From f982a92327df430860379081f7ae1ce59f8e076f Mon Sep 17 00:00:00 2001 From: Karl Cardenas Date: Tue, 9 Apr 2024 12:51:12 -0700 Subject: [PATCH] docs: DOC-448 VMware Refactor (#2540) * docs: DOC-448 * chore: added index page intro * docs: DOC-448 * docs: DOC-448 more pages * save * chore: added new diagram * docs: added new pages * chore: updated cluster create page * Apply suggestions from code review Co-authored-by: Adelina Simion <43963729+addetz@users.noreply.github.com> * Optimised images with calibre/image-actions * Optimised images with calibre/image-actions * docs: vale feedback * chore: fix logo displayed --------- Co-authored-by: Adelina Simion <43963729+addetz@users.noreply.github.com> Co-authored-by: vault-token-factory-spectrocloud[bot] <133815545+vault-token-factory-spectrocloud[bot]@users.noreply.github.com> --- .../clusters/data-center/vmware.md | 0 .../clusters/data-center/data-center.md | 2 +- .../register-manage-maas-cloud-accounts.md | 4 +- .../data-center/vmware/_category_.json | 3 + .../data-center/vmware/architecture.md | 96 ++++++++ .../vmware/create-manage-vmware-clusters.md | 218 ++++++++++++++++++ .../data-center/vmware/permissions.md | 192 +++++++++++++++ .../clusters/data-center/vmware/vmware.md | 49 ++++ .../pcg/manage-pcg/add-dns-mapping.md | 68 ++++++ .../vmware-vsphere-airgap-instructions.md | 2 +- .../install-on-vmware/install.md | 2 +- docs/docs-content/integrations/cloudanix.md | 2 +- .../vmware-vsphere-airgap-instructions.md | 2 +- ...ers_vmware_architecture_arch-overview.webp | Bin 0 -> 25020 bytes .../docs/images/vmware_arch_oct_2020.webp | Bin 57788 -> 0 bytes 15 files changed, 632 insertions(+), 8 deletions(-) rename docs/{docs-content => deprecated}/clusters/data-center/vmware.md (100%) create mode 100644 docs/docs-content/clusters/data-center/vmware/_category_.json create mode 100644 docs/docs-content/clusters/data-center/vmware/architecture.md create mode 100644 docs/docs-content/clusters/data-center/vmware/create-manage-vmware-clusters.md create mode 100644 docs/docs-content/clusters/data-center/vmware/permissions.md create mode 100644 docs/docs-content/clusters/data-center/vmware/vmware.md create mode 100644 docs/docs-content/clusters/pcg/manage-pcg/add-dns-mapping.md create mode 100644 static/assets/docs/images/clusters_vmware_architecture_arch-overview.webp delete mode 100644 static/assets/docs/images/vmware_arch_oct_2020.webp diff --git a/docs/docs-content/clusters/data-center/vmware.md b/docs/deprecated/clusters/data-center/vmware.md similarity index 100% rename from docs/docs-content/clusters/data-center/vmware.md rename to docs/deprecated/clusters/data-center/vmware.md diff --git a/docs/docs-content/clusters/data-center/data-center.md b/docs/docs-content/clusters/data-center/data-center.md index 70b318ff5a..f47603c11f 100644 --- a/docs/docs-content/clusters/data-center/data-center.md +++ b/docs/docs-content/clusters/data-center/data-center.md @@ -30,4 +30,4 @@ environments. - [OpenStack](openstack.md) -- [VMware](vmware.md) +- [VMware](./vmware/vmware.md) diff --git a/docs/docs-content/clusters/data-center/maas/register-manage-maas-cloud-accounts.md b/docs/docs-content/clusters/data-center/maas/register-manage-maas-cloud-accounts.md index eda1255283..97005478f2 100644 --- a/docs/docs-content/clusters/data-center/maas/register-manage-maas-cloud-accounts.md +++ b/docs/docs-content/clusters/data-center/maas/register-manage-maas-cloud-accounts.md @@ -21,9 +21,7 @@ additional cloud accounts that reference specific PCGs. [PCG Architecture](../../pcg/architecture.md#pcg-deployment-options) page. - An active [MAAS API key](https://maas.io/docs/api-authentication-reference) which can be generated in the MAAS web - console under **My Preferences** > **API keys**. The following is an example key: - - `APn53wz232ZwBMxDp5:MHZIbUp3e4DJTjZEKg:mdEv33WAG536MhNC8mIywNLtjcDTnFAQ` + console under **My Preferences**, and selecting **API keys**. For details, refer to the MAAS document on [how to add an API key](https://maas.io/docs/how-to-manage-user-accounts#heading--api-key). diff --git a/docs/docs-content/clusters/data-center/vmware/_category_.json b/docs/docs-content/clusters/data-center/vmware/_category_.json new file mode 100644 index 0000000000..c3460c6dbd --- /dev/null +++ b/docs/docs-content/clusters/data-center/vmware/_category_.json @@ -0,0 +1,3 @@ +{ + "position": 30 +} diff --git a/docs/docs-content/clusters/data-center/vmware/architecture.md b/docs/docs-content/clusters/data-center/vmware/architecture.md new file mode 100644 index 0000000000..745b89c005 --- /dev/null +++ b/docs/docs-content/clusters/data-center/vmware/architecture.md @@ -0,0 +1,96 @@ +--- +sidebar_label: "Architecture" +title: "Architecture" +description: "Learn about the architecture used to support VMware clusters through Palette." +hide_table_of_contents: false +sidebar_position: 10 +tags: ["data center", "vmware", "architecture"] +--- + +## Overview + +Palette supports using VMware vSphere as a data center provider. You can deploy Kubernetes clusters to your vSphere +environment using Palette. Below are some key features of the Palette VMware architecture: + +- Kubernetes nodes can be distributed across multiple-compute clusters, which serve as distinct fault domains. + +- Support for static IP addresses, as well as DHCP. If you are using Dynamic Host Configuration Protocol (DHCP), Dynamic + DNS is required. + +- Support for IP address pool management for assigning blocks of IPs dedicated to clusters or projects. + +- A Private Cloud Gateway (PCG) must be setup within the VMware vSphere environment to communicate with the Palette + management platform and the VMware vCenter that installed in the private data center. + + The PCG facilitates communication between Palette and your infrastructure environment. The PCG is necessary in + environments where Palette does not have direct network access. Many infrastructure environments are placed in a + private network that blocks connections originating externally. The PCG connects to Palette, and acts as an endpoint, + allowing you to target the environment when deploying clusters in Palette. + + ![vmware_arch_oct_2020.webp](/clusters_vmware_architecture_arch-overview.webp) + +You can learn more in the [PCG Architecture](../../pcg/architecture.md) section. + +## Zone Tagging + +You can use tags to create node zones and regions for your Kubernetes clusters. The node zones and regions can be used +to dynamically place Kubernetes workloads and achieve higher availability. Kubernetes nodes inherit the zone and region +tags as [Labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/). Kubernetes workloads can +use the node labels to ensure that the workloads are deployed to the correct zone and region. + +The following is an example of node labels that are discovered and inherited from vSphere tags. The tag values are +applied to Kubernetes nodes in vSphere. + + + +```yaml hideClipboard +topology.kubernetes.io/region=usdc +topology.kubernetes.io/zone=zone3 +failure-domain.beta.kubernetes.io/region=usdc +failure-domain.beta.kubernetes.io/zone=zone3 +``` + + +:::info + +To learn more about node zones and regions, refer to the +[Node Zones/Regions Topology](https://cloud-provider-vsphere.sigs.k8s.io/cloud_provider_interface.html) section of the +Cloud Provider Interface documentation. + +::: + +Zone tagging is required to install Palette and is helpful for Kubernetes workloads deployed in vSphere clusters through +Palette if they have persistent storage needs. Use vSphere tags on data centers and compute clusters to create distinct +zones in your environment. You can use vSphere +[Tag Categories and Tags](https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-vcenter-esxi-management/GUID-16422FF7-235B-4A44-92E2-532F6AED0923.html) +to create zones in your vSphere environment and assign them to vSphere objects. + +The zone tags you assign to your vSphere objects, such as a datacenter and clusters are applied to the Kubernetes nodes +you deploy through Palette into your vSphere environment. Kubernetes clusters deployed to other infrastructure +providers, such as public cloud may have other native mechanisms for auto discovery of zones. + +For example, assume a vCenter environment contains three compute clusters, cluster-1, cluster-2, and cluster-3. To +support this environment you create the tag categories `k8s-region` and `k8s-zone`. The `k8s-region` is assigned to the +datacenter, and the `k8s-zone` tag is assigned to the compute clusters. + +The following table lists the tag values for the data center and compute clusters. + +| **vSphere Object** | **Assigned Name** | **Tag Category** | **Tag Value** | +| ------------------ | ----------------- | ---------------- | ------------- | +| **Datacenter** | dc-1 | k8s-region | region1 | +| **Cluster** | cluster-1 | k8s-zone | az1 | +| **Cluster** | cluster-2 | k8s-zone | az2 | +| **Cluster** | cluster-3 | k8s-zone | az3 | + +Create a tag category and tag values for each datacenter and cluster in your environment. Use the tag categories to +create zones. Use a name that is meaningful and that complies with the tag requirements listed in the following section. + +### Tag Requirements + +The following requirements apply to tags: + +- A valid tag must consist of alphanumeric characters. + +- The tag must start and end with an alphanumeric character. + +- The regex used for tag validation is `(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?` diff --git a/docs/docs-content/clusters/data-center/vmware/create-manage-vmware-clusters.md b/docs/docs-content/clusters/data-center/vmware/create-manage-vmware-clusters.md new file mode 100644 index 0000000000..231dbe6af6 --- /dev/null +++ b/docs/docs-content/clusters/data-center/vmware/create-manage-vmware-clusters.md @@ -0,0 +1,218 @@ +--- +sidebar_label: "Create and Manage VMware Clusters" +title: "Create and Manage VMware Clusters" +description: "Learn how to configure VMware to create VMware clusters in Palette." +hide_table_of_contents: false +sidebar_position: 20 +tags: ["data center", "vmware"] +--- + +You can deploy Kubernetes clusters on VMware vSphere using Palette. Use the following steps to create and manage VMware +clusters in Palette. + +## Prerequisites + +Before you begin, ensure that you have the following prerequisites: + +- A VMware vSphere user account with the necessary permissions to create and manage clusters. Refer to the + [Required Permissions](./permissions.md) page for more information. + +- A VMware account registered in Palette. VMware accounts are automatically registered when you deploy a Private Cloud + Gateway (PCG) in Palette. Check out the [Deploy a PCG](../../pcg/deploy-pcg/vmware.md) guide to learn how to deploy a + PCG. + + :::info + + If you have a self-hosted Palette or VerteX instance, you can use the System PCG instance that is deployed in a VMware + environment. Refer to the [System PCG](../../pcg/architecture.md#system-private-gateway) to learn more about the + system PCG. + + ::: + +- A cluster profile for the VMware vSphere environment. You can learn how to create a cluster profile by following the + steps in the + [Create a Cluster Profile](../../../profiles/cluster-profiles/create-cluster-profiles/create-cluster-profiles.md) + guide. + +- Depending on the network type you select for the cluster, you may need to create an IP Address Management (IPAM) pool + or define a search domain. Use the following guidelines to create an IPAM pool or define a search domain. + + - An IP Address Management (IPAM) pool is required to assign static IP addresses to the nodes in the cluster. You can + learn how to create an IPAM pool by following the steps in the + [Create and Manage IPAM Node Pools](../../pcg/manage-pcg/create-manage-node-pool.md) guide. + + - A search domain, also called DNS mapping, can be used to assign cluster nodes to a specific network, cluster, and + datacenter. Check out the [Add DNS Mapping](../../pcg/manage-pcg/add-dns-mapping.md) guide to learn how to add + multiple DNS mappings to a PCG. + +## Create a VMware Cluster + +1. Log in to [Palette](https://console.spectrocloud.com). + +2. Navigate to the left **Main Menu** and select **Clusters**. + +3. Click **Deploy New Cluster** on the Create a New Cluster page. + +4. Select **VMware** and click the **Start VMware Configuration** button. + +5. Fill out the input fields. Use the table below to learn more about each input fields. Click on the **Next** button + when you are done. + + | Field Name | Description | Required | + | ----------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------- | + | **Cluster name** | The name of the cluster. | Yes | + | **Description** | A brief description of the cluster. | No | + | **Tags** | Tags to help you identify the cluster. | No | + | **Cloud Account** | The VMware vSphere account to use for the cluster. If no account is available, ensure you [deployed a PCG](../../pcg/deploy-pcg/vmware.md) into the VMware vSphere environment. | Yes | + +6. Select the cluster profile you want to use for the cluster. Click the **Next** to proceed. + +7. Modify any cluster profile layers as needed. Click **Next** to continue. + +8. Fill out the VMware vSphere configuration details for the cluster. Refer to the table below to learn more about each + option. Click **Next** to proceed. + + | Field Name | Description | Required | + | ------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------- | + | **Datacenter** | The VMware vSphere datacenter where the cluster and its nodes will be deployed. | Yes | + | **Deployment Folder** | The folder in the datacenter where the cluster and its nodes will be deployed. Check the box **Append cluster name** if you want the cluster name appended to the folder name. | Yes | + | **Image Template Folder** | The folder in the datacenter where the image templates are stored. This is typically in the **spectro-templates** folder. | Yes | + | **Network Type** | The network type to use for the cluster. Select **Static IP** if you want to use static IP addresses. Select **DHCP** if you want to use Dynamic Host Configuration Protocol (DHCP). | Yes | + | **SSH Key** | The SSH key to use for the cluster. Check out the [Create and Upload an SSH Key](../../cluster-management/ssh-keys.md#create-and-upload-an-ssh-key) guide to learn how to upload an SSH key to Palette. | No | + | **NTP Servers** | The Network Time Protocol (NTP) servers to use for the cluster. | No | + + :::warning + + We recommend specifying Network Time Protocol (NTP) servers to ensure that the cluster nodes have the correct time. + If no NTP servers are specified, it could lead to time drift issues. + + ::: + +9. Configure the control plane and worker node pool configurations. Click **Next** to proceed. + + ### Control Plane Pool Configuration + + :::tip + + To apply the same configuration to the worker node pool as the control plane node pool, click the **Copy from the + Control Plane Pool** button. This will copy the control plane pool configuration to the worker node pool. + + ::: + + | Field Name | Description | + | ------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | + | **Node Pool Name** | The name of the control plane node pool. | + | **Number of nodes in the pool** | The number of control plane nodes. Allowed values are 1, 3, and 5. | + | **Allow Worker Capability** | Enable this option to workloads to be deployed on control plane nodes. | + | **Additional Labels** | Additional labels to apply to the control plane nodes. | + | **Taints** | Taints to apply to the control plane nodes. If enabled, an input field is displayed to specify the taint key, value and effect. Check out the [Node Labels and Taints](../../cluster-management/taints.md) page to learn more. | + + #### Cloud Configuration + + | Field Name | Description | + | ---------- | ---------------------------------------------------------------- | + | **CPU** | The number of CPUs to allocate to the control plane nodes. | + | **Memory** | The amount of memory to allocate to the control plane nodes. | + | **Disk** | The amount of disk space to allocate to the control plane nodes. | + + #### Fault Domain Configuration + + | Field Name | Description | + | ------------------- | ------------------------------------------------------- | + | **Compute Cluster** | The compute cluster to use for the control plane nodes. | + | **Resource Pool** | The resource pool to use for the control plane nodes. | + | **Datastore** | The datastore to use for the control plane nodes. | + | **Network** | The network to use for the control plane nodes. | + + #### Network Configuration + + Depending on what option you selected for the **Network Type** field, the following fields are displayed. + + | Field Name | Description | Network Type | + | ----------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | + | **IPAM Pool** | The IPAM pool to use for the control plane nodes. An IPAM pool is required to assign IP addresses to the nodes in the cluster. You can learn how to create an IPAM pool by following the steps in the [Create and Manage IPAM Node Pools](../../pcg/manage-pcg/create-manage-node-pool.md) guide. | Static IP | + | **Search Domain** | The search domain to assign the cluster nodes in. If no search domain is defined, click on the **Define DNS** button and specify the search domain. Check out the [Add DNS Mapping](../../pcg/manage-pcg/add-dns-mapping.md) guide to learn how to add multiple DNS mappings to a PCG. | DHCP | + + ### Worker Plane Pool Configuration + + | Field Name | Description | + | ------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | + | **Node Pool Name** | The name of the control plane node pool. | + | **Enable Autoscaler** | Enable this option to automatically scale the worker nodes based on the workload. | + | **Node Repave Interval** | The interval at which the worker nodes are repaved in seconds. Refer to the [Repave Behavior and Configuration](../../cluster-management/node-pool.md#repave-behavior-and-configuration) for additional information about repave behaviors. | + | **Number of Nodes in the Pool** | The number of worker nodes. | + | **Rolling Update** | Choose between **Expand First** and **Contract First** to determine the order in which nodes are added or removed from the worker node pool. Expand first adds new nodes before removing old nodes. Contract first removes old nodes before adding new nodes. | + | **Additional Labels** | Additional labels to apply to the control plane nodes. | + | **Taints** | Taints to apply to the control plane nodes. If enabled, an input field is displayed to specify the taint key, value and effect. Check out the [Node Labels and Taints](../../cluster-management/taints.md) page to learn more. | + + Click on the **Next** button when you are done. + +10. You can configure the following cluster management features now if needed, or you can do it later: + + - OS Patching + - Schedule scans + - Schedule backups + - Role Based Access Control (RBAC) + - Location + + #### OS Patching + + Specify your preferred **OS Patching Schedule** for the cluster. Check out the + [OS Patching](../../cluster-management/os-patching.md) page to learn more about OS patching. + + #### Scan Options + + Enable any scan options you want Palette to perform, and select a scan schedule. Palette provides support for + Kubernetes configuration security, penetration testing, and conformance testing. + + #### Backup Options + + Schedule any backups you want Palette to perform. Review + [Backup and Restore](../../cluster-management/backup-restore/backup-restore.md) for more information. + + #### RBAC Configuration + + RBAC configuration is required when you configure custom OIDC. You must map a set of users or groups to a Kubernetes + RBAC role. To learn how to map a Kubernetes role to users and groups, refer to + [Create Role Bindings](../../cluster-management/cluster-rbac.md#create-role-bindings). Refer to + [Use RBAC with OIDC](../../../integrations/kubernetes.md#use-rbac-with-oidc) for an example. + + #### Location + + Specify the location of the cluster. The cluster location is added to the project dashboard location map. + +11. Click on the **Validate** button and review the cluster configuration and settings summary. + +12. Click **Finish Configuration** to deploy the cluster. + +The cluster deployment process is initiated. You can monitor the cluster deployment progress by navigating to the left +**Main Menu** and selecting **Clusters**. Click on the cluster you just created to view the cluster details page. The +**Cluster Status** field displays the current status of the cluster. + +## Validate + +Use the following steps to validate that the cluster is available and healthy. + +1. Log in to [Palette](https://console.spectrocloud.com). + +2. Navigate to the left **Main Menu** and click **Clusters**. + +3. The **Clusters** page lists all available clusters that Palette manages. Select the cluster you deployed to review + its details page. + +4. Ensure the **Cluster Status** field contains the value **Running**. + +:::tip + +You can download the cluster's kubeconfig file to access the cluster using the Kubernetes command-line tool, kubectl. +Check out the [Access a Cluster](../../cluster-management/palette-webctl.md) guide to learn how to download the +kubeconfig file. + +::: + +## Next Steps + +Now that you have a Kubernetes cluster deployed, you can start developing and deploying applications to your clusters. +We recommend you review the Day-2 responsibilities and become familiar with the cluster management tasks. Check out the +[Manage Clusters](../../cluster-management/cluster-management.md) documentation to learn more about Day-2 +responsibilities. diff --git a/docs/docs-content/clusters/data-center/vmware/permissions.md b/docs/docs-content/clusters/data-center/vmware/permissions.md new file mode 100644 index 0000000000..3ffe56b768 --- /dev/null +++ b/docs/docs-content/clusters/data-center/vmware/permissions.md @@ -0,0 +1,192 @@ +--- +sidebar_label: "Required Permissions" +title: "Required Permissions" +description: "The permissions required to configure VMware to allow Palette to deploy clusters in VMware vSphere." +hide_table_of_contents: false +sidebar_position: 60 +tags: ["data center", "vmware", "permissions"] +--- + +The VMware vSphere user account that deploys host clusters require access to the following vSphere objects and +permissions listed in the following table. Review the vSphere objects and privileges required to ensure each role is +assigned the required privileges. + +### Spectro Root Role Privileges + +The spectro root role privileges are only applied to root objects and data center objects. Select the tab for the +vSphere version you are using to view the required privileges for the spectro root role. + + + + + +| **vSphere Object** | **Privilege** | +| ----------------------- | -------------------------------------------------- | +| **CNS** | Searchable | +| **Datastore** | Browse datastore | +| **Host** | Configuration
Storage partition configuration | +| **vSphere Tagging** | Create and edit vSphere tags | +| **Network** | Assign network | +| **Sessions** | Validate session | +| **VM Storage Policies** | View VM storage policies | +| **Storage views** | View | + + + + + +| **vSphere Object** | **Privileges** | +| -------------------------- | -------------------------------------------------- | +| **CNS** | Searchable | +| **Datastore** | Browse datastore | +| **Host** | Configuration
Storage partition configuration | +| **vSphere tagging** | Create vSphere Tag
Edit vSphere Tag | +| **Network** | Assign network | +| **Profile-driven storage** | View | +| **Sessions** | Validate session | +| **Storage views** | View | + + + + + +| **vSphere Object** | **Privileges** | +| -------------------------- | -------------------------------------------------- | +| **CNS** | Searchable | +| **Datastore** | Browse datastore | +| **Host** | Configuration
Storage partition configuration | +| **vSphere tagging** | Create vSphere Tag
Edit vSphere Tag | +| **Network** | Assign network | +| **Profile-driven storage** | Profile-driven storage view | +| **Sessions** | Validate session | +| **Storage views** | View | + + + + + +:::warning + +If the network is a Distributed Port Group under a vSphere Distributed Switch (VDS), _ReadOnly_ access to the VDS +without “Propagate to children” is required. + +::: + +### Spectro Role Privileges + +As listed in the table, apply spectro role privileges to vSphere objects you intend to use for Palette installation. A +separate table lists Spectro role privileges for VMs by category. + +Open Virtual Appliance (OVA) files are downloaded to the folder you selected. These images are cloned from the folder +and applied VMs that deployed during deployments. + +Select the tab for the vSphere version you are using to view the required privileges for the spectro role. + + + + + +| **vSphere Object** | **Privileges** | +| --------------------- | --------------------------------------------------------------------------------------------------------------------------------- | +| **CNS** | Searchable | +| **Datastore** | Allocate space
Browse datastore
Low-level file operations
Remove file
Update VM files
Update VM metadata | +| **Folder** | Create Folder
Delete folder
Move folder
Rename folder | +| **Host** | Local operations: Reconfigure VM | +| **Network** | Assign network | +| **Resource** | Apply recommendation
Assign VM to resource pool
Migrate powered off VM
Migrate powered on VM
Query vMotion | +| **Sessions** | Validate sessions | +| **Storage policies** | View access for VM storage policies is required.
Ensure `StorageProfile.View` is available. | +| **spectro-templates** | Read only. This is the vSphere folder created during the install. For airgap installs, you must manually create this folder. | +| **Storage views** | View | +| **Tasks** | Create task
Update task | +| **vApp** | Import
View OVF environment
Configure vAPP application
Configure vApp instance | +| **vSphere tagging** | Assign or Unassign vSphere Tag
Create vSphere Tag
Delete vSphere Tag
Edit vSphere Tag | + +The following table lists spectro role privileges for VMs by category. All privileges are for the vSphere object, +Virtual Machines. + +| **Category** | **Privileges** | +| --------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Change Configuration | Acquire disk lease
Add existing disk
Add new disk
Add or remove device
Advanced configuration
Change CPU count
Change memory
Change settings
Change swapfile placement
Change resource
Change host USB device
Configure raw device
Configure managedBy
Display connection settings
Extend virtual disk
Modify device settings
Query fault tolerance compatibity
Query unowned files
Reload from path
Remove disk
Rename
Reset guest information
Set annotation
Toggle disk change tracking
Toggle fork parent
Upgrade VM compatibility | +| Edit Inventory | Create from existing
Create new
Move
Register
Remove
Unregister | +| Guest Operations | Alias modification
Alias query
Modify guest operations
Invoke programs
Queries | +| Interaction | Console Interaction
Power on/off | +| Provisioning | Allow disk access
Allow file access
Allow read-only disk access
Allow VM download
Allow VM files upload
Clone template
Clone VM
Create template from VM
Customize guest
Deploy template
Mark as template
Mark as VM
Modify customization specification
Promote disks
Read customization specifications | +| Service Configuration | Allow notifications
Allow polling of global event notifications
Manage service configurations
Modify service configurations
Query service configurations
Read service configurations | +| Snapshot Management | Create snapshot
Remove snapshot
Rename snapshot
Revert to snapshot | +| Sphere Replication | Configure replication
Manage replication
Monitor replication | +| vSAN | Cluster: ShallowRekey | + + + + + +| **vSphere Object** | **Privileges** | +| -------------------------- | --------------------------------------------------------------------------------------------------------------------------------- | +| **CNS** | Searchable | +| **Datastore** | Allocate space
Browse datastore
Low-level file operations
Remove file
Update VM files
Update VM metadata | +| **Folder** | Create Folder
Delete folder
Move folder
Rename folder | +| **Host** | Local operations: Reconfigure VM | +| **Network** | Assign network | +| **Resource** | Apply recommendation
Assign VM to resource pool
Migrate powered off VM
Migrate powered on VM
Query vMotion | +| **Profile-driven storage** | Profile-driven storage view | +| **Sessions** | Validate session | +| **spectro-templates** | Read only. This is the vSphere folder created during the install. For airgap installs, you must manually create this folder. | +| **Storage views** | Configure service
View | +| **Tasks** | Create task
Update task | +| **vApp** | Import
View OVF environment
Configure vAPP applications
Configure vApp instances | +| **vSphere tagging** | Assign or unassign vSphere Tag
Create vSphere Tag
Delete vSphere Tag
Edit vSphere Tag | + +The following table lists spectro role privileges for VMs by category. All privileges are for the vSphere object, +Virtual Machines. + +| **Category** | **Privileges** | +| --------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Change Configuration | Acquire disk lease
Add existing disk
Add new disk
Add or remove device
Advanced configuration
Change CPU count
Change memory
Change Settings
Change Swapfile placement
Change resource
Change host USB device
Configure Raw device
Configure managedBy
Display connection settings
Extend virtual disk
Modify device settings
Query fault tolerance compatibity
Query unowned files
Reload from path
Remove disk
Rename
Reset guest information
Set annotation
Toggle disk change tracking
Toggle fork parent
Upgrade VM compatibility | +| Edit Inventory | Create from existing
Create new
Move
Register
Remove
Unregister | +| Guest Operations | Alias modification
Alias query
Modify guest operations
Invoke programs
Query guest operations | +| Interaction | Console Interaction
Power on/off | +| Provisioning | Allow disk access
Allow file access
Allow read-only disk access
Allow VM download
Allow VM upload
Clone template
Clone VM
Create template from VM
Customize guest
Deploy template
Mark as template
Modify customization specifications
Promote disks
Read customization specifications | +| Service Configuration | Allow notifications
Allow polling of global event notifications
Manage service configurations
Modify service configurations
Query service configurations
Read service configurations | +| Snapshot Management | Create snapshot
Remove snapshot
Rename snapshot
Revert to snapshot | +| vSphere Replication | Configure replication
Manage replication
Monitor replication | +| vSAN | Cluster
ShallowRekey | + + + + + +| **vSphere Object** | **Privileges** | +| -------------------------- | --------------------------------------------------------------------------------------------------------------------------------- | +| **CNS** | Searchable | +| **Datastore** | Allocate space
Browse datastore
Low-level file operations
Remove file
Update VM files
Update VM metadata | +| **Folder** | Create Folder
Delete folder
Move folder
Rename folder | +| **Host** | Local operations: Reconfigure VM | +| **Network** | Assign network | +| **Profile-driven storage** | Profile-driven storage view | +| **Resource** | Apply recommendation
Assign VM to resource pool
Migrate powered off VM
Migrate powered on VM
Query vMotion | +| **Sessions** | Validate session | +| **spectro-templates** | Read only. This is the vSphere folder created during the install. For airgap installs, you must manually create this folder. | +| **Storage views** | View | +| **Tasks** | Create task
Update task | +| **vApp** | Import
View OVF environment
Configure vAPP applications
Configure vApp instances | +| **vSphere tagging** | Assign or unassign vSphere Tag
Create vSphere Tag
Delete vSphere Tag
Edit vSphere Tag | + +The following table lists spectro role privileges for VMs by category. All privileges are for the vSphere object, +Virtual Machines. + +| **Category** | **Privileges** | +| --------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Change Configuration | Acquire disk lease
Add existing disk
Add new disk
Add or remove device
Advanced configuration
Change CPU count
Change memory
Change Settings
Change Swapfile placement
Change resource
Change host USB device
Configure Raw device
Configure managedBy
Display connection settings
Extend virtual disk
Modify device settings
Query fault tolerance compatibity
Query unowned files
Reload from path
Remove disk
Rename
Reset guest information
Set annotation
Toggle disk change tracking
Toggle fork parent
Upgrade VM compatibility | +| Edit Inventory | Create from existing
Create new
Move
Register
Remove
Unregister | +| Guest Operations | Alias modification
Alias query
Modify guest operations
Invoke programs
Query guest operations | +| Interaction | Console Interaction
Power on/off | +| Provisioning | Allow disk access
Allow file access
Allow read-only disk access
Allow VM download
Allow VM upload
Clone template
Clone VM
Create template from VM
Customize guest
Deploy template
Mark as template
Modify customization specifications
Promote disks
Read customization specifications | +| Service Configuration | Allow notifications
Allow polling of global event notifications
Manage service configurations
Modify service configurations
Query service configurations
Read service configurations | +| Snapshot Management | Create snapshot
Remove snapshot
Rename snapshot
Revert to snapshot | +| vSphere Replication | Configure replication
Manage replication
Monitor replication | +| vSAN | Cluster
ShallowRekey | + + + + diff --git a/docs/docs-content/clusters/data-center/vmware/vmware.md b/docs/docs-content/clusters/data-center/vmware/vmware.md new file mode 100644 index 0000000000..92d4ea5e80 --- /dev/null +++ b/docs/docs-content/clusters/data-center/vmware/vmware.md @@ -0,0 +1,49 @@ +--- +sidebar_label: "VMware" +title: "VMware" +description: "Learn how to configure VMware to create VMware clusters in Palette." +hide_table_of_contents: false +sidebar_position: 30 +tags: ["data center", "vmware"] +--- + +Palette supports usning VMware as a data center provider. With this, you can deploy and manage Kubernetes clusters on +VMware virtual machines. For this to work, Palette uses a [Private Cloud Gateway (PCG)](../../pcg/architecture.md), +which creates a secure connection from the internal network to the internet-accessible Palette instance, ultimately +bypassing the need to create firewall rules or other network configurations allowing external connections to the +internal network. + +:::tip + +Palette supports the ability to manage your VMware workloads on the same Kubernetes infrastructure as your other +applications through the Palette Virtual Machine Orchestrator (VMO). VMO provides a unified platform for managing +containerized and virtualized applications. This solution allows organizations to onboard, deploy, manage, and scale VMs +within the same cluster as their containerized applications. Check out the +[VMO documentation](../../../vm-management/vm-management.md) for more information. + +::: + +## Get Started + +To get started with VMware as your target platform for deploying Kubernetes clusters, you need to deploy a PCG in your +VMware environment. The PCG acts as a bridge between your VMware environment and Palette, enabling secure communication +between the two. Start by reviewing the [Deploy a PCG in VMware vSphere](../../pcg/deploy-pcg/vmware.md) guide. + +:::info + +If you are using a self-hosted Palette or VerteX instance, you can skip the PCG deployment and use the System PCG that +is already available in the instance. Review the [System PCG](../../pcg/architecture.md#system-private-gateway) section +of the PCG architecture page for more information. + +::: + +After you have deployed the PCG, you can proceed to create and manage VMware clusters in Palette. Refer to the +[Create and Manage VMware Clusters](create-manage-vmware-clusters.md) guide for detailed instructions. + +## Resources + +- [Architecture](architecture.md) + +- [Create and Manage VMware Clusters](create-manage-vmware-clusters.md) + +- [Permissions](permissions.md) diff --git a/docs/docs-content/clusters/pcg/manage-pcg/add-dns-mapping.md b/docs/docs-content/clusters/pcg/manage-pcg/add-dns-mapping.md new file mode 100644 index 0000000000..f6455d08db --- /dev/null +++ b/docs/docs-content/clusters/pcg/manage-pcg/add-dns-mapping.md @@ -0,0 +1,68 @@ +--- +sidebar_label: "Add DNS Mapping" +title: "Add DNS Mapping" +description: "Learn how to add DNS mapping for a Private Cloud Gateway (PCG) deployed in a VMware vSphere environment." +hide_table_of_contents: false +sidebar_position: 15 +tags: ["pcg"] +--- + +If your VMware vSphere environment is configured with Dynamic Host Configuration Protocol (DHCP), you can add a Dynamic +Name Server (DNS) mapping to the Private Cloud Gateway (PCG) to resolve the hostnames of the nodes in the PCG. You can +also use the DNS mapping ensure nodes are alocated to the correct datacenter, cluster and network. + +You can add multiple DNS mappings to a PCG to support different datacenters and networks in your VMware vSphere +environment. + +## Prerequisites + +- A PCG is installed, active, and in a healthy state. Refer to [Deploy a PCG](../deploy-pcg/deploy-pcg.md) for + instructions on how to install a PCG. + +- Access to the VMware vSphere environment. + +- Tenant administrator access. + +## Add DNS Mapping + +1. Log in to [Palette](https://console.spectrocloud.com) as a tenant administrator. + +2. Navigate to the left **Main Menu** and select **Tenant Settings**. + +3. Select **Private Cloud Gateways** from the **Tenant Settings Menu**. + +4. Click on the PCG for which you want to create a node pool. + +5. From the PCG details page, click on the **DNS Mapping** tab. + +6. Select **Add New DNS Mapping**. + +7. Fill out the form. Refer to the table below to learn more about each input option. + + | Field | Description | + | ------------------- | ----------------------------------------------------------- | + | **Search Domain** | The domain name to allocate nodes to and resolve hostnames. | + | **Datacenter** | The vSphere datacenter to which the DNS mapping applies. | + | **Compute Cluster** | The vSphere cluster to which the DNS mapping applies. | + | **Network** | The vSphere network to which the DNS mapping applies. | + +8. Click **Confirm** to add the DNS mapping. + +## Validate + +Use the following steps to validate that the DNS mapping was created successfully. + +1. Log in to [Palette](https://console.spectrocloud.com) as a tenant administrator. + +2. Navigate to the left **Main Menu** and select **Tenant Settings**. + +3. Select **Private Cloud Gateways** from the **Tenant Settings Menu** + +4. Click on the PCG for which you created a node pool. + +5. From the PCG details page, click on the **DNS Mapping** tab. + +6. The new DNS mapping should be listed in the **Search Domain** section. + +To use the new DNS mapping, you will need to create a cluster and select DHCP as the network type. Select the DNS +mapping when configuring the cluster control plane and worker nodes. diff --git a/docs/docs-content/enterprise-version/install-palette/airgap/vmware-vsphere-airgap-instructions.md b/docs/docs-content/enterprise-version/install-palette/airgap/vmware-vsphere-airgap-instructions.md index 0574a48b5a..8ad0e97fa0 100644 --- a/docs/docs-content/enterprise-version/install-palette/airgap/vmware-vsphere-airgap-instructions.md +++ b/docs/docs-content/enterprise-version/install-palette/airgap/vmware-vsphere-airgap-instructions.md @@ -61,7 +61,7 @@ Palette. Self-hosted Palette installations provide a system Private Cloud Gateway (PCG) out-of-the-box and typically do not require a separate, user-installed PCG. However, you can deploy additional PCG instances to support provisioning into remote data centers without a direct incoming connection to Palette. To learn how to install a PCG on VMware, check out -the [VMware](../../../clusters/data-center/vmware.md) guide. +the [VMware](../../../clusters/pcg/deploy-pcg/vmware.md) guide. ::: diff --git a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/install.md b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/install.md index 35f8a1317c..e803292e3e 100644 --- a/docs/docs-content/enterprise-version/install-palette/install-on-vmware/install.md +++ b/docs/docs-content/enterprise-version/install-palette/install-on-vmware/install.md @@ -76,7 +76,7 @@ proceeding with the installation. Refer to the Self-hosted Palette installations provide a system Private Cloud Gateway (PCG) out-of-the-box and typically do not require a separate, user-installed PCG. However, you can create additional PCGs as needed to support provisioning into remote data centers that do not have a direct incoming connection from the Palette console. To learn how to install a -PCG on VMware, check out the [VMware](../../../clusters/data-center/vmware.md) guide. +PCG on VMware, check out the [VMware](../../../clusters/pcg/deploy-pcg/vmware.md) guide. ::: diff --git a/docs/docs-content/integrations/cloudanix.md b/docs/docs-content/integrations/cloudanix.md index c487d133ce..70b91c9b3a 100644 --- a/docs/docs-content/integrations/cloudanix.md +++ b/docs/docs-content/integrations/cloudanix.md @@ -8,7 +8,7 @@ hide_table_of_contents: true type: "integration" category: ["security", "amd64"] sidebar_class_name: "hide-from-sidebar" -logoUrl: "https://cloudanix-assets.s3.amazonaws.com/static/cloudanix-logo-p.webp" +logoUrl: "https://cloudanix-assets.s3.amazonaws.com/static/cloudanix-logo-p.png" tags: ["packs", "cloudanix", "security"] --- diff --git a/docs/docs-content/vertex/install-palette-vertex/airgap/vmware-vsphere-airgap-instructions.md b/docs/docs-content/vertex/install-palette-vertex/airgap/vmware-vsphere-airgap-instructions.md index d0bd73812b..79a4fb3888 100644 --- a/docs/docs-content/vertex/install-palette-vertex/airgap/vmware-vsphere-airgap-instructions.md +++ b/docs/docs-content/vertex/install-palette-vertex/airgap/vmware-vsphere-airgap-instructions.md @@ -61,7 +61,7 @@ VerteX. Self-hosted VerteX installations provide a system Private Cloud Gateway (PCG) out-of-the-box and typically do not require a separate, user-installed PCG. However, you can deploy additional PCG instances to support provisioning into remote data centers without a direct incoming connection to VerteX. To learn how to install a PCG on VMware, check out -the [VMware](../../../clusters/data-center/vmware.md) guide. +the [VMware](../../../clusters/data-center/vmware/vmware.md) guide. ::: diff --git a/static/assets/docs/images/clusters_vmware_architecture_arch-overview.webp b/static/assets/docs/images/clusters_vmware_architecture_arch-overview.webp new file mode 100644 index 0000000000000000000000000000000000000000..555e5b603dc631a2805952406389b630ef7d80c7 GIT binary patch literal 25020 zcmd42(|;yFvn~9@wlT47+xA2g+n#V@+qP}noY+pD*fzh}@80|TzVjcPi@xZauCD4; zt5-Etq$MPp3;_TQaSHK7=rjf(2Y-(TNtot>rx zzlJDFKor2jpvT9g`AZV*NoPoGG`ew^LC}OoTWptFSdRL)vL~~nl0bzZy5JR_@X9+y zkFKs5b`ad$+^)RbqIWmniS(t#-OeMXAG3q51AcARkUt)t31pw+~pC@3K@`uDO7P~n-qJ@#k>*SwtQ)nTPO?97*JQjue>q@*3{=$i{ zFuBw+nGp5O_Jn{)Nl87!!Vv4y2|-_a5g|)~ks^a4&>@SQ?81PAJk){{vE2$KAf^NX zPW3@VAhlnR{aoq*FuHtAw*YAYrh|RzgE8A^#9-O z^tMlf{M^pjW6Merv9*=7U zeBC@BnBQ6TMc@;H$e5Y?`}A|W+dp1M2|J#zce(nK(tp-s>`YDmL_h$KLf<%$zFP?A(28f3EpBKEZtzei}b6e8d|2 zGU?BK;s^qL4&Rr)5ze%}V#`}+8;g&ho#&3#1;={Vdr3a9zP4VqKJOQD#|2{F?GLVB z7}t9vW{!FXJnSa&nm zzFUHJ-$OpNY_g3G>M-@M%Tj{ zDnA*&YF`BQ1*N|^zs*0fUU$}g>tYXgmV0-<{l8hiS3a)4zrP8+^u~RizCYi~zlOgb z$>`1TeQnu!`hF%+oaXN5#w+cKSYqN!$&(C*!xU*c60=1jl2ODP4h7BAam8hbhoYiM zWq|(_X~9#O^J)*F!D25grkxV`@NnG*5xCN$sQPWKPfLLJZtw+;r5j(Q(lLE;KaRkB zP{bQNNnD$H5=cw;#ZzZ?YK`@!zMChga=JFg`!izRX&vM5l0Ezhnyj;hvCl5UH{zpw zdw~wJtyHsbjv9*`EvprL*J?gZ%Sm%`kwKtf+LOGGYc2d2@_|iY33$Wdl12>=(roSq z&R-rIzF3Fr#iQkAOPB#^Qxv%MOC~3FxAk}DIL^OpX3NsaR$g9XoE46U$2$5%&f_IV zoADN|Gh`)pmu4-2&!!*iYgZ4!;~G}r-%$dX(SF!=c&yj6{PFs}ANE709qQ#X?;g0- zI?pFAdwzDKFKg@(&2cPM0Nkbt61DkZSUMsb(Co=+5g(Vbe?dq{Z-r0V{g0DBf%Qc_Us&|m^ z;eDt8=4Lg%Nwo0pnD~cr1?y&nU0BTDBDZJre^5x3%=!1-->7ZNihT>Hb<<+KBV; zexP>HtH(QF_5&#GY|&3qlu;gxpg|op!K^X_ZSXK!wng?6lDQCC!WfJHSH?`kaq4#* zgb=M*vMc+ekZ8wkR}AZJP2(lYL^b-Hpz&{p!4X3}$8Sxn;7)7}2N!EJnXz?&_@8{dFNDy0X{&Q-Zd4p|tzF5_ zu+0f*p|^*Lp1UD`UOjxVb;rU^$;5_J8yX<{H4Z`lnbN4`kz$9EX-@5d7#aWXvqAf7!AN+yMbG-aJYz5?dMb=soZ6N%p@>Md@K0fdF2=C#N?-8vAId?K63=zv#Y!D0ldy z1(3orAbkn*Ly2eWqUv&8a?KM+>AT(KpvC;Kt}ZFX7=h!)^_`Gd^dVe!Se2sPf?aaS z!<3ShG?%mJYVBBD<1V=ahFnF6sWkDh!` zU)_x{Y*ezNnu*?eBmRF8`czuGj#Jz#Gs82_hBL1S`YM(v5r{-opGa39w_s#H-&I*- z*Y3@;Pp^}Q_8E#CmHr+wZ|=?oW_wp781Mz%X9+y4iA4L7^!%7Ejljl?5Z3pei@9eO zI@^In_-|sJsv%JB9ucRET6_Ch<#Y#aPIXxa4Y>?{mLkU zC%Y5GFNtl=>Mjqw=?up>+OLR}XnV3%b~`GhR{SBf7pL{%2NMml;d?;$0@&4vkxH)w zGSYlYr>fhP+=WS)K*iqRA1rx|M5K2lB9MukGS21qk?dL+e^vO|eDpx}DCPHciT(Y< ziBe`jTZfj37ZZ$uQ%6WJz#G&s=|P?xue5IXzdVLR(qdaG)q*8-^ZpRJ#$Rr}8-k$H2gl6)*BY1c>A$E}iccjX z@_neOVoYigr|sIIUZy!Fm?EGuWeIEmvSRCJJ=ovD@|`+{xV|(#<&ZN*ozNOziw7~Sov?7=?he~E3e9sG0v&C$E+UwDEFK=q~D`j z-7{ll_MNzjQ|5o$;ezieMAgA6(~Z?@$wbqUe>fy{_y)9Kz^;T&gRF6{*$K!AkU6@~ z(!~T$qQ;F$NnkD)2;y?X&wF|OITL5caeUa(Wbypwk(hfgjAS0k5|l2SFnWvFJtLv( z>9wP#-r-D#m1x5PeUNS^D*jq65@EBphbP`k46aS$4ZeS;B>az2Yp@WDosz3k=I#%t zSk;YqhOAZ$t?+>qCc72!GYJjoxc#{m=I%znty*4F2D{ukMc`kH2-R0Yns+|~=2gAE zNH;C`SwONOTjT6z`w3XDDN3E2h?Y|0-$Kq7Vco#DemsS)5X()#z)HGe=B?iTAWR`G z{DRLKeOW20osTOi^4iq2psrhqnE9uY#V|Pj&vr_j@y}Ygb;^c&lGZ8N2+bJUt|{Kd z;v}a6mHO23E_DpXoQX^7_fpFBVR9q>0qhGTP~<=kXcK{6{S_yB3SQ!{=vFMbBvvff zYtLoM!7Eg+$_hKy=)tl)(qg<_)e!*$wgyliwp2}wxbPXA0He%&uv^%Rrm(Dn$`{$| z)GB$xGO1s`+wZrhkWpD^V-qBdGLCHooKH-)<)C9EBS|J+M1Js@)pZq+$g_j#~VK#SqUU@Fzacp1PKv04;d;VpSwlaCnE26 zYi4+s1Lbo+>(sQb?d+O#fT>vrYPBjUWX5+;Jk_tLHkL52KPsRlAb9nEF`1psO1Xs~ z;Q2?a&rEN(WLM|^B^Rfd@P*OcY`=yR>I#m# zsn-_WX+&0TEi-mH8are2-aLD--rJ%ZOt1Ofrd!Fl!bXyQ#*+0_$nkj^< z4gIiW=~&=Kzq~(|(P2!NmkqwBx~*~T_CMC-tT3?xSBT7Qs2T=uD>J7N-_y=wU{=-C zMe;cgBrBN!CiVii??x>2DL|m~*MI{N>Rt`7Q(LKx)a4F6rtAz@lO+}Ci*5QW8CH=; zDyTp&ZZc4Th4KHRT>rynm;Y8v|FY_T$?eiy-==ND>Z}8 zT_KF@y+^4mBc^cYh*UH)`EqZLyq*Xh6J* z;*u}6QRXqOiMgZu0U*!gTh{plp$7sfL(|QcUWwvAa+jmeJCVG&{DUHFNCcPUcCerE zKK3a{eruhh?@m)A?GJNYPv$KRa|b%6K?49&mF^qQ5(WOSlbHH+=@vmQT-S>8GF=Qw zfLA}WuzObHp)U}>sA5uPnguz}33{Q(>Qby#y}+%{Ue324f#mjX_u64%mR+$pr$?>@ zjwXSf252O~h)gd~%SOHM`E7+hvBBb>c3lJs$FQtje7&6Awx(tYat-foH!5&d4Yci?cJ#R7>7?`lL&8Dv@FMHcR^ea zWBIFin981N(DI}rq2pQB3vY{Zl(?b$?UAh$n@lft8uX~B?Q7K?K2JG=Yk#VEm{wV6 z$=Y@q)Xqwf0WVr`cv6uoHBeZ2K17d%__@Oc7B6|P!OfDt0=)k+*1eu0P;}kjs@yxV zd~3qs1ar#5c4<;movYBhHp4|d#}T=HAN^A&|-4t$elctF2>!SjGC;{9s&0|0*ejz2x1l_Cr7HI%KM&YSukh zX|A1@pz8fQIdU`R{)};c>Go)2SeM(a)!%C5c0xt;sz0lNGs)*-e?(C11#nR%6jDry z#iO{SytKcJtej*_v~;_D)n5hT(>pmn2bu@jR|wA8UzlvLu4R4b2wcy}f3C~J^lSxb zEO6PNm8ZkpEOtyxz5!A1Ut=8YPIDhEGAKi8cb8BR4iQQ(Su1Sg|8Q=Vi|TsATrmIP zQ#~woA`?@+k;#FECmIrI6Eh$Q_X|UTSnVk!mDmK_ewYG&O4U{7h5{N{YUXDb4k48l zbWzoOHl1MdBDBapu(cq-eYc^lxW-5nAYkd9XxXPqt3At@;5M}aqLyiC>10=v!_0~c zGz8*aH<94sh46LapB|3`G2Tk{DKZ)tBOU4KTRr-HkZ3k%j+Aigqs~|NY(3kofLV=X zuwmf_840a#Uf_yDO6j_)EQW}V@i#>gJLW(1a7oe2DdRfcwo7e|z_REYgpF>XMS`)7 zEhlsM!8}F0jgHOT!>+(XJ$_wAIDGpstcb@{#tob3>^%>vZWtjSzhe4oaMFGb1{1-*EB+D%TW4oZ^kH zi0oznf*2sFbWW4|-VCo*E{Hzdq9pI16y=F%70FtQ4EGDHA;Y|rK6ntD`=>6WCy(q8KO%1a9N)x50q!2hk>1)9YoeO2@$0_~z(W)Lr|1u?`hqHCZZYvPGB zSkyl%dK!ld^VA;{(aY%NTmhG78Ej1%zN%dH6yWQ-NgyL9`-O1@Bd{W!)(OKIBLh!e zr-%jw$}?jpV6=Y*3U4dFo}6JSX}*ugmBi6DufwXhX}nGdhiK+sf)A?CgaW`-br$_k zmGG;wO3`2fHsM7i_w?9(o!04$<=+Gy&2}o!G;7nJo%qok&59sL1ZQV{JjcTyZ|?q} z`Y2&Ge$gsw;R|KGYJ?bgwY#HlqbL@+AQ$=662L zh1#dZde!T2Q`xgU-s)`6`5AWrfyAxRhULopbLK+*MJC$9el|6*W)>u@6kvdFe!U3yaI!{7WP zx~sb?0cl7I4%jxwPY%$^9Cnr(StT%1T-XGStdAO|J1(sX;1pV7ad&W0A(SKf{w}F>kY=V0w2egb{jJfxTHyD6Up^XC=Z7JY z1dGf*YLvMx>o--@cJko3HnwIeJ=QCt`iMH8nxJspiW$oprL@~x^4D^oM)^wO#NOk) z#oj>4QwFce+lx{nTZVZK5Bk}Zf_+0}6{{W1wnBc_NX*!}l4v2qKKl@f*H;jIkQc}g zgOz~$+wW$NT>x04&lVJuN;09#qPi(nb>I^ixS#m6Bh9ga@NxmhULDjn?z44R3S1Iz z-=4ND7QchMU7-{*cKC?TL^EQV@>t3Cmx`ZSz`FiYToeL5fcx0eWww8|GO*_8o)nBfY=6hL+y( zZ_LVr@m0K^G`q-xoVJs!I-B%@PH4C2OB5be$vb>Euu40#w2F77r!-DFu#XiNf+Ai9~=f zx;*@Ax{~7_?MzI_iKoA4IV2H0$Ql(diYc>0=9`C{qC&(DEwSnBFZh(SdVu1bGdq1;-igDjb zAU(pbc~xSmid~(H;^qzxI?LZ-a)`tgsYy74iyM+mbPMnQRTn-_&vfY<`lvfS17&gl!ORco4lcJ1;b0VM=VMrn#nU6g4a5 z+qcd!R+`f?uBlM%EB!H>jVMf*gh>fSWg<06Eh#+`%;nejS;pZ}I&~t;Di2?+5w0An z{bA%#5`I=|gPe@7Q}2T_*u}AJ`p@Ze&FbYch?@Z(9&Sl&AN*O9K(8;v+7WTL3(rBt$>(ciN1p zJ2~|}a|9{samGX;H#j>~!+1d)XktNGUI`+WnEWNpyjmoG5Z zu#D3#IS~y85&W7j8zspB%Xg!R~Y@or&_*9@dc z)X=}r&A=&@K0p`TO#GW<;7hI7S&;qrq4v}rBRHG*1#QJ2M?K7ybo_fnePl^lk>+LtrL1q$D8T*>deR_Xo&d3mfI^{Y0NC5nOgUzkZd3xkV zv5q^Q(SB^R($zs9VS~bSKBshONsV81D`Lfedg(aR89y4?>tZ-gkBZCALc)khzB7nJ z`!8w~>3in@K25SS4GNBWmVI)*6%XrN>AKL(CT-hdc(@krmFV#^=fc)Pg!I)SKa+}L zWeVFp=YD~9ogLGh1VDHU5!q^!`+P9vJe*G!m<#!W`JFrwu2U!!W>jo`iVlPJ0D~|Ih>h%eEiKrzq57!msLBmqHpR|cgi(+!(W%jKXHpve)hB@G!BJ`Rx z1*-cuN6gxHDjM6}0NLsJ_c&tKs`LdD3zC&iOoE?oSQnxBV{+PXtM~zdGj5b0%>x>- z-pQxeo(6uo?>LDJcikk`CeMUA^9UI)2i*BFfqN(z^O$E5LgykfG=5N{VRrGJb2+KL z)XxWWMv<9}m%rk8DET6Ef)tt(dLQ-pj^*0FQXd5*R7}r(EO^oaD_`aeYTB|%O zssG93INJ($&<}wVxU_0Y=Nis$u&GVi0(zqNpm?+^+S|O}(YLZMI~SR7iRihjr{pb@ z7B<|Sx}y{uND-9Px^~n!HCJ(OUH}uj^qfha2Bojf)*>g5eUcqVf37P$cBk0uYRS(I z<%brJuijrUj^KV_ z&h2dP8#v1)u{^GLY#M1jvC?I1yuXlvN6PH+5;Y{O{UIRi>yXAW*}_^eU)mV@8+eag z2l9}5u~u0Nga+nUH_XQ=o!*FMYSTlLuCq*PcgdKn2})6jNPo^3m9Z=;C1%k{i0F}F z6Rg!%@hD@b&VQk|9`O~({q-CWek?T9r?$PpcaFTG)6*WPgF=ABMjOFO(X$G}D zs}gk`t!MwPjv^01v%|HCPW>&DK8EqHQ1lXRJirI6*NTHb;+l}3S1*Cm4!h#Tr@wQv zY=K=rUqYNszihY3)=OLH8nN$jC!VW(shy?-O+aZTmM+2oFq-Kol8S!7C2b#?sL(a2 zvrpL53eVsg;~zR|?kBYoFq&29!}p$?x@vu0OGHgvX+Y*_FQl?9;bwr~Je|5D3G973 zkG^quN35<8Bq^hjusg+5mkDdP({JU?MZQ80|BJZyTAw4>#!&{AswCD)4HbAQouekK z;oV^>v3k`N+nrRQ4Lv(Vp0TPH%U|?uwyIf^>upLoVO<>MgDE?)>^J7%bz64|{gSWwv_ntry1%v;uVxM3 zl9ES#BhfQeCOw6$jRdFybvOn6KBJ$A^=c|w9DzSWXDBy;ni|V3y=gPF5MmCbZg~ap zN6lYHjLU)^EVLHrYr#X9Ay_!fQBtG-Udt(D3ve}r9{>0Wh0w;-Nk?u_28Xb~Z%7?A z1Ih?^Jt29A*KZ329Q*%HF>O++%yx|D`Aaslw?_?f88u4c`ZEpI>vF$pXV4#-Tdw(W zp_*>SFtDB>jdMDye^A|Zn!-wPGp78^EYVhwQ?RnTA`2Y^0YQ2fEc8b=jZX6H*KoGG z@KC~JCB?PKqOWgMtX$8=ST>Km!lPvSB=pT6*bjkrEXH2ugDjyQYv`mC{`}Z!J6fr2 zCN5Pps`CYtP@nD1P%E;k+9|7=R%I+P%Fk=eYKlGZmN^BlS|ka5pUXI|LJY3l%H1zo zW33O?4)5sacN;NSk5`=67%tMd0&;%+c8%*c!NQm+0X1Do9M|)NRv&nZcAIN!&B02W zE0wsVUiVcHTkh}sTw}g5cg^cReV6Tn=L~-jXL7}`2rJ6IgJu4F_n}F=LrWFnB=PRk zT8XSbU5p~TsGaooO>6GRrDZ6<(HD=lQuo?!{K9h7&qQy7(44~@2W82X!N?e}G+wB6 zFzAj0`{AkMi$2}ON7i78$-97*$;qzWlN>qNu%u91HWrwk<1$ZwG`Qav=aQcz6xTVGd(JVTMRO*CHQ~6{ zP9F?kRuHC|dJ0)4WMOTj-pCn4bxgG)%_R4lEgaCDG}TwN!QN^x# zPv6Y$WFJ2cB{`}mm9zeNLB(Tf;it}0qR0oRp9F5BUW=gx?kTKjjiPS$Ng^Panh6ST zbAHS{Q%N17t2gKmYePkkmB| ztwA6@K^f4_g!GY*nsvS*c)&Zv@1K3LN%o;-`#d=Cp+!?^(`g$*|XmF-AE)!YE7*UnNDfGUkfljtvw6%Q;vwBS0UM zTT=ZOM$*jtz5wy(A>u&BE8cnJCL1V^Bq-2^N=_jPEPL?$k^bm_4Yr2@i?a+Sfd;Hl zX-9rhB3Dy`x*zswxrBnX$C{}<-4xH<@0Jv&{q}RfE zicu)6`S24%hNlQS8^@-2pW_?)wKOPRwr#l2IE%OYtHs>5N}^xz-dr-rShKj8A+ZKy zSoYo7jCbzi;XaE!g15aOZ}%ur?&xA?RlC<|_Mi_UKM*|7eD{W1duMW-VBB9u$DI;AAT1p zX&QEa({VG(IcT1OHAnoI#hD6Y9QPxdfUl0WQl8+Fqy-;}*-=Slw6Y0cqjnGo;;U{m z^EPMufDz`k2dq-X*3OSxMNE>p3Bi)(I}gJ$Aom(g!(l6l_@=$PJ}J&N_4jpKYL)Ji zb8u6Xa@~8oS(pOwz{zc?q4zIw^h)DU1-q@Z24z3{pEbB4tjC2w{;$6zzhhIp!e(?YOV~!0*KD7Yd*2`{EFE ztm3!XeYyqyCEn;?tP zg#+bHrdX8dPnzUVkgpt_>G>1Cv)5ED-u{S}(5wwjl2z7&r*_79qmuDy$XGjlF?JTh zoNnk=3NNWid5Y5*>oV&QOW@L{9&cME%qyfX?^fziBR|Y0Ti6?aywkEjSHwEO#FX!6 z=2oz-qqW?|7)kY~2q=fZ)Yq?5ITvCvSZEaMBzNxE*u~`(%k1dU1!SC zD`OF0^Lm9#hdiO1hl}EqBRq*{V)ee3GhMa`ov7nM>*V7y2M(m0ef-hGX-Om+N*{Oo zpg}K6@_O6LkeJ_bFkmyINg^U+z0URCnFdGc=om3@<)JSH-}>SgHvCf8n+W?u@v8-c zAa`}~&oOA8u{366DZczK!6+FBF`lCe9cGY#h_Z>0gya9QhBo(q7p*7?Y^UYc;U<4UlZrvtbR_&p}6p^Pa|(#K7Y4!scRcx zYoEk*R>?$8g$J>Ye?6fxt28Bi;|d|y?8nHjJiYd9Ob*wdFCox2u4CD(@cu@83zKf$ zyOAPp&<%H482L&1F>-{t`^b$YCM`SJfN=8b)ce)&3oqqJpFd=-LXzl4H-b&>;4W#_ zVlawJl<~zq_`L~jm-C3&>}E&EP%nEkfzx^<8rKcF*tkdotv56VWG6IHxhJ=wVRV_s zfW**!?J1!bdn@J6s-y>8yy#&of)vyX7QPA@IOg!JX`W%`DI~fcidG~&khaenUA4C_YF&! z?k;^(S2&M4hYe~o&0?8U<6&8;twIADFt0F5u1bYA*c!#xp`-+ufoTqI-Ri_*1f& z32xjW7X$NP!6a%*mXON;o|KNBhZd0n#F{SKe;CQS;GUb2u6V|oGJF@)|Lk01whOJt7vB6SmaUy80@#US9S0LIW`la>i%Md zMK%s50zI|*=2z?3~V(wpQY3m&sLf!Af~gEad| z`ftF5^&00C#mRKm>l3Z@wp1Skcr(q)jz>`^W$tpP{rm?OtlkYIx8LWxEM6kYFELw_ z-VP_BG_|wt(<81?tSwkX1>=5^v|9E4O3^Dgq_KrbWoZ|Cujrw;2)>JZ;hyr2K^_b? ztItXk9l&I$b2}b?c5VEuC=zqJX`YYKrSiNckH9ZUyc20ns;1I2vlkE)Ktg<8i`aP# zWThI0_AHkA7`BbVi6G4QiS8FEpY-?7b>!Ke8i1wUACqBRl! zR`|cnNDpiH!J0!5i9oEt&8~yVe|mm2j#c)h93K5$%g6iXiU_1H>=76qq#v8mVcq6? z-n78hgaQC}M2rUdxKIQ7=dkQScJDSdpP?V~^D>JE=y?Ov8jb%L|B{xPB$5tGbfOK#@Q21PovPWV z;hHnu7CiQYj)CeOZmZZQyx?d|S;C-Q{s3mbT%1I-H;Xb0F4}@_ad@Yq?uDwo*}Tt; z^ZRFDwYI(qwI}ZGxspIkK2C%jPWFs>paSNVZr@q_b8x9w;#DTHVErrj;|6Gqkp4r; z3ffh9G*gwiJFeLHzRr9fnA;Tc`Zi=(x6z+jo9Oo-Ttl+1x~o2|^HiO$=1yb-B^W`t zdEQ!Caw1Rf1?j_}@70efwy=61lJ;8XL}C7~;dZ2szlmF258O0Uz6jk)=E;htJu_sf zWtsoZD@2AM>#1BpBTE9|`Y6BKT=2u+8~9bJv~Wt&x?1UX40C47KdN*a#37$ieEd$B zNs1^S^j(vh`BxJ!GE^((qc-b*PXuoea0>#Na=`|1MfWqg8NAtl$_+C@_4UkZC!Zf8 zi=hk3Y6VzT@}3%U_Oonq*xgv^g5y*^ zkS9HrqT=98^<-i&3~qRs`(=IN)0t6D(_e@CZ2$h4xD)|drRu?{=-D|l;cjt~zn9!S z{e{j=%-7^+>L)8cxvrOoYZ*u@HYiR)U5?-E{?vX_I1p&it6)M?9V#}8gXmK5c8UG0 zGzrNmV_SoK%d2q2I~}_5Z0dwSU_*?=T?+fA?&cbi+^xmtil=yzbKB1Ptg0>}EgYIF zokL-Qi5YfA)R+l&qq?z+4V>XmGTq$9M z!<&IZ$uy=?#0=5d(CeEcCouobxzz#mAa~5`&A#LW9XfsHgYPZUfUOc_8LPwlkSD4| z<7J{j9!rH6I7(YBG%oTf@NzkWl6!#DvjRP@v7{L23&5HHXu!*tD>N)M;nMJw2~l-9 zUf47l@g}HrUS7{UmG$`{q^S@Y->4ScPs&qV1=wkPfNOIrqTLw-V}2BzQ? z6Hi{M3!NlPB0=y-o^qkGeSpSfNe2$${#>NW49xP=j4~4 z&mMMPo}K(VD%ISX#MG!x4v7WKv!bTD-w@%?4|=SdI%CKrF6cZ|r$6n^jN1rWs^1S) zot5G~<+R}rb4CSL1)PZ@^5_;GA?D(1iQfNVL!}T$#0c^A0u^6~cB`0Dp&WjAwI8G= zsadi2)=`(xQGPO308?qD#OFaEtTBoz5cCsjJ!p6Z2fx%@8Xl$M?))wn??v^-b*+S6 zD7LRzXjOwi@C~0p_9Gp!F+rgc;}oh7WJi5S=(&^R&dCoMWNnqMapBXt%3P$Ek@t(3 zbT@v%mkl>suJgPe@JwdyE;SM%!F3s1A6nYAsIEr(tf4?>voc5g1ijG{Vl&lwvXUH# z-$jtHW$RQIzaXJK-ZLk86tXr9$NjtOYWX-V8|DXu-+pll33^DHj`WBeQPF9V%Mi_x zw8dg`SW=x8TPG~wG7&&i4I=_^49^!rukkdtHzI_VWGAczPZAPIUe6FLSxE*zcp(i)#qiLpY z+w?1fwG2k%i&Phr;tyA)Me(Y*U&#~P0g44>-3rj$U>M!##0js^W?zenA?tlU z3H60d?BQsXe@pnTOuyGEN~48{yebs=)g0nMbX$u#!O0;O_EWks(mq05V09#I^!s+1 zNCl;TPw=QIh1|)9PFo2}#1f;Sl(jJDEisUh*a#=D|%cWrf$39)^G*?Lz*UkSCh{5p_OO*>vJv?IY6V z$XU>#d{nTDy(8(uxUHg#X2WL2%j)6PmhutxTZN?|<(+R?=+VAm*u5cKP9&EQy1(-R zAL)oR&;_%2M7aZ;eob7Vwqd?U)On*Py{D`2 zC7Z4GsK-6&%^AG{TzcPV81Hz!ATA5Htr0o&$?zhsnvj5Q>$amD3lNeq>Q|@Cz=mN; z)l(Fhh*g?7`O8xnvjXQ8kgh)k=`KbQ;Ko7nS-#LZ0VL3-?25l}M@SVVUl-`r-OW4R z)E%P>1_$#|_EooH1e#x8r@q8MR8iOp@`C_%PAyFpBKD<+j@zZm3r!e5j-B3E8)JF} zNUt8J{ZzCrt3R%!uEqcTbz(r9fCqkKz?ZGlqo>u?L7;QGAMfyaDSxIbOk;QWQYN5GZV}F&iiG6t$FNF(r)qV?Fl7Oldhm*VC<8jjx-$sS(Ok_ zmjpL96$ZW=f=_Mf;a(dF~VahRIKl->Hea%$~~qRCI|P|CpLE<%u@-!#esi7QKCz%-tvxPy^ib_xu*@)2+^~ zxPJ<1pf5{Z_%GrWrcRc1s~E=u6_tq5K<4K832Y4mPxVWp4Uht7xERU|*{wrTZzLW# zu%)0zUz;4}1e~`%bi*b(L-nEhV&wW~6oM3J*mXYVWeAGmLqCEPiFdf(QmE+b;>5qY zMD;USL-dQ)U>t-m6dAK9L7+NyX)N^LBoYuVrVE>sWG=KI?{X|DC*1lYnlR zz%w%Uc=0krKHFm18~!QtG_w9MmRtK#w|U ztu(z>U2W+n$4~;#7ga#Jp_swO%kax^U!gN;?B7Jaxt9K2C0}Y0=3_(q7onV*a5-BR zrI#_RbkV{Z@e)W4?~ztdRNuo+W7>q2n3{7TwcwlIG{L>$ML8J`4Z*)^+VbnNOw0#kCL+ebMn_fIemmLvI1>%Ov;i{^E9o>7vCfy{x&jcESu!r zkM@MzTI`rFL3@EfzIf549_i5O-CV{ONX#2h>)37)UmJT+e zgd}kspRurng@s?o92&XI8UB!0Jn&8;gID%RKAGw+-eM4KeRh$Hh^(E6oA7aRV=@uE zb}}H5aZ`3#!o~g&{=7$dp`^yuIA41)eFQ!!o z4ba(b1wm*cA=xVky8E)Gew7vUdz=D1z>=Ti!|t+OyyDP+e~u+dwV3-(Ij{N|#8T43 z{}*T=m*2XG2Vi$aIvqCXXI1V!q^Li_Q(;#Rf9Bxjc^oD2--ZS9?PPT@Il`NDk?NiE6?SVJNo0Ub2RPIOo4WMt54MRD#x>Xs}rt0w~aMAr*Rb+z7 zxMq6)DQl5$VnY4Ugl_w;oQ8O5FNIXS5i$7or+=9%;K1DXy^Qu*NW>0=%}n0eB8s{8Z*!zgAlc0OxpGD{$G+D9|(^;DHbTXMLZYLGZ)z%RtkitEMkuv9lJ zh~rLQ&*^OyS-3YY%9jtzM6NdRkLEORTDjhxZl6F=QgCs{f}QN6IU|m{y^DO`$y&Ss zz#U-+eOH3X_=h*1j=t{a(S=>DFiQ#$y1(bNw-i%U9g3s>1|-mt+^GT(b3QLo6qJK0 zcyo$)Q?ehAdPmEgys`l5lxZ`6Egfmb@H`zf&}vRd53NQCgc`;SGsz=fzJs`W(ai@u zC+0rk#`(m)w@)W}ge{Xoc5Xm!*~U2QyW6DUUP{&A1_0~$p!?(^&{h{fj2%~Cvf~?m z*`K<4xaT=8FA#T~P(U2AqCd7;HR_>tqxLP(IyKht>&)1?e`D`v#>>(jCXba@d6w}y z%*Z{S_F|IZJZQ=VJ}hYpQgGd+SHIuT?axc&c&n!w?)JCDL+Q`QH)UJp<21YBZ*-*L zGf1%nC@nQNn+x$7mHnTHI=~`9e%kSPcwc%?5;96qV7IX&x#{vRM|9`#+^ zFlHO|;#$EdG+#xt#7l1!d$fAgwF_u$*YbkvN_SBz2s?U*q@@szdwdDnuU>m2H~h#o zlrqln76&n9h4?BIsUkXFok+%+jP)jHcX}2D+1uytg1|I)vAIN4>Rxgulc`^!zCxst z{bq4XZ3NV}pi^3gx%!W4#-D~c4m){P-v>4(B4 zn08Fd5OTKp&3*gdV&qbX`THYTb}e)c-GIlSRm@7ir@}6#E}~aN#5JbkL*fj6iFs;X z{SBT%$UTW1S=E#ey?pxD>=9#R*n)85fWsOH*^+Vl3s~XGJm4whTM|6P27$hKZN`Jl zFQ9(u<`&I@xI8S#`<1s?X$wofMVrevasCWjsmy9?$l(bsw<{G|1KmV$)@Jl$!T+5i zbm`Mlo-B;@G{z>+4Knzg@G;ZbAndcgEd97jVlh5CQ4pbp!!*y>jvf`ot37vMrw}QV zYa|Pr3$V>LybmJlu&5-AgXS1T#k^ATfdHhqi1xU!KO>FGUbPa`wb#CbCcoEo0s^L8 z)qZxxEmX@=K1U#S-&Qyd;&eFXPQ7{K!-H&$@cB^PYkBMf!M3js{~SnXvf63HueMqX z=XE}YA2Se}@e;A!>?Jnbtwn#_=C0r0Fv#GrCD4%?M{O)P;K>m0^sVNKbq37+gi^JpS2U&1ytKjv}LPxeRDlAA;`2M{&Sl@1)(jTT+TS#lg%`5N&yt5DDF=iT*nrVxWQ zPF~Y42wx}xTroDKI?GnjXsGI;0HX27v9i&K?nz4Tx4%EyqXGanVMu|G!A^_MF*KXH z3AtbJ5oqVvUFFfF=0IE!8}t@l4q$B^AmlqvKP*9p%)knz zOTe-VBgx~fm<3{d^E?Z33&V8fi$m7;p*NXfM|Q4$d)vvfp~=GPq+2nk8dzSKX42&qJ?%dfAJUt&kfbnea(9W z4Fx!!X=|3i8ezURxv1tBj$?yN#vr>mmr~p_0mJPb??Q6qPN~~y>f+-!E)}FER4}wSO2&wok z1zzIt*83@i@UjclD!%h{){*wcQ|Zbo2$xV9-($DACgQPN-54zYjLXt8C4*-N z4jWM}O?hedaPgyCqAi2>2y8?_#B#~Lo6o(X>t*=r(@c~QD=K~ zs-SIaHUb9FqE2BpXvp=;*~=X~IKR2QXY)B{WJ}mMQQw3oG#b$a9y1ckDr`OB}F$}-efr4R2`qg ztG6#r+Gn!%;7T|^&p3DRpe8`I0Db{WVIlwEZt$fdlr`0E2E6m)g0G_Fak&y5&ZR1q zo;#H#3=knDRIm>68{Ct92@8DOn(#uRa$DuzlN$>bRcM>>uUV3y{>}U0L(2c2@`$OW zFC?x1LYB9;O&yv2>HzuW4eI0cz1{7W$nPI5-01Z50oQ_m^lK=N?j9dzF#?Bl$?eR( zARa2baJ%266bj^u{ZmJw^cVa!(mihj_%UUo--ZY}ZnvG04iy9j=DNe=CQ1sgQn|u) z=hYZ&D__~HU2{H01nh}s&*yGgPqIA_Ok7`PlbTjcOv{LJ<^%bn4~b5w^<os%B6HNWpt=Wx5CLnrxj5{Ef z%Q!3_j^-BiPpr}D9I?)Uxyr{dTcDRuShUE->^M-Kk9iWpI~aCP$K_g?yw4BbjmI(i zHH3}n$Nf6J2-Kl1##K*-Nh1FHYLj{}TD_JS&|`O-TO-Im^81Hu-%nKKlO0lVJ*8gv z9JZ~mcfAi7H$CjczIEZxwW7ezo5SS174}i3=i`W$mMe5`g%i)w@nm79AkjNYN}|}? zEdz<&89!!)8uz1K`X|1wm_=Jjq4XG2zk|`wC12ZwvrBY1DzT&C2W^s}sUG$`I^?XpjF#(U6&(T-%tM9Q|1@ z+(9_2ZsYI)rU@mrQAVcL>2XdrI>*tg%MLm?ScL#tygvFYnU9F+%tnF1x8291@ymL= z$gTOMq5T?;L~WP+u5W7qo|dMG)#vk zuFR&3RUdq$BG^I&4@w5kHO%W!ov5x*3AW&n{;cin5~#pCGAmEfM+c8=HKdZ-k zACQ9>_7_3!`j34ahpT3TBE+*VM2qUHMt$nNvFp+YydEo4Vw9vZk}^XTaUxl zMVz;Umj!f^Gp12Gm+Uq9sD%b^!{*3?i8Ybf`Ekv!fr4=-@pP38m9b~TZLE=r5SE>o zyh2t`sfZ)fFI`#{-SD;Et0pW@2qq-96Vh+mG`_(;3CB1zb3p5$=Kwg%Ml-UqC>S_hMH}IWl-LfO#peg*z9^2ZB{8#>g%TZHObBDsagjdurN5 zU?d-~v`(B{a^T4oAW=0*4aQ@f2mC;+UqQz%crUxtcWNZ*g7cz8Bn&f%r>r7f%;h-F z=66V;pj4`%z^0(^J1R6KS=E*f_i{J4Xk zYzgy%YvUbT29HsP!{@8#{MvL(q)sr6l{&Uqj{>C`tYZk4{?74vGg)*-u%PFX%+oc3 z@T2;D22{a-q0a5os_814-X}``K%ppo(3Kz3&};^g$JffO?LkF)AM|)V~}YDTt%K zN58}2yqdQdT;CTOUkNs^kWjKGclgK2oyjLfjeF6uTpjFPtXWJ2xKr&_CqRC(UTgs9 z?! zLJBwBJv3x2InYHER$Z1C@3(;+v&tVpedZG*Pwc4J2SDW_0`rzlWu4AYWcZ&CvT~fy zrlnE~T=D+Kap;*U0jbX2Sh?|>u6KC`^>CStX*6v;rZ>_|Pu-Q#vw#J3fjZm71@!!~ ze6ap%(*&VYA`utmJs^sas#qKd9#TYo<-ZxPOUzIT2$npG5x=yD*4GWbyIv8;(*A!i zz-_$(%j47QRBcuO4P75d)zfEs?hLl@aqk|0m{dh(fdQKSm4}1!mv-_Wm>FONr3AWO z8t4{n^<1N^(T`c7;K_X{wpqbpN|elMMSg#kY@qe&>sS}7J!)Nzzd>QI3@|w0R8|Ib zPI>@6J7L(-b$hs5GwSVq>&33p1qz;_R50u_(wZGyc_wpSHf^T^BJ3^!sPK-Mi zXha}}&pstG?i+S=<8k`JfiBjNfh$8+37XELgV3enC_+pudMA#V7e@6R6~yAR&0Z@$ zRNv$d_Ff=E-Ef*a+cP7;`foPDmnUksLfB;5)iPg_fh1@= zv4M{j;0Du5!g=@0qlFg^k#H>|KAYFr5Z3+fZ`It8=eU#~qg$wNfCRN7~$aI8aZ6Pm!BAi|>$z+{3XxL9aYx%~|JzA!PlT z3@uqEm>bVx248R0SWHOGFQ@YCGGCZzDGCN5@fDB1#%uQKO7Z#T2TBl0!A|i;pkwA! zB0QRj|HjA%(vF9`DrUaWfI~Mas-09hDg3`UgINSkC6hcS;i!ro6>%~_oqT6E^O+ge z4lk>&Bz($GSQY1V#m(08^Xc54sQTxKDRIE0+gY%N(%1ovd-Zkc!k*4={YZ(kRH5JH*P6-#=%O@Hx5m}X~yP%5WUoyVd5fw{OPerx^h_}-3;<`^I`Y$r}0N|BgRr~1pM;*58atW}GAzrlQ%Sh&i{ zFXAg}^E3+U2TUW9Y8Dt(u0nyB&f8|Vkz&!5;-9~S5{z_54uWXRDWfJ0!yoXk5uqn@ zhq;2Z2CeEAZ4A|55m(>=M~%d3fN2%p1IUOX(Z(@ERuELk@3EXHp^@;a4#$!hZn*=% zYG&S(KxiTOQP_qucmU^Be|qo2{@tW|M^n~-6*oGs?~z9A0kj_O0C%rozCFW|=wLb@ zxNJx{P))^}0eqTmj%rED^g-s@RBzh)acSc-!z}2aY_G9*+sNxJKBehGzMDPJ1){qc z0tW?;&E<36EwC?dkM7_;Nv6kmzenAPYx@5aekmS&0H(i1^z5!)|t7eTW_p7I8M9~p~yW0dbBGnxn6+~xfbzLsUqXLQfl@g!4*Pj^8z>( zRd!byK#6@08S3tOuH!f%oEP@30QRPmno&p`+4czcdbVNP6FIbo^jGhq7SPxz=ub0E zcWqZ+>BM>yffZ=wE>olXJX+!F6!mdn7p|>XWQjO76@`878atqX`u;yNhHUlI6zuS? z`5h+PsSei;Syt~bL92l6IxkEjQ=5d#?jzXEG8tyrq$1C8OpsURnbD6e*{YeYlb6Yr3GwZ9J zgPHdFHMz#`y!KCPf zeR0MgRBCR&ZgCTC$8uVhxJ!%Am%TkZP)7!cuT58)CA%x7e%U;`iAZpm?I(EakXq}9 zcH14Q>+|FnL{?%;{dVI9ssaGo^J_7L=*v(tT_GI#&NarQK34*^yn306lw)_8E`tg| zKq?{d6IUG*J!eh2Xl>%Sb>SjJgyfKJ|3Q#~*mV6y$tzIssWSKiyxz7C?3$N8p`%pf zijK8_2HD^7y^gArjm(ceZBfU8XaJMBv~bu3nUCF0v;eehnnc)xg_K9#5PA9#;=R!) zJJ$AqT}tE%dtHmKWE>1Xp2L7=liK}V~EC?zNel$78syCeuIz!$L( z7x{*d`$?Q(Zg<{Na

#|9{j%bAzGs+F_)_#yA_(*jhK@o8TU%*wUI@98K?~A$%xL_~;~}pfhhv@x#zWv1aTobS%6IaQG!s4iww&6Yl`%@Cy|EP!hHetAxYZ-v@N6`0`#(LkydDH^fqGm* z0#~~w^DW`w{lCw(Rq6R3-f`gHlf1Xu?eV+}*qx+9#E6Cam$Wo-f%qm>JcnGuY0v+% z3VeNVDW$`J14Z?EP<5jj z*@6V46MFj@Z3u#IlU{4ogTuij=5A7jN4V_)6~z%8_Eyl*G|=mCaZ}=mamRkh1j^D% z-~7y$*kOPRXI9iQcx-VF%vR4S_LEqG-~sJo%==s28t8d zKz2|9dkbC-hgydTPQ?5&CIH=_2CvI5{#J7O4374o3mFJ0FC%t!8xHQK#a-7@_c++z zx-$ku3WRA#zIckzAy!l2UhqnBNECr@@L&p|)Zu5MQc=jc%ha+IVQU!{z-Mq(%~Cb4 z0(|Ml=VHR}$Gk_eQtIvrHJ#m4z~|lYoEVWnr-jwSD}NXMfWKmh!#G@b|o zFgjAgD-{Uh=*RcM^9FGdCZldKh&Ny1S23k=E2{!J0<-Gy7x=;~=dc=~#y-34=j)K3 zVU`xDm1`>Sy|xCwAPvTzb9klzlK$ksbBW#(I}o+q<>mXk(9UZLqQ{kc@UlPbw7f;~ zm`?DELX@5zXUo?z^WUra+TToEH`5C`hh7S3T?_v&ycvGXdi(;(=nRLlCzsW|W*)^G z!;+5^`(1L1u|li*+9T=#c)mRFkJSLgGApFrOSrZTOTt* zwmKX8XMs#to6lub7x&N+e7o#Um{;2P9`AZpVs1=;+r<)mrGB}}T&}<-ESP8_LXJPj zDp&Pb>aHin-6wXSvZ_#F+HIiZ?_~vM2K#GLjTh>7y!9fHn_GK9f5kid$-b^i`S6S+ zVF%EhczkUMea25r`YGO+N`gIthIUuZzdIHMM_ptn;d0)LZxMO44Hdr0ZC3AxzQvh3 z08a-uqZ`N2<<;7d6;o80k{^K%q$Kc^D1aV%?d^idk3nwT2uzkb<-j1lYOM^nf(Yl9 z&efHPd%1perlYT`K!O?-R}jEl49Yl?exG~)szQjso4{~>eqGPR17UvOPq(>Yax}rJ zNq;@@Ag@w(J3%y>EXBi5jH=9zM4(?}_$@Y(hELr7`B+pEr1-He+6L&3O=~NEoewbz zAmUg%KDCe_kvL!8-faZ)-ZNv_>&QbJkL+fZIC#o7deZvfLYhCVU!-(8X{36?eTs$E z1=87}bx_szk-xDIU4Y1$H?IW5bZNYsE((@^NxD_-?mRIfJ^ zZ1c#X-jC%1`nAE=-@$aaRdH3Y0zL|h^`=Bb`2;3IAmK)@2cJ5lWG^TwG>=)5i^!+f z$(9AZ@9NY|JhFknU79s4I>okI@}C0-f9XvlaDuWvR%+d^cnaz2=jNU}W^K_CF4gTQ zrDZaCIne5x(I7jl0JWbDi&qI0lk+1MasC{q^BY_rfK6R(!KAvd1dQF=bcqpw2SdU< z?avVZ_-U{|X8oY@a42`Apu;3(hndDAYv2rcqO#u`d8PBbN%=+ME0EOSf42nX&2_G= z2*(oU3GzE{#F!=r*A^<7JR9^B003aiXP*$U+|~d90piQ&a$$lx=yOw3_T+du=Kvk? zB0&(}VKqw2>|0I#>~;$NalvVp(kPPdj_G l?1G^pfz*N!uJiLDOZB~Ul$UUXrSi+Hwu_V+3DZ<;007Y6DnXPFHLtnRdq`hC`yQmR;~g8sfh^6tID$z=09IE=0T(YQy;*9K=4|!#Y>Qq z6B7|JWA3!R3N*EPz;8(3adi5sP55yFN1LyMII%Zv3Q!9mSpFb(Uv^5c-D1mEbANq~ z;DxVvdVS51EO+HNa-4R_UFW)dS@zJf?!m@u?a>VgetLIL(UrE}vI)2Wgxo+rG60$$ z4ITj1Ge`c-Uk>;#-Gn^20Y>-6M~8sdSKpR(ZqhFB+ghgh1_2LOkB>;X>rI-Z0dlpZl2(oUChACmw@N1%@w_Y{u^r}(3Q zEcn*-eMYtwF&{+iR1Eii>uC5pIrT`Bf(+?0H0#Ap4 z;D?%O0N^<+z#fi#06^`H*kknb*LHw(vot5WFq>hH9`>Gy zU}_lrt*weGJB$9JNMZD<<4p~bG{BGX?juw=C{CQ9xG^d z9D&MgCk#gh;TMMnCL{&({NKKWdMJ`n*aItsgH$a`84@#Y&ndME)&H)NfCA9(*tjTy z`P?n)kL9<7xN5eTp9;=8wfss8#BaJ7%g~k&#rnbt8ZqF(JLZe-+s)kBb)Eu}iDD)= z_0KL^9+~^b+Zhr;EQsQC$2%2~9(Q{ZhWfBQ(sC-CIZfcWM)vThSqd|^6ozVJf?yw} z&A%HL+VbR0nk|v$zQP8Usewv1fCk&J;_!}`==J5T;fBF=H#67xLhRa-4lrAWbu-xu|=NN^Bb(&P=)`H9LCY24TC0P1T z3s&<{8Asq&cfy36n{m4E`-fHm+POPDZa21bNUKM*g=rn4K5T+fR#P-Kd|`FCNl~R8 zNVc4Fzc{=!Qb1;(i(r7uLoJvvlQY-N1-W6+v>47*1;-51V%@x&j|I2Rr<|iOgG-4L z85dVwYBcoHurc9+JK8D-!>aB`%ttPv!nM+U8zsFZVGrtLx4x^--n$?zYq%53 z9eq>2kAJ7pG<_vU;FgwaHNkuGf8NRtasFtEhd2Wk^s(k=YnoDlHuPkjwQK6BP0-gKMG`qCIP};@z*Y{Fa%Bf-fNzdiIcQ7lR>^(oJ8L= zd}Htajh9pw84=_6BM_zjrt{kj(?GF14C(hzBABguSM)Jv%Hyk@6zlE(Mpg#g^<*&o zH~9-0mv*NA=qE^7BJDOeD#UR>;65aLRpb9}Q-h&QWcS}UrQi=8Fb+G0p|NZiN=rY!36{D zp!hCcm0cy)`E4{7r&&fK?s%TMezQ8ZuFZn_H-YpuH$#oB%7_Dd&Ydzh)p_a|Hw* z&-5qx&w1k|~0X?j-4_)W_#sG`sT%L(F#H zQ52i-@7Lr!5yk57x!%{AIOL^mAZL`xNaA_{XEOH&*qkJM$p5d7pAWT^0&y;VZNSw~ zSBrLL^Iw}OBv!*k)v?%f*-;g_Sc?7!wZwf)YrxlPC(HCdq@hiK)30i*Z9DQ6<%swr zidez-u(=0t%eSPxM~J@&?pE)I+DmAlfz0yX^Ak}WPUBzUb64%RuN93qlfg8KWl++u zq9LcoKz84^{DdrYIF+?{|9v`i6a5l{pzLX?&nOQj2eI~4Rt&$5QH%w(MU`1wKp@HI z8=?7n)A?hb)mxP526=UV^-g$B#8cdp<{eTFmdTxE(+v7~ z6v_BUmH>>OTMW^N+o}~SEy-_d+@^T_Ur+TP-G-DvlzV-Acn>$$4w}#-kL-0wTs#=U z7nsm*ZZ0Hop)*HXx5F5^HBQTK(Uyrx97}9`oRXBI7A9m$JT84~q#Dj}nfZoPiJ4bC z{;DW*_ES2XmWAI#vk%AdFQLj3(fwWhnyy_IspCf7VovMRDeHAk;=|9-E|hxT{@v`Y z=x>p3UA^a*d_bI6Cc%r9ZZ>|&S-hR;Z>6^OT_2y6KzjU_=l3I4CNFR37X+p&Fr#~T zti<32dGfQq2xdRCW0hd2ab=vxefycj^LIu-Kn#imnw7l+UZc@qP+RdYPnvFAkm&i- zF*7KErI3yqN{kP=|AxrC9PQuU?z12?e8@#1KIl+DQ#al?Z)&H6X;rEi`U29$SY#}f zhpgro0X8==)8IMH4L7D`2p0I@;ai{qABpxYlIN|zN&|<}e03q67 zx=oibeK2_(pBA3|$f6DP0Wr2n*APuorVOf9Lxr(3F=t|X+C26?;ZQvJ`5)4t!?Y&7kyEAvK!c*-6u?|cNq+uCfo z)d&^j2vDT#e1F5SZQDdn|5x@$Vbh9oAJdK?ul?Bw8?OnaB;fnRO`0$=dl*bY{Z`!T z|I?%I{`LjJ00n|90}4)B%E@eH!G>C;KRhw=K--Lh=9<-F_JpokaZGZvXeU}cH+P6VVKA)>XG1zkfK8Q5&EIK?>1eWZ*5<@%qDjJB@#Gs=u|WH7hK@m^06@i})4le| z+0dwEhb*{#ibA-SD#kV#9s14H!M<*DzwXR&iXiXuG;V6oF1EmVu3JtT8s=~5ev&Z8 zX4{d|Yq00s_%F%5H3r|d+jozftA~ab#$`Jm7@!LQQ!F6$0BA+E6VtSE>|_{zEL=Cg zJVwj`?rT9@OMn;uCzu!fLOaYqU8IoZ_<`$f*!1RP%b<>?~2gdW`=v|puD!bCAyx3 z`mKsaU9t&G_FIHP_asktuBVrMxmacAu0#DEIk@^6mt*#gCuIPz$Dsm9o57m>?};Qr z%IiZaz~5VAsL2X@ozw##cQ(wV0Lq|hg^?v{so-UE!piK6B!|$vE_JrieW_^JkpK`s zj}P1{HJJW^kP|FFx6XfsR*g5N)?Cp1fA44}{<;sOc!PRogpQ(Q`ede5FCf@s6Dz8C zO`9nCIK-V6X%^aOn0a39&WHKZhfAogAppi5y3OW8*4RZ1ot6#6V;%3=1r4=x)j{t& ze&<@4ct6w%;r+eqwd0Ao%OH9uOE3E2vFUiBD)$iXkL!g^3ex&{IZ9G>gC0>M_1a3l zv~UhKumpSj7ww12SscDj^;wy}{OwK34+ita#=s+4Nb2)IzA*YbRv;mPlUBhH>oDkY zg&jii0QWpy?)Lqo&^_!TC?#Myrshpxdl)DpYeCFWM&M{kFGKIN;yh>3`~k1W)nWE& zn>7sfRjWgIs2?v1a41AiDcXRRyyLoNalp^PC z%g#lsX3bfVV3aP_0I?lvWHmmHRJa{Z^D*SsEwD7A?6bT{j_?>DT_F)TPqt<8{63O} ztBcyDKn{r?W4@C7{*Y3CM24?u&=lL6NNwm2l%bEzlh!s4+rUse-xIILfoH+ z)D;4I^#`p$+-^Rp9`*Q0H>T;Flg#rXv^b8`p&IzsHmsjl)D~(Nb5Ps0LRoN!@=+0?7LDv@?ynHhta}Oo`m!V_OI~|$3{F{{ine|vZe`RUR`a#f0 znK98Mp5b&Ix@_PNm*Pir`GQaLr7PFMl?P@E4_m9hLO)6(Pg2j|gX zk?ui-{xvfQcil}hHSYR@2hCY6HWdQZKexDm)5lTy#&g|eq?m6e?=nhbu#BEh6b5Ax zm-~lJlI0i&S{{vXNIL{w-Tti#uB}o8Ig~oU)8`~q9NR{$^fam7;o)RGn@)KJtCZ?% zy{-+PZzjc)@H^+P#GIpb{4R>(nHBV%0nkm7&eF(J(~bmte$;!5bGwVh0pgP9D;$Vc zqh-y!cAkt(S`N)HPAFRU4U3|)E|0@thHENdOU(VK^dyh1J+h2M2vqJoF3Y;{5 z*o+~bJ}wMjp0gFyJ#C9x|MasH?QK$n`-+D>4mVeny?hnltg}=A00;X_j-})W0`cq=R3>@%lwKJ<({^X45Z4iC#d70uYahvRd|S-}0BTR~eHN!JIj<{G*uZyyU- z0-xd!xj}e4!8@LI-`=CGDV4eep(urP+VH;T(?57ZsfM8uquIX-o1e|SL3m5Vs6QBZ z@Ea?x$yRY_p!yG``)rr=4aW|jy*xCw@I4rypyi$*Ei*nVNgaPz_$d=$|*%@v-SC$%hgI~6C{=!H&>s&r63w72$tBv2{ zSLFnu0ffd6Eol?LdiC1+`K{7!TDkdYisFg$BkNU+=qTV>H-TPSWM}NkPL#KN%d{OJ zhe&TNsJ9`qMzk9W{zOkGm}`9w*-mT(&AOqU?Qq6vrbYyuaJ?omXzkP6 z#706_tT{gP1$hBBCum|P)_$j8yk1Sb3Z{b>*c3M_+3p2O{}tW;(h}#ONy7i^d@c2a zdg;&bxIUmZ!Mz~K;;SSJnWqE;#~+fu1!5)+axZgH_E0P5Xsc7S_gxP)+TH=IfSXS! zUhHI#-rLuLvq}}MeGnFv{1}-qN24JJ5w7nBShlvCN>vr}MRu8tv3#T1mcE4im{In~ z|F#SE&3!3JA#Tv?g_CW3m3B1VQrHB_`;JiKACUb=M*O6&UoKPf{;G*?sg;u9EPBX; z=}FBh;FFJNAyFwLBZe#HBZ#*B)3dzCeAh#~mUq>-O~Ln~rn*m15B@+5)g~47? zJL~a+8H)prh_x2nqQnDfnj`bPu7SLE*>tlTlvbh&kM*lh8QoSvpOL~L-hh>vKovxB zIP8pABsm1!AXH-81%D@zfP)KbZ1gLIq?K^sUay*-#V>kf!dXxoTOTDtY#ee^lZch+ zky?CqgWL2X33YeS*m#I};5s>?3dT2aHGSNG+Ak=1Lxk{sfhyf=H2C|yE4%dR&@xD^jWiK6R9Rw5n;t(94-I^U z2SSpY9xH2p@H=>R*) zQ;k!e{v%D`0dHlAuqu)99g7CzjRn;z?eQ0;Np8p`e_6x?jG%PlnAM?7*kckT>r7!) z2FPo#0{)!tK#D5JHw_Y&3oLj+dkiqd@QLt8%@Y!sBA>kwzgZ18*lna4G$^7QfZ_1J z8(M;Fx{|Q;mt8K6_y3Imv7zT2g->Qq{2@{3AbDYS+PwZ8vOzsKgmqKUqRs7C?n^9z z*0PkYvJMB+;>nC@@oY8>9%VxKA@i@;Bg{w(b$*T=a)Wm{Xh&^hcqAdG93P^5QbF@B zgHHaIiB=i zjjx|-luMR<+Ev-$h0_nk7R>^+e(6Rnrq5B8G-Y(vaiR^SOl6Ine0*3laT*gUT6gUd z84_9;Hrc38gF+>1h*sTVY9-!+?$89mf!F!uBs2i^Ko9{EahGtyl8aUYXv0Lh-6esl zBm=#dVn4A7t3w}JAKw!%L~u(S((!^On6_Su{MdBx)gytB6y(U$_}!$8rPQYZ=(g9{ z!ROC<=XZwt&(Vd7N?IwSCj}8nAnGF()e_z~iZAaJ(xYN?1`{`)zNNl)WmRO+UKXS* zh%uNSXFnGb>wL4jTah58xz~NOXOa=+h}F~=g?KS0JBJ#0>3jGZ_f==QO-KK}N3dVP zeYB4(y%jo`5lSAx7h#+@APyQIjrtKE#ItrL`6;$1bW34_}(`UNZFL=e?Dd*l5 zj!3hk1te1rhhftM5|!YWL=bZuI6u6*M>11+TvrR_B#p!x(8VH=95JcsN;30(BH4!W zvM!H1FxfkAX98E9E^e*d`?Dle`3Z|^#%JrpyyoEe4VL_z=u}DGgi)nn%ue7(kI89u zqT557vXt1-k4V>?-wo-j1!UWCaDbSh1X3O0RbKO@Y#ngadj^p!?el&pa{rU;c5>W+ zye-aC)nK#X3i|M7&E&9RS1}V7>Re11HYah4FT`=ceW&HaVds*R%!vBtD^I*<1!?q4 z$8DISw=Tjt!4Tnxc~DW*6+a9OOb};pJn@eoSnF%54TqC)$EO~Ws58nZq{PxfJuFpu zrVl!CPzGfKqK9VHrc;OTt{#%2iU(KRq5Qt`K_Rq!|9{(_wAxoWnXMQpSNFHxj z;gkbRbSwZ`Z)9%*awe%F&}{5ZD}u4jETgHi96m=~Zs-jj!p$T4GeLWDs(49ao`5q- zj7#&|J<}MwCBKB)Iy)FC;wXQG)_FuK02&cXI%eBP2)1>7FnE_D)QCO9{Auuy`l?n+ zK-kpt3|DOBuUJFD;fvtduICP@Q{GcKfX8n_vfDsb-dPG?k`AE9i=}T_0AlDbZmDJZ)6uh*d+rCEBX=Nb4cB?nT$(l~oJ*9Fs(FvCr1NCxbB8H$oL>k0 zYk4B|)@4l$KZOW$iR~#Tsx}>>Ao}-J?9nmmELPqKpOxP~E2h7bK)PqAU*KZskIp#i z?%;v*qQ3sofsoFic_cvDqk&&B1669D`14%*R)4;)fA(FUVP~J8|BqYQ!gYj_tI`_#XtW`=z*G{Is%V}#VCH}_ zJ#v5clT*DiccjPlS4Dgc51&c-X#x@=E_(lCV?%5^JA`;N8sXr|;3PHp*&9v{{^t~> zPI5bT?>;~0ojzq#1fxudmua~I4{-*X5`~ZiN{y9s9{MTs5ZG;f#=kC zE~Q5$Zkitq9Elx{9=u73vvD;gU_9us$Smc(KdIc+Me>|nCXaflV~F#)n1AK`D?rFU zV)v&B&G_^Iqwc505>aAg4Kdpv-25LVk@~>fU6cI%P1>5i;C~Et_1A}){yzJ)%DkGU zar`E%om1CS)cT0IVnq5ia7#PfDytg{GlCrHIotl69I!qclr`9~e>{hQG`dTto4TXp!d&w1kb1Hl;;ZO`OI_A#XP~xlz(IP%QV%1EoWIgye5F`|Y}b};)HJ4_}j zJEyT(FkzF?24SR&$GGgyS{1c9a>(7AvBvG?RNw-2yaPKBHjH=Y#QNxJas;|vK6+$- zSo-Meh^K^`&-x0_?)c|%j+75av8uNaI1vT)bXxvryl1ih*LY?9AC4NQjcWJ1w{5Zi z)vQn0`IF)O)7m^_`GW@i^Rov%NDr?=ukt1jwtWd=8?1j8o->>6ReZ5oP|?qf``IU7 z7>|y&N}1@^M0hgw0>*NC{j(7JFG%|jQ{it`?u(TFy!1KP2EcNVw zIVSUev!L?g?qHMuec!}n@o9ciFg=qxEk;NL!T#x#;+&|E>l!OTAU9a|#_tY=gdQjp z&ws(%5ud^^Hscd@(g1mL6qC<04{&j5v;}#4o>_A&swg&Ibm?d$sk1~_ugfp0^FPg@ z_6UAlbP`R~-^%kZs#<{s&(ozqi#Owas> z{`mVg%D;>vs2IDNELp-HID@SRtgIB`N-vrj5wztRAyKtgO=Q06=a@g6$X_KxcG6-% zA8{_m-)|!h=DR=64)jUhY$daQ?S6oC$5R%PhyFUuQSL$*XpRC=0^RSifIz?=Jp~Nt zy1cg);Si3T_=LYtmZX5Su;;P*v&J${Rp@i@(ClFsMw&$To~d(Q5dtjh)O zPMKod)aZyThV6%STJD8N_HVB{GA)|LQ1DeHtiJ0~du*6K_XxvcjMN4fxox335Rfec zQ>t`AEjrfL$0iY}QV+<=?;Ck&H*B+~cJHD-wp9Mefd9^&|5fa=9Ag17{B7aES-jbD z<7N6uxQO?=zA`p)WppnsjSaIh7Yf@Sp-Ye5<8<_8V}`c|DR5Zy0->4a#PaLfRt@>F z$Dh9CKRemadkkA+;J+Sxi5}8J$^w*NX&iS`Hhb(}#;K31?`XjU-#~uOPq96i5lx|>)evYj})S26Q$STivvH-&wJ}*_r(dKh*V4n+2|5h?NGKBWq0&a z&U?d3`3Vx+`9k$s-FN~2DeV5XNNMz&LGLpLy8C>fXLC|9_O565FjoSK)H#uu-h_P} zWQ%&599PN~4-Mn#rA_O7xmCORc1QKnH8P|7APM*@&s}74I)_86; zX~)dk*W%px$snHxz8Xmg4{si)2QTUKXG$1mtbLUYb!)#}7fGf=95O5GW77g43}!m@>uYiFnt`}|IPDwAtBWu?|y==^K*FmN_) zNB^SS@WXqXdN|r7229kBQFSK|IUEORSi2P)kj(%HQtVI4NoC=dl8M3*AKd)okng6z z86Qw~4>L-#mLrk^sx@nm4MxxD8^l&5inx|Z$vVBFU)!UuSirF{Hn&xb)$lF9P3m>0 z`sTdLuZtoXAKE6HiR&sGX~O(_$xHt-3;C7)sucL=@X9Sf6n;b%sqTr=U|AkYY>ilk zM7Mm>M`I0hLK++d8{Bj9kSirv3 zGo(2o=a=gw&jdFPd8|R|#dG-=WO^y_U~~cgdT-^<%|GTXKUe+pcXNzeBVZq%ExP~Y zEGjtZ6$=En{^ONDR%_kT0tj>1>_oW0e<7-W8L7{F`*(XQHd6yXO^N>XgZ~c;WWU)M zLOuumMN9f43;#61etcVpet#ACPYM4rO8%v_G6?_YZ~d?B zvr77}k~b4`l~{^#5Gf5V!e)ZzcT z{6C6L2oTT{pyL7P-+zE`+2&n}sSqf|BPQJXmXwh$M<$q1Po@Ec%Ya4E*&&o4Ppbm* zD@_Bs=xeYZW66RCh&x|@-XVk+PVZNveIQ~ntsdLrM#7doB0(F>|Q2~KA(08gFiSmrB zlODr0-I#ZktmEijO^20_=ZZ3bDg_5G>25c!?IrEF7V+aPyZK)5u`3iE4B^7wYADnc zE#25;X_=I>qObR&GC_elTq*h^*cT+#ISppv0rN?9%MzINeDNh#47(jdmkmBW%Y<+R z6A&s!%xj8Wa?g^K2(2Z8?;D=qdwq!L1zCuk%C@!Qaa^R|BTzQO^ z31tuyCiEOJ7-@v9EoEMk&wL86z1|mli5U-b-O49Iq5Lp_VT3RBL;Zy@hy$e!KAs=a zI^1!?H0r)yM=vRw!z3{-hfrFE&wHxchAuG$rGCH@wm1;?Hu-eWO6@ZKWr?*2W0}z9)gj|gSF0y|e&*|rKk)p7L^0B}<_-NUR_6PRCgE4v~yuneH^#=;MJi}=|K zi|*{;^R66ufS=Ft@5TzyVsz{y!u^UQ94P6V2&s&MHnrr z-21vi@?);ffyy~5v#bEpPNnyQkWsZ#^B`f#wom!dB*`@P^0~#G?h>7(iTS0U$;FfR zTN8!J%fmj&3Uotc&5R^An=}_@&>_gM#Fm_?5(I@=!iQZufO)H2&wWV)Uz|Ip_d~V! z?4-CMO1(Bm7CS3797>?+D9LFS@R%<1V>-wv1|b8!l5`2TJ})nsVVLJ4Vd^Uj$NdJG z_gAz_)~KG_MnkhXZmyE+RW^SWj^ojPWAu#?dQ5!%gz!+Oy`)*NL85pq@}>+&?>z2X zJ@Ta{T7eV(N-@rI6b~M3ye`NNma?2A4NebciS@SbQSo$1quZWq8*sTOmpk|Sqt$J9 zKDqdh2gN>G(BIBNlSQddp;v|N>7p5(1VE0g^cUl#-RttT8xwLXz!sbFw#O`hIP*b= z0{i{nW)%fJR`5b!QGqRU2c8*NA+`GlCY@0kdqxg`(eB;nowtEW&;=k{^Z#VohLwGqv*hW8$WHY zH)ci#b!y9%mn*mKL=zezn3cNh&EuhBJ`Ag|%5;vDJ-zs-JsEzs7!|CXA@}%bbQX(6 z#(S9v=8FaRNl53y?5o2#$vM`Ps;==ddd6bXrJC5%J@TE!uru*RP?CLH;l{pjCKt?X zt9*Y@N3H|rQUit00=3PbpTnZha|u-G(i2{ zb1loS1jML{ERj*9yBy!pvj#rC722PNwWrt#2A6!hk}iu{Ft-=vwuqkVcrI+X?O}LU zg0(6WuOcX+Q|y4N2)#>IiW89uXV!?kUw@;9#%Cy==CR41>wWo7ca=`c)cti63M6ki z%5vWIiaJK#-SkmztdCE-97<0J{NxtX%xd=Iq^FebfGW-SC)eZbBH|-i zubm~KI7$WH%DYe4m9KHN#OR=R%>=r7i*S@?k(~AQzmMNF!X@>>Hrg^CkLm<|dd)!E z`)cZAoW=|@Gncd{7deB0BBkfR7MwQtcUMhAfd-ePT;>I!!407((cYZMhtrxb0a#n& z4HEr?&P_Z5>ZfpGbTRVSRa7jag>qPw$OAZm+e5jAZ;p=7Re&mx6fp$K<%C8YMzY~( z_&uK+IJEk7XB8&34a#To3H%Ir=QQM+1K61nT~z>RH`5J1Rx@W=Z63Vo z?p=c%%VEs`^%PQt#d6F@gPr^Z^e5n?oSN^GI(Jb;NuZw_x9{p^DmF_y?@tCs-rF07 zl{s$U9wkhY5~zP-0r<_xULP4EOnr7sNh~Mlol~tH#*^$>dm^9m`W|jQ&q1L6A>#tw z6Jdi8QP@EJQ%Bx4WmySMu3@PFXIO;~>cdtcc#XxyTQKP?1$BY$v}EeHkk;$Bv)Hk* zvc&Ll6O`t3hVL@7$EFl!=*C)VQx&%4ByBMo$l=>H-WZX>*-5YHK&=I#zY0&!qVW6J zynLePdzv92#C*(^oO>HHRw%{W3*W#D!MEBDne$Q9HWow*dK>yKH{ojA0?YI|2Cpe% zF50${Uh#r6Kn(Z(@f^o((goUf>(JN>7`8mL(uvo+#}oQ$y9586t3kJ+GW04jd=SnP zM5T+Ea_%X5tNE)5Ev;W7-B;WJBih^$ir6^&MS@BH?uh=^UwUP|DS-8lR^-_ukKh$r zHqW2;$)mY6kK`A@_FesFdRI`{@E=Jg>+zJ|!JTgs|{fst$1 z-{&D(<*_{xf>V-q$2>AFE)?eS&b_CiW;O-Bpc9=;IE9jV^+*)$0BZA^99pM5WM;%k4j)5fM`PPwpp zvn3e84fWeaCsx8<_6+!$v%F(4FhP01fkmIBGvXhUP9#3qV!A85ONV#8>(tWHcJ4{( zwWR~guoiR|Oj$kwT9HAhliw0z+<#npFiz9h&;QCl6Qa>Ma;>vTU0Rm2_ z90|m?*Yc+J<0ukDx+Q#h^5+MrnIYE{2%r{-3amV9`F?}&=WhZ5f$4daYUagfq8Zn~ z(p=z+kn5%vmBS8SE-K|bx4zYO$)0$&5AxaA5Q6UmXjG3kPhyA18m_*1X0v&_YkW7V zIMHDnrdyHuXkV51*6I1B-}K+e=H8)R@|^0hH-#wzpIM;8hhB>W3ov~zuc7!JzzmP% zHQ%xnUx?N22`PrAfslns>Wi^}v{YKZx$UmH*wb(n1dVM?6+iN%?tkQ!CA%s=CbE;G z-KyZ-uv&dKk7iyvmrEDb)gi!lgksrgZ3H=Ev!sg@4$oNZ(HF|j$MM}dTf;L2%o7L* z{9Ntz`vFZ9sZbzPQFK_e+v8G&0z$dgWn>^=YEj2@WkynELhF1oP4cfpou;ptPJDN% zo5j=-E132#=h1Kb?T=}qilktjY@!W9OaWAD8h+#DJ=>Bll7VV5WR2;RKDcLHrILH5 zayYxkTBb{{v%5JhB4sJZtK+!o3WzwwNng22DW-2 zO?b(X)VqlzBsCm38Dd}rt1t5;fRjj;k-nL?XB)Wu$`l%+-%&Ov@jTWa85mNJT=_hVm#_=hD`4N9ANZ=6$?>$iH#)+9-h<{g7JxV(j& zD*~_ihD}Vi(S>&~XB+)^Marh6IpT%hFY8K&<0<$%uXtU4#owclGS)@7*uFM_|-qX@RL9KGq;E6RC z+nj`Y(l}UdH}Epk373695nRjv7rE_VRr558}Lqc94h1uTQk5N}q=p1iV-l0V~ z0|D0JVktZ(rRvIK&@T_dbZnRzfz*r8(9T&SSw))$mTS+=wYpE&;WFsln0orGB5^qZ zNFg%Oo^h2Ny(Ew-pPY7GP(@K9JEfI}N-Qj5{g76L`QdbndCX6*=K|#M`B-gL)tv;+h?7Vcp$dXK9?y*P@L6t9}!yeHW@rVZ5 zyKxBhN+jUUTfFL>yDJj(yBMTD<03LEj^sX60VQWRuIEpFlO?2%kLqIGS;0BhxI$qk z*bitsO{jM`EZVQf{IJfDb0?~i?_i>(muTNj*rEPXXJ8d^{mTfFG#y~%qQ-T-hV?C< zc-6EAA8lkyi@A?MzuBUSDWuB;7``vOcS{ku^r|^}>od1hsmba^U)@Bh#h*KXf_=N7 zQEw3?5x%^%IKVYI4ImmioK*^E^y~}bQpEw zc|+f~BEI{nP$nt(ggv@=>3#E^CiC0A5C-Xpbmfe?N?}RpD3e~I7m@;BVm_dJu)Ojs zK}<`)wDiQ(WnrEe;@S~n>_EXxbs}yzG}chLgN#V)G(_BR9&l{ zvO!P@q@xxuT&Usvd#_hbeHxCJ;ueS_SnaQekKPjvnesd-MR%qdr-}G$oPcX-gbBh$ zvePyo_Jwy;plLLDFe84Q2bA{#{5s}Gj_Ib&0-ujSOAIOEsHLbqAx;#wHq41E!5Y4K1(Tep zi2Yul=({w<9C_`>0PPL`tJicX$y20EuF@YHnHFtRbTo3v_(r|fPN+2iK-7%h4c|!{ zy~!{_@D0HR-n7LP1_**wD;LJyf)4MZ_OUC!5-9A)cKon)#}xv7t5? z-VfZ4O7o|M3ALN38)e6aC6)fD-GKVLK0*BaW=-8P311H*vMp4&sEZ+@<`v*F8Kvv~ zw#foToTrZ&brV4&n)fjvdw4Dl-BCzs?2c7vi|-(!DN49kx@ zwJV&s{1x73k5^8~0|BAm=%nE&(6!3Cx?Ao$xaAq0s242K8(L-bELGEAu!-)lRUn7# z;)hJEas={bJyWfnH$ZVHkg{CXP{1D5VTnKxHYoCXD-iVs6Yj(Xyt9SYnwG9M;(Udj zPpK_#SQ-Vgx<`$rkT>VqRkbrKCqUppR--_-FuF}dU*Iaq6h7O(wzxeG0gRYUq*JB& z%gZ%&DUnDsq&K}YSOvm|0Ig7q4{1a7zX4jnr(Er@i*zTdj#$RX zfHDx<^n^M!JQqdsM-tEz`o6-_YO{F10}jZ?<_7ybE>A00_%G=3iEVV(8EKtR32{Cu z=-RQB1Z!xiFja=$oD#lH`sZi<>rwCBWb+B!!3?{#0>POrrpagzT$6|N`k>}3D?@7! zrZ-Ik&e5vZRD5(fPF>2V{AA+uiOyiLnq@v2b(hRyT9sgrc&QNGG~E}Y=C^s}zj6Wx z25)+E3(lJ?w2AxnE%ZZWQEVTOzaY22Amh2j>p^?hd7z`}!IF+GFYC3`Opwh3_G?Wc zF>cyLQ-rBkHeI*C){44Nkg^%B)xgKmU<&+}S#e5wui_c9*d1D5Yj4Vj9m#pX_|%n0 zTE?8za|jy>e8e!GQV>^g#zK`lk()u|i`OFg(idclCz`iTEVKYydD7hkGu2)*I=E?p zG7>)xe{8kTB(!*E+UX&TBYSx-aV(1e?rUme3>uwL0KuYacZ_Av_O_asiqW=O=cq!L zksW!JA**Q#%T+PEYe+qN{(V}Jtzc-_1`G)?Dx$~|Ep{|>4gT>qg7WgzwY`+W+^)A^ zE9C2m5iq53_*ygZnzpF-+Y4vo7;uG1+-b=ggSvWM>;C(OLTUDDr4k2iR)%o%dWT>yB11owpuZQv$P{BL@0=0c z4`9saI%ln9MwR2#pt8bP&aO76VFSm$RhgT`Ac4JYRURAMQYL3il~a98Pb9$q2+|51 zXH|WMC4YUvBVB5o3d<)us9qD@d2cmuz0c(Ix}x8AAEQO`9b=h@c^~em+(d^WR*8#) zHh?DB*SJ$s<8v7NP-szuwDCR%9n?#CfKYYlVNBJq1H}i-Pu#xUd64uy?x{U;KYd=y z7U+rcA$Lv?UnF!9x)3XA3c@^JYl%}hPL{%kkhIh42tIL|d!Mjp$=8RxXg;8nCEu?s z6yx;yC?P`4q?v5M*a#)p4n{sAqo{mtD}MD!*-(9*bT5#2Ck#udB*Bg(Xg?RjGx#k_ zu9ylryqyCg2)76MX z!%s2N2JUvt;wFMR68dib5q_hpYBArC?Z(AI=x5P6jCDINE4w^cr*2dh65qN|J^!nK zn<98boyM=i9gzK-(@%?^-ykN0mt-$MTU{T#*I}Vl6;=eTEL)Ja5|pzFA+>GC7AIDE zgN#D@3USMdkK;yj$|d|v%eUoQ?>0H{m@D|AVUBIqUckM0C$PC z0l|DIxm@8}5c((N(ng`8DbVGx4K>`$P?D>$^ro5UF&qo@bL+cq3=_bYWE<`0=-O9cS+$@ zXk4y@LY>erX9xt5Hx9H;66OqUDJ6{heXrcla&a3LDx%?B1zdy1j?OQ#lZvqXrT#j3h|g&;_20h z<%J$Q54qVuPE&Z1JA7qJgVMzw2!M5Po;@jp?qZr@cR{Zf3qa$YUbM~_%4$p*tl{Cw z9A$kaLE@y$!dmFXintBqadhrGC$Ng4!8#}4hO&e>*U4<+8YnIpt00t*KU>;iXb)-X z$j=_l3f2j@!Gd$Q8*Hym1T)C0@P1TsEivJ=^Nw#Owhp6lb1taTj@a;=*EsuB~|IUZ@#f;{4k!b zy-s8ck04R7U65x?J3V=Tqy*JU`n*;+xpOv>3EQ@%qBBP_Hwj*lV0zqlQ`S)3=a7Kb zu`fW^!qd(2m*TV6ez5}KK_}(9;#H#*J%GIo40~0%?>4ckphFPwLF3W-3ym)dMZ?wm z9bzS^VAWSeAd)j~b9UWCSsnrqhrEL@j1Ws3g>O<-zwF8mOG>CYzJlQ(G}*5OxAsB0 zhSL@s`%DUUx_jt3wJ!>{uN@sbk)_o{f!s8@43owo>$)kz>e{*5*}R=SVY(|C%O*Ow z1}!?1dza64Y#w(0UV$|n(J{7vlwX^9-5r6}l~>^__G}&NfgeV(yo=hjV;ua2$z>|+ zepPVu*fW;^0upeVF>omRG%KCHUF?fT!u2VWxTb8{&phzBm1=l4Bj`M#ffBy?!6{3h znFdC-nN$8<7-UXZeIsXP1jl;&=6(?JHWxc6s`T0r+J*(LwpCN0k1GH0{cCjCwwqIH z!dA>Mbl$02ufVpw*ly`f8t}Nsi!uWgG_a2g08EDYNU~ElK4Y9YI&QH!bU5TqVR;ax$0P{q(eNSFEl} zF8KIn$v65&GPij=aUEd&2gRKVW60Z6&zQ)I@td%FFNlJR-Z1dVItjVU)*obp)%XW| z@A^2G#E!F2D=hQC(`fWXV{S|Ycgq~Yg;4&TLLKi?{3_jTX|!4BWQ6eB|46~qXPu-eoSTcJ#o#)#0nOEjfa~%ux8uKFg^djpK=01sfVpR z_ou<69v^fHD=q@Y=S%=gf2>V94&e0ll%ET{+56T%Yt3{Xqp)Hl_FZY=_D;2!fh{}- z1dNP`VvooO{f>+oN#W}A=dU0Gvc|K{tO{53dXVIId+#3-osu;x=f0SEIPJ~$sg?O< z8)&og@g8BEJTlViJ82sYT5LA(NDYrDo>v35#j-A>2xDEJpd6;rPESNrv!{iV8Kp*R zog7LKxsSLRkxhc%36>3deA0haIrruo@1lpXZWs>}O@071$tv^Gq&2yT1dO*M5USX^ zjcG*r)r^J%8F1jO$X(2944vk^s_{1d7)ZxX1t)NY65VnzG+rpb5Dl?zr;%^8WzcR; zQdIWp(t$61r)5!14#5Tm(gVN(dN&v`Y7e5p2Aug;;Rw<($f77bDo}e+gD4Vdv^yedl z?A=On>tV^vsEL393Y~p=#h=@~Fnb-o|B!D{rG*3$GMmF<3hzTaL(u{)=OcKqX|l&>JUzzBnSvt59tXL_c9bz;=uh?OC(K)#t(K^R{u> z6-Cc|xo79NS$fbuK&PbK%&)0+=iv#8LDP)L_N0CSC7#yf^TJ>jIv@d^A#>Gg4<3HmzG0X!2G@DgBtNjtYGp#=^yEq>cq;!au_G>uyx zmA|kN@HLj>=6z8^dk1nU$tfn049Bz$ilmNY%WWx#(ZV>iqn%0r0YWkGz#++(2U7u_ zt(EUGw!*$|H@fqrePGVnSa7We5PNv)?}1N*W-t42S4FSZ^O3mKOQiE zes6z*n2#XU?%uYa%>8hmGaR&v7RP_n?yQhGSV{pWB|5?;+JQ}Bk~o>lCQ`JjAQ5(pnhnoH0dFa6`ae)noMN4 z3zdc5feH9%;p87?&@a`n!{E@Zp>eMz%AXp-LBHF+ zn#;om>MU*N4t0)WIxKKP?qG()5IY9g zW!Aj;bQ=Q-(E5)Rh-39IF4y6GoWJ{D17}Mg;|sWBjALl!iH*?_0D12s-nCN!Gz%9^ zIeEg+8{RQgP#dUn~Vr@+yiZfdX;6wzRb|4$5#@&@7EOQ)^Z z8ErG0yn#9k!19S*C-A$dU$QDD2}DOoB=uT?ozNm>&NC<}LpDpW* zFDvv`oxG-2v|x2@xQ0Lvc!gMh7&cV#`UT1Obhi$4$ zHyGN_md6+4Z$Rj4G1RJ=v#BXQF%x3%UH~lw90gbpwF5Qq>fii<)Nx(f0@~f&OFa{@ z$z{-wACG1W4WIf@T2ptbE!^8G8D^1$S(muM4WIjs#eHE%Wfj(N0&F^wFu=<&Y~Zav zja&~lTa`@S0+za%wPXpsF&SdtOg)baWy`->=R8s2W*_Xzs^dy=ul#sr-3{nYZFsP@gP8F_%@MFCG08s>J&j#=K3d1Zx zkmDM;pN1W}vTjtAYH;v~S0l$DT58+*q)rtH1y_fGL{l7oN3F9nmlG!QO)qxZF^7~_ zKFj_*Su1nD?MNkx5r#ZwzuIpJ(T1@uY6}qu;a@bEQyrbCz3)z20lHsy&lw35Ew0jI z!?LaSu^zdY5=Pljr(@G=KSkIL9e?wrlE*r|d*;seDXxV0qHH#^TE??*UZR7xCjp(U zo5vF~P-G;+sI@Dx*IBxGZq_BC2+MT4#6I5Y%2Lor3vu+;vP5_;E?qt)*y5P0o^B)5 zA^dYoBLGmkl(wspRZai^0NNw~3>cQnwM%XM8T#V-*PI5Kz@kr=`% zi2Hu(tEn<`{A-@@~7*3cj=p78uRcdTT3RG1)kuBD1|A_j?WVx!a%V4se z2{iQ5NC<)LUhRdLu|iaE(K$o;sP}9gWbl~~J>^1kzNR1X5pE2TK^HdtUQ6$L#tFJ* z&=Px=oMfreH}=Bjo^rW(V;0L?*E7(jk(Va3BrZaXepkrn{RPMwJ}!bsWI^zg3AV6^ z`n*Y&ClUW)%eCJji*e5rJp$Wy<1Dk}RYLQ0aPr+w>m-2^R#!{TgD72i-M5H-=Fe#p zCFc}<gC}>PJBgsax!}+rCJa2o<_uNjrHNGw?Abu?@^y^}>J)xC45M)* zrd*cAeJB_C!M*aezr~_Q{OWx{gEa_JNGa(}@ zdc`lHh4oIjGXis6U#Pt~8PM8OP>1++gYr02*J-A_8e8`sY6;0X1fWehxZ)Ta99MR# z8|#wwdA+#$TWL-{h7dhuAjj8@7l>dg^taBU?ZC}z5tj|4(0`57bG&$`fiVNQRGCp{ zEeR6z8kyh6^;D;)EIaWb2|O=`DS}vdyiS~QqyY&-G2=yXfoEEVM8b{3MvK>7_5k#< zILO!Vp#cD+NlzH64c~KS&w(=JP0xBYV345?gy;DG-v_-wEPNs4OVPnr5-L(uGwy&M zZSyF?3sg_T+<{qr?{;~5Kf77gPdi;Qlj6bwP_epGu_-eHT>fd4xJEg2`Ll5CmXeYZpP0>PiV46JX>ZR=t zfDsZpc48@U?3~J`;MwAzO~Zhp)uKspu;D2-g>A4}z4$xJt#6S~-q}4dERrg$C$Onsbxe zHV>{%9UoEfWG^B-yH5VlNXd$~kN*)(Ge%fPk$5AD*Iy%qJU6`BmNFSm7*RASk^8v1 z8_nuv3}TG-?uj(Q*xxM&_?=bhkJDo-o|>sW2sAt_@K?ERHN_=_-zO_z@R;71 zq?XTe10TmDG~s6M^+V%LSt~ee2#XCtt?K&0Im#)AN;{OrPqYPJXYXp+b@R}A`;?8v zz}vumO8*S;nQ&4tHq5m0%5L!c4AGQbzPYN^c+?2d^C}z_9Rl;sX*2Z+QvNtS%=DnsS0w00gvlAOQ-j^-b+R z)--875k0$BnalU-;&%w|$)o+A+M!@ek2p(Dv_4BWIY_KGTU53+MR;nm#&P8c1GUqS zV*;|lj365Nj{*-jXAQgyAJ=~UjT!m69<^&PcDrVY>L|MF<4$(JarY4352*K2ZIc)~ z-SJ!+_-fo#fg98gXc9O6^Y5SDg@DXbn4`-E^?(Vhcmc^KBSkNPXAnfVh%*H%D1c5Y zK2bEsX2f=J;Xd5I_I)5juvor5g7a_sbhKNf7Z}0CGD}rrZ1$%b6?# zR(*75-VmmJ>3lDGYpK3jH>^JvRK*@xEbQP}{+c||29L>$pc&Kij)5e$rTa zT#wC(US3}n8OD}MBuxyCu#&?5v=vKrm%ClFMD-M1b@8V=U%2~-ZwJ(SsW$Q(l&nd) z!LNp`#YhpoK<0rXfA2o|{peT>#VLwBuy0rZnzw))l43Mc_!e;lONfIoQnH8y;}n&rcxG%71=vm)8oJ4 z_+Hb*E)XO4VQ)OM6jgytI51~(`j7qHJRB~hf)PYY>EpNrb$f4%aSpJQ0p}FB!*yr` z9~@LYr1h0QGIzV}R@}DCA}8wyvioDP^wdUWT>S@}IObof4q7r;j#+U09zuDQm(F*= zjlRC{P0ro^XPqv2$)=vW#P9{ZgGqquiGs76j7+`6EU>UxlofWW)Dd4Je%;bu50i90 zzSzj=M4jhdF%DhdgMJ&aFO&r<|6H-t!=%hfT=*0W9utA5<-?WgQt|QyPvdw{(z)bc z!Yw?UlqsY;Z4@` zabK_X3i+ds^^f>l7N1_1^5QErdtHryEY2V$blMQK`-2L6hA`E}uFYL84KcUQhWB#- zs&kBS0em+~dHZeK=H|c2ur=%}Oe+sZt8xyxHTOE@Vc!Hw#|8>%kL&i9V``*jO;oX8 ztecZd7UARs{jhmY^d=bf?M$`>>U9JbbU%!QGn0ds;@)#W&bw; z^2Z0t|22ePCK^*?VYdc}ESh5iiX0MQClbNuXi3=cYB{l@|Ngg}G>vG53kb4UtB)&M zW0)6HY#e7?7~>4QekE}*aF%E$0VQ8YU{FlS=%BDNf6CtKrzB>0`z^gv@Xt!LbVPe_ z8&f!WgRcO#SiYqWR&$bn4=eJ&NLj2SZXY!W$`K_F&{{V8)-rZHZy$HRnw!!1se!?} zsePa=*&^q@PB5R&JL=Od9@)~CY5v?dmJ(zH|yk-KSOCJ=}+jF=b{ z;S`Uuh{I2LsX75eOUrHjiPLrR!oV{VkglL^19nN9^vTC})+oaAre!xRi7e&sXIh##Mdy&&K>0X3p7r7*j>L55Zu=1$PZ6ROKYsqbXpG zRZ+QfasxYXv=`FM3;A+qjsRmmlrRJ!7e<#x0 z3bj=a$-OX`X8R@bE)U-Yk%T=c79~YY|AiT6RR||DAPpb*z9r}bhfKN zJfdK1wb-m+QrOtOS0{v#r_oiwntw>c=iKPa=Z2SG20WA-$Dz)-#ykg?> z^`}u3l}ju19>b=ld#lZsiT^$1vtT-+5MDB3!e3%~h`S#xeHLrW!TD2w|ka25^mZm%oGr#ysHFdE4(VV>vWc&!3!p!qJwK>}mIgu?3+4x7ZG#wLC;f$%s>Ij2y= zreprsE=%o^`~yqPj%a+)QNgNfaP9;7e{3hY&iwXQ5rI6E%}X%M?wJQkSr1&ENcA+x z`|hpFClDsnH5T`4=-y?7E>Mh+nie`|v#*(VrRFLEf1I2tKuj<}DliV{3RJVaV)^Qw z4!*tL9^K(31f#KmyE%n>X1p~FB3SMUZl~mr!T;Nk{}7Z%G1)VV>t2{p)TFk}%zQ-m zK&-5fYl_h4Zrfuz2&F(Z#OKC11$bMs*3k1s`W7_*P~r6TBIF^$`7nvaCxU=CJoqB; z4hvATw?)ZXl4UIsn;BgU{I)UU0ZMFNcX-Py!`YY^qdLJ|&90z_;5=gR(KYKPfe9N( zDNulVAp*+}D_E|Nw-6M@<>fI}Z3fjZ-iQA|eGU3nip^B~Zdr+)Dl~91+zZ){1`ap% zfiJfrKNT}OoEWY#iD^LFGT@`*0$tyK+~X}KskxL%Gc8%7X#Lm^E+C!K|H{Cv2P33Vvr_7Xsd9laKjs#W|q=X9HM_m zo!+vn`_hqENW&4KmcnWM@f=E`0?Lk+>=lf2`tuk^KVdy9f`N253E?($27S8tm)v1v zO3N{B#^H6;&eqAp@HmxqIgM2ODtk(0BDeX{#VwfDU+Lq_ip#xvx$B6w0;9;`c7OtL z{L@Gm)t+r;PT6}zx5;@r!ZAL4Z43)fIRq8=!+a_Fxw%;7kow`v=;IrRXVmRO;@6h>%XSIGFi#We5Fuoe7Wez>ld)P&w=(E)(a`oN75$m)+u_p>w zlp5cD+HFy0vTW6ONI1|7j$JzSzyh-88{>hdB!!NQL0!3aRE&#iJmY0WT=k_Z&WaJb za~kDdPe}!DAf%Gjv?O}cFTxL&-m+)WV3qV5T{{iruTl)6T`5^CjvY0#pMf*&Mh^je zGKL@88>;|rm~<}+zOJ4PbFfe|@P(Nuv!>iXL^^Ocx-9Jo#2310fb@RmJ8qaMf|XMB zZztnj?jE>`{*ueR?xJLqPB8DaJ|8PZ%OLV|?Rn~BT3C8%B89Sv1{UYqFO>pBo34wx zhFYSHCKRGsPCgL4z^kp4$3&#gXLb_vMUd?wx!Pr_yCZ9ig6+Z_WLiMzNA;y4kl954 z)?zGOx~QF(A?Cp3u%aXePu^b~D;i6pdeFPv`hpm|`2^IIQG2gLKdW2RDv+(CU zYLbs?Jj~->TIg30QBh)yLHTUAVS1ZHskm)8o_)jRrgX)0@_VzNznuDwbZ&I{jdcQE zh<_-34yJ|jB0e?n9inX_OmS5 z0u^KE2>Y-S7?&g-*5s6l29lhS^;;-|K9O-+0D!u;a@?d7^GZB(AkO|jKyAW_fcrYZ zCRPRg&FH*%OzA9cO$2R0-i(&&ROfwyFQvsmdgaBR><5*OXX5g(o)3RDa@>t%ueJW9 zYM_7Ci>`5^wztGG-wnm!p#y8$+12C&eQ3do=>Wr?(MGE-mjMP%) z9Z$)s@)RF~x*(k!S(kPRTLMOOD;d{waH~KZ)W1wC=iBimjr+V{p){Qbi7U?#Q>;C0V1k- z5tle<(}k^m+4kQXHc`47=k7FPYPc4}miv+R?yDtZ+yhvC53=EdQwMzhXL@`RV;WuQ zQ>VoAg^-nl95_uVK3dXJ?iY!HDfxlI$c{Q1PE3spPcGXf+KcC#{aePdgyout!CakU z=)Q&@jk^YABAlyF>4}q`d5ER?MP@5ZBx=vIE@1|rW!I#*yA$oh$bBDcayKjAy@t7u zUYWxWk{;nJS}UW0fTyH* z$Qzm{&!zm4;CvK8t<^~(E_I(9S2E$;JZo-_V%&gJea3tUO+_)rz z;4slW-Yk0Jy9 z)G?5GPoGsI?X^_3W78%Dz+jNh41i0hjt}-o?xIxJD>YaBa?peunTj3)kaJ^+iAI8A zWl^z3do^W4hbk8x_4Cl;(*|t?V5! zE&TT$pKh4tpQsezVhX^cm@WjoPKXBP%snE! zg||wuu5gt?^1vKIQ}KX4Y0}JR4UI7CjDXNs^pvs59*~=InL6~ zUchEh*#9kNMw$ZvskGc(fq|5|7pVv#&sn$?wghd1WBl;n+)-YzH$|vPwDTaS{Z@CsyIo38!|5`4qDF}$YBO;`#v%BA-IJzMQiN2 ziiIThh-WZz1cQSX;CzcsbT$N1v?b-@W?Gr0_0}{s-2cv!s0Uy9a7YJGwkD8JL}^Z{ zk`4704Ae96=i6R4R(=bC*RTfyg);%T-5swuDXPb@iJ;>t@5QoYGpjb<`W^r+*giP< ze~62!3@5ki!CmQND&zO~gkO)1MDd(oMo)KwoxOGsg=Sp6kIrec*hIAVPlf7qB!>$d zh+aBfG0v!+CA&u1XWWz4nl~PMb#BL)<_;B7rLsSf6Wz-?lZmPF_^=L^*T)H@DkQDQ zSLfffCn-`(D$7qEyjftGc}{oXVU@1^_yJNep6aCvEyX?Pq>eKD$TLlq<0;GUdr?oCbC|O^4+WYJ6n#yadXDCQ!-`HWD3$M zI8RY=J|n57>XMKVx2I|BKtREO3&9BDI*UrwDO+tWnglg=i{lQeoP@eF?B{$Z?!Ea- zO_MmwgyMI1Yn!?2626#ao4hR=x+H25`--0sIR~S#_a$#LC^;>eLRM5@5rEH5TydsH z{H)p(;(gxGNDqqquNO9*G2A0^t>*dThWJj&C_ z9GSyQ#~Ajr0CcQKkb1z&fW|=+o=Mjt3P!6h{dwm=t73E0*;W86-tm||&7rcKfx-j0 z@!pd1F7Tg1<79BaGC*05jzr${f5!3httUUQ&Z zD$Jx0k4jk9T%+4KV=s(w?GG8r&__(Lx0P&+7D}qK6)3RK6E{p z-NaRXItf3Fu$fl`ZBM`n?G0$SZ446`iBUH5OInNbj&tn+_yo(Rx0ts$L~`FoQ5tfK z(f$8&Y5$}ESPe`ZA9I%|AUVpFaAA!vF3qzyKCBKYkdqAUqsH<36P=`Cky7y;HxdB_ zl6-#H-cq`JXehOF`oThHG;Ge=R5RRCT7w*vNa>7qiG)WobyWS0HNm< z5KjU9iMAXR#cYCa>>S<&okzvcw+>SLAq9gHhjM|vWTjQF+l8#~7Uig6MSG^2V#qX> z7%r_PAr;c>9%!mYf?$Ycs8IFi3mXdCyv^QnRvtS;oLU&1#oj-I3j~91NC9;e+71$0 z%7Xo&Zr+ks0Lh$7E4umWhv1Rj$XNWRh;*Jb<7v3v4w;j-@n!IU44w)xk&`zPftw z_}&e-$!1t^r*%ew(%3t!A%PCh3;3H<#Y7q=1(B#;e++!)WI4w+EkUBe0gl+(ojRVH z$O0dnE^|*_$J4t|LlL$F&QoiU3$hmEMgjmfSg20(zu{`MPN`4+CA~7v2{70P!9y~1 zPSeKMGM*3mAGwP^Y`h`mI|n($XBRaAaoAhT@4D(xiOqnkIBHNhOqaG`Ci0gg1J>Zj z#jzJ&a)#uP!1y086Lzc;b)LK+SI_aE4Oh+eb3zB7l+@SvbC--w1GPi9iGu{)dfY|} zm*RHGl4PbEPaCD>5?BJ@Q}Y_i9jfOR6)`y{c_c#SF&jGn^BPU_CGjcq%~d~;G{o7) z)^Xl$V56?mQFhP^#-4!!yAu(NYJNK~CUeGO ziVUa7J=92-m>q&suRxL9q6Do~`96lqAG^3i>F3R}Zs_c6M?r8q+Z|+!m%>A`Wit9M zmvWVmXUXh#w}x0bcq1adP#2wqb+e+dIYs^6W4mg(P}46RVfu}5ypeozcuVRs7}-`8+)%wR zmYKcr0}$WnG}?r6Dakk7X~IrWZAV*1{ok^-F|-#}sI=!pRY1SMzxLVS#CGdawIDwv z3*X$Pq<)V?Z#LAPP+bBFPx{Aw%7ech;LyAP$X-Ogk;;0vV_)vTItU9QIKUh{jp zIj0cmseqMMhIo9nrF*ea0c}fWmQe#Xa+ILYKjp+7n`g`ir9`dZF6jOR-F=Qov)aj$ zA;L7YrloDsR=D`>B5YZ<|5y}_-ub5+ zoKOjWT>UkB+5^dCMWg6Ez*CXj7Y1hCsGL|YEq|07H4=7ana2GY61vY1<&PN@0Noi# zKoggCju#4L#(D=pdG%A%*)FlvJQ80W;M>!NF*Khd9c%LDj@2n*rMfK2w;CsE0XBf! z^m^CetC8pA&DRzl=W2AxtNbV7At8srh1MGNM1^E1CD)c?e-Pc0 z6TX?i)f`DLQ@14B5yw#es3B-#vNu?aW(ZONg5*vv2raS_T6QaQ3C920?uaJLQE6d| zco-!X`c;Es696+gZyisemvE|DblH%aG;2$TC_h-o6HXXv2Xk!pI(-(RC2~uj!wFcM z(dd6s;=yJ9=@8yQeuHz)$EE{p>4(^~ZNTv7j&dMSHv?woIPkY0l%NUEz;yb7wuS|S z$^>PhR;XUF4M-zYljKj848^#6cQx)#j@Of8_zC^CSumY^hR;E z1QJ;i){Xrye9gpQsTcu4YS0gF-+G2GZ{VFM2bO$Z;tCmJ4SpaAH4KB+PPHl7Nfk4Jea3V z@D}f7b0=k4_3=7K4B&{*I48{zH z1iUbyo&q}#Vcji#pe$UOjsZZi6X#anyDy4GR;X5Qc!y+p{-6{GUmdjC!0umNj7$I(&Z|Uv>hv(Vvo`fYig{>1>)mW$80pNa&SDGgAPAv~3EtAdxeHEUIvm z5d*G(Dt0%bZ@^IJ`l3HSr-D>ME(xYc5d3U#hH}59-Rt|97(Q|CT zFBg}oAUp=C0Ak`j@>i6MIViajLuCmV(ShrROfAg6A;%0JnQF{>y+Tjfk`_Un<$7yt zh;wG(26BVr@J+*&XaU?oL@xxNQZR82S`X+6+yQhBRckd^0002|kuBY?;QVX_hTfKD zT#4BSIlEjpNM%*=D3l>h7Sy}v%AyH+<#l_QiaA*RzpuH3q$*{D>s&^pZ6pHE=O{%^ zR1cYaGD_21;U*Eq`q_JQp-kxyVw7`h3s63}%H~T6VCY1|g#N1Akp$eD?Jr3pNuARQ)TW@6JkaF-U4+$U&ufDtd2@0%3Qc>}Z(iCS`}Vm#z~ z0sc96wXvoljb!}p?;FeWd*RWB0Wh~AGeWJa_h^TkqDTHXS~^3wiEVLKy!7aWehBSL z?4{-_f^pN~&Ds>@h+Mxdt~*t^QGUPJPW~ibkjIq8aXADflL7N~`RBpnesvRc)V6{f z@Q9sVRq5ny>RLeoGd7*Y*o@c?Xmp%bwCcWg$Afy~?d-j>KLCXI0vzG_gW;Br5F~af zxBP7CesneFO$YZYY`#@ztpXG1vP!kjzgLHOqy&3E)^Cjd#x5;yYZ8>YVV}1`C7dK7 z@Cr%OxKls(r9oTh_+90Ugv>ReT>}Y8NJ_3g@0x3JJtbc8%KMFIL5de=(ucJ#)Qk;k zlVI)o1Va6y1v>5YLi=WhzX&r3SryUrnNJXYWmwUv}<@{z~HLXJ#~O zuWf^yB%Y>`vBCVknY&^(#>#W$#H!Y3@2C1VKddAI2I1|Hlq5-U+l<4&E-66_9mx!UL&to>F%Cxp6qEanXE$J(6?GlqE&&6SRBX2$xCBD)pis^9%ECr`F5 zR!^y=LP&K#EXU`@UmE0mV9eCcpXfhV(s*Tt+x&d$!inLxBTCI6-(e9H9GUY+6Flt( zV%XIwC2<{PMgU!K!h1eeLq42m7)U3pyd=ih!cn>Y;dV z6P-h1>%7kt|2eyP?h;ch3a?-RzyW~(=s#YUMf?Y_nF#W9p`LhE=BUUWB7YpJvk8XV z1Lc4=2S?1JW>rJcd3}M93}w{WnIiFDx}j{gIjiV^;7P(@8KfLy00N8ovmaDHhE9vs1dMV110k6MtI$UIst_000{`Iy84QwGxkGuk(HMAXA&;?(fbS06Yt$2rm?L z(4oDE6}NlWi;h_JiO%)4$xpt4{Mn};=asKNRZ+FVDw1qV1{I6=tbKJFV6#Z!q8kzf zUZp&%v3`t1)}mG1P)s0o5MkIFSL+upPrGjCO2S0lp+iD2LbvidrEQ|HjVn(;k=NxK zYJEyaK^&Xr?sJQb-BYl%ZVg>g!&e84z6(I0_KCMk%Qyl8jjB6@fI5pC|};zh!@f}Grd7-v(*}A+HqzuQbgS> zAcdT&yQh2f7?i?j?NPN@kKS=OdECN_b4Fruw#|2M%mqwJq*K!uBb9^UzV zVgY3ZjeTbG{q_U+DuHoIf?b>9@RdaBV>%0FX{TQh2JcH@@xNe69V5}~>kg-HLEbvOQa2<5tZVC z2C}0#oaiI=m=GswD0|X_{;o)Te@tNJwkEvZ0`J}Oi^i#64Kup{K$45=!xe(Bx>f3L z)pO0pZs2NEf~?f5Ts7`wTilzvP<$KndENc1?d7widLO-kPpWmdLrL3ZKALZCmCy zhB&(EeI{~U4RcpdoJJL9_h?9OZs6}r`|dXltGr4|6wDE!YM=Xfx_oOuPZPYp)I>Z{qN7WjdJx3a-wn(4qnKcADfhDauT=wOr-FR{mY4m z{okP9Et_jb9=a5&v-X?F2BOFaeBd{(JsQQln@5Pyc6yK!f_}swBydx}Do&x1l@N ziw}Rl)-V7702LDsJaPPDVwz3NUB^N2uC=pHibxq{3}X7ApoIoUJ7(=M3^L&{rW&0= zSaPy6wh~^bzox)vgy+anDd9Q4NB`h>VZT;pUASi6E_q3qg6V*Lx+O+Khn}Jcz=-06 z^~m>*g?n}RsN^{(I2=d87GMH~_wp66x3=RdK}6_#M63j31iG+nY8u}dA-5R@+2D6oOI z@~b+I(?~=z(aKv`)9cBxHotHM#ioxt2L%+}ykwYFM@lY}gdiAR+JwS9%5Y+)@Xz0m zM)irhOEoUFp(gbu7C$_LtGH|tGZ@z5QYCidb|$dQWyEBPF6qu3&ZiKkLxZC4pX=oy zfK-S<60`I<5J1`9&5+T51#&iG{SYk(Wne!)j)i4aTxgD9;R`VphkoSpKOobQ#lrd- zxNpx`t6Silj}qL2@Z(D)__<~Nue7b<K{@3!;bgMH#=G5yT}6`vt3p(*TP9X!EwL z+N`9qnm0YqG%-~ZNqV>OW@@dNaJQ}3P(@|2*W5>1ec~ATKw&9F*uS;eK=a&dCfD*g zN^*zbkc)?Iz{~{&*8s|0+-RSs=_k+prYG82EX6Zz@o!X;=-;}9AQy?gK-baJkJcs$ zxD6M%-3%yT2wX)C^E;r974}odUeQ=BWnp|EP z8^sJvNTpIz9*Pke*^ZEq zKQMc8x%9_jF_uIfkeuTTx4s8vgZcKJ6(m9>y?G7VncTVb8`f9mMTLryJ^T~E1SOI3 zBd&wSS6{l{8nU^f`Q?iL+UkbRhH(1IPQPz)I=h)L&4G0r)MGVd+iUcV+Efxxr%LADhHs-2Wkiac#dI|H1O?)a*cM3>Z+qYm5zAA5vjIebzV;f! zK+)}9+opUJZn0SpUpO@LJ~i6{I-2>#mt_V-GS2%n#)z8yI=L>r%XRs2S3PNf!|lG; zsexGet(gfRtPsS_6)?hpve}-!sgh^l?KB>Fy>OMH8V00SbdR+aFh=S%qi){kH|0W< zKM@Yq2|_dC;ZsVhU7Q$i7z}(eIm89s2X5BHbk|CI))(IV7hYlzXx9$Mk+@?YQOB1> zQd~cW*QXJd5`X^%Ip!dtjeaT59V1X|k~>+VM;`ag;!SzUrmOWn6s&m&Dl9yHe}@lK z84S%g@B(Q|ZmIPMrN$dP?F}txJ{+dvCS%<)x`c!5|3(Qyg>F47CI6+OHX*el^2AK8 zCJ*aF=|A-^y9ez2X8U;$j??Y5-_zP#dz`(EIg%uh+i|3l zNF(cG@eN_W4z1e*)`d96kRcI@fdJ8kkzrDBd7zez=toj=g5+WZ)v`VMB>9Z7c8R?9 z_fHT%3&i5dN0j)dF&9t))a)g9C}kW;&M=i-jw0ywul7hwK^IMS6&Yf+9Q_4Jh)RTc31=+6xjMM|xG6?Y#v zx@ETbd*W7R~^Y5t0&1kldA1P zE2ow33NSn561eZ310)%$96vPS9N!H!-5R`@HQU*94g7HFI|}SFz6lTSnUZVY?zYiJ z%uRCa(j6O>i#146rYrf$+$DtswW8w9eoyK-a%I+X<-mUEE$Lshv(0a$-|>oq8GIIt z72JhXhDAY&En0s?xmh6PR+NOl%jJ0k^6Oa=Nhe$>CzP)82`Uk{v`XtyX~2w(H?RMJ zD67UPdyFRrV0RA0#jlaT+Wx;9mXuqa)1NFj1h64i=GSgHtmHbZ{<5li^p(%)2d2|n zjU9v5nj4q(t4xOak%oq;*OIyZ=OdV>tzaeX(fwmwbgoSH2js?H9Q@y9i{{!Ce^WlB zE*@nxLSJql?S-zQvkS(z#}~A_o0h%PHC{Cttn@^^y_E81ueqw`rlnB=01iVu|Gqc1kfy1Pu+g_-lrBvYTNb}PaJpsymGZJa>z=f!;zmg)H{IV}ojV8!Ks zEggnkh3-WQNW$NF%)$|VpTjFT$4}A1FLrJBg!ow*nEXWz&fL3tx48QHZ8@)6r~dFl}Rx@j+}y(;>BmMbF5{R+@sP5ht};#!=jlq%t0ii2Cs9HrO{43moM_ z`wNm@x!Q@k;PwW;w#&sah@bFH)Qh0$FoW2n*p)clmeUhZ!OrNq4wDEye>}y|beKWx zKU?Rm5Ih&cHR{4S>SQUY5IuHVD&Div+`F>bR`sF@*}fK3Xt_li;o1+3asiEMWOMVX zJ2J`b-C@M3LYLYLNFeHfGs7igOilCe z>E)Dp4dz8}5%cwLSEsGZ=2Afo81vxddoz`iaJ|?}dch_lw4D0XH8YA=2J;TuOU=#)!V(&m#C(iLi=V0 z#awTzXO) zaRsy3^M*kp);T=aqSnAUkm}LP$+uhHGi53YZO0h7hqOi{;PZ>HW0Rpq2o}Bo*Fl`}6d>oubxV_ukgusWn#oT&mignr!)sibW}hIwc(YD`q|< zLi`rLR<;Q{KdRc=Ia9`{EIg@TG-mL0R+9dqq6h8~NrJnu-Yi&@VyFvo;2w!oqm-Lj zirB>WziiLw$9+0=#+{QYdT-~jFlt1yDnJ#J+@}@7pjVi8Z}!Xt#bACtN;&m925ogi*{uTB-#(qV}UT9zfaLe(8XI$&KuTaYOCC zF6pmopn$sY!`ftB6sKuQ4H8w7@H*=&!sQlUBD0 zu#;;Awk>A^foAl75zNod{;d#UfDPcWnZC}7tu%aATro96c6s#6Ru|@8cXfr^WA$NUSYo*J`97K?Q78wh{Swy{;fq*^57?^ z{$+fN$W{v4(sL&~Pe3nU6^YUzS>X9&6NZpNdSzKG4h40RDpHLFVrti`5=UM&zk6eT z@7ki>5Yupy z2L@l4bAlEm6$Isk!hn(}Bm-VBnP^`Lt`ct(OAncw9{pp8Uu>aDnUDbg<9%eHOXwr$(CtzEWl z+jiA1bC+$~)~$1H|LHgACrH*zX0nou`3>@be%++`YGiUd;RWOGQ&Gn|Byow%u5c_1 z{w?we^PeN#V}sb=obIL#Lg8wXZe!_oBb>cdbqLthW|GH(sC3|JX2vyyf>4am)@+Q` ztx*n8)RGLpE=P6_mXO<2EpNFQoJPSI7c^i=oBAMf9o^iuUh)h{)&aBZlV^0Jd3k?Bg;TZ)Xvx>&eFDK`CH zqw>*x)|UiQ5I$`9zS%v26VI(~aPp(vKu$}+OP<*4TN5(p;zVDIn@^XUMt=~r>vb>_ z6xP#eL6-kz|1`7O(ED@Q2OB${|BNhE-1RF0T@Oxg?lbYJJPo*pBOM}@0c0s9LC(s^YF0*H zLW4cqSZ2$RwGvkLbZMdB=Wb0@xz0BA6V~3-0kdMXTG-6?lTW$Pl)-NJyw$o3!YIKB z!7_cT-~ep|E%JHJB>Cs>QB>~x%`iktV%;_EV(rQh*QaWXbcETnzskkCuqyP1t@i%6 zX+%30ocOZIM-9Ej!fdgs3vY-&7{W{ByA->|ZXvkL+Jaj--|YF=Qu4)5g&?0}v^WGV z_T(9A3ONR*V^IG(i~cr1sPp08^0Xic&jeFsX@LuLhdSI*Gq%InlCXQox|{=Zp)W5@+22SNYoO;%g)S`wiI+1NVEG|~8-vx^anDj8svp_kku4dVb#_*GT+yb( z_};X9y@wX~KisnUqj{!WOO-?5kNAX|99W`v>ldBy+qd{}-HT3g5x%v~UEJ^m{MUZf z`?Uf90K}n>h2mjHGyEW+HTXw&?sS@l=5Ak2BzIL-W7k_g2)Pwm73yV)ObGWmf3o+P z;~bk;=*&fz-<$EDcD-^1j2J=_*c!@RlNGFzkvu- zWMVVY0PmW<3%BqtK#_K2{Ehft$6R>^r&kh$vl*HgXrQI`YdjhC14)!g=ztSGp0}Vx zDk}fouGd@WJ7l?E()5~@720!20hNjlb=BgAc&EclhBzEATBp30A3;lt6g@zme1+sV z#JB>?3IHFAEe!n{e)*n(D|S!j-mh9@1olF_t_18%+>4iY%20>)JPp8JruF}khHtUT zgJ%l(?zcz8NR==|=*Kd`-;vVMxD0sn-$L%3{&BA2i$rkzfYW1-^KC+}+iQ7@`C}g} zOnlA@Zmz!o&MGU%l3u_yZDzH0K*WlIrRq2GrRsS0Cxm_)%~~PqUr6HYkbI$_+>Y)c zcW73re&Fj6@%{=AUxzY#q|q5Ne$ zLo7zipk$_DAq8BGNf_cOkaL?H(+}mD5pz5Qnp;*vAi1i>UFaB!>eyo>$8<8iNOI~U zQXb`CQX;&I4TQ4XSUoaMQLrN!0hM%8a+PS9eSflcG_DZGB`uC#I%k&cQoCoKcD>Da z8mDl(xTb{qSnDhTOcGN=lvcv`gy!b*NTF%i)XR0VcuI+DEozQpUksYS`eQvDj+*9@ z*0_%`gGIvY;GPdxv)7u!&RGTcSp6NVw6iRZNkMi?~)J_sbJ*@+^McniEE zeOQe$K=`41P5Se`Ymxz9Aj<-foqwE+xEn1f4xJhfP(|0(pEp=*?6ke_h1PaVC{oYA z^26ZzFIhKfCRq@fL2w#~Dgq{@r$%ddQ@_g*@JXFsyR5Lc_r_CIuRK9 zM1*s*Kv&2Sf=5M5By0G;B?du{s2dzJ?K4ywDQ z=f$Vda#XEUyFps_PIcnoI#=vLhMeV6KKNFN^alGH=)D{_5a*Zg8&8-V*t!_y)u5WT zGYEAV6?o?CJJ0oc-dMH6?L&F@cO>)a8$0%L*d1>@8mGNPoGk>gT&sO5Xmeu#9vCMp zD<)ycqpL+gVKz@E2n$_kYFnO1bs>|@yzVSBv3t)Snw5!$yrslPb17&6?v=9n9maoj zGsx8jvb(;g8PO1(Eq+PZF=rAtM!VqQVsvzJ>)NLg>&in);9p%)g(=0;GRxtc3)g$r z;%+t%1Cb?wHm2#KMjR|%eO0pm7{qai1Yj7|1Asnguv%`u)xIEBZ&|{YbmsYnQ0Gsm zRmy1vVPao(xYtJ@Ie)OH8i z-(lQ}_IsSP{wPZ`Gnsyfq3_Z`GaE&7W=VYO8=PD2DB-36o>i(?dvEvV(Zr$)OSEne zWI`orcCZJq4VsKZrmsZ=9_||3V!C}C5~IK{R5H(q`d6vXqPlIfxbtch2tkm(qD=y{s(n_W zf74ubN43U_MLy|}#l%v_$WQE^gOO;0Rfn@yH+4h` z1V=N#U8)!KiV1k@AERE7?GQILRIU|2LSO9y2_N)&X}fMuo#o4 zJgNBn+tAqTIUaRHQ=ol|=uf5{OHQW+uKtm&gFVBB-#iLNY}lBhwm{W+R2D`4*J==N zE)F+^nlqis9G9M_bsaMhQyBvRlA^^6RnS6nZL=_|wzkgdKpm>-wlwYVvhKv;vFzu5 z!pMoTzfo0!noQbl%fv3AB_7|D?`%nDuOs3{`wMxZ(mZoG%^*SOSBYR~>mp~o8TLvw z)%yn@gWG9sIKJdCtLXAYja1_?TDOA6I+{rs_II5%(zozNe!HkLUDfa#ly?dZD=nmd zMgeYPry6$;C(__v6#t#*m!N zlPR$9DCfzakW~J~I?Qrsef~>Ak~^P$1!{ZT_#hYlN3L|ub;ne03aXpF0hw+bXX8y?46Y%W%abJIGskv~(L#~H^ zwPM5H=sr93Lm>&4xX_t2KX&wsEib$?kUB(vI1FXU^qC1-*1O>4DX=;r44SyR`y9<; z54V=wFy?ix$7j(ETa88dGS7`aBgeRb_sXE_xZ_6YRQOmJXTi!#xzN{zZKb2I8q`@U zvl2m+X)jnT{EZd)^iw$v34P(==;t2Fa0W};4h<7>>Xj}GaHLc}))ElLoJQ$Df)cYu zN{$1FP;-Akb*#%H%fK$m;1S%7?#<Vz=lR0q}m@ z5q*hJTxtLiY~D7j7^2c`W1?>_qV~_7wpgsQ6V*TXa8qYS7FLalWar!)Q`+R_Dzm4Z z7f?PnuHdJVM5 zfN$`-JE+fX$uy3D#*0?hVXIy6XQ!neNhg1^*aPp${w6$1?p|_I5z_ZcnV-ybg_(aa zMpTkw)3=hs?p2tRue>a^xQ(&}%&LmBDF?hn-6S78m*KJRw+*qg|%o6}M`w9kK&oDl^04a)&*Two3&17Kpc< zUE%ng8t_qyZ4rg2Yg(p)kRWwlr$AssaSMW^ZkyF5NT~l|$tl&JZeR5Q7ONFeeWS~q zXj`M?W;IqE7eMcHXP=>)%8eVU=ONW5@Lp-l<;R6r@nV8zhv{c&kk z5W7lRacI&fG#TqJGnGhPQ@&u>oZ^;`@Yd&%K-tV^MK*+ zF{UdajON>43W%Z*;B=)zxji*2pqO|e)>~Xh(qT=T592%ZuW&7r+%4=PKgGS(R@4OL zRTZ1;Zcl>5#C_VMVc+JpfE3lpo3|YFs`@$2R&t6G?%8o#%}RL3_;vpt%30}8@G%P} z1_vT>)+nMOVTPIG_S)l(AOLwS!Uph?7j`6DGIc7Uh=dGlprUZv1f&g_kZi#^J7_G! z1&Fdf9QB3b?;ZwXVfVK&WU&*9Wwj%WgeO;m!Defuip@ct;K%0Q!Rw)nR;zO4aIa6L z;-EK**V~OhtC)7nBc@U)9+-@YYPj`7p~W z?gfV>BC^5rHKN-+V?W`M2NZC=fL|JuN2k~5zv|${Vfn?CkL(6AfkHSJ8b4-L zVyO3C1Km|9C^alZ4`7mCvf8HA41YL|PPwX@zKZH(JN_!C|6Y8%faYQWTvF-~}VU4@XaS&5rffu712)i4Yly6r1L$1}_uIauMzN?-xGZ{^TAhtJV^t8`n zi~2X;x};LWp4%3a?O;Ap4$(FH`j*v?t@IoERp_GJ5Nv_fx(W9B!Xk~@A%1|$`F31) z^CoGpu^DhVd8(xIpX6tAl1(ZyPmqO4pFATim%1DmT3zDjxapVjt*gvr@SyeC?w=}s z*;lB7q%46M`rWbbOV@qv+d|>CmJ`k!X>@mm$VIuNXYg!-8 zle~WK$7JlB_DHbx#F94brqyg`YqXn19(j18nKB(A@#gzAWJ>s%U9p)!Kbt!eurH!a znXb&0=yxPFDJ=%6PLs;-%5I{ed7Ia-8+$w27B2QVia1-Yh3LZHom3x<#}g4y1XJFK zsnLK-6uW!m;?Q-|d9W-+FAdDNg)2;vij`HNhgs&rGY-akhdw;|@LcL%*wAjU(Rs83 zC^yv)b&jwj064F!Os`lnNUQrsM<5jn;6(CrX)Am>#y{YS#VqC_kMe7qGAp*OaD|YkAmTPTF55lzT{x9PiTJbd`7vCl4*+Jhz zTK>>z6+uRz3rKS$Z*cv1-BD)0$3ufbfwwv}I@O`X>306l^nj^p1DFw22jqnf5?FI# zVxLvE?_t#=4yQ;$o;z^k~6_`N#1uvw*x#kHjsDPC#3 zDRbBIj#H~xR{$J@1>Zw}nW@p%h?PFNu;vJY+O)FuC?cjgFz%u0sP(^8U~$?;Ap@px z$wkoYB)`s#Dd{ytiOviD}O9ntzS6zWr~z#I*f z!lP4O0538dHdwW2wNybeUOY^MOd^lO}4o zGNAC-K|d=}Kdyvwa{>1Ro%E1T9JuMStQ#qk9znx*_=AZY^H)+VFBJC9IF8LftdWMU zzEe5Oly4$h2WP)Rix+OG!!TS0mL9N)Dop7Q2r6kUR8#G7)jEDc0w&Y^G}`bNYAwJ66GZEXD2qHm zr_B+Z2T0T+tj&aY;8Q=@?N8ym32e?E6DdQU1{`LLeY{@E5Kh7R5jvmJ@^QBy%K|%>w1$lywhEWodS@$z2J6yof(cg(u}KNmOrrYOurUt5%C# zH}AsrWwqreh$hb}n}w0FiMr#o#Ab!m#B&sDJR7L>N9~Dl9>gRv9`3Q)u8C~@ynbo8P3R(F2@52^b}pxByH}J%)@VN;4U*JCdsfCj!&2O4 z@C>%n{afvN&29~&|K^==e_gQTbe3WZ|C*kLPHS)Wb?(_3Zr+HCacZa0bNCJ`%yMTMhx(-=Hvj#H5!W2w zo$+axn(eMXui$1(bj)&0d6LxM^`&6uB!zz4Jmb}Qi>JTg=M}Vuu?NnxIn0L=4>TgY zbWsw8y<6R<cmPFz^KepFl)9D_|w0wlY8?n(Q+K>!7|RIQYm!4nmsc8!Zap_U- zfWW3BFIP5m zQYpo~hyyVQsFf`foa2NJf5pl_X|RpRpqpcO{@#D49-iuIYror_>|f;eQh{*#kyjkF zt>=>o5qC;aV4#%hT?s8If3)9yp7;1#`Q8rcAJKMpF8IOnDDDAj)?!B8fCyGRoEMu~ zHDv0~kn^jTG5d;dZvrgU7fc%x&=Xj$$nc_kdo=w0CT4C4qHY_L3vq8>u*P9x@z<5C zta-qZZ2RWAYY!I?zaAKtd z#8?vQEajc{cqNFJLMCjUWtekyn@o_^u&r+SL%1eK#w%$MNQQkb7-jdvmCAj7vnHGf zciwmYxxTx`ALXreP1Ep!1RNp)hL%QHY|a~17%2-Q25bKEEZJHQ9sh0b86*_}XYbbj zTIR=E63QhzhreD05Rlxb$GV~kcWQuFDB4#Iz@OJHARbhMF{98sKlE)^nLkOP&y^%0 zJ~~EV@cBJIVIxpDZ{hcM!+>nk0VhmgpWJy)MJ>~fPUZz>IMO0}BVaqq?h*Ar?wvEF zATwbmKP7~ge{KA%@?!kBR&3Mz!aCC<{_@!ZrOkVC|Cu_P>@grphZrwK4_R2kev_OM zkic(Fz>MHBf|8uIsd_T9Gvo11 z;6>vcb*`0RM)1p7jzomq?I@V6`ST+_Qj*1I;(e_=4rPrK7x3Ly%mJtq^#fnnRgM2> z{~agOo57FR`iGT%A2Irzkhbzf3QhQpdBj*pIYX2-AhnJfh$w1~% zfa^-%*WUoZMnc<_^Lwk14-Jw_3%8%8nylnIK49`7Pd63pI z;PPnsJN;RnOege^-Z`~vv3r#NS+i)p$Onjq;FmhBNJ^guImuu%EwOYedE%P3iWD7O z7Fm!R$9LN&8f?hE{JME#*sjV7Fk-Osw6y>fpb?@YZopDS9@a%-VdD`})~V?%!&pw- zlHYP~Mn+#?2N?A@%C9z|zEHYaDs)(?`(t9RHhu4%!sDe269+>@*hR{n4dYH#41C?7 zG5mDpmPa^YqW4$b>mFofPk)b=VaYIm$1F`|1B~AR}FF9TT;uG$7dn(7xO?(2L z>E`45)zR53Y%)BUN@ZLU+%D3oWd+sH=={M02z$`rD+en?i&J`*y0^20-cy{|g9{(Sr9SAz!?bD!5NrqJhC+;CL}QCZbv zprvW0hW(~Pv29%0rINYChf?UQ?rmK;uK64;wI_CKem=q0$6P9Md{5I9Yn*i|piD$; z$0*+*%BM$$etCVUZ`Q|;c8k@mA%xKSG*=qRq&u=WS;kt3Lw-J zO4)bsuaVRhmPaH#dW%Gnj(B>!P$%U}YK(ezg3hbdUS;SZr`C`w!cof5ltWclz*2P^ zLfyBA!Y1!nfOm_7R^;ZUS$q}$2?JYeb@x>|9;zJ?Qk9Zb`^jL`xHae7R{G}&=osY` z|Eqb6bV(*h8^A-I#cR*60Xs$x7AjGMt>}C;Si_{=i z$}-YY!s&9tAUM#E7s_vdq(pi%GDYWsg%mkuuUzqx8%^3<2vHq&KuQV(Xpa=4Ibr`@G!^CqNl&%?mn0hx2p&5n@-8 zCf-Zuim!!re}4`^P79S^8@PLX%goj;7piAkJpO}lM-}(m$aA0F>5GD zw|d@)J%`cWD_bPRGh7}8q;jRbFu*j*?!}8EKMYwGDZ7j&M4b}{QpXvV z#`7ms>+1IAz-^}V1GR`FmGTEkJ45vGkqWB2ydY(UKeb{zpbt@4JBk}MR|q4!IC!wS zH13Xqtyn$L0)o%J-IX@1pu6~1B={#fIEztcZZf+dXo_uQN-w|j+rC-1f>{)!m>FHA zuj_Ei=bjy}7=BJVkH4UXF@!%mJ^oyJ(Iow*l)iC=Xk7~c!1)^1`5r=Qs1q~I$>8N* zpq%}!91tL=j~M>?@HjQTKiH^s_k}^)1haf23W;{VBw|k*oDyK$Be_-p2)YEH@~l>E z4f=4qarwcF5+a8sz%Cp=2z&6c5Jd6%7P$db6{Uuw9{;sbe^}V5y zJWcvEQ-+I2EXlrZVfz}qmU^B@$*nH&?3*!p!5sRml0umYas^-hrihY$`Juy#jphQx zKU5Q0BcEyd8CmPkrdLCJrj7#+)>fiR%2z)n-jrpDlQiXL^AmA11JAHXlSKe6Nj<&6 zJ26M^cP{j@fDrZp;zNj_I!z<_?JBPmq7zAy_*E1c&xL|+#U9bIAIk!E`x_te-i7KCm;uUpJXhU6s#5xN@Jgc>8n6NC^6||=x|t(cVGO0H0LRq2qI$bG(s~b8C@0p z@I$DR1$+}^T6Z`KrMj?`$gHtm3njfrIq@(=jEJ871ERYp1NPv*pJHWj`QT82srH$* z7E9f*;REvQ%F^FD$aJ3p_A;Q($W)(+lSBgRkiVnhrK|3KZTZrvmd#8#0&{Xy55iQ7~iO(9JTRuz&NKJuR)OQ^&~q*`D?e7%;Dh6A86WipTMCx^LN;xh>89isqmC{ zH(?%p-Y#L(c@%)-?%#b~YAb~W#oLGV5e2yI1W4{AF6It7vMA8~=q?ty$0F2(@dImp zz>JePmS3`zLEz;1QAZ<=G!ptL=K{X3SV?yI4DI^fSp4tJG6Eclwa)?pYE}ptURYQRQaM(FxI}Org zy-UTXnDR4cOT6JZO5_OlOd+-ghn$rOhkprflLZaF0L_*5Awos0M9ZNPHatzpsv+(Fb5|cCard~BzJ_Z)h_^A^?X|w-KX~+?7Hqg-w?nUj z$pVl?MKyB^PF=x$W$`j27m`F6^JMulsR1Xu(k{q}DV47ow_ajxT&l0j^vb7;>}^C> zvVFT#j7FoSy4pZ=Ca)lAI*e$U&`ss(gf1ux4sIrFDzJUlS z&-l9q&F9b*2%x^b$pEK;9r(7phbuVNK5KmgOqS`JM1hU5>D}t)LhP+pH1{LM>btr$ z0m@}&u-G!u^8TmI?H4wD zA5PD&lOud6M-uPRnp%5nGEdO`OEH+eZilz%{jX7c2*Vk5Tj(p78AlKQfjI%c8&MhHH5Yi zjOk!a|cnCm!V@i(T zOZoo>kP~+X<>hROy*uhJ{siE6uB<7ham7e#h^_fw)mjxg9^3JdIXO`=@1=G4inP}{!w*3V>MM^dz(Swop9quXatt2(m-}^sV+~} zmrM>Bhb>!bRznMu|2rf01Q#S{t?iO}Mi=S!Nj62mV3W8brjx)XQ$fBY3s-Mx98y_y z6iMFoDCxzX^EuNqcM4{x<|X%=Q#^*HqLgC1DmLl={^J-qekfT)Yn&!FOx1aC>#hlq z+#J0)ZSTvo!S2V+MV;3E20FUmU(#FtI z@`}+Uln;3gWO<+?U<9X%-)aGp-{o%W!g)4P8g}MQbZdq69s%0YoZ~of>QC)ilC%kW zZ-Zxe2X+&9Tkur`8zTHHJY^a9<|{{prr@e!T_%I@`BfNTvpEJgD!~Lc85M2mxxYl*V9R;Rw%vcQx>AzduP)6x zIB)Sj(UF24HEaBVh>@Sv(NnK5@x;uvXjuua%XXxhnN5ekLC7*5VJrYH3bG1O8ty>a zI3BFDCy^L(Lzkl;FT04TN8@$0`?B@zR&a&r(vF9JHsIVK@XWaJmbfTv;yCh-hbcQV z11-u5$tWl)%%v;$=NaQDx!=N2k<}j78d!dom{*8onQNn<_Ijvv*!gZoBJKZoDQ8RA zGuoa|quv}u<7LV$n+l4>ptEYMh zbtwW%r}KEGT=FqabuEyjp5Qksz+eny_trNojyzBg2CYakvP(ayd*fPi&YY%-2ZbQv z;stw)kALGw|CguZK$e7c+sYAxmn}gA&)^u5z&l91NAG^)tyf7y5~r){1Nz*)c0Y(~ zAujZm|F*lxbsJMfmd=3$crPcX*%zqEs~hS(Zf9w+%3npdTw=O25qg{|WCgm!*vo{| zORxF($0_LRzJ1K#0$+(`OL;2HJ*BT1CVBh7?f7#)pB)~-i~uja8FkH@jd3H2QwD;{ z4tej_fxFmf0`n&C3tZh-e{5Q`tN61p&Asr8wEOSB@)VgCv0Exa$zr%bI!;@$rP<5) zEO=<1B84(+C@PKa5qdvkQvdR5y)lzdI_K@}3jX@+`Ur<3Mi1YKXznoc*n40IGcJJk zvtlN8beO~K=Dc%gypqLuZ&-jW6E^>o6J%-{f|FaE_Y46D6h(D#SLQTfR&hFj{f#dW zI5#zmjvG$Xzp+AiWA1S}KqE1G9(x>e9**phrF}Ic8FckApE|*}Xq0fTVG_eTzKN@S z(4F<4x^iyiry`?At?F%)?eyRkdvqFOJcDedrI6 zhndg*K} zI1tlmAwJ^H_$LRI>q6RPcz$~nHtdeFvp$2vdQ=mb(wdS5>HTJg7Itq5Pcr|CAY}FH ze(p5hkOR!F(n?r-L>?cLLz@7%P4S8MfCQ}@5JZ}39S%S=X^M36ttSsXAs5B&+O`pU zK4YrGYJsPrVuqe5>+N!-Azj3OWPQ``cLs9KLd-IkK)s)ZXf`|CTn0DaA05Cwwp9VL z$`48dU9?p*tI+-pM~qbUr_~7`)f$cO`cNGfyRq`&gzG#qX7tZ)Y01aUeiL0oAj5bI ziZ$$#v3wPrghNaZlmP9!Rt1M@x)miydEG#GjRuDDNL@m*sxQK;>S{o*R_$u)6*C8m zC^&LMz={P41ka%O`wT@a*Hn~A%s{m7khUC`3##`*(3MD_jVtd^O0 zP)Z5LlN>}B+>k<(1`5n7bZRFA1F~a5)|0C(TmV9ztbm=Fsy_~gQ9(Rp+&Kkyv^Q}d zy%ZtIkUQ(zktQ*tSku)#d(gE0l0GS50Wkmo=tAPX7}@5ZN4eE~NeXv+sMY4}W*ZXm zZWTLA9ay1bt%uobdg zW*Sf)06F#6b<#D#j9}dts!%&)eOu`^qh4bloLhp|LHZc4vTMAqbN&h%0oY?-ayDrl z_d|Bpa+ysODo5RSCm@qdNWA%@DL{H{rNf&l3}IaW;J```t?J+ve1Ugh^mzqBy^$N3<7PX7h&gd|8e!MOVQ%{jM-$M0>On}BWt zo=_>WcXS;K#R*UD`|I23)CsE={l6dmd}<9$=?qVKe879Zja5c8} zGgMAq9io=>OQlaLc{{5?)4liXW0d9BdL^Gg;2W+@H2l)g0JLp>V7(d#qDrfVDU19V zi#S^G6z}a_FZ?6{iW=3g5xeZy%%j*&FyaRK$Or|YXEb~?x^Y?%SsBjNv|7q4!ezjZ z3oAtGLp>kuD*XOS5Wao*s3=Zd!#AER!1U`lC8TcHuWy5me9u~!>$Vqx)Y#&ZL&a&2 zWLJnQCfdL-bnlIRS`Vo!Qpai9mv`?m_U-r6b7>!Bs2+{F*n~u+DrCM8B?0dgd;E#xIwiTV?rPM5CXBkoh4jh zhxo-L!XS4-Qg8UiX>LqvAWf1`NVDfucq2<1!Ve|z!5W6so2=FY`a`3$Wuq2euliUhZX=M7w8{4kn;0`VQH>_FJiI)GIc zpsk{b;wc|B+($d`0D(+cyHe~6)h_^Th@!##*1DF|x({Nm*>(o}ZdD*k$Y*!Q0|U%{ zQv!bP8SPdfQR<->2jBVnX9oxrKFvQEx0+dqq9q3!`o`pG5NAAK6Kok}|Z^%D#q zI=nx@_ky;7!5{_07@bo`IOO+tPD&5F4XI?tM&y&cV*I}>Fr56b25Rnze}5Oaj*ei~ zbfYEo1Yjr#a%XTFZyqQ;h9tuwjzQY(>7U#Ffh6iot4kkXTuH{Bc9fD(3CZ%CxSKlZ z)o835i6(8bSbGoUubIy}hzs8%9}o9|dz}%E|4Cit|Hn@EahCOL8UPWwcGJaBuGRW$ z*oZkYfcoTvTK!yLq@UP~T9vSJWjziWk_8Lpu&CuRD$h51nFg*NM$hx>u^yLbRpE+R z0zQJ@tol#gTTQ!mSV*GNdgwfebUCN7u(;PsFRLE=Qe54#2QJ)%B6-=|M(7#*2j$_&G);S|sMTEXe z%Bu;^G%z4u3dgpzO^Yk&AD`8%2I+45;U*K>4hwRT{AQagC6JA3W;` zjQDjehiYS%)uWj#gr3H+YIf=X~vS^m>`vnxd)H zwQ)D49jSRitC^4e!*xCNU;)9~Rjo)?v@MpM-dPL;>>>9be5YI%$*H5Igi003v3kY? z)Al3~xRJ8Rn#yOjmWhTHwTgBh2`R_vs8Jl*k27wQW=IDseK7Pt@y8B^WgWHeci7Bf zljoM(+L`r;ks7p5Gyu$wkw=2E9HP&(d(f)Vg@;q9{*BOSyJ#s}CfqY^Y3}I=0x+;O z57}A1CVy|_S6syRE@_)`Cbh;8a8T5v^AH?3zMtn$j_?9w<%oddOvzr9#L|9$$<(*J zaQWM@W}i>Nuy%T8Y>NmD-h!qhB+(1SL?;oP%1eFrCpx2FT}>$b=HRPQ_I}Si{?NL2 zV)zo5<112@2X)oi={wW~2Ft?uH=wC6?W~@vKRBDQ}TG&O(k_wnQ z;0u$vz_fkc`vlVulQ^>il1KyP*Pww@;#c%AA)N+RJx_@wQmSaGZLMdaAy9;vqD%x( z<$wC2nFHP9{rG-7gxEZPttZ^GRw0StZu8AmYMMC>!rvh&z+7E<(jj{t zerE^7&dk`?J4&_!a`FIX?DrZ14R0RU&A#*IYp(bcu#vBvMz$UIBZmvTFS!h>9Xt`N z%)Uui0rPY^+a_-9n`Gu%=f(_MmO(zyDM_XliEq39dUmoh!x%a7YRhuQ&1g#Kq)%_3 z|3X4e89fpmnYkKghuaGobEAkNfF)!R09}R>Wk$OVN!eVd@WrT)Z8JmN%J~*V5PAXO zY3U!A$5*z$x*Ee1lUK>yzQ4N3HI=2fq)g>Kn982LM5;nxmeN`6U4LCyhvp`6<&H2TQS;AVknunlS^hI1Tg~X&{$fYu8^Xfn zWgm(38CW=;o){5u4-_LXBC)h+?vR6?n8$p*SX5oA0km46-cEmAUzQIgRTY9( z>VG>6WGb2QWoui|@@=D}%}DZz?plcXLxg%U(epkhr(=yN7NBE^<5diMY%tT%GWf$q z)azO3IP4R0rzrj^-XH!xIr5j8l4D>>UD+LJRB`xTRJB0Bp=BLhVp zz2@{KRidVmK`ythrp+c@VCJjLfeuW4VDDjTE`r89jGo+PHDN3>NTv-rs<&msY#l~g z%77EPA{vt#Vk;nK-vnSMIs*+0@{VGfz{c#mY3m7ivOtU&3Y3dB)wf4gKi;5=r=A?lT(O zcI&?lyRUL;IrLKPPlL3fL^6fc50|Lrew_+UaCBzVEO4Y5dPZRiNMfpxFr z_B+>Cno?}rWlknJQ5%aeFM+W>viRly7 z!6(^F#$nErkVs$gnqf!7qj;&D{9|^VPDB^$EBY(9Fmu69aR%`LL)se21;f&^I&u_bY zwoJ4519L?BJaH67WECLZ7+QefqhwGh;Tz8YDaZJ~`3EjaU>6+c)?K8D z8jF|yct8j;`+B+hwB12^U*Hf?HLZLsGkN)O#62-{%K%pAqke~*BC5psq&9-uYJO=O zuwjHDF&g3DsIrs7i}7IHlKn2rDB8L`*H_ilp@k&2dFu=ia_D=f12II6bSn=fblf-& zW|H95dGMD$ypXG$b_Iih%5^pPjuPo?ZJ2{gjhQF1wQLkDvq2{>x?Q!G$~sV@AX%$vF zUN5OQ{R4CB!9rY|F*-b-RDO2H7M@+DBl_`i#dYO_^g7|Yds~rYooNS5&C6PFyv}l< zaHI-RZNxDd)+pyyRX==h-OZgi*C=z;0reOXn$y3;VSO@yU;-63Ks(^6_1GoK+ur2; z_@-~Mi!0#3>ijihqY}JrJRe>GoFs*3!GFCw0`Lw$&lRg<+2oEf*dfG8O|Z8VUHr@< zs5U>`Z|*Bwx(r6hy<7lsi?TzCeyjPjMa;cV$6&;Wqh+5$xBD342O` z3@pT?*n$Ot4|e?tOScy)Ui_p@IyccUJ5gW zQ!e?6JhK4Z)u8ZU2~r)(@8g^F@y9Oa6cr0=vA0xPm$>rE{PdN=SnWSZqi9F+&b*cI zIKpaeZVeD!tXga(=r$R)Cd}{f`$iR~h2zh80PQs0x}*~tM-W(#+p=e{PNc4%ja_mG zXvjP)4HCaA*rsBHc|(E6H%i!C+bWWy{OGyn6Q*l1XUpj+v-haeS8}H~ZI+A99QPkE zOxo*&5f9?FvM7>~H!YN0HzHlK0BOCL6wmw(GN)9~<}ayZpy5X)-@yn(#e0WyweY$f zkWROPZU zwI?fx7?cu%2s|4kK zUfqxS*xn6}`;Xw{A)PzQ`zzuszAFnl|54=1Mi^z>F*@_zX4p55qym{V?LR-Dbcan0d?s>JoSp_B(?`Ma9Wcq!DlS} zd}~3Nm=Ik}NGEs3(lN+%c~gd33%ulHkv=rG%k;6%Vec(4sg{?Uy>v0@r9Hm@oN;+K zYIj9$hDil}7Jt#SobHZ`3>*D|eC`=ZhfqLg@Z{Q#1vFAuiusMvidC;F=?#B#mww{?P0{aO4vt6*tO59d=DoEFt$ z`pmF`0rY=KRWW+)UcNM-am4mn~N8mW~U_Zti3rZ+}F~2x0I^nffNf1Ae0(11(j|_oLoZX=qnbc#IRm>H#K@F&dY7tRO^58 z0%?}duv%Q{@po;|lOjF34jWf2Y(NC{@#z%$Nd_d0k*l`eX=Mi!iyr0F)y}$eV&D%- zC9-cP3?ZsxyPZZHw+TokbcJrGtNhUwg-knmoC?RqapHVGR?}QHQx%#Y7ebb5nM21@PXDd9+RF&A-BE=wl3+MZf6 zKje9^4C*heR{)U;{2yCrW$@@Y7K%n4Z*!$9h{|`r$3DoEgLD=H^g+ zaxTw_7TM;8lQ+CLb-Z>!1DC4mrlm-h3vvq0v1!i%FVZaBlZTXwo|xu0$NlqDSaB@S zK=3YQ$NoogGN858paZ$TZ=5}G<7Sf7Mubr}Q*thz^p)&2U4xK5CGLoL^763%v2-RP zqax&YQUWVrPYhpUwrB4yh%o%ghQlh zHO=CF2N}O_C?}84m&#%rST?z@+gMcFNV+6uSKBcWry+nhSaFTPpXYgyx%0CAUivhG z9YBb@L|M@YWy#h3`_&{0za$#5Z+2U;o5cHl>0R#6TC^*KKD8Tzy9L}9_uf&pD%04IE=9032Vw4t1ifS(WDn7YJZ<_Si%nIey8?LKOM7S z!N~na^yIBM7;6o14^bS;JKZ)n83F^#qaMXMS14IPF)_u(ruPBTR%P_2{;MIc{cA&n z&Xte8zb?WmI5KdZJTiQREAVxpie?+VIHjA2@oNGaJ(vZQ^F(g1iy6c4>>spxFOTm{ zW7qoHCUlD~+uYKz$1!@sYZuj&?X|B^h0)FY<^ko5ql8Xt6f=O)!hHEw-KEn+n1UQm z=)M>RSm@j+<``8>tQTrgZ^MbWS(~fP4QrOlbqT+?nR4z2u<&DW7C?wMvSw% za{9~|@n6KsRB43=ft4I^Eh#>+#@VJt0qR*O#*n^q4 z^#usyvj={)a?*E>ZS{g^PikPNtA$kNEr~M1@7I*O*wsVZ^zB_=AN%LZ<|lw#se*LF zz&~C7Bga0n93X~GXY%n6<=sTgfLzC+G-;Ex4?-Lc=g9ooKB`Ti7X z*pTTf(8*g*cHu*2z^hVs_6S{5*a5I`O|+)K-8L$)GqX}swOXs$EW$DYt2&^qpRZ`N zbwsOD9d9tA`KF}FjY@=>U(Y^aSOc~}L%bP$? z?spsa=gJxv!KDhX?1%IGjMJcrD{t6VUgktlhwb&Y-U1UB1q{A*ia)Uo=j%2Qg;ge} zkIr8P4!NN~l(#b5e20-GINn0>Et>=y!zE4_-Jq9~rF5HK=kq>O0t@!2$&b}yGx~-v zlnyUD#N%moB^aDP_>s5zJS;SRP27nnVGy>~98JPN}$@ zv0;-w;JAYgj`ET&kL)2sr{%8 zD9loMFyTFh%(NbHW?z?!;gP8kD45Rn(7FZ?5Fr)7Q4u{e($V_p*{&{I>2ge*rFBr{ z6ldbu+>OjZGkGnxW5)l9d*#ED!ABRKU3#Fp-^1D9vEy=F&VN4_WD?IXr