPM /Dff5tXXF3yhol/S9xMSvm1E/VsoTZfrb8ILgrjPn3sTQ0JCQkJCwl/D6QQ6nBpN/1pmDcZZlNVo qZDWUPPmy+ycOAmrFE5HNV1KnJFjfj7FPRHofzHnkkCPsB1mLFQdOszD8x47ZQ/6uUQi0M8yixcv 5qOPPkIpdc41joSEhDOHtRalFGEYUlZWhud5f1VFz4SEhISEhPOXKH3dGIcyjsCGtCxewp6XX0/e WnQOcm4J9Pg1unFRXmMMx4+fYP5r81FKRZ84x9pPItDPMlJKhBBIKc+5xpGQkHDmKAl0KeUpr0M0 xpztU0tISEhISDincYB2IBxoa7FS4hmfopUdoivh3OHcFugWrTRK6b+6eNt/FYlAP8uc/H71c61x JCQknDlKCwgpZUe/TxYU5xdh1RHSb3yQWGKJJZbYX2ntb3xAav4HtL3+AS1vvE/q1fdpf+UDCnur MMYkGWnnGOe2QDcYHQn1JMU9EeinpaOhJANLQsK3GmtthygvRc6Tfn9+0frUK1+YcBNLLLHEEvvq 1vLI8+dsFPR85lwV6ABaG4yxWPvNvUb765II9LNMaZGeLNQTEr7dlCYBKWVHzYmkz59fJAI9scQS S+zMWssjz5/toT3hNJyrAr0ULNHaoJQ+i+f0p0kE+llmy9ZtbNi46QtV3BMSEr5dlJxwUikenTeP IAwTkX6ekQj0xBJLLLEza0fufrgj0JUUVz93OLcEOh0CPWorlsamZpYsXd7Rds41EoF+lpm/4B1+ //qC5D3oCQnfeuLXrGlNlxuS96CfjyQCPbHEEkvszNqBibOxWqOt7nglmrXJOvpscy4J9C++B91y 4HA1D8977JwtMJgI9LPM/AXv8srrbyUCPSHhW0/Uv0NtuPbGRKCfj3xeoB/4t4txxiSWWGKJJfbn TCt8oznwfy75nECfhUsE+jnHuS3QoepwNQ/Pe/yczWRMBPpZ5rU33+GVN97G2ESgJyR8m3HxJPD5 CLo7ByeGhG+G0wn0hISEhIQ/j3MG5expBbpVCm1NItDPIc5VgW6tQZtSBP3xc7YGWCLQzzKvv/UH fv/6W/Ee9CjFIhHoCQnfRiKB7gvFNdfdRN7z40nh3JsYEr4ZEoGekJCQ8NUwziJPI9D3T7gXpzTG RanLiUA/NzhnBbrRGGvZf+gIj/zmiXMyvR0SgX7W2bB5G+s2b8dYEoGekPAtxtrIS+uFkkceexIv DNFanZOe24RvhkSgJyQkJHw17JdE0I/NfBindBJBP8f4vECv6T4UWdd0VkzEJusakXWNhCcaqNmx m4UvzSc80UB4ouGsnduXWW7J2kSgn020A2ksynRWEUwEekLCt49SIZJQGVTc5xOBfn6RCPSEhISE r4azBn0agd7y0HNxkTiTRNDPIT4v0BP7+pYI9P9CHGBd50DiXKclJCR8eyg53py1OBMvIlyyiDif SAR6QkJCwlfF4jm+INCbHn0eU1o7Gxf9SzK3nm0SgZ4I9L9pEoGekHB+0CHQT+rjiUA/v0gEekJC QsJXw1lLYL8YQW9+5PkvzK2JQD/7JAI9Eeh/0wipEFJh4ixXZy3OmqSyc0LCtwznLNZZrAVjon+t s8ki4jwiEegJCQkJXw1nHNKaL6a4P/x8Etw6B0kEeiLQ/6b58ONFLPzok3jBbsEZcCr6NyEh4VuD tQZlNEIbnn7uZXwh48KQiTPufCER6AkJCQlfDWcc1hqqPifQj971CE4anDk332d9vuLvPkB+5cZz wgorN1BYuY7Cyg3Rz1ZspPqtD/nw7vvJLl9PbsWGs36Of4mZgveNPKtEoJ+GNxe8w/w33sKYqIAU TscCXZ+R7/9LB6tkUEtI+KaxKKPxpOaq67qRLYYYazre3pDw7ScR6AkJCQlfjSiG9UWBvm/CLFyo YwGfrGUTToftCH5aa7HGcbDqMPPmPY7WZ0Zv/S2TCPTTMP/1t3j1tTfR2pwk0GXUkP4q4ug7Flva 22oNQSHHoRNH0TpqkMYprA4p5Hz8MHoXoDWKbLaN5rbWuNBGnGZP5x4eUcyQy/mY+BUWylm0Vej4 7wuFDKlsAb/QRnshwLiTzusksy5yBjgr4oqb0aArQ5/2bCvKaKw1GKc69hH9yWvGRufLSfv53anv lnZWd6Q9dXw2vj/OgbYB+WwWTwi0i87plP1LzoAznd/R8b2d12WsQRmJtBpnJbp0nY5TzrH0nKL0 ZoOzCllIkfOKOCcxNnqPp7UaZwzFXAviNO9oLJ1DdL3RuRkHgZchnQ/jSqYyOo6V8XPShIFPLt1O JtWGCIM/uQfaxffSWoMzBmUM1oTYhqNYYXHaop2KJkXj0C56dtpZrHZobdBOYkoVVZXDaYd2oOLj KhdFlo3RqPi+mPiY2unovLXA1rZjpTlpn5lFOhOliGuHsxbtLNqCMxblDMpG36OcwjrdUZit1Oa0 A+EsxmicUlE7sRbrNMbPEeY8rNUY4zCW6BUuRkfP7eR7byXWgSn1XYhT2aNnGO01tygnkc4QBIZr b+5JuxdE91QbnDVYq1AdKfAO62x071zcH2z8OxeNE85F91o4sMZRWpdEhehMx3ignESb6JmUnqeJ IxFOO3Aaq0NcuhEXRGMC2I6CdqU2q0v75uNn5Fx0fdaq6LNGY41GG4czGqcDbGsDoVJoZ9DGoozD uPgZl8YZp6JzcSb6uXE444CofZX6mIifnbEWZ8Oon1ob3R8bFweKr7PU/3DRdqHovGV0LOMw2kTn qwW2uR2tNNaF0XdY2dFWTt7LaEvXHvcpK4rYxlaclPGxXcd9t85gwyK2pQnb0ITLpnFW0PrkS18q 0DvHnKjtKBmSTafIZLMEstTGLFYHtGQ8tLEYLUin25GmdC87n5uL22Hp+kvjYuc4pKN2BNEztLaj TXeM2Se19ZPnmNLPS/c1cHQcp7QIclGnP+melL7n5EEmavsnj2nxyHbScTuv58uIxox4nDWCXCFL aNwX5oKTx7ZStpq1pTnBYk1IWzZPIHU8F0ZjjDZRv7FGUcxnSafayeZy8XhNx5zRca6l8T52tnfc F+zn5o/4Gt3pMmkszsp4LI/GJWsCWtuzCCOjdugUxkbzyOfvb0c7sCc9z88d43R7dU9+3tHf247z zXmtFEMZLXCticZVG90jGxfoMpZT5v/SuBXdD42zGuHAmXhcLo2jpc+fNJ93PCtsxxwngiLZoviS Pcad52zj51vqF6fPVLLxtWi01Vir47WToJAvUJA6cqLG85R1nW21836ftC3RiY61QjQv26gNGUEq nccLJSYuYlY6/qnZkqUCorLj76N7ZrFWYWz0vI2JREZQyJLNFeK2wBefr9V0jOXE6x930thWGhM+ 1wY/3xdP/nlnvz/p+kvtKB5PTraT73PH9VCaO23H2BD9znSc76nXEf0uGv/0FwX6+Fk4YbDGnnKO CQmddAp0sBhtOXjwCI88/FhHfzqfnTuJQD8N819/i9fmvxWLstKi6asKdIW1GhkLD2tCXnpyHvc8 9QhhYNCB5mjTIaaMHMolP7+e7buPoGwkug5WbWHuw7+hoCzGapwJOgSCAw5tW8VtPXrjq2ih7VtN oIv4RlDItDBm+CheePM93l/wW+Y+8QLSdg641sYZAc4gHRipaGzYx9I1W5Haooxl46pljJo6mrZc Cq0DhCtgtYsFZuc7pDsWU5QmQB0tXOIFQknwOas7P28ETkeeVdOxmLc4LdHa4usmZsyYzsZ9B/Gc QqlIPJQEAE7ibCREOxbr8QIFp7FGUgzyLProfQ63NOJUjqIFrXUkHp3EuNLEH4kLayzKSozI88yc KTz18qsYlUEqTWg0SvuEuSzTJwziUFPqC3urXLwgVZbI6aIMYZhjxoRybu09lKxXxNkiWjmULpIL cjw1bx5TJk9izr0zuWf6ZKZOnsScBx8lnS+ctkUZC8YYlFHYUOGZgOz29Sy64gfs+WQ1oTIIW0CH DhNYMscOUfvOexRlDi0lKvBp2PIJDdt3o3RAUQb4KkTokFAKjJII5VBGI7UksAqrHUpZjNAI6yOk JmypoeLaMjL1LfjKRL9XmsAIpDGY0KGMQRoTCUBjEEYTCouRBmlCtJE4EYn50BqUNQjl8JRFSYGU Ak9KnLRo49O89D22vfIhQvoI7dChI5SaglaEocEqhzEOaQRS59DCoU2AswWccITGoIyIhJ9ySGkI VEgoNZnQ0HfIcHLFAKls9IyMxtiQUFqs79CBwxiL1A5tNNoKnLBY5dDWRItbqRHKEhiHVVE/stKh tUNZjTUKbSxCF1FCYz2HtYrACLRwSBOglMPZANlWw/IJvckdbMYog1OR0JXGYrXBao0ILcI4Qu1Q oSF0EqEVSgco4xCFNFV//IRUY4aCDghaGqgYM47GqjqE0oTaRP3dgrIGLXV03U5gtMIITegMWjmk crjQIkyUZaCNxjcOHVikCGl8ewGte48TSI0f/40NHVIZTBA5AkJtybjIOWWURZsAYwK0skgdYpRH zWfvsujKWyjsOYSxaZSxaJuPHIXGdjifjHYY5TDSIrVB6SJ1n8xn5aXdyFefIFACLR1aSXLGo/7T 5eybeg8Vd89i25z7qZx8LzunzubI2Lv+pEC3xpBJtXHfA3MYO2YEc2fdyz2zZzNu8lR+89SztOTS WNHMbQPG0dLaTkv9UcaMKqemPYtVMrpXFpyKnFXKGayJHDEmHrNMqfaBFdFY5CAIUrz/znscOlaP drJjDMWJSKC6ePFtRTzuiuh7tOXwvq28sXIDVkusjhyUzkZzUWnsxCm0s8iS4C7VYLASZyWlqAaU xshovNSOU877dPtMHSCtRWmFMoL925fT5ZpreX/lJpSLHD8ufpYdQsK4WEwV43Eu6huH9m7iZ7+8 gj98vBjhQFuJdgapNTt3bmf8uFHMmDaF++bOYdKUKYwYM5b3PvqEQJvYKRQ9Q+N0fL4FsD5OObAe zqloTrU2chBZi+pwakRiCkpznmbHxuUsXroebTTS+sjCCXr1H0WDl0Fpi7BFfC2wJh/NrbGTNBKo kfPc2SB2PppT6ts4B9bYDkFt4/tqYiersxanTeezUpJxUwfx/pKNKKUxRqKsj1USYTWhBScdwjiC 2NHsYudu5OC0YD32VWxmSeUBrAwIbYBTNhoDrMVaiXQW7TSm5HBV0c+dsXhWs+qz95n72O8j5+Yp Iqx0PIU1BmVFNB4bGTlLS9dNpyMsWicYCrkUL7z8Cm2pdoQDJZqZOnEya6pq8I1EW7BGIK3oEKYq bp/OGpzWOGXApTrmd+dCrFVoI8m11lA+YjKbKvajhYnWNsbFz112tmsbfY9zGYyNt0A5D6MNocyz cNHHnGhuQgqFUoY3nn+CF15+k9C4yOltS07TUj8LYwdKyaEQO3tL45qLHKSRk7uzDXY4rOJxoOQg KzkCSmNi5BzWHesr68J47XRSoCheq1lbcsrGDh6n4mejkA600zgniQI5sVMqXv+VnH3WKayQXxDo Byb+GictRptT2nIi0hNO5uQ2YYzj4KFqHnnkyfNenEMi0E/LGwve5pXX3kB3VIkzfJUU95JodLFH X2uNFTkG3TGQdQcOIYWhkMnQrdctPDx9Gv/6jxeyadeheCGq8IqNTJ8yg6qaRqQxkag9SaBrGTKi fzf21LQjrcaoSGBqU2Dnjm307TmCE5kMqWKGTLaAM50RvMg7ZbBWI0wkrtatXsi0e56I3wdtCfJZ mnMppAmxWmJcGE3M8SIm8tie5O2OJ0d7UnQ7imDFHv3SAoF4ojkpqmPjBUMUZQ3xgzrKho1i74kG lI0WHs6Wzrkz6hQJbBVPMApjdRxxN+Sz9fTq0ZUte/fijIdnwWiN0xZjfEwcSY6iyVE0V1mNDj3G 9O/FY8/9HqNDlNZIG4niYnsTPbt2obq1/Yse5Y77EZ2nNCF7NixmSP8B9LrlevYeO47WIdqEhNqy af0HXHrZ1RyurSdUCikCao/XcM+s2dTWNZy2TZWi+do4PAuy2Mie0WOovucedg8ejggtRngExuJ0 iuaP3qf6hiEUwiLChPjK59C0cVQ8u5DAGArOIJ3BaYvSmoI1GG0xwqGMQ2mN1hLPKDwdRSiFkrTU 72bTL2/GSzUjrEYFFqXjdHFrsKHGOhEvFCRWW5xwaBm1LWkswlqE0WirEE4jlcFKjWd1lL2iDW3a 0mYsQgrqn3uGQ+8sRUgfKxWB0QgLoQUdOtqtjBZJ0ie0Hja0WGkxxqK1wbeagpEoJUlZQ1o4RGCx nqHVKhoz7fhaIbUhtJGwcsohtSU0lsBIAiuRWkV9TTq0MXhWIUz0rlerLU5arDQUjSZQFt8YpFZo Gb8TVhustuSMo6AtTgiEC/CMJDAF8s5gjUTXHGLLzVfSUteCsLrDCaeEJLAWT7uor0qLcAbfWFRo 8KWhYDXKGLymg+y4sQ+pvUfxlCAni8iW45iiRkuJVkF0fwIRiXEdOSciR1gU5c8aTWAkvlY0GIvw XBx51zilkTpAqha2/OpyDn64Gi0M2nfkrUUYQ6hDcqaIsBqpHUI6tAVtBMIWMIFF2oDAhgRtjay7 5Wb29hlAzVPPo5XGc1EmTGAtInbkmFJkzSqklUhpMNk6dg4ZQe3YyVR/sAIZZsg7g1QGr/kEK6+7 hYaPPyTIp5FBFtHawPZXX2dz7+F/IsXdIv08T/7mIUaOH0vVsRq0MigpqaurY9TYiRw6ehhbqOWW nmUUcllkIGhLpchpjVMOYwXKSmwsyFXJ0ahNx1jhbJSZIjsWzJpcqo4uV17HivXbo7/vEOhxxMGZ +B7EAjB2OFqjefvlZxk85X6sUR1CypkQbB6tDcKaOOPCxlGzOJvF2CjLJc4kioRV5MDpEF7x543R GGNOK9AhEpraCAIvzZiBvel648306FNOygs7HaMn/V3kPI6zZrTDGYkI2pl111QG9e3DnVNnoXTU rq2VWO0zePAgZj/wCO3FIsJYfL/IZ58tYuZdMxFKdYoCayJHhnHgAqwN4wyXOOIcOwyssVF2jusU yFByUBicCbnv3klMmX4fSmmEVRSaq+jRexjtsohRDm2KcfZElN2GLeCswGqNtQJtNNbJk8T5SWY0 Vqtoe90px1dRhpuJnD2lNYANC3S//Vo+W70lcsQYgbECqw3SapS1cRs06Djyb02nQDfWgi3y/G8e 4Mk330Urg2d1PM8LlLEY7RG4KKvNOEVgo35vrMQaS2A1f3zjdzz6zIIou+q0Aj3K5DFWxiJX46zq FG7QcQ/AYrWiubaGf/vuf1JTV4+0EBROMHTQECrrmwmNRBsTOfStiQVjnDllIseCtnHhT+d1OPNx CucMwhiUzFGfTpEPBVYJnCl95uTsvCgC74zGuQLaKEzsSHJOomSWfv0GsevgIYS2BNrgZVrI5H2U MWgtcEbGzzXKSIgylaIMh0j4RgENp02c9RY76zqcHZ2ZNdaquM12RsJLbTPqb1EWW2l8cUbFThXT 4VQrrZsiZ1UxXs8pnPOj+dqKDidR6Vyi45TGmjjz09Ih2J1UXxDo+yf+OnYqdzojEoGe8HlOFeg2 FuiPJwKdRKCfKBx3vAAAIABJREFUluqjxzhcfTROK4WSV7eU9veXUkq/dHGqq9OK9mO7GVU+leZA IZXCyICGVCOZE7V8/59/xIbKg/HEZ7CmwOwZU3js+VcJjcVqGYn9eLBTJuTdN55m9Iz7kEahjEPa kLDYQvnQvny2fCXKaJqbW2htS2G1wFlFGAZUVFaybNky6mpPIKyltamJV16cx4zZv6X6WC3pbI5c extHG9rQRlLMpWhubiHX1sqmdSvZXVmBEIpi0WPN6lVs2bSOolTIONUWZyJxrg1OFTl69CiLl69i 584KisVi5OV1RZxVHD10jKWLF3Ow+gie0QTWJ5c+xIBBo6lLFzAqirK1NDaydvVStm/fjJQ6jjJY rAlItTWyfPliNm3bTFs2QyHw2b99BV2uuppFK9dSV1dLUUm0EhyrPs6KFZ+yfcdmQmVQcSTBGYey BhV49O7WnRdeex+jTMcCWFlDuv4w119zNcfbU2ijOh0UcTRIW1BSYpWhtf0E111xJa+9+S5vvvgI r7z7CVILlA0QVvPH159ixuz7yOsoiqWNQSmJ1iraWnEanDYYaTDCUbQG8dH7rO3fn6CtkV19e2Ka AoQSSBWi6ndR9+TjHL5pAOLAfmRtLfLAHg4OuYPjj89H7zmK8rIYW8DW1BKsXE9u1VpkIY1QBiUt GZdH5hspbN1M87JlmAO7CIVHat9mtl7TF53Nk1c+QbEZsbcGWbTkTYgu1uKv20xx+Xp0/WG0DFHa UiymCZtqMC1Z/NUVyGMn8IzAV5ZQWbTNUfTaUHuqKH6yjHzFPnTBx/oF9j0+i8bFq5D7DxB8shS9 ZzdGyShKKhVBvo1CxV4yi5cSVO7CD4tRhFgqwvoabLYNvbmS4oo1FOtO4EuJEhanQmRrPXLdRuSn GxAN9XgtBzFNbejQUjAeYSZDsHET3pJV6JojiMDDUw6l85iaGoJl68mv2YRJpdEyuh4jHEI4claj gwz+vr1kF69EbN2BCSRKSKTyscV2ivsqCD5Zhj50EBUIlJYEB3ZQdfnPaWtpITRFpCmiq6sRH6+i sGMvuWyRvLVIIxBhjtyJExQWrcZfuQbdlkZn2wlX/5HKq68ms2or2cMn8PJp/CP7kYEmtFmEbkHU NJBaspji9gqyhTTWNwjtsO316Np6TG0j/tKVFLZtwitmUWEsYky86M+3I/Zv5MCPLqT+D4sIDtRi 0gGeLSIa68muWkO4Zg2qvYUwVJiCw0pHYAO089HS4dsCykhOLPg9W8beRXrjUlYOHkhgiQRHoLEy ylZwykULPxUV+JNKI6Vg27yJbB09j+DIGqrGzkEVg6gvCUNq/y423XAdxdojyMAQKoMJNaFQ1P/m hS8I9Mi5anBGsm7FEn72kx9xrKkxzsJxkcixilBKtAlRrYfoM3AMwsshvJC6uuizThqkLHLwaBUr Vqxjz+7dhEohHEgvzYnjx8h5Aft3b2fFqlU0pjMIB34+y76d6/jVJVeyaMVGqmuPEoYhxsSLZCNw JqSpqYllq9ayZfMmCsUixloa647xxNx7KL/rSY4ePUIqk8FaRS7Txsb1q1m3YSMtuTxBHBE22qOu 9hhBEFJbc5yKvftR1uIVc2xat4aVK1bS0p6OM6E0zoS0tbawbPlydm7djFf0IrFrTl1MWSEJZciR 3esoLx/DgcptXPyDn7Bi/ZZI8HcICx3Pl3EqsnZRxFJ7bF3/GZdefiUnjh5i5PBxNLRmEPE5a7+N W3v0YNehYxQthMZGWQJGokQQf2+nk93ZECM1hw8dYOmyTzlQdQghdbT9xwhC32Pz1p0sX7mG2hPH 8ZXuEMLOarT0aao7zJjhA5g5Zx7V1UdpyWap27OaspHTaCpkWbV8A5vWL8MLfIwVGGWxOkMq1cqa 1ZvYsmUV6VwecVJ2go0d8lZLWpsbWLNqJevXb6Dg+ZFD1kRb4Joba1m+YhUVew8Q6khwiWIbl15+ CRt3VEZbYmxIJp9h1ao1bNq+ifZ0a+Q00AFYj1Q2x9at21i3eg1NzW34YUht9W5mTBzFC+/8gUPH 6mj1fJyyFPIZdmzfxYbln3G8pR1lAoyV+Fbi5Qts3LqZDWvXkwvzvPn0gyxYuPoUp0I0L2r8YoG9 uytZ9tkiDh+qQsVZc36+lapjxynGhTmNCmlqbCCby5NOtbB59XK++88XUFG5l9qmZrKtVQwZVEZ1 W5r1Wzezad0a/Gw7Ms7QM1pQyLayY9M6Vq1eQ1MqTWAc2mqUDqmvraOQK1BbX8v23VVkcll21zXg SYGXa6Gmeh/Hqms4duwoR2uOUdfQFGecBBSLabZuXc+a1etobmrHWoMXZDlWtZM+vfqyausOqo/X UVSGlvqjpPJ+9NxUkba2ZlavXEHltq14nofnQFlFIDwa6uvI5fPsrNjBxtUrSLW1Eeo4CGNF5GCJ 22cm3cqG9WtZsWoVTe3pyEFhNc4o0qk2Vq5ew+atm5EyJHSgVUBL3TFasx4Nzc1s27YVr5inob4O qaOAitUBVoccqa0jl2/HmCJt2RwbNm5h47q15ItelJFgDNl0K+3tbbS2tlKxqxIvFBhHlFGhv7gH /cjMh7DaJinuCV9KZ5ZK7Kyyltq6Rha89YeOFPfzmUSgn4aOyGzp/0ve/r+ysXQI9NJ+L6PYuuQ9 7pr1KHnjohRfrQidIVdfy4X/dBGbdh/EWYExFmc9XnziQXr0HU5OmDg1rjNdyNgC+/ds5l/+44ek coUordTmqNywjMtvuJ6GdDMiEIzvV8Zjz/8eowOa6o4zdcoU7ujTn+EjRtK3d28WLVvOy8//jssv +TGXXtaNsmEj2b5jJy8//RQDh05GKsEHf5jPVVffwrRJExg7soxf/Oxinn3uRe65dw5jRo2k603X MWHqPXhSoUy8Z8mBVYo3X3yanrf3onzMRPr17cvsWffS7ocUvUaeeuJx+t0xkJEjhtG9R1fe/eBD CjYg1VhJv4HDafUCrPB4++3X6XpTN4aXD6Zfvz7cddccsjkP4wTLlyzi1u5dKR82lIFDBjNgyGBW rF5NWa+u/Ot3L+DWXgOYOGkarakm3nj5BW6+uScjRw+nX/8+3HXPLHwRnXNJoIdejh43d+e1txeR z3vkClny+TSpYpEjFau58vJrqE+nsVZiTCSmTRx5URakiFIMP/pgAVfc0IcTza3s2rqCnr0nkM4V UVYjTZGNK5fxs0suYfXmraS9EKk1UspI4H9JW7PGopRFKoM2BSoGDSM/fwHNVrDnkamkP9pCXmtU Mcva385j8U03sfmnl/Hh6HIOv7GAVdNGsfEXF7Ghe18Wj5xI8dheajYtYfXYCewYMY71Q4eydOY0 ZD6H0pJU3W62zJjCyrLR7Bw9hSVlwzm4fC0NO9ay7oYhuKxP0N7EthkT2ThnHoFvaTmymz2Tyllf diebRs5gbfkg2qqrSGvJwXdeYceoMjbe8wDLh04ns2YDWafRRUsoNLpQy5Enn2Rx7zJ2jZ7M+rLx 7Hj2RUS6iV33jqB69jw2zfw1O8ZPZdVNt3Ng4SeoQCGLefY+8TRrh0+iYtxUPuw3jMN//BhPCmR7 G+tHjmD3c79jzaR72dq3nPU33k6muppQC7y6I2wbMoK1Q8dSOfwuls26l72zJ3Pis6UIo2ir2cnG ab9mw6CJbB85g4Ujysju2o6SluYty1nVZwibh09mzbAxLB47laCuiYKFwDhU0ZELfQ6+/ALLB5az dfwUVpUPZdujrxD6KcL2Q+y8cyaLhoxgx+jpLBxcTt17nyCkpL1iLft+fjGFdArp1bP3vTdYOXQs O0ZPZ0WfUVQ8+xI5T+GLHK0fLmRx3+HsGnEnm8aMZMvkWRxctYzFQ3pS+eMfs3zwnayaMw+vcgfr eg6k2NKGlvWkl7/L6n7j2TFyAkuGTmT/XfdSbK/HF5J9rz3P2iHjWHr3HCruvItVN3an6unn0Up1 RGgKTpLfu49Fo0ex73v/xuK+o1g47X685iYat69m5cBhbCufzrqhU9gwcBRNlZWE2mEKjoIJsUYj rcC3EptupLJ8MO27jxK2HmXbsDJaGluwKkRJiVSSQDuEilLbrYyyFZSwhF4TG3vdTGpDHWHuKFtv 7UrzniaUUvjKUNd4lN1XXs/xV+fjtWbxhcILNSpwtPzmi0XiTLyFx2mfZ5/4DQMHDcHT+qTaAjbe GxtlAuVO7KH/4AlY5VO5fQu3396HgrFIL8ezzz1Fjzt6MWzESPr3vp3f/e5FMkJxtGorP7roJzz8 xAuMHjmMAX3uoMsNXWkp+BzYs5v+t3fjX77zPW7rPYQxd46jsakZpaItCFb57Nm6lr59+lI2fAxD Bg9i0qQpZItFHvj1XXT56Y/4yZV9GDx4ECtXrGH//h2UDxvG4EHlDCnrT9nQ4ew4cAwpQ/LttVx4 4QXc9+Aj9Ly1J7995hkOHjrEkCFDKBsyhOHDhtK31x1sqdiN0pJP//g2t956K+UjRzN4YD8mTpxM seAhhOycQ63FSo+8V+TxubN54a2FCC/P3ZPG8/Rzvyc0URaGMdEYqpTC2DCKeCqHVQLlp5kzazqP P/cyUgRMnTCJ1/+4As9IlC5iVY7+/XozbspM9h6pwZcKoyMnhtG6Y76MFn4G4ed4Yt5vGDp4KKNG DuPKqy7nvvufxpMSL9PM1IkT6DtwKMOGj6L3bd1ZvX5ztL3CGKyW5LPt3DN9Ej+68AIuu+YWBg0c yLK1G9i98i1u6z2UKbPmMm7EeHr1uInhwyeQCwJMGLKnYiNDy4czuGwEZYP6Me7O6RxvS3esMUr7 6LdtWk+3W25m6NBhDC4bytBhw2lubkJLjw/ff5dut3RjxIhR9OrTl5mzZtOWyeAVmrjgwp+xfW8V ThWo2LaJAYOjvx00pD+97+hB9dEmtCqyf+9m+g0aSv8Bgxg+rJwhZeUsXrKE8SOG8JMLL+Sm226j 36ChVJ2ooaWunuHDhzGob39GDSund/8yKnbtRhtFQ1M9QwYNo1ffvowYVs7M2dOZObI/Hy7bdkoE 3RhDIZ/j7pnTGTp0CGNHDqN716689/FSQq1ZvvBNfnDxpRxvao0cT7JIzx49WLp8JR8vfI/bu97M P/yPf6N/v0E88dtnaDmxk9tuvZ3Z855mxOgR9O7ejZ43duNIXSvWCBrraujb6zYG9R9A+bCh3H5H H9Zu2Yk0hnwhxa09ejBh/HR69enDI48/x4HdO/nlNd043tDM1k2rGTpkAIMHDGbAwH5c9MMf0K9/ GVpraqr3M2Z0OcOHDWPI4EF0u6UnNSea2H9oD6OG9OMHF1zM7QMGM3n6XWR9n/HD+vHx8nVo5bNm +Uf06nMHQ4eVM7DPHYwfPZIjbe2EJuRg1W6uufpq7r53NqNHj6Lv7T3o1rUrOS8gUAZroyi8MZL6 E9X07dOLsqFDGVI+gsHDRlFdXY0zko8+eI9be3RnSPlwBvTvw6hhZbR6IUGYprxfL4aMnknP3n2Y NeteTtQcoestN3Hg4EECY9HCUFezn0uuvp4jhw+yc9tibry1H4PLhjJ88ADKR4zhWH0TVoU89tBc xk2YxKCyoUyZNo1MLhdF7E2U9fN5gd7y0LMdFdzPd6GVcHpOEejxViBlLKHoXAOfz20nEein4bQC /Suk5nQWrIpTD63m+Xn3MWfeEygb702SlqKDTMNhfvCP32dL5UGcCaPUVeez5P1X+NHPrqMuXUAr GaUWltLvTJGiLNLl0otZun4TzimUSjF76p08/d5alAkxYZZe197IM299jAqz9OvZg/79+lEMQqTU FHJZWjIZhB8w+55xLHj/E7xQIaXisQfmMOOep1Ba8OqrT3PJlT1pSrWiRYqKHVv4ycWXUHXoOFoF VB+s4H995wJa2zKRZze+j/lsmqt/djGfrlhO3hhC4ZFrb6KoDM8//QDdbu5BJucTqhyp1lp6d+3J kfY2GvevYPDQoeREnqOVFQwaMIi2tgyhyCBEgT69y1jy2Qq0TvGf/+dCKnftRQqFFIp8roDvhxzY uoRf/PQaDh5vwpMao1rocf21bNtzBE8KhPRpbW2P0qK1wmmLtJpioZ0brriK//53/8R///t/4O/+ v7/nf/79P/B3f/+/+Ze/+2/89OIuNGYyOCOwOhIOyljCeI+ttQLpNTJxzAQ+2rgboUNy6Rau/dXl rNm8E99JnPZRgWDl8o/54UUX8f0LLmD6jJlU7tlLIKL0vdOhHeSdILA5mitXsmHYZGzOI9SG3JKF rO9aTuALpMoiA8WuR++jeurThEJSCDQNQY5D/cup3bqHoi9wBYNO+WTCkIyWhIUMW3v0Qq/YilNF Gu65mxMz51L0ighRRIRt6LYcras/YUPvMuSx/ey5pRfHn59PVhXw/DaOdBvCwSefwOQKhEGB9Lq3 2Xbno+i8oO7Zh6ju3guvsYVm5ZMy+ajGQNERej5VLz7J+lv74OeyKOGhwyy1xaOEfivrh/Xk8Euv ExbS5HQje558iiW9hqP9IlKGyGwGExQIdBvFfVWsvnkkJiPwmuvYd11X6ndUEPhZpDzBgfIxHHxj Ib712TZsDHve/B2ezKKkIFe5lpU/+j7Nq9eiQ48jgwdw9LlX8D2fVu2T3vgpO8ZNRgQhVXPvIv3x EgJVxAZpsu0NFFVAwYFRjlAZdGsDB4aMJTxURUF5GD9FWJciH7TQ9szT7HzwEWQuRc4UKR7dy76y MpSQtKz9mH2X3ULoBzSsfJ9N13YnfbAKobOoQiMn+o4gdfAYaud2Nl16HaK9AU/7SJ0iaKoj9AMy +zdR03sYqi2DzhfR2zeyruft+JkGwv0beO9HP6SxYjdtKovJZNjbvx9bJ00nZzQHHn+A6h7lFApZ tMyhDu9g+4Bx+KlcFOExhpwD34TkW6r54P9eSNvhY/iBQBea2DF2JIWVSwmLPjnp0/jy79kz5W60 Eti8Q+gQox1KR6n2TU8/yPph4wi0wgUBVY8/SdXDv8FqQ+g0yqVxroCzPlaHaCUIbZTe3/zh76mY dD/K00gVsmRuf/YNfgCpLTo0COOT3r+PXbeOpPJ7v2Tn4PHsW7Msioo+/uKXCHSN0x6z7pnFg4+9 hDCl9GAd7922cQTJUL9nM0PG/BqjA9asXkiv3kPwjGLFopcYMmg4qbxHqItkWmq44pIrWFN5mD07 lvGdf/oeby7ZgVQeymth8tgxvPnBYqRW1Nce4sbru1PTkqWoBFJZlI4yeazMU97rZl5+6SVyyiBE QFsqiycFSrRy/7Rx/Pb9NfhhSCGf4qbru/C7V16lIBRS5Hnxsblcek0/2rM50s1H+R//+D/545KV 5Is+wksxfeqdLF2zgYJQiMBn5R9fZ8rd95Hzilx/xS947c23KGhDGHpkUlmU1Gh16phljGD7prVc eNFPqW9PI7TlyLaljJ8wlYKMUtW1CbE2yhpSWkQpvtqgdI6KXVu59ba+tIUSp4ssXPAKN97aj1ZP YqxCCY90exP3z53Nv373O3S9+Qbmv/YyqaJPqF1UBTius2KsRUtBMV9AeBKt8uyuXMtVV95GUzrN soULuLnL1WQCQaA1oZ8mny8iZZQlpbVEa4ESRUYMH8mCT1fhBxl8bVn1xgNce0N36lJpwnxArq2G f/7//4Od+6ppPlHNjy/6CQve/5iiyKH9Io/Oe4BHn14QpWBboloPKuCe6ZPZsmUTntZ4StPQ1IQM i9RU7aBfn740pLJIKShmmxnYvzcLP11Ca6qG/7zgevZVn8CZLLfccB0r1lXg6yJSNLN66fs89tsF ZLINdL/5ej5dsY5ASJRQpDI5isUCKmxjaNkwdhyuxgsloUgxql9v3v34M4SfpqBCln60kOtuuJ1A CH770Cx+++yr5EOBCAIq9mzhh//yHTZW1MQp0fFcpTVKCorFPKEI0CLN+++8zWVX9yQbKt57+Rl+ 9qubaMwWMEbhVIErr7iMij17UbLAtrUruPCnV5MteARScXzfKq66/Coqqw4SKh+RbeHKH/+C+e+t QIdprrvmKt54+118pZBBkfUrP+GHP/05hUJILtvEZb/6Jfc9+Fta8xkCpdlfsY2ruvWmMZ0lVCF+ GCJFkcrd27jq2i4cPdGENQ4ZehQLOZRQSNHOfXNn8cGHqwm0oO3EIYYNGUlT1iMUglB59Ln+V3y6 cS91ddV8/3vfYdm69RSkQoYe9989leF3P0hRF9m5cxvf//4P2V65DylCpN/CyPJhbNu1P84GKWC0 wJmAV194mhdf+B0FISlqQyqbIww8Ui31DB08kOO19fha4wU5JpcP5Q8rtuD5jfS88WpGTHqATNEj DH2El2XQgL68vuAtisaiRCsLXnyEZ954l1y6gZ43Xcu+2hZ8FaL8Nh58+FHmPPwYVueYc/ckbu83 lNZcAV+EcSZPVNDVnE6gP/r8nykonHC+06GrOors6tMXLj1PSQT6aTA2qj4dpbadWjn4ryFK6Yka no7TsO67awoPPfUsRoXRIkNbQgfZ+gP84B//L5srD0eFpKxGaMGaD9/k3//zl+yvbY4FemdlWKcD PG1Y8eEfmDz3CaySbN2wlIFl5bSEGm18gmIDl112Fe9+vIGWhkNc8L0LWLNqO9IKjA2QsoAwChUU GFF2Bx8tXYWvHUr5PDB9Mk+9+DHKKF54fDbld96PpxVWehzet4Mh4yYjpERpScPxffyv7/6I1vZs xz5pY0EqwUvPPEm3Hrfy6ONPUF19GK1CQgvlvbvS/eYe3Dl1FtOmTWDqhNH84ie/YGd1AzXr32XE iOGEIsNbTz7CpZdezeRpM5kybSKTJ0/k6quu57133mbfziX0GziaIF68ai2jvW7KsHPdEn7202tp SmcJrUGLel545nG63NCdF158jiOHq6L9xiquWG4M0iqy7c3c1OUWNu3cix+GeKGPH2TIhT6fvflb rujSl3S+SFjI06/X7Vx11VVcdfXVlI0cRaaYR6uQBb9/jFGjJuFpj1AJjPR55L57eeSpl8iZqACa 0hqri4R+jprjNSx871369LyVqTPvJVRxRW8n4jQ2F29rcLgghyrUcOiq62ldthKRK2LzafLHq1h8 xdUU9x/BSh8TSrbfN4Njj7+BkhJfh/iFVg6PGErbseMYXcTIAratnpqXX2TV7F/z6ewHWPPzK8mu 34bKtbBj5ChS+yqjPb7CEJoCSvg0Ll3Aum4D2NLrVo4v+gDpSTxPkW09zI5Lb+Hju2azbPb9LJl7 H4snD2fBgCnIYoY9D0yn+rGno73enkEGiqKT0T7vIEXFDT3Y8ujj5IQmDB2+NNgwwLTUsaFsEO0H 9xMogVIhVb97hnU9ypG+QKg28ut3sGvW71k++0E+vGsmH9xQjsuEyCOV7Bw9DNEWEoYK37VyZMIY Ds//BD/bztYLLqa+5jAZoVBKk8udoKJHV5q2bKPYWEfF5RezZPR4Vt/1BEt//RBLpt3JH/oOIsim yK5fzAc39aLi148Trq3EDwVCC5yUUWE8rcnLLDufnsfH/ftSv+AN9J7D2KJBBylW33E7L829kxWz HmDJrNmsnj2HD/vcgSgo6ha9yZ4b7yCUhsOPzGHZDV1YdN9c1twzj48enMPCK6+kZtM2Wp5+kl1l ZRxzGhM4rLCERiCVJrN1K3vvnkPal+SNJb1xCZ8MvoMwm6HuqcfY2nMwYS6gKC02H7Lng6eo+M9L SIWSvQ/cy96n3kX5hkBJivVHqSybhGjJE5qocKKVjsBIUvWHOHDhzyikCnhKUji8kz2390LmsvjK ogJJumYLu4aNIOenCZRDKoVWBisDcrUVLPrxReRWbMDkA4TfQmb9MvZecwOZ1ia0VGx45knmd7+d l3r25OXbBpPafhDnC3RVJYt++hPyu7ZTzLRgsk0UN33K1l9eSqE5i1IBoRVYqdGilWz7blpWL+bg pElUdhtIzfQHvyDQrTVRNXldZPasWTz46PMEcY0FZ+JaF0YQOos0kl2rFnLn7KcItc+HCx5n+IiJ 5KRgxqheXHt1DyZNncP0aeOZPnk8//7v/8HS1ZvZvnEJXW7qR00xRCuNk43MvXcG8/+4lFApmmp2 Uz5sFI0FhXQSrQw6blNG+Wxbs5TbevTg3tlz2b9nFwUZ10eQKaaMG8OirQfQRtNwYh+3XNuVoyda CY3FCEHV1vf4p+/8jL0HjtJ0dDv/ftElNGbSSKVor6vi0p/+iPGTpzFh6kymTpnM2CF3MGb8ZHwp eP+t+Vx+1dXc/eu5HDqwKyqiKQ1Clt5QEUWsgyDD3Lsm8tYf348KB2qNDtsYMGgom3ZUI4ylqfEY 3bvdwHVdbuTqa65n5szZGJ0jm2mky3VdeO6F+fhaY1WBptoj/Pznv2Tphs0EOhqzrZbI0COfbqNi +xaeeuIxLvnVVWzesQ9po8rbuKhAmZEFNu05zMMPPc7dUydxZ/kAfvnLm2nNZEm31DJ2eDnDykex fNlSitkWQh3d6+itEdHeXy3yTJ44nlU79yO1h9Ca9+dN55HHXiDUGitDvHwTF33vInbsP8yapZ/w 3X/4HqPGT+fOGRO4687JdO9+CyPG3xd9dyk9Wwk2rF7BpT//BXfPvp8tO7YidIBUPs8+PJ2Lf3IJ 46ffy9Rp05gxdTxXXXkZr731Lg11+7j4/7H35l9eVle+/z/xveu77urOTU83uUmbdN+kk2g0MY7R OAKCiMook4oK4iyIiqIIiqKiDCo4z3MckXmGYq4BCoqiipqrPtMznGGf8/r+cJ4qEIlJG/NNp3le a51lQeFnPM95znufvd/7Z/3Y09xJ1F7Nz/7950yYdDOTJ9/ELTdOYNzoK7lt6j1s2rick3/5S5o7 Cpkzus7qyy2ucpBhV1zKnvYujFh6Ohr4/t/9T0aMv46bb7yO6ybfxFVDB/OLk37FwaZGrujXn627 69ESIVajdBNDB/Vj5/7OI1LcQ6cPk1ZYvnI10+6Zzh2TrmFI/4v51ZmXUEw0ix++j7POH0N3pBGt 8WkTJ/4VNMgCAAAgAElEQVTklzS192BtwqfvvsK5/YaSaIsyht3LXmH0VeOIdBKyzFQn5/36NJ55 7TOaG6r5zt//b+qbmknEI7pI58Gt/N+f/5SGhgba2/dx7llnsWnbLpRojDFUrfucC664jq6yQUmM spYt27Zw0imnsLtuD9oKVqXE5QKvvf05U2+/jVtvHs+5Z5/Fa299TCqGpj1VXHPdVMoqRtmINOrg vJP/jXU1B/j03Vfof/GF9CiDzubqx68s5Ce/HExjd5GNq1fQ79Jr6IkqiDE4ibh10hhWbzoQasZ9 mvkmJOyt3cE5vz2bm++4k9Xr11OsRMRW89GrSzjjtNO44ZY7uHHyzdx44w387sxzWPLqW1SiFs47 83Q+XLszGH8agzMpn3zyNhNvupmydtTvfpf+Fw6goa2T5R88yw/+5aeMn3QLkybfxG2Trqb/gEFM vG0KXrdzz63jefOTFSjxwWjV2nBdWYNxjt1HC/QHnsy6LRyumc9T3HOOpq8jROZxYJx8KQvneCYX 6MfAelDishZWh1t4/GfXlt42FX1p6U6YOfV2ps9+HDExxlu0s1jrKTVW82/fOYHVW/dgxWO8whjL 0jdf5oc//jV1LZ2ZgYc5/LhSJDVCoauRCy68gtbWNq4aOZT5S95AOYN2KeVyI6eceBq/X7qNQwd3 8oPv/Yg1qw+QuALaFhBbCK2moi4GXXg6Hy1bSdGBkwJ3jBvFwrdWoRzMufNabp7+aDAxUpbNKz9k wj0zMDbFOqF+9xq+808n0l1JggFKZrjjnMGJoa56J7MeuI9+F1/MI4/NpWIsI/ufw2uvvUEkHqcq iIkoa0vJOLa+s5DxYyciJmLx7GlMnjqDkkoxVmO0IVUaUUW2r3uPEaNvJM5Ov62kiNVYY1n20Tuc eNIZFCpFEqdRaRPKJOzdW8f0qbfT7+KLWfj8S8TWYcWSuiDQu1tbOPu0ftQ2tITUdedCupkT3po/ h7MvGk8UpTitSKMKxoQU+ZJSKJtSaG/i7DPO4MwzzmfgoMsYOOgyLh00gPPPv4AL+g+moxwTZ6Zs 1kRYCbX73iZsWbeUf/7eCbR3lRFr0BLhRGeOz5CKYFU7LV+8TdUvf8UHo67lg2E38MaYUXw0cgSr zzyLfc++gdEeZctsuHUCexf+HtEmGH311FM78ioKTa0kSUT3oR0s/dVpNL7yOq7uAKqxjmVnXkBU tQPb0crmMeMo1WzHaE1iUrTtRKsSXa88wcoBN7HiwgtoefENpGKo2IS0eSfVZ19Cd/0+dGcHrqsV 29WMLmhE9bB87FCanlyCE40WT2I8ymft25IeNp52PhvnPkmihCQW0lTjYsEe2scnQy6np2Efxhq0 9Wx58l4+H3Y1JhLqXnuCjy4bhl21C916kGjTx6wdfCtJOaZr6+dUXT0a6QlGbyJt7BvRj73vfkFa bGXVD/+dlvoDFJOURGsKzTWsOe1sujftpNzcwJYzf0m6cjXSUsF0NmHa2/HdMTaOqaQFdNMBWp99 hlVjJ7L8/oeQOMJpjfEGow0mFXQUkWzdwOYpd/D5sOHsfWclvtzBqv79SPdsx7b1IJ2tVNq6kZ5D lJWn+pV5bB9yOdZ6dky/g0N33EHc04E6WCLp6sK0NeCjhPYHHmLv8LF0O4VTLqR1SwVnLV0rPqZ+ 2t3YkqFkHK3vv8q6wYNIIsWBWTPYOPh64qhCxRp0krBp7j2s+tlZqHJC9S0TqX52dZbGmBLXb2f7 2OuxPQnGWiIf3PCV0zRXr6fm5JNRUYKWlOKedWy99FJcpENJhlZ0bF/G+jHXEkcVrPYoEZQxpK5M 3Zw5bDjtHJYNG8H7w67nvZGj+WLIcFb85ER2vvEGJWPQhQ58Vzu+pxHbUUJVPJGqUHfXnXz+qzN5 b/RIPhs5nnfHjOKjkVew4dRzObR0LYmJkViTKkGZFKsSXKood9Ty/r+eQl2/cV8V6NZknh0J8+fN pX+/QRQSRZo5gnurcLpE0VoSk/LR4jnc/fCTlGzEgvtuYOKkmygYxaQrLuGRR+ZRsBqXFEhSTVkn iDasXPoBA4ZeR5vWOO3x9hDXXT2aT9btwIimYedyJl5/HZ3aY1wSjLmMCyLchpZvHa3NzJ83l0H9 LuK+R+ZhxWHTHkaOHMn2xjasaJr2V3P+WRfS3NKDEY/TirUfLeS7/3IKtQ0t7N/2KT85ZTDluIIT Q9fBWi767RkolRIrQ6qDV0pqsvp3G9PZ1c5jjz7M4H7ncefUB4m0zlo6gtjgl7Jh2Qf88mf/Tr+L L2LAoEEMGDSIgYMu4cRf/IKx4+4gNoJIhFEtmNQRaUGpMk4X+ODtV/nXE07ggosHMPiSIVx2yUAG DxzAz376H0y7ZwapdRijEWvRqQleIVnK/FXDL+fa628jFo/zSRA51rJp1SecO3AUK1avIo26+Pyd 5zn93Evp7CkgEk44l378IdePG81Zp/6Kqj2NKOeCeZgL7dhs3Mmk665i676DGBujjWbuTRN4fP4b WfCmQrGziX/6ux9Sc7CRzz58i5P/7Re09VQoW42ohCgtUdIu+J5AFmgwOKOodDfz1FNPM2zYYKZM m0ZiNLOnjGfCtZNJrZCkCqUUqdIkRti/ex2n/KofjV1lKk1VDLlkKEWjsZHGahc6OugeNqz9gp// 7Je0dRWwTuNcFESgseiuGi7vfzYHeipo0XS3NfH9//UdGlvbSI3FKBWCBVKivaOFi86/jKrqA1jp wRiNKu3g/AvOp6Gj0Ne5xTmLMxEvP/c0I64ax9ZdtUjUzYsLnuR3w64m0sKjUydz6dDbKCuL1RZR eznhhyfSWtQYk/LWi09x5Zjr0Tbcg1e/OZ9rxt+MOI1XHomaOenffsEbn67n4P5avvP3/0pLexuJ 8TjbReOedXzvR/9KS/MBDjXt5byzzmNf0wGsaJwxrP3iTQZcdTulxJGaLjZs2swF/QezeUd1MM61 BqvK3D/1Dq67dSYtzfuIKt2MHTWWz1esQnlN1fqPuO7m+0h0hcRHlIpN/PQH/0R14yE+ffM5Bl06 hIIK14NYzZvzH+bUs66iK0nY8NnvGTh2GqmN8dYiVrhhzCC21iUhq8SHLBTngvFpudTD80ueZcSw K7jmuok0FUp8/Pxcpt41jQ4HOukhVmU6tGBtSlJs5bRTT2frvqZgAmc93lpKlUbGjh/HwcZ2Jl19 Obfd+yTWpHz82lzOPvtKyqlGacGbmNgIJWORqIk7bxjBym27+2rOvQ1tXo01KCdfEeitMx4P5sFO +uZ6bhKXcyRHzonQFUTQLiubcHl5RC7Qj8Hq9RtZs3FLViMXDGz+PIFu+3rBvvPsHO6YMYtUfLbZ SfDWUmzezw++ewJrq2r60ivFCq8+M58Tf30hraXQmoOsfZn3FusVXhms6WHQ+Rdx5+1TuGTICMpK EGfQTtHV2cDJp5zBFxtrUWk7v/n1r7nuuruJTQkjEYWezmAyVenh/LNP5oPPllIWi9gSY4Zezlur q0gd3DVhNA/NWxIMQ0zC2y/OY+qsR3FWY0Sza+NHnPB/f0tZZ/1XrUOMIU2KlIs9iFGIUaxbt5Z+ AwZSiBLunzKJiy/uRzFRQewmMW3dFYxzvP/cY4yacCdWHFXL3mHQJZfS3t2NMeFkcH9zazjZLrXw w3/9MY1NzSirSI2mpa0TZRyfvvcmP//5qXR3d6GtJu5poLurHSsGbyOqqjZz1nkXUVLh1F1lrrft h5o587R+tPREfQZ/zmnEO5bMeYD+l92AMiFy7MRibehTbcRhjeGLT9/mpkl3oLTCWo9ImkWaFQMH DWbpilWU45jXX32ZcrEzCHTjcSbhw3df5Sc/O4lyuYPutiZKiUJ78D7NHI41jas+YukVw2jZtgxn DV4bnOtApJt4z0a2XHMThUTjXSfbr7uBPfNewKoyWgxx4SA7Lr+SpGEviU6pWraIg9/9Z4pdKUal tFW9ydsnnULxQCMqLrHrptupfewxdFqkR8qolj20xYc4MH8G6596m6R2I6tP+i3733wfMQUqhWpq zr6Abc8vwCeCr1hsd5G2JCVOi7x6xtm0vvIBTgzGQWp96EPuDGVTYe3tU1l35bUklQoFKdFTbieq FJD6nXxx0SAqzU0orelysGH2XawZdxs2FbaNGceau+4ltmWiyn5WT7+Fbbc8hI8rFN5/hX0jxiCp Q3uNxG0cuOhMDi5fi7eKlaOGseuhJ7BxO7ZrP03zn2DLCWdQ2bmf9rTMmn4XceCJFzBakUiJtNBD MUroFKHQ2oFRMWlcRKJaXj7nXGxzC6I82pTQUqBcaSdt60EZwRUqtC19njfG34gvNNJ0771semAe vlvjEyGNuomaavDaU/vwbPaOvwHjYM9bb7D91MtpbmggTVKU1iStPRixlNYt4+0zz8EXWkldmbJu p6cU5lXH0o/ZPmUKcaWCV4amF56mtt/l2JIh+vxDXvzZmSS1O7HSQRr18OmAgax9diHORNRePZb9 X1SHVjsuRW1dz9aJE/GRwTqIPUFYakXntnVs/cXJdFbaSVSK62hk2+WjSbZsw5gipbSDgzffw/r7 ZxNZh9ce71KMi+ls3srO35xH2t1OyVeQuI2yj7Gui62vPELd8NswcWiRF3twklJ0mpI3qJZq3rng IlRzM0ZifGJCuzYp0fX5UrZNuYuCSti7porOvbXEUYorCYmJiPbvZvG/n0PDVXceI8XdYTNj0IP1 tfzqpF/w3sefE5vQwtFaxZ66alZv24kSzZypE5m74BliG3HzqEu54867KDvDq/NnMmz4aApKIapC kmoOtB3CpppPPnqdqydNoyfzv/CmlSsvH0RNcyvWwZ5tqxg1YgTtUei17IwNPhdiiSplWg41YVSC 1QlJpchFV4yjlBhM1MbwIQPZuKMmlL50dHHO6b/h7XfeIbWCMRVun3gtQ0ZMpqQ0W1a+x+kXjEap 0LrJVLoYM/wKVq9eHbKKjKVU6KazuweVxJQLnVkGkGZ/7TZ+/ZsL6CrH6N6+tcZQ7mnjtN/8hgUL F4SWei67f3phy6ZVnHveebR3lzCmjFhNokMQx0kBVSoyevQQtm7fTSqqr0ZRrGHPnj2MHDWennLM zp1VrFm9Aq0UYkw4zU1LXPi783l83hIiE9pqeZfixfLacwu4++H5JComjgtcd9UwzjhvEMVyhda2 FuKoHISUSnjkwQdY8voHISAtoU94EOjdjBl1Bet2VGMkRVnDrWNHsPCVD7Pe54quQ/v57t/9kJZC gfqa7Xzvf32XN9/9MJiUqoS2jjYKiT7CoV2wOqWlqRFJC6QqoVDo4uRTzqC1vYctq97hvHMvoqsQ erwrpTnU2kasNDs2LufsswbRVozxqpXTfnUan69djRiDtpZClFIplWlvbuS3p5/G2g0bEWeCmVyh jEo1lfY6Ljj71+xp6SAxGhWVOO+M03nvo4+IdIQymu5iREd3FyqNuP7qa3j25XfRuoTWlteee5h/ +Zfv01woHW7l5QSTlBg99DLefP/3pGJRpQ5unDCeUTdNJTaOR6bdyjkXjaC7WEJrxYdvP833TjiZ bhvcz19e/BSDLh+BseEU9s0Fs5kw6a5Q5249UcdBfvp/fsryDXWoSjc//tGP+P3HnxJrh9EFXn7h ac65eDBpLBxsqOfCi0bQ3hVeo9iU37/1EiMnP0CsFXtqNvCLE8/go8+XoyS0stRGExU7GTtiONv3 NmFUxJ663fzyFyezccsWjDNsWPE+46+fTJxqUrG0d+/nO//v33GgtYN9uzbzf773fbZX78VaQxSV mXj1OB575nW0S/j0rUWMuv0hUh9KZ9JUMeLS8znQpY7IujQYk3Ko+SBaJzgx6LTAjTffxoYd+2ne 8wVDLhtBbUsRozqCCe6hNrSOiUrtnHHmb9nb3h26MojHiwXXxZQ7bmLKzbdw3iUjaenuwdqIpsZ6 fv2Tf2dfa2gX6ExKU3snneUYXWnh+tHDqW5sDR00pEJ7axPlchwyMTxfEej1t89ArP6S63wu0HOO pG9OZOusNpqmtnY+/uxzjDG5QP9rv4D/ijz34issfO4FTNYGB/58ge6cw9uUPes/4bpb7qbbhp7o SaWTxQueZsGjj/C9f/4Rd907i+dfepGenm68CLPuu5vh195GxXicDfV0QaBrUi94acdZ4bm50/nO 33+H1z9ahckir6loWg8d4JxzL2RLXTNOSqxY/jEXXDCI+x+czuNPPMm4sddQjAqIiXl2wVyGXDmC Ja+8TKVSYOyYMazavQ/lYdLVY1ny+ntZm5YyT82axuwnFiAmxUjKus9e5ddnDc5Oo0MbKWct9XU7 GD92NLNnzWTRwoWMGjWK++6fQao1B/fvYvCggdx4y+0snL+AqXfexbynF2NNzJKnHmHi1AdRDmzc zq2TJzFsxEjmPfE4Dz40m0uHj6G9UMJZxdSpd3DxxRfw9IJ53DH1LsZcPZFKqjlYX8sF513EvdOm 8d7777Nr82rGjx3DQ7Nns+jpuVx7zXieWPhMSJe0CiUWI57W5v2cdXZ/ehKDy9rEhf7zjnkzpnHl mFswmYuuzTalvY6The5uBg/sz5pscytO+rIIvFU8MGMGkydPplAocNvNkxk+dAiPznmUZxY+x0MP zODSQQP4bOlymg5U8dMffY93fv8Fset1vFfYcpH1Q8bx4UVXYAqFcJJkHQUfEYnCdh1iw4WDadxc h7Ud1L/8EqsvHsaehS9RbuykpCrsmXQja669iT3vv0Zp/1Y2XDiI7dPuYMczj7J7wm18ePYFmLYu KlrTs+wzPux/GbsefIz6R5ewZfgEujevZu/Mu6l7awMlrWjfV8OqQRfT8OmH6FjY++rbrPntmWx/ 5Al2PrWIDRNuomPrFuJiEy+dcw6tn6/ua8tnxCPeoRIhjhXl5jp2XXo9VTc/yP7HF7L21ns4uGIt escW1g0czsGOdhKtMYljx73TWH7bTBIj1L35PCvPHUnt/BfZNfMxVt10I1vmLkR0mQOvL6HmhluJ TBDouquVNeecysFNm7GiKLbvpLr/aNZfeTWr75jM9tum8dIvTsM0tmBcRNPnL7Jq6GiqZz1OzdNz WXf1zZSXL6fS1UDVlTewa/pMahYvZN2d09gw8TakHOMSh3WKxMY0f/4pK8aNZdfTD1L79CNsHzGW ze99hjYlums3sOzCQWy59XZ2vTSHDTdOo3rBEsrWsfmRR9l7zyy0dajWemrHTWTT2GvZ8/TjVN03 i91T52IrMUm5nepp97Hs+luoX7iIrffO4MAjr2PSlKi6mo39rmLzA4/TvHMHB+c/xb6rbkBFBltp Z/3d01kzbgJ75j3Jxuvupu66qcQdHeikyOYbrqW1tgXjFU4ntK5cwfIpt+JVMLEMwbognFRnE2/9 7lxW33Y/Bz9dSaIqNC5+lY9HjmfPk/PZPuMhNg0YS8fWXRSNR5TNyjAUu6bfxqqb7iTSCUVnSH0p tCxyCeVDm1k/bDJpaxltQlaO9YK1IVOg+r651M59itRYoqyllBJH2aXETfv5+OILUNXV1Lz5Cjsv HcDW6dM58OQSap58iBVXjeXgw0/Sev/DX24P9C//EXp4+2DK6HXCyi8+4sJ+F3P7lKksXDCPe6ff y5Chw3j/8+Voa7njuvEseekVUh0x8pJ+3DfjYSrOUu6s4Zqrx3DNpNuY/9STTLt7OrdNuZO4EvH2 W88y85GFRFmmlrOdXHD+OXSUuxAHPR1NXHj+77h16r2sXLUOa0xo0eWEPXU1XDHkMu6bfi+LFi1g 8qSJTJv9ZMjE0QUWPPYgF/cfyKIXX6PYE/HS4icYMuRS5jw2j2nTbmf45SPZVXcA7SyrPn2bAcMn YbRkp98pn370Pueddx6PPPoo8556ipEjhvPxp5/RsK+ecVeNZPr0+1i4aBHjRg3jxlvuoaINKmsf 6I1m2ecfcMZvz+dQRxeJkT6B7p2jUmxlxMjBVG3fg0gFZ13o/mEUolM+ePc1hlx2BcpqEusOG62K EFUixo+fwNqNm1m1ailXXD6YyZMm8tS8J1i4YB6TJl7LtWOupVhJSSW0yMIrnLNUb9nIqWecx6xZ s3jooQe54rKBDBgygjhNmD17FteMH8eCp59izuxZXHj++eyorQ8ZB73t7XB4m3DPtDu5dOgIXnzl ZXrKJa4aNpg3Pl6WtaxzHNyzjf/9vZ/QE6WYpMKieY9zyaBLmfPEE8x99GHGXzOBvQea+/YTToS2 lmaGD72C2Q/dz8L587n99tu4YdJNGG3RaTsz7p3BqFGjeWr+AqbdfQ+XXzGUg82HWL9yGQMHjaAY pXhTZOGCZ7hwQD/mPz2P2Y8+xqgxN7JjWw1epbzx8rMMHnIZsx+ezZyHZ3P7nXdRKJZwusA9U25h zISJvPXB+2iVsGrpUvpfcgkzH36Ax5+ax7hrbuGD33+K2JTN61fy6zPOZ+b9M5j7xNPcOmEcJ570 K9pKleDbQNZ+y6a8/8ZLXDxgEI898TT3T7mVSy48j7tnPYFxjg3Lfs9Pf3oyU++6i8efeJy77pzE r8/tT5cNKfi7tm/mxJ+fyIMPzaGqqor5j0xnyr2zMQ7Eeg7V1/GzE/6DDVv343SZT3//LpcOvoxH 5z7OgzNnMmDgxSzfsh0lnn11VQy96kZ6KhW0tThX4fUli5k+ZwmlqJMxIy+j34BRLFj0LPMXPcvT C59h7br1WBXzyMwHOb//lSyaN49775nGmaefSdX2LRgxlDoOMHjwxdx77yw2b9tOc2sN3/37E+gs VVBJhbun3sGVw0Ywf/58Jt04iQkTJtHaU0abiDeen809jy8hyUpCypUKgy88h85E4cRkgQRDqdDD DddP4K6pU5n/9Dym330X102cTEehhFNd3HXXXfS7bCTzHnuE2TMfol//Syn0dFPobqf/pYM5VCxn B0RBoHsp8NE7r/Dj73+PBa9+RGIjYhtMal9c9DD9LxnKnEfn8tichxk64ip21tQSFVsYN3IkTZ1F rCRElRYuPO9slix5JZh+uq/WoG+7/k68zURWLtBzjsHhsoeQaWyssLu2jhkzZ4W21LlAzzma5154 hUWLX+zbUMA3F+ihlUyoNRMxqEITI0aMYm93GWNSVFRgzcovWL1iGevWb2LZqg2s3biWqFLGac3k yTfw9qcrQiTfakLfTMDb0L/alfHOkpSaWb9hLd2pwfjQbkY5IYkiNm/eSkek0DpC6wpJElO1tYrN m6tIkiScOBmFMTF79tSzafN6EpWwq6aGzigNi+/u7TR3dGXp3hENtdvY09SC0wWU1bQf2seGbXUh mtp7IiQO7xQqjdixYwer16yhpa0t/N4JohO8s1TX1LJ27Xra2jpCL2xJaWzYS03DwdCOxySI1bS2 trNpwzrq6vYQWwmbURGcKDraD7F69UoaGg+ibDjNdqKJk5hNG9azc8d2rEmoRBW2bN/B+jXLaWs7 FE6UHDiTZq3qhDTpZOPWbaH2MQukqKzVWlPdZrbW7gvv4avfOIWeTjauX0+iSmFz5+PQh9iFPqtt rS1s2riBJK7grCKOI7Zv28Hq5aupramlkiakxpAUm9i8bjntPSWUB+8TvDOYSgm9Yg3Rrhp6tOBS j1MebYVEPBVdobh9E50HWzC2TGIizP4G0i9WEXWVKEtKpA6hN+8i2byDYpJQVjF6w3rSqq0klZiO reuwKsVGJvSpLnVgV2zGrNqELrQRmQKl2nVUWiqUxZKqCupgPT2rtuMiIdUaV2xBr1iLWbmFtKcp pGXGMV3rNmDaC6FFlz/cz1dZR2osFZ/g4yLpjl2YpeuRg80UdUrcdYhk01oKKiWVULMe1VRRrj5A 0Rm07UT2dRItXY2t20epaT96XzOpTWhtrsPs3hlca71ByhXiFe+TdncjrkxS2Y+JEgrNrcRRkfbl H/D6Kb/FdEfo2NJle0i7utBfbEWvXIduayGyZbSN8MUiZvcuOld+gdmyB6mYYPokCiUOqy0m1pS6 2lFrl5Ku/Azd0I5LHEYJyiqSQg+6ajfJ8lXIgUOYOKHHWbr31lJp2IdOXEjTTnuQ2mrM8lVI7QF0 OUInhpIkFHWJ9GA95rOV2LrdxFqhJUJLgjnYhl6xDnWojXR/LdHOrSiXIBKRpN2ke3aTLluGq91L KS1jYkEnMT3Vm0krCu1iJElIDx2iWL0Fp9K+ntleLImzKJvgC61UNmwlqqpGWUPJFTCtjZS/WI/e sJGkUiJVhqQSWh9FTlFJE7o3ryDuPojJWvu5NMGnkgm+Lko1uyi3FUOKtVcYZ0MJUlnRsmU7qqcn 68vu8EaCOZUYrI4oVW2l0thGZGJM0oCu2ULlszWoNRtx7Z2ITmh55FgmcVmrIw/eplhTITGKfQf2 s27tCur37yM2NvS7toa6bVtpbmnHmpSdW7aw/0BL8OuwRaxOqG9oZO2GNRxoPBic2LWhqXkXjQdb sx7nDmfLrFuzEqVjxBmstpRLXVRVbaW+vimkvUqK0QprNcZoamtrWbNmDQebmomza8pLgpiIffV7 WbNpK1qZkHpd7GD9hk1U1+wkikLduxJDR1s9a2oPIDqksFsb5nCxWGTDxo1s3ryZcqkUAo7WoOIy e/buZeWqNbQ1N6JM6LPsvAulOFqzt3Yb9U2toYWluC9typ1JOHBwN40tnaF8Rzziw/3AqIid2zey f18TJsuyOdzLPPRU3lu/j/2NjYikiCi6OjvYuGE969aupKuzGdEebR0mE9a+twe0VnT1FFi/bh2H Wg6xb38923fXYMVgjKKjo521a9aye9duokp8RO93d0Sfck2aRNTta2DTli0kKmb79k0c6urB+9Au M+pp5Iu1a0i0xWmNk4Tu7k7Wb1jPzl3bSFKFtvZwaqcIRqcYnbB9x1bWrl5HY1MzxtgsIJUixtDe 3saq1WvYu68htBY0ms62FnbsrA5+JibFiqVYLrFm9XJ27d5FIUt1dyrFmQqdhU62bNlCzc5q0tSE 06SIgwUAACAASURBVGjR6CRmx+5qdtTWho4mxlKuFNmybQMbN2+mu5iE68uleEnoiRI2b9jMnvr9 pIUSGzdVUVIWEd1nsutEI2mZppYWVq5ZR7mnnQP76tjf1IxxGrExlbjM5o3r2bO3hjSK2LhzOyUR xIZytmJ3O6vWb6LhQAMNe3dQ23AAm5XOVXo6WL3qC9qKadjbpBVKhRJbtqylautWKkmF2IW1oFRu pGp3LamNMVajbYXWA03sbeogSstsWruUz1euZe2aNaxZu47Va9ezr6ExpLkbxd7GZjauXk93dzfb d2ygGHWE02FJKJQ62LRxO82th4jiLtauqiIxYR/mTJnuzlZWrV1PQ0M9kbIY63G2QmtTNfVNnSgn eO9ItKZq9Woq1iIm83OQMOet1jTs38+6tWvZU1eH1ilWEkRZrFW0d7ewYe0Gdm7biU4V1lriNGHb rl3Exh6+9lwInMTFDqo2raMcpRiXUpEIYyOUrdDd2cXmzZuo2rqNKNVoa0M23Y7twRPGaawtU7V5 Pe1tnegsiHW0QN95wxS8DbXqveTiPOdI+qaDl5Al5aC6bi8zZuZ90CEX6Mfk2xLoENLXnBOMB+Mc zibcOGEcc194G20NqVE4J2hJsU5nRmUJzmjaDjYy+fZbaY/SkG4paYhM+6y3ugjGhw2IdqH9jhGD zXqsKicYZdGJJTYWa0NPb2MSTPZnyaLVxhq0TnHGILYcaotccNm1uhI2MRLMWlKr0SqhRxu8dJB6 UDrUI1mrstNin7UjCgY71graCspYrAk1fTa78Yi1KBPqlKwNZibGSnZaFDZ/VgQRj7M6pISLC63o jMJkhlyHa1YEbTTiBGNV+EzEoKwOfZOzwIFzhiSro3I2RUv4t+IKRNYQW4M1YSMRZy3VnOohsSHd 9MvR4N42EQZjbXgsJ4g3WR912/faxJq+XufiHNYIPlYYIySZ94E3GjE6vGZr8VktvLaSmV0Jnc7i jA3i3IFRFiMK40K6pzEOk1gk1TjdjVEGk1iMrZBaS1k7TCqhn3pqsJFFpY5YwmlYKoIVTWJTKsaQ uhStNMqmKNeDWIeYFKcTusVS1sFMLDEWFRmUSkmNo8cZXGKJxFFwoW7ZZUaMvSLIiASBlola0Qmi UyIx9IgjlQTjOjESzLlisSRSQuvwOkUiiloT2wqx1aQ2BFuMCKkoEtFhY2cNXhlKtgWrNTaK2HL9 KD5/4EGeHXcDO199llUDr6TtubepaKGsHZI6UqtIjCU1glbhdRrtwgmyERKlqWhNyWgi53BKMN6g xKKVoGOL1YZIbDCTcgZjHJJ4yiJhE6QsxhqsFmwsmMTQ7UIrMNEOSYVIWyoiJFaCMDKWogixCaZm 2ihMbDCRYHyZxGlsqoPXhBhiMRStRkwJYxWJpJRshUjC6WWqDbbiManNenw7ElcO7f9MgrGlcC26 IM6908FJ3QlaldFJgk0ilLEYVUF0iURZuo1CqXBdpxIEoLIWrVMqJrTN0lYTS6ivdjrFWoc4hbZR EFxiMVbjY0eqBZtYlLVZFsvhNTGcEoVrLrI21NGmjrLTKGuItMEqiyhPoh2Njyz8ag16tp4EYRhM 4bSEdcjbULJiXOhh7XWaXYchTdtI+N5TscFMyYT/XzkVrnkbvm/jwibf2krICLBpVossiKtgrMuM HGOM9hhJMa4STDAz0zLJ5rg4Drd89JmzsglC0IrKSnEMxuhsLVY4k6LEokxMt3MhEOqSzF1dsvaR IeAhIkFoWxO+GwnXgLMm6wlvw+vSHqN08NZwZPMk+06yz9NqjbYK5RTOSvi9V1m7tbCeW6uwve8x C+I5cRgV7hfiTGjRlgVRrbFYo0P5gQ7lCUZUFij2GOfQxuAkC25IbxDXZq3e7BHtMsNae/Q9v1ek O2uDm76xGBWHtdw5nLdEHrxqJ9JJqJ3WBmsrOBuHtHNJg/B2+ku1l07Ca1dWYXTI5DLGI9YT+3Bt i9V9a5oVF8xkJdxfxKhg2CqCMRpnwlzT4hGj8VZlZl7hXum1x1qHdi48lg7vP8m+V28d1iRZEETQ 1ofUZpdm5WAh28I4h4uDwWpsNU5UqKv3hN7uJsYYE+5bTuNsgliFuJDV4F0S7uEuxcSW2KZUtEJM TCoGp4okYtE2xUqKduH7FhehdURiCkQ6lNlZSbFK46QHZ222TzBYU8FKAW0N2oVgvxKD1wolCcpa vBZSV+7zGghtbMn60AevIEmDEaJ1RYx0Y02KtjFGZy7/kqK1RqygnCbyDm+LWF0M91Ibh+tOe8RG Ya1XoUe9+OBJoCJL5HR28OCzzJoswyYLiooVrDXZXsOFn0Vhe69RF/ZZqe3dU5ns2gvXkmSHFyIq PJYolEkwNg1mdtmBiHHhvhzmZ7a3dJkxnNbhM7Y27E+c/YpA33XDFLyxeJML9JxjE6aDO6LbBlTX 1TNj5sO5QCcX6Mdk8Qsv8czi58NN+ogJ8s0EephkxpOlTFo2rFrKzDlPkWoTNn3OYZ1GfKjXsV7j rGFnVRUvv/Ea2oPzNtQgZ6/Di8dbj/ahNY3KzDhEVBCFniAQM8GjrEbEZ2kjOiz2vaf7rneTGzZS ziaIC+2DvAs1fC47QQ61maGFSiwO54poD9r4IJJFZzX3oQe8ZCZ5ztF30+tNGbS29xRODt8MrcmE PXjRIe0lE3Iua03nXLYhEsHbEGm2JnuO3pRyZxAfehUbsYgLrUBM9nm7IzZ/VsLJiHW9KaQRqUjY fLhwQt97gu5tEk6LRL4i0L2XvueXPnEeshlc9v7cUSNsEj3ehs9A925qrWRBh3By7q1HPGgf6u+8 8dl3qDMxAsZbnA/frRVNyUGaid7enqpGfPizdpje4IFR4WROFGXvMMbj0vD+e934pddVPnF4bfFW hXpVH04KxGl0KqG9kRGKXuGMDaZVTuOVxluDFZWljYaSgb7TseykIPIQZanFktWoexXMbbyLwwZF TGZSozHWZcEgg1OS1aL6UENnw1z12oX0XeP6nqfdx9jssyntq2Pfo7N5+oTvU3fTFHa/v5TYVrA2 xXiLeIt1Md4kxK43UOQxWaDMutCbvuxdqJN2Dl/2iEvRPgQ2vCtnvhIebUNGhfIS/AVMivVJOCnz jsiDtQ5rw89e+74AlFiXCSWX1QIK0jsfPBQ9JA6ccohP0F5CIM4nQWQpj41CZofXkm34XMjC8KCN UPaQaodoj4hDuyDItDMkXgVvjl5vDWew1vVds4nTaKdCPbJVOKdC3/IkiA0ngngdSnWMQ3uDNVnW jTVhfZJQHhA6F7g+czSTCQ5vPEY8ZW9wqQ7zNBNxxh9u0RIcpVOcjbJrMqTka61RYsP3Jpb2h+d/ RaAHMeay9TucDtvModxL5gruCMJTp+G7ya5d4yzGaawPcyVcyybMpWzdDetoOVsLe4MRJnu8IECM dThJgiGd+CBKXZpt1m32nIeHExXqmT194jOsc2HzHoIOJls3UrworLNoG4JKvlc4ZWvtkaU7vf89 HPwI79dZG67FrOe4mCBwXbbm+b5ATibQIas1NBiXBnHuDHjd9356N20uC2731WofeZLubDBXE3eE 0M0M1xzZZxVO532WqWN9+IycE2zfPcb2BdHDmtx7jzr2vdxna7/0ZYplKbwieC+kHnwW4BYXyrxE kvC8VjL3//Cev9wDOATPJbtejfjwGsWT+syoToIY6i0XCK85a00kJpRhucyZPbuOwj3H4EVn7633 PubDfsD3ru/h8zS+93t1WYuvLIvMOZw3fd+r9dnjZ/cjcSEg6Z05fILuBO90VgrmsGJCYEkO38OD gV+vx4IPAUaxwQE+MyRU2bw10vvaw/1MJEVL3LeH0lbhrAEf9QXYwolxjLhgHKt7g1Xi8KLDdSbB E0P7Unj92RyUvo4E2VprwgGC8wnOxyG45oLPTNhTqWwdDHuJ8L3FOBtlewkdPj/jcZJmho3Bi8P5 zMMmEbTTYV/UW2Ljeg13s9civWaNLgtUhbVUnM2+72w/5XsDZPbw/iTbg/WZF2ePp4wEY67s2vU+ y3DrvYZ9Zvznsj2N+MyUMQsQHcMkbscNU/oCcH3XUC7Qc75CWP/wYc9bU1vHAzNn991zjmdygX4M 3nzzTV577bW/2ATpPZX4usd22WnyH/t3OTk535ze08Eoihg0aBClUim/MRxntM9Z9BWBnpOTk5Pz x+kNjB4t0HfdfG9fm6z8fprzpyAi1NfX89hjj2GPKI04XskF+jHQWqOU+ott1A9HQv/w4/+x3+fk 5Pz59F5nxhiSJMmNSY5DcoGek5OT883oqx0+SqAfum/ul7IFc3K+jt6Sqt69WO/e7HgmF+h/gCNF 9F/yOb7u8fOFLSfn2+Xo66n3z703h96Rc/yQC/ScnJycb4aXYwv0tgeezPewOX8yvVnDvfMlF+i5 QD8m+YKSk/Pfi6Nr/3NyeskFek5OTs43o9ez4isC/cEn/9ovLSfnb5pcoB+DfBOfk/Pfi1KpRBzH X+vpkF/3xye5QM/Jycn5ZhgfTGRzgZ7zbZDvww6TC/RjsHPXbnbs2p05cDsgnyw5OX/LfLb0C+57 YCYd3T2Zc3xwu8ULEBx0X3ntTRKtya/344tcoOfk5OR8M6wLXUCOFugH75odHOh9fj/N+WMcbmfd 1VNgw6bN4W+Pc6GeC/RjsGjxC8x/ZknWuia0YfmmfdBzcnL++nz42Rf0v3wE19x4Cy+98RaFcjn0 oTWh7VJsLCedfg49cZq1Bzq+a5+OJ3KBnpOTk/PNcE6IxX3Vxf36O/FisM6Etm5ZK8x8H53TS99c 8NLXfnRXzR6m3z8zP0knF+jH5JnnX2bRkpf6em1DVmeTryw5OX+TfPDpMvpffhWXXD6KS4aM4Orr JrNyzQbKlQgrjthYTj/3IkqJOiJzJud4IBfoOTk5Od8M64Wic+zKBXrOf5IvC3RBxLG7rp4ZM2fn Ap1coB+T5158lYVLXg6pO87hAfFh9C4w+chHPv52xvsfL2PA5WMYNHQcAy8fzaVXjuGyoWO4buKt 1Dc0EWnLGedcRDlWOMkF+vFELtBzcnJyvhneOkS+muK+6/o7cUbnAj3nD9I3F7zgnGDFUb1nHzNm PtzXZvp4Fum5QD8Gz774GjfecRcLnl3Ms8+FsWjx8yxa/DzPPLckH/nIx9/YmHrvTC65YiyXXDGW gX1jDJcMGcXQUVdz/4NzuKDfIMqVGGvluL4pHG8cLdB3/sOPaLv/8XzkIx/5yMcfG/c9zqH7HmfX P/7fLwc6r78Tp1LEW5yXXKDnfIVjCfRdtXu4/8HZaK2B47sOPRfox+CpZ19g9IQbeWzefB57/Eke nfsEjzw+j0cef4o5c5/MRz7y8TcwHn18Ho8+EcYtU+5h4BWjuaR3XDmGS64cy8ArxzLgspE8+sQi TjzpVEqlCGvy+vPjiaMFej7ykY985OPPGzWT7sJbnQv0nD/IkQLdO4eIY2d1HVOmTf/ajjvHC7lA PwbWOYxz2My0wHO4Bj0f+cjH39748NPlDBgyhgFDruKSy69i0JVjGHjFVUyd/hC7a/ehrSDW4cRl J+h/7VUo5/8vcoGej3zkIx/f7mi5by7iwsmocyHF3flcoOd8Ge8Jbv8STtCtc2ibp7dDLtD/AHlr tZyc/058+MkKBlw2hkFXjuOyYeO4/qY7ef2dD4iUDkE4cXiRrC1Mvok4nsgFej7ykY98fLuj5cEn sT4TYNkNNb+35hzNkfPDA867fI5k5AI9Jyfnvz0ffrKUgVeMZMTYCbz29vtESoUMmWzD0Bvhh3wT cbzRueBlqn9wcj7ykY985OMbjN3ZOPLv2p9YHO6luUDP+Rq+KtDzOdJLLtCPgfccleLqwFvweW1q Ts7fIstWrOCpRc/Q3NaOdYLzval3FnGCsQ5xIM5hRfA+z6DJycnJycn5Orz1GCcoJ3jjEQfexHid 4OVwmrInF145R+PwztKbsWwllBVLlt6ep7jnfIVDza00NbUgIohIEObe5AI9J+dvlDiJSbXKauKy YJsPP1sRUiOs2VBFanqFe36t5+Tk5OTkfB1ePM4Jxlm89sTWkTbuoWf7NrwNLUt7xXku0HO+jOvT Vs45tLH0FMvU72vIBTq5QD8mzz33PM8+8zwiLmzUvc0mkf1rv7ScnJxvgHOCsRpjNeD60qqcE7Q1 VJThl6eeTTFKMZIH43JycnJycv4YLruPOtF45Sk6R/3ieaydOBmvpU+g56nLOV/hS4efDiuO3dW1 3D9jJtYGvXU8i/RcoB+DJUte4rnnXkIkRP++qUDvdZAOaRzSd2rns3rXvqiiB+8s3mW/O2r0Tt7e NJAjazaOSSYuep+j9zkPP8ZfZsJ7cXiv8F6C8ZZX4X3n5PzVcYjYLznKhusuzNXIWE797UUUE52f oOfk5OTk5PwJiAdnLFYU1jg6vaP5uTnsvn4iXgnOSvg3f2zfmnMckqW4Z5rFiqO2rp4ZD8xCJHdy zwX6MVjy/Ms8+9yLOJctKL73FP0/J9D7FiXnMvEt+CyttrfOvU+gizmiFuOo0ffcXxbof3Cxy15n 3++/JPD/cpPdG4f3FZwziBO8r+AlzzrI+a9LbwAptsKp51xEKekNKh2/N4WcnJycnJw/BefBaY12 GmM8iYOm5+ay8/pJeO2QowR6LtJzjuTIOSHiqa2r54EHHjnuxTnkAv2YLHn+JZ597oW+dJzek7b/ /GmwO3xaLr6vD6TrE+tHiO2jjDS+XLPzVXH99Ytc9lhHOFMfFul/Obw48KrvlBKv8JKfROb8VyZc E4kVTjvnQsqJOiLbJCcnJycnJ+cPIR6ctYi3OO1xxtO4aD4bJ96KNw5npS+bNBfnOUfzJYHuyAT6 w7lAJxfox+Td9z7krXfeR7K5cbSI/lPpOzUXH4w0xGfuhOHv3VGp7r3uhUcP9wcGcMxJHBbCrCZI XHhub3HijuFQ/+3hj36NWYrKt8XR7z0n58+ld84mxjJyzNVUkjRLb8/nWE5OTk5OztfhIRPhgrMe MY79777N2lmP4Wy2D+zd5+YCPecIvqStstLY/Q2NLFy0OE9xJxfox6QSx8RJGtpFeP54Svkfwtu+ k3LpXahsghGDER9q3I/s/+cEsaZvOLFYo3EupAlZa7Nh+upprbVfmcRGPOI0Xsp4Y3HWY73GGMGJ x2h7xHv5dia/cw7nDWJ89voVYnxwzP6WnqPXVf94vmBzvl2cc2it0drQ2dWF1jp0bsjJycnJycn5 Wrxz+KxNqXGgnKCjIqpQQGwusnL+MEcKdOcMVixKG8qVKBfo5AL9mBw+vaavDv2bCHTvbTjJ9kFc OhOzd/tqnn/pVUraoTPR7sXiRVi9/As+/f37bFy3ilHDh4YxbCjDh41gxIiRDBs2nJEjR/Luu+8w ZuxVjBgxguHDhzNs2LAvjcUvvMah1oNcf80oRg0dybChY7lyxHBuvXUK27fuRqtvX6ArrXhw9n3U Vh8gjSvMmvkAi599HW3Vt2K45ZxDRCiXy33ujjk5fy69NwCR3sDX4aBXTk5OTk5Oztfh8D7sl60n HNAYwYjk/axzvpY+XZW5uRurEOcwxzh4PB7JBfoxcB5sb3q5HNmS6T/3ON4L4i3agTOClohPX3+a e+97kIoDZWw4VReDsxFPzryfJxYuoNDTwd7qXdRV7+S1FxbyT//4A97/6DNqq6upqa2lu7uN2rrd 1NRWU7N7G//8D//Ea2+9Q03NLqpramhra2fXzs2cfubZ7NpdQ211A9t372DO7Ec46cRTWL1qG96l mXuixXkJ71dM34IqEt67k/Dz4XR7CX+fOc6Hi8gSRSV+d+5v2Lytligu89CMB3n+hTcxohFnEbGI Fbw4RHxIiXIG29eiw2JdCI54cTjpvUBBnMU5RUdLIzffciflKAn/zoWMgJycb0pv4Mc7i5Msc+U4 vynk5OTk5OT8KYR9rsNlZZxeW8R4dLZnzMn5OnzW6SqYS1uMhGBPnsmYC/RjYrJUHXHgskly2LDt T8c5sN6QiMMnQkUSFj96BzMffJjEk/VZd4gzOOlm6jXjmffWe0G0Woc2hs/efYUf/Ph09ja1ISbF ePAuRZxGvEOXW/n7//EP7N7fhJM0E64JW9d9wtmXXUvkbDgVFMEmZcaMHsyIUXdgXQ/eKrxXWDEY JyirUGIxRrBGQhQ01ThxWOswIuHisRbnDMYYjAk/93S1cdqJP2Z3YxNaFC51xCJorVBpTJpqxCjS VLDaItqiTEziQesUa1IS67FW4bTFWZWdaHq0tVhb5mDdRkaNu4ViZEjF4kyKmFyg53xzegW6MfpL JRS5SM/JycnJyfkj+HDw4q3HiMM4i7eCtZKVbub30pw/TF+Zrw8BHSMObYPuOt73YrlAPwZ7GxrZ 09CI6e2DzjcT6N6DOEMqgleW2JWZPW0ss+c8TurpO6F2zmJ1B6OGDGHJJ19gfAgMGJ3wwcvP8B8n XUhzTxkn6ssC3Qnljgb+5//zjzR2FL4k0Fd9vISRk+8h8jY7GTc4VWHMmCsZNmIy4iK8BIHuraZq ywbe+uBDFr/4ApNuuonOzg462ttYMH8+E669lhtvvInPPl+GMoKzEd1dnTw0axZXX3stU+6Ywsql n/LTE75PQ0sHcVTm6Yfn/H/snWeUVUW+t+/HWbNmxhxQMaNjAMyIOSCSVCRIzogYQVCUnHPOSJCc dMwiooIokiSnbkIDTewcTtqh0vN+2PucbhDQGee+d5yuZ61aiz6cs2Pt2vWrf2LN1l3EIgXMnDKB Zd+uYuTAvowcPxMRj7Bt61a6v/sOL3d+h2GDBpGelkZcKKQfISPjEH379uKVV17m3Xd68+OadXz6 2T/o/GIL7q1ag+49+vHp8m9QfgIlyu7Da/n9JF8AUkqOnzhhcxxYLBaLxfIbMQaMMEgNjoG48ZEF 2bjZ2eH81r5PLWcnZUE3EqU1cdcjv6AwZUEvy/3HCvQzMGfBEmbOXRAkifudAl0bGcTiCIFQBbzV sQF16r5Azz4D6NWrN3369KV3794M6tGVe+96gE9+2hS61gdCeMm0kTz2VFMKXYlW/mkCXXIycw9X XHYj+XE/JdCVSvDJ3MH0GT2NhJYo5eH7Dlt/Xsttt9/O8m/XB/HxykMbF+0nmPPeOCrcfhcffvwR BZEiPK+AVzq+yJhx44lGizh29CjPP/8C+w8ew41n88TjTzFh6hSiTpxIfjGvtmnJteVvILcgSkF2 Fo/dX4Wl36wl9+RhHr2nCo1admDf7s3kuXH2bFzFPVXuZ9++NKKez6rlX1KjZm1crdix4Rtur1yF 79d8Tzwe5diRk8yduxjXjfPtp3N4tUt3imMxIp6Hlo61oFt+F6WzuD9RrQbRuIPN4G6xWCwWy69j CAS6b8DVILRP2vw5fNujTxDKqHRJ2WA7XbOcRlKgmzCLe9re/QwZNsoaS7AC/YzMWbCEWXMXBgPK 77agS6RU+CJwY29c8zHe7TucFV9/y4oVK1i+4hu+WbGCFR/Pp9It9/Ht1l1hnLbG6ASThnTn2Vad iCuFOl2gG0Xa1jVcW+FuokKmBLpUCd4b3IEHqz1H61df4cX2benQoQO9e77Dz5u3khAyiBXSLto4 aJXgvdF9eGvAGHzpIpRg38avaN+6FUdP5lJQkENxUT7jxk/i21Ub2LLxW5589BlyigrxlYNyNT8u /4DrKlQlGnc5cfggD993J99t28fJzD08VvVRftiyGy19HBllaK/XeX/pp+QXFpObX0w09yTtO77O yaIoHZvUo3GrznhKoZQIsoMKg1Qei2eOoVvv/vhK4hsZxNHbGHTL76KkDvqTNZ8j6njhZ2X7xWCx WCwWy68hDWhhEEYhpEFrxfEZU9neudsZ66BbkW75BUalEg2m78tg6PDRZd69HaxAPyP/NoGuJUpL jFB4UqK8Ip6ofC+ffrMRoxRaq6AshedSdHwvf7++MtsyMjDCIJRCGpchvTrTsfcY4lKi5C9d3Nev +pIqjz5DQpUIdE/EGPTKc3zw2UpiKkj+FsR0R0n4Alf5aKFBx1HGQaooEwe+wcJvf8DzYwglWP/R DB6r+jg9+g6lb59e9O3Tg759+7J7fyarv/6AFo06E/EcXB1DOYod6z7l9ir1caVHxq4tPHDXrWzI yCJj72Zq16zHoewiXKnQIo9XWten7Zu96d13AH369mNQ7570HzqS3GiUJk8/yZDxH+Eog1QCo8L6 7dpjzOAe9BkyCl8nBbpjB3vL78KEFQYSUvF4rbpEXC985sv2i8FisVgsll9DGtCej9I+UhiKDRyd O4Hdnbpg/KBEsLIC3XI2jApKUhtVSqCPsQIdK9DPyNz5C3h/zrxfuFj88xZ0gdYyENzSxYmd5M6/ 38mP63YEAt1opAatBMfTNnP1VZU5kHUSKR2UUChVSI+uXRk2ZT5OWHogKP0mUEYgpcfyzz7huQYt cLUOFgOMwPcivNSkHstX/hTEumuFVj5GByUMpFGB5dn4GCNQspgeb7Tjp01bgsRswiPtp2W0bdWO gpiLUEEcu+u5CKVZv2Y5Nao9S25xMUIJlOOzePp4Hq7dAaEctmz4gUqV7uTA8RzSt/1IredakVXs ILWPFvn0eedNPvzsO3ypERpcIYh5Pp4bpf0L9Xi58wDiQuFLhRASISRKOnR7vQ0jRo7GVwpXBVkf jfb/vTffUqbQOkig6AjJY9XqEEm4KB2s5losFovFYjk72oAnXZT00J6hWMOxmRPY3rkLxk9W/SFM GPd/fbSW/yw0GAlGhXMxTVr6PkaMGG1d3LEC/YysXr2aVatW/e4Ooo0flCOTBiXj5Bcc5MYKt7Jr 516MDlYVg6zoLtvXreTq8pU5XlSEEFFUQmFUHp1f6cqcpV/gmiCrvFGBC5EyEuUl+MeSJXTo+Bqe JrCuG59YJJ96devyw7oNQcI5ozHK52xWQZHIo33r5hw4cBCpNFp4+PE8OnXqTPPW7Vn903pmqxrf ngAAIABJREFUzJrDa290Jisnj3gkm+eeqcWLL7/Kj2s3MHrIYOpWe4JGHXohZZwfVi7j/oeeIrcg wq6fV9Kq47vkJwRSOUg/wo5tm7nv3geZOHkK6zZtod/gEQwaMhztJ9i85luqVH2EwcNGsXrNenr2 7su6DT8jpMvHS6bzbJ3arFj5EzlFDkJppIz9y/fHYtE6iHuKJ1yefa4BkWjcCnSLxWKxWH4DRhlc 7SGli/Y0EQ2HFsxiff9+GBGUzTUmFOjmnzd0Wf6bCQU6JeWd9+xJZ/SoMVagYwX6GUmWW/q9HcQY idEaE8Z7n8zO4Iknq3P40NGghrcJ6n4r4bF+9QoeeeQZ8qNRlIphfIUU+bzbrRfLVq3FC8u+GRMm tjIKLX0++fBD+g8YjDCBqxFGEI0U0OHF9mzftRuhQ4GuBWcT6NIr4o3XXiY7Nw+hggfGqDjZOSfo 0aM7d9x5J889X4/Pli0nISRKxsnLy6Jpq9ZUvutexoweycK579Nj4AS0TvD9ymU0a9WBwmiCbetX 0nfoKCKeQEiF9F2UcFm9+jtq1XyaipUq8VqnruxJ34cUHtKNsidtD3Xr1uXeKlXo238AOQWFeMLF jecwsH8/Kt95P3v2Hcb1BUa7//L9sVhSJQiV5viJLIQMxLkV6BaLxWKxnBsjDEIrfO2glCDPaPzi HETWiUCch9WQrEC3nBGjSAp0rTWe51NUVJT6uyyLdCvQz8K/p2PoVMxN4I7tBfHUKuiQyRqRWiuM ctGhK7nRPloG5dKkEvg6EN+pLJhGYYwK3OdVUDswGeODURgtQxEffkZJrO0ZMQKtBVLrIJ4oKeiN j9E+SvlIrZCGsAScQEkRusuD0BKhfaQmiAvXDkoTuO9rF1/7SKNRUqOlDt3tg7JxRgdxJ0oHx6q1 DK6T9tE6yIAvtEYoiVZOcI2SixWAUtbF3fKvc+pLoGy/DCwWi8Vi+Wcw0iA0+MbBaC/4d1iJKJj7 luRxsgLdci5O111lfT5mBfr/IklxboxGm0AAJC3gv/yyKklOZVQoxGVgKU9Z9Er+P7nqlPo5pQe+ fzZuPnlsQamD1L6S+zEqNbjqcMA1WmN0sFCgjEYajS4V1651EG9kjEQbEfzGlCwwYFyMlqljPeX4 w5iU1CJGuGgQfHb2c7VY/hWSzxpGlDx7FovFYrFYzonWBAYiLTAqCOtUyqTizk9vFktpTp1v6V9o m7KMFej/i5S4owuUCWtBanVGa3ZgHS8RrKV/H4gHeYpgTorXf+dxJkWK0SUxQ+b07yVj4bXGKIHR gfjWJoyPDxcjUp4DRqe2V3obye2f8Xg4NZnIL79vs2xb/n0EAt0H4wX9384iLBaLxWL5VZQJrJ7G Nyil8Y2PVgqtTIlR5wzzSYsFTs/sX5I0zmIF+hk5kZ3DsawcVGgpTmJS5QBO61DnFIuhZbrU32f6 vkn93y9//8v2v8Wp2z/bgHquc0mtlP6Gchrn2v65f2oFuuXfQ5CYRCGUZNvOXXh+OLko465VFovF YrH8GloqjAxc2qUSeFIROXGQot3b0FIgjQy9M61It5yNINRXa000keBQZqZNEocV6Gdk9vzFzJiz IMhorku5VRv9Lwh0i8Xyn0sg0B1f8FTNOkTiCaQUZf7FYLFYLBbLr2G0Jq41vpFIFZRa27dwLmvf fgsjBVILK9AtZ6S0sc+EpaR3793PsJGjkVKW+XmYFehnYM6CxcyatwihFEpKIJngIrCGl8RXh/Hl 50rAZrFY/mPRWiGlJOH5oUB3UEqdOU+ExWKxWCyWFMZoEhqkEkjtIKTh6Kzp7OjUOSXQdZjbxQp0 S2lKC3QdVtTZs3c/Q0cEAh3KdqI4K9DPwOz5i5g1b1GQHV3KVIkIpUEoQ05+IV9/vRLXFanszxaL 5Y9HUqC7QlKtRm2KY3GUsiu3FovFYrH8GkZrjDQY30eaBDGjOTZ7Kjs6vY6WAqH9MPmwFeiWUykt 0JWUSKXYvXc/w0eNTZW6LstYgX4GZs1bmHJxV1KkaiXHXZ91m3fQrUd/Xn29G67jhR3ITuYtlj8i SgUC3fEFNZ+pm3JxtxZ0i8VisVjOjTKaiAGpBUq7yITm6Iz32Nm5C1r61sXdclZOsaBrhZCSHbvT GTZyjBXoWIF+RmbOmc/k6e/jC4mUAikle/fupXf/QTRp8zKNmr/Ia290x3X8VLkxi8XyxyMoCSOJ xBPcV/VhimNxhPDL/IvBYrFYLJZfQ2tFTGs8IxHSx3iGtPlzWN21C0b6SGMFuuXMnC7QpVLsTt9H n/4DUwK9LHszliGBfmZXdK1KapMnE78VFBaTX1CELxVZufl89NmXtG77Io1btKVh8w40bP4Sr3bu QcLxw3hVhdHSNtts+4O15KqtKyTp+zLwpSzzLwWLxWKxWH4LWmmU0igt8ZTEVQa/IIvE4YwgM7dR KYEOVqBbzoxWCqU00YRDVk5uag5WludiZUSg61L1wwNSNb2VRkqFlEHngKCjSCFY9cM6OrzejYYt OtCoVQcaNGlLw+Ydadi8I6906UVx3EMqjZAKqbHNNtv+oE1p8HxhM4daLBaLxfIb0SZMmqwEyii8 pMHLepZaLL+LMiLQ4ZT63qE4F1KzN+MQw0eNY8Lk93h/7kLmLljCgsWL+fTLL2japj0NmrWnXtMO 1G/akYbNX6Zh85do2OIlmrZ7jZHjJjNu/ARGjBnP8PHTbLPNtj9YGzFuMiPHjGfk6LF89PEnNu7J YrFYLJbfiNbgGVDaxQgfIw0iXPS2WH4d21HORhkS6AFaa5TUFBdFWbBwCWMmTmFX2l4coZAGhAah NQkhWLlmHT37D6NRy1do2PyVUKB3oEGLDrzSpQcx10frwH1HGWyzzbY/WAss6BoVTiiSSeOsFd1i sVgslnNjlMHV4GsPI3xcrYkbFbi3K516lxoCa7v5vz1cy38UGowkKdK1DsIlkv2mrBtLypRANwa0 MkQjcUaPmkBa+j58KRFKo7QOXHUMFMUTFMUTOL7A9QSrVq+lbYfONGjajgbN2lG/eXte6dqTuOcH 8TVaYrSwzTbb/mBNa4UrFK4vyMrJRUqJEMIKdIvFYrFYfgUjDZ4GXym00OQahYzk4mbnYpTGhGJL h4viVqBbStBgBBgVGkcUnutTVFicEuhleS5WZgR6KuZcat6fNY/lX30bWsoEWstgFSds02bOZtLU mUHiCyEQvuDAwUymzpxLyw5v0KB5e17p0p2476PD32itbLPNtj9YU1rjSYXr+9xzXxWi0ViZX7W1 WCwWi+W3YLTC1QIhDUoYIkaQOWs6a9/qgREqZQ3VBqQV6JbSGAXGDzVU4N28a2caffsOsJ6MlBGB rjVIGbhObN68lY8//hTPD0Q1oStOKomcUcxdsIRZcxeitMYomZrIawOHjhyn34AhdOn2LgnXDX5r Yygslj8kWmsMkBCSajWfI+q4GK3D59pisVgsFsvZkEbjGYFQEuEbXK3ImjWZ9E5voT0VZOdOWtC1 FeiW0uiUYVRriVSatL37GTZiTJm3nkMZEegGUFpTHInSp28/srKzkee4+XNCgW4IslGW3oZSing8 Tnp6esoVtqx3Iovlj0oy02xCKh6vVZeI64XPvH2mLRaLxWI5F1qD9iVSCYQyeEZzeOEkdnXqivE1 WipUGD6a9GS1WCC5WJMU6QqlIW1fBkNHjLHaijIi0LUGIRUbf97M9z/8iJDydwl0pRRCiNQKT1nv RBbLH5fg2XWl4smazxF1vPAz+0xbLBaLxXIuVDi/Flria9DSJ3POZDZ37oYRgUDXVqBbzkCqKxiF CZP1BgJ9tNVWlBGBrnRQq/z92XPJzS9Iie2zjRMz5y5g2qw5gTvOaRkoS3east55LJY/PhqtFI7v U/Xhx4jEEzYG3WKxWCyW34AyEDMa32hcrTGJBAfen8HKN7ujhUyFkVldbjkdQ3LBRmN0YPzclb6X gUOGWQ9lyohA1xoOZBxi1OixuJ6fGizONmAcPHKM/YczETKIn+FXvm+xWP6YaK0RQuD5Pt9+txLX 9RBC/F8flsVisVgs//FoHVRBktLgGYURDtHMA+TuSkNJG0dsOTtJgW50INClkuQVR9idlp4ylJTl /lMmBLoBFi5aymeff5mynJ9LcAsNjlBWoFss/+UkS3l4npcqsZYMX7FYLBaLxXJ2tFZIo9C+QRiN lj5xLRBKoY2tZW05OymBbkBJgVQSXylEaDm3FvQygOcLho4YzeHMo+FgcW6XG6HBUwqhJEpJILDC /7MCXRkwRmKUj1ZBfAVGIf0TRAscXBVB6wKM66O0h1AGXygS0kUIB88pJprwAlf75HaSsTzJVUst MDqBEQKjI0SkwZV+IDaUxmgPoxyk0Wjthx0ejDIYLTFGI4RBe3Gk0SjtB3XhfQffcyhUGqMUUvkY GQvclbSHMQpZqmyG0QoTXttkvcsgRECiVQQRK2Jr2lb2pO0nKnyUKHnoSq5rsIqW3J7WyeQiGmUk ngalfLRw8ZUKMvNrj8yDe9m9bQ/5voerYwgtkOFxKwPKBLUWTfLcjQ63n7xHCqPdVM4BrYNj1yqB EUVBDJVWqWvjqQSu1PhShddUYcL7Io1GlgqFCO6VwGgvdd211igjwm2GfUt7GCNQJuyb2gcjgm0Z BUagjEJqwMTBxML6ogJtEihlQMcRWqN0FKniCOUjzT/3cvxlfJhOxQdpqdCexpcRhBRB+RTjpwZY ozVK+mjlobXA0RohfbQSqYFYl7q/wXWR4f8F52hM2DcNYCRGl2T41NpDqTha+WD8cBuntrPFjgfH 54UrtQ5KeQgZZGs3OpxIaI0O+0bQR1y0KkIohW98tE78r8fPJa9jquwj+tz7NApjFCrsdymXMeMj k3VntQ6eQ6NPedZSmwBE8t5IgVYGIQ1aBceRHG+08JDCw/0nx0JD8jhkeK2TY4Y8LSZRh5U0JNII lFAIDa40CGUwUqOVAOOiS//2HH3cGB2OmTqsex/8XXINSkKYUu+E8BiCaxvmHtECIwXGRPGFQopk f7NYLJayizQSx2i0MCihMb5ESIOnNVLbPE2Ws3OKQFcSISW+1shSNdDLct8pEwK9OBpj0LCRxOKJ cLJaMik7E77SoUBXJeLrXxToWiuMCsSM1BqtEixaMIGePccRF1F27VnL2290otObnejU9R06tu/A Txs34ErB7k1rGD12Iq4mmJBqUSLQVSDOg4mjJJJ/nMaNn6ZazSYcOlGAUDqs9RzUeVc6FHNJDwJl QlGjcf0E29d9zZZdO/Clg68EKz9byCMPP843OzMQvkAoDyOLg4luOHnVRqcm/UbrUgI9/DwUO0oK sjK3cc/9Fan/wkvkJzyUinAmMZUS0eF9Sp6vMiq4JyLG7i0bWLdpE64n8bWkyxttqXDDrRzIjwfC XXtoHQrYlEBXvxDoJrmIYDTG+OHiQyDcfSlJRHNp37wBd95VhTvvuoc77rqbe+95gGfq1GLKtDnk Rx2E8tCqRCwYI9BaYELhLkPRrow6RaDLsO6jViY837AWZOp6Jq9xiXjVYZZLYxwwiVCg+xgTQyuD 0S6+Fkjpk5ubyXerv2Df4aP/ZK89M0YrEokom77fxHerPmfzxp8RrgzONSXQFVr57Ny+iXff7UZW URSpRKrfBtc9KTpL+khKmIWCySTLHqLDfuCHLYHWiWCxyIh/QaA7GK3IzzvCW291In3fQVSy1KLR weKICbbj+z6bN/3Emh++5FhWHp4RKB39/yLQg3/8NoFuTIkALqkxq8F4qQU0rXQwBp0i0E9Fhgsi Srhs3byZ71auJjPzaEqga61RXoJpUyezdsu2f3os1CkhXSKQk8/gmQW6QgmNr8GVOhiLwxe41l6J QE8uZpx9zyXiO7nwco5vJ+PhThfoWguM8Nm0eSUTJs5D+BItbSiExWIp2xgTzKu0NIEBQ0uk9JBS BJ+XYYFlOTelBbrROrCga41v3duBMiLQT2RlM37Ke0ilQxF2boGe8AURxw0zvf9egU4opEAogVHF tGzViG9Wb8FRHu/2eotF8xeQW1hIYTTO8H49adSkGVGliOYe4Z233+FIQSxwzQ+tjUmLltQ+SjkY X7B0wUQuOO9PnH/eFYydvgQnFDYpy5qSKUFutC45J61IuHnUfaoqrV96BVf4CO3z1ZKJXHHV1Xy6 JQ0hBUK5GFmMMBoVTrYD0SRKhLQmsHoaH2P80GqtkFKSl51Bly4dGTxiGhHPR+ooJWLqNEtWeHzJ yXLKMq0EbiKPDi2bUqvu80QSHo6BWTOn0q5DB44WR1DSBBbWUEwlLWa61CCQnKQn/w4s6fo0ga5w o3nUeKwqt99RhQVLPuQf//iQJfM/oNFzNbnkgssZNWk2QgmU9MMFj8DqGljLRWgp1wiTtFDqsC+U snamzlWHQvw0Dw+jTrlvwTYV2iQFigjEeni/feMhhebH77/i8ssvYuS4Sb+xt2pK34fTMVqRkbGH xnUb8sTjD/Dog09TnOyX4YOhtUQrj6+++JgKN97IkZN5aCXRSqQ8IZJ9Rhnww+sSnF9ykUOFVnmZ sqZjPIz2Ag8BGeNETh6elKcd87kzr5cW6JmH93DtteVZtXodQiVFsEwtPIGmqKiINq2bU7XKvcyc tzSs81r8/0+g/8ZM8kmBXtLHkyLXLyXQw0XClIA/fSxL9j2Jkyim44ttqVy5EsNHjiol0BXSifJC g/rM/8dn/0K4T2mvpVLP+i82FJy3MqCkQRoQSiOVQ27OCU7mFgbulElxr4PFq1/bd3L/JX+Xspgn j69UXy69OBII9MBzZ+nS6dR5tg2OK9HqXAsDFovF8t+PMWCEQSqDYzQR46FjeciCgpI51//1QVr+ Iyk9D5cyMGrFfUE04ZR56zn8lwv05M3dd+Agy7/9PhS5vy7QF37wEXMXfRBOzH7dJf6s+08JdINS BqV8InkHaN+hI8cLY/haEYlHECqwtHpSkn14N/UbvECeUGi/gHffeoM5/1iOH7psa50U6ApfC7Ty EE4O1Z+qSsVbq9Hwuaep80JrIkqjpIdQCkdIfM8PPQIkSji4QuArjRQ+jpNHjUeq0KjVKyQ8jSsU yxZOotwV1/Dhz2kUFOZz6MghhJNHPFzdUkqg/TjZxzM5mJGB64tAhBqJUnGEV4SUDkL6eNLBFR46 4RGVAl+5ONIP4309pO+gpY8vVWD5FwmkUuTl5XLs8AFcz8NREiUS+LFsWjWqxxO1apMfdSkWEifq E9c+MZNAex7aFfi+x9GjRzlx9DBCSFwNQimUn0AIga810WiUwwf3EUskcJMCWpdYzZxoHtUffpCH Hm1A3NMoKTGex4Hdq7i63NU0avUKrvRQ0kP7PrnZWRw8tI+EkDha4wuBFjGkHycrO4uTWceRIo5S AkdIlNIY6eILj7gM3MGMclEiQVzIIA5HuijhUVBQxNHDmbhOAk+ZQPAqgZIuRQU5ZBzYS3FxIFyl X8zq7z7nr38+j4HDxyCkQiqNLyWeEKjQhb9UTw1CB3TQkq5FQTlBGYRnSIFUUSIFRWQeSqPWU3Up KogFLvfhNrQWKOVSXJjNzp1biHky2JYSgcuSlmiZQEkPV2ocDa4ygYgXAiU1QkmE9lFGIoVCCh1Y TKWLUREK8k/S5Z0+xHyBlPI3D+DGgFYOWko8t5AdOzZTFImjkr83QRiCUj5KaaRSFBXlsOyLD5k8 fSGuFigVLPr8M/s969igS0o2nv756S+mc+0ruZAlhUTK8PlWAqV8fBU8q1r6KN/FEwohPJSSSJ1c QAzcxo1yEVIglSBalMX4CaPpO2hwcE+T3jd+nIMZB8guip4yFiavR3BOOky8J5Ei+blCSwcR9kEl XGQ4/iSvQcnvFVIqhNTBMWoQUqBEETOmjWPE2Ol4WuPLoL8YFYRKnPHaQNDnlINWHr7W4bYcINh2 sA+NEh5aCrTUQX8PrfVCBf1WigRGeBQWZZK+/zi+SIb0WCwWS9nFAMY3wVitQWrBgQ8WsGbAkKAG uiwV1mSVuqUUpy6QK5TWpB84yOjxk844PyprlAmBvmPXbjZv3/WbBfqcBUuZNXdRSR10o/4lgZ6y kIbx50oJtv7wGW/1GEJEuejQ9V0YEcY8e/z03Wc826AJRUqh/AJGD+tN/ZavEA8nhElrNSZIpGBU gsP7V3JF+SuYPPU7Vi+fx403VGDVhi14SqNEgiUL5/L3SvexdmsaSiSIFBzj9sp3MGTUBNasXsm1 V5fn8r+dx/kXX0P5a/7OlPdm8/XCaZS7/EreGDKBSrffwpVXXEWdp59ib04+vkiQdeIIbVq34sor ruSKyy/nkQceYNmq9XhSkpd9lKceuZ/WrVrSf8BQbr75TqbPm0Ldh+6j7Ss9ceOC7gPfovzV5bn6 qqu4tvxVXHt1eSpWupPcSDGZ+7bStGVrrrrqKq4rdxnVnqrJuu27Kc7P5omHqlDuovO54MKLuOaa m+j45lsM6N2Fivc9SEFEIByHtB2bqVGnBuWuuJJrypWjw4svsWbzTlwhmTdjErffehvj35vN/VWr Uv6yS6lWvTYb0o78UqDH8qj+8EM8/GgDYo5GSoHyEmzf/AVXlbuaZu3ewJcuiUg+wwYO4qqrynN5 uXJUefBxvt+0HU96eJETDOn7LldddTVXXFmOfn3epkqVKjRp/hLxuEv69nXccP01LF2xGk9JivOO UavaI7Tr2oOo1hQXnKB/n15cdc2NXFXuSh594H42bdmF62qUKGbsqKFcXf46LrviMipVrsSs2UsY 2KsT5a+4jL/++WIuuvRKbru9Irv2pPHaG2/Stt2LxBIOQqlS1kKFEA6OW8wXX37ESx1fonXr1ixe tIRpU2cSiyYCEW0ctPQoyj9K7acaUFQQCVyjw20UF+fTp3cPBg/sw6hRw8iOBqJMy2BxSCmfgxl7 GTx0OM1atKZH7z6sXrMWoTSuE2PcyKGMHz+e3Wn76N2nDx1fbMeyZV/haoUSLvkn9rF7+wbatn+D tIwjHM48wrHjJxBS/mriRy0NrlvM5IkT6dO7O3379iTj0DEc4YeeCh5aJcjYn8agQUNo3qIFc95/ j08/XsLk9xaHLu4xlFShiPx9Il1KiZTyDAK9JPRBSh3u5+z7ksonJyeLIQMGMmLIMPJy81m8eCnt 27Vj/OSpOMJHK5d9absYPGQULZs1o/u777Jxy/ZUGIxRHscO76NPv8E0atqcKWOGMmrEYHoNGgZG IpRk7U/fM6hPDwb2H8TWPQdPuc5ZWVkMHDiQsWPHkp9XwKKFS2jbrj0zZswKRbQgln+M9xcspW27 DrzeoR1fLVtGvhO4qgvpk5WVxZgxY2jTpi1vde3GgvmLmDx7Lp6vicfiHD+8kyEDuvPWO0M4eOQo BzMPk5WdixAqXET9JQYQyuPH775k9PDBHDyZRSwRYdr4kfTr14/VP63HlRrPF3zx8QcM7T+A77/5 ga2bttKlSxc6dHyZPen7EEpw5PBehg0YTN++bzN7/pd4wq7uWywWizSgfR28p4RBac3xmZPZ0elt Wwfdck5SXSH0FC2pgz7GWtD5LxfoEIj0Ldt2sDNtXyqW8tcF+gfMmrv4lIRBJhTp/xQmmQhLIZVB a8X74wYzYOh4YqYQLR2MVAjjoJUmEcmhVvUnGT9zETGlUH4+ny2azl1Va3K8IBa4qiZjyI3Clxot T9K84eNUr92aHCeGGyugWd1nqPV8M4p9iRIFLHl/DBdfX4mVW/ailUNx3kGuvPoauvcfSqQ4n/U/ /sgTVSpRs14DNm7fQuaJE6xYOJ1L/3oBNeu349ih/cyZM4/LL76EwdMW4Lp5PPZgFSrdXYV1m7eT l5vD6+1aU+7qyqTtPUhe1jGqVK7IZRddROMmbfj482Vsy9hBnTsr0bRdJ5yo4MDx/WzavInNG9cz Z/okLjjvr3Tq2o2Y71OQvZ+lH3/CsZMnOLp/O1Xuq0q7N3rgeQ47tvxE3RpPUuXhR1izfjO7Dx6i 91sdufqmu4lEJMf3refW66/h6Tot2bN3L+nbN1Lxltu5o8qTHMvOY8bEEVzw17/RuG1H9h88wM6f V3HVlVfT+o1+Zxboj9xP+Wsq0Kh5S5q1bEmD+s245uorufb629m4Ix2jHfr3eJubrr+Rzdt3cezk EQb378X9j1QjKzeHaWOGcMkllzNo3Axyco4zdnR/LrzgQp55rhWO45G29QfOP++vzFv+A55SRPOP 8sDdFan/cmcKtOLVl9tz1513snr9z2RnZzG4f08qVqzCe1PmsTdtHZddcjmzZy/maP4JVq5eyfjJ 0zh+eB9zp4/nvL/8hVe79mDrjl0URuN8v+Ynvln5Pa6QYSx7sp9KpHKYv2AWjz/xMBkZB8jLy2Pu 3PlUq1aLgrziQJgaDy0divMzeeapBhQWFiBSMeQSIRLs2L6R7775jKeqP8H+nPzAC0AF7v65J4/x 2EMPMWvhh+Tl5bJ5w088Xe0JDh47iSejHNr3M/fdW4WGDVuTtnsv6bs20rJVS44VxnATUbp3asfD 993FNdfczIMPV+PBhx6hXv2GxBKJkgnAWR5FJQ1SJjh4IIOfN/7Ac8/VZtXqdYGF2QDGw/OKqf7U E7w3YyZZOdl8+vEH3FHpdiZPX3KKQPc8j4KCgt+1uiuEoLi4GClPdZOWyic/P5+cnLxgYSR0rz6b u7vWCaRMcORQBhVvvo3GDZszfvwUcnNyyTx+Ak8KcrKO0Lj+8yxa9AG52Vn8/PNG7rz3fjZv34lU ikS0kOerP8mnX35Ddn4hG3/4hr9XuIFeg0egtUAoQX7eCXZuWUvbNu2Y/+FXv7CgHzp0iPvuu48+ ffozedJUcrLzOHb0BFJopJtgVN+3eaXLuxw8epRjh9J59tlneLvvUIT0SDgxmjRpwrhx48jOyiHr ZDbNmzejXdcueJ5ix+atPPXgvdx20w3ccMPdPPDQI1R96EF69emPK9Rp3iClro0JBHo95UN3AAAg AElEQVT2sXSaN36elRs24UmHjL1b6NixI0NHjsVTJrwGBfR6uxttmrWlRrUaHDx4kJPZORTFEnjS JxHPZ+fmLSz5YAaNW7xNzLHlgywWi0UYUJ4fJGEVhoiBI/MmsKvTmxhfh3MHK9Atv6S0xsJYgX46 ZUKgb9uxkz17M1Iu678m0OcvWMTc+QvD7/96fOvZMKns4YGLr9CSgb3fYeToKQjtY1QUJTw8RxDL y6R9q+b0HjaEwqiDUkU42uG7zxdx0233k34sK3BF1TIlRKRy2L3pWy7729+YMfcTTjpxnGgBS6eO 5IprbmH1rkP4ophFM8Zw6fV3sGrrXrRKEMs9QPkryvHu0KkI5eE5Eeo9Upn6bV7C03E8o1ixYCJX XFqOmT9uRruSIwfSuOO6a2nSazgZe7dwfblyDBw3E6kTCOGza9MK/nrhZSz89HtyszN5uOJt3PPU s+TGI3jSoyD/KDXvuJUmL3Ym4kmkr9AqytFD+6h4e2UaNWlFcTyBVB7x/OOMGjuSl197idbN21Kh wt+pUa8VxUKgnBzaNX6OarWfI9/x8JWm15svcXWFO3AjPotnD+SiCy9j7per8aWLjhczZHBXLi1f gc3bDvL+1MFccnF5NqUfQWofI7O4p3Jlnmn0dhiHHoQRSK1xYrk8/fD9XHf9jXTu9i7d3n6bO2+5 ibvueYI9R7NwpY8RuTzx6EPceHNFmrdpS+uWLWhS7xmuvvZGVnz3LTWrPcijtZtyPO6gpKQ4/wh3 3XwdNZ5vS9xz2LN1DeedfwFzVqwjoQWRgkM8fE9Fnu34DsdyM6lR9S5urnwfLdp1pE3LNtSuXZfz z7+EFs3bkJN1hJsqVKDu8/UYMnwo6emHiHsCKQQ/fP8Ffz7vf+g3emRg+VfyNFdiH6OcIPZbanwv h/ov1GP34WNhvwfP8Vk0fzHRaAKlJUo7GOVQXJBB7eqNKCiIIY2Xcg8PkhEKCnIO8Vyt6mRkHUKq RCDSfckPK2bTvGlbvv1xLRs2rmPjutUMGtCXLt174UiPgtwMbr71BhZ+8lngXu8XMbjXm6QdORG4 vscLyTqSzkuv9eJoYYRoNEYi4YRu1ZQknDvTswgYE7i4S7+QNm2a8N3qdfhGBgn2ZITDB7bQsUNn EiKBLx3iIs6MaSOYPH0xCaOJKg9fSjatXkzNp55ly/59QViGPvukwwBKKqRx0MlcDqqQTV9+yBNP 1mB/5n7yjMLTGlGcTb/+/Zj+/iwWLJjP+AmTmThtdmAlViKs2qDDhJHhpEcKXJ2guCCP6y4pz4z5 S/GkRiodhKHIBLOm9aVx/dasWb+BH39aw4a1P9C+Q0dGTJ6JqwXLF02idoOX8JSP0ArlJujzVmv6 DhmB1GG2fu1hZITeXd9h3kdfh1b9ZLiNS3HeSa6+8BLe6Tss8NzROqxe4ZOxdytPPnY///j8G37a uI4NP63j/dkDefDxOpwoKmL5R7N4snoLIlLhiWKUr9i6dSPT585FKIMQEieaxcSRQ+nZbxoF0QiR WBGu44c5ELyzX3utUG4uvV5syI+bdiOlh5IxBvbqyqDR0/CUwVMaLYoY3rMPj1R9jBNFxUHeCKmR QuNqD6U8jBRs3/E9rZsOwHeDUIjUGlc4JicnohaLxVIWECbwDjXaQQlJjoFjcyayq1MXjKfCai8l At1iKaEkIWsQaqlJ37ufESNG/1tCCf/o/FcL9KQY2bZjF7v3HgxdOn/dgj537lzmz5//u1dwkpZu jAyyLGvJgJ5vM2rMBDxN4DYsHXwvwjtvvEqtp+uQHQvK+GgVwTGSVZ8t5aZb7yft6EmSpamSAl2r AmZMHMH5f/orfz3/Ev583gWc/7e/cPGf/8z5513AwAmzcaXHopkTKHftrazckoZSHkVZByhf7jK6 DZuBr31cJ0q9ByvSqP3ruCKGqxUrFk7kynJXs3B7Oto3HD+Uzh3XXcsLPUeye/t6rrv0Uka9Nx+l omgt2bvzR/5y/vnMXPoNubkHeaTiLTzaqDWRMIY1mn+EGpVvpsmL3Sj2FEY45J/Yz/333k2Vqo9y NDs/jIlPMG94Vy6/8kamz1/A3i2bqVXtcarX7UBESEwim3Yv1OHJGs9Q4AZx6326duDaCpVxiyWT x3Xnkosu46NVP+FLD+MlmDK1HxeVu5oNPx9g1tQBXHb5jew7mhckWpPZ3Fv5Dmq/0A2RzOJN0oKe S42HH+Chh6qRG3cR0mHm+EFceFE5PvthE46SGC+HB++9i+p16rIjfR97du9mb/omdqenk3n0AA9V uYMa9dpQ5HvIhEA4+dx98w1Ur9eemOeQtnUtF5z/N+YuX0tcehQXZPDQPZV57rWeHMk9RLV7KvFs 8xfZmb6fvbt3siv9ILt2p3H48BGk8NizewevvNKRv996C+Uvu5T+46cTU5K1337I3/70P/QePTFI ShcOdkmRjhGgE6FAN0SLMni+3jPke6ZkpVsZtNRBWSktgyRryqOo4CC1qzemoMBBGA8dJgzUoXgs zM6gfq2nOJy9H6Vi+Aa0K/jyg1Fcekl5zr/wYi688HwuPP88LrrwQho2bUlCaopyD1LprlvZnXks SNwnIozo05m0o1mBCBYORbmZvNa5P1EZnIcUOnCjNnCuhbTgnJwg3MQvoE3rRqFAVxhpMCLCji3f 887bA/G1hy8VUjmsXjGfMTM/wdMKVwk86TJrxFBmLljI+4s/wVc+QoSJE880BigTiFnjB140QiPc KC+3bUvffoMYNWkqvnLxtCQvbS1Tps3CEUEMt+MLThYU4UsHKRyUIcxmHizUKQNGKDzjEinI5bpL ypNxMgdfmbDEocDIBAP7tOb8v1zJ+RdewgUXXsglF5zPhRdeTM/Bo4n5Pu8NfJem7XsijYcrBEYI 5k7tR++Bw/FN0D+09jEySt83uzH3o+Upga7C6xrNP8l1F1zGht378cJkdUYGyf22bFzJ9deW47zz y3HehZdw4QVXctElf+PWyo9yJD+PcQN70LxVd2IalC5Gi6CUo1AaV+gwyV2EaePH0G/wLIQRQV4C ZcLJn3vWMVhp0F4BfdvX5YcNO8OFjgQDerxB/9Fz8LXA1wLjOwzr3p3Or75J3ICnQUqD8g2u8cLn RLJ9x2raNBmM73qpOH5Tqp3Li8NisVj+2wjerRKtXYxUFBg4MH8G67p2x3iyJNGmHRstvyBZhSWY t0mp2Ju+l5EjRlmBThkR6Fu27SDtwOHfnMU9NzeX7Ozs352gIJUkTuswxtxn7vjB9Bk6nKgB7ftI P5/+A7vyVreeFBZEcISHK02QmEgqPp87kypVa3K8MB6U80rWMzaS/BPbufXWW2j9Ule+WvYlK776 kM+XL+ezr5Yx4M0XuenvldmYnsmyD+dT7vIrmffRVzjCZ83qb7jkwgt4Z+h0hFY4TpTGTz/Eg0/W pChahCMlyxZO4/Jy17F061609jiWmUbF62+geffRFBae5LabrqVRi9coKs7Fcz0WzJzEhRdfzvcb dpGXe4AHKt7M4w2bEpVBjfHiwuNUu+N2Grd9i5jnUJifwROPPcitt95KWsZhij1JzJfE4kV0eLYK lao+x+H8GCcPbeG+O26m+rNvEBMC7RXyevsW3FrpDg5l5eD4kn5vvsS1FSqRiGg2rV/BlRedR+++ Q4jF40QK8qld53Eq3FqRQ4ezmTllCJdediMHDucELw1ZzD2V76Z2wy54YZI7AyilcSP51Hi4KlUe rkVO3MeXDrHcozSuV4MKt9/Ppv3HMX6EF5s24O8VbiLj8BEczycSKWDLjj0kYoW89Wpbbrq5Ej9u WI9wBWtWLqPC5RdTvf6LxDyHI2lbuPj8v9Jz8BhiXpyf13/DlZdeRJ1X3iHPLaZJ7WrcdfcD7NuX gefHyYvEWLfhZwqLiolFiti3dw8JJ0HcSTB2ZHcuv+5m9ufksW3151z8P3+iY5e+OH6QkCvuesQ9 H6mDhHTK+EgTPA/Sz6ZViwas27KtpP8qTWF+UZCsTcogA7vSFBUcoXb1BhQUxvGNLKmhrYMkZUXZ GdSvVY2j2YdQysHVoDzJuu+X0qN7H6IJByl9lPRxXQdPaXzlkp+1j7srV2J/xvGgNJhfwPA+Xdhz JBvfgFEexblH6NixM8UJJ7SyS4Qvf1WgB65UgUCXfiGtWzdm5eq1QRZ5aTDKIfvkAeo935Ds/BN4 ShOPZtGjS0vGzPwEqV2MLmbLtx/QrusAIkXZ9B08isJYJLDinmUMUBpcLVHaQ2oP5UfZvWsLb/Qf RUFBDq927UE8WoCSLsVZ6bR98Q22bNtNPBrDlxJHCaSKI0WMhOMQ92UY6hKGKYjg+YoV5nL9pdeQ m1eMTJZ01D5G+iyYPYqub3TD9T1EmFXf9QVRofCVYP2KD6ny4NO4IoaUCi8ep2mjGvQaNAxP66D+ uA48Lvp0eYcFH31RkmU/vK7FeSe5/Zob2HvkBH6YeM2EpSEzM3ZTr3Y1MjNP4Poe0tP4soBiR+L6 DhtWLuHxx+qE1R3iGKlxnBhZOblB/XOtMTLO9IljGTBgHNoEyQwTiSARnjpHHfRAoBfTu2NDfly/ BSUFBcU51KnxOP1Gz0FoB6F8jJdgSI9udH+rJ54Jkx0pgxIG34gg/4dUbNv+E62a9cb1BL7RweJT UqDr0tYAi8Vi+e/HqGC+6huB8YPkr/Gso+SnpwfvDlWq1OX/9cFa/gMJ5mxJA1IsGuPYseOnGJbK Kv/VAj3Jth072bozLRBk6tdd3EtnUv49nePULO5BRu6tqz7mzR6DKJQarYr5/KM5lLviCia+N41F ixewaOFC5i3+gD17D6F9jynDBtC49etE/SCTdpCsK5gwjx7UjYsvLUf6sVykcjGqAE8rYsonc/u3 3HDNdbTv0oejB/fw5CMPUeG2O2nUrDV16tTl4vP/RvchUxFKIYTPtFEDKHdFeWrWrs0Hn3zK54tm cnm56/h4UxpKx8k8tIfbbriBNt2GI/w4Hyyezd9vvouna1an/vP1uPP2irRp9zJFsRh5eYeoWukW qtV/IUhup2MUFmXxeOWKNG3bBddLMGTA2/zlT3/irrvvpn6jZjRs2ppmbV7k8LFMPl88jGuurki1 p5+lUYNnueXmG6jzbAcSQqBVgqUL3ueq8uWpVuMZhgwfQ59OHbm+wm0kihUJt4ixg/tx60038cwz dalVvSa3VbyF3v3747qCGVOGcell13Pw4EmEUEgR5d477qZOg9dDgR4knZJKkygqoMbDD3D/QzXJ iwukcjB+gu+Wz+Pii6/kxc79kJ7LtnXf89B993DX3VWo36AZteo8Q/NWHYgWF7Fn21oeuf8h/n7b LTRv1JIWjRtyc7mLebp+B2Kei0wU8OTD91Huimt4oUlj6tWtzTVXXUHdl7tQpATbflrJI1Uf4b67 76VR4wZUr1Obus/X5+uvv2Hdmh954P4qPP98XRo1acy9Ve6jQdNWFESj5B7P4Pna1alw0y00btaK tP0H6TdwCD369CeScBE6EDaB14BAi2KWffEhT9eqwZzZs1m4cCFDhw7jjTc6E40EsddHjxxi2uT3 GD1iEHdUvI+Ro8YwbvJUNu/ag5SCvWlpTJ48iVFD+3FfpdsYPHQQkydO4OcdO1CeJOt4Oi80asLQ YcNZvHgRCxbMp1+/fqz7eTO+iLJ43hRuvu4Gxo6dTtzxWfbRAurXeYq+Q8dx8PhJlPKRiUJaNG3B uPFTWbBwAb1792XF19+FbtjJuuq/RGlNbu5RZk1/n0kTR/PgQ/fSucu7jJs0ma+WfYsUHk6iiFYt W9GidTPGjR9P504vU6vmk7Ro+SJbdu7A8/Lo/XoHPv5uDY4bZeyQ/sz9/Bs8L3C1zs/P5/Dhw2Rm ZnL48GEOHz5MRuZh9h/KpCBSgFQeUsZZNG8a3+9Mw3WLWDRvLivW7UCLOJ6I8vGyFfTo2Z1hgwcw cfIUtuxMR0hJxv491Hn2GT5Z9vUp5QC1VBzcu4txI4dR7qLLGTVsLJMmTeGnjT+jdBwjJXlZGbz2 8muMGDmKhYsXM3/BAnr27svan7cGdUdjubRs0ZaOr3VgyqQp9OvRg0cer0qd+o3YmpZONDef+XNn MWnSeJ59qhZtX3qZCRPHs2TJh7iuT9qebYwbNZTyl1xOv0FDGD95Chs3bUkdp/TjjBvRn7feepf5 CxawaN6HDBk2mJHjZuG5MYRzgjdf68zb3Xowf/FcFs1byKuvvsK48RNDTwCNUS4/fPs1LZu1YdHC +Uyf8R5vdn2HnPyikkz8Z7nvWjrMmzyUZs1aMn7cWNq/2IGnn3yUOo1ac/xkLgk3xhdLplG/Zh3q 1KzDuAmTmDl7NpF4HOUrHOGxasUKpk6aRK9eb/Ng1XqMnTCJqbNmklMcRWpdSqALK9AtFkuZwUiD r1XK20ppEMJH+34gzktXJLEK3XIOSnt5JrWXFej/5aTv3ceqNesCa8pviEH/d5GsS2x0kIhKKZ9E /kFat+1CVrGDUTms/fEbhg1/jxFjRjBy9DDGjhjN8NFj+HnLLpRbxDtdO7Hg4+X4yVrGKkikoKXP R0vnMmfePBypw7rYDtpoPC3xio4wf9Eips79gEh+FsePHmTy1BnMXfwhB44eZebkCXz901aE7yOl RLgRNv28gVFjx7Nu42b279rCuImT2XM8H1/GKMjLYdZ7U/h4+U8IIfCkx8lDx3h/3lwmjR7Pts3b 8LRGSpdovJBFM2byweefBRm4VYKiWIQPpk/nH198h3ATrFj+GaNGjWbUqNGMHD2K4aNGM3HKe5zI ycXzo+xc/zNTJoxj/dZdLP1oKZ/94yt8JfCEhxQuO7ZvZdz4iXzy5desW7GCqTPeR8ZUmGk9zr70 7bz33ntMmT6VYydPIGXgrr1981pGT5hKbk4hvu/jixhz35/FB59+F2QkD+the1LjxhN8MG8O8xf/ g4Tro1Tg5horPs60qVOYMmsRjuuhhUOsMJflX33F6JFjWPzxpxTGEgjPR6sE+VknmbNwPgtmLiT3 +CHuu6UCT9d/iZgX/Db7ZCbz5y1k1pzZHMw8wJw5M1n8xdeBG7d0iRXms+yLL/h/7L13tF1Vuff/ /vWOOxz3vgKiiA3LRcR29cq9XK+IIiBgl2IDRCkRREhoghRFAumF0DupBJQiICRAKCGVVEgjlfSe U3dZa87neebn98dce599kpOC4I9y5meMZyQ52WfVueZe3/m0ITcM46+PPkprW3ucxMSzetUKxowZ zYAhg3lswnSyisN8Tq5GJWvn+acf4cabb2Xj5s38/Ylx/PWhR8hcR+ssHwQNGeYd6sosXDSfSy6+ mLPPPpsRo0bT1NyC94p6ZeWKpdww+BaGDh7I4EFDGXL9AAZefzOTZ8xB8oyF8+YzaPBQhg4ZxPWD +jBs6BCGDhrCpDlzYrs0l9NWauP2W2/jrDPP5IorruSRR/5G7hWREg+MHc7Ng4dyx+330JzlPPrA SIYNGcjAIbexZOVqcl/GV9t5ec5MLrnkCnr16smEZ57DO0Ul1g9onNw7m7Jp42vcfMNtDBkyiAGD rmPwkBsZNGQoDz70KN4L3jvaW1u5687bOPs3PRj3zHhWrF/LbQP6M23ubJYvmckxx/6Qq6++iquv 6c/lF5zGiSedRVu1inrl2WefZdiwYQwZMoSBAwcycOBABgztz/WDb2DGK7MRyXhtzav88HtH88c/ XcW1va/iTxf14NiTL6RSLVNWpWo5wdoIWmLK1Gl894cnU64Imzes4aweZzH24ccK73Scx7wqy+a/ zOABfeg/eCg3DhjG0OuH8uyLU3HajPqAZBlbNq5m2PXDOLNHDy659HKefWES5XIFU8VUKLe1MuSW G/jt2b/l4bFjmLNoDoOG3cjUl+fRvnkTd952A4OuH8oNA4cxcPBAhgwdzMiRY6hWcubPm81NNwzm hkHXM3DgQAYNHsLEKVNj+DexJaTPKjw94Wl6nt+LC393CSNH3c/KdVvwPifTMq68lb/+5S+cc965 /OHii5gybRrVLC+imDq88Y8+/FfOOedsru3Tl8XLl5N7qdcK2bkJ5VIzNw4dzMUXXsis2fOYM+NZ +gwbzLo1WylVtvHQiOsY2v9mBg0exA1DhnLjrTeztb0VzWNrwqf+/hjXDxnI0OuHMHDgLQwePJib br2ZTU0tRXRUkWZR5NIlEolEdyCoxfe8ok1W7J4RYuva7QrDpTD3xPZ0rktg6Tu0gW4h0FevXc/d I8d0eGP+fxLoMfxTIHh8iEXigrRw+um/5u9PPot6QVTItIp5wYtizhDLcc7TtnkJvS6/itUtVdQ0 9mmuhcuLxt7gEgVZZka5KBqlroJTpaqGExd7EIug3pGLUvI5IW8lUyFIHotYicd8FV+89AfJUauQ mVD1ZST3+LyEyx3Oe6riCeW4H3MxV7RqFYLPyMUTMqXiq2Qa+y7namheoSwae5VLLOxltfPS+DKu YljuyFXJNENyw6SEF4+Z4MxQU8RVEO8oO8HnnnKeEaoOKQSHK3paO3PkYpg3zCsmOVWrIL6CqMNJ GdMMJ6HwghUCXQ3vfVwFlmrs0+0Ur4KKoNKKSJWKGLlI7COuFUyqtGsM18+cJ/NlxGdUzLAsINUW vvrZT3PMCWdTyh1eNLYgEyMXxZmi4lEvMbpBclTaEZPY17roEe29ElTQoq91bGNWIlclV8VcFXF5 vB5WWL3ntMae7pIhwcUCZnn8Ha9ajEtFLO5PxVBnqKtiLkZxqCpeWnBiZF6xvIo5h5MQx4Q5JHdI rrSbIWKYU0Szojdq7AMfW4lFL2cuMYetKiWaJUddGyrVYtzG8GfNc8S341yx0qoB75RqJaO9vZ1y uUS5XN7BsmqFYKUYEi9lRNuLSAlBTci9K66Rx7xSUcFXN+KlFXGeqmtl9B29eeT5qby2YhmrVi5l xcoV3HlDbxYvX0tWhGNtv0CgWiWXHJ97KtlWLv3DBQy9fTQrV61i+ZqVLF+zjD/0/CUjHn6cDcsW Men5F2lraaLc1sT48eM5+fSzqOQ5lfI2/nzNn1m2dgNi1AV6FsBchpMKJTNCVcglp+IdzrYiPqAu Q30zJh5RxRm4ov2d+Bxn4LMS7cFwTjBXJQsep55WNUKljEiZikgcB5rFcxVDnOFdBZUsPtMSn+NM NLbfCTFdxHvBaTXOM05QH/Aq5E5pDYr5LahzVMURpFSM/bhoUmujZuYJVkHE8FqkaYin3N71PS+V SrS1teG8x4kjuFLsAa+G+hbKFtMFxDxBNuMkhvyHzJGJUrG4MBXz/nNES/Vn0tShUsGJ1MW5GfVz TiQSie5A/XtIlFxzfMjQPOBCMR9aEuiJndO5sn9KE2ukWwj0bc0t9Ok/iEqW7zIcskZrqURLewnZ LjznH5tY4opQrGJpBHPcd99oLrjgYnzuoygIEvPUNRSTWXzRf2nKC/QdNCjmyYaOfuy1CU/rub/R i+RD7cXdx4JS9ar1RTisWSHwhaBRzNb+L9TCZoN1eOiCL6okF5U4az2azWLuctGiKqjFfM0gBJWi t3IU0rGAWFEgRAVfXFOtV9Uqro8VvxcgiMYCTMV2YmG8osJ6w7VQiRXt1UBUCFJrfRTDt63Yf62l mBXnq0Hq+zPzxf4b8kgpFkHMit7zEv8s7mGtyJoVFfVr9yEKCEGCFcdVu3bFz8TIq2W+9+2jOPM3 Pcmci4W2aqE8AbQI0a6104vXpzj/4pLVPh+sVnXeikiNPFaiLxYaTKS4l1b/bMffa/dYYz6xhvr1 NC3GWcOXaaiPrYYFrhCPv+YlDY2/F4ygMf+s/iWtRRG++jEUI6AQnLE6uaEh5veaunrF8o7ra0Xr wlo1c08wx8033cBJJx7PCSccz/HH72hXXnE1eTVHfOzHHkIe740panExZe2GjeTOo7VFE61CyBE1 mpu2cMXve7G5pbWoGu9RVWbNmMgdd96LNIRmNRKCFONY2bJ1A78773zWbW6OItEUDcprS2dx4aV/ oNy8jSuvuIKze/yGHmeexYUXXsyixYtj/rd5cueiOK+NC4oiZcW18cGKfMDi2bMsPvcqmOb1sdJx XxvGunokgGroNA/E4nwdY71W9C6EWHG17jUOWh8jcYxu/zJmWLEyHuqCNi7+xHkrj978UEQK1Z+L xroCxT0vflekyuqVr3LKz3/e5T0/4YQTOenEU5k8aQYiGqvKm49RMubjHBZqz4LriLAq5hQtxq3W xlqQhkVFrc/HnWb79AKaSCS6EcFi3rmZIJZTMaHc3Exl/dqYlhk0vg/UIqre6gNOvC2paYtylrOt ubnL96nuRrcQ6Fme06f/QDZu3hLF2m4+f/+Df2PMXx6q56zDmzuxZFnG1q1bdzsAK5UKbW1t3X6Q vhuo5daISOHpLb/hGgfdGytEkmDmWLN6GXPnvsTLL89m7ty5O9jixcsQF6u+WyGuouCLz2DVeX54 wk8oVTNUO/cmV1Wcc5RKpU73a2c/3xnee0ql0o69z4sxYWZ4ySmVSrS3l6hW82JhzO80t767UbvM wQTTjEp5K6+8PLPLez537svMnT2fpm2tWK1Zeqjd+0QikUi8UYIZFQMNPkYaVQOvPvQgL/XuTfAu Om5qC7gkgZ7ooHEBPxQOxFeXreD6m26pF4jrzu/I3UKgqxm333UvL7w4eZcVl2vcM+o+7hoxpugl HF+m38yJpSbWdlUl/s0oUpd4+9B4zxurU6b7+4/TERoVPZyqvh4OvT3iNebSSy3ioCOqQlWp5J6j v/N9StUYot2psE1D+Hojtfu5u2e58fNdbafzfNDhiVftyJ9P46Qg1BZl4v1WdTu95/G+FSkaanQO pUskEonEG6XmQdfgUCkTSsaqO+5gTq8L6gLdkkBPdEGnCLuiOPO8hYvpN3DIDsXiuiPdQqAHYMr0 Gdx4863k3u92ghg+5n7uGXVfEdr45nvQ92TAdedB+W4lVab851AX27YrAdbwLD2n0okAACAASURB VDcUrgmFOM5FOPKY71CqZtRWc/eE13Mfd3XvbbsFgde77e5BLT+t1jfV9mDBtSNEvvG+JxKJROKN E9SKlESPtyomgTV338LLPc8niI81PlKIe6ILuvKgL1yynH4DB9cdF92ZbiPQS9WcG26+laaW1vqg 2NkL8D2j7uOOe0f90wR6IpF4oxT57KFzj9WdPqONedINnvdQeKczLxx17HcpFwL9raoiWhePDaHY SVA2UMtjh476D6/j+qRrmUgkEm8esa5PjDb1weECrBx+G7N7nU/QJNATO6crgb5oyTL6Dhjc7b3n 0E0Euhp4g2dfeJHZc1/e7U2//6G/MfbBR5JATyTepoSgWHBYiEVoLOymQFdN2DV6UIOD4GIOuhcO O+JIStVqvdDgW0FHP+3Y/aG2qJCI1BdYiOJcgtULK+7s8x1YykFPJBKJN5EQlDwUXXJMUAmsufsu Xu7ZKwn0xC7p0oO+eCnX9h2QBDrdRKBbUdV4/YYN9Os/gFK5ihetVxre3krldkqltnqF6PhnsmTJ 3j7mtrN/cBuaY5LhsjLPT3gKl1fewPb+Gef3Vh/H29ssXddkyZIl+6ebmURnl2gsYGpgarEWiHiC M8QHxKB1xVI2vTw3dubYSY2QRGJ7zIzWtjbmzZ+fqrjTTQR6IBaKy73nvrH3M/HFyTi/Y4ucxs+H ogVPsmTJ3r2mxaqtWey7Xe8b/zY4tmTJkiVLluztYFa0O/VeuOPOexgxaixbm9vwXjAVVItipxbD 3aUosNzdRVZiz2gsjF3LPe/uY6dbCPRa/28nnlKlws233s7KVWsQaeyz22G1/MZkyZK9+83Xi9w0 9L9OlixZsmTJkkWzGMLuvKdP/8H87NQzuOCyq3n62Sm0V6pkQVDzBKdkZmQpRDnxOmkU6WnsdBOB Dh25L2rGytVruKZ3X5qamztaGhXtj8wMExdNo73VoUXJkiX755ipI6gjSPGcF8/+W31cyZIlS5Ys 2dvFzAQRIfdKnwHXc9IpZ3HCKb/hpFPO5rcXXMrLy5aSiyc4JfdKrh3e0CS2Ertj+1bESah3U4Gu Zqxes45+AwYz5v6/UqrmeLW6OZG6eVXUkiVL9m405z2i0Svgxdf/9CJv+bElS5YsWbJkbwcTM5wZ VTGu6RcF+omn9OD4U3vwk1PO4rTTzuPa/jexct0GrD1DylkS54k9plGQi0hqN0s3FeiihhpUcs/9 Dz3K+RddxsDrb+bhx5/ksXHP0GfwjVx2dT9uuGM4N901MlmyZO9iu/me0Vx/272c2uM8ht56Nzfc ce9bfkzJkiVLlizZ28luvXcUN901gnMuuJyTTjmLk04+i+NPO4ufnXw2p550HieefD4/P6sHd51/ AX8fOqyT0EokdkXNg7502TJuueUWnHP1n3dXuo1Ab8SswwJQyXJWr13HwkWvsmDhIobceBv9htzI tJlzmD5jNtNnzmH6zDnx38mSJXtX2ZQZs5n00my+e/zPeW7KjPScJ0uWLFmyZJ1sNtNemsWUl2bz +yt7c9IpPTjplHM48dTfceJPe3D8yT048Rfn86drBjP+msuYfvFlmBdMOqq4p5ahia4x6n3QFy+h 74BBnULduyvdUqDvjNpguHvkGO4eOaZeGCNYQ+G47XIjkiVL9s42Nah44chjv0dbJUPNOs0HyZIl S5YsWTLIvXJt36GcdPJZnHTK2Zxw8m85+dSzOf+Sy/nro0+TZZ41I29ifq+LCF4IIvV37CTQE410 DIeaQIdFS5bRd8Dg+pjrziSBXtA4Cd07eix3j7wPtSTQkyV79xtUvXDUsd+jrVzt1OIjWbJkyZIl SxbNiXJdv8H89OQzOPEXZ3LyGecxfMT9tLWUqYripMyae27glV6XEEQwTR70RNfsKNCNhUmg10kC vQvuGTmGO+4dhWgcNDWBnuaWROLdhRVVQytZzreOPpbW9hKqcVEukUgkEolEx4K1V6VP/0Gcdvpv GDnmryxZuQavhrpAHhTTdpYMv50XLrmcIB4zxUJRByokkZ7ooFGgmylelAWLl3Btn/6pfgFJoHfJ jDnzeGnOK6hZffUvCfRE4t2HmWKqlCpVbrn9TqpZjqkkgZ5IJBKJREGtyHLuPXfceTcvTp5G7jwi ig8gPlAJgrkq216Zw7IJz8fv0hA9o0mgJ7anUaCrCl6EjVu38ezESZ0iGbsrSaB3gQTIRHGiSaAn Eu9iTAUVhxfFq+JFMPWYyu5/OZFIJBKJbkCtRbETTzXLUDW8F9QLFTOcQSUYoeTJfGxRbCaIKRpi imgS6IlGtvegiyreIJcYrSHSvd/DkkDvAgugIU5IZlafVNLEkki8u4irs51z7KD7rtgmEolEIrE9 gaIV1na5wcEsetANXDCCF0QC3sCCEYIl51ZipzRqKzVDg2Eh9UCHJNC7pFYQrjEkJwn0RCKRSCQS iUQiYsHQAEECQYwQBBcMn4R5Yg9o1FZRe8VFnUQS6F2SBHoi0b2w0GGJRCKRSCR2T4w2haBG8AEJ ivoylmUEDem9ObFLQqCo+WOdtFciCfQueejhv3H/Aw/FSSd0DKBUOCqReHdRe6bLznPiz06hvZpR a62YSCQSiURi55hB8IozwWtAg7H68ceYNeRmghim1snhlUjU6HB8GgRFzVi2YiU33nRbTKdoaNHX HUkCvQtGjLyP4SPuQzXEyceMYAqhew+WROLdRjDFzCg54Yhjf0BbJQr0lIeeSCQSicSuCQFCLlQt J1dDAqy763Ze7nkpwcdOSLXotBSJmmikPh6CQpDYB33RMvr2HZIEOkmgd8mIkWMZMfJ+RA2NsTsQ JFoikXjXEIo2axVRvnnsj2ituqLNWvf+YkgkEolEYndoAMsFsQx1SjnAqpE38sr5FxLyKNBTFfdE V+wg0FV5dfEK+va9Pgl0kkDvklEjxzJi+H2YhlhFMAgEB8G/ru0EDZgJah4NLVjm2LBsBk88M452 iS0EtLa6qMLSmc8wfcrLLFw4i+t6X07f3n3pd10fru07mD9f15/eva+h93V9ePbFSfTt35e+1/aj T+8/0rf3YP7cpz/9rrma3r378uCzz9G6fi03DrqJ/r2v45rrenPNtX249e7bWfzaaireEbwRLENC jgaHhNheTgOE4CBUMIs9LEPIo5kWOUWChli5Uw2CCZqXeHT4PSxZs4Wqz3ho5C089sSTVJ3izQjq CObj9SgeyOA9IWSIKcEchFbUJEYtACFIQ9SC4V2JLeU2nFRiGLL6uK1E4h9ENbaDKeWeI7/zY9qq DlEpvOiJRCKRSCR2hhpYruSW43MjN1g3/AbmndeLUBVULQn0xE4o9BW1tmrG4iUr6NtvMCKSqri/ 1QfwdmT06LEMv3dUnFi0CG0P/nV70DsEukNCC+YcTz14O3+6tg8lDYgqIcT8HJMqN1x3CbfccT/l UjPr1ixn/doNPPnIWA488LM8PXEqGzasZ9XatTS1t7N2/RrWr13HmtVL+NwnDubR8c+ycd1K1q7f wLrWVpbPmcHRR36fVWvWsXr9etavWcVDD47ly//1VSa8OCeKb82wkKFBsWCYUbSVUzQIIWgUKiFa bENF/HnNTDEVqqU2Tjj6m7w0fxmlrMz4h0YwecYsxGIvzGDxXGttFIJ5gnYIdDXBQiG8LSeoxzS2 uIv7FbasW8FZ515ES2sTakpQlwR64g1hFvOeyrnw9SO/Q0sphbgnEolEIrEn+BC/RyvB4/OA98aK 4XcwrefvCXl8bxSzJNATXdAo0EE1sHDREvoPGIz3vqH1bfckCfQumDhxEhMnTkZFCw96LcT99XnV gloUsOZQK2EuZ8TNvbmu3yDKEuICgMWef+Zb+MOFZ3L32EdQEUwEyYUX/v4An//cISxdswHnHF6V TApBK0JW3spH9v0EryxZRdAMNaNqnvmTxnPM8adRkYAzCOKQchPHn3AsZ53zJ5yVCVqFUImrm+aj d1wdXuMqqIYcgke8Ij5ghZfdQi2qIEd8FTOlqbmZI7/6JRa8thqvHnWtlDUgWsW0jBa/m2ko9pWj 6nG+gpjigiEhhhtjLQR1SC6oD8XiQM761xZx5m8vplQpRa97EuiJN4iZ4kUoZ54r/3QtbeUqXnzy oCcSiUQisRs0gIkiJqgLVA1WT3uRZQ/+rchBt0456IlEB0V9rwaBvnbdBh5+5NHkQScJ9C7pcpUv vH6vWjAhmGHmCJZhrkq/P53LoKE3k1usfulV8Zoj2QZOO+WnPDB+QvS8i2HqeeaBe/nvQ7/NuuZ2 RIqVpkAMPVejtWkt++/1SVZtbo+i1xTRCtOeGsnPe11JSQPelOAFq7bwu3N/wcm/upzMWguBXkLF mDp5PKPvGcvokXdy5lnnsXZTE22VZm6//SaOOeo4fvbTX/HCpOmURVF1VMut9OtzDccecxRnnnE6 06ZN5stf/AxrNm2mUmpj4NVXMH7qHCptGxh89aU8+fw0Lr70cq7pPwxXbWHFqlX8+owzOPJb3+KS Sy5m9ZYmMjFMKzRtfY1Lep3PMUcdS48zz2XBgnncP3YEp534Q750yDfo0eNsxvzlEdRVkG7+ACfe GKFmDav7qc1HIpFIJBK7JxaJ09gD3QfaA7SZEsTX26yl79NE13QIdCC1WduOJND/mQQXQ7vNEyQj SCsXnHsSxx33E3pe/HsuvOgiLrz4Ii685AIu7dmD//zi//L45BkEyYpc7SoP3TaMI47+KVsq0bsc TDtaVpixdtWr7P++A9la0kKgC6olHhndm8uG3kpb5slcO6VSxvPPPsN/fOkrjH9uej3EPYSMkOXc e29/DvnvY7h79AhenvsKldZVXHDR7+g7YBBrVq/kpenT+MlPT+bVleuolpr43nHHMWDoMJauWsXc WVO47Pyz+NgBn2VrcxtNW9ZwxP8eyn3PTGHbhpUcfsh/c+o5l/DMuEdZsmI5r86cyNePPYlnnp/E 5nWbeOQvoznhF6eSizJnymP896GH8ZeHHmHV6lVMmTqZsWPHsnLFMu65vi+nnP4bXpo9k1UbN6NS RZKnM/EG6CTQi5eJ9AWRSCQSicTu0WBkoQh1VyN4JfjU/zyxZ4R6lLLW02dDSI43SAJ9JxhvSg5q J4GeE/xWfnbCN/nlL39Hn3796Nv3Ovr068t1ffvQ/0+XcuAn/otnZs4jSDuiDm8l7uh7DT8+5Vxa JaA+CvS6qFBh3pwpfPIT/0W7i+Hpah7Vdu4cei6H/fBHnH/BhfS64BzOOfdCfvGrXzHuuUlURTDp KBIXsjK33HIFvf4wmDZpR5xnxcvjOO20k1mycg2r1yxl3boV9OvXn6efm8b8WZM47GuHs2pbC2Uz 1Lcx8fGRfPJTh9Fezlm/ZhFfO/TLPDFzAetXLuPrh36Np2cuRH0LTqrc0Psqrr71PlauXc+GFWtZ t3IRp5zRg1Il57ennsD3TzidTI2qZOS+jHjBvOevd9/E76+8mlw9VRWC5UmgJ94QHc9SjEgJZkmg JxKJRCKxB5hZ7H9usbBv8DleDVd8lyYSu2JHgR7rXyWSQO8Sb0YmhmhsEQEdL/Kvh1AUSHPBYrh7 vo3DDzmEh5+ZRm0RQCzmwbZuXMyBn/o005cvQTQUgqHENVf24pzLe9NuseJ0LLZW9GbXCpOffYJD DvsumcSq6l4F8RWu/M0vGPPYY3jnKWmGammnxy8m3Nz7TEY8MQmXlRHvmHr/XRz5tSO4pv8w+vTr S7++1zGgfz+WL3+NFyaM4+c/OYe23OPUYVnGwmmP8alDf0yWtbJ0wUt86SuHsmjZayxfNItjjj6R 5eu3ICFDK+2cecqvOP+yP3NdvwEM7nMNg669hn6Db6atdTOnHHME1wx9gKqBqBGcol7wfhs39jmP P/YZRnsw1DuCC+Sh8o/f6ES3RzXWmSjnjkwUMUu5T4lEIpFI7AHRCWU482SaE7JAmy8RylsIIkUR 4FrB37T4neigYywYKrEPujMjF0VVU5u1t/oA3o5MmDiZcROex6u+QYFudYFuJvjyFr7y2S8zYfp8 YvXC2B9SVNm4bA4HfOxzvLphE6qBoAKhwh8u6cm1N9xNJRA98XWBrgQp89Rjf+W440/DmyLBokDP Slzw8xN47Pnn8M5TsRyzys4Fugh9Lj6Zp19aiPcZIp75zz9Oj1+dTlvm8OLwPi+K1BnTXnyW7x13 EltbS+TiCc7x8Khb+ep3z8D7EnNfep7P/8d/8tra9Sx+ZTrf/cGprG8tocERXJXLL7iYR5+cQK6x 0FsQT1mMcqmZ04//Hr+9qB9lJ3gfC+VlmcdLK1dddArXDhhGm8aHOfiAf52t7xKJRswM7z1V57ns qj9RrmaoJoGeSCQSicTuCMGQYIg6RKuEtsDaic8xf/jdBO/RontPEuiJ7WkU6MEML8KKNet54MFH ur04hyTQu+SekfcxfMwDeHljAh3ATJAQq663b1vPlw/6Ai8tXBm3WeSTW4CFM1/kYx/7EuuaSzGP x3KCVbnwvF7cfd/fyYJh6qLnnNqqZcYj94/i1LMuRsyjQfEqZO0tnPHjH/HsjOl4JzjzWMh3eozq hF5nnMS8ZesR7xFTSi3rOe0XP+XmW25l9ZpVLF78KsNHjWFzUxstWzfwlf/4CnfdO5LVa9cxe8YM jj3i65x4+kWoVpn8/Di++rXD2bytifmzp3FqjwvZWnVIEMxnvDD+Kb7+P4cxffZcNmxYz0vTZ3DP mIdwkvPgyFs5+HOH8sLEiaxds5oXn5/CgkXLcFLijhuu5tc9zmbxqrVUs5zgY1hVIvGPYqqICFXn +dbRx1GqVFGNxRgTiUQikUjsHA2GC2DeEayC+cCqe+5i1gUXElx8L43teZNAT3Rme4Euaixaspw+ /QfVIxm7s7MkCfQuGD76fu4aMTqu+llHdcHXO7HU2peZKU49TVs2cM4Zv2bJ+m1xmyaIxjD3eTMm 88tfnkdLuUIQRbRK5kvcdP3NvDhtAb7wNlvRN52geJ/x7BOPcvNdD6DmCMHjVSm3NtP/ysuZu3wJ 4jxqObaLnA5XyRly3eVs2NIcW7wFQzVj9WvLuXHYUHr2PI+rr/kzj497irZKjvmc15Yv5uqrr+Hi iy/jgbFjuG/UCAbeMgL1GTOmTuTSy6+krVxh4SuzGHb3KNpyj6ii6vHVKi+Me4Yr/vhHzuvZi+uH 3cTceQtw4pG8nZemz+KPf7yCCy/sxW233sWGTdtw4ii1buDmW4fR8+LLWLd+U3yAJU33iX+c2hdA LsJRx36PUjXjTatBkUgkEonEu5pCoItHQpU2gzX33sL8nj1ju2CTJNATXbK9QFfrEOi19MMk0BOd GD76fu4eMaZeKR3+MYHuA5jlBPNk6qn6nCzfRqUYb8E8qopTQ32VPHOothG8xfZrliO+hNeA1ft+ GxJiMY7Yd7JCZiCaEULsk27isDyjZFXEO9TKyC7GuIoh0oL4Sn1BwUwxEdS7GDZfPDwihjghWBkT j3qJq6biydUwFUxjLokvBHlFBe8Vq5+XYZlg6rBi1Uy8xMUB06L/fBXVHBVDNaCiqHOItJA7wamg VsVcmu4Tb4T4YGSiSaAnEolEIvE6CGpULEaLmjlaA6wcdQuv9OxZ5KAngZ7omh0FOixasoy+AwZ3 e3EOSaB3yZsl0F0As4xgOVXzVDXH+SaqVmuTFsVwFLYen2cE3UpwhmjAhRzVtnpO+vYC3ZugeRTo ZlVCyBFVTDzmlYpleJ8j1o7bxTjPxXBaQn170bO9JpQlCuNgsdCHKuY9zgmibZj3BC+otqKSo9pR YEvNEFVEPV4dlnmCNypmlINhXos2b4paDI8y9UUuU4wgEM07esJ7RxDBtBkVxZtHQjvBd+8HOPFG SQI9kUgkEol/hCBGi0EelOAVkcCa4bczLwn0xG5IAn3XJIHeBbPmzGHmrNk7VBG0ACaGU6EcfCEc d54HbYHYLiBoDBs3ix7q+qg0QrBikEZRECyPReCIvxuKImihCLfvWCgofte0aG9R7Kf2OTOs9u8g u2x3EYirn4Ra7q116kMY6p8ptltss7Yfgq8vZHQ6f7N6mErQWCRELYb+hyJMvyaEgsW/1w4zhOjF b9hafV9x/4YFn3ptJt4QVlRtz3LHHXfeRTXLime+e38xJBKJRCKxO4IZLhgiAfFGST1bp89g1aPj 6+/Q3V1oJXaPFU69TZs3M/HFF9PYIQn0LhERvPeISCeB7oKhVUGqnoo5zHnEKT503wGUSLyTqVVx 997jnNvhmU8kEolEIrFzJESLKZtCJTicSWpZmthjas4SVcU5l3LQSQK9S2qe3+1Xb8yM3AwnFiuI B0NCDqnVVyLxjqT2nNdMJL5UJBKJRCKR2DUawFxARMnNEaqCKxterVMUZSKxOxort3d3cQ5JoHfJ zgR6UCMTpU09Fe+xqiHO0ORBTyTekdRWbWsrtymsKpFIJBKJPcMCmA94NXLzhIpDMsEXkWhJaCX2 hO11V23MdOexkwR6F+zsRT2I4fMM2biBZWMfQMvt5BIwTYnQicQ7kcawqlpqS+2LIpFIJBKJxK4w LBg+EAsa+xxn7ZSlHP+3GwusxJ7T6DV3znX6WXclCfQuGD9+PE8++eQO+TMur/LKffcx65gfMemb RyLtKymZTwI9kXiHUhPjeZ5z/vnnU6lUuvUXQiKRSCQSe0wQLAjqAyIBpxU2Pvk4c2+7K+WgJ14X qsrq1asZPXo03sfU4e48frqFQI8VyCFozBvPgyEGpob6ou+2xqrh3oS7R9/LXWOGUzHFqWLtZZpe mMqMc3vx0qf/nVmf+QwvfeM7SHsrWa29RPDJkiV7h5kVLWByLxx1zPdpL2eYBszkLT+2ZMmSJUuW 7O1tggsZJlVUlfYgrBw1jFkXXFC0xtX4Dl7r3pNIFOzYZs2KNmuDUqoh3USgayhae2kgSIhiXQJe lSw4fHBYcJjliGSMuvshRtz7CCJC9dUFzDvzdCZ99tPMPujTzP/MF5h68OeYfOT3ce0tOFG8Wezf nSxZsneWmaJBqYrnyO/8gNZqBTVBg771x5YsWbJkyZK9nU0NZ0IuHqeGc8bGO29nYa9LokAXSQI9 0SWpD/qu6V4C3QeCjznjQQMmAZWAGGTiqeZVfLXMLffdxW03DWDqn65i4v/8L1MP+jSzDj6YGZ/5 PPM+/QWmHPxZJh3xbdy21UjLFrStFStVkyVL9o6zMlYq4UoVfnDMdyhva0Lb27BS5W1wbMmSJUuW LNnb1/JKRiUv49rLVCs55azCsntuY9oFlyUPemKXJIG+a7qFQAeL3vMiRyYP4DRH/VZKa2Yz549/ Zv7hP2DBt45n6g9P4PnDvs0r/3UU8z/zZeYedDDTDvo8sw86hBkHfYXZn/kMSz/976z85EE8cOAX Gf+xLzLpYx9j2gF7J0uW7B1m0w/Yh5cO+ADTPvEhpn/iI0w54ANMO2Bfph2wz1t+bMmSJUuWLNnb 3aYesDcvH7APCz7+fl4+YC+e+vf38vKFPQnOE8ySQE90yfYCXVSZt2gJ/QcNTe1u6TYCPU4MZiBm iK9SXbuC+3tdyrwhd7P+5VdorrZQ0hJeSsxbuoC5C15m6eSpzD67J5MO/BxzD/4M0w8+iAUHHcTM gw9k+reOxG9ZhmRb8dJO1VeTJUv2DrPMValkORXnuPq6AbSWK2R5Tuazt/zYkiVLlixZsrezZb6K d1VKPmObr2CtbayYOImF9/8tedATu6RRoJspqsbq9Rt54KFH6p20ujPdRqBrUYDATCmvWM4Lfa5j zTPPYu3tmORURamK4n3AciH3Qlk9vmUrW+8dwZyjvsNLn/8Scw/6PDM/83mmf+O7+NYmcufIRfFG smTJ3mmmiheHVyX3Qi6CF49Pz3SyZMmSJUu2a9OA+YDzgUyVUMkpq2C5EFQJqmjhRU8CPdFIJ4Fe jBOnhjS0XOvOYe7dQqAHCbRqhs8r+GqZJT0vZcXU53GykxsfhBAUDcWqnwqu1MrSe0cx/T8PY/5B /8HMbx5Lc2UDzT4QKmnWSSTe2RjBFOi+XwaJRCKRSLxe6u/KwQhOCFlALf4skdgVoSGyIkZaGCGk 9zDoJgLdTDFRMudYfPsIVowaQznPCPlOZo+gHXkzBqaeYI5cSqxf+yrL+w3imWN/gjRtpaqW+qAn EolEIpFIJLodQQOhKMZcDUa1+HsisTt2FOiNnvXuTTcR6J6KCaXVm5nymwsorV1FVQQT3+Xngxmm jSEWipnHe0/ZHK7cRmnePKpZG7lqEuiJxDscCyBpxT+RSCQSiT0mBMM0hrObBkoBMnFY5urCPX2t JnZGMN1BoGs3DmtvpJsIdEeLeVb+5XnanngKtQxVRYLr8vNTp77EtGkvoWpADLewYGjRpk0thsP6 IFSLUPhEIvHOI5hiZpSdMuSm2ynnDlPFunlxkkQikUgkdocEUHUE84Q84A02z5jKigcfIziNzq5C pKcc9ERnDIJQSy1UVTZu3sK48U+jqt06/xy6jUBXpNzM/KsH07J+NeYVNcVC1y/hd48Yw10jRiOq qEp9BVAthvKYxvwaNQjeCDvLZU8kEm9rzBQRoeSEbxzzfVoqGSpC6OZfDIlEIpFI7A4JoOIRc2hu ZGosH347M3pdSsijyFKzehX3JNITHRgEDyGOE1Fl4aLF9Os/MAl0uotAD8bmF19kwqUXU66WUWd4 8wTt+ubfO+YB7ho9Fl8T6BZ79LmgmAnBGVr0U/fF5LObI+j8z6AxbD7E/4vFqWorjBYnMYue+2A7 7wUY6PhcbfIzYxcFFrb/ecyz19Dxf8FiS4zatuuTasPnXy9mFILHOm17x2OrWdfUj6H+u/HzZh3b 7WLve/izHfdV21/j50On/3v92905Vt9+5/3v6XY7H2Pn6/RGjqlhu9ZxjHFs7rj9eqjSTsLadjV+ Oq739sew6+N6/XT8rqngvaciwhHf+TEt1bz+zL+5+3wr2f01rM0ZIVAUCimhvwAAIABJREFUyQR2 WMDseIb3bF+N+3irr93u7t/O5p/tz6c2z76Tx0MikUi8OVgAy5WqOTJntJixdtSNLDr/IkJVMLWG InJJoCca6RDoYKgai5csZ8DAIakPOt1GoAvLrxrK3MfH4vMyXgPOlKBdD4ARo8Zyz/D7EI256AQt Xlrj5xvzJXYnOEJQCHkUvrV8HC2j5qmI4tUTpISa4s1w6rBcUOcQaUelHVOrT2yNJgYhF7wKpaBo buReUJNOoh8KcRUkTqaBmC9kggRoCxAki30IfYVcFa8O7zLaLbbLcCYEy9Hi5b0mwDod0w7XxDAT nAgmOSZZXPQwCFILa4kLFNEkWhcLDGrggmGaE8THe2MKVsbEIwaZhGI7hYgI0vHv2jFabdGjQWxC x3UpjsEbiComeX3yiCvBkIni1aKQo+NlvX4e212DjvPb0WLrv7hfs/hF1ng89d/fzXUOFnPANIAE w6Qar4uGTp/v/LsdgqPR4g8VgotWiP0givoYPSKWY8U5dBIuaqhT1Mf7bEU6SG0hSENNDNbSR6gX l9FinyHExSsz4jMatL74FHfko70OGq9nLPpYrOyLR9XTnnuOOO6HtJSrxc8k3pvaM2tKMFc/17cP 1vm+Ff82o/4MEHzHGKp9xlxhtXtTjecqRrDNqDNMS8XzSDH2c0TjmKpdz+2N4BvGkCv2bfXnsEZ9 HHYxr4VijDTOrTu+2O3pfSjGWvAQqvWx1Pj81I4vXqvaeGuc9xULhgVf9GoNiHjMuk6RSiQSie5C FOiCtwzvlHYzVo8YxoKeFxFyRUWTQE/slNr7uZkhYry6eBn9B1wf3zm6eaphtxDo4irMPftS2l5b gLgqYuDMCDu5+SNHjeWue0YVIrBD1NVE754SvdlCaBTopmzetJq/Pf4obblD1FNu2cQT48Zx34N/ Zc3y1ajLqahj5dI5TJ0+D1+IlPrLZah5cYTgQyHsS0x/9mkee+YF8rBj78C617P2d7W6hzwPYL4V b4qoo+qFVcvn85cHH2TxtmbMK7l5glYIIesseHcx6db2qepp3baBW24Ywuj7HqCce0x2IVprk3lt O0WUgguGSpUgOWqGmGJaZdxjDzNg0BCa2iv1aAcNHbktOx7vji/3VhOPhUDPxKhWK0x46gnuf+CB aPc/wH1jxzJ7zlwy7/EaolCviaGaN7+raw9dn2+niIkOYdUo9jvEj+50DFoxnqPQNdSXUXHITqJE drhXOxXoPl5DVcxFUe5VEfPodgtHpoZ6j3lHVimTS1wRrYn42jXu4ugLAWT1xZBAg3DaXoQWz8Lr oXYdgykqOXlWJfceEY+Kp+KFbx33A1pKlSjQJZ6rqaEaihC9t2Mbtu0FesO9LBblosi0DtFeF+i+ YYxFT0dQIdg6zAdEXDF/1b48qziX4XLdhUBvWPSsCd4uvO6153TnAn27z8MO29gTOo8Z6dhnF89o h5jXhjFWFAoNhgWHmZDlgvMO0STQE4lE90YDmBck5DE6VZWV99zC7At+X0SbJoGe2Dl1J40a3iuv Ll5B335DUNVuH+beLQR61ryNZ867DGndHF+8QwxN31mI+9+fGM/fn3gKL3H1r8Pz+voGShx4WrzY aSGKMwYNGchve11IOXdMnzaFIw7/Gkcf/W2O+cFJHH3ooTz52Hi2mGfulOe47KprqapiwRPqgikK OTOPBJCgtG14lSO//Dk+dtCXWbh2cxRCxUspWN17Wfe2NnjTJG9n9guPM2nmy4X3XBk36hb23//j PDzrZUSUzBxBSxDKdPZ8W138QKMI7QifN3OsW7mEgw/8d4797o9pq+YdntUuPGs7CPQQqzp6EyRv Z+7MqbwwaRJl5wlB+N0Zv2Tf9+/H+q3NdS+r1tMDrJO3ru6lbhAxtWtRE3BmSi5Ge2szRx72v/yf //Ne/s///Tf+77/8K+/51/dwwEc/wlV//COb28r4QF2g16pPNp5Tfbs7HSRRpNfPufb76gkaIx58 iF7xKJjzBo9kh5iV0HDtTGjatJpxTzzOoqUr9kgA7ezY6t5xMyrlVp5/fjzjnxrHpMnTcD5HJXS6 lmaOSRMn8K1vHcGmbc1FFEqxuERxrWqCvlHUhYbFiFqUQxHx0fg81a7p6/2O71jsUdavXc03Dj+c qdNnIip45ylVM848+1xK1SriM7wrMWXic0x4ZgJrN2zBW7wPb7d3i1A807XFu0jD+AgdiyOdrqV1 XuypLfBgFdasmcmT455i1twFSHEPQhBMq1w/eDDn//YSRLpeIImLAjXPc8exdX4GbIf9d3VeO/ZG 7Ryt0Xi+u6ZztEZ9DtzuGa0fY9Bi/GlxbSjOKWfx4kV897s/ZsWqVZi9viiORCKReLdhAUwUCYJ6 QwzWPfU4c2+5kyCWisQldkrnd0fFi/LayjUMH3Ff3XueBPq7nNYVK3iuzwBcXo5COUSP7M4mCy9F WHaDmPhHVv46BLqPL5gqmGvmV2ecyYyXFyEi/P3xx5g0eTKtLc20lUo88Ze7OOmEE9kqSqW0hksu +j3zV2zAmaIW+7HXXnjNlMwMl+fccO1V7LfX/2P/j3ycPw+8kaqBqcOkiqgjD5AVYtm0gjfDayCI x1eaOOHowzi5x3lUDJwqT426kQ9/6FM8PGse3imZOnzWitcMVYnb9hW8q+LVyNWQ4piCekzyKH7U yMXR3rqNv459gL+Pn0DFC95lDS/BVnjEQcww85hJrLQvMQxc1GJ4bbWJHr8+me//6Mc0VzOcKlMn Ps3wkaNorjpEBfU53ueoeLxaFFcWPfmq0fMtoqh3mAjOC1WnHV5qwKtRbW/i24cdxn8e8k0mTJzK xClTeXHic/S+8vfs/4EPcvk1/XEaw3C8yxG1IvRdUTVEpDAfr4UXvMTQ6dq5mc9iFIWBmBI0I2jW ce5qiAqiEhdk1CGqePFF2kBc/HFqiMX9mzomPz+e9++7L/2H3oiq1S0u7IBsV9jQioUJM6kXTrMi xSMei7Bl80Zuu20I1/a+mqOO+hHNrRuQRi+6KcFyXpo2kV+e+gs2bmuJxRRFMI331FQI4qNHthhr qoJJFfU5FQk47whSQdWR1a+px3xOtVzh7088Q+46Vlf3ZAKvt0sUx+aN6/npT3/K7Ffmx2cgxGtS qlTiuJOMarmZEffcxe/Ou4A7ho/FBfDBuoy+eCtRMUSrmJURX3j7NS/GiiCieC/F+UsM3a9d09rC kmm8R1JFfAtTpjzNH666iF+dcS6ZxfFm6gha4Z677+HqqwcVHS6KYyjuoWqMOBCpRnMB9YpZXhTc 7LhnIlJ8AXfkqNfHXRHqVht3tXG5ddsmJkx4qv58mYb6/+30+qgU18fH9Az1qFbqxysax71zDq+G k7h4YD7HRIp5JyCSoVph+fKl/PqMc1i5dj36OiOqEolE4t1IkIAGwwVoD4rP27FSuePd4K0+wMTb ku2j/UKI7ybOp/xz6CYCvfmVV1jx8IPkkuNr+b6dPE6dafR6vhkCXYMv8lkdzRsWcsY5F7C17DDv Ue+o+igc1FdYt2IhP//5z2hzgupGrrrkYq6/bRSZ1byznlqOrho4y8nbmjjsP/+LQw8/nN/1+DXf OuaHbK1UMcsxX2Lj5vVMmjmbzaUywTIkb2LyjFmsWL2Olk0beeG58Rx+yBc46gcn8PzUaaxct57x 993KRz78CR6aMpOZU2fyxPinWLTgFUpecOJxWYl1q5fy7NPjePyJJ5g1byEVLULRswpzZkxl2eJF NLW0MG3WTDZs2MDsmXOZv3AZmVdWLF3I9CmTmDZ1ClOnTmXy1GlMnTGbcu7QvJV1a5bz3HMTeHLc Uyx4dRmZKC6vMnf6C3zv2G9x6NcO46mJk1m4fCWrVrzK1JmzaBfFi8NV21i+eD7PPP0U455+hpXr N1IVxUvGhvWrmTZtBqXWVubNmc34J8cxb+FS8nrObhToYkbWvpXjvv51Dj/ieNpzi2JSqry2YAaf /MjH+MmpZ1LJPeKqtLdsY8LTTzPuqaeZt2ARmfOIxIWILZvW8/xzE3jq6WfYtHkLs+fMYeGiV/Gi lNq2MXXqZF5rbiM3wVebmDdrMvOXrqAihoijadMaXnzuacaPH8/sVxbEa6GGSUZ7yxYmT3yevz/x JFNnzqa9XGXlsiXcdcMg/vU9/8rZPS9m+sxZtJUrLF2+glfmLyDzQufgESuEuUc0Z9OmjWzYsJE8 87S2tkcxJYp4h2kLTdvWcty3f8aWpuX4usiK47tSbqVcaqalaTNZURxGNYaVmzpMc7JSE+vXr2dL c1v8jIH5drJyE9uqjlw81dbNbNq8mTaneA2xjYtUadq6jZ69rqC97OvifE/ylOKikqdabqPS3kpL Swul3Mf5oHiuTQWVnFKpibVrVpBlVcZPmMhNd47CF5EJrze0/p+N+oBZiSzfSqk9I888ImU2bNnI 5m3b6lFA6nN83s7mTRvYvGULmShiFOPAMMmptDezfs0KWptamb/keX555lnkFheA1JXJq820tbXR 2pY1FEkzxDsq5RLVShmXCSJlNm1ew7YtrYgzREr4vIxKzrZtW1m/YSNV55Gat51Yz0HEs3XrFtat W0s592xpakZUEYnjZvnShfz5z3+KwtrHXHCzGEXTFTFszuF8M+VKS3EsVXLfTHs1o5Llxdh0qM8o Vyq0VxySO6qlVtatWU25muFEEV8lz1spV9ppai1Rrh1/IpFIdGNCgFB0NvIBsiD4IKmXdWK3NEa1 ddR7SQs6NbqHQH9pBq3TJ5KJj0LMOnIru+LNFOhmigZBg2G+wsQnRnDZNf1pk1CIckduoJpTal5M r9+cxsUX96FqGZo7ht/cl2O/cwotWfTkxPD0uL34gt3K3Oce50MfPJC/zHiFZS+N4+CPf5K7//Io ZhlYmVGjh/PRAz/LxDnzMSnTsm0lHz/wYHpfN4SpT41jn/d/gH3e8y+8Z6/3sc/79mXozTfzt/vu ZP/9PsJRJ/6SD+79fvbe+338+ycPZvaS1Ygpr8ydwRcOOpD37f1e3rv3Prx//49y2bVDyUTZtnUT hx96CD/8zrf52lf/h73fvx833nI7//vVIzjjrJ6Uq44rLjmP9+29F/vsvRd7770Pe7/vAxzwyQPZ 0trGjIlP8KmP7M++++zNXvu8n333/wT3jHmQtm1bOew/v8De//oe/m2vvdhr3w9z+tkXctmlF3Hg 57/ENmdkWYmnH3uAT314f/bZey/eu/f7+PiBB3PjHXehlnHHrTfwyQMO4MTvf48P7fs+9n7vPuz7 gQN4aPxEasXLYii2kbdv5rjDDuOwb5xIS7WWA19m2viH+Mi+H+BXPc7Di7Blwyq+dsh/sG9xLvt/ 9FPcM3IMIkJr0xZO+P6xfGCfvXnf+z/AUUd/m4M+81mOP/EkKlnOopdnsN9++zFy3HM487Q3reab /3MIvzj3YprUWLtmGT/4xv/wob32Yu+9389+HzqQEX95jNbM4/My3z3qCD6wz97ss/d72ft9H+DE k37K1Zf9ng/v9f/4t395D/+2z34c8Ml/Z/a8+Zx1zrmcesZZtGc5vnEsB8XM0da2jfN7/pb99/8g ++//IX7yk1M4/fTf0NzcEqMACoHe0rSGY4/+BVuaFyAWw+4JjrVrV/LRD3+ID++/P1/64hdZvbkJ bxReU4dzFSY89Rhf+8oX+eB++3HAJz5N38E34lXJWzfy3186iC8e+g3+9tjjfO5Tn+CD+32Ui68s ohQkY8mC2Tz1xDh+8tOzePb56UydOpUZM2bskUA3FSqlVo484ht86IP78cH99+eFqdOjB11DTBtQ z4RnnuDLX/oCH/7w/nz3+z/itnsf4MY7R0fvueVvO4FuEshdE8efeAwf+cinWDBvKX37Xc1HP/5x Pv+l//r/2Hvv6KrqrP//v+/6rVnjjGNBQh8F6TAoRUUsiEgHAVFRQUEUBEFQ7A1UFAE7FgQRKYoN VMoA0iGNUAMhPYSQXm875dNevz/OvQEUeGbmmUdd5LzW2isSk5tzzz3t/dl7vzcFhaVopTl6aC+3 9+tF/cvqERfXgAmTp1FRE4qaFCqKi3K5qUd3GtZvQLMmHfl02WvcN24sUnueAsk7t9Ky+d+Ja9CY kaMeRQpZW6YuHJsB/frStHFjft6wmzdmz6Bp00Z06tiD4qJKpKjBCpTx0nNP0axpUy6r34AePfsQ n3LQK1s3ikCgmjvuGEaDBnHExcVx79hxjBrzILbjIhybI/tS+O7LpYwdO5pdu+LZtTORfXsPIaVz TrM2oy1+WreMuAb1+ezT5SgVYvbc57msQVPuuPteLNvGKIfkXVto3LAJD46bSOqBg3T5R0fq16vH q7NmI5TmWG4mnTp1oH79OFq3vYr03GOIP1g1hY+Pj89vjTGx6sloi54r0K6pbdvz8TkbtbrKKDyD WeEL9FM47wW61pqKXbuoOZiCUJ4TudYy6uJ+5h5CSyhsGSsXPmUE2r/5t2MriybWw6nDvPfaC8x6 820iUfGupSQSDPPspElMuP8Bel53I6vWr8ExgrC2WPvNR3Tocgs55dXRDJ6s7SdXjkHY2VzXuSVj H36WoFAIu5LHx93PNTf04ljIRsgAKxfO4dJmbdm+JxNpXCqrcmncoD5PvbaAYCRIXm4at17TkSF3 jiT3+HFqagJsXP4Jl15wEROee5eqsnJ2rP+J5nH1mfzOQioqC7mqXSv6jRhP/vF0Kiuq+Wjuq1wS 15hdew5RWZrHTe1a0+jvrXjv4yWkHjpIwfEj3PyPttw99glCrqKi8jjH83I5lp/Bi888Sr2L41i6 ci2WcKgJBUjdv4eqkiJKj5dwy203cMfoKVTYgpJjh7hvSC+69RpOas4xykvLeX7aBBpf2ZlIyOFA /A80i4vj4adepaC0nKL8QwzqeS3N21zFwYJSPn//Ver/+VJef2sBRWUVFOUeoNXlTRkx7qlo3/rJ DLoVKue2Htdy6aXNuLpzN667pjNdOnUkrnETxk5+kYyCYoxbwYQHR9Dt+r5k5pdQHSjgp6/m06lb b/Znp/PKsw9yxZVdWLtmO8FAOWtXfcPfL72E3kPHEHZd0vZt5m8X/Jn5m3bgKEWoMp9bOnVg0CNP Um5VMWZ4X27pN5gDxwqoqSlj6aL3aNa8C0+/PI+jBzZw2SVxfLn6R6qrA2RlHGHT9iQqy4pY9fUS LvjzX3j8xdc4nn8Cyw6QlZlOVlZOtGzYjd5YtTdFQISZ+9oMJj89k9LSMkLBKhJ2b+fO4SMprwzg KonSDkZbhMuOMejWO6gqK/cMCQ0YpZFCceJEIWn74xnc+2aOlxailMDVGm3bZKYlcn3P29i0I4mq YDX5eelMGvsA6xISEUpQWJDGVa1bMH7iNHJKKijKO8rjD99PbkkVjmuxZuUiZr/4NN1v7s2Ls+fw +htv8uGCz4gIbxrBuR4GlAYhBaWlheRlH+LBYX3YsDMJrQWW8ea4RipPMHDAcDbt3E2wOsCBfVsY NLwXby/4AUvZVJXnEKmJILWNdiURaVCF+dScqCIgo20Y0qCkibbHCK9iQCuMMES0RiiBFgJb2oQz s3FCYbTS2EohpcCSQXR2NipxP3Z2LhEnQsCWSHWyn/zU64trvKqHSKSakUP70ff2cXzw6RLKq0oo qwygHIEdKmL8uNEsWPYdRRXlVFfk8/wz03j9/Y8IGXCsSp6Z+CBLvvuZqpoglRVpPP3IKIbf8aBX Gm4UbihMwYl8PvpgNgOHTSEiTNRkzkFqiFghRvbvxcCRY1nw+RIqqqsorQ7gCM+74uvF7/DI9OdJ LygiUF3Khh+/pnf/gRyrDqBFDTOmT2L2h4vIK6kiVF3I+jWr6dN/MAFHYUVCfPn5pzz3xKP0vW0o L8x5h1mz3uDzhcuosRxv0saZrr+AUDZOpIpvl87jmfmfY2lJJFTN1/Pn0Pf2+6gOO7hCElSK/Ylr 6dblVkaNnkRGbh7VwQqC1UFsA8IRnCjOJyM1meuvG8m+zDyMPNtoNh8fH5+6gfe8BFJZCBlAOoZK 6aCdIKa2RelM3iE+dZ3TfWk0Ilod6kjlu7hzngv0WAls5e7dhA7tRSlRK9Cdcwj0nfGJ/Lx9J47r uTzDfybQ4VSBrjA6witPT2XO2x8QVAatBEq5aA3KcVG2xdZNGxk0aAjVloNQNj+v/oIrWnXlcH5R NNskTxqKuS4pCT/xtz/9haVfrqKgupxARTlfLl5Aw8ZNWb8/lYi2WLloNpf+vT3b9mQgjKCi6hhN GtTnmVkLcZVEWOX0v6ELd455uLaUftOyD2lQvzErE1PRyuVE9iE6Xt6Mkc/OJf1IEpfH1Wf2R0tw ZRglJdkHt/LnS+rz5ff/pLzkGNe3b8sN/YcQktHS/socbvlHG0Y+OJ2IqzE6gBIRco8m0qRpE+4f NxXHcbGUIFBRwIyZM7lj+Ahuu74njRpdSp9h46kSGm2V8NDIQfTocyeVlo3W8OK0h2na4iqsoM3y BW9Q76JL+WbTdmylkaKSD2c/R70GV7B9fzqff/AKjeo15XBeCZYQaKeM666+igF3Px41YvMuCLUC /YZruLx5G55+/nmef246HVq3oWevPhQFI4Q1GLeKm7p3omHTdlzTYxA397yBXtdeTeNmV/DjxrX0 7XE1fYaMptqSaGXjhirp2vIKeg8dGxXoW/jbBX/mw03bcaQkVHWcWzp1YPDEpzleWUyvrp1ofHkr rr1lEDfddAPXdu1IvUsaMvr+h6muPs7V7Ttw7c29eXPGDNIPJlMjFBErTMLmVVz4pz/x0twPon3B tie2pEbJ6NgpvKywbUBGihgyZAhVgZpof6+DY4X4+svvCIQshI6Keu0QLs9n4K3DqSqrxI4JdB3r B5dUFmUwrH8v8kuLUEp4It522PzjF4x5aCIbtyeydec2dmzfyJxXZzBm6jQcV1FVmUOnli34ad02 IkahrABvvPgYqXnFCGVhZBk1ZflMeOxZqh231rfAiZrQnEsseb33CqlsHLuKKaOHsWFnEsa42AaU dMlPS2HixCeJRL0QlCzjy2Xv8v6nq3ClRe6G1RyPz0BIjZIGS2kyVn+P/c/dSCFxjMSJ9uFpE/VS cKRnpOcYpDRopRFSYwePs6r3ICp//hktNGHtlYqnfTWfH8Y/wIbHn+C7qU+wbc4HWJURjDzduT72 oCOMQEgXJW3uGTaAR6e+iqs1QllYSmGkJP3gTkbePZx1OxLYsms3u7dt4IfvvuTuMeOpsG0Clce5 7boeBLVAaIFWQfZt2cTd9zzg7TOjUK6LUIIvl37CwKGTTxlpKDyfASUYOeBWbh18HyFHIlwn2ueu cYKVPHLPQD78fBkbd8azc/smErb9k2F33kNKZgGV5WkMuKknlY4gojTGEQRrKlnw2RcEnZjfhUV+ 1kFmzniVGo3n6eBoHM05BbrWAqMsNq9ZxDPzF2NFt3nD8k/oN3Q0NWEXISWWgfRD22gY15r07AJc rXG1hXIVrvF6/YWyCZQXcGOPe9mXmYeW/pOmj49P3UZH73lKuigVwTiG4uRkcn5cHRXoUc8nfHHu czqnCnQlBVIpjheVsPqnNXXewR3Oc4EO1Ar0mv3JntGWsv9Hgb542Zcs+mIFQqr/VQa91jk4OqbJ aIs3X3iSN+a+Q9iAMS5aO7hRUayFTcSq5IlHpnIw/ThKhtn4/TLadLyOjMLS2h5YHRP8ooyXnprK hX++lIsuqcdF9S7i4osbcOnF9an3178wYvzjVCiXbz59k7imbdmekobUitKSPBrHXcZTsz5GaIUI FTHghs4Mf2A8wegIus3LP6RhgytYuTcDpW1O5BzgH5dfwahn3iXryG7+Xr8+sz5YiFDemKr0lE38 +aLLWP7dPyktLaB7h3b0GnY3QenNna6uzKVXp7aMHDMN21WgA2z8YSWtmzbkocemUxpxkMLBtoLM ePhO2nW7ju37DlGSn8vgvt25bfBEqlyJtCsYe9cgbuwznGrbG5n38tRxNGvRETtos2TBHOpdVJ+v N2wh4kpct4Z3Zj3HZXHN2Ln/KIvef524y5qTdqwIoR2UU063jl0YeMcTpwl0oTyB3rtHN665vifl gRBShlnz3fc0rN+AN99eTEBojBuiZ4/O9O4zlIKSKgpLT1BeeoLC8hJKS/Lp170LvQbdRantGfZF qkq5usXlpwj0bVx8wZ9ZsGEzrtZUluXTvX0bBk14ivyKUm7uejXD7x5NXmkFpaWllJUWUlJYQml5 DUJWUVpUxHfrNzJ/9mx6XdeZfiMepspy2bP5W/72//0/XpjzftQczhNYQujo+EAXY1yMsQkbjVNz nAGDBxOwLLRUaOWglUAK45lkxQS60gTLTzDg1qFUldZga6LlbTJqQmZTWZrO0P63cKy0GKkEttEo 2+af33zC3SNHMuOV2cx89RVenfkSb7z8El+sWo10BZWlOXTt1IH0nHxsrVB2Ga+/9BSH80txtI1R JVSVHeORKS8RcIS3wKVPcYg9R494zMTOyzZXMOneoWzYmYjRbrR1wSVj/26mTH2BsAZXSbSqZtPq Jby7cAW2ilC1+htKdx/BUi6OlkS0IH3VSuytid7sd3WyukUrjXE12vH2n1IKIzRGGlytyVz4Hpkf vcfm6dMJuRJpR1A11aRPfhVdU4MQEhWyiRzJJeiGvTLuqD/Cqa03yjhI6SKlzb0jBrJu8x7sqHGc rb0M/oHkzQwacBsvzXqDma/M4rUZL/PqKzNY8MVyAq5DaUkOva7tQUi6UUNDh7SEeO6/f5y3CGI0 ynVwpWTlsoUMHjbRE+jRa5xnDOlw58A+PPfucmxl0MJGK89oM1xTxajbezPpscd56ZXXeWXmy7w+ 8yVmvjqL7KJyiopSua17D4KuwlYK4yjvWiA1EeEZ1ClhkZd5kBkvzaBKSYR0kY72jC/PMUpQKq/q Y/O6z3nhg0+xlUIrwbefvMttg0YRtFyUkggDRw7uoGevEdhaYyv0lc02AAAgAElEQVSJ1C7ajX5V GqEFwYrj3NjjbvZHBfpp7u8+Pj4+dQxtJMJotNBIo5DCcHzRQvY+9hhGCLRSvkD3OSOnCnStFFJp Dh/N5I05b9UaxtZlznuBDlCxazfV+5KQ/2IG/fNlX7FoyfLaWczwHwr02NzdqEBXKsJXC9/mpVdn E1QGIcKsWfMdx4qKiAiBcG1SD6cwavg9FJTWoITF14s/5rqb+lMciCCkW+tAr7VL+sGNXN6oGW/O XcDx4nxOlORxorCMwhPFfPH2KzT7e3s27Exh549f0jSuCa/Pe48jRzNYtOATLv3bX3nmjQ9xlUaE Kxk1pDcdu93AntQ0iiurWLfiE+Ia/J2v92bgSpui3CP844rmjHn6bUKBAm7uejU39xvC3uQU0jOO MOO5qVzWqAkph7IoKz1B944d6D3iHkLKywxWVebQ6x9tuGfMY1i2IPNoAl07tKHtP64lcc8BjmTn kHrsOKGqYh6/sy/tu13H1pQD7Pp5Ex1aNaX/kAne3HgnyPRHx9KseRt2xO8kt6iUl6c+xBXN2+OG bA4f2kXrFi0Y/eAkDqQeITklme5drqLjP7qSU1TGwvlvcllcCzLz8tHaRoogXTt2ZdDwabUC3QCu VFjBMvrccB1drh1AWcATQm6okikT7qZJs8vZGr8H5QqenDqOJo0uZ836zaRlprI3ZR/f/bCFSKCS t2ZM5vIWLVmw4gcyj6ay+OP5NLv4b9w27EFCrqDwWBqNL7mYeyZPJiM7h+UrltD4ogsZMn46lY7N xAdG0bJVB75fvYasrGz27k1i0dcbOVJQTXl+At+vWktq2kEyM/KY8eKTxDXtwLHiSlKTfqbehRdw 1/3jycjMJWQFyc7LJSMzF1doT7gYh4jRGFVNWLhMnjiBhd+tQ9gOQthUVlWSkLgPy/ZmPksRIRK0 KCnIZOBtgynJr6DSsrCUZ2anhI1lBTlx/DC3D+xNdkEuoXCIkFIoR7B31088OnkSJWUVuFLiuILK kkpOhMNox6G86CidOnYmLes4rgzjBMuY+cLjHMoqICwttKogVFXIg+OmUl4dQAqHouJiiktKo/1v 8uxz4qVECoegFaI6UMbEe4eydstOrHCAsJAIx6K6OIt+/Yew98gRIpEgeTnpjL3rduZ8upAyFaZk zUpKV64mkr6HSNoBwmnppH/8EZXbkwhJ7ZmQKeO56RvPMCeiNbZyCZsItvIM25yqElJHPkE4L5eD 731MIL8cGQ5jWVXsffplinYmUlNcgQwFkG4A1wmjpMXRtMPkHsuvHannVS1YKNchGKrhnjsGsGFr CsFwANuJEFEOQkYoL8rjsYkPkZWfjeu6SFdSEwpRXFmJqwS2E2Dk0P5s3b2fcMCiInCc156fztCh ownbAlsLhBUkEIywfPEnDL59HIGQRdB2omaFDk6kmmED+/Pagq8JWDaubXmTAzQo4TBn5nN89+3X hCwLpRW2FaKwpJCQK4mEwzx49xB2JsQTjrhIN0BpWRk7k1KwpZfx1lpwPPcoz05/jjLbwXEsThwv oqCy+jRH+V+itEAqi10/f8mk516kMhiitLSEyfffRe8B91EZsr3JDq5kf9IWbus7khrboiYSxhES ZQlcFUY6NkErRHlROj26DyU59ShWMFxr2BhzxPfx8fGpUxiBMF5VmWugxkDh4vmkPTbFy6BL+T+P m/Wpk/yyxF1pSMvI4vU35/3LE3rOZ+qEQK9MSKAiJQGl5W8s0EV0prXncGm0TdbBHUx8/CWqhcZ1 Qnw8/y3adWjPgw89xPgJj9CtS1c++ehDpFY4UjLn5eeYNP15IsrLVKnoOCyjbJ5//BGubNmR8rCF VDbG1UhlI5VNUc4huvyjM3fe9xA1ZWWMGjaUevUvI65BE3r17E3zZg14Yd5H2FLhCMk/v/+CJk0v 57J69Xjjrbf56bulXNG8JT/sS0dJTXFOJt3btmXcs29iiQi5GWlc070bTS6rz2Vx9bjyyiv5aMFH OFJSWVZAr66dGXjPaMJSoqQgUHOMAdd2YuyEp7BtwbNPTCDukvo0aNyKepc05NLLLqVpiytJy0zn UNJmWrVqRf36jencsRu39OzC0BEPE7YFQtgk7dpAy1ZtiWtQj+H3jmXmk5Np26ErViCMK8pJ2r6B Dm3bU/+yOC6Na8i1Xbvww+o1RKRmyYJ5NL28Lbl5uQhp47phbrzuRu64d8qvBHokWMaQ3j25qedg KkIuUkqMEyElcR0tmrfgzvseIhxxCFTncc/wYTRocAWXxV1KgwZNGHHfBMpKywlXnGD0vXdxWVxj GtWvz6g77+Sqy5tw27BxhFyBcYPcP+x26jWKI65BQ27odTPXX9WJOx99mhopqS7KZfSoMTRu0ID6 9eNo0LAJ/YdP5Muf4on/eTkd219F/QaNaRTXiMZNm/LsjNnYrk1NuJJnn5lGo4ZN+PsVrUnck8SE SY9y/5jxhCIOKprxtoxnpCWUS8ahRK7qci1jH3iARyY8xC239GL0/eOxIg5K2uxPiefuO0YzdEhf 2rRoz90DhnP7iDv5dt0GhGuzbctmhg4dxuCB/WjTogVDhgzhjmEj+GbNOpSjsIIneGDMAwwZNJDJ U6Yw/uEJ3HDtjXzx0xqkXcIL0x6h6d+bcd+YR6iujDDrpSe55qpuDBgynL2HDiJEAG1XMfre+xg5 ciQTJ06ia7furPjm+9pyan2WniUtBTnZGYwafT/Dhg2ja6vm3HLbYO4cNoxX31yE4wqUVcZLL79C 69YtGTawP1d17sykSQ9z/Y038dX6HyhYu5L19zzCj09MZc0TT7Jm6rNsHnYP1oZkXOmN2guXlhIu LiZSWkywvISa0mIiJwoI15QQNgpHOpRtW0vi519jh8o5lridhJlvY7k2trKROQfYP2sGXz14P9ue e4aKlGSEcBFuhNt692LK408gdPRhR0mMjhAsK+OBe+6mfasW9Lz1dobfMZzpTzxFtR1Gaa8y5cP5 73Ht9dcw/qFxTHhkEj179WXmq7NQ0WvKrh1radDoCob0HUyv/jcxccxdXH/tDTz/8luEZYSF781l +LC76dWjO61admXYsBHcNXocuUXlBCtLuP+uYbRqeSWdr7+F24fewTPPvUC17TmdG+WQl32Ynjdc wwP3j2bio1O4Y8QIbrz5RoorKnCkJCVxKy2vbMl99zzAxEce5sabevLg+EcJ2Y53nTYKK1LB+DFj uHfcOB4aN5bu1/Tgx5+3n3Ume2w6gWtcTmQncs1119Gvbz+u7tyZ56c9QKeuvfjosy9whMOXny/n 9j69aHllF4YMv50Rd49i/cYdKEfhyjApCTsZfuddDBt8K80v70KfgYMYOfwO1m3egasMUnPK/aJu P1T4+PjUHYyShLX27iVKEjaQv+RjDj42BSM8ga5jlWW+SPc5BV+gn5vzWqDHPtyqffs4vOaH6Cxp 96RJnD6zQF+y7EsWLVkWFdX/JYGuDEY7OKEiRo56mKzCcpR0UCJEWVkxe1P2kJicQlFBKZYIoVSE sGvx/LQp/Lxrr9drGb0IxgR6Rupe9h5MI6AclHYxjsHoIEoFESJEaup+Ug4eosZ2CFaVkLwviUOH j1BRVcnePTtILSzySrk1KKeGwhP5JCfsILewkOLyQhKTd5EbsNHS4AYDpCbtYP+xQi8j6roEgiUc 2bufnUmJZJcUo5Tt9YbaNRxJjmff0aPY0kUrieuWk568k0OZx5BCkpeZzO6EBJJ3J7ErPoXdybtJ 2rOTciuClDbFJ46xN3EPpYUVpKYlcejIURwpEVKgRIDCklISknezP/MY+dlHiU85gLBchKxCO9VU lhaTkrKPxH0HqK6qREqDqzQlJ44Sn5JEOBKMzkh22L//AAcy8lBRN0kD3kxzN0jawV0cTN2PJSVK C7QrEVY1KXv2kbTvMCFLoUUlbiRIZlYuO+N3cfhoJlWuhSs12tJEaspIPZzAof0pBCtL6dLqSvoO G0fI8fpjIxVlJB3ez96DBympqSJ1bwp7snMJShctAoTDIbIzjpCQGM/hzGxCYYEtDUoFqSovI+Vw Gim7t5Oae8wTc3aQoJKEHYucrHQS9+wnEA6RkZ3N0QxvNJrUEh2txggbr5fedQNUFOexbfNmNm5Y z8HUVIJhGym9io2a6lKS4lNISNhGQnwye7ensCMxgeyiYqR0KS8tJTEhmaSEZJITE0hK2Epi/G6y i0uQQqNFFRE7wt6UZNatX8+2bTvJOppFtVQoWU76oSR2JyWSuHcfVliQkZZEcnwK8UnJVFRXoaWD EQHKinPZumUNmzZv5mh2LhGhENEZ8Gc7R7WShALVJO5JYlfCTvbt3sCuJG8796Ufw1UaowJYdoj9 +5LYuG4NR3KPUVpTxd7diZwoLKBi7WpCWw+ghY0jbYS0yf5mJeHNCQgpsMrLydm8lfwNmzj+z43k bdpI9s+bKVi7ifLDh4kogR2oZO9Tk9k69il+fmI6ux+ZTPLVvcjPzMF2XYQtqXEsVGUpkSMpbJ04 nUBhMcIJs37dGj74+FPc0wS6hbAskhLjSU7YxI7de0hM2MWB/QcJCRupBUpKHNsiO+comzetY8Om TexPPUIoHEFGx60JYZGWuY/N/1zN1t27CVUVs3dfIofScrCURV5mKgnxSSTGb2VXYrI3GjHlAJWW i2sH2ZuwjaSkJOITdhOfEM/ew0cIKB1dCLVQToiKknx27tjK2g0biU9OprSsxPPA0GG0oyg6kc+2 bRvZsO5njhxNJ+QIT/hqEV2cjFBQkMm6rT+zZfMm8vMKCCt5DiMZjdIS1wiMLONA+hE2bdzIodRU AhU57Nizn8z8EzhScDw7n727t5CwO4HdSTvYlZTI8cJylFA4yqKyvJD4xHiSEjcSn3CAXYkJJMXv pqCsAld7Jkmxv+kLdB8fn7qCUZpqrXG1RLsuUiqOLV5EypTH0UJ6LXMxY2NfoPucwq8Fuo4K9Ll+ DzrnuUCPUZWZxY6576Icz/HXNgotzu4O+PXXX7NixYr/uoOg1hopJQ8++CCrVq36VY/FyZEDLkZb FJcU8uSTzxEKhv+r2+Hz22MMaGnhuqV07NieQYNHE7YdlDn7iCifcxAdy4ERaO1SUVHCsfwcCgry KSgo+FWUFJcjXYOSnnkbRp3TUdbWGulER7C5mpCIEPj2R2p2H0Arg1IaR9rkfLMJe0sKWjtn3kwD RnqO50EZJLgziZ3jplF2JIeC3Fyq0o9wYPFi9r4yFxOpIpB5nMqaCkKBIuzMDNZNe5bqwjyEcFi5 ciVbt279v9unf3CM0QgjvAc97bUtaBWgpDjvjJ95QUEBx48fp7q6us7f6H18fHz+TzDKm18tDUIZ bBOhcPlXJL7u9xH7/HsopcjKyuLdd99FCC+BWpePnzoh0O2KMrZMegarpgrtSpyYidNZPnittder +V+8uMTKNbTWJCYm8tFHH9X+jRgnBbrXK596+CCrV/1IHT4+zxs8oWYjRBXz57/PihU/YbkCdY4Z zj7nQoOJjh1ULnPnvkm/fn3p378v/fr1+1U88fizuHbMwV7+jwJdG4kSCmFA2xpLuuRt3UbpvjSM MmitsLQga/02qhIPIMyZq3FqDd2UIuiE+eG1eRz/cQvaUkSkQIswurKEne99jHRD5Py4moRXX2fD 40+x9a23yduZiF3tIm2FlPK060VdwxiNik2x0KCkRIoA4x8ec8bPvF+/fvTv358VK1b83pvu4+Pj c96iDLgGb5SxcHBkiJCM+GXKPv8ysQSmlBIhxGmaqa5SJwS6sMMcHP8MNTkZaNetdU0/m6GUUt7D 8H+7xCL2WkopXNf91eufFOheKb6QLlIoX6CfB3gu4gKjI9FxZybqQF635zz+50Qd96OjByOREIFA NcFggFAo9KsIhyyk8Macae3NEz9VoMfOw9qvykUpQcRotK1xhMSybHQkOhZRa8JGogMWdtjCMWcW zjqa7TXSYAmBUxrArXZQjiaiNa4RaGkhKgLezHhRg6ooRhcXIQOV2EriOt6MeaVUnZ4Laox3vnjj 00ApiVYWoWDVGT/zYDBITU0NkUikTt/kfXx8fP6vUAa0MAilsY3A2AJhS1ypfJHl8y8T00Oxr/4c 9Doi0I2RZLz0Numrv8UIy+sZNGfvQY89CMdE+m/PyT5GfyzF+UQ0exsTh7Hv+fyH6DPEmTk9W37y 57TSOI5TWy0jhPBWb6XnHG4ZjXa9UWlWdGSi1KCU8cS7VAilEOYss7iNxo0KdKUM2jE4yqBcg9Be 1gE0xvXK6V1pTjGBMxhpkOfora9rmF/uZ3P20Xo+Pj4+Pv+3KANKGISMCXSF4xhc5Qt0n3+PX2bO 6/pxU0cEuubE7ni2Tn8aYVV5hmtKYc7S/xt7SPdNCnz+25ioIIsJdZ/fijML+Ng57rouruvWllnF Fua0jpWoe5MYtAZHg5IGYUBKT3AbdWYJraX2fl4ZtDII12DHXjP2+tIT4jr2c9p76HEMhLUiYgTq LAsAPj4+Pj4+vx8nx4oqZXC0JqgjuNrxRZbPv0wsMRp7Hqvr2XOoIwJda41bVULSlOmESwuwNUgh Udo5JYupMcbLbGZmZpGWdvQPItB/77/v89/h5PFltI4anCm/QuI3Q58106q1xhWCVatW194YlNa1 4tkb36YxUavumEA3eALdlgYjzibQDa7yzHPUKQJdah110ff+xskxNA7aOBgj0Nrrx1JCntUvo67x y/PFP318fHx8fj+MlkgjvUVroanSgsCBwxRvS/AqUVXd9U3xiaFPJiSU+dW4PYPXNuhKSXlFJfv3 H/Cz6NQZgQ6ODpP77Wpqft6OrRSOEihlR3vRXbRx0UZipGHxkhV8unipdxD9b8as+fj4/MGJim4p 6dmrDyHL5n8sl/8f/n2un49lzs/+O6eX65/LyM7Hx8fHx+f3xEhFQGtcraItX4Zjny9k/2PT0FJ6 I12jVWNa+8/RdRGjFbZS3mQcS1ElHCJK4QovcaGUQRmNrTWHj2Yy6425p/Wj11XqhEBXGrQtqS4o YN34aUQK8xHCRUntlZcKjZEyOmsXPlv6FYuWLPcepH2B7uNzHuOd37ZU3Np3AOF/QaD7+Pj4+Pj4 eBNKIlqjtWduXG0gb+nHHJwyBeMLdB/AKI0rNcqVVBzLImKV4UoL4XqiXAmJFgJHCo6mZTDv9Tl1 PnsOdUSga6ORlibiSvZ+/AknFn+GcMNIaZC1M3W9PlBlYNGyr1i4ZJlXfuoLdB+f85bY+W0JSa/b +hO2HeDsIxh9fHx8fHx8PIxRuEajpYs0FkENBYs/JtUX6D5RjDJElMZSEfY89yxpYx6mavcOXCeM 0C5SS6TSaEdzJCOLmXPnnObmXlepEwIdNI7WKEejrQB7Hn+G4r0pCOFiaUGNkQh10qhp0dIVLFnx NUKq2rnDvkD38Tn/iBmSBC2bW/sOIBCKeOO7zjKC0cfHx8fHx8dDnSLQtY6gXEPeZ5+xd9oTaNdF GeUL9DqOUd4YPiHCZEyeSuqVbVnTqQu7xk3BPVEYzaZLlGU4kJXDC3Pn1Tq612XqiEAHoTVaKLQW FO3fz4ZHn6Y6Lx1lhQhpB6G1Z16gDN+vWcfK739EKIVSvkD38Tlf0VohhMByBQ+Me5hgOIKUAr/E 3cfHx8fH59xo440ZVcpFKgsTMOSsWUPSW/MwrkBpz3TVF+h1F2PACINxLQ5Pnc7Blq3Z06oNB5p3 YOeAOyhYv4ZIoAIhJFkZx/n0k8/8DDp1RKAbQDsuSlkEjCYS1jiZh/l2QH8Of7gA7QZQWtZm0G2l sIREKoUUAhM9SDxDOT/88ON8Ca0kSkocqQg7AqEUUgqMVr/7tvnhhx9++OHHHzqU9HqMtYslbbSl qREhdLgcLQRSe0LLqJOu3L/7Nvvxm4bSGqE9c+60ac+S1aItu9r8ncS2zdjf8nIOXNGe3TcMoWzf PiLKQSpZO3atLlMnBPrZUMEQxzZs5NDsd1k79RnWT32SrY9OI2nsOLYMGcT2wf3ZObAPuwb1Y9eg AeweNICEQf398MOP8yTiBw0g4bTzegDxgwYQ/wfYNj/88MMPP/z4I0fSwL4kDepH/OD+xA/uQ8rA XiQM6sfOIQNPub+eGr//NvvxW8cAkgYOIeHWQRy8qivxrZoT37oNR1t0JLlVB7a3aUtyqys51Loj Gx95HBWxfm95+IegTgt0VwuEEuigg8ovRaYfw92bRmRbAkfmvEXGvLfImjuXrLlzyZz3Flnz3iJn 3jw//PDjvIm3zhK/93b54Ycffvjhxx878ubO5fibc8ibM5djb87h+JtvkvfmHHLmzsO/t/qRM28e OXPnkj3nHfLmvkNy34EktmlDcqs2HGrZjp1tW7K3VTsOtOlE6h13UbR2DcZ1f295+IegTgv0iNZU abA0CO31qUutcJTG1RpHShwpcY3GNt73tPDDDz/Oq3A1SqjT/v27b5Mffvjhhx9+/MFDSok2FsI4 aK2IGHBkBGNZaEedfj/17611MoyjsYXCliHSpjxOVotWJLZuxZa2LSlo3pp9PQaQvXEdIVmKUpFa 76+6Tp0W6Fp6zu4ietEwUqG15GDqIQ4eOoAUIYwOgw6jjIXUFkJF/PDDj/MkXBnGlSECVpDPVywn ZIdwRQihwr/7tvnhhx9++OHHHzls5WALQVgJLGGoVobiI/so3LIJKbz7qKsiuCqMf1+tmyGlg6MV QobZ9/hUklu1IqVlaw5cdT0pM2ZQeSwXS7pEpKCspIrEXSm1JnF1mbot0LVGKYVtFForjPLMDBYt /YoFny1HSo1W2nN31968dKmMH374cb6ElEipCdmCnr2HUBNyUEKhpP79t80PP/zwww8//sChpMFE FEIJpK1xXUPOZwtInvI0xvbmWwulEEqjlEb9AbbZj982hDJYWqNci9Qpz7Cz4zUkjHkIKyEJHbFw hSKiFWEpST2SyazX3/YqM7Su0yK9Tgv02Fg1x3jiO+bivnDZCj5duhypNVpJTnN0Bj/88OM8Ca0l UgrCruTG2wYSsByUcNFK/O7b5ocffvjhhx9/5FAGtHAJGQvblUSM5MSSdzgyZSrGlSglkUahjMIY hTH+c3RdC61BSoO2JDnf/kDF9q24gQpcJXGVRgqFFC5SRDiSkc2sOW/7Lu7UcYF+NpZ8sZzPPl+G 0l6WHSPBuGDE771pPj4+/0VMdARMRCpu7DOYgO1gtMafg+7j4+Pj43NutPHGGAvtIoQhZOD4kndJ nTIV42qUVJ6IN3jzsM3vvcU+vwexbPgvRfepx4RShqPpWbwx++06nz0HX6CfkS+WrmDJFyuiKz8a jPLEufGNC3x8zi+8m0BEKHr2HUzQF+g+Pj4+Pj7/EsaAsQUhLbCUQRgo/PQjDk95EiM0WipPxPsC vc5zJsF96jGhNaRnZDPbF+iAL9DPyM9btvLzlm2cvI7Esuh1u9zit6Kun5Q+vyXeim7EFYy8/0GC lu35UfjHoI+Pj4+PzznRGoyQOFrhKoM0kPv91+x94y2M1GjlCXSDL859TicmzmNJEaU1OTnH+Pjj hX6JO75APyMGai8ocPIA8h/afxuklL6Do89vQmyV1hWSopIyXCHr/E3Bx8fHx8fnX0Eb7z5qlMG4 BtcoIqEy7IpytPKzoD5n5zSBbiRaKxwhqa4JnrEcvq7hC/QzcEaB7pfm/GYopWpFuo/P/yUxgR67 Gfg3BR8fHx8fn38NY7T3vKyMJ8iNxNES1yiUL859zsFJXRUT6BKlvUy6v7DjC/Qzoo1GnnKQ/Kfi 3HAy8x4b02aMxkiHsC0xWqC0RBtQSmK0jZISVyvv+zKM4ziewYZWYNRJZ0TjGVwprTFaoEUEaUBr ET3IQSp9uvv8Ke/h1O+fud9WgxEYA9ootPH2A8YBI2sXMTjl972LdPQEi16wlYm+Z4P3e9GefhPd r945qGvdPZXWZB3dx8pVPxEREq1cXANKhtDaQmowRqKNNxZP1C6kaM9tn5MLLMoItFZIE9332omO 0xMYpYlojdHeNulTPuPT97F3w1FGY7SLNgpldHSfeJ8BRmIFyykqLKQydC4jwV/2Nkf/2wgwCq2l t0+URmlvnwvhUlF8nKLKoPcelIp6IngR6+0itr2nHHex9xLbTqNV7fd8TqKUQivv5qCjZVX+zcHH x8fHx+fcGK0QRiM0OEajHYkjNELr2mc6Vfus6eNzOjGBHtMuQp1c2Knrz2G+QD8DQoOrYgL9pKj5 dy8wOiqsjVRoZZAatHZI3r6Bx56aiRMJYCsbV2uEtHAixcx78x3W7NyDLS0Sd65iwaJFhIw3Dspo F2W8sRZGa5QbxhYSaVex+uvPmTT9WcY+cB/PP/c0u/fsxRLe3EmjVNSR/mQYJTFKegLZSH4l0o0E Hfa227hILdDSgK7xhK4BEXt/2hPXrgEjbFwtsTUY1+BojdYuRmkwoei+iKCli3Q1Unj7WGuBMRIp bd599VGGj51ElZBoGSKkNMlbv2X8mDH89PM+hLaQxsU4knDt/pAYJaLC3AthLLR0sISNIwVS1iCk wKopZdqjU3nmnYUIN4KRAlefFLjyVEMTJRDaxjYKrQII7WAbhdQOUnuLLY4b4NvlH3FF02bM/WDl 2Y6GU4wGozer2EKFttBaIIWNkgIlNK4SCOVy4kQ+/Xp0Y/DIRwhaAiVF9FgQGC1RBqSJLjQoXfv+ Y6MBvf/vLU54CxTe93w8YhlzpbxxMFr7fU8+Pj4+Pj7/CkZLwkYhNNhGYyICRylc5SUdlFHeyGK/ EtXnF9QmwqKaRiqJMCD81gjAF+hnJL+wmLwTxf9rgR7LfNcKdOWJvEkPjWXZd+uR0kUoB6UFSgTZ uG4VjRs04f3P1+BIh/LCLJ5+cjqlIcvLGGtRKz69nh+HssJchgzqx5UtWzJhwgRmzJzJqPvu4+9X XMmW3ck40vs9reUpmeXo758Sv8TLbrteX5GxMdr25sQb1yc2JzUAACAASURBVHtPRp8UisYbo+EY MFIgtUBoMMIgtYsyNtpIT6ArF+GWMfGhUTz1zIs4UiGVQUmFUTblxdnc0r0zi1etxdYSJV2EDDP+ gbv40/+7kBH3TaHKcbxqA2VQRkYzyNpbBCA2d1EhlYVUNp9/+AYD+g4kNS8fKSU1lYU0b9qMm4fc i2NH0EpGqw+iiyommtHXCqMkUklco9HKRmqJMApdm41XOFqya+taHh4zhu/W7T7HERGbCHAyjJHe exAGoyz27dlEz1v6smtPKkIJyitKmfnkFF6Ys4CwIxCujRsV3Tp6fBrtYlSkdqGkNoMeq0owRBcD 5Mlqin/zWD5fOSnQFcnJyUgp/RuDj4+Pj4/Pv4AxCttohDRYRmGETaTgOFXpWSjlVTEqc7oY8/GB 0ytVvZG3ippIhMzc3NpESV1+HvMF+hlYtGQ5C5cs/18LdBkTe1pGhYCNG8zn/tFjyS8LIrVCShut whzan0CP63tw9T+68P6SrQgpUXaYZ6c9zA8bd+AqHV2N1LVl41qEePfVp7n44jjWbt2NcmoIK5ew HebAwVRySspxtcIYCyWDBCNhHOGijMYxeGVH0vZEvwYhXCKREEp7Il7GBKCysCMBbMfB0WBpr5Te yADSjRAIhwi7LrbW0TJ+C6UiaGlQKkQoEsAWAqE1Sglcq4x+N3ZmxH0PEHQ9508jFcYN8N3y92na 9HKSM48jtIurBGnJ67myRQsmTJ5Gu3bXsGZnElpZ3nYIF61dZG2mWEYzxQKhLbQIMvuFyTRrcjn7 0jNxpKK8ooDmTRrS8/ZRRBwb27YI2xbCgNIqWsZvo7XAilg4YQcpNVqZ6DEh0Nr1yqKlIWxAyBBK WISljparq9rqgphQrjVT0V71QiQSwXJcHKURUmPcahI2f83F9Rqzbms8Qrq40kbblZRJhaMERka8 G55WhCIWrhNBSTd6XIja964MCCWwrBqElAgd/by19C6E/k0yikZKieUKet3Wl2A4Urt45ePj4+Pj 43N2ZLSKTwpNxCiMiZD1xSJ2PPUiyvUSOtoX6D5n4JcCXWnNkYwsXn9zLkKIOj9qzRfoZ+DzZV+x aMnyX/Xy/icZdBMT6EZjtEN6yiamTn8ZS2qvN1pZWOFyBg8axMpvvuGu24cy/4utKGXQwubdWc9w /4QnCImo4Kt9XYVTfYz2LZpw+z0PEVAaI8PYWiCipeuu0Uhlc3B/PMOG3s6VrVrSrWtnZs6cQYXl 4kjJso/epXe/EXz7/U906Xw17dq25rnnXyTsGoSUFBZmM/Kuu2jdqg2du3bmjbnzKQtFkG6Q3Vt/ YuDgQbRs047rrruG79f8iK1h774d3HT9Nbwy6wPuGTWStq3b0Kf/7exLzSW/oJCBfW+j2SV/Ja7J FXS7vhdz3/sMpTTCquLe2wfSskN3qmyJUi6uE2Ly/cO4te8wSqvLuX3wAAYNH03EsghrgXYkb77+ MgOH30WVrTHKpuREJv0G9Of9RV/w2rSxtGrWgAv+ehFdu3XhoUnTKCjKoXXThtw08G6mTX+a9m3b 0q1rV5Z9vxZbSqQIUV1ZxCMTHqZVq3Z0atuRyY9MoqSiCqUF2zet4aabbuDHn9YwZvSDPDBhKlt+ XsuN3bvz3fp4KivKuGPYUG7scT0333gDPbpfR48eN/Djuo04jsOP33/DwH59aXnllVzV6Rq++Oob AkLxyVuz6N6uNX+64BLade5Kv/79SUpM5JH77mTaq+9jSRcjK1nz/Zc8MHoUrdt1oH27Nkx9/AmK bYOrJQeSdtK3V0/e/Xgxt9zam/ZtruSuESPILinDUjqabXf8MvdavPPblopefQcRtBx+7RXg4+Pj 4+Pj80tiz6NCSi/xY1wKPv+QA49Nx0jP1yWGL859TqX2cIi2e54U6PPqvDgHX6Cfkf+WQNc6tjIk o9lTyZL5s3lp1hyUlrhaI0WAN2a+xLsffkbQsrh3yBA+WLI2mrG1WL10Ad2u60tRTSR6odO1F8SM lDX85S9/Y+YHX3o91FqhjVNrNmaMRU56Cq1bNGfQ0Hv4bvVq3p79Ks2bNmHS9BmELJt3n3+aCy++ gmEjRvPTj6t5ZPw44uKasH5zIuFgNaPvHUT3G/qw/Juf+GzpIh4Y9RAZ2TmUFmbTrlUL7n1oIt/+ 9BPvznmFRo0aknAwg9071nPRny6gbac+fLLoM1Z8/int2rbh2h5DySkoYtmSpVzbvjnXXNeLjz5b yq49+5BKEKwsplv7Djzz9hco5aK0Q17GXtq2uII58xcjhc2n81+naaMWpOWW4moX42omP3I/zdt2 otTWaBmiMO8QzZpezovzFrJ93TfcM7Q3l1zWkJmz32DV2g0Ulh6jY9MGXNqoNW/MeY/V333H7f1u o0GzDuw7nEF1RRF9et1Et67XsPyr71i2eAHdr+5InyF3UlRaxPofv+Siiy+l49XX8sSUJ/jqq2/4 8ZtlXPCXi5i/YgORUIBvVn7Jks8WsmTxQnrf0pO4Bo3YGr+HcCjMy889w+JPP+aHVat56/U3aNQo ju0HM0nYvYNXn3yMi/5Wn8eff4lly5eRnZXFrddczfCHpmNLh83rVlLv4kto0+Eqln79PV8tXUj7 VlfSb/hoKiNhkrdv4pILLuDmPsNZ+f0PvDV7Jg3rxzHjnQWEo20RRkWQpm5f+GLEjPMiUnFz3yEE bKd2JqePj4+Pj4/P2Yl5GgktcJRBa83xLz4g9bFpGCExUtb+rC/QfU4lZvCMkWA8r6y0jGxef/Mt X6DjC/QzsmTZCj5bsixaEnzyAPl3ry2eyZiKmnl5JeqvP/cUr731PkJaSOWwL2k7t9xyKxUhi5Bt ce+Qwcxf+j1SCBwdZOuqFbRp352ME6XR14qWCxlN3v71/PVv9Xj5vaWImGO6ttDaRsswUodZ89Un xF3WgPW79uJIiXZqeHbqRC68tBknikr58MXnuPDiluw5lI6WNmkHk2hYvwnvfPQlkVA5E8YMo8+A 4WzYvoucgmNYIQchHD55bxZNGjdi7oIvWLJyOUsXvkOndm354psNxO9cQ9xf/srDT8zBVhGUW87o UUOo16QLqdnZ2FaQ23t24o57xlMlFba0EMri6J6tdGh3LcnHy9EyhOMG+WTeDJpf0YYdSSkEq0vI OrqTru2v5omX3yHihJHKMHnCfVzRrjNFrkHJEIV5+7ni8st54Z2lOCLE3Bcm0KhJCxIz8nGkoKLy GB2bNeSaG4dSE3ZRrmDxR3P484WXs+SbteSl7aNBvUt5e/4CbKlQIsC6bz7l4ksasn7rTjasXsyF FzXg0WdfR7kOUkjWr/ycv1xwEe+s3IySDlpEcMLVLFm0kJYtWzHz9TcI2g6uHab4xDG2bN3GihVf seTjedSv9xdefGs1rhQkblnBJRc3ZN3mRJSW1FSV07tbJ+6Y8DQREeLpqWNodmVnXn1/CSGl0W4F i997hYsuvIgNifvYv/2fXHLhxcxfthpXC8qLc7juHx0YOPoxglGBrpWFrOMXvhgmehOICMktfQcT sOxoa4K/f3x8fHx8fM6F1t4kFEdLbKFRyiV3yYekTHsSIzwPphi+QPf5NSfbQpXWpKVn8vrsubXe QHUZX6CfgaVLl/LZZ5/9rw2jPLMxAcYbz6W14LXnnmDWOx/haHCrC+l/681sTj5E6pHDHDy4j/69 evPim0vIzcqlSip2rP6K1m26kVZQjJKuZ/gW7edxaoro1K4lg4eNIKI1rgYtJa6wUf8/e+8ZJVWV 7v//X/3WvXfduXfGNIZhdEwTdRxn1DHrjDniCCoIioGgjgqYxVEkSVDEQJIMEgwYBxQF8yCOgJJT k2PTdKquOufsvZ9nf/4vzqnuRltUUIHL/qz1Xb26u7rq1OldVee7nxSvpVKVEU8/ws8P/TUfLl6f pr4n1Qx+rDv/9ZN9WbxyLU916sQ+BxzP3LXr8C5ixdyPOHz/X/Dok+NxrkBF2Toe6nQfp518Kvv/ 9EBuuKEdm8vKuPeuv3PYwYczcsxEXnnjFV59/SXefOVlFqwpZfqHL3Pgf+5Fh0eGYCTB22qub3Up ezc6k/krVhPHlVx1ytFc2rwd60WxcY7ERDxyz/Vce9vjFJyiNs+a5XP53a9/yY/++7/50X/8P378 H/8f//Uf/8H/+6//Ya/9GzFv6Uoi8dx2S0sOP+oENjjFmgJrl83gsEMO5qF+Y3DJRh558O8cePDB zFqynMQpVRXLOeznB3LGJbeTMw7vPKOH9OBHPz6U/i++xZJ/vcHeP96LARNexUiEsZaZ08Zz0AGH Mu6NfzP1hSf4yd6H8sS4qeBzJArTxo9i7x/9mN4vvoe1BrEVjH7mKf73v3/CA916UymKcwnzZ7zN Lw46gLMvbsKz4yfw4uj+/HS/H/OP3v/EJpaP33mWvfc+mDemfYT1jurKUi7+8++5+OYHqYrKaXvl 6fzxhEt56Y1/k7cxklTzyvMD2ft/9mfo5A9Y/P4L7LNfI0ZP/Ri0hurNa/jrH37HBVffQ1581uld 8SHHHaibg14oFDj77LOpqakJO7eBQCAQCHwDPOlEH+88IkLscywdM4q3HuweRpYGvjGqaT+gxYsX 07NnT6zd1sjiPYNg0BugpqaGmpqaHX5z0SwVnWwet5eEoY91pUuvvuTFU7lpFa2ubs4VLa6j2VVX ctVVTfjNYUdywilXcvcd91OexEweP5w/nXAOa8pzqLjadHnvFW8q6PrQvey1z7688c775OIEa2Kq qiv47OO3WLmlnLdeGcP++/+Msa9OJU4SqrdspM01zWl05FGs31xG/073sO8BxzFvzXq8Myyf+zGH 738ojz05jsgaSlasoLqqilxlBS+OH8uB++zDsBFjGTd2KAfu14gXJ75NIYkxUcLq5UvZnI+Z8eFr HPCfe3Fnj4FYsXhbw/WtGrN3o1NYuGI1sami5dkncsZZl7C+poY4MVRt2cgxv/klgydMSudnuhrG jxjEzw44gL/f1p77Oz3AP/7xD+6/71463n4b++y9L/2HjqLKKvd0uJFGh/6WZZvLSfJ53nvzBX66 30/5xxOjsGYLT3S7hwMOOIh3ZsykYC3lFas4/OBGnHFRO2qMxTtl1JCe/NePD2XAxLdZv3Q2h/zs QO7t9hhRUk1NFDG6XxcO+NkRvDNrKW+/PJCf7H0Ij4+bCj6PU+GtCSP53x/9mD4vvIdN8rz3zmRO OelEWl5zIyvWbqDGWoyJeHZIP/b67/9i0MhnKSQJM6a9xj57/Yj7e75C4pR/fzCRvX+yHxNeep3I GsorSjnvz7/nkps6kbc19P7HTfys0a+4675u5KICUb6Khx7oyE/3P5z35i9l/rsvsO++BzHm7emo RlRtXseZfziKi66+K61BL2ZaBIMOpDv/1lqcc6xZswbn3B6/axsIBAKBwDfBi08bC2vaWLjgY6Ri E/HGTbWb3cGkB76OokGP45jKysqwdggGvUGKo5d2PIJebBKnaZ2OS5gxeQL3/KMb1c7jTIxK2qxN JSGJK7nissYMGjEFsZ7ExQzu15ULmlxPzqTzzIsdwb23qFRTWbGOk045kcOOOIKrr2lJ1y4P0axZ Cw5v1IhX33qfjRtKOOOUU/jDsSfyjwfu49ILL+Cgg35O/3ETiWzM053u5Kf7/575a9ajzrF07qcc +tND6fvUGMrKyznn7LO5omlTenTtwjVXN+eQRj9j4mtvki+UcebpZ3LooUfx4IMPcN+d93DsMccw Y9YiPv7wTfb7z725t8fjOFG8i7ju2svZp9GxLFm+Cqd5+tzXkf322o/mV13Fc6++xacfTmG//Q5n 1oJliDiiqo1c2fhCTj/9DMprChiFREHFIEk1TRpfzF/Ou4S1uYgpr47kp/sexDkXXsJ9d93PsUf/ jr322ocHnxyBdXk+ees1fvWLQznp9DPo/fTTlKxdweG/OJi/XHgNhSTBO8OoZx7lv358CM9MnEKS r+T6a5tz+BG/5Y47/06bm2/j8EaNaH/vA5THCW+/NJS99m5E33Fv4n3adG3ycyP4jx/tzeMT3qZi 8zr++MdjOOSI33DPAz3o0rU7Xbs9zOQ33mTmx+9z5GGHceLJp3PvfZ04/bg/sM///jcP9JpApLB6 5Rx+98sjOeZPx/Nw90f4bN48zjrpj1zW9m4il7Dw8w/43S8P5+CfN+Kue+6h9Q03sP/+B3DbvY+Q F8Nn77zCvvvuz4QpH2DVUb55E6ceezQXN+uIEYtqNr/eBYMO1G7CFdOp9vQPhEAgEAgEvile0uvb xINTEKckYrDe1n62BgLfhC9ei+3pY2+DQf8eqTPoafMDEUf1hmXc2LodpbkYK9kYN+/AO4ytYeyo oXz86WKcpA3k7rvzFvqPfpFY0mZzkI7rwjtE0nrz6lw5b775Tx7v15fOnTszYOAgPvzwI6oKMWIT 1q9eyZgxY+ny8EM8+cSTfPDhDHLOYcXw8ZTX6da5H2sryhFr2LJpDY/36MNHn3xGnN/CnJn/YtTw IXTp1o0+TzzFhzNnkzcG1XLWrF7G8xMn8nDX+3isd3fenPYGFeU1rFqxjJ6dezP5g/cxxuGs4aWJ z9Kl7yDKysqxvoaosoJXXnyBHv94kFfffIdBj3XjxNMak4vzGGNYu2IRfXt1Z+q77xNZwanWjlFT V2D+3Nl07/kony1dhYvLmPrGJLp17czQZ0Yy89Pp9H60L5M+mol1BhdVM+uTj+nVpzcDR45iQ8UW +vXqwsBnJ2JMOkN89ox/0bnr43z8+UKMcVSVb2DyP1+nZ68u9Or9KJMmTaIyn8eKZen8mXTu2oN3 Zi9AJR1Vt3DODLp0781Hs5eQq9jM4088RuduPencpQ9dunSlS5eH+Ocbb2FMwuezZ/HUk0/Sr98T LFswl17dujD5nU+JRBEpMPfzf/PoE0/xSM9eLFlRwsgh/Rn18htYZxGbsHjBx7z+2gS6de9Jn169 eHPKu1QkBussG1YsoVuPR5i1YCmJKDW5Kp55ui/Dx72JSAFRiD2oCx+agUAgEAgEtp9iyaXLxvX6 gkesJ8QAAoEdIxj07xUFb/HeYj0YEdTVcMP11/Pu9E8xCiKKV5s1kTOIi7AiWLHEFWu4/467WLi+ PPvbpHaetlfBisOJy/4uQcVlGwEW4xQrHnWKNwkiDuMs6hRxihWLU4t1FjVKQQ3WJYgUsCaPlUJq 6EyEswlO0vFtRi3GOlSqURth1WE1j0hCQQvYRDHGIJEn1qj275wrUJ2lExvNIXFaK6/GYGzMh9Mm 8+Ir03BSSGeN2whnYmKn2UaGq23epSpYa7DOYZxDtYDYAioR1grWFbDOkjiPisW5CCcGVSUSocYa vKkgp4I4QSSPGotzipEEIx51NaiJcFKDswYjinGCiMWJxbiYRBLUedQZrCtgnMPa9DYiUWqoxWfN L2yaBeAE5yxiY5xz6bx7cSQuwjqDiMFJQiyCdXEa9XYFCuKwJsJaj0olTnM48ahLUKcUJJeeD2ux IiROiJ3gbIxzEQXrcK4GpxB5UBfqewKBQCAQCGw/1oOIx4lPN/9NatBDFV0gsGMEg94Am0o3s3FT 6bfu2v4lvIA3eG9JPCSqiMQMGjSANu1upWBd1ineZbuPDhGLFYPVhNkfTqHbQ92oUbDi0hnWtQZd cQpOFLEJXl02RxBUTZZq5PHi01mU6nCq6YaAk6yTtyVW8FZJ1GDFohrjbB6nhew4QFQQSVAp4KUG tYI6g9r0Po2mNfaxTxDjscYhRrE+j6rFZg3SIhXEOawvIFYRNYgxqMulhtaks+KtgjiDqmAke75i 8JqabPFgJU2F8S7BaoJKgrgCVgTRBBWLt4qKw0mCU5vWG4sSOcG7KmIVnPOoj9M0LZs+T6ugEqEu HfWmLsGopk32xGYfSBFoHnUeyUaMiLOotThxeE3wavE+3WEWD0ZTWWdRlyCi2f9d8VqNuggVS+JS M+9shHEWr0m6NlycmnLN43ycbsBIjFrFaQXWOqz49Bw4wYrgbISIITaC1o+gSzDoRXz2P/h8zlxc SMcLBAKBQOAbYb0i1mOtJ+cV44VoYym5FSvTMcNhpGvgW5AvRKxZu25nH8YuQTDoDTB89DiGjBxT a4Rh++agfxWVlZV88sknGGO+sr5CRNiwYQMlJSV7dA1GIPB94n1aMxdbx+l/OZeaQpyORwy7/4FA IBAIbBsvOK+IE5x3GA9rhg/h8/bt8VmmZto36bu9jg7s/tStBa0debtgyTK69+wT+gERDHqDjHh2 PENHjU3fTL4Hg15shGCt/coFWGyQEMZUBALfH96nZSaJE8469yLyURLMeSAQCAQC3wDvhcgr6hxe DKKwbMxA/t3xtmDQA9vkiwZdVFm4pIRHej8WDDrBoDfIyGfHM2z02AYj6PUXzPZ2p/wmHeLDiIFA 4PunOGEhto6/nnMR+ShGxQeTHggEAoHA1+BViTw4tTiN8NazZvhAPmt/G94Fgx7Ymvq+pkGDvrSE Hr0ere3mvicTDHoDjMwi6JI1JIPMnPutxzLV/xoIBHY/0s0yIR9bzjr3IqprIlTCxlggEAgEAl+H d0qskPeGgi/gI8+GQUOZe3sHvE0Q71AvwaDv4dQfoVZf2W8RcTgR5i9eSs8+fWszjPfka7Fg0Btg 8PBRDBgyHCeCSp1Bl2yx1I+A7+k7PIHA7oyqoqIUEstxfz6VqlweZ11t5kwgEAgEAoGG8ZIadOMt VmLUeOY9O4Z377obbw3iHT4Y9D2eYllv/eCm1F5nFcdRK3MXLqZz1+57/Ax0CAa9QcorqymrqEwN ehZF12zxOIWFS0oY9ex4ojipNfCBQGD3w3tQURJrWbZiVTZCUINBDwQCgUDgG5AoqAhOHHmFysot FNauwksxeq61ZWPBoO95aJa+LqpMmvwm73/4MfkowWVd/lXTay4P5OOEjaWbQ/CTYNAbpH4XZ+8V yWaOl1dV8crkt2l9yx20u+1uosSgIuFiPhDYrdEGFAgEAoFAYNsoXiSNgGYN40TDJJTAl1EPTw8c wpUtb6Tv00NZWLKSxNl0hHGxLj1M0aklGPQGSS/SPem87dg63nz7Xdre0oGrrm3DFS1bc3OH+ygk JkTbAoFAIBAIBAJ7Ht6hPkJ8gleLNw4vQtjoDtTHA+LhqYFDaHr1DTRt0Ybm193CsJHjqMwV0k0d IARJ6ggGvQFEFSuCFeXDjz/l7k5dueLq1jS9+kaatLiBy1vcyM0d76cmMYhobV1NUFDQ7iX14BSs +LQJpAfR9Oc7+9iCgoKCgoJ2ZRXLQGOfloCq9RgF49PPUidaa76C9lyJglV4YuBQmrZoTZMWbWna oh1XXN2am267mzETJlKZyyNZqvue3iAOgkFvkMgYNm2p5JkRz9Li+pto0vxGml7dhitatqNpy9Y0 admGtu3vp7SihqrqGqpzNeTyhaCgoN1MVTUFKmoKbKnOU11IqKgpUF5dQ1U+2unHFhQUFBQUtCur piaikEuoyBvKCgmVhYRcdQ25qhzV+QK5QpR+DdpjVZ0vUF6Voyof8diTg2jasjWXt2hLkxY30fTq tqlhb9aKTg91Z9GyFeTyhWDQCQa9QUaMnkCHux/imhtu5YqWbWjasg1NW7alacs2NGnZhstbtqVF 6/YMGDqGYSNGM2ToCAYNGR4UFLS7adgoBo94lv5DRnJh46Y8OXg4z4wax6Dwmg4KCgoKCtqmBg4d zpBnRjFk8LM8OWwUg0cNY2CHO3noujYMGjKMwUNHMDh8nu7RGjx0BM8MT6+1/n7H/TRt2ZbLW7Tj by3acXmL1qnHatGaJs1v4O4HutGtRx+ccwB7tEkPBr0Bho1+jqGjX2DZynU8MWAY19xwS23kvEnL NvytRRtuuqMT1bFBtC4lNigoaPeSUyURT8EJZ5x3CZVRgpEsVW8XOL6goKCgoKBdVYnXdOKRS8tC E82zbNgg3rm7E8Zm3bv91uVjQXuWRNN+XkaUfgOG0qRFa5q0aMflLdvRpEVrmrVqw/0PdeOjGZ8x Z8Eyuvd8rHbMWjDoga0YPnYCQ0aPTdv/O0NJyQrufqArza6/hSYtb6TptW1p2/4e8sbUm+MXCAR2 N7ymozwKTjjzgsuojpOs6WN4XQcCgUAgsC3EgxqDU4MYT6SwetSTzL29I94o4iS9jSd06N5DKf7f VeGpAUNo0uw6mrZozZXX3kTrmzvy3nsf4EyMqjB/yTIe6fPYHm/OYTc06Ovu7Mbq6zp+r3rnL02Y dublrG7VkdWtOrCqVUcWN7+VyadcwujfnMzo353KC8eexfJr27Oq1fd7LEFBQd+jstfv8lYdGHLE cZRc0772Z0FBQUFBQUFfrVXXdWT1tR1Y2aoDq67tmF4vn3kxc479C6uv7ciqVh1YVbxdq47h83VP VKs6vXXapTz721MZ/ZtTGHfU6cxp0ppV13Zg1bXptdfcpm2YdNJFrG6VrqUdWS9Vr729sy3rDrHb GfRFR5/B3IOODAoKCgoKCgoKCgoKCgraSpt6PL2zLesOEQx6UFBQUFBQUFBQUFBQ0P8JBYP+AxMM elBQUFBQUFBQUFBQUFBDCgb9B+aLBn3R0WdQcn6L71TLzm/B0uzrsvOv/o7u92qWZWrodyXf2eME BQVtj5adV3yN7vxjCQoKCgoK2h209PwWlJxX/Ho1i8+vu4be2ccWtHtp2fnbv27mHfzbYNB3Jl80 6Bs7P/6dP4ZVSCQdD6GSdnn2mb4Nxb/xXlEvtfI+7RLtVTK5VF6/MJ5AUO/4rjpK1z5O7ePKd3bf 6QNIwwoEdlFUFRHBGIMxBucszjlEwroNBAKBQGCbeCHxglqP8YI3CbFYxAmqDtW6z9LQwT1Qn9Qf FTu8C6pCIum4vmIX92/TyX3hb04JBn1n8kMY9A2by1i9sRTjpPbNZbsMutc6k15PWmvKpd5IpwZu 6wXvv0sTXe+xtjLp3xX6FQoEdk1UFecczjk+++xzkNxXBgAAIABJREFUrE0NeiAQCAQCga9DMV5x zpN4wScFonWrqSpZGQx6YJvUGnRVVAXrLOW5GlauWVtrzINB3434IQz62OdeZNS45xAlM9Dba9Cz iDnpIhSn2WKs21lUTY15OiNSszezzNjWRqC3XqDFqN9XPm7xqzi8pBH4YlReVLMIPt+5QS8eV/1d r+96juGePhcx8N1SXKuRsZx/cWNy+QJhUykQCAQCgW+G84pVJfGKTwosnTCKdx/ojBiDitQLOu3s Iw3sStStiTRoKKosWracPo8/gbU2RNB39gF8W34Igz7y2QkMGzU2XTw7YNDVu1qDruJR6xAbk5gE UcVlafTF+3ZiUDWImMzApyZeZGsVU3CLqm+MRQTj0oXuJcG7BFWHU4idYDV9zOwIv1OD7mwaiRRX PE5B5LsxO8UXakg9Dny3pOszdsJfz7+UXJQQMj8CgUAgEPh6itmeVh1GwTvD6pH9mdX+Lrx1qLja AFExnTkQgHqeyqfZxKKwcEkJj/R+7FubcwgGfaez2xp0J6iLqNiygvmL5xM5xSpYydLdxbBh3UpW rVpKaek6pk19i2lT32ba1KlMmzaNadOmMXXqVN566y1WrFjBu+++y9Tsd1OnTq3VtGnTWLBoCdW5 Gj58bxrvTn2TaVPfYsrUd5gx63OqCjGJSzcF0hfFd5POKyLMmjWL8i0VxLFh9uzPWLBgIc59d4b6 i9H5QGBHKW5QFZxw5gWNqY6TemUngUAgEAgEvgrxoOoQtRjnsR7WPPs0C2/viDcOcS69TTDogS9Q 9CF4B17qGfS+waATDHqDjBozlpFjxqZR6HoL5FsbdBXEO6yCN0IiBd6fNJou3XuSU3CqiCiqFpUc o/s/ytNDhjJ//ud079qZ7l26cftN1/Pznx/GbXfcRY8e3ejSrRsfvP8uXbs+zCOPPEKPrg9x2MGH cfPfO9Cjeze6duvCm29PYfG8eZxy4ul07f4w3Xt04eEuPbjqb1dw2eXNWFdahfMOr3VpJeoBL7WN GoqN7IDsGIsyaJaK77Pz49USRwUuu+h8Pv18ATX5PHfdfiePP/kUzgnWOUQc3ilOBVUQnzasKzaR S9P+bVq3nzWMcJKdH1G8GqrKNzD4mVHkCwmS1fF/RwH6wB6KqmCspWAdZ55zCdVRUq/MJBAIBAKB wFchHqxaxMY4o+Q9rB/Rn4W334E3DpU0MqoeQmwl8GXScl4Rh6iycPESevZ+tDYg920IBn0n84PU oI8dy+jRo3e4WZT34NRSUMXHSrVEvDzkEbr36EONT42vF0XUolrBo/f8nSfHv4hTi4rBJMqHbzzH kb86ibnLV6NqsB5U4tQoq0NypRx60JHMnFeCikG8oBqx4JPpnH3RNVR7g/UFjBFym9dx2il/pnP3 p0k0yha/Yp3DiCCSdrEW57DW4ZzFWoNzkr7JisO5CCcW7x3qBJdYVBJyVVu44PTj+WzpGhKXYHIJ NVlnbOsssU3wUULsHIlxGEkQl+C9wznB2xivCVYUsQ5RQ+IcxipiLSo1bFz5Oddc35HK6oSCsXgx WAnbsYHtR7MNqii2nHveJeTyUbr548OVRCAQCAQC20IVIm9QU0ATxxYPa54ZzKcd78EbwbsskEMW Rd/ZBxzYJSmWsC5YsIDevXtvVzlrMOg7mR/CoDvnars570jNs/cgaolU8MZR0BxP97iVXo89QSHb TfSSNm1ztoxbrmvOsElTiNXhfIJxyusvjuKY4y5k7eYqVFKD7jVG1GCdIdqylp/uczjL11fWGnSv ETPfmUzztveS94L4CCseH+W45+5buKrlrSSST980s8h5xZbNrFy1lo0bNvHe+9OpqsqjErFxwype njiR99//iMrqArFTvEaINSxdupQXX5zIp5/OZOP61Zz0h99Ssm4j1kasWLiANRXVJCaiZPHnbC6v YsXS+bw/Yx5JUkMSR0yfPp2xY59jzrx5GGuRbBPAxDHz5s9k3HNj+NeMf1MoRKxbX8LU18dw1bW3 MHPWXFZv2Ii6CBd8VGAH8F4RFZwIn/x7drpZZe3OPqxAIBAIBHZ5vPM4dThJcE7Y4CG3oYSKhXNT c+4kTW0nGPTAtlFVampqWLZsWe2EnW9DMOg7mR/CoG/P/L2G8OJRdVhNG7vFUsaDt7fggS69WLBs OUuXLmXJ0hJKlpewZM6HXHL+hbz27sc46/CaIOJ4ccRTnHrmVZTXWNQlGA/exzhvEHWUrVnCAfsc TmmVrTXo4gq8OX4A9/XsT14V1QgRZfP6tRx3/B95avB4RHPp5oAq4mLGDH2K0866lHvu6sTosc9T VVnBU0/04dprmvP8c2N58smnafy3ZqzdXI4zW3jo/s7ccGNrnnvhOYYNHs6t7a7n8EOPYNOWLZSX ruf0E/7EyFemUrpxFWeeeDJNmrflkd7deGPah6xfvZDzz7uUXo/25ZWXJnH3vXdw0223ERvHpnWL ubr5dTzwwD28OHE8Tz79FJ27duX9j6bx4N3tOO+SKxk2fBQffzoTlYgQQA/sKLWvdV/XaDEQCAQC gcC28c5jVTDq8M6TKMRqUWfqjdAKEfTAN2NHJkAFg76T+SEM+ndF0aA7EYyzONlC2ysu4vhTzuKy v13OZZddxmWX/Y3GjRtz1SXnctjBv+ad6Z+naUGaoM4w7LGHObdJO3LG1Rl0LRp0Yfm8T2jU6Cgq Y19n0CVizOP3c0nzNjzefzADnuhLn0cf49Y27Xi464NsqY5RX43PajyMrWHYUz248IobyeXyWFE2 rPiMG1pdzep1a4jjHHFc4KHO3Xl3+mxWl8zmD0f9mSXLl2MlQhPl+TEDOfgXx1BZnaN0zQpOO+EP vPrRHDauW8qff388o56bRGwKJDbP6Gce5f6H+1BVU8AWLBXla7mq1bUUIscjD3bgzydfQFVNFaIx 1hnyUYSTiFfGD6BjpwcxzmU19HEw6IEdpphFUmxUEprYBAKBQCDw9aSlnIrzmkXMfTqi2NdNKKqv QOD7Ihj0ncxuZdBVEE1rtWPncKaSC44/kQmTPgCyRmia7hRVbVrKr488ipkLSvDWIZpgNebRBztw 7Z1dqJHUoH+xBn3W+29yzPHnknd+qwh6j/ZX0HvQGBauWM3KksWUrFpJdWUlViqJncf7ylqDHkue Ab3uYtCLb5KYGqwYpr8+jOOPPY42f+/ITTe14e83taFx48a8/e5HvP/OS1zV9GZySYTVAhopC/79 T355zKUUTMKqxfM49bjf8dGS9axYMovzz76QBas3YgsGNWXcen0TGl97Czfd0p7bW99J+5uv5+yL L6J8c55mF5zFw73HEStYsai4LKMg5pknutPp4Z71DHqIoAd2nNSgG/AJeBsMeiAQCAQC34DiLGuv Ct7gNcGLr42Y145YIxj0wPdLMOg7mR/CoG8s3czG0s1pWs4OpLmr2tSgW00bp+U386ffHMeUD2aj 4hAVrCjOGjavms/BjX7LgjUbEJtgxWC0kofuuZ17ew+gkHU5F1W0OCddLO9MfpW/nt+UKIvWq7eI zdG+1eW8POUDYlVEEqyk4y6cpPXo+GINumJdDT3uu4k3PpqBcWm0+uPJI2lz403kjGCcQSTGJHms M7w/7TWubHIDVVEBIxGaJHwwaQzHnnEtiYuZP+tj/vT7o5m3ejNL53/MhRdcydotlagxqN1I+5uu 5a3Zi4hNgkQOa8uoMRFRTQ3NLz6bB3oMIRJPUpypbgV1BR6+/2Ye6d2PxDqMWrxGuODQAztAsQ+D qqOiqjybqKDBpAcCgUAg8DWkZWEe7wRxCU4SoriapGoLIoJ4RetF0wOBhiiWQRjnyNXkQ4o7waA3 yJCRY3hmxGisCJrVo27Pm4v3cZZy7vGuQK56HUcceRSfzp6XRtd9NkPSxiz9fDo/P+j3rCmvwrk8 Pnagm7jz9vYMHPEcsScd+yaajSkDtQmvTJxIi2uvJ1HSBnLekMSVXNGkKe999AlG03nsXr662YIm Fdza9kYWLliU1uO6iE1r5nN18yuZMXMWuXyBLVsqWLKkhKhQYOWSuRxz1O+YMeszKvN5Nm1cy21t rufCZrcikmf6+29x7PFnsGFzBfNnv0/Ta26nrCZBNUZcjrGjR3LDjTdTurmMmqSStWVrmb9oBWoi uj94OyeceCqr12+kMpdn5Zq1lFdUIlLDw53a8MB9D7GlIqLgEpzGiA1v+YEdIW1EEjuhRasbyOUL yDZeK4FAIBAIBFK8CgVVEnVYsUjsWf7aROb06o63STpS19c1igtXbIEidWsh64clwtIVq+g/aEgY s0Yw6A0ycuwEho8Zl0Wrt9+g4xPUS1qP4yLKNq3k2ONOZvGylencb086H1IMH7/3Jn/4w5mUVecR iVAjiCvjjg4defGf04gVnNQZdPWgzvLihAncdc/9WA/OA95Skyuj2VXNmPnZPJzPDLp+deMrSSpp fcN1rFm3Pk25F4faAm+99Sp/u/wimjVrRtOmV9Ppge5UVkZIUs1rr07k3Asu4srmLbm5bVse7nQf t9zbE5EC77z9Ty5p3IyKqhrm/Hsatz3YmS2JSTc8bEyuvIz777iDxpf+jRbXNKfJVU0Y/9xrqHPk qtbxVP8BXHTxpTRvcQ2trr+RBYuWYFyBdStn06JZK5peeQNLVqzASoyzoY17YEdQjDHE1vGXc86n JoqzJnFhXQUCgUAgsC28VyIPRiyJRljnWTX8GWa3b4+a1KBrMOiBBqhv0FXSaToLFi/lkd6PbdeY 62DQdzI/hEEfMWYcQ0eNTQ267ohBd6hXxIMXi4nzzJ2/kEIcA2k6h2Tdo3MVpSyYvwjjHCoG7xSR GlatWUVZVQ1Oswh6dhDq0xr2ss2bWb9hQ200Hi84W2DZshJqChHiFe/tNlP1VSKWr1hGZAwu2zTw oqhLyFWVs2D+fNauXU9shMR5VCLwhnXr1zN33nyS2FBWupmS9aV4jamsLGVpyUqMceSqN7Fy42oS STMJ1CnOJlhXzeqVq1i4YB4VVVVY59Pfi0WcYfXqVcxfsIDK6hxWFacWcdVUbKlk7rzFFJK0gZxI MFKB7cdnozwia/nrORekrxmR2td9IBAIBAKBhlGv6TVjZPA2T+Jh+eiBzOxwO94ZnLchgh5okK0M utY36I+GCDrBoDfIqLHPZQadWmO7XSnuqqgXXDa+yUv6RqYN3ZGXOhOddZPGZzXnPq0VB+rVxir1 o3xb3aV3dbfN7mfbtfTp/fusVkg1a/ohPpUv3sbhvcF7yY5X6tXwgorH+7QOXn2xcYjFi0lHukna 3dN6IfFxek6y26lS97haF8GsazSSbmSkx5HetnjeAoHtRTV9bRaM5ZwLL8kMugsGPRAIBAKBr0WJ swh6rBHOetYOfYYFHe5AxWLVZNeXwaAHtqbBCPqSZfTs0zftX/AtTXow6DuZH6oGfdCwkVgnSJZm sV0GvTgHPTPa3vm0xtt/ecGlnTCLBj011UUzire1RrRoaNNxUF+xcOvdNjX72+5MXdeB02bdrF36 2Fo04ml9iBfBS1o77wGvLjXgxSwBV7chUezsqapolpbvSY21ZNkA9U15epwu/RvPF2pTJDNSxXPj 6p2HUC8c2H5UBOcc+dhw6plnUZ0v4JytLW0JBAKBQCDQMF6ESJXYOxIx+MSzdOQIPurYIY2ga4ig Bxrmi9f5zqUR9Ie79ggRdIJBb5DFy5azaNlyXG2TuDRaXTSdW7N1JLs+PktDF++yCLrPosZfvn0a cS5GiOui3nXmtZ7phlqDXvut1u88rVsbWO/Y1jrf+ram3uaAxXtDcTa0F5/OuKw16FJr0LXWoGua Vl98/lnqvRSj4NTdj9a7XfFx06yDuiyD9DHSGnqfPe+iQU9vEAx6YEfImsQZy8uvTSKxLvtQCKUT gUAgEAhsizTymUVAjSUxnsoVCyj95MN0WpF3IYIe+FpEHCLK5vJKZs+ZF7q4Ewz6V5ClUzck6hla 2OrngUAgEAgEAoHAnkBaFplmiDqFOAtMbasxcSDwfRAM+k7mBzPoDclLWodNfZMeom2BQCAQCAQC gT0LDxgPIoq3iorPmhrv7CML7GkEg76T+SEMuqrWauvvBaeWyCQsK1mBNW670jACgcCuQ0Ov90Ag EAgEAtvGiydWsCp4azEq5Iud3UW3alAcUtwD26L+dRiQjbz95gSDvpP5oQy6c662i6CI4pyQOMfq jZvo0r0PHe/sRFRIEPftGxkEAoFdA1VFRDDGoKpYa7/0IREIBAKBQODLeOdJFIx41AllPkKTPJKL s+k9WQo81PYvCgS+SJ3fShv3Fq/NQhf33YgfwqA//9zzTJjwPOLSBeKsUF2dY8rU97jx5rtp2qwN t97eiTgy9ZrIBQKB3Y3iB0AcxzRp0oRcLhcMeiAQCAQC3wAvQqyKdR5nlSqfZ/XYscx4qCfeCipa Oy7XBYMe+AqK110lJSX079+/1qx/G4JB38lsv0FvuFa8doSYFlNxlFGjxjJixLM4UYwVps+YSZt2 t9GsZRuatriJK1rezM3tOxEl6XxHFffVTeWCgoJ2XaE4ERJrOf+ii6muyWemfRc4tqCgoKCgoF1Y qpbYW8QpajyVvpo1z/Rn5m13o3GCdxZVh/eCesmmFAUFSTalKe3vpWoRZ1m8eDG9e/epDZ6ECPpu xPYZdKX+qDIA70GyNIp0FrJFxGGtZcTIcQwbOZ5PZ8/lgc7dueqaG2l6dWuuaNGOpi3a0LRlG27q cD9VhRgngqhDVIOCgnYzWXEk1lGwjjPOvoDqQrzTjykoKCgoKGh3kBNFnGBFcc5TrQnrBw9h9u33 oUlaKupUa7Wzjzdo15NTwalgVZi3cAk9ej22XZmMwaDvZLbfoG9tzr0HJ0rplnLe+/Ajnpv4MmMn vMD45yfS6aEe3HFvZ5q3asOV19xA0xY30KRFW5pc3bbWoLe48Vb69R/M0/3706//IB4fOCIoKGg3 U78BQ3hq4BD6DRzGJVe0pN+AofR7ehD9Bgzd6ccWFBQUFBS0K+vJ/iMY1m84A58cyZNPj+b+scPp /kAHerRqy5P9h9N3wDAeGzSCxwaNoO8ucLxBu576DhxO38HDeXTgcDr3GUjXno8Hg84eY9DrUM3M uXW8+vpk7n3gId7/1wxqEoNVsArDR09g8LCxvPTPN7nxlvY0aXE9TVq0oWmLtjRt0ZqmLdtyU4f7 ycUJTgTjXO3fBgUF7T5KnBI7JWccp559EZurC8ROsaI7/diCgoKCgoJ2ZdUoVHqoVCUynlyNY87o F3j53q4kiSN2SiRZI7ld4HiDdiGJx4rHKCQKkShzFi6le89Ht6thbzDoO5kdMejeg4onn4+YPGkK Q4aOYMOmzSRWEE07TIqH2XPmM+PTz0mcMG/RYno//hTXtr6VJs2vp2mLNjRp0YabO95PPjGo13q1 FEFBQbuTpF6Ke/8hI8gnFis7/7iCgoKCgoJ2dTlRTKLEajHOoYlQNnsOq979AHUWVVtbe76zjzVo 1xTe4b3FiWVTaRnvvvdhbYO4YNB3I7bXoBfT2sUpLzz/MiOGj8Ektl6nwLpFUNfm3+HEElvLv2fN 4aGuvbmq1U00adGGdu3v+4JBd0FBQbuZ1BmcMyTGkliHdQ5xBnVmpx9bUFBQUFDQriyrgliPeIN1 FmOFUk2INEHVoT6V9zv/WIN2NQlpkziHSIJ1Ju1pIL42eh4M+m7E9hh0D2mEXJSFixYzbvwEClGM FOczqlLX5T1rWiCCk9Sgp43klHw+4l8zZnLnPZ24tf0dRHHyrccABAKBXQdVQcUhzuKcxVmDOBte 14FAIBAIfA2iinEeJ4q1gk8sYhUjivi6RmBhvFqgIbwvejQhcS5dN5kxD3PQdzO2N4LuxFOTL9Cj Z2+Wr1iJ3cY/3oqmC8U5nDigXgRehA0bNjBp0iSMMd96AQUCgV0HEcHa1Jxba7KvdmcfViAQCAQC uzzeK6Jp+agTRWyalWZFUnMeNrsD28BnOzfqBSsOK4pxUmvQvw3BoO9kdiSCPnf+Aia+9ArG2too eUMYp0QmrUVV/2WDXndR77ar02AgENg1KL5+E2OIkyR9X3AuXFQEAoFAIPA1eA/eeqyHggo1kqBJ Do2i7ZplHdizSA264sSSOEvihNjY7Qp+BoO+k9keg64K1inPv/AS69avx4mgWepNQ7w+aQoTX/ln mmbh0/r0okGvXxcRoueBwO6Nz17LsXVc3/omaqIYLdZFBQKBQCAQ+Eq8B288iVeMeKw4Vk56jU+e Hoy69Dq5mOLuQ5574AsUDbr3ghWhZOVqho0YXRsMDSnuuxHba9DXrd9I7z59KURx+kaRqSFGjZnA 8FHjUE9tE7hAIPB/j6IRj5zw1/MvJRcl1PWjCAQCgUAg8FWoBzWCVYezHnWetUMHMav93XirqJPs WrouEzUQ2AovtaUSi5aU8Eivx8IcdPYQgy6ivPTKa4wb/3zdTh7bMujPMXzk+OxNJR0BEEx6IPB/ D6/p67rghDMvaEx1nNRrGhkIBAKBQOCrEA9qHE4tYjyxwppRTzD39g54o4iT9DbBoAcawhfHrEk9 g943GHT2EINunKN33ydYuGhJ2rXd67YN+qhxjBw1HmsF1aJBt+nXb4GHbJSAQTV9k/Je8a6KWIRY LM4lJKqoWkQtai1GPKIFjLVYMdnjp8dQ9waXdp/33iA+QZyi1qNqcd7h1eLFIl6xHrQ41oDsjVIl 3bUCIg/eZQ3vxOKU9HjEYEURsdn3gvcRvpj2Lz5V1oXR13sDTr9Psw9EFZUENI9zgnXpeKv0+Xxh dzX7/2x1Hj21nUBVDOps2oHfK14TvBhUHUaV4uvZe5d26M6yINL/Q12alde0f4AUf+9dvZF5WdMT FVTSc5um2rh0GoBPEE2/d87VHr96EJ+tr+z+NSuLKI6TKD7H9A2poXWYmkNPmvnhPXXnuLh+tK7k QrykM0bFI570flXq/r72Da7OdNb9b1zdh2W9Uo6viiD72ueYqviz2r/xdWtKa5+UbmV408eO8JIe s3WCy8axFNeNfmE9fZ+oCk6Emtjx13Mak4vS16oPG3KBQCAQCGwT50Gd4DVBrVLmlTWj+zGnfXt8 ImkEXbNrJP3q6+7AnojWeqv0WkxZvHgpPXs+ul09voJB38lsj0HP5Qt0faQPFVVVqbnROrPQEM+O Gc+okWNT07uDBl3V4iVKzZxPDUG+fAUz5q4l7yy5yk2UrN/Ehg1rWLV6DWtXrWbNulLipJrNW8pY uWYDXoqLOKln8lJDpd6iPkasoWJzBetLS4l9avi9TXAqGJ8dh9q0YV729z4zsDUKavNYVZwkJAqF 6s2sXrOC8ijdJFBNcM7hfTXeW75o0Itm8kvnwAtOLJVb1jNsyGM8/8JkclGE2LjWoItPm/jVPa8v ox6MOsRFqDOIKlYErzFvT3qRAQOHUZ6P8D4Bn5msLxj09HwVjWtqZIs7u6rpZoZXi6pgFKwYSjet YP36daxZu5q161ayes0mNleUYqxDJJubnRnx9LlIZvQt3tc36Onj1xl0Q50hbvj51m5a1NsEUZ+N BszOvfMO8YJ3Hle7ESF1Jvcr3tx88RhrdzTqNhC+KnpcNOguU/Fn3pOZ8/Q1sq3Nr9R45/HOoWJw 4jCSzzbOqF2fP9Ruu4gjsZYkcZx77mXkakzt5ksgEAgEAoGvpnjto2rwzlPmlZLR/fn4jrvQxOFF v7T5HgikFL1NWmvunLJg/iJ69UoN+rclGPSdzPYY9E2lZTz2ZH+sE1Tkaw360qXLWLhwMSJZm/9a 8/HtompaG7lO0gh6Fknu2+0hHuwzlMgaXhk/nPMat6RPn9707v0Y3Xr1YtCT/SgrLWXB/E95+OEe RNanUVJvtjLoJksJ8c6ybuU8/nzCsfzqqOOY8fkiYqeoNVkUN40Qp5Hpught+vyVOM4zelBfxr30 WjZiTpj6wgh+85ujmPLpIowKohbnBO9r0MxYe23ojbfeY2Rm1EnCquUL+fUvD+Hc85tTkY9qG3EV zb3Wj8I2eC4VUYeLq3hxwrMMGzmKvEmzDtrdeBV77/ML1pRW430F+BpUtp67WTw2nxlo/UI0uljO kBp0xSnkaypp2vg8Dj3iV5x02mmcePJJnHD8aRz7+6O57rp2LF+7ESuamjlvwRu8t/XMdV1Evrih Ut+g1xnihp9v8f9V/xy7esbbi9RGs7342uelmWGuf/++ntIfSJ3qn6ev2CCpfx5rH4Mvmuh6x/tV jwu12R1JXMbggQPo0v0B5i9aUXsfPqtHKt7/94mqYKwlSSwTJ75OFBmss1/K4ggEAoFAILA1Xjyi aQ26N56cUyqWzWXN9I/wToNBD2yDrQ26OGFLWQWzZs4OY9bYQwx6yYqVvDp5SmqQv0EEPR2npvXS K7RBM/N1aBYx92qyxxZcVMk1VzbjX4uW4Zxh4piB3HZfX5wkOCvUqEPiapy1JNEm7rnjPuaXbMKo pMa4aLq8EHuHiEeThB6d7+R/9/pvDjjwUDp160dBfBrxztLTVR1OUzPpJclStUHFYeNKzj/lT1zR qg2xglNl6riBHHjgIUz69wJiEYwzOCuoRjiJ6+6zOOtSNcsQcIgYxFlUFBHFiSHOlzNvzofMX7ya vM2izk5rI8TF8yOabqJovfNfvH8RiyuUc02zJpx93vlUxQmJCCtLFvDJzHnkjOA1QlwBcekoPZ8d h1UQdYhEOHXEotji+ZEsy8BLlpoOVpSa6s2cdeqJnHDSuSxavppV61azZuUaBvTryr4/+Sk3d/xH ukkgCSoRKklaVqCCyTZ3vMSoZCP7VLJ1JVlqvuAla6IixckAmqZ9i8nOcXqerbg0GyI7F14dXmKs SPp/FYc6h/VgVPFq0tR/qeui6oppZuLwYtIMAknS9H3nURFE8mi9rIit1nO96QXF7ppeFZX0hsWZ p2oFXywL8GAVbLFEQdPnKmpwdjM9u3XltDNAffVHAAAgAElEQVRP4Lnn305faz7d0MLbrSYmfF+j WlSLHwzZcxYfRqwFAoFAIPAN8M5jVUg0zeQTBeci1ERfylgNBj2wNZplJqdrRFVxVrLs5VCDvkcY 9LnzFzDz83kYlxqLrzPo3xV1Udo07VecZePyz2l74x2sj2PEGCaOfop2dw0gMTFqDYlziM1Mr1Tz 0L130PPxwRRUEV8vXcgLsRe8WEz1Zo45+recff7Z3H/3HZx86llsiWxq3Fye8rK1zF64mC351ES6 qIL5i0tYtamMqooy5n72CWcefzQXNGnO7PkL2FBWxhtjB3DQQYcw6V+f88msT3jt1YksL1lJJAnO RlgbUVq6galTp/Di889TsrSESMFYS1zIsWThHNauWkkhipi/ZBmlmzawdOksSlZtInKO9evWMn/u fOZ/Po8F8+Yzf958Pps7j3xiUFugbPMGpk17m1dfe52SlauxIpiohmXzZvC3S87hpNPO4KNZcyhZ u4H1a9Ywf8kC8iKo9dgoYvWapbw6eQpvvjyR8tIyckaxatm8qYR58+dQEVvmzpvHy+NGULJ8BVWa ZRmoRbNNijhXyrmnnMypp11JLlaMOMQVWLfyXxx24ME0adaOfOJQyRPntzDtrbd47aWXWbJkKdVW Mc7gkwo2bljNy5Mn8+qk1yndXI6I4GyBBXPnUbpuI2tXreblFycy/V8zyNUUSJzHWYOaPBXlm5jy 9hu89MrLrFq1isSldToqESuXfsa8eQupzBWYMuV1przyCuvLq8mrILYKNTmWLVvOyy+9xHsfTaes MkdsHDYp4KIcn3/2ORNfHs9H//qQKO9w1lJTWMf8eYuII4u4ehF4r+lmjHPYxGDihLKyMkySEOXz RFGUbhZYQY0gUcKWsjIqcjXE4klE0znjNo+zBSqjPOUVq9CC44n+9zBmwtR07KE34COsy7NlyxYq Kqu+97nkW/VO+AHS6gOBQCAQ+L+Ad0qsaZmiiMcDTiEpZvt9QYHA90Uw6DuZb2vQVZVZn81h3qKl WeTx6yPo39WYpTqDnhluF/PWc0N4sHMf1mslmsS8NOYJTvjrzdz895u4p+Ot/O28C+jRbzSxj/Fi GTuwL2efd2VmuCWNuqrivcU6wdsKXntxMI1+8Vumz1nGioXvcfSvf8VjT4/CiENtFaNHDGD/X/yW 9z6dh9oCVWWraHTwEXR6uBezZnzIiaedwc/23YsDfn4IJ51yMsPHjuOfzw9nv3334/S/NuGqpo05 /rhjaNToCD78fC7ORLz03FgO+8XBnHbKSTRv0oRfHnoYzW+4jeqaiM2b1vPnY3/PySccz7F//CM/ O+xXjHx2HH86/ve0bNWeKInp16sbp596Cmecegqnn3QiP/6fvTj08KMorczxyfS3+NOxv6PJ5Zdx 2d+u4GeNjmDwM6PJbSnlmssv4pCDfsq+BxzIcaeezT2d+3DXnbdy6JHHsKVgiaJS+vbuQqNGh3DW eRdzyVl/4deHHcndD/YglxQY8nQPDtx3P07+y4Vc3uRKzjrlBA44sBFPjXkVnzXj86TR4Di3kfNP OYGTT76ANRu3sLmynNKNm3l2cB/22+sA7nmgD06UuZ9P59ijf8ufTzyVZle24LBDDqdHvyHk4wKT XxjBr444jHMuvpSLGl/Kkb/8Le9/8AGVFaX88vDDOe8vZ9P4oou5tkVLDjigERdc2Jjy6gIuiZg+ bQq/PeJQTj35RBo3bszPG/2c5s1bUV6Vw9oa2l53BUce+TvOPf9vNG9xBScefTSH/epYZi5eSpzf wL3tb+LII3/FFU2bcsZfz+Gv517Exs1lVJRt4rrmzTjyyN/QvEUTjvnD77no/OZUlFexcNF7HHbo b1i+fF09g65ZLwHBJYa+PXtz4Tnn0rZtW1q2uJpLLjyf8RMmpB/KseXZocO58Mwzufmmdlx59bU0 a9WWtaVbcCJ4qeTR3l0587zGtG3TmpuvvoUOd1/KuInvpY35pMCihTO59JLzuOHGG7nhxtZccMEF TJ8+/XuJoEOx90Hde0Mw6IFAIBAIfD1eldiDWk8igvMJYrLmxPUUDHrgm7H9/isY9J3M9hj0z+bM ZfHyVWkN+jcw6IlzJC5N366/UL7tm0tdQzJFVBAp8HT3B+nRqx8VPkZNxAvPDubk05tQunkzIjFz Pp3JuWddzPzlK3EiTH5+DH847q+UlFZinMVL2o282PFQ8us5809Hck27Dmw0Hok2cNuNLTjhtIv+ f/bOO8qKKnvb88+31qzfmmBCwYTkHEdRVEQkqGDABDqACKgYRjFiwBEFJIMEJUdJKhgRRFERURAU aBpooCPddM43VdWJz/dH3Q4oKDAohnrWOksaL11V955bdd6z9343RTEXraIsWzidc+o058sdB9Ay SrgojfPPPZ9nX5mO8KLkl4W4/vLW3Hb3QEKREqJS8uGyWdT42+kMGjIa4cX47pv11DvvAp6dPIdI eR7N6tShe6+BhMrL8TzB7EmjOaPm+WzemkRR3kHat2zCObXqMHXm6xSUlVJYlM+V/2pJ3wGP4wqB ciNEy4oIl2UzZfI4TjutFrPnLEVqB9ctJicnAycapqywlGuv7Ua/AUNwhIdXmsXdvW+kY5cbOFQW Iewohj35IBc1bEs4bNi9/RPO+uffeOSZMZTFYpQX5tLtikuo1+xi9mXlsHDGKM78vzMYMe51HCEI F2fQpGE9eg0cWpni7gt0jRvJ47oO7ahxVi1at72MVm1a07JFC848rSZdrr+DzLxCjIgyeNBdtL3k MgqKynGi5ax+722atGzHgbQUHn2gL92vu4niSDmuEny16RuKCgspLj1Im7oNOK9ea7JzMjDSY9bU SZz5zzNYsHId0aJ0enS8nCuu6UFWdibCizDs6SGcV6MWX21JxNMRHu53G//395q898lWtBWsf38V Z555Lm+u/ZTsg9tp2bgOjzzyDBEpicYibNu5i6jrsGDWVM6tVZMt3+8kFg1RVJTBuefVZ+7CN4np MoqLylFSHyZUjdFopUlO3Ua3a28kcc8urIkSi5TRs1tn5r71NlLEKCrI4Kr2nfjgw9VILSgJh3js kft4deYCIlJQmr2L3r36sudgHp5yyDyQQduG57No1QZ/Totyhr/4KK+8MomYiOF6DkuXvMHjTwzF kXGn/Z8w1zteKlL0hVQ4nldZ2hIQEBAQEBDwcxhiFozUSCnwrCTqxFDhMrRWlca5FQ7ugUgP+DHx ckkDQmk8IU8oazIQ6KeY4xHoFTUMOxISSUrJqGyd9XMC/d0P17Dyg4+Qyk/prXjt8d5YLFXu5toq jIky8rknGD9luu+crl2i4RJC4RhK+y3ShPaYOOJZRk6ciTTw+Qdv06DxpezOzIkbzlW1WjPG8O0X q6nx178y9MWXWbrmM9a8v4pRzz7I2TUv4KOvdiJUlDfnT+Ls2s35YkcyWjqEC1O5oFZNho6dizAK x4nQs30zet/7KJ6KISysWzqd888+n7e+2YPSltz0BNrUqc3dw6ZwYO9m6p1Tk5Gzl6GFRBrDgcQv +NsZp7N8xecUF6RxZYumXNXjTkIihjWC8pI8OrduwV0Dn8CR8Y0Gt5zP1q7i/AvPY+ToV3GlQesY h9ITufeBB7i55y3c1PlaLrqwFtfd8gAhqTBOEYP63Ezn63tT7DhYZXnp8fup3bAVTrlm4WsjqXFG Dd78/Cs846eJz5n8HDVqXcSG7aksnDGCWmdfxJ7UXJQxaFXIxS2bc8MdjyHjpQO+QFc4kTyu7XAp zVv8i5XvfMTqD1fRpdMVtG13JRlFpThaYr0yrmrfmgvqtaBLt1706HINXTpeSeOmLdi0dSuffbGG Nq3bcWPPngwfMZwtm7fgCUlpKIN2F9Sh/3OvEhOlWONRkp9M64a16fPoOFI3r6Hm3/7B8CmLEFqA iZGS+BWNL7yQKbPeISSjDOlzK+c1a0+u438Ge77/knP+eTYL3l9DJHaQ0aOG0axpO+4acC9TJo1m 94FUPOXy3yce5Mwza3BV5xu4rls3enS9mrp16/LiqLE4h7V0qzaXtcFKxYhxQ5g07Q1cLTG2GONF SU74nu9S05FeKUlbPuKZ5yYS1RqhBVK67N+1jptv7UNBKML7iyYz/OVxRLRBaoGQLlOf7M/iVV+g lCJSkk3XbpczYtRMJk4dz5RXJzJu7Ctc3+MWsgqKUVbH26Ad55fxaN/R+D0i6gn6DRhEOOrE3UMD kR4QEBAQEPBTWG1wDEgjUdpFScv+NavZOmE8Vgq/NNPqqva7p/qEA34zVDctrjDSPpCeycw5Cyrb rB0PgUA/xZyYQN9FUnJaPIX25wX6oqVvMv+N5XHXdV352hMW6Nr6u4gmxvjhzzBm0hSiBoz2MMrx e40bg9UuWjmMHz+aFya8hrCKz99dTPNWHUnOK45vLsTFg5UYN4+nhjzIBRfW59JLr+Lyy9rT/vJL ubz9pTSpfS69BwyjxI2yau54al3YlPXbklDGkJN1gPNqnc0zY+YgjUFGi+jZoQ039RuMawzCwvol 0zj33It4e/t+tPLISdtB6zp16Pf8dFIPbKNuzZq8NHU2Wrkoo0nYtp6/n34Ob767gYLCNNq3bEyX 2/oR8vxNhbKSPDq3bs5dAx/Dlb6B2ZoP3uLss2ry9LPDKXViuFrhxGK8dP8dNGp1Cd/s3ocIl3JT jw5c2/MhIlKg3RIG9OlJp663UOI4aGUZ/vgDXNSwJW65Ztn8iZx92hmsWLseaSRaOkwY/gTnnHcR mxJSmP/aGGqeU5/9GQUoI1G6iItbtaXHHU/hWTBxt3tjNG64kOs6XMqll19PSURidJjPP/qAiy48 lxdHz6RYKKzn0uWqS7juhp6ElcFTAi00UaFwpESpGOlpB1i4cDFDhjxEvYbNWP7OGgpDh7js/Avp /eBzxEQIo11ys/bTuM6F3PvkODJ2fMUFZ53B8yMn4WmF0Q7bN6+n7vnnMWvxGkLKZUjfXtRpezV5 nkJY2LP9c876+1ksem8dSobwnBJ2bE/gtenTufO2W2hx8VXs2p/GqKFDqH9RA1LyC1A2jPEMMS+G NLFKs7QfCXQLRiiee/FBZsxegdAaa8swUqCVh2MMUkXY/fXHPD9iMlIqjJQYIUje8xU33nAHRUVl rJg1keEvjyZmDFIJlHSZ9OxglrzzKdoYQsV5dOt6Jc8NG8WwF5/nhWHP88ILzzN2/KvkFZf5LeVO Yhq61hqlFFFX0Pna7oQisbgBXmAUFxAQEBAQ8FNYZfAMRK0gZmJYx5I7ax67hjyGlZ4fnAoEesAR qC7QdTxrec++ZMZOeBUpq4yCj5VAoJ9iTsQkbnvCLhKTDsSdtH8+xX3R0jeZt3hppet0xWuPW6DH WwdUuJRrE2PlomkMGzkuHkH3WP/xh+zctYtQOIwbC5GdmUKfAQPZuHM3jhG8tWAyHTrdTGHE893N jYpH0l32bvmAmmefw4w33sd1FMYtx1EuERFjzbLXOa92Q1Z+vpGtny3hwgsuYtjIyaQezGbqtKmc 8Y+/8ewrM/CUQbvFDLy9O/WbtWXrnmQKy0N8svR1ap1fh5Xb92FkjJz0RFrWrceg56cSc4vo1vEy 2l5+NTu2f0tGVgZDHh7MeRc1J2F/JvlFGbRv1YzOt95JVPou7mWl+XGB/iiO57J313fUuehCLm/f haTkQxzISiMtJ5NQeTnP9O5Onaat+GzbDr7+9FMa1z+P624eTEw6GBXhmScHc+559di4ZQu5BaW8 +MTD1G3YAqdMkpm6nRYN63PTbX3ZvXcP3333LW2bNubiS68kvaCYea9NpkbNBqRl5KKMi9SlXNy2 HTfe8WQ1ge67zDvlxVzXoT3tLr+BwohEyDJMzOW/z97HmTUuYtUnmzCeYvjzD1Cr1rkseusjDmRm sfP77cycu5SyUDmzZ03gvXffIyNzP3v2fE+r1u14ZOhIckozufyCCznnwias//xzDqYn8/QTQ6hZ sxYffL4FESnhkUH9adysBR9/tpHU5CRuuakHtWvX5rvdmYSU4LG+d3FRmyvJcyXKQuL2DdT4x5ks fGcdJfnZDB/2FFu2fE1OZjorly/hnHMb8e7aL/l01VIuPKcm/xn6AgdS0sjMTOW/L71Ebn4Bwill X9IBPFegdbXyDgtGSj7bsIL77v8PuXkFxJwCwuFy9u5IZPeBVLQUFOYmc8P1t7Bn726isRiRUDkz Z0/i6eeHI6Qmefdm7u47iH0pqYTKS0hL3stlLRoxf9m7xIRAuDEeeXgQm7/dTjQWwYlFKS0tJb+w xHfGt1X95E8GFd9vVyq6XNeDqOsGLu4BAQEBAQHHQEUNujQSaWJYaTk0bwY7H3sUqyTK+G1LA4Ee 8EOqC3S/JbMhKTmN0eMmVXYLOh4CgX6KORGBvjdpP5u+/S6e4n5sAn3+4mW+sUW11x6/QFfVBDpo 45C5dwsPPfY85VJjtCB5XyKD7r2XXr17c0//u7njlpuYvWQFrlZ4WjD6xad4evhYHGUqDeKM0Rjl 8twj99KqdVuKHeH3Q9cuympc7VF4MJmrOlzCbf0GUFqWymMPD6Je3Sa0aXcl/QcOonnDOrw8bgZK GpQX5psv19GocVMaNW/FrLnzWP3mAho1bcGH2/djlUPmwf1c1qYljw9/FSEiHMpM5o5ed9CkcSOa Nm3CFVe058O1nxNTDvkFmXRr356e/QcQFQalFSUludxyVXvu/c+zOJ7DsKcf4fzzz6dhoxa0aNWO lq1bccnll3MgNZXUhG+48ooONG7aihuvu5kePa7kjrsewJEOxgh27/qGS9q2o0mLptz/yDBGPvsE rdq2xykVeG4Ru77bxDWdutCseTOaNG9K/7v68vU33xJVkoWzplG/UWvSUzNRWqB0mE4dO3FX/6f8 HuPW72mujCFcWsRt13ehS7fbKAr7zuLW1SQlfkWzJi24+Y57iEYF4VAar4z8L42atKF5yza0bNWW l0dOpqSkgMULJtP+0itp/a8WNG3WiN533c3+9GyKwpm0v/Ai7hw0hFtv783FbVtRv0F9Xho1mqjQ KCkpOJRGv9630aR5W1o2b0GHK65g6VtvEXIFUSkYNnAAra7qQr7nobQlcfsWGlxYm+Wr11OSd4gn hzxEsxbNaduqNS0aNeTRoS+SXx5GRwp5/523adn2Ylq0uIQ2Fzfn1l7/Ji39EAf2fk3z5q3IysxB K11tLuOXM8h8Ro0cTdcu3enV+xZu7tmTnj1uYc+BJGRM4IgwKxe/RddrO9Hrzl7c2vNm7hzUj4y8 AoRSCBlizCujuezy9nS/vge33HwDL73wNB2u6crqdR+jPcGO77fQ7fpr6dW7F33u6kPPnj15ecQY Io7rtxq0J9PIzf9+e0rR9fobiLpuXLQHKe4BAQEBAQE/hbUaxxqMqmrhm7JkJlufeBSrA4EecHR+ KNC1gaQDqYwZPzlos8afRKCnZRxk5XurUfrYXNwXLlnBvEVLT4JAl35aelygG+OiozncM+hBMgpD GCUwykFISXJKMjsTd1NYlEu5lGgVwZUOQ594nLVfbkYaE28B5vfKNlKQun8v+/ftw9N+/2uLL6Sk 1mgnTMr+vew8kEzIi+FFSjiQtI8D6Qcpc8LsT/iGtJwCrIr3yFYuZSU57N67h9yCAkqK89i1eztZ YQejPMqdEPv2biXjUD5KCqRwkW6YlJRkEhISKC4tQ2mD0FFi0RApCXtJzDhATBq0UQgZIX3HtyQe zEZpj6z03ezcmUBC4nZ2JW5nV2ISO3ftpTwawpGCcHEuSTsTKCtySEr5jpSUNJSW8RZjEaKhEIl7 tpGUmUNuRgrf7d6Pdg3ahNFOCbFwiL1Je0nYl0S03EV4Blc7FOVmsH13Am4kipYKpR32Je3hQEZ2 vBxB+Q75xiClR1pSIvuSDuBID6UlxjUoESUpKYHExN04SiN1McIrJyczl10J28nISsNRCqlclFdC WXExu/YmkLhvN47joLSiNJROuwvr8uiwMZSEwuxO3E5qViZRZZFSE5MW6YWQsWL2ZWSzZ/ceiktK iWoXTypcIcjdk8jWfXsolx5GGSLhUvbs+IbM0jK0F0FLh6y8PLZu30l2xgHCrsBTEiNCuFJRXFLM 3j0J7Nm7m7CQSKPwIsXsTtyL43io6gJdW4yQGF2KFoq9u/fw7vvL+fbbrcRiHsIrRyqLp1yU45GX k8zaj1bz1WfryY9F8ZTFSIXSMYQb4/sd3/LB++9xMG0fZeVFfJ+wi9ziYqz053ZBYTZrPlrD2tVr 2ZuURCTqIqT/2VQYzpwcqgR6527d/U2AaveIgICAgICAgKNgNdIajNIY669FMxbNZfvjQwKBHvCT /Figm0CgV+NPIdCLiksYO/FVPCmP6eZwKDuHrOyc+E//y0K9ynHaF88aazwef+JJZs6Zi/QEWqm4 c7Qv5rXWSCMx2uHgwXSee+YFwjEPa03cSKHKGd5UbDhUuGRWM4+zRlWm1isDVkus1n4k32qsFpVt 5/z+lf7f+TdSE/9yKFS8Hltb7de9x19bcYyKL1GFAV/FdVhlUPFUceMr3/jN2sTfB4nRBuIR64rr Msa/wRstsEqhtcVYURnVNAa/FZrWWOundluj49doq4z04ukxOl6vbLRBG4nRAmMlRvs95f1z9t8X W7khY+IO/BprdNV7XHkM4/8eo/zrtgJjJFZbrPHraKqyNap+v/9eSKxxKQ/l0fii+jz93HCEUr7b acV12HhPUSXinxPxjRmNNrryPbdCoKz22+/Fz9dogbIGq2Wl6Ya2/mel4zdAa1R888mfj1oblDFV dWKV86hqJvvvocYYEf93frmFrrhWLSvfMz/Dw/Pnp9boim4GFe/3YaUaqvI8TfwhXjWPKuaWqZwf YE7qA74ixd1xXV57fQaOGwj0gICAgICAY0Fb37fIGI1nJcoqCrdsJWX12vizPigZCzg2tDHkFxTy 8bpPKnXG8RAI9FPMiQj0mOMw8pWxFJWU+kLsVzjPn+L777cxd95cHMdFq/gEtKrK/Mr6AmX37t18 8MHqw2qBA36/+J+tQmuHSLSMsWPHs3r1WqSUAEF7r1NAxcaHUgohROXPAQEBAQEBAT+NMaCVjW+m a5RWGKnQsiqAExBwLFQGorQ+obkTCPRTzIkIdKU1k6e9xnc7EvzI4a9wnj95PkpWioKqCWioitYb lJJIKQ9LMw74fVMh0K3xMMY3YVOyapcweJCdGiq+hz98OAQEBAQEBAQcHav9sktlwWiL9QxCKj8r LxDoAceBMeZH7u2Bi/vviBMR6Bb44qtNzJwzF6X1zwr06gv1X5Kfm3jBze2PSDytv6L04VTvFv3J qf5A+F92bgMCAgICAv58GITVRC14BpSnUcbEyyMDkR5wbFQPkvzw746VQKCfYk5EoGsDhaVljBk/ gXA09rMC3XVdYrHYLxZJqxJlfm12FdVq1qu/JiAg4Beh4oEgZVVWSxBBDwgICAgI+HmsNhhPo5TF tRA2GqEdpHSD52jAcVEhyA/PLj52AoF+ijnRCLo0hg/XfMzBzEM/K9BXrlzJihUrTniS/Oz5VJxA 3CCNuDkXVlf++bDXBCI9IOAXQymFlJIRI0bgBn3QAwICAgICjgll/VI961mENnjGJf/LjSSufO8X W0MH/DHRWpObm8sHH3xwQt5MgUA/xZyIQPfNKxQZBzOZM3chMceLu0ZXtX2oPhYtXca8N96IO2Yr v5+5rXCZVv/zqHSwthJrRbwdW8XP8gf/v2L878cNRjD+rMOTAhV3hFdxd3+tNUb7C4iYlFzdtTuh mBO4uAcEBAQEBBwDyhiENXhaI6VCakXaovlsfWKobxQXLyv9Lfg/Bfx2qWyztn8/Y8ZNOKFyw0Cg n2JOTKBrtJYoqRg/YQo7E3YjtEbbI3/wC5e+xbzFyytbb4F/czHB3SUg4HfJxk2bWfDGCvKLSxFK I5RCaYU1CoCY0nS6vichN97SMMhaCQgICAgI+Bl8gzhpFVoKPAsHl81mz2NDsEphlKoU6MG+d0B1 qiRVVcvnpAMpjBk/KXBx508k0I3RCCEoKw8z9bWZFJWVYyoX4oePRUveYsGiNyv7Xlttqd4fOhjB CMbva3z08efc/u+BDLjvP7z/0TpcKatEOuAoTefrbybseNXuBQEBAQEBAQFHJ24IpyXWOAgL2Ytn s/exx3yBHn/GWvxncUBABVXTIRDoR+JPIdChyklSG8OHH61l1twFuEKilKwU8Cae8rpoyXLmL1qC 1ip+01GVr7HBCEYwfndjzbovuKPPYO7ocy+9+w1kxJjx7Nl/AKk1yoCjFNdc24NQ1Ik/FAKBHhAQ EBAQ8FNYqxHWYKTE2ijKKNIXzuO7J57yBbrRgUAPOCLVBboxfunh3gMpjA5S3IE/jUCvwlhfpH+9 ZRsvvPgyefkFKO33bayoS1/3xResXv8JnnKxxsUaD20lyiq0kcEIRjB+Z+ODj9fT865B3N73fnr1 u587+w/mtjsHMGbiaxSFokSF5NlhLxJz3HhJjPqF7mABAQEBAQF/DKxRRK3BKIWxEaw25GzcyJ5l y7FaYa2pFGIV2agBAfADgR73BsrIzmH526uCCDp/NoFuNdZqpNZ4ypCcnsni5W8zZuJU3nz3A77e up2de/bz2dffM2H6fKbOXMjU1+cw9fW5TJkxnykzFjD19WAEIxi/t/HM8NHc0ncQt/a7n9v7PsCt dw3m9rseole/B7nn/keYt3gpkagT74WuCEziAgICAgICfhqrJSXG4FmNMjGsaxBKoqWL0fEMVRtv HxwI9IBq/DCCrpRGaIPUJhDo/NkEOgZrdeWOnjb+RMjKyeP91WuYM38RM2bPZcqMebwwcgIvvTKB EaMn8vLoibw8elIwghGM3+n4z1PD6NV/MLf1uZfb+w7m9r4Pcnvfh7j93/dz96AHGTN2AtnZh9Ba ouMpeQEBAQEBAQFHx2pNLO7kLq3ECmYn/1oAACAASURBVI3UBmX86Lkx1SLowYM14Af4c8KA9btX KWNQcV1+vC1vA4F+ivlfU9yPRmWNutZ4UuFKhdQWaUDZYAQjGL/n8dGnG7jt3/dxe5/76NVvML36 3Ufvfvfz2NAX2ZechpLKT2u3Cl0tJS8gICAgICDgyBhr0DYeHTd+K2LXGjxL8BwN+EkqTHwrBLq1 6n9qxxcI9FPMLynQK1BaI6SMp7vqyr7kFSYGwQhGMH5fY/UnG+h51730uvt+evUZwMOPPsmXG78m FI4itUUpP8XKWhP0aw0ICAgICDgGtAVtwGqDlRZhNULF0MKrJsACAn5MZacdY+IlyP/b+isQ6KeY X0qgQ5VI37xlC99s3uynwhuNNQprZPy/JhjBCMbvbHy07nNu73sv/e/7D69On0VBYZG/Aaf8dHah FK9OmYYrZCDOAwICAgICjgFjwEqDNNrPOrWGoi1fk7HqA6yyGG0CF/eAI3KYQMcPpuTmFfDxuvVB DTqBQD8ii5csY9GSZRhLvLWawhqBNYGzc0DA75FP1n/BS6PGsndfMjHX8yPrOt5e0Rhcqeh63Q1E HOe4HwoBAQEBAQF/RqwF6yliRuBqg7SQNX8uOx9/DisNRml/LW0JIuoBP6L6nDAG9u1PYfyEKYFA JxDoR2TBkuXMXbwcVXFTMYbKCDoEIxjB+J2NsrIywuGQHzWP3/h9ka4wxuBIRZfrbiDiuIFADwgI CAgIOAa0BeMppHFRUhO2hoNLprNryJNYYdBK+6+xBAI94EdUnxNKWZL2pTBuXCDQIRDoR2TRG8tZ sHhZfAHv10ZgBVh5yoVGMIIRjOMfFX02oeqGbyEeQddEhOLq628m5HgoKbHm+NxDj4a14N8/pL/R Z/1z8Utnqs7n8HOtoNr/s0ceOj4q6rYOM13hxw83a038+AZtDcoajD15GxK24h4Zv+6Ka67a6IwP /L/7LVFxTlVlTfoIn8kveNyKn+Pv1S+NtaZqPlSfV8aAFRgrMNb4KaxGcaT5dOrwz7HyfbLSn2/V PqwffleqvhM/HL9n4uuTw34W+IZL1f7ud3+dAb9VjAUjNI7xEJ7BM4achVPZO+RxrGcw2gQCPeCI +K334msEA1IZkvanMXrspHiGYyDQf1f8GgL9jSXLWbBoKVr7xlFYFV8ABCnuAQF/JIxWKKWICMlV 195EWczDaPULCHRRJdDt4RsF1c7muH9/ZepgteP91ALI70ersVaj48Pak3Ot/vF15XlUXKcxhy/O rOV3JdB/6fM8okD/Fd6bIx/CxAW6xFgZny/mNyrQq51T/PlcfWPjRwLd6h+P39Q1nQBW/3hdEt+s CAj4NbD4At01EiEsrjakvTGLbY8Pxbq+yNIV5l+BQA+ohjWmUqBrbVDasndfMmPHT0ZKedxR9ECg n2J+DYH+0Zp1fLRmHVL5Lu4VEbDgoRcQ8MfCGoNSirArGDT4Ecqjjt9u7SQt3I8m0O0PWrn5kWV9 uMD44e860rBVkcDDItRHXASZuEuqv2DyhdfJja79KFIZFxAVIre6QP+trdOqn1P19+XXiKBb+2Nh +UtzWLQZqGx1E5+DfoRdxf/utypmq8+zI4jVI732jxRBr1ib/Og6fr35G/DnxgJWapRVaGmJGkj9 bC07Zs3HCl9gVa9BDwiojtXWj6Bri9aWtIwsFixcglIqiKCf6hM4Xn4Nga60QWpdtag8wuI5ICDg j4MyBk9ptOGk1qBbC0oJrPH8jBxtsVZXtnKseAhVpNobLdBa+eU1FULWKLSWGKNQSlRr++iLKR3/ HVKIypr6w0WeHzXHKqz209o9Gz8XbTmZtzWrDNZ4GO3EH7gKraNIJZHaIJTx32N7uCj9LWDixoEn sjD4346rUcqrTOlTSmP0r5Dirv3jKG1QBpT2M8WMUZWp7tY4GBPznZh/Y4tr/7vkl57pCrdoEzvs PP3WiRXfF3NCaZO/NarP04rvu1JVGxP+Ylegtedvxhkqy05+a59hwB8Dq/zvlVWWmAVXSkzMqxRf wbQLOBo/LEvSxqBO8D4dCPRTzK8h0I+Wchg83AICAo4Hoy1GKwqLclm16h2cmOeLVuWRm53FsiVL WLZsOanpB5Fa4zkRNmz4AqE1jlTxlGuJVh5aeXz91Qbmz50VH7OZO3cBc+bMY86c+cyZN5+c/EKk idcNV69BtRJrBR+/+yFrP15HWEtf4CiLOpkCXUhCZVksWTSbebMXM3vWPObMfZ3Fbyxif2oaMamR ldGU31ZGkjUaraS/OWJMZVT5F9+Ytdr/fLXEaB3fIPaF1S96WBXDaunPO22RWqOUxFivsjbQ6Aiu V0pZqYvRv50HoLVglMHaCNbEKC6KoKVB68MFutb+5pgxXuXmh1a/rXl3vGitq4bSlZsTVfXo/iaZ FBGKSksQOp5eHBdLAQEnk4qsLb/rkX/vVIZf/P4VEPBDAoF+ivlVBHo8DTQQ6AEBfxZ+mZRXoy1K CZYtW8SgQffiOgKlJN9v/pJet9xEv3/fRf8BA7mt1795fd5iXCfC6FdGkbB7L8LE70NaoIWDkR7j Ro2gdfOmtG7ejAtqnsNf//pP6jdsSrOWbWnV9lK27dqNF18cVd6v4mmwWrv0uPJqunfvQannYpQv 0L2TKtA9stK/44Jza1D7gsa0aNGO5i2a0bRZExo1acGchctxVdw06DfWtjISLmfalMls+HJjlalR pZnfL4ffIcQjJeUAEydOYvrrMykpC/3iC9z8rH3Meu1VJk+ZyrKVH+Ap7UfvTdTf4FEGrcNs27aR 7t3vwXNP/gOwIhp8Qv9WK6wtIxwt4OK215B7qBxjxGEbU1p7WOOSlJTAq5On8NprMygqKv5dP9Mz MzOZOnUqU6ZM4Y3Fy4hFPLS21UrxFJgYX29aT6u2bTiUX+Bn42h7Ujeb/gjZCD/FH/36ThYVpp9+ 1yONVX62mAwi5wHHzf+2DgsE+inm1xDo0oCnbWUbJvht1kwGBAT8bxjjR6KkNkgTT69SJ68GXRhQ bjlDX3iKTzdsQ0tByaFk2lx+E5u+3ITnRghJTVm4hF27d6CNw3tvzmfgfcMIa4k20Xgaqx9djTgO 5WXllIQKGdqnN2f85f/xyVdbCJWXkBMOo2Q51rhIJdHCIFUUz0g8YdAyj55XdKDLDQ8S9cIY5WCF IaY8YlL5qefad90V2uBpjZBhHCMQriKkFFYIrHFR2uBa/FR5o7FxNamNoTB1C7Vr1WDExEWESkKU l5VQWHCQ/9x9A81bdGDvoUJKjEEJF608rFRYYVHSIqXG6ghCWZQUKC9MVFu0KkeoKJ4WSK0wMorU AiMjGKWxwkMohacVUrrEtMJ6hSgtkdpilMLKKJ6SRLXCqChKKqSyaANSScqz9nHeGX9n6MtzkcpD KoXQrh9ZjqfeVSzYLf4mSMSAESUIY5BKEhICK8sQ2sEzBqvKUMZBaYuWNp6+p7A6ijbKX8Rqi1Il ZOZls+6zD2nfrDnb9qeilcAoiTUhrDZo6aA9iyfj81X70aoKKjK/TPxcrdFY7WcEKKFRohwpPFzj p7WXl5Sy+ZuNfLhiJp26/xvPlRgLyhO4RmCVQBtJ6oFdDHtxKq7QGBPvGqA8rI6htEAZg1bST5m3 +J+PdhBaIYRGei6OjBGTAk8qtDJYJRFak/DtF0x+dRJCRNHaxI1Zj2VT3KCVgxKCsJvHI48+T36J g2v9+aC1RhiFlaUYLcnJzuOTtWtp3+EGNu7Yi6osN6l2rOqf7U8ct6LOveLfmXj9pKcMVnkIq9DC 4laI5uNAW3/9YV0HYRQxoxHaYj0d7yktyC0t4rNvvmLj6ne4tfMt5BaVY7TESI1UHloqlJbs27uX Jx+4l/zyiJ/ir8Jo68bvJzG0duLlNzE8JTDSYF2NlhbHRvzP2MQwRvifs/b8zRsdRijJjKnTScws xhqNUo6/CXCU963SM8NotHLR2kVqATaK1h7aCKyyWOOiDWjlIpXy3w8p0EqgjSEmDSZmMMohplxM TKOMQQlJWEs8pbGuxdMazxpc45c/WGUxRiOt9OeXNCihELYM5WmM9L8nQgg8JbFKsfrtmew7WIAy Gqk0RmuMVFjte4jo6saDx8iPTD3jpZPWuFjtgfX8jUsTOamlR78kFdcgjMTVHtY1hHQM45RilEJV y+gyJlhHB1RRNRf855U2BlfFn23xLKHjIRDop5hfQ6B/t3MXW77fgYqn/EEg0AMC/ohorZFS4gjJ rLkLKI9E45GTkxM1lcYQKsxg8KMPc6goglKKzZ+upXvvRygvKyNUVkheKIIUDsooPBlj//avaFz/ SvZllfoLaaMwNl5rakErg7QO/72nD6f/5S9s3J6INZKwMRivlJKiAtasXcNby99m/WcfURIpwxMW I/O45Yor6XJjX2KOixIOmzd9wsfrv6SorAQpJYkJu1j19kpWvfMuSQdScJUiplwSNn/Llu3fczAl jXffW8X7739ISuYhHFMh0HW8fgyK0nyBPnbaCozUGK3QXpR5U0ZQ4+wGbEncT8QopBNh544drFqx jPdWvUdOfgmeshjl4YgY27ZtZuWKxXyycTPFBbl8tmET6dk5SKXYvXMrX23egvAiKKWJhYr5ZP3n pOUVopRL2PNI2vUtq1atZO2aNeTnFyKVX+stvDDffruJ5W++yXsfriErJ4/8/FzWvrmAc/72V+4c OJzP1n9Kbm4B23d9z86EBEQ8K+GHAj2qLNotIbewiOQD+8ktKaEsP538ogJfoMtShIpRVFJGenIq hUVFCKVRWsbr8wXS9UhPTyQ9K4visnw6tm7LdykHMVphlETrCOWl5aSlHiDvUAGu8IWIiHsmVFC9 NMvfXJY40TBpaWlkHcohVp5H8qEsokL4jrlCYYwge/8WOvXoi/Ck37ZPGhzjoT2H4pJiSouzyS8t 831Z4v4BRrkYFcP1HLJycklPTSVWXu5vdmiNFBFKS0sIlYbwPI+M7IOkZmXiCIVUBiN8Ab/x41Xc M2AgnheOR+99kX4sAt1oh1BpGbmlGWTnFRMRhli8Xt5ojTYKzykj62AGOdm5lBfn06nrHWzYXk2g G33YcapvchztuD8U6OBvbAllsFohrMZIi3ciAt0YpFIY4ZGdn0NSSgrl5WUUFpVSFophlEJojTCG WH4md3S7g5yisrhANyjtoaWkpLiQ0pISygoycAxxgR5CmZhfxmAcysqKSE1NIT8/i5CrMdEwUkUI FRWQUh5DyjD5hVmkZaRQHi5DKhEX6OVIpbi33wA27UpFS4ExLp46uuNyheeENQqtXJxYhINZmaSm 7CYcCZNfVIBwte/VYQxGxYhGIySnpZN9KAvXieFqi6M0xtFo6ZJXVMDBfSlk5+UTKglxsLQEqQ3W s5SWl1JSXkRUeUhXkpOZQ1Z2NjHpoZVBex6OG+ZAxiEyM9NxHQeh/ffeVR5GKmaMH8q23ek4UsQF g6n0YjC2YhPn+FR0dXEOVIoSbQXSSrACbRVaR35zXS6OhrUaZU18E8fFhiz5O78n9aMPsEKi4tcY CPSAH1JdoButUFqTnV/IZxu+rHRwD1zcf0f8GgJ93uKlLFz6JlLrIIIeEPAHxhiDEB5hx6XLdTcQ ibkYffJSr6XWJG1Zxz0PPEhEWbTRLJ87m1dmLeO//32BNi2bcmG9BtzTrw/lURdlJOX56bRtfDHz VqzGxCOgFSZXPxTop/3lL3yxYw9YhWMM+xO/pUXzVtQ67wKaNmzCWWecxq2330F2bhlS5nPz5VfQ 9ca7cZw8pk6dyJln1GTYi5MQXoi3ly2mZo0aNKhXj3p161Cnbn0+/SYRx41yT/futP5Xay5peykN mzThzNNOp227y8krK4+b1cn4wtVQlLqZ2ueezZjpK9BCopUmVFpGr9tuovXF13CooAity1k+fyZn nVmTJg3rUa/eBZxfrx7rN23GE5LhLz3HP08/jfp1LqJOgxZceXE7zj6nDvOXv4/Umnvv6cfFHbtR Fg7jKUnGgQTOOPNsFrz3KbFwMY8++jhnnH4GDRo2pO4F59K0RVt2H8pHiDKef6Q/Z51Tg/qNm3Je 7bq0bN2WD1a/T91zTufMv/6Vf9RoQ+3aF7Du4/X07tObvn3v9hfvFW038Z8FSitcIXhr6QJq165D y+bNaXfxJXTpcCkjRo5BaIOI5DNx0njqN2xMm6aNadK4CW8sXU6Z8LMiImW5PPnoEzRsWIdGzVrw 4EP30aFVW7anZWOU71Xw5orlNGzYkKZNm9GkUWuGPvMc4ZiDJ9Vhi/iqxb+/2Dl4MIOOHTvSsEFD mrRsxfWXt6PbdTdTUFyGMv5iWSuP7P2buaa6QFcGR3uk7EmkQf16XHh+La64+t9EYlV94a12CZcX 0rff3dRr0JDWLVvStmVLdiclI41m/75E2jRrwu09b2bipKk0b9GCOg3qM+TpUYRdRSxSzoI3lvHM I/fSsVMnZs6cyqyZs3j77VUopX9WoBujcaJFdOp4NbVq16TGOfXJyI7iGD/SqZQiUpbPfQ89QoN6 dWnSpBl33X4rV3S8iQ3f7UarCoEuK7seVF5b/D08ypErRXdV5F1hjfKzJIyf6mtVlTnbcWEl0fIS xo0bS8OGDWjWognt27Tims7dWL5mPUr4522MwSnI5PZqAt0qi9QeBTl51Dz7HM6vVZPmdetyML8Y YxRahTDGQQmPFSveoHXr1rRo0ZK6devwwCND8UIhHJFH56v+Rb02VzJu4hiaNG9K/fr1GDjofoQS KBUhef93vD5zJl0u78iTI6YzZ+ZMZs2aTk5+4VGjvqayI4AgHCrhrjvvpGHDJjRr0ZSrr+lMx2uu ITO3zM8uMR47vv2STh070rRZcxo0qE//AQMpijp4WqM9l1XvvU/LVi1p07gRLVq14fqu3Xlh/Hhc qTFRycABfWjRqB5bExJ48L77adKgIY2bNGfD19/guQ57E77hphuvp0GjdjRudhE33HwTh4ojCE+Q kZPFvJmzGdjrWp55aQKvz57N7PmLSE7NqPxMfYFufjBnjuHjrf5n429YKKPxtCGmDUYpP2NHuOjf mInm0dBWI6yf3WFMDCMs6QsX8v0TT2E84bdYCyLoAUfghxF0T0p27zvAmPETK9usHQ+BQD/F/BoC fdGyN5m3eClKm8PS3oIbS0DAH4uK77cjFV2u7UHU9c2kTlatprGKT1fO4Z77H8I1EmUEr08YRZur b+K9Dz/A9aIUl5UzbcJoBj/yHJ5WuOE8unfuzPjpCzHC+CnDPyHQP9uZhLEGT0p69+jMubUbkbgv GSMkWzat47zzzueVMdORupibrriKbt0HsGDOGM67oDaPPz6S0pBDTsZuap15BpMmTKS0pIyiogIe uH8wPXo9QixSSv8u19CoaRO2b0/EkR4vPvMYNc48l4Skgxgr46mZfg1iUepmatc6i3Nrt6JF4yY0 btiIOrXr0bhFSz5e/xVSS/YmrKNx7dpMe30hpSV55OWn0vayi+k36H7yikqoX7sB9z3wBK7nEnYi vDZ2GP88rQbz3lyDMYqB/e6i1ZXdKApHkVaRvm8rp/3zNOZ8+CWHDiRQ54LzGT15BqWhUjJS9tD+ 8k5MXriK4txk2jeuy+CHHybieoRiLol7k4h6LtlJ31PrH39lyAtzKA+V4nke+SX5FBYXVZY/VG9d ZYzgnbeW0vHqa8g+lIvWmlBZHjd1v5YRI8cgteLdpfO4p/8A8kqKsSpKfm4OV3e4iiWrP0aKMKOH PkyfPgOJOiXEhObD91ZR96yafHvgIEYpkvZ8zR239yE5ZT9SCSKhEH3v7s/CN5b6G8jV5mlV1xFF qLyUnj178vY77+J5gohSfLJ8CR2vuY6ikpAffVcGayTZB7YcLtClwTUCLQXlkRD79uzghlsGE/Pi feHjEc7BA/vzytgJhGMxtPJI2P4djZq1oigURmmPUP4hbry+M+Mmz8SJeSTs2krTpp3YsnM/MSfM sjdX8fyjD9CpU2dmzpzO3DnzePfd949JoGM1Rju4TpSSSCldrrmJjOworqUy823000MY/PhwPM/B E4LPP15D3Qbt2LCtukD3yExPY9XKVX6UtCIqetR2bdXmgDYYpTHSYeeObcyeNZeoMn57VungxaK8 vepdHnvsMYYNG8bmzZvjzutHr202OsKXa96hQ5euFOYV4KkY4cI8HhzyGMvWbUDKeOcFbXAKs7j9 2l6HRdCNkViliUXD5BxM5bZrO5OeVxQX6GG0cTiwbzudr7mahMRdSKUoLy/lqaef4u2PvkGqEGXh fFq1vIhRE2cSiTmEw8UMeeJRMrPy0cYlI30Xs+fNoesVnRg6Yibz585l/txZ5BeV/IRA19j4fSIx YTu9evWmsKgER7oUFRUwacpkskujSKNRbjE3XNuJd9591y8zcWOMHPUKT/z3FaKeR/r+7Vx1zbVs +T4Bo6JE3CivT5/J8ImT8aTBCo01ZUx9+Rl69hnI2rVrUJ6L6wpcISkszKTz1Vcw8/UFOJ5AyGIW L32Nex96GSfmkl2Yx7yZcxjYuzvPj5jEjDlzmDV/EakHs5DxTRhjFJ4XZfjwERxISfM37yrKHY5h oWiNxmhJeWkRc+YvoNwVONpgpEZJj6Qduxgx8mWGDBnCrFmzKC0t/flfeoqw1QS6sjEiBg4tnMXu IUOwSqGMCgR6wBE5XKD7WSp7D6TwytgJlSnuQQT9d8SvItCXvsn8xcviNVOBQA8I+OPif79dpel6 /Q1EHZeTaRanrOKtBeMZ+NDjuMZB6RiLZ4zhX1d094WM8XukH0xOoNaFTSmOSEQkj549OvHypBlo R8cFuj6iQD/jL39h/c59fhTDDdG+VVP+dc1NlAqNlYq8Q0k0b9qUB/7zHI4tp2fHq2nQqAXnn3Um /e99hDLXQWnF1o0fcvr//ZV/XXwpnbveSOfOXejatRv3PPgs4ZIsBl3XlW633ElRuYPRUd54fSxn n34e2xLS0VaAjcXbpymKUr+hdq2zuHvws6z54H1eGfkyLRo34pUp0yiJ+Omjb88Zw2n/93faXd6N bl2vpXu3znTp1oWhw54nOWUfZ/69FtPmrfTdxU2M3d++T63zL2TuWx9jdZT7+vaiZYfrKIzE0EZy aP83nP7PfzBt9SY2rXmbs/5xGq079KRL1670uP56unbtztRZC/HcEFPGDueyyy6lb59+TJk8lc1b viMiFCWZ+zn3H3/lqRGL/Jp/o5DGr31V1aLTEE8j1y739r2doSOnIFTcw0CV883Xm/hy4yaibpSH 776T2bPm4RiFUQ5GCuZMeoUnR01GRAro0KwZS977HG3DSG0oLc7lknqN+DblIEp4zJvzAh2uuJ6J U8cxYfJUJk+cxr/79OWZZ4cdMYIOYI1g/95dtGzZMj7HQGhDef5B3njrHSIxF6F0ZQQ55wgC3TMS q/301KyDydx464NEPV3ZVSBckkvzxg35z2NDGT9pElMmjWfiuDHUa9yC7/fuw9OCUH4ud915I3lh FyU0hbl7+FfrG1j/zS6k8RBa89XaVdx9z0A8GfYXY9r4PgTHkOJutcRqD2kN3breSnpOGNeCNpqY 4/DAbT1Z8HlCvDWhprzoEB2v6clX25PQ0k9X1jLCU0P+w+233UFmTp7/OVuNNeLox7UVfeLxPQJ0 jGHPP8k9/QeSFXbjIivEq6NG8tLLY0hJSWHnzp1MmjSJrKysn27jZ8NMGP40cz5ahxYGT7mYWIwt CbvYk3IQLXW8LZ7BLTxEr269DougW+t7AVgjKS/K5o7ru5CRV+gLdB1GiSjr1y7jxh7dGTthAhMm TWLShMn858GB3Nr/JTwvQnFpEZ1bnUNCRp5/LFXGiFHPkJyWhdQCbcpRRnFv3wFsSkzFKIXR8RT3 ozgbVnZtsJK83Cx69ryJAQMHMWb8GObOnMHWb7+iTGk8LRFF+7jskla8MnYSkyZPYeqk8Tz88MM0 btmO/KJCNqxbxpAXRuFqidKlCO2SlpbOlh07kSK+0DelvPrco9x571O4Svh19NIvQdi3ZzNt27Tj xZcnMXHKGF6dOIH//ncozdp0Ji8n36+jVorXxz3Ntt3pKOO3xfTLN6xfiqGi7E3cSr9+A5m3YAmu 9Ovl/XH0sobKlr1aoYXLgjkzuabTNWzYvBWpXH/jpbyEgYMe4utNX5Oens7KlSuZP3/+UX/nqcZq HS918ktmyixkLJnFrkCgB/wMPxLoBpIOpDBm/KTjTm+HQKCfcgKBHhAQcPL4ZQW6tIqP3p5B/8GP 49goSkXYsGYJHbrcRmF5xG+BpGNkJX9PjVoNKIoq3NAhenRrx5hpc9FhhdTyqAK9xl/+wmc7fIEu RRkdL21NnX9dTb4jMUJwKC2Bpg0a8OgTw4naMD06dODS9tdyReuWNGzWns07klE6xO7vPuWMv/+N RcveIqotUhs86eBohYxm0f+6rnS8pR/FYYnxilkxcwznnHYe3+3KRFvPN3syYKykKPVrap97FiMm LsBIDyVizJ4ykTNq1eb9jz7HKM1HK6Zw+j/OYOXHG/E8hREKrTRCOmRlJHD26TUYNW0ujjZI7bLt 83c4++wLmPvmx1hdzuB+t9P8iq4UhmMY47Ln6/c5/R9/Y+qab9m+4UPOOfNMpr2/EWOUHy2WCitd hJK4SiKiYbZv3caQBx/hwgvrs3NvCoUHD3DuP/7KE8MXHJNAN8Zl4F238NzkRXja4hpQugxhNJ4U RJ0SBt91O3NnL8IxCq09pOeybMooho4cjwjlckXT1sx8ZxPKliG1ojDvIJc2aMjWtIMoKZg143G6 de3FlNcmMGXaNKZNnc6U6dP4ctPXR4+ga4+9idtp06YthaEwnjFo5RvtxbwYXtwkzh63QDeVAj1U kkPrZk155oWXmDp9GtOnTua1aa8yZcZssopLcZQgnJfP/Q/1o1RalKMoyd1Bu9Y38Ok3iXhx871N a9+h/z0DcUS40iDu2EzifGFghptasgAAIABJREFUtRsX6LeQnlPmR9CNwnUdHu55I699sgulBFJL ygoyuPKqG9m4bS9a+psBhzKSePyhwSxbtpzho8b6Bm3WT7M+4jGhSqBrg1WCcHEOkye9wsYvNzF6 9jJETBN1Cnmgz79JTjuEMQYpZWX0XCl1WN/yww8QYsywIby27nPfrE24mKiD0BajDEZJhNW4VuMW HKJ316MJdEGo6BB3XN+ZjLwCjI0LdBlj/ZpF9O/XlynTpjFl2lSmT53G9KkTWfnRV3giQqS4nKtb 1iWrpASpJVoXMeKVJ9mXnIHUCqUjKKO4r58v0K3WcdO3o7dxqyi/sEYjRRTHCZGSlswbyxYx6sVh XNGuDV/u2IejHbzc77i269VMfG0Wr057jamTxjF96qvMX7KCSDTEZ2vm89jwcThKInQpQsdQwvXN 4jzfwE2ZEl5/8Snmr/kK1ypf/EqDlR77Er/iyqt6MGrSJCZPm8b0KVOY/uprzFwwl0g4gqc9jJDM GDeUrbvT8ZTEaIlS1XwLZDkrFkwncc8+XhkzmYKSsmMU6Do+JOGyYgbc3YeN69dz5z2DKSkrQRpD 9r69vDpvEcIRlXPmRDsd/BpYpSk3Bs9qrFJIbclcNJfEIY8FAj3gJwkE+k8TCPQj8MWGjXyy/rPD XHshuLEEBPzRqHgICCl59vlhxFz3pLbX0VqzZdMaBtz30P9v786jq6rvvY///6zVde961up6bm8d OkpvWztdra0KiEARQcEqijLjANYK1VptHaodRRS9dcIRRVBwCorWEQc0ZABCck4gARJIQshMhpMz 7L1/0/v5Y+9zcgIBwXpJxO9rre/SBeEM+wzZn/0bvqSCAM+maWmIM/zMs3m5oIBEbzf79jVz/z+W MGfeb8gEPh37dnL6Kafw6LJX0UEX2pjcFHdjw/7PRme4adY0/u3//F/Wl1WirMWoFLfecA3/+R/H sfTJZygq+Yi77v4TJ574bZavLCClOzn3jOFMHD+VDes/5NQfncJpp42guKKMnq5mTv3vHzN67DjW vvE6JaUlLF/xDC++8R4q1ca0c89hzHmX0ZbwsaaHZx+5m//371+hrHw3xnk4l8Jqh7EBrbUlnPif X+aOux8gMAar0jTUxvj+d7/H5VdeR08qoK1xG+NGnsHIs8fy7jvvUlRYzCOPPsmata/Rnehg+Ck/ ZuwvxvPeh+tZ9/46rpx5KV/60pd59Ll/Yk0Xt/32Kk78+kkUvP4W773/DrOn/pIvfenfeGzN27Q1 1fGD75zEz34+inXr3uPj4lIeX/YMtTXb6Wjfy92LF/H62lfZVLqRlStX8R9fOYFX3nyfVHcTPznp OEaNvYAPN2xkb2s7xaUfU7SxiEy0+Zk1Opye6sBan+VPPsTYib+kbm8TSc+nu6uN1/75JhtKSjA6 w8rHHmLelfPY296OF/g0Nu5h0rnjeObFV9AqzS2/+TWTp15OXdMe2lv3sHr5Uo778pdZv6USZXxK S15n1sy5NDXtxvc8/HSG7btqaWrtwBhN+ZYSSoo3h2tv86a4d3Z2MH78eF557XWSXoqM71FdvY0X Xiyg1/PQNsDPJOnubKWyrJAx486ntb2Dju5u0r5CGY2XStDV2U5lbAvnTrqM5rZ97EuEa/5VJsFF kyby9PLlJFNJgsAj0dNN6eYyMkoRqIDGmq1cNnsGe3tT6MCjYWcZPzr5LF5/rxjfaLQOKPnwbaZc eCHJVIJMJkNJ6Sb2trSGO4LDIZaaWLSXoWdfG52dnYw++xyqtu+mvauHVBAQqIA//eZa5s6/gebm vTS3trLmuWf45kk/4p0Nm8PdwIMUrz3/FB8UFpHo6uG66xeQ8BXKWpzujS6K9f8usNaibTid3Bkf o3t46umHeeOfb5Lo7uT8C2fR1t5OoNOseOJx/nTHnyhY8yobSzfS2dWNMhat09Ttquajj0vwVf5G fxZsktcLVjLh4qm0t7STSWfoaevgjXffp3pXA8po0n4vnV1ttOzayfljJlG9ew/7unrwPIU2isDP 0NPdTv2uas4bN5qt1dXs6+4i7aXQOqCyooi5c+dSV7+bQAX4Xob6hgYaW9oxJkl7Ux0//eHJ1NQ3 EqgMyUQzt9x2I1viVXgq3DtBaZ/5l1/Oa2++hed5tLS18N76j1G6b00/RBvDOR39N7y4U7W1nDvu uI36pkZ8r5dUbzd/+MNNrHr1TZQJ0KlmLrnwAjYUlYTT0jMZGvY0sn1XA1p77KgqYey4CZSXl+P7 vSSTvXy8oYSSsvJwZogN6O3ew503LeDRl16nsbub9kRPtIeEormphvHjJvLaG2tJZzJ4vkdLcztb d1RFF70UVmd46N4/s+a1N8j4Pl3traz7uIikl8GpBPW1m1jwm+vo7O7mgf+5j+deeBnfaAJrMGbg 2Rc26hZhtMIEKUqLClm69BF8L8GCa69hQ0kZnraku5u5/ne3sOzxZaxbt46a2l1h9wPLpwot/9uc 1XjOoLRFK0vSGFrfWcfOJ1dgtMZEn6HPY0tDcfQ4a9HG0NDYyIsvF8gUdySgD0hrjVJqyF+5FEL8 a7J9mIMgyG1Kkh21+Cw4bWlr2c38+dfS0Z0hbTM43UVZaSnjx45m6iUXcd75E5k4aTKdPb3oIGDH jk1884RT2FRej3FdUVskHZ74Ghf+0goy3Parq/jqCd+mZEssbCVmNYmOJm773QK+/rVv89UTvsJ3 vj+Mx55YSSqj8E0XF0+YyPRL5pDyFGVF7/Hj73+PcZNn0NLSTH39bkaOHM6JJ57A8ccfx8k//CEP r3gJlexi9oW/ZMrFc9iX8rEmxeplDzHsa98hHqvFOg/n0tEmVQFNu7fww+9+i0X3P0hSG6xOY4Je /v7n2/nWsJN5a30xWvvUbNvI6aedxtdOPJETTvga3//BT1j2zCo8bXjv9Zc49Uc/5LjjjuPkk3/A bbfcxFe/cgIPP/s6xiaoKv+Yn59yKscd/zVOGnYSSxbfzYlf/zbPr32DjFK88cpLjD3jZxx//Ikc f+I3OOVnwynduImmhp3MnX4R3/rmNzjuuOP5+je+za+v+x1d6QAv6GX10w/yzW9+kxO+8R1WvFDA vHlXcMVV80lb0NGmTtmAbmyAUr0sWvw3zhgxghkzZzN50mRGjBzFh4VFGOXhp7q56YbrGfOL8cye M5cxY8dx+1/upCfjYa2hq62RaZdcwimnncmoEadzyQWTGH7GcCZfNItEKoWX6eHuRX9j9FmjmDNz DjOnzeKH//0TVr/wKkYH3HzTQiZPvpSUr7B5m0pprYnH45x++ulMnTaVWXNnc+aIUfz5L4tIeR7K eixf9igTx49l7OhRDBs2jLHnjGfcuRP5uGQTgVI8sfRBJp4zlrNHjWLYf53MmHHnMumiqcSrtqMD j6b6GiadP5FLLrmEuXPnMnnyZE477TR6enpoaWpiyriz+e4PfszcXy2gu6uF3y24mq9/42RmXn4N nb29WO3R29nGpPPOZeas2Uy77FL+67++x8Yt5QfMWDjwc2vY8ME6LjxvIhPGjWPYScMYM3oc4845 jxdf/SfGGtqb9zBl8nn8909+whlnjuAXZ53FmWeNZuZVv6atp5fEvhYWXnU5ZVXbadlTz8P3L+Gj zZXRWuAk27dXUVa2mfLycsrKyijbvIVNZZvYXFFOsieFDXx6euo4d+J5VFTEaNm7hz/e/gcWLX44 2lAtzb72Nt5++23+cOPvmTZ9Do1t+1A6wzNPLWXc+Mkkkul+m8k5myGT7uC6Bdcw4ZzxzJ09h/PO ncD4iZOJ1dShnOGF1Ss4b9wYJo79Bd8bdjKjxp7PuPGTee75l9Ha8P777zJh/C8YN/psvjvsJM4+ +2zOGT+BFc89jzYa38/whz/8ntGjRzNnzlymXTadn/18JC8VrMXoXm68fj7f+PrXuPjSOSQS3fzx 5pv4ySmncsGUy9jd2BReMDQBjz/yEGee/nNmzZrN6DHjWPDbG8l46dzO+JDdUC2cARRO7w4o37KR CRPGc8GFFzJ31gymXnIJZwwfRVNHZ3hBRHsUvPA8Z5z2My6fezmzZl3O8JFjuOmWP6GUj1ZpHn7g fxg96izmzJrFpVMu5pRTz+Cjoo0oo1FBinkzL+XMH/2AU0eOYeyESVw253Jau7pwLgzp7775GiOH n8H06dOYO/cKRp09hnnXLMTXOtx/wKV55+1X+OlPT2HWrNlcNHkCM+ctoLWrG+N3csftt/L3+x5m b9NeyjeVMmvGdPYlMyhrSXW3he+X/WvLFuoaGtGqB5VJ8Pe/3sKGkmLq99RRWvwui+9ZStqosLND 0Ebtjj08snQpM2bN4emVq3JtFT+rDiOfHUvgoj7oxuJbS9KkUNb/VDtxiy+m7LmYjdodfpqBEgno g+xoBPTsG+WQa8WEEJ972TZr2VCulPpUu4cejDMWHfRw0w03sL6wDN8pjEridLiRV2W8gtraGpKp NJlAY33NywVPMG36fNKewVgfo73cCa61EFhLoD321u2gvCJOT28yaqulCbwMfibF7vp6KuJl7Glq wA90uEbaJKnZXk1tbT1eFJwb62rZEttGc3MzWiuSySS1tbXE43HaOjro8TVWedTX1FBVXUM6MFjj 0dXRxNaKraRTPtYpnPNxxqG0wU91sW3rFva0teMbjdFpnLb0dLZSHtvMrr1NaK1xvk8mlaK6upqq qmoSvSm0tQTGYZRPZ0cHFRUxmpsaiW8p4fivnMDDq/6JcuF67s59+yiPxWltbSGVTFJRuZXmjk68 QGGUh9fbyfbqbWyrrqarN4XWBqMU2vdoamqiIhajdvdu0n6AshD4AcZL09yyh/LKLXR0d1JXV8fu hj0kAx22cLJh3+NwBF2jtYdSPpWVlWzYUERFeQXJdCZspaZ8rPJIJRPEt26jsKiYysqt4f1FO8Jb laG3u4PS0lJKNm6iJ5lkZ00t27ZWo3wvakmVomrrNkqKSigtLqWxeW+4LEAHvPt2ATfecAtBNFKV /74OgoDW1laKSzewoXgDu+rqw5E4Z1EmoKVpD5XxcuKxCmKxGBXxOLHKSjq6utHG0NrcSLy8jHg8 xpZYJeUVMcrj2+hJhZvCWZWmvb2NjZs2UVhYSGVlJalUCq01nuexrayE8ngllTtr8P0ku2u2U16x laqdu8gECqt8jPLY19FGUVERRUVF9CQSBPutrR/wc2Utia59VMYqiJVXEKuIEauIE49V0rovnHVi tE9PVwelJSVs2lxGZ3cPO3dsp3bndrTyeOC++7nyiqt5cOmTLHtkCffdvYSJF06lNwh//9fV7SIe D49NZbySyngl8coY8a1b6U30YJXhvXVruf76m1m69DGefPRh7rv3Aa64cj6+7+FnUig/jdU+yk+z 8tlVvLO+CF8rmvY2cOfi+8j44RKK3NN1CqPT+F6KyliMog1FxMor6OruQUXrfDvamqisqKAyFqe8 Is6WeIwtsQqaW1sx1tLV1Uk8VkE8Fr62FRUVVMRiNLe1o41G6QDPy1BTU8OGDUVs2rSJXbvD94YK ktTtriJWUUZ863YymTR1u3ZSHotRua2aZMYLl3won8BPE4/HKCwspKp6O6mMj7Wq3wZ7YUDXuWUB OENvopuGhnrqGuop3vARpSUlNDY3h7OAjAl3A1eKvXsaKfy4kOLiUmp21YfrvI3CWoVWPrtqayja UMjG0lJaW1vxfB+lAqxR7KiqpLK8jHiskliskqrq7QRB1GnCWnTg0dHeQklJCUXFxWzfURO+J234 GHE+QdBLVdVWCgs/pjJeSsLrwlcBrXt3M+PSK7jn/odYuvRhHn1kKQuvvpL4jl34WuGluqmsrDyg 4vE4DXvqMdqnuPADpk65mIeWPsZjjz/OE4/cz9TpV4WzFoIUWiVQKuxIULNrN+ddcFHu2LshFtDD zg/RsiircZ4h41s8I+FcHJnsuVc2nEsf9M+ZoxXQP2m3VSHE51/2BCI7Yya7PvSz+txba7Cmh2WP P8J1v/0zqSCFUgoXTZV20f07wl3CAy9g8eJb+XB9Sdir2Sqs8XJ9ZJ0D5SzKGazxw+Ce9zzCqYTZ kZZw5ErrMNgbG07fN1Ev63CTLY3RLlr72/cLMZxOH629tibcCCrbA9uqcCQ5WnMabv6kc33QrQn/ 3jjQzuBcEI4SGg/nwjXD4RrovL7C0fE2Ub/x7DTZcMdwn4qNhRz/n8fx8LMFYbg10bRZ8v+tza11 Daeiq+hxRTssZ9c2m76Txr6WSeHfWx2uP7bOw9ggOpag++3iHt2vC/+//7En1yPdRiPuNtvrOLpP Gx2nbF9oZwOcVejofnS0O7jLjTrm9QU3DmuD8O+NYv2Hb7A1VhVe8Mhb+9pvaZazuWPlcs/Z9Hv/ ZV/v7PGwNrteVgPR0gprotc0eg8c5P2XO7ZG9bUdcxpnVG6ZRjZoZI9P30lZ2Np0S9lmCl5+mYKC AtasWdOvCgoKKCwsxGiFNdFziOaJ27zXKv/2jbWo6HFbnaKzdS+zZ17OzpoGtHFgE1gdcOPNt1K8 eQs6F9RM3nEkOl4BVivS6QR/uuNWmprq0Sq8YGK0ZuXK5ax7933WvFTAcytXsOblF3jhueXcfvvt VNftQRlDe3sbxZs2h8smcrMFiN5PKlrSonOvvYk+1zbaYMxF73VtDcapcFp23lTi8JjofqOt1oXP yeYd8+zPZz8bOBVukBdNWQ5/LjoXytuhPLuWOv9z5IDy8k2sKXiRgpdfCl+rNWt4eU34OhYUFPDB Bx/kvl/DMK7yvv/Ie479vxuMcdH70vZ9JqLHFj6nqIzJ+zsT7VPQd1t9rfH6P/7sJnDhyL+NvjdU +HqYsD+7tT7GKF596QVeX/tPPB19rnWaeLyCm275I+2JJCoYeP8Cay1KByjfZ8ndi3nv3fdRWqNN gAnSrFi9gr8tupf21j08+dhTFKx9iTVrCnjwoaXce/9D4XvFfnYdRj4rxoFVDqUtngtwGYXOZH/v SEgXhyf7nZDNXRLQJaAPSAK6EF8M2elU2WUt+ctbPpvb1xjdQXtLHctXvko66CYwLhd8+m+EZcl4 Pu+8uYZ0kEaZIBo5V9EuyGFpRxQ2Bj5ZcxCeYNr827fRyK/tv9lZFFgP8Qz6hYeB/r7fz+btcB3e v0G7MBw5G2CtyoW8fsHzIAUWo332te1l9epVVOyoRwXRhlkuezEhb4pw9t/mjsPhv47ZcBoGswCc PmTbJJd/f9Frkf9YDv+O8/rI277bO+hGhc6LgodG6160H045PpLn+qlEx8NEswecVYfs1ZwLfX1/ Eo2uDvxvsmvOjfb5yx23c9bIEQwfPoIzzzwzV8OHD2fEiBEsXLiQQKmB73e/wJsNYyZ70cF47Gvb S3FRCYHKbkwXbgTW0d7CtqoqPG2j45l/oSP72ng4o0gkOnhv3XsEqhutAqwxGJOgo72Nwo8+Ip3q oaS4hOVPL+O1V16ktb0Fzzi0sSjfx1Nhj+h+I+hkg7KJplr3f4/nr+8O35s27+f6PnsHd/Dnlfv7 f2GDzMWL/saI4WcyYviZ0WsXvn7DRwxn5MiRXHHlPLxoJPvQ3zsDO/D9FF5EcdFzyv/820N8x3zS 7fe7GJG9QGI0VvsUF35EZ2cbvh+EF4N0L77KsObVtbQlUvhq4A0ArQ1n8Kigh82bNuL53eFsAG0w vk9vJsm6999Hez6NDXtY9dJqnn7qKUo2bsLTNm9fhqE1gu4IvxP86IKRCzw8kyJtAwnn4rBlc1f+ CPqRvn8koA+yoxHQS0pK2LBhgwR0IY5x2VHzIAi455578D7jTeK0NWjdjfZTpLRC2V78aIQM+gdR nCKwmrSXJhUkUCaDtT7OBhhnciOo2d2CnXEDhMEotLtgv9uORrijE/rsCLdx5MLhAWVtFMLCn8v+ u+zJa7ZtUu5+nMI5lRuNdtEv28CBlw11JhxBVdlR1QPuz+bWsGZHuqxRWBOgTYDSGqscTpuw/zpg o9G1cI1+NOKYvQiwX9jPjibny96vyV5IyB7b6HiZaN35/nIhIDciZ/cLh/uHdZv7b353kDBkRaN9 2kSj5IfYzdxlcgHd2RTat+jAjy76HEr/8DXQ7efeLwc8/mi0n/0D+sHvLXcRJrupnrPg/GjWQN/z z7+vMED7BF4S38uQ8bzcspMgCPB9H9/38TzvgGOde5zZ28rebjSSHu5yTjSrJMCaaIdsG7Ytw6Zx KkXgZaL2hwcL6AYXzUZRSmOUxphw9NwZH6szGJVBBz5+oFDGoLWHNgGBJdxBXisCo8INtNwAAR3A 9U0Xz816yb43o4tfzhkG+uzuf2yzx6ZvVsB+z8se5DXPe2z5F40cA9++CnpRKonnpcPXTGn8aNNA XykyQfiecQ6ctgf5fAx0+9FnJO8CRd/zCb/L8o8P9IXs/Mef20V9gMef3ePDWnLfednPiLEWpxVO +xitwu+iIOxyYI2PMSkCo/D1wS/uZqfWa5XBaA+tfbRR6MBitSYwPoH2sIHFmPB3gdFhF4rADOGA Hn13auPQxhHYFF2F69n5ylpZJiqOiDGG5uZm3nrrrVynCwnonyNHI6Avf3YVTzy9IpomN9AvLiHE sSA7xdfXmjG/OJdkOsO/OorU7/YhDLXZqeW2b7TnQBbrLMaEJ2guezLtzIGh8hPvef/bzw9EfdO0 3YA/2//f9f85u9/Jbf8R9PwR9/4hNPqzfuHh8I5xXzCIbj//wsPB/g1H/n094Ek7HHDsP+k2jlT/ AHEY9+VM3/PPBrRDjbh/ZgZ+Dx30YR7i333y/RwY4POZIz7pt/3ee3a/5QoOogAYTZP+pJvLrbMO R+Chb7p49nb6lg+Qm4Kdve/8pS2HeswDXywZ+O+HgtweDQO8PrlZANmf/cxOqA5+HD/tMdv/uyD8 Hu9bbpK/nCh87bM71R/6M5zdSyT7OPIvxIW/G/JH/PsvxRns88+DznTSmqS14RR8pVHGUP/U42xe eD1W63BUnexzHPznIYai8PNgrKVqx07uXHxPv1H0wyUBfZBJH3QhxGcn/Hz/b/VBF0IIIT7vDh7Q DSlrMVbhTEDaQd0zS6lYuFD6oItD6j9DS/qg708C+gAkoAvxRSEBXQghhPgkAy+FMvjOYlWAtRl6 HTQ+vZStEtDFJ5CAfmgS0Afw1MpVPLViVbibbrSeSAK6EMeeflPcx02gN52RNXNCCCFEnux0fKOz y7DC3fG1NQTOYoMAbBqrHY1PPEblwuuxQbiRpAR0MZD8gG6MxlhLZfUO7rrnvtwa9CMhAX2QHY2A /nFxKeuLSqO2FhLQhThWZQN62lfMvnwevekMxsjGNkIIIUSWtWELyEBpNpdVkEp7aGMxNuzUYbTC GA/nOWpfW0v5kntwKtpITwK6GED/EfRww86a+gaWPv5kruXakZCAPsiORkAPjCOIvoxkBF2IY1e2 H7Ayln09SbS1GNl5VgghhMixFpSx+Mrw17/dxa1/vIPyWCWZjBf9DlUENsD4joSXwHS1YLVG2XBk VAK62F9+QLfGoI0howwpz+vXbu1wSUAfZEcjoDtn+7U+OZz+mUKIz59wd9lsz+EAZ4Pov7qvJY+U lJSUlNQXusJN4JRS/P2uJUyZfgVTZl7N72/6C+17OrDaERgFLoNvA9LO5rp3CHEwYVvYbLcajXVR B5tPQQL6IDsqAZ39+mdKQBfiGBVOrcq2STJSUlJSUlJSB5R14GnLXxbdx5TpV3LR9HlcMPMqfjln Pnc/+Dh7W/ehlcJkNE7LCbP4ZM7mt5M12AHayh4uCeiD7GgE9OyXUb+Abg+zR60Q4nPDWYMz4Ro5 X2vSQUA6CMhISUlJSUlJkQkCUkFAjxfQnQn4813/4OIZ85gyYx4XzpjPlGnzuPiyq7hy3g0UV+8k kfFwysqglvgEti+gY6PBUfupl0FIQB9kRyOgf/Dhet7/8CN0bv2DJTvlVQhx7HBWY1WA0pa/3nkv 1/72ZhZcfzPXXncjC66XkpKSkpKSuva3v+fXN9zMtb+7lelXXMuUGVdx0bSruGj61Vw25UqmXnol 06Zfw7jZV3DbLTfSUR7HqfAcOjsjVQK76K9vBiOE75HuRC/xyq1HvP4cJKAPuqPSB335Sp54cjlK R7sIOgNOhetUhRDHDGc1RitSgWbU+El09GbwAkWgFIHSUlJSUlJSX/jyAoWvDUlP5U1xv4pJs3/F xTPnMWnmbH519Y089XwBpUsWU3L9zTjf5JaOWVkqKg4QDn5mA7q1UFW9gzsX3Y3+FJv1SkAfZEcj oK9YuYplT6/EWMI3SLSBFE595vclhBg81mqU1qS1ZuQ559OZTKO1j7WK8JeGlJSUlJTUF7ucNVgT Xrz+26Jwk7iLps/nohnXMH/61Sx+4B80N+8jaS1Ny/5B9cLrcRmNNRbjkIAuBmCjgc9wOYSxULV9 J4sW3SMBHQnoA1r+zHM8tfxZCehCHONs1PO8N9Ccde4FdKe9qJ+rfNaFEEIIAGs1Roe7uP/1ziVM mX4lU6bP55Y/30ttbDsZlSEILAlnaVj+ANULbsD5FqONBHRxEOHeXs6BNQ5jHNXba1h01725NmtH QgL6IDs6Af3ZvhF0k23BJFPchTjWOGuw1pBS4RT3MKBr2RBSCCGEiFhrMFrhBwF3Ll7C1QtuYO3b H9CZ9rC+Rlkf7VuUhT3LHqbiN7/DBVFAlynuYkC2X5csrR3bd9Ry5533SB90JKAP6IWXCnjxpYK+ TeJyfZJlkzghjiXGGJRSJDIev5w6g0Q6gzVGAroQQggRcTZsReoHAZu3bKGprRXfKHxrsNqirEIr i7aWuoLnKblzCU6FAV02iRMHkw3n1oI2jp21u3nwoUfCzQVlivvny9EI6MlUit5UOjfFPWyxJift QhyLspvYtHZ0YuQzLoQQQvSTDUvW2ly/auNU2LdaO7SzKGtJOo1KtKPaO3DGhT8/yI9dDF35syqs hYwf0JPo/VS3JQF9kB04iX9+AAAEcUlEQVSNgB724qN/H3SZmiOEEEIIIb7Q8jePi9YQOwicJe0U gVM4mXEqDkN+tto/ex0pCeiD7KgEdGexzkpAF+ILo38/TiGEEEIcyDlwxuVGyHU0Rdlag1M+Vrnw z+ScWXyCfgHd2XBGhvt052ES0AfZ0Qjo2oGyhBtbRNN6HJ/+qo4QYmjKbhKnTFjhZ76vL6cQQggh Bua0RhtL2hkyJsBlLO1GoU0Ga3UY2skL9XIiLQ4QzsTQxhAYm1tefKSt1iSgD7KjEdB3NTRS29AY nayH03QkoAtx7LHWYIwmMJoPCovIBL4EdCGEEOIwOKtR1hJYTWB8XMrRU1dHd7w8ugCeNxtVArrI 0/dWCGcwGmvp6OmlekeNtFlDAvqAlj+7mqdXrkYbG7ZZQwK6EMeiMKAbPKUZN/F8Esl0eMXfyvo5 IYQQ4lCcMwTOYrXC6jQubalbvoKNv78FpzXG6NzmqxLQRb78gG6NQRvDtu07uWvJ/xxxizWQgD7o jkZAf3rlap585tkwlMsUdyGOWdnPt6cNY86ZSCrjyQmEEEIIcRictQSOMKA7n7SFxqceoeK6hTit sUbnzp/ld6vI138EPeymU7WjhjsXL5E2a0hAH9DTK1fz5HIJ6EIc67InDJ42jD3nPFIZX04ihBBC iMPgjCNjwdoAawMSDhqeeYTYb6KArnXf7tzyu1XkOTCgIwE9jwT0AUhAF+KLoX9AP18CuhBCCHGY nHb0WtA2wCmFZxx7lj9KfKCAPtgPVgwpEtAPTQL6ACriWymPVR7wZSJfLkIcm7SxrHh2FYHSg/1Q hBBCiM8FZxy+BeM0zhiMcfRUlNH29ls4E/VJRwa5xCcJ3yftnZ0UFhVLQEcCuhBCCCGEEEKIzykJ 6INMAroQQgghhBBCCJCAPugkoAshhBBCCCGEAAnog04CuhBCCCGEEEIIkIA+6PYP6I3X3EK6YpuU lJSUlJSUlJSUlJTUF6y2DfuZBPTBtH9Al5KSkpKSkpKSkpKSkpKKf1UC+lEnAV1KSkpKSkpKSkpK SkpqoJKAfpRJQJeSkpKSkpKSkpKSkpIaqCSgH2US0KWkpKSkpKSkpKSkpKQGKgnoR1lm6w7SWyql pKSkpKSkpKSkpKSkpPqVamkf7Mj6L/ncBXQhhBBCCCGEEOJYJAFdCCGEEEIIIYQYAiSgCyGEEEII IYQQQ4AEdCGEEEIIIYQQYgiQgC6EEEIIIYQQQgwBEtCFEEIIIYQQQoghQAK6EEIIIYQQQggxBEhA F0IIIYQQQgghhgAJ6EIIIYQQQgghxBAgAV0IIYQQQgghhBgCJKALIYQQQgghhBBDgAR0IYQQQggh hBBiCJCALoQQQgghhBBCDAES0IUQQgghhBBCiCFAAroQQgghhBBCCDEESEAXQgghhBBCCCGGAAno QgghhBBCCCHEECABXQghhBBCCCGEGAIkoAshhBBCCCGEEEOABHQhhBBCCCGEEGIIkIAuhBBCCCGE EEIMARLQhRBCCCGEEEKIIeD/A+emdm2x82CRAAAAAElFTkSuQmCC --0000000000008cb0e405b60820e1-- From nobody Wed Dec 9 05:37:12 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 369A33A1669 for ; Wed, 9 Dec 2020 05:37:10 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.088 X-Spam-Level: X-Spam-Status: No, score=-1.088 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, FREEMAIL_REPLY=1, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=outlook.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Z1BjNpRZvWwz for ; Wed, 9 Dec 2020 05:37:07 -0800 (PST) Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10olkn2080.outbound.protection.outlook.com [40.92.42.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 594AE3A1082 for ; Wed, 9 Dec 2020 05:37:01 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Pdrd0mGPx4e/Vfo7Yi/Dwt8Ovq3tc7M1y8WvxewCdY9Qjv+XvCanZnYHDzFS9OU/mdQFCtDPLa3fvlrGJaMMCUIlF6w1Qt2T8jtZDlsqH2d84X2P01GeRpxjf7O22iP0BHy3Vg3x7Cn68kJxYd2e+wD9KEd5CX2EsHt5Yyuf4wClZBE+rjOJfMjQi9nS2GtkSzpQjzWd0NJQhViF612wfd5m1h94fnqrfts3+GkmIT9R2uiWOwHUDjSG9WbQIizkUhZYvOMGYV0LX35UWPfClBELaV1cMv0YggWA95CC7u+H8YXtoIMyueElkfqadQ6GPycKw9sVtb1EvfdtK+9MNA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ADa7l8BklQU4KYA2wwL/zJSt16afNYrB4s/eDkoexG0=; b=O+tlp8zx3alLBjylpdLj9JSDRK5Wj+kTmwm2DEa3Sb4U/HRPvnI20f/KH0vQGeSL3IfDqWL6dNd0Tgp3whYLKfvhujDVRCCynAksxWwrOXRt08twKkD0scn4O9Q8byOW9otIacEfnTaCkPRC9S5ZkfwO7l2TJJGi3ZT2FxuY/cvtqqzu/yuySfi49tFYwHJa6cyoZIs77jihjAiK421o9W5hf4DlqgnmB4j1lunrmWz7AzrIa3GZPWZXgHJBwsPLFY0zJPWByRP2mx4qZGnR455dbaiU4qCy8ldN8rPdT/5UtQIDJeb6UomtJErpPHi7Ei3/dukYXIrMQpod5tIgLQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ADa7l8BklQU4KYA2wwL/zJSt16afNYrB4s/eDkoexG0=; b=oapw1ewr2SfRaPbe7woDv7FDtogkoRPde5ijYPhmdGY0mDEmZymmEY4q8uCF1gLrnBGpWW8koxe7r4kEZbyTMu9oLuQ2i/j6pkz0rZGIUepEl0HqhKcwanPxU9l2xBQ94Cme1fr6TNro2vorq4cfcQJz78w4NT/6bfK5oTD1L8FGZgZtWYednwaHH9UVjJsCzoisQJzOKauuziUylBmrM7KWgopqTWzpMTGEtL4wz/7lcvOql6dXqjlYuu7Caif8Ko7BXWRzbbUAw+2yGqqc5WKgFisbDUw8VDmGhI9KBtJiRNsbbCucL5VAaEypwFSgpylgKzys2XnoUwo4h2cN3Q== Received: from MW2NAM10FT024.eop-nam10.prod.protection.outlook.com (2a01:111:e400:7e87::53) by MW2NAM10HT027.eop-nam10.prod.protection.outlook.com (2a01:111:e400:7e87::221) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3632.20; Wed, 9 Dec 2020 13:36:58 +0000 Received: from BYAPR10MB3398.namprd10.prod.outlook.com (2a01:111:e400:7e87::53) by MW2NAM10FT024.mail.protection.outlook.com (2a01:111:e400:7e87::455) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3654.12 via Frontend Transport; Wed, 9 Dec 2020 13:36:58 +0000 Received: from BYAPR10MB3398.namprd10.prod.outlook.com ([fe80::fd0f:e960:18a9:55c]) by BYAPR10MB3398.namprd10.prod.outlook.com ([fe80::fd0f:e960:18a9:55c%6]) with mapi id 15.20.3654.012; Wed, 9 Dec 2020 13:36:58 +0000 From: Kevin Gaynor To: Warren Parad , Karsten Meyer zu Selhausen CC: oauth Thread-Topic: [OAUTH-WG] Call for Adoption - AS Issuer Identifier in Authorization Response Thread-Index: AQHWzWDMCpPY6CH3+kaqX/V3Aj3W0KntjhmAgAAEKoCAANRDAIAAH12AgAAOtICAADDNgIAAAF0I Date: Wed, 9 Dec 2020 13:36:58 +0000 Message-ID: References: <09d3639d-7d7e-9582-d728-cc223d21bcb6@hackmanit.de> <7dacfb6c-4fca-5dda-8b4f-db5c8dadade1@hackmanit.de>, In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-incomingtopheadermarker: OriginalChecksum:71DDE18C2FA4A27B038BD958FF2528C32BE6B4103118E8BF59CDFB08BB41299A; UpperCasedChecksum:06E7856F117C275FB788E0834924008CC049F999A7462B65901E257D7DD90554; SizeAsReceived:7581; Count:44 x-tmn: [r2+U/DGB7Og/fxw6sFT0N3JwfedOjVsg6ZCevzEbGw113/hPbXDVGjhuttdenqiD] x-ms-publictraffictype: Email x-incomingheadercount: 44 x-eopattributedmessage: 0 x-ms-office365-filtering-correlation-id: d23779fe-eb51-4554-1096-08d89c4780a0 x-ms-traffictypediagnostic: MW2NAM10HT027: x-ms-exchange-minimumurldomainage: aka.ms#3611 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: fsoAFmCJ8Ek7LOP3EgwsM+QyarHyL0/TMl9OsAj/AZp8T98/0N8z+WvAbhgQHPbyRCB5stHUFHfDBpodaTkQolkvVNVJSxG3lO3dNeP0+cQIv22fMJJvhdRDiu9OQCQVSLn8BQIojaW0ldpofE71BTa00BjVUvTRYz+24v1AYl7kML5qEds0nj2DHszDIDXjPTtiZZAi7mK6MVKSevg26x5a8RNOn93sfXBoTEMFMJhhCNfzQBusn/qrXQkSGlyX x-ms-exchange-antispam-messagedata: TYjRO3A8jmWo1z0/2gMlDYa7UZn2R9o9i9XA6tK2wCxe2V6f/nIT/UIM3XqcQG5yeZLZdclQYD+XIdjiXCT7jsS0O/OGcJTp1y+p8T5Iyc1atgb8/B9zhCXvRx1Jd9ehdzXyrmE8DQJ2SMV4XoUdB8K4+0mcBEbdr/aX5eEJMDlAQJtM84feL1PzAtoYhhlL3WRBdkdiYFIfFnnIFH73tA== x-ms-exchange-transport-forked: True Content-Type: multipart/alternative; boundary="_000_BYAPR10MB339821563113EB3920BF6A10EECC0BYAPR10MB3398namp_" MIME-Version: 1.0 X-OriginatorOrg: outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-AuthSource: MW2NAM10FT024.eop-nam10.prod.protection.outlook.com X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-CrossTenant-Network-Message-Id: d23779fe-eb51-4554-1096-08d89c4780a0 X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Dec 2020 13:36:58.3961 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Internet X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW2NAM10HT027 Archived-At: Subject: Re: [OAUTH-WG] Call for Adoption - AS Issuer Identifier in Authorization Response X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Dec 2020 13:37:10 -0000 --_000_BYAPR10MB339821563113EB3920BF6A10EECC0BYAPR10MB3398namp_ Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 V2hheWJkbyBJIGtlZXAgZ2V0dGluZyB0aGVzZSBtZXNzYWdlcyBhbmQgaG93IGRpZCB5b3UgaGFj ayBteSBlbWFpbA0KDQpHZXQgT3V0bG9vayBmb3IgaU9TPGh0dHBzOi8vYWthLm1zL28wdWtlZj4N Cl9fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fDQpGcm9tOiBPQXV0aCA8b2F1dGgtYm91 bmNlc0BpZXRmLm9yZz4gb24gYmVoYWxmIG9mIFdhcnJlbiBQYXJhZCA8d3BhcmFkQHJob3N5cy5j aD4NClNlbnQ6IFdlZG5lc2RheSwgRGVjZW1iZXIgOSwgMjAyMCA4OjM0OjUzIEFNDQpUbzogS2Fy c3RlbiBNZXllciB6dSBTZWxoYXVzZW4gPGthcnN0ZW4ubWV5ZXJ6dXNlbGhhdXNlbkBoYWNrbWFu aXQuZGU+DQpDYzogb2F1dGggPG9hdXRoQGlldGYub3JnPg0KU3ViamVjdDogUmU6IFtPQVVUSC1X R10gQ2FsbCBmb3IgQWRvcHRpb24gLSBBUyBJc3N1ZXIgSWRlbnRpZmllciBpbiBBdXRob3JpemF0 aW9uIFJlc3BvbnNlDQoNClNpbmNlIHRoZXJlIGlzIGEgcG90ZW50aWFsbHkgdmFsaWQgVExTIGNh c2UsIGxldCdzIHNoZWx2ZSB0aGUgbm9uLVRMUyBjYXNlIHdpdGhvdXQgdGhlIHByZWNvbmRpdGlv bi4gSSBhZ3JlZSBhIE1JVE0gYXR0YWNrIG9uIHRoZSBhdXRob3JpemF0aW9uIGNvZGUgaXMgYSBs ZWdpdGltYXRlIGNhc2Ugd2hpY2ggd291bGQgYmUgbWl0aWdhdGVkIGJ5IHJlc29sdmluZyB0aGUg SVNTIHBhcmFtZXRlciB0byBkZXRlcm1pbmUgdGhlIHZhbGlkIHRva2VuIGVuZHBvaW50LiBJIHdv dWxkIHN1Z2dlc3QgdG8gaW1wcm92ZSB0aGUgbGFuZ3VhZ2UgaW4gdGhlIEludHJvZHVjdGlvbiB0 byBzcGVjaWZpY2FsbHkgaW5kaWNhdGUgdGhpcyBhcyBhIHNvbHV0aW9uIHRvIHRoZSBhdXRob3Jp emF0aW9uIGNvZGUgaW50ZXJjZXB0aW9uLiAoSXQgd2Fzbid0IGNsZWFyIHRvIG1lIGJlZm9yZSB0 aGlzIGNvbnZlcnNhdGlvbiB0aGF0IGl0IGhlbHBlZCBzb2x2ZWQgdGhhdCBwcm9ibGVtKQ0KDQpT byArMQ0KDQpPbiBXZWQsIERlYyA5LCAyMDIwLCAxMTo0MCBLYXJzdGVuIE1leWVyIHp1IFNlbGhh dXNlbiA8a2Fyc3Rlbi5tZXllcnp1c2VsaGF1c2VuQGhhY2ttYW5pdC5kZTxtYWlsdG86a2Fyc3Rl bi5tZXllcnp1c2VsaGF1c2VuQGhhY2ttYW5pdC5kZT4+IHdyb3RlOg0KDQpUaGUgYXR0YWNrZXIg YmVpbmcgYWJsZSB0byBtYW5pcHVsYXRlIHRoZSBmaXJzdCByZXF1ZXN0IGlzIGFuIGFkZGl0aW9u YWwgcHJlY29uZGl0aW9uIGZvciB0aGUgbWl4LXVwIGF0dGFjayB2YXJpYW50IHdlIHVzZWQgYXMg YW4gZXhhbXBsZS4gVGhlIHByZWNvbmRpdGlvbiBpcyBiYXNlZCBvbiB0aGUgYXR0YWNrZXIgQTIg ZGVmaW5lZCBpbiBzZWN0aW9uIDM8aHR0cHM6Ly90b29scy5pZXRmLm9yZy9odG1sL2RyYWZ0LWll dGYtb2F1dGgtc2VjdXJpdHktdG9waWNzLTE2I3NlY3Rpb24tMz4gb2YgdGhlIHNlY3VyaXR5IEJD UC4NCg0KVGhlcmUgYXJlIG90aGVyIG1peC11cCB2YXJpYW50cyB3aGljaCB3b3JrIHdpdGhvdXQg dGhpcyBwcmVjb25kaXRpb24uIE9uZSB2YXJpYW50IGlzIGRlc2NyaWJlZCBpbiB0aGUgc2VjdXJp dHkgQkNQPGh0dHBzOi8vdG9vbHMuaWV0Zi5vcmcvaHRtbC9kcmFmdC1pZXRmLW9hdXRoLXNlY3Vy aXR5LXRvcGljcy0xNiNzZWN0aW9uLTQuNC4xPiwgZm9yIGV4YW1wbGU6DQoNCipNaXgtVXAgV2l0 aG91dCBJbnRlcmNlcHRpb24qOiBBIHZhcmlhbnQgb2YgdGhlIGFib3ZlIGF0dGFjayB3b3Jrcw0K ICAgICAgZXZlbiBpZiB0aGUgZmlyc3QgcmVxdWVzdC9yZXNwb25zZSBwYWlyIGNhbm5vdCBiZSBp bnRlcmNlcHRlZCwgZm9yDQogICAgICBleGFtcGxlLCBiZWNhdXNlIFRMUyBpcyB1c2VkIHRvIHBy b3RlY3QgdGhlc2UgbWVzc2FnZXM6IEhlcmUsIGl0DQogICAgICBpcyBhc3N1bWVkIHRoYXQgdGhl IHVzZXIgd2FudHMgdG8gc3RhcnQgdGhlIGdyYW50IHVzaW5nIEEtQVMgKGFuZA0KICAgICAgbm90 IEgtQVMsIHNlZSBBdHRhY2tlciBBMSkuICBBZnRlciB0aGUgY2xpZW50IHJlZGlyZWN0ZWQgdGhl IHVzZXINCiAgICAgIHRvIHRoZSBhdXRob3JpemF0aW9uIGVuZHBvaW50IGF0IEEtQVMsIHRoZSBh dHRhY2tlciBpbW1lZGlhdGVseQ0KICAgICAgcmVkaXJlY3RzIHRoZSB1c2VyIHRvIEgtQVMgKGNo YW5naW5nIHRoZSBjbGllbnQgSUQgdG8gIjdaR1psZEhRIikuDQogICAgICBOb3RlIHRoYXQgYSB2 aWdpbGFudCB1c2VyIG1pZ2h0IGF0IHRoaXMgcG9pbnQgZGV0ZWN0IHRoYXQgc2hlDQogICAgICBp bnRlbmRlZCB0byB1c2UgQS1BUyBpbnN0ZWFkIG9mIEgtQVMuDQoNCg0KT24gMDkuMTIuMjAyMCAx MDo0NywgV2FycmVuIFBhcmFkIHdyb3RlOg0KT2theSwgaXQgd2Fzbid0IGNsZWFyIHRoYXQgdGhl IHVzZXIgYWdlbnQgd2FzIHJlcXVpcmVkIHRvIGJlIGNvbXByb21pc2VkIGZvciB0aGlzIHRvIGJl IGEgcHJvYmxlbS4gSGVyZSdzIHdoZXJlIGl0IGJyZWFrcyBkb3duIGZvciBtZSwgaWYgdGhlIGF0 dGFja2VyIGNhbiBtYW5pcHVsYXRlIHRoZSBmaXJzdCByZXF1ZXN0LCB3aHkgd291bGQgdGhleSBu b3QgYmUgYWJsZSB0byBtYW5pcHVsYXRlIHRoZSBBUyB3aGVyZSB0aGUgQXV0aCBSZXNwb25zZSBj b2RlIGlzIHNlbnQ/ICBVbmxlc3Mgd2UgY2FuIGd1YXJhbnRlZSB0aGVyZSBpcyBhbiBhdHRhY2sg c3VyZmFjZSB0aGF0IHdvdWxkIG9ubHkgYWZmZWN0IHRoZSBhdXRob3JpemF0aW9uIHJlcXVlc3Qg QVMgc2VsZWN0aW9uIGFuZCBub3QgdGhlIGF1dGggcmVzcG9uc2UsIHRoZSBzb2x1dGlvbiB0aGUg ZHJhZnQgbGFja3MgcHVycG9zZSBmb3IgbWUuDQoNCg0KW2h0dHBzOi8vbGg2Lmdvb2dsZXVzZXJj b250ZW50LmNvbS9ETmlEeDFRR0lyU3FNUEtETjFvS2V2eFl1eVZSWHNxaFhkZlpPc1c1NlJmMkE3 NG1VS2JBUHRySlNOdzRxeW5rU2pvbHRXa1BZZEJoYVpKZzFCTzQ1WU9jMXhzNnI5S0oxZllzTkhv Z1ktbmg2aGp1SW05R0NlQlJSenJTYzhrV2NVU050dUFdDQoNCldhcnJlbiBQYXJhZA0KDQpGb3Vu ZGVyLCBDVE8NCg0KU2VjdXJlIHlvdXIgdXNlciBkYXRhIGFuZCBjb21wbGV0ZSB5b3VyIGF1dGhv cml6YXRpb24gYXJjaGl0ZWN0dXJlLiBJbXBsZW1lbnQgQXV0aHJlc3M8aHR0cHM6Ly9iaXQubHkv MzdTU08xcD4uDQoNCg0KT24gV2VkLCBEZWMgOSwgMjAyMCBhdCA4OjU1IEFNIEthcnN0ZW4gTWV5 ZXIgenUgU2VsaGF1c2VuIDxrYXJzdGVuLm1leWVyenVzZWxoYXVzZW5AaGFja21hbml0LmRlPG1h aWx0bzprYXJzdGVuLm1leWVyenVzZWxoYXVzZW5AaGFja21hbml0LmRlPj4gd3JvdGU6DQoNCkhp IFdhcnJlbiwNCg0KSSB0aGluayB0aGVyZSBpcyBzb21lIG1pc3VuZGVyc3RhbmRpbmcgb24gaG93 IG1peC11cCBhdHRhY2tzIHdvcmsuIEkgd2lsbCB0cnkgdG8gY2xlYXIgdGhpbmdzIHVwLg0KDQpI YXZlIGEgbG9vayBhdCB0aGUgZm9sbG93aW5nIG1peC11cCBhdHRhY2sgZXhhbXBsZSAoc2xpZGUg NDxodHRwczovL2RhdGF0cmFja2VyLmlldGYub3JnL21lZXRpbmcvaW50ZXJpbS0yMDIwLW9hdXRo LTE3L21hdGVyaWFscy9zbGlkZXMtaW50ZXJpbS0yMDIwLW9hdXRoLTE3LXNlc3NhLWFzLWlzc3Vl ci1pZGVudGlmaWVyLWluLWF1dGhvcml6YXRpb24tcmVzcG9uc2UtMDAjcGFnZT00PiBmcm9tIHRo ZSBpbnRlcmltIG1lZXRpbmcpOg0KDQpbWF0NCg0KSSBtYXJrZWQgdGhlIGltcG9ydGFudCBwYXJ0 czoNCg0KICAqICAgSW4gc3RlcCAxIHRoZSBjbGllbnQgc3RvcmVzIHRoZSBhdHRhY2tlcidzIEFT IChBLUFTKSBhcyB0aGUgc2VsZWN0ZWQgQVMuDQogICogICBTdGVwIDU6IFRoZSBhdXRob3JpemF0 aW9uIHJlc3BvbnNlIGlzIGlzc3VlZCBieSB0aGUgaG9uZXN0ICg9IG5vdCBjb21wcm9taXNlZCkg QVMsIG5vdCBieSB0aGUgYXR0YWNrZXIncyBBUy4gVGhlIEgtQVMgd2lsbCB1c2UgaXRzIG93biBj b3JyZWN0IGlzc3VlciBpZGVudGlmaWVyIGFzIHRoZSB2YWx1ZSBmb3IgdGhlIEFTIHBhcmFtZXRl ci4NCiAgICAgKiAgIEluIGEgbWl4LXVwIGF0dGFjayB0aGUgYXR0YWNrZXIgY2Fubm90IGRpcmVj dGx5IGluZmx1ZW5jZSB0aGUgdmFsdWUgb2YgdGhlIGlzcyBwYXJhbWV0ZXIgaW4gdGhlIGF1dGhv cml6YXRpb24gcmVzcG9uc2UgYXMgaXQgaXMgaXNzdWVkIGJ5IHRoZSBILUFTLg0KICAqICAgU3Rl cCA2OiBUaGUgY2xpZW50IHNlbmRzIHRoZSB0b2tlbiByZXF1ZXN0IHRvIHRoZSB0b2tlbiBlbmRw b2ludCBvZiB0aGUgQS1BUywgYmVjYXVzZSBpdCBzdG9yZWQgdGhlIEEtQVMgYXMgdGhlIHNlbGVj dGVkIEFTIGluIHN0ZXAgMS4gVGhpcyBsZWFrcyB0aGUgYXV0aG9yaXphdGlvbiBjb2RlIHRvIHRo ZSBhdHRhY2tlciB3aG8gY2FuIHVzZSBpdCBpbiBhIGNvZGUgaW5qZWN0aW9uIGF0dGFjaywgZm9y IGV4YW1wbGUuDQoNCldpdGggYW4gaXNzIHBhcmFtZXRlciBwcmVzZW50IGluIHN0ZXAgNSB0aGUg Y2xpZW50IHdvdWxkIGJlIGFibGUgdG8gcmVjb2duaXplIHRoYXQgdGhlIGNvZGUgd2FzIGlzc3Vl ZCBieSB0aGUgSC1BUywgbm90IGJ5IHRoZSBBLUFTLiBUaGUgY2xpZW50IHdvdWxkIGJlIGFibGUg dG8gYWJvcnQgdGhlIGF1dGhvcml6YXRpb24gZ3JhbnQgaW5zdGVhZCBvZiBsZWFraW5nIHRoZSBj b2RlIHRvIHRoZSBBLUFTLg0KDQpJIGhvcGUgdGhpcyBhZGRyZXNzZXMgeW91ciBjb25jZXJucy4N Cg0KQmVzdCByZWdhcmRzLA0KS2Fyc3Rlbg0KDQpPbiAwOC4xMi4yMDIwIDIwOjE1LCBXYXJyZW4g UGFyYWQgd3JvdGU6DQpBcyBhbiBpbXBsZW1lbnRlciBvbiBib3RoIHNpZGVzIG9mIHRoZSBpc3N1 ZSBJJ20gc3RydWdnbGluZyB0byB1bmRlcnN0YW5kIGhvdyB0aGlzIHByb2JsZW0gd291bGQgb2Nj dXIuIEknbSBmaW5kaW5nIGlzc3VlcyB3aXRoIHRoZSBwcm9wb3NlZCBwcm9ibGVtczoNCg0KICAx LiAgSG9uZXN0IEFTIGlzIGNvbXByb21pc2VkLCBhc3N1bWluZyB0aGlzIGRvZXMgaGFwcGVuIGRl dGFpbHMgb24gd2h5IGFkZGluZyBpc3MgdG8gdGhlIEFTIHJlc3BvbnNlIHdvdWxkIHByZXZlbnQg YXR0YWNrcyBpcyBuZWNlc3NhcnkgZm9yIG1lLiBJbiBvdGhlciB3b3JkcywgaG93IHdvdWxkIGFu IEFTIGJlIGNvbXByb21pc2VkIGluIGEgd2F5IHRoYXQgd291bGQgYmUgaWRlbnRpZmlhYmxlIHRo cm91Z2ggdGhlIGlzc3VlciB2YWx1ZT8gKG15IGlnbm9yYW50IGFzc3VtcHRpb24gaXMgdGhhdCBh IGNvbXByb21pc2VkIEFTIGlzIGNvbXByb21pc2VkIGVub3VnaCB0aGF0IGFuIGF0dGFja2VyIHdv dWxkIGJlIGFibGUgdG8gc2VuZCB0aGUgY29ycmVjdCBJU1MpDQogIDIuICBBdHRhY2tlciBBUyBp cyByZWdpc3RlcmVkLiBJIGZ1bGx5IHN1cHBvcnQgdGhlIGlkZWEgdGhhdCB0aGlzIGNhbiBhbmQg d2lsbCBoYXBwZW4sIGhvd2V2ZXIgZnJvbSBhdHRlbXB0aW5nIHRvIHRlc3QtaW1wbGVtZW50IHRo aXMgcHJvcG9zYWwsIEkgY2FuJ3Qgc2VlIGhvdyB0aGUgYXV0aG9yaXphdGlvbiB3b3VsZCBiZSBz ZW50IHRvIHRoZSB3cm9uZyB0b2tlbiBlbmRwb2ludC4gU2luY2UgdGhlcmUgaXMgbm8gaW5mb3Jt YXRpb24gaW4gdGhlIEFTIGF1dGggY29kZSByZXNwb25zZSwgdGhlIGNsaWVudCBtdXN0IGFscmVh ZHkgaGF2ZSB0aGUga25vd2xlZGdlIG9mIHdoZXJlIHRoZXkgYXJlIGdvaW5nIHRvIHNlbmQgdGhl IHRva2VuLCBubyBtaXgtdXAgY2FuIGJlIGV4ZWN1dGVkLiBJIHdvdWxkIGFyZ3VlLCBpZiBhbnl0 aGluZywgYWRkaW5nIHRoZSBJU1MgcGFyYW1ldGVyIHdvdWxkIG9wZW4gYSBuZXcgYXR0YWNrIHN1 cmZhY2UgYnkgcHJvdmlkaW5nIGNsaWVudHMgYW4gb3Bwb3J0dW5pdHkgdG8gYmxhdGFudGx5IHRy dXN0IHRoZSBJU1MgcGFyYW1ldGVyIGFzIHRoZSBob25lc3QgQVMgYW5kIHRodXMgYWN0dWFsbHkg c2VuZGluZyB0aGUgY29kZSB0aGVyZSBpbnN0ZWFkIG9mIHNlbmRpbmcgaXQgdG8gb25lIHNwZWNp ZmllZCBpbiB0aGUgbWV0YWRhdGEgZG9jdW1lbnQuDQoNCk15IGNvbmZ1c2lvbiBpcyB0aGUgZm9s bG93aW5nOg0KDQogICogICBBcmUgbXVsdGkgQVMgc2VydmljZXMgdXRpbGl6aW5nIGF1dGhvcml6 YXRpb24gY29kZXMgaW4gYSB3YXkgd2hlcmUgdGhlcmUgY291bGQgYmUgYSBtaXggdXAgYXR0YWNr IGZvciAjMi4NCiAgKiAgIElzIHRoZXJlIGEgIzMgdGhhdCBJJ20gbWlzc2luZyB3aGljaCBldmVu IGluIGxpZ2h0IG9mICMxICYgIzIgSSBicm91Z2h0IHVwIHRoYXQgd291bGQgc3RpbGwgbWFrZSB0 aGlzIGNoYW5nZSB2YWx1YWJsZT8NCg0KW2h0dHBzOi8vbGg2Lmdvb2dsZXVzZXJjb250ZW50LmNv bS9ETmlEeDFRR0lyU3FNUEtETjFvS2V2eFl1eVZSWHNxaFhkZlpPc1c1NlJmMkE3NG1VS2JBUHRy SlNOdzRxeW5rU2pvbHRXa1BZZEJoYVpKZzFCTzQ1WU9jMXhzNnI5S0oxZllzTkhvZ1ktbmg2aGp1 SW05R0NlQlJSenJTYzhrV2NVU050dUFdDQoNCldhcnJlbiBQYXJhZA0KDQpGb3VuZGVyLCBDVE8N Cg0KU2VjdXJlIHlvdXIgdXNlciBkYXRhIGFuZCBjb21wbGV0ZSB5b3VyIGF1dGhvcml6YXRpb24g YXJjaGl0ZWN0dXJlLiBJbXBsZW1lbnQgQXV0aHJlc3M8aHR0cHM6Ly9iaXQubHkvMzdTU08xcD4u DQoNCg0KT24gVHVlLCBEZWMgOCwgMjAyMCBhdCA4OjAxIFBNIERpY2sgSGFyZHQgPGRpY2suaGFy ZHRAZ21haWwuY29tPG1haWx0bzpkaWNrLmhhcmR0QGdtYWlsLmNvbT4+IHdyb3RlOg0KKzENCltY XeGQpw0KDQpPbiBUdWUsIERlYyA4LCAyMDIwIGF0IDQ6NTEgQU0gUmlmYWF0IFNoZWtoLVl1c2Vm IDxyaWZhYXQucy5pZXRmQGdtYWlsLmNvbTxtYWlsdG86cmlmYWF0LnMuaWV0ZkBnbWFpbC5jb20+ PiB3cm90ZToNCkFsbCwNCg0KVGhpcyBpcyBhIGNhbGwgZm9yIGFkb3B0aW9uIGZvciB0aGUgZm9s bG93aW5nIEFTIElzc3VlciBJZGVudGlmaWVyIGluIEF1dGhvcml6YXRpb24gUmVzcG9uc2UgYXMg YSBXRyBkb2N1bWVudDoNCmh0dHBzOi8vZGF0YXRyYWNrZXIuaWV0Zi5vcmcvZG9jL2RyYWZ0LW1l eWVyenVzZWxoYXVzZW4tb2F1dGgtaXNzLWF1dGgtcmVzcC8NCg0KUGxlYXNlLCBwcm92aWRlIHlv dXIgZmVlZGJhY2sgb24gdGhlIG1haWxpbmcgbGlzdCBieSBEZWMgMjJuZC4NCg0KUmVnYXJkcywN CiBSaWZhYXQgJiBIYW5uZXMNCl9fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fX19fX19fDQpPQXV0aCBtYWlsaW5nIGxpc3QNCk9BdXRoQGlldGYub3JnPG1haWx0bzpPQXV0 aEBpZXRmLm9yZz4NCmh0dHBzOi8vd3d3LmlldGYub3JnL21haWxtYW4vbGlzdGluZm8vb2F1dGgN Cl9fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fDQpPQXV0aCBt YWlsaW5nIGxpc3QNCk9BdXRoQGlldGYub3JnPG1haWx0bzpPQXV0aEBpZXRmLm9yZz4NCmh0dHBz Oi8vd3d3LmlldGYub3JnL21haWxtYW4vbGlzdGluZm8vb2F1dGgNCg0KLS0NCkthcnN0ZW4gTWV5 ZXIgenUgU2VsaGF1c2VuDQpJVCBTZWN1cml0eSBDb25zdWx0YW50DQpQaG9uZTogICs0OSAoMCky MzQgLyA1NDQ1NjQ5OQ0KV2ViOiAgICBodHRwczovL2hhY2ttYW5pdC5kZSB8IElUIFNlY3VyaXR5 IENvbnN1bHRpbmcsIFBlbmV0cmF0aW9uIFRlc3RpbmcsIFNlY3VyaXR5IFRyYWluaW5nDQoNCk5l aG1lbiBTaWUgYW4gdW5zZXJlciBuw6RjaHN0ZW4gTGl2ZSBPbmxpbmUtU2NodWx1bmcgenVyIFNp Y2hlcmhlaXQgdm9uIE9BdXRoIHVuZCBPcGVuSUQgQ29ubmVjdCBhbSAyNy4wMSArIDI4LjAxLjIw MjEgdGVpbDoNCmh0dHBzOi8vd3d3LmhhY2ttYW5pdC5kZS9kZS9zY2h1bHVuZ2VuLzEyNy1saXZl LW9ubGluZS1zY2h1bHVuZy1zaW5nbGUtc2lnbi1vbi1zaWNoZXJoZWl0LW9hdXRoLW9wZW5pZC1j b25uZWN0LWFtLTI3LTAxLTI4LTAxLTIwMjENCg0KSGFja21hbml0IEdtYkgNClVuaXZlcnNpdMOk dHNzdHJhw59lIDYwIChFeHplbnRlcmhhdXMpDQo0NDc4OSBCb2NodW0NCg0KUmVnaXN0ZXJnZXJp Y2h0OiBBbXRzZ2VyaWNodCBCb2NodW0sIEhSQiAxNDg5Ng0KR2VzY2jDpGZ0c2bDvGhyZXI6IFBy b2YuIERyLiBKw7ZyZyBTY2h3ZW5rLCBQcm9mLiBEci4gSnVyYWogU29tb3JvdnNreSwgRHIuIENo cmlzdGlhbiBNYWlua2EsIERyLiBNYXJjdXMgTmllbWlldHoNCg0KLS0NCkthcnN0ZW4gTWV5ZXIg enUgU2VsaGF1c2VuDQpJVCBTZWN1cml0eSBDb25zdWx0YW50DQpQaG9uZTogICs0OSAoMCkyMzQg LyA1NDQ1NjQ5OQ0KV2ViOiAgICBodHRwczovL2hhY2ttYW5pdC5kZSB8IElUIFNlY3VyaXR5IENv bnN1bHRpbmcsIFBlbmV0cmF0aW9uIFRlc3RpbmcsIFNlY3VyaXR5IFRyYWluaW5nDQoNCk5laG1l biBTaWUgYW4gdW5zZXJlciBuw6RjaHN0ZW4gTGl2ZSBPbmxpbmUtU2NodWx1bmcgenVyIFNpY2hl cmhlaXQgdm9uIE9BdXRoIHVuZCBPcGVuSUQgQ29ubmVjdCBhbSAyNy4wMSArIDI4LjAxLjIwMjEg dGVpbDoNCmh0dHBzOi8vd3d3LmhhY2ttYW5pdC5kZS9kZS9zY2h1bHVuZ2VuLzEyNy1saXZlLW9u bGluZS1zY2h1bHVuZy1zaW5nbGUtc2lnbi1vbi1zaWNoZXJoZWl0LW9hdXRoLW9wZW5pZC1jb25u ZWN0LWFtLTI3LTAxLTI4LTAxLTIwMjENCg0KSGFja21hbml0IEdtYkgNClVuaXZlcnNpdMOkdHNz dHJhw59lIDYwIChFeHplbnRlcmhhdXMpDQo0NDc4OSBCb2NodW0NCg0KUmVnaXN0ZXJnZXJpY2h0 OiBBbXRzZ2VyaWNodCBCb2NodW0sIEhSQiAxNDg5Ng0KR2VzY2jDpGZ0c2bDvGhyZXI6IFByb2Yu IERyLiBKw7ZyZyBTY2h3ZW5rLCBQcm9mLiBEci4gSnVyYWogU29tb3JvdnNreSwgRHIuIENocmlz dGlhbiBNYWlua2EsIERyLiBNYXJjdXMgTmllbWlldHoNCg== --_000_BYAPR10MB339821563113EB3920BF6A10EECC0BYAPR10MB3398namp_ Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: base64 PGh0bWw+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIgY29udGVudD0i dGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjwvaGVhZD4NCjxib2R5Pg0KPGRpdj4NCjxkaXY+ DQo8ZGl2IGRpcj0ibHRyIiBzdHlsZT0iY29sb3I6IHJnYigwLCAwLCAwKTsgYmFja2dyb3VuZC1j b2xvcjogcmdiKDI1NSwgMjU1LCAyNTUpOyI+DQpXaGF5YmRvIEkga2VlcCBnZXR0aW5nIHRoZXNl IG1lc3NhZ2VzIGFuZCBob3cgZGlkIHlvdSBoYWNrIG15IGVtYWlsPC9kaXY+DQo8L2Rpdj4NCjxk aXY+PGJyPg0KPC9kaXY+DQo8ZGl2IGNsYXNzPSJtcy1vdXRsb29rLWlvcy1zaWduYXR1cmUiPkdl dCA8YSBocmVmPSJodHRwczovL2FrYS5tcy9vMHVrZWYiPk91dGxvb2sgZm9yIGlPUzwvYT48L2Rp dj4NCjwvZGl2Pg0KPGhyIHN0eWxlPSJkaXNwbGF5OmlubGluZS1ibG9jazt3aWR0aDo5OCUiIHRh YmluZGV4PSItMSI+DQo8ZGl2IGlkPSJkaXZScGx5RndkTXNnIiBkaXI9Imx0ciI+PGZvbnQgZmFj ZT0iQ2FsaWJyaSwgc2Fucy1zZXJpZiIgc3R5bGU9ImZvbnQtc2l6ZToxMXB0IiBjb2xvcj0iIzAw MDAwMCI+PGI+RnJvbTo8L2I+IE9BdXRoICZsdDtvYXV0aC1ib3VuY2VzQGlldGYub3JnJmd0OyBv biBiZWhhbGYgb2YgV2FycmVuIFBhcmFkICZsdDt3cGFyYWRAcmhvc3lzLmNoJmd0Ozxicj4NCjxi PlNlbnQ6PC9iPiBXZWRuZXNkYXksIERlY2VtYmVyIDksIDIwMjAgODozNDo1MyBBTTxicj4NCjxi PlRvOjwvYj4gS2Fyc3RlbiBNZXllciB6dSBTZWxoYXVzZW4gJmx0O2thcnN0ZW4ubWV5ZXJ6dXNl bGhhdXNlbkBoYWNrbWFuaXQuZGUmZ3Q7PGJyPg0KPGI+Q2M6PC9iPiBvYXV0aCAmbHQ7b2F1dGhA aWV0Zi5vcmcmZ3Q7PGJyPg0KPGI+U3ViamVjdDo8L2I+IFJlOiBbT0FVVEgtV0ddIENhbGwgZm9y IEFkb3B0aW9uIC0gQVMgSXNzdWVyIElkZW50aWZpZXIgaW4gQXV0aG9yaXphdGlvbiBSZXNwb25z ZTwvZm9udD4NCjxkaXY+Jm5ic3A7PC9kaXY+DQo8L2Rpdj4NCjxkaXY+DQo8ZGl2IGRpcj0ibHRy Ij4NCjxkaXYgZGlyPSJhdXRvIj4NCjxkaXYgZGlyPSJhdXRvIj5TaW5jZSB0aGVyZSBpcyBhIHBv dGVudGlhbGx5IHZhbGlkIFRMUyBjYXNlLCBsZXQncyBzaGVsdmUgdGhlIG5vbi1UTFMgY2FzZSB3 aXRob3V0IHRoZSBwcmVjb25kaXRpb24uIEkgYWdyZWUgYSBNSVRNIGF0dGFjayBvbiB0aGUgYXV0 aG9yaXphdGlvbiBjb2RlIGlzIGEgbGVnaXRpbWF0ZSZuYnNwO2Nhc2Ugd2hpY2ggd291bGQgYmUg bWl0aWdhdGVkIGJ5IHJlc29sdmluZyB0aGUgSVNTIHBhcmFtZXRlciB0byBkZXRlcm1pbmUgdGhl DQogdmFsaWQgdG9rZW4gZW5kcG9pbnQuIEkgd291bGQgc3VnZ2VzdCB0byBpbXByb3ZlIHRoZSBs YW5ndWFnZSBpbiB0aGUgPGI+SW50cm9kdWN0aW9uPC9iPiZuYnNwO3RvIHNwZWNpZmljYWxseSBp bmRpY2F0ZSB0aGlzIGFzIGEgc29sdXRpb24gdG8gdGhlIGF1dGhvcml6YXRpb24gY29kZSBpbnRl cmNlcHRpb24uIChJdCB3YXNuJ3QgY2xlYXIgdG8gbWUgYmVmb3JlIHRoaXMgY29udmVyc2F0aW9u IHRoYXQgaXQgaGVscGVkIHNvbHZlZCB0aGF0IHByb2JsZW0pPGJyPg0KPC9kaXY+DQo8ZGl2IGRp cj0iYXV0byI+PGJyPg0KPC9kaXY+DQo8ZGl2PlNvJm5ic3A7KzE8L2Rpdj4NCjxkaXYgZGlyPSJh dXRvIj48YnI+DQo8L2Rpdj4NCjwvZGl2Pg0KPGRpdiBjbGFzcz0ieF9nbWFpbF9xdW90ZSI+DQo8 ZGl2IGRpcj0ibHRyIiBjbGFzcz0ieF9nbWFpbF9hdHRyIj5PbiBXZWQsIERlYyA5LCAyMDIwLCAx MTo0MCBLYXJzdGVuIE1leWVyIHp1IFNlbGhhdXNlbiAmbHQ7PGEgaHJlZj0ibWFpbHRvOmthcnN0 ZW4ubWV5ZXJ6dXNlbGhhdXNlbkBoYWNrbWFuaXQuZGUiIHRhcmdldD0iX2JsYW5rIj5rYXJzdGVu Lm1leWVyenVzZWxoYXVzZW5AaGFja21hbml0LmRlPC9hPiZndDsgd3JvdGU6PGJyPg0KPC9kaXY+ DQo8YmxvY2txdW90ZSBjbGFzcz0ieF9nbWFpbF9xdW90ZSIgc3R5bGU9Im1hcmdpbjowcHggMHB4 IDBweCAwLjhleDsgYm9yZGVyLWxlZnQ6MXB4IHNvbGlkIHJnYigyMDQsMjA0LDIwNCk7IHBhZGRp bmctbGVmdDoxZXgiPg0KPGRpdiBiZ2NvbG9yPSIjRkZGRkZGIj4NCjxwPjxmb250IHNpemU9Ii0x Ij48Zm9udCBmYWNlPSJOdW5pdG8gU2FucyI+VGhlIGF0dGFja2VyIGJlaW5nIGFibGUgdG8gbWFu aXB1bGF0ZSB0aGUgZmlyc3QgcmVxdWVzdCBpcyBhbiBhZGRpdGlvbmFsIHByZWNvbmRpdGlvbiBm b3IgdGhlIG1peC11cCBhdHRhY2sgdmFyaWFudCB3ZSB1c2VkIGFzIGFuIGV4YW1wbGUuIFRoZSBw cmVjb25kaXRpb24gaXMgYmFzZWQgb24gdGhlIGF0dGFja2VyIEEyIGRlZmluZWQgaW4NCjxhIGhy ZWY9Imh0dHBzOi8vdG9vbHMuaWV0Zi5vcmcvaHRtbC9kcmFmdC1pZXRmLW9hdXRoLXNlY3VyaXR5 LXRvcGljcy0xNiNzZWN0aW9uLTMiIHJlbD0ibm9yZWZlcnJlciIgdGFyZ2V0PSJfYmxhbmsiPg0K c2VjdGlvbiAzPC9hPiBvZiB0aGUgc2VjdXJpdHkgQkNQLjwvZm9udD48L2ZvbnQ+PC9wPg0KPHA+ PGZvbnQgc2l6ZT0iLTEiPjxmb250IGZhY2U9Ik51bml0byBTYW5zIj5UaGVyZSBhcmUgb3RoZXIg bWl4LXVwIHZhcmlhbnRzIHdoaWNoIHdvcmsgd2l0aG91dCB0aGlzIHByZWNvbmRpdGlvbi4gT25l IHZhcmlhbnQgaXMgZGVzY3JpYmVkIGluIHRoZQ0KPGEgaHJlZj0iaHR0cHM6Ly90b29scy5pZXRm Lm9yZy9odG1sL2RyYWZ0LWlldGYtb2F1dGgtc2VjdXJpdHktdG9waWNzLTE2I3NlY3Rpb24tNC40 LjEiIHJlbD0ibm9yZWZlcnJlciIgdGFyZ2V0PSJfYmxhbmsiPg0Kc2VjdXJpdHkgQkNQPC9hPiwg Zm9yIGV4YW1wbGU6PC9mb250PjwvZm9udD48L3A+DQo8cD48L3A+DQo8YmxvY2txdW90ZSB0eXBl PSJjaXRlIj4NCjxwcmU+Kk1peC1VcCBXaXRob3V0IEludGVyY2VwdGlvbio6IEEgdmFyaWFudCBv ZiB0aGUgYWJvdmUgYXR0YWNrIHdvcmtzDQogICAgICBldmVuIGlmIHRoZSBmaXJzdCByZXF1ZXN0 L3Jlc3BvbnNlIHBhaXIgY2Fubm90IGJlIGludGVyY2VwdGVkLCBmb3INCiAgICAgIGV4YW1wbGUs IGJlY2F1c2UgVExTIGlzIHVzZWQgdG8gcHJvdGVjdCB0aGVzZSBtZXNzYWdlczogSGVyZSwgaXQN CiAgICAgIGlzIGFzc3VtZWQgdGhhdCB0aGUgdXNlciB3YW50cyB0byBzdGFydCB0aGUgZ3JhbnQg dXNpbmcgQS1BUyAoYW5kDQogICAgICBub3QgSC1BUywgc2VlIEF0dGFja2VyIEExKS4gIEFmdGVy IHRoZSBjbGllbnQgcmVkaXJlY3RlZCB0aGUgdXNlcg0KICAgICAgdG8gdGhlIGF1dGhvcml6YXRp b24gZW5kcG9pbnQgYXQgQS1BUywgdGhlIGF0dGFja2VyIGltbWVkaWF0ZWx5DQogICAgICByZWRp cmVjdHMgdGhlIHVzZXIgdG8gSC1BUyAoY2hhbmdpbmcgdGhlIGNsaWVudCBJRCB0byAmcXVvdDs3 WkdabGRIUSZxdW90OykuDQogICAgICBOb3RlIHRoYXQgYSB2aWdpbGFudCB1c2VyIG1pZ2h0IGF0 IHRoaXMgcG9pbnQgZGV0ZWN0IHRoYXQgc2hlDQogICAgICBpbnRlbmRlZCB0byB1c2UgQS1BUyBp bnN0ZWFkIG9mIEgtQVMuPC9wcmU+DQo8L2Jsb2NrcXVvdGU+DQo8cD48L3A+DQo8cD48YnI+DQo8 L3A+DQo8ZGl2Pk9uIDA5LjEyLjIwMjAgMTA6NDcsIFdhcnJlbiBQYXJhZCB3cm90ZTo8YnI+DQo8 L2Rpdj4NCjxibG9ja3F1b3RlIHR5cGU9ImNpdGUiPg0KPGRpdiBkaXI9Imx0ciI+T2theSwgaXQg d2Fzbid0IGNsZWFyIHRoYXQgdGhlIHVzZXIgYWdlbnQgd2FzIHJlcXVpcmVkIHRvIGJlIGNvbXBy b21pc2VkIGZvciB0aGlzIHRvIGJlIGEgcHJvYmxlbS4gSGVyZSdzIHdoZXJlIGl0IGJyZWFrcyBk b3duIGZvciBtZSwgaWYgdGhlIGF0dGFja2VyIGNhbiBtYW5pcHVsYXRlIHRoZSBmaXJzdCByZXF1 ZXN0LCB3aHkgd291bGQgdGhleSBub3QgYmUgYWJsZSB0byBtYW5pcHVsYXRlIHRoZSBBUyB3aGVy ZSB0aGUNCiBBdXRoIFJlc3BvbnNlIGNvZGUgaXMgc2VudD8mbmJzcDsgVW5sZXNzIHdlIGNhbiBn dWFyYW50ZWUgdGhlcmUgaXMgYW4gYXR0YWNrIHN1cmZhY2UgdGhhdCB3b3VsZCBvbmx5IGFmZmVj dCB0aGUgYXV0aG9yaXphdGlvbiByZXF1ZXN0IEFTIHNlbGVjdGlvbiBhbmQgbm90IHRoZSBhdXRo IHJlc3BvbnNlLCB0aGUgc29sdXRpb24gdGhlIGRyYWZ0IGxhY2tzIHB1cnBvc2UgZm9yIG1lLg0K PGRpdj4NCjxkaXY+PGJyIGNsZWFyPSJhbGwiPg0KPGRpdj4NCjxkaXYgZGlyPSJsdHIiPg0KPGRp diBkaXI9Imx0ciI+DQo8dGFibGUgc3R5bGU9ImJvcmRlcjpub25lOyBib3JkZXItY29sbGFwc2U6 Y29sbGFwc2UiPg0KPGNvbGdyb3VwPjxjb2wgd2lkdGg9IjIxNCI+PGNvbCB3aWR0aD0iMTEwIj48 L2NvbGdyb3VwPg0KPHRib2R5Pg0KPHRyIHN0eWxlPSJoZWlnaHQ6MHB0Ij4NCjx0ZCBzdHlsZT0i Ym9yZGVyLXdpZHRoOjFwdDsgYm9yZGVyLXN0eWxlOnNvbGlkOyBib3JkZXItY29sb3I6cmdiKDI1 NSwyNTUsMjU1KSByZ2IoMjA0LDIwNCwyMDQpIHJnYigyNTUsMjU1LDI1NSkgcmdiKDI1NSwyNTUs MjU1KTsgdmVydGljYWwtYWxpZ246dG9wOyBwYWRkaW5nOjVwdDsgb3ZlcmZsb3c6aGlkZGVuIj4N CjxwIGRpcj0ibHRyIiBzdHlsZT0ibGluZS1oZWlnaHQ6MS4yOyBib3JkZXItd2lkdGg6MXB0OyBi b3JkZXItc3R5bGU6c29saWQ7IGJvcmRlci1jb2xvcjpyZ2IoMjU1LDI1NSwyNTUpOyBtYXJnaW4t dG9wOjBwdDsgbWFyZ2luLWJvdHRvbTowcHQiPg0KPHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMXB0 OyBmb250LWZhbWlseTpBcmlhbDsgY29sb3I6cmdiKDAsMCwwKTsgYmFja2dyb3VuZC1jb2xvcjp0 cmFuc3BhcmVudDsgdmVydGljYWwtYWxpZ246YmFzZWxpbmU7IHdoaXRlLXNwYWNlOnByZS13cmFw Ij48c3BhbiBzdHlsZT0iYm9yZGVyOm5vbmU7IGRpc3BsYXk6aW5saW5lLWJsb2NrOyBvdmVyZmxv dzpoaWRkZW47IHdpZHRoOjE5OXB4OyBoZWlnaHQ6MzRweCI+PGltZyBzcmM9Imh0dHBzOi8vbGg2 Lmdvb2dsZXVzZXJjb250ZW50LmNvbS9ETmlEeDFRR0lyU3FNUEtETjFvS2V2eFl1eVZSWHNxaFhk ZlpPc1c1NlJmMkE3NG1VS2JBUHRySlNOdzRxeW5rU2pvbHRXa1BZZEJoYVpKZzFCTzQ1WU9jMXhz NnI5S0oxZllzTkhvZ1ktbmg2aGp1SW05R0NlQlJSenJTYzhrV2NVU050dUEiIHdpZHRoPSIxOTki IGhlaWdodD0iMzQiIHN0eWxlPSJtYXJnaW4tbGVmdDowcHg7IG1hcmdpbi10b3A6MHB4Ij48L3Nw YW4+PC9zcGFuPjwvcD4NCjwvdGQ+DQo8dGQgc3R5bGU9ImJvcmRlci13aWR0aDoxcHQ7IGJvcmRl ci1zdHlsZTpzb2xpZDsgYm9yZGVyLWNvbG9yOnJnYigyNTUsMjU1LDI1NSkgcmdiKDI1NSwyNTUs MjU1KSByZ2IoMjU1LDI1NSwyNTUpIHJnYigyMDQsMjA0LDIwNCk7IHZlcnRpY2FsLWFsaWduOnRv cDsgcGFkZGluZzo1cHQ7IG92ZXJmbG93OmhpZGRlbiI+DQo8cCBkaXI9Imx0ciIgc3R5bGU9Imxp bmUtaGVpZ2h0OjEuMjsgYm9yZGVyLWxlZnQ6MXB0IHNvbGlkIHJnYigyNTUsMjU1LDI1NSk7IGJv cmRlci1yaWdodDoxcHQgc29saWQgcmdiKDI1NSwyNTUsMjU1KTsgYm9yZGVyLXRvcDoxcHQgc29s aWQgcmdiKDI1NSwyNTUsMjU1KTsgbWFyZ2luLXRvcDowcHQ7IG1hcmdpbi1ib3R0b206MHB0Ij4N CjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTFwdDsgZm9udC1mYW1pbHk6TGF0byxzYW5zLXNlcmlm OyBiYWNrZ3JvdW5kLWNvbG9yOnRyYW5zcGFyZW50OyBmb250LXdlaWdodDo3MDA7IHZlcnRpY2Fs LWFsaWduOmJhc2VsaW5lOyB3aGl0ZS1zcGFjZTpwcmUtd3JhcCI+V2FycmVuIFBhcmFkPC9zcGFu PjwvcD4NCjxwIGRpcj0ibHRyIiBzdHlsZT0ibGluZS1oZWlnaHQ6MS4yOyBib3JkZXItbGVmdDox cHQgc29saWQgcmdiKDI1NSwyNTUsMjU1KTsgYm9yZGVyLXJpZ2h0OjFwdCBzb2xpZCByZ2IoMjU1 LDI1NSwyNTUpOyBib3JkZXItYm90dG9tOjFwdCBzb2xpZCByZ2IoMjU1LDI1NSwyNTUpOyBtYXJn aW4tdG9wOjBwdDsgbWFyZ2luLWJvdHRvbTowcHQiPg0KPGZvbnQgZmFjZT0iTGF0bywgc2Fucy1z ZXJpZiI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMy4zMzMzcHg7IHdoaXRlLXNwYWNlOnByZS13 cmFwIj5Gb3VuZGVyLCBDVE88L3NwYW4+PC9mb250PjwvcD4NCjwvdGQ+DQo8L3RyPg0KPC90Ym9k eT4NCjwvdGFibGU+DQo8c3BhbiBzdHlsZT0iZm9udC1zaXplOngtc21hbGwiPlNlY3VyZSB5b3Vy IHVzZXIgZGF0YSBhbmQgY29tcGxldGUgeW91ciBhdXRob3JpemF0aW9uIGFyY2hpdGVjdHVyZS4g SW1wbGVtZW50Jm5ic3A7PC9zcGFuPjxhIGhyZWY9Imh0dHBzOi8vYml0Lmx5LzM3U1NPMXAiIHJl bD0ibm9yZWZlcnJlciIgdGFyZ2V0PSJfYmxhbmsiIHN0eWxlPSJmb250LXNpemU6eC1zbWFsbCI+ QXV0aHJlc3M8L2E+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTp4LXNtYWxsIj4uPC9zcGFuPjxicj4N CjwvZGl2Pg0KPC9kaXY+DQo8L2Rpdj4NCjxicj4NCjwvZGl2Pg0KPC9kaXY+DQo8L2Rpdj4NCjxi cj4NCjxkaXYgY2xhc3M9InhfZ21haWxfcXVvdGUiPg0KPGRpdiBkaXI9Imx0ciIgY2xhc3M9Inhf Z21haWxfYXR0ciI+T24gV2VkLCBEZWMgOSwgMjAyMCBhdCA4OjU1IEFNIEthcnN0ZW4gTWV5ZXIg enUgU2VsaGF1c2VuICZsdDs8YSBocmVmPSJtYWlsdG86a2Fyc3Rlbi5tZXllcnp1c2VsaGF1c2Vu QGhhY2ttYW5pdC5kZSIgcmVsPSJub3JlZmVycmVyIiB0YXJnZXQ9Il9ibGFuayI+a2Fyc3Rlbi5t ZXllcnp1c2VsaGF1c2VuQGhhY2ttYW5pdC5kZTwvYT4mZ3Q7IHdyb3RlOjxicj4NCjwvZGl2Pg0K PGJsb2NrcXVvdGUgY2xhc3M9InhfZ21haWxfcXVvdGUiIHN0eWxlPSJtYXJnaW46MHB4IDBweCAw cHggMC44ZXg7IGJvcmRlci1sZWZ0OjFweCBzb2xpZCByZ2IoMjA0LDIwNCwyMDQpOyBwYWRkaW5n LWxlZnQ6MWV4Ij4NCjxkaXYgYmdjb2xvcj0iI0ZGRkZGRiI+DQo8cD48Zm9udCBzaXplPSItMSI+ PGZvbnQgZmFjZT0iTnVuaXRvIFNhbnMiPkhpIFdhcnJlbiw8L2ZvbnQ+PC9mb250PjwvcD4NCjxw Pjxmb250IHNpemU9Ii0xIj48Zm9udCBmYWNlPSJOdW5pdG8gU2FucyI+SSB0aGluayB0aGVyZSBp cyBzb21lIG1pc3VuZGVyc3RhbmRpbmcgb24gaG93IG1peC11cCBhdHRhY2tzIHdvcmsuIEkgd2ls bCB0cnkgdG8gY2xlYXIgdGhpbmdzIHVwLjwvZm9udD48L2ZvbnQ+PC9wPg0KPHA+PGZvbnQgc2l6 ZT0iLTEiPjxmb250IGZhY2U9Ik51bml0byBTYW5zIj5IYXZlIGEgbG9vayBhdCB0aGUgZm9sbG93 aW5nIG1peC11cCBhdHRhY2sgZXhhbXBsZSAoPGEgaHJlZj0iaHR0cHM6Ly9kYXRhdHJhY2tlci5p ZXRmLm9yZy9tZWV0aW5nL2ludGVyaW0tMjAyMC1vYXV0aC0xNy9tYXRlcmlhbHMvc2xpZGVzLWlu dGVyaW0tMjAyMC1vYXV0aC0xNy1zZXNzYS1hcy1pc3N1ZXItaWRlbnRpZmllci1pbi1hdXRob3Jp emF0aW9uLXJlc3BvbnNlLTAwI3BhZ2U9NCIgcmVsPSJub3JlZmVycmVyIiB0YXJnZXQ9Il9ibGFu ayI+c2xpZGUNCiA0PC9hPiBmcm9tIHRoZSBpbnRlcmltIG1lZXRpbmcpOjwvZm9udD48L2ZvbnQ+ PC9wPg0KPHA+PGltZyBhbHQ9IiI+PC9wPg0KPHA+PGZvbnQgc2l6ZT0iLTEiPjxmb250IGZhY2U9 Ik51bml0byBTYW5zIj5JIG1hcmtlZCB0aGUgaW1wb3J0YW50IHBhcnRzOjwvZm9udD48L2ZvbnQ+ PC9wPg0KPHVsPg0KPGxpPjxmb250IHNpemU9Ii0xIj48Zm9udCBmYWNlPSJOdW5pdG8gU2FucyI+ SW4gc3RlcCAxIHRoZSBjbGllbnQgc3RvcmVzIHRoZSBhdHRhY2tlcidzIEFTIChBLUFTKSBhcyB0 aGUgc2VsZWN0ZWQgQVMuDQo8YnI+DQo8L2ZvbnQ+PC9mb250PjwvbGk+PGxpPjxmb250IHNpemU9 Ii0xIj48Zm9udCBmYWNlPSJOdW5pdG8gU2FucyI+U3RlcCA1OiBUaGUgYXV0aG9yaXphdGlvbiBy ZXNwb25zZSBpcyBpc3N1ZWQgYnkgdGhlIGhvbmVzdA0KPGI+KD0gbm90IGNvbXByb21pc2VkKTwv Yj4gQVMsIG5vdCBieSB0aGUgYXR0YWNrZXIncyBBUy4gVGhlIEgtQVMgd2lsbCB1c2UgaXRzIG93 biBjb3JyZWN0IGlzc3VlciBpZGVudGlmaWVyIGFzIHRoZSB2YWx1ZSBmb3IgdGhlIEFTIHBhcmFt ZXRlci48L2ZvbnQ+PC9mb250PjwvbGk+PHVsPg0KPGxpPjxmb250IHNpemU9Ii0xIj48Zm9udCBm YWNlPSJOdW5pdG8gU2FucyI+SW4gYSBtaXgtdXAgYXR0YWNrIHRoZSBhdHRhY2tlciBjYW5ub3Qg ZGlyZWN0bHkgaW5mbHVlbmNlIHRoZSB2YWx1ZSBvZiB0aGUgaXNzIHBhcmFtZXRlciBpbiB0aGUg YXV0aG9yaXphdGlvbiByZXNwb25zZSBhcyBpdCBpcyBpc3N1ZWQgYnkgdGhlIEgtQVMuPC9mb250 PjwvZm9udD48L2xpPjwvdWw+DQo8bGk+PGZvbnQgc2l6ZT0iLTEiPjxmb250IGZhY2U9Ik51bml0 byBTYW5zIj5TdGVwIDY6IFRoZSBjbGllbnQgc2VuZHMgdGhlIHRva2VuIHJlcXVlc3QgdG8gdGhl IHRva2VuIGVuZHBvaW50IG9mIHRoZSBBLUFTLCBiZWNhdXNlIGl0IHN0b3JlZCB0aGUgQS1BUyBh cyB0aGUgc2VsZWN0ZWQgQVMgaW4gc3RlcCAxLiBUaGlzIGxlYWtzIHRoZSBhdXRob3JpemF0aW9u IGNvZGUgdG8gdGhlIGF0dGFja2VyIHdobyBjYW4gdXNlIGl0IGluIGEgY29kZSBpbmplY3Rpb24N CiBhdHRhY2ssIGZvciBleGFtcGxlLjwvZm9udD48L2ZvbnQ+PC9saT48L3VsPg0KPHA+PGZvbnQg c2l6ZT0iLTEiPjxmb250IGZhY2U9Ik51bml0byBTYW5zIj5XaXRoIGFuIGlzcyBwYXJhbWV0ZXIg cHJlc2VudCBpbiBzdGVwIDUgdGhlIGNsaWVudCB3b3VsZCBiZSBhYmxlIHRvIHJlY29nbml6ZSB0 aGF0IHRoZSBjb2RlIHdhcyBpc3N1ZWQgYnkgdGhlIEgtQVMsIG5vdCBieSB0aGUgQS1BUy4gVGhl IGNsaWVudCB3b3VsZCBiZSBhYmxlIHRvIGFib3J0IHRoZSBhdXRob3JpemF0aW9uIGdyYW50IGlu c3RlYWQgb2YgbGVha2luZyB0aGUNCiBjb2RlIHRvIDwvZm9udD48L2ZvbnQ+PGZvbnQgc2l6ZT0i LTEiPjxmb250IGZhY2U9Ik51bml0byBTYW5zIj50aGUgQS1BUy48L2ZvbnQ+PC9mb250PjwvcD4N CjxwPjxmb250IHNpemU9Ii0xIiBmYWNlPSJOdW5pdG8gU2FucyI+SSBob3BlIHRoaXMgYWRkcmVz c2VzIHlvdXIgY29uY2VybnMuPGJyPg0KPC9mb250PjwvcD4NCjxwPjxmb250IHNpemU9Ii0xIiBm YWNlPSJOdW5pdG8gU2FucyI+QmVzdCByZWdhcmRzLDxicj4NCkthcnN0ZW48L2ZvbnQ+PC9wPg0K PGRpdj5PbiAwOC4xMi4yMDIwIDIwOjE1LCBXYXJyZW4gUGFyYWQgd3JvdGU6PGJyPg0KPC9kaXY+ DQo8YmxvY2txdW90ZSB0eXBlPSJjaXRlIj4NCjxkaXYgZGlyPSJsdHIiPkFzIGFuIGltcGxlbWVu dGVyJm5ic3A7b24gYm90aCBzaWRlcyBvZiB0aGUgaXNzdWUgSSdtIHN0cnVnZ2xpbmcgdG8gdW5k ZXJzdGFuZCBob3cgdGhpcyBwcm9ibGVtIHdvdWxkIG9jY3VyLiBJJ20gZmluZGluZyBpc3N1ZXMg d2l0aCB0aGUgcHJvcG9zZWQgcHJvYmxlbXM6DQo8ZGl2Pg0KPG9sPg0KPGxpPkhvbmVzdCBBUyBp cyBjb21wcm9taXNlZCwgYXNzdW1pbmcgdGhpcyBkb2VzIGhhcHBlbiBkZXRhaWxzIG9uIHdoeSBh ZGRpbmcgaXNzIHRvIHRoZSBBUyByZXNwb25zZSB3b3VsZCBwcmV2ZW50IGF0dGFja3MgaXMgbmVj ZXNzYXJ5IGZvciBtZS4gSW4gb3RoZXIgd29yZHMsIGhvdyB3b3VsZCBhbiBBUyBiZSBjb21wcm9t aXNlZCBpbiBhIHdheSB0aGF0IHdvdWxkIGJlIGlkZW50aWZpYWJsZSB0aHJvdWdoIHRoZSBpc3N1 ZXIgdmFsdWU/IChteQ0KIGlnbm9yYW50IGFzc3VtcHRpb24gaXMgdGhhdCBhIGNvbXByb21pc2Vk IEFTIGlzIGNvbXByb21pc2VkIGVub3VnaCB0aGF0IGFuIGF0dGFja2VyIHdvdWxkIGJlIGFibGUg dG8gc2VuZCB0aGUgY29ycmVjdCBJU1MpPC9saT48bGk+QXR0YWNrZXIgQVMgaXMgcmVnaXN0ZXJl ZC4gSSBmdWxseSBzdXBwb3J0IHRoZSBpZGVhIHRoYXQgdGhpcyBjYW4gYW5kIHdpbGwgaGFwcGVu LCBob3dldmVyIGZyb20gYXR0ZW1wdGluZyB0byB0ZXN0LWltcGxlbWVudCB0aGlzIHByb3Bvc2Fs LCBJIGNhbid0IHNlZSBob3cgdGhlIGF1dGhvcml6YXRpb24gd291bGQgYmUgc2VudCB0byB0aGUg d3JvbmcgdG9rZW4gZW5kcG9pbnQuIFNpbmNlIHRoZXJlIGlzIG5vIGluZm9ybWF0aW9uIGluIHRo ZQ0KIEFTIGF1dGggY29kZSByZXNwb25zZSwgdGhlIGNsaWVudCBtdXN0IGFscmVhZHkgaGF2ZSB0 aGUga25vd2xlZGdlIG9mIHdoZXJlIHRoZXkgYXJlIGdvaW5nIHRvIHNlbmQgdGhlIHRva2VuLCBu byBtaXgtdXAgY2FuIGJlIGV4ZWN1dGVkLiBJIHdvdWxkIGFyZ3VlLCBpZiBhbnl0aGluZywgYWRk aW5nIHRoZSBJU1MgcGFyYW1ldGVyIHdvdWxkIG9wZW4gYSBuZXcgYXR0YWNrIHN1cmZhY2UgYnkg cHJvdmlkaW5nIGNsaWVudHMgYW4gb3Bwb3J0dW5pdHkNCiB0byBibGF0YW50bHkmbmJzcDt0cnVz dCB0aGUgSVNTIHBhcmFtZXRlciBhcyB0aGUgaG9uZXN0IEFTIGFuZCB0aHVzIGFjdHVhbGx5IHNl bmRpbmcgdGhlIGNvZGUgdGhlcmUgaW5zdGVhZCBvZiBzZW5kaW5nIGl0IHRvIG9uZSBzcGVjaWZp ZWQgaW4gdGhlIG1ldGFkYXRhIGRvY3VtZW50LjwvbGk+PC9vbD4NCjxkaXY+TXkgY29uZnVzaW9u IGlzIHRoZSBmb2xsb3dpbmc6PC9kaXY+DQo8ZGl2Pg0KPHVsPg0KPGxpPkFyZSBtdWx0aSBBUyBz ZXJ2aWNlcyB1dGlsaXppbmcgYXV0aG9yaXphdGlvbiBjb2RlcyBpbiBhIHdheSB3aGVyZSB0aGVy ZSBjb3VsZCBiZSBhIG1peCB1cCBhdHRhY2sgZm9yICMyLjwvbGk+PGxpPklzIHRoZXJlIGEgIzMg dGhhdCBJJ20gbWlzc2luZyB3aGljaCBldmVuIGluIGxpZ2h0IG9mICMxICZhbXA7ICMyIEkgYnJv dWdodCB1cCB0aGF0IHdvdWxkIHN0aWxsIG1ha2UgdGhpcyBjaGFuZ2UgdmFsdWFibGU/PC9saT48 L3VsPg0KPC9kaXY+DQo8L2Rpdj4NCjxkaXY+DQo8ZGl2IGRpcj0ibHRyIj4NCjxkaXYgZGlyPSJs dHIiPg0KPHRhYmxlIHN0eWxlPSJib3JkZXI6bm9uZTsgYm9yZGVyLWNvbGxhcHNlOmNvbGxhcHNl Ij4NCjxjb2xncm91cD48Y29sIHdpZHRoPSIyMTQiPjxjb2wgd2lkdGg9IjExMCI+PC9jb2xncm91 cD4NCjx0Ym9keT4NCjx0ciBzdHlsZT0iaGVpZ2h0OjBwdCI+DQo8dGQgc3R5bGU9ImJvcmRlci13 aWR0aDoxcHQ7IGJvcmRlci1zdHlsZTpzb2xpZDsgYm9yZGVyLWNvbG9yOnJnYigyNTUsMjU1LDI1 NSkgcmdiKDIwNCwyMDQsMjA0KSByZ2IoMjU1LDI1NSwyNTUpIHJnYigyNTUsMjU1LDI1NSk7IHZl cnRpY2FsLWFsaWduOnRvcDsgcGFkZGluZzo1cHQ7IG92ZXJmbG93OmhpZGRlbiI+DQo8cCBkaXI9 Imx0ciIgc3R5bGU9ImxpbmUtaGVpZ2h0OjEuMjsgYm9yZGVyLXdpZHRoOjFwdDsgYm9yZGVyLXN0 eWxlOnNvbGlkOyBib3JkZXItY29sb3I6cmdiKDI1NSwyNTUsMjU1KTsgbWFyZ2luLXRvcDowcHQ7 IG1hcmdpbi1ib3R0b206MHB0Ij4NCjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTFwdDsgZm9udC1m YW1pbHk6QXJpYWw7IGNvbG9yOnJnYigwLDAsMCk7IGJhY2tncm91bmQtY29sb3I6dHJhbnNwYXJl bnQ7IHZlcnRpY2FsLWFsaWduOmJhc2VsaW5lOyB3aGl0ZS1zcGFjZTpwcmUtd3JhcCI+PHNwYW4g c3R5bGU9ImJvcmRlcjpub25lOyBkaXNwbGF5OmlubGluZS1ibG9jazsgb3ZlcmZsb3c6aGlkZGVu OyB3aWR0aDoxOTlweDsgaGVpZ2h0OjM0cHgiPjxpbWcgc3JjPSJodHRwczovL2xoNi5nb29nbGV1 c2VyY29udGVudC5jb20vRE5pRHgxUUdJclNxTVBLRE4xb0tldnhZdXlWUlhzcWhYZGZaT3NXNTZS ZjJBNzRtVUtiQVB0ckpTTnc0cXlua1Nqb2x0V2tQWWRCaGFaSmcxQk80NVlPYzF4czZyOUtKMWZZ c05Ib2dZLW5oNmhqdUltOUdDZUJSUnpyU2M4a1djVVNOdHVBIiB3aWR0aD0iMTk5IiBoZWlnaHQ9 IjM0IiBzdHlsZT0ibWFyZ2luLWxlZnQ6MHB4OyBtYXJnaW4tdG9wOjBweCI+PC9zcGFuPjwvc3Bh bj48L3A+DQo8L3RkPg0KPHRkIHN0eWxlPSJib3JkZXItd2lkdGg6MXB0OyBib3JkZXItc3R5bGU6 c29saWQ7IGJvcmRlci1jb2xvcjpyZ2IoMjU1LDI1NSwyNTUpIHJnYigyNTUsMjU1LDI1NSkgcmdi KDI1NSwyNTUsMjU1KSByZ2IoMjA0LDIwNCwyMDQpOyB2ZXJ0aWNhbC1hbGlnbjp0b3A7IHBhZGRp bmc6NXB0OyBvdmVyZmxvdzpoaWRkZW4iPg0KPHAgZGlyPSJsdHIiIHN0eWxlPSJsaW5lLWhlaWdo dDoxLjI7IGJvcmRlci1sZWZ0OjFwdCBzb2xpZCByZ2IoMjU1LDI1NSwyNTUpOyBib3JkZXItcmln aHQ6MXB0IHNvbGlkIHJnYigyNTUsMjU1LDI1NSk7IGJvcmRlci10b3A6MXB0IHNvbGlkIHJnYigy NTUsMjU1LDI1NSk7IG1hcmdpbi10b3A6MHB0OyBtYXJnaW4tYm90dG9tOjBwdCI+DQo8c3BhbiBz dHlsZT0iZm9udC1zaXplOjExcHQ7IGZvbnQtZmFtaWx5OkxhdG8sc2Fucy1zZXJpZjsgYmFja2dy b3VuZC1jb2xvcjp0cmFuc3BhcmVudDsgZm9udC13ZWlnaHQ6NzAwOyB2ZXJ0aWNhbC1hbGlnbjpi YXNlbGluZTsgd2hpdGUtc3BhY2U6cHJlLXdyYXAiPldhcnJlbiBQYXJhZDwvc3Bhbj48L3A+DQo8 cCBkaXI9Imx0ciIgc3R5bGU9ImxpbmUtaGVpZ2h0OjEuMjsgYm9yZGVyLWxlZnQ6MXB0IHNvbGlk IHJnYigyNTUsMjU1LDI1NSk7IGJvcmRlci1yaWdodDoxcHQgc29saWQgcmdiKDI1NSwyNTUsMjU1 KTsgYm9yZGVyLWJvdHRvbToxcHQgc29saWQgcmdiKDI1NSwyNTUsMjU1KTsgbWFyZ2luLXRvcDow cHQ7IG1hcmdpbi1ib3R0b206MHB0Ij4NCjxmb250IGZhY2U9IkxhdG8sIHNhbnMtc2VyaWYiPjxz cGFuIHN0eWxlPSJmb250LXNpemU6MTMuMzMzM3B4OyB3aGl0ZS1zcGFjZTpwcmUtd3JhcCI+Rm91 bmRlciwgQ1RPPC9zcGFuPjwvZm9udD48L3A+DQo8L3RkPg0KPC90cj4NCjwvdGJvZHk+DQo8L3Rh YmxlPg0KPHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTp4LXNtYWxsIj5TZWN1cmUgeW91ciB1c2VyIGRh dGEgYW5kIGNvbXBsZXRlIHlvdXIgYXV0aG9yaXphdGlvbiBhcmNoaXRlY3R1cmUuIEltcGxlbWVu dCZuYnNwOzwvc3Bhbj48YSBocmVmPSJodHRwczovL2JpdC5seS8zN1NTTzFwIiByZWw9Im5vcmVm ZXJyZXIiIHRhcmdldD0iX2JsYW5rIiBzdHlsZT0iZm9udC1zaXplOngtc21hbGwiPkF1dGhyZXNz PC9hPjxzcGFuIHN0eWxlPSJmb250LXNpemU6eC1zbWFsbCI+Ljwvc3Bhbj48YnI+DQo8L2Rpdj4N CjwvZGl2Pg0KPC9kaXY+DQo8YnI+DQo8L2Rpdj4NCjxicj4NCjxkaXYgY2xhc3M9InhfZ21haWxf cXVvdGUiPg0KPGRpdiBkaXI9Imx0ciIgY2xhc3M9InhfZ21haWxfYXR0ciI+T24gVHVlLCBEZWMg OCwgMjAyMCBhdCA4OjAxIFBNIERpY2sgSGFyZHQgJmx0OzxhIGhyZWY9Im1haWx0bzpkaWNrLmhh cmR0QGdtYWlsLmNvbSIgcmVsPSJub3JlZmVycmVyIiB0YXJnZXQ9Il9ibGFuayI+ZGljay5oYXJk dEBnbWFpbC5jb208L2E+Jmd0OyB3cm90ZTo8YnI+DQo8L2Rpdj4NCjxibG9ja3F1b3RlIGNsYXNz PSJ4X2dtYWlsX3F1b3RlIiBzdHlsZT0ibWFyZ2luOjBweCAwcHggMHB4IDAuOGV4OyBib3JkZXIt bGVmdDoxcHggc29saWQgcmdiKDIwNCwyMDQsMjA0KTsgcGFkZGluZy1sZWZ0OjFleCI+DQo8ZGl2 IGRpcj0ibHRyIj4rMTxicj4NCjwvZGl2Pg0KPGRpdiBoc3BhY2U9InN0cmVhay1wdC1tYXJrIiBz dHlsZT0ibWF4LWhlaWdodDoxcHgiPjxpbWcgYWx0PSIiIHN0eWxlPSJ3aWR0aDowcHg7IG1heC1o ZWlnaHQ6MHB4OyBvdmVyZmxvdzpoaWRkZW4iPjxmb250IHNpemU9IjEiIGNvbG9yPSIjZmZmZmZm Ij7hkKc8L2ZvbnQ+PC9kaXY+DQo8YnI+DQo8ZGl2IGNsYXNzPSJ4X2dtYWlsX3F1b3RlIj4NCjxk aXYgZGlyPSJsdHIiIGNsYXNzPSJ4X2dtYWlsX2F0dHIiPk9uIFR1ZSwgRGVjIDgsIDIwMjAgYXQg NDo1MSBBTSBSaWZhYXQgU2hla2gtWXVzZWYgJmx0OzxhIGhyZWY9Im1haWx0bzpyaWZhYXQucy5p ZXRmQGdtYWlsLmNvbSIgcmVsPSJub3JlZmVycmVyIiB0YXJnZXQ9Il9ibGFuayI+cmlmYWF0LnMu aWV0ZkBnbWFpbC5jb208L2E+Jmd0OyB3cm90ZTo8YnI+DQo8L2Rpdj4NCjxibG9ja3F1b3RlIGNs YXNzPSJ4X2dtYWlsX3F1b3RlIiBzdHlsZT0ibWFyZ2luOjBweCAwcHggMHB4IDAuOGV4OyBib3Jk ZXItbGVmdDoxcHggc29saWQgcmdiKDIwNCwyMDQsMjA0KTsgcGFkZGluZy1sZWZ0OjFleCI+DQo8 ZGl2IGRpcj0ibHRyIj5BbGwsPGJyPg0KPGJyPg0KVGhpcyBpcyBhIGNhbGwgZm9yIGFkb3B0aW9u IGZvciB0aGUgZm9sbG93aW5nIEFTIElzc3VlciBJZGVudGlmaWVyIGluIEF1dGhvcml6YXRpb24g UmVzcG9uc2UgYXMgYSBXRyBkb2N1bWVudDo8YnI+DQo8YSBocmVmPSJodHRwczovL2RhdGF0cmFj a2VyLmlldGYub3JnL2RvYy9kcmFmdC1tZXllcnp1c2VsaGF1c2VuLW9hdXRoLWlzcy1hdXRoLXJl c3AvIiByZWw9Im5vcmVmZXJyZXIiIHRhcmdldD0iX2JsYW5rIj5odHRwczovL2RhdGF0cmFja2Vy LmlldGYub3JnL2RvYy9kcmFmdC1tZXllcnp1c2VsaGF1c2VuLW9hdXRoLWlzcy1hdXRoLXJlc3Av PC9hPjxicj4NCjxicj4NClBsZWFzZSwgcHJvdmlkZSB5b3VyIGZlZWRiYWNrIG9uIHRoZSBtYWls aW5nIGxpc3QgYnkgRGVjIDIybmQuPGJyPg0KPGJyPg0KUmVnYXJkcyw8YnI+DQombmJzcDtSaWZh YXQgJmFtcDsgSGFubmVzPGJyPg0KPC9kaXY+DQpfX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fXzxicj4NCk9BdXRoIG1haWxpbmcgbGlzdDxicj4NCjxhIGhyZWY9 Im1haWx0bzpPQXV0aEBpZXRmLm9yZyIgcmVsPSJub3JlZmVycmVyIiB0YXJnZXQ9Il9ibGFuayI+ T0F1dGhAaWV0Zi5vcmc8L2E+PGJyPg0KPGEgaHJlZj0iaHR0cHM6Ly93d3cuaWV0Zi5vcmcvbWFp bG1hbi9saXN0aW5mby9vYXV0aCIgcmVsPSJub3JlZmVycmVyIG5vcmVmZXJyZXIiIHRhcmdldD0i X2JsYW5rIj5odHRwczovL3d3dy5pZXRmLm9yZy9tYWlsbWFuL2xpc3RpbmZvL29hdXRoPC9hPjxi cj4NCjwvYmxvY2txdW90ZT4NCjwvZGl2Pg0KX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fX188YnI+DQpPQXV0aCBtYWlsaW5nIGxpc3Q8YnI+DQo8YSBocmVmPSJt YWlsdG86T0F1dGhAaWV0Zi5vcmciIHJlbD0ibm9yZWZlcnJlciIgdGFyZ2V0PSJfYmxhbmsiPk9B dXRoQGlldGYub3JnPC9hPjxicj4NCjxhIGhyZWY9Imh0dHBzOi8vd3d3LmlldGYub3JnL21haWxt YW4vbGlzdGluZm8vb2F1dGgiIHJlbD0ibm9yZWZlcnJlciBub3JlZmVycmVyIiB0YXJnZXQ9Il9i bGFuayI+aHR0cHM6Ly93d3cuaWV0Zi5vcmcvbWFpbG1hbi9saXN0aW5mby9vYXV0aDwvYT48YnI+ DQo8L2Jsb2NrcXVvdGU+DQo8L2Rpdj4NCjwvYmxvY2txdW90ZT4NCjxwcmUgY29scz0iNzIiPi0t IA0KS2Fyc3RlbiBNZXllciB6dSBTZWxoYXVzZW4NCklUIFNlY3VyaXR5IENvbnN1bHRhbnQNClBo b25lOgkrNDkgKDApMjM0IC8gNTQ0NTY0OTkNCldlYjoJPGEgaHJlZj0iaHR0cHM6Ly9oYWNrbWFu aXQuZGUiIHJlbD0ibm9yZWZlcnJlciIgdGFyZ2V0PSJfYmxhbmsiPmh0dHBzOi8vaGFja21hbml0 LmRlPC9hPiB8IElUIFNlY3VyaXR5IENvbnN1bHRpbmcsIFBlbmV0cmF0aW9uIFRlc3RpbmcsIFNl Y3VyaXR5IFRyYWluaW5nDQoNCk5laG1lbiBTaWUgYW4gdW5zZXJlciBuw6RjaHN0ZW4gTGl2ZSBP bmxpbmUtU2NodWx1bmcgenVyIFNpY2hlcmhlaXQgdm9uIE9BdXRoIHVuZCBPcGVuSUQgQ29ubmVj dCBhbSAyNy4wMSArIDI4LjAxLjIwMjEgdGVpbDoNCjxhIGhyZWY9Imh0dHBzOi8vd3d3LmhhY2tt YW5pdC5kZS9kZS9zY2h1bHVuZ2VuLzEyNy1saXZlLW9ubGluZS1zY2h1bHVuZy1zaW5nbGUtc2ln bi1vbi1zaWNoZXJoZWl0LW9hdXRoLW9wZW5pZC1jb25uZWN0LWFtLTI3LTAxLTI4LTAxLTIwMjEi IHJlbD0ibm9yZWZlcnJlciIgdGFyZ2V0PSJfYmxhbmsiPmh0dHBzOi8vd3d3LmhhY2ttYW5pdC5k ZS9kZS9zY2h1bHVuZ2VuLzEyNy1saXZlLW9ubGluZS1zY2h1bHVuZy1zaW5nbGUtc2lnbi1vbi1z aWNoZXJoZWl0LW9hdXRoLW9wZW5pZC1jb25uZWN0LWFtLTI3LTAxLTI4LTAxLTIwMjE8L2E+DQoN CkhhY2ttYW5pdCBHbWJIDQpVbml2ZXJzaXTDpHRzc3RyYcOfZSA2MCAoRXh6ZW50ZXJoYXVzKQ0K NDQ3ODkgQm9jaHVtDQoNClJlZ2lzdGVyZ2VyaWNodDogQW10c2dlcmljaHQgQm9jaHVtLCBIUkIg MTQ4OTYNCkdlc2Now6RmdHNmw7xocmVyOiBQcm9mLiBEci4gSsO2cmcgU2Nod2VuaywgUHJvZi4g RHIuIEp1cmFqIFNvbW9yb3Zza3ksIERyLiBDaHJpc3RpYW4gTWFpbmthLCBEci4gTWFyY3VzIE5p ZW1pZXR6PC9wcmU+DQo8L2Rpdj4NCjwvYmxvY2txdW90ZT4NCjwvZGl2Pg0KPC9ibG9ja3F1b3Rl Pg0KPHByZSBjb2xzPSI3MiI+LS0gDQpLYXJzdGVuIE1leWVyIHp1IFNlbGhhdXNlbg0KSVQgU2Vj dXJpdHkgQ29uc3VsdGFudA0KUGhvbmU6CSs0OSAoMCkyMzQgLyA1NDQ1NjQ5OQ0KV2ViOgk8YSBo cmVmPSJodHRwczovL2hhY2ttYW5pdC5kZSIgcmVsPSJub3JlZmVycmVyIiB0YXJnZXQ9Il9ibGFu ayI+aHR0cHM6Ly9oYWNrbWFuaXQuZGU8L2E+IHwgSVQgU2VjdXJpdHkgQ29uc3VsdGluZywgUGVu ZXRyYXRpb24gVGVzdGluZywgU2VjdXJpdHkgVHJhaW5pbmcNCg0KTmVobWVuIFNpZSBhbiB1bnNl cmVyIG7DpGNoc3RlbiBMaXZlIE9ubGluZS1TY2h1bHVuZyB6dXIgU2ljaGVyaGVpdCB2b24gT0F1 dGggdW5kIE9wZW5JRCBDb25uZWN0IGFtIDI3LjAxICsgMjguMDEuMjAyMSB0ZWlsOg0KPGEgaHJl Zj0iaHR0cHM6Ly93d3cuaGFja21hbml0LmRlL2RlL3NjaHVsdW5nZW4vMTI3LWxpdmUtb25saW5l LXNjaHVsdW5nLXNpbmdsZS1zaWduLW9uLXNpY2hlcmhlaXQtb2F1dGgtb3BlbmlkLWNvbm5lY3Qt YW0tMjctMDEtMjgtMDEtMjAyMSIgcmVsPSJub3JlZmVycmVyIiB0YXJnZXQ9Il9ibGFuayI+aHR0 cHM6Ly93d3cuaGFja21hbml0LmRlL2RlL3NjaHVsdW5nZW4vMTI3LWxpdmUtb25saW5lLXNjaHVs dW5nLXNpbmdsZS1zaWduLW9uLXNpY2hlcmhlaXQtb2F1dGgtb3BlbmlkLWNvbm5lY3QtYW0tMjct MDEtMjgtMDEtMjAyMTwvYT4NCg0KSGFja21hbml0IEdtYkgNClVuaXZlcnNpdMOkdHNzdHJhw59l IDYwIChFeHplbnRlcmhhdXMpDQo0NDc4OSBCb2NodW0NCg0KUmVnaXN0ZXJnZXJpY2h0OiBBbXRz Z2VyaWNodCBCb2NodW0sIEhSQiAxNDg5Ng0KR2VzY2jDpGZ0c2bDvGhyZXI6IFByb2YuIERyLiBK w7ZyZyBTY2h3ZW5rLCBQcm9mLiBEci4gSnVyYWogU29tb3JvdnNreSwgRHIuIENocmlzdGlhbiBN YWlua2EsIERyLiBNYXJjdXMgTmllbWlldHo8L3ByZT4NCjwvZGl2Pg0KPC9ibG9ja3F1b3RlPg0K PC9kaXY+DQo8L2Rpdj4NCjwvZGl2Pg0KPC9ib2R5Pg0KPC9odG1sPg0K --_000_BYAPR10MB339821563113EB3920BF6A10EECC0BYAPR10MB3398namp_-- From nobody Wed Dec 9 14:58:33 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 02E963A17E4 for ; Wed, 9 Dec 2020 14:58:32 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.086 X-Spam-Level: X-Spam-Status: No, score=-2.086 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_FONT_FACE_BAD=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, T_SPF_TEMPERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=pingidentity.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hCV05yK9esZs for ; Wed, 9 Dec 2020 14:58:26 -0800 (PST) Received: from mail-lj1-x232.google.com (mail-lj1-x232.google.com [IPv6:2a00:1450:4864:20::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 851523A1265 for ; Wed, 9 Dec 2020 14:58:25 -0800 (PST) Received: by mail-lj1-x232.google.com with SMTP id a1so4470320ljq.3 for ; Wed, 09 Dec 2020 14:58:25 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=m4+hsYPxG2EZkfPrI68v0X0u57sSKaxTStn9Xzof3wM=; b=GtoiEWaqitb9HRY8DFy/UZZ6EoXDctyyERYeUoN6Dw2W56zF6FOQWvvXBE5b9ZLGQg aV4nRtyQrXsd87pcgu6DpfXcMgKoJ8Tbk6q+ebJdnVtagU5vNroYnYBs5CYZtS6QR5Wm UPEdAVGx959sTzt3REXWS3Sa342ro9t4NYp6PZOByqvLFICnshd7+j0F5sRe/rZs6kMQ wRboai/rnbtm2stYMuUXnNRNU2hq8yHTaNDkyNenXkHzj2Lm7gX6DIMmnP3rBYAC1LgS egedqcgN3dJwTepqV+yKAqI3dg3BEVc3HN6AX6AuhW0NgQPIPSeLQA6xrN+HfNChPiSi 4XeQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=m4+hsYPxG2EZkfPrI68v0X0u57sSKaxTStn9Xzof3wM=; b=h5X9IBQKxzI7J1s1uKMpUVcGB0j6zyC29DYcwR0UoVXLxVVALjXpLWitMQmHDC6uRE Ry0DRswQvuAhiDEojRKi8eavUuidnDis2PbfOmf4MrRJEyQZ9r5xbQiL1xjMP7/DjOS5 bqvltGfcBCegFq6O6HPkG4g/sYw3Uf4FZ3lQpbJkMdOZjJU3EdNlA2U5tMme6NJfKMvw BbM+jFe/yUUtl3xNfiAms/Mm9pdrGbUxSkMtje7w5+PeSm7TokFp1gKy0pkTOuQqxW+E PhNuiYiOyUgrm8K/seUm8fAOIaZ1mQ8w5N7hWtdw65+MPsQTTE/T7qswDr43gigLDsQK ATLA== X-Gm-Message-State: AOAM532bTxQw0htKzORXz3BOliBvQ3G+6QCxopfV+3zN7URmO6VCOHYr N4X3nHZB/SojHCrNVFQBmZCMyXGB5hhwhOUMdi+9rOE8ZYltu25ooAZgaoCg8xL2D+Oy/jJEyIW eTpP6IAjgfcJ96g== X-Google-Smtp-Source: ABdhPJzitCt7xvs3oO+dVbkmyNCLreE/7Of3A8xbvg/qSbFZwvcQudUW250DvFiKgAC+Lyr5QtXs1q5cN8TpqHEJEtw= X-Received: by 2002:a2e:321a:: with SMTP id y26mr1850884ljy.293.1607554703373; Wed, 09 Dec 2020 14:58:23 -0800 (PST) MIME-Version: 1.0 References: <30D5F7BA-EA54-4E40-A2FC-222AA0C9AF8D@lodderstedt.net> <353E4494-2F80-44BC-9267-6FB8B37AA0FE@lodderstedt.net> <1B663AA7-563D-4D25-A408-9ED10FD818AC@forgerock.com> In-Reply-To: From: Brian Campbell Date: Wed, 9 Dec 2020 15:57:56 -0700 Message-ID: To: Philippe De Ryck Cc: Neil Madden , Torsten Lodderstedt , oauth Content-Type: multipart/alternative; boundary="0000000000000d519905b60ffffd" Archived-At: Subject: Re: [OAUTH-WG] DPoP followup I: freshness and coverage of signature X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Dec 2020 22:58:32 -0000 --0000000000000d519905b60ffffd Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Thanks Philippe, I very much concur with your line of reasoning and the important considerations. The scenario I was thinking of is: browser based client where XSS is used to exfiltrate the refresh token along with pre-computed proofs that would allow for the RT to be exchanged for new access tokens and also pre-computed proofs that would work with those access tokens for resource access. With the pre-computed proofs that would allow prolonged (as long as the RT is valid) access to protected resources even when the victim is offline. Is that a concrete attack scenario? I mean, kind of. It's pretty convoluted/complex. And while an access token hash would reign it in somewhat (ATs obtained from the stolen RT wouldn't be usable) it's hard to say if the cost is worth the benefit. On Tue, Dec 8, 2020 at 11:47 PM Philippe De Ryck < philippe@pragmaticwebsecurity.com> wrote: > Yeah, browser-based apps are pure fun, aren=E2=80=99t they? :) > > The reason I covered a couple of (pessimistic) XSS scenarios is that the > discussion started with an assumption that the attacker already > successfully exploited an XSS vulnerability. I pointed out how, at that > point, finetuning DPoP proof contents will have little to no effect to st= op > an attack. I believe it is important to make this very clear, to avoid > people turning to DPoP as a security mechanism for browser-based > applications. > > > Specifically to your question on including the hash in the proof, I think > these considerations are important: > > 1. Does the inclusion of the AT hash stop a concrete attack scenario? > 2. Is the =E2=80=9Ccost=E2=80=9D (implementation, getting it right, =E2= =80=A6) worth the benefits? > > > Here=E2=80=99s my view on these considerations (*specifically for browser= -based > apps, not for other types of applications*): > > 1. The proof precomputation attack is already quite complex, and short > access token lifetimes already reduce the window of attack. If the attack= er > can steal a future AT, they could also precompute new proofs then. > 2. For browser-based apps, it seems that doing this complicates the > implementation, without adding much benefit. Of course, libraries could > handle this, which significantly reduces the cost. > > > Note that these comments are specifically to complicating the spec and > implementation. DPoP=E2=80=99s capabilities of using sender-constrained a= ccess > tokens are still useful to counter various other scenarios (e.g., > middleboxes or APIs abusing access tokens). If other applications would > significantly benefit from having the hash in the proof, I=E2=80=99m all = for it. > > On a final note, I would be happy to help clear up the details on > web-based threats and defenses if necessary. > > =E2=80=94 > *Pragmatic Web Security* > *Security for developers* > https://pragmaticwebsecurity.com/ > > > On 8 Dec 2020, at 22:47, Brian Campbell > wrote: > > Danial recently added some text to the working copy of the draft with > https://github.com/danielfett/draft-dpop/commit/f4b42058 that I think > aims to better convey the "nutshell: XSS =3D Game over" sentiment and may= be > dissuade folks from looking to DPoP as a cure-all for browser based > applications. Admittedly a lot of the initial impetus behind producing th= e > draft in the first place was born out of discussions around browser based > apps. But it's neither specific to browser based apps nor a panacea for > them. I hope the language in the document and how it's recently been > presented is reflective of that reality. > > The more specific discussions/recommendations around in-browser apps are > valuable (if somewhat over my head) but might be more appropriate in the = OAuth > 2.0 for Browser-Based Apps > > draft. > > With respect to the contents of the DPoP draft, I am still keen to try an= d > flush out some consensus around the question posed in the start of this > thread, which is effectively whether or not to include a hash of the acce= ss > token in the proof. Acknowledging that "XSS =3D Game over" does sort of > evoke a tendency to not even bother with such incremental protections (wh= at > I've tried to humorously coin as "XSS Nihilism" with no success). And as > such, I do think that leaving it how it is (no AT hash in the proof) is n= ot > unreasonable. But, as Filip previously articulated, including the AT hash > in the proof would prevent potentially prolonged access to protected > resources even when the victim is offline. And that seems maybe worthwhil= e > to have in the protocol, given that it's not a huge change to the spec. B= ut > it's a trade-off either way and I'm personally on the fence about it. > > Including an RT hash in the proof seems more niche. Best I can tell, it > would guard against prolonged offline access to protected resources when > access tokens are bearer and the RT was DPoP-bound and also gets rotated. > The trade-off there seems less worth it (I think an RT hash would be more > awkward in the protocol too). > > > > > > > > On Fri, Dec 4, 2020 at 5:40 AM Philippe De Ryck < > philippe@pragmaticwebsecurity.com> wrote: > >> >> The suggestion to use a web worker to ensure that proofs cannot be >> pre-computed is a good one I think. (You could also use a sandboxed ifra= me >> for a separate sub/sibling-domain - dpop.example.com). >> >> >> An iframe with a different origin would also work (not really sandboxing= , >> as that implies the use of the sandbox attribute to enforce behavioral >> restrictions). The downside of an iframe is the need to host additional >> HTML, vs a script file for the worker, but the effect is indeed the same= . >> >> For scenario 4, I think this only works if the attacker can trick/spoof >> the AS into using their redirect_uri? Otherwise the AC will go to the >> legitimate app which will reject it due to mismatched state/PKCE. Or are >> you thinking of XSS on the redirect_uri itself? I think probably a good >> practice is that the target of a redirect_uri should be a very minimal a= nd >> locked down page to avoid this kind of possibility. (Again, using a >> separate sub-domain to handle tokens and DPoP seems like a good idea). >> >> >> My original thought was to use a silent flow with Web Messaging. The >> scenario would go as follows: >> >> 1. Setup a Web Messaging listener to receive the incoming code >> 2. Create a hidden iframe with the DOM APIs >> 3. Create an authorization request such as =E2=80=9C*/authorize?response= _type=3Dcode&client_id=3D...&redirect_uri=3Dhttps%3A%2F%example.com >> &state=3D...&code_challenge=3D7-ffnU1EzHtMfxOAdlkp_= WixnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256&prompt=3Dnone&response_= mode=3Dweb_message* >> =E2=80=9D >> 4. Load this URL in the iframe, and wait for the result >> 5. Retrieve code in the listener, and use PKCE (+ DPoP if needed) to >> exchange it for tokens >> >> This puts the attacker in full control over every aspect of the flow, so >> no need to manipulate any of the parameters. >> >> >> After your comment, I also believe an attacker can run the same scenario >> without the =E2=80=9C*response_mode=3Dweb_message*=E2=80=9D. This would = go as follows: >> >> 1. Create a hidden iframe with the DOM APIs >> 2. Setup polling to read the URL (this will be possible for same-origin >> pages, not for cross-origin pages) >> 3. Create an authorization request such as =E2=80=9C*/authorize?response= _type=3Dcode&client_id=3D...&redirect_uri=3Dhttps%3A%2F%example.com >> &state=3D...&code_challenge=3D7-ffnU1EzHtMfxOAdlkp_= WixnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256* >> =E2=80=9D >> 4. Load this URL in the iframe, and keep polling >> 5. Detect the redirect back to the application with the code in the URL, >> retrieve code, and use PKCE (+ DPoP if needed) to exchange it for tokens >> >> In step 5, the application is likely to also try to exchange the code. >> This will fail due to a mismatching PKCE verifier. While noisy, I don=E2= =80=99t >> think it affects the scenario. >> >> >> IMO, the online attack scenario (i.e., proxying malicious requests >> through the victim=E2=80=99s browser) is quite appealing to an attacker,= despite >> the apparent inconvenience: >> >> - the victim=E2=80=99s browser may be inside a corporate firewall or VP= N, >> allowing the attacker to effectively bypass these restrictions >> - the attacker=E2=80=99s traffic is mixed in with the user=E2=80=99s ow= n requests, >> making them harder to distinguish or to block >> >> Overall, DPoP can only protect against XSS to the same level as HttpOnly >> cookies. This is not nothing, but it means it only prevents relatively >> naive attacks. Given the association of public key signatures with stron= g >> authentication, people may have overinflated expectations if DPoP is >> pitched as an XSS defence. >> >> >> Yes, in the cookie world this is known as =E2=80=9CSession Riding=E2=80= =9D. Having the >> worker for token isolation would make it possible to enforce a >> coarse-grained policy on outgoing requests to prevent total abuse of the= AT. >> >> My main concern here is the effort of doing DPoP in a browser versus the >> limited gains. It may also give a false sense of security. >> >> >> >> With all this said, I believe that the AS can lock down its configuratio= n >> to reduce these attack vectors. A few initial ideas: >> >> 1. Disable silent flows for SPAs using RT rotation >> 2. Use the sec-fetch headers to detect and reject non-silent iframe-base= d >> flows >> >> For example, an OAuth 2.0 flow in an iframe in Brave/Chrome carries >> these headers: >> *sec-fetch-dest: iframesec-fetch-mode: navigatesec-fetch-site: >> cross-sitesec-fetch-user: ?1* >> >> >> Philippe >> >> >> > *CONFIDENTIALITY NOTICE: This email may contain confidential and > privileged material for the sole use of the intended recipient(s). Any > review, use, distribution or disclosure by others is strictly prohibited. > If you have received this communication in error, please notify the sende= r > immediately by e-mail and delete the message and any file attachments fro= m > your computer. Thank you.* > > > --=20 _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged= =20 material for the sole use of the intended recipient(s). Any review, use,=20 distribution or disclosure by others is strictly prohibited.=C2=A0 If you h= ave=20 received this communication in error, please notify the sender immediately= =20 by e-mail and delete the message and any file attachments from your=20 computer. Thank you._ --0000000000000d519905b60ffffd Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
    Thanks Philippe, I very much concur with= your line of reasoning and the important considerations. The scenario I wa= s thinking of is: browser based client where XSS is used to exfiltrate the = refresh token along with pre-computed proofs that would allow for the RT to= be exchanged for new access tokens and also pre-computed proofs that woul= d work with those access tokens for resource access. With the pre-computed = proofs that would allow prolonged (as long as the RT is valid) access to pr= otected resources even when the victim is offline. Is that a concrete attac= k scenario? I mean, kind of. It's pretty convoluted/complex. And while = an access token hash would reign it in somewhat (ATs obtained from the stol= en RT wouldn't be usable) it's hard to say if the cost is worth the= benefit.



    =
    On Tue, Dec 8, 2020 at 11:47 PM Phili= ppe De Ryck <philip= pe@pragmaticwebsecurity.com> wrote:
    Yeah, = browser-based apps are pure fun, aren=E2=80=99t they? :)

    The reason I covered a couple of (pessimistic) XSS scenarios is that the d= iscussion started with an assumption that the attacker already successfully= exploited an XSS vulnerability. I pointed out how, at that point, finetuni= ng DPoP proof contents will have little to no effect to stop an attack. I b= elieve it is important to make this very clear, to avoid people turning to = DPoP as a security mechanism for browser-based applications.

    =

    Specifically to your question on including the ha= sh in the proof, I think these considerations are important:

    =
    1. Does the inclusion of the AT hash stop a concrete attack scen= ario?
    2. Is the =E2=80=9Ccost=E2=80=9D (implementation, getting i= t right, =E2=80=A6) worth the benefits?


    =
    Here=E2=80=99s my view on these considerations (specifically for= browser-based apps, not for other types of applications):

    1. The proof precomputation attack is already quite comple= x, and short access token lifetimes already reduce the window of attack. If= the attacker can steal a future AT, they could also precompute new proofs = then.=C2=A0
    2. For browser-based apps, it seems that doing this c= omplicates the implementation, without adding much benefit. Of course, libr= aries could handle this, which significantly reduces the cost.=C2=A0
    <= div>

    Note that these comments are specifically= to complicating the spec and implementation. DPoP=E2=80=99s capabilities o= f using sender-constrained access tokens are still useful to counter variou= s other scenarios (e.g., middleboxes or APIs abusing access tokens). If oth= er applications would significantly benefit from having the hash in the pro= of, I=E2=80=99m all for it.

    On a final note, I wou= ld be happy to help clear up the details on web-based threats and defenses = if necessary.

    =E2=80=94
    Pragmatic Web Security
    Security= for developers
    https://pragmaticwebsecurity.com/


    On 8 Dec 2020, at 22:47, Brian Camp= bell <bc= ampbell@pingidentity.com> wrote:

    Danial recently added some text to the working copy of the draft with https://github.com/danielfett/draft-dpop/commit/f4b42058 that= I think aims to better convey the "nutshell: XSS =3D Game over" = sentiment and maybe dissuade folks from looking to DPoP as a cure-all for b= rowser based applications. Admittedly a lot of the initial impetus behind p= roducing the draft in the first place was born out of discussions around br= owser based apps. But it's neither specific to browser based apps nor a= panacea for them. I hope the language in the document and how it's rec= ently been presented is reflective of that reality.

    The more specific discussions/recommendations around in-browser apps= are valuable (if somewhat over my head) but might be more appropriate in t= he OAuth 2.0 for Browser-Based Apps draft.

    With respect to the contents of the DPoP draft, I am= still keen to try and flush out some consensus around the question posed i= n the start of this thread, which is effectively whether or not to include = a hash of the access token in the proof.=C2=A0 Acknowledging that "XSS= =3D Game over" does sort of evoke a tendency to not even bother with = such incremental protections (what I've tried to humorously coin as &q= uot;XSS Nihilism" with no success). And as such, I do think that leavi= ng it how it is (no AT hash in the proof) is not unreasonable. But, as Fili= p previously articulated, including the AT hash in the proof would prevent = potentially prolonged access to protected resources even when the victim i= s offline. And that seems maybe worthwhile to have in the protocol, given t= hat it's not a huge change to the spec. But it's a trade-off either= way and I'm personally on the fence about it.

    Including an RT hash in the proof seems more niche. Best I can tell, it wo= uld guard against prolonged offline access to protected resources when acce= ss tokens are bearer and the RT was DPoP-bound and also gets rotated. The t= rade-off there seems less worth it (I think an RT hash would be more awkwar= d in the protocol too).







    =
    On Fri, Dec 4, 2020 at 5:40 AM Philip= pe De Ryck <philippe@pragmaticwebsecurity.com> wrote:

    =
    The suggestion to use a web worker= to ensure that proofs cannot be pre-computed is a good one I think. (You c= ould also use a sandboxed iframe for a separate sub/sibling-domain - dpop.example.com).

    An iframe with a different o= rigin would also work (not really sandboxing, as that implies the use of th= e sandbox attribute to enforce behavioral restrictions). The downside of an= iframe is the need to host additional HTML, vs a script file for the worke= r, but the effect is indeed the same.

    For scenario 4, I think this only works if the att= acker can trick/spoof the AS into using their redirect_uri? Otherwise the A= C will go to the legitimate app which will reject it due to mismatched stat= e/PKCE. Or are you thinking of XSS on the redirect_uri itself? I think prob= ably a good practice is that the target of a redirect_uri should be a very = minimal and locked down page to avoid this kind of possibility. (Again, usi= ng a separate sub-domain to handle tokens and DPoP seems like a good idea).=

    My original thought was = to use a silent flow with Web Messaging. The scenario would go as follows:<= /div>

    1. Setup a Web Messaging listener to receive the i= ncoming code
    2. Create a hidden iframe with the DOM APIs
    3. Create an authorization request such as =E2=80=9C/authorize?respons= e_type=3Dcode&client_id=3D...&redirect_uri=3Dhttps%3A%2F%example.com&state=3D...&= ;code_challenge=3D7-ffnU1EzHtMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_chal= lenge_method=3DS256&prompt=3Dnone&response_mode=3Dweb_message= =E2=80=9D
    4. Load this URL in the iframe, and wait for the result=
    5. Retrieve code in the listener, and use PKCE (+ DPoP if needed= ) to exchange it for tokens

    This puts the attacker= in full control over every aspect of the flow, so no need to manipulate an= y of the parameters.


    After your com= ment, I also believe an attacker can run the same scenario without the =E2= =80=9Cresponse_mode=3Dweb_message=E2=80=9D. This would go as follows= :

    1. Create a hidden iframe with the DOM APIs=
    2. Setup polling to read the URL (this will be possible for same= -origin pages, not for cross-origin pages)
    3. Create an authoriza= tion request such as =E2=80=9C/authorize?response_type=3Dcode&client= _id=3D...&redirect_uri=3Dhttps%3A%2F%example.com&state=3D...&code_challenge=3D7-ffnU= 1EzHtMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256= =E2=80=9D
    4. Load this URL in the iframe, and keep polling
    <= div>5. Detect the redirect back to the application with the code in the URL= , retrieve code, and use PKCE (+ DPoP if needed) to exchange it for tokens<= /div>

    In step 5, the application is likely to also try t= o exchange the code. This will fail due to a mismatching PKCE verifier. Whi= le noisy, I don=E2=80=99t think it affects the scenario.=C2=A0
    <= div>

    IMO, the online = attack scenario (i.e., proxying malicious requests through the victim=E2=80= =99s browser) is quite appealing to an attacker, despite the apparent incon= venience:

    =C2=A0- the victim=E2=80=99s browser may= be inside a corporate firewall or VPN, allowing the attacker to effectivel= y bypass these restrictions
    =C2=A0- the attacker=E2=80=99s traffi= c is mixed in with the user=E2=80=99s own requests, making them harder to d= istinguish or to block

    Overall, DPoP can only prot= ect against XSS to the same level as HttpOnly cookies. This is not nothing,= but it means it only prevents relatively naive attacks. Given the associat= ion of public key signatures with strong authentication, people may have ov= erinflated expectations if DPoP is pitched as an XSS defence.

    Yes, in the cookie world this is known= as =E2=80=9CSession Riding=E2=80=9D. Having the worker for token isolation= would make it possible to enforce a coarse-grained policy on outgoing requ= ests to prevent total abuse of the AT.

    My main con= cern here is the effort of doing DPoP in a browser versus the limited gains= . It may also give a false sense of security.=C2=A0



    With all this said, I believe that the AS c= an lock down its configuration to reduce these attack vectors. A few initia= l ideas:

    1. Disable silent flows for SPAs using RT= rotation
    2. Use the sec-fetch headers to detect and reject non-s= ilent iframe-based flows

    For example, =C2=A0an OAu= th 2.0 flow in an iframe in Brave/Chrome carries these headers:
    <= div>
    sec-= fetch-dest: iframe
    sec-fetch-mode: navigate
    sec-fetch-s= ite: cross-site
    sec-fetch-user: ?1
    <= div>
    Philippe


    CONFIDENTIALITY NOTICE: This email m= ay contain confidential and privileged material for the sole use of the int= ended recipient(s). Any review, use, distribution or disclosure by others i= s strictly prohibited.=C2=A0 If you have received this communication in err= or, please notify the sender immediately by e-mail and delete the message a= nd any file attachments from your computer. Thank you.


    <= span style=3D"margin:0px;padding:0px;border:0px;outline:0px;vertical-align:= baseline;background:transparent;font-family:proxima-nova-zendesk,system-ui,= -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ub= untu,Cantarell,"Helvetica Neue",Arial,sans-serif;font-weight:600"= >CONFIDENTIALITY NOTICE: This email may contain confidenti= al and privileged material for the sole use of the intended recipient(s). A= ny review, use, distribution or disclosure by others is strictly prohibited= .=C2=A0 If you have received this communication in error, please notify the= sender immediately by e-mail and delete the message and any file attachmen= ts from your computer. Thank you. --0000000000000d519905b60ffffd-- From nobody Wed Dec 9 15:10:40 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 12F3D3A0045 for ; Wed, 9 Dec 2020 15:10:37 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.098 X-Spam-Level: X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_FONT_FACE_BAD=0.001, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=manicode.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xdYqoN9ry0RP for ; Wed, 9 Dec 2020 15:10:34 -0800 (PST) Received: from mail-pg1-x533.google.com (mail-pg1-x533.google.com [IPv6:2607:f8b0:4864:20::533]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4014C3A00C4 for ; Wed, 9 Dec 2020 15:10:34 -0800 (PST) Received: by mail-pg1-x533.google.com with SMTP id f17so2359093pge.6 for ; Wed, 09 Dec 2020 15:10:34 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=manicode.com; s=google; h=to:cc:references:from:subject:message-id:date:user-agent :mime-version:in-reply-to:content-language; bh=pClfwktwTRm/MspCS/D4lSyW5hYTTvS5SqcXwzIhGL4=; b=S8Y3Rm9QSDu7hJ9eASoDPr/YTtf3XZAzpKNi5E1Nj2KtxjHl7RpR89qGoBHif7jhzP rhE6F/IirYWsGKZBIOUAfwZlkjp2w2Aknpvb6pGckDPlDJxkgXeRIH5M0ImlMOsHVAXD 0ubdfZSXgv3QN/w1rQQhLMEj87VGnBjeOZCvqC9EMUYxorIOlF0mhOKLDEZ7ZP0ms6XH bWml7Bm+N/B8dLu8K8tGLOwWVaYKHXE5cQMVKIgRLqz44N8yyvJjSYOJ6co4O2b2QljZ v9/USL0j2Cinv0XsCyb/sMcqyowv6W47gfkASMAAsDgU7tlfYfPtY15hhHWoYDpmxa+f gPWQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:to:cc:references:from:subject:message-id:date :user-agent:mime-version:in-reply-to:content-language; bh=pClfwktwTRm/MspCS/D4lSyW5hYTTvS5SqcXwzIhGL4=; b=dyZKODnVXsrnM0NbcPAM98fNhZIdJQpe91jmlSIXbn4cZCcegHbYiSlr/GwTcxmAkj qEq2HIABovwN7O5et+gh4k40nT+/UeNjV3mBRLCGlDtUdze83QxzHsBdPKjjahkZ1NF7 LVaFMC+REXetYipzGzyrgSm2Zwhlq5JqVIAufgYKhAVyKYKGBP+ZHrl0hKPOKS3v5rAd JO3FXcVgbTAmVM9MAeec/88y0tRC0ri22YvMiooXZXFHenpMS3ShGZN0DfFkSG0tJ0gn UxecH9p7CWDdmdoGeGQQ/6tHF/5vbu5Ap2U5pGmv0w5dxKUfubB7zmGLs9wuuhUZExTk CMww== X-Gm-Message-State: AOAM533wuOIBrTU8EoBxT+4cTKsJ0hGLL1vR/bOaHGgIKRuqV4cbvR6M et81ggS8nWQUv4Ta7l/R5LLqg9DBOAZhIHar X-Google-Smtp-Source: ABdhPJz7P8Wc0z9vhJxqCaHXYOd8PaK/6I1l8Rz0UDod1CQmAmpjVhmLJnCTbVO2GWGNJIsNfhDG7Q== X-Received: by 2002:a17:90b:60b:: with SMTP id gb11mr4446386pjb.122.1607555432969; Wed, 09 Dec 2020 15:10:32 -0800 (PST) Received: from ?IPv6:2605:e000:112c:15:8c75:e68b:4f55:9f26? ([2605:e000:112c:15:8c75:e68b:4f55:9f26]) by smtp.googlemail.com with ESMTPSA id c133sm3636360pfb.8.2020.12.09.15.10.31 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 09 Dec 2020 15:10:31 -0800 (PST) To: Brian Campbell , Philippe De Ryck Cc: oauth References: <30D5F7BA-EA54-4E40-A2FC-222AA0C9AF8D@lodderstedt.net> <353E4494-2F80-44BC-9267-6FB8B37AA0FE@lodderstedt.net> <1B663AA7-563D-4D25-A408-9ED10FD818AC@forgerock.com> From: Jim Manico Message-ID: <6b389264-96c2-497b-d8f5-204cf430bec1@manicode.com> Date: Wed, 9 Dec 2020 13:10:29 -1000 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.16; rv:78.0) Gecko/20100101 Thunderbird/78.5.1 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/alternative; boundary="------------601966EE10C4B537DF60586D" Content-Language: en-US Archived-At: Subject: Re: [OAUTH-WG] DPoP followup I: freshness and coverage of signature X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Dec 2020 23:10:37 -0000 This is a multi-part message in MIME format. --------------601966EE10C4B537DF60586D Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: quoted-printable The basic theme from the web attacker community is: 1) XSS is a game over event to web clients. XSS can steal or abuse=20 (request forgery) tokens, and more. 2) Even if you prevent stolen tokens from being used outside of a web=20 client, XSS still allows the attacker to force a user to make any=20 request in a fraudulent way, abusing browser based tokens as a form of=20 request forgery. 3) There are advanced measures to stop a token from being stolen from a=20 web client, like a HTTPonly cookies and to a lesser degree, JS Closures=20 and Webworkers. 4) However, these measures to protect cookies are mostly moot. Attackers = can just force clients to make fraudulent requests. 5) Many recommend the BFF pattern to hide tokens on the back end, but=20 still, request forgery via XSS allows all kinds of abuse. XSS is game over no matter how you slice it. Crypto solutions do not help. Perhaps the world of OAuth can start=20 suggesting that web clients use CSP 3.0 in specific ways, if you still=20 plan to support Implicit type flows or tokens in browsers? Respectfully, - Jim On 12/9/20 12:57 PM, Brian Campbell wrote: > Thanks Philippe, I very much concur with your line of reasoning and=20 > the important considerations. The scenario I was thinking of is:=20 > browser based client where XSS is used to exfiltrate the refresh token = > along with pre-computed proofs that would allow for the RT to be=20 > exchanged for new access tokens and also pre-computed proofs that=20 > would work with those access tokens for resource access. With the=20 > pre-computed proofs that would allow prolonged (as long as the RT is=20 > valid) access to protected resources even when the victim is offline.=20 > Is that a concrete attack scenario? I mean, kind of. It's pretty=20 > convoluted/complex. And while an access token hash would reign it in=20 > somewhat (ATs obtained from the stolen RT wouldn't be usable) it's=20 > hard to say if the cost is worth the benefit. > > > > On Tue, Dec 8, 2020 at 11:47 PM Philippe De Ryck=20 > > wrote: > > Yeah, browser-based apps are pure fun, aren=E2=80=99t they? :) > > The reason I covered a couple of (pessimistic) XSS scenarios is > that the discussion started with an assumption that the attacker > already successfully exploited an XSS vulnerability. I pointed out > how, at that point, finetuning DPoP proof contents will have > little to no effect to stop an attack. I believe it is important > to make this very clear, to avoid people turning to DPoP as a > security mechanism for browser-based applications. > > > Specifically to your question on including the hash in the proof, > I think these considerations are important: > > 1. Does the inclusion of the AT hash stop a concrete attack scenari= o? > 2. Is the =E2=80=9Ccost=E2=80=9D (implementation, getting it right,= =E2=80=A6) worth the > benefits? > > > Here=E2=80=99s my view on these considerations (*/specifically for > browser-based apps, not for other types of applications/*): > > 1. The proof precomputation attack is already quite complex, and > short access token lifetimes already reduce the window of attack. > If the attacker can steal a future AT, they could also precompute > new proofs then. > 2. For browser-based apps, it seems that doing this complicates > the implementation, without adding much benefit. Of course, > libraries could handle this, which significantly reduces the cost. > > > Note that these comments are specifically to complicating the spec > and implementation. DPoP=E2=80=99s capabilities of using > sender-constrained access tokens are still useful to counter > various other scenarios (e.g., middleboxes or APIs abusing access > tokens). If other applications would significantly benefit from > having the hash in the proof, I=E2=80=99m all for it. > > On a final note, I would be happy to help clear up the details on > web-based threats and defenses if necessary. > > =E2=80=94 > *Pragmatic Web Security* > /Security for developers/ > https://pragmaticwebsecurity.com/ > > >> On 8 Dec 2020, at 22:47, Brian Campbell >> > >> wrote: >> >> Danial recently added some text to the working copy of the draft >> with https://github.com/danielfett/draft-dpop/commit/f4b42058 >> that I >> think aims to better convey the "nutshell: XSS =3D Game over" >> sentiment and maybe dissuade folks from looking to DPoP as a >> cure-all for browser based applications. Admittedly a lot of the >> initial impetus behind producing the draft in the first place was >> born out of discussions around browser based apps. But it's >> neither specific to browser based apps nor a panacea for them. I >> hope the language in the document and how it's recently been >> presented is reflective of that reality. >> >> The more specific discussions/recommendations around in-browser >> apps are valuable (if somewhat over my head) but might be more >> appropriate in the OAuth 2.0 for Browser-Based Apps >> >> draft. >> >> With respect to the contents of the DPoP draft, I am still keen >> to try and flush out some consensus around the question posed in >> the start of this thread, which is effectively whether or not to >> include a hash of the access token in the proof.=C2=A0 Acknowledgi= ng >> that "XSS =3D Game over" does sort of evoke a tendency to not even= >> bother with such incremental protections (what I've tried to >> humorously coin as "XSS Nihilism" with no success). And as such, >> I do think that leaving it how it is (no AT hash in the proof) is >> not unreasonable. But, as Filip previously articulated, including >> the AT hash in the proof would prevent potentially prolonged >> access to protected resources even when the victim is offline. >> And that seems maybe worthwhile to have in the protocol, given >> that it's not a huge change to the spec. But it's a trade-off >> either way and I'm personally on the fence about it. >> >> Including an RT hash in the proof seems more niche. Best I can >> tell, it would guard against prolonged offline access to >> protected resources when access tokens are bearer and the RT was >> DPoP-bound and also gets rotated. The trade-off there seems less >> worth it (I think an RT hash would be more awkward in the >> protocol too). >> >> >> >> >> >> >> >> On Fri, Dec 4, 2020 at 5:40 AM Philippe De Ryck >> > > wrote: >> >> >>> The suggestion to use a web worker to ensure that proofs >>> cannot be pre-computed is a good one I think. (You could >>> also use a sandboxed iframe for a separate >>> sub/sibling-domain - dpop.example.com >>> ). >> >> An iframe with a different origin would also work (not really >> sandboxing, as that implies the use of the sandbox attribute >> to enforce behavioral restrictions). The downside of an >> iframe is the need to host additional HTML, vs a script file >> for the worker, but the effect is indeed the same. >> >>> For scenario 4, I think this only works if the attacker can >>> trick/spoof the AS into using their redirect_uri? Otherwise >>> the AC will go to the legitimate app which will reject it >>> due to mismatched state/PKCE. Or are you thinking of XSS on >>> the redirect_uri itself? I think probably a good practice is >>> that the target of a redirect_uri should be a very minimal >>> and locked down page to avoid this kind of possibility. >>> (Again, using a separate sub-domain to handle tokens and >>> DPoP seems like a good idea). >> >> My original thought was to use a silent flow with Web >> Messaging. The scenario would go as follows: >> >> 1. Setup a Web Messaging listener to receive the incoming code= >> 2. Create a hidden iframe with the DOM APIs >> 3. Create an authorization request such as >> =E2=80=9C//authorize?response_type=3Dcode&client_id=3D...&redi= rect_uri=3Dhttps%3A%2F%example.com >> &state=3D...&code_challenge=3D7-ffnU1EzHt= MfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256&prompt=3Dno= ne&response_mode=3Dweb_message/=E2=80=9D >> 4. Load this URL in the iframe, and wait for the result >> 5. Retrieve code in the listener, and use PKCE (+ DPoP if >> needed) to exchange it for tokens >> >> This puts the attacker in full control over every aspect of >> the flow, so no need to manipulate any of the parameters. >> >> >> After your comment, I also believe an attacker can run the >> same scenario without the =E2=80=9C/response_mode=3Dweb_messag= e/=E2=80=9D. This >> would go as follows: >> >> 1. Create a hidden iframe with the DOM APIs >> 2. Setup polling to read the URL (this will be possible for >> same-origin pages, not for cross-origin pages) >> 3. Create an authorization request such as >> =E2=80=9C//authorize?response_type=3Dcode&client_id=3D...&redi= rect_uri=3Dhttps%3A%2F%example.com >> &state=3D...&code_challenge=3D7-ffnU1EzHt= MfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256/=E2=80=9D >> 4. Load this URL in the iframe, and keep polling >> 5. Detect the redirect back to the application with the code >> in the URL, retrieve code, and use PKCE (+ DPoP if needed) to >> exchange it for tokens >> >> In step 5, the application is likely to also try to exchange >> the code. This will fail due to a mismatching PKCE verifier. >> While noisy, I don=E2=80=99t think it affects the scenario. >> >> >>> IMO, the online attack scenario (i.e., proxying malicious >>> requests through the victim=E2=80=99s browser) is quite appea= ling to >>> an attacker, despite the apparent inconvenience: >>> >>> =C2=A0- the victim=E2=80=99s browser may be inside a corporat= e firewall >>> or VPN, allowing the attacker to effectively bypass these >>> restrictions >>> =C2=A0- the attacker=E2=80=99s traffic is mixed in with the u= ser=E2=80=99s own >>> requests, making them harder to distinguish or to block >>> >>> Overall, DPoP can only protect against XSS to the same level >>> as HttpOnly cookies. This is not nothing, but it means it >>> only prevents relatively naive attacks. Given the >>> association of public key signatures with strong >>> authentication, people may have overinflated expectations if >>> DPoP is pitched as an XSS defence. >> >> Yes, in the cookie world this is known as =E2=80=9CSession Rid= ing=E2=80=9D. >> Having the worker for token isolation would make it possible >> to enforce a coarse-grained policy on outgoing requests to >> prevent total abuse of the AT. >> >> My main concern here is the effort of doing DPoP in a browser >> versus the limited gains. It may also give a false sense of >> security. >> >> >> >> With all this said, I believe that the AS can lock down its >> configuration to reduce these attack vectors. A few initial >> ideas: >> >> 1. Disable silent flows for SPAs using RT rotation >> 2. Use the sec-fetch headers to detect and reject non-silent >> iframe-based flows >> >> For example, =C2=A0an OAuth 2.0 flow in an iframe in Brave/Chr= ome >> carries these headers: >> / >> sec-fetch-dest: iframe >> sec-fetch-mode: navigate >> sec-fetch-site: cross-site >> sec-fetch-user: ?1 >> / >> >> >> Philippe >> >> >> /CONFIDENTIALITY NOTICE: This email may contain confidential and >> privileged material for the sole use of the intended >> recipient(s). Any review, use, distribution or disclosure by >> others is strictly prohibited.=C2=A0 If you have received this >> communication in error, please notify the sender immediately by >> e-mail and delete the message and any file attachments from your >> computer. Thank you./ > > > /CONFIDENTIALITY NOTICE: This email may contain confidential and=20 > privileged material for the sole use of the intended recipient(s). Any = > review, use, distribution or disclosure by others is strictly=20 > prohibited.=C2=A0 If you have received this communication in error, ple= ase=20 > notify the sender immediately by e-mail and delete the message and any = > file attachments from your computer. Thank you./ > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth --=20 Jim Manico Manicode Security https://www.manicode.com --------------601966EE10C4B537DF60586D Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 8bit

    The basic theme from the web attacker community is:

    1) XSS is a game over event to web clients. XSS can steal or abuse (request forgery) tokens, and more.

    2) Even if you prevent stolen tokens from being used outside of a web client, XSS still allows the attacker to force a user to make any request in a fraudulent way, abusing browser based tokens as a form of request forgery.

    3) There are advanced measures to stop a token from being stolen from a web client, like a HTTPonly cookies and to a lesser degree, JS Closures and Webworkers.

    4) However, these measures to protect cookies are mostly moot. Attackers can just force clients to make fraudulent requests.

    5) Many recommend the BFF pattern to hide tokens on the back end, but still, request forgery via XSS allows all kinds of abuse.

    XSS is game over no matter how you slice it.

    Crypto solutions do not help. Perhaps the world of OAuth can start suggesting that web clients use CSP 3.0 in specific ways, if you still plan to support Implicit type flows or tokens in browsers?

    Respectfully,

    - Jim


    On 12/9/20 12:57 PM, Brian Campbell wrote:
    Thanks Philippe, I very much concur with your line of reasoning and the important considerations. The scenario I was thinking of is: browser based client where XSS is used to exfiltrate the refresh token along with pre-computed proofs that would allow for the RT to be exchanged for new access tokens and also pre-computed proofs that would work with those access tokens for resource access. With the pre-computed proofs that would allow prolonged (as long as the RT is valid) access to protected resources even when the victim is offline. Is that a concrete attack scenario? I mean, kind of. It's pretty convoluted/complex. And while an access token hash would reign it in somewhat (ATs obtained from the stolen RT wouldn't be usable) it's hard to say if the cost is worth the benefit.



    On Tue, Dec 8, 2020 at 11:47 PM Philippe De Ryck <philippe@pragmaticwebsecurity.com> wrote:
    Yeah, browser-based apps are pure fun, aren’t they? :)

    The reason I covered a couple of (pessimistic) XSS scenarios is that the discussion started with an assumption that the attacker already successfully exploited an XSS vulnerability. I pointed out how, at that point, finetuning DPoP proof contents will have little to no effect to stop an attack. I believe it is important to make this very clear, to avoid people turning to DPoP as a security mechanism for browser-based applications.


    Specifically to your question on including the hash in the proof, I think these considerations are important:

    1. Does the inclusion of the AT hash stop a concrete attack scenario?
    2. Is the “cost” (implementation, getting it right, …) worth the benefits?


    Here’s my view on these considerations (specifically for browser-based apps, not for other types of applications):

    1. The proof precomputation attack is already quite complex, and short access token lifetimes already reduce the window of attack. If the attacker can steal a future AT, they could also precompute new proofs then. 
    2. For browser-based apps, it seems that doing this complicates the implementation, without adding much benefit. Of course, libraries could handle this, which significantly reduces the cost. 


    Note that these comments are specifically to complicating the spec and implementation. DPoP’s capabilities of using sender-constrained access tokens are still useful to counter various other scenarios (e.g., middleboxes or APIs abusing access tokens). If other applications would significantly benefit from having the hash in the proof, I’m all for it.

    On a final note, I would be happy to help clear up the details on web-based threats and defenses if necessary.


    Pragmatic Web Security
    Security for developers
    https://pragmaticwebsecurity.com/


    On 8 Dec 2020, at 22:47, Brian Campbell <bcampbell@pingidentity.com> wrote:

    Danial recently added some text to the working copy of the draft with https://github.com/danielfett/draft-dpop/commit/f4b42058 that I think aims to better convey the "nutshell: XSS = Game over" sentiment and maybe dissuade folks from looking to DPoP as a cure-all for browser based applications. Admittedly a lot of the initial impetus behind producing the draft in the first place was born out of discussions around browser based apps. But it's neither specific to browser based apps nor a panacea for them. I hope the language in the document and how it's recently been presented is reflective of that reality.

    The more specific discussions/recommendations around in-browser apps are valuable (if somewhat over my head) but might be more appropriate in the OAuth 2.0 for Browser-Based Apps draft.

    With respect to the contents of the DPoP draft, I am still keen to try and flush out some consensus around the question posed in the start of this thread, which is effectively whether or not to include a hash of the access token in the proof.  Acknowledging that "XSS = Game over" does sort of evoke a tendency to not even bother with such incremental protections (what I've tried to humorously coin as "XSS Nihilism" with no success). And as such, I do think that leaving it how it is (no AT hash in the proof) is not unreasonable. But, as Filip previously articulated, including the AT hash in the proof would prevent potentially prolonged access to protected resources even when the victim is offline. And that seems maybe worthwhile to have in the protocol, given that it's not a huge change to the spec. But it's a trade-off either way and I'm personally on the fence about it.

    Including an RT hash in the proof seems more niche. Best I can tell, it would guard against prolonged offline access to protected resources when access tokens are bearer and the RT was DPoP-bound and also gets rotated. The trade-off there seems less worth it (I think an RT hash would be more awkward in the protocol too).







    On Fri, Dec 4, 2020 at 5:40 AM Philippe De Ryck <philippe@pragmaticwebsecurity.com> wrote:

    The suggestion to use a web worker to ensure that proofs cannot be pre-computed is a good one I think. (You could also use a sandboxed iframe for a separate sub/sibling-domain - dpop.example.com).

    An iframe with a different origin would also work (not really sandboxing, as that implies the use of the sandbox attribute to enforce behavioral restrictions). The downside of an iframe is the need to host additional HTML, vs a script file for the worker, but the effect is indeed the same.

    For scenario 4, I think this only works if the attacker can trick/spoof the AS into using their redirect_uri? Otherwise the AC will go to the legitimate app which will reject it due to mismatched state/PKCE. Or are you thinking of XSS on the redirect_uri itself? I think probably a good practice is that the target of a redirect_uri should be a very minimal and locked down page to avoid this kind of possibility. (Again, using a separate sub-domain to handle tokens and DPoP seems like a good idea).

    My original thought was to use a silent flow with Web Messaging. The scenario would go as follows:

    1. Setup a Web Messaging listener to receive the incoming code
    2. Create a hidden iframe with the DOM APIs
    3. Create an authorization request such as “/authorize?response_type=code&client_id=...&redirect_uri=https%3A%2F%example.com&state=...&code_challenge=7-ffnU1EzHtMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_challenge_method=S256&prompt=none&response_mode=web_message
    4. Load this URL in the iframe, and wait for the result
    5. Retrieve code in the listener, and use PKCE (+ DPoP if needed) to exchange it for tokens

    This puts the attacker in full control over every aspect of the flow, so no need to manipulate any of the parameters.


    After your comment, I also believe an attacker can run the same scenario without the “response_mode=web_message”. This would go as follows:

    1. Create a hidden iframe with the DOM APIs
    2. Setup polling to read the URL (this will be possible for same-origin pages, not for cross-origin pages)
    3. Create an authorization request such as “/authorize?response_type=code&client_id=...&redirect_uri=https%3A%2F%example.com&state=...&code_challenge=7-ffnU1EzHtMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_challenge_method=S256
    4. Load this URL in the iframe, and keep polling
    5. Detect the redirect back to the application with the code in the URL, retrieve code, and use PKCE (+ DPoP if needed) to exchange it for tokens

    In step 5, the application is likely to also try to exchange the code. This will fail due to a mismatching PKCE verifier. While noisy, I don’t think it affects the scenario. 


    IMO, the online attack scenario (i.e., proxying malicious requests through the victim’s browser) is quite appealing to an attacker, despite the apparent inconvenience:

     - the victim’s browser may be inside a corporate firewall or VPN, allowing the attacker to effectively bypass these restrictions
     - the attacker’s traffic is mixed in with the user’s own requests, making them harder to distinguish or to block

    Overall, DPoP can only protect against XSS to the same level as HttpOnly cookies. This is not nothing, but it means it only prevents relatively naive attacks. Given the association of public key signatures with strong authentication, people may have overinflated expectations if DPoP is pitched as an XSS defence.

    Yes, in the cookie world this is known as “Session Riding”. Having the worker for token isolation would make it possible to enforce a coarse-grained policy on outgoing requests to prevent total abuse of the AT.

    My main concern here is the effort of doing DPoP in a browser versus the limited gains. It may also give a false sense of security. 



    With all this said, I believe that the AS can lock down its configuration to reduce these attack vectors. A few initial ideas:

    1. Disable silent flows for SPAs using RT rotation
    2. Use the sec-fetch headers to detect and reject non-silent iframe-based flows

    For example,  an OAuth 2.0 flow in an iframe in Brave/Chrome carries these headers:
    sec-fetch-dest: iframe
    sec-fetch-mode: navigate
    sec-fetch-site: cross-site
    sec-fetch-user: ?1


    Philippe


    CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.


    CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you. 
    _______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

    -- 
Jim Manico
Manicode Security
https://www.manicode.com
    --------------601966EE10C4B537DF60586D-- From nobody Fri Dec 11 01:14:32 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5E15C3A03FB for ; Fri, 11 Dec 2020 01:14:30 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.118 X-Spam-Level: X-Spam-Status: No, score=-2.118 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_FONT_FACE_BAD=0.001, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=pragmaticwebsecurity.com header.b=on7aQauP; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=QQM5x+Fn Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id h3tX8P_sCVgS for ; Fri, 11 Dec 2020 01:14:27 -0800 (PST) Received: from out4-smtp.messagingengine.com (out4-smtp.messagingengine.com [66.111.4.28]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8A5323A03FA for ; Fri, 11 Dec 2020 01:14:27 -0800 (PST) Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.nyi.internal (Postfix) with ESMTP id CC4E05C017C; Fri, 11 Dec 2020 04:14:26 -0500 (EST) Received: from mailfrontend2 ([10.202.2.163]) by compute3.internal (MEProxy); Fri, 11 Dec 2020 04:14:26 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= pragmaticwebsecurity.com; h=from:message-id:content-type :mime-version:subject:date:in-reply-to:cc:to:references; s=fm2; bh=tjgI9tHL3x9tHhnwoYiNywLvW7aUuXdqTdpROTJVRIk=; b=on7aQauPn8+U SU8N4wEO1Ldv1REO6naNaMvUIv5QJTDDlPVHfZdvcsHp4y+bkTxGycHCeAR+E5JP /YwoHdx4a7NahYWRxmkRd580chQiewGCiSrk6yVkfFV7rhupjeJXk7A34ak68DkS Jonksu9cEtsSOWPc9q8zvzCJsmqJw1V4Vs5bWuWZMsSagPwZWIxjDOob8JseHuWG 0CCk+24YsmCbw9bXOoRgGqysbEi5LlaMBV+9z66qAZYTvCWWX7vKArQraAVrX2WN TF1VR9r4GHur/RRk56EW3zVlLLNW7db2NVFnrhTMbze+0vGbKNM6itCodnftJi/T JTkz7ntDqA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=tjgI9t HL3x9tHhnwoYiNywLvW7aUuXdqTdpROTJVRIk=; b=QQM5x+Fns05wOL2SlFBS23 Q4NdwWScbyXwQEply6Bb7IB6MmXOCYouR1xCeyJFBSw6IJMlI+wT6eVx4zKFK1FL QDvUJNPLu4iexag+/v5q+IvO9m+bF62SbW+hwwzfSc1kaOXvJut4p2MmMSZYdt8b Jzex6pZBCYObK4203limfVgZSg3WeuaGB6pMzQBLkizufnvmUtB2hz6D8osBvMxZ sgGTWWeCw3v0q1iGmMVyTOYBmNDvFHiqWrwNgeRD4wkORV/QIVF2xOIAbGRda69j yTJGM2IDaYv9M7ShXTcgM2QN/vJfMvgbd+fN6SEqZScsS+Ru2h3KRmG0i+yS3NXQ == X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedujedrudekvdcutefuodetggdotefrodftvfcurf hrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecuuegr ihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenucfjug hrpefhkfgtggfuffgjvfhfofesrgdtmherhhdtjeenucfhrhhomheprfhhihhlihhpphgv ucffvgcutfihtghkuceophhhihhlihhpphgvsehprhgrghhmrghtihgtfigvsghsvggtuh hrihhthidrtghomheqnecuggftrfgrthhtvghrnhephedvudetuefgtefhieegueelhfek gedutddvffeiueelgfelledvudffffffleejnecuffhomhgrihhnpehprhgrghhmrghtih gtfigvsghsvggtuhhrihhthidrtghomhdpghhithhhuhgsrdgtohhmpdhivghtfhdrohhr ghdpvgigrghmphhlvgdrtghomhdpvgigrghmphhlvgdrtghomhdrrghnpdhhthhtphhsfe grvdhfvgigrghmphhlvgdrtghomhenucfkphepkedurdduieegrdduvdelrdelheenucev lhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehphhhilhhiph hpvgesphhrrghgmhgrthhitgifvggsshgvtghurhhithihrdgtohhm X-ME-Proxy: Received: from [192.168.1.47] (d51a4815f.access.telenet.be [81.164.129.95]) by mail.messagingengine.com (Postfix) with ESMTPA id 7A4F61080069; Fri, 11 Dec 2020 04:14:25 -0500 (EST) From: Philippe De Ryck Message-Id: Content-Type: multipart/alternative; boundary="Apple-Mail=_AF7CE05C-9FBF-45BD-92A1-2F819A92F65D" Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.4\)) Date: Fri, 11 Dec 2020 10:14:23 +0100 In-Reply-To: Cc: Neil Madden , Torsten Lodderstedt , oauth To: Brian Campbell References: <30D5F7BA-EA54-4E40-A2FC-222AA0C9AF8D@lodderstedt.net> <353E4494-2F80-44BC-9267-6FB8B37AA0FE@lodderstedt.net> <1B663AA7-563D-4D25-A408-9ED10FD818AC@forgerock.com> X-Mailer: Apple Mail (2.3608.120.23.2.4) Archived-At: Subject: Re: [OAUTH-WG] DPoP followup I: freshness and coverage of signature X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Dec 2020 09:14:30 -0000 --Apple-Mail=_AF7CE05C-9FBF-45BD-92A1-2F819A92F65D Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 The scenario you describe here is realistic in browser-based apps with = XSS vulnerabilities, but it is pretty complex. Since there are worse = problems when XSS happens, it=E2=80=99s hard to say whether DPoP should = mitigate this.=20 I=E2=80=99m wondering what other types of clients would benefit from = using DPoP for access tokens? Mobile apps? Clients using a Client = Credentials grant? How are they impacted by any change made specifically for browser-based = applications? Philippe > On 9 Dec 2020, at 23:57, Brian Campbell = wrote: >=20 > Thanks Philippe, I very much concur with your line of reasoning and = the important considerations. The scenario I was thinking of is: browser = based client where XSS is used to exfiltrate the refresh token along = with pre-computed proofs that would allow for the RT to be exchanged for = new access tokens and also pre-computed proofs that would work with = those access tokens for resource access. With the pre-computed proofs = that would allow prolonged (as long as the RT is valid) access to = protected resources even when the victim is offline. Is that a concrete = attack scenario? I mean, kind of. It's pretty convoluted/complex. And = while an access token hash would reign it in somewhat (ATs obtained from = the stolen RT wouldn't be usable) it's hard to say if the cost is worth = the benefit. >=20 >=20 >=20 > On Tue, Dec 8, 2020 at 11:47 PM Philippe De Ryck = > wrote: > Yeah, browser-based apps are pure fun, aren=E2=80=99t they? :) >=20 > The reason I covered a couple of (pessimistic) XSS scenarios is that = the discussion started with an assumption that the attacker already = successfully exploited an XSS vulnerability. I pointed out how, at that = point, finetuning DPoP proof contents will have little to no effect to = stop an attack. I believe it is important to make this very clear, to = avoid people turning to DPoP as a security mechanism for browser-based = applications. >=20 >=20 > Specifically to your question on including the hash in the proof, I = think these considerations are important: >=20 > 1. Does the inclusion of the AT hash stop a concrete attack scenario? > 2. Is the =E2=80=9Ccost=E2=80=9D (implementation, getting it right, = =E2=80=A6) worth the benefits? >=20 >=20 > Here=E2=80=99s my view on these considerations (specifically for = browser-based apps, not for other types of applications): >=20 > 1. The proof precomputation attack is already quite complex, and short = access token lifetimes already reduce the window of attack. If the = attacker can steal a future AT, they could also precompute new proofs = then.=20 > 2. For browser-based apps, it seems that doing this complicates the = implementation, without adding much benefit. Of course, libraries could = handle this, which significantly reduces the cost.=20 >=20 >=20 > Note that these comments are specifically to complicating the spec and = implementation. DPoP=E2=80=99s capabilities of using sender-constrained = access tokens are still useful to counter various other scenarios (e.g., = middleboxes or APIs abusing access tokens). If other applications would = significantly benefit from having the hash in the proof, I=E2=80=99m all = for it. >=20 > On a final note, I would be happy to help clear up the details on = web-based threats and defenses if necessary. >=20 > =E2=80=94 > Pragmatic Web Security > Security for developers > https://pragmaticwebsecurity.com/ >=20 >=20 >> On 8 Dec 2020, at 22:47, Brian Campbell > wrote: >>=20 >> Danial recently added some text to the working copy of the draft with = https://github.com/danielfett/draft-dpop/commit/f4b42058 = that I think = aims to better convey the "nutshell: XSS =3D Game over" sentiment and = maybe dissuade folks from looking to DPoP as a cure-all for browser = based applications. Admittedly a lot of the initial impetus behind = producing the draft in the first place was born out of discussions = around browser based apps. But it's neither specific to browser based = apps nor a panacea for them. I hope the language in the document and how = it's recently been presented is reflective of that reality.=20 >>=20 >> The more specific discussions/recommendations around in-browser apps = are valuable (if somewhat over my head) but might be more appropriate in = the OAuth 2.0 for Browser-Based Apps = = draft. >>=20 >> With respect to the contents of the DPoP draft, I am still keen to = try and flush out some consensus around the question posed in the start = of this thread, which is effectively whether or not to include a hash of = the access token in the proof. Acknowledging that "XSS =3D Game over" = does sort of evoke a tendency to not even bother with such incremental = protections (what I've tried to humorously coin as "XSS Nihilism" with = no success). And as such, I do think that leaving it how it is (no AT = hash in the proof) is not unreasonable. But, as Filip previously = articulated, including the AT hash in the proof would prevent = potentially prolonged access to protected resources even when the victim = is offline. And that seems maybe worthwhile to have in the protocol, = given that it's not a huge change to the spec. But it's a trade-off = either way and I'm personally on the fence about it. >>=20 >> Including an RT hash in the proof seems more niche. Best I can tell, = it would guard against prolonged offline access to protected resources = when access tokens are bearer and the RT was DPoP-bound and also gets = rotated. The trade-off there seems less worth it (I think an RT hash = would be more awkward in the protocol too).=20 >>=20 >>=20 >>=20 >>=20 >>=20 >>=20 >>=20 >> On Fri, Dec 4, 2020 at 5:40 AM Philippe De Ryck = > wrote: >>=20 >>> The suggestion to use a web worker to ensure that proofs cannot be = pre-computed is a good one I think. (You could also use a sandboxed = iframe for a separate sub/sibling-domain - dpop.example.com = ). >>=20 >> An iframe with a different origin would also work (not really = sandboxing, as that implies the use of the sandbox attribute to enforce = behavioral restrictions). The downside of an iframe is the need to host = additional HTML, vs a script file for the worker, but the effect is = indeed the same. >>=20 >>> For scenario 4, I think this only works if the attacker can = trick/spoof the AS into using their redirect_uri? Otherwise the AC will = go to the legitimate app which will reject it due to mismatched = state/PKCE. Or are you thinking of XSS on the redirect_uri itself? I = think probably a good practice is that the target of a redirect_uri = should be a very minimal and locked down page to avoid this kind of = possibility. (Again, using a separate sub-domain to handle tokens and = DPoP seems like a good idea). >>=20 >> My original thought was to use a silent flow with Web Messaging. The = scenario would go as follows: >>=20 >> 1. Setup a Web Messaging listener to receive the incoming code >> 2. Create a hidden iframe with the DOM APIs >> 3. Create an authorization request such as = =E2=80=9C/authorize?response_type=3Dcode&client_id=3D...&redirect_uri=3Dht= tps%3A%2F%example.com = &state=3D...&code_challenge=3D7-ffnU1EzHtMfxOAdlkp_Wi= xnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256&prompt=3Dnone&response_m= ode=3Dweb_message=E2=80=9D >> 4. Load this URL in the iframe, and wait for the result >> 5. Retrieve code in the listener, and use PKCE (+ DPoP if needed) to = exchange it for tokens >>=20 >> This puts the attacker in full control over every aspect of the flow, = so no need to manipulate any of the parameters. >>=20 >>=20 >> After your comment, I also believe an attacker can run the same = scenario without the =E2=80=9Cresponse_mode=3Dweb_message=E2=80=9D. This = would go as follows: >>=20 >> 1. Create a hidden iframe with the DOM APIs >> 2. Setup polling to read the URL (this will be possible for = same-origin pages, not for cross-origin pages) >> 3. Create an authorization request such as = =E2=80=9C/authorize?response_type=3Dcode&client_id=3D...&redirect_uri=3Dht= tps%3A%2F%example.com = &state=3D...&code_challenge=3D7-ffnU1EzHtMfxOAdlkp_Wi= xnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256=E2=80=9D >> 4. Load this URL in the iframe, and keep polling >> 5. Detect the redirect back to the application with the code in the = URL, retrieve code, and use PKCE (+ DPoP if needed) to exchange it for = tokens >>=20 >> In step 5, the application is likely to also try to exchange the = code. This will fail due to a mismatching PKCE verifier. While noisy, I = don=E2=80=99t think it affects the scenario.=20 >>=20 >>=20 >>> IMO, the online attack scenario (i.e., proxying malicious requests = through the victim=E2=80=99s browser) is quite appealing to an attacker, = despite the apparent inconvenience: >>>=20 >>> - the victim=E2=80=99s browser may be inside a corporate firewall = or VPN, allowing the attacker to effectively bypass these restrictions >>> - the attacker=E2=80=99s traffic is mixed in with the user=E2=80=99s = own requests, making them harder to distinguish or to block >>>=20 >>> Overall, DPoP can only protect against XSS to the same level as = HttpOnly cookies. This is not nothing, but it means it only prevents = relatively naive attacks. Given the association of public key signatures = with strong authentication, people may have overinflated expectations if = DPoP is pitched as an XSS defence. >>=20 >> Yes, in the cookie world this is known as =E2=80=9CSession Riding=E2=80= =9D. Having the worker for token isolation would make it possible to = enforce a coarse-grained policy on outgoing requests to prevent total = abuse of the AT. >>=20 >> My main concern here is the effort of doing DPoP in a browser versus = the limited gains. It may also give a false sense of security.=20 >>=20 >>=20 >>=20 >> With all this said, I believe that the AS can lock down its = configuration to reduce these attack vectors. A few initial ideas: >>=20 >> 1. Disable silent flows for SPAs using RT rotation >> 2. Use the sec-fetch headers to detect and reject non-silent = iframe-based flows >>=20 >> For example, an OAuth 2.0 flow in an iframe in Brave/Chrome carries = these headers: >> sec-fetch-dest: iframe >> sec-fetch-mode: navigate >> sec-fetch-site: cross-site >> sec-fetch-user: ?1 >>=20 >>=20 >> Philippe >>=20 >>=20 >> CONFIDENTIALITY NOTICE: This email may contain confidential and = privileged material for the sole use of the intended recipient(s). Any = review, use, distribution or disclosure by others is strictly = prohibited. If you have received this communication in error, please = notify the sender immediately by e-mail and delete the message and any = file attachments from your computer. Thank you. >=20 >=20 > CONFIDENTIALITY NOTICE: This email may contain confidential and = privileged material for the sole use of the intended recipient(s). Any = review, use, distribution or disclosure by others is strictly = prohibited. If you have received this communication in error, please = notify the sender immediately by e-mail and delete the message and any = file attachments from your computer. Thank you. --Apple-Mail=_AF7CE05C-9FBF-45BD-92A1-2F819A92F65D Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8 The = scenario you describe here is realistic in browser-based apps with XSS = vulnerabilities, but it is pretty complex. Since there are worse = problems when XSS happens, it=E2=80=99s hard to say whether DPoP should = mitigate this. 

    I=E2=80=99m wondering what other types of clients would = benefit from using DPoP for access tokens? Mobile apps? Clients using a = Client Credentials grant?

    How are they impacted by any change made specifically for = browser-based applications?

    Philippe


    On 9 Dec 2020, at 23:57, Brian Campbell <bcampbell@pingidentity.com> wrote:

    Thanks Philippe, I = very much concur with your line of reasoning and the important = considerations. The scenario I was thinking of is: browser based client = where XSS is used to exfiltrate the refresh token along with = pre-computed proofs that would allow for the RT to be exchanged for new = access tokens and also pre-computed proofs that would work with those = access tokens for resource access. With the pre-computed proofs that = would allow prolonged (as long as the RT is valid) access to protected = resources even when the victim is offline. Is that a concrete attack = scenario? I mean, kind of. It's pretty convoluted/complex. And while an = access token hash would reign it in somewhat (ATs obtained from the = stolen RT wouldn't be usable) it's hard to say if the cost is worth the = benefit.



    On Tue, Dec 8, 2020 at 11:47 PM = Philippe De Ryck <philippe@pragmaticwebsecurity.com> wrote:
    Yeah, browser-based apps are pure fun, aren=E2=80=99= t they? :)

    The = reason I covered a couple of (pessimistic) XSS scenarios is that the = discussion started with an assumption that the attacker already = successfully exploited an XSS vulnerability. I pointed out how, at that = point, finetuning DPoP proof contents will have little to no effect to = stop an attack. I believe it is important to make this very clear, to = avoid people turning to DPoP as a security mechanism for browser-based = applications.


    Specifically to your = question on including the hash in the proof, I think these = considerations are important:

    1. Does the inclusion of the AT hash = stop a concrete attack scenario?
    2. Is the = =E2=80=9Ccost=E2=80=9D (implementation, getting it right, =E2=80=A6) = worth the benefits?


    Here=E2=80=99s my view = on these considerations (specifically for = browser-based apps, not for other types of = applications):

    1. The proof precomputation attack is already quite complex, = and short access token lifetimes already reduce the window of attack. If = the attacker can steal a future AT, they could also precompute new = proofs then. 
    2. For browser-based apps, it = seems that doing this complicates the implementation, without adding = much benefit. Of course, libraries could handle this, which = significantly reduces the cost. 


    Note= that these comments are specifically to complicating the spec and = implementation. DPoP=E2=80=99s capabilities of using sender-constrained = access tokens are still useful to counter various other scenarios (e.g., = middleboxes or APIs abusing access tokens). If other applications would = significantly benefit from having the hash in the proof, I=E2=80=99m all = for it.

    On a = final note, I would be happy to help clear up the details on web-based = threats and defenses if necessary.

    =E2=80=94Pragmatic Web Security
    Security for developers
    https://pragmaticwebsecurity.com/


    On 8 Dec 2020, at 22:47, Brian Campbell <bcampbell@pingidentity.com> wrote:

    Danial recently added some text to the working copy of the = draft with https://github.com/danielfett/draft-dpop/commit/f4b42058 = that I think aims to better convey the "nutshell: XSS =3D Game over" = sentiment and maybe dissuade folks from looking to DPoP as a cure-all = for browser based applications. Admittedly a lot of the initial impetus = behind producing the draft in the first place was born out of = discussions around browser based apps. But it's neither specific to = browser based apps nor a panacea for them. I hope the language in the = document and how it's recently been presented is reflective of that = reality.

    The more specific discussions/recommendations around = in-browser apps are valuable (if somewhat over my head) but might be = more appropriate in the OAuth 2.0 for Browser-Based Apps = draft.

    With = respect to the contents of the DPoP draft, I am still keen to try and = flush out some consensus around the question posed in the start of this = thread, which is effectively whether or not to include a hash of the = access token in the proof.  Acknowledging that "XSS =3D Game over" = does sort of evoke a tendency to not even bother with such incremental = protections (what I've tried to humorously coin as "XSS Nihilism" with = no success). And as such, I do think that leaving it how it is (no AT = hash in the proof) is not unreasonable. But, as Filip previously = articulated, including the AT hash in the proof would prevent = potentially prolonged access to protected resources even when the = victim is offline. And that seems maybe worthwhile to have in the = protocol, given that it's not a huge change to the spec. But it's a = trade-off either way and I'm personally on the fence about it.

    Including an RT hash in = the proof seems more niche. Best I can tell, it would guard against = prolonged offline access to protected resources when access tokens are = bearer and the RT was DPoP-bound and also gets rotated. The trade-off = there seems less worth it (I think an RT hash would be more awkward in = the protocol too).







    On Fri, Dec = 4, 2020 at 5:40 AM Philippe De Ryck <philippe@pragmaticwebsecurity.com> wrote:

    The = suggestion to use a web worker to ensure that proofs cannot be = pre-computed is a good one I think. (You could also use a sandboxed = iframe for a separate sub/sibling-domain - dpop.example.com).

    An iframe with a = different origin would also work (not really sandboxing, as that implies = the use of the sandbox attribute to enforce behavioral restrictions). = The downside of an iframe is the need to host additional HTML, vs a = script file for the worker, but the effect is indeed the same.

    For scenario 4, I think this = only works if the attacker can trick/spoof the AS into using their = redirect_uri? Otherwise the AC will go to the legitimate app which will = reject it due to mismatched state/PKCE. Or are you thinking of XSS on = the redirect_uri itself? I think probably a good practice is that the = target of a redirect_uri should be a very minimal and locked down page = to avoid this kind of possibility. (Again, using a separate sub-domain = to handle tokens and DPoP seems like a good = idea).

    My original thought was to use a silent = flow with Web Messaging. The scenario would go as follows:

    1. Setup a Web Messaging = listener to receive the incoming code
    2. Create a = hidden iframe with the DOM APIs
    3. Create an = authorization request such as =E2=80=9C/authorize?response_type=3Dcode&client_id=3D...&redirec= t_uri=3Dhttps%3A%2F%example.com&state=3D...&code_challenge=3D7-ffnU1EzH= tMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256&pro= mpt=3Dnone&response_mode=3Dweb_message=E2=80=9D
    4. Load this URL in the iframe, and wait for the = result
    5. Retrieve code in the listener, and use = PKCE (+ DPoP if needed) to exchange it for tokens
    This puts the attacker in full control = over every aspect of the flow, so no need to manipulate any of the = parameters.


    After your comment, I also believe an = attacker can run the same scenario without the =E2=80=9Cresponse_mode=3Dweb_message=E2=80=9D. This would go as = follows:

    1. Create a hidden iframe with the DOM APIs
    2. Setup polling to read the URL (this will be possible for = same-origin pages, not for cross-origin pages)
    3. = Create an authorization request such as =E2=80=9C/authorize?response_type=3Dcode&client_id=3D...&redirec= t_uri=3Dhttps%3A%2F%example.com&state=3D...&code_challenge=3D7-ffnU1EzH= tMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256=E2=80= =9D
    4. Load this URL in the iframe, and keep = polling
    5. Detect the redirect back to the = application with the code in the URL, retrieve code, and use PKCE (+ = DPoP if needed) to exchange it for tokens

    In step 5, the application is likely to = also try to exchange the code. This will fail due to a mismatching PKCE = verifier. While noisy, I don=E2=80=99t think it affects the = scenario. 


    IMO, the online attack scenario (i.e., = proxying malicious requests through the victim=E2=80=99s browser) is = quite appealing to an attacker, despite the apparent = inconvenience:

     - the victim=E2=80=99s browser may be inside a = corporate firewall or VPN, allowing the attacker to effectively bypass = these restrictions
     - the attacker=E2=80=99s = traffic is mixed in with the user=E2=80=99s own requests, making them = harder to distinguish or to block

    Overall, DPoP can only protect against = XSS to the same level as HttpOnly cookies. This is not nothing, but it = means it only prevents relatively naive attacks. Given the association = of public key signatures with strong authentication, people may have = overinflated expectations if DPoP is pitched as an XSS = defence.

    Yes, in the cookie world this is known = as =E2=80=9CSession Riding=E2=80=9D. Having the worker for token = isolation would make it possible to enforce a coarse-grained policy on = outgoing requests to prevent total abuse of the AT.

    My main concern here is = the effort of doing DPoP in a browser versus the limited gains. It may = also give a false sense of security. 



    With all this said, I believe that the = AS can lock down its configuration to reduce these attack vectors. A few = initial ideas:

    1. Disable silent flows for SPAs using RT rotation
    2. Use the sec-fetch headers to detect and reject non-silent = iframe-based flows

    For example,  an OAuth 2.0 flow in an iframe in = Brave/Chrome carries these headers:
    sec-fetch-dest: iframe
    sec-fetch-mode: = navigate
    sec-fetch-site: cross-site
    sec-fetch-user: ?1


    Philippe


    CONFIDENTIALITY NOTICE: This email may contain confidential = and privileged material for the sole use of the intended recipient(s). = Any review, use, distribution or disclosure by others is strictly = prohibited.  If you have received this communication in error, = please notify the sender immediately by e-mail and delete the message = and any file attachments from your computer. Thank = you.


    CONFIDENTIALITY NOTICE: This email may contain confidential = and privileged material for the sole use of the intended recipient(s). = Any review, use, distribution or disclosure by others is strictly = prohibited.  If you have received this communication in error, = please notify the sender immediately by e-mail and delete the message = and any file attachments from your computer. Thank = you.




    = --Apple-Mail=_AF7CE05C-9FBF-45BD-92A1-2F819A92F65D-- From nobody Fri Dec 11 15:58:35 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 86D563A1057 for ; Fri, 11 Dec 2020 15:58:33 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.097 X-Spam-Level: X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_FONT_FACE_BAD=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=pingidentity.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fDF0IYOPc2HU for ; Fri, 11 Dec 2020 15:58:31 -0800 (PST) Received: from mail-lf1-x131.google.com (mail-lf1-x131.google.com [IPv6:2a00:1450:4864:20::131]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BF01B3A0FED for ; Fri, 11 Dec 2020 15:58:30 -0800 (PST) Received: by mail-lf1-x131.google.com with SMTP id m19so15722058lfb.1 for ; Fri, 11 Dec 2020 15:58:30 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=u+Fl1k6phCd2X2fbplSomv/AdfOz5C2Ihll5jYm6rVs=; b=BKWSKTsFV8i+J6eTbmfEpH02LBMK5edH8jHR1nmUupBs3RX/SNLElPw8ki2luh8goq MSQdiCUaSkVLLdiHNBN/AxgfxaQUG1kB6V3uI8RwXoLXRKM35qF7qHFdklX3bP+cgks2 bfkTGQGpF8MBdscVFRKzLvXmSptR5w4wyr9oUX5wuZYm93XIobJCGoPSSc5JlgbnVCDX KkjEP6dkLJWAhCzuOgf3ifhrDmli4vYTO51T4gC4WdvJ71nkzhwfIbptr3kGuV1kSb60 yQCwsGFXHxtyDr63kVCqMWjJedtNBN/Sd03Kmf97an0YvlQ5kEHxeLUM1wIzbSaX4F57 BTUw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=u+Fl1k6phCd2X2fbplSomv/AdfOz5C2Ihll5jYm6rVs=; b=frG3X7BHqzhXXgtlY23Eu2+VMUmheN7NzEmQm3cRk4A9QjEvWcV9PcohkkX0qCNbzi HQzLlkmnCnjUcXK6lwRuN86vR85xB/WJ7qCICC7UlXWV2kJr8dH98Q5SKVc+OE/oGfq7 UTCCtuNECvh1tsjuwgVJ7BRkz4NyJaoJA2yYsm5KldzOrew+Ud7+vBcYtgXFhufH0Nvt Yod/fn4eodAEpMLIAh5Exq55LJEe5HGKgtlQqNjSWJpriku4BVezQsEiKlgNX+dUWikJ qluTA4POvVy+5JX70SPBKYAeEujlQybsFjMCadvn3ufDLeRjZaV+400ozdSRs4BZhmYL vQKA== X-Gm-Message-State: AOAM531ig3Xm5hhO8n+51lR/NctpJt+rUbxbP1JAb4jkJJSCW29z7xnQ mrnak/YVmFyOhoWb/rjqUvEEOmrG03pdgONqEB2LYPYGJu1anK0wck6Czld+oBNeIk0CRYVfUNZ vCLkWGscaCZRycg== X-Google-Smtp-Source: ABdhPJwtYP5VxZFs3dBHVABGXhKQUVaOrpUxsYejhqrE6e6l6nlmaoWnV9WwAbE/Sj9NrMOdupS8/Ukkdf7UUY0jZe4= X-Received: by 2002:a2e:9842:: with SMTP id e2mr3448144ljj.293.1607731108602; Fri, 11 Dec 2020 15:58:28 -0800 (PST) MIME-Version: 1.0 References: <30D5F7BA-EA54-4E40-A2FC-222AA0C9AF8D@lodderstedt.net> <353E4494-2F80-44BC-9267-6FB8B37AA0FE@lodderstedt.net> <1B663AA7-563D-4D25-A408-9ED10FD818AC@forgerock.com> In-Reply-To: From: Brian Campbell Date: Fri, 11 Dec 2020 16:58:02 -0700 Message-ID: To: Philippe De Ryck Cc: Neil Madden , Torsten Lodderstedt , oauth Content-Type: multipart/alternative; boundary="0000000000009f86aa05b639112c" Archived-At: Subject: Re: [OAUTH-WG] DPoP followup I: freshness and coverage of signature X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Dec 2020 23:58:34 -0000 --0000000000009f86aa05b639112c Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Any type of client could use DPoP and (presumably) benefit from sender-constrained access tokens. So yeah, adding complexity specifically for browser-based applications (that only mitigates one variation of the attacks possible with XSS anyway) has 'cost' impact to those clients as well. And should be considered in the cost/benefit. Including the AT hash isn't terribly complicated but it's not trivial either. I'm honestly still unsure but am leaning towards it not being worth adding. On Fri, Dec 11, 2020 at 2:14 AM Philippe De Ryck < philippe@pragmaticwebsecurity.com> wrote: > The scenario you describe here is realistic in browser-based apps with XS= S > vulnerabilities, but it is pretty complex. Since there are worse problems > when XSS happens, it=E2=80=99s hard to say whether DPoP should mitigate t= his. > > I=E2=80=99m wondering what other types of clients would benefit from usin= g DPoP > for access tokens? Mobile apps? Clients using a Client Credentials grant? > > How are they impacted by any change made specifically for browser-based > applications? > > Philippe > > > On 9 Dec 2020, at 23:57, Brian Campbell > wrote: > > Thanks Philippe, I very much concur with your line of reasoning and the > important considerations. The scenario I was thinking of is: browser base= d > client where XSS is used to exfiltrate the refresh token along with > pre-computed proofs that would allow for the RT to be exchanged for new > access tokens and also pre-computed proofs that would work with those > access tokens for resource access. With the pre-computed proofs that woul= d > allow prolonged (as long as the RT is valid) access to protected resource= s > even when the victim is offline. Is that a concrete attack scenario? I > mean, kind of. It's pretty convoluted/complex. And while an access token > hash would reign it in somewhat (ATs obtained from the stolen RT wouldn't > be usable) it's hard to say if the cost is worth the benefit. > > > > On Tue, Dec 8, 2020 at 11:47 PM Philippe De Ryck < > philippe@pragmaticwebsecurity.com> wrote: > >> Yeah, browser-based apps are pure fun, aren=E2=80=99t they? :) >> >> The reason I covered a couple of (pessimistic) XSS scenarios is that the >> discussion started with an assumption that the attacker already >> successfully exploited an XSS vulnerability. I pointed out how, at that >> point, finetuning DPoP proof contents will have little to no effect to s= top >> an attack. I believe it is important to make this very clear, to avoid >> people turning to DPoP as a security mechanism for browser-based >> applications. >> >> >> Specifically to your question on including the hash in the proof, I thin= k >> these considerations are important: >> >> 1. Does the inclusion of the AT hash stop a concrete attack scenario? >> 2. Is the =E2=80=9Ccost=E2=80=9D (implementation, getting it right, =E2= =80=A6) worth the benefits? >> >> >> Here=E2=80=99s my view on these considerations (*specifically for browse= r-based >> apps, not for other types of applications*): >> >> 1. The proof precomputation attack is already quite complex, and short >> access token lifetimes already reduce the window of attack. If the attac= ker >> can steal a future AT, they could also precompute new proofs then. >> 2. For browser-based apps, it seems that doing this complicates the >> implementation, without adding much benefit. Of course, libraries could >> handle this, which significantly reduces the cost. >> >> >> Note that these comments are specifically to complicating the spec and >> implementation. DPoP=E2=80=99s capabilities of using sender-constrained = access >> tokens are still useful to counter various other scenarios (e.g., >> middleboxes or APIs abusing access tokens). If other applications would >> significantly benefit from having the hash in the proof, I=E2=80=99m all= for it. >> >> On a final note, I would be happy to help clear up the details on >> web-based threats and defenses if necessary. >> >> =E2=80=94 >> *Pragmatic Web Security* >> *Security for developers* >> https://pragmaticwebsecurity.com/ >> >> >> On 8 Dec 2020, at 22:47, Brian Campbell >> wrote: >> >> Danial recently added some text to the working copy of the draft with >> https://github.com/danielfett/draft-dpop/commit/f4b42058 that I think >> aims to better convey the "nutshell: XSS =3D Game over" sentiment and ma= ybe >> dissuade folks from looking to DPoP as a cure-all for browser based >> applications. Admittedly a lot of the initial impetus behind producing t= he >> draft in the first place was born out of discussions around browser base= d >> apps. But it's neither specific to browser based apps nor a panacea for >> them. I hope the language in the document and how it's recently been >> presented is reflective of that reality. >> >> The more specific discussions/recommendations around in-browser apps are >> valuable (if somewhat over my head) but might be more appropriate in the= OAuth >> 2.0 for Browser-Based Apps >> >> draft. >> >> With respect to the contents of the DPoP draft, I am still keen to try >> and flush out some consensus around the question posed in the start of t= his >> thread, which is effectively whether or not to include a hash of the acc= ess >> token in the proof. Acknowledging that "XSS =3D Game over" does sort of >> evoke a tendency to not even bother with such incremental protections (w= hat >> I've tried to humorously coin as "XSS Nihilism" with no success). And as >> such, I do think that leaving it how it is (no AT hash in the proof) is = not >> unreasonable. But, as Filip previously articulated, including the AT has= h >> in the proof would prevent potentially prolonged access to protected >> resources even when the victim is offline. And that seems maybe worthwhi= le >> to have in the protocol, given that it's not a huge change to the spec. = But >> it's a trade-off either way and I'm personally on the fence about it. >> >> Including an RT hash in the proof seems more niche. Best I can tell, it >> would guard against prolonged offline access to protected resources when >> access tokens are bearer and the RT was DPoP-bound and also gets rotated= . >> The trade-off there seems less worth it (I think an RT hash would be mor= e >> awkward in the protocol too). >> >> >> >> >> >> >> >> On Fri, Dec 4, 2020 at 5:40 AM Philippe De Ryck < >> philippe@pragmaticwebsecurity.com> wrote: >> >>> >>> The suggestion to use a web worker to ensure that proofs cannot be >>> pre-computed is a good one I think. (You could also use a sandboxed ifr= ame >>> for a separate sub/sibling-domain - dpop.example.com). >>> >>> >>> An iframe with a different origin would also work (not really >>> sandboxing, as that implies the use of the sandbox attribute to enforce >>> behavioral restrictions). The downside of an iframe is the need to host >>> additional HTML, vs a script file for the worker, but the effect is ind= eed >>> the same. >>> >>> For scenario 4, I think this only works if the attacker can trick/spoof >>> the AS into using their redirect_uri? Otherwise the AC will go to the >>> legitimate app which will reject it due to mismatched state/PKCE. Or ar= e >>> you thinking of XSS on the redirect_uri itself? I think probably a good >>> practice is that the target of a redirect_uri should be a very minimal = and >>> locked down page to avoid this kind of possibility. (Again, using a >>> separate sub-domain to handle tokens and DPoP seems like a good idea). >>> >>> >>> My original thought was to use a silent flow with Web Messaging. The >>> scenario would go as follows: >>> >>> 1. Setup a Web Messaging listener to receive the incoming code >>> 2. Create a hidden iframe with the DOM APIs >>> 3. Create an authorization request such as =E2=80=9C*/authorize?respons= e_type=3Dcode&client_id=3D...&redirect_uri=3Dhttps%3A%2F%example.com >>> &state=3D...&code_challenge=3D7-ffnU1EzHtMfxOAdlkp= _WixnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256&prompt=3Dnone&response= _mode=3Dweb_message* >>> =E2=80=9D >>> 4. Load this URL in the iframe, and wait for the result >>> 5. Retrieve code in the listener, and use PKCE (+ DPoP if needed) to >>> exchange it for tokens >>> >>> This puts the attacker in full control over every aspect of the flow, s= o >>> no need to manipulate any of the parameters. >>> >>> >>> After your comment, I also believe an attacker can run the same scenari= o >>> without the =E2=80=9C*response_mode=3Dweb_message*=E2=80=9D. This would= go as follows: >>> >>> 1. Create a hidden iframe with the DOM APIs >>> 2. Setup polling to read the URL (this will be possible for same-origin >>> pages, not for cross-origin pages) >>> 3. Create an authorization request such as =E2=80=9C*/authorize?respons= e_type=3Dcode&client_id=3D...&redirect_uri=3Dhttps%3A%2F%example.com >>> &state=3D...&code_challenge=3D7-ffnU1EzHtMfxOAdlkp= _WixnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256* >>> =E2=80=9D >>> 4. Load this URL in the iframe, and keep polling >>> 5. Detect the redirect back to the application with the code in the URL= , >>> retrieve code, and use PKCE (+ DPoP if needed) to exchange it for token= s >>> >>> In step 5, the application is likely to also try to exchange the code. >>> This will fail due to a mismatching PKCE verifier. While noisy, I don= =E2=80=99t >>> think it affects the scenario. >>> >>> >>> IMO, the online attack scenario (i.e., proxying malicious requests >>> through the victim=E2=80=99s browser) is quite appealing to an attacker= , despite >>> the apparent inconvenience: >>> >>> - the victim=E2=80=99s browser may be inside a corporate firewall or V= PN, >>> allowing the attacker to effectively bypass these restrictions >>> - the attacker=E2=80=99s traffic is mixed in with the user=E2=80=99s o= wn requests, >>> making them harder to distinguish or to block >>> >>> Overall, DPoP can only protect against XSS to the same level as HttpOnl= y >>> cookies. This is not nothing, but it means it only prevents relatively >>> naive attacks. Given the association of public key signatures with stro= ng >>> authentication, people may have overinflated expectations if DPoP is >>> pitched as an XSS defence. >>> >>> >>> Yes, in the cookie world this is known as =E2=80=9CSession Riding=E2=80= =9D. Having the >>> worker for token isolation would make it possible to enforce a >>> coarse-grained policy on outgoing requests to prevent total abuse of th= e AT. >>> >>> My main concern here is the effort of doing DPoP in a browser versus th= e >>> limited gains. It may also give a false sense of security. >>> >>> >>> >>> With all this said, I believe that the AS can lock down its >>> configuration to reduce these attack vectors. A few initial ideas: >>> >>> 1. Disable silent flows for SPAs using RT rotation >>> 2. Use the sec-fetch headers to detect and reject non-silent >>> iframe-based flows >>> >>> For example, an OAuth 2.0 flow in an iframe in Brave/Chrome carries >>> these headers: >>> *sec-fetch-dest: iframesec-fetch-mode: navigatesec-fetch-site: >>> cross-sitesec-fetch-user: ?1* >>> >>> >>> Philippe >>> >>> >>> >> *CONFIDENTIALITY NOTICE: This email may contain confidential and >> privileged material for the sole use of the intended recipient(s). Any >> review, use, distribution or disclosure by others is strictly prohibited= . >> If you have received this communication in error, please notify the send= er >> immediately by e-mail and delete the message and any file attachments fr= om >> your computer. Thank you.* >> >> >> > *CONFIDENTIALITY NOTICE: This email may contain confidential and > privileged material for the sole use of the intended recipient(s). Any > review, use, distribution or disclosure by others is strictly prohibited. > If you have received this communication in error, please notify the sende= r > immediately by e-mail and delete the message and any file attachments fro= m > your computer. Thank you.* > > > > > > --=20 _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged= =20 material for the sole use of the intended recipient(s). Any review, use,=20 distribution or disclosure by others is strictly prohibited.=C2=A0 If you h= ave=20 received this communication in error, please notify the sender immediately= =20 by e-mail and delete the message and any file attachments from your=20 computer. Thank you._ --0000000000009f86aa05b639112c Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
    Any type of client could use DPoP and (presumably) benefit from sender-constrained ac= cess tokens. So yeah, adding complexity specifically for browser-based appl= ications (that only mitigates one variation of the attacks possible with XSS anyway)=C2=A0 has 'co= st' impact to those clients as well. And should be considered in the co= st/benefit. Including the AT hash isn't terribly complicated but it'= ;s not trivial either. I'm honestly still unsure but am leaning towards= it not being worth adding.

    On Fri, Dec 11, 2020 at 2:14 AM Philippe De= Ryck <philippe@pragmaticwebsecurity.com> wrote:
    The scenario you describe here = is realistic in browser-based apps with XSS vulnerabilities, but it is pret= ty complex. Since there are worse problems when XSS happens, it=E2=80=99s h= ard to say whether DPoP should mitigate this.=C2=A0

    I=E2= =80=99m wondering what other types of clients would benefit from using DPoP= for access tokens? Mobile apps? Clients using a Client Credentials grant?<= /div>

    How are they impacted by any change made specifica= lly for browser-based applications?

    Philippe
    <= br>

    On 9 Dec 2020, at 23:57, Brian Camp= bell <bc= ampbell@pingidentity.com> wrote:

    Thanks Philippe, I very much concur with your line of reasoni= ng and the important considerations. The scenario I was thinking of is: bro= wser based client where XSS is used to exfiltrate the refresh token along w= ith pre-computed proofs that would allow for the RT to be exchanged for new= access tokens and also pre-computed proofs that would work with those acc= ess tokens for resource access. With the pre-computed proofs that would all= ow prolonged (as long as the RT is valid) access to protected resources eve= n when the victim is offline. Is that a concrete attack scenario? I mean, k= ind of. It's pretty convoluted/complex. And while an access token hash = would reign it in somewhat (ATs obtained from the stolen RT wouldn't be= usable) it's hard to say if the cost is worth the benefit.



    On Tue, Dec 8, 2020 at 11:47 PM Philippe De Ryck <philippe@= pragmaticwebsecurity.com> wrote:
    Yeah, browser-based apps are pure fun, aren=E2= =80=99t they? :)

    The reason I covered a couple of (pessi= mistic) XSS scenarios is that the discussion started with an assumption tha= t the attacker already successfully exploited an XSS vulnerability. I point= ed out how, at that point, finetuning DPoP proof contents will have little = to no effect to stop an attack. I believe it is important to make this very= clear, to avoid people turning to DPoP as a security mechanism for browser= -based applications.


    Specifically t= o your question on including the hash in the proof, I think these considera= tions are important:

    1. Does the inclusion of the = AT hash stop a concrete attack scenario?
    2. Is the =E2=80=9Ccost= =E2=80=9D (implementation, getting it right, =E2=80=A6) worth the benefits?=


    Here=E2=80=99s my view on these co= nsiderations (specifically for browser-based apps, not for other type= s of applications):

    1. The proof precomput= ation attack is already quite complex, and short access token lifetimes alr= eady reduce the window of attack. If the attacker can steal a future AT, th= ey could also precompute new proofs then.=C2=A0
    2. For browser-ba= sed apps, it seems that doing this complicates the implementation, without = adding much benefit. Of course, libraries could handle this, which signific= antly reduces the cost.=C2=A0


    Note = that these comments are specifically to complicating the spec and implement= ation. DPoP=E2=80=99s capabilities of using sender-constrained access token= s are still useful to counter various other scenarios (e.g., middleboxes or= APIs abusing access tokens). If other applications would significantly ben= efit from having the hash in the proof, I=E2=80=99m all for it.
    <= br>
    On a final note, I would be happy to help clear up the detail= s on web-based threats and defenses if necessary.

    =E2=80=94
    Pragmatic Web Securi= ty
    Security for developers
    https://pragmaticwebsecurity.com/
    <= br>

    On 8 Dec 2020, at 22:47, Brian Camp= bell <bc= ampbell@pingidentity.com> wrote:

    Danial recently added some text to the working copy of the draft with https://github.com/danielfett/draft-dpop/commit/f4b42058 that= I think aims to better convey the "nutshell: XSS =3D Game over" = sentiment and maybe dissuade folks from looking to DPoP as a cure-all for b= rowser based applications. Admittedly a lot of the initial impetus behind p= roducing the draft in the first place was born out of discussions around br= owser based apps. But it's neither specific to browser based apps nor a= panacea for them. I hope the language in the document and how it's rec= ently been presented is reflective of that reality.

    The more specific discussions/recommendations around in-browser apps= are valuable (if somewhat over my head) but might be more appropriate in t= he OAuth 2.0 for Browser-Based Apps draft.

    With respect to the contents of the DPoP draft, I am= still keen to try and flush out some consensus around the question posed i= n the start of this thread, which is effectively whether or not to include = a hash of the access token in the proof.=C2=A0 Acknowledging that "XSS= =3D Game over" does sort of evoke a tendency to not even bother with = such incremental protections (what I've tried to humorously coin as &q= uot;XSS Nihilism" with no success). And as such, I do think that leavi= ng it how it is (no AT hash in the proof) is not unreasonable. But, as Fili= p previously articulated, including the AT hash in the proof would prevent = potentially prolonged access to protected resources even when the victim i= s offline. And that seems maybe worthwhile to have in the protocol, given t= hat it's not a huge change to the spec. But it's a trade-off either= way and I'm personally on the fence about it.

    Including an RT hash in the proof seems more niche. Best I can tell, it wo= uld guard against prolonged offline access to protected resources when acce= ss tokens are bearer and the RT was DPoP-bound and also gets rotated. The t= rade-off there seems less worth it (I think an RT hash would be more awkwar= d in the protocol too).







    =
    On Fri, Dec 4, 2020 at 5:40 AM Philip= pe De Ryck <philippe@pragmaticwebsecurity.com> wrote:

    =
    The suggestion to use a web worker= to ensure that proofs cannot be pre-computed is a good one I think. (You c= ould also use a sandboxed iframe for a separate sub/sibling-domain - dpop.example.com).

    An iframe with a different o= rigin would also work (not really sandboxing, as that implies the use of th= e sandbox attribute to enforce behavioral restrictions). The downside of an= iframe is the need to host additional HTML, vs a script file for the worke= r, but the effect is indeed the same.

    For scenario 4, I think this only works if the att= acker can trick/spoof the AS into using their redirect_uri? Otherwise the A= C will go to the legitimate app which will reject it due to mismatched stat= e/PKCE. Or are you thinking of XSS on the redirect_uri itself? I think prob= ably a good practice is that the target of a redirect_uri should be a very = minimal and locked down page to avoid this kind of possibility. (Again, usi= ng a separate sub-domain to handle tokens and DPoP seems like a good idea).=

    My original thought was = to use a silent flow with Web Messaging. The scenario would go as follows:<= /div>

    1. Setup a Web Messaging listener to receive the i= ncoming code
    2. Create a hidden iframe with the DOM APIs
    3. Create an authorization request such as =E2=80=9C/authorize?respons= e_type=3Dcode&client_id=3D...&redirect_uri=3Dhttps%3A%2F%example.com&state=3D...&= ;code_challenge=3D7-ffnU1EzHtMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_chal= lenge_method=3DS256&prompt=3Dnone&response_mode=3Dweb_message= =E2=80=9D
    4. Load this URL in the iframe, and wait for the result=
    5. Retrieve code in the listener, and use PKCE (+ DPoP if needed= ) to exchange it for tokens

    This puts the attacker= in full control over every aspect of the flow, so no need to manipulate an= y of the parameters.


    After your com= ment, I also believe an attacker can run the same scenario without the =E2= =80=9Cresponse_mode=3Dweb_message=E2=80=9D. This would go as follows= :

    1. Create a hidden iframe with the DOM APIs=
    2. Setup polling to read the URL (this will be possible for same= -origin pages, not for cross-origin pages)
    3. Create an authoriza= tion request such as =E2=80=9C/authorize?response_type=3Dcode&client= _id=3D...&redirect_uri=3Dhttps%3A%2F%example.com&state=3D...&code_challenge=3D7-ffnU= 1EzHtMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256= =E2=80=9D
    4. Load this URL in the iframe, and keep polling
    <= div>5. Detect the redirect back to the application with the code in the URL= , retrieve code, and use PKCE (+ DPoP if needed) to exchange it for tokens<= /div>

    In step 5, the application is likely to also try t= o exchange the code. This will fail due to a mismatching PKCE verifier. Whi= le noisy, I don=E2=80=99t think it affects the scenario.=C2=A0
    <= div>

    IMO, the online = attack scenario (i.e., proxying malicious requests through the victim=E2=80= =99s browser) is quite appealing to an attacker, despite the apparent incon= venience:

    =C2=A0- the victim=E2=80=99s browser may= be inside a corporate firewall or VPN, allowing the attacker to effectivel= y bypass these restrictions
    =C2=A0- the attacker=E2=80=99s traffi= c is mixed in with the user=E2=80=99s own requests, making them harder to d= istinguish or to block

    Overall, DPoP can only prot= ect against XSS to the same level as HttpOnly cookies. This is not nothing,= but it means it only prevents relatively naive attacks. Given the associat= ion of public key signatures with strong authentication, people may have ov= erinflated expectations if DPoP is pitched as an XSS defence.

    Yes, in the cookie world this is known= as =E2=80=9CSession Riding=E2=80=9D. Having the worker for token isolation= would make it possible to enforce a coarse-grained policy on outgoing requ= ests to prevent total abuse of the AT.

    My main con= cern here is the effort of doing DPoP in a browser versus the limited gains= . It may also give a false sense of security.=C2=A0



    With all this said, I believe that the AS c= an lock down its configuration to reduce these attack vectors. A few initia= l ideas:

    1. Disable silent flows for SPAs using RT= rotation
    2. Use the sec-fetch headers to detect and reject non-s= ilent iframe-based flows

    For example, =C2=A0an OAu= th 2.0 flow in an iframe in Brave/Chrome carries these headers:
    <= div>
    sec-= fetch-dest: iframe
    sec-fetch-mode: navigate
    sec-fetch-s= ite: cross-site
    sec-fetch-user: ?1
    <= div>
    Philippe


    CONFIDENTIALITY NOTICE: This email m= ay contain confidential and privileged material for the sole use of the int= ended recipient(s). Any review, use, distribution or disclosure by others i= s strictly prohibited.=C2=A0 If you have received this communication in err= or, please notify the sender immediately by e-mail and delete the message a= nd any file attachments from your computer. Thank you.


    CONFIDENTIALITY NOTICE: This email m= ay contain confidential and privileged material for the sole use of the int= ended recipient(s). Any review, use, distribution or disclosure by others i= s strictly prohibited.=C2=A0 If you have received this communication in err= or, please notify the sender immediately by e-mail and delete the message a= nd any file attachments from your computer. Thank you.





    <= span style=3D"margin:0px;padding:0px;border:0px;outline:0px;vertical-align:= baseline;background:transparent;font-family:proxima-nova-zendesk,system-ui,= -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ub= untu,Cantarell,"Helvetica Neue",Arial,sans-serif;font-weight:600"= >CONFIDENTIALITY NOTICE: This email may contain confidenti= al and privileged material for the sole use of the intended recipient(s). A= ny review, use, distribution or disclosure by others is strictly prohibited= .=C2=A0 If you have received this communication in error, please notify the= sender immediately by e-mail and delete the message and any file attachmen= ts from your computer. Thank you. --0000000000009f86aa05b639112c-- From nobody Fri Dec 11 16:02:00 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 257B03A1059 for ; Fri, 11 Dec 2020 16:01:59 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.097 X-Spam-Level: X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_FONT_FACE_BAD=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=pingidentity.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RIKsmlO9T9bH for ; Fri, 11 Dec 2020 16:01:55 -0800 (PST) Received: from mail-lf1-x134.google.com (mail-lf1-x134.google.com [IPv6:2a00:1450:4864:20::134]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 365793A1058 for ; Fri, 11 Dec 2020 16:01:55 -0800 (PST) Received: by mail-lf1-x134.google.com with SMTP id r24so15688848lfm.8 for ; Fri, 11 Dec 2020 16:01:55 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=wt0Q0fHvXwvaRReIKCB5zOTRyqGC8wCU3+zz0qitL/Y=; b=TrnS0ZTIkU6rEr8zC/7VFzCgxnXMtiwHk5AGPPVYaQqZLuB8XYmoAdNeaNmOiX+sMx ZEdZMfwILQkaVgZo78iarSKm4Nmhojtw/sFxNLhwOuwV2G0i4+SPvX3/0tjLcWlmsEL7 QnqvOHk4k913oAWE5a5EJ7YgaAWH1VcGPOr7FBukloYKhR2qZLoyG/y6GCSs4EP6MISq 6q7JSBa0KDil24WdjU8FRzKMNm63Py3nWO97o7ByScm9d6sYWtDJC5UuzxfjHwh1k9cc WpNd3Fe7xcfYcUgTtDVgOfgI+ohbjLHwfEzsnr4umJro7E+IcPKy1H/ifbCx6nNKuA1g RFmw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=wt0Q0fHvXwvaRReIKCB5zOTRyqGC8wCU3+zz0qitL/Y=; b=jOKdjmtEz/61cYbkV+JxkrBs2+xb111XU0/G0hpITDyrANi2cSo28ZxhXpIJnRuVB+ VVn0uUN9HZYwWKMEWo0/TnBb58LVEzYyMxCMDX5DYz8rup4/8PBX7QeWCCNxNPIqq1T4 21Bmsx3qm/ZRLJxC99UM2/2i5hGEHe2pmuKRLKZ7th8tJDeTwx9PxF6zHiyD1KwIDcV1 JdrFw6awLBBTi8jICCRcV1qS79080NaKL8w3VIb7UdJuV8yAh5I8pIlSUJ9WK6pn4QkC 27f7Kfq1U2z3Qsc4OlUUvv07hInvhcT99w80ZsK5ZqKnpRTRuQc7ROYGXY5NKejXCMKo hsLQ== X-Gm-Message-State: AOAM532ofbKGpPZHigwzssFK+ZgpOU3bzUb3XUhfiouktQcYlswMB/zY fDO3gHgygq7XS2dcQed/fgcrzpdCKbc1lo2RS1e3W6I52CFVlgVjhamxAGno+SfXhIanL7IcBDD HPjSJq1xJLjk0ejTxEO/TfQ== X-Google-Smtp-Source: ABdhPJxFh3M4I+rEC2i556zORrlHFcsezhEIK1m7fwfsha3mGYUj2YzJZ2ieDPsh53vZs1kMPMwD2rxTN1CjyoqvHh0= X-Received: by 2002:a19:650c:: with SMTP id z12mr5113949lfb.582.1607731313350; Fri, 11 Dec 2020 16:01:53 -0800 (PST) MIME-Version: 1.0 References: <30D5F7BA-EA54-4E40-A2FC-222AA0C9AF8D@lodderstedt.net> <353E4494-2F80-44BC-9267-6FB8B37AA0FE@lodderstedt.net> <1B663AA7-563D-4D25-A408-9ED10FD818AC@forgerock.com> <6b389264-96c2-497b-d8f5-204cf430bec1@manicode.com> In-Reply-To: <6b389264-96c2-497b-d8f5-204cf430bec1@manicode.com> From: Brian Campbell Date: Fri, 11 Dec 2020 17:01:26 -0700 Message-ID: To: Jim Manico Cc: Philippe De Ryck , oauth Content-Type: multipart/alternative; boundary="000000000000d3b78a05b6391d3f" Archived-At: Subject: Re: [OAUTH-WG] DPoP followup I: freshness and coverage of signature X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 12 Dec 2020 00:01:59 -0000 --000000000000d3b78a05b6391d3f Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable I think that puts Jim in the XSS Nihilism camp :) Implicit type flows are being deprecated/discouraged. But keeping tokens out of browsers doesn't seem likely. There is some menton of CSP in https://tools.ietf.org/html/draft-ietf-oauth-browser-based-apps-07#section-= 9.7 On Wed, Dec 9, 2020 at 4:10 PM Jim Manico wrote: > The basic theme from the web attacker community is: > > 1) XSS is a game over event to web clients. XSS can steal or abuse > (request forgery) tokens, and more. > > 2) Even if you prevent stolen tokens from being used outside of a web > client, XSS still allows the attacker to force a user to make any request > in a fraudulent way, abusing browser based tokens as a form of request > forgery. > > 3) There are advanced measures to stop a token from being stolen from a > web client, like a HTTPonly cookies and to a lesser degree, JS Closures a= nd > Webworkers. > > 4) However, these measures to protect cookies are mostly moot. Attackers > can just force clients to make fraudulent requests. > > 5) Many recommend the BFF pattern to hide tokens on the back end, but > still, request forgery via XSS allows all kinds of abuse. > > XSS is game over no matter how you slice it. > > Crypto solutions do not help. Perhaps the world of OAuth can start > suggesting that web clients use CSP 3.0 in specific ways, if you still pl= an > to support Implicit type flows or tokens in browsers? > > Respectfully, > > - Jim > > > On 12/9/20 12:57 PM, Brian Campbell wrote: > > Thanks Philippe, I very much concur with your line of reasoning and the > important considerations. The scenario I was thinking of is: browser base= d > client where XSS is used to exfiltrate the refresh token along with > pre-computed proofs that would allow for the RT to be exchanged for new > access tokens and also pre-computed proofs that would work with those > access tokens for resource access. With the pre-computed proofs that woul= d > allow prolonged (as long as the RT is valid) access to protected resource= s > even when the victim is offline. Is that a concrete attack scenario? I > mean, kind of. It's pretty convoluted/complex. And while an access token > hash would reign it in somewhat (ATs obtained from the stolen RT wouldn't > be usable) it's hard to say if the cost is worth the benefit. > > > > On Tue, Dec 8, 2020 at 11:47 PM Philippe De Ryck < > philippe@pragmaticwebsecurity.com> wrote: > >> Yeah, browser-based apps are pure fun, aren=E2=80=99t they? :) >> >> The reason I covered a couple of (pessimistic) XSS scenarios is that the >> discussion started with an assumption that the attacker already >> successfully exploited an XSS vulnerability. I pointed out how, at that >> point, finetuning DPoP proof contents will have little to no effect to s= top >> an attack. I believe it is important to make this very clear, to avoid >> people turning to DPoP as a security mechanism for browser-based >> applications. >> >> >> Specifically to your question on including the hash in the proof, I thin= k >> these considerations are important: >> >> 1. Does the inclusion of the AT hash stop a concrete attack scenario? >> 2. Is the =E2=80=9Ccost=E2=80=9D (implementation, getting it right, =E2= =80=A6) worth the benefits? >> >> >> Here=E2=80=99s my view on these considerations (*specifically for browse= r-based >> apps, not for other types of applications*): >> >> 1. The proof precomputation attack is already quite complex, and short >> access token lifetimes already reduce the window of attack. If the attac= ker >> can steal a future AT, they could also precompute new proofs then. >> 2. For browser-based apps, it seems that doing this complicates the >> implementation, without adding much benefit. Of course, libraries could >> handle this, which significantly reduces the cost. >> >> >> Note that these comments are specifically to complicating the spec and >> implementation. DPoP=E2=80=99s capabilities of using sender-constrained = access >> tokens are still useful to counter various other scenarios (e.g., >> middleboxes or APIs abusing access tokens). If other applications would >> significantly benefit from having the hash in the proof, I=E2=80=99m all= for it. >> >> On a final note, I would be happy to help clear up the details on >> web-based threats and defenses if necessary. >> >> =E2=80=94 >> *Pragmatic Web Security* >> *Security for developers* >> https://pragmaticwebsecurity.com/ >> >> >> On 8 Dec 2020, at 22:47, Brian Campbell >> wrote: >> >> Danial recently added some text to the working copy of the draft with >> https://github.com/danielfett/draft-dpop/commit/f4b42058 that I think >> aims to better convey the "nutshell: XSS =3D Game over" sentiment and ma= ybe >> dissuade folks from looking to DPoP as a cure-all for browser based >> applications. Admittedly a lot of the initial impetus behind producing t= he >> draft in the first place was born out of discussions around browser base= d >> apps. But it's neither specific to browser based apps nor a panacea for >> them. I hope the language in the document and how it's recently been >> presented is reflective of that reality. >> >> The more specific discussions/recommendations around in-browser apps are >> valuable (if somewhat over my head) but might be more appropriate in the= OAuth >> 2.0 for Browser-Based Apps >> >> draft. >> >> With respect to the contents of the DPoP draft, I am still keen to try >> and flush out some consensus around the question posed in the start of t= his >> thread, which is effectively whether or not to include a hash of the acc= ess >> token in the proof. Acknowledging that "XSS =3D Game over" does sort of >> evoke a tendency to not even bother with such incremental protections (w= hat >> I've tried to humorously coin as "XSS Nihilism" with no success). And as >> such, I do think that leaving it how it is (no AT hash in the proof) is = not >> unreasonable. But, as Filip previously articulated, including the AT has= h >> in the proof would prevent potentially prolonged access to protected >> resources even when the victim is offline. And that seems maybe worthwhi= le >> to have in the protocol, given that it's not a huge change to the spec. = But >> it's a trade-off either way and I'm personally on the fence about it. >> >> Including an RT hash in the proof seems more niche. Best I can tell, it >> would guard against prolonged offline access to protected resources when >> access tokens are bearer and the RT was DPoP-bound and also gets rotated= . >> The trade-off there seems less worth it (I think an RT hash would be mor= e >> awkward in the protocol too). >> >> >> >> >> >> >> >> On Fri, Dec 4, 2020 at 5:40 AM Philippe De Ryck < >> philippe@pragmaticwebsecurity.com> wrote: >> >>> >>> The suggestion to use a web worker to ensure that proofs cannot be >>> pre-computed is a good one I think. (You could also use a sandboxed ifr= ame >>> for a separate sub/sibling-domain - dpop.example.com). >>> >>> >>> An iframe with a different origin would also work (not really >>> sandboxing, as that implies the use of the sandbox attribute to enforce >>> behavioral restrictions). The downside of an iframe is the need to host >>> additional HTML, vs a script file for the worker, but the effect is ind= eed >>> the same. >>> >>> For scenario 4, I think this only works if the attacker can trick/spoof >>> the AS into using their redirect_uri? Otherwise the AC will go to the >>> legitimate app which will reject it due to mismatched state/PKCE. Or ar= e >>> you thinking of XSS on the redirect_uri itself? I think probably a good >>> practice is that the target of a redirect_uri should be a very minimal = and >>> locked down page to avoid this kind of possibility. (Again, using a >>> separate sub-domain to handle tokens and DPoP seems like a good idea). >>> >>> >>> My original thought was to use a silent flow with Web Messaging. The >>> scenario would go as follows: >>> >>> 1. Setup a Web Messaging listener to receive the incoming code >>> 2. Create a hidden iframe with the DOM APIs >>> 3. Create an authorization request such as =E2=80=9C*/authorize?respons= e_type=3Dcode&client_id=3D...&redirect_uri=3Dhttps%3A%2F%example.com >>> &state=3D...&code_challenge=3D7-ffnU1EzHtMfxOAdlkp= _WixnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256&prompt=3Dnone&response= _mode=3Dweb_message* >>> =E2=80=9D >>> 4. Load this URL in the iframe, and wait for the result >>> 5. Retrieve code in the listener, and use PKCE (+ DPoP if needed) to >>> exchange it for tokens >>> >>> This puts the attacker in full control over every aspect of the flow, s= o >>> no need to manipulate any of the parameters. >>> >>> >>> After your comment, I also believe an attacker can run the same scenari= o >>> without the =E2=80=9C*response_mode=3Dweb_message*=E2=80=9D. This would= go as follows: >>> >>> 1. Create a hidden iframe with the DOM APIs >>> 2. Setup polling to read the URL (this will be possible for same-origin >>> pages, not for cross-origin pages) >>> 3. Create an authorization request such as =E2=80=9C*/authorize?respons= e_type=3Dcode&client_id=3D...&redirect_uri=3Dhttps%3A%2F%example.com >>> &state=3D...&code_challenge=3D7-ffnU1EzHtMfxOAdlkp= _WixnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256* >>> =E2=80=9D >>> 4. Load this URL in the iframe, and keep polling >>> 5. Detect the redirect back to the application with the code in the URL= , >>> retrieve code, and use PKCE (+ DPoP if needed) to exchange it for token= s >>> >>> In step 5, the application is likely to also try to exchange the code. >>> This will fail due to a mismatching PKCE verifier. While noisy, I don= =E2=80=99t >>> think it affects the scenario. >>> >>> >>> IMO, the online attack scenario (i.e., proxying malicious requests >>> through the victim=E2=80=99s browser) is quite appealing to an attacker= , despite >>> the apparent inconvenience: >>> >>> - the victim=E2=80=99s browser may be inside a corporate firewall or V= PN, >>> allowing the attacker to effectively bypass these restrictions >>> - the attacker=E2=80=99s traffic is mixed in with the user=E2=80=99s o= wn requests, >>> making them harder to distinguish or to block >>> >>> Overall, DPoP can only protect against XSS to the same level as HttpOnl= y >>> cookies. This is not nothing, but it means it only prevents relatively >>> naive attacks. Given the association of public key signatures with stro= ng >>> authentication, people may have overinflated expectations if DPoP is >>> pitched as an XSS defence. >>> >>> >>> Yes, in the cookie world this is known as =E2=80=9CSession Riding=E2=80= =9D. Having the >>> worker for token isolation would make it possible to enforce a >>> coarse-grained policy on outgoing requests to prevent total abuse of th= e AT. >>> >>> My main concern here is the effort of doing DPoP in a browser versus th= e >>> limited gains. It may also give a false sense of security. >>> >>> >>> >>> With all this said, I believe that the AS can lock down its >>> configuration to reduce these attack vectors. A few initial ideas: >>> >>> 1. Disable silent flows for SPAs using RT rotation >>> 2. Use the sec-fetch headers to detect and reject non-silent >>> iframe-based flows >>> >>> For example, an OAuth 2.0 flow in an iframe in Brave/Chrome carries >>> these headers: >>> * sec-fetch-dest: iframe sec-fetch-mode: navigate sec-fetch-site: >>> cross-site sec-fetch-user: ?1 * >>> >>> >>> Philippe >>> >>> >>> >> *CONFIDENTIALITY NOTICE: This email may contain confidential and >> privileged material for the sole use of the intended recipient(s). Any >> review, use, distribution or disclosure by others is strictly prohibited= . >> If you have received this communication in error, please notify the send= er >> immediately by e-mail and delete the message and any file attachments fr= om >> your computer. Thank you.* >> >> >> > *CONFIDENTIALITY NOTICE: This email may contain confidential and > privileged material for the sole use of the intended recipient(s). Any > review, use, distribution or disclosure by others is strictly prohibited. > If you have received this communication in error, please notify the sende= r > immediately by e-mail and delete the message and any file attachments fro= m > your computer. Thank you.* > > _______________________________________________ > OAuth mailing listOAuth@ietf.orghttps://www.ietf.org/mailman/listinfo/oau= th > > -- > Jim Manico > Manicode Securityhttps://www.manicode.com > > --=20 _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged= =20 material for the sole use of the intended recipient(s). Any review, use,=20 distribution or disclosure by others is strictly prohibited.=C2=A0 If you h= ave=20 received this communication in error, please notify the sender immediately= =20 by e-mail and delete the message and any file attachments from your=20 computer. Thank you._ --000000000000d3b78a05b6391d3f Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
    I think that puts Jim in the XSS Nihilism camp :)=C2= =A0

    Implicit type flows are being deprecated/disco= uraged. But keeping tokens out of browsers doesn't seem likely. There i= s some menton of CSP in https://tools.ietf.org/html/draft-i= etf-oauth-browser-based-apps-07#section-9.7

    On Wed, Dec 9, 20= 20 at 4:10 PM Jim Manico <jim@manicode.com> wrote:
    =20 =20 =20

    The basic theme from the web attacker community is:

    1) XSS is a game over event to web clients. XSS can steal or abuse (request forgery) tokens, and more.

    2) Even if you prevent stolen tokens from being used outside of a web client, XSS still allows the attacker to force a user to make any request in a fraudulent way, abusing browser based tokens as a form of request forgery.

    3) There are advanced measures to stop a token from being stolen from a web client, like a HTTPonly cookies and to a lesser degree, JS Closures and Webworkers.

    4) However, these measures to protect cookies are mostly moot. Attackers can just force clients to make fraudulent requests.

    5) Many recommend the BFF pattern to hide tokens on the back end, but still, request forgery via XSS allows all kinds of abuse.

    XSS is game over no matter how you slice it.

    Crypto solutions do not help. Perhaps the world of OAuth can start suggesting that web clients use CSP 3.0 in specific ways, if you still plan to support Implicit type flows or tokens in browsers?

    Respectfully,

    - Jim


    On 12/9/20 12:57 PM, Brian Campbell wrote:
    =20
    Thanks Philippe, I very much concur with your line of reasoning and the important considerations. The scenario I was thinking of is: browser based client where XSS is used to exfiltrate the refresh token along with pre-computed proofs that would allow for the RT to be exchanged for new access tokens and also pre-computed proofs that would work with those access tokens for resource access. With the pre-computed proofs that would allow prolonged (as long as the RT is valid) access to protected resources even when the victim is offline. Is that a concrete attack scenario? I mean, kind of. It's pretty convoluted/complex. An= d while an access token hash would reign it in somewhat (ATs obtained from the stolen RT wouldn't be usable) it's hard= to say if the cost is worth the benefit.



    On Tue, Dec 8, 2020 at 11:47 PM Philippe De Ryck <philippe@pragmaticwebsecurity.com> wrote:
    Yeah, browser-based apps are pure fun, aren=E2=80=99t they? :)

    The reason I covered a couple of (pessimistic) XSS scenarios is that the discussion started with an assumption that the attacker already successfully exploited an XSS vulnerability. I pointed out how, at that point, finetuning DPoP proof contents will have little to no effect to stop an attack. I believe it is important to make this very clear, to avoid people turning to DPoP as a security mechanism for browser-based applications.


    Specifically to your question on including the hash in the proof, I think these considerations are important:

    1. Does the inclusion of the AT hash stop a concrete attack scenario?
    2. Is the =E2=80=9Ccost=E2=80=9D (implementation, getting = it right, =E2=80=A6) worth the benefits?


    Here=E2=80=99s my view on these considerations (spec= ifically for browser-based apps, not for other types of applications):

    1. The proof precomputation attack is already quite complex, and short access token lifetimes already reduce the window of attack. If the attacker can steal a future AT, they could also precompute new proofs then.=C2=A0
    2. For browser-based apps, it seems that doing this complicates the implementation, without adding much benefit. Of course, libraries could handle this, which significantly reduces the cost.=C2=A0


    Note that these comments are specifically to complicating the spec and implementation. DPoP=E2=80=99s capabilities of using sender-constrained access tokens are still useful to counter various other scenarios (e.g., middleboxes or APIs abusing access tokens). If other applications would significantly benefit from having the hash in the proof, I=E2=80=99m all for it.

    On a final note, I would be happy to help clear up the details on web-based threats and defenses if necessary.

    =E2=80=94
    Pragmatic Web Security
    Security for developers
    https://pragmaticwebsecurity.com/


    On 8 Dec 2020, at 22:47, Brian Campbell <bcampbell@pingide= ntity.com> wrote:

    Danial recently added some text to the working copy of the draft with https:= //github.com/danielfett/draft-dpop/commit/f4b42058 that I think aims to better convey the "nutshell: XSS =3D Game over" sentiment= and maybe dissuade folks from looking to DPoP as a cure-all for browser based applications. Admittedly a lot of the initial impetus behind producing the draft in the first place was born out of discussions around browser based apps. But it's neither specific to browser based apps nor a panacea for them. I hope the language in the document and how it's recentl= y been presented is reflective of that reality.

    The more specific discussions/recommendations around in-browser apps are valuable (if somewhat over my head) but might be more appropriate in the OAuth 2.0 for Browser-Based Apps draft.

    With respect to the contents of the DPoP draft, I am still keen to try and flush out some consensus around the question posed in the start of this thread, which is effectively whether or not to include a hash of the access token in the proof.=C2=A0 Acknowledging that &quo= t;XSS =3D Game over" does sort of evoke a tendency to not even bother with such incremental protections (what I've tried to humorously coin as "XSS Nihilism" with no success)= . And as such, I do think that leaving it how it is (no AT hash in the proof) is not unreasonable. But, as Filip previously articulated, including the AT hash in the proof would prevent potentially prolonged access to protected resources even when the victim is offline. And that seems maybe worthwhile to have in the protocol, given that it's not a huge change to the spec. But it's a trade-off either way and I'm personally on the fence about it.

    Including an RT hash in the proof seems more niche. Best I can tell, it would guard against prolonged offline access to protected resources when access tokens are bearer and the RT was DPoP-bound and also gets rotated. The trade-off there seems less worth it (I think an RT hash would be more awkward in the protocol too).







    On Fri, Dec 4= , 2020 at 5:40 AM Philippe De Ryck <philippe@pragmat= icwebsecurity.com> wrote:

    The suggestion to use a web worker to ensure that proofs cannot be pre-computed is a good one I think. (You could also use a sandboxed iframe for a separate sub/sibling-domain - dpop.example.com).

    An iframe with a different origin would also work (not really sandboxing, as that implies the use of the sandbox attribute to enforce behavioral restrictions). The downside of an iframe is the need to host additional HTML, vs a script file for the worker, but the effect is indeed the same.

    For scenario 4, I think this only works if the attacker can trick/spoof the AS into using their redirect_uri? Otherwise the AC will go to the legitimate app which will reject it due to mismatched state/PKCE. Or are you thinking of XSS on the redirect_uri itself? I think probably a good practice is that the target of a redirect_uri should be a very minimal and locked down page to avoid this kind of possibility. (Again, using a separate sub-domain to handle tokens and DPoP seems like a good idea).

    My original thought was to use a silent flow with Web Messaging. The scenario would go as follows:

    1. Setup a Web Messaging listener to receive the incoming code
    2. Create a hidden iframe with the DOM APIs
    3. Create an authorization request such as =E2=80=9C/authorize?response_t= ype=3Dcode&client_id=3D...&redirect_uri=3Dhttps%3A%2F%example.com&state=3D...&co= de_challenge=3D7-ffnU1EzHtMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_challen= ge_method=3DS256&prompt=3Dnone&response_mode=3Dweb_message=E2= =80=9D
    4. Load this URL in the iframe, and wait for the result
    5. Retrieve code in the listener, and use PKCE (+ DPoP if needed) to exchange it for tokens

    This puts the attacker in full control over every aspect of the flow, so no need to manipulate any of the parameters.


    After your comment, I also believe an attacker can run the same scenario without the =E2=80=9Cresponse_mode=3Dw= eb_message=E2=80=9D. This would go as follows:

    1. Create a hidden iframe with the DOM APIs
    2. Setup polling to read the URL (this will be possible for same-origin pages, not for cross-origin pages)
    3. Create an authorization request such as =E2=80=9C/authorize?= response_type=3Dcode&client_id=3D...&redirect_uri=3Dhttps%3A%2F%example.com&state=3D= ...&code_challenge=3D7-ffnU1EzHtMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&co= de_challenge_method=3DS256=E2=80=9D
    4. Load this URL in the iframe, and keep polling
    5. Detect the redirect back to the application with the code in the URL, retrieve code, and use PKCE (+ DPoP if needed) to exchange it for tokens

    In step 5, the application is likely to also try to exchange the code. This will fail due to a mismatching PKCE verifier. While noisy, I don=E2=80=99t think it affects= the scenario.=C2=A0


    IMO, the online attack scenario (i.e., proxying malicious requests through the victim=E2=80=99s browser) is quite appealing to an attacker, despite the apparent inconvenience:

    =C2=A0- the victim=E2=80=99s bro= wser may be inside a corporate firewall or VPN, allowing the attacker to effectively bypass these restrictions
    =C2=A0- the attacker=E2=80=99s t= raffic is mixed in with the user=E2=80=99s ow= n requests, making them harder to distinguish or to block

    Overall, DPoP can only protect against XSS to the same level as HttpOnly cookies. This is not nothing, but it means it only prevents relatively naive attacks. Given the association of public key signatures with strong authentication, people may have overinflated expectations if DPoP is pitched as an XSS defence.

    Yes, in the cookie world this is known as =E2=80=9CSession Riding=E2=80=9D= . Having the worker for token isolation would make it possible to enforce a coarse-grained policy on outgoing requests to prevent total abuse of the AT.

    My main concern here is the effort of doing DPoP in a browser versus the limited gains. It may also give a false sense of security.=C2=A0



    With all this said, I believe that the AS can lock down its configuration to reduce these attack vectors. A few initial ideas:

    1. Disable silent flows for SPAs using RT rotation
    2. Use the sec-fetch headers to detect and reject non-silent iframe-based flows

    For example, =C2=A0an OAuth 2.0 flow i= n an iframe in Brave/Chrome carries these headers:
    sec-fetch-dest: iframe
    sec-fetch-mode: navigate
    sec-fetch-site: cross-site
    sec-fetch-user: ?1


    Philippe


    CONFIDENTIALITY NOTICE: Thi= s email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.=C2=A0 If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.


    CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.=C2=A0 If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you. 
    _______________________________________________
OAuth mailing list
OAuth@ietf.org
h=
ttps://www.ietf.org/mailman/listinfo/oauth

    --=20
Jim Manico
Manicode Security
https://www.manicode=
.com

    <= span style=3D"margin:0px;padding:0px;border:0px;outline:0px;vertical-align:= baseline;background:transparent;font-family:proxima-nova-zendesk,system-ui,= -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ub= untu,Cantarell,"Helvetica Neue",Arial,sans-serif;font-weight:600"= >CONFIDENTIALITY NOTICE: This email may contain confidenti= al and privileged material for the sole use of the intended recipient(s). A= ny review, use, distribution or disclosure by others is strictly prohibited= .=C2=A0 If you have received this communication in error, please notify the= sender immediately by e-mail and delete the message and any file attachmen= ts from your computer. Thank you. --000000000000d3b78a05b6391d3f-- From nobody Fri Dec 11 23:26:04 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3C4F93A0B37 for ; Fri, 11 Dec 2020 23:26:02 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.097 X-Spam-Level: X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_FONT_FACE_BAD=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=forgerock.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kkjZJBkuv98O for ; Fri, 11 Dec 2020 23:25:58 -0800 (PST) Received: from mail-ej1-x62e.google.com (mail-ej1-x62e.google.com [IPv6:2a00:1450:4864:20::62e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7F34D3A0B36 for ; Fri, 11 Dec 2020 23:25:57 -0800 (PST) Received: by mail-ej1-x62e.google.com with SMTP id 6so874000ejz.5 for ; Fri, 11 Dec 2020 23:25:56 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=forgerock.com; s=google; h=from:mime-version:subject:date:message-id:references:cc:in-reply-to :to:content-transfer-encoding; bh=xVbWSQaSreCKqo+BPcTK+tlgBP94r2fOWrpKNPbDqgQ=; b=PUuFb5STnCrzZ2t4oz8De2/7BjbxYxwR8xOL75FsEXv5klVtiey1tPPdyDcuqnuJnB TzdVk13t4pZNYbGJMK3FwHPD8H5iTF922IznF8EuxSI4xXo/zMwXbsjPfeonEJpXmVZ9 WsWRfi7aprGiKWv1Dr24ALllyaP/kMinm843I= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:mime-version:subject:date:message-id :references:cc:in-reply-to:to:content-transfer-encoding; bh=xVbWSQaSreCKqo+BPcTK+tlgBP94r2fOWrpKNPbDqgQ=; b=FmrUN3Rj1d5SV8bRkhFZFMx8m7+7FdA0zU9NB4jx52xdTzFfcN/KBrLHkZ5NeLhjzd hufge9jjPyjwMoeH9zGPs2REBwtMnFzLjs3Z98k/gcnpBoZV8D+xPC9OS54a1BhjoaKq iY2Al8qbI0weNJjt4PfsJ+yOyG6NjmQhNc9vWWrSYqvIIpGFdb10fmRc97swMRjQIrdg TcJtjMAfxEvmztAoZ0E9ii6aK14id4ObevZe08AsB/Q7jNVwICRDcxt7cqSJdg0a/sWA 1Fxc42VbxuBXDR1MCWaZDGjaBk+TCfvBUIoNtGIR2tu0NpjZsnJv/9ukFKWqfGiUXmDH XHVA== X-Gm-Message-State: AOAM531TEEnUoYmx5iGguFyMIGdP1oG7MhWDYt42u3GiObOTKiztZNs5 P2fxzve5/iEXy0Xje8nkdvoSENy13/ubElFaTpJcKXuh+i6M9pLZLBsA0/OMXtiIPQztsryFwLt qx1/aGlb5kc/nZWiYBh9lbmHiM+RPyQ0AOWabjpaPmxbGuMfgS6EHH3GhwRSXUeMYyA== X-Google-Smtp-Source: ABdhPJxXKy5rmA2MVbA7L5KxjvS2R0xE/H4XsTDFY5zXyHtH4ALV6F6ZoBj+V8myfOW48KBgRT5zrQ== X-Received: by 2002:a17:906:b793:: with SMTP id dt19mr14209404ejb.120.1607757955174; Fri, 11 Dec 2020 23:25:55 -0800 (PST) Received: from [10.0.0.17] (251.207.159.143.dyn.plus.net. [143.159.207.251]) by smtp.gmail.com with ESMTPSA id h15sm9617973edz.95.2020.12.11.23.25.54 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 11 Dec 2020 23:25:54 -0800 (PST) From: Neil Madden Mime-Version: 1.0 (1.0) Date: Sat, 12 Dec 2020 07:25:53 +0000 Message-Id: <9167BD6F-0675-4AA3-B4A4-9274DE34F9B7@forgerock.com> References: Cc: Jim Manico , oauth In-Reply-To: To: Brian Campbell X-Mailer: iPhone Mail (18B92) Content-Type: multipart/alternative; boundary=Apple-Mail-DDB13F5F-6FB9-4AE9-897A-7D2E0AA93426 Content-Transfer-Encoding: 7bit Archived-At: Subject: Re: [OAUTH-WG] DPoP followup I: freshness and coverage of signature X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 12 Dec 2020 07:26:02 -0000 --Apple-Mail-DDB13F5F-6FB9-4AE9-897A-7D2E0AA93426 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Not directly related to DPoP or OAuth, but I wrote some notes to help recov= ering XSS Nihilists: https://neilmadden.blog/2020/12/10/xss-doesnt-have-to-= be-game-over/ =E2=80=94 Neil > On 12 Dec 2020, at 00:02, Brian Campbell wrote: >=20 > =EF=BB=BF > I think that puts Jim in the XSS Nihilism camp :)=20 >=20 > Implicit type flows are being deprecated/discouraged. But keeping tokens = out of browsers doesn't seem likely. There is some menton of CSP in https:/= /tools.ietf.org/html/draft-ietf-oauth-browser-based-apps-07#section-9.7=20 >=20 >> On Wed, Dec 9, 2020 at 4:10 PM Jim Manico wrote: >> The basic theme from the web attacker community is: >>=20 >> 1) XSS is a game over event to web clients. XSS can steal or abuse (requ= est forgery) tokens, and more. >>=20 >> 2) Even if you prevent stolen tokens from being used outside of a web cl= ient, XSS still allows the attacker to force a user to make any request in = a fraudulent way, abusing browser based tokens as a form of request forgery= . >>=20 >> 3) There are advanced measures to stop a token from being stolen from a = web client, like a HTTPonly cookies and to a lesser degree, JS Closures and= Webworkers.=20 >>=20 >> 4) However, these measures to protect cookies are mostly moot. Attackers= can just force clients to make fraudulent requests. >>=20 >> 5) Many recommend the BFF pattern to hide tokens on the back end, but st= ill, request forgery via XSS allows all kinds of abuse. >>=20 >> XSS is game over no matter how you slice it. >>=20 >> Crypto solutions do not help. Perhaps the world of OAuth can start sugge= sting that web clients use CSP 3.0 in specific ways, if you still plan to s= upport Implicit type flows or tokens in browsers? >>=20 >> Respectfully, >>=20 >> - Jim >>=20 >>=20 >>=20 >> On 12/9/20 12:57 PM, Brian Campbell wrote: >>> Thanks Philippe, I very much concur with your line of reasoning and the= important considerations. The scenario I was thinking of is: browser based= client where XSS is used to exfiltrate the refresh token along with pre-co= mputed proofs that would allow for the RT to be exchanged for new access to= kens and also pre-computed proofs that would work with those access tokens = for resource access. With the pre-computed proofs that would allow prolonge= d (as long as the RT is valid) access to protected resources even when the = victim is offline. Is that a concrete attack scenario? I mean, kind of. It'= s pretty convoluted/complex. And while an access token hash would reign it = in somewhat (ATs obtained from the stolen RT wouldn't be usable) it's hard = to say if the cost is worth the benefit. >>>=20 >>>=20 >>>=20 >>> On Tue, Dec 8, 2020 at 11:47 PM Philippe De Ryck wrote: >>>> Yeah, browser-based apps are pure fun, aren=E2=80=99t they? :) >>>>=20 >>>> The reason I covered a couple of (pessimistic) XSS scenarios is that t= he discussion started with an assumption that the attacker already successf= ully exploited an XSS vulnerability. I pointed out how, at that point, fine= tuning DPoP proof contents will have little to no effect to stop an attack.= I believe it is important to make this very clear, to avoid people turning= to DPoP as a security mechanism for browser-based applications. >>>>=20 >>>>=20 >>>> Specifically to your question on including the hash in the proof, I th= ink these considerations are important: >>>>=20 >>>> 1. Does the inclusion of the AT hash stop a concrete attack scenario? >>>> 2. Is the =E2=80=9Ccost=E2=80=9D (implementation, getting it right, = =E2=80=A6) worth the benefits? >>>>=20 >>>>=20 >>>> Here=E2=80=99s my view on these considerations (specifically for brows= er-based apps, not for other types of applications): >>>>=20 >>>> 1. The proof precomputation attack is already quite complex, and short= access token lifetimes already reduce the window of attack. If the attacke= r can steal a future AT, they could also precompute new proofs then.=20 >>>> 2. For browser-based apps, it seems that doing this complicates the im= plementation, without adding much benefit. Of course, libraries could handl= e this, which significantly reduces the cost.=20 >>>>=20 >>>>=20 >>>> Note that these comments are specifically to complicating the spec and= implementation. DPoP=E2=80=99s capabilities of using sender-constrained ac= cess tokens are still useful to counter various other scenarios (e.g., midd= leboxes or APIs abusing access tokens). If other applications would signifi= cantly benefit from having the hash in the proof, I=E2=80=99m all for it. >>>>=20 >>>> On a final note, I would be happy to help clear up the details on web-= based threats and defenses if necessary. >>>>=20 >>>> =E2=80=94 >>>> Pragmatic Web Security >>>> Security for developers >>>> https://pragmaticwebsecurity.com/ >>>>=20 >>>>=20 >>>>> On 8 Dec 2020, at 22:47, Brian Campbell = wrote: >>>>>=20 >>>>> Danial recently added some text to the working copy of the draft with= https://github.com/danielfett/draft-dpop/commit/f4b42058 that I think aims= to better convey the "nutshell: XSS =3D Game over" sentiment and maybe dis= suade folks from looking to DPoP as a cure-all for browser based applicatio= ns. Admittedly a lot of the initial impetus behind producing the draft in t= he first place was born out of discussions around browser based apps. But i= t's neither specific to browser based apps nor a panacea for them. I hope t= he language in the document and how it's recently been presented is reflect= ive of that reality.=20 >>>>>=20 >>>>> The more specific discussions/recommendations around in-browser apps = are valuable (if somewhat over my head) but might be more appropriate in th= e OAuth 2.0 for Browser-Based Apps draft. >>>>>=20 >>>>> With respect to the contents of the DPoP draft, I am still keen to tr= y and flush out some consensus around the question posed in the start of th= is thread, which is effectively whether or not to include a hash of the acc= ess token in the proof. Acknowledging that "XSS =3D Game over" does sort o= f evoke a tendency to not even bother with such incremental protections (wh= at I've tried to humorously coin as "XSS Nihilism" with no success). And as= such, I do think that leaving it how it is (no AT hash in the proof) is no= t unreasonable. But, as Filip previously articulated, including the AT hash= in the proof would prevent potentially prolonged access to protected resou= rces even when the victim is offline. And that seems maybe worthwhile to ha= ve in the protocol, given that it's not a huge change to the spec. But it's= a trade-off either way and I'm personally on the fence about it. >>>>>=20 >>>>> Including an RT hash in the proof seems more niche. Best I can tell, = it would guard against prolonged offline access to protected resources when= access tokens are bearer and the RT was DPoP-bound and also gets rotated. = The trade-off there seems less worth it (I think an RT hash would be more a= wkward in the protocol too).=20 >>>>>=20 >>>>>=20 >>>>>=20 >>>>>=20 >>>>>=20 >>>>>=20 >>>>>=20 >>>>> On Fri, Dec 4, 2020 at 5:40 AM Philippe De Ryck wrote: >>>>>>=20 >>>>>>> The suggestion to use a web worker to ensure that proofs cannot be = pre-computed is a good one I think. (You could also use a sandboxed iframe = for a separate sub/sibling-domain - dpop.example.com). >>>>>>=20 >>>>>> An iframe with a different origin would also work (not really sandbo= xing, as that implies the use of the sandbox attribute to enforce behaviora= l restrictions). The downside of an iframe is the need to host additional H= TML, vs a script file for the worker, but the effect is indeed the same. >>>>>>=20 >>>>>>> For scenario 4, I think this only works if the attacker can trick/s= poof the AS into using their redirect_uri? Otherwise the AC will go to the = legitimate app which will reject it due to mismatched state/PKCE. Or are yo= u thinking of XSS on the redirect_uri itself? I think probably a good pract= ice is that the target of a redirect_uri should be a very minimal and locke= d down page to avoid this kind of possibility. (Again, using a separate sub= -domain to handle tokens and DPoP seems like a good idea). >>>>>>=20 >>>>>> My original thought was to use a silent flow with Web Messaging. The= scenario would go as follows: >>>>>>=20 >>>>>> 1. Setup a Web Messaging listener to receive the incoming code >>>>>> 2. Create a hidden iframe with the DOM APIs >>>>>> 3. Create an authorization request such as =E2=80=9C/authorize?respo= nse_type=3Dcode&client_id=3D...&redirect_uri=3Dhttps%3A%2F%example.com&stat= e=3D...&code_challenge=3D7-ffnU1EzHtMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_c= hallenge_method=3DS256&prompt=3Dnone&response_mode=3Dweb_message=E2=80=9D >>>>>> 4. Load this URL in the iframe, and wait for the result >>>>>> 5. Retrieve code in the listener, and use PKCE (+ DPoP if needed) to= exchange it for tokens >>>>>>=20 >>>>>> This puts the attacker in full control over every aspect of the flow= , so no need to manipulate any of the parameters. >>>>>>=20 >>>>>>=20 >>>>>> After your comment, I also believe an attacker can run the same scen= ario without the =E2=80=9Cresponse_mode=3Dweb_message=E2=80=9D. This would = go as follows: >>>>>>=20 >>>>>> 1. Create a hidden iframe with the DOM APIs >>>>>> 2. Setup polling to read the URL (this will be possible for same-ori= gin pages, not for cross-origin pages) >>>>>> 3. Create an authorization request such as =E2=80=9C/authorize?respo= nse_type=3Dcode&client_id=3D...&redirect_uri=3Dhttps%3A%2F%example.com&stat= e=3D...&code_challenge=3D7-ffnU1EzHtMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_c= hallenge_method=3DS256=E2=80=9D >>>>>> 4. Load this URL in the iframe, and keep polling >>>>>> 5. Detect the redirect back to the application with the code in the = URL, retrieve code, and use PKCE (+ DPoP if needed) to exchange it for toke= ns >>>>>>=20 >>>>>> In step 5, the application is likely to also try to exchange the cod= e. This will fail due to a mismatching PKCE verifier. While noisy, I don=E2= =80=99t think it affects the scenario.=20 >>>>>>=20 >>>>>>=20 >>>>>>> IMO, the online attack scenario (i.e., proxying malicious requests = through the victim=E2=80=99s browser) is quite appealing to an attacker, de= spite the apparent inconvenience: >>>>>>>=20 >>>>>>> - the victim=E2=80=99s browser may be inside a corporate firewall = or VPN, allowing the attacker to effectively bypass these restrictions >>>>>>> - the attacker=E2=80=99s traffic is mixed in with the user=E2=80= =99s own requests, making them harder to distinguish or to block >>>>>>>=20 >>>>>>> Overall, DPoP can only protect against XSS to the same level as Htt= pOnly cookies. This is not nothing, but it means it only prevents relativel= y naive attacks. Given the association of public key signatures with strong= authentication, people may have overinflated expectations if DPoP is pitch= ed as an XSS defence. >>>>>>=20 >>>>>> Yes, in the cookie world this is known as =E2=80=9CSession Riding=E2= =80=9D. Having the worker for token isolation would make it possible to enf= orce a coarse-grained policy on outgoing requests to prevent total abuse of= the AT. >>>>>>=20 >>>>>> My main concern here is the effort of doing DPoP in a browser versus= the limited gains. It may also give a false sense of security.=20 >>>>>>=20 >>>>>>=20 >>>>>>=20 >>>>>> With all this said, I believe that the AS can lock down its configur= ation to reduce these attack vectors. A few initial ideas: >>>>>>=20 >>>>>> 1. Disable silent flows for SPAs using RT rotation >>>>>> 2. Use the sec-fetch headers to detect and reject non-silent iframe-= based flows >>>>>>=20 >>>>>> For example, an OAuth 2.0 flow in an iframe in Brave/Chrome carries= these headers: >>>>>> sec-fetch-dest: iframe >>>>>> sec-fetch-mode: navigate >>>>>> sec-fetch-site: cross-site >>>>>> sec-fetch-user: ?1 >>>>>>=20 >>>>>>=20 >>>>>> Philippe >>>>>>=20 >>>>>=20 >>>>> CONFIDENTIALITY NOTICE: This email may contain confidential and privi= leged material for the sole use of the intended recipient(s). Any review, u= se, distribution or disclosure by others is strictly prohibited. If you ha= ve received this communication in error, please notify the sender immediate= ly by e-mail and delete the message and any file attachments from your comp= uter. Thank you. >>>>=20 >>>=20 >>> CONFIDENTIALITY NOTICE: This email may contain confidential and privile= ged material for the sole use of the intended recipient(s). Any review, use= , distribution or disclosure by others is strictly prohibited. If you have= received this communication in error, please notify the sender immediately= by e-mail and delete the message and any file attachments from your comput= er. Thank you.=20 >>>=20 >>> _______________________________________________ >>> OAuth mailing list >>> OAuth@ietf.org >>> https://www.ietf.org/mailman/listinfo/oauth >> --=20 >> Jim Manico >> Manicode Security >> https://www.manicode.com >=20 > CONFIDENTIALITY NOTICE: This email may contain confidential and privilege= d material for the sole use of the intended recipient(s). Any review, use, = distribution or disclosure by others is strictly prohibited. If you have r= eceived this communication in error, please notify the sender immediately b= y e-mail and delete the message and any file attachments from your computer= . Thank you._______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth --=20 ForgeRock values your Privacy --Apple-Mail-DDB13F5F-6FB9-4AE9-897A-7D2E0AA93426 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
    Not directly related t= o DPoP or OAuth, but I wrote some notes to help recovering XSS Nihilists:&n= bsp;https://neilmadden.blog/2020/12/10/xss-doesnt-have-to-be-game-over= /

    =E2=80=94 Neil
    =

    On 12 Dec 2020, at 00:02, Br= ian Campbell <bcampbell=3D40pingidentity.com@dmarc.ietf.org> wrote:
    =EF=BB= =BF
    I think that puts Jim in the XSS Nihilism camp :)&= nbsp;

    Implicit type flows are being deprecated/dis= couraged. But keeping tokens out of browsers doesn't seem likely. There is = some menton of CSP in https://tools.ietf.org/html/draft-iet= f-oauth-browser-based-apps-07#section-9.7

    On Wed, Dec 9, 2020= at 4:10 PM Jim Manico <jim@manicode.com> wrote:
    =20 =20 =20

    The basic theme from the web attacker community is:

    1) XSS is a game over event to web clients. XSS can steal or abuse (request forgery) tokens, and more.

    2) Even if you prevent stolen tokens from being used outside of a web client, XSS still allows the attacker to force a user to make any request in a fraudulent way, abusing browser based tokens as a form of request forgery.

    3) There are advanced measures to stop a token from being stolen from a web client, like a HTTPonly cookies and to a lesser degree, JS Closures and Webworkers.

    4) However, these measures to protect cookies are mostly moot. Attackers can just force clients to make fraudulent requests.

    5) Many recommend the BFF pattern to hide tokens on the back end, but still, request forgery via XSS allows all kinds of abuse.

    XSS is game over no matter how you slice it.

    Crypto solutions do not help. Perhaps the world of OAuth can start suggesting that web clients use CSP 3.0 in specific ways, if you still plan to support Implicit type flows or tokens in browsers?

    Respectfully,

    - Jim


    On 12/9/20 12:57 PM, Brian Campbell wrote:
    =20
    Thanks Philippe, I very much concur with your line of reasoning and the important considerations. The scenario I was thinking of is: browser based client where XSS is used to exfiltrate the refresh token along with pre-computed proofs that would allow for the RT to be exchanged for new access tokens and also pre-computed proofs that would work with those access tokens for resource access. With the pre-computed proofs that would allow prolonged (as long as the RT is valid) access to protected resources even when the victim is offline. Is that a concrete attack scenario? I mean, kind of. It's pretty convoluted/complex. And while an access token hash would reign it in somewhat (ATs obtained from the stolen RT wouldn't be usable) it's hard to say if the cost is worth the benefit.



    On Tue, Dec 8, 2020 at 11:47 PM Philippe De Ryck <philippe@pragmaticwebsecurity.com> wrote:
    Yeah, browser-based apps are pure fun, aren=E2=80=99t they? :)

    The reason I covered a couple of (pessimistic) XSS scenarios is that the discussion started with an assumption that the attacker already successfully exploited an XSS vulnerability. I pointed out how, at that point, finetuning DPoP proof contents will have little to no effect to stop an attack. I believe it is important to make this very clear, to avoid people turning to DPoP as a security mechanism for browser-based applications.


    Specifically to your question on including the hash in the proof, I think these considerations are important:

    1. Does the inclusion of the AT hash stop a concrete attack scenario?
    2. Is the =E2=80=9Ccost=E2=80=9D (implementation, getting = it right, =E2=80=A6) worth the benefits?


    Here=E2=80=99s my view on these considerations (spec= ifically for browser-based apps, not for other types of applications):

    1. The proof precomputation attack is already quite complex, and short access token lifetimes already reduce the window of attack. If the attacker can steal a future AT, they could also precompute new proofs then. 
    2. For browser-based apps, it seems that doing this complicates the implementation, without adding much benefit. Of course, libraries could handle this, which significantly reduces the cost. 


    Note that these comments are specifically to complicating the spec and implementation. DPoP=E2=80=99s capabilities of using sender-constrained access tokens are still useful to counter various other scenarios (e.g., middleboxes or APIs abusing access tokens). If other applications would significantly benefit from having the hash in the proof, I=E2=80=99m all for it.

    On a final note, I would be happy to help clear up the details on web-based threats and defenses if necessary.

    =E2=80=94
    Pragmatic Web Security
    Security for developers
    https://pragmaticwebsecurity.com/


    On 8 Dec 2020, at 22:47, Brian Campbell <bcampbell@pingide= ntity.com> wrote:

    Danial recently added some text to the working copy of the draft with https:= //github.com/danielfett/draft-dpop/commit/f4b42058 that I think aims to better convey the "nutshell: XSS =3D Game over" sentiment and maybe dissuade folks from looking to DPoP as a cure-all for browser based applications. Admittedly a lot of the initial impetus behind producing the draft in the first place was born out of discussions around browser based apps. But it's neither specific to browser based apps nor a panacea for them. I hope the language in the document and how it's recently been presented is reflective of that reality.

    The more specific discussions/recommendations around in-browser apps are valuable (if somewhat over my head) but might be more appropriate in the OAuth 2.0 for Browser-Based Apps draft.

    With respect to the contents of the DPoP draft, I am still keen to try and flush out some consensus around the question posed in the start of this thread, which is effectively whether or not to include a hash of the access token in the proof.  Acknowledging that "XSS= =3D Game over" does sort of evoke a tendency to not even bother with such incremental protections (what I've tried to humorously coin as "XSS Nihilism" with no success). And as such, I do think that leaving it how it is (no AT hash in the proof) is not unreasonable. But, as Filip previously articulated, including the AT hash in the proof would prevent potentially prolonged access to protected resources even when the victim is offline. And that seems maybe worthwhile to have in the protocol, given that it's not a huge change to the spec. But it's a trade-off either way and I'm personally on the fence about it.

    Including an RT hash in the proof seems more niche. Best I can tell, it would guard against prolonged offline access to protected resources when access tokens are bearer and the RT was DPoP-bound and also gets rotated. The trade-off there seems less worth it (I think an RT hash would be more awkward in the protocol too).







    On Fri, Dec 4= , 2020 at 5:40 AM Philippe De Ryck <philippe@pragmat= icwebsecurity.com> wrote:

    The suggestion to use a web worker to ensure that proofs cannot be pre-computed is a good one I think. (You could also use a sandboxed iframe for a separate sub/sibling-domain - dpop.example.com).

    An iframe with a different origin would also work (not really sandboxing, as that implies the use of the sandbox attribute to enforce behavioral restrictions). The downside of an iframe is the need to host additional HTML, vs a script file for the worker, but the effect is indeed the same.

    For scenario 4, I think this only works if the attacker can trick/spoof the AS into using their redirect_uri? Otherwise the AC will go to the legitimate app which will reject it due to mismatched state/PKCE. Or are you thinking of XSS on the redirect_uri itself? I think probably a good practice is that the target of a redirect_uri should be a very minimal and locked down page to avoid this kind of possibility. (Again, using a separate sub-domain to handle tokens and DPoP seems like a good idea).

    My original thought was to use a silent flow with Web Messaging. The scenario would go as follows:

    1. Setup a Web Messaging listener to receive the incoming code
    2. Create a hidden iframe with the DOM APIs
    3. Create an authorization request such as =E2=80=9C/authorize?response_t= ype=3Dcode&client_id=3D...&redirect_uri=3Dhttps%3A%2F%example.com&state=3D...&co= de_challenge=3D7-ffnU1EzHtMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_challen= ge_method=3DS256&prompt=3Dnone&response_mode=3Dweb_message=E2= =80=9D
    4. Load this URL in the iframe, and wait for the result
    5. Retrieve code in the listener, and use PKCE (+ DPoP if needed) to exchange it for tokens

    This puts the attacker in full control over every aspect of the flow, so no need to manipulate any of the parameters.


    After your comment, I also believe an attacker can run the same scenario without the =E2=80=9Cresponse_mode=3Dw= eb_message=E2=80=9D. This would go as follows:

    1. Create a hidden iframe with the DOM APIs
    2. Setup polling to read the URL (this will be possible for same-origin pages, not for cross-origin pages)
    3. Create an authorization request such as =E2=80=9C/authorize?= response_type=3Dcode&client_id=3D...&redirect_uri=3Dhttps%3A%2F%example.com&state=3D= ...&code_challenge=3D7-ffnU1EzHtMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&co= de_challenge_method=3DS256=E2=80=9D
    4. Load this URL in the iframe, and keep polling
    5. Detect the redirect back to the application with the code in the URL, retrieve code, and use PKCE (+ DPoP if needed) to exchange it for tokens

    In step 5, the application is likely to also try to exchange the code. This will fail due to a mismatching PKCE verifier. While noisy, I don=E2=80=99t think it affects= the scenario. 


    IMO, the online attack scenario (i.e., proxying malicious requests through the victim=E2=80=99s browser) is quite appealing to an attacker, despite the apparent inconvenience:

     - the victim=E2=80=99s bro= wser may be inside a corporate firewall or VPN, allowing the attacker to effectively bypass these restrictions
     - the attacker=E2=80=99s t= raffic is mixed in with the user=E2=80=99s ow= n requests, making them harder to distinguish or to block

    Overall, DPoP can only protect against XSS to the same level as HttpOnly cookies. This is not nothing, but it means it only prevents relatively naive attacks. Given the association of public key signatures with strong authentication, people may have overinflated expectations if DPoP is pitched as an XSS defence.

    Yes, in the cookie world this is known as =E2=80=9CSession Riding=E2=80=9D= . Having the worker for token isolation would make it possible to enforce a coarse-grained policy on outgoing requests to prevent total abuse of the AT.

    My main concern here is the effort of doing DPoP in a browser versus the limited gains. It may also give a false sense of security. 



    With all this said, I believe that the AS can lock down its configuration to reduce these attack vectors. A few initial ideas:

    1. Disable silent flows for SPAs using RT rotation
    2. Use the sec-fetch headers to detect and reject non-silent iframe-based flows

    For example,  an OAuth 2.0 flow i= n an iframe in Brave/Chrome carries these headers:
    sec-fetch-dest: iframe
    sec-fetch-mode: navigate
    sec-fetch-site: cross-site
    sec-fetch-user: ?1


    Philippe


    CONFIDENTIALITY NOTICE: Thi= s email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.


    CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you. 
    _______________________________________________
OAuth mailing list
OAuth@ietf.org
h=
ttps://www.ietf.org/mailman/listinfo/oauth

    --=20
Jim Manico
Manicode Security
https://www.manicode=
.com

    <= span style=3D"margin:0px;padding:0px;border:0px;outline:0px;vertical-align:= baseline;background:transparent;font-family:proxima-nova-zendesk,system-ui,= -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ub= untu,Cantarell,"Helvetica Neue",Arial,sans-serif;font-weight:600"= >CONFIDENTIALITY NOTICE: This email may contain confidenti= al and privileged material for the sole use of the intended recipient(s). A= ny review, use, distribution or disclosure by others is strictly prohibited= .  If you have received this communication in error, please notify the= sender immediately by e-mail and delete the message and any file attachmen= ts from your computer. Thank you.__________________= _____________________________
    OAuth mailing list
    = OAuth@ietf.org
    https://www.ietf.org/mailman/listinfo/= oauth

    ForgeRock values your Privacy --Apple-Mail-DDB13F5F-6FB9-4AE9-897A-7D2E0AA93426-- From nobody Sat Dec 12 00:22:22 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DEC163A0E30 for ; Sat, 12 Dec 2020 00:22:20 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.896 X-Spam-Level: X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_FONT_FACE_BAD=0.001, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id coCFqZj96Rqu for ; Sat, 12 Dec 2020 00:22:17 -0800 (PST) Received: from p3plsmtpa12-04.prod.phx3.secureserver.net (p3plsmtpa12-04.prod.phx3.secureserver.net [68.178.252.233]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 514633A0E28 for ; Sat, 12 Dec 2020 00:22:17 -0800 (PST) Received: from [192.168.88.250] ([94.155.17.31]) by :SMTPAUTH: with ESMTPSA id o0ARkWMHE8ysDo0ARkVKdu; Sat, 12 Dec 2020 01:22:16 -0700 X-CMAE-Analysis: v=2.4 cv=QaejAuXv c=1 sm=1 tr=0 ts=5fd47db8 a=+I3yL00+yDwT8KNLgfs+4A==:117 a=+I3yL00+yDwT8KNLgfs+4A==:17 a=q0rX5H01Qin5IyBaTmIA:9 a=r77TgQKjGQsHNAKrUKIA:9 a=yCE9nInwAAAA:8 a=LS6YZpeZAAAA:8 a=8HkmfUwDAAAA:20 a=48vgC7mUAAAA:8 a=A1X0JdhQAAAA:8 a=MtZl3zIB_5iir1E_0eUA:9 a=hcdHy6Ld5rzzJxN4:21 a=avZ1_S-gx1vjhNPO:21 a=QEXdDO2ut3YA:10 a=pGLkceISAAAA:8 a=8bRCynrCIi6lTePkQqUA:9 a=OiT-XLcVxJGpbyCa:21 a=P127TgrVViPDOyxh:21 a=e7L2Q3H1YKq_5i0r:21 a=_W_S_7VecoQA:10 a=D8lnhvtxf0AONpHuB7QA:9 a=ZVk8-NSrHBgA:10 a=30ssDGKg3p0A:10 a=n6bEelttlQx3_n4Es6hb:22 a=IRr2vCDBpksuBOXhfkKu:22 a=w1C3t2QeGrPiZgrLijVG:22 a=Df3jFdWbhGDLdZNm0fyq:22 X-SECURESERVER-ACCT: vladimir@connect2id.com To: oauth@ietf.org References: <30D5F7BA-EA54-4E40-A2FC-222AA0C9AF8D@lodderstedt.net> <353E4494-2F80-44BC-9267-6FB8B37AA0FE@lodderstedt.net> <1B663AA7-563D-4D25-A408-9ED10FD818AC@forgerock.com> From: Vladimir Dzhuvinov Autocrypt: addr=vladimir@connect2id.com; prefer-encrypt=mutual; keydata= mQENBFQZaoEBCACnP2YMDex9fnf+niLglTHGKuoypUSVKPQeKDHHeFQVzhRke+HBEZBwmA9T kZ+kEhyrNqibDPkPYVPmo23tM8mbNcTVQqpmN7NwgMpqkqcAqNsIyBtt09DjWOQVm57A3K+y uXI7SdNErdt79p2xQseOhqSC9+LgWuyh+mZsl2oFD4glFFfKSCMp2jATXrAMeGzigTnW+Xe0 tRzrwFN9zqykKxhUq9oHg1cNvoDtfxgsc9ysVHbxM/PM8o9lgj3YTQwKMBcCFclTqohji7ML fQ08eQo+acKTwC1WRzeLt9PknGt3C4TmvdCl0c1BQTTTNiF96Hu4kbaiBIbsfxJOR8+VABEB AAG0LFZsYWRpbWlyIER6aHV2aW5vdiA8dmxhZGltaXJAY29ubmVjdDJpZC5jb20+iQE+BBMB AgAoBQJUGWqBAhsjBQkJZgGABgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRAZ0vUyOqri Ql62B/wOO0s2JC/QvO6w9iSsRhCOa/JZi+wO+l01V7eGCQ1cYf1W26Y7iKiUlY4/Kz+cr69D pMtkv3UpDTGejKEfspLUxz5Vo3T4oAKbTtNtVIZL/XxH3/JhJ719Jj4eLoe9/djKkGYTX2O5 bMk8TpO1DDjbIw4r9XKI9ZIk96zlKnZvrg7Ho7oOl0ZIf8AzcvdqZEUogDwyr8uwOU+jIyux mOTthepBzXCNjjBjnc8I1//9YppAIaGJ5nnXelVVD1/dyOszogervzFNANEIOvNvCd9G5u4e s7qkDKWKY7/Lj1tF+tMrDTrOh6JqUKbGNeTUB8DlPvIoNyqHUYfBELdpw1Nd Organization: Connect2id Ltd. Message-ID: <4c09c8d4-a7af-9bb9-0f72-9b524f0330d1@connect2id.com> Date: Sat, 12 Dec 2020 10:22:14 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-256; boundary="------------ms040603020505080400070904" X-CMAE-Envelope: MS4xfD2KBQFERm/UfNdV5nO0rJr6KQoXHHEmIoImhLiPPqj55gNBxLFFpDmF1bRP/oOFNDzlVVwewE/1q98qP4tQ27dMOhWtkMegcUCmACuMHPJf40ekRK4Z Q9wrZJPYYg/Y0XjLJ9Dz/1BijtNNTKRy+1EseeMAlhUQ703Xp7uI+h9znnggManxqq9ZhI2Hb97sBQ== Archived-At: Subject: Re: [OAUTH-WG] DPoP followup I: freshness and coverage of signature X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 12 Dec 2020 08:22:21 -0000 This is a cryptographically signed message in MIME format. --------------ms040603020505080400070904 Content-Type: multipart/alternative; boundary="------------851CD3725F4BE23C2F783620" Content-Language: en-US This is a multi-part message in MIME format. --------------851CD3725F4BE23C2F783620 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable If the current DPoP has code complexity "X", the relative additional complexity to include access token hashes doesn't seem like very much. An app choosing DPoP means accepting the code complexity that comes with dealing with keys, composing the signing inputs for the proofs, signing, the necessary changes to the token and RS requests. On the other hand, for some people that additional access token hash may become the straw that breaks the camel's back, causing them to quit their jobs developing web apps and never look back :) Have you thought about letting deployments decide about the access token hash? To say look, there is also the option to bind an access token to the DPoP proof, the security benefits can be such an such, and this is how it can be done. What I don't like about that proposal: * It will complicate the spec * The current spec doesn't require implementers / deployments to make any decisions, apart from adopt / not DPoP (okay, also choose a JWS alg) - which is actually a great feature to have Vladimir On 12/12/2020 01:58, Brian Campbell wrote: > Any type of client could use DPoP and (presumably) benefit from > sender-constrained access tokens. So yeah, adding complexity > specifically for browser-based applications (that only mitigates one > variation of the attacks possible with XSS anyway)=C2=A0 has 'cost' imp= act > to those clients as well. And should be considered in the > cost/benefit. Including the AT hash isn't terribly complicated but > it's not trivial either. I'm honestly still unsure but am leaning > towards it not being worth adding. > > On Fri, Dec 11, 2020 at 2:14 AM Philippe De Ryck > > wrote: > > The scenario you describe here is realistic in browser-based apps > with XSS vulnerabilities, but it is pretty complex. Since there > are worse problems when XSS happens, it=E2=80=99s hard to say wheth= er DPoP > should mitigate this.=C2=A0 > > I=E2=80=99m wondering what other types of clients would benefit fro= m using > DPoP for access tokens? Mobile apps? Clients using a Client > Credentials grant? > > How are they impacted by any change made specifically for > browser-based applications? > > Philippe > > >> On 9 Dec 2020, at 23:57, Brian Campbell >> > >> wrote: >> >> Thanks Philippe, I very much concur with your line of reasoning >> and the important considerations. The scenario I was thinking of >> is: browser based client where XSS is used to exfiltrate the >> refresh token along with pre-computed proofs that would allow for >> the RT to be exchanged for new access tokens and also >> pre-computed proofs that would work with those access tokens for >> resource access. With the pre-computed proofs that would allow >> prolonged (as long as the RT is valid) access to protected >> resources even when the victim is offline. Is that a concrete >> attack scenario? I mean, kind of. It's pretty convoluted/complex. >> And while an access token hash would reign it in somewhat (ATs >> obtained from the stolen RT wouldn't be usable) it's hard to say >> if the cost is worth the benefit. >> >> >> >> On Tue, Dec 8, 2020 at 11:47 PM Philippe De Ryck >> > > wrote: >> >> Yeah, browser-based apps are pure fun, aren=E2=80=99t they? :)= >> >> The reason I covered a couple of (pessimistic) XSS scenarios >> is that the discussion started with an assumption that the >> attacker already successfully exploited an XSS vulnerability. >> I pointed out how, at that point, finetuning DPoP proof >> contents will have little to no effect to stop an attack. I >> believe it is important to make this very clear, to avoid >> people turning to DPoP as a security mechanism for >> browser-based applications. >> >> >> Specifically to your question on including the hash in the >> proof, I think these considerations are important: >> >> 1. Does the inclusion of the AT hash stop a concrete attack >> scenario? >> 2. Is the =E2=80=9Ccost=E2=80=9D (implementation, getting it r= ight, =E2=80=A6) worth >> the benefits? >> >> >> Here=E2=80=99s my view on these considerations (*/specifically= for >> browser-based apps, not for other types of applications/*): >> >> 1. The proof precomputation attack is already quite complex, >> and short access token lifetimes already reduce the window of >> attack. If the attacker can steal a future AT, they could >> also precompute new proofs then.=C2=A0 >> 2. For browser-based apps, it seems that doing this >> complicates the implementation, without adding much benefit. >> Of course, libraries could handle this, which significantly >> reduces the cost.=C2=A0 >> >> >> Note that these comments are specifically to complicating the >> spec and implementation. DPoP=E2=80=99s capabilities of using >> sender-constrained access tokens are still useful to counter >> various other scenarios (e.g., middleboxes or APIs abusing >> access tokens). If other applications would significantly >> benefit from having the hash in the proof, I=E2=80=99m all for= it. >> >> On a final note, I would be happy to help clear up the >> details on web-based threats and defenses if necessary. >> >> =E2=80=94 >> *Pragmatic Web Security* >> /Security for developers/ >> https://pragmaticwebsecurity.com/ >> >> >>> On 8 Dec 2020, at 22:47, Brian Campbell >>> >> > wrote: >>> >>> Danial recently added some text to the working copy of the >>> draft with >>> https://github.com/danielfett/draft-dpop/commit/f4b42058 >>> that I think aims to better convey the "nutshell: XSS =3D Gam= e >>> over" sentiment and maybe dissuade folks from looking to >>> DPoP as a cure-all for browser based applications. >>> Admittedly a lot of the initial impetus behind producing the >>> draft in the first place was born out of discussions around >>> browser based apps. But it's neither specific to browser >>> based apps nor a panacea for them. I hope the language in >>> the document and how it's recently been presented is >>> reflective of that reality. >>> >>> The more specific discussions/recommendations around >>> in-browser apps are valuable (if somewhat over my head) but >>> might be more appropriate in the OAuth 2.0 for Browser-Based >>> Apps >>> >>> draft. >>> >>> With respect to the contents of the DPoP draft, I am still >>> keen to try and flush out some consensus around the question >>> posed in the start of this thread, which is effectively >>> whether or not to include a hash of the access token in the >>> proof.=C2=A0 Acknowledging that "XSS =3D Game over" does sort= of >>> evoke a tendency to not even bother with such incremental >>> protections (what I've tried to humorously coin as "XSS >>> Nihilism" with no success). And as such, I do think that >>> leaving it how it is (no AT hash in the proof) is not >>> unreasonable. But, as Filip previously articulated, >>> including the AT hash in the proof would prevent potentially >>> prolonged access to protected resources even when the victim >>> is offline. And that seems maybe worthwhile to have in the >>> protocol, given that it's not a huge change to the spec. But >>> it's a trade-off either way and I'm personally on the fence >>> about it. >>> >>> Including an RT hash in the proof seems more niche. Best I >>> can tell, it would guard against prolonged offline access to >>> protected resources when access tokens are bearer and the RT >>> was DPoP-bound and also gets rotated. The trade-off there >>> seems less worth it (I think an RT hash would be more >>> awkward in the protocol too). >>> >>> >>> >>> >>> >>> >>> >>> On Fri, Dec 4, 2020 at 5:40 AM Philippe De Ryck >>> >> > wrote: >>> >>> >>>> The suggestion to use a web worker to ensure that >>>> proofs cannot be pre-computed is a good one I think. >>>> (You could also use a sandboxed iframe for a separate >>>> sub/sibling-domain - dpop.example.com >>>> ). >>> >>> An iframe with a different origin would also work (not >>> really sandboxing, as that implies the use of the >>> sandbox attribute to enforce behavioral restrictions). >>> The downside of an iframe is the need to host additional >>> HTML, vs a script file for the worker, but the effect is >>> indeed the same. >>> >>>> For scenario 4, I think this only works if the attacker >>>> can trick/spoof the AS into using their redirect_uri? >>>> Otherwise the AC will go to the legitimate app which >>>> will reject it due to mismatched state/PKCE. Or are you >>>> thinking of XSS on the redirect_uri itself? I think >>>> probably a good practice is that the target of a >>>> redirect_uri should be a very minimal and locked down >>>> page to avoid this kind of possibility. (Again, using a >>>> separate sub-domain to handle tokens and DPoP seems >>>> like a good idea). >>> >>> My original thought was to use a silent flow with Web >>> Messaging. The scenario would go as follows: >>> >>> 1. Setup a Web Messaging listener to receive the >>> incoming code >>> 2. Create a hidden iframe with the DOM APIs >>> 3. Create an authorization request such as >>> =E2=80=9C//authorize?response_type=3Dcode&client_id=3D...= &redirect_uri=3Dhttps%3A%2F%example.com >>> &state=3D...&code_challenge=3D7-ffnU= 1EzHtMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256&prompt= =3Dnone&response_mode=3Dweb_message/=E2=80=9D >>> 4. Load this URL in the iframe, and wait for the result >>> 5. Retrieve code in the listener, and use PKCE (+ DPoP >>> if needed) to exchange it for tokens >>> >>> This puts the attacker in full control over every aspect >>> of the flow, so no need to manipulate any of the paramete= rs. >>> >>> >>> After your comment, I also believe an attacker can run >>> the same scenario without the >>> =E2=80=9C/response_mode=3Dweb_message/=E2=80=9D. This wou= ld go as follows: >>> >>> 1. Create a hidden iframe with the DOM APIs >>> 2. Setup polling to read the URL (this will be possible >>> for same-origin pages, not for cross-origin pages) >>> 3. Create an authorization request such as >>> =E2=80=9C//authorize?response_type=3Dcode&client_id=3D...= &redirect_uri=3Dhttps%3A%2F%example.com >>> &state=3D...&code_challenge=3D7-ffnU= 1EzHtMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256/=E2=80= =9D >>> 4. Load this URL in the iframe, and keep polling >>> 5. Detect the redirect back to the application with the >>> code in the URL, retrieve code, and use PKCE (+ DPoP if >>> needed) to exchange it for tokens >>> >>> In step 5, the application is likely to also try to >>> exchange the code. This will fail due to a mismatching >>> PKCE verifier. While noisy, I don=E2=80=99t think it affe= cts the >>> scenario.=C2=A0 >>> >>> >>>> IMO, the online attack scenario (i.e., proxying >>>> malicious requests through the victim=E2=80=99s browser)= is >>>> quite appealing to an attacker, despite the apparent >>>> inconvenience: >>>> >>>> =C2=A0- the victim=E2=80=99s browser may be inside a cor= porate >>>> firewall or VPN, allowing the attacker to effectively >>>> bypass these restrictions >>>> =C2=A0- the attacker=E2=80=99s traffic is mixed in with = the user=E2=80=99s >>>> own requests, making them harder to distinguish or to bl= ock >>>> >>>> Overall, DPoP can only protect against XSS to the same >>>> level as HttpOnly cookies. This is not nothing, but it >>>> means it only prevents relatively naive attacks. Given >>>> the association of public key signatures with strong >>>> authentication, people may have overinflated >>>> expectations if DPoP is pitched as an XSS defence. >>> >>> Yes, in the cookie world this is known as =E2=80=9CSessio= n >>> Riding=E2=80=9D. Having the worker for token isolation wo= uld >>> make it possible to enforce a coarse-grained policy on >>> outgoing requests to prevent total abuse of the AT. >>> >>> My main concern here is the effort of doing DPoP in a >>> browser versus the limited gains. It may also give a >>> false sense of security.=C2=A0 >>> >>> >>> >>> With all this said, I believe that the AS can lock down >>> its configuration to reduce these attack vectors. A few >>> initial ideas: >>> >>> 1. Disable silent flows for SPAs using RT rotation >>> 2. Use the sec-fetch headers to detect and reject >>> non-silent iframe-based flows >>> >>> For example, =C2=A0an OAuth 2.0 flow in an iframe in >>> Brave/Chrome carries these headers: >>> / >>> sec-fetch-dest: iframe >>> sec-fetch-mode: navigate >>> sec-fetch-site: cross-site >>> sec-fetch-user: ?1 >>> / >>> >>> >>> Philippe >>> >>> >>> /CONFIDENTIALITY NOTICE: This email may contain confidential >>> and privileged material for the sole use of the intended >>> recipient(s). Any review, use, distribution or disclosure by >>> others is strictly prohibited.=C2=A0 If you have received thi= s >>> communication in error, please notify the sender immediately >>> by e-mail and delete the message and any file attachments >>> from your computer. Thank you./ >> >> >> /CONFIDENTIALITY NOTICE: This email may contain confidential and >> privileged material for the sole use of the intended >> recipient(s). Any review, use, distribution or disclosure by >> others is strictly prohibited.=C2=A0 If you have received this >> communication in error, please notify the sender immediately by >> e-mail and delete the message and any file attachments from your >> computer. Thank you./ > > > > > > /CONFIDENTIALITY NOTICE: This email may contain confidential and > privileged material for the sole use of the intended recipient(s). Any > review, use, distribution or disclosure by others is strictly > prohibited.=C2=A0 If you have received this communication in error, ple= ase > notify the sender immediately by e-mail and delete the message and any > file attachments from your computer. Thank you./ > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth --=20 Vladimir Dzhuvinov --------------851CD3725F4BE23C2F783620 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable

    If the current DPoP has code complexity "X", the relative additional complexity to include access token hashes doesn't seem like very much. An app choosing DPoP means accepting the code complexity that comes with dealing with keys, composing the signing inputs for the proofs, signing, the necessary changes to the token and RS requests. On the other hand, for some people that additional access token hash may become the straw that breaks the camel's back, causing them to quit their jobs developing web apps and never look back :)

    Have you thought about letting deployments decide about the access token hash? To say look, there is also the option to bind an access token to the DPoP proof, the security benefits can be such an such, and this is how it can be done.

    What I don't like about that proposal:

    • It will complicate the spec

    • The current spec doesn't require implementers / deployments to make any decisions, apart from adopt / not DPoP (okay, also choose a JWS alg) - which is actually a great feature to have
      =


    Vladimir


    On 12/12/2020 01:58, Brian Campbell wrote:
    Any type of client could use DPoP and (presumably)= benefit from sender-constrained access tokens. So yeah, adding complexity specifically for browser-based applications (that only mitigates one variation of the attacks possible with XSS anyway)=C2=A0 has= 'cost' impact to those clients as well. And should be considered in the cost/benefit. Including the AT hash isn't terribly complicated but it's not trivial either. I'm honestly still unsure but am leaning towards it not being worth adding.

    On Fri, Dec 11, 2020 at 2:1= 4 AM Philippe De Ryck <philippe@pragmatic= websecurity.com> wrote:
    =
    The scenario you describe here is realistic in browser-based apps with XSS vulnerabilities, but it is pretty complex. Since there are worse problems when XSS happens, it=E2=80=99s hard to say whether DPoP should mitigat= e this.=C2=A0

    I=E2=80=99m wondering what other types of clients would = benefit from using DPoP for access tokens? Mobile apps? Clients using a Client Credentials grant?

    How are they impacted by any change made specifically for browser-based applications?

    Philippe


    On 9 Dec 2020, at 23:57, Brian Campbell <bcam= pbell@pingidentity.com> wrote:

    Thanks Philippe, I very much concur with your line of reasoning and the important considerations. The scenario I was thinking of is: browser based client where XSS is used to exfiltrate the refresh token along with pre-computed proofs that would allow for the RT to be exchanged for new access tokens and also pre-computed proofs that would work with those access tokens for resource access. With the pre-computed proofs that would allow prolonged (as long as the RT is valid) access to protected resources even when the victim is offline. Is that a concrete attack scenario? I mean, kind of. It's pretty convoluted/complex. And while an access token hash would reign it in somewhat (ATs obtained from the stolen RT wouldn't be usable) it's hard to say if the cost is worth the benefit.



    On Tue, D= ec 8, 2020 at 11:47 PM Philippe De Ryck <philippe@pragmatic= websecurity.com> wrote:
    Yeah, browser-based apps are pure fun, aren=E2=80=99t they? :)

    The reason I covered a couple of (pessimistic) XSS scenarios is that the discussion started with an assumption that the attacker already successfully exploited an XSS vulnerability. I pointed out how, at that point, finetuning DPoP proof contents will have little to no effect to stop an attack. I believe it is important to make this very clear, to avoid people turning to DPoP as a security mechanism for browser-based applications.


    Specifically to your question on including the hash in the proof, I think these considerations are important:
    =

    1. Does the inclusion of the AT hash stop a concrete attack scenario?
    2. Is the =E2=80=9Ccost=E2=80=9D (impl= ementation, getting it right, =E2=80=A6) worth the be= nefits?


    Here=E2=80=99s my view on these considerations (specifically for browser-based apps, not for other types of applications):
    =

    1. The proof precomputation attack is already quite complex, and short access token lifetimes already reduce the window of attack. If the attacker can steal a future AT, they could also precompute new proofs then.=C2=A0
    2. For browser-based apps, it seems that doing this complicates the implementation, without adding much benefit. Of course, libraries could handle this, which significantly reduces the cost.=C2=A0


    Note that these comments are specifically to complicating the spec and implementation. DPoP=E2=80=99s capabi= lities of using sender-constrained access tokens are still useful to counter various other scenarios (e.g., middleboxes or APIs abusing access tokens). If other applications would significantly benefit from having the hash in the proof, I=E2=80=99m all for it= =2E

    On a final note, I would be happy to help clear up the details on web-based threats and defenses if necessary.

    =E2=80=94
    Pragmatic Web Security
    = Security for developers https:= //pragmaticwebsecurity.com/


    On 8 Dec 2020, at 22:47, Brian Campbell <bcampb= ell@pingidentity.com> wrote:

    Danial recently added some text to the working copy of the draft with ht= tps://github.com/danielfett/draft-dpop/commit/f4b42058 that I think aims to better convey the "nutshell: XSS =3D= Game over" sentiment and maybe dissuade folks from looking to DPoP as a cure-all for browser based applications. Admittedly a lot of the initial impetus behind producing the draft in the first place was born out of discussions around browser based apps. But it's neither specific to browser based apps nor a panacea for them. I hope the language in the document and how it's recently been presented is reflective of that reality.

    The more specific discussions/recommendations around in-browser apps are valuable (if somewhat over my head) but might be more appropriate in the OA= uth 2.0 for Browser-Based Apps<= /a> draft.

    With respect to the contents of the DPoP draft, I am still keen to try and flush out some consensus around the question posed in the start of this thread, which is effectively whether or not to include a hash of the access token in the proof.=C2=A0 Acknowledging th= at "XSS =3D Game over" does sort= of evoke a tendency to not even bother with such incremental protections (what I've tried to humorously coin as "XSS Nihilism" with no success). And as such, I do think that leaving it how it is (no AT hash in the proof) is not unreasonable. But, as Filip previously articulated, including the AT hash in the proof would prevent potentially prolonged access to protected resources even when the victim is offline. And that seems maybe worthwhile to have in the protocol, given that it's not a huge change to the spec. But it's a trade-off either way and I'm personally on the fence about it.

    Including an RT hash in the proof seems more niche. Best I can tell, it would guard against prolonged offline access to protected resources when access tokens are bearer and the RT was DPoP-bound and also gets rotated. The trade-off there seems less worth it (I think an RT hash would be more awkward in the protocol too).







    On Fri, Dec 4, 2020 at 5:40 AM Philippe De Ryck <ph= ilippe@pragmaticwebsecurity.com> wrote:

    The suggestion to use a web worker to ensure that proofs cannot be pre-computed is a good one I think. (You could also use a sandboxed iframe for a separate sub/sibling-dom= ain - dpop.example.com).

    An iframe with a different origin would also work (not really sandboxing, as that implies the use of the sandbox attribute to enforce behavioral restrictions). The downside of an iframe is the need to host additional HTML, vs a script file for the worker, but the effect is indeed the same.

    For scenario 4, I think this only works if the attacker can trick/spoof the AS into using their redirect_uri? Otherwise the AC will go to the legitimate app which will reject it due to mismatched state/PKCE. Or are you thinking of XSS on the redirect_uri itself? I think probably a good practice is that the target of a redirect_uri should be a very minimal and locked down page to avoid this kind of possibility. (Again, using a separate sub-domain to handle tokens and DPoP seems like a good idea).

    My original thought was to use a silent flow with Web Messaging. The scenario would go as follows:

    1. Setup a Web Messaging listener to receive the incoming code
    2. Create a hidden iframe with the DOM APIs
    3. Create an authorization request such as =E2=80= =9C/authorize?response_type=3Dcode&client_id=3D...&redirect_ur= i=3Dhttps%3A%2F%e= xample.com&state=3D...&code_challenge=3D7-ffnU1EzHtMfxOAdlkp_= WixnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256&prompt=3Dnone= &response_mode=3Dweb_message=E2=80=9D
    4. Load this URL in the iframe, and wait for the result
    5. Retrieve code in the listener, and use PKCE (+ DPoP if needed) to exchange it for tokens

    This puts the attacker in full control over every aspect of the flow, so no need to manipulate any of the parameters.
    =


    After your comment, I also believe an attacker can run the same scenario without the =E2=80=9Cresponse_= mode=3Dweb_message=E2=80=9D. This would go as follows:

    1. Create a hidden iframe with the DOM APIs
    2. Setup polling to read the URL (this will be possible for same-origin pages, not for cross-origin pages)
    3. Create an authorization request such as =E2= =80=9C/authorize?response_type=3Dcode&client_id=3D...&redirect= _uri=3Dhttps%3A%2F%e= xample.com&state=3D...&code_challenge=3D7-ffnU1EzHtMfxOAdlkp_= WixnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256=E2=80=9D
    4. Load this URL in the iframe, and keep polling
    5. Detect the redirect back to the application with the code in the URL, retrieve code, and use PKCE (+ DPoP if needed) to exchange it for tokens

    In step 5, the application is likely to also try to exchange the code. This will fail due to a mismatching PKCE verifier. While noisy, I don=E2=80=99= t think it affects the scenario.=C2=A0=


    IMO, the online attack scenario (i.e., proxying malicious requests through the victim=E2=80=99= s browser) is quite appealing to an attacker, despite the apparent inconvenience:<= /div>

    =C2=A0- the victim=E2=80=99= s browser may be inside a corporate firewall or VPN, allowing the attacker to effectively bypass these restrictions
    =C2=A0- the attacker=E2=80=99= s traffic is mixed in with the user=E2=80=99= s own requests, making them harder to distinguish or to block

    Overall, DPoP can only protect against XSS to the same level as HttpOnly cookies. This is not nothing, but it means it only prevents relatively naive attacks. Given the association of public key signatures with strong authentication,= people may have overinflated expectations if DPoP is pitched as an XSS defence.

    Yes, in the cookie world this is known as =E2=80=9CSes= sion Riding=E2=80=9D. Havi= ng the worker for token isolation would make it possible to enforce a coarse-grained policy on outgoing requests to prevent total abuse of the AT.

    My main concern here is the effort of doing DPoP in a browser versus the limited gains. It may also give a false sense of security.=C2=A0
    =



    With all this said, I believe that the AS can lock down its configuration to reduce these attack vectors. A few initial ideas:

    1. Disable silent flows for SPAs using RT rotation
    2. Use the sec-fetch headers to detect and reject non-silent iframe-based flows

    For example, =C2=A0= an OAuth 2.0 flow in an iframe in Brave/Chrome carries these headers:
    sec-fetch-= dest: iframe
    sec-fetch-= mode: navigate
    sec-fetch-= site: cross-site
    sec-fetch-= user: ?1

    Philippe


    CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.=C2=A0 = If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.=


    = CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.=C2=A0 If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.<= /font>





    C= ONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.=C2=A0 If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you. 
    ____________________________=
___________________
OAuth mailing list
OAut=
h@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

    --=20
Vladimir Dzhuvinov
    --------------851CD3725F4BE23C2F783620-- --------------ms040603020505080400070904 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADCABgkqhkiG9w0BBwEAAKCC CzMwggUbMIIEA6ADAgECAhBs/e7jES6a32XKZxs4R01iMA0GCSqGSIb3DQEBCwUAMIGWMQsw CQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxm b3JkMRgwFgYDVQQKEw9TZWN0aWdvIExpbWl0ZWQxPjA8BgNVBAMTNVNlY3RpZ28gUlNBIENs aWVudCBBdXRoZW50aWNhdGlvbiBhbmQgU2VjdXJlIEVtYWlsIENBMB4XDTE5MTEwMjAwMDAw MFoXDTIxMTEwMTIzNTk1OVowKDEmMCQGCSqGSIb3DQEJARYXdmxhZGltaXJAY29ubmVjdDJp ZC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG5mL+CcvSppMj/W8Kd0/E 1/y5/s94gmbIFzEugHyMPV2dd6lusiALe35QCtu3e8Wy6FkCwzxWmmzhF4FY/e4uPbDjco3w /GgHhz2KXe385u31c32/uM3jRqhYT5JvmXxte/GgmjcW1yWcPkKEz/sCezdIYpI9Pek+P4Gr xmbt8H+wJrwfrXKTJXXT+gFjCcZDRLm67X4U57TsaCoezTe7zOoPX9zxMTyZD/cvC/SfuVxQ U60ZsfZzdcgPwScgy3JaiPegcbnqqebjJqtRx42eRjrBZ1/u411rHN2QQLgiih7D1/4PJC9f /8nHgaerLy3ogdu1dw5+vQ1TRIYBmcIXAgMBAAGjggHQMIIBzDAfBgNVHSMEGDAWgBQJwPL8 C9qU21/+K9+omULPyeCtADAdBgNVHQ4EFgQU446sriG/NgywLZA2oBG79Yr2qyAwDgYDVR0P AQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwQGCCsGAQUFBwMC MEAGA1UdIAQ5MDcwNQYMKwYBBAGyMQECAQEBMCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8vc2Vj dGlnby5jb20vQ1BTMFoGA1UdHwRTMFEwT6BNoEuGSWh0dHA6Ly9jcmwuc2VjdGlnby5jb20v U2VjdGlnb1JTQUNsaWVudEF1dGhlbnRpY2F0aW9uYW5kU2VjdXJlRW1haWxDQS5jcmwwgYoG CCsGAQUFBwEBBH4wfDBVBggrBgEFBQcwAoZJaHR0cDovL2NydC5zZWN0aWdvLmNvbS9TZWN0 aWdvUlNBQ2xpZW50QXV0aGVudGljYXRpb25hbmRTZWN1cmVFbWFpbENBLmNydDAjBggrBgEF BQcwAYYXaHR0cDovL29jc3Auc2VjdGlnby5jb20wIgYDVR0RBBswGYEXdmxhZGltaXJAY29u bmVjdDJpZC5jb20wDQYJKoZIhvcNAQELBQADggEBAEE73kCtUigl/bhLrqS6AsCU+jKm1fxq BY09+ktBwVcu5WgM18Uov3WvzVnjXn5BNNVM3RwhWFXyW3pPnDPyjqgxcpfoyY5SJEzvcPlu wm69z/dzqasVhsHPIFSjACnUBrFZPsq/abMQr4yFOMVyX/EudYgmZVu2Er9Ui7YbTO1Nolap xlseQIgQhVcr7aSs02PLDANuwW/asgKExYzhPdt9MF1lezj968Mv74kRo1T/lm5RFNfh2QdM 9C0n1t+qRCrRF1VbsiTgChjazgNGbvl12bOAujX0up4hqw+7PaCcI3Mpyv/rKKKrRG52iCcv cMHX344tOqKM/DIdF/0WNpkwggYQMIID+KADAgECAhBNlCwQ1DvglAnFgS06KwZPMA0GCSqG SIb3DQEBDAUAMIGIMQswCQYDVQQGEwJVUzETMBEGA1UECBMKTmV3IEplcnNleTEUMBIGA1UE BxMLSmVyc2V5IENpdHkxHjAcBgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29yazEuMCwGA1UE AxMlVVNFUlRydXN0IFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0xODExMDIwMDAw MDBaFw0zMDEyMzEyMzU5NTlaMIGWMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBN YW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRgwFgYDVQQKEw9TZWN0aWdvIExpbWl0ZWQx PjA8BgNVBAMTNVNlY3RpZ28gUlNBIENsaWVudCBBdXRoZW50aWNhdGlvbiBhbmQgU2VjdXJl IEVtYWlsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjztlApB/975Rrno 1jvm2pK/KxBOqhq8gr2+JhwpKirSzZxQgT9tlC7zl6hn1fXjSo5MqXUfItMltrMaXqcESJuK 8dtK56NCSrq4iDKaKq9NxOXFmqXX2zN8HHGjQ2b2Xv0v1L5Nk1MQPKA19xeWQcpGEGFUUd0k N+oHox+L9aV1rjfNiCj3bJk6kJaOPabPi2503nn/ITX5e8WfPnGw4VuZ79Khj1YBrf24k5Ee 1sLTHsLtpiK9OjG4iQRBdq6Z/TlVx/hGAez5h36bBJMxqdHLpdwIUkTqT8se3ed0PewDch/8 kHPo5fZl5u1B0ecpq/sDN/5sCG52Ds+QU5O5EwIDAQABo4IBZDCCAWAwHwYDVR0jBBgwFoAU U3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFAnA8vwL2pTbX/4r36iZQs/J4K0AMA4G A1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMC BggrBgEFBQcDBDARBgNVHSAECjAIMAYGBFUdIAAwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDov L2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUNlcnRpZmljYXRpb25BdXRob3JpdHku Y3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3Qu Y29tL1VTRVJUcnVzdFJTQUFkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2Nz cC51c2VydHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQBBRHUAqznCFfXejpVtMnFojADd F9d6HBA4kMjjsb0XMZHztuOCtKF+xswhh2GqkW5JQrM8zVlU+A2VP72Ky2nlRA1GwmIPgou7 4TZ/XTarHG8zdMSgaDrkVYzz1g3nIVO9IHk96VwsacIvBF8JfqIs+8aWH2PfSUrNxP6Ys7U0 sZYx4rXD6+cqFq/ZW5BUfClN/rhk2ddQXyn7kkmka2RQb9d90nmNHdgKrwfQ49mQ2hWQNDkJ JIXwKjYA6VUR/fZUFeCUisdDe/0ABLTI+jheXUV1eoYV7lNwNBKpeHdNuO6Aacb533JlfeUH xvBz9OfYWUiXu09sMAviM11Q0DuMZ5760CdO2VnpsXP4KxaYIhvqPqUMWqRdWyn7crItNkZe roXaecG03i3mM7dkiPaCkgocBg0EBYsbZDZ8bsG3a08LwEsL1Ygz3SBsyECa0waq4hOf/Z85 F2w2ZpXfP+w8q4ifwO90SGZZV+HR/Jh6rEaVPDRF/CEGVqR1hiuQOZ1YL5ezMTX0ZSLwrymU E0pwi/KDaiYB15uswgeIAcA6JzPFf9pLkAFFWs1QNyN++niFhsM47qodx/PL+5jR87myx5uY dBEQkkDc+lKB1Wct6ucXqm2EmsaQ0M95QjTmy+rDWjkDYdw3Ms6mSWE3Bn7i5ZgtwCLXgAIe 5W8mybM2JzGCBDIwggQuAgEBMIGrMIGWMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRl ciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRgwFgYDVQQKEw9TZWN0aWdvIExpbWl0 ZWQxPjA8BgNVBAMTNVNlY3RpZ28gUlNBIENsaWVudCBBdXRoZW50aWNhdGlvbiBhbmQgU2Vj dXJlIEVtYWlsIENBAhBs/e7jES6a32XKZxs4R01iMA0GCWCGSAFlAwQCAQUAoIICVzAYBgkq hkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0yMDEyMTIwODIyMTRaMC8G CSqGSIb3DQEJBDEiBCApNBLP8alE5OGZv10kj+9QpoLDGr1Z6aeBNthLYK49/zBsBgkqhkiG 9w0BCQ8xXzBdMAsGCWCGSAFlAwQBKjALBglghkgBZQMEAQIwCgYIKoZIhvcNAwcwDgYIKoZI hvcNAwICAgCAMA0GCCqGSIb3DQMCAgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMIG8Bgkr BgEEAYI3EAQxga4wgaswgZYxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNo ZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE+MDwG A1UEAxM1U2VjdGlnbyBSU0EgQ2xpZW50IEF1dGhlbnRpY2F0aW9uIGFuZCBTZWN1cmUgRW1h aWwgQ0ECEGz97uMRLprfZcpnGzhHTWIwgb4GCyqGSIb3DQEJEAILMYGuoIGrMIGWMQswCQYD VQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3Jk MRgwFgYDVQQKEw9TZWN0aWdvIExpbWl0ZWQxPjA8BgNVBAMTNVNlY3RpZ28gUlNBIENsaWVu dCBBdXRoZW50aWNhdGlvbiBhbmQgU2VjdXJlIEVtYWlsIENBAhBs/e7jES6a32XKZxs4R01i MA0GCSqGSIb3DQEBAQUABIIBAI/gt52aux9EGFhxaiCvfhx54fBQa/uLH2PuCqSJ8qgq3P9E kr6MMh5SnBpaDSM5gF8EKbVYRPyEa6wAImDh1B5NqGCDNbLEoqeJwfUd1W4mK62nNfiA/Aqt 8WNESLn7ibcC3iwFGuvivZaa/7D4njClqjN8HKNM1xQOtZ0Ku1l9KDlKcn5fV1Pr5GNqscIP ytTj+5Dk8TviBnHn0sN4CFXGGgn4oHF5HgseK3KlQmGntsG6lwuLPjMwBqNQwCRPUd2X5MFB dLsh84kbiRxeBqRtvy1j05HD9latA+VVNRN8fRi2rIEOByoUvFb8mj1X1TRK0nAY6XpfFrIX hkBRSOEAAAAAAAA= --------------ms040603020505080400070904-- From nobody Sat Dec 12 02:07:47 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BF6993A0FC5 for ; Sat, 12 Dec 2020 02:07:44 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.096 X-Spam-Level: X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_FONT_FACE_BAD=0.001, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lodderstedt.net Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lXUGK9r_zqsa for ; Sat, 12 Dec 2020 02:07:40 -0800 (PST) Received: from mail-wr1-x42e.google.com (mail-wr1-x42e.google.com [IPv6:2a00:1450:4864:20::42e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 91DFD3A0FC2 for ; Sat, 12 Dec 2020 02:07:39 -0800 (PST) Received: by mail-wr1-x42e.google.com with SMTP id w5so7744359wrm.11 for ; Sat, 12 Dec 2020 02:07:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lodderstedt.net; s=google; h=content-transfer-encoding:from:mime-version:subject:date:message-id :references:cc:in-reply-to:to; bh=ZQ3hsEv/2GyenMnzcFnzYZDhO1dUWQjnWUu/N6hRlQg=; b=sL9F+IJUX1dQykb/DtghJZZKlwVP5RmgY/uDyU3Nq/GARyyNm8ZKrb7UPGgJGlfkyU lg0rAHcxcXBuZVuFA8ocg8Wm5TJ3X5GLT/ijw4kXjQM1WYnuqM/Pu66p8g2MVQ/zo5BV QG6ZeZtoXdQK6DzbHG9Mtadmp1PatlLv8LYhq3nZDzhtmyTZ1pxCrLPJOAKg0X0YZ1VX 7iDHvliWVMWcZoLDLg7mP+OGzyJH1UE0ISb07PGGhTXenzo8mwIuPkme5qBISxoK4QLO isYaF0eFxy/gUgnNlWoHtbJEkc0UWLTbS8ezYQaeUTnKIOh3FuOnENXeipVI0jyFqe7v +v4A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:content-transfer-encoding:from:mime-version :subject:date:message-id:references:cc:in-reply-to:to; bh=ZQ3hsEv/2GyenMnzcFnzYZDhO1dUWQjnWUu/N6hRlQg=; b=kP/U7ldEGaENnFevJoB0HqMV3gmVnHp5jPeIp6otUZ8yw7978o5q9Ipg0aVluXLN44 FTFJCBjwF/qYKIdYt0JGXGsiQ7ilSrVIilh0IAwauIvC8roxaZ3HRKd8IWvsdVdE710l vwn9ZlQ5AN9/6n7d9iNITO1C2eaDHleywdBuLydrQG3reP5qrtEr0y4tsZZqLqUWf2pl ruoe78VxfiHvVMfEavGtYkOnFgcvRUGJubxtSz58MDLIIWKEl79B2cd9qjyEoghws0WZ KgTb3cExknDBtCNRNHaaCKyNUmtMddNHA3k/2MZ+IWdP+vZ8XCtQzKeVs8dHJJLn0YHh df1w== X-Gm-Message-State: AOAM530yq20X4Up76/SdPYQ8Etnv4rKn67ta9qcXPtHbkZA7xZ7bf58H //CRnu3lgiQoC450e+ZDCWXimQ== X-Google-Smtp-Source: ABdhPJxyRll4jQcU3fBzxAIZKMYt7t+CPD4cpi2/cyDZ5weBsoMG1N1yyCGG4sxRXbEgw/kApjwvDQ== X-Received: by 2002:adf:9cca:: with SMTP id h10mr11288331wre.77.1607767657292; Sat, 12 Dec 2020 02:07:37 -0800 (PST) Received: from ?IPv6:2003:eb:8f1b:fae3:5541:8cbe:7369:6453? (p200300eb8f1bfae355418cbe73696453.dip0.t-ipconnect.de. [2003:eb:8f1b:fae3:5541:8cbe:7369:6453]) by smtp.gmail.com with ESMTPSA id l8sm19528358wmf.35.2020.12.12.02.07.35 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sat, 12 Dec 2020 02:07:36 -0800 (PST) Content-Type: multipart/signed; boundary=Apple-Mail-BEBA49D1-29EE-49B7-A465-D234DA5E242C; protocol="application/pkcs7-signature"; micalg=sha-256 Content-Transfer-Encoding: 7bit From: Torsten Lodderstedt Mime-Version: 1.0 (1.0) Date: Sat, 12 Dec 2020 11:07:33 +0100 Message-Id: <798C19BE-4589-404D-AE5B-D7502E3748FF@lodderstedt.net> References: <9167BD6F-0675-4AA3-B4A4-9274DE34F9B7@forgerock.com> Cc: Brian Campbell , oauth In-Reply-To: <9167BD6F-0675-4AA3-B4A4-9274DE34F9B7@forgerock.com> To: Neil Madden X-Mailer: iPad Mail (18B92) Archived-At: Subject: Re: [OAUTH-WG] DPoP followup I: freshness and coverage of signature X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 12 Dec 2020 10:07:45 -0000 --Apple-Mail-BEBA49D1-29EE-49B7-A465-D234DA5E242C Content-Type: multipart/alternative; boundary=Apple-Mail-DD5B7246-DF46-42B8-82D6-9E7E34EA7529 Content-Transfer-Encoding: 7bit --Apple-Mail-DD5B7246-DF46-42B8-82D6-9E7E34EA7529 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Thanks for sharing, Neil! I=E2=80=98ve got some questions: Note: I assume the tokens you are referring in your article are OAuth access= tokens. - carrying tokens in URLs wie considered bad practice by the Security BCP an= d OAuth 2.1 due to leakage via referrer headers and so on. Why isn=E2=80=99t= this an issue with your approach? - generating (self contained) or using (handles) per URL access tokens might= be rather expensive. Can you sketch out how you wanna cope with that challe= nge? - per URL Access tokens are a very consequent Form or audience restriction. H= ow do you wanna signal the audience to the AS? best regards, Torsten. > Am 12.12.2020 um 08:26 schrieb Neil Madden : >=20 > =EF=BB=BF > Not directly related to DPoP or OAuth, but I wrote some notes to help reco= vering XSS Nihilists: https://neilmadden.blog/2020/12/10/xss-doesnt-have-to-= be-game-over/ >=20 > =E2=80=94 Neil >=20 >>> On 12 Dec 2020, at 00:02, Brian Campbell wrote: >>>=20 >> =EF=BB=BF >> I think that puts Jim in the XSS Nihilism camp :)=20 >>=20 >> Implicit type flows are being deprecated/discouraged. But keeping tokens o= ut of browsers doesn't seem likely. There is some menton of CSP in https://t= ools.ietf.org/html/draft-ietf-oauth-browser-based-apps-07#section-9.7=20 >>=20 >>> On Wed, Dec 9, 2020 at 4:10 PM Jim Manico wrote: >>> The basic theme from the web attacker community is: >>>=20 >>> 1) XSS is a game over event to web clients. XSS can steal or abuse (requ= est forgery) tokens, and more. >>>=20 >>> 2) Even if you prevent stolen tokens from being used outside of a web cl= ient, XSS still allows the attacker to force a user to make any request in a= fraudulent way, abusing browser based tokens as a form of request forgery. >>>=20 >>> 3) There are advanced measures to stop a token from being stolen from a w= eb client, like a HTTPonly cookies and to a lesser degree, JS Closures and W= ebworkers.=20 >>>=20 >>> 4) However, these measures to protect cookies are mostly moot. Attackers= can just force clients to make fraudulent requests. >>>=20 >>> 5) Many recommend the BFF pattern to hide tokens on the back end, but st= ill, request forgery via XSS allows all kinds of abuse. >>>=20 >>> XSS is game over no matter how you slice it. >>>=20 >>> Crypto solutions do not help. Perhaps the world of OAuth can start sugge= sting that web clients use CSP 3.0 in specific ways, if you still plan to su= pport Implicit type flows or tokens in browsers? >>>=20 >>> Respectfully, >>>=20 >>> - Jim >>>=20 >>>=20 >>>=20 >>> On 12/9/20 12:57 PM, Brian Campbell wrote: >>>> Thanks Philippe, I very much concur with your line of reasoning and the= important considerations. The scenario I was thinking of is: browser based c= lient where XSS is used to exfiltrate the refresh token along with pre-compu= ted proofs that would allow for the RT to be exchanged for new access tokens= and also pre-computed proofs that would work with those access tokens for r= esource access. With the pre-computed proofs that would allow prolonged (as l= ong as the RT is valid) access to protected resources even when the victim i= s offline. Is that a concrete attack scenario? I mean, kind of. It's pretty c= onvoluted/complex. And while an access token hash would reign it in somewhat= (ATs obtained from the stolen RT wouldn't be usable) it's hard to say if th= e cost is worth the benefit. >>>>=20 >>>>=20 >>>>=20 >>>> On Tue, Dec 8, 2020 at 11:47 PM Philippe De Ryck wrote: >>>>> Yeah, browser-based apps are pure fun, aren=E2=80=99t they? :) >>>>>=20 >>>>> The reason I covered a couple of (pessimistic) XSS scenarios is that t= he discussion started with an assumption that the attacker already successfu= lly exploited an XSS vulnerability. I pointed out how, at that point, finetu= ning DPoP proof contents will have little to no effect to stop an attack. I b= elieve it is important to make this very clear, to avoid people turning to D= PoP as a security mechanism for browser-based applications. >>>>>=20 >>>>>=20 >>>>> Specifically to your question on including the hash in the proof, I th= ink these considerations are important: >>>>>=20 >>>>> 1. Does the inclusion of the AT hash stop a concrete attack scenario? >>>>> 2. Is the =E2=80=9Ccost=E2=80=9D (implementation, getting it right, =E2= =80=A6) worth the benefits? >>>>>=20 >>>>>=20 >>>>> Here=E2=80=99s my view on these considerations (specifically for brows= er-based apps, not for other types of applications): >>>>>=20 >>>>> 1. The proof precomputation attack is already quite complex, and short= access token lifetimes already reduce the window of attack. If the attacker= can steal a future AT, they could also precompute new proofs then.=20 >>>>> 2. For browser-based apps, it seems that doing this complicates the im= plementation, without adding much benefit. Of course, libraries could handle= this, which significantly reduces the cost.=20 >>>>>=20 >>>>>=20 >>>>> Note that these comments are specifically to complicating the spec and= implementation. DPoP=E2=80=99s capabilities of using sender-constrained acc= ess tokens are still useful to counter various other scenarios (e.g., middle= boxes or APIs abusing access tokens). If other applications would significan= tly benefit from having the hash in the proof, I=E2=80=99m all for it. >>>>>=20 >>>>> On a final note, I would be happy to help clear up the details on web-= based threats and defenses if necessary. >>>>>=20 >>>>> =E2=80=94 >>>>> Pragmatic Web Security >>>>> Security for developers >>>>> https://pragmaticwebsecurity.com/ >>>>>=20 >>>>>=20 >>>>>> On 8 Dec 2020, at 22:47, Brian Campbell w= rote: >>>>>>=20 >>>>>> Danial recently added some text to the working copy of the draft with= https://github.com/danielfett/draft-dpop/commit/f4b42058 that I think aims t= o better convey the "nutshell: XSS =3D Game over" sentiment and maybe dissua= de folks from looking to DPoP as a cure-all for browser based applications. A= dmittedly a lot of the initial impetus behind producing the draft in the fir= st place was born out of discussions around browser based apps. But it's nei= ther specific to browser based apps nor a panacea for them. I hope the langu= age in the document and how it's recently been presented is reflective of th= at reality.=20 >>>>>>=20 >>>>>> The more specific discussions/recommendations around in-browser apps a= re valuable (if somewhat over my head) but might be more appropriate in the O= Auth 2.0 for Browser-Based Apps draft. >>>>>>=20 >>>>>> With respect to the contents of the DPoP draft, I am still keen to tr= y and flush out some consensus around the question posed in the start of thi= s thread, which is effectively whether or not to include a hash of the acces= s token in the proof. Acknowledging that "XSS =3D Game over" does sort of e= voke a tendency to not even bother with such incremental protections (what I= 've tried to humorously coin as "XSS Nihilism" with no success). And as such= , I do think that leaving it how it is (no AT hash in the proof) is not unre= asonable. But, as Filip previously articulated, including the AT hash in the= proof would prevent potentially prolonged access to protected resources eve= n when the victim is offline. And that seems maybe worthwhile to have in the= protocol, given that it's not a huge change to the spec. But it's a trade-o= ff either way and I'm personally on the fence about it. >>>>>>=20 >>>>>> Including an RT hash in the proof seems more niche. Best I can tell, i= t would guard against prolonged offline access to protected resources when a= ccess tokens are bearer and the RT was DPoP-bound and also gets rotated. The= trade-off there seems less worth it (I think an RT hash would be more awkwa= rd in the protocol too).=20 >>>>>>=20 >>>>>>=20 >>>>>>=20 >>>>>>=20 >>>>>>=20 >>>>>>=20 >>>>>>=20 >>>>>> On Fri, Dec 4, 2020 at 5:40 AM Philippe De Ryck wrote: >>>>>>>=20 >>>>>>>> The suggestion to use a web worker to ensure that proofs cannot be p= re-computed is a good one I think. (You could also use a sandboxed iframe fo= r a separate sub/sibling-domain - dpop.example.com). >>>>>>>=20 >>>>>>> An iframe with a different origin would also work (not really sandbo= xing, as that implies the use of the sandbox attribute to enforce behavioral= restrictions). The downside of an iframe is the need to host additional HTM= L, vs a script file for the worker, but the effect is indeed the same. >>>>>>>=20 >>>>>>>> For scenario 4, I think this only works if the attacker can trick/s= poof the AS into using their redirect_uri? Otherwise the AC will go to the l= egitimate app which will reject it due to mismatched state/PKCE. Or are you t= hinking of XSS on the redirect_uri itself? I think probably a good practice i= s that the target of a redirect_uri should be a very minimal and locked down= page to avoid this kind of possibility. (Again, using a separate sub-domain= to handle tokens and DPoP seems like a good idea). >>>>>>>=20 >>>>>>> My original thought was to use a silent flow with Web Messaging. The= scenario would go as follows: >>>>>>>=20 >>>>>>> 1. Setup a Web Messaging listener to receive the incoming code >>>>>>> 2. Create a hidden iframe with the DOM APIs >>>>>>> 3. Create an authorization request such as =E2=80=9C/authorize?respo= nse_type=3Dcode&client_id=3D...&redirect_uri=3Dhttps%3A%2F%example.com&state= =3D...&code_challenge=3D7-ffnU1EzHtMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_cha= llenge_method=3DS256&prompt=3Dnone&response_mode=3Dweb_message=E2=80=9D >>>>>>> 4. Load this URL in the iframe, and wait for the result >>>>>>> 5. Retrieve code in the listener, and use PKCE (+ DPoP if needed) to= exchange it for tokens >>>>>>>=20 >>>>>>> This puts the attacker in full control over every aspect of the flow= , so no need to manipulate any of the parameters. >>>>>>>=20 >>>>>>>=20 >>>>>>> After your comment, I also believe an attacker can run the same scen= ario without the =E2=80=9Cresponse_mode=3Dweb_message=E2=80=9D. This would g= o as follows: >>>>>>>=20 >>>>>>> 1. Create a hidden iframe with the DOM APIs >>>>>>> 2. Setup polling to read the URL (this will be possible for same-ori= gin pages, not for cross-origin pages) >>>>>>> 3. Create an authorization request such as =E2=80=9C/authorize?respo= nse_type=3Dcode&client_id=3D...&redirect_uri=3Dhttps%3A%2F%example.com&state= =3D...&code_challenge=3D7-ffnU1EzHtMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_cha= llenge_method=3DS256=E2=80=9D >>>>>>> 4. Load this URL in the iframe, and keep polling >>>>>>> 5. Detect the redirect back to the application with the code in the U= RL, retrieve code, and use PKCE (+ DPoP if needed) to exchange it for tokens= >>>>>>>=20 >>>>>>> In step 5, the application is likely to also try to exchange the cod= e. This will fail due to a mismatching PKCE verifier. While noisy, I don=E2=80= =99t think it affects the scenario.=20 >>>>>>>=20 >>>>>>>=20 >>>>>>>> IMO, the online attack scenario (i.e., proxying malicious requests t= hrough the victim=E2=80=99s browser) is quite appealing to an attacker, desp= ite the apparent inconvenience: >>>>>>>>=20 >>>>>>>> - the victim=E2=80=99s browser may be inside a corporate firewall o= r VPN, allowing the attacker to effectively bypass these restrictions >>>>>>>> - the attacker=E2=80=99s traffic is mixed in with the user=E2=80=99= s own requests, making them harder to distinguish or to block >>>>>>>>=20 >>>>>>>> Overall, DPoP can only protect against XSS to the same level as Htt= pOnly cookies. This is not nothing, but it means it only prevents relatively= naive attacks. Given the association of public key signatures with strong a= uthentication, people may have overinflated expectations if DPoP is pitched a= s an XSS defence. >>>>>>>=20 >>>>>>> Yes, in the cookie world this is known as =E2=80=9CSession Riding=E2= =80=9D. Having the worker for token isolation would make it possible to enfo= rce a coarse-grained policy on outgoing requests to prevent total abuse of t= he AT. >>>>>>>=20 >>>>>>> My main concern here is the effort of doing DPoP in a browser versus= the limited gains. It may also give a false sense of security.=20 >>>>>>>=20 >>>>>>>=20 >>>>>>>=20 >>>>>>> With all this said, I believe that the AS can lock down its configur= ation to reduce these attack vectors. A few initial ideas: >>>>>>>=20 >>>>>>> 1. Disable silent flows for SPAs using RT rotation >>>>>>> 2. Use the sec-fetch headers to detect and reject non-silent iframe-= based flows >>>>>>>=20 >>>>>>> For example, an OAuth 2.0 flow in an iframe in Brave/Chrome carries= these headers: >>>>>>> sec-fetch-dest: iframe >>>>>>> sec-fetch-mode: navigate >>>>>>> sec-fetch-site: cross-site >>>>>>> sec-fetch-user: ?1 >>>>>>>=20 >>>>>>>=20 >>>>>>> Philippe >>>>>>>=20 >>>>>>=20 >>>>>> CONFIDENTIALITY NOTICE: This email may contain confidential and privi= leged material for the sole use of the intended recipient(s). Any review, us= e, distribution or disclosure by others is strictly prohibited. If you have= received this communication in error, please notify the sender immediately b= y e-mail and delete the message and any file attachments from your computer.= Thank you. >>>>>=20 >>>>=20 >>>> CONFIDENTIALITY NOTICE: This email may contain confidential and privile= ged material for the sole use of the intended recipient(s). Any review, use,= distribution or disclosure by others is strictly prohibited. If you have r= eceived this communication in error, please notify the sender immediately by= e-mail and delete the message and any file attachments from your computer. T= hank you.=20 >>>>=20 >>>> _______________________________________________ >>>> OAuth mailing list >>>> OAuth@ietf.org >>>> https://www.ietf.org/mailman/listinfo/oauth >>> --=20 >>> Jim Manico >>> Manicode Security >>> https://www.manicode.com >>=20 >> CONFIDENTIALITY NOTICE: This email may contain confidential and privilege= d material for the sole use of the intended recipient(s). Any review, use, d= istribution or disclosure by others is strictly prohibited. If you have rec= eived this communication in error, please notify the sender immediately by e= -mail and delete the message and any file attachments from your computer. Th= ank you._______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth >=20 > ForgeRock values your Privacy_____________________________________________= __ > OAuth mailing list > OAuth@ietf.org > https://www.google.com/url?q=3Dhttps://www.ietf.org/mailman/listinfo/oauth= &source=3Dgmail-imap&ust=3D1608362770000000&usg=3DAOvVaw31Ss8FnOZiHe2e0_3e_u= Ng --Apple-Mail-DD5B7246-DF46-42B8-82D6-9E7E34EA7529 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable
    Thanks for sharing, Neil!<= /div>

    I=E2=80=98ve got some quest= ions:
    Note: I assume the tokens you are referring in y= our article are OAuth access tokens.
    - carrying tokens= in URLs wie considered bad practice by the Security BCP and OAuth 2.1 due t= o leakage via referrer headers and so on. Why isn=E2=80=99t this an issue wi= th your approach?
    - generating (self contained) or usi= ng (handles) per URL access tokens might be rather expensive. Can you sketch= out how you wanna cope with that challenge?
    - per URL= Access tokens are a very consequent Form or audience restriction. How do yo= u wanna signal the audience to the AS?

    best regards,
    Torsten.

    Am 12.12.2020 um 08:26 schrieb Neil Madden &= lt;neil.madden@forgerock.com>:

    =EF=BB=BF
    Not directly related to DP= oP or OAuth, but I wrote some notes to help recovering XSS Nihilists: <= a href=3D"https://www.google.com/url?q=3Dhttps://neilmadden.blog/2020/12/10/= xss-doesnt-have-to-be-game-over/&source=3Dgmail-imap&ust=3D160836277= 0000000&usg=3DAOvVaw0yYI59zhIOa_v1Bqbg5MrM">https://neilmadden.blog/2020= /12/10/xss-doesnt-have-to-be-game-over/

    =
    =E2=80=94 Neil

    On 12 Dec 2020, at 00:02, Brian Campbell <bcampbell=3D40pingidenti= ty.com@dmarc.ietf.org> wrote:

    =EF=BB=BF
    I think that puts Jim= in the XSS Nihilism camp :) 

    Implicit type fl= ows are being deprecated/discouraged. But keeping tokens out of browsers doe= sn't seem likely. There is some menton of CSP in https://tools.ietf.org/html/draft-ietf-oa= uth-browser-based-apps-07#section-9.7

    On Wed, Dec 9, 2020 at 4:= 10 PM Jim Manico <j= im@manicode.com> wrote:
    =20 =20 =20

    The basic theme from the web attacker community is:

    1) XSS is a game over event to web clients. XSS can steal or abuse (request forgery) tokens, and more.

    2) Even if you prevent stolen tokens from being used outside of a web client, XSS still allows the attacker to force a user to make any request in a fraudulent way, abusing browser based tokens as a form of request forgery.

    3) There are advanced measures to stop a token from being stolen from a web client, like a HTTPonly cookies and to a lesser degree, JS Closures and Webworkers.

    4) However, these measures to protect cookies are mostly moot. Attackers can just force clients to make fraudulent requests.

    5) Many recommend the BFF pattern to hide tokens on the back end, but still, request forgery via XSS allows all kinds of abuse.

    XSS is game over no matter how you slice it.

    Crypto solutions do not help. Perhaps the world of OAuth can start suggesting that web clients use CSP 3.0 in specific ways, if you still plan to support Implicit type flows or tokens in browsers?

    Respectfully,

    - Jim


    On 12/9/20 12:57 PM, Brian Campbell wrote:
    =20
    Thanks Philippe, I very much concur with your line of reasoning and the important considerations. The scenario I was thinking of is: browser based client where XSS is used to exfiltrate the refresh token along with pre-computed proofs that would allow for the RT to be exchanged for new access tokens and also pre-computed proofs that would work with those access tokens for resource access. With the pre-computed proofs that would allow prolonged (as long as the RT is valid) access to protected resources even when the victim is offline. Is that a concrete attack scenario? I mean, kind of. It's pretty convoluted/complex. And while an access token hash would reign it in somewhat (ATs obtained from the stolen RT wouldn't be usable) it's hard to say if the cost is worth the benefit.



    On Tue, Dec 8, 2020 at 11:47 PM Philippe De Ryck <philippe@pragmaticwebsecurity.com> wrote:
    Yeah, browser-based apps are pure fun, aren=E2=80=99t they? :)

    The reason I covered a couple of (pessimistic) XSS scenarios is that the discussion started with an assumption that the attacker already successfully exploited an XSS vulnerability. I pointed out how, at that point, finetuning DPoP proof contents will have little to no effect to stop an attack. I believe it is important to make this very clear, to avoid people turning to DPoP as a security mechanism for browser-based applications.


    Specifically to your question on including the hash in the proof, I think these considerations are important:

    1. Does the inclusion of the AT hash stop a concrete attack scenario?
    2. Is the =E2=80=9Ccost=E2=80=9D (implementation, getting i= t right, =E2=80=A6) worth the benefits?


    Here=E2=80=99s my view on these considerations (speci= fically for browser-based apps, not for other types of applications):

    1. The proof precomputation attack is already quite complex, and short access token lifetimes already reduce the window of attack. If the attacker can steal a future AT, they could also precompute new proofs then. 
    2. For browser-based apps, it seems that doing this complicates the implementation, without adding much benefit. Of course, libraries could handle this, which significantly reduces the cost. 


    Note that these comments are specifically to complicating the spec and implementation. DPoP=E2=80=99s capabilities of using sender-constrained access tokens are still useful to counter various other scenarios (e.g., middleboxes or APIs abusing access tokens). If other applications would significantly benefit from having the hash in the proof, I=E2=80=99m all for it.

    On a final note, I would be happy to help clear up the details on web-based threats and defenses if necessary.

    =E2=80=94
    Pragmatic Web Security
    Security for developers
    https://pragmaticwebs= ecurity.com/


    On 8 Dec 2020, at 22:47, Brian Campbell <bcampbell@pingident= ity.com> wrote:

    Danial recently added some text to the working copy of the draft with https://github.com/danielfett/draft-dpo= p/commit/f4b42058 that I think aims to better convey the "nutshell: XSS =3D Game over" sentiment and maybe dissuade folks from looking to DPoP as a cure-all for browser based applications. Admittedly a lot of the initial impetus behind producing the draft in the first place was born out of discussions around browser based apps. But it's neither specific to browser based apps nor a panacea for them. I hope the language in the document and how it's recently been presented is reflective of that reality.

    The more specific discussions/recommendations around in-browser apps are valuable (if somewhat over my head) but might be more appropriate in the OAuth 2.0 for Browser-Based Apps draft.

    With respect to the contents of the DPoP draft, I am still keen to try and flush out some consensus around the question posed in the start of this thread, which is effectively whether or not to include a hash of the access token in the proof.  Acknowledging that "XSS =3D= Game over" does sort of evoke a tendency to not even bother with such incremental protections (what I've tried to humorously coin as "XSS Nihilism" with no success). And as such, I do think that leaving it how it is (no AT hash in the proof) is not unreasonable. But, as Filip previously articulated, including the AT hash in the proof would prevent potentially prolonged access to protected resources even when the victim is offline. And that seems maybe worthwhile to have in the protocol, given that it's not a huge change to the spec. But it's a trade-off either way and I'm personally on the fence about it.

    Including an RT hash in the proof seems more niche. Best I can tell, it would guard against prolonged offline access to protected resources when access tokens are bearer and the RT was DPoP-bound and also gets rotated. The trade-off there seems less worth it (I think an RT hash would be more awkward in the protocol too).







    On Fri, Dec 4,= 2020 at 5:40 AM Philippe De Ryck <philippe@pragmatic= websecurity.com> wrote:

    The suggestion to use a web worker to ensure that proofs cannot be pre-computed is a good one I think. (You could also use a sandboxed iframe for a separate sub/sibling-domain - dpop.example.com).

    An iframe with a different origin would also work (not really sandboxing, as that implies the use of the sandbox attribute to enforce behavioral restrictions). The downside of an iframe is the need to host additional HTML, vs a script file for the worker, but the effect is indeed the same.

    For scenario 4, I think this only works if the attacker can trick/spoof the AS into using their redirect_uri? Otherwise the AC will go to the legitimate app which will reject it due to mismatched state/PKCE. Or are you thinking of XSS on the redirect_uri itself? I think probably a good practice is that the target of a redirect_uri should be a very minimal and locked down page to avoid this kind of possibility. (Again, using a separate sub-domain to handle tokens and DPoP seems like a good idea).

    My original thought was to use a silent flow with Web Messaging. The scenario would go as follows:

    1. Setup a Web Messaging listener to receive the incoming code
    2. Create a hidden iframe with the DOM APIs
    3. Create an authorization request such as =E2=80=9C/authorize?response_ty= pe=3Dcode&client_id=3D...&redirect_uri=3Dhttps%3A%2F%example.com&state=3D...&code_challenge=3D7-ffnU1EzHtMfxOAdlk= p_WixnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256&prompt=3Dnone&= amp;response_mode=3Dweb_message=E2=80=9D
    4. Load this URL in the iframe, and wait for the result
    5. Retrieve code in the listener, and use PKCE (+ DPoP if needed) to exchange it for tokens

    This puts the attacker in full control over every aspect of the flow, so no need to manipulate any of the parameters.


    After your comment, I also believe an attacker can run the same scenario without the =E2=80=9Cresponse_mode=3Dwe= b_message=E2=80=9D. This would go as follows:

    1. Create a hidden iframe with the DOM APIs
    2. Setup polling to read the URL (this will be possible for same-origin pages, not for cross-origin pages)
    3. Create an authorization request such as =E2=80=9C/authorize?r= esponse_type=3Dcode&client_id=3D...&redirect_uri=3Dhttps%3A%2F%example.com&state=3D...&code_challenge=3D7-ffnU1Ez= HtMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256=E2=80= =9D
    4. Load this URL in the iframe, and keep polling
    5. Detect the redirect back to the application with the code in the URL, retrieve code, and use PKCE (+ DPoP if needed) to exchange it for tokens

    In step 5, the application is likely to also try to exchange the code. This will fail due to a mismatching PKCE verifier. While noisy, I don=E2=80=99t think it affects t= he scenario. 


    IMO, the online attack scenario (i.e., proxying malicious requests through the victim=E2=80=99s browser) is quite appealing to an attacker, despite the apparent inconvenience:

     - the victim=E2=80=99s brow= ser may be inside a corporate firewall or VPN, allowing the attacker to effectively bypass these restrictions
     - the attacker=E2=80=99s tr= affic is mixed in with the user=E2=80=99s own= requests, making them harder to distinguish or to block

    Overall, DPoP can only protect against XSS to the same level as HttpOnly cookies. This is not nothing, but it means it only prevents relatively naive attacks. Given the association of public key signatures with strong authentication, people may have overinflated expectations if DPoP is pitched as an XSS defence.

    Yes, in the cookie world this is known as =E2=80=9CSession Riding=E2=80=9D.= Having the worker for token isolation would make it possible to enforce a coarse-grained policy on outgoing requests to prevent total abuse of the AT.

    My main concern here is the effort of doing DPoP in a browser versus the limited gains. It may also give a false sense of security. 



    With all this said, I believe that the AS can lock down its configuration to reduce these attack vectors. A few initial ideas:

    1. Disable silent flows for SPAs using RT rotation
    2. Use the sec-fetch headers to detect and reject non-silent iframe-based flows

    For example,  an OAuth 2.0 flow in= an iframe in Brave/Chrome carries these headers:
    sec-fetch-dest: iframe
    sec-fetch-mode: navigate
    sec-fetch-site: cross-site
    sec-fetch-user: ?1


    Philippe


    CONFIDENTIALITY NOTICE: This= email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.


    CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you. 
    _______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/list=
info/oauth

    --=20
Jim Manico
Manicode Security
https://www.manicode.com

    CONFIDENTIALITY NOTICE: This email may contain confidential and pr= ivileged material for the sole use of the intended recipient(s). Any review,= use, distribution or disclosure by others is strictly prohibited.  If y= ou have received this communication in error, please notify the sender immed= iately by e-mail and delete the message and any file attachments from your c= omputer. Thank you._________________________________= ______________
    OAuth mailing list
    OAuth@ietf= .org
    https://www.ietf.org/mailman/listinfo/oauth
    <= /div>

    ForgeRock values your Privacy_________________________________= ______________
    OAuth mailing list
    OAuth@ietf= .org
    https://www.google.com/url?q=3Dhttps://www.ietf.org/mai= lman/listinfo/oauth&source=3Dgmail-imap&ust=3D1608362770000000&u= sg=3DAOvVaw31Ss8FnOZiHe2e0_3e_uNg
    = --Apple-Mail-DD5B7246-DF46-42B8-82D6-9E7E34EA7529-- --Apple-Mail-BEBA49D1-29EE-49B7-A465-D234DA5E242C Content-Type: application/pkcs7-signature; name=smime.p7s Content-Disposition: attachment; filename=smime.p7s Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADCABgkqhkiG9w0BBwEAAKCCBPgw ggT0MIID3KADAgECAhBpfEIkHQiWmzF6zDsgdF+DMA0GCSqGSIb3DQEBCwUAMIGNMQswCQYDVQQG EwJJVDEQMA4GA1UECAwHQmVyZ2FtbzEZMBcGA1UEBwwQUG9udGUgU2FuIFBpZXRybzEjMCEGA1UE CgwaQWN0YWxpcyBTLnAuQS4vMDMzNTg1MjA5NjcxLDAqBgNVBAMMI0FjdGFsaXMgQ2xpZW50IEF1 dGhlbnRpY2F0aW9uIENBIEcyMB4XDTIwMDIyMzE3MjEzOVoXDTIxMDIyMzE3MjEzOVowIjEgMB4G A1UEAwwXdG9yc3RlbkBsb2RkZXJzdGVkdC5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQCrIaCISpAU98m6ZkDyUR3My5imAF4TKQk8eqo+oQ06PTWT/3yJXujVCjjOqOl8p11v/RoN Gf8zqYbBsqGBuJx2NyxFmAnmCjcbnxihQdcmuxLm6izvxr2MawOovDheMXnfmGy/Ns5Fs6bd+M5F jCNhP+Gljvgm/SFq1skvs7YUX2FxZmh+xPMm3FZ/a6Lyhkrd3JHzEqv8VWY69Aehezg39OuPJEpb IdjK/eBcmaIG0qn5RQdXLByJYfXhepyVAZPJT5rAgaIQL/IjSIVInxf3FxOv+ELMAErclws6mKzy zkY2JiItPEpKWzAWGCxCX2o0JjVj1f7xgaunLfJ+Ec0lAgMBAAGjggG4MIIBtDAMBgNVHRMBAf8E AjAAMB8GA1UdIwQYMBaAFGvyjZ5owSUEH1E0V/YWXJTqTWkaMH4GCCsGAQUFBwEBBHIwcDA7Bggr BgEFBQcwAoYvaHR0cDovL2NhY2VydC5hY3RhbGlzLml0L2NlcnRzL2FjdGFsaXMtYXV0Y2xpZzIw MQYIKwYBBQUHMAGGJWh0dHA6Ly9vY3NwMDkuYWN0YWxpcy5pdC9WQS9BVVRIQ0wtRzIwIgYDVR0R BBswGYEXdG9yc3RlbkBsb2RkZXJzdGVkdC5uZXQwRwYDVR0gBEAwPjA8BgYrgR8BGAEwMjAwBggr BgEFBQcCARYkaHR0cHM6Ly93d3cuYWN0YWxpcy5pdC9hcmVhLWRvd25sb2FkMB0GA1UdJQQWMBQG CCsGAQUFBwMCBggrBgEFBQcDBDBIBgNVHR8EQTA/MD2gO6A5hjdodHRwOi8vY3JsMDkuYWN0YWxp cy5pdC9SZXBvc2l0b3J5L0FVVEhDTC1HMi9nZXRMYXN0Q1JMMB0GA1UdDgQWBBSuRfshihlGSEJ7 2UeyOZRJ1YYyMDAOBgNVHQ8BAf8EBAMCBaAwDQYJKoZIhvcNAQELBQADggEBAH/3ECMSOoOLiwCe GsBj/WWnUhXvZyHmz3LW0DVdH3s30b2HWpomEVNDN3cWt4QSRhISqV0xyyChL6THhDY+Um2mo+z/ L5fxHd3MjhzvYKwUtLUJdWRgymlUBO9zNKi/IMVYv3O+mpOHuQrgtMaV9luDPRYPZrhF9y/InTZE tb+FOrF9ykIRlYgMzqSKjuqFmmYO4d6GkbgfGKFZsAjkySjM9BUBLb70MdysOTxZ/HtZguIKfZ4q CveZ9ZKe+LGsIpt5bFAs1LHIMBUlTCsuVIq2lD3TmScWbELn+Ace7WwKc+08GqOWZzUot5fkiIx3 /crnd7HTmUfqi0yCylHY62wxggOpMIIDpQIBATCBojCBjTELMAkGA1UEBhMCSVQxEDAOBgNVBAgM B0JlcmdhbW8xGTAXBgNVBAcMEFBvbnRlIFNhbiBQaWV0cm8xIzAhBgNVBAoMGkFjdGFsaXMgUy5w LkEuLzAzMzU4NTIwOTY3MSwwKgYDVQQDDCNBY3RhbGlzIENsaWVudCBBdXRoZW50aWNhdGlvbiBD QSBHMgIQaXxCJB0Ilpsxesw7IHRfgzANBglghkgBZQMEAgEFAKCCAdcwGAYJKoZIhvcNAQkDMQsG CSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMjAxMjEyMTAwNzM0WjAvBgkqhkiG9w0BCQQxIgQg Zkpz4Xnze+lsTiKbRgiWWvVI4Uo0stdUtgjDclnlEdIwgbMGCSsGAQQBgjcQBDGBpTCBojCBjTEL MAkGA1UEBhMCSVQxEDAOBgNVBAgMB0JlcmdhbW8xGTAXBgNVBAcMEFBvbnRlIFNhbiBQaWV0cm8x IzAhBgNVBAoMGkFjdGFsaXMgUy5wLkEuLzAzMzU4NTIwOTY3MSwwKgYDVQQDDCNBY3RhbGlzIENs aWVudCBBdXRoZW50aWNhdGlvbiBDQSBHMgIQaXxCJB0Ilpsxesw7IHRfgzCBtQYLKoZIhvcNAQkQ AgsxgaWggaIwgY0xCzAJBgNVBAYTAklUMRAwDgYDVQQIDAdCZXJnYW1vMRkwFwYDVQQHDBBQb250 ZSBTYW4gUGlldHJvMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8wMzM1ODUyMDk2NzEsMCoGA1UE AwwjQWN0YWxpcyBDbGllbnQgQXV0aGVudGljYXRpb24gQ0EgRzICEGl8QiQdCJabMXrMOyB0X4Mw DQYJKoZIhvcNAQELBQAEggEAjgNgitcpluLfbHUA/BVDkoHiA6g6BpDfEk3kbyV5rlbIOvY2c6Yu USnSriaNZACatckg3yt7bHHgjjgsOn7UdJ1RVbYWw9gycjC5/Cfjph8K85iMG9BwyRcvX16xjlST ZGxOOYDEhO+sWnUTnppgRJrcsGcEEgsBCgN9iHuCugjqq67kD4VVrNrTmJRHiivanP+XqpbCiFf/ 1yzBVD8ywsGVP53keWOX0fsMJ6uBOUsfERwP20tq+ozyGBT5w4xzKGnUAXhcfy1B+o75TwynZUuy OEpBErVhNDIbfi87QDVpTMrMTp1nk3RACSVtupsaW3VorszOUFrFSult8JpzlAAAAAAAAA== --Apple-Mail-BEBA49D1-29EE-49B7-A465-D234DA5E242C-- From nobody Sat Dec 12 04:20:10 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 98FCB3A109A for ; Sat, 12 Dec 2020 04:20:08 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.996 X-Spam-Level: X-Spam-Status: No, score=-1.996 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, MIME_QP_LONG_LINE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lodderstedt.net Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LsXAZr6xdE44 for ; Sat, 12 Dec 2020 04:20:01 -0800 (PST) Received: from mail-wr1-x431.google.com (mail-wr1-x431.google.com [IPv6:2a00:1450:4864:20::431]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3A8973A1097 for ; Sat, 12 Dec 2020 04:19:59 -0800 (PST) Received: by mail-wr1-x431.google.com with SMTP id c5so8057791wrp.6 for ; Sat, 12 Dec 2020 04:19:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lodderstedt.net; s=google; h=content-transfer-encoding:from:mime-version:subject:date:message-id :references:cc:in-reply-to:to; bh=rqXEadmCvZusjePyUm2vPlzbQrGGh0pZ4ihJKojqz0Q=; b=2/X6r3i64hAidzx+E72bWB6eClNZQP+VLeneDVjXqQifO6RDKlShUQIs1b71+nIpNY 5vvL8wwvP6efMGL2CSz/IqgYaIBF83d4Hey/lgMr3pdH6CPXyGFh2GR+a6KyQDq+gVwX taA8gkjWasj+hnHtRVp2fKzCjjePiSB1vbtBjT4gcv81QLk2OslXzlWEdaJ13cPO01jg K1qxYJM5zlY8YUW+afV8vyaNOFudd4L8sa6FcWcvmZrYeO3ybneZMNbge+qS+ooQovO0 TW4F0Guz6CUZBLfMfWrntrfDVZ2wTpRigl2su+qrXqwrb7thpeoqaKnSk9cJcWiTUvMR gfmA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:content-transfer-encoding:from:mime-version :subject:date:message-id:references:cc:in-reply-to:to; bh=rqXEadmCvZusjePyUm2vPlzbQrGGh0pZ4ihJKojqz0Q=; b=ReAA/5/wlU3YIG0Pej1EsqzxlXHug6kSOp4/pFvtjXnw8sVU7I5OYkCycpaIQ2mHWf Dziky0RYyvI04S5X+cckjT8mP4dgWEIhLK2wWqlQqtup03fIQZ0FtoEstsmRSrEOYwve PCUJo/TW5cqrodVbAgEbC+GNNKUcdn4LGsKAG9sv6UCYBw1YtNN3WYzPKzKgyJyDKgHN hSmyQuxhsR6VJb2fRqMSz98keCVhpMo+YquWh1KS9nO45OKObAlRGB+hLDelUZDyFRiU OBKF5vgexS8eeNJALFylW2hGd87Nfl3jl1u8pZXGpejQ4GKBH/rpbgC0x4jvY/6avhRc F5xg== X-Gm-Message-State: AOAM530vB4pipUHP3v26W4z+Q7dEX+3GRidI5wlPOwD+Om8UUiJKD+Ol ONiqdRPKGeA30zVPv0ZJakBEoQ== X-Google-Smtp-Source: ABdhPJyWPPa6d14QLBPmcYeOvmXIZXNvVIFKhbybY1DOC9TasXh4xapkPV+uGMIkz0O+5MqyH72XGQ== X-Received: by 2002:a5d:6a88:: with SMTP id s8mr19379729wru.118.1607775598029; Sat, 12 Dec 2020 04:19:58 -0800 (PST) Received: from ?IPv6:2003:eb:8f1b:fae3:5541:8cbe:7369:6453? (p200300eb8f1bfae355418cbe73696453.dip0.t-ipconnect.de. [2003:eb:8f1b:fae3:5541:8cbe:7369:6453]) by smtp.gmail.com with ESMTPSA id c10sm20064423wrb.92.2020.12.12.04.19.56 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sat, 12 Dec 2020 04:19:56 -0800 (PST) Content-Type: multipart/signed; boundary=Apple-Mail-4829F4F9-4269-4731-A277-2FF9FFD4F9D8; protocol="application/pkcs7-signature"; micalg=sha-256 Content-Transfer-Encoding: 7bit From: Torsten Lodderstedt Mime-Version: 1.0 (1.0) Date: Sat, 12 Dec 2020 13:19:55 +0100 Message-Id: References: Cc: Vittorio Bertocci , oauth@ietf.org, Aaron Parecki In-Reply-To: To: Dick Hardt X-Mailer: iPad Mail (18B92) Archived-At: Subject: Re: [OAUTH-WG] Detailed review of OAuth2.1 X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 12 Dec 2020 12:20:09 -0000 --Apple-Mail-4829F4F9-4269-4731-A277-2FF9FFD4F9D8 Content-Type: multipart/alternative; boundary=Apple-Mail-7BA6FD10-303C-4CED-8DDD-169D59913E3D Content-Transfer-Encoding: 7bit --Apple-Mail-7BA6FD10-303C-4CED-8DDD-169D59913E3D Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Thanks as lot Vittorio! You gave us a lot of homework but I think the draft w= ill be improved a lot based on it. Re OIDC implicit: I=E2=80=98m reluctant to explicitly endorse use of OIDC im= plicit (response type =E2=80=9Eid_token=E2=80=9C or =E2=80=9Ecode id_token=E2= =80=9C) as there are examples in the wild where the id_token is used as acce= ss token. Moreover, I=E2=80=98m not aware of any systematic security threat a= nalysis of those flows. I=E2=80=98m fine with pointing out to readers that omission of response type= =E2=80=9Etoken=E2=80=9C does not deprecate other extension response types. WDYT? > Am 09.12.2020 um 01:55 schrieb Dick Hardt : >=20 > =EF=BB=BF > Thank you very much for your detailed feedback Vittorio! > =E1=90=A7 >=20 >> On Tue, Dec 8, 2020 at 3:22 PM wrote: >> Dear authors, >>=20 >> It took ages but I finally managed to go thru a full review of the curren= t OAuth2.1 draft. Apologies for the delay. >>=20 >> Metacomments: >>=20 >> The VAST majority of the comments are suggestions for improving clarity, m= ostly on historical language coming from 2.0 that I found myself having to c= larify to customers and colleagues over and over thru the years. None of tho= se are critical. >> There are a few places where 2.1 requires a MUST I believe to be unwarran= ted/too restrictive. For each of those I did my best to provide context and c= oncrete examples. >> A sizeable category of comments and disagreements on MUST come from treat= ing mobile and desktop apps as largely equivalent under the =E2=80=9Cnative a= pp=E2=80=9D umbrella, despite of the vast gulf that separates the two both i= n terms of security posture and user experience. Again, I tried to be as mat= ter of fact as possible in there. >> The main reason for which I spoke up during the IETF interim on oauth2.1 w= as the confusion the omission f the implicit grant caused among the devs usi= ng implicit in OIDC for obtaining ID_tokens. I suggested some language to pr= e-empt the issue, but I expect some iteration there. >> Thanks, >>=20 >> V >>=20 >> =20 >>=20 >> =C2=A71 >>=20 >> I wonder whether we should take the opportunity offered by OAuth2.1 to cl= arify frequent points of confusion about OAuth, by explicitly calling out in= the introduction what is out of scope. >>=20 >> For example: OAuth is not an identity protocol, as it doesn=E2=80=99t con= cern itself with how resource owners are authenticated; OAuth isn=E2=80=99t m= eant to address 1st party scenarios, although the reader is free to use it i= n that context as well; and so on. >>=20 >> I believe there is value in adding this in the introduction rather than r= elegating it in some later considerations section, as the people who need th= is information the most rarely read past this point. >>=20 >> =20 >>=20 >> =C2=A71.1 >>=20 >> In the RS definition, wondering whether including the word =E2=80=9CAPI=E2= =80=9D would help to clarify what an RS is in practice. >>=20 >> =20 >>=20 >> =C2=A71.2 >>=20 >> I always found this part extraordinarily difficult to decipher. I get tha= t this is the first description and doesn=E2=80=99t have to be exhaustive an= d consider all cases (eg it=E2=80=99s ok if step 3 claims that the client au= thenticates w the AS even tho that=E2=80=99s only for confidential clients),= but I think it could be much clearer than it is today. >>=20 >> Step 1 says >>=20 >> The client requests authorization from the resource owner. The authoriza= tion request can be made directly to the resource owner (as shown), or prefe= rably indirectly via the authorization server as an intermediary. >>=20 >> Besides the fact that =E2=80=9Crequests authorization=E2=80=9D is a bit v= ague, this step and the corresponding diagram leg does not correspond at all= to what normally happens- to get a code, the client does need to hit the AS= and the mention in passing in the text isn=E2=80=99t enough to figure that o= ut. Also, with the omission of ROPG there really isn=E2=80=99t any way of as= king anything to the RO directly (the client creds doesn=E2=80=99t involve t= he RO). >>=20 >> I would recommend updating that diagram to be more descriptive of the can= onical scenario. >>=20 >> Step 2 >>=20 >> mentions the 2 grants defined in the spec, but only one of them represent= s the RO=E2=80=99s authorization. Claiming that the client itself is the RO i= s a formalism that doesn=E2=80=99t meet the reader=E2=80=99s intuition at th= is point. >>=20 >> Step 5 >>=20 >> The language here triggered multiple discussions, in particular on whethe= r the AT can actually be used to ascertain the identity of the client =E2=80= =93 that isn=E2=80=99t the case for public clients, for example; besides, th= at=E2=80=99s not really the highest order bit of the AT. If it is, it seems t= hat the spec should be more explicit about how client identification from th= e RS by means of an AT works. If it isn=E2=80=99t, perhaps we should change t= he language to omit authenticate. >>=20 >> The last paragraph is emblematic IMO =E2=80=93 if the preferred method is= very different from the diagram here, and if the abstraction presented here= is not terribly useful (given that we no longer have multiple RO based gran= ts, excluding the extension grants that are still too far at this point to w= arrant a cognitive downpayment for the reader) I wonder whether we=E2=80=99d= be better off doing the authz code diagram directly (and mention that we al= so have the client creds grant separately). >>=20 >> =20 >>=20 >> =C2=A71.3 >>=20 >> I understand that we can=E2=80=99t really change this because we inherit f= rom OAuth 2 but I=E2=80=99ll mention it anyway- modeling clients as ROs is p= roblematic, as it doesn=E2=80=99t often match what happens in practice. A co= nfidential client might batch-read a user=E2=80=99s inbox searching for ad w= ords, but the resource owner remains the user. >>=20 >> I know we straighten things up in 1.3.2, but the positioning here is conf= using. >>=20 >> Also: isn=E2=80=99t the refresh token grant a core-specified grant as wel= l? I know I am nitpicking. >>=20 >> =C2=A71.3.1 >>=20 >> We don=E2=80=99t say anywhere here that the authorization code can be exc= hanged for an access token. It can be somewhat inferred from 1.2, but it=E2=80= =99s a bit of an intelligence test (one needs to infer from authorization gr= ant). >>=20 >> P2 >>=20 >> =E2=80=9Cobtains authorization=E2=80=9D could be more specific, to reinfo= rce that we are doing a delegated flow. =E2=80=9CObtains=E2=80=9D seem to su= ggest that we are talking about consent, rather than AS side rules. If that=E2= =80=99s the case, calling it out might make the scenario clearer. >>=20 >> P3 >>=20 >> Both the benefits listed apply to confidential clients only. Not sure whe= ther calling it out here would help prevent confusion later on (eg people th= inking that public clients can prove their identity) or would bring confusio= n on now (given that we didn=E2=80=99t differentiate between client types ye= t). Either ways, formally we are OK here; I am just thinking how to make thi= ngs clearer. Perhaps defining client types before grants might help being cl= earer here. >>=20 >> =20 >>=20 >> =C2=A71.3.2 >>=20 >> A concrete example of credential (eg shared secret) might help clarify th= ings here. Also, the fact that client credentials indicate both a grant in i= tself and an artifact (which participates in other grants) is a well know so= urce of confusion. Wondering if calling this out here might help. >>=20 >> =20 >>=20 >> =C2=A71.4 >>=20 >> In general, we use =E2=80=9Caccess token=E2=80=9D and =E2=80=9Ctoken=E2=80= =9D interchangeably- perhaps pedantic, but I would suggest we always use =E2= =80=9Caccess token=E2=80=9D to prevent confusion with refresh tokens later o= n, and other token types in other contexts (eg think ID tokens). >>=20 >> P1 >>=20 >> The client should treat the AT string as opaque, but that doesn=E2=80=99t= necessarily means it is: in some cases the client CAN see inside the token,= and with the current language they might interpret it as =E2=80=9Cin this c= ase, it=E2=80=99s OK to look- otherwise they would have made it opaque, per t= he spec=E2=80=9D. >>=20 >> =20 >>=20 >> =C2=A71.5 >>=20 >> The first phrase of P1 is wonderfully clear. We should have the equivalen= t in =C2=A71.3.1 >>=20 >> Not having defined a mechanism for requesting a RT here, leaving it to AS= es to decide when and where, created the situation in which some AS only iss= ues RTs when they get the offline_access scope, with all the unfortunate con= sequences about RT lifetime vs session lifetime etc=E2=80=A6 I know we can=E2= =80=99t really change this now as we don=E2=80=99t want to break existing AS= implementations, but wondering if there=E2=80=99s anything we can say to fu= rther clarify/give readers a headsup about the ambiguity/diversity of behavi= ors they=E2=80=99ll encounter here. >>=20 >> P2 >>=20 >> It=E2=80=99s odd that we say =E2=80=9Cusually opaque to the client=E2=80=9D= for the RT while we decisively said opaque for the AT. Also, the client sh= ouln=E2=80=99t do anything w the RT content hence I think the same considera= tions done for =C2=A71.4P2 apply here. >>=20 >> =E2=80=9CThe token denotes an identifier used to retrieve the authorizati= on information=E2=80=9D gets into the specifics of the implementation and it= =E2=80=99s not universally true (some AS encrypt/sign the authz info in the R= T itself and have no server state whatsoever. >> Step 3 >>=20 >> Should we add a reference to RFC6750 here? >>=20 >> =20 >>=20 >> =C2=A71.8 >>=20 >> Should we say rich *delegated* authorization framework? >>=20 >> =20 >>=20 >> =C2=A72 >>=20 >> =E2=80=9Cend-user interaction with an HTML registration form=E2=80=9D is o= ddly specific =F0=9F=98=8A in particular, I think =E2=80=9Cend user=E2=80=9D= might be misleading. We can either say =E2=80=9Cinteractive=E2=80=9D or ref= er =E2=80=9Cthe client app developer=E2=80=9D or equivalent. >> Overkill but I=E2=80=99ll mention it anyway. Should we say that typically= the client registration in the non-dynamic scenario occurs in authenticated= settings? Not strictly necessary but might help the reader to tie what we s= ay in this section with their concrete experience. >> =20 >> =C2=A72.1 >> P4 >> =E2=80=9CAuthorization servers SHOULD consider the level of confidence in= a client's identity when deciding whether they allow such a client access t= o more critical functions, such as the Client Credentials grant type.=E2=80=9D= =20 >> I don=E2=80=99t understand this sentence. Is the client credentials grant= type a =E2=80=9Cmore critical function=E2=80=9D? Or is it a level of confid= ence? Either ways, I think it needs clarifying. >> P5 >> IMPORTANT: this is going to break many OAuth implementations with signifi= cant adoption. Auth0 is fine (each client_id is tied to a single client type= ) but I know of others that will break. >> I suggest softening to a SHOULD NOT. >> =E2=80=9Cbrowser-based application=E2=80=9D >> I am not convinced this is so much easier than the original =E2=80=9Cuser= -agent-based=E2=80=9D. I understand the advantages (dovetails w the BCP, mor= e precise given that apps can be user agent as wells nowadays, more familiar= ) however the break w 2.0 terminology is jarring. I don=E2=80=99t feel very s= trongly about it but enough to type it. >> =20 >> =C2=A72.2 >> It=E2=80=99s a bit odd to define the client identifier like it=E2=80=99s s= omething brand new when =C2=A72.1 already introduced it. This language from t= he original 2.0 might need to be revised to accommodate that change. >> Wondering whether a warning against structured client_ids (eg identifiers= assembled thru some string template, like developer name+region+serial) wou= ld be in order. Perhaps in the security considerations? >> =20 >> =C2=A72.3 >> P1 >> That sounds vaguely circular, given that being assigned credentials might= be considered part of the =E2=80=9Cestablish a client authentication method= =E2=80=9D task listed there. I=E2=80=99d simply say =E2=80=9Cif the client i= s confidential or credentialed=E2=80=9D. >> P2 >> I=E2=80=99d add =E2=80=9Cby the authorization server=E2=80=9D for good me= asure. >> P3 >> That sounds vague. Shouldn=E2=80=99t it be mandatory for the AS to requir= e client auth for the client types who have creds? =E2=80=9Cif possible=E2=80= =9D seem to open the possibility of circumstances where that=E2=80=99s not h= e case. >> P5 >> I think that this idea of identifying the client will need to be fleshed o= ut more for people to fully understand it. Credentialed clients can prove th= at they are the same client instance across multiple transactions, which som= e might consider a weak form of identification. To rule that out, it has to b= e mentioned upfront IMO. If not here, in some of the considerations section=E2= =80=A6 with a forward reference here. >> P6 >> Do we say why anywhere? If yes, we should reference it. If not, perhaps w= e should. >> =20 >> =C2=A72.3.1 >> We no longer mentioned the empty client secret, but we don=E2=80=99t forb= id it either. What=E2=80=99s our stance? >> =20 >> =C2=A72.3.2 >> In =C2=A72.3 we mention MTLS, private_key_jwt, but here we just point the= reader to IANA. It looks like echoing those methods here might help clarity= . >> =20 >> =C2=A73.1 >> Last paragraph >> I have been in discussions where readers interpreted this as =E2=80=9Cyou= cannot send custom parameters to the authorization server=E2=80=9D. To pree= mpt that mistake, we mighr consider calling out that custom extensions _are_= permitted as long as the AS supports them. I know that=E2=80=99s what the c= urrent language says already. >> =20 >> =C2=A73.1.1 >> Wondering if referring to some specific, well known extensions (like OIDC= ) might help readers to better understand this point. >> =20 >> =C2=A73.1.2 >> RFC3986 6.2.1 talks about character by character comparison, but doesn=E2= =80=99t mention case sensitivity. I am sure it does elsewhere in the spec, b= ut for clarify and readability I recommend specifying the desired behavior d= irectly here. >> =20 >> =C2=A73.1.2.1 >> Personally, I would advocate for a MUST here. True, lots of people won=E2= =80=99t comply at development time, but I think that=E2=80=99s OK as long as= they do use TLS when going in production.=20 >> Also, SameSite changes are making the use of HTTPS at dev time more and m= ore common. If OAuth2.1 is about picking the best of the security practices,= this seems like a an obvious candidate. >> =20 >> =C2=A73.1.2.2 >> P3 >> =E2=80=9Clack of requiring=E2=80=9D doesn=E2=80=99t sound proper. >> =20 >> =C2=A73.2 >> P2 >> Should we also say that the spec doesn=E2=80=99t care about _when_ the cl= ient obtains the endpoint? >> Last P >> Same considerations as =C2=A73.1 >> =20 >> =C2=A73.2.1 >> P1 >> That=E2=80=99s stricter than =C2=A72.3P3 =E2=80=93 I think the language t= here should be tweaked to be coherent with the one here. >> =20 >> =C2=A73.3 >> Wondering if the =E2=80=9Cscope strings order does not matter=E2=80=9D po= int should be somehow emphasized or clarified. I know of implementations who= considered heuristics such as =E2=80=9Cif the scopes requested correspond t= o multiple resources, I=E2=80=99ll show consent for all byt the token eventu= ally issued when redeeming the code will have as audience the resource corre= sponding to the FIRST requested scope=E2=80=9D, which would violate the orde= r invariant requirement.=20 >> =20 >> =C2=A74 >> Potentially VERY confusing. I would recommend to be more specific and sta= te that =E2=80=9COAuth 2.1 defines two grant types=E2=80=9D.=20 >> =20 >> =C2=A74.1 >> Diagram >> Not critical. But I want to point it out. The first time I saw this diagr= am I found it confusing. The fact that the same numeral is assigned to multi= ple legs is just odd for anyone not already familiar with the flow, possibly= still struggling to understand the client as a service side component. >> Also, now that we have mighty SVG support, I would strongly advocate for a= modern version of this diagram (there lines perhaps don=E2=80=99t need to b= e broken into segments). >> Step 5 >> =E2=80=9Coptionally, a refresh token=E2=80=9D is too vague IMO. I will lo= ok for opportunities to clarify later in the spec, given that this might not= be the best place to go in details. >> =20 >> =C2=A74.1.1 >> Overall: a high summary of the steps in this preamble might help. The cur= rent denormalization in subsection can be pretty hard to follow for someone s= eeing this for the first time.=20 >> Also: creating challenge and verifier BEFORE assembling the request seems= profoundly counterintuitive to me, as it emphasizes a security measure over= the core function of this leg of the flow. Unless there=E2=80=99s a crypto r= eason for this current sequencing that I can=E2=80=99t see, I recommend firs= t creating the core request (what=E2=80=99s now 4.1.1.3) and then attaching c= hallenge and verifier. Also, sending the message can be its own subsection r= athe than being conflated with the last message composition subsection. >> P1 >> =E2=80=9Cto begin=E2=80=9D remains a bit suspended, given that there=E2=80= =99s no obvious segue on what constitutes the steps after the beginning.=20 >> P2 >> =E2=80=9Clater use with the authorization code=E2=80=9D could be clearer,= e.g. =E2=80=9Cat authorization code redemption time=E2=80=9D. At this point= that might still not be obvious for the reader. >> Mentioning the provenance of properties (parameters?) code_challenge and c= ode_verifier without first having introduced them might confuse people not a= lready familiar with them and the request process in general, as their funct= ion will not be obvious not naturally map with the preceding sentencer. >> P3 >> Imposing a MUST before knowing what those this are yet is not as clear as= it would be if this would be stated after their use and function has been e= xplained. >> =20 >> =C2=A74.1.1.3 >> On state. Given the change vs OAuth2, I think it might be helpful to call= out the relevant section on the appendix about differences to help people f= amiliar w 2.0 not to miss this important change and avoid doing work twice. >> =20 >> =C2=A74.1.2 >> P2 >> Should we say that the code should be opaque to the client, to discourage= the use of structured code templates that can be partially manufactured? >> P8 >> =E2=80=9Che server MUST NOT include the "code_challenge" value in client= requests=E2=80=9D, was that meant to be =E2=80=9Cresponses=E2=80=9D?=20 >> Qualifying =E2=80=9Cother entities=E2=80=9D (anyone but the AS?) might ma= ke this point clearer. >> =20 >> =C2=A74.3 >> We mentioned extension grants in passing, but I don=E2=80=99t recall seei= ng a definition/description of their function in the context of the framewor= k. Even a short sentence to that effect here would help, given that the sect= ion title names them explicitly. Also, stressing that the device flow is jus= t one example and other extensions might differ (for example in their logic t= o establish whether an access token request is valid and authorized) would g= o a long way in helping the reader put this section in better focus. >> =20 >> =C2=A75.1 >> On the access_token parameter. Given the discussions we had for the JWT A= T profile draft, I am wondering whether it should be called out here that th= e AT recipient is the RS, that the client should not expect to be able to pa= rse the access_token, and that the AS is under no obligation to use a consis= tent AT encoding outside of what is negotiated with the RS. I don=E2=80=99t f= eel very strongly about this, or about where in the spec this should be call= ed out, but it sure would have made life easier in those discussions- hence t= he comment. >> On the refresh_token parameter. The lack of details in how OAuth2 describ= es how/when an AS returns refresh tokens led to today=E2=80=99s complicated s= ituation in which many implementations issue RTs only when OIDC=E2=80=99s of= fline_access is received in the scopes, as it was the only mention in public= specs describing a concrete behavior. See the associated online_access disc= ussion on the OIDC list, as RTs gain importance as session artifacts of sort= for SPAs now that implicit is dead and ITP makes iframe renewals problemati= c. >> Unfortunately it is too late to be prescriptive here, as we cannot break c= ompatibility with whatever choices existing AS implementations made. However= we can be more descriptive and give the reader a better idea of what=E2=80=99= s the range of possibilities. Some nonnormative examples of how existing AS d= etermine whether to issue an RT or not (eg as an option determined at client= registration time, or any other heuristic you guys encountered in the wild)= might help people to better understand their options and the intent of the s= pecification here. >> =20 >> =C2=A75.2 >> It might help to remind the reader here that extensions to the core spec m= ight specify or further specialize circumstances in which the errors mention= ed here are returned (for example, see the validation errors in the JWT AT p= rofile). There=E2=80=99s a mention of that in =C2=A77.3.1 but that=E2=80=99s= pretty far, and having even brief language here might be handy for people r= eading the spec for reference rather than cover to cover. >> =20 >> =C2=A76 >> P1 >> I think the risk assessment is just one of the factors an AS might use to= decide whether to issue an RT or not. The current language suggests risk is= the only determinant in that decision and that doesn=E2=80=99t seem right. >> Saying that one might refresh tokens using other grants seems odd. A new a= uthorization code grant gets me a new token and offers me the opportunity to= describe what token I want (scopes etc), the fact that I might choose to as= k the exact same things I asked in the original request is expediency. I wou= ld rather phrase this as the fact that the client can simply repeat the orig= inal request, and external factors such as cookies, sessions and other auth m= ethod specific options may allow the client to do so without prompting the u= ser. >> P2 >> We might need to be more precise here. Do we mean the scopes consented by= the RO in the request that led to the issuance of the RT being used? Just s= aying consented by the RO for the client does not exclude cases in which the= re are more instances of the client in operation. Say that I am running uber= on phone 1 and I consent to read my google calendar, getting AT1 and RT1. S= ay that on phone 2 I also run the uber app, and this time I consent to write= my google calendar, obtaining AT2 and RT2 on this new device. Now consider t= he various combinations here. Should RT2 allow me to get calendar:read too, g= iven that it was already consented by RO for this client? Should RT1 allow m= e to get AT1=E2=80=99 containing calendar:write, given that RO consented for= it when using a different instance of the same client? Whatever is the answ= er you want to the questions above, I think the spec should have language cl= ear enough to unambiguously determine the desired behavior. >> =20 >> =C2=A76.1 >> It=E2=80=99s a bit confusing that half of the RT use requirements is in =C2= =A76 (the requirement to authenticate confidential/credentialed clients) and= half is in here, with the only differentiator being the nature of the clien= t. This is pretty minor, but I think I would personally find clearer if all t= he requirements for the use of an RT would be consolidated in a single place= . It=E2=80=99s true that the public client reqs are a SHOULD, but still. >> Rotation. >> Wondering whether it would be wise to advise the reader to have their AS r= evoke all the still valid ATs issued by the AS from the same session/family o= f RTs upon detection of a RT reuse. It is not uncommon for clients to reques= t new ATs before their projected expiration. >> P6 >> I think the =E2=80=9CMAY=E2=80=9D here might be confusing when applied to= the rotation, as in either the AS does it, or the scenario won=E2=80=99t wo= rk. I understand this is formally correct, but perhaps explicitly calling ou= t some cases in which the AS might decide to do otherwise and acknowledge th= at in that case the client will be stuck might help clarify. Also, if the pu= blic client protection measures were in =C2=A76 instead of here, there would= be less opportunities for confusion as it would be easier to grok that this= doesn=E2=80=99t apply to the rotation case only (now adjacent) but to other= RT reissuance cases as well (eg sliding expiration). >> On the identical scopes requirement. Say that after obtaining RT1, which i= ncludes scopes s1 and s2 for client c1, the RO revokes authorization for c1 t= o use s2. Should the AS fail the RT redemption, or return an AT with only s1= and a scopes parameter informing the client of the change? As developer I w= ould prefer the latter, to preserve the experience: but if we are adamant ab= out the current language, I think it might be useful to explicitly call out t= hat any changes to the grant on the AS side should result in failure of the R= T redemption. >> P7 >> Calling out deprovisioning of RO might be useful as well. >> On =E2=80=9Cthe logout at the AS=E2=80=9D event, that=E2=80=99s definitel= y a valid case but I worry about how presenting that alone might reinforce m= isunderstandings that equate RTs with sessions. There are certainly times wh= ere we want that (see mentions earlier of the online_access discussions) but= there are also cases where the ability of a client to refresh ATs needs to s= urvive session boundaries (offline_access) and confusing the two are problem= atic. I don=E2=80=99t have a clear solution here, just pointing out a potent= ial point of confusion. Maybe there will be more opportunities to clarify la= ter in the spec. >> =20 >> =C2=A77 >> P1 >> An important case to call out is the AS-RS colocation, where neither intr= ospection nor token format agreements are necessary. I suggest mentioning it= openly. >> =20 >> =C2=A77.2 >> =E2=80=9Cbearer tokens may be extended to include proof-of-possession te= chniques by other specifications=E2=80=9D sounds like an oxymoron. Wouldn=E2= =80=99t PoP make the token no longer bearer by the very definition above? >> It looks like we might need a term for simply =E2=80=9Ctoken=E2=80=9D. >> =20 >> =C2=A77.2.1 >> Do we also want to forbid two tokens in the same request, using different= methods? Current language only constraints the behavior of one token. >> =20 >> =C2=A77.2.3 >> The =E2=80=9Cinsufficient_scope=E2=80=9D description here is problematic.= The privileges the AT carries/points to are not necessarily (or exclusively= ) represented by the included scopes (eg the RO might have granted document:= read to the client, but RO might have no privileges for the particular docum= ent being requested in this particular call). It might be useful to specify t= hat =E2=80=9Cinvalid_scope=E2=80=9D should be used for authorization errors t= hat can be actually expressed in terms of delegated authorization, leaving t= o RS implementers the freedom to handle other authorization issues (eg user p= rivileges, RBAC, etc) with a different error code. Or at least, we should be= clear that authorization logic not expressed via scopes is out of scope (pu= n not intended) for this specification. >> Note, this isn=E2=80=99t an abstract problem: there are SDKs out there th= at use =E2=80=9Cinvalid_scope=E2=80=9D for every permission issues. Very con= fusing. >> =20 >> =C2=A77.3.1 >> We rewrite portions of 6750 in oauth2.1, but here we refer to it as its o= wn spec=E2=80=A6 that could be confusing as it=E2=80=99s unclear which parts= of 6750 are overridden by oauth2.1 (eg no more querystring) and what parts r= emain normative. Perhaps we can call those things out in the sections meant t= o replace the corresponding sections in 6750. >> =20 >> =C2=A77.4.2 >> Pedantic: although the title of the section states it, wondering whether e= very instance of =E2=80=9Ctoken=E2=80=9D here should be =E2=80=9Caccess toke= n=E2=80=9D instead. Think of cases in which the spec is quoted in discussion= s and disputes, where snippets can be pasted and mentioned outside of the co= ntext of this section. >> P2 >> Referencing the JWT AT profile as an example of extension providing the i= nfo out of scope for the core might help the reader grok a concrete example.= >> =20 >> =C2=A77.4.3.5 >> =E2=80=9Cone hour or less=E2=80=9D seems very arbitrary, and breaks step i= n respect to what the spec does elsewhere (eg we don=E2=80=99t give any indi= cation of how long an AS should wait to invalidate an RT for inactivity, but= we do say the AS should do so). I would actually not provide any reference v= alue here. >> =20 >> =C2=A77.4.3.6 >> Another opportunity of referencing the JWT AT profile for a concrete exam= ple of detailed audience restriction guidance in ATs. >> =20 >> =C2=A77.4.3.7 >> Besides the indications given to clients here, should we also give guidan= ce to an RS to ignore tokens passed that way? >> =20 >> =C2=A77.4.5 >> Along the same lines of the comments about delegated authorization earlie= r for =C2=A77.2.3. I think it would be useful to acknowledge here that ATs m= ight carry, and RSs might expect, authorization information that go beyond t= he delegated authorization for 3rd party API case that is core to OAuth- and= remind the reader that those mechanisms are out of scope for oauth hence th= ey shouldn=E2=80=99t expect those aspects to be addressed/handled/regulated b= y this specification.=20 >> =20 >> =C2=A78 >> As mentioned earlier, it seems a potentially confusing to reference the s= ection of a document being superseded. I do see an issue in redefining here s= omething already established and in use, hence I am not expecting this to ch= ange. Just wondering whether we need to provide a more explicit map of the s= ections in 6749 that are being updated by oauth2.1. >> =20 >> =C2=A79 >> Should we also say something about the scenario being chiefly 3rd party c= lients? We know lots of people use OAuth2 for 1st party scenarios and some c= onsiderations might differ. This might be an opportunity to finally make tha= t clear. >> =20 >> =C2=A79.1 >> P1 >> Well, the AS doesn=E2=80=99t really use client auth... the active part he= re is the client itself. Perhaps the AS can require it, when possible. >> P2 >> Unclear. Are we saying that if it is possible to safely distribute keys t= o client, the AS MUST use client auth? That seems odd, there might be other r= easons coming into play (cost, security posture) making that choice not viab= le. Or is the intent to say that the AS should not use client auth if the ke= y distribution cannot be trusted? That sounds far more realistic, but then t= he language should be tweaked or the reader might pick the former interpreta= tion. >> P3 >> The AS can=E2=80=99t really PREVENT creds forwarding as the RO machine mi= ght still have funny business going on (eg DNS attacks). Some softer languag= e might be more accurate there.=20 >> P4 >> That sounds very abstract. What does it mean? That the AS should consider= to issuing RTs to public clients? If that=E2=80=99s the case, we should jus= t say so=E2=80=A6 tho without more details, I don=E2=80=99t know how actiona= ble the guidance here will be. I can see BoFa requiring a user to reauth in t= heir iPhone app after inactivity, but I don=E2=80=99t see Uber doing so for t= heir app.. unless they produce long lived ATs, which isn=E2=80=99t what we w= ant either. >> P5=20 >> This could be clearer. The dynamic client registration case just flesh ou= t the confidence level an AS can have in its identity, but does not offer a c= orresponding privilege level to it =E2=80=93 whereas the second case does me= ntion assigned privileges explicitly. Also, pitting =E2=80=9Cdynamically reg= istered client=E2=80=9D vs =E2=80=9Cweb application=E2=80=9D might suggest t= he app type is a factor, whereas AFAIK 7591 can be used for registering web a= pps too (whether that s wise or not is immaterial here). >> =C2=A79.2 >> Should we say something about whether native clients should be allowed to= be =E2=80=9Cupgraded=E2=80=9D as confidential clients in the future, or the= other way round? I know of scenarios where people did that to preserve cons= ent info, but that seem sketchy security wise. >> P3 >> The SHOULD here refers to a requirement that in 10.3.1 is a MUST. I don=E2= =80=99t think the MUST is warranted (more about that in the 10.3.1 comments)= but if we do keep it, it looks like the level should be coherent here. >> P4 >> That example is compatible with a SHOULD- works now, but would look odd i= f we=E2=80=99d upgrade P3 with a MUST for coherence with 10.3.1. >> P5 >> Inclusion where/how? We should be precise IMO. If it=E2=80=99s just regis= tration material (eg not part of the redirect URI), we should mention how we= expect it to be used in the context of OAuth- and if we don=E2=80=99t know,= perhaps we should not mention it here.=20 >> =20 >> =C2=A79.3 >> P1 >> I know it becomes clearer later on, but I think it would help here to exp= licitly call out confidential and credentialed client as the subject of this= sentence. Those are the only client types with credentials, hence the curre= nt language is formally correct. This is just for clarity. >> P2 >> I thought we require redirect URI registration in all cases? This makes i= t sound it=E2=80=99s only for public clients. >> P3 >> I have been in various discussions where people were attempting to interp= ret what =E2=80=9Cexplicit RO authentication=E2=80=9D means in practice. Is i= t a full credential prompt regardless of whether one session already exists?= A selection between existing sessions, if present? >> P4 >> This is unclear. As it currently reads it seems to prohibit things like g= etting a new authz code silently via iframe (and prompt=3Dnone or equivalent= UX suppressing mechanism, please ignore the ITP complications for the sake o= f argument).=20 >> =20 >> =C2=A79.3.1 >> P1 >> I don=E2=80=99t follow this sentence. The client identity cannot be prove= d for public clients (see also next P), and the native apps are public clien= ts unless otherwise specified (eg credentialed). >> P2 >> I find this misleading. Client side measures such as claimed schemes, dom= ains etc might work to prevent an app impersonating another app on the same d= evice/OS, but they aren=E2=80=99t guaranteed to be honored on other operatin= g systems. The AS has no way of knowing whether those measures have been enf= orced on the client, hence it should not accept them as proof. =20 >> =20 >> =C2=A79.4.1 >> This is another place where a reference to the JWT AT profile would provi= de a concrete example of the conditions set forth here (eg RS guidance for a= udience validation). >> Also, as mentioned earlier, it might be useful to remind the reader that t= he AS might include in the token authorization information that go beyond th= e delegated authz scenario OAuth2.x concerns itself with, and that those asp= ects are beyond the scope of this specification. That would truly go a long= way preventing people from abusing and overextending the spec on scenarios i= t is not meant to address. >> And even for the canonical scenarios, it might be useful to remind the re= ader that the RS might have extra logic not described in this spec that dete= rmines whether the call will be authorized or otherwise- to dispel the notio= n that the AS is always the sole source of truth for authorization.=20 >> =20 >> =C2=A79.4.2 >> P2 >> Clarifying that MTLS is one instance of the sender constraint methods jus= t mentioned would prevent some readers considering that an independent, addi= tional constraint. >> =20 >> =C2=A79.5 >> In =C2=A76.1 we give more details about protection, should we have a back= ward reference to that section here? >> P2 >> Is it worth to specify that it doesn=E2=80=99t matter how the AS tracks t= he binding? (eg server side or embedded in the RT bits themselves). >> =20 >> =C2=A79.6 >> P1 >> This language makes the assumption that for client cred grants, the sub w= ill take on the client_id value. That it certainly possible, but not a given= . As such, the language here should be explicit abouty the fact that it=E2=80= =99s what we are expecting to happen in this particular scenario. >> P2 >> Referring to the client as the actor here is confusing as soon as you mov= e beyond client_id. When you talk about rhe sub or any other value, it=E2=80= =99s not as much the client as it is the developer who owns the client. The d= ifference is subtle but might be a source of confusion. >> =20 >> =C2=A79.7 >> P3 >> I thought that we were going to make PKCE or nonce the only two mandatory= alternatives? Nothing against supporting state as an accepted way to achiev= e this, just surprised as I recall people being quite adamant about pushing P= KCE. >> P4 >> Looks like the iss response parameter might make the distinct redirect UR= Is unnecessary? >> =20 >> =C2=A79.7.1 >> The guidance in this section isn=E2=80=99t likely to be widely followed, b= ut I understand the rationale behind it. >> =20 >> =C2=A79.8 >> P2 >> That=E2=80=99s probably obvious, but I think we should specify that those= multiple attempts should come with the expected code verifier as well for t= he revocation logic to be triggered- if it=E2=80=99s just the code without v= erifier, it doesn=E2=80=99t look like the leak went far enough to warrant th= at intervention. >> P4 >> If this holds, then the remark about the use of state for CSRF in =C2=A79= .7 P3 seems unnecessary. >> P9 >> The use of MUST here seems incompatible with the concession of using nonc= e instead of PKCE. Either we allow it or we don=E2=80=99t=E2=80=A6 >> =20 >> =C2=A79.11 >> P1 >> Now that we no longer trade in RO passwords, should we mention them here?= Sure, if the AS uses passwords they do need protection, but so do lots of o= ther things the AS might use as part of auth that we don=E2=80=99t mention h= ere for Occam=E2=80=99s razor.=20 >> P3 >> What other means are we referring to?=20 >> =20 >> =C2=A79.12 >> =E2=80=9Cservice providers=E2=80=9D occurs for the first time in the docu= ment here. Tying the guidance to entities already mentioned in the doc (clie= nts, AS) might make things clearer/more actionable. >> =20 >> =C2=A79.13 >> I understand that some of the comments in this area should be done on the= BCP rather than here, but here we are. That said=E2=80=A6 >> Blanket comment: this section seems to assume native app =3D=3D mobile ap= p, and that=E2=80=99s not strictly the case. Desktop apps have different cha= racteristics and desktop OSes different capabilities. Would be clearer to ma= ke a distinction when relying on mobile OS capabilitesas we appear to do he= re. >> P2 >> Embedded user-agent !=3D fake external user agent, but P2 uses that inter= changeably. A desktop app might use an embedded browser for UX reasons and m= aking no attempt whatsoever to disguise that as an external agent. And I wou= ld be pretty surprised to see a malware remover get rid of google drive for M= ac, or Adobe products, or Office- all native apps using embedded user-agents= for authentication. >> P3 >> It=E2=80=99s unclear how the AS would do that, given that user agent stri= ngs can be faked. Google has its ML based secret sauce, but that might not b= e accessible by everyone. >> P4 >> This is mobile specific, doesn=E2=80=99t apply to desktop apps as readily= . Also unclear how that would change for the end user, given that pixel perf= ect replicas can easily include fake address bars. More details on how a use= r would detect an actual browser (presence of an existing session, access to= bookmarks etc) might add enough color to help the reader truly understand t= he extent of the remedy power (or its true limits).=20 >> =20 >> =C2=A79.14 >> There=E2=80=99s no action for the reader here. If that reflects the actua= l situation (none of the roles described in this spec can do anything to mit= igate or contain the damage, and solutions to prevent the situation lie outs= ide its purview eg use MDM software on your corporate devices) we should exp= licitly say so. >> =20 >> =C2=A79.15 >> A bit odd that we used CSRF throughout the document assuming the reader w= as familiar with it, but here we attempt a definition.=20 >> Still confused on how we admit state as a valid mechanism, as opposed to l= imiting to nonce and PKCE. Also note the potential discrepancy called out ea= rlier in which at code redemption time we appear to require PKCE, in contras= t to admitting nonce/state here. >> =20 >> =C2=A79.18.2 >> Wondering if here we should go as far as recommending the AS keeps dynami= c client registration OFF when it=E2=80=99s not needed. That might provide g= ood secure by default guidance for AS SDKs and product developers. >> =20 >> =C2=A79.19 >> I assume we=E2=80=99d add the =E2=80=9Ciss=E2=80=9D response parameter as= alternative to the requirements here? >> =20 >> =C2=A79.20 >> P1, P2, P3 >> The security properties described here do not apply as is to desktop apps= using embedded browsers. >> As mentioned earlier, on the desktop the separation between apps isn=E2=80= =99t as stark as on mobile- the keystrokes message pump is potentially acces= sible at the user session level, encompassing multiple applications. Althoug= h process separation mechanisms are in place, the circumstances of the execu= tion and the OS specific features in this respect determine the degree to wh= ich entering credentials in one process makes the data inaccessible by anoth= er. We should not claim advantages we cannot guarantee, and we should be exp= licit about what measures specific to dekstops should be considered to mitig= ate risks eg not executing apps as admins, enable and use UAC at the right l= evel on Windows or equivalent on other OSes, use app sandboxing when the OS s= upports it, etc. Not suggesting we call out specific technologies like UAC, b= ut at least point at the category of security measures. >> P4 >> As mentioned above, the presence of the address bar can be easily faked b= y pixel perfect replicas- relying on those is security theater. >> P5 >> This is a valid concern, but if we want to frame it in the context of the= security considerations section we need to add more color (eg minimizing th= e situations in which one needs to enter creds is good security practice). >> =20 >> Another thing we might add as lowlight for embedded browsers: password ma= nagers might not work, making the user=E2=80=99s life difficult and possibly= promoting insecure situations (eg placing a random pwd in the clipboard, wh= ere other apps might later steal it from). >> =C2=A79.21 >> Do we need this here, given that we cover this in depth earlier? >> =20 >> =C2=A710 >> I find this subdivision confusing. We have native clients considerations s= cattered throughout the entire specification, but now we have a dedicated se= ction that somewhat repeats some of the points already made while interleavi= ng new ones. Perhaps having a more specific section title, one that better c= haracterizes the content and intent of this section, would avoid giving the i= mpression that if the reader is interested in native clients, this is the on= ly section they need to read. >> P2 >> See discussion so far on native vs desktop. >> Also: I have been in ferocious discussions where people thought the exter= nal user agent HAD to be the browser, which we know isn=E2=80=99t the case (= hero apps like the FB SDK or OS features like sign in w Apple work just as w= ell). Some language here giving a nod to those non-browser external user age= nts might help clarify. >> P4 >> See previous discussion on mobile!=3Ddesktop. >> P5 >> I=E2=80=99d always qualify the =E2=80=9Cbrowser=E2=80=9D with system, ext= ernal, device etc given that some reader calls the embedded user-agent =E2=80= =9Cembedded browser=E2=80=9D, hence just saying =E2=80=9Cbrowser=E2=80=9D wi= thout modifiers is ambiguous. >> User authentication state.. on the device. I think specifying it will cla= rify what this really means. >> =20 >> =C2=A710.1 >> Unless you scope this statement to MOBILE apps, I think the MUST here sho= uld be a SHOULD.=20 >> The security posture of the desktop is different enough, and the quality o= f the user experience when using a system browser bad and disomogeneous enou= gh, that a MUST isn=E2=80=99t justified here. >> =20 >> =C2=A710.2 >> Beware of the native-mobile false equivalence here. >> P3 >> One or two examples of non-browser external user agents might help. >> P4 >> Text pasted here is technically not a best practice but core. >> I see there are examples here, so no need to add them in P3. >> It=E2=80=99s unclear why the external browser is RECOMMENDED here- if it=E2= =80=99s because we can=E2=80=99t go in details of the behavior of non browse= r apps, it seems like we should say that much rather than making a recommend= ation. In other words, RECOMMENDED expresses a strong preference for it, but= if I am on iOS and I want to sign in with Facebook I am actually better off= using their SDK both for security and user experience reasons than to use t= he system browser. >> =20 >> =C2=A710.3 >> Requesting a MUST for all 3 methods seems restrictive=E2=80=A6 why not re= questing at least one? >> =20 >> =C2=A710.3.1 >> P3 >> This seems unnecessarily restrictive. 3.8 in 7595 is mostly SHOULDs, and i= t refers to organizations rather than individuals. Not every developer owns a= domain, not every app goes on an app store and is meant for general public c= onsumption. An organization sideloading apps on managed devices should not b= e forced to follow those constraints if they control the environment and are= n=E2=80=99t worried about other apps competing for the same schema, but plac= ing a MUST here might compel SDK developers to embed validation checks that w= ould make developers on those circumstances deal with complexity without any= security upside. In fact, apps should not even be required to have internet= access in the general case but this requirement does impose that.=20 >> I think this is an important best practice that should be encouraged, REC= OMMENDED or even SHOULDed , but it shouldn=E2=80=99t be a MUST in the core s= pecification. >> =20 >> =C2=A710.3.2 >> P4 >> Like everything happening on the client, the AS cannot really take that a= s guarantee. What might be true for an app running on iOS might not apply if= the requests are all manufactured via cURL on a Linux box. The scope of tho= se measures is really limited to one particular device or devices sharing an= OS, outside of that cohort there are no guarantees. >> =20 >> =C2=A710.3.3 >> This section should come with glaring warnings, anything actively listeni= ng on the client extends the attack surface- an app listening on the loopbac= k might now get affected by exploits in the local HTTP driver/local network s= tack and taken over, executing with the same privileges as the user (remembe= r https://www.rapid7.com/db/vulnerabilities/WINDOWS-HOTFIX-MS15-034/). The f= act that the loopback is only accessible locally only reduces the risk but d= oesn=E2=80=99t eliminate it, a local process with lower privileges might use= that exploit for elevation of privileges for example. We should at least re= commend that the app hosting the loopback adapter runs with low privileges, r= eiterate the =E2=80=9Clisten only when you must=E2=80=9D and generally warn a= bout the extra attack surface. >> As AS I might not want to support this method at all, both for security r= easons and for the extra logic the wildcard port entails at registration and= request serving times, but right now the spec forces me to- more reasons fo= r relaxing the MUST for all 3 methods as mentioned earlier.. >> =20 >> =C2=A712 >> I am not exactly sure where to place the following- this section (or a su= bsection) might be the best fit. >> As mentioned during the interim meeting, the omission of the implicit flo= w in OAuth2.1 has already caused a lot of people to interpret this as an ind= irect deprecation of the use of implicit flow by OpenID Connect for obtainin= g ID_tokens, either via traditional response_modes or via form_post. >> We already debated and concluded that the reasons that led to the omissio= n of the implicit grant in 2.1 do not apply to ID_tokens, hence there=E2=80=99= s no reason for people to stop using OpenID Connect that way.=20 >> Formally we are in the clear, as OIDC is vased on 2.0 the omission of imp= licit here does not prevent it as extension grant in OIDC anyway- but the fo= rmal stance doesn=E2=80=99t help in preventing the confusion and assuaging t= he concerns of the developers who aren=E2=80=99t as well versed as the peopl= e on this list in all things specifications. >> Because of this, I recommend we add some language here that prevents that= confusion. Something like=20 >> =20 >> * The Implicit grant ("response_type=3Dtoken") is omitted from this >> specification as per Section 2.1.2 of[I-D.ietf-oauth-security-topic= s] >> Please note: the omission of the implicit grant from this specification d= oes not automatically imply that other extension grants obtaining credential= s directly from the authorization endpoint should also be discarded. For exa= mple, the implicit flow defined in Section 3.2 of [OIDC] remains valid for a= ll the response_type values not including =E2=80=9Ctoken=E2=80=9D.=20 >> =20 >> Although it might be a bit unusual to refer to details of specs from othe= r entities, this spec already mentions OpenID 9 times even excluding =C2=A71= 4.2- and as soon as the browser apps section will be included, that number i= s certain to rise. And the confusion on this point is truly widespread- addi= ng language along the lines of the above directly in the core would go a lon= g way to save a lot of grief. >> =20 >> =20 >> =20 >> =20 >> =20 >> =20 >> =20 >> =20 >> =20 >> =20 >> =20 >> =20 >> =20 >> =20 >> =20 >> =20 >> =20 >> =20 >> =20 >> =20 >> =20 >> =20 >>=20 >> =20 >>=20 >> =20 >>=20 >> =20 >>=20 >> =20 >>=20 >> =20 >>=20 >> =20 >>=20 >> =20 >>=20 >> =20 >>=20 >> =20 >>=20 >> =20 >>=20 >> =20 >>=20 >> =20 >>=20 >> =20 >>=20 >> =20 >>=20 >> =20 >>=20 >> =20 >>=20 >> =20 >>=20 >> =20 >>=20 >> =20 >>=20 >> =20 >>=20 >> =20 >>=20 >> =20 >>=20 >> =20 >>=20 >> =20 >>=20 >> =20 >>=20 >> =20 >>=20 >> =20 >>=20 >> =20 --Apple-Mail-7BA6FD10-303C-4CED-8DDD-169D59913E3D Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable
    Thanks as lot Vittorio! Yo= u gave us a lot of homework but I think the draft will be improved a lot bas= ed on it.

    Re OIDC implicit:= I=E2=80=98m reluctant to explicitly endorse use of OIDC implicit (response t= ype =E2=80=9Eid_token=E2=80=9C or =E2=80=9Ecode id_token=E2=80=9C) as there a= re examples in the wild where the id_token is used as access token. Moreover= , I=E2=80=98m not aware of any systematic security threat analysis of those f= lows.

    I=E2=80=98m fine with= pointing out to readers that omission of response type =E2=80=9Etoken=E2=80= =9C does not deprecate other extension response types.

    WDYT?

    Am 09.12.2020 um 01:55 schrieb Dick Hardt <dick.hardt@gmail.com= >:

    =EF= =BB=BF
    Thank you very much for your detailed feedback Vittor= io!
    =E1=90=A7

    On Tue, Dec 8, 2= 020 at 3:22 PM <vittorio.b= ertocci@auth0.com> wrote:

    Dear authors,<= /u>

    It took ages but I finally managed to g= o thru a full review of the current OAuth2.1 draft. Apologies for the delay.=

    Metacomments:

    • The VAST majority of the comme= nts are suggestions for improving clarity, mostly on historical language com= ing from 2.0 that I found myself having to clarify to customers and colleagu= es over and over thru the years. None of those are critical.
    • There are a few places where 2.1 requires a MUST I believe to be u= nwarranted/too restrictive. For each of those I did my best to provide conte= xt and concrete examples.
    • A sizeable category of c= omments and disagreements on MUST come from treating mobile and desktop apps= as largely equivalent under the =E2=80=9Cnative app=E2=80=9D umbrella, desp= ite of the vast gulf that separates the two both in terms of security postur= e and user experience. Again, I tried to be as matter of fact as possible in= there.
    • The main reason for which I spoke up durin= g the IETF interim on oauth2.1 was the confusion the omission f the implicit= grant caused among the devs using implicit in OIDC for obtaining ID_tokens.= I suggested some language to pre-empt the issue, but I expect some iteratio= n there.

    Thanks,=

    V

    =  

    =C2=A71

    I wonder whether we should take the opportunity offered by OAuth= 2.1 to clarify frequent points of confusion about OAuth, by explicitly calli= ng out in the introduction what is out of scope.

    For example: OAuth is not an identity protocol, as it doesn=E2=80= =99t concern itself with how resource owners are authenticated; OAuth isn=E2= =80=99t meant to address 1st party scenarios, although the reader= is free to use it in that context as well; and so on.

    I believe there is value in adding this in the introducti= on rather than relegating it in some later considerations section, as the pe= ople who need this information the most rarely read past this point.<= u>

     

    =C2=A71.1

    In the RS definition, w= ondering whether including the word =E2=80=9CAPI=E2=80=9D would help to clar= ify what an RS is in practice.

     

    =C2=A71.2

    I always found this part extraordinarily difficult to deciph= er. I get that this is the first description and doesn=E2=80=99t have to be e= xhaustive and consider all cases (eg it=E2=80=99s ok if step 3 claims that t= he client authenticates w the AS even tho that=E2=80=99s only for confidenti= al clients), but I think it could be much clearer than it is today.

    Step 1 says

    The client requests authorization from the reso= urce owner.  The authorization request can be made directly to the reso= urce owner (as shown), or preferably indirectly via the authorization server= as an intermediary.

    Besides t= he fact that =E2=80=9Crequests authorization=E2=80=9D is a bit vague, this s= tep and the corresponding diagram leg does not correspond at all to what nor= mally happens- to get a code, the client does need to hit the AS and the men= tion in passing in the text isn=E2=80=99t enough to figure that out. Also, w= ith the omission of ROPG there really isn=E2=80=99t any way of asking anythi= ng to the RO directly (the client creds doesn=E2=80=99t involve the RO).<= /u>

    I would recommend updating that diagram= to be more descriptive of the canonical scenario.

    Step 2

    mentions the 2= grants defined in the spec, but only one of them represents the RO=E2=80=99= s authorization. Claiming that the client itself is the RO is a formalism th= at doesn=E2=80=99t meet the reader=E2=80=99s intuition at this point.=

    Step 5

    The language here triggered multiple discussions, in particular on whe= ther the AT can actually be used to ascertain the identity of the client =E2= =80=93 that isn=E2=80=99t the case for public clients, for example; besides,= that=E2=80=99s not really the highest order bit of the AT. If it is, it see= ms that the spec should be more explicit about how client identification fro= m the RS by means of an AT works. If it isn=E2=80=99t, perhaps we should cha= nge the language to omit authenticate.

    The last paragraph is emblematic IMO =E2=80=93 if the preferred method is= very different from the diagram here, and if the abstraction presented here= is not terribly useful (given that we no longer have multiple RO based gran= ts, excluding the extension grants that are still too far at this point to w= arrant a cognitive downpayment for the reader) I wonder whether we=E2=80=99d= be better off doing the authz code diagram directly (and mention that we al= so have the client creds grant separately).

     

    =C2=A71.3

    I understand that we can=E2=80=99t really chang= e this because we inherit from OAuth 2 but I=E2=80=99ll mention it anyway- m= odeling clients as ROs is problematic, as it doesn=E2=80=99t often match wha= t happens in practice. A confidential client might batch-read a user=E2=80=99= s inbox searching for ad words, but the resource owner remains the user.<= /u>

    I know we straighten things up in 1.3.2= , but the positioning here is confusing.

    Also: isn=E2=80=99t the refresh token grant a core-specified grant as w= ell? I know I am nitpicking.

    =C2=A71.3.1

    We don=E2=80=99t say anywhere here that the authorization code ca= n be exchanged for an access token. It can be somewhat inferred from 1.2, bu= t it=E2=80=99s a bit of an intelligence test (one needs to infer from author= ization grant).

    P2

    =

    =E2=80=9Cobtains authorization=E2=80=9D could be more= specific, to reinforce that we are doing a delegated flow. =E2=80=9CObtains= =E2=80=9D seem to suggest that we are talking about consent, rather than AS s= ide rules. If that=E2=80=99s the case, calling it out might make the scenari= o clearer.

    P3

    Both the benefits listed apply to confidential clients onl= y. Not sure whether calling it out here would help prevent confusion later o= n (eg people thinking that public clients can prove their identity) or would= bring confusion on now (given that we didn=E2=80=99t differentiate between c= lient types yet). Either ways, formally we are OK here; I am just thinking h= ow to make things clearer. Perhaps defining client types before grants might= help being clearer here.

    &nb= sp;

    =C2=A71.3.2

    A concrete example of credential (eg shared secret) might help c= larify things here. Also, the fact that client credentials indicate both a g= rant in itself and an artifact (which participates in other grants) is a wel= l know source of confusion. Wondering if calling this out here might help.

     

    =C2=A71.4

    In general, we u= se =E2=80=9Caccess token=E2=80=9D and =E2=80=9Ctoken=E2=80=9D interchangeabl= y- perhaps pedantic, but I would suggest we always use =E2=80=9Caccess token= =E2=80=9D to prevent confusion with refresh tokens later on, and other token= types in other contexts (eg think ID tokens).

    P1

    The client should trea= t the AT string as opaque, but that doesn=E2=80=99t necessarily means it is:= in some cases the client CAN see inside the token, and with the current lan= guage they might interpret it as =E2=80=9Cin this case, it=E2=80=99s OK to l= ook- otherwise they would have made it opaque, per the spec=E2=80=9D.=

     

    =C2=A71.5

    The first phrase of P= 1 is wonderfully clear. We should have the equivalent in =C2=A71.3.1<= u>

    Not having defined a mechanism for requesti= ng a RT here, leaving it to ASes to decide when and where, created the situa= tion in which some AS only issues RTs when they get the offline_access scope= , with all the unfortunate consequences about RT lifetime vs session lifetim= e etc=E2=80=A6 I know we can=E2=80=99t really change this now as we don=E2=80= =99t want to break existing AS implementations, but wondering if there=E2=80= =99s anything we can say to further clarify/give readers a headsup about the= ambiguity/diversity of behaviors they=E2=80=99ll encounter here.<= /u>

    P2

    It=E2= =80=99s odd that we say =E2=80=9Cusually opaque to the client=E2=80=9D = for the RT while we decisively said opaque for the AT. Also, the client sho= uln=E2=80=99t do anything w the RT content hence I think the same considerat= ions done for =C2=A71.4P2 apply here.

    =E2=80=9CT=
he token denotes an identifier used to retrieve the authorization informatio=
n=E2=80=9D gets into the spec=
ifics of the implementation and it=E2=80=99s not universally true (some AS e=
ncrypt/sign the authz info in the RT itself and have no server state whatsoe=
ver.

    Step 3

    Should we add a reference to RFC6750 here?

     

    =C2=A71.8

    Should we say rich *= delegated* authorization framework?

     

    =C2=A72

    = 
    =E2=80=9Cend-user interaction with an HTML registration form=E2=80=9D is oddly specific =F0=9F=98=8A in particular, I think =E2=80=9Cend user=E2=80=9D might be misle=
ading. We can either say =E2=80=9Cinteractive=E2=80=9D or refer =E2=80=9Cthe=
 client app developer=E2=80=9D or equivalent.
    Overkill but I= =E2=80=99ll mention it anyway. Should we say that typically the client regis= tration in the non-dynamic scenario occurs in authenticated settings? Not st= rictly necessary but might help the reader to tie what we say in this sectio= n with their concrete experience.
     
    =C2=
=A72.1
    P4
    =E2=80=9CAuthorization servers SHOULD consider the level of confidence in=
 a client's identity when deciding whether they allow such a client access t=
o more critical functions, such as the Client Credentials grant type.=E2=80=9D=
 
    I don=E2=80=99t understand this sentence. Is the client c=
redentials grant type a =E2=80=9Cmore critical function=E2=80=9D? Or is it a=
 level of confidence? Either ways, I think it needs clarifying.
    P5
    IMPORTANT: this is going to break many OAuth implem=
entations with significant adoption. Auth0 is fine (each client_id is tied t=
o a single client type) but I know of others that will break.<=
/span>
    I suggest softening to a SHOULD NOT.
    =E2=80=9Cbrowser-ba=
sed application=E2=80=9D
    I am not convinced this is so much=
 easier than the original =E2=80=9Cuser-agent-based=E2=80=9D. I understand t=
he advantages (dovetails w the BCP, more precise given that apps can be user=
 agent as wells nowadays, more familiar) however the break w 2.0 terminology=
 is jarring. I don=E2=80=99t feel very strongly about it but enough to type i=
t.
     
    =C2=A72.2
    It=E2=
=80=99s a bit odd to define the client identifier like it=E2=80=99s somethin=
g brand new when =C2=A72.1 already introduced it. This language from the ori=
ginal 2.0 might need to be revised to accommodate that change.=

    Wondering whether a warning against structured client_ids (eg identifier=
s assembled thru some string template, like developer name+region+serial) wo=
uld be in order. Perhaps in the security considerations?
     
    =C2=A72.3
    P1
    That sou=
nds vaguely circular, given that being assigned credentials might be conside=
red part of the =E2=80=9Cestablish a client authentication method=E2=80=9D t=
ask listed there. I=E2=80=99d simply say =E2=80=9Cif the client is confident=
ial or credentialed=E2=80=9D.
    P2
    =

    I=E2=80=99=
d add =E2=80=9Cby the authorization server=E2=80=9D for good measure.=

    P3
    That sounds vague. Shouldn=E2=80=99t it be ma=
ndatory for the AS to require client auth for the client types who have cred=
s? =E2=80=9Cif possible=E2=80=9D seem to open the possibility of circumstanc=
es where that=E2=80=99s not he case.
    P5
    I t=
hink that this idea of identifying the client will need to be fleshed out mo=
re for people to fully understand it. Credentialed clients can prove that th=
ey are the same client instance across multiple transactions, which some mig=
ht consider a weak form of identification. To rule that out, it has to be me=
ntioned upfront IMO. If not here, in some of the considerations section=E2=80=
=A6 with a forward reference here.
    P6<=
/pre>
    Do w=
e say why anywhere? If yes, we should reference it. If not, perhaps we shoul=
d.
     
    =C2=A72.3.1=

    We n=
o longer mentioned the empty client secret, but we don=E2=80=99t forbid it e=
ither. What=E2=80=99s our stance?
     
    =C2=
=A72.3.2
    In =C2=A72.3 we mention MTLS, private_key_jwt, but=
 here we just point the reader to IANA. It looks like echoing those methods h=
ere might help clarity.
     
    =C2=A73.1
    Last paragraph
    I have been in discussions w=
here readers interpreted this as =E2=80=9Cyou cannot send custom parameters t=
o the authorization server=E2=80=9D. To preempt that mistake, we mighr consi=
der calling out that custom extensions _are_ permitted as long as the AS sup=
ports them. I know that=E2=80=99s what the current language says already.=

     
    =C2=A73.1.1
    Wonderin=
g if referring to some specific, well known extensions (like OIDC) might hel=
p readers to better understand this point.
     =

    =C2=A73.1.2
    RFC3986 6.2.1 talks about character by c=
haracter comparison, but doesn=E2=80=99t mention case sensitivity. I am sure=
 it does elsewhere in the spec, but for clarify and readability I recommend s=
pecifying the desired behavior directly here.
     =

    =C2=A73.1.2.1
    Personally, I would advocate for a=
 MUST here. True, lots of people won=E2=80=99t comply at development time, b=
ut I think that=E2=80=99s OK as long as they do use TLS when going in produc=
tion. 
    Also, SameSite changes are making the use of HTTPS a=
t dev time more and more common. If OAuth2.1 is about picking the best of th=
e security practices, this seems like a an obvious candidate.<=
/span>
     
    =C2=A73.1.2.2
    P3
    =E2=80=9Clack of requiring=E2=80=9D doesn=E2=80=99t sound proper.
     
    =C2=A73.2
    P2=

    Should we also say that the spec doesn=E2=80=99t care about _when_ the c=
lient obtains the endpoint?
    Last P
    Same co=
nsiderations as =C2=A73.1
     
    =

    =C2=A73.2=
.1
    P1
    That=E2=80=99s stricter than =C2=A72=
.3P3 =E2=80=93 I think the language there should be tweaked to be coherent w=
ith the one here.
     
    =C2=A73.3<=
u>
    Wondering if the =E2=80=9Cscope strings order does not matter=E2=80=
=9D point should be somehow emphasized or clarified. I know of implementatio=
ns who considered heuristics such as =E2=80=9Cif the scopes requested corres=
pond to multiple resources, I=E2=80=99ll show consent for all byt the token e=
ventually issued when redeeming the code will have as audience the resource c=
orresponding to the FIRST requested scope=E2=80=9D, which would violate the o=
rder invariant requirement. 
     
    =C2=A7=
4
    Potentially VERY confusing. I would recommend to be more s=
pecific and state that =E2=80=9COAuth 2.1 defines two grant types=E2=80=
=9D. 
     
    =C2=A74.1
    Di=
agram
    Not critical. But I want to point it out. The first t=
ime I saw this diagram I found it confusing. The fact that the same numeral i=
s assigned to multiple legs is just odd for anyone not already familiar with=
 the flow, possibly still struggling to understand the client as a service s=
ide component.
    Also, now that we have mighty SVG support, I=
 would strongly advocate for a modern version of this diagram (there lines p=
erhaps don=E2=80=99t need to be broken into segments).<=
/pre>
    Step=
 5
    =E2=80=9Coptionally, a refresh token=E2=80=9D is too vag=
ue IMO. I will look for opportunities to clarify later in the spec, given th=
at this might not be the best place to go in details.
     
    =C2=A74.1.1
    Overall: a high summary of t=
he steps in this preamble might help. The current denormalization in subsect=
ion can be pretty hard to follow for someone seeing this for the first time.=
 
    Also: creating challenge and verifier BEFORE assembling t=
he request seems profoundly counterintuitive to me, as it emphasizes a secur=
ity measure over the core function of this leg of the flow. Unless there=E2=80=
=99s a crypto reason for this current sequencing that I can=E2=80=99t see, I=
 recommend first creating the core request (what=E2=80=99s now 4.1.1.3) and t=
hen attaching challenge and verifier. Also, sending the message can be its o=
wn subsection rathe than being conflated with the last message composition s=
ubsection.
    P1
    =E2=80=9Cto begin=E2=80=9D r=
emains a bit suspended, given that there=E2=80=99s no obvious segue on what c=
onstitutes the steps after the beginning. 
    P2=

    =E2=80=9Clater use with the authorization code=E2=80=9D could be clearer=
, e.g. =E2=80=9Cat authorization code redemption time=E2=80=9D. At this poin=
t that might still not be obvious for the reader.
    =

    Mentionin=
g the provenance of properties (parameters?) code_challenge and code_verifie=
r without first having introduced them might confuse people not already fami=
liar with them and the request process in general, as their function will no=
t be obvious not naturally map with the preceding sentencer.
    P3
    Imposing a MUST before knowing what those this are yet=
 is not as clear as it would be if this would be stated after their use and f=
unction has been explained.
     
    =C2=A74=
.1.1.3
    On state. Given the change vs OAuth2, I think it mig=
ht be helpful to call out the relevant section on the appendix about differe=
nces to help people familiar w 2.0 not to miss this important change and avo=
id doing work twice.
     
    =
=C2=A74.1.2=

    P2
    Should we say that the code should be opa=
que to the client, to discourage the use of structured code templates that c=
an be partially manufactured?
    P8
    =

    =E2=80=9C=
he server MUST NOT  include the "code_challenge" value in client reques=
ts=E2=80=9D, was that meant to be =E2=80=9Cresponses=E2=80=9D? 
    Qualifying =E2=80=9Cother entities=E2=80=9D (anyone but the AS?) might m=
ake this point clearer.
     
    =C2=A74.3
    We mentioned extension grants in passing, but I don=E2=80=99=
t recall seeing a definition/description of their function in the context of=
 the framework. Even a short sentence to that effect here would help, given t=
hat the section title names them explicitly. Also, stressing that the device=
 flow is just one example and other extensions might differ (for example in t=
heir logic to establish whether an access token request is valid and authori=
zed) would go a long way in helping the reader put this section in better fo=
cus.
     
    =C2=A75.1=

    On t=
he access_token parameter. Given the discussions we had for the JWT AT profi=
le draft, I am wondering whether it should be called out here that the AT re=
cipient is the RS, that the client should not expect to be able to parse the=
 access_token, and that the AS is under no obligation to use a consistent AT=
 encoding outside of what is negotiated with the RS. I don=E2=80=99t feel ve=
ry strongly about this, or about where in the spec this should be called out=
, but it sure would have made life easier in those discussions- hence the co=
mment.
    On the refresh_token parameter. The lack of details i=
n how OAuth2 describes how/when an AS returns refresh tokens led to today=E2=
=80=99s complicated situation in which many implementations issue RTs only w=
hen OIDC=E2=80=99s offline_access is received in the scopes, as it was the o=
nly mention in public specs describing a concrete behavior. See the associat=
ed online_access discussion on the OIDC list, as RTs gain importance as sess=
ion artifacts of sort for SPAs now that implicit is dead and ITP makes ifram=
e renewals problematic.
    Unfortunately it is too late to be p=
rescriptive here, as we cannot break compatibility with whatever choices exi=
sting AS implementations made. However we can be more descriptive and give t=
he reader a better idea of what=E2=80=99s the range of possibilities. Some n=
onnormative examples of how existing AS determine whether to issue an RT or n=
ot (eg as an option determined at client registration time, or any other heu=
ristic you guys encountered in the wild) might help people to better underst=
and their options and the intent of the specification here.
     
    =C2=A75.2
    It might help to remind the r=
eader here that extensions to the core spec might specify or further special=
ize circumstances in which the errors mentioned here are returned (for examp=
le, see the validation errors in the JWT AT profile). There=E2=80=99s a ment=
ion of that in =C2=A77.3.1 but that=E2=80=99s pretty far, and having even br=
ief language here might be handy for people reading the spec for reference r=
ather than cover to cover.
     
    =C2=A76<=
u>
    P1
    I think the risk assessment is just one=
 of the factors an AS might use to decide whether to issue an RT or not. The=
 current language suggests risk is the only determinant in that decision and=
 that doesn=E2=80=99t seem right.
    Saying that one might ref=
resh tokens using other grants seems odd. A new authorization code grant get=
s me a new token and offers me the opportunity to describe what token I want=
 (scopes etc), the fact that I might choose to ask the exact same things I a=
sked in the original request is expediency. I would rather phrase this as th=
e fact that the client can simply repeat the original request, and external f=
actors such as cookies, sessions and other auth method specific options may a=
llow the client to do so without prompting the user.
    P2<=
/u>
    We might need to be more precise here. Do we mean the scopes c=
onsented by the RO in the request that led to the issuance of the RT being u=
sed? Just saying consented by the RO for the client does not exclude cases i=
n which there are more instances of the client in operation. Say that I am r=
unning uber on phone 1 and I consent to read my google calendar, getting AT1=
 and RT1. Say that on phone 2 I also run the uber app, and this time I conse=
nt to write my google calendar, obtaining AT2 and RT2 on this new device. No=
w consider the various combinations here. Should RT2 allow me to get calenda=
r:read too, given that it was already consented by RO for this client? Shoul=
d RT1 allow me to get AT1=E2=80=99 containing calendar:write, given that RO c=
onsented for it when using a different instance of the same client? Whatever=
 is the answer you want to the questions above, I think the spec should have=
 language clear enough to unambiguously determine the desired behavior.
     
    =C2=A76.1
    It=E2=80=99s=
 a bit confusing that half of the RT use requirements is in =C2=A76 (the req=
uirement to authenticate confidential/credentialed clients) and half is in h=
ere, with the only differentiator being the nature of the client. This is pr=
etty minor, but I think I would personally find clearer if all the requireme=
nts for the use of an RT would be consolidated in a single place. It=E2=80=99=
s true that the public client reqs are a SHOULD, but still.
    Rotation.
    Wondering whether it would be wise to advise the=
 reader to have their AS revoke all the still valid ATs issued by the AS fro=
m the same session/family of RTs upon detection of a RT reuse. It is not unc=
ommon for clients to request new ATs before their projected expiration.
    P6
    I think the =E2=80=9CMAY=E2=80=9D here migh=
t be confusing when applied to the rotation, as in either the AS does it, or=
 the scenario won=E2=80=99t work. I understand this is formally correct, but=
 perhaps explicitly calling out some cases in which the AS might decide to d=
o otherwise and acknowledge that in that case the client will be stuck might=
 help clarify. Also, if the public client protection measures were in =C2=A7=
6 instead of here, there would be less opportunities for confusion as it wou=
ld be easier to grok that this doesn=E2=80=99t apply to the rotation case on=
ly (now adjacent) but to other RT reissuance cases as well (eg sliding expir=
ation).
    On the identical scopes requirement. Say that after=
 obtaining RT1, which includes scopes s1 and s2 for client c1, the RO revoke=
s authorization for c1 to use s2. Should the AS fail the RT redemption, or r=
eturn an AT with only s1 and a scopes parameter informing the client of the c=
hange? As developer I would prefer the latter, to preserve the experience: b=
ut if we are adamant about the current language, I think it might be useful t=
o explicitly call out that any changes to the grant on the AS side should re=
sult in failure of the RT redemption.
    P7
    C=
alling out deprovisioning of RO might be useful as well.
    On=
 =E2=80=9Cthe logout at the AS=E2=80=9D event, that=E2=80=99s definitely a v=
alid case but I worry about how presenting that alone might reinforce misund=
erstandings that equate RTs with sessions. There are certainly times where w=
e want that (see mentions earlier of the online_access discussions) but ther=
e are also cases where the ability of a client to refresh ATs needs to survi=
ve session boundaries (offline_access) and confusing the two are problematic=
. I don=E2=80=99t have a clear solution here, just pointing out a potential p=
oint of confusion. Maybe there will be more opportunities to clarify later i=
n the spec.
     
    =C2=A77
    P1
    An important case to call out is the AS-RS colocation,=
 where neither introspection nor token format agreements are necessary. I su=
ggest mentioning it openly.
     
    =C2=A77=
.2
    =E2=80=9Cbearer tokens may be extended to include proof-=
of-possession  techniques by other specifications=E2=80=9D sounds like a=
n oxymoron. Wouldn=E2=80=99t PoP make the token no longer bearer by the very=
 definition above?
    It looks like we might need a term for s=
imply =E2=80=9Ctoken=E2=80=9D.
     <=
/pre>
    =C2=A7=
7.2.1
    Do we also want to forbid two tokens in the same requ=
est, using different methods? Current language only constraints the behavior=
 of one token.
     
    =C2=A77.2.3
    <=
/span>
    The=
 =E2=80=9Cinsufficient_scope=E2=80=9D description here is problematic. The p=
rivileges the AT carries/points to are not necessarily (or exclusively) repr=
esented by the included scopes (eg the RO might have granted document:read t=
o the client, but RO might have no privileges for the particular document be=
ing requested in this particular call). It might be useful to specify that =E2=
=80=9Cinvalid_scope=E2=80=9D should be used for authorization errors that ca=
n be actually expressed in terms of delegated authorization, leaving to RS i=
mplementers the freedom to handle other authorization issues (eg user privil=
eges, RBAC, etc) with a different error code. Or at least, we should be clea=
r that authorization logic not expressed via scopes is out of scope (pun not=
 intended) for this specification.
    Note, this isn=E2=80=99t=
 an abstract problem: there are SDKs out there that use =E2=80=9Cinvalid_sco=
pe=E2=80=9D for every permission issues. Very confusing.
     
    =C2=A77.3.1
    We rewrite portions of 67=
50 in oauth2.1, but here we refer to it as its own spec=E2=80=A6 that could b=
e confusing as it=E2=80=99s unclear which parts of 6750 are overridden by oa=
uth2.1 (eg no more querystring) and what parts remain normative. Perhaps we c=
an call those things out in the sections meant to replace the corresponding s=
ections in 6750.
     
    =C2=A77.4.2=

    Pedantic: although the title of the section states it, wondering w=
hether every instance of =E2=80=9Ctoken=E2=80=9D here should be =E2=80=9Cacc=
ess token=E2=80=9D instead. Think of cases in which the spec is quoted in di=
scussions and disputes, where snippets can be pasted and mentioned outside o=
f the context of this section.
    P2
    Referenc=
ing the JWT AT profile as an example of extension providing the info out of s=
cope for the core might help the reader grok a concrete example.
     
    =C2=A77.4.3.5
    <=
span style=3D"font-size:11pt;font-family:Calibri,sans-serif">=E2=80=9Cone ho=
ur or less=E2=80=9D seems very arbitrary, and breaks step in respect to what=
 the spec does elsewhere (eg we don=E2=80=99t give any indication of how lon=
g an AS should wait to invalidate an RT for inactivity, but we do say the AS=
 should do so). I would actually not provide any reference value here.
     
    =C2=A77.4.3.6
    =

    Another o=
pportunity of referencing the JWT AT profile for a concrete example of detai=
led audience restriction guidance in ATs.
     <=
/u>
    =C2=A77.4.3.7
    Besides the indications given to clien=
ts here, should we also give guidance to an RS to ignore tokens passed that w=
ay?
     
    =C2=A77.4.5
    Al=
ong the same lines of the comments about delegated authorization earlier for=
 =C2=A77.2.3. I think it would be useful to acknowledge here that ATs might c=
arry, and RSs might expect, authorization information that go beyond the del=
egated authorization for 3rd party API case that is core to OAuth=
- and remind the reader that those mechanisms are out of scope for oauth hen=
ce they shouldn=E2=80=99t expect those aspects to be addressed/handled/regul=
ated by this specification. 
     
    =C2=A7=
8
    As mentioned earlier, it seems a potentially confusing to=
 reference the section of a document being superseded. I do see an issue in r=
edefining here something already established and in use, hence I am not expe=
cting this to change. Just wondering whether we need to provide a more expli=
cit map of the sections in 6749 that are being updated by oauth2.1.
     
    =C2=A79
    Should we also say=
 something about the scenario being chiefly 3rd party clients? We=
 know lots of people use OAuth2 for 1st party scenarios and some c=
onsiderations might differ. This might be an opportunity to finally make tha=
t clear.
     
    =C2=A79.1
    P=
1
    Well, the AS doesn=E2=80=99t really use client auth... th=
e active part here is the client itself. Perhaps the AS can require it, when=
 possible.
    P2
    Unclear. Are we saying that i=
f it is possible to safely distribute keys to client, the AS MUST use client=
 auth? That seems odd, there might be other reasons coming into play (cost, s=
ecurity posture) making that choice not viable. Or is the intent to say that=
 the AS should not use client auth if the key distribution cannot be trusted=
? That sounds far more realistic, but then the language should be tweaked or=
 the reader might pick the former interpretation.
    =

    P3=

    The AS can=E2=80=99t really PREVENT creds forwarding as the RO ma=
chine might still have funny business going on (eg DNS attacks). Some softer=
 language might be more accurate there. 
    P4
    That sounds very abstract. What does it mean? That the AS should consider t=
o issuing RTs to public clients? If that=E2=80=99s the case, we should just s=
ay so=E2=80=A6 tho without more details, I don=E2=80=99t know how actionable=
 the guidance here will be. I can see BoFa requiring a user to reauth in the=
ir iPhone app after inactivity, but I don=E2=80=99t see Uber doing so for th=
eir app.. unless they produce long lived ATs, which isn=E2=80=99t what we wa=
nt either.
    P5 
    This could be clearer. The d=
ynamic client registration case just flesh out the confidence level an AS ca=
n have in its identity, but does not offer a corresponding privilege level t=
o it =E2=80=93 whereas the second case does mention assigned privileges expl=
icitly. Also, pitting =E2=80=9Cdynamically registered client=E2=80=9D vs =E2=
=80=9Cweb application=E2=80=9D might suggest the app type is a factor, where=
as AFAIK 7591 can be used for registering web apps too (whether that s wise o=
r not is immaterial here).
    =C2=A79.2
    Shoul=
d we say something about whether native clients should be allowed to be =E2=80=
=9Cupgraded=E2=80=9D as confidential clients in the future, or the other way=
 round? I know of scenarios where people did that to preserve consent info, b=
ut that seem sketchy security wise.
    P3=

    The=
 SHOULD here refers to a requirement that in 10.3.1 is a MUST. I don=E2=80=99=
t think the MUST is warranted (more about that in the 10.3.1 comments) but i=
f we do keep it, it looks like the level should be coherent here.<=
/u>
    P4
    That example is compatible with a SHOULD- works n=
ow, but would look odd if we=E2=80=99d upgrade P3 with a MUST for coherence w=
ith 10.3.1.
    P5
    Inclusion where/how? We shou=
ld be precise IMO. If it=E2=80=99s just registration material (eg not part o=
f the redirect URI), we should mention how we expect it to be used in the co=
ntext of OAuth- and if we don=E2=80=99t know, perhaps we should not mention i=
t here. 
     
    =C2=A79.3
    P=
1
    I know it becomes clearer later on, but I think it would h=
elp here to explicitly call out confidential and credentialed client as the s=
ubject of this sentence. Those are the only client types with credentials, h=
ence the current language is formally correct. This is just for clarity.<=
/u>
    P2
    I thought we require redirect URI registra=
tion in all cases? This makes it sound it=E2=80=99s only for public clients.=

    P3
    I have been in various discussions whe=
re people were attempting to interpret what =E2=80=9Cexplicit RO authenticat=
ion=E2=80=9D means in practice. Is it a full credential prompt regardless of=
 whether one session already exists? A selection between existing sessions, i=
f present?
    P4
    This is unclear. As it curre=
ntly reads it seems to prohibit things like getting a new authz code silentl=
y via iframe (and prompt=3Dnone or equivalent UX suppressing mechanism, plea=
se ignore the ITP complications for the sake of argument). 
     
    =C2=A79.3.1
    P1
    I d=
on=E2=80=99t follow this sentence. The client identity cannot be proved for p=
ublic clients (see also next P), and the native apps are public clients unle=
ss otherwise specified (eg credentialed).
    P2<=
/span>
    I find this misleading. Client side measures such as claimed schemes, dom=
ains etc might work to prevent an app impersonating another app on the same d=
evice/OS, but they aren=E2=80=99t guaranteed to be honored on other operatin=
g systems. The AS has no way of knowing whether those measures have been enf=
orced on the client, hence it should not accept them as proof.  =

     
    =C2=A79.4.1
    This is anot=
her place where a reference to the JWT AT profile would provide a concrete e=
xample of the conditions set forth here (eg RS guidance for audience validat=
ion).
    Also, as mentioned earlier, it might be useful to rem=
ind the reader that the AS might include in the token authorization informat=
ion that go beyond the delegated authz scenario OAuth2.x concerns itself wit=
h, and that those aspects are beyond the scope of this specification.  T=
hat would truly go a long way preventing people from abusing and overextendi=
ng the spec on scenarios it is not meant to address.
    And ev=
en for the canonical scenarios, it might be useful to remind the reader that=
 the RS might have extra logic not described in this spec that determines wh=
ether the call will be authorized or otherwise- to dispel the notion that th=
e AS is always the sole source of truth for authorization. 
     
    =C2=A79.4.2
    P2
    Cl=
arifying that MTLS is one instance of the sender constraint methods just men=
tioned would prevent some readers considering that an independent, additiona=
l constraint.
     
     =C2=A79.5<=
/u>
    In =C2=A76.1 we give more details about protection, should we have a b=
ackward reference to that section here?
    P2
    Is it worth to specify that it doesn=E2=80=99t matter how the AS tracks the=
 binding? (eg server side or embedded in the RT bits themselves).<=
/u>
     
    =C2=A79.6
    P1
    This language makes the assumption that for client cred grants, the sub wi=
ll take on the client_id value. That it certainly possible, but not a given.=
 As such, the language here should be explicit abouty the fact that it=E2=80=
=99s what we are expecting to happen in this particular scenario.<=
/u>
    P2
    Referring to the client as the actor here is conf=
using as soon as you move beyond client_id. When you talk about rhe sub or a=
ny other value, it=E2=80=99s not as much the client as it is the developer w=
ho owns the client. The difference is subtle but might be a source of confus=
ion.
     
    =C2=A79.7
    P3
    I thought that we were going to make PKCE or nonce the only two m=
andatory alternatives? Nothing against supporting state as an accepted way t=
o achieve this, just surprised as I recall people being quite adamant about p=
ushing PKCE.
    P4
    Looks like the iss response p=
arameter might make the distinct redirect URIs unnecessary?
     
    =C2=A79.7.1
    The guidance in this s=
ection isn=E2=80=99t likely to be widely followed, but I understand the rati=
onale behind it.
     
    =C2=A79.8
    P2
    That=E2=80=99s probably obvious, but I think we=
 should specify that those multiple attempts should come with the expected c=
ode verifier as well for the revocation logic to be triggered- if it=E2=80=99=
s just the code without verifier, it doesn=E2=80=99t look like the leak went=
 far enough to warrant that intervention.
    P4<=
/span>
    If this holds, then the remark about the use of state for CSRF in =C2=A79=
.7 P3 seems unnecessary.
    P9
    =
The use of MUS=
T here seems incompatible with the concession of using nonce instead of PKCE=
. Either we allow it or we don=E2=80=99t=E2=80=A6
    =

     <=
u>
    =C2=A79.11
    P1
    Now that we no lon=
ger trade in RO passwords, should we mention them here? Sure, if the AS uses=
 passwords they do need protection, but so do lots of other things the AS mi=
ght use as part of auth that we don=E2=80=99t mention here for Occam=E2=80=99=
s razor. 
    P3
    What other means are we refer=
ring to? 
     
    =C2=A79.12<=
/span>
    =E2=80=9Cservice providers=E2=80=9D occurs for the first time in the docu=
ment here. Tying the guidance to entities already mentioned in the doc (clie=
nts, AS) might make things clearer/more actionable.
    =
 
    =C2=A79.13
    I understand that some of the c=
omments in this area should be done on the BCP rather than here, but here we=
 are. That said=E2=80=A6
    Blanket comment: this section seem=
s to assume native app =3D=3D mobile app, and that=E2=80=99s not strictly th=
e case. Desktop apps have different characteristics and desktop OSes differe=
nt capabilities. Would be clearer to make a distinction when relying on mobi=
le OS capabilitesas we  appear to do here.
    P2
    Embedded user-agent !=3D fake external user agent, but P2 uses that=
 interchangeably. A desktop app might use an embedded browser for UX reasons=
 and making no attempt whatsoever to disguise that as an external agent. And=
 I would be pretty surprised to see a malware remover get rid of google driv=
e for Mac, or Adobe products, or Office- all native apps using embedded user=
-agents for authentication.
    P3
    It=E2=80=99=
s unclear how the AS would do that, given that user agent strings can be fak=
ed. Google has its ML based secret sauce, but that might not be accessible b=
y everyone.
    P4
    This is mobile specific, doe=
sn=E2=80=99t apply to desktop apps as readily. Also unclear how that would c=
hange for the end user, given that pixel perfect replicas can easily include=
 fake address bars. More details on how a user would detect an actual browse=
r (presence of an existing session, access to bookmarks etc) might add enoug=
h color to help the reader truly understand the extent of the remedy power (=
or its true limits). 
     
    =C2=A79.14=

    There=E2=80=99s no action for the reader here. If that reflec=
ts the actual situation (none of the roles described in this spec can do any=
thing to mitigate or contain the damage, and solutions to prevent the situat=
ion lie outside its purview eg use MDM software on your corporate devices) w=
e should explicitly say so.
     
    =C2=A79=
.15
    A bit odd that we used CSRF throughout the document ass=
uming the reader was familiar with it, but here we attempt a definition. =

    Still confused on how we admit state as a valid mechanism, as=
 opposed to limiting to nonce and PKCE. Also note the potential discrepancy c=
alled out earlier in which at code redemption time we appear to require PKCE=
, in contrast to admitting nonce/state here.
    =
 <=
u>
    =C2=A79.18.2
    Wondering if here we should go as fa=
r as recommending the AS keeps dynamic client registration OFF when it=E2=80=
=99s not needed. That might provide good secure by default guidance for AS S=
DKs and product developers.
     
    =C2=A79=
.19
    I assume we=E2=80=99d add the =E2=80=9Ciss=E2=80=9D res=
ponse parameter as alternative to the requirements here?
     
    =C2=A79.20
    P1, P2, P3
    =
The security properties described here do not apply as is to desktop apps us=
ing embedded browsers.
    As mentioned earlier, on the desktop=
 the separation between apps isn=E2=80=99t as stark as on mobile- the keystr=
okes message pump is potentially accessible at the user session level, encom=
passing multiple applications. Although process separation mechanisms are in=
 place, the circumstances of the execution and the OS specific features in t=
his respect determine the degree to which entering credentials in one proces=
s makes the data inaccessible by another. We should not claim advantages we c=
annot guarantee, and we should be explicit about what measures specific to d=
ekstops should be considered to mitigate risks eg not executing apps as admi=
ns, enable and use UAC at the right level on Windows or equivalent on other O=
Ses, use app sandboxing when the OS supports it, etc. Not suggesting we call=
 out specific technologies like UAC, but at least point at the category of s=
ecurity measures.
    P4
    As mentioned above, t=
he presence of the address bar can be easily faked by pixel perfect replicas=
- relying on those is security theater.
    P5
    This is a valid concern, but if we want to frame it in the context of the s=
ecurity considerations section we need to add more color (eg minimizing the s=
ituations in which one needs to enter creds is good security practice).
     
    Another thing we might add as lowlight f=
or embedded browsers: password managers might not work, making the user=E2=80=
=99s life difficult and possibly promoting insecure situations (eg placing a=
 random pwd in the clipboard, where other apps might later steal it from).
    =C2=A79.21
    Do we need this here, given that=
 we cover this in depth earlier?
     <=
/pre>
    =C2=A7=
10
    I find this subdivision confusing. We have native client=
s considerations scattered throughout the entire specification, but now we h=
ave a dedicated section that somewhat repeats some of the points already mad=
e while interleaving new ones. Perhaps having a more specific section title,=
 one that better characterizes the content and intent of this section, would=
 avoid giving the impression that if the reader is interested in native clie=
nts, this is the only section they need to read.
    <=
pre>P2<=
u>
    See discussion so far on native vs desktop.
    Also:=
 I have been in ferocious discussions where people thought the external user=
 agent HAD to be the browser, which we know isn=E2=80=99t the case (hero app=
s like the FB SDK or OS features like sign in w Apple work just as well). So=
me language here giving a nod to those non-browser external user agents migh=
t help clarify.
    P4
    See previous discussion=
 on mobile!=3Ddesktop.
    P5
    I=E2=80=99d alwa=
ys qualify the =E2=80=9Cbrowser=E2=80=9D with system, external, device etc g=
iven that some reader calls the embedded user-agent =E2=80=9Cembedded browse=
r=E2=80=9D, hence just saying =E2=80=9Cbrowser=E2=80=9D without modifiers is=
 ambiguous.
    User authentication state.. on the device. I th=
ink specifying it will clarify what this really means.<=
/pre>
    <=
/u> 
    =C2=A710.1
    Unless you scope this statem=
ent to MOBILE apps, I think the MUST here should be a SHOULD. =

    The security posture of the desktop is different enough, and the quality=
 of the user experience when using a system browser bad and disomogeneous en=
ough, that a MUST isn=E2=80=99t justified here.
    &nbs=
p;
    =C2=A710.2
    Beware of the native-mobile false e=
quivalence here.
    P3
    One or two examples of=
 non-browser external user agents might help.
    P4<=
/u>
    Text pasted here is technically not a best practice but core.<=
u>
    I see there are examples here, so no need to add them in P3.
    It=E2=80=99s unclear why the external browser is RECOMMENDED her=
e- if it=E2=80=99s because we can=E2=80=99t go in details of the behavior of=
 non browser apps, it seems like we should say that much rather than making a=
 recommendation. In other words, RECOMMENDED expresses a strong preference f=
or it, but if I am on iOS and I want to sign in with Facebook I am actually b=
etter off using their SDK both for security and user experience reasons than=
 to use the system browser.
     
    =C2=A71=
0.3
    Requesting a MUST for all 3 methods seems restrictive=E2=
=80=A6 why not requesting at least one?
     
    =C2=A710.3.1
    P3
    This seems unnecessar=
ily restrictive. 3.8 in 7595 is mostly SHOULDs, and it refers to organizatio=
ns rather than individuals. Not every developer owns a domain, not every app=
 goes on an app store and is meant for general public consumption. An organi=
zation sideloading apps on managed devices should not be forced to follow th=
ose constraints if they control the environment and aren=E2=80=99t worried a=
bout other apps competing for the same schema, but placing a MUST here might=
 compel SDK developers to embed validation checks that would make developers=
 on those circumstances deal with complexity without any security upside. In=
 fact, apps should not even be required to have internet access in the gener=
al case but this requirement does impose that. 
    I think thi=
s is an important best practice that should be encouraged, RECOMMENDED or ev=
en SHOULDed , but it shouldn=E2=80=99t be a MUST in the core specification.<=
u>
     
    =C2=A710.3.2
    P4=

    Like everything happening on the client, the AS cannot really=
 take that as guarantee. What might be true for an app running on iOS might n=
ot apply if the requests are all manufactured via cURL on a Linux box. The s=
cope of those measures is really limited to one particular device or devices=
 sharing an OS, outside of that cohort there are no guarantees.
     
    =C2=A710.3.3
    This section shou=
ld come with glaring warnings, anything actively listening on the client ext=
ends the attack surface- an app listening on the loopback might now get affe=
cted by exploits in the local HTTP driver/local network stack and taken over=
, executing with the same privileges as the user (remember https://www.rapid7.com/db/vu=
lnerabilities/WINDOWS-HOTFIX-MS15-034/). The fact that the loopback is o=
nly accessible locally only reduces the risk but doesn=E2=80=99t eliminate i=
t, a local process with lower privileges might use that exploit for elevatio=
n of privileges for example. We should at least recommend that the app hosti=
ng the loopback adapter runs with low privileges, reiterate the =E2=80=9Clis=
ten only when you must=E2=80=9D and generally warn about the extra attack su=
rface.
    As AS I might not want to support this method at all=
, both for security reasons and for the extra logic the wildcard port entail=
s at registration and request serving times, but right now the spec forces m=
e to- more reasons for relaxing the MUST for all 3 methods as mentioned earl=
ier..
     
    =C2=A712=

    I a=
m not exactly sure where to place the following- this section (or a subsecti=
on) might be the best fit.
    As mentioned during the interim m=
eeting, the omission of the implicit flow in OAuth2.1 has already caused a l=
ot of people to interpret this as an indirect deprecation of the use of impl=
icit flow by OpenID Connect for obtaining ID_tokens, either via traditional&=
nbsp; response_modes or via form_post.
    We already debated an=
d concluded that the reasons that led to the omission of the implicit grant i=
n 2.1 do not apply to ID_tokens, hence there=E2=80=99s no reason for people t=
o stop using OpenID Connect that way. 
    Formally we are in th=
e clear, as OIDC is vased on 2.0 the omission of implicit here does not prev=
ent it as extension grant in OIDC anyway- but the formal stance doesn=E2=80=99=
t help in preventing the confusion and assuaging the concerns of the develop=
ers who aren=E2=80=99t as well versed as the people on this list in all thin=
gs specifications.
    Because of this, I recommend we add some=
 language here that prevents that confusion. Something like 
     
    *  T=
he Implicit grant ("response_type=3Dtoken") is omitted from this
        &nbs=
p; specification as per Section 2.1.2 of[I-D.ietf-oauth-security-topics]=

    Please note: the=
 omission of the implicit grant from this specification does not automatical=
ly imply that other extension grants obtaining credentials directly from the=
 authorization endpoint should also be discarded. For example, the implicit f=
low defined in Section 3.2 of [OIDC] remains valid for all the response_type=
 values not including =E2=80=9Ctoken=E2=80=9D. 
    &nbs=
p;
    Although it might be a bit unusual to refer to details of specs=
 from other entities, this spec already mentions OpenID 9 times even excludi=
ng =C2=A714.2- and as soon as the browser apps section will be included, tha=
t number is certain to rise. And the confusion on this point is truly widesp=
read- adding language along the lines of the above directly in the core woul=
d go a long way to save a lot of grief.
     
     
     
     
     
     
     <=
/pre>
    <=
/u> 
     
     
    &=
nbsp;
     
     
     =
;
     
     
     =

     
     
     <=
/span>
     
     <=
/u>
     
     
     
     
    &nb=
sp;
     
     
     <=
/p>
     
    =
 
     
     
     <=
u>
     
     
     
    <=
p class=3D"MsoNormal"> 
    =
 
     
     
     
     
    =
 
     
     
    &nbs=
p;
     
     
    = --Apple-Mail-7BA6FD10-303C-4CED-8DDD-169D59913E3D-- --Apple-Mail-4829F4F9-4269-4731-A277-2FF9FFD4F9D8 Content-Type: application/pkcs7-signature; name=smime.p7s Content-Disposition: attachment; filename=smime.p7s Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADCABgkqhkiG9w0BBwEAAKCCBPgw ggT0MIID3KADAgECAhBpfEIkHQiWmzF6zDsgdF+DMA0GCSqGSIb3DQEBCwUAMIGNMQswCQYDVQQG EwJJVDEQMA4GA1UECAwHQmVyZ2FtbzEZMBcGA1UEBwwQUG9udGUgU2FuIFBpZXRybzEjMCEGA1UE CgwaQWN0YWxpcyBTLnAuQS4vMDMzNTg1MjA5NjcxLDAqBgNVBAMMI0FjdGFsaXMgQ2xpZW50IEF1 dGhlbnRpY2F0aW9uIENBIEcyMB4XDTIwMDIyMzE3MjEzOVoXDTIxMDIyMzE3MjEzOVowIjEgMB4G A1UEAwwXdG9yc3RlbkBsb2RkZXJzdGVkdC5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQCrIaCISpAU98m6ZkDyUR3My5imAF4TKQk8eqo+oQ06PTWT/3yJXujVCjjOqOl8p11v/RoN Gf8zqYbBsqGBuJx2NyxFmAnmCjcbnxihQdcmuxLm6izvxr2MawOovDheMXnfmGy/Ns5Fs6bd+M5F jCNhP+Gljvgm/SFq1skvs7YUX2FxZmh+xPMm3FZ/a6Lyhkrd3JHzEqv8VWY69Aehezg39OuPJEpb IdjK/eBcmaIG0qn5RQdXLByJYfXhepyVAZPJT5rAgaIQL/IjSIVInxf3FxOv+ELMAErclws6mKzy zkY2JiItPEpKWzAWGCxCX2o0JjVj1f7xgaunLfJ+Ec0lAgMBAAGjggG4MIIBtDAMBgNVHRMBAf8E AjAAMB8GA1UdIwQYMBaAFGvyjZ5owSUEH1E0V/YWXJTqTWkaMH4GCCsGAQUFBwEBBHIwcDA7Bggr BgEFBQcwAoYvaHR0cDovL2NhY2VydC5hY3RhbGlzLml0L2NlcnRzL2FjdGFsaXMtYXV0Y2xpZzIw MQYIKwYBBQUHMAGGJWh0dHA6Ly9vY3NwMDkuYWN0YWxpcy5pdC9WQS9BVVRIQ0wtRzIwIgYDVR0R BBswGYEXdG9yc3RlbkBsb2RkZXJzdGVkdC5uZXQwRwYDVR0gBEAwPjA8BgYrgR8BGAEwMjAwBggr BgEFBQcCARYkaHR0cHM6Ly93d3cuYWN0YWxpcy5pdC9hcmVhLWRvd25sb2FkMB0GA1UdJQQWMBQG CCsGAQUFBwMCBggrBgEFBQcDBDBIBgNVHR8EQTA/MD2gO6A5hjdodHRwOi8vY3JsMDkuYWN0YWxp cy5pdC9SZXBvc2l0b3J5L0FVVEhDTC1HMi9nZXRMYXN0Q1JMMB0GA1UdDgQWBBSuRfshihlGSEJ7 2UeyOZRJ1YYyMDAOBgNVHQ8BAf8EBAMCBaAwDQYJKoZIhvcNAQELBQADggEBAH/3ECMSOoOLiwCe GsBj/WWnUhXvZyHmz3LW0DVdH3s30b2HWpomEVNDN3cWt4QSRhISqV0xyyChL6THhDY+Um2mo+z/ L5fxHd3MjhzvYKwUtLUJdWRgymlUBO9zNKi/IMVYv3O+mpOHuQrgtMaV9luDPRYPZrhF9y/InTZE tb+FOrF9ykIRlYgMzqSKjuqFmmYO4d6GkbgfGKFZsAjkySjM9BUBLb70MdysOTxZ/HtZguIKfZ4q CveZ9ZKe+LGsIpt5bFAs1LHIMBUlTCsuVIq2lD3TmScWbELn+Ace7WwKc+08GqOWZzUot5fkiIx3 /crnd7HTmUfqi0yCylHY62wxggOpMIIDpQIBATCBojCBjTELMAkGA1UEBhMCSVQxEDAOBgNVBAgM B0JlcmdhbW8xGTAXBgNVBAcMEFBvbnRlIFNhbiBQaWV0cm8xIzAhBgNVBAoMGkFjdGFsaXMgUy5w LkEuLzAzMzU4NTIwOTY3MSwwKgYDVQQDDCNBY3RhbGlzIENsaWVudCBBdXRoZW50aWNhdGlvbiBD QSBHMgIQaXxCJB0Ilpsxesw7IHRfgzANBglghkgBZQMEAgEFAKCCAdcwGAYJKoZIhvcNAQkDMQsG CSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMjAxMjEyMTIxOTU1WjAvBgkqhkiG9w0BCQQxIgQg coqSSv+NgDmt8Gwkprx823kBjGOgG1DaFyckcT25Pu0wgbMGCSsGAQQBgjcQBDGBpTCBojCBjTEL MAkGA1UEBhMCSVQxEDAOBgNVBAgMB0JlcmdhbW8xGTAXBgNVBAcMEFBvbnRlIFNhbiBQaWV0cm8x IzAhBgNVBAoMGkFjdGFsaXMgUy5wLkEuLzAzMzU4NTIwOTY3MSwwKgYDVQQDDCNBY3RhbGlzIENs aWVudCBBdXRoZW50aWNhdGlvbiBDQSBHMgIQaXxCJB0Ilpsxesw7IHRfgzCBtQYLKoZIhvcNAQkQ AgsxgaWggaIwgY0xCzAJBgNVBAYTAklUMRAwDgYDVQQIDAdCZXJnYW1vMRkwFwYDVQQHDBBQb250 ZSBTYW4gUGlldHJvMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8wMzM1ODUyMDk2NzEsMCoGA1UE AwwjQWN0YWxpcyBDbGllbnQgQXV0aGVudGljYXRpb24gQ0EgRzICEGl8QiQdCJabMXrMOyB0X4Mw DQYJKoZIhvcNAQELBQAEggEARNqEWfaZ/aPr18etwOFEXkZNqCG7v34cfd4PhKyWWcJr8Jjbw8cW n/nR49k1pq3qYVN/y+LKrpflGxqfoKGnyuP5qBkL2MVBrXRHzAsSc/JLZ0yrJeSIJbyf4HbKwzwg c6pnEQCwQw9s5Y61lgBOZ6Vkd/otI3lrOTAG/LR8x93kgfQ7v8vRIC8kSOf1NCWIfSCiS95qxLIP K03jBVODZv7c9sju94Dl0qgw+uej+POXzfmKzMYdJtOnWGBXquDcQty7kAwLKiHTAQPEmK0lm7gT 0FDILMXdBZbvempecWIeHloSGnn3TWpAChCNeyosr6l/OFKd4mRrBTRwY+lL+AAAAAAAAA== --Apple-Mail-4829F4F9-4269-4731-A277-2FF9FFD4F9D8-- From nobody Sat Dec 12 12:11:33 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C825B3A0E22 for ; Sat, 12 Dec 2020 12:11:31 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.086 X-Spam-Level: X-Spam-Status: No, score=-2.086 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_FONT_FACE_BAD=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, T_SPF_TEMPERROR=0.01, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=forgerock.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ePAXJ26GRd-W for ; Sat, 12 Dec 2020 12:11:26 -0800 (PST) Received: from mail-ed1-x533.google.com (mail-ed1-x533.google.com [IPv6:2a00:1450:4864:20::533]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B05233A0B05 for ; Sat, 12 Dec 2020 12:11:24 -0800 (PST) Received: by mail-ed1-x533.google.com with SMTP id p22so13018447edu.11 for ; Sat, 12 Dec 2020 12:11:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=forgerock.com; s=google; h=from:mime-version:subject:message-id:date:cc:to :content-transfer-encoding; bh=5PrVqggVYYI8Ui1ar5ztT9AG4YXqZP2XGSD5vFhYFcM=; b=J/xAFQRWgWNvd/WOwaaUaLWSnuWyPm+YJFDepjqAvfV86Pnisb4+a5r5Uue3oorlJL wo5CKOzoSYoqXUbPwktVPdVAGR0umNejxpofUYC94LWOsOBg/nFr7pNDkPWXvMu1ESmr +eVUh2IjoXgZ3zmZrfOMJtLc/BjL81diRGIl0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:mime-version:subject:message-id:date:cc:to :content-transfer-encoding; bh=5PrVqggVYYI8Ui1ar5ztT9AG4YXqZP2XGSD5vFhYFcM=; b=gEihQ2yd3bwXILGQb8zDtMvuJ5+dfbBVg3H/rhMJnStuxeMtvWAw7xllNIA3/D2vCn YEa3fAny49Gmk1/aPwzvoe23nzqYu5eVqs0w0HOlIUU4rIvEnUIorIbOCVMIe8G+XcsK 0oEoBrXb8vE0HiPqnPo4FGhQLGwmTkyEkfmcSnBUMZ/2KPgyoWJIUekXZvi6WAib370/ /rG89qlg0V5weBLBDpwuTywHLCnXqemsmmVnS7gkBgY0R6ybvEhJQ2qd50acNXig3hsv SkFpyrXhswarngYvhHUBk+I84qYBkMpKVt1i6wATLwHO/nDIIv92brq31wA79cZxkWvA 8G5w== X-Gm-Message-State: AOAM532yPE14onQ4XV+yjjzkhmlXI1VZQykzHTGq8Y8sEt4sJK9fUbfE rwjxvCbzKPlgJlm9Y5ZsINWQiTJDISmyWS9IReBMEKzoy2GF+2UV2D09INJL5S4UMqKzgO0LmQ= = X-Google-Smtp-Source: ABdhPJwS9h9u/e0OmJF/co64imfTkBk+zalFxn7W8qdozB0CJ2DTPsRIy/U8wkuvKLWJKYEzJztgcA== X-Received: by 2002:a05:6402:180c:: with SMTP id g12mr18166899edy.268.1607803882974; Sat, 12 Dec 2020 12:11:22 -0800 (PST) Received: from [10.0.0.17] (251.207.159.143.dyn.plus.net. [143.159.207.251]) by smtp.gmail.com with ESMTPSA id f8sm11205435eds.19.2020.12.12.12.11.21 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sat, 12 Dec 2020 12:11:22 -0800 (PST) From: Neil Madden Mime-Version: 1.0 (1.0) Message-Id: <83074800-C301-4C01-9F33-8D8D88F7055E@forgerock.com> Date: Sat, 12 Dec 2020 20:11:20 +0000 Cc: Brian Campbell , oauth To: Torsten Lodderstedt X-Mailer: iPhone Mail (18B92) Content-Type: multipart/alternative; boundary=Apple-Mail-1E157D63-13D8-469C-9E72-128DE01D6F05 Content-Transfer-Encoding: 7bit Archived-At: Subject: Re: [OAUTH-WG] DPoP followup I: freshness and coverage of signature X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 12 Dec 2020 20:11:32 -0000 --Apple-Mail-1E157D63-13D8-469C-9E72-128DE01D6F05 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Good questions! Answers inline: > On 12 Dec 2020, at 10:07, Torsten Lodderstedt w= rote: > =EF=BB=BF > Thanks for sharing, Neil! >=20 > I=E2=80=98ve got some questions: > Note: I assume the tokens you are referring in your article are OAuth acc= ess tokens. No, probably not. Just auth tokens more generically.=20 > - carrying tokens in URLs wie considered bad practice by the Security BCP= and OAuth 2.1 due to leakage via referrer headers and so on. Why isn=E2=80= =99t this an issue with your approach? This is generally safe advice, but it is often over-cautious for three reas= ons: 1. Referer headers (and window.referrer) apply when embedding/linking resou= rces in HTML. But when we=E2=80=99re talking about browser-based apps (eg S= PAs), that usually means JavaScript calling some backend API that returns J= SON or some other data format. These data formats don=E2=80=99t have links = or embedded resources (as far as the browser is concerned), so they don=E2= =80=99t leak Referer headers in the same way. When the app loads a resource= from a URI in a JSON response the Referer header will contain the URI of t= he app itself (most likely a generic HTML template page), not the capabilit= y URI from which the JSON was loaded. Similar arguments apply to browser hi= story and other typical ways that URIs leak.=20 2. You can now use the Referrer-Policy header [1] and rel=3D=E2=80=9Cnoopen= er noreferrer=E2=80=9D to opt out of this leakage, and browsers are moving = to doing this by default for cross-origin requests/embeds. (This is already= enabled by default in Safari).=20 3. When you do want to use capability URIs for top-level navigation, there = are places in the URI you can put a token that aren=E2=80=99t ever included= in Referer headers or window.referrer or ever sent to the server at all - = such as the fragment. JavaScript can then extract the token from the fragme= nt (and then wipe it) and send it to the server in an Authorization header = or whatever. See [2] for more details and alternatives.=20 [1]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Pol= icy [2]: https://neilmadden.blog/2019/01/16/can-you-ever-safely-include-credent= ials-in-a-url/ > - generating (self contained) or using (handles) per URL access tokens mi= ght be rather expensive. Can you sketch out how you wanna cope with that ch= allenge? A decent HMAC implementation takes about 1-2 microseconds for typical size = of token we=E2=80=99re talking about.=20 > - per URL Access tokens are a very consequent Form or audience restrictio= n. How do you wanna signal the audience to the AS? As I said, this isn=E2=80=99t OAuth, but for example you can already do thi= s with the macaroon access tokens in ForgeRock AM 7.0 - issue a single acce= ss token and then make copies with specific audience restrictions added as = caveats, as discussed in [3]. Such audience restrictions are then returned = in the token introspection response and the RS can enforce them.=20 My comment in the article about ideas for future OAuth is really just that = the token endpoint should be able to issue multiple fine-grained access tok= ens in one go, each associated with a particular endpoint (or endpoints). Y= ou could either return these as separate items like: =E2=80=9Caccess_tokens=E2=80=9D: [ { =E2=80=9Ctoken=E2=80=9D: =E2=80=9Cabc...=E2=80=9D,=20 =E2=80=9Caud=E2=80=9D: =E2=80=9Chttps://api.example.com/foo=E2=80=9D= }, { =E2=80=9Ctoken=E2=80=9D: =E2=80=9Cdef...=E2=80=9D, =E2=80=9Caud=E2=80=9D: =E2=80=9Chttps://api.example.com/bar=E2=80=9D= } ] Or just go ahead and combine those into capability URIs. (I think I already= mentioned this a long time ago when GNAP was first being discussed).=20 Speaking even more wishfully, what I would really love to see is a new URL = scheme for these, something like: bearer://@api.example.com/foo Which is equivalent to a HTTPS link, but the browser knows about this forma= t and when clicking on/accessing such a URI it sends the token as an Author= ization: Bearer header automatically. Ideally the browser would also not al= low the token to be accessible from the DOM.=20 Even without browser support I think such a URI scheme would be useful to a= llow GitHub and others to more easily recognise capability URIs checked int= o public git repos and perhaps provide a way to automatically revoke them (= .well-known/token-revocation perhaps). [3]: https://neilmadden.blog/2020/07/29/least-privilege-with-less-effort-ma= caroon-access-tokens-in-am-7-0/ =E2=80=94 Neil >=20 > best regards, > Torsten. >=20 >> Am 12.12.2020 um 08:26 schrieb Neil Madden : >> =EF=BB=BF >> Not directly related to DPoP or OAuth, but I wrote some notes to help re= covering XSS Nihilists: https://neilmadden.blog/2020/12/10/xss-doesnt-have-= to-be-game-over/ >>=20 >> =E2=80=94 Neil >>=20 >>> On 12 Dec 2020, at 00:02, Brian Campbell wrote: >>> =EF=BB=BF >>> I think that puts Jim in the XSS Nihilism camp :)=20 >>>=20 >>> Implicit type flows are being deprecated/discouraged. But keeping token= s out of browsers doesn't seem likely. There is some menton of CSP in https= ://tools.ietf.org/html/draft-ietf-oauth-browser-based-apps-07#section-9.7= =20 >>>=20 >>> On Wed, Dec 9, 2020 at 4:10 PM Jim Manico wrote: >>>> The basic theme from the web attacker community is: >>>>=20 >>>> 1) XSS is a game over event to web clients. XSS can steal or abuse (re= quest forgery) tokens, and more. >>>>=20 >>>> 2) Even if you prevent stolen tokens from being used outside of a web = client, XSS still allows the attacker to force a user to make any request i= n a fraudulent way, abusing browser based tokens as a form of request forge= ry. >>>>=20 >>>> 3) There are advanced measures to stop a token from being stolen from = a web client, like a HTTPonly cookies and to a lesser degree, JS Closures a= nd Webworkers.=20 >>>>=20 >>>> 4) However, these measures to protect cookies are mostly moot. Attacke= rs can just force clients to make fraudulent requests. >>>>=20 >>>> 5) Many recommend the BFF pattern to hide tokens on the back end, but = still, request forgery via XSS allows all kinds of abuse. >>>>=20 >>>> XSS is game over no matter how you slice it. >>>>=20 >>>> Crypto solutions do not help. Perhaps the world of OAuth can start sug= gesting that web clients use CSP 3.0 in specific ways, if you still plan to= support Implicit type flows or tokens in browsers? >>>>=20 >>>> Respectfully, >>>>=20 >>>> - Jim >>>>=20 >>>>=20 >>>>=20 >>>> On 12/9/20 12:57 PM, Brian Campbell wrote: >>>>> Thanks Philippe, I very much concur with your line of reasoning and t= he important considerations. The scenario I was thinking of is: browser bas= ed client where XSS is used to exfiltrate the refresh token along with pre-= computed proofs that would allow for the RT to be exchanged for new access = tokens and also pre-computed proofs that would work with those access token= s for resource access. With the pre-computed proofs that would allow prolon= ged (as long as the RT is valid) access to protected resources even when th= e victim is offline. Is that a concrete attack scenario? I mean, kind of. I= t's pretty convoluted/complex. And while an access token hash would reign i= t in somewhat (ATs obtained from the stolen RT wouldn't be usable) it's har= d to say if the cost is worth the benefit. >>>>>=20 >>>>>=20 >>>>>=20 >>>>> On Tue, Dec 8, 2020 at 11:47 PM Philippe De Ryck wrote: >>>>>> Yeah, browser-based apps are pure fun, aren=E2=80=99t they? :) >>>>>>=20 >>>>>> The reason I covered a couple of (pessimistic) XSS scenarios is that= the discussion started with an assumption that the attacker already succes= sfully exploited an XSS vulnerability. I pointed out how, at that point, fi= netuning DPoP proof contents will have little to no effect to stop an attac= k. I believe it is important to make this very clear, to avoid people turni= ng to DPoP as a security mechanism for browser-based applications. >>>>>>=20 >>>>>>=20 >>>>>> Specifically to your question on including the hash in the proof, I = think these considerations are important: >>>>>>=20 >>>>>> 1. Does the inclusion of the AT hash stop a concrete attack scenario= ? >>>>>> 2. Is the =E2=80=9Ccost=E2=80=9D (implementation, getting it right, = =E2=80=A6) worth the benefits? >>>>>>=20 >>>>>>=20 >>>>>> Here=E2=80=99s my view on these considerations (specifically for bro= wser-based apps, not for other types of applications): >>>>>>=20 >>>>>> 1. The proof precomputation attack is already quite complex, and sho= rt access token lifetimes already reduce the window of attack. If the attac= ker can steal a future AT, they could also precompute new proofs then.=20 >>>>>> 2. For browser-based apps, it seems that doing this complicates the = implementation, without adding much benefit. Of course, libraries could han= dle this, which significantly reduces the cost.=20 >>>>>>=20 >>>>>>=20 >>>>>> Note that these comments are specifically to complicating the spec a= nd implementation. DPoP=E2=80=99s capabilities of using sender-constrained = access tokens are still useful to counter various other scenarios (e.g., mi= ddleboxes or APIs abusing access tokens). If other applications would signi= ficantly benefit from having the hash in the proof, I=E2=80=99m all for it. >>>>>>=20 >>>>>> On a final note, I would be happy to help clear up the details on we= b-based threats and defenses if necessary. >>>>>>=20 >>>>>> =E2=80=94 >>>>>> Pragmatic Web Security >>>>>> Security for developers >>>>>> https://pragmaticwebsecurity.com/ >>>>>>=20 >>>>>>=20 >>>>>>> On 8 Dec 2020, at 22:47, Brian Campbell wrote: >>>>>>>=20 >>>>>>> Danial recently added some text to the working copy of the draft wi= th https://github.com/danielfett/draft-dpop/commit/f4b42058 that I think ai= ms to better convey the "nutshell: XSS =3D Game over" sentiment and maybe d= issuade folks from looking to DPoP as a cure-all for browser based applicat= ions. Admittedly a lot of the initial impetus behind producing the draft in= the first place was born out of discussions around browser based apps. But= it's neither specific to browser based apps nor a panacea for them. I hope= the language in the document and how it's recently been presented is refle= ctive of that reality.=20 >>>>>>>=20 >>>>>>> The more specific discussions/recommendations around in-browser app= s are valuable (if somewhat over my head) but might be more appropriate in = the OAuth 2.0 for Browser-Based Apps draft. >>>>>>>=20 >>>>>>> With respect to the contents of the DPoP draft, I am still keen to = try and flush out some consensus around the question posed in the start of = this thread, which is effectively whether or not to include a hash of the a= ccess token in the proof. Acknowledging that "XSS =3D Game over" does sort= of evoke a tendency to not even bother with such incremental protections (= what I've tried to humorously coin as "XSS Nihilism" with no success). And = as such, I do think that leaving it how it is (no AT hash in the proof) is = not unreasonable. But, as Filip previously articulated, including the AT ha= sh in the proof would prevent potentially prolonged access to protected res= ources even when the victim is offline. And that seems maybe worthwhile to = have in the protocol, given that it's not a huge change to the spec. But it= 's a trade-off either way and I'm personally on the fence about it. >>>>>>>=20 >>>>>>> Including an RT hash in the proof seems more niche. Best I can tell= , it would guard against prolonged offline access to protected resources wh= en access tokens are bearer and the RT was DPoP-bound and also gets rotated= . The trade-off there seems less worth it (I think an RT hash would be more= awkward in the protocol too).=20 >>>>>>>=20 >>>>>>>=20 >>>>>>>=20 >>>>>>>=20 >>>>>>>=20 >>>>>>>=20 >>>>>>>=20 >>>>>>> On Fri, Dec 4, 2020 at 5:40 AM Philippe De Ryck wrote: >>>>>>>>=20 >>>>>>>>> The suggestion to use a web worker to ensure that proofs cannot b= e pre-computed is a good one I think. (You could also use a sandboxed ifram= e for a separate sub/sibling-domain - dpop.example.com). >>>>>>>>=20 >>>>>>>> An iframe with a different origin would also work (not really sand= boxing, as that implies the use of the sandbox attribute to enforce behavio= ral restrictions). The downside of an iframe is the need to host additional= HTML, vs a script file for the worker, but the effect is indeed the same. >>>>>>>>=20 >>>>>>>>> For scenario 4, I think this only works if the attacker can trick= /spoof the AS into using their redirect_uri? Otherwise the AC will go to th= e legitimate app which will reject it due to mismatched state/PKCE. Or are = you thinking of XSS on the redirect_uri itself? I think probably a good pra= ctice is that the target of a redirect_uri should be a very minimal and loc= ked down page to avoid this kind of possibility. (Again, using a separate s= ub-domain to handle tokens and DPoP seems like a good idea). >>>>>>>>=20 >>>>>>>> My original thought was to use a silent flow with Web Messaging. T= he scenario would go as follows: >>>>>>>>=20 >>>>>>>> 1. Setup a Web Messaging listener to receive the incoming code >>>>>>>> 2. Create a hidden iframe with the DOM APIs >>>>>>>> 3. Create an authorization request such as =E2=80=9C/authorize?res= ponse_type=3Dcode&client_id=3D...&redirect_uri=3Dhttps%3A%2F%example.com&st= ate=3D...&code_challenge=3D7-ffnU1EzHtMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code= _challenge_method=3DS256&prompt=3Dnone&response_mode=3Dweb_message=E2=80=9D >>>>>>>> 4. Load this URL in the iframe, and wait for the result >>>>>>>> 5. Retrieve code in the listener, and use PKCE (+ DPoP if needed) = to exchange it for tokens >>>>>>>>=20 >>>>>>>> This puts the attacker in full control over every aspect of the fl= ow, so no need to manipulate any of the parameters. >>>>>>>>=20 >>>>>>>>=20 >>>>>>>> After your comment, I also believe an attacker can run the same sc= enario without the =E2=80=9Cresponse_mode=3Dweb_message=E2=80=9D. This woul= d go as follows: >>>>>>>>=20 >>>>>>>> 1. Create a hidden iframe with the DOM APIs >>>>>>>> 2. Setup polling to read the URL (this will be possible for same-o= rigin pages, not for cross-origin pages) >>>>>>>> 3. Create an authorization request such as =E2=80=9C/authorize?res= ponse_type=3Dcode&client_id=3D...&redirect_uri=3Dhttps%3A%2F%example.com&st= ate=3D...&code_challenge=3D7-ffnU1EzHtMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code= _challenge_method=3DS256=E2=80=9D >>>>>>>> 4. Load this URL in the iframe, and keep polling >>>>>>>> 5. Detect the redirect back to the application with the code in th= e URL, retrieve code, and use PKCE (+ DPoP if needed) to exchange it for to= kens >>>>>>>>=20 >>>>>>>> In step 5, the application is likely to also try to exchange the c= ode. This will fail due to a mismatching PKCE verifier. While noisy, I don= =E2=80=99t think it affects the scenario.=20 >>>>>>>>=20 >>>>>>>>=20 >>>>>>>>> IMO, the online attack scenario (i.e., proxying malicious request= s through the victim=E2=80=99s browser) is quite appealing to an attacker, = despite the apparent inconvenience: >>>>>>>>>=20 >>>>>>>>> - the victim=E2=80=99s browser may be inside a corporate firewal= l or VPN, allowing the attacker to effectively bypass these restrictions >>>>>>>>> - the attacker=E2=80=99s traffic is mixed in with the user=E2=80= =99s own requests, making them harder to distinguish or to block >>>>>>>>>=20 >>>>>>>>> Overall, DPoP can only protect against XSS to the same level as H= ttpOnly cookies. This is not nothing, but it means it only prevents relativ= ely naive attacks. Given the association of public key signatures with stro= ng authentication, people may have overinflated expectations if DPoP is pit= ched as an XSS defence. >>>>>>>>=20 >>>>>>>> Yes, in the cookie world this is known as =E2=80=9CSession Riding= =E2=80=9D. Having the worker for token isolation would make it possible to = enforce a coarse-grained policy on outgoing requests to prevent total abuse= of the AT. >>>>>>>>=20 >>>>>>>> My main concern here is the effort of doing DPoP in a browser vers= us the limited gains. It may also give a false sense of security.=20 >>>>>>>>=20 >>>>>>>>=20 >>>>>>>>=20 >>>>>>>> With all this said, I believe that the AS can lock down its config= uration to reduce these attack vectors. A few initial ideas: >>>>>>>>=20 >>>>>>>> 1. Disable silent flows for SPAs using RT rotation >>>>>>>> 2. Use the sec-fetch headers to detect and reject non-silent ifram= e-based flows >>>>>>>>=20 >>>>>>>> For example, an OAuth 2.0 flow in an iframe in Brave/Chrome carri= es these headers: >>>>>>>> sec-fetch-dest: iframe >>>>>>>> sec-fetch-mode: navigate >>>>>>>> sec-fetch-site: cross-site >>>>>>>> sec-fetch-user: ?1 >>>>>>>>=20 >>>>>>>>=20 >>>>>>>> Philippe >>>>>>>=20 >>>>>>> CONFIDENTIALITY NOTICE: This email may contain confidential and pri= vileged material for the sole use of the intended recipient(s). Any review,= use, distribution or disclosure by others is strictly prohibited. If you = have received this communication in error, please notify the sender immedia= tely by e-mail and delete the message and any file attachments from your co= mputer. Thank you. >>>>>=20 >>>>> CONFIDENTIALITY NOTICE: This email may contain confidential and privi= leged material for the sole use of the intended recipient(s). Any review, u= se, distribution or disclosure by others is strictly prohibited. If you ha= ve received this communication in error, please notify the sender immediate= ly by e-mail and delete the message and any file attachments from your comp= uter. Thank you.=20 >>>>>=20 >>>>> _______________________________________________ >>>>> OAuth mailing list >>>>> OAuth@ietf.org >>>>> https://www.ietf.org/mailman/listinfo/oauth >>>> --=20 >>>> Jim Manico >>>> Manicode Security >>>> https://www.manicode.com >>>=20 >>> CONFIDENTIALITY NOTICE: This email may contain confidential and privile= ged material for the sole use of the intended recipient(s). Any review, use= , distribution or disclosure by others is strictly prohibited. If you have= received this communication in error, please notify the sender immediately= by e-mail and delete the message and any file attachments from your comput= er. Thank you._______________________________________________ >>> OAuth mailing list >>> OAuth@ietf.org >>> https://www.ietf.org/mailman/listinfo/oauth >>=20 >> ForgeRock values your Privacy___________________________________________= ____ >> OAuth mailing list >> OAuth@ietf.org >> https://www.google.com/url?q=3Dhttps://www.ietf.org/mailman/listinfo/oau= th&source=3Dgmail-imap&ust=3D1608362770000000&usg=3DAOvVaw31Ss8FnOZiHe2e0_3= e_uNg --=20 ForgeRock values your Privacy --Apple-Mail-1E157D63-13D8-469C-9E72-128DE01D6F05 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
    =EF=BB=BFGood question= s! Answers inline:

    On 12 Dec = 2020, at 10:07, Torsten Lodderstedt <torsten@lodderstedt.net> wrote:<= br>
    =EF=BB= =BF
    Thanks for sharing, Neil!

    I=E2=80=98ve got some questions:
    No= te: I assume the tokens you are referring in your article are OAuth access = tokens.

    No, probably not. Just = auth tokens more generically. 

    - carrying tokens in URLs wie considered bad = practice by the Security BCP and OAuth 2.1 due to leakage via referrer head= ers and so on. Why isn=E2=80=99t this an issue with your approach?

    This is generally safe advice, b= ut it is often over-cautious for three reasons:

    <= /div>
    1. Referer headers (and window.referrer) apply when e= mbedding/linking resources in HTML. But when we=E2=80=99re talking about br= owser-based apps (eg SPAs), that usually means JavaScript calling some back= end API that returns JSON or some other data format. These data formats don= =E2=80=99t have links or embedded resources (as far as the browser is conce= rned), so they don=E2=80=99t leak Referer headers in the same way. When the= app loads a resource from a URI in a JSON response the Referer header will= contain the URI of the app itself (most likely a generic HTML template pag= e), not the capability URI from which the JSON was loaded. Similar argument= s apply to browser history and other typical ways that URIs leak. 

    2. You can now use the Referr= er-Policy header [1] and rel=3D=E2=80=9Cnoopener noreferrer=E2=80=9D to opt= out of this leakage, and browsers are moving to doing this by default for = cross-origin requests/embeds. (This is already enabled by default in Safari= ). 

    3. When you do wa= nt to use capability URIs for top-level navigation, there are places in the= URI you can put a token that aren=E2=80=99t ever included in Referer heade= rs or window.referrer or ever sent to the server at all - such as the fragm= ent. JavaScript can then extract the token from the fragment (and then wipe= it) and send it to the server in an Authorization header or whatever. See = [2] for more details and alternatives. 

    [2]: = https://neilmadden.blog/2019/01/16/can-you-ever-safel= y-include-credentials-in-a-url/

    - generating (self contained) or usi= ng (handles) per URL access tokens might be rather expensive. Can you sketc= h out how you wanna cope with that challenge?

    A decent HMAC implementation takes a= bout 1-2 microseconds for typical size of token we=E2=80=99re talking about= . 

    - per URL Access tokens are a very consequent Form or audience restrictio= n. How do you wanna signal the audience to the AS?
    =

    As I said, this isn=E2=80=99t O= Auth, but for example you can already do this with the macaroon access toke= ns in ForgeRock AM 7.0 - issue a single access token and then make copies w= ith specific audience restrictions added as caveats, as discussed in [3]. S= uch audience restrictions are then returned in the token introspection resp= onse and the RS can enforce them. 

    My comment in the article about ideas for future OAuth is rea= lly just that the token endpoint should be able to issue multiple fine-grai= ned access tokens in one go, each associated with a particular endpoint (or= endpoints). You could either return these as separate items like:

    =E2=80=9Caccess_tokens=E2=80=9D: [=
        { =E2=80=9Ctoken=E2=80=9D: =E2=80=9Cab= c...=E2=80=9D, 
           =E2= =80=9Caud=E2=80=9D: =E2=80=9Chttps://api.example.com/foo=E2=80=9D },
    <= div dir=3D"ltr">    { =E2=80=9Ctoken=E2=80=9D: =E2=80=9Cdef...=E2= =80=9D,
           =E2=80=9Caud=E2=80= =9D: =E2=80=9Chttps://api.example.com/bar=E2=80=9D }
    = ]

    Or just go ahead and com= bine those into capability URIs. (I think I already mentioned this a long t= ime ago when GNAP was first being discussed). 
    <= br>
    Speaking even more wishfully, what I would really= love to see is a new URL scheme for these, something like:

      bearer://<token>@api.examp= le.com/foo

    Which is equiva= lent to a HTTPS link, but the browser knows about this format and when clic= king on/accessing such a URI it sends the token as an Authorization: Bearer= header automatically. Ideally the browser would also not allow the token t= o be accessible from the DOM. 

    Even without browser support I think such a URI scheme would be u= seful to allow GitHub and others to more easily recognise capability URIs c= hecked into public git repos and perhaps provide a way to automatically rev= oke them (.well-known/token-revocation perhaps).

    =

    =E2=80=94 Neil


    best regards,
    T= orsten.

    Am 12.12.2020 u= m 08:26 schrieb Neil Madden <neil.madden@forgerock.com>:

    =EF=BB=BF
    Not directly related to DPoP or OAuth, but I wrote some notes to help= recovering XSS Nihilists: https://neilmadden.blog/2020/12/10/xss-doesnt-have-to-be-game-over/=

    =E2=80=94 Neil
    <= div dir=3D"ltr">
    On 12 Dec 2020, at 00:02, Bri= an Campbell <bcampbell=3D40pingidentity.com@dmarc.ietf.org> wrote:
    =EF=BB= =BF
    I think that puts Jim in the XSS Nihilism camp :)&= nbsp;

    Implicit type flows are being deprecated/dis= couraged. But keeping tokens out of browsers doesn't seem likely. There is = some menton of CSP in https://tools.ietf.org/html/draft-ietf-oauth-browser-based-apps-= 07#section-9.7

    On Wed, Dec 9, 2020 at 4:10 PM Jim Manico <= ;jim@manicode.com= > wrote:
    =20 =20 =20

    The basic theme from the web attacker community is:

    1) XSS is a game over event to web clients. XSS can steal or abuse (request forgery) tokens, and more.

    2) Even if you prevent stolen tokens from being used outside of a web client, XSS still allows the attacker to force a user to make any request in a fraudulent way, abusing browser based tokens as a form of request forgery.

    3) There are advanced measures to stop a token from being stolen from a web client, like a HTTPonly cookies and to a lesser degree, JS Closures and Webworkers.

    4) However, these measures to protect cookies are mostly moot. Attackers can just force clients to make fraudulent requests.

    5) Many recommend the BFF pattern to hide tokens on the back end, but still, request forgery via XSS allows all kinds of abuse.

    XSS is game over no matter how you slice it.

    Crypto solutions do not help. Perhaps the world of OAuth can start suggesting that web clients use CSP 3.0 in specific ways, if you still plan to support Implicit type flows or tokens in browsers?

    Respectfully,

    - Jim


    On 12/9/20 12:57 PM, Brian Campbell wrote:
    =20
    Thanks Philippe, I very much concur with your line of reasoning and the important considerations. The scenario I was thinking of is: browser based client where XSS is used to exfiltrate the refresh token along with pre-computed proofs that would allow for the RT to be exchanged for new access tokens and also pre-computed proofs that would work with those access tokens for resource access. With the pre-computed proofs that would allow prolonged (as long as the RT is valid) access to protected resources even when the victim is offline. Is that a concrete attack scenario? I mean, kind of. It's pretty convoluted/complex. And while an access token hash would reign it in somewhat (ATs obtained from the stolen RT wouldn't be usable) it's hard to say if the cost is worth the benefit.



    On Tue, Dec 8, 2020 at 11:47 PM Philippe De Ryck <philippe@pragmaticwebsecurity.com> wrote:
    Yeah, browser-based apps are pure fun, aren=E2=80=99t they? :)

    The reason I covered a couple of (pessimistic) XSS scenarios is that the discussion started with an assumption that the attacker already successfully exploited an XSS vulnerability. I pointed out how, at that point, finetuning DPoP proof contents will have little to no effect to stop an attack. I believe it is important to make this very clear, to avoid people turning to DPoP as a security mechanism for browser-based applications.


    Specifically to your question on including the hash in the proof, I think these considerations are important:

    1. Does the inclusion of the AT hash stop a concrete attack scenario?
    2. Is the =E2=80=9Ccost=E2=80=9D (implementation, getting = it right, =E2=80=A6) worth the benefits?


    Here=E2=80=99s my view on these considerations (spec= ifically for browser-based apps, not for other types of applications):

    1. The proof precomputation attack is already quite complex, and short access token lifetimes already reduce the window of attack. If the attacker can steal a future AT, they could also precompute new proofs then. 
    2. For browser-based apps, it seems that doing this complicates the implementation, without adding much benefit. Of course, libraries could handle this, which significantly reduces the cost. 


    Note that these comments are specifically to complicating the spec and implementation. DPoP=E2=80=99s capabilities of using sender-constrained access tokens are still useful to counter various other scenarios (e.g., middleboxes or APIs abusing access tokens). If other applications would significantly benefit from having the hash in the proof, I=E2=80=99m all for it.

    On a final note, I would be happy to help clear up the details on web-based threats and defenses if necessary.

    =E2=80=94
    Pragmatic Web Security
    Security for developers
    https://pragmaticw= ebsecurity.com/


    On 8 Dec 2020, at 22:47, Brian Campbell <bcampbell@pingide= ntity.com> wrote:

    Danial recently added some text to the working copy of the draft with https://github.com/danielfett/draft= -dpop/commit/f4b42058 that I think aims to better convey the "nutshell: XSS =3D Game over" sentiment and maybe dissuade folks from looking to DPoP as a cure-all for browser based applications. Admittedly a lot of the initial impetus behind producing the draft in the first place was born out of discussions around browser based apps. But it's neither specific to browser based apps nor a panacea for them. I hope the language in the document and how it's recently been presented is reflective of that reality.

    The more specific discussions/recommendations around in-browser apps are valuable (if somewhat over my head) but might be more appropriate in the OAuth 2.0 for Browser-Based Apps draft.

    With respect to the contents of the DPoP draft, I am still keen to try and flush out some consensus around the question posed in the start of this thread, which is effectively whether or not to include a hash of the access token in the proof.  Acknowledging that "XSS= =3D Game over" does sort of evoke a tendency to not even bother with such incremental protections (what I've tried to humorously coin as "XSS Nihilism" with no success). And as such, I do think that leaving it how it is (no AT hash in the proof) is not unreasonable. But, as Filip previously articulated, including the AT hash in the proof would prevent potentially prolonged access to protected resources even when the victim is offline. And that seems maybe worthwhile to have in the protocol, given that it's not a huge change to the spec. But it's a trade-off either way and I'm personally on the fence about it.

    Including an RT hash in the proof seems more niche. Best I can tell, it would guard against prolonged offline access to protected resources when access tokens are bearer and the RT was DPoP-bound and also gets rotated. The trade-off there seems less worth it (I think an RT hash would be more awkward in the protocol too).







    On Fri, Dec 4= , 2020 at 5:40 AM Philippe De Ryck <philippe@pragmat= icwebsecurity.com> wrote:

    The suggestion to use a web worker to ensure that proofs cannot be pre-computed is a good one I think. (You could also use a sandboxed iframe for a separate sub/sibling-domain - dpop.example.com).

    An iframe with a different origin would also work (not really sandboxing, as that implies the use of the sandbox attribute to enforce behavioral restrictions). The downside of an iframe is the need to host additional HTML, vs a script file for the worker, but the effect is indeed the same.

    For scenario 4, I think this only works if the attacker can trick/spoof the AS into using their redirect_uri? Otherwise the AC will go to the legitimate app which will reject it due to mismatched state/PKCE. Or are you thinking of XSS on the redirect_uri itself? I think probably a good practice is that the target of a redirect_uri should be a very minimal and locked down page to avoid this kind of possibility. (Again, using a separate sub-domain to handle tokens and DPoP seems like a good idea).

    My original thought was to use a silent flow with Web Messaging. The scenario would go as follows:

    1. Setup a Web Messaging listener to receive the incoming code
    2. Create a hidden iframe with the DOM APIs
    3. Create an authorization request such as =E2=80=9C/authorize?response_t= ype=3Dcode&client_id=3D...&redirect_uri=3Dhttps%3A%2F%example.com&state=3D...&code_challenge=3D7-ffnU1EzHtMfx= OAdlkp_WixnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256&prompt= =3Dnone&response_mode=3Dweb_message=E2=80=9D
    4. Load this URL in the iframe, and wait for the result
    5. Retrieve code in the listener, and use PKCE (+ DPoP if needed) to exchange it for tokens

    This puts the attacker in full control over every aspect of the flow, so no need to manipulate any of the parameters.


    After your comment, I also believe an attacker can run the same scenario without the =E2=80=9Cresponse_mode=3Dw= eb_message=E2=80=9D. This would go as follows:

    1. Create a hidden iframe with the DOM APIs
    2. Setup polling to read the URL (this will be possible for same-origin pages, not for cross-origin pages)
    3. Create an authorization request such as =E2=80=9C/authorize?= response_type=3Dcode&client_id=3D...&redirect_uri=3Dhttps%3A%2F%example.com&state=3D...&code_challenge=3D7-ff= nU1EzHtMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256=E2=80=9D
    4. Load this URL in the iframe, and keep polling
    5. Detect the redirect back to the application with the code in the URL, retrieve code, and use PKCE (+ DPoP if needed) to exchange it for tokens

    In step 5, the application is likely to also try to exchange the code. This will fail due to a mismatching PKCE verifier. While noisy, I don=E2=80=99t think it affects= the scenario. 


    IMO, the online attack scenario (i.e., proxying malicious requests through the victim=E2=80=99s browser) is quite appealing to an attacker, despite the apparent inconvenience:

     - the victim=E2=80=99s bro= wser may be inside a corporate firewall or VPN, allowing the attacker to effectively bypass these restrictions
     - the attacker=E2=80=99s t= raffic is mixed in with the user=E2=80=99s ow= n requests, making them harder to distinguish or to block

    Overall, DPoP can only protect against XSS to the same level as HttpOnly cookies. This is not nothing, but it means it only prevents relatively naive attacks. Given the association of public key signatures with strong authentication, people may have overinflated expectations if DPoP is pitched as an XSS defence.

    Yes, in the cookie world this is known as =E2=80=9CSession Riding=E2=80=9D= . Having the worker for token isolation would make it possible to enforce a coarse-grained policy on outgoing requests to prevent total abuse of the AT.

    My main concern here is the effort of doing DPoP in a browser versus the limited gains. It may also give a false sense of security. 



    With all this said, I believe that the AS can lock down its configuration to reduce these attack vectors. A few initial ideas:

    1. Disable silent flows for SPAs using RT rotation
    2. Use the sec-fetch headers to detect and reject non-silent iframe-based flows

    For example,  an OAuth 2.0 flow i= n an iframe in Brave/Chrome carries these headers:
    sec-fetch-dest: iframe
    sec-fetch-mode: navigate
    sec-fetch-site: cross-site
    sec-fetch-user: ?1


    Philippe


    CONFIDENTIALITY NOTICE: Thi= s email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.


    CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you. 
    _______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/l=
istinfo/oauth

    --=20
Jim Manico
Manicode Security
https://www.manicode.com

    <= span style=3D"margin:0px;padding:0px;border:0px;outline:0px;vertical-align:= baseline;background:transparent;font-family:proxima-nova-zendesk,system-ui,= -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ub= untu,Cantarell,"Helvetica Neue",Arial,sans-serif;font-weight:600"= >CONFIDENTIALITY NOTICE: This email may contain confidenti= al and privileged material for the sole use of the intended recipient(s). A= ny review, use, distribution or disclosure by others is strictly prohibited= .  If you have received this communication in error, please notify the= sender immediately by e-mail and delete the message and any file attachmen= ts from your computer. Thank you.__________________= _____________________________
    OAuth mailing list
    = OAuth@ietf.org
    https://www.ietf.org/mailman/listinfo/= oauth

    ForgeRock values your Privacy_________________________= ______________________
    OAuth mailing list
    O= Auth@ietf.org
    https://www.google.com/url?q=3Dhttps://www.ie= tf.org/mailman/listinfo/oauth&source=3Dgmail-imap&ust=3D16083627700= 00000&usg=3DAOvVaw31Ss8FnOZiHe2e0_3e_uNg
    <= /div>

    ForgeRock values your Privacy --Apple-Mail-1E157D63-13D8-469C-9E72-128DE01D6F05-- From nobody Sun Dec 13 01:11:47 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9DB7E3A1600 for ; Sun, 13 Dec 2020 01:11:46 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.196 X-Spam-Level: X-Spam-Status: No, score=-0.196 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_FONT_FACE_BAD=0.001, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lodderstedt.net Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KYyim9Qu__K2 for ; Sun, 13 Dec 2020 01:11:42 -0800 (PST) Received: from mail-wr1-x430.google.com (mail-wr1-x430.google.com [IPv6:2a00:1450:4864:20::430]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 377463A15FF for ; Sun, 13 Dec 2020 01:11:42 -0800 (PST) Received: by mail-wr1-x430.google.com with SMTP id 91so13343667wrj.7 for ; Sun, 13 Dec 2020 01:11:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lodderstedt.net; s=google; h=content-transfer-encoding:from:mime-version:subject:date:message-id :references:cc:in-reply-to:to; bh=k9Rp3WMJ6LRyFBbSsDgHNE2tT8l686gZjAhD6GE5gtY=; b=uIIrvM0fCsCTC1CcsXGNMeBxeOizRiiD3gByPLv8sjwEurGv6ssCOAcw5Ha4RR2/jm X2N4xbg+w/u9noVanYi9HtZ2BhwO3pXCyRosB2Rdox3OIYS0BJRzfrHZvicLZTHZhKQ0 Il0xKjTYyteAjc8MfKVeq6a6Kugw5fwZO+mpM3EWxbCFHhFM3nFsgrHNEBw+kDNowmG8 jHBwOO+Lp6RDWynD7kJZyJqDTd9b4YWb3CwPcWq55zP9/AKRaVJOTmfGjOlp1AtKMpHo 15sxUqLaEzEqAAsvAko6IBgBM0/rUtLjl9JKTZjucneH9FIxFbb9+gwi8Bc/UzcrJbg4 a/gg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:content-transfer-encoding:from:mime-version :subject:date:message-id:references:cc:in-reply-to:to; bh=k9Rp3WMJ6LRyFBbSsDgHNE2tT8l686gZjAhD6GE5gtY=; b=lP10xRRh0S+Lw9HmcoJngRpG5ZaL8ooVf9qcJzNzXYQnYt2bpTXTfVAit6NVdaMA7u 9T1D0AdYf7Hq+NbsLfNaUH8Sdn6yNiZBDWkgn3mj1Cx5C1vwo/GUa+hFyJgRR9G62IcG ga+dJ1FcZcrULdMvTnnCLaAID1cxFkMQMhNMdTzPAud2C+6ep8fO5+dSI1acvO0ESOk2 gh6oishCjXZ7ivGxm3nIPOqPiQkUdooqPS5nzmy9JuTsmukSGomK8dLW2n1J4pHDTXTo Nt0CJ4zFKMOiI1ZY6088POlxXh/n8WiAHBhN9rq1G+/vloaY9v1OfFW/DdJhJcFEuldq AJiQ== X-Gm-Message-State: AOAM532cC31pk6VPpDu79i/b8AubtyjIrMhuFLTxFjn7aSVFLft1fdtf QkgXD6kdBbt5Bz+Ar5jXaOJKVg== X-Google-Smtp-Source: ABdhPJzMaVFI/WCwhHcxX/ron7qJnjz+XxpfO3Aea8C+yaz2TCqHk4TcpnHHpM2T4McGBK/DI4eLHA== X-Received: by 2002:adf:cd8f:: with SMTP id q15mr22334230wrj.79.1607850700428; Sun, 13 Dec 2020 01:11:40 -0800 (PST) Received: from ?IPv6:2003:eb:8f1b:fae1:80f4:1e90:dc8b:9017? (p200300eb8f1bfae180f41e90dc8b9017.dip0.t-ipconnect.de. [2003:eb:8f1b:fae1:80f4:1e90:dc8b:9017]) by smtp.gmail.com with ESMTPSA id n12sm26843811wrg.76.2020.12.13.01.11.38 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sun, 13 Dec 2020 01:11:39 -0800 (PST) Content-Type: multipart/signed; boundary=Apple-Mail-91CC7FB4-B502-4069-9CD2-2D1FCD3E2D11; protocol="application/pkcs7-signature"; micalg=sha-256 Content-Transfer-Encoding: 7bit From: Torsten Lodderstedt Mime-Version: 1.0 (1.0) Date: Sun, 13 Dec 2020 10:11:38 +0100 Message-Id: References: <83074800-C301-4C01-9F33-8D8D88F7055E@forgerock.com> Cc: Brian Campbell , oauth In-Reply-To: <83074800-C301-4C01-9F33-8D8D88F7055E@forgerock.com> To: Neil Madden X-Mailer: iPad Mail (18B92) Archived-At: Subject: Re: [OAUTH-WG] DPoP followup I: freshness and coverage of signature X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Dec 2020 09:11:47 -0000 --Apple-Mail-91CC7FB4-B502-4069-9CD2-2D1FCD3E2D11 Content-Type: multipart/alternative; boundary=Apple-Mail-9C0FEE5B-5A63-471E-B5E6-F4755B5E22B8 Content-Transfer-Encoding: 7bit --Apple-Mail-9C0FEE5B-5A63-471E-B5E6-F4755B5E22B8 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hi Neil, thanks for your comprehensive answers. Please find my comments inline. best regards, Torsten. > Am 12.12.2020 um 21:11 schrieb Neil Madden : >=20 > =EF=BB=BF > =EF=BB=BFGood questions! Answers inline: >=20 >>> On 12 Dec 2020, at 10:07, Torsten Lodderstedt w= rote: >>>=20 >> =EF=BB=BF >> Thanks for sharing, Neil! >>=20 >> I=E2=80=98ve got some questions: >> Note: I assume the tokens you are referring in your article are OAuth acc= ess tokens. >=20 > No, probably not. Just auth tokens more generically.=20 >=20 >> - carrying tokens in URLs wie considered bad practice by the Security BCP= and OAuth 2.1 due to leakage via referrer headers and so on. Why isn=E2=80=99= t this an issue with your approach? >=20 > This is generally safe advice, but it is often over-cautious for three rea= sons: >=20 > 1. Referer headers (and window.referrer) apply when embedding/linking reso= urces in HTML. But when we=E2=80=99re talking about browser-based apps (eg S= PAs), that usually means JavaScript calling some backend API that returns JS= ON or some other data format. These data formats don=E2=80=99t have links or= embedded resources (as far as the browser is concerned), so they don=E2=80=99= t leak Referer headers in the same way. When the app loads a resource from a= URI in a JSON response the Referer header will contain the URI of the app i= tself (most likely a generic HTML template page), not the capability URI fro= m which the JSON was loaded. Similar arguments apply to browser history and o= ther typical ways that URIs leak.=20 >=20 > 2. You can now use the Referrer-Policy header [1] and rel=3D=E2=80=9Cnoope= ner noreferrer=E2=80=9D to opt out of this leakage, and browsers are moving t= o doing this by default for cross-origin requests/embeds. (This is already e= nabled by default in Safari).=20 >=20 > 3. When you do want to use capability URIs for top-level navigation, there= are places in the URI you can put a token that aren=E2=80=99t ever included= in Referer headers or window.referrer or ever sent to the server at all - s= uch as the fragment. JavaScript can then extract the token from the fragment= (and then wipe it) and send it to the server in an Authorization header or w= hatever. See [2] for more details and alternatives.=20 >=20 > [1]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Po= licy > [2]: https://neilmadden.blog/2019/01/16/can-you-ever-safely-include-creden= tials-in-a-url/ >=20 >> - generating (self contained) or using (handles) per URL access tokens mi= ght be rather expensive. Can you sketch out how you wanna cope with that cha= llenge? >=20 > A decent HMAC implementation takes about 1-2 microseconds for typical size= of token we=E2=80=99re talking about.=20 The generation of a self contained access token typically requires querying c= laim values from at least a single data source. That might take more time. Fo= r handle based tokens/token introspection, one needs to add the time it take= s to obtain the token data, which requires a HTTPS communication. That could= be even more time consuming. >=20 >> - per URL Access tokens are a very consequent Form or audience restrictio= n. How do you wanna signal the audience to the AS? >=20 > As I said, this isn=E2=80=99t OAuth, but for example you can already do th= is with the macaroon access tokens in ForgeRock AM 7.0 - issue a single acce= ss token and then make copies with specific audience restrictions added as c= aveats, as discussed in [3]. Such audience restrictions are then returned in= the token introspection response and the RS can enforce them.=20 >=20 > My comment in the article about ideas for future OAuth is really just that= the token endpoint should be able to issue multiple fine-grained access tok= ens in one go, each associated with a particular endpoint (or endpoints). Yo= u could either return these as separate items like: >=20 > =E2=80=9Caccess_tokens=E2=80=9D: [ > { =E2=80=9Ctoken=E2=80=9D: =E2=80=9Cabc...=E2=80=9D,=20 > =E2=80=9Caud=E2=80=9D: =E2=80=9Chttps://api.example.com/foo=E2=80=9D= }, > { =E2=80=9Ctoken=E2=80=9D: =E2=80=9Cdef...=E2=80=9D, > =E2=80=9Caud=E2=80=9D: =E2=80=9Chttps://api.example.com/bar=E2=80=9D= } > ] I like the idea (and have liked it for a long time https://mailarchive.ietf= .org/arch/msg/oauth/JcKGhoKy2S_2gAQ2ilMxCPWbgPw/). resource indicators or authorization_details (with locations) could basicall= y be used for that purpose but OAuth2 lacks multiple tokens support in the t= oken endpoint. >=20 > Or just go ahead and combine those into capability URIs. (I think I alread= y mentioned this a long time ago when GNAP was first being discussed).=20 >=20 > Speaking even more wishfully, what I would really love to see is a new URL= scheme for these, something like: >=20 > bearer://@api.example.com/foo >=20 > Which is equivalent to a HTTPS link, but the browser knows about this form= at and when clicking on/accessing such a URI it sends the token as an Author= ization: Bearer header automatically. Ideally the browser would also not all= ow the token to be accessible from the DOM.=20 Interesting. That would allow to elevate browser support to the level of BAS= IC. >=20 > Even without browser support I think such a URI scheme would be useful to a= llow GitHub and others to more easily recognise capability URIs checked into= public git repos and perhaps provide a way to automatically revoke them (.w= ell-known/token-revocation perhaps). >=20 > [3]: https://neilmadden.blog/2020/07/29/least-privilege-with-less-effort-m= acaroon-access-tokens-in-am-7-0/ >=20 > =E2=80=94 Neil >=20 >>=20 >> best regards, >> Torsten. >>=20 >>>> Am 12.12.2020 um 08:26 schrieb Neil Madden := >>>>=20 >>> =EF=BB=BF >>> Not directly related to DPoP or OAuth, but I wrote some notes to help re= covering XSS Nihilists: https://neilmadden.blog/2020/12/10/xss-doesnt-have-t= o-be-game-over/ >>>=20 >>> =E2=80=94 Neil >>>=20 >>>>> On 12 Dec 2020, at 00:02, Brian Campbell wrote: >>>>>=20 >>>> =EF=BB=BF >>>> I think that puts Jim in the XSS Nihilism camp :)=20 >>>>=20 >>>> Implicit type flows are being deprecated/discouraged. But keeping token= s out of browsers doesn't seem likely. There is some menton of CSP in https:= //tools.ietf.org/html/draft-ietf-oauth-browser-based-apps-07#section-9.7=20 >>>>=20 >>>>> On Wed, Dec 9, 2020 at 4:10 PM Jim Manico wrote: >>>>> The basic theme from the web attacker community is: >>>>>=20 >>>>> 1) XSS is a game over event to web clients. XSS can steal or abuse (re= quest forgery) tokens, and more. >>>>>=20 >>>>> 2) Even if you prevent stolen tokens from being used outside of a web c= lient, XSS still allows the attacker to force a user to make any request in a= fraudulent way, abusing browser based tokens as a form of request forgery. >>>>>=20 >>>>> 3) There are advanced measures to stop a token from being stolen from a= web client, like a HTTPonly cookies and to a lesser degree, JS Closures and= Webworkers.=20 >>>>>=20 >>>>> 4) However, these measures to protect cookies are mostly moot. Attacke= rs can just force clients to make fraudulent requests. >>>>>=20 >>>>> 5) Many recommend the BFF pattern to hide tokens on the back end, but s= till, request forgery via XSS allows all kinds of abuse. >>>>>=20 >>>>> XSS is game over no matter how you slice it. >>>>>=20 >>>>> Crypto solutions do not help. Perhaps the world of OAuth can start sug= gesting that web clients use CSP 3.0 in specific ways, if you still plan to s= upport Implicit type flows or tokens in browsers? >>>>>=20 >>>>> Respectfully, >>>>>=20 >>>>> - Jim >>>>>=20 >>>>>=20 >>>>>=20 >>>>> On 12/9/20 12:57 PM, Brian Campbell wrote: >>>>>> Thanks Philippe, I very much concur with your line of reasoning and t= he important considerations. The scenario I was thinking of is: browser base= d client where XSS is used to exfiltrate the refresh token along with pre-co= mputed proofs that would allow for the RT to be exchanged for new access tok= ens and also pre-computed proofs that would work with those access tokens fo= r resource access. With the pre-computed proofs that would allow prolonged (= as long as the RT is valid) access to protected resources even when the vict= im is offline. Is that a concrete attack scenario? I mean, kind of. It's pre= tty convoluted/complex. And while an access token hash would reign it in som= ewhat (ATs obtained from the stolen RT wouldn't be usable) it's hard to say i= f the cost is worth the benefit. >>>>>>=20 >>>>>>=20 >>>>>>=20 >>>>>> On Tue, Dec 8, 2020 at 11:47 PM Philippe De Ryck wrote: >>>>>>> Yeah, browser-based apps are pure fun, aren=E2=80=99t they? :) >>>>>>>=20 >>>>>>> The reason I covered a couple of (pessimistic) XSS scenarios is that= the discussion started with an assumption that the attacker already success= fully exploited an XSS vulnerability. I pointed out how, at that point, fine= tuning DPoP proof contents will have little to no effect to stop an attack. I= believe it is important to make this very clear, to avoid people turning to= DPoP as a security mechanism for browser-based applications. >>>>>>>=20 >>>>>>>=20 >>>>>>> Specifically to your question on including the hash in the proof, I t= hink these considerations are important: >>>>>>>=20 >>>>>>> 1. Does the inclusion of the AT hash stop a concrete attack scenario= ? >>>>>>> 2. Is the =E2=80=9Ccost=E2=80=9D (implementation, getting it right, =E2= =80=A6) worth the benefits? >>>>>>>=20 >>>>>>>=20 >>>>>>> Here=E2=80=99s my view on these considerations (specifically for bro= wser-based apps, not for other types of applications): >>>>>>>=20 >>>>>>> 1. The proof precomputation attack is already quite complex, and sho= rt access token lifetimes already reduce the window of attack. If the attack= er can steal a future AT, they could also precompute new proofs then.=20 >>>>>>> 2. For browser-based apps, it seems that doing this complicates the i= mplementation, without adding much benefit. Of course, libraries could handl= e this, which significantly reduces the cost.=20 >>>>>>>=20 >>>>>>>=20 >>>>>>> Note that these comments are specifically to complicating the spec a= nd implementation. DPoP=E2=80=99s capabilities of using sender-constrained a= ccess tokens are still useful to counter various other scenarios (e.g., midd= leboxes or APIs abusing access tokens). If other applications would signific= antly benefit from having the hash in the proof, I=E2=80=99m all for it. >>>>>>>=20 >>>>>>> On a final note, I would be happy to help clear up the details on we= b-based threats and defenses if necessary. >>>>>>>=20 >>>>>>> =E2=80=94 >>>>>>> Pragmatic Web Security >>>>>>> Security for developers >>>>>>> https://pragmaticwebsecurity.com/ >>>>>>>=20 >>>>>>>=20 >>>>>>>> On 8 Dec 2020, at 22:47, Brian Campbell wrote: >>>>>>>>=20 >>>>>>>> Danial recently added some text to the working copy of the draft wi= th https://github.com/danielfett/draft-dpop/commit/f4b42058 that I think aim= s to better convey the "nutshell: XSS =3D Game over" sentiment and maybe dis= suade folks from looking to DPoP as a cure-all for browser based application= s. Admittedly a lot of the initial impetus behind producing the draft in the= first place was born out of discussions around browser based apps. But it's= neither specific to browser based apps nor a panacea for them. I hope the l= anguage in the document and how it's recently been presented is reflective o= f that reality.=20 >>>>>>>>=20 >>>>>>>> The more specific discussions/recommendations around in-browser app= s are valuable (if somewhat over my head) but might be more appropriate in t= he OAuth 2.0 for Browser-Based Apps draft. >>>>>>>>=20 >>>>>>>> With respect to the contents of the DPoP draft, I am still keen to t= ry and flush out some consensus around the question posed in the start of th= is thread, which is effectively whether or not to include a hash of the acce= ss token in the proof. Acknowledging that "XSS =3D Game over" does sort of e= voke a tendency to not even bother with such incremental protections (what I= 've tried to humorously coin as "XSS Nihilism" with no success). And as such= , I do think that leaving it how it is (no AT hash in the proof) is not unre= asonable. But, as Filip previously articulated, including the AT hash in the= proof would prevent potentially prolonged access to protected resources eve= n when the victim is offline. And that seems maybe worthwhile to have in the= protocol, given that it's not a huge change to the spec. But it's a trade-o= ff either way and I'm personally on the fence about it. >>>>>>>>=20 >>>>>>>> Including an RT hash in the proof seems more niche. Best I can tell= , it would guard against prolonged offline access to protected resources whe= n access tokens are bearer and the RT was DPoP-bound and also gets rotated. T= he trade-off there seems less worth it (I think an RT hash would be more awk= ward in the protocol too).=20 >>>>>>>>=20 >>>>>>>>=20 >>>>>>>>=20 >>>>>>>>=20 >>>>>>>>=20 >>>>>>>>=20 >>>>>>>>=20 >>>>>>>> On Fri, Dec 4, 2020 at 5:40 AM Philippe De Ryck wrote: >>>>>>>>>=20 >>>>>>>>>> The suggestion to use a web worker to ensure that proofs cannot b= e pre-computed is a good one I think. (You could also use a sandboxed iframe= for a separate sub/sibling-domain - dpop.example.com). >>>>>>>>>=20 >>>>>>>>> An iframe with a different origin would also work (not really sand= boxing, as that implies the use of the sandbox attribute to enforce behavior= al restrictions). The downside of an iframe is the need to host additional H= TML, vs a script file for the worker, but the effect is indeed the same. >>>>>>>>>=20 >>>>>>>>>> For scenario 4, I think this only works if the attacker can trick= /spoof the AS into using their redirect_uri? Otherwise the AC will go to the= legitimate app which will reject it due to mismatched state/PKCE. Or are yo= u thinking of XSS on the redirect_uri itself? I think probably a good practi= ce is that the target of a redirect_uri should be a very minimal and locked d= own page to avoid this kind of possibility. (Again, using a separate sub-dom= ain to handle tokens and DPoP seems like a good idea). >>>>>>>>>=20 >>>>>>>>> My original thought was to use a silent flow with Web Messaging. T= he scenario would go as follows: >>>>>>>>>=20 >>>>>>>>> 1. Setup a Web Messaging listener to receive the incoming code >>>>>>>>> 2. Create a hidden iframe with the DOM APIs >>>>>>>>> 3. Create an authorization request such as =E2=80=9C/authorize?res= ponse_type=3Dcode&client_id=3D...&redirect_uri=3Dhttps%3A%2F%example.com&sta= te=3D...&code_challenge=3D7-ffnU1EzHtMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_c= hallenge_method=3DS256&prompt=3Dnone&response_mode=3Dweb_message=E2=80=9D >>>>>>>>> 4. Load this URL in the iframe, and wait for the result >>>>>>>>> 5. Retrieve code in the listener, and use PKCE (+ DPoP if needed) t= o exchange it for tokens >>>>>>>>>=20 >>>>>>>>> This puts the attacker in full control over every aspect of the fl= ow, so no need to manipulate any of the parameters. >>>>>>>>>=20 >>>>>>>>>=20 >>>>>>>>> After your comment, I also believe an attacker can run the same sc= enario without the =E2=80=9Cresponse_mode=3Dweb_message=E2=80=9D. This would= go as follows: >>>>>>>>>=20 >>>>>>>>> 1. Create a hidden iframe with the DOM APIs >>>>>>>>> 2. Setup polling to read the URL (this will be possible for same-o= rigin pages, not for cross-origin pages) >>>>>>>>> 3. Create an authorization request such as =E2=80=9C/authorize?res= ponse_type=3Dcode&client_id=3D...&redirect_uri=3Dhttps%3A%2F%example.com&sta= te=3D...&code_challenge=3D7-ffnU1EzHtMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_c= hallenge_method=3DS256=E2=80=9D >>>>>>>>> 4. Load this URL in the iframe, and keep polling >>>>>>>>> 5. Detect the redirect back to the application with the code in th= e URL, retrieve code, and use PKCE (+ DPoP if needed) to exchange it for tok= ens >>>>>>>>>=20 >>>>>>>>> In step 5, the application is likely to also try to exchange the c= ode. This will fail due to a mismatching PKCE verifier. While noisy, I don=E2= =80=99t think it affects the scenario.=20 >>>>>>>>>=20 >>>>>>>>>=20 >>>>>>>>>> IMO, the online attack scenario (i.e., proxying malicious request= s through the victim=E2=80=99s browser) is quite appealing to an attacker, d= espite the apparent inconvenience: >>>>>>>>>>=20 >>>>>>>>>> - the victim=E2=80=99s browser may be inside a corporate firewal= l or VPN, allowing the attacker to effectively bypass these restrictions >>>>>>>>>> - the attacker=E2=80=99s traffic is mixed in with the user=E2=80= =99s own requests, making them harder to distinguish or to block >>>>>>>>>>=20 >>>>>>>>>> Overall, DPoP can only protect against XSS to the same level as H= ttpOnly cookies. This is not nothing, but it means it only prevents relative= ly naive attacks. Given the association of public key signatures with strong= authentication, people may have overinflated expectations if DPoP is pitche= d as an XSS defence. >>>>>>>>>=20 >>>>>>>>> Yes, in the cookie world this is known as =E2=80=9CSession Riding=E2= =80=9D. Having the worker for token isolation would make it possible to enfo= rce a coarse-grained policy on outgoing requests to prevent total abuse of t= he AT. >>>>>>>>>=20 >>>>>>>>> My main concern here is the effort of doing DPoP in a browser vers= us the limited gains. It may also give a false sense of security.=20 >>>>>>>>>=20 >>>>>>>>>=20 >>>>>>>>>=20 >>>>>>>>> With all this said, I believe that the AS can lock down its config= uration to reduce these attack vectors. A few initial ideas: >>>>>>>>>=20 >>>>>>>>> 1. Disable silent flows for SPAs using RT rotation >>>>>>>>> 2. Use the sec-fetch headers to detect and reject non-silent ifram= e-based flows >>>>>>>>>=20 >>>>>>>>> For example, an OAuth 2.0 flow in an iframe in Brave/Chrome carri= es these headers: >>>>>>>>> sec-fetch-dest: iframe >>>>>>>>> sec-fetch-mode: navigate >>>>>>>>> sec-fetch-site: cross-site >>>>>>>>> sec-fetch-user: ?1 >>>>>>>>>=20 >>>>>>>>>=20 >>>>>>>>> Philippe >>>>>>>>>=20 >>>>>>>>=20 >>>>>>>> CONFIDENTIALITY NOTICE: This email may contain confidential and pri= vileged material for the sole use of the intended recipient(s). Any review, u= se, distribution or disclosure by others is strictly prohibited. If you hav= e received this communication in error, please notify the sender immediately= by e-mail and delete the message and any file attachments from your compute= r. Thank you. >>>>>>>=20 >>>>>>=20 >>>>>> CONFIDENTIALITY NOTICE: This email may contain confidential and privi= leged material for the sole use of the intended recipient(s). Any review, us= e, distribution or disclosure by others is strictly prohibited. If you have= received this communication in error, please notify the sender immediately b= y e-mail and delete the message and any file attachments from your computer.= Thank you.=20 >>>>>>=20 >>>>>> _______________________________________________ >>>>>> OAuth mailing list >>>>>> OAuth@ietf.org >>>>>> https://www.ietf.org/mailman/listinfo/oauth >>>>> --=20 >>>>> Jim Manico >>>>> Manicode Security >>>>> https://www.manicode.com >>>>=20 >>>> CONFIDENTIALITY NOTICE: This email may contain confidential and privile= ged material for the sole use of the intended recipient(s). Any review, use,= distribution or disclosure by others is strictly prohibited. If you have r= eceived this communication in error, please notify the sender immediately by= e-mail and delete the message and any file attachments from your computer. T= hank you._______________________________________________ >>>> OAuth mailing list >>>> OAuth@ietf.org >>>> https://www.ietf.org/mailman/listinfo/oauth >>>=20 >>> ForgeRock values your Privacy___________________________________________= ____ >>> OAuth mailing list >>> OAuth@ietf.org >>> https://www.google.com/url?q=3Dhttps://www.ietf.org/mailman/listinfo/oau= th&source=3Dgmail-imap&ust=3D1608362770000000&usg=3DAOvVaw31Ss8FnOZiHe2e0_3e= _uNg >=20 > ForgeRock values your Privacy --Apple-Mail-9C0FEE5B-5A63-471E-B5E6-F4755B5E22B8 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable
    Hi Neil,

    thanks for your comprehensive answers. Pleas= e find my comments inline.

    = best regards,
    Torsten.

    Am 12.12.2020 um 21:11 schrieb Neil Madden <neil.mad= den@forgerock.com>:

    <= div dir=3D"ltr">=EF=BB=BF
    =EF=BB=BFGood questions! Answers inli= ne:

    On 12 Dec 2020, at 10:07, T= orsten Lodderstedt <torsten@lodderstedt.net> wrote:

    =EF=BB=BF
    Th= anks for sharing, Neil!

    I=E2= =80=98ve got some questions:
    Note: I assume the tokens= you are referring in your article are OAuth access tokens.

    No, probably not. Just auth tokens more generica= lly. 

    - carrying tokens in URLs wie considered bad practice by the Security BC= P and OAuth 2.1 due to leakage via referrer headers and so on. Why isn=E2=80= =99t this an issue with your approach?

    This is generally safe advice, but it is often over-cautious f= or three reasons:

    1. Refere= r headers (and window.referrer) apply when embedding/linking resources in HT= ML. But when we=E2=80=99re talking about browser-based apps (eg SPAs), that u= sually means JavaScript calling some backend API that returns JSON or some o= ther data format. These data formats don=E2=80=99t have links or embedded re= sources (as far as the browser is concerned), so they don=E2=80=99t leak Ref= erer headers in the same way. When the app loads a resource from a URI in a J= SON response the Referer header will contain the URI of the app itself (most= likely a generic HTML template page), not the capability URI from which the= JSON was loaded. Similar arguments apply to browser history and other typic= al ways that URIs leak. 

    2. You can now use the Referrer-Policy header [1] and rel=3D=E2=80=9Cnoop= ener noreferrer=E2=80=9D to opt out of this leakage, and browsers are moving= to doing this by default for cross-origin requests/embeds. (This is already= enabled by default in Safari). 

    3. When you do want to use capability URIs for top-level navigati= on, there are places in the URI you can put a token that aren=E2=80=99t ever= included in Referer headers or window.referrer or ever sent to the server a= t all - such as the fragment. JavaScript can then extract the token from the= fragment (and then wipe it) and send it to the server in an Authorization h= eader or whatever. See [2] for more details and alternatives. 

    [2]: https://neilmadden.blo= g/2019/01/16/can-you-ever-safely-include-credentials-in-a-url/
    <= br>
    - gener= ating (self contained) or using (handles) per URL access tokens might be rat= her expensive. Can you sketch out how you wanna cope with that challenge?

    A decent H= MAC implementation takes about 1-2 microseconds for typical size of token we= =E2=80=99re talking about. 

    The generation of a self contained access token typically requires queryin= g claim values from at least a single data source. That might take more time= . For handle based tokens/token introspection, one needs to add the time it t= akes to obtain the token data, which requires a HTTPS communication. That co= uld be even more time consuming.


    - per URL Access tokens are a very consequent Form or audience re= striction. How do you wanna signal the audience to the AS?

    As I said, this isn=E2=80= =99t OAuth, but for example you can already do this with the macaroon access= tokens in ForgeRock AM 7.0 - issue a single access token and then make copi= es with specific audience restrictions added as caveats, as discussed in [3]= . Such audience restrictions are then returned in the token introspection re= sponse and the RS can enforce them. 


    My comment in the article about ideas f= or future OAuth is really just that the token endpoint should be able to iss= ue multiple fine-grained access tokens in one go, each associated with a par= ticular endpoint (or endpoints). You could either return these as separate i= tems like:

    =E2=80=9Caccess_= tokens=E2=80=9D: [
        { =E2=80=9Ctoken=E2=80= =9D: =E2=80=9Cabc...=E2=80=9D, 
        &nb= sp;  =E2=80=9Caud=E2=80=9D: =E2=80=9Chttps://api.example.com/foo=E2=80=9D= },
        { =E2=80=9Ctoken=E2=80=9D: =E2=80=9C= def...=E2=80=9D,
           =E2=80=9Ca= ud=E2=80=9D: =E2=80=9Chttps://api.example.com/bar=E2=80=9D }
    ]

    I like the idea (and ha= ve liked it for a long time  https://mailarchive.ietf.org/arch= /msg/oauth/JcKGhoKy2S_2gAQ2ilMxCPWbgPw/).

    resou= rce indicators or authorization_details (with locations) could basically be u= sed for that purpose but OAuth2 lacks multiple tokens support in the token e= ndpoint.


    Or just go ahead and combi= ne those into capability URIs. (I think I already mentioned this a long time= ago when GNAP was first being discussed). 

    <= /div>
    Speaking even more wishfully, what I would really love= to see is a new URL scheme for these, something like:

      bearer://<token>@api.example.com/fo= o

    Which is equivalent to a H= TTPS link, but the browser knows about this format and when clicking on/acce= ssing such a URI it sends the token as an Authorization: Bearer header autom= atically. Ideally the browser would also not allow the token to be accessibl= e from the DOM. 

    Interesti= ng. That would allow to elevate browser support to the level of BASIC.
    =


    Even without browser support I think su= ch a URI scheme would be useful to allow GitHub and others to more easily re= cognise capability URIs checked into public git repos and perhaps provide a w= ay to automatically revoke them (.well-known/token-revocation perhaps).


    =E2=80=94 N= eil

    best regards,
    Torsten.

    Am 12.12.2020 um 08:26 schrieb N= eil Madden <neil.madden@forgerock.com>:

    =EF=BB=BF
    Not directly r= elated to DPoP or OAuth, but I wrote some notes to help recovering XSS Nihil= ists: https://neilmadden.blog/2020/12/10/xss-doesnt-have-to= -be-game-over/

    =E2=80=94= Neil

    On 12 Dec 2020, at= 00:02, Brian Campbell <bcampbell=3D40pingidentity.com@dmarc.ietf.org>= wrote:

    =EF=BB=BF
    I think that puts Jim in the XSS Nihilism ca= mp :) 

    Implicit type flows are being deprecate= d/discouraged. But keeping tokens out of browsers doesn't seem likely. There= is some menton of CSP in https://tools.ietf.org/= html/draft-ietf-oauth-browser-based-apps-07#section-9.7
    =
    On Wed,= Dec 9, 2020 at 4:10 PM Jim Manico <jim@manicode.com> wrote:
    =20 =20 =20

    The basic theme from the web attacker community is:

    1) XSS is a game over event to web clients. XSS can steal or abuse (request forgery) tokens, and more.

    2) Even if you prevent stolen tokens from being used outside of a web client, XSS still allows the attacker to force a user to make any request in a fraudulent way, abusing browser based tokens as a form of request forgery.

    3) There are advanced measures to stop a token from being stolen from a web client, like a HTTPonly cookies and to a lesser degree, JS Closures and Webworkers.

    4) However, these measures to protect cookies are mostly moot. Attackers can just force clients to make fraudulent requests.

    5) Many recommend the BFF pattern to hide tokens on the back end, but still, request forgery via XSS allows all kinds of abuse.

    XSS is game over no matter how you slice it.

    Crypto solutions do not help. Perhaps the world of OAuth can start suggesting that web clients use CSP 3.0 in specific ways, if you still plan to support Implicit type flows or tokens in browsers?

    Respectfully,

    - Jim


    On 12/9/20 12:57 PM, Brian Campbell wrote:
    =20
    Thanks Philippe, I very much concur with your line of reasoning and the important considerations. The scenario I was thinking of is: browser based client where XSS is used to exfiltrate the refresh token along with pre-computed proofs that would allow for the RT to be exchanged for new access tokens and also pre-computed proofs that would work with those access tokens for resource access. With the pre-computed proofs that would allow prolonged (as long as the RT is valid) access to protected resources even when the victim is offline. Is that a concrete attack scenario? I mean, kind of. It's pretty convoluted/complex. And while an access token hash would reign it in somewhat (ATs obtained from the stolen RT wouldn't be usable) it's hard to say if the cost is worth the benefit.



    On Tue, Dec 8, 2020 at 11:47 PM Philippe De Ryck <philippe@pragmaticwebsecurity.com> wrote:
    Yeah, browser-based apps are pure fun, aren=E2=80=99t they? :)

    The reason I covered a couple of (pessimistic) XSS scenarios is that the discussion started with an assumption that the attacker already successfully exploited an XSS vulnerability. I pointed out how, at that point, finetuning DPoP proof contents will have little to no effect to stop an attack. I believe it is important to make this very clear, to avoid people turning to DPoP as a security mechanism for browser-based applications.


    Specifically to your question on including the hash in the proof, I think these considerations are important:

    1. Does the inclusion of the AT hash stop a concrete attack scenario?
    2. Is the =E2=80=9Ccost=E2=80=9D (implementation, getting i= t right, =E2=80=A6) worth the benefits?


    Here=E2=80=99s my view on these considerations (speci= fically for browser-based apps, not for other types of applications):

    1. The proof precomputation attack is already quite complex, and short access token lifetimes already reduce the window of attack. If the attacker can steal a future AT, they could also precompute new proofs then. 
    2. For browser-based apps, it seems that doing this complicates the implementation, without adding much benefit. Of course, libraries could handle this, which significantly reduces the cost. 


    Note that these comments are specifically to complicating the spec and implementation. DPoP=E2=80=99s capabilities of using sender-constrained access tokens are still useful to counter various other scenarios (e.g., middleboxes or APIs abusing access tokens). If other applications would significantly benefit from having the hash in the proof, I=E2=80=99m all for it.

    On a final note, I would be happy to help clear up the details on web-based threats and defenses if necessary.

    =E2=80=94
    Pragmatic Web Security
    Security for developers
    https://pragmaticwebsecurity.com/


    On 8 Dec 2020, at 22:47, Brian Campbell <bcampbell@pingident= ity.com> wrote:

    Danial recently added some text to the working copy of the draft with h= ttps://github.com/danielfett/draft-dpop/commit/f4b42058 that I think aims to better convey the "nutshell: XSS =3D Game over" sentiment and maybe dissuade folks from looking to DPoP as a cure-all for browser based applications. Admittedly a lot of the initial impetus behind producing the draft in the first place was born out of discussions around browser based apps. But it's neither specific to browser based apps nor a panacea for them. I hope the language in the document and how it's recently been presented is reflective of that reality.

    The more specific discussions/recommendations around in-browser apps are valuable (if somewhat over my head) but might be more appropriate in the OAuth 2.0 for Browser-Based Apps draft.

    With respect to the contents of the DPoP draft, I am still keen to try and flush out some consensus around the question posed in the start of this thread, which is effectively whether or not to include a hash of the access token in the proof.  Acknowledging that "XSS =3D= Game over" does sort of evoke a tendency to not even bother with such incremental protections (what I've tried to humorously coin as "XSS Nihilism" with no success). And as such, I do think that leaving it how it is (no AT hash in the proof) is not unreasonable. But, as Filip previously articulated, including the AT hash in the proof would prevent potentially prolonged access to protected resources even when the victim is offline. And that seems maybe worthwhile to have in the protocol, given that it's not a huge change to the spec. But it's a trade-off either way and I'm personally on the fence about it.

    Including an RT hash in the proof seems more niche. Best I can tell, it would guard against prolonged offline access to protected resources when access tokens are bearer and the RT was DPoP-bound and also gets rotated. The trade-off there seems less worth it (I think an RT hash would be more awkward in the protocol too).







    On Fri, Dec 4,= 2020 at 5:40 AM Philippe De Ryck <philippe@pragmatic= websecurity.com> wrote:

    The suggestion to use a web worker to ensure that proofs cannot be pre-computed is a good one I think. (You could also use a sandboxed iframe for a separate sub/sibling-domain - dpop.example.com).

    An iframe with a different origin would also work (not really sandboxing, as that implies the use of the sandbox attribute to enforce behavioral restrictions). The downside of an iframe is the need to host additional HTML, vs a script file for the worker, but the effect is indeed the same.

    For scenario 4, I think this only works if the attacker can trick/spoof the AS into using their redirect_uri? Otherwise the AC will go to the legitimate app which will reject it due to mismatched state/PKCE. Or are you thinking of XSS on the redirect_uri itself? I think probably a good practice is that the target of a redirect_uri should be a very minimal and locked down page to avoid this kind of possibility. (Again, using a separate sub-domain to handle tokens and DPoP seems like a good idea).

    My original thought was to use a silent flow with Web Messaging. The scenario would go as follows:

    1. Setup a Web Messaging listener to receive the incoming code
    2. Create a hidden iframe with the DOM APIs
    3. Create an authorization request such as =E2=80=9C/authorize?response_ty= pe=3Dcode&client_id=3D...&redirect_uri=3Dhttps%3A%2F%example.com&state=3D...&a= mp;code_challenge=3D7-ffnU1EzHtMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_cha= llenge_method=3DS256&prompt=3Dnone&response_mode=3Dweb_message=E2= =80=9D
    4. Load this URL in the iframe, and wait for the result
    5. Retrieve code in the listener, and use PKCE (+ DPoP if needed) to exchange it for tokens

    This puts the attacker in full control over every aspect of the flow, so no need to manipulate any of the parameters.


    After your comment, I also believe an attacker can run the same scenario without the =E2=80=9Cresponse_mode=3Dwe= b_message=E2=80=9D. This would go as follows:

    1. Create a hidden iframe with the DOM APIs
    2. Setup polling to read the URL (this will be possible for same-origin pages, not for cross-origin pages)
    3. Create an authorization request such as =E2=80=9C/authorize?r= esponse_type=3Dcode&client_id=3D...&redirect_uri=3Dhttps%3A%2F%example.com&sta= te=3D...&code_challenge=3D7-ffnU1EzHtMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&am= p;code_challenge_method=3DS256=E2=80=9D
    4. Load this URL in the iframe, and keep polling
    5. Detect the redirect back to the application with the code in the URL, retrieve code, and use PKCE (+ DPoP if needed) to exchange it for tokens

    In step 5, the application is likely to also try to exchange the code. This will fail due to a mismatching PKCE verifier. While noisy, I don=E2=80=99t think it affects t= he scenario. 


    IMO, the online attack scenario (i.e., proxying malicious requests through the victim=E2=80=99s browser) is quite appealing to an attacker, despite the apparent inconvenience:

     - the victim=E2=80=99s brow= ser may be inside a corporate firewall or VPN, allowing the attacker to effectively bypass these restrictions
     - the attacker=E2=80=99s tr= affic is mixed in with the user=E2=80=99s own= requests, making them harder to distinguish or to block

    Overall, DPoP can only protect against XSS to the same level as HttpOnly cookies. This is not nothing, but it means it only prevents relatively naive attacks. Given the association of public key signatures with strong authentication, people may have overinflated expectations if DPoP is pitched as an XSS defence.

    Yes, in the cookie world this is known as =E2=80=9CSession Riding=E2=80=9D.= Having the worker for token isolation would make it possible to enforce a coarse-grained policy on outgoing requests to prevent total abuse of the AT.

    My main concern here is the effort of doing DPoP in a browser versus the limited gains. It may also give a false sense of security. 



    With all this said, I believe that the AS can lock down its configuration to reduce these attack vectors. A few initial ideas:

    1. Disable silent flows for SPAs using RT rotation
    2. Use the sec-fetch headers to detect and reject non-silent iframe-based flows

    For example,  an OAuth 2.0 flow in= an iframe in Brave/Chrome carries these headers:
    sec-fetch-dest: iframe
    sec-fetch-mode: navigate
    sec-fetch-site: cross-site
    sec-fetch-user: ?1


    Philippe


    CONFIDENTIALITY NOTICE: This= email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.


    CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you. 
    _______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

    --=20
Jim Manico
Manicode Security
https://www.m=
anicode.com

    CONFIDENTIALITY NOTICE: This email may contain confidential and pr= ivileged material for the sole use of the intended recipient(s). Any review,= use, distribution or disclosure by others is strictly prohibited.  If y= ou have received this communication in error, please notify the sender immed= iately by e-mail and delete the message and any file attachments from your c= omputer. Thank you._________________________________= ______________
    OAuth mailing list
    OAuth@ietf= .org
    https://www.ietf.org/mailman/listinfo/oauth
    <= /div>

    ForgeRock values your Privacy= _______________________________________________
    OAuth m= ailing list
    OAuth@ietf.org
    https://www.googl= e.com/url?q=3Dhttps://www.ietf.org/mailman/listinfo/oauth&source=3Dgmail= -imap&ust=3D1608362770000000&usg=3DAOvVaw31Ss8FnOZiHe2e0_3e_uNg

    ForgeRock values your Privacy= --Apple-Mail-9C0FEE5B-5A63-471E-B5E6-F4755B5E22B8-- --Apple-Mail-91CC7FB4-B502-4069-9CD2-2D1FCD3E2D11 Content-Type: application/pkcs7-signature; name=smime.p7s Content-Disposition: attachment; filename=smime.p7s Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADCABgkqhkiG9w0BBwEAAKCCBPgw ggT0MIID3KADAgECAhBpfEIkHQiWmzF6zDsgdF+DMA0GCSqGSIb3DQEBCwUAMIGNMQswCQYDVQQG EwJJVDEQMA4GA1UECAwHQmVyZ2FtbzEZMBcGA1UEBwwQUG9udGUgU2FuIFBpZXRybzEjMCEGA1UE CgwaQWN0YWxpcyBTLnAuQS4vMDMzNTg1MjA5NjcxLDAqBgNVBAMMI0FjdGFsaXMgQ2xpZW50IEF1 dGhlbnRpY2F0aW9uIENBIEcyMB4XDTIwMDIyMzE3MjEzOVoXDTIxMDIyMzE3MjEzOVowIjEgMB4G A1UEAwwXdG9yc3RlbkBsb2RkZXJzdGVkdC5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQCrIaCISpAU98m6ZkDyUR3My5imAF4TKQk8eqo+oQ06PTWT/3yJXujVCjjOqOl8p11v/RoN Gf8zqYbBsqGBuJx2NyxFmAnmCjcbnxihQdcmuxLm6izvxr2MawOovDheMXnfmGy/Ns5Fs6bd+M5F jCNhP+Gljvgm/SFq1skvs7YUX2FxZmh+xPMm3FZ/a6Lyhkrd3JHzEqv8VWY69Aehezg39OuPJEpb IdjK/eBcmaIG0qn5RQdXLByJYfXhepyVAZPJT5rAgaIQL/IjSIVInxf3FxOv+ELMAErclws6mKzy zkY2JiItPEpKWzAWGCxCX2o0JjVj1f7xgaunLfJ+Ec0lAgMBAAGjggG4MIIBtDAMBgNVHRMBAf8E AjAAMB8GA1UdIwQYMBaAFGvyjZ5owSUEH1E0V/YWXJTqTWkaMH4GCCsGAQUFBwEBBHIwcDA7Bggr BgEFBQcwAoYvaHR0cDovL2NhY2VydC5hY3RhbGlzLml0L2NlcnRzL2FjdGFsaXMtYXV0Y2xpZzIw MQYIKwYBBQUHMAGGJWh0dHA6Ly9vY3NwMDkuYWN0YWxpcy5pdC9WQS9BVVRIQ0wtRzIwIgYDVR0R BBswGYEXdG9yc3RlbkBsb2RkZXJzdGVkdC5uZXQwRwYDVR0gBEAwPjA8BgYrgR8BGAEwMjAwBggr BgEFBQcCARYkaHR0cHM6Ly93d3cuYWN0YWxpcy5pdC9hcmVhLWRvd25sb2FkMB0GA1UdJQQWMBQG CCsGAQUFBwMCBggrBgEFBQcDBDBIBgNVHR8EQTA/MD2gO6A5hjdodHRwOi8vY3JsMDkuYWN0YWxp cy5pdC9SZXBvc2l0b3J5L0FVVEhDTC1HMi9nZXRMYXN0Q1JMMB0GA1UdDgQWBBSuRfshihlGSEJ7 2UeyOZRJ1YYyMDAOBgNVHQ8BAf8EBAMCBaAwDQYJKoZIhvcNAQELBQADggEBAH/3ECMSOoOLiwCe GsBj/WWnUhXvZyHmz3LW0DVdH3s30b2HWpomEVNDN3cWt4QSRhISqV0xyyChL6THhDY+Um2mo+z/ L5fxHd3MjhzvYKwUtLUJdWRgymlUBO9zNKi/IMVYv3O+mpOHuQrgtMaV9luDPRYPZrhF9y/InTZE tb+FOrF9ykIRlYgMzqSKjuqFmmYO4d6GkbgfGKFZsAjkySjM9BUBLb70MdysOTxZ/HtZguIKfZ4q CveZ9ZKe+LGsIpt5bFAs1LHIMBUlTCsuVIq2lD3TmScWbELn+Ace7WwKc+08GqOWZzUot5fkiIx3 /crnd7HTmUfqi0yCylHY62wxggOpMIIDpQIBATCBojCBjTELMAkGA1UEBhMCSVQxEDAOBgNVBAgM B0JlcmdhbW8xGTAXBgNVBAcMEFBvbnRlIFNhbiBQaWV0cm8xIzAhBgNVBAoMGkFjdGFsaXMgUy5w LkEuLzAzMzU4NTIwOTY3MSwwKgYDVQQDDCNBY3RhbGlzIENsaWVudCBBdXRoZW50aWNhdGlvbiBD QSBHMgIQaXxCJB0Ilpsxesw7IHRfgzANBglghkgBZQMEAgEFAKCCAdcwGAYJKoZIhvcNAQkDMQsG CSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMjAxMjEzMDkxMTM4WjAvBgkqhkiG9w0BCQQxIgQg XQG9w9CWEkN8u4suUgYdd/Fq37XckzmtX6L1xChBEEowgbMGCSsGAQQBgjcQBDGBpTCBojCBjTEL MAkGA1UEBhMCSVQxEDAOBgNVBAgMB0JlcmdhbW8xGTAXBgNVBAcMEFBvbnRlIFNhbiBQaWV0cm8x IzAhBgNVBAoMGkFjdGFsaXMgUy5wLkEuLzAzMzU4NTIwOTY3MSwwKgYDVQQDDCNBY3RhbGlzIENs aWVudCBBdXRoZW50aWNhdGlvbiBDQSBHMgIQaXxCJB0Ilpsxesw7IHRfgzCBtQYLKoZIhvcNAQkQ AgsxgaWggaIwgY0xCzAJBgNVBAYTAklUMRAwDgYDVQQIDAdCZXJnYW1vMRkwFwYDVQQHDBBQb250 ZSBTYW4gUGlldHJvMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8wMzM1ODUyMDk2NzEsMCoGA1UE AwwjQWN0YWxpcyBDbGllbnQgQXV0aGVudGljYXRpb24gQ0EgRzICEGl8QiQdCJabMXrMOyB0X4Mw DQYJKoZIhvcNAQELBQAEggEAfrsuHDlYlNlQ0cA0Y3Y7uI3ur1djneXu1crH5H0raD6feqvm4DGq oOUGxwnEsxGnfZLkcn652g4UwbK1Y3gaheTa4fHO1CtD/vJ+f4jSqlPu2HevEU9Ecq/od5/+vrie c9daojjGwe2VKMtJGOmtljsVgzKQrtJmCilSU2xYdXmx4XvT23CU56KdAzGO+m6UqqmPLZspEA05 GmD1kjEqYJim2dSFY8vdp1ILEy/hmOWQQd9WSLCLbstdkvZNkEAkk4kLu5wp+2/X6KYjJWQlaZqr s3Z9bAZx61/CVgyaJPz/FekgKCltmwxUFn/rrLWxulfviSEO95o8YsQPfbHG3gAAAAAAAA== --Apple-Mail-91CC7FB4-B502-4069-9CD2-2D1FCD3E2D11-- From nobody Sun Dec 13 04:45:44 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0FFD33A16E3 for ; Sun, 13 Dec 2020 04:45:43 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.198 X-Spam-Level: X-Spam-Status: No, score=-0.198 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=forgerock.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HGQPCpmVD6Mz for ; Sun, 13 Dec 2020 04:45:40 -0800 (PST) Received: from mail-ed1-x536.google.com (mail-ed1-x536.google.com [IPv6:2a00:1450:4864:20::536]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 58C853A16E1 for ; Sun, 13 Dec 2020 04:45:39 -0800 (PST) Received: by mail-ed1-x536.google.com with SMTP id c7so14247975edv.6 for ; Sun, 13 Dec 2020 04:45:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=forgerock.com; s=google; h=from:mime-version:subject:date:message-id:references:cc:in-reply-to :to:content-transfer-encoding; bh=OPe6qOkwphDpGYNDZZF6A6PMUbRlKNSaSJ7NEaLKQYs=; b=Bi5jQeEPkOV4h+H5ULa5dfypv1w23lANyGxOb7L8dxOjkM9ip8EzgTo9svwt8KiBb7 lCwSqL8mGlr+IGg5F8e0V1GgLtZePLfCZ379yfz3YNt0GNrM12ZPwwxgKs99lPoD7FH5 dMPfcFYVgYlZQIkeRV4QNkItM0RQcq2/033GU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:mime-version:subject:date:message-id :references:cc:in-reply-to:to:content-transfer-encoding; bh=OPe6qOkwphDpGYNDZZF6A6PMUbRlKNSaSJ7NEaLKQYs=; b=DBv88bhgil9B9UGok0GLzQI6oaGuusAC8Q1RoSLjTRdmiX97ZMJoZgFICS8JtJYXzV 8SPrCT//uEA1o5s0/CScYDK1Hg1GY9QdLVgtYGrnO90j/7m+a3iYCZp3IohxXLPECGJh vUrlz3xTRLshtv2BfoBxoMH/647JJv0J5DIUt9PJd47opkcOHckCi+XqKnmAQ98eyE+l FchZaIOb2kR49WKXiBv79kTN6V6VKSH4AcgqlXamnSeDbv4BItTC9Wctx87l+V2VdgSw It7ruy3Lu7DQNAyzhrrD6s1F/A9+hnzwopXLwMxhOdLlmYw+cH3eZvW7kd/5wdA9HXu8 xffw== X-Gm-Message-State: AOAM531wrEgty16sqI3c++kD3JRgmMuyGQdU9mGdx3wkA4ZS2XN70akL 8FiStKM1Rb43qEi8mWF9Of5fdRNl7hcxH2ko/pZvNddWfiGEaRLbltXhzz2kAwCpo1NaEoT+DA= = X-Google-Smtp-Source: ABdhPJziDazNq009+tGPMYf8Hdm5vtQYb76xBdBcDB4tuVCwY0IzSW8SCRF7DG9/YKENSRL9Seq7Jg== X-Received: by 2002:a05:6402:c0b:: with SMTP id co11mr19909367edb.180.1607863538119; Sun, 13 Dec 2020 04:45:38 -0800 (PST) Received: from [10.0.0.17] (251.207.159.143.dyn.plus.net. [143.159.207.251]) by smtp.gmail.com with ESMTPSA id j7sm13259719edp.52.2020.12.13.04.45.37 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sun, 13 Dec 2020 04:45:37 -0800 (PST) From: Neil Madden Mime-Version: 1.0 (1.0) Date: Sun, 13 Dec 2020 12:45:35 +0000 Message-Id: <16638B24-4C8B-4758-8CCF-0BD20C1C608C@forgerock.com> References: Cc: Brian Campbell , oauth In-Reply-To: To: Torsten Lodderstedt X-Mailer: iPhone Mail (18B92) Content-Type: multipart/alternative; boundary=Apple-Mail-DBC38558-8515-4D69-B89C-F762ABA674E6 Content-Transfer-Encoding: 7bit Archived-At: Subject: Re: [OAUTH-WG] DPoP followup I: freshness and coverage of signature X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Dec 2020 12:45:43 -0000 --Apple-Mail-DBC38558-8515-4D69-B89C-F762ABA674E6 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable > On 13 Dec 2020, at 09:11, Torsten Lodderstedt w= rote: > [...] >>=20 >>> - generating (self contained) or using (handles) per URL access tokens = might be rather expensive. Can you sketch out how you wanna cope with that = challenge? >>=20 >> A decent HMAC implementation takes about 1-2 microseconds for typical si= ze of token we=E2=80=99re talking about.=20 >=20 > The generation of a self contained access token typically requires queryi= ng claim values from at least a single data source. That might take more ti= me. For handle based tokens/token introspection, one needs to add the time = it takes to obtain the token data, which requires a HTTPS communication. Th= at could be even more time consuming. This is typically true of identity-based tokens, where access to a resource= is based on who is accessing it. But in a capability-based model this is n= ot the case and the capability itself grants access and is not (usually) ti= ed to an individual identity.=20 Where you do want to include claims in a token, or tie capabilities to an i= dentity, then there are more efficient strategies than looking up those cla= ims every time you create a new capability token. For example, in my book I= implement a variant in which simple capability URIs are used for access bu= t these are bound to a traditional identity-based session cookie that can b= e used to look up identity attributes as required. This provides security b= enefits to both the cookie (CSRF protection) and the capability URIs (linke= d to a HttpOnly cookie makes them harder to steal).=20 If you use macaroons then typically you=E2=80=99d mint a single token with = the claims in it and then derive lots of individual tokens from it by appen= ding caveats. For example, when generating a directory listing in a Dropbox= -like app you=E2=80=99d mint a single token with details of the user etc an= d then derive individual tokens to access each file by appending a caveat l= ike =E2=80=9Cfile =3D /path/to/specific/file=E2=80=9D.=20 =E2=80=94 Neil --=20 ForgeRock values your Privacy --Apple-Mail-DBC38558-8515-4D69-B89C-F762ABA674E6 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable

    On 13 Dec 2020, at 09:11, Torsten Loddersted= t <torsten@lodderstedt.net> wrote:
    [...]

    - generating (self contained) or using (handles) per URL= access tokens might be rather expensive. Can you sketch out how you wanna = cope with that challenge?

    A decent HMAC implementation takes about 1-2 microsecond= s for typical size of token we=E2=80=99re talking about. 
    <= /div>

    The generation of a self contained access = token typically requires querying claim values from at least a single data = source. That might take more time. For handle based tokens/token introspect= ion, one needs to add the time it takes to obtain the token data, which req= uires a HTTPS communication. That could be even more time consuming.
    <= /blockquote>

    This is typically true of identity-based to= kens, where access to a resource is based on who is accessing it. But in a = capability-based model this is not the case and the capability itself grant= s access and is not (usually) tied to an individual identity. 

    Where you do want to include claims in a token, or tie ca= pabilities to an identity, then there are more efficient strategies than lo= oking up those claims every time you create a new capability token. For exa= mple, in my book I implement a variant in which simple capability URIs are = used for access but these are bound to a traditional identity-based session= cookie that can be used to look up identity attributes as required. This p= rovides security benefits to both the cookie (CSRF protection) and the capa= bility URIs (linked to a HttpOnly cookie makes them harder to steal). =

    If you use macaroons then typically you=E2=80=99d= mint a single token with the claims in it and then derive lots of individu= al tokens from it by appending caveats. For example, when generating a dire= ctory listing in a Dropbox-like app you=E2=80=99d mint a single token with = details of the user etc and then derive individual tokens to access each fi= le by appending a caveat like =E2=80=9Cfile =3D /path/to/specific/file=E2= =80=9D. 

    =E2=80=94 Neil
    ForgeRock values your Privacy --Apple-Mail-DBC38558-8515-4D69-B89C-F762ABA674E6-- From nobody Sun Dec 13 19:49:28 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8A8F93A0E50 for ; Sun, 13 Dec 2020 19:49:27 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.198 X-Spam-Level: X-Spam-Status: No, score=-0.198 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_FONT_FACE_BAD=0.001, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=manicode.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YC6BMSArrdQc for ; Sun, 13 Dec 2020 19:49:24 -0800 (PST) Received: from mail-pf1-x430.google.com (mail-pf1-x430.google.com [IPv6:2607:f8b0:4864:20::430]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6B4873A0E4D for ; Sun, 13 Dec 2020 19:49:24 -0800 (PST) Received: by mail-pf1-x430.google.com with SMTP id 11so11212225pfu.4 for ; Sun, 13 Dec 2020 19:49:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=manicode.com; s=google; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language; bh=Sq4XXxEtDJkeCpntsYIFQYtWAz+nV2ZHVzjHrD/C8C8=; b=QSZhW4R/Fj0drJzakjTcirI0IJ/OsXnDVr93F9xk9iGS6EI7bZIHsLHsW+7sYKI62J TG1nyp5cgXk5vQhOYCo1jrRO2BEmfoSKaL94eOku/AJtTM008gsY1uU9uTPoOKt6SnSw L4nKEKbQtcD1SNv6w/kdMbS2GlSkxSVXGMOCOLWVKKuWkkfm15LeSKlfNuSq5NW0/opK f0chkS983Po53LgEoAtynhDy6ic/Sp4qzofhkpR4UB/ZTQKuNY80j7I8xnSSkB8fM/95 zHyXP3jMQlFcMkPLA+6ScqvBEpillZEbMtXyRuo620vyXyJIjqUYaEIr3wIXEwMhIlAw l4hw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language; bh=Sq4XXxEtDJkeCpntsYIFQYtWAz+nV2ZHVzjHrD/C8C8=; b=JmSmGm/zb8re06z3ryfZmLJxLci6N6MNLRfR/WPpfRPQ8mI+Dg1llHvvI1Ja2i7BjR 2zq/K9MRJrSU+Yy7scSPLzguNYIlKxhlIXaCMz/yRlEO1g6zXgbfwEckQYx7zB53xvAA ra+pylZgwP4tEaLD12FGZp9cFgWac+2CSVFGA8aZBSpNiwq+BjXorTcLfOZJktbmT8no wIgektnRD5+2LdaNZYwOkNIq1OTLBk1lQdYfPuWELXuGyDwRUt81HIb8CBbdpxxka4lP UN94aI5LQzG8MHNQVsDm1vfi/gmOMLxZnsj4OGjqHWbZAYy7KlKz6aM/ogzdei+tUzel EYiw== X-Gm-Message-State: AOAM530Nv0QvMAXhsffrwW+go9mFKeTtp/Bb4UliLqHUfysKPDR3mYFS IDnwCTUQ52LKJOYGdNmosRH1ODCkkoJt+Q== X-Google-Smtp-Source: ABdhPJzvtBDZe+Hp9datFvYXYOxAFi9DqPIpC8iJKv0cu3/38MARvC00d85pMPVVMDNM97Pf2E/z6w== X-Received: by 2002:a62:62c7:0:b029:18b:c7ae:934a with SMTP id w190-20020a6262c70000b029018bc7ae934amr21888786pfb.18.1607917763246; Sun, 13 Dec 2020 19:49:23 -0800 (PST) Received: from ?IPv6:2603:800c:3340:5d:fc04:18c5:3159:9290? (2603-800c-3340-005d-fc04-18c5-3159-9290.res6.spectrum.com. [2603:800c:3340:5d:fc04:18c5:3159:9290]) by smtp.googlemail.com with ESMTPSA id h24sm17888121pfq.13.2020.12.13.19.49.20 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sun, 13 Dec 2020 19:49:21 -0800 (PST) To: Brian Campbell Cc: Philippe De Ryck , oauth References: <30D5F7BA-EA54-4E40-A2FC-222AA0C9AF8D@lodderstedt.net> <353E4494-2F80-44BC-9267-6FB8B37AA0FE@lodderstedt.net> <1B663AA7-563D-4D25-A408-9ED10FD818AC@forgerock.com> <6b389264-96c2-497b-d8f5-204cf430bec1@manicode.com> From: Jim Manico Message-ID: <7d793da6-28d9-b31a-4b16-07c3396c017f@manicode.com> Date: Sun, 13 Dec 2020 17:49:18 -1000 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.16; rv:78.0) Gecko/20100101 Thunderbird/78.5.1 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/alternative; boundary="------------411BE829BB204DEE07D3DF5C" Content-Language: en-US Archived-At: Subject: Re: [OAUTH-WG] DPoP followup I: freshness and coverage of signature X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Dec 2020 03:49:28 -0000 This is a multi-part message in MIME format. --------------411BE829BB204DEE07D3DF5C Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Brian, I just focus on web security and understand the risk of XSS well. It seems to me that many of the designers of OAuth 2 do not have a web security background and keep trying to address XSS with add-ons without success. - Jim On 12/11/20 2:01 PM, Brian Campbell wrote: > I think that puts Jim in the XSS Nihilism camp :) > > Implicit type flows are being deprecated/discouraged. But keeping > tokens out of browsers doesn't seem likely. There is some menton of > CSP in > https://tools.ietf.org/html/draft-ietf-oauth-browser-based-apps-07#section-9.7 > > > > On Wed, Dec 9, 2020 at 4:10 PM Jim Manico > wrote: > > The basic theme from the web attacker community is: > > 1) XSS is a game over event to web clients. XSS can steal or abuse > (request forgery) tokens, and more. > > 2) Even if you prevent stolen tokens from being used outside of a > web client, XSS still allows the attacker to force a user to make > any request in a fraudulent way, abusing browser based tokens as a > form of request forgery. > > 3) There are advanced measures to stop a token from being stolen > from a web client, like a HTTPonly cookies and to a lesser degree, > JS Closures and Webworkers. > > 4) However, these measures to protect cookies are mostly moot. > Attackers can just force clients to make fraudulent requests. > > 5) Many recommend the BFF pattern to hide tokens on the back end, > but still, request forgery via XSS allows all kinds of abuse. > > XSS is game over no matter how you slice it. > > Crypto solutions do not help. Perhaps the world of OAuth can start > suggesting that web clients use CSP 3.0 in specific ways, if you > still plan to support Implicit type flows or tokens in browsers? > > Respectfully, > > - Jim > > > On 12/9/20 12:57 PM, Brian Campbell wrote: >> Thanks Philippe, I very much concur with your line of reasoning >> and the important considerations. The scenario I was thinking of >> is: browser based client where XSS is used to exfiltrate the >> refresh token along with pre-computed proofs that would allow for >> the RT to be exchanged for new access tokens and also >> pre-computed proofs that would work with those access tokens for >> resource access. With the pre-computed proofs that would allow >> prolonged (as long as the RT is valid) access to protected >> resources even when the victim is offline. Is that a concrete >> attack scenario? I mean, kind of. It's pretty convoluted/complex. >> And while an access token hash would reign it in somewhat (ATs >> obtained from the stolen RT wouldn't be usable) it's hard to say >> if the cost is worth the benefit. >> >> >> >> On Tue, Dec 8, 2020 at 11:47 PM Philippe De Ryck >> > > wrote: >> >> Yeah, browser-based apps are pure fun, aren’t they? :) >> >> The reason I covered a couple of (pessimistic) XSS scenarios >> is that the discussion started with an assumption that the >> attacker already successfully exploited an XSS vulnerability. >> I pointed out how, at that point, finetuning DPoP proof >> contents will have little to no effect to stop an attack. I >> believe it is important to make this very clear, to avoid >> people turning to DPoP as a security mechanism for >> browser-based applications. >> >> >> Specifically to your question on including the hash in the >> proof, I think these considerations are important: >> >> 1. Does the inclusion of the AT hash stop a concrete attack >> scenario? >> 2. Is the “cost” (implementation, getting it right, …) worth >> the benefits? >> >> >> Here’s my view on these considerations (*/specifically for >> browser-based apps, not for other types of applications/*): >> >> 1. The proof precomputation attack is already quite complex, >> and short access token lifetimes already reduce the window of >> attack. If the attacker can steal a future AT, they could >> also precompute new proofs then. >> 2. For browser-based apps, it seems that doing this >> complicates the implementation, without adding much benefit. >> Of course, libraries could handle this, which significantly >> reduces the cost. >> >> >> Note that these comments are specifically to complicating the >> spec and implementation. DPoP’s capabilities of using >> sender-constrained access tokens are still useful to counter >> various other scenarios (e.g., middleboxes or APIs abusing >> access tokens). If other applications would significantly >> benefit from having the hash in the proof, I’m all for it. >> >> On a final note, I would be happy to help clear up the >> details on web-based threats and defenses if necessary. >> >> — >> *Pragmatic Web Security* >> /Security for developers/ >> https://pragmaticwebsecurity.com/ >> >> >> >>> On 8 Dec 2020, at 22:47, Brian Campbell >>> >> > wrote: >>> >>> Danial recently added some text to the working copy of the >>> draft with >>> https://github.com/danielfett/draft-dpop/commit/f4b42058 >>> >>> that I think aims to better convey the "nutshell: XSS = Game >>> over" sentiment and maybe dissuade folks from looking to >>> DPoP as a cure-all for browser based applications. >>> Admittedly a lot of the initial impetus behind producing the >>> draft in the first place was born out of discussions around >>> browser based apps. But it's neither specific to browser >>> based apps nor a panacea for them. I hope the language in >>> the document and how it's recently been presented is >>> reflective of that reality. >>> >>> The more specific discussions/recommendations around >>> in-browser apps are valuable (if somewhat over my head) but >>> might be more appropriate in the OAuth 2.0 for Browser-Based >>> Apps >>> >>> draft. >>> >>> With respect to the contents of the DPoP draft, I am still >>> keen to try and flush out some consensus around the question >>> posed in the start of this thread, which is effectively >>> whether or not to include a hash of the access token in the >>> proof.  Acknowledging that "XSS = Game over" does sort of >>> evoke a tendency to not even bother with such incremental >>> protections (what I've tried to humorously coin as "XSS >>> Nihilism" with no success). And as such, I do think that >>> leaving it how it is (no AT hash in the proof) is not >>> unreasonable. But, as Filip previously articulated, >>> including the AT hash in the proof would prevent potentially >>> prolonged access to protected resources even when the victim >>> is offline. And that seems maybe worthwhile to have in the >>> protocol, given that it's not a huge change to the spec. But >>> it's a trade-off either way and I'm personally on the fence >>> about it. >>> >>> Including an RT hash in the proof seems more niche. Best I >>> can tell, it would guard against prolonged offline access to >>> protected resources when access tokens are bearer and the RT >>> was DPoP-bound and also gets rotated. The trade-off there >>> seems less worth it (I think an RT hash would be more >>> awkward in the protocol too). >>> >>> >>> >>> >>> >>> >>> >>> On Fri, Dec 4, 2020 at 5:40 AM Philippe De Ryck >>> >> > wrote: >>> >>> >>>> The suggestion to use a web worker to ensure that >>>> proofs cannot be pre-computed is a good one I think. >>>> (You could also use a sandboxed iframe for a separate >>>> sub/sibling-domain - dpop.example.com >>>> ). >>> >>> An iframe with a different origin would also work (not >>> really sandboxing, as that implies the use of the >>> sandbox attribute to enforce behavioral restrictions). >>> The downside of an iframe is the need to host additional >>> HTML, vs a script file for the worker, but the effect is >>> indeed the same. >>> >>>> For scenario 4, I think this only works if the attacker >>>> can trick/spoof the AS into using their redirect_uri? >>>> Otherwise the AC will go to the legitimate app which >>>> will reject it due to mismatched state/PKCE. Or are you >>>> thinking of XSS on the redirect_uri itself? I think >>>> probably a good practice is that the target of a >>>> redirect_uri should be a very minimal and locked down >>>> page to avoid this kind of possibility. (Again, using a >>>> separate sub-domain to handle tokens and DPoP seems >>>> like a good idea). >>> >>> My original thought was to use a silent flow with Web >>> Messaging. The scenario would go as follows: >>> >>> 1. Setup a Web Messaging listener to receive the >>> incoming code >>> 2. Create a hidden iframe with the DOM APIs >>> 3. Create an authorization request such as >>> “//authorize?response_type=code&client_id=...&redirect_uri=https%3A%2F%example.com >>> &state=...&code_challenge=7-ffnU1EzHtMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_challenge_method=S256&prompt=none&response_mode=web_message/” >>> 4. Load this URL in the iframe, and wait for the result >>> 5. Retrieve code in the listener, and use PKCE (+ DPoP >>> if needed) to exchange it for tokens >>> >>> This puts the attacker in full control over every aspect >>> of the flow, so no need to manipulate any of the parameters. >>> >>> >>> After your comment, I also believe an attacker can run >>> the same scenario without the >>> “/response_mode=web_message/”. This would go as follows: >>> >>> 1. Create a hidden iframe with the DOM APIs >>> 2. Setup polling to read the URL (this will be possible >>> for same-origin pages, not for cross-origin pages) >>> 3. Create an authorization request such as >>> “//authorize?response_type=code&client_id=...&redirect_uri=https%3A%2F%example.com >>> &state=...&code_challenge=7-ffnU1EzHtMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_challenge_method=S256/” >>> 4. Load this URL in the iframe, and keep polling >>> 5. Detect the redirect back to the application with the >>> code in the URL, retrieve code, and use PKCE (+ DPoP if >>> needed) to exchange it for tokens >>> >>> In step 5, the application is likely to also try to >>> exchange the code. This will fail due to a mismatching >>> PKCE verifier. While noisy, I don’t think it affects the >>> scenario. >>> >>> >>>> IMO, the online attack scenario (i.e., proxying >>>> malicious requests through the victim’s browser) is >>>> quite appealing to an attacker, despite the apparent >>>> inconvenience: >>>> >>>>  - the victim’s browser may be inside a corporate >>>> firewall or VPN, allowing the attacker to effectively >>>> bypass these restrictions >>>>  - the attacker’s traffic is mixed in with the user’s >>>> own requests, making them harder to distinguish or to block >>>> >>>> Overall, DPoP can only protect against XSS to the same >>>> level as HttpOnly cookies. This is not nothing, but it >>>> means it only prevents relatively naive attacks. Given >>>> the association of public key signatures with strong >>>> authentication, people may have overinflated >>>> expectations if DPoP is pitched as an XSS defence. >>> >>> Yes, in the cookie world this is known as “Session >>> Riding”. Having the worker for token isolation would >>> make it possible to enforce a coarse-grained policy on >>> outgoing requests to prevent total abuse of the AT. >>> >>> My main concern here is the effort of doing DPoP in a >>> browser versus the limited gains. It may also give a >>> false sense of security. >>> >>> >>> >>> With all this said, I believe that the AS can lock down >>> its configuration to reduce these attack vectors. A few >>> initial ideas: >>> >>> 1. Disable silent flows for SPAs using RT rotation >>> 2. Use the sec-fetch headers to detect and reject >>> non-silent iframe-based flows >>> >>> For example,  an OAuth 2.0 flow in an iframe in >>> Brave/Chrome carries these headers: >>> / >>> sec-fetch-dest: iframe >>> sec-fetch-mode: navigate >>> sec-fetch-site: cross-site >>> sec-fetch-user: ?1 >>> / >>> >>> >>> Philippe >>> >>> >>> /CONFIDENTIALITY NOTICE: This email may contain confidential >>> and privileged material for the sole use of the intended >>> recipient(s). Any review, use, distribution or disclosure by >>> others is strictly prohibited.  If you have received this >>> communication in error, please notify the sender immediately >>> by e-mail and delete the message and any file attachments >>> from your computer. Thank you./ >> >> >> /CONFIDENTIALITY NOTICE: This email may contain confidential and >> privileged material for the sole use of the intended >> recipient(s). Any review, use, distribution or disclosure by >> others is strictly prohibited.  If you have received this >> communication in error, please notify the sender immediately by >> e-mail and delete the message and any file attachments from your >> computer. Thank you./ >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth > > -- > Jim Manico > Manicode Security > https://www.manicode.com > > > /CONFIDENTIALITY NOTICE: This email may contain confidential and > privileged material for the sole use of the intended recipient(s). Any > review, use, distribution or disclosure by others is strictly > prohibited.  If you have received this communication in error, please > notify the sender immediately by e-mail and delete the message and any > file attachments from your computer. Thank you./ -- Jim Manico Manicode Security https://www.manicode.com --------------411BE829BB204DEE07D3DF5C Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 8bit

    Brian,

    I just focus on web security and understand the risk of XSS well. It seems to me that many of the designers of OAuth 2 do not have a web security background and keep trying to address XSS with add-ons without success.

    - Jim

    On 12/11/20 2:01 PM, Brian Campbell wrote:
    I think that puts Jim in the XSS Nihilism camp :) 

    Implicit type flows are being deprecated/discouraged. But keeping tokens out of browsers doesn't seem likely. There is some menton of CSP in https://tools.ietf.org/html/draft-ietf-oauth-browser-based-apps-07#section-9.7

    On Wed, Dec 9, 2020 at 4:10 PM Jim Manico <jim@manicode.com> wrote:

    The basic theme from the web attacker community is:

    1) XSS is a game over event to web clients. XSS can steal or abuse (request forgery) tokens, and more.

    2) Even if you prevent stolen tokens from being used outside of a web client, XSS still allows the attacker to force a user to make any request in a fraudulent way, abusing browser based tokens as a form of request forgery.

    3) There are advanced measures to stop a token from being stolen from a web client, like a HTTPonly cookies and to a lesser degree, JS Closures and Webworkers.

    4) However, these measures to protect cookies are mostly moot. Attackers can just force clients to make fraudulent requests.

    5) Many recommend the BFF pattern to hide tokens on the back end, but still, request forgery via XSS allows all kinds of abuse.

    XSS is game over no matter how you slice it.

    Crypto solutions do not help. Perhaps the world of OAuth can start suggesting that web clients use CSP 3.0 in specific ways, if you still plan to support Implicit type flows or tokens in browsers?

    Respectfully,

    - Jim


    On 12/9/20 12:57 PM, Brian Campbell wrote:
    Thanks Philippe, I very much concur with your line of reasoning and the important considerations. The scenario I was thinking of is: browser based client where XSS is used to exfiltrate the refresh token along with pre-computed proofs that would allow for the RT to be exchanged for new access tokens and also pre-computed proofs that would work with those access tokens for resource access. With the pre-computed proofs that would allow prolonged (as long as the RT is valid) access to protected resources even when the victim is offline. Is that a concrete attack scenario? I mean, kind of. It's pretty convoluted/complex. And while an access token hash would reign it in somewhat (ATs obtained from the stolen RT wouldn't be usable) it's hard to say if the cost is worth the benefit.



    On Tue, Dec 8, 2020 at 11:47 PM Philippe De Ryck <philippe@pragmaticwebsecurity.com> wrote:
    Yeah, browser-based apps are pure fun, aren’t they? :)

    The reason I covered a couple of (pessimistic) XSS scenarios is that the discussion started with an assumption that the attacker already successfully exploited an XSS vulnerability. I pointed out how, at that point, finetuning DPoP proof contents will have little to no effect to stop an attack. I believe it is important to make this very clear, to avoid people turning to DPoP as a security mechanism for browser-based applications.


    Specifically to your question on including the hash in the proof, I think these considerations are important:

    1. Does the inclusion of the AT hash stop a concrete attack scenario?
    2. Is the “cost” (implementation, getting it right, …) worth the benefits?


    Here’s my view on these considerations (specifically for browser-based apps, not for other types of applications):

    1. The proof precomputation attack is already quite complex, and short access token lifetimes already reduce the window of attack. If the attacker can steal a future AT, they could also precompute new proofs then. 
    2. For browser-based apps, it seems that doing this complicates the implementation, without adding much benefit. Of course, libraries could handle this, which significantly reduces the cost. 


    Note that these comments are specifically to complicating the spec and implementation. DPoP’s capabilities of using sender-constrained access tokens are still useful to counter various other scenarios (e.g., middleboxes or APIs abusing access tokens). If other applications would significantly benefit from having the hash in the proof, I’m all for it.

    On a final note, I would be happy to help clear up the details on web-based threats and defenses if necessary.


    Pragmatic Web Security
    Security for developers
    https://pragmaticwebsecurity.com/


    On 8 Dec 2020, at 22:47, Brian Campbell <bcampbell@pingidentity.com> wrote:

    Danial recently added some text to the working copy of the draft with https://github.com/danielfett/draft-dpop/commit/f4b42058 that I think aims to better convey the "nutshell: XSS = Game over" sentiment and maybe dissuade folks from looking to DPoP as a cure-all for browser based applications. Admittedly a lot of the initial impetus behind producing the draft in the first place was born out of discussions around browser based apps. But it's neither specific to browser based apps nor a panacea for them. I hope the language in the document and how it's recently been presented is reflective of that reality.

    The more specific discussions/recommendations around in-browser apps are valuable (if somewhat over my head) but might be more appropriate in the OAuth 2.0 for Browser-Based Apps draft.

    With respect to the contents of the DPoP draft, I am still keen to try and flush out some consensus around the question posed in the start of this thread, which is effectively whether or not to include a hash of the access token in the proof.  Acknowledging that "XSS = Game over" does sort of evoke a tendency to not even bother with such incremental protections (what I've tried to humorously coin as "XSS Nihilism" with no success). And as such, I do think that leaving it how it is (no AT hash in the proof) is not unreasonable. But, as Filip previously articulated, including the AT hash in the proof would prevent potentially prolonged access to protected resources even when the victim is offline. And that seems maybe worthwhile to have in the protocol, given that it's not a huge change to the spec. But it's a trade-off either way and I'm personally on the fence about it.

    Including an RT hash in the proof seems more niche. Best I can tell, it would guard against prolonged offline access to protected resources when access tokens are bearer and the RT was DPoP-bound and also gets rotated. The trade-off there seems less worth it (I think an RT hash would be more awkward in the protocol too).







    On Fri, Dec 4, 2020 at 5:40 AM Philippe De Ryck <philippe@pragmaticwebsecurity.com> wrote:

    The suggestion to use a web worker to ensure that proofs cannot be pre-computed is a good one I think. (You could also use a sandboxed iframe for a separate sub/sibling-domain - dpop.example.com).

    An iframe with a different origin would also work (not really sandboxing, as that implies the use of the sandbox attribute to enforce behavioral restrictions). The downside of an iframe is the need to host additional HTML, vs a script file for the worker, but the effect is indeed the same.

    For scenario 4, I think this only works if the attacker can trick/spoof the AS into using their redirect_uri? Otherwise the AC will go to the legitimate app which will reject it due to mismatched state/PKCE. Or are you thinking of XSS on the redirect_uri itself? I think probably a good practice is that the target of a redirect_uri should be a very minimal and locked down page to avoid this kind of possibility. (Again, using a separate sub-domain to handle tokens and DPoP seems like a good idea).

    My original thought was to use a silent flow with Web Messaging. The scenario would go as follows:

    1. Setup a Web Messaging listener to receive the incoming code
    2. Create a hidden iframe with the DOM APIs
    3. Create an authorization request such as “/authorize?response_type=code&client_id=...&redirect_uri=https%3A%2F%example.com&state=...&code_challenge=7-ffnU1EzHtMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_challenge_method=S256&prompt=none&response_mode=web_message
    4. Load this URL in the iframe, and wait for the result
    5. Retrieve code in the listener, and use PKCE (+ DPoP if needed) to exchange it for tokens

    This puts the attacker in full control over every aspect of the flow, so no need to manipulate any of the parameters.


    After your comment, I also believe an attacker can run the same scenario without the “response_mode=web_message”. This would go as follows:

    1. Create a hidden iframe with the DOM APIs
    2. Setup polling to read the URL (this will be possible for same-origin pages, not for cross-origin pages)
    3. Create an authorization request such as “/authorize?response_type=code&client_id=...&redirect_uri=https%3A%2F%example.com&state=...&code_challenge=7-ffnU1EzHtMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_challenge_method=S256
    4. Load this URL in the iframe, and keep polling
    5. Detect the redirect back to the application with the code in the URL, retrieve code, and use PKCE (+ DPoP if needed) to exchange it for tokens

    In step 5, the application is likely to also try to exchange the code. This will fail due to a mismatching PKCE verifier. While noisy, I don’t think it affects the scenario. 


    IMO, the online attack scenario (i.e., proxying malicious requests through the victim’s browser) is quite appealing to an attacker, despite the apparent inconvenience:

     - the victim’s browser may be inside a corporate firewall or VPN, allowing the attacker to effectively bypass these restrictions
     - the attacker’s traffic is mixed in with the user’s own requests, making them harder to distinguish or to block

    Overall, DPoP can only protect against XSS to the same level as HttpOnly cookies. This is not nothing, but it means it only prevents relatively naive attacks. Given the association of public key signatures with strong authentication, people may have overinflated expectations if DPoP is pitched as an XSS defence.

    Yes, in the cookie world this is known as “Session Riding”. Having the worker for token isolation would make it possible to enforce a coarse-grained policy on outgoing requests to prevent total abuse of the AT.

    My main concern here is the effort of doing DPoP in a browser versus the limited gains. It may also give a false sense of security. 



    With all this said, I believe that the AS can lock down its configuration to reduce these attack vectors. A few initial ideas:

    1. Disable silent flows for SPAs using RT rotation
    2. Use the sec-fetch headers to detect and reject non-silent iframe-based flows

    For example,  an OAuth 2.0 flow in an iframe in Brave/Chrome carries these headers:
    sec-fetch-dest: iframe
    sec-fetch-mode: navigate
    sec-fetch-site: cross-site
    sec-fetch-user: ?1


    Philippe


    CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.


    CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you. 
    _______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

    -- 
Jim Manico
Manicode Security
https://www.manicode.com

    CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you. 
    -- 
Jim Manico
Manicode Security
https://www.manicode.com
    --------------411BE829BB204DEE07D3DF5C-- From nobody Mon Dec 14 00:33:45 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D120D3A0B5B for ; Mon, 14 Dec 2020 00:33:43 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 0.005 X-Spam-Level: X-Spam-Status: No, score=0.005 tagged_above=-999 required=5 tests=[HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kH1GBByrq9zC for ; Mon, 14 Dec 2020 00:33:42 -0800 (PST) Received: from p3plsmtpa08-05.prod.phx3.secureserver.net (p3plsmtpa08-05.prod.phx3.secureserver.net [173.201.193.106]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3D7983A0B2D for ; Mon, 14 Dec 2020 00:33:42 -0800 (PST) Received: from [192.168.88.250] ([94.155.17.31]) by :SMTPAUTH: with ESMTPSA id ojIZkVy0c6A5oojIakEfsJ; Mon, 14 Dec 2020 01:33:41 -0700 x-spam-cmae: v=2.4 cv=d+swdTvE c=1 sm=1 tr=0 ts=5fd72365 p=_Y5QVBCcAAAA:8 a=+I3yL00+yDwT8KNLgfs+4A==:117 a=+I3yL00+yDwT8KNLgfs+4A==:17 a=q0rX5H01Qin5IyBaTmIA:9 a=r77TgQKjGQsHNAKrUKIA:9 a=48vgC7mUAAAA:8 a=__SxRlIrAAAA:8 a=pGLkceISAAAA:8 a=1XWaLZrsAAAA:8 a=nqM2XcCHuQ0RUEaw1l4A:9 a=QEXdDO2ut3YA:10 a=IW_zQs2oMLEA:10 a=YWXEy_97qxwA:10 a=1xOB4YiTHOsA:10 a=2xnff1NAYosoiK7nWsoA:9 a=G6irygCpLoIxijo0:21 a=frz4AuCg-hUA:10 a=_W_S_7VecoQA:10 a=ppMFHJLUil4iILXwedMA:9 a=ZVk8-NSrHBgA:10 a=30ssDGKg3p0A:10 a=w1C3t2QeGrPiZgrLijVG:22 a=H5r4HjhRfVyZ-DhAOYba:22 a=IdGyktwZ2tr74praB_5u:22 x-spam-account: vladimir@connect2id.com x-spam-domain: connect2id.com X-CMAE-Analysis: v=2.4 cv=d+swdTvE c=1 sm=1 tr=0 ts=5fd72365 p=_Y5QVBCcAAAA:8 a=+I3yL00+yDwT8KNLgfs+4A==:117 a=+I3yL00+yDwT8KNLgfs+4A==:17 a=q0rX5H01Qin5IyBaTmIA:9 a=r77TgQKjGQsHNAKrUKIA:9 a=48vgC7mUAAAA:8 a=__SxRlIrAAAA:8 a=pGLkceISAAAA:8 a=1XWaLZrsAAAA:8 a=nqM2XcCHuQ0RUEaw1l4A:9 a=QEXdDO2ut3YA:10 a=IW_zQs2oMLEA:10 a=YWXEy_97qxwA:10 a=1xOB4YiTHOsA:10 a=2xnff1NAYosoiK7nWsoA:9 a=G6irygCpLoIxijo0:21 a=frz4AuCg-hUA:10 a=_W_S_7VecoQA:10 a=ppMFHJLUil4iILXwedMA:9 a=ZVk8-NSrHBgA:10 a=30ssDGKg3p0A:10 a=w1C3t2QeGrPiZgrLijVG:22 a=H5r4HjhRfVyZ-DhAOYba:22 a=IdGyktwZ2tr74praB_5u:22 X-SECURESERVER-ACCT: vladimir@connect2id.com To: Brian Campbell Cc: oauth References: <9a58bd66-e259-ebb9-1ed5-3f5075f44d97@connect2id.com> From: Vladimir Dzhuvinov Autocrypt: addr=vladimir@connect2id.com; prefer-encrypt=mutual; keydata= mQENBFQZaoEBCACnP2YMDex9fnf+niLglTHGKuoypUSVKPQeKDHHeFQVzhRke+HBEZBwmA9T kZ+kEhyrNqibDPkPYVPmo23tM8mbNcTVQqpmN7NwgMpqkqcAqNsIyBtt09DjWOQVm57A3K+y uXI7SdNErdt79p2xQseOhqSC9+LgWuyh+mZsl2oFD4glFFfKSCMp2jATXrAMeGzigTnW+Xe0 tRzrwFN9zqykKxhUq9oHg1cNvoDtfxgsc9ysVHbxM/PM8o9lgj3YTQwKMBcCFclTqohji7ML fQ08eQo+acKTwC1WRzeLt9PknGt3C4TmvdCl0c1BQTTTNiF96Hu4kbaiBIbsfxJOR8+VABEB AAG0LFZsYWRpbWlyIER6aHV2aW5vdiA8dmxhZGltaXJAY29ubmVjdDJpZC5jb20+iQE+BBMB AgAoBQJUGWqBAhsjBQkJZgGABgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRAZ0vUyOqri Ql62B/wOO0s2JC/QvO6w9iSsRhCOa/JZi+wO+l01V7eGCQ1cYf1W26Y7iKiUlY4/Kz+cr69D pMtkv3UpDTGejKEfspLUxz5Vo3T4oAKbTtNtVIZL/XxH3/JhJ719Jj4eLoe9/djKkGYTX2O5 bMk8TpO1DDjbIw4r9XKI9ZIk96zlKnZvrg7Ho7oOl0ZIf8AzcvdqZEUogDwyr8uwOU+jIyux mOTthepBzXCNjjBjnc8I1//9YppAIaGJ5nnXelVVD1/dyOszogervzFNANEIOvNvCd9G5u4e s7qkDKWKY7/Lj1tF+tMrDTrOh6JqUKbGNeTUB8DlPvIoNyqHUYfBELdpw1Nd X-Enigmail-Draft-Status: N11100 Organization: Connect2id Ltd. Message-ID: <8bf0dae0-54b8-3b33-87b2-634b40ac4a85@connect2id.com> Date: Mon, 14 Dec 2020 10:33:39 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-256; boundary="------------ms020602070003080703040509" X-CMAE-Envelope: MS4xfN/X7w4YYs4BfjZDu3O85N1dZLkfp76bX2CzOVlVNCljQ9MXPaX8VSIJkwHDd5qU0qSkFwypAaU1kgHv6MQlzDZ6gIB61n585gWPGw2c7FP0q8UH8Y77 tzHlABJA1hYOYnlCELx4zaMmtF7Onf+4mbnu4IytUPd5WXsnwklAJeXSnSU5rHSPBxmOfj5ZGdKi3I/pITgK3WC8IjHjrpni9NxLCKtUKUmGzi4h5DNXE9lE Archived-At: Subject: Re: [OAUTH-WG] PAR error for redirect URI? X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Dec 2020 08:33:44 -0000 This is a cryptographically signed message in MIME format. --------------ms020602070003080703040509 Content-Type: multipart/alternative; boundary="------------C63E142F57B441AF88762F6F" Content-Language: en-US This is a multi-part message in MIME format. --------------C63E142F57B441AF88762F6F Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hi Brian, I'd like to propose the sentence in bold to be inserted into the current section 2.3 of PAR -04: https://tools.ietf.org/html/draft-ietf-oauth-par-04#section-2.3 The authorization server returns an error response with the same format as is specified for error responses from the token endpoint in Section=C2=A05.2 of [RFC6749] using the appropriate error code from there= in or from Section=C2=A04.1.2.1 of [RFC6749]. *In those cases where Section 4.1.2.1 of [RFC6749] prohibits automatic redirection with an error back to the requesting client and hence doesn=E2=80=99t define an error code, = for example when the request fails due to a missing, invalid, or mismatching redirection URI, the =E2=80=9Cinvalid_request=E2=80=9D error code can be = used as the default error code.* Hope with this we can close the case. Vladimir On 04/12/2020 18:08, Brian Campbell wrote: > > > On Fri, Dec 4, 2020 at 12:30 AM Vladimir Dzhuvinov > > wrote: > > If people have articulated a need to have an invalid_redirect_uri > error for the PAR endpoint, then let's register it properly. > Rifaat says there's still time to do this. > > > Following from the response I recently sent to Neil, I don't think a > legitimate need has been articulated. > https://mailarchive.ietf.org/arch/msg/oauth/gMiH1mTr0AKDvWpqO1zikcVUySY= / > =C2=A0 > > I'm also okay with using the general invalid_request code for > this. In this case a sentence, next to the current example, > spelling out what the PAR endpoint must do on a invalid redirect > URI will help. > > I don't know that that's needed either. But do have some text to > suggest that you think would be helpful? > > =C2=A0 > > Vladimir > > On 03/12/2020 13:49, Rifaat Shekh-Yusef wrote: >> Torsten, Filip, >> >> You can absolutely make this change, as we are still very early >> in the process.=C2=A0 >> So feel free to continue this effort and try to get WG agreement >> on this, and update the document as needed.=C2=A0 >> >> Regards, >> =C2=A0Rifaat >> >> >> On Thursday, December 3, 2020, Filip Skokan > > wrote: >> >> To be clear, I'm not advocating to skip the registration, >> just wanted to mention a potential concern. If the process >> allows it and it will not introduce more delay to >> publication, I think we should go ahead and register the >> error code. >> >> Best, >> *Filip* >> >> >> On Thu, 3 Dec 2020 at 11:06, Torsten Lodderstedt >> > wro= te: >> >> >> >> > Am 03.12.2020 um 09:56 schrieb Filip Skokan >> >: >> > >> > There are several documents already mentioning >> "invalid_redirect_uri" as an error code, specifically >> RFC7519 and OpenID Connect Dynamic Client Registration >> 1.0. But these don't register it in the IANA OAuth >> Extensions Error Registry, presumably because they're >> neither for the authorization or token endpoints. >> > >> > While I think it'd be great if we had this error code >> registered, I also worry that its registration could >> confuse implementers to think it's okay to return it from >> the authorization endpoint. >> >> I understand your concern. On the other hand, registering >> the error code is in my opinion the proper way forward. >> The registration is scoped to a usage location, should be >> pushed authorization endpoint then, and RFC6749 gives >> clear guidance on how to treat errors related to the >> redirect URI at the authorization endpoint. >> >> "If the request fails due to a missing, invalid, or >> mismatching >> =C2=A0 =C2=A0redirection URI, =E2=80=A6 authorization serv= er ... MUST NOT >> automatically redirect the user-agent to the >> =C2=A0 =C2=A0invalid redirection URI." >> >> I think if an implementor ignores this, it will ignore >> any advise. >> >> best regards, >> Torsten. >> >> > >> > Best, >> > Filip >> > >> > >> > On Thu, 3 Dec 2020 at 00:29, Brian Campbell >> > > wrote: >> > During the course of a recent OIDF FAPI WG discussion >> (the FAPI profiles use PAR for authz requests) on this >> issue it was noted that there's no specific error code >> for problems with the redirect_uri (the example in >> https://www.ietf.org/archive/id/draft-ietf-oauth-par-04.ht= ml#section-2.3 >> even shows a general error code with mention of the >> redirect_uri not being valid in the error description). >> Some folks on that call thought it would be worthwhile to >> have a more specific error code for an invalid >> redirect_uri and I reluctantly took an action item to >> raise the issue here. At the time I'd forgotten that PAR >> had already passed WGLC. But it's been sitting idle while >> awaiting the shepherd writeup since mid September so it's >> maybe realistic to think the window for a small change is >> still open. >> > >> > Presumably nothing like an "invalid_redirect_uri" error >> code was defined in RFC 6749 because that class of errors >> could not be returned to the client via redirection. But >> the data flow in PAR would allow for a >> "invalid_redirect_uri" so it's not an unreasonable thing >> to do. >> > >> > As I write this message, however, I'm not personally >> convinced that it's worth making a change to PAR at this >> point. But I did say I'd bring the question up in the WG >> list and I'm just trying to be true to my word. So here >> it is. Please weigh in, if you have opinions on the matter= =2E >> > >> > >> > >> > CONFIDENTIALITY NOTICE: This email may contain >> confidential and privileged material for the sole use of >> the intended recipient(s). Any review, use, distribution >> or disclosure by others is strictly prohibited.=C2=A0 If y= ou >> have received this communication in error, please notify >> the sender immediately by e-mail and delete the message >> and any file attachments from your computer. Thank >> you._______________________________________________ >> > OAuth mailing list >> > OAuth@ietf.org >> > https://www.ietf.org/mailman/listinfo/oauth >> > _______________________________________________ >> > OAuth mailing list >> > OAuth@ietf.org >> > >> https://www.google.com/url?q=3Dhttps://www.ietf.org/mailma= n/listinfo/oauth&source=3Dgmail-imap&ust=3D1607590629000000&usg=3DAOvVaw3= aW1gdv4EEiLmNYzlsJj-A >> >> > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > > > /CONFIDENTIALITY NOTICE: This email may contain confidential and > privileged material for the sole use of the intended recipient(s). Any > review, use, distribution or disclosure by others is strictly > prohibited.=C2=A0 If you have received this communication in error, ple= ase > notify the sender immediately by e-mail and delete the message and any > file attachments from your computer. Thank you./=20 --=20 Vladimir Dzhuvinov --------------C63E142F57B441AF88762F6F Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable

    Hi Brian,

    I'd like to propose the sentence in bold to be inserted into the c= urrent section 2.3 of PAR -04:

    https://tools.ietf.org/html/dra= ft-ietf-oauth-par-04#section-2.3

    The authorization ser= ver returns an error response with the same format as is specified for er= ror responses from the token endpoint in Section=C2=A05.2 of [RFC6749] using the appropriate e= rror code from therein or from Section=C2=A04.1.2.1 of [RFC6749]. In those cases where Sect= ion 4.1.2.1 of [RFC6749] prohibits automatic redirection with an error ba= ck to the requesting client and hence doesn=E2=80=99t define an error cod= e, for example when the request fails due to a missing, invalid, or misma= tching redirection URI, the =E2=80=9Cinvalid_request=E2=80=9D error code = can be used as the default error code.

    Hope with this we can close the case.

    Vladimir

    On 04/12/2020 18:08, Brian Campbell wrote:


    On Fri, Dec 4, 2020 at 12= :30 AM Vladimir Dzhuvinov <vladimir@connect2id.com> wrote:

    If people have articulated a need to have an invalid_red= irect_uri error for the PAR endpoint, then let's register it properly. Rifaat says there's still time to do this.


    Following from the response I recently sent to Neil, I don't think a legitimate need has been articulated. https://mailarchive.ietf.org/arch/= msg/oauth/gMiH1mTr0AKDvWpqO1zikcVUySY/
    =C2=A0

    I'm also okay with using the general invalid_request cod= e for this. In this case a sentence, next to the current example, spelling out what the PAR endpoint must do on a invalid redirect URI will help.

    I don't know that that's needed either. But do have some text to suggest that you think would be helpful?

    =C2=A0

    Vladimir

    On 03/12/2020 13:49, Rifaat Shekh-Yusef wrote:
    Torsten, Filip,

    You can absolutely make this change, as we are still very early in the process.=C2=A0
    So feel free to continue this effort and try to get WG agreement on this, and update the document as needed.=C2=A0

    Regards,
    =C2=A0Rifaat


    On Thursday, December 3, 2020, Filip Skokan <panva.ip@gmail.com> wrote:
    To be clear, I'm not advocating to skip the registration, just wanted to mention a potential concern. If the process allows it and it will not introduce more delay to publication, I think we should go ahead and register the error code.

    Best,
    Filip


    On Thu, 3 Dec= 2020 at 11:06, Torsten Lodderstedt <tors= ten@lodderstedt.net> wrote:


    > Am 03.12.2020 um 09:56 schrieb Filip Skokan <panv= a.ip@gmail.com>:
    >
    > There are several documents already mentioning "invalid_redirect_uri" as an error code, specifically RFC7519 and OpenID Connect Dynamic Client Registration 1.0. But these don't register it in the IANA OAuth Extensions Error Registry, presumably because they're neither for the authorization or token endpoints.
    >
    > While I think it'd be great if we had this error code registered, I also worry that its registration could confuse implementers to think it's okay to return it from the authorization endpoint.

    I understand your concern. On the other hand, registering the error code is in my opinion the proper way forward. The registration is scoped to a usage location, should be pushed authorization endpoint then, and RFC6749 gives clear guidance on how to treat errors related to the redirect URI at the authorization endpoint.

    "If the request fails due to a missing, invalid, or mismatching
    =C2=A0 =C2=A0redirection URI, =E2=80=A6 authoriza= tion server ... MUST NOT automatically redirect the user-agent to the
    =C2=A0 =C2=A0invalid redirection URI."

    I think if an implementor ignores this, it will ignore any advise.

    best regards,
    Torsten.

    >
    > Best,
    > Filip
    >
    >
    > On Thu, 3 Dec 2020 at 00:29, Brian Campbell <bcampbell=3D40pi= ngidentity.com@dmarc.ietf.org> wrote:
    > During the course of a recent OIDF FAPI WG discussion (the FAPI profiles use PAR for authz requests) on this issue it was noted that there's no specific error code for problems with the redirect_uri (the example in https://www.ietf.org/a= rchive/id/draft-ietf-oauth-par-04.html#section-2.3 even shows a general error code with mention of the redirect_uri not being valid in the error description). Some folks on that call thought it would be worthwhile to have a more specific error code for an invalid redirect_uri and I reluctantly took an action item to raise the issue here. At the time I'd forgotten that PAR had already passed WGLC. But it's been sitting idle while awaiting the shepherd writeup since mid September so it's maybe realistic to think the window for a small change is still open.
    >
    > Presumably nothing like an "invalid_redirect_uri" error code was defined in RFC 6749 because that class of errors could not be returned to the client via redirection. But the data flow in PAR would allow for a "invalid_redirect_uri" so it's not an unreasonable thing to do.
    >
    > As I write this message, however, I'm not personally convinced that it's worth making a change to PAR at this point. But I did say I'd bring the question up in the WG list and I'm just trying to be true to my word. So here it is. Please weigh in, if you have opinions on the matter.
    >
    >
    >
    > CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.=C2=A0 If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you._____________________________________________= __
    > OAuth mailing list
    > OAut= h@ietf.org
    > https://www.ietf.org/m= ailman/listinfo/oauth
    > _______________________________________________ > OAuth mailing list
    > OAut= h@ietf.org
    > https://www.google.com= /url?q=3Dhttps://www.ietf.org/mailman/listinfo/oauth&source=3Dgmail-i= map&ust=3D1607590629000000&usg=3DAOvVaw3aW1gdv4EEiLmNYzlsJj-A=



    _______________________________________________
    OAuth mailing list
    OAuth@ietf.org
    https://www.ietf.org/mailman/listinfo/oauth

    C= ONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.=C2=A0 If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you. 
    --=20
Vladimir Dzhuvinov
    --------------C63E142F57B441AF88762F6F-- --------------ms020602070003080703040509 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADCABgkqhkiG9w0BBwEAAKCC CzMwggUbMIIEA6ADAgECAhBs/e7jES6a32XKZxs4R01iMA0GCSqGSIb3DQEBCwUAMIGWMQsw CQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxm b3JkMRgwFgYDVQQKEw9TZWN0aWdvIExpbWl0ZWQxPjA8BgNVBAMTNVNlY3RpZ28gUlNBIENs aWVudCBBdXRoZW50aWNhdGlvbiBhbmQgU2VjdXJlIEVtYWlsIENBMB4XDTE5MTEwMjAwMDAw MFoXDTIxMTEwMTIzNTk1OVowKDEmMCQGCSqGSIb3DQEJARYXdmxhZGltaXJAY29ubmVjdDJp ZC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG5mL+CcvSppMj/W8Kd0/E 1/y5/s94gmbIFzEugHyMPV2dd6lusiALe35QCtu3e8Wy6FkCwzxWmmzhF4FY/e4uPbDjco3w /GgHhz2KXe385u31c32/uM3jRqhYT5JvmXxte/GgmjcW1yWcPkKEz/sCezdIYpI9Pek+P4Gr xmbt8H+wJrwfrXKTJXXT+gFjCcZDRLm67X4U57TsaCoezTe7zOoPX9zxMTyZD/cvC/SfuVxQ U60ZsfZzdcgPwScgy3JaiPegcbnqqebjJqtRx42eRjrBZ1/u411rHN2QQLgiih7D1/4PJC9f /8nHgaerLy3ogdu1dw5+vQ1TRIYBmcIXAgMBAAGjggHQMIIBzDAfBgNVHSMEGDAWgBQJwPL8 C9qU21/+K9+omULPyeCtADAdBgNVHQ4EFgQU446sriG/NgywLZA2oBG79Yr2qyAwDgYDVR0P AQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwQGCCsGAQUFBwMC MEAGA1UdIAQ5MDcwNQYMKwYBBAGyMQECAQEBMCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8vc2Vj dGlnby5jb20vQ1BTMFoGA1UdHwRTMFEwT6BNoEuGSWh0dHA6Ly9jcmwuc2VjdGlnby5jb20v U2VjdGlnb1JTQUNsaWVudEF1dGhlbnRpY2F0aW9uYW5kU2VjdXJlRW1haWxDQS5jcmwwgYoG CCsGAQUFBwEBBH4wfDBVBggrBgEFBQcwAoZJaHR0cDovL2NydC5zZWN0aWdvLmNvbS9TZWN0 aWdvUlNBQ2xpZW50QXV0aGVudGljYXRpb25hbmRTZWN1cmVFbWFpbENBLmNydDAjBggrBgEF BQcwAYYXaHR0cDovL29jc3Auc2VjdGlnby5jb20wIgYDVR0RBBswGYEXdmxhZGltaXJAY29u bmVjdDJpZC5jb20wDQYJKoZIhvcNAQELBQADggEBAEE73kCtUigl/bhLrqS6AsCU+jKm1fxq BY09+ktBwVcu5WgM18Uov3WvzVnjXn5BNNVM3RwhWFXyW3pPnDPyjqgxcpfoyY5SJEzvcPlu wm69z/dzqasVhsHPIFSjACnUBrFZPsq/abMQr4yFOMVyX/EudYgmZVu2Er9Ui7YbTO1Nolap xlseQIgQhVcr7aSs02PLDANuwW/asgKExYzhPdt9MF1lezj968Mv74kRo1T/lm5RFNfh2QdM 9C0n1t+qRCrRF1VbsiTgChjazgNGbvl12bOAujX0up4hqw+7PaCcI3Mpyv/rKKKrRG52iCcv cMHX344tOqKM/DIdF/0WNpkwggYQMIID+KADAgECAhBNlCwQ1DvglAnFgS06KwZPMA0GCSqG SIb3DQEBDAUAMIGIMQswCQYDVQQGEwJVUzETMBEGA1UECBMKTmV3IEplcnNleTEUMBIGA1UE BxMLSmVyc2V5IENpdHkxHjAcBgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29yazEuMCwGA1UE AxMlVVNFUlRydXN0IFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0xODExMDIwMDAw MDBaFw0zMDEyMzEyMzU5NTlaMIGWMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBN YW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRgwFgYDVQQKEw9TZWN0aWdvIExpbWl0ZWQx PjA8BgNVBAMTNVNlY3RpZ28gUlNBIENsaWVudCBBdXRoZW50aWNhdGlvbiBhbmQgU2VjdXJl IEVtYWlsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjztlApB/975Rrno 1jvm2pK/KxBOqhq8gr2+JhwpKirSzZxQgT9tlC7zl6hn1fXjSo5MqXUfItMltrMaXqcESJuK 8dtK56NCSrq4iDKaKq9NxOXFmqXX2zN8HHGjQ2b2Xv0v1L5Nk1MQPKA19xeWQcpGEGFUUd0k N+oHox+L9aV1rjfNiCj3bJk6kJaOPabPi2503nn/ITX5e8WfPnGw4VuZ79Khj1YBrf24k5Ee 1sLTHsLtpiK9OjG4iQRBdq6Z/TlVx/hGAez5h36bBJMxqdHLpdwIUkTqT8se3ed0PewDch/8 kHPo5fZl5u1B0ecpq/sDN/5sCG52Ds+QU5O5EwIDAQABo4IBZDCCAWAwHwYDVR0jBBgwFoAU U3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFAnA8vwL2pTbX/4r36iZQs/J4K0AMA4G A1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMC BggrBgEFBQcDBDARBgNVHSAECjAIMAYGBFUdIAAwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDov L2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUNlcnRpZmljYXRpb25BdXRob3JpdHku Y3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3Qu Y29tL1VTRVJUcnVzdFJTQUFkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2Nz cC51c2VydHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQBBRHUAqznCFfXejpVtMnFojADd F9d6HBA4kMjjsb0XMZHztuOCtKF+xswhh2GqkW5JQrM8zVlU+A2VP72Ky2nlRA1GwmIPgou7 4TZ/XTarHG8zdMSgaDrkVYzz1g3nIVO9IHk96VwsacIvBF8JfqIs+8aWH2PfSUrNxP6Ys7U0 sZYx4rXD6+cqFq/ZW5BUfClN/rhk2ddQXyn7kkmka2RQb9d90nmNHdgKrwfQ49mQ2hWQNDkJ JIXwKjYA6VUR/fZUFeCUisdDe/0ABLTI+jheXUV1eoYV7lNwNBKpeHdNuO6Aacb533JlfeUH xvBz9OfYWUiXu09sMAviM11Q0DuMZ5760CdO2VnpsXP4KxaYIhvqPqUMWqRdWyn7crItNkZe roXaecG03i3mM7dkiPaCkgocBg0EBYsbZDZ8bsG3a08LwEsL1Ygz3SBsyECa0waq4hOf/Z85 F2w2ZpXfP+w8q4ifwO90SGZZV+HR/Jh6rEaVPDRF/CEGVqR1hiuQOZ1YL5ezMTX0ZSLwrymU E0pwi/KDaiYB15uswgeIAcA6JzPFf9pLkAFFWs1QNyN++niFhsM47qodx/PL+5jR87myx5uY dBEQkkDc+lKB1Wct6ucXqm2EmsaQ0M95QjTmy+rDWjkDYdw3Ms6mSWE3Bn7i5ZgtwCLXgAIe 5W8mybM2JzGCBDIwggQuAgEBMIGrMIGWMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRl ciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRgwFgYDVQQKEw9TZWN0aWdvIExpbWl0 ZWQxPjA8BgNVBAMTNVNlY3RpZ28gUlNBIENsaWVudCBBdXRoZW50aWNhdGlvbiBhbmQgU2Vj dXJlIEVtYWlsIENBAhBs/e7jES6a32XKZxs4R01iMA0GCWCGSAFlAwQCAQUAoIICVzAYBgkq hkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0yMDEyMTQwODMzMzlaMC8G CSqGSIb3DQEJBDEiBCDfkvDZmkGC7e1JgZcma1W5irREc7zxnj8iurUPEn6mOTBsBgkqhkiG 9w0BCQ8xXzBdMAsGCWCGSAFlAwQBKjALBglghkgBZQMEAQIwCgYIKoZIhvcNAwcwDgYIKoZI hvcNAwICAgCAMA0GCCqGSIb3DQMCAgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMIG8Bgkr BgEEAYI3EAQxga4wgaswgZYxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNo ZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE+MDwG A1UEAxM1U2VjdGlnbyBSU0EgQ2xpZW50IEF1dGhlbnRpY2F0aW9uIGFuZCBTZWN1cmUgRW1h aWwgQ0ECEGz97uMRLprfZcpnGzhHTWIwgb4GCyqGSIb3DQEJEAILMYGuoIGrMIGWMQswCQYD VQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3Jk MRgwFgYDVQQKEw9TZWN0aWdvIExpbWl0ZWQxPjA8BgNVBAMTNVNlY3RpZ28gUlNBIENsaWVu dCBBdXRoZW50aWNhdGlvbiBhbmQgU2VjdXJlIEVtYWlsIENBAhBs/e7jES6a32XKZxs4R01i MA0GCSqGSIb3DQEBAQUABIIBAJ+hPLn2lvFcqQ7sJRP8UpTWENazwxJeqeawqka53nf07Rlh vCtxdoQeSNUj+uJEXZSvOrBkqc5vUBvXOiB0CJhta6n7AZzZYvvY7SMyiOVgnPs+3JVQr1K3 LzAK1wY5Fb1dFiTIiYyCffqTdGao2x+sWxVGWtjo0XN7pJKkY6JKsqcKHfgc0ziF3T66ywZb bQoasg4EaabaVWvbzh3oOCvDEQW5gF6rZOcQEtolFxUhVlD89yoaKCCOk+KPP1alPPj4cIJU VmqCQydwYOGyZ/DXd7gx1WG/K75Qie7CLbns7Im2HNsTEK5vqG8aZAGLdJblJasDBL9MOUG+ Q6hBTYsAAAAAAAA= --------------ms020602070003080703040509-- From nobody Mon Dec 14 02:02:39 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3974D3A0EAF for ; Mon, 14 Dec 2020 02:02:38 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 0.003 X-Spam-Level: X-Spam-Status: No, score=0.003 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=leastprivilege-com.20150623.gappssmtp.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ON7wEUwOJj11 for ; Mon, 14 Dec 2020 02:02:36 -0800 (PST) Received: from mail-il1-x12f.google.com (mail-il1-x12f.google.com [IPv6:2607:f8b0:4864:20::12f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A99863A0EAD for ; Mon, 14 Dec 2020 02:02:36 -0800 (PST) Received: by mail-il1-x12f.google.com with SMTP id c18so15253547iln.10 for ; Mon, 14 Dec 2020 02:02:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=leastprivilege-com.20150623.gappssmtp.com; s=20150623; h=from:in-reply-to:references:mime-version:date:message-id:subject:to; bh=IXilYw1JQZskRIRsBC3NBZ08TelIbAd4TR52oHSRc5c=; b=G14MtI+ouQGAtecb8T/DOI9FodjgfV2YL1NA0hsEyrMQ+eh/ay8kzdbbYfhs6embU1 eVcaRiHsa4zpUzJEqPTiXKifigIBENnEw3YM1+PzprHPRTWKw2L9m42S3vssNjkLdP4n cCPxhlQjWsjKZerZ8aX/cOY+3x4OGv+AyK8tkKxfQrEW8xgYCUiLRNy2nggdkK4g/P33 BUDmb3rWVgdiAo8Sk/+11IEn0NOLg2nT7qp38GYaTVD9pSnC8eridUgND2SD3uMvA1xy 18OBhyz5ayz4cgP/pNZPXKlvUor3nLv6kT/BWwIduj6IckBia1m9j/fG9tXs4GqUl3kZ SfZw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:in-reply-to:references:mime-version:date :message-id:subject:to; bh=IXilYw1JQZskRIRsBC3NBZ08TelIbAd4TR52oHSRc5c=; b=Ej1SVkLVyBkQkvuYKUNwZ8dC0HeApa6OZYe+PzFAaCrhcV8gScDVobrXNYkPgWgCCl wUefvGYJcPjpwtnFjPunymVdn1KvqRWEiB9lpR3OYAZEcfXLDttpwI3k0iIpWef7I5P5 ai9bYoFrxuwva5VosYuPQgKC3DaEqcZnQLAim4pnuEWnHPr4ix9N8ado0LFwAl+SrzfH LazJbQZv9ELP7DhJzyiDFMAvsuNQiAgaN1ma9SAdy2C9aUSGcgB6vvg37QyIshMEo4s1 Z8bK0anSqtsn4SAu/5tkuaCcyj2Xt6DDUaGG717VWpfxUKNFHfDVdE6cTfJdswPdAOJ4 r7nQ== X-Gm-Message-State: AOAM532sOLfaI94pL4CwxqwZmqSHprM5DGWG4h+VWPJ6fmLMhNmyPlwR ie3rgMvl1fl7hSzOXs7Rgu5S1u2QcwQdI2S09o1T X-Google-Smtp-Source: ABdhPJwvTSIfS1u/0Ipq/VW7c8BHxgAtlSaa73IlML3QVsttYXjVFgdqHcOklb3MbY+t/8zsNzie0P929N0rOnT4lYM= X-Received: by 2002:a92:d0c8:: with SMTP id y8mr32310253ila.46.1607940155747; Mon, 14 Dec 2020 02:02:35 -0800 (PST) Received: from 1058052472880 named unknown by gmailapi.google.com with HTTPREST; Mon, 14 Dec 2020 02:02:35 -0800 From: Dominick Baier In-Reply-To: References: MIME-Version: 1.0 Date: Mon, 14 Dec 2020 02:02:35 -0800 Message-ID: To: Rifaat Shekh-Yusef , oauth Content-Type: multipart/alternative; boundary="000000000000cdc25805b669bdb9" Archived-At: Subject: Re: [OAUTH-WG] Call for Adoption - AS Issuer Identifier in Authorization Response X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Dec 2020 10:02:38 -0000 --000000000000cdc25805b669bdb9 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable +1 =E2=80=94=E2=80=94=E2=80=94 Dominick Baier On 8. December 2020 at 13:51:04, Rifaat Shekh-Yusef (rifaat.s.ietf@gmail.co= m) wrote: All, This is a call for adoption for the following AS Issuer Identifier in Authorization Response as a WG document: https://datatracker.ietf.org/doc/draft-meyerzuselhausen-oauth-iss-auth-resp= / Please, provide your feedback on the mailing list by Dec 22nd. Regards, Rifaat & Hannes _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth --000000000000cdc25805b669bdb9 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable =
    +1
    =E2=80=94=E2=80=94=E2=80=94
    Do= minick Baier

    On 8. December 2020 at= 13:51:04, Rifaat Shekh-Yusef (r= ifaat.s.ietf@gmail.com) wrote:

    All,

    This is a = call for adoption for the following AS Issuer Identifier in Authorization R= esponse as a WG document:
    https://datatracker.ietf.org/doc= /draft-meyerzuselhausen-oauth-iss-auth-resp/

    Please, provide you= r feedback on the mailing list by Dec 22nd.

    Regards,
    =C2=A0Rifaat= & Hannes
    _______________________________________________
    OAuth mailing list
    OAuth@ietf.org
    https://www.iet= f.org/mailman/listinfo/oauth
    --000000000000cdc25805b669bdb9-- From nobody Mon Dec 14 05:46:19 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6D3083A0AC4 for ; Mon, 14 Dec 2020 05:46:18 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.197 X-Spam-Level: X-Spam-Status: No, score=-0.197 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=pingidentity.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RwFU1QbDSmR1 for ; Mon, 14 Dec 2020 05:46:15 -0800 (PST) Received: from mail-lf1-x134.google.com (mail-lf1-x134.google.com [IPv6:2a00:1450:4864:20::134]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 743823A0AC3 for ; Mon, 14 Dec 2020 05:46:15 -0800 (PST) Received: by mail-lf1-x134.google.com with SMTP id u18so30155961lfd.9 for ; Mon, 14 Dec 2020 05:46:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=18EhhUCzcj2W4Vcg3AP9opPWzxv2c855R558+ZfUdHY=; b=btJRoW2hQSJhoCRTNfq9cahPyP6SQ7n9uNqEVMrhiTaG5Wax3tYSjzxnWyfjwOBBfK NW6K+IIfbkIpXJylpkJ/y9M7kWFIFlg/O54g6A9WjUmoq35m8MC4KIRexgZeb295x30d zA10K5WX6lsbjacYqaIrsu+YjybvtOTa2zPws6RZEt861QqRinDS8iX2nTvDnajoATWJ pBSVC0pOuXTSwVfBmmEhu3M0ixHV6PYnSXFedrIju1oZxi/4EghOXmrNKfJXxwXbsMfW YD61jjmzvwtLJTJOM2VQfGkZmRb/mybsp6HRYnylFU3xFnddb3dGqdpfB5jS7Ri/IWjS Gn2g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=18EhhUCzcj2W4Vcg3AP9opPWzxv2c855R558+ZfUdHY=; b=V8BxRSx7Mp33dJXIc6cJ/WaawSp6l7uyJQs+aWQkCuqB87e2r874xhpysz2V8bMJRH lfJDlbuCT2XeHI3QrfW2gF8fUMpi9lbzSw4HAMvxPxBfdL2vCM+Mxyf7HZ+tdylOcCyO BgdEFcDTuVuGKONokg1SpgEWVVUbr1gWp6C+w5g2FNARxOWaBnYDGpeOa/Lvi0Ui+pD1 Yc6w/a2KbRu4w1kgZR6g6XXkjc6MQOYDEb+svH7DtRz+28Em2plVDw3zgfdGwEWUyIgE 1ZyMWCPDznfpfnUjqNYHmaqV8UhN8Yb14/CiymaoRvuSZeIwcviGTLCiRT6yo/VsxriB QCrw== X-Gm-Message-State: AOAM531DTVYhjeCyFDiSLGZ095id2bZ4aMaVYtsegg+SbvzAJtuu7rem bxLt6b18aQqWpGevwhUDJbFZItr8exeq5x5Rb0U9u75duWBS3kKK6cjyX6UpJH4lkUKM72cX75M k5ACv1IczD+jBKSAzN9SrOg== X-Google-Smtp-Source: ABdhPJz3DxfgqG/gTsEc8A+zhOC1Divn8t2dMI7pzXjlk+0tZEpYHZnuNANKreGexwMnzaakvFOVHkoKcCBH56N2srM= X-Received: by 2002:a19:650c:: with SMTP id z12mr9094823lfb.582.1607953573373; Mon, 14 Dec 2020 05:46:13 -0800 (PST) MIME-Version: 1.0 References: <9a58bd66-e259-ebb9-1ed5-3f5075f44d97@connect2id.com> <8bf0dae0-54b8-3b33-87b2-634b40ac4a85@connect2id.com> In-Reply-To: <8bf0dae0-54b8-3b33-87b2-634b40ac4a85@connect2id.com> From: Brian Campbell Date: Mon, 14 Dec 2020 06:45:46 -0700 Message-ID: To: Vladimir Dzhuvinov Cc: oauth Content-Type: multipart/alternative; boundary="0000000000008e873505b66cdd21" Archived-At: Subject: Re: [OAUTH-WG] PAR error for redirect URI? X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Dec 2020 13:46:18 -0000 --0000000000008e873505b66cdd21 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Thanks Vladimir, that seems quite reasonable. Barring any objections, I'll add that to a -04. On Mon, Dec 14, 2020 at 1:33 AM Vladimir Dzhuvinov wrote: > Hi Brian, > > I'd like to propose the sentence in bold to be inserted into the current > section 2.3 of PAR -04: > > https://tools.ietf.org/html/draft-ietf-oauth-par-04#section-2.3 > > The authorization server returns an error response with the same format a= s > is specified for error responses from the token endpoint in Section 5.2 > of [RFC6749] using the appropriate error code from therein or from Sectio= n 4.1.2.1 > of [RFC6749]. *In those cases where Section 4.1.2.1 of [RFC6749] > prohibits automatic redirection with an error back to the requesting clie= nt > and hence doesn=E2=80=99t define an error code, for example when the requ= est fails > due to a missing, invalid, or mismatching redirection URI, the > =E2=80=9Cinvalid_request=E2=80=9D error code can be used as the default e= rror code.* > > Hope with this we can close the case. > > Vladimir > > On 04/12/2020 18:08, Brian Campbell wrote: > > > > On Fri, Dec 4, 2020 at 12:30 AM Vladimir Dzhuvinov < > vladimir@connect2id.com> wrote: > >> If people have articulated a need to have an invalid_redirect_uri error >> for the PAR endpoint, then let's register it properly. Rifaat says there= 's >> still time to do this. >> > > Following from the response I recently sent to Neil, I don't think a > legitimate need has been articulated. > https://mailarchive.ietf.org/arch/msg/oauth/gMiH1mTr0AKDvWpqO1zikcVUySY/ > > >> I'm also okay with using the general invalid_request code for this. In >> this case a sentence, next to the current example, spelling out what the >> PAR endpoint must do on a invalid redirect URI will help. >> > I don't know that that's needed either. But do have some text to suggest > that you think would be helpful? > > > >> Vladimir >> On 03/12/2020 13:49, Rifaat Shekh-Yusef wrote: >> >> Torsten, Filip, >> >> You can absolutely make this change, as we are still very early in the >> process. >> So feel free to continue this effort and try to get WG agreement on this= , >> and update the document as needed. >> >> Regards, >> Rifaat >> >> >> On Thursday, December 3, 2020, Filip Skokan wrote: >> >>> To be clear, I'm not advocating to skip the registration, just wanted t= o >>> mention a potential concern. If the process allows it and it will not >>> introduce more delay to publication, I think we should go ahead and >>> register the error code. >>> >>> Best, >>> *Filip* >>> >>> >>> On Thu, 3 Dec 2020 at 11:06, Torsten Lodderstedt < >>> torsten@lodderstedt.net> wrote: >>> >>>> >>>> >>>> > Am 03.12.2020 um 09:56 schrieb Filip Skokan : >>>> > >>>> > There are several documents already mentioning "invalid_redirect_uri= " >>>> as an error code, specifically RFC7519 and OpenID Connect Dynamic Clie= nt >>>> Registration 1.0. But these don't register it in the IANA OAuth Extens= ions >>>> Error Registry, presumably because they're neither for the authorizati= on or >>>> token endpoints. >>>> > >>>> > While I think it'd be great if we had this error code registered, I >>>> also worry that its registration could confuse implementers to think i= t's >>>> okay to return it from the authorization endpoint. >>>> >>>> I understand your concern. On the other hand, registering the error >>>> code is in my opinion the proper way forward. The registration is scop= ed to >>>> a usage location, should be pushed authorization endpoint then, and RF= C6749 >>>> gives clear guidance on how to treat errors related to the redirect UR= I at >>>> the authorization endpoint. >>>> >>>> "If the request fails due to a missing, invalid, or mismatching >>>> redirection URI, =E2=80=A6 authorization server ... MUST NOT automa= tically >>>> redirect the user-agent to the >>>> invalid redirection URI." >>>> >>>> I think if an implementor ignores this, it will ignore any advise. >>>> >>>> best regards, >>>> Torsten. >>>> >>>> > >>>> > Best, >>>> > Filip >>>> > >>>> > >>>> > On Thu, 3 Dec 2020 at 00:29, Brian Campbell >>> 40pingidentity.com@dmarc.ietf.org> wrote: >>>> > During the course of a recent OIDF FAPI WG discussion (the FAPI >>>> profiles use PAR for authz requests) on this issue it was noted that >>>> there's no specific error code for problems with the redirect_uri (the >>>> example in >>>> https://www.ietf.org/archive/id/draft-ietf-oauth-par-04.html#section-2= .3 >>>> even shows a general error code with mention of the redirect_uri not b= eing >>>> valid in the error description). Some folks on that call thought it wo= uld >>>> be worthwhile to have a more specific error code for an invalid >>>> redirect_uri and I reluctantly took an action item to raise the issue = here. >>>> At the time I'd forgotten that PAR had already passed WGLC. But it's b= een >>>> sitting idle while awaiting the shepherd writeup since mid September s= o >>>> it's maybe realistic to think the window for a small change is still o= pen. >>>> > >>>> > Presumably nothing like an "invalid_redirect_uri" error code was >>>> defined in RFC 6749 because that class of errors could not be returned= to >>>> the client via redirection. But the data flow in PAR would allow for a >>>> "invalid_redirect_uri" so it's not an unreasonable thing to do. >>>> > >>>> > As I write this message, however, I'm not personally convinced that >>>> it's worth making a change to PAR at this point. But I did say I'd bri= ng >>>> the question up in the WG list and I'm just trying to be true to my wo= rd. >>>> So here it is. Please weigh in, if you have opinions on the matter. >>>> > >>>> > >>>> > >>>> > CONFIDENTIALITY NOTICE: This email may contain confidential and >>>> privileged material for the sole use of the intended recipient(s). Any >>>> review, use, distribution or disclosure by others is strictly prohibit= ed. >>>> If you have received this communication in error, please notify the se= nder >>>> immediately by e-mail and delete the message and any file attachments = from >>>> your computer. Thank you._____________________________________________= __ >>>> > OAuth mailing list >>>> > OAuth@ietf.org >>>> > https://www.ietf.org/mailman/listinfo/oauth >>>> > _______________________________________________ >>>> > OAuth mailing list >>>> > OAuth@ietf.org >>>> > >>>> https://www.google.com/url?q=3Dhttps://www.ietf.org/mailman/listinfo/o= auth&source=3Dgmail-imap&ust=3D1607590629000000&usg=3DAOvVaw3aW1gdv4EEiLmNY= zlsJj-A >>>> >>>> >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth >> > > *CONFIDENTIALITY NOTICE: This email may contain confidential and > privileged material for the sole use of the intended recipient(s). Any > review, use, distribution or disclosure by others is strictly prohibited. > If you have received this communication in error, please notify the sende= r > immediately by e-mail and delete the message and any file attachments fro= m > your computer. Thank you.* > > -- > Vladimir Dzhuvinov > > --=20 _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged= =20 material for the sole use of the intended recipient(s). Any review, use,=20 distribution or disclosure by others is strictly prohibited.=C2=A0 If you h= ave=20 received this communication in error, please notify the sender immediately= =20 by e-mail and delete the message and any file attachments from your=20 computer. Thank you._ --0000000000008e873505b66cdd21 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
    Thanks Vladimir, that seems quite reasonable. Barring any = objections, I'll add that to a -04.

    On Mon, Dec 14, 2020 at 1:33 AM= Vladimir Dzhuvinov <vladimir= @connect2id.com> wrote:
    =20 =20 =20

    Hi Brian,

    I'd like to propose the sentence in bold to be inserted into the= current section 2.3 of PAR -04:

    https://tools.ietf.org/html/draft-ietf-oauth-par-= 04#section-2.3

    The authorization server return= s an error response with the same format as is specified for error response= s from the token endpoint in Sect= ion=C2=A05.2 of [RFC6749] using the appropriate error code from ther= ein or from Section=C2=A04.1.2.1 = of [RFC6749]. In those cases where Section 4.1.2.1 of [RFC6749] p= rohibits automatic redirection with an error back to the requesting client = and hence doesn=E2=80=99t define an error code, for example when the reques= t fails due to a missing, invalid, or mismatching redirection URI, the =E2= =80=9Cinvalid_request=E2=80=9D error code can be used as the default error = code.

    Hope with this we can close the case.

    Vladimir

    On 04/12/2020 18:08, Brian Campbell wrote:
    =20


    On Fri, Dec 4, 2020 at 12:3= 0 AM Vladimir Dzhuvinov <vladimir@connect2id.com> wrote:

    If people have articulated a need to have an invalid_redir= ect_uri error for the PAR endpoint, then let's register it properly. Rifaat says there's still time to do this.


    Following from the response I recently sent to Neil, I don't think a legitimate need has been articulated. https://mailarchive.ietf.org/arch/msg/oauth/gMiH1mTr0A= KDvWpqO1zikcVUySY/
    =C2=A0

    I'm also okay with using the general invalid_request c= ode for this. In this case a sentence, next to the current example, spelling out what the PAR endpoint must do on a invalid redirect URI will help.

    I don't know that that's needed either. But do have = some text to suggest that you think would be helpful?

    =C2=A0

    Vladimir

    On 03/12/2020 13:49, Rifaat Shekh-Yusef wrote:
    Torsten, Filip,

    You can absolutely make this change, as we are still very early in the process.=C2=A0
    So feel free to continue this effort and try to get WG agreement on this, and update the document as needed.=C2=A0

    Regards,
    =C2=A0Rifaat


    On Thursday, December 3, 2020, Filip Skokan <panva.ip@gmail.com> wrote:
    To be clear, I'm not advocating to skip the registration, just wanted to mention a potential concern. If the process allows it and it will not introduce more delay to publication, I think we should go ahead and register the error code.

    Best,
    Filip


    On Thu, 3 Dec 2020 at 11:06, Torsten Lodderstedt <torsten@lodderstedt.net> wrote:

    > Am 03.12.2020 um 09:56 schrieb Filip Skokan <    panva.ip@gmail.com>:
    >
    > There are several documents already mentioning "invalid_redirect_uri" as an e= rror code, specifically RFC7519 and OpenID Connect Dynamic Client Registration 1.0. But these don'= t register it in the IANA OAuth Extensions Error Registry, presumably because they're neither fo= r the authorization or token endpoints.
    >
    > While I think it'd be great if we had this error code registered, I also worry that its registration could confuse implementers to think it's okay to return it from the authorization endpoint.

    I understand your concern. On the other hand, registering the error code is in my opinion the proper way forward. The registration is scoped to a usage location, should be pushed authorization endpoint then, and RFC6749 gives clear guidance on how to treat errors related to the redirect URI at the authorization endpoint.

    "If the request fails due to a missing, invali= d, or mismatching
    =C2=A0 =C2=A0redirection URI, =E2=80=A6 authorizati= on server ... MUST NOT automatically redirect the user-agent to the
    =C2=A0 =C2=A0invalid redirection URI."

    I think if an implementor ignores this, it will ignore any advise.

    best regards,
    Torsten.

    >
    > Best,
    > Filip
    >
    >
    > On Thu, 3 Dec 2020 at 00:29, Brian Campbell <bcampbell=3D40pingidentity.com@dmarc.ietf.org&g= t; wrote:
    > During the course of a recent OIDF FAPI WG discussion (the FAPI profiles use PAR for authz requests) on this issue it was noted that there's no specific error code for problems wit= h the redirect_uri (the example in https://www.ietf.org/archive/id/draft-ietf-oau= th-par-04.html#section-2.3 even shows a general error code with mention of the redirect_uri not being valid in the error description). Some folks on that call thought it would be worthwhile to have a more specific error code for an invalid redirect_uri and I reluctantly took an action item to raise the issue here. At the time I'd forgotten that PAR had already passed WGLC. But it's been sitting idle while awaiting the shepherd writeup since mid September so it's maybe realistic to think the window for a small change is still open.
    >
    > Presumably nothing like an "invalid_redirect_uri" error code was def= ined in RFC 6749 because that class of errors could not be returned to the client via redirection. But the data flow in PAR would allow for a "invalid_redirect_uri" so it's not an unreasonable thing to do.
    >
    > As I write this message, however, I'm not personally convinced that it's worth making a change to PAR at this point. But I did say I'd bring the question up in the WG list and I'm just trying to be true to my word. So here it is. Please weigh in, if you have opinions on the matter.
    >
    >
    >
    > CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.=C2=A0 If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you._______________________________________________=
    > OAuth mailing list
    > OAuth@ietf.org
    > https://www.ietf.org/mailman= /listinfo/oauth
    > _______________________________________________
    > OAuth mailing list
    > OAuth@ietf.org
    > https://www.google.com/url?q=3Dhttps://www.ietf.org/mailm= an/listinfo/oauth&source=3Dgmail-imap&ust=3D1607590629000000&us= g=3DAOvVaw3aW1gdv4EEiLmNYzlsJj-A



    _______________________________________________
    OAuth mailing list
    OAuth@ietf.= org
    https://www.ietf.org/mailman/listinfo/oauth

    CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.=C2=A0 If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you. 
    --=20
Vladimir Dzhuvinov

    <= span style=3D"margin:0px;padding:0px;border:0px;outline:0px;vertical-align:= baseline;background:transparent;font-family:proxima-nova-zendesk,system-ui,= -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ub= untu,Cantarell,"Helvetica Neue",Arial,sans-serif;font-weight:600"= >CONFIDENTIALITY NOTICE: This email may contain confidenti= al and privileged material for the sole use of the intended recipient(s). A= ny review, use, distribution or disclosure by others is strictly prohibited= .=C2=A0 If you have received this communication in error, please notify the= sender immediately by e-mail and delete the message and any file attachmen= ts from your computer. Thank you. --0000000000008e873505b66cdd21-- From nobody Mon Dec 14 05:48:02 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9CCA43A0AD3 for ; Mon, 14 Dec 2020 05:48:01 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 0.162 X-Spam-Level: X-Spam-Status: No, score=0.162 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=momentumft.co.uk Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JsOCoE9UskSN for ; Mon, 14 Dec 2020 05:47:58 -0800 (PST) Received: from mail-lf1-x130.google.com (mail-lf1-x130.google.com [IPv6:2a00:1450:4864:20::130]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1FBB43A0AC8 for ; Mon, 14 Dec 2020 05:47:58 -0800 (PST) Received: by mail-lf1-x130.google.com with SMTP id o13so7005643lfr.3 for ; Mon, 14 Dec 2020 05:47:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=momentumft.co.uk; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=F9uMLVobB6FoGXi+DGTF1DYFd2YB64Bj3b6TeN6gUaA=; b=UEjF/GMV0mrvUhQTGgFxQqEU1Resc0pgKHMCuiyurZOAAyzbgZ/HZVrHxO78elOHOD Y3667IbzEdD4vYYBjzp3ATl/95yxXRP/k6is7TcbsDd/EjWLOMAAuVCRC1ZLAUgCRl2x 7EQlyO162IolQoyug+a+2U6Z6/MC5w5kelYlk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=F9uMLVobB6FoGXi+DGTF1DYFd2YB64Bj3b6TeN6gUaA=; b=ih0u1llKr9mG/Tgw0i7VxkqVYwx5IzOL+bnxg74DKf9dIHojXnL3KtZlu0MAgVfYDz uzeupQW6rMQFl2eTinMw9H/Ya6YEfVp/NQFiVxOARCmrquJJhQdlKpR3kI5gGhrpRZM/ /mtnvwNjL28/i8Qmp9nv2EyQMWa2Tiso3aUCx6ASUEOq8Kqf05xCtzsxBDPSXd/kUiAq ZGCM/meB1FxVtU0f0IIUSsBC+t5uAJIeyV3C2y3guRjg5dKuv1rsvBaPLwiQ/YmR9B9a ppI90ECa7w0AqJzDj72NnQVDJYBu7hb6aQoOQh29vjHsMPM4WnwRXn8OrTrrSHMO8lT4 6LZw== X-Gm-Message-State: AOAM533MUvhv4TQ126qcJhhymJc3LX4U8Hd0jH255oNPDLZ5E0Opo8AH LGqklpzdY5+pj0+MFw40NpoWRgRsifYVzdkSswb+/0A9M2mHQGYFWBBVTpJ6nDmokrI7Lah6ww1 fC0JsFbJkVacLVg== X-Google-Smtp-Source: ABdhPJwPgxlb4ct/LwUXgewwo0zAcvE/r+NzRl+K/05QyER1w0nUoPQGok7n9CsPdPcICKtMh3lDTWG1El2+7DI5Oxw= X-Received: by 2002:a19:4a52:: with SMTP id x79mr4818498lfa.481.1607953676004; Mon, 14 Dec 2020 05:47:56 -0800 (PST) MIME-Version: 1.0 References: <9a58bd66-e259-ebb9-1ed5-3f5075f44d97@connect2id.com> <8bf0dae0-54b8-3b33-87b2-634b40ac4a85@connect2id.com> In-Reply-To: From: Dave Tonge Date: Mon, 14 Dec 2020 14:47:44 +0100 Message-ID: To: Brian Campbell Cc: Vladimir Dzhuvinov , oauth Content-Type: multipart/alternative; boundary="000000000000ac88b105b66ce351" Archived-At: Subject: Re: [OAUTH-WG] PAR error for redirect URI? X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Dec 2020 13:48:02 -0000 --000000000000ac88b105b66ce351 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable I agree with the proposed text On Mon, 14 Dec 2020 at 14:46, Brian Campbell wrote: > Thanks Vladimir, that seems quite reasonable. Barring any objections, I'l= l > add that to a -04. > > On Mon, Dec 14, 2020 at 1:33 AM Vladimir Dzhuvinov < > vladimir@connect2id.com> wrote: > >> Hi Brian, >> >> I'd like to propose the sentence in bold to be inserted into the current >> section 2.3 of PAR -04: >> >> https://tools.ietf.org/html/draft-ietf-oauth-par-04#section-2.3 >> >> The authorization server returns an error response with the same format >> as is specified for error responses from the token endpoint in Section 5= .2 >> of [RFC6749] using the appropriate error code from therein or from Secti= on 4.1.2.1 >> of [RFC6749]. *In those cases where Section 4.1.2.1 of [RFC6749] >> prohibits automatic redirection with an error back to the requesting cli= ent >> and hence doesn=E2=80=99t define an error code, for example when the req= uest fails >> due to a missing, invalid, or mismatching redirection URI, the >> =E2=80=9Cinvalid_request=E2=80=9D error code can be used as the default = error code.* >> >> Hope with this we can close the case. >> >> Vladimir >> >> On 04/12/2020 18:08, Brian Campbell wrote: >> >> >> >> On Fri, Dec 4, 2020 at 12:30 AM Vladimir Dzhuvinov < >> vladimir@connect2id.com> wrote: >> >>> If people have articulated a need to have an invalid_redirect_uri error >>> for the PAR endpoint, then let's register it properly. Rifaat says ther= e's >>> still time to do this. >>> >> >> Following from the response I recently sent to Neil, I don't think a >> legitimate need has been articulated. >> https://mailarchive.ietf.org/arch/msg/oauth/gMiH1mTr0AKDvWpqO1zikcVUySY/ >> >> >>> I'm also okay with using the general invalid_request code for this. In >>> this case a sentence, next to the current example, spelling out what th= e >>> PAR endpoint must do on a invalid redirect URI will help. >>> >> I don't know that that's needed either. But do have some text to suggest >> that you think would be helpful? >> >> >> >>> Vladimir >>> On 03/12/2020 13:49, Rifaat Shekh-Yusef wrote: >>> >>> Torsten, Filip, >>> >>> You can absolutely make this change, as we are still very early in the >>> process. >>> So feel free to continue this effort and try to get WG agreement on >>> this, and update the document as needed. >>> >>> Regards, >>> Rifaat >>> >>> >>> On Thursday, December 3, 2020, Filip Skokan wrote: >>> >>>> To be clear, I'm not advocating to skip the registration, just wanted >>>> to mention a potential concern. If the process allows it and it will n= ot >>>> introduce more delay to publication, I think we should go ahead and >>>> register the error code. >>>> >>>> Best, >>>> *Filip* >>>> >>>> >>>> On Thu, 3 Dec 2020 at 11:06, Torsten Lodderstedt < >>>> torsten@lodderstedt.net> wrote: >>>> >>>>> >>>>> >>>>> > Am 03.12.2020 um 09:56 schrieb Filip Skokan : >>>>> > >>>>> > There are several documents already mentioning >>>>> "invalid_redirect_uri" as an error code, specifically RFC7519 and Ope= nID >>>>> Connect Dynamic Client Registration 1.0. But these don't register it = in the >>>>> IANA OAuth Extensions Error Registry, presumably because they're neit= her >>>>> for the authorization or token endpoints. >>>>> > >>>>> > While I think it'd be great if we had this error code registered, I >>>>> also worry that its registration could confuse implementers to think = it's >>>>> okay to return it from the authorization endpoint. >>>>> >>>>> I understand your concern. On the other hand, registering the error >>>>> code is in my opinion the proper way forward. The registration is sco= ped to >>>>> a usage location, should be pushed authorization endpoint then, and R= FC6749 >>>>> gives clear guidance on how to treat errors related to the redirect U= RI at >>>>> the authorization endpoint. >>>>> >>>>> "If the request fails due to a missing, invalid, or mismatching >>>>> redirection URI, =E2=80=A6 authorization server ... MUST NOT autom= atically >>>>> redirect the user-agent to the >>>>> invalid redirection URI." >>>>> >>>>> I think if an implementor ignores this, it will ignore any advise. >>>>> >>>>> best regards, >>>>> Torsten. >>>>> >>>>> > >>>>> > Best, >>>>> > Filip >>>>> > >>>>> > >>>>> > On Thu, 3 Dec 2020 at 00:29, Brian Campbell >>>> 40pingidentity.com@dmarc.ietf.org> wrote: >>>>> > During the course of a recent OIDF FAPI WG discussion (the FAPI >>>>> profiles use PAR for authz requests) on this issue it was noted that >>>>> there's no specific error code for problems with the redirect_uri (th= e >>>>> example in >>>>> https://www.ietf.org/archive/id/draft-ietf-oauth-par-04.html#section-= 2.3 >>>>> even shows a general error code with mention of the redirect_uri not = being >>>>> valid in the error description). Some folks on that call thought it w= ould >>>>> be worthwhile to have a more specific error code for an invalid >>>>> redirect_uri and I reluctantly took an action item to raise the issue= here. >>>>> At the time I'd forgotten that PAR had already passed WGLC. But it's = been >>>>> sitting idle while awaiting the shepherd writeup since mid September = so >>>>> it's maybe realistic to think the window for a small change is still = open. >>>>> > >>>>> > Presumably nothing like an "invalid_redirect_uri" error code was >>>>> defined in RFC 6749 because that class of errors could not be returne= d to >>>>> the client via redirection. But the data flow in PAR would allow for = a >>>>> "invalid_redirect_uri" so it's not an unreasonable thing to do. >>>>> > >>>>> > As I write this message, however, I'm not personally convinced that >>>>> it's worth making a change to PAR at this point. But I did say I'd br= ing >>>>> the question up in the WG list and I'm just trying to be true to my w= ord. >>>>> So here it is. Please weigh in, if you have opinions on the matter. >>>>> > >>>>> > >>>>> > >>>>> > CONFIDENTIALITY NOTICE: This email may contain confidential and >>>>> privileged material for the sole use of the intended recipient(s). An= y >>>>> review, use, distribution or disclosure by others is strictly prohibi= ted. >>>>> If you have received this communication in error, please notify the s= ender >>>>> immediately by e-mail and delete the message and any file attachments= from >>>>> your computer. Thank you.____________________________________________= ___ >>>>> > OAuth mailing list >>>>> > OAuth@ietf.org >>>>> > https://www.ietf.org/mailman/listinfo/oauth >>>>> > _______________________________________________ >>>>> > OAuth mailing list >>>>> > OAuth@ietf.org >>>>> > >>>>> https://www.google.com/url?q=3Dhttps://www.ietf.org/mailman/listinfo/= oauth&source=3Dgmail-imap&ust=3D1607590629000000&usg=3DAOvVaw3aW1gdv4EEiLmN= YzlsJj-A >>>>> >>>>> >>> >>> _______________________________________________ >>> OAuth mailing list >>> OAuth@ietf.org >>> https://www.ietf.org/mailman/listinfo/oauth >>> >> >> *CONFIDENTIALITY NOTICE: This email may contain confidential and >> privileged material for the sole use of the intended recipient(s). Any >> review, use, distribution or disclosure by others is strictly prohibited= . >> If you have received this communication in error, please notify the send= er >> immediately by e-mail and delete the message and any file attachments fr= om >> your computer. Thank you.* >> >> -- >> Vladimir Dzhuvinov >> >> > *CONFIDENTIALITY NOTICE: This email may contain confidential and > privileged material for the sole use of the intended recipient(s). Any > review, use, distribution or disclosure by others is strictly prohibited. > If you have received this communication in error, please notify the sende= r > immediately by e-mail and delete the message and any file attachments fro= m > your computer. Thank you.*_______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > --=20 Dave Tonge CTO [image: Moneyhub Enterprise] Moneyhub Financial Technology, 5th Floor, 10 Temple Back, Bristol, BS1 6FL t: +44 (0)117 280 5120 Moneyhub Enterprise is a trading style of Moneyhub Financial Technology Limited which is authorised and regulated by the Financial Conduct Authority ("FCA"). Moneyhub Financial Technology is entered on the Financial Services Register (FRN 809360) at fca.org.uk/register. Moneyhub Financial Technology is registered in England & Wales, company registration number 06909772 . Moneyhub Financial Technology Limited 2018 =C2=A9 DISCLAIMER: This email (including any attachments) is subject to copyright, and the information in it is confidential. Use of this email or of any information in it other than by the addressee is unauthorised and unlawful. Whilst reasonable efforts are made to ensure that any attachments are virus-free, it is the recipient's sole responsibility to scan all attachments for viruses. All calls and emails to and from this company may be monitored and recorded for legitimate purposes relating to this company's business. Any opinions expressed in this email (or in any attachments) are those of the author and do not necessarily represent the opinions of Moneyhub Financial Technology Limited or of any other group company. --=20 Moneyhub Enterprise is a trading style of Moneyhub Financial Technology=20 Limited which is authorised and regulated by the Financial Conduct=20 Authority ("FCA"). Moneyhub Financial Technology is entered on the=20 Financial Services Register (FRN 809360) at https://register.fca.org.uk/=20 . Moneyhub Financial Technology is registered= =20 in England & Wales, company registration number 06909772. Moneyhub=20 Financial Technology Limited 2020 =C2=A9 Moneyhub Enterprise, Regus Buildin= g,=20 Temple Quay, 1 Friary, Bristol, BS1 6EA.=C2=A0 DISCLAIMER: This email=20 (including any attachments) is subject to copyright, and the information in= =20 it is confidential. Use of this email or of any information in it other=20 than by the addressee is unauthorised and unlawful. Whilst reasonable=20 efforts are made to ensure that any attachments are virus-free, it is the= =20 recipient's sole responsibility to scan all attachments for viruses. All=20 calls and emails to and from this company may be monitored and recorded for= =20 legitimate purposes relating to this company's business. Any opinions=20 expressed in this email (or in any attachments) are those of the author and= =20 do not necessarily represent the opinions of Moneyhub Financial Technology= =20 Limited or of any other group company. --000000000000ac88b105b66ce351 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
    I agree with the proposed text

    On Mon, 14 Dec 2020 = at 14:46, Brian Campbell <bcampbell=3D40pingidentity.com@dmarc.ietf.org> wrote:
    Thanks= Vladimir, that seems quite reasonable. Barring any objections, I'll ad= d that to a -04.

    On Mon, Dec 14, 2020 at 1:33 AM Vladimir Dzhuvinov <= ;vladimir@conn= ect2id.com> wrote:
    =20 =20 =20

    Hi Brian,

    I'd like to propose the sentence in bold to be inserted into the= current section 2.3 of PAR -04:

    https://tools.ietf.org/html/draft-ietf-oauth-par-= 04#section-2.3

    The authorization server return= s an error response with the same format as is specified for error response= s from the token endpoint in Sect= ion=C2=A05.2 of [RFC6749] using the appropriate error code from ther= ein or from Section=C2=A04.1.2.1 = of [RFC6749]. In those cases where Section 4.1.2.1 of [RFC6749] p= rohibits automatic redirection with an error back to the requesting client = and hence doesn=E2=80=99t define an error code, for example when the reques= t fails due to a missing, invalid, or mismatching redirection URI, the =E2= =80=9Cinvalid_request=E2=80=9D error code can be used as the default error = code.

    Hope with this we can close the case.

    Vladimir

    On 04/12/2020 18:08, Brian Campbell wrote:
    =20


    On Fri, Dec 4, 2020 at 12:3= 0 AM Vladimir Dzhuvinov <vladimir@connect2id.com> wrote:

    If people have articulated a need to have an invalid_redir= ect_uri error for the PAR endpoint, then let's register it properly. Rifaat says there's still time to do this.


    Following from the response I recently sent to Neil, I don't think a legitimate need has been articulated. https://mailarchive.ietf.org/arch/msg/oauth/gMiH1mTr0A= KDvWpqO1zikcVUySY/
    =C2=A0

    I'm also okay with using the general invalid_request c= ode for this. In this case a sentence, next to the current example, spelling out what the PAR endpoint must do on a invalid redirect URI will help.

    I don't know that that's needed either. But do have = some text to suggest that you think would be helpful?

    =C2=A0

    Vladimir

    On 03/12/2020 13:49, Rifaat Shekh-Yusef wrote:
    Torsten, Filip,

    You can absolutely make this change, as we are still very early in the process.=C2=A0
    So feel free to continue this effort and try to get WG agreement on this, and update the document as needed.=C2=A0

    Regards,
    =C2=A0Rifaat


    On Thursday, December 3, 2020, Filip Skokan <panva.ip@gmail.com> wrote:
    To be clear, I'm not advocating to skip the registration, just wanted to mention a potential concern. If the process allows it and it will not introduce more delay to publication, I think we should go ahead and register the error code.

    Best,
    Filip


    On Thu, 3 Dec 2020 at 11:06, Torsten Lodderstedt <torsten@lodderstedt.net> wrote:

    > Am 03.12.2020 um 09:56 schrieb Filip Skokan <    panva.ip@gmail.com>:
    >
    > There are several documents already mentioning "invalid_redirect_uri" as an e= rror code, specifically RFC7519 and OpenID Connect Dynamic Client Registration 1.0. But these don'= t register it in the IANA OAuth Extensions Error Registry, presumably because they're neither fo= r the authorization or token endpoints.
    >
    > While I think it'd be great if we had this error code registered, I also worry that its registration could confuse implementers to think it's okay to return it from the authorization endpoint.

    I understand your concern. On the other hand, registering the error code is in my opinion the proper way forward. The registration is scoped to a usage location, should be pushed authorization endpoint then, and RFC6749 gives clear guidance on how to treat errors related to the redirect URI at the authorization endpoint.

    "If the request fails due to a missing, invali= d, or mismatching
    =C2=A0 =C2=A0redirection URI, =E2=80=A6 authorizati= on server ... MUST NOT automatically redirect the user-agent to the
    =C2=A0 =C2=A0invalid redirection URI."

    I think if an implementor ignores this, it will ignore any advise.

    best regards,
    Torsten.

    >
    > Best,
    > Filip
    >
    >
    > On Thu, 3 Dec 2020 at 00:29, Brian Campbell <bcampbell=3D40pingidentity.com@dmarc.ietf.org&g= t; wrote:
    > During the course of a recent OIDF FAPI WG discussion (the FAPI profiles use PAR for authz requests) on this issue it was noted that there's no specific error code for problems wit= h the redirect_uri (the example in https://www.ietf.org/archive/id/draft-ietf-oau= th-par-04.html#section-2.3 even shows a general error code with mention of the redirect_uri not being valid in the error description). Some folks on that call thought it would be worthwhile to have a more specific error code for an invalid redirect_uri and I reluctantly took an action item to raise the issue here. At the time I'd forgotten that PAR had already passed WGLC. But it's been sitting idle while awaiting the shepherd writeup since mid September so it's maybe realistic to think the window for a small change is still open.
    >
    > Presumably nothing like an "invalid_redirect_uri" error code was def= ined in RFC 6749 because that class of errors could not be returned to the client via redirection. But the data flow in PAR would allow for a "invalid_redirect_uri" so it's not an unreasonable thing to do.
    >
    > As I write this message, however, I'm not personally convinced that it's worth making a change to PAR at this point. But I did say I'd bring the question up in the WG list and I'm just trying to be true to my word. So here it is. Please weigh in, if you have opinions on the matter.
    >
    >
    >
    > CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.=C2=A0 If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you._______________________________________________=
    > OAuth mailing list
    > OAuth@ietf.org
    > https://www.ietf.org/mailman= /listinfo/oauth
    > _______________________________________________
    > OAuth mailing list
    > OAuth@ietf.org
    > https://www.google.com/url?q=3Dhttps://www.ietf.org/mailm= an/listinfo/oauth&source=3Dgmail-imap&ust=3D1607590629000000&us= g=3DAOvVaw3aW1gdv4EEiLmNYzlsJj-A



    _______________________________________________
    OAuth mailing list
    OAuth@ietf.= org
    https://www.ietf.org/mailman/listinfo/oauth

    CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.=C2=A0 If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you. 
    --=20
Vladimir Dzhuvinov

    <= span style=3D"margin:0px;padding:0px;border:0px;outline:0px;vertical-align:= baseline;background:transparent;font-family:proxima-nova-zendesk,system-ui,= -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ub= untu,Cantarell,"Helvetica Neue",Arial,sans-serif;font-weight:600"= >CONFIDENTIALITY NOTICE: This email may contain confidenti= al and privileged material for the sole use of the intended recipient(s). A= ny review, use, distribution or disclosure by others is strictly prohibited= .=C2=A0 If you have received this communication in error, please notify the= sender immediately by e-mail and delete the message and any file attachmen= ts from your computer. Thank you.________________________= _______________________
    OAuth mailing list
    OAuth@ietf.org
    https://www.ietf.org/mailman/listinfo/oauth


    --
    Da= ve Tonge
    CTO
    3D"Moneyhub
    Moneyhub Financial Technology, 5th Fl= oor, 10 Temple Back, Bristol, BS1 6FL
    t:=C2=A0+44 (0)117 280 512= 0

    Moneyhub = Enterprise is a trading style of Moneyhub Financial Technology Limited whic= h is authorised and regulated by the Financial Conduct Authority ("FCA= ").=C2=A0Moneyhub Financial Technology is entered on the Financial Ser= vices Register=C2=A0(FRN=C2=A0809360) at fca.= org.uk/register. Moneyhub=C2=A0Financial Technology is registered in England &= ; Wales, company registration number=C2=A0=C2=A006909772=C2=A0.<= /span>
    Moneyhub=C2=A0Financial Technology L= imited 2018=C2=A0=C2=A9<= /div>

    DISCLAIMER: This email (including any attachments) is subject to co= pyright, and the information in it is confidential. Use of this email or of= any information in it other than by the addressee is unauthorised and unla= wful. Whilst reasonable efforts are made to ensure that any attachments are= virus-free, it is the recipient's sole responsibility to scan all atta= chments for viruses. All calls and emails to and from this company may be m= onitored and recorded for legitimate purposes relating to this company'= s business. Any opinions expressed in this email (or in any attachments) ar= e those of the author and do not necessarily represent the opinions of Mone= yhub Financial Technology Limited or of any other group company.
    <= /div>

    Moneyhub Enterprise is a trading style of Moneyhub Financi= al Technology Limited which is authorised and regulated by the Financial Co= nduct Authority ("FCA"). Moneyhub Financial Technology is entered= on the Financial Services Register (FRN 809360) at https://register.fca.org.uk/. Moneyhub Financial Technology is registered in England & Wales,= company registration number 06909772. Moneyhub Financial Technology Limite= d 2020 =C2=A9 Moneyhub Enterprise, Regus Building, Temple Quay, 1 Friary, B= ristol, BS1 6EA.=C2=A0

    = DISCLAIMER: This email (including any attachments) is subjec= t to copyright, and the information in it is confidential. Use of this emai= l or of any information in it other than by the addressee is unauthorised a= nd unlawful. Whilst reasonable efforts are made to ensure that any attachme= nts are virus-free, it is the recipient's sole responsibility to scan a= ll attachments for viruses. All calls and emails to and from this company m= ay be monitored and recorded for legitimate purposes relating to this compa= ny's business. Any opinions expressed in this email (or in any attachme= nts) are those of the author and do not necessarily represent the opinions = of Moneyhub Financial Technology Limited or of any other group company.


    --000000000000ac88b105b66ce351-- From nobody Mon Dec 14 05:54:51 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 68D6A3A0AE5 for ; Mon, 14 Dec 2020 05:54:50 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.198 X-Spam-Level: X-Spam-Status: No, score=-0.198 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=pingidentity.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l59VVCT_OZxz for ; Mon, 14 Dec 2020 05:54:48 -0800 (PST) Received: from mail-lf1-x12e.google.com (mail-lf1-x12e.google.com [IPv6:2a00:1450:4864:20::12e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7E9463A0ADF for ; Mon, 14 Dec 2020 05:54:47 -0800 (PST) Received: by mail-lf1-x12e.google.com with SMTP id y19so30178608lfa.13 for ; Mon, 14 Dec 2020 05:54:47 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=GY5tc5DxruXCQhS7jXnsl5fQqWrWbKPCe4Z69Baij/I=; b=M40Lvb4s9kxq2IR/fvZRy78qUx3osowKNgyaYqyQtjRt8CCy6kwMjMosfEtmefua9a OX+Nj/0L4NbIsZbuaT8RRCEreVnk8hsh0C6O9RrQeCdeRuV0TOka3crkHNFiYDB0zlBA BHEoaFAAddHM+jHv07/zFL5Dxw2d4iJy3PEPDGNF1jvVyBV4la1WYlqoHLBurOBy1gua MDeAOuwNyJmztQMyZI/PWNkZgYPBGLGLzGNxh3dvImc5MFoxmm6vAsAWDByATHmU08op ycSBmCBlixlPWn2VxFiblGJf4I6dR3/LdavuE3m5/X8Vb0Q4R350K3YXYgk1vhi5HM0y yNkQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=GY5tc5DxruXCQhS7jXnsl5fQqWrWbKPCe4Z69Baij/I=; b=qMELH4OiZJVnCIL5s8ghwDMdHGnxSfDFsHqXewtlsHPYYZd5n/eG1bxUNYBf98zIjK lbATjBIbD5LxOkKtYf9BmaOY5dvJIOWlbLwog1fuyA3X1zm2O11H8JEy+tp40hKChRJl E/LnIVb2K3HMCdx8cpMdnSqhZ7JfcKoj0gGavfo/Th7bbIU2r8X/olQAb9kIk3Ngzsn4 GU9F8xqCPzpZoKJzGTT1RmFTZCrhcdreb2owAKh/JLxChkAqT/Z7h/b57x7FCOgAXFlJ 4rYeP74C+F6sl/fNly79ldftYW/cbuoQjExFXqe7J2lb9cUhrGWII634BCHtWz1AOR22 wvvw== X-Gm-Message-State: AOAM532uzAuaQb9EuT5bfqyACNtuu+2f23BI/0qfrNHPG/bFAZtDdl0t 3sIkQjGQaSLQ7K7sQp8lp9FE8Ogfb+kFHJlYINFyhWsnKhC9T57jEG6uQzlAJJCss4oicsQ2wjp fBxgw+Nzv6tsRDPyleLM= X-Google-Smtp-Source: ABdhPJyGZ2eKKToivNBr6mjwVFPCUhMMkYVUzuZ0gLKF+VL8pA1BWqUxZlThBXCi46idCih7YLuskCVwCzpjSn2b6K0= X-Received: by 2002:a05:6512:330d:: with SMTP id k13mr9391223lfe.173.1607954085386; Mon, 14 Dec 2020 05:54:45 -0800 (PST) MIME-Version: 1.0 References: <9a58bd66-e259-ebb9-1ed5-3f5075f44d97@connect2id.com> <8bf0dae0-54b8-3b33-87b2-634b40ac4a85@connect2id.com> In-Reply-To: From: Brian Campbell Date: Mon, 14 Dec 2020 06:54:18 -0700 Message-ID: To: Vladimir Dzhuvinov Cc: oauth Content-Type: multipart/alternative; boundary="000000000000133bef05b66cfc8f" Archived-At: Subject: Re: [OAUTH-WG] PAR error for redirect URI? X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Dec 2020 13:54:50 -0000 --000000000000133bef05b66cfc8f Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable er, I mean an -05 On Mon, Dec 14, 2020 at 6:45 AM Brian Campbell wrote: > Thanks Vladimir, that seems quite reasonable. Barring any objections, I'l= l > add that to a -04. > > On Mon, Dec 14, 2020 at 1:33 AM Vladimir Dzhuvinov < > vladimir@connect2id.com> wrote: > >> Hi Brian, >> >> I'd like to propose the sentence in bold to be inserted into the current >> section 2.3 of PAR -04: >> >> https://tools.ietf.org/html/draft-ietf-oauth-par-04#section-2.3 >> >> The authorization server returns an error response with the same format >> as is specified for error responses from the token endpoint in Section 5= .2 >> of [RFC6749] using the appropriate error code from therein or from Secti= on 4.1.2.1 >> of [RFC6749]. *In those cases where Section 4.1.2.1 of [RFC6749] >> prohibits automatic redirection with an error back to the requesting cli= ent >> and hence doesn=E2=80=99t define an error code, for example when the req= uest fails >> due to a missing, invalid, or mismatching redirection URI, the >> =E2=80=9Cinvalid_request=E2=80=9D error code can be used as the default = error code.* >> >> Hope with this we can close the case. >> >> Vladimir >> >> On 04/12/2020 18:08, Brian Campbell wrote: >> >> >> >> On Fri, Dec 4, 2020 at 12:30 AM Vladimir Dzhuvinov < >> vladimir@connect2id.com> wrote: >> >>> If people have articulated a need to have an invalid_redirect_uri error >>> for the PAR endpoint, then let's register it properly. Rifaat says ther= e's >>> still time to do this. >>> >> >> Following from the response I recently sent to Neil, I don't think a >> legitimate need has been articulated. >> https://mailarchive.ietf.org/arch/msg/oauth/gMiH1mTr0AKDvWpqO1zikcVUySY/ >> >> >>> I'm also okay with using the general invalid_request code for this. In >>> this case a sentence, next to the current example, spelling out what th= e >>> PAR endpoint must do on a invalid redirect URI will help. >>> >> I don't know that that's needed either. But do have some text to suggest >> that you think would be helpful? >> >> >> >>> Vladimir >>> On 03/12/2020 13:49, Rifaat Shekh-Yusef wrote: >>> >>> Torsten, Filip, >>> >>> You can absolutely make this change, as we are still very early in the >>> process. >>> So feel free to continue this effort and try to get WG agreement on >>> this, and update the document as needed. >>> >>> Regards, >>> Rifaat >>> >>> >>> On Thursday, December 3, 2020, Filip Skokan wrote: >>> >>>> To be clear, I'm not advocating to skip the registration, just wanted >>>> to mention a potential concern. If the process allows it and it will n= ot >>>> introduce more delay to publication, I think we should go ahead and >>>> register the error code. >>>> >>>> Best, >>>> *Filip* >>>> >>>> >>>> On Thu, 3 Dec 2020 at 11:06, Torsten Lodderstedt < >>>> torsten@lodderstedt.net> wrote: >>>> >>>>> >>>>> >>>>> > Am 03.12.2020 um 09:56 schrieb Filip Skokan : >>>>> > >>>>> > There are several documents already mentioning >>>>> "invalid_redirect_uri" as an error code, specifically RFC7519 and Ope= nID >>>>> Connect Dynamic Client Registration 1.0. But these don't register it = in the >>>>> IANA OAuth Extensions Error Registry, presumably because they're neit= her >>>>> for the authorization or token endpoints. >>>>> > >>>>> > While I think it'd be great if we had this error code registered, I >>>>> also worry that its registration could confuse implementers to think = it's >>>>> okay to return it from the authorization endpoint. >>>>> >>>>> I understand your concern. On the other hand, registering the error >>>>> code is in my opinion the proper way forward. The registration is sco= ped to >>>>> a usage location, should be pushed authorization endpoint then, and R= FC6749 >>>>> gives clear guidance on how to treat errors related to the redirect U= RI at >>>>> the authorization endpoint. >>>>> >>>>> "If the request fails due to a missing, invalid, or mismatching >>>>> redirection URI, =E2=80=A6 authorization server ... MUST NOT autom= atically >>>>> redirect the user-agent to the >>>>> invalid redirection URI." >>>>> >>>>> I think if an implementor ignores this, it will ignore any advise. >>>>> >>>>> best regards, >>>>> Torsten. >>>>> >>>>> > >>>>> > Best, >>>>> > Filip >>>>> > >>>>> > >>>>> > On Thu, 3 Dec 2020 at 00:29, Brian Campbell >>>> 40pingidentity.com@dmarc.ietf.org> wrote: >>>>> > During the course of a recent OIDF FAPI WG discussion (the FAPI >>>>> profiles use PAR for authz requests) on this issue it was noted that >>>>> there's no specific error code for problems with the redirect_uri (th= e >>>>> example in >>>>> https://www.ietf.org/archive/id/draft-ietf-oauth-par-04.html#section-= 2.3 >>>>> even shows a general error code with mention of the redirect_uri not = being >>>>> valid in the error description). Some folks on that call thought it w= ould >>>>> be worthwhile to have a more specific error code for an invalid >>>>> redirect_uri and I reluctantly took an action item to raise the issue= here. >>>>> At the time I'd forgotten that PAR had already passed WGLC. But it's = been >>>>> sitting idle while awaiting the shepherd writeup since mid September = so >>>>> it's maybe realistic to think the window for a small change is still = open. >>>>> > >>>>> > Presumably nothing like an "invalid_redirect_uri" error code was >>>>> defined in RFC 6749 because that class of errors could not be returne= d to >>>>> the client via redirection. But the data flow in PAR would allow for = a >>>>> "invalid_redirect_uri" so it's not an unreasonable thing to do. >>>>> > >>>>> > As I write this message, however, I'm not personally convinced that >>>>> it's worth making a change to PAR at this point. But I did say I'd br= ing >>>>> the question up in the WG list and I'm just trying to be true to my w= ord. >>>>> So here it is. Please weigh in, if you have opinions on the matter. >>>>> > >>>>> > >>>>> > >>>>> > CONFIDENTIALITY NOTICE: This email may contain confidential and >>>>> privileged material for the sole use of the intended recipient(s). An= y >>>>> review, use, distribution or disclosure by others is strictly prohibi= ted. >>>>> If you have received this communication in error, please notify the s= ender >>>>> immediately by e-mail and delete the message and any file attachments= from >>>>> your computer. Thank you.____________________________________________= ___ >>>>> > OAuth mailing list >>>>> > OAuth@ietf.org >>>>> > https://www.ietf.org/mailman/listinfo/oauth >>>>> > _______________________________________________ >>>>> > OAuth mailing list >>>>> > OAuth@ietf.org >>>>> > >>>>> https://www.google.com/url?q=3Dhttps://www.ietf.org/mailman/listinfo/= oauth&source=3Dgmail-imap&ust=3D1607590629000000&usg=3DAOvVaw3aW1gdv4EEiLmN= YzlsJj-A >>>>> >>>>> >>> >>> _______________________________________________ >>> OAuth mailing list >>> OAuth@ietf.org >>> https://www.ietf.org/mailman/listinfo/oauth >>> >> >> *CONFIDENTIALITY NOTICE: This email may contain confidential and >> privileged material for the sole use of the intended recipient(s). Any >> review, use, distribution or disclosure by others is strictly prohibited= . >> If you have received this communication in error, please notify the send= er >> immediately by e-mail and delete the message and any file attachments fr= om >> your computer. Thank you.* >> >> -- >> Vladimir Dzhuvinov >> >> --=20 _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged= =20 material for the sole use of the intended recipient(s). Any review, use,=20 distribution or disclosure by others is strictly prohibited.=C2=A0 If you h= ave=20 received this communication in error, please notify the sender immediately= =20 by e-mail and delete the message and any file attachments from your=20 computer. Thank you._ --000000000000133bef05b66cfc8f Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
    er, I mean an -05

    On Mon, Dec 14, 2020 at 6:45 AM Bria= n Campbell <bcampbell@pingidentity.com> wrote:
    Thanks Vladimir, that seems = quite reasonable. Barring any objections, I'll add that to a -04.
    <= /div>
    O= n Mon, Dec 14, 2020 at 1:33 AM Vladimir Dzhuvinov <vladimir@connect2id.com> wro= te:
    =20 =20 =20

    Hi Brian,

    I'd like to propose the sentence in bold to be inserted into the= current section 2.3 of PAR -04:

    https://tools.ietf.org/html/draft-ietf-oauth-par-= 04#section-2.3

    The authorization server return= s an error response with the same format as is specified for error response= s from the token endpoint in Sect= ion=C2=A05.2 of [RFC6749] using the appropriate error code from ther= ein or from Section=C2=A04.1.2.1 = of [RFC6749]. In those cases where Section 4.1.2.1 of [RFC6749] p= rohibits automatic redirection with an error back to the requesting client = and hence doesn=E2=80=99t define an error code, for example when the reques= t fails due to a missing, invalid, or mismatching redirection URI, the =E2= =80=9Cinvalid_request=E2=80=9D error code can be used as the default error = code.

    Hope with this we can close the case.

    Vladimir

    On 04/12/2020 18:08, Brian Campbell wrote:
    =20


    On Fri, Dec 4, 2020 at 12:3= 0 AM Vladimir Dzhuvinov <vladimir@connect2id.com> wrote:

    If people have articulated a need to have an invalid_redir= ect_uri error for the PAR endpoint, then let's register it properly. Rifaat says there's still time to do this.


    Following from the response I recently sent to Neil, I don't think a legitimate need has been articulated. https://mailarchive.ietf.org/arch/msg/oauth/gMiH1mTr0A= KDvWpqO1zikcVUySY/
    =C2=A0

    I'm also okay with using the general invalid_request c= ode for this. In this case a sentence, next to the current example, spelling out what the PAR endpoint must do on a invalid redirect URI will help.

    I don't know that that's needed either. But do have = some text to suggest that you think would be helpful?

    =C2=A0

    Vladimir

    On 03/12/2020 13:49, Rifaat Shekh-Yusef wrote:
    Torsten, Filip,

    You can absolutely make this change, as we are still very early in the process.=C2=A0
    So feel free to continue this effort and try to get WG agreement on this, and update the document as needed.=C2=A0

    Regards,
    =C2=A0Rifaat


    On Thursday, December 3, 2020, Filip Skokan <panva.ip@gmail.com> wrote:
    To be clear, I'm not advocating to skip the registration, just wanted to mention a potential concern. If the process allows it and it will not introduce more delay to publication, I think we should go ahead and register the error code.

    Best,
    Filip


    On Thu, 3 Dec 2020 at 11:06, Torsten Lodderstedt <torsten@lodderstedt.net> wrote:

    > Am 03.12.2020 um 09:56 schrieb Filip Skokan <    panva.ip@gmail.com>:
    >
    > There are several documents already mentioning "invalid_redirect_uri" as an e= rror code, specifically RFC7519 and OpenID Connect Dynamic Client Registration 1.0. But these don'= t register it in the IANA OAuth Extensions Error Registry, presumably because they're neither fo= r the authorization or token endpoints.
    >
    > While I think it'd be great if we had this error code registered, I also worry that its registration could confuse implementers to think it's okay to return it from the authorization endpoint.

    I understand your concern. On the other hand, registering the error code is in my opinion the proper way forward. The registration is scoped to a usage location, should be pushed authorization endpoint then, and RFC6749 gives clear guidance on how to treat errors related to the redirect URI at the authorization endpoint.

    "If the request fails due to a missing, invali= d, or mismatching
    =C2=A0 =C2=A0redirection URI, =E2=80=A6 authorizati= on server ... MUST NOT automatically redirect the user-agent to the
    =C2=A0 =C2=A0invalid redirection URI."

    I think if an implementor ignores this, it will ignore any advise.

    best regards,
    Torsten.

    >
    > Best,
    > Filip
    >
    >
    > On Thu, 3 Dec 2020 at 00:29, Brian Campbell <bcampbell=3D40pingidentity.com@dmarc.ietf.org&g= t; wrote:
    > During the course of a recent OIDF FAPI WG discussion (the FAPI profiles use PAR for authz requests) on this issue it was noted that there's no specific error code for problems wit= h the redirect_uri (the example in https://www.ietf.org/archive/id/draft-ietf-oau= th-par-04.html#section-2.3 even shows a general error code with mention of the redirect_uri not being valid in the error description). Some folks on that call thought it would be worthwhile to have a more specific error code for an invalid redirect_uri and I reluctantly took an action item to raise the issue here. At the time I'd forgotten that PAR had already passed WGLC. But it's been sitting idle while awaiting the shepherd writeup since mid September so it's maybe realistic to think the window for a small change is still open.
    >
    > Presumably nothing like an "invalid_redirect_uri" error code was def= ined in RFC 6749 because that class of errors could not be returned to the client via redirection. But the data flow in PAR would allow for a "invalid_redirect_uri" so it's not an unreasonable thing to do.
    >
    > As I write this message, however, I'm not personally convinced that it's worth making a change to PAR at this point. But I did say I'd bring the question up in the WG list and I'm just trying to be true to my word. So here it is. Please weigh in, if you have opinions on the matter.
    >
    >
    >
    > CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.=C2=A0 If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you._______________________________________________=
    > OAuth mailing list
    > OAuth@ietf.org
    > https://www.ietf.org/mailman= /listinfo/oauth
    > _______________________________________________
    > OAuth mailing list
    > OAuth@ietf.org
    > https://www.google.com/url?q=3Dhttps://www.ietf.org/mailm= an/listinfo/oauth&source=3Dgmail-imap&ust=3D1607590629000000&us= g=3DAOvVaw3aW1gdv4EEiLmNYzlsJj-A



    _______________________________________________
    OAuth mailing list
    OAuth@ietf.= org
    https://www.ietf.org/mailman/listinfo/oauth

    CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.=C2=A0 If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you. 
    --=20
Vladimir Dzhuvinov

    <= span style=3D"margin:0px;padding:0px;border:0px;outline:0px;vertical-align:= baseline;background:transparent;font-family:proxima-nova-zendesk,system-ui,= -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ub= untu,Cantarell,"Helvetica Neue",Arial,sans-serif;font-weight:600"= >CONFIDENTIALITY NOTICE: This email may contain confidenti= al and privileged material for the sole use of the intended recipient(s). A= ny review, use, distribution or disclosure by others is strictly prohibited= .=C2=A0 If you have received this communication in error, please notify the= sender immediately by e-mail and delete the message and any file attachmen= ts from your computer. Thank you. --000000000000133bef05b66cfc8f-- From nobody Mon Dec 14 07:42:07 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4E1043A0F13 for ; Mon, 14 Dec 2020 07:42:05 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.199 X-Spam-Level: X-Spam-Status: No, score=-0.199 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lodderstedt.net Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id osH_PnOSo0Jv for ; Mon, 14 Dec 2020 07:42:03 -0800 (PST) Received: from mail-wr1-x432.google.com (mail-wr1-x432.google.com [IPv6:2a00:1450:4864:20::432]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 32BCD3A0EF5 for ; Mon, 14 Dec 2020 07:41:19 -0800 (PST) Received: by mail-wr1-x432.google.com with SMTP id w5so13147183wrm.11 for ; Mon, 14 Dec 2020 07:41:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lodderstedt.net; s=google; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=oAdhlyay2ge7QYMLQGx+xAym6RRw5iy4B5S0dlRH5wI=; b=DoTfajz90MVVxjW0CKBK5UQSe1fCPkXca91xiCuVdTnlFW4EGorhRMKuvUOaODoH0a KR6Xh0NJdqYqU9N0tkAhuduTIkqk2DHtznGu85yzx2F8htpU7kMXy9tV/vMHzhP1CgGt OZPTQIIDqxjiPXcCEbUT8PZIhGLUBtqFZG2+7lZAmLI8flAUwjJ0P5ckfKTtzdKxSkPT a887Qm2XL2Ub2f+9belu0SR2YABBgzhpGMoPEqipAIEJrcb8xarb96DhOA9DgdmcNLAT DTUWcKqdmQg9L72mEgpGNnv9IIL4SnFIvBqX0Uvciz5FEIofUs6w8EvvTigmzURIis4H ZNeg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=oAdhlyay2ge7QYMLQGx+xAym6RRw5iy4B5S0dlRH5wI=; b=JO4wHYahtBzSCS5OZi4HpS7LFqZns5F+yUsRKuCZ5DL2yoir1p1UG+C9NALBCLLa18 yQCGqqV2a7Kkq9pD078ayXScKtPl0v7UhABMrHyrTn+GeDkMrpRNMq6q9E7E0XXkcDZL d6NcMFGQLCcTJc2rOJvuAFOP8RWZ/t5xlueA6WSIwDQANL11i20ci2vP4J7REk1O3dOL wbiG2cQBUBsc2uiQpLmFBWc5CWc+24K81ucRRWPIuab9G5zfjSJeDy/YkSX7/LG4aRdf twzGoxFCk4bj3PoZBFLnr+nVCkRQxQsmJEn2Mu2snI2dBzAWu+5vBHCkoGZ7Q5eLvC20 mBRA== X-Gm-Message-State: AOAM532xBCehNoVWqbMy0RLPC1TtT8A4Y95hFab6/uzdZA6ZJCYR3xb6 kYX2P+6QvcnSw0uWh5E8ig4p0A== X-Google-Smtp-Source: ABdhPJyUw45qqdwaZhcPvFVcwFzlhKspPg9pLZIWxk7ipEmJAdtF1SXLiO3Yi93MeaZ52WOiTui1Qw== X-Received: by 2002:adf:e547:: with SMTP id z7mr28811324wrm.283.1607960477368; Mon, 14 Dec 2020 07:41:17 -0800 (PST) Received: from p200300eb8f1bfa8c2d051919c65c81dd.dip0.t-ipconnect.de (p200300eb8f1bfa8c2d051919c65c81dd.dip0.t-ipconnect.de. [2003:eb:8f1b:fa8c:2d05:1919:c65c:81dd]) by smtp.gmail.com with ESMTPSA id a65sm30052825wmc.35.2020.12.14.07.41.16 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 14 Dec 2020 07:41:16 -0800 (PST) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.20.0.2.21\)) From: Torsten Lodderstedt In-Reply-To: Date: Mon, 14 Dec 2020 16:41:15 +0100 Cc: Vladimir Dzhuvinov , oauth Content-Transfer-Encoding: quoted-printable Message-Id: References: <9a58bd66-e259-ebb9-1ed5-3f5075f44d97@connect2id.com> <8bf0dae0-54b8-3b33-87b2-634b40ac4a85@connect2id.com> To: Brian Campbell X-Mailer: Apple Mail (2.3654.20.0.2.21) Archived-At: Subject: Re: [OAUTH-WG] PAR error for redirect URI? X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Dec 2020 15:42:05 -0000 +1 for following Vladimir=E2=80=99s proposal > Am 14.12.2020 um 14:54 schrieb Brian Campbell = : >=20 > er, I mean an -05=20 >=20 > On Mon, Dec 14, 2020 at 6:45 AM Brian Campbell = wrote: > Thanks Vladimir, that seems quite reasonable. Barring any objections, = I'll add that to a -04.=20 >=20 > On Mon, Dec 14, 2020 at 1:33 AM Vladimir Dzhuvinov = wrote: > Hi Brian, >=20 > I'd like to propose the sentence in bold to be inserted into the = current section 2.3 of PAR -04: >=20 > https://tools.ietf.org/html/draft-ietf-oauth-par-04#section-2.3 >=20 > The authorization server returns an error response with the same = format as is specified for error responses from the token endpoint in = Section 5.2 of [RFC6749] using the appropriate error code from therein = or from Section 4.1.2.1 of [RFC6749]. In those cases where Section = 4.1.2.1 of [RFC6749] prohibits automatic redirection with an error back = to the requesting client and hence doesn=E2=80=99t define an error code, = for example when the request fails due to a missing, invalid, or = mismatching redirection URI, the =E2=80=9Cinvalid_request=E2=80=9D error = code can be used as the default error code. >=20 > Hope with this we can close the case. >=20 > Vladimir >=20 >=20 > On 04/12/2020 18:08, Brian Campbell wrote: >>=20 >>=20 >> On Fri, Dec 4, 2020 at 12:30 AM Vladimir Dzhuvinov = wrote: >> If people have articulated a need to have an invalid_redirect_uri = error for the PAR endpoint, then let's register it properly. Rifaat says = there's still time to do this. >>=20 >>=20 >> Following from the response I recently sent to Neil, I don't think a = legitimate need has been articulated. = https://mailarchive.ietf.org/arch/msg/oauth/gMiH1mTr0AKDvWpqO1zikcVUySY/ >> =20 >> I'm also okay with using the general invalid_request code for this. = In this case a sentence, next to the current example, spelling out what = the PAR endpoint must do on a invalid redirect URI will help. >>=20 >> I don't know that that's needed either. But do have some text to = suggest that you think would be helpful?=20 >>=20 >> =20 >>=20 >> Vladimir >>=20 >> On 03/12/2020 13:49, Rifaat Shekh-Yusef wrote: >>> Torsten, Filip, >>>=20 >>> You can absolutely make this change, as we are still very early in = the process.=20 >>> So feel free to continue this effort and try to get WG agreement on = this, and update the document as needed.=20 >>>=20 >>> Regards, >>> Rifaat >>>=20 >>>=20 >>> On Thursday, December 3, 2020, Filip Skokan = wrote: >>> To be clear, I'm not advocating to skip the registration, just = wanted to mention a potential concern. If the process allows it and it = will not introduce more delay to publication, I think we should go ahead = and register the error code. >>>=20 >>> Best, >>> Filip >>>=20 >>>=20 >>> On Thu, 3 Dec 2020 at 11:06, Torsten Lodderstedt = wrote: >>>=20 >>>=20 >>> > Am 03.12.2020 um 09:56 schrieb Filip Skokan : >>> >=20 >>> > There are several documents already mentioning = "invalid_redirect_uri" as an error code, specifically RFC7519 and OpenID = Connect Dynamic Client Registration 1.0. But these don't register it in = the IANA OAuth Extensions Error Registry, presumably because they're = neither for the authorization or token endpoints. >>> >=20 >>> > While I think it'd be great if we had this error code registered, = I also worry that its registration could confuse implementers to think = it's okay to return it from the authorization endpoint. >>>=20 >>> I understand your concern. On the other hand, registering the error = code is in my opinion the proper way forward. The registration is scoped = to a usage location, should be pushed authorization endpoint then, and = RFC6749 gives clear guidance on how to treat errors related to the = redirect URI at the authorization endpoint.=20 >>>=20 >>> "If the request fails due to a missing, invalid, or mismatching >>> redirection URI, =E2=80=A6 authorization server ... MUST NOT = automatically redirect the user-agent to the >>> invalid redirection URI." >>>=20 >>> I think if an implementor ignores this, it will ignore any advise. >>>=20 >>> best regards, >>> Torsten.=20 >>>=20 >>> >=20 >>> > Best, >>> > Filip >>> >=20 >>> >=20 >>> > On Thu, 3 Dec 2020 at 00:29, Brian Campbell = wrote: >>> > During the course of a recent OIDF FAPI WG discussion (the FAPI = profiles use PAR for authz requests) on this issue it was noted that = there's no specific error code for problems with the redirect_uri (the = example in = https://www.ietf.org/archive/id/draft-ietf-oauth-par-04.html#section-2.3 = even shows a general error code with mention of the redirect_uri not = being valid in the error description). Some folks on that call thought = it would be worthwhile to have a more specific error code for an invalid = redirect_uri and I reluctantly took an action item to raise the issue = here. At the time I'd forgotten that PAR had already passed WGLC. But = it's been sitting idle while awaiting the shepherd writeup since mid = September so it's maybe realistic to think the window for a small change = is still open. >>> >=20 >>> > Presumably nothing like an "invalid_redirect_uri" error code was = defined in RFC 6749 because that class of errors could not be returned = to the client via redirection. But the data flow in PAR would allow for = a "invalid_redirect_uri" so it's not an unreasonable thing to do.=20 >>> >=20 >>> > As I write this message, however, I'm not personally convinced = that it's worth making a change to PAR at this point. But I did say I'd = bring the question up in the WG list and I'm just trying to be true to = my word. So here it is. Please weigh in, if you have opinions on the = matter.=20 >>> >=20 >>> >=20 >>> >=20 >>> > CONFIDENTIALITY NOTICE: This email may contain confidential and = privileged material for the sole use of the intended recipient(s). Any = review, use, distribution or disclosure by others is strictly = prohibited. If you have received this communication in error, please = notify the sender immediately by e-mail and delete the message and any = file attachments from your computer. Thank = you._______________________________________________ >>> > OAuth mailing list >>> > OAuth@ietf.org >>> > https://www.ietf.org/mailman/listinfo/oauth >>> > _______________________________________________ >>> > OAuth mailing list >>> > OAuth@ietf.org >>> > = https://www.google.com/url?q=3Dhttps://www.ietf.org/mailman/listinfo/oauth= &source=3Dgmail-imap&ust=3D1607590629000000&usg=3DAOvVaw3aW1gdv4EEiLmNYzls= Jj-A >>>=20 >>>=20 >>=20 >>=20 >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth >>=20 >> CONFIDENTIALITY NOTICE: This email may contain confidential and = privileged material for the sole use of the intended recipient(s). Any = review, use, distribution or disclosure by others is strictly = prohibited. If you have received this communication in error, please = notify the sender immediately by e-mail and delete the message and any = file attachments from your computer. Thank you. > --=20 > Vladimir Dzhuvinov >=20 >=20 > CONFIDENTIALITY NOTICE: This email may contain confidential and = privileged material for the sole use of the intended recipient(s). Any = review, use, distribution or disclosure by others is strictly = prohibited. If you have received this communication in error, please = notify the sender immediately by e-mail and delete the message and any = file attachments from your computer. Thank = you._______________________________________________ > OAuth mailing list > OAuth@ietf.org > = https://www.google.com/url?q=3Dhttps://www.ietf.org/mailman/listinfo/oauth= &source=3Dgmail-imap&ust=3D1608558896000000&usg=3DAOvVaw1OfSvPLJHvFwCsMayd= 7e4U From nobody Mon Dec 14 08:33:55 2020 Return-Path: X-Original-To: oauth@ietf.org Delivered-To: oauth@ietfa.amsl.com Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 02CC63A152B; Mon, 14 Dec 2020 08:33:54 -0800 (PST) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit From: internet-drafts@ietf.org To: Cc: oauth@ietf.org X-Test-IDTracker: no X-IETF-IDTracker: 7.23.0 Auto-Submitted: auto-generated Precedence: bulk Reply-To: oauth@ietf.org Message-ID: <160796363391.22959.14232333750537081026@ietfa.amsl.com> Date: Mon, 14 Dec 2020 08:33:53 -0800 Archived-At: Subject: [OAUTH-WG] I-D Action: draft-ietf-oauth-par-05.txt X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Dec 2020 16:33:54 -0000 A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Web Authorization Protocol WG of the IETF. Title : OAuth 2.0 Pushed Authorization Requests Authors : Torsten Lodderstedt Brian Campbell Nat Sakimura Dave Tonge Filip Skokan Filename : draft-ietf-oauth-par-05.txt Pages : 22 Date : 2020-12-14 Abstract: This document defines the pushed authorization request endpoint, which allows clients to push the payload of an OAuth 2.0 authorization request to the authorization server via a direct request and provides them with a request URI that is used as reference to the data in a subsequent call to the authorization endpoint. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-oauth-par/ There is also an HTML version available at: https://www.ietf.org/archive/id/draft-ietf-oauth-par-05.html A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-ietf-oauth-par-05 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ From nobody Mon Dec 14 08:39:34 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B757B3A157C for ; Mon, 14 Dec 2020 08:39:32 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.198 X-Spam-Level: X-Spam-Status: No, score=-0.198 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=pingidentity.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JZiy29DP2rRV for ; Mon, 14 Dec 2020 08:39:30 -0800 (PST) Received: from mail-lf1-x12f.google.com (mail-lf1-x12f.google.com [IPv6:2a00:1450:4864:20::12f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 20D593A157B for ; Mon, 14 Dec 2020 08:39:30 -0800 (PST) Received: by mail-lf1-x12f.google.com with SMTP id a12so31730039lfl.6 for ; Mon, 14 Dec 2020 08:39:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=sukaVmjPNo4dyhJQ3xBaa6KOif9lsO9Jq8CAOIFXxN0=; b=US53/YTn/yRgEdVpb7kejd90yLkBIkvay7C3uluSZqWuJ41YeZ08lJNLjhJ/v+jDCm rBiIXnlurr19vyAVRP+POTnRenoMHlxS/Veq83/t1fQbXiraHG+/khpG+mrPAXnjiPuc pNXJ0wbLsRIWE5Zj8jywVb8ri40dLqIVb3UmqUAoEKCDFCNHLIN4Tl+wMBEnG7V5eBwH EnBiVdC4EVGbjc3eSW2ZtNMZpo+arvhe069sIUBjLwPwK+QpsparHBdJJbRIf1X2IE4Y zTfXh9l6TBNnuaEiuwAtShrLXdmgSVIzjE6EXhfrgv8zTDikw5Y6E4p3syt+EpsoL+0o +o6Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=sukaVmjPNo4dyhJQ3xBaa6KOif9lsO9Jq8CAOIFXxN0=; b=sn2asUJtfSqUvpWi4ezaeZcdjdvPWm2Ppjj2qB71dWJwPBpBrJDdBFyeKcJ2t14uQB PVS0OwJuB2Zhs0L385Ogsl/DV4hZlUAF2C/sK2Bj1GbvCzppYQzZOmT75Psf/s9YCpph cpyNhVIsoAxfYTZgmdPVMBwwgcLXZS7Zx/Qz3Ozkh9s9PFQg8udJSbydx9w9xbAo8bZg tOVHMFE/WluNNHjrV7y8oMR+SF4W2x75PlAHYCZxcBL8wO0qFbvZKwIK4G4MMA6xe6P4 ptx84htFbpAwvtiNEVmguMS7QM+Qn87WSgL1vGidhQQB07l9lK+AKYD1GgYGnHa++Zmu z1lQ== X-Gm-Message-State: AOAM532bkTEklSfOvYgY/eJIDCIcnbhSzSVZuiFij6+ClRhqJjxeLtbe 6Uus7U11GDaUoRCCGbe5M7RuPwjjdwpuUThOMTeo1MfWeZccTrbVD2UfSKslNZ8bVWeoIQ5AQtD S+0cCyzDzlMUHOg== X-Google-Smtp-Source: ABdhPJyYVa61ROoyJrX7H4ZwZq4w+iuHPaPqy20GTwnxzhtZG4NOPuzy1wFJHHhSnPjYYHNCPfX2FS7H+9t80JE93/Y= X-Received: by 2002:a19:346:: with SMTP id 67mr5209252lfd.574.1607963967567; Mon, 14 Dec 2020 08:39:27 -0800 (PST) MIME-Version: 1.0 References: <9a58bd66-e259-ebb9-1ed5-3f5075f44d97@connect2id.com> <8bf0dae0-54b8-3b33-87b2-634b40ac4a85@connect2id.com> In-Reply-To: From: Brian Campbell Date: Mon, 14 Dec 2020 09:39:01 -0700 Message-ID: To: Torsten Lodderstedt Cc: Vladimir Dzhuvinov , oauth Content-Type: multipart/alternative; boundary="00000000000019520205b66f491a" Archived-At: Subject: Re: [OAUTH-WG] PAR error for redirect URI? X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Dec 2020 16:39:33 -0000 --00000000000019520205b66f491a Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable And that's done: https://mailarchive.ietf.org/arch/msg/oauth/W0eq4HUiiLVS5F5qyXXY6Gdw7vs/ On Mon, Dec 14, 2020 at 8:42 AM Torsten Lodderstedt wrote: > +1 for following Vladimir=E2=80=99s proposal > > > Am 14.12.2020 um 14:54 schrieb Brian Campbell 40pingidentity.com@dmarc.ietf.org>: > > > > er, I mean an -05 > > > > On Mon, Dec 14, 2020 at 6:45 AM Brian Campbell < > bcampbell@pingidentity.com> wrote: > > Thanks Vladimir, that seems quite reasonable. Barring any objections, > I'll add that to a -04. > > > > On Mon, Dec 14, 2020 at 1:33 AM Vladimir Dzhuvinov < > vladimir@connect2id.com> wrote: > > Hi Brian, > > > > I'd like to propose the sentence in bold to be inserted into the curren= t > section 2.3 of PAR -04: > > > > https://tools.ietf.org/html/draft-ietf-oauth-par-04#section-2.3 > > > > The authorization server returns an error response with the same format > as is specified for error responses from the token endpoint in Section 5.= 2 > of [RFC6749] using the appropriate error code from therein or from Sectio= n > 4.1.2.1 of [RFC6749]. In those cases where Section 4.1.2.1 of [RFC6749] > prohibits automatic redirection with an error back to the requesting clie= nt > and hence doesn=E2=80=99t define an error code, for example when the requ= est fails > due to a missing, invalid, or mismatching redirection URI, the > =E2=80=9Cinvalid_request=E2=80=9D error code can be used as the default e= rror code. > > > > Hope with this we can close the case. > > > > Vladimir > > > > > > On 04/12/2020 18:08, Brian Campbell wrote: > >> > >> > >> On Fri, Dec 4, 2020 at 12:30 AM Vladimir Dzhuvinov < > vladimir@connect2id.com> wrote: > >> If people have articulated a need to have an invalid_redirect_uri erro= r > for the PAR endpoint, then let's register it properly. Rifaat says there'= s > still time to do this. > >> > >> > >> Following from the response I recently sent to Neil, I don't think a > legitimate need has been articulated. > https://mailarchive.ietf.org/arch/msg/oauth/gMiH1mTr0AKDvWpqO1zikcVUySY/ > >> > >> I'm also okay with using the general invalid_request code for this. In > this case a sentence, next to the current example, spelling out what the > PAR endpoint must do on a invalid redirect URI will help. > >> > >> I don't know that that's needed either. But do have some text to > suggest that you think would be helpful? > >> > >> > >> > >> Vladimir > >> > >> On 03/12/2020 13:49, Rifaat Shekh-Yusef wrote: > >>> Torsten, Filip, > >>> > >>> You can absolutely make this change, as we are still very early in th= e > process. > >>> So feel free to continue this effort and try to get WG agreement on > this, and update the document as needed. > >>> > >>> Regards, > >>> Rifaat > >>> > >>> > >>> On Thursday, December 3, 2020, Filip Skokan > wrote: > >>> To be clear, I'm not advocating to skip the registration, just wanted > to mention a potential concern. If the process allows it and it will not > introduce more delay to publication, I think we should go ahead and > register the error code. > >>> > >>> Best, > >>> Filip > >>> > >>> > >>> On Thu, 3 Dec 2020 at 11:06, Torsten Lodderstedt < > torsten@lodderstedt.net> wrote: > >>> > >>> > >>> > Am 03.12.2020 um 09:56 schrieb Filip Skokan : > >>> > > >>> > There are several documents already mentioning > "invalid_redirect_uri" as an error code, specifically RFC7519 and OpenID > Connect Dynamic Client Registration 1.0. But these don't register it in t= he > IANA OAuth Extensions Error Registry, presumably because they're neither > for the authorization or token endpoints. > >>> > > >>> > While I think it'd be great if we had this error code registered, I > also worry that its registration could confuse implementers to think it's > okay to return it from the authorization endpoint. > >>> > >>> I understand your concern. On the other hand, registering the error > code is in my opinion the proper way forward. The registration is scoped = to > a usage location, should be pushed authorization endpoint then, and RFC67= 49 > gives clear guidance on how to treat errors related to the redirect URI a= t > the authorization endpoint. > >>> > >>> "If the request fails due to a missing, invalid, or mismatching > >>> redirection URI, =E2=80=A6 authorization server ... MUST NOT autom= atically > redirect the user-agent to the > >>> invalid redirection URI." > >>> > >>> I think if an implementor ignores this, it will ignore any advise. > >>> > >>> best regards, > >>> Torsten. > >>> > >>> > > >>> > Best, > >>> > Filip > >>> > > >>> > > >>> > On Thu, 3 Dec 2020 at 00:29, Brian Campbell 40pingidentity.com@dmarc.ietf.org> wrote: > >>> > During the course of a recent OIDF FAPI WG discussion (the FAPI > profiles use PAR for authz requests) on this issue it was noted that > there's no specific error code for problems with the redirect_uri (the > example in > https://www.ietf.org/archive/id/draft-ietf-oauth-par-04.html#section-2.3 > even shows a general error code with mention of the redirect_uri not bein= g > valid in the error description). Some folks on that call thought it would > be worthwhile to have a more specific error code for an invalid > redirect_uri and I reluctantly took an action item to raise the issue her= e. > At the time I'd forgotten that PAR had already passed WGLC. But it's been > sitting idle while awaiting the shepherd writeup since mid September so > it's maybe realistic to think the window for a small change is still open= . > >>> > > >>> > Presumably nothing like an "invalid_redirect_uri" error code was > defined in RFC 6749 because that class of errors could not be returned to > the client via redirection. But the data flow in PAR would allow for a > "invalid_redirect_uri" so it's not an unreasonable thing to do. > >>> > > >>> > As I write this message, however, I'm not personally convinced that > it's worth making a change to PAR at this point. But I did say I'd bring > the question up in the WG list and I'm just trying to be true to my word. > So here it is. Please weigh in, if you have opinions on the matter. > >>> > > >>> > > >>> > > >>> > CONFIDENTIALITY NOTICE: This email may contain confidential and > privileged material for the sole use of the intended recipient(s). Any > review, use, distribution or disclosure by others is strictly prohibited. > If you have received this communication in error, please notify the sende= r > immediately by e-mail and delete the message and any file attachments fro= m > your computer. Thank you._______________________________________________ > >>> > OAuth mailing list > >>> > OAuth@ietf.org > >>> > https://www.ietf.org/mailman/listinfo/oauth > >>> > _______________________________________________ > >>> > OAuth mailing list > >>> > OAuth@ietf.org > >>> > > https://www.google.com/url?q=3Dhttps://www.ietf.org/mailman/listinfo/oaut= h&source=3Dgmail-imap&ust=3D1607590629000000&usg=3DAOvVaw3aW1gdv4EEiLmNYzls= Jj-A > >>> > >>> > >> > >> > >> _______________________________________________ > >> OAuth mailing list > >> OAuth@ietf.org > >> https://www.ietf.org/mailman/listinfo/oauth > >> > >> CONFIDENTIALITY NOTICE: This email may contain confidential and > privileged material for the sole use of the intended recipient(s). Any > review, use, distribution or disclosure by others is strictly prohibited. > If you have received this communication in error, please notify the sende= r > immediately by e-mail and delete the message and any file attachments fro= m > your computer. Thank you. > > -- > > Vladimir Dzhuvinov > > > > > > CONFIDENTIALITY NOTICE: This email may contain confidential and > privileged material for the sole use of the intended recipient(s). Any > review, use, distribution or disclosure by others is strictly prohibited. > If you have received this communication in error, please notify the sende= r > immediately by e-mail and delete the message and any file attachments fro= m > your computer. Thank you._______________________________________________ > > OAuth mailing list > > OAuth@ietf.org > > > https://www.google.com/url?q=3Dhttps://www.ietf.org/mailman/listinfo/oaut= h&source=3Dgmail-imap&ust=3D1608558896000000&usg=3DAOvVaw1OfSvPLJHvFwCsMayd= 7e4U > > --=20 _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged= =20 material for the sole use of the intended recipient(s). Any review, use,=20 distribution or disclosure by others is strictly prohibited.=C2=A0 If you h= ave=20 received this communication in error, please notify the sender immediately= =20 by e-mail and delete the message and any file attachments from your=20 computer. Thank you._ --00000000000019520205b66f491a Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
    On Mon, Dec 14, 2020 at 8:= 42 AM Torsten Lodderstedt <torsten=3D40lodderstedt.net@dmarc.ietf.org> wrote:
    <= blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-l= eft:1px solid rgb(204,204,204);padding-left:1ex">+1 for following Vladimir= =E2=80=99s proposal

    > Am 14.12.2020 um 14:54 schrieb Brian Campbell <bcampbell=3D40pingident= ity.com@dmarc.ietf.org>:
    >
    > er, I mean an -05
    >
    > On Mon, Dec 14, 2020 at 6:45 AM Brian Campbell <bcampbell@pingidentity.com= > wrote:
    > Thanks Vladimir, that seems quite reasonable. Barring any objections, = I'll add that to a -04.
    >
    > On Mon, Dec 14, 2020 at 1:33 AM Vladimir Dzhuvinov <vladimir@connect2id.com&g= t; wrote:
    > Hi Brian,
    >
    > I'd like to propose the sentence in bold to be inserted into the c= urrent section 2.3 of PAR -04:
    >
    > https://tools.ietf.org/html/draf= t-ietf-oauth-par-04#section-2.3
    >
    > The authorization server returns an error response with the same forma= t as is specified for error responses from the token endpoint in Section 5.= 2 of [RFC6749] using the appropriate error code from therein or from Sectio= n 4.1.2.1 of [RFC6749]. In those cases where Section 4.1.2.1 of [RFC6749] p= rohibits automatic redirection with an error back to the requesting client = and hence doesn=E2=80=99t define an error code, for example when the reques= t fails due to a missing, invalid, or mismatching redirection URI, the =E2= =80=9Cinvalid_request=E2=80=9D error code can be used as the default error = code.
    >
    > Hope with this we can close the case.
    >
    > Vladimir
    >
    >
    > On 04/12/2020 18:08, Brian Campbell wrote:
    >>
    >>
    >> On Fri, Dec 4, 2020 at 12:30 AM Vladimir Dzhuvinov <vladimir@connect2id.com> wrote:
    >> If people have articulated a need to have an invalid_redirect_uri = error for the PAR endpoint, then let's register it properly. Rifaat say= s there's still time to do this.
    >>
    >>
    >> Following from the response I recently sent to Neil, I don't t= hink a legitimate need has been articulated.     https://mailarchive.ietf.org/arch/msg/oauth/gMiH1mTr0AKDvW= pqO1zikcVUySY/
    >>=C2=A0
    >> I'm also okay with using the general invalid_request code for = this. In this case a sentence, next to the current example, spelling out wh= at the PAR endpoint must do on a invalid redirect URI will help.
    >>
    >> I don't know that that's needed either. But do have some t= ext to suggest that you think would be helpful?
    >>
    >>=C2=A0
    >>
    >> Vladimir
    >>
    >> On 03/12/2020 13:49, Rifaat Shekh-Yusef wrote:
    >>> Torsten, Filip,
    >>>
    >>> You can absolutely make this change, as we are still very earl= y in the process.
    >>> So feel free to continue this effort and try to get WG agreeme= nt on this, and update the document as needed.
    >>>
    >>> Regards,
    >>>=C2=A0 Rifaat
    >>>
    >>>
    >>> On Thursday, December 3, 2020, Filip Skokan <panva.ip@gmail.com> wrote:=
    >>> To be clear, I'm not advocating to skip the registration, = just wanted to mention a potential concern. If the process allows it and it= will not introduce more delay to publication, I think we should go ahead a= nd register the error code.
    >>>
    >>> Best,
    >>> Filip
    >>>
    >>>
    >>> On Thu, 3 Dec 2020 at 11:06, Torsten Lodderstedt <torsten@lodderstedt.n= et> wrote:
    >>>
    >>>
    >>> > Am 03.12.2020 um 09:56 schrieb Filip Skokan <panva.ip@gmail.com>= :
    >>> >
    >>> > There are several documents already mentioning "inva= lid_redirect_uri" as an error code, specifically RFC7519 and OpenID Co= nnect Dynamic Client Registration 1.0. But these don't register it in t= he IANA OAuth Extensions Error Registry, presumably because they're nei= ther for the authorization or token endpoints.
    >>> >
    >>> > While I think it'd be great if we had this error code= registered, I also worry that its registration could confuse implementers = to think it's okay to return it from the authorization endpoint.
    >>>
    >>> I understand your concern. On the other hand, registering the = error code is in my opinion the proper way forward. The registration is sco= ped to a usage location, should be pushed authorization endpoint then, and = RFC6749 gives clear guidance on how to treat errors related to the redirect= URI at the authorization endpoint.
    >>>
    >>> "If the request fails due to a missing, invalid, or misma= tching
    >>>=C2=A0 =C2=A0 redirection URI, =E2=80=A6 authorization server .= .. MUST NOT automatically redirect the user-agent to the
    >>>=C2=A0 =C2=A0 invalid redirection URI."
    >>>
    >>> I think if an implementor ignores this, it will ignore any adv= ise.
    >>>
    >>> best regards,
    >>> Torsten.
    >>>
    >>> >
    >>> > Best,
    >>> > Filip
    >>> >
    >>> >
    >>> > On Thu, 3 Dec 2020 at 00:29, Brian Campbell <bcampbell= =3D4= 0pingidentity.com@dmarc.ietf.org> wrote:
    >>> > During the course of a recent OIDF FAPI WG discussion (th= e FAPI profiles use PAR for authz requests) on this issue it was noted that= there's no specific error code for problems with the redirect_uri (the= example in https://www.ietf= .org/archive/id/draft-ietf-oauth-par-04.html#section-2.3 even shows a g= eneral error code with mention of the redirect_uri not being valid in the e= rror description). Some folks on that call thought it would be worthwhile t= o have a more specific error code for an invalid redirect_uri and I relucta= ntly took an action item to raise the issue here. At the time I'd forgo= tten that PAR had already passed WGLC. But it's been sitting idle while= awaiting the shepherd writeup since mid September so it's maybe realis= tic to think the window for a small change is still open.
    >>> >
    >>> > Presumably nothing like an "invalid_redirect_uri&quo= t; error code was defined in RFC 6749 because that class of errors could no= t be returned to the client via redirection. But the data flow in PAR would= allow for a "invalid_redirect_uri" so it's not an unreasonab= le thing to do.
    >>> >
    >>> > As I write this message, however, I'm not personally = convinced that it's worth making a change to PAR at this point. But I d= id say I'd bring the question up in the WG list and I'm just trying= to be true to my word. So here it is. Please weigh in, if you have opinion= s on the matter.
    >>> >
    >>> >
    >>> >
    >>> > CONFIDENTIALITY NOTICE: This email may contain confidenti= al and privileged material for the sole use of the intended recipient(s). A= ny review, use, distribution or disclosure by others is strictly prohibited= .=C2=A0 If you have received this communication in error, please notify the= sender immediately by e-mail and delete the message and any file attachmen= ts from your computer. Thank you.__________________________________________= _____
    >>> > OAuth mailing list
    >>> > OAuth= @ietf.org
    >>> > https://www.ietf.org/mailman/listinfo/o= auth
    >>> > _______________________________________________
    >>> > OAuth mailing list
    >>> > OAuth= @ietf.org
    >>> > https://www.google.com/url?q=3Dhttps://www.ietf.org/mailman/listinfo= /oauth&source=3Dgmail-imap&ust=3D1607590629000000&usg=3DAOvVaw3= aW1gdv4EEiLmNYzlsJj-A
    >>>
    >>>
    >>
    >>
    >> _______________________________________________
    >> OAuth mailing list
    >> OAuth@ietf.org=
    >> https://www.ietf.org/mailman/listinfo/oauth<= br> >>
    >> CONFIDENTIALITY NOTICE: This email may contain confidential and pr= ivileged material for the sole use of the intended recipient(s). Any review= , use, distribution or disclosure by others is strictly prohibited.=C2=A0 I= f you have received this communication in error, please notify the sender i= mmediately by e-mail and delete the message and any file attachments from y= our computer. Thank you.
    > --
    > Vladimir Dzhuvinov
    >
    >
    > CONFIDENTIALITY NOTICE: This email may contain confidential and privil= eged material for the sole use of the intended recipient(s). Any review, us= e, distribution or disclosure by others is strictly prohibited.=C2=A0 If yo= u have received this communication in error, please notify the sender immed= iately by e-mail and delete the message and any file attachments from your = computer. Thank you._______________________________________________
    > OAuth mailing list
    > OAuth@ietf.org=
    > https= ://www.google.com/url?q=3Dhttps://www.ietf.org/mailman/listinfo/oauth&s= ource=3Dgmail-imap&ust=3D1608558896000000&usg=3DAOvVaw1OfSvPLJHvFwC= sMayd7e4U


    <= span style=3D"margin:0px;padding:0px;border:0px;outline:0px;vertical-align:= baseline;background:transparent;font-family:proxima-nova-zendesk,system-ui,= -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ub= untu,Cantarell,"Helvetica Neue",Arial,sans-serif;font-weight:600"= >CONFIDENTIALITY NOTICE: This email may contain confidenti= al and privileged material for the sole use of the intended recipient(s). A= ny review, use, distribution or disclosure by others is strictly prohibited= .=C2=A0 If you have received this communication in error, please notify the= sender immediately by e-mail and delete the message and any file attachmen= ts from your computer. Thank you. --00000000000019520205b66f491a-- From nobody Mon Dec 14 09:04:03 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B01793A0B32 for ; Mon, 14 Dec 2020 09:04:01 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.097 X-Spam-Level: X-Spam-Status: No, score=-0.097 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, MIME_QP_LONG_LINE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lodderstedt.net Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D4hnpQl0KCVv for ; Mon, 14 Dec 2020 09:03:58 -0800 (PST) Received: from mail-ed1-x530.google.com (mail-ed1-x530.google.com [IPv6:2a00:1450:4864:20::530]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 013813A0B2D for ; Mon, 14 Dec 2020 09:03:57 -0800 (PST) Received: by mail-ed1-x530.google.com with SMTP id h16so17891131edt.7 for ; Mon, 14 Dec 2020 09:03:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lodderstedt.net; s=google; h=content-transfer-encoding:from:mime-version:subject:date:message-id :references:cc:in-reply-to:to; bh=FZ4izZcb0NQUlrWNcYJAeaNFdngjtRsIPBZqUdEB48Y=; b=CpiKkgrxk3fjZmZforsaxvQn2fQ3AmwAeDX8Id01WcGmEgFOZSvXpiDJvak7BqIkfT bl7+aBLl/9pXC/VVBM/juE54LBo1uwmcMRbt5pP+OzdiNu+JuFy3o+USpDI1jYRKh9hY j+SAEO07M+fozhqF7WlkkCfxoaPRP6bOmVRoR2MTn4KcbbADUGiS0lKz3l61a+6MB+c9 1uLnUbB/g+veRupxQZwzgYmWPX7mbt5b6aUHZ+67Q4zUVB3nzuex0gNmiEogCaaympjY 87hkEOpRO+Pc7Xov0vlovBTED/SoIWOITV8Xr2gNlecQDVa24427KrcZLkPtB/WGpq4x 0jtA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:content-transfer-encoding:from:mime-version :subject:date:message-id:references:cc:in-reply-to:to; bh=FZ4izZcb0NQUlrWNcYJAeaNFdngjtRsIPBZqUdEB48Y=; b=mPyQeUheTC15mCmkao/owoRjeOBqK2rCaggGCWxePyMF0UNJJfYknclxN2cX6W/jgP 6EFi8A4KzeZ/AcC1zGD4Ly+k0mVb95elJIn7sbTK82KSWl8Y3Vusjn4QLhucklCEf851 pjZr700fynQnRHAQ6dmcq7SpC/wImOPkQ5lW/dt6JjneEoCMgHK1lqnc0oYhtPayP+fT QYKDQxd3jG/cwFk8Is5bjCFTAu3DRYa8gdo9oG8owKWO4jWDLb+d/MT0Kq3bTeQFb8d0 yKaMoowKHEfg96f5WdilqnlCa7uak3Ex3RdQ/viPhQHTLgkvarN5Hr8EutVayjIfXAv9 AZsg== X-Gm-Message-State: AOAM532GAZmuzM+8GsVgk05gbL5uN8DqobdAD2b2EtCyM1NIOn82cwZt Xpkck6huDfaM07xgy1QIw3YReQ== X-Google-Smtp-Source: ABdhPJwMv2sS8VCVI6gsabMEap5Q9TeUSE5TkEAcD1cYtIQIFqx/FSnAzzpo92l2ILK4yhOBRKK/pA== X-Received: by 2002:aa7:d9c1:: with SMTP id v1mr25861830eds.115.1607965436211; Mon, 14 Dec 2020 09:03:56 -0800 (PST) Received: from ?IPv6:2a01:598:90a1:2ea1:30a5:61cb:ed66:8814? ([2a01:598:90a1:2ea1:30a5:61cb:ed66:8814]) by smtp.gmail.com with ESMTPSA id p24sm13182755edr.65.2020.12.14.09.03.54 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 14 Dec 2020 09:03:55 -0800 (PST) Content-Type: multipart/signed; boundary=Apple-Mail-C1507697-DC35-4720-9869-D6AE7621D6A6; protocol="application/pkcs7-signature"; micalg=sha-256 Content-Transfer-Encoding: 7bit From: Torsten Lodderstedt Mime-Version: 1.0 (1.0) Date: Mon, 14 Dec 2020 18:03:53 +0100 Message-Id: <9225F7E5-F603-4185-AE85-AD8561EBDC76@lodderstedt.net> References: Cc: Vladimir Dzhuvinov , oauth In-Reply-To: To: Brian Campbell X-Mailer: iPhone Mail (18B92) Archived-At: Subject: Re: [OAUTH-WG] PAR error for redirect URI? X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Dec 2020 17:04:02 -0000 --Apple-Mail-C1507697-DC35-4720-9869-D6AE7621D6A6 Content-Type: multipart/alternative; boundary=Apple-Mail-BFC89F33-0A82-4479-828E-6309E06147CF Content-Transfer-Encoding: 7bit --Apple-Mail-BFC89F33-0A82-4479-828E-6309E06147CF Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable =F0=9F=91=8D > Am 14.12.2020 um 17:39 schrieb Brian Campbell : >=20 > =EF=BB=BF > And that's done: https://mailarchive.ietf.org/arch/msg/oauth/W0eq4HUiiLVS5= F5qyXXY6Gdw7vs/ >=20 >> On Mon, Dec 14, 2020 at 8:42 AM Torsten Lodderstedt wrote: >> +1 for following Vladimir=E2=80=99s proposal >>=20 >> > Am 14.12.2020 um 14:54 schrieb Brian Campbell : >> >=20 >> > er, I mean an -05=20 >> >=20 >> > On Mon, Dec 14, 2020 at 6:45 AM Brian Campbell wrote: >> > Thanks Vladimir, that seems quite reasonable. Barring any objections, I= 'll add that to a -04.=20 >> >=20 >> > On Mon, Dec 14, 2020 at 1:33 AM Vladimir Dzhuvinov wrote: >> > Hi Brian, >> >=20 >> > I'd like to propose the sentence in bold to be inserted into the curren= t section 2.3 of PAR -04: >> >=20 >> > https://tools.ietf.org/html/draft-ietf-oauth-par-04#section-2.3 >> >=20 >> > The authorization server returns an error response with the same format= as is specified for error responses from the token endpoint in Section 5.2 o= f [RFC6749] using the appropriate error code from therein or from Section 4.= 1.2.1 of [RFC6749]. In those cases where Section 4.1.2.1 of [RFC6749] prohib= its automatic redirection with an error back to the requesting client and he= nce doesn=E2=80=99t define an error code, for example when the request fails= due to a missing, invalid, or mismatching redirection URI, the =E2=80=9Cinv= alid_request=E2=80=9D error code can be used as the default error code. >> >=20 >> > Hope with this we can close the case. >> >=20 >> > Vladimir >> >=20 >> >=20 >> > On 04/12/2020 18:08, Brian Campbell wrote: >> >>=20 >> >>=20 >> >> On Fri, Dec 4, 2020 at 12:30 AM Vladimir Dzhuvinov wrote: >> >> If people have articulated a need to have an invalid_redirect_uri erro= r for the PAR endpoint, then let's register it properly. Rifaat says there's= still time to do this. >> >>=20 >> >>=20 >> >> Following from the response I recently sent to Neil, I don't think a l= egitimate need has been articulated. https://mailarchive.ietf.org/arch/msg/o= auth/gMiH1mTr0AKDvWpqO1zikcVUySY/ >> >> =20 >> >> I'm also okay with using the general invalid_request code for this. In= this case a sentence, next to the current example, spelling out what the PA= R endpoint must do on a invalid redirect URI will help. >> >>=20 >> >> I don't know that that's needed either. But do have some text to sugge= st that you think would be helpful?=20 >> >>=20 >> >> =20 >> >>=20 >> >> Vladimir >> >>=20 >> >> On 03/12/2020 13:49, Rifaat Shekh-Yusef wrote: >> >>> Torsten, Filip, >> >>>=20 >> >>> You can absolutely make this change, as we are still very early in th= e process.=20 >> >>> So feel free to continue this effort and try to get WG agreement on t= his, and update the document as needed.=20 >> >>>=20 >> >>> Regards, >> >>> Rifaat >> >>>=20 >> >>>=20 >> >>> On Thursday, December 3, 2020, Filip Skokan wrot= e: >> >>> To be clear, I'm not advocating to skip the registration, just wanted= to mention a potential concern. If the process allows it and it will not in= troduce more delay to publication, I think we should go ahead and register t= he error code. >> >>>=20 >> >>> Best, >> >>> Filip >> >>>=20 >> >>>=20 >> >>> On Thu, 3 Dec 2020 at 11:06, Torsten Lodderstedt wrote: >> >>>=20 >> >>>=20 >> >>> > Am 03.12.2020 um 09:56 schrieb Filip Skokan : >> >>> >=20 >> >>> > There are several documents already mentioning "invalid_redirect_ur= i" as an error code, specifically RFC7519 and OpenID Connect Dynamic Client R= egistration 1.0. But these don't register it in the IANA OAuth Extensions Er= ror Registry, presumably because they're neither for the authorization or to= ken endpoints. >> >>> >=20 >> >>> > While I think it'd be great if we had this error code registered, I= also worry that its registration could confuse implementers to think it's o= kay to return it from the authorization endpoint. >> >>>=20 >> >>> I understand your concern. On the other hand, registering the error c= ode is in my opinion the proper way forward. The registration is scoped to a= usage location, should be pushed authorization endpoint then, and RFC6749 g= ives clear guidance on how to treat errors related to the redirect URI at th= e authorization endpoint.=20 >> >>>=20 >> >>> "If the request fails due to a missing, invalid, or mismatching >> >>> redirection URI, =E2=80=A6 authorization server ... MUST NOT autom= atically redirect the user-agent to the >> >>> invalid redirection URI." >> >>>=20 >> >>> I think if an implementor ignores this, it will ignore any advise. >> >>>=20 >> >>> best regards, >> >>> Torsten.=20 >> >>>=20 >> >>> >=20 >> >>> > Best, >> >>> > Filip >> >>> >=20 >> >>> >=20 >> >>> > On Thu, 3 Dec 2020 at 00:29, Brian Campbell wrote: >> >>> > During the course of a recent OIDF FAPI WG discussion (the FAPI pro= files use PAR for authz requests) on this issue it was noted that there's no= specific error code for problems with the redirect_uri (the example in http= s://www.ietf.org/archive/id/draft-ietf-oauth-par-04.html#section-2.3 even sh= ows a general error code with mention of the redirect_uri not being valid in= the error description). Some folks on that call thought it would be worthwh= ile to have a more specific error code for an invalid redirect_uri and I rel= uctantly took an action item to raise the issue here. At the time I'd forgot= ten that PAR had already passed WGLC. But it's been sitting idle while await= ing the shepherd writeup since mid September so it's maybe realistic to thin= k the window for a small change is still open. >> >>> >=20 >> >>> > Presumably nothing like an "invalid_redirect_uri" error code was de= fined in RFC 6749 because that class of errors could not be returned to the c= lient via redirection. But the data flow in PAR would allow for a "invalid_r= edirect_uri" so it's not an unreasonable thing to do.=20 >> >>> >=20 >> >>> > As I write this message, however, I'm not personally convinced that= it's worth making a change to PAR at this point. But I did say I'd bring th= e question up in the WG list and I'm just trying to be true to my word. So h= ere it is. Please weigh in, if you have opinions on the matter.=20 >> >>> >=20 >> >>> >=20 >> >>> >=20 >> >>> > CONFIDENTIALITY NOTICE: This email may contain confidential and pri= vileged material for the sole use of the intended recipient(s). Any review, u= se, distribution or disclosure by others is strictly prohibited. If you hav= e received this communication in error, please notify the sender immediately= by e-mail and delete the message and any file attachments from your compute= r. Thank you._______________________________________________ >> >>> > OAuth mailing list >> >>> > OAuth@ietf.org >> >>> > https://www.ietf.org/mailman/listinfo/oauth >> >>> > _______________________________________________ >> >>> > OAuth mailing list >> >>> > OAuth@ietf.org >> >>> > https://www.google.com/url?q=3Dhttps://www.ietf.org/mailman/listinf= o/oauth&source=3Dgmail-imap&ust=3D1607590629000000&usg=3DAOvVaw3aW1gdv4EEiLm= NYzlsJj-A >> >>>=20 >> >>>=20 >> >>=20 >> >>=20 >> >> _______________________________________________ >> >> OAuth mailing list >> >> OAuth@ietf.org >> >> https://www.ietf.org/mailman/listinfo/oauth >> >>=20 >> >> CONFIDENTIALITY NOTICE: This email may contain confidential and privil= eged material for the sole use of the intended recipient(s). Any review, use= , distribution or disclosure by others is strictly prohibited. If you have r= eceived this communication in error, please notify the sender immediately by= e-mail and delete the message and any file attachments from your computer. T= hank you. >> > --=20 >> > Vladimir Dzhuvinov >> >=20 >> >=20 >> > CONFIDENTIALITY NOTICE: This email may contain confidential and privile= ged material for the sole use of the intended recipient(s). Any review, use,= distribution or disclosure by others is strictly prohibited. If you have r= eceived this communication in error, please notify the sender immediately by= e-mail and delete the message and any file attachments from your computer. T= hank you._______________________________________________ >> > OAuth mailing list >> > OAuth@ietf.org >> > https://www.google.com/url?q=3Dhttps://www.ietf.org/mailman/listinfo/oa= uth&source=3Dgmail-imap&ust=3D1608558896000000&usg=3DAOvVaw1OfSvPLJHvFwCsMay= d7e4U >>=20 >=20 > CONFIDENTIALITY NOTICE: This email may contain confidential and privileged= material for the sole use of the intended recipient(s). Any review, use, di= stribution or disclosure by others is strictly prohibited. If you have rece= ived this communication in error, please notify the sender immediately by e-= mail and delete the message and any file attachments from your computer. Tha= nk you. --Apple-Mail-BFC89F33-0A82-4479-828E-6309E06147CF Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable
    =F0=9F=91=8D

    Am 14.12.2020 um 17:39 schrieb Brian C= ampbell <bcampbell=3D40pingidentity.com@dmarc.ietf.org>:

    =EF=BB=BF
    = On Mon, Dec 14, 2020 at 8:42 AM Torsten Lodderstedt <torsten=3D40lodderstedt.net@dmarc.ietf.org> wrote:
    +1 f= or following Vladimir=E2=80=99s proposal

    > Am 14.12.2020 um 14:54 schrieb Brian Campbell <bcampbell=3D    40pingidentity.= com@dmarc.ietf.org>:
    >
    > er, I mean an -05
    >
    > On Mon, Dec 14, 2020 at 6:45 AM Brian Campbell <bcampbell@pingidentity.com&g= t; wrote:
    > Thanks Vladimir, that seems quite reasonable. Barring any objections, I= 'll add that to a -04.
    >
    > On Mon, Dec 14, 2020 at 1:33 AM Vladimir Dzhuvinov <vladimir@connect2id.com>= wrote:
    > Hi Brian,
    >
    > I'd like to propose the sentence in bold to be inserted into the curren= t section 2.3 of PAR -04:
    >
    > https://tools.ietf.org/html/draft-ietf-oauth-par-04#section-2.3=
    >
    > The authorization server returns an error response with the same format= as is specified for error responses from the token endpoint in Section 5.2 o= f [RFC6749] using the appropriate error code from therein or from Section 4.= 1.2.1 of [RFC6749]. In those cases where Section 4.1.2.1 of [RFC6749] prohib= its automatic redirection with an error back to the requesting client and he= nce doesn=E2=80=99t define an error code, for example when the request fails= due to a missing, invalid, or mismatching redirection URI, the =E2=80=9Cinv= alid_request=E2=80=9D error code can be used as the default error code.
    >
    > Hope with this we can close the case.
    >
    > Vladimir
    >
    >
    > On 04/12/2020 18:08, Brian Campbell wrote:
    >>
    >>
    >> On Fri, Dec 4, 2020 at 12:30 AM Vladimir Dzhuvinov <vladimir@connect2id.com= > wrote:
    >> If people have articulated a need to have an invalid_redirect_uri e= rror for the PAR endpoint, then let's register it properly. Rifaat says ther= e's still time to do this.
    >>
    >>
    >> Following from the response I recently sent to Neil, I don't think a= legitimate need has been articulated. https://mailarchive.ie= tf.org/arch/msg/oauth/gMiH1mTr0AKDvWpqO1zikcVUySY/
    >> 
    >> I'm also okay with using the general invalid_request code for this.= In this case a sentence, next to the current example, spelling out what the= PAR endpoint must do on a invalid redirect URI will help.
    >>
    >> I don't know that that's needed either. But do have some text to su= ggest that you think would be helpful?
    >>
    >> 
    >>
    >> Vladimir
    >>
    >> On 03/12/2020 13:49, Rifaat Shekh-Yusef wrote:
    >>> Torsten, Filip,
    >>>
    >>> You can absolutely make this change, as we are still very early= in the process.
    >>> So feel free to continue this effort and try to get WG agreemen= t on this, and update the document as needed.
    >>>
    >>> Regards,
    >>>  Rifaat
    >>>
    >>>
    >>> On Thursday, December 3, 2020, Filip Skokan <panva.ip@gmail.com> wrote: >>> To be clear, I'm not advocating to skip the registration, just w= anted to mention a potential concern. If the process allows it and it will n= ot introduce more delay to publication, I think we should go ahead and regis= ter the error code.
    >>>
    >>> Best,
    >>> Filip
    >>>
    >>>
    >>> On Thu, 3 Dec 2020 at 11:06, Torsten Lodderstedt <torsten@lodderstedt.net> wrote:
    >>>
    >>>
    >>> > Am 03.12.2020 um 09:56 schrieb Filip Skokan <    panva.ip@gmail.com>: >>> >
    >>> > There are several documents already mentioning "invalid_re= direct_uri" as an error code, specifically RFC7519 and OpenID Connect Dynami= c Client Registration 1.0. But these don't register it in the IANA OAuth Ext= ensions Error Registry, presumably because they're neither for the authoriza= tion or token endpoints.
    >>> >
    >>> > While I think it'd be great if we had this error code regi= stered, I also worry that its registration could confuse implementers to thi= nk it's okay to return it from the authorization endpoint.
    >>>
    >>> I understand your concern. On the other hand, registering the e= rror code is in my opinion the proper way forward. The registration is scope= d to a usage location, should be pushed authorization endpoint then, and RFC= 6749 gives clear guidance on how to treat errors related to the redirect URI= at the authorization endpoint.
    >>>
    >>> "If the request fails due to a missing, invalid, or mismatching=
    >>>    redirection URI, =E2=80=A6 authorization server ..= . MUST NOT automatically redirect the user-agent to the
    >>>    invalid redirection URI."
    >>>
    >>> I think if an implementor ignores this, it will ignore any advi= se.
    >>>
    >>> best regards,
    >>> Torsten.
    >>>
    >>> >
    >>> > Best,
    >>> > Filip
    >>> >
    >>> >
    >>> > On Thu, 3 Dec 2020 at 00:29, Brian Campbell <bcampbell=3D= 40pin= gidentity.com@dmarc.ietf.org> wrote:
    >>> > During the course of a recent OIDF FAPI WG discussion (the= FAPI profiles use PAR for authz requests) on this issue it was noted that t= here's no specific error code for problems with the redirect_uri (the exampl= e in https://www.ietf.org/archive/id/draft-ietf-oauth-par-0= 4.html#section-2.3 even shows a general error code with mention of the r= edirect_uri not being valid in the error description). Some folks on that ca= ll thought it would be worthwhile to have a more specific error code for an i= nvalid redirect_uri and I reluctantly took an action item to raise the issue= here. At the time I'd forgotten that PAR had already passed WGLC. But it's b= een sitting idle while awaiting the shepherd writeup since mid September so i= t's maybe realistic to think the window for a small change is still open. >>> >
    >>> > Presumably nothing like an "invalid_redirect_uri" error co= de was defined in RFC 6749 because that class of errors could not be returne= d to the client via redirection. But the data flow in PAR would allow for a "= invalid_redirect_uri" so it's not an unreasonable thing to do.
    >>> >
    >>> > As I write this message, however, I'm not personally convi= nced that it's worth making a change to PAR at this point. But I did say I'd= bring the question up in the WG list and I'm just trying to be true to my w= ord. So here it is. Please weigh in, if you have opinions on the matter. >>> >
    >>> >
    >>> >
    >>> > CONFIDENTIALITY NOTICE: This email may contain confidentia= l and privileged material for the sole use of the intended recipient(s). Any= review, use, distribution or disclosure by others is strictly prohibited.&n= bsp; If you have received this communication in error, please notify the sen= der immediately by e-mail and delete the message and any file attachments fr= om your computer. Thank you._______________________________________________<= br> >>> > OAuth mailing list
    >>> > OAuth@= ietf.org
    >>> > https://www.ietf.org/mailman/listinfo/oauth
    >>> > _______________________________________________
    >>> > OAuth mailing list
    >>> > OAuth@= ietf.org
    >>> > https://www.google.com/url?q=3Dht= tps://www.ietf.org/mailman/listinfo/oauth&source=3Dgmail-imap&ust=3D= 1607590629000000&usg=3DAOvVaw3aW1gdv4EEiLmNYzlsJj-A
    >>>
    >>>
    >>
    >>
    >> _______________________________________________
    >> OAuth mailing list
    >> OAuth@ietf.org<= /a>
    >>     https= ://www.ietf.org/mailman/listinfo/oauth
    >>
    >> CONFIDENTIALITY NOTICE: This email may contain confidential and pri= vileged material for the sole use of the intended recipient(s). Any review, u= se, distribution or disclosure by others is strictly prohibited.  If yo= u have received this communication in error, please notify the sender immedi= ately by e-mail and delete the message and any file attachments from your co= mputer. Thank you.
    > --
    > Vladimir Dzhuvinov
    >
    >
    > CONFIDENTIALITY NOTICE: This email may contain confidential and privile= ged material for the sole use of the intended recipient(s). Any review, use,= distribution or disclosure by others is strictly prohibited.  If you h= ave received this communication in error, please notify the sender immediate= ly by e-mail and delete the message and any file attachments from your compu= ter. Thank you._______________________________________________
    > OAuth mailing list
    > OAuth@ietf.org<= br> > https://www.google.com/url?q=3Dhttps://www.iet= f.org/mailman/listinfo/oauth&source=3Dgmail-imap&ust=3D1608558896000= 000&usg=3DAOvVaw1OfSvPLJHvFwCsMayd7e4U


    CONFIDENTIALITY NOTICE: This email may contain confidential and pr= ivileged material for the sole use of the intended recipient(s). Any review,= use, distribution or disclosure by others is strictly prohibited.  If y= ou have received this communication in error, please notify the sender immed= iately by e-mail and delete the message and any file attachments from your c= omputer. Thank you.
    = --Apple-Mail-BFC89F33-0A82-4479-828E-6309E06147CF-- --Apple-Mail-C1507697-DC35-4720-9869-D6AE7621D6A6 Content-Type: application/pkcs7-signature; name=smime.p7s Content-Disposition: attachment; filename=smime.p7s Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADCABgkqhkiG9w0BBwEAAKCCCi4w ggT0MIID3KADAgECAhBpfEIkHQiWmzF6zDsgdF+DMA0GCSqGSIb3DQEBCwUAMIGNMQswCQYDVQQG EwJJVDEQMA4GA1UECAwHQmVyZ2FtbzEZMBcGA1UEBwwQUG9udGUgU2FuIFBpZXRybzEjMCEGA1UE CgwaQWN0YWxpcyBTLnAuQS4vMDMzNTg1MjA5NjcxLDAqBgNVBAMMI0FjdGFsaXMgQ2xpZW50IEF1 dGhlbnRpY2F0aW9uIENBIEcyMB4XDTIwMDIyMzE3MjEzOVoXDTIxMDIyMzE3MjEzOVowIjEgMB4G A1UEAwwXdG9yc3RlbkBsb2RkZXJzdGVkdC5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQCrIaCISpAU98m6ZkDyUR3My5imAF4TKQk8eqo+oQ06PTWT/3yJXujVCjjOqOl8p11v/RoN Gf8zqYbBsqGBuJx2NyxFmAnmCjcbnxihQdcmuxLm6izvxr2MawOovDheMXnfmGy/Ns5Fs6bd+M5F jCNhP+Gljvgm/SFq1skvs7YUX2FxZmh+xPMm3FZ/a6Lyhkrd3JHzEqv8VWY69Aehezg39OuPJEpb IdjK/eBcmaIG0qn5RQdXLByJYfXhepyVAZPJT5rAgaIQL/IjSIVInxf3FxOv+ELMAErclws6mKzy zkY2JiItPEpKWzAWGCxCX2o0JjVj1f7xgaunLfJ+Ec0lAgMBAAGjggG4MIIBtDAMBgNVHRMBAf8E AjAAMB8GA1UdIwQYMBaAFGvyjZ5owSUEH1E0V/YWXJTqTWkaMH4GCCsGAQUFBwEBBHIwcDA7Bggr BgEFBQcwAoYvaHR0cDovL2NhY2VydC5hY3RhbGlzLml0L2NlcnRzL2FjdGFsaXMtYXV0Y2xpZzIw MQYIKwYBBQUHMAGGJWh0dHA6Ly9vY3NwMDkuYWN0YWxpcy5pdC9WQS9BVVRIQ0wtRzIwIgYDVR0R BBswGYEXdG9yc3RlbkBsb2RkZXJzdGVkdC5uZXQwRwYDVR0gBEAwPjA8BgYrgR8BGAEwMjAwBggr BgEFBQcCARYkaHR0cHM6Ly93d3cuYWN0YWxpcy5pdC9hcmVhLWRvd25sb2FkMB0GA1UdJQQWMBQG CCsGAQUFBwMCBggrBgEFBQcDBDBIBgNVHR8EQTA/MD2gO6A5hjdodHRwOi8vY3JsMDkuYWN0YWxp cy5pdC9SZXBvc2l0b3J5L0FVVEhDTC1HMi9nZXRMYXN0Q1JMMB0GA1UdDgQWBBSuRfshihlGSEJ7 2UeyOZRJ1YYyMDAOBgNVHQ8BAf8EBAMCBaAwDQYJKoZIhvcNAQELBQADggEBAH/3ECMSOoOLiwCe GsBj/WWnUhXvZyHmz3LW0DVdH3s30b2HWpomEVNDN3cWt4QSRhISqV0xyyChL6THhDY+Um2mo+z/ L5fxHd3MjhzvYKwUtLUJdWRgymlUBO9zNKi/IMVYv3O+mpOHuQrgtMaV9luDPRYPZrhF9y/InTZE tb+FOrF9ykIRlYgMzqSKjuqFmmYO4d6GkbgfGKFZsAjkySjM9BUBLb70MdysOTxZ/HtZguIKfZ4q CveZ9ZKe+LGsIpt5bFAs1LHIMBUlTCsuVIq2lD3TmScWbELn+Ace7WwKc+08GqOWZzUot5fkiIx3 /crnd7HTmUfqi0yCylHY62wwggUyMIIEGqADAgECAhEAh3cjdwfbVS49xtpMKQd5tjANBgkqhkiG 9w0BAQsFADCBljELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMT4wPAYDVQQDEzVTZWN0aWdv IFJTQSBDbGllbnQgQXV0aGVudGljYXRpb24gYW5kIFNlY3VyZSBFbWFpbCBDQTAeFw0xOTAxMzAw MDAwMDBaFw0yMDAxMzAyMzU5NTlaMCgxJjAkBgkqhkiG9w0BCQEWF3RvcnN0ZW5AbG9kZGVyc3Rl ZHQubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1iT7e+ZazS5uGQ2/oV6rKb+d LiC1cbVCWN1TEV1XemJP68/I91+YUtc87N8M46QgGHN25FeM8xaWL6Q83aArs/nnuYx26+x0Em5Z 8cqcAe+i1JLbvxt5j47h+5iiZErQld2GCf7EsW5YO+UoNws9ZMkcOHp77qSUuva0mDxitDpsMdlV IbYTkOIW2/x7NinUBBSvpO0bxlejSGukCX73pTUWPBK3kznd3wqg7SaiqZH+1g/1cQxMD8Wk8S1Q PO3AB2xA7hES4EjWFZ7a9HhX5VMRyJlsEDb1KJAot7cypJcfDhCJwG8De5hSEsW5kEWL0h+AOFXc B+JQzLW0sdSVxwIDAQABo4IB5jCCAeIwHwYDVR0jBBgwFoAUCcDy/AvalNtf/ivfqJlCz8ngrQAw HQYDVR0OBBYEFBnmpsoJu2zUGrbmQoBZG6uxqdNRMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E AjAAMCAGA1UdJQQZMBcGCCsGAQUFBwMEBgsrBgEEAbIxAQMFAjARBglghkgBhvhCAQEEBAMCBSAw QAYDVR0gBDkwNzA1BgwrBgEEAbIxAQIBAQEwJTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdv LmNvbS9DUFMwWgYDVR0fBFMwUTBPoE2gS4ZJaHR0cDovL2NybC5zZWN0aWdvLmNvbS9TZWN0aWdv UlNBQ2xpZW50QXV0aGVudGljYXRpb25hbmRTZWN1cmVFbWFpbENBLmNybDCBigYIKwYBBQUHAQEE fjB8MFUGCCsGAQUFBzAChklodHRwOi8vY3J0LnNlY3RpZ28uY29tL1NlY3RpZ29SU0FDbGllbnRB dXRoZW50aWNhdGlvbmFuZFNlY3VyZUVtYWlsQ0EuY3J0MCMGCCsGAQUFBzABhhdodHRwOi8vb2Nz cC5zZWN0aWdvLmNvbTAiBgNVHREEGzAZgRd0b3JzdGVuQGxvZGRlcnN0ZWR0Lm5ldDANBgkqhkiG 9w0BAQsFAAOCAQEAKEl922lsOY5xPqRLJUKLCshBzoNcJ6UDXI4CwCClc4E3yIDQg09zpK0UdrFW 0cU8qFc7iXRixKdU361AADG+SB/N9ttU40JB7HgJYLhHYijKjXwobUGohyhZRv00PvAS6qV8Xevj 2OGZ1V/w3VPJxEyYPpSCFJ0gqUut0Nt6qse67hS5+BZsJp5d+v/Ozo9UGjLa658ZovxG7/CsKZXF 6AQe5fNPhpWAfyVfnTHwQpqm5jQYPX3fB3k3JQv/IuB2CIENxgQoYpfXg37sSbcdkeWQu4ouiRlT wTfLDI2pfuxRQLJzoCxIYkxgjlq6XtpvolvwKfJpeg44hus5k11RPDGCA70wggO5AgEBMIGiMIGN MQswCQYDVQQGEwJJVDEQMA4GA1UECAwHQmVyZ2FtbzEZMBcGA1UEBwwQUG9udGUgU2FuIFBpZXRy bzEjMCEGA1UECgwaQWN0YWxpcyBTLnAuQS4vMDMzNTg1MjA5NjcxLDAqBgNVBAMMI0FjdGFsaXMg Q2xpZW50IEF1dGhlbnRpY2F0aW9uIENBIEcyAhBpfEIkHQiWmzF6zDsgdF+DMA0GCWCGSAFlAwQC AQUAoIIB6zAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0yMDEyMTQx NzAzNTNaMC8GCSqGSIb3DQEJBDEiBCBuZiEq/kcdJ0RcDHxwrUF81SpSvLfWnlhe8ndsB0R7czCB vQYJKwYBBAGCNxAEMYGvMIGsMIGWMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5j aGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRgwFgYDVQQKEw9TZWN0aWdvIExpbWl0ZWQxPjA8BgNV BAMTNVNlY3RpZ28gUlNBIENsaWVudCBBdXRoZW50aWNhdGlvbiBhbmQgU2VjdXJlIEVtYWlsIENB AhEAh3cjdwfbVS49xtpMKQd5tjCBvwYLKoZIhvcNAQkQAgsxga+ggawwgZYxCzAJBgNVBAYTAkdC MRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoT D1NlY3RpZ28gTGltaXRlZDE+MDwGA1UEAxM1U2VjdGlnbyBSU0EgQ2xpZW50IEF1dGhlbnRpY2F0 aW9uIGFuZCBTZWN1cmUgRW1haWwgQ0ECEQCHdyN3B9tVLj3G2kwpB3m2MA0GCSqGSIb3DQEBCwUA BIIBAF5JtBp7LEu6zRdQNxJw6UcIW+MDm1PWyV1XpSVg5P92SnrvZjhUBmpjuwxQlaNF6KXtkgwI PuYLNHdlXToXGMJNMN/+8DR+a+idvaBKk3foHx1uzs+4kDFqVi1UNAvvkQDjtkFu5SHppyDsArCV n7D3OMZKCvrv1P5FULZdh19NlOqeh7kAYEG6vdVUlyqWmK8sNVJ42qA7Ymhy+3NUc0STaU1u10At DVKHmbNYOfKBv+TMmwsKTHqZliXksEAgPJkKdgkxnwTrab7oH8XsbMhXa8m2sEg2iUvsXBICfSMt Jp2eCR+4r94AxDhgYyaJeQuMhQLTdhr1e5vAhHD+XggAAAAAAAA= --Apple-Mail-C1507697-DC35-4720-9869-D6AE7621D6A6-- From nobody Mon Dec 14 09:33:57 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7077D3A12D6 for ; Mon, 14 Dec 2020 09:33:56 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.097 X-Spam-Level: X-Spam-Status: No, score=-0.097 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=auth0.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Yg7sHswB_wKg for ; Mon, 14 Dec 2020 09:33:50 -0800 (PST) Received: from mail-pl1-x62c.google.com (mail-pl1-x62c.google.com [IPv6:2607:f8b0:4864:20::62c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3F0693A12D5 for ; Mon, 14 Dec 2020 09:33:50 -0800 (PST) Received: by mail-pl1-x62c.google.com with SMTP id x18so2902993pln.6 for ; Mon, 14 Dec 2020 09:33:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=auth0.com; s=google; h=from:to:cc:references:in-reply-to:subject:date:message-id :mime-version:content-language:thread-index; bh=aKMddf3FwQv7oBZK2asXHUQ2fKguMVc+mzuNz2TN7Js=; b=amkPO4GbAJBCuBg4cwXPeZ8W9g5u/tIXu+D6Tt1OM/RZ/JpfbY2rjR2SJuKhsq9sVm stHLdpHnKiXL+y4gz2iEX8DMsVmexKfeQ35e76+h47SJG7pOkbh4Hpo9PMO9y+G14LdD 3rnLTmxuXP4yexyc0gXDvwMiG0wE3R9iE+zjPfGDgyNfw6fVR56JfTpxS59We5p+vvqh pswfBlZsF7VblbY1+nNu54eDrbw6fYg2gG8kCmei6pzUqRavB4au9GV+Z02TQN9uDLDD wqIigDWPwiZbX80PfSC6nHNGlLgZrJXN5DjqOZtIHjlCv+IyLQDIbaIq68vyKs/G3/uA zpnQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:references:in-reply-to:subject:date :message-id:mime-version:content-language:thread-index; bh=aKMddf3FwQv7oBZK2asXHUQ2fKguMVc+mzuNz2TN7Js=; b=RArFDvNWC6qGAs1tk1UttY7C0ia9ABtgFuiC2epHvAIyc89HaNlsALWWLMVy8mO+8z 8HyX6+x51YwNRi7Xp8twJtrNIFRTiIE9QgPsmgtkXLQknH3LyRKPro7XYkKlM1Wedye9 nLcL2LSfYDfHFdcqttkfoV2HZ5qfA6LtXxUhnuWayo4QEWzcD3eeoHQsc2P5cGA4/PUx Tnubu1m/u0Ql1pF9lqX3v5AZlFasEEEMxljm2frihLzt75a+SgAjg8Q77PtCnCq28CvS 4GRetrAQnMmmW4kXPZ+Jg3KwF/2QkD3N3pLgAz3pvzjZ4qWovLVmGXa735lj+DUqTELL un6g== X-Gm-Message-State: AOAM531cOlMe3xQ+zbxf5juPbyETN9y1dCRnrYybi/m9wUfqhYAiBmsb XA5ZHAy4b3b/GN18vQfEDZTNHw== X-Google-Smtp-Source: ABdhPJx6Vdlbj9PWJYmoopryAzYTamFys+zZdQ2BmzX/Xx0UH3TqzazyYVcuTWyZhDZNO5szd1UKYg== X-Received: by 2002:a17:902:b08d:b029:da:a92b:7449 with SMTP id p13-20020a170902b08db02900daa92b7449mr24063791plr.64.1607967228639; Mon, 14 Dec 2020 09:33:48 -0800 (PST) Received: from vibrosurface7 (c-67-171-8-60.hsd1.wa.comcast.net. [67.171.8.60]) by smtp.gmail.com with ESMTPSA id v21sm6042232pfm.154.2020.12.14.09.33.47 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 14 Dec 2020 09:33:47 -0800 (PST) From: To: "'Torsten Lodderstedt'" , "'Dick Hardt'" Cc: , "'Aaron Parecki'" References: In-Reply-To: Date: Mon, 14 Dec 2020 09:33:47 -0800 Message-ID: <04e601d6d23f$47ade680$d709b380$@auth0.com> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_04E7_01D6D1FC.39933200" X-Mailer: Microsoft Outlook 16.0 Content-Language: en-us Thread-Index: AQJR6FLIWs+0ndteazlSUcWpe3EZ4gLHDTFhqOpq1mA= Archived-At: Subject: Re: [OAUTH-WG] Detailed review of OAuth2.1 X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Dec 2020 17:33:57 -0000 This is a multipart message in MIME format. ------=_NextPart_000_04E7_01D6D1FC.39933200 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Thank you, I am so glad you think so! =20 I hear you on the id_token abuse. That would be easily solved by = appending a =E2=80=9Cprovided that the resulting id_token is not abused = by using it as access token=E2=80=9D, in fact that would explicitly = address one of the most common abuses we witness in this space by = finally providing explicit language on the matter. I had frequent = clashes with the Kubernetes crowd about it, and they required nuanced = arguments, making them grok the concept of audience etc etc- all stuff = that could have been avoided by having straightforward language along = the lines of the above. We could argue whether that language belongs to = the OIDC spec more than the OAuth2.1: my position is that we should take = this opportunity to bring extra clarity, nothing prevents repeating that = if the OIDC people will do their own updates in the future. I also hear you on the open endorsement, however I suspect that just = saying what you suggest without mentioning OIDC at all will not solve = the problem of people thinking this deprecates those OIDC flows, too. = Perhaps a compromise would make it explicit that the security = considerations that led to the omission of implicit for the token = response type in oauth2.1 do not apply to those flows in OIDC, provided = that the id_token is not used as access token. So non an endorsement, = but an explicit scoping statement =F0=9F=98=8A would that sound more = balanced? =20 From: Torsten Lodderstedt =20 Sent: Saturday, December 12, 2020 4:20 AM To: Dick Hardt Cc: Vittorio Bertocci ; oauth@ietf.org; = Aaron Parecki Subject: Re: Detailed review of OAuth2.1 =20 Thanks as lot Vittorio! You gave us a lot of homework but I think the = draft will be improved a lot based on it. =20 Re OIDC implicit: I=E2=80=98m reluctant to explicitly endorse use of = OIDC implicit (response type =E2=80=9Eid_token=E2=80=9C or =E2=80=9Ecode = id_token=E2=80=9C) as there are examples in the wild where the id_token = is used as access token. Moreover, I=E2=80=98m not aware of any = systematic security threat analysis of those flows. =20 I=E2=80=98m fine with pointing out to readers that omission of response = type =E2=80=9Etoken=E2=80=9C does not deprecate other extension response = types. =20 WDYT? Am 09.12.2020 um 01:55 schrieb Dick Hardt >: =EF=BB=BF Thank you very much for your detailed feedback Vittorio! = = =E1=90=A7 =20 On Tue, Dec 8, 2020 at 3:22 PM > wrote: Dear authors, It took ages but I finally managed to go thru a full review of the = current OAuth2.1 draft. Apologies for the delay. Metacomments: * The VAST majority of the comments are suggestions for improving = clarity, mostly on historical language coming from 2.0 that I found = myself having to clarify to customers and colleagues over and over thru = the years. None of those are critical. * There are a few places where 2.1 requires a MUST I believe to be = unwarranted/too restrictive. For each of those I did my best to provide = context and concrete examples. * A sizeable category of comments and disagreements on MUST come from = treating mobile and desktop apps as largely equivalent under the = =E2=80=9Cnative app=E2=80=9D umbrella, despite of the vast gulf that = separates the two both in terms of security posture and user experience. = Again, I tried to be as matter of fact as possible in there. * The main reason for which I spoke up during the IETF interim on = oauth2.1 was the confusion the omission f the implicit grant caused = among the devs using implicit in OIDC for obtaining ID_tokens. I = suggested some language to pre-empt the issue, but I expect some = iteration there. Thanks, V =20 =C2=A71 I wonder whether we should take the opportunity offered by OAuth2.1 to = clarify frequent points of confusion about OAuth, by explicitly calling = out in the introduction what is out of scope. For example: OAuth is not an identity protocol, as it doesn=E2=80=99t = concern itself with how resource owners are authenticated; OAuth = isn=E2=80=99t meant to address 1st party scenarios, although the reader = is free to use it in that context as well; and so on. I believe there is value in adding this in the introduction rather than = relegating it in some later considerations section, as the people who = need this information the most rarely read past this point. =20 =C2=A71.1 In the RS definition, wondering whether including the word = =E2=80=9CAPI=E2=80=9D would help to clarify what an RS is in practice. =20 =C2=A71.2 I always found this part extraordinarily difficult to decipher. I get = that this is the first description and doesn=E2=80=99t have to be = exhaustive and consider all cases (eg it=E2=80=99s ok if step 3 claims = that the client authenticates w the AS even tho that=E2=80=99s only for = confidential clients), but I think it could be much clearer than it is = today. Step 1 says The client requests authorization from the resource owner. The = authorization request can be made directly to the resource owner (as = shown), or preferably indirectly via the authorization server as an = intermediary. Besides the fact that =E2=80=9Crequests authorization=E2=80=9D is a bit = vague, this step and the corresponding diagram leg does not correspond = at all to what normally happens- to get a code, the client does need to = hit the AS and the mention in passing in the text isn=E2=80=99t enough = to figure that out. Also, with the omission of ROPG there really = isn=E2=80=99t any way of asking anything to the RO directly (the client = creds doesn=E2=80=99t involve the RO). I would recommend updating that diagram to be more descriptive of the = canonical scenario. Step 2 mentions the 2 grants defined in the spec, but only one of them = represents the RO=E2=80=99s authorization. Claiming that the client = itself is the RO is a formalism that doesn=E2=80=99t meet the = reader=E2=80=99s intuition at this point. Step 5=20 The language here triggered multiple discussions, in particular on = whether the AT can actually be used to ascertain the identity of the = client =E2=80=93 that isn=E2=80=99t the case for public clients, for = example; besides, that=E2=80=99s not really the highest order bit of the = AT. If it is, it seems that the spec should be more explicit about how = client identification from the RS by means of an AT works. If it = isn=E2=80=99t, perhaps we should change the language to omit = authenticate. The last paragraph is emblematic IMO =E2=80=93 if the preferred method = is very different from the diagram here, and if the abstraction = presented here is not terribly useful (given that we no longer have = multiple RO based grants, excluding the extension grants that are still = too far at this point to warrant a cognitive downpayment for the reader) = I wonder whether we=E2=80=99d be better off doing the authz code diagram = directly (and mention that we also have the client creds grant = separately). =20 =C2=A71.3 I understand that we can=E2=80=99t really change this because we inherit = from OAuth 2 but I=E2=80=99ll mention it anyway- modeling clients as ROs = is problematic, as it doesn=E2=80=99t often match what happens in = practice. A confidential client might batch-read a user=E2=80=99s inbox = searching for ad words, but the resource owner remains the user. I know we straighten things up in 1.3.2, but the positioning here is = confusing. Also: isn=E2=80=99t the refresh token grant a core-specified grant as = well? I know I am nitpicking. =C2=A71.3.1 We don=E2=80=99t say anywhere here that the authorization code can be = exchanged for an access token. It can be somewhat inferred from 1.2, but = it=E2=80=99s a bit of an intelligence test (one needs to infer from = authorization grant). P2 =E2=80=9Cobtains authorization=E2=80=9D could be more specific, to = reinforce that we are doing a delegated flow. =E2=80=9CObtains=E2=80=9D = seem to suggest that we are talking about consent, rather than AS side = rules. If that=E2=80=99s the case, calling it out might make the = scenario clearer. P3 Both the benefits listed apply to confidential clients only. Not sure = whether calling it out here would help prevent confusion later on (eg = people thinking that public clients can prove their identity) or would = bring confusion on now (given that we didn=E2=80=99t differentiate = between client types yet). Either ways, formally we are OK here; I am = just thinking how to make things clearer. Perhaps defining client types = before grants might help being clearer here. =20 =C2=A71.3.2 A concrete example of credential (eg shared secret) might help clarify = things here. Also, the fact that client credentials indicate both a = grant in itself and an artifact (which participates in other grants) is = a well know source of confusion. Wondering if calling this out here = might help. =20 =C2=A71.4 In general, we use =E2=80=9Caccess token=E2=80=9D and = =E2=80=9Ctoken=E2=80=9D interchangeably- perhaps pedantic, but I would = suggest we always use =E2=80=9Caccess token=E2=80=9D to prevent = confusion with refresh tokens later on, and other token types in other = contexts (eg think ID tokens). P1 The client should treat the AT string as opaque, but that = doesn=E2=80=99t necessarily means it is: in some cases the client CAN = see inside the token, and with the current language they might interpret = it as =E2=80=9Cin this case, it=E2=80=99s OK to look- otherwise they = would have made it opaque, per the spec=E2=80=9D. =20 =C2=A71.5 The first phrase of P1 is wonderfully clear. We should have the = equivalent in =C2=A71.3.1 Not having defined a mechanism for requesting a RT here, leaving it to = ASes to decide when and where, created the situation in which some AS = only issues RTs when they get the offline_access scope, with all the = unfortunate consequences about RT lifetime vs session lifetime = etc=E2=80=A6 I know we can=E2=80=99t really change this now as we = don=E2=80=99t want to break existing AS implementations, but wondering = if there=E2=80=99s anything we can say to further clarify/give readers a = headsup about the ambiguity/diversity of behaviors they=E2=80=99ll = encounter here. P2 It=E2=80=99s odd that we say =E2=80=9Cusually opaque to the = client=E2=80=9D for the RT while we decisively said opaque for the AT. = Also, the client shouln=E2=80=99t do anything w the RT content hence I = think the same considerations done for =C2=A71.4P2 apply here. =E2=80=9CThe token denotes an identifier used to retrieve the = authorization information=E2=80=9D gets into the specifics of the = implementation and it=E2=80=99s not universally true (some AS = encrypt/sign the authz info in the RT itself and have no server state = whatsoever. Step 3 Should we add a reference to RFC6750 here? =20 =C2=A71.8 Should we say rich *delegated* authorization framework? =20 =C2=A72 =E2=80=9Cend-user interaction with an HTML registration form=E2=80=9D is = oddly specific =F0=9F=98=8A in particular, I think =E2=80=9Cend = user=E2=80=9D might be misleading. We can either say = =E2=80=9Cinteractive=E2=80=9D or refer =E2=80=9Cthe client app = developer=E2=80=9D or equivalent. Overkill but I=E2=80=99ll mention it anyway. Should we say that = typically the client registration in the non-dynamic scenario occurs in = authenticated settings? Not strictly necessary but might help the reader = to tie what we say in this section with their concrete experience. =20 =C2=A72.1 P4 =E2=80=9CAuthorization servers SHOULD consider the level of confidence = in a client's identity when deciding whether they allow such a client = access to more critical functions, such as the Client Credentials grant = type.=E2=80=9D=20 I don=E2=80=99t understand this sentence. Is the client credentials = grant type a =E2=80=9Cmore critical function=E2=80=9D? Or is it a level = of confidence? Either ways, I think it needs clarifying. P5 IMPORTANT: this is going to break many OAuth implementations with = significant adoption. Auth0 is fine (each client_id is tied to a single = client type) but I know of others that will break. I suggest softening to a SHOULD NOT. =E2=80=9Cbrowser-based application=E2=80=9D I am not convinced this is so much easier than the original = =E2=80=9Cuser-agent-based=E2=80=9D. I understand the advantages = (dovetails w the BCP, more precise given that apps can be user agent as = wells nowadays, more familiar) however the break w 2.0 terminology is = jarring. I don=E2=80=99t feel very strongly about it but enough to type = it. =20 =C2=A72.2 It=E2=80=99s a bit odd to define the client identifier like it=E2=80=99s = something brand new when =C2=A72.1 already introduced it. This language = from the original 2.0 might need to be revised to accommodate that = change. Wondering whether a warning against structured client_ids (eg = identifiers assembled thru some string template, like developer = name+region+serial) would be in order. Perhaps in the security = considerations? =20 =C2=A72.3 P1 That sounds vaguely circular, given that being assigned credentials = might be considered part of the =E2=80=9Cestablish a client = authentication method=E2=80=9D task listed there. I=E2=80=99d simply say = =E2=80=9Cif the client is confidential or credentialed=E2=80=9D. P2 I=E2=80=99d add =E2=80=9Cby the authorization server=E2=80=9D for good = measure. P3 That sounds vague. Shouldn=E2=80=99t it be mandatory for the AS to = require client auth for the client types who have creds? =E2=80=9Cif = possible=E2=80=9D seem to open the possibility of circumstances where = that=E2=80=99s not he case. P5 I think that this idea of identifying the client will need to be fleshed = out more for people to fully understand it. Credentialed clients can = prove that they are the same client instance across multiple = transactions, which some might consider a weak form of identification. = To rule that out, it has to be mentioned upfront IMO. If not here, in = some of the considerations section=E2=80=A6 with a forward reference = here. P6 Do we say why anywhere? If yes, we should reference it. If not, perhaps = we should. =20 =C2=A72.3.1 We no longer mentioned the empty client secret, but we don=E2=80=99t = forbid it either. What=E2=80=99s our stance? =20 =C2=A72.3.2 In =C2=A72.3 we mention MTLS, private_key_jwt, but here we just point = the reader to IANA. It looks like echoing those methods here might help = clarity. =20 =C2=A73.1 Last paragraph I have been in discussions where readers interpreted this as = =E2=80=9Cyou cannot send custom parameters to the authorization = server=E2=80=9D. To preempt that mistake, we mighr consider calling out = that custom extensions _are_ permitted as long as the AS supports them. = I know that=E2=80=99s what the current language says already. =20 =C2=A73.1.1 Wondering if referring to some specific, well known extensions (like = OIDC) might help readers to better understand this point. =20 =C2=A73.1.2 RFC3986 6.2.1 talks about character by character comparison, but = doesn=E2=80=99t mention case sensitivity. I am sure it does elsewhere in = the spec, but for clarify and readability I recommend specifying the = desired behavior directly here. =20 =C2=A73.1.2.1 Personally, I would advocate for a MUST here. True, lots of people = won=E2=80=99t comply at development time, but I think that=E2=80=99s OK = as long as they do use TLS when going in production.=20 Also, SameSite changes are making the use of HTTPS at dev time more and = more common. If OAuth2.1 is about picking the best of the security = practices, this seems like a an obvious candidate. =20 =C2=A73.1.2.2 P3 =E2=80=9Clack of requiring=E2=80=9D doesn=E2=80=99t sound proper. =20 =C2=A73.2 P2 Should we also say that the spec doesn=E2=80=99t care about _when_ the = client obtains the endpoint? Last P Same considerations as =C2=A73.1 =20 =C2=A73.2.1 P1 That=E2=80=99s stricter than =C2=A72.3P3 =E2=80=93 I think the language = there should be tweaked to be coherent with the one here. =20 =C2=A73.3 Wondering if the =E2=80=9Cscope strings order does not matter=E2=80=9D = point should be somehow emphasized or clarified. I know of = implementations who considered heuristics such as =E2=80=9Cif the scopes = requested correspond to multiple resources, I=E2=80=99ll show consent = for all byt the token eventually issued when redeeming the code will = have as audience the resource corresponding to the FIRST requested = scope=E2=80=9D, which would violate the order invariant requirement.=20 =20 =C2=A74 Potentially VERY confusing. I would recommend to be more specific and = state that =E2=80=9COAuth 2.1 defines two grant types=E2=80=9D.=20 =20 =C2=A74.1 Diagram Not critical. But I want to point it out. The first time I saw this = diagram I found it confusing. The fact that the same numeral is assigned = to multiple legs is just odd for anyone not already familiar with the = flow, possibly still struggling to understand the client as a service = side component. Also, now that we have mighty SVG support, I would strongly advocate for = a modern version of this diagram (there lines perhaps don=E2=80=99t need = to be broken into segments). Step 5 =E2=80=9Coptionally, a refresh token=E2=80=9D is too vague IMO. I will = look for opportunities to clarify later in the spec, given that this = might not be the best place to go in details. =20 =C2=A74.1.1 Overall: a high summary of the steps in this preamble might help. The = current denormalization in subsection can be pretty hard to follow for = someone seeing this for the first time.=20 Also: creating challenge and verifier BEFORE assembling the request = seems profoundly counterintuitive to me, as it emphasizes a security = measure over the core function of this leg of the flow. Unless = there=E2=80=99s a crypto reason for this current sequencing that I = can=E2=80=99t see, I recommend first creating the core request = (what=E2=80=99s now 4.1.1.3) and then attaching challenge and verifier. = Also, sending the message can be its own subsection rathe than being = conflated with the last message composition subsection. P1 =E2=80=9Cto begin=E2=80=9D remains a bit suspended, given that = there=E2=80=99s no obvious segue on what constitutes the steps after the = beginning.=20 P2 =E2=80=9Clater use with the authorization code=E2=80=9D could be = clearer, e.g. =E2=80=9Cat authorization code redemption time=E2=80=9D. = At this point that might still not be obvious for the reader. Mentioning the provenance of properties (parameters?) code_challenge and = code_verifier without first having introduced them might confuse people = not already familiar with them and the request process in general, as = their function will not be obvious not naturally map with the preceding = sentencer. P3 Imposing a MUST before knowing what those this are yet is not as clear = as it would be if this would be stated after their use and function has = been explained. =20 =C2=A74.1.1.3 On state. Given the change vs OAuth2, I think it might be helpful to = call out the relevant section on the appendix about differences to help = people familiar w 2.0 not to miss this important change and avoid doing = work twice. =20 =C2=A74.1.2 P2 Should we say that the code should be opaque to the client, to = discourage the use of structured code templates that can be partially = manufactured? P8 =E2=80=9Che server MUST NOT include the "code_challenge" value in = client requests=E2=80=9D, was that meant to be = =E2=80=9Cresponses=E2=80=9D?=20 Qualifying =E2=80=9Cother entities=E2=80=9D (anyone but the AS?) might = make this point clearer. =20 =C2=A74.3 We mentioned extension grants in passing, but I don=E2=80=99t recall = seeing a definition/description of their function in the context of the = framework. Even a short sentence to that effect here would help, given = that the section title names them explicitly. Also, stressing that the = device flow is just one example and other extensions might differ (for = example in their logic to establish whether an access token request is = valid and authorized) would go a long way in helping the reader put this = section in better focus. =20 =C2=A75.1 On the access_token parameter. Given the discussions we had for the JWT = AT profile draft, I am wondering whether it should be called out here = that the AT recipient is the RS, that the client should not expect to be = able to parse the access_token, and that the AS is under no obligation = to use a consistent AT encoding outside of what is negotiated with the = RS. I don=E2=80=99t feel very strongly about this, or about where in the = spec this should be called out, but it sure would have made life easier = in those discussions- hence the comment. On the refresh_token parameter. The lack of details in how OAuth2 = describes how/when an AS returns refresh tokens led to today=E2=80=99s = complicated situation in which many implementations issue RTs only when = OIDC=E2=80=99s offline_access is received in the scopes, as it was the = only mention in public specs describing a concrete behavior. See the = associated online_access discussion on the OIDC list, as RTs gain = importance as session artifacts of sort for SPAs now that implicit is = dead and ITP makes iframe renewals problematic. Unfortunately it is too late to be prescriptive here, as we cannot break = compatibility with whatever choices existing AS implementations made. = However we can be more descriptive and give the reader a better idea of = what=E2=80=99s the range of possibilities. Some nonnormative examples of = how existing AS determine whether to issue an RT or not (eg as an option = determined at client registration time, or any other heuristic you guys = encountered in the wild) might help people to better understand their = options and the intent of the specification here. =20 =C2=A75.2 It might help to remind the reader here that extensions to the core spec = might specify or further specialize circumstances in which the errors = mentioned here are returned (for example, see the validation errors in = the JWT AT profile). There=E2=80=99s a mention of that in =C2=A77.3.1 = but that=E2=80=99s pretty far, and having even brief language here might = be handy for people reading the spec for reference rather than cover to = cover. =20 =C2=A76 P1 I think the risk assessment is just one of the factors an AS might use = to decide whether to issue an RT or not. The current language suggests = risk is the only determinant in that decision and that doesn=E2=80=99t = seem right. Saying that one might refresh tokens using other grants seems odd. A new = authorization code grant gets me a new token and offers me the = opportunity to describe what token I want (scopes etc), the fact that I = might choose to ask the exact same things I asked in the original = request is expediency. I would rather phrase this as the fact that the = client can simply repeat the original request, and external factors such = as cookies, sessions and other auth method specific options may allow = the client to do so without prompting the user. P2 We might need to be more precise here. Do we mean the scopes consented = by the RO in the request that led to the issuance of the RT being used? = Just saying consented by the RO for the client does not exclude cases in = which there are more instances of the client in operation. Say that I am = running uber on phone 1 and I consent to read my google calendar, = getting AT1 and RT1. Say that on phone 2 I also run the uber app, and = this time I consent to write my google calendar, obtaining AT2 and RT2 = on this new device. Now consider the various combinations here. Should = RT2 allow me to get calendar:read too, given that it was already = consented by RO for this client? Should RT1 allow me to get AT1=E2=80=99 = containing calendar:write, given that RO consented for it when using a = different instance of the same client? Whatever is the answer you want = to the questions above, I think the spec should have language clear = enough to unambiguously determine the desired behavior. =20 =C2=A76.1 It=E2=80=99s a bit confusing that half of the RT use requirements is in = =C2=A76 (the requirement to authenticate confidential/credentialed = clients) and half is in here, with the only differentiator being the = nature of the client. This is pretty minor, but I think I would = personally find clearer if all the requirements for the use of an RT = would be consolidated in a single place. It=E2=80=99s true that the = public client reqs are a SHOULD, but still. Rotation. Wondering whether it would be wise to advise the reader to have their AS = revoke all the still valid ATs issued by the AS from the same = session/family of RTs upon detection of a RT reuse. It is not uncommon = for clients to request new ATs before their projected expiration. P6 I think the =E2=80=9CMAY=E2=80=9D here might be confusing when applied = to the rotation, as in either the AS does it, or the scenario = won=E2=80=99t work. I understand this is formally correct, but perhaps = explicitly calling out some cases in which the AS might decide to do = otherwise and acknowledge that in that case the client will be stuck = might help clarify. Also, if the public client protection measures were = in =C2=A76 instead of here, there would be less opportunities for = confusion as it would be easier to grok that this doesn=E2=80=99t apply = to the rotation case only (now adjacent) but to other RT reissuance = cases as well (eg sliding expiration). On the identical scopes requirement. Say that after obtaining RT1, which = includes scopes s1 and s2 for client c1, the RO revokes authorization = for c1 to use s2. Should the AS fail the RT redemption, or return an AT = with only s1 and a scopes parameter informing the client of the change? = As developer I would prefer the latter, to preserve the experience: but = if we are adamant about the current language, I think it might be useful = to explicitly call out that any changes to the grant on the AS side = should result in failure of the RT redemption. P7 Calling out deprovisioning of RO might be useful as well. On =E2=80=9Cthe logout at the AS=E2=80=9D event, that=E2=80=99s = definitely a valid case but I worry about how presenting that alone = might reinforce misunderstandings that equate RTs with sessions. There = are certainly times where we want that (see mentions earlier of the = online_access discussions) but there are also cases where the ability of = a client to refresh ATs needs to survive session boundaries = (offline_access) and confusing the two are problematic. I don=E2=80=99t = have a clear solution here, just pointing out a potential point of = confusion. Maybe there will be more opportunities to clarify later in = the spec. =20 =C2=A77 P1 An important case to call out is the AS-RS colocation, where neither = introspection nor token format agreements are necessary. I suggest = mentioning it openly. =20 =C2=A77.2 =E2=80=9Cbearer tokens may be extended to include proof-of-possession = techniques by other specifications=E2=80=9D sounds like an oxymoron. = Wouldn=E2=80=99t PoP make the token no longer bearer by the very = definition above? It looks like we might need a term for simply =E2=80=9Ctoken=E2=80=9D. =20 =C2=A77.2.1 Do we also want to forbid two tokens in the same request, using = different methods? Current language only constraints the behavior of one = token. =20 =C2=A77.2.3 The =E2=80=9Cinsufficient_scope=E2=80=9D description here is = problematic. The privileges the AT carries/points to are not necessarily = (or exclusively) represented by the included scopes (eg the RO might = have granted document:read to the client, but RO might have no = privileges for the particular document being requested in this = particular call). It might be useful to specify that = =E2=80=9Cinvalid_scope=E2=80=9D should be used for authorization errors = that can be actually expressed in terms of delegated authorization, = leaving to RS implementers the freedom to handle other authorization = issues (eg user privileges, RBAC, etc) with a different error code. Or = at least, we should be clear that authorization logic not expressed via = scopes is out of scope (pun not intended) for this specification. Note, this isn=E2=80=99t an abstract problem: there are SDKs out there = that use =E2=80=9Cinvalid_scope=E2=80=9D for every permission issues. = Very confusing. =20 =C2=A77.3.1 We rewrite portions of 6750 in oauth2.1, but here we refer to it as its = own spec=E2=80=A6 that could be confusing as it=E2=80=99s unclear which = parts of 6750 are overridden by oauth2.1 (eg no more querystring) and = what parts remain normative. Perhaps we can call those things out in the = sections meant to replace the corresponding sections in 6750. =20 =C2=A77.4.2 Pedantic: although the title of the section states it, wondering whether = every instance of =E2=80=9Ctoken=E2=80=9D here should be =E2=80=9Caccess = token=E2=80=9D instead. Think of cases in which the spec is quoted in = discussions and disputes, where snippets can be pasted and mentioned = outside of the context of this section. P2 Referencing the JWT AT profile as an example of extension providing the = info out of scope for the core might help the reader grok a concrete = example. =20 =C2=A77.4.3.5 =E2=80=9Cone hour or less=E2=80=9D seems very arbitrary, and breaks step = in respect to what the spec does elsewhere (eg we don=E2=80=99t give any = indication of how long an AS should wait to invalidate an RT for = inactivity, but we do say the AS should do so). I would actually not = provide any reference value here. =20 =C2=A77.4.3.6 Another opportunity of referencing the JWT AT profile for a concrete = example of detailed audience restriction guidance in ATs. =20 =C2=A77.4.3.7 Besides the indications given to clients here, should we also give = guidance to an RS to ignore tokens passed that way? =20 =C2=A77.4.5 Along the same lines of the comments about delegated authorization = earlier for =C2=A77.2.3. I think it would be useful to acknowledge here = that ATs might carry, and RSs might expect, authorization information = that go beyond the delegated authorization for 3rd party API case that = is core to OAuth- and remind the reader that those mechanisms are out of = scope for oauth hence they shouldn=E2=80=99t expect those aspects to be = addressed/handled/regulated by this specification.=20 =20 =C2=A78 As mentioned earlier, it seems a potentially confusing to reference the = section of a document being superseded. I do see an issue in redefining = here something already established and in use, hence I am not expecting = this to change. Just wondering whether we need to provide a more = explicit map of the sections in 6749 that are being updated by oauth2.1. =20 =C2=A79 Should we also say something about the scenario being chiefly 3rd party = clients? We know lots of people use OAuth2 for 1st party scenarios and = some considerations might differ. This might be an opportunity to = finally make that clear. =20 =C2=A79.1 P1 Well, the AS doesn=E2=80=99t really use client auth... the active part = here is the client itself. Perhaps the AS can require it, when possible. P2 Unclear. Are we saying that if it is possible to safely distribute keys = to client, the AS MUST use client auth? That seems odd, there might be = other reasons coming into play (cost, security posture) making that = choice not viable. Or is the intent to say that the AS should not use = client auth if the key distribution cannot be trusted? That sounds far = more realistic, but then the language should be tweaked or the reader = might pick the former interpretation. P3 The AS can=E2=80=99t really PREVENT creds forwarding as the RO machine = might still have funny business going on (eg DNS attacks). Some softer = language might be more accurate there.=20 P4 That sounds very abstract. What does it mean? That the AS should = consider to issuing RTs to public clients? If that=E2=80=99s the case, = we should just say so=E2=80=A6 tho without more details, I don=E2=80=99t = know how actionable the guidance here will be. I can see BoFa requiring = a user to reauth in their iPhone app after inactivity, but I = don=E2=80=99t see Uber doing so for their app.. unless they produce long = lived ATs, which isn=E2=80=99t what we want either. P5=20 This could be clearer. The dynamic client registration case just flesh = out the confidence level an AS can have in its identity, but does not = offer a corresponding privilege level to it =E2=80=93 whereas the second = case does mention assigned privileges explicitly. Also, pitting = =E2=80=9Cdynamically registered client=E2=80=9D vs =E2=80=9Cweb = application=E2=80=9D might suggest the app type is a factor, whereas = AFAIK 7591 can be used for registering web apps too (whether that s wise = or not is immaterial here). =C2=A79.2 Should we say something about whether native clients should be allowed = to be =E2=80=9Cupgraded=E2=80=9D as confidential clients in the future, = or the other way round? I know of scenarios where people did that to = preserve consent info, but that seem sketchy security wise. P3 The SHOULD here refers to a requirement that in 10.3.1 is a MUST. I = don=E2=80=99t think the MUST is warranted (more about that in the 10.3.1 = comments) but if we do keep it, it looks like the level should be = coherent here. P4 That example is compatible with a SHOULD- works now, but would look odd = if we=E2=80=99d upgrade P3 with a MUST for coherence with 10.3.1. P5 Inclusion where/how? We should be precise IMO. If it=E2=80=99s just = registration material (eg not part of the redirect URI), we should = mention how we expect it to be used in the context of OAuth- and if we = don=E2=80=99t know, perhaps we should not mention it here.=20 =20 =C2=A79.3 P1 I know it becomes clearer later on, but I think it would help here to = explicitly call out confidential and credentialed client as the subject = of this sentence. Those are the only client types with credentials, = hence the current language is formally correct. This is just for = clarity. P2 I thought we require redirect URI registration in all cases? This makes = it sound it=E2=80=99s only for public clients. P3 I have been in various discussions where people were attempting to = interpret what =E2=80=9Cexplicit RO authentication=E2=80=9D means in = practice. Is it a full credential prompt regardless of whether one = session already exists? A selection between existing sessions, if = present? P4 This is unclear. As it currently reads it seems to prohibit things like = getting a new authz code silently via iframe (and prompt=3Dnone or = equivalent UX suppressing mechanism, please ignore the ITP complications = for the sake of argument).=20 =20 =C2=A79.3.1 P1 I don=E2=80=99t follow this sentence. The client identity cannot be = proved for public clients (see also next P), and the native apps are = public clients unless otherwise specified (eg credentialed). P2 I find this misleading. Client side measures such as claimed schemes, = domains etc might work to prevent an app impersonating another app on = the same device/OS, but they aren=E2=80=99t guaranteed to be honored on = other operating systems. The AS has no way of knowing whether those = measures have been enforced on the client, hence it should not accept = them as proof. =20 =20 =C2=A79.4.1 This is another place where a reference to the JWT AT profile would = provide a concrete example of the conditions set forth here (eg RS = guidance for audience validation). Also, as mentioned earlier, it might be useful to remind the reader that = the AS might include in the token authorization information that go = beyond the delegated authz scenario OAuth2.x concerns itself with, and = that those aspects are beyond the scope of this specification. That = would truly go a long way preventing people from abusing and = overextending the spec on scenarios it is not meant to address. And even for the canonical scenarios, it might be useful to remind the = reader that the RS might have extra logic not described in this spec = that determines whether the call will be authorized or otherwise- to = dispel the notion that the AS is always the sole source of truth for = authorization.=20 =20 =C2=A79.4.2 P2 Clarifying that MTLS is one instance of the sender constraint methods = just mentioned would prevent some readers considering that an = independent, additional constraint. =20 =C2=A79.5 In =C2=A76.1 we give more details about protection, should we have a = backward reference to that section here? P2 Is it worth to specify that it doesn=E2=80=99t matter how the AS tracks = the binding? (eg server side or embedded in the RT bits themselves). =20 =C2=A79.6 P1 This language makes the assumption that for client cred grants, the sub = will take on the client_id value. That it certainly possible, but not a = given. As such, the language here should be explicit abouty the fact = that it=E2=80=99s what we are expecting to happen in this particular = scenario. P2 Referring to the client as the actor here is confusing as soon as you = move beyond client_id. When you talk about rhe sub or any other value, = it=E2=80=99s not as much the client as it is the developer who owns the = client. The difference is subtle but might be a source of confusion. =20 =C2=A79.7 P3 I thought that we were going to make PKCE or nonce the only two = mandatory alternatives? Nothing against supporting state as an accepted = way to achieve this, just surprised as I recall people being quite = adamant about pushing PKCE. P4 Looks like the iss response parameter might make the distinct redirect = URIs unnecessary? =20 =C2=A79.7.1 The guidance in this section isn=E2=80=99t likely to be widely followed, = but I understand the rationale behind it. =20 =C2=A79.8 P2 That=E2=80=99s probably obvious, but I think we should specify that = those multiple attempts should come with the expected code verifier as = well for the revocation logic to be triggered- if it=E2=80=99s just the = code without verifier, it doesn=E2=80=99t look like the leak went far = enough to warrant that intervention. P4 If this holds, then the remark about the use of state for CSRF in = =C2=A79.7 P3 seems unnecessary. P9 The use of MUST here seems incompatible with the concession of using = nonce instead of PKCE. Either we allow it or we don=E2=80=99t=E2=80=A6 =20 =C2=A79.11 P1 Now that we no longer trade in RO passwords, should we mention them = here? Sure, if the AS uses passwords they do need protection, but so do = lots of other things the AS might use as part of auth that we = don=E2=80=99t mention here for Occam=E2=80=99s razor.=20 P3 What other means are we referring to?=20 =20 =C2=A79.12 =E2=80=9Cservice providers=E2=80=9D occurs for the first time in the = document here. Tying the guidance to entities already mentioned in the = doc (clients, AS) might make things clearer/more actionable. =20 =C2=A79.13 I understand that some of the comments in this area should be done on = the BCP rather than here, but here we are. That said=E2=80=A6 Blanket comment: this section seems to assume native app =3D=3D mobile = app, and that=E2=80=99s not strictly the case. Desktop apps have = different characteristics and desktop OSes different capabilities. Would = be clearer to make a distinction when relying on mobile OS capabilitesas = we appear to do here. P2 Embedded user-agent !=3D fake external user agent, but P2 uses that = interchangeably. A desktop app might use an embedded browser for UX = reasons and making no attempt whatsoever to disguise that as an external = agent. And I would be pretty surprised to see a malware remover get rid = of google drive for Mac, or Adobe products, or Office- all native apps = using embedded user-agents for authentication. P3 It=E2=80=99s unclear how the AS would do that, given that user agent = strings can be faked. Google has its ML based secret sauce, but that = might not be accessible by everyone. P4 This is mobile specific, doesn=E2=80=99t apply to desktop apps as = readily. Also unclear how that would change for the end user, given that = pixel perfect replicas can easily include fake address bars. More = details on how a user would detect an actual browser (presence of an = existing session, access to bookmarks etc) might add enough color to = help the reader truly understand the extent of the remedy power (or its = true limits).=20 =20 =C2=A79.14 There=E2=80=99s no action for the reader here. If that reflects the = actual situation (none of the roles described in this spec can do = anything to mitigate or contain the damage, and solutions to prevent the = situation lie outside its purview eg use MDM software on your corporate = devices) we should explicitly say so. =20 =C2=A79.15 A bit odd that we used CSRF throughout the document assuming the reader = was familiar with it, but here we attempt a definition.=20 Still confused on how we admit state as a valid mechanism, as opposed to = limiting to nonce and PKCE. Also note the potential discrepancy called = out earlier in which at code redemption time we appear to require PKCE, = in contrast to admitting nonce/state here. =20 =C2=A79.18.2 Wondering if here we should go as far as recommending the AS keeps = dynamic client registration OFF when it=E2=80=99s not needed. That might = provide good secure by default guidance for AS SDKs and product = developers. =20 =C2=A79.19 I assume we=E2=80=99d add the =E2=80=9Ciss=E2=80=9D response parameter = as alternative to the requirements here? =20 =C2=A79.20 P1, P2, P3 The security properties described here do not apply as is to desktop = apps using embedded browsers. As mentioned earlier, on the desktop the separation between apps = isn=E2=80=99t as stark as on mobile- the keystrokes message pump is = potentially accessible at the user session level, encompassing multiple = applications. Although process separation mechanisms are in place, the = circumstances of the execution and the OS specific features in this = respect determine the degree to which entering credentials in one = process makes the data inaccessible by another. We should not claim = advantages we cannot guarantee, and we should be explicit about what = measures specific to dekstops should be considered to mitigate risks eg = not executing apps as admins, enable and use UAC at the right level on = Windows or equivalent on other OSes, use app sandboxing when the OS = supports it, etc. Not suggesting we call out specific technologies like = UAC, but at least point at the category of security measures. P4 As mentioned above, the presence of the address bar can be easily faked = by pixel perfect replicas- relying on those is security theater. P5 This is a valid concern, but if we want to frame it in the context of = the security considerations section we need to add more color (eg = minimizing the situations in which one needs to enter creds is good = security practice). =20 Another thing we might add as lowlight for embedded browsers: password = managers might not work, making the user=E2=80=99s life difficult and = possibly promoting insecure situations (eg placing a random pwd in the = clipboard, where other apps might later steal it from). =C2=A79.21 Do we need this here, given that we cover this in depth earlier? =20 =C2=A710 I find this subdivision confusing. We have native clients considerations = scattered throughout the entire specification, but now we have a = dedicated section that somewhat repeats some of the points already made = while interleaving new ones. Perhaps having a more specific section = title, one that better characterizes the content and intent of this = section, would avoid giving the impression that if the reader is = interested in native clients, this is the only section they need to = read. P2 See discussion so far on native vs desktop. Also: I have been in ferocious discussions where people thought the = external user agent HAD to be the browser, which we know isn=E2=80=99t = the case (hero apps like the FB SDK or OS features like sign in w Apple = work just as well). Some language here giving a nod to those non-browser = external user agents might help clarify. P4 See previous discussion on mobile!=3Ddesktop. P5 I=E2=80=99d always qualify the =E2=80=9Cbrowser=E2=80=9D with system, = external, device etc given that some reader calls the embedded = user-agent =E2=80=9Cembedded browser=E2=80=9D, hence just saying = =E2=80=9Cbrowser=E2=80=9D without modifiers is ambiguous. User authentication state.. on the device. I think specifying it will = clarify what this really means. =20 =C2=A710.1 Unless you scope this statement to MOBILE apps, I think the MUST here = should be a SHOULD.=20 The security posture of the desktop is different enough, and the quality = of the user experience when using a system browser bad and disomogeneous = enough, that a MUST isn=E2=80=99t justified here. =20 =C2=A710.2 Beware of the native-mobile false equivalence here. P3 One or two examples of non-browser external user agents might help. P4 Text pasted here is technically not a best practice but core. I see there are examples here, so no need to add them in P3. It=E2=80=99s unclear why the external browser is RECOMMENDED here- if = it=E2=80=99s because we can=E2=80=99t go in details of the behavior of = non browser apps, it seems like we should say that much rather than = making a recommendation. In other words, RECOMMENDED expresses a strong = preference for it, but if I am on iOS and I want to sign in with = Facebook I am actually better off using their SDK both for security and = user experience reasons than to use the system browser. =20 =C2=A710.3 Requesting a MUST for all 3 methods seems restrictive=E2=80=A6 why not = requesting at least one? =20 =C2=A710.3.1 P3 This seems unnecessarily restrictive. 3.8 in 7595 is mostly SHOULDs, and = it refers to organizations rather than individuals. Not every developer = owns a domain, not every app goes on an app store and is meant for = general public consumption. An organization sideloading apps on managed = devices should not be forced to follow those constraints if they control = the environment and aren=E2=80=99t worried about other apps competing = for the same schema, but placing a MUST here might compel SDK developers = to embed validation checks that would make developers on those = circumstances deal with complexity without any security upside. In fact, = apps should not even be required to have internet access in the general = case but this requirement does impose that.=20 I think this is an important best practice that should be encouraged, = RECOMMENDED or even SHOULDed , but it shouldn=E2=80=99t be a MUST in the = core specification. =20 =C2=A710.3.2 P4 Like everything happening on the client, the AS cannot really take that = as guarantee. What might be true for an app running on iOS might not = apply if the requests are all manufactured via cURL on a Linux box. The = scope of those measures is really limited to one particular device or = devices sharing an OS, outside of that cohort there are no guarantees. =20 =C2=A710.3.3 This section should come with glaring warnings, anything actively = listening on the client extends the attack surface- an app listening on = the loopback might now get affected by exploits in the local HTTP = driver/local network stack and taken over, executing with the same = privileges as the user (remember = https://www.rapid7.com/db/vulnerabilities/WINDOWS-HOTFIX-MS15-034/ = ). The fact that the loopback is only = accessible locally only reduces the risk but doesn=E2=80=99t eliminate = it, a local process with lower privileges might use that exploit for = elevation of privileges for example. We should at least recommend that = the app hosting the loopback adapter runs with low privileges, reiterate = the =E2=80=9Clisten only when you must=E2=80=9D and generally warn about = the extra attack surface. As AS I might not want to support this method at all, both for security = reasons and for the extra logic the wildcard port entails at = registration and request serving times, but right now the spec forces me = to- more reasons for relaxing the MUST for all 3 methods as mentioned = earlier.. =20 =C2=A712 I am not exactly sure where to place the following- this section (or a = subsection) might be the best fit. As mentioned during the interim meeting, the omission of the implicit = flow in OAuth2.1 has already caused a lot of people to interpret this as = an indirect deprecation of the use of implicit flow by OpenID Connect = for obtaining ID_tokens, either via traditional response_modes or via = form_post. We already debated and concluded that the reasons that led to the = omission of the implicit grant in 2.1 do not apply to ID_tokens, hence = there=E2=80=99s no reason for people to stop using OpenID Connect that = way.=20 Formally we are in the clear, as OIDC is vased on 2.0 the omission of = implicit here does not prevent it as extension grant in OIDC anyway- but = the formal stance doesn=E2=80=99t help in preventing the confusion and = assuaging the concerns of the developers who aren=E2=80=99t as well = versed as the people on this list in all things specifications. Because of this, I recommend we add some language here that prevents = that confusion. Something like=20 =20 * The Implicit grant ("response_type=3Dtoken") is omitted from this specification as per Section 2.1.2 = of[I-D.ietf-oauth-security-topics = ] Please note: the omission of the implicit grant from this specification = does not automatically imply that other extension grants obtaining = credentials directly from the authorization endpoint should also be = discarded. For example, the implicit flow defined in Section 3.2 of = [OIDC = ] remains valid for all the = response_type values not including =E2=80=9Ctoken=E2=80=9D.=20 =20 Although it might be a bit unusual to refer to details of specs from = other entities, this spec already mentions OpenID 9 times even excluding = =C2=A714.2- and as soon as the browser apps section will be included, = that number is certain to rise. And the confusion on this point is truly = widespread- adding language along the lines of the above directly in the = core would go a long way to save a lot of grief. =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 ------=_NextPart_000_04E7_01D6D1FC.39933200 Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: quoted-printable

    Thank you, I am so glad you = think so!

     

    I hear you on the id_token abuse. That would be easily = solved by appending a =E2=80=9Cprovided that the resulting id_token is = not abused by using it as access token=E2=80=9D, in fact that would = explicitly address one of the most common abuses we witness in this = space by finally providing explicit language on the matter. I had = frequent clashes with the Kubernetes crowd about it, and they required = nuanced arguments, making them grok the concept of audience etc etc- all = stuff that could have been avoided by having straightforward language = along the lines of the above. We could argue whether that language = belongs to the OIDC spec more than the OAuth2.1: my position is that we = should take this opportunity to bring extra clarity, nothing prevents = repeating that if the OIDC people will do their own updates in the = future.

    I also hear you on the open = endorsement, however I suspect that just saying what you suggest without = mentioning OIDC at all will not solve the problem of people thinking = this deprecates those OIDC flows, too. Perhaps a compromise would make = it explicit that the security considerations that led to the omission of = implicit for the token response type in oauth2.1 do not apply to those = flows in OIDC, provided that the id_token is not used as access token. = So non an endorsement, but an explicit scoping statement 😊 would = that sound more balanced?

     

    From: Torsten Lodderstedt = <torsten@lodderstedt.net>
    Sent: Saturday, December 12, = 2020 4:20 AM
    To: Dick Hardt = <dick.hardt@gmail.com>
    Cc: Vittorio Bertocci = <vittorio.bertocci@auth0.com>; oauth@ietf.org; Aaron Parecki = <aaron@parecki.com>
    Subject: Re: Detailed review of = OAuth2.1

     

    Thanks = as lot Vittorio! You gave us a lot of homework but I think the draft = will be improved a lot based on it.

     

    Re OIDC implicit: I=E2=80=98m reluctant to explicitly = endorse use of OIDC implicit (response type =E2=80=9Eid_token=E2=80=9C = or =E2=80=9Ecode id_token=E2=80=9C) as there are examples in the wild = where the id_token is used as access token. Moreover, I=E2=80=98m not = aware of any systematic security threat analysis of those = flows.

     

    I=E2=80=98m fine with pointing out to readers that = omission of response type =E2=80=9Etoken=E2=80=9C does not deprecate = other extension response types.

     

    WDYT?



    Am 09.12.2020 um 01:55 schrieb Dick Hardt = <dick.hardt@gmail.com>:

    =EF=BB=BF

    Thank you very much for your detailed feedback = Vittorio!

    =E1= =90=A7

     

    On = Tue, Dec 8, 2020 at 3:22 PM <vittorio.bertocci@auth0.com> wrote:

    Dear = authors,

    It took = ages but I finally managed to go thru a full review of the current = OAuth2.1 draft. Apologies for the delay.

    Metacomments= :

    Thanks,=

    V=

     <= /o:p>

    =C2=A71=

    I wonder = whether we should take the opportunity offered by OAuth2.1 to clarify = frequent points of confusion about OAuth, by explicitly calling out in = the introduction what is out of scope.

    For = example: OAuth is not an identity protocol, as it doesn=E2=80=99t = concern itself with how resource owners are authenticated; OAuth = isn=E2=80=99t meant to address 1st party scenarios, although = the reader is free to use it in that context as well; and so = on.

    I believe = there is value in adding this in the introduction rather than relegating = it in some later considerations section, as the people who need this = information the most rarely read past this point.

     <= /o:p>

    =C2=A71.1

    In the RS = definition, wondering whether including the word =E2=80=9CAPI=E2=80=9D = would help to clarify what an RS is in practice.

     <= /o:p>

    =C2=A71.2

    I always = found this part extraordinarily difficult to decipher. I get that this = is the first description and doesn=E2=80=99t have to be exhaustive and = consider all cases (eg it=E2=80=99s ok if step 3 claims that the client = authenticates w the AS even tho that=E2=80=99s only for confidential = clients), but I think it could be much clearer than it is = today.

    Step 1 = says

    The = client requests authorization from the resource owner.  The = authorization request can be made directly to the resource owner (as = shown), or preferably indirectly via the authorization server as an = intermediary.

    Besides the = fact that =E2=80=9Crequests authorization=E2=80=9D is a bit vague, this = step and the corresponding diagram leg does not correspond at all to = what normally happens- to get a code, the client does need to hit the AS = and the mention in passing in the text isn=E2=80=99t enough to figure = that out. Also, with the omission of ROPG there really isn=E2=80=99t any = way of asking anything to the RO directly (the client creds = doesn=E2=80=99t involve the RO).

    I would = recommend updating that diagram to be more descriptive of the canonical = scenario.

    Step = 2

    mentions = the 2 grants defined in the spec, but only one of them represents the = RO=E2=80=99s authorization. Claiming that the client itself is the RO is = a formalism that doesn=E2=80=99t meet the reader=E2=80=99s intuition at = this point.

    Step 5 =

    The = language here triggered multiple discussions, in particular on whether = the AT can actually be used to ascertain the identity of the client = =E2=80=93 that isn=E2=80=99t the case for public clients, for example; = besides, that=E2=80=99s not really the highest order bit of the AT. If = it is, it seems that the spec should be more explicit about how client = identification from the RS by means of an AT works. If it isn=E2=80=99t, = perhaps we should change the language to omit = authenticate.

    The last = paragraph is emblematic IMO =E2=80=93 if the preferred method is very = different from the diagram here, and if the abstraction presented here = is not terribly useful (given that we no longer have multiple RO based = grants, excluding the extension grants that are still too far at this = point to warrant a cognitive downpayment for the reader) I wonder = whether we=E2=80=99d be better off doing the authz code diagram directly = (and mention that we also have the client creds grant = separately).

     <= /o:p>

    =C2=A71.3

    I = understand that we can=E2=80=99t really change this because we inherit = from OAuth 2 but I=E2=80=99ll mention it anyway- modeling clients as ROs = is problematic, as it doesn=E2=80=99t often match what happens in = practice. A confidential client might batch-read a user=E2=80=99s inbox = searching for ad words, but the resource owner remains the = user.

    I know we = straighten things up in 1.3.2, but the positioning here is = confusing.

    Also: = isn=E2=80=99t the refresh token grant a core-specified grant as well? I = know I am nitpicking.

    =C2=A71.3.1<= o:p>

    We = don=E2=80=99t say anywhere here that the authorization code can be = exchanged for an access token. It can be somewhat inferred from 1.2, but = it=E2=80=99s a bit of an intelligence test (one needs to infer from = authorization grant).

    P2

    =E2=80=9Cobt= ains authorization=E2=80=9D could be more specific, to reinforce that we = are doing a delegated flow. =E2=80=9CObtains=E2=80=9D seem to suggest = that we are talking about consent, rather than AS side rules. If = that=E2=80=99s the case, calling it out might make the scenario = clearer.

    P3

    Both the = benefits listed apply to confidential clients only. Not sure whether = calling it out here would help prevent confusion later on (eg people = thinking that public clients can prove their identity) or would bring = confusion on now (given that we didn=E2=80=99t differentiate between = client types yet). Either ways, formally we are OK here; I am just = thinking how to make things clearer. Perhaps defining client types = before grants might help being clearer here.

     <= /o:p>

    =C2=A71.3.2<= o:p>

    A concrete = example of credential (eg shared secret) might help clarify things here. = Also, the fact that client credentials indicate both a grant in itself = and an artifact (which participates in other grants) is a well know = source of confusion. Wondering if calling this out here might = help.

     <= /o:p>

    =C2=A71.4

    In general, = we use =E2=80=9Caccess token=E2=80=9D and =E2=80=9Ctoken=E2=80=9D = interchangeably- perhaps pedantic, but I would suggest we always use = =E2=80=9Caccess token=E2=80=9D to prevent confusion with refresh tokens = later on, and other token types in other contexts (eg think ID = tokens).

    P1

    The client = should treat the AT string as opaque, but that doesn=E2=80=99t = necessarily means it is: in some cases the client CAN see inside the = token, and with the current language they might interpret it as = =E2=80=9Cin this case, it=E2=80=99s OK to look- otherwise they would = have made it opaque, per the spec=E2=80=9D.

     <= /o:p>

    =C2=A71.5

    The first = phrase of P1 is wonderfully clear. We should have the equivalent in = =C2=A71.3.1

    Not having = defined a mechanism for requesting a RT here, leaving it to ASes to = decide when and where, created the situation in which some AS only = issues RTs when they get the offline_access scope, with all the = unfortunate consequences about RT lifetime vs session lifetime = etc=E2=80=A6 I know we can=E2=80=99t really change this now as we = don=E2=80=99t want to break existing AS implementations, but wondering = if there=E2=80=99s anything we can say to further clarify/give readers a = headsup about the ambiguity/diversity of behaviors they=E2=80=99ll = encounter here.

    P2

    It=E2=80=99s= odd that we say =E2=80=9Cusually opaque to the client=E2=80=9D  = for the RT while we decisively said opaque for the AT. Also, the client = shouln=E2=80=99t do anything w the RT content hence I think the same = considerations done for =C2=A71.4P2 apply here.

    =E2=80=9CThe token denotes an identifier used to retrieve =
the authorization information=E2=80=9D gets into =
the specifics of the implementation and it=E2=80=99s not universally =
true (some AS encrypt/sign the authz info in the RT itself and have no =
server state whatsoever.

    Step = 3

    Should we = add a reference to RFC6750 here?

     <= /o:p>

    =C2=A71.8

    Should we = say rich *delegated* authorization framework?

     <= /o:p>

    =C2=A72= 

    =E2=80=9Cend-user interaction with an HTML registration =
form=E2=80=9D =
is oddly =
specific 😊 in =
particular, I think =E2=80=9Cend user=E2=80=9D might be misleading. We =
can either say =E2=80=9Cinteractive=E2=80=9D or refer =E2=80=9Cthe =
client app developer=E2=80=9D or =
equivalent.
    Overkill but =
I=E2=80=99ll mention it anyway. Should we say that typically the client =
registration in the non-dynamic scenario occurs in authenticated =
settings? Not strictly necessary but might help the reader to tie what =
we say in this section with their concrete =
experience.
     =

    =C2=A72.1
    P4
    =E2=80=9CAuthorization servers SHOULD consider the =
level of confidence in a client's identity when deciding whether they =
allow such a client access to more critical functions, such as the =
Client Credentials grant type.=E2=80=9D =

    I =
don=E2=80=99t understand this sentence. Is the client credentials grant =
type a =E2=80=9Cmore critical function=E2=80=9D? Or is it a level of =
confidence? Either ways, I think it needs =
clarifying.
    P5
    IMPORTANT: =
this is going to break many OAuth implementations with significant =
adoption. Auth0 is fine (each client_id is tied to a single client type) =
but I know of others that will break.
    I suggest =
softening to a SHOULD NOT.
    =E2=80=9Cbrow=
ser-based application=E2=80=9D
    I am not =
convinced this is so much easier than the original =
=E2=80=9Cuser-agent-based=E2=80=9D. I understand the advantages =
(dovetails w the BCP, more precise given that apps can be user agent as =
wells nowadays, more familiar) however the break w 2.0 terminology is =
jarring. I don=E2=80=99t feel very strongly about it but enough to type =
it.
     =

    =C2=A72.2
    It=E2=80=99s =
a bit odd to define the client identifier like it=E2=80=99s something =
brand new when =C2=A72.1 already introduced it. This language from the =
original 2.0 might need to be revised to accommodate that =
change.
    Wondering =
whether a warning against structured client_ids (eg identifiers =
assembled thru some string template, like developer name+region+serial) =
would be in order. Perhaps in the security =
considerations?
     =

    =C2=A72.3
    P1
    That sounds =
vaguely circular, given that being assigned credentials might be =
considered part of the =E2=80=9Cestablish a client authentication =
method=E2=80=9D task listed there. I=E2=80=99d simply say =E2=80=9Cif =
the client is confidential or =
credentialed=E2=80=9D.
    P2
    I=E2=80=99d =
add =E2=80=9Cby the authorization server=E2=80=9D for good =
measure.
    P3
    That sounds =
vague. Shouldn=E2=80=99t it be mandatory for the AS to require client =
auth for the client types who have creds? =E2=80=9Cif possible=E2=80=9D =
seem to open the possibility of circumstances where that=E2=80=99s not =
he case.
    P5
    I think that =
this idea of identifying the client will need to be fleshed out more for =
people to fully understand it. Credentialed clients can prove that they =
are the same client instance across multiple transactions, which some =
might consider a weak form of identification. To rule that out, it has =
to be mentioned upfront IMO. If not here, in some of the considerations =
section=E2=80=A6 with a forward reference =
here.
    P6
    Do we say =
why anywhere? If yes, we should reference it. If not, perhaps we =
should.
     =

    =C2=A72.3.1
    We no longer =
mentioned the empty client secret, but we don=E2=80=99t forbid it =
either. What=E2=80=99s our stance?
     =

    =C2=A72.3.2
    In =C2=A72.3 =
we mention MTLS, private_key_jwt, but here we just point the reader to =
IANA. It looks like echoing those methods here might help =
clarity.
     =

    =C2=A73.1
    Last =
paragraph
    I have been =
in discussions where readers interpreted this as =E2=80=9Cyou cannot =
send custom parameters to the authorization server=E2=80=9D. To preempt =
that mistake, we mighr consider calling out that custom extensions _are_ =
permitted as long as the AS supports them. I know that=E2=80=99s what =
the current language says already.
     =

    =C2=A73.1.1
    Wondering if =
referring to some specific, well known extensions (like OIDC) might help =
readers to better understand this =
point.
     =

    =C2=A73.1.2
    RFC3986 =
6.2.1 talks about character by character comparison, but doesn=E2=80=99t =
mention case sensitivity. I am sure it does elsewhere in the spec, but =
for clarify and readability I recommend specifying the desired behavior =
directly here.
     =

    =C2=A73.1.2.1=

    Personally, =
I would advocate for a MUST here. True, lots of people won=E2=80=99t =
comply at development time, but I think that=E2=80=99s OK as long as =
they do use TLS when going in production. =

    Also, =
SameSite changes are making the use of HTTPS at dev time more and more =
common. If OAuth2.1 is about picking the best of the security practices, =
this seems like a an obvious =
candidate.
     =

    =C2=A73.1.2.2=

    P3
    =E2=80=9Clack=
 of requiring=E2=80=9D doesn=E2=80=99t sound =
proper.
     =

    =C2=A73.2
    P2
    Should we =
also say that the spec doesn=E2=80=99t care about _when_ the client =
obtains the endpoint?
    Last =
P
    Same =
considerations as =C2=A73.1
     =

    =C2=A73.2.1
    P1
    That=E2=80=99=
s stricter than =C2=A72.3P3 =E2=80=93 I think the language there should =
be tweaked to be coherent with the one =
here.
     =

    =C2=A73.3
    Wondering if =
the =E2=80=9Cscope strings order does not matter=E2=80=9D point should =
be somehow emphasized or clarified. I know of implementations who =
considered heuristics such as =E2=80=9Cif the scopes requested =
correspond to multiple resources, I=E2=80=99ll show consent for all byt =
the token eventually issued when redeeming the code will have as =
audience the resource corresponding to the FIRST requested =
scope=E2=80=9D, which would violate the order invariant requirement. =

     =

    =C2=A74
    Potentially =
VERY confusing. I would recommend to be more specific and state that =
=E2=80=9COAuth 2.1 defines two grant types=E2=80=9D. =

     =

    =C2=A74.1
    Diagram
    Not =
critical. But I want to point it out. The first time I saw this diagram =
I found it confusing. The fact that the same numeral is assigned to =
multiple legs is just odd for anyone not already familiar with the flow, =
possibly still struggling to understand the client as a service side =
component.
    Also, now =
that we have mighty SVG support, I would strongly advocate for a modern =
version of this diagram (there lines perhaps don=E2=80=99t need to be =
broken into segments).
    Step =
5
    =E2=80=9Copti=
onally, a refresh token=E2=80=9D is too vague IMO. I will look for =
opportunities to clarify later in the spec, given that this might not be =
the best place to go in details.
     =

    =C2=A74.1.1
    Overall: a =
high summary of the steps in this preamble might help. The current =
denormalization in subsection can be pretty hard to follow for someone =
seeing this for the first time. 
    Also: =
creating challenge and verifier BEFORE assembling the request seems =
profoundly counterintuitive to me, as it emphasizes a security measure =
over the core function of this leg of the flow. Unless there=E2=80=99s a =
crypto reason for this current sequencing that I can=E2=80=99t see, I =
recommend first creating the core request (what=E2=80=99s now 4.1.1.3) =
and then attaching challenge and verifier. Also, sending the message can =
be its own subsection rathe than being conflated with the last message =
composition subsection.
    P1
    =E2=80=9Cto =
begin=E2=80=9D remains a bit suspended, given that there=E2=80=99s no =
obvious segue on what constitutes the steps after the beginning. =

    P2
    =E2=80=9Clate=
r use with the authorization code=E2=80=9D could be clearer, e.g. =
=E2=80=9Cat authorization code redemption time=E2=80=9D. At this point =
that might still not be obvious for the =
reader.
    Mentioning =
the provenance of properties (parameters?) code_challenge and =
code_verifier without first having introduced them might confuse people =
not already familiar with them and the request process in general, as =
their function will not be obvious not naturally map with the preceding =
sentencer.
    P3
    Imposing a =
MUST before knowing what those this are yet is not as clear as it would =
be if this would be stated after their use and function has been =
explained.
     =

    =C2=A74.1.1.3=

    On state. =
Given the change vs OAuth2, I think it might be helpful to call out the =
relevant section on the appendix about differences to help people =
familiar w 2.0 not to miss this important change and avoid doing work =
twice.
     =

    =C2=A74.1.2
    P2
    Should we =
say that the code should be opaque to the client, to discourage the use =
of structured code templates that can be partially =
manufactured?
    P8
    =E2=80=9Che =
server MUST NOT  include the "code_challenge" value in =
client requests=E2=80=9D, was that meant to be =
=E2=80=9Cresponses=E2=80=9D? 
    Qualifying =
=E2=80=9Cother entities=E2=80=9D (anyone but the AS?) might make this =
point clearer.
     =

    =C2=A74.3
    We mentioned =
extension grants in passing, but I don=E2=80=99t recall seeing a =
definition/description of their function in the context of the =
framework. Even a short sentence to that effect here would help, given =
that the section title names them explicitly. Also, stressing that the =
device flow is just one example and other extensions might differ (for =
example in their logic to establish whether an access token request is =
valid and authorized) would go a long way in helping the reader put this =
section in better focus.
     =

    =C2=A75.1
    On the =
access_token parameter. Given the discussions we had for the JWT AT =
profile draft, I am wondering whether it should be called out here that =
the AT recipient is the RS, that the client should not expect to be able =
to parse the access_token, and that the AS is under no obligation to use =
a consistent AT encoding outside of what is negotiated with the RS. I =
don=E2=80=99t feel very strongly about this, or about where in the spec =
this should be called out, but it sure would have made life easier in =
those discussions- hence the comment.
    On the =
refresh_token parameter. The lack of details in how OAuth2 describes =
how/when an AS returns refresh tokens led to today=E2=80=99s complicated =
situation in which many implementations issue RTs only when =
OIDC=E2=80=99s offline_access is received in the scopes, as it was the =
only mention in public specs describing a concrete behavior. See the =
associated online_access discussion on the OIDC list, as RTs gain =
importance as session artifacts of sort for SPAs now that implicit is =
dead and ITP makes iframe renewals =
problematic.
    Unfortunately=
 it is too late to be prescriptive here, as we cannot break =
compatibility with whatever choices existing AS implementations made. =
However we can be more descriptive and give the reader a better idea of =
what=E2=80=99s the range of possibilities. Some nonnormative examples of =
how existing AS determine whether to issue an RT or not (eg as an option =
determined at client registration time, or any other heuristic you guys =
encountered in the wild) might help people to better understand their =
options and the intent of the specification =
here.
     =

    =C2=A75.2
    It might =
help to remind the reader here that extensions to the core spec might =
specify or further specialize circumstances in which the errors =
mentioned here are returned (for example, see the validation errors in =
the JWT AT profile). There=E2=80=99s a mention of that in =C2=A77.3.1 =
but that=E2=80=99s pretty far, and having even brief language here might =
be handy for people reading the spec for reference rather than cover to =
cover.
     =

    =C2=A76
    P1
    I think the =
risk assessment is just one of the factors an AS might use to decide =
whether to issue an RT or not. The current language suggests risk is the =
only determinant in that decision and that doesn=E2=80=99t seem =
right.
    Saying that =
one might refresh tokens using other grants seems odd. A new =
authorization code grant gets me a new token and offers me the =
opportunity to describe what token I want (scopes etc), the fact that I =
might choose to ask the exact same things I asked in the original =
request is expediency. I would rather phrase this as the fact that the =
client can simply repeat the original request, and external factors such =
as cookies, sessions and other auth method specific options may allow =
the client to do so without prompting the =
user.
    P2
    We might =
need to be more precise here. Do we mean the scopes consented by the RO =
in the request that led to the issuance of the RT being used? Just =
saying consented by the RO for the client does not exclude cases in =
which there are more instances of the client in operation. Say that I am =
running uber on phone 1 and I consent to read my google calendar, =
getting AT1 and RT1. Say that on phone 2 I also run the uber app, and =
this time I consent to write my google calendar, obtaining AT2 and RT2 =
on this new device. Now consider the various combinations here. Should =
RT2 allow me to get calendar:read too, given that it was already =
consented by RO for this client? Should RT1 allow me to get AT1=E2=80=99 =
containing calendar:write, given that RO consented for it when using a =
different instance of the same client? Whatever is the answer you want =
to the questions above, I think the spec should have language clear =
enough to unambiguously determine the desired =
behavior.
     =

    =C2=A76.1
    It=E2=80=99s =
a bit confusing that half of the RT use requirements is in =C2=A76 (the =
requirement to authenticate confidential/credentialed clients) and half =
is in here, with the only differentiator being the nature of the client. =
This is pretty minor, but I think I would personally find clearer if all =
the requirements for the use of an RT would be consolidated in a single =
place. It=E2=80=99s true that the public client reqs are a SHOULD, but =
still.
    Rotation.
    Wondering =
whether it would be wise to advise the reader to have their AS revoke =
all the still valid ATs issued by the AS from the same session/family of =
RTs upon detection of a RT reuse. It is not uncommon for clients to =
request new ATs before their projected =
expiration.
    P6
    I think the =
=E2=80=9CMAY=E2=80=9D here might be confusing when applied to the =
rotation, as in either the AS does it, or the scenario won=E2=80=99t =
work. I understand this is formally correct, but perhaps explicitly =
calling out some cases in which the AS might decide to do otherwise and =
acknowledge that in that case the client will be stuck might help =
clarify. Also, if the public client protection measures were in =C2=A76 =
instead of here, there would be less opportunities for confusion as it =
would be easier to grok that this doesn=E2=80=99t apply to the rotation =
case only (now adjacent) but to other RT reissuance cases as well (eg =
sliding expiration).
    On the =
identical scopes requirement. Say that after obtaining RT1, which =
includes scopes s1 and s2 for client c1, the RO revokes authorization =
for c1 to use s2. Should the AS fail the RT redemption, or return an AT =
with only s1 and a scopes parameter informing the client of the change? =
As developer I would prefer the latter, to preserve the experience: but =
if we are adamant about the current language, I think it might be useful =
to explicitly call out that any changes to the grant on the AS side =
should result in failure of the RT =
redemption.
    P7
    Calling out =
deprovisioning of RO might be useful as =
well.
    On =
=E2=80=9Cthe logout at the AS=E2=80=9D event, that=E2=80=99s definitely =
a valid case but I worry about how presenting that alone might reinforce =
misunderstandings that equate RTs with sessions. There are certainly =
times where we want that (see mentions earlier of the online_access =
discussions) but there are also cases where the ability of a client to =
refresh ATs needs to survive session boundaries (offline_access) and =
confusing the two are problematic. I don=E2=80=99t have a clear solution =
here, just pointing out a potential point of confusion. Maybe there will =
be more opportunities to clarify later in the =
spec.
     =

    =C2=A77
    P1
    An important =
case to call out is the AS-RS colocation, where neither introspection =
nor token format agreements are necessary. I suggest mentioning it =
openly.
     =

    =C2=A77.2
    =E2=80=9Cbear=
er tokens may be extended to include proof-of-possession  =
techniques by other specifications=E2=80=9D sounds like an oxymoron. =
Wouldn=E2=80=99t PoP make the token no longer bearer by the very =
definition above?
    It looks =
like we might need a term for simply =
=E2=80=9Ctoken=E2=80=9D.
     =

    =C2=A77.2.1
    Do we also =
want to forbid two tokens in the same request, using different methods? =
Current language only constraints the behavior of one =
token.
     =

    =C2=A77.2.3
    The =
=E2=80=9Cinsufficient_scope=E2=80=9D description here is problematic. =
The privileges the AT carries/points to are not necessarily (or =
exclusively) represented by the included scopes (eg the RO might have =
granted document:read to the client, but RO might have no privileges for =
the particular document being requested in this particular call). It =
might be useful to specify that =E2=80=9Cinvalid_scope=E2=80=9D should =
be used for authorization errors that can be actually expressed in terms =
of delegated authorization, leaving to RS implementers the freedom to =
handle other authorization issues (eg user privileges, RBAC, etc) with a =
different error code. Or at least, we should be clear that authorization =
logic not expressed via scopes is out of scope (pun not intended) for =
this specification.
    Note, this =
isn=E2=80=99t an abstract problem: there are SDKs out there that use =
=E2=80=9Cinvalid_scope=E2=80=9D for every permission issues. Very =
confusing.
     =

    =C2=A77.3.1
    We rewrite =
portions of 6750 in oauth2.1, but here we refer to it as its own =
spec=E2=80=A6 that could be confusing as it=E2=80=99s unclear which =
parts of 6750 are overridden by oauth2.1 (eg no more querystring) and =
what parts remain normative. Perhaps we can call those things out in the =
sections meant to replace the corresponding sections in =
6750.
     =

    =C2=A77.4.2
    Pedantic: =
although the title of the section states it, wondering whether every =
instance of =E2=80=9Ctoken=E2=80=9D here should be =E2=80=9Caccess =
token=E2=80=9D instead. Think of cases in which the spec is quoted in =
discussions and disputes, where snippets can be pasted and mentioned =
outside of the context of this =
section.
    P2
    Referencing =
the JWT AT profile as an example of extension providing the info out of =
scope for the core might help the reader grok a concrete =
example.
     =

    =C2=A77.4.3.5=

    =E2=80=9Cone =
hour or less=E2=80=9D seems very arbitrary, and breaks step in respect =
to what the spec does elsewhere (eg we don=E2=80=99t give any indication =
of how long an AS should wait to invalidate an RT for inactivity, but we =
do say the AS should do so). I would actually not provide any reference =
value here.
     =

    =C2=A77.4.3.6=

    Another =
opportunity of referencing the JWT AT profile for a concrete example of =
detailed audience restriction guidance in =
ATs.
     =

    =C2=A77.4.3.7=

    Besides the =
indications given to clients here, should we also give guidance to an RS =
to ignore tokens passed that way?
     =

    =C2=A77.4.5
    Along the =
same lines of the comments about delegated authorization earlier for =
=C2=A77.2.3. I think it would be useful to acknowledge here that ATs =
might carry, and RSs might expect, authorization information that go =
beyond the delegated authorization for 3rd party API case =
that is core to OAuth- and remind the reader that those mechanisms are =
out of scope for oauth hence they shouldn=E2=80=99t expect those aspects =
to be addressed/handled/regulated by this specification. =

     =

    =C2=A78
    As mentioned =
earlier, it seems a potentially confusing to reference the section of a =
document being superseded. I do see an issue in redefining here =
something already established and in use, hence I am not expecting this =
to change. Just wondering whether we need to provide a more explicit map =
of the sections in 6749 that are being updated by =
oauth2.1.
     =

    =C2=A79
    Should we =
also say something about the scenario being chiefly 3rd party =
clients? We know lots of people use OAuth2 for 1st party =
scenarios and some considerations might differ. This might be an =
opportunity to finally make that =
clear.
     =

    =C2=A79.1
    P1
    Well, the AS =
doesn=E2=80=99t really use client auth... the active part here is the =
client itself. Perhaps the AS can require it, when =
possible.
    P2
    Unclear. Are =
we saying that if it is possible to safely distribute keys to client, =
the AS MUST use client auth? That seems odd, there might be other =
reasons coming into play (cost, security posture) making that choice not =
viable. Or is the intent to say that the AS should not use client auth =
if the key distribution cannot be trusted? That sounds far more =
realistic, but then the language should be tweaked or the reader might =
pick the former interpretation.
    P3
    The AS =
can=E2=80=99t really PREVENT creds forwarding as the RO machine might =
still have funny business going on (eg DNS attacks). Some softer =
language might be more accurate there. =

    P4
    That sounds =
very abstract. What does it mean? That the AS should consider to issuing =
RTs to public clients? If that=E2=80=99s the case, we should just say =
so=E2=80=A6 tho without more details, I don=E2=80=99t know how =
actionable the guidance here will be. I can see BoFa requiring a user to =
reauth in their iPhone app after inactivity, but I don=E2=80=99t see =
Uber doing so for their app.. unless they produce long lived ATs, which =
isn=E2=80=99t what we want either.
    P5 =

    This could =
be clearer. The dynamic client registration case just flesh out the =
confidence level an AS can have in its identity, but does not offer a =
corresponding privilege level to it =E2=80=93 whereas the second case =
does mention assigned privileges explicitly. Also, pitting =
=E2=80=9Cdynamically registered client=E2=80=9D vs =E2=80=9Cweb =
application=E2=80=9D might suggest the app type is a factor, whereas =
AFAIK 7591 can be used for registering web apps too (whether that s wise =
or not is immaterial here).
    =C2=A79.2
    Should we =
say something about whether native clients should be allowed to be =
=E2=80=9Cupgraded=E2=80=9D as confidential clients in the future, or the =
other way round? I know of scenarios where people did that to preserve =
consent info, but that seem sketchy security =
wise.
    P3
    The SHOULD =
here refers to a requirement that in 10.3.1 is a MUST. I don=E2=80=99t =
think the MUST is warranted (more about that in the 10.3.1 comments) but =
if we do keep it, it looks like the level should be coherent =
here.
    P4
    That example =
is compatible with a SHOULD- works now, but would look odd if =
we=E2=80=99d upgrade P3 with a MUST for coherence with =
10.3.1.
    P5
    Inclusion =
where/how? We should be precise IMO. If it=E2=80=99s just registration =
material (eg not part of the redirect URI), we should mention how we =
expect it to be used in the context of OAuth- and if we don=E2=80=99t =
know, perhaps we should not mention it here. =

     =

    =C2=A79.3
    P1
    I know it =
becomes clearer later on, but I think it would help here to explicitly =
call out confidential and credentialed client as the subject of this =
sentence. Those are the only client types with credentials, hence the =
current language is formally correct. This is just for =
clarity.
    P2
    I thought we =
require redirect URI registration in all cases? This makes it sound =
it=E2=80=99s only for public clients.
    P3
    I have been =
in various discussions where people were attempting to interpret what =
=E2=80=9Cexplicit RO authentication=E2=80=9D means in practice. Is it a =
full credential prompt regardless of whether one session already exists? =
A selection between existing sessions, if =
present?
    P4
    This is =
unclear. As it currently reads it seems to prohibit things like getting =
a new authz code silently via iframe (and prompt=3Dnone or equivalent UX =
suppressing mechanism, please ignore the ITP complications for the sake =
of argument). 
     =

    =C2=A79.3.1
    P1
    I =
don=E2=80=99t follow this sentence. The client identity cannot be proved =
for public clients (see also next P), and the native apps are public =
clients unless otherwise specified (eg =
credentialed).
    P2
    I find this =
misleading. Client side measures such as claimed schemes, domains etc =
might work to prevent an app impersonating another app on the same =
device/OS, but they aren=E2=80=99t guaranteed to be honored on other =
operating systems. The AS has no way of knowing whether those measures =
have been enforced on the client, hence it should not accept them as =
proof.  
     =

    =C2=A79.4.1
    This is =
another place where a reference to the JWT AT profile would provide a =
concrete example of the conditions set forth here (eg RS guidance for =
audience validation).
    Also, as =
mentioned earlier, it might be useful to remind the reader that the AS =
might include in the token authorization information that go beyond the =
delegated authz scenario OAuth2.x concerns itself with, and that those =
aspects are beyond the scope of this specification.  That would =
truly go a long way preventing people from abusing and overextending the =
spec on scenarios it is not meant to =
address.
    And even for =
the canonical scenarios, it might be useful to remind the reader that =
the RS might have extra logic not described in this spec that determines =
whether the call will be authorized or otherwise- to dispel the notion =
that the AS is always the sole source of truth for authorization. =

     =

    =C2=A79.4.2
    P2
    Clarifying =
that MTLS is one instance of the sender constraint methods just =
mentioned would prevent some readers considering that an independent, =
additional constraint.
     =

     =
=C2=A79.5
    In =C2=A76.1 =
we give more details about protection, should we have a backward =
reference to that section here?
    P2
    Is it worth =
to specify that it doesn=E2=80=99t matter how the AS tracks the binding? =
(eg server side or embedded in the RT bits =
themselves).
     =

    =C2=A79.6
    P1
    This =
language makes the assumption that for client cred grants, the sub will =
take on the client_id value. That it certainly possible, but not a =
given. As such, the language here should be explicit abouty the fact =
that it=E2=80=99s what we are expecting to happen in this particular =
scenario.
    P2
    Referring to =
the client as the actor here is confusing as soon as you move beyond =
client_id. When you talk about rhe sub or any other value, it=E2=80=99s =
not as much the client as it is the developer who owns the client. The =
difference is subtle but might be a source of =
confusion.
     =

    =C2=A79.7
    P3
    I thought =
that we were going to make PKCE or nonce the only two mandatory =
alternatives? Nothing against supporting state as an accepted way to =
achieve this, just surprised as I recall people being quite adamant =
about pushing PKCE.
    P4
    Looks like =
the iss response parameter might make the distinct redirect URIs =
unnecessary?
     =

    =C2=A79.7.1
    The guidance =
in this section isn=E2=80=99t likely to be widely followed, but I =
understand the rationale behind it.
     =

    =C2=A79.8
    P2
    That=E2=80=99=
s probably obvious, but I think we should specify that those multiple =
attempts should come with the expected code verifier as well for the =
revocation logic to be triggered- if it=E2=80=99s just the code without =
verifier, it doesn=E2=80=99t look like the leak went far enough to =
warrant that intervention.
    P4
    If this =
holds, then the remark about the use of state for CSRF in =C2=A79.7 P3 =
seems unnecessary.
    P9
    The use of =
MUST here seems incompatible with the concession of using nonce instead =
of PKCE. Either we allow it or we =
don=E2=80=99t=E2=80=A6
     =

    =C2=A79.11
    P1
    Now that we =
no longer trade in RO passwords, should we mention them here? Sure, if =
the AS uses passwords they do need protection, but so do lots of other =
things the AS might use as part of auth that we don=E2=80=99t mention =
here for Occam=E2=80=99s razor. 
    P3
    What other =
means are we referring to? 
     =

    =C2=A79.12
    =E2=80=9Cserv=
ice providers=E2=80=9D occurs for the first time in the document here. =
Tying the guidance to entities already mentioned in the doc (clients, =
AS) might make things clearer/more =
actionable.
     =

    =C2=A79.13
    I understand =
that some of the comments in this area should be done on the BCP rather =
than here, but here we are. That =
said=E2=80=A6
    Blanket =
comment: this section seems to assume native app =3D=3D mobile app, and =
that=E2=80=99s not strictly the case. Desktop apps have different =
characteristics and desktop OSes different capabilities. Would be =
clearer to make a distinction when relying on mobile OS capabilitesas =
we  appear to do here.
    P2
    Embedded =
user-agent !=3D fake external user agent, but P2 uses that =
interchangeably. A desktop app might use an embedded browser for UX =
reasons and making no attempt whatsoever to disguise that as an external =
agent. And I would be pretty surprised to see a malware remover get rid =
of google drive for Mac, or Adobe products, or Office- all native apps =
using embedded user-agents for =
authentication.
    P3
    It=E2=80=99s =
unclear how the AS would do that, given that user agent strings can be =
faked. Google has its ML based secret sauce, but that might not be =
accessible by everyone.
    P4
    This is =
mobile specific, doesn=E2=80=99t apply to desktop apps as readily. Also =
unclear how that would change for the end user, given that pixel perfect =
replicas can easily include fake address bars. More details on how a =
user would detect an actual browser (presence of an existing session, =
access to bookmarks etc) might add enough color to help the reader truly =
understand the extent of the remedy power (or its true limits). =

     =

    =C2=A79.14
    There=E2=80=99=
s no action for the reader here. If that reflects the actual situation =
(none of the roles described in this spec can do anything to mitigate or =
contain the damage, and solutions to prevent the situation lie outside =
its purview eg use MDM software on your corporate devices) we should =
explicitly say so.
     =

    =C2=A79.15
    A bit odd =
that we used CSRF throughout the document assuming the reader was =
familiar with it, but here we attempt a definition. =

    Still =
confused on how we admit state as a valid mechanism, as opposed to =
limiting to nonce and PKCE. Also note the potential discrepancy called =
out earlier in which at code redemption time we appear to require PKCE, =
in contrast to admitting nonce/state =
here.
     =

    =C2=A79.18.2<=
/span>
    Wondering if =
here we should go as far as recommending the AS keeps dynamic client =
registration OFF when it=E2=80=99s not needed. That might provide good =
secure by default guidance for AS SDKs and product =
developers.
     =

    =C2=A79.19
    I assume =
we=E2=80=99d add the =E2=80=9Ciss=E2=80=9D response parameter as =
alternative to the requirements here?
     =

    =C2=A79.20
    P1, P2, =
P3
    The security =
properties described here do not apply as is to desktop apps using =
embedded browsers.
    As mentioned =
earlier, on the desktop the separation between apps isn=E2=80=99t as =
stark as on mobile- the keystrokes message pump is potentially =
accessible at the user session level, encompassing multiple =
applications. Although process separation mechanisms are in place, the =
circumstances of the execution and the OS specific features in this =
respect determine the degree to which entering credentials in one =
process makes the data inaccessible by another. We should not claim =
advantages we cannot guarantee, and we should be explicit about what =
measures specific to dekstops should be considered to mitigate risks eg =
not executing apps as admins, enable and use UAC at the right level on =
Windows or equivalent on other OSes, use app sandboxing when the OS =
supports it, etc. Not suggesting we call out specific technologies like =
UAC, but at least point at the category of security =
measures.
    P4
    As mentioned =
above, the presence of the address bar can be easily faked by pixel =
perfect replicas- relying on those is security =
theater.
    P5
    This is a =
valid concern, but if we want to frame it in the context of the security =
considerations section we need to add more color (eg minimizing the =
situations in which one needs to enter creds is good security =
practice).
     =

    Another =
thing we might add as lowlight for embedded browsers: password managers =
might not work, making the user=E2=80=99s life difficult and possibly =
promoting insecure situations (eg placing a random pwd in the clipboard, =
where other apps might later steal it =
from).
    =C2=A79.21
    Do we need =
this here, given that we cover this in depth =
earlier?
     =

    =C2=A710
    I find this =
subdivision confusing. We have native clients considerations scattered =
throughout the entire specification, but now we have a dedicated section =
that somewhat repeats some of the points already made while interleaving =
new ones. Perhaps having a more specific section title, one that better =
characterizes the content and intent of this section, would avoid giving =
the impression that if the reader is interested in native clients, this =
is the only section they need to read.
    P2
    See =
discussion so far on native vs =
desktop.
    Also: I have =
been in ferocious discussions where people thought the external user =
agent HAD to be the browser, which we know isn=E2=80=99t the case (hero =
apps like the FB SDK or OS features like sign in w Apple work just as =
well). Some language here giving a nod to those non-browser external =
user agents might help clarify.
    P4
    See previous =
discussion on mobile!=3Ddesktop.
    P5
    I=E2=80=99d =
always qualify the =E2=80=9Cbrowser=E2=80=9D with system, external, =
device etc given that some reader calls the embedded user-agent =
=E2=80=9Cembedded browser=E2=80=9D, hence just saying =
=E2=80=9Cbrowser=E2=80=9D without modifiers is =
ambiguous.
    User =
authentication state.. on the device. I think specifying it will clarify =
what this really means.
     =

    =C2=A710.1
    Unless you =
scope this statement to MOBILE apps, I think the MUST here should be a =
SHOULD. 
    The security =
posture of the desktop is different enough, and the quality of the user =
experience when using a system browser bad and disomogeneous enough, =
that a MUST isn=E2=80=99t justified =
here.
     =

    =C2=A710.2
    Beware of =
the native-mobile false equivalence =
here.
    P3
    One or two =
examples of non-browser external user agents might =
help.
    P4
    Text pasted =
here is technically not a best practice but =
core.
    I see there =
are examples here, so no need to add them in =
P3.
    It=E2=80=99s =
unclear why the external browser is RECOMMENDED here- if it=E2=80=99s =
because we can=E2=80=99t go in details of the behavior of non browser =
apps, it seems like we should say that much rather than making a =
recommendation. In other words, RECOMMENDED expresses a strong =
preference for it, but if I am on iOS and I want to sign in with =
Facebook I am actually better off using their SDK both for security and =
user experience reasons than to use the system =
browser.
     =

    =C2=A710.3
    Requesting a =
MUST for all 3 methods seems restrictive=E2=80=A6 why not requesting at =
least one?
     =

    =C2=A710.3.1<=
/span>
    P3
    This seems =
unnecessarily restrictive. 3.8 in 7595 is mostly SHOULDs, and it refers =
to organizations rather than individuals. Not every developer owns a =
domain, not every app goes on an app store and is meant for general =
public consumption. An organization sideloading apps on managed devices =
should not be forced to follow those constraints if they control the =
environment and aren=E2=80=99t worried about other apps competing for =
the same schema, but placing a MUST here might compel SDK developers to =
embed validation checks that would make developers on those =
circumstances deal with complexity without any security upside. In fact, =
apps should not even be required to have internet access in the general =
case but this requirement does impose that. =

    I think this =
is an important best practice that should be encouraged, RECOMMENDED or =
even SHOULDed , but it shouldn=E2=80=99t be a MUST in the core =
specification.
     =

    =C2=A710.3.2<=
/span>
    P4
    Like =
everything happening on the client, the AS cannot really take that as =
guarantee. What might be true for an app running on iOS might not apply =
if the requests are all manufactured via cURL on a Linux box. The scope =
of those measures is really limited to one particular device or devices =
sharing an OS, outside of that cohort there are no =
guarantees.
     =

    =C2=A710.3.3<=
/span>
    This section =
should come with glaring warnings, anything actively listening on the =
client extends the attack surface- an app listening on the loopback =
might now get affected by exploits in the local HTTP driver/local =
network stack and taken over, executing with the same privileges as the =
user (remember https://www.rapid7.com/db/vulnerabilities/WINDOWS-HOTFI=
X-MS15-034/). The fact that the loopback is only accessible locally =
only reduces the risk but doesn=E2=80=99t eliminate it, a local process =
with lower privileges might use that exploit for elevation of privileges =
for example. We should at least recommend that the app hosting the =
loopback adapter runs with low privileges, reiterate the =E2=80=9Clisten =
only when you must=E2=80=9D and generally warn about the extra attack =
surface.
    As AS I =
might not want to support this method at all, both for security reasons =
and for the extra logic the wildcard port entails at registration and =
request serving times, but right now the spec forces me to- more reasons =
for relaxing the MUST for all 3 methods as mentioned =
earlier..
     =

    =C2=A712
    I am not =
exactly sure where to place the following- this section (or a =
subsection) might be the best fit.
    As mentioned =
during the interim meeting, the omission of the implicit flow in =
OAuth2.1 has already caused a lot of people to interpret this as an =
indirect deprecation of the use of implicit flow by OpenID Connect for =
obtaining ID_tokens, either via traditional  response_modes or via =
form_post.
    We already =
debated and concluded that the reasons that led to the omission of the =
implicit grant in 2.1 do not apply to ID_tokens, hence there=E2=80=99s =
no reason for people to stop using OpenID Connect that way. =

    Formally we =
are in the clear, as OIDC is vased on 2.0 the omission of implicit here =
does not prevent it as extension grant in OIDC anyway- but the formal =
stance doesn=E2=80=99t help in preventing the confusion and assuaging =
the concerns of the developers who aren=E2=80=99t as well versed as the =
people on this list in all things =
specifications.
    Because of =
this, I recommend we add some language here that prevents that =
confusion. Something like 
     =

    *  The Implicit =
grant ("response_type=3Dtoken") is omitted from =
this
          specification as =
per Section 2.1.2 of[I-D.ietf-oauth-security-topics]
    Please note: the omission of the =
implicit grant from this specification does not automatically imply that =
other extension grants obtaining credentials directly from the =
authorization endpoint should also be discarded. For example, the =
implicit flow defined in Section 3.2 of [OIDC] remains valid for all the response_type =
values not including =E2=80=9Ctoken=E2=80=9D. =

     =

    Although it =
might be a bit unusual to refer to details of specs from other entities, =
this spec already mentions OpenID 9 times even excluding =C2=A714.2- and =
as soon as the browser apps section will be included, that number is =
certain to rise. And the confusion on this point is truly widespread- =
adding language along the lines of the above directly in the core would =
go a long way to save a lot of grief.
     =

     =

     =

     =

     =

     =

     =

     =

     =

     =

     =

     =

     =

     =

     =

     =

     =

     =

     =

     =

     =

     <=
/o:p>
     <=
/o:p>
     <=
/o:p>
     <=
/o:p>
     <=
/o:p>
     <=
/o:p>
     <=
/o:p>
     <=
/o:p>
     <=
/o:p>
     <=
/o:p>
     <=
/o:p>
     <=
/o:p>
     <=
/o:p>
     <=
/o:p>
     <=
/o:p>
     <=
/o:p>
     <=
/o:p>
     <=
/o:p>
     <=
/o:p>
     <=
/o:p>
     <=
/o:p>
     <=
/o:p>
     <=
/o:p>
     <=
/o:p>
     <=
/o:p>
     <=
/o:p>
     <=
/o:p>
     <=
/o:p>
     <=
/o:p>
    <= /html> ------=_NextPart_000_04E7_01D6D1FC.39933200-- From nobody Mon Dec 14 13:27:42 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 24C8E3A1357 for ; Mon, 14 Dec 2020 13:27:40 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.197 X-Spam-Level: X-Spam-Status: No, score=-0.197 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_FONT_FACE_BAD=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=pingidentity.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YJIPPMSg99cZ for ; Mon, 14 Dec 2020 13:27:36 -0800 (PST) Received: from mail-lf1-x134.google.com (mail-lf1-x134.google.com [IPv6:2a00:1450:4864:20::134]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EA7223A1354 for ; Mon, 14 Dec 2020 13:27:35 -0800 (PST) Received: by mail-lf1-x134.google.com with SMTP id a12so33938721lfl.6 for ; Mon, 14 Dec 2020 13:27:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=b+tI7soAed2RKPHqw4Wz9SMKNTIg9YHP3B0QeIlufS0=; b=EzZ8pZPMYI8x9LChOX5FjQyqLd23AFYTbhunQrunpUj/NmQXVxwSRJ+hoDL/OVJgXQ skCJ1sULeL7eMRoLP2P6+V7tYEEHyhwCCU0n00RBtmv/4eVGsNnNwql00znhj8pbN1AY mLCYrii3/6dr1nLXwNIind/f95KxwZGVKoaTSyE0mc9az+END2tAb9REHuRxua0YJ6tw /1rzW5JJfytEG/122EQ342bK/h9SyMdnyx14tILk0h9GRWdV7PVRr1uNmUh/RikdWqKS wWpi+Xxnk7E5cRhZbb9pc7ssFgvl4lBNr/6UR0/f18s/XXbaJQsvgmsWvmZd9rAUl1DK tJ2Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=b+tI7soAed2RKPHqw4Wz9SMKNTIg9YHP3B0QeIlufS0=; b=IwOkxDPUs46qSC3wXeErYrjwhSuT5f9TduGWJKGpgC90EhJD2h3LF0UHypWCwmcSa+ UTHwLrssyePP4etDhdfZiaVnOSnAm7myAQFp6R3oHgRwhHLkJHm6y0u+PwCxBvdY8GAI +WhBHJTIUPGiZQIHsAxRNNC23Yb+ImC0mGsHCNz362lH4TIlAXlJFrdV0asxjoJCL3pT F5lqvITXsEET7aEMkE2wvZbFVO0xOduNo9zPikPaJZ3eEgW6Z1SbRnA+4H8SauvjleUj V9R2kdQlihSpXjjIZbm2T/x6ES2yo//7VB+pUruzzHkC55oI+clcOu4YJjIJiHoK5ldo OKxA== X-Gm-Message-State: AOAM532+XJstEpuBCj8B2ckZfa31RHKfgmiF5R3t83y430WCbKSnuarZ BRw1p+AdY2PVVbgTw+2gZexJSvtRLsG/udXHPeK70ZVQcFO8wALOfsepos8yg5pSzjT6BvaTdPu +ZKGy7uk8PffJYQ== X-Google-Smtp-Source: ABdhPJzq9LnGomaMBwpSguAegtSDRm0zP5pVuk95CuT/ps8Dg8PT7mIfFMxmD8+jdA/uU2ixF1R4NpcZIEWC8XDEiyM= X-Received: by 2002:a19:7b16:: with SMTP id w22mr10174228lfc.657.1607981253777; Mon, 14 Dec 2020 13:27:33 -0800 (PST) MIME-Version: 1.0 References: <30D5F7BA-EA54-4E40-A2FC-222AA0C9AF8D@lodderstedt.net> <353E4494-2F80-44BC-9267-6FB8B37AA0FE@lodderstedt.net> <1B663AA7-563D-4D25-A408-9ED10FD818AC@forgerock.com> <4c09c8d4-a7af-9bb9-0f72-9b524f0330d1@connect2id.com> In-Reply-To: <4c09c8d4-a7af-9bb9-0f72-9b524f0330d1@connect2id.com> From: Brian Campbell Date: Mon, 14 Dec 2020 14:27:06 -0700 Message-ID: To: Vladimir Dzhuvinov Cc: oauth Content-Type: multipart/alternative; boundary="00000000000070034d05b6734f3a" Archived-At: Subject: Re: [OAUTH-WG] DPoP followup I: freshness and coverage of signature X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Dec 2020 21:27:40 -0000 --00000000000070034d05b6734f3a Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Sat, Dec 12, 2020 at 1:22 AM Vladimir Dzhuvinov wrote: > If the current DPoP has code complexity "X", the relative additional > complexity to include access token hashes doesn't seem like very much. An > app choosing DPoP means accepting the code complexity that comes with > dealing with keys, composing the signing inputs for the proofs, signing, > the necessary changes to the token and RS requests. On the other hand, fo= r > some people that additional access token hash may become the straw that > breaks the camel's back, causing them to quit their jobs developing web > apps and never look back :) > Yeah, the relative additional complexity to include an access token hash maybe isn't too much but it's also not not nothing. It's a different kind of operation than the other things you listed (yes, I know there's a hash as part of the signing but it's abstracted away from the developer in most cases) and something that can be quite difficult to troubleshoot when different parties arrive at different hash values. Hence my lack of conviction on this one way or the other. > Have you thought about letting deployments decide about the access token > hash? To say look, there is also the option to bind an access token to th= e > DPoP proof, the security benefits can be such an such, and this is how it > can be done. > > What I don't like about that proposal: > > - It will complicate the spec > > - The current spec doesn't require implementers / deployments to make > any decisions, apart from adopt / not DPoP (okay, also choose a JWS al= g) - > which is actually a great feature to have > > I also don't like it for basically the same reasons. I've definitely aimed to keep it simple from that perspective of not having a lot of optionality or switches. It is a nice feature to have, when possible. > Vladimir > > > On 12/12/2020 01:58, Brian Campbell wrote: > > Any type of client could use DPoP and (presumably) benefit from > sender-constrained access tokens. So yeah, adding complexity specifically > for browser-based applications (that only mitigates one variation of the > attacks possible with XSS anyway) has 'cost' impact to those clients as > well. And should be considered in the cost/benefit. Including the AT hash > isn't terribly complicated but it's not trivial either. I'm honestly stil= l > unsure but am leaning towards it not being worth adding. > > On Fri, Dec 11, 2020 at 2:14 AM Philippe De Ryck < > philippe@pragmaticwebsecurity.com> wrote: > >> The scenario you describe here is realistic in browser-based apps with >> XSS vulnerabilities, but it is pretty complex. Since there are worse >> problems when XSS happens, it=E2=80=99s hard to say whether DPoP should = mitigate >> this. >> >> I=E2=80=99m wondering what other types of clients would benefit from usi= ng DPoP >> for access tokens? Mobile apps? Clients using a Client Credentials grant= ? >> >> How are they impacted by any change made specifically for browser-based >> applications? >> >> Philippe >> >> >> On 9 Dec 2020, at 23:57, Brian Campbell >> wrote: >> >> Thanks Philippe, I very much concur with your line of reasoning and the >> important considerations. The scenario I was thinking of is: browser bas= ed >> client where XSS is used to exfiltrate the refresh token along with >> pre-computed proofs that would allow for the RT to be exchanged for new >> access tokens and also pre-computed proofs that would work with those >> access tokens for resource access. With the pre-computed proofs that wou= ld >> allow prolonged (as long as the RT is valid) access to protected resourc= es >> even when the victim is offline. Is that a concrete attack scenario? I >> mean, kind of. It's pretty convoluted/complex. And while an access token >> hash would reign it in somewhat (ATs obtained from the stolen RT wouldn'= t >> be usable) it's hard to say if the cost is worth the benefit. >> >> >> >> On Tue, Dec 8, 2020 at 11:47 PM Philippe De Ryck < >> philippe@pragmaticwebsecurity.com> wrote: >> >>> Yeah, browser-based apps are pure fun, aren=E2=80=99t they? :) >>> >>> The reason I covered a couple of (pessimistic) XSS scenarios is that th= e >>> discussion started with an assumption that the attacker already >>> successfully exploited an XSS vulnerability. I pointed out how, at that >>> point, finetuning DPoP proof contents will have little to no effect to = stop >>> an attack. I believe it is important to make this very clear, to avoid >>> people turning to DPoP as a security mechanism for browser-based >>> applications. >>> >>> >>> Specifically to your question on including the hash in the proof, I >>> think these considerations are important: >>> >>> 1. Does the inclusion of the AT hash stop a concrete attack scenario? >>> 2. Is the =E2=80=9Ccost=E2=80=9D (implementation, getting it right, =E2= =80=A6) worth the >>> benefits? >>> >>> >>> Here=E2=80=99s my view on these considerations (*specifically for brows= er-based >>> apps, not for other types of applications*): >>> >>> 1. The proof precomputation attack is already quite complex, and short >>> access token lifetimes already reduce the window of attack. If the atta= cker >>> can steal a future AT, they could also precompute new proofs then. >>> 2. For browser-based apps, it seems that doing this complicates the >>> implementation, without adding much benefit. Of course, libraries could >>> handle this, which significantly reduces the cost. >>> >>> >>> Note that these comments are specifically to complicating the spec and >>> implementation. DPoP=E2=80=99s capabilities of using sender-constrained= access >>> tokens are still useful to counter various other scenarios (e.g., >>> middleboxes or APIs abusing access tokens). If other applications would >>> significantly benefit from having the hash in the proof, I=E2=80=99m al= l for it. >>> >>> On a final note, I would be happy to help clear up the details on >>> web-based threats and defenses if necessary. >>> >>> =E2=80=94 >>> *Pragmatic Web Security* >>> *Security for developers* >>> https://pragmaticwebsecurity.com/ >>> >>> >>> On 8 Dec 2020, at 22:47, Brian Campbell >>> wrote: >>> >>> Danial recently added some text to the working copy of the draft with >>> https://github.com/danielfett/draft-dpop/commit/f4b42058 that I think >>> aims to better convey the "nutshell: XSS =3D Game over" sentiment and m= aybe >>> dissuade folks from looking to DPoP as a cure-all for browser based >>> applications. Admittedly a lot of the initial impetus behind producing = the >>> draft in the first place was born out of discussions around browser bas= ed >>> apps. But it's neither specific to browser based apps nor a panacea for >>> them. I hope the language in the document and how it's recently been >>> presented is reflective of that reality. >>> >>> The more specific discussions/recommendations around in-browser apps ar= e >>> valuable (if somewhat over my head) but might be more appropriate in th= e OAuth >>> 2.0 for Browser-Based Apps >>> >>> draft. >>> >>> With respect to the contents of the DPoP draft, I am still keen to try >>> and flush out some consensus around the question posed in the start of = this >>> thread, which is effectively whether or not to include a hash of the ac= cess >>> token in the proof. Acknowledging that "XSS =3D Game over" does sort o= f >>> evoke a tendency to not even bother with such incremental protections (= what >>> I've tried to humorously coin as "XSS Nihilism" with no success). And a= s >>> such, I do think that leaving it how it is (no AT hash in the proof) is= not >>> unreasonable. But, as Filip previously articulated, including the AT ha= sh >>> in the proof would prevent potentially prolonged access to protected >>> resources even when the victim is offline. And that seems maybe worthwh= ile >>> to have in the protocol, given that it's not a huge change to the spec.= But >>> it's a trade-off either way and I'm personally on the fence about it. >>> >>> Including an RT hash in the proof seems more niche. Best I can tell, it >>> would guard against prolonged offline access to protected resources whe= n >>> access tokens are bearer and the RT was DPoP-bound and also gets rotate= d. >>> The trade-off there seems less worth it (I think an RT hash would be mo= re >>> awkward in the protocol too). >>> >>> >>> >>> >>> >>> >>> >>> On Fri, Dec 4, 2020 at 5:40 AM Philippe De Ryck < >>> philippe@pragmaticwebsecurity.com> wrote: >>> >>>> >>>> The suggestion to use a web worker to ensure that proofs cannot be >>>> pre-computed is a good one I think. (You could also use a sandboxed if= rame >>>> for a separate sub/sibling-domain - dpop.example.com). >>>> >>>> >>>> An iframe with a different origin would also work (not really >>>> sandboxing, as that implies the use of the sandbox attribute to enforc= e >>>> behavioral restrictions). The downside of an iframe is the need to hos= t >>>> additional HTML, vs a script file for the worker, but the effect is in= deed >>>> the same. >>>> >>>> For scenario 4, I think this only works if the attacker can trick/spoo= f >>>> the AS into using their redirect_uri? Otherwise the AC will go to the >>>> legitimate app which will reject it due to mismatched state/PKCE. Or a= re >>>> you thinking of XSS on the redirect_uri itself? I think probably a goo= d >>>> practice is that the target of a redirect_uri should be a very minimal= and >>>> locked down page to avoid this kind of possibility. (Again, using a >>>> separate sub-domain to handle tokens and DPoP seems like a good idea). >>>> >>>> >>>> My original thought was to use a silent flow with Web Messaging. The >>>> scenario would go as follows: >>>> >>>> 1. Setup a Web Messaging listener to receive the incoming code >>>> 2. Create a hidden iframe with the DOM APIs >>>> 3. Create an authorization request such as =E2=80=9C*/authorize?respon= se_type=3Dcode&client_id=3D...&redirect_uri=3Dhttps%3A%2F%example.com >>>> &state=3D...&code_challenge=3D7-ffnU1EzHtMfxOAdlk= p_WixnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256&prompt=3Dnone&respons= e_mode=3Dweb_message* >>>> =E2=80=9D >>>> 4. Load this URL in the iframe, and wait for the result >>>> 5. Retrieve code in the listener, and use PKCE (+ DPoP if needed) to >>>> exchange it for tokens >>>> >>>> This puts the attacker in full control over every aspect of the flow, >>>> so no need to manipulate any of the parameters. >>>> >>>> >>>> After your comment, I also believe an attacker can run the same >>>> scenario without the =E2=80=9C*response_mode=3Dweb_message*=E2=80=9D. = This would go as >>>> follows: >>>> >>>> 1. Create a hidden iframe with the DOM APIs >>>> 2. Setup polling to read the URL (this will be possible for same-origi= n >>>> pages, not for cross-origin pages) >>>> 3. Create an authorization request such as =E2=80=9C*/authorize?respon= se_type=3Dcode&client_id=3D...&redirect_uri=3Dhttps%3A%2F%example.com >>>> &state=3D...&code_challenge=3D7-ffnU1EzHtMfxOAdlk= p_WixnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256* >>>> =E2=80=9D >>>> 4. Load this URL in the iframe, and keep polling >>>> 5. Detect the redirect back to the application with the code in the >>>> URL, retrieve code, and use PKCE (+ DPoP if needed) to exchange it for >>>> tokens >>>> >>>> In step 5, the application is likely to also try to exchange the code. >>>> This will fail due to a mismatching PKCE verifier. While noisy, I don= =E2=80=99t >>>> think it affects the scenario. >>>> >>>> >>>> IMO, the online attack scenario (i.e., proxying malicious requests >>>> through the victim=E2=80=99s browser) is quite appealing to an attacke= r, despite >>>> the apparent inconvenience: >>>> >>>> - the victim=E2=80=99s browser may be inside a corporate firewall or = VPN, >>>> allowing the attacker to effectively bypass these restrictions >>>> - the attacker=E2=80=99s traffic is mixed in with the user=E2=80=99s = own requests, >>>> making them harder to distinguish or to block >>>> >>>> Overall, DPoP can only protect against XSS to the same level as >>>> HttpOnly cookies. This is not nothing, but it means it only prevents >>>> relatively naive attacks. Given the association of public key signatur= es >>>> with strong authentication, people may have overinflated expectations = if >>>> DPoP is pitched as an XSS defence. >>>> >>>> >>>> Yes, in the cookie world this is known as =E2=80=9CSession Riding=E2= =80=9D. Having the >>>> worker for token isolation would make it possible to enforce a >>>> coarse-grained policy on outgoing requests to prevent total abuse of t= he AT. >>>> >>>> My main concern here is the effort of doing DPoP in a browser versus >>>> the limited gains. It may also give a false sense of security. >>>> >>>> >>>> >>>> With all this said, I believe that the AS can lock down its >>>> configuration to reduce these attack vectors. A few initial ideas: >>>> >>>> 1. Disable silent flows for SPAs using RT rotation >>>> 2. Use the sec-fetch headers to detect and reject non-silent >>>> iframe-based flows >>>> >>>> For example, an OAuth 2.0 flow in an iframe in Brave/Chrome carries >>>> these headers: >>>> * sec-fetch-dest: iframe sec-fetch-mode: navigate sec-fetch-site: >>>> cross-site sec-fetch-user: ?1 * >>>> >>>> >>>> Philippe >>>> >>>> >>>> >>> *CONFIDENTIALITY NOTICE: This email may contain confidential and >>> privileged material for the sole use of the intended recipient(s). Any >>> review, use, distribution or disclosure by others is strictly prohibite= d. >>> If you have received this communication in error, please notify the sen= der >>> immediately by e-mail and delete the message and any file attachments f= rom >>> your computer. Thank you.* >>> >>> >>> >> *CONFIDENTIALITY NOTICE: This email may contain confidential and >> privileged material for the sole use of the intended recipient(s). Any >> review, use, distribution or disclosure by others is strictly prohibited= . >> If you have received this communication in error, please notify the send= er >> immediately by e-mail and delete the message and any file attachments fr= om >> your computer. Thank you.* >> >> >> >> >> >> > *CONFIDENTIALITY NOTICE: This email may contain confidential and > privileged material for the sole use of the intended recipient(s). Any > review, use, distribution or disclosure by others is strictly prohibited. > If you have received this communication in error, please notify the sende= r > immediately by e-mail and delete the message and any file attachments fro= m > your computer. Thank you.* > > _______________________________________________ > OAuth mailing listOAuth@ietf.orghttps://www.ietf.org/mailman/listinfo/oau= th > > -- > Vladimir Dzhuvinov > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > --=20 _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged= =20 material for the sole use of the intended recipient(s). Any review, use,=20 distribution or disclosure by others is strictly prohibited.=C2=A0 If you h= ave=20 received this communication in error, please notify the sender immediately= =20 by e-mail and delete the message and any file attachments from your=20 computer. Thank you._ --00000000000070034d05b6734f3a Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable


    =
    On Sat, Dec 12, 2020 at 1:22 AM Vladi= mir Dzhuvinov <vladimir@conne= ct2id.com> wrote:
    =20 =20 =20

    If the current DPoP has code complexity "X", the relative additional complexity to include access token hashes doesn't seem like very much. An app choosing DPoP means accepting the code complexity that comes with dealing with keys, composing the signing inputs for the proofs, signing, the necessary changes to the token and RS requests. On the other hand, for some people that additional access token hash may become the straw that breaks the camel's back, causing them to quit their jobs developing web apps and never look back :)

    Yeah, the relat= ive additional complexity to include an access token hash maybe isn't= too much but it's also not not nothing. It's a different kind of o= peration than the other things you listed (yes, I know there's a hash a= s part of the signing but it's abstracted away from the developer in mo= st cases) and something that can be quite difficult to troubleshoot when di= fferent parties arrive at different hash values. Hence my lack of convictio= n on this one way or the other.
    =C2=A0

    Have you thought about letting deployments decide about the access token hash? To say look, there is also the option to bind an access token to the DPoP proof, the security benefits can be such an such, and this is how it can be done.

    What I don't like about that proposal:

    • It will complicate the spec

    • The current spec doesn't require implementers / deployments t= o make any decisions, apart from adopt / not DPoP (okay, also choose a JWS alg) - which is actually a great feature to have

    I also don't like it for bas= ically the same reasons. I've definitely aimed to keep it simple from t= hat perspective of not having a lot of optionality or switches. It is a nic= e feature to have, when possible.

    =C2=A0

    Vladimir


    On 12/12/2020 01:58, Brian Campbell wrote:
    =20
    Any type of client could use DPoP and (presumably) benefit from sender-constrained access tokens. So yeah, adding complexity specifically for browser-based applications (that only mitigates one variation of the attacks possible with XSS anywa= y)=C2=A0 has 'cost' impact to those clients as well. And should be consi= dered in the cost/benefit. Including the AT hash isn't terribly complicated but it's not trivial either. I'm honestly still unsure but am leaning towards it not being worth adding.

    On Fri, Dec 11, 2020 at 2:14 AM Philippe De Ryck <philippe@pragmaticwebsecurity.com> wrote:
    The scenario you describe here is realistic in browser-based apps with XSS vulnerabilities, but it is pretty complex. Since there are worse problems when XSS happens, it=E2=80=99s hard to say whether DPoP should mitigate this.=C2=A0

    I=E2=80=99m wondering what other types of clients would be= nefit from using DPoP for access tokens? Mobile apps? Clients using a Client Credentials grant?

    How are they impacted by any change made specifically for browser-based applications?

    Philippe


    On 9 Dec 2020, at 23:57, Brian Campbell <bcampbell@pingi= dentity.com> wrote:

    Thanks Philippe, I very much concur with your line of reasoning and the important considerations. The scenario I was thinking of is: browser based client where XSS is used to exfiltrate the refresh token along with pre-computed proofs that would allow for the RT to be exchanged for new access tokens and also pre-computed proofs that would work with those access tokens for resource access. With the pre-computed proofs that would allow prolonged (as long as the RT is valid) access to protected resources even when the victim is offline. Is that a concrete attack scenario? I mean, kind of. It's pretty convoluted/complex. And while an access token hash would reign it in somewhat (ATs obtained from the stolen RT wouldn't be usable) it's hard to say if the cost is worth the benefit.



    On Tue, Dec 8, 2020 at 11:47 PM Philippe De Ryck <philippe@p= ragmaticwebsecurity.com> wrote:
    Yeah, browser-based apps are pure fun, aren=E2=80=99t they? :)

    The reason I covered a couple of (pessimistic) XSS scenarios is that the discussion started with an assumption that the attacker already successfully exploited an XSS vulnerability. I pointed out how, at that point, finetuning DPoP proof contents will have little to no effect to stop an attack. I believe it is important to make this very clear, to avoid people turning to DPoP as a security mechanism for browser-based applications.


    Specifically to your question on including the hash in the proof, I think these considerations are important:

    1. Does the inclusion of the AT hash stop a concrete attack scenario?
    2. Is the =E2=80=9Ccost=E2=80=9D (implem= entation, getting it right, =E2=80=A6) worth the bene= fits?


    Here=E2=80=99s my view on these considerations (specifically for browser-based apps, not for other types of applications):

    1. The proof precomputation attack is already quite complex, and short access token lifetimes already reduce the window of attack. If the attacker can steal a future AT, they could also precompute new proofs then.=C2=A0
    2. For browser-based apps, it seems that doing this complicates the implementation, without adding much benefit. Of course, libraries could handle this, which significantly reduces the cost.=C2=A0


    Note that these comments are specifically to complicating the spec and implementation. DPoP=E2=80=99s capabili= ties of using sender-constrained access tokens are still useful to counter various other scenarios (e.g., middleboxes or APIs abusing access tokens). If other applications would significantly benefit from having the hash in the proof, I=E2=80=99m all for it.<= /div>

    On a final note, I would be happy to help clear up the details on web-based threats and defenses if necessary.

    =E2=80=94
    Pragmatic Web Security
    Security for developers
    https://pragmaticwebsecurity.com/


    On 8 Dec 2020, at 22:47, Brian Campbell <bcampbell@pingidentity.com<= /a>> wrote:

    Danial recently added some text to the working copy of the draft with https://github.com/danielfett/draft-dpop/commit/f4b42058 that I think aims to better convey the "nutshell: XSS = =3D Game over" sentiment and maybe dissuade folks from looking to DPoP as a cure-all for browser based applications. Admittedly a lot of the initial impetus behind producing the draft in the first place was born out of discussions around browser based apps. But it'= s neither specific to browser based apps nor a panacea for them. I hope the language in the document and how it's recently been presented is reflective of that reality.

    The more specific discussions/recommendations around in-browser apps are valuable (if somewhat over my head) but might be more appropriate in the OAuth 2.0 for Browser-Based Apps draft.

    With respect to the contents of the DPoP draft, I am still keen to try and flush out some consensus around the question posed in the start of this thread, which is effectively whether or not to include a hash of the access token in the proof.=C2=A0 Acknowledging that "XSS =3D Game over" d= oes sort of evoke a tendency to not even bother with such incremental protections (what I've tried to humorously coin as "XSS Nihilism" with no success)= . And as such, I do think that leaving it how it is (no AT hash in the proof) is not unreasonable. But, as Filip previously articulated, including the AT hash in the proof would prevent potentially prolonged access to protected resources even when the victim is offline. And that seems maybe worthwhile to have in the protocol, given that it's not a huge change to the spec. But it's a trade-off either way and I'm personally on the fence about it.

    Including an RT hash in the proof seems more niche. Best I can tell, it would guard against prolonged offline access to protected resources when access tokens are bearer and the RT was DPoP-bound and also gets rotated. The trade-off there seems less worth it (I think an RT hash would be more awkward in the protocol too).







    On Fri, Dec 4, 2020 at 5:40 AM Philippe De Ryck <philippe@pragm= aticwebsecurity.com> wrote:

    The suggestion to use a web worker to ensure that proofs cannot be pre-computed is a good one I think. (You could also use a sandboxed iframe for a separate sub/sibling-domai= n - dpop.example.com).

    An iframe with a different origin would also work (not really sandboxing, as that implies the use of the sandbox attribute to enforce behavioral restrictions). The downside of an iframe is the need to host additional HTML, vs a script file for the worker, but the effect is indeed the same.

    For scenario 4, I think this only works if the attacker can trick/spoof the AS into using their redirect_uri? Otherwise the AC will go to the legitimate app which will reject it due to mismatched state/PKCE. Or are you thinking of XSS on the redirect_uri itself? I think probably a good practice is that the target of a redirect_uri should be a very minimal and locked down page to avoid this kind of possibility. (Again, using a separate sub-domain to handle tokens and DPoP seems like a good idea).

    My original thought was to use a silent flow with Web Messaging. The scenario would go as follows:

    1. Setup a Web Messaging listener to receive the incoming code
    2. Create a hidden iframe with the DOM APIs
    3. Create an authorization request such as =E2=80= =9C/authorize?response_type=3Dcode&client_id=3D...&redirect_uri= =3Dhttps%3A%2F%example.co= m&state=3D...&code_challenge=3D7-ffnU1EzHtMfxOAdlkp_WixnAM_z9tM= h3JxgjazXAk&code_challenge_method=3DS256&prompt=3Dnone&response= _mode=3Dweb_message=E2=80=9D
    4. Load this URL in the iframe, and wait for the result
    5. Retrieve code in the listener, and use PKCE (+ DPoP if needed) to exchange it for tokens

    This puts the attacker in full control over every aspect of the flow, so no need to manipulate any of the parameters.


    After your comment, I also believe an attacker can run the same scenario without the =E2=80=9Cresponse_mo= de=3Dweb_message=E2=80=9D. This would go as follows:

    1. Create a hidden iframe with the DOM APIs
    2. Setup polling to read the URL (this will be possible for same-origin pages, not for cross-origin pages)
    3. Create an authorization request such as =E2= =80=9C/authorize?response_type=3Dcode&client_id=3D...&redirect_u= ri=3Dhttps%3A%2F%example.= com&state=3D...&code_challenge=3D7-ffnU1EzHtMfxOAdlkp_WixnAM_z9= tMh3JxgjazXAk&code_challenge_method=3DS256=E2=80=9D
    4. Load this URL in the iframe, and keep polling
    5. Detect the redirect back to the application with the code in the URL, retrieve code, and use PKCE (+ DPoP if needed) to exchange it for tokens

    In step 5, the application is likely to also try to exchange the code. This will fail due to a mismatching PKCE verifier. While noisy, I don=E2=80=99= t think it affects the scenario.=C2=A0


    IMO, the online attack scenario (i.e., proxying malicious requests through the victim=E2=80=99s browser) is quite appealing to an attacker, despite the apparent inconvenience:

    =C2=A0- the victim=E2=80=99s browser may be inside a corporate firewall or VPN, allowing the attacker to effectively bypass these restrictions
    =C2=A0- the attacker=E2=80=99= s traffic is mixed in with the user=E2=80=99= s own requests, making them harder to distinguish or to block

    Overall, DPoP can only protect against XSS to the same level as HttpOnly cookies. This is not nothing, but it means it only prevents relatively naive attacks. Given the association of public key signatures with strong authentication, people may have overinflated expectations if DPoP is pitched as an XSS defence.

    Yes, in the cookie world this is known as =E2=80=9CSessi= on Riding=E2=80=9D. Having= the worker for token isolation would make it possible to enforce a coarse-grained policy on outgoing requests to prevent total abuse of the AT.

    My main concern here is the effort of doing DPoP in a browser versus the limited gains. It may also give a false sense of security.=C2=A0



    With all this said, I believe that the AS can lock down its configuration to reduce these attack vectors. A few initial ideas:

    1. Disable silent flows for SPAs using RT rotation
    2. Use the sec-fetch headers to detect and reject non-silent iframe-based flows

    For example, =C2=A0a= n OAuth 2.0 flow in an iframe in Brave/Chrome carries these headers:
    sec-fetch-de= st: iframe
    sec-fetch-mo= de: navigate
    sec-fetch-si= te: cross-site
    sec-fetch-us= er: ?1

    Philippe


    CONFIDENT= IALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.=C2=A0 If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.


    CONFIDENTIALITY NOTICE: T= his email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.=C2=A0 If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.





    CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.=C2=A0 If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you. 
    _______________________________________________
OAuth mailing list
OAuth@ietf.org
h=
ttps://www.ietf.org/mailman/listinfo/oauth

    --=20
Vladimir Dzhuvinov
    _______________________________________________
    OAuth mailing list
    OAuth@ietf.org
    https://www.ietf.org/mailman/listinfo/oauth

    <= span style=3D"margin:0px;padding:0px;border:0px;outline:0px;vertical-align:= baseline;background:transparent;font-family:proxima-nova-zendesk,system-ui,= -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ub= untu,Cantarell,"Helvetica Neue",Arial,sans-serif;font-weight:600"= >CONFIDENTIALITY NOTICE: This email may contain confidenti= al and privileged material for the sole use of the intended recipient(s). A= ny review, use, distribution or disclosure by others is strictly prohibited= .=C2=A0 If you have received this communication in error, please notify the= sender immediately by e-mail and delete the message and any file attachmen= ts from your computer. Thank you. --00000000000070034d05b6734f3a-- From nobody Tue Dec 15 08:41:05 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C82523A123D; Tue, 15 Dec 2020 08:41:03 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.885 X-Spam-Level: X-Spam-Status: No, score=-1.885 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_FONT_FACE_BAD=0.001, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QQ8f74xEjP0r; Tue, 15 Dec 2020 08:40:59 -0800 (PST) Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 12F733A123C; Tue, 15 Dec 2020 08:40:58 -0800 (PST) Received: from [192.168.1.19] (static-71-174-62-56.bstnma.fios.verizon.net [71.174.62.56]) (authenticated bits=0) (User authenticated as jricher@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 0BFGeqDc032167 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 15 Dec 2020 11:40:53 -0500 From: Justin Richer Message-Id: Content-Type: multipart/alternative; boundary="Apple-Mail=_3AEE28DB-81AB-43A6-B1D1-48564FF00B89" Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.4\)) Date: Tue, 15 Dec 2020 11:40:52 -0500 In-Reply-To: Cc: Vladimir Dzhuvinov , oauth To: Brian Campbell References: <30D5F7BA-EA54-4E40-A2FC-222AA0C9AF8D@lodderstedt.net> <353E4494-2F80-44BC-9267-6FB8B37AA0FE@lodderstedt.net> <1B663AA7-563D-4D25-A408-9ED10FD818AC@forgerock.com> <4c09c8d4-a7af-9bb9-0f72-9b524f0330d1@connect2id.com> X-Mailer: Apple Mail (2.3608.120.23.2.4) Archived-At: Subject: Re: [OAUTH-WG] DPoP followup I: freshness and coverage of signature X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Dec 2020 16:41:04 -0000 --Apple-Mail=_3AEE28DB-81AB-43A6-B1D1-48564FF00B89 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 I went and implemented this proposal of including a token hash in both = an AS (java) and client (javascript) on a system that was already using = DPoP and OpenID Connect. What I did there was just use the existing code = we had on the AS-side to calculate the =E2=80=9Cat_hash=E2=80=9D in the = ID Token from OIDC, which I also used to verify on the token-accepting = portions. I had to implement the function on the client side, but that = was only a couple lines using a crypto library to do the heavy hash = lift. The most annoying part is dealing with the hash variability in the OIDC = method. As Brian points out, this isn=E2=80=99t particularly robust, and = it depends on the wrapper being JOSE. That=E2=80=99s not a huge deal = because DPoP uses JOSE for its wrapper, but it=E2=80=99s still extra = code to deal with =E2=80=94 to the point where I just hardcoded the hash = algorithm in my test so that I didn=E2=80=99t have to put together the = switch case over the algorithm.=20 So in at least my own experience, the addition is minimal on both client = and server, and whatever we would decide for the hash algorithm would be = simple enough to manage. I have a slight preference for just picking = something like SHA256 and calling it a day (and defining other hashes in = the future when SHA256 is broken), but that=E2=80=99s not a hill I care = to die on. =E2=80=94 Justin > On Dec 14, 2020, at 4:27 PM, Brian Campbell = wrote: >=20 >=20 >=20 > On Sat, Dec 12, 2020 at 1:22 AM Vladimir Dzhuvinov = > wrote: > If the current DPoP has code complexity "X", the relative additional = complexity to include access token hashes doesn't seem like very much. = An app choosing DPoP means accepting the code complexity that comes with = dealing with keys, composing the signing inputs for the proofs, signing, = the necessary changes to the token and RS requests. On the other hand, = for some people that additional access token hash may become the straw = that breaks the camel's back, causing them to quit their jobs developing = web apps and never look back :) >=20 > Yeah, the relative additional complexity to include an access token = hash maybe isn't too much but it's also not not nothing. It's a = different kind of operation than the other things you listed (yes, I = know there's a hash as part of the signing but it's abstracted away from = the developer in most cases) and something that can be quite difficult = to troubleshoot when different parties arrive at different hash values. = Hence my lack of conviction on this one way or the other.=20 > =20 >=20 > Have you thought about letting deployments decide about the access = token hash? To say look, there is also the option to bind an access = token to the DPoP proof, the security benefits can be such an such, and = this is how it can be done. >=20 > What I don't like about that proposal:=20 >=20 > It will complicate the spec >=20 > The current spec doesn't require implementers / deployments to make = any decisions, apart from adopt / not DPoP (okay, also choose a JWS alg) = - which is actually a great feature to have >=20 > I also don't like it for basically the same reasons. I've definitely = aimed to keep it simple from that perspective of not having a lot of = optionality or switches. It is a nice feature to have, when possible.=20 >=20 > =20 > Vladimir >=20 >=20 >=20 > On 12/12/2020 01:58, Brian Campbell wrote: >> Any type of client could use DPoP and (presumably) benefit from = sender-constrained access tokens. So yeah, adding complexity = specifically for browser-based applications (that only mitigates one = variation of the attacks possible with XSS anyway) has 'cost' impact to = those clients as well. And should be considered in the cost/benefit. = Including the AT hash isn't terribly complicated but it's not trivial = either. I'm honestly still unsure but am leaning towards it not being = worth adding.=20 >>=20 >> On Fri, Dec 11, 2020 at 2:14 AM Philippe De Ryck = > wrote: >> The scenario you describe here is realistic in browser-based apps = with XSS vulnerabilities, but it is pretty complex. Since there are = worse problems when XSS happens, it=E2=80=99s hard to say whether DPoP = should mitigate this.=20 >>=20 >> I=E2=80=99m wondering what other types of clients would benefit from = using DPoP for access tokens? Mobile apps? Clients using a Client = Credentials grant? >>=20 >> How are they impacted by any change made specifically for = browser-based applications? >>=20 >> Philippe >>=20 >>=20 >>> On 9 Dec 2020, at 23:57, Brian Campbell > wrote: >>>=20 >>> Thanks Philippe, I very much concur with your line of reasoning and = the important considerations. The scenario I was thinking of is: browser = based client where XSS is used to exfiltrate the refresh token along = with pre-computed proofs that would allow for the RT to be exchanged for = new access tokens and also pre-computed proofs that would work with = those access tokens for resource access. With the pre-computed proofs = that would allow prolonged (as long as the RT is valid) access to = protected resources even when the victim is offline. Is that a concrete = attack scenario? I mean, kind of. It's pretty convoluted/complex. And = while an access token hash would reign it in somewhat (ATs obtained from = the stolen RT wouldn't be usable) it's hard to say if the cost is worth = the benefit. >>>=20 >>>=20 >>>=20 >>> On Tue, Dec 8, 2020 at 11:47 PM Philippe De Ryck = > wrote: >>> Yeah, browser-based apps are pure fun, aren=E2=80=99t they? :) >>>=20 >>> The reason I covered a couple of (pessimistic) XSS scenarios is that = the discussion started with an assumption that the attacker already = successfully exploited an XSS vulnerability. I pointed out how, at that = point, finetuning DPoP proof contents will have little to no effect to = stop an attack. I believe it is important to make this very clear, to = avoid people turning to DPoP as a security mechanism for browser-based = applications. >>>=20 >>>=20 >>> Specifically to your question on including the hash in the proof, I = think these considerations are important: >>>=20 >>> 1. Does the inclusion of the AT hash stop a concrete attack = scenario? >>> 2. Is the =E2=80=9Ccost=E2=80=9D (implementation, getting it right, = =E2=80=A6) worth the benefits? >>>=20 >>>=20 >>> Here=E2=80=99s my view on these considerations (specifically for = browser-based apps, not for other types of applications): >>>=20 >>> 1. The proof precomputation attack is already quite complex, and = short access token lifetimes already reduce the window of attack. If the = attacker can steal a future AT, they could also precompute new proofs = then.=20 >>> 2. For browser-based apps, it seems that doing this complicates the = implementation, without adding much benefit. Of course, libraries could = handle this, which significantly reduces the cost.=20 >>>=20 >>>=20 >>> Note that these comments are specifically to complicating the spec = and implementation. DPoP=E2=80=99s capabilities of using = sender-constrained access tokens are still useful to counter various = other scenarios (e.g., middleboxes or APIs abusing access tokens). If = other applications would significantly benefit from having the hash in = the proof, I=E2=80=99m all for it. >>>=20 >>> On a final note, I would be happy to help clear up the details on = web-based threats and defenses if necessary. >>>=20 >>> =E2=80=94 >>> Pragmatic Web Security >>> Security for developers >>> https://pragmaticwebsecurity.com/ = >>>=20 >>>=20 >>>> On 8 Dec 2020, at 22:47, Brian Campbell > wrote: >>>>=20 >>>> Danial recently added some text to the working copy of the draft = with https://github.com/danielfett/draft-dpop/commit/f4b42058 = that I think = aims to better convey the "nutshell: XSS =3D Game over" sentiment and = maybe dissuade folks from looking to DPoP as a cure-all for browser = based applications. Admittedly a lot of the initial impetus behind = producing the draft in the first place was born out of discussions = around browser based apps. But it's neither specific to browser based = apps nor a panacea for them. I hope the language in the document and how = it's recently been presented is reflective of that reality.=20 >>>>=20 >>>> The more specific discussions/recommendations around in-browser = apps are valuable (if somewhat over my head) but might be more = appropriate in the OAuth 2.0 for Browser-Based Apps = = draft.=20 >>>>=20 >>>> With respect to the contents of the DPoP draft, I am still keen to = try and flush out some consensus around the question posed in the start = of this thread, which is effectively whether or not to include a hash of = the access token in the proof. Acknowledging that "XSS =3D Game over" = does sort of evoke a tendency to not even bother with such incremental = protections (what I've tried to humorously coin as "XSS Nihilism" with = no success). And as such, I do think that leaving it how it is (no AT = hash in the proof) is not unreasonable. But, as Filip previously = articulated, including the AT hash in the proof would prevent = potentially prolonged access to protected resources even when the victim = is offline. And that seems maybe worthwhile to have in the protocol, = given that it's not a huge change to the spec. But it's a trade-off = either way and I'm personally on the fence about it. >>>>=20 >>>> Including an RT hash in the proof seems more niche. Best I can = tell, it would guard against prolonged offline access to protected = resources when access tokens are bearer and the RT was DPoP-bound and = also gets rotated. The trade-off there seems less worth it (I think an = RT hash would be more awkward in the protocol too).=20 >>>>=20 >>>>=20 >>>>=20 >>>>=20 >>>>=20 >>>>=20 >>>>=20 >>>> On Fri, Dec 4, 2020 at 5:40 AM Philippe De Ryck = > wrote: >>>>=20 >>>>> The suggestion to use a web worker to ensure that proofs cannot be = pre-computed is a good one I think. (You could also use a sandboxed = iframe for a separate sub/sibling-domain - dpop.example.com = ). >>>>=20 >>>> An iframe with a different origin would also work (not really = sandboxing, as that implies the use of the sandbox attribute to enforce = behavioral restrictions). The downside of an iframe is the need to host = additional HTML, vs a script file for the worker, but the effect is = indeed the same. >>>>=20 >>>>> For scenario 4, I think this only works if the attacker can = trick/spoof the AS into using their redirect_uri? Otherwise the AC will = go to the legitimate app which will reject it due to mismatched = state/PKCE. Or are you thinking of XSS on the redirect_uri itself? I = think probably a good practice is that the target of a redirect_uri = should be a very minimal and locked down page to avoid this kind of = possibility. (Again, using a separate sub-domain to handle tokens and = DPoP seems like a good idea). >>>>=20 >>>> My original thought was to use a silent flow with Web Messaging. = The scenario would go as follows: >>>>=20 >>>> 1. Setup a Web Messaging listener to receive the incoming code >>>> 2. Create a hidden iframe with the DOM APIs >>>> 3. Create an authorization request such as = =E2=80=9C/authorize?response_type=3Dcode&client_id=3D...&redirect_uri=3Dht= tps%3A%2F%example.com = &state=3D...&code_challenge=3D7-ffnU1EzHtMfxOAdlkp_Wi= xnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256&prompt=3Dnone&response_m= ode=3Dweb_message=E2=80=9D >>>> 4. Load this URL in the iframe, and wait for the result >>>> 5. Retrieve code in the listener, and use PKCE (+ DPoP if needed) = to exchange it for tokens >>>>=20 >>>> This puts the attacker in full control over every aspect of the = flow, so no need to manipulate any of the parameters. >>>>=20 >>>>=20 >>>> After your comment, I also believe an attacker can run the same = scenario without the =E2=80=9Cresponse_mode=3Dweb_message=E2=80=9D. This = would go as follows: >>>>=20 >>>> 1. Create a hidden iframe with the DOM APIs >>>> 2. Setup polling to read the URL (this will be possible for = same-origin pages, not for cross-origin pages) >>>> 3. Create an authorization request such as = =E2=80=9C/authorize?response_type=3Dcode&client_id=3D...&redirect_uri=3Dht= tps%3A%2F%example.com = &state=3D...&code_challenge=3D7-ffnU1EzHtMfxOAdlkp_Wi= xnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256=E2=80=9D >>>> 4. Load this URL in the iframe, and keep polling >>>> 5. Detect the redirect back to the application with the code in the = URL, retrieve code, and use PKCE (+ DPoP if needed) to exchange it for = tokens >>>>=20 >>>> In step 5, the application is likely to also try to exchange the = code. This will fail due to a mismatching PKCE verifier. While noisy, I = don=E2=80=99t think it affects the scenario.=20 >>>>=20 >>>>=20 >>>>> IMO, the online attack scenario (i.e., proxying malicious requests = through the victim=E2=80=99s browser) is quite appealing to an attacker, = despite the apparent inconvenience: >>>>>=20 >>>>> - the victim=E2=80=99s browser may be inside a corporate firewall = or VPN, allowing the attacker to effectively bypass these restrictions >>>>> - the attacker=E2=80=99s traffic is mixed in with the user=E2=80=99= s own requests, making them harder to distinguish or to block >>>>>=20 >>>>> Overall, DPoP can only protect against XSS to the same level as = HttpOnly cookies. This is not nothing, but it means it only prevents = relatively naive attacks. Given the association of public key signatures = with strong authentication, people may have overinflated expectations if = DPoP is pitched as an XSS defence. >>>>=20 >>>> Yes, in the cookie world this is known as =E2=80=9CSession = Riding=E2=80=9D. Having the worker for token isolation would make it = possible to enforce a coarse-grained policy on outgoing requests to = prevent total abuse of the AT. >>>>=20 >>>> My main concern here is the effort of doing DPoP in a browser = versus the limited gains. It may also give a false sense of security.=20 >>>>=20 >>>>=20 >>>>=20 >>>> With all this said, I believe that the AS can lock down its = configuration to reduce these attack vectors. A few initial ideas: >>>>=20 >>>> 1. Disable silent flows for SPAs using RT rotation >>>> 2. Use the sec-fetch headers to detect and reject non-silent = iframe-based flows >>>>=20 >>>> For example, an OAuth 2.0 flow in an iframe in Brave/Chrome = carries these headers: >>>> sec-fetch-dest: iframe >>>> sec-fetch-mode: navigate >>>> sec-fetch-site: cross-site >>>> sec-fetch-user: ?1 >>>>=20 >>>>=20 >>>> Philippe >>>>=20 >>>>=20 >>>> CONFIDENTIALITY NOTICE: This email may contain confidential and = privileged material for the sole use of the intended recipient(s). Any = review, use, distribution or disclosure by others is strictly = prohibited. If you have received this communication in error, please = notify the sender immediately by e-mail and delete the message and any = file attachments from your computer. Thank you. >>>=20 >>>=20 >>> CONFIDENTIALITY NOTICE: This email may contain confidential and = privileged material for the sole use of the intended recipient(s). Any = review, use, distribution or disclosure by others is strictly = prohibited. If you have received this communication in error, please = notify the sender immediately by e-mail and delete the message and any = file attachments from your computer. Thank you. >>=20 >>=20 >>=20 >>=20 >>=20 >> CONFIDENTIALITY NOTICE: This email may contain confidential and = privileged material for the sole use of the intended recipient(s). Any = review, use, distribution or disclosure by others is strictly = prohibited. If you have received this communication in error, please = notify the sender immediately by e-mail and delete the message and any = file attachments from your computer. Thank you.=20 >>=20 >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth = > --=20 > Vladimir Dzhuvinov > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth = >=20 > CONFIDENTIALITY NOTICE: This email may contain confidential and = privileged material for the sole use of the intended recipient(s). Any = review, use, distribution or disclosure by others is strictly = prohibited. If you have received this communication in error, please = notify the sender immediately by e-mail and delete the message and any = file attachments from your computer. Thank = you._______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth = --Apple-Mail=_3AEE28DB-81AB-43A6-B1D1-48564FF00B89 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8 I = went and implemented this proposal of including a token hash in both an = AS (java) and client (javascript) on a system that was already using = DPoP and OpenID Connect. What I did there was just use the existing code = we had on the AS-side to calculate the =E2=80=9Cat_hash=E2=80=9D in the = ID Token from OIDC, which I also used to verify on the token-accepting = portions. I had to implement the function on the client side, but that = was only a couple lines using a crypto library to do the heavy hash = lift.

    The most = annoying part is dealing with the hash variability in the OIDC method. = As Brian points out, this isn=E2=80=99t particularly robust, and it = depends on the wrapper being JOSE. That=E2=80=99s not a huge deal = because DPoP uses JOSE for its wrapper, but it=E2=80=99s still extra = code to deal with =E2=80=94 to the point where I just hardcoded the hash = algorithm in my test so that I didn=E2=80=99t have to put together the = switch case over the algorithm. 

    So in at least my own experience, the = addition is minimal on both client and server, and whatever we would = decide for the hash algorithm would be simple enough to manage. I have a = slight preference for just picking something like SHA256 and calling it = a day (and defining other hashes in the future when SHA256 is broken), = but that=E2=80=99s not a hill I care to die on.

     =E2=80=94 Justin

    On Dec 14, 2020, at 4:27 PM, Brian Campbell <bcampbell=3D40pingidentity.com@dmarc.ietf.org> = wrote:



    On Sat, Dec 12, 2020 at 1:22 AM Vladimir Dzhuvinov = <vladimir@connect2id.com> wrote:

    If the current DPoP has code complexity "X", = the relative additional complexity to include access token hashes = doesn't seem like very much. An app choosing DPoP means accepting the = code complexity that comes with dealing with keys, composing the signing = inputs for the proofs, signing, the necessary changes to the token and = RS requests. On the other hand, for some people that additional access = token hash may become the straw that breaks the camel's back, causing = them to quit their jobs developing web apps and never look back :)

    Yeah, the relative = additional complexity to include an access token hash maybe isn't too = much but it's also not not nothing. It's a different kind of operation = than the other things you listed (yes, I know there's a hash as part of = the signing but it's abstracted away from the developer in most cases) = and something that can be quite difficult to troubleshoot when different = parties arrive at different hash values. Hence my lack of conviction on = this one way or the other. 
     

    Have you thought about letting deployments decide about the = access token hash? To say look, there is also the option to bind an = access token to the DPoP proof, the security benefits can be such an = such, and this is how it can be done.

    What= I don't like about that proposal: 

    • It will complicate the spec

    • The current spec doesn't require = implementers / deployments to make any decisions, apart from adopt / not = DPoP (okay, also choose a JWS alg) - which is actually a great feature = to have

    I also don't like it for basically the = same reasons. I've definitely aimed to keep it simple from that = perspective of not having a lot of optionality or switches. It is a nice = feature to have, when possible. 

     

    Vladimir


    On= 12/12/2020 01:58, Brian Campbell wrote:
    Any type of client = could use DPoP and (presumably) benefit = from sender-constrained access tokens. So yeah, adding complexity = specifically for browser-based applications (that only mitigates one = variation of the attacks possible with XSS anyway)  has 'cost' = impact to those clients as well. And should be considered in the = cost/benefit. Including the AT hash isn't terribly complicated but it's = not trivial either. I'm honestly still unsure but am leaning towards it = not being worth adding. 

    On Fri, Dec 11, 2020 at 2:14 AM Philippe De Ryck = <philippe@pragmaticwebsecurity.com> wrote:
    The scenario you describe here is realistic in browser-based = apps with XSS vulnerabilities, but it is pretty complex. Since there are = worse problems when XSS happens, it=E2=80=99s hard to say whether DPoP = should mitigate this. 

    I=E2=80=99m wondering what other types of clients would = benefit from using DPoP for access tokens? Mobile apps? Clients using a = Client Credentials grant?

    How are they impacted by any change made specifically for = browser-based applications?

    Philippe


    On 9 Dec 2020, at 23:57, Brian = Campbell <bcampbell@pingidentity.com> = wrote:

    Thanks Philippe, I very much concur = with your line of reasoning and the important considerations. The = scenario I was thinking of is: browser based client where XSS is used to = exfiltrate the refresh token along with pre-computed proofs that would = allow for the RT to be exchanged for new access tokens and also = pre-computed proofs that would work with those access tokens for = resource access. With the pre-computed proofs that would allow prolonged = (as long as the RT is valid) access to protected resources even when the = victim is offline. Is that a concrete attack scenario? I mean, kind of. = It's pretty convoluted/complex. And while an access token hash would = reign it in somewhat (ATs obtained from the stolen RT wouldn't be = usable) it's hard to say if the cost is worth the benefit.



    On Tue, Dec 8, 2020 at 11:47 PM = Philippe De Ryck <philippe@pragmaticwebsecurity.com> = wrote:
    Yeah, browser-based apps are pure = fun, aren=E2=80=99t they? :)

    The reason I covered a couple of (pessimistic) XSS scenarios = is that the discussion started with an assumption that the attacker = already successfully exploited an XSS vulnerability. I pointed out how, = at that point, finetuning DPoP proof contents will have little to no = effect to stop an attack. I believe it is important to make this very = clear, to avoid people turning to DPoP as a security mechanism for = browser-based applications.


    Specifically to your = question on including the hash in the proof, I think these = considerations are important:

    1. Does the inclusion of the AT hash = stop a concrete attack scenario?
    2. Is the = =E2=80=9Ccost=E2=80=9D (implementation, getting it right, =E2=80=A6) = worth the benefits?


    Here=E2=80=99s my view = on these considerations (specifically for = browser-based apps, not for other types of = applications):

    1. The proof precomputation attack is already quite complex, = and short access token lifetimes already reduce the window of attack. If = the attacker can steal a future AT, they could also precompute new = proofs then. 
    2. For browser-based apps, it = seems that doing this complicates the implementation, without adding = much benefit. Of course, libraries could handle this, which = significantly reduces the cost. 


    Note= that these comments are specifically to complicating the spec and = implementation. DPoP=E2=80=99s capabilities of using sender-constrained = access tokens are still useful to counter various other scenarios (e.g., = middleboxes or APIs abusing access tokens). If other applications would = significantly benefit from having the hash in the proof, I=E2=80=99m all = for it.

    On a = final note, I would be happy to help clear up the details on web-based = threats and defenses if necessary.

    =E2=80=94
    Pragmatic Web Security
    Security= for developers
    https://pragmaticwebsecurity.com/


    On 8 Dec 2020, at 22:47, Brian = Campbell <bcampbell@pingidentity.com> = wrote:

    Danial recently added some text to the = working copy of the draft with https://github.com/danielfett/draft-dpop/commit/f4b42058 that I think aims to = better convey the "nutshell: XSS =3D Game over" sentiment and maybe = dissuade folks from looking to DPoP as a cure-all for browser based = applications. Admittedly a lot of the initial impetus behind producing = the draft in the first place was born out of discussions around browser = based apps. But it's neither specific to browser based apps nor a = panacea for them. I hope the language in the document and how it's = recently been presented is reflective of that reality. 

    The more specific = discussions/recommendations around in-browser apps are valuable (if = somewhat over my head) but might be more appropriate in the OAuth 2.0 for Browser-Based = Apps draft. 

    With respect to the contents of the = DPoP draft, I am still keen to try and flush out some consensus around = the question posed in the start of this thread, which is effectively = whether or not to include a hash of the access token in the proof.  = Acknowledging that "XSS =3D Game over" does sort of evoke a tendency to = not even bother with such incremental protections (what I've tried to = humorously coin as "XSS Nihilism" with no success). And as such, I do = think that leaving it how it is (no AT hash in the proof) is not = unreasonable. But, as Filip previously articulated, including the AT = hash in the proof would prevent potentially prolonged access to = protected resources even when the victim is offline. And that seems = maybe worthwhile to have in the protocol, given that it's not a huge = change to the spec. But it's a trade-off either way and I'm personally = on the fence about it.

    Including an RT hash in the proof seems more niche. Best I = can tell, it would guard against prolonged offline access to protected = resources when access tokens are bearer and the RT was DPoP-bound and = also gets rotated. The trade-off there seems less worth it (I think an = RT hash would be more awkward in the protocol too). 







    On Fri, Dec = 4, 2020 at 5:40 AM Philippe De Ryck <philippe@pragmaticwebsecurity.com> wrote:

    The suggestion to use a web worker to ensure = that proofs cannot be pre-computed is a good one I think. (You could = also use a sandboxed iframe for a separate sub/sibling-domain - dpop.example.com).

    An iframe with a = different origin would also work (not really sandboxing, as that implies = the use of the sandbox attribute to enforce behavioral restrictions). = The downside of an iframe is the need to host additional HTML, vs a = script file for the worker, but the effect is indeed the same.

    For scenario 4, I think this = only works if the attacker can trick/spoof the AS into using their = redirect_uri? Otherwise the AC will go to the legitimate app which will = reject it due to mismatched state/PKCE. Or are you thinking of XSS on = the redirect_uri itself? I think probably a good practice is that the = target of a redirect_uri should be a very minimal and locked down page = to avoid this kind of possibility. (Again, using a separate sub-domain = to handle tokens and DPoP seems like a good = idea).

    My original thought was to use a silent = flow with Web Messaging. The scenario would go as follows:

    1. Setup a Web Messaging = listener to receive the incoming code
    2. Create a = hidden iframe with the DOM APIs
    3. Create an = authorization request such as =E2=80=9C/authorize?response_type=3Dcode&client_id=3D...&redirec= t_uri=3Dhttps%3A%2F%example.com&state=3D...&code_challenge=3D7-ffnU1EzH= tMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256&pro= mpt=3Dnone&response_mode=3Dweb_message=E2=80=9D
    4. Load this URL in the iframe, and wait for the = result
    5. Retrieve code in the listener, and use = PKCE (+ DPoP if needed) to exchange it for tokens
    This puts the attacker in full control = over every aspect of the flow, so no need to manipulate any of the = parameters.


    After your comment, I also believe an = attacker can run the same scenario without the =E2=80=9Cresponse_mode=3Dweb_message=E2=80=9D. This would go as = follows:

    1. Create a hidden iframe with the DOM APIs
    2. Setup polling to read the URL (this will be possible for = same-origin pages, not for cross-origin pages)
    3. = Create an authorization request such as =E2=80=9C/authorize?response_type=3Dcode&client_id=3D...&redirec= t_uri=3Dhttps%3A%2F%example.com&state=3D...&code_challenge=3D7-ffnU1EzH= tMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256=E2=80= =9D
    4. Load this URL in the iframe, and keep = polling
    5. Detect the redirect back to the = application with the code in the URL, retrieve code, and use PKCE (+ = DPoP if needed) to exchange it for tokens

    In step 5, the application is likely to = also try to exchange the code. This will fail due to a mismatching PKCE = verifier. While noisy, I don=E2=80=99t think it affects the = scenario. 


    IMO, the online attack scenario (i.e., = proxying malicious requests through the victim=E2=80=99s browser) is = quite appealing to an attacker, despite the apparent = inconvenience:

     - the victim=E2=80=99s browser may be inside a = corporate firewall or VPN, allowing the attacker to effectively bypass = these restrictions
     - the attacker=E2=80=99s = traffic is mixed in with the user=E2=80=99s own requests, making them = harder to distinguish or to block

    Overall, DPoP can only protect against = XSS to the same level as HttpOnly cookies. This is not nothing, but it = means it only prevents relatively naive attacks. Given the association = of public key signatures with strong authentication, people may have = overinflated expectations if DPoP is pitched as an XSS = defence.

    Yes, in the cookie world this is known = as =E2=80=9CSession Riding=E2=80=9D. Having the worker for token = isolation would make it possible to enforce a coarse-grained policy on = outgoing requests to prevent total abuse of the AT.

    My main concern here is = the effort of doing DPoP in a browser versus the limited gains. It may = also give a false sense of security. 



    With all this said, I believe that the = AS can lock down its configuration to reduce these attack vectors. A few = initial ideas:

    1. Disable silent flows for SPAs using RT rotation
    2. Use the sec-fetch headers to detect and reject non-silent = iframe-based flows

    For example,  an OAuth 2.0 flow in an iframe in = Brave/Chrome carries these headers:
    sec-fetch-dest: = iframe
    sec-fetch-mode: navigate
    sec-fetch-site: cross-site
    sec-fetch-user:= ?1


    Philippe


    CONFIDENTIALITY = NOTICE: This email may contain confidential and privileged material for = the sole use of the intended recipient(s). Any review, use, distribution = or disclosure by others is strictly prohibited.  If you have = received this communication in error, please notify the sender = immediately by e-mail and delete the message and any file attachments = from your computer. Thank = you.


    CONFIDENTIALITY = NOTICE: This email may contain confidential and privileged material for = the sole use of the intended recipient(s). Any review, use, distribution = or disclosure by others is strictly prohibited.  If you have = received this communication in error, please notify the sender = immediately by e-mail and delete the message and any file attachments = from your computer. Thank = you.





    CONFIDENTIALITY NOTICE: This = email may contain confidential and privileged material for the sole use = of the intended recipient(s). Any review, use, distribution or = disclosure by others is strictly prohibited.  If you have received = this communication in error, please notify the sender immediately by = e-mail and delete the message and any file attachments from your = computer. Thank you. 
    _______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

    --=20
Vladimir =
Dzhuvinov
    _______________________________________________
    OAuth mailing list
    OAuth@ietf.org
    https://www.ietf.org/mailman/listinfo/oauth

    CONFIDENTIALITY NOTICE: This email may contain confidential = and privileged material for the sole use of the intended recipient(s). = Any review, use, distribution or disclosure by others is strictly = prohibited.  If you have received this communication in error, = please notify the sender immediately by e-mail and delete the message = and any file attachments from your computer. Thank = you._______________________________________________
    OAuth mailing list
    OAuth@ietf.org
    https://www.ietf.org/mailman/listinfo/oauth

    = --Apple-Mail=_3AEE28DB-81AB-43A6-B1D1-48564FF00B89-- From nobody Tue Dec 15 21:02:01 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AEE0A3A08CA; Tue, 15 Dec 2020 21:01:58 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.098 X-Spam-Level: X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fnH1-U0R6XIo; Tue, 15 Dec 2020 21:01:56 -0800 (PST) Received: from mail-lf1-x133.google.com (mail-lf1-x133.google.com [IPv6:2a00:1450:4864:20::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7EDCA3A10D9; Tue, 15 Dec 2020 21:01:43 -0800 (PST) Received: by mail-lf1-x133.google.com with SMTP id x20so25637387lfe.12; Tue, 15 Dec 2020 21:01:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=GM3YlPmDwJi9FGNtUMRLpJpRK4LOV69uZuZGdcYtqLs=; b=S5L+/GoZdGCMy+D1xOBtOrRLo5vFD33iaEPQf0MFHx0dPfm+BVNSWe5ep8EmaNC19c HmQVwuToFLFMMvRqlCvH5ZeR9NCc8t2S5GKD+wFv7IKOCM0LdVsu6e3B59tNenNf8WYg UxjC1ybxG2V+v3xxparRQgP29p7985k0l0zaL0F0Kg2+XnyVJyXabVy2+XPMs6TQbygW RG0x/yIh14S+wsCBl25pnbRsxGLnWU5OP2Egkf1OgoWIDNivFXpkrAOf3d14FASZ9eiH V2FsmzpQrOeUDsO0pOsgAuXQJQc5+7du/ntsoBqiFNJgjrAdJ8A4mqLB91fQ4maqnBLo B7tw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=GM3YlPmDwJi9FGNtUMRLpJpRK4LOV69uZuZGdcYtqLs=; b=dvv9QOKAwYHytlK+uFRClurdYnKz8SuJK0KrVHP4B/BI9PMfEgw5ax+CiZ2SO/mAAn w15WPVezDg3TdIWJEozBraOeMqCOqLM+/RbxzIQVx/NLohqyRrAilBKWVwPHlbFqkrNu +t//HolLGp3Mdo39hD+4SRKKNEnv8/94R9FaX9xpJH3gvlfxspwh4ogBT0uJaTEN8UUS hLSynlcW6Pnl37eQ48J187eSQjWQiztouHBqblK34hmg81o4ZOfuIUzlKYfGMpa7K6hm +ja/5CcBZARVBW3OoQhVDD/v5bBoiEq/W0Zn4ZKka+c2ObOqNdB1OLmCWAWHPJMfSZ5F YOPQ== X-Gm-Message-State: AOAM532hVDzZHCa5Yi34lVnc7Smyr8xwrwbPqlzrX4mOzMP8EtvY+xmC 88phNPOTPNFzYShImYzNMg2qtv5xmf7ofBcc2jA= X-Google-Smtp-Source: ABdhPJyL0lhH7B/dx4WQ6KbddHTBpLYINxPL+qhF5sD25pr5Ke5hUlmaSTXebezs3JorBulKLC9p27zm4B7tJaPA7yI= X-Received: by 2002:a2e:874c:: with SMTP id q12mr13301792ljj.424.1608094901014; Tue, 15 Dec 2020 21:01:41 -0800 (PST) MIME-Version: 1.0 References: <160108120392.5893.18114957198518376382@ietfa.amsl.com> In-Reply-To: From: Watson Ladd Date: Tue, 15 Dec 2020 21:01:29 -0800 Message-ID: To: Nat Sakimura Cc: secdir , IETF oauth WG , last-call@ietf.org, draft-ietf-oauth-jwsreq.all@ietf.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Archived-At: Subject: Re: [OAUTH-WG] Secdir last call review of draft-ietf-oauth-jwsreq-30 X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Dec 2020 05:01:59 -0000 On Sat, Oct 31, 2020 at 6:13 AM Nat Sakimura wrote: > > Hi Watson, > > Thanks very much for the review. I thought I have sent my response > earlier, which I actually did not. It was sitting in my draft box. I > apologize for it. My apologies for missing it in my inbox for a number of months. > > My responses inline: > > On Sat, Sep 26, 2020 at 9:46 AM Watson Ladd via Datatracker > wrote: > > > > Reviewer: Watson Ladd > > Review result: Serious Issues > > > > I generated this review of this document as part of the security direct= orate's > > ongoing effort to review all IETF documents being processed by the IESG= . These > > comments were written with the intent of improving security requirement= s and > > considerations in IETF drafts. Comments not addressed in last call may= be > > included in AD reviews during the IESG review. Document editors and WG= chairs > > should treat these comments just like any other last call comments. > > > > Two minor issues: On page 4, "This offers an additional degree of priva= cy > > protection." should be reworded. I don't think it makes sense in contex= t, where > > authenticity was discussed. > > > In the course of the edit, explanation about two distinct privacy > benefits was collated in one sentence and has become very difficult to > parse. > > What it is trying to express as privacy benefits are the following. > > 1) The authorization request content is sent to the AS in the > backchannel so it will not be exposed through the browser to the eyes > of an active or passive outsider observing what is going on in the > browser. In the RFC6749 framework case, the authorization request > goes through the browser redirect and it could leak to the adversary > via WPAD/PAC Attack, referrer, browser history, etc. Also, if the > browser was infected by an adversary controlled malware, the content > can be sniffed by the adversary. In the case of JAR, it does not > happen. This is one privacy benefit it is trying to explain. > > 2) The location that the authorization request is getting pushed to > does not have to be the AS. A trusted third party that examines the > content for the conformance to the collection minimization principle > may act as the party that accepts the authorization request and issues > the request_uri. AS can then just evaluate the domain part of > request_uri to evaluate that the authorization request is conformant > to this principle. This is another privacy benefit from the point of > view of the individual user. I'm fine with any fix to the sentence that makes sense. Don't think we need to insert the above but I very much appreciate the explanation. > > > > It took me a while to understand what the by reference method is: maybe= the > > intro should say via URL instead of by reference. > > > request_uri can be URL or a handle such as URN. That is why the "by > reference" word is being used, per the suggestion of the WG. I'm fine with that, just noting my confusion. > > > > > > > And now for the thorny issues with this draft. Signatures and encryptio= n are > > different. And encrypting a signed blob doesn't mean the signer encrypt= ed it. > > Then there are a plethora of methods specified in the draft to authent= icate > > the blob, which will give different results in maliciously constructed > > examples. The security considerations section should discuss what the e= ncrypted > > vs signed choices give in the way of security, and it doesn't. This mak= es me > > worry. > > We don=E2=80=99t expect the encryption to ensure authenticity, that=E2=80= =99s what the > signatures are used for. This needs to be very clearly spelled out in the text. Lots of people will not understand this. The wording of section 10.2 is at best ambivalent, with multiple alternatives presented as acceptable. > > > I didn't quite get what is meant by "plethora of methods specified in > the draft to authenticate the blob ... " > There is a bit of text about authenticating the source (=3Dclient) but > not much on the blob itself. > The discussion around the signature and/or encryption is covered in > RFC7519 (JWT), the format that the request object assumes. > This is required reading when implementing this spec, so WG thought it > is not worth repeating here. > Attacks etc. on the signature and encryption are covered in RFC7515 > and RFC7516 respectively. Well, the draft happens to include the following text: "The Authorization Server MUST validate the signature of the JSON Web Signature [RFC7515] signed Request Object. The signature MUST be validated using the key for that "client_id" and the algorithm specified in the "alg" Header Parameter." Shouldn't the key be associated with a single algorithm? How do we ensure that the common attack of telling the server to use hmac to verify the signature doesn't work here? > > > > > Looking at the cited reference for attacks, I see the fix is to include > > information about which IPD was used by the RP. But the draft before us= doesn't > > mandate that. It's not clear than how the cited attack is prevented by = the > > draft. Saying that the communication through the user-agent is subject = to > > The mention of mix-up attack was introduced after the Last call by one > of the comment. It just added it in the sentence with a reference. I > am ok to remove it. That works for me. > > Having said that, the heart of mix-up attack is that the combination > of the client believes that it is communicating with the > attacker-controlled AS (AAS) while it in-fact is talking to Honest AS > (HAS), AND HAS unable to find out that the client is thinking that it > is talking to AAS not him. > > OAuth JAR seems to mitigate it in two ways: > > a) Use request_uri which is hosted by the AS. Then, if the client is > thinking that it is talking to the AAS, then it will push it to AAS > and when the user is redirected to HAS, HAS will find out that the > request_uri is not created by herself and return an error, making the > mix-up attack fail. > > b) Include `aud` in the request. Then, when the HAS will find that the > request was minted to AAS and not her. So, it will result in an error, > making the mix-up attack fail. If the draft mandates doing this it addresses the attack and the sentence can stay. > > So, I added mix-up attack to the sentence thinking the commenter's > request to add it is fine, but I am fine with removing it. > > > manipulation, and this prevents it, ignores that the attacker in that p= osition > > sees a lot more. The user-agent as resource owner modifying the request= ed > > resources is a very funny sort of attack: can't they do what they want = with the > > resources since they control the access? > > If the client is in the browser, yes. > But in the mainstream case, the client is not in the browser but the > web-server that the browser is communicating with and the resource > access happens without being mediated by the browser. My concern on this point is resolved. > > > > > > > Key management is ignored. This is a very important issue, especially > > A lot of ground is covered by RFC 7515, 7516, 7517, 7518, 7519, 7591, > and 8414 so this document is not specifically restating them. > > > > > considering the potential problems with the reuse of JWT. I'd like to s= ee a > > Are you talking about the reuse of the request object by an adversary > trying to act as an honest client? > Even if it happens, the malicious client does not have the proper > client credential so it cannot redeem the code it obtained with the > token. It is no different than RFC6749 code grant. Protocols that > extend it, such as OpenID Connect, have introduced nonce to prevent > the reuse and used JAR (it is called request object there) to further > protect tampering and achieve client authentication even in the front > channel. > > > recommendation that keys be separated by intended uses, rather than lim= iting > > particular fields in an ad-hoc manner. > > Could you kindly elaborate on the "ad-hoc manner" part so that I can > understand it more fully? 10.8, Cross-JWT Confusion discusses avoiding signing certain fields, rather than suggesting good key usage as a solution. > > > > > > > Then we have section 11. What section 11 introduces is an entire new dr= amatis > > personae, the Trust Framework Provider, with no prior discussion of wha= t it is > > or a reference to where it is defined and a good number of statements a= bout how > > it works that aren't really clear what they mean from the document to = me. > > Trust Framework Provider first appears in 5.2.1. > At the time of writing the related text, it was a pretty well-known > concept. In the United State, it was part of its National Strategy > (NSTIC) and internationally, it was even taken up at WEF Davos > meeting. It is quite surprising that such a mainstream concept faded > into obscurity so quickly. The reason for introducing it was to a) > justify request_uri as some WG members wanted it to be removed, b) > justify that requst_uri to be served from a different domain. Now that > people appreciate it, e.g., it can be seen from PAR, the justification > for a) probably is no longer required. A full explanation for b) would > probably be a much longer text but I doubt if it belongs to this > document. I am fine with removing the reference to Trust framework > etc. as long as the capability to push the authorization request to a > place other than the client or the authorization server is not > removed. Let's remove the text then, but keep the capability. > > > > > My biggest concern is that these issues are signs that the problem this= draft > > is trying to solve and the mechanisms to solve it haven't been analyzed= as > > thoroughly as they should have been. Without that sort of thorough anal= ysis > > it's not certain that the mechanisms actually solve the problem and it'= s not > > clear what the recommendations to implementers have to be to preserve t= hose > > properties. > > OAuth JAR, as the name "The OAuth 2.0 Authorization Framework: JWT > Secured Authorization Request (JAR)" suggests, is a framework and not > a house itself. One such example is FAPI [1] which was formally > verified [2]. "It's possible to use this draft security" I don't think should be enough anymore. Rather it should be impossible to use insecurely. > > [1] https://bitbucket.org/openid/fapi/src/master/Financial_API_WD_002.md > [2] https://arxiv.org/abs/1901.11520 > > > > > Obviously this draft has had a long and tortured history with multiple = reviews, > > and what I'm suggesting needs to happen is a lot of work. But it's ess= ential > > in any security protocol to do this analysis and be clear about what is= , and > > what is not, protected by the protocol. > > OAuth JAR is nothing but just another binding to OAuth 2.0. Where RFC6749 > binds it to form encoding, it provides two additional bindings: > 1) binding to JWT, and > 2) binding to the pushed authorization request that is referenced by = a URI. > It is this simple. As such, it would also inherit some of the > shortcomings in RFC6749. However, it is not this document to address > them. It should be done by other documents so that the result can be > encoded using the mechanisms provided in this document. This is not a simple matter. JWT has a long and twisted history with some pervasive errors in common libraries, and is a fairly large standard. OAuth 2.0 is also large. Ensuring that the mapping has the right properties is going to be a mess. If the encoding does not respect the semantics we have a serious security issue. If implementors assume the encoding provides properties it does not, we again have a security issue. > > It is quite surprising that this fact is not getting appreciated and > is taking such a long time to complete. > Maybe I should delete all the explanation text and leave it with just > the core text. Explanation and justification text for defining > additional bindings probably are just distractions now as it is now > appreciated and used all over the world unlike when the project was > started. > > > > > Sincerely, > > Watson Ladd > > > > Thanks again for your detailed comments. > > Best wishes, > > -- > Nat Sakimura > NAT.Consulting LLC -- Astra mortemque praestare gradatim From nobody Thu Dec 17 08:29:33 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 010953A0DBE for ; Thu, 17 Dec 2020 08:29:31 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.097 X-Spam-Level: X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xAQRtR9XZK8Y for ; Thu, 17 Dec 2020 08:29:27 -0800 (PST) Received: from mail-lf1-x12d.google.com (mail-lf1-x12d.google.com [IPv6:2a00:1450:4864:20::12d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D965C3A0E3D for ; Thu, 17 Dec 2020 08:29:20 -0800 (PST) Received: by mail-lf1-x12d.google.com with SMTP id a12so58891002lfl.6 for ; Thu, 17 Dec 2020 08:29:20 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=Bkae0XAdXq5M7jswtjfyfpgY/ZCKaA5XSBrDKLxfDXo=; b=s0Vk+IJ0cntTTph4VoLjv9mgBeZCXYJd1JJ9KWeJ6d3g9LS9Ria98o+4uzLI0KAjah sVZNC/nvIc2eGcs9xvFt0f6vbv6X4vCyFWqn2UsNjbgq8mHkn1OfFmmrBZdpd/HBSLrI JqvWs2/0z6SuwFimB4//1TKUNC7zdHvLRSJo6dL0Yy8d8FNN4vitMTxffl4VfXbNQqf9 9cTnQ4499CCPmNUfrNOAGw62UNtAr/XYQFBcvJJLlSCPJ2v6OTtl86URQDuY0KNEjLyc QE73OPIbw801TIOBQ4sVpiuhXEbUR0nxhLgnvvDF/3/EA4dFIZj945RTKKKTn7NBB8f4 SIXg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=Bkae0XAdXq5M7jswtjfyfpgY/ZCKaA5XSBrDKLxfDXo=; b=FTEYCL/VAwGQ0M5KdldIpW7PVDAQKJDF0qVrcKuvRn8DkmL8A2Px8CY1Zw4a5X9Qit gUG0m0Yka3o7TlPOk+hrquZ3KRk9qgX9KQbXaWsnzHQsW0D7sPRIIfdlEBghemJXp0M0 QgutdqXnzF66GMsTpqgoe4Ba5M9lhZRO5KV0ClzOdPrOxRx6Lk6fi17EjrNSvM2rYnLn ell4dTclVtX82C4JEJA5J0cnhUKi/ATSCCnjzIcCMPPDZEIYsK7GDjWzvm3bzgNxPp6D qak6LxP9a3mVYAfKz+OR+NwdeXMBqw/cT0QoUqSZlK/Jt/3gU/WUOd8yzZe4/J5eKQ+6 uTGg== X-Gm-Message-State: AOAM5311hQW5SDlTu3Vgo640r6Q4ijstQ3o2+HJXSxtaEQOVbTr4JFj3 n70/HoYhW1q/XgNdtukqShjIsLh4s0biFNdKztbYql/tpbU= X-Google-Smtp-Source: ABdhPJyKdlJku25vbNOH5fogai8fzJ52bI8PujOd6rqXQ43ntmtBTI2iskQwPKj6xT++UK83H3RhvxwqSZUpBd3lXwQ= X-Received: by 2002:a19:8116:: with SMTP id c22mr15930903lfd.211.1608222557245; Thu, 17 Dec 2020 08:29:17 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: From: Faisal Rachman Date: Thu, 17 Dec 2020 23:29:04 +0700 Message-ID: To: oauth@ietf.org Content-Type: multipart/alternative; boundary="0000000000003e95b705b6ab7eb4" Archived-At: Subject: Re: [OAUTH-WG] OAuth Digest, Vol 146, Issue 67 X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Dec 2020 16:29:31 -0000 --0000000000003e95b705b6ab7eb4 Content-Type: text/plain; charset="UTF-8" On Thu, Dec 17, 2020, 03:02 wrote: > Send OAuth mailing list submissions to > oauth@ietf.org > > To subscribe or unsubscribe via the World Wide Web, visit > https://www.ietf.org/mailman/listinfo/oauth > or, via email, send a message with subject or body 'help' to > oauth-request@ietf.org > > You can reach the person managing the list at > oauth-owner@ietf.org > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of OAuth digest..." > > > Today's Topics: > > 1. Re: Secdir last call review of draft-ietf-oauth-jwsreq-30 > (Watson Ladd) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Tue, 15 Dec 2020 21:01:29 -0800 > From: Watson Ladd > To: Nat Sakimura > Cc: secdir , IETF oauth WG , > last-call@ietf.org, draft-ietf-oauth-jwsreq.all@ietf.org > Subject: Re: [OAUTH-WG] Secdir last call review of > draft-ietf-oauth-jwsreq-30 > Message-ID: > < > CACsn0cnBbb7MO4u0mytq350oAoR44omdkjMA5EA37QupprrQYw@mail.gmail.com> > Content-Type: text/plain; charset="UTF-8" > > On Sat, Oct 31, 2020 at 6:13 AM Nat Sakimura wrote: > > > > Hi Watson, > > > > Thanks very much for the review. I thought I have sent my response > > earlier, which I actually did not. It was sitting in my draft box. I > > apologize for it. > > My apologies for missing it in my inbox for a number of months. > > > > My responses inline: > > > > On Sat, Sep 26, 2020 at 9:46 AM Watson Ladd via Datatracker > > wrote: > > > > > > Reviewer: Watson Ladd > > > Review result: Serious Issues > > > > > > I generated this review of this document as part of the security > directorate's > > > ongoing effort to review all IETF documents being processed by the > IESG. These > > > comments were written with the intent of improving security > requirements and > > > considerations in IETF drafts. Comments not addressed in last call > may be > > > included in AD reviews during the IESG review. Document editors and > WG chairs > > > should treat these comments just like any other last call comments. > > > > > > Two minor issues: On page 4, "This offers an additional degree of > privacy > > > protection." should be reworded. I don't think it makes sense in > context, where > > > authenticity was discussed. > > > > > > In the course of the edit, explanation about two distinct privacy > > benefits was collated in one sentence and has become very difficult to > > parse. > > > > What it is trying to express as privacy benefits are the following. > > > > 1) The authorization request content is sent to the AS in the > > backchannel so it will not be exposed through the browser to the eyes > > of an active or passive outsider observing what is going on in the > > browser. In the RFC6749 framework case, the authorization request > > goes through the browser redirect and it could leak to the adversary > > via WPAD/PAC Attack, referrer, browser history, etc. Also, if the > > browser was infected by an adversary controlled malware, the content > > can be sniffed by the adversary. In the case of JAR, it does not > > happen. This is one privacy benefit it is trying to explain. > > > > 2) The location that the authorization request is getting pushed to > > does not have to be the AS. A trusted third party that examines the > > content for the conformance to the collection minimization principle > > may act as the party that accepts the authorization request and issues > > the request_uri. AS can then just evaluate the domain part of > > request_uri to evaluate that the authorization request is conformant > > to this principle. This is another privacy benefit from the point of > > view of the individual user. > > I'm fine with any fix to the sentence that makes sense. Don't think we > need to insert the above but I very much appreciate the explanation. > > > > > > > > It took me a while to understand what the by reference method is: > maybe the > > > intro should say via URL instead of by reference. > > > > > > request_uri can be URL or a handle such as URN. That is why the "by > > reference" word is being used, per the suggestion of the WG. > > I'm fine with that, just noting my confusion. > > > > > > > > > > > > And now for the thorny issues with this draft. Signatures and > encryption are > > > different. And encrypting a signed blob doesn't mean the signer > encrypted it. > > > Then there are a plethora of methods specified in the draft to > authenticate > > > the blob, which will give different results in maliciously constructed > > > examples. The security considerations section should discuss what the > encrypted > > > vs signed choices give in the way of security, and it doesn't. This > makes me > > > worry. > > > > We don?t expect the encryption to ensure authenticity, that?s what the > > signatures are used for. > > This needs to be very clearly spelled out in the text. Lots of people > will not understand this. The wording of section 10.2 is at best > ambivalent, with multiple alternatives presented as acceptable. > > > > > > > > I didn't quite get what is meant by "plethora of methods specified in > > the draft to authenticate the blob ... " > > There is a bit of text about authenticating the source (=client) but > > not much on the blob itself. > > The discussion around the signature and/or encryption is covered in > > RFC7519 (JWT), the format that the request object assumes. > > This is required reading when implementing this spec, so WG thought it > > is not worth repeating here. > > Attacks etc. on the signature and encryption are covered in RFC7515 > > and RFC7516 respectively. > > Well, the draft happens to include the following text: > "The Authorization Server MUST validate the signature of the JSON Web > Signature [RFC7515] signed Request Object. The signature MUST be > validated using the key for that "client_id" and the algorithm > specified in the "alg" Header Parameter." > > Shouldn't the key be associated with a single algorithm? How do we > ensure that the common attack of telling the server to use hmac to > verify the signature doesn't work here? > > > > > > > > > Looking at the cited reference for attacks, I see the fix is to include > > > information about which IPD was used by the RP. But the draft before > us doesn't > > > mandate that. It's not clear than how the cited attack is prevented by > the > > > draft. Saying that the communication through the user-agent is subject > to > > > > The mention of mix-up attack was introduced after the Last call by one > > of the comment. It just added it in the sentence with a reference. I > > am ok to remove it. > > That works for me. > > > > > Having said that, the heart of mix-up attack is that the combination > > of the client believes that it is communicating with the > > attacker-controlled AS (AAS) while it in-fact is talking to Honest AS > > (HAS), AND HAS unable to find out that the client is thinking that it > > is talking to AAS not him. > > > > OAuth JAR seems to mitigate it in two ways: > > > > a) Use request_uri which is hosted by the AS. Then, if the client is > > thinking that it is talking to the AAS, then it will push it to AAS > > and when the user is redirected to HAS, HAS will find out that the > > request_uri is not created by herself and return an error, making the > > mix-up attack fail. > > > > b) Include `aud` in the request. Then, when the HAS will find that the > > request was minted to AAS and not her. So, it will result in an error, > > making the mix-up attack fail. > > If the draft mandates doing this it addresses the attack and the > sentence can stay. > > > > > So, I added mix-up attack to the sentence thinking the commenter's > > request to add it is fine, but I am fine with removing it. > > > > > manipulation, and this prevents it, ignores that the attacker in that > position > > > sees a lot more. The user-agent as resource owner modifying the > requested > > > resources is a very funny sort of attack: can't they do what they want > with the > > > resources since they control the access? > > > > If the client is in the browser, yes. > > But in the mainstream case, the client is not in the browser but the > > web-server that the browser is communicating with and the resource > > access happens without being mediated by the browser. > > My concern on this point is resolved. > > > > > > > > > > > > Key management is ignored. This is a very important issue, especially > > > > A lot of ground is covered by RFC 7515, 7516, 7517, 7518, 7519, 7591, > > and 8414 so this document is not specifically restating them. > > > > > > > > considering the potential problems with the reuse of JWT. I'd like to > see a > > > > Are you talking about the reuse of the request object by an adversary > > trying to act as an honest client? > > Even if it happens, the malicious client does not have the proper > > client credential so it cannot redeem the code it obtained with the > > token. It is no different than RFC6749 code grant. Protocols that > > extend it, such as OpenID Connect, have introduced nonce to prevent > > the reuse and used JAR (it is called request object there) to further > > protect tampering and achieve client authentication even in the front > > channel. > > > > > recommendation that keys be separated by intended uses, rather than > limiting > > > particular fields in an ad-hoc manner. > > > > Could you kindly elaborate on the "ad-hoc manner" part so that I can > > understand it more fully? > > 10.8, Cross-JWT Confusion discusses avoiding signing certain fields, > rather than suggesting good key usage as a solution. > > > > > > > > > > > > Then we have section 11. What section 11 introduces is an entire new > dramatis > > > personae, the Trust Framework Provider, with no prior discussion of > what it is > > > or a reference to where it is defined and a good number of statements > about how > > > it works that aren't really clear what they mean from the document to > me. > > > > Trust Framework Provider first appears in 5.2.1. > > At the time of writing the related text, it was a pretty well-known > > concept. In the United State, it was part of its National Strategy > > (NSTIC) and internationally, it was even taken up at WEF Davos > > meeting. It is quite surprising that such a mainstream concept faded > > into obscurity so quickly. The reason for introducing it was to a) > > justify request_uri as some WG members wanted it to be removed, b) > > justify that requst_uri to be served from a different domain. Now that > > people appreciate it, e.g., it can be seen from PAR, the justification > > for a) probably is no longer required. A full explanation for b) would > > probably be a much longer text but I doubt if it belongs to this > > document. I am fine with removing the reference to Trust framework > > etc. as long as the capability to push the authorization request to a > > place other than the client or the authorization server is not > > removed. > > Let's remove the text then, but keep the capability. > > > > > > > > > > My biggest concern is that these issues are signs that the problem > this draft > > > is trying to solve and the mechanisms to solve it haven't been > analyzed as > > > thoroughly as they should have been. Without that sort of thorough > analysis > > > it's not certain that the mechanisms actually solve the problem and > it's not > > > clear what the recommendations to implementers have to be to preserve > those > > > properties. > > > > OAuth JAR, as the name "The OAuth 2.0 Authorization Framework: JWT > > Secured Authorization Request (JAR)" suggests, is a framework and not > > a house itself. One such example is FAPI [1] which was formally > > verified [2]. > > "It's possible to use this draft security" I don't think should be > enough anymore. Rather it should be impossible to use insecurely. > > > > > [1] https://bitbucket.org/openid/fapi/src/master/Financial_API_WD_002.md > > [2] https://arxiv.org/abs/1901.11520 > > > > > > > > Obviously this draft has had a long and tortured history with multiple > reviews, > > > and what I'm suggesting needs to happen is a lot of work. But it's > essential > > > in any security protocol to do this analysis and be clear about what > is, and > > > what is not, protected by the protocol. > > > > OAuth JAR is nothing but just another binding to OAuth 2.0. Where RFC6749 > > binds it to form encoding, it provides two additional bindings: > > 1) binding to JWT, and > > 2) binding to the pushed authorization request that is referenced by > a URI. > > It is this simple. As such, it would also inherit some of the > > shortcomings in RFC6749. However, it is not this document to address > > them. It should be done by other documents so that the result can be > > encoded using the mechanisms provided in this document. > > This is not a simple matter. JWT has a long and twisted history with > some pervasive errors in common libraries, and is a fairly large > standard. OAuth 2.0 is also large. Ensuring that the mapping has the > right properties is going to be a mess. If the encoding does not > respect the semantics we have a serious security issue. If > implementors assume the encoding provides properties it does not, we > again have a security issue. > > > > > It is quite surprising that this fact is not getting appreciated and > > is taking such a long time to complete. > > Maybe I should delete all the explanation text and leave it with just > > the core text. Explanation and justification text for defining > > additional bindings probably are just distractions now as it is now > > appreciated and used all over the world unlike when the project was > > started. > > > > > > > > > Sincerely, > > > Watson Ladd > > > > > > > Thanks again for your detailed comments. > > > > Best wishes, > > > > -- > > Nat Sakimura > > NAT.Consulting LLC > > > > -- > Astra mortemque praestare gradatim > > > > ------------------------------ > > Subject: Digest Footer > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > > > ------------------------------ > > End of OAuth Digest, Vol 146, Issue 67 > ************************************** > --0000000000003e95b705b6ab7eb4 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable

    On Thu, Dec 17, 2020, 03:02 <oauth-request@ietf.org> wrote:
    Send OAuth mailing list submissions to
    =C2=A0 =C2=A0 =C2=A0 =C2=A0 oauth@ietf.org

    To subscribe or unsubscribe via the World Wide Web, visit
    =C2=A0 =C2=A0 =C2=A0 =C2=A0 https://www.ietf.o= rg/mailman/listinfo/oauth
    or, via email, send a message with subject or body 'help' to
    =C2=A0 =C2=A0 =C2=A0 =C2=A0 oauth-request@ietf.org

    You can reach the person managing the list at
    =C2=A0 =C2=A0 =C2=A0 =C2=A0 oauth-owner@ietf.org

    When replying, please edit your Subject line so it is more specific
    than "Re: Contents of OAuth digest..."


    Today's Topics:

    =C2=A0 =C2=A01. Re: Secdir last call review of draft-ietf-oauth-jwsreq-30 =C2=A0 =C2=A0 =C2=A0 (Watson Ladd)


    ----------------------------------------------------------------------

    Message: 1
    Date: Tue, 15 Dec 2020 21:01:29 -0800
    From: Watson Ladd <watsonbladd@gmail.com>
    To: Nat Sakimura <nat@nat.consulting>
    Cc: secdir <secdir@ietf.org>, IETF oauth WG <oauth@ietf.org>,<= br> =C2=A0 =C2=A0 =C2=A0 =C2=A0 last-call@ietf.org, draft= -ietf-oauth-jwsreq.all@ietf.org
    Subject: Re: [OAUTH-WG] Secdir last call review of
    =C2=A0 =C2=A0 =C2=A0 =C2=A0 draft-ietf-oauth-jwsreq-30
    Message-ID:
    =C2=A0 =C2=A0 =C2=A0 =C2=A0 <CACsn0cnBbb7MO4u0mytq350oAoR44omdkjMA5EA37QupprrQYw@mail.gmail.com= >
    Content-Type: text/plain; charset=3D"UTF-8"

    On Sat, Oct 31, 2020 at 6:13 AM Nat Sakimura <nat@nat.consulting> wro= te:
    >
    > Hi Watson,
    >
    > Thanks very much for the review. I thought I have sent my response
    > earlier, which I actually did not. It was sitting in my draft box. I > apologize for it.

    My apologies for missing it in my inbox for a number of months.
    >
    > My responses inline:
    >
    > On Sat, Sep 26, 2020 at 9:46 AM Watson Ladd via Datatracker
    > <noreply@ietf.org> wrote:
    > >
    > > Reviewer: Watson Ladd
    > > Review result: Serious Issues
    > >
    > > I generated this review of this document as part of the security = directorate's
    > > ongoing effort to review all IETF documents being processed by th= e IESG.=C2=A0 These
    > > comments were written with the intent of improving security requi= rements and
    > > considerations in IETF drafts.=C2=A0 Comments not addressed in la= st call may be
    > > included in AD reviews during the IESG review.=C2=A0 Document edi= tors and WG chairs
    > > should treat these comments just like any other last call comment= s.
    > >
    > > Two minor issues: On page 4, "This offers an additional degr= ee of privacy
    > > protection." should be reworded. I don't think it makes = sense in context, where
    > > authenticity was discussed.
    >
    >
    > In the course of the edit, explanation about two distinct privacy
    > benefits was collated in one sentence and has become very difficult to=
    > parse.
    >
    > What it is trying to express as privacy benefits are the following. >
    > 1) The authorization request content is sent to the AS in the
    > backchannel so it will not be exposed through the browser to the eyes<= br> > of an active or passive outsider observing what is going on in the
    > browser.=C2=A0 In the RFC6749 framework case, the authorization reques= t
    > goes through the browser redirect and it could leak to the adversary > via WPAD/PAC Attack, referrer, browser history, etc. Also, if the
    > browser was infected by an adversary controlled malware, the content > can be sniffed by the adversary. In the case of JAR, it does not
    > happen. This is one privacy benefit it is trying to explain.
    >
    > 2) The location that the authorization request is getting pushed to > does not have to be the AS. A trusted third party that examines the > content for the conformance to the collection minimization principle > may act as the party that accepts the authorization request and issues=
    > the request_uri. AS can then just evaluate the domain part of
    > request_uri to evaluate that the authorization request is conformant > to this principle. This is another privacy benefit from the point of > view of the individual user.

    I'm fine with any fix to the sentence that makes sense. Don't think= we
    need to insert the above but I very much appreciate the explanation.

    >
    >
    > > It took me a while to understand what the by reference method is:= maybe the
    > > intro should say via URL instead of by reference.
    >
    >
    > request_uri can be URL or a handle such as URN. That is why the "= by
    > reference" word is being used, per the suggestion of the WG.

    I'm fine with that, just noting my confusion.

    >
    > >
    > >
    > > And now for the thorny issues with this draft. Signatures and enc= ryption are
    > > different. And encrypting a signed blob doesn't mean the sign= er encrypted it.
    > > Then there are a plethora of methods specified in the draft=C2=A0= to authenticate
    > > the blob, which will give different results in maliciously constr= ucted
    > > examples. The security considerations section should discuss what= the encrypted
    > > vs signed choices give in the way of security, and it doesn't= . This makes me
    > > worry.
    >
    > We don?t expect the encryption to ensure authenticity, that?s what the=
    > signatures are used for.

    This needs to be very clearly spelled out in the text. Lots of people
    will not understand this. The wording of section 10.2 is at best
    ambivalent, with multiple alternatives presented as acceptable.

    >
    <chop>
    >
    > I didn't quite get what is meant by "plethora of methods spec= ified in
    > the draft to authenticate the blob ... "
    > There is a bit of text about authenticating the source (=3Dclient) but=
    > not much on the blob itself.
    > The discussion around the signature and/or encryption is covered in > RFC7519 (JWT), the format that the request object assumes.
    > This is required reading when implementing this spec, so WG thought it=
    > is not worth repeating here.
    > Attacks etc. on the signature and encryption are covered in RFC7515 > and RFC7516 respectively.

    Well, the draft happens to include the following text:
    =C2=A0 =C2=A0"The Authorization Server MUST validate the signature of = the JSON Web
    =C2=A0 =C2=A0Signature [RFC7515] signed Request Object.=C2=A0 The signature= MUST be
    =C2=A0 =C2=A0validated using the key for that "client_id" and the= algorithm
    =C2=A0 =C2=A0specified in the "alg" Header Parameter."

    Shouldn't the key be associated with a single algorithm? How do we
    ensure that the common attack of telling the server to use hmac to
    verify the signature doesn't work here?

    >
    > >
    > > Looking at the cited reference for attacks, I see the fix is to i= nclude
    > > information about which IPD was used by the RP. But the draft bef= ore us doesn't
    > > mandate that. It's not clear than how the cited attack is pre= vented by the
    > > draft. Saying that the communication through the user-agent is su= bject to
    >
    > The mention of mix-up attack was introduced after the Last call by one=
    > of the comment. It just added it in the sentence with a reference. I > am ok to remove it.

    That works for me.

    >
    > Having said that, the heart of mix-up attack is that the combination > of the client believes that it is communicating with the
    > attacker-controlled AS (AAS) while it in-fact is talking to Honest AS<= br> > (HAS), AND HAS unable to find out that the client is thinking that it<= br> > is talking to AAS not him.
    >
    > OAuth JAR seems to mitigate it in two ways:
    >
    > a) Use request_uri which is hosted by the AS. Then, if the client is > thinking that it is talking to the AAS, then it will push it to AAS > and when the user is redirected to HAS, HAS will find out that the
    > request_uri is not created by herself and return an error, making the<= br> > mix-up attack fail.
    >
    > b) Include `aud` in the request. Then, when the HAS will find that the=
    > request was minted to AAS and not her. So, it will result in an error,=
    > making the mix-up attack fail.

    If the draft mandates doing this it addresses the attack and the
    sentence can stay.

    >
    > So, I added mix-up attack to the sentence thinking the commenter's=
    > request to add it is fine, but I am fine with removing it.
    >
    > > manipulation, and this prevents it, ignores that the attacker in = that position
    > > sees a lot more. The user-agent as resource owner modifying the r= equested
    > > resources is a very funny sort of attack: can't they do what = they want with the
    > > resources since they control the access?
    >
    > If the client is in the browser, yes.
    > But in the mainstream case, the client is not in the browser but the > web-server that the browser is communicating with and the resource
    > access happens without being mediated by the browser.

    My concern on this point is resolved.

    >
    > >
    > >
    > > Key management is ignored. This is a very important issue, especi= ally
    >
    > A lot of ground is covered by RFC 7515, 7516, 7517, 7518, 7519, 7591,<= br> > and 8414 so this document is not specifically restating them.
    >
    > >
    > > considering the potential problems with the reuse of JWT. I'd= like to see a
    >
    > Are you talking about the reuse of the request object by an adversary<= br> > trying to act as an honest client?
    > Even if it happens, the malicious client does not have the proper
    > client credential so it cannot redeem the code it obtained with the > token. It is no different than RFC6749 code grant. Protocols that
    > extend it, such as OpenID Connect, have introduced nonce to prevent > the reuse and used JAR (it is called request object there) to further<= br> > protect tampering and achieve client authentication even in the front<= br> > channel.
    >
    > > recommendation that keys be separated by intended uses, rather th= an limiting
    > > particular fields in an ad-hoc manner.
    >
    > Could you kindly elaborate on the "ad-hoc manner" part so th= at I can
    > understand it more fully?

    10.8, Cross-JWT Confusion discusses avoiding signing certain fields,
    rather than suggesting good key usage as a solution.

    >
    > >
    > >
    > > Then we have section 11. What section 11 introduces is an entire = new dramatis
    > > personae, the Trust Framework Provider, with no prior discussion = of what it is
    > > or a reference to where it is defined and a good number of statem= ents about how
    > > it works that aren't really=C2=A0 clear what they mean from t= he document to me.
    >
    > Trust Framework Provider first appears in 5.2.1.
    > At the time of writing the related text, it was a pretty well-known > concept. In the United State, it was part of its National Strategy
    > (NSTIC) and internationally, it was even taken up at WEF Davos
    > meeting. It is quite surprising that such a mainstream concept faded > into obscurity so quickly. The reason for introducing it was to a)
    > justify request_uri as some WG members wanted it to be removed, b)
    > justify that requst_uri to be served from a different domain. Now that=
    > people appreciate it, e.g., it can be seen from PAR, the justification=
    > for a) probably is no longer required. A full explanation for b) would=
    > probably be a much longer text but I doubt if it belongs to this
    > document. I am fine with removing the reference to Trust framework
    > etc. as long as the capability to push the authorization request to a<= br> > place other than the client or the authorization server is not
    > removed.

    Let's remove the text then, but keep the capability.


    >
    > >
    > > My biggest concern is that these issues are signs that the proble= m this draft
    > > is trying to solve and the mechanisms to solve it haven't bee= n analyzed as
    > > thoroughly as they should have been. Without that sort of thoroug= h analysis
    > > it's not certain that the mechanisms actually solve the probl= em and it's not
    > > clear what the recommendations to implementers have to be to pres= erve those
    > > properties.
    >
    > OAuth JAR, as the name "The OAuth 2.0 Authorization Framework: JW= T
    > Secured Authorization Request (JAR)" suggests, is a framework and= not
    > a house itself. One such example is FAPI [1] which was formally
    > verified [2].

    "It's possible to use this draft security" I don't think = should be
    enough anymore. Rather it should be impossible to use insecurely.

    >
    > [1] https://bitb= ucket.org/openid/fapi/src/master/Financial_API_WD_002.md
    > [2] https://arxiv.org/abs/1901.11520
    >
    > >
    > > Obviously this draft has had a long and tortured history with mul= tiple reviews,
    > >=C2=A0 and what I'm suggesting needs to happen is a lot of wor= k. But it's essential
    > > in any security protocol to do this analysis and be clear about w= hat is, and
    > > what is not, protected by the protocol.
    >
    > OAuth JAR is nothing but just another binding to OAuth 2.0. Where RFC6= 749
    > binds it to form encoding, it provides two additional bindings:
    >=C2=A0 =C2=A0 =C2=A01) binding to JWT, and
    >=C2=A0 =C2=A0 =C2=A02) binding to the pushed authorization request that= is referenced by a URI.
    > It is this simple. As such, it would also inherit some of the
    > shortcomings in RFC6749. However, it is not this document to address > them. It should be done by other documents so that the result can be > encoded using the mechanisms provided in this document.

    This is not a simple matter. JWT has a long and twisted history with
    some pervasive errors in common libraries, and is a fairly large
    standard. OAuth 2.0 is also large. Ensuring that the mapping has the
    right properties is going to be a mess. If the encoding does not
    respect the semantics we have a serious security issue. If
    implementors assume the encoding provides properties it does not, we
    again have a security issue.

    >
    > It is quite surprising that this fact is not getting appreciated and > is taking such a long time to complete.
    > Maybe I should delete all the explanation text and leave it with just<= br> > the core text. Explanation and justification text for defining
    > additional bindings probably are just distractions now as it is now > appreciated and used all over the world unlike when the project was > started.

    >
    > >
    > > Sincerely,
    > > Watson Ladd
    > >
    >
    > Thanks again for your detailed comments.
    >
    > Best wishes,
    >
    > --
    > Nat Sakimura
    > NAT.Consulting LLC



    --
    Astra mortemque praestare gradatim



    ------------------------------

    Subject: Digest Footer

    _______________________________________________
    OAuth mailing list
    OAut= h@ietf.org
    https://www.ietf.org/mailman/listinfo/oauth


    ------------------------------

    End of OAuth Digest, Vol 146, Issue 67
    **************************************
    --0000000000003e95b705b6ab7eb4-- From nobody Fri Dec 18 22:00:12 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0F4A03A0039 for ; Fri, 18 Dec 2020 22:00:10 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.884 X-Spam-Level: X-Spam-Status: No, score=-1.884 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_FONT_FACE_BAD=0.001, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l68wN-HIUREH for ; Fri, 18 Dec 2020 22:00:06 -0800 (PST) Received: from p3plsmtpa06-04.prod.phx3.secureserver.net (p3plsmtpa06-04.prod.phx3.secureserver.net [173.201.192.105]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E63813A046A for ; Fri, 18 Dec 2020 22:00:05 -0800 (PST) Received: from [192.168.88.250] ([94.155.17.31]) by :SMTPAUTH: with ESMTPSA id qVHek4hBF5yf9qVHfkmzuc; Fri, 18 Dec 2020 23:00:05 -0700 X-CMAE-Analysis: v=2.4 cv=Hsqzp2fS c=1 sm=1 tr=0 ts=5fdd96e5 a=+I3yL00+yDwT8KNLgfs+4A==:117 a=+I3yL00+yDwT8KNLgfs+4A==:17 a=q0rX5H01Qin5IyBaTmIA:9 a=r77TgQKjGQsHNAKrUKIA:9 a=48vgC7mUAAAA:8 a=__SxRlIrAAAA:8 a=yCE9nInwAAAA:8 a=LS6YZpeZAAAA:8 a=8HkmfUwDAAAA:20 a=A1X0JdhQAAAA:8 a=EqWY0wPHZD226Ats2bUA:9 a=7iqzwzIrRm7UjGDk:21 a=9KIajQ8goozNkBwp:21 a=QEXdDO2ut3YA:10 a=gQCgc0Y2fpMQJdUt-vMA:9 a=sU31O2_n6s-T9CWt:21 a=zJjFe_JyFTxJsUlc:21 a=4Kqo9sdD7xrGZDUd:21 a=_W_S_7VecoQA:10 a=D8lnhvtxf0AONpHuB7QA:9 a=ZVk8-NSrHBgA:10 a=30ssDGKg3p0A:10 a=w1C3t2QeGrPiZgrLijVG:22 a=H5r4HjhRfVyZ-DhAOYba:22 a=n6bEelttlQx3_n4Es6hb:22 a=IRr2vCDBpksuBOXhfkKu:22 a=Df3jFdWbhGDLdZNm0fyq:22 X-SECURESERVER-ACCT: vladimir@connect2id.com To: Justin Richer , Brian Campbell Cc: oauth References: <30D5F7BA-EA54-4E40-A2FC-222AA0C9AF8D@lodderstedt.net> <353E4494-2F80-44BC-9267-6FB8B37AA0FE@lodderstedt.net> <1B663AA7-563D-4D25-A408-9ED10FD818AC@forgerock.com> <4c09c8d4-a7af-9bb9-0f72-9b524f0330d1@connect2id.com> From: Vladimir Dzhuvinov Autocrypt: addr=vladimir@connect2id.com; prefer-encrypt=mutual; keydata= mQENBFQZaoEBCACnP2YMDex9fnf+niLglTHGKuoypUSVKPQeKDHHeFQVzhRke+HBEZBwmA9T kZ+kEhyrNqibDPkPYVPmo23tM8mbNcTVQqpmN7NwgMpqkqcAqNsIyBtt09DjWOQVm57A3K+y uXI7SdNErdt79p2xQseOhqSC9+LgWuyh+mZsl2oFD4glFFfKSCMp2jATXrAMeGzigTnW+Xe0 tRzrwFN9zqykKxhUq9oHg1cNvoDtfxgsc9ysVHbxM/PM8o9lgj3YTQwKMBcCFclTqohji7ML fQ08eQo+acKTwC1WRzeLt9PknGt3C4TmvdCl0c1BQTTTNiF96Hu4kbaiBIbsfxJOR8+VABEB AAG0LFZsYWRpbWlyIER6aHV2aW5vdiA8dmxhZGltaXJAY29ubmVjdDJpZC5jb20+iQE+BBMB AgAoBQJUGWqBAhsjBQkJZgGABgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRAZ0vUyOqri Ql62B/wOO0s2JC/QvO6w9iSsRhCOa/JZi+wO+l01V7eGCQ1cYf1W26Y7iKiUlY4/Kz+cr69D pMtkv3UpDTGejKEfspLUxz5Vo3T4oAKbTtNtVIZL/XxH3/JhJ719Jj4eLoe9/djKkGYTX2O5 bMk8TpO1DDjbIw4r9XKI9ZIk96zlKnZvrg7Ho7oOl0ZIf8AzcvdqZEUogDwyr8uwOU+jIyux mOTthepBzXCNjjBjnc8I1//9YppAIaGJ5nnXelVVD1/dyOszogervzFNANEIOvNvCd9G5u4e s7qkDKWKY7/Lj1tF+tMrDTrOh6JqUKbGNeTUB8DlPvIoNyqHUYfBELdpw1Nd Organization: Connect2id Ltd. Message-ID: <0d69d968-16f4-9efb-7ebb-442c1bd1a28f@connect2id.com> Date: Sat, 19 Dec 2020 08:00:02 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-256; boundary="------------ms050301070505010702080606" X-CMAE-Envelope: MS4xfEJE5LqJ13BvRfmeLLZaaABscE7Acx+2pQ5aKUZzBCK9k4lBlHoLWP30wBQFODbDc/N/IEsFDEuqKxhbHHFdR79V9zD1oWb66ssyUKsysIVXswLvd0rN n9Ptl119Nufdth3fMvxB/Hx6MkovU1uCEYjNral9xlaiRIGnPuXpGtjZSQ6dnBbbBw1qtZPtY1aLxAVz23pAyFsN+ScE0nbyfSOqamWuOYmMWDZBme1RMSl7 vhBH9Xya7XlFNPpGFrzpbY4hde7ltjaSK1Y/Zzx9W+Q= Archived-At: Subject: Re: [OAUTH-WG] DPoP followup I: freshness and coverage of signature X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Dec 2020 06:00:10 -0000 This is a cryptographically signed message in MIME format. --------------ms050301070505010702080606 Content-Type: multipart/alternative; boundary="------------426F3E8186DC3328B606CF8E" Content-Language: en-US This is a multi-part message in MIME format. --------------426F3E8186DC3328B606CF8E Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Thank you Justin for this honest account of your experience with DPoP. To at_hash or not is maybe not solved yet, but at least it's clear there's little enthusiasm about the OIDC style at_hash :) Vladimir On 15/12/2020 18:40, Justin Richer wrote: > I went and implemented this proposal of including a token hash in both > an AS (java) and client (javascript) on a system that was already > using DPoP and OpenID Connect. What I did there was just use the > existing code we had on the AS-side to calculate the =E2=80=9Cat_hash=E2= =80=9D in the > ID Token from OIDC, which I also used to verify on the token-accepting > portions. I had to implement the function on the client side, but that > was only a couple lines using a crypto library to do the heavy hash lif= t. > > The most annoying part is dealing with the hash variability in the > OIDC method. As Brian points out, this isn=E2=80=99t particularly robus= t, and > it depends on the wrapper being JOSE. That=E2=80=99s not a huge deal be= cause > DPoP uses JOSE for its wrapper, but it=E2=80=99s still extra code to de= al with > =E2=80=94 to the point where I just hardcoded the hash algorithm in my = test so > that I didn=E2=80=99t have to put together the switch case over the alg= orithm.=C2=A0 > > So in at least my own experience, the addition is minimal on both > client and server, and whatever we would decide for the hash algorithm > would be simple enough to manage. I have a slight preference for just > picking something like SHA256 and calling it a day (and defining other > hashes in the future when SHA256 is broken), but that=E2=80=99s not a h= ill I > care to die on. > > =C2=A0=E2=80=94 Justin > >> On Dec 14, 2020, at 4:27 PM, Brian Campbell >> > > wrote: >> >> >> >> On Sat, Dec 12, 2020 at 1:22 AM Vladimir Dzhuvinov >> > wrote: >> >> If the current DPoP has code complexity "X", the relative >> additional complexity to include access token hashes doesn't seem >> like very much. An app choosing DPoP means accepting the code >> complexity that comes with dealing with keys, composing the >> signing inputs for the proofs, signing, the necessary changes to >> the token and RS requests. On the other hand, for some people >> that additional access token hash may become the straw that >> breaks the camel's back, causing them to quit their jobs >> developing web apps and never look back :) >> >> Yeah, the relative additional complexity to include an access token >> hash maybe isn't too much but it's also not not nothing. It's a >> different kind of operation than the other things you listed (yes, I >> know there's a hash as part of the signing but it's abstracted away >> from the developer in most cases) and something that can be quite >> difficult to troubleshoot when different parties arrive at different >> hash values. Hence my lack of conviction on this one way or the other.= =C2=A0 >> =C2=A0 >> >> >> Have you thought about letting deployments decide about the >> access token hash? To say look, there is also the option to bind >> an access token to the DPoP proof, the security benefits can be >> such an such, and this is how it can be done. >> >> What I don't like about that proposal:=C2=A0 >> >> * It will complicate the spec >> >> * The current spec doesn't require implementers / deployments >> to make any decisions, apart from adopt / not DPoP (okay, >> also choose a JWS alg) - which is actually a great feature to >> have >> >> >> I also don't like it for basically the same reasons. I've definitely >> aimed to keep it simple from that perspective of not having a lot of >> optionality or switches. It is a nice feature to have, when possible.=C2= =A0 >> >> =C2=A0 >> >> Vladimir >> >> >> On 12/12/2020 01:58, Brian Campbell wrote: >>> Any type of client could use=C2=A0DPoP=C2=A0and (presumably) bene= fit from >>> sender-constrained access tokens. So yeah, adding complexity >>> specifically for browser-based applications (that only mitigates >>> one variation of the attacks possible with=C2=A0XSS=C2=A0anyway)=C2= =A0 has >>> 'cost' impact to those clients as well. And should be considered >>> in the cost/benefit. Including the AT hash isn't terribly >>> complicated but it's not trivial either. I'm honestly still >>> unsure but am leaning towards it not being worth adding.=C2=A0 >>> >>> On Fri, Dec 11, 2020 at 2:14 AM Philippe De Ryck >>> >> > wrote: >>> >>> The scenario you describe here is realistic in browser-based >>> apps with XSS vulnerabilities, but it is pretty complex. >>> Since there are worse problems when XSS happens, it=E2=80=99s= hard >>> to say whether DPoP should mitigate this.=C2=A0 >>> >>> I=E2=80=99m wondering what other types of clients would benef= it from >>> using DPoP for access tokens? Mobile apps? Clients using a >>> Client Credentials grant? >>> >>> How are they impacted by any change made specifically for >>> browser-based applications? >>> >>> Philippe >>> >>> >>>> On 9 Dec 2020, at 23:57, Brian Campbell >>>> >>> > wrote: >>>> >>>> Thanks Philippe,=C2=A0I very much concur with your line of >>>> reasoning and the important considerations. The scenario I >>>> was thinking of is: browser based client where XSS is used >>>> to exfiltrate the refresh token along with pre-computed >>>> proofs that would allow for the RT to be exchanged for new >>>> access tokens and also pre-computed proofs that would work >>>> with those access tokens for resource access. With the >>>> pre-computed proofs that would allow prolonged (as long as >>>> the RT is valid) access to protected resources even when >>>> the victim is offline. Is that a concrete attack scenario? >>>> I mean, kind of. It's pretty convoluted/complex. And while >>>> an access token hash would reign it in somewhat (ATs >>>> obtained from the stolen RT wouldn't be usable) it's hard >>>> to say if the cost is worth the benefit. >>>> >>>> >>>> >>>> On Tue, Dec 8, 2020 at 11:47 PM Philippe De Ryck >>>> >>> > wrote: >>>> >>>> Yeah, browser-based apps are pure fun, aren=E2=80=99t th= ey? :) >>>> >>>> The reason I covered a couple of (pessimistic) XSS >>>> scenarios is that the discussion started with an >>>> assumption that the attacker already successfully >>>> exploited an XSS vulnerability. I pointed out how, at >>>> that point, finetuning DPoP proof contents will have >>>> little to no effect to stop an attack. I believe it is >>>> important to make this very clear, to avoid people >>>> turning to DPoP as a security mechanism for >>>> browser-based applications. >>>> >>>> >>>> Specifically to your question on including the hash in >>>> the proof, I think these considerations are important: >>>> >>>> 1. Does the inclusion of the AT hash stop a concrete >>>> attack scenario? >>>> 2. Is the =E2=80=9Ccost=E2=80=9D (implementation, gettin= g it right, =E2=80=A6) >>>> worth the benefits? >>>> >>>> >>>> Here=E2=80=99s my view on these considerations (*/specif= ically >>>> for browser-based apps, not for other types of >>>> applications/*): >>>> >>>> 1. The proof precomputation attack is already quite >>>> complex, and short access token lifetimes already >>>> reduce the window of attack. If the attacker can steal >>>> a future AT, they could also precompute new proofs then.= =C2=A0 >>>> 2. For browser-based apps, it seems that doing this >>>> complicates the implementation, without adding much >>>> benefit. Of course, libraries could handle this, which >>>> significantly reduces the cost.=C2=A0 >>>> >>>> >>>> Note that these comments are specifically to >>>> complicating the spec and implementation. DPoP=E2=80=99s= >>>> capabilities of using sender-constrained access tokens >>>> are still useful to counter various other scenarios >>>> (e.g., middleboxes or APIs abusing access tokens). If >>>> other applications would significantly benefit from >>>> having the hash in the proof, I=E2=80=99m all for it. >>>> >>>> On a final note, I would be happy to help clear up the >>>> details on web-based threats and defenses if necessary. >>>> >>>> =E2=80=94 >>>> *Pragmatic Web Security* >>>> /Security for developers/ >>>> https://pragmaticwebsecurity.com/ >>>> >>>> >>>>> On 8 Dec 2020, at 22:47, Brian Campbell >>>>> >>>> > wrote: >>>>> >>>>> Danial recently added some text to the working copy of >>>>> the draft >>>>> with=C2=A0https://github.com/danielfett/draft-dpop/comm= it/f4b42058=C2=A0that >>>>> I think aims to better convey the "nutshell: XSS =3D >>>>> Game over" sentiment and maybe dissuade folks from >>>>> looking to DPoP as a cure-all for browser based >>>>> applications. Admittedly a lot of the initial impetus >>>>> behind producing the draft in the first place was born >>>>> out of discussions around browser based apps. But it's >>>>> neither specific to browser based apps nor a panacea >>>>> for them. I hope the language in the document and how >>>>> it's recently been presented is reflective of that >>>>> reality.=C2=A0 >>>>> >>>>> The more specific discussions/recommendations around >>>>> in-browser apps are valuable (if somewhat over my >>>>> head) but might be more appropriate in the=C2=A0OAuth 2= =2E0 >>>>> for Browser-Based Apps >>>>> =C2=A0draft.=C2=A0 >>>>> >>>>> With respect to the contents of the DPoP draft, I am >>>>> still keen to try and flush out some consensus around >>>>> the question posed in the start of this thread, which >>>>> is effectively whether or not to include a hash of the >>>>> access token in the proof.=C2=A0 Acknowledging that "XS= S =3D >>>>> Game over" does sort of evoke a tendency to not even >>>>> bother with such incremental protections (what I've >>>>> tried to humorously coin as "XSS Nihilism" with no >>>>> success). And as such, I do think that leaving it how >>>>> it is (no AT hash in the proof) is not unreasonable. >>>>> But, as Filip previously articulated, including the AT >>>>> hash in the proof would prevent potentially prolonged >>>>> access to protected resources even when the victim is >>>>> offline. And that seems maybe worthwhile to have in >>>>> the protocol, given that it's not a huge change to the >>>>> spec. But it's a trade-off either way and I'm >>>>> personally on the fence about it. >>>>> >>>>> Including an RT hash in the proof seems more niche. >>>>> Best I can tell, it would guard against prolonged >>>>> offline access to protected resources when access >>>>> tokens are bearer and the RT was DPoP-bound and also >>>>> gets rotated. The trade-off there seems less worth it >>>>> (I think an RT hash would be more awkward in the >>>>> protocol too).=C2=A0 >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> On Fri, Dec 4, 2020 at 5:40 AM Philippe De Ryck >>>>> >>>> > wrote: >>>>> >>>>> >>>>>> The suggestion to use a web worker to ensure that >>>>>> proofs cannot be pre-computed is a good one I >>>>>> think. (You could also use a sandboxed iframe for >>>>>> a separate sub/sibling-domain -=C2=A0dpop.example.= com >>>>>> ). >>>>> >>>>> An iframe with a different origin would also work >>>>> (not really sandboxing, as that implies the use of >>>>> the sandbox attribute to enforce behavioral >>>>> restrictions). The downside of an iframe is the >>>>> need to host additional HTML, vs a script file for >>>>> the worker, but the effect is indeed the same. >>>>> >>>>>> For scenario 4, I think this only works if the >>>>>> attacker can trick/spoof the AS into using their >>>>>> redirect_uri? Otherwise the AC will go to the >>>>>> legitimate app which will reject it due to >>>>>> mismatched state/PKCE. Or are you thinking of XSS >>>>>> on the redirect_uri itself? I think probably a >>>>>> good practice is that the target of a >>>>>> redirect_uri should be a very minimal and locked >>>>>> down page to avoid this kind of possibility. >>>>>> (Again, using a separate sub-domain to handle >>>>>> tokens and DPoP seems like a good idea). >>>>> >>>>> My original thought was to use a silent flow with >>>>> Web Messaging. The scenario would go as follows: >>>>> >>>>> 1. Setup a Web Messaging listener to receive the >>>>> incoming code >>>>> 2. Create a hidden iframe with the DOM APIs >>>>> 3. Create an authorization request such as >>>>> =E2=80=9C//authorize?response_type=3Dcode&client_id= =3D...&redirect_uri=3Dhttps%3A%2F%example.com >>>>> &state=3D...&code_challenge=3D= 7-ffnU1EzHtMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256&= prompt=3Dnone&response_mode=3Dweb_message/=E2=80=9D >>>>> 4. Load this URL in the iframe, and wait for the >>>>> result >>>>> 5. Retrieve code in the listener, and use PKCE (+ >>>>> DPoP if needed) to exchange it for tokens >>>>> >>>>> This puts the attacker in full control over every >>>>> aspect of the flow, so no need to manipulate any >>>>> of the parameters. >>>>> >>>>> >>>>> After your comment, I also believe an attacker can >>>>> run the same scenario without the >>>>> =E2=80=9C/response_mode=3Dweb_message/=E2=80=9D. Th= is would go as >>>>> follows: >>>>> >>>>> 1. Create a hidden iframe with the DOM APIs >>>>> 2. Setup polling to read the URL (this will be >>>>> possible for same-origin pages, not for >>>>> cross-origin pages) >>>>> 3. Create an authorization request such as >>>>> =E2=80=9C//authorize?response_type=3Dcode&client_id= =3D...&redirect_uri=3Dhttps%3A%2F%example.com >>>>> &state=3D...&code_challenge=3D= 7-ffnU1EzHtMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256/= =E2=80=9D >>>>> 4. Load this URL in the iframe, and keep polling >>>>> 5. Detect the redirect back to the application >>>>> with the code in the URL, retrieve code, and use >>>>> PKCE (+ DPoP if needed) to exchange it for tokens >>>>> >>>>> In step 5, the application is likely to also try >>>>> to exchange the code. This will fail due to a >>>>> mismatching PKCE verifier. While noisy, I don=E2=80= =99t >>>>> think it affects the scenario.=C2=A0 >>>>> >>>>> >>>>>> IMO, the online attack scenario (i.e., proxying >>>>>> malicious requests through the victim=E2=80=99s br= owser) >>>>>> is quite appealing to an attacker, despite the >>>>>> apparent inconvenience: >>>>>> >>>>>> =C2=A0- the victim=E2=80=99s browser may be inside= a corporate >>>>>> firewall or VPN, allowing the attacker to >>>>>> effectively bypass these restrictions >>>>>> =C2=A0- the attacker=E2=80=99s traffic is mixed in= with the >>>>>> user=E2=80=99s own requests, making them harder to= >>>>>> distinguish or to block >>>>>> >>>>>> Overall, DPoP can only protect against XSS to the >>>>>> same level as HttpOnly cookies. This is not >>>>>> nothing, but it means it only prevents relatively >>>>>> naive attacks. Given the association of public >>>>>> key signatures with strong authentication, people >>>>>> may have overinflated expectations if DPoP is >>>>>> pitched as an XSS defence. >>>>> >>>>> Yes, in the cookie world this is known as =E2=80=9C= Session >>>>> Riding=E2=80=9D. Having the worker for token isolat= ion >>>>> would make it possible to enforce a coarse-grained >>>>> policy on outgoing requests to prevent total abuse >>>>> of the AT. >>>>> >>>>> My main concern here is the effort of doing DPoP >>>>> in a browser versus the limited gains. It may also >>>>> give a false sense of security.=C2=A0 >>>>> >>>>> >>>>> >>>>> With all this said, I believe that the AS can lock >>>>> down its configuration to reduce these attack >>>>> vectors. A few initial ideas: >>>>> >>>>> 1. Disable silent flows for SPAs using RT rotation >>>>> 2. Use the sec-fetch headers to detect and reject >>>>> non-silent iframe-based flows >>>>> >>>>> For example, =C2=A0an OAuth 2.0 flow in an iframe i= n >>>>> Brave/Chrome carries these headers: >>>>> / >>>>> sec-fetch-dest: iframe >>>>> sec-fetch-mode: navigate >>>>> sec-fetch-site: cross-site >>>>> sec-fetch-user: ?1 >>>>> / >>>>> >>>>> >>>>> Philippe >>>>> >>>>> >>>>> /CONFIDENTIALITY NOTICE: This email may contain >>>>> confidential and privileged material for the sole use >>>>> of the intended recipient(s). Any review, use, >>>>> distribution or disclosure by others is strictly >>>>> prohibited.=C2=A0 If you have received this communicati= on >>>>> in error, please notify the sender immediately by >>>>> e-mail and delete the message and any file attachments >>>>> from your computer. Thank you./ >>>> >>>> >>>> /CONFIDENTIALITY NOTICE: This email may contain >>>> confidential and privileged material for the sole use of >>>> the intended recipient(s). Any review, use, distribution or >>>> disclosure by others is strictly prohibited.=C2=A0 If you ha= ve >>>> received this communication in error, please notify the >>>> sender immediately by e-mail and delete the message and any >>>> file attachments from your computer. Thank you./ >>> >>> >>> >>> >>> >>> /CONFIDENTIALITY NOTICE: This email may contain confidential and >>> privileged material for the sole use of the intended >>> recipient(s). Any review, use, distribution or disclosure by >>> others is strictly prohibited.=C2=A0 If you have received this >>> communication in error, please notify the sender immediately by >>> e-mail and delete the message and any file attachments from your >>> computer. Thank you./=C2=A0 >>> >>> _______________________________________________ >>> OAuth mailing list >>> OAuth@ietf.org >>> https://www.ietf.org/mailman/listinfo/oauth >> >> --=20 >> Vladimir Dzhuvinov >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth >> >> >> /CONFIDENTIALITY NOTICE: This email may contain confidential and >> privileged material for the sole use of the intended recipient(s). >> Any review, use, distribution or disclosure by others is strictly >> prohibited.=C2=A0 If you have received this communication in error, pl= ease >> notify the sender immediately by e-mail and delete the message and >> any file attachments from your computer. Thank >> you./_______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth --------------426F3E8186DC3328B606CF8E Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable

    Thank you Justin for this honest account of your experience with DPoP.

    To at_hash or not is maybe not solved yet, but at least it's clear there's little enthusiasm about the OIDC style at_hash :)
    =

    Vladimir

    On 15/12/2020 18:40, Justin Richer wrote:
    I went and implemented this proposal of including a token hash in both an AS (java) and client (javascript) on a system that was already using DPoP and OpenID Connect. What I did there was just use the existing code we had on the AS-side to calculate the =E2=80=9Cat_hash=E2=80=9D in the ID Token from OIDC, which I also u= sed to verify on the token-accepting portions. I had to implement the function on the client side, but that was only a couple lines using a crypto library to do the heavy hash lift.

    The most annoying part is dealing with the hash variability in the OIDC method. As Brian points out, this isn=E2=80= =99t particularly robust, and it depends on the wrapper being JOSE. That=E2=80=99s not a huge deal because DPoP uses JOSE for its wra= pper, but it=E2=80=99s still extra code to deal with =E2=80=94 to the p= oint where I just hardcoded the hash algorithm in my test so that I didn=E2=80= =99t have to put together the switch case over the algorithm.=C2=A0

    So in at least my own experience, the addition is minimal on both client and server, and whatever we would decide for the hash algorithm would be simple enough to manage. I have a slight preference for just picking something like SHA256 and calling it a day (and defining other hashes in the future when SHA256 is broken), but that=E2=80=99s not a hill I care to die on= =2E

    =C2=A0=E2=80=94 Justin

    On Dec 14, 2020, at 4:27 PM, Brian Campbell <bcampbell=3D40pingide= ntity.com@dmarc.ietf.org> wrote:



    On Sat, Dec 12, 2= 020 at 1:22 AM Vladimir Dzhuvinov <vladimir@connect2id.com> wrote:

    If the current DPoP has code complexity "X", the relative additional complexity to include access token hashes doesn't seem like very much. An app choosing DPoP means accepting the code complexity that comes with dealing with keys, composing the signing inputs for the proofs, signing, the necessary changes to the token and RS requests. On the other hand, for some people that additional access token hash may become the straw that breaks the camel's back, causing them to quit their jobs developing web apps and never look back :)

    Yeah, the relative additional complexit= y to include an access token hash maybe isn't too much but it's also not not nothing. It's a different kind of operation than the other things you listed (yes, I know there's a hash as part of the signing but it's abstracted away from the developer in most cases) and something that can be quite difficult to troubleshoot when different parties arrive at different hash values. Hence my lack of conviction on this one way or the other.=C2=A0
    =C2=A0

    Have you thought about letting deployments decide about the access token hash? To say look, there is also the option to bind an access token to the DPoP proof, the security benefits can be such an such, and this is how it can be done.

    What I don't like about that proposal= :=C2=A0

    • It will complicate the spec

    • The current spec doesn't require implementers / deployments to make any decisions, apart from adopt / not DPoP (okay, also choose a JWS alg) - which is actually a great feature to have

    I also don't like it for basically the same reasons. I've definitely aimed to keep it simple from that perspective of not having a lot of optionality or switches. It is a nice feature to have, when possible.=C2=A0

    =C2=A0

    Vladimir


    On 12/12/2020 01:58, Brian Campbell= wrote:
    Any type of client co= uld use=C2=A0= D= PoP=C2=A0= and (presumably) benefit from sender-constrained access tokens. So yeah, adding complexity specifically for browser-based applications (that only mitigates one variation of the attacks possible with=C2=A0= X= SS=C2=A0= anyway)=C2=A0 has 'cost' impact to those clients as well. And should be considered in the cost/benefit. Including the AT hash isn't terribly complicated but it's not trivial either. I'm honestly still unsure but am leaning towards it not being worth adding.=C2=A0=

    On Fri, D= ec 11, 2020 at 2:14 AM Philippe De Ryck <philippe@pragmatic= websecurity.com> wrote:
    The scenario you describe her= e is realistic in browser-based apps with XSS vulnerabilities, but it is pretty complex. Since there are worse problems when XSS happens, it=E2=80=99s hard to say = whether DPoP should mitigate this.=C2=A0

    I=E2=80=99m wondering what = other types of clients would benefit from using DPoP for access tokens? Mobile apps? Clients using a Client Credentials grant?

    How are they impacted by an= y change made specifically for browser-based applications?

    Philippe


    On 9 Dec 2020, at= 23:57, Brian Campbell <bcam= pbell@pingidentity.com> wrote:

    Thanks Philippe,=C2=A0I very much concur with your line of reasoning and the important considerations. The scenario I was thinking of is: browser based client where XSS is used to exfiltrate the refresh token along with pre-computed proofs that would allow for the RT to be exchanged for new access tokens and also pre-computed proofs that would work with those access tokens for resource access. With the pre-computed proofs that would allow prolonged (as long as the RT is valid) access to protected resources even when the victim is offline. Is that a concrete attack scenario? I mean, kind of. It's pretty convoluted/complex. And while an access token hash would reign it in somewhat (ATs obtained from the stolen RT wouldn't be usable) it's hard to say if the cost is worth the benefit.



    On Tue= , Dec 8, 2020 at 11:47 PM Philippe De Ryck <= philippe@pragmaticwebsecurity.com> wrote:
    Yeah, browser-based apps are pure fun, aren=E2=80=99t = they? :)

    The reaso= n I covered a couple of (pessimistic) XSS scenarios is that the discussion started with an assumption that the attacker already successfully exploited an XSS vulnerability. I pointed out how, at that point, finetuning DPoP proof contents will have little to no effect to stop an attack. I believe it is important to make this very clear, to avoid people turning to DPoP as a security mechanism for browser-based applications.


    Specifica= lly to your question on including the hash in the proof, I think these considerations are important:

    1. Does the inclusion of the AT hash stop a concrete attack scenario?
    2. Is the= =E2=80=9Ccost=E2=80=9D (implementation, getting it right, =E2=80= =A6) worth the benefits?


    Here=E2=80= =99s my view on these considerations (specifically for browser-based apps, not for other types of applications):

    1. The proof precomputation attack is already quite complex, and short access token lifetimes already reduce the window of attack. If the attacker can steal a future AT, they could also precompute new proofs then.=C2=A0
    2. For browser-based apps, it seems that doing this complicates the implementation, without adding much benefit. Of course, libraries could handle this, which significantly reduces the cost.=C2=A0


    Note that= these comments are specifically to complicating the spec and implementation. DPoP=E2=80=99s capabili= ties of using sender-constrained access tokens are still useful to counter various other scenarios (e.g., middleboxes or APIs abusing access tokens). If other applications would significantly benefit from having the hash in the proof, I=E2=80=99= m all for it.

    On a fina= l note, I would be happy to help clear up the details on web-based threats and defenses if necessary.

    =E2=80= =94
    P= ragmatic Web Security
    S= ecurity for developers<= /i>
    https://pragmaticwe= bsecurity.com/

    =

    O= n 8 Dec 2020, at 22:47, Brian Campbell <bcampbell@pingidentity.com> wrote:

    Danial recently added some text to the working copy of the draft with=C2=A0https://github.com/= danielfett/draft-dpop/commit/f4b42058=C2=A0that I think aims to better = convey the "nutshell: XSS =3D Game over" sentiment and maybe dissuade folks from looking to DPoP as a cure-all for browser based applications. Admittedly a lot of the initial impetus behind producing the draft in the first place was born out of discussions around browser based apps. But it's neither specific to browser based apps nor a panacea for them. I hope the language in the document and how it's recently been presented is reflective of that reality.=C2=A0

    The more specific discussions/recommendations around in-browser apps are valuable (if somewhat over my head) but might be more appropriate in the=C2=A0OAuth 2.0 for Browser-Based Apps=C2=A0draft.=C2=A0

    With respect to the contents of the DPoP draft, I am still keen to try and flush out some consensus around the question posed in the start of this thread, which is effectively whether or not to include a hash of the access token in the proof.=C2= =A0 Acknowledging that "XSS =3D Game over" does sort of evoke a tendency to not even bother with such incremental protections (what I've tried to humorously coin as "XSS Nihilism" with no success). And as such, I do think that leaving it how it is (no AT hash in the proof) is not unreasonable. But, as Filip previously articulated, including the AT hash in the proof would prevent potentially prolonged access to protected resources even when the victim is offline. And that seems maybe worthwhile to have in the protocol, given that it's not a huge change to the spec. But it's a trade-off either way and I'm personally on the fence about it.
    =

    Including an RT hash in the proof seems more niche. Best I can tell, it would guard against prolonged offline access to protected resources when access tokens are bearer and the RT was DPoP-bound and also gets rotated. The trade-off there seems less worth it (I think an RT hash would be more awkward in the protocol too).<= span class=3D"Apple-converted-space">=C2=A0






    =

    =
    On Fri, Dec 4, 2020 at 5:40 AM Philippe De Ryck <= philippe@pragmaticwebsecurity.com> wrote:=

    The suggestion to use a web worker to ensure that proofs cannot be pre-computed is a good one I think. (You could also use a sandboxed iframe for a separate sub/sibling-dom= ain -=C2=A0dpop.example.com).

    An iframe with a different origin would also work (not really sandboxing, as that implies the use of the sandbox attribute to enforce behavioral restrictions). The downside of an iframe is the need to host additional HTML, vs a script file for the worker, but the effect is indeed the same.

    For scenario 4, I think this only works if the attacker can trick/spoof the AS into using their redirect_uri? Otherwise the AC will go to the legitimate app which will reject it due to mismatched state/PKCE. Or are you thinking of XSS on the redirect_uri itself? I think probably a good practice is that the target of a redirect_uri should be a very minimal and locked down page to avoid this kind of possibility. (Again, using a separate sub-domain to handle tokens and DPoP seems like a good idea).

    My original thought was to use a silent flow with Web Messaging. The scenario would go as follows:<= /div>

    1. Setup a Web Messaging listener to receive the incoming code
    2. Create a hidden iframe with the DOM APIs
    3. Create an authorization request such as =E2=80=9C/aut= horize?response_type=3Dcode&client_id=3D...&redirect_uri=3Dhttps%= 3A%2F%example.com&state=3D...&code_challenge=3D7-ffnU1EzH= tMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256&pr= ompt=3Dnone&response_mode=3Dweb_message=E2=80=9D
    4. Load this URL in the iframe, and wait for the result
    5. Retrieve code in the listener, and use PKCE (+ DPoP if needed) to exchange it for tokens

    This puts the attacker in full control over every aspect of the flow, so no need to manipulate any of the parameters.


    After your comment, I also believe an attacker can run the same scenario without the =E2= =80=9Cresp= onse_mode=3Dweb_message=E2=80=9D. This would go as follows:

    1. Create a hidden iframe with the DOM APIs
    2. Setup polling to read the URL (this will be possible for same-origin pages, not for cross-origin pages)
    3. Create an authorization request such as =E2=80=9C/aut= horize?response_type=3Dcode&client_id=3D...&redirect_uri=3Dhttps%= 3A%2F%example.com&state=3D...&code_challenge=3D7-ffnU1EzH= tMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256=E2= =80=9D
    4. Load this URL in the iframe, and keep polling
    5. Detect the redirect back to the application with the code in the URL, retrieve code, and use PKCE (+ DPoP if needed) to exchange it for tokens

    In step 5, the application is likely to also try to exchange the code. This will fail due to a mismatching PKCE verifier. While noisy, I don=E2=80=99t t= hink it affects the scenario.=C2=A0=


    =
    IMO, the online attack scenario (i.e., proxying malicious requests through the victim=E2=80=99= s browser) is quite appealing to an attacker, despite the apparent inconvenience:<= /div>

    =C2=A0- the victim=E2=80= =99s browser may be inside a corporate firewall or VPN, allowing the attacker to effectively bypass these restrictions
    =C2=A0- the attacker=E2= =80=99s traffic is mixed in with the user=E2=80=99= s own requests, making them harder to distinguish or to block

    Overall, DPoP can only protect against XSS to the same level as HttpOnly cookies. This is not nothing, but it means it only prevents relatively naive attacks. Given the association of public key signatures with strong authentication,= people may have overinflated expectations if DPoP is pitched as an XSS defence.

    Yes, in the cookie world this is known as =E2=80=9CSessio= n Riding=E2=80=9D= =2E Having the worker for token isolation would make it possible to enforce a coarse-grained policy on outgoing requests to prevent total abuse of the AT.

    My main concern here is the effort of doing DPoP in a browser versus the limited gains. It may also give a false sense of security.=C2=A0=



    With all this said, I believe that the AS can lock down its configuration to reduce these attack vectors. A few initial ideas:<= /div>

    1. Disable silent flows for SPAs using RT rotation
    2. Use the sec-fetch headers to detect and reject non-silent iframe-based flows

    For example, =C2=A0= an OAuth 2.0 flow in an iframe in Brave/Chrome carries these headers:
    sec-fetch-dest: iframe
    sec-fetch-mode: navigate
    sec-fetch-site: cross-site
    sec-fetch-user: ?1

    <= /div>

    <= /div>
    Philippe

    =

    = <= span class=3D"">CONF= IDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.=C2=A0= If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.


    = CON= FIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.=C2=A0= If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.<= /i>





    CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.=C2=A0 If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.<= /font>=C2=A0 
    _________________________________=
______________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinf=
o/oauth

    --=20
Vladimir Dzhuvinov
    _______________________________________________
    OAuth mailing list
    OAuth@ietf.org<= /a>
    https://www.ietf.org/mailm= an/listinfo/oauth

    CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.=C2=A0 If= you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you._________________________________= ______________
    OAuth mailing list
    OAuth@ietf.org
    https://www.ietf.org/mailman/lis= tinfo/oauth

    --------------426F3E8186DC3328B606CF8E-- --------------ms050301070505010702080606 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADCABgkqhkiG9w0BBwEAAKCC CzMwggUbMIIEA6ADAgECAhBs/e7jES6a32XKZxs4R01iMA0GCSqGSIb3DQEBCwUAMIGWMQsw CQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxm b3JkMRgwFgYDVQQKEw9TZWN0aWdvIExpbWl0ZWQxPjA8BgNVBAMTNVNlY3RpZ28gUlNBIENs aWVudCBBdXRoZW50aWNhdGlvbiBhbmQgU2VjdXJlIEVtYWlsIENBMB4XDTE5MTEwMjAwMDAw MFoXDTIxMTEwMTIzNTk1OVowKDEmMCQGCSqGSIb3DQEJARYXdmxhZGltaXJAY29ubmVjdDJp ZC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG5mL+CcvSppMj/W8Kd0/E 1/y5/s94gmbIFzEugHyMPV2dd6lusiALe35QCtu3e8Wy6FkCwzxWmmzhF4FY/e4uPbDjco3w /GgHhz2KXe385u31c32/uM3jRqhYT5JvmXxte/GgmjcW1yWcPkKEz/sCezdIYpI9Pek+P4Gr xmbt8H+wJrwfrXKTJXXT+gFjCcZDRLm67X4U57TsaCoezTe7zOoPX9zxMTyZD/cvC/SfuVxQ U60ZsfZzdcgPwScgy3JaiPegcbnqqebjJqtRx42eRjrBZ1/u411rHN2QQLgiih7D1/4PJC9f /8nHgaerLy3ogdu1dw5+vQ1TRIYBmcIXAgMBAAGjggHQMIIBzDAfBgNVHSMEGDAWgBQJwPL8 C9qU21/+K9+omULPyeCtADAdBgNVHQ4EFgQU446sriG/NgywLZA2oBG79Yr2qyAwDgYDVR0P AQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwQGCCsGAQUFBwMC MEAGA1UdIAQ5MDcwNQYMKwYBBAGyMQECAQEBMCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8vc2Vj dGlnby5jb20vQ1BTMFoGA1UdHwRTMFEwT6BNoEuGSWh0dHA6Ly9jcmwuc2VjdGlnby5jb20v U2VjdGlnb1JTQUNsaWVudEF1dGhlbnRpY2F0aW9uYW5kU2VjdXJlRW1haWxDQS5jcmwwgYoG CCsGAQUFBwEBBH4wfDBVBggrBgEFBQcwAoZJaHR0cDovL2NydC5zZWN0aWdvLmNvbS9TZWN0 aWdvUlNBQ2xpZW50QXV0aGVudGljYXRpb25hbmRTZWN1cmVFbWFpbENBLmNydDAjBggrBgEF BQcwAYYXaHR0cDovL29jc3Auc2VjdGlnby5jb20wIgYDVR0RBBswGYEXdmxhZGltaXJAY29u bmVjdDJpZC5jb20wDQYJKoZIhvcNAQELBQADggEBAEE73kCtUigl/bhLrqS6AsCU+jKm1fxq BY09+ktBwVcu5WgM18Uov3WvzVnjXn5BNNVM3RwhWFXyW3pPnDPyjqgxcpfoyY5SJEzvcPlu wm69z/dzqasVhsHPIFSjACnUBrFZPsq/abMQr4yFOMVyX/EudYgmZVu2Er9Ui7YbTO1Nolap xlseQIgQhVcr7aSs02PLDANuwW/asgKExYzhPdt9MF1lezj968Mv74kRo1T/lm5RFNfh2QdM 9C0n1t+qRCrRF1VbsiTgChjazgNGbvl12bOAujX0up4hqw+7PaCcI3Mpyv/rKKKrRG52iCcv cMHX344tOqKM/DIdF/0WNpkwggYQMIID+KADAgECAhBNlCwQ1DvglAnFgS06KwZPMA0GCSqG SIb3DQEBDAUAMIGIMQswCQYDVQQGEwJVUzETMBEGA1UECBMKTmV3IEplcnNleTEUMBIGA1UE BxMLSmVyc2V5IENpdHkxHjAcBgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29yazEuMCwGA1UE AxMlVVNFUlRydXN0IFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0xODExMDIwMDAw MDBaFw0zMDEyMzEyMzU5NTlaMIGWMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBN YW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRgwFgYDVQQKEw9TZWN0aWdvIExpbWl0ZWQx PjA8BgNVBAMTNVNlY3RpZ28gUlNBIENsaWVudCBBdXRoZW50aWNhdGlvbiBhbmQgU2VjdXJl IEVtYWlsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjztlApB/975Rrno 1jvm2pK/KxBOqhq8gr2+JhwpKirSzZxQgT9tlC7zl6hn1fXjSo5MqXUfItMltrMaXqcESJuK 8dtK56NCSrq4iDKaKq9NxOXFmqXX2zN8HHGjQ2b2Xv0v1L5Nk1MQPKA19xeWQcpGEGFUUd0k N+oHox+L9aV1rjfNiCj3bJk6kJaOPabPi2503nn/ITX5e8WfPnGw4VuZ79Khj1YBrf24k5Ee 1sLTHsLtpiK9OjG4iQRBdq6Z/TlVx/hGAez5h36bBJMxqdHLpdwIUkTqT8se3ed0PewDch/8 kHPo5fZl5u1B0ecpq/sDN/5sCG52Ds+QU5O5EwIDAQABo4IBZDCCAWAwHwYDVR0jBBgwFoAU U3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFAnA8vwL2pTbX/4r36iZQs/J4K0AMA4G A1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMC BggrBgEFBQcDBDARBgNVHSAECjAIMAYGBFUdIAAwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDov L2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUNlcnRpZmljYXRpb25BdXRob3JpdHku Y3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3Qu Y29tL1VTRVJUcnVzdFJTQUFkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2Nz cC51c2VydHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQBBRHUAqznCFfXejpVtMnFojADd F9d6HBA4kMjjsb0XMZHztuOCtKF+xswhh2GqkW5JQrM8zVlU+A2VP72Ky2nlRA1GwmIPgou7 4TZ/XTarHG8zdMSgaDrkVYzz1g3nIVO9IHk96VwsacIvBF8JfqIs+8aWH2PfSUrNxP6Ys7U0 sZYx4rXD6+cqFq/ZW5BUfClN/rhk2ddQXyn7kkmka2RQb9d90nmNHdgKrwfQ49mQ2hWQNDkJ JIXwKjYA6VUR/fZUFeCUisdDe/0ABLTI+jheXUV1eoYV7lNwNBKpeHdNuO6Aacb533JlfeUH xvBz9OfYWUiXu09sMAviM11Q0DuMZ5760CdO2VnpsXP4KxaYIhvqPqUMWqRdWyn7crItNkZe roXaecG03i3mM7dkiPaCkgocBg0EBYsbZDZ8bsG3a08LwEsL1Ygz3SBsyECa0waq4hOf/Z85 F2w2ZpXfP+w8q4ifwO90SGZZV+HR/Jh6rEaVPDRF/CEGVqR1hiuQOZ1YL5ezMTX0ZSLwrymU E0pwi/KDaiYB15uswgeIAcA6JzPFf9pLkAFFWs1QNyN++niFhsM47qodx/PL+5jR87myx5uY dBEQkkDc+lKB1Wct6ucXqm2EmsaQ0M95QjTmy+rDWjkDYdw3Ms6mSWE3Bn7i5ZgtwCLXgAIe 5W8mybM2JzGCBDIwggQuAgEBMIGrMIGWMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRl ciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRgwFgYDVQQKEw9TZWN0aWdvIExpbWl0 ZWQxPjA8BgNVBAMTNVNlY3RpZ28gUlNBIENsaWVudCBBdXRoZW50aWNhdGlvbiBhbmQgU2Vj dXJlIEVtYWlsIENBAhBs/e7jES6a32XKZxs4R01iMA0GCWCGSAFlAwQCAQUAoIICVzAYBgkq hkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0yMDEyMTkwNjAwMDJaMC8G CSqGSIb3DQEJBDEiBCDovJ+tbekKH60JHdOETknGnUvsdPMSyZz5bJaBv8FhTjBsBgkqhkiG 9w0BCQ8xXzBdMAsGCWCGSAFlAwQBKjALBglghkgBZQMEAQIwCgYIKoZIhvcNAwcwDgYIKoZI hvcNAwICAgCAMA0GCCqGSIb3DQMCAgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMIG8Bgkr BgEEAYI3EAQxga4wgaswgZYxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNo ZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE+MDwG A1UEAxM1U2VjdGlnbyBSU0EgQ2xpZW50IEF1dGhlbnRpY2F0aW9uIGFuZCBTZWN1cmUgRW1h aWwgQ0ECEGz97uMRLprfZcpnGzhHTWIwgb4GCyqGSIb3DQEJEAILMYGuoIGrMIGWMQswCQYD VQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3Jk MRgwFgYDVQQKEw9TZWN0aWdvIExpbWl0ZWQxPjA8BgNVBAMTNVNlY3RpZ28gUlNBIENsaWVu dCBBdXRoZW50aWNhdGlvbiBhbmQgU2VjdXJlIEVtYWlsIENBAhBs/e7jES6a32XKZxs4R01i MA0GCSqGSIb3DQEBAQUABIIBADja+1BQp+bwMmi0j/PR9okjyrm6LVgN4oli9rcfD/WwcSXM ZYOcsUPeGfC045NSF5hRpaYD2wM1fN49SwtGLCyNzhYvHBhLsxGWI3T3VgSHZ/NDAh17CE5j 9+KYfC19xgA/rDdzTEWYlXjxbjJ0zVNdjqQysF5iyDhwfX17nPaRJZUJAWiEz8m6SHy6ZKiN Q2rKKv6sdgpHc3x/3m9ep/YDYwiNx7/IXR0bk0MaKvuBlXS1Cn3D+LKavz63uNquhwfBuDGK cAxTy00CW5g7344LA36dSIkT0JaLz7Ot3f7+Pn1tHW2NOT1CGoe+DF520eONTxtM7cU0FiDn 2tzxUqAAAAAAAAA= --------------ms050301070505010702080606-- From nobody Sat Dec 19 03:59:34 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CC18F3A102E for ; Sat, 19 Dec 2020 03:59:32 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.085 X-Spam-Level: X-Spam-Status: No, score=-2.085 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_FONT_FACE_BAD=0.001, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qXgp8r-qgqdQ for ; Sat, 19 Dec 2020 03:59:28 -0800 (PST) Received: from mail-ej1-x62e.google.com (mail-ej1-x62e.google.com [IPv6:2a00:1450:4864:20::62e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0399E3A102D for ; Sat, 19 Dec 2020 03:59:27 -0800 (PST) Received: by mail-ej1-x62e.google.com with SMTP id ga15so7038881ejb.4 for ; Sat, 19 Dec 2020 03:59:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=content-transfer-encoding:from:mime-version:subject:date:message-id :references:cc:in-reply-to:to; bh=YZatCjxXqivrI8Cn6dpx7yxHjvzW622VgQdH6bNMbIs=; b=ScIq1aHtdQL370gr2UaJ/3KLQjXdF3fhmKZTV3MrtTiko/gp1Ok2GLr9c3QoGgVUsF Gc2J5HAHvhR5/Cdcv7dPYSkWMOLoBqtib2dnbwDEVFYGCe4O+WpsbJZywiEs9pQ3pyN6 UeeYN+yw+wFVojev8EI6dRjRo1L+DNFgaiVSH8vvnIp7zPZ/QM5Ub1HU8MlPnX4kzzdj Qd5uE4OOiHlGgJeqEAe0JF0eChkCll4yVFMlcU3pf7ECEZ0fokoszVZ1vfORkRygnWvs NYzJqiXQ0PdkQxunLCBsk5Pb/r3lbsyVv3ZM17Ucn6QQzjv5+Qr9SpSf+rzAxFGILdfo H5Og== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:content-transfer-encoding:from:mime-version :subject:date:message-id:references:cc:in-reply-to:to; bh=YZatCjxXqivrI8Cn6dpx7yxHjvzW622VgQdH6bNMbIs=; b=GvNngLA1kFrg2kujeOCtQaqfZ9TTFMwhd7s+TzqMdj7uE/8k//hdur32dGSCSfnAYM 3otlxJ/eGsFll0x6XtgwsmQsZMFWZv/M694IfZ0lI2MS1cYtSYNo4KZALN8Bkk2GhoPS 78K60jtdoFAGjLFYcwg0iHWEELSTFvzFkYbJjBT6lAUzLp+kyTVwXfkDorO8lYvvC2OK bFYLOXkhYP7EZSSckluKOatMR7LPva7IueSKIQ490TSBjjGryiw8PxGDwwqGA77gKFv/ ofCLHMG/WfAdQeJ3DQuiKYw8GbMGkh1XkaS3gZvkMkMLCDCfvcj44sbDf36zCmZPVj1N /UWg== X-Gm-Message-State: AOAM532SQqO2oF6CFRT4mn5kKID6fPLQgNSJfosrobW3BDfdN8L+YZzg 2v+fe3RieVDjfBH5IZ6Xag== X-Google-Smtp-Source: ABdhPJyj8W/66dJzBjZkYmztNW+lR6NA0f8BG1rBqiFEjowzjuCUwJ6xN7HmSTO1bEfbfcw7MRyp4A== X-Received: by 2002:a17:906:30d3:: with SMTP id b19mr2114760ejb.538.1608379166167; Sat, 19 Dec 2020 03:59:26 -0800 (PST) Received: from [192.168.68.100] (173.c3.airnet.cz. [94.74.199.173]) by smtp.gmail.com with ESMTPSA id f11sm6617791ejd.40.2020.12.19.03.59.23 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sat, 19 Dec 2020 03:59:23 -0800 (PST) Content-Type: multipart/alternative; boundary=Apple-Mail-D25F25AB-31E8-4959-9D79-6C4720A371BB Content-Transfer-Encoding: 7bit From: Filip Skokan Mime-Version: 1.0 (1.0) Date: Sat, 19 Dec 2020 12:59:22 +0100 Message-Id: <75E1FC45-E47B-4048-BEC5-0A9567D0100B@gmail.com> References: <0d69d968-16f4-9efb-7ebb-442c1bd1a28f@connect2id.com> Cc: Justin Richer , Brian Campbell , oauth In-Reply-To: <0d69d968-16f4-9efb-7ebb-442c1bd1a28f@connect2id.com> To: Vladimir Dzhuvinov X-Mailer: iPhone Mail (18B92) Archived-At: Subject: Re: [OAUTH-WG] DPoP followup I: freshness and coverage of signature X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Dec 2020 11:59:33 -0000 --Apple-Mail-D25F25AB-31E8-4959-9D79-6C4720A371BB Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable I don't share the same sentiment about at_hash being a pain, we already have= the tools on the server. And browser side it's a matter of 15loc using webc= rypto api since, well, the JWS algorithm support there is limited to the sim= ple ones ending with the bitsize needed anyway.=20 Nevertheless if we're saying sha256 of the key thumbprint is fine i don't se= e why we wouldn't be able to do the same for new AT hash property (no longer= called at_hash i assume). But if XSS is game over, let's not bother with trying to patch one particula= r scenario with a hash. - Filip Odesl=C3=A1no z iPhonu > 19. 12. 2020 v 7:00, Vladimir Dzhuvinov : >=20 > =EF=BB=BF > Thank you Justin for this honest account of your experience with DPoP. >=20 > To at_hash or not is maybe not solved yet, but at least it's clear there's= little enthusiasm about the OIDC style at_hash :) >=20 > Vladimir >=20 > On 15/12/2020 18:40, Justin Richer wrote: >> I went and implemented this proposal of including a token hash in both an= AS (java) and client (javascript) on a system that was already using DPoP a= nd OpenID Connect. What I did there was just use the existing code we had on= the AS-side to calculate the =E2=80=9Cat_hash=E2=80=9D in the ID Token from= OIDC, which I also used to verify on the token-accepting portions. I had to= implement the function on the client side, but that was only a couple lines= using a crypto library to do the heavy hash lift. >>=20 >> The most annoying part is dealing with the hash variability in the OIDC m= ethod. As Brian points out, this isn=E2=80=99t particularly robust, and it d= epends on the wrapper being JOSE. That=E2=80=99s not a huge deal because DPo= P uses JOSE for its wrapper, but it=E2=80=99s still extra code to deal with =E2= =80=94 to the point where I just hardcoded the hash algorithm in my test so t= hat I didn=E2=80=99t have to put together the switch case over the algorithm= .=20 >>=20 >> So in at least my own experience, the addition is minimal on both client a= nd server, and whatever we would decide for the hash algorithm would be simp= le enough to manage. I have a slight preference for just picking something l= ike SHA256 and calling it a day (and defining other hashes in the future whe= n SHA256 is broken), but that=E2=80=99s not a hill I care to die on. >>=20 >> =E2=80=94 Justin >>=20 >>> On Dec 14, 2020, at 4:27 PM, Brian Campbell wrote: >>>=20 >>>=20 >>>=20 >>> On Sat, Dec 12, 2020 at 1:22 AM Vladimir Dzhuvinov wrote: >>>> If the current DPoP has code complexity "X", the relative additional co= mplexity to include access token hashes doesn't seem like very much. An app c= hoosing DPoP means accepting the code complexity that comes with dealing wit= h keys, composing the signing inputs for the proofs, signing, the necessary c= hanges to the token and RS requests. On the other hand, for some people that= additional access token hash may become the straw that breaks the camel's b= ack, causing them to quit their jobs developing web apps and never look back= :) >>>>=20 >>> Yeah, the relative additional complexity to include an access token hash= maybe isn't too much but it's also not not nothing. It's a different kind o= f operation than the other things you listed (yes, I know there's a hash as p= art of the signing but it's abstracted away from the developer in most cases= ) and something that can be quite difficult to troubleshoot when different p= arties arrive at different hash values. Hence my lack of conviction on this o= ne way or the other.=20 >>> =20 >>>>=20 >>>> Have you thought about letting deployments decide about the access toke= n hash? To say look, there is also the option to bind an access token to the= DPoP proof, the security benefits can be such an such, and this is how it c= an be done. >>>>=20 >>>> What I don't like about that proposal:=20 >>>>=20 >>>> It will complicate the spec >>>>=20 >>>> The current spec doesn't require implementers / deployments to make any= decisions, apart from adopt / not DPoP (okay, also choose a JWS alg) - whic= h is actually a great feature to have >>>=20 >>> I also don't like it for basically the same reasons. I've definitely aim= ed to keep it simple from that perspective of not having a lot of optionalit= y or switches. It is a nice feature to have, when possible.=20 >>>=20 >>> =20 >>>> Vladimir >>>>=20 >>>>=20 >>>>=20 >>>> On 12/12/2020 01:58, Brian Campbell wrote: >>>>> Any type of client could use DPoP and (presumably) benefit from sender= -constrained access tokens. So yeah, adding complexity specifically for brow= ser-based applications (that only mitigates one variation of the attacks pos= sible with XSS anyway) has 'cost' impact to those clients as well. And shou= ld be considered in the cost/benefit. Including the AT hash isn't terribly c= omplicated but it's not trivial either. I'm honestly still unsure but am lea= ning towards it not being worth adding.=20 >>>>>=20 >>>>> On Fri, Dec 11, 2020 at 2:14 AM Philippe De Ryck wrote: >>>>>> The scenario you describe here is realistic in browser-based apps wit= h XSS vulnerabilities, but it is pretty complex. Since there are worse probl= ems when XSS happens, it=E2=80=99s hard to say whether DPoP should mitigate t= his.=20 >>>>>>=20 >>>>>> I=E2=80=99m wondering what other types of clients would benefit from u= sing DPoP for access tokens? Mobile apps? Clients using a Client Credentials= grant? >>>>>>=20 >>>>>> How are they impacted by any change made specifically for browser-bas= ed applications? >>>>>>=20 >>>>>> Philippe >>>>>>=20 >>>>>>=20 >>>>>>> On 9 Dec 2020, at 23:57, Brian Campbell = wrote: >>>>>>>=20 >>>>>>> Thanks Philippe, I very much concur with your line of reasoning and t= he important considerations. The scenario I was thinking of is: browser base= d client where XSS is used to exfiltrate the refresh token along with pre-co= mputed proofs that would allow for the RT to be exchanged for new access tok= ens and also pre-computed proofs that would work with those access tokens fo= r resource access. With the pre-computed proofs that would allow prolonged (= as long as the RT is valid) access to protected resources even when the vict= im is offline. Is that a concrete attack scenario? I mean, kind of. It's pre= tty convoluted/complex. And while an access token hash would reign it in som= ewhat (ATs obtained from the stolen RT wouldn't be usable) it's hard to say i= f the cost is worth the benefit. >>>>>>>=20 >>>>>>>=20 >>>>>>>=20 >>>>>>> On Tue, Dec 8, 2020 at 11:47 PM Philippe De Ryck wrote: >>>>>>>> Yeah, browser-based apps are pure fun, aren=E2=80=99t they? :) >>>>>>>>=20 >>>>>>>> The reason I covered a couple of (pessimistic) XSS scenarios is tha= t the discussion started with an assumption that the attacker already succes= sfully exploited an XSS vulnerability. I pointed out how, at that point, fin= etuning DPoP proof contents will have little to no effect to stop an attack.= I believe it is important to make this very clear, to avoid people turning t= o DPoP as a security mechanism for browser-based applications. >>>>>>>>=20 >>>>>>>>=20 >>>>>>>> Specifically to your question on including the hash in the proof, I= think these considerations are important: >>>>>>>>=20 >>>>>>>> 1. Does the inclusion of the AT hash stop a concrete attack scenari= o? >>>>>>>> 2. Is the =E2=80=9Ccost=E2=80=9D (implementation, getting it right,= =E2=80=A6) worth the benefits? >>>>>>>>=20 >>>>>>>>=20 >>>>>>>> Here=E2=80=99s my view on these considerations (specifically for br= owser-based apps, not for other types of applications): >>>>>>>>=20 >>>>>>>> 1. The proof precomputation attack is already quite complex, and sh= ort access token lifetimes already reduce the window of attack. If the attac= ker can steal a future AT, they could also precompute new proofs then.=20 >>>>>>>> 2. For browser-based apps, it seems that doing this complicates the= implementation, without adding much benefit. Of course, libraries could han= dle this, which significantly reduces the cost.=20 >>>>>>>>=20 >>>>>>>>=20 >>>>>>>> Note that these comments are specifically to complicating the spec a= nd implementation. DPoP=E2=80=99s capabilities of using sender-constrained a= ccess tokens are still useful to counter various other scenarios (e.g., midd= leboxes or APIs abusing access tokens). If other applications would signific= antly benefit from having the hash in the proof, I=E2=80=99m all for it. >>>>>>>>=20 >>>>>>>> On a final note, I would be happy to help clear up the details on w= eb-based threats and defenses if necessary. >>>>>>>>=20 >>>>>>>> =E2=80=94 >>>>>>>> Pragmatic Web Security >>>>>>>> Security for developers >>>>>>>> https://pragmaticwebsecurity.com/ >>>>>>>>=20 >>>>>>>>=20 >>>>>>>>> On 8 Dec 2020, at 22:47, Brian Campbell wrote: >>>>>>>>>=20 >>>>>>>>> Danial recently added some text to the working copy of the draft w= ith https://github.com/danielfett/draft-dpop/commit/f4b42058 that I think ai= ms to better convey the "nutshell: XSS =3D Game over" sentiment and maybe di= ssuade folks from looking to DPoP as a cure-all for browser based applicatio= ns. Admittedly a lot of the initial impetus behind producing the draft in th= e first place was born out of discussions around browser based apps. But it'= s neither specific to browser based apps nor a panacea for them. I hope the l= anguage in the document and how it's recently been presented is reflective o= f that reality.=20 >>>>>>>>>=20 >>>>>>>>> The more specific discussions/recommendations around in-browser ap= ps are valuable (if somewhat over my head) but might be more appropriate in t= he OAuth 2.0 for Browser-Based Apps draft.=20 >>>>>>>>>=20 >>>>>>>>> With respect to the contents of the DPoP draft, I am still keen to= try and flush out some consensus around the question posed in the start of t= his thread, which is effectively whether or not to include a hash of the acc= ess token in the proof. Acknowledging that "XSS =3D Game over" does sort of= evoke a tendency to not even bother with such incremental protections (what= I've tried to humorously coin as "XSS Nihilism" with no success). And as su= ch, I do think that leaving it how it is (no AT hash in the proof) is not un= reasonable. But, as Filip previously articulated, including the AT hash in t= he proof would prevent potentially prolonged access to protected resources e= ven when the victim is offline. And that seems maybe worthwhile to have in t= he protocol, given that it's not a huge change to the spec. But it's a trade= -off either way and I'm personally on the fence about it. >>>>>>>>>=20 >>>>>>>>> Including an RT hash in the proof seems more niche. Best I can tel= l, it would guard against prolonged offline access to protected resources wh= en access tokens are bearer and the RT was DPoP-bound and also gets rotated.= The trade-off there seems less worth it (I think an RT hash would be more a= wkward in the protocol too).=20 >>>>>>>>>=20 >>>>>>>>>=20 >>>>>>>>>=20 >>>>>>>>>=20 >>>>>>>>>=20 >>>>>>>>>=20 >>>>>>>>>=20 >>>>>>>>> On Fri, Dec 4, 2020 at 5:40 AM Philippe De Ryck wrote: >>>>>>>>>>=20 >>>>>>>>>>> The suggestion to use a web worker to ensure that proofs cannot b= e pre-computed is a good one I think. (You could also use a sandboxed iframe= for a separate sub/sibling-domain - dpop.example.com). >>>>>>>>>>=20 >>>>>>>>>> An iframe with a different origin would also work (not really san= dboxing, as that implies the use of the sandbox attribute to enforce behavio= ral restrictions). The downside of an iframe is the need to host additional H= TML, vs a script file for the worker, but the effect is indeed the same. >>>>>>>>>>=20 >>>>>>>>>>> For scenario 4, I think this only works if the attacker can tric= k/spoof the AS into using their redirect_uri? Otherwise the AC will go to th= e legitimate app which will reject it due to mismatched state/PKCE. Or are y= ou thinking of XSS on the redirect_uri itself? I think probably a good pract= ice is that the target of a redirect_uri should be a very minimal and locked= down page to avoid this kind of possibility. (Again, using a separate sub-d= omain to handle tokens and DPoP seems like a good idea). >>>>>>>>>>=20 >>>>>>>>>> My original thought was to use a silent flow with Web Messaging. T= he scenario would go as follows: >>>>>>>>>>=20 >>>>>>>>>> 1. Setup a Web Messaging listener to receive the incoming code >>>>>>>>>> 2. Create a hidden iframe with the DOM APIs >>>>>>>>>> 3. Create an authorization request such as =E2=80=9C/authorize?re= sponse_type=3Dcode&client_id=3D...&redirect_uri=3Dhttps%3A%2F%example.com&st= ate=3D...&code_challenge=3D7-ffnU1EzHtMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_= challenge_method=3DS256&prompt=3Dnone&response_mode=3Dweb_message=E2=80=9D >>>>>>>>>> 4. Load this URL in the iframe, and wait for the result >>>>>>>>>> 5. Retrieve code in the listener, and use PKCE (+ DPoP if needed)= to exchange it for tokens >>>>>>>>>>=20 >>>>>>>>>> This puts the attacker in full control over every aspect of the f= low, so no need to manipulate any of the parameters. >>>>>>>>>>=20 >>>>>>>>>>=20 >>>>>>>>>> After your comment, I also believe an attacker can run the same s= cenario without the =E2=80=9Cresponse_mode=3Dweb_message=E2=80=9D. This woul= d go as follows: >>>>>>>>>>=20 >>>>>>>>>> 1. Create a hidden iframe with the DOM APIs >>>>>>>>>> 2. Setup polling to read the URL (this will be possible for same-= origin pages, not for cross-origin pages) >>>>>>>>>> 3. Create an authorization request such as =E2=80=9C/authorize?re= sponse_type=3Dcode&client_id=3D...&redirect_uri=3Dhttps%3A%2F%example.com&st= ate=3D...&code_challenge=3D7-ffnU1EzHtMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_= challenge_method=3DS256=E2=80=9D >>>>>>>>>> 4. Load this URL in the iframe, and keep polling >>>>>>>>>> 5. Detect the redirect back to the application with the code in t= he URL, retrieve code, and use PKCE (+ DPoP if needed) to exchange it for to= kens >>>>>>>>>>=20 >>>>>>>>>> In step 5, the application is likely to also try to exchange the c= ode. This will fail due to a mismatching PKCE verifier. While noisy, I don=E2= =80=99t think it affects the scenario.=20 >>>>>>>>>>=20 >>>>>>>>>>=20 >>>>>>>>>>> IMO, the online attack scenario (i.e., proxying malicious reques= ts through the victim=E2=80=99s browser) is quite appealing to an attacker, d= espite the apparent inconvenience: >>>>>>>>>>>=20 >>>>>>>>>>> - the victim=E2=80=99s browser may be inside a corporate firewa= ll or VPN, allowing the attacker to effectively bypass these restrictions >>>>>>>>>>> - the attacker=E2=80=99s traffic is mixed in with the user=E2=80= =99s own requests, making them harder to distinguish or to block >>>>>>>>>>>=20 >>>>>>>>>>> Overall, DPoP can only protect against XSS to the same level as H= ttpOnly cookies. This is not nothing, but it means it only prevents relative= ly naive attacks. Given the association of public key signatures with strong= authentication, people may have overinflated expectations if DPoP is pitche= d as an XSS defence. >>>>>>>>>>=20 >>>>>>>>>> Yes, in the cookie world this is known as =E2=80=9CSession Riding= =E2=80=9D. Having the worker for token isolation would make it possible to e= nforce a coarse-grained policy on outgoing requests to prevent total abuse o= f the AT. >>>>>>>>>>=20 >>>>>>>>>> My main concern here is the effort of doing DPoP in a browser ver= sus the limited gains. It may also give a false sense of security.=20 >>>>>>>>>>=20 >>>>>>>>>>=20 >>>>>>>>>>=20 >>>>>>>>>> With all this said, I believe that the AS can lock down its confi= guration to reduce these attack vectors. A few initial ideas: >>>>>>>>>>=20 >>>>>>>>>> 1. Disable silent flows for SPAs using RT rotation >>>>>>>>>> 2. Use the sec-fetch headers to detect and reject non-silent ifra= me-based flows >>>>>>>>>>=20 >>>>>>>>>> For example, an OAuth 2.0 flow in an iframe in Brave/Chrome carr= ies these headers: >>>>>>>>>> sec-fetch-dest: iframe >>>>>>>>>> sec-fetch-mode: navigate >>>>>>>>>> sec-fetch-site: cross-site >>>>>>>>>> sec-fetch-user: ?1 >>>>>>>>>>=20 >>>>>>>>>>=20 >>>>>>>>>> Philippe >>>>>>>>>>=20 >>>>>>>>>=20 >>>>>>>>> CONFIDENTIALITY NOTICE: This email may contain confidential and pr= ivileged material for the sole use of the intended recipient(s). Any review,= use, distribution or disclosure by others is strictly prohibited. If you h= ave received this communication in error, please notify the sender immediate= ly by e-mail and delete the message and any file attachments from your compu= ter. Thank you. >>>>>>>>=20 >>>>>>>=20 >>>>>>> CONFIDENTIALITY NOTICE: This email may contain confidential and priv= ileged material for the sole use of the intended recipient(s). Any review, u= se, distribution or disclosure by others is strictly prohibited. If you hav= e received this communication in error, please notify the sender immediately= by e-mail and delete the message and any file attachments from your compute= r. Thank you. >>>>>>=20 >>>>>>=20 >>>>>>=20 >>>>>>=20 >>>>>=20 >>>>> CONFIDENTIALITY NOTICE: This email may contain confidential and privil= eged material for the sole use of the intended recipient(s). Any review, use= , distribution or disclosure by others is strictly prohibited. If you have r= eceived this communication in error, please notify the sender immediately by= e-mail and delete the message and any file attachments from your computer. T= hank you.=20 >>>>>=20 >>>>> _______________________________________________ >>>>> OAuth mailing list >>>>> OAuth@ietf.org >>>>> https://www.ietf.org/mailman/listinfo/oauth >>>> --=20 >>>> Vladimir Dzhuvinov >>>> _______________________________________________ >>>> OAuth mailing list >>>> OAuth@ietf.org >>>> https://www.ietf.org/mailman/listinfo/oauth >>>=20 >>> CONFIDENTIALITY NOTICE: This email may contain confidential and privileg= ed material for the sole use of the intended recipient(s). Any review, use, d= istribution or disclosure by others is strictly prohibited. If you have rec= eived this communication in error, please notify the sender immediately by e= -mail and delete the message and any file attachments from your computer. Th= ank you._______________________________________________ >>> OAuth mailing list >>> OAuth@ietf.org >>> https://www.ietf.org/mailman/listinfo/oauth >=20 > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth --Apple-Mail-D25F25AB-31E8-4959-9D79-6C4720A371BB Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable I don't share the same sentiment about at_h= ash being a pain, we already have the tools on the server. And browser side i= t's a matter of 15loc using webcrypto api since, well, the JWS algorithm sup= port there is limited to the simple ones ending with the bitsize needed anyw= ay. 

    Nevertheless if we're saying sha256 of the key t= humbprint is fine i don't see why we wouldn't be able to do the same for new= AT hash property (no longer called at_hash i assume).

    <= div>But if XSS is game over, let's not bother with trying to patch one parti= cular scenario with a hash.

    - Filip

    <= div dir=3D"ltr">Odesl=C3=A1no z iPhonu

    19. 12. 2020 v 7:00, Vladimir Dzhuvinov <vladimi= r@connect2id.com>:

    =EF=BB=BF =20 =20 =20

    Thank you Justin for this honest account of your experience with DPoP.

    To at_hash or not is maybe not solved yet, but at least it's clear there's little enthusiasm about the OIDC style at_hash :)

    Vladimir

    On 15/12/2020 18:40, Justin Richer wrote:
    I went and implemented this proposal of including a token hash in both an AS (java) and client (javascript) on a system that was already using DPoP and OpenID Connect. What I did there was just use the existing code we had on the AS-side to calculate the =E2=80=9Cat_hash=E2=80=9D in the ID Token from OIDC, which I also used= to verify on the token-accepting portions. I had to implement the function on the client side, but that was only a couple lines using a crypto library to do the heavy hash lift.

    The most annoying part is dealing with the hash variability in the OIDC method. As Brian points out, this isn=E2=80=99= t particularly robust, and it depends on the wrapper being JOSE. That=E2=80=99s not a huge deal because DPoP uses JOSE for its wrappe= r, but it=E2=80=99s still extra code to deal with =E2=80=94 to the poin= t where I just hardcoded the hash algorithm in my test so that I didn=E2=80=99= t have to put together the switch case over the algorithm. 
    =

    So in at least my own experience, the addition is minimal on both client and server, and whatever we would decide for the hash algorithm would be simple enough to manage. I have a slight preference for just picking something like SHA256 and calling it a day (and defining other hashes in the future when SHA256 is broken), but that=E2=80=99s not a hill I care to die on.

     =E2=80=94 Justin

    On Dec 14, 2020, at 4:27 PM, Brian Campbell <bcampbell=3D40pingidentity.com@dm= arc.ietf.org> wrote:



    On Sat, Dec 12, 2020= at 1:22 AM Vladimir Dzhuvinov <vladimir@connect2id= .com> wrote:

    If the current DPoP has code complexity "X", the relative additional complexity to include access token hashes doesn't seem like very much. An app choosing DPoP means accepting the code complexity that comes with dealing with keys, composing the signing inputs for the proofs, signing, the necessary changes to the token and RS requests. On the other hand, for some people that additional access token hash may become the straw that breaks the camel's back, causing them to quit their jobs developing web apps and never look back :)

    Yeah, the relative additional complexity to include an access token hash maybe isn't too much but it's also not not nothing. It's a different kind of operation than the other things you listed (yes, I know there's a hash as part of the signing but it's abstracted away from the developer in most cases) and something that can be quite difficult to troubleshoot when different parties arrive at different hash values. Hence my lack of conviction on this one way or the other. 
     

    Have you thought about letting deployments decide about the access token hash? To say look, there is also the option to bind an access token to the DPoP proof, the security benefits can be such an such, and this is how it can be done.

    What I don't like about that proposal: 

    • It will complicate the spec

    • The current spec doesn't require implementers / deployments to make any decisions, apart from adopt / not DPoP (okay, also choose a JWS alg) - which is actually a great feature to have

    I also don't like it for basically the same reasons. I've definitely aimed to keep it simple from that perspective of not having a lot of optionality or switches. It is a nice feature to have, when possible. 

     

    Vladimir


    On 12/12/2020 01:58, Brian Campbell wrote:
    Any type of client could= use DPoP and (presumably) benefit from sender-constrained access tokens. So yeah, adding complexity specifically for browser-based applications (that only mitigates one variation of the attacks possible with XSS&nbs= p;anyway)  has 'cost' impact to those clients as well. And should be considered in the cost/benefit. Including the AT hash isn't terribly complicated but it's not trivial either. I'm honestly still unsure but am leaning towards it not being worth adding. 

    On Fri, Dec 11, 2020 at 2:14 AM Philippe De Ryck <philippe@pragmaticwebsecurity.com> wrote:
    The scenario you describe here is realistic in browser-based apps with XSS vulnerabilities, but it is pretty complex. Since there are worse problems when XSS happens, it=E2=80=99s hard to say whe= ther DPoP should mitigate this. 

    I=E2=80=99m wondering what oth= er types of clients would benefit from using DPoP for access tokens? Mobile apps? Clients using a Client Credentials grant?

    How are they impacted by any change made specifically for browser-based applications?

    Philippe


    On 9 Dec 2020, at 23:57, Brian Campbell <bcampbell@pingidentity.com> wrote:

    Thanks Philippe, I very much concur with your line of reasoning and the important considerations. The scenario I was thinking of is: browser based client where XSS is used to exfiltrate the refresh token along with pre-computed proofs that would allow for the RT to be exchanged for new access tokens and also pre-computed proofs that would work with those access tokens for resource access. With the pre-computed proofs that would allow prolonged (as long as the RT is valid) access to protected resources even when the victim is offline. Is that a concrete attack scenario? I mean, kind of. It's pretty convoluted/complex. And while an access token hash would reign it in somewhat (ATs obtained from the stolen RT wouldn't be usable) it's hard to say if the cost is worth the benefit.



    On Tue, Dec 8, 2020 at 11:47 PM Philippe De Ryck <philippe@pragmaticwebsecurity.com> wrote:
    Yeah, browser-based apps are pure fun, aren=E2=80=99t the= y? :)

    The reason I covered a couple of (pessimistic) XSS scenarios is that the discussion started with an assumption that the attacker already successfully exploited an XSS vulnerability. I pointed out how, at that point, finetuning DPoP proof contents will have little to no effect to stop an attack. I believe it is important to make this very clear, to avoid people turning to DPoP as a security mechanism for browser-based applications.


    Specifically= to your question on including the hash in the proof, I think these considerations are important:

    1. Does the inclusion of the AT hash stop a concrete attack scenario?
    2. Is the =E2=80=9Ccost=E2=80=9D (implementation, getting it right, =E2=80=A6= ) worth the benefits?


    Here=E2=80=99= s my view on these considerations (specifically for browser-based apps, not for other types of applications):=

    1. The proof precomputation attack is already quite complex, and short access token lifetimes already reduce the window of attack. If the attacker can steal a future AT, they could also precompute new proofs then. 
    2. For browser-based apps, it seems that doing this complicates the implementation, without adding much benefit. Of course, libraries could handle this, which significantly reduces the cost. 


    Note that these comments are specifically to complicating the spec and implementation. DPoP=E2=80=99s capabilitie= s of using sender-constrained access tokens are still useful to counter various other scenarios (e.g., middleboxes or APIs abusing access tokens). If other applications would significantly benefit from having the hash in the proof, I=E2=80=99m a= ll for it.

    On a final note, I would be happy to help clear up the details on web-based threats and defenses if necessary.

    = =E2=80=94
    Prag= matic Web Security Secu= rity for developers=
    https://pragmaticwebsecurity.com/


    On 8 Dec 2020, at 22:47, Brian Campbell <bcampbell@pingidentity.com> wrote:

    Da= nial recently added some text to the working copy of the draft with https://github.com/danielfett/draft-dpop/commit/f4b42058 that I think aims to better= convey the "nutshell: XSS =3D Game over" sentiment and maybe dissuade folks from looking to DPoP as a cure-all for browser based applications. Admittedly a lot of the initial impetus behind producing the draft in the first place was born out of discussions around browser based apps. But it's neither specific to browser based apps nor a panacea for them. I hope the language in the document and how it's recently been presented is reflective of that reality. 
    Th= e more specific discussions/recommendations around in-browser apps are valuable (if somewhat over my head) but might be more appropriate in the OAuth 2.0 for Browser-Based Apps draft. 
    Wi= th respect to the contents of the DPoP draft, I am still keen to try and flush out some consensus around the question posed in the start of this thread, which is effectively whether or not to include a hash of the access token in the proof. = ; Acknowledging that "XSS =3D Game over" does sort of evoke a tendency to not even bother with such incremental protections (what I've tried to humorously coin as "XSS Nihilism" with no success). And as such, I do think that leaving it how it is (no AT hash in the proof) is not unreasonable. But, as Filip previously articulated, including the AT hash in the proof would prevent potentially prolonged access to protected resources even when the victim is offline. And that seems maybe worthwhile to have in the protocol, given that it's not a huge change to the spec. But it's a trade-off either way and I'm personally on the fence about it.
    In= cluding an RT hash in the proof seems more niche. Best I can tell, it would guard against prolonged offline access to protected resources when access tokens are bearer and the RT was DPoP-bound and also gets rotated. The trade-off there seems less worth it (I think an RT hash would be more awkward in the protocol too). 


    On Fri, Dec 4, 2020 at 5:40 AM Philippe De Ryck <philippe@pragmaticwebsecurity.com> wrote:<= br class=3D"">
    Th= e suggestion to use a web worker to ensure that proofs cannot be pre-computed is a good one I think. (You could also use a sandboxed iframe for a separate sub/sibling-domain= - dpop.example.com).
    An= iframe with a different origin would also work (not really sandboxing, as that implies the use of the sandbox attribute to enforce behavioral restrictions). The downside of an iframe is the need to host additional HTML, vs a script file for the worker, but the effect is indeed the same.
    Fo= r scenario 4, I think this only works if the attacker can trick/spoof the AS into using their redirect_uri? Otherwise the AC will go to the legitimate app which will reject it due to mismatched state/PKCE. Or are you thinking of XSS on the redirect_uri itself? I think probably a good practice is that the target of a redirect_uri should be a very minimal and locked down page to avoid this kind of possibility. (Again, using a separate sub-domain to handle tokens and DPoP seems like a good idea).
    My= original thought was to use a silent flow with Web Messaging. The scenario would go as follows:
    1.= Setup a Web Messaging listener to receive the incoming code
    2.= Create a hidden iframe with the DOM APIs
    3.= Create an authorization request such as =E2=80=9C/authorize?response_type=3Dcode&client_id=3D...&redirect_uri= =3Dhttps%3A%2F%example.com&state=3D...&code_challenge=3D= 7-ffnU1EzHtMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256= &prompt=3Dnone&response_mode=3Dweb_message=E2=80=9D
    4.= Load this URL in the iframe, and wait for the result
    5.= Retrieve code in the listener, and use PKCE (+ DPoP if needed) to exchange it for tokens
    Th= is puts the attacker in full control over every aspect of the flow, so no need to manipulate any of the parameters.
    Af= ter your comment, I also believe an attacker can run the same scenario without the =E2=80= =9Cresponse_mode=3Dweb_message=E2=80=9D. This would go as follows:
    1.= Create a hidden iframe with the DOM APIs
    2.= Setup polling to read the URL (this will be possible for same-origin pages, not for cross-origin pages)
    3.= Create an authorization request such as =E2=80=9C/authorize?response_type=3Dcode&client_id=3D...&redirect_uri= =3Dhttps%3A%2F%example.com&state=3D...&code_challenge=3D= 7-ffnU1EzHtMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256= =E2=80=9D
    4.= Load this URL in the iframe, and keep polling
    5.= Detect the redirect back to the application with the code in the URL, retrieve code, and use PKCE (+ DPoP if needed) to exchange it for tokens
    In= step 5, the application is likely to also try to exchange the code. This will fail due to a mismatching PKCE verifier. While noisy, I don=E2=80=99t thin= k it affects the scenario. 

    IM= O, the online attack scenario (i.e., proxying malicious requests through the victim=E2=80=99s browser) is quite appealing to an attacker, despite the apparent inconvenience:
    &n= bsp;- the victim=E2=80=99= s browser may be inside a corporate firewall or VPN, allowing the attacker to effectively bypass these restrictions
    =
    &n= bsp;- the attacker=E2=80= =99s traffic is mixed in with the user=E2=80=99s= own requests, making them harder to distinguish or to block
    Ov= erall, DPoP can only protect against XSS to the same level as HttpOnly cookies. This is not nothing, but it means it only prevents relatively naive attacks. Given the association of public key signatures with strong authentication, people may have overinflated expectations if DPoP is pitched as an XSS defence.
    =
    Ye= s, in the cookie world this is known as =E2=80=9CSession Riding=E2=80=9D. Having the worker for token isolation would make it possible to enforce a coarse-grained policy on outgoing requests to prevent total abuse of the AT.
    My= main concern here is the effort of doing DPoP in a browser versus the limited gains. It may also give a false sense of security. 
    Wi= th all this said, I believe that the AS can lock down its configuration to reduce these attack vectors. A few initial ideas:
    1.= Disable silent flows for SPAs using RT rotation
    2.= Use the sec-fetch headers to detect and reject non-silent iframe-based flows
    Fo= r example,  an OAuth 2.0 flow in an iframe in Brave/Chrome carries these headers:
    se= c-fetch-dest: iframe
    se= c-fetch-mode: navigate
    se= c-fetch-site: cross-site
    se= c-fetch-user: ?1
    =


    Philippe


    CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.<= /span>


    CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.  I= f you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.    =





    CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you. 
    ____________________________________=
___________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oaut=
h

    --=20
Vladimir Dzhuvinov
    _______________________________________________
    OAuth mailing list
    OAuth@ietf.org
    http= s://www.ietf.org/mailman/listinfo/oauth

    CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.  If yo= u have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.____________________________________= ___________
    OAuth mailing list
    OAuth@ietf.org
    https://www.ietf.org/mailman/listinfo/oauth

    =20 _______________________________________________
    OAuth m= ailing list
    OAuth@ietf.org
    https://www.ietf.= org/mailman/listinfo/oauth
    = --Apple-Mail-D25F25AB-31E8-4959-9D79-6C4720A371BB-- From nobody Mon Dec 21 06:51:28 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AEA3A3A1158 for ; Mon, 21 Dec 2020 06:51:25 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 1.421 X-Spam-Level: * X-Spam-Status: No, score=1.421 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_IMAGE_ONLY_24=1.618, HTML_IMAGE_RATIO_06=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EhOenqLnbf9q for ; Mon, 21 Dec 2020 06:51:24 -0800 (PST) Received: from mail-ed1-x52f.google.com (mail-ed1-x52f.google.com [IPv6:2a00:1450:4864:20::52f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3D6813A114A for ; Mon, 21 Dec 2020 06:51:23 -0800 (PST) Received: by mail-ed1-x52f.google.com with SMTP id h16so9800842edt.7 for ; Mon, 21 Dec 2020 06:51:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=AMLc++E5AqKAzVVGIrxCWv9MiFYMwnrcyiBz3pYQXHk=; b=SjF9bq4W/zP1l2hyRmCse6xHzCEc1KwzGARxCLQuRd6xN3hJLFDF+tFJQ3t9L9woJE X6gJRV4wJKsgEf4Umpz7RMbivUTvRWK9JvSLHV3YPz6Qn1lkK2G4XFp4NBZq+9odSbvG oldJmvEFz3fHceEqgoQ8RaNvgCExp5Kxgxsme+W8vWLVM+uwREoT5JPPP1RbFrlurmW7 3f0HIHJoFQm0TYkfR74tHMFiefP1G82jSWx6sLTcmv0xEyJplszguEuRa9uJZmGBzDR+ uiKaMsXFcY/v4o/odyhNTKSIU2rDu9yUDdJAYFqTJQDyjUkLErmbe43zqC/zAvhmJacM nioQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=AMLc++E5AqKAzVVGIrxCWv9MiFYMwnrcyiBz3pYQXHk=; b=IXDr4wy8wBv1Syz4sbGqPJMWyjrU/FDMqVyfygvktWsQV28y4UsAiwd3hdGUwLB0as IUoGpxqGADcvvcABGXI71qC2SFbhFvGKYllOUmi90iSZiVoxR+sKvXwXhKYmpbneoWBK xyPodGAL3M9j/xJuTTrpIA+seE4TlDC3oxPlbdWMIbCcsviQmnfpxakmlCDXuHe/V2hz UAs/LwJ9+8TKFU5AU6+DsNe/2IW73aRourplRaj29QJL+NFD7PyyBi+yoaDZt8IAJo7o 4twsHVZ+UcM/KgedkWD6gXUYVf5iTWT99WNs5FHGl5AIvUUb2I86qJZ0zt4qh3fclH3i G/bA== X-Gm-Message-State: AOAM531Zn8NZy3ziqiBfk9RwYVb61lrb0hP2LHtoV1lY7lQf/Bmijta/ kiXk8rvl0Ti2OkDqIF0Qem3z9MAk+N2NQXMFPeqSeHmoMnZUgg== X-Google-Smtp-Source: ABdhPJyB9y5/n2K/MFb610kKMzVRz/elDatRy2VRNDG9eFUvcqyhBu9YCxIUZk7tm9ogCE2fkE3RUucAm3GI2gDOytA= X-Received: by 2002:a05:6402:2710:: with SMTP id y16mr5819602edd.21.1608562280553; Mon, 21 Dec 2020 06:51:20 -0800 (PST) MIME-Version: 1.0 From: Thibault Normand Date: Mon, 21 Dec 2020 15:51:09 +0100 Message-ID: To: oauth Content-Type: multipart/related; boundary="00000000000055026905b6fa9742" Archived-At: Subject: [OAUTH-WG] Use OAuth flows to separate authentication from AS X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Dec 2020 14:51:26 -0000 --00000000000055026905b6fa9742 Content-Type: multipart/alternative; boundary="00000000000055026705b6fa9741" --00000000000055026705b6fa9741 Content-Type: text/plain; charset="UTF-8" Hello All, Merry Christmas, Happy new year! I'm trying to separate the authentication from the authorization server as a dedicated service. This will allow : * to have better isolation of often customer-specific code * to dispatch the load according to the authentication scheme used (Argon2, etc.) * to be creative with the authentication process The idea is to have an API contract based on the assertion flow, where the assertion is the result of authentication, and authorization (role mapping, scope expansion, etc.). This assertion is exchanged using assertion grant type to get an Access Token which is symbolically used as authentication by reference token. During AuthCode dance, the user has to be logged in, if not he will be redirected to the corresponding authentication provider, which will generate the assertion and the access token. The authentication provider returned the access token as parameter to the initial authorization_code request, so that this access token is used to retrieve the bound identity via an (internal) generic user info call that we return the ID Token built on authentication phase. [image: OATH AuthCode + External Login.png] I saw multiple implementations of the external identity provider pattern, but they use an additional API served by Authorization Server to handle the identity binding to the authorization request. I try to stick with OAuth already defined flows. Some focus: - AccessToken in URL for identity binding => probably need to be burn-after-read - TokenExchange vs Assertion - Probably other things ... Any thoughts? Thank you ^^ -- Thibault Normand http://www.zenithar.org --00000000000055026705b6fa9741 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
    Hello All,

    Merry Christmas, = Happy new year!

    I'm trying to separate the= authentication from the authorization server as a dedicated service. This = will allow :
    * to have better isolation of often customer-spe= cific code
    * to dispatch the load according to the authentication= scheme used (Argon2, etc.)
    * to be creative with the authent= ication process

    The idea is to have an API con= tract based on the assertion flow, where the assertion is the result of aut= hentication, and authorization (role mapping, scope expansion, etc.).
    <= /div>
    This assertion is exchanged using assertion grant type to get an = Access Token which is symbolically used as authentication by reference toke= n.

    During AuthCode dance, the user has to be logge= d in, if not he will be redirected to the corresponding authentication prov= ider, which will generate the assertion and the access token.
    The authentication provider returned the access token as parameter to the = initial authorization_code request, so that this access token is used to re= trieve the bound identity via an (internal) generic user info call that we = return the ID Token built on authentication phase.

    3D"OATH
    I saw multiple implementations of the e= xternal identity provider pattern, but they use an additional API served by= Authorization Server to handle the identity binding to the authorization r= equest.

    I try to stick with OAuth already defined = flows.

    Some focus:
    • AccessToken i= n URL for identity binding =3D> probably need to be burn-after-read
      • =
    • TokenExchange vs Assertion
    • Probably other things ...
    Any thoughts?

    Thank you ^^<= br>
    --
    Th= ibault Normand
    htt= p://www.zenithar.org
    --00000000000055026705b6fa9741-- --00000000000055026905b6fa9742 Content-Type: image/png; name="OATH AuthCode + External Login.png" Content-Disposition: inline; filename="OATH AuthCode + External Login.png" Content-Transfer-Encoding: base64 Content-ID: X-Attachment-Id: ii_kiynze0h0 iVBORw0KGgoAAAANSUhEUgAABWAAAAVqCAIAAADvDkDsAAAAKXRFWHRjb3B5bGVmdABHZW5lcmF0 ZWQgYnkgaHR0cDovL3BsYW50dW1sLmNvbREwORwAAAMgaVRYdHBsYW50dW1sAAEAAAB4nJVV207b QBB9t8Q/jPJkqw4NaUUrCyFM4rQJSUidABKqhBZ7MSvMOl2vo9Cv76zt+BZD4cnW7syZc+a2Z7Ek QibPIVzaq59gJ/JxEPkUPoGzlVRwEsI0Chg/0A60NVoyj60Jl3AVU2EHlMv6ced8NPrNT04GIcO7 09MOkBjwrGGlwkSC/SWSRRyWVGyoUG72MndRBrctTgjKvKZXLZiymiu2gYiSNYy5VD4RCoCSNHRP FSurfo0nxcV5wkIfMDmSgs7pVl65UxNYHJuwuBg4Jswj7lEDPsPkxqk4p8QtPFy6zi+dVHXeeZhY EwT1maCevEsEq4GZWTiFubBdhZmCQXfHSdA/CY1TR6wPciniokWhzQI3j6DbSxO8NDl3zEeXnFUF J5VkGAca5X6ZtKILBJWC0Q0J97KX69wVkuqNOK1BFAoJJSSIBDySEEZBQH1gafqrelvVqMruCWoN pMD26M6trJXfTRWgTEfZeNlNRnausHeDYsHlmqq+jOOKWTFG3ZJGBVCp99W/fNkDzq1HkQgojIew ip5ojpuXq8IxRrnpXOiTm5XRioX1SiH0DtlZd8wCuOZzW6U7zgmC7Xkorp1GHumN2t2+o3Z43hbt tZJ+rAPfBs9lF8Aq2Jg/RPoHfMbDLME8XQ7KpsjQ272NU2zCxHZnerYksk3QnMt0Jp2t90h4QNsX 2oCE4T3xnvQ2sPqKuyYh89V++++W299vikmOrgyNlm1Va5aajCKhtfVSD1Bkv5n0RpTqWLSJK0qR M2hZl8t1yGQKgg1SVCTNhgiNkrZL4ygRHgWSUmrP/85IL1H3Eu9s8UHzm9OUW+wArOZ9Eb7QPiSS vPIEZFe55jP84gt/oGmLEF/Sq9kU8OVUSwqODvu9fu+w39eXCYch9aB3DEc968ux1f8GA2cF6t7Q 9B+LKeTxfRZj2e4TtT8MbUI2BNwEC/pMsw04GV7sDsDhGyYi/oyktMn1rDQ4/to9ZzJ/xOF6pg3p A0nwbXA4thXjAbbAatT9rk2x1xMSIPaD0AYR4ooX3Imu9g9MZLA57s22rAAAgABJREFUeF7s3Qd4 FEX/B/A0aghNSiD0EgEpQQQMBBsBQhMpL/zpyovIi4RXpUgv0uSVCFJFEJQOAqEXAUF4CRha4BUb JbSAJLQAb6SE3P/nzcu4bLu9JLe35ft55uHZm5ttM7NzOz/uNj4OAAAAAAAAALA9H3EGAAAAAAAA ANgPAgQAAAAAAAAAgAABAAAAAAAAACBAAAAuPbx159qeo0ha0sPbd8XVBwAGhvHNqsmAozE6m32S AbsfgHYIEACAC/RRt9KnHpKWlLz3qLj6AMDAML5ZNRlwNEZns08yYPcD0A4BAgBwgd3T/DJt6rU9 K5GU0i+fTsU9AYDpYHyzXjLsaIzOZodk2O4HoB0CBADgArunoY+9jIxjSErp9+9W4p4AwHQwvlkv GXY0RmezQzJs9wPQDgECAHAB9zRaErsn2P7p/Li4uOPHj//2229JSUmpqani2gQAI8H4Zr1k2NEY nc0OybDdD0A7BAgAwAXc02hJ7J5g9diYjRs37t69Oz4+nm4LUlJSxLUJAEaC8c16ybCjMTqbHZJh ux+AdggQAIALuKfRktg9wZJhk5YvXx4bG0u3BcePH09KShLXJgAYCcY36yXDjsbobHZIhu1+ANoh QAAALuCeRkti9wSLh0786quv6LZg48aNcXFxiYmJ4toEACPB+Ga9ZNjRGJ3NDsmw3Q9AOwQIAMAF 3NNoSeyeYNWYqXRP8PXXX69evXr37t2//fabuDYBwEgwvlkvGXY0RmezQzJs9wPQDgECAHAB9zRa Eu4JAMwI45v1kmFHY3Q2OyTDdj8A7RAgAAAXcE+jJeGeAMCMdBjfPvtsyCefvC/Nt1K6e/dAQsKq 8+e3pqcfkb6rczLsaIzO5qGE7geQvRAgAAAXdLinkaaGDcP8nIKCAt9449V//3uRKJ/7738PquTr lnBPAGBGLse306c3+vv71a5dRfqWxtS4cb3w8JrSfHdT06bhERFh0vxMpGzcFKWvvx4fGJjHxyl3 7py7ds2TltEzGXY0NlFnk03Z1W2yazssofsBZDsECADABZf3NJ5IdItTpkzwp58OatmyEX3qFy/+ zOPHR1l+qVLFly6dyBP7HwOlfN0S7gkAzMjl+DZ6dB829zhxYrX0Xdm0aNG44cP/zl9m15xt1Ki3 hwzpKc3XkkSHlJVNidKjR0dCQorVq1f90KHFR44sf++9Lvv3L5QW0zMZdjQ2UWdjKbu6TXZtR5rQ /QA8AQECAHDB5T2NJxLd4oSFPcuX6YbpwoVtbLlGjUqy5WXzdUu4JwAwI/Xx7fHjo+XLh7D/nxw8 WOuUpm3bV597riJ/KZyzsUCnNCnla3lXmqi8aBXRIckm9b0ovbt9+2yqnOXLJ0vf4isqrcvelWaK CqiUkX3LsKOxETqbW/WZuW4j3UXmtqPlXXQ/AE9AgAAAXFC/p/FQEgYIWrVq5O//v58MKAUClPJ1 S7gnADAj9fFtz575NP34/PORhQsXKFmyqPB7Se3avRYd/X9sOSVlT7VqFdgsZfToPvny5c2ZMwfl dOvWIuPJnC029lMa02g7wrnf/fs/0MvSpYtT+eefr7Jjxxz+Vu/ebbt2bTFjxof07tChb/EcWnjw IJ6mW7R9Yfrttw301sKFY6OiGhQokK9YscJjxrzDNiU9JL4pLccge+Q8HT26nKqob98O0rfS0g5R Pq1YsGDQe+91efTof7UnOrXmzRv269eRr7Vt22w6zosXt2lcXbpfw47G3u1s6vUpXUW6cVG3GTHi 7xUqhNCnc0hIsXnzRmag+zmTYbsfgHYIEACAC+r3NB5KdItTq1bomTObpk0b5Ofn9+GHb/J82UCA Ur5uCfcEAGakPr716tWG5jZ37x6gKQTNQ4Szl5o1K7/++sts+erVnfTurFlDafnf/15Uu3YVmuB9 +eXYzZtnZDjnbEFBgTTNePfdjh06RFLJgwcXsxXffrtdQIB/z56t588fTbMgX1/fQ4f+9xatlSdP ruDgZ2gSQlNHlsP+c5imjrRxltgIWahQ/t9/30Vv9enTrn//TmvWTO3UqSnt6Pz5rUqHxP+fWf0Y lI5cmOrUqUpvtW790uXLO4T5VHs0v6IjHDXqbTrIOXOG880KT23IkJ65cuW8efN79m7btq/SBrWv LjqYDAOPxt7tbCr1KbuK7MZ5t6F5MpXs3r3lhg3Taba8ffvsDHQ/ZzJs9wPQzlMBgoe37tA4iPTw 9l1x1QCYzTXVexoPpXDnzwqYZs3C79//QZpPFi+eoJ6vW8I9AYAZqYxv9+7F0fyEpi60TJMWH+d0 iL+rNGfLkHyhmmYUNAXaunUWLdMchkpOmPAuW4smHu3bN2bFrl/fQ7MjWpevlTdv7mPHVgi3w6dV LKWnH6Fj8Pf3E04mWfr553W0I5qSsZfSQ2KbcnkMskcuSrdu7WvevCG9S/Pb1av/xTKvXPlzyx98 0I29pOp6+eU6fLPCUztxYjWt+8UXo2j52rXdOXIEUE1qX12aDDsae7Gzqden7CqyG2fdhm0tNLQs f0uU0P0M0v0sPB3TMsOy8OlLk5YK0c5TAYJrzkEQKXnvUXHVAJgNu5xl72k8l+juge4n/v3vRR9+ +Gb+/IGvvPLCnTv/ZvnlypXcufNzluj2gpeXzdctGeqeAAA0UhnfliyZQDOHuXNH0GyHUokSRQID 89y9e4C969acjU/saUpPJdm3r9lXyqdNG8RL0lp80iUNB0hzhg3rJdpCWtqhxYsn9OvXsUWLCHbw LF/pkLQfg/DIpenx46MLF46lKS5N8Fas+Jhydu+eR+Wp0qiiKNHkrXz5EOlmWaICL730PC3ExAzM nTvnjRt73VpdlAw7Gnuxs2msT1ErK22cbe3997vyt1hC98swWPez8HRMywzLwqcvTVoqRDvPBgh+ mTaVxkF7pl8+nZrtrQXgFSr3NJ5L4YJnELA7p2XLJrF82Z8SKOXrlgx1TwAAGqmMb02avOgj8fXX 49m7WZ+zseersf+6ZOmFF6qVK1dSupZsDg2JtHqvXm14zsOHh19+uU6RIgU/+KDbnDnDfTTM0LQf g/oMjaWfflqXM2cOWouWd+78nMp37hw1b95Ilmgkl26WpSlT/klTu8TELTSM0yruri5Khh2NvdjZ NNanxgAB29rIkb35Wxnofk+SobqfJadj2mdYljx9adJeIdp5NkBwTW4QtEliA0T2thaAV3jlcg4X BAi+//5L+qhmjyFQCgQo5euWDHVPAAAaKY1vFy9u8/PzGzKk5/nzW1k6dmyFv78fTeRYgVq1Qvm3 jmm2JpyztWv3Gv//xgzlec65c5tp+c03X2dv3b17ICDAn29fOg8R5sTHL82TJ1fDhmH851eU1q+f RhtctGhcxpOvZPMfTisdkvZj0DJDo/Tss+VKlSpOC0lJ39Kkq2XLRtIy0lO7dGk71TZNI2kX3347 193VRcmwo7EXO5vG+hS1stLGqXfR1uiohNtB92PJUN1PqcuZOmmfYVny9KVJe4VohwCBpxJrre2f zo+Lizt+/DgNDUlJSampqeKaAjA8r1zO9AFcsWKpbdtmf/XVR9WqVaCP6sOHl7F82UCAUr5uyVD3 BACgkdL4NmlSNM0Z2FPWeKIJA2WyZ6H16dMuKChw9ep/jRzZO1eunMI528SJ/enlli0z2Q+jVOY5 LVpEFCwYNGPGhzS+see6rVsXw96SzkN4zrVru0NCitFOt26ddfTocpZoXz/8sIS28M477TdvntGs WTgt9+/fyeUhaTwGpRkaTQuHDet1/PjK5OTvZs8eRmWo6thbPXu2plnu0KFvnTy5+sABGho/km6W J8qkdcuUCU5/8vR+t1YXJsOOxt7tbFrqU7SKysa7dm1Bb1GH2bt3wfLlk2NjP0X3Y8lQ3U+py5k6 aZ9hWfL0pUl7hWiHAIGnEmut1WNjNm7cSENDfHw8NVhKSoq4pgAMzyuXc4MGtXyc8ucPbNPmFf7Q QcqvWbOybHnZfN2Soe4JAEAjpfGtevVKTZuGizLXrJlKg9LUqR/QMs1nQkPL0suyZUts2DCdFmh+ woolJm6pXbsK5TR2fts5MrI+DVDsLTbPGTu2L3t59erOqKgGvr6+Ps5HrMXEDOT7Eq4lytm3byEb HoV27vyc3urWrUVAgD+lfv06vv76yz5PZpIqh6TxGERHztOqVVMCA/OwYyhZsmjfvh3Yn6SlRLPB Xr3a0MHQWzlyBPD/GZaeWobzL+RRsdGj+/Act1YXJsOOxt7tbFrqU7SKysZv397fsWMTPz8/ejdv 3tzjx//5+EB0vwyDdT+lLmfqpH2GZcnTlybtFaIdAgSeSqy1lgybtHz58tjYWGqw48ePJyUliWsK wPBwOWtJhronAACNsji+Xby4TZrJ37p3L06aL02pqftpBsX/6zKLKTn5O/b/tI8fH6XN0r/8LZVD ysox0C7Ont2UkLBKuC+e7t//4fTpjcKfQriVMrG6YUdjI3S2TNSnysbv3j0g6jbofobqflnscsZM 2mdYljx9adJeIdohQOCpxFpr8dCJNEBQg23cuDEuLi4xMVFcUwCGh8tZSzLUPQEAaITxzXrJsKMx OpsdkqG6nyW7nPYZliVPX5q0V4h2CBB4KhlqgADIClzOWhIueQAzwvhmvWTY0RidzQ7JUN3Pkl1O ew1b8vSlSXuFaIcAgaeSJ1oLwCtwOWtJuOQBzAjjm/WSYUdjdDY7JEN1P0t2Oe01bMnTlybtFaId AgSeSp5oLQCv0Odyvncv7sSJ1YmJWx49+utXiJ99NuSTT96XFjZgwiUPYEb6jG9GS3fvHkhIWHX+ /NbM/erb4Mmwo7E1OpvZP6w9nQzV/Uzd5ZQ6lfYaNvXpa0/aK0Q7LwQInn22XGRkfVHO++93lZbM dDp9eqO/v1/t2lWkb+mWPNFaAF6hcjlnSzp+fGWdOlXZQ4xJQIB/aGhZ9pbw7wk1bRoeEREmXd0g CZc8gBl5enzzYlK6F/r66/H8we+5c+fctWuedF1TJ8OOxmbvbNb4sPZ0MlT3U+9yDRuG+T2N/w0I IySlvyipvYY1nj4Ng1FRDZYunSgtY4qkvUK080KAoFKl0q+9VleU889/dpGWzHQaPboPG7xOnFgt fTe70qJF44YP/7s0nyVPtBaAV6hczllPR48uz5kzR1BQ4MKFY8+f30r3H//613v16lVn7wo/HkaN envIkJ7SLWhM6hds1hMueQAz8uj45t0key/06NGRkJBiNMYeOrT4yJHl773XZf/+hdJ1TZ0MOxqb urNZ5sPa08lQ3U+9y1GTlSpVnCbGPLn8SpGerePpAAFtvEyZ4AULxvTs2Zo6tp+f38mTHpw2ei5p rxDtDBogkP1TJZQpmy9ahRbKlw9h0fHBg90boTTugqW2bV997rmK0mIseaK1ALxC5XKWTWfPbqKP EGm+bIE2bV6hS3XPnvnSYhnKHw8sZeWCXbs2JiFhlXQt7QVECZc8gBm5O755K7k1rmYo3wtt3z6b cpYvnyzdgstBz2UBgyTDjsZG62xudSrLfFh7Ohmq+6l3OWqyGjUqSfNVkuzcx632lc1hmaJ8pU6l vYZdnn5Y2LNsedy4f1D3/uKLUcIC0kPi+dJMlXyXSbSidDtKR8KS9grRznABArrI27dvTB9phQsX GD/+XZaZlnaob98OlFOwYNB773Xhv3rq3btt164tZsz4sHTp4kOHvsUyafCiNv7885FUvmTJosJg 2H//e5BWKVQof9GihcaMeYe6Bf9xi/ouYmM/pcL0Lv+UHT26T758eXPmzFGtWoVu3VrwXfDkidYC 8AqVy1nc7X/fFR39f3RddOrUVPqutEBy8ne+vr70GSAtyZLw44FdjGw56xcsjRh+fn5UmG6ApPvV UkCUcMkDmJH28c1byd1xlSWle6GjR5dTPo2f0u24HPRcFjBIMuxobJzOJttnVApY6cPa08lQ3U+9 y8kGCH78cU316pX4T79p6vTyy3VGjPjzWwPS1lFvX+EETanFKS1cODYqqkGBAvmKFStMszOer2eA YPHiCTQwrl79L/ZS6bxkZ6n37/9Ap0NnSjXz/PNVduyYw3fRrt1rdB2x5ZSUPVRvPDgrrSLaDtVz hQoh/v5+ISHF5s0bqXIkwqS9QrQzXICAWouqb/36aV9+OXbDhukss1evNlQ106YNGjXqbRoF5swZ zvKp6+TJkys4+BmqWR7UpMLUfe/ePdCvX0dqbGE7de/ekiqdCnzzzSevvPICvTtoUA+XuwgKCqRW effdjh06RNIqBw8upvx//3tR7dpV6EOXjnPz5hl8Fzx5orUAvELlcuYpNXU/++Sg6/Gzz4b88cch LQXoaqJrauLE/tINsiT8eBAuZ/2Cpdtl+jyoWLEUDej9+3eimyHRrl0WECVc8gBmpGV881aSHTY1 FlC5F6pTpyrltG790uXLO4RbcznouSxgkGTY0dgInU2lz6gUsNKHtaeTobqfepejZqpcucwvv8Sy dOfOv1n+kCE9qUVWrPiYlj/4oBs1ExsrpK2j0r6iCZpSi1Pq06cdNdyaNVM7dWpK+efPb+Ub0SdA QFP3Bg1qUZ/nj2BQOi/ZWerbb7cLCPDv2bP1/PmjaYO+vr6HDv3v1GrWrPz66y+z5atXd9LZzZo1 lL2UVlHv3m2pAM1VacszZny4fftslSMRJu0Vop3hAgRUUy+99Py9e3H83StXdlKNUAdlL6muX365 Dlumys2bN/exYyt4YVqR+h81Ei1T87CKZm8lJX1L22nfvjF7+ejRERpKWIBAfRfU6lu3zqJlujxo gxMm/C9iJPs1G5480VoAXqFyOVOiu4dPPx1UpEhBGsI+/vifwovXZQH6+KFr6uuvx0s3y5LsPUc2 XrAPHx6eN29k6dLF6YOBbonoxsjdAjzhkgcwI/XxzVtJZdjUUkDlXojSrVv7mjdvSJk0rPH/MePJ 5aDnsoDXk2FHY+92NvU+o17ASh/Wnk6G6n7qXY6ayUdgyZIJLP/Bg/j69avnzx9IOdSCNBnmqwhb R719RRM0lRbn6eef11E+350OAQI6xxdeqEZnUaBAPhYQyVA9L+kslab9wtnl9et7fH19qZb4uioB AmEVsZ3yp34KM2WPRJi0V4h2hgsQfPRRP6q+kJBi06cPZt+I2717HuWUKFGE6oUSXfnly4ewwtKu Q12ZCs+dO4I6GSVaKzAwz927B+itXbv+3M5nnw3hhXPlyskCBBp3QcdDxfi3X2SHMJ480VoAXqFy Oe/ZM79s2RJ0XQwY0Pn2bZnPY/UCO3bMobfoYpeuyJLsPUe2X7B0VzRpUjQVphujVaumZKJABi55 AHNSGd+8ldSHTS0FVO6FWHr8+OjChWODggLpXpbfFguTy0HPZQEvJsOOxl7sbC77jHoBK31YezoZ qvupdzlqgmefLXfhwjaWhH/C4Ny5zTR5ppqMimogXEXYOhrbV5ojavG0tEOLF0/o169jixYRbOCS riJM2mvY5ek/80yBvn070JHXrfsc//a+ynlJZ6nsx1zTpg3im6X64fN89QCB8OzYTkV/1E/lSIRJ e4Vo54UAQa1aoS+8UE2YU7Jk0WHDevGXdEmHhT1LNdK5cxS93Lnzc7Y8b95IlniIS9p1mjR50UeC hTxZEJ13uwxBgEDjLrQPYRmeaS0Ar1C5nGk8/fLLseXKlSxQIN+4cf+QxuzVC5w5s4muqR49Wkm3 zJLsPUf2XrD37/8wY8aHNP4WLVpo6tQP6IPK3QIs4ZIHMCOV8c1bSX3Y1FJA5V5ImH76aV3OnDka S35Y7nLQc1nAu8mwo7EXO5vLPqNewEof1p5Ohup+6l0uXO4ZBCz9+ut69ojT/v07CfOFraOxfaU5 whZ/+PDwyy/XKVKk4AcfdJszZ7iPvgEC9hODmTOH0n5p8s/yVc4rQzJLZY99FT7dkCa5dB2xZe0B ArbTkSN78xyeqXQkPGmvEO28ECCgmipYMIhft7du7QsI8J89e5iwDHWdrl1b+Pv7Xb++JynpW19f 35YtG0k3Jarcixe3+fn5DRnS8/z5rSwdO7aCNkKflGybNGTwx7Gwr0uxAIHGXYiGsHbtXpMN5LDk idYC8AqVy5mlBw/iaVgPCSlGQ/y//vWe9O/oKhWga6p69Uo0AtB9qnSzGQr3HNl1wdLH0vz5o8uU CS5UKP/Eif2F/72msYAw4ZIHMCOX45u3ktKw6bKA+r2QKD37bLlSpYrzly4HPZcFjJAMOxp7vbMp 9RmXBaz0Ye3pZKjup97llAIE1A3q1n2uTp2qb7/djpqG/9g+4+nW0di+0hxhi69fP42W2R/LYD89 ED7IQJ8AwePHRxs1qp0jR8CRI8szVM+LJeEs9dy5zXTMb775OnuL+h5dJnywrVUrlP8oYNasP8MQ SgECOnfaKZUX7sjlkbCkvUK080KAgD0o8o03Xt23b2Fc3Ne0QFV55syfjx6lFurXr+PGjZ/Ry2bN wosVK8wu8p49W1MzDB361smTqw8coNP/iG1KVLmTJkXThyJ/uAVLVK2UyZ6uQe1Hu37hhWrUcuyb VPxvH2jZhWgIozGIXm7ZMpM/1UOYPNFaAF6hcjkLU1ranz9fpMu2RIkisn9DS7bA9u2zafh75pkC dNGdPbvp1Km18+aN5F8ykr3nyMiOC3bnzs8rVy4TFBQ4enSfW7f2sTLC5LKAKOGSBzAjjeObt5Ls sKleQP1eiG7Hhw3rdfz4yuTk72bPHkajIpVnZVwOei4LGCQZdjQ2SGeT9hktBSzzYe3pZKjup97l qAnKlSu5a9c8nq5d2035NEQEBub55ZfYP/44xP7owIUL29gqotbR0r7SHGGL//DDElp+5532mzfP oKmfj+A7C9KNsKS9hl2ePv8rBnSyuXPnrFatAvsPbNnzUpqltmgRUbBg0IwZHx4+vIw9Z3Hduhi2 2T592lHPXL36XyNH9s6VK6dKgIBS164tqABtYe/eBXTdxcZ+qnQkoqS9QrTzQoCAusU//9mFPqh8 nPLmzc1jRVT1VauWZ2/VrFmZVQ0l6oW9erUJCPCn/Bw5AnhgJjKyfoMGtfiWq1ev1LRpuGh3a9ZM pbWmTv0gwxnXee+9Li++WIOqe9++hbQj/n0SLbtgHXrs2L7sZWLiltq1q1BOY8nX8zI801oAXqFy OUsTXWV0u0lXk/QtpQK7d8+jT3c2IND9Bw3Q/E9wCS9A4XLWL9gRI/4+ZEjPlJQ9/DBEyWUBUcIl D2BGbo1v3krSYVOlgPq90KpVU9g3h0nJkkVpsOX/S+xy0HNZwCDJsKOxoTqbW52KJWt8WHs6Gar7 qXc5agLWmhxNZffv/3N+xL8zTzPnfPnyRkSEsZei1tHSvtIcUYt369aCtkCJpt+vv/6yz5NZtHQj LGmvYZenT+fCX3788T9p1+zvL8qel9Is9erVnVFRDeiK8HE++TUmZiDf5uHDy0JDy1J+2bIlNmyY Tgv8K/PSs7t9e3/Hjk3Y9ml2zP6MouyRiJL2CtHOCwECllJT9x85svzEidXSLzjduxcn+tM7LN2/ /8Pp0xvpX+lbmUhLl06kul658qlHmGRiFxcvbpM+CTbDM60F4BUuL+dsSfTpfujQ4uvX3fiMz8YL NusJlzyAGekzvhkq0W3u2bObEhJW0YL0XQskw47G1uhsZv+w9nQyVPfzUJcTtU4m2leUkpO/Y19J oEEpMXGL+tCkvYazePqy56U0S6WJLR15uvPJhaJE1SXNVEp37x6Qbkf2SHjSXiHaeS1A4JU0atTb nTtHzZjxYXT0/xUpUrBcuZIPHsRLi2VL8kRrAXiFMS9noyVc8gBmhPHNesmwozE6mx2SobqfJbuc 9hq25OlLk/YK0c5eAYIlSyZ06tS0Vq3Q+vWr9+3bISnpW2mZ7EqeaC0ArzDm5Wy0hEsewIwwvlkv GXY0RmezQzJU97Nkl9New5Y8fWnSXiHa2StAoGfyRGsBeAUuZy0JlzyAGWF8s14y7GiMzmaHZKju Z8kup72GLXn60qS9QrRDgMBTyROtBeAVuJy1JFzyAGaE8c16ybCjMTqbHZKhup8lu5z2Grbk6UuT 9grRDgECTyVPtBaAV+By1pJwyQOYEcY36yXDjsbobHZIhup+luxy2mvYkqcvTdorRDsECDyVPNFa AF6By1lLwiUPYEYY36yXDDsao7PZIRmq+1myy2mvYUuevjRprxDtECDwVPJEawF4BS5nLQmXPIAZ YXyzXjLsaIzOZodkqO5nyS6nvYYtefrSpL1CtPNsgOCXT6fSQdsz0blne2sBeAUuZy0JlzyAGWF8 s14y7GiMzmaHZKjuZ8kup72GLXn60qS9QrTzbIAAKXtbC8ArcDlrT7jkAcwF45tVkwFHY3Q2+ySD dD8LdzktNWzh05cmLRWinacCBA9v303ee5Sl7Z/OXz02ZsmwSYuHTqSjt1datDgbWwvAK3A5u5Fw yQOYCsY3yybjjcbobDZKxuh+Vu5yGmrYyqcvTRoqRDtPBQiE4uLiNm7cuHz58q/sis6daoDqITEx UVw7AKZCgw4NPTQAUcdeBXK+yr4BGgD0hPHNYow8GqOzWZ7Rup8lp2PaZ1iWPH0p7RWiTo8AwfHj x+naiI2NpYP+2n7orOncqQaoHpKSksS1A2AqNhlhsyi7BmgA0BPGN+sx7GiMzmYHhup+1puOuTXD st7pS7lVIer0CBD89ttv8fHxdLh0kay2HzprOneqAaqHlJQUce0AmIodRtgsysYBGgD0hPHNYow8 GqOzWZ7Rup/1pmNuzbCsd/pSblWIOj0CBHRV0IHS5REXF7dbd1/1HS7O0hedNZ071QDVQ2pqqrh2 AEzFaCPsrH5DxVnelo0DNADoyWjjm4cYcNj0ECOPxjbpbJx9eh1ntO6nz3RMz2mXWzMsfU6f07Me OLcqRJ0eAQI6RLow6FgTExN/091nOZ4XZ+mLzprOnWqA6uH+/fvi2gEwFZ1HWJfGF64nzvK2bByg AUBPRhvfPMSAw6aHGHk0tkln4+zT6zijdT99pmN6TrvcmmHpc/qcnvXAuVUh6vQIEHjXSp964iwA yCydR1iXvDIEq8vGARoA9GS08c1DDDhseoiRR2ObdDbOPr2OM3L38xxMuxiz1wMCBABgYrjAAQDc gmET9IdeZxNoaMbs9YAAAQCYGC5wAAC3YNgE/aHX2QQamjF7PVg/QPDj2PniLACwClzgAABuwbAJ +kOvswk0NGP2erB+gAAAAAAAAAAAXEKAAAAAAAAAAAAQIAAAAAAAAAAABAgAAAAAAAAAwGGHAIHZ nxIBACpwgQMAuAXDJugPvc4m0NCM2evB+gECs/+dCQBQgQscAMAtGDZBf+h1NoGGZsxeDwgQAICJ 4QIHAHALhk3QH3qdTaChGbPXAwIEAGBiuMABANyCYRP0h15nE2hoxuz1gAABAJgYLnAAALdg2AT9 odfZBBqaMXs9WD9AYPanRACAClzgAABuwbAJ+kOvswk0NGP2esh8gGDatGkvAwAAAACY1meffSa+ xwUAsLHMBwhoSPUBAAAAADCtV155RXyPCwBgY1kNEERERHwImcI+kwAAAABAfwULFkSAAABAJKsB Apro3oRModoT1ykAAAAA6ILdyiJAAAAglPk5KgIEWYQAAUDWmf0xMAAAOsOwybFb2bCwsLi4uOPH j//2229JSUmpqanicpBl6HU2gYZmzF4PmZ+jIkCQRQgQAGSd2f+QDACAzjBscuxW9rnnntu4cePu 3bvj4+N/++23lJQUcTnIMvQ6m0BDM2avh8zPUTMRILjhJM71vCVLlnzxxRdJSUniN7wKAQKArDP7 EAwAoDMMmxy7la1atery5ctjY2N37959/Phxul0Ul4MsQ6+zCTQ0Y/Z6yPwcNRMBguLFi9Mq3333 nfgND2P7TUhIEL/hVQgQAGSd2YdgAACdYdjk2K1slSpVvvrqq+XLl2/cuDEuLi4xMVFcDrIMvc4m 0NCM2esh83PUTAcIdu/eLX7jaVFRUUFBQbt27RK/oZloC+vWraNx/8qVK0+X8qZNmzYFBgaK6xQA 3GT2IRgAQGcYNjn+E4Ovvvrq66+/Xr16Nd2j/vbbb+JykGXodTaBhmbMXg9eCxCEh4dXqlRp1apV L774YuHChbt163bt2jXKpw3mzJmTipUqVerNN9+knPj4+CZNmhQqVIhW79WrF5/na98CK3nq1Cla Pn78+Ouvv06byp8/f7169dasWaO+NU/YtGlT0aJF9+7dK65TAHCT2R8DAwCgMwybHAIEukGvswk0 NGP2evBagIAt58qVKzIykv0d2uXLl990Tp5LlChBL/v167dixYoLFy4EBwf7+/uPGDEiKiqK8keN GiXcmsst8JIJCQkXL14sVaoULb/xxhsDBw7MkyePr6/v1q1bVbaW7RAdAAAAAPA6BAgAAKS8HCD4 9NNPablPnz60PGjQIFasRo0a9HLnzp20PHv2bFquXr36wYMHv/zyS1quU6eOcGsut8BLJiQkzJ07 lxboJcvv0aMHCxaoby0bIToAAAAAYAQIEAAASHk5QMAeHEhTcaXpPW3fx8n3idKlSwu35nILwpJs a02bNmX5n376Kb2sXbu2+tayC6IDAAAAAAaBAAEAgJRxAwQ0nb755BsEpUuXTk5OFmzpTxq3ICw5 c+ZMWihbtizL/8c//kEvW7Vqpb61bIHoAAAAAIBxIEAAACBlxABBly5d6OXrr7++devWs2fPFitW jF62bNnyiy++mDp16rvvvivcmsstCEvSoF+4cGFaHjBgwMyZM9mWly5dqr61rEN0AMBDzP4YGAAA nWHY5BAg0A16nU2goRmz14OuAYLg4GBa5bvvvuPLshNyGp2rVatGOaGhofRy3759L7zwgq+vL+Xk zJmzbt26wq1p2YKw5M6dO6tWrerjVLhwYfbQAfWtZRGiAwCeY/Y/JAMAoDMMmxwCBLpBr7MJNDRj 9nrQNUDglhMnTvC/aEguXbp08uTJlJQUQREXRFsQOnv27M8//yzO9QBEBwA8yuxDMACAzjBscggQ 6Aa9zibQ0IzZ68G4AQILQHQAwNPMPgQDAOgMwyaHAIFu0OtsAg3NmL0eshogABWBgYGIDgB4lNmH YAAAnWHY5BAg0A16nU2goRmz10NWAwSvvPKK+A2DMftTIgBABS5wAAC3YNjkECDQDXqdTaChGbPX g/UDBAAAAAAAIggQAABIIUAAAAAAALaDAAEAgBQCBAAAAABgOwgQAABIIUAAAAAAALaDAAEAgJT1 AwRmf0oEAKjABQ4A4BYMmxwCBLpBr7MJNDRj9nqwfoDA7H9nAgBU4AIHAHALhk0OAQLdoNfZBBqa MXs92DdAMHnyZPokEOd6TExMzPr168W5AJA1Shc4AADIwrDJIUCgG/Q6m0BDM2avB/sGCMqXL9+r Vy9x7tN+cBLnaiNat2HDhkOGDBG8DwDZQOkCBwAAWRg2OQQIdINeZxNoaMbs9YAAgZrw8PCePXuK MjMyMkQ5smTXBYDspXSBAwCALAybHAIEukGvswk0NGP2erB+gEDpKRHCAEHr1q3Hjh07cODA4sWL 16pVa9euXZQ5ePDgXLlyBQUFhYaGLlmyhHLOnz/ftGnT3LlzlytXLjY21q11qdj48ePZKpcuXWrb tm0hp/bt2yclJalsCgBUKF3gAAAgC8MmhwCBbtDrbAINzZi9HqwfIFAiDBBUr149ICCgWbNma9eu rVevXoMGDSjz3LlzNWrUaNGiRXx8/LVr1x4/fkyT9sjIyCNHjkRHRwcHB2tflxXr378/LaSnp9eu Xbtq1arr16+PjY2lhTp16tDGlTYFAAAAANkOAQIAACkECP5EM/NGjRo9fPiQlidNmpQnTx6WL/yZ wMGDB+l8J0+efODAAfoIoeWEhASN67JiLEBw6NAhWnfevHksf+7cufTy8OHDrIzspgAAAAAgeyFA AAAghQDBn/jsnUybNk12kr9y5Uo63woVKjz3xJo1azSuKyzGtnP06FGWf/jwYXr5zTffCMs4nt4U AAAAAGQvBAgAAKQQIPiT0sycJvndu3dny+wbBPPni39SomVdYbF9+/bRdhYvXszyFy5cSC/j4uKE ZRwIEAAAAAB4EgIEAABS1g8QKD0lQkuAoFu3bpUrV7516xYtP3r0KCwsLDQ0dMeOHffv309ISLhw 4YLGdYXFaN0KFSpEREScOnWKNvLiiy9WqlSJMlU2BQBKlC5wAACQhWGTQ4BAN+h1NoGGZsxeD9YP ECj9nQmapf/9739nyzVq1IiOjmbL06dPz5s3L1uOi4srW7ZsQEDAggUL6GViYiI7a19f30KFCm3Y sEH7usJiCQkJ9Gnk41SrVq0TJ06wfKVNAdhN2pWUs1/EPriRKn5DQukCBwAAWRg2OQQIdINeZxNo aMbs9WDfAIFGGRkZFy9eTE9P5zmpqalXrlwRFFEkXVcoOTn5+vXr4lwAcEree3RtocYHu41J2f/n 00CVZPECBwCwGwybHAIEukGvswk0NGP2ekCAAAAMKnHhplX+4av86m+p0vHXaStkv1CACxwAwC0Y NjkECHSDXmcTaGjG7PWAAAEAGNefMQK/+qtzNthcuf2aoFekXyjABQ4A4BYMmxwCBLpBr7MJNDRj 9nqwfoDA7E+JALA5FiOgoZbSxtKt15doIfxCAS5wAAC3YNjkECDQDXqdTaChGbPXg/UDBGxegYSE ZJm0OmcD+ndtwcZXtv3590EBAAAyAQECAAAp6wcIAMDUkjZ8vzog/H+hgVwRaws13lShrdIjCQAA ADRCgAAAQAoBAgAwLh4dWPdMk2/yvhT3fyPV/6gBAACARggQAABIIUAAAAaVtOH7Vf4vrvStj68M AABAtkOAAABAyvoBArM/JQLAnpL3Hl1b4DWXXxnABQ4A4BYMmxwCBLpBr7MJNDRj9nqwfoBgpcn/ zgSADaVdSTn7RayWrwzgAgcAcAuGTQ4BAt2g19kEGpoxez0gQAAAJoYLHADALRg2OQQIdINeZxNo aMbs9YAAAQCYGC5wAAC3YNjkECDQDXqdTaChGbPXAwIEAGBiuMABANyCYZNDgEA36HU2gYZmzF4P 1g8QmP0pEQCgAhc4AIBbMGxyCBDoBr3OJtDQjNnrwfoBAgAAAAAAEQQIAACkECAAAAAAANtBgAAA QAoBAgAAAACwHQQIAACkECAAAAAAANtBgAAAQMr6AQKzPyUCAFRk+wV++vTpK1euiHMdjps3b/74 44/iXN2lpaWJs8DS0OKQ7bJ92DQvBAh0g15nE2hoxuz1YP0Agdn/zgQAqFC6wD/++ONBTtOnTz97 9qz47afFxMSsX7+eLVevXr1///5Pv/+nefPm0YiXkZEhfkNHp06dioqKEudmk1GjRm3evJm/PHr0 6IgRI9gyr8wpU6bQMfAylL9q1Sr+Up2wkrOOH9K4ceO2b9/++PFjlrllyxZWgObVw4cP37hxI3t5 586dSZMmderUiT6z3nzzzfHjx587d064HYavLosKz5o1S5hDJ7Vnzx5hTrYbMGBAbGysOPdpmzZt oomNONfh2Lp1KzVienr64MGD9+3bxzKTk5PpTOPi4tjLGzdu0MubN2+6VRVgakrDpg0hQKAb9Dqb QEMzZq8HBAgAwMSULvCKFSuWL18+PDw8R44c/v7+iYmJ4hICDRs2HDJkCFvOlgDBD07i3KdpKSN0 //79ypUr0xRd/EZmiQ6gQIECNC3kLxcvXpwvXz62TJVZoUKFqKio/PnzUyXQbTTPf+utt/gq6oSV nHXskJo3b16wYEE6pD59+rBMvosuXbqUKVOGJsO0/PPPP5crV45OMDo6eurUqW+//XaJEiXYjJpW obc6P7FixQrBTsSoMO1rx44dPId6C82rBUWyH03sc+fOffr0afEbAvXr16f+Kc51OD788EPWiNWq VevWrRvLpBOns+jXrx97uWzZsiJFijx+/NitqgBTUxo2bQgBAt2g19kEGpoxez0gQAAAJqZ0gdNs p3fv3rRw5MgRGqlopiQuoSBbAgTh4eE9e/YU5z5NtozK9qdMmULzt/v374vfkFDZiJDoANQDBKwy ae/BwcF82HcrQJC9+CHRzLZy5cp08CyTBQhiYmJoUk1Nzwo3a9Ysf/78wu8+0Fp//PEHW0X7KbAA AbXCvXv3WI6HAgSiFmzXrl2bNm2EOULXrl3z9/dPSkoSvyEIEFCXLlmyJMuMjo6mswgLC2Mvu3fv 3qVLF4ebVQGmpjRs2hACBLpBr7MJNDRj9npAgAAATEzpAucTyAsXLvj5+S1btoyWIyIiZs6cyQpM nz6dBjG23Lp16/Hjx7NlYYCA1o2MjMyTJ0/VqlU7dOggGyDYvHlzo0aNcubMGRIS8uuvv1LO4MGD c+XKFRQUFBoaumTJEsqhjdevX58ya9asuXPnTtky58+fb9q0KU1raf4p+5VyKjlp0iS2TAc8duzY gQMHFi9evFatWrt27WL50o2cOHGiSpUqNGFmBZYuXVq7du3r169LD0BLgIDUc+L52qeUwkqWVppS phLhIbVt2zZHjhyPHj1iAQKqDZow86850L0+Ndzw4cP/WlnArVOgwg0bNqStDRgwgOUIAwSXLl2i Iynk1L59ez5jV2qsy5cvd+zYsWjRotQQ1Aos9CNtQbJ37146o6tXr7KXIgsXLqxTp44414kHCNat W0eH/csvv9ByWFhYmTJlaIN37tyh/kxHRW3tcLMqwNSUhk0bQoBAN+h1NoGGZsxeD9YPEJj9KREA oELpAqfZTrNmzaZNm1a3bt3w8PCHDx9SZokSJcaMGcMKjBw5snTp0mxZGBTgyzR3ork0vfz222/p lpHm9tIAQXp6Ok3w3nnnncTERJr43b59mzLPnTtXo0aNFi1axMfHX7t2jXImT568Zs2aU6dORURE vPrqq9Iyjx8/pqljZGTkkSNHoqOjg4ODhXth5Wnva9euZS/pqAICAugEKYem6w0aNHA4/1dcdiPj xo2j2SAdHm0kKCiIfRddepAuAwRnzpyJiYmhw5g9ezbP1z6l5BUrW2mymSrYIVFzxMXF5ciR4913 32WZNOV+5pln6PR5yU2bNtExUyP+tbIArUK196WTyy/VU+HPPvvsb3/7m5+fH/sNPw8Q0PFTb6la ter69etpYk8LNGlnT0aQbaxHjx7RRL1w4cJUpT/99NOGDRtoC0otePXqVTqFpUuX/nUoAm3bth07 dqw414kHCG7evEnHPGfOnNTUVFpgX4fZuXPnsWPHfH19f//9d4ebVQGmpjRs2hACBLpBr7MJNDRj 9nqwfoAAAGyIZjs0/y9Tpgz7/17237NuBQjYbxMWLFjA8mV/YkAvS5YsSVNBmmYL82V/PnDv3r1h w4bRFJ29FJY5ePAgbXzy5MkHDhxgPxFPSEjgKzqc/4dMmSdOnGAv6SAbNWrEoh6TJk3KkyePykbo IFu1alWkSJHnn3++devWfJtu/cTA54kJEybwSshcgEC20mQzVdCuixcvTlNoOiRai8U4KJM9JWHu 3Lm8JE13KYf/3ECEVqH9Rjl17dpV/PbTWIAgOTm5aNGi1apVe/DgAQ8QHDp0iPbCHwRAB0AvDx8+ 7FBtLGGF80xpC5LAwMCJEycKCzPUsamZjh49Kn7DiQcICLV+hw4dtm3b9swzz9BauXPnHjduHB1P 7dq1WQG3qgLAGhAgAACQQoAAACyI/Q8zLezfv9/f379Tp04ONwMEbIZ27Ngxli8bIHA4J3WhoaH0 Fk3C2SPxHJK595w5c2hfNKGtUKGCbIBg5cqVtAV697kn1qxZw1d3OJ9UJzwY4QFPmzaNzTlVNvLr r7/SW76+vhcvXmQ5DslBFi5cmP0/PLNo0SKabLNl9j/ztPdChQq1bNmSl8lcgMChUGmymUpo1/QZ tHbt2uPHjwszBw8eTO1OLc7/YgLd7tM2RfXJuXUKLEBAC9988w1tc/To0TxAwCqfT9QPHz5ML6mY Q7WxhH82gmdKW5B6Ha0l+7ADmvCHhIRIuyUjDBAMGjSoSJEiw4YNe+ONN+jlSy+91KxZM/qXclgB t6oCwBoQIAAAkEKAAAAsiAcICM2I2KysRIkS/LfoXbt2VQ8QnDx50kfwrf5Zs2b5yAUIHM75G91W BgYGDh06lOXQ3Lt79+5smf3nP/smwieffCIMEPAy7L+O589X/EIaTeypAP9TdrJzTqWNPH78ODIy snbt2nSEvXr14vnCAyA1atSoVasWfzlp0iSarrNlXpnLli2jXdAeeb72KaXwmB1ylaaUKUvYvsLM IUOGpKent2zZMnfu3Pv376fMlJQUqp/GjRuLCjNunQIPEJBOnTrlyJGDDpXN21kEh/2Y3+F8LgC9 5D9DkDYWvUUF+B+SZJRa8PLly5S/cuVKUT5599132V9wkCUMEGzdupU2UrhwYdZ8dCHkypUrICDg +++/ZwXcqgoAa0CAAABACgECALAg9p/eP//885o1a4oUKdKwYUOH839NGzRokJCQ8MEHH9DwpR4g IGXKlImIiDhw4ADdO9JUUBogSEtLo+kczd5pFhoSEtK3b1+W361bt8qVK9+6dYuWY2NjacX169fT HJK2xh4OJyrDfpFOE/IdO3bcv3+fjvDChQuC/fyJCowbN44ty845lTYyduzYokWLJiUlLV++3Efw NXjhAZD333/f19eXzvTevXs0aaS3/v73v7O3hLNxqtWcOXOy/yqn/Pbt2597guaxlDlw4MA333yT FRbixyxbabKZDuWtqQQIHM5fc9StW7dgwYL/+c9/HM4aoBPv0aNHYmLiH3/8sXPnzkGDBrGJsegU 2JMFVXbKAwR0nMWKFaPNsgABVXiFChWofU+dOkU1/+KLL1aqVIn9sEWpsWrWrBkcHLx48eLff/99 48aN//3vf5VakA6YJvM3b95kGxGiLrpp0yZx7hODBw/mAam7d+8GBAT4PPmaA4sX5M+fn3bKCshW BYC1IUAAACBl/QCB2Z8SAQAqlC7wik9+Nl+2bNm3336bPb99w4YNNKmjaXBkZGR0dDQPENSoUYM/ 1k64TDNqms7RRio6v7suDRDcvn27fPnytEGavzVp0oQ/Zz4uLo72S/OxBQsW0ASscePGbDI2ceLE vHnzVqlSRVSGXtLclQ2qtLVChQrRoQp35HD+5IHm+Tdu3HA8fZDTp0+nbbJl6Ub27t1Lu6AJJysw YMAAOlQ2RRQdAM0/mzdvTuv6+fnRv+Hh4XyKKJyN0wGUKFGCZr80peeVzDz77LNUoHbt2sWLF2eF hfgxy1aabKZDeWvqAQKH84//VXT+qP7y5cuPHz+mmTl7PIGPsyGioqLY7zVEp8B+kK+y0xkzZvCX a9eupVWmTJnCXtJ8nqYZbDu1atXiD4xQaqzTp0/XrVuXlafjZE8KlLYgdblGjRq9//77bC0h2gX1 T2oI8RtPtGnT5rXXXuMvqU0LFCjAHp1IFU4NzX5uwMhWBViS0rBpQwgQ6Aa9zibQ0IzZ68H6AQKz /50JAFDh7gX+8OFDNsfW6MGDBy7/K/XWrVupqamiTJrXXbx4MT09nb2k+Sr7r9o7d+7wwqIyhN66 cuUKfykyZswYle+Tc+obEZIeAB1nfHz8pUuXZH9MocX27dsjIiLEuRKylSbN1Lg1LeiMaPr9448/ shmyiqzsNDk5+fr16+JcZSkpKdIOKWxBmrc0b95c2EbchAkThE+d5M6ePTtx4sRRo0bly5dv1qxZ 4rfB9twdNi0MAQLdoNfZBBqaMXs9IEAAACZmtwv8k08+EWcZTMeOHaVff8i07N2aRl7ZqZK5c+ey 36RI0XHypx4InThxgiY8zZo1owmPyvcLwLbsNmyqQIBAN+h1NoGGZsxeDwgQAICJ4QI3mkx/9UBW 9m5NI6/sFEA3GDY5BAh0g15nE2hoxuz1gAABAJgYLnAAALdg2OQQINANep1NoKEZs9eD9QMEZn9K BACooCHYu0l8QAAAxob7Ig4BAt2g19kEGpoxez1YP0AAAOAhCBAAAJgXAgQAAFIIEAAAZBICBAAA 5oUAAQCAFAIEAACZhAABAIB5IUAAACCFAAEAQCYhQAAAYF4IEAAASFk/QGD2p0QAgArvXuAIEACA 6Xh32DQUBAh0g15nE2hoxuz1YP0AAe7gASzMuxe4d/cOAJAJGLg4BAh0g15nE2hoxuz1gAABAJiY dy9w7+4dACATMHBxCBDoBr3OJtDQjNnrAQECADAxlxf4gxupZ7+ITbuSIn4jO7jcOwCA0WDg4hAg 0A16nU2goRmz1wMCBABgYioXeMr+hIPdxqx7pkny3qPi97KJyt4BAIwJAxeHAIFu0OtsAg3NmL0e rB8gMPtTIgBAhfQCf3Aj9ddpK7aEdljlV/+b3BGeiw44zP8BAAA2JB02bQsBAt2g19kEGpoxez1Y P0AAADbx51cGuo7+JvDlDaVbr/J/cW3QKx6NDjgQIAAAMDMECAAApBAgAABz418ZiC3abF3BxjRp X+lbT4fogAMBAgAAM0OAAABACgECADCxK9vi/owIeC+JDwgAAEwCAQIAACkECADA3G6fPLO36YBV AeF80v7vNwavL9ZMh28QAACAeSFAAAAgZf0AgdmfEgEAKvgFnpH++KfJX28IabXSp/5Kn3o7672F GAEAgBTuizgECHSDXmcTaGjG7PVg/QABvgMMYGHSC/yvLxT41l8T+DJiBAAAQtJh07YQINANep1N oKEZs9cDAgQAYGJKFzj7QsF3r/Zb90wTxAgAADilYdOGECDQDXqdTaChGbPXAwIEAGBiLi/wBzdS z34Rm3YlRfwGAIAtuRw27QMBAt2g19kEGpoxez0gQAAAJoYLHADALRg2OQQIdINeZxNoaMbs9WD9 AIHZnxIBACpwgQMAuAXDJocAgW7Q62wCDc2YvR6sHyAAAAAAABBBgAAAQAoBAgAAAACwHQQIAACk ECAAAAAAANtBgAAAQAoBAgAAAACwHQQIAACkrB8gMPtTIgBABS5wAAC3YNjkECDQDXqdTaChGbPX g/UDBGb/OxMAoAIXOACAWzBscggQ6Aa9zibQ0IzZ6wEBAgAwMRNd4GlpaeIsN50+ffrKlSviXLu6 efPmjz/+KM71AN12BGaU9etafyYaNj0NAQLdoNfZBBqaMXs9IEAAACamdIFv3bp1xIgR6enpgwcP 3rdvH8tMTk4eNGhQXFwce3njxg16SdO/S5cuTZkypXHjxj169JgzZw579+OPPx7kRG+dOnWKZQrz mS1btrD8W7duffTRR23atGnRogXtWjSTpy1ERUUJczKhevXq/fv3F+dqFhMTs379enGum7JlI9li 3rx59BmUkZEhfiO7CXdknNNntBwP77Hjxo3bvn3748ePWSbvujTFHT58+MaNG9nLO3fuTJo0qVOn TvT5/uabb44fP/7cuXPC7Yh6viwqPGvWLGEOHeqePXuEOdYwYMCA2NhYce7TNm3aRDNPca5C0zDH jx+n/ISEBEFxxUHJXUrDpg0hQKAb9DqbQEMzZq8HBAgAwMSULvAPP/wwX758tFCtWrVu3bqxTLr5 o1GrX79+7OWyZcuKFCny6NGjSpUqValSZcyYMTS9r1OnDnu3YsWKFSpUoFl9/vz5aS26d+T55cqV 6/zEihUrKJNuKMuXLx8cHDxkyJCRI0fSisWKFYuPj2er3L9/v3LlynRPz15q94MTf5nFAEHDhg3p 8MS5roiOIXMb8QSvBAiy5fRFVZoVWo6H9eTmzZsXLFiQTqRPnz4sk6/YpUuXMmXKJCcn0/LPP/9M 3btAgQLR0dFTp059++23S5QowSa3sj1fCRWmfe3YsYPnUO+l+a2giPdpaQiXZfbt25c7d+7Tp0+L 3xCoX78+9SJxrkLTMJ06daIcPnYxSoOSu5SGTRtCgEA36HU2gYZmzF4P1g8QmP0pEQCgQukC5wEC mlGXLFmSZdKch0atsLAw9rJ79+40Ndq8eTNl8sk8n3DSvXjv3r0dzuk9zfz5WEf5b731FlvmWrVq Rbfs7D9aHc6vKpQuXbpOnTpsa1OmTKGZFW3nqXU0CA8P79mzJ3+ZxQBB5oiOwTikAYKsBAtU1pXu SIWWYjpXKe/Jjx8/rly5Mk3+WSYLEMTExND89siRI6xws2bNqCcL/3ea1vrjjz/YKtKer4QFCKjb 37t3j+V4KECgpcKVaGkI2TKinbZr165NmzbCHKFr1675+/snJSWJ31BoGpKSkpLTKU+ePLdu3ZKW Fw1K7lIaNm0IAQLdoNfZBBqaMXs9WD9AAAA2xAME69ato5Hql19+oeWwsLAyZcrQzfqdO3foFr94 8eKLFy8+cOAAFZg0aZJoC/xenNRz4vmiadKZM2doCzRJEGYOGDCAMtmvG0JDQ/n2x48fX79+/Vy5 ctWsWXPnzp0sMyIiYubMmWx5+vTpNLrSwuDBg6lYUFAQrb5kyRKHc4r1j3/8Y+DAgXTktWrV2rVr F1vl0qVLbdu2LeTUvn17PhVp3br1iBEjOnfuHBgYeO7cOXpJe3c4px+hT3vvvfcccscmPQa+EfX9 jh07Vnqcsi5fvtyxY8eiRYvSjmgvLIyitOULFy5ERkbSrKlq1aodOnTg8/bz5883bdqUJro0I3X5 fW9Rtciuq7Qj4elr2Y707KRVKku2SzgkOxUejxJhT6ZazZEjx6NHj1iAgJqGLgf+H9E0L6IzHT58 +F8rC0h7vgoq3LBhQ9oaXQgsRxggUGpfpZ4jrUaHm42+efPmRo0a0ZQ7JCTk119/dcj1bS39X3an e/fupWq8evXqX/sTWLhwIf9ekohs09Dy1KlTab+LFi2iChT+UkNpUIJMQ4AAAEAKAQIAsCAeILh5 86afn9+cOXNSU1Npgf1vMN39Hzt2zNfX9/fff6cyUVFRlNmqVSvh94TZvThN/mNiYujd2bNn8/wG DRp86cS+Zb1p0yYqIPoKMftiwueff06zOFpYu3Yty588efKaNWtOnTpFM8BXX32VZZYoUWLMmDFs eeTIkaVLl6YFWrFGjRotWrSIj4+/du2awznFCggIaNasGW2N5gZ0GJSZnp5eu3ZtmseuX7+eZiy0 QLMR9mNmKk/n2KNHDzqYtLQ0/gUEmoTEP0FTPjq8BQsWyB6b7DGwjajvV3qcsuhIwsLCChcuTJX8 008/bdiwId1Jdss0Rad82vi3335LN/E0i2PzdnqLJpM0nz9y5Eh0dHRwcLB4N08TVsu9e/ek6yrt iK3Lv8ThcjuyZyetUlmyXcKh3KYqWE+m44+Li6Mp6Lvvvssyacr9zDPP0NHykqwn01n/tbKAtOer oMKfffbZ3/72N7ro2FM/eIBAqX1ZGWnPka1GtxqdyhctWvSdd95JTEzctWvX7du3HXJ922X/V9rp 1atXqd6WLl0q2OdfaOY/duxYca6TbNOQKlWqdO3alQ67VKlS/BtPvLx0UIJMQ4AAAEAKAQIAsCAe ICDPP/98hw4dtm3bRtOh+/fv586de9y4cZMmTaJZCitA9/3jx4/P48Tv8is6vyPNTJgwgX+pmPJL liwZ5UQ38ZRD8yUqs3fvXlaASUpKYitSPi2cOHFC+C7NJ4cNGxYUFMReKs0GpT8xaNSo0cOHD2mZ jp+OlhYOHTrkIwhPzJ07l14ePnyYlRc+GVE6mdy4caO/v//QoUOFmaJjkx4D24j6fqXHKevgwYO0 1qBBg4SZSlumWZnPk1iGQ/DNf7YRmt0dOHCAPWZC9Gg3EWG1yK6rtCO2rjBAoL4d2bNzSKpUllKX cNmmUtRjixcvTrNZOhiairPJMGWy37FT9fKSrCfznxuISHu+ChYgSE5Oppl5tWrVHjx4wAMESu3r UOg5stUoW+HCAkLUdnTkdO7xT35JxMg2hEr/V9lpYGDgxIkT2bIQDTg0EB09elT8hpNs03z//ff0 kv6lZeoDwhZRGpQg0xAgAACQQoAAACxIGCCgqUWRIkXopv+NN96gly+99FKzZs3oX8oRrnLmzJkX XnjB19f3woULjif/xXrs2LFChQq1bNmSF6so+aL1nj17aDAcN26cMJOmBJS5ZcuWffv20QJth+XP mTOHJns0K6hQoUImAgR8Njht2jQ2fVq5ciVtn89AaKJFL7/55htReelLmizlzZu3c+fOfJohe2xK x6Bxv/w4ZbGNbN68WZop3TKbkvGa5PN2Vp6O+bkn1qxZ89fmJISHJ7uu0o5E67rcjuzZOSRVKkup S6i3qSzqsfR5vXbt2uPHjwszBw8e3Lt3b39/f/53EGhqRAesVHvSnq+CBQhogRqOtjl69GgeIFBq X4dCz5GtRtkKFxYQobl9aGioj/OLQuxxjA5JQ7js/0o7pb5Bhyr7hIVt27aFhIQozeRlm6Zbt260 F7owu3Tp8tprr9Fy3759eXnZQQkyDQECAAAp6wcIzP6UCABQoXSBCwMEW7dupcGqcOHCNOWgl8OH D8+VK1dAQAD7PzqhuLg4Kjl//p/brPjk577Lli2jTLYuyxdNk27dupU/f37RF+kHDRpEa12/fv3i xYu0wJ4Dz75NwP5r+pNPPhEGCPgPv7t27SoMEHTv3p0tOxSmTywAsXjxYpa/cOFCesm/1K00mTx7 9myxYsVoGH/w4AHLUTo2pWPQuF/1AAGr8BEjRggzlbZ88uRJH8GPNWbNmuUj+AYBazUthIcnu67S jhzKAQLZ7cienUNSpbKUuoRKmyrhPVmUOWTIkPT0dJpn5s6de//+/Q7nwymosRo3biwqzEh7vgoe IHA4H8ifI0eOwMBANoVWal+HQs+RrUbZCldHLUiXIR0G/8qMsCG09H+lnV6+fJnyV65cKcon7777 rvBvE4hIm+bmzZvUHF26dPnXE/Xq1StQoMB///tfYXnRoOQupWHThhAg0A16nU2goRmz14P1AwRm /zsTAKBC6QIfPHgwv8W/e/duQECAz5P/tGTxAprSs+eBfffdd/PmzUtMTLx3797777+fK1cumjw7 nr5379ixY86cOdnqlN++fftzT7Dnq8XExPj6+k6ZMoXu4//44w+aQtB2Jk+ezFYPCwtj3y+IjY2l Xa9fv57mSBEREexxiQ7nlxoaNGiQkJDwwQcfUAE+G+zWrVvlypX5Y8xlp0/379+vUKECbe3UqVO0 hRdffLFSpUrsKW5Kk8kbN248++yztJczZ85cd6LDUDo2pWPQuF/1AAE1Qc2aNYODg2m6+Pvvv2/c uJEqUGXLZcqUofwDBw7Q3TzN9Hyc83b2G/XQ0NAdO3ZQMVqFfQdk4MCBb775pniXTx+e0rqyOxKt 63I7smfnkFSpLKUuodSmDuXzlc5CWSb7KwbU7evWrVuwYMH//Oc/9HLs2LG0ux49etAVQT15586d gwYNYqE02Z6vslMeIEhJSSlWrBhtlgUIVNpXtufIVqNshTsUjictLY0uyYsXL9KRhISE8P+QFzaE lv6vtFOqJbreaW7/1y6foI60adMmce4T0qahSqOzFm6KPc2E+qFDeVByl9KwaUMIEOgGvc4m0NCM 2esBAQIAMDGlC7xNmzavvfYafxkeHl6gQAH2ILTbt2/7+fmxnxs4nP+BSTf3NJrlyJGD7v7Zjbjj 6XtxmlGXKFGCpjE006go+Bkw4Q8ymDFjRr58+fydfJx/wJztjtBNZ9GiRWkjNMFo3LixjzM8MXHi xLx581apUoUKbNiwgWZQvr6+kZGR0dHRfDYYFxdXtmzZgIAA9h+bNWrU4I+Umz59Oq3OlmmiQje4 7Hhq1arFn3cgLC98uWXLFuEpkFdffVXp2FSOQct+hccp6/Tp0zRBZRspWbIke2yk0paXL19O0yfK rOj8hrzPk3k7zWbZRxLVYaFChag+KZOapnjx4oJd/Y+oWmTXVdqRcF0t25E9O1GVylLqEkpt6lA+ X+kslGWyAIHD+Xf4KjqfL3D58mXqtDQzZ48n8HF2hqioKPZrC9mer7JTuiL4y7Vr19IqU6ZMYS+V 2lep58hWo2yFyx4PXfLly5enYnSlN2nShP+5AWFDaOz/0p1Sx2jUqNH7778v3CND50W9iAYN8RtP SJumZs2aogAHtQi1/svOP2OhNCgJy2uhNGzaEAIEukGvswk0NGP2ekCAAABMTHSBnz17lm7uR40a RXN14Z8HU5eenv7LL79cvHhR/Iab6Fb+p59++uGHH+gAChcuXKRIkZ49e548edLhfNgY/6YxzcfY lxfu3LmTmprKMh8+fEh3/E+29BeaftCB0RGK35BITk6+fv26ONdNssemfgzZst+UlBTp6ctu+cGD B7J/Up7QAV+5coW/3L59e0REhOB9NaJ1Hao7UiHdjkPu7NSrlFHqEkrcOl91dHg0E/7xxx95kEtJ VnYq274qpNXokFS4yvHcunWLd2lO1BAa+79wpzSxbN68uWxTTpgwoXXr1uJcj0m7knL2i9gHN8Tn KIX7Ig4BAt2g19kEGpoxez0gQAAAJia6wE+cOEG3es2aNaNbvUz8x1o2unfv3owZM1577TX+beFP Pvnk6SI2QnOzEhLSH+dnr44dO7L/VTas7K0Wr5yvV3aqQv/jmTt3LvsxghQdDH/Ugj6S9x5dk//V 71t+kLJf8W86OCTDpp0hQKAb9DqbQEMzZq8H6wcIzP6UCABQgQvcFNLT049LXL58WVwuWyk9Ot44 srdavHK+XtmpCqMdj/5+3/nDKv/wlb71NpRs8fO/lsh+oQDDJocAgW7Q62wCDc2YvR6sHyAAAAAA sInfd/7wTa6GK33qrcrRcHWuCJdfKLAzBAgAAKQQIAAAAACwDh4jYOmbPI1UvlBgZwgQAABIIUAA ACbG74CRkJCQkJTS+hLN6d+1BRtf2RYnHkZtDAECAAApBAgAAAAArOOnSYtW+f4ZF/gmz0s767+1 qfwbW6t1+nXaCnyDQAQBAgAAKesHCMz+lAgAUIELHABAiEUHNgQ3/7buW2sLvHaw2xjRMwgwbHII EOgGvc4m0NCM2evB+gGClSb/OxMAoAIXOAAA92vM0tUBDVb51Vf5ygCGTQ4BAt2g19kEGpoxez0g QAAAJoYLHACASd57dF3hSOlXBkQwbHIIEOgGvc4m0NCM2esBAQIAMDFc4AAAJO1KytkvYmW/MiCC YZNDgEA36HU2gYZmzF4PCBAAgInhAgcAcAuGTQ4BAt2g19kEGpoxez1YP0Bg9qdEAIAKXOAAAG7B sMkhQKAb9DqbQEMzZq8H6wcIAAAAAABEECAAAJBCgAAAAAAAbAcBAgAAKQQIAAAAAMB2ECAAAJBC gAAAAAAAbAcBAgAAKesHCMz+lAgAUIELHADALRg2OQQIdINeZxNoaMbs9WD9AIHZ/84EAKjABQ4A 4BYMmxwCBLpBr7MJNDRj9npAgAAATAwXOACAWzBscggQ6Aa9zibQ0IzZ6wEBAgAwMZtf4DExMevX rxfnuiPrWwAAc7H5sCmEAIFu0OtsAg3NmL0eECAAABMz4wX+g5M4N1MaNmw4ZMgQca47sr4FADAX Mw6bHoIAgW7Q62wCDc2YvR6sHyAw+1MiAEBFNl7gGRkZ4iz3adlIeHh4z549xbmecfTo0UWLFolz AcDGsnHYNDsECHSDXmcTaGjG7PVg/QABAIBI69atR4wY0blz58DAwHPnzp0/f75p06a5c+cuV65c bGwsK3PhwoXIyMg8efJUrVq1d+/eoaGhbPIfERExc+ZMVmb69Ok0ErJl2Y1s3ry5UaNGOXPmDAkJ +fXXXyln8ODBuXLlCgoKog0uWbKEFZNS2ovoyOnl+PHj+VpSixYtat68uThXQLgF6dEqZQIAWAAC BAAAUggQAIDtVK9e3dfXt0ePHjT7vXfvXq1atSIjI48cORIdHR0cHOxwfhGgdu3aVOzbb7+l+8Wa NWvScMcCBCVKlBgzZgzbzsiRI0uXLk0Ljx8/lm4kPT29aNGi77zzTmJi4q5du27fvk2ZNKuvUaNG ixYt4uPjr1279uSIxGT34nj6yNPS0uhl//79+VpSLgMEfAuyRyubCQBgDQgQAABIIUAAALZDs+Ko qCi2fPDgQRrKJk+efODAAbo7pOWEhASa59PCggULWJl58+apBwhkN0LlS5YsWadOnfj4eFae0fIT A9m9OJ4+cvZSNkDwn//8Z5fToEGD6taty5bpxldcTrAF2aOVzQQAsAYECAAApBAgAADbEc6rV65c SUNZhQoVnntizZo1bJJ/7NgxVsZlgEB2Iw5n4CA0NJTeatWqVXJyMlsriwECYURAKUAwbNiwF5zK lSuXP39+tly3bl1xuae3IHu0spkAABaAAAEAgJT1AwRmf0oEAKjI3AUumhXTUDZ//lPbOXnyJGWu XbuWvZw1a5YwQDB8+HCW37VrV+E3CEQbYWgtuukMDAwcOnQoywkPD+/evfvTpcRk9+KQRASUAgSc 9p8YMNKjVcoEAJPK3LBpSQgQ6Aa9zibQ0IzZ68H6AQKz/50JAFCRuQtcOCt+9OhRWFhYaGjojh07 7t+/n5CQcOHCBcovU6ZMRETEgQMH6MaR5sY8QPDSSy81aNCAin3wwQeUyabushtJS0ubP3/+xYsX U1JSQkJC+vbty/bYrVu3ypUr37p1639HI0d2Lw7JfD4bAwSyRyubCQCmlrlh05IQINANep1NoKEZ s9cDAgQAYGIuL/AHN1LPfhGbdiVFmFmjRo3o6Gj+MjExkQ1ovr6+hQoV2rBhA2UuX748T548lFmx YsVBgwbxAAG9W6xYMSoZGRlJG+FTd+lGbt++Xb58eXqZK1euJk2aXL16lZWMi4srW7ZsQEAAf8aB lNJeREcueim1aNGiFi1aiHMF+BZkj1Y2EwBMzeWwaR8IEOgGvc4m0NCM2esBAQIAMDGVCzxlf8K+ 1gPXPdMkee9R8XtyUlNTr1y5Isx58OBBUlKS4+lnEJCHDx/euHFDWJKTbuTWrVuUKcxxOL+0f/Hi xfT0dFG+kMpePEf2aGUzAcCkVIZNu0GAQDfodTaBhmbMXg8IEACAiUkv8Ac3Uk999GVssaiVvvW+ yfOSxuiAOlGAILvQxLuExIgRI8TlAACyj3TYtC0ECHSDXmcTaGjG7PVg/QCB2Z8SAQAqhBd4yv6E 7xr3X5Wj4Uq/F9cWeC1W83cHXDpy5Mjo0aPFuVmWnp5+XOLy5cvicgAA2Qf3RRwCBLpBr7MJNDRj 9nqwfoAAAKyNf2Vgdc4GK33qUVpfrFk2RgcAAMCSECAAAJBCgAAATOzKtrhv8r7E4gI8fZOn0c+f LP1x7HxaZkFcLGMZy1jGMlsGDgECAAApBAgAwNwe3Eg9OfLzdUWargoIX+kMEGwMaRlbBN8gAAAA NQgQAABIIUAAABZxbc/R3S+9syqgwUqf+usKRyJGAAAAKhAgAACQsn6AAF+oA7Aw6QXOv1Cw0rfe mrzZ81cMAAAsQzps2hYCBLpBr7MJNDRj9nqwfoBgpcn/zgQAqFC5wK/tOfp9y/fX4WmFAAACKsOm 3SBAoBv0OptAQzNmrwcECADAxFxe4A9upJ79IjbtSor4DQAAW3I5bNoHAgS6Qa+zCTQ0Y/Z6QIAA AEwMFzgAgFswbHIIEOgGvc4m0NCM2esBAQIAMDFc4AAAbsGwySFAoBv0OptAQzNmrwfrBwjM/pQI AFCBCxwAwC0YNjkECHSDXmcTaGjG7PVg/QABAAAAAIAIAgQAAFIIEAAAAACA7SBAAAAghQABAAAA ANgOAgQAAFIIEAAAAACA7SBAAAAgZf0AgdmfEgEAKnCBAwC4BcMmhwCBbtDrbAINzZi9HqwfIND5 70zcvHnzxx9/FOdmt7S0NHFWdjt9+vSVK1fEuTrSpyZ1pkPDWYCwllzWmM4XOACA2WHY5BAg0A16 nU2goRmz1wMCBPI+/vjjQU5Tpkw5deqU+G1l8+bNo2rJyMig5ZiYmPXr14tLZBkdT1RUFH95/Phx Os6EhARBEcelS5foyBs3btyjR485c+YI39KoevXq/fv3Z8seOhFGaePCmsycrVu3jhgxIj09ffDg wfv27WOZycnJVF1xcXHs5Y0bN+jlzZs3ZWtMqRvwfGbLli0s/9atWx999FGbNm1atGhBuxZFWEQN ZwFKbSekpYzIgAEDYmNjpcuyMneBAwDYFoZNDgEC3aDX2QQamjF7PSBAIK9ixYoVKlSg6Vz+/Pnp NOljQ1xCgXBa27BhwyFDhohLuOkHJ/7y/v37lStXpvkqz+nUqRPtsVu3bjzn8ePHlSpVqlKlypgx Y2iyWqdOHf6WdsIAQaZPRHTwspQ2nvUAwYcffpgvXz5aqFatGq8f+vinzfbr14+9XLZsWZEiRR49 eiRbY0rdgPLLlSvX+YkVK1ZQJt1SlC9fPjg4mE5n5MiRtGKxYsXi4+PZKtKG8xYtjaKRUtsJaSkj sm/fvty5c58+fVq0LCtzFzgAgG1h2OQQINANep1NoKEZs9cDAgTyaAbYu3dvh3NeR1M+0WmqzFrd mtZqKRYeHt6zZ0/+kmaYNDWlo2IvU1JScjrlyZPn1q1bLHPz5s10DHxqqmUvUsIAgZTGbYoO3i0u a/Lo0aOLFi0S5wrwAAGdSMmSJVlmdHQ0bTYsLIy97N69e5cuXZRqTKkbUP5bb73FlrlWrVrlz5// 3Llz7GVycnLp0qXr1KnDtiZqOCmVM9VOy0ay0ii6adeuXZs2baTLUpm7wAEAbAvDJocAgW7Q62wC Dc2YvR6sHyDI3FMi+MyQ1HNiy+fPn2/atGnu3Llpsse/+XzhwoXIyEiaoletWrVDhw58Wtu6devx 48ezMrQ8YsSIzp07BwYG0hxSdjuXL1/u2LFj0aJFc+XKFRoaSpPJwYMH03JQUBC9XLJkCZWhhUmT JrHyZOrUqVSA5sm001mzZrHMAwcO0EthMXXS/TqeDhAIT0T2yKnA2LFjBw4cWLx48Vq1au3atYsy pQcvS7hxpZqURWfdvHlzca4ADxCsW7eONvXLL7/QclhYWJkyZfz9/e/cuUMbpwNevHixUo0pdQNp gODMmTO0BZrKCjMHDBhAmezXDcKG09IZhFVBx0Crs6qIiIiYOXMmKzN9+nS6DNmy7EY2b97cqFGj nDlzhoSE/Prrrw7NjaK0F9GRC9tOibCM9HiUMvfu3UttdPXqVdGyVOYucAAA28KwySFAoBv0OptA QzNmrwfrBwgyh80MadYXExNDpzl79myH86v7NPuladuRI0eio6ODg4Mdzv+zrV27Nk2nv/32W/pc qVmzJp/WCufYtOzr69ujRw+aDt27d0+6nUePHtHctXDhwrTHn376acOGDenp6TQHq1GjRosWLeLj 469du0YvaeNr167lx1mlSpWuXbtSyVKlSvH/FSdRUVFUslWrVirfzWZk9+uQHDxblq0BViAgIKBZ s2Z0bDSLbtCgAWWKDv5/+5PgG1epSVnaAwQ3b9708/ObM2dOamoqLbDvJuzcufPYsWPUKL///rtD ocZkuwHLp3P80on9vmDTpk1UgLbM13U8+SrH559/Lmo4l51BpSpKlCgxZswYtp2RI0eWLl3aodAu 1I5FixZ95513EhMTd+3adfv2bYfmRpHdi+PpI09LS1P/mgnDy8gej2wmuXr1Kp3y0qVLRcsAAADZ BQECAAApBAjk0QzQ54kJEyawudnBgwfp5eTJkw8cOMB+yp6QkEBTMlpYsGABW1H4xXjRHJs/oE52 Oyxz0KBBrAwn/EL43r17qcyJEyfYy++//55e0r+0TNM5WqaDYW/RjHH8+PF5nNRnVkr7lQ0QyB45 K/D/7N0JfE3X2j/whJBECEIIaiwpriGaJqbQ1hSU0tbVirG9fbXaxr0q0SFV1DW9pSjlpYP7okQN IYZSqupe0ZsioSiNSIMkJBKimtcQPf+nZ/2z77bP2utMye7Ze/++n3z6WXuttddZZ+2h53mcoUeP Hnfu3KHy7Nmz6UHZjo68m10aXLCScj/88MM+K5pzREQEK9P/0RXdLLIEAXn44YeHDRv25Zdf1qlT 59atW35+fjNmzKCpUhzOOnBXjHsasPqGDRv2txo5ciTVfPrpp9SHDhDrwOTk5LAdFQfO7skgWApu 6M4dhPrTJMPDw6WPTjCOHBTuo1junznbdDxBwJ0Pt5IJCAiYNWuWbRkAAKBcIEEAAGALCQI+igCH Dx9+7Nix2rVrP/HEE6wyMTGRnnKLFi3+VGbTpk0sHqOerI8gQSCVueOwyh07drA+Enk4d/DgQflj jRo1ijZHjBgRExPTq1cvKr/88svSjhbr+94feeQRb2/v7Oxseb2c2uNyJ8+duaLzwoULXUsQCFZS 7q233nrEqlmzZoGBgawcERGh6Ga5P0EQFxdXt25d2nfo0KG02bNnz+joaPov1ch3UawY9zRg9YqP GHzzzTc02xkzZsgrjx49SpU7d+5UHDi7J4NgKbihO3cQizVxEBoa6mV9Z0R+fj7by5GDwn0Ui01G wKkEgUVlPtxKerJ0Fs2dO1dRBgAAKC9IEAAA2EKCgE/68Pnnn39OT5OCXkvZv9N+/PF9nyo5ceKE l+zd40uXLpViOW6MbVEZJyUlhSoTEhLklRZrODd69GhWvnDhAvWh/4FZrG+b9/Pzi4mJ+e8ykZGR NWvW/PXXX+W7s2EVjyWn9rjcyXNnLu9gsUkQSJNXI+0rWEkuxz9iYLH+5CGNFhQUxA7l22+/7evr 6+Pjw95/ISdfMe5pwOoVCYJr164FBgayz1ZI4uLiaK+rV6/KD5zFgZNBsBQUutPkWf3IkSPl7yCw PS4Wa3RNjxsQEPDmm2+yGkcOCvdRLDYZAWcTBBbefLiVly5domeUmJioKAMAAJQXJAgAAGwZP0Hg 2rdEyL+dbvjw4VWrVj169Cj7uH5oaOiePXtu3bqVnp7O/p25SZMmUVFRhw4dov/BUJAjxXLcGNtS 9rF/xThU2aFDh5CQkNWrV1++fDk5OZmF+qNGjWrVqpX0CwW0I/tn6sWLF1McXlRUxOotZZ94pzns 379/xYoVWVlZN2/enDRpEkXCmZmZ1GHy5Mnjxo2T+jNqj8udPHfmis7yBIFi8lzyfdVWkstugiA+ Pr5GjRqs/Msvv/j4+NCAdBwtZfkCCunpGdGm2opxTwNW/8wzz5wvk5OTQ5ULFizw9vaeN28eLeD/ /d//UbhO48yZM4ftLh04iwMng0V9KXr27NmtWzfq9vrrr1MlC925g5SUlNAcLly4UFBQ0KhRI+nd JY4cFO6jWGyiffkm9+yyyPpw58OtJHv37qXVY6e3vGzLtQscAMC0cNuUIEGgGZx1JoEDzeh9HYyf ILD7OxO3C4szVyaV5BbIK+WRYWFhYYMGDVq2bEnBDMWQ7IlTKFi7du1t27ZRh3Xr1lFITJW0FwWl UizXvn372NhYNoi8TLjjZGRkREREeFk1bNiQfXleSkpK06ZNKbhln0in/3sFBwfTlCiqV8Rj9+7d o0COhv3ss88ooKJBqlSpQnEj/W+PdejUqVP9+vXluzDcx1WbPHfm8g6LFi2qVq0aKysmzyXfV20l uVatWjVw4EBlrcyQIUN69eolbXbt2rVmzZq0SlS+fv16pUqV2McNiNqKqZ0G8u8mINIXGXz44YfV q1evbEX1FIqzh7PIDpzFsZNBvhTsnQhsKai1Xr161LNPnz40iBS62w5Cz7F58+a0SU+tb9++0q8A OHJQ1B5FMXP5ptrZJfXhzodbSc+0R48ekyZNUpS57F7gAAAgh9umBAkCzeCsMwkcaEbv62DqBEHB P9MPj3x3S52++Qd+/2dhxxUXF+fm5sprbt++zf4Z2Sm245CCggIWRkooRrpw4QL7cQGL9fsIx48f L+9gizqfOXOG9pJX7t69OyoqSl4jZ/u4AtyZcykmb5drKymXmZk5a9asqVOnUqwu/fSjXdwVc8G9 e/dOnz7973//myYQFBRUt27dsWPHnjhxwmLvwNkuqbQUiq9juHPnjtqRsh3k2rVrVCmvsTh2UASP wiU+uyTc+Sgq6YXagAED2PTkZS7BBQ4AALZw25QgQaAZnHUmgQPN6H0dzJgguF1YfHbh+h0PPp3o 3XmjXw9nswOe4P3331dWOWD48OHsX6e1RxFgAxu2X3xQLo4fP07/s4+Ojqb/2ZeUlCibNXTz5s0P P/ywV69e0tvjXTtwat/X6KbyPSjleHYtX778xo0btmUu2wscAAAEcNuUIEGgGZx1JoEDzeh9HcyV ICj4Z3rKiKkbq/VMqtd/Q6XOmwMf12N2wGXlHmE6rrS0NM3GpUuXlP2A58iRI++++66y1m3le1D+ qLNL77dgAACN4bYpQYJAMzjrTAIHmtH7Ohg/QXBy+sfSWwa2BPXZVK0nHTMTZgcADEnvXwMDAKAx 3DYlSBBoBmedSeBAM3pfB+MnCHK/TNkY8GiiV6T8b6Nv1I/vr6WDR2V2CFFGGWXdlVkBAADABUgQ AADYMn6CgPxy7tK/hk75wrd7YlmC4ECfV7fWi8Y7CAAAAADMCQkCAABbpkgQSDKWbtzefGiid+dE r8jdHWKQIwAAAAAwJyQIAABsmStBwPznDQXekZsCHkWOAAAAAMBskCAAALBl/ASB4FPKGUs37n/8 lS11+iJHAKBTggscAABs4bYpQYJAMzjrTAIHmtH7Ohg/QZBo73cmbhcWZ65MKsktUDYAgMeze4ED AIAcbpsSJAg0g7POJHCgGb2vAxIEAKBjuMABAJyC26YECQLN4KwzCRxoRu/r4G6CoFatWo96tmFe jZRVAGAUuMABAJyC26aEXsQiQaANvcdL4CAcaEbv6+BuggAAAAAAQKeQINCA3uMlcBAONKP3dXA9 QbB48eLHyoSFhdHttU2bNq1bt/6Th3ms3oPKKgAwClzgAABOwW1TYdy4cUgQVDS9f2cbOAgHmtH7 OrieIJBLSUlJTk5et27dPwAAAAAAdIVexNJLWXpBm5WVpXyZCwBgJuWTIEhLS/v666+TkpLo9vq/ AAAAAAA6QS9f6UUsvZSlF7Q5OTnKl7kAAGZSPgmCn376KTU1lW6sycnJXwAAAAAA6AS9fKUXsfRS ll7QFhTgd68BwNTKJ0GQk5NDt9S0tLSUlJSvAQAAAAB0gl6+0otYeilLL2iLi4uVL3MBAMykfBIE dDMtKCigu2pWVtZPHubb2LnKKgAwClzgAABOwW3TFr18pRex9FKWXtDeunVL+TIX3Kb372wDB+FA M3pfh/JJEHgyvf/OBAAI4AIHAHAKbpugPZx1JoEDzeh9HZAgAAAdwwUOAOAU3DZBezjrTAIHmtH7 OiBBAAA6hgscAMApuG2C9nDWmQQONKP3dUCCAAB0DBc4AIBTcNsE7eGsMwkcaEbv62D8BIHevyUC AARwgQMAOAW3TdAezjqTwIFm9L4Oxk8QAAAAAAAAAIBdogTBwoULHwUAAAAAAAAwk8WLFyvDY3MQ JQhoXbwAAAAAAAAAzOSxxx5ThsfmYD9BEBUV9QaYG7tCAAAAAAAAjK1WrVpIEPCxBAHFh0VgbnQa KE8OAM+g96+BAQDQGG6boD2cdSZhmAPNomCXEwR6XwdR4IcEATBIEIDH0vsPyQAAaAy3TdAezjqT MMyBZlFwWFhYSkpKWlraTz/9lJOTU1xcrOynQu/rIAr83EkQFFopax0WExMzYMCAs2fPKhtkTp06 tWvXrn//+995eXnKNnUrV66kkVesWKFs0MSaNWtoAnSGKRvc4MhauQkJAvBYer8FAwBoDLdN0B7O OpMwzIFmUfCf/vSn5OTkr7/+OjU19aeffiooKFD2U6H3dRAFfi4nCBISEmhHX1/fc+fOKdscU79+ fRohPT1d2VBUdPXq1YULF9atW9erjLe399ChQ5X9VMTFxdEur7/+urJBE4Ln5bKKGFMBCQLwWHq/ BQMAaAy3TdAezjqTMMyBZlFwmzZt1q1bl5SU9PXXX6elpeXk5Cj7qdD7OogCP9cSBAUFBY0aNWKh +3vvvadsVtG/f/8aNWrs27ePbQqC3tjYWGoKCgoaN27cli1bNm7cSI8yd+5cZT8VFZogUDwLWzRh Os9yc3OVDW4QrFV5QYIAPJbeb8EAABrDbRO0h7POJAxzoFkU3Lp163/84x8UuyUnJ6ekpGRlZSn7 qdD7OogCP9cSBJ9//jntNXbsWPpv8+bN5R80aNu2bcuWLdkb7GlYKi9btoyVq1atSv0feOABCvuL yoLeNWvWdOnSJSgoaNSoUVeuXKH61NRUb29vavrqq6+kYSVpaWlPPvkk7RsYGBgZGblp0yZW/69/ /atz584BAQFhYWHsSUkJAhqwb9++tWvXpr1eeOEFbujetWtXmurKlStp98GDBxep7GX7LGx3ZDWn Tp1SG2T06NHUYfHixeyhjx8/TpuffPIJlalPp06dqlWrFhwcPHny5Pz8fNanohME27dvp6VTnhwA nkHvXwMDAKAx3DZBezjrTMIwB1r6iME//vGP//3f//3iiy++/vrrn376SdlPhd7XofwTBL169WrW rBnF8+x9BFKUTqpUqUI1Fy5coPLzzz9P5VmzZhVZQ9AGDRrQ5iuvvLJ+/fqisqDX19e3T58+7Hcm 1q1bV2T9BgEqN2nSRBpTQsNSZE6tQ4cOpfjZ39/f29t7165dFHiz0SganzBhAtVLCYLs7OyQkJDK lSsnJCT079+f6qdOnaoct2wyPj4+ERERNLLaXmrPQtpRqqFgXm2Q5cuXU/mhhx5iD017Va1aNSMj g8q0FHQsPv7445YtW1KfzZs3y6dXQQkCelLBwcEHDhxQnhwAAAAAAACG42aCQO/KOUFw5MgRCsun T59O5bfffpt2HzBggNSqliAg7du3p829e/eyTRb0fvDBB1QeP348lePi4qg8Y8YMKnfq1Il1k2Oh Ne3INseMGeNlTRbQQaVCzZo1r169WmQNub3KEgQfffQRldu1a3f48OFPP/2UyuHh4fIxGTaZRYsW sU3BXtxnIe0o1VAwrzZIXl4eS4js3LkzPz+f+j/zzDPS7kXWd0k899xz1GHatGmKMeXdygWyAwAA AAAAYCpIEKhyIUHw6quvelk/sBEZGfnQQw9RuXLlyidOnGCtziYIWNDLvjWAJQhWr17tZf0CAhbt y9E8qalfv35s84MPPvCyphJmzpxJhR49erB6+XcQsF28rF9zyDRu3FgaUKKIwAV7CZ6FokYwCEuI DBs2jKU2kpOTi6zf7DB69Gi2O/sgQ0UnCJAdAAAAAAAAs0GCQJWzCYK8vLzatWuHhYW9VIYFzOzd 9UVlCYKzZ89euXKlS5cuXjYJAgpK2aZaguDkyZO+vr60OX/+fNZTsmTJEqpv2rQp25wwYQJtDho0 aOPGjVRo1KgRq4+JifG6/x0EFJlLn+fnUkTggr0Ez0JRIxjk0KFDXtaPV9BKtmzZklXOmzfPy/op iXPnzrG3ZlRoggDZAQAAAAAAMCEkCFQ5myBgQa8UHhdZv7SfaijUZF8x2KFDB9ocPHgwyw54yRIE LG5/8sknd+3aVaSeICgq++RCpUqVxo4du2rVqkWLFj377LODBg2iYxYUFERNEydOXLJkSb169ai8 du3avLy8atWqUTk6Ovrpp59mj8sSBJmZmazbE088sXLlyvnz57/66qvsUeQUEbhgL8GzUAwlGIRE RESwec6cOZPVsARBt27dqNC0aVMqd+7c+eLFi/Ixpd3dhOwA6IjevwYGAEBjuG2C9nDWmYRhDrSb CQK9r0N5JggorG3VqpW8prCwsHnz5jQIRfK0+emnn9apU8fb27tfv34jRoyg+tmzZ7OetOht27al mtDQUNoMCQmRgl5FgoDGpPifIlgWQntZ3zXw0ksvUdPevXvbtGnDKoOCgthXGJA5c+awNy+0b9+e /byC9KaGgwcPPvLII97WX0aoWrUqPQVWLyefDKO2l+BZMPIatUGKyt4N4evre+7cOVaTlZUVHh7u Zf0yhfj4ePY2ii1btijGdB+yA6Avev8hGQAAjeG2CdrDWWcShjnQbiYI9L4O5ZkgcMTly5fPnz+v rC1z/Phx7g8Ncp09e5YO1c8//6yoz8zM/PHHHxWVeXl51F9RKbl48eKJEycKCgqUDUJqezn1LNQG 4Tpz5gz7SEJOTs7p06eVzW5DdgB0R++3YAAAjeG2CdrDWWcShjnQSBCoqogEAXgsZAdAj/R+CwYA 0Bhum6A9nHUmYZgDjQSBKiQIzAPZAdApvd+CAQA0htsmaA9nnUkY5kAjQaCKLQ2YQUBAALIDoEd6 /xoYAACN4bYJ2sNZZxKGOdBuJgj0vg72EwSPPfaYsgEAAAAAAADAcNxMEOgdEgQAAAAAAAAAv0OC QBUSBAAAAAAAAGAeSBCoQoIAAAAAAAAAzAMJAlXGSBDo/VsiAEAAFzgAgFNw2wTt4awzCcMcaDcT BHpfB+MnCPT+OxMAIIALHADAKbhtgvZw1pmEYQ60mwkCva8DEgSuy8jIyM3NVdZqoqSkRFlV5g+c FVNUVHTy5Ell7R9BsEogka+SHles4i5wAABDwm0TtIezziQMc6CRIFBlhgRBWlpaXFxcenq6ssEB 7dq1e+2115S1DluwYMHWrVuVtQ44depU//79lbVl5LNy+SEcoTb4ihUr6LT57bfflA0O27VrV0JC QmlpaXx8/MGDB1llfn4+HamUlBS2WVhYSJtFRUUXL16cN29e7969x4wZs2zZMmkQ8SrpkdqCyznS R2HixIlJSUm2Zb0QX+AAAKCA2yZoD2edSRjmQCNBoMoMCYJnn32WnuOoUaOUDTz/tpI23UwQdO/e fcqUKcpae27dutWqVSsKiZUNZeSzcu0hLDbPlEttcPcTBG+88Ub16tWp0LZtW+nQ0JVJw77yyits 8/PPP69bt+7du3dbtmzZunXradOmDRkyJDw8nLXaXSXNOLKSDlJbcDlH+igcPHjQz88vIyNDUdYL 8QUOAAAKuG2C9nDWmYRhDjQSBKqMkSAQfEtEQUFBVSt/f/9r164pm2107dp17Nix0qabCQIHKSJt CnqbNWtGAbC8Uk48KwfjdsUzdYrdBMHRo0dXrVqlrJWREgT0RBo2bMgqY2NjadiwsDC2OXr06JiY mB07dlBlamoqq5Qe1O4qCabnOEcGcWclNfP0008PGTLEtqwLggscAABs4bYJ2sNZZxKGOdBuJgj0 vg7GTxAIzJ8/39fXl4JVeppLly6V6qOiopYsWcLKixYtonWgQnx8PHWuUaNGaGjomjVrLNZQfMKE CZMnT65fv37Hjh337dvHdrl48eJTTz1V2+qZZ57Jyclh9YMHD05ISBgxYkRAQMD58+dpc+bMmRZr niL0fn/729+o/ueff+7Xr5+fnx/FutIbv6l19uzZrHzp0qXhw4cHBwfTxKiexcPyBIH0EBaV0ajD 9OnTFU/B9plyyQfPzs7u06ePv79/mzZthg0bJk4Q0IIPGDBAWSsjJQi2bNlCQ505c4bKYWFhTZo0 qVy58o0bN2hwmvDq1asPHTpEHaQFkchXSbHs3HWQz//FF1+k3dn8uWeCRWUxd+zY0aNHj6pVqzZq 1Ojs2bMWh1dS7VHUThgBeR/b+ahVHjhwgBY2Ly9PUQYAAAAAMBs3EwR6Z+oEQevWrUeOHFlaWvrA Aw9I/zRNGjRoMG3aNFZ+5513GjduTAWK0Nq3bz9w4MDU1NQrV65YrKG4j49PdHT05s2bIyMju3Xr RpU0WqdOnSjO3Lp1K4WOVAgPD7937x7r7+3tPWbMGArSSkpKpEj+7t27qWWef/55WvNPPvmEdqGI naLWI0eOxMbGhoSEsDlQKz0c24vmHBQUtGDBgtOnT2/bto0emj2KlCCQytzR1J6C7TPlkganWJqe Mm1+9dVXdPF06NChvBIERUVFlSpVWrZsWXFxMRXYexP27t177NgxWsnLly9Tn/79+1PloEGDpDfG y1fJcv+y37x503YdBPPnngncxaTFDw4Ofumll7Kysvbt23f9+nU2E0dWkvsoFvUTRkDqw50Pt5Lk 5eXRU167dq2iDAAAAABgNkgQqDJ2guDbb7+lZ0f/pTKFZ1SmeI81qQVsth8x6NGjx507d6g8e/Zs f39/Knz33Xc0FIWyrM/y5ctp8/vvv2f95V+bZxvvJScnV65c+c0336Ty4cOHacc5c+YcOnSIffw+ PT39wIEDVDh+/LjUIS4uTj6CRSVBwB2NdbB9ChabZ8olDU7r5mVNarB6tY8Y/PDDD/usaM4RERGs TBeboptFliAgDz/88LBhw7788ss6dercunXLz89vxowZNFUK6VkHCtdnzpzpb8XCWvkqWe5fdu46 CObPPRO4g1D/hg0bhoeHS593YBxZSe6jWBw4YWxJfbjz4VYyAQEBs2bNsi0DAAAAAJgKEgSqjJ0g GDVqFD27ESNGxMTE9OrVi8ovv/wya1IL2GwTBFLAtnDhQhZdJyYm0lBHjx5l9d9//z1tbty4UdHf dpNitmrVqtF8WGjKxmnRosWfymzatOngwYNUeezYManDjh07pBEYboKAO5qis/QULDbPlEvalwXJ bFYW9QTBW2+99YhVs2bNAgMDWTkiIkLRzXJ/giAuLq5u3bq079ChQ2mzZ8+e0dHR9F+qke9y7tw5 Gs3b2zs7O1u+Spb7nyN3HQTz554J3EEs1sRBaGiol/XtDPn5+WwvR1aS+ygWmzPEqQSBRWU+3Ep6 snTo586dqygDAAAAAJgNEgSqjJEg4H5LRFFRkZ+fX0xMzH+XiYyMrFmz5q+//mqxBmxvv/026zly 5Eh5gmD06NHSINzomkWnq1evZvWfffYZbbIf5xPEe5mZmfXq1aMFv337Nqth/0z98cf3Tf7ChQtU SecolWlMKickJMg7WFQSBNzR5B0sNgkC+TPlkvY9ceKEl+wt/UuXLpUCbC7HP2Jgsf7kIY0WFBRE 06NNOi6+vr4+Pj7srR9ybEHoOcpXyWITM9uug2D+3DOBOwhDe9HjBgQEsLeBWBxbSe6jWIQnjBpF H9v5cCsvXbpEzygxMVFR1gXuBQ4AAGpw2wTt4awzCcMcaDcTBHpfB+MnCLi/M7F48WIKhouKiqQa 9n34dBJYrP9M3a1bt/T09Ndff50qpYBt1KhRrVq1kn7vgBtd37p1q0WLFlFRUadOnaIRunTp0rJl S9uvD5RvFhYWPvTQQ/Qo586du2p148YN9hUDoaGhe/bsod1pqOzsbIv1u/pmzJhhsX4HQYcOHUJC QlavXn358uXk5GSW3eAmCNRG4z4Fi80z5ZLv26RJE3rKhw4dogWkyNPNBEF8fHyNGjVY+ZdffvHx 8fEqe1MGyxcEBgbSM6LN/fv3r1ixIisr6+bNm5MmTfL19c3MzLTIVsly/zzV1kFt/twzgTtISUkJ y00UFBQ0atRIejeKIyvJfRSL+glDJk+ePG7cOKlJIvXhzodbSfbu3UtLxy4HeVkXuBc4AACowW0T tIezziQMc6DdTBDofR1MmiCg0FoRX927d48Cs0etXyC/bdu2evXqeXt79+nTJzY2VgrYUlJSmjZt SvEq+7x6+/btqZU1LVq0qFq1aqxMkR6dT15WHTt2lD4ML+8v39y5cyfrLHn88cepnuJedghoJrVr 16ZZWazv5w8ODi4sLKRyRkZGREQE26Vhw4bsS/vkjyIvc0dTewqKZ8ol33fdunX+/v40+IMPPkjh vZe9BMHAgQOVtTJDhgzp1auXtNm1a9eaNWuyL3q8fv16pUqV2McNLNY3aFA0Sw9XpUoVCtpZfsdy /yoplp27DvL5x8XFSfNXOxNsB6GJNW/enDZpPn379pV+BcCRlVR7FLUThnTq1Kl+/fpSk0Tqw50P t5KeaY8ePSZNmqQo6wX3AgcAMJuS3ILMlUm3C4uVDTZw2wTt4awzCcMcaCQIVBk4QWDXnTt3WHip QBHUhQsX2O8FiOXn51+9elVZ67zi4uLc3Fx5zbRp08aPHy9tFhQUcKfKZTuaGsefKXP79m3pBx1d k5mZOWvWrKlTp1avXl3+q5NiNMMzZ87QVBX1ilVSsF0Haf6K71BQOxMsvEGuXbtGlfIai2MrKXgU rt27d0dFRSlrbXDno6ikG9+AAQPY9ORlvXDtAgcAMJ78A0c31+yVEjO14J+/fw+xGtw2QXs460zC MAcaCQJVZk4QeLj3339fWVUxKJhsYMP2iw/KxfHjx+k6jI6OpuuwpKRE2ew811ZJ7UsW3VS+Kzl8 +HD23gf3LV++/MaNG7ZlvTDkBQ4A4JqLm77eULlLonfnHS2fPrtwPfcNBbhtgvZw1pmEYQ40EgSq jJEg0Pu3RPyxSktL02xcunRJ2c9Ajhw58u677ypr3Va+K1nu+Qv9wgUOACB3cdPXX1TuQi9Pt4YM 3BjwqO0bCnDbBO3hrDMJwxxoNxMEel8H4ycIAAAAAMxDyhHQ3+bqj22p01fwhgIAAFBwM0Ggd8ZP ELD/QeIPf/jDH/7whz/8mfPv988deEVurtU798vff3cZAAAEkCBQZYwEAQAAAIB5/Lz2yw2VOrPU QFLdfkn1++98aBjeQQAA4CAkCFQhQQAAAACgIyw7sKFyl+SmQzZVf+zwqGniHzUAAAAFJAhUGSNB oPdviQAAAVzgAACS37MDlbtsqNRZ8JYB3DZBezjrTMIwB9rNBIHe18H4CYJEnf/OBAAI4AIHAGDy DxzdXKu33bcM4LYJ2sNZZxKGOdBuJgj0vg5IEACAjuECBwAgJbkFmSuTuG8ZUMBtE7SHs84kDHOg kSBQhQQBAHg4XOAAAE7BbRO0h7POJAxzoJEgUIUEAQB4OFzgAABOwW0TtIezziQMc6CRIFBljASB 3r8lAgAEcIEDADgFt03QHs46kzDMgXYzQaD3dTB+ggAAAAAAAADAEW4mCPQOCQIAAAAAAACA3yFB oAoJAgAAAAAAADAPJAhUIUEAAAAAAAAA5oEEgSpjJAj0/i0RACCACxwAwCm4bYL2cNaZhGEOtJsJ Ar2vg+sJgoULFz6qB8O8GimrAMAocIEDADgFt03QHs46k9DdgV68eLEyxLV61L0EgXl/5pC1AgAA AAAAAOiLOM5FgoDDkQRBVFTUGzrEnhcA6N0wr0bKKgAAUIfbJmgPZ51J6OhA16pVy26ciwQBhyMJ Agq2i3SIZq58PgCgQ3q/BQMAaAy3TdAezjqT0NGBdiTORYKAw5GFQ4IAAP5Aev8aGAAAjeG2CdrD WWcSOjrQLJINCwtLSUlJS0uj4D8nJ6e4uFje6nKCQEfrwCWKkzVLEMTExAwYMODs2bPKhgrjbIIg 3mrTpk3KBs9QUlJC01u3bp2yobwdO3aMHujo0aPyyrt37+7Zs+eHH36QV8rt2rWLLeCvv/6qbAMA AAAAANCQlAJITk6m4D81NZXi/4KCAkWrawkCvRPFyZolCOrXr09DpaenKxsqjFMJgt9++4369+rV a8uWLco2zdFkpOSWhD2jmJgYRX25W7t2LT3Q6tWr5ZV2H3337t1PPPEE9cnPz1e2AQAAAAAAaIhF sm3atFm3bl1SUhLF/2lpaTk5OfJWJAg4/pAEQf/+/WvUqLFv3z5lp3LlQoJgwYIFyoY/gq+vb79+ /RSV7BkJQvTywk0QlJaWfvfdd+fOnZNXKtDVhQQBAAAAAAD84Vgk27p1awpS1q1bl5ycnJKSkpWV JW9FgoCj3BMEL7zwQqdOnapVqxYcHDx58mQKF1m9lCCg0apWrUrlBx54YNy4cffvXW527twZEBCg fD7q5AmCCxcuNG/e/N1336UyxclU/uabb6g8f/78Dh06UPTeokUL9i/8n3wzfBL/AACAAElEQVTy CbX6+/tTPH/58uXr16/T5l/+8pf+/fuHh4fLx2dN48ePf/bZZwMDA+m/9+7ds1ijcTpraUFCQ0Pp 1KSaiRMn0kz8/PxatWolH6Ho/gSB7Y6E5k/rTCf6a6+9Rg+XlJSkVqmYOdUsXLiQurVr1+6ZZ56x TRCw+f/tb3+TyrbPBQkCAAAAAADwBOIUgLjV8DRNEPTp04f6f/zxxy1btqR9N2/ezOqlBMH27dsb NGhA5VdeeWX9+vX3710+du7cWa9evQMHDiifjzp5giAzM5NNj8pLliyh8o4dOzIyMqjQrVu3H3/8 kZ7U7du3r1y54uPj89xzz+3atcvb2/uvf/1rkTWGJyNHjly5cqV8fKmJ4uq+fftS4dtvv01JSaEd O3fuvG/fPhqZVbIHioyM/O6772xHYAkC7o4U51eqVCk8PHz37t0U9ntZg3xupe3MCwoKqFvHjh3p 6PTu3Zt1U3t07nOxIEEAFUbvXwMDAKAx3DZBezjrTEJHB1qcAhC32qWjdeDSNEHApKWlUfxJ+06b No3VyD9i0L59eyrv3bv3vn3KiQvZAYsDCYLbt2+HhIRQeejQoYcOHaKmRYsW0eagQYMmTpzo5+fX pUuXImvk/MQTTygGt5QF1QMGDKAynYJUXrt27dtvv00F9u//69evp3J8fDyVKWiPjo7mjsBCdO6O K1asoAJLTEgfE+BW2s6cTWn58uXybmqPzn0uFiQIoMLo/YdkAAA0htsmaA9nnUno6ECLUwDiVrt0 tA5c2iUICgoKRo8ezXIB7HMEGicIXMsOWHgJggkTJlD5/fff97ImCKicl5dHlf7+/hTA79+//803 36Sm55577kMrCpKL1L8mQN7EInD675QpU6iQmJhIlUlJSVSeNGmSxZogEH8HAXdHNtVVq1ZR5cqV K72sQT630nbmM2fOZE0W66cqpLJE/ujc52JBggAqjN5vwQAAGsNtE7SHs84kdHSgxSkAcatdOloH Lu0SBPPmzaP+ffv2PXfuHPtXbkGCYPv27fft7DaXswOW+xMENJSPjw9N8rPPPqtevbqXNUGQm5tL oXhBQQH75/fZs2fv37+fChEREf/6179++OGH5OTkIicTBHv27KFCdHR0RkbGU089xR6IOjRs2LBR o0bnz5+nWXFH4O54+vRpKjz00EO05oGBgewhuJW2M09NTaWaLl26rF+/vnnz5l5IEIAn0fstGABA Y7htgvZw1pmEjg60OAUgbrVLR+vApXWCoFu3blRo2rQplTt37nzx4sWi+xMEFFtS+cknn9y1a5dy CFe5kx2w2PyKwcsvv1ypUiUK1F944QWqp8Fp5nXr1vWyfn3goEGDbty4Qd0+/PBDFnVXrlz58ccf L3IyQUDlOXPm+Pv70yb9d+bMmazzokWLWGIiLy+PO4LajkuWLGnWrFn79u1ffPFFNm21SsXM6elP nDixWrVqNWvWHDNmDNWvWbOm7JF/J390teeCBAFUEL3fggEANIbbJmgPZ51J6OhAi1MA4la7dLQO XNolCLKyssLDw2kXijPj4+N9fX2pvGXLFmpiH+BnCQJa/bZt29JmaGioYgTXbF2/wZ3sgKUsQTBw 4MAvv/yS1dCw8n/AZwoLC0tKSuQ11Cc3N/f27dvySqeUlpbSCOyHACQ3b968evWqvMaW7Y7r16+n 0/rHH3/s1q2bt7f3mTNn1CotvJnfuHGDxpQ2nUKL/+c//xkJAqgIev8aGAAAjeG2CdrDWWcSOjrQ 4hSAuNUuHa0Dl3YJAoZCUPbrhjk5OadPn1Y2lzl+/DgFqMpa57n53gHJBCv2j+F6RAF/cHCwl1Xj xo3nzp2rVlkRtm7dyhbwl19+UbYBAAAAAABoSJwCELcantYJAi2VV3bAMLKzs0+cOOFIJQAAAAAA gCGJUwDiVsMzbIIA2QEAAAAAAABQEKcAxK2G526CwGMFBAQgOwAAAAAAAABy4hSAuNXw3E0QqLV6 Dr1/SwQACOACBwBwCm6boD2cdSahowMtTgGIW+3S0TpwGT9BoPffmQAAAVzgAABOwW0TtIezziR0 dKDFKQBxq106WgcuJAgAQMdwgQMAOAW3TdAezjqT0NGBFqcAxK126WgduJAgAAAdwwUOAOAU3DZB ezjrTEJHB1qcAhC32qWjdeBCggAAdAwXOACAU3DbBO3hrDMJHR1ocQpA3GqXjtaBy/gJAo2/JaKo qOjkyZPK2vJWUlKirHJJRkZGbm6usrZcafAQYtocEUeU11EzNvkqObJiGl/gAAB6h9smaA9nnUno 6ECLUwDiVrt0tA5cxk8QuGbu3LlxVvPmzTt16pSyWd2KFStoWX777TcqL1iwYOvWrcoebqP59O/f X9pMS0ujeaanp8u6OKpdu3avvfaastb69JcuXSqvoefyzTffyGscJH+ICloQRm1w+RFxza5duxIS EkpLS+Pj4w8ePMgq8/PzadlTUlLYZmFhIW0WFRVdvHiRzpnevXuPGTNm2bJl0iCKo2YAagsu50gf hYkTJyYlJdmWAQAAAADKhTgFIG41PCQI+B588MEWLVpQRBcYGEhPk84MZQ8V8nC0e/fuU6ZMUfZw 0r+tpM1bt261atWKQlCp5tlnn6VHHDVqlFQjoBhNLUFAT5/G3LNnj1RDPefOnSvr4ij5Q7i8IIpp c6kN7n6C4I033qhevToV2rZtK60z3Slo2FdeeYVtfv7553Xr1r17927Lli1bt249bdq0IUOGhIeH s1bbo/ZHcWQlHaS24HKO9FE4ePCgn59fRkaGogwAAAAAUC7EKQBxq+EhQcBHEfKLL75osYZ2ISEh iqcpiDadCkcd6da1a9exY8dKmxRkNmvWjGbFNgsKCqpa+fv7X7t2TeqmRjGaOEFAD3Tz5k1WUy4J AluOrIDFZtpOsXtEjh49umrVKmWtjJQgoCfSsGFDVhkbG0vDhoWFsc3Ro0fHxMTs2LGDKlNTU1ml 9KCKo2ZLMD3HOTKIOyupmaeffnrIkCG2ZQAAAAAA94lTAOJWw0OCgE9KEJBIK1b++eef+/Xr5+fn R/Ge9Obn7OzsPn36UIjepk2bYcOGSeHo4MGDZ86cyfpQOSEhYcSIEQEBAefPn+eOc+nSpeHDhwcH B/v6+oaGhlI8GR8fT+UaNWrQ5po1a6gPFWbPns36k/nz51MHim/pQeUfCoiKilqyZAkrL1q0iA4W FWxHo+h9woQJkydPrl+/fseOHfft28d2oaffvXt3GnPixImsxpEEge38LfcnCOQLwl0B6jB9+nTF fGynzSUfXO2IcNHqDRgwQFkrIyUItmzZQkOdOXOGymFhYU2aNKlcufKNGzdocJrw6tWrDx06RB3k B4iRHzVHzgT5/Ok8pN3Z/LmH1aKymDt27OjRo0fVqlUbNWp09uxZi8MrqfYoipnLF1yNvI/tfNQq Dxw4QAubl5enKAMAAAAAuE+cAhC3Gp7xEwSufUsESxCcO3duwYIF9DQ/+ugjqrx37x5FrRS5HTly JDY2NiQkxGL9Z9tOnTpRGPzVV1/RqdOhQwcpHJXHxlT29vYeM2YMRUQ3b960Hefu3bsUcwYFBdEj nj59etu2baWlpRSGtW/ffuDAgampqVeuXKFNGnzz5s3SPFu3bj1y5Ejq+cADD0j/mk0aNGgwbdo0 Vn7nnXcaN25MBcVoFuusfHx8oqOjaczIyMhu3bqxXejpL168+M9//nOlSpXYx+ztJgi487fYLAIr c1eSdbCdj+20uaTBBUeEy/EEQVFRES3IsmXLiouLqcDem7B3795jx47Rwb18+TL16d+/P1UOGjRI emO84qjZPRME8+ceVu5i0uIHBwe/9NJLWVlZ+/btu379OpuJIyvJfRTL/TMvKSmRH1k1Uh/ufLiV JC8vj57y2rVrFWUu1y5wAADTwm0TtIezziR0dKDFKQBxq106Wgcu4ycIXPudCfYee+bvf/87C88O Hz5Mm3PmzDl06BD7CHp6ejpFZVT45JNP2I7yN7QrYmPpO+q447DKuLg41kcif0/4gQMHqM/x48fZ 5rfffkub9F8qU0RHZZoMa1KL8Ww/YtCjR487d+5Qefbs2f7+/qyeJQjy8/Mpfmvbtu3t27ftJgjU 5s9NEHBXgHXgzseRN8ZLgwuOiNwPP/ywz4rmHBERwcp08Su6WWQJAvLwww8PGzbsyy+/rFOnzq1b t/z8/GbMmEFTpZCedaBwfebMmf5WLKxVHDW7Z4Jg/tzDyh2E+jds2DA8PFz6vAPjyEpyH8Vy/8zZ puMJAu58uJVMQEDArFmzbMu2XLvAAQBMC7dN0B7OOpPQ0YEWpwDErXbpaB24kCDgowh5+PDhx44d q1279hNPPMEqExMT6Sm3aNHiT2U2bdrEQjLqyfoIEgRSmTsOq9yxYwfrI5FHdAcPHpQ/1qhRo2hz xIgRMTExvXr1ovLLL7/MmtRiPNsEgTSrhQsXKhIEVNi4cSMN++6779pNEKjNn7sI3BVQdJbPx5Gw VtpXcETk3nrrrUesmjVrFhgYyMoRERGKbpb7EwRxcXF169alfYcOHUqbPXv2jI6Opv9SjXyXc+fO 0Wje3t7Z2dmKo2b3TBDMn3tYuYNYrImD0NBQL+vbGfLz89lejqwk91EsNhkBpxIEFpX5cCvpydKh Z+ebvMzl2gUOAGBauG2C9nDWmYSODrQ4BSButUtH68CFBAGf9B0En3/+OT1NClYtZf9U+/HH971p 5MSJE16yN5AvXbpUCue4sbFFZZyUlBSqTEhIkFdarBHd6NGjWfnChQvUh85Ri/Xt7n5+fjExMf9d JjIysmbNmr/++qvFGuO9/fbbbK+RI0fKEwTSaBb1gFxKEFisv5JQpUqVgIAAQZBmUZ8/dxG4KyDv YLFJEMinzSXtKzgiXI5/xMBi/clDGi0oKIidErTIvr6+Pj4+7H0ccmxB6DnKj5rFgTNBMH/uYeUO wtBe9Lh07N58801W48hKch/FYpMRcDZBYOHNh1t56dIlekaJiYmKMpdrFzgAgGnhtgnaw1lnEjo6 0OIUgLjVLh2tAxcSBHzyLykcPnx41apVjx49yj5mHxoaumfPnlu3bqWnp2dnZ1OHJk2aREVFHTp0 iM4hinOkcI4bG1vKPq6vGIcqO3ToEBISsnr16suXLycnJ7NQf9SoUa1atZJ+oYB2nDFjBhUogKf4 uaioiNVbrN/3Rg9Nc7BY/2W7W7duNPLrr79OlVKMpxhNLSCXJwgKCgrq1atHg0gJgsmTJ48bN46V JWrz5y4CdwUUneXzUUybS76v2hHhspsgiI+Pr1GjBiv/8ssvPj4+NCCdD5ayfEFgYCA9I9rcv3// ihUrsrKybt68OWnSJF9f38zMTIvsqFkcOBMs6vPnHlbuICUlJSw3QYevUaNG0ltLHFlJ7qNYbKJ9 +Sb3lLDI+nDnw60ke/fupaVj57a8zOXaBQ4AYFq4bYL2cNaZhI4OtDgFIG61S0frwGX8BIFr3xIh TxAUFhY2aNCgZcuWFM9Q7MeeuLe3d+3atbdt20Yd1q1bR6EsVdJeFExK4Vz79u1jY2PZIPIy4Y6T kZERERHhZdWwYUP2pXcpKSlNmzaloJR9KJ1O0ODgYJoSReOKkOzevXsUyz1q/c55GpCiehq8T58+ 9LhSjKcYTT6rRYsWVatWjZXpiXz44YesTDZv3kxTmjdvHtvs1KlT/fr1pVYJd/5qi8BdAbX5KKbN Jd9X7YhwrVq1auDAgcpamSFDhvTq1Uva7Nq1a82aNWm1qXz9+vVKlSqxjxuQzz77jKJZergqVapQ 0M6SNRbZUbM4dibI5x8XFyfNX+2w2g5CE2vevDlt0nz69u0r/QqAIyup9iiKmcs31U4JqQ93PtxK eqY9evSYNGmSoqzGtQscAMC0cNsE7eGsMwkdHWj2ylktBSButUtH68Bl/ASBXbcLizNXJpXkFigb 1BUXF+fm5sprbt++nZOTI69xhO04Fuu/2LNIUkJh0oULF9iPAlis30c4fvx4eQeuO3fuKMZhFKO5 YPfu3VFRUcraMrbzF+CuAJez03btiMhlZmbOmjVr6tSp1atXl/+EpBjN8MyZMzRVRb34qNmugzR/ xXcoqB1WC2+Qa9euUaW8xuLYSgoehUt8Ski481FU0o14wIABbHryMgAAAABAuRCnAMSthmfeBMFv d0tPz1q1//FXttTpm3/gqLLZs73//vvKKg0NHz6c/UO39iiYbGDD9osPysXx48fpvhAdHU33hZKS EmWz81w7ampfsuim8l3Jcjwlli9ffuPGDdsyAAAAAEC5EKcAxK2GZ8YEwbX0jAN9Xtvg0zXRu/Om gEd1lx34w5V7sOq40tLSNBuXLl1S9jOQI0eOvPvuu8pat5XvSv6BpwQAAAAAgFPEKQBxq+GZKEHA 3jKwreETiV6dE70i93Z+fmu9aGQHAAAAAAAAzEOcAhC3Gp7xEwQnp3/8n7cMeEWyv389FY/sAIAB 6P1rYAAANIbbJmgPZ51J6OhAi1MA4la7dLQOXMZPECR6RW6s/ij9d0PlLlKCYKNv9x/fX0sHj8rs EKKMMsp6LCdaf0jGth5llFFGGWVuOVHnv78FeoSzziR0dKDFKQBxq106WgcuUyQIbhcWn124fmfo sKR60Vtq96GaRO/IzTUewzsIAPRO77dgAACN4bYJ2sNZZxI6OtDiFIC41S4drQOXKRIEUrngn+mH R03bGPBocuMnN1TughwBgN7p/RYMAKAx3DZBezjrTEJHB1qcAhC32qWjdeAyV4KAkd5QsKFS541+ UcgRAOiX7QUOAAACuG2C9nDWmYSODrQ4BSButUtH68Bl/AQB++gdF3tDwZY6fZEjANApwQUOAAC2 cNsE7eGsMwkdHWhxCkDcapeO1oHL+AkCu24XFmeuTCrJLVA2AAAAAAAAgLGIUwDiVsNDggAAAAAA AADMQpwCELcaHhIEAAAAAAAAYBbiFIC41fCQIAAAAAAAAACzEKcAxK2GZ/wEgd6/JQIABHCBAwA4 BbdN0B7OOpPQ0YEWpwDErXbpaB24jJ8g0PvvTACAAC5wAACn4LYJ2sNZZxI6OtDiFIC41S4drQMX EgQAoGO4wAEAnILbJmgPZ51J6OhAi1MA4la7dLQOXEgQAICO4QIHAHAKbpugPZx1JqGjAy1OAYhb 7dLROnAhQQAAOoYLHADAKbhtgvZw1pmEjg60OAUgbrVLR+vAZfwEgYd8S0RJSYmyqkxGRkZubq6y VkNFRUUnT55U1v4RBKsEEvkqYcU85AIHANAL3DZBezjrTEJHB1qcAhC32qWjdeAyfoJAzdy5czds 2KCsddKCBQu2bt2qrLVx6tSp/v37K2vLtGvX7rXXXmNlBwd0jdrgK1asoEP522+/KRsctmvXroSE hNLS0vj4+IMHD7LK/Pz8uLi4lJQUtllYWEibRUVFFy9enDdvXu/evceMGbNs2TJpEPEq6ZHagss5 0kdh4sSJSUlJtmUAAAAAALBLnAIQtxqeeRMEDz744PPPP6+sdVL37t2nTJmirL3frVu3WrVqRSGx sqGMPEHgyIBc/7ZS1t5PbXD3EwRvvPFG9erVqdC2bdtRo0axSrqWaNhXXnmFbX7++ed169a9e/du y5YtW7duPW3atCFDhoSHh7NWu6ukGUdW0kFqCy7nSB+FgwcP+vn5ZWRkKMoAAAAAAGCXOAUgbjU8 JAgqHAW9zZo1owBY2VBGniCw5WDc3rVr17FjxyprHWM3QXD06NFVq1Ypa2WkBAE9kYYNG7LK2NhY GjYsLIxtjh49OiYmZseOHVSZmprKKqUHtbtKguk5zpFB3FlJzTz99NNDhgyxLQMAAAAAgJg4BSBu NTwkCO5z8eLFp556qrbVM888k5OTw+rPnz/fp08ff3//1q1bv/jii6GhoSzUHDx48MyZM1kfKk+f Pn3y5Mn169fv2LHjvn37WD11nj17NitfunRp+PDhwcHBvr6+VM/iYXmCQD7gzz//3K9fPz8/P4qc pbeRcx8lPj6eBqxRowaNuWbNGtbTlnzw7Oxs9ozatGkzbNgwcYJg1apVAwYMUNbKSAmCLVu20FBn zpyhclhYWJMmTSpXrnzjxg0anCa8evXqQ4cOUQdpQSTyVaJ5JiQkjBgxIiAggFaeuw7y+cuPSFRU 1JIlS1ifRYsW0VnKytxBduzY0aNHj6pVqzZq1Ojs2bMWh1dS7VEUM5cvuBp5H9v5qFUeOHCAFjYv L09RBgAAAAAAMXEKQNxqeMZPEKh9S4RtgqC0tLRTp04UcG7dupViSCqEh4ffu3eP6un8eOihh3bu 3Pmvf/2L+kjhtDy2p7KPj090dPTmzZsjIyO7detmsWYWqDPVUPnu3bsUMwcFBS1YsOD06dPbtm2j kW0HYWV6XIr/KQY+cuRIbGxsSEiI+FHat28/cODA1NTUK1eusJ62pMFp8vQsaPOrr76i071Dhw7l lSAoKiqqVKnSsmXLiouLqcDem7B3795jx455e3tfvnyZ+vTv358qBw0aJL0xXr5KFus8qfOYMWMo Nr5586btOgjm36BBg2nTprFx3nnnncaNG1tUFpMWPzg4+KWXXsrKytq3b9/169fZTBxZSe6jWO6f eUlJifi9IYzUhzsfbiXJy8ujp7x27VpF2YTULnAAAODCbRO0h7POJHR0oMUpAHGrXTpaBy7jJwjU fmfCNkHw3Xff0TOimJZtLl++nDa///579o/eK1euZPXyN+QrYvsePXrcuXOHyrNnz/b397dY/3WX Oh8/fpzKhw8fpnJcXBzrL+EmCFjnOXPm0KOzD/Onp6ezDraPYnHsjfHS4BQn04CffPIJq1f7iMEP P/ywz4rmHBERwcp0eSi6WWQJAvLwww8PGzbsyy+/rFOnzq1bt/z8/GbMmEFTpZCedaBwfebMmf5W LKyVr5LFOk/p2wq56yCYPzd05w5C/Rs2bBgeHi593oFxZCW5j2K5f+Zs0/EEAXc+3EomICBg1qxZ tmWzUbvAAQCAC7dN0B7OOpPQ0YEWpwDErXbpaB24kCD4j8TERHpGR48eZZvff/89bW60ktcLEgRS eeHChSx0P3jwIHU+duyYpWz8HTt2sD4S7iCsc4sWLf5UZtOmTYrO0qNYHAtrpX1ZkMxmZVFPELz1 1luPWDVr1iwwMJCVIyIiFN0s9ycI4uLi6tatS/sOHTqUNnv27BkdHU3/pRr5LufOnaPRvL29s7Oz 5atkuf85ctdBMH9u6M4dxGJNHISGhnpZ386Qn5/P9nJkJbmPYrHJCDiVILCozIdbSU+WDv3cuXMV ZRNSu8ABAIALt03QHs46k9DRgRanAMStduloHbiQIPgPFqauXr2abX722We0mZKSkpubS3EsnR+s Pj4+XgpHubG9RRa6X7hwgTrTWUVlGorKCQkJrI+EOwj7R++PP1a+QYX7KBZrWDt69Oj/9OOR9j1x 4oSX7C39S5culZ4Rl+MfMbBYf/KQRgsKCqLp0ebbb7/t6+vr4+Pz7bff3rdP2YLQc5SvksUmZrZd B8H8KXSnR2T1I0eOlL+DwHYxLdbomh43ICDgzTffZDWOrCT3USw2GQFnEwQW3ny4lZcuXaJnlJiY qCibkNoFDgAAXLhtgvZw1pmEjg60OAUgbrVLR+vAZeoEwTPPPHO+DEVZt27datGiRVRU1KlTp9LT 07t06dKyZUv2PYKdO3euX78+xfZ//vOfKRL29vZmg3Bje8v9oXtYWNiMGTMs1u8g6NChQ0hIyOrV qy9fvpycnPzrr7+qDcK+sCA0NHTPnj00B5pPdna24FFGjRrVqlWra9eusU0u+b5NmjShZ3ro0CE6 7ynydDNBEB8fX6NGDVb+5ZdffHx8vMrec8HyBYGBgfSMaHP//v0rVqzIysq6efPmpEmTfH19MzMz LbJVstw/T7V1UJt/z549u3XrRt1ef/11qmShO3eQkpISlpsoKCho1KjRyy+/zB7RkZXkPorFJtqX b06ePHncuHFSk0Tqw50Pt5Ls3buXlq6oqEhRNiG1CxwAALhw2wTt4awzCR0daHEKQNxql47Wgcv4 CQK1b4l48MEHvWQeeughqqSQj04FVtOxY0fpU/Hnz58fPnz4I4888re//W3q1KkUkbL69u3bx8bG 2pYXLVpUrVo1VqZTKjg4uLCwkMoZGRkRERFs/IYNG7Iv7VMbhKJotsje3t61a9fetm2booP8UVJS Upo2bUqRufTJfFvyfdetW+fv70+D0zrI3xPBtWrVqoEDByprZYYMGdKrVy9ps2vXrjVr1rx37x6V r1+/XqlSJfZxA4v1fRkUzdLDValShYJ26X0Z8lWSz9Oisg7y+cfFxUnzp9Z69epRzz59+tAgUuhu OwhNrHnz5rRJ8+nbt6/0KwCOrKTaoyhmLt/s1KlT/fr1pSaJ1Ic7H24lPdMePXpMmjRJUTYntQsc AAC4cNuE8lKSW5C5Mul2YbGywQbOOpPQ0YEWpwDErXbpaB24jJ8gcEF+fv7Vq1eVtWW6d+8eHh6u rBWaNm3a+PHjpc2CggIWCTuiuLg4NzdXWctDseKFCxfYLyM44vbt29LvOLomMzNz1qxZU6dOrV69 +tKlS5XNKmiGZ86coakq6hWrpGC7DtL8Fd+hcOfOHbXltR3k2rVrVCmvsTi2koJH4dq9e3dUVJSy 1gZ3PopKulUNGDCATU9eBgAAANBS/oGjm2v2Snk2oeCfv3+XNoBeiFMA4lbDQ4LAITExMU888cQb b7wRERHh7e29ceNGZQ973n//fWVVxaBgsoEN2y8+KBfHjx+nKyc6OpqunJKSEmWz81xbJbUvWXRT +a7k8OHD2Xsf3Ld8+fIbN27YlgEAAAA0lrPt2w2VuyR6d97efOjZhesdeUMBwB9OnAIQtxoeEgQO 2b179/Tp08eMGTNlypRDhw4pmz1JaWlpmo1Lly4p+xnIkSNH3n33XWWt28p3Jcs9fwEAAADgCXK2 ffuFT9dEr8gtQX03+vfEGwrA84lTAOJWw0OCAAAAAAAAXCflCOjvi6rdN9fujTcUgCcTpwDErYZn /AQBu1XhD3/4wx/+8Ic//OEPf/jT5u8L3+703821eud+maL372wDB+noQItTAOJWu3S0DlymSBAo qwDAKHCBAwA4BbdNqAjnP922oVJnlhpIbvLk1oYDd7UeLr2DAGedSejoQItTAOJWu3S0DlxIEACA juECBwBwCm6bUO5YduAL3+47Q4dtqvH44VHTFN9BgLPOJHR0oMUpAHGrXTpaBy4kCABAx3CBAwA4 BbdNKF+/Zwcqd91QqbP8LQMKOOtMQkcHWpwCELfapaN14EKCAAB0DBc4AIBTcNuEcpR/4Ojm2r1t 3zKggLPOJHR0oMUpAHGrXTpaBy7jJwj0/i0RACCACxwAwCm4bUJ5KcktyFyZxH3LgALOOpPQ0YEW pwDErXbpaB24jJ8gAAAAAAAAAGDEKQBxq+EhQQAAAAAAAABmIU4BiFsNDwkCAAAAAAAAMAtxCkDc anhIEAAAAAAAAIBZiFMA4lbDM36CQO/fEgEAArjAAQCcgtsmaA9nnUno6ECLUwDiVrt0tA5cxk8Q 6P13JgBAABc4AIBTcNsE7eGsMwkdHWhxCkDcapeO1oELCQIA0DFc4AAATsFtE7SHs84kdHSgxSkA catdOloHLiQIAEDHcIEDADgFt03QHs46k9DRgRanAMStduloHbiQIAAAHcMFDgDgFNw2K87ChQsf BZ5hXo2UVWBEHnigFy9erLxQrR4VpgDErXbp/TZr/ASB3r8lAgAEcIEDADgFt82Kw14bA4DnUItV xSkAcatder/NGj9BAAAAAABQ0dhr46ioqDdAP1g4A8ZTq1YtQawqTgGIWw0PCQIAAAAAAHex18YU cxaBftAhUx5IMARxrCpOAYhbDU90STiyrGqtAAAAAADmgQSBHiFBYFTsegwLC0tJSUlLS6PwPicn p7i4WN6qlgIQtxqe6JIQpwDErQAAAAAA5uFOgqDQSlnrsJiYmAEDBpw9e1bZUB7WrFmzcuVKCq6U DU4qr3HKFxIERiUF+cnJyRTep6amUoRfUFCgaOWmAMSthie6JMQpAHGr59D7t0QAgAAucAAAp+C2 WXFcThAkJCTQjr6+vufOnVO2OaZ+/fo0Qnp6urKhPJTX4OU1TvlCgqAcedTthV2Pbdq0WbduXVJS EkX4aWlpOTk58la1FIC41S6PWgcXiC4JcQpA3Oo59P47EwAggAscAMApuG1WHNcSBAUFBY0aNfKy eu+995TNKvr371+jRo19+/axzfKNvRWDb9myhUKs3Nzc+3vZV17jVCgkCMqRR91e2PXYunVrCvLp xEtOTk5JScnKypK3qqUAxK12edQ6uEB0SYhTAOJWz6H3IwQAArjAAQCcgttmxXEtQfD555/TXmPH jqX/Nm/eXP5Bg7Zt27Zs2ZK9J5+GpfKyZctYuWrVqtT/gQceGDduXFFZgmDNmjVdunQJCgoaNWrU lStX2CCpqal9+/atXbs29XnhhRek+Lxr16404IYNGxS72A7Oep46dYrKx48fHzZsGDX5+/u3atWK gi6qpGE7depUrVq14ODgyZMn5+fn2x0nLS3tySefpCkFBgZGRkZu2rRJPKsKsnPnzoCAAOWBBFd5 1O1FHOS702qXR62DC5AgAAAdwwUOAOAU3DYrjmsJgl69ejVr1ozCYPY+AilUJlWqVKGaCxcuUPn5 55+n8qxZs6i8ffv2Bg0a0OYrr7yyfv36orIEga+vb58+fdivu61bt47qs7OzQ0JCKleunJCQ0L9/ f6qfOnUqG1xtF7XB09PTaSZNmjShcseOHf/+97//13/91+7du6kDjUDP+uOPP6bYnlo3b95sd5wH HniAykOHDp08ebK/v7+3t/euXbsEs6oIO3furFev3oEDB5QHElzlUbcXcZDvTqtdHrUOLkCCAAB0 DBc4AIBTcNusOC4kCI4cOUKx8fTp06n89ttv0+4DBgyQWtUSBKR9+/a0uXfvXrbJ4uoPPviAyuPH j6dyXFwclT/66CMqt2vX7vDhw59++imVw8PDxbsUqQxOgf3//M//UCEwMJD7r/ppaWnPPfccdZg2 bRqrURtn+fLlVKBNVj9mzBgva7JA6sOdVflCdqAieNTtRRzku9Nql0etgwuMnyDQ+7dEAIAALnAA AKfgtllxXEgQvPrqq17Wj0lHRkY+9NBDVK5cufKJEydYq7MJAvYdBBRRS3E1TcbLyrtM48aNxbsI Bp8yZQoVevXqxeqZgoKC0aNHsz7sMwV2EwRsVv369WP1H3zwAW126tRJ3qfIZlblCNmBCuJRtxdx kO9Oq10etQ4uMH6CAAAAAACgojmbIMjLy6tdu3ZYWNhLZVhEPXnyZNaBJQjOnj175cqVLl26eNkk CLZv38421eJq9g6Cxo0bs+8FkFPbpUh98CVLllChVq1a8ncQzJs3jyr79u177tw59iYIRYJAbZym TZuy+gkTJtDmoEGD5H2KbGZVXpAdMAlxkO9Oq+EhQQAAAAAA4C5nEwQsepfi5yLr9/xTTXBwMIvA O3ToQJuDBw9m2QEvWYIgJiaGNp988kn5R/dt4+rMzEwKhmnziSeeWLly5fz581999VU2gtougsEp QAoKCvKyvomAAqf333+foiaWIOjWrRsVKOancufOnS9evOjIOBMnTlyyZAmb4dq1a8WzKhfIDpiH OMh3p9XwkCAAAAAAAHCXswmCiIiIVq1ayWsKCwubN29Og6xatYo2P/300zp16nh7e/fr12/EiBFU P3v2bNaTwpW2bdtSTWhoKG2GhISoxdUHDx585JFHaBAv60cA6EFZvWAXweB79+6lqMnLytfXl2aY lZUVHh5OmzVr1oyPj6dKKm/ZssXuOG3atGHjBAUFsS8dEM/KfcgOmIo4yHen1fCQIAAAAAAAcJez CQJHXL58+fz588raMsePH5d+tlDs4sWLJ06cKCgoUDaoEwyelZV18uTJq1evSjVnzpxhn2LIyck5 ffr0f7oKx8nMzPzxxx+VtRUD2QGzEQf57rQanvETBHr/lggAEMAFDgDgFNw2K05FJAigXCA7oA2P ur2Ig3x3Wu3yqHVwgfETBHr/nQkAEMAFDgDgFNw2Kw4SBJ4J2QHNeNTtRRzku9Nql0etgwuQIAAA HcMFDgDgFNw2Kw57bQyeJiAgANkBbXjU7UUc5LvTapdHrYMLkCAAAB3DBQ4A4BTcNiuOXl4baw9n nUl41IEWB/nutNrlUevgAiQIAEDHcIEDADgFt82Ko5fXxtrDWWcSHnWgxUG+O612edQ6uMD4CQK9 f0sEAAjgAgcAcApumxVHL6+NtYezziQ86kCLg3x3Wu3yqHVwgfETBAAAAAAAFQ2vjQE8hzjId6fV 8JAgAAAAAABwF14bA3gOcZDvTqvhIUEAAAAAAOAuvDYG8BziIN+dVsNDggAAAAAAwF14beyCa9eu vffee0OGDBk4cGBCQkJubq6yR/m5ePHivHnzevfuPWbMmGXLlimbXbJgwYKtW7cqa8EDiIN8d1oN z/gJAr1/SwQACOACBwBwCm6bFUcvr421p3bWUcTVvHnzkJCQKVOmvPPOOy1atKhXr15qaqqyX3m4 d+9ey5YtW7duPW3atCFDhoSHhyt7uKR79+40eWWtWakd6D+EOMh3p9Uuj1oHFxg/QaD335kAAAFc 4AAATsFts+Lo5bWx9tTOukGDBgUGBp4/f55t5ufnN27c+OGHH/7tt9/u78jhSB+5HTt20NGRsg+K 3Z0dDbjUDvQfQhzku9Nql0etgwuQIAAAHcMFDgDgFNw2K45eXhtrj3vWnTt3jpbr6aefllfGxsZS 5bfffkvlwYMHT5069fnnn69Vq1bjxo1XrVrF+vz888/9+vXz8/Nr1qxZUlISq6TO06dPnzx5cv36 9Tt27Lhv376yIf+/Q4cO0cizZ89W1HNH27FjR48ePapWrdqoUaOzZ88KKulxZ86cycoXL1586qmn als988wzOTk5Uh/x3AyDe6D/KOIg351WuzxqHVyABAEA6BgucAAAp+C2WXH08tpYe9yzbvv27bRc K1askFeyf+dfvnw5ldu1a1epUqXx48dTeEarSpH5L7/8cu/ePYqx+/Tpc+TIkdjY2JCQELYjdfbx 8YmOjt68eXNkZGS3bt3kwzL9+/enwQcNGpSRkcFquKOVlpYGBwe/9NJLWVlZFMxfv35drdJifdzX XnuNdejUqVObNm22bt2alJREhfDwcBqf9bE7N2PgHug/ijjId6fVLo9aBxcgQQAAOoYLHADAKbht Vhy9vDbWHves+/TTT2m5Dhw4IK/Mycmhyvfee89ijatHjx7N6k+ePEn1W7ZsOXz4MBXmzJlz6NAh CtuonJ6ezjr36NHjzp07VJ49e7a/v79s1P+PwvWZM2f6W61du5ZquKP99ttvDRs2pPBe/m0I3EqL LEHw3XffyfMdy5cvp83vv/+e9bE7N2PgHug/ijjId6fVLo9aBxcYP0Gg92+JAAABXOAAAE7BbbPi 6OW1sfa4Z90333xDyzVjxgx55ZEjR6iSRe9S7E3u3r1bqVKlhISExMRE6tCiRYs/ldm0aZOi88KF CwVB+Llz5x555BFvb+/s7Gy10Q4fPhwaGuplfbtBfn4+25FbKT0uG+ro0aOs/vvvv6fNjRs3yvtY 7M1N77gH+o8iDvLdabXLo9bBBcZPEAAAAAAAVDS8NnbKtWvXatSooXi/fVxcnI+PD8Xwlvvj6hMn TnhZP3rA/s3/44+VAZhTQXhKSgobRG00i/UtAxQWBgQEvPnmm4JK6XEPHjxIQ61evZrVf/bZZ7RJ DyTvY3FgblBexEG+O62GhwQBAAAAAIC78NrYWfPnz/f29p43b96vv/76f//3fxSo+/r6/vWvf2Wt FFe3adPm2LFjBQUFY8aMobg6Nzf37t27YWFhoaGhe/bsuXXrVnp6enZ2NussDsL379+/YsWKrKys mzdvTpo0iR4oMzOTO1pJSQnN5MKFC/S4jRo1evnll2l3bqVF9ri0e4sWLaKiok6dOkXjdOnSpWXL llQp72NRmRtUBHGQ706r4SFBAAAAAADgLrw2dsGSJUtq1KhR2Yoi5/fee6+0tJQ1UVz98MMPBwcH e3t716xZc/Pmzayegny21FRfu3btbdu2UWX79u1jY2NZh0WLFlWrVo2VJZ999pmvry/tVaVKlbCw MAr8WL3taNevX2/evDltUv++ffvm5eVRN26l5f7HTU9Pp5DSy6pjx47Hjx+37cOdG1QEcZDvTqvh IUEAAAAAAOAuvDZ2zb17986ePXvmzBkpNcCwf3in1gsXLiiaSHFxcW5urqJSjAahR6HRlA280a5d u0aV8hq1SoX8/PyrV68qa3WuJLcgc2XS7UI7z92jiIN8d1oNz/gJAr1/SwQACOACBwBwCm6bFUcv r42159pZJ39nPvzh8g8c3VTjsb1d/nJl732/4yDn2oGuIOIg351WuzxqHVxg/ASB3n9nAgAEcIED ADgFt82Ko5fXxtpz7az76KOPdu7cqayFP07+gaNfVOlOR3NL7T7p8R/avqHAtQNdQcRBvjutdnnU OrgACQIA0DFc4AAATsFts+Lo5bWx9nDWGcbv7yMI6EkHlP42VO6qeEOBRx1ocZDvTqtdHrUOLkCC AAB0DBc4AIBTcNusOHp5baw9nHVGIs8R/P5XqYv0hgKPOtDiIN+dVrs8ah1cgAQBAOgYLnAAAKfg tllx9PLaWHv/CSbxZ7i/jdV6fvXIWCpsrtU70ZNuL+Ig351WuzxqHVxg/ASB3r8lAgAEcIEDADgF t82Ko5fXxtrDWWckqX+ZyVIDX7aPOTTszZ2t/7yr7bNnF66/XVjsUQdaHOS702qXR62DC4yfIAAA AAAAqGh4bQyGl/qXmRu8I78KH/PtgL9urtX78KhpBf9MV3byDOIg351Ww0OCAAAAAADAXXhtDMZ2 evaqL6p231C5i/SWAWUPTyIO8t1pNTwkCAAAAAAA3IXXxmBg+QeObqnT15PfMqAgDvLdaTU8JAgA AAAAANyF18ZgVCW5BZkrkzz8LQMK4iDfnVbDM36CQO/fEgEAArjAAQCcgttmxdHLa2Pt4awzCY86 0OIg351WuzxqHVxg/ASB3n9nAgAEcIEDADgFt82Ko5fXxtrDWWcSHnWgxUG+O612edQ6uAAJAgDQ MVzgAABOwW2z4ujltbH2cNaZhEcdaHGQ706rXR61Di5AggAAdAwXOACAU3DbrDh6eW2sPZx1JuFR B1oc5LvTapdHrYMLkCAAAB3DBQ4A4BTcNiuOXl4baw9nnUl41IEWB/nutNrlUevgAuMnCPT+LREA IIALHADAKbhtVhy9vDbWHs46k/CoAy0O8t1ptcuj1sEFxk8QAAAAAABUNLw2BvAc4iDfnVbDQ4IA AAAAAMBdeG0M4DnEQb47rYaHBAEAAAAAgLvw2tjTZGRk5ObmKmv1oKio6OTJk8padc72NwNxkO9O q+EhQQAAAAAA4C68Nq4IaWlpcXFx6enpygYHtGvX7rXXXlPWumfBggVbt25V1pa3FStW0Ln022+/ KerVHl2tv7PUxtcjcZDvTqvhGT9BoPdviQAAAVzgAABOwW2z4ujltbH23Dnrnn32WVrVUaNGKRt4 /m0lbZZLgkAxZvfu3adMmSJrd4hiELvUAn61R1frb5fg2Tk7Z4t7B7rciYN8d1rt8qh1cIHxEwR6 /50JABDABQ4A4BTcNiuOXl4ba8/ls66goKCqlb+//7Vr15TNNrp27Tp27FhpU5wgcDCcVozpGu4g ggk4G/Db9ndwX+7EGEGTGpcPdEUQB/nutNrlUevgAiQIAEDHcIEDADgFt82Ko5fXxtpz+aybP3++ r6/vqlWraGGXLl0q1UdFRS1ZsoSVFy1aRCtPhfj4eOpco0aN0NDQNWvWWKwJggkTJkyePLl+/fod O3bct28f2+Xnn3/u16+fn59fs2bNkpKSWOXgwYOnT5+u6Gw7JnWbOXMm2+XSpUvDhw8PDg6mPtTh 1q1bVEmtnTt3ppoOHTrs3buXOwh3AtnZ2X369PH392/Tps2wYcO4CQL5o6v15w7u7LNTNNGAL7/8 MhuK/OUvf/nrX/8qbUpcPtAVQRzku9Nql0etgwuQIAAAHcMFDgDgFNw2K45eXhtrz+WzrnXr1iNH jiwtLX3ggQfCwsKk+gYNGkybNo2V33nnncaNG1Ph/Pnz7du3HzhwYGpq6pUrVyzWBIGPj090dPTm zZsjIyO7detGlffu3aMImULrI0eOxMbGhoSEsHG4nbljsncl3L17l6YUFBS0YMGC06dPb9u2jeZJ 9XPmzNm0adOpU6eioqIef/xx20G4E6DYvlOnTjT4V199RbFohw4duAkC6dHV+nMHZzs69ewUTTNm zKhatWp+fr7FmpioXLny9u3bpVlJXD7QFUEc5LvTapdHrYMLkCAAAB3DBQ7/j707gY+iyPsGnpCQ g3AIGImAcofgEg6RcCW6RI6osKggvkA4BBF0ja4LuEpUQOXwERZYWXlAxedFxChgAkQU4WFjNMHl DCiuvBFiCARICBBWsgkE5v3vlOltuqur58hMpnp+308+fLqranqqq7qb/v8z6QEAp+Cy6Tmy3Bt7 n2tH3VdffUXjSf/S8pw5c2iZgl5WxU0Q2HSfiqdwNyEh4cqVK7S8YMGC8PBwWti9ezdtisL4nJwc CvxomT0BkduYu00WQrPtzJw5U6lS++WXX1588cVGjRqxVfVGuB2gXaOFd999l7XR/8kAo7y7UXvu xtkLndo7TVVRUVFQUNDixYtpmfarTZs2165dq3nRf7g20R4iDvLdqTXlU+PgAusnCGR/SgQACOAE BwBwCi6bniPLvbH3uXbUJScn03iOGTNm7NixiYmJtKx8yt3xBIES7i5dupRFxWlpabSp9u3b/6bG xo0bjRrbjLfJtpOZmalUMW+//Tb1p0WLFvQW3AQBtwMsmD9w4ABrY5ogMGrP3bj6hTbH9k5fNWzY sJiYmMrKysjIyNdff10pV3Ntoj1EHOS7U2vKp8bBBdZPEAAAAAAAeBrujWvR+fPnw8LCxo4d+181 4uLimjRpcvnyZZs9QTB79mzWcty4ceoEwfjx45WNcKNi9jv2d97RhnDcxjbjbebm5tJ2UlNTlSqS lZUVUPOL/TfffFOdIFA2wu3A4cOHqXDTpk1sdcWKFeIEgVF77sZtzu+dvmrLli205WnTptWvX//0 6dNKuc8SB/nu1FoeEgQAAAAAAO7CvXEtWr58OQWx58+fV0oyMzNpeClgo+W77767f//+eXl5f/zj H6lQSRAkJyd36tRJ+b4DblTMnh0QHR29ffv2yspK2khhYaFRY5vxNmk73bp1i4qKWrt27ZkzZyh+ vnz5cnp6OvUnIyMjOzs7Pj4+KCjo0qVLmo0YdeD222+nl+Tk5NA+RkREiBMENoP2Rht3du/0VdXV 1a1ataJ3eeSRR1iJjxMH+e7UWh4SBAAAAAAA7sK9scuqysqPrU6vKC5VSij2njRpkqrJvx8ueNtt t91j/8KCzZs333LLLYGBgYMGDUpJSVESBLm5uW3atAkODma/w4+NjaVaVrVs2bIGDRqw5YKCAjZZ tIWmTZvS1gSNBdvMz8/v3bt3gF3Lli3PnDlD8fm9995Lq40bN54/fz5tJCYmRr8RbgfWr19PcTsV dujQYdasWSzgZ2+kUL+7UXvuxl3YO02Vzf7XHLTZXbt2sVUfJw7y3am1PCQIAAAAAADchXtjF5za /NXfBqd82nxwSdZ+bZ3QlStXysrKtKX2x/ufOHGCfaGAWHl5eXFxsbaUR7zN0tJSTU/Onj179epV Wrh06RK9CyvUb0TfgaqqqlOnTqlLxATt9Rs3ou+YUdUTTzzRuXPnG5v4LnGQ706t5Vk/QSD7UyIA QAAnOACAU3DZ9BxZ7o29T3/UVZ27uG/aoo2NB6YFxm1scI+z2QHwvtLS0vDw8KVLl2orVPQTXYfE Qb47taZ8ahxcYP0EgezfMwEAAjjBAQCcgsum58hyb+x96qPu1OavvugxPq1eXyrcevvwjMghyA5I 4dChQ6+88or6qRB6PnV5EQf57tSa8qlxcAESBAAgMZzgAABOwWXTc2S5N/Y+OupUHxnoQ6v080XX /4PsgMX41OVFHOS7U2vKp8bBBUgQAIDEcIIDADgFl03PkeXe2PvoqNvQ4G6WF1B+NoTF/+PNdd/P fYeW2UeysSz7cpovXV7EQb47taZ8ahxcgAQBAEgMJzgAgFNw2fQcWe6NvY+Ouqqy8h8Xf7i59bCN De9hHyLY2CDh06b34hMEVuJTlxdxkO9OrSmfGgcXWD9BwNJaAGBJOMEBAJyCy6bnyHJv7H3qo670 67yvH3z+k7D4T8ITPgkdgByBlfjU5UUc5LtTa8qnxsEF1k8QAAAAAAB4Gu6NHad8oCAtMG5DeAJy BFDrxEG+O7WWhwQBAAAAAIC7cG/sgtKv87555MVPmw9GjgBqlzjId6fW8pAgAAAAAABwF+6NXVZV Vn5sdXpFcam2AsBV4iDfnVrLQ4IAAAAAAMBduDcG8B3iIN+dWsuzfoJA9qdEAIAATnAAAKfgsuk5 stwbex+OOj/hUxMtDvLdqTXlU+PgAusnCGT/ngkAEMAJDgDgFFw2PUeWe2Pvw1HnJ3xqosVBvju1 pnxqHFyABAEASAwnOACAU3DZ9BxZ7o29D0edn/CpiRYH+e7UmvKpcXABEgQAIDGc4AAATsFl03Nk uTf2Phx1fsKnJloc5LtTa8qnxsEFSBAAgMRwggMAOAWXTc+R5d7Y+3DU+QmfmmhxkO9OrSmfGgcX WD9BIPtTIgBAACc4AIBTcNn0HFnujb0PR52f8KmJFgf57tSa8qlxcIH1EwQAAAAAAJ6Ge2MA3yEO 8t2ptTwkCAAAAAAA3IV7Y1Dk5+cXFxdrS8GLxEG+O7WWhwQBAAAAAIC7cG/srEWLFs1U+eyzz7Qt PGDhwoUU77FlpQPPP/88LWdnZ9/Y9lezZ89W91MhSAF07dr16aef1paCF4mDfHdqLQ8JAgAAAAAA d+He2FkdOnRo27btmBofffSRtoUHtGvXbvLkyWyZdWD06NEJCQlRUVE0fVOnTq2srLzxFbZJkyax HlLjhg0bKh0uLCzUtFQgQVDnxEG+O7WWZ/0EgexPiQAAAZzgAABOwWXTc2S5N/Y+o6OO4vPHHntM W1obrl+/ri2qoUkQKB24cuUKhfQ0gwsXLvxP6xtNnDixU6dO2lIecYJA0D2pGU10nRAH+e7UmvKp cXCB9RMEsn/PBAAI4AQHAHAKLpueI8u9sfcZHXXcBEFRUdFDDz3U1G7kyJGnTp1i5cOHD09NTR0z ZkxERMRxu0GDBoWHh8fExDz++OPR0dEs6v7555+HDBkSFhbWtm3b9PT0GzZtZ5QgINeuXYuNjY2K ilJKNPQJAqPeKgmC4uLiPn36vPrqq6yc2z3atblz586YMaNFixbdu3ffuXMnK5eO0UTXCXGQ706t KZ8aBxcgQQAAEsMJDgDgFFw2PUeWe2PvMzrqKD4fOnToLrucnBwqqa6u7tmzZ5cuXTIyMih+poVe vXpR3G6zh9yBgYETJkzIzMz85z//ScFb586dP/vss2+++YZeQiN//fp1akkB9qBBg/bt25eSksIN 9QUJAvLCCy/QpsrKytSFCk2CQNzbp59+ury8nPqTmJhYVVVlsycguN2jxsHBwTQUmzZtiouL69+/ v/IWcjGa6DohDvLdqTXlU+PgAiQIAEBiOMEBAJyCy6bnyHJv7H1GRx3F540bN+5sN2DAACr59ttv aQxXrVrFGqxcuZJW9+7da7NH0UlJSaw8JyeHylevXs1WqT1LEOzevTvA/jcC1ICCOlrOy8tjbRTi BMGiRYvoVcoHATQ0CQJxb6dOnTpw4MBu3bqVl5ezBkbdo8YJCQlXrlyh5QULFoSHh//6BrIxmug6 IQ7y3ak15VPj4AIkCABAYjjBAQCcgsum58hyb+x9RkedPj5PS0ujMdy/fz9bpWCbVjds2GC78a/6 qUTdTEkQsJe3b9/+NzU2btzI2ijECQKK6hs2bKguUdMkCMS9DQkJodX33ntP017fPfWuLV26FAmC WiEO8t2pNeVT4+AC6ycIZH9KBAAI4AQHAHAKLpueI8u9sfcZHXX6+Dw7O5vGcO3atWx1zZo1tJqb m2u7MYouLi4ODAyk4I2tzpo1iyUI2K/o33mH/3aMIEFw7ty5xo0bjx49WinR0CQIxL198sknR40a RdF+VlYWa2DUPcskCIwmuk6Ig3x3ak351Di4wPoJAgAAAAAAT8O9sbP0CYLKysr27dvHx8cfOXIk Ly+vb9++HTt2ZN87qPlegD59+rRo0SI1NfWRRx5p2LBhYGAgFV69erVHjx7R0dHbt2+nV9EW9N9E qEkQjBw58vjx49Ry/fr1FPxHRkaePHnyxlf8hyZBYNrbqqqqpKSkRo0asb87MOqeZRIEPkUc5LtT a3lIEAAAAAAAuAv3xs7SJwgIhc0UmAXYde/e/dChQ6w8NjY2JSVFaUZR/ejRo++6664//OEPL7/8 ckREBCsvKChgExEYGNi0adPNmzcrL2EopJ8yZQpbpg6wNwoJCaE3nT59+rlz525sfgP9txiY9vby 5cvx8fHNmzc/evSozaB76l1btmxZgwYNft06uEEc5LtTa3lIEAAAAAAAuAv3xrWopKREHKurDRgw oFevXuqS8vLy4uJidYlHOdVbm9e755/EQb47tZaHBAEAAAAAgLtwb+xNY8eOfeCBB/70pz/17t07 MDCQPRoQQCEO8t2ptTzrJwhkf0oEAAjgBAcAcAoum54jy72x93niqPviiy/mzp07YcKE559/Picn R1sNdcETE+0ycZDvTq0pnxoHF1g/QSD790wAgABOcAAAp+Cy6Tmy3Bt7H446P+FTEy0O8t2pNeVT 4+ACJAgAQGI4wQEAnILLpufIcm/sfXTU1e2PtkPgGT411OIg351aUz41Di5AggAAJIYTHADAKbhs eo4s98beV7dHXd2+u1/xqaEWB/nu1JryqXFwARIEACAxnOAAAE7BZdNzZLk39r66Perq9t39ik8N tTjId6fWlE+NgwusnyCQ/SkRACCAExwAwCm4bHqOLPfG3le3R53s0ZpE6naiNcRBvju1pnxqHFxg /QQBAAAAAICn4d7YNyFB4J/EQb47tZaHBAEAAAAAgLtwb+ybkCDwT+Ig351ay0OCAAAAAADAXbg3 9k1IEPgncZDvTq3lIUEAAAAAAOAu3Bv7JiQI/JM4yHen1vKsnyCQ/SkRACCAExwAwCm4bHqOLPfG 3md61FWVlR9bnV5RXKqtqA1IEHiN6UR7kzjId6fWlE+NgwusnyDARQHAwnCCAwA4BZdNz5Hl3tj7 BEdd6dd534x84dPmg0uy9mvraong3aF2+dRQi4N8d2pN+dQ4uAAJAgCQGE5wAACn4LLpObLcG3uf /qirKiv/x5vrNrd6IC0wbkN4gueyAzbeu4OH+NRQi4N8d2pN+dQ4uAAJAgCQGE5wAACn4LLpObLc G3uf+qgr/Tove/iMT0LjPwmJ3xAen95skEezAzYc817kU0MtDvLdqTXlU+PgAiQIAEBiOMEBAJyC y6bnyHJv7H101CkfGdjQ4G5apZ9Nje7xQnbAhmPei3xqqMVBvju1pnxqHFxg/QSB7E+JAAABnOAA AE7BZdNzZLk39r7dya+wpEBd/Wg7BJ7hU5cXcZDvTq0pnxoHF1g/QQAAAAAA4Gm4NxaoKis/8MyS TU0S0wL7sKB9W+dH0iOHeOETBOCfxEG+O7WWhwQBAAAAAIC7cG/siOJtudvvmpQW1C8tIG5LqweQ IwAPEQf57tRaHhIEAAAAAADuwr2x41QfKIjb2OBu5Aig1omDfHdqLQ8JAgAAAAAAd+He2AXF23Kz hj7zafPByBFA7RIH+e7UWp71EwSyPyUCAARwggMAOAWXTc+R5d7Y+0yPuqqy8mOr0yuKS7UVIBXT ifYmcZDvTq0pnxoHF1g/QYAnlwJYGE5wAACn4LLpObLcG3sfjjo/4VMTLQ7y3ak15VPj4AIkCABA YjjBAQCcgsum57B745tuuukeuNGogFbaIrAin5poOhMFQf49whSAuNaU7JdZJAgAQGI4wQEAnILL puewe2MA8B1GQb44BSCuNSX7ZRYJAgCQGE5wAACn4LLpOcuXL/9tjR49elB00aVLl5iYmN/4vVEB rbRFYEU+ONGTJk3iBvniFIC41pTsl1nrJwhkf0oEAAjgBAcAcAoum96Rm5u7ZcuW9evX/w/8z/+s e/D32iKwIp+daDoT6Xyks7KgoICdoeIUgLjWlOyXWesnCAAAAAAAvOngwYMUUaSnp1Nk8n8BoO7Q OUhnIp2PdFaeOnWKnaHiFIC41vKQIAAAAAAAqE0US+zZs4eCii1btnwCAHWHzkE6E+l8pLOytPTX r9IUpwDEtZaHBAEAAAAAQG06deoUhRMHDx7Mzc39XwCoO3QO0plI5yOdleXl5ewMFacAxLWWhwQB AAAAAEBtojiktLSUApKCgoL/BwB1h85BOhPpfKSzsrKykp2h4hSAuNbyrJ8gkP0pEQAggBMcAMAp uGyC9+Go8xMSTbQ4BSCuNSXROHBZP0Eg+/dMAIAATnAAAKfgsgneh6POT0g00eIUgLjWlETjwIUE AQBIDCc4AIBTcNkE78NR5yckmmhxCkBca0qiceBCggAAJIYTHADAKbhsgvfhqPMTEk20OAUgrjUl 0ThwIUEAABLDCQ4A4BRcNsH7cNT5CYkmWpwCENeakmgcuKyfIJD9KREAIIATHADAKbhsgvfhqPMT Ek20OAUgrjUl0ThwWT9BAAAAAH5r6dKl9wAA+KTly5drr1ngFfcIUwDiWstDggAAAAAsi92uAAD4 IERSdUWcAhDXWh4SBAAAAGBZ7HYlPj7+TyAndrcJYDE33XQTIqk6JE4BiGstDwkCAAAAsCx2u0Jx 5nmQE02fdlIB5IdIqm6JUwDiWssTXXPFB6641nfI/pQIABDACQ4AYkgQyA4JAgvAf9Z67NLUo0eP 3NzcgwcPUvB56tSp8vJybTupSDTR4hSAuNaUROPAJbrmilMA4lrfIfv3TACAAE5wABBzJ0FQZqct 9bwPPvhg9erVFC1oK1z1+eeff/XVV2xZ2SnN3nFXBdLS0vLy8pT2noMEgQXgP2s9JQTdsmULBZ97 9uyh+LO0tFTbTioSTbQ4BSCuNSXROHCJrrniFIC41nfIPkMAIIATHADEXE4QpKam0gtDQ0N/+ukn bZ2HtWjRgt66tsLvzZs3N2jQYPv27Wy1T58+tPE1a9Z06tSJFrKyslh5y5YtaXXfvn20fO7cuWbN mk2YMIH9mbTeLbfcsmTJklatWrH2HhWABIH88J+1Hrs0denSZf369enp6RR/Hjx48NSpU9p2UpFo osUpAHGtKYnGgUt0zRWnAMS1vkP2GQIAAZzgACDmWoKgtLSUol8WDL/66qva6tqWlJTUqFGjnTt3 stVPP/2UYobi4uIbW7nis88+CwsLGzZsmFISFxdHO/Xee+9NmTKFFubNm0eFFOeznX3rrbdodceO HbT8/vvvr1u37n27e++9l0qon2yVunf69OmYmJgWLVocOnRI2bgnBCBBID/8Z63HLk10ElEISifU li1bcnNzCwoKtO2kItFEi1MA4lpTEo0Dl+iaK04BiGt9h+wzBAACOMEBQMy1BMGHH35Ir5o4cSL9 265duzLVZ++/+OKLESNG3HLLLU2bNo2NjRUU7tmzZ/DgwVRCUfTkyZOVgL9fv34dO3ZcvXp1jx49 hg8fTn0LCQmhN2rduvWkSZOUBkeOHKHlgwcP/u53v6MtNG7cmGL7jRs3qjfy8ccf9+3bt1mzZsnJ yWfPnmVValRbv379/Px8pURJENBdLy0MHDiQCpctW/bv9EBAwNixY2mVuhQUFHT8+HHlVU888QTV pqSkKCXn7dkHKnz88cfVhbUrMzMzIiJCO6kgG/xnredmCOqbJJpo8fiLa01JNA5c1k8QyP6UCAAQ wAkOAGKuJQgSExPbtm1LITf7HIESlpeWlt5yyy1UMn/+/LfeemvatGlGhYWFhVFRURRmp6amJiUl Ue3LL7/MNsL+giA4OLh3794zZszYunXrrbfeSiVPPfXURx99pDTIy8s7ceJE69atafnBBx+kluHh 4YGBgdu2bVPahIaGDho0iP0hwPr169n2FT/88AOVd+7cWV2oJAgo/q9Xr15YWNjp06dHjRrVpUsX WqW9pja9evW666671K/iJgjohbSDzZs3VxfWoszMTBrYrKws7aSCbPCftZ6bIahvkmiixeMvrjUl 0ThwWT9BAAAAAH7LhQTBvn37KA6fO3cuLc+ePZteft9997Gq0tJSFplPnDhx7969gsK//vWvVNK1 a9fdu3dTNE7LFHWzKtZ42bJlbJXExsZSyY4dO9QN8vLyVq5cSQu0ysonTJgQYE8WKG3+/Oc/n6+J 3mfOnPnr5mqw3/D/7ne/UxcqCQJa7tmzJy1nZGRERUXNmDHjjjvuoNWvv/66Xr16mhHjJghIhw4d qLywsFBT7j5kB8Da3AxBwU3i8RfXWh4SBAAAAGBZLiQIfv/73wfY/zaYYunOnTvTclBQ0OHDh1nt unXrbr755gA7itXZdw3oC+kd2Wpgjdtuu41tQf8MQqMEAdvIkCFDWPmf//xnWqWoXrORmTNnBvAS BNu2bQsQJgiee+45Wh4+fDj9u2nTpsmTJwfYsyH075dffql+lZcTBMgOgOX5eQha58TjL661PCQI AAAAwLKcTRCcPn26adOmPXr0mFaDRe8zZsxQ2pw4cWLx4sXUjMqXL1/OLWSfILjttttKSkqUFzJG CYKtW7dqGrz11lu00KZNG1b+5JNP0ip74qAjCYJ//OMfAfbHpKsL1QmC9PT0ALvg4OCioqLVq1ez 1Ztuuqm0tFT9Km6C4MyZM574EwNkB8Af+HkIWufE4y+utTwkCAAAAMCynE0QsMBeidXP279TgEoi IyPPnj1bWFg4YcKEt99++4svvmCfz1+6dCm38NixY+zBBA888AAF3osXL/7973/PNqhPEIwdOzbA /qt+9fMFqAHdjzZr1oyWn3nmmbfeeottcN26dZqNGCUISO/evUNDQ9W/4b/rrrsC7N9QcN6eDaHa gJo/fzh8+HCA3YgRI5T2DDdBQHfMVPjYY4+pC92E7AD4CT8PQeucePzFtZZn/QSB7E+JAAABnOAA IOZsgoAi6k6dOqlLysrK2rVrx4LqgoKCtm3bBgUF0WpUVNS0adPOnTvHLaQXZmdnUzQeGBhI5SEh IbRltkFqE3BjgoBuPdnf/0dHR2sa7Nixo0uXLgF2zZo1Yw8d0LQRJAjY1zFMnTpVKWEZh88++4yt svFRIn/2UMa//OUvSnuGdirAnqdQSmhY+vfvHxoaumfPnv+0cw+yA1aF/6z1LBmCSjTR4vEX15qS aBy4rJ8gkP17JgBAACc4AIg5myBwxOnTp7/77jtHCklRUdHhw4c1n9jnOnTokPJViBrHjh37xz/+ oS11zOTJk+vVq/eHP/yBhuLOO+8MsH8a4uTJk9p2TlqzZg1tasmSJdoKVyE7YGH4z1rPzRDUN0k0 0eLxF9eakmgcuJAgAACJ4QQHADFPJAjkcu7cOdr9WbNm3XnnnR07dkxKStq1a5e2kfP+8pe//Pd/ /7e21FXIDlgb/rPWczME9U0STbR4/MW1piQaBy4kCABAYjjBAUAMCQLfh+yA5eE/az03Q1DfJNFE i8dfXGtKonHgQoIAACSGExwAxNjtCviyiIgIZAesDf9Z67kZgvomiSZaPP7iWlMSjQOX9RMEsj8l AgAEcIIDgJgstyteg8smeB+OOj03Q1DfJNFEi8dfXGtKonHgsn6CAAAAAPwWblcAwAe5GYKCm8Tj L661PCQIAAAAwLJwuwIAPsjPQ9A6Jx5/ca3lIUEAAAAAloXbFQDwQX4egtY58fiLay0PCQIAAACw LNyuAIAP8vMQtM6Jx19ca3nWTxDI/pQIABDACQ4AYrLcrngNLpvgfTjq9CwZgko00eLxF9eakmgc uKyfIJD9eyYAQAAnOACIyXK74jXeuWzm5+cXFxdrS11SUVFx8eLF7777rrKykv7917/+pW3h23yt 8+5PDc2ItsiMd446ubgZgvomiSZaPP7iWlMSjQMXEgQAIDGc4AAgJsvtite4cNmcPXv2TB5BnNm1 a9enn35aW+q8I0eOJCUlffTRRzSJtEz/7tu3T9vIK5YsWZKRkaEtdYDjnV+4cCHFIWx50aJFbJCf f/55Ws7Ozr6x7a/qZGqeeeaZ9PR0bamQC0ed5bkZgvomiSZaPP7iWlMSjQMXEgQAIDGc4AAgJsvt ite4cNmcNGnSGLu2bds2bNiQLZPCwkJt0xruR6GksrKyU6dOb7zxxtatWxs0aHDy5Emayh9//FHb zjP+bqesDhgwgGJ1Vb2jHO98u3btJk+ezJY7dOhAoz169OiEhISoqCh67dSpU2lAbnxF3UxNdnZ2 WFhYfn6+tsKYC0ed5bkZgvomiSZaPP7iWlMSjQMXEgQAIDGc4AAgJsvtite4c9mcOHEiRezaUh5x FHr9+nVtEc8bb7xBcS9FxX/7298iIyMvXrxIU0mRtradq8Td6NevH+2vttR5jndekyB47LHH2PKV K1doMOnlCxcu/E/rG3l5ah5++OERI0ZoS425c9RZlZshqG+SaKLF4y+uNSXROHBZP0Eg+1MiAEAA JzgAiMlyu+I17lw29VFoUVHRQw891NRu5MiRp06dYuVKFFpcXNynT59XX32Vlf/8889DhgwJCwuj yF/5mPrw4cPnzp07Y8aMFi1adO/efefOnaw8Ojp6wYIFtHDhwgUqvHbtWmZmJkXLVPLaa6/RZkND Q7t167Zjxw7WnmoTEhJCQkJatWp19OhRQaFRN1JTU8eMGRMREfHEE0/Qxhs1akR9+OCDD1gtvSlr abTX3B3Rd96IUYKA0MtjY2OjoqKUEg0vT01WVlZQUNDp06fZqil3jjqrcjME9U0STbR4/MW1piQa By7rJwgAAADAb+F2pRZpotDq6uqePXt26dIlIyODQkpa6NWrF4WytpootLy8nKLKxMTEqqoqmz3K pdVBgwbt27cvJSVFCXepcXBw8NChQzdt2hQXF9e/f38qPH78OE0clShvp7Zw4cKNGzceOXIkPj5+ 4MCBNntnIiMjp02bVlBQQHHsxYsXjQoF3QgMDJwwYQJF8j/88AMF5Pfff/+ePXvOnj3LallcLd5r /Y44TpAgIC+88AINSFlZmbpQ4c2pIadPn6bOrFu3ruYNwWluhqDgJvH4i2stDwkCAAAAsCzcrtQi TRT67bff0tiuWrWKra5cuZJW9+7da7MHllOnTqXQvVu3bhSLsga7d+8OsH9OPicnh264aTkvL481 TkhIYL9dX7BgQXh4uM3+O2pqcOjQIfZarl9++eXFF19s1KiRzf7Z+JYtW1IYTCG90oBbKOhGUlKS 0kzzJwZKgkC81/odcZw4QbBo0SJ6I+WDABrenBomIiJi/vz5yio4y89D0DonHn9xreUhQQAAAACW hduVWqSJQtPS0mhs9+/fz1Yp/qTVDRs22OyBZUhICK2+9957mvbt27f/TY2NGzeyxspfxS9dupRF odnZ2dT4wIEDysvV3n777dtuu61Fixa0NZYgsNmj3OjoaHrVsGHDSkpKjAod6YbNOEEg3mv9jjhO nCCgqL5hw4bqEjVvTo3Nnnmh5UWLFilbAGf5eQha58TjL661PCQIAAAAwLJwu1KLNFEoi+HXrl3L VtesWUOrubm5Nntg+eSTT44aNYrCyKysLNaA/Zr6nXe0f53LjUJPnDhBjT+p+do/NfbhgnfffZeW 33zzTSVBYLMHrvSSiIiIF154wajQkW7Y7AmC8ePH62vFe63fEccJEgTnzp1r3Ljx6NGjlRINb04N YV/KkJaW9p+m4CQ/D0HrnHj8xbWWZ/0EgexPiQAAAZzgACAmy+2K17hz2dREoZWVle3bt4+Pjz9y 5EheXl7fvn07duzIvoqPBZZVVVVJSUkUwLMPt1+9erVHjx7R0dHbt2+nZvQS9m18RlEoNZ43b96v b6aSnp5Oc5qRkUFhML17UFDQpUuXKioqKL49ceJEaWlpq1atpk+fTi25hY50gyQnJ9POXrhwga0q taZ7zdoLEgQzZsyYNGmStlSXIBg5cuTx48fpLdavX089iYyMFHwJgpenZseOHaGhoefPn//1/cy4 c9RZlSVDUIkmWjz+4lpTEo0Dl/UTBLJ/zwQACOAEBwAxWW5XvMb0sllVVn5sdXpFcam2QheFEook 6R46wK579+7KIwNiY2NTUlJo4fLlyxSmNm/enH2DQEFBAZuRwMDApk2bbt68Wd2YLFu2rEGDBmyZ bsopKtY/lo+i2XvvvZc20rhx4/nz51P7mJiYixcvUoBNm6XAdfDgwewB+9xCmwPdILm5uW3atAkO DmYfVVDXmu617cYd0ejZs2eLFi20pTYbhfRTpkxhyx06dGDbDwkJofeaPn36uXPnbmx+A29OzfXr 1xMSEp577jlW7gjTo84PuRmC+iaJJlo8/uJaUxKNAxcSBAAgMZzgACAmy+2K1wgum4Ufffm3e5/+ tPngkqxf/3bdQSUlJeLwVaO8vLy4uFhbyjNnzpwnnnhCW2p39uzZq1ev0sKlS5eUh+1duHBBWVZw C20OdIMi4RMnTlRXV2sr7Jzda8UXX3xBkbm21DOc7aTpmBAKme677z6jYeESHHV+y80Q1DdJNNHi 8RfXmpJoHLiQIAAAieEEBwAxWW5XvEZ/2fzX6XPfTpi7IeLutMC4jRH3OJsd8LQ333xTWyS50aNH s9/PS2rlypWXLl3SlgrpjzpwMwT1TRJNtHj8xbWmJBoHLiQIAEBiOMEBQEyW2xWvUV82Cz/6ctsd j6YF9qHCzzqOzIgc4mvZAUu6fv26tsjq8J+1npshqG+SaKLF4y+uNSXROHBZP0Eg+1MiAEAAJzgA iMlyu+I1dNn8z0cGAuLYz47ek5AdAM/Bf9Z6boagvkmiiRaPv7jWlETjwGX9BAEAAAD4LdyuaBR/ nruhwX9SA/jBjxd+tEchuB2CgpvE4y+utTwkCAAAAMCycLuiV1VWfnTpR1vajNjUeODHwf0pftsQ OuDTmxLxCQIAr/HzELTOicdfXGt5SBAAAACAZeF2RaD067xvRr34SXjCxsYDP6nfDzkCAK/x8xC0 zonHX1xreUgQAAAAgGXhdsWU8oGCtMA+G8ISkCMA8AI/D0HrnHj8xbWWZ/0EgexPiQAAAZzgACAm y+2K1wgum6Vf5+X+n5c+bT4YOQKoXYKjzm9ZMgSVaKLF4y+uNSXROHBZP0GAJ6MAWBhOcAAQk+V2 xWtML5tVZeXHVqdXFJdqKwBcZXrU+SE3Q1DfJNFEi8dfXGtKonHgQoIAACSGExwAxGS5XfEaXDbB +3DU6bkZgvomiSZaPP7iWlMSjQMXEgQAIDGc4AAgJsvtitfgsgneh6NOz80Q1DdJNNHi8RfXmpJo HLiQIAAAieEEBwAxWW5XvAaXTfA+HHV6boagvkmiiRaPv7jWlETjwGX9BIHsT4kAAAGc4AAgJsvt itfgsgneh6NOz80Q1DdJNNHi8RfXmpJoHLisnyAAAAAAv4XbFQDwQW6GoOAm8fiLay0PCQIAAACw LNyuAIAP8vMQtM6Jx19ca3lIEAAAAIBl4XYFAHyQn4egdU48/uJay0OCAAAAACwLtysA4IP8PASt c+LxF9danvUTBLI/JQIABHCCA4CYLLcrXuPsZfP8+fPff/+9thTM5OfnFxcXa0v9lbNHnT+wZAgq 0USLx19ca0qiceCyfoJA9u+ZAAABnOAAICbL7YrXGF02Fy5cSDfB2lKbbdWqVTSA169f11Y4acmS JRkZGdpSZxw8eHDmzJl5eXnaCs+bPXv2TB5BCqBr165PP/20ttRfGR11/szNENQ3STTR4vEX15qS aBy4kCAAAInhBAcAMVluV7zG6LLZrl27yZMna0vdSBD83U5ZHTBgwPPPP8+tctCjjz5KPUlOTtZW eN6kSZPG2LVt27Zhw4ZsmRQWFmqb1kCCQM3oqPNnboagvkmiiRaPv7jWlETjwIUEAQBIDCc4AIjJ crviNUaXTccTBA4mC/r16zdx4kRtqZ2gykhpaWmIXXh4+IULF7TVDnOw80ao2506ddKW8ogTBG52 QzpGR50/czME9U0STbR4/MW1piQaBy4kCABAYjjBAUBMltsVrzG6bKoTBIWFhYMGDaJQvEuXLqNG jVISBD///POQIUPCwsLatm2bnp7OGg8fPnzu3LkzZsxo0aJF9+7dd+7cSYWzZs0KDQ1t1KhRdHT0 Bx98wJq99tpr+ira4PTp09mmyJQpU5599lllVbF48WJ61fvvv0+dWbFihVJ+8uTJ0aNHR0ZGUi1t sLKy0qiQ2/nMzMyEhISQkJBWrVodPXpUUMjoEwRFRUUPPfRQU7uRI0eeOnWKlSsJguLi4j59+rz6 6qusnNsN7hhaidFR58/cDEF9k0QTLR5/ca0picaBy/oJAtmfEgEAAjjBAUBMltsVrzG6bCoJguvX r/fs2ZPi2y+//JLuibt168YSBNeuXaPYddCgQfv27UtJSYmKimIvpJbBwcFDhw7dtGlTXFxc//79 qfD48eOxsbH333//nj17zp49y5qxgFlTNW/ePArFS0pKbPbERFBQ0NatW5VeKWJiYsaNG1ddXd26 desePXqwwqtXr9Jys2bNlixZ8sMPP2zevJkacAu5nafyyMjIadOmFRQUUEx+8eJFo0KFJkFAjWms unTpkpGRQdE+LfTq1Yvey1azv+Xl5fS+iYmJVVVVVMjtBmusH0MrMTrq/JmbIahvkmiixeMvrjUl 0ThwWT9BAAAAAH4LtysOUhIEFLvSiL377rusXPkTg927d9PCwoULc3Jy6HaZltnzAim4TUhIuHLl Ci0vWLAgPDycvVDzdwTqj9yrq4qKioKCghYvXkzLL774Yps2bViArfbVV1/R29G/tDxnzhxapk7S MuvSzJkz1Y0FhZrO0061bNmSQvo9e/YoLbmFCk2C4Ntvv6VN0RCx1ZUrV9Lq3r17bfb9nTp16sCB A7t161ZeXs4acLvBGnPHECzMzRAU3CQef3Gt5SFBAAAAAJaF2xUHKQkCFrgeOHCAlSsJgrS0NFpo 3779b2ps3LjRdmPkv3TpUmcTBGTYsGExMTGVlZWRkZGvv/66Uq5ITk6mtx4zZszYsWMTExNpmf1V AutSZmamurGgUN95itijo6OpivrAPsVgVMhoEgRss/v372ere/fupdUNGzbY7PsbEhJCq++9956m vb4bRmMIFubnIWidE4+/uNbykCAAAAAAy8LtioOUBMHhw4dpxDZt2sTKV6xYEaD6BME772g/OmsU 3Pbr12/8+PHcZpqqLVu20JanTZtWv37906dPK+XM+fPnw8LCxo4d+1814uLimjRpcvny5dzcXHph amqquj230KjzNvtHBujuPyIi4oUXXhAX2nQJguzsbNrs2rVr2eqaNWtolTpgs+/vk08+OWrUKBqQ rKws1sCoG0ZjCBbm5yFonROPv7jW8pAgAAAAAMvC7YqD1A8pvP322+Pj43NycujmmIJkliBgf9sf HR29ffv2ysrKvLw89iV/RsFtcnIyxdLKNw6om2mqqqurW7VqRe/yyCOPsBK15cuX0zbPnz+vlGRm ZlJj6ht1qVu3blFRURSinzlzZsuWLZcvXzYq1He+oqKCYvUTJ06UlpZSB9inEriFCk2CgDbVvn17 GqsjR47QNvv27duxY0f2TES2v1VVVUlJSY0aNWJ/d8DthtKYbRMJAj/h5yFonROPv7jW8qyfIJD9 KREAIIATHADEZLld8RqjyyYFulOmTGHL69evpxiVxq1Dhw6zZs1iCQIqLygoYOMZGBjYtGnTzZs3 U2FsbGxKSgp74bJlyxo0aMCWc3Nz27RpExwczB5noG6mqSIvvfQSbXbXrl1sVY2i/UmTJqlLrl27 dtttt1FPaDk/P793794Bdi1btjxz5oxRob7zFy9ebNeuHa2GhoYOHjyYfXiBW6jQJAgIBfkURbD3 6t69+6FDh1i5sr+XL1+Oj49v3rw5+0IEfTfUjW03jqGPqyguPbY6vars1ycsCBgddf7MkiGoRBMt Hn9xrSmJxoHL+gkC2b9nAgAEcIIDgJgstyte4+Bls6qqSvnGPo3y8vLi4mJtKc/169dPnDhRXV2t rdBVPfHEE507d76xiRNKS0vLysocKdR3/sKFC8pDBMWFAiUlJefOndOWGtN3Q1IlWfs33XTv7uQ5 pV//+2mLRhw86vyKmyGob5JoosXjL641JdE4cCFBAAASwwkOAGKy3K54jQ9eNimSDw8PX7p0qbYC ZFCw9rOPg/p9XK/PZ50fObr0I+4HCnzwqKtzboagvkmiiRaPv7jWlETjwIUEAQBIDCc4AIjJcrvi NT542Tx06NArr7yifsoAyOXfOYJ6fT6p329r+4c2Nvyt/gMFPnjU1Tk3Q1DfJNFEi8dfXGtKonHg QoIAACSGExwAxGS5XfEaXDbBE1iOgI4u+tkcdV9G1H3qDxTgqNNzMwT1TRJNtHj8xbWmJBoHLusn CGR/SgQACOAEBwAxWW5XvGbXb5+km1d28aR/sYzlWlxW/3xSvx/9u+mme4s/z2VtQM3NENQ3STTR 4vEX15qSaBy4rJ8gAAAAAL+F2xUALziZ/rdPgvuy1MDGBnd/2mxQZoeHjR5JADa3Q1Bwk3j8xbWW hwQBAAAAWBZuVwA8TckOpEcO3dDg7twxL4u/1ABsfh+C1jnx+ItrLQ8JAgAAALAs3K4AeNTJ9L99 HNQ3LbAPPjLgFD8PQeucePzFtZaHBAEAAABYFm5XADynJGv/piaJ+MiAC/w8BK1z4vEX11qe9RME sj8lAgAEcIIDgJgstyteg8sm1JaK4tJjq9Md+cgAjjo9S4agEk20ePzFtaYkGgcu6ycI0iT/ngkA EMAJDgBistyueA0um+B9OOr03AxBfZNEEy0ef3GtKYnGgQsJAgCQGE5wABBjtys33XTTPWA3KqCV tgjAw3DU6dFFyZ0Q1DdJdFd2jzAFIK41JdE4cCFBAAASwwkOAGLsdgUAwAe5HIL6JonuysQpAHGt KYnGgQsJAgCQGE5wABBbvnz5b2v06NGDbvi6dOkSExPzG381KqCVtgjAw3DUGZk0aZJrIahvkuiu TJwCENeakmgcuKyfIJD9KREAIIATHAAcl5ubu2XLlvXr1/+PH1v34O+1RQAehqNOjC5KdGmiC1RB QYH2siUVie7KxCkAca0picaBy/oJAgAAAABy8OBBuslLT0+n2/H/CwDgA+hyRBclujTRBerUqVPa yxZ4hjgFIK61PCQIAAAAwC/Q7d2ePXvoPm/Lli2fAAD4ALoc0UWJLk10gSotLdVetsAzxCkAca3l IUEAAAAAfuHUqVN0h3fw4MHc3Nz/BQDwAXQ5oosSXZroAlVeXq69bIFniFMA4lrLQ4IAAAAA/ALd fJeWltJdeEFBwf8DAPABdDmiixJdmugCVVlZqb1sgWeIUwDiWsuzfoJA9qdEAIAATnAAAKfgsgne h6POT0g00eIUgLjWlETjwGX9BIHs3zMBAAI4wQEAnILLJngfjjo/IdFEi1MA4lpTEo0DFxIEACAx nOAAAE7BZRO8D0edn5BoosUpAHGtKYnGgQsJAgCQGE5wAACn4LIJ3oejzk9INNHiFIC41pRE48CF BAEASAwnOACAU3DZBO/DUecnJJpocQpAXGtKonHgsn6CQPanRACAAE5wAACn4LIJ3oejzk9INNHi FIC41pRE48Bl/QSBl50/f/7777/Xlta2iooKbZFL8vPzi4uLtaW1xKMbd4R35sIRtTVf1ubRUfKd g0Eu7p/FHp1WAAAAABeIUwDiWstDgoBv0aJFM+3eeOONI0eOaKuNrVq1iobl+vXrtLxkyZKMjAxt C7dRf5KSkpTVgwcPUj/z8vJUTRzVtWvXp59+WlNYUlLC9l3tu+++0zQzpd64h4aCMdq4ei5cs23b ttTU1Orq6lmzZmVnZ7NCNj65ublstaysjFYp/iwqKqKj5d57750wYcLbb7+tbEQzXxZgNOBqjrTR eOaZZ9LT07WlTlq4cCFdxLWltXEwMC7sl4Y7J6ybZs+erTmvGUEKgHuJcEqtTCsAAABALRKnAMS1 locEAV+HDh3at29PcV3jxo1pN+nI0LYwoI5DBgwY8Pzzz2tbOOnvdspqZWVlp06dKBBVSh599FF6 x+TkZKVEQLM17t3/qVOnxqjceuuttP3PP/9c08yUeuMuD4Wmw1xGG3c/JvzTn/7UsGFDWrjjjjuU EaZrBG32qaeeYqsffvjhzTfffPXq1Y4dO8bExMyZM2fEiBG9evVitfr5qiuOjKSDjAZczZE2GtnZ 2WFhYfn5+doKZ7Rr127y5MnaUjcOBs24qffLtSF16oStXZMmTWInddu2benAVs7xwsJCbdMa3EuE U2plWgEAAABqkTgFIK61PCQI+Dp06PD444/b7AFeVFSUZjcFYYZTcYgjzfr16zdx4kRllUJNurmn XrHV0tLSELvw8PALFy4ozYxotmZ69//DDz/Qzf2gQYMc6aqGeOMOblDTYaeYzsX+/fvff/99bamK kiCgHWnZsiUrTElJoc326NGDrY4fP37s2LGZmZlUuGfPHlaovKlmvvQE3XOcIxtxZyS95uGHHx4x YoS2VMV0yhxPEDgyaDbhuAmqjDh7whpxsPNGqNudOnXSlvLUyllsOq0AAAAA3iROAYhrLc/6CQLX nhKhJAhInB1b/vnnn4cMGUIxM0V9yudmCwsLKYSmO/4uXbqMGjVKiUOGDx/+2muvsTa0nJqaOmbM mIiIiOPHj3O3c/LkydGjR0dGRoaGhkZHR1NUOWvWLFpu1KgRrX7wwQfUhhYWLFjA2pPFixdTAwqZ 6E1XrFihlMfHx7/11ltsedmyZTRZtKDfGt39P/nkkzNmzGjRokX37t137typbIFcvXq1V69eN910 U1FRkbpcT99z242hhXoouPtODebOnavpib7DXOqNG80FF43bfffdpy1VURIEn376KW3qxx9/pOUe PXrcfvvtQUFBly5doo1Th9euXZuTk0MN1FPDqOfLkWNA3X86AunlrP/cCbUZDGZmZmZCQgJFoa1a tTp69KjN4ZE0ehdNz9UDbkTdRt8fo8KsrCwa2NOnT7NVPf2UaU5wdYLA6GDgDpqDR6CyX5oq2uD0 6dPZpsiUKVOeffZZZVVhdMJyzyBuIbfz3MHkFjL6BAGd4w899FBTu5EjR546dYqVK2dxcXFxnz59 Xn31VVbO7QZ3DG0OTCsAeJNr90UA7sBR5yckmmhxCkBca0qiceCyfoLAte+ZYAmCn376acmSJbSb f/3rX6nw2rVrdNdLIce+fftSUlKioqJs9t+h9ezZk26jv/zySzp0unXrpsQh6giZlgMDAydMmEB3 7b/88ot+OxSNU+TZrFkzescffvhh8+bN1dXVFIzFxsbef//9e/bsOXv2LK3Sxjdt2qT0MyYmZty4 cdSydevWyu+0ya233jpnzhy2/NJLL9122220oNmazd6r4ODgoUOH0jbj4uL69++vbIG88sor9HYf fvihulCP23ObbvfZMncMWQN9T/Qd5lI2LpgLLn20qaEkCM6fP1+vXr233367vLycFtivo3fs2HHg wAGa1jNnzlCbpKQkKhw2bJjyaWrNfJkeA4L+cyeUO5g0+BRSTps2raCggCK0ixcvsp44MpLcd7Hd 2POKigrxb5UZpQ23P9xCQjEk7fK6devUm1LTT5nmBFcSBEaDyR00m8NHoLJfmqp58+ZRKF5SUmKz JyYoHt66davSKwX3hOWeQdxCbue5g8ktVGgSBNSYxqpLly4ZGRkU7dNCr1696L1sNftLhz29b2Ji YlVVlc3gwGON9WNoc2BaAcCbXLsvAnAHjjo/IdFEi1MA4lpTEo0DFxIEfB06dAio8frrr7Mgbffu 3bS6cOHCnJwc9ofoeXl5dItMC++++y57ofqTzJoIWXlSHXc7rHDmzJmsjUL9MeasrCxqc+jQIbb6 1Vdf0Sr9S8sU19EydYZVGUV6+j8xSEhIuHLlCi0vWLAgPDxcqfr73/9O9/qjR49WSowY9Vyz+2yZ u++sAbcnjnyKW9m4YC7Uvvvuu5121OfevXuzZTrtNc1sqgQBufPOO0eNGvX55583b968srIyLCyM YkLqKkVWrAFFTa+99lq4HYuFNPNlegwI+s+dUO5GqH3Lli0pwFP+3oFxZCS572K7seds1fEEAbc/ 3EImIiJi/vz5mkLBlBklCIwGkztoNoePQPW+q6uKioqCgoIWL15Myy+++GKbNm1YgK1mdMJyzyBB oSMzzi1UaBIE3377LW2Khoitrly5klb37t1rs+/v1KlTBw4c2K1bt/LyctaA2w3WmDuGNoNpBYA6 4dp9EYA7cNT5CYkmWpwCENeakmgcuJAg4OvQoQPFxgcOHGjatOkDDzzACtPS0miX27dv/5saGzdu ZPfH1JK1ESQIlGXudlhhZmYma6NQByHZ2dnq90pOTqbVMWPGjB07NjExkZaVDzkbRXqCaGfp0qXK DX1FRUXnzp1pI2VlZUpjI0Y95+4+d981jdU9cSSsVV4rmAs1it/usmvbtm3jxo3ZMoWdmma2GxME FKrdfPPN9NoHH3yQVu++++6hQ4fSv1SifslPP/1EWwsMDCwsLNTMl+kxIOg/d0K5G7HZ47fo6OgA +8cZ2O+0bY6NJPddbLqMgFMJAptBf7iFtLM09YsWLWKrCsGUGSUIjAbTaNAcPAKNEgSEdiQmJqay sjIyMvL1119XyhVGJyz3DBIU6jvPHUxuIaNJELDN7t+/n63u3buXVjds2GCz729ISAitvvfee5r2 +m4YjaHRtAJAnXDtvgjAHTjq/IREEy1OAYhrTUk0DlxIEPApzyD48MMPaTfpZtdW83uzd9654a9K Dh8+HKD6GPmKFSsCzBIE3O3k5uZSYWpqqrrQZg9Cxo8fz5ZPnDhBbT6xf4vb+fPnw8LCKNL4rxpx cXFNmjS5fPmyzR7pzZ49m71q3Lhx6gSBsjWb8Q09FQY4/M0FRj3n7j5339UNbLrwTN1hLuW1grng 0n9eXUOdINi2bRttrVmzZuxgoOENDQ0NDg5mvxBWYwNC+6ieL5sDx4Cg/9wJ5W6EoVfR+0ZERLzw wgusxJGR5L6LTZcRcDZBYOP1h1t48uRJ2iOKP5U2GvopM0oQGA2m0aA5eARqEgTqqi1bttCWp02b Vr9+ff3f2wtOWO4ZxC006ryNN5hGhTZdgoBlstauXctW16xZQ6vsizy72h9TMmrUKBqQrKws1sCo G0ZjaDqtAOBNrt0XAbgDR52fkGiixSkAca0picaBy/oJAteeEqF+SOHo0aNDQkL279/P/io4Ojp6 +/btlZWVeXl57OvBbr/99vj4+JycHDqG6F6cxSE2gwjZVvMnx5rtUGG3bt2ioqLoNv3MmTMUbLBQ Pzk5mW7llQee0wvnzZtHC8uXL6f7b4o6WLnN/kwyemvqg83+++3+/fvTlv/4xz9SoRLpabbGvaHf tWtXYGBgYmLifhX2N8wzZsyYNGkSa68w6jl397n7rmmsDi00HeZSv9ZoLrj00abGrFmzGjVqxJb/ +c9/BgcHB9T8opXlCxo3bkx7ZLMP2qpVqwoKCn755ZfnnnsuNDT02LFjNtV82Rw4BmzG/edOKHcj FRUVLDdRWlraqlUr5UMljowk911sumhfvco9JGyqNtz+cAvJjh07aOjUR7WGfsoEDynkDiZ30GwO H4HqZpqq6upq2hd6l0ceeYSVqAlOWO4ZZFSo7zx3MLmFCk2CgDbVvn17GqsjR47QNvv27duxY0f1 o0arqqqSkpLoXGB/d8DthtKYbVM9hqbTCgDe5Np9EYA7cNT5CYkmWpwCENeakmgcuKyfIDBVVVZ+ bHV6RXGpulCdICgrK7v11lvpjpnuuSkCZDtOIXTTpk03b95MDdavX0+3wlRIr6KQUgnqYmNjU1JS 2EbUy4S7nfz8/N69ewfYtWzZkj36Ljc3t02bNhSasr+mpgM0MjKSukTBgyYwu3btGkV099ifPE8b vOWWW2jjgwYNovdVIj3N1tS9WrZsWYMGDWhh4cKFrA9q7DexPXv2bNGiBWuvxu250e5z953bE5uu w1zq1xrNBRdFm/fff7+2VGXEiBGJiYnKar9+/Zo0acL+tvzixYv16tVjf25gs//SlUIgerv69etT 7MTSNDbVfNkcOwbU/Z85c6bSf6MJ1W+EOkZBMq1SfwYPHqz8KtuRkTR6F03P1atGh4TShtsfbiHt aUJCwnPPPafZlJrplFGgO2XKFLZsdDDoB83m8BGobqYf0pdeeok2u2vXLraqJj5huWcQt1Dfee5g cgsVmgQBoSCf/hdk79W9e3flwRnK/l6+fDk+Pr558+bsCxH03VA3tqnG0JFpBQAAAPAmdhtjlAIQ 11qeXycISr/O2z3ulU+bDy7J2q+tEyovLy8uLlaXVFVVKV8M5jj9dmz2b0rX/OU/3WGfOHGCfTWA zf54syeeeELdgOvKlSvcJwhotuaUL774goIEbWkNfc8FuPvO5WyHXZsLtWPHjs2fP//ll19u2LCh +rvoxKiHP/74I3VVUy6eL/04KP3XPEPBaEJtvI1cuHBBeaScwpGRFLwLl/iQUHD7oymkS/B9990n 7p6zBAeDftCMCMZNU0UT3blz5xubOIF7BnEL9Z13ZIRNlZSUnDt3TltqTN8NPU9MKwAAAIA7xCkA ca3l+WOCoKqs/OjSjzI7jUwL7LMhLN7Z7IAvePPNN7VFXjF69Gj2q0Lvo1DnVh39gw9qxaFDh+iK MHToULoiVFRUaKud59p8GT1k0U21O5K1eEisXLny0qVL2lJ5UCQfHh7OHlEBCtmnFQAAAKxHnAIQ 11qefyUISr/Oyx37yoaIezJaPvBxvT6bGv9WxuxAHar1YNVx1dXVB3VOnjypbWch+/bte+WVV7Sl bqvdkazDQ8LXHDp0iOYLf2kPAAAA4OPEKQBxreVZP0Hw/dx3lI8MfHrzkE2NBqYFxCE7AGANsj8G BgDAy3DZBO/DUecnJJpocQpAXGtKonHgsn6CIC0gbkPEPfRvWmDcv/+1/2wIHfCPN9fR5NEym0Is YxnLMi6n2b9IRl+OZSxjGctY5i6r/zVqg2Us1+KyTf5vfQMHSTTR4hSAuNaUROPA5RcJgkv/KMh+ 4I8f1++fVpMgyH7gDxm3DMUnCABkJ/slGADAy3DZBO/DUecnJJpocQpAXGtKonHg8osEwa9L168f XfLhltt/lxbQhwq/7DUBOQIA2cl+CQYA8DJcNsH7cNT5CYkmWpwCENeakmgcuPwpQVDjPx8oCOyz MeIe5AgA5KU/wQEAQACXTfA+HHV+QqKJFqcAxLWmJBoHLusnCJQ/f9Kyf6Bg18CnPm0+GDkCAEkZ nuAAAMCDyyZ4H446PyHRRItTAOJaUxKNA5f1EwSmqsrKj61Orygu1VYAAAAAAACAtYhTAOJay0OC AAAAAAAAAPyFOAUgrrU8JAgAAAAAAADAX4hTAOJay0OCAAAAAAAAAPyFOAUgrrU86ycIZH9KBAAI 4AQHAHAKLpvgfTjq/IREEy1OAYhrTUk0DlzWTxDI/j0TACCAExwAwCm4bIL34ajzExJNtDgFIK41 JdE4cCFBAAASwwkOAOAUXDbB+3DU+QmJJlqcAhDXmpJoHLiQIAAAieEEBwBwCi6b4H046vyERBMt TgGIa01JNA5cSBAAgMRwggMAOAWXTfA+HHV+QqKJFqcAxLWmJBoHLusnCDz3lIj8/Pzi4mJtqVdU VFRoi2rUYa+Y8+fPf//999rSuiAYJVB4dJS8cDB47gSvQ+6fxR6dVgCQmiUvm+DjcNT5CYkmWpwC ENeakmgcuKyfIBA7ePDgzJkz8/LytBUO6Nq169NPP60tddiSJUsyMjK0pQ44cuRIUlKStrSGulcu v4UjjDa+atUqOjCuX7+urXDYtm3bUlNTq6urZ82alZ2dzQpLSkpopnJzc9lqWVkZrVL8WVRU9MYb b9x7770TJkx4++23lY2IR0lGRgOu5kgbjWeeeSY9PV1b6qSFCxfSpVNbWhsHA+PCfmm4c6a7afbs 2TN5BCkAN68ttlqaVgAAAABLEqcAxLWW5+8JgkcffZT2Ijk5WVvB83c7ZdXNm/gBAwY8//zz2lIz lZWVnTp1opBYW1FD3SvX3sKm21Muo427HxP+6U9/atiwIS3ccccdytTQmUmbfeqpp9jqhx9+ePPN N1+9erVjx44xMTFz5swZMWJEr169WK3pKHmNIyPpIKMBV3OkjUZ2dnZYWFh+fr62whnt2rWbPHmy ttSNg0Ezbur9cm1InTrTa9ekSZPG2LVt25YObLZMCgsLtU1ruHltsdXStAIAAABYkjgFIK61PL9O EJSWlobYhYeHX7hwQVut069fv4kTJyqr7t/EO0ITXFHQS2EGBcDqQjVxrxwM1TR76hTTmHD//v3v v/++tlRFSRDQjrRs2ZIVpqSk0GZ79OjBVsePHz927NjMzEwq3LNnDytU3tR0lATdc5wjG3FnJL3m 4YcfHjFihLZUxXTKHE8QODJoNuG4CaqMOHumG3Gw80ao2506ddKW8tTKWWw6rQAAAAD+SZwCENda nl8nCBYvXhwaGkqRD+3IihUrlPL4+Pi33nqLLS9btoz2lBZmzZpFjRs1ahQdHf3BBx/Y7DfxTz75 5IwZM1q0aNG9e/edO3eylxQVFT300ENN7UaOHHnq1ClWPnz48NTU1DFjxkRERBw/fpxWX3vtNZs9 eom+0R/+8Acq//nnn4cMGRIWFkaxrvJpYapdsGABWz558uTo0aMjIyOpY1TO4mF1aKG8hc1ga9Rg 7ty5ml3Q7ymXeuOFhYWDBg2i6KtLly6jRo0SJwhowO+77z5tqYqSIPj0009pUz/++CMt9+jR4/bb bw8KCrp06RJtnDq8du3anJwcaqAMiEI9Spph546Duv+PP/44vZz1n3sk2AwGMzMzMyEhgaLQVq1a HT161ObwSBq9i9EBI6Buo++PUWFWVhYN7OnTp9mqnumUqRMERgcDd9AcPAKV/dJU0QanT5/ONkWm TJny7LPPKqsKozOdewZxC7md5w4mt5DRJwiMrhXKWVxcXNynT59XX32VlXO7wR1DmwPTCgAAAOCf xCkAca3lWT9BIHhKRExMzLhx46qrq1u3bq38aprceuutc+bMYcsvvfTSbbfdRgsUocXGxt5///17 9uw5e/aszX4THxwcPHTo0E2bNsXFxfXv358KaWs9e/ak0CgjI4Pu4GmhV69e165dY+0DAwMnTJhA IURFRYUSA1y9enVPjccee4xG9d1336WX0L0+BVr79u1LSUmJiopifaBaejv2Kupzs2bNlixZ8sMP P2zevJnemr2LkiBQlrlbM9oF/Z5yKRun8I92mVa//PJLOnm6detWWwmC8+fP16tX72OjAN8AAIAA SURBVO233y4vL6cF9uvoHTt2HDhwgEbyzJkz1CYpKYkKhw0bpnyaWj1KthuH/ZdfftGPg6D/3COB O5g0+BRSTps2raCggCK0ixcvsp44MpLcd7EZHzACShtuf7iFhGJI2uV169apN6VmOmVKgsBoMLmD ZnP4CFT2S1M1b968+kHBJSUlNntiguLhrVu3Kr1ScM907hnELeR2njuY3EKFJkEgvlbQ/tJhT++b mJhYVVVlMzjwWGP9GNocmFYA8E+C+yIAD8FR5yckmmhxCkBca0qiceCyfoLA6HsmvvrqK+o//UvL FJ7RMt12syqjgE3/JwYJCQlXrlyh5QULFoSHh9PCt99+S5uiUJa1WblyJa3u3buXtVc/Nk8f723Z soUinBdeeIGWd+/eTS9cuHBhTk4O+/P7vLy8rKwsWjh06JDSYObMmeot2AwSBNytsQb6XbDp9pRL 2TiNW4A9qcHK9Z8qZ7777ruddtTn3r17s2U62TTNbKoEAbnzzjtHjRr1+eefN2/evLKyMiwsjGJC 6ipFVqwBRU2vvfZauB2LhdSjZLtx2LnjIOg/90jgboTat2zZkgK8PTV/78A4MpLcd7E5cMDoKW24 /eEWMhEREfPnz9cUOj5lSoLAaDC5g2Zz+AhU77u6qqioqF5A4OLFi2n5xRdfbNOmDQuw1YzOdO4Z JCh0ZMa5hQpNgkB8rZg6derAgQO7detWXl7OGnC7wRpzx9BmMK0A4OeM7osAPAdHnZ+QaKLFKQBx rSmJxoHLfxMEycnJ1P8xY8aMHTs2MTGRlpXPKhsFbIKgZenSpey+PC0tjTa1f/9+Vk63+7S6YcMG TXv9KkUUDRo0oP6w0JRtp3379r+psXHjxuzsbCo8cOCA0iAzM1PZAsNNEHC3pmms7IJNt6dcymtZ rMJ6ZTNOEFD8dpdd27ZtGzduzJYp7NQ0s92YIKBQ7eabb6bXPvjgg7R69913Dx06lP6lEvVLfvrp J9paYGBgYWGhepRsN+4jdxwE/eceCdyN2OzxW3R0dID94wzsd9o2x0aS+y423RHiVILAZtAfbiHt LE39okWL2KrC8SlTEgRGg2k0aA4egUYJAnJnwE0xMTGVlZWRkZGvv/66Uq4wOtO5Z5CgUN957mBy CxlNgkB8rQgJCaHV9957T9Ne3w2jMTSaVgDwc0b3RQCeg6POT0g00eIUgLjWlETjwOWnCYLz58+H hYVRwPBfNeLi4po0aXL58mWbPWCbPXs2azlu3Dh1gmD8+PHKRrj35Sw6Xbt2LStfs2YNrbIv5xPE e8eOHbvllltoSNlniW01vy18550bPqBy4sQJKvzE/n1ytE1aTk1NVTewGSQIuFtTN7DpwjP1nnIp rz18+HCA6iP9K1asCOAlCBSmn1dXJwi2bdtGW2vWrBl1z2b/xrjQ0NDg4GD2C2E1NiC0j+pRsuli Zv04CPrPPRK4G2HoVfS+ERER7GMgNsdGkvsuNuEBY0TTRt8fbuHJkydpjyj+VNpomE6ZkiAwGkyj QXPwCNQkCNRVswL+HY1Pmzatfv36+r+3F5zp3DOIW2jUeRtvMI0KbboEgfha8eSTT44aNYoGJCsr izUw6obRGJpOKwD4J+59EYBH4ajzExJNtDgFIK41JdE4cPlpgmD58uV0G03Bg1LCnodPB4HN/mvq /v375+Xl/fGPf6RCJWBLTk6m+3vlKejc+/LKysr27dvHx8cfOXKEttC3b9+OHTvqHx+oXi0rK+vc uTO9y08//XTO7tKlS+xvoaOjo7dv304vp02xL0Wjwnnz5tnsf0HdrVu3qKgoCjDOnDmzZcsWlt3g JgiMtsbdBZtuT7nUr7399ttpl3NycmgAKS5iMeGNzf/DNNqcNWtWo0aN2PI///nP4ODggJpftLJ8 QePGjWmPaHXXrl2rVq0qKCj45ZdfnnvuudDQ0GPHjtlUo2S7sZ9G42DUf+6RwN1IRUUFy02Ulpa2 atVK+TSKIyPJfReb8QFDZsyYMWnSJKVKobTh9odbSHbs2EFDpz4dNEynTP2QQu5gcgfN5vARqG6m qVof0Jv2hd7lkUceYSVqgjOdewYZFeo7zx1MbqFCkyAwvVZUVVUlJSXRucD+7oDbDaUx26Z6DE2n FQD8E/e+CMCjcNT5CYkmWpwCENeakmgcuKyfIOA+JYJiAE18de3aNQrM7rE/QH7z5s233HJLYGDg oEGDUlJSlIAtNze3TZs2FK+yP7GOjY2lWla1bNmyBg0asGW6cafjKcCue/fuyh/Dq9urVz/77DPW WDFw4EAqp7iXDTL1pGnTptQrm/0j3JGRkWVlZbScn5/fu3dv9pKWLVuyh/ap30W9zN2a0S5o9pRL /dr169dTWEIb79ChA4X3AWYJgvvvv19bqjJixIjExERltV+/fk2aNGF/W37x4sV69eqxPzew2X/p SiEQvV39+vUpdmL5HduNo6QZdu44qPs/c+ZMpf9GR4J+I9QxCpJplfozePBg5VfZjoyk0bsYHTCk Z8+eLVq0UKoUShtuf7iFtKcJCQnPPfecZlNqplNGge6UKVPYstHBoB80m8NHoLqZpopO8Jdeeok2 u2vXLtZATXymc88gbqG+89zB5BYqNAkCmwPXisuXL8fHxzdv3px9IYK+G+rGNtUYOjKtAOCfuPdF AB6Fo85PSDTR7IbKKAUgrjUl0ThwWT9B4JorV66w8FKDbrtPnDjBvi9ArKSk5Ny5c9pS55WXlxcX F6tL5syZ88QTTyirpaWl3K5y6bdmxPE9ZaqqqpQvaXPNsWPH5s+f//LLLzds2FD9XXRi1MMff/yR uqop14yShn4clP5rnqFgdCTYeBu5cOGC8kg5hSMjKXgXri+++ILiRm2pDrc/mkK68N13333i7jlL cDDoB82IYNw0VTTRnTt3vrGJE7hnELdQ33lHRtiUs9cKfTf0PDGtAODLKopLj61Orypz4uIDAOC3 xCkAca3lIUEgpTfffFNb5BkU6tyqo3/wQa04dOgQnYdDhw6l87CiokJb7TzXRsnoIYtuqt2RHD16 NPvtsftWrlx56dIlbak8KJIPDw9nj6gAhezTCgAuKMnav7HxwK/ue7b0639/xQkAABgRpwDEtZaH BAGIVFdXH9Q5efKktp2F7Nu375VXXtGWuq12R7LW8xfyOnToEM0X/tIeAICc/d+9Hwf3SwuMy7j1 vh8W/l98oAAAgEucAhDXWh4SBAAAAAAWcfZ/924IHZAWEPdxcL9PQgbgAwUAAHriFIC41vKsnyCQ /SkRACCAExwAQEPJEbCfT8Li1R8owGUTvA9HnZ+QaKLFKQBxrSmJxoHL+gkC5T9I/OAHP/jBD37w gx8//Nl82zD6d9NN9xZ/npsm+fdvgYxw1PkJiSZanAIQ15qSaBy4/CJBoC0CAKvACQ4AoHHk1Xc/ tucFNjX67c4BU7e2f2jbHY8eXfoR+wQBLpvgfTjq/IREEy1OAYhrTUk0DlxIEACAxHCCAwCosezA ltbDdvSdsqlJ4u7kOZpnEOCyCd6Ho85PSDTR4hSAuNaUROPAhQQBAEgMJzgAgOLHxes+qd//43p9 1R8Z0MBlE7wPR52fkGiixSkAca0picaBy/oJAtmfEgEAAjjBAQCYkqz9nzYfrP/IgAYum+B9OOr8 hEQTLU4BiGtNSTQOXNZPEAAAAABYW0Vx6bHV6dyPDAAAgIY4BSCutTwkCAAAAAAAAMBfiFMA4lrL Q4IAAAAAAAAA/IU4BSCutTwkCAAAAAAAAMBfiFMA4lrLs36CQPanRACAAE5wAACn4LIJ3oejzk9I NNHiFIC41pRE48Bl/QSB7N8zAQACOMEBAJyCyyZ4H446PyHRRItTAOJaUxKNAxcSBAAgMZzgAABO wWUTvA9HnZ+QaKLFKQBxrSmJxoELCQIAkBhOcAAAp+CyCd6Ho85PSDTR4hSAuNaUROPAhQQBAEgM JzgAgFNw2QTvw1HnJySaaHEKQFxrSqJx4LJ+gkD2p0QAgABOcAAAp/jgZfPatWtZWVnffPPNv/71 L23djSoqKrRFKufPn//++++1pWAmPz+/uLhYW+oM8bzYfPKoA0+QaKLFKQBxrSmJxoHL+gkCAAAA ABB7+eWXMzMzldX9+/enpqaq6l2xcOFCurHWlt7ozJkzrVu3btmyZVRU1DfffKOtVjly5EhSUpLN eLOrVq2iW9Pr169rK5y0ZMmSjIwMbakzDh48OHPmzLy8PG2F582ePXsmjyAF0LVr16efflpb6oxn nnkmPT1dWwrgw8QpAHGt5SFBAAAAAODvmjRpQmGksrp27dqGDRuq6l3Rrl27yZMna0tv9P7779Mb Xbt2TVtxo8rKyk6dOr3xxhs24826nCD4u52yOmDAgOeff55b5aBHH32UepKcnKyt8LxJkyaNsWvb ti0NLFsmhYWF2qY13E8QZGdnh4WF5efnaysAfJU4BSCutTwkCAAAAAD8nWsJAnE0bhTJqz311FMU oGpLdd544w2KeCsrK23Gm9UnCMTdU/Tr12/ixInaUjtBlZHS0tIQu/Dw8AsXLmirHeZg541Qtzt1 6qQt5REnCBzsxsMPPzxixAhtKYCvEqcAxLWWhwQBAAAAgL8TJAgyMzMTEhIo4m3VqtXRo0dZ4c8/ /zxkyJCwsDCK25WPlw8fPjw1NXXMmDERERHHjx9XR/JUNXfu3BkzZrRo0aJ79+47d+6kwvnz59P7 0pajo6PffPNNKikqKnrooYea2o0cOfLUqVPs5dRgwYIFbFm92cLCwkGDBlEo3qVLl1GjRikJAqPu 6fswa9as0NDQRo0a0Vt88MEHrNlrr72mr6INTp8+nW2KTJky5dlnn1VWFYsXL6ZXvf/++9SZFStW KOUnT54cPXp0ZGQk1dIGWbKDW8jtPHcWuIWMPkFgNLZKgqC4uLhPnz6vvvoqK+d2gzuGJCsrKygo 6PTp02wVwMeJUwDiWsuzfoJA9qdEAIAATnAAAKcYXTaNEgTV1dUUvk6bNq2goICiwYsXL9rsjxWk 4JAi83379qWkpERFRbFXUagZGBg4YcIEClwrKirUkTxVBQcHDx06dNOmTXFxcf3796fCEydOPPzw wx07dtyzZw+FyvRePXv2pFA/IyODIlJa6NWrF73X8ePH6Z6TXsg2pWz2+vXr1J62/OWXX9Lte7du 3ViCQNA9fR9o47Gxsffffz/14ezZs6wZC5g1VfPmzaNQvKSkxGZPTFA8vHXrVrZltZiYmHHjxtG+ tG7dukePHqzw6tWrtNysWbMlS5b88MMPmzdvpgbcQm7nubPALVRoEgRGY2ur2d/y8nJ638TExKqq KptwivVjSE6fPk2Dv27dupo3vIHRUQcWI9FEi1MA4lpTEo0Dl/UTBLJ/zwQACOAEBwBwitFl0yhB QPF2y5YtKZikIFmp3b17N90ELly4MCcnh26daZk9kI+iR/YcQUaTIEhISLhy5QotL1iwIDw8nJVP nz6dAnu2/O2339KmVq1axVZXrlxJq3v37s3KyqKFQ4cOsXJlsxS7Uvm7777LypU/MRB0j9sHzd8R qD9yr64qKioKCgpavHgxLb/44ott2rTRPzrhq6++orejf2l5zpw5tEydtNWMmHqExYWaznNngVuo 0CQIjMbWZt/fqVOnDhw4kCaivLycNeB2gzXmjiGJiIiYP3++sqpmdNSBxUg00eIUgLjWlETjwIUE AQBIDCc4AIBTjC6bzZo1+/3vf6+svv/++40bN2bLFCtGR0fTXd+wYcPY78/T0tJotX379r+psXHj Rpvur9k1CQKlaunSpdwEAdvs/v372SqFr7S6YcOG7OxsWjhw4AArVzbLAlelXEkQONI9dR8cTBAQ GoGYmJjKysrIyMjXX39dKVckJyfTW48ZM2bs2LGJiYm0zP4qgXVJ/T0R4kJ95/WzYFTIaBIERmNr s+9vSEgIrb733nua9vpuGI0hDTstL1q0SNmCmtFRBxYj0USLUwDiWlMSjQMXEgQAIDGc4AAATjG6 bMbGxnbv3l1ZXbBgAUWeyiqFf3SLHBER8cILL9hqfr38zjvaj9G6mSBgiYC1a9ey1TVr1tBqbm7u iRMnaOGTmq82VDZ7+PDhANWfHqxYsSJA9QkCcfc0CYLx48dzm2mq/j979wIfRX3v/59wS8L90kgE QQyXQpVbOVzE5CjIteihCg0VUbEK6l/hUQpYhaOICEKBg7S2HPDWg4hRAiExekTUBjwEysUES7SI EG4JkEAg/AQTIez/437LOMzOTrIhLHxnXs8HDx6z3/nuzOz3O/PNft/ZzKalpcmWH3nkkVq1agX+ vX1RUVFUVNSoUaP+cEHPnj0bNmx4+vRpeRXyRMs3R9oWBjt4X0AvOBT6AgKCYG3r87/exx57bMSI EdIgGRkZqkKwwwjWhocOHZL6SUlJP1Y1CXbWwWU06mjnCMB5bbk0agdbBAQANMYFDgAhCTZsTpw4 MSIiQt4Nf/vtt+vXr5e55UMPPSTlZ86ckVmiTNELCwtbtGihfh+u/ni+ffv2a9euLSkpyc7OVt+i d4kBgWwqLi4uPj4+JydHttm7d++2bduq+/bJ7mbMmKGqmTfbqlUrqb9x40Y5cpkkq4CgIodnPobR o0fL6zW+ccBczbLq3Llz0giyl1/96leqxGzRokWyzaKiIqMkPT1dKsuxySHJy4yNjZUp+pEjR9LS 0k6fPh2sMPDgbXvBttBgCQgc2la93tLS0sGDB9evX1/93YHtYRiV1TbNbbhu3brIyEjzazcLdtbB ZTTqaOcIwHltuTRqB1vuDwh0v0sEAAdc4AAQkmDDpkzthgwZIm/tqlevLv/ffPPN6i73J0+elAl5 RESETP8GDBhg/No8NzdXvRWUVY0bN05NTfX5P4Ywfvx4Y5syI1Upg2XVSy+9VKdOHbX82GOPmT+5 IBNReVNezU/KjfsOyBv0mJiY48eP+y7e7IoVK2SOKpXbtGkzZcoUFRD4KnB45mPIzMy8/vrra9as qW5nYK5mWSX+8z//Uzb76aefqodmMtsfM2aMuaSsrKxly5ZyJLK8e/fuHj16qJfWvHnzI0eOBCsM PHjbXrAtNFgCAl/wtjVe7+nTp+Pj45s2baq+ECHwMMyVfaY2lDZPSEiYOHGiKg8U7KyDy2jU0c4R gPPacmnUDrbcHxAAAACgIo4ePbply5aDBw+qabbhxIkTxu3rzKQwPz/fWnrJCgoKjh07ZimcPn36 uHHjLIWitLTU+MY+i4ofnrzeAwcOnDt3zroiYJUcw09/+tOLq4SgsLBQxRzlFgYevG0v2BY6sG1b B4GHEUgmUUOGDLFtPeDq5BwBOK91PQICAAAAaGDevHnWovCSmXx0dPTChQutK7xt8eLFp06dspYC VzHnCMB5resREAAAAADl27Fjx7PPPhvsL+0B6MI5AnBe63oEBAAAAAAAr3COAJzXup77AwLd7xIB wAEXOACEJKlazyv7z3pA8AB+WHuERh3tHAE4ry2XRu1gy/0BAT+KABfjAgeAkFzZYfPK7h1XCv3u ERp1tHME4Ly2XBq1gy0CAgAa4wIHgJBc2WHzyu4dVwr97hEadbRzBOC8tlwatYMtAgIAGuMCB4CQ XNlh88ruHVcK/e4RGnW0cwTgvLZcGrWDLQICABrjAgeAkFzZYfPK7h1XCv3uERp1tHME4Ly2XBq1 gy33BwS63yUCgAMucAAIyZUdNnV/34zKubJnHcJGo452jgCc15ZLo3aw5f6AAAAAAFcDAgIAVwPn CMB5resREAAAACAcCAgAXA2cIwDnta5HQAAAAIB/KT1evGdpypn8QuuKqkBAAOBq4BwBOK91PQIC AAAA+ArWf77hjt+tbjqgIGO7dV0VISAAcDVwjgCc17qe+wMC3e8SAcABFzgAhCRw2Cw9XvyP6a+k xAxMiuiZXOffL1864CMg8KrAsw6upFFHO0cAzmvLpVE72HJ/QMCPIsDFuMABICTmYbNg/eef3vbY O7X6JEX0Wt349pTL+dkBhUHbm+h3j9Coo50jAOe15dKoHWwREADQGBc4AIREhk3jIwM/RAPVesq/ 1GuHhCEd8DFoexX97hEadbRzBOC8tlwatYMtAgIAGuMCB4CQqETgCv6zHhA8gH73CI062jkCcF5b Lo3awRYBAQCNcYEDQEiS/J8g2PncKykxg378BEHs4PB8ggDexA9rj9Coo50jAOe15dKoHWy5PyDQ /S4RABxwgQNASMzD5g/3IOh74R4EjcJxDwJ4Ez+sPUKjjnaOAJzXlkujdrDl/oAAAAAAwRgfKAjD txgAwNXAOQJwXut6BAQAAAD44QMFG+743Wo+RwDA7ZwjAOe1rkdAAAAAgH8pPV68Z2nKmfxC6woA cAvnCMB5resREAAAAAAAvMI5AnBe63ruDwh0v0sEAAdc4AAQEoZNhB9nnUdo1NHOEYDz2nJp1A62 3B8Q6P49EwAccIEDQEgYNhF+nHUeoVFHO0cAzmvLpVE72CIgAKAxLnAACAnDJsKPs84jNOpo5wjA eW25NGoHWwQEADTGBQ4AIWHYRPhx1nmERh3tHAE4ry2XRu1gi4AAgMa4wAEgJAybCD/OOo/QqKOd IwDnteXSqB1suT8g0P0uEQAccIEDQEgYNhF+nHUeoVFHO0cAzmvLpVE72HJ/QAAAAAAAgOIcATiv dT0CAgAAAFwuu3fvzs/Pt5ZWypkzZ6xFl98V2SmAy8o5AnBe63oEBAAAAF734osvyptgtTxnzpzJ fk8++aQsb9iwwag2depUtcrCIQK46aabnnjiCWtp6HJycgYPHmwtvfwmTJiQkpJiLQWgM+cIwHmt 6xEQAAAAeN0NN9zwm9/8Ri23adOmdevWiYmJCQkJsbGx8n5v7NixJSUlsmrMmDH3+EmFevXqqWWx f//+izZnUiUBgey9Xbt2c+fOta64/DZs2BAVFbV7927rCgDaco4AnNe6nvsDAt3vEgHAARc4AIQk 2LBpCQgefPBBtfz999/L9F7e8r344os/1vb5HnjgAZmxm0uCcQ4Izp8/by2yM3fu3NatW6uQIgws R3X33XcPGzbMXIKQBDvr4DIadbRzBOC8tlwatYMt9wcEun/PBAAHXOAAEJJgw2awgECUlZV16tQp NjbWKPHZBQQHDx686667GvsNHz48Ly9PlRsBQX5+fq9evZ5//nlVvm/fvoEDB0ZFRcnM3/gM/513 3vncc89NmjSpWbNmXbp0+fjjj1V5+/btZ8+e7Vwn2AEEq3/o0KHExMSYmJjIyEjZvkofbI8qIyOj Ro0ahw8fVg8RqmBnHVxGo452jgCc15ZLo3awRUAAQGNc4AAQkmDDpkNAIJ566il513f8+HGjxBIQ nDt3rlu3bh07dlyzZo3Mq2Whe/fuZWVlvgsBQXFxsUzO+/XrV1pa6vOHDvKwf//+27ZtGz9+vJE+ SOWaNWsOGjRo1apVPXv27NOnjxTu3btX9i4lDnWcDyCw/tmzZ7t27dqkSZMFCxZ8+eWXqampsoVg R3X48GE5gOXLl6uHCFWwsw4uo1FHO0cAzmvLpVE72CIgAKAxLnAACEmwYdM5IJgzZ4686zN+J+8L CAg2b94sFZYsWaIeLl68WB5u3brV55+fjx07tm/fvp07dy4uLlYVNm3aVM3/ZwsbN26UN9+ynJ2d rSonJCR8//33sjx79uzo6Gif/xf4UmHHjh3qubZ1nA8gsL46gMmTJ6v6SrCjEnXr1p01a5a5Miou 2FkHl9Goo50jAOe15dKoHWwREADQGBc4AIQk2LDpHBDIDL9evXrmEktAkJSUJG8Lt2/frh7KzFwe rly50uefn9euXVsevvbaa5b6cXFxN16QnJysKhs3LFi4cKGazG/YsEEqf/7556rcto7zAQSrn56e rsqVYEd1/vx5edacOXPMlVFxwc46uIxGHe0cATivLZdG7WDL/QGB7neJAOCACxwAQhJs2HQICI4d O9agQYPExESjxBcQEKg5/LJly9TD119/XR5mZmb6/PPzxx57bMSIETLHzsjIUBXU7+pfecV6MLaT +QMHDkjldy98C6NtHecDCKwvq6TCtGnTVLkS7KgOHTok5UlJSZZyVFCwsw4uo1FHO0cAzmvLpVE7 2HJ/QAAAAABnloBg+PDhe/fuzc7OXrFiRbt27WJiYmSSbK5vCQhKSkri4uLi4+NzcnLkWb17927b tq267Z+an5eWlg4ePLh+/frqY//qFgDt27dfu3atVJOnqC9KtJ3MC6k8Y8YMtWxbp9wDsNSXA+jc uXNsbOyyZcuOHDmSlpZ2+vTpYEe1bt26yMjIoqIitREAunOOAJzXuh4BAQAAgNfJ7Pqhhx5Sy23a tKnmV7t2bXmL/Oijjx47duzi6taAQMh0WiqrJ3bp0sW4ZUCnTp3Gjx8vCzIDlwl806ZNd+3aJQ9z c3PVm8mIiIjGjRunpqaaK4uXXnqpTp06alneoMfExKi7JAarU+4BWOrv3r27R48eqn7z5s2PHDni szuq8+fPJyQkTJw4UT0LgAs4RwDOa12PgAAAAABVo6CgIDBNcFBcXJyfn28ttTN9+vRx48ZZSwOE egCFhYXmb2dQzEclM4QhQ4acO3fu4ioANOYcATivdT0CAgAAAGhg3rx51qLLb/HixadOnbKWAtCZ cwTgvNb13B8Q6H6XCAAOuMABICQMmwg/zjqP0KijnSMA57Xl0qgdbLk/IND9eyYAOOACB4CQMGwi /DjrPEKjjnaOAJzXlkujdrBFQABAY1zgABASGTav7D/rAcED6HeP0KijnSMA57Xl0qgdbBEQANAY FzgAhOTKDptXdu+4Uuh3j9Coo50jAOe15dKoHWwREADQGBc4AITkyg6bV3bvuFLod4/QqKOdIwDn teXSqB1suT8g0P0uEQAccIEDQEiu7LCp+/tmVM6VPesQNhp1tHME4Ly2XBq1gy33BwQAAAC4GhAQ ALgaOEcAzmtdj4AAAAAA4UBAAOBq4BwBOK91PQICAAAAhAMBAYCrgXME4LzW9QgIAAAAEA4EBACu Bs4RgPNa13N/QKD7XSIAOOACB4CQlDtslh4v3rM05Ux+oXVFVSAg8KZyzzq4g0Yd7RwBOK8tl0bt YMv9AQE/igAX4wIHgJA4DJuFn2VnjnpmddMBBRnbreuqiMPe4WL0u0do1NHOEYDz2nJp1A62CAgA aIwLHABCEjhslh4v3rXw7ffi7kqK6LUyKuHypQM+u73DC+h3j9Coo50jAOe15dKoHWwREADQGBc4 AITEPGz+8JGBX//nyjr/vrrpwHeq91rdsO9lTQd8DNpeRb97hEYd7RwBOK8tl0btYIuAAIDGuMAB ICQybBofGVjduP+7kfFS8k6N3mFIB3wM2l5Fv3uERh3tHAE4ry2XRu1gy/0Bge53iQDggAscAEKy afSz8ub1Cv6zHhA8gB/WHqFRRztHAM5ry6VRO9hyf0AAAAAAw+n9RzaOeOrdqB8+O6D+ffrvj6y5 ZlAYPkEAAFcD5wjAea3rERAAAAB40Z6la9LbDk+K6JVUref/3jiSjACARzhHAM5rXY+AAAAAwLt+ /EBBRM/kureSEQBwPecIwHmt6xEQAAAA4IcPFHza7/HVTQeQEQBwN+cIwHmt67k/IND9LhEAHHCB A0BIyh02S48X71macia/0LoCqKxyzzq4g0Yd7RwBOK8tl0btYMv9AQH3ywVcjAscAELCsInw46zz CI062jkCcF5bLo3awdalBgSNGjW69eo2oloLaxEAt+ACB4CQMGwi/DjrPEKjjpY5rEMEcCsBQTCq aZwDAgAAAAAA9BIsAiAgCMo5IFi0aNFtF3Tt2lVasGPHjh06dLjxKjOiWgtrEQC34AIHgJAwbCL8 OOs8QruOHjNmjG0EQEAQlHNAYJaZmZmWlrZixYq/Xn2W//JxaxEAt+ACB4CQMGwi/DjrPELTjpY5 rMxkZT6bm5ur5raXGBB49yaFZllZWdJqKSkp0r7/AwAAAADA1U1mrzKHlZmszGfz8vLU3PYSAwLd VU1AIO21ZcsWabi0tLR3AQAAAAC4usnsVeawMpOV+Wxh4b++3pWAIKiKBwR5eXnSZFlZWZmZmZ8A AAAAAHB1k9mrzGFlJivz2eLiYjW3JSAIquIBgbRmYWGhNGtubu7XAAAAAABc3WT2KnNYmcnKfLak pETNbQkIgqp4QHA10/0uEQAccIEDQEgYNhF+nHUe4ZqOvsSAQPd2cH9AoPv3TABwwAUOACFh2ET4 cdZ5hGs6+hIDAt3bgYAAgMa4wAEgJAybCD/OOo9wTUcTEARFQADgKscFDgAhYdhE+HHWeYRrOpqA ICgCAgBXOS5wAAgJwybCj7POI1zT0QQEQbkjIND9LhEAHHCBA0BIGDYRfpx1HuGajr7EgED3dnB/ QBBmRUVFO3futJZWtTNnzliLdHOJLyE87RwS8yu6xFcHAAAA4Iq4xIBAdwQE9ubMmTPZb+7cuTk5 OdbVwS1ZskQa7fz587K8YMGCNWvWWGtcMjmewYMH+0wH+dJLL+3Zs0etNQqV999/P1hhMB988MG0 adPMJVlZWfKs7Oxsc2GwJlLlubm5P1b1+ebNmyeF3333nXpovIRKM7fzVWLChAkpKSmBywAAAAB0 QUAQlJcDgjZt2sTFxckktkGDBtIIcmZYawRhnrjecsstTz75pLVGiP7uZzwsKSlp166dzMl9/oO8 4YYbbr755lq1atWoUUPNyaWwdevW91zw9ttvBysM5ve//329evXMJSNHjpQXNXr0aHNhsCaScnn4 7LPPGjX37dsXEREhhUVFRb6LX0KlVW1AYGlkW+XW2bBhQ1RU1O7duy3LAAAAAHRBQBCUxwOChx9+ 2OefzcbGxloawWFeGtLEtSLVZP7/wAMPGA9lXi1TfTkqn+kgt23bJjuVib0qfPDBB436im1hMJaA oLCwsLZfdHT0iRMnjPJgTaQCAvnfqPnCCy9U81MBgfklVFpgO1ekMYOxNLIt2zqWnd59993Dhg0L XAYAAACgBQKCoNwREFTuLhHG7Ff09FPL+/btGzhwYFRUlExxjc+Q79+/v3///jJ/7tix44gRI4yJ 65133jlz5kxVR5anTZt2zz331K1bd+/evbbbOXToUGJiYkxMTGRkZPv27WUKPWXKFFmuX7++PHzz zTeljizMnj1b1TcOUg6gevXqb731lioMzAJsC4OxBATz58+XY3jjjTfkdb388stGebAmknKZS0vl zZs3qxI55j59+hgBgfklBL5kKTx48OBdd93V2G/48OF5eXmqcrB2tm3MYNLT0xMSEmrXrt2iRYtd u3ZJSWAjS6/16tVLCjt37rxu3TrbOrY7zcjIqFGjxuHDhy3LuHwqd4EDgGcxbCL8OOs8wjUdfYkB ge7t4P6AoHLfM6Fmv998882CBQukEf785z9LYVlZWZcuXWSOum3btvHjx8fGxvr8v0Pu1q3bTTfd 9NFHH8mpI1NKY+IqhU888YTaoCxHRETcf//9MkH99ttvA7dz9uzZrl27NmnSRPb45Zdfpqamnjt3 bu/evZ06dfrFL36xZcuWo0ePykPZ+KpVq4yDHDRo0MKFC3v06CFz8u+//94o/NRv48aN5pqWwmAs AUGHDh3uvfdeOZjrrrtOjtAot20iVT5nzpwGDRrIS5OHmzdvrlWrlqxVAYH5Jdi+ZCHt2bFjxzVr 1sjEWxa6d+8uLR+snW07JRjZeExMzCOPPJKbm/vxxx+fPHlSCi2NLCUvvvhicnJyTk5OfHx83759 A+sE2+nhw4flqJYvX25ZxuVTuQscADyLYRPhx1nnEa7p6EsMCHRvBwICe+pz8soLL7ygJvybNm2S hzJ7lDm2nCiynJ2drT7e/+qrr6onmj/6bgkIjNvy2W5HFU6ePFnVMZg/2Z6RkSF1duzYoR7KQbZs 2bJVq1ZSOGHCBOPvDmRy/lO/W265xagZWBiMOSBYv369bFz+l+Xp06fLsrxetcq2iVT5okWLHnzw wWuuuebs2bOPP/74sGHDVq5cWc0fEJhfgu1L3rx5sxRKM6qHixcvlodbt24N1s62jfnj5i4m9Zs3 b969e3eZ55vLbf984Ntvv3366afr16+vHprrOOy0bt26s2bNClzGZVK5CxwAPIthE+HHWecRrulo AoKgPB4QJCYmfv75540bNx46dKgqTEpKkgaJi4u78YLk5GQ1P5Saqo5DQGAs225HFaanp6s6BvO8 dMOGDeZ9GR/y/+yzz2rUqDFy5EhVGPjXBLaFwZgDgtGjR8se77nnnlGjRvXr10+WH330UbXKtolU +aJFi/72t79J5dTU1KZNm6akpBgBgfkl2L5kVbh9+3b1cOvWrfJQnh6snW0b88fNBZC5ffv27eUp d9xxR0FBgSq0BAR/+ctfWrZs2axZM9msbUAQbKdyPNHR0XPmzLEs4/Kp3AUOAJ7FsInw46zzCNd0 NAFBUB4PCNTc+6233pJGWLhwoe/C741feeWivyr54osvqpk+9v/yyy+riasveEBgu53MzEwptHy/ oM8/L73vvvvU8oEDB6SOnKPqoXGQ4pe//KVMR1VhYBZgWxiMERDIfD4qKmrUqFF/uKBnz54NGzY8 ffq0L0gTqfJFixZJC7Rq1eraa6+NiYn5/vvvjYDA/BJsX7JKEJYtW6Yevv766/JQagZrZ9vGdCbP kgOoW7fuU089pUrMjaw+46A+qjBv3jxzQGDUCbbTQ4cOSXlSUpJlGZdP5S5wAPAshk2EH2edR7im owkIgnJHQFC5u0SY596JiYm1a9fevn27+pv59u3br127tqSkJDs7e//+/VJBZsLx8fEbN26Uc0im nWri6gseENhuRwo7d+4cGxsrc+MjR46kpaWpefjo0aPbtWtnfH2APHHGjBlqWf0O/6uvvkpOTv7J T36i/nbANguwLZw0adKYMWMshT7/DfnUrFjm+dHR0erOgkp6erq8OnmZviBNpMrlibLw9NNPS+Xf /va3smwEBD7TS7B9ydIgcXFx0p45OTnSMr17927btq366wnbdrZtTF+QV3fmzBmZ1R84cKCwsLBF ixbGpyHMjZySkiJbXrNmzYYNG2R3NWrUOHXqlKVOsJ2uW7cuMjJSvUzzMi6fyl3gAOBZDJsIP846 j3BNR19iQKB7O7g/IKgc8+z3+PHj1157rUxTZXqZm5urmiUiIqJx48apqalSYcWKFTKRrub/bj+Z XRsBQadOndSN+izLwnY7u3fv7tGjRzW/5s2by5zZ5/81+/XXX1+zZk31O205QWNiYuSQfP6DVJWl wtixY//5z3+qwsAswLawW7duzZo1sxSKYcOG9evXTxZk9m6ZY5eVlbVs2VKO3Be8iaT8j3/8oxTm 5eXJRSWzcVlOTk6W41Sza/NLsH3JMt+WC1IVdunSxbjnQrB2tm1M21d38uTJG264QarJ1H3AgAHG VwyYG1km/7fffrtsrUGDBrNmzapTp06HDh0sdXx2O5WDSUhImDhxos//IQVjGQAAAIAuLjEg0B0B ga/0ePGepSln8gutK4IrLi7Oz883l5SWlhrfxldxgdsRhYWFavJskNmmTLPPnTunHk6fPn3cuHHm CpXz4YcfxsfHGw/37Nkj8+FnnnmmXr165q8zvBwsLyHwJYuCgoJjx45ZCh3a2dKYlldnduLECals KbQ08tGjR8+ePSsLp06dMipb6vgu3qmMIEOGDFFrzcsAAAAAdEFAEJTLA4Lz5/85f/mnff+/1U0H FGT865Z4upg3b561KHSJiYnql+3Kjh075DIYNGiQXAZnzpwxVbwsquQlOLC8ujBYvHix+mMEyzIA AAAAXRAQBOXWgKD4y73rh058p1afpIheyXVv1S4dqCrq8/lu5e5XBwAAAOByICAIyh0BwY93ifB/ ZCCt5X8kVeuVVK3nR93vX3PNIM+mA4A76H4bGAAIM4ZNhB9nnUe4pqMvMSDQvR3cHxAkVev540cG qvVU/zYMnUg6ALiA7l8kAwBhxrCJ8OOs8wjXdPQlBgS6t4MnAoKVdW/9IReI+OGDA+rfyshbvpq3 fOdzr8iyynhYZpllHZeT/ENwYDnLLLPMMsu2y0mav3OFjjjrPMI1HU1AEJRrAoLS48W7Fr6d3m54 yk8GrmrQV0reqd5rVYPb+AQBoDvdh2AACDOGTYQfZ51HuKajCQiCck1AYCwXfpa96d5nV9a9NbX5 UDICwAV0H4IBIMwYNhF+nHUe4ZqOJiAIyh0BgfpknZnxgYKkiF4ro+LJCAB9BV7gAAAHDJsIP846 j3BNR19iQKB7O7g/IHCgPlCwuukAMgIAAAAAwCUGBLrzdECglB4v3rM05Ux+oXUFAAAAAMBLCAiC 8khAAAAAAACAj4DAWmCimqZRo0a3AgAAAADgdjL/JSCwd6s/IAAAAAAAwDsqHRC4+SaFixYtuu2C n//85506dfrZz37WQTcjqrWwFgFwCy5wAAgJwybCj7POI1zW0aNGjfrrX/+6YsWKtLS0zMzM3Nxc 62w5CDd/zaFZVlbWJ598kpKSIm30P1qRHrIWAXALLnAACAnDJsKPs84j3NfRMvOV+a/MgmUunJeX Z50hB+GVgODrr7/esmWLtE5aWtq7WpEeshYBcAsucAAICcMmwo+zziPc19Ey85X5r8yCZS5cWFjR 77zzSkCQl5cn7ZKVlZWZmfmJVqSHrEUA3IILHABCwrCJ8OOs8wj3dbTMfGX+K7NgmQsXFxdbZ8hB eCUgkBYpLCyUpsnNzf1aK+vHz7EWAXALLnAACAnDJsKPs84j3NfRMvOV+a/MgmUuXFJSYp0hB+Hm mxQCAAAAAACPICAAAAAAAAAEBAAAAAAAgIAAAAAAAAD4vBAQ6H6XCAAOuMABICQMmwg/zjqPoKMV 3dvB/QGB7t8zAcABFzgAhIRhE+HHWecRdLSiezsQEADQGBc4AISEYRPhx1nnEXS0ons7VD4gWLhw 4a06GFGthbUIgFtwgQNASBg2LRYtWmR9j4uqpvt8CRVERyu6t0PlAwIZUqsBAAAA2rrtttus73FR 1XSfL6GC6GhF93a41IAgPj7+99CT+qEIaO0XrTtbiwAAwTFsGho1akRAEB6637MNFURHK7q3w6UG BDLPLIKepPusnQoAAOAN6q0sAQEAmFV+ikhAoDsCAgAA4FnqrWzXrl0zMzOzsrK+/vrrvLy84uJi az0A8JLKTxEvJSDIycn54IMP/v73vx8+fNi6LrilS5cOGTJkyZIl1hXBHQ9grVEBo0aNkv3u2rXL ukJzBAQAAMCz1FvZG2+8MS0t7ZNPPtmyZcvXX39dWFhorQcAXlL5KWIlAoJjx44tXLjwJz/5if+m MD+IiIj45S9/aa0XxOTJk+Upv/vd76wrgmvWrJmxL+WLL76wViqP2kh2drZ1heaqERAAAACvUm9l O3bsuGLFipSUlE8++SQrKysvL89aDwC8pPJTxEoEBOPHj5enNGnSZMyYMatXr165cuXzzz8/Z84c a70gKh0QPPPMM29ckJ+fb61UHgIC4Kql+21gACDMGDYN6q1shw4d/vrXv65YsSItLS0zMzM3N9da D5eMs84j6GhF93ao/BQx1IBgy5YtERER8pSPPvrIuq6oKCsr6z/+4z9kKt6gQYOePXsmJyer8v/7 v//r1atX3bp1u3btqvZoBASywQEDBjRu3Fie9Zvf/MZ25q/m9p988om5cOXKlW3btpUNfv311/Iw MTGxW7du+/fvl+UdO3aMGDHiuuuui46ObteunfyoMDby5ptv9u7du0mTJqNHjz569KjalOxXnlun Tp2YmJhJkyYVFBSo8ptvvll28c477wQ+Zf369cYreuihh6TarFmz1KqKvKKq8uGHH8oxWDsV0I3u XyQDAGHGsGkw/sTgr3/96//8z/+8++678o5R3hxa6+GScdZ5BB2t6N4O4QsIli5dKvVbtWplXVFU dODAAZmTy9pf/vKXMs2WyXlERMQHH3wgM2Q1OZdp82OPPSblRkAg8/nY2NgaNWpMmzZt8ODB6mMC 1u1emNs/8cQTc/02btyoyvv37y/l8sQ//elPsvBf//VfRf7DkMOTh126dHnhhRfGjh0rs2hjI5GR kfIs9Y04K1asMLYjLfDKK6/IPF/KV61aZd5v4FMOHjwYExMjD4cOHfrb3/5WpuihvqIqIa/rmmuu ycjIsHYqoBvdh2AACDOGTQMBQdhw1nkEHa3o3g7hCwhmzJgh9bt162ZdUVS0ePFiWSWTavXw/vvv r+YPC2SwloWGDRseO3ZMyidNmmRMp//85z/L8k033bRp06bXXntNlrt3727epqIm6vXr12/i96c/ /UmVf/XVV40bN5ZV1atXlxeiCv/7v/9bSho0aGD8tl9RG1Ehwrhx42R58uTJ5gpZWVm//vWvpXz6 9OnOT3n99ddlWXatbpdYiVd06UgH4Ca6D8EAEGYMmwYCgrDhrPMIOlrRvR3CFxAsW7asmv8GBGq2 byYbkVUDBw5UD2VeXc0fJcycOVMWEhISVLn5HgTqKdX8tzlUWrZsaWzQYPsnBsq0adPUFtLT01XJ k08+KQ/79et3ccWL7kGgjkHN9gsLC++77z61tnbt2tUCAoLAp1z6K7pEpANwGd2HYAAIM4ZNAwFB 2HDWeQQdrejeDuELCHbu3BkZGSlPmT9/vmWV+pz/9ddfrx4+9thj8vCOO+5YuXKlLLRo0UKVjxo1 yphOq9+3yxTa+LN/W8ECgm+++UatEvHx8er3+eowGjVqZPsJgsDZ/ty5c6v5//xBtjZ16tRqFQgI /vd//1eWZYp+7NgxOfJ+/fqF+oouBekA3Ef328AAQJgxbBoICMKGs84j6GhF93YIX0Ag1Cy6evXq DzzwwBtvvPHSSy+NHDnyjjvukLG4SZMmsmrChAkyS5dJrCwvX7788OHDderUkeVBgwbdfffd1fzU dHrPnj2q2tChQ5cuXTp//vzHH3/cur8LE/VHH3105gUbNmyQcnlWZGRkenq6qqBuE2gchszb5UfF vHnzVLIQbLavAoI+ffrIwvXXXy/LvXr1OnjwoMNTjh071rRpU3nYtm3bn/70pzVq1DBWVfAVVRrp AAAAgIGAAAAChTUgOH78uMz/1V36FJlXP/LII7Jq3bp1HTt2VIUyS1d/vS9efPHFWrVqSWGnTp0e eOABWZg0aZJaJVP9f/u3f1PfjFC7du0ePXpc2M+PYmNjjX0pMu1XnxT4wx/+IBWSk5Or+e8muHXr 1iL/YcjPCVVTCl977TVjI4Gz/dzc3O7du1fz3yVhypQp6vMRq1evdniKeOedd9q0adOgQYO7775b 3bnAuBlhRV5R5ZAOAAAAmBEQAECgsAYEhl27dskQvG/fPkv5nj17vvrqK0vh4cOHpb6l0HDw4MEv vviisLDQuuISyMx/586dgfdKsPXPf/5T/VFAXl7el19+aV0dYN26deo1yi5UjiA/k8wVqvwVkQ4A AABYEBAAQKArExB4Wbdu3aTdjI9R9OzZs4JJROWQDgAAAAQiIACAQAQE4fbpp5/+4Q9/uP/++x96 6KE//elPlhsiVi3SAbie7reBAYAwY9g0EBCEDWedR9DRiu7tcKkBAa5mdevWJR2Au+n+RTIAEGYM mwYCgrDhrPMIOlrRvR0uNSC47bbbrCuuMrr3EAAHXOAAEBKGTQMBQdhw1nkEHa3o3g4EBAA0xgUO ACFh2DQQEIQNZ51H0NGK7u1AQABAY1zgABAShk0DAUHYcNZ5BB2t6N4O7g8IdL9LBAAHXOAAEBKG TQMBQdhw1nkEHa3o3g7uDwgAAAAACwICAAhEQFBRu3fvzs/Pd16uHOctnDlzxlp02VzivoqKinbu 3GktvaLMr+gSXx0AAHATAgIACOTpgODUqVOzZ88eOXKkvIoxY8bMnDlz79691koX3HTTTU888YTz cuU4bCEnJ2fw4MGy8MEHH0ybNs28Kisra/LkydnZ2ebCOXPmTPabO3euPNdSnpub+2NVn2/evHlS +N1336mHxr4qbcmSJXJKnD9/3rriypkwYUJKSkrgMgAA8DgCAgAI5N2A4KuvvmrdunXDhg3Hjx8/ f/78sWPHXnvttfKzwVrvgmChgMP0voKCbaGkpKRdu3Yy1Zfl3//+9/Xq1TOvHTlypLT/6NGjzYVt 2rSJi4uTeX6DBg1krfy0M8rl4bPPPmvU3LdvX0REhBQWFRX5Lt5XpVVtQPB3P2vpxcqts2HDhqio qN27d1uWAQCAxxEQAEAg9wcEwe4SMWjQIJlFm3/NXlZWZvw6PVCwUCDY9L7igm1BpuutW7eWqbsv ICAoLCys7RcdHX3ixAmjvE2bNg8//LDPP+GPjY01ekcFBPK/UfOFF16o5qcCAvO+Ki0wILiUsODm m29+4IEHrKUXs61j2endd989bNiwwGW4Q7ALHABgi2HTQEAQNpx1HkFHK7q3g/sDAtvvmZDRXw5+ 6tSp1hV+M2fO7NWrV2RkZOfOndetW6cKg4UCsjxu3LgHH3ywUaNGLVu2fOONN1S57UYOHTqUmJgY ExMj5e3bt1cTcmNr+fn58pTnn39eVZYKs2fPVsuWgGD+/PmyBdmXvIqXX37ZKDcCAtHTzyiXubRU 3rx5syqRjffp08cICMz7sj3IgwcP3nXXXY39hg8fnpeXpyrv37+/f//+0dHRHTt2HDFihBEQ7Nu3 b+DAgVFRUa1bty73g/3p6ekJCQm1a9du0aLFrl27pGTKlCmy9/r168sBvPnmmz679gysY7vTjIyM GjVqHD582LIMd7C9wAEAwTBsGggIwoazziPoaEX3dvBoQPDee+/JwX/00UfWFX4vvvhicnJyTk5O fHx83759VaFDQFC9evVx48bJzxVpDZnl/r//9/9sN3L27NmuXbs2adJkwYIFX375ZWpq6rlz54yt FRcXd+nSpV+/fqWlpVK4d+9eOcJVq1apvVgCgg4dOtx7773y9Ouuu062aZSrgOCbb76RXcjT//zn Pxvlc+bMadCgwfjx4+Xh5s2ba9WqJWtVQGDel+1Bim7dunXs2HHNmjUy8ZaF7t27l5WVnT9/Xsrl +KUl5WeqTN1VQCCr5LX0799/27ZtssfY2FjjCAPJxmNiYh555JHc3NyPP/745MmTPv/L79Sp0y9+ 8YstW7YcPXrUZ9eeljrBdnr48GE5quXLl1uW4Q62FzgAIBiGTQMBQdhw1nkEHa3o3g4eDQhee+01 OXiZSVpXmHz77bdPP/10/fr11UOHgOC+++5Tyzt37pTNrl69Wj30XbyRTZs2ydrJkycbaxXZwtix Y2XSKxPs4uJiVZiRkSGVd+zYoR6aA4L169fLKvlflqdPn25+IepPCZQXXnjB+LC9lC9atOjBBx+8 5pprzp49+/jjjw8bNmzlypXV/AGBeV+2B7l582YpXLJkiXq4ePFiebh161bZryy8+uqrqtz4EwO1 EZnSb9y4UX7cyrLlZopmUr958+bdu3eXeb653PbPByydYq7jsNO6devOmjUrcBkuYHuBAwCCYdg0 EBCEDWedR9DRiu7t4NGAQH4AyMEnJydbV/j95S9/admyZbNmzeLi4ioSEBjLMveuXr26+rqBwI0k JSXJTtPT01Vlg2yhdu3asuq1114zCjds2CAln3/+uXpoDghGjx4tq+65555Ro0b169dPlh999FG1 qk2bNomJifKsxo0bDx06VBWq8kWLFv3tb3+TyqmpqU2bNk1JSTECAvO+bA9SFW7fvl093Lp1qzyU p6t5uHGQRkCg6ssLv/GCYE2tyNy+ffv28pQ77rijoKBAFVoCgsD2tNQJtlM5nujo6Dlz5liW4Q62 FzgAIBiGTQMBQdhw1nkEHa3o3g7uDwhs7xJRWFgoE8Xbb7/duuLCr+7Vb8XnzZsXUkDwxRdfyHMX L15su5HMzEwptHxboc+/hccee2zEiBFySPJEVXjgwAGpbHyrghEQyHw+Kipq1KhRf7igZ8+eDRs2 PH36tM90D4K33npLnr5w4UL1dBUQyPS4VatW1157bUxMzPfff28EBOZ92R6kShCWLVumHr7++uvy UGqq12v8HcTLL79czfQJgldesWn5YORZcgB169Z96qmnVIlM/o2PZti2p6VOsJ0eOnRIypOSkizL cAfbCxwAEAzDpoGAIGw46zyCjlZ0bwf3BwTBPPfcc3L8999/f25u7nfffbdu3brJkyevX78+JSVF ytesWSOz4vj4+Bo1apw6dcoXPBSQ5Y4dO37++eeFhYWyNZnk5+fn227k7NmznTt3jo2NlZn2kSNH 0tLS1Kxeba20tHTw4MEy9d26davacteuXWfMmKGWp0yZombFMs+XXag7Cyrp6emyL/nZ5rv4JoWJ iYm1a9dWv/ZXAYEsPP3001L5t7/9rSwbAYHPtC/bgywpKYmLi5MXkpOTk52d3bt377Zt26qbF7Zq 1UrKN27cKAcg03sVEKgbGbRv337t2rVSTZ6yf/9+qTxp0qQxY8aowzOcOXNGZvUHDhyQBmzRooXx aYjRo0e3a9dOfUeDbXta6gTbqfRsZGSkepnmZQAA4GUEBAAQyLsBQVlZ2cKFCxs0aFDNTxZkfi7z fJln3n777apk1qxZderU6dChg9Tv1KmTusOfZVmm93379o2JiYmIiGjYsKFxqz/bjezevbtHjx5q j82bN5cZuHlrMhWX2W/Tpk3VnfzlB5Vs9vjx47I8bNiwfv36yYLM3i1zbHkhLVu2lO7wXRwQyBOv vfZamcnLDFzK//jHP0phXl6e/BSU2bgsJycny2Go2bV5X7YHKfNt+QmqCrt06WLcHGHFihXR0dHV /N+hOGXKlGoXvsUgNzdXnSHSLI0bN05NTZXCbt26NWvWTD3RcPLkyRtuuEGqydR9wIABxlcMZGZm Xn/99TVr1nz11VeDtae5js9up3IwCQkJEydO9Pk/pGAs4yp3Jr9wz9KU0uP/uiUHAABVjoAAAAJ5 NyBQZNIos8qdO3fKNNtcfvToUZmUysKpU6eMGwfakvntd999J0+XWbf6VgJDsI0UFhaqqXi5JkyY IHP1Z555pl69euavM7wcpk+fPm7cOOOh7UEWFBQcO3bMUlhaWmp866GFvOr8/Hzj4YcffhgfH29a /6MTJ04EtrP0jrlVbdvTUsd38U7lR/6QIUPUWvMyrn4FGdtXN+m/afT0ws+C3uESAIBKIyAAgEBe Dwiucjt27GjWrNmgQYPk59aZM2esq6vavHnzrEVVKjExUX2UIGwWL16s/hjBsgwt7Hrp7Xdr9nmn eq8PfjZy18K3+UABAKAKERAAQCD3BwS63yXCTYyvXQQq6J/zlr8T0TOl6YC1P79/VcN+gR8o4AIH gJAwbBoICMKGs84j6GhF93Zwf0Cg+/dMAB6nMgK5kN+tfcvabvelXf8f5g8UcIEDQEgYNg0EBGHD WecRdLSiezt4IiDgH//456Z/KT8ZIP+vanR7/v9mJmk+BANAmDFsGggIwoazziPoaEX3dvBEQGAt AqCPIx9tXlm7j5EOrKx7a+p1d/xz/nI+QQAAlcCwaSAgCBvOOo+goxXd24GAAMDVy0gH3o1KeDcy /rNhUyz3IOACB4CQMGwaCAjChrPOI+hoRfd2cH9AoPtdIgDPOvLR5ndq3JwU0dP8kQELLnAACAnD poGAIGw46zyCjlZ0bwf3BwQAdFSQsT25Qd/AjwwAAFAlCAgAIBABAYCrzpn8wj1LU2w/MgAAQJUg IACAQAQEAAAA8BwCAgAIREAAAAAAzyEgAIBA7g8IdL9LBAAHXOAAEBKGTQMBQdhw1nkEHa3o3g7u Dwh0/54JAA64wAEgJAybBgKCsOGs8wg6WtG9HQgIAGiMCxwAQsKwaSAgCBvOOo+goxXd24GAAIDG uMABICQMmwYCgrDhrPMIOlrRvR0ICABojAscAELCsGkgIAgbzjqPoKMV3dvB/QGB7neJAOCACxwA QsKwaSAgCBvOOo+goxXd28H9AQEAONu9e3d+fr619GJFRUU7d+60lurjzJkz1iK4Gj0OlIuAAAAC ERAAcJs//vGP//3f/20pfP755zMyMiyFyk033fTEE0+o5QULFqxZs+bi9T9YsmSJjHjnz5+3rtBB Tk7O4MGDraVV5JlnnklPTzcebt++fdq0aWp5zpw5k/3mzp0rx2DUkfJ33nnHeOgsWI9UjnFIM2bM +PDDD8vKylTh+++/ryrIvHrq1KlpaWnq4alTp2bPnj1y5Ej5YTdmzJiZM2fu3bvXvB3FeLotqfzy yy+bS+RF/e1vfzOXVLkJEyakpKRYSwGYEBAAQCACAgBuI1PWqKioEydOGCU7duyQ8erzzz831fqR OSC45ZZbnnzyyYvX/6DcgODvftbSEFVkIxWpY1ZSUtKuXTuZoltXVJblABo2bCgzZOPhsmXL6tWr p5bbtGkTFxc3ePDgBg0aSOvJ+2+j/MEHHzSe4ixYj1SOOqQhQ4Y0atRIDmncuHGq0NjFqFGjWrVq VVBQIMtfffVV69at5QWOHz9+/vz5Y8eOvfbaa2UKoZ4iq+654O233zbtxEoqy77Wrl1rlMgpN2fO HFOVqrdhwwa5Cnbv3m1dAeACAgIACERAAMBt9uzZExERYf4Qgcxg5S2gqcpFzAFBMOUGBDfffPMD DzxgKXSob8t2Ixa2dRx2NHfuXJnKlpSUWFcEcNiImeUAnAOChx9+2OcPKWJjY42fFyEFBFXLOKSy srJ27drJwatCFRAsWLBAJtXbtm1TlQcNGtSgQQPzZx/kWd999516SsVfggoIpBe+/fZbVXKZAgJL D959993Dhg0zlwAwIyAAgEDuDwh0v0sEAAfBLnAZoHr16qWWZVLXvHlzNR+bOXOmlEdGRnbu3Hnd unWqgjkguPPOO6WOWt6/f3///v2jo6M7duw4YsQIIyAI3MiUKVPkYf369du3b//mm29Kyb59+wYO HCizTZkW2n7SOz09PSEhoXbt2i1atNi1a5fPbiNVsiOpOXv2bLUsr+65556bNGlSs2bNunTp8vHH H6vywI3s2LGjQ4cOMmFWFZYvX96tW7djx44FHkBFAgLR088or/js2twjgY0WrDAY8yHdddddtWrV Onv2rAoIpDVq1KhhfMxBJgnS41OnTv3xySYhvQSpfMstt8jWJkyYoErMAcHBgwflSBr7DR8+PC8v T5UH66xDhw4lJibGxMRIR0gvqOgnsAdFRkaGvKLDhw+rh4ASbNj0IAKCsOGs8wg6WtG9HdwfEOj+ PRMAHAS7wN944w0ZoL766itZlql19erVZRomyy+++GJycnJOTk58fHzfvn1VZXNAYCyfP39epsTy 8KOPPpK3jDJFNwKCwI3s3bu3U6dOv/jFL7Zs2XL06NGysjKZ0fXv33/btm3jx4+PjY1VGzecO3dO JniPPPJIbm6uTPxOnjwZuJEq2ZHUl8NetWqVeigvp2bNmoMGDZISma736dPH5w9QbDcyY8YMmV7K 4clG6tevv2TJErVBy0GWGxB88803CxYskMP485//bJRXfHZt9Ihto9kWOlCHJP2YmZlZq1atxx9/ XBXKlLtp06by8o2a7733nhyz9P6PTzaRp0jrvebn/PcFPn/lRYsW/epXv5LzUPbrMwUEcvxymnXs 2HHNmjUysZeF7t27qzsj2HbW2bNnu3bt2qRJE2nSL7/8MjU1VbYQrAcPHz4sL2H58uU/HgoQfNj0 IAKCsOGs8wg6WtG9HQgIAGgs2AX+7bffyjT197//vSzff//9/fr1s6x9+umnZdKrHtoGBDLXkiHu 1VdfVeWBf2Jg2Yj5g/ebNm2SyjK937hxo7zjlOXs7GzjiT5/+tC8eXOZCso021xu++cDl7KjjIwM KdyxY4d6KK8uISHh+++/l+XZs2dHR0c7bEQO8o477vjJT37y85///M477zS2GdKfGFS74IUXXjBa r3IBgW2j2RY6kF03a9ZMptBySPIslXFIobpLwuLFi42aMvOXEuPPDSzkKbLfwX733nuvdfXFVEBQ UFAQExPzs5/9rLS01AgINm/eLHtR4YuQA5CHW7du9Tl2lrnBjcLAHhR169adNWuWuTIQbNj0IAKC sOGs8wg6WtG9HQgIAGjM4QKXKahM4YqLi2W++vrrr6vCv/zlLy1btpQpYlxcnHNAoCZaxn0NzQGB 7UbM0+akpCSpLGtvvCA5OVmtMsikrn379lJNJuHqlni+gLn3pe9ow4YN5ldhfqULFy5Uc06Hjeza tUtWRUREHDhwQJX4Ag6ySZMm6vfwyhtvvCGTbbWsfjMve2/cuPHQoUONOpULCHxBGs22MBjZtfzw WrVqVVZWlrlwypQpDz/8cI0aNYxvTJB5gmwzsOOUkF6CCghkYeXKlbLNZ5991ggIVONv375d1dy6 das8lGo+x84yf22EURjYg3K6yrMux80OoDWHYdNrCAjChrPOI+hoRfd2ICAAoDGHC3z9+vUyRt17 770yRzp16pTvwq/T1YcC5s2b5xwQfPHFF9VMH85/+eWXq/kDgmAbkWnzfffdp5bVb3RfeaWcv0CT rcn70bp16z711FOqxLyRKtmRTOylgrrxvi/InDPYRsrKyvr379+tWzc5wt/85jdGufkARKdOnbp0 6WI8nD17tkzX1bL6PL8svPXWW7IL2aNRXvHZtfmYfXaNFqzQlnFIlsInn3zy3LlzQ4cOjYqK+uyz z6SwsLBQ2uf222+3VFZCeglGQCBGjhxZq1YtOVQ1b1cJzrJly9Ta119/XR4af4YQ2FmySioYXySp BOvBQ4cOSXlSUpKlHB7nMGx6DQFB2HDWeQQdrejeDu4PCHS/SwQABw4XuEwa2/g/4v7rX/9alaSk pMjDNWvWyKwsPj6+Ro0aKjiwDQhEq1atpNrGjRvlvaPM6Kr5A4JgGxk9enS7du3UdyuqPxSXefLa tWtLSkqys7P379+vtqmcOXNGpnMye5dZaIsWLR599FFVbt5IlexISIUZM2aoZds5Z7CNPPfcczEx MXl5eStWrKhm+hi8+QDExIkTIyIipIm+/fbb9evXy6qHHnpIrTLPxhMTE2vXrq1+VS7lw4cP33uB zGOlcNKkSWPGjFGVzYxjtm0020Jf8K05BAQ+/19z9OjRo1GjRv/4xz98/haQF37//ffn5uZ+9913 69atmzx5srxG9RTzS1B3FnTYqREQyHFec801slkVEEiDx8XFSf/m5ORIy/fu3btt27bqvoPBOqtz 586xsbHLli07cuRIWlra6dOng/WgHHBkZGRRUZHaCKA4DJteQ0AQNpx1HkFHK7q3g/sDAgCeNXPm TBmm3n//ffVQ5lG33367lDRo0GDWrFl16tTp0KGDz/87cOPudOZlmRjLrEzqq4+gq4Ag2EYyMzOv v/76mjVrqt/5y5RSDZIyeW7cuHFqaqrapnLy5MkbbrhBVsn8bcCAAcZ95s0bqZId+fx/KyHz/OPH j/sufnUvvfSSbFMtB24kIyNDdiETTlVhwoQJcqhqem85AJl/DhkyRJ5bvXp1+f/mm2827sNvno3L AVx77bUy+5UpvQpuDD/96U+lQrdu3Zo1a6YqmxnHbNtotoW+4FtzDgjE0aNH2/jvL3Do0KGysjKZ mavbE1Tzd8TgwYPV32tYXoLszue40z/+8Y/Gw1WrVslT5s6dqx7KfF7mJ2o7Xbp0MW4YEayzdu/e 3aNHD1VfjvPIkSM+ux6UczUhIWHixInqWQACERAAQCACAgDeIjNAmXvLwqlTp4qLi62rL1ZaWmpM d81sNyJTsgMHDpw7d86oJqvy8/ONhxYnTpwIPADLRqpkR9OnTx83bpy1NIDzRswCD0COc8uWLQcP HlS3aaiEDz/8MD4+3loawLbRAgsruLWKkFck0++dO3eqLxdwcCk7LSgoOHbsmLU0uMLCQhX6mJl7 UCY8Q4YMMfcRAAsCAgAIREAAAO43b948a9FVJjExMfDjD5VWtVuroCuy02AWL16s/iYFQDAEBAAQ iIAAAHDlVfqjB7aqdmsVdEV2CqDSCAgAIJD7AwLd7xIBwAEXOACEhGHTQEAQNpx1HkFHK7q3g/sD At2/ZwKAAy5wAAgJw6aBgCBsOOs8go5WdG8HAgIAGpML/Mr+sx4QAFzdGLgMBARhw1nnEXS0ons7 EBAA0NiVvcCv7N4BoBIYuAwEBGHDWecRdLSiezsQEADQ2JW9wK/s3gGgEhi4DAQEYcNZ5xF0tKJ7 O7g/IND9LhEAHFzZC1z3HwAAPOjKDptXFQKCsOGs8wg6WtG9HdwfEADAZUJAAAD6IiAAgEAEBABQ SQQEAKAvAgIACERAAACVREAAAPoiIACAQAQEAFBJBAQAoC8CAgAI5P6AQPe7RABwUO4FXnq8eM/S lDP5hdYVVYGAAIB2yh02vYOAIGw46zyCjlZ0bwf3BwS8gwdcLNgFXlZSKqPzp30fW910QEHGduvq KhJs7wBw1WLgMhAQhA1nnUfQ0Yru7UBAAEBjgRf48b/v/PS2x96pcXNSRK/kurdevnTAZ7d3ALjK MXAZCAjChrPOI+hoRfd2ICAAoDHjAlcfGVjTbIiUyL+Pb3l4zTWDLms64GN4AaAhBi4DAUHYcNZ5 BB2t6N4OBAQANCYX+I8fGfBHA/Ivc+TUMKQDPoYXABpi4DIQEIQNZ51H0NGK7u3g/oBA97tEAHCw afSzRi5wRf5ZDwgArm68LzIQEIQNZ51H0NGK7u3g/oAAgLuVHi/etfDt9386Yk2zwWuuGazm7avq Xd67DwAAdEdAAACBCAgAuEThZ9mbRk9PrndbWutfvlPzZjICAIADAgIACERAAMBVjA8UvFO918qo eDICAIAtAgIACERAAMCd1AcKVjcdQEYAAAhEQAAAgdwfEOh+lwgADsq9wEuPF+9ZmnImv9C6AgA8 qdxh0zsICMKGs84j6GhF93Zwf0DAbcYBF+MCB4CQMGwaCAjChrPOI+hoRfd2ICAAoDEucAAICcOm gYAgbDjrPIKOVnRvBwICABrjAgeAkDBsGggIwoazziPoaEX3diAgAKAxLnAACAnDpoGAIGw46zyC jlZ0bwf3BwS63yUCgAMucAAICcOmgYAgbDjrPIKOVnRvB/cHBAAAAIAFAQEABCIgAAAAgOcQEABA IAICAAAAeA4BAQAEIiAAAKuioqKdO3daSwOcOXPGWhSKCu4lnC7xFQGARggIACCQ+wMC3e8SAcCB wwV+6tSp2bNnjxw5UoapMWPGzJw5c+/evdZKQSxZskTGt/Pnz1tXmOTk5AwePNhaGoqK7MXWnDlz JvvNmDHjww8/LCsrU4Xvv/++qiDz/KlTp6alpamHwZrC2I4iT58wYUJKSsqF/QBwIYdh02sICMKG s84j6GhF93Zwf0Cg+/dMAHAQ7AL/6quvWrdu3bBhw/Hjx8+fP3/s2LHXXnutvPmz1gui3Kl7SUlJ u3bt5s6da10RinL3EkybNm3i4uKGDBnSqFEj2cK4ceNU4ZNPPqkqjBo1qlWrVgUFBT7HppCnyKp7 Lnj77bc3bNgQFRW1e/du094AuEqwYdODCAjChrPOI+hoRfd2ICAAoLFgF/igQYMaNGiQk5NjlJSV lX333XemKk4Cp+6WafzcuXNlal1SUmIuDFW5ewlGJvYPP/ywz/+i2rVrJ5N/VagCggULFsgkf9u2 baqyQ1PIUx588EGjXLn77ruHDRtmKQTgGsGGTQ8iIAgbzjqPoKMV3duBgACAxmwvcHl7J6PT1KlT rSv8Dh48eNdddzX2Gz58eF5enirfv39///79o6OjO3bsOGLECGPqvm/fvoEDB8qUu3Xr1sbH79u3 bz979my1fOjQocTExJiYmMjISClXqUGV7CUYIyAQspdatWqdPXtWBQQff/xxjRo15J2uWuvcFLYB QUZGhmzh8OHDlnIA7mA7bHoTAUHYcNZ5BB2t6N4OBAQANGZ7gb/33nsyOn300UfWFT7fuXPnunXr JpPzNWvWyDxcFrp3715WViazdCm/6aab5FnyBrFz585q6i6runTpIlP6bdu2jR8/PjY2Vjayd+9e Wbtq1SpZlpl5165dmzRpsmDBgi+//DI1NfWc36XvxYEKCOSJmZmZtWrVevzxx1VhYmJi06ZNZQtG TYem8Pmf0qdPn9f83n77bVV4+PBhecry5csvrgvAJWyHTW8iIAgbzjqPoKMV3dvB/QGB7neJAODA 9gKX6a6MTsZn7M02b94sq5YsWaIeLl68WB5u3bpVKsvCq6++qsqND/9v2rRJFl588cWNGzfKe0dZ zs7OzsjIkIUdO3ZITVVh8uTJxi58VbSXHzcXQCb2zZo1i42NlZrdu3c/evSoKmzQoIGUyO6Mmg5N 4fM/pXnz5oP97r33XqO8bt26s2bNMlUE4B62w6Y3ERCEDWedR9DRiu7t4P6AAIDXyDs8GZ2Sk5Ot K3y+pKQkWbV9+3b1UCbt8nDlypVqWv7555+rcmPqrurHxcXdeIFsdsOGDUZlVSE9Pd3YhVF4iXv5 cXMBZGIvI/CqVauysrLMhVOmTHn44Ydr1KixZs0aVejQFL4gf2IgxxMdHT1nzhxLOQC4DAEBAAQi IADgNoWFhTLFvf32260rfD41t1+2bJl6+Prrr8vDzMzML774otqFvxoQL7/8spq6q9/tv/LKRUnw gQMHpFB9EYA8V5anTZtmrlAle3FgvgeBufDJJ588d+7c0KFDo6KiPvvsM59jU/iCBASHDh2Sg0lK SrKUA4DLEBAAQCACAgAu9Nxzz8kAdf/99+fm5n733Xfr1q2bPHny+vXrS0pK4uLi4uPjc3JysrOz e/fu3bZtW3VbwVatWkn5xo0b5Z1i3bp11dRd3WKgffv2a9eulWrylP3790tlKZwxY4bPfw+Czp07 x8bGLlu27MiRI2lpaadPn66qvUyaNGnMmDEXvTA/h4BAFr799tsePXo0atToH//4hy94U6inDB8+ fO8F6k6KUiEyMrKoqOjizQOA2xAQAEAgAgIALlRWVrZw4UL1N/lCFgYPHqw+2y/Tb3k7qMq7dOmi biUgVqxYER0dLYXqs/pq6i7lMq9Ww11ERETjxo1TU1OlUN5HxsTEHD9+XJZ3794tE3K1webNmx85 cqSq9tKtW7dmzZqpJ5o5BwTi6NGj6v4Chw4dcmgKqaMKFdmdHExCQsLEiRMv2jSAq96Z/MI9S1NK jxdbVyA4AgIACOT+gED3u0QAcOB8gct0VybeO3fulEmyZVVBQcGxY8cshaWlpcb3EVoUFxfn5+eb S6ZPnz5u3DjjYWFhocoLzC5xLx9++GF8fLxpfeU5NIWZvEseMmTIuXPnrCsAXPUKMravath3Y+LU ws+c7nLqPGx6CgFB2HDWeQQdrejeDu4PCHT/ngkADq7sBT5v3jxrUZVKTExUHyUIm8WLF586dcpa CkATee999k6N3kkRPd9rPWzXwrdtP1BwZYfNqwoBQdhw1nkEHa3o3g4EBAA05u4LXP31AQBUXN57 n71b82YZG1c17LcyOiHwAwXuHjZDQkAQNpx1HkFHK7q3AwEBAI1xgQOAhZERyL93a/ZZ1bCf+QMF DJsGAoKw4azzCDpa0b0dCAgAaEy9A+Yf//jHP/45/FtZJ0H+X9Xo9vz/zUzifdEFBARhw1nnEXS0 ons7uD8g0P0uEQAccIEDgMU3S1a/E9FLRQPpcXelthj6QcdE4xMEDJsGAoKw4azzCDpa0b0d3B8Q AAAAeIRKB1ZGJ7zfITG5ft9No6c7f6mBlxEQAEAgAgIAAAA3+CEdqHHzO9V7mT8ygGAICAAgEAEB AACA9goytq9q3J+PDFQcAQEABCIgAAAA0NuZ/MI9S1P4yEBICAgAIJD7AwLd7xIBwAEXOACEhGHT QEAQNpx1HkFHK7q3g/sDAt2/ZwKAAy5wAAgJw6aBgCBsOOs8go5WdG8HAgIAGuMCB4CQMGwaCAjC hrPOI+hoRfd2ICAAoDEucAAICcOmgYAgbDjrPIKOVnRvBwICABrjAgeAkDBsGggIwoazziPoaEX3 dnB/QKD7XSIAOOACB4CQMGwaCAjChrPOI+hoRfd2cH9AAAAAAFgQEABAIAICAAAAeA4BAQAEIiAA AA3s3r07Pz/fWgoAqCwCAgAIREAAwKOysrImT56cnZ1tXXH5TZ06dbIdhwjgpptueuKJJ6ylAIDK IiAAgEDuDwh0v0sEAAeXcoGPHDlSBrHRo0dbV1x+Y8aMucevdevW9erVU8ti//791qoXEBAAqBKX Mmy6DAFB2HDWeQQdrejeDu4PCHT/ngkADip9gRcWFtb2i46OPnHihHV1hZ0/f95aFIoHHnigXbt2 1lI7zgHBJR4GAO+o9LDpPgQEYcNZ5xF0tKJ7OxAQANBYpS/w+fPnR0ZGvvHGGzKOvfzyy0b5oUOH EhMTY2JiZG379u1LSkqCFe7bt2/gwIFRUVGtW7dOSUlRT09PT09ISKhdu3aLFi127drlUKgEBgQH Dx686667GvsNHz48Ly9PlRsBQX5+fq9evZ5//nlVbnsYd95553PPPTdp0qRmzZp16dLl448/VuUA UOlh030ICMKGs84j6GhF93YgIACgsUpf4B06dLj33nvPnTt33XXXde3aVRWePXtWlps0abJgwYIv v/wyNTVVKtgWlpWVycS7f//+27ZtGz9+fGxsrDxdymNiYh555JHc3FyZk588eTJYocESEEjlbt26 dezYcc2aNTLbl4Xu3bvLvnwXAoLi4mLZb79+/UpLS6XQ9jBU5Zo1aw4aNGjVqlU9e/bs06ePsQsA HlfpYdN9CAjChrPOI+hoRfd2ICAAoLHKXeDr16+X4Uv+l+Xp06fLskywZXnTpk2yPHnyZHNlh8IX X3xx48aN8p5SlrOzs8+fP9+8eXOZ0m/ZssWoaVtosAQEmzdvlk0tWbJEPVy8eLE83Lp1q88/5x87 dmzfvn07d+5cXFysKtgehqqckJDw/fffy/Ls2bOjo6P/tQMAnle5YdOVCAjChrPOI+hoRfd2cH9A oPtdIgA4qNwFPnr0aBm+7rnnnlGjRvXr10+WH330USlPSkqS5fT0dHNlh8K4uLgbL0hOTvb5Z+zt 27eXVXfccUdBQYGqbFuoWAICtdnt27erh1u3bpWHK1eu9Pnn/LVr15aHr732mqV+4GGYb1iwcOFC AgIAhsoNm65EQBA2nHUeQUcrureD+wMCADArKiqKiooaNWrUHy7o2bNnw4YNT58+nZmZKcPatGnT zPVtC9Wv7l95xeYHwPnz5+VdZt26dZ966innQl9AQLBhwwbZ7LJly9TD119/XR7KAfj8c/7HHnts xIgRMtvPyMhQFYIdBgEBAJSLgAAAAhEQAPCWRYsWyYS5qKjIKElPT5fRTN4gnj17tnPnzrGxsTJF P3LkSFpa2unTp4MVdu3atX379mvXri0pKcnOzt6/f/+ZM2dkrn7gwIHCwsIWLVqoTyXYFhosAYFs Ki4uLj4+PicnR7bZu3fvtm3bqnsiqjl/aWnp4MGD69evr/7uwPYwjMpqmwQEAGCLgAAAAhEQAHCz 0uPFe5amnMkvNEpktj9mzBhTlR9u9deyZUsZ02R59+7dPXr0qObXvHnzI0eOBCvMzc1Vw2BERETj xo1TU1NPnjx5ww03yMPIyMgBAwYcPnxYqtkWGgK/xUAm+fJuVe2rS5cuO3bsUOWdOnUaP368LJw+ fTo+Pr5p06bqCxECD8NcWbz00kt16tT519YBABcQEABAIAICAO5U+Fn2//3q6dVNBxRk/OtP+iuu sLDw+PHjFSksLi7Oz883l5w4ccK4iaBzoYOCgoJjx45ZS4MLPAwAgDMCAgAI5P6AQPe7RABwEHiB lx4v/uf8t1KvuyMpoufK6IRKpAMA4GKBw6ZnERCEDWedR9DRiu7t4P6AQPfvmQDgwHyBF36W/dkv n3w3Kv7d6ISVkbesbnw76QAAWPC+yEBAEDacdR5BRyu6twMBAQCNyQVufGQgud6tSRG9pCS57r+T DgCALd4XGQgIwoazziPoaEX3diAgAKAxucBX1vl3+d/8b2VU/Ffzlu987hVZVp/yYplllllmWS0n 8b7oAgKCsOGs8wg6WtG9HQgIAGgsyf8Jgm2Pzklu0Fd9fED+fXjTr9fEDOQTBAAQiPdFBgKCsOGs 8wg6WtG9HdwfEKi8HIArmS/wvNQNH3a7L6l6bxmX32t1JxkBAATifZGBgCBsOOs8go5WdG8H9wcE ADzF9IGCnsl1biUjAADYIiAAgEAEBADcKS91w98Gjl/ddAAZAQAgEAEBAAQiIADgZqXHi/csTTmT X2hdAQDwNgICAAhEQAAAAADPISAAgECXGhA0atTo1qvbL1p3shYBcAsucAAICcOmQd7EEhCEh+73 bEMF0dGK7u1wqQEBAAAAoCkCgjDQ/VvfUEF0tKJ7O1Q+IFi0aNFtF3Tt2lWG144dO3bo0OHGq8yI ai2sRQDcggscAELCsGkxZswYAoLLTff5EiqIjlZ0b4fKBwRmmZmZaWlpK1as+OvVR3rIWgTALbjA ASAkDJu25E2svJWVN7S5ubnWt7m4ZLrPl1BBdLSieztUTUCQlZX1ySefpKSkyPD6P1cZ6SFrEQC3 4AIHgJAwbAaSt6/yJlbeysob2ry8POvbXFwy3edLqCA6WtG9HaomIPj666+3bNkiA2taWtq7V5l3 fvVbaxEAt+ACB4CQMGwGkrev8iZW3srKG9rCQr4Wt+rpfs82VBAdrejeDlUTEOTl5cmQmpWVlZmZ +QkAAACgCXn7Km9i5a2svKEtLi62vs0FAC+pmoBABtPCwkIZVXNzc78GAAAANCFvX+VNrLyVlTe0 JSUl1re5AOAlVRMQAAAAAAAArREQAAAAAAAADwQEut8lAoADLnAACAnDJsKPs84j6GhF93Zwf0Cg +/dMAHDABQ4AIWHYRPhx1nkEHa3o3g4EBAA0xgUOACFh2ET4cdZ5BB2t6N4OBAQANMYFDgAhYdhE +HHWeQQdrejeDgQEAHwLFy68VU8jqrWwFgEAgmPYtFi0aJH1hyKqGu/GPYKOVnRvB/cHBLrfJQII A3mHVA0AAO+57bbbrD8UUdV4N+4RdLSiezu4PyAAUC4VEMTHx/8erqPe/gIALBo1akRAAAAWBAQA /hUQyGSyCK4jPWvtbwDAhZ99BAQAYMYbRwAEBG5GQAAAttTPvq5du2ZmZmZlZX399dd5eXnFxcXW egDgJbxxBFCZgOC4n7W0qGjp0qVDhgxZsmSJdUVlvfnmm7JNedNmXRF2l+NIRo0aJc21a9cu64qq Q0AAALbUz74bb7wxLS3tk08+2bJly9dff11YWGitBwBe4v43jrrfJQIIg0oEBM2aNZOnfPrpp5by yZMnS/nvfvc7S3mlqR1lZ2dbV4Td5TiSy7FNCwICAGa8LzKon30dO3ZcsWJFSkrKJ598kpWVlZeX Z62HS8ZZ5xF0tKJ7O7j/jaPu3zOB/5+9e4Grqsz3Pw5qgCJeI0mzDJCjk4JmihpMaV6odLroccby Vo2Vk3ZOR+00ejxajrcxRztdGC21zDHyhhpWpjVkIzZeEpt0MlJCBRUExUn+oML+/9pPLrZrXxSE 5Vp7fd4vXr7Wevaz11r7edZ62M/XzdowQLUDAnk7pSu/+oAgKSkpLCxsy5YtanXt2rXy1i0vL8/9 oZp12Y27HklNISAAYDDeF2nU77527dq9/fbbMrxv2LAhIyMjOztbXw9XjbPOJuhoxert4P9vHK3e Q4ABrjIg+Nvf/hYfHx8aGtqpUye1KS0g2LFjR9++fZs2bSr1H3/8cW123aNHj+jo6Pfff7979+7N mjUbNmzYiRMnpFyOISgoSLZw0003jRo1Squ5b98+3UP//u//LuWvvvqq2uCHH34oq++9955a1ain L1q0SI5t4MCBRV4Oydt+XZ+oHYm3jQwfPlwqvPLKK2rXe/fuldW33npLlqVO586dGzRoEB4ePn78 +Pz8fFWntgOCtLQ06Rd9fwOwMd4XabQ/MXj77bffeeedlStXyi+17777Tl8PV42zziboaMXq7UBA AOCqAgKZG6tlmTCPGTOmfv36WkCQk5MTERFRt27dyZMnJyUlSfmUKVNcnx4cHNynTx/1RVMrVqyQ 8g8++ODGG2+U1d/97ndqtq9NoXUPzZ07V5Y7duyoNti/f/8bbrjh2LFjPx/fRerp9erV69q1q8zM vR2St/1qT9RK5Ei8bSQ5OVmW/+3f/k3tWp4VFBSUlZUly/IypXnffPPN6OhoqbNmzRrXw6ulgCAt LU3aJD09Xd/fAGyM90UaAgLDcNbZBB2tWL0dCAgAXFVAIG+qZKFx48YnT54scs6KAy4GBK+//ros d+jQYfv27YsXL5blLl26uD79T3/6kyw/+eSTsjxhwgT1kMz5ZXXz5s2uNdUU2vWh7Ozs4OBgWf3r X/8q2w8MDJw6dap6iiv19AULFqhVH4fkcb/aE7USORJvGzl27JgKOzZu3Jifny/1Bw0apD1d7Nmz 5ze/+Y1U0A619gIC0gEAHvG+SENAYBjOOpugoxWrt4P/BwRWv0sEYICrCQimT58uC4mJiarc9R4E ssEAp8CLWrdu7fp0NTFWT6lqQCAGDx4sq0888cQjjzzSqFGjnJwcVe5KNwP3cUg+9qsr8bERFXbI gancZMOGDVJYUFAwfPhw9XT1hwy1HRCQDgDwhvdFGgICw3DW2QQdrVi9Hfw/IABwWVcTEKxatUoW WrVqpcplrh5w6ScIZPKs/cm95rIBwQcffOBeU/fQunXrZLVBgwYy6/6P//gPVaijm4H7OCQf+9WV +NjItm3bApx/OtGpU6fo6GhVOGfOnADnn2B8//33kyZNCqjlgIB0AACuBAEBALgjIABwVQHBsWPH ZIouy/3793/44YcDnFRAcPDgQZmpyur999+/aNGil19++ZlnnnF9useAQEUMv/rVrz788ENdTd1D hYWFt9xyS4BzQv7tt9+qp+voZuA+DsnHfnWb8rER0bVrV2cbBEyfPl2VqICgZ8+esqAOOD4+/siR I67b1J5+lUgHAOAKERAAgDsCAgDVCQgiIiLkKZ999pksz5o167rrrgtw3jJw5MiRsqDu6ie2bt16 xx13BAYGBjg/XS+TZ9enewwI5P3ZL37xCymJiYnR1dQ9JF544QVZlZ2qVXeuT1e8HZKP/SquJd42 Il599dUAZ2bx/fffq5Ls7OwuXboEOO/UMHHiRHXrhLVr1+q2efVIBwDgyhEQAIA7AgIA1QkIdI4d O3bgwAF96UVHjhz5+uuvCwoK9A94t3fvXu07EXVcH+rXr1+dOnV27dp1aZXL83ZIPvbrzttGPPr2 22/VnyTk5ubu379f//BVIx0AgCohIAAAd/4fEFj9LhGAAa4+ILgmlixZIof94IMP6h+wH9IBAFeI 90UaAgLDcNbZBB2tWL0d/D8gsPr3TAAGsGhAMH/+/Oeff/7vf/+7/gGbIR0AcOV4X6QhIDAMZ51N 0NGK1duBgADAz2+SYFGhoaGkAwCuEO+LNAQEhuGsswk6WrF6OxAQAPj5TdLdd9+tf8D0uMABoEoY NjUEBIbhrLMJOlqxejsQEAAgIAAAu2DY1BAQGIazziboaMXq7eD/AYHV7xIBGMC6AQEXOABUCcOm hoDAMJx1NkFHK1ZvB/8PCABclnUDAgAAqoeAAADcERAAICAAANgOAQEAuCMgAEBAAACwHQICAHBH QACAgKAmlZeXp6en/+1vf/t//+//6R+7VElJib7IIrKysvLy8vSlVWHd1w7AbxAQAIA7/w8IrH6X CMAA1g0IvF3gU6ZMSUtL01Z37949efJkl8erY9asWfL2UV96qePHj990000tW7aMiIj429/+pn/Y xb59+5KSkrTVPXv2TJgwITMz06WKQSZNmjTBEx8RQIcOHcaOHasvrYpnn302NTVVXwqg9nkbNm2I gMAwnHU2QUcrVm8H/w8IrP49E4ABrBsQeLvAGzduLFNcbXXZsmUNGzZ0ebw6br311scff1xfeqml S5fKjsrLy/UPXKq0tLRt27Zz5szRSn79619LFwwbNsyllkFGjRo11KlNmzZy8GpZ5OTk6KtedPUB wdatW0NCQrKysvQPAKhl3oZNGyIgMAxnnU3Q0YrV24GAAAABwc8qKir0RS6uJCD43e9+J5Nnfamb OXPmyGy8tLRUrRYUFAQ51a9f/9SpU5fWrQLfx39ZI0eObNu2rb7UE98BwRUexsMPP/zAAw/oSwHU Mm/Dpg0REBiGs84m6GjF6u1AQADAXgFBWlpaYmKizMZbtWp14MABVfjDDz/069cvJCRE5u3aR98H Dhw4efLkoUOHhoaGHjp0yDUgkIemTZs2fvz4Fi1axMXFbdmyRQpnzJgh+5Utx8TEzJ07V0qOHDny 0EMPNXUaNGhQbm6uerpUmDlzploWL7/8cnBw8NKlS6UXXnvtNa386NGjQ4YMCQ8Pl0flKSpQ8Fjo 8fg9vlKPhYp7QODt+LWAIC8vLz4+/qWXXlLlHg/DY1uJ9PT0unXrHjt2TK0CMIa3YdOGCAgMw1ln E3S0YvV2ICAAYKOA4MKFCzK1fuqpp7Kzs2Wmevr0aYfztoIyce3Tp8+uXbvGjRsXERGhniXT4MDA wBEjRsikuqSkxDUgkIfq1avXv3//NWvWdOvWrWfPnlJ4+PDhhx9+ODo6eseOHTKNl3117ty5ffv2 69atk9myLHTp0kX2dejQIWlteeLPB+dwtGvX7tFHH5X6N910U6dOnVTh+fPnZblZs2bz5s3bv3// +vXrpYLHQo/H7/GVeizU6AICb8fvuBgQFBcXy3579+5dVlbm8NmM7m0ljh07Ju2wfPnyizsEYARv w6YNERAYhrPOJuhoxert4P8BgdXvEgEYwLoBgbcL3FtAUFFR0bJlS5noyhxee3T79u3y8mfNmrVt 2zZ5gyjL6maBMrN1vY+gLiBITEw8d+6cLM+cObN+/fqq/Omnn46NjVXLX375pWxq4cKFajU5OVlW d+7cmZ6eLgt79+5V5Z9//rmsyr+yPHXqVFmWCbbj4lG5vgrfhbrj9/hKPRZqdAGBt+N3OF/+6NGj e/XqJS+2uLhYVfB4GKqyx7YSoaGhM2bM0FYBGMDbsGlDBASG4ayzCTpasXo7+H9AAOCyrBsQeNOs WbNnnnlGW126dGmjRo3UssxjY2Ji5PUOGDAgPz9fSlJSUmQ1MjLytotWr17tcPtLe11AoD00f/58 jwGB2uzu3bvVqkytZXXVqlVbt26Vha+++kqVDxs2TFaHDh36yCOP9O7dW5ZlI9rTXb+LwXeh+/G7 v1JvhYouIPB2/A7nyw8KCpLVxYsX6+q7H4a3tqqoqJDl2bNna1sAACMREACAOwICAH4YEHTs2DEu Lk5bnTlzpsyKtVWZmsobwdDQ0BdeeMFx8b++33xTH/deZUCggoBly5ap1SVLlshqRkbG4cOHZUF9 Y2JRUVFISMgjjzzyx4u6devWuHHjs2fPSk2ppvt2Ro+F3o7f4fZKfRQ63AICb8fvcL78MWPGDB48 WF54enq6quDtMLy11dGjR6V+SkpKZVUAMBABAQC4IyAA4IcBwXPPPRcYGCjv+X788cfPP/9c5r1P PPGElJeUlMgMVqboBQUFrVq1Uv9Xr/6wPyYmZtOmTaWlpZmZmeob/q4yIJBNRUZGJiQk7Nu3T7bZ vXv36OhodU9B2d2LL74oC6+88oo8t6ioSD3F4byJoPSFHLkclWwqIiJCpujHjx/fsGHD2bNnvRW6 H7/HV+qxUKMLCHwcv3r5ZWVlSUlJYWFh6u8OPB6GVllt07WtNm/eHBwc7PraAcBIBAQA4I6AAIAf BgQy7bz33nvlRdWpU0f+7dGjh7oD/+nTp2WeHxgYKFPTvn37arfQz87OVo0gDzVt2nT9+vUO58cQ xo0bp21TZssqZdA9tGDBggYNGqjlMWPGuH5yQSbJ8tYzwEnKtfsOyNvQ8PDwwsJCme2PGjVKq+9w 3uqvdevWcjCynJWV1bVrV/X0li1bHj9+3Fuh+/F7fKUeCzXu32Lg7fi1l3/27NmEhITmzZurL0Rw PwzXyg6XtqqoqEhMTHzuuedUOYCrVJJXcHBRalnhz/cEwZUgIAAAd/4fEFj9LhGAAawbEPi+wE+c OLFjx44jR47IdNS1/NSpU9qt9VxJYV5enr70quXn5588eVJXOHXq1CeffFJX6FFBQUFhYeGVFLof v8dX6rHQB4/H74P7YbiTt+P33nvvhQsX9A8AqK789N2rG/X64uH/Lvjip/uDeuN72LQVAgLDcNbZ BB2tWL0d/D8gsPr3TAAGsG5AYOkLfO7cufoi20hOTj5z5oy+FMDVOf7x9vfr9kgJ7Lah9cBv563w +IECSw+bNYuAwDCcdTZBRytWbwcCAgAEBADgJ45/vH1lUE8ZG1c1+OXKkET3DxQwbGoICAzDWWcT dLRi9XYgIABAQAAA/kPLCOTn/Trxqxve7fqBAoZNDQGBYTjrbIKOVqzeDgQEAKwdEPDDDz/88OP7 Z03j3j/92+SevI8yUnhfdBEBgWE462yCjlas3g7+HxBY/S4RgAGsGxBwgQOAznevvPd+4E+5wPv1 enzUYeiGmwd++ItfH5j/nvoEAcOmhoDAMJx1NkFHK1ZvB/8PCABclnUDAgCAK5UOrGnc+6O4R1c3 6r192FTfX2pgZwQEAOCOgAAAAQEA+IOsV1eurNfj/Trxrh8ZgDcEBADgjoAAAAEBAFhefvrutc36 8JGBK0dAAADuCAgAEBAAgLWV5BUcXJTKRwaqhIAAANz5f0Bg9btEAAawbkDABQ4AVcKwqSEgMAxn nU3Q0YrV28H/AwKrf88EYADrBgRc4ABQJQybGgICw3DW2QQdrVi9HQgIABAQAIBdMGxqCAgMw1ln E3S0YvV2ICAAQEAAAHbBsKkhIDAMZ51N0NGK1duBgAAAAQEA2AXDpoaAwDCcdTZBRytWbwf/Dwis fpcIwADWDQi4wAGgShg2NQQEhuGsswk6WrF6O/h/QADgsqwbEAAAUD0EBADgjoAAAAEBAMB2CAgA wB0BAQACglqRlZWVl5enLwUAmAMBAQC4IyAAYLuAYNasWfJGUC3Pnj17gtPzzz8vy1u3br207s8m TZqkqun4iAA6dOgwduxYfSkAwBwICADAnf8HBFa/SwRgAOsGBNW7wG+99dbHH39cLUdFRbVp02bI kCGJiYkRERHSDqNHjy4tLb30GY5Ro0YNdZLKDRs2VMsiJydHV1NDQADAhKo3bPolAgLDcNbZBB2t WL0d/D8gsPr3TAAGsG5AUL0LXBcQPPbYY2r53LlzMqWXppg1a1Zl7UuNHDmybdu2+lJPfAcEFRUV +iIAqH3VGzb9EgGBYTjrbIKOVqzeDgQEAAgIfg4IRHl5eceOHSMiIrQSHfeA4MiRIw899FBTp0GD BuXm5qpyLSDIy8uLj49/6aWXVPkPP/zQr1+/kJCQNm3apKamqsKBAwdOmzZt/PjxLVq0iIuL27Jl iyoHgJpVvWHTLxEQGIazziboaMXq7UBAAICAoDIgEC+88IK0RmFhoWuhRhcQXLhwoXPnzu3bt1+3 bp3M9mWhS5cu5eXljosBQXFxsUz4e/fuXVZW5nAGELLap0+fXbt2jRs3TksipHK9evX69++/Zs2a bt269ezZU9sFANSg6g2bfomAwDCcdTZBRytWbwcCAgAEBJcEBLNnz5bW0D4IoKMLCL788kupvHDh QrWanJwsqzt37nQ45/yjR4/u1atXbGxscXGxqrB9+3b1Jwzbtm2TN6OynJmZqSonJiaeO3dOlmfO nFm/fv2fdwAANap6w6ZfIiAwDGedTdDRitXbwf8DAqvfJQIwgHUDgupd4L4DApnVN2zY0LXElS4g SElJkabbvXu3Wt25c6esrlq1yuGc8wcFBcnq4sWLdfUjIyNvu2j16tWqsnbDgvnz5xMQAKgl1Rs2 /RIBgWE462yCjlas3g7+HxAAuCzrBgTV4yMgOHnyZKNGjYYMGaKV6OgCgq1bt0rTLVu2TK0uWbJE VjMyMhzOOf+YMWMGDx4ss/309HRVQX2C4M039b85CAgAwGAEBADgjoAAgN0DgkGDBh06dCgzM3PF ihUy+Q8PDz969Oilz6ikCwhKS0sjIyMTEhL27dsnW+jevXt0dLT6lkQ15y8rK0tKSgoLC1N/d3D+ /PlOnTrFxMRs2rRJqslT1BclEhAAgMEICADAHQEBAH8OCMoKiw8uSi3JK3AtlCn9E088oZajoqIC nIKCguRt4tNPP33y5EnXyjru32Igk3x5otpIXFzc3r17VXnHjh3HjRsnC2fPnk1ISGjevPmBAwdk NTs7WzV4YGBg06ZN169f71pZLFiwoEGDBj9vHQBQOwgIAMAdAQEA/wwICr7I/OKh59c275uf/vMN AmpVfn6+72RBp7i4OC8vT18KADAKAQEAuPP/gMDqd4kADGDdgMD9Ai8rLP7nnGXrbrwvJbDbqvqJ xqQDAGAV7sOmbREQGIazziboaMXq7eD/AYHVv2cCMIB1AwLXC7zgi8zP73tuZXDC+9f1XN3gl6nN +pAOAIAO74s0BASG4ayzCTpasXo7EBAAsHZAoH1kYFX9RFmVn7WNe5MOAIBHvC/SEBAYhrPOJuho xertQEAAwNoBwaoGv1S5gPazKiTxn3OXfzPtTVlWn/JimWWWWWZZLafwvugiAgLDcNbZBB2tWL0d CAgAWDsgKCss3vNfr6xpek9KnfgUZ0CwMerh1Ov78QkCAHDH+yINAYFhOOtsgo5WrN4O/h8QqLwc gA/WDQhcL/Djn/z9k/jH36/bQ8bl9RH3khEAgDveF2kICAzDWWcTdLRi9Xbw/4AAwGVZNyBwV/mB gsBuqxv8kowAAOARAQEAuCMgAOBXAYHm+Cd/T0/6j7XN+5IRAADcERAAgDsCAgD+GRAoZYXFBxel luQV6B8AANgbAQEAuCMgAODPAQEAAB4REACAO/8PCKx+lwjAANYNCLjAAaBKGDY1BASG4ayzCTpa sXo7+H9AYPXvmQAMYN2AgAscAKqEYVNDQGAYzjqboKMVq7cDAQEAAgIAsAuGTQ0BgWE462yCjlas 3g4EBAAICADALhg2NQQEhuGsswk6WrF6OxAQACAgAAC7YNjUEBAYhrPOJuhoxert4P8BgdXvEgEY wLoBARc4AFQJw6aGgMAwnHU2QUcrVm8H/w8IAFyWdQMCAACqh4AAANwREACwe0CQlZWVl5enL71U UVHRN998oy+tlpKSEn1R7bsmOwUAMyMgAAB3BAQA/C0g+L//+78///nPusKXXnopPT1dV6h06NBh 7NixannevHnr1q279PGfLFy4UJqooqJC/0AV7du3LykpSV9a+5599tnU1FR9KQDYGAEBALgjIADg bwHBlClTQkJCTp06pZXs3btXXuBXX33lUquSa0Bw5513Pv/885c+/pPLBgR/d9KXXqq0tLRt27Zz 5szRP1D7tm7dKm2SlZWlfwAA7IqAAADc+X9AYPW7RAAGsG5A4PECP3jwYGBgoOuHCCZMmCBvAV2q XMI1IPDmsgFBjx49Ro4cqSvU1Z8zZ06bNm1KS0tdC2uPbu8PP/zwAw884FoCwIY8Dpv2REBgGM46 m6CjFau3g/8HBFb/ngnAANYNCLxd4PKK4uPj1XJ5eXnLli1nz54ty9OnT5fy4ODg2NjYzZs3jVvM kgAAYaFJREFUqwquAcHAgQOljlrOycnp06dP/fr127dvP3jwYC0gcN/IxIkTZTUsLCwmJubdd9+V kh9++KFfv34hISFt2rTRPtsvj86cOVPb0bRp08aPH9+iRYu4uLgtW7ao8iNHjjz00ENNnQYNGpSb m+u7/tGjR4cMGRIeHi4HINtX6YPHvaenp9etW/fYsWNqFYA9eRs2bYiAwDCcdTZBRytWbwcCAgB+ GBAsXbpUXtE///lPWZY5fJ06dWTiLcuzZs1avXr1vn37EhISevXqpSq7BgTackVFRefOnWX1k08+ kbeMsbGxWkDgvpFDhw517Njxvvvu27Fjx4kTJ8rLy2UO36dPn127do0bNy4iIkLVkS2sWbNG21G9 evX69+8vJd26devZs6cUXrhwQXbavn37devWycReFrp06SJb81b//PnznTp1atas2bx58/bv379+ /XrZgse9i2PHjskBLF++XK0CsCdvw6YNERAYhrPOJuhoxertQEAAwA8Dgh9//LFhw4b//d//Lcsj Rozo3bu37tHf//73YWFhatVjQCCza2mTt956S5W7/4mBbiOuf2Kwfft2qTxr1qxt27bJO05ZzszM TE9Pl4W9e/eqOrKjxMTEc+fOyfLMmTPr168vC19++aXUkX2pOsnJybK6c+dOb/XVjiZMmKDqKx73 rh4KDQ2dMWOGa2UAduNt2LQhAgLDcNbZBB2tWL0dCAgA+GFAIB577LGWLVsWFxc3bNhwyZIlqvCN N95o3bp1ixYtIiMjfQcEamqt3dfQNSDwuBHXgCAlJUUqy6O3XbR69eqtW7e6btB1p/Pnz1cTfvXE 3bt3q/KdO3fK6qpVq3zXT0tLU+WKx707nJ+JkGepP7UAYFs+hk27ISAwDGedTdDRitXbwf8DAqvf JQIwgHUDAh8X+Oeffy4v6tFHH5VZ8ZkzZxzOP8IPuPihgLlz5/oOCL7++usAl78IeO2111RA4G0j PXr0GD58uFpW/4f/5puXHNvhw4elUN6AqlWPE34VIixbtkyVL1myRFYzMjK81ZeHpMLkyZNVueJx 7w7n3QqkPCUlRVcOwFZ8DJt2Q0BgGM46m6CjFau3g/8HBAAuy7oBgQ8ymY+KipLX9Zvf/EaVpKam yuq6detkHp6QkFC3bl0VHHgMCMTNN98s1bZt2ybvHUNDQ1VA4G0jw4YNa9u2rfpuRXVrgJiYmE2b NpWWlmZmZubk5Ei5FL744ovuO9Im/FI5MjJSNrtv3z55Vvfu3aOjo9V9Bz3Wlx3FxsZGREQsW7bs +PHjGzZsOHv2rLe9b968OTg4uKioSG0EAGyOgAAA3BEQAPDPgMDh/LoBeV0bN25UqzJzvueee6Sk UaNGM2bMaNCgQbt27aS8Y8eO48aNU3Vcl1esWCHzcKkfFRU1ceJEFRB420hGRsYtt9xSr1499eGC 7Oxs1aqBgYFNmzZdv369w/lnC+Hh4YWFhbodLViwQLajlmU+L+9WA5zi4uK0exZ4q5+VldW1a1dV v2XLlsePH3d42rsceWJi4nPPPaeeBQAgIAAAdwQEAPw2IPDoxIkTMsmXhTNnzhQXF+sfvlRZWZn2 RYOuPG5EJuGHDx++cOGCVk0eysvL01bF1KlTn3zySdcSj/Lz80+ePKkv9a6goEDlDq5c9y5vf++9 917XYwMAmyMgAAB3BAQA7BUQXHNz587VF9W+5ORk9acQAACFgAAA3Pl/QGD1u0QABrBuQMAFDgBV wrCpISAwDGedTdDRitXbwf8DAqt/zwRgAOsGBFzgAFAlDJsaAgLDcNbZBB2tWL0dCAgAWDsguLY/ +gMCAHNj4NIQEBiGs84m6GjF6u1AQADA2gGBvshA13bvAFANDFwaAgLDcNbZBB2tWL0dCAgAEBBU 07XdOwBUAwOXhoDAMJx1NkFHK1ZvB/8PCKx+lwjAANYNCK7tBW71XwAAbOjaDpumQkBgGM46m6Cj Fau3g/8HBAAuy7oBwbVFQAAA1kVAAADuCAgAEBBUEwEBAFgXAQEAuCMgAEBAUE0EBABgXQQEAOCO gAAAAUE1ERAAgHUREACAO/8PCKx+lwjAANYNCC57gZcVFh9clFqSV6B/oCYQEACwnMsOm/ZBQGAY zjqboKMVq7eD/wcEvIMHLsu6AYGPC7zgi8ztw6aubd43P323/rEa4mPvAGBODFwaAgLDcNbZBB2t WL0dCAgA+FVAUFZYfGD+extjBr9fJ35VSELtpQMOT3sHAJNj4NIQEBiGs84m6GjF6u1AQADATwKC nz4y8Oj/rgq9a33rge/X7b4m7O5aTQccDC8ALIiBS0NAYBjOOpugoxWrtwMBAQBrBwTaRwZSb+i/ tmkfKUkJ7GZAOuBgeAFgQQxcGgICw3DW2QQdrVi9Hfw/ILD6XSIAA1g3INg+7H9/SgSu3Y/+gADA 3HhfpCEgMAxnnU3Q0YrV28H/AwIAl2XdgECc3puV3nfc+/V6aJP2vz00cd0N/Q34BAEAwLoICADA HQEBAGsHBErF+Qv7Z769vtX9KQHxKQHdNsc/RkYAAPCBgAAA3BEQAPCHgEBT+YGCwPjVoXeREQAA PCIgAAB3BAQA/CogUNQHCj7r9bu1zfuSEQAA3BEQAIA7/w8IrH6XCMAA1g0ILnuBlxUWH1yUWpJX oH8AAGzpssOmfRAQGIazziboaMXq7eD/AQG3GQcuy7oBARc4AFQJw6aGgMAwnHU2QUcrVm8HAgIA P79JatKkyV1WMziglb4IAOAdw6ZGfusREBiDd+M2QUcrVm8HAgIAjrucAQEAAHZDQGAA3o3bBB2t WL0dCAgAOF555ZW7L+rUqZO8W2rfvn27du1uM73BAa30RQAA7xg2dUaNGkVAUNt4N24TdLRi9Xbw /4DA6neJAAyWkZGxYcOGFStWvG0Fyx98Rl8EAPCOYdMj+a0nv/vkN2B2drb+9yKuGu/GbYKOVqze Dv4fEACokj179nz66aepqanybukdAAD8nfy+k9968rtPfgPm5ubqfy8CgJ0QEAC4xHfffbdjxw55 n7Rhw4aVAAD4O/l9J7/15Hef/AYsKOBrcQHYGgEBgEvk5ubKO6Q9e/ZkZGR8CgCAv5Pfd/JbT373 yW/A4uJi/e9FALATAgIAl5D3RgUFBfImKTs7+zsAAPyd/L6T33ryu09+A5aWlup/LwKAnfh/QGD1 u0QA8IELHACqhGETxuOsswk6WrF6O/h/QGD175kA4AMXOABUCcMmjMdZZxN0tGL1diAgAGBhXOAA UCUMmzAeZ51N0NGK1duBgACAhXGBA0CVMGzCeJx1NkFHK1ZvBwICABbGBQ4AVcKwCeNx1tkEHa1Y vR38PyCw+l0iAPjABQ4AVcKwCeNx1tkEHa1YvR38PyAwQFZWVl5enr70qtXSZmtVUVHRN998oy+t aSUlJfoiw2m9Y4aDAQAAAICrR0Dg2ZEjR+bMmXPPPfeMGDHijTfe0D98qQ4dOowdO1Ytz5s3b926 dZc+/pNJkyZN8MRHBOC6WYPNnj1bHZ40wr59+/QPe7dw4cKAgICKigqH96a4SnI8SUlJ+tIaMmXK lLS0NG119+7dkydPdnm8ktY7zz77bGpqqv5hAAAAALAaAgIPysvLo6Oj27VrN3Xq1AceeKBLly76 Gpdyncnfeeedzz//vFr+u5NaHjVq1FCnNm3aNGzYUC2LnJwcVcHdNQwIoqKiIiMjZR7eqFEjmfC/ 8847+hpeuAYErk1Rba5tKEpLS9u2bTtnzhyXKldFt/3GjRtPmDBBW122bJl0lrbqSuudrVu3hoSE ZGVl6WsAAAAAgKUQEHiQlpYms9wdO3aoVTXd9cHbTL5Hjx4jR47UFUqJTHF1hR5526xy2aPyYffu 3UuXLtWXuoiKivrtb3/rcE7IIyIi7r77btdHfezaNSC4rCuppmvDOXPmtGnTRo6qsoYXV7Jxh9v2 qxEQiIcffviBBx649HEAAAAAsBj/DwiqcZeIbdu2ySx35syZuvKBAwdOmTLlsccea9KkSevWrbU5 tutcUepMnz5dFiZOnBgcHBwWFhYTE/Puu+9e3IaHgODIkSMPPfRQU6dBgwbl5uaqcm2zeXl58fHx L730kir/4Ycf+vXrFxISIlNl7cPtst9p06aNHz++RYsWcXFxW7ZsUeUeyZHfe++9+lIXWkAgujmp ZY+7zsnJ6dOnT/369du3bz948GAtINCaQi1Pnjx56NChoaGhhw4d8rido0ePDhkyJDw8XNpNGq20 tNS9DWVB6xdvL9l943v37m3Xrt28efNUheXLl3fu3PnkyZPu2/cREOhegmunp6en161b99ixY9oT YZhqXOAAYGcMmzAeZ51N0NGK1dvB/wOC6n3PRFJSkkx0BwwY4PrRcZkT1qlT58knn1y5cuXdd98d FBT0r3/9S5Vrc0VtWeaQHTt2vO+++3bs2HHixAltI7qA4MKFCzJZlan1unXrZDYrC126dCkvL9c2 VVxcLLPf3r17l5WVOZx//iCrMiHftWvXuHHjIiIi1Hakcr169fr3779mzRqZz/fs2VPbhbsrDAi+ //57mVRLO7z++usOL7uuqKiQ45e9f/LJJ59++mlsbKwWEOiaJTAwcMSIEWlpaT/++KP7ds6fP9+p U6dmzZrJHvfv379+/XppGV0byqpsXF6gtk33l+zxIMWLL74oc/gtW7bIRsLCwhYuXOjw1Ec+AgLX l1BSUuL66o4dOyYHtnz5cu2JMEz1LnAAsC2GTRiPs84m6GjF6u1AQOCZzDOnT59e30mb+MmccPjw 4Wr5m2++kTnh2rVrVbl7QOBw+/i6ogsIvvzyS9mOmq+K5ORkWd25c6fDuanRo0f36tVLZt3FxcWq wvbt26XCrFmztm3btnLlSlnOzMxUlRMTE8+dOyfLM2fOlMP+eQcu/vGPf2xxkjlw165d1bLM6vX1 nAFBwEV/+MMf1ITf465lHi4Lb731lnqi658Y6JpFu7Ogx+2oQtfJueLahunp6VJn7969atXjS/a4 cYczyBgwYMD1119/++23Dxw4UG3B4dZHvgMC15sjur46ERoaOmPGDG0VhqneBQ4AtsWwCeNx1tkE Ha1YvR0ICHz5/vvv77jjjsDAQHUrQdc54fnz5+vUqaNucX81AUFKSopMYnfv3q1Wd+7cKaurVq1y ODcVFBQkq4sXL9bVj4yMvO2i1atXq8rafufPn+8xIPj9739/h1ObNm0aNWqklrt27aqv5wwIhgwZ 8tVXXzVt2vT+++9XhR53rSbhUlPV8REQaMset6MKXb9BQHFtw61bt7ruy+NL9rhxVefAgQPykPTm 4cOHVYnDrY+aNWv2zDPPaKtLly6VhlLLukTAdVVer+x99uzZ2qMwzNVc4ABgQwybMB5nnU3Q0YrV 24GA4DIyMjJkVvnmmz/9JYnrnPDrr7+W8uTkZF25LiDQPnGg0QUEatK7bNkytbpkyRJZlZ06nJsa M2bM4MGDZfKZnp6uKqj/IVfH48rjbNmbK/wTA1n4y1/+IruTDTq87Fq1g/ax/9dee+2yAYHH7ah2 dv9OQdc2lIm91Fm5cqVa9fiSPW7c4fxISJ8+fTp37hwaGvr4449r5bo+6tixY1xcnLY6c+bMmJgY tewjIDh69KjsNCUlRXsUhrnKCxwA7IZhE8bjrLMJOlqxejv4f0BQjbtEfPbZZwsXLszOzv7xxx+f e+654ODggwcPOpxzwvbt23/11VcFBQUjRoyQGWleXp4q9zgTHjZsWNu2bU+dOnVxwz/RBQSlpaWR kZEJCQn79u3LzMzs3r17dHS0uku/2lRZWVlSUlJYWJj6uwP1t/oya920aZNUk6e4f7qhBgMCMWTI kKCgoN27d3vb9c033yzHv23btrffflum35cNCDxuRwpjY2MjIiKWLVt2/PjxDRs2nD171uHWhvLE F1980X2b2kv2uHEpnzZtWnh4eG5u7ooVKwJc/qZDt33p7sDAQHkh0vWff/65PPTEE0+oh3wEBJs3 b5aTpKioSHsUhqnGBQ4AdsawCeNx1tkEHa1YvR38PyCohiVLlsh8T6aR1113ncw2ZbqoymVOePvt t8s8U+aQjRs31v7bvGPHjuPGjXNfzsjIuOWWW+rVq6f9ib7DLSAQMom97bbbApzi4uK0v7HXNiVT ZZmBN2/e/MCBA7KanZ191113BTg/Ld+0adP169e7VhYLFixo0KDBz1v3ZOnSpffdd5++1IVrQFBY WHjjjTdGR0eXlJR43LVMuWVyLoXyrIkTJ2oBgbdmcXh5CVlZWV27dlXt0LJly+PHjzvc2nDlypXS /nJIum26vmT3jaenp8sWNm3apCo8++yz0r/qzzp025dJ/r333ivPrVOnjvzbo0cP7UsldC9BW5UX m5iY+Nxzz2kPAQAAAIAVERA4ygqLDy5KLckrcC28cOHCt99+6/rH6o6L/2lcXl4u5VLB9SFvZPZ4 hZXz8/NPnjypL/WuuLhYfX7BeO67Lisr0ybSV859O6KgoEDN/zW6Npw6deqTTz7pWsEjjxv3yL2P Tpw4sWPHjiNHjqikw7e333773nvvvZIuBgAAAAAzs3VA8MM7Gz+7Z+za5n3z03++R6Bvug+Z41qZ O3euvujaSU5OPnPmjL4UAAAAAKzGjgFBSW7+9kemrKqfmBLYbXXoXVeYDojXX39948aN+lIAAAAA AKzP/wMC17tE/PDOxo3/NiQlMD4loNuH7f59XXj/K08HAJiQ1W8DAwAGY9iE8TjrbIKOVqzeDv4f EKQEdKv8yEBAN/WzpedvSQcAP2D1L5IBAIMxbMJ4nHU2QUcrVm8HWwQEqxr8UosG1M+qkIR/zl3+ zbQ3ZVllPCyzzLLlltWqAwBwxRg2YTzOOpugoxWrt4MtAoKywuID89/74NYH1zTpvfK6nlIi/65t 3JtPEABWZ/UhGAAMxrAJ43HW2QQdrVi9HWwREGjLBV9kbhsyaVX9X65pcs/79XqQEQBWZ/UhGAAM xrAJ43HW2QQdrVi9Hfw/IFCfRnalfaAgJTB+VUgiGQFgXe4XOADAB4ZNGI+zziboaMXq7eD/AYEP BV9kZgz9n7XN+5IRAAAAAABsztYBgVJWWHxwUWpJXoH+AQAAAAAAbIOAAAAAAAAAEBAAAAAAAAA7 BARWv0sEAB+4wAGgShg2YTzOOpugoxWrt4P/BwRW/54JAD5wgQNAlTBswnicdTZBRytWbwcCAgAW xgUOAFXCsAnjcdbZBB2tWL0dCAgAWBgXOABUCcMmjMdZZxN0tGL1diAgAGBhXOAAUCUMmzAeZ51N 0NGK1dvB/wMCq98lAoAPXOAAUCUMmzAeZ51N0NGK1duh+gHB/Pnz7wIAAAAAAKb3yiuv6Gf1bqof EMgOAgAAAAAAgOndfffd+lm9m6sNCBISEv4b/kKdNAAAAAAAv9GkSRODAgKZVRbBX0iH6rsZAAAA AGBlavJOQICqISCA5Vj9NjAAYDCGTRiPs84m6GjFnO2gJu+dOnXKyMjYs2fPd999l5ubW1xcrK9n cEBQ6EL/GEyAgACWY/UvkgEAgzFswnicdTZBRyvmbAc1eb/ttts2bNjw6aef7tix47vvvisoKNDX MzggaNGihfPmCD9p2rTp2LFjDx8+rK+Ea4eAAJZjziEYAEyLYRPG46yzCTpaMWc7qMl7+/btV6xY kZqa+umnn+7Zsyc3N1df75oEBC+//LI8q3HjxrL8xz/+UV8J1w4BASzHnEMwAJgWwyaMx1lnE3S0 Ys52UJP3du3avf322ytWrNiwYUNGRkZ2dra+3jUJCA4cOCDLgwcPluX//M//VA/t2LGjb9++TZs2 lTqPP/54Xl6eKv/4448feOCBG264QR7q2LGjKtyzZ8+vfvUrqdmoUaNu3bqtXr1alf/iF7+Ijo7O zc2VZTkwWX7jjTfUQz169JDVRYsWderUaeDAgVKyd+9eOYabbrqpfv36bdu2lTYq8n4YrqS8c+fO DRo0CA8PHz9+fH5+vir3uEGPhd724vHFeiysDR999FFoaKi+mwFzM+cQDACmxbAJ43HW2QQdrZiz HbQ/MXj77bffeeedlStXfvrpp999952+3jUJCDZv3izzdpmL1qtX769//auU5+TkRERE1K1bd/Lk yUlJSVJnypQpUl5QUCATY1mdMWPGq6+++tRTT0nh4cOHZb4thQ8++KDMz2XiHRgY+OGHH8pD1113 nZSrP1t47LHH1BNddy177Nq1qzxL6tx8881SEhcX94c//GH06NEyD/d2GDp9+vSRV/3mm29GR0dL nTVr1hQ5j8p9gx4Lve3F44v1WFgbPvroI9lRenq6vpsBczPnbWAAwLQYNmE8zjqboKMVc7aDqQMC RWbIH3zwgSp//fXXpaRDhw7bt29fvHixLHfp0qXIOT1WTxk5cuTOnTtV5eTkZCmRcrU6YsSIAGdY UHQFAcGCBQvU6p///GdZbdSo0YkTJ1RJkffD8GjPnj2/+c1vpM7UqVOLvGzQY6G3vXh8sR4Laxzp AAAAAAD4K1MHBDJtbteunevsXTYS4BR4UevWrdVDy5cvv/7669WjDz74YG5urqrcr18/VeFPf/qT rHbu3LnoCgKCzMxMtfr888/Lau/evdWq4uMwNDJjHz58uNpaUFBQwMWAwOMGPRb62Iv7i/VWWINI BwAAAADAj5k6IDhw4MDHH38sE2OZYKs/MVD/qS7zZO3v+V3JhP/ll19u2rSp1HnllVdeffVVWbjl llvUo2PGjJHVAQMGFF0MCGT7J06c6N69e4D3gEBtpEmTJu7/t+/tMJQ5c+ZInb59+37//feTJk0K uBgQeNygx0Lfe9G9WB+FNYJ0AAAAAAD8m9kDAlkeNWqULEdFRR05cuTgwYPqL+3vv//+RYsWyWT4 mWeeKXLem2DEiBFvvPHGxx9/3LlzZ6kwf/58eRnNmjWT5WeffVZm4OqJy5cvl/qxsbGyPHDgQJUO BHgPCLSN9O7dW9po7ty50kDeDsOVCgh69uwpC7fccossx8fHy0vwuEGPhd724vHFeizUHVK1kQ4A AAAAgN8zaUAQERERcDEgyM7OVvPkYcOGyerWrVvvuOOOwMDAAOdH97t27arqtGnTpm7dulIoz33q qadOnjwp5Zs3b27fvn2Ak8zA//SnP6ntL168uHnz5rKRfv36DR06VB6dOXOm6661gEBtRBpIbSQ4 OFieW+TlMFzJIXXp0kUebdy48cSJE+WJsrx27VpvG/RY6HEvHl+sx8JLDqi6SAfgH8x5GxgAMC2G TRiPs84m6GjFnO1g0oDgso4cOfL1118XFBS4Fh47duwf//iHa4ly8ODBf/7zn7rC48ePHzp0SFfo g8zAv/nmG92s2+NhuPr222/VHwjk5ubu37/f9SGPG/RY6HEvHl+sx8KrQToAv2HOL5IBANNi2ITx OOtsgo5WzNkOVg0IYADSAfgTcw7BAGBaDJswHmedTdDRijnbgYAAnpEOwM+YcwgGANNi2ITxOOts go5WzNkOxgUEsJbQ0FDSAfgTcw7BAGBaDJswHmedTdDRijnbwbiA4O6779Y/YDLmvEsEgBrBBQ4A VcKwCeNx1tkEHa2Ysx0ICAAAAAAAAAEBAAAAAAAgIAAAAAAAAA4CAgAAAAAA4CAgcGXOu0RUQ0lJ ib7ocrKysvLy8vSlV+3qN1uN1wJ45DcXOAAYg2ETxuOsswk6WjFnOxAQVPL2PROzZ8+e4DRnzpx9 +/bpHzYZOcKkpCRZOHLkiBzwPffcM2LEiDfeeENf71IdOnQYO3asWp43b966desuffwnkyZNUu2g 4yMCcN1s9Tz77LOpqan6UqDqvF3gAACPGDZhPM46m6CjFXO2AwFBJW89FBUVFRkZKbPuRo0ayQuR ZtLXMI3S0tK2bdvOmTOnvLw8Ojq6Xbt2U6dOfeCBB7p06aKveinXmfydd975/PPPq+W/O6nlUaNG DXVq06ZNw4YN1bLIyclRFdxdfUCwdevWkJCQrKws/QNAFXm7wAEAHjFswnicdTZBRyvmbAcCgkre eigqKuq3v/2twzn9joiI0L2QiooK11WD6fY+Z84cmb3LcaalpUmb79ixw2M1d95m8j169Bg5cqSu UEratm2rK/TI22aVyx6V8vDDDz/wwAP6UqCKvF3gAACPGDZhPM46m6CjFXO2AwFBJW89pAUEopuT Wv7hhx/69esXEhIic3LtY/AyM09MTAwKCmrVqtWBAwdU4ZEjRx566KGmToMGDcrNzVXlCQkJr776 qlpesGCBNJRaHjhw4OTJk4cOHRoaGnro0KGjR48OGTIkPDw8ODg4JiZG5v8OL3uXR2fOnCkL27Zt kzZXy65ky1OmTHnssceaNGnSunXrpUuXqnLXmbzUmT59uixMnDhR9hgWFiabfffddy9uw0NA4O0F apvNy8uLj49/6aWXVLnHg5f9Tps2bfz48S1atIiLi9uyZYsqT09Pr1u37rFjx9QqUD3eLnAAgEcM mzAeZ51N0NGKOduBgKCSt7tEqIDg+++/nzdvnryQ119/XQrLy8tlEtunT59du3aNGzcuIiJCCi9c uCDT+Keeeio7O1vmt6dPn1aFnTt3bt++/bp162QyLAtdunSRp8tDN95449SpU9Ve/ud//kdm7GpZ 5tWBgYEjRoxIS0s7c+ZMp06dmjVrJnvfv3//+vXrZYMe937o0CE5vDVr1qiNJCUlyeqAAQNcP58v W65Tp86TTz4pPS09EhQU9K9//UuVawGBtiwb7Nix43333bdjx44TJ05oG9EFBD5eoNpUcXGxHG3v 3r3LysocXppOVa5Xr17//v3lJXTr1q1nz56q/NixY/JCli9ffnGHQHV4u8ABAB4xbMJ4nHU2QUcr 5mwHAoLLi4qKCrjoD3/4g/pg/Pbt22V11qxZ27Ztk1aT5czMTHmoZcuWMj3WPtsvvvzyS3l04cKF ajU5OVlWd+7c6fAZEKgbDTou7mjChAlq1bVQt/f09HRZ2Lt3r6oj8/Dp06fXd9Jm17Ll4cOHq+Vv vvlG6q9du1aVuwcEjiv7EwMfL1A2NXr06F69esXGxhYXF6sKHg9eVU5MTDx37pwsz5w5Uw775x04 HKGhoTNmzNBWAQAAAAA1joDg8qKiooYMGfLVV181bdr0/vvvV4UpKSnyoiIjI2+7aPXq1Q7n7Dcm JibA+V/3+fn5Ws3du3erJ8rMWVZXrVrl8BkQaFN09fS0tDS16lqo2/vWrVulUI7Tteb3339/xx13 BAYGqlsJum75/PnzderUmTx5sq68qgGBjxcomwoKCpLVxYsX6+q7N53rfufPn68FBBUVFbI8e/Zs bQsAAAAAgBpHQHB52j0I/vKXv8gLkbmr4+J/g7/5poePhciEVtoxNDT0hRdecDjvwy81ly1bph5d smSJrGZkZDicAcGkSZNU+aOPPuoxIJCaUl9N4zUe93748GEplF27FjoubkFVdt3y119/LeXJycm6 cl1AoH3iQKMLCHy8QNnUmDFjBg8eLDP89PR0VcHjwTu8BwRHjx6V+ikpKZVVAQAAAAA1jYDg8lxv UjhkyJCgoKDdu3efP3++U6dOMTExmzZtKi0tzczMzMnJKSkpkXmvTNQLCgpatWr19NNPO5zffRAZ GZmQkLBv3z6p1r179+joaHWjwV/+8pc9e/aUwv/6r/+SJvIYEMiOYmNjIyIiZAZ+/PjxDRs2nD17 1uPepbIUvvjii7Lw2WefLVy4MDs7+8cff3zuueeCg4MPHjyotty+ffuvvvpKjnDEiBEyCc/Ly9Pt 0XV52LBhbdu2PXXqlFpVdAGBjxeoNlVWVpaUlBQWFqb+7sDbwXsLCDZv3izHX1RU9PP+AAAAAAC1 gICgkre7RLgGBIWFhTfeeKNMgEtKSmT6rV5aYGBg06ZN169ff/r06VtvvVVWZULbt29f7cb7MgeW Jg5wiouL024TIE+54YYbpH6fPn3GjRunBQQdO3aUVbUssrKyunbtqp7esmXL48ePS6H73qVQ+i88 PFwOcsmSJXIM8uh1110ns3HpXbUpmYTffvvtUkee1bhxY+2Ohq57dF3OyMi45ZZb6tWr99Zbb6kS h1tA4PD+ArVNnT17NiEhoXnz5uqbHTwevOt+FyxY0KBBA4fz4xiJiYnPPfecKgd0SvIKDi5KLSv8 +Q4XPni7wAEAHjFswnicdTZBRyvmbAcCgkrV+56J4uJi9Z/wmlOnTmk35HOVn59/8uRJXeG5c+dk Pq8r9KigoMC9pvvep06d+uSTTzqcXy7w7bffHj582PVR9b/05eXlUi4VXB/yRqboV1jZ4wv0wf3g 3cl5ee+9917J3mFb+em71zbvu33Y1IIvfrrbpTfVu8ABwLYYNmE8zjqboKMVc7YDAUElc/ZQNcyd O1dfdJHrx/gtITk5+cyZM/pS4FL//OOyldf1fL9u9w9/8esD89/z+IECv7nAAcAYDJswHmedTdDR ijnbgYCgkjl7qGa9/vrrGzdu1JcC1vePycnvB3T7oM0DWxJGr2lyj/sHCuxwgQNADWLYhPE462yC jlbM2Q4EBJXM2UMArpDKCORCXtusz2d3j0mLetj1AwVc4ABQJQybMB5nnU3Q0Yo524GAoFKKc2rB Dz/8+M3PB7c+KP+uaXJP3kcZ5rwNDACYFsMmjMdZZxN0tGLOdiAgAOAnTny2c1VIgpYOrAy+c12L pP1/WOrxlgQAAAAAdAgIAPgDLR14v26P94Pu/Gu/cb6/1AAAAACADgEBAMs78dnOlfV6pAR04yMD AAAAQLUREACwtvz03avDevGRAQAAAOAqERBUMuddIgD4UJJXcHBR6pV8ZIALHACqhGETxuOsswk6 WjFnOxAQVEox5fdMAKgRXOAAUCUMmzAeZ51N0NGKOduBgKCSOXsIQI3gAgeAKmHYhPE462yCjlbM 2Q4EBJXM2UMAagQXOABUCcMmjMdZZxN0tGLOdiAgqGTOHgJQI7jAAaBKGDZhPM46m6CjFXO2AwFB JXPeJQJAjeACB4AqYdiE8TjrbIKOVszZDgQEAAAAAACAgAAAAAAAABAQAAAAAAAABwEBAFxDRUVF 33zzjb7UmrKysvLy8vSlAAAAsA4CgkrmvEsEgBrh7QKfPXv2BBcbN27U16hNCxculOGxoqJC/4DT nj175JAyMzP1D9S+SZMmuTaLxkcE0KFDh7Fjx+pLAViWt2ETqD2cdTZBRyvmbAcCgkrm/J4JADXC 2wUeFRXVpk2boRe99957+hq1yXdA8Otf/1oeHTZsmP6B2jdq1CjVINI4DRs21NonJydHX/UiAgLA z3gbNoHaw1lnE3S0Ys52ICCoZM4eAlAjvF3gUVFRjz32mL7UKD4CgoKCgiCn+vXrnzp1Sv/wFfO4 8Ss3cuTItm3b6ks98R0QXOVhADCet2ETqD2cdTZBRyvmbAcCgkrm7CEANcLbBe4eEOzdu7ddu3bz 5s1Tq8uXL+/cufPJkydleeDAgVOmTJH6TZo0ad269dKlS1Wd6dOnx8fHBwcHx8bGbt68WRVK5WnT po0fP75FixZxcXFbtmxR5Tk5OX369JFpf/v27QcPHuwtIHj55Zdlg7ILqfDaa69p5UePHh0yZEh4 eLg8GhMTU1pa6q3whx9+6NevX0hISJs2bVJTU9XT09LSEhMTg4KCWrVqdeDAAR+FintAcOTIkYce eqip06BBg3Jzc1W5FhDk5eVJa7z00kuq3ONheGscAObhbdgEag9nnU3Q0Yo524GAoJI5ewhAjfB2 gUdFRfXs2XOxk/b3BS+++GLdunVl1nro0KGwsLCFCxeqcpkD16lT58knn5SxUsY0mVH/61//kvJZ s2atXr163759CQkJvXr10irXq1evf//+a9as6datm+zF4fyP9M6dO8tDn3zyiYy2sbGx3gKCdu3a PfrooxcuXLjppps6deqkCs+fPy/LzZo1mzdv3v79+9evXy8VPBaWl5fLxLtPnz67du0aN25cRESE PF3Kw8PDn3rqqezsbHl1p0+f9lao0QUEUlmOv3379uvWrZPZvix06dJF9uW4GBAUFxfLfnv37l1W ViaFHg9DVXZvHACm4m3YBGoPZ51N0NGKOduBgKCSOe8SAaBGeLvAo6KiWrZsmeQkE3JVKDP2AQMG XH/99bfffvvAgQO1yjKtHT58uFr+5ptvZGRbu3at9uiPP/74+9//PiwsTKucmJh47tw5WZ45c2b9 +vVlQebJ8qy33npL1fH2Jwaff/65lMu/sjx16lRZlifK8vbt22V5woQJrpV9FM6aNWvbtm0yssty Zmam7EherEzpd+zYodX0WKjRBQRffvmlbEpLTJKTk2V1586dDufrHT16dK9evWJjY4uLi1UFj4eh Krs3DgBT8TZsArWHs84m6GjFnO1AQADA1tz/xEA5cOCADFyBgYGHDx/WCl3/zP78+fN16tSZPHmy LL/xxhutW7du0aJFZGSka0CgVZ4/f76aA6tJ8ldffaXKvQUEw4YNk/KhQ4c+8sgjvXv3luWnn35a ylNSUmQ5LS3NtbKPQjme2y5avXq1wzljj4mJkYcGDBiQn5+vKnssVHQBgdrs7t271erOnTtlddWq VQ7n6w0KCpLVxYsX6+q7H4bHxgEAAMC1RUAAwNY8BgTl5eV9+vTp3LlzaGjo448/rpW7Tmu//vpr GdmSk5PT09MDLn4oYO7cub4DAvWsNWvWqPLXXnstwC0gKCoqCgkJeeSRR/54Ubdu3Ro3bnz27NmM jAypr1IJjcdC9V/3b77pIZmW3clYLy/thRde8F3ocAsItm7dKptdtmyZWl2yZImsygE4nK93zJgx gwcPllcqbaIqeDsMj40DAACAa4uAAICtRUVFDRo06NBF6pZ706ZNCw8Pl+UVK1YEuHyiXqa17du3 /+qrrwoKCkaMGCHT2ry8vNTUVKmzbt06mTwnJCTUrVv3zJkzqrLHOfDNN98s1bZt2ybDrkzI3QOC V155RSoXFRVpJWlpaVJN6p8/fz42NjYiIkKm6MePH9+wYcPZs2e9FXbq1CkmJmbTpk2lpaWZmZk5 OTklJSUyVz98+LAcf6tWrdSnEjwWanQBgWwqMjJSjn/fvn2yze7du0dHR6t7IqrXW1ZWlpSUFBYW pv7uwONhaJXVNgkIAAAATIKAAICtRUVFBbjo3Llzenp6vXr1ZEKrKjz77LPBwcHqQ/Uyrb399tvD w8MDAwMbN26sPgggc+B77rlHntuoUaMZM2Y0aNCgXbt2Ut6xY8dx48apjSxYsEDK1fKKFStkPiz1 ZdcTJ050Dwhktj9q1CjXkvLy8tatW8tYKstZWVldu3ZVR9uyZcvjx497K8zOzlbDrxxt06ZN169f f/r06VtvvVVW5RX17dv32LFjUs1jocb9Wwxkki+/M9S+4uLi9u7dq8q113v27NmEhITmzZurL0Rw PwzXyo5LGwcAAADXEAFBJXPeJQJAjaiRC1z9v7dM1w8fPnzhwgXXh06cOHH+/HlZOHPmjHaLPm/K ysq0bwesnoKCgsLCwisplIPJy8tzLTl16pT7EXos9CE/P1999eMVcj8MACZXI8MmUCWcdTZBRyvm bAcCgkrm/J4JADWiRi5w1w/GA4B/q5FhE6gSzjqboKMVc7YDAUElc/YQgBpRIxf466+/vnHjRn0p APijGhk2gSrhrLMJOloxZzsQEFQyZw8BqBFc4ABQJQybMB5nnU3Q0Yo524GAoJI5ewhAjeACB4Aq YdiE8TjrbIKOVszZDgQElcx5lwgANUKG4Gv7oz8gADA33hfBeJx1NkFHK+ZsBwICAKh1BAQAAAAw PwICAKh1BAQAAAAwPwICAKh1BAQAAAAwPwICAKh1BAQAAAAwPwKCSua8SwSAGnFtL3ACAgCWc22H TdgTZ51N0NGKOduBgKAS7+ABP3ZtL/Bru3cAqAYGLhiPs84m6GjFnO1AQFDJnD0EoEZc2wv82u4d AKqBgQvG46yzCTpaMWc7EBBUMmcPAagRl73AywqLDy5KLckr0D9QEy67dwAwGwYuGI+zziboaMWc 7UBAUMmcPQSgRvi4wLNeW/VZr9+tbd43P323/rEa4mPvAGBODFwwHmedTdDRijnbgYCgkjnvEgGg Rrhf4P/KOvLFgxNXBt+ZEthtdehdtZcOOMz6CwAAfHAfNoHaxllnE3S0Ys52ICAAYDtZr636oM2D KYHxMm//OO7RdTf0r9V0wEFAAAAAACsgIABgF5UfGQjopn7S+441IB1wEBAAAADACggIANhC3kcZ Wi5wTX70BwQAAACYDAEBALsoKyw+MP+9tKiH1zbvuzr0Lpm0v18nfk2jXgZ8ggAAAAAwPwKCSua8 SwSAGuF6gRd8kZkxdMqqBnel3pBERgAAHvG+CMbjrLMJOloxZzsQEFTiM8CAH3O/wLUPFKQExq8K SSQjAABX7sMmUNs462yCjlbM2Q4EBJXM2UMAaoSPC7zgi8ztj/7v2uZ9yQgAQONj2ARqCWedTdDR ijnbgYCgkjl7CECNuOwFXlZYfHBRaklegf4BALClyw6bQI3jrLMJOloxZzsQEFQyZw8BqBFc4ABQ JQybMB5nnU3Q0Yo524GAoJI57xIBoEZwgQNAlTBswnicdTZBRyvmbAcCAgAAAAAAQEAAAAAAAAAI CAAAAAAAgIOAAAAAAAAAOAgIXJnzLhEAagQXOABUCcMmjMdZZxN0tGLOdiAgqGTO75kAUCO4wAGg Shg2YTzOOpugoxVztgMBQSVz9hCAGuFPF3hWVlZeXp6+FABqlD8Nm7AKzjqboKMVc7YDAUElc/YQ gBrh+wLfs2fPhAkTMjMz9Q/UvkmTJk3wxEcE0KFDh7Fjx+pLAaBG+R42gdrAWWcTdLRiznYgIKhk zh4CUCN8X+C//vWvZZgaNmyY/oHaN2rUqKFObdq0adiwoVoWOTk5+qoXERAAMIDvYROoDZx1NkFH K+ZsBwKCSua8SwSAGuHjAi8oKAhyql+//qlTp/QPX7GKigp9UVWMHDmybdu2+lJPfAcEV3kYAKD4 GDaBWsJZZxN0tGLOdiAgAGB3L7/8cnBw8NKlS2Wkeu2117Tyo0ePDhkyJDw8XB6NiYkpLS31VvjD Dz/069cvJCSkTZs2qamp6ulpaWmJiYlBQUGtWrU6cOCAj0LFPSA4cuTIQw891NRp0KBBubm5qlwL CPLy8uLj41966SVV7vEwBg4cOG3atPHjx7do0SIuLm7Lli2qHAAAANAhIABgd+3atXv00UcvXLhw 0003derUSRWeP39elps1azZv3rz9+/evX79eKngsLC8vl4l3nz59du3aNW7cuIiICHm6lIeHhz/1 1FPZ2dkyJz99+rS3Qo0uIJDKnTt3bt++/bp162S2LwtdunSRfTkuBgTFxcWy3969e5eVlUmhx8NQ levVq9e/f/81a9Z069atZ8+e2i4AAAAAVwQEAGzt888/lwFK/pXlqVOnyrJMsGV5+/btsjxhwgTX yj4KZ82atW3bNhlDZTkzM7OioqJly5Yypd+xY4dW02OhRhcQfPnll7KphQsXqtXk5GRZ3blzp8M5 5x89enSvXr1iY2OLi4tVBY+HoSonJiaeO3dOlmfOnFm/fv2fdwAAAABcioAAgK0NGzZMBqihQ4c+ 8sgjvXv3luWnn35aylNSUmQ5LS3NtbKPwsjIyNsuWr16tcM5Y4+JiZGHBgwYkJ+fryp7LFR0AYHa 7O7du9Xqzp07ZXXVqlUO55w/KChIVhcvXqyr734YrjcsmD9/PgEBAAAAvCEgqGTOu0QAqBEeL/Ci oqKQkJBHHnnkjxd169atcePGZ8+ezcjIkIFr8uTJrvU9Fqr/un/zTQ/br6iokFE1NDT0hRde8F3o cAsItm7dKptdtmyZWl2yZImsygE4nHP+MWPGDB48WGb76enpqoK3wyAgAFA9HodNoFZx1tkEHa2Y sx0ICCqZ83smANQIjxf4K6+8IhPmoqIirSQtLU3GKxkQz58/HxsbGxERIVP048ePb9iw4ezZs94K O3XqFBMTs2nTptLS0szMzJycnJKSEpmrHz58uKCgoFWrVupTCR4LNbqAQDYVGRmZkJCwb98+2Wb3 7t2jo6PVPRHVnL+srCwpKSksLEz93YHHw9Aqq20SEAC4ch6HTaBWcdbZBB2tmLMdCAgqmbOHANQI jxe4zPZHjRrlWlJeXt66dWsZtWQ5Kyura9euAU4tW7Y8fvy4t8Ls7Gw10AUGBjZt2nT9+vWnT5++ 9dZbZTU4OLhv377Hjh2Tah4LNe7fYiCTfBmd1b7i4uL27t2ryjt27Dhu3DhZOHv2bEJCQvPmzdUX IrgfhmtlsWDBggYNGvy8dQDwyeOwCdQqzjqb8PuOLskrOLgotazw5xtFeWPOdiAgqGTOHgJQI6p9 gRcUFBQWFl5JYXFxcV5enmvJqVOntJsI+i70IT8//+TJk/pS79wPAwCqodrDJlBtnHU2YYeOzk/f vaZx74xH/rfgi59uGu2ROduBgKCSOXsIQI3gAgeAKmHYhPE462zCJh19eNWW9+t2TwmMT4sedGD+ e+4fKDBnOxAQVDLnXSIA1AgucACoEoZNGI+zzibs09GHV21Z+VNG0G3djfetCr1L94ECc7YDAQEA AAAAADXv54wgoJv8rAm7e+31fb19oMAkCAgA2IIal/nhhx9++OGHH3744eca/vz0dwcB3dY0uSfv o5++vtpsCAgAAAAAAKh5OX/5+P06P3+CIPX6fqktkjbGDOYTBAQEAAAAAAAbUenA+3W7b7jlgVUN 794+bKqPLzUwCQKCSua8SwSAGsEFDgBVwrAJ43HW2YRNOvqndKBu9/frxHv7yIA524GAoFKKKb9n AkCN4AIHgCph2ITxOOtswg4dnZ++e02Te3x/ZMCc7UBAUMmcPQSgRnCBA0CVMGzCeJx1NuH3HV2S V3BwUar7RwZ0zNkOBASVzNlDAGoEFzgAVAnDJozHWWcTdLRiznYgIKhkzh4CUCO4wAGgShg2YTzO OpugoxVztgMBQSVz3iUCQI3gAgeAKmHYhPE462yCjlbM2Q4EBAAAAAAAgIAAAAAAAAAQEAAAAAAA AAcBAQAAAAAAcBAQuDLnXSIA1AgucACoEoZNGI+zziboaMWc7UBAUMmc3zMBoEZwgQNAlTBswnic dTZBRyvmbAcCgkrm7CEANaJ6F/js2bMnOD3//POyvHXrVn0NAPBT1Rs2gavBWWcTdLRiznYgIKhk zh4CUCOqd4FHRUW1adNmyJAhiYmJERERMpSNHj26tLRUX8/F3530pQBgNdUbNoGrwVlnE3S0Ys52 ICCoZM4eAlAjqneBR0VFPfbYY2r53LlzY8eOldFs1qxZl9a6RI8ePUaOHKkvBQCrqd6wCVwNzjqb oKMVc7YDAUElc94lAkCNqN4F7hoQiPLy8o4dO0ZERKjV6dOnx8fHBwcHx8bGbt68WUomTpwoq2Fh YTExMe+++67HOgBgCdUbNoGrwVlnE3S0Ys52ICAAAK90AYF44YUXZEArLCyU5VmzZq1evXrfvn0J CQm9evWSkkOHDnXs2PG+++7bsWPHiRMnPNYBAAAAzImAAAC8cg8IZs+eLQNabm6uVvLjjz/+/ve/ DwsLU6se/8RAVwcAAAAwIQICAPDKPSAYPXp0w4YN1fIbb7zRunXrFi1aREZGegsIPNYBAAAATIiA AAC80gUEJ0+ebNSo0ZAhQ2Q5PT1dRra33npLlufOnesaEAwfPlwte6sDAAAAmBABQSVz3iUCQI2o 3gUeFRU1aNCgQ4cOZWZmrlixom3btuHh4UePHpWHUlNTZWRbt27d1q1bExIS6tate+bMGSkfNmyY VDt16pSPOgBgftUbNoGrwVlnE3S0Ys52ICCoZM7vmQBQIy57gZcVFh9clFqSV+BaGBUVFeAUFBQk A+XTTz998uRJ9dD58+fvueceeahRo0YzZsxo0KBBu3btpDwjI+OWW26pV6/eW2+95a0OAJjfZYdN oMZx1tkEHa2Ysx0ICCqZs4cA1AgfF3jBF5kZQ/9nbfO++em79Y9dzokTJ86fPy8LZ86cKS4uVoUV FRWHDx++cOGCjzoAYHI+hk2glnDW2QQdrZizHQgIKpmzhwDUCPcLvKyw+MD89z649cGUwPhVIYnV SAcAwI+5D5tAbeOsswk6WjFnOxAQVDJnD/3/9s4GzsYy/ePMjEFjUCFRUQpJxRIRqZSkrbaybKVV Nq2/+Gf7lyik8lZEbJQUoZ2YZDTlpZhYL5MmGvpsL6sY69+0MfprjOx4O/2v3Hnm9DznPOc+Y845 93nO9/v5fXyecz/383bd132d676ccwYAKgT/CV60bsuG3o+/Wf3Kt2p3XZh8+eJa11AdAACwQV4E 0QevSxAYaIWZdqBAUIaZvxIBABWCTHDrIwNv1b4ms0pHCcqZVTpQHQAACAh5EUQfvC5BYKAVZtqB AgEAJATfLs9985QrF1Rq5683q3X6YuLrEp1lW8Vottlmm2222WabbbbZjsK22jANCgQAkCgcLNyT e8eIN6t3XnCiQLCq431L6l7PJwgAAAAAAH6iQAAACcjOuUuXNvv9gsrtF1Rqt6z576kRAAAAAAD8 RIEAABKWsg8UVG63KK0LNQIAAAAASHAoEJRh5pdAAKBCcJngO+cu/aDrA4tPv44aAQCAhUvYBIgQ eF2CwEArzLQDBYIyFhj5dyYAoEIIOcEPfV+8/eWsg98W2XcAACQkIcMmQIWD1yUIDLTCTDtQICjD zBECgAqBCQ4AEBaETYg+eF2CwEArzLQDBYIyzBwhAKgQmOAAAGFB2ITog9clCAy0wkw7UCAow8wR AoAKgQkOABAWhE2IPnhdgsBAK8y0AwWCMsz8lQgAqBCY4AAAYUHYhOiD1yUIDLTCTDtQIAAAAAAA AAAACgQAAAAAAAAAQIEAAAAAAAAAAH6iQAAAAAAAAAAAP1Eg8MfMX4kAgAqBCQ4AEBaETYg+eF2C wEArzLQDBYIyyvd3JiZMmPDwcYYOHSrba9eutfcAAAMo3wQHAEhYCJsQffC6BIGBVphpBwoEZZRv hJo0adK4ceNevXp17ty5fv368qT9+/cvLS219/Pjo+PYWwEgkpRvggMAJCyETYg+eF2CwEArzLQD BYIyyjdCTZo0uffee9X24cOHBw0aJA87fvz4X/f6FR06dOjbt6+9FQAiSfkmOABAwkLYhOiD1yUI DLTCTDtQICijfCPkXyAQjh07dvHFF9evX1+9fPrpp9u3b1+1atVLLrlk5cqV0vLII4/Iy/T09KZN m86fPz9gHwCocMo3wQEAEhbCJkQfvC5BYKAVZtqBAkEZ5fuVCFuBQBg2bJg87/fffy/b48ePX7Ro 0WeffdapU6err75aWnbs2HHxxRf36NEjLy9v9+7dAfsAQIVTvgkOAJCwEDYh+uB1CQIDrTDTDhQI ThZngWDChAnyvIWFhVbLgQMHhg8fnp6erl4G/IqBrQ8AAAAAAABANKFAcLI4CwT9+/evUaOG2p4x Y8bZZ599xhlnnHfeecEKBAH7AAAAAAAAAEQTCgQni61AsHfv3po1a/bq1Uu216xZIw/+yiuvyPbE iRP9CwR333232g7WBwAAAAAAACCaUCA4WZo0aXL77bfv2LFjy5YtGRkZF1xwQd26db/55hvZlZWV JQ++ZMmStWvXdurUKTk5ef/+/dLep08f6bZv3z6XPgAAAAAAAADRhAJBGeX7lYgmTZpUOk5qaqrY ccCAAXv37lW7jhw50rVrV9lVs2bNsWPHnnLKKc2bN5f23NzcRo0apaSkvPLKK8H6AEDFUr4JDgCQ sBA2IfrgdQkCA60w0w4UCMoI+XcmDn1fvP3lrIPfFtl3uLJ79+4jR47Ixv79+4uLi1Wjz+fbtWvX 0aNHXfoAQAUScoIDAIA/hE2IPnhdgsBAK8y0AwWCMoKNkO/I0c/Hz/3g6oGLT79uz5rN9t0AEA8E m+AAABAQwiZEH7wuQWCgFWbagQJBGc4R+mHrV2u6DV6Y0mFB5faL0rpQHQCIX5wTHAAAXCBsQvTB 6xIEBlphph0oEJRhjZD6yMDbDW9cUKm9NK5sf++SetdTHQCIa8wMwQAAxkLYhOiD1yUIDLTCTDtQ ICjjH6NnlX1koFI7pfW3PkJ1AMADmPkzMAAAxkLYhOiD1yUIDLTCTDtQICjj2+W5b9bo8nNdIOnn Dw4ovVn1ii8mvi6DJ9tqCNlmm+2421YbAAAAAADgAgWCX3Ho++J/TnljadOeWfWuX3zqtbLAWFC5 3VvpV/EJAgAAAAAAAPA2FAgCU7Ruy4d3jXozrcvbZ9+0MPlyagQAAAAAAADgbSgQuGF9oGBhUvs3 q3WiRgAAAAAAAABehQJBGS7fUv75AwV9nlh8+nXUCADiFJcJDgAATgibEH3wugSBgVaYaQcKBGUs CPV3Jg59X7z95ayD3xbZdwCA8YSc4AAA4A9hE6IPXpcgMNAKM+1AgaAMM0cIACoEJjgAQFgQNiH6 4HUJAgOtMNMO0SsQ1K5du4vZ9KzU0N4EAF6BCQ4AEBaETYg+eF2CwEArzLSDLNujVCAAAAAAAAAA AMOJbIFg6tSpV52gVatWcrELL7ywefPmFxnGVfWa2JsAwCswwQEAwoKwCdEHr0sQGGiFyXa45557 Ilgg8Cc3Nzc7OzsjI+M1AAAAAAAAADASWbbL4l2W8AUFBfaFfUUVCPLz83NycrKysuRicwEAAAAA AADAMGTBLst2WbzLEr6wsNC+sK+oAsG2bdvy8vLkMtnZ2ZkAAAAAAAAAYBiyYJdluyzeZQlfVFRk X9hXVIGgsLBQLpCfn5+bm5sDAAAAAAAAAIYhC3ZZtsviXZbwxcXF9oV9RRUI5NRFRUVyjYKCgm2G 8ffBE+xNAOAVmOAAAGFB2ITog9clCAy0wnA7yIJdlu2yeJclfGlpqX1hX1EFApNZUKmdvQkAvAIT HAAgLAibEH3wugSBgVbEux0oEABAHMMEBwAIC8ImRB+8LkFgoBXxbgcKBAAQxzDBAQDCgrAJ0Qev SxAYaEW824ECAQDEMUxwAICwIGxC9MHrEgQGWhHvdvB+geAfo2fZmwDAKzDBAQDCgrAJ0QevSxAY aEW828H7BQIAAAAAAAAACAkFAgAAAAAAAACgQAAAAAAAAAAAkSsQHN63f/fqzejwDyV20wDEG0xn fTHlAeIL4ptXZWA0xtkSR4a4n4ddTsfCHn58p3QMok+kCgRyowsqtUN71my2mwYg3mA664spDxBf EN+8KgOjMc6WODLE/TzscjoW9vDjO6VjEH0iWyD4csqk3asXJKa+nDypwkcLICYwnXXElAeIR4hv 3pOx0RhnSwQZ5X6edDl9C3vy8Z3SN4g+kS0QyE37fJ8kpr77YEGFjxZATGA664gpDxCPEN+8J2Oj Mc6WCDLK/TzpcvoW9uTjO6VvEH0oEERKarRWTJ6Vm5ubn5+/bdu2wsLC4uJiu6UAjIfprCOmPEA8 QnzznoyNxjhbIsgo9/Oky+lb2JOP75S+QfShQBApqdHKHP1cdnZ2Tk5OXl6eDFhRUZHdUgDGw3TW EVMeIB4hvnlPxkZjnC0RZJT7edLl9C3sycd3St8g+lAgiJTUaM0fPi4jIyMrK0sGLD8/v7Cw0G4p AONhOuuIKQ8QjxDfvCdjozHOlggyyv086XL6Fvbk4zulbxB9KBBESmq05g0b+9prr8mAZWdn5+bm FhQU2C0FYDxMZx0x5QHiEeKb92RsNMbZEkFGuZ8nXU7fwp58fKf0DaIPBYJISY3WwicmyWjNnTs3 MzMzJydn27ZtdksBGA/TWUdMeYB4hPjmPRkbjXG2RJBR7udJl9O3sCcf3yl9g+hDgSBSisRoAcQE prOOmPIA8QjxzXsyNhrjbIkgo9zPky6nb2FPPr5T+gbRhwJBpBSJ0QKICUxnHTHlAeKRKMS3qVOH Tpz4F2e7l1RSsmHLloU7dy47enSTc2+UZWw0xtkiJNwvGFFwucgpmDPrWziuH19f+gbRJwYFgmbN Gl97bXtby1/+cpezZ7n11VfZyclJrVs3d+6KmiIxWgAxwWU6R05XXNEq6Tjp6Wm/+93V69fPsbVb /Pjjhy7tURNTHiAeCRnfTj6j6Nq1XYcOlzjbw1W3bh06dWrlbC+HKvBUorlzn05Lq17pONWqpa5a NdPZJ5oyNhrHkbMFVEW5TUWdRwn3c8Hd5WKeOLkrmDPrW1jz8cVtunfv+PrrY5194kL6BtEnBgWC 888/+5prLrO1PPjgnc6e5daoUferSLF1a6Zzb0VpzpwnH3vsT852pUiMFkBMcJnOkZO8K5xzTv3J kx++8cbOMpfPOOP0Y8c2q/azzjpD4rgl9T8GwdqjJqY8QDwSMr6VI6OwpQfB0txwNXJk/6FD+zrb dWS7pZM5lU1Hjmxq2LBeu3YtN26ct2lTxpAhd65bN9vZLZoyNhrHkbMpVZTbVNR5nML93HF3uXIk Tu5rn4pVMGfWt3DIx5c885VXnujb96b09LSkpKRPP9Wdd0ZJ3yD6GFogUCsBm6QxYLvtENk499yG qpr4yCPhBSDNSyjdeuvVF13UxNlNKRKjBRATXKZz5CSBu1WrZta2TOd//Wu52r744vMD9g/YHjUx 5QHiEff4Vr6MwpYe+Ke5wXKMYO06e51yJjPuGYt1lLMx5N4VK6aLcTIyxjt3WQcGO1btdTbaOrj0 CbjL2GhsgrOFZc/yuY3zEuU7j85e3M8dd5crR+IUcCjDtZKzRTXa2qNQILDyzCef/C9xpJdfHunf wXlLVruz0aU9pGwHOs8T7E6U9A2ij3EFgi1bFt5+e1eJj6edVuvppx9QjQcPbhwwoKe01K6dPmTI nUeO/FLfuu++W++6q8e0aY+effYZw4bdqxpXr54lY/zSSyOkf4MGdf2LYT/++KEccuqpNevWPfWJ J/4sbmF9ucX9EllZk6Wz7LVC9qhR99eocUpqapUWLc7r06eHdQlLkRgtgJjgMp0jJ//A/dvfdk5O /uWTb8Hez4K1R01MeYB4xD2+uWQUt912zeDBf1DbRUWrJRlQqxRneqDSXGciISot/UheSg4j/X/z m+bvvTfD2uXMcFSLbBw6lCc5upzfX9u2vS27Zs8e3b17x1q1atSrd5rkOepUzluyTqVzDwHv3NLm zRliIsmgnLvcMyvr0W644YqBA3tZRy1fPl3uc9eu5ZqHO69rbDSOrbO529N5iPPkNrd5/PE/nXde Q3l3btiw3syZI3y433EZ5X7uLhcwcfrHPxa1bHm+9dVvSb26dGkjY+0LNJT6VnIZzYBu44tugWDe vDHiSJmZz6qXwZ4r4CrVxYeDzVxfIBMFnFPB7sRf+gbRx7gCgYyWmG/Jkimvvjr67befV439+t0i ppky5eGRI/snJSXNmPGYahfXqV69av36p4tlJbBancV9S0o2yISXwfYfp7vvvlGMLh3efHPiVVe1 lb0PP/zHkJdIT0+TUXnggV49e14rh3z44TxpX79+TuvWzSWCy32+++406xKWIjFaADHBZTpHThIK Lr206ddfvyOzUqbko4/eY7U7389c2qMmpjxAPOIe31wyiksuueDmm7uo7X//e6XsfeGFYb5A6UGw RELUv/9tKSnJffveNGvWKElVK1euvHHjL7ucGY6VLsvSUU6upCLkqafW/O67VbLr/vtvGzSo96JF k3r37iYX2rlzWbBbsjJv93sIduf+atPmQtl1001XfvPNe/7tLpmV/6MNHdq3atXU//u/v6u9t956 tZxQ/3DbzfgMjsaxdTYXewY8JODJLbeR5Y30lLxacnVZ5KxYMd2H+x2XUe7n7nIyChdccM6XX2Yp 7d+/XrWLTcSkb7wxQbYfeqiPDIGyrXMo9a3kMpoB3UYdEp0CgSzdO3a8VGaf9RMMwZ4r4CrVxYeD zVxfIBMFnFPB7sRf+gbRx7gCgVjqyit/c+BArrX3229XikXEQdVLsXWXLm3Uthj3lFOqffLJG1Zn OVD8TwZJtmV4lKHVrsLC9+U8t9/eVb08cmRTamoVVSBwv4SM+rJlL8i2TA854Zgxv1SMAn7MxlIk RgsgJrhM58ipw/GvFSiuv75DaelHznZh3rwx7u1RE1MeIB5xiW8uGYXPNfNzfuo7YCIhR/mnJXv3 rpbMUo61jrJlOM50+ejRTXIPyclJ/otJpS++WCwXkixWvXTekjpVyHsIeOc27du39oYbrpC9kmFb /wXnnln5P9rWrZmVTny4d/funCpVUsSS+oc7ZWw0jqGzudsz4CEBT67cRp2tadNG1i6bcD9D3M/F 5XyOxGn+/F8Sp0OH8tq3b1mzZpq0iB2scfT9eijDspLOaNrcxhnxlPQtHPLx5Rnbtm0hT1GrVg1V EPG5Ppdzleruwy4z12aigHPK5U78pW8QfYwrEDz11EAxX8OG9Z5//hH18aqcnJnScuaZdcQuIpn/ 557bUHV2uo64snR+8cXHxclEclRaWvWSkg2ya9Wqn88zdepQq3PVqqmqQKB5Cbkf6WZ9+oUCASQI LtM5cpJ5J/Nr/fo5jz56j0Twq65qq2rb0t64cYOVK19SkoBr9Q/YHjUx5QHiEZf45pJR+Fwzv2DL Id+vEwn1kfIpUx62espRVoLozHCcLcOH97Od4eDBjfPmjRk4sFePHp3Uzav2YLekfw+2FMimY8c2 z549Wpa4khyrPFszs1KSDpJ2y8Zzz/1PtWqp33+/JqzDbTI2GsfQ2TTt6Z7oWj3V2Zx/gAz38xnm fi4u5zueODVr1vhf/1qu5P8nDHbseFdSLzFC9+4d/Q/xH8qwrOQymsHcxnkSJX0Lh3z800+vNWBA T7nzyy67yPr0vstzOVep7j7sMnNtTxdwTrncib/0DaJPDAoEl17atG3bFv4tDRrUlTc56+XChc+0 atVMLHLHHd3lpeT6anvmzBFKVonL6TrXXXd5JQdz5z7tO1GRtdzO51cg0LyEe9y0KRKjBRATXKZz 5NTB77thKnP629/GqfaAXyUI1h41MeUB4hGX+OaSUfhcM79gyyHfrxMJ9ftq/j+LJdlR48YNnEcF bJGQKIf363eL1XL48MddurSpU6f2Qw/1mTHjsUoaKzT9e3BfoSl9/vni1NQqcpRPO7NSeuaZB2Vp V1CwVMJ4OXI/m4yNxjF0Nk17uie6Vk91thEj7rN2+XC/EzLK/VxczueaOP3zn0vU72UOGtTbv91/ KMOyUrDRdHEb50mU9C0c8vFVnvnXvw6T68riX7W7PJfPsUp192GXmWt7uoBzyv1OLOkbRJ8YFAjE UrVrpx88uFG93LdvbUpK8vTpw/37iOvcdVeP5OSkvXtXFxa+L/P2xhs7O09lM+6uXcuTkpKGDu27 c+cypU8+eUNOImFXnbNu3VN79+6mOr/xxoRKJ36DQPMStvB0223XBCzkKEVitABigst0jpyswC36 +99flamnfoYg2PtZsPaoiSkPEI8Ei2/uGYXv+P92WJ/2lJzPP/OzpQfBEokdO96V7XvuuVntKinZ IOmQdX5ncuzfkpf3evXqVa+4opX19SvRkiVT5IRz5jzpO/EhXusLq8FuSf8edFZoombNGp911hk+ 7cxK6X//d4VYW9Yecon3338x3MNtMjYax9DZNO3pnuhaPcW75GxyV/7nwf2UjHK/YC6nFCxxOnQo 77LLLmrT5sL+/W8Tm1hftvf9eijDslKw0XRxG+dJlPQtHPLxVZ557Njmzp1bV6mSsmlThs/1uZT8 V6nuPuwyc21PF3BOhbwTJX2D6BODAoH6ocjf/e7qtWtn5+bOlQ0x5ddfv+M7PkIDB/bKzp4qL6+/ vkO9eqepj1f17XuTDMOwYfd++mnmhg3y+E+pU9mMO27cYJnh1o9bKIlZpVH9uoaMn1y6bdsWMnKN Gp0p29YPkOpcwhaexo4dJC+XLv2r9ase/orEaAHEBJfpHDnJvGvS5Kzly6fLZGzR4jwJkR9//DfV HvD9LFh71MSUB4hHgsW3kBnF/ffflp6elpn57IgR91Wtmuqf+dnSA5dEokePTrVrp0+b9qjEN/UD XYsXP6d2OZNjq2X37pyGDevJRZcte2Hz5gwludZHH82XM/z5z7e/++40SaIq+f3vn8stad5DsBWa 5PfDh/fLz1+wZ88H06cPlz5iOrVLJ7OyJI1y7Dnn1D964tf7wzrcX8ZG49g6m4493RNd/56yQJJd 4jBr1rySkTE+K2sy7qdklPsFczmlDse/m7lq1UxLElt8x7+7lJZW/csvs/7zn43qjw6ovzPtcwyl vpWCjaaL2zhPoqRv4ZCPb/1HlDxstWqpkm2q/8AO+FzBVqkuPuwyc51P55xTwe7EJn2D6BODAoG4 xYMP3ilRr9JxTjmlmlUrEtNfeOG5atcll1ygTCMSL+zX75aUlGRpr1IlxSrMXHtt+44dL7XO3LLl +d26dbBdbtGiSXLUpEkP+Y7XdYYMufPyyy8Wc69dO1suZH2eROcSyqFHjx6gXhYULG3durm0dD3+ cSabIjFaADHBZTpHTjLvVIioWTPtlluusn50UNolOATsH7A9amLKA8QjweJbyIxCcsGmTRvJy0aN znz77edlw/ospC09cEkk/v3vld27d6xcuXKl4z+x9txz/2Ndy5bh+LdIAqPCoz8rV74ku/r06SGZ jEgS2Ztv7lLpRD7qckua92C7c0sLFz6jPoosNGhQd8CAntY3mXUyK0uzZ4+WbqNG3W+1hHW4v4yN xrF1Nh17uie6/j1/+GFdr17XqYxdMnn1J99wP59h7hfM5ZQ6nki0LGQpu27dz+sj6zPzsnKWcenU qZV6aRtKfSu5jGYwt3GeREnfwiEfX57FejlhwoNyafX3FwM+V7BVqosPu8xc59MFnFMB78QmfYPo E4MCgVJx8bpNmzK2bs30/0kMpQMHclXF1KbS0o+++irb/9N0J6PXXx8rtl6w4Bn/xnJcYteu5f6/ ZmkpEqMFEBNCTmfkY8oDxCcnGd8kB3A2WrsCpgdOSUYkabf1X5cnqT17PlD/uSfprJxW/rV2udzS ydyDXGL79ne2bFnofy1L5cis/FWOw42NxiY4Wzns6XLykpINNrfB/Yxyv5N0uWCyDWU5rGSTi9s4 pW/hk3z8gM8VbJXq4sMuM9cp55zyBbkTS/oG0SdmBYKYaOTI/nfc0X3atEcHD/5DnTq1GzducOhQ nrNbhSgSowUQE8yczqaJKQ8QjxDfvCdjozHOlggyyv086XL6Fvbk4zulbxB9EqtAMH/+mN69u116 adP27VsOGNCzsPB9Z5+KUiRGCyAmmDmdTRNTHiAeIb55T8ZGY5wtEWSU+3nS5fQt7MnHd0rfIPok VoEgmorEaAHEBKazjpjyAPEI8c17MjYa42yJIKPcz5Mup29hTz6+U/oG0YcCQaQUidECiAnRmc4H DuRu3ZpZULD0yJGyb15NnTp04sS/ODsbKKY8QDwSnfhmmkpKNmzZsnDnzmUBvzEb7zI2GnvD2eL9 zTrSMsr9vOFyNulb2JOP75S+QfShQBApRWK0AGJCpKdzfv6CNm0uVD8AK6SkJDdt2kjt8v8zMN26 dbB+R9dAMeUB4pFIx7cY6quvspOTk/x/pltp7tynrR9+r1YtddWqmc5j41rGRuN4dzZvvFlHWka5 X7y7XEDpW9iTj++UvkH0oUAQKUVitABiQkSn8+bNGampVdLT02bPHr1z5zLJP559dki7di3VXv+c Y+TI/kOH/vznZ8qnOXOefOyxPznbK0pMeYB4JKLxLbYaNep+tZDbujXTajxyZFPDhvUkxm7cOG/T powhQ+5ct26289i4lrHROK6dzTNv1pGWUe4X1y4XTPoW9uTjO6VvEH0oEERKkRgtgJgQ7nTevv0d eYN3tgfscMstV0n+unr1LGc3369zDqeOHdvs8rdwbLtuvfXqiy5qYr18663ntmxZ6DxKv4NNTHmA eCTc+BYrhRVXfccD4LnnNlSfFFB/2VtpxYrp0pKRMd55hpBBL2QHQ2RsNDbN2cJyKs+8WUdaRrmf aS5XIdK3sCcf3yl9g+gT2QLBl5MnyU0npuTZK3y0AGKCfoT97rtVgwf/ITW1Su/e3Zx7nR327Pmg cuXKklg4eyr55xz33XfrXXf1UNsHD24cMKDnaafVql07fciQO61vQqo+WVmTW7VqJnuttHjUqPtr 1DhFrtuixXl9+vx8kmHD7k1KSpLOkgA5r6vTwabvIhCgASDS6Me3WCncuKokCzlZzr300giJhA0a 1LV+a2Dz5gxpl/jpPE/IoBeygyEyNhqb42wBfcalg5ferCMto9zPk8sx/RWWJx/fKX2D6BPZAgGq 2NECiAk6OU1x8Tr1vl6//ulTpw79z3826nT48MN5kqqOHTvIeUIl/5zDf7tfv1skpZgy5eGRI/tL ZjBjxmNWn/T0NElEHnigV8+e18rJ5RLSvn79nNatm0uW/Oqro999d5q0SLo8b96YJk3OkkRk0KDe kgzZLh2yg03fmZQTAIAmOvEtVgoYNjU7SJCU9pKSDQMH9pJI+N57M6xdbdpcKC033XTlN9+853+2 kEEvZAdDZGw0NsHZXHzGpYOX3qwjLaPcz8PLMR0Le/jxndIxiD6RKhAc/qFkz5rNSismz8oc/dz8 4ePmDRsrd59YmjOvAkcLICa45zSSPUye/HCdOrUlCZgw4cEDB3L1O7zxxgRJC+bOfdp5WqWAOce3 366UPOOhh/qo9ksuuaBLlzZWn5SU5GXLXpBtyX3l5GPGPKB22T61qHT48MczZ444++wzJBmSlEgS o3A7WDIqJwAATdzjW6zkEjZ1OshLWX317XuTbG/c+PPS7u67b7T27tu39oYbrpBGCWuZmc/azhwy 6IXsEHMZG41j62zuPuPewUtv1pGWUe7n5eWYxgrLy4/vlIZB9IlUgcCf3Nzc7OzsjIyM1xIVeXax gNihoKDAbh0A43HJaVavntWo0Zny1v7f/33HDz8EeD927/DeezNk1/PPP+I8UClgzpGTM1OOOvPM OpJtiCQbOPfchs7+R49ukm5PPPFn9TJgzqEkWdG4cYOlsyRGCxc+U44OPsNyAgDQxCW+xUruYVOn w/z5Y2Tviy8+/sUXi0USLdPSqpeUbLA6HDu2efbs0enpaZUrV5a1n/MMIYNeyA4xlLHROIbOFtJn 3Dt46c060jLW/Ty5HNNfYXny8Z3oG8SdaBQI8vPzZW5kZWXJTc9NPOSp5dnFAmKHwsJCu3UAjMcl pzlyZNOrr45u3LhBrVo1nnzyv5w1e/cOX3/9jryR//GPv3WeWSlgzrFy5Uty1B13dJ85c4SSZMPO /po5R2npR9OmPSoZTN26p06a9NDBg/bPW4bsoGRsTgAALrjEt1jJPWzqdLjuussrOXD+9+/nny9O Ta3S1fHF8pBBL2SH2MrYaBxDZwvpM+4dvPRmHWkZ637eW46FtcLy3uM7Ccsg7kSjQCCzIi8vT243 Ozs7M/GQp5ZnFwuIHYqKiuzWATCekDnNoUN5M2Y81rBhvTp1aj/77JAff/xQs4OkBS1bnp+Skix5 qvO0viA5R2Hh+5UrV77xxs7u/W05x223XWP934XS4cMfz5o16pxz6p96as2xYwf5//eaZgd/GZsT AIALIeNbrBQsbIbssGvX8qSkpKFD++7cuUzpk0/eSE5Ouu66y51Xadas8VlnnWG9DBn0QnYwQcZG 45g7WzCfCdnBS2/WkZax7ue95VhYKyzvPb6TsAziTjQKBIWFhXKj+fn5ubm5OYmHPLU8u1hA7FBc XGy3DoDxaOY0Bw/+/PXFevVOO/PMOgH/hlbADitWTJcE4vTTa7322lPbt7/z2WdvzZw5om3bFmpv wJxD1LfvTZLvDht276efZm7YIO/CTzn72HIOSRrk5dKlf92/f73v+P9sXHDBOenpaaNG3b9v31rV x18hO9hkbE4AAC5oxrdYKWDYdO8wbtzgpKSknTuX+XeTRZo0fvPNe0uWTBk+vF9+/oI9ez6YPn24 REXpr/qEDHohOxgiY6OxIc7m9BmdDp55s460jHU/7y3Hwlphee/xnYRlEHeiUSCQWywqKpJ7LSgo 2JZ4yFPLs4sFxA6lpaV26wAYT1g5TUnJBkk3+/W7xbkrWIecnJny7q4+BCv5R4sW51l/guvaa9t3 7Hipc1vyBjlDSkqyHFKlSor1P2P+fVTOMXr0APWyoGBp69bNpUV9nvbxx/80dGjfoqLV1m3YFLKD TcbmBADgQljxLVZyhk2XDi1bnt+tWwdbh0WLJkn0mzTpoYULn0lLq67ibYMGdSXYWv9LHDLohexg iIyNxkY5W1hOpeSNN+tIy1j3895yLKwVlvce30lYBnEnGgUCAIhropPTyLv7xo3z9u4N4z2+tPSj r77Kln+du4Jp167lzp9urhAZmxMAgAvRiW9G6dixzdu3v7Nly0LZcO71gIyNxt5wtnh/s460jHU/ AH0oEABACLyR00Ra5AQA8QjxzXsyNhrjbIkgY90PQB8KBAAQAnIaHZETAMQjxDfvydhojLMlgox1 PwB9KBAAQAjIaXRETgAQjxDfvCdjozHOlggy1v0A9KFAAAAhIKfRETkBQDxCfPOejI3GOFsiyFj3 A9CHAgEAhICcRkfkBADxCPHNezI2GuNsiSBj3Q9AHwoEABACchodkRMAxCPEN+/J2GiMsyWCjHU/ AH0oEABACMhpdEROABCPEN+8J2OjMc6WCDLW/QD0oUAAACEgp9EROQFAPEJ8856MjcY4WyLIWPcD 0IcCAQCEQOU0X06eJG97KJjEPuQEAHEH8c17MjYa42yJIGPdD0AfCgQAEAKV0yAdkRMAxBfEN6/K wGiMsyWODHQ/AH0oEABACA7/ULJnzWalFZNnZY5+bv7wcfOGjZX3P2TXnHnkBABxBPHNszIvGuNs CSTz3A9AHwoEABAGubm52dnZGRkZr0FwxD5iJbFVQUGB3YIAYCrEN+9hbDTG2RIBY90PwB0KBAAQ Bvn5+Tk5OVlZWfK2NxcCIZYR+4iVxFaFhYV2CwKAqRDfPIbJ0Rhn8zwmux+AOxQIACAMtm3blpeX J2942dnZmRAIsYzYR6wktioqKrJbEABMhfjmMUyOxjib5zHZ/QDcoUAAAGFQWFgob3X5+fm5ubk5 EAixjNhHrCS2Ki4utlsQAEyF+OYxTI7GOJvnMdn9ANyhQAAAYSBvckVFRfJuV1BQsA0CIZYR+4iV xFalpaV2CwKAqRDfPIbJ0Rhn8zwmux+AOxQIAAAAAAAAAIACAQAAAAAAAABQIAAAAAAAAACAnygQ AAAAAAAAAMBPFAgAAAAAAAAA4CcKBAAAAAAAAAAg/D/0AtXxTJTI3gAAAABJRU5ErkJggg== --00000000000055026905b6fa9742-- From Jaap.Francke@mendix.com Mon Dec 21 07:44:43 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 048A23A11D0 for ; Mon, 21 Dec 2020 07:44:43 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.099 X-Spam-Level: X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mendix.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uUMu7RlZjlJP for ; Mon, 21 Dec 2020 07:44:41 -0800 (PST) Received: from EUR04-VI1-obe.outbound.protection.outlook.com (mail-vi1eur04on0628.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe0e::628]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 838443A11CB for ; Mon, 21 Dec 2020 07:44:41 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=OlBKsB7AmetbdKBJ57mEtlpjT6hcftlJ8re81fHpl39CFcgQoazsEDDvoFgs8+p6xVsEDOTAAneO/vtprw8zYXZ6pA5V+wK10e8CoLMtPGw989BjfCzGemB8xTH6DI+nDaYYCRiFB17Ta2yw/ckMybvW+KPpDSygjX+jV57UVMYBT3uhyuv4duNcjknQAVj4WtsJz1zipLLBFequCtfql0Ck1IXmA/yi645l3r7Cjm8xwz0HOJDDi0/OfluWSzmFcVdoOTjRIOAgWWMgn6cFEFEUoqjXgndlsP2aUc0Z1/4LM8lL494yzowzJk/0kUpcaEBPlnubTSU3ec6feFE6/A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=dJrqcNTlZQ23dh3lpPrZDL+/WlnWeSQ87KGaj0Hvc/U=; b=aOoKzzeQXhuzUTV3moD0CDwSdqZy8Z2J17MV5aVt88evcLTeua1LUbqnJ9O5AtZc4kN4V9h4BlmbsBi1DK6EpLoai0rLwTwGC/JYUVcXUem0R1uckx6BB9DDgH/I0jKmtm6vRtN3OdE4M7PXDJaO+TP0zFa8YE3znnBJCQqnijIg1RaUKLRXNIGoDpM6vgomAMJJc01oqgYT2TdgF9RVJiWf0Prk/kndR50IhDJO5NvGUzpIrPdR1IrEtLdn+0iPNwKcRKWaw4sBXY44TyqEv+iUYjtNHlB9k/nRG3E53mgaisR27pFyieEs/zko9RUz0dUhyTT8BmU75rLhFR0F+Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=mendix.com; dmarc=pass action=none header.from=mendix.com; dkim=pass header.d=mendix.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mendix.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=dJrqcNTlZQ23dh3lpPrZDL+/WlnWeSQ87KGaj0Hvc/U=; b=GuncTuE7azfrhtiGCKr/vb2JyXh9ScQUTb06gV3EEsOsspe3ASKr5nCycafcv2UdZMElTmIeoAJAkU0vFTaAVaXF1cuQh7sKgb7s4p9EwBZX4zuQqyIQ1M2kOrFMktmIjS3CgJCpglnzwOsOx+Y0jqIB2OpC8PYw4W0DvWclrH0= Received: from AM0PR06MB4180.eurprd06.prod.outlook.com (2603:10a6:208:7a::24) by AM0PR06MB6529.eurprd06.prod.outlook.com (2603:10a6:208:19a::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3676.25; Mon, 21 Dec 2020 15:44:36 +0000 Received: from AM0PR06MB4180.eurprd06.prod.outlook.com ([fe80::869:5441:997d:1c76]) by AM0PR06MB4180.eurprd06.prod.outlook.com ([fe80::869:5441:997d:1c76%6]) with mapi id 15.20.3654.026; Mon, 21 Dec 2020 15:44:36 +0000 From: Jaap Francke To: "oauth@ietfa.amsl.com" Thread-Topic: Confirm email address Thread-Index: AQHW17AvrYKxhQlBrEGgG297yoK6Yw== Date: Mon, 21 Dec 2020 15:44:36 +0000 Message-ID: <181122BC-6805-43F6-947A-907D5D26AA43@contoso.com> Accept-Language: en-US Content-Language: en-GB X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/16.41.20091302 x-originating-ip: [86.84.216.78] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: c1e23e8e-a6eb-4968-1cc7-08d8a5c751da x-ms-traffictypediagnostic: AM0PR06MB6529: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:3383; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 5dq/ug0mvjzL4xLFbb2/15gD9+fcaHWwiIeeDk3n183OK0+pkqey8uH/bPjhk4eCZ7oSIRV/fuWoXjk5jbDpXQqSRChhQF7DloqFDiGCkstxiRtnVIRmlJxTQQAGq0QUbvBxC2UJpZTVOGYos8iov1CGTsEIv8kqLqNxJUPiR2AI3bpvDqDiTgWog2JRRvc5tFh2/3VGTyc6M8+hegadTQ93CWKh1qjVNGjUCl1R+Wd1qfwloTDbURW63bf/wLB8tc8T3gDpr9/1V4UJOYcO2vBFegtr0W7ZrStyrw7x+0j/7RKz/iLAXfiTtjOYKchQPYrEi6fZAIK3p3vhwJvttPbGlG/49KYT9O1F1+l8mBpMCJFlvS66wjTUXqDZhaAkkZNenAMKvo+7nWHwxNsUWg== x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM0PR06MB4180.eurprd06.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(376002)(346002)(39840400004)(396003)(136003)(36756003)(186003)(6512007)(64756008)(6916009)(76116006)(66946007)(66556008)(33656002)(478600001)(66476007)(7116003)(66446008)(3480700007)(86362001)(5660300002)(83380400001)(6486002)(9686003)(2906002)(71200400001)(8936002)(316002)(26005)(6506007)(558084003)(8676002); DIR:OUT; SFP:1101; x-ms-exchange-antispam-messagedata: =?utf-8?B?c3ZjUkZYQWVydVM3UnZQd0o3Z1B2dGVxQjRNeHZWUC81Rm03T0c5ZFFRbkxm?= =?utf-8?B?d3phTU56RG1Db1lITjBqblJNNEtxcGVSZGRhZzBCYkcrOGtGL24zTHg0MUd3?= =?utf-8?B?bnl3T2IxOURyRXpQRW9IMTc3WHN3Tm1mNHdjenFIeU45OXJ2UDNHVkdjUk1h?= =?utf-8?B?dUlxY21DMlNxZ1g2ZnM0Q25jMm81ZWhIN284QjZJeThjUWxXVkdWWS9reExX?= =?utf-8?B?bHQxalJzd3FQWHM5aXdLeWxBS0dwZ0F0QnFGdlQrMVJYbmRuN3ZYWUtGOHJN?= =?utf-8?B?YmtEUmR2M3dQY25MNnk4Y3BxcTVEazNzNVAzQ3FaT3hQOUdhd0JCSWJ2Ny9S?= =?utf-8?B?TlpoeUJXdGkvY042cTJ3bVh4RTdoaWQ3TE9sTjYxWXNtbmFaS3dYK1kwR3U2?= =?utf-8?B?UUVpdnFZL1dza3lXVjJ6MEgrVU1ETTRmYWw1KzBMWU5IakFzVUVHWWxYL0xw?= =?utf-8?B?NDhVRWlITVVFWUJKMkc3c3NqaGIzaVpWNEF3N1UvbThZdWUwU0tBZmZHVlcw?= =?utf-8?B?VFg1WG5iVFpjUkNJSzhSTk0zY2JLWjcyaElMY3V1K3dTODR0RTBVUW5RdCsy?= =?utf-8?B?TUdpVVpuejlzcTV5R09WWG5wK3N1eTA4dVpyVUEzWG9GQkU4MWtnOE4xeloz?= =?utf-8?B?VGZUaHd0OHR5ZjRXZkNEZ3JHUWREQUJtemxzYllvVFRFUnVZazBmdTlVZnpk?= =?utf-8?B?eklpNFNiaEY0QkFBdWlrblZVOGFMTFI0eStKamJaVWw2V0lEN2g4Mko5SytV?= =?utf-8?B?RjhCZmFPd3BRM2VoNmxmVFFGM2RiTzJRTVNZYVM4bkljVTlheitnNmMvdU05?= =?utf-8?B?ZVZqZG1VbkVPdkxUcTZkS01QYXZCWHk2QVhHdWx1aEJKUnJMOTlsN1ZSTDlq?= =?utf-8?B?VzNOQnU3a0dWWnFoQzN6VnBLTmtwbC9YZzVuNXBGM01qMnoxSER1RXlTd2lF?= =?utf-8?B?QjNTdXJ6N1FmSkIrNk5Fb2VyRGlab09WSXBHVkJvb2FoZittRTVmUkZHSStp?= =?utf-8?B?OWg3YjJNd21Sc1NyZDgzUjBjUjNhQm5nNlRqemdyN2RncW5hNnRaTXl2MDh4?= =?utf-8?B?Q1pvdkhUczRHcHZDVjdFZExwN29xZitTMXlZUXRnVmdlOUJuMVJ0VkJrRkZw?= =?utf-8?B?bDBYajR0TUpPUXpRRzMyc3UzU3V1Yng5MUxzeVBaMDhXME1hNjQzRUlFU2l2?= =?utf-8?B?eHI2a1N3K09XR1dqeXU3UDNQREVFcWlTblNVQzUxY1VENFBHN1J2Vlk3dmN2?= =?utf-8?B?eXRDSVpkVUh1NFNsZitSc0lmZWdqUGw5SzY4NE9jR3NEUEJ5MklWVXA1clRB?= =?utf-8?Q?fr/kS2FaaiRbUxD2L4FdX/chgxBK9yo46F?= x-ms-exchange-transport-forked: True Content-Type: multipart/alternative; boundary="_000_181122BC680543F6947A907D5D26AA43contosocom_" MIME-Version: 1.0 X-OriginatorOrg: mendix.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: AM0PR06MB4180.eurprd06.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: c1e23e8e-a6eb-4968-1cc7-08d8a5c751da X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Dec 2020 15:44:36.2279 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: b4e3c78d-8e3b-46d8-bc56-5540da23ba4d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: 9iH3+J0+b5TV7YxdIGQu0BnKHEBDtgDeVTQ20e/aNmHTG5QWRuUyMXJh0s/IridlI79sDoUOBoJP8AvpXkSnDQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR06MB6529 Archived-At: Subject: [OAUTH-WG] Confirm email address X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Dec 2020 15:45:48 -0000 --_000_181122BC680543F6947A907D5D26AA43contosocom_ Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 SSBqdXN0IHN1YnNjcmliZWQgdG9kYXkgYW5kIGFscmVhZHkgY29uZmlybWVkIG15IGVtYWlsIGFk ZHJlc3MuDQpCdXQgZG9pbmcgaXQgYWdhaW4gdG8gYmUgc3VyZS4NCg== --_000_181122BC680543F6947A907D5D26AA43contosocom_ Content-Type: text/html; charset="utf-8" Content-ID: Content-Transfer-Encoding: base64 PGh0bWwgeG1sbnM6bz0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6b2ZmaWNlIiB4 bWxuczp3PSJ1cm46c2NoZW1hcy1taWNyb3NvZnQtY29tOm9mZmljZTp3b3JkIiB4bWxuczptPSJo dHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS8yMDA0LzEyL29tbWwiIHhtbG5zPSJo dHRwOi8vd3d3LnczLm9yZy9UUi9SRUMtaHRtbDQwIj4NCjxoZWFkPg0KPG1ldGEgaHR0cC1lcXVp dj0iQ29udGVudC1UeXBlIiBjb250ZW50PSJ0ZXh0L2h0bWw7IGNoYXJzZXQ9dXRmLTgiPg0KPG1l dGEgbmFtZT0iR2VuZXJhdG9yIiBjb250ZW50PSJNaWNyb3NvZnQgV29yZCAxNSAoZmlsdGVyZWQg bWVkaXVtKSI+DQo8c3R5bGU+PCEtLQ0KLyogRm9udCBEZWZpbml0aW9ucyAqLw0KQGZvbnQtZmFj ZQ0KCXtmb250LWZhbWlseToiQ2FtYnJpYSBNYXRoIjsNCglwYW5vc2UtMToyIDQgNSAzIDUgNCA2 IDMgMiA0O30NCkBmb250LWZhY2UNCgl7Zm9udC1mYW1pbHk6Q2FsaWJyaTsNCglwYW5vc2UtMToy IDE1IDUgMiAyIDIgNCAzIDIgNDt9DQovKiBTdHlsZSBEZWZpbml0aW9ucyAqLw0KcC5Nc29Ob3Jt YWwsIGxpLk1zb05vcm1hbCwgZGl2Lk1zb05vcm1hbA0KCXttYXJnaW46MGNtOw0KCWZvbnQtc2l6 ZToxMS4wcHQ7DQoJZm9udC1mYW1pbHk6IkNhbGlicmkiLHNhbnMtc2VyaWY7DQoJbXNvLWZhcmVh c3QtbGFuZ3VhZ2U6RU4tVVM7fQ0Kc3Bhbi5FbWFpbFN0eWxlMTcNCgl7bXNvLXN0eWxlLXR5cGU6 cGVyc29uYWwtY29tcG9zZTsNCglmb250LWZhbWlseToiQ2FsaWJyaSIsc2Fucy1zZXJpZjsNCglj b2xvcjp3aW5kb3d0ZXh0O30NCi5Nc29DaHBEZWZhdWx0DQoJe21zby1zdHlsZS10eXBlOmV4cG9y dC1vbmx5Ow0KCWZvbnQtZmFtaWx5OiJDYWxpYnJpIixzYW5zLXNlcmlmOw0KCW1zby1mYXJlYXN0 LWxhbmd1YWdlOkVOLVVTO30NCkBwYWdlIFdvcmRTZWN0aW9uMQ0KCXtzaXplOjYxMi4wcHQgNzky LjBwdDsNCgltYXJnaW46NzIuMHB0IDcyLjBwdCA3Mi4wcHQgNzIuMHB0O30NCmRpdi5Xb3JkU2Vj dGlvbjENCgl7cGFnZTpXb3JkU2VjdGlvbjE7fQ0KLS0+PC9zdHlsZT4NCjwvaGVhZD4NCjxib2R5 IGxhbmc9ImVuLU5MIiBsaW5rPSIjMDU2M0MxIiB2bGluaz0iIzk1NEY3MiIgc3R5bGU9IndvcmQt d3JhcDpicmVhay13b3JkIj4NCjxkaXYgY2xhc3M9IldvcmRTZWN0aW9uMSI+DQo8cCBjbGFzcz0i TXNvTm9ybWFsIj48c3BhbiBsYW5nPSJFTi1VUyI+SSBqdXN0IHN1YnNjcmliZWQgdG9kYXkgYW5k IGFscmVhZHkgY29uZmlybWVkIG15IGVtYWlsIGFkZHJlc3MuPG86cD48L286cD48L3NwYW4+PC9w Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gbGFuZz0iRU4tVVMiPkJ1dCBkb2luZyBpdCBh Z2FpbiB0byBiZSBzdXJlLjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjwvZGl2Pg0KPC9ib2R5Pg0K PC9odG1sPg0K --_000_181122BC680543F6947A907D5D26AA43contosocom_-- From nobody Wed Dec 30 00:08:27 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C3DF33A10AD for ; Wed, 30 Dec 2020 00:08:25 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.1 X-Spam-Level: X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mendix.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iKA7tXp22JNC for ; Wed, 30 Dec 2020 00:08:22 -0800 (PST) Received: from EUR04-DB3-obe.outbound.protection.outlook.com (mail-eopbgr60067.outbound.protection.outlook.com [40.107.6.67]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9C9C53A0CC1 for ; Wed, 30 Dec 2020 00:08:22 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=V0LHnt/XNA9JvfOvzLZcLGipwxeAdMettXcmdXHl/1HcfXCstdqTIp3CkbwI6I2QhbnhmrDysonkp+iJpN272EFQNZAk/rKmcUFVCI7C0gPlKb6ZfPESiSxCMgb6DXiQrqFDNT0nGilnMbVHTIu+3WCg0fyWva27WJ7xSjOV9hdC+GwHZTH1RekMxql0ORtUA53a8UrTZA5O7vIiBlE04WLZ46Q8vcoB+qZY1qTJz5iqXr2C1Px5b+A6K4oNcpuqmxZQdyStT1gRMYnI2fQL2GIlEhlULI4R32eFyxTZic7mFvH5Jzq6Wn1grVNrgrRUMBKugLetYaMZQPuUoP4V+w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=zX7EDw/zh9L2HmoW/ZvtJVJdRGagGeI8LZFU3dnPqwM=; b=HZoIYrOZUXchcE1OuEjUm41U5ctTjCjoBpR1GPJLgtbtiWAtSMjsvNQE8emfH1vCxwvbkWvTdzoTo06MFXqWccTECu3Y/5KJXXQHkIhaxUiFhmc/p21nZvmDTlPT3ZJSLF/YF0MH7pTuCND5eDoFOAuxbhhvRo4aVqSPa5DrGftogp51vwmxCx6nEePq/+9KC7lonLbzIxT7bis0MJhkpQdeMtSLOl6Mc1LNNAskPnVc94LQVGip58Q8kSLqIrMWxyE44PN5Nmj0o8SGEeWqkoP7zGda2hGqpwMbWsKIjO5e9FK/AHdQsxTFjKU8/rRw4N8bzHxu2HbCIywCHLcw2g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=mendix.com; dmarc=pass action=none header.from=mendix.com; dkim=pass header.d=mendix.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mendix.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=zX7EDw/zh9L2HmoW/ZvtJVJdRGagGeI8LZFU3dnPqwM=; b=jVmmkzCRulmMiZxC8C0fMQV2VcVaij8dT4hzXXkpN+3p7ybLdQzzIWeJAoUBriYyOaN9qLVvN3w0Wo1w/q82EJwe/TJ/r7PCP6/f+mHWDxGzG03WhnuvQckwgE+/eRxXoYJSHhZYbbh+NNPXAzJVAmv4pI6B2bpQY1FAhytEqcc= Received: from AM0PR06MB4180.eurprd06.prod.outlook.com (2603:10a6:208:7a::24) by AM0PR06MB6419.eurprd06.prod.outlook.com (2603:10a6:208:19b::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3721.20; Wed, 30 Dec 2020 08:08:19 +0000 Received: from AM0PR06MB4180.eurprd06.prod.outlook.com ([fe80::489b:ed4b:779c:37e]) by AM0PR06MB4180.eurprd06.prod.outlook.com ([fe80::489b:ed4b:779c:37e%5]) with mapi id 15.20.3700.031; Wed, 30 Dec 2020 08:08:19 +0000 From: Jaap Francke To: "oauth@ietf.org" Thread-Topic: Confirm email address Thread-Index: AQHW17AvrYKxhQlBrEGgG297yoK6Y6oPZ0GA Date: Wed, 30 Dec 2020 08:08:19 +0000 Message-ID: <7407E010-7D91-4A81-ACD8-5F83A2F00C54@mendix.com> References: <181122BC-6805-43F6-947A-907D5D26AA43@contoso.com> In-Reply-To: <181122BC-6805-43F6-947A-907D5D26AA43@contoso.com> Accept-Language: en-US Content-Language: en-GB X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/16.41.20091302 authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=mendix.com; x-originating-ip: [86.84.216.78] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 285284f3-913b-4233-2ab2-08d8ac9a11ed x-ms-traffictypediagnostic: AM0PR06MB6419: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:5236; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: M+va9rgGns7UrotCGbDOjXfoJJWUEqtNpTQmu9dGUrW3t0MHvC0nb6LN6mQbGD2mxWGDDv5806ruEp8qDBR/6p0S7tEHRuNQDupTN1meDFS7ILj7rQvhZNINookd2Ph5qnR9+8Jv1AzvlAqhW90QzoWw+BbooDiUnypLfoxfLp5xU3k90pCeYQg1I0umtNkOU7SbotajUEGMDoEcvZ20w7fivIlRqB/uGwI/01wxyD2bPd/INm48yFxFjpwIQg3gIL889AVhtlkJZM8daW6gaq12mbLXVeifSMF8x63OCiMn1aZikbT5qq0uYV/L+R1xSfYZ7bvfXjd2U8cg6+6JFHptzmO0uM5jfprIeTovRsJv8KRED1WteD96Hu4mes+K9RWeCpFNpcx1UF1suALKWOHpEoDcvfGCnFyivEdC/li6MpLVKBgjfkPIBMT9P4Gq x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM0PR06MB4180.eurprd06.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(39840400004)(366004)(376002)(136003)(346002)(396003)(316002)(66946007)(76116006)(66476007)(6512007)(6916009)(478600001)(64756008)(66556008)(66446008)(8676002)(186003)(8936002)(4744005)(36756003)(33656002)(2616005)(6486002)(71200400001)(5660300002)(2906002)(86362001)(53546011)(6506007)(26005)(83380400001)(7116003)(45980500001); DIR:OUT; SFP:1101; x-ms-exchange-antispam-messagedata: =?utf-8?B?bzRiajJUcjRxNDJUaHhnbGoyakZiZUNoY0FzZFEzU2lmWDg2eGNsT0RCdFlQ?= =?utf-8?B?dlhtMC9sUUdLRWlqVmVWWU45SDE2N21FenIxZHpoWTJFZUhJSVRpVlUxV0Ur?= =?utf-8?B?aFBEZWx1L2l4NEcxMWFtVmcrVktlRzNWWkNOeFBlQkgvN1R6MTVOU2NLRWJS?= =?utf-8?B?aGRaL2NnSi94NWVXVncxUnJWdnltdlJTZE9ydHFtcnAySXBsbWNFM0FkTkFm?= =?utf-8?B?djlPdENaWWxNQjZSdkhzM01rLzRuSnNuQ255U0VERjg3c2l5a2NiL2lCN2tR?= =?utf-8?B?RjFFWmdxL2hTS3JZRkZ1ZHBMOTVaTFVXNXhpanhrT2cvT1NNNkJBL0M4UDVt?= =?utf-8?B?N05WK245YmtMNDBwTThrQ296SkZzZCtWd0VNZUZ2TEZIc2pXQkF2MW05dU9t?= =?utf-8?B?NzRUZThYUzJFYVdQQXRWMkRLNGpmN0NPYmd5V3M2aTlaRzRuNVJQM3pJbWg1?= =?utf-8?B?eHNGNkxHQllHMHpqczdqcHROZzR3bDR3U2lxRHFwV2lnV1FLZDdFTnFZUHU0?= =?utf-8?B?R210Z1BlQU9Db0RwdjNyTzAwT2NoM21sdWk0S1Z6bWJXckhBOElld3QwVlgv?= =?utf-8?B?czdBMkJnYVBidUlMQXhzd1p2QzBhditCeHZSL3dFWWJ5NS9Zd1k0eEZxWi9I?= =?utf-8?B?dmNaMWNxeVFqOXRSTHJrN3Z4S21QcFFnTkxsRytFUjg0OWp4b1VMSU9ra0FD?= =?utf-8?B?UkFrQ3NaUEZVeVBmcGNkYXZnUzlUaTZub0dqOGRCVFpmK0pWZDVOTlNFUUVZ?= =?utf-8?B?ZXM5U3dSaVZCTEVoK2FNSHNiVVZzLzJkZEJKL3pjK29NZXl0VE9KRi9zRU9x?= =?utf-8?B?aVIrbDdDWkdRZjEvSjVoQm9QMDFKK1VENkhJSnkzTXVGOGUxUVQzc1ExK2Jq?= =?utf-8?B?OUtqQ0hhM2p2bjRoMlkrU0R1Zzlybm5tRXNvQS9xVll2a05lbTBITys2d0ZG?= =?utf-8?B?UVRGWUFCYWU2YmNEUVk3eGZPbmJDQmYyTFQrR0JUZDdGbHRtYWN6RDhMb1lC?= =?utf-8?B?WHVDR1ZiMWF6bkFnckE1TWk2RzJFdFhuYllMQkFXbDFhYUxnMTBMcGl6UjFX?= =?utf-8?B?NllKSWQ0NTNsY0l0T3JMRzc4bXRPYmtYc2I0Y1N2dW9BREM2L2pBY2JOY0Ry?= =?utf-8?B?QmIycmhyMnNwSVFQakI5QUNLblhvRG5ILzJoelBmZ3RsK2dRM0prSFQycFRW?= =?utf-8?B?MWdicmE4ZWJOYWh4MjkzcllMTDR1R1k3Vmdka0IzeUxBTXJ3dEwrQTMwR0xy?= =?utf-8?B?aVplVUhiMkNZenJoaHQ3M3BzcmE2ZWpwRU5NQ1pTYkdYaXJRaUpXTjdaaU5x?= =?utf-8?Q?ifUaphmMmCVC+C+QyRGjS9hnplneOIL6Lh?= x-ms-exchange-transport-forked: True Content-Type: multipart/alternative; boundary="_000_7407E0107D914A81ACD85F83A2F00C54mendixcom_" MIME-Version: 1.0 X-OriginatorOrg: mendix.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: AM0PR06MB4180.eurprd06.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 285284f3-913b-4233-2ab2-08d8ac9a11ed X-MS-Exchange-CrossTenant-originalarrivaltime: 30 Dec 2020 08:08:19.7812 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: b4e3c78d-8e3b-46d8-bc56-5540da23ba4d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: lFpzp2x7SxWIO4Dw689ldm6HFbnEO2taVdk3nRrsSLCRLT3V2iqyXGX34KfwBSGp5HLiFACygmHk0GTyq0+UNA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR06MB6419 Archived-At: Subject: [OAUTH-WG] FW: Confirm email address X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 30 Dec 2020 08:08:26 -0000 --_000_7407E0107D914A81ACD85F83A2F00C54mendixcom_ Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Q29uZmlybWluZyBteSBlbWFpbCBhZGRyZXNzLg0KU29tZWhvdyBJIHNlZW0gdG8gaGF2ZSB1c2Vk IHdyb25nIGVtYWlsIGFkZHJlc3MgYmVmb3JlPw0KDQpLaW5kIHJlZ2FyZHMsIEphYXANCg0KRnJv bTogSmFhcCBGcmFuY2tlIDxKYWFwLkZyYW5ja2VAbWVuZGl4LmNvbT4NCkRhdGU6IE1vbmRheSwg MjEgRGVjZW1iZXIgMjAyMCBhdCAxNjo0NA0KVG86ICJvYXV0aEBpZXRmYS5hbXNsLmNvbSIgPG9h dXRoQGlldGZhLmFtc2wuY29tPg0KU3ViamVjdDogQ29uZmlybSBlbWFpbCBhZGRyZXNzDQoNCkkg anVzdCBzdWJzY3JpYmVkIHRvZGF5IGFuZCBhbHJlYWR5IGNvbmZpcm1lZCBteSBlbWFpbCBhZGRy ZXNzLg0KQnV0IGRvaW5nIGl0IGFnYWluIHRvIGJlIHN1cmUuDQo= --_000_7407E0107D914A81ACD85F83A2F00C54mendixcom_ Content-Type: text/html; charset="utf-8" Content-ID: <838F71957761A24A92F17CD743DF357A@eurprd06.prod.outlook.com> Content-Transfer-Encoding: base64 PGh0bWwgeG1sbnM6bz0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6b2ZmaWNlIiB4 bWxuczp3PSJ1cm46c2NoZW1hcy1taWNyb3NvZnQtY29tOm9mZmljZTp3b3JkIiB4bWxuczptPSJo dHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS8yMDA0LzEyL29tbWwiIHhtbG5zPSJo dHRwOi8vd3d3LnczLm9yZy9UUi9SRUMtaHRtbDQwIj4NCjxoZWFkPg0KPG1ldGEgaHR0cC1lcXVp dj0iQ29udGVudC1UeXBlIiBjb250ZW50PSJ0ZXh0L2h0bWw7IGNoYXJzZXQ9dXRmLTgiPg0KPG1l dGEgbmFtZT0iR2VuZXJhdG9yIiBjb250ZW50PSJNaWNyb3NvZnQgV29yZCAxNSAoZmlsdGVyZWQg bWVkaXVtKSI+DQo8c3R5bGU+PCEtLQ0KLyogRm9udCBEZWZpbml0aW9ucyAqLw0KQGZvbnQtZmFj ZQ0KCXtmb250LWZhbWlseToiQ2FtYnJpYSBNYXRoIjsNCglwYW5vc2UtMToyIDQgNSAzIDUgNCA2 IDMgMiA0O30NCkBmb250LWZhY2UNCgl7Zm9udC1mYW1pbHk6Q2FsaWJyaTsNCglwYW5vc2UtMToy IDE1IDUgMiAyIDIgNCAzIDIgNDt9DQovKiBTdHlsZSBEZWZpbml0aW9ucyAqLw0KcC5Nc29Ob3Jt YWwsIGxpLk1zb05vcm1hbCwgZGl2Lk1zb05vcm1hbA0KCXttYXJnaW46MGNtOw0KCWZvbnQtc2l6 ZToxMS4wcHQ7DQoJZm9udC1mYW1pbHk6IkNhbGlicmkiLHNhbnMtc2VyaWY7DQoJbXNvLWZhcmVh c3QtbGFuZ3VhZ2U6RU4tVVM7fQ0Kc3Bhbi5FbWFpbFN0eWxlMTkNCgl7bXNvLXN0eWxlLXR5cGU6 cGVyc29uYWwtcmVwbHk7DQoJZm9udC1mYW1pbHk6IkNhbGlicmkiLHNhbnMtc2VyaWY7DQoJY29s b3I6d2luZG93dGV4dDt9DQouTXNvQ2hwRGVmYXVsdA0KCXttc28tc3R5bGUtdHlwZTpleHBvcnQt b25seTsNCglmb250LXNpemU6MTAuMHB0O30NCkBwYWdlIFdvcmRTZWN0aW9uMQ0KCXtzaXplOjYx Mi4wcHQgNzkyLjBwdDsNCgltYXJnaW46NzIuMHB0IDcyLjBwdCA3Mi4wcHQgNzIuMHB0O30NCmRp di5Xb3JkU2VjdGlvbjENCgl7cGFnZTpXb3JkU2VjdGlvbjE7fQ0KLS0+PC9zdHlsZT4NCjwvaGVh ZD4NCjxib2R5IGxhbmc9ImVuLU5MIiBsaW5rPSIjMDU2M0MxIiB2bGluaz0iIzk1NEY3MiIgc3R5 bGU9IndvcmQtd3JhcDpicmVhay13b3JkIj4NCjxkaXYgY2xhc3M9IldvcmRTZWN0aW9uMSI+DQo8 cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBsYW5nPSJOTCI+Q29uZmlybWluZyBteSBlbWFpbCBh ZGRyZXNzLjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFu IGxhbmc9IkVOLVVTIj5Tb21laG93IEkgc2VlbSB0byBoYXZlIHVzZWQgd3JvbmcgZW1haWwgYWRk cmVzcyBiZWZvcmU/PG86cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+ PHNwYW4gbGFuZz0iRU4tVVMiPjxvOnA+Jm5ic3A7PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNz PSJNc29Ob3JtYWwiPjxzcGFuIGxhbmc9IkVOLVVTIj5LaW5kIHJlZ2FyZHMsIEphYXA8bzpwPjwv bzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwv cD4NCjxkaXYgc3R5bGU9ImJvcmRlcjpub25lO2JvcmRlci10b3A6c29saWQgI0I1QzRERiAxLjBw dDtwYWRkaW5nOjMuMHB0IDBjbSAwY20gMGNtIj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxiPjxz cGFuIHN0eWxlPSJmb250LXNpemU6MTIuMHB0O2NvbG9yOmJsYWNrIj5Gcm9tOiA8L3NwYW4+PC9i PjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTIuMHB0O2NvbG9yOmJsYWNrIj5KYWFwIEZyYW5ja2Ug Jmx0O0phYXAuRnJhbmNrZUBtZW5kaXguY29tJmd0Ozxicj4NCjxiPkRhdGU6IDwvYj5Nb25kYXks IDIxIERlY2VtYmVyIDIwMjAgYXQgMTY6NDQ8YnI+DQo8Yj5UbzogPC9iPiZxdW90O29hdXRoQGll dGZhLmFtc2wuY29tJnF1b3Q7ICZsdDtvYXV0aEBpZXRmYS5hbXNsLmNvbSZndDs8YnI+DQo8Yj5T dWJqZWN0OiA8L2I+Q29uZmlybSBlbWFpbCBhZGRyZXNzPC9zcGFuPjxzcGFuIHN0eWxlPSJmb250 LXNpemU6MTIuMHB0O2NvbG9yOmJsYWNrO21zby1mYXJlYXN0LWxhbmd1YWdlOkVOLUdCIj48bzpw PjwvbzpwPjwvc3Bhbj48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48 bzpwPiZuYnNwOzwvbzpwPjwvcD4NCjwvZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4g bGFuZz0iRU4tVVMiPkkganVzdCBzdWJzY3JpYmVkIHRvZGF5IGFuZCBhbHJlYWR5IGNvbmZpcm1l ZCBteSBlbWFpbCBhZGRyZXNzLjwvc3Bhbj48bzpwPjwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29O b3JtYWwiPjxzcGFuIGxhbmc9IkVOLVVTIj5CdXQgZG9pbmcgaXQgYWdhaW4gdG8gYmUgc3VyZS48 L3NwYW4+PG86cD48L286cD48L3A+DQo8L2Rpdj4NCjwvYm9keT4NCjwvaHRtbD4NCg== --_000_7407E0107D914A81ACD85F83A2F00C54mendixcom_--
    Danial recently added some text to the working copy = of the draft with https://github.com/danielfett/draft-dpop/comm= it/f4b42058 that I think aims to better convey the "nutshell: XSS= =3D Game over" sentiment and maybe dissuade folks from looking to DPo= P as a cure-all for browser based applications. Admittedly a lot of the ini= tial impetus behind producing the draft in the first place was born out of = discussions around browser based apps. But it's neither specific to bro= wser based apps nor a panacea for them. I hope the language in the document= and how it's recently been presented is reflective of that reality.

    The more specific discussions/recommendations a= round in-browser apps are valuable (if somewhat over my head) but might be = more appropriate in the OAuth 2.0 for Browser-Base= d Apps draft.

    With respect to the contents of= the DPoP draft, I am still keen to try and flush out some consensus around= the question posed in the start of this thread, which is effectively wheth= er or not to include a hash of the access token in the proof.=C2=A0 Acknowl= edging that "XSS =3D Game over" does sort of evoke a tendency to = not even bother with such incremental protections (what I've tried to = humorously coin as "XSS Nihilism" with no success). And as such, = I do think that leaving it how it is (no AT hash in the proof) is not unrea= sonable. But, as Filip previously articulated, including the AT hash in the= proof would prevent potentially prolonged access to protected resources e= ven when the victim is offline. And that seems maybe worthwhile to have in = the protocol, given that it's not a huge change to the spec. But it'= ;s a trade-off either way and I'm personally on the fence about it.

    Including an RT hash in the proof seems more niche. B= est I can tell, it would guard against prolonged offline access to protecte= d resources when access tokens are bearer and the RT was DPoP-bound and als= o gets rotated. The trade-off there seems less worth it (I think an RT hash= would be more awkward in the protocol too).

    =





    On Fri, Dec 4, 2= 020 at 5:40 AM Philippe De Ryck <philippe@pragmaticwebsecurity.com> w= rote:
    =
    The suggestion= to use a web worker to ensure that proofs cannot be pre-computed is a good= one I think. (You could also use a sandboxed iframe for a separate sub/sib= ling-domain - dpop.e= xample.com).

    An ifram= e with a different origin would also work (not really sandboxing, as that i= mplies the use of the sandbox attribute to enforce behavioral restrictions)= . The downside of an iframe is the need to host additional HTML, vs a scrip= t file for the worker, but the effect is indeed the same.

    For scenario 4, I think this on= ly works if the attacker can trick/spoof the AS into using their redirect_u= ri? Otherwise the AC will go to the legitimate app which will reject it due= to mismatched state/PKCE. Or are you thinking of XSS on the redirect_uri i= tself? I think probably a good practice is that the target of a redirect_ur= i should be a very minimal and locked down page to avoid this kind of possi= bility. (Again, using a separate sub-domain to handle tokens and DPoP seems= like a good idea).

    My or= iginal thought was to use a silent flow with Web Messaging. The scenario wo= uld go as follows:

    1. Setup a Web Messaging listen= er to receive the incoming code
    2. Create a hidden iframe with th= e DOM APIs
    3. Create an authorization request such as =E2=80=9C/authorize?response_type=3Dcode&client_id=3D...&redirect_uri=3Dhtt= ps%3A%2F%example.com&a= mp;state=3D...&code_challenge=3D7-ffnU1EzHtMfxOAdlkp_WixnAM_z9tMh3Jxgja= zXAk&code_challenge_method=3DS256&prompt=3Dnone&response_mode= =3Dweb_message=E2=80=9D
    4. Load this URL in the iframe, and w= ait for the result
    5. Retrieve code in the listener, and use PKCE= (+ DPoP if needed) to exchange it for tokens

    This= puts the attacker in full control over every aspect of the flow, so no nee= d to manipulate any of the parameters.


    <= div>After your comment, I also believe an attacker can run the same scenari= o without the =E2=80=9Cresponse_mode=3Dweb_message=E2=80=9D. This wo= uld go as follows:

    1. Create a hidden iframe = with the DOM APIs
    2. Setup polling to read the URL (this will be = possible for same-origin pages, not for cross-origin pages)
    3. Cr= eate an authorization request such as =E2=80=9C/authorize?response_type= =3Dcode&client_id=3D...&redirect_uri=3Dhttps%3A%2F%example.com&state=3D...&code_c= hallenge=3D7-ffnU1EzHtMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_challenge_m= ethod=3DS256=E2=80=9D
    4. Load this URL in the iframe, and kee= p polling
    5. Detect the redirect back to the application with the= code in the URL, retrieve code, and use PKCE (+ DPoP if needed) to exchang= e it for tokens

    In step 5, the application is like= ly to also try to exchange the code. This will fail due to a mismatching PK= CE verifier. While noisy, I don=E2=80=99t think it affects the scenario.=C2= =A0


    = IMO, the online attack scenario (i.e., proxying malicious requests through = the victim=E2=80=99s browser) is quite appealing to an attacker, despite th= e apparent inconvenience:

    =C2=A0- the victim=E2=80= =99s browser may be inside a corporate firewall or VPN, allowing the attack= er to effectively bypass these restrictions
    =C2=A0- the attacker= =E2=80=99s traffic is mixed in with the user=E2=80=99s own requests, making= them harder to distinguish or to block

    Overall, D= PoP can only protect against XSS to the same level as HttpOnly cookies. Thi= s is not nothing, but it means it only prevents relatively naive attacks. G= iven the association of public key signatures with strong authentication, p= eople may have overinflated expectations if DPoP is pitched as an XSS defen= ce.

    Yes, in the cookie wo= rld this is known as =E2=80=9CSession Riding=E2=80=9D. Having the worker fo= r token isolation would make it possible to enforce a coarse-grained policy= on outgoing requests to prevent total abuse of the AT.

    My main concern here is the effort of doing DPoP in a browser versus = the limited gains. It may also give a false sense of security.=C2=A0
    <= div>


    With all this said, I beli= eve that the AS can lock down its configuration to reduce these attack vect= ors. A few initial ideas:

    1. Disable silent flows = for SPAs using RT rotation
    2. Use the sec-fetch headers to detect= and reject non-silent iframe-based flows

    For exam= ple, =C2=A0an OAuth 2.0 flow in an iframe in Brave/Chrome carries these hea= ders:
    sec-fetch-dest: iframe
    sec-fetch-mode: navigate
    sec-fetch-site: cross-site
    sec-fetch-user: ?1


    Philippe


    <= span style=3D"margin:0px;padding:0px;border:0px;outline:0px;vertical-align:= baseline;background:transparent;font-family:proxima-nova-zendesk,system-ui,= -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ub= untu,Cantarell,"Helvetica Neue",Arial,sans-serif;font-weight:600"= >CONFIDENTIALITY NOTICE: This email may contain confidenti= al and privileged material for the sole use of the intended recipient(s). A= ny review, use, distribution or disclosure by others is strictly prohibited= .=C2=A0 If you have received this communication in error, please notify the= sender immediately by e-mail and delete the message and any file attachmen= ts from your computer. Thank you. --000000000000aa7cff05b5fae683-- From nobody Tue Dec 8 15:22:59 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8463B3A0B50 for ; Tue, 8 Dec 2020 15:22:57 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.098 X-Spam-Level: X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=auth0.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dDT8wObATsUv for ; Tue, 8 Dec 2020 15:22:50 -0800 (PST) Received: from mail-pf1-x434.google.com (mail-pf1-x434.google.com [IPv6:2607:f8b0:4864:20::434]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3FAA93A0B85 for ; Tue, 8 Dec 2020 15:22:49 -0800 (PST) Received: by mail-pf1-x434.google.com with SMTP id b26so163617pfi.3 for ; Tue, 08 Dec 2020 15:22:49 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=auth0.com; s=google; h=from:to:subject:date:message-id:mime-version:thread-index :content-language; bh=8dJJopA0gbLM/aksYznBfkHeSekuDocy4wQA9/dDPtw=; b=nOykHr0W0rRmRbK2WIS5HSvRCdTfrl8QqT6FIaadcy8d0LQGsNHB8lYdcidfSloS9B BvcBnzn83aU6bghFLCnfeAh0V9fqNuz6kyK+6pGSF2d+qxNQhVqb1MmFEUUzxm2/WNHc 0lXfdFSTHBewunI3ZNpOunUa5ij6V0VKLn9tohtgcuevd6utnyi3pudEkbf9ZDpvsIM5 JxZm0EeLlRnq6wAYV7i9nZeo0WmFzPcDEmfv0KMYqy8DYuXw1vDTAGwwaGGluLXx3fJ+ IRi8x0X9FIV+QWs90g4Xfy1wBNA3dyw6IyTMTWYCBG9cq6h36H9PGifep6UwFLH70Rcs nVxA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:mime-version :thread-index:content-language; bh=8dJJopA0gbLM/aksYznBfkHeSekuDocy4wQA9/dDPtw=; b=PNlJ6eLCkzJ8INiUtn82cgTTeVFZ0opRpjnwwaex7ohwjMzV1kqFflzJtXPsF/smrm LR8E78EQy3IO/J4zovaNTMcRE9mHUErx/8uMxjnM5IEGC1ztlse7qv4Fn9wnPolLPbcg GdrAnvZJtTj3os5nCxmiWiHLiPPrZaA/JurlnQAdMSPYwwSq/qav9lplCTqWBgl1ZACx y0aF3m/ivuqoWg0+CPUxo5ABEsDfxgbTK0pkOAAOLsCJmIUn4gCfPC+oYCBnlJWPJlvr sABjQjR52elJjeLpvQ8S1qyU5Grvy+jg0baVQdGUhsEw8w+aksOInz0uAm8rhJkPHqJV qv4A== X-Gm-Message-State: AOAM533x10/7DpLU9/ZX/IBN3ns3l0xVCeDfVVCleIIhc8yGgLdlMdlk la9GnbSlQzvt0dgZ1rnpaA9q7Q== X-Google-Smtp-Source: ABdhPJw57lePDfnqnW6VpTsHdd9PLVRIOtyerHXFOsiuNlSzQ0gtgDRtNNdaU0yWiDQnc6YRtbeRDg== X-Received: by 2002:a63:f857:: with SMTP id v23mr376433pgj.174.1607469767619; Tue, 08 Dec 2020 15:22:47 -0800 (PST) Received: from vibrosurface7 (c-67-171-8-60.hsd1.wa.comcast.net. [67.171.8.60]) by smtp.gmail.com with ESMTPSA id f92sm239610pjk.54.2020.12.08.15.22.45 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 08 Dec 2020 15:22:46 -0800 (PST) From: To: , , "'Aaron Parecki'" , "'Torsten Lodderstedt'" Date: Tue, 8 Dec 2020 15:22:46 -0800 Message-ID: <18b401d6cdb9$09cef410$1d6cdc30$@auth0.com> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_18B5_01D6CD75.FBB13250" X-Mailer: Microsoft Outlook 16.0 Thread-Index: AdbNt1GlfWZ8afikSqG7o4Y+jDwFxg== Content-Language: en-us Archived-At: Subject: [OAUTH-WG] Detailed review of OAuth2.1 X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Dec 2020 23:22:58 -0000 This is a multipart message in MIME format. ------=_NextPart_000_18B5_01D6CD75.FBB13250 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Dear authors, It took ages but I finally managed to go thru a full review of the = current OAuth2.1 draft. Apologies for the delay. Metacomments: * The VAST majority of the comments are suggestions for improving = clarity, mostly on historical language coming from 2.0 that I found = myself having to clarify to customers and colleagues over and over thru = the years. None of those are critical. * There are a few places where 2.1 requires a MUST I believe to be = unwarranted/too restrictive. For each of those I did my best to provide = context and concrete examples. * A sizeable category of comments and disagreements on MUST come from = treating mobile and desktop apps as largely equivalent under the = =E2=80=9Cnative app=E2=80=9D umbrella, despite of the vast gulf that = separates the two both in terms of security posture and user experience. = Again, I tried to be as matter of fact as possible in there. * The main reason for which I spoke up during the IETF interim on = oauth2.1 was the confusion the omission f the implicit grant caused = among the devs using implicit in OIDC for obtaining ID_tokens. I = suggested some language to pre-empt the issue, but I expect some = iteration there. Thanks, V =20 =C2=A71 I wonder whether we should take the opportunity offered by OAuth2.1 to = clarify frequent points of confusion about OAuth, by explicitly calling = out in the introduction what is out of scope. For example: OAuth is not an identity protocol, as it doesn=E2=80=99t = concern itself with how resource owners are authenticated; OAuth = isn=E2=80=99t meant to address 1st party scenarios, although the reader = is free to use it in that context as well; and so on. I believe there is value in adding this in the introduction rather than = relegating it in some later considerations section, as the people who = need this information the most rarely read past this point. =20 =C2=A71.1 In the RS definition, wondering whether including the word = =E2=80=9CAPI=E2=80=9D would help to clarify what an RS is in practice. =20 =C2=A71.2 I always found this part extraordinarily difficult to decipher. I get = that this is the first description and doesn=E2=80=99t have to be = exhaustive and consider all cases (eg it=E2=80=99s ok if step 3 claims = that the client authenticates w the AS even tho that=E2=80=99s only for = confidential clients), but I think it could be much clearer than it is = today. Step 1 says The client requests authorization from the resource owner. The = authorization request can be made directly to the resource owner (as = shown), or preferably indirectly via the authorization server as an = intermediary. Besides the fact that =E2=80=9Crequests authorization=E2=80=9D is a bit = vague, this step and the corresponding diagram leg does not correspond = at all to what normally happens- to get a code, the client does need to = hit the AS and the mention in passing in the text isn=E2=80=99t enough = to figure that out. Also, with the omission of ROPG there really = isn=E2=80=99t any way of asking anything to the RO directly (the client = creds doesn=E2=80=99t involve the RO). I would recommend updating that diagram to be more descriptive of the = canonical scenario. Step 2 mentions the 2 grants defined in the spec, but only one of them = represents the RO=E2=80=99s authorization. Claiming that the client = itself is the RO is a formalism that doesn=E2=80=99t meet the = reader=E2=80=99s intuition at this point. Step 5=20 The language here triggered multiple discussions, in particular on = whether the AT can actually be used to ascertain the identity of the = client =E2=80=93 that isn=E2=80=99t the case for public clients, for = example; besides, that=E2=80=99s not really the highest order bit of the = AT. If it is, it seems that the spec should be more explicit about how = client identification from the RS by means of an AT works. If it = isn=E2=80=99t, perhaps we should change the language to omit = authenticate. The last paragraph is emblematic IMO =E2=80=93 if the preferred method = is very different from the diagram here, and if the abstraction = presented here is not terribly useful (given that we no longer have = multiple RO based grants, excluding the extension grants that are still = too far at this point to warrant a cognitive downpayment for the reader) = I wonder whether we=E2=80=99d be better off doing the authz code diagram = directly (and mention that we also have the client creds grant = separately). =20 =C2=A71.3 I understand that we can=E2=80=99t really change this because we inherit = from OAuth 2 but I=E2=80=99ll mention it anyway- modeling clients as ROs = is problematic, as it doesn=E2=80=99t often match what happens in = practice. A confidential client might batch-read a user=E2=80=99s inbox = searching for ad words, but the resource owner remains the user. I know we straighten things up in 1.3.2, but the positioning here is = confusing. Also: isn=E2=80=99t the refresh token grant a core-specified grant as = well? I know I am nitpicking. =C2=A71.3.1 We don=E2=80=99t say anywhere here that the authorization code can be = exchanged for an access token. It can be somewhat inferred from 1.2, but = it=E2=80=99s a bit of an intelligence test (one needs to infer from = authorization grant). P2 =E2=80=9Cobtains authorization=E2=80=9D could be more specific, to = reinforce that we are doing a delegated flow. =E2=80=9CObtains=E2=80=9D = seem to suggest that we are talking about consent, rather than AS side = rules. If that=E2=80=99s the case, calling it out might make the = scenario clearer. P3 Both the benefits listed apply to confidential clients only. Not sure = whether calling it out here would help prevent confusion later on (eg = people thinking that public clients can prove their identity) or would = bring confusion on now (given that we didn=E2=80=99t differentiate = between client types yet). Either ways, formally we are OK here; I am = just thinking how to make things clearer. Perhaps defining client types = before grants might help being clearer here. =20 =C2=A71.3.2 A concrete example of credential (eg shared secret) might help clarify = things here. Also, the fact that client credentials indicate both a = grant in itself and an artifact (which participates in other grants) is = a well know source of confusion. Wondering if calling this out here = might help. =20 =C2=A71.4 In general, we use =E2=80=9Caccess token=E2=80=9D and = =E2=80=9Ctoken=E2=80=9D interchangeably- perhaps pedantic, but I would = suggest we always use =E2=80=9Caccess token=E2=80=9D to prevent = confusion with refresh tokens later on, and other token types in other = contexts (eg think ID tokens). P1 The client should treat the AT string as opaque, but that = doesn=E2=80=99t necessarily means it is: in some cases the client CAN = see inside the token, and with the current language they might interpret = it as =E2=80=9Cin this case, it=E2=80=99s OK to look- otherwise they = would have made it opaque, per the spec=E2=80=9D. =20 =C2=A71.5 The first phrase of P1 is wonderfully clear. We should have the = equivalent in =C2=A71.3.1 Not having defined a mechanism for requesting a RT here, leaving it to = ASes to decide when and where, created the situation in which some AS = only issues RTs when they get the offline_access scope, with all the = unfortunate consequences about RT lifetime vs session lifetime = etc=E2=80=A6 I know we can=E2=80=99t really change this now as we = don=E2=80=99t want to break existing AS implementations, but wondering = if there=E2=80=99s anything we can say to further clarify/give readers a = headsup about the ambiguity/diversity of behaviors they=E2=80=99ll = encounter here. P2 It=E2=80=99s odd that we say =E2=80=9Cusually opaque to the = client=E2=80=9D for the RT while we decisively said opaque for the AT. = Also, the client shouln=E2=80=99t do anything w the RT content hence I = think the same considerations done for =C2=A71.4P2 apply here. =E2=80=9CThe token denotes an identifier used to retrieve the = authorization information=E2=80=9D gets into the specifics of the = implementation and it=E2=80=99s not universally true (some AS = encrypt/sign the authz info in the RT itself and have no server state = whatsoever. Step 3 Should we add a reference to RFC6750 here? =20 =C2=A71.8 Should we say rich *delegated* authorization framework? =20 =C2=A72 =E2=80=9Cend-user interaction with an HTML registration form=E2=80=9D is = oddly specific =F0=9F=98=8A in particular, I think =E2=80=9Cend = user=E2=80=9D might be misleading. We can either say = =E2=80=9Cinteractive=E2=80=9D or refer =E2=80=9Cthe client app = developer=E2=80=9D or equivalent. Overkill but I=E2=80=99ll mention it anyway. Should we say that = typically the client registration in the non-dynamic scenario occurs in = authenticated settings? Not strictly necessary but might help the reader = to tie what we say in this section with their concrete experience. =20 =C2=A72.1 P4 =E2=80=9CAuthorization servers SHOULD consider the level of confidence = in a client's identity when deciding whether they allow such a client = access to more critical functions, such as the Client Credentials grant = type.=E2=80=9D=20 I don=E2=80=99t understand this sentence. Is the client credentials = grant type a =E2=80=9Cmore critical function=E2=80=9D? Or is it a level = of confidence? Either ways, I think it needs clarifying. P5 IMPORTANT: this is going to break many OAuth implementations with = significant adoption. Auth0 is fine (each client_id is tied to a single = client type) but I know of others that will break. I suggest softening to a SHOULD NOT. =E2=80=9Cbrowser-based application=E2=80=9D I am not convinced this is so much easier than the original = =E2=80=9Cuser-agent-based=E2=80=9D. I understand the advantages = (dovetails w the BCP, more precise given that apps can be user agent as = wells nowadays, more familiar) however the break w 2.0 terminology is = jarring. I don=E2=80=99t feel very strongly about it but enough to type = it. =20 =C2=A72.2 It=E2=80=99s a bit odd to define the client identifier like it=E2=80=99s = something brand new when =C2=A72.1 already introduced it. This language = from the original 2.0 might need to be revised to accommodate that = change. Wondering whether a warning against structured client_ids (eg = identifiers assembled thru some string template, like developer = name+region+serial) would be in order. Perhaps in the security = considerations? =20 =C2=A72.3 P1 That sounds vaguely circular, given that being assigned credentials = might be considered part of the =E2=80=9Cestablish a client = authentication method=E2=80=9D task listed there. I=E2=80=99d simply say = =E2=80=9Cif the client is confidential or credentialed=E2=80=9D. P2 I=E2=80=99d add =E2=80=9Cby the authorization server=E2=80=9D for good = measure. P3 That sounds vague. Shouldn=E2=80=99t it be mandatory for the AS to = require client auth for the client types who have creds? =E2=80=9Cif = possible=E2=80=9D seem to open the possibility of circumstances where = that=E2=80=99s not he case. P5 I think that this idea of identifying the client will need to be fleshed = out more for people to fully understand it. Credentialed clients can = prove that they are the same client instance across multiple = transactions, which some might consider a weak form of identification. = To rule that out, it has to be mentioned upfront IMO. If not here, in = some of the considerations section=E2=80=A6 with a forward reference = here. P6 Do we say why anywhere? If yes, we should reference it. If not, perhaps = we should. =20 =C2=A72.3.1 We no longer mentioned the empty client secret, but we don=E2=80=99t = forbid it either. What=E2=80=99s our stance? =20 =C2=A72.3.2 In =C2=A72.3 we mention MTLS, private_key_jwt, but here we just point = the reader to IANA. It looks like echoing those methods here might help = clarity. =20 =C2=A73.1 Last paragraph I have been in discussions where readers interpreted this as = =E2=80=9Cyou cannot send custom parameters to the authorization = server=E2=80=9D. To preempt that mistake, we mighr consider calling out = that custom extensions _are_ permitted as long as the AS supports them. = I know that=E2=80=99s what the current language says already. =20 =C2=A73.1.1 Wondering if referring to some specific, well known extensions (like = OIDC) might help readers to better understand this point. =20 =C2=A73.1.2 RFC3986 6.2.1 talks about character by character comparison, but = doesn=E2=80=99t mention case sensitivity. I am sure it does elsewhere in = the spec, but for clarify and readability I recommend specifying the = desired behavior directly here. =20 =C2=A73.1.2.1 Personally, I would advocate for a MUST here. True, lots of people = won=E2=80=99t comply at development time, but I think that=E2=80=99s OK = as long as they do use TLS when going in production.=20 Also, SameSite changes are making the use of HTTPS at dev time more and = more common. If OAuth2.1 is about picking the best of the security = practices, this seems like a an obvious candidate. =20 =C2=A73.1.2.2 P3 =E2=80=9Clack of requiring=E2=80=9D doesn=E2=80=99t sound proper. =20 =C2=A73.2 P2 Should we also say that the spec doesn=E2=80=99t care about _when_ the = client obtains the endpoint? Last P Same considerations as =C2=A73.1 =20 =C2=A73.2.1 P1 That=E2=80=99s stricter than =C2=A72.3P3 =E2=80=93 I think the language = there should be tweaked to be coherent with the one here. =20 =C2=A73.3 Wondering if the =E2=80=9Cscope strings order does not matter=E2=80=9D = point should be somehow emphasized or clarified. I know of = implementations who considered heuristics such as =E2=80=9Cif the scopes = requested correspond to multiple resources, I=E2=80=99ll show consent = for all byt the token eventually issued when redeeming the code will = have as audience the resource corresponding to the FIRST requested = scope=E2=80=9D, which would violate the order invariant requirement.=20 =20 =C2=A74 Potentially VERY confusing. I would recommend to be more specific and = state that =E2=80=9COAuth 2.1 defines two grant types=E2=80=9D.=20 =20 =C2=A74.1 Diagram Not critical. But I want to point it out. The first time I saw this = diagram I found it confusing. The fact that the same numeral is assigned = to multiple legs is just odd for anyone not already familiar with the = flow, possibly still struggling to understand the client as a service = side component. Also, now that we have mighty SVG support, I would strongly advocate for = a modern version of this diagram (there lines perhaps don=E2=80=99t need = to be broken into segments). Step 5 =E2=80=9Coptionally, a refresh token=E2=80=9D is too vague IMO. I will = look for opportunities to clarify later in the spec, given that this = might not be the best place to go in details. =20 =C2=A74.1.1 Overall: a high summary of the steps in this preamble might help. The = current denormalization in subsection can be pretty hard to follow for = someone seeing this for the first time.=20 Also: creating challenge and verifier BEFORE assembling the request = seems profoundly counterintuitive to me, as it emphasizes a security = measure over the core function of this leg of the flow. Unless = there=E2=80=99s a crypto reason for this current sequencing that I = can=E2=80=99t see, I recommend first creating the core request = (what=E2=80=99s now 4.1.1.3) and then attaching challenge and verifier. = Also, sending the message can be its own subsection rathe than being = conflated with the last message composition subsection. P1 =E2=80=9Cto begin=E2=80=9D remains a bit suspended, given that = there=E2=80=99s no obvious segue on what constitutes the steps after the = beginning.=20 P2 =E2=80=9Clater use with the authorization code=E2=80=9D could be = clearer, e.g. =E2=80=9Cat authorization code redemption time=E2=80=9D. = At this point that might still not be obvious for the reader. Mentioning the provenance of properties (parameters?) code_challenge and = code_verifier without first having introduced them might confuse people = not already familiar with them and the request process in general, as = their function will not be obvious not naturally map with the preceding = sentencer. P3 Imposing a MUST before knowing what those this are yet is not as clear = as it would be if this would be stated after their use and function has = been explained. =20 =C2=A74.1.1.3 On state. Given the change vs OAuth2, I think it might be helpful to = call out the relevant section on the appendix about differences to help = people familiar w 2.0 not to miss this important change and avoid doing = work twice. =20 =C2=A74.1.2 P2 Should we say that the code should be opaque to the client, to = discourage the use of structured code templates that can be partially = manufactured? P8 =E2=80=9Che server MUST NOT include the "code_challenge" value in = client requests=E2=80=9D, was that meant to be = =E2=80=9Cresponses=E2=80=9D?=20 Qualifying =E2=80=9Cother entities=E2=80=9D (anyone but the AS?) might = make this point clearer. =20 =C2=A74.3 We mentioned extension grants in passing, but I don=E2=80=99t recall = seeing a definition/description of their function in the context of the = framework. Even a short sentence to that effect here would help, given = that the section title names them explicitly. Also, stressing that the = device flow is just one example and other extensions might differ (for = example in their logic to establish whether an access token request is = valid and authorized) would go a long way in helping the reader put this = section in better focus. =20 =C2=A75.1 On the access_token parameter. Given the discussions we had for the JWT = AT profile draft, I am wondering whether it should be called out here = that the AT recipient is the RS, that the client should not expect to be = able to parse the access_token, and that the AS is under no obligation = to use a consistent AT encoding outside of what is negotiated with the = RS. I don=E2=80=99t feel very strongly about this, or about where in the = spec this should be called out, but it sure would have made life easier = in those discussions- hence the comment. On the refresh_token parameter. The lack of details in how OAuth2 = describes how/when an AS returns refresh tokens led to today=E2=80=99s = complicated situation in which many implementations issue RTs only when = OIDC=E2=80=99s offline_access is received in the scopes, as it was the = only mention in public specs describing a concrete behavior. See the = associated online_access discussion on the OIDC list, as RTs gain = importance as session artifacts of sort for SPAs now that implicit is = dead and ITP makes iframe renewals problematic. Unfortunately it is too late to be prescriptive here, as we cannot break = compatibility with whatever choices existing AS implementations made. = However we can be more descriptive and give the reader a better idea of = what=E2=80=99s the range of possibilities. Some nonnormative examples of = how existing AS determine whether to issue an RT or not (eg as an option = determined at client registration time, or any other heuristic you guys = encountered in the wild) might help people to better understand their = options and the intent of the specification here. =20 =C2=A75.2 It might help to remind the reader here that extensions to the core spec = might specify or further specialize circumstances in which the errors = mentioned here are returned (for example, see the validation errors in = the JWT AT profile). There=E2=80=99s a mention of that in =C2=A77.3.1 = but that=E2=80=99s pretty far, and having even brief language here might = be handy for people reading the spec for reference rather than cover to = cover. =20 =C2=A76 P1 I think the risk assessment is just one of the factors an AS might use = to decide whether to issue an RT or not. The current language suggests = risk is the only determinant in that decision and that doesn=E2=80=99t = seem right. Saying that one might refresh tokens using other grants seems odd. A new = authorization code grant gets me a new token and offers me the = opportunity to describe what token I want (scopes etc), the fact that I = might choose to ask the exact same things I asked in the original = request is expediency. I would rather phrase this as the fact that the = client can simply repeat the original request, and external factors such = as cookies, sessions and other auth method specific options may allow = the client to do so without prompting the user. P2 We might need to be more precise here. Do we mean the scopes consented = by the RO in the request that led to the issuance of the RT being used? = Just saying consented by the RO for the client does not exclude cases in = which there are more instances of the client in operation. Say that I am = running uber on phone 1 and I consent to read my google calendar, = getting AT1 and RT1. Say that on phone 2 I also run the uber app, and = this time I consent to write my google calendar, obtaining AT2 and RT2 = on this new device. Now consider the various combinations here. Should = RT2 allow me to get calendar:read too, given that it was already = consented by RO for this client? Should RT1 allow me to get AT1=E2=80=99 = containing calendar:write, given that RO consented for it when using a = different instance of the same client? Whatever is the answer you want = to the questions above, I think the spec should have language clear = enough to unambiguously determine the desired behavior. =20 =C2=A76.1 It=E2=80=99s a bit confusing that half of the RT use requirements is in = =C2=A76 (the requirement to authenticate confidential/credentialed = clients) and half is in here, with the only differentiator being the = nature of the client. This is pretty minor, but I think I would = personally find clearer if all the requirements for the use of an RT = would be consolidated in a single place. It=E2=80=99s true that the = public client reqs are a SHOULD, but still. Rotation. Wondering whether it would be wise to advise the reader to have their AS = revoke all the still valid ATs issued by the AS from the same = session/family of RTs upon detection of a RT reuse. It is not uncommon = for clients to request new ATs before their projected expiration. P6 I think the =E2=80=9CMAY=E2=80=9D here might be confusing when applied = to the rotation, as in either the AS does it, or the scenario = won=E2=80=99t work. I understand this is formally correct, but perhaps = explicitly calling out some cases in which the AS might decide to do = otherwise and acknowledge that in that case the client will be stuck = might help clarify. Also, if the public client protection measures were = in =C2=A76 instead of here, there would be less opportunities for = confusion as it would be easier to grok that this doesn=E2=80=99t apply = to the rotation case only (now adjacent) but to other RT reissuance = cases as well (eg sliding expiration). On the identical scopes requirement. Say that after obtaining RT1, which = includes scopes s1 and s2 for client c1, the RO revokes authorization = for c1 to use s2. Should the AS fail the RT redemption, or return an AT = with only s1 and a scopes parameter informing the client of the change? = As developer I would prefer the latter, to preserve the experience: but = if we are adamant about the current language, I think it might be useful = to explicitly call out that any changes to the grant on the AS side = should result in failure of the RT redemption. P7 Calling out deprovisioning of RO might be useful as well. On =E2=80=9Cthe logout at the AS=E2=80=9D event, that=E2=80=99s = definitely a valid case but I worry about how presenting that alone = might reinforce misunderstandings that equate RTs with sessions. There = are certainly times where we want that (see mentions earlier of the = online_access discussions) but there are also cases where the ability of = a client to refresh ATs needs to survive session boundaries = (offline_access) and confusing the two are problematic. I don=E2=80=99t = have a clear solution here, just pointing out a potential point of = confusion. Maybe there will be more opportunities to clarify later in = the spec. =20 =C2=A77 P1 An important case to call out is the AS-RS colocation, where neither = introspection nor token format agreements are necessary. I suggest = mentioning it openly. =20 =C2=A77.2 =E2=80=9Cbearer tokens may be extended to include proof-of-possession = techniques by other specifications=E2=80=9D sounds like an oxymoron. = Wouldn=E2=80=99t PoP make the token no longer bearer by the very = definition above? It looks like we might need a term for simply =E2=80=9Ctoken=E2=80=9D. =20 =C2=A77.2.1 Do we also want to forbid two tokens in the same request, using = different methods? Current language only constraints the behavior of one = token. =20 =C2=A77.2.3 The =E2=80=9Cinsufficient_scope=E2=80=9D description here is = problematic. The privileges the AT carries/points to are not necessarily = (or exclusively) represented by the included scopes (eg the RO might = have granted document:read to the client, but RO might have no = privileges for the particular document being requested in this = particular call). It might be useful to specify that = =E2=80=9Cinvalid_scope=E2=80=9D should be used for authorization errors = that can be actually expressed in terms of delegated authorization, = leaving to RS implementers the freedom to handle other authorization = issues (eg user privileges, RBAC, etc) with a different error code. Or = at least, we should be clear that authorization logic not expressed via = scopes is out of scope (pun not intended) for this specification. Note, this isn=E2=80=99t an abstract problem: there are SDKs out there = that use =E2=80=9Cinvalid_scope=E2=80=9D for every permission issues. = Very confusing. =20 =C2=A77.3.1 We rewrite portions of 6750 in oauth2.1, but here we refer to it as its = own spec=E2=80=A6 that could be confusing as it=E2=80=99s unclear which = parts of 6750 are overridden by oauth2.1 (eg no more querystring) and = what parts remain normative. Perhaps we can call those things out in the = sections meant to replace the corresponding sections in 6750. =20 =C2=A77.4.2 Pedantic: although the title of the section states it, wondering whether = every instance of =E2=80=9Ctoken=E2=80=9D here should be =E2=80=9Caccess = token=E2=80=9D instead. Think of cases in which the spec is quoted in = discussions and disputes, where snippets can be pasted and mentioned = outside of the context of this section. P2 Referencing the JWT AT profile as an example of extension providing the = info out of scope for the core might help the reader grok a concrete = example. =20 =C2=A77.4.3.5 =E2=80=9Cone hour or less=E2=80=9D seems very arbitrary, and breaks step = in respect to what the spec does elsewhere (eg we don=E2=80=99t give any = indication of how long an AS should wait to invalidate an RT for = inactivity, but we do say the AS should do so). I would actually not = provide any reference value here. =20 =C2=A77.4.3.6 Another opportunity of referencing the JWT AT profile for a concrete = example of detailed audience restriction guidance in ATs. =20 =C2=A77.4.3.7 Besides the indications given to clients here, should we also give = guidance to an RS to ignore tokens passed that way? =20 =C2=A77.4.5 Along the same lines of the comments about delegated authorization = earlier for =C2=A77.2.3. I think it would be useful to acknowledge here = that ATs might carry, and RSs might expect, authorization information = that go beyond the delegated authorization for 3rd party API case that = is core to OAuth- and remind the reader that those mechanisms are out of = scope for oauth hence they shouldn=E2=80=99t expect those aspects to be = addressed/handled/regulated by this specification.=20 =20 =C2=A78 As mentioned earlier, it seems a potentially confusing to reference the = section of a document being superseded. I do see an issue in redefining = here something already established and in use, hence I am not expecting = this to change. Just wondering whether we need to provide a more = explicit map of the sections in 6749 that are being updated by oauth2.1. =20 =C2=A79 Should we also say something about the scenario being chiefly 3rd party = clients? We know lots of people use OAuth2 for 1st party scenarios and = some considerations might differ. This might be an opportunity to = finally make that clear. =20 =C2=A79.1 P1 Well, the AS doesn=E2=80=99t really use client auth... the active part = here is the client itself. Perhaps the AS can require it, when possible. P2 Unclear. Are we saying that if it is possible to safely distribute keys = to client, the AS MUST use client auth? That seems odd, there might be = other reasons coming into play (cost, security posture) making that = choice not viable. Or is the intent to say that the AS should not use = client auth if the key distribution cannot be trusted? That sounds far = more realistic, but then the language should be tweaked or the reader = might pick the former interpretation. P3 The AS can=E2=80=99t really PREVENT creds forwarding as the RO machine = might still have funny business going on (eg DNS attacks). Some softer = language might be more accurate there.=20 P4 That sounds very abstract. What does it mean? That the AS should = consider to issuing RTs to public clients? If that=E2=80=99s the case, = we should just say so=E2=80=A6 tho without more details, I don=E2=80=99t = know how actionable the guidance here will be. I can see BoFa requiring = a user to reauth in their iPhone app after inactivity, but I = don=E2=80=99t see Uber doing so for their app.. unless they produce long = lived ATs, which isn=E2=80=99t what we want either. P5=20 This could be clearer. The dynamic client registration case just flesh = out the confidence level an AS can have in its identity, but does not = offer a corresponding privilege level to it =E2=80=93 whereas the second = case does mention assigned privileges explicitly. Also, pitting = =E2=80=9Cdynamically registered client=E2=80=9D vs =E2=80=9Cweb = application=E2=80=9D might suggest the app type is a factor, whereas = AFAIK 7591 can be used for registering web apps too (whether that s wise = or not is immaterial here). =C2=A79.2 Should we say something about whether native clients should be allowed = to be =E2=80=9Cupgraded=E2=80=9D as confidential clients in the future, = or the other way round? I know of scenarios where people did that to = preserve consent info, but that seem sketchy security wise. P3 The SHOULD here refers to a requirement that in 10.3.1 is a MUST. I = don=E2=80=99t think the MUST is warranted (more about that in the 10.3.1 = comments) but if we do keep it, it looks like the level should be = coherent here. P4 That example is compatible with a SHOULD- works now, but would look odd = if we=E2=80=99d upgrade P3 with a MUST for coherence with 10.3.1. P5 Inclusion where/how? We should be precise IMO. If it=E2=80=99s just = registration material (eg not part of the redirect URI), we should = mention how we expect it to be used in the context of OAuth- and if we = don=E2=80=99t know, perhaps we should not mention it here.=20 =20 =C2=A79.3 P1 I know it becomes clearer later on, but I think it would help here to = explicitly call out confidential and credentialed client as the subject = of this sentence. Those are the only client types with credentials, = hence the current language is formally correct. This is just for = clarity. P2 I thought we require redirect URI registration in all cases? This makes = it sound it=E2=80=99s only for public clients. P3 I have been in various discussions where people were attempting to = interpret what =E2=80=9Cexplicit RO authentication=E2=80=9D means in = practice. Is it a full credential prompt regardless of whether one = session already exists? A selection between existing sessions, if = present? P4 This is unclear. As it currently reads it seems to prohibit things like = getting a new authz code silently via iframe (and prompt=3Dnone or = equivalent UX suppressing mechanism, please ignore the ITP complications = for the sake of argument).=20 =20 =C2=A79.3.1 P1 I don=E2=80=99t follow this sentence. The client identity cannot be = proved for public clients (see also next P), and the native apps are = public clients unless otherwise specified (eg credentialed). P2 I find this misleading. Client side measures such as claimed schemes, = domains etc might work to prevent an app impersonating another app on = the same device/OS, but they aren=E2=80=99t guaranteed to be honored on = other operating systems. The AS has no way of knowing whether those = measures have been enforced on the client, hence it should not accept = them as proof. =20 =20 =C2=A79.4.1 This is another place where a reference to the JWT AT profile would = provide a concrete example of the conditions set forth here (eg RS = guidance for audience validation). Also, as mentioned earlier, it might be useful to remind the reader that = the AS might include in the token authorization information that go = beyond the delegated authz scenario OAuth2.x concerns itself with, and = that those aspects are beyond the scope of this specification. That = would truly go a long way preventing people from abusing and = overextending the spec on scenarios it is not meant to address. And even for the canonical scenarios, it might be useful to remind the = reader that the RS might have extra logic not described in this spec = that determines whether the call will be authorized or otherwise- to = dispel the notion that the AS is always the sole source of truth for = authorization.=20 =20 =C2=A79.4.2 P2 Clarifying that MTLS is one instance of the sender constraint methods = just mentioned would prevent some readers considering that an = independent, additional constraint. =20 =C2=A79.5 In =C2=A76.1 we give more details about protection, should we have a = backward reference to that section here? P2 Is it worth to specify that it doesn=E2=80=99t matter how the AS tracks = the binding? (eg server side or embedded in the RT bits themselves). =20 =C2=A79.6 P1 This language makes the assumption that for client cred grants, the sub = will take on the client_id value. That it certainly possible, but not a = given. As such, the language here should be explicit abouty the fact = that it=E2=80=99s what we are expecting to happen in this particular = scenario. P2 Referring to the client as the actor here is confusing as soon as you = move beyond client_id. When you talk about rhe sub or any other value, = it=E2=80=99s not as much the client as it is the developer who owns the = client. The difference is subtle but might be a source of confusion. =20 =C2=A79.7 P3 I thought that we were going to make PKCE or nonce the only two = mandatory alternatives? Nothing against supporting state as an accepted = way to achieve this, just surprised as I recall people being quite = adamant about pushing PKCE. P4 Looks like the iss response parameter might make the distinct redirect = URIs unnecessary? =20 =C2=A79.7.1 The guidance in this section isn=E2=80=99t likely to be widely followed, = but I understand the rationale behind it. =20 =C2=A79.8 P2 That=E2=80=99s probably obvious, but I think we should specify that = those multiple attempts should come with the expected code verifier as = well for the revocation logic to be triggered- if it=E2=80=99s just the = code without verifier, it doesn=E2=80=99t look like the leak went far = enough to warrant that intervention. P4 If this holds, then the remark about the use of state for CSRF in = =C2=A79.7 P3 seems unnecessary. P9 The use of MUST here seems incompatible with the concession of using = nonce instead of PKCE. Either we allow it or we don=E2=80=99t=E2=80=A6 =20 =C2=A79.11 P1 Now that we no longer trade in RO passwords, should we mention them = here? Sure, if the AS uses passwords they do need protection, but so do = lots of other things the AS might use as part of auth that we = don=E2=80=99t mention here for Occam=E2=80=99s razor.=20 P3 What other means are we referring to?=20 =20 =C2=A79.12 =E2=80=9Cservice providers=E2=80=9D occurs for the first time in the = document here. Tying the guidance to entities already mentioned in the = doc (clients, AS) might make things clearer/more actionable. =20 =C2=A79.13 I understand that some of the comments in this area should be done on = the BCP rather than here, but here we are. That said=E2=80=A6 Blanket comment: this section seems to assume native app =3D=3D mobile = app, and that=E2=80=99s not strictly the case. Desktop apps have = different characteristics and desktop OSes different capabilities. Would = be clearer to make a distinction when relying on mobile OS capabilitesas = we appear to do here. P2 Embedded user-agent !=3D fake external user agent, but P2 uses that = interchangeably. A desktop app might use an embedded browser for UX = reasons and making no attempt whatsoever to disguise that as an external = agent. And I would be pretty surprised to see a malware remover get rid = of google drive for Mac, or Adobe products, or Office- all native apps = using embedded user-agents for authentication. P3 It=E2=80=99s unclear how the AS would do that, given that user agent = strings can be faked. Google has its ML based secret sauce, but that = might not be accessible by everyone. P4 This is mobile specific, doesn=E2=80=99t apply to desktop apps as = readily. Also unclear how that would change for the end user, given that = pixel perfect replicas can easily include fake address bars. More = details on how a user would detect an actual browser (presence of an = existing session, access to bookmarks etc) might add enough color to = help the reader truly understand the extent of the remedy power (or its = true limits).=20 =20 =C2=A79.14 There=E2=80=99s no action for the reader here. If that reflects the = actual situation (none of the roles described in this spec can do = anything to mitigate or contain the damage, and solutions to prevent the = situation lie outside its purview eg use MDM software on your corporate = devices) we should explicitly say so. =20 =C2=A79.15 A bit odd that we used CSRF throughout the document assuming the reader = was familiar with it, but here we attempt a definition.=20 Still confused on how we admit state as a valid mechanism, as opposed to = limiting to nonce and PKCE. Also note the potential discrepancy called = out earlier in which at code redemption time we appear to require PKCE, = in contrast to admitting nonce/state here. =20 =C2=A79.18.2 Wondering if here we should go as far as recommending the AS keeps = dynamic client registration OFF when it=E2=80=99s not needed. That might = provide good secure by default guidance for AS SDKs and product = developers. =20 =C2=A79.19 I assume we=E2=80=99d add the =E2=80=9Ciss=E2=80=9D response parameter = as alternative to the requirements here? =20 =C2=A79.20 P1, P2, P3 The security properties described here do not apply as is to desktop = apps using embedded browsers. As mentioned earlier, on the desktop the separation between apps = isn=E2=80=99t as stark as on mobile- the keystrokes message pump is = potentially accessible at the user session level, encompassing multiple = applications. Although process separation mechanisms are in place, the = circumstances of the execution and the OS specific features in this = respect determine the degree to which entering credentials in one = process makes the data inaccessible by another. We should not claim = advantages we cannot guarantee, and we should be explicit about what = measures specific to dekstops should be considered to mitigate risks eg = not executing apps as admins, enable and use UAC at the right level on = Windows or equivalent on other OSes, use app sandboxing when the OS = supports it, etc. Not suggesting we call out specific technologies like = UAC, but at least point at the category of security measures. P4 As mentioned above, the presence of the address bar can be easily faked = by pixel perfect replicas- relying on those is security theater. P5 This is a valid concern, but if we want to frame it in the context of = the security considerations section we need to add more color (eg = minimizing the situations in which one needs to enter creds is good = security practice). =20 Another thing we might add as lowlight for embedded browsers: password = managers might not work, making the user=E2=80=99s life difficult and = possibly promoting insecure situations (eg placing a random pwd in the = clipboard, where other apps might later steal it from). =C2=A79.21 Do we need this here, given that we cover this in depth earlier? =20 =C2=A710 I find this subdivision confusing. We have native clients considerations = scattered throughout the entire specification, but now we have a = dedicated section that somewhat repeats some of the points already made = while interleaving new ones. Perhaps having a more specific section = title, one that better characterizes the content and intent of this = section, would avoid giving the impression that if the reader is = interested in native clients, this is the only section they need to = read. P2 See discussion so far on native vs desktop. Also: I have been in ferocious discussions where people thought the = external user agent HAD to be the browser, which we know isn=E2=80=99t = the case (hero apps like the FB SDK or OS features like sign in w Apple = work just as well). Some language here giving a nod to those non-browser = external user agents might help clarify. P4 See previous discussion on mobile!=3Ddesktop. P5 I=E2=80=99d always qualify the =E2=80=9Cbrowser=E2=80=9D with system, = external, device etc given that some reader calls the embedded = user-agent =E2=80=9Cembedded browser=E2=80=9D, hence just saying = =E2=80=9Cbrowser=E2=80=9D without modifiers is ambiguous. User authentication state.. on the device. I think specifying it will = clarify what this really means. =20 =C2=A710.1 Unless you scope this statement to MOBILE apps, I think the MUST here = should be a SHOULD.=20 The security posture of the desktop is different enough, and the quality = of the user experience when using a system browser bad and disomogeneous = enough, that a MUST isn=E2=80=99t justified here. =20 =C2=A710.2 Beware of the native-mobile false equivalence here. P3 One or two examples of non-browser external user agents might help. P4 Text pasted here is technically not a best practice but core. I see there are examples here, so no need to add them in P3. It=E2=80=99s unclear why the external browser is RECOMMENDED here- if = it=E2=80=99s because we can=E2=80=99t go in details of the behavior of = non browser apps, it seems like we should say that much rather than = making a recommendation. In other words, RECOMMENDED expresses a strong = preference for it, but if I am on iOS and I want to sign in with = Facebook I am actually better off using their SDK both for security and = user experience reasons than to use the system browser. =20 =C2=A710.3 Requesting a MUST for all 3 methods seems restrictive=E2=80=A6 why not = requesting at least one? =20 =C2=A710.3.1 P3 This seems unnecessarily restrictive. 3.8 in 7595 is mostly SHOULDs, and = it refers to organizations rather than individuals. Not every developer = owns a domain, not every app goes on an app store and is meant for = general public consumption. An organization sideloading apps on managed = devices should not be forced to follow those constraints if they control = the environment and aren=E2=80=99t worried about other apps competing = for the same schema, but placing a MUST here might compel SDK developers = to embed validation checks that would make developers on those = circumstances deal with complexity without any security upside. In fact, = apps should not even be required to have internet access in the general = case but this requirement does impose that.=20 I think this is an important best practice that should be encouraged, = RECOMMENDED or even SHOULDed , but it shouldn=E2=80=99t be a MUST in the = core specification. =20 =C2=A710.3.2 P4 Like everything happening on the client, the AS cannot really take that = as guarantee. What might be true for an app running on iOS might not = apply if the requests are all manufactured via cURL on a Linux box. The = scope of those measures is really limited to one particular device or = devices sharing an OS, outside of that cohort there are no guarantees. =20 =C2=A710.3.3 This section should come with glaring warnings, anything actively = listening on the client extends the attack surface- an app listening on = the loopback might now get affected by exploits in the local HTTP = driver/local network stack and taken over, executing with the same = privileges as the user (remember = https://www.rapid7.com/db/vulnerabilities/WINDOWS-HOTFIX-MS15-034/). The = fact that the loopback is only accessible locally only reduces the risk = but doesn=E2=80=99t eliminate it, a local process with lower privileges = might use that exploit for elevation of privileges for example. We = should at least recommend that the app hosting the loopback adapter runs = with low privileges, reiterate the =E2=80=9Clisten only when you = must=E2=80=9D and generally warn about the extra attack surface. As AS I might not want to support this method at all, both for security = reasons and for the extra logic the wildcard port entails at = registration and request serving times, but right now the spec forces me = to- more reasons for relaxing the MUST for all 3 methods as mentioned = earlier.. =20 =C2=A712 I am not exactly sure where to place the following- this section (or a = subsection) might be the best fit. As mentioned during the interim meeting, the omission of the implicit = flow in OAuth2.1 has already caused a lot of people to interpret this as = an indirect deprecation of the use of implicit flow by OpenID Connect = for obtaining ID_tokens, either via traditional response_modes or via = form_post. We already debated and concluded that the reasons that led to the = omission of the implicit grant in 2.1 do not apply to ID_tokens, hence = there=E2=80=99s no reason for people to stop using OpenID Connect that = way.=20 Formally we are in the clear, as OIDC is vased on 2.0 the omission of = implicit here does not prevent it as extension grant in OIDC anyway- but = the formal stance doesn=E2=80=99t help in preventing the confusion and = assuaging the concerns of the developers who aren=E2=80=99t as well = versed as the people on this list in all things specifications. Because of this, I recommend we add some language here that prevents = that confusion. Something like=20 =20 * The Implicit grant ("response_type=3Dtoken") is omitted from this specification as per Section 2.1.2 = of[I-D.ietf-oauth-security-topics = ] Please note: the omission of the implicit grant from this specification = does not automatically imply that other extension grants obtaining = credentials directly from the authorization endpoint should also be = discarded. For example, the implicit flow defined in Section 3.2 of = [OIDC = = ] remains valid for all the response_type values not including = =E2=80=9Ctoken=E2=80=9D.=20 =20 Although it might be a bit unusual to refer to details of specs from = other entities, this spec already mentions OpenID 9 times even excluding = =C2=A714.2- and as soon as the browser apps section will be included, = that number is certain to rise. And the confusion on this point is truly = widespread- adding language along the lines of the above directly in the = core would go a long way to save a lot of grief. =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 =20 ------=_NextPart_000_18B5_01D6CD75.FBB13250 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable

    Dear authors,

    It took ages but I finally managed to go thru a full = review of the current OAuth2.1 draft. Apologies for the = delay.

    Metacomments:

    • The VAST majority of = the comments are suggestions for improving clarity, mostly on historical = language coming from 2.0 that I found myself having to clarify to = customers and colleagues over and over thru the years. None of those are = critical.
    • There are a few places = where 2.1 requires a MUST I believe to be unwarranted/too restrictive. = For each of those I did my best to provide context and concrete = examples.
    • A sizeable category of = comments and disagreements on MUST come from treating mobile and desktop = apps as largely equivalent under the =E2=80=9Cnative app=E2=80=9D = umbrella, despite of the vast gulf that separates the two both in terms = of security posture and user experience. Again, I tried to be as matter = of fact as possible in there.
    • The main reason for which I spoke up during the IETF interim on = oauth2.1 was the confusion the omission f the implicit grant caused = among the devs using implicit in OIDC for obtaining ID_tokens. I = suggested some language to pre-empt the issue, but I expect some = iteration there.

    Thanks,

    V

     

    =C2=A71

    I wonder = whether we should take the opportunity offered by OAuth2.1 to clarify = frequent points of confusion about OAuth, by explicitly calling out in = the introduction what is out of scope.

    For example: OAuth is not an identity protocol, as it = doesn=E2=80=99t concern itself with how resource owners are = authenticated; OAuth isn=E2=80=99t meant to address 1st party = scenarios, although the reader is free to use it in that context as = well; and so on.

    I believe there is = value in adding this in the introduction rather than relegating it in = some later considerations section, as the people who need this = information the most rarely read past this point.

     

    =C2=A71.1

    In the RS = definition, wondering whether including the word =E2=80=9CAPI=E2=80=9D = would help to clarify what an RS is in practice.

     

    =C2=A71.2

    I always = found this part extraordinarily difficult to decipher. I get that this = is the first description and doesn=E2=80=99t have to be exhaustive and = consider all cases (eg it=E2=80=99s ok if step 3 claims that the client = authenticates w the AS even tho that=E2=80=99s only for confidential = clients), but I think it could be much clearer than it is = today.

    Step 1 says

    The client requests authorization from the resource = owner.=C2=A0 The authorization request can be made directly to the = resource owner (as shown), or preferably indirectly via the = authorization server as an intermediary.

    Besides the fact that =E2=80=9Crequests = authorization=E2=80=9D is a bit vague, this step and the corresponding = diagram leg does not correspond at all to what normally happens- to get = a code, the client does need to hit the AS and the mention in passing in = the text isn=E2=80=99t enough to figure that out. Also, with the = omission of ROPG there really isn=E2=80=99t any way of asking anything = to the RO directly (the client creds doesn=E2=80=99t involve the = RO).

    I would recommend updating that = diagram to be more descriptive of the canonical = scenario.

    Step 2

    mentions the 2 grants defined in the spec, but only = one of them represents the RO=E2=80=99s authorization. Claiming that the = client itself is the RO is a formalism that doesn=E2=80=99t meet the = reader=E2=80=99s intuition at this point.

    Step 5

    The = language here triggered multiple discussions, in particular on whether = the AT can actually be used to ascertain the identity of the client = =E2=80=93 that isn=E2=80=99t the case for public clients, for example; = besides, that=E2=80=99s not really the highest order bit of the AT. If = it is, it seems that the spec should be more explicit about how client = identification from the RS by means of an AT works. If it isn=E2=80=99t, = perhaps we should change the language to omit = authenticate.

    The last paragraph is = emblematic IMO =E2=80=93 if the preferred method is very different from = the diagram here, and if the abstraction presented here is not terribly = useful (given that we no longer have multiple RO based grants, excluding = the extension grants that are still too far at this point to warrant a = cognitive downpayment for the reader) I wonder whether we=E2=80=99d be = better off doing the authz code diagram directly (and mention that we = also have the client creds grant separately).

     

    =C2=A71.3

    I = understand that we can=E2=80=99t really change this because we inherit = from OAuth 2 but I=E2=80=99ll mention it anyway- modeling clients as ROs = is problematic, as it doesn=E2=80=99t often match what happens in = practice. A confidential client might batch-read a user=E2=80=99s inbox = searching for ad words, but the resource owner remains the = user.

    I know we straighten things up = in 1.3.2, but the positioning here is confusing.

    Also: isn=E2=80=99t the refresh token grant a = core-specified grant as well? I know I am nitpicking.

    =C2=A71.3.1

    We = don=E2=80=99t say anywhere here that the authorization code can be = exchanged for an access token. It can be somewhat inferred from 1.2, but = it=E2=80=99s a bit of an intelligence test (one needs to infer from = authorization grant).

    P2

    =E2=80=9Cobtains = authorization=E2=80=9D could be more specific, to reinforce that we are = doing a delegated flow. =E2=80=9CObtains=E2=80=9D seem to suggest that = we are talking about consent, rather than AS side rules. If = that=E2=80=99s the case, calling it out might make the scenario = clearer.

    P3

    Both the benefits listed apply to confidential clients = only. Not sure whether calling it out here would help prevent confusion = later on (eg people thinking that public clients can prove their = identity) or would bring confusion on now (given that we didn=E2=80=99t = differentiate between client types yet). Either ways, formally we are OK = here; I am just thinking how to make things clearer. Perhaps defining = client types before grants might help being clearer = here.

     

    =C2=A71.3.2

    A = concrete example of credential (eg shared secret) might help clarify = things here. Also, the fact that client credentials indicate both a = grant in itself and an artifact (which participates in other grants) is = a well know source of confusion. Wondering if calling this out here = might help.

     

    =C2=A71.4

    In = general, we use =E2=80=9Caccess token=E2=80=9D and = =E2=80=9Ctoken=E2=80=9D interchangeably- perhaps pedantic, but I would = suggest we always use =E2=80=9Caccess token=E2=80=9D to prevent = confusion with refresh tokens later on, and other token types in other = contexts (eg think ID tokens).

    P1

    The client = should treat the AT string as opaque, but that doesn=E2=80=99t = necessarily means it is: in some cases the client CAN see inside the = token, and with the current language they might interpret it as = =E2=80=9Cin this case, it=E2=80=99s OK to look- otherwise they would = have made it opaque, per the spec=E2=80=9D.

     

    =C2=A71.5

    The first = phrase of P1 is wonderfully clear. We should have the equivalent in = =C2=A71.3.1

    Not having defined a = mechanism for requesting a RT here, leaving it to ASes to decide when = and where, created the situation in which some AS only issues RTs when = they get the offline_access scope, with all the unfortunate consequences = about RT lifetime vs session lifetime etc=E2=80=A6 I know we = can=E2=80=99t really change this now as we don=E2=80=99t want to break = existing AS implementations, but wondering if there=E2=80=99s anything = we can say to further clarify/give readers a headsup about the = ambiguity/diversity of behaviors they=E2=80=99ll encounter = here.

    P2

    It=E2=80=99s odd that we say =E2=80=9Cusually opaque = to the client=E2=80=9D=C2=A0 for the RT while we decisively said opaque = for the AT. Also, the client shouln=E2=80=99t do anything w the RT = content hence I think the same considerations done for =C2=A71.4P2 apply = here.

    =E2=80=9CThe token denotes an identifier used to retrieve =
the authorization information=E2=80=9D gets into =
the specifics of the implementation and it=E2=80=99s not universally =
true (some AS encrypt/sign the authz info in the RT itself and have no =
server state whatsoever.

    Step 3

    Should we = add a reference to RFC6750 here?

     

    =C2=A71.8

    Should we = say rich *delegated* authorization framework?

     

    =C2=A72

    =E2=80=9Cend-user interaction with an HTML registration =
form=E2=80=9D =
is oddly =
specific =F0=9F=98=8A in =
particular, I think =E2=80=9Cend user=E2=80=9D might be misleading. We =
can either say =E2=80=9Cinteractive=E2=80=9D or refer =E2=80=9Cthe =
client app developer=E2=80=9D or =
equivalent.
    Overkill but =
I=E2=80=99ll mention it anyway. Should we say that typically the client =
registration in the non-dynamic scenario occurs in authenticated =
settings? Not strictly necessary but might help the reader to tie what =
we say in this section with their concrete =
experience.
     
    =C2=A72.1
    P4=

    =E2=80=9CAuthorization servers SHOULD consider the =
level of confidence in a client's identity when deciding whether they =
allow such a client access to more critical functions, such as the =
Client Credentials grant type.=E2=80=9D =

    I =
don=E2=80=99t understand this sentence. Is the client credentials grant =
type a =E2=80=9Cmore critical function=E2=80=9D? Or is it a level of =
confidence? Either ways, I think it needs =
clarifying.
    P5=

    IMPORTANT: =
this is going to break many OAuth implementations with significant =
adoption. Auth0 is fine (each client_id is tied to a single client type) =
but I know of others that will break.
    I suggest =
softening to a SHOULD NOT.
    =E2=80=9Cbrow=
ser-based application=E2=80=9D
    I am not =
convinced this is so much easier than the original =
=E2=80=9Cuser-agent-based=E2=80=9D. I understand the advantages =
(dovetails w the BCP, more precise given that apps can be user agent as =
wells nowadays, more familiar) however the break w 2.0 terminology is =
jarring. I don=E2=80=99t feel very strongly about it but enough to type =
it.
     
    =C2=A72.2
    It=E2=80=99s =
a bit odd to define the client identifier like it=E2=80=99s something =
brand new when =C2=A72.1 already introduced it. This language from the =
original 2.0 might need to be revised to accommodate that =
change.
    Wondering =
whether a warning against structured client_ids (eg identifiers =
assembled thru some string template, like developer name+region+serial) =
would be in order. Perhaps in the security =
considerations?
     
    =C2=A72.3
    P1=

    That sounds =
vaguely circular, given that being assigned credentials might be =
considered part of the =E2=80=9Cestablish a client authentication =
method=E2=80=9D task listed there. I=E2=80=99d simply say =E2=80=9Cif =
the client is confidential or =
credentialed=E2=80=9D.
    P2=

    I=E2=80=99d =
add =E2=80=9Cby the authorization server=E2=80=9D for good =
measure.
    P3=

    That sounds =
vague. Shouldn=E2=80=99t it be mandatory for the AS to require client =
auth for the client types who have creds? =E2=80=9Cif possible=E2=80=9D =
seem to open the possibility of circumstances where that=E2=80=99s not =
he case.
    P5=

    I think that =
this idea of identifying the client will need to be fleshed out more for =
people to fully understand it. Credentialed clients can prove that they =
are the same client instance across multiple transactions, which some =
might consider a weak form of identification. To rule that out, it has =
to be mentioned upfront IMO. If not here, in some of the considerations =
section=E2=80=A6 with a forward reference =
here.
    P6=

    Do we say =
why anywhere? If yes, we should reference it. If not, perhaps we =
should.
     
    =C2=A72.3.1
    We no longer =
mentioned the empty client secret, but we don=E2=80=99t forbid it =
either. What=E2=80=99s our stance?
     
    =C2=A72.3.2
    In =C2=A72.3 =
we mention MTLS, private_key_jwt, but here we just point the reader to =
IANA. It looks like echoing those methods here might help =
clarity.
     
    =C2=A73.1
    Last =
paragraph
    I have been =
in discussions where readers interpreted this as =E2=80=9Cyou cannot =
send custom parameters to the authorization server=E2=80=9D. To preempt =
that mistake, we mighr consider calling out that custom extensions _are_ =
permitted as long as the AS supports them. I know that=E2=80=99s what =
the current language says already.
     
    =C2=A73.1.1
    Wondering if =
referring to some specific, well known extensions (like OIDC) might help =
readers to better understand this =
point.
     
    =C2=A73.1.2
    RFC3986 =
6.2.1 talks about character by character comparison, but doesn=E2=80=99t =
mention case sensitivity. I am sure it does elsewhere in the spec, but =
for clarify and readability I recommend specifying the desired behavior =
directly here.
     
    =C2=A73.1.2.1=

    Personally, =
I would advocate for a MUST here. True, lots of people won=E2=80=99t =
comply at development time, but I think that=E2=80=99s OK as long as =
they do use TLS when going in production. =

    Also, =
SameSite changes are making the use of HTTPS at dev time more and more =
common. If OAuth2.1 is about picking the best of the security practices, =
this seems like a an obvious =
candidate.
     
    =C2=A73.1.2.2=

    P3=

    =E2=80=9Clack=
 of requiring=E2=80=9D doesn=E2=80=99t sound =
proper.
     
    =C2=A73.2
    P2=

    Should we =
also say that the spec doesn=E2=80=99t care about _when_ the client =
obtains the endpoint?
    Last =
P
    Same =
considerations as =C2=A73.1
     
    =C2=A73.2.1
    P1=

    That=E2=80=99=
s stricter than =C2=A72.3P3 =E2=80=93 I think the language there should =
be tweaked to be coherent with the one =
here.
     
    =C2=A73.3
    Wondering if =
the =E2=80=9Cscope strings order does not matter=E2=80=9D point should =
be somehow emphasized or clarified. I know of implementations who =
considered heuristics such as =E2=80=9Cif the scopes requested =
correspond to multiple resources, I=E2=80=99ll show consent for all byt =
the token eventually issued when redeeming the code will have as =
audience the resource corresponding to the FIRST requested =
scope=E2=80=9D, which would violate the order invariant requirement. =

     
    =C2=A74<=
/o:p>
    Potentially =
VERY confusing. I would recommend to be more specific and state that =
=E2=80=9COAuth 2.1 defines two grant types=E2=80=9D. =

     
    =C2=A74.1
    Diagram<=
/o:p>
    Not =
critical. But I want to point it out. The first time I saw this diagram =
I found it confusing. The fact that the same numeral is assigned to =
multiple legs is just odd for anyone not already familiar with the flow, =
possibly still struggling to understand the client as a service side =
component.
    Also, now =
that we have mighty SVG support, I would strongly advocate for a modern =
version of this diagram (there lines perhaps don=E2=80=99t need to be =
broken into segments).
    Step =
5
    =E2=80=9Copti=
onally, a refresh token=E2=80=9D is too vague IMO. I will look for =
opportunities to clarify later in the spec, given that this might not be =
the best place to go in details.
     
    =C2=A74.1.1
    Overall: a =
high summary of the steps in this preamble might help. The current =
denormalization in subsection can be pretty hard to follow for someone =
seeing this for the first time. 
    Also: =
creating challenge and verifier BEFORE assembling the request seems =
profoundly counterintuitive to me, as it emphasizes a security measure =
over the core function of this leg of the flow. Unless there=E2=80=99s a =
crypto reason for this current sequencing that I can=E2=80=99t see, I =
recommend first creating the core request (what=E2=80=99s now 4.1.1.3) =
and then attaching challenge and verifier. Also, sending the message can =
be its own subsection rathe than being conflated with the last message =
composition subsection.
    P1=

    =E2=80=9Cto =
begin=E2=80=9D remains a bit suspended, given that there=E2=80=99s no =
obvious segue on what constitutes the steps after the beginning. =

    P2=

    =E2=80=9Clate=
r use with the authorization code=E2=80=9D could be clearer, e.g. =
=E2=80=9Cat authorization code redemption time=E2=80=9D. At this point =
that might still not be obvious for the =
reader.
    Mentioning =
the provenance of properties (parameters?) code_challenge and =
code_verifier without first having introduced them might confuse people =
not already familiar with them and the request process in general, as =
their function will not be obvious not naturally map with the preceding =
sentencer.
    P3=

    Imposing a =
MUST before knowing what those this are yet is not as clear as it would =
be if this would be stated after their use and function has been =
explained.
     
    =C2=A74.1.1.3=

    On state. =
Given the change vs OAuth2, I think it might be helpful to call out the =
relevant section on the appendix about differences to help people =
familiar w 2.0 not to miss this important change and avoid doing work =
twice.
     
    =C2=A74.1.2
    P2=

    Should we =
say that the code should be opaque to the client, to discourage the use =
of structured code templates that can be partially =
manufactured?
    P8=

    =E2=80=9Che =
server MUST NOT=C2=A0 include the "code_challenge" value in =
client requests=E2=80=9D, was that meant to be =
=E2=80=9Cresponses=E2=80=9D? 
    Qualifying =
=E2=80=9Cother entities=E2=80=9D (anyone but the AS?) might make this =
point clearer.
     
    =C2=A74.3
    We mentioned =
extension grants in passing, but I don=E2=80=99t recall seeing a =
definition/description of their function in the context of the =
framework. Even a short sentence to that effect here would help, given =
that the section title names them explicitly. Also, stressing that the =
device flow is just one example and other extensions might differ (for =
example in their logic to establish whether an access token request is =
valid and authorized) would go a long way in helping the reader put this =
section in better focus.
     
    =C2=A75.1
    On the =
access_token parameter. Given the discussions we had for the JWT AT =
profile draft, I am wondering whether it should be called out here that =
the AT recipient is the RS, that the client should not expect to be able =
to parse the access_token, and that the AS is under no obligation to use =
a consistent AT encoding outside of what is negotiated with the RS. I =
don=E2=80=99t feel very strongly about this, or about where in the spec =
this should be called out, but it sure would have made life easier in =
those discussions- hence the comment.
    On the =
refresh_token parameter. The lack of details in how OAuth2 describes =
how/when an AS returns refresh tokens led to today=E2=80=99s complicated =
situation in which many implementations issue RTs only when =
OIDC=E2=80=99s offline_access is received in the scopes, as it was the =
only mention in public specs describing a concrete behavior. See the =
associated online_access discussion on the OIDC list, as RTs gain =
importance as session artifacts of sort for SPAs now that implicit is =
dead and ITP makes iframe renewals =
problematic.
    Unfortunately=
 it is too late to be prescriptive here, as we cannot break =
compatibility with whatever choices existing AS implementations made. =
However we can be more descriptive and give the reader a better idea of =
what=E2=80=99s the range of possibilities. Some nonnormative examples of =
how existing AS determine whether to issue an RT or not (eg as an option =
determined at client registration time, or any other heuristic you guys =
encountered in the wild) might help people to better understand their =
options and the intent of the specification =
here.
     =

    =C2=A75.2
    It might =
help to remind the reader here that extensions to the core spec might =
specify or further specialize circumstances in which the errors =
mentioned here are returned (for example, see the validation errors in =
the JWT AT profile). There=E2=80=99s a mention of that in =C2=A77.3.1 =
but that=E2=80=99s pretty far, and having even brief language here might =
be handy for people reading the spec for reference rather than cover to =
cover.
     
    =C2=A76<=
/o:p>
    P1=

    I think the =
risk assessment is just one of the factors an AS might use to decide =
whether to issue an RT or not. The current language suggests risk is the =
only determinant in that decision and that doesn=E2=80=99t seem =
right.
    Saying that =
one might refresh tokens using other grants seems odd. A new =
authorization code grant gets me a new token and offers me the =
opportunity to describe what token I want (scopes etc), the fact that I =
might choose to ask the exact same things I asked in the original =
request is expediency. I would rather phrase this as the fact that the =
client can simply repeat the original request, and external factors such =
as cookies, sessions and other auth method specific options may allow =
the client to do so without prompting the =
user.
    P2=

    We might =
need to be more precise here. Do we mean the scopes consented by the RO =
in the request that led to the issuance of the RT being used? Just =
saying consented by the RO for the client does not exclude cases in =
which there are more instances of the client in operation. Say that I am =
running uber on phone 1 and I consent to read my google calendar, =
getting AT1 and RT1. Say that on phone 2 I also run the uber app, and =
this time I consent to write my google calendar, obtaining AT2 and RT2 =
on this new device. Now consider the various combinations here. Should =
RT2 allow me to get calendar:read too, given that it was already =
consented by RO for this client? Should RT1 allow me to get AT1=E2=80=99 =
containing calendar:write, given that RO consented for it when using a =
different instance of the same client? Whatever is the answer you want =
to the questions above, I think the spec should have language clear =
enough to unambiguously determine the desired =
behavior.
     
    =C2=A76.1
    It=E2=80=99s =
a bit confusing that half of the RT use requirements is in =C2=A76 (the =
requirement to authenticate confidential/credentialed clients) and half =
is in here, with the only differentiator being the nature of the client. =
This is pretty minor, but I think I would personally find clearer if all =
the requirements for the use of an RT would be consolidated in a single =
place. It=E2=80=99s true that the public client reqs are a SHOULD, but =
still.
    Rotation.
    Wondering =
whether it would be wise to advise the reader to have their AS revoke =
all the still valid ATs issued by the AS from the same session/family of =
RTs upon detection of a RT reuse. It is not uncommon for clients to =
request new ATs before their projected =
expiration.
    P6=

    I think the =
=E2=80=9CMAY=E2=80=9D here might be confusing when applied to the =
rotation, as in either the AS does it, or the scenario won=E2=80=99t =
work. I understand this is formally correct, but perhaps explicitly =
calling out some cases in which the AS might decide to do otherwise and =
acknowledge that in that case the client will be stuck might help =
clarify. Also, if the public client protection measures were in =C2=A76 =
instead of here, there would be less opportunities for confusion as it =
would be easier to grok that this doesn=E2=80=99t apply to the rotation =
case only (now adjacent) but to other RT reissuance cases as well (eg =
sliding expiration).
    On the =
identical scopes requirement. Say that after obtaining RT1, which =
includes scopes s1 and s2 for client c1, the RO revokes authorization =
for c1 to use s2. Should the AS fail the RT redemption, or return an AT =
with only s1 and a scopes parameter informing the client of the change? =
As developer I would prefer the latter, to preserve the experience: but =
if we are adamant about the current language, I think it might be useful =
to explicitly call out that any changes to the grant on the AS side =
should result in failure of the RT =
redemption.
    P7=

    Calling out =
deprovisioning of RO might be useful as =
well.
    On =
=E2=80=9Cthe logout at the AS=E2=80=9D event, that=E2=80=99s definitely =
a valid case but I worry about how presenting that alone might reinforce =
misunderstandings that equate RTs with sessions. There are certainly =
times where we want that (see mentions earlier of the online_access =
discussions) but there are also cases where the ability of a client to =
refresh ATs needs to survive session boundaries (offline_access) and =
confusing the two are problematic. I don=E2=80=99t have a clear solution =
here, just pointing out a potential point of confusion. Maybe there will =
be more opportunities to clarify later in the =
spec.
     
    =C2=A77<=
/o:p>
    P1=

    An important =
case to call out is the AS-RS colocation, where neither introspection =
nor token format agreements are necessary. I suggest mentioning it =
openly.
     
    =C2=A77.2
    =E2=80=9Cbear=
er tokens may be extended to include proof-of-possession=C2=A0 =
techniques by other specifications=E2=80=9D sounds like an oxymoron. =
Wouldn=E2=80=99t PoP make the token no longer bearer by the very =
definition above?
    It looks =
like we might need a term for simply =
=E2=80=9Ctoken=E2=80=9D.
     
    =C2=A77.2.1
    Do we also =
want to forbid two tokens in the same request, using different methods? =
Current language only constraints the behavior of one =
token.
     
    =C2=A77.2.3
    The =
=E2=80=9Cinsufficient_scope=E2=80=9D description here is problematic. =
The privileges the AT carries/points to are not necessarily (or =
exclusively) represented by the included scopes (eg the RO might have =
granted document:read to the client, but RO might have no privileges for =
the particular document being requested in this particular call). It =
might be useful to specify that =E2=80=9Cinvalid_scope=E2=80=9D should =
be used for authorization errors that can be actually expressed in terms =
of delegated authorization, leaving to RS implementers the freedom to =
handle other authorization issues (eg user privileges, RBAC, etc) with a =
different error code. Or at least, we should be clear that authorization =
logic not expressed via scopes is out of scope (pun not intended) for =
this specification.
    Note, this =
isn=E2=80=99t an abstract problem: there are SDKs out there that use =
=E2=80=9Cinvalid_scope=E2=80=9D for every permission issues. Very =
confusing.
     
    =C2=A77.3.1
    We rewrite =
portions of 6750 in oauth2.1, but here we refer to it as its own =
spec=E2=80=A6 that could be confusing as it=E2=80=99s unclear which =
parts of 6750 are overridden by oauth2.1 (eg no more querystring) and =
what parts remain normative. Perhaps we can call those things out in the =
sections meant to replace the corresponding sections in =
6750.
     
    =C2=A77.4.2
    Pedantic: =
although the title of the section states it, wondering whether every =
instance of =E2=80=9Ctoken=E2=80=9D here should be =E2=80=9Caccess =
token=E2=80=9D instead. Think of cases in which the spec is quoted in =
discussions and disputes, where snippets can be pasted and mentioned =
outside of the context of this =
section.
    P2=

    Referencing =
the JWT AT profile as an example of extension providing the info out of =
scope for the core might help the reader grok a concrete =
example.
     
    =C2=A77.4.3.5=

    =E2=80=9Cone =
hour or less=E2=80=9D seems very arbitrary, and breaks step in respect =
to what the spec does elsewhere (eg we don=E2=80=99t give any indication =
of how long an AS should wait to invalidate an RT for inactivity, but we =
do say the AS should do so). I would actually not provide any reference =
value here.
     
    =C2=A77.4.3.6=

    Another =
opportunity of referencing the JWT AT profile for a concrete example of =
detailed audience restriction guidance in =
ATs.
     
    =C2=A77.4.3.7=

    Besides the =
indications given to clients here, should we also give guidance to an RS =
to ignore tokens passed that way?
     
    =C2=A77.4.5
    Along the =
same lines of the comments about delegated authorization earlier for =
=C2=A77.2.3. I think it would be useful to acknowledge here that ATs =
might carry, and RSs might expect, authorization information that go =
beyond the delegated authorization for 3rd party API case =
that is core to OAuth- and remind the reader that those mechanisms are =
out of scope for oauth hence they shouldn=E2=80=99t expect those aspects =
to be addressed/handled/regulated by this specification. =

     
    =C2=A78<=
/o:p>
    As mentioned =
earlier, it seems a potentially confusing to reference the section of a =
document being superseded. I do see an issue in redefining here =
something already established and in use, hence I am not expecting this =
to change. Just wondering whether we need to provide a more explicit map =
of the sections in 6749 that are being updated by =
oauth2.1.
     
    =C2=A79<=
/o:p>
    Should we =
also say something about the scenario being chiefly 3rd party =
clients? We know lots of people use OAuth2 for 1st party =
scenarios and some considerations might differ. This might be an =
opportunity to finally make that =
clear.
     
    =C2=A79.1
    P1=

    Well, the AS =
doesn=E2=80=99t really use client auth... the active part here is the =
client itself. Perhaps the AS can require it, when =
possible.
    P2=

    Unclear. Are =
we saying that if it is possible to safely distribute keys to client, =
the AS MUST use client auth? That seems odd, there might be other =
reasons coming into play (cost, security posture) making that choice not =
viable. Or is the intent to say that the AS should not use client auth =
if the key distribution cannot be trusted? That sounds far more =
realistic, but then the language should be tweaked or the reader might =
pick the former interpretation.
    P3=

    The AS =
can=E2=80=99t really PREVENT creds forwarding as the RO machine might =
still have funny business going on (eg DNS attacks). Some softer =
language might be more accurate there. =

    P4=

    That sounds =
very abstract. What does it mean? That the AS should consider to issuing =
RTs to public clients? If that=E2=80=99s the case, we should just say =
so=E2=80=A6 tho without more details, I don=E2=80=99t know how =
actionable the guidance here will be. I can see BoFa requiring a user to =
reauth in their iPhone app after inactivity, but I don=E2=80=99t see =
Uber doing so for their app.. unless they produce long lived ATs, which =
isn=E2=80=99t what we want either.
    P5 =

    This could =
be clearer. The dynamic client registration case just flesh out the =
confidence level an AS can have in its identity, but does not offer a =
corresponding privilege level to it =E2=80=93 whereas the second case =
does mention assigned privileges explicitly. Also, pitting =
=E2=80=9Cdynamically registered client=E2=80=9D vs =E2=80=9Cweb =
application=E2=80=9D might suggest the app type is a factor, whereas =
AFAIK 7591 can be used for registering web apps too (whether that s wise =
or not is immaterial here).
    =C2=A79.2
    Should we =
say something about whether native clients should be allowed to be =
=E2=80=9Cupgraded=E2=80=9D as confidential clients in the future, or the =
other way round? I know of scenarios where people did that to preserve =
consent info, but that seem sketchy security =
wise.
    P3=

    The SHOULD =
here refers to a requirement that in 10.3.1 is a MUST. I don=E2=80=99t =
think the MUST is warranted (more about that in the 10.3.1 comments) but =
if we do keep it, it looks like the level should be coherent =
here.
    P4=

    That example =
is compatible with a SHOULD- works now, but would look odd if =
we=E2=80=99d upgrade P3 with a MUST for coherence with =
10.3.1.
    P5=

    Inclusion =
where/how? We should be precise IMO. If it=E2=80=99s just registration =
material (eg not part of the redirect URI), we should mention how we =
expect it to be used in the context of OAuth- and if we don=E2=80=99t =
know, perhaps we should not mention it here. =

     
    =C2=A79.3
    P1=

    I know it =
becomes clearer later on, but I think it would help here to explicitly =
call out confidential and credentialed client as the subject of this =
sentence. Those are the only client types with credentials, hence the =
current language is formally correct. This is just for =
clarity.
    P2=

    I thought we =
require redirect URI registration in all cases? This makes it sound =
it=E2=80=99s only for public clients.
    P3=

    I have been =
in various discussions where people were attempting to interpret what =
=E2=80=9Cexplicit RO authentication=E2=80=9D means in practice. Is it a =
full credential prompt regardless of whether one session already exists? =
A selection between existing sessions, if =
present?
    P4=

    This is =
unclear. As it currently reads it seems to prohibit things like getting =
a new authz code silently via iframe (and prompt=3Dnone or equivalent UX =
suppressing mechanism, please ignore the ITP complications for the sake =
of argument). 
     
    =C2=A79.3.1
    P1=

    I =
don=E2=80=99t follow this sentence. The client identity cannot be proved =
for public clients (see also next P), and the native apps are public =
clients unless otherwise specified (eg =
credentialed).
    P2=

    I find this =
misleading. Client side measures such as claimed schemes, domains etc =
might work to prevent an app impersonating another app on the same =
device/OS, but they aren=E2=80=99t guaranteed to be honored on other =
operating systems. The AS has no way of knowing whether those measures =
have been enforced on the client, hence it should not accept them as =
proof.=C2=A0 
     
    =C2=A79.4.1
    This is =
another place where a reference to the JWT AT profile would provide a =
concrete example of the conditions set forth here (eg RS guidance for =
audience validation).
    Also, as =
mentioned earlier, it might be useful to remind the reader that the AS =
might include in the token authorization information that go beyond the =
delegated authz scenario OAuth2.x concerns itself with, and that those =
aspects are beyond the scope of this specification.=C2=A0 That would =
truly go a long way preventing people from abusing and overextending the =
spec on scenarios it is not meant to =
address.
    And even for =
the canonical scenarios, it might be useful to remind the reader that =
the RS might have extra logic not described in this spec that determines =
whether the call will be authorized or otherwise- to dispel the notion =
that the AS is always the sole source of truth for authorization. =

     
    =C2=A79.4.2
    P2=

    Clarifying =
that MTLS is one instance of the sender constraint methods just =
mentioned would prevent some readers considering that an independent, =
additional constraint.
     
     =
=C2=A79.5
    In =C2=A76.1 =
we give more details about protection, should we have a backward =
reference to that section here?
    P2=

    Is it worth =
to specify that it doesn=E2=80=99t matter how the AS tracks the binding? =
(eg server side or embedded in the RT bits =
themselves).
     
    =C2=A79.6
    P1=

    This =
language makes the assumption that for client cred grants, the sub will =
take on the client_id value. That it certainly possible, but not a =
given. As such, the language here should be explicit abouty the fact =
that it=E2=80=99s what we are expecting to happen in this particular =
scenario.
    P2=

    Referring to =
the client as the actor here is confusing as soon as you move beyond =
client_id. When you talk about rhe sub or any other value, it=E2=80=99s =
not as much the client as it is the developer who owns the client. The =
difference is subtle but might be a source of =
confusion.
     =

    =C2=A79.7
    P3=

    I thought =
that we were going to make PKCE or nonce the only two mandatory =
alternatives? Nothing against supporting state as an accepted way to =
achieve this, just surprised as I recall people being quite adamant =
about pushing PKCE.
    P4=

    Looks like =
the iss response parameter might make the distinct redirect URIs =
unnecessary?
     
    =C2=A79.7.1
    The guidance =
in this section isn=E2=80=99t likely to be widely followed, but I =
understand the rationale behind it.
     
    =C2=A79.8
    P2=

    That=E2=80=99=
s probably obvious, but I think we should specify that those multiple =
attempts should come with the expected code verifier as well for the =
revocation logic to be triggered- if it=E2=80=99s just the code without =
verifier, it doesn=E2=80=99t look like the leak went far enough to =
warrant that intervention.
    P4=

    If this =
holds, then the remark about the use of state for CSRF in =C2=A79.7 P3 =
seems unnecessary.
    P9=

    The use of =
MUST here seems incompatible with the concession of using nonce instead =
of PKCE. Either we allow it or we =
don=E2=80=99t=E2=80=A6
     =

    =C2=A79.11
    P1=

    Now that we =
no longer trade in RO passwords, should we mention them here? Sure, if =
the AS uses passwords they do need protection, but so do lots of other =
things the AS might use as part of auth that we don=E2=80=99t mention =
here for Occam=E2=80=99s razor. 
    P3=

    What other =
means are we referring to? 
     
    =C2=A79.12
    =E2=80=9Cserv=
ice providers=E2=80=9D occurs for the first time in the document here. =
Tying the guidance to entities already mentioned in the doc (clients, =
AS) might make things clearer/more =
actionable.
     
    =C2=A79.13
    I understand =
that some of the comments in this area should be done on the BCP rather =
than here, but here we are. That =
said=E2=80=A6
    Blanket =
comment: this section seems to assume native app =3D=3D mobile app, and =
that=E2=80=99s not strictly the case. Desktop apps have different =
characteristics and desktop OSes different capabilities. Would be =
clearer to make a distinction when relying on mobile OS capabilitesas =
we=C2=A0 appear to do here.
    P2=

    Embedded =
user-agent !=3D fake external user agent, but P2 uses that =
interchangeably. A desktop app might use an embedded browser for UX =
reasons and making no attempt whatsoever to disguise that as an external =
agent. And I would be pretty surprised to see a malware remover get rid =
of google drive for Mac, or Adobe products, or Office- all native apps =
using embedded user-agents for =
authentication.
    P3=

    It=E2=80=99s =
unclear how the AS would do that, given that user agent strings can be =
faked. Google has its ML based secret sauce, but that might not be =
accessible by everyone.
    P4=

    This is =
mobile specific, doesn=E2=80=99t apply to desktop apps as readily. Also =
unclear how that would change for the end user, given that pixel perfect =
replicas can easily include fake address bars. More details on how a =
user would detect an actual browser (presence of an existing session, =
access to bookmarks etc) might add enough color to help the reader truly =
understand the extent of the remedy power (or its true limits). =

     
    =C2=A79.14
    There=E2=80=99=
s no action for the reader here. If that reflects the actual situation =
(none of the roles described in this spec can do anything to mitigate or =
contain the damage, and solutions to prevent the situation lie outside =
its purview eg use MDM software on your corporate devices) we should =
explicitly say so.
     
    =C2=A79.15
    A bit odd =
that we used CSRF throughout the document assuming the reader was =
familiar with it, but here we attempt a definition. =

    Still =
confused on how we admit state as a valid mechanism, as opposed to =
limiting to nonce and PKCE. Also note the potential discrepancy called =
out earlier in which at code redemption time we appear to require PKCE, =
in contrast to admitting nonce/state =
here.
     
    =C2=A79.18.2<=
o:p>
    Wondering if =
here we should go as far as recommending the AS keeps dynamic client =
registration OFF when it=E2=80=99s not needed. That might provide good =
secure by default guidance for AS SDKs and product =
developers.
     
    =C2=A79.19
    I assume =
we=E2=80=99d add the =E2=80=9Ciss=E2=80=9D response parameter as =
alternative to the requirements here?
     
    =C2=A79.20
    P1, P2, =
P3
    The security =
properties described here do not apply as is to desktop apps using =
embedded browsers.
    As mentioned =
earlier, on the desktop the separation between apps isn=E2=80=99t as =
stark as on mobile- the keystrokes message pump is potentially =
accessible at the user session level, encompassing multiple =
applications. Although process separation mechanisms are in place, the =
circumstances of the execution and the OS specific features in this =
respect determine the degree to which entering credentials in one =
process makes the data inaccessible by another. We should not claim =
advantages we cannot guarantee, and we should be explicit about what =
measures specific to dekstops should be considered to mitigate risks eg =
not executing apps as admins, enable and use UAC at the right level on =
Windows or equivalent on other OSes, use app sandboxing when the OS =
supports it, etc. Not suggesting we call out specific technologies like =
UAC, but at least point at the category of security =
measures.
    P4=

    As mentioned =
above, the presence of the address bar can be easily faked by pixel =
perfect replicas- relying on those is security =
theater.
    P5=

    This is a =
valid concern, but if we want to frame it in the context of the security =
considerations section we need to add more color (eg minimizing the =
situations in which one needs to enter creds is good security =
practice).
     
    Another =
thing we might add as lowlight for embedded browsers: password managers =
might not work, making the user=E2=80=99s life difficult and possibly =
promoting insecure situations (eg placing a random pwd in the clipboard, =
where other apps might later steal it =
from).
    =C2=A79.21
    Do we need =
this here, given that we cover this in depth =
earlier?
     
    =C2=A710=

    I find this =
subdivision confusing. We have native clients considerations scattered =
throughout the entire specification, but now we have a dedicated section =
that somewhat repeats some of the points already made while interleaving =
new ones. Perhaps having a more specific section title, one that better =
characterizes the content and intent of this section, would avoid giving =
the impression that if the reader is interested in native clients, this =
is the only section they need to read.
    P2=

    See =
discussion so far on native vs =
desktop.
    Also: I have =
been in ferocious discussions where people thought the external user =
agent HAD to be the browser, which we know isn=E2=80=99t the case (hero =
apps like the FB SDK or OS features like sign in w Apple work just as =
well). Some language here giving a nod to those non-browser external =
user agents might help clarify.
    P4=

    See previous =
discussion on mobile!=3Ddesktop.
    P5=

    I=E2=80=99d =
always qualify the =E2=80=9Cbrowser=E2=80=9D with system, external, =
device etc given that some reader calls the embedded user-agent =
=E2=80=9Cembedded browser=E2=80=9D, hence just saying =
=E2=80=9Cbrowser=E2=80=9D without modifiers is =
ambiguous.
    User =
authentication state.. on the device. I think specifying it will clarify =
what this really means.
     
    =C2=A710.1
    Unless you =
scope this statement to MOBILE apps, I think the MUST here should be a =
SHOULD. 
    The security =
posture of the desktop is different enough, and the quality of the user =
experience when using a system browser bad and disomogeneous enough, =
that a MUST isn=E2=80=99t justified =
here.
     
    =C2=A710.2
    Beware of =
the native-mobile false equivalence =
here.
    P3=

    One or two =
examples of non-browser external user agents might =
help.
    P4=

    Text pasted =
here is technically not a best practice but =
core.
    I see there =
are examples here, so no need to add them in =
P3.
    It=E2=80=99s =
unclear why the external browser is RECOMMENDED here- if it=E2=80=99s =
because we can=E2=80=99t go in details of the behavior of non browser =
apps, it seems like we should say that much rather than making a =
recommendation. In other words, RECOMMENDED expresses a strong =
preference for it, but if I am on iOS and I want to sign in with =
Facebook I am actually better off using their SDK both for security and =
user experience reasons than to use the system =
browser.
     
    =C2=A710.3
    Requesting a =
MUST for all 3 methods seems restrictive=E2=80=A6 why not requesting at =
least one?
     
    =C2=A710.3.1<=
o:p>
    P3=

    This seems =
unnecessarily restrictive. 3.8 in 7595 is mostly SHOULDs, and it refers =
to organizations rather than individuals. Not every developer owns a =
domain, not every app goes on an app store and is meant for general =
public consumption. An organization sideloading apps on managed devices =
should not be forced to follow those constraints if they control the =
environment and aren=E2=80=99t worried about other apps competing for =
the same schema, but placing a MUST here might compel SDK developers to =
embed validation checks that would make developers on those =
circumstances deal with complexity without any security upside. In fact, =
apps should not even be required to have internet access in the general =
case but this requirement does impose that. =

    I think this =
is an important best practice that should be encouraged, RECOMMENDED or =
even SHOULDed , but it shouldn=E2=80=99t be a MUST in the core =
specification.
     
    =C2=A710.3.2<=
o:p>
    P4=

    Like =
everything happening on the client, the AS cannot really take that as =
guarantee. What might be true for an app running on iOS might not apply =
if the requests are all manufactured via cURL on a Linux box. The scope =
of those measures is really limited to one particular device or devices =
sharing an OS, outside of that cohort there are no =
guarantees.
     
    =C2=A710.3.3<=
o:p>
    This section =
should come with glaring warnings, anything actively listening on the =
client extends the attack surface- an app listening on the loopback =
might now get affected by exploits in the local HTTP driver/local =
network stack and taken over, executing with the same privileges as the =
user (remember https://www.rapid7.com/db/vulnerabilities/WINDOWS-HOTFIX-MS15-034/=
). The fact that the loopback is only accessible locally only reduces =
the risk but doesn=E2=80=99t eliminate it, a local process with lower =
privileges might use that exploit for elevation of privileges for =
example. We should at least recommend that the app hosting the loopback =
adapter runs with low privileges, reiterate the =E2=80=9Clisten only =
when you must=E2=80=9D and generally warn about the extra attack =
surface.
    As AS I =
might not want to support this method at all, both for security reasons =
and for the extra logic the wildcard port entails at registration and =
request serving times, but right now the spec forces me to- more reasons =
for relaxing the MUST for all 3 methods as mentioned =
earlier..
     
    =C2=A712=

    I am not =
exactly sure where to place the following- this section (or a =
subsection) might be the best fit.
    As mentioned =
during the interim meeting, the omission of the implicit flow in =
OAuth2.1 has already caused a lot of people to interpret this as an =
indirect deprecation of the use of implicit flow by OpenID Connect for =
obtaining ID_tokens, either via traditional=C2=A0 response_modes or via =
form_post.
    We already =
debated and concluded that the reasons that led to the omission of the =
implicit grant in 2.1 do not apply to ID_tokens, hence there=E2=80=99s =
no reason for people to stop using OpenID Connect that way. =

    Formally we =
are in the clear, as OIDC is vased on 2.0 the omission of implicit here =
does not prevent it as extension grant in OIDC anyway- but the formal =
stance doesn=E2=80=99t help in preventing the confusion and assuaging =
the concerns of the developers who aren=E2=80=99t as well versed as the =
people on this list in all things =
specifications.
    Because of =
this, I recommend we add some language here that prevents that =
confusion. Something like 
     
    *=C2=A0 The Implicit =
grant ("response_type=3Dtoken") is omitted from =
this
    =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 specification as =
per Section 2.1.2 of[I-D.ietf-oauth-security-topics]
    Please note: the omission of the =
implicit grant from this specification does not automatically imply that =
other extension grants obtaining credentials directly from the =
authorization endpoint should also be discarded. For example, the =
implicit flow defined in Section 3.2 of [OIDC] remains valid for all the response_type values not =
including =E2=80=9Ctoken=E2=80=9D. 
     
    Although it =
might be a bit unusual to refer to details of specs from other entities, =
this spec already mentions OpenID 9 times even excluding =C2=A714.2- and =
as soon as the browser apps section will be included, that number is =
certain to rise. And the confusion on this point is truly widespread- =
adding language along the lines of the above directly in the core would =
go a long way to save a lot of grief.
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
    ------=_NextPart_000_18B5_01D6CD75.FBB13250-- From nobody Tue Dec 8 16:55:58 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4CF6D3A07DF for ; Tue, 8 Dec 2020 16:55:56 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.096 X-Spam-Level: X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v0SVHbzlB4Uz for ; Tue, 8 Dec 2020 16:55:49 -0800 (PST) Received: from mail-lj1-x231.google.com (mail-lj1-x231.google.com [IPv6:2a00:1450:4864:20::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 41FE33A07D1 for ; Tue, 8 Dec 2020 16:55:48 -0800 (PST) Received: by mail-lj1-x231.google.com with SMTP id m13so441127ljo.11 for ; Tue, 08 Dec 2020 16:55:48 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=B4W1rjheTGHtHPvvfyFf3SmQvBWocuUOKgEONU0u9nI=; b=gM6pPiEXU85SIX4CIWYoaG0J86sCqLzGafv9V0c2PraSnSSAWBzx+zY15RCMpEO6hD qnwN1V6aRXFRrid91jLN1qVibG/RDOUOo2h3a3fnS6zMXpvK7+xvbov5i2LSzpKsUTQR ohcnDZ0bRL81r3R00EcV8+Dgh2l3pZzvRRGd5kYTnFIeETxnbryqTXwoCnKU241vyxAl MpAVhtKhyMrOajpKdb46exFlBq+kvxUZM7Ov1Mds5TLPDyPfA/NztjTYLwS/RNpePGZk mJGcDACkDJuV8GSqtnRhvhEsblMGW7UZiJuofudmcth8vw4NOUbffgW6meotMV1JCaOi VhXQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=B4W1rjheTGHtHPvvfyFf3SmQvBWocuUOKgEONU0u9nI=; b=t/LjzYIWeceXlX8DApuResxdZVkjD7m+myngPGXsGme2f/gIfhiRQ8aN8BS4sAD7qc dJ1kV/TwsEODwaZjgs0dx04vsU2y1bcsuMfREQ5kvzBy6gz2W38/4Af6XRgCvaC54JdK 5Bo6+E+ygG2igONZM/dKyh9r9BEvuvG4QNLg7Ee1bWpanm09kFe9NJ+jnIV9HfjnTXU3 jpu28Jhj1Z/V/RfZ1uzRmcdlL07tG6v33WlIo0pg3Kwi1nk/jbZOX8BoGxzLwHhriaTg gMMGO5WnMRrlGWe4d5blPWZGWZGgePUEO+0QwreDlA4iGRDxCL/DZy77AdjjjMzEMPKU lHrQ== X-Gm-Message-State: AOAM531JxUUpPUJpPiFq8L1GojRokg3orUwfUhS4E66/lmNxxqrmfNid oe1xMTCg9VU7yBt5lBPY8cTiGYDf1x37YGZxjOsGqJPjwSU= X-Google-Smtp-Source: ABdhPJzighleGeyykRTWsPR3rsFjbnbHctP3R8aheyc0km9xhTADPbMlOItlGPjHOSJU8zu675BOZGdzh0qOQaeKhLE= X-Received: by 2002:a2e:9898:: with SMTP id b24mr144452ljj.248.1607475345973; Tue, 08 Dec 2020 16:55:45 -0800 (PST) MIME-Version: 1.0 References: <18b401d6cdb9$09cef410$1d6cdc30$@auth0.com> In-Reply-To: <18b401d6cdb9$09cef410$1d6cdc30$@auth0.com> From: Dick Hardt Date: Tue, 8 Dec 2020 16:55:08 -0800 Message-ID: To: Vittorio Bertocci Cc: oauth@ietf.org, Aaron Parecki , Torsten Lodderstedt Content-Type: multipart/alternative; boundary="000000000000fb67aa05b5fd845b" Archived-At: Subject: Re: [OAUTH-WG] Detailed review of OAuth2.1 X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Dec 2020 00:55:56 -0000 --000000000000fb67aa05b5fd845b Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Thank you very much for your detailed feedback Vittorio! =E1=90=A7 On Tue, Dec 8, 2020 at 3:22 PM wrote: > Dear authors, > > It took ages but I finally managed to go thru a full review of the curren= t > OAuth2.1 draft. Apologies for the delay. > > Metacomments: > > - The VAST majority of the comments are suggestions for improving > clarity, mostly on historical language coming from 2.0 that I found my= self > having to clarify to customers and colleagues over and over thru the y= ears. > None of those are critical. > - There are a few places where 2.1 requires a MUST I believe to be > unwarranted/too restrictive. For each of those I did my best to provid= e > context and concrete examples. > - A sizeable category of comments and disagreements on MUST come from > treating mobile and desktop apps as largely equivalent under the =E2= =80=9Cnative > app=E2=80=9D umbrella, despite of the vast gulf that separates the two= both in > terms of security posture and user experience. Again, I tried to be as > matter of fact as possible in there. > - The main reason for which I spoke up during the IETF interim on > oauth2.1 was the confusion the omission f the implicit grant caused am= ong > the devs using implicit in OIDC for obtaining ID_tokens. I suggested s= ome > language to pre-empt the issue, but I expect some iteration there. > > Thanks, > > V > > > > =C2=A71 > > I wonder whether we should take the opportunity offered by OAuth2.1 to > clarify frequent points of confusion about OAuth, by explicitly calling o= ut > in the introduction what is out of scope. > > For example: OAuth is not an identity protocol, as it doesn=E2=80=99t con= cern > itself with how resource owners are authenticated; OAuth isn=E2=80=99t me= ant to > address 1st party scenarios, although the reader is free to use it in > that context as well; and so on. > > I believe there is value in adding this in the introduction rather than > relegating it in some later considerations section, as the people who nee= d > this information the most rarely read past this point. > > > > =C2=A71.1 > > In the RS definition, wondering whether including the word =E2=80=9CAPI= =E2=80=9D would > help to clarify what an RS is in practice. > > > > =C2=A71.2 > > I always found this part extraordinarily difficult to decipher. I get tha= t > this is the first description and doesn=E2=80=99t have to be exhaustive a= nd > consider all cases (eg it=E2=80=99s ok if step 3 claims that the client > authenticates w the AS even tho that=E2=80=99s only for confidential clie= nts), but > I think it could be much clearer than it is today. > > Step 1 says > > The client requests authorization from the resource owner. The > authorization request can be made directly to the resource owner (as > shown), or preferably indirectly via the authorization server as an > intermediary. > > Besides the fact that =E2=80=9Crequests authorization=E2=80=9D is a bit v= ague, this step > and the corresponding diagram leg does not correspond at all to what > normally happens- to get a code, the client does need to hit the AS and t= he > mention in passing in the text isn=E2=80=99t enough to figure that out. A= lso, with > the omission of ROPG there really isn=E2=80=99t any way of asking anythin= g to the > RO directly (the client creds doesn=E2=80=99t involve the RO). > > I would recommend updating that diagram to be more descriptive of the > canonical scenario. > > Step 2 > > mentions the 2 grants defined in the spec, but only one of them represent= s > the RO=E2=80=99s authorization. Claiming that the client itself is the RO= is a > formalism that doesn=E2=80=99t meet the reader=E2=80=99s intuition at thi= s point. > > Step 5 > > The language here triggered multiple discussions, in particular on whethe= r > the AT can actually be used to ascertain the identity of the client =E2= =80=93 that > isn=E2=80=99t the case for public clients, for example; besides, that=E2= =80=99s not really > the highest order bit of the AT. If it is, it seems that the spec should = be > more explicit about how client identification from the RS by means of an = AT > works. If it isn=E2=80=99t, perhaps we should change the language to omit > authenticate. > > The last paragraph is emblematic IMO =E2=80=93 if the preferred method is= very > different from the diagram here, and if the abstraction presented here is > not terribly useful (given that we no longer have multiple RO based grant= s, > excluding the extension grants that are still too far at this point to > warrant a cognitive downpayment for the reader) I wonder whether we=E2=80= =99d be > better off doing the authz code diagram directly (and mention that we als= o > have the client creds grant separately). > > > > =C2=A71.3 > > I understand that we can=E2=80=99t really change this because we inherit = from > OAuth 2 but I=E2=80=99ll mention it anyway- modeling clients as ROs is pr= oblematic, > as it doesn=E2=80=99t often match what happens in practice. A confidentia= l client > might batch-read a user=E2=80=99s inbox searching for ad words, but the r= esource > owner remains the user. > > I know we straighten things up in 1.3.2, but the positioning here is > confusing. > > Also: isn=E2=80=99t the refresh token grant a core-specified grant as wel= l? I know > I am nitpicking. > > =C2=A71.3.1 > > We don=E2=80=99t say anywhere here that the authorization code can be exc= hanged > for an access token. It can be somewhat inferred from 1.2, but it=E2=80= =99s a bit > of an intelligence test (one needs to infer from authorization grant). > > P2 > > =E2=80=9Cobtains authorization=E2=80=9D could be more specific, to reinfo= rce that we are > doing a delegated flow. =E2=80=9CObtains=E2=80=9D seem to suggest that we= are talking about > consent, rather than AS side rules. If that=E2=80=99s the case, calling i= t out > might make the scenario clearer. > > P3 > > Both the benefits listed apply to confidential clients only. Not sure > whether calling it out here would help prevent confusion later on (eg > people thinking that public clients can prove their identity) or would > bring confusion on now (given that we didn=E2=80=99t differentiate betwee= n client > types yet). Either ways, formally we are OK here; I am just thinking how = to > make things clearer. Perhaps defining client types before grants might he= lp > being clearer here. > > > > =C2=A71.3.2 > > A concrete example of credential (eg shared secret) might help clarify > things here. Also, the fact that client credentials indicate both a grant > in itself and an artifact (which participates in other grants) is a well > know source of confusion. Wondering if calling this out here might help. > > > > =C2=A71.4 > > In general, we use =E2=80=9Caccess token=E2=80=9D and =E2=80=9Ctoken=E2= =80=9D interchangeably- perhaps > pedantic, but I would suggest we always use =E2=80=9Caccess token=E2=80= =9D to prevent > confusion with refresh tokens later on, and other token types in other > contexts (eg think ID tokens). > > P1 > > The client should treat the AT string as opaque, but that doesn=E2=80=99t > necessarily means it is: in some cases the client CAN see inside the toke= n, > and with the current language they might interpret it as =E2=80=9Cin this= case, > it=E2=80=99s OK to look- otherwise they would have made it opaque, per th= e spec=E2=80=9D. > > > > =C2=A71.5 > > The first phrase of P1 is wonderfully clear. We should have the equivalen= t > in =C2=A71.3.1 > > Not having defined a mechanism for requesting a RT here, leaving it to > ASes to decide when and where, created the situation in which some AS onl= y > issues RTs when they get the offline_access scope, with all the unfortuna= te > consequences about RT lifetime vs session lifetime etc=E2=80=A6 I know we= can=E2=80=99t > really change this now as we don=E2=80=99t want to break existing AS > implementations, but wondering if there=E2=80=99s anything we can say to = further > clarify/give readers a headsup about the ambiguity/diversity of behaviors > they=E2=80=99ll encounter here. > > P2 > > It=E2=80=99s odd that we say =E2=80=9Cusually opaque to the client=E2=80= =9D for the RT while we > decisively said opaque for the AT. Also, the client shouln=E2=80=99t do a= nything w > the RT content hence I think the same considerations done for =C2=A71.4P2= apply > here. > > =E2=80=9CThe token denotes an identifier used to retrieve the authorizati= on information=E2=80=9D gets into the specifics of the implementation and i= t=E2=80=99s not universally true (some AS encrypt/sign the authz info in th= e RT itself and have no server state whatsoever. > > Step 3 > > Should we add a reference to RFC6750 here? > > > > =C2=A71.8 > > Should we say rich **delegated** authorization framework? > > > > =C2=A72 > > =E2=80=9Cend-user interaction with an HTML registration form=E2=80=9D is = oddly specific =F0=9F=98=8A in particular, I think =E2=80=9Cend user=E2=80= =9D might be misleading. We can either say =E2=80=9Cinteractive=E2=80=9D or= refer =E2=80=9Cthe client app developer=E2=80=9D or equivalent. > > Overkill but I=E2=80=99ll mention it anyway. Should we say that typically= the client registration in the non-dynamic scenario occurs in authenticate= d settings? Not strictly necessary but might help the reader to tie what we= say in this section with their concrete experience. > > > > =C2=A72.1 > > P4 > > =E2=80=9CAuthorization servers SHOULD consider the level of confidence in= a client's identity when deciding whether they allow such a client access = to more critical functions, such as the Client Credentials grant type.=E2= =80=9D > > I don=E2=80=99t understand this sentence. Is the client credentials grant= type a =E2=80=9Cmore critical function=E2=80=9D? Or is it a level of confi= dence? Either ways, I think it needs clarifying. > > P5 > > IMPORTANT: this is going to break many OAuth implementations with signifi= cant adoption. Auth0 is fine (each client_id is tied to a single client typ= e) but I know of others that will break. > > I suggest softening to a SHOULD NOT. > > =E2=80=9Cbrowser-based application=E2=80=9D > > I am not convinced this is so much easier than the original =E2=80=9Cuser= -agent-based=E2=80=9D. I understand the advantages (dovetails w the BCP, mo= re precise given that apps can be user agent as wells nowadays, more famili= ar) however the break w 2.0 terminology is jarring. I don=E2=80=99t feel ve= ry strongly about it but enough to type it. > > > > =C2=A72.2 > > It=E2=80=99s a bit odd to define the client identifier like it=E2=80=99s = something brand new when =C2=A72.1 already introduced it. This language fro= m the original 2.0 might need to be revised to accommodate that change. > > Wondering whether a warning against structured client_ids (eg identifiers= assembled thru some string template, like developer name+region+serial) wo= uld be in order. Perhaps in the security considerations? > > > > =C2=A72.3 > > P1 > > That sounds vaguely circular, given that being assigned credentials might= be considered part of the =E2=80=9Cestablish a client authentication metho= d=E2=80=9D task listed there. I=E2=80=99d simply say =E2=80=9Cif the client= is confidential or credentialed=E2=80=9D. > > P2 > > I=E2=80=99d add =E2=80=9Cby the authorization server=E2=80=9D for good me= asure. > > P3 > > That sounds vague. Shouldn=E2=80=99t it be mandatory for the AS to requir= e client auth for the client types who have creds? =E2=80=9Cif possible=E2= =80=9D seem to open the possibility of circumstances where that=E2=80=99s n= ot he case. > > P5 > > I think that this idea of identifying the client will need to be fleshed = out more for people to fully understand it. Credentialed clients can prove = that they are the same client instance across multiple transactions, which = some might consider a weak form of identification. To rule that out, it has= to be mentioned upfront IMO. If not here, in some of the considerations se= ction=E2=80=A6 with a forward reference here. > > P6 > > Do we say why anywhere? If yes, we should reference it. If not, perhaps w= e should. > > > > =C2=A72.3.1 > > We no longer mentioned the empty client secret, but we don=E2=80=99t forb= id it either. What=E2=80=99s our stance? > > > > =C2=A72.3.2 > > In =C2=A72.3 we mention MTLS, private_key_jwt, but here we just point the= reader to IANA. It looks like echoing those methods here might help clarit= y. > > > > =C2=A73.1 > > Last paragraph > > I have been in discussions where readers interpreted this as =E2=80=9Cyou= cannot send custom parameters to the authorization server=E2=80=9D. To pre= empt that mistake, we mighr consider calling out that custom extensions _ar= e_ permitted as long as the AS supports them. I know that=E2=80=99s what th= e current language says already. > > > > =C2=A73.1.1 > > Wondering if referring to some specific, well known extensions (like OIDC= ) might help readers to better understand this point. > > > > =C2=A73.1.2 > > RFC3986 6.2.1 talks about character by character comparison, but doesn=E2= =80=99t mention case sensitivity. I am sure it does elsewhere in the spec, = but for clarify and readability I recommend specifying the desired behavior= directly here. > > > > =C2=A73.1.2.1 > > Personally, I would advocate for a MUST here. True, lots of people won=E2= =80=99t comply at development time, but I think that=E2=80=99s OK as long a= s they do use TLS when going in production. > > Also, SameSite changes are making the use of HTTPS at dev time more and m= ore common. If OAuth2.1 is about picking the best of the security practices= , this seems like a an obvious candidate. > > > > =C2=A73.1.2.2 > > P3 > > =E2=80=9Clack of requiring=E2=80=9D doesn=E2=80=99t sound proper. > > > > =C2=A73.2 > > P2 > > Should we also say that the spec doesn=E2=80=99t care about _when_ the cl= ient obtains the endpoint? > > Last P > > Same considerations as =C2=A73.1 > > > > =C2=A73.2.1 > > P1 > > That=E2=80=99s stricter than =C2=A72.3P3 =E2=80=93 I think the language t= here should be tweaked to be coherent with the one here. > > > > =C2=A73.3 > > Wondering if the =E2=80=9Cscope strings order does not matter=E2=80=9D po= int should be somehow emphasized or clarified. I know of implementations wh= o considered heuristics such as =E2=80=9Cif the scopes requested correspond= to multiple resources, I=E2=80=99ll show consent for all byt the token eve= ntually issued when redeeming the code will have as audience the resource c= orresponding to the FIRST requested scope=E2=80=9D, which would violate the= order invariant requirement. > > > > =C2=A74 > > Potentially VERY confusing. I would recommend to be more specific and sta= te that =E2=80=9COAuth *2.1* defines two grant types=E2=80=9D. > > > > =C2=A74.1 > > Diagram > > Not critical. But I want to point it out. The first time I saw this diagr= am I found it confusing. The fact that the same numeral is assigned to mult= iple legs is just odd for anyone not already familiar with the flow, possib= ly still struggling to understand the client as a service side component. > > Also, now that we have mighty SVG support, I would strongly advocate for = a modern version of this diagram (there lines perhaps don=E2=80=99t need to= be broken into segments). > > Step 5 > > =E2=80=9Coptionally, a refresh token=E2=80=9D is too vague IMO. I will lo= ok for opportunities to clarify later in the spec, given that this might no= t be the best place to go in details. > > > > =C2=A74.1.1 > > Overall: a high summary of the steps in this preamble might help. The cur= rent denormalization in subsection can be pretty hard to follow for someone= seeing this for the first time. > > Also: creating challenge and verifier BEFORE assembling the request seems= profoundly counterintuitive to me, as it emphasizes a security measure ove= r the core function of this leg of the flow. Unless there=E2=80=99s a crypt= o reason for this current sequencing that I can=E2=80=99t see, I recommend = first creating the core request (what=E2=80=99s now 4.1.1.3) and then attac= hing challenge and verifier. Also, sending the message can be its own subse= ction rathe than being conflated with the last message composition subsecti= on. > > P1 > > =E2=80=9Cto begin=E2=80=9D remains a bit suspended, given that there=E2= =80=99s no obvious segue on what constitutes the steps after the beginning. > > P2 > > =E2=80=9Clater use with the authorization code=E2=80=9D could be clearer,= e.g. =E2=80=9Cat authorization code redemption time=E2=80=9D. At this poin= t that might still not be obvious for the reader. > > Mentioning the provenance of properties (parameters?) code_challenge and = code_verifier without first having introduced them might confuse people not= already familiar with them and the request process in general, as their fu= nction will not be obvious not naturally map with the preceding sentencer. > > P3 > > Imposing a MUST before knowing what those this are yet is not as clear as= it would be if this would be stated after their use and function has been = explained. > > > > =C2=A74.1.1.3 > > On state. Given the change vs OAuth2, I think it might be helpful to call= out the relevant section on the appendix about differences to help people = familiar w 2.0 not to miss this important change and avoid doing work twice= . > > > > =C2=A74.1.2 > > P2 > > Should we say that the code should be opaque to the client, to discourage= the use of structured code templates that can be partially manufactured? > > P8 > > =E2=80=9Che server MUST NOT include the "code_challenge" value in client= requests=E2=80=9D, was that meant to be =E2=80=9Cresponses=E2=80=9D? > > Qualifying =E2=80=9Cother entities=E2=80=9D (anyone but the AS?) might ma= ke this point clearer. > > > > =C2=A74.3 > > We mentioned extension grants in passing, but I don=E2=80=99t recall seei= ng a definition/description of their function in the context of the framewo= rk. Even a short sentence to that effect here would help, given that the se= ction title names them explicitly. Also, stressing that the device flow is = just one example and other extensions might differ (for example in their lo= gic to establish whether an access token request is valid and authorized) w= ould go a long way in helping the reader put this section in better focus. > > > > =C2=A75.1 > > On the access_token parameter. Given the discussions we had for the JWT A= T profile draft, I am wondering whether it should be called out here that t= he AT recipient is the RS, that the client should not expect to be able to = parse the access_token, and that the AS is under no obligation to use a con= sistent AT encoding outside of what is negotiated with the RS. I don=E2=80= =99t feel very strongly about this, or about where in the spec this should = be called out, but it sure would have made life easier in those discussions= - hence the comment. > > On the refresh_token parameter. The lack of details in how OAuth2 describ= es how/when an AS returns refresh tokens led to today=E2=80=99s complicated= situation in which many implementations issue RTs only when OIDC=E2=80=99s= offline_access is received in the scopes, as it was the only mention in pu= blic specs describing a concrete behavior. See the associated online_access= discussion on the OIDC list, as RTs gain importance as session artifacts o= f sort for SPAs now that implicit is dead and ITP makes iframe renewals pro= blematic. > > Unfortunately it is too late to be prescriptive here, as we cannot break = compatibility with whatever choices existing AS implementations made. Howev= er we can be more descriptive and give the reader a better idea of what=E2= =80=99s the range of possibilities. Some nonnormative examples of how exist= ing AS determine whether to issue an RT or not (eg as an option determined = at client registration time, or any other heuristic you guys encountered in= the wild) might help people to better understand their options and the int= ent of the specification here. > > =C2=A75.2 > > It might help to remind the reader here that extensions to the core spec = might specify or further specialize circumstances in which the errors menti= oned here are returned (for example, see the validation errors in the JWT A= T profile). There=E2=80=99s a mention of that in =C2=A77.3.1 but that=E2=80= =99s pretty far, and having even brief language here might be handy for peo= ple reading the spec for reference rather than cover to cover. > > > > =C2=A76 > > P1 > > I think the risk assessment is just one of the factors an AS might use to= decide whether to issue an RT or not. The current language suggests risk i= s the only determinant in that decision and that doesn=E2=80=99t seem right= . > > Saying that one might refresh tokens using other grants seems odd. A new = authorization code grant gets me a new token and offers me the opportunity = to describe what token I want (scopes etc), the fact that I might choose to= ask the exact same things I asked in the original request is expediency. I= would rather phrase this as the fact that the client can simply repeat the= original request, and external factors such as cookies, sessions and other= auth method specific options may allow the client to do so without prompti= ng the user. > > P2 > > We might need to be more precise here. Do we mean the scopes consented by= the RO in the request that led to the issuance of the RT being used? Just = saying consented by the RO for the client does not exclude cases in which t= here are more instances of the client in operation. Say that I am running u= ber on phone 1 and I consent to read my google calendar, getting AT1 and RT= 1. Say that on phone 2 I also run the uber app, and this time I consent to = write my google calendar, obtaining AT2 and RT2 on this new device. Now con= sider the various combinations here. Should RT2 allow me to get calendar:re= ad too, given that it was already consented by RO for this client? Should R= T1 allow me to get AT1=E2=80=99 containing calendar:write, given that RO co= nsented for it when using a different instance of the same client? Whatever= is the answer you want to the questions above, I think the spec should hav= e language clear enough to unambiguously determine the desired behavior. > > > > =C2=A76.1 > > It=E2=80=99s a bit confusing that half of the RT use requirements is in = =C2=A76 (the requirement to authenticate confidential/credentialed clients)= and half is in here, with the only differentiator being the nature of the = client. This is pretty minor, but I think I would personally find clearer i= f all the requirements for the use of an RT would be consolidated in a sing= le place. It=E2=80=99s true that the public client reqs are a SHOULD, but s= till. > > Rotation. > > Wondering whether it would be wise to advise the reader to have their AS = revoke all the still valid ATs issued by the AS from the same session/famil= y of RTs upon detection of a RT reuse. It is not uncommon for clients to re= quest new ATs before their projected expiration. > > P6 > > I think the =E2=80=9CMAY=E2=80=9D here might be confusing when applied to= the rotation, as in either the AS does it, or the scenario won=E2=80=99t w= ork. I understand this is formally correct, but perhaps explicitly calling = out some cases in which the AS might decide to do otherwise and acknowledge= that in that case the client will be stuck might help clarify. Also, if th= e public client protection measures were in =C2=A76 instead of here, there = would be less opportunities for confusion as it would be easier to grok tha= t this doesn=E2=80=99t apply to the rotation case only (now adjacent) but t= o other RT reissuance cases as well (eg sliding expiration). > > On the identical scopes requirement. Say that after obtaining RT1, which = includes scopes s1 and s2 for client c1, the RO revokes authorization for c= 1 to use s2. Should the AS fail the RT redemption, or return an AT with onl= y s1 and a scopes parameter informing the client of the change? As develope= r I would prefer the latter, to preserve the experience: but if we are adam= ant about the current language, I think it might be useful to explicitly ca= ll out that any changes to the grant on the AS side should result in failur= e of the RT redemption. > > P7 > > Calling out deprovisioning of RO might be useful as well. > > On =E2=80=9Cthe logout at the AS=E2=80=9D event, that=E2=80=99s definitel= y a valid case but I worry about how presenting that alone might reinforce = misunderstandings that equate RTs with sessions. There are certainly times = where we want that (see mentions earlier of the online_access discussions) = but there are also cases where the ability of a client to refresh ATs needs= to survive session boundaries (offline_access) and confusing the two are p= roblematic. I don=E2=80=99t have a clear solution here, just pointing out a= potential point of confusion. Maybe there will be more opportunities to cl= arify later in the spec. > > > > =C2=A77 > > P1 > > An important case to call out is the AS-RS colocation, where neither intr= ospection nor token format agreements are necessary. I suggest mentioning i= t openly. > > > > =C2=A77.2 > > =E2=80=9Cbearer tokens may be extended to include proof-of-possession te= chniques by other specifications=E2=80=9D sounds like an oxymoron. Wouldn= =E2=80=99t PoP make the token no longer bearer by the very definition above= ? > > It looks like we might need a term for simply =E2=80=9Ctoken=E2=80=9D. > > > > =C2=A77.2.1 > > Do we also want to forbid two tokens in the same request, using different= methods? Current language only constraints the behavior of one token. > > > > =C2=A77.2.3 > > The =E2=80=9Cinsufficient_scope=E2=80=9D description here is problematic.= The privileges the AT carries/points to are not necessarily (or exclusivel= y) represented by the included scopes (eg the RO might have granted documen= t:read to the client, but RO might have no privileges for the particular do= cument being requested in this particular call). It might be useful to spec= ify that =E2=80=9Cinvalid_scope=E2=80=9D should be used for authorization e= rrors that can be actually expressed in terms of delegated authorization, l= eaving to RS implementers the freedom to handle other authorization issues = (eg user privileges, RBAC, etc) with a different error code. Or at least, w= e should be clear that authorization logic not expressed via scopes is out = of scope (pun not intended) for this specification. > > Note, this isn=E2=80=99t an abstract problem: there are SDKs out there th= at use =E2=80=9Cinvalid_scope=E2=80=9D for every permission issues. Very co= nfusing. > > > > =C2=A77.3.1 > > We rewrite portions of 6750 in oauth2.1, but here we refer to it as its o= wn spec=E2=80=A6 that could be confusing as it=E2=80=99s unclear which part= s of 6750 are overridden by oauth2.1 (eg no more querystring) and what part= s remain normative. Perhaps we can call those things out in the sections me= ant to replace the corresponding sections in 6750. > > > > =C2=A77.4.2 > > Pedantic: although the title of the section states it, wondering whether = every instance of =E2=80=9Ctoken=E2=80=9D here should be =E2=80=9Caccess to= ken=E2=80=9D instead. Think of cases in which the spec is quoted in discuss= ions and disputes, where snippets can be pasted and mentioned outside of th= e context of this section. > > P2 > > Referencing the JWT AT profile as an example of extension providing the i= nfo out of scope for the core might help the reader grok a concrete example= . > > > > =C2=A77.4.3.5 > > =E2=80=9Cone hour or less=E2=80=9D seems very arbitrary, and breaks step = in respect to what the spec does elsewhere (eg we don=E2=80=99t give any in= dication of how long an AS should wait to invalidate an RT for inactivity, = but we do say the AS should do so). I would actually not provide any refere= nce value here. > > > > =C2=A77.4.3.6 > > Another opportunity of referencing the JWT AT profile for a concrete exam= ple of detailed audience restriction guidance in ATs. > > > > =C2=A77.4.3.7 > > Besides the indications given to clients here, should we also give guidan= ce to an RS to ignore tokens passed that way? > > > > =C2=A77.4.5 > > Along the same lines of the comments about delegated authorization earlie= r for =C2=A77.2.3. I think it would be useful to acknowledge here that ATs = might carry, and RSs might expect, authorization information that go beyond= the delegated authorization for 3rd party API case that is core to OAuth- = and remind the reader that those mechanisms are out of scope for oauth henc= e they shouldn=E2=80=99t expect those aspects to be addressed/handled/regul= ated by this specification. > > > > =C2=A78 > > As mentioned earlier, it seems a potentially confusing to reference the s= ection of a document being superseded. I do see an issue in redefining here= something already established and in use, hence I am not expecting this to= change. Just wondering whether we need to provide a more explicit map of t= he sections in 6749 that are being updated by oauth2.1. > > > > =C2=A79 > > Should we also say something about the scenario being chiefly 3rd party c= lients? We know lots of people use OAuth2 for 1st party scenarios and some = considerations might differ. This might be an opportunity to finally make t= hat clear. > > > > =C2=A79.1 > > P1 > > Well, the AS doesn=E2=80=99t really use client auth... the active part he= re is the client itself. Perhaps the AS can require it, when possible. > > P2 > > Unclear. Are we saying that if it is possible to safely distribute keys t= o client, the AS MUST use client auth? That seems odd, there might be other= reasons coming into play (cost, security posture) making that choice not v= iable. Or is the intent to say that the AS should not use client auth if th= e key distribution cannot be trusted? That sounds far more realistic, but t= hen the language should be tweaked or the reader might pick the former inte= rpretation. > > P3 > > The AS can=E2=80=99t really PREVENT creds forwarding as the RO machine mi= ght still have funny business going on (eg DNS attacks). Some softer langua= ge might be more accurate there. > > P4 > > That sounds very abstract. What does it mean? That the AS should consider= to issuing RTs to public clients? If that=E2=80=99s the case, we should ju= st say so=E2=80=A6 tho without more details, I don=E2=80=99t know how actio= nable the guidance here will be. I can see BoFa requiring a user to reauth = in their iPhone app after inactivity, but I don=E2=80=99t see Uber doing so= for their app.. unless they produce long lived ATs, which isn=E2=80=99t wh= at we want either. > > P5 > > This could be clearer. The dynamic client registration case just flesh ou= t the confidence level an AS can have in its identity, but does not offer a= corresponding privilege level to it =E2=80=93 whereas the second case does= mention assigned privileges explicitly. Also, pitting =E2=80=9Cdynamically= registered client=E2=80=9D vs =E2=80=9Cweb application=E2=80=9D might sugg= est the app type is a factor, whereas AFAIK 7591 can be used for registerin= g web apps too (whether that s wise or not is immaterial here). > > =C2=A79.2 > > Should we say something about whether native clients should be allowed to= be =E2=80=9Cupgraded=E2=80=9D as confidential clients in the future, or th= e other way round? I know of scenarios where people did that to preserve co= nsent info, but that seem sketchy security wise. > > P3 > > The SHOULD here refers to a requirement that in 10.3.1 is a MUST. I don= =E2=80=99t think the MUST is warranted (more about that in the 10.3.1 comme= nts) but if we do keep it, it looks like the level should be coherent here. > > P4 > > That example is compatible with a SHOULD- works now, but would look odd i= f we=E2=80=99d upgrade P3 with a MUST for coherence with 10.3.1. > > P5 > > Inclusion where/how? We should be precise IMO. If it=E2=80=99s just regis= tration material (eg not part of the redirect URI), we should mention how w= e expect it to be used in the context of OAuth- and if we don=E2=80=99t kno= w, perhaps we should not mention it here. > > > > =C2=A79.3 > > P1 > > I know it becomes clearer later on, but I think it would help here to exp= licitly call out confidential and credentialed client as the subject of thi= s sentence. Those are the only client types with credentials, hence the cur= rent language is formally correct. This is just for clarity. > > P2 > > I thought we require redirect URI registration in all cases? This makes i= t sound it=E2=80=99s only for public clients. > > P3 > > I have been in various discussions where people were attempting to interp= ret what =E2=80=9Cexplicit RO authentication=E2=80=9D means in practice. Is= it a full credential prompt regardless of whether one session already exis= ts? A selection between existing sessions, if present? > > P4 > > This is unclear. As it currently reads it seems to prohibit things like g= etting a new authz code silently via iframe (and prompt=3Dnone or equivalen= t UX suppressing mechanism, please ignore the ITP complications for the sak= e of argument). > > > > =C2=A79.3.1 > > P1 > > I don=E2=80=99t follow this sentence. The client identity cannot be prove= d for public clients (see also next P), and the native apps are public clie= nts unless otherwise specified (eg credentialed). > > P2 > > I find this misleading. Client side measures such as claimed schemes, dom= ains etc might work to prevent an app impersonating another app on the same= device/OS, but they aren=E2=80=99t guaranteed to be honored on other opera= ting systems. The AS has no way of knowing whether those measures have been= enforced on the client, hence it should not accept them as proof. > > > > =C2=A79.4.1 > > This is another place where a reference to the JWT AT profile would provi= de a concrete example of the conditions set forth here (eg RS guidance for = audience validation). > > Also, as mentioned earlier, it might be useful to remind the reader that = the AS might include in the token authorization information that go beyond = the delegated authz scenario OAuth2.x concerns itself with, and that those = aspects are beyond the scope of this specification. That would truly go a = long way preventing people from abusing and overextending the spec on scena= rios it is not meant to address. > > And even for the canonical scenarios, it might be useful to remind the re= ader that the RS might have extra logic not described in this spec that det= ermines whether the call will be authorized or otherwise- to dispel the not= ion that the AS is always the sole source of truth for authorization. > > > > =C2=A79.4.2 > > P2 > > Clarifying that MTLS is one instance of the sender constraint methods jus= t mentioned would prevent some readers considering that an independent, add= itional constraint. > > > > =C2=A79.5 > > In =C2=A76.1 we give more details about protection, should we have a back= ward reference to that section here? > > P2 > > Is it worth to specify that it doesn=E2=80=99t matter how the AS tracks t= he binding? (eg server side or embedded in the RT bits themselves). > > > > =C2=A79.6 > > P1 > > This language makes the assumption that for client cred grants, the sub w= ill take on the client_id value. That it certainly possible, but not a give= n. As such, the language here should be explicit abouty the fact that it=E2= =80=99s what we are expecting to happen in this particular scenario. > > P2 > > Referring to the client as the actor here is confusing as soon as you mov= e beyond client_id. When you talk about rhe sub or any other value, it=E2= =80=99s not as much the client as it is the developer who owns the client. = The difference is subtle but might be a source of confusion. > > =C2=A79.7 > > P3 > > I thought that we were going to make PKCE or nonce the only two mandatory= alternatives? Nothing against supporting state as an accepted way to achie= ve this, just surprised as I recall people being quite adamant about pushin= g PKCE. > > P4 > > Looks like the iss response parameter might make the distinct redirect UR= Is unnecessary? > > > > =C2=A79.7.1 > > The guidance in this section isn=E2=80=99t likely to be widely followed, = but I understand the rationale behind it. > > > > =C2=A79.8 > > P2 > > That=E2=80=99s probably obvious, but I think we should specify that those= multiple attempts should come with the expected code verifier as well for = the revocation logic to be triggered- if it=E2=80=99s just the code without= verifier, it doesn=E2=80=99t look like the leak went far enough to warrant= that intervention. > > P4 > > If this holds, then the remark about the use of state for CSRF in =C2=A79= .7 P3 seems unnecessary. > > P9 > > The use of MUST here seems incompatible with the concession of using nonc= e instead of PKCE. Either we allow it or we don=E2=80=99t=E2=80=A6 > > =C2=A79.11 > > P1 > > Now that we no longer trade in RO passwords, should we mention them here?= Sure, if the AS uses passwords they do need protection, but so do lots of = other things the AS might use as part of auth that we don=E2=80=99t mention= here for Occam=E2=80=99s razor. > > P3 > > What other means are we referring to? > > > > =C2=A79.12 > > =E2=80=9Cservice providers=E2=80=9D occurs for the first time in the docu= ment here. Tying the guidance to entities already mentioned in the doc (cli= ents, AS) might make things clearer/more actionable. > > > > =C2=A79.13 > > I understand that some of the comments in this area should be done on the= BCP rather than here, but here we are. That said=E2=80=A6 > > Blanket comment: this section seems to assume native app =3D=3D mobile ap= p, and that=E2=80=99s not strictly the case. Desktop apps have different ch= aracteristics and desktop OSes different capabilities. Would be clearer to = make a distinction when relying on mobile OS capabilitesas we appear to do= here. > > P2 > > Embedded user-agent !=3D fake external user agent, but P2 uses that inter= changeably. A desktop app might use an embedded browser for UX reasons and = making no attempt whatsoever to disguise that as an external agent. And I w= ould be pretty surprised to see a malware remover get rid of google drive f= or Mac, or Adobe products, or Office- all native apps using embedded user-a= gents for authentication. > > P3 > > It=E2=80=99s unclear how the AS would do that, given that user agent stri= ngs can be faked. Google has its ML based secret sauce, but that might not = be accessible by everyone. > > P4 > > This is mobile specific, doesn=E2=80=99t apply to desktop apps as readily= . Also unclear how that would change for the end user, given that pixel per= fect replicas can easily include fake address bars. More details on how a u= ser would detect an actual browser (presence of an existing session, access= to bookmarks etc) might add enough color to help the reader truly understa= nd the extent of the remedy power (or its true limits). > > > > =C2=A79.14 > > There=E2=80=99s no action for the reader here. If that reflects the actua= l situation (none of the roles described in this spec can do anything to mi= tigate or contain the damage, and solutions to prevent the situation lie ou= tside its purview eg use MDM software on your corporate devices) we should = explicitly say so. > > > > =C2=A79.15 > > A bit odd that we used CSRF throughout the document assuming the reader w= as familiar with it, but here we attempt a definition. > > Still confused on how we admit state as a valid mechanism, as opposed to = limiting to nonce and PKCE. Also note the potential discrepancy called out = earlier in which at code redemption time we appear to require PKCE, in cont= rast to admitting nonce/state here. > > > > =C2=A79.18.2 > > Wondering if here we should go as far as recommending the AS keeps dynami= c client registration OFF when it=E2=80=99s not needed. That might provide = good secure by default guidance for AS SDKs and product developers. > > > > =C2=A79.19 > > I assume we=E2=80=99d add the =E2=80=9Ciss=E2=80=9D response parameter as= alternative to the requirements here? > > > > =C2=A79.20 > > P1, P2, P3 > > The security properties described here do not apply as is to desktop apps= using embedded browsers. > > As mentioned earlier, on the desktop the separation between apps isn=E2= =80=99t as stark as on mobile- the keystrokes message pump is potentially a= ccessible at the user session level, encompassing multiple applications. Al= though process separation mechanisms are in place, the circumstances of the= execution and the OS specific features in this respect determine the degre= e to which entering credentials in one process makes the data inaccessible = by another. We should not claim advantages we cannot guarantee, and we shou= ld be explicit about what measures specific to dekstops should be considere= d to mitigate risks eg not executing apps as admins, enable and use UAC at = the right level on Windows or equivalent on other OSes, use app sandboxing = when the OS supports it, etc. Not suggesting we call out specific technolog= ies like UAC, but at least point at the category of security measures. > > P4 > > As mentioned above, the presence of the address bar can be easily faked b= y pixel perfect replicas- relying on those is security theater. > > P5 > > This is a valid concern, but if we want to frame it in the context of the= security considerations section we need to add more color (eg minimizing t= he situations in which one needs to enter creds is good security practice). > > > > Another thing we might add as lowlight for embedded browsers: password ma= nagers might not work, making the user=E2=80=99s life difficult and possibl= y promoting insecure situations (eg placing a random pwd in the clipboard, = where other apps might later steal it from). > > =C2=A79.21 > > Do we need this here, given that we cover this in depth earlier? > > > > =C2=A710 > > I find this subdivision confusing. We have native clients considerations = scattered throughout the entire specification, but now we have a dedicated = section that somewhat repeats some of the points already made while interle= aving new ones. Perhaps having a more specific section title, one that bett= er characterizes the content and intent of this section, would avoid giving= the impression that if the reader is interested in native clients, this is= the only section they need to read. > > P2 > > See discussion so far on native vs desktop. > > Also: I have been in ferocious discussions where people thought the exter= nal user agent HAD to be the browser, which we know isn=E2=80=99t the case = (hero apps like the FB SDK or OS features like sign in w Apple work just as= well). Some language here giving a nod to those non-browser external user = agents might help clarify. > > P4 > > See previous discussion on mobile!=3Ddesktop. > > P5 > > I=E2=80=99d always qualify the =E2=80=9Cbrowser=E2=80=9D with system, ext= ernal, device etc given that some reader calls the embedded user-agent =E2= =80=9Cembedded browser=E2=80=9D, hence just saying =E2=80=9Cbrowser=E2=80= =9D without modifiers is ambiguous. > > User authentication state.. on the device. I think specifying it will cla= rify what this really means. > > > > =C2=A710.1 > > Unless you scope this statement to MOBILE apps, I think the MUST here sho= uld be a SHOULD. > > The security posture of the desktop is different enough, and the quality = of the user experience when using a system browser bad and disomogeneous en= ough, that a MUST isn=E2=80=99t justified here. > > > > =C2=A710.2 > > Beware of the native-mobile false equivalence here. > > P3 > > One or two examples of non-browser external user agents might help. > > P4 > > Text pasted here is technically not a best practice but core. > > I see there are examples here, so no need to add them in P3. > > It=E2=80=99s unclear why the external browser is RECOMMENDED here- if it= =E2=80=99s because we can=E2=80=99t go in details of the behavior of non br= owser apps, it seems like we should say that much rather than making a reco= mmendation. In other words, RECOMMENDED expresses a strong preference for i= t, but if I am on iOS and I want to sign in with Facebook I am actually bet= ter off using their SDK both for security and user experience reasons than = to use the system browser. > > > > =C2=A710.3 > > Requesting a MUST for all 3 methods seems restrictive=E2=80=A6 why not re= questing at least one? > > > > =C2=A710.3.1 > > P3 > > This seems unnecessarily restrictive. 3.8 in 7595 is mostly SHOULDs, and = it refers to organizations rather than individuals. Not every developer own= s a domain, not every app goes on an app store and is meant for general pub= lic consumption. An organization sideloading apps on managed devices should= not be forced to follow those constraints if they control the environment = and aren=E2=80=99t worried about other apps competing for the same schema, = but placing a MUST here might compel SDK developers to embed validation che= cks that would make developers on those circumstances deal with complexity = without any security upside. In fact, apps should not even be required to h= ave internet access in the general case but this requirement does impose th= at. > > I think this is an important best practice that should be encouraged, REC= OMMENDED or even SHOULDed , but it shouldn=E2=80=99t be a MUST in the core = specification. > > > > =C2=A710.3.2 > > P4 > > Like everything happening on the client, the AS cannot really take that a= s guarantee. What might be true for an app running on iOS might not apply i= f the requests are all manufactured via cURL on a Linux box. The scope of t= hose measures is really limited to one particular device or devices sharing= an OS, outside of that cohort there are no guarantees. > > > > =C2=A710.3.3 > > This section should come with glaring warnings, anything actively listeni= ng on the client extends the attack surface- an app listening on the loopba= ck might now get affected by exploits in the local HTTP driver/local networ= k stack and taken over, executing with the same privileges as the user (rem= ember https://www.rapid7.com/db/vulnerabilities/WINDOWS-HOTFIX-MS15-034/). = The fact that the loopback is only accessible locally only reduces the risk= but doesn=E2=80=99t eliminate it, a local process with lower privileges mi= ght use that exploit for elevation of privileges for example. We should at = least recommend that the app hosting the loopback adapter runs with low pri= vileges, reiterate the =E2=80=9Clisten only when you must=E2=80=9D and gene= rally warn about the extra attack surface. > > As AS I might not want to support this method at all, both for security r= easons and for the extra logic the wildcard port entails at registration an= d request serving times, but right now the spec forces me to- more reasons = for relaxing the MUST for all 3 methods as mentioned earlier.. > > > > =C2=A712 > > I am not exactly sure where to place the following- this section (or a su= bsection) might be the best fit. > > As mentioned during the interim meeting, the omission of the implicit flo= w in OAuth2.1 has already caused a lot of people to interpret this as an in= direct deprecation of the use of implicit flow by OpenID Connect for obtain= ing ID_tokens, either via traditional response_modes or via form_post. > > We already debated and concluded that the reasons that led to the omissio= n of the implicit grant in 2.1 do not apply to ID_tokens, hence there=E2=80= =99s no reason for people to stop using OpenID Connect that way. > > Formally we are in the clear, as OIDC is vased on 2.0 the omission of imp= licit here does not prevent it as extension grant in OIDC anyway- but the f= ormal stance doesn=E2=80=99t help in preventing the confusion and assuaging= the concerns of the developers who aren=E2=80=99t as well versed as the pe= ople on this list in all things specifications. > > Because of this, I recommend we add some language here that prevents that= confusion. Something like > > > > * The Implicit grant ("response_type=3Dtoken") is omitted from this > > specification as per Section 2.1.2 of[I-D.ietf-oauth-security-topic= s ] > > Please note: the omission of the implicit grant from this specification d= oes not automatically imply that other extension grants obtaining credentia= ls directly from the authorization endpoint should also be discarded. For e= xample, the implicit flow defined in Section 3.2 of [OIDC ] remains valid for = all the response_type values not including =E2=80=9Ctoken=E2=80=9D. > > > > Although it might be a bit unusual to refer to details of specs from othe= r entities, this spec already mentions OpenID 9 times even excluding =C2=A7= 14.2- and as soon as the browser apps section will be included, that number= is certain to rise. And the confusion on this point is truly widespread- a= dding language along the lines of the above directly in the core would go a= long way to save a lot of grief. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > --000000000000fb67aa05b5fd845b Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
    Thank you very much for your detailed feedback Vittorio!
    3D==E1=90=A7

    On Tue, Dec 8, 2020 at 3:22 PM <vittorio.bertocci@auth0.com>= wrote:

    Dear authors,

    It took ages but I finally managed t= o go thru a full review of the current OAuth2.1 draft. Apologies for the de= lay.

    Metacomments:

    • The VAST majority of t= he comments are suggestions for improving clarity, mostly on historical lan= guage coming from 2.0 that I found myself having to clarify to customers an= d colleagues over and over thru the years. None of those are critical.
    • There are a few places where 2.1 requires a MUST I b= elieve to be unwarranted/too restrictive. For each of those I did my best t= o provide context and concrete examples.
    • A sizea= ble category of comments and disagreements on MUST come from treating mobil= e and desktop apps as largely equivalent under the =E2=80=9Cnative app=E2= =80=9D umbrella, despite of the vast gulf that separates the two both in te= rms of security posture and user experience. Again, I tried to be as matter= of fact as possible in there.
    • The main reason f= or which I spoke up during the IETF interim on oauth2.1 was the confusion t= he omission f the implicit grant caused among the devs using implicit in OI= DC for obtaining ID_tokens. I suggested some language to pre-empt the issue= , but I expect some iteration there.

    Thanks,

    V

    =

    =C2=A0

    =C2= =A71

    I wonder whether we should tak= e the opportunity offered by OAuth2.1 to clarify frequent points of confusi= on about OAuth, by explicitly calling out in the introduction what is out o= f scope.

    For example: OAuth is not = an identity protocol, as it doesn=E2=80=99t concern itself with how resourc= e owners are authenticated; OAuth isn=E2=80=99t meant to address 1st party scenarios, although the reader is free to use it in that context= as well; and so on.

    I believe ther= e is value in adding this in the introduction rather than relegating it in = some later considerations section, as the people who need this information = the most rarely read past this point.

    =C2=A0

    =C2=A71.1

    In the RS definition, wondering whether including = the word =E2=80=9CAPI=E2=80=9D would help to clarify what an RS is in pract= ice.

    =C2=A0

    =C2=A71.2

    I always= found this part extraordinarily difficult to decipher. I get that this is = the first description and doesn=E2=80=99t have to be exhaustive and conside= r all cases (eg it=E2=80=99s ok if step 3 claims that the client authentica= tes w the AS even tho that=E2=80=99s only for confidential clients), but I = think it could be much clearer than it is today.

    Step 1 says

    The client requests authorization from the resource owner.=C2= =A0 The authorization request can be made directly to the resource owner (a= s shown), or preferably indirectly via the authorization server as an inter= mediary.

    Besides the fact th= at =E2=80=9Crequests authorization=E2=80=9D is a bit vague, this step and t= he corresponding diagram leg does not correspond at all to what normally ha= ppens- to get a code, the client does need to hit the AS and the mention in= passing in the text isn=E2=80=99t enough to figure that out. Also, with th= e omission of ROPG there really isn=E2=80=99t any way of asking anything to= the RO directly (the client creds doesn=E2=80=99t involve the RO).<= u>

    I would recommend updating that diagram to= be more descriptive of the canonical scenario.

    Step 2

    mentions the = 2 grants defined in the spec, but only one of them represents the RO=E2=80= =99s authorization. Claiming that the client itself is the RO is a formalis= m that doesn=E2=80=99t meet the reader=E2=80=99s intuition at this point.

    Step 5

    The language here triggered multiple discussions, in particular= on whether the AT can actually be used to ascertain the identity of the cl= ient =E2=80=93 that isn=E2=80=99t the case for public clients, for example;= besides, that=E2=80=99s not really the highest order bit of the AT. If it = is, it seems that the spec should be more explicit about how client identif= ication from the RS by means of an AT works. If it isn=E2=80=99t, perhaps w= e should change the language to omit authenticate.

    The last paragraph is emblematic IMO =E2=80=93 if the prefe= rred method is very different from the diagram here, and if the abstraction= presented here is not terribly useful (given that we no longer have multip= le RO based grants, excluding the extension grants that are still too far a= t this point to warrant a cognitive downpayment for the reader) I wonder wh= ether we=E2=80=99d be better off doing the authz code diagram directly (and= mention that we also have the client creds grant separately).

    =C2=A0

    = =C2=A71.3

    I understand that we can= =E2=80=99t really change this because we inherit from OAuth 2 but I=E2=80= =99ll mention it anyway- modeling clients as ROs is problematic, as it does= n=E2=80=99t often match what happens in practice. A confidential client mig= ht batch-read a user=E2=80=99s inbox searching for ad words, but the resour= ce owner remains the user.

    I know w= e straighten things up in 1.3.2, but the positioning here is confusing.<= /u>

    Also: isn=E2=80=99t the refresh token = grant a core-specified grant as well? I know I am nitpicking.=

    =C2=A7= 1.3.1

    We don=E2=80=99t say anywhere= here that the authorization code can be exchanged for an access token. It = can be somewhat inferred from 1.2, but it=E2=80=99s a bit of an intelligenc= e test (one needs to infer from authorization grant).

    P2

    =E2=80=9Cobta= ins authorization=E2=80=9D could be more specific, to reinforce that we are= doing a delegated flow. =E2=80=9CObtains=E2=80=9D seem to suggest that we = are talking about consent, rather than AS side rules. If that=E2=80=99s the= case, calling it out might make the scenario clearer.

    P3

    Both the ben= efits listed apply to confidential clients only. Not sure whether calling i= t out here would help prevent confusion later on (eg people thinking that p= ublic clients can prove their identity) or would bring confusion on now (gi= ven that we didn=E2=80=99t differentiate between client types yet). Either = ways, formally we are OK here; I am just thinking how to make things cleare= r. Perhaps defining client types before grants might help being clearer her= e.

    =C2=A0

    =C2=A71.3.2

    A concre= te example of credential (eg shared secret) might help clarify things here.= Also, the fact that client credentials indicate both a grant in itself and= an artifact (which participates in other grants) is a well know source of = confusion. Wondering if calling this out here might help.

    =

    =C2=A0

    =C2= =A71.4

    In general, we use =E2=80=9C= access token=E2=80=9D and =E2=80=9Ctoken=E2=80=9D interchangeably- perhaps = pedantic, but I would suggest we always use =E2=80=9Caccess token=E2=80=9D = to prevent confusion with refresh tokens later on, and other token types in= other contexts (eg think ID tokens).

    P1

    The client should treat the A= T string as opaque, but that doesn=E2=80=99t necessarily means it is: in so= me cases the client CAN see inside the token, and with the current language= they might interpret it as =E2=80=9Cin this case, it=E2=80=99s OK to look-= otherwise they would have made it opaque, per the spec=E2=80=9D.=

    =C2=A0

    =C2=A71.5

    The first phrase of P1= is wonderfully clear. We should have the equivalent in =C2=A71.3.1<= u>

    Not having defined a mechanism for request= ing a RT here, leaving it to ASes to decide when and where, created the sit= uation in which some AS only issues RTs when they get the offline_access sc= ope, with all the unfortunate consequences about RT lifetime vs session lif= etime etc=E2=80=A6 I know we can=E2=80=99t really change this now as we don= =E2=80=99t want to break existing AS implementations, but wondering if ther= e=E2=80=99s anything we can say to further clarify/give readers a headsup a= bout the ambiguity/diversity of behaviors they=E2=80=99ll encounter here.

    P2

    It=E2=80=99s odd that we say =E2=80=9Cusually opaque to the client= =E2=80=9D=C2=A0 for the RT while we decisively said opaque for the AT. Also= , the client shouln=E2=80=99t do anything w the RT content hence I think th= e same considerations done for =C2=A71.4P2 apply here.

    =E2=80=9CThe token denotes an identifier used to retrieve the auth= orization information= =E2=80=9D gets into the specifics of the implementation and it=E2=80=99s not univ= ersally true (some AS encrypt/sign the authz info in the RT itself and have= no server state whatsoever.

    Step 3

    Should we add a reference= to RFC6750 here?

    =C2=A0<= /u>

    =C2=A71.8

    Should we say rich *delegated* authorization framework?<= u>

    =C2=A0

    =C2=A72

    =E2=80=9Cend-user interaction wit=
h an HTML registration form=E2=80=9D is oddly specific =F0=9F=98=8A in particular, I think =E2=
=80=9Cend user=E2=80=9D might be misleading. We can either say =E2=80=9Cint=
eractive=E2=80=9D or refer =E2=80=9Cthe client app developer=E2=80=9D or eq=
uivalent.
    Overkill but I=E2=80=99ll mention it anyway. Sh=
ould we say that typically the client registration in the non-dynamic scena=
rio occurs in authenticated settings? Not strictly necessary but might help=
 the reader to tie what we say in this section with their concrete experien=
ce.
    =C2=A0
    =C2=A72.1
    =
P4
    =E2=80=9CAuthorizat=
ion servers SHOULD consider the level of confidence in a client's ident=
ity when deciding whether they allow such a client access to more critical =
functions, such as the Client Credentials grant type.=E2=80=9D 
    I don=E2=80=99t understand this sentence. Is the client credentials =
grant type a =E2=80=9Cmore critical function=E2=80=9D? Or is it a level of =
confidence? Either ways, I think it needs clarifying.<=
/pre>
    P5<=
u>
    IMPORTANT: this is going to break many OAuth implementati=
ons with significant adoption. Auth0 is fine (each client_id is tied to a s=
ingle client type) but I know of others that will break.
    =
I suggest softening to a SHOULD NOT.
    =E2=80=9Cbrowser-bas=
ed application=E2=80=9D
    I am not convinced this is so muc=
h easier than the original =E2=80=9Cuser-agent-based=E2=80=9D. I understand=
 the advantages (dovetails w the BCP, more precise given that apps can be u=
ser agent as wells nowadays, more familiar) however the break w 2.0 termino=
logy is jarring. I don=E2=80=99t feel very strongly about it but enough to =
type it.
    =C2=A0
    =C2=A72.2=

    It=E2=80=99s a bit odd to define the client identifier like it=E2=80=
=99s something brand new when =C2=A72.1 already introduced it. This languag=
e from the original 2.0 might need to be revised to accommodate that change=
.
    Wondering whether a warning against structured client_i=
ds (eg identifiers assembled thru some string template, like developer name=
+region+serial) would be in order. Perhaps in the security considerations?<=
u>
    =C2=A0
    =C2=A72.3
    P1
    That sounds vaguely circular, given that being assigned cr=
edentials might be considered part of the =E2=80=9Cestablish a client authe=
ntication method=E2=80=9D task listed there. I=E2=80=99d simply say =E2=80=
=9Cif the client is confidential or credentialed=E2=80=9D.
    P2
    I=E2=80=99d add =E2=80=9Cby the authorization server=
=E2=80=9D for good measure.
    P3
    =

    That sou=
nds vague. Shouldn=E2=80=99t it be mandatory for the AS to require client a=
uth for the client types who have creds? =E2=80=9Cif possible=E2=80=9D seem=
 to open the possibility of circumstances where that=E2=80=99s not he case.=

    P5
    I think that this idea of identifyi=
ng the client will need to be fleshed out more for people to fully understa=
nd it. Credentialed clients can prove that they are the same client instanc=
e across multiple transactions, which some might consider a weak form of id=
entification. To rule that out, it has to be mentioned upfront IMO. If not =
here, in some of the considerations section=E2=80=A6 with a forward referen=
ce here.
    P6
    Do we say why anywhere? If =
yes, we should reference it. If not, perhaps we should.
    <=
u>=C2=A0
    =C2=A72.3.1
    We no longer mentione=
d the empty client secret, but we don=E2=80=99t forbid it either. What=E2=
=80=99s our stance?
    =C2=A0
    =C2=A72.3.2<=
u>
    In =C2=A72.3 we mention MTLS, private_key_jwt, but here w=
e just point the reader to IANA. It looks like echoing those methods here m=
ight help clarity.
    =C2=A0
    =
=C2=A73.1<=
/u>
    Last paragraph
    I have been in discussions =
where readers interpreted this as =E2=80=9Cyou cannot send custom parameter=
s to the authorization server=E2=80=9D. To preempt that mistake, we mighr c=
onsider calling out that custom extensions _are_ permitted as long as the A=
S supports them. I know that=E2=80=99s what the current language says alrea=
dy.
    =C2=A0
    =C2=A73.1.1
    Wondering if referring to some specific, well known extensions (like OIDC=
) might help readers to better understand this point.<=
/pre>
    =
=C2=A0
    =C2=A73.1.2
    RFC3986 6.2.1 talks abo=
ut character by character comparison, but doesn=E2=80=99t mention case sens=
itivity. I am sure it does elsewhere in the spec, but for clarify and reada=
bility I recommend specifying the desired behavior directly here.=

    =C2=A0
    =C2=A73.1.2.1
    <=
pre>Personall=
y, I would advocate for a MUST here. True, lots of people won=E2=80=99t com=
ply at development time, but I think that=E2=80=99s OK as long as they do u=
se TLS when going in production. 
    Also, SameSite changes =
are making the use of HTTPS at dev time more and more common. If OAuth2.1 i=
s about picking the best of the security practices, this seems like a an ob=
vious candidate.
    =C2=A0
    =C2=A73.1.2.2
    P3
    =E2=80=9Clack of requiring=E2=80=9D d=
oesn=E2=80=99t sound proper.
    =C2=A0<=
/pre>
    =C2=
=A73.2
    P2
    Should we also say that the s=
pec doesn=E2=80=99t care about _when_ the client obtains the endpoint?
    Last P
    Same considerations as =C2=A73.1<=
/u>
    =C2=A0
    =C2=A73.2.1
    P1=

    That=E2=80=99s stricter than =C2=A72.3P3 =E2=80=93 I think =
the language there should be tweaked to be coherent with the one here.
    =C2=A0
    =C2=A73.3
    =

    Wonderin=
g if the =E2=80=9Cscope strings order does not matter=E2=80=9D point should=
 be somehow emphasized or clarified. I know of implementations who consider=
ed heuristics such as =E2=80=9Cif the scopes requested correspond to multip=
le resources, I=E2=80=99ll show consent for all byt the token eventually is=
sued when redeeming the code will have as audience the resource correspondi=
ng to the FIRST requested scope=E2=80=9D, which would violate the order inv=
ariant requirement. 
    =C2=A0
    =C2=A74<=
/u>
    Potentially VERY confusing. I would recommend to be more spe=
cific and state that =E2=80=9COAuth 2.1 defines two grant types=E2=
=80=9D. 
    =C2=A0
    =C2=A74.1=

    Diagram
    Not critical. But I want to point it out. Th=
e first time I saw this diagram I found it confusing. The fact that the sam=
e numeral is assigned to multiple legs is just odd for anyone not already f=
amiliar with the flow, possibly still struggling to understand the client a=
s a service side component.
    Also, now that we have mighty=
 SVG support, I would strongly advocate for a modern version of this diagra=
m (there lines perhaps don=E2=80=99t need to be broken into segments).
    Step 5
    =E2=80=9Coptionally, a refresh token=
=E2=80=9D is too vague IMO. I will look for opportunities to clarify later =
in the spec, given that this might not be the best place to go in details.<=
u>
    =C2=A0
    =C2=A74.1.1=

    Ov=
erall: a high summary of the steps in this preamble might help. The current=
 denormalization in subsection can be pretty hard to follow for someone see=
ing this for the first time. 
    Also: creating challenge an=
d verifier BEFORE assembling the request seems profoundly counterintuitive =
to me, as it emphasizes a security measure over the core function of this l=
eg of the flow. Unless there=E2=80=99s a crypto reason for this current seq=
uencing that I can=E2=80=99t see, I recommend first creating the core reque=
st (what=E2=80=99s now 4.1.1.3) and then attaching challenge and verifier. =
Also, sending the message can be its own subsection rathe than being confla=
ted with the last message composition subsection.
    P1
    =E2=80=9Cto begin=E2=80=9D remains a bit suspended, given tha=
t there=E2=80=99s no obvious segue on what constitutes the steps after the =
beginning. 
    P2
    =E2=80=9Clater use with =
the authorization code=E2=80=9D could be clearer, e.g. =E2=80=9Cat authoriz=
ation code redemption time=E2=80=9D. At this point that might still not be =
obvious for the reader.
    Mentioning the provenance of prop=
erties (parameters?) code_challenge and code_verifier without first having =
introduced them might confuse people not already familiar with them and the=
 request process in general, as their function will not be obvious not natu=
rally map with the preceding sentencer.
    P3<=
/span>
    Imposing a MUST before knowing what those this are yet is not as clear =
as it would be if this would be stated after their use and function has bee=
n explained.
    =C2=A0
    =C2=A74.1.1.3
    On state. Given the change vs OAuth2, I think it might be help=
ful to call out the relevant section on the appendix about differences to h=
elp people familiar w 2.0 not to miss this important change and avoid doing=
 work twice.
    =C2=A0
    =C2=A74.1.2<=
u>
    P2
    Should we say that the code should be opaqu=
e to the client, to discourage the use of structured code templates that ca=
n be partially manufactured?
    P8
    =E2=80=
=9Che server MUST NOT=C2=A0 include the "code_challenge" value in=
 client requests=E2=80=9D, was that meant to be =E2=80=9Cresponses=E2=80=9D=
? 
    Qualifying =E2=80=9Cother entities=E2=80=9D (anyone bu=
t the AS?) might make this point clearer.
    =C2=A0
    =C2=A74.3
    We mentioned extension grants in pass=
ing, but I don=E2=80=99t recall seeing a definition/description of their fu=
nction in the context of the framework. Even a short sentence to that effec=
t here would help, given that the section title names them explicitly. Also=
, stressing that the device flow is just one example and other extensions m=
ight differ (for example in their logic to establish whether an access toke=
n request is valid and authorized) would go a long way in helping the reade=
r put this section in better focus.
    =C2=A0<=
/span>
    =C2=A75.1
    On the access_token parameter. Given the di=
scussions we had for the JWT AT profile draft, I am wondering whether it sh=
ould be called out here that the AT recipient is the RS, that the client sh=
ould not expect to be able to parse the access_token, and that the AS is un=
der no obligation to use a consistent AT encoding outside of what is negoti=
ated with the RS. I don=E2=80=99t feel very strongly about this, or about w=
here in the spec this should be called out, but it sure would have made lif=
e easier in those discussions- hence the comment.
    On the =
refresh_token parameter. The lack of details in how OAuth2 describes how/wh=
en an AS returns refresh tokens led to today=E2=80=99s complicated situatio=
n in which many implementations issue RTs only when OIDC=E2=80=99s offline_=
access is received in the scopes, as it was the only mention in public spec=
s describing a concrete behavior. See the associated online_access discussi=
on on the OIDC list, as RTs gain importance as session artifacts of sort fo=
r SPAs now that implicit is dead and ITP makes iframe renewals problematic.=

    Unfortunately it is too late to be prescriptive here, as=
 we cannot break compatibility with whatever choices existing AS implementa=
tions made. However we can be more descriptive and give the reader a better=
 idea of what=E2=80=99s the range of possibilities. Some nonnormative examp=
les of how existing AS determine whether to issue an RT or not (eg as an op=
tion determined at client registration time, or any other heuristic you guy=
s encountered in the wild) might help people to better understand their opt=
ions and the intent of the specification here.
     
    =C2=A75.2
    It might help to remind the reader he=
re that extensions to the core spec might specify or further specialize cir=
cumstances in which the errors mentioned here are returned (for example, se=
e the validation errors in the JWT AT profile). There=E2=80=99s a mention o=
f that in =C2=A77.3.1 but that=E2=80=99s pretty far, and having even brief =
language here might be handy for people reading the spec for reference rath=
er than cover to cover.
    =C2=A0
    =

    =C2=A76<=
u>
    P1
    I think the risk assessment is just =
one of the factors an AS might use to decide whether to issue an RT or not.=
 The current language suggests risk is the only determinant in that decisio=
n and that doesn=E2=80=99t seem right.
    Saying that one mi=
ght refresh tokens using other grants seems odd. A new authorization code g=
rant gets me a new token and offers me the opportunity to describe what tok=
en I want (scopes etc), the fact that I might choose to ask the exact same =
things I asked in the original request is expediency. I would rather phrase=
 this as the fact that the client can simply repeat the original request, a=
nd external factors such as cookies, sessions and other auth method specifi=
c options may allow the client to do so without prompting the user.<=
u>
    P2
    We might need to be more precise here. Do w=
e mean the scopes consented by the RO in the request that led to the issuan=
ce of the RT being used? Just saying consented by the RO for the client doe=
s not exclude cases in which there are more instances of the client in oper=
ation. Say that I am running uber on phone 1 and I consent to read my googl=
e calendar, getting AT1 and RT1. Say that on phone 2 I also run the uber ap=
p, and this time I consent to write my google calendar, obtaining AT2 and R=
T2 on this new device. Now consider the various combinations here. Should R=
T2 allow me to get calendar:read too, given that it was already consented b=
y RO for this client? Should RT1 allow me to get AT1=E2=80=99 containing ca=
lendar:write, given that RO consented for it when using a different instanc=
e of the same client? Whatever is the answer you want to the questions abov=
e, I think the spec should have language clear enough to unambiguously dete=
rmine the desired behavior.
    =C2=A0
    =C2=
=A76.1
    It=E2=80=99s a bit confusing that half of the RT u=
se requirements is in =C2=A76 (the requirement to authenticate confidential=
/credentialed clients) and half is in here, with the only differentiator be=
ing the nature of the client. This is pretty minor, but I think I would per=
sonally find clearer if all the requirements for the use of an RT would be =
consolidated in a single place. It=E2=80=99s true that the public client re=
qs are a SHOULD, but still.
    Rotation.
    W=
ondering whether it would be wise to advise the reader to have their AS rev=
oke all the still valid ATs issued by the AS from the same session/family o=
f RTs upon detection of a RT reuse. It is not uncommon for clients to reque=
st new ATs before their projected expiration.
    P6
    I think the =E2=80=9CMAY=E2=80=9D here might be confusing when ap=
plied to the rotation, as in either the AS does it, or the scenario won=E2=
=80=99t work. I understand this is formally correct, but perhaps explicitly=
 calling out some cases in which the AS might decide to do otherwise and ac=
knowledge that in that case the client will be stuck might help clarify. Al=
so, if the public client protection measures were in =C2=A76 instead of her=
e, there would be less opportunities for confusion as it would be easier to=
 grok that this doesn=E2=80=99t apply to the rotation case only (now adjace=
nt) but to other RT reissuance cases as well (eg sliding expiration).
    On the identical scopes requirement. Say that after obtaining =
RT1, which includes scopes s1 and s2 for client c1, the RO revokes authoriz=
ation for c1 to use s2. Should the AS fail the RT redemption, or return an =
AT with only s1 and a scopes parameter informing the client of the change? =
As developer I would prefer the latter, to preserve the experience: but if =
we are adamant about the current language, I think it might be useful to ex=
plicitly call out that any changes to the grant on the AS side should resul=
t in failure of the RT redemption.
    P7
    C=
alling out deprovisioning of RO might be useful as well.
    =
On =E2=80=9Cthe logout at the AS=E2=80=9D event, that=E2=80=99s definitely =
a valid case but I worry about how presenting that alone might reinforce mi=
sunderstandings that equate RTs with sessions. There are certainly times wh=
ere we want that (see mentions earlier of the online_access discussions) bu=
t there are also cases where the ability of a client to refresh ATs needs t=
o survive session boundaries (offline_access) and confusing the two are pro=
blematic. I don=E2=80=99t have a clear solution here, just pointing out a p=
otential point of confusion. Maybe there will be more opportunities to clar=
ify later in the spec.
    =C2=A0
    <=
pre>=C2=A77
    P1
    An important case to call out is the =
AS-RS colocation, where neither introspection nor token format agreements a=
re necessary. I suggest mentioning it openly.
    =C2=
=A0
    =C2=A77.2
    =E2=80=9Cbearer tokens may be ex=
tended to include proof-of-possession=C2=A0 techniques by other specificati=
ons=E2=80=9D sounds like an oxymoron. Wouldn=E2=80=99t PoP make the token n=
o longer bearer by the very definition above?
    It looks li=
ke we might need a term for simply =E2=80=9Ctoken=E2=80=9D.
    =C2=A0
    =C2=A77.2.1
    Do we also want t=
o forbid two tokens in the same request, using different methods? Current l=
anguage only constraints the behavior of one token.
    =C2=A0
    =C2=A77.=
2.3
    The =E2=80=9Cinsufficient_scope=E2=
=80=9D description here is problematic. The privileges the AT carries/point=
s to are not necessarily (or exclusively) represented by the included scope=
s (eg the RO might have granted document:read to the client, but RO might h=
ave no privileges for the particular document being requested in this parti=
cular call). It might be useful to specify that =E2=80=9Cinvalid_scope=E2=
=80=9D should be used for authorization errors that can be actually express=
ed in terms of delegated authorization, leaving to RS implementers the free=
dom to handle other authorization issues (eg user privileges, RBAC, etc) wi=
th a different error code. Or at least, we should be clear that authorizati=
on logic not expressed via scopes is out of scope (pun not intended) for th=
is specification.
    Note, this isn=E2=80=99t an abstract pr=
oblem: there are SDKs out there that use =E2=80=9Cinvalid_scope=E2=80=9D fo=
r every permission issues. Very confusing.
    <=
span style=3D"font-size:11pt;font-family:Calibri,sans-serif">=C2=A0<=
u>
    =C2=A77.3.1
    We rewrite portions of 6750 in oau=
th2.1, but here we refer to it as its own spec=E2=80=A6 that could be confu=
sing as it=E2=80=99s unclear which parts of 6750 are overridden by oauth2.1=
 (eg no more querystring) and what parts remain normative. Perhaps we can c=
all those things out in the sections meant to replace the corresponding sec=
tions in 6750.
    =C2=A0
    =C2=A77.4.2
    Pedantic: although the title of the section states it, wonderi=
ng whether every instance of =E2=80=9Ctoken=E2=80=9D here should be =E2=80=
=9Caccess token=E2=80=9D instead. Think of cases in which the spec is quote=
d in discussions and disputes, where snippets can be pasted and mentioned o=
utside of the context of this section.
    P2
    Referencing the JWT AT profile as an example of extension providing the =
info out of scope for the core might help the reader grok a concrete exampl=
e.
    =C2=A0
    =C2=A77.4.3.5
    =E2=80=9Cone hour or less=E2=80=9D seems very arbitrary, and breaks step=
 in respect to what the spec does elsewhere (eg we don=E2=80=99t give any i=
ndication of how long an AS should wait to invalidate an RT for inactivity,=
 but we do say the AS should do so). I would actually not provide any refer=
ence value here.
    =C2=A0
    =C2=A77.4.3.6
    Another opportunity of referencing the JWT AT profile for =
a concrete example of detailed audience restriction guidance in ATs.=

    =C2=A0
    =C2=A77.4.3.7
    Beside=
s the indications given to clients here, should we also give guidance to an=
 RS to ignore tokens passed that way?
    =C2=A0
    =C2=A77.4.5
    Along the same lines of the comments ab=
out delegated authorization earlier for =C2=A77.2.3. I think it would be us=
eful to acknowledge here that ATs might carry, and RSs might expect, author=
ization information that go beyond the delegated authorization for 3rd=
 party API case that is core to OAuth- and remind the reader that tho=
se mechanisms are out of scope for oauth hence they shouldn=E2=80=99t expec=
t those aspects to be addressed/handled/regulated by this specification. 
    =C2=A0
    =C2=A78
    As ment=
ioned earlier, it seems a potentially confusing to reference the section of=
 a document being superseded. I do see an issue in redefining here somethin=
g already established and in use, hence I am not expecting this to change. =
Just wondering whether we need to provide a more explicit map of the sectio=
ns in 6749 that are being updated by oauth2.1.
    =C2=
=A0
    =C2=A79
    Should we also say something about=
 the scenario being chiefly 3rd party clients? We know lots of p=
eople use OAuth2 for 1st party scenarios and some considerations=
 might differ. This might be an opportunity to finally make that clear.<=
/u>
    =C2=A0
    =C2=A79.1
    P1
    Well, the AS doesn=E2=80=99t really use client auth... the ac=
tive part here is the client itself. Perhaps the AS can require it, when po=
ssible.
    P2
    Unclear. Are we saying that =
if it is possible to safely distribute keys to client, the AS MUST use clie=
nt auth? That seems odd, there might be other reasons coming into play (cos=
t, security posture) making that choice not viable. Or is the intent to say=
 that the AS should not use client auth if the key distribution cannot be t=
rusted? That sounds far more realistic, but then the language should be twe=
aked or the reader might pick the former interpretation.
    =
P3
    The AS can=E2=80=99t really PREVENT creds forwarding a=
s the RO machine might still have funny business going on (eg DNS attacks).=
 Some softer language might be more accurate there. 
    P4
    That sounds very abstract. What does it mean? That the AS =
should consider to issuing RTs to public clients? If that=E2=80=99s the cas=
e, we should just say so=E2=80=A6 tho without more details, I don=E2=80=99t=
 know how actionable the guidance here will be. I can see BoFa requiring a =
user to reauth in their iPhone app after inactivity, but I don=E2=80=99t se=
e Uber doing so for their app.. unless they produce long lived ATs, which i=
sn=E2=80=99t what we want either.
    P5 
    T=
his could be clearer. The dynamic client registration case just flesh out t=
he confidence level an AS can have in its identity, but does not offer a co=
rresponding privilege level to it =E2=80=93 whereas the second case does me=
ntion assigned privileges explicitly. Also, pitting =E2=80=9Cdynamically re=
gistered client=E2=80=9D vs =E2=80=9Cweb application=E2=80=9D might suggest=
 the app type is a factor, whereas AFAIK 7591 can be used for registering w=
eb apps too (whether that s wise or not is immaterial here).<=
/span>
    =C2=A79.2
    Should we say something about whether nativ=
e clients should be allowed to be =E2=80=9Cupgraded=E2=80=9D as confidentia=
l clients in the future, or the other way round? I know of scenarios where =
people did that to preserve consent info, but that seem sketchy security wi=
se.
    P3
    The SHOULD here refers to a requ=
irement that in 10.3.1 is a MUST. I don=E2=80=99t think the MUST is warrant=
ed (more about that in the 10.3.1 comments) but if we do keep it, it looks =
like the level should be coherent here.
    P4<=
/span>
    That example is compatible with a SHOULD- works now, but would look odd=
 if we=E2=80=99d upgrade P3 with a MUST for coherence with 10.3.1.
    P5
    Inclusion where/how? We should be precise IM=
O. If it=E2=80=99s just registration material (eg not part of the redirect =
URI), we should mention how we expect it to be used in the context of OAuth=
- and if we don=E2=80=99t know, perhaps we should not mention it here. <=
/u>
    =C2=A0
    =C2=A79.3
    P1
    I know it becomes clearer later on, but I think it would help=
 here to explicitly call out confidential and credentialed client as the su=
bject of this sentence. Those are the only client types with credentials, h=
ence the current language is formally correct. This is just for clarity.=

    P2
    I thought we require redirect URI regi=
stration in all cases? This makes it sound it=E2=80=99s only for public cli=
ents.
    P3
    I have been in various discuss=
ions where people were attempting to interpret what =E2=80=9Cexplicit RO au=
thentication=E2=80=9D means in practice. Is it a full credential prompt reg=
ardless of whether one session already exists? A selection between existing=
 sessions, if present?
    P4
    =
This is uncle=
ar. As it currently reads it seems to prohibit things like getting a new au=
thz code silently via iframe (and prompt=3Dnone or equivalent UX suppressin=
g mechanism, please ignore the ITP complications for the sake of argument).=
 
    =C2=A0
    =C2=A79.3.1
    =
P1
    I don=E2=80=99t follow this sentence. The client ident=
ity cannot be proved for public clients (see also next P), and the native a=
pps are public clients unless otherwise specified (eg credentialed).=

    P2
    I find this misleading. Client side measur=
es such as claimed schemes, domains etc might work to prevent an app impers=
onating another app on the same device/OS, but they aren=E2=80=99t guarante=
ed to be honored on other operating systems. The AS has no way of knowing w=
hether those measures have been enforced on the client, hence it should not=
 accept them as proof.=C2=A0 
    =C2=A0=

    =
=C2=A79.4.1
    This is another place where a reference to th=
e JWT AT profile would provide a concrete example of the conditions set for=
th here (eg RS guidance for audience validation).
    Also, a=
s mentioned earlier, it might be useful to remind the reader that the AS mi=
ght include in the token authorization information that go beyond the deleg=
ated authz scenario OAuth2.x concerns itself with, and that those aspects a=
re beyond the scope of this specification.=C2=A0 That would truly go a long=
 way preventing people from abusing and overextending the spec on scenarios=
 it is not meant to address.
    And even for the canonical s=
cenarios, it might be useful to remind the reader that the RS might have ex=
tra logic not described in this spec that determines whether the call will =
be authorized or otherwise- to dispel the notion that the AS is always the =
sole source of truth for authorization. 
    =C2=A0=

    =C2=A79.4.2
    P2
    Clarifying that=
 MTLS is one instance of the sender constraint methods just mentioned would=
 prevent some readers considering that an independent, additional constrain=
t.
    =C2=A0
     =C2=A79.5
    =
In =C2=A76.1 we give more details about protection, should we have a backwa=
rd reference to that section here?
    P2
    I=
s it worth to specify that it doesn=E2=80=99t matter how the AS tracks the =
binding? (eg server side or embedded in the RT bits themselves).<=
/u>
    =C2=A0
    =C2=A79.6
    <=
span style=3D"font-size:11pt;font-family:Calibri,sans-serif">P1
    This language makes the assumption that for client cred grants, the =
sub will take on the client_id value. That it certainly possible, but not a=
 given. As such, the language here should be explicit abouty the fact that =
it=E2=80=99s what we are expecting to happen in this particular scenario.
    P2
    Referring to the client as the actor =
here is confusing as soon as you move beyond client_id. When you talk about=
 rhe sub or any other value, it=E2=80=99s not as much the client as it is t=
he developer who owns the client. The difference is subtle but might be a s=
ource of confusion.
     
    =C2=A79.7<=
u>
    P3
    I thought that we were going to make PKCE o=
r nonce the only two mandatory alternatives? Nothing against supporting sta=
te as an accepted way to achieve this, just surprised as I recall people be=
ing quite adamant about pushing PKCE.
    P4
    Looks like the iss response parameter might make the distinct redirect UR=
Is unnecessary?
    =C2=A0
    =C2=A79.7.1
    The guidance in this section isn=E2=80=99t likely to be widel=
y followed, but I understand the rationale behind it.<=
/pre>
    =
=C2=A0
    =C2=A79.8
    P2<=
/pre>
    Tha=
t=E2=80=99s probably obvious, but I think we should specify that those mult=
iple attempts should come with the expected code verifier as well for the r=
evocation logic to be triggered- if it=E2=80=99s just the code without veri=
fier, it doesn=E2=80=99t look like the leak went far enough to warrant that=
 intervention.
    P4
    If this holds, then t=
he remark about the use of state for CSRF in =C2=A79.7 P3 seems unnecessary=
.
    P9
    The use of MUST here seems incompa=
tible with the concession of using nonce instead of PKCE. Either we allow i=
t or we don=E2=80=99t=E2=80=A6
     
    =C2=
=A79.11
    P1
    Now that we no longer trade =
in RO passwords, should we mention them here? Sure, if the AS uses password=
s they do need protection, but so do lots of other things the AS might use =
as part of auth that we don=E2=80=99t mention here for Occam=E2=80=99s razo=
r. 
    P3
    What other means are we referrin=
g to? 
    =C2=A0
    =C2=A79.12=

    =E2=80=9Cservice providers=E2=80=9D occurs for the first time in the d=
ocument here. Tying the guidance to entities already mentioned in the doc (=
clients, AS) might make things clearer/more actionable.
    <=
u>=C2=A0
    =C2=A79.13
    I understand that some=
 of the comments in this area should be done on the BCP rather than here, b=
ut here we are. That said=E2=80=A6
    Blanket comment: this =
section seems to assume native app =3D=3D mobile app, and that=E2=80=99s no=
t strictly the case. Desktop apps have different characteristics and deskto=
p OSes different capabilities. Would be clearer to make a distinction when =
relying on mobile OS capabilitesas we=C2=A0 appear to do here.
    P2
    Embedded user-agent !=3D fake external user agen=
t, but P2 uses that interchangeably. A desktop app might use an embedded br=
owser for UX reasons and making no attempt whatsoever to disguise that as a=
n external agent. And I would be pretty surprised to see a malware remover =
get rid of google drive for Mac, or Adobe products, or Office- all native a=
pps using embedded user-agents for authentication.
    P3<=
/u>
    It=E2=80=99s unclear how the AS would do that, given that us=
er agent strings can be faked. Google has its ML based secret sauce, but th=
at might not be accessible by everyone.
    P4<=
/span>
    This is mobile specific, doesn=E2=80=99t apply to desktop apps as readi=
ly. Also unclear how that would change for the end user, given that pixel p=
erfect replicas can easily include fake address bars. More details on how a=
 user would detect an actual browser (presence of an existing session, acce=
ss to bookmarks etc) might add enough color to help the reader truly unders=
tand the extent of the remedy power (or its true limits). 
    =C2=A0
    =C2=A79.14
    There=E2=80=99s no =
action for the reader here. If that reflects the actual situation (none of =
the roles described in this spec can do anything to mitigate or contain the=
 damage, and solutions to prevent the situation lie outside its purview eg =
use MDM software on your corporate devices) we should explicitly say so.=

    =C2=A0
    =C2=A79.15
    A bit=
 odd that we used CSRF throughout the document assuming the reader was fami=
liar with it, but here we attempt a definition. 
    =

    Still co=
nfused on how we admit state as a valid mechanism, as opposed to limiting t=
o nonce and PKCE. Also note the potential discrepancy called out earlier in=
 which at code redemption time we appear to require PKCE, in contrast to ad=
mitting nonce/state here.
    =C2=A0
    =C2=A7=
9.18.2
    Wondering if here we should go as far as recommend=
ing the AS keeps dynamic client registration OFF when it=E2=80=99s not need=
ed. That might provide good secure by default guidance for AS SDKs and prod=
uct developers.
    =C2=A0
    =C2=A79.19
    I assume we=E2=80=99d add the =E2=80=9Ciss=E2=80=9D response p=
arameter as alternative to the requirements here?
    =
=C2=A0
    =C2=A79.20
    P1, P2, P3
    The security properties described here do not apply as is to desktop apps =
using embedded browsers.
    As mentioned earlier, on the des=
ktop the separation between apps isn=E2=80=99t as stark as on mobile- the k=
eystrokes message pump is potentially accessible at the user session level,=
 encompassing multiple applications. Although process separation mechanisms=
 are in place, the circumstances of the execution and the OS specific featu=
res in this respect determine the degree to which entering credentials in o=
ne process makes the data inaccessible by another. We should not claim adva=
ntages we cannot guarantee, and we should be explicit about what measures s=
pecific to dekstops should be considered to mitigate risks eg not executing=
 apps as admins, enable and use UAC at the right level on Windows or equiva=
lent on other OSes, use app sandboxing when the OS supports it, etc. Not su=
ggesting we call out specific technologies like UAC, but at least point at =
the category of security measures.
    P4
    A=
s mentioned above, the presence of the address bar can be easily faked by p=
ixel perfect replicas- relying on those is security theater.<=
/span>
    P5
    This is a valid concern, but if we want to frame i=
t in the context of the security considerations section we need to add more=
 color (eg minimizing the situations in which one needs to enter creds is g=
ood security practice).
    =C2=A0
    =

    Another =
thing we might add as lowlight for embedded browsers: password managers mig=
ht not work, making the user=E2=80=99s life difficult and possibly promotin=
g insecure situations (eg placing a random pwd in the clipboard, where othe=
r apps might later steal it from).
    =C2=A79.21
    Do we need this here, given that we cover this in depth earlier?<=
/u>
    =C2=A0
    =C2=A710
    =

    I find t=
his subdivision confusing. We have native clients considerations scattered =
throughout the entire specification, but now we have a dedicated section th=
at somewhat repeats some of the points already made while interleaving new =
ones. Perhaps having a more specific section title, one that better charact=
erizes the content and intent of this section, would avoid giving the impre=
ssion that if the reader is interested in native clients, this is the only =
section they need to read.
    P2
    <=
pre>See discu=
ssion so far on native vs desktop.
    Also: I have been in f=
erocious discussions where people thought the external user agent HAD to be=
 the browser, which we know isn=E2=80=99t the case (hero apps like the FB S=
DK or OS features like sign in w Apple work just as well). Some language he=
re giving a nod to those non-browser external user agents might help clarif=
y.
    P4
    See previous discussion on mobile=
!=3Ddesktop.
    P5
    I=E2=80=99d always qual=
ify the =E2=80=9Cbrowser=E2=80=9D with system, external, device etc given t=
hat some reader calls the embedded user-agent =E2=80=9Cembedded browser=E2=
=80=9D, hence just saying =E2=80=9Cbrowser=E2=80=9D without modifiers is am=
biguous.
    User authentication state.. on the device. I thi=
nk specifying it will clarify what this really means.<=
/pre>
    =
=C2=A0
    =C2=A710.1
    Unless you scope this st=
atement to MOBILE apps, I think the MUST here should be a SHOULD. 
    The security posture of the desktop is different enough, and the =
quality of the user experience when using a system browser bad and disomoge=
neous enough, that a MUST isn=E2=80=99t justified here.
    <=
u>=C2=A0
    =C2=A710.2
    Beware of the native-m=
obile false equivalence here.
    P3
    One or=
 two examples of non-browser external user agents might help.=

    P4
    Text pasted here is technically not a best practi=
ce but core.
    I see there are examples here, so no need to=
 add them in P3.
    It=E2=80=99s unclear why the external br=
owser is RECOMMENDED here- if it=E2=80=99s because we can=E2=80=99t go in d=
etails of the behavior of non browser apps, it seems like we should say tha=
t much rather than making a recommendation. In other words, RECOMMENDED exp=
resses a strong preference for it, but if I am on iOS and I want to sign in=
 with Facebook I am actually better off using their SDK both for security a=
nd user experience reasons than to use the system browser.
    =C2=A0
    =C2=A710.3
    Requesting a MUST f=
or all 3 methods seems restrictive=E2=80=A6 why not requesting at least one=
?
    =C2=A0
    =C2=A710.3.1
    P3
    This seems unnecessarily restrictive. 3.8 in 7595 is =
mostly SHOULDs, and it refers to organizations rather than individuals. Not=
 every developer owns a domain, not every app goes on an app store and is m=
eant for general public consumption. An organization sideloading apps on ma=
naged devices should not be forced to follow those constraints if they cont=
rol the environment and aren=E2=80=99t worried about other apps competing f=
or the same schema, but placing a MUST here might compel SDK developers to =
embed validation checks that would make developers on those circumstances d=
eal with complexity without any security upside. In fact, apps should not e=
ven be required to have internet access in the general case but this requir=
ement does impose that. 
    I think this is an important bes=
t practice that should be encouraged, RECOMMENDED or even SHOULDed , but it=
 shouldn=E2=80=99t be a MUST in the core specification.
    <=
u>=C2=A0
    =C2=A710.3.2
    P4
    Like everything happening on the client, the AS cannot really take that as=
 guarantee. What might be true for an app running on iOS might not apply if=
 the requests are all manufactured via cURL on a Linux box. The scope of th=
ose measures is really limited to one particular device or devices sharing =
an OS, outside of that cohort there are no guarantees.=

    =C2=A0
    =C2=A710.3.3
    This section should c=
ome with glaring warnings, anything actively listening on the client extend=
s the attack surface- an app listening on the loopback might now get affect=
ed by exploits in the local HTTP driver/local network stack and taken over,=
 executing with the same privileges as the user (remember https://www.rapid7.com/db/vulnerabilities/WINDOWS-HOTFIX-MS15-034/=
). The fact that the loopback is only accessible locally only reduces the r=
isk but doesn=E2=80=99t eliminate it, a local process with lower privileges=
 might use that exploit for elevation of privileges for example. We should =
at least recommend that the app hosting the loopback adapter runs with low =
privileges, reiterate the =E2=80=9Clisten only when you must=E2=80=9D and g=
enerally warn about the extra attack surface.
    As AS I mig=
ht not want to support this method at all, both for security reasons and fo=
r the extra logic the wildcard port entails at registration and request ser=
ving times, but right now the spec forces me to- more reasons for relaxing =
the MUST for all 3 methods as mentioned earlier..
    =
=C2=A0
    =C2=A712
    I am not exactly sure where to=
 place the following- this section (or a subsection) might be the best fit.=

    As mentioned during the interim meeting, the omission of=
 the implicit flow in OAuth2.1 has already caused a lot of people to interp=
ret this as an indirect deprecation of the use of implicit flow by OpenID C=
onnect for obtaining ID_tokens, either via traditional=C2=A0 response_modes=
 or via form_post.
    We already debated and concluded that =
the reasons that led to the omission of the implicit grant in 2.1 do not ap=
ply to ID_tokens, hence there=E2=80=99s no reason for people to stop using =
OpenID Connect that way. 
    Formally we are in the clear, a=
s OIDC is vased on 2.0 the omission of implicit here does not prevent it as=
 extension grant in OIDC anyway- but the formal stance doesn=E2=80=99t help=
 in preventing the confusion and assuaging the concerns of the developers w=
ho aren=E2=80=99t as well versed as the people on this list in all things s=
pecifications.
    Because of this, I recommend we add some l=
anguage here that prevents that confusion. Something like 
    =C2=A0
    *=C2=A0=
 The Implicit grant ("response_type=3Dtoken") is omitted from thi=
s
    =C2=A0=C2=A0=
=C2=A0=C2=A0=C2=A0 specification as per Section 2.1.2 of[I-D.ietf-oauth-security-topics]
    =

    Please note: the omission of the implicit =
grant from this specification does not automatically imply that other exten=
sion grants obtaining credentials directly from the authorization endpoint =
should also be discarded. For example, the implicit flow defined in Section=
 3.2 of [OIDC] remains valid for all the resp=
onse_type values not including =E2=80=9Ctoken=E2=80=9D. 
    =
=C2=A0
    Although it might be a bit unusual to refer to det=
ails of specs from other entities, this spec already mentions OpenID 9 time=
s even excluding =C2=A714.2- and as soon as the browser apps section will b=
e included, that number is certain to rise. And the confusion on this point=
 is truly widespread- adding language along the lines of the above directly=
 in the core would go a long way to save a lot of grief.
    =
=C2=A0
    =C2=A0
    =C2=A0
    =C2=A0
    =C2=A0
    =C2=A0
    =C2=A0
    =C2=A0
    =C2=A0
    =C2=A0
    =C2=A0
    =C2=A0
    =C2=A0
    =C2=A0
    =C2=A0
    =C2=A0
    =C2=A0
    =C2=A0
    =C2=A0
    =C2=A0
    =C2=A0
    =C2=A0
    =C2=A0
    =C2=A0
    =

    =C2=A0
    =C2=A0
    =C2=A0
    =C2=A0
    =C2=A0=

    =C2=A0
    =C2=A0
    =C2=A0
    =C2=A0
    =
=C2=A0
    =C2=A0
    =C2=A0
    =C2=
=A0
    =C2=A0
    =C2=A0
    =C2=A0
    =C2=A0
    =
=C2=A0
    =C2=A0
    =C2=A0
    =
=C2=A0
    =C2=A0
    =C2=A0
    =C2=A0=

    =C2=A0
    =C2=A0
    --000000000000fb67aa05b5fd845b-- From nobody Tue Dec 8 22:47:49 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AF7C53A0D02 for ; Tue, 8 Dec 2020 22:47:47 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.117 X-Spam-Level: X-Spam-Status: No, score=-2.117 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_FONT_FACE_BAD=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=pragmaticwebsecurity.com header.b=lHO4qIQ7; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=apM8LZEu Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LLn1WrblLmir for ; Tue, 8 Dec 2020 22:47:44 -0800 (PST) Received: from wout4-smtp.messagingengine.com (wout4-smtp.messagingengine.com [64.147.123.20]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BAE563A074E for ; Tue, 8 Dec 2020 22:47:44 -0800 (PST) Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.west.internal (Postfix) with ESMTP id 8DAF8A92; Wed, 9 Dec 2020 01:47:43 -0500 (EST) Received: from mailfrontend2 ([10.202.2.163]) by compute3.internal (MEProxy); Wed, 09 Dec 2020 01:47:43 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= pragmaticwebsecurity.com; h=from:message-id:content-type :mime-version:subject:date:in-reply-to:cc:to:references; s=fm2; bh=0I8B/iFHYnBNlKrbyXVIDn4V3q2m1FxU8O8ebTpeqzw=; b=lHO4qIQ7r+fH fxWYXxSm0+FHGS9IboNDe5RJ8hzXgrzEXwKBUgF+ZNRIl325gg4HKkV1wuiRLFll NKyYOABGRsYpXK6Q5ZdjdDv5Iei3/BzUnVR0ejoapy8ms3CuP5JQ3Re/lD09PlB8 N8Oll0FKuS1ARpOQd0jo6kUXbtp3/rEK54YfRbIHuCp164UdK5u62/nHQG3SuvkS CAB7cv2lpIj/lMykLBxchI8+B9OxxzZ6og+TpSk1CTUgTpTLweuqpaTN2/hqswIB eOsXTDaQvL7rVyrnIm52YQfGe5D8RXcreHdshRTpTYxai29Br3GDq3AzQBJkUQ4F cYxa0iT0jw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=0I8B/i FHYnBNlKrbyXVIDn4V3q2m1FxU8O8ebTpeqzw=; b=apM8LZEuIHJJvBUcV2B9KP mevTuRM8Qm1H8yaoCZDVR1X6t67lee8qY+2exdq7VRhiyX//f3ESLXlO/vTH10cd oJVJ2tPUYnKQZ7g/QXbQ/+FPg2llF5A20WxWncip7/I4pyXfLujsscokSXPOsrE5 qzQlnu4KeK9qKMrauMCuXmsJiWIM+Qgn3mNcad4aezCU+Jvqh3Fu8FFZiwx9zH89 iHR4DNbree3Eq4AmiJQczA8wMXHrKq+ZK/ltpOySfmTcQhAiOfVeRJyP1DIAmIhk Srs3lXW93CMOSSJiTTpdipkbeQzfR5nOKxJx/04k4SjnB9pn/9rnDBwuim8f7Xsw == X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedujedrudejjedgleelucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhephffktgggufffjgfvfhfosegrtdhmrehhtdejnecuhfhrohhmpefrhhhilhhi phhpvgcuffgvucfthigtkhcuoehphhhilhhiphhpvgesphhrrghgmhgrthhitgifvggssh gvtghurhhithihrdgtohhmqeenucggtffrrghtthgvrhhnpeehvdduteeugfethfeigeeu lefhkeeguddtvdffieeulefgleelvdduffffffeljeenucffohhmrghinhepphhrrghgmh grthhitgifvggsshgvtghurhhithihrdgtohhmpdhgihhthhhusgdrtghomhdpihgvthhf rdhorhhgpdgvgigrmhhplhgvrdgtohhmpdgvgigrmhhplhgvrdgtohhmrdgrnhdphhhtth hpshefrgdvfhgvgigrmhhplhgvrdgtohhmnecukfhppeekuddrudeigedruddvledrleeh necuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepphhhih hlihhpphgvsehprhgrghhmrghtihgtfigvsghsvggtuhhrihhthidrtghomh X-ME-Proxy: Received: from [192.168.1.16] (d51a4815f.access.telenet.be [81.164.129.95]) by mail.messagingengine.com (Postfix) with ESMTPA id A72451080064; Wed, 9 Dec 2020 01:47:40 -0500 (EST) From: Philippe De Ryck Message-Id: Content-Type: multipart/alternative; boundary="Apple-Mail=_BCD3D35C-32A0-4AEA-B417-B7CC1D87B53C" Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.4\)) Date: Wed, 9 Dec 2020 07:47:38 +0100 In-Reply-To: Cc: Neil Madden , Torsten Lodderstedt , oauth To: Brian Campbell References: <30D5F7BA-EA54-4E40-A2FC-222AA0C9AF8D@lodderstedt.net> <353E4494-2F80-44BC-9267-6FB8B37AA0FE@lodderstedt.net> <1B663AA7-563D-4D25-A408-9ED10FD818AC@forgerock.com> X-Mailer: Apple Mail (2.3608.120.23.2.4) Archived-At: Subject: Re: [OAUTH-WG] DPoP followup I: freshness and coverage of signature X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Dec 2020 06:47:48 -0000 --Apple-Mail=_BCD3D35C-32A0-4AEA-B417-B7CC1D87B53C Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 Yeah, browser-based apps are pure fun, aren=E2=80=99t they? :) The reason I covered a couple of (pessimistic) XSS scenarios is that the = discussion started with an assumption that the attacker already = successfully exploited an XSS vulnerability. I pointed out how, at that = point, finetuning DPoP proof contents will have little to no effect to = stop an attack. I believe it is important to make this very clear, to = avoid people turning to DPoP as a security mechanism for browser-based = applications. Specifically to your question on including the hash in the proof, I = think these considerations are important: 1. Does the inclusion of the AT hash stop a concrete attack scenario? 2. Is the =E2=80=9Ccost=E2=80=9D (implementation, getting it right, =E2=80= =A6) worth the benefits? Here=E2=80=99s my view on these considerations (specifically for = browser-based apps, not for other types of applications): 1. The proof precomputation attack is already quite complex, and short = access token lifetimes already reduce the window of attack. If the = attacker can steal a future AT, they could also precompute new proofs = then.=20 2. For browser-based apps, it seems that doing this complicates the = implementation, without adding much benefit. Of course, libraries could = handle this, which significantly reduces the cost.=20 Note that these comments are specifically to complicating the spec and = implementation. DPoP=E2=80=99s capabilities of using sender-constrained = access tokens are still useful to counter various other scenarios (e.g., = middleboxes or APIs abusing access tokens). If other applications would = significantly benefit from having the hash in the proof, I=E2=80=99m all = for it. On a final note, I would be happy to help clear up the details on = web-based threats and defenses if necessary. =E2=80=94 Pragmatic Web Security Security for developers https://pragmaticwebsecurity.com/ > On 8 Dec 2020, at 22:47, Brian Campbell = wrote: >=20 > Danial recently added some text to the working copy of the draft with = https://github.com/danielfett/draft-dpop/commit/f4b42058 = that I think = aims to better convey the "nutshell: XSS =3D Game over" sentiment and = maybe dissuade folks from looking to DPoP as a cure-all for browser = based applications. Admittedly a lot of the initial impetus behind = producing the draft in the first place was born out of discussions = around browser based apps. But it's neither specific to browser based = apps nor a panacea for them. I hope the language in the document and how = it's recently been presented is reflective of that reality.=20 >=20 > The more specific discussions/recommendations around in-browser apps = are valuable (if somewhat over my head) but might be more appropriate in = the OAuth 2.0 for Browser-Based Apps = = draft. >=20 > With respect to the contents of the DPoP draft, I am still keen to try = and flush out some consensus around the question posed in the start of = this thread, which is effectively whether or not to include a hash of = the access token in the proof. Acknowledging that "XSS =3D Game over" = does sort of evoke a tendency to not even bother with such incremental = protections (what I've tried to humorously coin as "XSS Nihilism" with = no success). And as such, I do think that leaving it how it is (no AT = hash in the proof) is not unreasonable. But, as Filip previously = articulated, including the AT hash in the proof would prevent = potentially prolonged access to protected resources even when the victim = is offline. And that seems maybe worthwhile to have in the protocol, = given that it's not a huge change to the spec. But it's a trade-off = either way and I'm personally on the fence about it. >=20 > Including an RT hash in the proof seems more niche. Best I can tell, = it would guard against prolonged offline access to protected resources = when access tokens are bearer and the RT was DPoP-bound and also gets = rotated. The trade-off there seems less worth it (I think an RT hash = would be more awkward in the protocol too).=20 >=20 >=20 >=20 >=20 >=20 >=20 >=20 > On Fri, Dec 4, 2020 at 5:40 AM Philippe De Ryck = > wrote: >=20 >> The suggestion to use a web worker to ensure that proofs cannot be = pre-computed is a good one I think. (You could also use a sandboxed = iframe for a separate sub/sibling-domain - dpop.example.com = ). >=20 > An iframe with a different origin would also work (not really = sandboxing, as that implies the use of the sandbox attribute to enforce = behavioral restrictions). The downside of an iframe is the need to host = additional HTML, vs a script file for the worker, but the effect is = indeed the same. >=20 >> For scenario 4, I think this only works if the attacker can = trick/spoof the AS into using their redirect_uri? Otherwise the AC will = go to the legitimate app which will reject it due to mismatched = state/PKCE. Or are you thinking of XSS on the redirect_uri itself? I = think probably a good practice is that the target of a redirect_uri = should be a very minimal and locked down page to avoid this kind of = possibility. (Again, using a separate sub-domain to handle tokens and = DPoP seems like a good idea). >=20 > My original thought was to use a silent flow with Web Messaging. The = scenario would go as follows: >=20 > 1. Setup a Web Messaging listener to receive the incoming code > 2. Create a hidden iframe with the DOM APIs > 3. Create an authorization request such as = =E2=80=9C/authorize?response_type=3Dcode&client_id=3D...&redirect_uri=3Dht= tps%3A%2F%example.com = &state=3D...&code_challenge=3D7-ffnU1EzHtMfxOAdlkp_Wi= xnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256&prompt=3Dnone&response_m= ode=3Dweb_message=E2=80=9D > 4. Load this URL in the iframe, and wait for the result > 5. Retrieve code in the listener, and use PKCE (+ DPoP if needed) to = exchange it for tokens >=20 > This puts the attacker in full control over every aspect of the flow, = so no need to manipulate any of the parameters. >=20 >=20 > After your comment, I also believe an attacker can run the same = scenario without the =E2=80=9Cresponse_mode=3Dweb_message=E2=80=9D. This = would go as follows: >=20 > 1. Create a hidden iframe with the DOM APIs > 2. Setup polling to read the URL (this will be possible for = same-origin pages, not for cross-origin pages) > 3. Create an authorization request such as = =E2=80=9C/authorize?response_type=3Dcode&client_id=3D...&redirect_uri=3Dht= tps%3A%2F%example.com = &state=3D...&code_challenge=3D7-ffnU1EzHtMfxOAdlkp_Wi= xnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256=E2=80=9D > 4. Load this URL in the iframe, and keep polling > 5. Detect the redirect back to the application with the code in the = URL, retrieve code, and use PKCE (+ DPoP if needed) to exchange it for = tokens >=20 > In step 5, the application is likely to also try to exchange the code. = This will fail due to a mismatching PKCE verifier. While noisy, I = don=E2=80=99t think it affects the scenario.=20 >=20 >=20 >> IMO, the online attack scenario (i.e., proxying malicious requests = through the victim=E2=80=99s browser) is quite appealing to an attacker, = despite the apparent inconvenience: >>=20 >> - the victim=E2=80=99s browser may be inside a corporate firewall or = VPN, allowing the attacker to effectively bypass these restrictions >> - the attacker=E2=80=99s traffic is mixed in with the user=E2=80=99s = own requests, making them harder to distinguish or to block >>=20 >> Overall, DPoP can only protect against XSS to the same level as = HttpOnly cookies. This is not nothing, but it means it only prevents = relatively naive attacks. Given the association of public key signatures = with strong authentication, people may have overinflated expectations if = DPoP is pitched as an XSS defence. >=20 > Yes, in the cookie world this is known as =E2=80=9CSession Riding=E2=80=9D= . Having the worker for token isolation would make it possible to = enforce a coarse-grained policy on outgoing requests to prevent total = abuse of the AT. >=20 > My main concern here is the effort of doing DPoP in a browser versus = the limited gains. It may also give a false sense of security.=20 >=20 >=20 >=20 > With all this said, I believe that the AS can lock down its = configuration to reduce these attack vectors. A few initial ideas: >=20 > 1. Disable silent flows for SPAs using RT rotation > 2. Use the sec-fetch headers to detect and reject non-silent = iframe-based flows >=20 > For example, an OAuth 2.0 flow in an iframe in Brave/Chrome carries = these headers: > sec-fetch-dest: iframe > sec-fetch-mode: navigate > sec-fetch-site: cross-site > sec-fetch-user: ?1 >=20 >=20 > Philippe >=20 >=20 > CONFIDENTIALITY NOTICE: This email may contain confidential and = privileged material for the sole use of the intended recipient(s). Any = review, use, distribution or disclosure by others is strictly = prohibited. If you have received this communication in error, please = notify the sender immediately by e-mail and delete the message and any = file attachments from your computer. Thank you. --Apple-Mail=_BCD3D35C-32A0-4AEA-B417-B7CC1D87B53C Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8 Yeah,= browser-based apps are pure fun, aren=E2=80=99t they? :)

    The reason I covered a = couple of (pessimistic) XSS scenarios is that the discussion started = with an assumption that the attacker already successfully exploited an = XSS vulnerability. I pointed out how, at that point, finetuning DPoP = proof contents will have little to no effect to stop an attack. I = believe it is important to make this very clear, to avoid people turning = to DPoP as a security mechanism for browser-based = applications.


    Specifically to your = question on including the hash in the proof, I think these = considerations are important:

    1. Does the inclusion of the AT hash = stop a concrete attack scenario?
    2. Is the = =E2=80=9Ccost=E2=80=9D (implementation, getting it right, =E2=80=A6) = worth the benefits?


    Here=E2=80=99s my view = on these considerations (specifically for = browser-based apps, not for other types of = applications):

    1. The proof precomputation attack is already quite complex, = and short access token lifetimes already reduce the window of attack. If = the attacker can steal a future AT, they could also precompute new = proofs then. 
    2. For browser-based apps, it = seems that doing this complicates the implementation, without adding = much benefit. Of course, libraries could handle this, which = significantly reduces the cost. 


    Note= that these comments are specifically to complicating the spec and = implementation. DPoP=E2=80=99s capabilities of using sender-constrained = access tokens are still useful to counter various other scenarios (e.g., = middleboxes or APIs abusing access tokens). If other applications would = significantly benefit from having the hash in the proof, I=E2=80=99m all = for it.

    On a = final note, I would be happy to help clear up the details on web-based = threats and defenses if necessary.

    =E2=80=94
    Pragmatic Web = Security
    Security for developers
    https://pragmaticwebsecurity.com/


    On 8 Dec 2020, at 22:47, Brian Campbell <bcampbell@pingidentity.com> wrote:

    Danial recently added some text to the = working copy of the draft with https://github.com/danielfett/draft-dpop/commit/f4b42058 = that I think aims to better convey the "nutshell: XSS =3D Game over" = sentiment and maybe dissuade folks from looking to DPoP as a cure-all = for browser based applications. Admittedly a lot of the initial impetus = behind producing the draft in the first place was born out of = discussions around browser based apps. But it's neither specific to = browser based apps nor a panacea for them. I hope the language in the = document and how it's recently been presented is reflective of that = reality.

    The more specific discussions/recommendations around = in-browser apps are valuable (if somewhat over my head) but might be = more appropriate in the OAuth 2.0 for Browser-Based Apps = draft.

    With = respect to the contents of the DPoP draft, I am still keen to try and = flush out some consensus around the question posed in the start of this = thread, which is effectively whether or not to include a hash of the = access token in the proof.  Acknowledging that "XSS =3D Game over" = does sort of evoke a tendency to not even bother with such incremental = protections (what I've tried to humorously coin as "XSS Nihilism" with = no success). And as such, I do think that leaving it how it is (no AT = hash in the proof) is not unreasonable. But, as Filip previously = articulated, including the AT hash in the proof would prevent = potentially prolonged access to protected resources even when the = victim is offline. And that seems maybe worthwhile to have in the = protocol, given that it's not a huge change to the spec. But it's a = trade-off either way and I'm personally on the fence about it.

    Including an RT hash in = the proof seems more niche. Best I can tell, it would guard against = prolonged offline access to protected resources when access tokens are = bearer and the RT was DPoP-bound and also gets rotated. The trade-off = there seems less worth it (I think an RT hash would be more awkward in = the protocol too).







    On Fri, Dec = 4, 2020 at 5:40 AM Philippe De Ryck <philippe@pragmaticwebsecurity.com> wrote:

    The = suggestion to use a web worker to ensure that proofs cannot be = pre-computed is a good one I think. (You could also use a sandboxed = iframe for a separate sub/sibling-domain - dpop.example.com).

    An iframe with a = different origin would also work (not really sandboxing, as that implies = the use of the sandbox attribute to enforce behavioral restrictions). = The downside of an iframe is the need to host additional HTML, vs a = script file for the worker, but the effect is indeed the same.

    For scenario 4, I think this = only works if the attacker can trick/spoof the AS into using their = redirect_uri? Otherwise the AC will go to the legitimate app which will = reject it due to mismatched state/PKCE. Or are you thinking of XSS on = the redirect_uri itself? I think probably a good practice is that the = target of a redirect_uri should be a very minimal and locked down page = to avoid this kind of possibility. (Again, using a separate sub-domain = to handle tokens and DPoP seems like a good = idea).

    My original thought was to use a silent = flow with Web Messaging. The scenario would go as follows:

    1. Setup a Web Messaging = listener to receive the incoming code
    2. Create a = hidden iframe with the DOM APIs
    3. Create an = authorization request such as =E2=80=9C/authorize?response_type=3Dcode&client_id=3D...&redirec= t_uri=3Dhttps%3A%2F%example.com&state=3D...&code_challenge=3D7-ffnU1EzH= tMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256&pro= mpt=3Dnone&response_mode=3Dweb_message=E2=80=9D
    4. Load this URL in the iframe, and wait for the = result
    5. Retrieve code in the listener, and use = PKCE (+ DPoP if needed) to exchange it for tokens
    This puts the attacker in full control = over every aspect of the flow, so no need to manipulate any of the = parameters.


    After your comment, I also believe an = attacker can run the same scenario without the =E2=80=9Cresponse_mode=3Dweb_message=E2=80=9D. This would go as = follows:

    1. Create a hidden iframe with the DOM APIs
    2. Setup polling to read the URL (this will be possible for = same-origin pages, not for cross-origin pages)
    3. = Create an authorization request such as =E2=80=9C/authorize?response_type=3Dcode&client_id=3D...&redirec= t_uri=3Dhttps%3A%2F%example.com&state=3D...&code_challenge=3D7-ffnU1EzH= tMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256=E2=80= =9D
    4. Load this URL in the iframe, and keep = polling
    5. Detect the redirect back to the = application with the code in the URL, retrieve code, and use PKCE (+ = DPoP if needed) to exchange it for tokens

    In step 5, the application is likely to = also try to exchange the code. This will fail due to a mismatching PKCE = verifier. While noisy, I don=E2=80=99t think it affects the = scenario. 


    IMO, the online attack scenario (i.e., = proxying malicious requests through the victim=E2=80=99s browser) is = quite appealing to an attacker, despite the apparent = inconvenience:

     - the victim=E2=80=99s browser may be inside a = corporate firewall or VPN, allowing the attacker to effectively bypass = these restrictions
     - the attacker=E2=80=99s = traffic is mixed in with the user=E2=80=99s own requests, making them = harder to distinguish or to block

    Overall, DPoP can only protect against = XSS to the same level as HttpOnly cookies. This is not nothing, but it = means it only prevents relatively naive attacks. Given the association = of public key signatures with strong authentication, people may have = overinflated expectations if DPoP is pitched as an XSS = defence.

    Yes, in the cookie world this is known = as =E2=80=9CSession Riding=E2=80=9D. Having the worker for token = isolation would make it possible to enforce a coarse-grained policy on = outgoing requests to prevent total abuse of the AT.

    My main concern here is = the effort of doing DPoP in a browser versus the limited gains. It may = also give a false sense of security. 



    With all this said, I believe that the = AS can lock down its configuration to reduce these attack vectors. A few = initial ideas:

    1. Disable silent flows for SPAs using RT rotation
    2. Use the sec-fetch headers to detect and reject non-silent = iframe-based flows

    For example,  an OAuth 2.0 flow in an iframe in = Brave/Chrome carries these headers:
    sec-fetch-dest: iframe
    sec-fetch-mode: = navigate
    sec-fetch-site: cross-site
    sec-fetch-user: ?1


    Philippe


    CONFIDENTIALITY NOTICE: This email may contain confidential = and privileged material for the sole use of the intended recipient(s). = Any review, use, distribution or disclosure by others is strictly = prohibited.  If you have received this communication in error, = please notify the sender immediately by e-mail and delete the message = and any file attachments from your computer. Thank = you.

    = --Apple-Mail=_BCD3D35C-32A0-4AEA-B417-B7CC1D87B53C-- From nobody Tue Dec 8 23:43:52 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CA9D33A0D2B for ; Tue, 8 Dec 2020 23:43:49 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.765 X-Spam-Level: X-Spam-Status: No, score=-0.765 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FONT_INVIS_MSGID=1.32, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, SPF_NONE=0.001, T_KAM_HTML_FONT_INVALID=0.01, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=danielfett.de Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bGxb0GyiCDwL for ; Tue, 8 Dec 2020 23:43:47 -0800 (PST) Received: from d3f.me (redstone.d3f.me [5.9.29.41]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C082F3A0596 for ; Tue, 8 Dec 2020 23:43:46 -0800 (PST) Received: from authenticated-user (PRIMARY_HOSTNAME [PUBLIC_IP]) by d3f.me (Postfix) with ESMTPA id 90C92181BC for ; Wed, 9 Dec 2020 07:43:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=danielfett.de; s=dkim; t=1607499824; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=2cWgCZjb/NS1D8bVNPPeAd/MreWG1848QQ8TkFkCzUk=; b=SbVNSWi9oagkoFKW8eHMarrWO0EnUOB/re56jPIN0yL1UyBJ9mFLFHw+iOn5IKMB+/E/IK NisnMn1fxbYIbvaRcy6wVaAPlX+CZuWtLAOfl+axndIiPK1YUS0SPvGw6sTqeNFX2zCjvx rL5Z1HF0ZoD0ydCufSnxy62TnJ/QD6Y= To: oauth@ietf.org References: From: Daniel Fett Message-ID: <0284ddd7-fb1a-ef5c-75c7-49c7d2656c14@danielfett.de> Date: Wed, 9 Dec 2020 08:43:43 +0100 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/alternative; boundary="------------ACC02561954F4575235F43FB" Content-Language: de-DE ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=danielfett.de; s=dkim; t=1607499824; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=2cWgCZjb/NS1D8bVNPPeAd/MreWG1848QQ8TkFkCzUk=; b=VD7n2BgKgd/xJ1a5byzz53PwlKHqzav8lFUDvPwPidpdGt4eaAtXn+3G693CfmYV3P6L3k Vyn5QrQhwPKCJ46KPx2vtYRn9cZ6ODq7ACkA+fjqjYkMJRW5cGAnvVf3bhZai72N5pErvA x9NQYzpt1OMcxuIro7w1cyYS2wCUJow= ARC-Seal: i=1; s=dkim; d=danielfett.de; t=1607499824; a=rsa-sha256; cv=none; b=nlMquySJN/ZiPhDxTHfi44BwiA/jzXL0L4ktPyL84OKZGCczx042nKqcPCselAI2DmfAv/ xA/gsS+KfvwTccHMvCViH/dER4pi1EITR+oyy+AQrO8Vv4TRDti4DGTdLRZCawP9HwqpZz +FI7LEiLwIBY7rzFpbyIYNPyPe/agFY= ARC-Authentication-Results: i=1; d3f.me; auth=pass smtp.auth=fett@danielfett.de smtp.mailfrom=fett@danielfett.de Authentication-Results: d3f.me; auth=pass smtp.auth=fett@danielfett.de smtp.mailfrom=fett@danielfett.de X-Spamd-Bar: / Archived-At: Subject: Re: [OAUTH-WG] Call for Adoption - AS Issuer Identifier in Authorization Response X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Dec 2020 07:43:50 -0000 This is a multi-part message in MIME format. --------------ACC02561954F4575235F43FB Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Hi Warren, Am 08.12.20 um 20:15 schrieb Warren Parad: > As an implementer on both sides of the issue I'm struggling to > understand how this problem would occur. I'm finding issues with the > proposed problems: > > 1. Honest AS is compromised, assuming this does happen details on why > adding iss to the AS response would prevent attacks is necessary > for me. In other words, how would an AS be compromised in a way > that would be identifiable through the issuer value? (my ignorant > assumption is that a compromised AS is compromised enough that an > attacker would be able to send the correct ISS) > If an AS is compromised, we can't do much for it anyway. We must assume that all credentials from this AS can be stolen or forged and that resource servers relying on this AS have a big problem, too. The Mix-Up Attack is about attacking *other* (uncompromised) AS using the client's trust in the compromised AS. For clarification, in our slides we refer to - an uncompromised AS as H-AS (honest AS) - this is the AS which issues the credentials the attacker wants to read, and - a compromised AS as A-AS - this may have been uncompromised previously or may have been introduced into the ecosystem for the sole purpose of running the mix-up attack. In the mix-up attack, the client assumes that it is talking to A-AS but actually received the authorization response from H-AS. This is why the iss parameter helps: It always comes from H-AS (together with the authorization code) and therefore cannot be modified by the attacker. (If the attacker would be able to intercept/tamper with this communiction, there would be no need to run a mix-up attack in the first place.) > 1. Attacker AS is registered. I fully support the idea that this can > and will happen, however from attempting to test-implement this > proposal, I can't see how the authorization would be sent to the > wrong token endpoint. Since there is no information in the AS auth > code response, the client must already have the knowledge of where > they are going to send the token, no mix-up can be executed. > The assumption in the mix-up attack is that the client stores where to send the authorization code, for example in a session bound to the resource owner's browser. This would always be the token endpoint of the attacker (A-AS) in the mix-up attack, either because the user selected A-AS as the AS or because the attacker had an opportunity to modify the user's choice. > > 1. I would argue, if anything, adding the ISS parameter would open a > new attack surface by providing clients an opportunity to > blatantly trust the ISS parameter as the honest AS and thus > actually sending the code there instead of sending it to one > specified in the metadata document. > As far as I can see, the potential attacks from such a bug on the client's side would not be worse than mix-up, at least. It would undermine session integrity probably, in that an attacker-AS would be able to steer the client to send the code to H-AS. I'll take a closer look at this. > My confusion is the following: > > * Are multi AS services utilizing authorization codes in a way where > there could be a mix up attack for #2. > * Is there a #3 that I'm missing which even in light of #1 & #2 I > brought up that would still make this change valuable? > I'm not sure if I could help to clear up the confusion a bit. I'd recommend that you take a look at Section 3.3.2. of this document [1] which provides a more detailed description of the mix-up attack and why the defense mechanism works. -Daniel [1] https://elib.uni-stuttgart.de/bitstream/11682/10214/1/%27An%20Expressive%20Formal%20Model%20of%20the%20Web%20Infrastructure.pdf > > > Warren Parad > > Founder, CTO > > Secure your user data and complete your authorization architecture. > Implement Authress . > > > On Tue, Dec 8, 2020 at 8:01 PM Dick Hardt > wrote: > > +1 > ᐧ > > On Tue, Dec 8, 2020 at 4:51 AM Rifaat Shekh-Yusef > > wrote: > > All, > > This is a call for adoption for the following AS Issuer > Identifier in Authorization Response as a WG document: > https://datatracker.ietf.org/doc/draft-meyerzuselhausen-oauth-iss-auth-resp/ > > Please, provide your feedback on the mailing list by Dec 22nd. > > Regards, >  Rifaat & Hannes > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth -- https://danielfett.de --------------ACC02561954F4575235F43FB Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 8bit
    Hi Warren,

    Am 08.12.20 um 20:15 schrieb Warren Parad:
    As an implementer on both sides of the issue I'm struggling to understand how this problem would occur. I'm finding issues with the proposed problems:
    1. Honest AS is compromised, assuming this does happen details on why adding iss to the AS response would prevent attacks is necessary for me. In other words, how would an AS be compromised in a way that would be identifiable through the issuer value? (my ignorant assumption is that a compromised AS is compromised enough that an attacker would be able to send the correct ISS)

    If an AS is compromised, we can't do much for it anyway. We must assume that all credentials from this AS can be stolen or forged and that resource servers relying on this AS have a big problem, too. The Mix-Up Attack is about attacking *other* (uncompromised) AS using the client's trust in the compromised AS.

    For clarification, in our slides we refer to

    - an uncompromised AS as H-AS (honest AS) - this is the AS which issues the credentials the attacker wants to read, and
    - a compromised AS as A-AS - this may have been uncompromised previously or may have been introduced into the ecosystem for the sole purpose of running the mix-up attack.

    In the mix-up attack, the client assumes that it is talking to A-AS but actually received the authorization response from H-AS. This is why the iss parameter helps: It always comes from H-AS (together with the authorization code) and therefore cannot be modified by the attacker. (If the attacker would be able to intercept/tamper with this communiction, there would be no need to run a mix-up attack in the first place.)

    1. Attacker AS is registered. I fully support the idea that this can and will happen, however from attempting to test-implement this proposal, I can't see how the authorization would be sent to the wrong token endpoint. Since there is no information in the AS auth code response, the client must already have the knowledge of where they are going to send the token, no mix-up can be executed.
    The assumption in the mix-up attack is that the client stores where to send the authorization code, for example in a session bound to the resource owner's browser. This would always be the token endpoint of the attacker (A-AS) in the mix-up attack, either because the user selected A-AS as the AS or because the attacker had an opportunity to modify the user's choice.
    1. I would argue, if anything, adding the ISS parameter would open a new attack surface by providing clients an opportunity to blatantly trust the ISS parameter as the honest AS and thus actually sending the code there instead of sending it to one specified in the metadata document.
    As far as I can see, the potential attacks from such a bug on the client's side would not be worse than mix-up, at least. It would undermine session integrity probably, in that an attacker-AS would be able to steer the client to send the code to H-AS. I'll take a closer look at this.
    My confusion is the following:
    • Are multi AS services utilizing authorization codes in a way where there could be a mix up attack for #2.
    • Is there a #3 that I'm missing which even in light of #1 & #2 I brought up that would still make this change valuable?

    I'm not sure if I could help to clear up the confusion a bit. I'd recommend that you take a look at Section 3.3.2. of this document [1] which provides a more detailed description of the mix-up attack and why the defense mechanism works.

    -Daniel

    [1] https://elib.uni-stuttgart.de/bitstream/11682/10214/1/%27An%20Expressive%20Formal%20Model%20of%20the%20Web%20Infrastructure.pdf



    Warren Parad

    Founder, CTO
    Secure your user data and complete your authorization architecture. Implement Authress.


    On Tue, Dec 8, 2020 at 8:01 PM Dick Hardt <dick.hardt@gmail.com> wrote:
    +1

    On Tue, Dec 8, 2020 at 4:51 AM Rifaat Shekh-Yusef <rifaat.s.ietf@gmail.com> wrote:
    All,

    This is a call for adoption for the following AS Issuer Identifier in Authorization Response as a WG document:
    https://datatracker.ietf.org/doc/draft-meyerzuselhausen-oauth-iss-auth-resp/

    Please, provide your feedback on the mailing list by Dec 22nd.

    Regards,
     Rifaat & Hannes
    _______________________________________________
    OAuth mailing list
    OAuth@ietf.org
    https://www.ietf.org/mailman/listinfo/oauth
    _______________________________________________
    OAuth mailing list
    OAuth@ietf.org
    https://www.ietf.org/mailman/listinfo/oauth

    _______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth



    -- 
https://danielfett.de
    --------------ACC02561954F4575235F43FB-- From nobody Tue Dec 8 23:55:36 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A3B213A0D4B for ; Tue, 8 Dec 2020 23:55:34 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.088 X-Spam-Level: X-Spam-Status: No, score=-2.088 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=hackmanit.de Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mLyFatVsGivH for ; Tue, 8 Dec 2020 23:55:31 -0800 (PST) Received: from mail-wr1-x433.google.com (mail-wr1-x433.google.com [IPv6:2a00:1450:4864:20::433]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 053FD3A0D50 for ; Tue, 8 Dec 2020 23:55:30 -0800 (PST) Received: by mail-wr1-x433.google.com with SMTP id t4so618886wrr.12 for ; Tue, 08 Dec 2020 23:55:30 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hackmanit.de; s=google; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to; bh=kx+sDfshOiGp5BbdBMy+pDaRGRdPlhleNxeh6Q9kKJk=; b=cq0/a0NOtuxlfCtbeiWmF64eCUoki4ZLyYv0uC/BhaxUqSUsNc3fQN+25GiqOppMCU hwIb7E4ZZpgdjqC+Te4ApbgF2iojbP7+PvZCE4XKPVdJ7H/lr/iUNdqIcUd6yvpZabMI 9ezAlOQL7otQrDImPw9bcL1kaovEFWtptYUuErNqiSL3aDE3gnB21ychrvF2QPuH8rcj qUHBPjXB3moxRHhAErWwjWHhhi4K+JBbYyvT99pxepLzEgSVDXlBk4AmMEvzy1ad3XYL aLqYoT+8ZecUWADUfFHP08F5BQ4jS0f3EoniaBW0dFO3fzsYSbnBXgG0PlEkVMOmJ+Gy b+Gg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to; bh=kx+sDfshOiGp5BbdBMy+pDaRGRdPlhleNxeh6Q9kKJk=; b=PzkUPS7qTTyDpA5i/dLALLgztDJkzbwhRdrlMBsf1i4cQpzgrKQdDZ2wg0D9oRSmep XFUINNa4raKCnT5rJJsJDCUcT3YUfNzR36fSjeODUolFRdRgfI9It3t4JNHUvU6UnD6G vTrCa8v3W+HOg+z23u02ORVz2ZExytqFGMAIlLQGc7EQT/qcsAkhxPnygk66UW/S5YcG 9VBVWxhEkQNBmepDtZrt5DxiYOj5X2dJ+5L0G+ympVR7JLOAufOdOJfJMHYjlEuOAmBD Loe5q92Kqr2dtjTu7krx/2Oo54K85WGT/Tr3I4MPNzPNwoPru/W75qchBpvggOCPm1tS jyug== X-Gm-Message-State: AOAM532txpB6oinbAxT6o53wMQ75QEKLP5vV06R0E4h5IJGTUwOMM1La 8+R/JXKO4eu17MTOVDlaGd9p3bDJ/5glOg== X-Google-Smtp-Source: ABdhPJzcBgriexYTz6LVDoydEqeIY8W7sf6NQtKJpOl9myKizMUAkkb5UjEIRrBfsiOdw15/uDQkVA== X-Received: by 2002:adf:fd84:: with SMTP id d4mr1134591wrr.383.1607500528737; Tue, 08 Dec 2020 23:55:28 -0800 (PST) Received: from [192.168.178.22] (b2b-37-24-87-133.unitymedia.biz. [37.24.87.133]) by smtp.gmail.com with ESMTPSA id c190sm1721270wme.19.2020.12.08.23.55.21 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 08 Dec 2020 23:55:22 -0800 (PST) To: Warren Parad Cc: Rifaat Shekh-Yusef , oauth References: From: Karsten Meyer zu Selhausen Message-ID: <09d3639d-7d7e-9582-d728-cc223d21bcb6@hackmanit.de> Date: Wed, 9 Dec 2020 08:55:20 +0100 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.5.1 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="O66mr07T1mGIT2wqnMvbzxZLniR1vBg5V" Archived-At: Subject: Re: [OAUTH-WG] Call for Adoption - AS Issuer Identifier in Authorization Response X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Dec 2020 07:55:35 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --O66mr07T1mGIT2wqnMvbzxZLniR1vBg5V Content-Type: multipart/mixed; boundary="WKSkSqE9w9IEuMhoEqEmHMvWJEoTAbG4F"; protected-headers="v1" From: Karsten Meyer zu Selhausen To: Warren Parad Cc: Rifaat Shekh-Yusef , oauth Message-ID: <09d3639d-7d7e-9582-d728-cc223d21bcb6@hackmanit.de> Subject: Re: [OAUTH-WG] Call for Adoption - AS Issuer Identifier in Authorization Response References: In-Reply-To: --WKSkSqE9w9IEuMhoEqEmHMvWJEoTAbG4F Content-Type: multipart/alternative; boundary="------------1C55A543F2ED6FE2CB7FC935" Content-Language: en-US This is a multi-part message in MIME format. --------------1C55A543F2ED6FE2CB7FC935 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: quoted-printable Hi Warren, I think there is some misunderstanding on how mix-up attacks work. I=20 will try to clear things up. Have a look at the following mix-up attack example (slide 4=20 =20 from the interim meeting): I marked the important parts: * In step 1 the client stores the attacker's AS (A-AS) as the selected AS. * Step 5: The authorization response is issued by the honest *(=3D not compromised)* AS, not by the attacker's AS. The H-AS will use its own correct issuer identifier as the value for the AS parameter. o In a mix-up attack the attacker cannot directly influence the value of the iss parameter in the authorization response as it is issued by the H-AS. * Step 6: The client sends the token request to the token endpoint of the A-AS, because it stored the A-AS as the selected AS in step 1. This leaks the authorization code to the attacker who can use it in a code injection attack, for example. With an iss parameter present in step 5 the client would be able to=20 recognize that the code was issued by the H-AS, not by the A-AS. The=20 client would be able to abort the authorization grant instead of leaking = the code to the A-AS. I hope this addresses your concerns. Best regards, Karsten On 08.12.2020 20:15, Warren Parad wrote: > As an implementer=C2=A0on both sides of the issue I'm struggling to=20 > understand how this problem would occur. I'm finding issues with the=20 > proposed problems: > > 1. Honest AS is compromised, assuming this does happen details on why > adding iss to the AS response would prevent attacks is necessary > for me. In other words, how would an AS be compromised in a way > that would be identifiable through the issuer value? (my ignorant > assumption is that a compromised AS is compromised enough that an > attacker would be able to send the correct ISS) > 2. Attacker AS is registered. I fully support the idea that this can > and will happen, however from attempting to test-implement this > proposal, I can't see how the authorization would be sent to the > wrong token endpoint. Since there is no information in the AS auth > code response, the client must already have the knowledge of where > they are going to send the token, no mix-up can be executed. I > would argue, if anything, adding the ISS parameter would open a > new attack surface by providing clients an opportunity to > blatantly=C2=A0trust the ISS parameter as the honest AS and thus > actually sending the code there instead of sending it to one > specified in the metadata document. > > My confusion is the following: > > * Are multi AS services utilizing authorization codes in a way where > there could be a mix up attack for #2. > * Is there a #3 that I'm missing which even in light of #1 & #2 I > brought up that would still make this change valuable? > > =09 > > Warren Parad > > Founder, CTO > > Secure your user data and complete your authorization architecture.=20 > Implement Authress . > > > On Tue, Dec 8, 2020 at 8:01 PM Dick Hardt > wrote: > > +1 > =E1=90=A7 > > On Tue, Dec 8, 2020 at 4:51 AM Rifaat Shekh-Yusef > > wrote: > > All, > > This is a call for adoption for the following AS Issuer > Identifier in Authorization Response as a WG document: > https://datatracker.ietf.org/doc/draft-meyerzuselhausen-oauth-i= ss-auth-resp/ > > > Please, provide your feedback on the mailing list by Dec 22nd. > > Regards, > =C2=A0Rifaat & Hannes > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > > --=20 Karsten Meyer zu Selhausen IT Security Consultant Phone: +49 (0)234 / 54456499 Web: https://hackmanit.de | IT Security Consulting, Penetration Testing, = Security Training Nehmen Sie an unserer n=C3=A4chsten Live Online-Schulung zur Sicherheit v= on OAuth und OpenID Connect am 27.01 + 28.01.2021 teil: https://www.hackmanit.de/de/schulungen/127-live-online-schulung-single-si= gn-on-sicherheit-oauth-openid-connect-am-27-01-28-01-2021 Hackmanit GmbH Universit=C3=A4tsstra=C3=9Fe 60 (Exzenterhaus) 44789 Bochum Registergericht: Amtsgericht Bochum, HRB 14896 Gesch=C3=A4ftsf=C3=BChrer: Prof. Dr. J=C3=B6rg Schwenk, Prof. Dr. Juraj S= omorovsky, Dr. Christian Mainka, Dr. Marcus Niemietz --------------1C55A543F2ED6FE2CB7FC935 Content-Type: multipart/related; boundary="------------A76A1918F900FD1F7DE7D23A" --------------A76A1918F900FD1F7DE7D23A Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable

    Hi Warren,

    I think there is some= misunderstanding on how mix-up attacks work. I will try to clear things up.

    Have a look at the following mix-up attack example (slide 4 from the interim meeting):

    3D""

    I marked the importan= t parts:

    • In step 1 the clie= nt stores the attacker's AS (A-AS) as the selected AS.
    • Step 5: The authorization response is issued by the honest (=3D not compromised) AS, not by the attacker's AS. The H-AS will use its own correct issuer identifier as the value for the AS parameter.
      • In a mix-up atta= ck the attacker cannot directly influence the value of the iss parameter in the authorization response as it is issued by the H-AS.
    • Step 6: The client= sends the token request to the token endpoint of the A-AS, because it stored the A-AS as the selected AS in step 1. This leaks the authorization code to the attacker who can use it in a code injection attack, for example.=

    With an iss parameter= present in step 5 the client would be able to recognize that the code was issued by the H-AS, not by the A-AS. The client would be able to abort the authorization grant instead of leaking the code to the A-AS.

    I hope this addresses your concerns.

    Best regards,
    Karsten

    On 08.12.2020 20:15, Warren Parad wrote:
    As an implementer=C2=A0on both sides of the issue = I'm struggling to understand how this problem would occur. I'm finding issues with the proposed problems:
    1. Honest AS is compromised, assuming this does happen details on why adding iss to the AS response would prevent attacks is necessary for me. In other words, how would an AS be compromised in a way that would be identifiable through the issuer value? (my ignorant assumption is that a compromised AS is compromised enough that an attacker would be able to send the correct ISS)
    2. Attacker AS is registered. I fully support the idea that this can and will happen, however from attempting to test-implement this proposal, I can't see how the authorization would be sent to the wrong token endpoint. Since there is no information in the AS auth code response, the client must already have the knowledge of where they are going to send the token, no mix-up can be executed. I would argue, if anything, adding the ISS parameter would open a new attack surface by providing clients an opportunity to blatantly=C2=A0trust the ISS parameter as the honest AS and thus actually sending the code there instead of sending it to one specified in the metadata document.
    My confusion is the following:
    • Are multi AS services utilizing authorization codes in a way where there could be a mix up attack for #2.
    • Is there a #3 that I'm missing which even in light of #1 & #2 I brought up that would still make this change valuable?

    Warren Parad

    Founder, CTO
    Secure your user data and= complete your authorization architecture. Implement=C2=A0= Authress.


    On Tue, Dec 8, 2020 at 8:01= PM Dick Hardt <dick.hardt@gmail.com> wrote:<= br>
    =
    +1
    3D""=E1=90=A7

    On Tue, Dec 8, 2020 at 4:51 AM Rifaat Shekh-Yusef <rifaat.s.ietf@gmail.com> wrote:
    All,

    This is a call for adoption for the following AS Issuer Identifier in Authorization Response as a WG document: https://data= tracker.ietf.org/doc/draft-meyerzuselhausen-oauth-iss-auth-resp/

    Please, provide your feedback on the mailing list by Dec 22nd.

    Regards,
    =C2=A0Rifaat & Hannes
    _______________________________________________
    OAuth mailing list
    OAuth@ietf.org
    https://www.ietf.org/mailman/listinfo/oauth
    _______________________________________________
    OAuth mailing list
    OAuth@ietf.org
    https://www.ietf.org/mailman/listinfo/oauth
    --=20
Karsten Meyer zu Selhausen
IT Security Consultant
Phone:	+49 (0)234 / 54456499
Web:	htt=
ps://hackmanit.de | IT Security Consulting, Penetration Testing, Secu=
rity Training

Nehmen Sie an unserer n=C3=A4chsten Live Online-Schulung zur Sicherheit v=
on OAuth und OpenID Connect am 27.01 + 28.01.2021 teil:
https://www.hackmanit.de/de/schulungen/127-l=
ive-online-schulung-single-sign-on-sicherheit-oauth-openid-connect-am-27-=
01-28-01-2021

Hackmanit GmbH
Universit=C3=A4tsstra=C3=9Fe 60 (Exzenterhaus)
44789 Bochum

Registergericht: Amtsgericht Bochum, HRB 14896
Gesch=C3=A4ftsf=C3=BChrer: Prof. Dr. J=C3=B6rg Schwenk, Prof. Dr. Juraj S=
omorovsky, Dr. Christian Mainka, Dr. Marcus Niemietz
    --------------A76A1918F900FD1F7DE7D23A Content-Type: image/png; name="fmliihgbmokgaako.png" Content-Transfer-Encoding: base64 Content-ID: Content-Disposition: inline; filename="fmliihgbmokgaako.png" iVBORw0KGgoAAAANSUhEUgAAA+gAAAIzCAYAAACTLTO8AAAgAElEQVR4nOzdZ1QUZ+M2cD4k voa/Aord2DWaoqmaZhJN8mh68sS02aWDgmDBir33hrH3LtgVC/ZewYIVARVUOtJh2Tp7vR92 mQV2aYq6+ly/c/Ycj8zO3HPP7O5cc5exARERERERERE9dzbPuwBERERERERExIBORERERERE ZBUY0ImIiIiIiIisAAM6ERERERERkRVgQCciIiIiIiKyAgzoRERERERERFaAAZ2IiIiIiIjI CjCgExEREREREVkBBnQiIiIiIiIiK8CATkRERERERGQFGNCJiIiIiIiIrAADOhEREREREZEV YEAnIiIiIiIisgIM6ERERERERERWgAGdiIiIiIiIyAowoBMRERERERFZAQZ0IiIiIiIiIivA gE5ERERERERkBRjQiYiIiIiIiKwAAzoRERERERGRFWBAJyIiIiIiIrICDOhEREREREREVoAB nYiIiIiIiMgKMKATERERERERWQEGdCIiIiIiIiIrwIBOREREREREZAUY0ImIiIiIiIisAAM6 ERERERERkRVgQCciIiIiIiKyAgzoRERERERERFaAAZ2IiIiIiIjICjCgExEREREREVkBBnQi IiIiIiIiK8CATkRERERERGQFGNCJiIiIiIiIrAADOhEREREREZEVYEAnIiIiIiIisgIM6ERE RERERERWgAGdiIiIiIiIyAowoBMRERERERFZAQZ0IiIiIiIiIivAgE5ERERERERkBRjQiYiI iIiIiKwAAzoRERERERGRFWBAJyIiIiIiIrICDOhEREREREREVoABnYiIiIiIiMgKMKATERER ERERWQEGdCIiIiIiIiIrwIBOREREREREZAUY0ImIiIiIiIisAAM6ERERERERkRVgQCciIiIi IiKyAgzoRERERERERFaAAZ2IiIiIiIjICjCgExEREREREVkBBnQiIiIiIiIiK8CATkRERERE RGQFGNCJiIiIiIiIrAADOhEREREREZEVYEAnIiIiIiIisgIM6ERERERERERWgAGdiIiIiIiI yAowoBMRERERERFZAQZ0IiIiIiIiIivAgE5ERERERERkBV7YgB55aCsChgzBkKKv4aNx/Fbq Y6/z0b0wDC+xzhFT5+Jhtqr4gnot9qwPlJZZvTPsCffm6VDlJGLetDGmch6KgKiv/HpEZQaW zpokrWfe6gNQacWqL/BT8ij2MiaNGiaVf83+COgeox5KEsWK10FllrU6eh3CD22U6m/u8r1Q PsXjr1PnYd2iqdL2ho2dhltJOU+83nthBzFS+myPxMnI5CoobRXQa7FtxXRjuQIQFBrxvEtU xUS8yKc/ERER0bP0wgb0veN74f9sbGBT7FUTfw1bi8fJXnpRg83jXUqszwaObTshPD63xMJq DP6no3GZV/Fb35VVsk9VLS8xAp++1UDal/9OCIb2cQJ6dhy6v9tKWs9n/x2FPPULcsWt12DD RE9UL3JMW3d2Q1Ke+glWKiIn7QGWBW2GQqMre0mtGncjjiH42KXHOi+tgl6L1ePkUv11+mEw slVl7/cTbU5UI2iiK16VjlltDF506InqT6/Nwci/Okv7UKvppwh/kF1lZX4iehW8f3zLWLYa cB4R/LxLVGWUuRnYu2sjbiXnPe+iEBEREb0QXrKAboNm7/+Fh/naSq9Pk5+Cvz9rxYBuwYsc 0JXpMfi5Y8vix7VGE6w4Hv1Y61MXZONI0Dx89nYLNPpSQI7K8rmmF0VkpdzD/BG90LRebcim b2JAr4T4y7vQqrattM33vx+IdOXjbzMr7jw6tm4gfWb/4z4L+RorOYdfwoCu0yhx/cxu/PPN h3Bs0R7H71nJzRAiIiIiK/dSBPRXq9nB3r4mbGxsUKNOC6w5FVfp9SVF7MTrNQwX7zVq1Cwn oGswtd9vaNeuHdq1awef8VuqZqeqGAO6iOuhS9DEvjpsbGxgX8sBttUM+/Cl29THCGgits3z h31Nw/rKCuja/FR4/dZJqjMG9MrRFaSjzw8fSdt0aPoRjkSmPd7K9DqELhmKWtWNN2hsm2LV 0aiqLfCT0Ksx0rOb8fvkbQycved5l+iJ3TkThIZ17AzHjgGdiIiIqMJeioBuV+tjuPxS2H3V Dn8PX1OpsdZ6USt1b3/NoQG6/fSfsgP6C+J/PaDrNbmY6PK11E26p39/tKrvYLiR0+A9nL6X Wck1ilgyxlmqh7ICuiYnAT9+9gYD+mNvU4dT6yagVjVTN/dBiw4+1hwKuoJU9O72gVT+lp/K EZelrPoyk+TGgUWmmysM6EREREQV9lIEdIc6X2LdwmHSOOMWH/6D+7maCq9Lq0zD35+2MISu tt0wb3pfBvQiXtSA/ij6JDo1rwsbGxv8vwbvYPf5S5B91ta4H7bwmLQTukrtBgP6MwvoALLj L6NL24bSdt/+1guJuZWfOyDpWijeeb22NE+F17SdeIHmOHwhMaATERERPZ6XJKB/hcu3TqND fUPXdNu6rbD25L0Kryv12i40sjWEtm4+c7Bv2SAG9CJexICuF7XYt2Aw7IxlbvOZDHFZBVg/ wQM1ja2y9d/+FQ8qFfgY0J9lQNfrCjC/73+l7b5Wtx12hD+o3DpENTZO8EDNwt42r3+Eo4/b VZ4qjAGdiIiI6PG8NAE9OjML/r8Wjlm1w9+j11ewO6yIzeOcjd3bGyJwz00cXM6AXtSTB3QR eVmPcPX8KRw+fBiHT51HfEo6dE/x2Uua3AQ4dSmceKs6/hixGhoRSAjfghb1HIz/Xw+Be25W aj+eTUAXkZuVgQd3b+Po4cOGOjt8GOcu3UJKeia0lWv2L0aRm4XYyGs4Zlzn6bBrSEnLLPuz 8pwCOgDcPrEWzR1rSBOouU/ZWqnWb3X2A/z1WTup7J8LY5FVRtlFrQqPUpIREXZWqvfDR08i Oi4BWXkFj70fOo0SdyMjcPjwYYTfiEa2QlX+m8qhFzXIeJSGyIhwHCks65GjuB51H+lZTzZr ul7UIScjFZcvnJHqICYuCQXqik3AyYBORERE9HhemoB+J0+DEyuHw9b4f2928UZqBWZ9FjUZ +LtTM0OLapvuiMpUlh/Q9RrMH+2Ozp07o3PnLzC0yKROelGLs9vm49uvOhv/3hUTlh2ApswH b4u4cXAVunQ2vueLrhi5aPdjheminm1AF3F517/Gfe4Mv8Bg6AEoc1KwdvYIdP6wPRrUNkwa 9YpdbbR9uz1+/tsHe45ffyrdjaNOrEOTWoZg91qd1lhrnLVdVKbCo9t70r6898twKMsJvPnJ N+HSozs6d+6Mti0bS+/9v7qN8Onnhv39ouvX2H0rHbeOrULnzp3x+acfo34dB2nZxm3eluqm u8dgpOabt9zrVPm4cHgnhvR2wofvdUCbFk2KPR6udr0meKvDu/j+d3ds2H0KucqKhSW9qMWD 2xcxe4w/vuj4Hlo1aSit196xId5u/y56uPTHnhNXYXHevEoEdFGnwbltC9G98Fzu/BU8Bs5G 8mN0TQcATc5DyLq8I237za/cK9XNPfL4ajRzNM4GX7MhZu64aPFGSU5qHNYunoXfu3VG+7ff QgNH07GzqVYTzVq1xXsffo6+I2fiUlRCqUMjNIpk+P/TzXCcf/NAZKoSOUm3Mczzv2jZxPBZ rNO4GT746kcs3HYcGp0I6DWYPvBvqb7GLz5c5j4VZCVjV9AyuP7eHR3av4MmDeuYymrzKho1 a4MO73WCi+8IHAuPMmzDEr0CM/r/I52XW6+lQS+KiI8Ox8RBXvigw9uoX9teqoPmrd/EV9/9 gWVbjiC7wHwIkagrwDi/39G5c2d81KGtVKbX7GrhvU6fStuZuu1MOUeNiIiI6H/XSxTQdci4 dxrvNTLOHNzoHeyJSC53Pek3Q1C/uqF7+3985kKn11UgoJf9mDVlZhw8u78vraNuy07YF/Gw 1DIUPIrC9+82k5Zv2qE7wuKyHqteinqmAV2vw9GlA6Rlvu4/B4qM+whw6Q4H46znll616jSB 78yNyK3CFllRq8A8/9+lbbT5RIa47MJQJ+LAoqGoZVvN8Hf71giNyihzfdkPLuD9NvVK3Qcb GxtUs3PAirBEhG+dWOZyNjY2qP/xT4jPKd6CmpsSjQF/dkf9osGwjFfNWvXws9dkpJTzPHet Mgeb541ChxaNijxXvJRjUa8pvIYvQ0ZBieBfwYCuF7U4t3Ue2tUrHO9dA+99Jcf5qJTH796v 12L3vIHSUIXXHFtj45m7FXurToF5fX6Tyt3s/V9xO01htv6wPSvR+a3WxW6GlP6qjsatO2Lx rnCLIV2V9wDfvW04V+q1+BhnIu9g0J9fSMMqir6+6zkXSq1Y8ces6XWIPr8Hv332Phxq2Fag rK+i7uttMXxeiGE7ZuvLg2+3t6Tl551+gIshS/B+i0ZlrreGQ1387DcFSSXOYVGbD+evzR9V WfLVc8HeF3e4BxEREdFT9lIFdJ0yC/6/GoNztVrwnRNS7oXg5nFOhgt/+/oI3HcbqIKADoi4 d34b3mnsKF3Ud/ptoMWWP702HzN6fieFgxq1mmD6pguPNVt1Sc8zoHfxHY/AgX/DvjAIlxVu 7R3hMXkj1GX2MqjEfiddw1dt6xvXXws+U7cXa6UvSLqEjs3qmuolYF2Z63vaAV2rSEKvbh9V MCAWeVW3h+vkraW25uo0+dgwyQ/17GtWeJ3Va9SB2/gNxY9FBQK6XtThwrZ5aFu3lnE5W3zQ 1RPXHlR2pnxzqbeO4gPpeL2K3wasgKoC54oiLQrd3m1qfF9NOI1eh5Kn7a2DK9G6gWPl6t3G BrVbfIrjUeZj2YsF9GYfYOwwXzhaukFl2xTrTt0xVl7FAnpCxAF0frNZuTdaSr7s6rfFsoMW hnKUCOhD5wQWublSzquGA3pO2VqsdZ4BnYiIiOjJvVQBHXodjhfp5t7hG1+kFpTeMqvXZeLv jwwX8HVadcOdbE0VBXRA1CmxdY4/6toZLs6r1aiLwfNDzboQh2+ahlo1jBfw1e3QY/BiKDRV 05r8PAP662++haaONWFjUx1t3u2C6Ys34eqNSMRER+HM4R3w7dHNtN82NqhZpxlWHr3z5Dut 1+HEmjGwM7ZY1nr9A+y/nlJ8EVGJyW7fSoHYoeVXhmNfioL0uxg50Aeurq7o/KGp6659kzaQ O7vA1dUVbh6eOHEvC7Hhu+Dq6goX2V9o0djU9bjtx13h6uoKV1dX9B4zGxlFugiHzOkjncs2 NrZo074LJgWuwemwK4iJiUFMTAxuXr2I7esX458fOxfrkWDf4lvcy7HUii7iauhitKhjCuev 2NdBlx5eWLdzP25FRiEmJgYXzxzDxKE90bSBqeXevkE7BJ2OLVJh5Qf0W0fX4u2GDtI+vPeV B64/fPJeIACg12Rj9D9fmM6tD/6LuxnljQcXcWHbDNQ23iCyq/8OdpaYYE6XG4uf3m9pujlh Wx8//NkHm3cfxI3b0Ya6j47C+ZOHMGfsALzfrqm0rI1NdQijNpl9nosG9Oq2NVHbwQ6vOTji 955jcDI8AjHRt3F8TxC8BozGw2zjo94qENBF5SMM6NG5yE2c2vjsWzlWBu1CxM3b0nly5fwJ LA8cjy8/alukrK/i87/HIbdkYUsEdEdHQziv6dgEf/Ychj3HziImJgbRt29i/7bV6NH1A2my PRsbG9R5oxsiU/NNZdSpsHjKALi6uuK37p9Jy9nWro8fesik83/l4YiKHnoiIiKi/zkvV0AH kH7nFN5vbBg3ad/oHey9Wno394wbu1CvRnXY2LyKL92nG1qtqyigA4AmLxkDe5iChWPzjjh4 PUn6e87DcHzSuoG0nlYf/IGY9MefiKqk5xnQDS87dPl9MKISM1FyPjitKg8HVoxDk1q20v6/ +50/siwOgq44bUE6+nxveuZ1pz9GIsfCOmMOLUUde+PkY9VqYsTK8xVYe9VPEqcviEf3NqZz oN0nAq49yCy1hVFdkIkFw5xMPRNeqY+gK6nm289Lgtd/TGPt7eu2xPjle0oZO6zBjWPr0bKB KWB37TUTmsJClBPQo46vwzuNClvOq6PDF+64kVCVk4KJiAhZgMbGm102tk2w+kRM2e9Q52Ks 8JVU5ve/G4BHJeakCNswCY6FN4mq1Uaf6TuhKGUSNL2oQ+LtU/jm3RbSOt/q5ovsEvMAFA3o hZ+BPwfOR1aJetdqNKZjXIGAfu/MJrSpayet87fec5CWW9qz3EVkJ0fBrbvpc/B6h+8QmVbi u6VEQDd8R7XHmkNXodKa3yRUZDzA4D+/LHKToC4WHY22WAJOEkdERET0eF66gK5TZsD/58Lw 7ADfwN2lhp1NY50N3UVt7TB6/UXDf1ZhQAeApBuH8XELUwD76JeBSM3XQK/OQN8fP5S6q9as 2xorj1u+2H1czzugt/vCCbdTSp9NWi+qsWqUXKqDGo7NsP5CQuULWETKjX1o7WAIXa/YNcCk YMvBW6dIwH8/Mo37b9ulN3LLrZyqD+jJ4UFwMIZEW/tGmH/gdrn7mBt7Em80MnXLHr/X/D33 L2xBc/vC4QW10GvKJsvjkI30ogYbx7hI62z8RjdEphu74ZcR0KOOr0P7RoXdoqvjnc5uuJVU 9U89UKZH46cPWkifo5/7LYOqjMn9Mu6dw0fNjD0YqtfH2DWni9e/Xo1xHl2lfWr6qQsyypsH Qa/DukleUg8dxw9/RmKJOQBKBvQ6zT/C8ehyuvmXF9D1Wmya3kv6nNRr9w0uPSwv8IoI2z5T avG2b/k+jt8tUY4SAb1a9VoYvvJ0md3PY89tQssG9tJ7ei45ZnE4DgM6ERER0eN56QI69Drs W2QKiu9+42exm7tem46/OxoCmn39johIU0nvr8qArhe1OLR6POoZZxS3qV4fkzedx76Fg6Vg ZlO9BjymbC91LPHjep4B/RW7hpiyKbzcdaszb6Fjw8ILfnv0mrS78gUsLIKoxqohf5taDd/s jhsppfVIELF+tBNsjV3hbe2bYMOFxHK2UPUBXadV437MDZw/dwZLF29AZgUeX6fPj8P3RSby GrTpSokFNNgy0VX6e4N2X+Hiw/JDc078NcxdvBEXwsJxP6nIY/BKCegPL+/Cu687Sp+DDl28 EJX6ZI/3KpVeg9VjnU3DElp1wc0i3auLL6vDoSVDpEDboF1XXLLwqERlXjoiwsNwInQzgg/e qlAxzq+ZjHrG9dq+1R2xOcVbsUsG9Le7+SOzvMcUVKAFXV2Qg1tXL+P0kT1Yu+1UheZrSAjf gZavGMN3k/bYV/L57yUCes16XyAmt+wnA6hTb6JT29el9/wzYhssFYUBnYiIiOjxvHwBHUDC 5d1oa3x2cs2G7yD0mnk39/RrO1Df2MX5wz9HmoJrFQd0ABDV2Zjg1k0KF/WatUGLOnbSNt74 3ANpZYyVf1zPM6A3bfcjojMq8DgsvRaD/+wkve+dvwJMXasrSZl5F/95q6EUdP4ascpieCiU F3cCzWsVHofq+LbnnDKXf3bPQS9l66IIdX4WwkJXoUORybxKBnRRlYX+P5rq9ON/JiD/SSbg sxDQb5wPQcc3Gkr/1/Zzt0o9/uxxJEXsxhvSxIu1MXP3Ncs3PZSZ6C0Nc7DFD/0Xmk0OVzki RFGHR4kxmNW7BxwqHNBt8d8RK8o/7hWdxb2ipRVF5KbHI3jGAOlmQkUCepsf+pb7/aAvSIT8 3TbSe/4evpUBnYiIiKgKvZQBXZuXBKevCp+dbAffubtLdMMUsXGMsfW0mi1GBxWZtOgpBHQA yH54EV3fMrU8Fb5qNHoT+26YzwYtbUoUoSwogEKhKPelLjG53PMM6O1/CUB+BUPRnnGm1t4m 7WVIfayELuLGvrmmSayq10a3P7wwfPjwMl4D0P51U1fxWo074kJiKa2yxm087YAuijpo1Crk 5WTi1rXLOHNkNyaNGo7ens748dvPUcvCjOAlA7oqJx4/fVzYHbwG3KZtqXg1WlIioDdp9S7a NatfrAy1W3TGrUeq8tf1JMVQpaPP9x2lbXZxnmGx237S1T1oaZwc7//qtcaGohPelUGn00JZ oMCjxFhcuhSOrcvnImDIAMj//h0fvtnMrN7LD+i14D9nX0V2rNIBXdTpoFIWIDstAVcuX8LB zcsxfFgAXGR/oEvHN83KWpGA/pXrjPKLqkxiQCciIiJ6il7KgA69Blun+0hdXD/6bggyVKYL eb06DX93NAQY27of4UbRlt6nFNABEeG75qGRo32RC2cHDF18vMx3qdIi8Wn7pmYX3OYvO/SZ crjYe0sG9N/GBz2zgP6tf2CFW4zDN4yU3tew+S+4r6h8c6eoyceAXztWoJ7KeFW3h8/ssgLV 0wvoOq0adyJOYqSPC77s9Falyl0yoCvSo9D1rcKQWBfjV5+udH0WUyKgS69q1WFrW13690/+ S56wpbp8J9eMQ53CmdlbfIlbacVvqOhFDbZMMN3webOrJ5Lyy+62rcpNw9618yD0+AktGtaq cL2XH9BrY/C/B8vfqUoEdE1BNk7vWY9eTj3wdquGFS5rRQL6T77Lyi8qAzoRERHRU/VyBnQA 8ZdC0NY463Htlp/h7D3TBEkpl7eisaPhbx/8Obr4BeZTDOg3D60s8pxoG9jY1MOkLeFlBrcn CeiKlJv4vH1jaZnv+yyD6jECui4rFv951/Q4qq5/TUdByZbLYgG9JpzGbajw+iM2j3vigJ79 4Cza1634875LezX78E8k5JUW6J5OQFfnpWDKYBc0qFmBUFjDHg0aNoS9raklvWRAz0+7hS5t C58b/pQCerUa6PijH8b0/gU1Csfx2zXFooORT7atcihTruMraQx0DQxaeaZYvapzE/D7x8ab SdVrY8C8/WXslw73Lu7Dd53aVuDZ4q+ilmNd1K/rKA1VebYBXURyzAW4/vw57KuXf57YOdRG g/r1pAntGNCJiIiIXgwvbUDX5iUW6eZeB2PXFc5OLGLDeFdjqLDF6OASz+R9SgE9P/kmfu70 hvmFdOP3cDKm9FmenySga7Li8H1H08V0l79nIP8xmtDzEi7jgyLjjX/uvdK8pbRYQK+On4cu rnAL+ulF/U2ht+VveFhQ2YAuYs+MXqYQW7M2WrRqjdatK/Zq3sS0b7YOjTA35Eap26nqgC5q sjHW4zuz41nd1h4NGzdG02Yt0Lr1O+jh1Asjx07G+q378SD2Gn4oY5K4/Ee30bVdYUCvg7Er T1ayPksoGdBt7fCVEIC4DAXUWXfx4/vNpc9C8/d+w+00xZNtr8yyqDDL9ycpJL/70xAoigzt uHNiFWob/1avxac4G5dT6qoSIkLxXqsGJer+VdRyrI/XX2+Clq1ao8P7XeHnPwQzAhfj+Pkb OLpsQiUmiau6gJ7x4Ap++rSdhSBeB40bN0bzlq3Qpm1HePcfhInT5mLPkTDcOB6MVpWYJI4B nYiIiOj5e2kDOvQabJ7mI7UgffrHGGSrdNBrs+D9H0Nwf61eR1xPLzFu9ikEdJ0mF/MG/gU7 Y8tXjVp18XqDOlKr3fs/D0RmKY940imzsXfXFqxdu7ac13qE3Ugq9l698hF8upqehd3+ax+k ltPd15KESzvRtsijlZyn7Ta/KC/Rxb2jy4QKt9avHvC79L4WX3oju5L5XKdKRY/3m0rH44P/ DkZueTNnF/Ho2g7Uk8Z2V8cXwlgoLE6qVvUB/UZIIByqV5PK3qDZO/AdNhkbt+xHTOx9pGWa z4ou5tzB181NNxVKBnR1bgJ++bSwx0NNeEzb+mQT1JUI6G98Jse9DNPs+DFHV6CRQ+FTCmri N/9F5j0sqlDcqXVoapxk8RXH93DB+PnU69RY2OdXYzlt8Y3rNBSUMjmeqMlCv587mlrOqzug 47d/YPb8ZThy+ioePExAgdr8M3lyxTjUecYBXa9TYOHAv0zPH69WE292+hbjp8/D7oPnEXf/ AXILzM/D+2c3oQkDOhEREdEL5eUN6AAehu9E2/r2xovEz3AuNhNZ0UfwRgPDDNgf/TkaGgst wVX9mLUzwbPQVBp7XhO/D1mK8D2LpW721WwdMXjhoSp/zBr0Sizo97O0LzWbf4wL97MquRIR R1aOQm2pW60j5uy9ZmFbxQN6y/f+xv1yHtkEAHqxAN7fvS2F46+9Z1l8rnJZ7p9aLbWa2tRw xMgVlevSLWpy4P6NaWItx0Yf4NCtR5aWrNqAri+A/68fSMvUbvwBdoXHlVve/Ptn0KaxaXI7 81ncszHgl0+kv3/6x5gK3bDQKtMxY9QorAkKxq79J5CcbhzfXcZz0A1/V2OGl6kXQE3HVlgQ ev2JZ60vja4gGU5fFZ4zNTBoxVnoASjTb6NzC8Ozz1+r1QTz95b+6LSUiB1oVtd00+nLf8Yj vUBT9ob1Oqyf3POZd3HPSbiCz9uZbsi07+KByKTSewYYiLi4c7b0HcmATkRERPRieKkDujYv Ac5fFnZzd8SY9Wew99+BxhbLmhgTfMl8xVUc0B/dOYevOzSX1tey05+ITM6FXqfEgn49UN04 frd2k/bYfuH+k1ZLCSKOrR0Hh2qF4boORq04XqkbAVplGgb8anpk12v1PsSZexa65JcI6DXq tsLqE3fKXX929GG0cDSOHbetjZErzldi/wDoNZjq/rW03TrNO+Hcw8o+i1vEieXDi7RQOsB5 bJCF4FG1AV2vTsD3repK59HXXhW5OSHi9LrxqGtX+hh0vajB5klu0t/rte6MM/cyyq2FjOgj aGMcB1/NrjH+DTEG3PICOoC8pAh82bahtC+tP/wd15Of0jPRIWLnrL6wN/Y8eOfHIVDpRFzb MV3qMdP8o3/wMK/0wB2+fiLq1DD2XHilAbZetXRDpjitIhne3Uw9Up5VQL9/fgveqFV4vB0x MehcuTc/RE0eZvv8IJWVAZ2IiIjoxfBSB3TotQgq0uLVuccguHxjuMD+v4adcDXFwljZKgzo mvxUjPf43lTOuu2w/MB1KYSpMqLxw3um8YhzZxEAACAASURBVLtvfe2JhzlV+yzpR9En0Kl5 XWl/Gr7ZFYduJFSodVMvanB26xw0dTRNvvbhL4ORbqE7bcmAbmNTHZ/8MQjx2UrzZY20ygyM Frqa6rrp57icXLnxy+q0CHSo74DCbs1dPWc+1kz1BalX8VFjB6ksTTr8hMhHBSWWquKArohF 14a1pePfxW1aOc9hB5IjT6F7h5ZF6tkGveedMlvu7tlgNKtV2O3cHn8NWYxcC122pT3TFmDx 4D+kddZv9SUuJVawBd1YN2FbZ6Guva3xZos9evgvRL5ZF5WqkXv/LDoU9iKo1QFhiTkY7/yF cX8d4DF5W5nn+KlFI1C78MbVK/URfCmlzO3pNArsDByKBoVd+W1s8OrrX+JWevHz9WkE9LvH 1qH5azbSOsetP13mvomiBmE7F6F1kR4Cr9Rph23h8SW2y4BOREREZG1e7oAOIOroajSrbQgN tR0bwLGm4QL747/GWHyGclUFdL2oxr5Fw1HXzhhYqteC5+Qgs21GHlqGBg6GZarb1obnxM3m 3e6fgKjNQ6Dff6W6srGxQbMPvsWG0AtQlBHYFNkp2LZ8Mt4t8rxrQ7fhq5bDgVlAt0G1mg74 0Xsc7qSad8fNexSHyb5/oXbh+OtqNdBjyMpKh+ujy4ZKvRCq2dXDjJ2lTfBWNlGnwqyepm7a 1ewbYMLGcyWXwsbJvaRWWru3vsODXMs3VHR5KfhH6oZtg279FkBV8riKWXD5zBS2azfugI1H b1oMPBpVHsIPBuHb99uaWvqNL89ph82W1yrSMPD3z6Rl7Go3Rf8pq5CcY37DRKvMwc4lo9Gg 8EZMtZr4sfe/pvJWKKADOnUOJjiZejPY1W2NhftKOV+elKjAGFkX4xhyWwxasAPftjHciKrV uD0O3C67x8CdI8vRoJYpbH/++1DEZ5W8IQMAIrJSYrFwrC9eL/aIRBvY1P0EV1OLP+btaQT0 tNtH8V4T09Mf3uosw+XYRxbrVZGdiu1LJqBtQ8diZX3FoTWCzsSV2O7TC+h3TqyGQ2FPg4Zt sDn8Yfn1QEREREQvf0BXZ8Tgp/eLtzja2NhhbHApjzerooCecP0QPm5tmiG6/beeuJdu3jqs 1ykR6POjqbWp4RtYfvDmY9RI6dKiz+Drd1sUq4NadRrho69/xaRpgdi6KwQhISEICdmF9SsW Y/wIf3z+7luoVXhzwXiDocfgechSljKuvERAt7V1gJ1dTdjY2qFtp64YM30etu3YhZBd27Bg 2lh88cGbqC5NjmaDph1+wq3UyrWe6zVZcO3S1tQ74J0fcS/7cXsgiLh7ai0a2dpIx/X9n/2R rix+Xh2aH4BaUp3Uxu/9JmDnrl0I2b0H97NM4VevysSA70xDA2o3a4+x/65ESEgIQk+cR4FG B0DE5oke0g0GG5tXUa/xG3DrNxprNm4xHJMdW7FgzhT89Z8v8Xq92iXOY8Orh7+lR9qJuHtu K94tMlb9Nbta6Pj1b5gauBg7du5CSMgurFg0Ez2+/QSO9qZj3aDtlzgVnV6koisW0AEgJfIo Pmpu6rbfpuMfuJaYa3HZJ3Vrz3zUM56jb7T9AHbGbXb8c3ipk8MV0mbF4Ns3iz4doSbe+eQn TA5chB0hhs/Dlg2rMHZoH3R6sw3sa1Qzr3vbt3C8xBMYnkZA1ylS4ft9xyLbtkXLt79AwMTZ 2LJjJ0JCQrBr60ZMmzgCX737NmoXGf4gvao1waKSTyd4igE9+UoImr1SuO2a6PizBzZu3YGQ kBBExJXdW4GIiIjof9lLH9D1ogqLBv9ZrNXx/17/GFdKCw1VENCVmffh3d00Q3StRu0RfCqm 1JbE7IeX0Ll1fWl9bTr9gZsp+aUs/Rj0OkSf24HOHUreqKjY6xW72vjZewoSLLYwmrZRNKC/ 3upLDPT+Gw4VeGZzwxafIiQ8ttK7lXRxk9T7wMbGFr8PXv1ErbXqvET884mpjhwatsO2Cw+K LXP32Cq87mjheeu29pi4y/QMcL2owsqAfyzu7/+1/go30wzHV5kWif+83bhCx8HwcsA3f/SF /JePTTd/fh1qcey6qFPh8NrpaFPPscLrt2vUBnN2XCi+vkoEdL2owYFlI+BYeKOjugP+HLDo qXR11yke4pcOrxcrf3W7epi+I6L8N+t1OLZyNOrUtK1w3TjWfxNDRw5Dc+mmhyPmH4oqttqn 85g1ETcPr0KbBg4VLmtN+9fh6T8KH7cvrB979Pl3b/HPx1MM6HnJ1/FFq7oWy/br8HXQPK0Z BImIiIhecC99QAeAyMPL0dTR1J3107/GIl9TyvJPGNBFnRLBU/1gb1vNGG7rwHvaJsvd6QtX J+pwbvM01Kth2Ga16g74a+CSKn5UlYiEmIsIcPsFDe0tBEyLr+po8fanmLp0Jx7lqcpefYmA 3vTNH3Hj/gPM6PMn6hQZt1v8VQMffPk3Dl2Oq3yw1muxsN+vphm17Rpg9dn48t9X1ipFLfYG 9i1Svpr4fcDSYs981+Ylwqf7h1I3d+lVrQZ8ZxTvav7g8m582NRCSHF4B0ejTC3UcRf34qu3 m5V7PBq0eRcj/g1CanYB9s8bJD2e7bX6nXA7y/KEaKJWhbC9q/Hth+Zd44u/XkXr97oh6Ng1 aEomrkoEdADQ5KWg/6+mGwg167XBotCn0NVdr8OaMU6wrVakjtp+h7vZ5czGbqRT52D5eF80 dig7pL9SsxY++UGGvWcjocx5iL86muYW+LX/ymL19bSegy5qC7B35RS0a1jOzZZqtnjz0+5Y tTcMivxMjPr7K+lvHX8egoxis+8/vYAuahRYNlwudXMv+vriz8nIe4qP4SMiIiJ6kb2wAf3q rtXw8vSAh4cHvH2nIlVZ+gWfJvshJgT0g4eHYfkluy+XMVu2iJsnN0nL+gSMR2xmiXG7ei02 LxovLfPvBtMkXQWZDzB1aB/pb4NGL0BSKeOUi9KpcrB0coD0vt4DRuFqfNVPrKRVKxATcQGB k4bjt5+648uP2xe7eK5hVx+fdfkWv//jjsUb9uB+SlbFZn23ENDvZGqgUebg8KbF+LN7V9Sv bRjD27hVB/zw6z9YuvUIMnLLaJUva3PabMwfYTqmPsPnIqsKWmmz4q9iUC9Pab2Dxy5EmqJ4 t/6c5BhMGdwTX3R8W+qe3rhlBwyfu7vYcqJOg6hz++Al/Iq3WhTOcG6HDp2+R+iVxGLLZiff xaqZo/HTd9+gVePCUF8dzd98H9//9AemLNqIqIep0BoPRs7Dy+jbu5ehnJ49cTS6rDHXIrJT H2Djkuno8fP3eLtNE+k41W/6Jrr99Bsmz9uEuLTcUod9nA5ZItXJuDmboSizrkU8jDiMPsbP p4eHB8bNCi5zkrrHlRV7Ht49vYzb8cTM1YcqdSNA1KpwK+wQBrn9ga6dP5Ju+tna1cHHX34D mac/dhwOQ2a+8TtAr8X+jXOl/eo3aSkURW72aZXpmDXCz3hcfLD5cAXmRNBrsWbOMON7vLBs 2wXLZdVpEHfzHCb6e6H715+hjl3hja8aeP/TLvjvn25Ys/MYUrLzjXUg4tqxYKmsvsMmI67o d5leiXUzh0t/D1x3ovyiqrOwdNRQ6T2Ltl4s9btUlfcIG+eOQbcun6COcQiFY/3mEPrMQIal iSaJiIiI6MUN6PTk1Col8nOzkJiYKL2SklORpyiAWlvJMFVKQDcQoVYqkJqSjMTERKRlZEOp rlgrp7USdVrk52YhyVhvaeml75NWo0JWepqxjpOQnZsPjcX6FaFSFiAjLVU6HumZOVCq1FXW +qxRKZGV8Uhaf+qjTBSoqvbJAS8iUauBIj9HOp5JSSnIzS8o5Tg9X6JOC6UiDynJSaZzKk8B dWm9gp4jvaiDUpErlTUlNR0KpQoiG9CJiIiILGJAp6pRZkAnIiIiIiKi8jCgU9VgQCciIiIi InoiDOhUNRjQiYiIiIiInggDOlUNBnQiIiIiIqInwoBOVYMBnYiIiIiI6IkwoFPVYEAnIiIi IiJ6IgzoVEVEJN2+gBUrVmDFihUI2nIA2So+S4mIiIiIiKiiGNCJiIiIiIiIrAADOhERERER EZEVYEAnIiIiIiIisgIM6ERERERERERWgAGdiIiIiIiIyAowoBMRERERERFZAQZ0IiIiIiIi IivAgE5ERERERERkBRjQiYiIiIiIiKwAAzoRERERERGRFWBAJyIiIiIiIrICDOhERERERERE VoABnYiIiIiIiMgKMKATERERERERWQEGdCIiIiIiIiIrwIBOREREREREZAUY0ImIiIiIiIis AAM6ERERERERkRVgQCciIiIiIiKyAgzoRERERERERFaAAZ2IiIiIiIjICjCgExEREREREVkB BnQiIiIiIiIiK8CATkRERERERGQFGNCJiIiIiIiIrAADOhEREREREZEVYEAnIiIiIiIisgIM 6ERERERERERWgAGdiIiIiIiIyAowoBMRERERERFZAQZ0IiIiIiIiIivAgE5ERERERERkBRjQ iYiIiIiIiKwAAzoRERERERGRFWBAJyIiIiIiIrICDOhEREREREREVoABnYiIiIiIiMgKMKA/ R7mp8YiIiCjzdTPyDtIys6HVic+7uC+UvIwkREREIDL6PjQ6vfT/jxLvISIiArHx6dCbvUuE Vqcr9j85aYZjFB2bBNH8DS8UZW46blw1nFcPUnMq/D6dVmuhrgzEMv72dIlIiL2NiIgI3E/K ei4lIOsnalW4e/sGIiJuID1X+bxKgczkOERERODOw7Qq/bzotNoqXFvZRFEHnVj0d0hEYlwU IiIiEJeY+czKUR5FbiZu37iKiIgIXLseiczc3OdwDpj/ltDT8Sw/A0REzwoD+nN0dfcKyAUB QhkvZxcP9Onnj8mzl+FGXMpzCkMvnsgTQRAEAf2Gz0OmuvCiUsSBdTMgCAJmrDyKIrkdyrx0 HN6xAcevJxVZi4jL+1dCEASMnLEZBS/yPRK9Dhd2L4OLzHBeDZ8ThAJN2Tuk0ypxO+wINuw8 BY3ZiSciJfYmli7fhBzNc7gQ1WuwfuZACIKAecEX+Lkgi7R5qZgc4A1B7oNj1xOfTyH0Opze OheCIGD8kn3QVsHJqlXl4eKRndh+7MYzuHEoIiftAbYHBeFmQrbpv/UaBAcOhSAICFx/xipu YMZdO45RA/vB1VkGQRAgd+6JXUcvPNNzQGX8LTl2Lan8hemxaVV5uHxsF7YdvWYV5x4RUVVi QH+OCgO63KkXZgQGItDCa/qU8fB2d4UgCPDsOwIX76U972K/ECoT0PViPpZO6A8nJzfsCntQ ZC0vT0DXFaQhcGQ/yFxd4e7kBLlbf1xNKKMVXa/Dxb0r4enqjFHzdpgF9LSoUxjg4wmZ70Rk qRnQyTq9lAFdr8beldPh6iTHvK0Xnno4UWTEYWqAL+Qe/XExNqNIOawroOtVqRjn5wFBkMGn 71DMCgzE3AVLcT367rM7B0QFlk7wh5OTG3ZceFD+8vR49GrsXzMTrs5yzN189rmfe0REVY0B /TkqDOguHuOQXkr402qUeBh5ASP6ekEQBAybuR75zyMQvWAsB3QgPycDSUlJyMhWSP8n6rIx ydcJgllAB5T52UhKSsKjjNwXOgTGXzsCb1c5+o6eiaXTh0MQZAgMOolSR07oNTi6biYEQbAY 0OMv7YG7s4wBnayaqNMiPS0FSUkpUKg0z6cQVR7QC7B+2hDDuf8MAnpuSiSGeMkhWHlAz39w Hs5yGZxceuPcvQzpO+GZngNiDib7GX5LGNCfIr0SQTMDIAgCAzoRvZQY0J+jigR0AIBeh4hD G+AmFyBzH4ibSRUfP/y/qrSAbklZAf1loBeV2L5gPGSCgFnrjyHy9Da4O8ng4jcBKfnqUt7E gE5UJRjQn4m82NOQy2Vw8RiNlHKG7zw1DOjPBgM6Eb3kGNCfowoHdAAZ986jj6cTBMENR2+l AAAKHt3Hgf37ceH6PeQm38GSWRPg7e2DUZNm41h4VJEu3BrERV7E+mXzMaivH7y9vTFw2Fis 2rAT9x/llbpNvU6D2FthWLt0Hgb2M7xvwNBRWLFuG+4mZ1kMRZr8TJw4sAOBU8fB29sb3t6+ GD81ECGHziJLoS65AVy/cBT79x9EYo4aBdnJ2LtpFYYN7mfY1ojxCNp5CGmlTeyj1+HetXNY OW8afLy94dO7L+Ys2YDI+PRSA/r9yIsIDQ3F5Vvx0ANIiLqC0H07MNBLDkHujBlLghAaegDX 7xrGD6bev4XQ0FCcvRht8cI6MyEaWzaswugAf3h7e6O33wD8u2QNLly/C63ZMRVx99o5hIbu x92UHGgKsnA0ZBPGDh8Ab29v+A0aiTVBO/EwPd9sO2kPb2N/aChCj5xBVkHlWoHyU6Iw3M8T gpMPTtxKgiYrFiP6eEEQnLH17F2z5VU5KTgSuhf/TjCEgL4jpmNPaCiOn7uCAlU+wk4cRdCy WXCRCxA8B2D73n3Yf+AI0gtMQV2rzMGFY6FY8u8s+PfxMZ4LPhg7ZTa27juOjFJuDOhFEcmx N7Bx1RIEDOoLb29v9PUPwKKVQbgRm2y6ECszoBvGx4eGhiJ0/yFEx6eX2IYaMdfOYc3iQPT3 7Q1vb28MGTkR6zfvRWJWgVmZNIpMnDl2EMfPXkZOViq2r5mPvn4+GBgwFltCz0FpfqDN90un xp3r57B68Vz49/U1fAYDxmDl+h2ISzO/4aYXdUh5cBvb1q/C5DEBxvrzRt8BAViwfC0u3Y43 6/2Ql3IXoaGhOHftDkSdGpHhRzFvmvFz6NcfcxautPi+0olIib2G0ND9uHo3CWpFBo7t3ozx wwcaPp8BYxC0+zhylIZJmgoy47F17TIM6d8b3t4+GDlhJkJPRUBloX70OjVirp3HuhVLMGJQ H2n/Bo4Yh9Ubt+Fucnax5QuPweFTYchTaZESdxMblgair/H4jZk8B6Enr0CtK3EmqBUIP3MU ofuPIr7I5+p+5CWEhobiVnwGCtIfYsv6ZRjc18d4jgZi97FwKMxuPIm4fyscoaGhuBSVYPH7 T5ubggOhoTh05DzyC78wygno+RnxCN0WVOQ70xu9ffth9vxlOHLhRrH6y0q6h0OhuzFxcG/D XBJTl2BfaCjOXolG0fnbdOo8XDyxHwtmTYKvtze8vXtj7JQ52HXgDLIr+P2hF7WIunwOOzev Rm83GQSXnli2YTtCQw/iXkq2WUAvyE1F6Jb1GBXQ33CuDhmFdZv3IDFTUeo2FFmJCN0WhCnS Od4XcxauxOkrlr9vLdHkpuDwwQPYtWEhZDIBTq7+2BYaajhvYxJKnAOm3ztVdjKOHT6AM5ci ociMx7qFht+RoaOnYO/Jq9DqDa3vcTfDsHrpPAzqb/jc9vEfivnL1uDCzdhik7cmRF1BaOhO w2+JrPC3ZD+u3S1nLLpeh8iLJxAaeggpeSpcOrIdwwb1QW+/AVi8bjviM0z1p8pPx4nQHZg9 aQx6e3vD29sPU2cvxMHTEVCV+sEWkZl0F9vWLcOwgYbf1hETZ+No2C1otEpcOXEUoaHH8Uhh Oi9ykmIQGhqKY+dvQGfhOOjVuTh74ghCQ48iOcf89zkr5R62r1+FMQGG7wq/fkOwYNkGXIlO KDVMp8dHYdP6lRgxxPC979O7L2bNW4pD566hoMhnMTs5FodCd2PyUF8IgoCAKYsMn4HLUZX4 biMism7/GwFdr8WDyEtYu3Qhhg30Q99BI7B4xXpcufN8J3GpTEDPjAtDX2NAP2IM6KnXQ+Ek l2HE9IWYMNC7yORycsxYdxiiHhA1ChwMWghPN2cLk9DJ4OrVD/vDzUOaTpWHkLVz4ObsZPl9 3v44cjmu2EVqZvwNjBvsB7lMZvYemcwJ/iNn405qrukNeg2WjOsNmdwVB8MuY/RAH8hkJd8n R//RgYjPKn4RoNcpcWjjPLi5mJfPo9cALJ4/vUJj0E9unAOZ2f45YdGOsyhzDLpehytHguHj 4Wpxcj8nVw8Ert6H/KITqOm12LloNATBCZuPnsPssQMhl5nXbS//MbiVVKSeAEQcWguZIEDW axjuPDIP8KUTcfXIejgLAnxHzEFqngbQ67Bv5RTIBAF9J640u7DLvB+GXhb2qd/ouUjPSsLE /t5mf5M79cKNNEPozku9g6nD+sFJbn4eCIIAQSaH/5gFSC0R0kWdBqdDlsPT1dK5KsDF0xdb jlw1XISVGtBFJN0+i4E+HhDkLpi2eBsyigQSUZ2LXStmwd3CeSMIMnj6DsHxaw+LlSs/NRoB fi7wGzwGcyePLnbM/MYtgaKcSfJ0yhxsWzGj9M+Sz0CcLDI2Vq9T48ye1ehVSj0IggAnl17Y dvJWsYvd+PDtEAQBI+YH41DQXLg4yc0nnXT3wfZTkRVscRIRHrIIgiDDzNVbsHBSgNlnWyaT Y9zCnchIuImR/XqafZZkzu5Yvjus2PZEVRaCFkyBq8X6MB4Hn6EIu2e6sZKfEoWhvi7wGjwR p47shJ+Xu/l3jNwZE5fsLtbbw/IYdBEH1hu+BxZu3YtJxgv9kusaPWsN0ouEFui1OLBmCgRB wMz1xy0Gl4L4cDgJAjy9RyOx8AujjIB+9/IB+PfysPAdVPi5csOctQdR+BUWc3YH3CwsNzxw kxROVDmJWDBhqMXPn0zmhP4jZiIqqfgNEEv0ugIEzRploVyuCAm7Vyygj5+1zPD9bfZZl6H3 4EmISTX/zkqMPIvh/XqZfecLggC5sxsmL9yKbFX5vXPyH16Ep5ulc0mOfzefLHUegsx759Db wwmDxs7E9JH+Rcouw/DALdDqNDi3eyXcSzlPnZw9sHT7KWiMFX8yKNDib8nC7WfKqWgN1kzz hyC4Y/WapXApctxcvPxxJd7wW5CZcAtTh/W1/Psqd8bQSUvNvlMBEbGXDsLfx/wckzu5Y/HW XZjWtxcEwQ83Uk03AmLPbYYgCPAdswxKC+e5mPMQw/v3hCD44ELRXhUAYs7vQR9PV4vntLNb TyzZfNTspmbcpf3w83Qr5TPggvH/Bknnwt0LIXC3sNyw2UHFnthCRPQie+kDuqjJw941gXBz Nr9YlTu5InDDEQszVD8blQnoVw9vMMzA7TIQt1IMP9iFAV0mk8HFezBOXo+DsiAPYUf34srd R4Bei7A9K+Eqk8HVsw+C9p5EalYe1Go1HiXdwYZ/JxlaHDz74eIDUyueXtTiwu4VcJYJkLt6 YWlQKBIzcqBWq5AcewP/TgyAXBDg5D0CCbmGCwJNbiImDugFQZChz5CJOHHxJvIKVFDm5+D6 hcMYNcAQ6vqNno+0wosIY0AXZE7o6+cLnwFjcOJiJPKUaijyMnBs+0p4ucghCE5YEhJW7GbA 7ZOb4eokgyC4YsGm/UjLyodapcS9a6cxfogfZMaLmPICeuzVMwgOXou+HnIIMidMmLMMwcGb ceHmA5QV0O9f3AtPVycIghyT/t2A6IQ0qNVq5DxKwP4tK9HTTQ5B5oqFW0+bLuSlgC6DXx8/ ePoMwp7jl5FToIJKmYdLR7ajt7scgiDDhOV7i4Waxw3oojID88b6QxDkWLzLFGTTo07Cy80J grwnLtwv3oJbkBWPncFBmD5qgOEibfB4bAwOxu5DZ6EoyMWxPTuxLHCSoQXdvS/WbAzCps07 kZKvg6hRYGPgCAiCAA/fYTgSdhO5CqWhbjKScWTnani7u0AQ5Fh14HqxY3rv3A64yGSQObli 5tKtiEvJhFqtRnrCHaz6dyKcBQFyrwG4cj+j1ICecf8KBni7QZA5Y9ryEOQVbQXVa3B80zy4 yAS49fLHjkPnkZ5TALVajZT421gx3RBG3HoPw40kU0tbYUAXZDLIXHthw4Ew5BcoEXv1OA6c jS6ze71e1ODUtkVwlglwcu+FlZsPIjkzD2q1Col3r2L22EGQCQKceo9GqtJQ1tToU/BxkUOQ u2Dqwk2ITc6AWq2GWqXAvZsXMWfcYMgFAa79Jxe7IC8M6D19/eDl6oH56/ciIT0barUSDyLD pRYnryFTkZxbytCG4mePMaALcHVzg3vP/th88AKy8wugzMvCoU0L4OIkgyBzQ+/eXug7bArC bj2AWq1GVkoslk83nAc9+49FXJZaWufF0FVwlcsgOHth3a7jSM3Kh1qthqogB1fPHsSwvj0h CAKGztgItbFyCwO6q6cXfDw8MGLaUtyMTYRSpUb2o4fYEDgWMkGA3MUTp+6YHrtXXkB3dXOD 3N0P2w9eMHwOFdk4G7rZ8DmUOWP66gOmQF3FAV2VeQ+jjHOLDBgzHzfiEg3HWa1CyoNobFg4 Gc6C4fs57J4hBD16EIltwRsw2r8XBEHA4HFzEBwcjINnrkEUAVGrwOrJgyEIAvwGT8CpS5HI LVBBrVQg5tpZTBnWz/C9OH4RHuWX3ZKuFzW4dvoQ1q1cAG9XGQRnT8xdshrBwVsRGZ9RLKDL ZDJ49B6KA2euIVephrIgB2GHtqKPp+GzPmP94WLfZ3nJtzDc1wuCIMeY2asRGZcElVoNVV4m zh3chr5eLhDkLpiz8Vi5N5M02QnYvnUz1i2Zafg9c+mD1cHBCA7ejHPXY8sN6DKZDDJ3P+w9 fxsqlRK3zoXi5NVE5CXfQD9XOZzce2H93jPIyDGcp9mp97Fm7gQ4CQJkrn0Qft9wbOKunsGm 4LXoZ/G3pKyKLgzohnocM38T0rLzkZVyD1u3H4JKBFQ5CZgxzA+CIMPg8f/iUmQcFEo11ArD ZyagjxcEQYZhc7cWOy/zkiMxxNsVgiBHwOQFuHEvCSq1CqkPbmPx9NFwdnGBq5O8ygJ6xp3T 6OUsh0zuglkrdiAuOR1qtRp5mck4sGUlero7QebsgY1HTN/9elUqJvXvBUGQY9ba3Uh6lAO1 Wo2CnEcI3bQYrjIBgpM7Np+4BQBIj7+NbcEbMMZ4TTFo7CwEBQfjwOmrbEEnopfGSx3Q9aIG Z7YvhnMprROGO/zOWHvw+nMpX0UCf/Xk/AAAIABJREFUuqjTIvnORYzsZ7hoHT57o9RiVxjQ BZkh7JSUlxKFYb7ukLn74sjVh2Z/h16LvcsmQhAEBMzZLP2wF2TEYXQfDwhO7li3/7LZhahO kYyJA3tB7uSEVftvAhBxapPhArTXwEl4kGXe5S036RZG9jFckC3fc9lw0VUY0AUBLr0CEJNe vHuxXlRix4LxhgvRiSuQaxxXqNdmYc5QHwiCgDmbTpkFpIL0WIz171mhgG6o49LGoFsO6KLy EaYZtz9l5QGzrux6UYfrx4LhJhPg0nMQrjzIkurbENAFCK59cCH2UYk36nB2yzwIggCf/lOQ onzysd3Jt0/B100OZ++huFFk1na9LhuBAYa6n7h8v/kbH3MMen5qJPzdnSF37Ym94XEW1qvF 7uWGc27ior1S3YnaHMwc3BOCzAlz1h81694qqjKxZOJgyOVOmLXuOLQWAnrmw2sY4mtoOZ++ fDcUJcahZt2/gv49XSH37I/zd8yfhiDqlNg8dyQEQY6Jy/ZK54cU0AUB4xbsqFCXdlN9RGO4 rxsEJw9sOnrdLGzoFIkY08cTTk7O2HAsBnpRgwOrZsBJLkf/cUukc76o3Pgr6NvTFYKsL64n m24kFAZ0QeaCxTvOm20rOfIkfN3kEGTeOB2dWoHSmwK64OSJHWejiv1Vr0rBBGPAlHsFIC5b Vezv2QnX4O8ug+DeB2djDOe6Xp2J+WMGQC6XY+a6oxaGgQD3L2yHTBDg3W8q0lSGBQoDuiAI GDplNbKUxZ99rNdmYIKvIYgs2HJO+v/yArog98Tei7FmQyTunN8Fd5kA116DcC0ht3AjVRrQ bx4LhruzE+S9RiA+R2W2Lk1+GqYGeEMQPLDjTEyRnS19DHrceUPdeQ2ahIQc85swquyHmBbg C0FwQdCJyArN3VCRMeiCqx/C4oo/C10vanAiKBCCIKDP0DlINx5LvajCzsWG74AJS0Msfp5S o07Bx0UG154DcTUh1+zvlkhj0L3GF/s9LS+gC4KAwOBTJcKdiOhTGw03T6ashbJEEXWKFEwP 8IPcyQmLdl40HYPHGYNeJKDLvUcitaDE975ei3M7FkMmCBg8ZTkyC8yf+61IuYWBPV0hCG44 EW04DnpRi+MbZhvqf2QgUkrckNGps7Fq+jDjtVAVBHRRgUVj+kKQybFgx3kLOyri5skt8HCS odegKYg3fl9k3T2Dnu5OkPeegAxV8X0TtQXYPG8M5HInjJizRbphxzHoRPSye6kDuiItBsP7 eJQezo0vV7+xSFE8+4mupMesOfth2br1WL++xGvtasycPBburoaLCK8+I3A93tQ6VBjQ5c5e uBhvPs7v5vEgOAkChk1bh/xSQoUiIRxuggAXj8GIzTH8OD68shfOgoBe/uNxP8tyS9udW1cR fS8ealGEqM3H7ABPCDIXrN5/1fLO6nU4uWU+nAQB/ScsNbRsFgnoI+Zvt/i2a0fWQyYI6Dcq UBrjnHXvLHq5O0FwG4zYbPMLW+i1OL994VML6I+iThhayN0Gmt1UKKRVpGH2yD4QBGes3H9Z KldhQO83YanF2fhTbhw0XGD7jcD9bPMLscrQiyrsX23o6j9qdhAUJc6BiNDVcJYJkHkMwcO8 Ett67EniRGSmJuBKeDgyFCXLL0Kr0eDo5n8hEwSMnx+CwvypSLgIF0GAi2d/3Ey1POdAYtxt 3IyKQ75aW6IF/TwyjOFc5uSKwLX7kW8WbEWE7VkGuSBg3PwdUJXSFTLt9lG4CAJ6+o1BvLFO TAHdGRv/P3vv/RxVliZo/xkbX2xs7HYNJaVMVVeb6tme2dmN3Yn95lsz04WUKXHz3pup9CmL hIeCwvsUILwTtii8B+EEEvLeYAXCe49wcpk3n++HmwgJpQoViK6i+jwRJ0BKXZPXnuec97yn 4GzY5friUvkuVEnCO3Imt5+H77FsOlVH89VbXcc40PGSy02naTzfu4KvaQHaH1wgK9mBJKVQ f/uNvLwWdIsjjca7va9L/9NrjMt0I0lJ5NWHabDrvbUuQXdlTeb628+CYCcb5uhRFuMX7eol e+0tt5icmYRkdnO02/Zanz/mbF0VV+71HnsfCPi5f/Y4iiThTpvGvba3BV3lh8JzYfd104LR SJKZWWsPv/nO7xD00XM3hRVEf+tjfOO8SJKVDUdCz7QBFvRgoIPbNy5RWXOmV89fUNPoePmY nMmZSFIS20+e7/ZhX4KusSl7FJJZZc3BPp7DaJTvXY4iSYydvTHMfdKb/gh65sy1XaHe3blZ dwBZkvBkTebWc/1+6nxyhXEZLiRLBnXd3mc99rLzJaumZyFJFtYcrH3nPsKHCLqVo6fv9Vrf lfLtmCWJJNdwTtRfpq29g4D25l1y+XwDF6/cot3f7fn3gYI+bO6mXh8HWh8zb0I6kuLiUO3V PlaisWf5JCRJYtbaY/r3bn3MnNFuJLONzcfPhF3q3pkTuJOUARH0tjt1OFQZxTmWO2+3aITo fH6b6SO9SGYHh+v14/P8WhUeu4pktvNDfh2v2toJdLuWHtxo4nTTVZ63dnv+CEEXCAS/cn7V gn6pYg/Wd8i5JEmYFSuHGvvTozSwvBb0H9s3RbVid7iY4lvB2euPelSCXwu6ah3NrbdfiMFO jqyZpbeej55M7po1rAlXVi3CaZYwW+wUXnwKwQDlOxeFKq9baO/Hi8//4gpDzRJykoviS+Er XAC36o/gVs3IyRO5/by9m6CbWbytIuwy54q2IL8l6BdObiPJLOH6bnGfvZm3T+dj+0iCfuro Rl3ivs3pe/xxsINDK/XK/MSl+/RKeTdBn7pkP+Hqxo+aClAGSNBbH11hwlAHkpTE5vw6Wlpa epT7V6pIt6lIkpk1h06/tf8flsU9qGm0t77kycN7nGmso+zkMTbkrmT2tIldY8y7C/rlYj2p n2v0Ql71p7LVTdCnZa9iVKpDX35UNi3hsvYH29m5UD/2WeNn9nk/rFqajd0soThSqbquy++b EHcPhWd/Qt6KoJ+Tm+chSRITFu560/vTTwKdHTx/3sKNKxeoq61i/7YfWLZoHqOzUkPjO8ML usM7iXvtvY+B9vwWE4Z53kvQsyYsp+XtC7aboC/4oazX0n0J+ms6O9p41vKU5nON1NWWs2Xt GnJ8Mxnq1c9lWEE3ezl57m7Yvd2+ZMJPFvSVB+rD9iIHtU6O5OqNWxNXHdD/5iOMQQc9Surl i+c8uH2Nurpajh/YxeoVS5g4bgSKJPVf0IMvmJluQTIrTJyzOPzzfs0aFsz8DlWSsI2a9c4w d+ifoM9ZEz4U/XbDoV6C/uBCCak2GbMtmYXLV/Wxn6uZOCI1dPz396un/70F3ZzB2Qe9hw21 PrnCxHRH6F0skz58HAtXrONkRT0PHrfQEe7Z/4GC7ttwstfHLx82M9atIFnszMlZ3ud5nT1B Hy6TPC2XIND65BIjrGYURxqVV8PnHAi+vMHYZOeACPrVsh2osoTsymJ1X/WN3BWMTNbD8Zcf qAl9/RaWTRnWNWbdlTIMX84y8k6UcfPeY9o6wlyjQtAFAsGvnF+xoGvUhOTqnUVW2V569a++ h68FXbFmsufoMY4d612q6s9y7+HTsC+gLkG3T+wVIh/UWtnum9C/7y9JSGoSR88+gmAnR19X TFcf7FfFyN9ygWRJwurI4PzDvse2Pr1aqWeit4zk0pNX3QRdZvW+xrDLhBP06v25qJLE0Bm5 dPQh6I9v1JIhfxxBrzm4BlWSGDlnQ9heIwCCASp2L0aSJMbM+kFftpugz16dHzZL8cAJusaZ gs0/PryjW/GOyeFld+P4AEFve/6Qw9vWMX5k+lvbMZNkd2APJdbrLugN+1YgSRKpM9f1b8q0 boKu38MWrBYFs2Jj84kzvdehvWDN5BH9vh/Mdi+ll/XGpi5Bl9OouPSw1670vY/tHFg6DUmS mL4xv99TwWman6tnK1gyeyouu6XHfsmKBafTGUoAFl7QnamzeRLmsvwQQR85ZT0v315nN0Ff tKWy19J9CXqg8xV1RQeZO2lcr0R2qiUJl/NHBF1Op/LtoSEhfrqgK+yuuhb+qwf9lG7L0b/7 nB/0xpUBF3SNx7cvsH7JfDK8jp7Xn1nG4XBitSj9F3TtPmOUfj7vJQl12FTu9yMXwYdMsxZO 0K/XHsYdJjFcX2XMkt0fV9CVkVxuCRcJpXHrfBlTxw7rlYzUYnczdfZiShuae74DPlDQF2+r 6vXx01sNDJX7f7zsE5cRBF7crsMjSVg9mZwOE1Gj7+9TsjM9AyLopw6uCTUo9a/k7H7TKP/i fjOLZozHkdQz6aqsWBk7aQ4HC2p40T38XQi6QCD4lfMrFnS4ULoTS38q4z9zD3p/ksSF452C nv2dLpe+VRQUFlL4Y+VkEbeetulitk4Xs+9WHujXi++1oFscaZy5HybkPMSjiyWk2GUkx1iu tbS+t6DXhgQ5bdqqvgX9eg3pH1nQh89a1+f2CQYo3qZXyr/N3q5HIvwVBT3Q3kLujFFIkhmX J4XMzMzwJSMVxSxhlm0cO9PtHnhPQe9sfczqWXrFSbHaSMvIZPrcHNZu2MThY4Wcv3SDo2FC 3E/nrdYrhNPX9K+y1V3QFSsLNh3l+NaFmCUJe+o4zt19a9yq9oK1U0YiSWamLNr47vuhuIz7 z/Vr+f0F/U0UxbT1R/sp6BqXq/Pw2lQks4zTncyIMeNZtmoNW3btp6yynjtXTjEsxflJCnpQ 66Bg+1KsqhlJVvGmpDNm4gzWrFnLnoPHqG08z7WGY32HuA+ooMvsqrwa/qsH/RRv1sdPj1mw vSsC5l2C/upGZb8F/cmNBsaGcoskOdwMzRzOwuW5bNi8g5PFFVy/fo2cqcN+gqA/YKxFf58t 35L349d3YSFFlQ20vmMGAhh4Qb9Rdxi3LKEmj2Tf4ePv3M+aMEM9wjHwgh5avv0F5+vK2bZx NeNGZeF1O7sy5JstTraeOPVmiMJHEPSW240MVSQURwo/7D3yzuNVUtdEEHh5/zRpZgmLO5NT d/qY6u69Bf16L0E/nbcWRZKwD5vMiXc9XwsLOXu9Zx6QYKCDa02N7Nu5mSkTRpLidetJKCW9 ATZ7/aE3EXNC0AUCwa+cX7WgP7nRwHBX+Gmwuhere2zvMbh/BT6moBPsJH99SLQX7iRMxGt4 ggFq9uu9mSNnbOBVH8u9annCk5bndAY0Aq03GWU1Y7Y6yD/TO/nWay6V7cEuS1iypuuZ3N9T 0K+U78GmmLEOn8PzMOHVoIe426WPI+jnC7diNUvYRsztc/vBQCvbcyYiSRLT1x0NJcX76wn6 wyuVpCfJmK1ejjfe6vPvgh0PmJzmQJLMjMvZ0S3j/PsIusaFoq0okoTVmcG+klO8au89Dv34 5vm9BP1m5Q5dLrN8POtjfHj7y2c8ftJCe2egh6BPXLib9oBGx/PbzBjpQZJkxs/7gRc9prjr YPcSfYzmzNwjYYcX9MX7C3qA0tBwkXG+Lb0STXWt/+ljnjx7TmcgiL/9CdmjQ98hey1X7j7p JfadDy+QlWz/JAW95WYDw9xJSGYri7cc4eGz3uLw4Owx5L+KoJtZndcYPsQ90M6uhZORJDNz Nh0P/fKNoM9YfTT8/XvuGOb+CHqwg52L9MzzKaNnUt98u3cCwbYWFkxM77+gB18yJysJSbaw 5eRFBoqBFvSHzWV6JJVzFE33X/Re6D35WILeHc3fwYM71yk5cZDpYzIwmyXsw2e9mUP8Iwj6 q0eXGZdsQUpK4eTZ8MM7wtH+/Abj3Spmm5fCc+Hfy1rbHSal9h3injxmce/7Hmh/cIHhKfYe gn6jcjeqbEZNncbTn5BIMxxBTePpw7vUVRSweMZ4VLOE6sqi7nooVF8IukAg+JXzqxb0YKCN vPXZqH3NxyxJSGaVZbsr+h1+OpB8VEEHmst3k2SWcA6dyKUH4VvQ2x5cYO26LRSW1fIyJLK3 T+djlyWcaRO4GG65YID9q2YxdNgoVu4qQgu0sTQ0XVr298fDviyDWjv7Vs3ELEmMmfs9rZ3a ewt6273TpDusSEoyldd6j3kPap0U79DDy/sn6M/0sZv9FPRn16pItqtIipvSSz3ngH1N6+Nr TMnSE/S8nh7mryXoQa2T4xtD2XvHzePeyx9fT3EoA7/qzOLs/daufS3clN2noN+uy8P+lqAH NT8HV+gCkzV7Y1gJ1jqfsWKKLtaTFu7umre2/f4pvVfNltZjyr83XypA2Z5VpA8dRs66fbR2 doSZZk3jRsMx3FYZWXWw5fjpHvOjNxzbiMUs4R45i9vhkgsCT26cYsPG7ZRUndKvUT5A0IFr tQexyRLuzClceRxGAoJ+di6eQuaI0azdX07ro3OkmSXMSS6Onwkf1XOtJg+nVUaSkqnrlpn/ UxD05tLd2CQJJW0C15/0Ph5BLUDZTv3edadN5W7rxxR0idGzNobNI9HecpPJmQ7MFhd5NaEw +GCAI+v1vB4T5+8K2+hZu285Uj8EPdjxgBlD9WmiVr813eBrXtw7z0i3iiQlsa17YrxucvJ2 krg9SyciSWbGzttMR9iGLo3z5cfYtusAdeev92taqhf3mxjtVgZM0P3PbzJ1mBdJUtl0/EzY 5TR/K8d2bmb/0QKu3H33nO0w0IKu8eBGE0cP7uVgYV3Y83P3zAk8NhlJ7ba89pyZGZYBFfRA ewvLpw5DkhQWbD4RduYDggHKDu5gd94RzoV6prXOV2yYOwZJUlm4pTDsub575oSecPUtQb9W vk2/B9Nn8yjMBm815uO1yj0EvePROVKTFMyyjfyz4RsE/C8fsnfLFg6dKObuU317Lx7d5OTx I2zZkx92yNirR5f5NtWCJHs4Vh9qbA62s3XeWCHoAoHgV8uvWtAB2p/fZ9Pi6aG5Pt8ee25l xpKtPGv/62dwh48v6K2PruiSKKnMWr2Hp696Jlvxt7Xw/Xx97mdn+mTuhDLZd7y4y9yxKUhm C9nr83qO/QIe32hglNeOJCmsO3oa0Dh9fCOqJGH1DKfo9M0eL8yg5qe55ggZTiuSbGNHSWju 6PcU9KDWxg/zvsUsSYycsZoHz9u7bUvj7sVKRiXb+y3oQa2NBWMdSHISO0uvdNt6eEEP+p+z esZIzJJE1pRl3H/eM+u4v+0ZeRvno0oSzoyJbxo5/kqC3t5ykymZTiRJZemu0nc2PrXebcCr mJHMCot3lHZ999dyNm7e9l4Jzh41FeJMkjF7JvGoI7SfwQCFoYaBlHELeszRDRDobKXi4EYc ofGcY+Z+T3uo8qcFWlk9LQtJkpkwfxNPW3teqy/uX2LGqBQkSWb+Dyfo1MLPg64F2ji83ocs STgzxnPm9huBfXHnLGNS7UiShZxNR3td1+0vHrJyht4zmTY6m4ehae4+RNDbW24yY6QXyWxl 4eZ8Xr0VcfHoag1ZTiuSpLK58ALtz64wMsmMpOpj6XtWPDVa7jbjG58ZeobZKenWQPQpCPr1 2sO4FTNmZxY1YaYZvHWujOHuJF1yU8Z23QMfS9Ali4v95Rd6yEug4xXHt+ozTqSMmsOdF51d y1UdXI0iSbiypnD5Qc/e3xcPLjNlmKt/gh54Ss5oPQna7HXH6HhLTNqeP2TLoqmh86yy7nBd t+PkZ88yffjSgi095eROwyGSZAnF6mbnyTNdDWCv9//xzTNMHOZBksxMWxZ+irO3aX18jQkZ VqSkDCouPeq2H+8n6AQ7ObLehxJqPD517WGPZ1RQ83OhfB9OixmzYmdH0fneKw7DQAp6UPNz crN+zrwjZnHl0VtJ5IIBzhZuw66aScqcwYPQuzWotZMzzoEkW9lRcoV+8Q5BJxig7vA6LGaJ JM8IChuv9ZoS7s75EjKcFiTJzNJdlV2/by7dhVWWsCWPorzpbo/j3NZylxUzx4SSs/UU9MfN J7FIEqothYIzPRNjtj9/wPp5E0LLdZtmLdjOhtl6no/08fO58bjnMQv42yjZl4tVMaMkpVFy Xs+c31y6iyTFjGTLpLrXva1x/3IlQx0KijOT6qtvpizdt1KfgjV7U1HY4SYCgUDwKfOrF3QA f9tzqk/sY+aU7xg+bBjDhg1nwtRsjhTX9Z2F+6/Axxb0oOansWA77iQVSbHy7bR5HC4sp7Gx kcqS4+RMH6tPs6U62Hayew9NgIsVB0i2W5BVG1OzV3KyoprGxnry925mdKY3NPVZTlfFxN/2 lNzZY0OV00xWfb+L6rpG6msq2bFhGWkuG5Ik8928TTx5LV/vKegAj6/XMzpFzwabNX42R4sq aGxs4OjeTQxPdeFKTcVm7q+gd7Bssi5/4+fkUtvQwPmrd+lL0AEeXa5ieGj7Q0dPY19+kX5c i4+zZM5kvRJidbPlWP2bytQHCHpz9WGmTJ7MlLkruPWj4ZgaVyr26JUr51AqLj/6kb99vV/t rJqiJ3Rzj5jNw9YAoNFwdC2SJOFKHUd+WTWNZ851Cebza5W4baGpcQ4V0Vhfy91nndw7ewKH xYxZVhk/exlF5dU0NjZSdvIoS31TuzK4S5JE5vRVXb3UAPcvlDHUlYRZtjB2Wg75Jfo5PXl4 D5PGDkWWJLzDp3Hx3vMeIe7dBR2g9ck1pma59OttwQ9dwxCCWieVB9frDQSqjUmzF3G8pIrG xkbKTx7FN2mEnrTRnsyByuau9X2IoBMMcLZoN16bimKxM33+aoora2hsrOfo7k2MSHdjliQy Jy7laXsArfMV6+fq0mNPHsb3Ow9T19hIQ101e7etZ2xWSreZH3pOD/UpCHr7k6tMGq73HKeM msKBY8U0NjZSX1XKD7mLSXO9mRbT5hlB08NQHoCPJOiqaiHJmcLSDbv141xdysp500hSzShJ yewpbepxbT25VhdqQJAZNdnH8VL9+i48vINvM5NxDx1Nml3uR4h7gIKtOShmCdnqZNHaHdQ0 NNLY2EB+3k6mfzusW4JHhWV7us0rHQyQt26mLkKjZ1NeW0/DuctoGmj+V+xYNg1ZklDtHuat 2EhZVZ3+7N6/jW+Hp+gh+BnjOXWz57zlfdHRcospw51IkoV5uTupb6jjyt2n7y/owKsHl5g5 Jh2zJOFOG8m6HXk0NDTS2FDDjnVLSHZYkcwyY2ev4XGYeb/DMdAh7s9un2G014ZklskcO4Vd hwpoaGyksa6avVvXkuXVRXzl3vKuZ3xQ62R56F3y7ezVoXfJO2Z+eJegAx3P77F8hi7Tdk8G yzbupLqugcbGOg5sW0dWslNvTBg1h7sv3jRu+tuesGnBJGRJwpU2iu93HaG+sZHyoiPM/W4k VosF2WzuJej+tkfMHelGkswkZ41jz9Hi0HPyMHMnjcHpTScrxdlT0IGn1+sZ5rEjmc2kjZjA toMnaGxspK66jA1L5+BMUpHMKnPWHOBV6Nnvf3mP7G8z9HdNygg27jxEfePre2EHE4fr0XmT Fm17My1gMMCRjXoy27RRsyirqafhXHO/IkIEAoHgU+BvQtBfE+hsp+XpU54+bek5d+nPxMcW dADN30ZN/k6Gp7rChvg7vJlsOVzVqwdHC3RwqvgAo9LCLacyamoOF98KPWx9epsNC2d0zdve vVhsbubn7uRu94rQBwg6aNw8W8rkEWlvbctM2ojJ5Bce7neSONCoPpiLpVtm4bGLdqIF+xZ0 0Lh5roypo4d2TQ/TfR+8GWPYfaKWth7joN9f0OuPrscsSZjdY2h+2HtKoK696gprlBgxYy0v +zkWsLl4i75+1cbeCr3n5/H1ekZ6bW/OYdp4rjzSK3Fa2yMWTsx6891llQMN9/XQ1M1LcIS5 BiTZwvDxM9i8YRl2i4wlfUqPXvagFuBK40kmDksJc80pZH47k+qLd7qiL/oS9KAWoKlkNw7V jGxxsuX4qS550DpfUXJgE5lvZc1+XTzpo9hd0NCj5/GDBB3Q/O3UFewONei8PcTGwpgZS7jS rTf28fVTTB2VGnb/bK40cnK/Z864NCTJzKqDb6YJ+xQEnWCApvKDoXncwx//NVu2MtpjwZzk 4USoAeJjCfqU+RtZPufbkKS8uX9dKSPYdbzurR5ovTGvPG8Tac6kXvd8+qgZ1F1qZkqy0q8k ce0tt1g+6+1th7JXW51MzV5G7gK9l3DCwp10nz3wat1hUmxvGruso+d19YZ3vHrMztXzcHb7 vPt9lDV+JhVnb/ZbZoL+VvblzumRoXvRrgqCHyDoAI9unmPh1LFdCdd6fH/FxtSF67jxds/1 jzDQgh7U/FyoOsLoDE/Ya9Vq97Jk0yGetXX/Xho1eWt6vEvGLNzx4yHY/RB0gBePrrN2/rRe GeX1YmHM9IU03eo95OvV0ztsWjSTJEvPKMIkZzpbd+0g1WXrJeigcf1UIaPT3b225U4bzaHy ejbMGtVL0EHjVlMF00ZnhHkvSlhsHhas28PD5z2HGD24Ws+McVmYw2T3l1UbU3M2cOtJz+F2 1xuOktptlgvrKB8v+sgJIxAIBJ8af1OC/kvjatUxsn0+5i/awvP3EPSWa3XMn5fN/IWbf3T5 oBbgyf0blBYcZsWiBfh8Pnw5y8k7Xsz1e72TUHVf7um9GxTnH2TJwvn4fD5WrNlMWc0ZnrWG n57H39HKlfMN7N22Qd9Odg7b9h2h6fKt3o0iQT+HtyzD58smv+pq2PXdPFvCPJ+PVZv28TzM oM+XT+9TfvIQS7J9ZM+bz/b9J7j58BkvHl5m1Twfqzce5EXnG0GvL9iFz+djd/6pHpWmQMdL 6suOszwnG58vm80HSukMwuXafHw+H9/vKgk7j3Xrs0fUVhSxbsVCfD4fCxau5FhxJXcetvQ+ rsEAFYd+0Ld/rDFspe357TPM8/lYvOJ77r98c7yuNBSQ7fORvWQjd5619V4wRMfzu6xbPB+f bz6HK5r6/Lu38b+8w+rX3/2QPq41qPm5dfkUW9Ysx+fzsXDFDz22/eLRTQ7v3ER2to/s7Bxq QhW1gL+dq+fr2fXDGv0a8M0T4I44AAAgAElEQVTnh50HqD3VRMvLNvwv7rBu2SJ82Ys5f+/t JFEaLx7fpaLoGKuW5uDz+Vi8fD0nK+p59Lx7446fwt36+g8WX+j1fQIdLzi8Rf98xYbdPH71 phId1Pw8unuV4vw8liyYh8/nI3vhSo4WlnE7zHlra7nNhhUL8M1byYW7YcbH94OgFuDx3Wuc PLqfxTn6vbRy3VbKa8/xvO3teX41Xjy5R1nhYZYv0vdv0bI1HD1ZxtVbD+kMBDhbeoB5Ph8b 9pzsGrf58GK5frxW7Aqb2ElrfcQPa5bh8+VQe7UfkRVoNFcdwufzsW5rQe8x10E/Ba/PQUnv pGSdrx6zJTcHX/ZSGrptL6gFeHTrMvkHdrBgXrZ+jtZtoaiilruPnqEF2snfua7HNdz29FbX Obh4L/w5KM3bhM+Xzc7jb8LBA60t7NiwFF/2Mk5ffy0SbwR9Tu5xWl+1UFt2jKXzssmel8Pe I8XcuB9+aksALdDJvesXOLx3C/PnZePLXsKhkxU8fNZKwP+crcvns2jpDzxuf/PcOVe6H5/P x9YjNT3CcTtetdBYXcK65fq1nj1vMQeOFXD+ym3aOv08uFLDAp+PZWu387hbA6UW6KD5dCXr lunPnaXr9vKqW2Oc1tnOjctnObJvOwt8Pv1vcjdRVFHP4+f9S4jWnfYXjyk9to9F87Px+eZx qOw8WjBA0b71+Hw+9heeC/seeXytnnk+H0tzt77VwPr6+z/jTF0lO77PJdvnw5edzcbt+6k7 fYnWzp82xKft3nnmZWezYPHWHu/D8NcAvLx3Qb+/5q3j3svw77OgFqDl4W3Ki/JZu2Jx6J22 kB37j3L+yu2wY6YDna9o6PYu+WF/aa8cHj034ufErlx8Ph95pc0/8ofgb39J89k69m37nnmh 85r7/Y4+niPdl3tF85kaNoee5au+3835a3fpfNxMpsceRtD14WItD25RfPwASxdk48tewLb9 x7h29zGa1sHJ3evx+ZZxIUyiv9Znj6irKGJT7jL9mM3T6wFnL93ss3Ok9flj6iqL2bp+Zeg4 z2PD1n3UnW7mVUfva0ELdHDpTBXrly/Sr++1e3j5M0ZECgQCwUAiBF0gEAgEf0P0FHQxflXw t4r29FKfgi4QCASCnw8h6AKBQCD4G0IIukAAQtAFAoHgl4oQdIFAIBD8DSEEXSAAIegCwd8a 1x0jORf1j6IMYGk713uI30AgBF0gEAgEf0MIQRcIQAi6QPC3xtU4F6f+fYQoA1heNZ5794F/ D4SgCwQCgeBvCI0LtQVs2rSJwqrmH8+wLRD8itFaH7F351Y2bdrN3RfhE+UJBIJfD0LQhaAL BAKBQCAQCAQCgeAXgBB0IegCgUAgEAgEAoFAIPgF8LagX/jT/+LejMWi9LPcHDpRCLpAIBAI BAKBQCAQCD6ctwX96pDkn3uXPile1Z0Wgi4QCAQCgUAgEAgEgg9HCPqHIQRdIBAIBAKBQCAQ CAQDghD0D0MIukAgEAgEAoFAIBAIBgQh6B+GEHSBQCAQCAQCgUAgEAwIQtA/DCHoAoFAIBAI BAKBQCAYEISgfxhC0AUCgUAgEAgEAoFAMCAIQf8whKALBAKBQCAQCAQCgWBAEIL+YQhBFwgE AoFAIBAIBALBgCAE/cMQgi4QCAQCgUAgEAgEggFBCPqHIQRdIBAIBAKBQCAQCAQDghD0D0MI ei80NK0TTeskEAigBTQCAY3OTj8BTUPT+MUXfT81gkAgtP+BTj9awE8wCFoQgj/3YRYIfsFo mkanP4A/oOEPaGih++bnvrd//L6HTn+AzkAATdN+7kMoEAgEgl8hwSD4NY1ge5DOoJ9AZwed gQCdmkZnQP/ZH+ikI9hBZ7CdgNZBQNM+2dLW0UlHRztaoI1W7RVt/k78nRrBgKhJ/xjvEnQt 5CqBUJ0lEAjgDwQIhPwlyM9frxrYon9ff8DfrzqaEPRuBIMAGgT9BEIHsNOvcfnqDfILijiS X8DR44WfRDmSX8CxEyc5fbaJtrZOtECAoBYQgi4Q9IOAptHhD3D2/AUOHD7Kzj379bL3wC+2 7D90hKbmy7xqaycgBF0gEAgEHwFd0CHYEaQzqNHR2UFHoJPAqxfcry/n8roN3Fu6ikdLl3N/ 8VLuLF7K7aXLPtlyZekSri1bxO1li7i5ahUPSsvxv2olEAj83KfiF01/etC7i/mV67c4fOwE u/bsf1N+AXWrDym79h5g1x697Nl/kIrqWl6196+OJgS9G8HX1hoMEAgE6PRr7Ms7huJII9Hi xqQ4MSmuX3xJUF0kqKH9Ndv5btJMnj970fX9hKALBH0TBDoDGrv2HUS1u0lQ7cTLDuJlB3Gy gzjzL7MYzUmodjf78o4IQRcIBALBRyEY1CO2gp0BOoJ6g3a7/xUPVm2g0hDL6cgYGj43UBQd ybEvIjgeE0GNIfKTLVVRf0dp9GdURg3i3OfR7P/ya+pnz0Bre/Vzn4pfNOEFXYOg3rDxuhc5 EAhQVlGN2ZZCosWN0ezAaLZjNNuJN9t/9rrVh5R4sxOj2YnR7MCkOEm0upm9YBkvXrW98/gJ Qe9GMBDUe5g1PbS1rUPDmz4ak+LFqHgxqV5MyqdRjF3/ujFKdioqa9FC4TivQ0cEAsEbgpoG 6KFV9x49xpM+DKNix6g4iVc9v/hiVF2YFDvDxozn6fMXoXtciLpAIBAIBg499FgjGGjHHwjS 6dd49fQ2Nf/fv1IRFU21IZqKqChKo6OoMUTRGBlFreHTLaciYimPiqUoOoYzEVE0RhjIjxzE i5rqn/tU/KLpW9D9PSS9rbWD7yZND+8yqvdnr1t9UL1MScakpGBSkjEqHuJkJ0bVTWlFTVdo f18IQQ8RDL4RdAB/QOP23ceo9vSfXbY/pMTLHkyKm30HjvD6OhByLhD0prugN1+9jsWVRrzq JF51Y/wESrziwqg6cSQP5dqtO6FvJQRdIBAIBAOHnpMlQDDwCn9nEH+nxpNrZygxxFBliKXa oAttWVQs9ZGxnI6IpcrwxSdbTkV8SY3hC8qiYqkyRHPaEM2pyAjuH8j7uU/FL5qwgh4MQLBT l3T0MdlPnzzH7kjpu8PxF1C/et9i6i7osgej4sakuNmfd/Sdx08IeohgEIJ+XdCDQfAHgty+ /yQk6J73KO73XG5gi1FJJs7sYseevC4xF4IuEPQmqIXyNKALuupKI051YbR4MKmu9yxOTKr7 A5bvf4lX3cSrLuzJmVy5cVtvmQ2KMXICgUAgGDgCQQhofoKBlwTag3S2azy9UEPVZ7+hNDqW ps9juDIohobIWIqjv6A4OppTkZ/1XQx/R2PkZ3oxhPvs7zhl+Ls+l9c//6zn3xgGdS3ffV09 l9NL12d9bKM05jMqogdRY4igODqaoqhoagyxPDh45Oc+Fb9o+hb0Dgjqeb78fo1HD5+SZE/u 22V+tO7jDtWzPqT+5CShxzoGsM6meDHJyXpDg9mFSXGToLo5EBJ00YPeT4IAwQDBUObG2/cf ojjSMKkeTGqo5UMNybfsxCQ7MSpe4pRUTEoKibKHBNmFUbWTqCQRZ7YTZ00nzuzGpLhCIQ/u bheEPiZBb2nxEK96Mb5ev+LCpHhIUFIwml9fuE79X9mLSXm9vCv0s7drP7sXfX0udu3tKehC 0gWCtwgG9PsfXdCtrqF6eJWSglFO0+9L1REqbgYrHgarXkyymyGyiwTZgUmxI5ltfKOm8k1S KmZJxSinYlJcJCo2TJZkjIoLo6I/qI2KHgZlUl0kKk6GyE4SFCdG1RV6Lrj0ooRkX3GEnjPJ mFRvV+9+gqyvy6h4cHizuHLjjh6CqAlBFwgEAsHAoQUhoHUSCIIWbEfzd/Ck6SKVn/17agzR /S6nIw2cioii2vAlZVEGSqM/pzgmivqIGOoNBk4ZImiMiKU46itqI2OpMRjCrqfC8BXV0f+J usivqI2MoNbwd1Qb/kh51OfURkZTFWWgPmoQdVGx1BliqYiKpDIqgjqDgdpIA7WRUTRERFMX GX4/aw1R1BhiqDbEUmWIpTbSQH1kBPcPih70HyOcoHf3j9eudf/xUxR7cliH6bs4SLDYMUoT iVcTSVCdJKo2hpg9JCo24q12TLILSXZjNCcTZ7WGXc83agYmq4IqKZhUF3+xphI/ZDhms41E Wa+bxSvJGOVUEhR9GKEx5Fbxirvr/yY1vIP1cjJZ77wVPeg/kXcKuuwmweIlzuxEsroxW+wk qE59nHe38ekJFjdykpNEqwejLY3EJA+JqrNXr7pR1ceIJ1qTSbB4Q79PxqSkkqAm6xes4tFb X+TXku7VwyXU161KntDPQtAFgg+iT0F/3QD2ukfchUlJJl52M8SWjGpPRU3yYrV5Ue0ezLKN v6ipGB0ZWNUkjJIXsz0Fs9VOguoiXnaG7luvHvak6s+DBNmjy7ei37s9x5d7iFNcxMkuElUv CWYXCaonFNbuJkERgi4QCASCj89ACbouvTEUxho4+3kEDRExFBn+yLY//xOVhhhKoiIoi4ml 0vBbqgyxVESFF/Sa6N9TZxjEsdjfs+fv/xv5MVE0GiKpiDJQFmWgITKW8sjfUh3zJw7//s/s +/t/5Mgf/p6amD9QF/kF1YYYSqINVEQJQR9IPqagJ1hdxKs2Es2TMdtVjFISJrOFIbJXT+xr dWO2p2JWHJjkZIxJ9j6E2Uu8kkSCNR0pyYNsc5Aop5EgO0iQX7taCgmWFCyOFCyOZMy2ZFRH GlKSN5T8zYXxdb1OCPrHoT896K970Tdu3cPxggIkqw2TYtfDSy3JxKkppA6bwMVL13GlDmPr wXxOlFYgW50kyG4SusZVJGNUUjAqHhIsHhYu38DY72ZjklMwyulM963kzMXLyI5UXdrllJCk JxOvJhOvvK68e4lXk/UGAiHoAsH706egvw6heh2uro8pmjh9PsUVNZw5f5Wa2nOca7pCVW0D M2bM5d/UFA6VNbBx7VqMkpsTZbUcPHqMRIudeMVJvKK/GPToF8+bhjjzm8Y4o+ruEvQ4i5c4 SzIjJ89jWe4PmIZYMclOEizerns8Xgi6QCAQCD4yAyXodZG68BbFfkbT55HUDvo9px2j6LjV zA1PGsejdSGvNnxBjSGW8qioPnrQf0vj55E0pQ9De/yAS2npnIn4j9QZYqkxRFJh+Iqq/1fh 7v4tvKot4F5hHs9qj/M4fxdnPW7ODIqmxBBBeYwQ9IHkYwq60eLEaHEwb+Eedh3chUm2YTRb SJC9mFQb3yhe9h0pYVXuWkxmF3GqLex6hshOTKqXf00aTfO125QUHCNhiAWjGopYVlJRXcPY vPsAp881U9vYRN2pCzSevciWnftIVOwMUULRzELQPx79FXSj7GbMxBncvvcAb/pQEhQbJsVF nJpMvDWdA0eKqK5twJzkxjV0LClZI0lUbHrPmOzWxyGYXV29XmZHGvWnz7Ny1UYSzE5MSgqK K5OhY8aR0DWGQR+/YJSdGBW9N94ou0Phsro4dO3f61B8IegCQf/pS9DV16Ht7lCETCqpwydy 72ELW7fvwp08jPhEG57UESxfvY4ly1bzb2oKJ2pOsXn9GkySE0/WOFIyMhmi2jBZvAwOtcwm mO0kKvZuQ1VSu4awmGQ7RtmOSXXpveeql0XrdnK+uRlpiESC2U7C69AqIegCgUAg+CswUIJe G/kl5yJiKY/5jzRExFLx1T/TXFPMg8ZKWgoOU/Xl7zllMHAmIobyqBhO9xGCXhMZS23s11w6 eoCLBcXc2rOVuggDpdGx1Bs+56Th91zYmsf9zeuo/4f/Sd1nf0/FH/+Z+uFDuTr1O4qiomkc 9DkNhvANAELQ34+PKejxqos4q4ucxXs5cGQPJslKgmrTx3qrDr5RhnLgWAW5a1eSIDneRBy/ VRIVB/HmNEbOWEnD6SYunj1LxtBkjKoNo+ImXh6Kb8lamm9cZ8y33yGZHQxRHUyYPJutuw+g 2LwMUUPTqAlB/3j0R9DjZX3sqOxIp6qxibkLlpBotmGSXRiVFBwZ33Lj7kPmL8ghQbYhuzKx uzNIVB3EyW4SLB4mT89m7vzFuD2pJFg8pAwbz7mmS2zevBVvajomi50hdg/25AxMihPFkY7V lYnFlU72oqUMGzMeo2TDYk9lyoxsJk2brY9lV9yhCrvoQRcIfjJ9CnpoOIniJd7swSh72LTr AEXllahWO4mqpysaxiTbSTAn8RdrKser6tm8biWJZgeqNxOb00OiZCde8RJvSWH0xJksWLgY T0qa3sinupGdWVjdmVgcHuZm5zBr7nwsdg9G2YbFk8W67Qe5dLUZj8uOzZmCSXZ3hd8LQRcI BALBx2agBL0s6kvORMRSFf0ZtZF/pFZO5dXdRspkN50NtVT8y79QERXBmYhoSqNjONWHoDdE RdPkGsvtigK2/+6/0FJykpP/+19ojPiCxshBVMT+mXsnz3LTZqMmchCHY76kNPZ3VBtiOfl5 BCd/+wXFMdFU9DHGXQj6+/FRBd3iZrDVzcLFezh4eBemISpGxUa84iFOtfNvUpYu6OuWkCjZ SFDd4YXZ6kayj+T85WvM8i1m24489uzZQqJqIc7sJE4axvc7D1FcVYxZsSCFcoolqG6MslNf r/I6sZwQ9I/GuwS9ey96vOJm0tyVVNadxeF0Y5I9xJlTmJ6zhuKKKqx2B0MsDtbvzKOwqIwE 1Ysz81uKK6spqajm0JECysqrmTJnMQfzS3jwpIWLF85ztOAESSlpfDtzLlV19Ui2FBat/J6y qhr2HS3kwNETXLh6kz37DnLseDFH8os5deY8G7fsCPXIe0PzIXuFoAsEP4U+Q9xDGThVj54w zuzlVNMlfKFGOKPiIU5JDc136SRBtvONNYVjVfVsWb+SRMnO/hNl7D9wiCGKF1f6OI6cLOdk eTWH809QUVvL9Dk+4sx25ixdz5mLVzh49BgH8o5QXl1PUVkFLk86i1d9T0PzTZ623Kf45HEW LdtAvKRnCtWnWfMKQRcIBALBR2WgBL0i6gsqomI5FfkZRZ//IzdWbuD83O+ojPwd1xeu5tz8 aRRHDaLSYKDWEENFVDR1BgPVhmhqo6KpMURSHR1NVfRvub31MNeyZ3NqUAyX5izmytallBt+ S2W0gULDH7m1IZ97hzZy3vgNBb//miLD31Ef+Tn1hmjKQ1nZ6yJjhKAPIB+3B93NYIub+Yv3 UnjyEEOzRpE28lvSRownZeRYXJnTKCytY+26pSQOsYWywXtDWdRdIbF2843Vy5zFP9Dy5AE2 Zwbjpy3l1q0ruD26Q8XLw5m7ZB2Xbl1h/sLFpGWMJc7s0HMJKS5MipN4xU2c0s/QfCHo70d/ BP1NcTLEPYFzF6+zevVM/qKmYLKNJL+hiRmzfZjMNkyKm5V7jlFedJR4Sya5m/NoqCtBVZKI S/AiO7OQvCMYotioOH2aFcuXMTjRSpziZOysJZytLSTRlkxO7mZabp3BmTGWuCFucrfn8+Th TTIys4hLtDN81HdcunKOZE8m8Uo6cRabPmZdSSbe4hKCLhD0hz4E3SinY1JSGWy1MtiSSoJ5 OHduXWfshAkY1VTizB499F12kyi7Qpk/vRypOsuWdasYItk5WFTNibz9fCOnsu94Ceca61AV O/86xIFrxHecPnsOiyuTmct+4Nbt64waMxaj2YbqHcXVh/eZNm0Gf5FcZOfu5vKFOhLi4vlG GkqcmozJqhKnpoYaCYSgCwQCgeDjMWBj0A0xVERFcSbiP3L4vyfRVlFN8T9GUx85iJJ/NvGq oZZT//zfaIiKpjIygprf/YHar7+m9E//SNUf/0TjoEEUR0VT8HUiz8+f4fT//jMNEV/REJfG /Ys1VP75n6iNiqU4OpaK//4XLm/fx8OzF7hUUcy1RTNp+r//wunYrykNzW9+KkII+kDyUZPE yR7iLU5mrMjj6aM7nG+6SOPFy5w918SZC000nD/Pg4f3WZ+7hoREB4lJ6SR5RmNzZ2BzelDs TuLNdv632UNRw3nyDh4kQbYju7KoajiFb042iZIdo5qCyZ7F4rVbOHf5Os1XrpFfWMKseYtx J2egWmwMll0MVvu3/0LQ35OfIuhxFjdGNYUtO/NpunQRmzONGfNXceHSRezODBJCk9Gv2nOU 8uI8/u8QD42XHjB71hQkyYLRnIxRcfONJQWr3UPlmbPkrl6NSdHHnI6dtTgk6CksWL2Z8qPb 9RYaxcvs5dtoOlOLKUHCJHtISR/J9RsXyRw6Wgi6QPC+9CnoKfrLwJrEYDWFOCmT5qvXmDpz Vmi6RVfPGRpkb3hBP7iXv0heTl+7zbXLzZSV1VJYdZqCmrPcvneftBETmL50E5WVpUiySoLi JNE+lIt3brNgfg5xipec9fu5dKERWZIxKkOJV70kqFbi1BTiQmH2QtAFAoFA8LEYKEE/9Xks FyNjKIz5ghtrdnBj107yv/qaxtg/cOTr/8md0nKaJ42iOiKKo4MiubZiHo8v1tNyrpzHJ3dR ERlL8ed/5N7q7zmdu4jKL6Mp/f1vKfzDf+HSvq2c+dZFScT/w/nI/0RZpIGGyK9o/Pprzv+f eM4PW8bDhrNc37iS2kFfUh6aek0I+sDxMQU9UfZgsrqZtfIQhfl5uJwpWJIzcLjSsHkyUFzp nDhRxvrctSQMcTJmso+ma3dovn6bS9dvMmfeEuLNHlJGTuL63fsMTUvDaveQmORlui+H+tp6 FMlCguzAqCYTr7hJcmeQmjmSSbPmc7KynqbmqzgcDhJVJ3GKCHH/qPw0QfdgkpPwDp1AfdNN Jk6YRF7+cbZ+vzKUcV0PLV+95wjlJQf5v5KT2vM3mTVrDpKsj1k3yQ4Gq8koSU4qzpxl1epc TIqdBMXOuJk5nKstIjEplQWrt1B2eFsosZSXOSu2c6axmoREBaPkISVjJFdvNpM1dDRxchrx QtAFgp9OH4Jukr16pk+LXU8EqWSyZe9hThSXISk2TFKSnlFd9RAv68NdTKqXo9Xnegh6wcE9 xCup1F26ye6dO8gaNhZv1liSR3xL5tBMEpOSmb5iCyXlJUiylQTFSYJtKJfu3Gb+vAUMlj34 cnfRfOEskmQmTvaSoHpJVOzEWTzEqSLEXSAQCAQfl4ES9NLILyiL/oKy2P/Kk3ONPCw4yIMd O2nbvIanWzbx8ngZ9woPUP3FH6iK+B2V//UfuP7f/w/V/+t/UPvP/5mKqM+p/vO/4L97lYf5 h3m+ZSfPNm/hybbtPC4o4lFFAWV/+jOVkYM4FjWIIkMspyK/oCryM0oio6gcPoFnNxo499m/ ozoilvrIr4SgDyAfW9ATLC5mrcjjaN5eJCmJwRYHQxQ3JiWZODmZw0fKWJe7DuMQO2ZnGikj viVt+DjSh43D4hxKvJxCQWk9Fy82U3C8gKPHCzl8ooijReU8fPiIVctWIJmTMJrtXc6WoDr5 RnJgsnq4euMO48aOIVG29UjOLQT9I/BTBD1e9TJEsTLY7GLBqgNUllfQcKqOrBQnRiUdk5JM ouomd89hyooPYrSnseqH3ZSUVIfC3+1IFgdm5zDMFgfFjafZuGkLRrMN2epg/Iz5nKstYogt nZzVWyg7soNvzHoPnW/1Ds401GBKtGCSk0nJGMG1W7qgmywZxFmShKALBD+VvgRd8ZAo62O9 4xQv8ZY0hn03i5bWDhYvXUWiOQmTbCNeSiJj1HdMmp5DgjW5qwddMts5UFhJwcE9DJY87C+q 5tKlS6gWN0bZgVG2M3xoJoPNNmas3kZxeSmKxYFJdmBKSufS7VvMn7eAOMXLrOXbuHHjBqZE s55rQnYzRNazmcapIkmcQCAQCD4uAyXo1dFfUhwZS42SxatD+8j77Z/Y89v/Qf6XX1Nq+AMn vvqfXDt5hJtpqdRFfElxjIHGSAM1hkgaIz+nLuJLzjhG09ZYytE//Z7S6K+oio2mKDqCgn/8 Z1rOldKUnEqlIZYmt4Py3/09pZ9HUmMYxIlBsTTNWczDcyWc+s2/ozrqC2ojY4WgDyAfVdDN bkyKk9krDnH4wF6GDLHxF9VNgtmLUUllsJzCoSNlrMldh1GyE2916T4UGn+eoHqxpYzl2as2 Ro8YhWpzo9rcKEkuhiQlsz/vGE1NF7AmOZk0bS4jxk3BaHZgNNsZLDtxpI3i1t0HZKanI1mc oel4haB/NH7SGHTFi0m2E6/acGVM4dbDJ+Tl7UORbAxW0zEqXhIUJ7l7jlBWfITBSSm4s8ZR U3uR0qpGDuQXUFXbyLAJc0hUbExbvIFzTRfIyy8kNT2TCdN9nK8tYYgtg4W52yk7vJPBcjJG s4vZK7Zw7lQDRpMFkzmF1KEjuHLjApkZo4hXRYi7QPBe9JkkzqsniVNSMKrJxKkujEmpzMlZ SXFFDSWVtezNO0pJRQ21jWeZM28ZJouXI9Xn2LJ+NUMkO3lF1RQc2IVRScYxYgIFhUXUNpxl 35ETlFY3sG3TJhKTPExbvZWiilLMqoMExYkpKZ2Lt2+xYH4ORjWZBNdoyipqqKprYOGqtSTI ToaYPcRZ7cSpbiHoAoFAIPioDJSgn42I5HTMf+ZRTTU1GTbKP4+hwvA7ag1fUB8Zw+GoaOon zeTJsc2c++JLqg1fUB71FY0Rf6A08o+URP2ZR0XllHiSKY+KoD4ykjpDpJ74zfAFdfOWcG/z bo59+U80zJ7N/eKTXNq1nTur1/JgTwnNx45SZlM5/flXVEUNoiZqkBD0AeRjCvoQs4sExcHc lYc4krcfSXLwjTUFk+wlXvHwF7ObQ8dKWbNmLUbJzmCLPhW2UfFikj3Em90sWrOZmvpTKLI+ b7pJdTJETsKkeEgdPoHmG3cYMW4Sk2fMo7SqkbKqRg4eLeBwQQl1Z5vJXfc9iqyQaHETF0rM LQT9I/FG0APvFPREsxejkky8aiXRmsbknKUMGzGcBDmDwZYUjKqHBMVJxsQFzJ06hX+T3Rit XhTLUOYuXEXOitWkZ9t27agAACAASURBVI4kwZKKSbbzb0oKw8eMZ9maTbi9aXiHjmXhzKmY 1BTSRk/H990YjJZUjLIbz6gp+Ob6SBhixySnYHGkMC8nG7s9hXgllXiLPSToXoyhKQCEoAsE 70IDtJCgXyPJlaFPraZ4iVdTiFfS9B51y5vxRoojhamzF7B89Xpm+RZgs7sYIjuIVzx8O3cZ 40aPxiTZGDM1m5mTJmBSk/mLxUuC2cLUGfNZmruJydOzsSoWjKoT2+iZTJ4xl0TZQYLiwpSU hm9xLllZI4lXvQxOGoqa5CVn2Uomz87GZHYwxJxMvNWuNxwobhzeTK7cuC0EXSAQCAQDTkDT 8Ac66QhCINBOoLODRxeaqPjsP4RkNiokttFUh0pY8Y0eRNUf/onzw7+j/PdfUBJt4ELEIEoN ETRGRnAuchD1//lfaUpJpuK3kZRGf0GVIYqKqFiqDDHUff0VzcM8HI+MoT4qljrD5xREx1Br +D3VEbHk//6PXHa7qIyOpcAQS82f/weXUlK4MH4cV9wKDbGfczoiivKYKCqjImnsa571twXd EEWDEPR38jEF3SQ5GaK68I5cyaSJE0mQnHxjScGkeIhXncRZXHw3dS4jR4/FJLuIt3qIU1Mx KikkWPSEuhPnLmLYmAkkyi7+Yh2KyeolUdbnUo+zpPHtzBySh32LSXGh2FKZMmMBK3I3sXjl OlIy9dB2SUkiTnZhtKb+BEH3sj/v2DuPnxD0bgSDGgT9EAwJ+r0fy+L+1kFX3YSbB0+f5uzt 37u7lbf+Xun2++7LKa63evDdP/5z1/b1aQV27T0kBF0g+BGCQb1oGly6eg2bK50E2RtK+vZj 9787lCSu5z1t7LrX+75HjW8t12uZruV6P0N6jXlS9DFSTm8G127cRtNAb3QQCAQCgWBgCAY6 8AfaeR4Ef7ufQLvGvUunKf/Nb6gzRFJtMFBjiKIuMoYqQywVUbHUhoT97VJjiKYqJMG1hmjq un1WZ4gOiXFU1+c9l42i+q3f17z1/7c/rzZEUdX1+6ge2+urVHfNjx5LeVQslYYo6iMjeHBA CPqPEU7QQa9n6f+GBP3RUyyOnyjo3R2nzznIw3tWOG8zhv08zO+66mzdt/GO+mHX3yRjlJMx yqnsz8t/5/ETgt6N8D3o/WsV+aUWMQ+6QNA/egt6Ggmypx+C/gspQtAFAoFA8LEJdhLQOgho EPC30+H38+RCI9W/+Q0VUQZKo6Moi46m2hBDXWTf84t/KqUhMor6yGiqDDGURkVTERVBjWEQ 9w4e/LnPxC+anyToP7UH/ZMpbwu6F5OSInrQfyrhxqCrvwpBd74R9NAYWyHoAkFPul4awKWr V7G5UvXpEoWgCwQCgUAAgBb00xnsJNgehGAbHcFOnp1rpOY3n1Efqfd6l0fFUBYVS11kLKc+ cUFvjNR786uioqk1GGiIjKAhcpAIcX8H/RX0B4/fvwf9l1+6C7pXhLi/L5oW6kXTAmhagOet bSS500OVX/0AJ1i8v/jSfX+NqpsE1cnxwiICAT8E/QRDki4QCN7Q/aVx684dXMnpJIYypRs/ gZKghvJeDBvLoydPQ99KCLpAIBAIBo5g0E9HsJNgWxB/sI32oJ/WW7cp/Yf/xqnILzgfEUtj RCylMbFURcdSb4jpGov+aZYYKqNiqI6O5uznUTQaYjkeGcXTktKf+1T8onmXoGvBAAENXrS2 kzF8HAkWL4nWZIzKz1+fGtCiuDEqLuJlJwkWNybVxbETJ9G0H6+fCUHvxhtB11t1OjWNhSvW dgmvUXZ9GkVxd5V4xYU9OZNbd++haQEIdhIM+vXx9gKBoAv9paERDAZo7WjHl7NEn//yU3lZ mJ0YzXaW525A62qBE/e5QCAQCAaOoOanQ9N70APBDjoDAfyt7Zye8h3Hor+gPiKWUxFfUBwV Q3lUNLWRUVR+wqXCEEVZVBSVhihORcRwJPor8k2J+B8++LlPxS+a/vagt3UE2LbrIEbZzf/P 3nu/WVVn+f5/w33uzHfu/c7M7Z470zN37Kud7KRtxixBEcmhoMhJMgZoMEsb29CGVlExtLYY UHLOqShiEQoKKqeTzw6f/Lo/7H2qQLGD4kDLfj3PetCqU2enT3qvtT5r9+xX/q0V6L0GltNr YDmjJ82guS2FtfZPivREoJ9E6T5ZYzDGoB3kAsk7Hy5l7JR7GXPn3Yz+G7GRE2YydvI9PPm7 12hozxBKhXOJQE9I+HJsx6vWjDV4QvLy6+8ycvwMysdO+4Zs6hn7rlHjZzD/rQ/IeQHGnnRN CQkJCQkJZwhnNEIrnHYYpzHaEWiLSh3nwENz2Hbltez95VXs+NWVVF56BQd+cTm7L/36tueS y6js+P/L2HNJ53+fie//Mtt7yeVUXno5lZdeQeWlXdj36/vQbSdwVpztR3FO85cKdGUsvtS8 vXAJYyffw/Bx39R66yQb8/m115lbi51q0zu+f/j4qcx6cB51be2YPyPOIRHofxHW2kiwa33G LVAaX2mk0igl0VqhtEZ+ze9VSqG1/rMNICEh4fQYY7DWIoQgCIKvbb7v4fs+2YJHthiQ93x8 3yMI/DPy/WEY/lmPbEJCQkJCwjeBsxZnLDIQiKKPKAax+cii97VN5bOkg4DALyL8Vky6SJjP EWbbEMUCwisSeh7CCxCFAFk4M8eVhej7RDFA+iFWm2Se/Qv4MoF+OkprFyklvn9m1kSnrL9i i9ZbPkXPIx+E8TrM/0aOeTorrSv/EhKB/hdQajjfhFXuO8DO3fviiJeNBjjAuq933NJ5JyQk fHVO7ktf15y1kfPMGD5bvgqhdFQXgjM7piQkJCQkJJwNSttEnTnVbFzb6WuZlnjWYpUCm8cJ hX/oIKktm3Ba4qzGWRMdU1usOQPHtAanbaeZeK51SbHlP8dfI9ChMyjyzVi8jdlGbVFpQ2s6 R8Xuvd/wcb+6PksE+l/IN7X4fe3Nd3jl9bfQ8QAGNqmynpBwDnAmxbm1pQWKxReKLtffTK7g xwuI//qBPyEhISEh4UziXOf69eQ1rLVg3JkwQ+gsVmms81BGc+SN+WycPhOrBNYqrDPReTii 18CdgePaUn2qWJQbZ9E2Ss9O+HK+SgT9v8aiV2nvO3iYhx59rCPb+L9apP85EoF+lpm/4F1e ef2taECLH1oi0BMSvo1E/TvUhmtvvAUvCOOfJZN8QkJCQsLfPicLdOsiMxaccV/brLVIB9Zo nBWEDupff4m9k+7EGYW1CuMsJhbSzp2Z457u+pII+p/nr42gf5N0PisbFwKHqsPVPDzv8W8s APt1SQT6WSYR6AkJ5wuJQE9ISEhI+HbSIYjdSYXAiMXsGTBrLdpZtFMYJREWahe8wIE7J+C0 whrVEcXvOJ8zYF+4xtP8POGLJAL965EI9LPM/Dff5tXXF3yhol/S9xMSvm1E/VsoTZfrb8IL grjPn3sTQ0JCQkJCwl/D6QQ6nBpN/1pmDcZZlNVoqZDWUPPmy+ycOAmrFE5HNV1KnJFjfj7F PRHofzHnkkCPsB1mLFQdOszD8x47ZQ/6uUQi0M8yixcv5qOPPkIpdc41joSEhDOHtRalFGEY UlZWhud5f1VFz4SEhISEhPOXKH3dGIcyjsCGtCxewp6XX0/eWnQOcm4J9Pg1unFRXmMMx4+f YP5r81FKRZ84x9pPItDPMlJKhBBIKc+5xpGQkHDmKAl0KeUpr0M0xpztU0tISEhISDincYB2 IBxoa7FS4hmfopUdoivh3OHcFugWrTRK6b+6eNt/FYlAP8uc/H71c61xJCQknDlKCwgpZUe/ TxYU5xdh1RHSb3yQWGKJJZbYX2ntb3xAav4HtL3+AS1vvE/q1fdpf+UDCnurMMYkGWnnGOe2 QDcYHQn1JMU9EeinpaOhJANLQsK3GmtthygvRc6Tfn9+0frUK1+YcBNLLLHEEvvq1vLI8+ds FPR85lwV6ABaG4yxWPvNvUb765II9LNMaZGeLNQTEr7dlCYBKWVHzYmkz59fJAI9scQSS+zM Wssjz5/toT3hNJyrAr0ULNHaoJQ+i+f0p0kE+llmy9ZtbNi46QtV3BMSEr5dlJxwUikenTeP IAwTkX6ekQj0xBJLLLEza0fufrgj0JUUVz93OLcEOh0CPWorlsamZpYsXd7Rds41EoF+lpm/ 4B1+//qC5D3oCQnfeuLXrGlNlxuS96CfjyQCPbHEEkvszNqBibOxWqOt7nglmrXJOvpscy4J 9C++B91y4HA1D8977JwtMJgI9LPM/AXv8srrbyUCPSHhW0/Uv0NtuPbGRKCfj3xeoB/4t4tx xiSWWGKJJfbnTCt8oznwfy75nECfhUsE+jnHuS3QoepwNQ/Pe/yczWRMBPpZ5rU33+GVN97G 2ESgJyR8m3HxJPD5CLo7ByeGhG+G0wn0hISEhIQ/j3MG5expBbpVCm1NItDPIc5VgW6tQZtS BP3xc7YGWCLQzzKvv/UHfv/6W/Ee9CjFIhHoCQnfRiKB7gvFNdfdRN7z40nh3JsYEr4ZEoGe kJCQ8NUwziJPI9D3T7gXpzTGRanLiUA/NzhnBbrRGGvZf+gIj/zmiXMyvR0SgX7W2bB5G+s2 b8dYEoGekPAtxtrIS+uFkkceexIvDNFanZOe24RvhkSgJyQkJHw17JdE0I/NfBindBJBP8f4 vECv6T4UWdd0VkzEJusakXWNhCcaqNmxm4UvzSc80UB4ouGsnduXWW7J2kSgn020A2ksynRW EUwEekLCt49SIZJQGVTc5xOBfn6RCPSEhISEr4azBn0agd7y0HNxkTiTRNDPIT4v0BP7+pYI 9P9CHGBd50DiXKclJCR8eyg53py1OBMvIlyyiDifSAR6QkJCwlfF4jm+INCbHn0eU1o7Gxf9 SzK3nm0SgZ4I9L9pEoGekHB+0CHQT+rjiUA/v0gEekJCQsJXw1lLYL8YQW9+5PkvzK2JQD/7 JAI9Eeh/0wipEFJh4ixXZy3OmqSyc0LCtwznLNZZrAVjon+ts8ki4jwiEegJCQkJXw1nHNKa L6a4P/x8Etw6B0kEeiLQ/6b58ONFLPzok3jBbsEZcCr6NyEh4VuDtQZlNEIbnn7uZXwh48KQ iTPufCER6AkJCQlfDWcc1hqqPifQj971CE4anDk332d9vuLvPkB+5cZzwgorN1BYuY7Cyg3R z1ZspPqtD/nw7vvJLl9PbsWGs36Of4mZgveNPKtEoJ+GNxe8w/w33sKYqIAUTscCXZ+R7/9L B6tkUEtI+KaxKKPxpOaq67qRLYYYazre3pDw7ScR6AkJCQlfjSiG9UWBvm/CLFyoYwGfrGUT ToftCH5aa7HGcbDqMPPmPY7WZ0Zv/S2TCPTTMP/1t3j1tTfR2pwk0GXUkP4q4ug7Flva22oN QSHHoRNH0TpqkMYprA4p5Hz8MHoXoDWKbLaN5rbWuNBGnGZP5x4eUcyQy/mY+BUWylm0Vej4 7wuFDKlsAb/QRnshwLiTzusksy5yBjgr4oqb0aArQ5/2bCvKaKw1GKc69hH9yWvGRufLSfv5 3anvlnZWd6Q9dXw2vj/OgbYB+WwWTwi0i87plP1LzoAznd/R8b2d12WsQRmJtBpnJbp0nY5T zrH0nKL0ZoOzCllIkfOKOCcxNnqPp7UaZwzFXAviNO9oLJ1DdL3RuRkHgZchnQ/jSqYyOo6V 8XPShIFPLt1OJtWGCIM/uQfaxffSWoMzBmUM1oTYhqNYYXHaop2KJkXj0C56dtpZrHZobdBO YkoVVZXDaYd2oOLjKhdFlo3RqPi+mPiY2unovLXA1rZjpTlpn5lFOhOliGuHsxbtLNqCMxbl DMpG36OcwjrdUZit1Oa0A+EsxmicUlE7sRbrNMbPEeY8rNUY4zCW6BUuRkfP7eR7byXWgSn1 XYhT2aNnGO01tygnkc4QBIZrb+5JuxdE91QbnDVYq1AdKfAO62x071zcH2z8OxeNE85F91o4 sMZRWpdEhehMx3ignESb6JmUnqeJIxFOO3Aaq0NcuhEXRGMC2I6CdqU2q0v75uNn5Fx0fdaq 6LNGY41GG4czGqcDbGsDoVJoZ9DGoozDuPgZl8YZp6JzcSb6uXE444CofZX6mIifnbEWZ8Oo n1ob3R8bFweKr7PU/3DRdqHovGV0LOMw2kTnqwW2uR2tNNaF0XdY2dFWTt7LaEvXHvcpK4rY xlaclPGxXcd9t85gwyK2pQnb0ITLpnFW0PrkS18q0DvHnKjtKBmSTafIZLMEstTGLFYHtGQ8 tLEYLUin25GmdC87n5uL22Hp+kvjYuc4pKN2BNEztLajTXeM2Se19ZPnmNLPS/c1cHQcp7QI clGnP+melL7n5EEmavsnj2nxyHbScTuv58uIxox4nDWCXCFLaNwX5oKTx7ZStpq1pTnBYk1I WzZPIHU8F0ZjjDZRv7FGUcxnSafayeZy8XhNx5zRca6l8T52tnfcF+zn5o/4Gt3pMmkszsp4 LI/GJWsCWtuzCCOjdugUxkbzyOfvb0c7sCc9z88d43R7dU9+3tHf247zzXmtFEMZLXCticZV G90jGxfoMpZT5v/SuBXdD42zGuHAmXhcLo2jpc+fNJ93PCtsxxwngiLZoviSPcad52zj51vq F6fPVLLxtWi01Vir47WToJAvUJA6cqLG85R1nW21836ftC3RiY61QjQv26gNGUEqnccLJSYu YlY6/qnZkqUCorLj76N7ZrFWYWz0vI2JREZQyJLNFeK2wBefr9V0jOXE6x930thWGhM+1wY/ 3xdP/nlnvz/p+kvtKB5PTraT73PH9VCaO23H2BD9znSc76nXEf0uGv/0FwX6+Fk4YbDGnnKO CQmddAp0sBhtOXjwCI88/FhHfzqfnTuJQD8N819/i9fmvxWLstKi6asKdIW1GhkLD2tCXnpy Hvc89QhhYNCB5mjTIaaMHMolP7+e7buPoGwkug5WbWHuw7+hoCzGapwJOgSCAw5tW8VtPXrj q2ih7VtNoIv4RlDItDBm+CheePM93l/wW+Y+8QLSdg641sYZAc4gHRipaGzYx9I1W5Haooxl 46pljJo6mrZcCq0DhCtgtYsFZuc7pDsWU5QmQB0tXOIFQknwOas7P28ETkeeVdOxmLc4LdHa 4usmZsyYzsZ9B/GcQqlIPJQEAE7ibCREOxbr8QIFp7FGUgzyLProfQ63NOJUjqIFrXUkHp3E uNLEH4kLayzKSozI88ycKTz18qsYlUEqTWg0SvuEuSzTJwziUFPqC3urXLwgVZbI6aIMYZhj xoRybu09lKxXxNkiWjmULpILcjw1bx5TJk9izr0zuWf6ZKZOnsScBx8lnS+ctkUZC8YYlFHY UOGZgOz29Sy64gfs+WQ1oTIIW0CHDhNYMscOUfvOexRlDi0lKvBp2PIJDdt3o3RAUQb4KkTo kFAKjJII5VBGI7UksAqrHUpZjNAI6yOkJmypoeLaMjL1LfjKRL9XmsAIpDGY0KGMQRoTCUBj EEYTCouRBmlCtJE4EYn50BqUNQjl8JRFSYGUAk9KnLRo49O89D22vfIhQvoI7dChI5SaglaE ocEqhzEOaQRS59DCoU2AswWccITGoIyIhJ9ySGkIVEgoNZnQ0HfIcHLFAKls9IyMxtiQUFqs 79CBwxiL1A5tNNoKnLBY5dDWRItbqRHKEhiHVVE/stKhtUNZjTUKbSxCF1FCYz2HtYrACLRw SBOglMPZANlWw/IJvckdbMYog1OR0JXGYrXBao0ILcI4Qu1QoSF0EqEVSgco4xCFNFV//IRU Y4aCDghaGqgYM47GqjqE0oTaRP3dgrIGLXV03U5gtMIITegMWjmkcrjQIkyUZaCNxjcOHVik CGl8ewGte48TSI0f/40NHVIZTBA5AkJtybjIOWWURZsAYwK0skgdYpRHzWfvsujKWyjsOYSx aZSxaJuPHIXGdjifjHYY5TDSIrVB6SJ1n8xn5aXdyFefIFACLR1aSXLGo/7T5eybeg8Vd89i 25z7qZx8LzunzubI2Lv+pEC3xpBJtXHfA3MYO2YEc2fdyz2zZzNu8lR+89SztOTSWNHMbQPG 0dLaTkv9UcaMKqemPYtVMrpXFpyKnFXKGayJHDEmHrNMqfaBFdFY5CAIUrz/znscOlaPdrJj DMWJSKC6ePFtRTzuiuh7tOXwvq28sXIDVkusjhyUzkZzUWnsxCm0s8iS4C7VYLASZyWlqAaU xshovNSOU877dPtMHSCtRWmFMoL925fT5ZpreX/lJpSLHD8ufpYdQsK4WEwV43Eu6huH9m7i Z7+8gj98vBjhQFuJdgapNTt3bmf8uFHMmDaF++bOYdKUKYwYM5b3PvqEQJvYKRQ9Q+N0fL4F sD5OObAezqloTrU2chBZi+pwakRiCkpznmbHxuUsXroebTTS+sjCCXr1H0WDl0Fpi7BFfC2w Jh/NrbGTNBKokfPc2SB2PppT6ts4B9bYDkFt4/tqYiersxanTeezUpJxUwfx/pKNKKUxRqKs j1USYTWhBScdwjiC2NHsYudu5OC0YD32VWxmSeUBrAwIbYBTNhoDrMVaiXQW7TSm5HBV0c+d sXhWs+qz95n72O8j5+YpIqx0PIU1BmVFNB4bGTlLS9dNpyMsWicYCrkUL7z8Cm2pdoQDJZqZ OnEya6pq8I1EW7BGIK3oEKYqbp/OGpzWOGXApTrmd+dCrFVoI8m11lA+YjKbKvajhYnWNsbF z112tmsbfY9zGYyNt0A5D6MNocyzcNHHnGhuQgqFUoY3nn+CF15+k9C4yOltS07TUj8LYwdK yaEQO3tL45qLHKSRk7uzDXY4rOJxoOQgKzkCSmNi5BzWHesr68J47XRSoCheq1lbcsrGDh6n 4mejkA600zgniQI5sVMqXv+VnH3WKayQXxDoByb+GictRptT2nIi0hNO5uQ2YYzj4KFqHnnk yfNenEMi0E/LGwve5pXX3kB3VIkzfJUU95JodLFHX2uNFTkG3TGQdQcOIYWhkMnQrdctPDx9 Gv/6jxeyadeheCGq8IqNTJ8yg6qaRqQxkag9SaBrGTKifzf21LQjrcaoSGBqU2Dnjm307TmC E5kMqWKGTLaAM50RvMg7ZbBWI0wkrtatXsi0e56I3wdtCfJZmnMppAmxWmJcGE3M8SIm8tie 5O2OJ0d7UnQ7imDFHv3SAoF4ojkpqmPjBUMUZQ3xgzrKho1i74kGlI0WHs6Wzrkz6hQJbBVP MApjdRxxN+Sz9fTq0ZUte/fijIdnwWiN0xZjfEwcSY6iyVE0V1mNDj3G9O/FY8/9HqNDlNZI G4niYnsTPbt2obq1/Yse5Y77EZ2nNCF7NixmSP8B9LrlevYeO47WIdqEhNqyaf0HXHrZ1Ryu rSdUCikCao/XcM+s2dTWNZy2TZWi+do4PAuy2Mie0WOovucedg8ejggtRngExuJ0iuaP3qf6 hiEUwiLChPjK59C0cVQ8u5DAGArOIJ3BaYvSmoI1GG0xwqGMQ2mN1hLPKDwdRSiFkrTU72bT L2/GSzUjrEYFFqXjdHFrsKHGOhEvFCRWW5xwaBm1LWkswlqE0WirEE4jlcFKjWd1lL2iDW3a 0mYsQgrqn3uGQ+8sRUgfKxWB0QgLoQUdOtqtjBZJ0ie0Hja0WGkxxqK1wbeagpEoJUlZQ1o4 RGCxnqHVKhoz7fhaIbUhtJGwcsohtSU0lsBIAiuRWkV9TTq0MXhWIUz0rlerLU5arDQUjSZQ Ft8YpFZoGb8TVhustuSMo6AtTgiEC/CMJDAF8s5gjUTXHGLLzVfSUteCsLrDCaeEJLAWT7uo r0qLcAbfWFRo8KWhYDXKGLymg+y4sQ+pvUfxlCAni8iW45iiRkuJVkF0fwIRiXEdOSciR1gU 5c8aTWAkvlY0GIvwXBx51zilkTpAqha2/OpyDn64Gi0M2nfkrUUYQ6hDcqaIsBqpHUI6tAVt BMIWMIFF2oDAhgRtjay75Wb29hlAzVPPo5XGc1EmTGAtInbkmFJkzSqklUhpMNk6dg4ZQe3Y yVR/sAIZZsg7g1QGr/kEK6+7hYaPPyTIp5FBFtHawPZXX2dz7+F/IsXdIv08T/7mIUaOH0vV sRq0MigpqaurY9TYiRw6ehhbqOWWnmUUcllkIGhLpchpjVMOYwXKSmwsyFXJ0ahNx1jhbJSZ IjsWzJpcqo4uV17HivXbo7/vEOhxxMGZ+B7EAjB2OFqjefvlZxk85X6sUR1CypkQbB6tDcKa OOPCxlGzOJvF2CjLJc4kioRV5MDpEF7x543RGGNOK9AhEpraCAIvzZiBvel648306FNOygs7 HaMn/V3kPI6zZrTDGYkI2pl111QG9e3DnVNnoXTUrq2VWO0zePAgZj/wCO3FIsJYfL/IZ58t YuZdMxFKdYoCayJHhnHgAqwN4wyXOOIcOwyssVF2jusUyFByUBicCbnv3klMmX4fSmmEVRSa q+jRexjtsohRDm2KcfZElN2GLeCswGqNtQJtNNbJk8T5SWY0Vqtoe90px1dRhpuJnD2lNYAN C3S//Vo+W70lcsQYgbECqw3SapS1cRs06Djyb02nQDfWgi3y/G8e4Mk330Urg2d1PM8LlLEY 7RG4KKvNOEVgo35vrMQaS2A1f3zjdzz6zIIou+q0Aj3K5DFWxiJX46zqFG7QcQ/AYrWiubaG f/vuf1JTV4+0EBROMHTQECrrmwmNRBsTOfStiQVjnDllIseCtnHhT+d1OPNxCucMwhiUzFGf TpEPBVYJnCl95uTsvCgC74zGuQLaKEzsSHJOomSWfv0GsevgIYS2BNrgZVrI5H2UMWgtcEbG zzXKSIgylaIMh0j4RgENp02c9RY76zqcHZ2ZNdaquM12RsJLbTPqb1EWW2l8cUbFThXT4VQr rZsiZ1UxXs8pnPOj+dqKDidR6Vyi45TGmjjz09Ih2J1UXxDo+yf+OnYqdzojEoGe8HlOFeg2 FuiPJwKdRKCfKBx3vAAAIABJREFUluqjxzhcfTROK4WSV7eU9veXUkq/dHGqq9OK9mO7GVU+ leZAIZXCyICGVCOZE7V8/59/xIbKg/HEZ7CmwOwZU3js+VcJjcVqGYn9eLBTJuTdN55m9Iz7 kEahjEPakLDYQvnQvny2fCXKaJqbW2htS2G1wFlFGAZUVFaybNky6mpPIKyltamJV16cx4zZ v6X6WC3pbI5cextHG9rQRlLMpWhubiHX1sqmdSvZXVmBEIpi0WPN6lVs2bSOolTIONUWZyJx rg1OFTl69CiLl69i584KisVi5OV1RZxVHD10jKWLF3Ow+gie0QTWJ5c+xIBBo6lLFzAqirK1 NDaydvVStm/fjJQ6jjJYrAlItTWyfPliNm3bTFs2QyHw2b99BV2uuppFK9dSV1dLUUm0Ehyr Ps6KFZ+yfcdmQmVQcSTBGYeyBhV49O7WnRdeex+jTMcCWFlDuv4w119zNcfbU2ijOh0UcTRI W1BSYpWhtf0E111xJa+9+S5vvvgIr7z7CVILlA0QVvPH159ixuz7yOsoiqWNQSmJ1iraWnEa nDYYaTDCUbQG8dH7rO3fn6CtkV19e2KaAoQSSBWi6ndR9+TjHL5pAOLAfmRtLfLAHg4OuYPj j89H7zmK8rIYW8DW1BKsXE9u1VpkIY1QBiUtGZdH5hspbN1M87JlmAO7CIVHat9mtl7TF53N k1c+QbEZsbcGWbTkTYgu1uKv20xx+Xp0/WG0DFHaUiymCZtqMC1Z/NUVyGMn8IzAV5ZQWbTN UfTaUHuqKH6yjHzFPnTBx/oF9j0+i8bFq5D7DxB8shS9ZzdGyShKKhVBvo1CxV4yi5cSVO7C D4tRhFgqwvoabLYNvbmS4oo1FOtO4EuJEhanQmRrPXLdRuSnGxAN9XgtBzFNbejQUjAeYSZD sHET3pJV6JojiMDDUw6l85iaGoJl68mv2YRJpdEyuh4jHEI4clajgwz+vr1kF69EbN2BCSRK SKTyscV2ivsqCD5Zhj50EBUIlJYEB3ZQdfnPaWtpITRFpCmiq6sRH6+isGMvuWyRvLVIIxBh jtyJExQWrcZfuQbdlkZn2wlX/5HKq68ms2or2cMn8PJp/CP7kYEmtFmEbkHUNJBaspji9gqy hTTWNwjtsO316Np6TG0j/tKVFLZtwitmUWEsYky86M+3I/Zv5MCPLqT+D4sIDtRi0gGeLSIa 68muWkO4Zg2qvYUwVJiCw0pHYAO089HS4dsCykhOLPg9W8beRXrjUlYOHkhgiQRHoLEyylZw ykULPxUV+JNKI6Vg27yJbB09j+DIGqrGzkEVg6gvCUNq/y423XAdxdojyMAQKoMJNaFQ1P/m hS8I9Mi5anBGsm7FEn72kx9xrKkxzsJxkcixilBKtAlRrYfoM3AMwsshvJC6uuizThqkLHLw aBUrVqxjz+7dhEohHEgvzYnjx8h5Aft3b2fFqlU0pjMIB34+y76d6/jVJVeyaMVGqmuPEoYh xsSLZCNwJqSpqYllq9ayZfMmCsUixloa647xxNx7KL/rSY4ePUIqk8FaRS7Txsb1q1m3YSMt uTxBHBE22qOu9hhBEFJbc5yKvftR1uIVc2xat4aVK1bS0p6OM6E0zoS0tbawbPlydm7djFf0 IrFrTl1MWSEJZciR3esoLx/DgcptXPyDn7Bi/ZZI8HcICx3Pl3EqsnZRxFJ7bF3/GZdefiUn jh5i5PBxNLRmEPE5a7+NW3v0YNehYxQthMZGWQJGokQQf2+nk93ZECM1hw8dYOmyTzlQdQgh dbT9xwhC32Pz1p0sX7mG2hPH8ZXuEMLOarT0aao7zJjhA5g5Zx7V1UdpyWap27OaspHTaCpk WbV8A5vWL8MLfIwVGGWxOkMq1cqa1ZvYsmUV6VwecVJ2go0d8lZLWpsbWLNqJevXb6Dg+ZFD 1kRb4Joba1m+YhUVew8Q6khwiWIbl15+CRt3VEZbYmxIJp9h1ao1bNq+ifZ0a+Q00AFYj1Q2 x9at21i3eg1NzW34YUht9W5mTBzFC+/8gUPH6mj1fJyyFPIZdmzfxYbln3G8pR1lAoyV+Fbi 5Qts3LqZDWvXkwvzvPn0gyxYuPoUp0I0L2r8YoG9uytZ9tkiDh+qQsVZc36+lapjxynGhTmN CmlqbCCby5NOtbB59XK++88XUFG5l9qmZrKtVQwZVEZ1W5r1Wzezad0a/Gw7Ms7QM1pQyLay Y9M6Vq1eQ1MqTWAc2mqUDqmvraOQK1BbX8v23VVkcll21zXgSYGXa6Gmeh/Hqms4duwoR2uO UdfQFGecBBSLabZuXc+a1etobmrHWoMXZDlWtZM+vfqyausOqo/XUVSGlvqjpPJ+9NxUkba2 ZlavXEHltq14nofnQFlFIDwa6uvI5fPsrNjBxtUrSLW1Eeo4CGNF5GCJ22cm3cqG9WtZsWoV Te3pyEFhNc4o0qk2Vq5ew+atm5EyJHSgVUBL3TFasx4Nzc1s27YVr5inob4OqaOAitUBVocc qa0jl2/HmCJt2RwbNm5h47q15ItelJFgDNl0K+3tbbS2tlKxqxIvFBhHlFGhv7gH/cjMh7Da JinuCV9KZ5ZK7Kyyltq6Rha89YeOFPfzmUSgn4aOyGzp/0ve/r+ysXQI9NJ+L6PYuuQ97pr1 KHnjohRfrQidIVdfy4X/dBGbdh/EWYExFmc9XnziQXr0HU5OmDg1rjNdyNgC+/ds5l/+44ek coUordTmqNywjMtvuJ6GdDMiEIzvV8Zjz/8eowOa6o4zdcoU7ujTn+EjRtK3d28WLVvOy8// jssv+TGXXtaNsmEj2b5jJy8//RQDh05GKsEHf5jPVVffwrRJExg7soxf/Oxinn3uRe65dw5j Ro2k603XMWHqPXhSoUy8Z8mBVYo3X3yanrf3onzMRPr17cvsWffS7ocUvUaeeuJx+t0xkJEj htG9R1fe/eBDCjYg1VhJv4HDafUCrPB4++3X6XpTN4aXD6Zfvz7cddccsjkP4wTLlyzi1u5d KR82lIFDBjNgyGBWrF5NWa+u/Ot3L+DWXgOYOGkarakm3nj5BW6+uScjRw+nX/8+3HXPLHwR nXNJoIdejh43d+e1txeRz3vkClny+TSpYpEjFau58vJrqE+nsVZiTCSmTRx5URakiFIMP/pg AVfc0IcTza3s2rqCnr0nkM4VUVYjTZGNK5fxs0suYfXmraS9EKk1UspI4H9JW7PGopRFKoM2 BSoGDSM/fwHNVrDnkamkP9pCXmtUMcva385j8U03sfmnl/Hh6HIOv7GAVdNGsfEXF7Ghe18W j5xI8dheajYtYfXYCewYMY71Q4eydOY0ZD6H0pJU3W62zJjCyrLR7Bw9hSVlwzm4fC0NO9ay 7oYhuKxP0N7EthkT2ThnHoFvaTmymz2TyllfdiebRs5gbfkg2qqrSGvJwXdeYceoMjbe8wDL h04ns2YDWafRRUsoNLpQy5Enn2Rx7zJ2jZ7M+rLx7Hj2RUS6iV33jqB69jw2zfw1O8ZPZdVN t3Ng4SeoQCGLefY+8TRrh0+iYtxUPuw3jMN//BhPCmR7G+tHjmD3c79jzaR72dq3nPU33k6m uppQC7y6I2wbMoK1Q8dSOfwuls26l72zJ3Pis6UIo2ir2cnGab9mw6CJbB85g4Ujysju2o6S luYty1nVZwibh09mzbAxLB47laCuiYKFwDhU0ZELfQ6+/ALLB5azdfwUVpUPZdujrxD6KcL2 Q+y8cyaLhoxgx+jpLBxcTt17nyCkpL1iLft+fjGFdArp1bP3vTdYOXQsO0ZPZ0WfUVQ8+xI5 T+GLHK0fLmRx3+HsGnEnm8aMZMvkWRxctYzFQ3pS+eMfs3zwnayaMw+vcgfreg6k2NKGlvWk l7/L6n7j2TFyAkuGTmT/XfdSbK/HF5J9rz3P2iHjWHr3HCruvItVN3an6unn0Up1RGgKTpLf u49Fo0ex73v/xuK+o1g47X685iYat69m5cBhbCufzrqhU9gwcBRNlZWE2mEKjoIJsUYjrcC3 EptupLJ8MO27jxK2HmXbsDJaGluwKkRJiVSSQDuEilLbrYyyFZSwhF4TG3vdTGpDHWHuKFtv 7UrzniaUUvjKUNd4lN1XXs/xV+fjtWbxhcILNSpwtPzmi0XiTLyFx2mfZ5/4DQMHDcHT+qTa AjbeGxtlAuVO7KH/4AlY5VO5fQu3396HgrFIL8ezzz1Fjzt6MWzESPr3vp3f/e5FMkJxtGor P7roJzz8xAuMHjmMAX3uoMsNXWkp+BzYs5v+t3fjX77zPW7rPYQxd46jsakZpaItCFb57Nm6 lr59+lI2fAxDBg9i0qQpZItFHvj1XXT56Y/4yZV9GDx4ECtXrGH//h2UDxvG4EHlDCnrT9nQ 4ew4cAwpQ/LttVx44QXc9+Aj9Ly1J7995hkOHjrEkCFDKBsyhOHDhtK31x1sqdiN0pJP//g2 t956K+UjRzN4YD8mTpxMseAhhOycQ63FSo+8V+TxubN54a2FCC/P3ZPG8/Rzvyc0URaGMdEY qpTC2DCKeCqHVQLlp5kzazqPP/cyUgRMnTCJ1/+4As9IlC5iVY7+/XozbspM9h6pwZcKoyMn htG6Y76MFn4G4ed4Yt5vGDp4KKNGDuPKqy7nvvufxpMSL9PM1IkT6DtwKMOGj6L3bd1ZvX5z tL3CGKyW5LPt3DN9Ej+68AIuu+YWBg0cyLK1G9i98i1u6z2UKbPmMm7EeHr1uInhwyeQCwJM GLKnYiNDy4czuGwEZYP6Me7O6RxvS3esMUr76LdtWk+3W25m6NBhDC4bytBhw2lubkJLjw/f f5dut3RjxIhR9OrTl5mzZtOWyeAVmrjgwp+xfW8VThWo2LaJAYOjvx00pD+97+hB9dEmtCqy f+9m+g0aSv8Bgxg+rJwhZeUsXrKE8SOG8JMLL+Sm226j36ChVJ2ooaWunuHDhzGob39GDSun d/8yKnbtRhtFQ1M9QwYNo1ffvowYVs7M2dOZObI/Hy7bdkoE3RhDIZ/j7pnTGTp0CGNHDqN7 16689/FSQq1ZvvBNfnDxpRxvao0cT7JIzx49WLp8JR8vfI/bu97MP/yPf6N/v0E88dtnaDmx k9tuvZ3Z855mxOgR9O7ejZ43duNIXSvWCBrraujb6zYG9R9A+bCh3H5HH9Zu2Yk0hnwhxa09 ejBh/HR69enDI48/x4HdO/nlNd043tDM1k2rGTpkAIMHDGbAwH5c9MMf0K9/GVpraqr3M2Z0 OcOHDWPI4EF0u6UnNSea2H9oD6OG9OMHF1zM7QMGM3n6XWR9n/HD+vHx8nVo5bNm+Uf06nMH Q4eVM7DPHYwfPZIjbe2EJuRg1W6uufpq7r53NqNHj6Lv7T3o1rUrOS8gUAZroyi8MZL6E9X0 7dOLsqFDGVI+gsHDRlFdXY0zko8+eI9be3RnSPlwBvTvw6hhZbR6IUGYprxfL4aMnknP3n2Y NeteTtQcoestN3Hg4EECY9HCUFezn0uuvp4jhw+yc9tibry1H4PLhjJ88ADKR4zhWH0TVoU8 9tBcxk2YxKCyoUyZNo1MLhdF7E2U9fN5gd7y0LMdFdzPd6GVcHpOEejxViBlLKHoXAOfz20n Eein4bQC/Suk5nQWrIpTD63m+Xn3MWfeEygb702SlqKDTMNhfvCP32dL5UGcCaPUVeez5P1X +NHPrqMuXUArGaUWltLvTJGiLNLl0otZun4TzimUSjF76p08/d5alAkxYZZe197IM299jAqz 9OvZg/79+lEMQqTUFHJZWjIZhB8w+55xLHj/E7xQIaXisQfmMOOep1Ba8OqrT3PJlT1pSrWi RYqKHVv4ycWXUHXoOFoFVB+s4H995wJa2zKRZze+j/lsmqt/djGfrlhO3hhC4ZFrb6KoDM8/ /QDdbu5BJucTqhyp1lp6d+3JkfY2GvevYPDQoeREnqOVFQwaMIi2tgyhyCBEgT69y1jy2Qq0 TvGf/+dCKnftRQqFFIp8roDvhxzYuoRf/PQaDh5vwpMao1rocf21bNtzBE8KhPRpbW2P0qK1 wmmLtJpioZ0brriK//53/8R///t/4O/+v7/nf/79P/B3f/+/+Ze/+2/89OIuNGYyOCOwOhIO yljCeI+ttQLpNTJxzAQ+2rgboUNy6Rau/dXlrNm8E99JnPZRgWDl8o/54UUX8f0LLmD6jJlU 7tlLIKL0vdOhHeSdILA5mitXsmHYZGzOI9SG3JKFrO9aTuALpMoiA8WuR++jeurThEJSCDQN QY5D/cup3bqHoi9wBYNO+WTCkIyWhIUMW3v0Qq/YilNFGu65mxMz51L0ighRRIRt6LYcras/ YUPvMuSx/ey5pRfHn59PVhXw/DaOdBvCwSefwOQKhEGB9Lq32Xbno+i8oO7Zh6ju3guvsYVm 5ZMy+ajGQNERej5VLz7J+lv74OeyKOGhwyy1xaOEfivrh/Xk8EuvExbS5HQje558iiW9hqP9 IlKGyGwGExQIdBvFfVWsvnkkJiPwmuvYd11X6ndUEPhZpDzBgfIxHHxjIb712TZsDHve/B2e zKKkIFe5lpU/+j7Nq9eiQ48jgwdw9LlX8D2fVu2T3vgpO8ZNRgQhVXPvIv3xEgJVxAZpsu0N FFVAwYFRjlAZdGsDB4aMJTxURUF5GD9FWJciH7TQ9szT7HzwEWQuRc4UKR7dy76yMpSQtKz9 mH2X3ULoBzSsfJ9N13YnfbAKobOoQiMn+o4gdfAYaud2Nl16HaK9AU/7SJ0iaKoj9AMy+zdR 03sYqi2DzhfR2zeyruft+JkGwv0beO9HP6SxYjdtKovJZNjbvx9bJ00nZzQHHn+A6h7lFApZ tMyhDu9g+4Bx+KlcFOExhpwD34TkW6r54P9eSNvhY/iBQBea2DF2JIWVSwmLPjnp0/jy79kz 5W60Eti8Q+gQox1KR6n2TU8/yPph4wi0wgUBVY8/SdXDv8FqQ+g0yqVxroCzPlaHaCUIbZTe 3/zh76mYdD/K00gVsmRuf/YNfgCpLTo0COOT3r+PXbeOpPJ7v2Tn4PHsW7Msioo+/uKXCHSN 0x6z7pnFg4+9hDCl9GAd7922cQTJUL9nM0PG/BqjA9asXkiv3kPwjGLFopcYMmg4qbxHqItk Wmq44pIrWFN5mD07lvGdf/oeby7ZgVQeymth8tgxvPnBYqRW1Nce4sbru1PTkqWoBFJZlI4y eazMU97rZl5+6SVyyiBEQFsqiycFSrRy/7Rx/Pb9NfhhSCGf4qbru/C7V16lIBRS5Hnxsblc ek0/2rM50s1H+R//+D/545KV5Is+wksxfeqdLF2zgYJQiMBn5R9fZ8rd95Hzilx/xS947c23 KGhDGHpkUlmU1Gh16phljGD7prVceNFPqW9PI7TlyLaljJ8wlYKMUtW1CbE2yhpSWkQpvtqg dI6KXVu59ba+tIUSp4ssXPAKN97aj1ZPYqxCCY90exP3z53Nv373O3S9+Qbmv/YyqaJPqF1U BTius2KsRUtBMV9AeBKt8uyuXMtVV95GUzrNsoULuLnL1WQCQaA1oZ8mny8iZZQlpbVEa4ES RUYMH8mCT1fhBxl8bVn1xgNce0N36lJpwnxArq2Gf/7//4Od+6ppPlHNjy/6CQve/5iiyKH9 Io/Oe4BHn14QpWBboloPKuCe6ZPZsmUTntZ4StPQ1IQMi9RU7aBfn740pLJIKShmmxnYvzcL P11Ca6qG/7zgevZVn8CZLLfccB0r1lXg6yJSNLN66fs89tsFZLINdL/5ej5dsY5ASJRQpDI5 isUCKmxjaNkwdhyuxgsloUgxql9v3v34M4SfpqBCln60kOtuuJ1ACH770Cx+++yr5EOBCAIq 9mzhh//yHTZW1MQp0fFcpTVKCorFPKEI0CLN+++8zWVX9yQbKt57+Rl+9qubaMwWMEbhVIEr r7iMij17UbLAtrUruPCnV5MteARScXzfKq66/Coqqw4SKh+RbeHKH/+C+e+tQIdprrvmKt54 +118pZBBkfUrP+GHP/05hUJILtvEZb/6Jfc9+Fta8xkCpdlfsY2ruvWmMZ0lVCF+GCJFkcrd 27jq2i4cPdGENQ4ZehQLOZRQSNHOfXNn8cGHqwm0oO3EIYYNGUlT1iMUglB59Ln+V3y6cS91 ddV8/3vfYdm69RSkQoYe9989leF3P0hRF9m5cxvf//4P2V65DylCpN/CyPJhbNu1P84GKWC0 wJmAV194mhdf+B0FISlqQyqbIww8Ui31DB08kOO19fha4wU5JpcP5Q8rtuD5jfS88WpGTHqA TNEjDH2El2XQgL68vuAtisaiRCsLXnyEZ954l1y6gZ43Xcu+2hZ8FaL8Nh58+FHmPPwYVueY c/ckbu83lNZcAV+EcSZPVNDVnE6gP/r8nykonHC+06GrOors6tMXLj1PSQT6aTA2qj4dpbad Wjn4ryFK6Ykano7TsO67awoPPfUsRoXRIkNbQgfZ+gP84B//L5srD0eFpKxGaMGaD9/k3//z l+yvbY4FemdlWKcDPG1Y8eEfmDz3CaySbN2wlIFl5bSEGm18gmIDl112Fe9+vIGWhkNc8L0L WLNqO9IKjA2QsoAwChUUGFF2Bx8tXYWvHUr5PDB9Mk+9+DHKKF54fDbld96PpxVWehzet4Mh 4yYjpERpScPxffyv7/6I1vZsxz5pY0EqwUvPPEm3Hrfy6ONPUF19GK1CQgvlvbvS/eYe3Dl1 FtOmTWDqhNH84ie/YGd1AzXr32XEiOGEIsNbTz7CpZdezeRpM5kybSKTJ0/k6quu57133mbf ziX0GziaIF68ai2jvW7KsHPdEn7202tpSmcJrUGLel545nG63NCdF158jiOHq6L9xiquWG4M 0iqy7c3c1OUWNu3cix+GeKGPH2TIhT6fvflbrujSl3S+SFjI06/X7Vx11VVcdfXVlI0cRaaY R6uQBb9/jFGjJuFpj1AJjPR55L57eeSpl8iZqACa0hqri4R+jprjNSx871369LyVqTPvJVRx RW8n4jQ2F29rcLgghyrUcOiq62ldthKRK2LzafLHq1h8xdUU9x/BSh8TSrbfN4Njj7+BkhJf h/iFVg6PGErbseMYXcTIAratnpqXX2TV7F/z6ewHWPPzK8mu34bKtbBj5ChS+yqjPb7CEJoC Svg0Ll3Aum4D2NLrVo4v+gDpSTxPkW09zI5Lb+Hju2azbPb9LJl7H4snD2fBgCnIYoY9D0yn +rGno73enkEGiqKT0T7vIEXFDT3Y8ujj5IQmDB2+NNgwwLTUsaFsEO0H9xMogVIhVb97hnU9 ypG+QKg28ut3sGvW71k++0E+vGsmH9xQjsuEyCOV7Bw9DNEWEoYK37VyZMIYDs//BD/bztYL Lqa+5jAZoVBKk8udoKJHV5q2bKPYWEfF5RezZPR4Vt/1BEt//RBLpt3JH/oOIsimyK5fzAc3 9aLi148Trq3EDwVCC5yUUWE8rcnLLDufnsfH/ftSv+AN9J7D2KJBBylW33E7L829kxWzHmDJ rNmsnj2HD/vcgSgo6ha9yZ4b7yCUhsOPzGHZDV1YdN9c1twzj48enMPCK6+kZtM2Wp5+kl1l ZRxzGhM4rLCERiCVJrN1K3vvnkPal+SNJb1xCZ8MvoMwm6HuqcfY2nMwYS6gKC02H7Lng6eo +M9LSIWSvQ/cy96n3kX5hkBJivVHqSybhGjJE5qocKKVjsBIUvWHOHDhzyikCnhKUji8kz23 90LmsvjKogJJumYLu4aNIOenCZRDKoVWBisDcrUVLPrxReRWbMDkA4TfQmb9MvZecwOZ1ia0 VGx45knmd7+dl3r25OXbBpPafhDnC3RVJYt++hPyu7ZTzLRgsk0UN33K1l9eSqE5i1IBoRVY qdGilWz7blpWL+bgpElUdhtIzfQHvyDQrTVRNXldZPasWTz46PMEcY0FZ+JaF0YQOos0kl2r FnLn7KcItc+HCx5n+IiJ5KRgxqheXHt1DyZNncP0aeOZPnk8//7v/8HS1ZvZvnEJXW7qR00x RCuNk43MvXcG8/+4lFApmmp2Uz5sFI0FhXQSrQw6blNG+Wxbs5TbevTg3tlz2b9nFwUZ10eQ KaaMG8OirQfQRtNwYh+3XNuVoydaCY3FCEHV1vf4p+/8jL0HjtJ0dDv/ftElNGbSSKVor6vi 0p/+iPGTpzFh6kymTpnM2CF3MGb8ZHwpeP+t+Vx+1dXc/eu5HDqwKyqiKQ1Clt5QEUWsgyDD 3Lsm8tYf348KB2qNDtsYMGgom3ZUI4ylqfEY3bvdwHVdbuTqa65n5szZGJ0jm2mky3VdeO6F +fhaY1WBptoj/Pznv2Tphs0EOhqzrZbI0COfbqNi+xaeeuIxLvnVVWzesQ9po8rbuKhAmZEF Nu05zMMPPc7dUydxZ/kAfvnLm2nNZEm31DJ2eDnDykexfNlSitkWQh3d6+itEdHeXy3yTJ44 nlU79yO1h9Ca9+dN55HHXiDUGitDvHwTF33vInbsP8yapZ/w3X/4HqPGT+fOGRO4687JdO9+ CyPG3xd9dyk9Wwk2rF7BpT//BXfPvp8tO7YidIBUPs8+PJ2Lf3IJ46ffy9Rp05gxdTxXXXkZ r731Lg11+7j4/7H35l9eVle+/z/xveu77urOTU83uUmbdN+kk2g0MY7ROAKCiMook4oK4iyI iqIIiqKiDCo4z3MckXmGYq4BCoqiipqrPtMznGGf8/r+cJ4qEIlJG/NNp3lea51lQeFnPM95 znufvd/7Z/3Y09xJ1F7Nz/7950yYdDOTJ9/ELTdOYNzoK7lt6j1s2rick3/5S5o7Cpkzus7q yy2ucpBhV1zKnvYujFh6Ohr4/t/9T0aMv46bb7yO6ybfxFVDB/OLk37FwaZGrujXn62769ES IVajdBNDB/Vj5/7OI1LcQ6cPk1ZYvnI10+6Zzh2TrmFI/4v51ZmXUEw0ix++j7POH0N3pBGt 8WkTJ/4VNMgCAAAgAElEQVTklzS192BtwqfvvsK5/YaSaIsyht3LXmH0VeOIdBKyzFQn5/36 NJ557TOaG6r5zt//b+qbmknEI7pI58Gt/N+f/5SGhgba2/dx7llnsWnbLpRojDFUrfucC664 jq6yQUmMspYt27Zw0imnsLtuD9oKVqXE5QKvvf05U2+/jVtvHs+5Z5/Fa299TCqGpj1VXHPd VMoqRtmINOrgvJP/jXU1B/j03Vfof/GF9CiDzubqx68s5Ce/HExjd5GNq1fQ79Jr6IkqiDE4 ibh10hhWbzoQasZ9mvkmJOyt3cE5vz2bm++4k9Xr11OsRMRW89GrSzjjtNO44ZY7uHHyzdx4 4w387sxzWPLqW1SiFs4783Q+XLszGH8agzMpn3zyNhNvupmydtTvfpf+Fw6goa2T5R88yw/+ 5aeMn3QLkybfxG2Trqb/gEFMvG0KXrdzz63jefOTFSjxwWjV2nBdWYNxjt1HC/QHnsy6LRyu mc9T3HOOpq8jROZxYJx8KQvneCYX6MfAelDishZWh1t4/GfXlt42FX1p6U6YOfV2ps9+HDEx xlu0s1jrKTVW82/fOYHVW/dgxWO8whjL0jdf5oc//jV1LZ2ZgYc5/LhSJDVCoauRCy68gtbW Nq4aOZT5S95AOYN2KeVyI6eceBq/X7qNQwd38oPv/Yg1qw+QuALaFhBbCK2moi4GXXg6Hy1b SdGBkwJ3jBvFwrdWoRzMufNabp7+aDAxUpbNKz9kwj0zMDbFOqF+9xq+808n0l1JggFKZrjj nMGJoa56J7MeuI9+F1/MI4/NpWIsI/ufw2uvvUEkHqcqiIkoa0vJOLa+s5DxYyciJmLx7GlM njqDkkoxVmO0IVUaUUW2r3uPEaNvJM5Ov62kiNVYY1n20TuceNIZFCpFEqdRaRPKJOzdW8f0 qbfT7+KLWfj8S8TWYcWSuiDQu1tbOPu0ftQ2tITUdedCupkT3po/h7MvGk8UpTitSKMKxoQU +ZJSKJtSaG/i7DPO4MwzzmfgoMsYOOgyLh00gPPPv4AL+g+moxwTZ6Zs1kRYCbX73iZsWbeU f/7eCbR3lRFr0BLhRGeOz5CKYFU7LV+8TdUvf8UHo67lg2E38MaYUXw0cgSrzzyLfc++gdEe ZctsuHUCexf+HtEmGH311FM78ioKTa0kSUT3oR0s/dVpNL7yOq7uAKqxjmVnXkBUtQPb0crm MeMo1WzHaE1iUrTtRKsSXa88wcoBN7HiwgtoefENpGKo2IS0eSfVZ19Cd/0+dGcHrqsV29WM LmhE9bB87FCanlyCE40WT2I8ymft25IeNp52PhvnPkmihCQW0lTjYsEe2scnQy6np2Efxhq0 9Wx58l4+H3Y1JhLqXnuCjy4bhl21C916kGjTx6wdfCtJOaZr6+dUXT0a6QlGbyJt7BvRj73v fkFabGXVD/+dlvoDFJOURGsKzTWsOe1sujftpNzcwJYzf0m6cjXSUsF0NmHa2/HdMTaOqaQF dNMBWp99hlVjJ7L8/oeQOMJpjfEGow0mFXQUkWzdwOYpd/D5sOHsfWclvtzBqv79SPdsx7b1 IJ2tVNq6kZ5DlJWn+pV5bB9yOdZ6dky/g0N33EHc04E6WCLp6sK0NeCjhPYHHmLv8LF0O4VT LqR1SwVnLV0rPqZ+2t3YkqFkHK3vv8q6wYNIIsWBWTPYOPh64qhCxRp0krBp7j2s+tlZqHJC 9S0TqX52dZbGmBLXb2f72OuxPQnGWiIf3PCV0zRXr6fm5JNRUYKWlOKedWy99FJcpENJhlZ0 bF/G+jHXEkcVrPYoEZQxpK5M3Zw5bDjtHJYNG8H7w67nvZGj+WLIcFb85ER2vvEGJWPQhQ58 Vzu+pxHbUUJVPJGqUHfXnXz+qzN5b/RIPhs5nnfHjOKjkVew4dRzObR0LYmJkViTKkGZFKsS XKood9Ty/r+eQl2/cV8V6NZknh0J8+fNpX+/QRQSRZo5gnurcLpE0VoSk/LR4jnc/fCTlGzE gvtuYOKkmygYxaQrLuGRR+ZRsBqXFEhSTVkniDasXPoBA4ZeR5vWOO3x9hDXXT2aT9btwIim YedyJl5/HZ3aY1wSjLmMCyLchpZvHa3NzJ83l0H9LuK+R+ZhxWHTHkaOHMn2xjasaJr2V3P+ WRfS3NKDEY/TirUfLeS7/3IKtQ0t7N/2KT85ZTDluIITQ9fBWi767RkolRIrQ6qDV0pqsvp3 G9PZ1c5jjz7M4H7ncefUB4m0zlo6gtjgl7Jh2Qf88mf/Tr+LL2LAoEEMGDSIgYMu4cRf/IKx 4+4gNoJIhFEtmNQRaUGpMk4X+ODtV/nXE07ggosHMPiSIVx2yUAGDxzAz376H0y7ZwapdRij EWvRqQleIVnK/FXDL+fa628jFo/zSRA51rJp1SecO3AUK1avIo26+Pyd5zn93Evp7CkgEk44 l378IdePG81Zp/6Kqj2NKOeCeZgL7dhs3Mmk665i676DGBujjWbuTRN4fP4bWfCmQrGziX/6 ux9Sc7CRzz58i5P/7Re09VQoW42ohCgtUdIu+J5AFmgwOKOodDfz1FNPM2zYYKZMm0ZiNLOn jGfCtZNJrZCkCqUUqdIkRti/ex2n/KofjV1lKk1VDLlkKEWjsZHGahc6OugeNqz9gp//7Je0 dRWwTuNcFESgseiuGi7vfzYHeipo0XS3NfH9//UdGlvbSI3FKBWCBVKivaOFi86/jKrqA1jp wRiNKu3g/AvOp6Gj0Ne5xTmLMxEvP/c0I64ax9ZdtUjUzYsLnuR3w64m0sKjUydz6dDbKCuL 1RZReznhhyfSWtQYk/LWi09x5Zjr0Tbcg1e/OZ9rxt+MOI1XHomaOenffsEbn67n4P5avvP3 /0pLexuJ8TjbReOedXzvR/9KS/MBDjXt5byzzmNf0wGsaJwxrP3iTQZcdTulxJGaLjZs2swF /QezeUd1MM61BqvK3D/1Dq67dSYtzfuIKt2MHTWWz1esQnlN1fqPuO7m+0h0hcRHlIpN/PQH /0R14yE+ffM5Bl06hIIK14NYzZvzH+bUs66iK0nY8NnvGTh2GqmN8dYiVrhhzCC21iUhq8SH LBTngvFpudTD80ueZcSwK7jmuok0FUp8/Pxcpt41jQ4HOukhVmU6tGBtSlJs5bRTT2frvqZg Amc93lpKlUbGjh/HwcZ2Jl19Obfd+yTWpHz82lzOPvtKyqlGacGbmNgIJWORqIk7bxjBym27 +2rOvQ1tXo01KCdfEeitMx4P5sFO+uZ6bhKXcyRHzonQFUTQLiubcHl5RC7Qj8Hq9RtZs3FL ViMXDGz+PIFu+3rBvvPsHO6YMYtUfLbZSfDWUmzezw++ewJrq2r60ivFCq8+M58Tf30hraXQ moOsfZn3FusVXhms6WHQ+Rdx5+1TuGTICMpKEGfQTtHV2cDJp5zBFxtrUWk7v/n1r7nuuruJ TQkjEYWezmAyVenh/LNP5oPPllIWi9gSY4Zezlurq0gd3DVhNA/NWxIMQ0zC2y/OY+qsR3FW Y0Sza+NHnPB/f0tZZ/1XrUOMIU2KlIs9iFGIUaxbt5Z+AwZSiBLunzKJiy/uRzFRQewmMW3d FYxzvP/cY4yacCdWHFXL3mHQJZfS3t2NMeFkcH9zazjZLrXww3/9MY1NzSirSI2mpa0TZRyf vvcmP//5qXR3d6GtJu5poLurHSsGbyOqqjZz1nkXUVLh1F1lrrfth5o587R+tPREfQZ/zmnE O5bMeYD+l92AMiFy7MRibehTbcRhjeGLT9/mpkl3oLTCWo9ImkWaFQMHDWbpilWU45jXX32Z crEzCHTjcSbhw3df5Sc/O4lyuYPutiZKiUJ78D7NHI41jas+YukVw2jZtgxnDV4bnOtApJt4 z0a2XHMThUTjXSfbr7uBPfNewKoyWgxx4SA7Lr+SpGEviU6pWraIg9/9Z4pdKUaltFW9ydsn nULxQCMqLrHrptupfewxdFqkR8qolj20xYc4MH8G6596m6R2I6tP+i3733wfMQUqhWpqzr6A bc8vwCeCr1hsd5G2JCVOi7x6xtm0vvIBTgzGQWp96EPuDGVTYe3tU1l35bUklQoFKdFTbieq FJD6nXxx0SAqzU0orelysGH2XawZdxs2FbaNGceau+4ltmWiyn5WT7+Fbbc8hI8rFN5/hX0j xiCpQ3uNxG0cuOhMDi5fi7eKlaOGseuhJ7BxO7ZrP03zn2DLCWdQ2bmf9rTMmn4XceCJFzBa kUiJtNBDMUroFKHQ2oFRMWlcRKJaXj7nXGxzC6I82pTQUqBcaSdt60EZwRUqtC19njfG34gv NNJ0771semAevlvjEyGNuomaavDaU/vwbPaOvwHjYM9bb7D91MtpbmggTVKU1iStPRixlNYt 4+0zz8EXWkldmbJup6cU5lXH0o/ZPmUKcaWCV4amF56mtt/l2JIh+vxDXvzZmSS1O7HSQRr1 8OmAgax9diHORNRePZb9X1SHVjsuRW1dz9aJE/GRwTqIPUFYakXntnVs/cXJdFbaSVSK62hk 2+WjSbZsw5gipbSDgzffw/r7ZxNZh9ce71KMi+ls3srO35xH2t1OyVeQuI2yj7Gui62vPELd 8NswcWiRF3twklJ0mpI3qJZq3rngIlRzM0ZifGJCuzYp0fX5UrZNuYuCSti7porOvbXEUYor CYmJiPbvZvG/n0PDVXceI8XdYTNj0IP1tfzqpF/w3sefE5vQwtFaxZ66alZv24kSzZypE5m7 4BliG3HzqEu54867KDvDq/NnMmz4aApKIapCkmoOtB3CpppPPnqdqydNoyfzv/CmlSsvH0RN cyvWwZ5tqxg1YgTtUei17IwNPhdiiSplWg41YVSC1QlJpchFV4yjlBhM1MbwIQPZuKMmlL50 dHHO6b/h7XfeIbWCMRVun3gtQ0ZMpqQ0W1a+x+kXjEap0LrJVLoYM/wKVq9eHbKKjKVU6Kaz uweVxJQLnVkGkGZ/7TZ+/ZsL6CrH6N6+tcZQ7mnjtN/8hgULF4SWei67f3phy6ZVnHveebR3 lzCmjFhNokMQx0kBVSoyevQQtm7fTSqqr0ZRrGHPnj2MHDWennLMzp1VrFm9Aq0UYkw4zU1L XPi783l83hIiE9pqeZfixfLacwu4++H5JComjgtcd9UwzjhvEMVyhda2FuKoHISUSnjkwQdY 8voHISAtoU94EOjdjBl1Bet2VGMkRVnDrWNHsPCVD7Pe54quQ/v57t/9kJZCgfqa7Xzvf32X N9/9MJiUqoS2jjYKiT7CoV2wOqWlqRFJC6QqoVDo4uRTzqC1vYctq97hvHMvoqsQerwrpTnU 2kasNDs2LufsswbRVozxqpXTfnUan69djRiDtpZClFIplWlvbuS3p5/G2g0bEWeCmVyhjEo1 lfY6Ljj71+xp6SAxGhWVOO+M03nvo4+IdIQymu5iREd3FyqNuP7qa3j25XfRuoTWlteee5h/ +Zfv01woHW7l5QSTlBg99DLefP/3pGJRpQ5unDCeUTdNJTaOR6bdyjkXjaC7WEJrxYdvP833 TjiZbhvcz19e/BSDLh+BseEU9s0Fs5kw6a5Q5249UcdBfvp/fsryDXWoSjc//tGP+P3HnxJr h9EFXn7hac65eDBpLBxsqOfCi0bQ3hVeo9iU37/1EiMnP0CsFXtqNvCLE8/go8+XoyS0stRG ExU7GTtiONv3NmFUxJ663fzyFyezccsWjDNsWPE+46+fTJxqUrG0d+/nO//v33GgtYN9uzbz f773fbZX78VaQxSVmXj1OB575nW0S/j0rUWMuv0hUh9KZ9JUMeLS8znQpY7IujQYk3Ko+SBa Jzgx6LTAjTffxoYd+2ne8wVDLhtBbUsRozqCCe6hNrSOiUrtnHHmb9nb3h26MojHiwXXxZQ7 bmLKzbdw3iUjaenuwdqIpsZ6fv2Tf2dfa2gX6ExKU3snneUYXWnh+tHDqW5sDR00pEJ7axPl chwyMTxfEej1t89ArP6S63wu0HOOpG9OZOusNpqmtnY+/uxzjDG5QP9rv4D/ijz34issfO4F TNYGB/58ge6cw9uUPes/4bpb7qbbhp7oSaWTxQueZsGjj/C9f/4Rd907i+dfepGenm68CLPu u5vh195GxXicDfV0QaBrUi94acdZ4bm50/nO33+H1z9ahckir6loWg8d4JxzL2RLXTNOSqxY /jEXXDCI+x+czuNPPMm4sddQjAqIiXl2wVyGXDmCJa+8TKVSYOyYMazavQ/lYdLVY1ny+ntZ m5YyT82axuwnFiAmxUjKus9e5ddnDc5Oo0MbKWct9XU7GD92NLNnzWTRwoWMGjWK++6fQao1 B/fvYvCggdx4y+0snL+AqXfexbynF2NNzJKnHmHi1AdRDmzczq2TJzFsxEjmPfE4Dz40m0uH j6G9UMJZxdSpd3DxxRfw9IJ53DH1LsZcPZFKqjlYX8sF513EvdOm8d7777Nr82rGjx3DQ7Nn s+jpuVx7zXieWPhMSJe0CiUWI57W5v2cdXZ/ehKDy9rEhf7zjnkzpnHlmFswmYuuzTalvY6T he5uBg/sz5pscytO+rIIvFU8MGMGkydPplAocNvNkxk+dAiPznmUZxY+x0MPzODSQQP4bOly mg5U8dMffY93fv8Fset1vFfYcpH1Q8bx4UVXYAqFcJJkHQUfEYnCdh1iw4WDadxch7Ud1L/8 EqsvHsaehS9RbuykpCrsmXQja669iT3vv0Zp/1Y2XDiI7dPuYMczj7J7wm18ePYFmLYuKlrT s+wzPux/GbsefIz6R5ewZfgEujevZu/Mu6l7awMlrWjfV8OqQRfT8OmH6FjY++rbrPntmWx/ 5Al2PrWIDRNuomPrFuJiEy+dcw6tn6/ua8tnxCPeoRIhjhXl5jp2XXo9VTc/yP7HF7L21ns4 uGItescW1g0czsGOdhKtMYljx73TWH7bTBIj1L35PCvPHUnt/BfZNfMxVt10I1vmLkR0mQOv L6HmhluJTBDouquVNeecysFNm7GiKLbvpLr/aNZfeTWr75jM9tum8dIvTsM0tmBcRNPnL7Jq 6GiqZz1OzdNzWXf1zZSXL6fS1UDVlTewa/pMahYvZN2d09gw8TakHOMSh3WKxMY0f/4pK8aN ZdfTD1L79CNsHzGWze99hjYlums3sOzCQWy59XZ2vTSHDTdOo3rBEsrWsfmRR9l7zyy0dajW emrHTWTT2GvZ8/TjVN03i91T52IrMUm5nepp97Hs+luoX7iIrffO4MAjr2PSlKi6mo39rmLz A4/TvHMHB+c/xb6rbkBFBltpZ/3d01kzbgJ75j3Jxuvupu66qcQdHeikyOYbrqW1tgXjFU4n tK5cwfIpt+JVMLEMwbognFRnE2/97lxW33Y/Bz9dSaIqNC5+lY9HjmfPk/PZPuMhNg0YS8fW XRSNR5TNyjAUu6bfxqqb7iTSCUVnSH0ptCxyCeVDm1k/bDJpaxltQlaO9YK1IVOg+r651M59 itRYoqyllBJH2aXETfv5+OILUNXV1Lz5CjsvHcDW6dM58OQSap58iBVXjeXgw0/Sev/DX24P 9C//EXp4+2DK6HXCyi8+4sJ+F3P7lKksXDCPe6ffy5Chw3j/8+Voa7njuvEseekVUh0x8pJ+ 3DfjYSrOUu6s4Zqrx3DNpNuY/9STTLt7OrdNuZO4EvH2W88y85GFRFmmlrOdXHD+OXSUuxAH PR1NXHj+77h16r2sXLUOa0xo0eWEPXU1XDHkMu6bfi+LFi1g8qSJTJv9ZMjE0QUWPPYgF/cf yKIXX6PYE/HS4icYMuRS5jw2j2nTbmf45SPZVXcA7SyrPn2bAcMnYbRkp98pn370Pueddx6P PPoo8556ipEjhvPxp5/RsK+ecVeNZPr0+1i4aBHjRg3jxlvuoaINKmsf6I1m2ecfcMZvz+dQ RxeJkT6B7p2jUmxlxMjBVG3fg0gFZ13o/mEUolM+ePc1hlx2BcpqEusOG62KEFUixo+fwNqN m1m1ailXXD6YyZMm8tS8J1i4YB6TJl7LtWOupVhJSSW0yMIrnLNUb9nIqWecx6xZs3jooQe5 4rKBDBgygjhNmD17FteMH8eCp59izuxZXHj++eyorQ8ZB73t7XB4m3DPtDu5dOgIXnzlZXrK Ja4aNpg3Pl6WtaxzHNyzjf/9vZ/QE6WYpMKieY9zyaBLmfPEE8x99GHGXzOBvQea+/YTToS2 lmaGD72C2Q/dz8L587n99tu4YdJNGG3RaTsz7p3BqFGjeWr+AqbdfQ+XXzGUg82HWL9yGQMH jaAYpXhTZOGCZ7hwQD/mPz2P2Y8+xqgxN7JjWw1epbzx8rMMHnIZsx+ezZyHZ3P7nXdRKJZw usA9U25hzISJvPXB+2iVsGrpUvpfcgkzH36Ax5+ax7hrbuGD33+K2JTN61fy6zPOZ+b9M5j7 xNPcOmEcJ570K9pKleDbQNZ+y6a8/8ZLXDxgEI898TT3T7mVSy48j7tnPYFxjg3Lfs9Pf3oy U++6i8efeJy77pzEr8/tT5cNKfi7tm/mxJ+fyIMPzaGqqor5j0xnyr2zMQ7Eeg7V1/GzE/6D DVv343SZT3//LpcOvoxH5z7OgzNnMmDgxSzfsh0lnn11VQy96kZ6KhW0tThX4fUli5k+Zwml qJMxIy+j34BRLFj0LPMXPcvTC59h7br1WBXzyMwHOb//lSyaN49775nGmaefSdX2LRgxlDoO MHjwxdx77yw2b9tOc2sN3/37E+gsVVBJhbun3sGVw0Ywf/58Jt04iQkTJtHaU0abiDeen809 jy8hyUpCypUKgy88h85E4cRkgQRDqdDDDddP4K6pU5n/9Dym330X102cTEehhFNd3HXXXfS7 bCTzHnuE2TMfol//Syn0dFPobqf/pYM5VCxnB0RBoHsp8NE7r/Dj73+PBa9+RGIjYhtMal9c 9DD9LxnKnEfn8tichxk64ip21tQSFVsYN3IkTZ1FrCRElRYuPO9slix5JZh+uq/WoG+7/k68 zURWLtBzjsHhsoeQaWyssLu2jhkzZ4W21LlAzzma5154hUWLX+zbUMA3F+ihlUyoNRMxqEIT I0aMYm93GWNSVFRgzcovWL1iGevWb2LZqg2s3biWqFLGac3kyTfw9qcrQiTfakLfTMDb0L/a lfHOkpSaWb9hLd2pwfjQbkY5IYkiNm/eSkek0DpC6wpJElO1tYrNm6tIkiScOBmFMTF79tSz afN6EpWwq6aGzigNi+/u7TR3dGXp3hENtdvY09SC0wWU1bQf2seGbXUhmtp7IiQO7xQqjdix Ywer16yhpa0t/N4JohO8s1TX1LJ27Xra2jpCL2xJaWzYS03DwdCOxySI1bS2trNpwzrq6vYQ WwmbURGcKDraD7F69UoaGg+ibDjNdqKJk5hNG9azc8d2rEmoRBW2bN/B+jXLaWs7FE6UHDiT Zq3qhDTpZOPWbaH2MQukqKzVWlPdZrbW7gvv4avfOIWeTjauX0+iSmFz5+PQh9iFPqttrS1s 2riBJK7grCKOI7Zv28Hq5aupramlkiakxpAUm9i8bjntPSWUB+8TvDOYSgm9Yg3Rrhp6tOBS j1MebYVEPBVdobh9E50HWzC2TGIizP4G0i9WEXWVKEtKpA6hN+8i2byDYpJQVjF6w3rSqq0k lZiOreuwKsVGJvSpLnVgV2zGrNqELrQRmQKl2nVUWiqUxZKqCupgPT2rtuMiIdUaV2xBr1iL WbmFtKcppGXGMV3rNmDaC6FFlz/cz1dZR2osFZ/g4yLpjl2YpeuRg80UdUrcdYhk01oKKiWV ULMe1VRRrj5A0Rm07UT2dRItXY2t20epaT96XzOpTWhtrsPs3hlca71ByhXiFe+TdncjrkxS 2Y+JEgrNrcRRkfblH/D6Kb/FdEfo2NJle0i7utBfbEWvXIduayGyZbSN8MUiZvcuOld+gdmy B6mYYPokCiUOqy0m1pS62lFrl5Ku/Azd0I5LHEYJyiqSQg+6ajfJ8lXIgUOYOKHHWbr31lJp 2IdOXEjTTnuQ2mrM8lVI7QF0OUInhpIkFHWJ9GA95rOV2LrdxFqhJUJLgjnYhl6xDnWojXR/ LdHOrSiXIBKRpN2ke3aTLluGq91LKS1jYkEnMT3Vm0krCu1iJElIDx2iWL0Fp9K+ntleLImz KJvgC61UNmwlqqpGWUPJFTCtjZS/WI/esJGkUiJVhqQSWh9FTlFJE7o3ryDuPojJWvu5NMGn kgm+Lko1uyi3FUOKtVcYZ0MJUlnRsmU7qqcn68vu8EaCOZUYrI4oVW2l0thGZGJM0oCu2ULl szWoNRtx7Z2ITmh55FgmcVmrIw/eplhTITGKfQf2s27tCur37yM2NvS7toa6bVtpbmnHmpSd W7aw/0BL8OuwRaxOqG9oZO2GNRxoPBic2LWhqXkXjQdbsx7nDmfLrFuzEqVjxBmstpRLXVRV baW+vimkvUqK0QprNcZoamtrWbNmDQebmomza8pLgpiIffV7WbNpK1qZkHpd7GD9hk1U1+wk ikLduxJDR1s9a2oPIDqksFsb5nCxWGTDxo1s3ryZcqkUAo7WoOIye/buZeWqNbQ1N6JM6LPs vAulOFqzt3Yb9U2toYWluC9typ1JOHBwN40tnaF8Rzziw/3AqIid2zeyf18TJsuyOdzLPPRU 3lu/j/2NjYikiCi6OjvYuGE969aupKuzGdEebR0mE9a+twe0VnT1FFi/bh2HWg6xb38923fX YMVgjKKjo521a9aye9duokp8RO93d0Sfck2aRNTta2DTli0kKmb79k0c6urB+9AuM+pp5Iu1 a0i0xWmNk4Tu7k7Wb1jPzl3bSFKFtvZwaqcIRqcYnbB9x1bWrl5HY1MzxtgsIJUixtDe3saq 1WvYu68htBY0ms62FnbsrA5+JibFiqVYLrFm9XJ27d5FIUt1dyrFmQqdhU62bNlCzc5q0tSE 06SIgwUAACAASURBVGjR6CRmx+5qdtTWho4mxlKuFNmybQMbN2+mu5iE68uleEnoiRI2b9jM nvr9pIUSGzdVUVIWEd1nsutEI2mZppYWVq5ZR7mnnQP76tjf1IxxGrExlbjM5o3r2bO3hjSK 2LhzOyURxIZytmJ3O6vWb6LhQAMNe3dQ23AAm5XOVXo6WL3qC9qKadjbpBVKhRJbtqylautW KkmF2IW1oFRupGp3LamNMVajbYXWA03sbeogSstsWruUz1euZe2aNaxZu47Va9ezr6ExpLkb xd7GZjauXk93dzfbd2ygGHWE02FJKJQ62LRxO82th4jiLtauqiIxYR/mTJnuzlZWrV1PQ0M9 kbIY63G2QmtTNfVNnSgneO9ItKZq9Woq1iIm83OQMOet1jTs38+6tWvZU1eH1ilWEkRZrFW0 d7ewYe0Gdm7biU4V1lriNGHbrl3Exh6+9lwInMTFDqo2raMcpRiXUpEIYyOUrdDd2cXmzZuo 2rqNKNVoa0M23Y7twRPGaawtU7V5Pe1tnegsiHW0QN95wxS8DbXqveTiPOdI+qaDl5Al5aC6 bi8zZuZ90CEX6Mfk2xLoENLXnBOMB+MczibcOGEcc194G20NqVE4J2hJsU5nRmUJzmjaDjYy +fZbaY/SkG4paYhM+6y3ugjGhw2IdqH9jhGDzXqsKicYZdGJJTYWa0NPb2MSTPZnyaLVxhq0 TnHGILYcaotccNm1uhI2MRLMWlKr0SqhRxu8dJB6UDrUI1mrstNin7UjCgY71graCspYrAk1 fTa78Yi1KBPqlKwNZibGSnZaFDZ/VgQRj7M6pISLC63ojMJkhlyHa1YEbTTiBGNV+EzEoKwO fZOzwIFzhiSro3I2RUv4t+IKRNYQW4M1YSMRZy3VnOohsSHd9MvR4N42EQZjbXgsJ4g3WR91 2/faxJq+XufiHNYIPlYYIySZ94E3GjE6vGZr8VktvLaSmV0Jnc7ijA3i3IFRFiMK40K6pzEO k1gk1TjdjVEGk1iMrZBaS1k7TCqhn3pqsJFFpY5YwmlYKoIVTWJTKsaQuhStNMqmKNeDWIeY FKcTusVS1sFMLDEWFRmUSkmNo8cZXGKJxFFwoW7ZZUaMvSLIiASBlola0QmiUyIx9IgjlQTj OjESzLlisSRSQuvwOkUiiloT2wqx1aQ2BFuMCKkoEtFhY2cNXhlKtgWrNTaK2HL9KD5/4EGe HXcDO199llUDr6TtubepaKGsHZI6UqtIjCU1glbhdRrtwgmyERKlqWhNyWgi53BKMN6gxKKV oGOL1YZIbDCTcgZjHJJ4yiJhE6QsxhqsFmwsmMTQ7UIrMNEOSYVIWyoiJFaCMDKWogixCaZm 2ihMbDCRYHyZxGlsqoPXhBhiMRStRkwJYxWJpJRshUjC6WWqDbbiManNenw7ElcO7f9MgrGl cC26IM6908FJ3QlaldFJgk0ilLEYVUF0iURZuo1CqXBdpxIEoLIWrVMqJrTN0lYTS6ivdjrF Woc4hbZREFxiMVbjY0eqBZtYlLVZFsvhNTGcEoVrLrI21NGmjrLTKGuItMEqiyhPoh2Njyz8 ag16tp4EYRhM4bSEdcjbULJiXOhh7XWaXYchTdtI+N5TscFMyYT/XzkVrnkbvm/jwibf2krI CLBpVossiKtgrMuMHGOM9hhJMa4STDAz0zLJ5rg4Drd89JmzsglC0IrKSnEMxuhsLVY4k6LE okxMt3MhEOqSzF1dsvaRIeAhIkFoWxO+GwnXgLMm6wlvw+vSHqN08NZwZPMk+06yz9NqjbYK 5RTOSvi9V1m7tbCeW6uwve8xC+I5cRgV7hfiTGjRlgVRrbFYo0P5gQ7lCUZUFij2GOfQxuAk C25IbxDXZq3e7BHtMsNae/Q9v1ekO2uDm76xGBWHtdw5nLdEHrxqJ9JJqJ3WBmsrOBuHtHNJ g/B2+ku1l07Ca1dWYXTI5DLGI9YT+3Bti9V9a5oVF8xkJdxfxKhg2CqCMRpnwlzT4hGj8VZl Zl7hXum1x1qHdi48lg7vP8m+V28d1iRZEETQ1ofUZpdm5WAh28I4h4uDwWpsNU5UqKv3hN7u JsYYE+5bTuNsgliFuJDV4F0S7uEuxcSW2KZUtEJMTCoGp4okYtE2xUqKduH7FhehdURiCkQ6 lNlZSbFK46QHZ222TzBYU8FKAW0N2oVgvxKD1wolCcpavBZSV+7zGghtbMn60AevIEmDEaJ1 RYx0Y02KtjFGZy7/kqK1RqygnCbyDm+LWF0M91Ibh+tOe8RGYa1XoUe9+OBJoCJL5HR28OCz zJoswyYLiooVrDXZXsOFn0Vhe69RF/ZZqe3dU5ns2gvXkmSHFyIqPJYolEkwNg1mdtmBiHHh vhzmZ7a3dJkxnNbhM7Y27E+c/YpA33XDFLyxeJML9JxjE6aDO6LbBlTX1TNj5sO5QCcX6Mdk 8Qsv8czi58NN+ogJ8s0EephkxpOlTFo2rFrKzDlPkWoTNn3OYZ1GfKjXsV7jrGFnVRUvv/Ea 2oPzNtQgZ6/Di8dbj/ahNY3KzDhEVBCFniAQM8GjrEbEZ2kjOiz2vaf7rneTGzZSziaIC+2D vAs1fC47QQ61maGFSiwO54poD9r4IJJFZzX3oQe8ZCZ5ztF30+tNGbS29xRODt8MrcmEPXjR Ie0lE3Iua03nXLYhEsHbEGm2JnuO3pRyZxAfehUbsYgLrUBM9nm7IzZ/VsLJiHW9KaQRqUjY fLhwQt97gu5tEk6LRL4i0L2XvueXPnEeshlc9v7cUSNsEj3ehs9A925qrWRBh3By7q1HPGgf 6u+88dl3qDMxAsZbnA/frRVNyUGaid7enqpGfPizdpje4IFR4WROFGXvMMbj0vD+e934pddV PnF4bfFWhXpVH04KxGl0KqG9kRGKXuGMDaZVTuOVxluDFZWljYaSgb7TseykIPIQZanFktWo exXMbbyLwwZFTGZSozHWZcEgg1OS1aL6UENnw1z12oX0XeP6nqfdx9jssyntq2Pfo7N5+oTv U3fTFHa/v5TYVrA2xXiLeIt1Md4kxK43UOQxWaDMutCbvuxdqJN2Dl/2iEvRPgQ2vCtnvhIe bUNGhfIS/AVMivVJOCnzjsiDtQ5rw89e+74AlFiXCSWX1QIK0jsfPBQ9JA6ccohP0F5CIM4n QWQpj41CZofXkm34XMjC8KCNUPaQaodoj4hDuyDItDMkXgVvjl5vDWew1vVds4nTaKdCPbJV OKdC3/IkiA0ngngdSnWMQ3uDNVnWjTVhfZJQHhA6F7g+czSTCQ5vPEY8ZW9wqQ7zNBNxxh9u 0RIcpVOcjbJrMqTka61RYsP3Jpb2h+d/RaAHMeay9TucDtvModxL5gruCMJTp+G7ya5d4yzG aawPcyVcyybMpWzdDetoOVsLe4MRJnu8IECMdThJgiGd+CBKXZpt1m32nIeHExXqmT194jOs c2HzHoIOJls3UrworLNoG4JKvlc4ZWvtkaU7vf89HPwI79dZG67FrOe4mCBwXbbm+b5ATibQ Ias1NBiXBnHuDHjd9356N20uC2731WofeZLubDBXE3eE0M0M1xzZZxVO532WqWN9+IycE2zf Pcb2BdHDmtx7jzr2vdxna7/0ZYplKbwieC+kHnwW4BYXyrxEkvC8VjL3//Cev9wDOATPJbte jfjwGsWT+syoToIY6i0XCK85a00kJpRhucyZPbuOwj3H4EVn7633PubDfsD3ru/h8zS+93t1 WYuvLIvMOZw3fd+r9dnjZ/cjcSEg6Z05fILuBO90VgrmsGJCYEkO38ODgV+vx4IPAUaxwQE+ MyRU2bw10vvaw/1MJEVL3LeH0lbhrAEf9QXYwolxjLhgHKt7g1Xi8KLDdSbBE0P7Unj92RyU vo4E2VprwgGC8wnOxyG45oLPTNhTqWwdDHuJ8L3FOBtlewkdPj/jcZJmho3Bi8P5zMMmEbTT YV/UW2Ljeg13s9civWaNLgtUhbVUnM2+72w/5XsDZPbw/iTbg/WZF2ePp4wEY67s2vU+y3Dr vYZ9Zvznsj2N+MyUMQsQHcMkbscNU/oCcH3XUC7Qc75CWP/wYc9bU1vHAzNn991zjmdygX4M 3nzzTV577bW/2ATpPZX4usd22WnyH/t3OTk535ze08Eoihg0aBClUim/MRxntM9Z9BWBnpOT k5Pzx+kNjB4t0HfdfG9fm6z8fprzpyAi1NfX89hjj2GPKI04XskF+jHQWqOU+ott1A9HQv/w 4/+x3+fk5Pz59F5nxhiSJMmNSY5DcoGek5OT883oqx0+SqAfum/ul7IFc3K+jt6Sqt69WO/e 7HgmF+h/gCNF9F/yOb7u8fOFLSfn2+Xo66n3z703h96Rc/yQC/ScnJycb4aXYwv0tgeezPew OX8yvVnDvfMlF+i5QD8m+YKSk/Pfi6Nr/3NyeskFek5OTs43o9ez4isC/cEn/9ovLSfnb5pc oB+DfBOfk/Pfi1KpRBzHX+vpkF/3xye5QM/Jycn5ZhgfTGRzgZ7zbZDvww6TC/RjsHPXbnbs 2p05cDsgnyw5OX/LfLb0C+57YCYd3T2Zc3xwu8ULEBx0X3ntTRKtya/344tcoOfk5OR8M6wL XUCOFugH75odHOh9fj/N+WMcbmfd1VNgw6bN4W+Pc6GeC/RjsGjxC8x/ZknWuia0YfmmfdBz cnL++nz42Rf0v3wE19x4Cy+98RaFcjn0oTWh7VJsLCedfg49cZq1Bzq+a5+OJ3KBnpOTk/PN cE6IxX3Vxf36O/FisM6Etm5ZK8x8H53TS99c8NLXfnRXzR6m3z8zP0knF+jH5JnnX2bRkpf6 em1DVmeTryw5OX+TfPDpMvpffhWXXD6KS4aM4OrrJrNyzQbKlQgrjthYTj/3IkqJOiJzJud4 IBfoOTk5Od8M64Wic+zKBXrOf5IvC3RBxLG7rp4ZM2fnAp1coB+T5158lYVLXg6pO87hAfFh 9C4w+chHPv52xvsfL2PA5WMYNHQcAy8fzaVXjuGyoWO4buKt1Dc0EWnLGedcRDlWOMkF+vFE LtBzcnJyvhneOkS+muK+6/o7cUbnAj3nD9I3F7zgnGDFUb1nHzNmPtzXZvp4Fum5QD8Gz774 GjfecRcLnl3Ms8+FsWjx8yxa/DzPPLckH/nIx9/YmHrvTC65YiyXXDGWgX1jDJcMGcXQUVdz /4NzuKDfIMqVGGvluL4pHG8cLdB3/sOPaLv/8XzkIx/5yMcfG/c9zqH7HmfXP/7fLwc6r78T p1LEW5yXXKDnfIVjCfRdtXu4/8HZaK2B47sOPRfox+CpZ19g9IQbeWzefB57/EkenfsEjzw+ j0cef4o5c5/MRz7y8TcwHn18Ho8+EcYtU+5h4BWjuaR3XDmGS64cy8ArxzLgspE8+sQiTjzp VEqlCGvy+vPjiaMFej7ykY985OPPGzWT7sJbnQv0nD/IkQLdO4eIY2d1HVOmTf/ajjvHC7lA PwbWOYxz2My0wHO4Bj0f+cjH39748NPlDBgyhgFDruKSy69i0JVjGHjFVUyd/hC7a/ehrSDW 4cRlJ+h/7VUo5/8vcoGej3zkIx/f7mi5by7iwsmocyHF3flcoOd8Ge8Jbv8STtCtc2ibp7dD LtD/AHlrtZyc/058+MkKBlw2hkFXjuOyYeO4/qY7ef2dD4iUDkE4cXiRrC1Mvok4nsgFej7y kY98fLuj5cEnsT4TYNkNNb+35hzNkfPDA867fI5k5AI9Jyfnvz0ffrKUgVeMZMTYCbz29vtE SoUMmWzD0Bvhh3wTcbzRueBlqn9wcj7ykY985OMbjN3ZOPLv2p9YHO6luUDP+Rq+KtDzOdJL LtCPgfccleLqwFvweW1qTs7fIstWrOCpRc/Q3NaOdYLzval3FnGCsQ5xIM5hRfA+z6DJycnJ ycn5Orz1GCcoJ3jjEQfexHid4OVwmrInF145R+PwztKbsWwllBVLlt6ep7jnfIVDza00NbUg IohIEObe5AI9J+dvlDiJSbXKauKyYJsPP1sRUiOs2VBFanqFe36t5+Tk5OTkfB1ePM4Jxlm8 9sTWkTbuoWf7NrwNLUt7xXku0HO+jOvTVs45tLH0FMvU72vIBTq5QD8mzz33PM8+8zwiLmzU vc0mkf1rv7ScnJxvgHOCsRpjNeD60qqcE7Q1VJThl6eeTTFKMZIH43JycnJycv4YLruPOtF4 5Sk6R/3ieaydOBmvpU+g56nLOV/hS4efDiuO3dW13D9jJtYGvXU8i/RcoB+DJUte4rnnXkIk RP++qUDvdZAOaRzSd2rns3rXvqiiB+8s3mW/O2r0Tt7eNJAjazaOSSYuep+j9zkPP8ZfZsJ7 cXiv8F6C8ZZX4X3n5PzVcYjYLznKhusuzNXIWE797UUUE52foOfk5OTk5PwJiAdnLFYU1jg6 vaP5uTnsvn4iXgnOSvg3f2zfmnMckqW4Z5rFiqO2rp4ZD8xCJHdyzwX6MVjy/Ms8+9yLOJct KL73FP0/J9D7FiXnMvEt+CyttrfOvU+gizmiFuOo0ffcXxbof3Cxy15n3++/JPD/cpPdG4f3 FZwziBO8r+AlzzrI+a9LbwAptsKp51xEKekNKh2/N4WcnJycnJw/BefBaY12GmM8iYOm5+ay 8/pJeO2QowR6LtJzjuTIOSHiqa2r54EHHjnuxTnkAv2YLHn+JZ597oW+dJzek7b//GmwO3xa Lr6vD6TrE+tHiO2jjDS+XLPzVXH99Ytc9lhHOFMfFul/Obw48KrvlBKv8JKfROb8VyZcE4kV TjvnQsqJOiLbJCcnJycnJ+cPIR6ctYi3OO1xxtO4aD4bJ96KNw5npS+bNBfnOUfzJYHuyAT6 w7lAJxfox+Td9z7krXfeR7K5cbSI/lPpOzUXH4w0xGfuhOHv3VGp7r3uhUcP9wcGcMxJHBbC rCZIXHhub3HijuFQ/+3hj36NWYrKt8XR7z0n58+ld84mxjJyzNVUkjRLb8/nWE5OTk5Oztfh IRPhgrMeMY79777N2lmP4Wy2D+zd5+YCPecIvqStstLY/Q2NLFy0OE9xJxfox6QSx8RJGtpF eP54Svkfwtu+k3LpXahsghGDER9q3I/s/+cEsaZvOLFYo3EupAlZa7Nh+upprbVfmcRGPOI0 Xsp4Y3HWY73GGMGJx2h7xHv5dia/cw7nDWJ89voVYnxwzP6WnqPXVf94vmBzvl2cc2it0drQ 2dWF1jp0bsjJycnJycn5Wrxz+KxNqXGgnKCjIqpQQGwusnL+MEcKdOcMVixKG8qVKBfo5AL9 mBw+vaavDv2bCHTvbTjJ9kFcOhOzd/tqnn/pVUraoTPR7sXiRVi9/As+/f37bFy3ilHDh4Yx bCjDh41gxIiRDBs2nJEjR/Luu+8wZuxVjBgxguHDhzNs2LAvjcUvvMah1oNcf80oRg0dybCh Y7lyxHBuvXUK27fuRqtvX6ArrXhw9n3UVh8gjSvMmvkAi599HW3Vt2K45ZxDRCiXy33ujjk5 fy69NwCR3sDX4aBXTk5OTk5Oztfh8D7sl60nHNAYwYjk/axzvpY+XZW5uRurEOcwxzh4PB7J BfoxcB5sb3q5HNmS6T/3ON4L4i3agTOClohPX3+ae+97kIoDZWw4VReDsxFPzryfJxYuoNDT wd7qXdRV7+S1FxbyT//4A97/6DNqq6upqa2lu7uN2rrd1NRWU7N7G//8D//Ea2+9Q03NLqpr amhra2fXzs2cfubZ7NpdQ211A9t372DO7Ec46cRTWL1qG96lmXuixXkJ71dM34IqEt67k/Dz 4XR7CX+fOc6Hi8gSRSV+d+5v2Lytligu89CMB3n+hTcxohFnEbGIFbw4RHxIiXIG29eiw2Jd CI54cTjpvUBBnMU5RUdLIzffciflKAn/zoWMgJycb0pv4Mc7i5Msc+U4vynk5OTk5OT8KYR9 rsNlZZxeW8R4dLZnzMn5OnzW6SqYS1uMhGBPnsmYC/RjYrJUHXHgskly2LDtT8c5sN6QiMMn QkUSFj96BzMffJjEk/VZd4gzOOlm6jXjmffWe0G0Woc2hs/efYUf/Ph09ja1ISbFePAuRZxG vEOXW/n7//EP7N7fhJM0E64JW9d9wtmXXUvkbDgVFMEmZcaMHsyIUXdgXQ/eKrxXWDEYJyir UGIxRrBGQhQ01ThxWOswIuHisRbnDMYYjAk/93S1cdqJP2Z3YxNaFC51xCJorVBpTJpqxCjS VLDaItqiTEziQesUa1IS67FW4bTFWZWdaHq0tVhb5mDdRkaNu4ViZEjF4kyKmFyg53xzegW6 MfpLJRS5SM/JycnJyfkj+HDw4q3HiMM4i7eCtZKVbub30pw/TF+Zrw8BHSMObYPuOt73YrlA PwZ7GxrZ09CI6e2DzjcT6N6DOEMqgleW2JWZPW0ss+c8TurpO6F2zmJ1B6OGDGHJJ19gfAgM GJ3wwcvP8B8nXUhzTxkn6ssC3Qnljgb+5//zjzR2FL4k0Fd9vISRk+8h8jY7GTc4VWHMmCsZ NmIy4iK8BIHuraZqywbe+uBDFr/4ApNuuonOzg462ttYMH8+E669lhtvvInPPl+GMoKzEd1d nTw0axZXX3stU+6Ywsqln/LTE75PQ0sHcVTm6Yfn/H/snWeUVUW+t+/HWbNmxhxQMaNjAMyI OSCSVCRIzogYQVCUnHPOSJCcdMwiooIokiSnbkIDTewcTtqh0vN+2PucbhDQGee+d5yuZ61a iz6cs2Pt2vWrf2LN1l3EIgXMnDKBZd+uYuTAvowcPxMRj7Bt61a6v/sOL3d+h2GDBpGelkZc KKQfISPjEH379uKVV17m3Xd68+OadXz62T/o/GIL7q1ag+49+vHp8m9QfgIlyu7Da/n9JF8A UkqOnzhhcxxYLBaLxfIbMQaMMEgNjoG48ZEF2bjZ2eH81r5PLWcnZUE3EqU1cdcjv6AwZUEv y/3HCvQzMGfBEmbOXRAkifudAl0bGcTiCIFQBbzVsQF16r5Azz4D6NWrN3369KV3794M6tGV e+96gE9+2hS61gdCeMm0kTz2VFMKXYlW/mkCXXIycw9XXHYj+XE/JdCVSvDJ3MH0GT2NhJYo 5eH7Dlt/Xsttt9/O8m/XB/HxykMbF+0nmPPeOCrcfhcffvwRBZEiPK+AVzq+yJhx44lGizh2 9CjPP/8C+w8ew41n88TjTzFh6hSiTpxIfjGvtmnJteVvILcgSkF2Fo/dX4Wl36wl9+RhHr2n Co1admDf7s3kuXH2bFzFPVXuZ9++NKKez6rlX1KjZm1crdix4Rtur1yF79d8Tzwe5diRk8yd uxjXjfPtp3N4tUt3imMxIp6Hlo61oFt+F6WzuD9RrQbRuIPN4G6xWCwWy69jCAS6b8DVILRP 2vw5fNujTxDKqHRJ2WA7XbOcRlKgmzCLe9re/QwZNsoaS7AC/YzMWbCEWXMXBgPK77agS6RU +CJwY29c8zHe7TucFV9/y4oVK1i+4hu+WbGCFR/Pp9It9/Ht1l1hnLbG6ASThnTn2VadiCuF Ol2gG0Xa1jVcW+FuokKmBLpUCd4b3IEHqz1H61df4cX2benQoQO9e77Dz5u3khAyiBXSLto4 aJXgvdF9eGvAGHzpIpRg38avaN+6FUdP5lJQkENxUT7jxk/i21Ub2LLxW5589BlyigrxlYNy NT8u/4DrKlQlGnc5cfggD993J99t28fJzD08VvVRftiyGy19HBllaK/XeX/pp+QXFpObX0w0 9yTtO77OyaIoHZvUo3GrznhKoZQIsoMKg1Qei2eOoVvv/vhK4hsZxNHbGHTL76KkDvqTNZ8j 6njhZ2X7xWCxWCwWy68hDWhhEEYhpEFrxfEZU9neudsZ66BbkW75BUalEg2m78tg6PDRZd69 HaxAPyP/NoGuJUpLjFB4UqK8Ip6ofC+ffrMRoxRaq6AshedSdHwvf7++MtsyMjDCIJRCGpch vTrTsfcY4lKi5C9d3Nev+pIqjz5DQpUIdE/EGPTKc3zw2UpiKkj+FsR0R0n4Alf5aKFBx1HG QaooEwe+wcJvf8DzYwglWP/RDB6r+jg9+g6lb59e9O3Tg759+7J7fyarv/6AFo06E/EcXB1D OYod6z7l9ir1caVHxq4tPHDXrWzIyCJj72Zq16zHoewiXKnQIo9XWten7Zu96d13AH369mNQ 7570HzqS3GiUJk8/yZDxH+Eog1QCo8L67dpjzOAe9BkyCl8nBbpjB3vL78KEFQYSUvF4rbpE XC985sv2i8FisVgsll9DGtCej9I+UhiKDRydO4Hdnbpg/KBEsLIC3XI2jApKUhtVSqCPsQId K9DPyNz5C3h/zrxfuFj88xZ0gdYyENzSxYmd5M6/38mP63YEAt1opAatBMfTNnP1VZU5kHUS KR2UUChVSI+uXRk2ZT5OWHogKP0mUEYgpcfyzz7huQYtcLUOFgOMwPcivNSkHstX/hTEumuF Vj5GByUMpFGB5dn4GCNQspgeb7Tjp01bgsRswiPtp2W0bdWOgpiLUEEcu+u5CKVZv2Y5Nao9 S25xMUIJlOOzePp4Hq7dAaEctmz4gUqV7uTA8RzSt/1IredakVXsILWPFvn0eedNPvzsO3yp ERpcIYh5Pp4bpf0L9Xi58wDiQuFLhRASISRKOnR7vQ0jRo7GVwpXBVkfjfb/vTffUqbQOkig 6AjJY9XqEEm4KB2s5losFovFYjk72oAnXZT00J6hWMOxmRPY3rkLxk9W/SFMGPd/fbSW/yw0 GAlGhXMxTVr6PkaMGG1d3LEC/YysXr2aVatW/e4Ooo0flCOTBiXj5Bcc5MYKt7Jr516MDlYV g6zoLtvXreTq8pU5XlSEEFFUQmFUHp1f6cqcpV/gmiCrvFGBC5EyEuUl+MeSJXTo+BqeJrCu G59YJJ96devyw7oNQcI5ozHK52xWQZHIo33r5hw4cBCpNFp4+PE8OnXqTPPW7Vn903pmqxrf ngAAIABJREFUzJrDa290Jisnj3gkm+eeqcWLL7/Kj2s3MHrIYOpWe4JGHXohZZwfVi7j/oee Ircgwq6fV9Kq47vkJwRSOUg/wo5tm7nv3geZOHkK6zZtod/gEQwaMhztJ9i85luqVH2EwcNG sXrNenr27su6DT8jpMvHS6bzbJ3arFj5EzlFDkJppIz9y/fHYtE6iHuKJ1yefa4BkWjcCnSL xWKxWH4DRhlc7SGli/Y0EQ2HFsxiff9+GBGUzTUmFOjmnzd0Wf6bCQU6JeWd9+xJZ/SoMVag YwX6GUmWW/q9HcQYidEaE8Z7n8zO4Iknq3P40NGghrcJ6n4r4bF+9QoeeeQZ8qNRlIphfIUU +bzbrRfLVq3FC8u+GRMmtjIKLX0++fBD+g8YjDCBqxFGEI0U0OHF9mzftRuhQ4GuBWcT6NIr 4o3XXiY7Nw+hggfGqDjZOSfo0aM7d9x5J889X4/Pli0nISRKxsnLy6Jpq9ZUvutexoweycK5 79Nj4AS0TvD9ymU0a9WBwmiCbetX0nfoKCKeQEiF9F2UcFm9+jtq1XyaipUq8VqnruxJ34cU HtKNsidtD3Xr1uXeKlXo238AOQWFeMLFjecwsH8/Kt95P3v2Hcb1BUa7//L9sVhSJQiV5viJ LIQMxLkV6BaLxWKxnBsjDEIrfO2glCDPaPziHETWiUCch9WQrEC3nBGjSAp0rTWe51NUVJT6 uyyLdCvQz8K/p2PoVMxN4I7tBfHUKuiQyRqRWiuMctGhK7nRPloG5dKkEvg6EN+pLJhGYYwK 3OdVUDswGeODURgtQxEffkZJrO0ZMQKtBVLrIJ4oKeiNj9E+SvlIrZCGsAScQEkRusuD0BKh faQmiAvXDkoTuO9rF1/7SKNRUqOlDt3tg7JxRgdxJ0oHx6q1DK6T9tE6yIAvtEYoiVZOcI2S ixWAUtbF3fKvc+pLoGy/DCwWi8Vi+Wcw0iA0+MbBaC/4d1iJKJj7luRxsgLdci5O111lfT5m Bfr/IklxboxGm0AAJC3gv/yyKklOZVQoxGVgKU9Z9Er+P7nqlPo5pQe+fzZuPnlsQamD1L6S +zEqNbjqcMA1WmN0sFCgjEYajS4V1651EG9kjEQbEfzGlCwwYFyMlqljPeX4w5iU1CJGuGgQ fHb2c7VY/hWSzxpGlDx7FovFYrFYzonWBAYiLTAqCOtUyqTizk9vFktpTp1v6V9om7KMFej/ i5S4owuUCWtBanVGa3ZgHS8RrKV/H4gHeYpgTorXf+dxJkWK0SUxQ+b07yVj4bXGKIHRgfjW JoyPDxcjUp4DRqe2V3obye2f8Xg4NZnIL79vs2xb/n0EAt0H4wX9384iLBaLxWL5VZQJrJ7G Nyil8Y2PVgqtTIlR5wzzSYsFTs/sX5I0zmIF+hk5kZ3DsawcVGgpTmJS5QBO61DnFIuhZbrU 32f6vkn93y9//8v2v8Wp2z/bgHquc0mtlP6Gchrn2v65f2oFuuXfQ5CYRCGUZNvOXXh+OLko 465VFovFYrH8GloqjAxc2qUSeFIROXGQot3b0FIgjQy9M61It5yNINRXa000keBQZqZNEocV 6Gdk9vzFzJizIMhorku5VRv9Lwh0i8Xyn0sg0B1f8FTNOkTiCaQUZf7FYLFYLBbLr2G0Jq41 vpFIFZRa27dwLmvffgsjBVILK9AtZ6S0sc+EpaR3793PsJGjkVKW+XmYFehnYM6Cxcyatwih FEpKIJngIrCGl8RXh/Hl50rAZrFY/mPRWiGlJOH5oUB3UEqdOU+ExWKxWCyWFMZoEhqkEkjt IKTh6Kzp7OjUOSXQdZjbxQp0S2lKC3QdVtTZs3c/Q0cEAh3KdqI4K9DPwOz5i5g1b1GQHV3K VIkIpUEoQ05+IV9/vRLXFanszxaL5Y9HUqC7QlKtRm2KY3GUsiu3FovFYrH8GkZrjDQY30ea BDGjOTZ7Kjs6vY6WAqH9MPmwFeiWUykt0JWUSKXYvXc/w0eNTZW6LstYgX4GZs1bmHJxV1Kk aiXHXZ91m3fQrUd/Xn29G67jhR3ITuYtlj8iSgUC3fEFNZ+pm3JxtxZ0i8VisVjOjTKaiAGp BUq7yITm6Iz32Nm5C1r61sXdclZOsaBrhZCSHbvTGTZyjBXoWIF+RmbOmc/k6e/jC4mUAikl e/fupXf/QTRp8zKNmr/Ia290x3X8VLkxi8XyxyMoCSOJxBPcV/VhimNxhPDL/IvBYrFYLJZf Q2tFTGs8IxHSx3iGtPlzWN21C0b6SGMFuuXMnC7QpVLsTt9Hn/4DUwK9LHszliGBfmZXdK1K apMnE78VFBaTX1CELxVZufl89NmXtG77Io1btKVh8w40bP4Sr3buQcLxw3hVhdHSNtts+4O1 5KqtKyTp+zLwpSzzLwWLxWKxWH4LWmmU0igt8ZTEVQa/IIvE4YwgM7dRKYEOVqBbzoxWCqU0 0YRDVk5uag5WludiZUSg61L1wwNSNb2VRkqFlEHngKCjSCFY9cM6OrzejYYtOtCoVQcaNGlL w+Ydadi8I6906UVx3EMqjZAKqbHNNtv+oE1p8HxhM4daLBaLxfIb0SZMmqwEyii8pMHLepZa LL+LMiLQ4ZT63qE4F1KzN+MQw0eNY8Lk93h/7kLmLljCgsWL+fTLL2japj0NmrWnXtMO1G/a kYbNX6Zh85do2OIlmrZ7jZHjJjNu/ARGjBnP8PHTbLPNtj9YGzFuMiPHjGfk6LF89PEnNu7J YrFYLJbfiNbgGVDaxQgfIw0iXPS2WH4d21HORhkS6AFaa5TUFBdFWbBwCWMmTmFX2l4coZAG hAahNQkhWLlmHT37D6NRy1do2PyVUKB3oEGLDrzSpQcx10frwH1HGWyzzbY/WAss6BoVTiiS SeOsFd1isVgslnNjlMHV4GsPI3xcrYkbFbi3K516lxoCa7v5vz1cy38UGowkKdK1DsIlkv2m rBtLypRANwa0MkQjcUaPmkBa+j58KRFKo7QOXHUMFMUTFMUTOL7A9QSrVq+lbYfONGjajgbN 2lG/eXte6dqTuOcH8TVaYrSwzTbb/mBNa4UrFK4vyMrJRUqJEMIKdIvFYrFYfgUjDZ4GXym0 0OQahYzk4mbnYpTGhGJLh4viVqBbStBgBBgVGkcUnutTVFicEuhleS5WZgR6KuZcat6fNY/l X30bWsoEWstgFSds02bOZtLUmUHiCyEQvuDAwUymzpxLyw5v0KB5e17p0p2476PD32itbLPN tj9YU1rjSYXr+9xzXxWi0ViZX7W1WCwWi+W3YLTC1QIhDUoYIkaQOWs6a9/qgREqZQ3VBqQV 6JbSGAXGDzVU4N28a2caffsOsJ6MlBGBrjVIGbhObN68lY8//hTPD0Q1oStOKomcUcxdsIRZ cxeitMYomZrIawOHjhyn34AhdOn2LgnXDX5rYygslj8kWmsMkBCSajWfI+q4GK3D59pisVgs FsvZkEbjGYFQEuEbXK3ImjWZ9E5voT0VZOdOWtC1FeiW0uiUYVRriVSatL37GTZiTJm3nkMZ EegGUFpTHInSp28/srKzkee4+XNCgW4IslGW3oZSing8Tnp6esoVtqx3Iovlj0oy02xCKh6v VZeI64XPvH2mLRaLxWI5F1qD9iVSCYQyeEZzeOEkdnXqivE1WipUGD6a9GS1WCC5WJMU6Qql IW1fBkNHjLHaijIi0LUGIRUbf97M9z/8iJDydwl0pRRCiNQKT1nvRBbLH5fg2XWl4smazxF1 vPAz+0xbLBaLxXIuVDi/Flria9DSJ3POZDZ37oYRgUDXVqBbzkCqKxiFCZP1BgJ9tNVWlBGB rnRQq/z92XPJzS9Iie2zjRMz5y5g2qw5gTvOaRkoS3east55LJY/PhqtFI7vU/Xhx4jEEzYG 3WKxWCyW34AyEDMa32hcrTGJBAfen8HKN7ujhUyFkVldbjkdQ3LBRmN0YPzclb6XgUOGWQ9l yohA1xoOZBxi1OixuJ6fGizONmAcPHKM/YczETKIn+FXvm+xWP6YaK0RQuD5Pt9+txLX9RBC /F8flsVisVgs//FoHVRBktLgGYURDtHMA+TuSkNJG0dsOTtJgW50INClkuQVR9idlp4ylJTl /lMmBLoBFi5aymeff5mynJ9LcAsNjlBWoFss/+UkS3l4npcqsZYMX7FYLBaLxXJ2tFZIo9C+ QRiNlj5xLRBKoY2tZW05OymBbkBJgVQSXylEaDm3FvQygOcLho4YzeHMo+FgcW6XG6HBUwqh JEpJILDC/7MCXRkwRmKUj1ZBfAVGIf0TRAscXBVB6wKM66O0h1AGXygS0kUIB88pJprwAlf7 5HaSsTzJVUstMDqBEQKjI0SkwZV+IDaUxmgPoxyk0Wjthx0ejDIYLTFGI4RBe3Gk0SjtB3Xh fQffcyhUGqMUUvkYGQvclbSHMQpZqmyG0QoTXttkvcsgRECiVQQRK2Jr2lb2pO0nKnyUKHno Sq5rsIqW3J7WyeQiGmUkngalfLRw8ZUKMvNrj8yDe9m9bQ/5voerYwgtkOFxKwPKBLUWTfLc jQ63n7xHCqPdVM4BrYNj1yqBEUVBDJVWqWvjqQSu1PhShddUYcL7Io1GlgqFCO6VwGgvdd21 1igjwm2GfUt7GCNQJuyb2gcjgm0ZBUagjEJqwMTBxML6ogJtEihlQMcRWqN0FKniCOUjzT/3 cvxlfJhOxQdpqdCexpcRhBRB+RTjpwZYozVK+mjlobXA0RohfbQSqYFYl7q/wXWR4f8F52hM 2DcNYCRGl2T41NpDqTha+WD8cBuntrPFjgfH54UrtQ5KeQgZZGs3OpxIaI0O+0bQR1y0KkIo hW98tE78r8fPJa9jquwj+tz7NApjFCrsdymXMeMjk3VntQ6eQ6NPedZSmwBE8t5IgVYGIQ1a BceRHG+08JDCw/0nx0JD8jhkeK2TY4Y8LSZRh5U0JNIIlFAIDa40CGUwUqOVAOOiS//2HH3c GB2OmTqsex/8XXINSkKYUu+E8BiCaxvmHtECIwXGRPGFQopkf7NYLJayizQSx2i0MCihMb5E SIOnNVLbPE2Ws3OKQFcSISW+1shSNdDLct8pEwK9OBpj0LCRxOKJcLJaMik7E77SoUBXJeLr XxToWiuMCsSM1BqtEixaMIGePccRF1F27VnL2290otObnejU9R06tu/ATxs34ErB7k1rGD12 Iq4mmJBqUSLQVSDOg4mjJJJ/nMaNn6ZazSYcOlGAUDqs9RzUeVc6FHNJDwJlQlGjcf0E29d9 zZZdO/Clg68EKz9byCMPP843OzMQvkAoDyOLg4luOHnVRqcm/UbrUgI9/DwUO0oKsjK3cc/9 Fan/wkvkJzyUinAmMZUS0eF9Sp6vMiq4JyLG7i0bWLdpE64n8bWkyxttqXDDrRzIjwfCXXto HQrYlEBXvxDoJrmIYDTG+OHiQyDcfSlJRHNp37wBd95VhTvvuoc77rqbe+95gGfq1GLKtDnk Rx2E8tCqRCwYI9BaYELhLkPRrow6RaDLsO6jViY837AWZOp6Jq9xiXjVYZZLYxwwiVCg+xgT QyuD0S6+Fkjpk5ubyXerv2Df4aP/ZK89M0YrEokom77fxHerPmfzxp8RrgzONSXQFVr57Ny+ iXff7UZWURSpRKrfBtc9KTpL+khKmIWCySTLHqLDfuCHLYHWiWCxyIh/QaA7GK3IzzvCW291 In3fQVSy1KLRweKICbbj+z6bN/3Emh++5FhWHp4RKB39/yLQg3/8NoFuTIkALqkxq8F4qQU0 rXQwBp0i0E9FhgsiSrhs3byZ71auJjPzaEqga61RXoJpUyezdsu2f3os1CkhXSKQk8/gmQW6 QgmNr8GVOhiLwxe41l6JQE8uZpx9zyXiO7nwco5vJ+PhThfoWguM8Nm0eSUTJs5D+BItbSiE xWIp2xgTzKu0NIEBQ0uk9JBSBJ+XYYFlOTelBbrROrCga41v3duBMiLQT2RlM37Ke0ilQxF2 boGe8AURxw0zvf9egU4opEAogVHFtGzViG9Wb8FRHu/2eotF8xeQW1hIYTTO8H49adSkGVGl iOYe4Z233+FIQSxwzQ+tjUmLltQ+SjkYX7B0wUQuOO9PnH/eFYydvgQnFDYpy5qSKUFutC45 J61IuHnUfaoqrV96BVf4CO3z1ZKJXHHV1Xy6JQ0hBUK5GFmMMBoVTrYD0SRKhLQmsHoaH2P8 0GqtkFKSl51Bly4dGTxiGhHPR+ooJWLqNEtWeHzJyXLKMq0EbiKPDi2bUqvu80QSHo6BWTOn 0q5DB44WR1DSBBbWUEwlLWa61CCQnKQn/w4s6fo0ga5wo3nUeKwqt99RhQVLPuQf//iQJfM/ oNFzNbnkgssZNWk2QgmU9MMFj8DqGljLRWgp1wiTtFDqsC+UsnamzlWHQvw0Dw+jTrlvwTYV 2iQFigjEeni/feMhhebH77/i8ssvYuS4Sb+xt2pK34fTMVqRkbGHxnUb8sTjD/Dog09TnOyX 4YOhtUQrj6+++JgKN97IkZN5aCXRSqQ8IZJ9Rhnww+sSnF9ykUOFVnmZsqZjPIz2Ag8BGeNE Th6elKcd87kzr5cW6JmH93DtteVZtXodQiVFsEwtPIGmqKiINq2bU7XKvcyctzSs81r8/0+g /8ZM8kmBXtLHkyLXLyXQw0XClIA/fSxL9j2Jkyim44ttqVy5EsNHjiol0BXSifJCg/rM/8dn /0K4T2mvpVLP+i82FJy3MqCkQRoQSiOVQ27OCU7mFgbulElxr4PFq1/bd3L/JX+Xspgnj69U Xy69OBII9MBzZ+nS6dR5tg2OK9HqXAsDFovF8t+PMWCEQSqDYzQR46FjeciCgpI51//1QVr+ Iyk9D5cyMGrFfUE04ZR56zn8lwv05M3dd+Agy7/9PhS5vy7QF37wEXMXfRBOzH7dJf6s+08J dINSBqV8InkHaN+hI8cLY/haEYlHECqwtHpSkn14N/UbvECeUGi/gHffeoM5/1iOH7psa50U 6ApfC7TyEE4O1Z+qSsVbq9Hwuaep80JrIkqjpIdQCkdIfM8PPQIkSji4QuArjRQ+jpNHjUeq 0KjVKyQ8jSsUyxZOotwV1/Dhz2kUFOZz6MghhJNHPFzdUkqg/TjZxzM5mJGB64tAhBqJUnGE V4SUDkL6eNLBFR464RGVAl+5ONIP4309pO+gpY8vVWD5FwmkUuTl5XLs8AFcz8NREiUS+LFs WjWqxxO1apMfdSkWEifqE9c+MZNAex7aFfi+x9GjRzlx9DBCSFwNQimUn0AIga810WiUwwf3 EUskcJMCWpdYzZxoHtUffpCHHm1A3NMoKTGex4Hdq7i63NU0avUKrvRQ0kP7PrnZWRw8tI+E kDha4wuBFjGkHycrO4uTWceRIo5SAkdIlNIY6eILj7gM3MGMclEiQVzIIA5HuijhUVBQxNHD mbhOAk+ZQPAqgZIuRQU5ZBzYS3FxIFylX8zq7z7nr38+j4HDxyCkQiqNLyWeEKjQhb9UTw1C B3TQkq5FQTlBGYRnSIFUUSIFRWQeSqPWU3UpKogFLvfhNrQWKOVSXJjNzp1biHky2JYSgcuS lmiZQEkPV2ocDa4ygYgXAiU1QkmE9lFGIoVCCh1YTKWLUREK8k/S5Z0+xHyBlPI3D+DGgFYO Wko8t5AdOzZTFImjkr83QRiCUj5KaaRSFBXlsOyLD5k8fSGuFigVLPr8M/s969igS0o2nv75 6S+mc+0ruZAlhUTK8PlWAqV8fBU8q1r6KN/FEwohPJSSSJ1cQAzcxo1yEVIglSBalMX4CaPp O2hwcE+T3jd+nIMZB8guip4yFiavR3BOOky8J5Ei+blCSwcR9kElXGQ4/iSvQcnvFVIqhNTB MWoQUqBEETOmjWPE2Ol4WuPLoL8YFYRKnPHaQNDnlINWHr7W4bYcINh2sA+NEh5aCrTUQX8P rfVCBf1WigRGeBQWZZK+/zi+SIb0WCwWS9nFAMY3wVitQWrBgQ8WsGbAkKAGuiwV1mSVuqUU py6QK5TWpB84yOjxk844PyprlAmBvmPXbjZv3/WbBfqcBUuZNXdRSR10o/4lgZ6ykIbx50oJ tv7wGW/1GEJEuejQ9V0YEcY8e/z03Wc826AJRUqh/AJGD+tN/ZavEA8nhElrNSZIpGBUgsP7 V3JF+SuYPPU7Vi+fx403VGDVhi14SqNEgiUL5/L3SvexdmsaSiSIFBzj9sp3MGTUBNasXsm1 V5fn8r+dx/kXX0P5a/7OlPdm8/XCaZS7/EreGDKBSrffwpVXXEWdp59ib04+vkiQdeIIbVq3 4sorruSKyy/nkQceYNmq9XhSkpd9lKceuZ/WrVrSf8BQbr75TqbPm0Ldh+6j7Ss9ceOC7gPf ovzV5bn6qqu4tvxVXHt1eSpWupPcSDGZ+7bStGVrrrrqKq4rdxnVnqrJuu27Kc7P5omHqlDu ovO54MKLuOaam+j45lsM6N2Fivc9SEFEIByHtB2bqVGnBuWuuJJrypWjw4svsWbzTlwhmTdj Erffehvj35vN/VWrUv6yS6lWvTYb0o78UqDH8qj+8EM8/GgDYo5GSoHyEmzf/AVXlbuaZu3e wJcuiUg+wwYO4qqrynN5uXJUefBxvt+0HU96eJETDOn7LldddTVXXFmOfn3epkqVKjRp/hLx uEv69nXccP01LF2xGk9JivOOUavaI7Tr2oOo1hQXnKB/n15cdc2NXFXuSh594H42bdmF62qU KGbsqKFcXf46LrviMipVrsSs2UsY2KsT5a+4jL/++WIuuvRKbru9Irv2pPHaG2/Stt2LxBIO QqlS1kKFEA6OW8wXX37ESx1fonXr1ixetIRpU2cSiyYCEW0ctPQoyj9K7acaUFQQCVyjw20U F+fTp3cPBg/sw6hRw8iOBqJMy2BxSCmfgxl7GTx0OM1atKZH7z6sXrMWoTSuE2PcyKGMHz+e 3Wn76N2nDx1fbMeyZV/haoUSLvkn9rF7+wbatn+DtIwjHM48wrHjJxBS/mriRy0NrlvM5IkT 6dO7O3379iTj0DEc4YeeCh5aJcjYn8agQUNo3qIFc95/j08/XsLk9xaHLu4xlFShiPx9Il1K iZTyDAK9JPRBSh3u5+z7ksonJyeLIQMGMmLIMPJy81m8eCnt27Vj/OSpOMJHK5d9absYPGQU LZs1o/u777Jxy/ZUGIxRHscO76NPv8E0atqcKWOGMmrEYHoNGgZGIpRk7U/fM6hPDwb2H8TW PQdPuc5ZWVkMHDiQsWPHkp9XwKKFS2jbrj0zZswKRbQgln+M9xcspW27DrzeoR1fLVtGvhO4 qgvpk5WVxZgxY2jTpi1vde3GgvmLmDx7Lp6vicfiHD+8kyEDuvPWO0M4eOQoBzMPk5WdixAq XET9JQYQyuPH775k9PDBHDyZRSwRYdr4kfTr14/VP63HlRrPF3zx8QcM7T+A77/5ga2bttKl Sxc6dHyZPen7EEpw5PBehg0YTN++bzN7/pd4wq7uWywWizSgfR28p4RBac3xmZPZ0eltWwfd ck5SXSH0FC2pgz7GWtD5LxfoEIj0Ldt2sDNtXyqW8tcF+gfMmrv4lIRBJhTp/xQmmQhLIZVB a8X74wYzYOh4YqYQLR2MVAjjoJUmEcmhVvUnGT9zETGlUH4+ny2azl1Va3K8IBa4qiZjyI3C lxotT9K84eNUr92aHCeGGyugWd1nqPV8M4p9iRIFLHl/DBdfX4mVW/ailUNx3kGuvPoauvcf SqQ4n/U//sgTVSpRs14DNm7fQuaJE6xYOJ1L/3oBNeu349ih/cyZM4/LL76EwdMW4Lp5PPZg FSrdXYV1m7eTl5vD6+1aU+7qyqTtPUhe1jGqVK7IZRddROMmbfj482Vsy9hBnTsr0bRdJ5yo 4MDx/WzavInNG9czZ/okLjjvr3Tq2o2Y71OQvZ+lH3/CsZMnOLp/O1Xuq0q7N3rgeQ47tvxE 3RpPUuXhR1izfjO7Dx6i91sdufqmu4lEJMf3refW66/h6Tot2bN3L+nbN1Lxltu5o8qTHMvO Y8bEEVzw17/RuG1H9h88wM6fV3HVlVfT+o1+Zxboj9xP+Wsq0Kh5S5q1bEmD+s245uorufb6 29m4Ix2jHfr3eJubrr+Rzdt3cezkEQb378X9j1QjKzeHaWOGcMkllzNo3Axyco4zdnR/Lrzg Qp55rhWO45G29QfOP++vzFv+A55SRPOP8sDdFan/cmcKtOLVl9tz1513snr9z2RnZzG4f08q VqzCe1PmsTdtHZddcjmzZy/maP4JVq5eyfjJ0zh+eB9zp4/nvL/8hVe79mDrjl0URuN8v+Yn vln5Pa6QYSx7sp9KpHKYv2AWjz/xMBkZB8jLy2Pu3PlUq1aLgrziQJgaDy0divMzeeapBhQW FiBSMeQSIRLs2L6R7775jKeqP8H+nPzAC0AF7v65J4/x2EMPMWvhh+Tl5bJ5w088Xe0JDh47 iSejHNr3M/fdW4WGDVuTtnsv6bs20rJVS44VxnATUbp3asfD993FNdfczIMPV+PBhx6hXv2G xBKJkgnAWR5FJQ1SJjh4IIOfN/7Ac8/VZtXqdYGF2QDGw/OKqf7UE7w3YyZZOdl8+vEH3FHp diZPX3KKQPc8j4KCgt+1uiuEoLi4GClPdZOWyic/P5+cnLxgYSR0rz6bu7vWCaRMcORQBhVv vo3GDZszfvwUcnNyyTx+Ak8KcrKO0Lj+8yxa9AG52Vn8/PNG7rz3fjZv34lUikS0kOerP8mn X35Ddn4hG3/4hr9XuIFeg0egtUAoQX7eCXZuWUvbNu2Y/+FXv7CgHzp0iPvuu48+ffozedJU crLzOHb0BFJopJtgVN+3eaXLuxw8epRjh9J59tlneLvvUIT0SDgxmjRpwrhx48jOyiHrZDbN mzejXdcueJ5ix+atPPXgvdx20w3ccMPdPPDQI1R96EF69emPK9Rp3iClro0JBHo95UN3AAAg AElEQVT2sXSaN36elRs24UmHjL1b6NixI0NHjsVTJrwGBfR6uxttmrWlRrUaHDx4kJPZORTF EnjSJxHPZ+fmLSz5YAaNW7xNzLHlgywWi0UYUJ4fJGEVhoiBI/MmsKvTmxhfh3MHK9Atv6S0 xsJYgX46ZUKgb9uxkz17M1Iu678m0OcvWMTc+QvD7/96fOvZMKns4YGLr9CSgb3fYeToKQjt Y1QUJTw8RxDLy6R9q+b0HjaEwqiDUkU42uG7zxdx0233k34sK3BF1TIlRKRy2L3pWy7729+Y MfcTTjpxnGgBS6eO5IprbmH1rkP4ophFM8Zw6fV3sGrrXrRKEMs9QPkryvHu0KkI5eE5Eeo9 Upn6bV7C03E8o1ixYCJXXFqOmT9uRruSIwfSuOO6a2nSazgZe7dwfblyDBw3E6kTCOGza9MK /nrhZSz89HtyszN5uOJt3PPUs+TGI3jSoyD/KDXvuJUmL3Ym4kmkr9AqytFD+6h4e2UaNWlF cTyBVB7x/OOMGjuSl197idbN21Khwt+pUa8VxUKgnBzaNX6OarWfI9/x8JWm15svcXWFO3Aj PotnD+SiCy9j7per8aWLjhczZHBXLi1fgc3bDvL+1MFccnF5NqUfQWofI7O4p3Jlnmn0dhiH HoQRSK1xYrk8/fD9XHf9jXTu9i7d3n6bO2+5ibvueYI9R7NwpY8RuTzx6EPceHNFmrdpS+uW LWhS7xmuvvZGVnz3LTWrPcijtZtyPO6gpKQ4/wh33XwdNZ5vS9xz2LN1DeedfwFzVqwjoQWR gkM8fE9Fnu34DsdyM6lR9S5urnwfLdp1pE3LNtSuXZfzz7+EFs3bkJN1hJsqVKDu8/UYMnwo 6emHiHsCKQQ/fP8Ffz7vf+g3emRg+VfyNFdiH6OcIPZbanwvh/ov1GP34WNhvwfP8Vk0fzHR aAKlJUo7GOVQXJBB7eqNKCiIIY2Xcg8PkhEKCnIO8Vyt6mRkHUKqRCDSfckPK2bTvGlbvv1x LRs2rmPjutUMGtCXLt174UiPgtwMbr71BhZ+8lngXu8XMbjXm6QdORG4vscLyTqSzkuv9eJo YYRoNEYi4YRu1ZQknDvTswgYE7i4S7+QNm2a8N3qdfhGBgn2ZITDB7bQsUNnEiKBLx3iIs6M aSOYPH0xCaOJKg9fSjatXkzNp55ly/59QViGPvukwwBKKqRx0MlcDqqQTV9+yBNP1mB/5n7y jMLTGlGcTb/+/Zj+/iwWLJjP+AmTmThtdmAlViKs2qDDhJHhpEcKXJ2guCCP6y4pz4z5S/Gk RiodhKHIBLOm9aVx/dasWb+BH39aw4a1P9C+Q0dGTJ6JqwXLF02idoOX8JSP0ArlJujzVmv6 DhmB1GG2fu1hZITeXd9h3kdfh1b9ZLiNS3HeSa6+8BLe6Tss8NzROqxe4ZOxdytPPnY///j8 G37auI4NP63j/dkDefDxOpwoKmL5R7N4snoLIlLhiWKUr9i6dSPT585FKIMQEieaxcSRQ+nZ bxoF0QiRWBGu44c5ELyzX3utUG4uvV5syI+bdiOlh5IxBvbqyqDR0/CUwVMaLYoY3rMPj1R9 jBNFxUHeCKmRQuNqD6U8jBRs3/E9rZsOwHeDUIjUGlc4JicnohaLxVIWECbwDjXaQQlJjoFj cyayq1MXjKfCai8lAt1iKaEkIWsQaqlJ37ufESNG/1tCCf/o/FcL9KQY2bZjF7v3HgxdOn/d gj537lzmz5//u1dwkpZujAyyLGvJgJ5vM2rMBDxN4DYsHXwvwjtvvEqtp+uQHQvK+GgVwTGS VZ8t5aZb7yft6EmSpamSAl2rAmZMHMH5f/orfz3/Ev583gWc/7e/cPGf/8z5513AwAmzcaXH opkTKHftrazckoZSHkVZByhf7jK6DZuBr31cJ0q9ByvSqP3ruCKGqxUrFk7kynJXs3B7Oto3 HD+Uzh3XXcsLPUeye/t6rrv0Uka9Nx+lomgt2bvzR/5y/vnMXPoNubkHeaTiLTzaqDWRMIY1 mn+EGpVvpsmL3Sj2FEY45J/Yz/333k2Vqo9yNDs/jIlPMG94Vy6/8kamz1/A3i2bqVXtcarX 7UBESEwim3Yv1OHJGs9Q4AZx6326duDaCpVxiyWTx3Xnkosu46NVP+FLD+MlmDK1HxeVu5oN Px9g1tQBXHb5jew7mhckWpPZ3Fv5Dmq/0A2RzOJN0oKeS42HH+Chh6qRG3cR0mHm+EFceFE5 PvthE46SGC+HB++9i+p16rIjfR97du9mb/omdqenk3n0AA9VuYMa9dpQ5HvIhEA4+dx98w1U r9eemOeQtnUtF5z/N+YuX0tcehQXZPDQPZV57rWeHMk9RLV7KvFs8xfZmb6fvbt3siv9ILt2 p3H48BGk8NizewevvNKRv996C+Uvu5T+46cTU5K1337I3/70P/QePTFIShcOdkmRjhGgE6FA N0SLMni+3jPke6ZkpVsZtNRBWSktgyRryqOo4CC1qzemoMBBGA8dJgzUoXgszM6gfq2nOJy9 H6Vi+Aa0K/jyg1Fcekl5zr/wYi688HwuPP88LrrwQho2bUlCaopyD1LprlvZnXksSNwnIozo 05m0o1mBCBYORbmZvNa5P1EZnIcUOnCjNnCuhbTgnJwg3MQvoE3rRqFAVxhpMCLCji3f887b A/G1hy8VUjmsXjGfMTM/wdMKVwk86TJrxFBmLljI+4s/wVc+QoSJE880BigTiFnjB140QiPc KC+3bUvffoMYNWkqvnLxtCQvbS1Tps3CEUEMt+MLThYU4UsHKRyUIcxmHizUKQNGKDzjEinI 5bpLypNxMgdfmbDEocDIBAP7tOb8v1zJ+RdewgUXXsglF5zPhRdeTM/Bo4n5Pu8NfJem7Xsi jYcrBEYI5k7tR++Bw/FN0D+09jEySt83uzH3o+Upga7C6xrNP8l1F1zGht378cJkdUYGyf22 bFzJ9deW47zzy3HehZdw4QVXctElf+PWyo9yJD+PcQN70LxVd2IalC5Gi6CUo1AaV+gwyV2E aePH0G/wLIQRQV4CZcLJn3vWMVhp0F4BfdvX5YcNO8OFjgQDerxB/9Fz8LXA1wLjOwzr3p3O r75J3ICnQUqD8g2u8cLnRLJ9x2raNBmM73qpOH5Tqp3Li8NisVj+2wjerRKtXYxUFBg4MH8G 67p2x3iyJNGmHRstvyBZhSWYt0mp2Ju+l5EjRlmBThkR6Fu27SDtwOHfnMU9NzeX7Ozs352g IJUkTuswxtxn7vjB9Bk6nKgB7ftIP5/+A7vyVreeFBZEcISHK02QmEgqPp87kypVa3K8MB6U 80rWMzaS/BPbufXWW2j9Ule+WvYlK776kM+XL+ezr5Yx4M0XuenvldmYnsmyD+dT7vIrmffR VzjCZ83qb7jkwgt4Z+h0hFY4TpTGTz/Eg0/WpChahCMlyxZO4/Jy17F061609jiWmUbF62+g effRFBae5LabrqVRi9coKs7Fcz0WzJzEhRdfzvcbdpGXe4AHKt7M4w2bEpVBjfHiwuNUu+N2 Grd9i5jnUJifwROPPcitt95KWsZhij1JzJfE4kV0eLYKlao+x+H8GCcPbeG+O26m+rNvEBMC 7RXyevsW3FrpDg5l5eD4kn5vvsS1FSqRiGg2rV/BlRedR+++Q4jF40QK8qld53Eq3FqRQ4ez mTllCJdediMHDucELw1ZzD2V76Z2wy54YZI7AyilcSP51Hi4KlUerkVO3MeXDrHcozSuV4MK t9/Ppv3HMX6EF5s24O8VbiLj8BEczycSKWDLjj0kYoW89Wpbbrq5Ej9uWI9wBWtWLqPC5RdT vf6LxDyHI2lbuPj8v9Jz8BhiXpyf13/DlZdeRJ1X3iHPLaZJ7WrcdfcD7NuXgefHyYvEWLfh ZwqLiolFiti3dw8JJ0HcSTB2ZHcuv+5m9ufksW3151z8P3+iY5e+OH6QkCvuesQ9H6mDhHTK +EgTPA/Sz6ZViwas27KtpP8qTWF+UZCsTcogA7vSFBUcoXb1BhQUxvGNLKmhrYMkZUXZGdSv VY2j2YdQysHVoDzJuu+X0qN7H6IJByl9lPRxXQdPaXzlkp+1j7srV2J/xvGgNJhfwPA+Xdhz JBvfgFEexblH6NixM8UJJ7SyS4Qvf1WgB65UgUCXfiGtWzdm5eq1QRZ5aTDKIfvkAeo935Ds /BN4ShOPZtGjS0vGzPwEqV2MLmbLtx/QrusAIkXZ9B08isJYJLDinmUMUBpcLVHaQ2oP5UfZ vWsLb/QfRUFBDq927UE8WoCSLsVZ6bR98Q22bNtNPBrDlxJHCaSKI0WMhOMQ92UY6hKGKYjg +YoV5nL9pdeQm1eMTJZ01D5G+iyYPYqub3TD9T1EmFXf9QVRofCVYP2KD6ny4NO4IoaUCi8e p2mjGvQaNAxP66D+uA48Lvp0eYcFH31RkmU/vK7FeSe5/Zob2HvkBH6YeM2EpSEzM3ZTr3Y1 MjNP4Poe0tP4soBiR+L6DhtWLuHxx+qE1R3iGKlxnBhZOblB/XOtMTLO9IljGTBgHNoEyQwT iSARnjpHHfRAoBfTu2NDfly/BSUFBcU51KnxOP1Gz0FoB6F8jJdgSI9udH+rJ54Jkx0pgxIG 34gg/4dUbNv+E62a9cb1BL7RweJTUqDr0tYAi8Vi+e/HqGC+6huB8YPkr/Gso+SnpwfvDlWq 1OX/9cFa/gMJ5mxJA1IsGuPYseOnGJbKKv/VAj3Jth072bozLRBk6tdd3EtnUv49nePULO5B Ru6tqz7mzR6DKJQarYr5/KM5lLviCia+N41FixewaOFC5i3+gD17D6F9jynDBtC49etE/SCT dpCsK5gwjx7UjYsvLUf6sVykcjGqAE8rYsonc/u33HDNdbTv0oejB/fw5CMPUeG2O2nUrDV1 6tTl4vP/RvchUxFKIYTPtFEDKHdFeWrWrs0Hn3zK54tmcnm56/h4UxpKx8k8tIfbbriBNt2G I/w4Hyyezd9vvouna1an/vP1uPP2irRp9zJFsRh5eYeoWukWqtV/IUhup2MUFmXxeOWKNG3b BddLMGTA2/zlT3/irrvvpn6jZjRs2ppmbV7k8LFMPl88jGuurki1p5+lUYNnueXmG6jzbAcS QqBVgqUL3ueq8uWpVuMZhgwfQ59OHbm+wm0kihUJt4ixg/tx60038cwzdalVvSa3VbyF3v37 47qCGVOGcell13Pw4EmEUEgR5d477qZOg9dDgR4knZJKkygqoMbDD3D/QzXJiwukcjB+gu+W z+Pii6/kxc79kJ7LtnXf89B993DX3VWo36AZteo8Q/NWHYgWF7Fn21oeuf8h/n7bLTRv1JIW jRtyc7mLebp+B2Kei0wU8OTD91Huimt4oUlj6tWtzTVXXUHdl7tQpATbflrJI1Uf4b6776VR 4wZUr1Obus/X5+uvv2Hdmh954P4qPP98XRo1acy9Ve6jQdNWFESj5B7P4Pna1alw0y00btaK tP0H6TdwCD369CeScBE6EDaB14BAi2KWffEhT9eqwZzZs1m4cCFDhw7jjTc6E40EsddHjxxi 2uT3GD1iEHdUvI+Ro8YwbvJUNu/ag5SCvWlpTJ48iVFD+3FfpdsYPHQQkydO4OcdO1CeJOt4 Oi80asLQYcNZvHgRCxbMp1+/fqz7eTO+iLJ43hRuvu4Gxo6dTtzxWfbRAurXeYq+Q8dx8PhJ lPKRiUJaNG3BuPFTWbBwAb1792XF19+FbtjJuuq/RGlNbu5RZk1/n0kTR/PgQ/fSucu7jJs0 ma+WfYsUHk6iiFYtW9GidTPGjR9P504vU6vmk7Ro+SJbdu7A8/Lo/XoHPv5uDY4bZeyQ/sz9 /Bs8L3C1zs/P5/Dhw2RmZnL48GEOHz5MRuZh9h/KpCBSgFQeUsZZNG8a3+9Mw3WLWDRvLivW 7UCLOJ6I8vGyFfTo2Z1hgwcwcfIUtuxMR0hJxv491Hn2GT5Z9vUp5QC1VBzcu4txI4dR7qLL GTVsLJMmTeGnjT+jdBwjJXlZGbz28muMGDmKhYsXM3/BAnr27svan7cGdUdjubRs0ZaOr3Vg yqQp9OvRg0cer0qd+o3YmpZONDef+XNnMWnSeJ59qhZtX3qZCRPHs2TJh7iuT9qebYwbNZTy l1xOv0FDGD95Chs3bUkdp/TjjBvRn7feepf5CxawaN6HDBk2mJHjZuG5MYRzgjdf68zb3Xow f/FcFs1byKuvvsK48RNDTwCNUS4/fPs1LZu1YdHC+Uyf8R5vdn2HnPyikkz8Z7nvWjrMmzyU Zs1aMn7cWNq/2IGnn3yUOo1ac/xkLgk3xhdLplG/Zh3q1KzDuAmTmDl7NpF4HOUrHOGxasUK pk6aRK9eb/Ng1XqMnTCJqbNmklMcRWpdSqALK9AtFkuZwUiDr1XK20ppEMJH+34gzktXJLEK 3XIOSnt5JrWXFej/5aTv3ceqNesCa8pviEH/d5GsS2x0kIhKKZ9E/kFat+1CVrGDUTms/fEb hg1/jxFjRjBy9DDGjhjN8NFj+HnLLpRbxDtdO7Hg4+X4yVrGKkikoKXPR0vnMmfePBypw7rY DtpoPC3xio4wf9Eips79gEh+FsePHmTy1BnMXfwhB44eZebkCXz901aE7yOlRLgRNv28gVFj x7Nu42b279rCuImT2XM8H1/GKMjLYdZ7U/h4+U8IIfCkx8lDx3h/3lwmjR7Pts3b8LRGSpdo vJBFM2byweefBRm4VYKiWIQPpk/nH198h3ATrFj+GaNGjWbUqNGMHD2K4aNGM3HKe5zIycXz o+xc/zNTJoxj/dZdLP1oKZ/94yt8JfCEhxQuO7ZvZdz4iXzy5desW7GCqTPeR8ZUmGk9zr70 7bz33ntMmT6VYydPIGXgrr1981pGT5hKbk4hvu/jixhz35/FB59+F2QkD+the1LjxhN8MG8O 8xf/g4Tro1Tg5horPs60qVOYMmsRjuuhhUOsMJflX33F6JFjWPzxpxTGEgjPR6sE+VknmbNw PgtmLiT3+CHuu6UCT9d/iZgX/Db7ZCbz5y1k1pzZHMw8wJw5M1n8xdeBG7d0iRXms+yLL/h/ 7L13tF1Vuff//vWOOxz3vgKiiA3LRcR29cq9XK+IIiBgl2IDRCkRREhoghRFAumF0DupBJQi ICRAKCGVVEgjlfSeU3dZa87neebn98dce599kpOC4I9y5meMZyQ52WfVueZe3/m0ITcM46+P PkprW3ucxMSzetUKxowZzYAhg3lswnSyisN8Tq5GJWvn+acf4cabb2Xj5s38/Ylx/PWhR8hc R+ssHwQNGeYd6sosXDSfSy6+mLPPPpsRo0bT1NyC94p6ZeWKpdww+BaGDh7I4EFDGXL9AAZe fzOTZ8xB8oyF8+YzaPBQhg4ZxPWD+jBs6BCGDhrCpDlzYrs0l9NWauP2W2/jrDPP5IorruSR R/5G7hWREg+MHc7Ng4dyx+330JzlPPrASIYNGcjAIbexZOVqcl/GV9t5ec5MLrnkCnr16smE Z57DO0Ul1g9onNw7m7Jp42vcfMNtDBkyiAGDrmPwkBsZNGQoDz70KN4L3jvaW1u5687bOPs3 PRj3zHhWrF/LbQP6M23ubJYvmckxx/6Qq6++iquv6c/lF5zGiSedRVu1inrl2WefZdiwYQwZ MoSBAwcycOBABgztz/WDb2DGK7MRyXhtzav88HtH88c/XcW1va/iTxf14NiTL6RSLVNWpWo5 wdoIWmLK1Gl894cnU64Imzes4aweZzH24ccK73Scx7wqy+a/zOABfeg/eCg3DhjG0OuH8uyL U3HajPqAZBlbNq5m2PXDOLNHDy659HKefWES5XIFU8VUKLe1MuSWG/jt2b/l4bFjmLNoDoOG 3cjUl+fRvnkTd952A4OuH8oNA4cxcPBAhgwdzMiRY6hWcubPm81NNwzmhkHXM3DgQAYNHsLE KVNj+DexJaTPKjw94Wl6nt+LC393CSNH3c/KdVvwPifTMq68lb/+5S+cc965/OHii5gybRrV LC+imDq88Y8+/FfOOedsru3Tl8XLl5N7qdcK2bkJ5VIzNw4dzMUXXsis2fOYM+NZ+gwbzLo1 WylVtvHQiOsY2v9mBg0exA1DhnLjrTeztb0VzWNrwqf+/hjXDxnI0OuHMHDgLQwePJibbr2Z TU0tRXRUkWZR5NIlEolEdyCoxfe8ok1W7J4RYuva7QrDpTD3xPZ0rktg6Tu0gW4h0FevXc/d I8d0eGP+fxLoMfxTIHh8iEXigrRw+um/5u9PPot6QVTItIp5wYtizhDLcc7TtnkJvS6/itUt VdQ09mmuhcuLxt7gEgVZZka5KBqlroJTpaqGExd7EIug3pGLUvI5IW8lUyFIHotYicd8FV+8 9AfJUauQmVD1ZST3+LyEyx3Oe6riCeW4H3MxV7RqFYLPyMUTMqXiq2Qa+y7namheoSwae5VL LOxltfPS+DKuYljuyFXJNENyw6SEF4+Z4MxQU8RVEO8oO8HnnnKeEaoOKQSHK3paO3PkYpg3 zCsmOVWrIL6CqMNJGdMMJ6HwghUCXQ3vfVwFlmrs0+0Ur4KKoNKKSJWKGLlI7COuFUyqtGsM 18+cJ/NlxGdUzLAsINUWvvrZT3PMCWdTyh1eNLYgEyMXxZmi4lEvMbpBclTaEZPY17roEe29 ElTQoq91bGNWIlclV8VcFXF5vB5WWL3ntMae7pIhwcUCZnn8Ha9ajEtFLO5PxVBnqKtiLkZx qCpeWnBiZF6xvIo5h5MQx4Q5JHdIrrSbIWKYU0Szojdq7AMfW4lFL2cuMYetKiWaJUddGyrV YtzG8GfNc8S341yx0qoB75RqJaO9vZ1yuUS5XN7BsmqFYKUYEi9lRNuLSAlBTci9K66Rx7xS UcFXN+KlFXGeqmtl9B29eeT5qby2YhmrVi5lxcoV3HlDbxYvX0tWhGNtv0CgWiWXHJ97KtlW Lv3DBQy9fTQrV61i+ZqVLF+zjD/0/CUjHn6cDcsWMen5F2lraaLc1sT48eM5+fSzqOQ5lfI2 /nzNn1m2dgNi1AV6FsBchpMKJTNCVcglp+IdzrYiPqAuQ30zJh5RxRm4ov2d+Bxn4LMS7cFw TjBXJQsep55WNUKljEiZikgcB5rFcxVDnOFdBZUsPtMSn+NMNLbfCTFdxHvBaTXOM05QH/Aq 5E5pDYr5LahzVMURpFSM/bhoUmujZuYJVkHE8FqkaYin3N71PS+VSrS1teG8x4kjuFLsAa+G +hbKFtMFxDxBNuMkhvyHzJGJUrG4MBXz/nNES/Vn0tShUsGJ1MW5GfVzTiQSie5A/XtIlFxz fMjQPOBCMR9aEuiJndO5sn9KE2ukWwj0bc0t9Ok/iEqW7zIcskZrqURLewnZLjznH5tY4opQ rGJpBHPcd99oLrjgYnzuoygIEvPUNRSTWXzRf2nKC/QdNCjmyYaOfuy1CU/rub/Ri+RD7cXd x4JS9ar1RTisWSHwhaBRzNb+L9TCZoN1eOiCL6okF5U4az2azWLuctGiKqjFfM0gBJWit3IU 0rGAWFEgRAVfXFOtV9Uqro8VvxcgiMYCTMV2YmG8osJ6w7VQiRXt1UBUCFJrfRTDt63Yf62l mBXnq0Hq+zPzxf4b8kgpFkHMit7zEv8s7mGtyJoVFfVr9yEKCEGCFcdVu3bFz8TIq2W+9+2j OPM3Pcmci4W2aqE8AbQI0a6104vXpzj/4pLVPh+sVnXeikiNPFaiLxYaTKS4l1b/bMffa/dY Yz6xhvr1NC3GWcOXaaiPrYYFrhCPv+YlDY2/F4ygMf+s/iWtRRG++jEUI6AQnLE6uaEh5vea unrF8o7ra0Xrwlo1c08wx8033cBJJx7PCSccz/HH72hXXnE1eTVHfOzHHkIe740panExZe2G jeTOo7VFE61CyBE1mpu2cMXve7G5pbWoGu9RVWbNmMgdd96LNIRmNRKCFONY2bJ1A78773zW bW6OItEUDcprS2dx4aV/oNy8jSuvuIKze/yGHmeexYUXXsyixYtj/rd5cueiOK+NC4oiZcW1 8cGKfMDi2bMsPvcqmOb1sdJxXxvGunokgGroNA/E4nwdY71W9C6EWHG17jUOWh8jcYxu/zJm WLEyHuqCNi7+xHkrj978UEQK1Z+LxroCxT0vflekyuqVr3LKz3/e5T0/4YQTOenEU5k8aQYi GqvKm49RMubjHBZqz4LriLAq5hQtxq3WxlqQhkVFrc/HnWb79AKaSCS6EcFi3rmZIJZTMaHc 3Exl/dqYlhk0vg/UIqre6gNOvC2paYtylrOtubnL96nuRrcQ6Fme06f/QDZu3hLF2m4+f/+D f2PMXx6q56zDmzuxZFnG1q1bdzsAK5UKbW1t3X6Qvhuo5daISOHpLb/hGgfdGytEkmDmWLN6 GXPnvsTLL89m7ty5O9jixcsQF6u+WyGuouCLz2DVeX54wk8oVTNUO/cmV1Wcc5RKpU73a2c/ 3xnee0ql0o69z4sxYWZ4ySmVSrS3l6hW82JhzO80t767UbvMwQTTjEp5K6+8PLPLez537svM nT2fpm2tWK1Zeqjd+0QikUi8UYIZFQMNPkYaVQOvPvQgL/XuTfAuOm5qC7gkgZ7ooHEBPxQO xFeXreD6m26pF4jrzu/I3UKgqxm333UvL7w4eZcVl2vcM+o+7hoxpuglHF+m38yJpSbWdlUl /s0oUpd4+9B4zxurU6b7+4/TERoVPZyqvh4OvT3iNebSSy3ioCOqQlWp5J6jv/N9StUYot2p sE1D+Hojtfu5u2e58fNdbafzfNDhiVftyJ9P46Qg1BZl4v1WdTu95/G+FSkaanQOpUskEonE G6XmQdfgUCkTSsaqO+5gTq8L6gLdkkBPdEGnCLuiOPO8hYvpN3DIDsXiuiPdQqAHYMr0Gdx4 863k3u92ghg+5n7uGXVfEdr45nvQ92TAdedB+W4lVab851AX27YrAdbwLD2n0okAACAASURB VDcUrgmFOM5FOPKY71CqZtRWc/eE13Mfd3XvbbsFgde77e5BLT+t1jfV9mDBtSNEvvG+JxKJ ROKNE9SKlESPtyomgTV338LLPc8niI81PlKIe6ILuvKgL1yynH4DB9cdF92ZbiPQS9WcG26+ laaW1vqg2NkL8D2j7uOOe0f90wR6IpF4oxT57KFzj9WdPqONedINnvdQeKczLxx17HcpFwL9 raoiWhePDaHYSVA2UMtjh476D6/j+qRrmUgkEm8esa5PjDb1weECrBx+G7N7nU/QJNATO6cr gb5oyTL6Dhjc7b3n0E0Euhp4g2dfeJHZc1/e7U2//6G/MfbBR5JATyTepoSgWHBYiEVoLOym QFdN2DV6UIOD4GIOuhcOO+JIStVqvdDgW0FHP+3Y/aG2qJCI1BdYiOJcgtULK+7s8x1YykFP JBKJN5EQlDwUXXJMUAmsufsuXu7ZKwn0xC7p0oO+eCnX9h2QBDrdRKBbUdV4/YYN9Os/gFK5 ihetVxre3krldkqltnqF6PhnsmTJ3j7mtrN/cBuaY5LhsjLPT3gKl1fewPb+Gef3Vh/H29ss XddkyZIl+6ebmURnl2gsYGpgarEWiHiCM8QHxKB1xVI2vTw3dubYSY2QRGJ7zIzWtjbmzZ+f qrjTTQR6IBaKy73nvrH3M/HFyTi/Y4ucxs+HogVPsmTJ3r2mxaqtWey7Xe8b/zY4tmTJkiVL luztYFa0O/VeuOPOexgxaixbm9vwXjAVVItipxbD3aUosNzdRVZiz2gsjF3LPe/uY6dbCPRa /28nnlKlws233s7KVWsQaeyz22G1/MZkyZK9+83Xi9w09L9OlixZsmTJkkWzGMLuvKdP/8H8 7NQzuOCyq3n62Sm0V6pkQVDzBKdkZmQpRDnxOmkU6WnsdBOBDh25L2rGytVruKZ3X5qamzta GhXtj8wMExdNo73VoUXJkiX755ipI6gjSPGcF8/+W31cyZIlS5Ys2dvFzAQRIfdKnwHXc9Ip Z3HCKb/hpFPO5rcXXMrLy5aSiyc4JfdKrh3e0CS2Ertj+1bESah3U4GuZqxes45+AwYz5v6/ UqrmeLW6OZG6eVXUkiVL9m405z2i0Svgxdf/9CJv+bElS5YsWbJkbwcTM5wZVTGu6RcF+omn 9OD4U3vwk1PO4rTTzuPa/jexct0GrD1DylkS54k9plGQi0hqN0s3FeiihhpUcs/9Dz3K+Rdd xsDrb+bhx5/ksXHP0GfwjVx2dT9uuGM4N901MlmyZO9iu/me0Vx/272c2uM8ht56Nzfcce9b fkzJkiVLlizZ28luvXcUN901gnMuuJyTTjmLk04+i+NPO4ufnXw2p550HieefD4/P6sHd51/ AX8fOqyT0EokdkXNg7502TJuueUWnHP1n3dXuo1Ab8SswwJQyXJWr13HwkWvsmDhIobceBv9 htzItJlzmD5jNtNnzmH6zDnx38mSJXtX2ZQZs5n00my+e/zPeW7KjPScJ0uWLFmyZJ1sNtNe msWUl2bz+yt7c9IpPTjplHM48dTfceJPe3D8yT048Rfn86drBjP+msuYfvFlmBdMOqq4p5ah ia4x6n3QFy+h74BBnULduyvdUqDvjNpguHvkGO4eOaZeGCNYQ+G47XIjkiVL9s42Nah44chj v0dbJUPNOs0HyZIlS5YsWTLIvXJt36GcdPJZnHTK2Zxw8m85+dSzOf+Sy/nro0+TZZ41I29i fq+LCF4IIvV37CTQE410DIeaQIdFS5bRd8Dg+pjrziSBXtA4Cd07eix3j7wPtSTQkyV79xtU vXDUsd+jrVzt1OIjWbJkyZIlSxbNiXJdv8H89OQzOPEXZ3LyGecxfMT9tLWUqYripMyae27g lV6XEEQwTR70RNfsKNCNhUmg10kCvQvuGTmGO+4dhWgcNDWBnuaWROLdhRVVQytZzreOPpbW 9hKqcVEukUgkEolEx4K1V6VP/0GcdvpvGDnmryxZuQavhrpAHhTTdpYMv50XLrmcIB4zxUJR ByokkZ7ooFGgmylelAWLl3Btn/6pfgFJoHfJjDnzeGnOK6hZffUvCfRE4t2HmWKqlCpVbrn9 TqpZjqkkgZ5IJBKJREGtyHLuPXfceTcvTp5G7jwiig8gPlAJgrkq216Zw7IJz8fv0hA9o0mg J7anUaCrCl6EjVu38ezESZ0iGbsrSaB3gQTIRHGiSaAnEu9iTAUVhxfFq+JFMPWYyu5/OZFI JBKJbkCtRbETTzXLUDW8F9QLFTOcQSUYoeTJfGxRbCaIKRpiimgS6IlGtvegiyreIJcYrSHS vd/DkkDvAgugIU5IZlafVNLEkki8u4irs51z7KD7rtgmEolEIrE9gaIV1na5wcEsetANXDCC F0QC3sCCEYIl51ZipzRqKzVDg2Eh9UCHJNC7pFYQrjEkJwn0RCKRSCQSiUQiYsHQAEECQYwQ BBcMn4R5Yg9o1FZRe8VFnUQS6F2SBHoi0b2w0GGJRCKRSCR2T4w2haBG8AEJivoylmUEDem9 ObFLQqCo+WOdtFciCfQueejhv3H/Aw/FSSd0DKBUOCqReHdRe6bLznPiz06hvZpRa62YSCQS iURi55hB8IozwWtAg7H68ceYNeRmghim1snhlUjU6HB8GgRFzVi2YiU33nRbTKdoaNHXHUkC vQtGjLyP4SPuQzXEyceMYAqhew+WROLdRjDFzCg54Yhjf0BbJQr0lIeeSCQSicSuCQFCLlQt J1dDAqy763Ze7nkpwcdOSLXotBSJmmikPh6CQpDYB33RMvr2HZIEOkmgd8mIkWMZMfJ+RA2N sTsQJFoikXjXEIo2axVRvnnsj2ituqLNWvf+YkgkEolEYndoAMsFsQx1SjnAqpE38sr5FxLy KNBTFfdEV+wg0FV5dfEK+va9Pgl0kkDvklEjxzJi+H2YhlhFMAgEB8G/ru0EDZgJah4NLVjm 2LBsBk88M452iS0EtLa6qMLSmc8wfcrLLFw4i+t6X07f3n3pd10fru07mD9f15/eva+h93V9 ePbFSfTt35e+1/ajT+8/0rf3YP7cpz/9rrma3r378uCzz9G6fi03DrqJ/r2v45rrenPNtX24 9e7bWfzaaireEbwRLENCjgaHhNheTgOE4CBUMIs9LEPIo5kWOUWChli5Uw2CCZqXeHT4PSxZ s4Wqz3ho5C089sSTVJ3izQjqCObj9SgeyOA9IWSIKcEchFbUJEYtACFIQ9SC4V2JLeU2nFRi GLL6uK1E4h9ENbaDKeWeI7/zY9qqDlEpvOiJRCKRSCR2hhpYruSW43MjN1g3/AbmndeLUBVU LQn0xE4o9BW1tmrG4iUr6NtvMCKSqri/1QfwdmT06LEMv3dUnFi0CG0P/nV70DsEukNCC+Yc Tz14O3+6tg8lDYgqIcT8HJMqN1x3CbfccT/lUjPr1ixn/doNPPnIWA488LM8PXEqGzasZ9Xa tTS1t7N2/RrWr13HmtVL+NwnDubR8c+ycd1K1q7fwLrWVpbPmcHRR36fVWvWsXr9etavWcVD D47ly//1VSa8OCeKb82wkKFBsWCYUbSVUzQIIWgUKiFabENF/HnNTDEVqqU2Tjj6m7w0fxml rMz4h0YwecYsxGIvzGDxXGttFIJ5gnYIdDXBQiG8LSeoxzS2uIv7FbasW8FZ515ES2sTakpQ lwR64g1hFvOeyrnw9SO/Q0sphbgnEolEIrEn+BC/RyvB4/OA98aK4XcwrefvCXl8bxSzJNAT XdAo0EE1sHDREvoPGIz3vqH1bfckCfQumDhxEhMnTkZFCw96LcT99XnVgloUsOZQK2EuZ8TN vbmu3yDKEuICgMWef+Zb+MOFZ3L32EdQEUwEyYUX/v4An//cISxdswHnHF6VTApBK0JW3spH 9v0EryxZRdAMNaNqnvmTxnPM8adRkYAzCOKQchPHn3AsZ53zJ5yVCVqFUImrm+ajd1wdXuMq qIYcgke8Ij5ghZfdQi2qIEd8FTOlqbmZI7/6JRa8thqvHnWtlDUgWsW0jBa/m2ko9pWj6nG+ gpjigiEhhhtjLQR1SC6oD8XiQM761xZx5m8vplQpRa97EuiJN4iZ4kUoZ54r/3QtbeUqXnzy oCcSiUQisRs0gIkiJqgLVA1WT3uRZQ/+rchBt0456IlEB0V9rwaBvnbdBh5+5NHkQScJ9C7p cpUvvH6vWjAhmGHmCJZhrkq/P53LoKE3k1usfulV8Zoj2QZOO+WnPDB+QvS8i2HqeeaBe/nv Q7/NuuZ2RIqVpkAMPVejtWkt++/1SVZtbo+i1xTRCtOeGsnPe11JSQPelOAFq7bwu3N/wcm/ upzMWguBXkLFmDp5PKPvGcvokXdy5lnnsXZTE22VZm6//SaOOeo4fvbTX/HCpOmURVF1VMut 9OtzDccecxRnnnE606ZN5stf/AxrNm2mUmpj4NVXMH7qHCptGxh89aU8+fw0Lr70cq7pPwxX bWHFqlX8+owzOPJb3+KSSy5m9ZYmMjFMKzRtfY1Lep3PMUcdS48zz2XBgnncP3YEp534Q750 yDfo0eNsxvzlEdRVkG7+ACfeGKFmDav7qc1HIpFIJBK7JxaJ09gD3QfaA7SZEsTX26yl79NE 13QIdCC1WduOJND/mQQXQ7vNEyQjSCsXnHsSxx33E3pe/HsuvOgiLrz4Ii685AIu7dmD//zi //L45BkEyYpc7SoP3TaMI47+KVsq0bscTDtaVpixdtWr7P++A9la0kKgC6olHhndm8uG3kpb 5slcO6VSxvPPPsN/fOkrjH9uej3EPYSMkOXce29/DvnvY7h79AhenvsKldZVXHDR7+g7YBBr Vq/kpenT+MlPT+bVleuolpr43nHHMWDoMJauWsXcWVO47Pyz+NgBn2VrcxtNW9ZwxP8eyn3P TGHbhpUcfsh/c+o5l/DMuEdZsmI5r86cyNePPYlnnp/E5nWbeOQvoznhF6eSizJnymP896GH 8ZeHHmHV6lVMmTqZsWPHsnLFMu65vi+nnP4bXpo9k1UbN6NSRZKnM/EG6CTQi5eJ9AWRSCQS icTu0WBkoQh1VyN4JfjU/zyxZ4R6lLLW02dDSI43SAJ9JxhvSg5qJ4GeE/xWfnbCN/nlL39H n3796Nv3Ovr068t1ffvQ/0+XcuAn/otnZs4jSDuiDm8l7uh7DT8+5VxaJaA+CvS6qFBh3pwp fPIT/0W7i+Hpah7Vdu4cei6H/fBHnH/BhfS64BzOOfdCfvGrXzHuuUlURTDpKBIXsjK33HIF vf4wmDZpR5xnxcvjOO20k1mycg2r1yxl3boV9OvXn6efm8b8WZM47GuHs2pbC2Uz1Lcx8fGR fPJTh9Fezlm/ZhFfO/TLPDFzAetXLuPrh36Np2cuRH0LTqrc0Psqrr71PlauXc+GFWtZt3IR p5zRg1Il57ennsD3TzidTI2qZOS+jHjBvOevd9/E76+8mlw9VRWC5UmgJ94QHc9SjEgJZkmg JxKJRCKxB5hZ7H9usbBv8DleDVd8lyYSu2JHgR7rXyWSQO8Sb0YmhmhsEQEdL/Kvh1AUSHPB Yrh7vo3DDzmEh5+ZRm0RQCzmwbZuXMyBn/o005cvQTQUgqHENVf24pzLe9NuseJ0LLZW9GbX CpOffYJDDvsumcSq6l4F8RWu/M0vGPPYY3jnKWmGammnxy8m3Nz7TEY8MQmXlRHvmHr/XRz5 tSO4pv8w+vTrS7++1zGgfz+WL3+NFyaM4+c/OYe23OPUYVnGwmmP8alDf0yWtbJ0wUt86SuH smjZayxfNItjjj6R5eu3ICFDK+2cecqvOP+yP3NdvwEM7nMNg669hn6Db6atdTOnHHME1wx9 gKqBqBGcol7wfhs39jmPP/YZRnsw1DuCC+Sh8o/f6ES3RzXWmSjnjkwUMUu5T4lEIpFI7AHR CWU482SaE7JAmy8RylsIIkUR4FrB37T4neigYywYKrEPujMjF0VVU5u1t/oA3o5MmDiZcROe x6u+QYFudYFuJvjyFr7y2S8zYfp8YvXC2B9SVNm4bA4HfOxzvLphE6qBoAKhwh8u6cm1N9xN JRA98XWBrgQp89Rjf+W440/DmyLBokDPSlzw8xN47Pnn8M5TsRyzys4Fugh9Lj6Zp19aiPcZ Ip75zz9Oj1+dTlvm8OLwPi+K1BnTXnyW7x13EltbS+TiCc7x8Khb+ep3z8D7EnNfep7P/8d/ 8tra9Sx+ZTrf/cGprG8tocERXJXLL7iYR5+cQK6x0FsQT1mMcqmZ04//Hr+9qB9lJ3gfC+Vl mcdLK1dddArXDhhGm8aHOfiAf52t7xKJRswM7z1V57nsqj9RrmaoJoGeSCQSicTuCMGQYIg6 RKuEtsDaic8xf/jdBO/RontPEuiJ7WkU6MEML8KKNet54MFHur04hyTQu+SekfcxfMwDeHlj Ah3ATJAQq663b1vPlw/6Ai8tXBm3WeSTW4CFM1/kYx/7EuuaSzGPx3KCVbnwvF7cfd/fyYJh 6qLnnNqqZcYj94/i1LMuRsyjQfEqZO0tnPHjH/HsjOl4JzjzWMh3eozqhF5nnMS8ZesR7xFT Si3rOe0XP+XmW25l9ZpVLF78KsNHjWFzUxstWzfwlf/4CnfdO5LVa9cxe8YMjj3i65x4+kWo Vpn8/Di++rXD2bytifmzp3FqjwvZWnVIEMxnvDD+Kb7+P4cxffZcNmxYz0vTZ3DPmIdwkvPg yFs5+HOH8sLEiaxds5oXn5/CgkXLcFLijhuu5tc9zmbxqrVUs5zgY1hVIvGPYqqICFXn+dbR x1GqVFGNxRgTiUQikUjsHA2GC2DeEayC+cCqe+5i1gUXElx8L43teZNAT3Rme4Euaixaspw+ /QfVIxm7s7MkCfQuGD76fu4aMTqu+llHdcHXO7HU2peZKU49TVs2cM4Zv2bJ+m1xmyaIxjD3 eTMm88tfnkdLuUIQRbRK5kvcdP3NvDhtAb7wNlvRN52geJ/x7BOPcvNdD6DmCMHjVSm3NtP/ ysuZu3wJ4jxqObaLnA5XyRly3eVs2NIcW7wFQzVj9WvLuXHYUHr2PI+rr/kzj497irZKjvmc 15Yv5uqrr+Hiiy/jgbFjuG/UCAbeMgL1GTOmTuTSy6+krVxh4SuzGHb3KNpyj6ii6vHVKi+M e4Yr/vhHzuvZi+uH3cTceQtw4pG8nZemz+KPf7yCCy/sxW233sWGTdtw4ii1buDmW4fR8+LL WLd+U3yAJU33iX+c2hdALsJRx36PUjXjTatBkUgkEonEu5pCoItHQpU2gzX33sL8nj1ju2CT JNATXbK9QFfrEOi19MMk0BOdGD76fu4eMaZeKR3+MYHuA5jlBPNk6qn6nCzfRqUYb8E8qopT Q32VPHOothG8xfZrliO+hNeA1ft+GxJiMY7Yd7JCZiCaEULsk27isDyjZFXEO9TKyC7GuIoh 0oL4Sn1BwUwxEdS7GDZfPDwihjghWBkTj3qJq6biydUwFUxjLokvBHlFBe8Vq5+XYZlg6rBi 1Uy8xMUB06L/fBXVHBVDNaCiqHOItJA7wamgVsVcmu4Tb4T4YGSiSaAnEolEIvE6CGpULEaL mjlaA6wcdQuv9OxZ5KAngZ7omh0FOixasoy+AwZ3e3EOSaB3yZsl0F0As4xgOVXzVDXH+Saq VmuTFsVwFLYen2cE3UpwhmjAhRzVtnpO+vYC3ZugeRToZlVCyBFVTDzmlYpleJ8j1o7bxTjP xXBaQn170bO9JpQlCuNgsdCHKuY9zgmibZj3BC+otqKSo9pRYEvNEFVEPV4dlnmCNypmlINh Xos2b4paDI8y9UUuU4wgEM07esJ7RxDBtBkVxZtHQjvBd+8HOPFGSQI9kUgkEol/hCBGi0Ee lOAVkcCa4bczLwn0xG5IAn3XJIHeBbPmzGHmrNk7VBG0ACaGU6EcfCEcd54HbYHYLiBoDBs3 ix7q+qg0QrBikEZRECyPReCIvxuKImihCLfvWCgofte0aG9R7Kf2OTOs9u8gu2x3EYirn4Ra 7q116kMY6p8ptltss7Yfgq8vZHQ6f7N6mErQWCRELYb+hyJMvyaEgsW/1w4zhOjFb9hafV9x /4YFn3ptJt4QVlRtz3LHHXfeRTXLime+e38xJBKJRCKxO4IZLhgiAfFGST1bp89g1aPj6+/Q 3V1oJXaPFU69TZs3M/HFF9PYIQn0LhERvPeISCeB7oKhVUGqnoo5zHnEKT503wGUSLyTqVVx 997jnNvhmU8kEolEIrFzJESLKZtCJTicSWpZmthjas4SVcU5l3LQSQK9S2qe3+1Xb8yM3Awn FiuIB0NCDqnVVyLxjqT2nNdMJL5UJBKJRCKR2DUawFxARMnNEaqCKxterVMUZSKxOxort3d3 cQ5JoHfJzgR6UCMTpU09Fe+xqiHO0ORBTyTekdRWbWsrtymsKpFIJBKJPcMCmA94NXLzhIpD MsEXkWhJaCX2hO11V23MdOexkwR6F+zsRT2I4fMM2biBZWMfQMvt5BIwTYnQicQ7kcawqlpq S+2LIpFIJBKJxK4wLBg+EAsa+xxn7ZSlHP+3GwusxJ7T6DV3znX6WXclCfQuGD9+PE8++eQO +TMur/LKffcx65gfMembRyLtKymZTwI9kXiHUhPjeZ5z/vnnU6lUuvUXQiKRSCQSe0wQLAjq AyIBpxU2Pvk4c2+7K+WgJ14Xqsrq1asZPXo03sfU4e48frqFQI8VyCFozBvPgyEGpob6ou+2 xqrh3oS7R9/LXWOGUzHFqWLtZZpemMqMc3vx0qf/nVmf+QwvfeM7SHsrWa29RPDJkiV7h5kV LWByLxx1zPdpL2eYBszkLT+2ZMmSJUuW7O1tggsZJlVUlfYgrBw1jFkXXFC0xtX4Dl7r3pNI FOzYZs2KNmuDUqoh3USgayhae2kgSIhiXQJelSw4fHBYcJjliGSMuvshRtz7CCJC9dUFzDvz dCZ99tPMPujTzP/MF5h68OeYfOT3ce0tOFG8WezfnSxZsneWmaJBqYrnyO/8gNZqBTVBg771 x5YsWbJkyZK9nU0NZ0IuHqeGc8bGO29nYa9LokAXSQI90SWpD/qu6V4C3QeCjznjQQMmAZWA GGTiqeZVfLXMLffdxW03DWDqn65i4v/8L1MP+jSzDj6YGZ/5PPM+/QWmHPxZJh3xbdy21UjL FrStFStVkyVL9o6zMlYq4UoVfnDMdyhva0Lb27BS5W1wbMmSJUuWLNnb1/JKRiUv49rLVCs5 5azCsntuY9oFlyUPemKXJIG+a7qFQAeL3vMiRyYP4DRH/VZKa2Yz549/Zv7hP2DBt45n6g9P 4PnDvs0r/3UU8z/zZeYedDDTDvo8sw86hBkHfYXZn/kMSz/976z85EE8cOAXGf+xLzLpYx9j 2gF7J0uW7B1m0w/Yh5cO+ADTPvEhpn/iI0w54ANMO2Bfph2wz1t+bMmSJUuWLNnb3aYesDcv H7APCz7+fl4+YC+e+vf38vKFPQnOE8ySQE90yfYCXVSZt2gJ/QcNTe1u6TYCPU4MZiBmiK9S XbuC+3tdyrwhd7P+5VdorrZQ0hJeSsxbuoC5C15m6eSpzD67J5MO/BxzD/4M0w8+iAUHHcTM gw9k+reOxG9ZhmRb8dJO1VeTJUv2DrPMValkORXnuPq6AbSWK2R5Tuazt/zYkiVLlixZsrez Zb6Kd1VKPmObr2CtbayYOImF9/8tedATu6RRoJspqsbq9Rt54KFH6p20ujPdRqBrUYDATCmv WM4Lfa5jzTPPYu3tmORURamK4n3AciH3Qlk9vmUrW+8dwZyjvsNLn/8Scw/6PDM/83mmf+O7 +NYmcufIRfFGsmTJ3mmmiheHVyX3Qi6CF49Pz3SyZMmSJUu2a9OA+YDzgUyVUMkpq2C5EFQJ qmjhRU8CPdFIJ4FejBOnhjS0XOvOYe7dQqAHCbRqhs8r+GqZJT0vZcXU53GykxsfhBAUDcWq nwqu1MrSe0cx/T8PY/5B/8HMbx5Lc2UDzT4QKmnWSSTe2RjBFOi+XwaJRCKRSLxe6u/KwQhO CFlALf4skdgVoSGyIkZaGCGk9zDoJgLdTDFRMudYfPsIVowaQznPCPlOZo+gHXkzBqaeYI5c Sqxf+yrL+w3imWN/gjRtpaqW+qAnEolEIpFIJLodQQOhKMZcDUa1+HsisTt2FOiNnvXuTTcR 6J6KCaXVm5nymwsorV1FVQQT3+XngxmmjSEWipnHe0/ZHK7cRmnePKpZG7lqEuiJxDscCyBp xT+RSCQSiT0mBMM0hrObBkoBMnFY5urCPX2tJnZGMN1BoGs3DmtvpJsIdEeLeVb+5XnanngK tQxVRYLr8vNTp77EtGkvoWpADLewYGjRpk0thsP6IFSLUPhEIvHOI5hiZpSdMuSm2ynnDlPF unlxkkQikUgkdocEUHUE84Q84A02z5jKigcfIziNzq5CpKcc9ERnDIJQSy1UVTZu3sK48U+j qt06/xy6jUBXpNzM/KsH07J+NeYVNcVC1y/hd48Yw10jRiOqqEp9BVAthvKYxvwaNQjeCDvL ZU8kEm9rzBQRoeSEbxzzfVoqGSpC6OZfDIlEIpFI7A4JoOIRc2huZGosH347M3pdSsijyFKz ehX3JNITHRgEDyGOE1Fl4aLF9Os/MAl0uotAD8bmF19kwqUXU66WUWd48wTt+ubfO+YB7ho9 Fl8T6BZ79LmgmAnBGVr0U/fF5LObI+j8z6AxbD7E/4vFqWorjBYnMYue+2A77wUY6PhcbfIz YxcFFrb/ecyz19Dxf8FiS4zatuuTasPnXy9mFILHOm17x2OrWdfUj6H+u/HzZh3b7WLve/iz HfdV21/j50On/3v92905Vt9+5/3v6XY7H2Pn6/RGjqlhu9ZxjHFs7rj9eqjSTsLadjV+Oq73 9sew6+N6/XT8rqngvaciwhHf+TEt1bz+zL+5+3wr2f01rM0ZIVAUCimhvwAAIABJREFUyQR2 WMDseIb3bF+N+3irr93u7t/O5p/tz6c2z76Tx0MikUi8OVgAy5WqOTJntJixdtSNLDr/IkJV MLWGInJJoCca6RDoYKgai5csZ8DAIakPOt1GoAvLrxrK3MfH4vMyXgPOlKBdD4ARo8Zyz/D7 EI256AQtXlrj5xvzJXYnOEJQCHkUvrV8HC2j5qmI4tUTpISa4s1w6rBcUOcQaUelHVOrT2yN JgYhF7wKpaBobuReUJNOoh8KcRUkTqaBmC9kggRoCxAki30IfYVcFa8O7zLaLbbLcCYEy9Hi 5b0mwDod0w7XxDATnAgmOSZZXPQwCFILa4kLFNEkWhcLDGrggmGaE8THe2MKVsbEIwaZhGI7 hYgI0vHv2jFabdGjQWxCx3UpjsEbiComeX3yiCvBkIni1aKQo+NlvX4e212DjvPb0WLrv7hf s/hF1ng89d/fzXUOFnPANIAEw6Qar4uGTp/v/LsdgqPR4g8VgotWiP0givoYPSKWY8U5dBIu aqhT1Mf7bEU6SG0hSENNDNbSR6gXl9FinyHExSsz4jMatL74FHfko70OGq9nLPpYrOyLR9XT nnuOOO6HtJSrxc8k3pvaM2tKMFc/17cP1vm+Ff82o/4MEHzHGKp9xlxhtXtTjecqRrDNqDNM S8XzSDH2c0TjmKpdz+2N4BvGkCv2bfXnsEZ9HHYxr4VijDTOrTu+2O3pfSjGWvAQqvWx1Pj8 1I4vXqvaeGuc9xULhgVf9GoNiHjMuk6RSiQSie5CFOiCtwzvlHYzVo8YxoKeFxFyRUWTQE/s lNr7uZkhYry6eBn9B1wf3zm6eaphtxDo4irMPftS2l5bgLgqYuDMCDu5+SNHjeWue0YVIrBD 1NVE754SvdlCaBTopmzetJq/Pf4obblD1FNu2cQT48Zx34N/Zc3y1ajLqahj5dI5TJ0+D1+I lPrLZah5cYTgQyHsS0x/9mkee+YF8rBj78C617P2d7W6hzwPYL4Vb4qoo+qFVcvn85cHH2Tx tmbMK7l5glYIIesseHcx6db2qepp3baBW24Ywuj7HqCce0x2IVprk3ltO0WUgguGSpUgOWqG mGJaZdxjDzNg0BCa2iv1aAcNHbktOx7vji/3VhOPhUDPxKhWK0x46gnuf+CBaPc/wH1jxzJ7 zlwy7/EaolCviaGaN7+raw9dn2+niIkOYdUo9jvEj+50DFoxnqPQNdSXUXHITqJEdrhXOxXo Pl5DVcxFUe5VEfPodgtHpoZ6j3lHVimTS1wRrYn42jXu4ugLAWT1xZBAg3DaXoQWz8LroXYd gykqOXlWJfceEY+Kp+KFbx33A1pKlSjQJZ6rqaEaihC9t2Mbtu0FesO9LBblosi0DtFeF+i+ YYxFT0dQIdg6zAdEXDF/1b48qziX4XLdhUBvWPSsCd4uvO6153TnAn27z8MO29gTOo8Z6dhn F89oh5jXhjFWFAoNhgWHmZDlgvMO0STQE4lE90YDmBck5DE6VZWV99zC7At+X0SbJoGe2Dl1 J40a3iuvLl5B335DUNVuH+beLQR61ryNZ867DGndHF+8QwxN31mI+9+fGM/fn3gKL3H1r8Pz +voGShx4WrzYaSGKMwYNGchve11IOXdMnzaFIw7/Gkcf/W2O+cFJHH3ooTz52Hi2mGfulOe4 7KprqapiwRPqgikKOTOPBJCgtG14lSO//Dk+dtCXWbh2cxRCxUspWN17Wfe2NnjTJG9n9guP M2nmy4X3XBk36hb23//jPDzrZUSUzBxBSxDKdPZ8W138QKMI7QifN3OsW7mEgw/8d4797o9p q+YdntUuPGs7CPQQqzp6EyRvZ+7MqbwwaRJl5wlB+N0Zv2Tf9+/H+q3NdS+r1tMDrJO3ru6l bhAxtWtRE3BmSi5Ge2szRx72v/yf//Ne/s///Tf+77/8K+/51/dwwEc/wlV//COb28r4QF2g 16pPNp5Tfbs7HSRRpNfPufb76gkaIx58iF7xKJjzBo9kh5iV0HDtTGjatJpxTzzOoqUr9kgA 7ezY6t5xMyrlVp5/fjzjnxrHpMnTcD5HJXS6lmaOSRMn8K1vHcGmbc1FFEqxuERxrWqCvlHU hYbFiFqUQxHx0fg81a7p6/2O71jsUdavXc03Dj+cqdNnIip45ylVM848+1xK1SriM7wrMWXi c0x4ZgJrN2zBW7wPb7d3i1A807XFu0jD+AgdiyOdrqV1XuypLfBgFdasmcmT455i1twFSHEP QhBMq1w/eDDn//YSRLpeIImLAjXPc8exdX4GbIf9d3VeO/ZG7Ryt0Xi+u6ZztEZ9DtzuGa0f Y9Bi/GlxbSjOKWfx4kV897s/ZsWqVZi9viiORCKReLdhAUwUCYJ6QwzWPfU4c2+5kyCWisQl dkrnd0fFi/LayjUMH3Ff3XueBPq7nNYVK3iuzwBcXo5COUSP7M4mCy9FWHaDmPhHVv46BLqP L5gqmGvmV2ecyYyXFyEi/P3xx5g0eTKtLc20lUo88Ze7OOmEE9kqSqW0hksu+j3zV2zAmaIW +7HXXnjNlMwMl+fccO1V7LfX/2P/j3ycPw+8kaqBqcOkiqgjD5AVYtm0gjfDayCIx1eaOOHo wzi5x3lUDJwqT426kQ9/6FM8PGse3imZOnzWitcMVYnb9hW8q+LVyNWQ4piCekzyKH7UyMXR 3rqNv459gL+Pn0DFC95lDS/BVnjEQcww85hJrLQvMQxc1GJ4bbWJHr8+me//6Mc0VzOcKlMn Ps3wkaNorjpEBfU53ueoeLxaFFcWPfmq0fMtoqh3mAjOC1WnHV5qwKtRbW/i24cdxn8e8k0m TJzKxClTeXHic/S+8vfs/4EPcvk1/XEaw3C8yxG1IvRdUTVEpDAfr4UXvMTQ6dq5mc9iFIWB mBI0I2jWce5qiAqiEhdk1CGqePFF2kBc/HFqiMX9mzomPz+e9++7L/2H3oiq1S0u7IBsV9jQ ioUJM6kXTrMixSMei7Bl80Zuu20I1/a+mqOO+hHNrRuQRi+6KcFyXpo2kV+e+gs2bmuJxRRF MI331FQI4qNHthhrqoJJFfU5FQk47whSQdWR1a+px3xOtVzh7088Q+46Vlf3ZAKvt0sUx+aN 6/npT3/K7Ffmx2cgxGtSqlTiuJOMarmZEffcxe/Ou4A7ho/FBfDBuoy+eCtRMUSrmJURX3j7 NS/GiiCieC/F+UsM3a9d09rCkmm8R1JFfAtTpjzNH666iF+dcS6ZxfFm6gha4Z677+HqqwcV HS6KYyjuoWqMOBCpRnMB9YpZXhTc7LhnIlJ8AXfkqNfHXRHqVht3tXG5ddsmJkx4qv58mYb6 /+30+qgU18fH9Az1qFbqxysax71zDq+Gk7h4YD7HRIp5JyCSoVph+fKl/PqMc1i5dj36OiOq EolE4t1IkIAGwwVoD4rP27FSuePd4K0+wMTbku2j/UKI7ybOp/xz6CYCvfmVV1jx8IPkkuNr +b6dPE6dafR6vhkCXYMv8lkdzRsWcsY5F7C17DDvUe+o+igc1FdYt2IhP//5z2hzgupGrrrk Yq6/bRSZ1byznlqOrho4y8nbmjjsP/+LQw8/nN/1+DXfOuaHbK1UMcsxX2Lj5vVMmjmbzaUy wTIkb2LyjFmsWL2Olk0beeG58Rx+yBc46gcn8PzUaaxct57x993KRz78CR6aMpOZU2fyxPin WLTgFUpecOJxWYl1q5fy7NPjePyJJ5g1byEVLULRswpzZkxl2eJFNLW0MG3WTDZs2MDsmXOZ v3AZmVdWLF3I9CmTmDZ1ClOnTmXy1GlMnTGbcu7QvJV1a5bz3HMTeHLcUyx4dRmZKC6vMnf6 C3zv2G9x6NcO46mJk1m4fCWrVrzK1JmzaBfFi8NV21i+eD7PPP0U455+hpXrN1IVxUvGhvWr mTZtBqXWVubNmc34J8cxb+FS8nrObhToYkbWvpXjvv51Dj/ieNpzi2JSqry2YAaf/MjH+Mmp Z1LJPeKqtLdsY8LTTzPuqaeZt2ARmfOIxIWILZvW8/xzE3jq6WfYtHkLs+fMYeGiV/GilNq2 MXXqZF5rbiM3wVebmDdrMvOXrqAihoijadMaXnzuacaPH8/sVxbEa6GGSUZ7yxYmT3yevz/x JFNnzqa9XGXlsiXcdcMg/vU9/8rZPS9m+sxZtJUrLF2+glfmLyDzQufgESuEuUc0Z9OmjWzY sJE887S2tkcxJYp4h2kLTdvWcty3f8aWpuX4usiK47tSbqVcaqalaTNZURxGNYaVmzpMc7JS E+vXr2dLc1v8jIH5drJyE9uqjlw81dbNbNq8mTaneA2xjYtUadq6jZ69rqC97OvifE/ylOKi kqdabqPS3kpLSwul3Mf5oHiuTQWVnFKpibVrVpBlVcZPmMhNd47CF5EJrze0/p+N+oBZiSzf Sqk9I888ImU2bNnI5m3b6lFA6nN83s7mTRvYvGULmShiFOPAMMmptDezfs0KWptamb/keX55 5lnkFheA1JXJq820tbXR2pY1FEkzxDsq5RLVShmXCSJlNm1ew7YtrYgzREr4vIxKzrZtW1m/ YSNV55Gat51Yz0HEs3XrFtatW0s592xpakZUEYnjZvnShfz5z3+KwtrHXHCzGEXTFTFszuF8 M+VKS3EsVXLfTHs1o5Llxdh0qM8oVyq0VxySO6qlVtatWU25muFEEV8lz1spV9ppai1Rrh1/ IpFIdGNCgFB0NvIBsiD4IKmXdWK3NEa1ddR7SQs6NbqHQH9pBq3TJ5KJj0LMOnIru+LNFOhm igZBg2G+wsQnRnDZNf1pk1CIckduoJpTal5Mr9+cxsUX96FqGZo7ht/cl2O/cwotWfTkxPD0 uL34gt3K3Oce50MfPJC/zHiFZS+N4+CPf5K7//IoZhlYmVGjh/PRAz/LxDnzMSnTsm0lHz/w YHpfN4SpT41jn/d/gH3e8y+8Z6/3sc/79mXozTfzt/vuZP/9PsJRJ/6SD+79fvbe+338+ycP ZvaS1Ygpr8ydwRcOOpD37f1e3rv3Prx//49y2bVDyUTZtnUThx96CD/8zrf52lf/h73fvx83 3nI7//vVIzjjrJ6Uq44rLjmP9+29F/vsvRd7770Pe7/vAxzwyQPZ0trGjIlP8KmP7M++++zN Xvu8n333/wT3jHmQtm1bOew/v8De//oe/m2vvdhr3w9z+tkXctmlF3Hg57/ENmdkWYmnH3uA T314f/bZey/eu/f7+PiBB3PjHXehlnHHrTfwyQMO4MTvf48P7fs+9n7vPuz7gQN4aPxEasXL Yii2kbdv5rjDDuOwb5xIS7WWA19m2viH+Mi+H+BXPc7Di7Blwyq+dsh/sG9xLvt/9FPcM3IM IkJr0xZO+P6xfGCfvXnf+z/AUUd/m4M+81mOP/EkKlnOopdnsN9++zFy3HM487Q3reab/3MI vzj3YprUWLtmGT/4xv/wob32Yu+9389+HzqQEX95jNbM4/My3z3qCD6wz97ss/d72ft9H+DE k37K1Zf9ng/v9f/4t395D/+2z34c8Ml/Z/a8+Zx1zrmcesZZtGc5vnEsB8XM0da2jfN7/pb9 9/8g++//IX7yk1M4/fTf0NzcEqMACoHe0rSGY4/+BVuaFyAWw+4JjrVrV/LRD3+ID++/P1/6 4hdZvbkJbxReU4dzFSY89Rhf+8oX+eB++3HAJz5N38E34lXJWzfy3186iC8e+g3+9tjjfO5T n+CD+32Ui68sohQkY8mC2Tz1xDh+8tOzePb56UydOpUZM2bskUA3FSqlVo484ht86IP78cH9 9+eFqdOjB11DTBtQz4RnnuDLX/oCH/7w/nz3+z/itnsf4MY7R0fvueVvO4FuEshdE8efeAwf +cinWDBvKX37Xc1HP/5xPv+l//r/2Hvv6KrqrP//v+/6rVnjjGNBQh8F6TAoRUUsiEgHAVFR QUEUBEFQ7A1UFAE7FgQRKYoNVMoA0iGNUAMhPYSQXm875dNevz/OvQEUeGbmmUdd5LzW2isS k5tzzz3t/dl7vzcFhaVopTl6aC+39+tF/cvqERfXgAmTp1FRE4qaFCqKi3K5qUd3GtZvQLMm Hfl02WvcN24sUnueAsk7t9Ky+d+Ja9CYkaMeRQpZW6YuHJsB/frStHFjft6wmzdmz6Bp00Z0 6tiD4qJKpKjBCpTx0nNP0axpUy6r34AePfsQn3LQK1s3ikCgmjvuGEaDBnHExcVx79hxjBrz ILbjIhybI/tS+O7LpYwdO5pdu+LZtTORfXsPIaVzTrM2oy1+WreMuAb1+ezT5SgVYvbc57ms QVPuuPteLNvGKIfkXVto3LAJD46bSOqBg3T5R0fq16vHq7NmI5TmWG4mnTp1oH79OFq3vYr0 3GOIP1g1hY+Pj89vjTGx6sloi54r0K6pbdvz8TkbtbrKKDyDWeEL9FM47wW61pqKXbuoOZiC UJ4TudYy6uJ+5h5CSyhsGSsXPmUE2r/5t2MriybWw6nDvPfaC8x6820iUfGupSQSDPPspElM uP8Bel53I6vWr8ExgrC2WPvNR3Tocgs55dXRDJ6s7SdXjkHY2VzXuSVjH36WoFAIu5LHx93P NTf04ljIRsgAKxfO4dJmbdm+JxNpXCqrcmncoD5PvbaAYCRIXm4at17TkSF3jiT3+HFqagJs XP4Jl15wEROee5eqsnJ2rP+J5nH1mfzOQioqC7mqXSv6jRhP/vF0Kiuq+Wjuq1wS15hdew5R WZrHTe1a0+jvrXjv4yWkHjpIwfEj3PyPttw99glCrqKi8jjH83I5lp/Bi888Sr2L41i6ci2W cKgJBUjdv4eqkiJKj5dwy203cMfoKVTYgpJjh7hvSC+69RpOas4xykvLeX7aBBpf2ZlIyOFA /A80i4vj4adepaC0nKL8QwzqeS3N21zFwYJSPn//Ver/+VJef2sBRWUVFOUeoNXlTRkx7qlo 3/rJDLoVKue2Htdy6aXNuLpzN667pjNdOnUkrnETxk5+kYyCYoxbwYQHR9Dt+r5k5pdQHSjg p6/m06lbb/Znp/PKsw9yxZVdWLtmO8FAOWtXfcPfL72E3kPHEHZd0vZt5m8X/Jn5m3bgKEWo Mp9bOnVg0CNPUm5VMWZ4X27pN5gDxwqoqSlj6aL3aNa8C0+/PI+jBzZw2SVxfLn6R6qrA2Rl HGHT9iQqy4pY9fUSLvjzX3j8xdc4nn8Cyw6QlZlOVlZOtGzYjd5YtTdFQISZ+9oMJj89k9LS MkLBKhJ2b+fO4SMprwzgKonSDkZbhMuOMejWO6gqK/cMCQ0YpZFCceJEIWn74xnc+2aOlxai lMDVGm3bZKYlcn3P29i0I4mqYDX5eelMGvsA6xISEUpQWJDGVa1bMH7iNHJKKijKO8rjD99P bkkVjmuxZuUiZr/4NN1v7s2Ls+fw+htv8uGCz4gIbxrBuR4GlAYhBaWlheRlH+LBYX3YsDMJ rQWW8ea4RipPMHDAcDbt3E2wOsCBfVsYNLwXby/4AUvZVJXnEKmJILWNdiURaVCF+dScqCIg o20Y0qCkibbHCK9iQCuMMES0RiiBFgJb2oQzs3FCYbTS2EohpcCSQXR2NipxP3Z2LhEnQsCW SHWyn/zU64trvKqHSKSakUP70ff2cXzw6RLKq0ooqwygHIEdKmL8uNEsWPYdRRXlVFfk8/wz 03j9/Y8IGXCsSp6Z+CBLvvuZqpoglRVpPP3IKIbf8aBXGm4UbihMwYl8PvpgNgOHTSEiTNRk zkFqiFghRvbvxcCRY1nw+RIqqqsorQ7gCM+74uvF7/DI9OdJLygiUF3Khh+/pnf/gRyrDqBF DTOmT2L2h4vIK6kiVF3I+jWr6dN/MAFHYUVCfPn5pzz3xKP0vW0oL8x5h1mz3uDzhcuosRxv 0saZrr+AUDZOpIpvl87jmfmfY2lJJFTN1/Pn0Pf2+6gOO7hCElSK/Ylr6dblVkaNnkRGbh7V wQqC1UFsA8IRnCjOJyM1meuvG8m+zDyMPNtoNh8fH5+6gfe8BFJZCBlAOoZK6aCdIKa2RelM 3iE+dZ3TfWk0Ilod6kjlu7hzngv0WAls5e7dhA7tRSlRK9Cdcwj0nfGJ/Lx9J47ruTzDfybQ 4VSBrjA6witPT2XO2x8QVAatBEq5aA3KcVG2xdZNGxk0aAjVloNQNj+v/oIrWnXlcH5RNNsk TxqKuS4pCT/xtz/9haVfrqKgupxARTlfLl5Aw8ZNWb8/lYi2WLloNpf+vT3b9mQgjKCi6hhN GtTnmVkLcZVEWOX0v6ELd455uLaUftOyD2lQvzErE1PRyuVE9iE6Xt6Mkc/OJf1IEpfH1Wf2 R0twZRglJdkHt/LnS+rz5ff/pLzkGNe3b8sN/YcQktHS/socbvlHG0Y+OJ2IqzE6gBIRco8m 0qRpE+4fNxXHcbGUIFBRwIyZM7lj+Ahuu74njRpdSp9h46kSGm2V8NDIQfTocyeVlo3W8OK0 h2na4iqsoM3yBW9Q76JL+WbTdmylkaKSD2c/R70GV7B9fzqff/AKjeo15XBeCZYQaKeM666+ igF3Px41YvMuCLUC/YZruLx5G55+/nmef246HVq3oWevPhQFI4Q1GLeKm7p3omHTdlzTYxA3 97yBXtdeTeNmV/DjxrX07XE1fYaMptqSaGXjhirp2vIKeg8dGxXoW/jbBX/mw03bcaQkVHWc Wzp1YPDEpzleWUyvrp1ofHkrrr1lEDfddAPXdu1IvUsaMvr+h6muPs7V7Ttw7c29eXPGDNIP JlMjFBErTMLmVVz4pz/x0twPon3Btie2pEbJ6NgpvKywbUBGihgyZAhVgZpof6+DY4X4+svv CIQshI6Keu0QLs9n4K3DqSqrxI4JdB3rB5dUFmUwrH8v8kuLUEp4It522PzjF4x5aCIbtyey dec2dmzfyJxXZzBm6jQcV1FVmUOnli34ad02IkahrABvvPgYqXnFCGVhZBk1ZflMeOxZqh23 1rfAiZrQnEsseb33CqlsHLuKKaOHsWFnEsa42AaUdMlPS2HixCeJRL0QlCzjy2Xv8v6nq3Cl Re6G1RyPz0BIjZIGS2kyVn+P/c/dSCFxjMSJ9uFpE/VScKRnpOcYpDRopRFSYwePs6r3ICp/ /hktNGHtlYqnfTWfH8Y/wIbHn+C7qU+wbc4HWJURjDzduT72oCOMQEgXJW3uGTaAR6e+iqs1 QllYSmGkJP3gTkbePZx1OxLYsms3u7dt4IfvvuTuMeOpsG0Clce57boeBLVAaIFWQfZt2cTd 9zzg7TOjUK6LUIIvl37CwKGTTxlpKDyfASUYOeBWbh18HyFHIlwn2ueucYKVPHLPQD78fBkb d8azc/smErb9k2F33kNKZgGV5WkMuKknlY4gojTGEQRrKlnw2RcEnZjfhUV+1kFmzniVGo3n 6eBoHM05BbrWAqMsNq9ZxDPzF2NFt3nD8k/oN3Q0NWEXISWWgfRD22gY15r07AJcrXG1hXIV rvF6/YWyCZQXcGOPe9mXmYeW/pOmj49P3UZH73lKuigVwTiG4uRkcn5cHRXoUc8nfHHuczqn CnQlBVIpjheVsPqnNXXewR3Oc4EO1Ar0mv3JntGWsv9Hgb542Zcs+mIFQqr/VQa91jk4OqbJ aIs3X3iSN+a+Q9iAMS5aO7hRUayFTcSq5IlHpnIw/ThKhtn4/TLadLyOjMLS2h5YHRP8ooyX nprKhX++lIsuqcdF9S7i4osbcOnF9an3178wYvzjVCiXbz59k7imbdmekobUitKSPBrHXcZT sz5GaIUIFTHghs4Mf2A8wegIus3LP6RhgytYuTcDpW1O5BzgH5dfwahn3iXryG7+Xr8+sz5Y iFDemKr0lE38+aLLWP7dPyktLaB7h3b0GnY3QenNna6uzKVXp7aMHDMN21WgA2z8YSWtmzbk ocemUxpxkMLBtoLMePhO2nW7ju37DlGSn8vgvt25bfBEqlyJtCsYe9cgbuwznGrbG5n38tRx NGvRETtos2TBHOpdVJ+vN2wh4kpct4Z3Zj3HZXHN2Ln/KIvef524y5qTdqwIoR2UU063jl0Y eMcTpwl0oTyB3rtHN665viflgRBShlnz3fc0rN+AN99eTEBojBuiZ4/O9O4zlIKSKgpLT1Be eoLC8hJKS/Lp170LvQbdRantGfZFqkq5usXlpwj0bVx8wZ9ZsGEzrtZUluXTvX0bBk14ivyK Um7uejXD7x5NXmkFpaWllJUWUlJYQml5DUJWUVpUxHfrNzJ/9mx6XdeZfiMepspy2bP5W/72 //0/XpjzftQczhNYQujo+EAXY1yMsQkbjVNznAGDBxOwLLRUaOWglUAK45lkxQS60gTLTzDg 1qFUldZga6LlbTJqQmZTWZrO0P63cKy0GKkEttEo2+af33zC3SNHMuOV2cx89RVenfkSb7z8 El+sWo10BZWlOXTt1IH0nHxsrVB2Ga+/9BSH80txtI1RJVSVHeORKS8RcIS3wKVPcYg9R494 zMTOyzZXMOneoWzYmYjRbrR1wSVj/26mTH2BsAZXSbSqZtPqJby7cAW2ilC1+htKdx/BUi6O lkS0IH3VSuytid7sd3WyukUrjXE12vH2n1IKIzRGGlytyVz4Hpkfvcfm6dMJuRJpR1A11aRP fhVdU4MQEhWyiRzJJeiGvTLuqD/Cqa03yjhI6SKlzb0jBrJu8x7sqHGcrb0M/oHkzQwacBsv zXqDma/M4rUZL/PqKzNY8MVyAq5DaUkOva7tQUi6UUNDh7SEeO6/f5y3CGI0ynVwpWTlsoUM HjbRE+jRa5xnDOlw58A+PPfucmxl0MJGK89oM1xTxajbezPpscd56ZXXeWXmy7w+8yVmvjqL 7KJyiopSua17D4KuwlYK4yjvWiA1EeEZ1ClhkZd5kBkvzaBKSYR0kY72jC/PMUpQKq/qY/O6 z3nhg0+xlUIrwbefvMttg0YRtFyUkggDRw7uoGevEdhaYyv0lc02AAAgAElEQVSJ1C7ajX5V GqEFwYrj3NjjbvZHBfpp7u8+Pj4+dQxtJMJotNBIo5DCcHzRQvY+9hhGCLRSvkD3OSOnCnSt FFJpDh/N5I05b9UaxtZlznuBDlCxazfV+5KQ/2IG/fNlX7FoyfLaWczwHwr02NzdqEBXKsJX C9/mpVdnE1QGIcKsWfMdx4qKiAiBcG1SD6cwavg9FJTWoITF14s/5rqb+lMciCCkW+tAr7VL +sGNXN6oGW/OXcDx4nxOlORxorCMwhPFfPH2KzT7e3s27Exh549f0jSuCa/Pe48jRzNYtOAT Lv3bX3nmjQ9xlUaEKxk1pDcdu93AntQ0iiurWLfiE+Ia/J2v92bgSpui3CP844rmjHn6bUKB Am7uejU39xvC3uQU0jOOMOO5qVzWqAkph7IoKz1B944d6D3iHkLKywxWVebQ6x9tuGfMY1i2 IPNoAl07tKHtP64lcc8BjmTnkHrsOKGqYh6/sy/tu13H1pQD7Pp5Ex1aNaX/kAne3HgnyPRH x9KseRt2xO8kt6iUl6c+xBXN2+OGbA4f2kXrFi0Y/eAkDqQeITklme5drqLjP7qSU1TGwvlv cllcCzLz8tHaRoogXTt2ZdDwabUC3QCuVFjBMvrccB1drh1AWcATQm6okikT7qZJs8vZGr8H 5QqenDqOJo0uZ836zaRlprI3ZR/f/bCFSKCSt2ZM5vIWLVmw4gcyj6ay+OP5NLv4b9w27EFC rqDwWBqNL7mYeyZPJiM7h+UrltD4ogsZMn46lY7NxAdG0bJVB75fvYasrGz27k1i0dcbOVJQ TXl+At+vWktq2kEyM/KY8eKTxDXtwLHiSlKTfqbehRdw1/3jycjMJWQFyc7LJSMzF1doT7gY h4jRGFVNWLhMnjiBhd+tQ9gOQthUVlWSkLgPy/ZmPksRIRK0KCnIZOBtgynJr6DSsrCUZ2an hI1lBTlx/DC3D+xNdkEuoXCIkFIoR7B31088OnkSJWUVuFLiuILKkkpOhMNox6G86CidOnYm Les4rgzjBMuY+cLjHMoqICwttKogVFXIg+OmUl4dQAqHouJiiktKo/1v8uxz4qVECoegFaI6 UMbEe4eydstOrHCAsJAIx6K6OIt+/Yew98gRIpEgeTnpjL3rduZ8upAyFaZkzUpKV64mkr6H SNoBwmnppH/8EZXbkwhJ7ZmQKeO56RvPMCeiNbZyCZsItvIM25yqElJHPkE4L5eD731MIL8c GQ5jWVXsffplinYmUlNcgQwFkG4A1wmjpMXRtMPkHsuvHannVS1YKNchGKrhnjsGsGFrCsFw ANuJEFEOQkYoL8rjsYkPkZWfjeu6SFdSEwpRXFmJqwS2E2Dk0P5s3b2fcMCiInCc156fztCh ownbAlsLhBUkEIywfPEnDL59HIGQRdB2omaFDk6kmmED+/Pagq8JWDaubXmTAzQo4TBn5nN8 9+3XhCwLpRW2FaKwpJCQK4mEwzx49xB2JsQTjrhIN0BpWRk7k1KwpZfx1lpwPPcoz05/jjLb wXEsThwvoqCy+jRH+V+itEAqi10/f8mk516kMhiitLSEyfffRe8B91EZsr3JDq5kf9IWbus7 khrboiYSxhESZQlcFUY6NkErRHlROj26DyU59ShWMFxr2BhzxPfx8fGpUxiBMF5VmWugxkDh 4vmkPTbFy6BL+T+Pm/Wpk/yyxF1pSMvI4vU35/3LE3rOZ+qEQK9MSKAiJQGl5W8s0EV0prXn cGm0TdbBHUx8/CWqhcZ1Qnw8/y3adWjPgw89xPgJj9CtS1c++ehDpFY4UjLn5eeYNP15IsrL VKnoOCyjbJ5//BGubNmR8rCFVDbG1UhlI5VNUc4huvyjM3fe9xA1ZWWMGjaUevUvI65BE3r1 7E3zZg14Yd5H2FLhCMk/v/+CJk0v57J69Xjjrbf56bulXNG8JT/sS0dJTXFOJt3btmXcs29i iQi5GWlc070bTS6rz2Vx9bjyyiv5aMFHOFJSWVZAr66dGXjPaMJSoqQgUHOMAdd2YuyEp7Bt wbNPTCDukvo0aNyKepc05NLLLqVpiytJy0znUNJmWrVqRf36jencsRu39OzC0BEPE7YFQtgk 7dpAy1ZtiWtQj+H3jmXmk5Np26ErViCMK8pJ2r6BDm3bU/+yOC6Na8i1Xbvww+o1RKRmyYJ5 NL28Lbl5uQhp47phbrzuRu64d8qvBHokWMaQ3j25qedgKkIuUkqMEyElcR0tmrfgzvseIhxx CFTncc/wYTRocAWXxV1KgwZNGHHfBMpKywlXnGD0vXdxWVxjGtWvz6g77+Sqy5tw27BxhFyB cYPcP+x26jWKI65BQ27odTPXX9WJOx99mhopqS7KZfSoMTRu0ID69eNo0LAJ/YdP5Muf4on/ eTkd219F/QaNaRTXiMZNm/LsjNnYrk1NuJJnn5lGo4ZN+PsVrUnck8SESY9y/5jxhCIOKprx toxnpCWUS8ahRK7qci1jH3iARyY8xC239GL0/eOxIg5K2uxPiefuO0YzdEhf2rRoz90DhnP7 iDv5dt0GhGuzbctmhg4dxuCB/WjTogVDhgzhjmEj+GbNOpSjsIIneGDMAwwZNJDJU6Yw/uEJ 3HDtjXzx0xqkXcIL0x6h6d+bcd+YR6iujDDrpSe55qpuDBgynL2HDiJEAG1XMfre+xg5ciQT J06ia7furPjm+9pyan2WniUtBTnZGYwafT/Dhg2ja6vm3HLbYO4cNoxX31yE4wqUVcZLL79C 69YtGTawP1d17sykSQ9z/Y038dX6HyhYu5L19zzCj09MZc0TT7Jm6rNsHnYP1oZkXOmN2guX lhIuLiZSWkywvISa0mIiJwoI15QQNgpHOpRtW0vi519jh8o5lridhJlvY7k2trKROQfYP2sG Xz14P9uee4aKlGSEcBFuhNt692LK408gdPRhR0mMjhAsK+OBe+6mfasW9Lz1dobfMZzpTzxF tR1Gaa8y5cP573Ht9dcw/qFxTHhkEj179WXmq7NQ0WvKrh1radDoCob0HUyv/jcxccxdXH/t DTz/8luEZYSF781l+LC76dWjO61admXYsBHcNXocuUXlBCtLuP+uYbRqeSWdr7+F24fewTPP vUC17TmdG+WQl32YnjdcwwP3j2bio1O4Y8QIbrz5RoorKnCkJCVxKy2vbMl99zzAxEce5sab evLg+EcJ2Y53nTYKK1LB+DFjuHfcOB4aN5bu1/Tgx5+3n3Ume2w6gWtcTmQncs1119Gvbz+u 7tyZ56c9QKeuvfjosy9whMOXny/n9j69aHllF4YMv50Rd49i/cYdKEfhyjApCTsZfuddDBt8 K80v70KfgYMYOfwO1m3egasMUnPK/aJuP1T4+PjUHYyShLX27iVKEjaQv+RjDj42BSM8ga5j lWW+SPc5BV+gn5vzWqDHPtyqffs4vOaH6Cxp96RJnD6zQF+y7EsWLVkWFdX/JYGuDEY7OKEi Ro56mKzCcpR0UCJEWVkxe1P2kJicQlFBKZYIoVSEsGvx/LQp/Lxrr9drGb0IxgR6Rupe9h5M I6AclHYxjsHoIEoFESJEaup+Ug4eosZ2CFaVkLwviUOHj1BRVcnePTtILSzySrk1KKeGwhP5 JCfsILewkOLyQhKTd5EbsNHS4AYDpCbtYP+xQi8j6roEgiUc2bufnUmJZJcUo5Tt9YbaNRxJ jmff0aPY0kUrieuWk568k0OZx5BCkpeZzO6EBJJ3J7ErPoXdybtJ2rOTciuClDbFJ46xN3EP pYUVpKYlcejIURwpEVKgRIDCklISknezP/MY+dlHiU85gLBchKxCO9VUlhaTkrKPxH0HqK6q REqDqzQlJ44Sn5JEOBKMzkh22L//AAcy8lBRN0kD3kxzN0jawV0cTN2PJSVKC7QrEVY1KXv2 kbTvMCFLoUUlbiRIZlYuO+N3cfhoJlWuhSs12tJEaspIPZzAof0pBCtL6dLqSvoOG0fI8fpj IxVlJB3ez96DBympqSJ1bwp7snMJShctAoTDIbIzjpCQGM/hzGxCYYEtDUoFqSovI+VwGim7 t5Oae8wTc3aQoJKEHYucrHQS9+wnEA6RkZ3N0QxvNJrUEh2txggbr5fedQNUFOexbfNmNm5Y z8HUVIJhGym9io2a6lKS4lNISNhGQnwye7ensCMxgeyiYqR0KS8tJTEhmaSEZJITE0hK2Epi /G6yi0uQQqNFFRE7wt6UZNatX8+2bTvJOppFtVQoWU76oSR2JyWSuHcfVliQkZZEcnwK8UnJ VFRXoaWDEQHKinPZumUNmzZv5mh2LhGhENEZ8Gc7R7WShALVJO5JYlfCTvbt3sCuJG8796Uf w1UaowJYdoj9+5LYuG4NR3KPUVpTxd7diZwoLKBi7WpCWw+ghY0jbYS0yf5mJeHNCQgpsMrL ydm8lfwNmzj+z43kbdpI9s+bKVi7ifLDh4kogR2oZO9Tk9k69il+fmI6ux+ZTPLVvcjPzMF2 XYQtqXEsVGUpkSMpbJ04nUBhMcIJs37dGj74+FPc0wS6hbAskhLjSU7YxI7de0hM2MWB/QcJ CRupBUpKHNsiO+comzetY8OmTexPPUIoHEFGx60JYZGWuY/N/1zN1t27CVUVs3dfIofScrCU RV5mKgnxSSTGb2VXYrI3GjHlAJWWi2sH2ZuwjaSkJOITdhOfEM/ew0cIKB1dCLVQToiKknx2 7tjK2g0biU9OprSsxPPA0GG0oyg6kc+2bRvZsO5njhxNJ+QIT/hqEV2cjFBQkMm6rT+zZfMm 8vMKCCt5DiMZjdIS1wiMLONA+hE2bdzIodRUAhU57Nizn8z8EzhScDw7n727t5CwO4HdSTvY lZTI8cJylFA4yqKyvJD4xHiSEjcSn3CAXYkJJMXvpqCsAld7Jkmxv+kLdB8fn7qCUZpqrXG1 RLsuUiqOLV5EypTH0UJ6LXMxY2NfoPucwq8Fuo4K9Ll+DzrnuUCPUZWZxY6576Icz/HXNgot zu4O+PXXX7NixYr/uoOg1hopJQ8++CCrVq36VY/FyZEDLkZbFJcU8uSTzxEKhv+r2+Hz22MM aGnhuqV07NieQYNHE7YdlDn7iCifcxAdy4ERaO1SUVHCsfwcCgryKSgo+FWUFJcjXYOSnnkb Rp3TUdbWGulER7C5mpCIEPj2R2p2H0Arg1IaR9rkfLMJe0sKWjtn3kwDRnqO50EZJLgziZ3j plF2JIeC3Fyq0o9wYPFi9r4yFxOpIpB5nMqaCkKBIuzMDNZNe5bqwjyEcFi5ciVbt279v9un f3CM0QgjvAc97bUtaBWgpDjvjJ95QUEBx48fp7q6us7f6H18fHz+TzDKm18tDUIZbBOhcPlX JL7u9xH7/HsopcjKyuLdd99FCC+BWpePnzoh0O2KMrZMegarpgrtSpyYidNZPnittder+V+8 uMTKNbTWJCYm8tFHH9X+jRgnBbrXK596+CCrV/1IHT4+zxs8oWYjRBXz57/PihU/YbkCdY4Z zj7nQoOJjh1ULnPnvkm/fn3p378v/fr1+1U88fizuHbMwV7+jwJdG4kSCmFA2xpLuuRt3Ubp vjSMMmitsLQga/02qhIPIMyZq3FqDd2UIuiE+eG1eRz/cQvaUkSkQIswurKEne99jHRD5Py4 moRXX2fD40+x9a23yduZiF3tIm2FlPK060VdwxiNik2x0KCkRIoA4x8ec8bPvF+/fvTv358V K1b83pvu4+Pjc96iDLgGb5SxcHBkiJCM+GXKPv8ysQSmlBIhxGmaqa5SJwS6sMMcHP8MNTkZ aNetdU0/m6GUUt7D8H+7xCL2WkopXNf91eufFOheKb6QLlIoX6CfB3gu4gKjI9FxZybqQF63 5zz+50Qd96OjByOREIFANcFggFAo9KsIhyyk8Macae3NEz9VoMfOw9qvykUpQcRotK1xhMSy bHQkOhZRa8JGogMWdtjCMWcWzjqa7TXSYAmBUxrArXZQjiaiNa4RaGkhKgLezHhRg6ooRhcX IQOV2EriOt6MeaVUnZ4Laox3vnjj00ApiVYWoWDVGT/zYDBITU0NkUikTt/kfXx8fP6vUAa0 MAilsY3A2AJhS1ypfJHl8y8T00Oxr/4c9Doi0I2RZLz0Numrv8UIy+sZNGfvQY89CMdE+m/P yT5GfyzF+UQ0exsTh7Hv+fyH6DPEmTk9W37y57TSOI5TWy0jhPBWb6XnHG4ZjXa9UWlWdGSi 1KCU8cS7VAilEOYss7iNxo0KdKUM2jE4yqBcg9Be1gE0xvXK6V1pTjGBMxhpkOfora9rmF/u Z3P20Xo+Pj4+Pv+3KANKGISMCXSF4xhc5Qt0n3+PX2bO6/pxU0cEuubE7ni2Tn8aYVV5hmtK Yc7S/xt7SPdNCnz+25ioIIsJdZ/fijML+Ng57rouruvWllnFFua0jpWoe5MYtAZHg5IGYUBK T3AbdWYJraX2fl4ZtDII12DHXjP2+tIT4jr2c9p76HEMhLUiYgTqLAsAPj4+Pj4+vx8nx4oq ZXC0JqgjuNrxRZbPv0wsMRp7Hqvr2XOoIwJda41bVULSlOmESwuwNUghUdo5JYupMcbLbGZm ZpGWdvQPItB/77/v89/h5PFltI4anCm/QuI3Q58106q1xhWCVatW194YlNa14tkb36YxUavu mEA3eALdlgYjzibQDa7yzHPUKQJdah110ff+xskxNA7aOBgj0Nrrx1JCntUvo67xy/PFP318 fHx8fj+MlkgjvUVroanSgsCBwxRvS/AqUVXd9U3xiaFPJiSU+dW4PYPXNuhKSXlFJfv3H/Cz 6NQZgQ6ODpP77Wpqft6OrRSOEihlR3vRXbRx0UZipGHxkhV8unipdxD9b8as+fj4/MGJim4p 6dmrDyHL5n8sl/8f/n2un49lzs/+O6eX65/LyM7Hx8fHx+f3xEhFQGtcraItX4Zjny9k/2PT 0FJ6I12jVWNa+8/RdRGjFbZS3mQcS1ElHCJK4QovcaGUQRmNrTWHj2Yy6425p/Wj11XqhEBX GrQtqS4oYN34aUQK8xHCRUntlZcKjZEyOmsXPlv6FYuWLPcepH2B7uNzHuOd37ZU3Np3AOF/ QaD7+Pj4+Pj4eBNKIlqjtWduXG0gb+nHHJwyBeMLdB/AKI0rNcqVVBzLImKV4UoL4XqiXAmJ FgJHCo6mZTDv9Tl1PnsOdUSga6ORlibiSvZ+/AknFn+GcMNIaZC1M3W9PlBlYNGyr1i4ZJlX fuoLdB+f85bY+W0JSa/b+hO2HeDsIxh9fHx8fHx8PIxRuEajpYs0FkENBYs/JtUX6D5RjDJE lMZSEfY89yxpYx6mavcOXCeM0C5SS6TSaEdzJCOLmXPnnObmXlepEwIdNI7WKEejrQB7Hn+G 4r0pCOFiaUGNkQh10qhp0dIVLFnxNUKq2rnDvkD38Tn/iBmSBC2bW/sOIBCKeOO7zjKC0cfH x8fHx8dDnSLQtY6gXEPeZ5+xd9oTaNdFGeUL9DqOUd4YPiHCZEyeSuqVbVnTqQu7xk3BPVEY zaZLlGU4kJXDC3Pn1Tq612XqiEAHoTVaKLQWFO3fz4ZHn6Y6Lx1lhQhpB6G1Z16gDN+vWcfK 739EKIVSvkD38Tlf0VohhMByBQ+Me5hgOIKUAr/E3cfHx8fH59xo440ZVcpFKgsTMOSsWUPS W/MwrkBpz3TVF+h1F2PACINxLQ5Pnc7Blq3Z06oNB5p3YOeAOyhYv4ZIoAIhJFkZx/n0k8/8 DDp1RKAbQDsuSlkEjCYS1jiZh/l2QH8Of7gA7QZQWtZm0G2lsIREKoUUAhM9SDxDOT/88ON8 Ca0kSkocqQg7AqEUUgqMVr/7tvnhhx9++OHHHzqU9HqMtYslbbSlqREhdLgcLQRSe0LLqJOu 3L/7Nvvxm4bSGqE9c+60ac+S1aItu9r8ncS2zdjf8nIOXNGe3TcMoWzfPiLKQSpZO3atLlMn BPrZUMEQxzZs5NDsd1k79RnWT32SrY9OI2nsOLYMGcT2wf3ZObAPuwb1Y9egAeweNICEQf39 8MOP8yTiBw0g4bTzegDxgwYQ/wfYNj/88MMPP/z4I0fSwL4kDepH/OD+xA/uQ8rAXiQM6sfO IQNPub+eGr//NvvxW8cAkgYOIeHWQRy8qivxrZoT37oNR1t0JLlVB7a3aUtyqys51LojGx95 HBWxfm95+IegTgt0VwuEEuigg8ovRaYfw92bRmRbAkfmvEXGvLfImjuXrLlzyZz3Flnz3iJn 3jw//PDjvIm3zhK/93b54Ycffvjhxx878ubO5fibc8ibM5djb87h+JtvkvfmHHLmzsO/t/qR M28eOXPnkj3nHfLmvkNy34EktmlDcqs2HGrZjp1tW7K3VTsOtOlE6h13UbR2DcZ1f295+Ieg Tgv0iNZUabA0CO31qUutcJTG1RpHShwpcY3GNt73tPDDDz/Oq3A1SqjT/v27b5Mffvjhhx9+ /MFDSok2FsI4aK2IGHBkBGNZaEedfj/17611MoyjsYXCliHSpjxOVotWJLZuxZa2LSlo3pp9 PQaQvXEdIVmKUpFa76+6Tp0W6Fp6zu4ietEwUqG15GDqIQ4eOoAUIYwOgw6jjIXUFkJF/PDD j/MkXBnGlSECVpDPVywnZIdwRQihwr/7tvnhhx9++OHHHzls5WALQVgJLGGoVobiI/so3LIJ Kbz7qKsiuCqMf1+tmyGlg6MVQobZ9/hUklu1IqVlaw5cdT0pM2ZQeSwXS7pEpKCspIrEXSm1 JnF1mbot0LVGKYVtFForjPLMDBYt/YoFny1HSo1W2nN31968dKmMH374cb6ElEipCdmCnr2H UBNyUEKhpP79t80PP/zwww8//sChpMFEFEIJpK1xXUPOZwtInvI0xvbmWwulEEqjlEb9AbbZ j982hDJYWqNci9Qpz7Cz4zUkjHkIKyEJHbFwhSKiFWEpST2SyazX3/YqM7Su0yK9Tgv02Fg1 x3jiO+bivnDZCj5duhypNVpJTnN0Bj/88OM8Ca0lUgrCruTG2wYSsByUcNFK/O7b5ocffvjh hx9/5FAGtHAJGQvblUSM5MSSdzgyZSrGlSglkUahjMIYhTH+c3RdC61BSoO2JDnf/kDF9q24 gQpcJXGVRgqFFC5SRDiSkc2sOW/7Lu7UcYF+NpZ8sZzPPl+G0l6WHSPBuGDE771pPj4+/0VM dARMRCpu7DOYgO1gtMafg+7j4+Pj43NutPHGGAvtIoQhZOD4kndJnTIV42qUVJ6IN3jzsM3v vcU+vwexbPgvRfepx4RShqPpWbwx++06nz0HX6CfkS+WrmDJFyuiKz8ajPLEufGNC3x8zi+8 m0BEKHr2HUzQF+g+Pj4+Pj7/EsaAsQUhLbCUQRgo/PQjDk95EiM0WipPxPsCvc5zJsF96jGh NaRnZDPbF+iAL9DPyM9btvLzlm2cvI7Esuh1u9zit6Kun5Q+vyXeim7EFYy8/0GClu35UfjH oI+Pj4+PzznRGoyQOFrhKoM0kPv91+x94y2M1GjlCXSDL859TicmzmNJEaU1OTnH+PjjhX6J O75APyMGai8ocPIA8h/afxuklL6Do89vQmyV1hWSopIyXCHr/E3Bx8fHx8fnX0Eb7z5qlMG4 BtcoIqEy7IpytPKzoD5n5zSBbiRaKxwhqa4JnrEcvq7hC/QzcEaB7pfm/GYopWpFuo/P/yUx gR67Gfg3BR8fHx8fn38NY7T3vKyMJ8iNxNES1yiUL859zsFJXRUT6BKlvUy6v7DjC/Qzoo1G nnKQ/Kfi3HAy8x4b02aMxkiHsC0xWqC0RBtQSmK0jZISVyvv+zKM4ziewYZWYNRJZ0TjGVwp rTFaoEUEaUBrET3IQSp9uvv8Ke/h1O+fud9WgxEYA9ootPH2A8YBI2sXMTjl972LdPQEi16w lYm+Z4P3e9GefhPdr945qGvdPZXWZB3dx8pVPxEREq1cXANKhtDaQmowRqKNNxZP1C6kaM9t n5MLLMoItFZIE9332omO0xMYpYlojdHeNulTPuPT97F3w1FGY7SLNgpldHSfeJ8BRmIFyykq LKQydC4jwV/2Nkf/2wgwCq2lt0+URmlvnwvhUlF8nKLKoPcelIp6IngR6+0itr2nHHex9xLb TqNV7fd8TqKUQivv5qCjZVX+zcHHx8fHx+fcGK0QRiM0OEajHYkjNELr2mc6Vfus6eNzOjGB HtMuQp1c2Knrz2G+QD8DQoOrYgL9pKj5dy8wOiqsjVRoZZAatHZI3r6Bx56aiRMJYCsbV2uE tHAixcx78x3W7NyDLS0Sd65iwaJFhIw3DspoF2W8sRZGa5QbxhYSaVex+uvPmTT9WcY+cB/P P/c0u/fsxRLe3EmjVNSR/mQYJTFKegLZSH4l0o0EHfa227hILdDSgK7xhK4BEXt/2hPXrgEj bFwtsTUY1+BojdYuRmkwoei+iKCli3Q1Unj7WGuBMRIpbd599VGGj51ElZBoGSKkNMlbv2X8 mDH89PM+hLaQxsU4knDt/pAYJaLC3AthLLR0sISNIwVS1iCkwKopZdqjU3nmnYUIN4KRAlef FLjyVEMTJRDaxjYKrQII7WAbhdQOUnuLLY4b4NvlH3FF02bM/WDl2Y6GU4wGozer2EKFttBa IIWNkgIlNK4SCOVy4kQ+/Xp0Y/DIRwhaAiVF9FgQGC1RBqSJLjQoXfv+Y6MBvf/vLU54CxTe 93w8YhlzpbxxMFr7fU8+Pj4+Pj7/CkZLwkYhNNhGYyICRylc5SUdlFHeyGK/EtXnF9QmwqKa RiqJMCD81gjAF+hnJL+wmLwTxf9rgR7LfNcKdOWJvEkPjWXZd+uR0kUoB6UFSgTZuG4VjRs0 4f3P1+BIh/LCLJ5+cjqlIcvLGGtRKz69nh+HssJchgzqx5UtWzJhwgRmzJzJqPvu4+9XXMmW 3ck40vs9reUpmeXo758Sv8TLbrteX5GxMdr25sQb1yc2JzUAACAASURBVHtPRp8UisYbo+EY MFIgtUBoMMIgtYsyNtpIT6ArF+GWMfGhUTz1zIs4UiGVQUmFUTblxdnc0r0zi1etxdYSJV2E DDP+gbv40/+7kBH3TaHKcbxqA2VQRkYzyNpbBCA2d1EhlYVUNp9/+AYD+g4kNS8fKSU1lYU0 b9qMm4fci2NH0EpGqw+iiyommtHXCqMkUklco9HKRmqJMApdm41XOFqya+taHh4zhu/W7T7H ERGbCHAyjJHeexAGoyz27dlEz1v6smtPKkIJyitKmfnkFF6Ys4CwIxCujRsV3Tp6fBrtYlSk dqGkNoMeq0owRBcD5Mlqin/zWD5fOSnQFcnJyUgp/RuDj4+Pj4/Pv4AxCttohDRYRmGETaTg OFXpWSjlVTEqc7oY8/GB0ytVvZG3ippIhMzc3NpESV1+HvMF+hlYtGQ5C5cs/18LdBkTe1pG hYCNG8zn/tFjyS8LIrVCShutwhzan0CP63tw9T+68P6SrQgpUXaYZ6c9zA8bd+AqHV2N1LVl 41qEePfVp7n44jjWbt2NcmoIK5ewHebAwVRySspxtcIYCyWDBCNhHOGijMYxeGVH0vZEvwYh XCKREEp7Il7GBKCysCMBbMfB0WBpr5TeyADSjRAIhwi7LrbW0TJ+C6UiaGlQKkQoEsAWAqE1 Sglcq4x+N3ZmxH0PEHQ9508jFcYN8N3y92na9HKSM48jtIurBGnJ67myRQsmTJ5Gu3bXsGZn ElpZ3nYIF61dZG2mWEYzxQKhLbQIMvuFyTRrcjn70jNxpKK8ooDmTRrS8/ZRRBwb27YI2xbC gNIqWsZvo7XAilg4YQcpNVqZ6DEh0Nr1yqKlIWxAyBBKWISljparq9rqgphQrjVT0V71QiQS wXJcHKURUmPcahI2f83F9Rqzbms8Qrq40kbblZRJhaMERka8G55WhCIWrhNBSTd6XIja964M CCWwrBqElAgd/by19C6E/k0yikZKieUKet3Wl2A4Urt45ePj4+Pj43N2ZLSKTwpNxCiMiZD1 xSJ2PPUiyvUSOtoX6D5n4JcCXWnNkYwsXn9zLkKIOj9qzRfoZ+DzZV+xaMnyX/Xy/icZdBMT 6EZjtEN6yiamTn8ZS2qvN1pZWOFyBg8axMpvvuGu24cy/4utKGXQwubdWc9w/4QnCImo4Kt9 XYVTfYz2LZpw+z0PEVAaI8PYWiCipeuu0Uhlc3B/PMOG3s6VrVrSrWtnZs6cQYXl4kjJso/e pXe/EXz7/U906Xw17dq25rnnXyTsGoSUFBZmM/Kuu2jdqg2du3bmjbnzKQtFkG6Q3Vt/YuDg QbRs047rrruG79f8iK1h774d3HT9Nbwy6wPuGTWStq3b0Kf/7exLzSW/oJCBfW+j2SV/Ja7J FXS7vhdz3/sMpTTCquLe2wfSskN3qmyJUi6uE2Ly/cO4te8wSqvLuX3wAAYNH03EsghrgXYk b77+MgOH30WVrTHKpuREJv0G9Of9RV/w2rSxtGrWgAv+ehFdu3XhoUnTKCjKoXXThtw08G6m TX+a9m3b0q1rV5Z9vxZbSqQIUV1ZxCMTHqZVq3Z0atuRyY9MoqSiCqUF2zet4aabbuDHn9Yw ZvSDPDBhKlt+XsuN3bvz3fp4KivKuGPYUG7scT0333gDPbpfR48eN/Djuo04jsOP33/DwH59 aXnllVzV6Rq++OobAkLxyVuz6N6uNX+64BLade5Kv/79SUpM5JH77mTaq+9jSRcjK1nz/Zc8 MHoUrdt1oH27Nkx9/AmKbYOrJQeSdtK3V0/e/Xgxt9zam/ZtruSuESPILinDUjqabXf8Mvda vPPblopefQcRtBx+7RXg4+Pj4+Pj80tiz6NCSi/xY1wKPv+QA49Nx0jP1yWGL859TqX2cIi2 e54U6PPqvDgHX6Cfkf+WQNc6tjIko9lTyZL5s3lp1hyUlrhaI0WAN2a+xLsffkbQsrh3yBA+ WLI2mrG1WL10Ad2u60tRTSR6odO1F8SMlDX85S9/Y+YHX3o91FqhjVNrNmaMRU56Cq1bNGfQ 0Hv4bvVq3p79Ks2bNmHS9BmELJt3n3+aCy++gmEjRvPTj6t5ZPw44uKasH5zIuFgNaPvHUT3 G/qw/Juf+GzpIh4Y9RAZ2TmUFmbTrlUL7n1oIt/+9BPvznmFRo0aknAwg9071nPRny6gbac+ fLLoM1Z8/int2rbh2h5DySkoYtmSpVzbvjnXXNeLjz5byq49+5BKEKwsplv7Djzz9hco5aK0 Q17GXtq2uII58xcjhc2n81+naaMWpOWW4moX42omP3I/zdt2otTWaBmiMO8QzZpezovzFrJ9 3TfcM7Q3l1zWkJmz32DV2g0Ulh6jY9MGXNqoNW/MeY/V333H7f1uo0GzDuw7nEF1RRF9et1E t67XsPyr71i2eAHdr+5InyF3UlRaxPofv+Siiy+l49XX8sSUJ/jqq2/48ZtlXPCXi5i/YgOR UIBvVn7Jks8WsmTxQnrf0pO4Bo3YGr+HcCjMy889w+JPP+aHVat56/U3aNQoju0HM0nYvYNX n3yMi/5Wn8eff4lly5eRnZXFrddczfCHpmNLh83rVlLv4kto0+Eqln79PV8tXUj7VlfSb/ho KiNhkrdv4pILLuDmPsNZ+f0PvDV7Jg3rxzHjnQWEo20RRkWQpm5f+GLEjPMiUnFz3yEEbKd2 JqePj4+Pj4/P2Yl5GgktcJRBa83xLz4g9bFpGCExUtb+rC/QfU4lZvCMkWA8r6y0jGxef/Mt X6DjC/QzsmTZCj5bsixaEnzyAPl3ry2eyZiKmnl5JeqvP/cUr731PkJaSOWwL2k7t9xyKxUh i5Btce+Qwcxf+j1SCBwdZOuqFbRp352ME6XR14qWCxlN3v71/PVv9Xj5vaWImGO6ttDaRssw UodZ89UnxF3WgPW79uJIiXZqeHbqRC68tBknikr58MXnuPDiluw5lI6WNmkHk2hYvwnvfPQl kVA5E8YMo8+A4WzYvoucgmNYIQchHD55bxZNGjdi7oIvWLJyOUsXvkOndm354psNxO9cQ9xf /srDT8zBVhGUW87oUUOo16QLqdnZ2FaQ23t24o57xlMlFba0EMri6J6tdGh3LcnHy9EyhOMG +WTeDJpf0YYdSSkEq0vIOrqTru2v5omX3yHihJHKMHnCfVzRrjNFrkHJEIV5+7ni8st54Z2l OCLE3Bcm0KhJCxIz8nGkoKLyGB2bNeSaG4dSE3ZRrmDxR3P484WXs+SbteSl7aNBvUt5e/4C bKlQIsC6bz7l4ksasn7rTjasXsyFFzXg0WdfR7kOUkjWr/ycv1xwEe+s3IySDlpEcMLVLFm0 kJYtWzHz9TcI2g6uHab4xDG2bN3GihVfseTjedSv9xdefGs1rhQkblnBJRc3ZN3mRJSW1FSV 07tbJ+6Y8DQREeLpqWNodmVnXn1/CSGl0W4Fi997hYsuvIgNifvYv/2fXHLhxcxfthpXC8qL c7juHx0YOPoxglGBrpWFrOMXvhgmehOICMktfQcTsOxoa4K/f3x8fHx8fM6F1t4kFEdLbKFR yiV3yYekTHsSIzwPphi+QPf5NSfbQpXWpKVn8vrsubXeQHUZX6CfgaVLl/LZZ5/9rw2jPLMx AcYbz6W14LXnnmDWOx/haHCrC+l/681sTj5E6pHDHDy4j/69evPim0vIzcqlSip2rP6K1m26 kVZQjJKuZ/gW7edxaoro1K4lg4eNIKI1rgYtJa6wUf8/e+8ZJVWV7v//X/3WvXfduXfGNIZh dEwTdRxn1DHrjDniCCoIioGgjgqYxVEkSVDEQJIMEgwYBxQF8yCOgJJTk2PTdKquOufsvZ9n f/4vzqnuRltUUIHL/qz1Xb26u7rq1OldVee7nxSvpVKVEU8/ws8P/TUfLl6fpr4n1Qx+rDv/ 9ZN9WbxyLU916sQ+BxzP3LXr8C5ixdyPOHz/X/Dok+NxrkBF2Toe6nQfp518Kvv/9EBuuKEd m8vKuPeuv3PYwYczcsxEXnnjFV59/SXefOVlFqwpZfqHL3Pgf+5Fh0eGYCTB22qub3Upezc6 k/krVhPHlVx1ytFc2rwd60WxcY7ERDxyz/Vce9vjFJyiNs+a5XP53a9/yY/++7/50X/8P378 H/8f//Uf/8H/+6//Ya/9GzFv6Uoi8dx2S0sOP+oENjjFmgJrl83gsEMO5qF+Y3DJRh558O8c ePDBzFqynMQpVRXLOeznB3LGJbeTMw7vPKOH9OBHPz6U/i++xZJ/vcHeP96LARNexUiEsZaZ 08Zz0AGHMu6NfzP1hSf4yd6H8sS4qeBzJArTxo9i7x/9mN4vvoe1BrEVjH7mKf73v3/CA916 UymKcwnzZ7zNLw46gLMvbsKz4yfw4uj+/HS/H/OP3v/EJpaP33mWvfc+mDemfYT1jurKUi7+ 8++5+OYHqYrKaXvl6fzxhEt56Y1/k7cxklTzyvMD2ft/9mfo5A9Y/P4L7LNfI0ZP/Ri0hurN a/jrH37HBVffQ1581uld8SHHHaibg14oFDj77LOpqakJO7eBQCAQCHwDPOlEH+88IkLscywd M4q3HuweRpYGvjGqaT+gxYsX07NnT6zd1sjiPYNg0BugpqaGmpqaHX5z0SwVnWwet5eEoY91 pUuvvuTFU7lpFa2ubs4VLa6j2VVXctVVTfjNYUdywilXcvcd91OexEweP5w/nXAOa8pzqLja dHnvFW8q6PrQvey1z7688c775OIEa2Kqqiv47OO3WLmlnLdeGcP++/+Msa9OJU4SqrdspM01 zWl05FGs31xG/073sO8BxzFvzXq8Myyf+zGH738ojz05jsgaSlasoLqqilxlBS+OH8uB++zD sBFjGTd2KAfu14gXJ75NIYkxUcLq5UvZnI+Z8eFrHPCfe3Fnj4FYsXhbw/WtGrN3o1NYuGI1 sami5dkncsZZl7C+poY4MVRt2cgxv/klgydMSudnuhrGjxjEzw44gL/f1p77Oz3AP/7xD+6/ 71463n4b++y9L/2HjqLKKvd0uJFGh/6WZZvLSfJ53nvzBX6630/5xxOjsGYLT3S7hwMOOIh3 ZsykYC3lFas4/OBGnHFRO2qMxTtl1JCe/NePD2XAxLdZv3Q2h/zsQO7t9hhRUk1NFDG6XxcO +NkRvDNrKW+/PJCf7H0Ij4+bCj6PU+GtCSP53x/9mD4vvIdN8rz3zmROOelEWl5zIyvWbqDG WoyJeHZIP/b67/9i0MhnKSQJM6a9xj57/Yj7e75C4pR/fzCRvX+yHxNeep3IGsorSjnvz7/n kps6kbc19P7HTfys0a+4675u5KICUb6Khx7oyE/3P5z35i9l/rsvsO++BzHm7emoRlRtXseZ fziKi66+K61BL2ZaBIMOpDv/1lqcc6xZswbn3B6/axsIBAKBwDfBi08bC2vaWLjgY6RiE/HG TbWb3cGkB76OokGP45jKysqwdggGvUGKo5d2PIJebBKnaZ2OS5gxeQL3/KMb1c7jTIxK2qxN JSGJK7nissYMGjEFsZ7ExQzu15ULmlxPzqTzzIsdwb23qFRTWbGOk045kcOOOIKrr2lJ1y4P 0axZCw5v1IhX33qfjRtKOOOUU/jDsSfyjwfu49ILL+Cgg35O/3ETiWzM053u5Kf7/575a9aj zrF07qcc+tND6fvUGMrKyznn7LO5omlTenTtwjVXN+eQRj9j4mtvki+UcebpZ3LooUfx4IMP cN+d93DsMccwY9YiPv7wTfb7z725t8fjOFG8i7ju2svZp9GxLFm+Cqd5+tzXkf322o/mV13F c6++xacfTmG//Q5n1oJliDiiqo1c2fhCTj/9DMprChiFREHFIEk1TRpfzF/Ou4S1uYgpr47k p/sexDkXXsJ9d93PsUf/jr322ocHnxyBdXk+ees1fvWLQznp9DPo/fTTlKxdweG/OJi/XHgN hSTBO8OoZx7lv358CM9MnEKSr+T6a5tz+BG/5Y47/06bm2/j8EaNaH/vA5THCW+/NJS99m5E 33Fv4n3adG3ycyP4jx/tzeMT3qZi8zr++MdjOOSI33DPAz3o0rU7Xbs9zOQ33mTmx+9z5GGH ceLJp3PvfZ04/bg/sM///jcP9JpApLB65Rx+98sjOeZPx/Nw90f4bN48zjrpj1zW9m4il7Dw 8w/43S8P5+CfN+Kue+6h9Q03sP/+B3DbvY+QF8Nn77zCvvvuz4QpH2DVUb55E6ceezQXN+uI EYtqNr/eBYMO1G7CFdOp9vQPhEAgEAgEvile0uvbxINTEKckYrDe1n62BgLfhC9ei+3pY2+D Qf8eqTPoafMDEUf1hmXc2LodpbkYK9kYN+/AO4ytYeyooXz86WKcpA3k7rvzFvqPfpFY0mZz kI7rwjtE0nrz6lw5b775Tx7v15fOnTszYOAgPvzwI6oKMWIT1q9eyZgxY+ny8EM8+cSTfPDh DHLOYcXw8ZTX6da5H2sryhFr2LJpDY/36MNHn3xGnN/CnJn/YtTwIXTp1o0+TzzFhzNnkzcG 1XLWrF7G8xMn8nDX+3isd3fenPYGFeU1rFqxjJ6dezP5g/cxxuGs4aWJz9Kl7yDKysqxvoao soJXXnyBHv94kFfffIdBj3XjxNMak4vzGGNYu2IRfXt1Z+q77xNZwanWjlFTV2D+3Nl07/ko ny1dhYvLmPrGJLp17czQZ0Yy89Pp9H60L5M+mol1BhdVM+uTj+nVpzcDR45iQ8UW+vXqwsBn J2JMOkN89ox/0bnr43z8+UKMcVSVb2DyP1+nZ68u9Or9KJMmTaIyn8eKZen8mXTu2oN3Zi9A JR1Vt3DODLp0781Hs5eQq9jM4088RuduPencpQ9dunSlS5eH+Ocbb2FMwuezZ/HUk0/Sr98T LFswl17dujD5nU+JRBEpMPfzf/PoE0/xSM9eLFlRwsgh/Rn18htYZxGbsHjBx7z+2gS6de9J n169eHPKu1QkBussG1YsoVuPR5i1YCmJKDW5Kp55ui/Dx72JSAFRiD2oCx+agUAgEAgEtp9i yaXLxvX6gkesJ8QAAoEdIxj07xUFb/HeYj0YEdTVcMP11/Pu9E8xCiKKV5s1kTOIi7AiWLHE FWu4/467WLi+PPvbpHaetlfBisOJy/4uQcVlGwEW4xQrHnWKNwkiDuMs6hRxihWLU4t1FjVK QQ3WJYgUsCaPlUJq6EyEswlO0vFtRi3GOlSqURth1WE1j0hCQQvYRDHGIJEn1qj275wrUJ2l ExvNIXFaK6/GYGzMh9Mm8+Ir03BSSGeN2whnYmKn2UaGq23epSpYa7DOYZxDtYDYAioR1grW FbDOkjiPisW5CCcGVSUSocYavKkgp4I4QSSPGotzipEEIx51NaiJcFKDswYjinGCiMWJxbiY RBLUedQZrCtgnMPa9DYiUWqoxWfNL2yaBeAE5yxiY5xz6bx7cSQuwjqDiMFJQiyCdXEa9XYF CuKwJsJaj0olTnM48ahLUKcUJJeeD2uxIiROiJ3gbIxzEQXrcK4GpxB5UBfqewKBQCAQCGw/ 1oOIx4lPN/9NatBDFV0gsGMEg94Am0o3s3FT6bfu2v4lvIA3eG9JPCSqiMQMGjSANu1upWBd 1ineZbuPDhGLFYPVhNkfTqHbQ92oUbDi0hnWtQZdcQpOFLEJXl02RxBUTZZq5PHi01mU6nCq 6YaAk6yTtyVW8FZJ1GDFohrjbB6nhew4QFQQSVAp4KUGtYI6g9r0Po2mNfaxTxDjscYhRrE+ j6rFZg3SIhXEOawvIFYRNYgxqMulhtaks+KtgjiDqmAke75i8JqabPFgJU2F8S7BaoJKgrgC VgTRBBWLt4qKw0mCU5vWG4sSOcG7KmIVnPOoj9M0LZs+T6ugEqEuHfWmLsGopk32xGYfSBFo HnUeyUaMiLOotThxeE3wavE+3WEWD0ZTWWdRlyCi2f9d8VqNuggVS+JSM+9shHEWr0m6Nlyc mnLN43ycbsBIjFrFaQXWOqz49Bw4wYrgbISIITaC1o+gSzDoRXz2P/h8zlxcSMcLBAKBQOAb Yb0i1mOtJ+cV44VoYym5FSvTMcNhpGvgW5AvRKxZu25nH8YuQTDoDTB89DiGjBxTa4Rh++ag fxWVlZV88sknGGO+sr5CRNiwYQMlJSV7dA1GIPB94n1aMxdbx+l/OZeaQpyORwy7/4FAIBAI bBsvOK+IE5x3GA9rhg/h8/bt8VmmZto36bu9jg7s/tStBa0debtgyTK69+wT+gERDHqDjHh2 PENHjU3fTL4Hg15shGCt/coFWGyQEMZUBALfH96nZSaJE8469yLyURLMeSAQCAQC3wDvhcgr 6hxeDKKwbMxA/t3xtmDQA9vkiwZdVFm4pIRHej8WDDrBoDfIyGfHM2z02AYj6PUXzPZ2p/wm HeLDiIFA4PunOGEhto6/nnMR+ShGxQeTHggEAoHA1+BViTw4tTiN8NazZvhAPmt/G94Fgx7Y mvq+pkGDvrSEHr0ere3mvicTDHoDjMwi6JI1JIPMnPutxzLV/xoIBHY/0s0yIR9bzjr3Iqpr IlTCxlggEAgEAl+Hd0qskPeGgi/gI8+GQUOZe3sHvE0Q71AvwaDv4dQfoVZf2W8RcTgR5i9e Ss8+fWszjPfka7Fg0Btg8PBRDBgyHCeCSp1Bl2yx1I+A7+k7PIHA7oyqoqIUEstxfz6Vqlwe Z11t5kwgEAgEAoGG8ZIadOMtVmLUeOY9O4Z377obbw3iHT4Y9D2eYllv/eCm1F5nFcdRK3MX LqZz1+57/Ax0CAa9QcorqymrqEwNehZF12zxOIWFS0oY9ex4ojipNfCBQGD3w3tQURJrWbZi VTZCUINBDwQCgUDgG5AoqAhOHHmFysotFNauwksxeq61ZWPBoO95aJa+LqpMmvwm73/4Mfko wWVd/lXTay4P5OOEjaWbQ/CTYNAbpH4XZ+8VyWaOl1dV8crkt2l9yx20u+1uosSgIuFiPhDY rdEGFAgEAoFAYNsoXiSNgGYN40TDJJTAl1EPTw8cwpUtb6Tv00NZWLKSxNl0hHGxLj1M0akl GPQGSS/SPem87dg63nz7Xdre0oGrrm3DFS1bc3OH+ygkJkTbAoFAIBAIBAJ7Ht6hPkJ8gleL Nw4vQtjoDtTHA+LhqYFDaHr1DTRt0Ybm193CsJHjqMwV0k0dIARJ6ggGvQFEFSuCFeXDjz/l 7k5dueLq1jS9+kaatLiBy1vcyM0d76cmMYhobV1NUFDQ7iX14BSs+LQJpAfR9Oc7+9iCgoKC goJ2ZRXLQGOfloCq9RgF49PPUidaa76C9lyJglV4YuBQmrZoTZMWbWnaoh1XXN2am267mzET JlKZyyNZqvue3iAOgkFvkMgYNm2p5JkRz9Li+pto0vxGml7dhitatqNpy9Y0admGtu3vp7Si hqrqGqpzNeTyhaCgoN1MVTUFKmoKbKnOU11IqKgpUF5dQ1U+2unHFhQUFBQUtCurpiaikEuo yBvKCgmVhYRcdQ25qhzV+QK5QpR+DdpjVZ0vUF6Voyof8diTg2jasjWXt2hLkxY30fTqtqlh b9aKTg91Z9GyFeTyhWDQCQa9QUaMnkCHux/imhtu5YqWbWjasg1NW7alacs2NGnZhstbtqVF 6/YMGDqGYSNGM2ToCAYNGR4UFLS7adgoBo94lv5DRnJh46Y8OXg4z4wax6Dwmg4KCgoKCtqm Bg4dzpBnRjFk8LM8OWwUg0cNY2CHO3noujYMGjKMwUNHMDh8nu7RGjx0BM8MT6+1/n7H/TRt 2ZbLW7Tjby3acXmL1qnHatGaJs1v4O4HutGtRx+ccwB7tEkPBr0Bho1+jqGjX2DZynU8MWAY 19xwS23kvEnLNvytRRtuuqMT1bFBtC4lNigoaPeSUyURT8EJZ5x3CZVRgpEsVW8XOL6goKCg oKBdVYnXdOKRS8tCE82zbNgg3rm7E8Zm3bv91uVjQXuWRNN+XkaUfgOG0qRFa5q0aMflLdvR pEVrmrVqw/0PdeOjGZ8xZ8Eyuvd8rHbMWjDoga0YPnYCQ0aPTdv/O0NJyQrufqArza6/hSYt b6TptW1p2/4e8sbUm+MXCAR2N7ymozwKTjjzgsuojpOs6WN4XQcCgUAgsC3EgxqDU4MYT6Sw etSTzL29I94o4iS9jSd06N5DKf7fVeGpAUNo0uw6mrZozZXX3kTrmzvy3nsf4EyMqjB/yTIe 6fPYHm/OYTc06Ovu7Mbq6zp+r3rnL02YdublrG7VkdWtOrCqVUcWN7+VyadcwujfnMzo353K C8eexfJr27Oq1fd7LEFBQd+jstfv8lYdGHLEcZRc0772Z0FBQUFBQUFfrVXXdWT1tR1Y2aoD q67tmF4vn3kxc479C6uv7ciqVh1YVbxdq47h83VPVKs6vXXapTz721MZ/ZtTGHfU6cxp0ppV 13Zg1bXptdfcpm2YdNJFrG6VrqUdWS9Vr729sy3rDrHbGfRFR5/B3IOODAoKCgoKCgoKCgoK CgraSpt6PL2zLesOEQx6UFBQUFBQUFBQUFBQ0P8JBYP+AxMMelBQUFBQUFBQUFBQUFBDCgb9 B+aLBn3R0WdQcn6L71TLzm/B0uzrsvOv/o7u92qWZWrodyXf2eMEBQVtj5adV3yN7vxjCQoK CgoK2h209PwWlJxX/Ho1i8+vu4be2ccWtHtp2fnbv27mHfzbYNB3Jl806Bs7P/6dP4ZVSCQd D6GSdnn2mb4Nxb/xXlEvtfI+7RLtVTK5VF6/MJ5AUO/4rjpK1z5O7ePKd3bf6QNIwwoEdlFU FRHBGIMxBucszjlEwroNBAKBQGCbeCHxglqP8YI3CbFYxAmqDtW6z9LQwT1Qn9QfFTu8C6pC Ium4vmIX92/TyX3hb04JBn1n8kMY9A2by1i9sRTjpPbNZbsMutc6k15PWmvKpd5IpwZu6wXv v0sTXe+xtjLp3xX6FQoEdk1UFecczjk+++xzkNxXBgAAIABJREFUrE0NeiAQCAQCga9DMV5x zpN4wScFonWrqSpZGQx6YJvUGnRVVAXrLOW5GlauWVtrzINB3434IQz62OdeZNS45xAlM9Db a9CziDnpIhSn2WKs21lUTY15OiNSszezzNjWRqC3XqDFqN9XPm7xqzi8pBH4YlReVLMIPt+5 QS8eV/1dr+96juGePhcx8N1SXKuRsZx/cWNy+QJhUykQCAQCgW+G84pVJfGKTwosnTCKdx/o jBiDitQLOu3sIw3sStStiTRoKKosWracPo8/gbU2RNB39gF8W34Igz7y2QkMGzU2XTw7YNDV u1qDruJR6xAbk5gEUcVlafTF+3ZiUDWImMzApyZeZGsVU3CLqm+MRQTj0oXuJcG7BFWHU4id YDV9zOwIv1OD7mwaiRRXPE5B5LsxO8UXakg9Dny3pOszdsJfz7+UXJQQMj8CgUAgEPh6itme Vh1GwTvD6pH9mdX+Lrx1qLjaAFExnTkQgHqeyqfZxKKwcEkJj/R+7FubcwgGfaez2xp0J6iL qNiygvmL5xM5xSpYydLdxbBh3UpWrVpKaek6pk19i2lT32ba1KlMmzaNadOmMXXqVN566y1W rFjBu+++y9Tsd1OnTq3VtGnTWLBoCdW5Gj58bxrvTn2TaVPfYsrUd5gx63OqCjGJSzcF0hfF d5POKyLMmjWL8i0VxLFh9uzPWLBgIc59d4b6i9H5QGBHKW5QFZxw5gWNqY6TemUngUAgEAgE vgrxoOoQtRjnsR7WPPs0C2/viDcOcS69TTDogS9Q9CF4B17qGfS+waATDHqDjBozlpFjxqZR 6HoL5FsbdBXEO6yCN0IiBd6fNJou3XuSU3CqiCiqFpUco/s/ytNDhjJ//ud079qZ7l26cftN 1/Pznx/GbXfcRY8e3ejSrRsfvP8uXbs+zCOPPEKPrg9x2MGHcfPfO9Cjeze6duvCm29PYfG8 eZxy4ul07f4w3Xt04eEuPbjqb1dw2eXNWFdahfMOr3VpJeoBL7WNGoqN7IDsGIsyaJaK77Pz 49USRwUuu+h8Pv18ATX5PHfdfiePP/kUzgnWOUQc3ilOBVUQnzasKzaRS9P+bVq3nzWMcJKd H1G8GqrKNzD4mVHkCwmS1fF/RwH6wB6KqmCspWAdZ55zCdVRUq/MJBAIBAKBwFchHqxaxMY4 o+Q9rB/Rn4W334E3DpU0MqoeQmwl8GXScl4Rh6iycPESevZ+tDYg920IBn0n84PUoI8dy+jR o3e4WZT34NRSUMXHSrVEvDzkEbr36EONT42vF0XUolrBo/f8nSfHv4hTi4rBJMqHbzzHkb86 ibnLV6NqsB5U4tQoq0NypRx60JHMnFeCikG8oBqx4JPpnH3RNVR7g/UFjBFym9dx2il/pnP3 p0k0yha/Yp3DiCCSdrEW57DW4ZzFWoNzkr7JisO5CCcW7x3qBJdYVBJyVVu44PTj+WzpGhKX YHIJNVlnbOsssU3wUULsHIlxGEkQl+C9wznB2xivCVYUsQ5RQ+IcxipiLSo1bFz5Oddc35HK 6oSCsXgxWAnbsYHtR7MNqii2nHveJeTyUbr548OVRCAQCAQC20IVIm9QU0ATxxYPa54ZzKcd 78EbwbsskEMWRd/ZBxzYJSmWsC5YsIDevXtvVzlrMOg7mR/CoDvnars570jNs/cgaolU8MZR 0BxP97iVXo89QSHbTfSSNm1ztoxbrmvOsElTiNXhfIJxyusvjuKY4y5k7eYqVFKD7jVG1GCd Idqylp/uczjL11fWGnSvETPfmUzztveS94L4CCseH+W45+5buKrlrSSST980s8h5xZbNrFy1 lo0bNvHe+9OpqsqjErFxwypenjiR99//iMrqArFTvEaINSxdupQXX5zIp5/OZOP61Zz0h99S sm4j1kasWLiANRXVJCaiZPHnbC6vYsXS+bw/Yx5JUkMSR0yfPp2xY59jzrx5GGuRbBPAxDHz 5s9k3HNj+NeMf1MoRKxbX8LU18dw1bW3MHPWXFZv2Ii6CBd8VGAH8F4RFZwIn/x7drpZZe3O PqxAIBAIBHZ5vPM4dThJcE7Y4CG3oYSKhXNTc+4kTW0nGPTAtlFVampqWLZsWe2EnW9DMOg7 mR/CoG/P/L2G8OJRdVhNG7vFUsaDt7fggS69WLBsOUuXLmXJ0hJKlpewZM6HXHL+hbz27sc4 6/CaIOJ4ccRTnHrmVZTXWNQlGA/exzhvEHWUrVnCAfscTmmVrTXo4gq8OX4A9/XsT14V1QgR ZfP6tRx3/B95avB4RHPp5oAq4mLGDH2K0866lHvu6sTosc9TVVnBU0/04dprmvP8c2N58smn afy3ZqzdXI4zW3jo/s7ccGNrnnvhOYYNHs6t7a7n8EOPYNOWLZSXruf0E/7EyFemUrpxFWee eDJNmrflkd7deGPah6xfvZDzz7uUXo/25ZWXJnH3vXdw0223ERvHpnWLubr5dTzwwD28OHE8 Tz79FJ27duX9j6bx4N3tOO+SKxk2fBQffzoTlYgQQA/sKLWvdV/XaDEQCAQCgcC28c5jVTDq 8M6TKMRqUWfqjdAKEfTAN2NHJkAFg76T+SEM+ndF0aA7EYyzONlC2ysu4vhTzuKyv13OZZdd xmWX/Y3GjRtz1SXnctjBv+ad6Z+naUGaoM4w7LGHObdJO3LG1Rl0LRp0Yfm8T2jU6CgqY19n 0CVizOP3c0nzNjzefzADnuhLn0cf49Y27Xi464NsqY5RX43PajyMrWHYUz248IobyeXyWFE2 rPiMG1pdzep1a4jjHHFc4KHO3Xl3+mxWl8zmD0f9mSXLl2MlQhPl+TEDOfgXx1BZnaN0zQpO O+EPvPrRHDauW8qff388o56bRGwKJDbP6Gce5f6H+1BVU8AWLBXla7mq1bUUIscjD3bgzydf QFVNFaIx1hnyUYSTiFfGD6BjpwcxzmU19HEw6IEdpphFUmxUEprYBAKBQCDw9aSlnIrzmkXM fTqi2NdNKKqvQOD7Ihj0ncxuZdBVEE1rtWPncKaSC44/kQmTPgCyRmia7hRVbVrKr488ipkL SvDWIZpgNebRBztw7Z1dqJHUoH+xBn3W+29yzPHnknd+qwh6j/ZX0HvQGBauWM3KksWUrFpJ dWUlViqJncf7ylqDHkueAb3uYtCLb5KYGqwYpr8+jOOPPY42f+/ITTe14e83taFx48a8/e5H vP/OS1zV9GZySYTVAhopC/79T355zKUUTMKqxfM49bjf8dGS9axYMovzz76QBas3YgsGNWXc en0TGl97Czfd0p7bW99J+5uv5+yLL6J8c55mF5zFw73HEStYsai4LKMg5pknutPp4Z71DHqI oAd2nNSgG/AJeBsMeiAQCAQC34DiLGuvCt7gNcGLr42Y145YIxj0wPdLMOg7mR/CoG8s3czG 0s1pWs4OpLmr2tSgW00bp+U386ffHMeUD2aj4hAVrCjOGjavms/BjX7LgjUbEJtgxWC0kofu uZ17ew+gkHU5F1W0OCddLO9MfpW/nt+UKIvWq7eIzdG+1eW8POUDYlVEEqyk4y6cpPXo+GIN umJdDT3uu4k3PpqBcWm0+uPJI2lz403kjGCcQSTGJHmsM7w/7TWubHIDVVEBIxGaJHwwaQzH nnEtiYuZP+tj/vT7o5m3ejNL53/MhRdcydotlagxqN1I+5uu5a3Zi4hNgkQOa8uoMRFRTQ3N Lz6bB3oMIRJPUpypbgV1BR6+/2Ye6d2PxDqMWrxGuODQAztAsQ+DqqOiqjybqKDBpAcCgUAg 8DWkZWEe7wRxCU4SoriapGoLIoJ4RetF0wOBhiiWQRjnyNXkQ4o7waA3yJCRY3hmxGisCJrV o27Pm4v3cZZy7vGuQK56HUcceRSfzp6XRtd9NkPSxiz9fDo/P+j3rCmvwrk8Pnagm7jz9vYM HPEcsScd+yaajSkDtQmvTJxIi2uvJ1HSBnLekMSVXNGkKe999AlG03nsXr662YImFdza9kYW LliU1uO6iE1r5nN18yuZMXMWuXyBLVsqWLKkhKhQYOWSuRxz1O+YMeszKvN5Nm1cy21trufC Zrcikmf6+29x7PFnsGFzBfNnv0/Ta26nrCZBNUZcjrGjR3LDjTdTurmMmqSStWVrmb9oBWoi uj94OyeceCqr12+kMpdn5Zq1lFdUIlLDw53a8MB9D7GlIqLgEpzGiA1v+YEdIW1EEjuhRasb yOULyDZeK4FAIBAIBFK8CgVVEnVYsUjsWf7aROb06o63STpS19c1igtXbIEidWsh64clwtIV q+g/aEgYs0Yw6A0ycuwEho8Zl0Wrt9+g4xPUS1qP4yLKNq3k2ONOZvGylencb086H1IMH7/3 Jn/4w5mUVecRiVAjiCvjjg4defGf04gVnNQZdPWgzvLihAncdc/9WA/OA95Skyuj2VXNmPnZ PJzPDLp+deMrSSppfcN1rFm3Pk25F4faAm+99Sp/u/wimjVrRtOmV9Ppge5UVkZIUs1rr07k 3Asu4srmLbm5bVse7nQft9zbE5EC77z9Ty5p3IyKqhrm/Hsatz3YmS2JSTc8bEyuvIz777iD xpf+jRbXNKfJVU0Y/9xrqHPkqtbxVP8BXHTxpTRvcQ2trr+RBYuWYFyBdStn06JZK5peeQNL VqzASoyzoY17YEdQjDHE1vGXc86nJoqzJnFhXQUCgUAgsC28VyIPRiyJRljnWTX8GWa3b4+a 1KBrMOiBBqhv0FXSaToLFi/lkd6PbdeY62DQdzI/hEEfMWYcQ0eNTQ267ohBd6hXxIMXi4nz zJ2/kEIcA2k6h2Tdo3MVpSyYvwjjHCoG7xSRGlatWUVZVQ1Oswh6dhDq0xr2ss2bWb9hQ200 Hi84W2DZshJqChHiFe/tNlP1VSKWr1hGZAwu2zTwoqhLyFWVs2D+fNauXU9shMR5VCLwhnXr 1zN33nyS2FBWupmS9aV4jamsLGVpyUqMceSqN7Fy42oSSTMJ1CnOJlhXzeqVq1i4YB4VVVVY 59Pfi0WcYfXqVcxfsIDK6hxWFacWcdVUbKlk7rzFFJK0gZxIMFKB7cdnozwia/nrORekrxmR 2td9IBAIBAKBhlGv6TVjZPA2T+Jh+eiBzOxwO94ZnLchgh5okK0MutY36I+GCDrBoDfIqLHP ZQadWmO7XSnuqqgXXDa+yUv6RqYN3ZGXOhOddZPGZzXnPq0VB+rVxir1o3xb3aV3dbfN7mfb tfTp/fusVkg1a/ohPpUv3sbhvcF7yY5X6tXwgorH+7QOXn2xcYjFi0lHukna3dN6IfFxek6y 26lS97haF8GsazSSbmSkx5HetnjeAoHtRTV9bRaM5ZwLL8kMugsGPRAIBAKBr0WJswh6rBHO etYOfYYFHe5AxWLVZNeXwaAHtqbBCPqSZfTs0zftX/AtTXow6DuZH6oGfdCwkVgnSJZmsV0G vTgHPTPa3vm0xtt/ecGlnTCLBj011UUzire1RrRoaNNxUF+xcOvdNjX72+5MXdeB02bdrF36 2Fo04ml9iBfBS1o77wGvLjXgxSwBV7chUezsqapolpbvSY21ZNkA9U15epwu/RvPF2pTJDNS xXPj6p2HUC8c2H5UBOcc+dhw6plnUZ0v4JytLW0JBAKBQCDQMF6ESJXYOxIx+MSzdOQIPurY IY2ga4igBxrmi9f5zqUR9Ie79ggRdIJBb5DFy5azaNlyXG2TuDRaXTSdW7N1JLs+PktDF++y CLrPosZfvn0acS5GiOui3nXmtZ7phlqDXvut1u88rVsbWO/Y1jrf+ram3uaAxXtDcTa0F5/O uKw16FJr0LXWoGuaVl98/lnqvRSj4NTdj9a7XfFx06yDuiyD9DHSGnqfPe+iQU9vEAx6YEfI msQZy8uvTSKxLvtQCKUTgUAgEAhsizTymUVAjSUxnsoVCyj95MN0WpF3IYIe+FpEHCLK5vJK Zs+ZF7q4Ewz6V5ClUzck6hla2OrngUAgEAgEAoHAnkBaFplmiDqFOAtMbasxcSDwfRAM+k7m BzPoDclLWodNfZMeom2BQCAQCAQCgT0LDxgPIoq3iorPmhrv7CML7GkEg76T+SEMuqrWauvv BaeWyCQsK1mBNW670jACgcCuQ0Ov90AgEAgEAtvGiydWsCp4azEq5Iud3UW3alAcUtwD26L+ dRiQjbz95gSDvpP5oQy6c662i6CI4pyQOMfqjZvo0r0PHe/sRFRIEPftGxkEAoFdA1VFRDDG oKpYa7/0IREIBAKBQODLeOdJFIx41AllPkKTPJKLs+k9WQo81PYvCgS+SJ3fShv3Fq/NQhf3 3YgfwqA//9zzTJjwPOLSBeKsUF2dY8rU97jx5rtp2qwNt97eiTgy9ZrIBQKB3Y3iB0AcxzRp 0oRcLhcMeiAQCAQC3wAvQqyKdR5nlSqfZ/XYscx4qCfeCipaOy7XBYMe+AqK110lJSX079+/ 1qx/G4JB38lsv0FvuFa8doSYFlNxlFGjxjJixLM4UYwVps+YSZt2t9GsZRuatriJK1rezM3t OxEl6XxHFffVTeWCgoJ2XaE4ERJrOf+ii6muyWemfRc4tqCgoKCgoF1YqpbYW8QpajyVvpo1 z/Rn5m13o3GCdxZVh/eCesmmFAUFSTalKe3vpWoRZ1m8eDG9e/epDZ6ECPpuxPYZdKX+qDIA 70GyNIp0FrJFxGGtZcTIcQwbOZ5PZ8/lgc7dueqaG2l6dWuuaNGOpi3a0LRlG27qcD9VhRgn gqhDVIOCgnYzWXEk1lGwjjPOvoDqQrzTjykoKCgoKGh3kBNFnGBFcc5TrQnrBw9h9u33oUla KupUa7Wzjzdo15NTwalgVZi3cAk9ej22XZmMwaDvZLbfoG9tzr0HJ0rplnLe+/Ajnpv4MmMn vMD45yfS6aEe3HFvZ5q3asOV19xA0xY30KRFW5pc3bbWoLe48Vb69R/M0/3706//IB4fOCIo KGg3U78BQ3hq4BD6DRzGJVe0pN+AofR7ehD9Bgzd6ccWFBQUFBS0K+vJ/iMY1m84A58cyZNP j+b+scPp/kAHerRqy5P9h9N3wDAeGzSCxwaNoO8ucLxBu576DhxO38HDeXTgcDr3GUjXno8H g84eY9DrUM3MuXW8+vpk7n3gId7/1wxqEoNVsArDR09g8LCxvPTPN7nxlvY0aXE9TVq0oWmL tjRt0ZqmLdtyU4f7ycUJTgTjXO3fBgUF7T5KnBI7JWccp559EZurC8ROsaI7/diCgoKCgoJ2 ZdUoVHqoVCUynlyNY87oF3j53q4kiSN2SiRZI7ld4HiDdiGJx4rHKCQKkShzFi6le89Ht6th bzDoO5kdMejeg4onn4+YPGkKQ4aOYMOmzSRWEE07TIqH2XPmM+PTz0mcMG/RYno//hTXtr6V Js2vp2mLNjRp0YabO95PPjGo13q1FEFBQbuTpF6Ke/8hI8gnFis7/7iCgoKCgoJ2dTlRTKLE ajHOoYlQNnsOq979AHUWVVtbe76zjzVo1xTe4b3FiWVTaRnvvvdhbYO4YNB3I7bXoBfT2sUp Lzz/MiOGj8Ektl6nwLpFUNfm3+HEElvLv2fN4aGuvbmq1U00adGGdu3v+4JBd0FBQbuZ1Bmc MyTGkliHdQ5xBnVmpx9bUFBQUFDQriyrgliPeIN1FmOFUk2INEHVoT6V9zv/WIN2NQlpkziH SIJ1Ju1pIL42eh4M+m7E9hh0D2mEXJSFixYzbvwEClGMFOczqlLX5T1rWiCCk9Sgp43klHw+ 4l8zZnLnPZ24tf0dRHHyrccABAKBXQdVQcUhzuKcxVmDOBte14FAIBAIfA2iinEeJ4q1gk8s YhUjivi6RmBhvFqgIbwvejQhcS5dN5kxD3PQdzO2N4LuxFOTL9CjZ2+Wr1iJ3cY/3oqmC8U5 nDigXgRehA0bNjBp0iSMMd96AQUCgV0HEcHa1Jxba7KvdmcfViAQCAQCuzzeK6Jp+agTRWya lWZFUnMeNrsD28BnOzfqBSsOK4pxUmvQvw3BoO9kdiSCPnf+Aia+9ArG2tooeUMYp0QmrUVV /2WDXndR77ar02AgENg1KL5+E2OIkyR9X3AuXFQEAoFAIPA1eA/eeqyHggo1kqBJDo2i7Zpl HdizSA264sSSOEvihNjY7Qp+BoO+k9keg64K1inPv/AS69avx4mgWepNQ7w+aQoTX/lnmmbh 0/r0okGvXxcRoueBwO6Nz17LsXVc3/omaqIYLdZFBQKBQCAQ+Eq8B288iVeMeKw4Vk56jU+e Hoy69Dq5mOLuQ5574AsUDbr3ghWhZOVqho0YXRsMDSnuuxHba9DXrd9I7z59KURx+kaRqSFG jZnA8FHjUE9tE7hAIPB/j6IRj5zw1/MvJRcl1PWjCAQCgUAg8FWoBzWCVYezHnWetUMHMav9 3XirqJPsWrouEzUQ2AovtaUSi5aU8Eivx8IcdPYQgy6ivPTKa4wb/3zdTh7bMujPMXzk+OxN JR0BEEx6IPB/D6/p67rghDMvaEx1nNRrGhkIBAKBQOCrEA9qHE4tYjyxwppRTzD39g54o4iT 9DbBoAcawhfHrEk9g943GHT2EINunKN33ydYuGhJ2rXd67YN+qhxjBw1HmsF1aJBt+nXb4GH bJSAQTV9k/Je8a6KWIRYLM4lJKqoWkQtai1GPKIFjLVYMdnjp8dQ9waXdp/33iA+QZyi1qNq cd7h1eLFIl6xHrQ41oDsjVIl3bUCIg/eZQ3vxOKU9HjEYEURsdn3gvcRvpj2Lz5V1oXR13sD Tr9Psw9EFZUENI9zgnXpeKv0+XxhdzX7/2x1Hj21nUBVDOps2oHfK14TvBhUHUaV4uvZe5d2 6M6yINL/Q12alde0f4AUf+9dvZF5WdMTFVTSc5um2rh0GoBPEE2/d87VHr96EJ+tr+z+NSuL KI6TKD7H9A2poXWYmkNPmvnhPXXnuLh+tK7kQrykM0bFI570flXq/r72Da7OdNb9b1zdh2W9 Uo6viiD72ueYqviz2r/xdWtKa5+UbmV408eO8JIes3WCy8axFNeNfmE9fZ+oCk6Emtjx13Ma k4vS16oPG3KBQCAQCGwT50Gd4DVBrVLmlTWj+zGnfXt8ImkEXbNrJP3q6+7AnojWeqv0WkxZ vHgpPXs+ul09voJB38lsj0HP5Qt0faQPFVVVqbnROrPQEM+OGc+okWNT07uDBl3V4iVKzZxP DUG+fAUz5q4l7yy5yk2UrN/Ehg1rWLV6DWtXrWbNulLipJrNW8pYuWYDXoqLOKln8lJDpd6i PkasoWJzBetLS4l9avi9TXAqGJ8dh9q0YV729z4zsDUKavNYVZwkJAqF6s2sXrOC8ijdJFBN cM7hfTXeW75o0Itm8kvnwAtOLJVb1jNsyGM8/8JkclGE2LjWoItPm/jVPa8vox6MOsRFqDOI KlYErzFvT3qRAQOHUZ6P8D4Bn5msLxj09HwVjWtqZIs7u6rpZoZXi6pgFKwYSjetYP36daxZ u5q161ayes0mNleUYqxDJJubnRnx9LlIZvQt3tc36Onj1xl0Q50hbvj51m5a1NsEUZ+NBszO vfMO8YJ3Hle7ESF1Jvcr3tx88RhrdzTqNhC+KnpcNOguU/Fn3pOZ8/Q1sq3Nr9R45/HOoWJw 4jCSzzbOqF2fP9Ruu4gjsZYkcZx77mXkakzt5ksgEAgEAoGvpnjto2rwzlPmlZLR/fn4jrvQ xOFFv7T5HgikFL1NWmvunLJg/iJ69UoN+rclGPSdzPYY9E2lZTz2ZH+sE1Tkaw360qXLWLhw MSJZm/9a8/HtompaG7lO0gh6Fknu2+0hHuwzlMgaXhk/nPMat6RPn9707v0Y3Xr1YtCT/Sgr LWXB/E95+OEeRNanUVJvtjLoJksJ8c6ybuU8/nzCsfzqqOOY8fkiYqeoNVkUN40Qp5Hpught +vyVOM4zelBfxr30WjZiTpj6wgh+85ujmPLpIowKohbnBO9r0MxYe23ojbfeY2Rm1EnCquUL +fUvD+Hc85tTkY9qG3EVzb3Wj8I2eC4VUYeLq3hxwrMMGzmKvEmzDtrdeBV77/ML1pRW430F +BpUtp67WTw2nxlo/UI0uljOkBp0xSnkaypp2vg8Dj3iV5x02mmcePJJnHD8aRz7+6O57rp2 LF+7ESuamjlvwRu8t/XMdV1EvrihUt+g1xnihp9v8f9V/xy7esbbi9RGs7342uelmWGuf/++ ntIfSJ3qn6ev2CCpfx5rH4Mvmuh6x/tVjwu12R1JXMbggQPo0v0B5i9aUXsfPqtHKt7/94mq YKwlSSwTJ75OFBmss1/K4ggEAoFAILA1XjyiaQ26N56cUyqWzWXN9I/wToNBD2yDrQ26OGFL WQWzZs4OY9bYQwx6yYqVvDp5SmqQv0EEPR2npvXSK7RBM/N1aBYx92qyxxZcVMk1VzbjX4uW 4Zxh4piB3HZfX5wkOCvUqEPiapy1JNEm7rnjPuaXbMKopMa4aLq8EHuHiEeThB6d7+R/9/pv DjjwUDp160dBfBrxztLTVR1OUzPpJclStUHFYeNKzj/lT1zRqg2xglNl6riBHHjgIUz69wJi EYwzOCuoRjiJ6+6zOOtSNcsQcIgYxFlUFBHFiSHOlzNvzofMX7yavM2izk5rI8TF8yOabqJo vfNfvH8RiyuUc02zJpx93vlUxQmJCCtLFvDJzHnkjOA1QlwBcekoPZ8dh1UQdYhEOHXEotji +ZEsy8BLlpoOVpSa6s2cdeqJnHDSuSxavppV61azZuUaBvTryr4/+Sk3d/xHukkgCSoRKkla VqCCyTZ3vMSoZCP7VLJ1JVlqvuAla6IixckAmqZ9i8nOcXqerbg0GyI7F14dXmKsSPp/FYc6 h/VgVPFq0tR/qeui6oppZuLwYtIMAknS9H3nURFE8mi9rIit1nO96QXF7ppeFZX0hsWZp2oF XywL8GAVbLFEQdPnKmpwdjM9u3XltDNAffVHAAAgAElEQVRP4Lnn305faz7d0MLbrSYmfF+j WlSLHwzZcxYfRqwFAoFAIPAN8M5jVUg0zeQTBeci1ERfylgNBj2wNZplJqdrRFVxVrLs5VCD vkcY9LnzFzDz83kYlxqLrzPo3xV1Udo07VecZePyz2l74x2sj2PEGCaOfop2dw0gMTFqDYlz iM1Mr1Tz0L130PPxwRRUEV8vXcgLsRe8WEz1Zo45+recff7Z3H/3HZx86llsiWxq3Fye8rK1 zF64mC351ES6qIL5i0tYtamMqooy5n72CWcefzQXNGnO7PkL2FBWxhtjB3DQQYcw6V+f88ms T3jt1YksL1lJJAnORlgbUVq6galTp/Di889TsrSESMFYS1zIsWThHNauWkkhipi/ZBmlmzaw dOksSlZtInKO9evWMn/ufOZ/Po8F8+Yzf958Pps7j3xiUFugbPMGpk17m1dfe52SlauxIpio hmXzZvC3S87hpNPO4KNZcyhZu4H1a9Ywf8kC8iKo9dgoYvWapbw6eQpvvjyR8tIyckaxatm8 qYR58+dQEVvmzpvHy+NGULJ8BVWaZRmoRbNNijhXyrmnnMypp11JLlaMOMQVWLfyXxx24ME0 adaOfOJQyRPntzDtrbd47aWXWbJkKdVWMc7gkwo2bljNy5Mn8+qk1yndXI6I4GyBBXPnUbpu I2tXreblFycy/V8zyNUUSJzHWYOaPBXlm5jy9hu89MrLrFq1isSldToqESuXfsa8eQupzBWY MuV1przyCuvLq8mrILYKNTmWLVvOyy+9xHsfTaesMkdsHDYp4KIcn3/2ORNfHs9H//qQKO9w 1lJTWMf8eYuII4u4ehF4r+lmjHPYxGDihLKyMkySEOXzRFGUbhZYQY0gUcKWsjIqcjXE4klE 0znjNo+zBSqjPOUVq9CC44n+9zBmwtR07KE34COsy7NlyxYqKqu+97nkW/VO+AHS6gOBQCAQ +L+Ad0qsaZmiiMcDTiEpZvt9QYHA90Uw6DuZb2vQVZVZn81h3qKlWeTx6yPo39WYpTqDnhlu F/PWc0N4sHMf1mslmsS8NOYJTvjrzdz895u4p+Ot/O28C+jRbzSxj/FiGTuwL2efd2VmuCWN uqrivcU6wdsKXntxMI1+8Vumz1nGioXvcfSvf8VjT4/CiENtFaNHDGD/X/yW9z6dh9oCVWWr aHTwEXR6uBezZnzIiaedwc/23YsDfn4IJ51yMsPHjuOfzw9nv3334/S/NuGqpo05/rhjaNTo CD78fC7ORLz03FgO+8XBnHbKSTRv0oRfHnoYzW+4jeqaiM2b1vPnY3/PySccz7F//CM/O+xX jHx2HH86/ve0bNWeKInp16sbp596Cmecegqnn3QiP/6fvTj08KMorczxyfS3+NOxv6PJ5Zdx 2d+u4GeNjmDwM6PJbSnlmssv4pCDfsq+BxzIcaeezT2d+3DXnbdy6JHHsKVgiaJS+vbuQqNG h3DWeRdzyVl/4deHHcndD/YglxQY8nQPDtx3P07+y4Vc3uRKzjrlBA44sBFPjXkVnzXj86TR 4Di3kfNPOYGTT76ANRu3sLmynNKNm3l2cB/22+sA7nmgD06UuZ9P59ijf8ufTzyVZle24LBD DqdHvyHk4wKTXxjBr444jHMuvpSLGl/Kkb/8Le9/8AGVFaX88vDDOe8vZ9P4oou5tkVLDjig ERdc2Jjy6gIuiZg+bQq/PeJQTj35RBo3bszPG/2c5s1bUV6Vw9oa2l53BUce+TvOPf9vNG9x BScefTSH/epYZi5eSpzfwL3tb+LII3/FFU2bcsZfz+Gv517Exs1lVJRt4rrmzTjyyN/QvEUT jvnD77no/OZUlFexcNF7HHbob1i+fF09g65ZLwHBJYa+PXtz4Tnn0rZtW1q2uJpLLjyf8RMm pB/KseXZocO58Mwzufmmdlx59bU0a9WWtaVbcCJ4qeTR3l0587zGtG3TmpuvvoUOd1/KuInv pY35pMCihTO59JLzuOHGG7nhxtZccMEFTJ8+/XuJoEOx90Hde0Mw6IFAIBAIfD1eldiDWk8i gvMJYrLmxPUUDHrgm7H9/isY9J3M9hj0z+bMZfHyVWkN+jcw6IlzJC5N366/UL7tm0tdQzJF VBAp8HT3B+nRqx8VPkZNxAvPDubk05tQunkzIjFzPp3JuWddzPzlK3EiTH5+DH847q+UlFZi nMVL2o282PFQ8us5809Hck27Dmw0Hok2cNuNLTjhtIv+f/bOO8qKKnvb88+31qzfmmBCwYTk HEdRVEQkqGDABDqACKgYRjFiwBEFJIMEJUdJKhgRRFERURAUaBpooCPddM43VdWJz/dH3Q4o KDAohnrWOksaL11V955bdd6z9343RTEXraIsWzidc+o058sdB9AySrgojfPPPZ9nX5mO8KLk l4W4/vLW3Hb3QEKREqJS8uGyWdT42+kMGjIa4cX47pv11DvvAp6dPIdIeR7N6tShe6+BhMrL 8TzB7EmjOaPm+WzemkRR3kHat2zCObXqMHXm6xSUlVJYlM+V/2pJ3wGP4wqBciNEy4oIl2Uz ZfI4TjutFrPnLEVqB9ctJicnAycapqywlGuv7Ua/AUNwhIdXmsXdvW+kY5cbOFQWIewohj35 IBc1bEs4bNi9/RPO+uffeOSZMZTFYpQX5tLtikuo1+xi9mXlsHDGKM78vzMYMe51HCEIF2fQ pGE9eg0cWpni7gt0jRvJ47oO7ahxVi1at72MVm1a07JFC848rSZdrr+DzLxCjIgyeNBdtL3k MgqKynGi5ax+722atGzHgbQUHn2gL92vu4niSDmuEny16RuKCgspLj1Im7oNOK9ea7JzMjDS Y9bUSZz5zzNYsHId0aJ0enS8nCuu6UFWdibCizDs6SGcV6MWX21JxNMRHu53G//395q898lW tBWsf38VZ555Lm+u/ZTsg9tp2bgOjzzyDBEpicYibNu5i6jrsGDWVM6tVZMt3+8kFg1RVJTB uefVZ+7CN4npMoqLylFSHyZUjdFopUlO3Ua3a28kcc8urIkSi5TRs1tn5r71NlLEKCrI4Kr2 nfjgw9VILSgJh3jskft4deYCIlJQmr2L3r36sudgHp5yyDyQQduG57No1QZ/Totyhr/4KK+8 MomYiOF6DkuXvMHjTwzFkXGn/Z8w1zteKlL0hVQ4nldZ2hIQEBAQEBDwcxhiFozUSCnwrCTq xFDhMrRWlca5FQ7ugUgP+DHxckkDQmk8IU8oazIQ6KeY4xHoFTUMOxISSUrJqGyd9XMC/d0P 17Dyg4+Qyk/prXjt8d5YLFXu5toqjIky8rknGD9luu+crl2i4RJC4RhK+y3ShPaYOOJZRk6c iTTw+Qdv06DxpezOzIkbzlW1WjPG8O0Xq6nx178y9MWXWbrmM9a8v4pRzz7I2TUv4KOvdiJU lDfnT+Ls2s35YkcyWjqEC1O5oFZNho6dizAKx4nQs30zet/7KJ6KISysWzqd888+n7e+2YPS ltz0BNrUqc3dw6ZwYO9m6p1Tk5Gzl6GFRBrDgcQv+NsZp7N8xecUF6RxZYumXNXjTkIihjWC 8pI8OrduwV0Dn8CR8Y0Gt5zP1q7i/AvPY+ToV3GlQesYh9ITufeBB7i55y3c1PlaLrqwFtfd 8gAhqTBOEYP63Ezn63tT7DhYZXnp8fup3bAVTrlm4WsjqXFGDd78/Cs846eJz5n8HDVqXcSG 7aksnDGCWmdfxJ7UXJQxaFXIxS2bc8MdjyHjpQO+QFc4kTyu7XApzVv8i5XvfMTqD1fRpdMV tG13JRlFpThaYr0yrmrfmgvqtaBLt1706HINXTpeSeOmLdi0dSuffbGGNq3bcWPPngwfMZwt m7fgCUlpKIN2F9Sh/3OvEhOlWONRkp9M64a16fPoOFI3r6Hm3/7B8CmLEFqAiZGS+BWNL7yQ KbPeISSjDOlzK+c1a0+u438Ge77/knP+eTYL3l9DJHaQ0aOG0axpO+4acC9TJo1m94FUPOXy 3yce5Mwza3BV5xu4rls3enS9mrp16/LiqLE4h7V0qzaXtcFKxYhxQ5g07Q1cLTG2GONFSU74 nu9S05FeKUlbPuKZ5yYS1RqhBVK67N+1jptv7UNBKML7iyYz/OVxRLRBaoGQLlOf7M/iVV+g lCJSkk3XbpczYtRMJk4dz5RXJzJu7Ctc3+MWsgqKUVbH26Ad55fxaN/R+D0i6gn6DRhEOOrE 3UMDkR4QEBAQEPBTWG1wDEgjUdpFScv+NavZOmE8Vgq/NNPqqva7p/qEA34zVDctrjDSPpCe ycw5CyrbrB0PgUA/xZyYQN9FUnJaPIX25wX6oqVvMv+N5XHXdV352hMW6Nr6u4gmxvjhzzBm 0hSiBoz2MMrxe40bg9UuWjmMHz+aFya8hrCKz99dTPNWHUnOK45vLsTFg5UYN4+nhjzIBRfW 59JLr+Lyy9rT/vJLubz9pTSpfS69BwyjxI2yau54al3YlPXbklDGkJN1gPNqnc0zY+YgjUFG i+jZoQ039RuMawzCwvol0zj33It4e/t+tPLISdtB6zp16Pf8dFIPbKNuzZq8NHU2Wrkoo0nY tp6/n34Ob767gYLCNNq3bEyX2/oR8vxNhbKSPDq3bs5dAx/Dlb6B2ZoP3uLss2ry9LPDKXVi uFrhxGK8dP8dNGp1Cd/s3ocIl3JTjw5c2/MhIlKg3RIG9OlJp663UOI4aGUZ/vgDXNSwJW65 Ztn8iZx92hmsWLseaSRaOkwY/gTnnHcRmxJSmP/aGGqeU5/9GQUoI1G6iItbtaXHHU/hWTBx t3tjNG64kOs6XMqll19PSURidJjPP/qAiy48lxdHz6RYKKzn0uWqS7juhp6ElcFTAi00UaFw pESpGOlpB1i4cDFDhjxEvYbNWP7OGgpDh7js/Avp/eBzxEQIo11ys/bTuM6F3PvkODJ2fMUF Z53B8yMn4WmF0Q7bN6+n7vnnMWvxGkLKZUjfXtRpezV5nkJY2LP9c876+1ksem8dSobwnBJ2 bE/gtenTufO2W2hx8VXs2p/GqKFDqH9RA1LyC1A2jPEMMS+GNLFKs7QfCXQLRiiee/FBZsxe gdAaa8swUqCVh2MMUkXY/fXHPD9iMlIqjJQYIUje8xU33nAHRUVlrJg1keEvjyZmDFIJlHSZ 9OxglrzzKdoYQsV5dOt6Jc8NG8WwF5/nhWHP88ILzzN2/KvkFZf5LeVOYhq61hqlFFFX0Pna 7oQisbgBXmAUFxAQEBAQ8FNYZfAMRK0gZmJYx5I7ax67hjyGlZ4fnAoEesARqC7QdTxrec++ ZMZOeBUpq4yCj5VAoJ9iTsQkbnvCLhKTDsSdtH8+xX3R0jeZt3hppet0xWuPW6DHWwdUuJRr E2PlomkMGzkuHkH3WP/xh+zctYtQOIwbC5GdmUKfAQPZuHM3jhG8tWAyHTrdTGHE893NjYpH 0l32bvmAmmefw4w33sd1FMYtx1EuERFjzbLXOa92Q1Z+vpGtny3hwgsuYtjIyaQezGbqtKmc 8Y+/8ewrM/CUQbvFDLy9O/WbtWXrnmQKy0N8svR1ap1fh5Xb92FkjJz0RFrWrceg56cSc4vo 1vEy2l5+NTu2f0tGVgZDHh7MeRc1J2F/JvlFGbRv1YzOt95JVPou7mWl+XGB/iiO57J313fU uehCLm/fhaTkQxzISiMtJ5NQeTnP9O5Onaat+GzbDr7+9FMa1z+P624eTEw6GBXhmScHc+55 9di4ZQu5BaW8+MTD1G3YAqdMkpm6nRYN63PTbX3ZvXcP3333LW2bNubiS68kvaCYea9NpkbN BqRl5KKMi9SlXNy2HTfe8WQ1ge67zDvlxVzXoT3tLr+BwohEyDJMzOW/z97HmTUuYtUnmzCe YvjzD1Cr1rkseusjDmRmsfP77cycu5SyUDmzZ03gvXffIyNzP3v2fE+r1u14ZOhIckozufyC Cznnwias//xzDqYn8/QTQ6hZsxYffL4FESnhkUH9adysBR9/tpHU5CRuuakHtWvX5rvdmYSU 4LG+d3FRmyvJcyXKQuL2DdT4x5ksfGcdJfnZDB/2FFu2fE1OZjorly/hnHMb8e7aL/l01VIu PKcm/xn6AgdS0sjMTOW/L71Ebn4BwillX9IBPFegdbXyDgtGSj7bsIL77v8PuXkFxJwCwuFy 9u5IZPeBVLQUFOYmc8P1t7Bn726isRiRUDkzZ0/i6eeHI6Qmefdm7u47iH0pqYTKS0hL3stl LRoxf9m7xIRAuDEeeXgQm7/dTjQWwYlFKS0tJb+wxHfGt1X95E8GFd9vVyq6XNeDqOsGLu4B AQEBAQHHQEUNujQSaWJYaTk0bwY7H3sUqyTK+G1LA4Ee8EOqC3S/JbMhKTmN0eMmVXYLOh4C gX6KORGBvjdpP5u+/S6e4n5sAn3+4mW+sUW11x6/QFfVBDpo45C5dwsPPfY85VJjtCB5XyKD 7r2XXr17c0//u7njlpuYvWQFrlZ4WjD6xad4evhYHGUqDeKM0Rjl8twj99KqdVuKHeH3Q9cu ympc7VF4MJmrOlzCbf0GUFqWymMPD6Je3Sa0aXcl/QcOonnDOrw8bgZKGpQX5psv19GocVMa NW/FrLnzWP3mAho1bcGH2/djlUPmwf1c1qYljw9/FSEiHMpM5o5ed9CkcSOaNm3CFVe058O1 nxNTDvkFmXRr356e/QcQFQalFSUludxyVXvu/c+zOJ7DsKcf4fzzz6dhoxa0aNWOlq1bccnl l3MgNZXUhG+48ooONG7aihuvu5kePa7kjrsewJEOxgh27/qGS9q2o0mLptz/yDBGPvsErdq2 xykVeG4Ru77bxDWdutCseTOaNG9K/7v68vU33xJVkoWzplG/UWvSUzNRWqB0mE4dO3FX/6f8 HuPW72mujCFcWsRt13ehS7fbKAr7zuLW1SQlfkWzJi24+Y57iEYF4VAar4z8L42atKF5yza0 bNWWl0dOpqSkgMULJtP+0itp/a8WNG3WiN533c3+9GyKwpm0v/Ai7hw0hFtv783FbVtRv0F9 Xho1mqjQKCkpOJRGv9630aR5W1o2b0GHK65g6VtvEXIFUSkYNnAAra7qQr7nobQlcfsWGlxY m+Wr11OSd4gnhzxEsxbNaduqNS0aNeTRoS+SXx5GRwp5/523adn2Ylq0uIQ2Fzfn1l7/Ji39 EAf2fk3z5q3IysxBK11tLuOXM8h8Ro0cTdcu3enV+xZu7tmTnj1uYc+BJGRM4IgwKxe/Rddr O9Hrzl7c2vNm7hzUj4y8AoRSCBlizCujuezy9nS/vge33HwDL73wNB2u6crqdR+jPcGO77fQ 7fpr6dW7F33u6kPPnj15ecQYIo7rtxq0J9PIzf9+e0rR9fobiLpuXLQHKe4BAQEBAQE/hbUa xxqMqmrhm7JkJlufeBSrA4EecHR+KNC1gaQDqYwZPzlos8afRKCnZRxk5XurUfrYXNwXLlnB vEVLT4JAl35aelygG+OiozncM+hBMgpDGCUwykFISXJKMjsTd1NYlEu5lGgVwZUOQ594nLVf bkYaE28B5vfKNlKQun8v+/ftw9N+/2uLL6Sk1mgnTMr+vew8kEzIi+FFSjiQtI8D6Qcpc8Ls T/iGtJwCrIr3yFYuZSU57N67h9yCAkqK89i1eztZYQejPMqdEPv2biXjUD5KCqRwkW6YlJRk EhISKC4tQ2mD0FFi0RApCXtJzDhATBq0UQgZIX3HtyQezEZpj6z03ezcmUBC4nZ2JW5nV2IS O3ftpTwawpGCcHEuSTsTKCtySEr5jpSUNJSW8RZjEaKhEIl7tpGUmUNuRgrf7d6Pdg3ahNFO CbFwiL1Je0nYl0S03EV4Blc7FOVmsH13Am4kipYKpR32Je3hQEZ2vBxB+Q75xiClR1pSIvuS DuBID6UlxjUoESUpKYHExN04SiN1McIrJyczl10J28nISsNRCqlclFdCWXExu/YmkLhvN47j oLSiNJROuwvr8uiwMZSEwuxO3E5qViZRZZFSE5MW6YWQsWL2ZWSzZ/ceiktKiWoXTypcIcjd k8jWfXsolx5GGSLhUvbs+IbM0jK0F0FLh6y8PLZu30l2xgHCrsBTEiNCuFJRXFLM3j0J7Nm7 m7CQSKPwIsXsTtyL43io6gJdW4yQGF2KFoq9u/fw7vvL+fbbrcRiHsIrRyqLp1yU45GXk8za j1bz1WfryY9F8ZTFSIXSMYQb4/sd3/LB++9xMG0fZeVFfJ+wi9ziYqz053ZBYTZrPlrD2tVr 2ZuURCTqIqT/2VQYzpwcqgR6527d/U2AaveIgICAgICAgKNgNdIajNIY669FMxbNZfvjQwKB HvCT/Figm0CgV+NPIdCLiksYO/FVPCmP6eZwKDuHrOyc+E//y0K9ynHaF88aazwef+JJZs6Z i/QEWqm4c7Qv5rXWSCMx2uHgwXSee+YFwjEPa03cSKHKGd5UbDhUuGRWM4+zRlWm1isDVkus 1n4k32qsFpVt5/z+lf7f+TdSE/9yKFS8Hltb7de9x19bcYyKL1GFAV/FdVhlUPFUceMr3/jN 2sTfB4nRBuIR64rrMsa/wRstsEqhtcVYURnVNAa/FZrWWOundluj49doq4z04ukxOl6vbLRB G4nRAmMlRvs95f1z9t8XW7khY+IO/BprdNV7XHkM4/8eo/zrtgJjJFZbrPHraKqyNap+v/9e SKxxKQ/l0fii+jz93HCEUr7bacV12HhPUSXinxPxjRmNNrryPbdCoKz22+/Fz9dogbIGq2Wl 6Ya2/mel4zdAa1R888mfj1oblDFVdWKV86hqJvvvocYYEf93frmFrrhWLSvfMz/Dw/Pnp9bo im4GFe/3YaUaqvI8TfwhXjWPKuaWqZwfYE7qA74ixd1xXV57fQaOGwj0gICAgICAY0Fb37fI GI1nJcoqCrdsJWX12vizPigZCzg2tDHkFxTy8bpPKnXG8RAI9FPMiQj0mOMw8pWxFJWU+kLs VzjPn+L777cxd95cHMdFq/gEtKrK/Mr6AmX37t188MHqw2qBA36/+J+tQmuHSLSMsWPHs3r1 WqSUAEF7r1NAxcaHUgohROXPAQEBAQEBAT+NMaCVjW+ma5RWGKnQsiqAExBwLFQGorQ+obkT CPRTzIkIdKU1k6e9xnc7EvzI4a9wnj95PkpWioKqCWioitYblJJIKQ9LMw74fVMh0K3xMMY3 YVOyapcweJCdGiq+hz98OAQEBAQEBAQcHav9sktlwWiL9QxCKj8rLxDoAceBMeZH7u2Bi/vv iBMR6Bb44qtNzJwzF6X1zwr06gv1X5Kfm3jBze2PSDytv6L04VTvFv3Jqf5A+F92bgMCAgIC Av58GITVRC14BpSnUcbEyyMDkR5wbFQPkvzw746VQKCfYk5EoGsDhaVljBk/gXA09rMC3XVd YrHYLxZJqxJlfm12FdVq1qu/JiAg4Beh4oEgZVVWSxBBDwgICAgI+HmsNhhPo5TFtRA2GqEd pHSD52jAcVEhyA/PLj52AoF+ijnRCLo0hg/XfMzBzEM/K9BXrlzJihUrTniS/Oz5VJxA3CCN uDkXVlf++bDXBCI9IOAXQymFlJIRI0bgBn3QAwICAgICjgll/VI961mENnjGJf/LjSSufO8X W0MH/DHRWpObm8sHH3xwQt5MgUA/xZyIQPfNKxQZBzOZM3chMceLu0ZXtX2oPhYtXca8N96I O2Yrv5+5rXCZVv/zqHSwthJrRbwdW8XP8gf/v2L878cNRjD+rMOTAhV3hFdxd3+tNUb7C4iY lFzdtTuhmBO4uAcEBAQEBBwDyhiENXhaI6VCakXaovlsfWKobxQXLyv9Lfg/Bfx2qWyztn8/ Y8ZNOKFyw0Cgn2JOTKBrtJYoqRg/YQo7E3YjtEbbI3/wC5e+xbzFyytbb4F/czHB3SUg4HfJ xk2bWfDGCvKLSxFKI5RCaYU1CoCY0nS6vichN97SMMhaCQgICAgI+Bl8gzhpFVoKPAsHl81m z2NDsEphlKoU6MG+d0B1qiRVVcvnpAMpjBk/KXBx508k0I3RCCEoKw8z9bWZFJWVYyoX4oeP RUveYsGiNyv7Xlttqd4fOhjBCMbva3z08efc/u+BDLjvP7z/0TpcKatEOuAoTefrbybseNXu BQEBAQEBAQFHJ24IpyXWOAgL2Ytns/exx3yBHn/GWvxncUBABVXTIRDoR+JPIdChyklSG8OH H61l1twFuEKilKwU8Cae8rpoyXLmL1qC1ip+01GVr7HBCEYwfndjzbovuKPPYO7ocy+9+w1k xJjx7Nl/AKk1yoCjFNdc24NQ1Ik/FAKBHhAQEBAQ8FNYqxHWYKTE2ijKKNIXzuO7J57yBbrR gUAPOCLVBboxfunh3gMpjA5S3IE/jUCvwlhfpH+9ZRsvvPgyefkFKO33bayoS1/3xResXv8J nnKxxsUaD20lyiq0kcEIRjB+Z+ODj9fT865B3N73fnr1u587+w/mtjsHMGbiaxSFokSF5Nlh LxJz3HhJjPqF7mABAQEBAQF/DKxRRK3BKIWxEaw25GzcyJ5ly7FaYa2pFGIV2agBAfADgR73 BsrIzmH526uCCDp/NoFuNdZqpNZ4ypCcnsni5W8zZuJU3nz3A77eup2de/bz2dffM2H6fKbO XMjU1+cw9fW5TJkxnykzFjD19WAEIxi/t/HM8NHc0ncQt/a7n9v7PsCtdw3m9rseole/B7nn /keYt3gpkagT74WuCEziAgICAgICfhqrJSXG4FmNMjGsaxBKoqWL0fEMVRtvHxwI9IBq/DCC rpRGaIPUJhDo/NkEOgZrdeWOnjb+RMjKyeP91WuYM38RM2bPZcqMebwwcgIvvTKBEaMn8vLo ibw8elIwghGM3+n4z1PD6NV/MLf1uZfb+w7m9r4Pcnvfh7j93/dz96AHGTN2AtnZh9BaouMp eQEBAQEBAQFHx2pNLO7kLq3ECmYn/1oAACAASURBVI3UBmX86Lkx1SLowYM14Af4c8KA9btX KWNQcV1+vC1vA4F+ivlfU9yPRmWNutZ4UuFKhdQWaUDZYAQjGL/n8dGnG7jt3/dxe5/76NVv ML363Ufvfvfz2NAX2ZechpLKT2u3Cl0tJS8gICAgICDgyBhr0DYeHTd+K2LXGjxL8BwN+Ekq THwrBLq16n9qxxcI9FPMLynQK1BaI6SMp7vqyr7kFSYGwQhGMH5fY/UnG+h51730uvt+evUZ wMOPPsmXG78mFI4itUUpP8XKWhP0aw0ICAgICDgGtAVtwGqDlRZhNULF0MKrJsACAn5MZacd Y+IlyP/b+isQ6KeYX0qgQ5VI37xlC99s3uynwhuNNQprZPy/JhjBCMbvbHy07nNu73sv/e/7 D69On0VBYZG/Aaf8dHahFK9OmYYrZCDOAwICAgICjgFjwEqDNNrPOrWGoi1fk7HqA6yyGG0C F/eAI3KYQMcPpuTmFfDxuvVBDTqBQD8ii5csY9GSZRhLvLWawhqBNYGzc0DA75FP1n/BS6PG sndfMjHX8yPrOt5e0Rhcqeh63Q1EHOe4HwoBAQEBAQF/RqwF6yliRuBqg7SQNX8uOx9/DisN Rml/LW0JIuoBP6L6nDAG9u1PYfyEKYFAJxDoR2TBkuXMXbwcVXFTMYbKCDoEIxjB+J2NsrIy wuGQHzWP3/h9ka4wxuBIRZfrbiDiuIFADwgICAgIOAa0BeMppHFRUhO2hoNLprNryJNYYdBK +6+xBAI94EdUnxNKWZL2pTBuXCDQIRDoR2TRG8tZsHhZfAHv10ZgBVh5yoVGMIIRjOMfFX02 oeqGbyEeQddEhOLq628m5HgoKbHm+NxDj4a14N8/pL/RZ/1z8Utnqs7n8HOtoNr/s0ceOj4q 6rYOM13hxw83a038+AZtDcoajD15GxK24h4Zv+6Ka67a6IwP/L/7LVFxTlVlTfoIn8kveNyK n+Pv1S+NtaZqPlSfV8aAFRgrMNb4KaxGcaT5dOrwz7HyfbLSn2/VPqwffleqvhM/HL9n4uuT w34W+IZL1f7ud3+dAb9VjAUjNI7xEJ7BM4achVPZO+RxrGcw2gQCPeCI+K334msEA1IZkvan MXrspHiGYyDQf1f8GgL9jSXLWbBoKVr7xlFYFV8ABCnuAQF/JIxWKKWICMlV195EWczDaPUL CHRRJdDt4RsF1c7muH9/ZepgteP91ALI70ersVaj48Pak3Ot/vF15XlUXKcxhy/OrOV3JdB/ 6fM8okD/Fd6bIx/CxAW6xFgZny/mNyrQq51T/PlcfWPjRwLd6h+P39Q1nQBW/3hdEt+sCAj4 NbD4At01EiEsrjakvTGLbY8Pxbq+yNIV5l+BQA+ohjWmUqBrbVDasndfMmPHT0ZKedxR9ECg n2J+DYH+0Zp1fLRmHVL5Lu4VEbDgoRcQ8MfCGoNSirArGDT4Ecqjjt9u7SQt3I8m0O0PWrn5 kWV9uMD44e860rBVkcDDItRHXASZuEuqv2DyhdfJja79KFIZFxAVIre6QP+trdOqn1P19+XX iKBb+2Nh+UtzWLQZqGx1E5+DfoRdxf/utypmq8+zI4jVI732jxRBr1ib/Og6fr35G/DnxgJW apRVaGmJGkj9bC07Zs3HCl9gVa9BDwiojtXWj6Bri9aWtIwsFixcglIqiKCf6hM4Xn4Nga60 QWpdtag8wuI5ICDgj4MyBk9ptOGk1qBbC0oJrPH8jBxtsVZXtnKseAhVpNobLdBa+eU1FULW KLSWGKNQSlRr++iLKR3/HVKIypr6w0WeHzXHKqz209o9Gz8XbTmZtzWrDNZ4GO3EH7gKraNI JZHaIJTx32N7uCj9LWDixoEnsjD4346rUcqrTOlTSmP0r5Dirv3jKG1QBpT2M8WMUZWp7tY4 GBPznZh/Y4tr/7vkl57pCrdoEzvsPP3WiRXfF3NCaZO/NarP04rvu1JVGxP+Ylegtedvxhkq y05+a59hwB8Dq/zvlVWWmAVXSkzMqxRfwbQLOBo/LEvSxqBO8D4dCPRTzK8h0I+Wchg83AIC Ao4Hoy1GKwqLclm16h2cmOeLVuWRm53FsiVLWLZsOanpB5Fa4zkRNmz4AqE1jlTxlGuJVh5a eXz91Qbmz50VH7OZO3cBc+bMY86c+cyZN5+c/EKkidcNV69BtRJrBR+/+yFrP15HWEtf4CiL OpkCXUhCZVksWTSbebMXM3vWPObMfZ3Fbyxif2oaMamRldGU31ZGkjUaraS/OWJMZVT5F9+Y tdr/fLXEaB3fIPaF1S96WBXDaunPO22RWqOUxFivsjbQ6AiuV0pZqYvRv50HoLVglMHaCNbE KC6KoKVB68MFutb+5pgxXuXmh1a/rXl3vGitq4bSlZsTVfXo/iaZFBGKSksQOp5eHBdLAQEn k4qsLb/rkX/vVIZf/P4VEPBDAoF+ivlVBHo8DTQQ6AEBfxZ+mZRXoy1KCZYtW8SgQffiOgKl JN9v/pJet9xEv3/fRf8BA7mt1795fd5iXCfC6FdGkbB7L8LE70NaoIWDkR7jRo2gdfOmtG7e jAtqnsNf//pP6jdsSrOWbWnV9lK27dqNF18cVd6v4mmwWrv0uPJqunfvQannYpQv0L2TKtA9 stK/44Jza1D7gsa0aNGO5i2a0bRZExo1acGchctxVdw06DfWtjISLmfalMls+HJjlalRpZnf L4ffIcQjJeUAEydOYvrrMykpC/3iC9z8rH3Meu1VJk+ZyrKVH+Ap7UfvTdTf4FEGrcNs27aR 7t3vwXNP/gOwIhp8Qv9WK6wtIxwt4OK215B7qBxjxGEbU1p7WOOSlJTAq5On8NprMygqKv5d P9MzMzOZOnUqU6ZM4Y3Fy4hFPLS21UrxFJgYX29aT6u2bTiUX+Bn42h7Ujeb/gjZCD/FH/36 ThYVpp9+1yONVX62mAwi5wHHzf+2DgsE+inm1xDo0oCnbWUbJvht1kwGBAT8bxjjR6KkNkgT T69SJ68GXRhQbjlDX3iKTzdsQ0tByaFk2lx+E5u+3ITnRghJTVm4hF27d6CNw3tvzmfgfcMI a4k20Xgaqx9djTgO5WXllIQKGdqnN2f85f/xyVdbCJWXkBMOo2Q51rhIJdHCIFUUz0g8YdAy j55XdKDLDQ8S9cIY5WCFIaY8YlL5qefad90V2uBpjZBhHCMQriKkFFYIrHFR2uBa/FR5o7Fx NamNoTB1C7Vr1WDExEWESkKUl5VQWHCQ/9x9A81bdGDvoUJKjEEJF608rFRYYVHSIqXG6ghC WZQUKC9MVFu0KkeoKJ4WSK0wMorUAiMjGKWxwkMohacVUrrEtMJ6hSgtkdpilMLKKJ6SRLXC qChKKqSyaANSScqz9nHeGX9n6MtzkcpDKoXQrh9ZjqfeVSzYLf4mSMSAESUIY5BKEhICK8sQ 2sEzBqvKUMZBaYuWNp6+p7A6ijbKX8Rqi1IlZOZls+6zD2nfrDnb9qeilcAoiTUhrDZo6aA9 iyfj81X70aoKKjK/TPxcrdFY7WcEKKFRohwpPFzjp7WXl5Sy+ZuNfLhiJp26/xvPlRgLyhO4 RmCVQBtJ6oFdDHtxKq7QGBPvGqA8rI6htEAZg1bST5m3+J+PdhBaIYRGei6OjBGTAk8qtDJY JRFak/DtF0x+dRJCRNHaxI1Zj2VT3KCVgxKCsJvHI48+T36Jg2v9+aC1RhiFlaUYLcnJzuOT tWtp3+EGNu7Yi6osN6l2rOqf7U8ct6LOveLfmXj9pKcMVnkIq9DC4laI5uNAW3/9YV0HYRQx oxHaYj0d7yktyC0t4rNvvmLj6ne4tfMt5BaVY7TESI1UHloqlJbs27uXJx+4l/zyiJ/ir8Jo 68bvJzG0duLlNzE8JTDSYF2NlhbHRvzP2MQwRvifs/b8zRsdRijJjKnTScwsxhqNUo6/CXCU 963SM8NotHLR2kVqATaK1h7aCKyyWOOiDWjlIpXy3w8p0EqgjSEmDSZmMMohplxMTKOMQQlJ WEs8pbGuxdMazxpc45c/WGUxRiOt9OeXNCihELYM5WmM9L8nQgg8JbFKsfrtmew7WIAyGqk0 RmuMVFjte4jo6saDx8iPTD3jpZPWuFjtgfX8jUsTOamlR78kFdcgjMTVHtY1hHQM45RilEJV y+gyJlhHB1RRNRf855U2BlfFn23xLKHjIRDop5hfQ6B/t3MXW77fgYqn/EEg0AMC/ohorZFS 4gjJrLkLKI9E45GTkxM1lcYQKsxg8KMPc6goglKKzZ+upXvvRygvKyNUVkheKIIUDsooPBlj //avaFz/SvZllfoLaaMwNl5rakErg7QO/72nD6f/5S9s3J6INZKwMRivlJKiAtasXcNby99m /WcfURIpwxMWI/O45Yor6XJjX2KOixIOmzd9wsfrv6SorAQpJYkJu1j19kpWvfMuSQdScJUi plwSNn/Llu3fczAljXffW8X7739ISuYhHFMh0HW8fgyK0nyBPnbaCozUGK3QXpR5U0ZQ4+wG bEncT8QopBNh544drFqxjPdWvUdOfgmeshjl4YgY27ZtZuWKxXyycTPFBbl8tmET6dk5SKXY vXMrX23egvAiKKWJhYr5ZP3npOUVopRL2PNI2vUtq1atZO2aNeTnFyKVX+stvDDffruJ5W++ yXsfriErJ4/8/FzWvrmAc/72V+4cOJzP1n9Kbm4B23d9z86EBEQ8K+GHAj2qLNotIbewiOQD +8ktKaEsP538ogJfoMtShIpRVFJGenIqhUVFCKVRWsbr8wXS9UhPTyQ9K4visnw6tm7LdykH MVphlETrCOWl5aSlHiDvUAGu8IWIiHsmVFC9NMvfXJY40TBpaWlkHcohVp5H8qEsokL4jrlC YYwge/8WOvXoi/Ck37ZPGhzjoT2H4pJiSouzyS8t831Z4v4BRrkYFcP1HLJycklPTSVWXu5v dmiNFBFKS0sIlYbwPI+M7IOkZmXiCIVUBiN8Ab/x41XcM2AgnheOR+99kX4sAt1oh1BpGbml GWTnFRMRhli8Xt5ojTYKzykj62AGOdm5lBfn06nrHWzYXk2gG33YcapvchztuD8U6OBvbAll sFohrMZIi3ciAt0YpFIY4ZGdn0NSSgrl5WUUFpVSFophlEJojTCGWH4md3S7g5yisrhANyjt oaWkpLiQ0pISygoycAxxgR5CmZhfxmAcysqKSE1NIT8/i5CrMdEwUkUIFRWQUh5DyjD5hVmk ZaRQHi5DKhEX6OVIpbi33wA27UpFS4ExLp46uuNyheeENQqtXJxYhINZmaSm7CYcCZNfVIBw te/VYQxGxYhGIySnpZN9KAvXieFqi6M0xtFo6ZJXVMDBfSlk5+UTKglxsLQEqQ3Ws5SWl1JS XkRUeUhXkpOZQ1Z2NjHpoZVBex6OG+ZAxiEyM9NxHQeh/ffeVR5GKmaMH8q23ek4UsQFg6n0 YjC2YhPn+FR0dXEOVIoSbQXSSrACbRVaR35zXS6OhrUaZU18E8fFhiz5O78n9aMPsEKi4tcY CPSAH1JdoButUFqTnV/IZxu+rHRwD1zcf0f8GgJ93uKlLFz6JlLrIIIeEPAHxhiDEB5hx6XL dTcQibkYffJSr6XWJG1Zxz0PPEhEWbTRLJ87m1dmLeO//32BNi2bcmG9BtzTrw/lURdlJOX5 6bRtfDHzVqzGxCOgFSZXPxTop/3lL3yxYw9YhWMM+xO/pUXzVtQ67wKaNmzCWWecxq2330F2 bhlS5nPz5VfQ9ca7cZw8pk6dyJln1GTYi5MQXoi3ly2mZo0aNKhXj3p161Cnbn0+/SYRx41y T/futP5Xay5peykNmzThzNNOp227y8krK4+b1cn4wtVQlLqZ2ueezZjpK9BCopUmVFpGr9tu ovXF13CooAity1k+fyZnnVmTJg3rUa/eBZxfrx7rN23GE5LhLz3HP08/jfp1LqJOgxZceXE7 zj6nDvOXv4/Umnvv6cfFHbtRFg7jKUnGgQTOOPNsFrz3KbFwMY8++jhnnH4GDRo2pO4F59K0 RVt2H8pHiDKef6Q/Z51Tg/qNm3Je7bq0bN2WD1a/T91zTufMv/6Vf9RoQ+3aF7Du4/X07tOb vn3v9hfvFW038Z8FSitcIXhr6QJq165Dy+bNaXfxJXTpcCkjRo5BaIOI5DNx0njqN2xMm6aN adK4CW8sXU6Z8LMiImW5PPnoEzRsWIdGzVrw4EP30aFVW7anZWOU71Xw5orlNGzYkKZNm9Gk UWuGPvMc4ZiDJ9Vhi/iqxb+/2Dl4MIOOHTvSsEFDmrRsxfWXt6PbdTdTUFyGMv5iWSuP7P2b uaa6QFcGR3uk7EmkQf16XHh+La64+t9EYlV94a12CZcX0rff3dRr0JDWLVvStmVLdiclI41m /75E2jRrwu09b2bipKk0b9GCOg3qM+TpUYRdRSxSzoI3lvHMI/fSsVMnZs6cyqyZs3j77VUo pX9WoBujcaJFdOp4NbVq16TGOfXJyI7iGD/SqZQiUpbPfQ89QoN6dWnSpBl33X4rV3S8iQ3f 7UarCoEuK7seVF5b/D08ypErRXdV5F1hjfKzJIyf6mtVlTnbcWEl0fISxo0bS8OGDWjWognt 27Tims7dWL5mPUr4522MwSnI5PZqAt0qi9QeBTl51Dz7HM6vVZPmdetyML8YYxRahTDGQQmP FSveoHXr1rRo0ZK6devwwCND8UIhHJFH56v+Rb02VzJu4hiaNG9K/fr1GDjofoQSKBUhef93 vD5zJl0u78iTI6YzZ+ZMZs2aTk5+4VGjvqayI4AgHCrhrjvvpGHDJjRr0ZSrr+lMx2uuITO3 zM8uMR47vv2STh070rRZcxo0qE//AQMpijp4WqM9l1XvvU/LVi1p07gRLVq14fqu3Xlh/Hhc qTFRycABfWjRqB5bExJ48L77adKgIY2bNGfD19/guQ57E77hphuvp0GjdjRudhE33HwTh4oj CE+QkZPFvJmzGdjrWp55aQKvz57N7PmLSE7NqPxMfYFufjBnjuHjrf5n429YKKPxtCGmDUYp P2NHuOjfmInm0dBWI6yf3WFMDCMs6QsX8v0TT2E84bdYCyLoAUfghxF0T0p27zvAmPETK9us HQ+BQD/F/BoCfdGyN5m3eClKm8PS3oIbS0DAH4uK77cjFV2u7UHU9c2kTlatprGKT1fO4Z77 H8I1EmUEr08YRZurb+K9Dz/A9aIUl5UzbcJoBj/yHJ5WuOE8unfuzPjpCzHC+CnDPyHQP9uZ hLEGT0p69+jMubUbkbgvGSMkWzat47zzzueVMdORupibrriKbt0HsGDOGM67oDaPPz6S0pBD TsZuap15BpMmTKS0pIyiogIeuH8wPXo9QixSSv8u19CoaRO2b0/EkR4vPvMYNc48l4Skgxgr 46mZfg1iUepmatc6i3Nrt6JF4yY0btiIOrXr0bhFSz5e/xVSS/YmrKNx7dpMe30hpSV55OWn 0vayi+k36H7yikqoX7sB9z3wBK7nEnYivDZ2GP88rQbz3lyDMYqB/e6i1ZXdKApHkVaRvm8r p/3zNOZ8+CWHDiRQ54LzGT15BqWhUjJS9tD+8k5MXriK4txk2jeuy+CHHybieoRiLol7k4h6 LtlJ31PrH39lyAtzKA+V4nke+SX5FBYXVZY/VG9dZYzgnbeW0vHqa8g+lIvWmlBZHjd1v5YR I8cgteLdpfO4p/8A8kqKsSpKfm4OV3e4iiWrP0aKMKOHPkyfPgOJOiXEhObD91ZR96yafHvg IEYpkvZ8zR239yE5ZT9SCSKhEH3v7s/CN5b6G8jV5mlV1xFFqLyUnj178vY77+J5gohSfLJ8 CR2vuY6ikpAffVcGayTZB7YcLtClwTUCLQXlkRD79uzghlsGE/PifeHjEc7BA/vzytgJhGMx tPJI2P4djZq1oigURmmPUP4hbry+M+Mmz8SJeSTs2krTpp3YsnM/MSfMsjdX8fyjD9CpU2dm zpzO3DnzePfd949JoGM1Rju4TpSSSCldrrmJjOworqUy823000MY/PhwPM/BE4LPP15D3Qbt 2LCtukD3yExPY9XKVX6UtCIqetR2bdXmgDYYpTHSYeeObcyeNZeoMn57VungxaK8vepdHnvs MYYNG8bmzZvjzutHr202OsKXa96hQ5euFOYV4KkY4cI8HhzyGMvWbUDKeOcFbXAKs7j92l6H RdCNkViliUXD5BxM5bZrO5OeVxQX6GG0cTiwbzudr7mahMRdSKUoLy/lqaef4u2PvkGqEGXh fFq1vIhRE2cSiTmEw8UMeeJRMrPy0cYlI30Xs+fNoesVnRg6Yibz585l/txZ5BeV/IRA19j4 fSIxYTu9evWmsKgER7oUFRUwacpkskujSKNRbjE3XNuJd9591y8zcWOMHPUKT/z3FaKeR/r+ 7Vx1zbVs+T4Bo6JE3CivT5/J8ImT8aTBCo01ZUx9+Rl69hnI2rVrUJ6L6wpcISkszKTz1Vcw 8/UFOJ5AyGIWL32Nex96GSfmkl2Yx7yZcxjYuzvPj5jEjDlzmDV/EakHs5DxTRhjFJ4XZfjw ERxISfM37yrKHY5hoWiNxmhJeWkRc+YvoNwVONpgpEZJj6Qduxgx8mWGDBnCrFmzKC0t/flf eoqw1QS6sjEiBg4tnMXuIUOwSqGMCgR6wBE5XKD7WSp7D6TwytgJlSnuQQT9d8SvItCXvsn8 xcviNVOBQA8I+OPif79dpel6/Q1EHZeTaRanrOKtBeMZ+NDjuMZB6RiLZ4zhX1d094WM8Xuk H0xOoNaFTSmOSEQkj549OvHypBloR8cFuj6iQD/jL39h/c59fhTDDdG+VVP+dc1NlAqNlYq8 Q0k0b9qUB/7zHI4tp2fHq2nQqAXnn3Um/e99hDLXQWnF1o0fcvr//ZV/XXwpnbveSOfOXeja tRv3PPgs4ZIsBl3XlW633ElRuYPRUd54fSxnn34e2xLS0VaAjcXbpymKUr+hdq2zuHvws6z5 4H1eGfkyLRo34pUp0yiJ+Omjb88Zw2n/93faXd6Nbl2vpXu3znTp1oWhw54nOWUfZ/69FtPm rfTdxU2M3d++T63zL2TuWx9jdZT7+vaiZYfrKIzE0EZyaP83nP7PfzBt9SY2rXmbs/5xGq07 9KRL1670uP56unbtztRZC/HcEFPGDueyyy6lb59+TJk8lc1bviMiFCWZ+zn3H3/lqRGL/Jp/ o5DGr31V1aLTEE8j1y739r2doSOnIFTcw0CV883Xm/hy4yaibpSH776T2bPm4RiFUQ5GCuZM eoUnR01GRAro0KwZS977HG3DSG0oLc7lknqN+DblIEp4zJvzAh2uuJ6JU8cxYfJUJk+cxr/7 9OWZZ4cdMYIOYI1g/95dtGzZMj7HQGhDef5B3njrHSIxF6F0ZQQ55wgC3TMSq/301KyDydx4 64NEPV3ZVSBckkvzxg35z2NDGT9pElMmjWfiuDHUa9yC7/fuw9OCUH4ud915I3lhFyU0hbl7 +FfrG1j/zS6k8RBa89XaVdx9z0A8GfYXY9r4PgTHkOJutcRqD2kN3breSnpOGNeCNpqY4/DA bT1Z8HlCvDWhprzoEB2v6clX25PQ0k9X1jLCU0P+w+233UFmTp7/OVuNNeLox7UVfeLxPQJ0 jGHPP8k9/QeSFXbjIivEq6NG8tLLY0hJSWHnzp1MmjSJrKysn27jZ8NMGP40cz5ahxYGT7mY WIwtCbvYk3IQLXW8LZ7BLTxEr269DougW+t7AVgjKS/K5o7ru5CRV+gLdB1GiSjr1y7jxh7d GTthAhMmTWLShMn858GB3Nr/JTwvQnFpEZ1bnUNCRp5/LFXGiFHPkJyWhdQCbcpRRnFv3wFs SkzFKIXR8RT3ozgbVnZtsJK83Cx69ryJAQMHMWb8GObOnMHWb7+iTGk8LRFF+7jskla8MnYS kyZPYeqk8Tz88MM0btmO/KJCNqxbxpAXRuFqidKlCO2SlpbOlh07kSK+0DelvPrco9x571O4 Svh19NIvQdi3ZzNt27TjxZcnMXHKGF6dOIH//ncozdp0Ji8n36+jVorXxz3Ntt3pKOO3xfTL N6xfiqGi7E3cSr9+A5m3YAmu9Ovl/XH0sobKlr1aoYXLgjkzuabTNWzYvBWpXH/jpbyEgYMe 4utNX5Oens7KlSuZP3/+UX/nqcZqHS918ktmyixkLJnFrkCgB/wMPxLoBpIOpDBm/KTjTm+H QKCfcgKBHhAQcPL4ZQW6tIqP3p5B/8GP49goSkXYsGYJHbrcRmF5xG+BpGNkJX9PjVoNKIoq 3NAhenRrx5hpc9FhhdTyqAK9xl/+wmc7fIEuRRkdL21NnX9dTb4jMUJwKC2Bpg0a8OgTw4na MD06dODS9tdyReuWNGzWns07klE6xO7vPuWMv/+NRcveIqotUhs86eBohYxm0f+6rnS8pR/F YYnxilkxcwznnHYe3+3KRFvPN3syYKykKPVrap97FiMmLsBIDyVizJ4ykTNq1eb9jz7HKM1H K6Zw+j/OYOXHG/E8hREKrTRCOmRlJHD26TUYNW0ujjZI7bLt83c4++wLmPvmx1hdzuB+t9P8 iq4UhmMY47Ln6/c5/R9/Y+qab9m+4UPOOfNMpr2/EWOUHy2WCitdhJK4SiKiYbZv3caQBx/h wgvrs3NvCoUHD3DuP/7KE8MXHJNAN8Zl4F238NzkRXja4hpQugxhNJ4URJ0SBt91O3NnL8Ix Cq09pOeybMooho4cjwjlckXT1sx8ZxPKliG1ojDvIJc2aMjWtIMoKZg143G6de3FlNcmMGXa NKZNnc6U6dP4ctPXR4+ga4+9idtp06YthaEwnjFo5RvtxbwYXtwkzh63QDeVAj1UkkPrZk15 5oWXmDp9GtOnTua1aa8yZcZssopLcZQgnJfP/Q/1o1RalKMoyd1Bu9Y38Ok3iXhx871Na9+h /z0DcUS40iDu2EzifGFghptasgAAIABJREFUtRsX6LeQnlPmR9CNwnUdHu55I699sgulBFJL ygoyuPKqG9m4bS9a+psBhzKSePyhwSxbtpzho8b6Bm3WT7M+4jGhSqBrg1WCcHEOkye9wsYv NzF69jJETBN1Cnmgz79JTjuEMQYpZWX0XCl1WN/yww8QYsywIby27nPfrE24mKiD0BajDEZJ hNW4VuMWHKJ316MJdEGo6BB3XN+ZjLwCjI0LdBlj/ZpF9O/XlynTpjFl2lSmT53G9KkTWfnR V3giQqS4nKtb1iWrpASpJVoXMeKVJ9mXnIHUCqUjKKO4r58v0K3WcdO3o7dxqyi/sEYjRRTH CZGSlswbyxYx6sVhXNGuDV/u2IejHbzc77i269VMfG0Wr057jamTxjF96qvMX7KCSDTEZ2vm 89jwcThKInQpQsdQwvXN4jzfwE2ZEl5/8Snmr/kK1ypf/EqDlR77Er/iyqt6MGrSJCZPm8b0 KVOY/uprzFwwl0g4gqc9jJDMGDeUrbvT8ZTEaIlS1XwLZDkrFkwncc8+XhkzmYKSsmMU6Do+ JOGyYgbc3YeN69dz5z2DKSkrQRpD9r69vDpvEcIRlXPmRDsd/BpYpSk3Bs9qrFJIbclcNJfE IY8FAj3gJwkE+k8TCPQj8MWGjXyy/rPDXHshuLEEBPzRqHgICCl59vlhxFz3pLbX0VqzZdMa Btz30P9v786jq6rvvY///6zVde961up6bm8dOkpvWztdra0KiEARQcEqijLjANYK1VptHaod RRS9dcIRRVBwCorWEQc0ZABCck4gARJIQshMhpMz7L1/0/v5Y+9zcgIBwXpJxO9rre/SBeEM +wzZn/0bvqSCAM+maWmIM/zMs3m5oIBEbzf79jVz/z+WMGfeb8gEPh37dnL6Kafw6LJX0UEX 2pjcFHdjw/7PRme4adY0/u3//F/Wl1WirMWoFLfecA3/+R/HsfTJZygq+Yi77v4TJ574bZav LCClOzn3jOFMHD+VDes/5NQfncJpp42guKKMnq5mTv3vHzN67DjWvvE6JaUlLF/xDC++8R4q 1ca0c89hzHmX0ZbwsaaHZx+5m//371+hrHw3xnk4l8Jqh7EBrbUlnPifX+aOux8gMAar0jTU xvj+d7/H5VdeR08qoK1xG+NGnsHIs8fy7jvvUlRYzCOPPsmata/Rnehg+Ck/ZuwvxvPeh+tZ 9/46rpx5KV/60pd59Ll/Yk0Xt/32Kk78+kkUvP4W773/DrOn/pIvfenfeGzN27Q11fGD75zE z34+inXr3uPj4lIeX/YMtTXb6Wjfy92LF/H62lfZVLqRlStX8R9fOYFX3nyfVHcTPznpOEaN vYAPN2xkb2s7xaUfU7SxiEy0+Zk1Opye6sBan+VPPsTYib+kbm8TSc+nu6uN1/75JhtKSjA6 w8rHHmLelfPY296OF/g0Nu5h0rnjeObFV9AqzS2/+TWTp15OXdMe2lv3sHr5Uo778pdZv6US ZXxKS15n1sy5NDXtxvc8/HSG7btqaWrtwBhN+ZYSSoo3h2tv86a4d3Z2MH78eF557XWSXoqM 71FdvY0XXiyg1/PQNsDPJOnubKWyrJAx486ntb2Dju5u0r5CGY2XStDV2U5lbAvnTrqM5rZ9 7EuEa/5VJsFFkyby9PLlJFNJgsAj0dNN6eYyMkoRqIDGmq1cNnsGe3tT6MCjYWcZPzr5LF5/ rxjfaLQOKPnwbaZceCHJVIJMJkNJ6Sb2trSGO4LDIZaaWLSXoWdfG52dnYw++xyqtu+mvauH VBAQqIA//eZa5s6/gebmvTS3trLmuWf45kk/4p0Nm8PdwIMUrz3/FB8UFpHo6uG66xeQ8BXK WpzujS6K9f8usNaibTid3Bkfo3t46umHeeOfb5Lo7uT8C2fR1t5OoNOseOJx/nTHnyhY8yob SzfS2dWNMhat09Ttquajj0vwVf5GfxZsktcLVjLh4qm0t7STSWfoaevgjXffp3pXA8po0n4v nV1ttOzayfljJlG9ew/7unrwPIU2isDP0NPdTv2uas4bN5qt1dXs6+4i7aXQOqCyooi5c+dS V7+bQAX4Xob6hgYaW9oxJkl7Ux0//eHJ1NQ3EqgMyUQzt9x2I1viVXgq3DtBaZ/5l1/Oa2++ hed5tLS18N76j1G6b00/RBvDOR39N7y4U7W1nDvuuI36pkZ8r5dUbzd/+MNNrHr1TZQJ0Klm LrnwAjYUlYTT0jMZGvY0sn1XA1p77KgqYey4CZSXl+P7vSSTvXy8oYSSsvJwZogN6O3ew503 LeDRl16nsbub9kRPtIeEormphvHjJvLaG2tJZzJ4vkdLcztbd1RFF70UVmd46N4/s+a1N8j4 Pl3traz7uIikl8GpBPW1m1jwm+vo7O7mgf+5j+deeBnfaAJrMGbg2Rc26hZhtMIEKUqLClm6 9BF8L8GCa69hQ0kZnraku5u5/ne3sOzxZaxbt46a2l1h9wPLpwot/9uc1XjOoLRFK0vSGFrf WcfOJ1dgtMZEn6HPY0tDcfQ4a9HG0NDYyIsvF8gUdySgD0hrjVJqyF+5FEL8a7J9mIMgyG1K kh21+Cw4bWlr2c38+dfS0Z0hbTM43UVZaSnjx45m6iUXcd75E5k4aTKdPb3oIGDHjk1884RT 2FRej3FdUVskHZ74Ghf+0goy3Parq/jqCd+mZEssbCVmNYmOJm773QK+/rVv89UTvsJ3vj+M x55YSSqj8E0XF0+YyPRL5pDyFGVF7/Hj73+PcZNn0NLSTH39bkaOHM6JJ57A8ccfx8k//CEP r3gJlexi9oW/ZMrFc9iX8rEmxeplDzHsa98hHqvFOg/n0tEmVQFNu7fww+9+i0X3P0hSG6xO Y4Je/v7n2/nWsJN5a30xWvvUbNvI6aedxtdOPJETTvga3//BT1j2zCo8bXjv9Zc49Uc/5Ljj juPkk3/AbbfcxFe/cgIPP/s6xiaoKv+Yn59yKscd/zVOGnYSSxbfzYlf/zbPr32DjFK88cpL jD3jZxx//Ikcf+I3OOVnwynduImmhp3MnX4R3/rmNzjuuOP5+je+za+v+x1d6QAv6GX10w/y zW9+kxO+8R1WvFDAvHlXcMVV80lb0NGmTtmAbmyAUr0sWvw3zhgxghkzZzN50mRGjBzFh4VF GOXhp7q56YbrGfOL8cyeM5cxY8dx+1/upCfjYa2hq62RaZdcwimnncmoEadzyQWTGH7GcCZf NItEKoWX6eHuRX9j9FmjmDNzDjOnzeKH//0TVr/wKkYH3HzTQiZPvpSUr7B5m0pprYnH45x+ +ulMnTaVWXNnc+aIUfz5L4tIeR7Keixf9igTx49l7OhRDBs2jLHnjGfcuRP5uGQTgVI8sfRB Jp4zlrNHjWLYf53MmHHnMumiqcSrtqMDj6b6GiadP5FLLrmEuXPnMnnyZE477TR6enpoaWpi yriz+e4PfszcXy2gu6uF3y24mq9/42RmXn4Nnb29WO3R29nGpPPOZeas2Uy77FL+67++x8Yt 5QfMWDjwc2vY8ME6LjxvIhPGjWPYScMYM3oc4845jxdf/SfGGtqb9zBl8nn8909+whlnjuAX Z53FmWeNZuZVv6atp5fEvhYWXnU5ZVXbadlTz8P3L+GjzZXRWuAk27dXUVa2mfLycsrKyijb vIVNZZvYXFFOsieFDXx6euo4d+J5VFTEaNm7hz/e/gcWLX442lAtzb72Nt5++23+cOPvmTZ9 Do1t+1A6wzNPLWXc+Mkkkul+m8k5myGT7uC6Bdcw4ZzxzJ09h/POncD4iZOJ1dShnOGF1Ss4 b9wYJo79Bd8bdjKjxp7PuPGTee75l9Ha8P777zJh/C8YN/psvjvsJM4++2zOGT+BFc89jzYa 38/whz/8ntGjRzNnzlymXTadn/18JC8VrMXoXm68fj7f+PrXuPjSOSQS3fzx5pv4ySmncsGU y9jd2BReMDQBjz/yEGee/nNmzZrN6DHjWPDbG8l46dzO+JDdUC2cARRO7w4o37KRCRPGc8GF FzJ31gymXnIJZwwfRVNHZ3hBRHsUvPA8Z5z2My6fezmzZl3O8JFjuOmWP6GUj1ZpHn7gfxg9 6izmzJrFpVMu5pRTz+Cjoo0oo1FBinkzL+XMH/2AU0eOYeyESVw253Jau7pwLgzp7775GiOH n8H06dOYO/cKRp09hnnXLMTXOtx/wKV55+1X+OlPT2HWrNlcNHkCM+ctoLWrG+N3csftt/L3 +x5mb9NeyjeVMmvGdPYlMyhrSXW3he+X/WvLFuoaGtGqB5VJ8Pe/3sKGkmLq99RRWvwui+9Z StqosLND0Ebtjj08snQpM2bN4emVq3JtFT+rDiOfHUvgoj7oxuJbS9KkUNb/VDtxiy+m7LmY jdodfpqBEgnog+xoBPTsG+WQa8WEEJ972TZr2VCulPpUu4cejDMWHfRw0w03sL6wDN8pjEri dLiRV2W8gtraGpKpNJlAY33NywVPMG36fNKewVgfo73cCa61EFhLoD321u2gvCJOT28yaqul CbwMfibF7vp6KuJl7GlqwA90uEbaJKnZXk1tbT1eFJwb62rZEttGc3MzWiuSySS1tbXE43Ha Ojro8TVWedTX1FBVXUM6MFjj0dXRxNaKraRTPtYpnPNxxqG0wU91sW3rFva0teMbjdFpnLb0 dLZSHtvMrr1NaK1xvk8mlaK6upqqqmoSvSm0tQTGYZRPZ0cHFRUxmpsaiW8p4fivnMDDq/6J cuF67s59+yiPxWltbSGVTFJRuZXmjk68QGGUh9fbyfbqbWyrrqarN4XWBqMU2vdoamqiIhaj dvdu0n6AshD4AcZL09yyh/LKLXR0d1JXV8fuhj0kAx22cLJh3+NwBF2jtYdSPpWVlWzYUERF eQXJdCZspaZ8rPJIJRPEt26jsKiYysqt4f1FO8JblaG3u4PS0lJKNm6iJ5lkZ00t27ZWo3wv akmVomrrNkqKSigtLqWxeW+4LEAHvPt2ATfecAtBNFKV/74OgoDW1laKSzewoXgDu+rqw5E4 Z1EmoKVpD5XxcuKxCmKxGBXxOLHKSjq6utHG0NrcSLy8jHg8xpZYJeUVMcrj2+hJhZvCWZWm vb2NjZs2UVhYSGVlJalUCq01nuexrayE8ngllTtr8P0ku2u2U16xlaqdu8gECqt8jPLY19FG UVERRUVF9CQSBPutrR/wc2Utia59VMYqiJVXEKuIEauIE49V0rovnHVitE9PVwelJSVs2lxG Z3cPO3dsp3bndrTyeOC++7nyiqt5cOmTLHtkCffdvYSJF06lNwh//9fV7SIeD49NZbySyngl 8coY8a1b6U30YJXhvXVruf76m1m69DGefPRh7rv3Aa64cj6+7+FnUig/jdU+yk+z8tlVvLO+ CF8rmvY2cOfi+8j44RKK3NN1CqPT+F6KyliMog1FxMor6OruQUXrfDvamqisqKAyFqe8Is6W eIwtsQqaW1sx1tLV1Uk8VkE8Fr62FRUVVMRiNLe1o41G6QDPy1BTU8OGDUVs2rSJXbvD94YK ktTtriJWUUZ863YymTR1u3ZSHotRua2aZMYLl3won8BPE4/HKCwspKp6O6mMj7Wq3wZ7YUDX uWUBOENvopuGhnrqGuop3vARpSUlNDY3h7OAjAl3A1eKvXsaKfy4kOLiUmp21YfrvI3CWoVW PrtqayjaUMjG0lJaW1vxfB+lAqxR7KiqpLK8jHiskliskqrq7QRB1GnCWnTg0dHeQklJCUXF xWzfURO+J234GHE+QdBLVdVWCgs/pjJeSsLrwlcBrXt3M+PSK7jn/odYuvRhHn1kKQuvvpL4 jl34WuGluqmsrDyg4vE4DXvqMdqnuPADpk65mIeWPsZjjz/OE4/cz9TpV4WzFoIUWiVQKuxI ULNrN+ddcFHu2LshFtDDzg/RsiircZ4h41s8I+FcHJnsuVc2nEsf9M+ZoxXQP2m3VSHE51/2 BCI7Yya7PvSz+txba7Cmh2WPP8J1v/0zqSCFUgoXTZV20f07wl3CAy9g8eJb+XB9Sdir2Sqs 8XJ9ZJ0D5SzKGazxw+Ce9zzCqYTZkZZw5ErrMNgbG07fN1Ev63CTLY3RLlr72/cLMZxOH629 tibcCCrbA9uqcCQ5WnMabv6kc33QrQn/3jjQzuBcEI4SGg/nwjXD4RrovL7C0fE2Ub/x7DTZ cMdwn4qNhRz/n8fx8LMFYbg10bRZ8v+tza11Daeiq+hxRTssZ9c2m76Txr6WSeHfWx2uP7bO w9ggOpag++3iHt2vC/+//7En1yPdRiPuNtvrOLpPGx2nbF9oZwOcVejofnS0O7jLjTrm9QU3 DmuD8O+NYv2Hb7A1VhVe8Mhb+9pvaZazuWPlcs/Z9Hv/ZV/v7PGwNrteVgPR0gprotc0eg8c 5P2XO7ZG9bUdcxpnVG6ZRjZoZI9P30lZ2Np0S9lmCl5+mYKCAtasWdOvCgoKKCwsxGiFNdFz iOaJ27zXKv/2jbWo6HFbnaKzdS+zZ17OzpoGtHFgE1gdcOPNt1K8eQs6F9RM3nEkOl4BVivS 6QR/uuNWmprq0Sq8YGK0ZuXK5ax7933WvFTAcytXsOblF3jhueXcfvvtVNftQRlDe3sbxZs2 h8smcrMFiN5PKlrSonOvvYk+1zbaYMxF73VtDcapcFp23lTi8JjofqOt1oXPyeYd8+zPZz8b OBVukBdNWQ5/LjoXytuhPLuWOv9z5IDy8k2sKXiRgpdfCl+rNWt4eU34OhYUFPDBBx/kvl/D MK7yvv/Ie479vxuMcdH70vZ9JqLHFj6nqIzJ+zsT7VPQd1t9rfH6P/7sJnDhyL+NvjdU+HqY sD+7tT7GKF596QVeX/tPPB19rnWaeLyCm275I+2JJCoYeP8Cay1KByjfZ8ndi3nv3fdRWqNN gAnSrFi9gr8tupf21j08+dhTFKx9iTVrCnjwoaXce/9D4XvFfnYdRj4rxoFVDqUtngtwGYXO ZH/vSEgXhyf7nZDNXRLQJaAPSAK6EF8M2elU2WUt+ctbPpvb1xjdQXtLHctXvko66CYwLhd8 +m+EZcl4Pu+8uYZ0kEaZIBo5V9EuyGFpRxQ2Bj5ZcxCeYNr827fRyK/tv9lZFFgP8Qz6hYeB /r7fz+btcB3ev0G7MBw5G2CtyoW8fsHzIAUWo332te1l9epVVOyoRwXRhlkuezEhb4pw9t/m jsPhv47ZcBoGswCcPmTbJJd/f9Frkf9YDv+O8/rI277bO+hGhc6LgodG6160H045PpLn+qlE x8NEswecVYfs1ZwLfX1/Eo2uDvxvsmvOjfb5yx23c9bIEQwfPoIzzzwzV8OHD2fEiBEsXLiQ QKmB73e/wJsNYyZ70cF47GvbS3FRCYHKbkwXbgTW0d7CtqoqPG2j45l/oSP72ng4o0gkOnhv 3XsEqhutAqwxGJOgo72Nwo8+Ip3qoaS4hOVPL+O1V16ktb0Fzzi0sSjfx1Nhj+h+I+hkg7KJ plr3f4/nr+8O35s27+f6PnsHd/Dnlfv7f2GDzMWL/saI4WcyYviZ0WsXvn7DRwxn5MiRXHHl PLxoJPvQ3zsDO/D9FF5EcdFzyv/820N8x3zS7fe7GJG9QGI0VvsUF35EZ2cbvh+EF4N0L77K sObVtbQlUvhq4A0ArQ1n8Kigh82bNuL53eFsAG0wvk9vJsm6999Hez6NDXtY9dJqnn7qKUo2 bsLTNm9fhqE1gu4IvxP86IKRCzw8kyJtAwnn4rBlc1f+CPqRvn8koA+yoxHQS0pK2LBhgwR0 IY5x2VHzIAi455578D7jTeK0NWjdjfZTpLRC2V78aIQM+gdRnCKwmrSXJhUkUCaDtT7OBhhn ciOo2d2CnXEDhMEotLtgv9uORrijE/rsCLdx5MLhAWVtFMLCn8v+u+zJa7ZtUu5+nMI5lRuN dtEv28CBlw11JhxBVdlR1QPuz+bWsGZHuqxRWBOgTYDSGqscTpuw/zpgo9G1cI1+NOKYvQiw X9jPjibny96vyV5IyB7b6HiZaN35/nIhIDciZ/cLh/uHdZv7b353kDBkRaN92kSj5IfYzdxl cgHd2RTat+jAjy76HEr/8DXQ7efeLwc8/mi0n/0D+sHvLXcRJrupnrPg/GjWQN/zz7+vMED7 BF4S38uQ8bzcspMgCPB9H9/38TzvgGOde5zZ28rebjSSHu5yTjSrJMCaaIdsG7Ytw6ZxKkXg ZaL2hwcL6AYXzUZRSmOUxphw9NwZH6szGJVBBz5+oFDGoLWHNgGBJdxBXisCo8INtNwAAR3A 9U0Xz816yb43o4tfzhkG+uzuf2yzx6ZvVsB+z8se5DXPe2z5F40cA9++CnpRKonnpcPXTGn8 aNNAXykyQfiecQ6ctgf5fAx0+9FnJO8CRd/zCb/L8o8P9IXs/Mef20V9gMef3ePDWnLfednP iLEWpxVO+xitwu+iIOxyYI2PMSkCo/D1wS/uZqfWa5XBaA+tfbRR6MBitSYwPoH2sIHFmPB3 gdFhF4rADOGAHn13auPQxhHYFF2F69n5ylpZJiqOiDGG5uZm3nrrrVynCwnonyNHI6Avf3YV Tzy9IpomN9AvLiHEsSA7xdfXmjG/OJdkOsO/OorU7/YhDLXZqeW2b7TnQBbrLMaEJ2guezLt zIGh8hPvef/bzw9EfdO03YA/2//f9f85u9/Jbf8R9PwR9/4hNPqzfuHh8I5xXzCIbj//wsPB /g1H/n094Ek7HHDsP+k2jlT/AHEY9+VM3/PPBrRDjbh/ZgZ+Dx30YR7i333y/RwY4POZIz7p t/3ee3a/5QoOogAYTZP+pJvLrbMOR+Chb7p49nb6lg+Qm4Kdve/8pS2HeswDXywZ+O+Hgtwe DQO8PrlZANmf/cxOqA5+HD/tMdv/uyD8Hu9bbpK/nCh87bM71R/6M5zdSyT7OPIvxIW/G/JH /PsvxRns88+DznTSmqS14RR8pVHGUP/U42xeeD1W63BUnexzHPznIYai8PNgrKVqx07uXHxP v1H0wyUBfZBJH3QhxGcn/Hz/b/VBF0IIIT7vDh7QDSlrMVbhTEDaQd0zS6lYuFD6oItD6j9D S/qg708C+gAkoAvxRSEBXQghhPgkAy+FMvjOYlWAtRl6HTQ+vZStEtDFJ5CAfmgS0Afw1MpV PLViVbibbrSeSAK6EMeeflPcx02gN52RNXNCCCFEnux0fKOzy7DC3fG1NQTOYoMAbBqrHY1P PEblwuuxQbiRpAR0MZD8gG6MxlhLZfUO7rrnvtwa9CMhAX2QHY2A/nFxKeuLSqO2FhLQhThW ZQN62lfMvnwevekMxsjGNkIIIUSWtWELyEBpNpdVkEp7aGMxNuzUYbTCGA/nOWpfW0v5kntw KtpITwK6GED/EfRww86a+gaWPv5kruXakZCAPsiORkAPjCOIvoxkBF2IY1e2H7Ayln09SbS1 GNl5VgghhMixFpSx+Mrw17/dxa1/vIPyWCWZjBf9DlUENsD4joSXwHS1YLVG2XBkVAK62F9+ QLfGoI0howwpz+vXbu1wSUAfZEcjoDtn+7U+OZz+mUKIz59wd9lsz+EAZ4Pov7qvJY+UlJSU lNQXusJN4JRS/P2uJUyZfgVTZl7N72/6C+17OrDaERgFLoNvA9LO5rp3CHEwYVvYbLcajXVR B5tPQQL6IDsqAZ39+mdKQBfiGBVOrcq2STJSUlJSUlJSB5R14GnLXxbdx5TpV3LR9HlcMPMq fjlnPnc/+Dh7W/ehlcJkNE7LCbP4ZM7mt5M12AHayh4uCeiD7GgE9OyXUb+Abg+zR60Q4nPD WYMz4Ro5X2vSQUA6CMhISUlJSUlJkQkCUkFAjxfQnQn4813/4OIZ85gyYx4XzpjPlGnzuPiy q7hy3g0UV+8kkfFwysqglvgEti+gY6PBUfupl0FIQB9kRyOgf/Dhet7/8CN0bv2DJTvlVQhx 7HBWY1WA0pa/3nkv1/72ZhZcfzPXXncjC66XkpKSkpKSuva3v+fXN9zMtb+7lelXXMuUGVdx 0bSruGj61Vw25UqmXnol06Zfw7jZV3DbLTfSUR7HqfAcOjsjVQK76K9vBiOE75HuRC/xyq1H vP4cJKAPuqPSB335Sp54cjlKR7sIOgNOhetUhRDHDGc1RitSgWbU+El09GbwAkWgFIHSUlJS UlJSX/jyAoWvDUlP5U1xv4pJs3/FxTPnMWnmbH519Y089XwBpUsWU3L9zTjf5JaOWVkqKg4Q Dn5mA7q1UFW9gzsX3Y3+FJv1SkAfZEcjoK9YuYplT6/EWMI3SLSBFE595vclhBg81mqU1qS1 ZuQ559OZTKO1j7WK8JeGlJSUlJTUF7ucNVgTXrz+26Jwk7iLps/nohnXMH/61Sx+4B80N+8j aS1Ny/5B9cLrcRmNNRbjkIAuBmCjgc9wOYSxULV9J4sW3SMBHQnoA1r+zHM8tfxZCehCHONs 1PO8N9Ccde4FdKe9qJ+rfNaFEEIIAGs1Roe7uP/1ziVMmX4lU6bP55Y/30ttbDsZlSEILAln aVj+ANULbsD5FqONBHRxEOHeXs6BNQ5jHNXba1h01725NmtHQgL6IDs6Af3ZvhF0k23BJFPc hTjWOGuw1pBS4RT3MKBr2RBSCCGEiFhrMFrhBwF3Ll7C1QtuYO3bH9CZ9rC+Rlkf7VuUhT3L HqbiN7/DBVFAlynuYkC2X5csrR3bd9Ry5533SB90JKAP6IWXCnjxpYK+TeJyfZJlkzghjiXG GJRSJDIev5w6g0Q6gzVGAroQQggRcTZsReoHAZu3bKGprRXfKHxrsNqirEIri7aWuoLnKblz CU6FAV02iRMHkw3n1oI2jp21u3nwoUfCzQVlivvny9EI6MlUit5UOjfFPWyxJiftQhyLspvY tHZ0YuQzLoQQQvSTDUvW2ly/auNU2LdaO7SzKGtJOo1KtKPaO3DGhT8/yI9dDF35syqshYwf 0JPo/VS3JQF9kB04iX9+AAAEcUlEQVSNgB724qN/H3SZmiOEEEIIIb7Q8jePi9YQOwicJe0U gVM4mXEqDkN+tto/ex0pCeiD7KgEdGexzkpAF+ILo38/TiGEEEIcyDlwxuVGyHU0Rdlag1M+ Vrnwz+ScWXyCfgHd2XBGhvt052ES0AfZ0Qjo2oGyhBtbRNN6HJ/+qo4QYmjKbhKnTFjhZ76v L6cQQgghBua0RhtL2hkyJsBlLO1GoU0Ga3UY2skL9XIiLQ4QzsTQxhAYm1tefKSt1iSgD7Kj EdB3NTRS29AYnayH03QkoAtx7LHWYIwmMJoPCovIBL4EdCGEEOIwOKtR1hJYTWB8XMrRU1dH d7w8ugCeNxtVArrI0/dWCGcwGmvp6OmlekeNtFlDAvqAlj+7mqdXrkYbG7ZZQwK6EMeiMKAb PKUZN/F8Esl0eMXfyvo5IYQQ4lCcMwTOYrXC6jQubalbvoKNv78FpzXG6NzmqxLQRb78gG6N QRvDtu07uWvJ/xxxizWQgD7ojkZAf3rlap585tkwlMsUdyGOWdnPt6cNY86ZSCrjyQmEEEII cRictQSOMKA7n7SFxqceoeK6hTitsUbnzp/ld6vI138EPeymU7WjhjsXL5E2a0hAH9DTK1fz 5HIJ6EIc67InDJ42jD3nPFIZX04ihBBCiMPgjCNjwdoAawMSDhqeeYTYb6KArnXf7tzyu1Xk OTCgIwE9jwT0AUhAF+KLoX9AP18CuhBCCHGYnHb0WtA2wCmFZxx7lj9KfKCAPtgPVgwpEtAP TQL6ACriWymPVR7wZSJfLkIcm7SxrHh2FYHSg/1QhBBCiM8FZxy+BeM0zhiMcfRUlNH29ls4 E/VJRwa5xCcJ3yftnZ0UFhVLQEcCuhBCCCGEEEKIzykJ6INMAroQQgghhBBCCJCAPugkoAsh hBBCCCGEAAnog04CuhBCCCGEEEIIkIA+6PYP6I3X3EK6YpuUlJSUlJSUlJSUlJTUF6y2DfuZ BPTBtH9Al5KSkpKSkpKSkpKSkpKKf1UC+lEnAV1KSkpKSkpKSkpKSkpqoJKAfpRJQJeSkpKS kpKSkpKSkpIaqCSgH2US0KWkpKSkpKSkpKSkpKQGKgnoR1lm6w7SWyqlpKSkpKSkpKSkpKSk pPqVamkf7Mj6L/ncBXQhhBBCCCGEEOJYJAFdCCGEEEIIIYQYAiSgCyGEEEIIIYQQQ4AEdCGE EEIIIYQQYgiQgC6EEEIIIYQQQgwBEtCFEEIIIYQQQoghQAK6EEIIIYQQQggxBEhAF0IIIYQQ QgghhgAJ6EIIIYQQQgghxBAgAV0IIYQQQgghhBgCJKALIYQQQgghhBBDgAR0IYQQQgghhBBi CJCALoQQQgghhBBCDAES0IUQQgghhBBCiCFAAroQQgghhBBCCDEESEAXQgghhBBCCCGGAAno QgghhBBCCCHEECABXQghhBBCCCGEGAIkoAshhBBCCCGEEEOABHQhhBBCCCGEEGIIkIAuhBBC CCGEEEIMARLQhRBCCCGEEEKIIeD/A+emdm2x82CRAAAAAElFTkSuQmCC --------------A76A1918F900FD1F7DE7D23A-- --------------1C55A543F2ED6FE2CB7FC935-- --WKSkSqE9w9IEuMhoEqEmHMvWJEoTAbG4F-- --O66mr07T1mGIT2wqnMvbzxZLniR1vBg5V Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="OpenPGP_signature" -----BEGIN PGP SIGNATURE----- wsF5BAABCAAjFiEEDtqqxgHePX8hI3D4RTXA59sW8UgFAl/QgukFAwAAAAAACgkQRTXA59sW8UiW UQ/+Mzmgjt3CJ6CuqovlXZuPOvnuwBXMeWo1Km8rSsGM9aiiXOUYseW2NUxAJgr5UK/eSp13nCLG PyI/M3rPNhrbOJYwBlPrkWAoi73Wbh7aBD+k9gOJ1/smaytOhWV5aMlPBMmdhpkEB6cbenYg1Ann ZINZbEgh0zzTAwHtDB5NyhzzZbPWNosjb/PQxkbYzS9eJTMGpvBt3Hs0Z8hHjtUXHy+dXx1Flpq+ TQih7/xqQozRQmOjVJ36e5S633NNwRmHsD91ryjyB53hEWK6vLVmOVHkYWBcgyWuj3JNX2if4ND/ x5ROtZLCIUGjJPFFYT1Hzgcw6nWvSH1/LL1ti4ilVAZgaRbjNnwwzTn4ZNFaSyliSRIX/1n/Kcuq F6CuoDiRafJCKxzvIq+Fll1z21EFqOzP3VyOvnXxkPHniMK6ykOnfciDZaLpY7mimKyHBj2YbqJe ykfI8eCB17KJD8sLuWz+zgjhfrUSdLv8K2A3M343CkMQ1oCKvwj0zXHDuWn+DGgs/+w4XqGjmhhk IEYXq+qvMRzs4K9F9dGs6tZVgoegEvOVgJ51dchMoyHsSqmJGNGBwIqr+vjPLNdRUAqWwbuwpn3Y 3Obv7mqbGcU0tOziB6Nx3UqRl8UGemZYsWkz3+xeAvHQFEePb6X1UlMsYtZ3DtqdMcwYoYPSOmXS wGY= =t98r -----END PGP SIGNATURE----- --O66mr07T1mGIT2wqnMvbzxZLniR1vBg5V-- From nobody Wed Dec 9 00:45:51 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6F9303A0E57 for ; Wed, 9 Dec 2020 00:45:50 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.896 X-Spam-Level: X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_FONT_FACE_BAD=0.001, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ASKdES3Z02zk for ; Wed, 9 Dec 2020 00:45:48 -0800 (PST) Received: from p3plsmtpa12-07.prod.phx3.secureserver.net (p3plsmtpa12-07.prod.phx3.secureserver.net [68.178.252.236]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1A8BC3A0365 for ; Wed, 9 Dec 2020 00:45:48 -0800 (PST) Received: from [192.168.88.250] ([94.155.17.31]) by :SMTPAUTH: with ESMTPSA id mv6Yks6PRJwSFmv6YkobKl; Wed, 09 Dec 2020 01:45:47 -0700 X-CMAE-Analysis: v=2.4 cv=dcRFYVbe c=1 sm=1 tr=0 ts=5fd08ebb a=+I3yL00+yDwT8KNLgfs+4A==:117 a=+I3yL00+yDwT8KNLgfs+4A==:17 a=q0rX5H01Qin5IyBaTmIA:9 a=r77TgQKjGQsHNAKrUKIA:9 a=8HkmfUwDAAAA:20 a=48vgC7mUAAAA:8 a=yCE9nInwAAAA:8 a=A1X0JdhQAAAA:8 a=AoMLT2mTcbODp-Ium70A:9 a=QEXdDO2ut3YA:10 a=pGLkceISAAAA:8 a=jRJ-pIbmMatcFnQ4BfsA:9 a=JWUEXBTJH14ar9yh:21 a=_W_S_7VecoQA:10 a=D8lnhvtxf0AONpHuB7QA:9 a=ZVk8-NSrHBgA:10 a=30ssDGKg3p0A:10 a=w1C3t2QeGrPiZgrLijVG:22 a=n6bEelttlQx3_n4Es6hb:22 a=Df3jFdWbhGDLdZNm0fyq:22 a=EGhOoitCJuQMvEZ8ckLK:22 a=pHzHmUro8NiASowvMSCR:22 a=n87TN5wuljxrRezIQYnT:22 X-SECURESERVER-ACCT: vladimir@connect2id.com To: oauth@ietf.org References: <30D5F7BA-EA54-4E40-A2FC-222AA0C9AF8D@lodderstedt.net> <353E4494-2F80-44BC-9267-6FB8B37AA0FE@lodderstedt.net> <1B663AA7-563D-4D25-A408-9ED10FD818AC@forgerock.com> From: Vladimir Dzhuvinov Autocrypt: addr=vladimir@connect2id.com; prefer-encrypt=mutual; keydata= mQENBFQZaoEBCACnP2YMDex9fnf+niLglTHGKuoypUSVKPQeKDHHeFQVzhRke+HBEZBwmA9T kZ+kEhyrNqibDPkPYVPmo23tM8mbNcTVQqpmN7NwgMpqkqcAqNsIyBtt09DjWOQVm57A3K+y uXI7SdNErdt79p2xQseOhqSC9+LgWuyh+mZsl2oFD4glFFfKSCMp2jATXrAMeGzigTnW+Xe0 tRzrwFN9zqykKxhUq9oHg1cNvoDtfxgsc9ysVHbxM/PM8o9lgj3YTQwKMBcCFclTqohji7ML fQ08eQo+acKTwC1WRzeLt9PknGt3C4TmvdCl0c1BQTTTNiF96Hu4kbaiBIbsfxJOR8+VABEB AAG0LFZsYWRpbWlyIER6aHV2aW5vdiA8dmxhZGltaXJAY29ubmVjdDJpZC5jb20+iQE+BBMB AgAoBQJUGWqBAhsjBQkJZgGABgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRAZ0vUyOqri Ql62B/wOO0s2JC/QvO6w9iSsRhCOa/JZi+wO+l01V7eGCQ1cYf1W26Y7iKiUlY4/Kz+cr69D pMtkv3UpDTGejKEfspLUxz5Vo3T4oAKbTtNtVIZL/XxH3/JhJ719Jj4eLoe9/djKkGYTX2O5 bMk8TpO1DDjbIw4r9XKI9ZIk96zlKnZvrg7Ho7oOl0ZIf8AzcvdqZEUogDwyr8uwOU+jIyux mOTthepBzXCNjjBjnc8I1//9YppAIaGJ5nnXelVVD1/dyOszogervzFNANEIOvNvCd9G5u4e s7qkDKWKY7/Lj1tF+tMrDTrOh6JqUKbGNeTUB8DlPvIoNyqHUYfBELdpw1Nd X-Enigmail-Draft-Status: N11100 Organization: Connect2id Ltd. Message-ID: Date: Wed, 9 Dec 2020 10:45:45 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-256; boundary="------------ms000802010905090708080801" X-CMAE-Envelope: MS4xfGp7M2g+bqlSOCyYW5yHmh0/YGqeHRKzMoUBkbYCLQGJuaXZCXJj4zklc2cZWBnL1Epg7xPpMzN3Dpd/HA6Q7TjIEzehc4vgxQu/6wtEScGyj6oVi4YW rL5E3F8F4GbAmQIKCGv/5bFH8/oH23woHBULkO3W6Gt3KgRp68hmunHaV2yqNgiw5heL+s1PjpAMcg== Archived-At: Subject: Re: [OAUTH-WG] DPoP followup I: freshness and coverage of signature X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Dec 2020 08:45:50 -0000 This is a cryptographically signed message in MIME format. --------------ms000802010905090708080801 Content-Type: multipart/alternative; boundary="------------485304AEC7D86F3A52E573E5" Content-Language: en-US This is a multi-part message in MIME format. --------------485304AEC7D86F3A52E573E5 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Do we have deployments in the field and client-side developers giving feedback / comments about the current DPoP, implementing it, and perhaps those concerns about the access token? Vladimir On 08/12/2020 23:47, Brian Campbell wrote: > Danial recently added some text to the working copy of the draft with > https://github.com/danielfett/draft-dpop/commit/f4b42058 that I think > aims to better convey the "nutshell: XSS =3D Game over" sentiment and > maybe dissuade folks from looking to DPoP as a cure-all for browser > based applications. Admittedly a lot of the initial impetus behind > producing the draft in the first place was born out of discussions > around browser based apps. But it's neither specific to browser based > apps nor a panacea for them. I hope the language in the document and > how it's recently been presented is reflective of that reality. > > The more specific discussions/recommendations around in-browser apps > are valuable (if somewhat over my head) but might be more appropriate > in the OAuth 2.0 for Browser-Based Apps > = > draft. > > With respect to the contents of the DPoP draft, I am still keen to try > and flush out some consensus around the question posed in the start of > this thread, which is effectively whether or not to include a hash of > the access token in the proof.=C2=A0 Acknowledging that "XSS =3D Game o= ver" > does sort of evoke a tendency to not even bother with such incremental > protections (what I've tried to humorously coin as "XSS Nihilism" with > no success). And as such, I do think that leaving it how it is (no AT > hash in the proof) is not unreasonable. But, as Filip previously > articulated, including the AT hash in the proof would prevent > potentially prolonged access to protected resources even when the > victim is offline. And that seems maybe worthwhile to have in the > protocol, given that it's not a huge change to the spec. But it's a > trade-off either way and I'm personally on the fence about it. > > Including an RT hash in the proof seems more niche. Best I can tell, > it would guard against prolonged offline access to protected resources > when access tokens are bearer and the RT was DPoP-bound and also gets > rotated. The trade-off there seems less worth it (I think an RT hash > would be more awkward in the protocol too). > > > > > > > > On Fri, Dec 4, 2020 at 5:40 AM Philippe De Ryck > > wrote: > > >> The suggestion to use a web worker to ensure that proofs cannot >> be pre-computed is a good one I think. (You could also use a >> sandboxed iframe for a separate sub/sibling-domain - >> dpop.example.com ). > > An iframe with a different origin would also work (not really > sandboxing, as that implies the use of the sandbox attribute to > enforce behavioral restrictions). The downside of an iframe is the > need to host additional HTML, vs a script file for the worker, but > the effect is indeed the same. > >> For scenario 4, I think this only works if the attacker can >> trick/spoof the AS into using their redirect_uri? Otherwise the >> AC will go to the legitimate app which will reject it due to >> mismatched state/PKCE. Or are you thinking of XSS on the >> redirect_uri itself? I think probably a good practice is that the >> target of a redirect_uri should be a very minimal and locked down >> page to avoid this kind of possibility. (Again, using a separate >> sub-domain to handle tokens and DPoP seems like a good idea). > > My original thought was to use a silent flow with Web Messaging. > The scenario would go as follows: > > 1. Setup a Web Messaging listener to receive the incoming code > 2. Create a hidden iframe with the DOM APIs > 3. Create an authorization request such as > =E2=80=9C//authorize?response_type=3Dcode&client_id=3D...&redirect_= uri=3Dhttps%3A%2F%example.com > &state=3D...&code_challenge=3D7-ffnU1EzHtMfxOAd= lkp_WixnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256&prompt=3Dnone&res= ponse_mode=3Dweb_message/=E2=80=9D > 4. Load this URL in the iframe, and wait for the result > 5. Retrieve code in the listener, and use PKCE (+ DPoP if needed) > to exchange it for tokens > > This puts the attacker in full control over every aspect of the > flow, so no need to manipulate any of the parameters. > > > After your comment, I also believe an attacker can run the same > scenario without the =E2=80=9C/response_mode=3Dweb_message/=E2=80=9D= =2E This would go > as follows: > > 1. Create a hidden iframe with the DOM APIs > 2. Setup polling to read the URL (this will be possible for > same-origin pages, not for cross-origin pages) > 3. Create an authorization request such as > =E2=80=9C//authorize?response_type=3Dcode&client_id=3D...&redirect_= uri=3Dhttps%3A%2F%example.com > &state=3D...&code_challenge=3D7-ffnU1EzHtMfxOAd= lkp_WixnAM_z9tMh3JxgjazXAk&code_challenge_method=3DS256/=E2=80=9D > 4. Load this URL in the iframe, and keep polling > 5. Detect the redirect back to the application with the code in > the URL, retrieve code, and use PKCE (+ DPoP if needed) to > exchange it for tokens > > In step 5, the application is likely to also try to exchange the > code. This will fail due to a mismatching PKCE verifier. While > noisy, I don=E2=80=99t think it affects the scenario.=C2=A0 > > >> IMO, the online attack scenario (i.e., proxying malicious >> requests through the victim=E2=80=99s browser) is quite appealing = to an >> attacker, despite the apparent inconvenience: >> >> =C2=A0- the victim=E2=80=99s browser may be inside a corporate fir= ewall or >> VPN, allowing the attacker to effectively bypass these restriction= s >> =C2=A0- the attacker=E2=80=99s traffic is mixed in with the user=E2= =80=99s own >> requests, making them harder to distinguish or to block >> >> Overall, DPoP can only protect against XSS to the same level as >> HttpOnly cookies. This is not nothing, but it means it only >> prevents relatively naive attacks. Given the association of >> public key signatures with strong authentication, people may have >> overinflated expectations if DPoP is pitched as an XSS defence. > > Yes, in the cookie world this is known as =E2=80=9CSession Riding=E2= =80=9D. Having > the worker for token isolation would make it possible to enforce a > coarse-grained policy on outgoing requests to prevent total abuse > of the AT. > > My main concern here is the effort of doing DPoP in a browser > versus the limited gains. It may also give a false sense of securit= y.=C2=A0 > > > > With all this said, I believe that the AS can lock down its > configuration to reduce these attack vectors. A few initial ideas: > > 1. Disable silent flows for SPAs using RT rotation > 2. Use the sec-fetch headers to detect and reject non-silent > iframe-based flows > > For example, =C2=A0an OAuth 2.0 flow in an iframe in Brave/Chrome > carries these headers: > / > sec-fetch-dest: iframe > sec-fetch-mode: navigate > sec-fetch-site: cross-site > sec-fetch-user: ?1 > / > > > Philippe > > > /CONFIDENTIALITY NOTICE: This email may contain confidential and > privileged material for the sole use of the intended recipient(s). Any > review, use, distribution or disclosure by others is strictly > prohibited.=C2=A0 If you have received this communication in error, ple= ase > notify the sender immediately by e-mail and delete the message and any > file attachments from your computer. Thank you./ > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth --=20 Vladimir Dzhuvinov --------------485304AEC7D86F3A52E573E5 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable

    Do we have deployments in the field and client-side developers giving feedback / comments about the current DPoP, implementing it, and perhaps those concerns about the access token?

    Vladimir

    On 08/12/2020 23:47, Brian Campbell wrote:
    Danial recently added some text to the working copy of the draft with https://github.com= /danielfett/draft-dpop/commit/f4b42058 that I think aims to better convey the "nutshell: XSS =3D Game over" sentiment and maybe dissuade folks from looking to DPoP as a cure-all for browser based applications. Admittedly a lot of the initial impetus behind producing the draft in the first place was born out of discussions around browser based apps. But it's neither specific to browser based apps nor a panacea for them. I hope the language in the document and how it's recently been presented is reflective of that reality.

    The more specific discussions/recommendations around in-browser apps are valuable (if somewhat over my head) but might be more appropriate in the OAuth 2.0 for Browser-Based Apps draft.

    With respect to the contents of the DPoP draft, I am still keen to try and flush out some consensus around the question posed in the start of this thread, which is effectively whether or not to include a hash of the access token in the proof.=C2=A0 Acknowledging that "XSS =3D Game over" does sort o= f evoke a tendency to not even bother with such incremental protections (what I've tried to humorously coin as "XSS Nihilism" with no success). And as such, I do think that leaving it how it is (no AT hash in the proof) is not unreasonable. But, as Filip previously articulated, including the AT hash in the proof would prevent potentially prolonged access to protected resources even when the victim is offline. And that seems maybe worthwhile to have in the protocol, given that it's not a huge change to the spec. But it's a trade-off either way and I'm personally on the fence about it.

    Including an RT hash in the proof seems more niche. Best I can tell, it would guard against prolonged offline access to protected resources when access tokens are bearer and the RT was DPoP-bound and also gets rotated. The trade-off there seems less worth it (I think an RT hash would be more awkward in the protocol too).







    On Fri, Dec 4, 2020 at 5:40= AM Philippe De Ryck <philippe@pragmatic= websecurity.com> wrote:
    =

    The suggestion to use a web worker to ensure that proofs cannot be pre-computed is a good one I think. (You could also use a sandboxed iframe for a separate sub/sibling-domain - dpop= =2Eexample.com).

    An iframe with a different origin would also work (not really sandboxing, as that implies the use of the sandbox attribute to enforce behavioral restrictions). The downside of an iframe is the need to host additional HTML, vs a script file for the worker, but the effect is indeed the same.

    For scenario 4, I think this only works if the attacker can trick/spoof the AS into using their redirect_uri? Otherwise the AC will go to the legitimate app which will reject it due to mismatched state/PKCE. Or are you thinking of XSS on the redirect_uri itself? I think probably a good practice is that the target of a redirect_uri should be a very minimal and locked down page to avoid this kind of possibility. (Again, using a separate sub-domain to handle tokens and DPoP seems like a good idea).

    My original thought was to use a silent flow with Web Messaging. The scenario would go as follows:

    1. Setup a Web Messaging listener to receive the incoming code
    2. Create a hidden iframe with the DOM APIs
    3. Create an authorization request such as =E2=80=9C= /authorize?response_type=3Dcode&client_id=3D...&redirect_uri=3D= https%3A%2F%example.com&state=3D= =2E..&code_challenge=3D7-ffnU1EzHtMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&am= p;code_challenge_method=3DS256&prompt=3Dnone&response_mode=3Dweb_= message=E2=80=9D
    4. Load this URL in the iframe, and wait for the result
    5. Retrieve code in the listener, and use PKCE (+ DPoP if needed) to exchange it for tokens

    This puts the attacker in full control over every aspect of the flow, so no need to manipulate any of the parameters.


    After your comment, I also believe an attacker can run the same scenario without the =E2=80=9Cresponse_= mode=3Dweb_message=E2=80=9D. This would go as follows:

    1. Create a hidden iframe with the DOM APIs
    2. Setup polling to read the URL (this will be possible for same-origin pages, not for cross-origin pages)
    3. Create an authorization request such as =E2=80=9C= /authorize?response_type=3Dcode&client_id=3D...&redirect_uri=3D= https%3A%2F%example.com&stat= e=3D...&code_challenge=3D7-ffnU1EzHtMfxOAdlkp_WixnAM_z9tMh3JxgjazXAk&= amp;code_challenge_method=3DS256=E2=80=9D
    4. Load this URL in the iframe, and keep polling
    5. Detect the redirect back to the application with the code in the URL, retrieve code, and use PKCE (+ DPoP if needed) to exchange it for tokens

    In step 5, the application is likely to also try to exchange the code. This will fail due to a mismatching PKCE verifier. While noisy, I don=E2=80=99= t think it affects the scenario.=C2=A0


    IMO, the online attack scenario (i.e., proxying malicious requests through the victim=E2= =80=99s browser) is quite appealing to an attacker, despite the apparent inconvenience:

    =C2=A0- the victim=E2=80=99s browser may be in= side a corporate firewall or VPN, allowing the attacker to effectively bypass these restrictions
    =C2=A0- the attacker=E2=80=99s traffic is mixe= d in with the user=E2=80=99s own requests, making them hard= er to distinguish or to block

    Overall, DPoP can only protect against XSS to the same level as HttpOnly cookies. This is not nothing, but it means it only prevents relatively naive attacks. Given the association of public key signatures with strong authentication, people may have overinflated expectations if DPoP is pitched as an XSS defence.

    Yes, in the cookie world this is known as =E2=80=9CS= ession Riding=E2=80=9D. Having the worker for token isolation = would make it possible to enforce a coarse-grained policy on outgoing requests to prevent total abuse of the AT.

    My main concern here is the effort of doing DPoP in a browser versus the limited gains. It may also give a false sense of security.=C2=A0



    With all this said, I believe that the AS can lock down its configuration to reduce these attack vectors. A few initial ideas:

    1. Disable silent flows for SPAs using RT rotation
    2. Use the sec-fetch headers to detect and reject non-silent iframe-based flows

    For example, =C2=A0an OAuth 2.0 flow in an iframe in= Brave/Chrome carries these headers:
    sec-fetch-dest: iframe
    sec-fetch-mode: navigate
    sec-fetch-site: cross-site
    sec-fetch-user: ?1


    Philippe


    C= ONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.=C2=A0 If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you. 
    ____________________________=
___________________
OAuth mailing list
OAut=
h@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

    --=20
Vladimir Dzhuvinov
    --------------485304AEC7D86F3A52E573E5-- --------------ms000802010905090708080801 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADCABgkqhkiG9w0BBwEAAKCC CzMwggUbMIIEA6ADAgECAhBs/e7jES6a32XKZxs4R01iMA0GCSqGSIb3DQEBCwUAMIGWMQsw CQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxm b3JkMRgwFgYDVQQKEw9TZWN0aWdvIExpbWl0ZWQxPjA8BgNVBAMTNVNlY3RpZ28gUlNBIENs aWVudCBBdXRoZW50aWNhdGlvbiBhbmQgU2VjdXJlIEVtYWlsIENBMB4XDTE5MTEwMjAwMDAw MFoXDTIxMTEwMTIzNTk1OVowKDEmMCQGCSqGSIb3DQEJARYXdmxhZGltaXJAY29ubmVjdDJp ZC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG5mL+CcvSppMj/W8Kd0/E 1/y5/s94gmbIFzEugHyMPV2dd6lusiALe35QCtu3e8Wy6FkCwzxWmmzhF4FY/e4uPbDjco3w /GgHhz2KXe385u31c32/uM3jRqhYT5JvmXxte/GgmjcW1yWcPkKEz/sCezdIYpI9Pek+P4Gr xmbt8H+wJrwfrXKTJXXT+gFjCcZDRLm67X4U57TsaCoezTe7zOoPX9zxMTyZD/cvC/SfuVxQ U60ZsfZzdcgPwScgy3JaiPegcbnqqebjJqtRx42eRjrBZ1/u411rHN2QQLgiih7D1/4PJC9f /8nHgaerLy3ogdu1dw5+vQ1TRIYBmcIXAgMBAAGjggHQMIIBzDAfBgNVHSMEGDAWgBQJwPL8 C9qU21/+K9+omULPyeCtADAdBgNVHQ4EFgQU446sriG/NgywLZA2oBG79Yr2qyAwDgYDVR0P AQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwQGCCsGAQUFBwMC MEAGA1UdIAQ5MDcwNQYMKwYBBAGyMQECAQEBMCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8vc2Vj dGlnby5jb20vQ1BTMFoGA1UdHwRTMFEwT6BNoEuGSWh0dHA6Ly9jcmwuc2VjdGlnby5jb20v U2VjdGlnb1JTQUNsaWVudEF1dGhlbnRpY2F0aW9uYW5kU2VjdXJlRW1haWxDQS5jcmwwgYoG CCsGAQUFBwEBBH4wfDBVBggrBgEFBQcwAoZJaHR0cDovL2NydC5zZWN0aWdvLmNvbS9TZWN0 aWdvUlNBQ2xpZW50QXV0aGVudGljYXRpb25hbmRTZWN1cmVFbWFpbENBLmNydDAjBggrBgEF BQcwAYYXaHR0cDovL29jc3Auc2VjdGlnby5jb20wIgYDVR0RBBswGYEXdmxhZGltaXJAY29u bmVjdDJpZC5jb20wDQYJKoZIhvcNAQELBQADggEBAEE73kCtUigl/bhLrqS6AsCU+jKm1fxq BY09+ktBwVcu5WgM18Uov3WvzVnjXn5BNNVM3RwhWFXyW3pPnDPyjqgxcpfoyY5SJEzvcPlu wm69z/dzqasVhsHPIFSjACnUBrFZPsq/abMQr4yFOMVyX/EudYgmZVu2Er9Ui7YbTO1Nolap xlseQIgQhVcr7aSs02PLDANuwW/asgKExYzhPdt9MF1lezj968Mv74kRo1T/lm5RFNfh2QdM 9C0n1t+qRCrRF1VbsiTgChjazgNGbvl12bOAujX0up4hqw+7PaCcI3Mpyv/rKKKrRG52iCcv cMHX344tOqKM/DIdF/0WNpkwggYQMIID+KADAgECAhBNlCwQ1DvglAnFgS06KwZPMA0GCSqG SIb3DQEBDAUAMIGIMQswCQYDVQQGEwJVUzETMBEGA1UECBMKTmV3IEplcnNleTEUMBIGA1UE BxMLSmVyc2V5IENpdHkxHjAcBgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29yazEuMCwGA1UE AxMlVVNFUlRydXN0IFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0xODExMDIwMDAw MDBaFw0zMDEyMzEyMzU5NTlaMIGWMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBN YW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRgwFgYDVQQKEw9TZWN0aWdvIExpbWl0ZWQx PjA8BgNVBAMTNVNlY3RpZ28gUlNBIENsaWVudCBBdXRoZW50aWNhdGlvbiBhbmQgU2VjdXJl IEVtYWlsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjztlApB/975Rrno 1jvm2pK/KxBOqhq8gr2+JhwpKirSzZxQgT9tlC7zl6hn1fXjSo5MqXUfItMltrMaXqcESJuK 8dtK56NCSrq4iDKaKq9NxOXFmqXX2zN8HHGjQ2b2Xv0v1L5Nk1MQPKA19xeWQcpGEGFUUd0k N+oHox+L9aV1rjfNiCj3bJk6kJaOPabPi2503nn/ITX5e8WfPnGw4VuZ79Khj1YBrf24k5Ee 1sLTHsLtpiK9OjG4iQRBdq6Z/TlVx/hGAez5h36bBJMxqdHLpdwIUkTqT8se3ed0PewDch/8 kHPo5fZl5u1B0ecpq/sDN/5sCG52Ds+QU5O5EwIDAQABo4IBZDCCAWAwHwYDVR0jBBgwFoAU U3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFAnA8vwL2pTbX/4r36iZQs/J4K0AMA4G A1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMC BggrBgEFBQcDBDARBgNVHSAECjAIMAYGBFUdIAAwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDov L2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUNlcnRpZmljYXRpb25BdXRob3JpdHku Y3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3Qu Y29tL1VTRVJUcnVzdFJTQUFkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2Nz cC51c2VydHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQBBRHUAqznCFfXejpVtMnFojADd F9d6HBA4kMjjsb0XMZHztuOCtKF+xswhh2GqkW5JQrM8zVlU+A2VP72Ky2nlRA1GwmIPgou7 4TZ/XTarHG8zdMSgaDrkVYzz1g3nIVO9IHk96VwsacIvBF8JfqIs+8aWH2PfSUrNxP6Ys7U0 sZYx4rXD6+cqFq/ZW5BUfClN/rhk2ddQXyn7kkmka2RQb9d90nmNHdgKrwfQ49mQ2hWQNDkJ JIXwKjYA6VUR/fZUFeCUisdDe/0ABLTI+jheXUV1eoYV7lNwNBKpeHdNuO6Aacb533JlfeUH xvBz9OfYWUiXu09sMAviM11Q0DuMZ5760CdO2VnpsXP4KxaYIhvqPqUMWqRdWyn7crItNkZe roXaecG03i3mM7dkiPaCkgocBg0EBYsbZDZ8bsG3a08LwEsL1Ygz3SBsyECa0waq4hOf/Z85 F2w2ZpXfP+w8q4ifwO90SGZZV+HR/Jh6rEaVPDRF/CEGVqR1hiuQOZ1YL5ezMTX0ZSLwrymU E0pwi/KDaiYB15uswgeIAcA6JzPFf9pLkAFFWs1QNyN++niFhsM47qodx/PL+5jR87myx5uY dBEQkkDc+lKB1Wct6ucXqm2EmsaQ0M95QjTmy+rDWjkDYdw3Ms6mSWE3Bn7i5ZgtwCLXgAIe 5W8mybM2JzGCBDIwggQuAgEBMIGrMIGWMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRl ciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRgwFgYDVQQKEw9TZWN0aWdvIExpbWl0 ZWQxPjA8BgNVBAMTNVNlY3RpZ28gUlNBIENsaWVudCBBdXRoZW50aWNhdGlvbiBhbmQgU2Vj dXJlIEVtYWlsIENBAhBs/e7jES6a32XKZxs4R01iMA0GCWCGSAFlAwQCAQUAoIICVzAYBgkq hkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0yMDEyMDkwODQ1NDVaMC8G CSqGSIb3DQEJBDEiBCCYwQvEz1uVvQ1MM9v3HjseUk0Ws6E1jxk1Oe21B5kXWDBsBgkqhkiG 9w0BCQ8xXzBdMAsGCWCGSAFlAwQBKjALBglghkgBZQMEAQIwCgYIKoZIhvcNAwcwDgYIKoZI hvcNAwICAgCAMA0GCCqGSIb3DQMCAgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMIG8Bgkr BgEEAYI3EAQxga4wgaswgZYxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNo ZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE+MDwG A1UEAxM1U2VjdGlnbyBSU0EgQ2xpZW50IEF1dGhlbnRpY2F0aW9uIGFuZCBTZWN1cmUgRW1h aWwgQ0ECEGz97uMRLprfZcpnGzhHTWIwgb4GCyqGSIb3DQEJEAILMYGuoIGrMIGWMQswCQYD VQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3Jk MRgwFgYDVQQKEw9TZWN0aWdvIExpbWl0ZWQxPjA8BgNVBAMTNVNlY3RpZ28gUlNBIENsaWVu dCBBdXRoZW50aWNhdGlvbiBhbmQgU2VjdXJlIEVtYWlsIENBAhBs/e7jES6a32XKZxs4R01i MA0GCSqGSIb3DQEBAQUABIIBACVuvTtJSnyzpCNazUAEH3KJmzJAkq5nQzkQ2GEdRtLA1m9p w/ZttOE1cmNL7ytfT4Hz6TCmBm3oUwv7JRltEyN1zw9UGJKgVtL+WvmrQ1F0zewtS504iSqY ES0Ju8B2j/NvN0HJCh9v6ueGJStWVskHsyWuO+kC7McMWQ6MBSPfQ9SUJwcXYGhSBDmgvD2v PMAZ/9gZQz0bhzVxiNDRlP42ar9P9RW34R26RJCngkewH5a4NkUhOL+9p2M1+FwIHbu8qFk7 U+RN8qAcLY1yQVwpuTXuyQ6fHYNw37aei6TtXWvRUsI6OmPOOCmOpx3buh/Z1/ATEd3F3kTB O6fg91wAAAAAAAA= --------------ms000802010905090708080801-- From nobody Wed Dec 9 01:47:59 2020 Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 446073A123F for ; Wed, 9 Dec 2020 01:47:57 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.087 X-Spam-Level: X-Spam-Status: No, score=-2.087 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=rhosys.ch Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WJwL2XbIY3cI for ; Wed, 9 Dec 2020 01:47:55 -0800 (PST) Received: from mail-io1-xd2d.google.com (mail-io1-xd2d.google.com [IPv6:2607:f8b0:4864:20::d2d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F12693A1236 for ; Wed, 9 Dec 2020 01:47:54 -0800 (PST) Received: by mail-io1-xd2d.google.com with SMTP id i9so1010670ioo.2 for ; Wed, 09 Dec 2020 01:47:54 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rhosys.ch; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=npS/GM5biE3jBFdu8so+nPOX0XVNm0TjeFL2Ilc+j5g=; b=wWTDrcZHSA2khfzY+vj40dhOJi8lZdC9tkbkfPSCgY+/Fk86b5pjksSlDv6TDQvt6W /vohIYo+SaoFMGyTjBKibZZsWXKJwnIdOOqvp3lISzr/7IOzEsMKLnpoI/8t4zu3NPBF gn4rn3RuWVrWkQjkutjj8EhaK/z/xjjB6Z2/U= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=npS/GM5biE3jBFdu8so+nPOX0XVNm0TjeFL2Ilc+j5g=; b=KUX9svtrSyIP8XxWYcwfIzMtskSvCjsTfSCr81itina3YMU5/mMrfKdO5DDZJ0ugUA 9I6z/WMSynt0yGFUpycIDb6lPWX7oV1poDIROL5Nyuw7DdQRRLjUToJ4XG2TYbWq/C7C mhhJNwAFoms5enHHuJKJ1IxiGCcPGJ5uVUlKlx9g+M82Vf6onAKxI5oOEbFlKXcrXKF3 /mOpxioA5XNE7B2GEgnWc/aftA+SrwcbbiMTUyTi6hB8XSPDUfpP2cHBLtJMo6tX3OmR 2giDGZ4M8eRqt0qNoPjI4qKClrj/LwYIkSMq7JNaTK8A2zaMnAAb8GJcCeOJcrTeu2oQ xw/Q== X-Gm-Message-State: AOAM531JJBvxpZcmegR213cW9GKpiTgSxv8lrjj2nMhSr2v1ufXTmFin xCaS80zwO/hNzrmJzfonL5v8OgTvPgFoiTmqChc3 X-Google-Smtp-Source: ABdhPJxx7zOXBTQkPPNE3O+Jqr1otK3a2AJMlWV8rD1TmqNvR8EPwQidONnEUBmEjGgrPEIss3CYEEHwypakO3XEmfA= X-Received: by 2002:a5e:c609:: with SMTP id f9mr1741567iok.41.1607507273382; Wed, 09 Dec 2020 01:47:53 -0800 (PST) MIME-Version: 1.0 References: <09d3639d-7d7e-9582-d728-cc223d21bcb6@hackmanit.de> In-Reply-To: <09d3639d-7d7e-9582-d728-cc223d21bcb6@hackmanit.de> From: Warren Parad Date: Wed, 9 Dec 2020 10:47:35 +0100 Message-ID: To: Karsten Meyer zu Selhausen Cc: Rifaat Shekh-Yusef , oauth Content-Type: multipart/related; boundary="00000000000003473905b604f47d" Archived-At: Subject: Re: [OAUTH-WG] Call for Adoption - AS Issuer Identifier in Authorization Response X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Dec 2020 09:47:57 -0000 --00000000000003473905b604f47d Content-Type: multipart/alternative; boundary="00000000000003473805b604f47c" --00000000000003473805b604f47c Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Okay, it wasn't clear that the user agent was required to be compromised for this to be a problem. Here's where it breaks down for me, if the attacker can manipulate the first request, why would they not be able to manipulate the AS where the Auth Response code is sent? Unless we can guarantee there is an attack surface that would only affect the authorization request AS selection and not the auth response, the solution the draft lacks purpose for me. Warren Parad Founder, CTO Secure your user data and complete your authorization architecture. Implement Authress . On Wed, Dec 9, 2020 at 8:55 AM Karsten Meyer zu Selhausen < karsten.meyerzuselhausen@hackmanit.de> wrote: > Hi Warren, > > I think there is some misunderstanding on how mix-up attacks work. I will > try to clear things up. > > Have a look at the following mix-up attack example (slide 4 > > from the interim meeting): > > I marked the important parts: > > - In step 1 the client stores the attacker's AS (A-AS) as the selected > AS. > - Step 5: The authorization response is issued by the honest *(=3D not > compromised)* AS, not by the attacker's AS. The H-AS will use its own > correct issuer identifier as the value for the AS parameter. > - In a mix-up attack the attacker cannot directly influence the > value of the iss parameter in the authorization response as it is i= ssued by > the H-AS. > - Step 6: The client sends the token request to the token endpoint of > the A-AS, because it stored the A-AS as the selected AS in step 1. Thi= s > leaks the authorization code to the attacker who can use it in a code > injection attack, for example. > > With an iss parameter present in step 5 the client would be able to > recognize that the code was issued by the H-AS, not by the A-AS. The clie= nt > would be able to abort the authorization grant instead of leaking the cod= e > to the A-AS. > > I hope this addresses your concerns. > > Best regards, > Karsten > On 08.12.2020 20:15, Warren Parad wrote: > > As an implementer on both sides of the issue I'm struggling to understand > how this problem would occur. I'm finding issues with the proposed > problems: > > 1. Honest AS is compromised, assuming this does happen details on why > adding iss to the AS response would prevent attacks is necessary for m= e. In > other words, how would an AS be compromised in a way that would be > identifiable through the issuer value? (my ignorant assumption is that= a > compromised AS is compromised enough that an attacker would be able to= send > the correct ISS) > 2. Attacker AS is registered. I fully support the idea that this can > and will happen, however from attempting to test-implement this propos= al, I > can't see how the authorization would be sent to the wrong token endpo= int. > Since there is no information in the AS auth code response, the client= must > already have the knowledge of where they are going to send the token, = no > mix-up can be executed. I would argue, if anything, adding the ISS > parameter would open a new attack surface by providing clients an > opportunity to blatantly trust the ISS parameter as the honest AS and = thus > actually sending the code there instead of sending it to one specified= in > the metadata document. > > My confusion is the following: > > - Are multi AS services utilizing authorization codes in a way where > there could be a mix up attack for #2. > - Is there a #3 that I'm missing which even in light of #1 & #2 I > brought up that would still make this change valuable? > > Warren Parad > > Founder, CTO > Secure your user data and complete your authorization architecture. > Implement Authress . > > > On Tue, Dec 8, 2020 at 8:01 PM Dick Hardt wrote: > >> +1 >> =E1=90=A7 >> >> On Tue, Dec 8, 2020 at 4:51 AM Rifaat Shekh-Yusef < >> rifaat.s.ietf@gmail.com> wrote: >> >>> All, >>> >>> This is a call for adoption for the following AS Issuer Identifier in >>> Authorization Response as a WG document: >>> >>> https://datatracker.ietf.org/doc/draft-meyerzuselhausen-oauth-iss-auth-= resp/ >>> >>> Please, provide your feedback on the mailing list by Dec 22nd. >>> >>> Regards, >>> Rifaat & Hannes >>> _______________________________________________ >>> OAuth mailing list >>> OAuth@ietf.org >>> https://www.ietf.org/mailman/listinfo/oauth >>> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth >> > -- > Karsten Meyer zu Selhausen > IT Security Consultant > Phone: +49 (0)234 / 54456499 > Web: https://hackmanit.de | IT Security Consulting, Penetration Testing, = Security Training > > Nehmen Sie an unserer n=C3=A4chsten Live Online-Schulung zur Sicherheit v= on OAuth und OpenID Connect am 27.01 + 28.01.2021 teil:https://www.hackmani= t.de/de/schulungen/127-live-online-schulung-single-sign-on-sicherheit-oauth= -openid-connect-am-27-01-28-01-2021 > > Hackmanit GmbH > Universit=C3=A4tsstra=C3=9Fe 60 (Exzenterhaus) > 44789 Bochum > > Registergericht: Amtsgericht Bochum, HRB 14896 > Gesch=C3=A4ftsf=C3=BChrer: Prof. Dr. J=C3=B6rg Schwenk, Prof. Dr. Juraj S= omorovsky, Dr. Christian Mainka, Dr. Marcus Niemietz > > --00000000000003473805b604f47c Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
    Okay, it wasn't clear that the user agent was required= to be compromised for this to be a problem. Here's where it breaks dow= n for me, if the attacker can manipulate the first request, why would they = not be able to manipulate the AS where the Auth Response code is sent?=C2= =A0 Unless we can guarantee there is an attack surface that would only affe= ct the authorization request AS selection and not the auth response, the so= lution the draft lacks purpose for me.

    <= div dir=3D"ltr">

    Warren Parad

    Founder, CTO

    Secure your user data and complete your authoriza= tion architecture. Implement=C2=A0Authress.