From bd45dfe1851a1ed8356e81233c47bc53d7d98760 Mon Sep 17 00:00:00 2001 From: ksrinimba <36603781+ksrinimba@users.noreply.github.com> Date: Mon, 9 Aug 2021 14:28:24 +0530 Subject: [PATCH 01/29] Update Chart.yaml Bumping up to trigger helm-repo update --- charts/oes/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/oes/Chart.yaml b/charts/oes/Chart.yaml index 537ca8e3..ecb52313 100644 --- a/charts/oes/Chart.yaml +++ b/charts/oes/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: oes -version: 3.9.0 +version: 3.9.1 appVersion: 3.9.0 description: OES is a non-forked version of OSS spinnaker icon: https://raw.githubusercontent.com/OpsMx/enterprise-spinnaker/master/img/opsmx.png From 56da877a00fa3d7e330ad646ffd5e1a0e95005c8 Mon Sep 17 00:00:00 2001 From: kishore438 Date: Fri, 13 Aug 2021 23:37:43 +0530 Subject: [PATCH 02/29] Added option to mount cacerts in all OES deployments --- .../deployments/oes-autopilot-deployment.yaml | 13 +++++++++++++ .../deployments/oes-dashboard-deployment.yaml | 13 +++++++++++++ .../deployments/oes-gate-deployment.yaml | 13 +++++++++++++ .../deployments/oes-platform-deployment.yaml | 13 +++++++++++++ .../deployments/oes-sapor-deployment.yaml | 18 ++++++++++++------ .../deployments/oes-visibility-deployment.yaml | 13 +++++++++++++ charts/oes/values.yaml | 10 +++------- 7 files changed, 80 insertions(+), 13 deletions(-) diff --git a/charts/oes/templates/deployments/oes-autopilot-deployment.yaml b/charts/oes/templates/deployments/oes-autopilot-deployment.yaml index 757ca190..ea0af9ab 100644 --- a/charts/oes/templates/deployments/oes-autopilot-deployment.yaml +++ b/charts/oes/templates/deployments/oes-autopilot-deployment.yaml @@ -36,6 +36,14 @@ spec: path: bootstrap.yml name: bootstrap name: bootstrap-config-volume + {{- if .Values.global.customCerts.enabled }} + - name: cacerts + secret: + secretName: {{ .Values.global.customCerts.secretName }} + items: + - key: cacerts + path: cacerts + {{- end }} imagePullSecrets: - name: {{ .Values.imagePullSecret}} {{- if (eq .Values.db.enabled true) }} @@ -64,6 +72,11 @@ spec: - mountPath: /opsmx/conf/bootstrap.yml name: bootstrap-config-volume subPath: bootstrap.yml + {{- if .Values.global.customCerts.enabled }} + - mountPath: /etc/pki/ca-trust/extracted/java/cacerts + subPath: cacerts + name: cacerts + {{- end }} readinessProbe: tcpSocket: port: 8090 diff --git a/charts/oes/templates/deployments/oes-dashboard-deployment.yaml b/charts/oes/templates/deployments/oes-dashboard-deployment.yaml index 05a4e530..f64ffbb1 100644 --- a/charts/oes/templates/deployments/oes-dashboard-deployment.yaml +++ b/charts/oes/templates/deployments/oes-dashboard-deployment.yaml @@ -40,6 +40,11 @@ spec: - mountPath: /opsmx/conf/bootstrap.yml name: bootstrap-config-volume subPath: bootstrap.yml + {{- if .Values.global.customCerts.enabled }} + - mountPath: /etc/pki/ca-trust/extracted/java/cacerts + subPath: cacerts + name: cacerts + {{- end }} resources: {{ toYaml .Values.dashboard.resources | indent 12 }} readinessProbe: @@ -56,6 +61,14 @@ spec: imagePullSecrets: - name: {{ .Values.imagePullSecret}} volumes: + {{- if .Values.global.customCerts.enabled }} + - name: cacerts + secret: + secretName: {{ .Values.global.customCerts.secretName }} + items: + - key: cacerts + path: cacerts + {{- end }} - name: dashboard-config configMap: name: oes-dashboard-config diff --git a/charts/oes/templates/deployments/oes-gate-deployment.yaml b/charts/oes/templates/deployments/oes-gate-deployment.yaml index 58fee2d7..5cf3d449 100644 --- a/charts/oes/templates/deployments/oes-gate-deployment.yaml +++ b/charts/oes/templates/deployments/oes-gate-deployment.yaml @@ -68,6 +68,11 @@ spec: name: metadata-xml subPath: metadata.xml {{- end }} + {{- if .Values.global.customCerts.enabled }} + - mountPath: /etc/pki/ca-trust/extracted/java/cacerts + subPath: cacerts + name: cacerts + {{- end }} readinessProbe: tcpSocket: port: 8084 @@ -90,6 +95,14 @@ spec: secretName: {{ .Values.gate.config.saml.metadataSecretName }} name: metadata-xml {{- end }} + {{- if .Values.global.customCerts.enabled }} + - name: cacerts + secret: + secretName: {{ .Values.global.customCerts.secretName }} + items: + - key: cacerts + path: cacerts + {{- end }} {{- if .Values.autoConfiguration.enabled }} - configMap: name: oes-gate-config diff --git a/charts/oes/templates/deployments/oes-platform-deployment.yaml b/charts/oes/templates/deployments/oes-platform-deployment.yaml index 3ed31bc8..949ea4b4 100644 --- a/charts/oes/templates/deployments/oes-platform-deployment.yaml +++ b/charts/oes/templates/deployments/oes-platform-deployment.yaml @@ -60,9 +60,22 @@ spec: - mountPath: /opsmx/conf/bootstrap.yml name: bootstrap-config-volume subPath: bootstrap.yml + {{- if .Values.global.customCerts.enabled }} + - mountPath: /etc/pki/ca-trust/extracted/java/cacerts + subPath: cacerts + name: cacerts + {{- end }} imagePullSecrets: - name: {{ .Values.imagePullSecret }} volumes: + {{- if .Values.global.customCerts.enabled }} + - name: cacerts + secret: + secretName: {{ .Values.global.customCerts.secretName }} + items: + - key: cacerts + path: cacerts + {{- end }} - name: platform-config-volume configMap: name: oes-platform-config diff --git a/charts/oes/templates/deployments/oes-sapor-deployment.yaml b/charts/oes/templates/deployments/oes-sapor-deployment.yaml index d22b6ca2..19cbb0db 100644 --- a/charts/oes/templates/deployments/oes-sapor-deployment.yaml +++ b/charts/oes/templates/deployments/oes-sapor-deployment.yaml @@ -55,9 +55,10 @@ spec: - mountPath: /opt/opsmx/bootstrap.yml name: bootstrap-config-volume subPath: bootstrap.yml - {{- if .Values.sapor.config.caCerts.override }} - - name: certs-volume - mountPath: /etc/pki/ca-trust/extracted/java + {{- if .Values.global.customCerts.enabled }} + - mountPath: /etc/pki/ca-trust/extracted/java/cacerts + subPath: cacerts + name: cacerts {{- end }} {{- if .Values.sapor.config.spinnaker.x509.enabled }} - name: certs-x509-volume @@ -84,9 +85,14 @@ spec: - secret: secretName: oes-control-secret name: certs-volume - - secret: - secretName: ca-secret - name: ca-certs-volume + {{- end }} + {{- if .Values.global.customCerts.enabled }} + - name: cacerts + secret: + secretName: {{ .Values.global.customCerts.secretName }} + items: + - key: cacerts + path: cacerts {{- end }} - configMap: name: oes-sapor-config diff --git a/charts/oes/templates/deployments/oes-visibility-deployment.yaml b/charts/oes/templates/deployments/oes-visibility-deployment.yaml index 063bd0cc..ab657308 100644 --- a/charts/oes/templates/deployments/oes-visibility-deployment.yaml +++ b/charts/oes/templates/deployments/oes-visibility-deployment.yaml @@ -46,6 +46,11 @@ spec: - mountPath: /opsmx/conf/bootstrap.yml name: bootstrap-config-volume subPath: bootstrap.yml + {{- if .Values.global.customCerts.enabled }} + - mountPath: /etc/pki/ca-trust/extracted/java/cacerts + subPath: cacerts + name: cacerts + {{- end }} resources: {{ toYaml .Values.visibility.resources | indent 12 }} readinessProbe: @@ -62,6 +67,14 @@ spec: imagePullSecrets: - name: {{ .Values.imagePullSecret}} volumes: + {{- if .Values.global.customCerts.enabled }} + - name: cacerts + secret: + secretName: {{ .Values.global.customCerts.secretName }} + items: + - key: cacerts + path: cacerts + {{- end }} - name: visibility-config configMap: name: oes-visibility-config diff --git a/charts/oes/values.yaml b/charts/oes/values.yaml index 353b806c..27fb3492 100644 --- a/charts/oes/values.yaml +++ b/charts/oes/values.yaml @@ -60,8 +60,9 @@ global: certManager: installed: true - self-signed-certs: - enabled: false # At this point this is not supported + customCerts: + enabled: true + secretName: self-signed-certs # Needs two Keys: cacerts and ca # TODO: Document procedure for creating this one # Below flag is used to setup tls termination at ingress # when this flag is set to false; spinnaker and oes endpoints @@ -556,11 +557,6 @@ sapor: datasources: platform: true - ## Set the below field to true if default java cacert is to be overriden - ## - caCerts: - override: false - ############################################################################### ## ## Values of OES UI From ccc2fb04c2b666f5ab81f17c7027a437eb525c77 Mon Sep 17 00:00:00 2001 From: kishore438 Date: Fri, 13 Aug 2021 23:50:49 +0530 Subject: [PATCH 03/29] cacert-related clean-up --- charts/oes/templates/configmaps/oes-sapor-cacerts.yaml | 10 ---------- .../templates/deployments/oes-sapor-deployment.yaml | 5 ----- 2 files changed, 15 deletions(-) delete mode 100644 charts/oes/templates/configmaps/oes-sapor-cacerts.yaml diff --git a/charts/oes/templates/configmaps/oes-sapor-cacerts.yaml b/charts/oes/templates/configmaps/oes-sapor-cacerts.yaml deleted file mode 100644 index 7cf85e60..00000000 --- a/charts/oes/templates/configmaps/oes-sapor-cacerts.yaml +++ /dev/null @@ -1,10 +0,0 @@ -{{- if or (eq .Values.installationMode "OES-AP") (eq .Values.installationMode "AP") (eq .Values.installationMode "OES") -}} -{{- if .Values.sapor.config.caCerts.override }} -apiVersion: v1 -binaryData: - cacerts: /u3+7QAAAAIAAACNAAAAAgAXZGlnaWNlcnRhc3N1cmVkaWRyb290Y2EAAAFwnFfleAAFWC41MDkAAAO7MIIDtzCCAp+gAwIBAgIQDOfg5RfYRv6P5WD8G/AwOTANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgQ0EwHhcNMDYxMTEwMDAwMDAwWhcNMzExMTEwMDAwMDAwWjBlMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtDhXO5EOAXLGH87dg+XESpa7cJpSIqvTO9SA5KFhgDPiA2qkVlTJhPLWxKISKityfCgyDF3qPkKyK53lTXDGEKvYPmDI2dsze3Tyoou9q+yHyUmHfnyDXH+Kx2f4YZNISW1/5WBg1vEfNoTb5a3/UsDg+wRvDjDPZ2C8Y/igPs6eD1sNuRMBhNZYW/lmci3Zt1/GiSw0r/wty2p5g0I6QNcZ4VYcgoc/lbQrISXwxmDNsIumH0DJaoroTghHtORedmTpyoeb6pNnVFzF1roV9Iq4/AUaG9ih5yLHa5FcXxH4cDrC0kqZWs72yl+2qp/C3xag/lRbQ/6GW6whfGHdPAgMBAAGjYzBhMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRF66Kv9JLLgjEtUYunpyGd823IDzAfBgNVHSMEGDAWgBRF66Kv9JLLgjEtUYunpyGd823IDzANBgkqhkiG9w0BAQUFAAOCAQEAog683+Lt8ONyc3pklL/3cmbYMuRCdWKuh+vy1dneVrOfzM4UKLkNl2BcEkxY5NM9g0lFWJc1aRqoR+pWxnmrEthngYTffwk8lOa4JiwgvT2zKIn3X/8i4peEH+ll74fg38FnSbNd67IJKusm7Xi+fT8r87cmNW1fiQG2SVufAQWbqz0lwcy2f8Lxb4bG+mRo64EtlOtCt/qMHt1i8b5QZ7dsvfPxH2sMNgcWfzd8qVttevESRmCD1ycEvkvOl77DZypoEd+A5wwzZr8TDRRu838fYxAe+o0bJW1sj6W3YQGx0qMmoRBxna3iw/nDmVG3KwcIzi7mULKn+gpFL6Lw8gAAAAIAFWFmZmlybXRydXN0Y29tbWVyY2lhbAAAAXCcV+V4AAVYLjUwOQAAA1AwggNMMIICNKADAgECAgh3dwYnJqmxfDANBgkqhkiG9w0BAQsFADBEMQswCQYDVQQGEwJVUzEUMBIGA1UECgwLQWZmaXJtVHJ1c3QxHzAdBgNVBAMMFkFmZmlybVRydXN0IENvbW1lcmNpYWwwHhcNMTAwMTI5MTQwNjA2WhcNMzAxMjMxMTQwNjA2WjBEMQswCQYDVQQGEwJVUzEUMBIGA1UECgwLQWZmaXJtVHJ1c3QxHzAdBgNVBAMMFkFmZmlybVRydXN0IENvbW1lcmNpYWwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD2G09nByuhFfUGIssfAbLjc0UGREksu0klFNbOw7erLE/GQTKUV/oSp1sO4o8fHoYZp6q1LblfDYrCr4U1eTItuxxiN/KxW0o9ys1xX+lCvpToyN75IkhkxuWrxittrQXw+tULz5rl8FCkiztHpSNbenr4Mz+475mX4yDB1iiJz5T7uUXt40AXEdR08Asx4ismaptMV66sID66RXoF872baRWufU4gY8Q1djoHAsk3/cdH7ujxdh1zFfKXpLXIennZQqorf1z+ziZPo2aBNa9EulQeHDAyZZ3mPJNeUE564zrUbswa+/nSN64kKqtXAyIoDUl1f7co2nW/juPcDnkxAgMBAAGjQjBAMB0GA1UdDgQWBBSdk8ZTi17Krz+fHg/lmZW8JPaUjzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAWKz0BA7NwA3/Cv3UuhZfKb17aJlYSdK0HTdNfyd9RgZdQ8aGLj5zsiZ9T5OptsQqmqshlxSx3ozTq4kV2Gsk1PEWrtikXNR/UY7tGAGxk2O9vPhhgJqesc5CcOKpfQYlfSeh/m/ssx4k2uNLVRoAOzW0O9nXXTD9gROJ8sIGK+1nxI7JQ7JcaxWJArxi/E7ytTOqsm/TCqJQ4/Y76C5EwttmOKkzVkjxbRszjQ2MP2A3ndPKbX40fg2fcnaLG59y/VI1QUUCli8csppzSSGxSUdFR7TvajQRyU2azFm31gKeWk5ltZSuG98psBbxvwCeBzoXZLUEtSMhmQqVO5d87wAAAAIAGXQtdGVsZXNlY2dsb2JhbHJvb3RjbGFzczMAAAFwnFfleAAFWC41MDkAAAPHMIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDMwHhcNMDgxMDAxMTAyOTU2WhcNMzMxMDAxMjM1OTU5WjCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9dZPwYiJvJK7genasfb3ZJNW4t/zN8ELg63iIVl6bmlQdTQyK9tPPcPRStdiTBONGhnFBSivwKixVA9ZIw+A5OO3yXDw/RLyTPWGrTs0NvvAgJ1gORH8EGoel15YUNpDQSXuhdfsaa3Ox+M6pCSzyU9XDFES4hqX2iys52qMzVNn6chr3IhUciJFrf2blw2qAsCTz34ZFiP0Zf3WHHx+xGwpzJFu5ZeAsVMhg02YXP+HMVDNzkQI6pn97djmiH5a2OK61yJN0HZ65tOVgnS9W0eDrXltMEnAMbEQgqxHY9Bn20pxSN+f6tsIxO0rUFJmtxxr1XV/6B7h8DR/Wgx6zAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBS1A/d2O2GCahKqGFPrAyGUv/7OyjANBgkqhkiG9w0BAQsFAAOCAQEAVj3vlNW92nOyWL6ukK2YJ5f+AbGwUgC4TeQbIXQbfsDuXmkqJa9c1h3a0nnJ85cp4IaH3gRZD/FZ1GSFS5mvJQQeyUapl96Cshtwn5z2r3Ex3XsFpSzTucpH9sry9uetuUg/vBa3wW306gmv7PO15wWeph6KU1HWk4HMdJP2udqmJQV0eVp+QD6CSyYRMG7hP0HHRwA11fXT91Q+gT3aSWqas+8QPebrb9HIIkfLzM8BMZLZGOMivgkeGj5asuRrDFR6fUNOuImle9eiPZaGzPImNC1qkp2aGtAw4l1OBLBfiyB+d8E9lYLRRpo7PHi4b6HQDWSieB4pTpPDpFQUWwAAAAIAEWNlcnRpbm9taXMtcm9vdGNhAAABcJxX5XgABVguNTA5AAAFljCCBZIwggN6oAMCAQICAQEwDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCRlIxEzARBgNVBAoTCkNlcnRpbm9taXMxFzAVBgNVBAsTDjAwMDIgNDMzOTk4OTAzMR0wGwYDVQQDExRDZXJ0aW5vbWlzIC0gUm9vdCBDQTAeFw0xMzEwMjEwOTE3MThaFw0zMzEwMjEwOTE3MThaMFoxCzAJBgNVBAYTAkZSMRMwEQYDVQQKEwpDZXJ0aW5vbWlzMRcwFQYDVQQLEw4wMDAyIDQzMzk5ODkwMzEdMBsGA1UEAxMUQ2VydGlub21pcyAtIFJvb3QgQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDUzAkKLD+S9n8UngucmmodQDBk/arfDh4GW59QherNjatDZ96w+n6Alp6EeJJI1uM57s7kWViX5S4nmOqTqHebSvDvdIAt6zAftdnHgJxiJ5GI8EqJ3dyI5hT51QMv/5XbvZ/sLPoUFVmVCsZHfGkYuacD+cp2qc/Hb7ReBf7uwVKydTKH7O0pZjvzShaC9taa23KY6d7wxUylq7XqAeKMLmR/ZG/9oyWTi8iiDkmNNPAf7FhFLjSqhFC957JKE7iwD644XbCpG+ZzyVqh2WZAqqlNpjQCrYR+siPB+yrGZ/Q0trCVajNPcUS1rcB5M4jgv+2joBS0nAmwCuNgvvj4ZojNW/F3BeC1c27BfUYujksnps01Cv3lTX2qKqMpx1poBOjl1pOkYsLF5vRPxvmfGo2CSRmKyllDOugNMsH0TBMDb26mP5Fzy8pzbxIgi+7AgnjeSy7CScMd7Rb2JPQnG1xXMdxV7qgeb2ys4kXMV1eKdVcZ4LVYmUk2MTwzAW0WSs24KoOEhpv5YNIfbZED02Cm1T2a3XeQPTWknw9e9VJEabnAutzPfd982cSshiIyvHtrke96+BdosOJTVWAtrz7Cg9jZCSvwwGTbh4uRzJHrBP12tJWa5hQGG9U0Hb7Y/3QcU4WZ4FlSSmHtiJ5rSYlGfiBa2edK5Wru0mURQwIDAQABo2MwYTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU75FM9aXDMOgvCOrTcSKkkmh4dNkwHwYDVR0jBBgwFoAU75FM9aXDMOgvCOrTcSKkkmh4dNkwDQYJKoZIhvcNAQELBQADggIBAH49VNoiXRpYPjtUJ7q6zMjjGmrqPvkS61ZfPVDO4OpIJibPeVZ+kRyZP9ChkRwsD0+YlVlTvdAi2IhdnDf8+2TBeIyLmmAJ6tX6IV/QdGXnUMW/LrkLC621sBemEozUYnjqVmrsCtJAwzwFMD5NlLefSgPTfSdLtv5EzvoZMxptpELR3czIyNcWUoNPNZSzElV95eJC6+SckwnATFsHq8dtEaBQF5QjqLUKkg+yesFgLDjMGqZb//IM46ofHNy4oJMn3mPjfyGfOuWe+uATanXrllxikZSOZ1O2ifgSCctvUlsDcoZQlQjUjYeGFR+VJNikb5rOpJ2bbdKydgaGxlYIxesJ2jbCG1tBvmEq43DmuKb4tlrEvSH3/6pfoWx2OWbW6kxV4QAzmxOYY8lv0AEgCTdS5wxPPs289V+WJ6cgApXgLugHQQUfFW7WsOQZ4A8CkwAncsWL0VQfXUrDQJd+VaZ8wTMEFAEdSSBpCxmTnW5YIvdADEYMI2PzOdJ/dlGn9Mih8Qx2IiNGUikt4qNBB1ZpmNIFCbxpx1phzY+BYBVNgN2Q4n3EUPKMO25Kx8bmgCs8gbwRgBYQJ9fwzT95zHMqw35TkdZu+PXzx9BRTY5LpVvmGRc71oEJ3CLc7o65xI9T4We7M7iIFUbP7Wk1/3UNRvPOceHFa4ZCBrlBAAAAAgAZdC10ZWxlc2VjZ2xvYmFscm9vdGNsYXNzMgAAAXCcV+V4AAVYLjUwOQAAA8cwggPDMIICq6ADAgECAgEBMA0GCSqGSIb3DQEBCwUAMIGCMQswCQYDVQQGEwJERTErMCkGA1UECgwiVC1TeXN0ZW1zIEVudGVycHJpc2UgU2VydmljZXMgR21iSDEfMB0GA1UECwwWVC1TeXN0ZW1zIFRydXN0IENlbnRlcjElMCMGA1UEAwwcVC1UZWxlU2VjIEdsb2JhbFJvb3QgQ2xhc3MgMjAeFw0wODEwMDExMDQwMTRaFw0zMzEwMDEyMzU5NTlaMIGCMQswCQYDVQQGEwJERTErMCkGA1UECgwiVC1TeXN0ZW1zIEVudGVycHJpc2UgU2VydmljZXMgR21iSDEfMB0GA1UECwwWVC1TeXN0ZW1zIFRydXN0IENlbnRlcjElMCMGA1UEAwwcVC1UZWxlU2VjIEdsb2JhbFJvb3QgQ2xhc3MgMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKpf2htf6HOR5dpc9KLmR+XzaFVgBR0CpLObWfMeiq80rfwNwtlIGe5pj8kg/CGqBxntsFysZcdf7QJ8e3wtG9a6uYDCGIIWhPpmsAjGVCOB5M25ST/2T243SCg4D8W+52hw/TmXTdLHmJFQqsREsyN9OUfpUmLWEpNetzGWQgX7dqceo/XC/Ol6xWypcU/qy3i8YK/H3vTZy75+M6VulIPwNPohq+qOcqA/pN4wW++GTWqVW0NEqBAVHOUBV8WY8eYGKJGqIMW3UyZRQ7ILEZVY4cAPdtnAjXyB83Jwnm/+Go7ZXzXGsm80fL5IT+JaOdfYnXien4Y+A14Zi0Si1ccCAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFL9ZIDYAeaCgImuM1fJh0rgsy4JKMA0GCSqGSIb3DQEBCwUAA4IBAQAxA6JhCx906HI2xm35TZ76IqjhgVbPzbuf6quRGTivqnwVTfO2o42l9I72RKmn6CGVrT4AYhaI8AK6/GEj5jObMHprNmJ7rQQjhFhl4tsriuclUzdiU1+82gFiKaKmJ3HmOiJ+wW8dlXAgSgc03+r/FYDlutd62Ft1fAV6KUd+QKgxE3fNQDu0UUd6LhHjRxHenWbQi9VUZvqDVep8wimJG+lvs87iBYTJLz54hWJuyV/BeGN0WMBIGAyZOeukzBq1eVqNFZzYFA32egdXxyKDBS08myUmPRizqUN8yMirZI8Oo7+cG50w29rQGS6qPPH7M4B25M2tGU8FJ44ToW7CAAAAAgAfY29tb2RvZWNjY2VydGlmaWNhdGlvbmF1dGhvcml0eQAAAXCcV+V4AAVYLjUwOQAAAo0wggKJMIICD6ADAgECAhAfR6+qYgBwUFRMAZ6bY5kqMAoGCCqGSM49BAMDMIGFMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01PRE8gQ0EgTGltaXRlZDErMCkGA1UEAxMiQ09NT0RPIEVDQyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wODAzMDYwMDAwMDBaFw0zODAxMTgyMzU5NTlaMIGFMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01PRE8gQ0EgTGltaXRlZDErMCkGA1UEAxMiQ09NT0RPIEVDQyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTB2MBAGByqGSM49AgEGBSuBBAAiA2IABANHey91yYIVhft15JEW1KtimfU+UgsGzkEAf5fhCiQ8HQEE7j3SjQmXDOB15Pr7d4oq9QNgSzaLFiMWrQlx9Er0KFC0/ogcbj9sLy8JWVulWwszmeLDPYn5aizvstMG6aNCMEAwHQYDVR0OBBYEFHVxpxlIGbydnepBR9+UxEh3mdN5MA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MAoGCCqGSM49BAMDA2gAMGUCMQDvA1t6rLd4CnK3iN//tUYUCQr6oOZ9CMYah70YqHO9JspgDJ3OmZ/PXA8w4b4UMeoCMBT0kzxJpzN6kEZHs2N9E5tOt28YN4BT/t0g4DWaNtHHAbnm3N3z/x0sOhZX2ZI51gAAAAIAFHN3aXNzc2lnbnNpbHZlcmNhLWcyAAABcJxX5XgABVguNTA5AAAFwTCCBb0wggOloAMCAQICCE8b1C9Uuy9LMA0GCSqGSIb3DQEBBQUAMEcxCzAJBgNVBAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcxITAfBgNVBAMTGFN3aXNzU2lnbiBTaWx2ZXIgQ0EgLSBHMjAeFw0wNjEwMjUwODMyNDZaFw0zNjEwMjUwODMyNDZaMEcxCzAJBgNVBAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcxITAfBgNVBAMTGFN3aXNzU2lnbiBTaWx2ZXIgQ0EgLSBHMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMTxh3/TeDH3OMn4w5lDvMf3vDfnTnG6S4+lcx1cbpiuA1euODdDLxc9H8jOaBDBeK4ZAysQ+ix5g/bouWi5VfIERKc5+fwEix7xok0n+WF7urflohO262E+0GzR5vv6Xu0dtJ6gNVuhksvwSZL+hQoFPubZC+JPu9yVN/yR6TI1ItEfOk4nhZ2wFZQy2mENR01gQq6SR+iDWlBY6YqLuV2h3N2ZSh82Z7tI5IO2N+tIOq8PZ48XB+gEyu9qMYfUwLb5lHF7Z2S4tpFKQntlLjBqDPWQ7pXm8s2C7NmhSuz2skvlRYXmbXiTBC6cgm02qcQxZB+Ggwsq9DUKeMlVz0GwR+kwn5m+YagGhLkoel842RupOLCDf3PBwztIKoIPIZu4zKg1w4Qbg7M+vqSVaQE6iQB4BNnJ9JkZq1Z+W4uGORWRpBAsCTKAYLOTwCq2GAudfo1J8hBKf/nVRi8ZkqOZpyasu4w85g68Rwfcc1HxcGQvCPm0Rx0wbETqKTeFkmhmvIM4/ns5LtNQ8B/7XmC2qab6J0Hxmxhy8vWEdErJZ8RUrkhk34zRbrAd4QePCB6ZnHHpTNil90cSH3TRUZ6G88KiI0ALc9tLpudzBozBoOnBWaxG+uYv+M9xnEZtucQVjTh5A0VI78Rd1wjuhzkihrIND1hD93GpSC796tYfAgMBAAGjgawwgakwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFBegzcHkQbY6WzvLRZ29HMKY+oZYMB8GA1UdIwQYMBaAFBegzcHkQbY6WzvLRZ29HMKY+oZYMEYGA1UdIAQ/MD0wOwYJYIV0AVkBAwEBMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9yZXBvc2l0b3J5LnN3aXNzc2lnbi5jb20vMA0GCSqGSIb3DQEBBQUAA4ICAQBzxoHgJ9ItD+CVMOKaQX9QLF9fYmGphmppGAx0SdZdhOpBUhhvWK1QViBqxr0oaViR3JERNak6HbwapWCe2B9/RZFp2X67eHLBBg8qzo+FcGGsoM0LuDkpVoQyToa7PcQq2dcfcu7+UaEiQbFxAmMagrBiq15XEh/fy911oMBdeZCMG+BQ5t4x/ph7cF+lkNit+AK2b9Ng3UBLIsU9rTp6nxoaR5F5M7qC3DJpA5ZuH0vwcf7jZ3Kgsb9ci+T6mSLHhLkbjSOXP+0l4M9lu/VhBO/dHrJaQSJaoZ9dLOhbyW2pDAx4qmDGVo8BWgxovGkZecQffpcFv8XpJFFe1NVLU+3ZI1o2A2WjwQOtQTDzRhuFkK9ltdWx5BZbeHUdl3ptWakqj3vew4eJEJlJc3jIPb1RNXQq1fF+aRsquzu9JbiaWj1yYZBmh+4M1k3UEXQLav4LA/yjVVeJ/krLrlsXBcjyjSMxUzjSLWo/grmNCGr3XkF0bsMRfgesKWCRPzjKVxANvTAvx6XmQaDargWHmqCkZWxMCQyJurjTucCTijD6jeWaaxUBTmeq2mJWPoQIZtLENn2nPhD8iODUgOUAvarzTgajemr5YnLjCU/rmw4BI/Gfu3zc3GwRlyWy8rRjFNIGKmeMg/XO6gfYmmoe7OQKuypM6wlgOc7KYtgubgAAAAIADWNhZGlzaWdyb290cjIAAAFwnFfleAAFWC41MDkAAAVtMIIFaTCCA1GgAwIBAgIJAJK4iNuwisFjMA0GCSqGSIb3DQEBCwUAMFIxCzAJBgNVBAYTAlNLMRMwEQYDVQQHEwpCcmF0aXNsYXZhMRMwEQYDVQQKEwpEaXNpZyBhLnMuMRkwFwYDVQQDExBDQSBEaXNpZyBSb290IFIyMB4XDTEyMDcxOTA5MTUzMFoXDTQyMDcxOTA5MTUzMFowUjELMAkGA1UEBhMCU0sxEzARBgNVBAcTCkJyYXRpc2xhdmExEzARBgNVBAoTCkRpc2lnIGEucy4xGTAXBgNVBAMTEENBIERpc2lnIFJvb3QgUjIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCio8QACdaFXS1tFPbCw3OeNcJxVX6B+6tGUODBfEl45qt5WDza/3wcn9iXAng+a0EE6UG9vgMsRfYvZNSrXaNHPWSb6WiaxswbP7q+sos0Ai6YVRn8jG+qX9pMzk0DIaPY0jSTVpbLTAwAFjxfGs3Ix2ymrdMxp7zo5eFm1tL7A7RBZckQrg4FY8aAamkw/dLukO8NJ9+flXP04SXabBbeQTg06ov80egEFGEtQX6sx3dOy1FU+16SGBsEWmjGycT6txOgmLcRK7fWV8x8nhfRyyX+hk4kLlYMeE2eARKmK6cBZW58Yh2EhN/qwGu1pSqVg8NTEQxzHQuyRpDRQjrOQG6Vrf/GlK1ul4SOfW+eioANSW1z4nuSHsPzwfPrLgVv2RvPN3YEyLRa5Beny912H9AZdugsBbPWnDTYltxhh5EF5EQIM8HauQhl1K6yNg3ruji6DOWbnuuNZt2Zz9aJQfYEkoopKW1rOhzndX0CcQ7zwOe9yxndnWCywmZgtrEE7snmhrmaZkCo5xHtgUUDi/ZnWejBBhG93c+AAk9lQHhcR1DIm+YfgXvkRKhbhZri3lrVx/k6RGZL5DJUfORsnLMOPReisjQS1n6yqEm70XooQL6iFh/f5DcfEXP7kAplQ6INfPgGAVUzfbANuPT1rqVCV3w2EYx7XsQDnYx5nQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUtZn4r7CU9eMg1gqtzk5WpC5uQu0wDQYJKoZIhvcNAQELBQADggIBACYGXnDnZTPIgm7ZnBc6G3pmsgH2eDtpXi/q/075KMOYKmFMtCQSin1tERT3nLXK5ryeJ45MGcipvXrA1zYObYVybqjGom32+nNjf7xueQgcnYqfGopTpti72TVVsRHFqQOzVju5hJMiXn7B9hJSi+osZ7z+Nkz1uM/Rs0mSO9MpDpkblvdhuDvEK7Z4bLQjb/D907JedR+Zlais9trhxTF7+9FGs9K8Z7RiVLoJ92Owk6Ka+elSLotgEqv89WBW7xBci8QaQtyDW2QOy7W81k/BfDxujRNt+3vrMNDcTa/F1balTFtxyegxvug4BkihGuLq0t4SOVga/4AOgnXmt8kHbA7v/zjxmHHEt38OFdAlab0inSvtBfZGR6ztwPDUO+Ls7pZbkBNOHlY667DvlruWIxG68kOGdGSVyCh13x01utI3gzhTODY7z2zp+WsO0PsE6E9312UBeIYMej4hYvF/Y3EMyZ9E26gnonW+boE+18DrG5gPcFw0sorMwIUY6256s/daoQe/qUKS82Ail+QUoQebTnbAjn39pCXHR+3/H3OszMOl6W8KjptlwlCFtaOgUxLMVYdh84GuEEZhvUQhuMI9dM9+JDX6HAcOmz0iyu8xL4ysEr3vQCj8KWefshNPZiTEUxnpHikV7+ZtsH8tZ/3zbBt1RqPlShfppNcLAAAAAgANc2VjdXJldHJ1c3RjYQAAAXCcV+V4AAVYLjUwOQAAA7wwggO4MIICoKADAgECAhAM8I5cCBalrUJ/8OsnGFnQMA0GCSqGSIb3DQEBBQUAMEgxCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdTZWN1cmVUcnVzdCBDb3Jwb3JhdGlvbjEXMBUGA1UEAxMOU2VjdXJlVHJ1c3QgQ0EwHhcNMDYxMTA3MTkzMTE4WhcNMjkxMjMxMTk0MDU1WjBIMQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24xFzAVBgNVBAMTDlNlY3VyZVRydXN0IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6SB5ZXN9fYUjsJPytTieJVYnEHhDZlAJBc5kTNm6b7hg69iXInR/CRbYbPgERFBHB1u8Li7+N6ngbqmSMafHb2+jqlBPriU7Ska1I7SAx0D720NZxxX1watysj1/g6vZiVIBJYLXaO6FsMIT9FG+BRc8sheAZlt/YjMhqjBbzFCbFI+aMvzGTTfu4cYVoAmxNDcwG/f3qDCkRagZBFLRLwe9uf6Y95mrHakcaPsNpRoeneksecOL4F64rVyhu+ia4vwD9vTWT+6crxEJJzjc7P3r1cvQiadqXS6AFLyS81TfEcLNoUOZqkIlxY0V8Fm94Dj7XBUx5PgLigVWYe6uwIDAQABo4GdMIGaMBMGCSsGAQQBgjcUAgQGHgQAQwBBMAsGA1UdDwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRCMrYW+gT9/l1LesP990xAHVpDrzA0BgNVHR8ELTArMCmgJ6AlhiNodHRwOi8vY3JsLnNlY3VyZXRydXN0LmNvbS9TVENBLmNybDAQBgkrBgEEAYI3FQEEAwIBADANBgkqhkiG9w0BAQUFAAOCAQEAMO1PSuFYOlJyW7Wmo2UYprtRO3fpnerTn1zgRWV7Dcpb4nBQspQFFK5Jx41BBxJzlH4MIyH9vBB/YBBacvWYDqzsuX/dem9d0xz0/4gFaUKpBXHIt6wm6C60jGr/cdy4sd+ZvHwhVCvkWKK7VymunqmjGSYPmS4IsO/9ac+ZGgmN46efK8k2NHsks3hMlRekBiYetmRSNl9gZ9mcxQV0C+dnI9II/Ijprot/4TD0N379xjLaLZ5EMDBs7gfe0jT80v9A9kv0ZkYGVKbyMgpjJjBrm9Hci0e64bnVYtCioPRnBXgpYxpvBNb4xkyjmrE3tI3lKEsdnizCuGi87QLuMQAAAAIACWFjY3ZyYWl6MQAAAXCcV+V4AAVYLjUwOQAAB9cwggfTMIIFu6ADAgECAghew7emQ3+k4DANBgkqhkiG9w0BAQUFADBCMRIwEAYDVQQDDAlBQ0NWUkFJWjExEDAOBgNVBAsMB1BLSUFDQ1YxDTALBgNVBAoMBEFDQ1YxCzAJBgNVBAYTAkVTMB4XDTExMDUwNTA5MzczN1oXDTMwMTIzMTA5MzczN1owQjESMBAGA1UEAwwJQUNDVlJBSVoxMRAwDgYDVQQLDAdQS0lBQ0NWMQ0wCwYDVQQKDARBQ0NWMQswCQYDVQQGEwJFUzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAJupq79hSpevL5dmmnRf0NmW/c/i5GbvHx9HM8JEo9+a3h+1VN0VfGk1EW+7yAyOahge2I/ZFrwQSDZc8GOzkFpcJDfXo9bLCXG58QFyhLB9202AzfzTb8n42rYOgtJFhagbaKg96PREbL2hwssDvow+EwCE30pIwOMiCujpN6cYTLEJDSNWfwRN2ReEGKXI2kCUc+vODlc8A4E6nQqhV0NprFdteZB45bW0O9i8TI0ooaejp7oCTiXRKq7trgMiuGsgDzAoVJV/4O7OCmad0UAtbiKvnRrBBRnSb8Dyn/h7swJC+1CpHS2TDyOrxsEPkv/QohX1UwlxHP9FE4TmJl744IgcCvwWtqhzBrjwY4QCoMZa7Od033Cuo4Ml6tbHl4eTp8aKijOXYDcQPpc+bikV1qEP0YgsEp9vqqTGQutBouOVQ9MBhW2OuzvzIzbH/jvgoSUHSKvJiXT/CI+Av8CWZfPu7EtovZ2IwzGzQPHoz/Y4u5zk0X/U5VibfPrU8w6bdZHkulIuGX7R9c1aGfy6Bvb7UqhLmQTd+Pm0i1CjTmKJ8Ick+oNCwYf61S0pKlpxemRq1ydgYw3bzkn1jR+QiTIX+HNDuNJak4Zh1uF1Cup5ZnaIT3HrBCXWClp6k+W5SxdAD7G2ufXeT9zgs6w7EXBghEpDbpkgwClxCsBlAgMBAAGjggLLMIICxzB9BggrBgEFBQcBAQRxMG8wTAYIKwYBBQUHMAKGQGh0dHA6Ly93d3cuYWNjdi5lcy9maWxlYWRtaW4vQXJjaGl2b3MvY2VydGlmaWNhZG9zL3JhaXphY2N2MS5jcnQwHwYIKwYBBQUHMAGGE2h0dHA6Ly9vY3NwLmFjY3YuZXMwHQYDVR0OBBYEFNKHtOPfNyeTVfZW6oHlNsyMHj+9MA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAU0oe04983J5NV9lbqgeU2zIweP70wggFzBgNVHSAEggFqMIIBZjCCAWIGBFUdIAAwggFYMIIBIgYIKwYBBQUHAgIwggEUHoIBEABBAHUAdABvAHIAaQBkAGEAZAAgAGQAZQAgAEMAZQByAHQAaQBmAGkAYwBhAGMAaQDzAG4AIABSAGEA7QB6ACAAZABlACAAbABhACAAQQBDAEMAVgAgACgAQQBnAGUAbgBjAGkAYQAgAGQAZQAgAFQAZQBjAG4AbwBsAG8AZwDtAGEAIAB5ACAAQwBlAHIAdABpAGYAaQBjAGEAYwBpAPMAbgAgAEUAbABlAGMAdAByAPMAbgBpAGMAYQAsACAAQwBJAEYAIABRADQANgAwADEAMQA1ADYARQApAC4AIABDAFAAUwAgAGUAbgAgAGgAdAB0AHAAOgAvAC8AdwB3AHcALgBhAGMAYwB2AC4AZQBzMDAGCCsGAQUFBwIBFiRodHRwOi8vd3d3LmFjY3YuZXMvbGVnaXNsYWNpb25fYy5odG0wVQYDVR0fBE4wTDBKoEigRoZEaHR0cDovL3d3dy5hY2N2LmVzL2ZpbGVhZG1pbi9BcmNoaXZvcy9jZXJ0aWZpY2Fkb3MvcmFpemFjY3YxX2Rlci5jcmwwDgYDVR0PAQH/BAQDAgEGMBcGA1UdEQQQMA6BDGFjY3ZAYWNjdi5lczANBgkqhkiG9w0BAQUFAAOCAgEAlzECn+f9Q2dIRBTkKYftTChm0I812k1ht0qXTbXbkOAFLg7GedDyl2kPvQRH2b7btSnam9muqZnV0zwwk/WNoaj8Bo1E9MoWlXwz3GKLqDf4J9gJLRvvyBQnIKlkRP8u1nWqbE1gQBlJQ1Rj2uLMumblT0R6W9lqgStA1X/5ASdYLMjtSJF8P6YAz8QpcxE23oYZPp3uGYob1bDtjj2cKsAN2D1m4zwNvdWUXOLipzUbBAD2P1qN6kO9X4kdqcGwzJniTQAK2sknW+cTkFzk9TOiVW3c4AlNL7EmWyd1AAnEYncpCF+eWay2fq2fVDAiA8EecWT++TgKlhjdAhSsI8sGHB6kfY0N3idB6K3aFbewI90rqNPaJYft6FVETYj0Nn6Emnis9w5WSQ7WMyXWhFBCbCASHSrVvrzycIGkcGC+BbWbngREvmEjrOmlJIwRgJRaoqK5SdLB3NGn7TERLJ4Zpu7hVeHA6s8NhOQXt6J8pd5VJQbuzMCHXEDazJU/VeA1x7iEvrRdzXqDAXLuh+ZfHa61hcYm3+bBmukeAkefKqhtqVvP7EV3f5gnmjJdKuOE7sWYZi+WIB3d2MMn17D5/tl9zdCfjwsUWFGfL4vDOC3e6I/WjYek9VZDFpks9KRWtDS4YTfJwliAG6CXofxZjekR9tEPS1U0RiqLhjsAAAACABxzdGFhdGRlcm5lZGVybGFuZGVucm9vdGNhLWczAAABcJxX5XgABVguNTA5AAAFeDCCBXQwggNcoAMCAQICBACYojkwDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjErMCkGA1UEAwwiU3RhYXQgZGVyIE5lZGVybGFuZGVuIFJvb3QgQ0EgLSBHMzAeFw0xMzExMTQxMTI4NDJaFw0yODExMTMyMzAwMDBaMFoxCzAJBgNVBAYTAk5MMR4wHAYDVQQKDBVTdGFhdCBkZXIgTmVkZXJsYW5kZW4xKzApBgNVBAMMIlN0YWF0IGRlciBOZWRlcmxhbmRlbiBSb290IENBIC0gRzMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC+MqJUD3D7LFxZ62zEpFHohSqzzEo08rBf8w7HHD1THogIaNhvPa3CnsyCZwcnh2hxOp91liJGBbDtrcdbnirenPw6xpWn9RdnGOcvSQgMXM/mzDTtePtQsdxrMvCi/rY85Oxal8c/HnAIMKDcxbNtb9CCchGr0oFoWYIXt3iSYPrM3j+E6404M5AKciP6NcwmcTHRciiS2VsjbWa1bQdC66YzzpLbwPZsY3jNyk49teVSm/G+O+ZUYLBmHgmrB/5UiRFC0fckumB4Gpj3yRH9FsE1GlR170PT5a5Ozud7w8ZOYVFLq5pFS6EfQb1IUxVxZAuGs+Uuvs6kG8EphKK1ywgjdkMiJB8XBNRunMb8fytmGuyK5dbPTfVjCbcVOdZ7rOvjfOlO/HVCyO1YlQwGQqKc9+Rws99yb1o3QInYhaTX8QveQxnUSlgsjIo5nr+Eh/EWOzYM6dO0ymwZQVIJoR2war+C73BRITLcBXaMy/dk5ANQr4yRZ6vF8u5Y2N6+9+cxz2zJO3HB1Yi1ZbzA6BcXBxK1XNKrIJO05oKDcDbFzaONrYvso8FDh+ZD4jS+lYs17Qc52qgdep82nhKwDGUSkBVg2SZARONWYKUQ1Go8/UHcDlpHtu+XYXVP2f7Hsh3U7V1Js6lqy2aEE9VcoNzfbncG0XF1yFdvrw93WwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUVK36x5JXrso1nC4S++S6XSDclFcwDQYJKoZIhvcNAQELBQADggIBADCZnQUyyF4OO5gBOoqk5wf3evjnmt9QQ1OXKj3KPEeYLuEVe/GS82HakCUWZcCfVF0OAztbdwKchLYNmF803TtjwsMogcKcKS4p4sjDAfIz6iqqzAkI92Vnxs3f07Yrp73M0Q5wX7gj0cuRTgr0yHrl2WM2wdTf/CKX92Bd6ikvWLK9WL2Nlk8Qdb9Iez1Rh6E8dCLC/Ad/gNzErP5qwXAwsOmOaeIsaYGUCbrd/k3Ag4yUWMBGIK+cHwL4NVVJL0bUwPCglgIPM8Vx854jfZS3/TrTCYMGIf1gPa4ywNLujabw57SCfArMcMl5gPj+TPc1hBmKMfsK2dd/m/CimmvDBUrtQWAUMNGqEUJu0yMCBAvGZd3dUnfagWuyqPoBOLmW6ipsZ5eJlJ684VTV5Gp470q9K5o9QH7GwHXSbvtoMOzsi535STWaGizZs5U51R6S96a5ZS/lPW06SEwI3OQoEii+fTVc6uAWfhMbatc+1578LXWywRTVIwPbW28LPngvDd4zjRa3SOeDmoEPe8FDTVUEFzhKUdVZool005++HkvXxm23iCRvYJGkgoVbVkG80ESrahO+0SxYtxIzWLI3Y9wT9ZQdP0BR9U/1Ou3IxevCHh0WlXrHfkJxk25LFbcw36rtV4VIrB1q3Tlp5OF5eL7OBb+hDPeAeyFnJzBZAAAAAgAcc3RhYXRkZXJuZWRlcmxhbmRlbnJvb3RjYS1nMgAAAXCcV+V4AAVYLjUwOQAABc4wggXKMIIDsqADAgECAgQAmJaMMA0GCSqGSIb3DQEBCwUAMFoxCzAJBgNVBAYTAk5MMR4wHAYDVQQKDBVTdGFhdCBkZXIgTmVkZXJsYW5kZW4xKzApBgNVBAMMIlN0YWF0IGRlciBOZWRlcmxhbmRlbiBSb290IENBIC0gRzIwHhcNMDgwMzI2MTExODE3WhcNMjAwMzI1MTEwMzEwWjBaMQswCQYDVQQGEwJOTDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFhdCBkZXIgTmVkZXJsYW5kZW4gUm9vdCBDQSAtIEcyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxVnnb3WqPkuctbisngvk+dnKq12PtTkQgtevUeA74QBIas/a4QZDEZmqFCUSrSLoAG1DxKm45R+JS2e9YUjv/dLgYIjluRhgKMN3K62wN6o33mRZKkZX5Eu5+Dd81TbngMG289Rnm5boztfGClPQa0mW86MLBXdI9yXlcKwwFCAl4391WuVI+E57AwcE+oJhh27wO8Skx9D1dD6lXRoI8psl0vasBCY+VTpiKKV7sjCv+DfC0brWOP3070kwN5kmIUiFAanlFufckFXfD+g4zZk3IU9d9SJvasUSFmAXVfJlZqanMJE4wTgdhgSEuholeF6dr8xQYNYTh1LtYx9tZX3CFRh0yuF+ZCmMctgWE30LSUrxKBsgdGvFPd2wqkgJPS6ClM0aZdkriJqZvBh+n+59Znw+vZS4gc7NmDB4wW9n0L5f4Gjt3uKxySxZeJKq3ytgY/LlXrnjyvp/UIY+ojQYDAloKBEc5OG5XD5HujI/GMxbhPXza3TEcnTh44ugSr2NZi/qrTXaINOIgmHwEiK2vNDVpOyvVIglJDynbbFyKT8+V6Z/Va9uJsb+58xAXFFEgQp43krOVb8d1dm3Vu/wdv8LebWvvfupaZFGl2iAFDYds3+7KZg2pSD6gmBiM6Ts1roHp27FzxSm59aSNNiB9fwdXapcHvajTTu49zkCAwEAAaOBlzCBlDAPBgNVHRMBAf8EBTADAQH/MFIGA1UdIARLMEkwRwYEVR0gADA/MD0GCCsGAQUFBwIBFjFodHRwOi8vd3d3LnBraW92ZXJoZWlkLm5sL3BvbGljaWVzL3Jvb3QtcG9saWN5LUcyMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUkWgyhxUdieK18aw2KDSNC3xiiOswDQYJKoZIhvcNAQELBQADggIBAKhBSmcqkoGCUG7h19izOTvzAhUJUFHvLb0ke4iGO/m0vJIJlrn2wKsjYAZ5jBFOUdJ5gDP7nUi+7EFDgR9+R0Ac5XoIyqqLda0UxMLoZjyCB6fmJ4JbGOYPbtlQPopCGCnGtFb8VhCgBRe9DCN/9JPtnBpRvt1FQb+RJLQfjOlfz3shmZ+Vnzk6Rhxs+c17nJDNKKnHqVW7rGI0YjUTSxQ6VYO5ho2Spsb0ByVUzBZXEkqCeMgU2ReCJi1dIB95rv7UcBYWlYPYNTn/Ul11HBbFE1XPR8x1ZVJK3vCwp+QKlgv7rcLiJYSy3eS9fllsm/Dw2OfK8umXOH6Jvsz7ORdhP3LbOpHYZQEZHa1QpFcKfEu8nHFzKkVRGYXMjv1Hp3SVHajRr04XsWkmwqp4V1vFTaflngUXlMqyX6BJGI006SZsSB6qaJIF4YJzWpvcB1sIbX2d140h2fwUIKrCRd8/5wCyUeTC+AW5eRqMNPOeW+Q3W2tK3yxXikBaNrrddUQIN0JwDP7cXiGgo4rAkJxo2lDmRRBHeLZO0mXJwzff4UJjsFc3RS17ipy/BeplVTP3ORDFKCohehuKxCT5PxXImhUg9VVilu1tk1C85Kp4rdnLCmWHpmbBxIGjdzpYHgvug4udHtJSpMwdb7CYbZQxtfhxCty5/H0yYObrr4oBAAAAAgAhZW50cnVzdHJvb3RjZXJ0aWZpY2F0aW9uYXV0aG9yaXR5AAABcJxX5XgABVguNTA5AAAElTCCBJEwggN5oAMCAQICBEVrUFQwDQYJKoZIhvcNAQEFBQAwgbAxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMTkwNwYDVQQLEzB3d3cuZW50cnVzdC5uZXQvQ1BTIGlzIGluY29ycG9yYXRlZCBieSByZWZlcmVuY2UxHzAdBgNVBAsTFihjKSAyMDA2IEVudHJ1c3QsIEluYy4xLTArBgNVBAMTJEVudHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNjExMjcyMDIzNDJaFw0yNjExMjcyMDUzNDJaMIGwMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNRW50cnVzdCwgSW5jLjE5MDcGA1UECxMwd3d3LmVudHJ1c3QubmV0L0NQUyBpcyBpbmNvcnBvcmF0ZWQgYnkgcmVmZXJlbmNlMR8wHQYDVQQLExYoYykgMjAwNiBFbnRydXN0LCBJbmMuMS0wKwYDVQQDEyRFbnRydXN0IFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2lbZDQvrGbSpvSN+UTDlXBe7DeRFBaDbt7P6aAY+hOCj89xBGZi5NHhqxGk7G0cCViLDJ/zGLMwPbt4N7PiCEXu2yViin+OC5QHE3xctHDpcqaMAilWIV20fZ9dAr/4JLya0+3kzbkIBQPwmKhADsMAo9GM37/SpZmiOVFyxFnh9uQ3ltDFyY/kinxSNHXF79bucetPZoRdGGg1uiio2x4ymA/iVxiK2+vI+sUpZLqlGN5BMxGehOTZ/brLNq1bw5VHHKenp/kN19HYDZgbtZJsIR/uaT4veA5GX7NDcOKYBwTa84hi6ef1evnheu6xzLKCFfthzY56IEIvnT2tjLAgMBAAGjgbAwga0wDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wKwYDVR0QBCQwIoAPMjAwNjExMjcyMDIzNDJagQ8yMDI2MTEyNzIwNTM0MlowHwYDVR0jBBgwFoAUaJDkZ6SmU4DHhmak8fdLQ/uEvW0wHQYDVR0OBBYEFGiQ5GekplOAx4ZmpPH3S0P7hL1tMB0GCSqGSIb2fQdBAAQQMA4bCFY3LjE6NC4wAwIEkDANBgkqhkiG9w0BAQUFAAOCAQEAk9QwsNcDICrQ+WPokQwFIKlfGcp7ck7UsdvQlvtUWhksDAj3sryFqJ1/bTtSsyrb59SEjGP2D8smAZFQbPRfFOKTdMATnjA6UOO0YMUc8CJEjXFHrMgayembmgBgE/9wfl8RTUkbsxVSe8lU2r+dla9rmtie6fHkQ43iEUQ6v6+9g0JzUouqu6cpz/VkHApN0byqrJ8q0P9/f9p96rHtMCXBhNo00lt4g1bsnDbDJuIR9mdJHZKrjPvr/3ruhUqnUIDwp1xKlC5fBZk8UkHgzbRjzwFDupyD3I9gO/NatLR7rtoLkDh174EdZtL3V3A2s7/8KK9xJYVbE/4ef1q0PAAAAAIAHGlkZW50cnVzdHB1YmxpY3NlY3RvcnJvb3RjYTEAAAFwnFfleAAFWC41MDkAAAVqMIIFZjCCA06gAwIBAgIQCgFCgAAAAUUjz0Z8AAAAAjANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MSowKAYDVQQDEyFJZGVuVHJ1c3QgUHVibGljIFNlY3RvciBSb290IENBIDEwHhcNMTQwMTE2MTc1MzMyWhcNMzQwMTE2MTc1MzMyWjBNMQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MSowKAYDVQQDEyFJZGVuVHJ1c3QgUHVibGljIFNlY3RvciBSb290IENBIDEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2IpT8pEiv6EdrCvsnduTyP4o7ekosMSqMjbCpwzFrqHd2hCa2rIFCDQjrVVi7evi8ZX3yoG2LqEfpYnYeEe4IFNGyRBb06tD6Hi9e28tzQa68ALBKK0CyrOE7S8ItneShm+waOh7wCLPQ5CQ1B5+ctMlSbdsHyo+1W/CD80/HLaXIrcuVIKQxKFdYWuSNG5qrng0M8gozOSI5Cpcu81N3uURF/YTLNiCBWS2ab21ISGHKTN9T0a9SvESfqy9rg3LvdYDaBjMbXcjaY8ZNzaxmMc3R3j6HEDbhuaR672BQssvKplbgN6+rNBM5Jeg5ZuSYeqoSmJxZZoY+rfGwyj4GD3vwEUs3oERte8uojHH01bWRNszwFcYr3lEXsZdMUD2xlVl8BX0tIdUAvwFnol57plzy9yLxkA2T26pEUWbMfXYD62qoKjgZl3YNa4ph+bz27nb9cCvdKTz4Ch5bQhyLVi9VGxyhLrXHFub4qjySjmm2AcG1hp2JDws4lFTo6tyePSW8Uybt1as5qsVATFSrsrTZ2fjXctscvG29ZV/viDUqZi/u9rNl8DONfJhBaUYPQxxp+pu10GFqzcpL2UyQRqsVWaFHVCkugyhfHMKiq3IXAAaOReyL4jM9f9oZRORicsPfIsbyVtTdX5Vy7W1f90gDW/3FKqD2cyOEEBsB5wIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU43HgntinQtnbcZFrlJPrw6PRFKMwDQYJKoZIhvcNAQELBQADggIBAEf63QqwEZE4rU1d9+UOl1QZgkiHVIyqZJnYWv6IAcVYpZmxI1Qjt2odIFflAWJBF9MJ23XLblSQdf4an4EKwt3X9wnQW3IV5B4Jaj0z8yGa5hV+rVHVDRDtfULAj+7AmgjVQdZcDiFpboBhDhXAuM/FSRJSzL46zNQuOAXeNf0fb7iAaJg9TaDKQGXSc3z1i9kKlT/YPyNtGtEqJBnZhbMX73huqVjRI9PHE+1yJX9dsXNw0H8GlwmEKYBhHfpe/3OsoOOJuBxxFcbeMX8S3OFtm6/n6J91eEyrRjuazr8FGF1NFTwWmhlQBJqymm9li1JfPFgEKCXAZmExfrngdbkaqIHWchezxQMxNRF4eKLg6TCMf4DfWN88uieW4oA0beOY02QnrEh+KHdcxiVhJfiFDGX6xDIvpZgF5PgLZxYWxoK4Mhn5+bl53B/N66+rDt0b20XkeucC4pVd/GnwU2lhlXV5C15V5jgclKlZM57IcXR5f1GJtshquDDIajjDbp7hNxbqBWJMWxJH7ae0s1hWx0nzfxJoCTFx8G34Tkf71oXuxVhAGaQdp/lLQzfcaFpPz+vCZHTetBXZ9FRUGi8c15dxVJCO2SCdUyt/q4/i6jC8UDfv8Ue1fXwsBOxonbRJRBD0ckscZOf85muQ3Wl9af0AVqW3rLatt8o+Ae+cAAAAAgAkZW50cnVzdC5uZXRwcmVtaXVtMjA0OHNlY3VyZXNlcnZlcmNhAAABcJxX5XgABVguNTA5AAAELjCCBCowggMSoAMCAQICBDhj3vgwDQYJKoZIhvcNAQEFBQAwgbQxFDASBgNVBAoTC0VudHJ1c3QubmV0MUAwPgYDVQQLFDd3d3cuZW50cnVzdC5uZXQvQ1BTXzIwNDggaW5jb3JwLiBieSByZWYuIChsaW1pdHMgbGlhYi4pMSUwIwYDVQQLExwoYykgMTk5OSBFbnRydXN0Lm5ldCBMaW1pdGVkMTMwMQYDVQQDEypFbnRydXN0Lm5ldCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAoMjA0OCkwHhcNOTkxMjI0MTc1MDUxWhcNMjkwNzI0MTQxNTEyWjCBtDEUMBIGA1UEChMLRW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBpbmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAxOTk5IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ICgyMDQ4KTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK1NS6kShrLqoyAHFRZkKitL0b8LSk2O7YB2pWe3eEDAc0LIaMDbUyvdXrh2mDWTixqdfBM6Dh9btx7P5SQUHrGBqY19uMxrSwPxAgzcq6VAJAB/dJShnQgps4gL9Yd3nVXN5MN+12pkq4UUhpVblzJQbz3IumYM4/y9uEnBdolJGf3AqL2Jo2cvxp+8cRlguC3pLMmQdmZ7lOKveNZlU1081pyyzykD+S+kULLUSM4FMlWK/bJkTA7kmAd123/fuQhVYIUwKfl7SKRphuM1Px6GXXp6Fb3vAI4VIlQXAJAmk7wOSWiRv/hH052VQsEOTd9vJs/DGCFiZkNw1tXAB+ECAwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFFXkgdERgL7YibkIozH5oSQJFrlwMA0GCSqGSIb3DQEBBQUAA4IBAQA7m49WmzDnU5l8enmnTZfXGZWQ+wYfyjN8RmOPlmYk+kAbISfK5nJz8k/+MZn9yAxMaFPGgIITmPq2rdpdPfHObvYVEZSCDO4/la8Rqw/XL94fA49XLB7Ju5oaRJXrGE+mH819VxAvmwQJWoS1btgdOuHWntFseV55HBTF49BMkztlPO3fPb6m5ZUaw7UZw71eW7v/I+9oGcsSkydcAy1vMNAethqs3lr30aqoJ6b+eYHEeZkzV7oSsKngQmyTylbe/m2ECwiLfo3q15ghxvPnPHkvXpzRTBWN4ewiN8yaQwuX3ICQjbNnm29ICBVWz7/xK3xemnbpWZDFfIM1EWVRAAAAAgAOc2VjdXJlZ2xvYmFsY2EAAAFwnFfleAAFWC41MDkAAAPAMIIDvDCCAqSgAwIBAgIQB1YipOjUiolN9BPI8PjqpTANBgkqhkiG9w0BAQUFADBKMQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24xGTAXBgNVBAMTEFNlY3VyZSBHbG9iYWwgQ0EwHhcNMDYxMTA3MTk0MjI4WhcNMjkxMjMxMTk1MjA2WjBKMQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24xGTAXBgNVBAMTEFNlY3VyZSBHbG9iYWwgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvNS7YrGxVaQZx5RNoJLNP2MwhR/jxYDiJiQPpvepeRlMJ3Fz1Wuj3RSoC6zFh1ykzTM7HfAo3fg+6MpjhHZevj8fcyTiW89sa/FHtaMbQbqR8JNGuQsiWUGMu4P51/pinX0kuleM5M2SOHqRfkNJnPLLZ/kG5VacJjnIFHovdRIWCQtBJwB1g8NEXLJXr9qXBkqPFwqcIYA1gBBCWeZ4WNOaptvolRTnIHmX5k/Wq8VLcmZg9pYYaDDUz+kulBAYVHDGA76oYa8J719rO+TMg1fW9ajMtgQT7sFzUnKPiXB3jqUJ1XnvUd+85VLrJChgbEplJL4hL/VBi0XPnj3pDAgMBAAGjgZ0wgZowEwYJKwYBBAGCNxQCBAYeBABDAEEwCwYDVR0PBAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFK9EBMJBfkiD2045AuzshHrmzsmkMDQGA1UdHwQtMCswKaAnoCWGI2h0dHA6Ly9jcmwuc2VjdXJldHJ1c3QuY29tL1NHQ0EuY3JsMBAGCSsGAQQBgjcVAQQDAgEAMA0GCSqGSIb3DQEBBQUAA4IBAQBjGghAfaReUw132HquHw0LURYD7xh8yOOvaliTFGCRsoTciE6+OYo68+aCiV0BN7OrJKQVDpI1WkpEXk5X+nXOH0jOZvQ8QCaSmGwb7iRGDBezUqXbpZGRzzfTb+cnCDpOGR86p1hcF895P4vkp9MmI50mD1hp/Ed+stCNi5O/KU9DaXR2Z0vPB4zmAve14bRDtUstFJ/53CYNv6ZHdAbYiNE6KTCEztI5gGIbqMdXSbxqVVFnFUq+NQfk1XWYN3kwFNspnWzFacxHVaIw98xcf8LDmBxrThaA63p4ZUWiABqvDA1VZDRIuJK58bRQKfJPIx/abKwfROHdI3hRW8cWAAAAAgAgbmV0bG9ja2FyYW55KGNsYXNzZ29sZClmdGFuc3R2bnkAAAFwnFfleAAFWC41MDkAAAQZMIIEFTCCAv2gAwIBAgIGSUEs5AAQMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3MDUGA1UECwwuVGFuw7pzw610dsOhbnlraWFkw7NrIChDZXJ0aWZpY2F0aW9uIFNlcnZpY2VzKTE1MDMGA1UEAwwsTmV0TG9jayBBcmFueSAoQ2xhc3MgR29sZCkgRsWRdGFuw7pzw610dsOhbnkwHhcNMDgxMjExMTUwODIxWhcNMjgxMjA2MTUwODIxWjCBpzELMAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRUwEwYDVQQKDAxOZXRMb2NrIEtmdC4xNzA1BgNVBAsMLlRhbsO6c8OtdHbDoW55a2lhZMOzayAoQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcykxNTAzBgNVBAMMLE5ldExvY2sgQXJhbnkgKENsYXNzIEdvbGQpIEbFkXRhbsO6c8OtdHbDoW55MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCRec75LbRTDofTjl5Bu0jBFHjzuZ9lk4BqKf8owyoPjIMHj9DrTlF8afFttvzBPhCf2nx9JvMaZCpDyD/V/Q4Q3Y1GLeqVw/HpYzY6b7cNGbIRwXdrzAZAj/E4wqX7hJ2Pn7WQ8oLjJM2P+FpD/sLj916jAwJRDC7bVWaaeVtAkH3B5r9s5VA1lddkVQZQBr17s9o3x/61k/iCa11zr/qYfCGSji3ZVrR47KGAuhyXoqq8fxmRGILdwfzzeSNuWU7c5d+Qa4scWhHaXWy+7GRWF+GmF9ZmnqfI0p6m2pgP8b4Y9VHx2BJtr+UBdADTHLpl1neWIA6pN+APSQnbAGwIDAKiLo0UwQzASBgNVHRMBAf8ECDAGAQH/AgEEMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUzPpnk/C2uNClwB7zU/2MU9+D15YwDQYJKoZIhvcNAQELBQADggEBAKt/7hwWqZw8UQCgwBEIBaeZ5m8BiFRhbvG5GK1Krf6BQCOUL/t1fC8oS2IkgYIL9WHxHG64YTjrgfpioTtaYtOUZcTh5m2C+C8lcLIhJsFyUR+MLMOEkMNaj7rP9KdlpeuY0fsFskZ1FSNqb4VjMIDw1Z4fKRzCbLBQWV2QWzuoDTDPv31/zvGdg73JRm4gpvlhUbohL3u+pRVjodSVh/GeufOJ8z2FuLjbvrW5KfnaNwUASZQDhETnv0Mxz3WLJdH0pmT1kvarBes96aULNmLazAZfNou2XjG4Kvte9nHfRCaexOYNkbQudZWAUWpLMKawYqGT8ZvYzsRjdT9ZR7EAAAACABtlZWNlcnRpZmljYXRpb25jZW50cmVyb290Y2EAAAFwnFfleAAFWC41MDkAAAQHMIIEAzCCAuugAwIBAgIQVID5oHPtPwBMyonY43HmSjANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQGEwJFRTEiMCAGA1UECgwZQVMgU2VydGlmaXRzZWVyaW1pc2tlc2t1czEoMCYGA1UEAwwfRUUgQ2VydGlmaWNhdGlvbiBDZW50cmUgUm9vdCBDQTEYMBYGCSqGSIb3DQEJARYJcGtpQHNrLmVlMCIYDzIwMTAxMDMwMTAxMDMwWhgPMjAzMDEyMTcyMzU5NTlaMHUxCzAJBgNVBAYTAkVFMSIwIAYDVQQKDBlBUyBTZXJ0aWZpdHNlZXJpbWlza2Vza3VzMSgwJgYDVQQDDB9FRSBDZXJ0aWZpY2F0aW9uIENlbnRyZSBSb290IENBMRgwFgYJKoZIhvcNAQkBFglwa2lAc2suZWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIIMDs4MVLqwd4lfNE7vsLDP90jmG7sWLqI9iroWUyeuuOF0+W2Ap7kaJjbMeMTC55v6kF/GlclY1i+blw7cNRfdCT5mzrMEvhvH2/UpvObntl8jixwKIy72KyaOBhU8E2lf/slLo2rpwcpzIP5Xy0xm90/XsY6KxX7QYgSzIwWFv9zajmofxwvI6Sc9uXp3whrj3B9UiHbCe9nyV0gVWw93X2PaRka9ZP585ArQ/dMtO8ihJTmMmJ+xAdTX7Nfh9WDSFwhfYggx/2uh8Ej+p3iDXE/+pOoYtNP2MbRMNE1CV2yreN1x5KZmTNXMWcg+HCCIia7E6j8T4cLNlsHaFLAgMBAAGjgYowgYcwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFBLyWj7qVhy/zQas8fElyalL1BSZMEUGA1UdJQQ+MDwGCCsGAQUFBwMCBggrBgEFBQcDAQYIKwYBBQUHAwMGCCsGAQUFBwMEBggrBgEFBQcDCAYIKwYBBQUHAwkwDQYJKoZIhvcNAQEFBQADggEBAHv25MANqhlHt01Xo/6tu7Fq1Q+e2+RjxY6hUFaTlrg4wCQiZrxTFGGVv9DHKpY5P30osxBAIWrEr7BSdxjhlthWXePdNl4dp1BUoMUq5KqMlIpPnTX/dqQGE5Gion0ARD9V04I8GtVbvFZMIi5GQ4okQC3zErg7cBqklrkar4dBGmoYDQZPxz5uuSlNDUmJEYcyW+ZLBMjkXOZ0c5RdFpgTlf7727FE5TpwrDdr5rMzcijJs1eg9gIWiAYLtqZLICjU3j2LrTcFU3T+bsy8QxdxXvnFzBqpYe73dgzzcvRyrc9yAjYHR8/vGVCJYMzpJJUPwssd8m92kMfMdcGWxZ0AAAACABN0ZWxpYXNvbmVyYXJvb3RjYXYxAAABcJxX5XgABVguNTA5AAAFPDCCBTgwggMgoAMCAQICEQCVvhag9y5G8Xs5gnL6i82WMA0GCSqGSIb3DQEBBQUAMDcxFDASBgNVBAoMC1RlbGlhU29uZXJhMR8wHQYDVQQDDBZUZWxpYVNvbmVyYSBSb290IENBIHYxMB4XDTA3MTAxODEyMDA1MFoXDTMyMTAxODEyMDA1MFowNzEUMBIGA1UECgwLVGVsaWFTb25lcmExHzAdBgNVBAMMFlRlbGlhU29uZXJhIFJvb3QgQ0EgdjEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDCvusn8CGj82kmVX6dxVUWkVz97yG/U4B6LdKRjGMx8Owk8MOl0nJ8EG30N7fl5nx56oy1gouuSLasANxldewqTV/Bh/UgZSuBqEc+iSOVMBaQf+hXB0jnGa6/RWexNxsGKv7e+ax9g/teuuSPl2e+S46NZAdXOFVpNDY9E0jvT+LTZh6kzxq3XjYz1LQGvRgB/XeEUABF9Yxd6CO8fv414e1Qe6kwjRnTCY5oZ12/PJcYU7spYsXKXnLBx5bU2y2gtB9pA+zq4lDxDDzwrPNTLfAc9e1sOTlzgBbIUrAjzeA+3N08R6C7NYrimGiLvuW/cu7S+qXtEu38mBipJnbcKEsQIBzTfxZ3Le1vgPdJu1MFu11ox9TIdRY/iVqL9xdH1Ezx0ol5Pk09mKhh3joe0vheA+DByRyM041N05U2szdfY2ObMxTwLSZrU3yJjDLCbuw9IQA5yaFo4lCDLrA6K/M2oKwv5G9hwlEJOT6LU7m7Z9rcU7l2WTadQ+Ug4D0yYIUiUbfHM7vdFS+keKYHe4FGNgSG3Xk1x5UsO7CjFzXlcx+0XFnv2uoQZXt60H+fs7QqNztwi5tbuSu37LJREpdTKVrU8BIQ3E8CuxKSL2LUP2lDfA3W/Fh1AYidWBZL3rqQ/0cBiQZq9l+ykGqzAqYCiL+zR34q2dX6aHg1TQIDAQABoz8wPTAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQU8I9ZOACz9Y+algzV6/p7qhfoExIwDQYJKoZIhvcNAQEFBQADggIBAL7kXGJOJPQMCP/w0wxo5JNJIj9EJ2+7bd6DZs6ozA389ZoG5XcUkeudQXuZKoTl//whwV3w5B9Xt3WpoV8CJv/Xx/dO3k/49xxGwHpPQCwiNfAZsdBrZyywqODAQDc19oRcXOOvQnj+p8kNUOoNhHb2Ue+DU8Z6/w5WSS6PetYM5idU400KYHJizZEH1qW/yJlr7cQZ5qtMETjFbzHibknIP3aAJgMmKeA29vYgU+MXcDQXnWNoHmvsw02GuBMwL11GDUdD1RuqWQ65XI0GSK10h1/H/DFUQRPixyEOnuAeDeHAe0OFkMWKWMZlCnhX8sYjDwHZIEveD/uShXUqXHONbXslkcruRa4GSwDM07FZUNo6iDspQ0ZelytUzlNvjUrnlvq/cQ5Ci3z9KKDQSMraxIFMu6JzkybI6wzWJoi2wCTPu71b63V96QiOhjMseXcJaaWJ/LNwkId2j9Miu0LOvXMLICYq0Js9cB4kbM2HdqkXlrfPDZL7jhipmEnRnv5gRHIhuRntwvUx8TlIiJAkdVQWrc70+GkUZDn7o7i6cEDHJxy/xFZT+mNl0PMcDhb1a4ZYTRjU5A2OpZ1bkdx2JFA/xir72bectdbm0NnoGYsVcUitt+rYWYjUkL8Ws9nprFlhVMgcusrByuG5IEyPOpOJpaDMv9P2daR1lm1WAAAAAgA0YXV0b3JpZGFkZGVjZXJ0aWZpY2FjaW9uZmlybWFwcm9mZXNpb25hbGNpZmE2MjYzNDA2OAAAAXCcV+V4AAVYLjUwOQAABhgwggYUMIID/KADAgECAghT7Dvu+7JIXzANBgkqhkiG9w0BAQUFADBRMQswCQYDVQQGEwJFUzFCMEAGA1UEAww5QXV0b3JpZGFkIGRlIENlcnRpZmljYWNpb24gRmlybWFwcm9mZXNpb25hbCBDSUYgQTYyNjM0MDY4MB4XDTA5MDUyMDA4MzgxNVoXDTMwMTIzMTA4MzgxNVowUTELMAkGA1UEBhMCRVMxQjBABgNVBAMMOUF1dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIEZpcm1hcHJvZmVzaW9uYWwgQ0lGIEE2MjYzNDA2ODCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMqWa47q+PvxojXgf0za4MNS1322EMgCXrNDKsRParLKHF0omngRGmlZV6+1IELkiw/m31umA5Iv9RHkYtcycTjZBAxxqz1Rfg8H32MFXOm/lG/BKYLAtNpRsME8u603SlzK8Us2DiSrv8OEd/2oUPSx58Yv0i1ZjXoKTpZpUgKqNpjs/PoUgww3H8mSN3/XgS3lxLngPjT+Z/Q+ZtHT9EDPXmI0D3AGPiAYWs73chslbJN0FJOjc7EOqocQI1lfIAUZR+1ojpISyl381iuykjwgz+FfryC+oHZ/duXsGoZhMz7ne7Q/oA+Oorlqb7mHJm9BbIimUP1qYwv1kxYbGY+y7ZubyZD1AQzfGT0PPjgjyS+PDNEC/htV1k7QjTyvT6Tz/q8q0wWdeQihy1cxtJzIkLJn9BgWkzr8R9jReJYxH7orDF9dma1jiVokIHbY3/2rTqYiqp1e5ieKfWgpo+eKuNoRuxctmZ0TJEb3xeLYn45/x490bVqy6HL1rO4kEK0vFNr/LZpGcUe+Qt+7Adv0f9MojzFZW9PJAqa0Uspul/tDxQgmb4r0u/2fKKoN1UXzEzod2MB4j0FnPB6UZK57C8Xo2QGIORqXhmRB1TuHDG76D8a9SBS/OU3UnkG2j5YdY5aT2ZUGeDFonjcGO4CJRWE5I8cbRKMV5Rz4kjC7AgMBAAGjge8wgewwEgYDVR0TAQH/BAgwBgEB/wIBATAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFGXN66s1HgA+ftV0wBy0c0cOGmQvMIGmBgNVHSAEgZ4wgZswgZgGBFUdIAAwgY8wLwYIKwYBBQUHAgEWI2h0dHA6Ly93d3cuZmlybWFwcm9mZXNpb25hbC5jb20vY3BzMFwGCCsGAQUFBwICMFAeTgBQAGEAcwBlAG8AIABkAGUAIABsAGEAIABCAG8AbgBhAG4AbwB2AGEAIAA0ADcAIABCAGEAcgBjAGUAbABvAG4AYQAgADAAOAAwADEANzANBgkqhkiG9w0BAQUFAAOCAgEAF32g+bTdxcXrrUsktaECq92liEqyD1VLK1eMO+Ux3f7EMvHnW2SWNjIY7KUyd9fjRLbAESqAuT1qbnyb0638w9aj5mQpfNHhOB6CK/8nZa/7FhXELnGE5bX/+qRHvWQyu/YlhKInQvUgsMITEBHNEBW6QpAq0kThlibrMUgS/SrayQbPdB6pS9WHKPl5NJI+LkTo9o9PjzU/JbM53GMqkGsgX8RSEk6XLCqsnZfeSPKjZtvC0oOVpmanniUP6QszkWUKWsPZVBLdr8NODh8mXg3cs43s1YFw3tJPJAXzbE71TElmjdH/0gslQUj+UYTGQq+ABM/QfmRJ5PLfouyxTMAqHee0sWWixLzxmPSqcAdjtLjaO0z6QCIwWxGm8AUOxgIDSKuGm4Xd293qonaAc331nATERY3nuRyLnurXddFysd51ROdCfeJXa33cmbw9gyjqgJONxUxlwXCBuDj8QzGy9gM0R7Ks+yIGyx7dF0ccX2a50xqi2hGxpLwjyeS+h/+5lLb4XSBK1F/nvWh7ZfIVHtI6qS3p2GskrJdYREetWRjxIWVw3s40YKhA8fM8pMMoI4z+JzNDQKAXPOvqO7BypqO5SkteFkj0srzIjJLFnZ+scja8NIA0a6mLksC4F+3sdlP1JAGMsyLoS3xVxp36oxS7ZYVubk8Sfgo8nZUAAAACAA5hY3JhaXpmbm10LXJjbQAAAXCcV+V4AAVYLjUwOQAABYcwggWDMIIDa6ADAgECAg9dk40wZzbIBh0ax1SEaQcwDQYJKoZIhvcNAQELBQAwOzELMAkGA1UEBhMCRVMxETAPBgNVBAoMCEZOTVQtUkNNMRkwFwYDVQQLDBBBQyBSQUlaIEZOTVQtUkNNMB4XDTA4MTAyOTE1NTk1NloXDTMwMDEwMTAwMDAwMFowOzELMAkGA1UEBhMCRVMxETAPBgNVBAoMCEZOTVQtUkNNMRkwFwYDVQQLDBBBQyBSQUlaIEZOTVQtUkNNMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAunGAekyGbn/IE23Axn0cAJePLAwjuxCaQKkat4eI+JtWavvme46Lko6nJV1ZEds2LrdRFx+pCB8EFyRYqjdKGN/lOdRX/dfBLJEBkeIi1APAWPx3R+yPPnRDuqw0jU04dmeOsMhvMDNYcVy09Wtu1AFQuBN+bEqjSdEgGe68wCkYZafe/u/dCpAh5xpnkkIQmF9PMLw+HEW0ENdoQBTAQPrndxd65guPZVs82ZpS27W9nkbPPeuRBQLAlrJ2TE0QljuS+px/D5nfviM1RR4CXP61qJuZJdpe8yLDOfXkKi7Txh/EbKrFHGoBBUov0sXBqDQmXWal0gIh+Ri3BvVOmW+oq0xR6M9QGMV3yDkJLEmSMpmouxcXebBaxeajxFllRzWDXqnoNQuZu+TNIMabSgY5tWj8IrruVYwrTurzseP8tpma1UL6cU0Iz4ceanF9+dO06aVxgXvCTkeWpfZ2haMoj+mAboFTpW1fuEj5wvk2pi5J/7iWwowHs5uIWPzrGxzeLXDil5IwoYnjvFWoJ9ZL7ZCti/pjJVktqDXdypczvOXNx53R7O9eDkqQBiZjrbnZNS0HunZlLKxXj330B5TXgQKWXaMHSdV60Ff5G+dTRnWqsHlCy2hxCOlgvTlpzvSvw1ZAx61Sognkb4ZHih/rKCddgyCvBMlsVpqLRvUCAwEAAaOBgzCBgDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQU933F/cTomht3ZKf1HaDMv4dgmm0wPgYDVR0gBDcwNTAzBgRVHSAAMCswKQYIKwYBBQUHAgEWHWh0dHA6Ly93d3cuY2VydC5mbm10LmVzL2RwY3MvMA0GCSqGSIb3DQEBCwUAA4ICAQAHkErf8yNO8MOcUWWbnCKiigyF83Mpa03+AeKpDGMBvwRnpZ2YX/0BE/rsmmLphv62YtJuTJT7wHVFfGUM+LI3z6wPz41v+Rn3j+we8nCe8Mq477f/djd2W/ZuiPOvYjIikw06ao4UZgwtU3RXZR7Vst0jgTulZiMnZwmP4XeqQ81lUQjtUVj+5jn5y0eEpBXxdruk7qQ7xF/vsjOWERi3yWW+GOGjpNz6GPnTvBObOXo0utNB+/oyiiq3K4YLaYM4vs2KLgtwrY0mku4e9QErCtnWl5tu4KgZHDohiwweQK0D591mfvW5IA0D6Jb5gkXUOeCgAF3XmOZ9nmdzw5oq96uLoToU7zS8Ug6JmJoEQIQdfkVpk1fO6874UHxPHG4EQ5v51jsjGOnqjtFNRo3xO+Rqyrr7I7eb+pkBKVpYWi3j+dRtDiatwW40vDL4DAX6ZaPbOzeDIunW3HIz/V3yIL12PCPaKPf5G+tZZNXcX3J+IPzNibWQZ01iej9OrR3DOf569CgW30H2SIAF1w9ReawQq9TsA2bmarC6MZJCQGq+OtNy4Wo3VbysHZW3aWHyQ5F05qDTCiRGoQiv1tpFGZbUUx1bhHnwwPdH74uPxQaunUxinf9GBPjTybYQJUB1/haqyUpghi+67zB35FTiuISZWICqE4tROk9I9ou2swAAAAIAE2dkY2F0cnVzdGF1dGhyNXJvb3QAAAFwnFfleAAFWC41MDkAAAWMMIIFiDCCA3CgAwIBAgIIfQmX/vBH6nowDQYJKoZIhvcNAQELBQAwYjELMAkGA1UEBhMCQ04xMjAwBgNVBAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZIENPLixMVEQuMR8wHQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMB4XDTE0MTEyNjA1MTMxNVoXDTQwMTIzMTE1NTk1OVowYjELMAkGA1UEBhMCQ04xMjAwBgNVBAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZIENPLixMVEQuMR8wHQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2aMW8Mh0dHeb7zMNOwZ+Vfy1YI92hhJCfVZmPoiC7XJjDp6L3TQsAlFRwxn9WVSEyfFrs0yw6ehGXTjGoqcuEVe6ghWinI9tsJlKCvLriXBjTnnEt1u9ol2x8kECK62pOqPseQrsXzrj/e+APK00mxqriCZ7VqKChh/rNYmDf1+uKU49tm7srsHwJ5uu4/Ts765/94Y9cnrrpftZTqfrlYwiOXnhLQiPzLyRuEH3FMEjqcOtmkVEs7LXLM3GKeJQEK5cy4KOFxg2fZfmiJqwTTQJ9Cy5WmYqsBebnh52nUpmMUHfP/vFBu8btn4aRjb3ZGM74zkYI+dndRTVdVeSN72+ahsmUPI2JgaQxXABZG12ZuGR224HwGGALrIuL4xwp9E7PLOR5G62xDtw8mySlwnNR30YwPO7ng/Wi64HtloPzgsMR6flPri9fcebNaBhlzpBdRfMK5Z3KpIhHtmVdiBnaM8Nvd/WHwlqmuLMc3GkL30SgLdTMEZeS1SZD2fJpcjyIMGC7J0R38IC+xo70e0gmu9lZJIQDSri3nDxGGeCjGHeuLzRL5z7D9Ar7Rt2ueQ5Vfj4oR24qoAATILnsn8JuLwwoC8N9VKejveSswoAHQBUlwbgsQfZxw9cZX08bVlX5O2ljelAU58VS6Bx9hoh49pwBiFYFIeFd3mqgnkCAwEAAaNCMEAwHQYDVR0OBBYEFOLJQJ9NzuiaoXzPDj9lxSmIahlRMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQDRSVfgp8xoWLoBDysZzY2wYUWsEe1jUGn4H3++Fo/9nesLqjJHdtJnJO29fDMylyrHBYZmDRd9FBUb1Ov9H5r2XpdptxolpAqzkT9fNqyL7FeoPueBihhXOYV0GkLH6VsTX4/5COmSdI31R9KrO9b7eGZONn356ZLpBN79SWP8bfsUcZNnL0dKt7n/HipzcEYwv1ryL3ml4Y0M2fmyYzeMN2WFcGpcWwlyua1jPLHd+PwyvzeG5LuOmCd+uh8W4XAR8gPfJWIyJyYYMoSf/wA6E7qaTfRPuBRwIrHKK5DOKcFw9C+df/KQHtZa37dG/OaG+svgIHZ6uqbL9XzeYqWxi+7egmaKTjowHz+Ay60nugxe19CxVsp3cbK1daFQqUBDF8Io2c9Si1vIY9RCPqAzekYu9wogRlR+ak8x8YF+QnQ4ZXMn7sZ8uI7XpTrXmKGcjBBV09tL7ECQ8s1uV9JiDnxXk7Gnbc2dg7sq5+W2O3FYrf3RRbxake5TFW/TRQl1brqQXR4EzzffHqhmsYzmIGrv/EhOdJhCrylvLmrH+33RZjEizIYAfmaDDEL0vTSSwxrqT8p+ck0LcIymSLumoRT2+1hEmRSuqguTaaApJUqlyyvdimYHFngVV3Eb7PVHhPOeMTd61X8kreS8/f3MboPoDKi3QWwH3b08hpcv0gAAAAIACml6ZW5wZS5jb20AAAFwnFfleAAFWC41MDkAAAX1MIIF8TCCA9mgAwIBAgIQALC3WhZIX7/hy/WL1xnmfTANBgkqhkiG9w0BAQsFADA4MQswCQYDVQQGEwJFUzEUMBIGA1UECgwLSVpFTlBFIFMuQS4xEzARBgNVBAMMCkl6ZW5wZS5jb20wHhcNMDcxMjEzMTMwODI4WhcNMzcxMjEzMDgyNzI1WjA4MQswCQYDVQQGEwJFUzEUMBIGA1UECgwLSVpFTlBFIFMuQS4xEzARBgNVBAMMCkl6ZW5wZS5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDJ03rKDx6sp4boFmVqscIbRTJxldn+EFvMr+eleQGPicPK8lVx93e+d5TzcqQsRNiekpsUOqHnJJAKClaOxdgmlOHZSOEtPtoKct2jmRXagaKH9HtuJneJWK3W6wyyQXpzbm3benhB6QiIEn6HLmYRY2xU+zydcsC8Lv/Ct90NduM61/e0aL6i9eOBbsFGb12N4E3GVFWJGjMxCrFXuaOKmMPsOzTFlUFpfnXCPCDFYbpRR6AgkJOhkEvzTnyFRVSa0QUmQbC1TR0zvsQDyCV8wXDbO/QJLVQnSKwv4cSsPsjLkkxTOTcj7NMB+eAJRE1NZMDhDVqHIrytG6P+JrUV86f8hBnp7KGItERphIPzidF0BqnMC9bC3ieFUCbKF7jJeodWLBoBHmy+E60QrLUk9TiRodZL2vG70t5HtfG8gfZZa88ZU+mNFctKy6lvROUbQc/hhqfK0GqfvEyNBjNaooXlkDWgYlwWTvDjovoDGrQscbNYLN57C9saD+veIR8GdwYDsMnvmfzAuU8Lhij+0rnq49qlw0dpEuDb8PYZi+17cNcC1u2HGCgsBCRMd+RIihrGO5rUD8r6ddIBQFqNeb+Lz0vPqhbBleStTIo+F5HUsWLlguWABKQDfo2/2n+iD5dPDNMN+9fR5XJ+HMh3/1uaD7euBUbl8agW7EekFwIDAQABo4H2MIHzMIGwBgNVHREEgagwgaWBD2luZm9AaXplbnBlLmNvbaSBkTCBjjFHMEUGA1UECgw+SVpFTlBFIFMuQS4gLSBDSUYgQTAxMzM3MjYwLVJNZXJjLlZpdG9yaWEtR2FzdGVpeiBUMTA1NSBGNjIgUzgxQzBBBgNVBAkMOkF2ZGEgZGVsIE1lZGl0ZXJyYW5lbyBFdG9yYmlkZWEgMTQgLSAwMTAxMCBWaXRvcmlhLUdhc3RlaXowDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFB0cZQ6o8iV7tJHP5LGx5r1VdGwFMA0GCSqGSIb3DQEBCwUAA4ICAQB4pgwWSp9MiDrAyw6lFn2fuUhfGI8NYjb2zRlrrKvV9pF9rnHzP7MOeIWblaQnIUdCSnxIOvVFfLMMjlF4rJUT3sb9fbgakEyrkgPH7UIBzg/YsfqikuFgba56awmqxinuaElnMIAkejEWOVt+8Rwu3WwJrfIxwYJOubv5vr8qhT/AQKM6WfxZSzwoJNu0FXWuDYi6LnPAvViH5ULy617uHjAimcs30cQhbIHsvm0m5hzkQiCeR7Csg1lwLDXWrzY0tM07+DKo7+N4ifuNRSzanLh+QBxh5z6ikixL8s36mLYp//Pye6kfLqCTVyvehQP5aTfLnnhqBbTFMXiJ7HqnheG5ezzevh55hM6fcA5ZwjUukCox2eRFekGkLhObNA5me0mrZJfQRsN5nXJQY6aYWwa9SG3YOYNw6DXwBdGqvOPbyALqfP2C2sJbUjWumDqtujWTI6cfSN01RpiyEGjkpTHCClguGYEQyVB1/OpaFs4R1+7vUIgtYf8/QnMFlEPVjjxOAToZpR9GTnfQXeWBIiGH/pR9hNiTrdZoQ0iy2+tzJOeRf1SktoA+naM8THLCV8Sg1Mw4J87VBp6iSNnpn86CcDaTmjvfliHjWbcM2pE38P1ZWrOZyGlsQyYBNWNgVYkDOnXYukrZVP/u3oDYLdE41V4tC5h9Pmzb/CaIxwAAAAIAGm9pc3Rld2lzZWtleWdsb2JhbHJvb3RnY2NhAAABcJxX5XgABVguNTA5AAACbTCCAmkwggHvoAMCAQICECEqVgyu2gyrQEW/K6ItOuowCgYIKoZIzj0EAwMwbTELMAkGA1UEBhMCQ0gxEDAOBgNVBAoTB1dJU2VLZXkxIjAgBgNVBAsTGU9JU1RFIEZvdW5kYXRpb24gRW5kb3JzZWQxKDAmBgNVBAMTH09JU1RFIFdJU2VLZXkgR2xvYmFsIFJvb3QgR0MgQ0EwHhcNMTcwNTA5MDk0ODM0WhcNNDIwNTA5MDk1ODMzWjBtMQswCQYDVQQGEwJDSDEQMA4GA1UEChMHV0lTZUtleTEiMCAGA1UECxMZT0lTVEUgRm91bmRhdGlvbiBFbmRvcnNlZDEoMCYGA1UEAxMfT0lTVEUgV0lTZUtleSBHbG9iYWwgUm9vdCBHQyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABEzpUMDGD3IYvNjxurOJ4nlKoxana1Qk21H/6vQJJMMLIp/LaieCgQ3SwK8x5HSCbsol2Yx1nfHb0JqiSyF+FqdjkNI51LGHeF8Ylg9QGzU3D2rG3NkTTaSOkDfmvVsxkaNUMFIwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFEiHFKzjw56QYDrXyonu062MtFBmMBAGCSsGAQQBgjcVAQQDAgEAMAoGCCqGSM49BAMDA2gAMGUCMCbHaVvc1eey58gMjIzD3XmMG2PVyVKUTk2CSnMesoCEqSXATFptSSlgeBPifkjrZAIxANs0IDII/5pJAraI3hSvXWyZcY0aP4vX4KI2hhwHgjp2U/3Cou3ve7CAT1gPS1M5vQAAAAIAHWUtdHVncmFjZXJ0aWZpY2F0aW9uYXV0aG9yaXR5AAABcJxX5XgABVguNTA5AAAGTzCCBkswggQzoAMCAQICCGpoPpxRm8tTMA0GCSqGSIb3DQEBCwUAMIGyMQswCQYDVQQGEwJUUjEPMA0GA1UEBwwGQW5rYXJhMUAwPgYDVQQKDDdFLVR1xJ9yYSBFQkcgQmlsacWfaW0gVGVrbm9sb2ppbGVyaSB2ZSBIaXptZXRsZXJpIEEuxZ4uMSYwJAYDVQQLDB1FLVR1Z3JhIFNlcnRpZmlrYXN5b24gTWVya2V6aTEoMCYGA1UEAwwfRS1UdWdyYSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0xMzAzMDUxMjA5NDhaFw0yMzAzMDMxMjA5NDhaMIGyMQswCQYDVQQGEwJUUjEPMA0GA1UEBwwGQW5rYXJhMUAwPgYDVQQKDDdFLVR1xJ9yYSBFQkcgQmlsacWfaW0gVGVrbm9sb2ppbGVyaSB2ZSBIaXptZXRsZXJpIEEuxZ4uMSYwJAYDVQQLDB1FLVR1Z3JhIFNlcnRpZmlrYXN5b24gTWVya2V6aTEoMCYGA1UEAwwfRS1UdWdyYSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAOL1P5MFUR6FYlReegv1GAeDrn6vfPfUimulY0M5uUv3w8ZkiT2ULlSAUjk5B0tL3YUHdofMvy+VTMx9pz28Rw+YcPiMhR50jpJtG0DRmQ27dW7IqWuawIQxr8pDy+srNOiPl2sBm9UOSgiqW5J0hUPTgK6hiFuus+peyxaad0TIofZUaM7ej5crultAAgxkF8C1k83h8RNmzgx579GRKKtfoBJSMHMZjo/hjAeiw7tK8OofFajuJcykRvgbIu+zDkO6LCS4xSxc1Bz4XWS9w5NeKKc/J/GOHtMqUAWjVdnL5zlTwJiejFRiiyaw932NfOTGnmZCVYJH57JYjWb3B3wuNuZQHD/bQyTFv4ZHebN5HPda9BPsbPg/4lkfle5CPrmtqDKFSZdG/ksxj1rLrXRHH+mRt98oBCKg1A9d4nlP6myFhr2ops7k+sPhs67ePFHuyxN8AX+EDl1RlJ4TDLYupUz5OXA2b5bKLgxEVcXK+l0Co9/WZIxaswEKqbUKRxf/75FAKo6hRjoxmOUR/My7SVaK/LnQYZpvZWzmw8s+dUn+j6fiicVn151GE04xdjsks54RZYarf+8d1Pi856xaXLdaR1xVzlW0InFbWwvwz9ygYWTqqddoCmOn4A0/oK/TqtJ+71Gg5lErVZIVF1PLt2YOZkz4+XVMkOcScMdFAgMBAAGjYzBhMB0GA1UdDgQWBBQu49uySdCcVHlc+icq/sxO0uhOVDAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFC7j27JJ0JxUeVz6Jyr+zE7S6E5UMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEABTc69E23ReJFdSSPtndS6BzYEJNl8/JZBqQ+HinsXdHQq3zgCpBIeO1OmAOZ/ihgkR0wHbhjfKjmNbX602F25tYHS8ppmrKEeneTRRcVnyTQmBMS/7ugLv1OTIf4zlyqmBsF4ABGSoKApTOLKNztONPf5T7p/vtZ3WGET9JUlhNhEz6PgGm+k0e1NUPSWrs9XO+zQkfNO1UTBrAJ2/1j9jqICplvfuHOG1NqRGYjUQh7vFtSov0GNzhAYY9KlriQN/hmx3iQABUui61RNVMHqGtorvlOPAcmzQgFcMw5P3a9pdNnJgGGplPSYDt8Q39ViryVGsEoOUwfQ9KR9HJZirlW/D+0ndpwnHZajENQ7o4wck3f/0n3xqln2W2sAhHiOhYlp1gIy29TQZxIOEdoM9HXx4/UdCHUwwWQev/OloixFSldI6vQYKEST970F80y5cm/yEOt/S6O8a/i9Jj6Eh8g2MCnDIXFkPQ7LZYmsSy+TKvrsdKKydt4Ew8eCZ1tjwCfAtrB+h96egnESuaIKpefiYv9N19fOs44WYZLr3ELtNjycE+fMhPjsKdX5draQ8uENPIoxOpt9CrvwWt22vt+u4U80lPCTb5x4UXR/SNnDRN1+89lZyKdrrAJ0Qn/HTS//iOXN9I5+j0NBgu02zujq29cHbZ+6LOCNO0GXCQAAAACAA9xdW92YWRpc3Jvb3RjYTMAAAFwnFfleAAFWC41MDkAAAahMIIGnTCCBIWgAwIBAgICBcYwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJvb3QgQ0EgMzAeFw0wNjExMjQxOTExMjNaFw0zMTExMjQxOTA2NDRaMEUxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMRswGQYDVQQDExJRdW9WYWRpcyBSb290IENBIDMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDMV0IWVJzmmNPTTe7+7cefQzlKZbPoFog02w1ZkXTPkrgEQK0CSzGrvI2RaNggDhoB4hp7Thdd4oq3P5kazethq8Jlph+3t723j/z9cI8LoGe+AaJZz3HmDyl2/7FWeUUrH556VOijKTVopAFPD6QuN+8bv+OPEKhyq1hX51SGyMnzW9os2l2ObjyjPtr7guXd8lyyBTNvijbO0BNO/79KDDRMpsMhvVAEVeuxu537RR5kFd5VAYwCdrXLoT9CabwvvWhDFlaJKjdhkf2mrk7AyxRllDdLkgbvBNDInIjbC3uBr7E9KsRlOni27tyAsdLTmZw67mtaa7ONt9XOnMK+pUsvFrGeaDsGb659n/je7Mwpp5ijJUMv7/FfJuGITfhebtfZFG4ZM2mnO4SJk8RTVROhUXhA+LjJou57ulJCg54U7QVSWllWp5f8nT8KKdjcT5EOE7zelaTfi5m+rJsziO+1ga8bxiJTyPbH7pcUsMV8eFLI8M5ud2CEpukqdiDtWAEXMJPpGovgc2PZapKUSU60rUqFxKMiMPwJ7Wgic6aIDFUhWMXhOp8q3crhkODZc6tsgLjoC2SToJyMGf+z0gzskSaHirOi4XCPLArlzW1oUevaPwV/izLmE1xr/l9A4iLItLRkT9a6fUg+qGkM17uGcclzuD87nSVL2v9A6wIDAQABo4IBlTCCAZEwDwYDVR0TAQH/BAUwAwEB/zCB4QYDVR0gBIHZMIHWMIHTBgkrBgEEAb5YAAMwgcUwgZMGCCsGAQUFBwICMIGGGoGDQW55IHVzZSBvZiB0aGlzIENlcnRpZmljYXRlIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFF1b1ZhZGlzIFJvb3QgQ0EgMyBDZXJ0aWZpY2F0ZSBQb2xpY3kgLyBDZXJ0aWZpY2F0aW9uIFByYWN0aWNlIFN0YXRlbWVudC4wLQYIKwYBBQUHAgEWIWh0dHA6Ly93d3cucXVvdmFkaXNnbG9iYWwuY29tL2NwczALBgNVHQ8EBAMCAQYwHQYDVR0OBBYEFPLAE+CCQz777i9nMpY1XNu4ywLQMG4GA1UdIwRnMGWAFPLAE+CCQz777i9nMpY1XNu4ywLQoUmkRzBFMQswCQYDVQQGEwJCTTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDEbMBkGA1UEAxMSUXVvVmFkaXMgUm9vdCBDQSAzggIFxjANBgkqhkiG9w0BAQUFAAOCAgEAT62gLEz6wPJv92ZVqyM07ucp2sNbtrCD2dDQ4iH782CnO11gUyeim/YIIirnv6By5ZwkajGxkHon24QRiSemd1o417+shvzuXYO8BsbRd2sPbSQvS3pspweWyuOEn62Iix2rFo1bZhfZFvSLgNLd+LJ2w/w4E6oM3kJpK27zPOuAJ9v1pkQNn1pVWQvVDVJIxa6f8i+AxeoyUDUSly7B4f/xI4hROJ/yZlZ25w9Rl6VSDE1JUZU2Pb+iSwwQHYaZTKrzchGT5Or2m9qoXadNt54CrnMAyNojA+j56hl0YgCUyyIgvpSnWbWCar6ZeXqp8kokUvd0/bpO5qgdAm6xDYBEwa7TIzdfu4V8K5Iu6H6li92Z4b8nby1dqnuH/grdS/yO9SbkbnBCbjPsMZ57k8HkyWkaPcBrTiJt7qtYTcbQQcEr6k8Sh17rRdhs9ZgC06DYVYoGmRmioHfRMJ6szHXug/WwYjnPbFfiTNKRCw51KBuav/0aQ/HKd/s7j2G4aSgWQgRecCocIdiP4b0jWy10QJLZYxkNc91pvGJHvOB0K7Lrfb5BG7XARsWhIstfTsEokt4YutUqKLsRixeTmJlglFwjz1onl14LBQaTNx47aTbrqZ5hHY8y2o4M1nQ+ewkk2gF3R8Q7zTSMmfXK4SVhM7JZG+Ju1zdXtg2pEtoAAAACAA9xdW92YWRpc3Jvb3RjYTIAAAFwnFfleAAFWC41MDkAAAW7MIIFtzCCA5+gAwIBAgICBQkwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJvb3QgQ0EgMjAeFw0wNjExMjQxODI3MDBaFw0zMTExMjQxODIzMzNaMEUxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMRswGQYDVQQDExJRdW9WYWRpcyBSb290IENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCaGMpLlA0ALa8DKYrwD4HIrkwZhR0In6spRIXzL4GtMh6QRr+jhiYaHv5+HBg6XJxgFyo6dIMzMH1hVBHL7avg5tKifvVrbxi3Cgst/ek+7wrGsxDp3MJGF/hd/aTa/55JWpzmM+Yklvc/ulsrHHo1wtZn/qtmUIttKGAr79dgw8eTvI02kfN/+NsRE8Scd3bBrrcCaoF6qUWD4gXmuVbBlDePSHFjIuwXZQeVikvfj8ZaCuWw419eaxGrDPmF60Tp+ARz8un+XJiM9XOva7R+zdRcAitMOeGylZUtQofX1bOQQ7dsE/He3fbE+Ik/0XX1ksOR1YqI0JDs3G3eicJlcZaLDQP9nL9bFqyS2+r+eXyt66/3FsvbzSUr5R/7mp/iUcw6UwxI5g69ybR2BlLmEROFcmMDBOAENisgGQLodKcftslWZvB1JdxnwQ5hYIizPtGo/KPaHbDRsSNU30R2be1B2MGyIrZTHN81Hdyhdyox5C315eXbyOD/5YDXC2Og/zOhD7osFRXql7PSorW+8oyWHhqPHWykYTe5hnMz15eWniN9gqRMgeKh0bpnX5UHoycR7hYQe7xFSkyyBNKr79X9DFHOUGoIMfmR2gyPZFwDwzqLID9ujWc9Otb+fVuIyV77zGHcizN300QyNQliBJIWENieJ0f7OyHj+OsdWwIDAQABo4GwMIGtMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgEGMB0GA1UdDgQWBBQahGK8SEwzJQTU7tD2A8QZRtGUazBuBgNVHSMEZzBlgBQahGK8SEwzJQTU7tD2A8QZRtGUa6FJpEcwRTELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJvb3QgQ0EgMoICBQkwDQYJKoZIhvcNAQEFBQADggIBAD4KFk2fBluornFdLwUvZ+YTRYPENvbzwCYMDbVHZF34tHLJRqUDGCdViXh9duqWNIAXINzng/iN/Ae42l9NLmeyhP3ZRPx3UIHmfLTJDQtyU/h2BwdBR5YM++CCJpNVjP4iH2BlfF/nJrP3MpCYUNQ3cVX2kiF495V5+vgtJodmVjB3pjd4M1IQWK4/YY7yarHvGH5KWWPKjaJW1acvvFYfzznB4vsKqBUsfU16Y8Zsl0Q80m/DShcK+JDSV6IZUaUtl0HaB0+pUNqQjZRG4T7wlP0QADj1O+hA4bRuVhogzG9Yje0uRY/W6ZM/57Es3zrWIozchLsib9D45MY56QSIPMO661V6bYCZJPVsAfv4l7CUW+v90m/xd2gNNWQjrLhVoQPRTUIZ3Ph1WVaj+ahJefivDrkRoHy3au000LYmYjgahwz46P0u05B/B5EqHdZ+XIWDmbA4CD/pXvk1B+TJYm5Xf6dQlfe6yJvmjqIBxdZmv3lh8zwc4bmCXF2gw+nYSL0ZohEUGW6yhhtoPkg3Goi3XZZenMfvJ2II4pEZXNLxId26F0KCl3GBUzGpn/Z9Yr9y4aOTHcyKJloJONDO1w2AFrR4pTqHTI2KpdVGl/IsELm8VCLAAVBpQ570su9t+Oza8eOx79+Rj1QqCyXBJhnEUhAFZdWCEOrCMc0uAAAAAgAlZW50cnVzdHJvb3RjZXJ0aWZpY2F0aW9uYXV0aG9yaXR5LWVjMQAAAXCcV+V4AAVYLjUwOQAAAv0wggL5MIICgKADAgECAg0Apot5KQAAAABQ0JH5MAoGCCqGSM49BAMDMIG/MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNRW50cnVzdCwgSW5jLjEoMCYGA1UECxMfU2VlIHd3dy5lbnRydXN0Lm5ldC9sZWdhbC10ZXJtczE5MDcGA1UECxMwKGMpIDIwMTIgRW50cnVzdCwgSW5jLiAtIGZvciBhdXRob3JpemVkIHVzZSBvbmx5MTMwMQYDVQQDEypFbnRydXN0IFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBFQzEwHhcNMTIxMjE4MTUyNTM2WhcNMzcxMjE4MTU1NTM2WjCBvzELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEzMDEGA1UEAxMqRW50cnVzdCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRUMxMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEhBPJ0LptQXvibNDrVV9mAhok9FuJaUfjuMJ98fICxZ+g9lvViwYZhk9TEG0HJCehoPjVRxlhTH3KkyfqdAzvb5YJ/mPscF02rWd3rsmdfFVEOqJjUR/142LUqUcHPswgo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUt2PnGt2N6QimVYOk4GpQQWURQkkwCgYIKoZIzj0EAwMDZwAwZAIwYXnY5UJH3xyuU5kXtm8cfeG/EZTRA4h15I2JpIp3Rt5tYe8C9fu138z+Tv/+qeanAjBbmdeFNwa1ewj96yeLSpT54fqnjiYI6HySaG1z2G8mrCECuJm3JkFbJWCu0Ega7gYAAAACABpvaXN0ZXdpc2VrZXlnbG9iYWxyb290Z2JjYQAAAXCcV+V4AAVYLjUwOQAAA7kwggO1MIICnaADAgECAhB2sSBSdPCFh0az+CMa9sLAMA0GCSqGSIb3DQEBCwUAMG0xCzAJBgNVBAYTAkNIMRAwDgYDVQQKEwdXSVNlS2V5MSIwIAYDVQQLExlPSVNURSBGb3VuZGF0aW9uIEVuZG9yc2VkMSgwJgYDVQQDEx9PSVNURSBXSVNlS2V5IEdsb2JhbCBSb290IEdCIENBMB4XDTE0MTIwMTE1MDAzMloXDTM5MTIwMTE1MTAzMVowbTELMAkGA1UEBhMCQ0gxEDAOBgNVBAoTB1dJU2VLZXkxIjAgBgNVBAsTGU9JU1RFIEZvdW5kYXRpb24gRW5kb3JzZWQxKDAmBgNVBAMTH09JU1RFIFdJU2VLZXkgR2xvYmFsIFJvb3QgR0IgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYF7ccSiQq1pexyuIe+30475j1sjmYTie4EV170iWUiIIVJmobMbuoWyEhK9gPTp9a8bFa5HnWMiMr4VPMmUVce0+tvL+HSgtLl1qo9kjsfXsNzSEG354V/UGKSLcg9KF6G1fUXVD/umfYI5kfyD/j3v9vW3exa264yWT34cpBRg4pcdC5I/zJgV9O92/fv4Stc2S7t0KOafbUdh1+nae4V4pRZ3LX1Ki4lVRAcwP26vTr/ihCdz+dIxuytj2AFAdMLk/31QoWDb1mQzd+I0N5w0CG9Uwp2o6arQ2lBIeIHoXj6VPVm8iLA2N46+AZSm67L2szZFiTrWm/jxvvgkjHAgMBAAGjUTBPMAsGA1UdDwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQ1D8g2Y17io+z5O2YVzlFS45GaPTAQBgkrBgEEAYI3FQEEAwIBADANBgkqhkiG9w0BAQsFAAOCAQEAQEz7h7KZgZB+ncWwsCbNiHsrMo1uuCFxWJd9rjcUrz7n95riffZxmJkEqkN0eKPjSWE+c4xNlOD5ccS2Fg5TeB/WoocvAjmBKTyvFZghMP4okACM0eHL+l7I/fgQRjuieEKRF3RVCt5QZ01m0af//dnAtaijis5m9Q9DzacrV3tjRmqqLlLY9O3hba0pkHhIuuEjqqOJ7LWrlsC0S6Idl5568m5Acd9o8WVNznwF31NlqaXwsZcEcBVGA5jU0r9UtKBYfVJv2lYmYtTY24kxbxzwIsLTYhw1zUxpFVQakJje6x5fynfHy449Q2mcmljQJDvfG0CWfjWtgcdOcbqIEwAAAAIABW15a2V5AAABcmk5m5oABVguNTA5AAAGFzCCBhMwggP7oAMCAQICEH1bUSa0droR23QWC7xTDacwDQYJKoZIhvcNAQEMBQAwgYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE4MTEwMjAwMDAwMFoXDTMwMTIzMTIzNTk1OVowgY8xCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE3MDUGA1UEAxMuU2VjdGlnbyBSU0EgRG9tYWluIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANZzM9bXPCDQANIXRbjWPgeiP8dB7jIwybBs/fSfyxKYDy0/jU0BDIIPF39iLum4SHn7FoNOrdcyJZO3B7+5UD+pTMNAKuk5/9mByh8WMkHagCa5I3qHIB7j/yCaPJVEb4d1BpBAtDKTFgkQCCM+0t2HD29dURRqCmnFTwFyac/Tk0xtBKCjG4J+sZq57cWexTd4n5oINPtWLljECQ4GZFu8N9zxnyhoqFawkqNcn7uImAgbJB2rMIWur7AunnqdwcBCHOIC8OrgStLvkA60wUAW8G+FQkpk96QwoP6/LqMnWo6LWLitwxkXhGPtb1b9g8tgNMR0vuad2+Hk5coMXxUCAwEAAaOCAW4wggFqMB8GA1UdIwQYMBaAFFN5v1qqK0rPVIDh2JvAnfKyA2bLMB0GA1UdDgQWBBSNjF7EVK2K4Xfpm/mbBeG4AY1h4TAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwGwYDVR0gBBQwEjAGBgRVHSAAMAgGBmeBDAECATBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8GCCsGAQUFBzAChjNodHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQWRkVHJ1c3RDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQEMBQADggIBADK/Yb0OSMNPx7pHTficeBkB3BMdgG/8w3C0UpoxM5pXUvsxnmuk71SqiY1AF2j4ERB80sqx8VWGx+6zNpGG9jlRv0a/D6C6tPd+ScQqNhee5Gg5eq+UTlZvsns7vwqGvc3FdxwDuDixoh9fftuK3EZItmgKz7K1tOI05GepOGYJXtK4/J0oOhdAJ8JyTin9ITx8zxP7lizFMUT9E+3Vm6lpaHd87uH/pPk2OAhTOaKENJwZ874OrNUkN+sjqHjQ0+fvkkdkYjki78b3Eb4ihcZmRCQmjhAyjciTrgeegz4v2fn1Ro5jvsHmtNymzSGohgqV2S6FJhr9/LG2V0JtldEz9jkUBoJBOPWPWNyAW6TVfZV4/aeb//3FqGmrJuenpAWHW6m3uKMgC5epRYXds4vliTeOKQ38Bhf2OEAOQuQSBvt788YRaGLf45j0E9gVT4uxadkQYLxkKuoxt+S1ozoUmybjC3v9Ao62mcE4l1k29qh0ooa2XuvGZOrPoKP5bp66LRG2hpgIWC3JrCVk8l51tDjBrn9aRoPqUcq28ZkRNWulanvGALDn+L5ksq3IwvGs41HqpJPgecjhgUDJClvhEjzBYCrjl8CJQsqUz0aYEmm7mNDC0w1yS0du5ZPEMihjh0PksDI+CtNLvyObFClBK5oEH5Mt8cc5SDytWhJ/AAAAAgAJZ3Rzcm9vdHI0AAABcJxX5XgABVguNTA5AAACDjCCAgowggGRoAMCAQICEG5HqciLlLbouzsq2KKywZkwCgYIKoZIzj0EAwMwRzELMAkGA1UEBhMCVVMxIjAgBgNVBAoTGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBMTEMxFDASBgNVBAMTC0dUUyBSb290IFI0MB4XDTE2MDYyMjAwMDAwMFoXDTM2MDYyMjAwMDAwMFowRzELMAkGA1UEBhMCVVMxIjAgBgNVBAoTGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBMTEMxFDASBgNVBAMTC0dUUyBSb290IFI0MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE83Rzp2iLYK5DuDXFgTB7S0md+8FhzubeRr1r1WEYNa5A3XP3iZEwWus87oV8okB2O6nGuEfYKueSkWpz6bFyOZ8pn6KY019eWIZlD6GEZQbR3IvJx3PIjGov5cSr0R2Ko0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUgEzW63T/STaj1dj8tT7FavCUHYwwCgYIKoZIzj0EAwMDZwAwZAIwalBSdAjEcNyeUHQh6I16IcNPlm4V0SI1YS36CDfuGW2t27LMfQc09WAZLLU02W8gAjADcbG6o2ALhu2aCGqVaJ/is+GTZHxek6bfeS2NheOUzyNdcczysE3W/pnIlKl1ouMAAAACABRhZGR0cnVzdGV4dGVybmFscm9vdAAAAXCcV+V4AAVYLjUwOQAABDowggQ2MIIDHqADAgECAgEBMA0GCSqGSIb3DQEBBQUAMG8xCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRUcnVzdCBBQjEmMCQGA1UECxMdQWRkVHJ1c3QgRXh0ZXJuYWwgVFRQIE5ldHdvcmsxIjAgBgNVBAMTGUFkZFRydXN0IEV4dGVybmFsIENBIFJvb3QwHhcNMDAwNTMwMTA0ODM4WhcNMjAwNTMwMTA0ODM4WjBvMQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFsIFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/caM+byAAQtOeBOW+0fvGwPzbX6I7bO3psRM5ekKUx9k5+9SryT7QMa44/P5W1QWtaXKZRagLBJetsulf24yr83OC0ePpFBrXBWx/BPP+gynnTKyJBU6cZfD3idmkA8Dqxhql4Uj56HoWpQ3NeaTq8Fs6ZxlJxxs1BgCscTnTgHhgKo6ahpJhiQq0ywTyOrOk+E2N/On+Fpb7vXQtdrROTHre5tQV9yWnEIN7N5ZaRZoJQ39wAvDcKSctrQOHLbFKhFxF0qfbe01sTurM0TRLfJK91DACX6YblpalgjEbenM49WdVn1zSnXRrcKK2W200JvFbK4e/vv6V1T1TRaJwIDAQABo4HcMIHZMB0GA1UdDgQWBBStvZh6NLQm9/rEJlTvA73gJMtUGjALBgNVHQ8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zCBmQYDVR0jBIGRMIGOgBStvZh6NLQm9/rEJlTvA73gJMtUGqFzpHEwbzELMAkGA1UEBhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMSYwJAYDVQQLEx1BZGRUcnVzdCBFeHRlcm5hbCBUVFAgTmV0d29yazEiMCAGA1UEAxMZQWRkVHJ1c3QgRXh0ZXJuYWwgQ0EgUm9vdIIBATANBgkqhkiG9w0BAQUFAAOCAQEAsJvghSXC1iPiD5YGkp1BmJzZhHmB2R5bFAcjNmWPsNh3u6xBbEdgg1Gw+TI95/z2JhPHgBalv1r8h894eYkhmuJMBwqGNbzy3lHE0pa33H5O7nD9HDnrDAJRFC2OvRbgwd9Gdeckrez0QrSFk3AQZ7qdBjVKGNMresxRQqF6Y9Hmu6HFK8I2vhMN5r1jfnl7pwkNQKtq3Y+Kw/b2jBpCBVHURfWfp2IhaBUgQzyZ53y9JNipkRdziD9WGzE4GLRxD5rNyA6eji4b4YyYg8sfMfFETMYEc0l2YA/H+L0XgGsu6cxMDlqaeQ8gCi7VnmMmHlWSlNiCF1p70LzHj06GBAAAAAIACWd0c3Jvb3RyMwAAAXCcV+V4AAVYLjUwOQAAAhAwggIMMIIBkaADAgECAhBuR6nHbKlzJECJDwNV3Y0dMAoGCCqGSM49BAMDMEcxCzAJBgNVBAYTAlVTMSIwIAYDVQQKExlHb29nbGUgVHJ1c3QgU2VydmljZXMgTExDMRQwEgYDVQQDEwtHVFMgUm9vdCBSMzAeFw0xNjA2MjIwMDAwMDBaFw0zNjA2MjIwMDAwMDBaMEcxCzAJBgNVBAYTAlVTMSIwIAYDVQQKExlHb29nbGUgVHJ1c3QgU2VydmljZXMgTExDMRQwEgYDVQQDEwtHVFMgUm9vdCBSMzB2MBAGByqGSM49AgEGBSuBBAAiA2IABB9PM4czKYqhhN7LxyFYQYnqVp0rS4XGHUwnvH8mUXJv4p/Wo8rMRRRGi63vfoaM7LF+L/+pcZ0YhEUEQVVuK+omf7uQAeNLGbrkVJZFCbHVbJFErYQTjpqMDYAMMvbgJ6NCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFMHxJrqgLa6Fgc/T8SoSvbgKZ/28MAoGCCqGSM49BAMDA2kAMGYCMQCAW6R8I8CVpSzcvolvI7mj3WUAUl6RrMidcnSCUwt9qUC9aGDF4bhUO8E2FyXYwb0CMQCeNZJ0hSVR9STsZFIkUKUf2+jLyXbs7IJu9YUYU+i445opqpbTgyPJpHths8wC6F0AAAACABRkaWdpY2VydGdsb2JhbHJvb3RnMwAAAXCcV+V4AAVYLjUwOQAAAkMwggI/MIIBxaADAgECAhAFVVa88l6kNTXDpA/Vq0VyMAoGCCqGSM49BAMDMGExCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEczMB4XDTEzMDgwMTEyMDAwMFoXDTM4MDExNTEyMDAwMFowYTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTEgMB4GA1UEAxMXRGlnaUNlcnQgR2xvYmFsIFJvb3QgRzMwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATdp9m7irgL+wt/IdLwvr5z8zNdGrw06t7Gm7zQlfbwzNALumFbUUZ+ni2f7o5jDBfsB3D1z4QuQIOc6D9BbTut06QUWTZ4nQND7hATbHLeroinoWu1Q85n3CP/Axyj4j6jQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBSz20ik+aHF2K42QcwRY2liKbxLxjAKBggqhkjOPQQDAwNoADBlAjEArbzybD8SStEtOcMKCZdz9Ig2jIgnu+aIjVCFp2P5njLeZpMP8cyxCY/dbKv6a3+gAjA5ZlvCZI24nlDcqNVJou3H3NFJfxcBuMiGj06MiCuomqmKxdEAvfhU4prlW3yzJxcAAAACAAlndHNyb290cjIAAAFwnFfleAAFWC41MDkAAAVeMIIFWjCCA0KgAwIBAgIQbkepxlqz5yDFMJo/aFLybzANBgkqhkiG9w0BAQwFADBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjIwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIyMDAwMDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDO3v2m++zsFDQ8BwZabFn3GTXd98GdVarTzTukk3LvCvptnfbwhYBboUhSnznFt+4orO/LdmgUud+tAWyZH8QiHZ/+cnfgLFuv5AS/T3KgGjSY6Dlo7JUle3ah5mm5hRm9iYz+re026nO8/4Piy33B0s5Ks40FnotJk9/BW9BuXvAuMC6C/Pq8tBcKSOWIm8Wba96wyrQD8Nr0kLhlZPdcTK3ofmZemde4wj7I0BOdre7kRXuJVfeKH2JShBKzwkCX44ofR5GmdFrS+LFjKBC4swm4VndAoiaYecb+3yXuPuWgf9RhD1FLPD+M2uFwdNjCaKH5wQzpoeJ/u1U8dgbuak7MkogwTZq9TwtImoS1mKPV+3PBV2HdKFZ1E66HjucMUQkQdYhMvI35ezzUIkgfKtzra7tEscszcTJGr61K8YzodDqs5xoic4DSMPclQsciOzsSrZYuxsN2B6ogtzVJV+mSSeh2FnIxZyuWfoqjx5RWIr9qS34BIbIjMt/kmkRtWVtd9QCgHJvGeJeNkP+byKq0rxFROV7Z+2et1VsRnTKaG73VululycslaVNVJ1zgyjbLiGH7HrfQy+4W+9OmTN6SpdTi3/UGVN4unUu0kzCqgc7dGtxRcw1PcOnlthYhGXmy5okLdWTK1au8CcEYof/UVKGFPP0UJAOyh9OktwIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUu//KjiOfT5nK2+JopqUVJxce2Q4wDQYJKoZIhvcNAQEMBQADggIBALZp8KZ3/p7uC4Gt4cCpx/k1HUCCq+YEtN/L9x0Pg/B+E02NjO7jMyLDOfxA325BS0JTvhaI8dI4XsRomRyYUpOM52jtG2pzegVATX9lO9ZY8c6DR2Dj/5epnGB3GFW1fgiTz9D2PGcDFWEJ+YF59exTpJ/JjwGLc8R3dtyDovUMSRqodt6Sm2T4syzFJ9MHwAiApJiS4wGWAqoC7o87xdFtCjMwc3i5T1QWvwsHoaRc5svJXISPD+AVdyx+Jn7axEvbpxZ3B7DNdehyQtaVhJ2Gg/LkkM0JR9SLA3DaWsYDQvTtN6LwG1BUSw7YhN4ZKJmBR64JGz9I0cNv4rBgF/XuIwKl2gBbbZCr7qLpGzvpx0QnRY5rn/WkhLx3+WuXrD5RRaIRpsyF7gpo8j5QOHokYh4XIDdtak23CZvJ/KRY9bb7nE4Yu5UC56GtmwfuNmsk0jmGwZODUNKBRqhfYlcsu2xkiAhu7xNUX90txGdj08+JN7+dIPT7eoOboB6BAFDC5AwiWVIQ7UNWhwD4FFKnHYuTjKJNRn8nxnGbJN7k2oaLDX5rIMHAnuFl2GqjpuiFizoHCBy69Y9Vmhh1fuXsgWbRIXOhNUQLgD1bnF5vKheW0YMjiGZt5obicDIvUiLnyOd/xCxgXS/Dr55FBcOEArf9LAhST4Ldo/DUhgkCAAAAAgASc3dpc3NzaWduZ29sZGNhLWcyAAABcJxX5XgABVguNTA5AAAFvjCCBbowggOioAMCAQICCQC7QBxD9V5PsDANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMR8wHQYDVQQDExZTd2lzc1NpZ24gR29sZCBDQSAtIEcyMB4XDTA2MTAyNTA4MzAzNVoXDTM2MTAyNTA4MzAzNVowRTELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEfMB0GA1UEAxMWU3dpc3NTaWduIEdvbGQgQ0EgLSBHMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK/k7n6LJA4SbqlQLRZEO5KSXMq4XYSSQhMqvGVXgkA+VyTNUIslKrdv/O+i0MAfAiRKE5aPIxPmKFgAo0fHBqeEIyu7vZYrf1XMi8FXHw5iZQ/dPVaKc9qufm26gRx+QowgNdlDTYT6hNtSLPMOJ3cLa78RL3J4ny7YPuYYN1oqcvnaYpCSlcofnOmzPCvL8wETv1rPwbUKYL3dtZlkU7iglrNv4iZ3kYzgYhACnzQPpNWSM1Hevo26hHpgPGrbnyvs3t4BP25N5VCGy7Sv7URAxcpajNrSK3yo7r6m5QqqDqXfBVK3VcciXTJql5djE9vJ23k2e4U6SsVSifkk5513qYL/VRylcWkr0QIk8rMm1GvaBFXlwQrHbTA3kCrknhQzXhYXVcVbtcs0iZLxnSaPoQfUxrJ4UNsMDAt8C4xB17np3YyI96NNsjLM2BfazbfOZp3U/V7/vZc+KXXnfqdiWK8lNKVBxz28DVDKAwMPCFoflXN4Yr+vchRpDqXlAw54jiYoQvAHC2IgEGc5RvqpA8wEOHpm7yCDtYxKVo6RAPyOXILeiKDD4mhufY3vPN1l9F2sUe8kgK6qVpdv+a192mE/mHc8pZG2HIwm2mWiCW3B4lTjucpMTICPd3tgmh7ftvJIHg66TlRtmODhohqid1DPxGOS7EcZnevma87BAgMBAAGjgawwgakwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFFsle5akZVF+uDnzwHhmXug65/DuMB8GA1UdIwQYMBaAFFsle5akZVF+uDnzwHhmXug65/DuMEYGA1UdIAQ/MD0wOwYJYIV0AVkBAgEBMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9yZXBvc2l0b3J5LnN3aXNzc2lnbi5jb20vMA0GCSqGSIb3DQEBBQUAA4ICAQAnuuOUfPGuwN4X5uXY1fVUsIP0u81eBXtPn3VmrzzoVn78cng4A9krYhsAufjpYM3MzlGKx1AxbuFKfhgvaVm2PWSBK+ODhOYih4594O4CmWG4HvS4K4gSFoTCMZM4ljGmuTtTP8Mkk1ZbaZLsxcG7OADj7BepuNzHfAGDnzJHulIiNB0yeglWp3wlNqk9S9rAgm8KuxLIh0snEfkeLceTP57bXyZrUtkuivEUxkSNFam3v73ephruri37SHcX/rvsrxj1KlHwOYSXlWxuG8MrxHRgeSWwCiff317SOc9FfUJL37MsHsXGXcpVOqCcaZqP2u+ysDyfh2wSK2VwFVIxGiTPbzEjUB+MT48jw3RBYxxVqBTdPuBRUM/xGzBWDpKwgoXYg8siZLwtuCXVVKK4BuqtkqQkoMGGtUoTakfPLgtWlVTLzprbarSmsttBCIYnd/dqoEJsCzjO13VQMpLC3yswIkjQ1UE4JV2k6V2fxpR10EX9MJdDj5CrCseGc2BKaS3epXjXBtpqnks+dzogEyIB0L9onmNgazVNC226oT3Ak+B/I7NVrXIlTkb50hbvsGTBAZ7pyqBqmA7P2GDyL0m45ELhODUW9MhuT/eBVui6o74jr679bwPgAjswdvobbUHPAbHpuMlm9Nsm8zqkdPJJJFvJsNBXwfo+euGXyQAAAAIAFWNvbW9kb2FhYXNlcnZpY2Vzcm9vdAAAAXCcV+V4AAVYLjUwOQAABDYwggQyMIIDGqADAgECAgEBMA0GCSqGSIb3DQEBBQUAMHsxCzAJBgNVBAYTAkdCMRswGQYDVQQIDBJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcMB1NhbGZvcmQxGjAYBgNVBAoMEUNvbW9kbyBDQSBMaW1pdGVkMSEwHwYDVQQDDBhBQUEgQ2VydGlmaWNhdGUgU2VydmljZXMwHhcNMDQwMTAxMDAwMDAwWhcNMjgxMjMxMjM1OTU5WjB7MQswCQYDVQQGEwJHQjEbMBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UEAwwYQUFBIENlcnRpZmljYXRlIFNlcnZpY2VzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkCd9G7h6naHHE1FRI6+RsiDBp3BKv4YH47kAvrzq11QihYxC5oG0MVwIs1JLVRjzLZuaEYLU+rLTCTAvHJO6vEVrvRUmhIKw3qyM2Di2olV8yJY897cz++DhqKMlE+faPKYkEaEJ8d2v+PMNSyLXgdkZYLASLCokflhn3YgUKiRx2a163hiA1bwihoT6jGjHqCZ/Tj29icyWG8H9Wu4+xQrr7eqzNZjX3OM2gWZqDioyxd4NlGs6Z70eDqNzw/ZQuKYDKsvnw4B3u+fmUnxLd+sdE0bmLVHxeUp0fmQGMdinL6DxyZ7Poolx8DdneY1aBAgnY/Y3tLDhJwNXugvyQIDAQABo4HAMIG9MB0GA1UdDgQWBBSgEQojPpbxB+zirynvgqV/0DCktDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zB7BgNVHR8EdDByMDigNqA0hjJodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9BQUFDZXJ0aWZpY2F0ZVNlcnZpY2VzLmNybDA2oDSgMoYwaHR0cDovL2NybC5jb21vZG8ubmV0L0FBQUNlcnRpZmljYXRlU2VydmljZXMuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQAIVvwC8Jvo/6T61nvGRIDOT8TF9gBYzKa2vBRJaAR26ObuXewCD2DWjVAYTyZOAePmsKXuv7x0VEG//fwSuMdPWvSJYAV/YLcFSvP28cK/xLl0hrYtfWvM0vNG3S/G4GrDwzQDLH2W3VrCDqcKmcEFi6sML/NcOs9sN1UJh95TQGxY7/y2q2VuBPYb3DzgWhXGntnxWUgwIWUDbOzpIXPsmwOh4DetoBUYj/q6As6nLKkQEyzU5QgmqyKXYPiQXnTUoppTvfKpaOCibsLXbLGjD56/62jnVvKu8uMrODoJgbVrhde+Le0/GreyY+L1YiyC1GoAQVDxOYOflek2lphuAAAAAgAUZGlnaWNlcnRnbG9iYWxyb290ZzIAAAFwnFfleAAFWC41MDkAAAOSMIIDjjCCAnagAwIBAgIQAzrx5qcRqaC7KGSxHQn65TANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMjAeFw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGExCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzfNNNx7a8myaJCtSnX/RrohCgiN9RlUyfuI2/Ou8jqJkTx65qsGGmvPrC3oXgkkRLpimn7Wo6h+4FR1IAWsULecYxpsMNzaHxmx1x7e/dfgy5SDN67sH0NO3Xss0r0upS/kqbitOtSZpLYl6ZtrAGCSYP9PIUkY92eQq2EGnI/yuum06ZIya7XzV+hdG82MHauVBJVJ8zUtluNJbd134/tJS7SsVQepj5WztCO7TG1F8PapspUwtP1MVYwnSlcUfIKdzXOS0xZKBgyMUNGPHgm+F6HmIcr9g+UQvIOlCsRnKPZzFBQ9RnbDhxSJITRNrw9FDKZJobq7nMWxM4MphQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUTiJUIBiV5uNu5g/6+rkS7QYXjzkwDQYJKoZIhvcNAQELBQADggEBAGBnKJRvDkhj6zHd6mcY1Yl9PMWLSn/pvtsrF9+wX3N3KjITOYFnQoQj8kVnNeyIv/iPsGEMNKSuIEyExtv4NeF22d+mQrvHRAiGfzZ0JFrabA0UWTW98kndth/Jsw1HKj2ZL7tcu7XUIOGZX1NGFdtom/DzMNU+MeKNhJ7jitralj41E6Vf8PlwUHBHQRFXGU7Aj64GxJUTFy8bJZ918rGOmaFvE7FBcf6IKshPECBV1/MUReXgRPTqh5Uykw7+U0b6LJ3/iyK5S9kJRaTepLiaWN0bfVKfjllDiIGknibVb63dDcY3fe0Dkhvld1927jyNxF1WW6LZZm6zNTflMrYAAAACAAlndHNyb290cjEAAAFwnFfleAAFWC41MDkAAAVeMIIFWjCCA0KgAwIBAgIQbkepxUtHDA3sM9CJuRz04TANBgkqhkiG9w0BAQwFADBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIyMDAwMDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2EQKLHuOhd5s73L+UPreVp0A8of2C+X0yBoJx9vaMf/vo27xqLpeXo4xL+Sv2sfnOhB2x+cWX3u+58qPpvBKJXqeqUqv4IyfLpLGcY9vXmX7wCl7raKb0xlpHDU0QM+NOsROjyBhsS+z8CZDfnWQpJSMHobTSPS5g4M/SCYe7zUjwTcLCeoiKu7rPWRnWr4+wB7CeMfGCwcDfLqZtbBkOtdh+JhpFAz2weaSUKK0PfyblqAj+lug8aJRT7oM6iCsVlgmy4HqMLnXWnOunVmSPlk9orj2XwoSPwLxAwAtcvfaHszVsrBhQf4TgTM2S0yDpM7xSma8ytSmzJSq0SPly4cpk9+aCEI3oncKKiPo4Zor8Y/kB+Xj9e1x3+naH+uzfsQ55lVe0vSbv1gHR6xYKu44LtcXFilWr06zqkUspzBmkMiVOKvFlRNACzqrOSbTqn3yDsEB750Orp2yjj32JgfpMpf/VjsPOS+C12LOORc92wO1AK/1TD7Cn1TsNsYqiA94xrcx36m97PtbfkSIS5r762DL8EGMUUXLeXdYWk70paDPvOmbsB4om3xPXV2V4J95eSRQAogB/mqghtqmxlbCluQ0WEdrHbEg8QOB+DVrNVjzRlwW5y0vtOUucxD/SVRNuJLDWcfr0wbrM7Rv1/oFB2ACYPTrIrnqYNxgFlQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU5K8rJnEaK0gnhS9SZizv8IkTcT4wDQYJKoZIhvcNAQEMBQADggIBADiWCu49tJYeX++dnAsznyvgyv3SjgofQXSlfKqE1OXyHuY3UjKcC9FhHb8owbZEKTV1d5iyfNm9dKyKaOOpMQkpAWBz40d8U6iQSifvS9efk+eCNs6aaAyC58/UEBZvXw6ZXPYfcX3v73svfuo21pdwCxXu11xWajOl40k4DLh9+42FpLFZXvRq4d2h9mREruZRgyFmxhE+885H7pwoHyXa/6xmld01D1zvICxi/ZG6qcz8WpyTgYMpl0p8WnK0OdC3d8t5/Wk6kjftbjhlRn7pYL15iJdfOBL07q9bgsiG1eGZbYwE8na6SfZu6W0eX6DvJ4J2QPim01hcDyxC2kLGe4g0x8HYRZvBPsVhHdljUEn2NIVq4BjFbkerQUIpm/ZgDdIx02OYI5NaAIFItO/Nis3Jz5nu2Z6qNuFoS3FJFDYoOj0dzpqPJeaAcWErtXvM+SUWgeExX6GjfhaknBZqlxi9dnKlC54dNuYvoS++cJEPqOba+MSSQGwlfnuzCdyyF62ARPBopY+Udf90WuioAnwMCeKpSwughQtiue+hMZL77/ZRBIls6Kl0obsXs7X9SQ98POyDGCBDTtWTurQ0sR8WNh8M5mQ5Fkzc4P4dyKliPUDqysU0ArSuiYgzNdwsE3PYJ/HQcu51OyLemGhmW/HGY0dVHLqlCFF1pkglAAAAAgAab2lzdGV3aXNla2V5Z2xvYmFscm9vdGdhY2EAAAFwnFfleAAFWC41MDkAAAP1MIID8TCCAtmgAwIBAgIQQT1yx/RrH4FDffHSKFTfmjANBgkqhkiG9w0BAQUFADCBijELMAkGA1UEBhMCQ0gxEDAOBgNVBAoTB1dJU2VLZXkxGzAZBgNVBAsTEkNvcHlyaWdodCAoYykgMjAwNTEiMCAGA1UECxMZT0lTVEUgRm91bmRhdGlvbiBFbmRvcnNlZDEoMCYGA1UEAxMfT0lTVEUgV0lTZUtleSBHbG9iYWwgUm9vdCBHQSBDQTAeFw0wNTEyMTExNjAzNDRaFw0zNzEyMTExNjA5NTFaMIGKMQswCQYDVQQGEwJDSDEQMA4GA1UEChMHV0lTZUtleTEbMBkGA1UECxMSQ29weXJpZ2h0IChjKSAyMDA1MSIwIAYDVQQLExlPSVNURSBGb3VuZGF0aW9uIEVuZG9yc2VkMSgwJgYDVQQDEx9PSVNURSBXSVNlS2V5IEdsb2JhbCBSb290IEdBIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0+zAJs9Nt350UlqaxBJH+zYK7LG+DKBKUOVTJoZIyEVRd7jyBxRVVuuk+g3/ytr6dTqvirdqFEr12bDYVxgAsj1znJ7O7jyTmUIms2kahnBAbtzptf2w93NvKSLtZlhuAGio9RN1AU9ka34tAhxZK9w8RxrfvbDd50kc3vkDIzh2TbhmYsFmQvtRTEJysIA2/dyoJaqlYfQjse2YXMNdmaM3Bu0Y6Kff5MTMPGhJ9vZ/yxViJGg4E8HsChWjBgbl0SOid3gF27nKu+POQoxhILYQBRJLnpB5Kf+42TMwVlxSywhp1t94B3RLoGbw9ho972WG6xwsRYUC9tguSYBBQIDAQABo1EwTzALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUswN+rja8sHnR3JQmthG+IbJphpQwEAYJKwYBBAGCNxUBBAMCAQAwDQYJKoZIhvcNAQEFBQADggEBAEuh/wuHbrP5wUOxSPMowB0uyQlB+pQAHKSkq0lPjz0e701vvbyk9vImMMkQyh2I+3QZH4VFvbBsUfk2ftv1TDI6QU9bR8/oCy22xBmddMVHxjtqD6wU2zz0c5ypBd8A3HR4+vg1YFkCExh8vPtNsCBtQ7tgMHpnM1zFmdH4LTlSc/uMqpclXHLZCB6rTjzjgTGfA6b7wP4piFXahNVQA7bihKOmNqoROgHhGEvWRGizPflTdISzRpFGlgC3gCy24eMQ4tui5yiPAZZiFj4A4xylNoEYokxSdsARo27mHbrjWr42U8U+dY+GaSlYU7Wcu2+fXMUY7N0v4ZjJ/L7fCg0AAAACAAtkc3Ryb290Y2F4MwAAAXCcV+V4AAVYLjUwOQAAA04wggNKMIICMqADAgECAhBEr7CA1qMnuokwOYYu+EBrMA0GCSqGSIb3DQEBBQUAMD8xJDAiBgNVBAoTG0RpZ2l0YWwgU2lnbmF0dXJlIFRydXN0IENvLjEXMBUGA1UEAxMORFNUIFJvb3QgQ0EgWDMwHhcNMDAwOTMwMjExMjE5WhcNMjEwOTMwMTQwMTE1WjA/MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMTDkRTVCBSb290IENBIFgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA36/pl1AIg1e0zGJl9pCC7MfTLGswylvs2cN9x0DBGBSL4Ogzdkkq4z8hSZOsTg6vPkjLZe780yEPZdIq2TKPjOX3d7ASe7WVwImjqbrtcy56DAYyg6J+ihQwzRGg4So4uXkKMf1QvYBl37dRY4PI4ohh6kthgexSa7mi4ksaKJ9Io54M2gmOPhcuHt0g31vGKoqrLr1wrcULGiWQdHLFe2qrNNYwif/laBN7VAvI1q7sWpySHj1ks4zG37/JQXDsFnLVJuw4VTlD0Pz9GFxA8Zfr1ZqbjR262iW5xtjfwRUCOqvabvE+LvVcCJw81oNp5BCbGSq2KVfj5T2bn/ACXQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUxKexpHsscfrb4UuQdf/EFWCFiRAwDQYJKoZIhvcNAQEFBQADggEBAKMaLJsXAFypHu4oZjc6v4PHP0vDCaCVIF3j2VlE0j4NPr2KS6B0H84Qgpx0Gh1+mBrdyxNLsyBE5JHpzPx9pdtq5f7m/eBO3bcAOrVwSa/y5esC8dECixnLlDpeSMQYHlgZXx4CWvAM8bGtqdxZhotu6ZH1hsr6uWYzqllbzuKnFnNHyyvMmbA3SM/jVkv1zw8McjKHxvBEu1NybUP1JkiaUme3WKv+Z3ZxeNsNolYUEzkkMYWiqAJaMEfh3VAHvAIJkADrZGNgmxa8iMkS5tJ9kYv5PTKNZbTpfLFXdurFtig5vxVlHMj2d5ZqCo13C9iRCwSOB9sptgrunYI1NRAAAAACAAhjZXJ0aWduYQAAAXCcV+V4AAVYLjUwOQAAA6wwggOoMIICkKADAgECAgkA/tzjAQ/JSP8wDQYJKoZIhvcNAQEFBQAwNDELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCURoaW15b3RpczERMA8GA1UEAwwIQ2VydGlnbmEwHhcNMDcwNjI5MTUxMzA1WhcNMjcwNjI5MTUxMzA1WjA0MQswCQYDVQQGEwJGUjESMBAGA1UECgwJRGhpbXlvdGlzMREwDwYDVQQDDAhDZXJ0aWduYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMho8cnW1rM0dSaCHuy0vupc4SbtEUdh4aJ8FnhAIeRgnlrIY+HEsZaS/xhtaSPhK2L33eI2L5EHuUjPDux5tiznNEtwCCWjPIcbGfKBBw84kBnTEf6GtPLRXh4els2AbM47MZO28qDQqZUSfaWazGvIhFaKM6nnIhVTFvDMF+xXX+miCpgJ3uNfnG/cSOOFCxVaprqfrEjjCbL39DLeXjS+HHhdQlvODiKPTZDXfTIYswssar+OPxQRiSAOdxS1PZQIh/clHtWyYADsbyooJW4qPhhjFyU/PkQgFvYmyCWuBUq052Ms84wWU35c+xEaCMFGYp8iuPHCjWnc+jpYBt8CAwEAAaOBvDCBuTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQa7f5BOZC0JFm+AfJS1UX2WjncETBkBgNVHSMEXTBbgBQa7f5BOZC0JFm+AfJS1UX2WjncEaE4pDYwNDELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCURoaW15b3RpczERMA8GA1UEAwwIQ2VydGlnbmGCCQD+3OMBD8lI/zAOBgNVHQ8BAf8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgAHMA0GCSqGSIb3DQEBBQUAA4IBAQCFAx6ScfZCr+GjYZ7r88AP8qXU2pXm1r5oNj1+bh9Miu/RDyFtXqVSY84S+O8q2m/rN/4TAsfLOz4ia9phLn/Ucj3dMOEeTEAZjA/XnNGDMHuYWdx9xrkMKUyhM6LrZzplhNOW4u12RXCPtSve+SPWSW48FLXGnzUeUNDBj2pwRAJiy64daEGnqlfoU6oH0gb21RQGC5EDdSxscrVhlZoNi7kN5/XfVM3e5tjWCQiXY+XBLrC3RCbAJsCvVTCeO9U2KhkE9Fwe/88st//Q/YdAEdURI7tIwCGppCgt/RX4sE4r9DBbIfwRkTS+Qe97nZd1/5eVwJZYL+q7Rte75NkuAAAAAgAdZGlnaWNlcnRoaWdoYXNzdXJhbmNlZXZyb290Y2EAAAFwnFfleAAFWC41MDkAAAPJMIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBsMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5jZSBFViBSb290IENBMB4XDTA2MTExMDAwMDAwMFoXDTMxMTExMDAwMDAwMFowbDELMAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTErMCkGA1UEAxMiRGlnaUNlcnQgSGlnaCBBc3N1cmFuY2UgRVYgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbM5XPm+9S75S0tMqbf5YE/yc0lSbZxKsPVlDRnogocsF9ppkCxxLeyj9CYpKlBWTrT3JTWPNt0OKRKzE0lgvdKpVMSOO7zSW1xkX5jtqumX8OkhPhPYlG++MXs2ziS4wblCJEMxChBVfvLWokVfnHoNb9Ncgk9vjo4UFt3MRuNs8ckRZqnrG0AFFoEt7oT61EKmEFBIk5lYYeBQVCmeVyJ3hlKV9Uu5l0cUyx+mM0aBhakaHPQNAQTXKFx01p8VdteZOE3hzBWBOURtCmAEvF5OYiiAhF8J2a3iLd48soKqDirCmTCv2ZdlYTBoSUeh10aUAsgEsxBu24LUTi4S8sCAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFLE+w2kD+L9HAdSYJhoIAu9jZCvDMB8GA1UdIwQYMBaAFLE+w2kD+L9HAdSYJhoIAu9jZCvDMA0GCSqGSIb3DQEBBQUAA4IBAQAcGgaX3NecnzyIZgYIVyHbIUf4KmeqvxgydkAQV8GK83rZEWWONfqe/EW1ntlMMUu4kehDLI6zeM7b41N5cdblIZQB2lWHmiRk9opmzN6cN82oNLFpmyPInngiK3BD41VHMWEZ71jFhS9OMPagMRYjyOfiZRYzy78aG6A9+MpeizGLYAiJLQwGXFK3xPkKmNEVX58Svnw2Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCevEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep+OkuE6N36B9KAAAAAgAbY2hhbWJlcnNvZmNvbW1lcmNlcm9vdC0yMDA4AAABcJxX5XgABVguNTA5AAAHUzCCB08wggU3oAMCAQICCQCj2kJ+pLGu2jANBgkqhkiG9w0BAQUFADCBrjELMAkGA1UEBhMCRVUxQzBBBgNVBAcTOk1hZHJpZCAoc2VlIGN1cnJlbnQgYWRkcmVzcyBhdCB3d3cuY2FtZXJmaXJtYS5jb20vYWRkcmVzcykxEjAQBgNVBAUTCUE4Mjc0MzI4NzEbMBkGA1UEChMSQUMgQ2FtZXJmaXJtYSBTLkEuMSkwJwYDVQQDEyBDaGFtYmVycyBvZiBDb21tZXJjZSBSb290IC0gMjAwODAeFw0wODA4MDExMjI5NTBaFw0zODA3MzExMjI5NTBaMIGuMQswCQYDVQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xKTAnBgNVBAMTIENoYW1iZXJzIG9mIENvbW1lcmNlIFJvb3QgLSAyMDA4MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArwDLcDcrgFpKOmx4lH2jfxof9jXVvdvLDURyPiaykFK6YzsoWG+ls22UpvPdZAxV9vbn8iIigF7hYsa2KeGBbPK/5X0yalSgMhlZ/h+L1z1ghoUkb+MRs3c+IJY1IWuzCNlwLmT3hJJT1g6wkIqK44eNBtO9kA7imaEbhg7amgq7C2FQBlLxnn927MsP0B4Nz5kwPRzERRBYrNbT6Nfl6sUBB3fWUeYDf4pIpU1odbnpvJ5OGXH1MkucbWAZC/vMnXXcvybNj5N4OXlzXiUOylzrdxIHy2RBR3KTq1DD6wl2ZDTSObd2EQkNdkXEqa49aq+1fWUvlFgQ7Fx8r37ithjZ0JtOWknfqWYLzDzGeHynnB3jzo5TvgXeYA9r5RrbP+PhIckpwfHrB5xSGwFEUTx7JdfE5VJUXSUHyhYguK3kQe56CP6Zb4OmkQKwbDZVaud99ZbmyoHWl/GUg+ntsLFrEmkerPtdqcWY6bRbWHq+PaJEOmNZ1Asl3htPveUBns3SKdWfFxkKb78MkNMJX9njijXMeVpNGTeSt8TBra/0eSSasgELsa9clvOAMvtcPZjxoD9K3r6vlC7ZVZoXbmCdY2y4Y8mugVwYNeCQu748TzciuX7rz553IaY9OIH7SNoxPSvjifXQtb1+4FDEEomzI5oQMYXbrm/vODMYdhECAwEAAaOCAWwwggFoMBIGA1UdEwEB/wQIMAYBAf8CAQwwHQYDVR0OBBYEFPkkrA+ytfh5wPpgiBvE2U0CnhcZMIHjBgNVHSMEgdswgdiAFPkkrA+ytfh5wPpgiBvE2U0CnhcZoYG0pIGxMIGuMQswCQYDVQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xKTAnBgNVBAMTIENoYW1iZXJzIG9mIENvbW1lcmNlIFJvb3QgLSAyMDA4ggkAo9pCfqSxrtowDgYDVR0PAQH/BAQDAgEGMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRwOi8vcG9saWN5LmNhbWVyZmlybWEuY29tMA0GCSqGSIb3DQEBBQUAA4ICAQCQEq8iNcKjOfAu3um16Xh8SL4/fUWSXunasRn8FjyftFtmnmrnw7ldiOgPrc8jD94lOl7MT6XBtS2sJNJYB96iz2mEYDPoEA0TqSPQheWOe6aePXITcjP1qn3GYx8I9P4BfyTPKyxUCd7iK22SxjlPFuo8fnpG1EVqRqjrdYJWp6ugfGgTM/adMPBvJzkkIyqQ/ZApNfKT3zSlxvf474wPYkp8rtP1VPiNtppWhxaCOjOrWiII94K66i7gR5q0tUWjBTvZ3C5FQDvq3H/oO+vR7CbYNaQwxTqsV56zdqUge/keSgViAaYodWCXkg1uPk03Qw2SFZwYIs1RmaApGjxfijIzWzDHiS9HmA+jA8b28azfMvDZgRrknL32gBTw0Sy5hfXYo7HIpSHlHBOX7g693ymp7zRTW9PkahOEBrYyAsRSriLS3LIhQhraQPApyewKDFzi0LrMSNM3CswSCop5sD0Df2lL9DQgfbM06o5LZPU+/bMjZxUNBLjwLcEJUTyybBXwpSPXg3Tk5S7J/pgnQsarxp6w0Fs4pZtQ3n4YmLVFO/Z5tOj3GnsGg/vQi9q7x70YqwhvPIBrQD8ZGbpliua+1VzTNtfvQFIkYDhnBDHsj/OCxt65VfM7MZFa3LUIFa12JQoNey6H4gymBrwmEG03nezdeIx8gMXw2XdI0AAAAAIAEnNvbmVyYWNsYXNzMnJvb3RjYQAAAXCcV+V4AAVYLjUwOQAAAyQwggMgMIICCKADAgECAgEdMA0GCSqGSIb3DQEBBQUAMDkxCzAJBgNVBAYTAkZJMQ8wDQYDVQQKEwZTb25lcmExGTAXBgNVBAMTEFNvbmVyYSBDbGFzczIgQ0EwHhcNMDEwNDA2MDcyOTQwWhcNMjEwNDA2MDcyOTQwWjA5MQswCQYDVQQGEwJGSTEPMA0GA1UEChMGU29uZXJhMRkwFwYDVQQDExBTb25lcmEgQ2xhc3MyIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBdKNZ3K8A2Wx0T6Fjf8SL29f4AtNTvhb6hnqb8DHE2MbzJH1UFopBMEwTUMmoRD/Fwd/4mz6BcYzZFf+4nj6r9OXXwbJtN1ee3mhONX5a0pxPQ6KOele4Q2abP9Xna9oy2Z05BOIyh9GGPxVDsmnXZbl0Ky/67wTuzdOZVOgwZ/50lAyMUBslRaZh09/PnpPAqegbhw8AGL5CNUfMiu+JAeAJZy1FTPYSO86vudApXRtrlxOmkIPw+04ULHiPU/mKinuhzgcXHvWFeBUHpca3RGDoMDmMOOqG7ydjJuJ4PCc/PcGOi0k+p1RGsEYCBxV4ed876gkCM9iiTh2iHbwwIDAQABozMwMTAPBgNVHRMBAf8EBTADAQH/MBEGA1UdDgQKBAhKoKpYhNNePDALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAFrOh/kWchVXSx3Zm+eiJjDsk2ff1i3SNK/3OKXOqxa5qy98Ncus0A+0TCv8gO9rjJFfNnb327MbGer0shH9YXFEvyizOh2/s0Pon7/cMQhxsJ2N1jRHMpDGZST3oEp8BHOPOW8XjHK1vUvIevh7g8MoTpwJ6mc/smcEG8MU2vjnSSSR0B1q+mE572vnIXUGB9gStCEgcEJxgdo8mja+plsNamyaH5F7+fnvQrpOTp7MDI2U3NlFnF7sQlBjrvRdxLES3Mo7qC6dFFoFdbfs12PiujW2BAiR6NqdnPZmtRisCqZUJjQz0hvB1H8aOo4LqjJu2/xPJZ/ZMseWWnCs30wAAAACACJ1c2VydHJ1c3Ryc2FjZXJ0aWZpY2F0aW9uYXV0aG9yaXR5AAABcJxX5XgABVguNTA5AAAF4jCCBd4wggPGoAMCAQICEAH9bTD8o8pRqBu8ZA41Ay0wDQYJKoZIhvcNAQEMBQAwgYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTEwMDIwMTAwMDAwMFoXDTM4MDExODIzNTk1OVowgYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAgBJlFzYOw9sIs9CsVw127c0n00ytUINh4qogTQktZAnczomfzD2p7PbPwdzx07HWezcoEStH2jnGvDoZtF+mvX2do2NCtnbyqTsrkfjib9DsFiCQCT7i6HTJGLSR1GJk23+jBvGIGGqQIjy8/hPwhxR79uQfjtTkUcYRZ0YIUcuGFFQ/vDP+fmyc/xadGL1RjjWmp2bIcmfbIWax1Jt4A8BQOujM8Ny8nkz+rwWWNR9XWrf/zvk9tyy29lTdyOcSOk2uTIq3XJq0tyA9yn8iNK5+O2hmAUTnAU5GU5szYPeUvlM3kHND8zLDU+/bqv50TmnHa4xgk97Exwzf4TKuzJM7UXiVZ4vuPVb+DNBpDxsP8yUmazNt925H+nND5X4OpWaxKXwyhGNVicQNwZNUMBkTrNN9N6frXTpsNVzbQdcS2qlJC9/YgIoJk2KOtWbPJYjNhLixP6Q5D9kCnusSTJV882sFqV4Wg8y4Z+LoE53MW4LTTLPtW//e5XOsIzstAL81VXQJSdhJWBp/kjbmUZIO8yZ9HE0XvMnsQybQv0FfQKlERPSZ51eHnlAfV1SoPv10Yy+xUGUJ5lhCLkMaTLTwJUdZ+gQek9QmRkpQgbLevni3/GcV4clXhB4PY9bpYrrWX1Uu6lzGKAgEJTm4Diup8kyXHAc/DVL17e8vgg8CAwEAAaNCMEAwHQYDVR0OBBYEFFN5v1qqK0rPVIDh2JvAnfKyA2bLMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBDAUAA4ICAQBc1HwNz/cBfUGZZQxzxVKfy/jPmQZ/G9pDFZ+eAlVXlhTxUjwnh5Qo7R86ATeidvxTUMCEm8ZrTrqMIU+ijlVikfNpFdi8iOPEqgv976jpS1UqBiBtVXgpGe5fMFxLJBFV/ySabl4qK+4LTZ9/9wE4lBSVQwcJ+2Cp7hyrEoygml6nmGpZbYs/CPvI0UWvGBVkkBIPcyguxeIkTvxY7PD0Rf4is+svjtLZRWEFwZdvqHZyj4uMNq+/DQXOcY3mpm8fbKZxYsXY0INyDPFnEYkMnBNMcjTfvNVx36px3eG5bIw8El1l2r1XErZDa//l3k1mEVHPma7sF7bocZGM3kn+3TVxohUnlBzPYeMmu2+jZyUhXebdHQsuaBs7gq/sg2eF1JhRdLG5mYCJ/394GVx5SmAukkCuTDcqLMnHYsgOXfc2W8rgJSUBtN0aB5x3AD/Q3NXsPdT6uz/MhdZvf6kt37kC9/WXmrU12sNnsIdKqSieI47/XCdr4bBP8wfuAC7UWYfLUkGV6vRH1+5kQVV8jVkCld1incK57loodISlm7eQxwwH3/WJNnQy1ijBsLAL4JxMwxzW/ONptUdGgS+igqvTY0RwxI3/LTO6rY97tXCIrj4Zz0Ao2PzIkLtdmSL1UuZYxR+IMUPuiB3Xxo48Q2odpxjefT0W8WL5ypCo/QAAAAIAE2dlb3RydXN0dW5pdmVyc2FsY2EAAAFwnFfleAAFWC41MDkAAAVsMIIFaDCCA1CgAwIBAgIBATANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEeMBwGA1UEAxMVR2VvVHJ1c3QgVW5pdmVyc2FsIENBMB4XDTA0MDMwNDA1MDAwMFoXDTI5MDMwNDA1MDAwMFowRTELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xHjAcBgNVBAMTFUdlb1RydXN0IFVuaXZlcnNhbCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKYVVaCjxuAfjJ0hUNfBvitbtaSeodlyWL0AG0y/YckUHUWCq8YdgNY96xCcOq9tJPi8cQGeBvV8Xx7BDlXKg5pZMK4ZyzBIle0iN430SppyZj6tlcDgFgDgEB8rMQ7XlFTTQjOgNB0eRXbdT8oYN+yFFXoZCPzVx5zw8qkuEKmS5j1YPakWaDwvdSEYfyh3peFhF7em6fgemdtzbvQKoiFs7tqqhZJmr/Z6a4LauiIINQ/PQvE1+mrufislzDoR5G2vc7J2Ha3QsnhnGqQ5HFELZ1aD/ThdDc7d8Lsrlh/eezJS/R27tQahsiFepdaVaH/wmZ7cRQg+59IJDTWU3YBOU5fXtQlEIGQWFwMCTFMNaN7VqnJNk22CDtucvc+081xdVHppCZbW2xHBjXWotM85yM48vCR85mLK4b19p71XZQvk/iXttmkQ3CgaRr0BHdCXteGYO8A3ZNY9lO4L4fUorgtWv3GLIylBjobFS1J72HGrH4oVpjuDWtdYAVHGTEHZf9hBZ3KiKN9gg6meyHv8U3NyWfWTehd2Ds735VzZC1U0oqpbtWpU5xPKV+yXbfReBi9Fi1jUIxaS5BZuKGNZMN9QAZxjiRqf2xeUgnA3wySemkfWWspOqGmJch+RbNt+nhutxx9z3SxPGWX9f5NAEC7S8O08ni4oPmkmM8V7AgMBAAGjYzBhMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNq7LqqwDLiIJlF0XG0D08DYj3rWMB8GA1UdIwQYMBaAFNq7LqqwDLiIJlF0XG0D08DYj3rWMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQUFAAOCAgEAMXjmx7XfuJRAyXHEqDXsRh3ChfMoWIawC/yOsjmPRFWrZIRcaanQmjg8+uUfNeVE44B5lGiku8SfPeE0zTBGi1QrlaXv9z+ZhP015s8xxtxqv6fXIwjhmF7DWgh2qaavdy+3YL1ERmrvl/9zlcGO6JP7/TG37FcREUWbMPEaiDnBTzynANXH/KttgCJwpQzgXQQpAvvLoJHRfNbDflDVnVi+QTjruXU8FdmbyUqDWcDaU/0zuzYYm4UPFd3uLax2k7nZAY1IEKj79TiG8dsKxr2EoyNB3tZ3b4XUhRxQ4K5RirqNPnbiucon8l+f725ZDQbYKxek0nxru18UGkiPGkzns0ccjkxFKyDuSN/n3QmOGKjaQI2SJhFTYXNd673nxE0pN2HrrDktZy4W1vUAg4WhzH92xH3kt0tm7wNFYGm2DFKWkoRepqO1pD4r2czYG0eq8kTaT/kD6PAUyz/zg97QwVTjt+gKN02LIFkDMBmhLMi9ER/frslKxfMnZmaGrGiR/9nmUxwPi1xpZQomyB40w11Re9epnAahNt3ViZS82eQtDF4JbAiXfKM9fJP/P6EUp8+1Xevb2xzEdt+Iub1FBZUbrvxGakyvSOPOrg/SfuvmbJxPgWp6ZKy7PtXny3YuxadIwVyQD8vIP/rmMuGNG2+k5o7Y+SlIis5z/iwAAAACAA5jZXJ0c2lnbnJvb3RjYQAAAXCcV+V4AAVYLjUwOQAAAzwwggM4MIICIKADAgECAgYgBgUWcAIwDQYJKoZIhvcNAQEFBQAwOzELMAkGA1UEBhMCUk8xETAPBgNVBAoTCGNlcnRTSUdOMRkwFwYDVQQLExBjZXJ0U0lHTiBST09UIENBMB4XDTA2MDcwNDE3MjAwNFoXDTMxMDcwNDE3MjAwNFowOzELMAkGA1UEBhMCUk8xETAPBgNVBAoTCGNlcnRTSUdOMRkwFwYDVQQLExBjZXJ0U0lHTiBST09UIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzO5fsglSo6127QoG6pXkOjRItNkutOT6NSshmFAamBXaFSETbxqVAIF/9+bmiquXQePSsMof+/7K/p58cet8BBTJJCLZsmoiKuvWqMA6b66Ru5bc3ssF4KBXmIsoQJls73FKwB+xPwDM1cN7eL6zl1F1jjNNbaywdCcgUqq5LIBXB2PX5nEsa3biCHrkAiCgPMwo0PmkIKuVShJ7VvXqRA4Dv6PTFubRupB9bAIdMPQiDO2fNd039yE0UMOdTmhJUAo6njLDiwuOZ2Mi24WHC8mghDi42WUCgTAXvddW/gQ4tC6ekv73jcAABpbKOPSnHM+MoeYoclRL9ferDOzTwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBxjAdBgNVHQ4EFgQU4Iyb2yVJs/F8htayQocL0Gug2eQwDQYJKoZIhvcNAQEFBQADggEBAD7SHIkuNfz4dd3mf2WI9HJMySzXMk7z3Rl5R72OO1uTD1BJJBNrFAZy7wnToaHjQITJ5xgydDxIbg+fS9T3HtOThmRUl2NyUNVVz/ogkwKim8Mjk04WVXagcHltzSEfzy8tvBnjiDH4WRqBCciXpnTHYMRbzFeOsnX9GwIJ21lvcpNp9zFB1og4v4eyvRZ5+arkvogl3WEnIxy1MQcENrQakL2gdHFQiW28FOMPhq7xqz7HoAnMo0jR4Ntk55K1z69yQ3CL+cOEPBOqfpKbV1OT+nDCkQ4x+ZtnXemWOF5fs3NOiBVn3p52EGIgvlVplUMAOU327rBaTklEVFhfQoMAAAACAA1hbWF6b25yb290Y2E0AAABcJxX5XgABVguNTA5AAAB9jCCAfIwggF4oAMCAQICEwZsn9fBuxBMKUPlcXt7LMgawQ4wCgYIKoZIzj0EAwMwOTELMAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJvb3QgQ0EgNDAeFw0xNTA1MjYwMDAwMDBaFw00MDA1MjYwMDAwMDBaMDkxCzAJBgNVBAYTAlVTMQ8wDQYDVQQKEwZBbWF6b24xGTAXBgNVBAMTEEFtYXpvbiBSb290IENBIDQwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATSq4o3T6NTDf7BintLqHtGS2OwYvYtG9sIcSHSAOhjvZon+/A5bl3qPaXJgaqjWyCYRV0W2/3oEG3jnODjvV+EYvNwZDOgyyQvcLqIoSqgdfiBrmIGxIHbOW4psB76LlyjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBTT7Mc6ZW7M4dp2mlb7nPOGbVflgTAKBggqhkjOPQQDAwNoADBlAjA6iyHxvX4RrdDvWJYv1uudfpCNK89mVcMs4yipcApHDvA3WRL/LZmUKE4qTzVNM1oCMQDqdQBOO8Q6lBKRyVhGnSETcqeInIrkTErbltSsi2trSRJTM63X5L4k/LUKdtSlvBAAAAACAA1hbWF6b25yb290Y2EzAAABcJxX5XgABVguNTA5AAABujCCAbYwggFboAMCAQICEwZsn9V0lzZmPzsLmtnonnYD8kowCgYIKoZIzj0EAwIwOTELMAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJvb3QgQ0EgMzAeFw0xNTA1MjYwMDAwMDBaFw00MDA1MjYwMDAwMDBaMDkxCzAJBgNVBAYTAlVTMQ8wDQYDVQQKEwZBbWF6b24xGTAXBgNVBAMTEEFtYXpvbiBSb290IENBIDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQpl6fGQX/ADZvoARtWxvJSpbotshLo0i7X+snF2KptH3OBOzuYazl8M6XFToaOgBdoYkVXfURYHbM35WcI62beo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUq7bb1waeN6wwhgeRcMecxBmxeMAwCgYIKoZIzj0EAwIDSQAwRgIhAOCFkqMXt435Kwalk6wamGhhcvrhodD7HHhgpkOZxbjEAiEAnALv8ZScs5b568Yq+LYs/jqQFBbXjGMkSBzfMH3VaDsAAAACAA1hbWF6b25yb290Y2EyAAABcJxX5XgABVguNTA5AAAFRTCCBUEwggMpoAMCAQICEwZsn9KWNYafCg/lhnj4Wya7ijcwDQYJKoZIhvcNAQEMBQAwOTELMAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJvb3QgQ0EgMjAeFw0xNTA1MjYwMDAwMDBaFw00MDA1MjYwMDAwMDBaMDkxCzAJBgNVBAYTAlVTMQ8wDQYDVQQKEwZBbWF6b24xGTAXBgNVBAMTEEFtYXpvbiBSb290IENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCtlp8tnEpMSoF5UZnsistrYFETvE1tBvywCI3dGRBqxyYMNdjAbyCE6ZSxm4UDw1vbSujI+JB22VtP40zoBjZNzJqsPQyQK5LUBhlgrDdEeYWBgq1aN+ANzJ2mTFJ26kOdtwTRUPZV4NXSpkmF6Tfpyn6uXJVNSJo/riBabYiV2TS4UhpDkLC/bAW5tni36tDkOjwSU2L/SvJ7vjUFqRI04/NkdGIsPQBJWij+MkS7h91lJwJxO9pK9x/azfchVZBPD+yuguGfa9lF07vwX4ftPCw5hto/3uxyVet5o63b3XywuhzO/N5PNXbPD/h4H2o2UUYnYVvpns/wolV9fCWKby+0xc+ELiv9DVEQbPtfG7wbfsWuO5gBMZL/C1f0mrK5V+mr7w120fDu9M6Gp+Bu6bRpod9p9jPGaS6XE56lh7BXEIE3yVOzu3/2ktGc0Bj0km7ag0+mY5lMpfte7yFkeiBfbGSFFcs36WIMCyoW3AEuMto+S/WeOvYXQJTvnpEIhvq+Y6haM+zLdEOV+WxpUjbHKW/8VQNcH/ufvUfr50lHlQtOiSIJSeD1YR7xvy6Kcm6AWf9XOvl1MqNOX+ztKGLZTXPyzIEXYO3N69zbp8rFfgK98lQIVP20LQksF1RKmNFU4VFnCNLtbn5vP9ItgVkpZsuQOZURHnQn/t3rrwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUsAzwTDD0BVgCSP0z5VKvS4TjZlIwDQYJKoZIhvcNAQEMBQADggIBAKqogI8OeKPgotTN5vWYejvqAAOwlw6TvFqo9iyMcoepsfx/c/1jcXilh1nPMOENELITWm2C9WrmgJ+gBQto5Edrx2rftv13MnLlGPoJ9KCTLF3SjHWFdmWQDAN5tzEjY614gwmGaITK//nPJpqSeefNS8XnYacXy/OpEpOTa6foL1OSxGBYsMwCURhbhY1iWWO2rbTemvsm9wAnwF1VN3SZyVB/41kuROMsJe7sTDJ3tJ8a6UtdIMXa/RyHFsZD6NS7JppFcF6pCzdT4kZ7J/3gRvKJt8xCtssoJm7Zpck6yEETYPdQjBWusm0aFRpXeOaSKtllkII/bAKvrhI6J5Y2BNcdooBjqZvx5bq0fBSwTsmxH3RfOPZR6pv6LKIR1KktJxpFsa+yTnENwFhG1mkGy1PLs/5rQc1Bfn1MD3xyeXpZzV5KDqybqZhzeXy09My5uAcMsnRcuMdviKGQp/Sq+b9nOvQaFWIet5++PbEpr2ehEvJYEBlTAzAbuBqJ9py9lwOOownzHYsh8bTf5BzRn2UCBupc1hOzhO+ipVyMdymnaMBrrkDSqLTqzfCNSzicGZobKFS4iZDvynWBPh7yZCTHGK9O/0eeB/Y1ZaTTClb/9RdkbO+oIiVJk7bfABfaWH5d7sUbsNHRXyEQx/nzugIKJwfF8dbH0+D7CWBsAAAAAgArdmVyaXNpZ251bml2ZXJzYWxyb290Y2VydGlmaWNhdGlvbmF1dGhvcml0eQAAAXCcV+V4AAVYLjUwOQAABL0wggS5MIIDoaADAgECAhBAGsRkIbMTIQMOu+QSGsUdMA0GCSqGSIb3DQEBCwUAMIG9MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAyMDA4IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxODA2BgNVBAMTL1ZlcmlTaWduIFVuaXZlcnNhbCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDQwMjAwMDAwMFoXDTM3MTIwMTIzNTk1OVowgb0xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazE6MDgGA1UECxMxKGMpIDIwMDggVmVyaVNpZ24sIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTE4MDYGA1UEAxMvVmVyaVNpZ24gVW5pdmVyc2FsIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHYTdesQE022LXFZv/WFqMIyPWYI6R15CYg3rmWBk4jMX25WSFtKJx++29udrNTQC0yC1zpcdpcZUfOTyyRAec6A76TUrEId8pYY8yImGCxYcfbox8XxYgUUTRcE9X6uMc48x57ljYDsKzRZPALOeaFyt7ADd6QTN44TPi8xAaf4csvvb190Li5b+HYolfAEvfxd3kdUQyQToecW5pywt1RgjRytIrldDP+7lAa2SMV038ExF5hO1eVPY0nwgB8xAlBhdK2vEdemZrmGBmpNnv0i6C8fDvCepEyRVq4gNuM9Osn1UAx/YIapS5X9zgM/GEYPlbJxG0/Bbyu1ZqgCWNAgMBAAGjgbIwga8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFLZ3+mlIR59TEtXC6gcydgfRlwcZMA0GCSqGSIb3DQEBCwUAA4IBAQBK+PiwA+YsZ3vklHdjzG5M+X0ODdzIuTW5cE9j+iT6bIOMR507Y/Oa+XYylZGxd7ysmr6x5DEhxoGVVloOscLUsaZZrPFjy7hMHVmQSu+QFigfWq4Q+4FQOAxszPE9w/Vj47PjIckkOen9FWZG9BsR0E1zo31G+T3tqF9i1PE/+OB0VysYnYG0xCjalJelcOusHb4HEfDV293ljPDVMrCD5lfij7++oaq/PR211Djq17BcOk9qP4/AZmxjqunZpBb0gdGVFA59zZU02dKPcHOBe5x+vZhh2EWHmJDF64YwxjW/8P/DVYiDS+8FkgZx8riYk7fszYJh8TjmT5eYKlqNAAAAAgAUdHJ1c3Rjb3Jyb290Y2VydGNhLTIAAAFwnFfleAAFWC41MDkAAAYzMIIGLzCCBBegAwIBAgIIJaHfyjPLWQIwDQYJKoZIhvcNAQELBQAwgaQxCzAJBgNVBAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1BhbmFtYSBDaXR5MSQwIgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4xJzAlBgNVBAsMHlRydXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0eTEfMB0GA1UEAwwWVHJ1c3RDb3IgUm9vdENlcnQgQ0EtMjAeFw0xNjAyMDQxMjMyMjNaFw0zNDEyMzExNzI2MzlaMIGkMQswCQYDVQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEkMCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5UcnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxHzAdBgNVBAMMFlRydXN0Q29yIFJvb3RDZXJ0IENBLTIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCnIG7CKqJiJJWQdsg4foDSq8GbZQWU9MEKENUCrO2fk8eHyLAnK0IMPQo+QVqedd2NyuCb7GgypGmSaIwLgQ5WoD4a3SwlFIIvl9NkRvRUqdw6VC0xK5mC8tkq1+9xALgxpL56JAfDQiDyitSSBBtlVkxs1Pu2YVpHI7TYabS3OtB0PAx1oYxOdqHp2yqlO/rOsP9+aij9JxzIsekp8VduZLTQwRVtDr4uDkbIXvRR/u8OYzo7cbrPb1nKDOObXUm4TOJXsZiKQlecdu/vvdFoqNL0Cbt3Nb4lggjEFixEIFapRBF37120Hapeaz6LMvYHL1cEksr1/p3C6eizjkxLAjHZ5DxIgif3GIJ2SDpxsROhOdUuxTTCHWKF3wP+TfSvPd9cW436cOGlfifHhi5qjxLGhF5DUVCcGZt45vz27Ud+ez1m7xMTiF88oWP7+ayHNZ/zgp6kPwqcMWmLmaSISo5uZk3vFsQPeSghYA2FFn3XVDjxklb9tTNMg9zXEJ9L/cb4Qr26fHMC4P99zVvh1Kxhe1fVSntb1IVYJ12/+CtgrKAmrhQhJ8Z3mjOAPF5GP/fDsaOGM8boXg25NSyqRsGFAnWAoOsk+xWq5Gd/bnc/9ASKL3x74xdh8N0JqSDIvgmk0H5Ew7IwSjiqqewYmgeCK9u4nBit2uBGF6zPXQIDAQABo2MwYTAdBgNVHQ4EFgQU2f4hQG6UnrybPZx9mCAZ5YwwYrIwHwYDVR0jBBgwFoAU2f4hQG6UnrybPZx9mCAZ5YwwYrIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADggIBAJ5Fngw7tu/hOsh80QA9z+LqBrWyOrsGS2h60COXdKcs8AjYeVrXWoSK2BKaG9l9XE1wxaX5q+WjiYndAfrs3fnpkpfbsEZC89NiqpX+MWcUaViQCqoL7jcjx1BRtPV+nuN79+TMQjItSQzL/0kMmx40/W5ulop5A7Zv2wnL/V9lFDfhOPXzYRZY5LVtDQsEGz9QLX+zx3oaFoBg+Iof6Rsqxvm6ARppv9JYx1RXCI/hOWB3S6xZhBqI8d3LT3jX5+EzLfzuQfogsL7L9ziUwOHQhQ+77Sxzq+3+knYaZH9bDTMJBzN7Bj8RpFxwPIXAz+OQqIN3+tvmxYxoZxBnpVIt8MSZj3+/0WvitUfW2dCFmU2Umw9Lje4AWkcdEQOsQRivh7dvDDqPys/cA8GiCcjl/YBeyGBCARsaU1q7N6a3vLqE6R5sGtRk2tRD/pOLS/IseRYQ1JMLiI+h2IYURpFHmygk71dSTlxCnKr3Sewn6EAes6aJInKc9Q0ztFijMDvd1GpUk74aTfOTlPf8hAs/hCBcNANExdqtvArBAs8e5ZTZ845b2EzwnexhF7sUMlQMAimTHpKG9n/v55IFDlndmQguLvqcAFLTxWYp5KeXRKQOKIETNcX2b2TmQcTVL8w0RSXPQQCWPUouwpaYT05KnJe32x+SMsj/D1Fu1uwJAAAAAgANYW1hem9ucm9vdGNhMQAAAXCcV+V4AAVYLjUwOQAAA0UwggNBMIICKaADAgECAhMGbJ/Pmb+MCjni8HiKQ+aWNlvKMA0GCSqGSIb3DQEBCwUAMDkxCzAJBgNVBAYTAlVTMQ8wDQYDVQQKEwZBbWF6b24xGTAXBgNVBAMTEEFtYXpvbiBSb290IENBIDEwHhcNMTUwNTI2MDAwMDAwWhcNMzgwMTE3MDAwMDAwWjA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24gUm9vdCBDQSAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsniAccp41eNxr0eAUHR9btjXiHb0mWj3WCFg+XSEAS+sAi2G06BDek6ypNA2ugG+jdtIyAcXNkz07ogjxz7rN/W1GfhJaLDe17l2OB1hnqT+gjal5UpW5EXh+f20Fvp02pybNTkv+rAgUAZsetCAsqb5r+xHGY9QOAfcooc5WPi61an5SGcwlu6UeF5viaNRwDCGZqFFZrpU66PDkflI3P/R6DAtfS10cDXXiCT3nsRZbrtzhxfyMkYouEP6tx2qyrTynyQOLUv3cVxeaf/qlQLLOIquUDhv2/stYhvFxx5U4XfgZ8gPnIcj1j9AIH8ggMSATD47JCaOBK5smsiqDQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUhBjMhTTsvAyUlC4IWZzHshBOCggwDQYJKoZIhvcNAQELBQADggEBAJjyN1pBkKEaxXZRKCA2Iw6u5ii7qviUrkikMH8b/CSNS7TIoZf2tvF6cMhTk8wIKOOYJc8jpPneIdN8hQmtTpp1OsILaol4dkRHGGVsjUGOO3+ay/S1p1DXBSw36ANLrelhoAJu9fLwxbLtW7fc+pRcd54TpX9SrZXy+JM73otcW8paUltgrxT3S++j+59AlW0xVPxC08dGHyOt2Q9IcJrZdXhx0XJDNHVuV1nCAlwmYCnPIxkWjohDpdTkywj7IxFD6EMpcmKhqV1eCNSQrrjYzhTC0FXyhvbEk0N3ZmHAuehB15d4YANuSnKupdF9uhCehmwbirlZM/jrxJC+8bkAAAACABR0cnVzdGNvcnJvb3RjZXJ0Y2EtMQAAAXCcV+V4AAVYLjUwOQAABDQwggQwMIIDGKADAgECAgkA2pvscfMDsBkwDQYJKoZIhvcNAQELBQAwgaQxCzAJBgNVBAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1BhbmFtYSBDaXR5MSQwIgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4xJzAlBgNVBAsMHlRydXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0eTEfMB0GA1UEAwwWVHJ1c3RDb3IgUm9vdENlcnQgQ0EtMTAeFw0xNjAyMDQxMjMyMTZaFw0yOTEyMzExNzIzMTZaMIGkMQswCQYDVQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEkMCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5UcnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxHzAdBgNVBAMMFlRydXN0Q29yIFJvb3RDZXJ0IENBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/jreV4sImEmszGcdAWAqrWaqNAKP8gMdQe47UICa6MhLYI1RJJRAimJ1G0sHJnk4bLiwOOPMaJWgcploF5h6LSL+YlnQ+acrptXilBrzVAF4JCvInelL8LdWx6rSJYSTzGhPbqc9S7Qwkurme7H4AdPqTrWwpkq5RtLvTV7+z86iNnPQkSyrWmZ70nv7AfkI65wuVU9q3aA6QTPtwP49KLJTzJt1jaamU2BBOxUcIkJkbF025bG7vYJURjiGAtb2gc9jQsnfERepaJvtmdnb4Bh9hbQ9VxYO3EFZyBgel87EaAwVkDp1aitaGcBsk3v4oiivQarD8eqLcsnkOi2UPAgMBAAGjYzBhMB0GA1UdDgQWBBTua0k8ej8N47EJt4rIqxmfczNQ5zAfBgNVHSMEGDAWgBTua0k8ej8N47EJt4rIqxmfczNQ5zAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEAJRjUkY8T7o8eHRFT2i1EKRmgHmsxnk0Onq09XEFvlSskoXmYOjg2+7tmnkj/kJDvPdS4m7SHdT8gm85yz6FVwU1kohkGoQczDAsp5fHqq6PstQp0kMd9cvLXXJ+R75GLt9ztZqLPjmY7vJ86AuAn3RaYwJXUCqTkgZp1lDWckF+INwatWZUKsNFn0xnKiecyWjYcPoKoWpO+xtBkkbbP2bYYz9t+0mWjpsSOFzHB+35229OF41iyd3p2O2wvUBzn2/ZneR/1gpWaB6cUr4/cKCFnCdLWTVocGRyOd1zDlCQ9MmtLftR4lIO+N03OX8ceTjzgiTOVCw+lMtY8WnksGQAAAAIAJHNzbC5jb21yb290Y2VydGlmaWNhdGlvbmF1dGhvcml0eWVjYwAAAXCcV+V4AAVYLjUwOQAAApEwggKNMIICFKADAgECAgh15t/LwWhbqDAKBggqhkjOPQQDAjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNvbSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzAeFw0xNjAyMTIxODE0MDNaFw00MTAyMTIxODE0MDNaMHwxCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4GA1UEBwwHSG91c3RvbjEYMBYGA1UECgwPU1NMIENvcnBvcmF0aW9uMTEwLwYDVQQDDChTU0wuY29tIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgRUNDMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAERW6pUMSmIzaeXyiNF8uWImQ/3HqOHcwIs6JxJLqOSbkEG0eWWKstlcjtngg1yCfriYxTWOtiiv7wWw9rMVJjQTuJzezsto0Z0zQH3LvGBn/CRZXsy3+oI+AJ6YH680fTo2MwYTAdBgNVHQ4EFgQUgtGFczDnNQTTjgKS++Wk0cQh6M0wDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBSC0YVzMOc1BNOOApL75aTRxCHozTAOBgNVHQ8BAf8EBAMCAYYwCgYIKoZIzj0EAwIDZwAwZAIwb+frWRGkYM9hsJZ77QX5LxOR3O3l/FBrEUZGsxwhAGK7vsPn6M0HmfkNC11yPsSqAjAfvLoL4jAk+3xtgFUKmT6ADTPlZqOzo7ul1YuPCSymXX7i8AcIaG3SfGluX9/lamUAAAACACRzc2wuY29tcm9vdGNlcnRpZmljYXRpb25hdXRob3JpdHlyc2EAAAFwnFfleAAFWC41MDkAAAXhMIIF3TCCA8WgAwIBAgIIeyyb0xaAMpkwDQYJKoZIhvcNAQELBQAwfDELMAkGA1UEBhMCVVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQKDA9TU0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSBSU0EwHhcNMTYwMjEyMTczOTM5WhcNNDEwMjEyMTczOTM5WjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNvbSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFJTQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAPkP3aMrfcvQKv7sZ4Wm5y4bunfh4/WvpOz6Sl2RxFdHaxh3a3by/ZPkPQ/CFp4LZsNWlJ4Xg4XOVu/yFv0AYvUiCVToZRdOQbngT0aXqhvIuG5iXmmxX9sqAn78bMrzQdjt0Oj8P2FI7bADFB0QDksZ4LtO7IZl/zbzXmcCC52GVWH9ejjt/uIZALdvoVBidXQ8oPrIJZK0bnoix/geoeOy3ZExqysdBP+lSgQ36YWkMyv94tZVNHwZpEpox7Ko07fKoZOI68GXvIz5HdkihCR0xwQ9aqkpk8zruFvh/l8lqjRYyMEjVJ0bmBHDOJx+PYZspQ9AhnwC9FwCTyjLrnGfDzrIM/4RJTXq/LrFYD3ZfBjVsqnTdXgDciLKOsMf7yzlLqn6niy2UUb9rwPW6mBo6oUWNmuF6R7As93EJNyAKoFBbZQ+yODJgUEAnl6/f8UImKIYLEJAs/lvOCdLToD0PYFH4Ih86hzOtXVcUS4cK38acijnALXRdMbX5J+tB5O2UzU1/Dfkw/ZdFr4hc96SCvigY2q8lpJqPvi8ZVWb3vUNiSYE/CUapiVpy8JtynziWV+XrOvvLsi81xtZPCvM8hnIk2snYxnP/Okm+Mpxm3+T/jRnhE6Z6/yzeAkzcLpmpnbtG3PrGqUNxCITIJRWCk4sbE6x/c+cCbqiM+2HAgMBAAGjYzBhMB0GA1UdDgQWBBTdBAkHovV6fVJTEpKV7jiAJQ2mWTAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFN0ECQei9Xp9UlMSkpXuOIAlDaZZMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAIBgRlCn7Jp0cHh5wYfGVcpNxJK1ok1iOMq8bs3AD/CUrdIWQPXhq9LmLpZc7tRiRux6n+UBbkflVma8eEdBcHadm47GUBwwyOabqG7B52B2ccETjit3E+ZUfijhDPwGFpUenPUayvOUiaPd7nNgsPgohyC0zrL/FgZkxdMF1ccW+sfAjRfSda/wZY52jvATGGAslu1OJD7OAUN5F7kR/q5R4ZJjT9ijdh9hwZXT7DrkT66cPYakylszeu+1jTBi7qUD3oFRuIIhxdRjqerQ0cuAjJ3dctpDqhiVAq+8zD8ufgr6iIPv2tS0a5sKFsXQP+8hlAqRSAUfdSSLBv9jra6x+3uxjMxW3IwiPxg+NQVrdjsW5j+VFP3jbutIbQLH+cU0/4IGiul607BXgk90IH37hVZkLId6Tngr75qNJvTYw/ud3sqB1l7UtgYgXZSD32pAAn8lSzDLKNXz1PQ/YK9f1JmzJBjSWFupwWRoyeXkLtoh/D1JIPb9s2KJELtFOt3JY04kTlf5Eq/jXixtunLwsoFvVagCvXzfh1foQC5ichucmj87w7G6KVwuA406ywKBjYZC6VWg3dGq2ktufoYYitmUnDuy2n0Jg5GfCtdpBC8TTi2EbvPofkSvXRAdeuims2cXp71NIWuuA8ShYIc2wBlX7Jz9TkHCpBB5XJ7kAAAACABpkLXRydXN0cm9vdGNsYXNzM2NhMmV2MjAwOQAAAXCcV+V4AAVYLjUwOQAABEcwggRDMIIDK6ADAgECAgMJg/QwDQYJKoZIhvcNAQELBQAwUDELMAkGA1UEBhMCREUxFTATBgNVBAoMDEQtVHJ1c3QgR21iSDEqMCgGA1UEAwwhRC1UUlVTVCBSb290IENsYXNzIDMgQ0EgMiBFViAyMDA5MB4XDTA5MTEwNTA4NTA0NloXDTI5MTEwNTA4NTA0NlowUDELMAkGA1UEBhMCREUxFTATBgNVBAoMDEQtVHJ1c3QgR21iSDEqMCgGA1UEAwwhRC1UUlVTVCBSb290IENsYXNzIDMgQ0EgMiBFViAyMDA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfGENHC6L7cwoI69fATPvmK8mf2Cl9J6CmeWOAn2EE6VInOZjdoVLecF/BlzIreOmAC8PD2soWz71nklS63wzGTaiD4puA8J0zTdM/Vi0eHNGenuGE9MWK7iHtYMWxVa2Dq4xBhkHuMzsrWJd04Mv9mUaxOXbxKj/pmpBMwV7GBoNu0Ie7f1v5PtZjGDjMZxNIdOF+qvi5GNHFZBriI3XjfyHdnRLQ0vaVGnvmamijoqvccaseEU8L46HbnPW7Fq/rSxRiCi+x47cO+TmH2Mc5byxe+FcK0pJvweBD4coNgPy1KDYnzui1OVkKlXouphBdj5TcQn+m6t7fnXUfdrpQIDAQABo4IBJDCCASAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU05SKTGITKhkuzK9yin0215oc3GcwDgYDVR0PAQH/BAQDAgEGMIHdBgNVHR8EgdUwgdIwgYeggYSggYGGf2xkYXA6Ly9kaXJlY3RvcnkuZC10cnVzdC5uZXQvQ049RC1UUlVTVCUyMFJvb3QlMjBDbGFzcyUyMDMlMjBDQSUyMDIlMjBFViUyMDIwMDksTz1ELVRydXN0JTIwR21iSCxDPURFP2NlcnRpZmljYXRlcmV2b2NhdGlvbmxpc3QwRqBEoEKGQGh0dHA6Ly93d3cuZC10cnVzdC5uZXQvY3JsL2QtdHJ1c3Rfcm9vdF9jbGFzc18zX2NhXzJfZXZfMjAwOS5jcmwwDQYJKoZIhvcNAQELBQADggEBADTte1o8pJSI7xoRdQcvs/48+h5RJuuH9ine4PHUxiQJ6cHPVRu0MNnOGv4GUaYVpC3vsku/ICglSdGmNnc06GTfUrERx3N6zTmewq2McSHyWmuv3zxOVa+yhGUUibl3yyoxvs+jbc9vSJQyRm/ncYygpoQZNwfyA0UJK4Z1fN9faVcA227YpnIiS1DUdZhW37cY/0NDUK56RHvweVHXQz2n04HT8MlPudrGl4bQgsPkQm3+sOJkTg4m50A0JrUIidcIY2M4J3UeM+puqN2fmU90TYGJgEvdmpcpXC++gUG5jP/qfWAGns3XPdMuoxW8qOYm5W/D3LgDIeqfFvEsVLUAAAACACRuZXR3b3Jrc29sdXRpb25zY2VydGlmaWNhdGVhdXRob3JpdHkAAAFwnFfleAAFWC41MDkAAAPqMIID5jCCAs6gAwIBAgIQV8szb8JcFuZHFhfjkDFo4DANBgkqhkiG9w0BAQUFADBiMQswCQYDVQQGEwJVUzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMuMTAwLgYDVQQDEydOZXR3b3JrIFNvbHV0aW9ucyBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDYxMjAxMDAwMDAwWhcNMjkxMjMxMjM1OTU5WjBiMQswCQYDVQQGEwJVUzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMuMTAwLgYDVQQDEydOZXR3b3JrIFNvbHV0aW9ucyBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkvH6SMG3G2I4rC7xGzuAnlt7e+foS0zwzc7MEL7xxjOWftiJgPl9dzgn/ggwbmlFQGiaJ3dVhXRncEg8tCqJDXRfQNJIg6nPPOCwGJgl6cvf6UDL4wpPTaaIjzkGxzOTVHzbRijr4jGPiFFlp7Q3Tf2vouAPlT2rlmGNpSAW+Lv8ztumXWWn4Zxmuk2GWRBXTcrA/vGp97Eh/jcOrqnErU2lBUzS1sLnFBgrEsEX1QV1uiUV7PTsmjHTC5dLRfbIR1PtYMiKagMnc/Qzpf14Dl847ABSHJ3A4qY5usyd2mFHgBeMhqxrVhSI8KbWaFsWAqPS7azCPL0YCorEMIuDTAgMBAAGjgZcwgZQwHQYDVR0OBBYEFCEwyfsA106Y2oeqKtCnLrFAMadMMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MFIGA1UdHwRLMEkwR6BFoEOGQWh0dHA6Ly9jcmwubmV0c29sc3NsLmNvbS9OZXR3b3JrU29sdXRpb25zQ2VydGlmaWNhdGVBdXRob3JpdHkuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQC7rkvnt1frf6ott3NHhWrB5KUd5Oc86fRZZXe1eltajSU24HqXLjjAV2CDmAaDn7l2em5Q4LqILPxFzBiwmZVRDuwduIj/h1AcgsLj4DKAv6ALR8jDMe+ZZzKATxcheQxpXN5eNK4CtSbqUN9/GGUsyfJj4akH/nxxH2szJGoeBfcFaMBqEssuXmHLrijTfsK0ZpEmXzwuJF/LWA/rKOyvEZbz3HtvwKeI8lN3s2Berq4o2jUsbzRF0ybh3uxbTydrFny9RAQYgrOJeRcQcT16ohZO9QHNpGxlaKFJdlxDydi8NmdspZS11My5vWo1ViHe2MPr+8ukYEywVaCge1eyAAAAAgAVYWZmaXJtdHJ1c3RuZXR3b3JraW5nAAABcJxX5XgABVguNTA5AAADUDCCA0wwggI0oAMCAQICCHxPBDkc1JktMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNVBAYTAlVTMRQwEgYDVQQKDAtBZmZpcm1UcnVzdDEfMB0GA1UEAwwWQWZmaXJtVHJ1c3QgTmV0d29ya2luZzAeFw0xMDAxMjkxNDA4MjRaFw0zMDEyMzExNDA4MjRaMEQxCzAJBgNVBAYTAlVTMRQwEgYDVQQKDAtBZmZpcm1UcnVzdDEfMB0GA1UEAwwWQWZmaXJtVHJ1c3QgTmV0d29ya2luZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALSEzDMXLmuUbGthUqDro895lEzllICZy1VkRGWPZ2TiBuNcN0n2L5uEhB4t8mCdME7MhIXiLM8env42qzN3NUTYNZYaPTboeg7Y1UehammL2fy7Oq55WtX01nG7mpAja5q3iHSHDB5fuZ4t+qtTK9y7dj6TTAgIjB6iIxzUaq0iupkBLm1ly74kZlUkS0BEsRvX4cKFwN4QPz3tuPzx8SNT3L9ll2/Z+UBxjX29ldTOvqBeJyPe/abQJg4AKes8RvA9YL8/UNLcJkFRnhQ3QgSjcFeoG4ftLfp77owK46lmiRnLQfndRDZhz+J3Rsh99vSSgTb92zTxcn7zDBa9tBUCAwEAAaNCMEAwHQYDVR0OBBYEFAcf0uec2sJuokC0sHpQEFB0xMi9MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQCJV7IWeqjC/dbZm5s0wpy0MhRNp6Tf7L6nvvhD25E3zrQyLlBVGjVOdkNxIO+Td04VcC6Hw8EdbdzLtSfULFbRUlM6RNJzyMQbBWVaYpKc7kGNMdvnNOpZIdUBetdkuGQ5zcntr+1LA0inoJkBgNxlozauZVlIT4JLyGXxVx3lWS4KP2zY0fXlCbRsVAAK4BVNh3Vtt1iWWt1t0gCg9JtIvsM3pLo24HyHhZcaFaLeLqJbva8Y+ZBQzXBZ+CdnR8vHoAc6fdEsXWwZOma1ff2Rb4KxvgiT2xRH8aI3x0WePMd3r2Sok9/2aYOCYPJJQjTtWgBUhRwWNpIMXPqmrb/bAAAAAgAWZGV1dHNjaGV0ZWxla29tcm9vdGNhMgAAAXCcV+V4AAVYLjUwOQAAA6MwggOfMIICh6ADAgECAgEmMA0GCSqGSIb3DQEBBQUAMHExCzAJBgNVBAYTAkRFMRwwGgYDVQQKExNEZXV0c2NoZSBUZWxla29tIEFHMR8wHQYDVQQLExZULVRlbGVTZWMgVHJ1c3QgQ2VudGVyMSMwIQYDVQQDExpEZXV0c2NoZSBUZWxla29tIFJvb3QgQ0EgMjAeFw05OTA3MDkxMjExMDBaFw0xOTA3MDkyMzU5MDBaMHExCzAJBgNVBAYTAkRFMRwwGgYDVQQKExNEZXV0c2NoZSBUZWxla29tIEFHMR8wHQYDVQQLExZULVRlbGVTZWMgVHJ1c3QgQ2VudGVyMSMwIQYDVQQDExpEZXV0c2NoZSBUZWxla29tIFJvb3QgQ0EgMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKsLozXgiykUsRSFrzwQ5DlvNV1Krt3qYY2VSfRvZKMaYGakqUAihNnUpeV4kw5oAa25TVw6ztO4qEJA38+juoJZapIbrBya2ggrJSf5aSNH8eDrLHqb9RMC0H40fMKePABZq/XaDPUyPCusUNrWw96DlMqoDJkyDghIVltq+9rhWFgBSV9yQTwVBgGOXa2quJO0zZ7rp+hqLVI02zrvXHVR2tvzMfnucZgyxFQVRAz5m1Xtrd8YCKCjhopJ7lMFjxlM1d5YeZvSahxCq8XVp89oD5bk4WGYdmHIkXzWPgDikVCH4Z0K5q2X0h3GOn3LvNoDNNWOWwH1age3FrZuSn8CAwEAAaNCMEAwHQYDVR0OBBYEFDHDeRu69VPXF+CJei0XbAqzK50zMA8GA1UdEwQIMAYBAf8CAQUwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQCUZFmtOWTnKesT/lrDixNXyAQk8HR3wGDjZ/vpiaaDv5aCfG7Uwz3vnoBuuym0mHqxO1TrORdHfhqOC/wfMVkxBLLOF/Msx2I2VeIi2IlVtJhIqmT61hw22ER4WlojOleX9XowT66fakxLK46gA+M+4KnU0nvSs6jicjytnv+AWeSbRbT2O7DNORmYMuXqIWGQ5DEhjjSx9y81SoUQ2ueKNyG+WWPg8oWIMVPUVBSFcHn0LgZ3J3UvH7iK+f7Futg25IPs52W3v2Na80avgZQ31EGM1iPWHs/1aBtEY6Jauqc1WaHlcAWbDiNXmZQKbbo5YyiGkvMYhNj70c8FVmRXAAAAAgATZ2xvYmFsc2lnbnJvb3RjYS1yNgAAAXCcV+V4AAVYLjUwOQAABYcwggWDMIIDa6ADAgECAg5F5rsDgzPDhWVI5v9FUTANBgkqhkiG9w0BAQwFADBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSNjETMBEGA1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0xNDEyMTAwMDAwMDBaFw0zNDEyMTAwMDAwMDBaMEwxIDAeBgNVBAsTF0dsb2JhbFNpZ24gUm9vdCBDQSAtIFI2MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWduMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAlQfoc8pm+ewUyns89w0I8bRFCyyCtEjG61s8roO4QZIzFKRvf+kqzMawiGvFtonRxrL/FM5RFCHsSt0bWsbWh+5NOhUG7WRmC5KAykTec5RO86eJf094YwjIElBtQmYvTbl5KE1SGooagLcZgQ5+xIq8ZEwhHENo1z08isWyZtWQmrcxBsW+4m0yBqYe+bnrqqO4v76CY1DQ8BiJ3+QPefXqoh8q0nAue+e8k7ttU+JIfIwQBzj/ZrJ3YX7g6ow8qrSk9vOVShIHbf2MsonP0KBhd8hYdLDUIzr3XTrKotudCd5dRC2Q8YHNV5L6frxQBGM032uTGL5rNrI55KwkNrfw77YcE1eTtt6y+OKFt3OiuDWqRfLgnTahb1SK8XJWbi6IxVFCRBWU7qPFOJabTk5aC0fzBjZJdzC8cTflpuwhCHX85mEWP3fV2ZGXhAps1AJNdMAU7f05+4PyXhShBLAL6f7uj+FuC7IIs2FmCWqxBjplllnA8DX9ydoojRoRh3CBCqiadR2eOoYFAJ7bgNYl+dwFnidZTHY5W+r5paHYgw/R/98wEfmFzzNI9cptZBQselhP00sIScWVZBpjDnk99bOMylitnEJFeW4OhxlcVLFltr+Mm9wT6Q1vuC7cZ27JixG1hBSKABlwg3mRl5HUGie/Nx4yB9gUYzwoTK8CAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFK5sBaOTE+Ki5+LXHNbH8H/IZ1OgMB8GA1UdIwQYMBaAFK5sBaOTE+Ki5+LXHNbH8H/IZ1OgMA0GCSqGSIb3DQEBDAUAA4ICAQCDJe3o0f2VUs2ewASgkWnmXNCE3tytok/oR3jWZZipW6g8h3wCitFutxZz5l/AVJjVdL7BzeIRka0jGD3d4XJElrSVXsB7jpl4FkMTVlezorM7tXfcQHKso+ubNT6xCCGh58RDN3kyvrXnnCxMvEMpmY4w06wh4OMd+tgHM3ZUACIquU0gLnBo2uVT/INc053y/0QMRGby0uO9RgAabQK6JV2NoTFR3VRGHE3bmZbvGhwEXKYV73jgef5d2z6qTFX9mhWpb+Gm+99wMOnD7kJG7cKTBYn6fWN7P9BxgXwA6JiuDng0wyX7rwqfIGvdOxOPEoziQRpIenOgd2nHtlx/gsge/lgbKCuobK1ebcAF0nu364D+JTf+AptorEJdw+71zNzwUHXSNmmc5nsE324GabbeCglIWYfrexRgemSqaUPvkcdM7BjdbO9TLYyZ4V7ycj7PVMi9Z+ykD0xF/9O5MCMHTI8Qv4aW2ZlatJlXHKTMuxWJU7osBQ/kxJ4ZsRg01Uyduu33H68klQR4qAO77oHl2l98i0qhkHQlp7M+S8gsVr3HyO844lyS8Hn3nIS6dC1hASB+ftHyTwdZX4stQ1LrRgyU4fVmR3l31VRbH60kN8tFWk6gREjI2LCZxRWECfbWSUnAZbjmGnFuoKjxguhFPmzWAtcKZ4MFWsmkEAAAAAIAFmdsb2JhbHNpZ25lY2Nyb290Y2EtcjUAAAFwnFfleAAFWC41MDkAAAIiMIICHjCCAaSgAwIBAgIRYFlJ4CYuu1X5CneKcflK2GwwCgYIKoZIzj0EAwMwUDEkMCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI1MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWduMB4XDTEyMTExMzAwMDAwMFoXDTM4MDExOTAzMTQwN1owUDEkMCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI1MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWduMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAER0UOlvt9Xb/pOdEh+J8LttV7HpI6SFkc8GIxLcB6KP4ap1yztsyX50XUWPrRd21DosCHZTQKH3rd6zwzocWdTaRvQZU4f8kehOvRnkmSh5SHDDqFSmafnVmTTZdhBoZKo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUPeYpSJvqB8ohREom3m7e0oPQn1kwCgYIKoZIzj0EAwMDaAAwZQIxAOVpEslu28YxuglB4Zf4+/2a4n0Sye18ZNPLBSWLVtmg515dTguDnFt2KaAJJiFqYgIwcdK1j1zqO+F4CYWodZI7yFz9SO8NdCKoCOJuxUnOxwy8p2Fp8fc74SrL+SvzZpA3AAAAAgAWZ2xvYmFsc2lnbmVjY3Jvb3RjYS1yNAAAAXCcV+V4AAVYLjUwOQAAAeUwggHhMIIBh6ADAgECAhEqOKQclgoE3kKyKKUL6DSYAjAKBggqhkjOPQQDAjBQMSQwIgYDVQQLExtHbG9iYWxTaWduIEVDQyBSb290IENBIC0gUjQxEzARBgNVBAoTCkdsb2JhbFNpZ24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMTIxMTEzMDAwMDAwWhcNMzgwMTE5MDMxNDA3WjBQMSQwIgYDVQQLExtHbG9iYWxTaWduIEVDQyBSb290IENBIC0gUjQxEzARBgNVBAoTCkdsb2JhbFNpZ24xEzARBgNVBAMTCkdsb2JhbFNpZ24wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAS4xnnTj2wlDp8uORkcA6SumuU5BwkWymOxuYb4ilfBV85C+nOh92VC/x7BALJucw7/xyHlGKSq2XE/qNS5zowdo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUVLB7rUW44kB/+wpu+74zyTyjhNUwCgYIKoZIzj0EAwIDSAAwRQIhANySoaATps8DsObEIZeQ+hRXLQPs7jzTbsqobHa8ot67AiAnqIUnNZtWxqPyR9K3bhsCABeqZ6YVkd76lOx7C/ifhAAAAAIADXN6YWZpcnJvb3RjYTIAAAFwnFfleAAFWC41MDkAAAN2MIIDcjCCAlqgAwIBAgIUPopdB+xV0jLVt+O2XwHrLdzk1uQwDQYJKoZIhvcNAQELBQAwUTELMAkGA1UEBhMCUEwxKDAmBgNVBAoMH0tyYWpvd2EgSXpiYSBSb3psaWN6ZW5pb3dhIFMuQS4xGDAWBgNVBAMMD1NaQUZJUiBST09UIENBMjAeFw0xNTEwMTkwNzQzMzBaFw0zNTEwMTkwNzQzMzBaMFExCzAJBgNVBAYTAlBMMSgwJgYDVQQKDB9LcmFqb3dhIEl6YmEgUm96bGljemVuaW93YSBTLkEuMRgwFgYDVQQDDA9TWkFGSVIgUk9PVCBDQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3vD5QqEvNQLXOYeeWyrSh2gwisPq1e3YAd4wLz32ohswmUeQgPYUM1ljj5/QqGJ3a0a4m7utT3PSQ1hNKDJA8w/Ta0o4NkjrcsbH/ON7Dui1fgLkCvUqdGw+0w8LBZwPd3BucPbOw3gAeqDRHu5rr/gsUvTaE2g0gv/pby6kWIK05YO4vdbbnl5z5Pv1+TW9NL++IDWr63fE9biCloBK0TXC5ztdyO4mTp4CEHCdJckm1/zuVnsHMyAHs6A6KCpbns6aH5db5BSsNl0BwPLqsdVqc1U2dAgrSS5tmS0YHF2Wtn2yIANwiieDhZNRnvDF5YTy7ykHNXGoAyDw4jlivAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBQuFqlKGLXLzPVvUPMjX/hd56zwyDANBgkqhkiG9w0BAQsFAAOCAQEAtXP4A9xZWx126aMqe5Aosk3AM0+qmrHUuOQn/6mWmc5G4G18TKI4pAZw8PRBEew/R40/cof5O/2kbytTAOD/OblqBw7rHRz2onKQy4I9EYKL0rufKq8h5mOGnXkZ7/e7DDWQw4rtTw/1zBLZpD67oPwglV9PJi8RI4NOdQcPv5vRtB3pEAT+ymCPoky4rc/hkA/NrgrHXXu3UNLUYfrVFdvXn4dRVOul4+vJhaAlIDf7js4MNIThPIGyd05DpYhfhmehPea0XGG2Ptv+tyjFogeutcrKjSoS75ftwjCkySp6+/NNIxuZMzSgLvWpCz/UXeHPhJ/iGcJfitYgHuNztwAAAAIAE2dsb2JhbHNpZ25yb290Y2EtcjMAAAFwnFfleAAFWC41MDkAAANjMIIDXzCCAkegAwIBAgILBAAAAAABIVhTCKIwDQYJKoZIhvcNAQELBQAwTDEgMB4GA1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNpZ24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDkwMzE4MTAwMDAwWhcNMjkwMzE4MTAwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMwldpB5BngiFvXAg7aEyiie/QV2EcWtiHL8RgJDx7KKnQRfJMsuS+FggkbhUqsMgUdwbN1k0ev1LKMPgj0MK66X17YUhhB5uzsTgHeMCOFJ0mpiLx9e+pZo34knlTifBtc+ycsmWQ1z3rDI6SYOgxXG71uL0gRgykmmKPZpO/bLyCiR5Z2KYVc3rHQU3HTgOu5yLy6c+9C7v/U9AOEGM+iCK65TpjoWc4zdQQ4gOsC0p6Hpsk+QLjJg6VfLuQSSaGjlOCZgdbKfd/+RFO+uIEn8rUAVSNECMWEZXriX7613t2Saer9fwRPvm2L7DWzgVGkWqQPabumDk3F2xmmFghcCAwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFI/wS3+oLkUkrk1Q+mOai97i3Ru8MA0GCSqGSIb3DQEBCwUAA4IBAQBLQNvAUKr+yAzv95ZURUm7lgAJQayzE4aGKAczymvmdLm6AC2upArT9fHxD4q/c2dKg8dEe3jgr25sbwMpjjM5RcOO5LlXbKr8EpbsU8Yt5CRsuZRj+9xTaGdWPoO4zzUhw8lo/s7awlOqzJCK6fBdRoyV3XpYKBovHd7NADdBj+1EbddTKJd+82cEHhXXipa0095MJ6RMG3NzdvQXmcIfeg7jLQitChws/zyrVQ4PkX4268NXSb7hLi18YIvDQVETI53O9zJrlAGomecsMx86OyXShkDOOyyGeMlhLxS67ttVb9+E7gUJTb0o2HLO02JQZR7rkpeDMdmztcpHWD9fAAAAAgATZ2xvYmFsc2lnbnJvb3RjYS1yMgAAAXCcV+V4AAVYLjUwOQAAA74wggO6MIICoqADAgECAgsEAAAAAAEPhibmDTANBgkqhkiG9w0BAQUFADBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEGA1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0wNjEyMTUwODAwMDBaFw0yMTEyMTUwODAwMDBaMEwxIDAeBgNVBAsTF0dsb2JhbFNpZ24gUm9vdCBDQSAtIFIyMRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWduMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAps8kDr4ubyiZRULEqz4hVJsL03+EcPoSs8u/h1/Gf4bTsjBc1v2t8Xvc5fhglgmSEPXQU977e35ziKxSiHtKpspJpl6op4xaEbx6guu+jOmzrJYlB5dKmSoHL7Qed7+KD7UCfBuWuMW5Oiy81hK561l94tAGhl9eSWq1OV6INOy8eAwImIRsqM1LtKB9DHlN8LgtyyHK1WxbfeGgKYSh+dOUScskYpEgvN0L1dnM+eonCitzkcadG6zIy+jgoPQvkItN+7A2G/YZeoXgbfJhE4hcn+CTClGXilrOr6vV96oJqmC93Nlf33KpYBNeAAHJSvo/pOoHAyECjoLKA8KbjwIDAQABo4GcMIGZMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSb4gdXZxwewGoG3lm0mi3f3BmGLjA2BgNVHR8ELzAtMCugKaAnhiVodHRwOi8vY3JsLmdsb2JhbHNpZ24ubmV0L3Jvb3QtcjIuY3JsMB8GA1UdIwQYMBaAFJviB1dnHB7AagbeWbSaLd/cGYYuMA0GCSqGSIb3DQEBBQUAA4IBAQCZgVOHHGiXhpHs4Eq4RAurgawnT9bBuBxDeLMMmvzqLDxuYRtNSyn1nwUdJsG46YMAYkW2qQiTuakzSxiawviHiE7b3XE0GsFU2kY/4NMqq21UIvU6Ys0gb7opidfdke7TXKI+oVtB9d/lZEMt6dU5q9Ki37eL0MCAGRxFwC2M6PgtpHRWScUFtU8V3m5EeDmHqH6783kYkbv0b53B8Iw1jF0B+8Ntue9EbXlGMX4K/qmCwf/vq24gxFDJX51NmxeMDOUByaBBanNT+qVQtG4lD/tMGPT9UtmOabHoEQ/eiNj7HUn3qt6VzyB4wmAS2yVAjGr8fkI4QGQS956B4ZMuAAAAAgAPZW1zaWducm9vdGNhLWMxAAABcJxX5XgABVguNTA5AAADdzCCA3MwggJboAMCAQICCwCuzwC6xM8y+EOyMA0GCSqGSIb3DQEBCwUAMFYxCzAJBgNVBAYTAlVTMRMwEQYDVQQLEwplbVNpZ24gUEtJMRQwEgYDVQQKEwtlTXVkaHJhIEluYzEcMBoGA1UEAxMTZW1TaWduIFJvb3QgQ0EgLSBDMTAeFw0xODAyMTgxODMwMDBaFw00MzAyMTgxODMwMDBaMFYxCzAJBgNVBAYTAlVTMRMwEQYDVQQLEwplbVNpZ24gUEtJMRQwEgYDVQQKEwtlTXVkaHJhIEluYzEcMBoGA1UEAxMTZW1TaWduIFJvb3QgQ0EgLSBDMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM/rqbnxmQXM2CghSvNzNFGEVhD1oE8sEuP6E5on0M/5eRp0Xx15Ofxb+HCO4JJS9+Ql+VSD2R3TyFqFP17HtgfuPsDOmq+sVkIqOSVw1r+1ezatrPZz3M3XHYqDpfsrkBU3axwmR9w7KVaTarPBajqdPfXBlzhYBYscEePktLhdhR2D/nhfC0VoGEilRnM0O/4PyHa7xxjzBdGG84Xt57nZMq1ViM6mtpGwT6x+FSOW9j/wIDQW3grGxARFeX+n/b7SqaWvnMUjKvc8IWy9r49OxTqy8zQS/N+AGkmk1KmV956JXqKJrJTLqGibr4plJ82J7t2MtWspcEOgaQvkuQ8CAwEAAaNCMEAwHQYDVR0OBBYEFP6h4HAeKgM5UlpCvlyRhXoYqk21MA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQDCSlb6FSF7KKLp5R37+C3EOZZBTDsnLMRsGBWAxqyvR1kvJgvjNrDvO/5Dl0kymRIVW98RKf+rU/i7wXgPrJxTr1e9aIw9aTPwo6AjYztkZyJErdVxy1YqeJKjTxIxNjbi3v4AxKNgDyetoLCKtTZ6UqG9J/QgJ2LoTZQkE+QKBOk8qy7IQwlKxmEE5Uk0ftPEyPUPwKrpulRe82MrT09Q1P65e5mMPcAuvAIr08RA5IoHMR6bziaZE/sR6poiDBEZx14bgVAwyJYSbufLQX+RO6JHt1SAG9wAzJqQ6sPDUAZiDDDAFUinqFl84a4iouIKeg/6YqtSTOHx38q+gw1CAAAAAgASZW1zaWduZWNjcm9vdGNhLWMzAAABcJxX5XgABVguNTA5AAACLzCCAiswggGxoAMCAQICCntxtoJWuBJ8nKgwCgYIKoZIzj0EAwMwWjELMAkGA1UEBhMCVVMxEzARBgNVBAsTCmVtU2lnbiBQS0kxFDASBgNVBAoTC2VNdWRocmEgSW5jMSAwHgYDVQQDExdlbVNpZ24gRUNDIFJvb3QgQ0EgLSBDMzAeFw0xODAyMTgxODMwMDBaFw00MzAyMTgxODMwMDBaMFoxCzAJBgNVBAYTAlVTMRMwEQYDVQQLEwplbVNpZ24gUEtJMRQwEgYDVQQKEwtlTXVkaHJhIEluYzEgMB4GA1UEAxMXZW1TaWduIEVDQyBSb290IENBIC0gQzMwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAT9pWGueyYQHem3IjCuBvSBs7FCcZU5vNNS46+v+fKXNZI2Rg6HlY25OVrpu9/Q/sgHQTy7VW+Do2r7YrCBiQJwfUjFSuPpIlQiTZO7Qgyvd5wjpn3XYRHOZcf4f/718qmjQjBAMB0GA1UdDgQWBBT7WkjQgCBA8qjpAAdpGXen5sP0zzAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjEAtNgvAon9tkxiukNOE4Ryta7dHN7WtdxWj1hAWi3eIEwig8qTqH7uEkDH1odP+N+FAjAcFGTkfJaDEZyw0VphS6YPSdMA/KH85KX/f63XMNDHd3++gQdVMFAgFPVXOAqoMVEAAAACABNidXlwYXNzY2xhc3Mzcm9vdGNhAAABcJxX5XgABVguNTA5AAAFXTCCBVkwggNBoAMCAQICAQIwDQYJKoZIhvcNAQELBQAwTjELMAkGA1UEBhMCTk8xHTAbBgNVBAoMFEJ1eXBhc3MgQVMtOTgzMTYzMzI3MSAwHgYDVQQDDBdCdXlwYXNzIENsYXNzIDMgUm9vdCBDQTAeFw0xMDEwMjYwODI4NThaFw00MDEwMjYwODI4NThaME4xCzAJBgNVBAYTAk5PMR0wGwYDVQQKDBRCdXlwYXNzIEFTLTk4MzE2MzMyNzEgMB4GA1UEAwwXQnV5cGFzcyBDbGFzcyAzIFJvb3QgQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCl2gqVFlDjlfJenXYxBjJ6m/EQdrgAmrVSNs0kR7CfGGS8mvb61XnYkGJMIi/eOD3W4KjpHCzbeBHpjmhRFXLH8zOH5KBdC1zgVwcqMPXNxDd3KE0Ykea/1VL9cS1wPufGxIrj8CgL9HaYoYuHVbI6E/y3Pic3jiLjqE8q72C7Pbc5ww4BR5ldEk/bQ/pXoe35nb4RRyZbE5irXRaKsDccV51F/4iWNr+7ygd7b4dj19AyatZdbAzxs2454msxLjkAJxTeOMDsGWaGEuidchYTZFLHqTcc/YIw7YQYHfSuXP9wEwDrsfUzekvWVfgFjUtpsPWzKDZcFMRRc01rC/E0B9sXOdfcKHtr9Z/zLsFPFyoQ88zK6Ov9a6sump8tgm4E1FIBky09hvx+/N/vQh2ma++5IMb3vaCnlf2n5okk2MyMNGziIy/ZEhohuVWRbwuReRkMrUCIC3DietIO2GhIu4ITORBY6dgqB8YS21jb0jtVEEcFFWdifhhjpkY/CQ5UMl6/DWJ6J++A6NvZSwZaN1ol0AgSd9RvCVCXPcgdw9+MRTBWxtNkq2bzwF6WnMPE78N8a4s6eX+zSc894omfoDBLhbmclCR5j31rqUVoDyvQ8docy2m4yklibcjQY2LdYA9Yqo+hvAWlZqLPG3ayhGSxTDlSwDC68IxLArC2twIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRHuM3/5W/u+LLsL04O+SWwjjxrwzAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADggIBAAAgI0E1BJDCQGJg7+I1TNc/rOI0kLihb3b6FhakSDcs6ZDC8jz4Cp/YgeW7W9olLKSnVXEkMvbIC/K8aviTrLIHwl+f28zIiqq+am/hSRDMMdeAu7vI2KIOZFfqovXCqTEV0iBq7PwiASjPhriAHqnMEaU88hazR5380oAhxMvQR3BBocqDGQgsbfJdd5yKFBPUNhyS8OUGN9ym5pCbOI9caxtGhkNCXz4BB1NUXWV994pzoZpUWh8pQxQnwoUPtYh7GjuUtx1gp7Wc5ylpV1qbk3pDMBsD12LIQKaq/GTkSteRUwGoIIhunF9EuctggTTsb9N92khf67SQvC2pHAusHNWiaCCABNb8sY8vu0oxDUqGHOviNikm9drYxPJ1Yc9+rnZjSnpAZZOH+B6AjIblhtaPDvxTLGDoFmEaoj5De805YFRq9fKJJgFog0iiM+jJBJGyETQRPurQQxkfA5OQDP9RPVf0QW7hy6C+68ljzW3M5Pg2qmid7b1dl3BEDbYONdzhDF27oFGUy34W6xEvo5JFyExx2bzJmVJXRi9Qz701afQ9Fc4GpSwPPvaBupS7w7u/ZXjShnn/STsagwzw3njsyPJNTBregin4wVra7e7mJ17oRdCdHFGoaKtE49CLauP4O7vcTddk8lG+5qqrWukx7ga8c78TYgqfx7mXAAAAAgAfY29tb2RvcnNhY2VydGlmaWNhdGlvbmF1dGhvcml0eQAAAXCcV+V4AAVYLjUwOQAABdwwggXYMIIDwKADAgECAhBMqvnK22Nv4B/3TthbA4adMA0GCSqGSIb3DQEBDAUAMIGFMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01PRE8gQ0EgTGltaXRlZDErMCkGA1UEAxMiQ09NT0RPIFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0xMDAxMTkwMDAwMDBaFw0zODAxMTgyMzU5NTlaMIGFMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01PRE8gQ0EgTGltaXRlZDErMCkGA1UEAxMiQ09NT0RPIFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAJHoVJLSClaxrA0k3cXPRGd0mSs3o30jcABxvFPfxPoqEo9LfxBWvZ9wcrdhf8lLDxenPeOwBGHu/xGXx/SGPgr6Plz5k+Y0etkUa+ecs4Wggnp2r3GQ1+z9DfqcbPrfsIL0FH75vsSmL09/mX+1/GdDcr0MANaJ62ss0+2PmBwUq37l42782KjkkiTaQ2tiuFX96sG8bLaL8w6NmuSbbGmZ+HhIMEXVreENPEVg/DKWUSe8Z8PKLrZr6kbHxyCgsR9l3kgIuqROqfKDRjeE6+jMgUhDZ05yKptcvUwbKIpcInu0q5jZ7uBRg8MJRk5tPpn6lRfafDNXQTyNUe0LtlyvLGMa31fIP7zpXcSbr0WZ4qNaJLS6qVY9z2+q/0lYvvCo//S4rek3+7q49As6+ehDQh6J2ITLE/HZu+GJYLiMKFasFB2cCudx688O3T2plqFIvTz3r7UNIkzAEYHsVjv206LiW7eyBCJSlYCTaeiOTGXxkQMtcHQC6otnFSlpUgK7199QalVGv6CjKGF/cNDDoqosIapHziicBkV2v4IYJ7TVrrTLUOZr9EyGcTDppt8WhuDY/0Dd+9BCiH+jMzouXB5BEYFjzhhxayvspoq3MVw6akfgw3lZ1iAar/JqmKpyvFdK0kuduxD8sExB5e0dPV4onZzMv7NR2qdH5YRTAgMBAAGjQjBAMB0GA1UdDgQWBBS7r34CPfqm8TyEjq3uOJjs2TIy1DAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQwFAAOCAgEACvHVRoS3rlG7bLJNQRQAk0ycy+XAVM+gJY4C+f2wog31IJg8Ey2sVqKw1n4Rkukuup4umnKxvRlEbGE1opq0FhJpWozh1z6kGugvA/SuYR0QGyqki3rF/gWm4cDWyP6ero8ruj2Z+NhzCVhGbqac9Ncn05XaN4NyHNNz4KJHmQM4XdVJeQApHMfsmyAcByRpV3iyOfw6hKC1nHyNvy6TYie3OdoXGK69PAlo/4SbPNXWCwPjV54U99HrT8i9hyO3tklDeYVcuuuSC6HG6GioTBaxGpkK6FMskruhCRh1DGWoe8sjtxrCKIXDG//QK2LvpHsJkZhnjBQBzWgGamMhdQOAiIpugcaF8qmkLef0pSQQR4PKzfSNeVixBpvnGirZnQHXlH3tA0rK8NvoqQE+9VaZyR6OST275Qm54E9Jkj0WgkDMzFnG5jrtEi5pPGyVsf2qHXt/hr4eDjJG+/sTj3V/TItLRmP+ADRAcMHDuaHdpnDiBLNBvOmAkepknHrhIgOpnG5vDmVPbIeHXvNuoPl1pZtA6FOyJ51KucB3IY3/h/LevIzvF9+3SQvR8m4wCxoOTnbtEfz16Vayfb/HbQqTjKXQwLYdvjpOlKLXbmwLwop8+iDzxOTlzQ2oy5GSsXyF7LUUaWYOgufNzsgtplF/IcE1U4UGSl2frbsbX3QAAAACABxzZWN1cml0eWNvbW11bmljYXRpb25yb290Y2EyAAABcJxX5XgABVguNTA5AAADezCCA3cwggJfoAMCAQICAQAwDQYJKoZIhvcNAQELBQAwXTELMAkGA1UEBhMCSlAxJTAjBgNVBAoTHFNFQ09NIFRydXN0IFN5c3RlbXMgQ08uLExURC4xJzAlBgNVBAsTHlNlY3VyaXR5IENvbW11bmljYXRpb24gUm9vdENBMjAeFw0wOTA1MjkwNTAwMzlaFw0yOTA1MjkwNTAwMzlaMF0xCzAJBgNVBAYTAkpQMSUwIwYDVQQKExxTRUNPTSBUcnVzdCBTeXN0ZW1zIENPLixMVEQuMScwJQYDVQQLEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQFTlSsVKzusVZgsRdUq46Q2WAS8fylrzbNpfWpmSMqF7w4woc99+XPUuu9l3sIbVBq825fnafvvk+NjSgO8H2MRFFdJM9V4DF+YmZyuWratS12kGQEMHW1kKJwr/0OBKVTFQF9zbkRYN7FGXW3AxN0d5+DKs7xBW+OlamWm92aVKpernI62qaXVLQLQprNRYJEITQaso6BgA3R+R+V08/i+tnuIiqxb5TVbKRxH25sIUZBngu22Ea+oX1SpGh5xbVjqI535S4cB8oP4v8QF5jgzyDKhqZa8/eWWo7/G8W1x/9ShDrToIWOqwnDFPxrdUksGsDUMEtPBbdRDQnGnX7AgMBAAGjQjBAMB0GA1UdDgQWBBQKhal3ZQWYfECB+A+XLDjxCuw8zzAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEATDqjRKy5RbHHk37ICwpC32TqHO5ZbAi6iV9qykqVnnqPB8XaRXKCcQ460sxvp7ShI7v2JJ/LF/6Mps7C0tvMjfxx/AMpwWxdM19ktmU7iW8Ydnj13KJIHxk/jpPr8foX7s1O4wQSVdbl5N37PgV84h1exqe8l09oOvXpLgpDtq9XXGJofLf9o4qEoKxivisJhzTwagG7mylWPP4AN88jbPFOqrZ0RhJske401eyakedEvpAxctVJAvYC5fQf63zZllWp/+yK+ZlH/zVaAqoEy4pbh3Epkb2ktHoNvZr1VyMAByEXP0o50QVJC6e2N4GlXYyqM16BKHynfSfrAK6NNwAAAAIAEXN0YXJmaWVsZGNsYXNzMmNhAAABcJxX5XgABVguNTA5AAAEEzCCBA8wggL3oAMCAQICAQAwDQYJKoZIhvcNAQEFBQAwaDELMAkGA1UEBhMCVVMxJTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAsTKVN0YXJmaWVsZCBDbGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA0MDYyOTE3MzkxNloXDTM0MDYyOTE3MzkxNlowaDELMAkGA1UEBhMCVVMxJTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAsTKVN0YXJmaWVsZCBDbGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIDANBgkqhkiG9w0BAQEFAAOCAQ0AMIIBCAKCAQEAtzLI/ulxpgSFrQwRZN/OTe/IAxiHP6Gr+zymn/DDodrU2G4rU5D7JKQ+hPCe6F/s5SdE9SimP3ve4CrwyK9TL57KBQGTHo9mHDmnTfpatnMEJWbrd3/nWcZKmSUUVOsmx/N/GdUwcI+vsEYq/63rKe3Xn6oEh6PU+YmlNF/bQ5GCNtlmPLG4uYL9nDo+EMg77wZlZnqbGRg9/3FRPDAuX749d3OyXQZswyNWmiuFJpIcpwKz5D8Nrwh5grg2Peqc0zWzvGnK9cyd6P1kjReAM25eSl2ZyR6HtJ0awNVuEzUjXt+bXz3v1vd2wuo+u3gNHEJnawTY+Nbab4vyRKABqwIBA6OBxTCBwjAdBgNVHQ4EFgQUv1+30c7dH4b0W1Ws3NcQwg6piOcwgZIGA1UdIwSBijCBh4AUv1+30c7dH4b0W1Ws3NcQwg6piOehbKRqMGgxCzAJBgNVBAYTAlVTMSUwIwYDVQQKExxTdGFyZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTIwMAYDVQQLEylTdGFyZmllbGQgQ2xhc3MgMiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQAFnT+IndHJGlWhrGnz81namwGHGk9XqaF5CSrb9y+yHszHXmrYg4ehl+9JNT53BkFYYr+OWLgKZz/ss90hZh/JVPpyzD1MQNiBr3eeg3q7osf1NBeO2RFA9PwsKk0Vf6diXS4l0wALIBodaPkXuPS9i+0oWd1NFosXg8iyZccteqWqvFOGbd1XpMr4IEELaPD0+3S+Vl16efX5HYXjLZW+9XGQQ8yNH5oACocp6VUiWAAj6uMSQylbRwjdjEFqZQao5SGqQbSVIZW5fdE0qxPWrbzc4j05zb0+dXChGFkDySK0j5zVXirXpbbUCm34t0ARRpofeQ5ivw+X7OAvHxeUAAAAAgAbYWN0YWxpc2F1dGhlbnRpY2F0aW9ucm9vdGNhAAABcJxX5XgABVguNTA5AAAFvzCCBbswggOjoAMCAQICCFcKEZdCxOPMMA0GCSqGSIb3DQEBCwUAMGsxCzAJBgNVBAYTAklUMQ4wDAYDVQQHDAVNaWxhbjEjMCEGA1UECgwaQWN0YWxpcyBTLnAuQS4vMDMzNTg1MjA5NjcxJzAlBgNVBAMMHkFjdGFsaXMgQXV0aGVudGljYXRpb24gUm9vdCBDQTAeFw0xMTA5MjIxMTIyMDJaFw0zMDA5MjIxMTIyMDJaMGsxCzAJBgNVBAYTAklUMQ4wDAYDVQQHDAVNaWxhbjEjMCEGA1UECgwaQWN0YWxpcyBTLnAuQS4vMDMzNTg1MjA5NjcxJzAlBgNVBAMMHkFjdGFsaXMgQXV0aGVudGljYXRpb24gUm9vdCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKfGxKUppCzv5RjFsFCjb1E7nwpaycJIOArCHKAYf5G1h7lAP90daB8Ig9UtHoig+I9Wj22ZApKQFtVfCGyJ1+GsvCDCseCDUYppTQCWWm8vwER+ow7kkc1Y7tz7xx5FR90nuQgBn6YhHfVBLS9M/Sit4IqtIrRWZY6GVI+TQyneOUZ4ozAjus3wfRNXwF3Sg2tITMSrn4BaWzq9yaciP4AnM1sOt4oMXQc3CMts0npHIkQ1xczMLo7dKu23fWYNX2FRIlUb40bj4z3QNWKa268UyFuhzIkb4TAm/KCbH4GnRx8E66M5kgafmdO/0+pPUJwZ/paHHjxl9qMYJIOGEOdUPqg6diRPgSHF4w8C+JOURyC7/tQO02i53cR6hILjU1R53duc0vIHmy62vD7thW3vJRHylxpCYfdKl+iLsRAH+mWBsqI5z/c8/xj7xvFai1niAqx7ktBOFE9ZRfYMXihfsOg/Rc/Pr5tv+4TTd1qVb6yUhJ7uvMBKj0qT+EQh4jFFYVBOENjjNXxMGbTeBb+jBp/Itc3kH9cXBg16lXRVDWga/BAbYmSdbeCVoMOUB1cNFOa9Bfu4n+bfi+LG536W9lPFgDRQKFjwElBxFzC65nhjvPSyrZsrsv7hOYxeugsglN57g7j/41aNtxHpO4zyscFdnaQLTCvZshj1tZ9LAgMBAAGjYzBhMB0GA1UdDgQWBBRS2Ig6yJ94Zu2J83s4cJTJAgI20DAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFFLYiDrIn3hm7YnzezhwlMkCAjbQMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEAC3tyh8BgpklMiFjmHYj3FGRIpthYCg5PEzXfNR3U7QYxyIE+atXdOxoy7pA9EdIu9I7DYy4jZrBnvm+2wBM5YKqiNCWTdVLep52tDoeJUnFqFjwZHYP4millvvQ/mtnw81qHIXGATcvgOJs/u/rgME3PhtNlEBkY0ZcCsStyQmisoL1OWtoYv2uYgdD9mr5eFUjNERW5wClctOiI9z42rrdi/R5i3nB4EBxIW9q8pDi6Z+1VPl5X39QDQEyBpNJPY6cJQgkU/ACpwoBzTy7AQNkRe0jqegLA0+soASZYdMHAcyJtk5X9OX27KuP2guMsl19OH5GU+v4so9h2GrhNsjhPm/odSGB5JuLz/anQmuhwj0l61uW9Cg7bLfONv+vjpH3Lx5Vx6NqjfMXC+HSSBBuGrKQiU0C2rP5Mds/7lDLANZ92P27lkG6gpiaiuCy+0SuF/adoyLoBK7FsdB24c5Xn7rfHJfAATACyfrYLixzzwFCeJbngCN42Zv83pdG7VGQsySe1S5J+Zf/TLeG5Trx/pEEhkEF3pjkf6p7jn9BmbwXsqnZ+v2sWoOu1x/ySVC8rESclN3hMUWqw88xYXRTxakgV/8IHtrGND45cUEazPb8BmE+yWVRHPjR7eG1Wky5z6mYoeM0dFL+gjy8uuC6O8hSKzOm1fPtsnQyl4ZYAAAACAApjZmNhZXZyb290AAABcJxX5XgABVguNTA5AAAFkTCCBY0wggN1oAMCAQICBBhKzNYwDQYJKoZIhvcNAQELBQAwVjELMAkGA1UEBhMCQ04xMDAuBgNVBAoMJ0NoaW5hIEZpbmFuY2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEVMBMGA1UEAwwMQ0ZDQSBFViBST09UMB4XDTEyMDgwODAzMDcwMVoXDTI5MTIzMTAzMDcwMVowVjELMAkGA1UEBhMCQ04xMDAuBgNVBAoMJ0NoaW5hIEZpbmFuY2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEVMBMGA1UEAwwMQ0ZDQSBFViBST09UMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA111rzRA/HwVZ1QVNN7EO7JgrjhUd+pNLF4IhcRBS11FkcBbCVWlNjhVtn78MG8Lgo2fWDKzPIq6vd1QqS0yKU1J6w+4u3rNxJcHpXT3uoS+j9yo8ySMdaqsdoafx8+yg1UTPFc9yLx1jl+iZ+f2TpFSATFLUUqsuSd+Qzbhfvj/eocpNINQl6IQpU7exiB//+tqQnwqpLUE/sfEYKe4WWSw0SRqoBteoiNIDcnoy4upoTW4slmV7yln68uLd7jAs+8xGrMRj629/Nis0cxKUf9/MJp7xcl1QZVmPabOHXjJvwxiKtZWPsHo33lpFO8c24e9n0TnTl1tzYhlILYccBvt0mCBJc/AF0huxoKO3G3DTiGm5WtY49GLcJYt4v/jofrhcyZVPX6ctuSBrz2vd9Q30grf0smYuECj2l1p7lhaPARktbG5/OVgGZIMBg4PDTZLdMsaHpDfpFs6qLWivCoFlOnDBm61NbVTKKi1LhRuzgOZwRQ1rXjXwfzu4nOQEcIkSJZPaCpkiYGpjYE52BphOvYOtHViKJYXSx2UeLY7G37bG4X+KBCEVKXTwPpyQnQwu8Yo+WqoMCR7H1Tyj7ZfDHjT6OPkIDuPAXSuD0VZqybaoVFMueDJnPYJ/dND74bYFYLlw244L+RNYb3FgEFIQucFBCe9yH2cxeP+WBY0CAwEAAaNjMGEwHwYDVR0jBBgwFoAU4/4t/SjQC7W6tqLEvwaqBYyT+y8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFOP+Lf0o0Au1uraixL8GqgWMk/svMA0GCSqGSIb3DQEBCwUAA4ICAQAlxrpr64fL3oI5lj3wRKdrhHMD3p0rT7ogf7x4ss+XsBuc89d5LvVIttL7F4jm03o/7VMT0OIvannLACMo5h43VzWJhMJ2TzQ2rWfDzkEGiMX37tgauNYLf1D/k6oXS4zs7VJgsqQG6k7r9GsZ/ev1GuAlKprcx0E298h0BYQ5lTnWCzukJ/oI2Fwe+ARgUhEoKAP/71NmAKVKNBZmfP0JpK6eZxpvQQtrBhObj4ZxBbQvjYlmMyl2VJoR+Cf6sj+R4M4NG/MwGq2/Il0b078lBU3hkhp/mZ88RJPK1EBJbICH1wQ6wzJSNQ5W+KXdfcSLDREfU8seshe2aHda4NTLyAeu9Toujje30AFLQyl3jDmXj4Ja+FHliaAY52h/XQou+6NHDj2mI3rGAcePyF6/bYBWvookujPqn+EyEZ7x0k+A9htArzieEVB5cxISzeZsnSyIcjwwgQaRIupZrdoZLiLCjbmMh+BmvHMjXyFkY4BI9aA8GD2UyEhBHUC6Xv7+VjmhyM9enhlkRhDaF5G3BYCsi5mSfeei2AcLNifnSHlgisPXE1z4ckDfSsvPmQAKAAsRldpWRQOICp9n0NV5saiNQG0NwnpA+vNfZEeSy1O5u1nOT/3QFVMB2N/r2eZ279AjuzupebPVAinNiaOWD0o1505CwHXNB8/mLOt7LgAAAAIAFWRpZ2ljZXJ0dHJ1c3RlZHJvb3RnNAAAAXCcV+V4AAVYLjUwOQAABZQwggWQMIIDeKADAgECAhAFmxtXno4hMuI5B72nd3VcMA0GCSqGSIb3DQEBDAUAMGIxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xITAfBgNVBAMTGERpZ2lDZXJ0IFRydXN0ZWQgUm9vdCBHNDAeFw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGIxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xITAfBgNVBAMTGERpZ2lDZXJ0IFRydXN0ZWQgUm9vdCBHNDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAL/mkHNo3rvkXUo8MCIwaTPswqclLskhPfKK2FnC4SmnPVirdprNrnsbhA3EMB/zG6Q4FutWxpdtHauyefLKEdLkX9YFPFIPUh/GnhWlfr6fqVcWWVVyr2iTcMKyunWZanMylNEQRBAu34LzB4TmdDttceItDBvuINXJIB1jKS3O7F5OyJP4IWGbNOsFxl7sWxq868nPzaw0QF+xembud8hIqGZXV59UWI4MK7dPpzDZVu7Ke13jrclPXuU15zHL2pNe3I6PgNq2kZhAkHnDeMe2scS1ahg4AxCN2NQ3pC4FfYj1gj4QkXCrVYJBMtfbBHMqbpEBfCFM1LyuGwN1XXhm2ToxRJozQL8I11pJpMLmqaBn3aQnvKFPObURWBf3JFxGj2T3wWmIdph2PVldQnaHiZdpekjw4KISG2aadMreSx7nDmOu5tTvkpI6nj3cAORFJYm2mkQZK37AlLTSYW3rM9nF30sEAMx9HJXDj/chsrIRt7t/8tWMcCxBYKqxYxhElRp2Yn72gLD76GSmM9GJB+G9t+ZDpBi4pncB4Q+UDCEdslQpJYls5Q5SUUd0viastkF13nqsX40/ybzTQRESW+UQUOsxxcpyFiIJ33xMdT9j7CFfxCBRa2+xq4aLT8LWRV+dIPyhHsXAj6KxfgommfXkaS+YHS312amyHeUbAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBTs1+OC0nFdZEzfLmc/57qYrhwPTzANBgkqhkiG9w0BAQwFAAOCAgEAu2HZfalsvhfEkRvDoaIAjeNkaA9Wz3eucPn9mkqZucl4XAwMX+TmFClWCzZJXURj4K2clhhmGyMNPXnpbWvWVPjSPMFDQK4dUPVS/JA7u5iZaWvHwaeoaKQn3J35J64whbn2Z006Po9ZOSJTROvIXQPK7VB6fWIhCoDIc2bRoAVgX+iltKevqPdtNZx8WorWojiZ83iL9E3SIAveBO6Mm0eBcg3AFDLvMFkuruBx8lbkapdvklBtlo1oepqyNhR6BvIkuQkRUNcIsbiJeoQjYUIp5aPNoiBB19GcZNnqJqGLFNdMGbJQQXE9P01wI4YMStyB0swylIQNCAmXHE/A7msgdDDS4Dk0EIUhFQEI6FUy3nFJ2SgXUE3mvk3RdazQyvtBuEOlqtPDBURPLDab4vriRbgjU2wGb2dVf0a1TD9uKFp5JtKkqGKX0h7i7UqLvBv9R0oN32dmfrJbQdA75PQ79ARj6e/CVABRoIoqyc54zNXqhwQYs86vSYiv85KZtrPmYQ/ShQDnUBrkG5WdGaG5nLGbsQAe79APT0JsyQq87kP6OnGlyE0mpTX9iV28hWIdMtKgK1TtmlfB2/oQzxm3i0objwG2J5VT6LaJbVu8aNQj6ItRolb58KaAoNYes7wPD1N1KarqE3fk3oyBIa0HEEcRrYc9B9F1vM/zZn4AAAACABdjZXJ0dW10cnVzdGVkbmV0d29ya2NhMgAAAXCcV+V4AAVYLjUwOQAABdYwggXSMIIDuqADAgECAhAh1tBKTyUPyTI3/KpeEo3pMA0GCSqGSIb3DQEBDQUAMIGAMQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9sb2dpZXMgUy5BLjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSQwIgYDVQQDExtDZXJ0dW0gVHJ1c3RlZCBOZXR3b3JrIENBIDIwIhgPMjAxMTEwMDYwODM5NTZaGA8yMDQ2MTAwNjA4Mzk1NlowgYAxCzAJBgNVBAYTAlBMMSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBTLkEuMScwJQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxJDAiBgNVBAMTG0NlcnR1bSBUcnVzdGVkIE5ldHdvcmsgQ0EgMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAL35ePjm1YAMZJ2GG5ZkZz8iOh51AX3v+1xnjMnMXGupkea5QuUgS5vam3u5mV3Zm4BL14RAKyfT6Lowuz4JGqdJle8rQCTCl8en7psl76gKAJeFWqqd3CnJ4jUH63BNStbBs1a4oUE4m9H7MX+P4F/hsT8PjhZJYNcGjRj5qiYQqyrT0NFnjRtGvkcw1S5y0cVj2udjeUR+S2MkiYYuND8pTFKLKqfA4pEoibnAW/kd2ecnrf+aApfBxlCSmwIsvam5NFkKv4RK/9/+s5/r2Z7gmCPspmt3FirbzK07HKSH3EZzXhliaEVX5JCCQrtC1vBh4MGjPWajXfQY7ojJjRdFKZkydQIx7ikmyGsC5rViRX83FVojaInUPt5OJ7DwQAy8TRfLTaKzHtAGWt32k89XdZn1+oYaZ3izv5b+NNy951JW5bPldXvXQZEF3F1p45UNQ7n8g5Y5lXtsgFpPE3LG130pekS6UqQq1UFGCSD+IqC2WzCNvIkM1ddw+IdS/drvrFEuB7NO/tAJ2nDvmPpW5m3btVdL3OUsJRXIni54TvjanJ6GLMpX8xrlyJKLGoKWesO8UBJp2A5aRos66yb6I8m2sIG+QgCk+Nb+MC7H0kb25Y51/fLMudCHW8wGEGC7gzW3XmfeR+yZSPGkoRX+rYxijjlVTzkWubFjnf+3AgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFLahVDkCw6A/joq8+tT4HKbROg79MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQ0FAAOCAgEAcaUOzuTpvz841YlaxAJh+0zFFBcti09TaxAX/GWExxBJkN7bxyaTiCZvcNYCXjmg94+rlrWlE1yBFG0OgYIRG4pOxk+l3WIeRN8JWfRbdws36YsgxvgKTi5YHOsz0M+GYMna+4AvnkxghHg9IWTW+0EfGA/nyXVxvb1c3jSHPkGwDva51j8JE5YUL96aHVq5Vs41OrBfcE1e4ynxIyhyWbarwoxmJhx3LCZ2NYsop2mg+Tv1I92FEHTJkANWkeevukfUEpcRIuOiSZRs57eUS7otpNozi0ymRP9aPMYdZNi1MeSmPHqoVwvb7WEay/HOc3djpIdvTFE41uRfx5+2gSrkhUh5WF47+NsCgmfBOdvDdEs9Nh75KZOIaFuoRBkh8KfogQ0s6JM2tDeyyrAbJnqaJR+amoCeSyo/+6Oa/nMyccKexnLhimgn8eQPtMRMpWGT+JcQByowJam5yHG472jMLX714H4Pgqhvtrpsg0N3zYqSF6GeW3gWPUXiM3Ld4WbKmdPJxSb9DWgERq622ZuMvhm+scbyGeNcAsos2G9KB9nJNdpAdfLEpxlvnkIQmHXmlYtgvO3FEteKztWYXFaWA8XudwY1/8/k7j8TYe7b2i2F8M2unbIYCUXDkqFyF/xHtqALLPHE3kNoCGpfO/B2Y/vMBiymxuIOtbm+JI8AAAACACRlbnRydXN0cm9vdGNlcnRpZmljYXRpb25hdXRob3JpdHktZzIAAAFwnFfleAAFWC41MDkAAARCMIIEPjCCAyagAwIBAgIESlOMKDANBgkqhkiG9w0BAQsFADCBvjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEyMDAGA1UEAxMpRW50cnVzdCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzIwHhcNMDkwNzA3MTcyNTU0WhcNMzAxMjA3MTc1NTU0WjCBvjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEyMDAGA1UEAxMpRW50cnVzdCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6hLZy254Ma+KZ6TABp3bqMriVQRrJ2mFOWHLP/vaCeb9zYQYKpSfYs1/TRU4cctZOMvJyig/3gxnQaoCAAEUesMfnmr8SVycco2gvCoe9amsOXmXzHHfV1IWNcCG0szLni6LVhjkCsbjSR87kyUnEO6fe+1R9V77w6G7CebI6C1XiUJgWMhNcL3hWwcKUs/Ja5CeanyTXxuzQmyWC48zCxEXFjJd6BmsqEZ+pCm5IO2/b1BEZQvePB7/1U1+cPvQXLOZprE4yTGJ36rfo5bs0vBmLrpxR57d+tVOxMyLlbc9wPBr64ptntoP0jaWvYkxN4FisZDQSA/i2jZRjJKRxAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRqciZ60B7vfec7aVHUbI2fkBJmqzANBgkqhkiG9w0BAQsFAAOCAQEAeZ8dlsa2eT8ijYfThwMEYGprmi5ZiXMRrEPR9RP/jTkrwPK9T3CMqS/qF8QLVJ7UG5aYMzyorWKiAHarWWluBh1+xLlEjZivEtRh2woZRkfz6/djwUAFQKXSt/S1mja/qYh2iARVBCuch38aNzx+LaUa2NSJXsq9rD1s2G2v1fN2D807iDginWyTmsQ9v4IbZT+mD12q/OWyFcq1rca8PdCE6OoGcrBNOTJ4vz4RnAuknZoh8/CbCzB428Hch0P+vGOaysXCHMnHjf87ElgI5rY97HosTvuDls4MPGmHVHOkc8KT/1EQrBVUAdj8BbGJoX90g5pJ19xOe4pIb4tF9gAAAAIACnRhaXdhbmdyY2EAAAFwnFfleAAFWC41MDkAAAV2MIIFcjCCA1qgAwIBAgIQH51ZWtcvwgZEpYAIaeNe9jANBgkqhkiG9w0BAQUFADA/MQswCQYDVQQGEwJUVzEwMC4GA1UECgwnR292ZXJubWVudCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTAyMTIwNTEzMjMzM1oXDTMyMTIwNTEzMjMzM1owPzELMAkGA1UEBhMCVFcxMDAuBgNVBAoMJ0dvdmVybm1lbnQgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAJoluOzMonWoe/fOW1mKydGGEghU7Jzy50b2iPN86aXfTEc2pBsBHH8eV4qNw8XRIePaJD9IK/ufLqGU5ywck9G/GwGHU5nOp/UKIXZ3/6m3xnOUT0b3EEk3+qhZSV1qgQdW8or5BtD3cCJNtLdBuTK4sfCxw5w/cP1T3YGq2GN49thTbqGsaoQkclSGxtKyyhwOeYHWtXBiCAEuTk8O1RGvqa/lmr/czIdtJuTJV6L7lvnM4T9TjGxMfptTCAtsF/tnyMKtsc2AtJfcdgEWFelq16TheEfOhtX7MfP6Mb40qij7cEwdScevLJ1tZqa2jWR+tSBqnTuBto9AAGdLiYa4zGX+FVPpBMHWXx1E1wovJ5pGfaENda1UhhXcSTvxls4Pm6Dso3pdvtUqdULle96ltqqvKKyskKw4t9VoNSZ63Pc78/1Fm9G7Q3hub/FCVGqY8A2tl+lSXunVanLeavcbYBT0peS2cWeqH+riTcFCQP5nRhc4L0c/cZyu5SHKYS1tB6iEfC3uUSXxY5Ce/eFXiGvviiNtsea9P63RPZYLhY3Naye7twWb7LuRqQoHEgKXTiCQ8P8NHuJBO9NAOueNXdpm5AKwB1KYXA6OM5zCppX7VRluTI6uSw+9wThNXo+EHWbNxWCWtFJaBYmOlXqYwZE8lSOyDvR5tMl8wUohAgMBAAGjajBoMB0GA1UdDgQWBBTMzO/MKWCkO7GStjz6MmKPrCUVOzAMBgNVHRMEBTADAQH/MDkGBGcqBwAEMTAvMC0CAQAwCQYFKw4DAhoFADAHBgVnKgMAAAQUA5vwIhP/lSg209yewDL7MTqKUWUwDQYJKoZIhvcNAQEFBQADggIBAECASvomyc5eMN1PhnR2WPWus4MzeKR6dBcZTulStbngCnRiqmjKeKBMmo4sIy7VahIkv9Ro04rQ2JyftB8M3jh+Vzj8jeJPXgyfqzvS/3WXy6TjZwj/5cAWtUgBfen5Cv8b5Wppv3ghqMKnI6mGq3ZW6A4M9hPdKmaKZEk9GhiHkASfQlK3T8v+R0F2Ne//AHY2RTKbxkaFXeIksB7jSJaYV0eUVXoPQbFEJPPB/hprv4j9wabak2BegUqZIJxIZhm1AHlUD7gsL0u8qV1bYH+Mh6XgUmMqvtg7hUAV/h62ZT/FS9p+tXo1KaMuephgIqP0fSdOLeq0dDzpD6QzDxARvBMB1uUO07+1EqLhRSPAzAhuYbeJq4PjJB7mXQfnHyA+z2fI56wwbSdLaG5LKlwCCDTb+HbkZ6MmnD+iMsJKxYEYMRBWqoTvLQr/uB930r+lWKBi5NdLkXWNiYCYfm3LU05er/ayl4WXudpVBrkk7tfGOB5jGxI7leFYrPLfhNVfmS8NVVvmONsuP3LpSIXLuykTjx44VbnzssQwmSNOXfJIoRIM3BKQCZBUkQM8R+XVyWXgt0t97EfTsws+rZ7QdAAO671RrcDeLMDDav7v3Aun+kbfYNucpllQdSNpc5Oy+fwC00fmcc4QAu4njIT/rEUNE1yDMuAlpYYsfPQSAAAAAgA0aGVsbGVuaWNhY2FkZW1pY2FuZHJlc2VhcmNoaW5zdGl0dXRpb25zZWNjcm9vdGNhMjAxNQAAAXCcV+V4AAVYLjUwOQAAAscwggLDMIICSqADAgECAgEAMAoGCCqGSM49BAMCMIGqMQswCQYDVQQGEwJHUjEPMA0GA1UEBxMGQXRoZW5zMUQwQgYDVQQKEztIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIENlcnQuIEF1dGhvcml0eTFEMEIGA1UEAxM7SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9ucyBFQ0MgUm9vdENBIDIwMTUwHhcNMTUwNzA3MTAzNzEyWhcNNDAwNjMwMTAzNzEyWjCBqjELMAkGA1UEBhMCR1IxDzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRob3JpdHkxRDBCBgNVBAMTO0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgRUNDIFJvb3RDQSAyMDE1MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEkqBB6EuChFzi+DERmYZkTgklL51BLwquNU90lbJRZGuNa+Y/cJXwBURHpnI4UHaVAlqOriie+S1Ome8sSG9MJSno0XFb3x3BdTe01/p7ekKcagpWWnxpC6qACSRsfsFGo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUtCILgpkkAQ6cu+QO/b/7lyCTmSowCgYIKoZIzj0EAwIDZwAwZAIwZ84WYjiirGJFp6mVJMAaJ5wyO8DA1bqp5/gEQ1OF7lIh3p31JYM+nlhLL9dnEw4hAjAF4XUB3mjtKh9NTAkIDexLrWQXKOd1zkVlciEXyyJBDowTmDiaVG2byuJ86gJYIpEAAAACAB50d2Nhcm9vdGNlcnRpZmljYXRpb25hdXRob3JpdHkAAAFwnFfleAAFWC41MDkAAAN/MIIDezCCAmOgAwIBAgIBATANBgkqhkiG9w0BAQUFADBfMQswCQYDVQQGEwJUVzESMBAGA1UECgwJVEFJV0FOLUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFUV0NBIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDgwODI4MDcyNDMzWhcNMzAxMjMxMTU1OTU5WjBfMQswCQYDVQQGEwJUVzESMBAGA1UECgwJVEFJV0FOLUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFUV0NBIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwfnK4pAOU5qfeCTiRShFAh6d8WWQUe7UREN3+v9XAu1bihSX0NXIP+FPQQeFEAcK0HMMxQhZHhTMidrIKbw/lJVBPhYa+v5guEGcevhEFhgWQxFnQfHgQsIBct+HHK3XLfJ+utdGdIzdjp9xCoi2SBBtQwXu4PhvJVgSLL1KbralW6cH/ralYhzC2gfeXRfwZVzsrb+RH9JlF/h3x+JejiB03HFyP4HYlmlD4oFT/RJB2I9IyxsOrBr/8+7/zrX2SYgJbKdM1o5OaQ2RgXbL6Mv87BK9NQGr5x+PvI/1ry+UPizgN7gr8/g+YnzAx3WxSZfmLgb4i4RxYA7qRG4kHAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRqOFsmjd6LWvJPelSDGRjjCDWmujANBgkqhkiG9w0BAQUFAAOCAQEAPNV3PdrfibqHDAhUaiBQkr6wQT25JmSDCi/oQMCXKCeCMErJk/9q56YAf4lCmtYR5VPOL8zy2gXE/uJQxDqGfczafhAJO5I1KlOy/usrBdlsXebQ79NqZp4VKIV66IIArB6nCWlWQtNoURi+VJq/REG6Sb4gumlc7rh3zc5sH62Dlhh9DrUUOYTxKOkto557HnpyWoOzeW/vtPzQCqVYT0bf+215WfKEIlKuD8z7fDvnaspHYcN6+NOSBB+4IIThNlQWx0DeO4pz3N/GCUzf7Nr/1FNCocnyYh0igzyXxfkZYiesZSLX0zzG5Y6yU8xJzrww/nsOM5D77dIUkR8HrwAAAAIAEHR3Y2FnbG9iYWxyb290Y2EAAAFwnFfleAAFWC41MDkAAAVFMIIFQTCCAymgAwIBAgICDL4wDQYJKoZIhvcNAQELBQAwUTELMAkGA1UEBhMCVFcxEjAQBgNVBAoTCVRBSVdBTi1DQTEQMA4GA1UECxMHUm9vdCBDQTEcMBoGA1UEAxMTVFdDQSBHbG9iYWwgUm9vdCBDQTAeFw0xMjA2MjcwNjI4MzNaFw0zMDEyMzExNTU5NTlaMFExCzAJBgNVBAYTAlRXMRIwEAYDVQQKEwlUQUlXQU4tQ0ExEDAOBgNVBAsTB1Jvb3QgQ0ExHDAaBgNVBAMTE1RXQ0EgR2xvYmFsIFJvb3QgQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCwBdvI64zEbooh745NnHEKH1Jw7W2CnJfF10xORUnLQEK1EjRsGcJ0pDFfhQKX7EMzClPSnIyOt7h52yvVavKOZsTuKwEHktSz0ALfUPZVr2YOy+BHYC8rMjk1Ujoog/h7FsYYuGLWRyWRzvAZEk2tY/XTP3VfKfChMBwqoJimFb3u/Rk28OKRQ4/6ytYQJ0lM793B8YVwm8rqqFpD/G2Gb3PpN0Wp8DbHzIh1HrtsBv+baz4X7GGqcXzGHaL3SekVtTzWoWH1EfcFbx39Eb7QMAfCKbAJTibc46KokWofwpFFiFzlmLhxpRUZyXx1EcxwdE8tmx2RRP1WKKD+u4ZqyPpcC1jcxkt2yKsi2XMPpfRaAok/T54igu6idFMqPVMnaR1sjjIsZAAmY2E2TqNGtz99sy2sbZCilaLOz9qC5wc0GZbpuCGqKX6mOL6OKUohZnkfs8O1CWfe1tQHRvMq2uYiN2DLgbYPoA/pyJV/v1WRBXrPPRXAb94JlAGD1zQbzECl8LibZ9WYkTunhHiVJqRaCPgrdLQABDzfuBSO6N+pjWxnkjMdwLfS7JLIvgm/LCkFbwJrnu+8vyq8W8BQj0FwcYeyTbcEqYSjMq+u7msXi7Kx/mzhkIyIqJdIzshNy/MGz19qCkKxHh53L46g5pIOBvwFItIm4TFRfTLcDwIDAQABoyMwITAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAXzSBdu+WHdXltdkCY4QWwa6gcFGn90xHNcgL1yg9iXHZqjNB6hQbbCEAwGxCGX6faVsgQt+i0trEfJdLjbDorMjupWkEmQqSpqsnLhpNgb+E1HAerUf+/UqdM+DyucRFCCEK2mlpc3INvjT+lIutwx4116KD7+U4x6WFH6vPNOw/KP4M8VeGTslV9xzU2KV9Bnpv1d8Q34FOIWWxtuEXeZVFBs5fzNxGiWNoRI2T9GRwoD2dKAXDOXC4Ynsg/eTb6QihuJ49CcdP+yz4k3ZB3lLg4VfSnQO8d57+nile98FRYB/e2guyLXW3Q0iT5/Z5xoRdgFlglPx4mI88k1HtQJAH32RjJMtOcQWh15QaiDLxInQirqWm2BJpTGCjAu4r7NRjkgtevi92a6O2JryPA9gK8kxkRr05YuWW6zRjESjMlfGt7+/cgFhI6Uu46mWs6fyAtbXIRfmswZ/ZuepiiI7E8UuDEq3mi4TWnsLrgxifarsbJGAzcMzs9zLzXNl5fe+epP7JI8Mk7hWSsT2RTyaGvWZzJBPqpK5jwa19hAM8EHiGG3njxPPyBJUgriOCxLM6AGK/5jYk4Ve6xx6QddVfP5VhK8E7zeWzaGHQRiapIVJpLesux+t3zqY6tQMzT3bR51xUAV3LePTJDL/PEo4XLSNolOer/qmyKwbQBM0AAAACABRnZW90cnVzdHVuaXZlcnNhbGNhMgAAAXCcV+V4AAVYLjUwOQAABXAwggVsMIIDVKADAgECAgEBMA0GCSqGSIb3DQEBBQUAMEcxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMSAwHgYDVQQDExdHZW9UcnVzdCBVbml2ZXJzYWwgQ0EgMjAeFw0wNDAzMDQwNTAwMDBaFw0yOTAzMDQwNTAwMDBaMEcxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMSAwHgYDVQQDExdHZW9UcnVzdCBVbml2ZXJzYWwgQ0EgMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALNUUsHJPvLZ3LFTGlkp57HDRSjl19HtxcVLoap0e1evSib82PVep24Z23QMTzVbMgsB49vrenc16qpa4NbooVeU8JCjdFaURDADHlxOK4UmdIJ6DHagb03OQS2gFQYUX7dCzXuPWGE03CoI+S7DAaYiRBxMB4LmW87QSnwE0xlzJ/CqmH8ur07rhx4kd2pdtuhbRbrcw6EFb1aOjxAmpUnDLtdBhyLgT4bKYLXqoWPAAZcQeb0APBJtKxWxrEux7hi5Tpbc3Hb/O77PXwPA/DvovkYb/9pAwlL3/uM692p3NdDajeteGGoxxx66PBso1mtUxqpb16IsGxnMogL2m1m9N2uGtW2CutjqyVa8qTZY/T4Z8+0MJqmTOPhPwV0iBtCX6uGtxlXggSsogzr69HshUQC+UjjOzWZ5qPSBVuLQgwlHUVtQas/bSBpdPvfL9mX3bPGV+AI7MlaCOXpbvS+JG7+htOj/f42M3wPxYE5YEUzroz8QK4OaAXPZlG2EACdmrPBwQAlCkq1Pkw1hCVEk2JLVC5Rhsoey7f+aNf+FVMrtREOsGzwWa0hKChxAiB+SwgsABf/yyAJKpKqpzJmWnC9Y4H3hvrsH3F8EclwxNMPsXy3gPWSQIubR7Lgu3Vmu2aE3v1Q13HMyT4wEHjOyyUbx2FzIVVDJaL2oujYJAgMBAAGjYzBhMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFHbzVeH6pDb78J9cYnHtPPRHOBArMB8GA1UdIwQYMBaAFHbzVeH6pDb78J9cYnHtPPRHOBArMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQUFAAOCAgEAZsHGI/PZ4C5uX+jPrrCwJU0r+DtYm0AkN1rLqxZJ/7N1eTOhL21wFzSR/md+j+yb5V6CqVUfL9zUUQcS/qwWPiw1xmP83BDrDaOq0HzM0dAvUS7EFFre6BnhPsbMpCnnLoSqBjB4dlRzKJhZOOAADWLTQn0hn649OozV+ncNGCsWDl824fwqtTAkz+BjDHtYGv6ZukISsZH0fGjiyOivLOrJfq67Kj0NFdw0lbYYdKhqD8e09BPE5FvtCtKkl0wq7S9sEok98SdwqmoDUiGfQKhnUPLzWh/f3yP23HhO5phPVTpT4+/y9J/HfNhYrykil7jgvZEusHbsVxHP7ylE8+mFemBj5F0ziRfZMara1vMYNXLPhysvYyOEXYSMP1egiPyZkSgmaZnUj5dEvo7VSLGkKCnxFbTh5Z7d+I+mbybXCTw6HBEOpmw3961Ehywox9h0grPQb0pXuzUpJ6CL6CGnh2Q2XczYFqzHsidAklU4KI1Rbt0UZ1NscVwmhE11WrZ+YFapTa37mx6X8w3Z0pdUd9o9ErfgHu8IBqz5hYfpotyvfhgSg/1WF0Eu1SmCfZn0MfZxqc8sASelBbmqskhOKu+fk1JRlTxSc45WTBdAwAko5ItqSFPb7M1VVfHG+OmiLEym0SZffq9aTNofpvIcLH6uAhbSVtAvV1NH6JIAAAACABZ0aGF3dGVwcmltYXJ5cm9vdGNhLWczAAABcJxX5XgABVguNTA5AAAELjCCBCowggMSoAMCAQICEGABl7dGp+q0tJrWSy/3kPswDQYJKoZIhvcNAQELBQAwga4xCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwx0aGF3dGUsIEluYy4xKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2aXNpb24xODA2BgNVBAsTLyhjKSAyMDA4IHRoYXd0ZSwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MSQwIgYDVQQDExt0aGF3dGUgUHJpbWFyeSBSb290IENBIC0gRzMwHhcNMDgwNDAyMDAwMDAwWhcNMzcxMjAxMjM1OTU5WjCBrjELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIwMDggdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxJDAiBgNVBAMTG3RoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EgLSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALK/Jyz729hb3Xh7G553ZoHLPrx8rvOmJ5o0o2gxcTgzYuTzcWZ5sallo6WL1Y9gLT9CzKprMsAjyyxB3eTf/GGc4nOyIpURQxhfxLYfV2wKBVgiyDZMOnyl0c+Gr4inRAITdHFzCkJZAvgbFGtC329fumuCop1b50q9HgFy20t06Dt/f30fBLQmm+C0WqxHPVW417AmUigBMUBm2NkkvfYq2OwhSVyb9nrpf1U1fpZrjZOTJ8uSu+qsQMCfwviAz130WtzOdIamPmwLU8q9ks4ZBnLmDFw4accE1rxszlv292ic3CUVSIih6an4mJzg89UxKGERbGeWjTmZy8JFJDkCAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFK1sqpRgnO3k//o+CnQrYwP3tlm/MA0GCSqGSIb3DQEBCwUAA4IBAQAaQNiVZawJkonGOfQQ5akOZlNdeN76JJG750RR38YWNArvakRR6isHigN6w+s/CixSFqArQ7klkD9wqTMlbUUaKDsnz6rDKUIb3ztMwDM0W0GIv2srZa8o77L1w6pmzntW7rfIy2fByZwaGLjEw0kD8WAOUM1GxfN3efe2FeA428cvKKAMP3cmdNklEtox2hoe3ClBkSI8aae7AvK2XCcDifQG6pvkcoLjoQnB6QAZ0z7UcGu6caaqWK70u+lstu+HzJu7/znmVmHTCqfEXExgewV3Jnq/2AdSLGL3cGPZObxvHMJ53HYpr87FLGQEXog2bjHUQBpiNDY/NQGurGOgAAAAAgAWdGhhd3RlcHJpbWFyeXJvb3RjYS1nMgAAAXCcV+V4AAVYLjUwOQAAAowwggKIMIICDaADAgECAhA1/CZc2YRPyT0mPVebrtdWMAoGCCqGSM49BAMDMIGEMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMTgwNgYDVQQLEy8oYykgMjAwNyB0aGF3dGUsIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTEkMCIGA1UEAxMbdGhhd3RlIFByaW1hcnkgUm9vdCBDQSAtIEcyMB4XDTA3MTEwNTAwMDAwMFoXDTM4MDExODIzNTk1OVowgYQxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwx0aGF3dGUsIEluYy4xODA2BgNVBAsTLyhjKSAyMDA3IHRoYXd0ZSwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MSQwIgYDVQQDExt0aGF3dGUgUHJpbWFyeSBSb290IENBIC0gRzIwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASi1ZyCe5Wd8VJ4h/6KFr8F5t+jAk8NB8YAUboMAlItIqRCOcT+j+rJwb7UTf+fep7isXyaraeGCXOH0eea43qlqm77urNwwGeIojXUo5qx/a3C7zH6qLnz+wjGkdH7KZWjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBSa2AAwAOdrf4UY7ou2zooM+BHhuzAKBggqhkjOPQQDAwNpADBmAjEA3fjgV0dbp+YKw731gIqXNQ0biTxUhncoyqH0ed615jiw8GVwjH8CVMK//9ihPtnPAjEAxI2U/NxT0tydeBYfFTMjU1LjWjFdncquvRMpRA0nW6jnaJwS91g/LnICV6OPoRQuAAAAAgAXYmFsdGltb3JlY3liZXJ0cnVzdHJvb3QAAAFwnFfleAAFWC41MDkAAAN7MIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJRTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTAwMDUxMjE4NDYwMFoXDTI1MDUxMjIzNTkwMFowWjELMAkGA1UEBhMCSUUxEjAQBgNVBAoTCUJhbHRpbW9yZTETMBEGA1UECxMKQ3liZXJUcnVzdDEiMCAGA1UEAxMZQmFsdGltb3JlIEN5YmVyVHJ1c3QgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKMEuyKrmD1X6CZymrV51Cni4eiVgLGw41uOKymaZN+hXe2wCQVt2yguzmKiYv60iNoS6zjrIZ3AQSsBUnuId9Mcj8e6uYi1agnnc+gRQKfRzMpijS3ljwumUNKoUMMo6vWrJYeKmpYcqWe4PwzV9/lSEy/CG9VwcPCPwBLKBsua4dnKM3p31vjsufFoREJIE9LAwqSuXmD+tqYF/LTdB1kC1FkYmGP1pWPgkAx9XbIGevOF6uvUA65ehD5f/xXtabz5OTZydc93Uk3zyZAsuT3lySNTPx8kmCFcB5kpvcY67Oduhjprl3RjM71oGDHweI12v/yejl0qhqdNkNwnGjkCAwEAAaNFMEMwHQYDVR0OBBYEFOWdWTCCR1jMrPoIVDaGezq1BE3wMBIGA1UdEwEB/wQIMAYBAf8CAQMwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQCFDF2O5G9RaEIFoN27TyclhAO992T9Ldcw46QQF+vaKSm2eT929hkTI7gQCvlYpNRhcL0EYWoSihfVCr3FvDB81ukMJY2GQE/szKN+OMY3EU/t3WgxjkzSswF07r51XgdIGn9w/xZchMB5hbgF/X++ZRGjD8ACtPhSNzkE1akxehi/oCr0Epn3o0WC4zxe9Z2etciefC7IpJ5OCBRLbf1wbWsaY71k5h+3zvDyny67G7fyUIhzksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9HRCwBXbsdtTLSR9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmpAAAAAgATYnV5cGFzc2NsYXNzMnJvb3RjYQAAAXCcV+V4AAVYLjUwOQAABV0wggVZMIIDQaADAgECAgECMA0GCSqGSIb3DQEBCwUAME4xCzAJBgNVBAYTAk5PMR0wGwYDVQQKDBRCdXlwYXNzIEFTLTk4MzE2MzMyNzEgMB4GA1UEAwwXQnV5cGFzcyBDbGFzcyAyIFJvb3QgQ0EwHhcNMTAxMDI2MDgzODAzWhcNNDAxMDI2MDgzODAzWjBOMQswCQYDVQQGEwJOTzEdMBsGA1UECgwUQnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3MgQ2xhc3MgMiBSb290IENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA18de98EH1Hf7QyH09PVp5O4yAdujhh/kWQ2653WDUuvqHGEVSLsdB8qMrrDclp3qw2CShoIoc5xWBv9LZPAMKjdJteXPDHzu8Uq7czBl89Uvg7Z+4+f1nqtg+dPxnZJ0iuQclqxbgOm19DGHo1H8x36hb45Td9SXwVUzkj4YL3XUrYZJy5WvVAZs2AYTjVv/4SYZWcAkuoFxeZBEUGgklF+4sxHxKUFho0HLIzbVwfEyUBBOf/SGk+yE0468S79cAU4HPdwUipQKpOpz+wtR6BMHGPoO8SvRVBV9POH3tBlCZ2Jed+CiVey22WkX1TqvRO1KxZ7keid85XXXqssl599rCtsPTZNOqKDNey7yWQFqtw24B4F+izgbOOYKV5k97iHoo/UMFt2L7DSOnCocABUXjWiD0nCfGAjNEWjVyWtSzcRGj9y189hXcx7plDkEv9PeON60U+xpHKJ+xI/kG3Ct8qL5+/cWZGZpn0lRouIVGGcGSn/VbLVNszPgYetdvumYDzLXHUs8LloBUpEJ8t/qjdgGQGOqEeT+wzeeFFI/9OLM8mGT0f1na9dSrr9oq0BDoFc1U3jwU/hhQgdkxtdvm0w4DWOsYq82i6JzCg31Ib10qk3qcgNJ28dfHWJjx/3dkewz7vVttG4waN7I1iawdV57tAcgmKF2MrhNbE8CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUyYB34GKSgvVGnPO690zD3rijrTkwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQBTXyH1urA6UjkskrBsAMnvziDvBvKWnumkdH96Fvy39bb7FRs/q6bAcl0QsXHuvE/jrawDbS5xLq/E462jvQwRp7T/SrJ7EBAfp1dBssCu9CxZ1kcQiPMhUSkwymCGr0arHe06W7CU3kTjQQiiwewd1v1PttZH0BQLyubKtXt3fkEfXoPHtow5lrA/loFBb2CQ4uj5+yJx2X2zPUa/tISvkBwPjxJqr+/uHnquAkqKFyt2/qxUiSQsTz+2sqdOjKiRl/spxntcLbnLZra3qFsSUYW1CX5ieHD+qWpgth0OeQz9yuokgHLDlz/yd6tDIgrH67YMhIIsgGtBigjA66Vr35kSy4rVXoAMkeAmCDZIxfo4ETX/JYMt8nq/2v2O/qXLRSwfxIhTrncO2Zp2xY4sHaO61ewyrsCqrPfRek3r1AfiSPcijrCkn2rOjrKyYPSjItAj65RaemndD79AV6xrWVDZo5nhbv6NAXknIxXekp17CU1a50tIMFoY5gpt5o/g0rvm33xuIYLBaDlNtJhYZmLMSpBew/onBLF5FXSZzL6tIN4mYBzrVlGmo+rkoz+n/2Hc8VpNbDIjQ+6sqO7uShIJPF1xwr55+sKHaB0L/VxpzAbQmn1UmSrJORoZr0sqQ/NjXVpY4i/jHeSp1tAK0J6/14EJ8cnHJg2smBZWoAAAAAIAF2RpZ2ljZXJ0YXNzdXJlZGlkcm9vdGczAAABcJxX5XgABVguNTA5AAACSjCCAkYwggHNoAMCAQICEAuhWvod36C1SUSvzSSgbOwwCgYIKoZIzj0EAwMwZTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTEkMCIGA1UEAxMbRGlnaUNlcnQgQXNzdXJlZCBJRCBSb290IEczMB4XDTEzMDgwMTEyMDAwMFoXDTM4MDExNTEyMDAwMFowZTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTEkMCIGA1UEAxMbRGlnaUNlcnQgQXNzdXJlZCBJRCBSb290IEczMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEGee8rERl7c24P1j7jbFXqUQtBRXy7wv/EHSftWJSX2Z+H+XcG0V5C8zGUwqdjV0C2alZ3gJa9pUqDo04SopJxrzGAzgHX1Xafglu4n9e0EUgD1l2ENagJPAt3jbybCk5o0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUy9C9qeGYBVGhTTeig3nOjR0q5IQwCgYIKoZIzj0EAwMDZwAwZAIwJaSBRQJrEkt1dE/II+Nw8nVy3nyJ8M+RcmGeXhCSWVa5g8cQ5zjpWCY2fdXkNIY5AjB8NlPwMOViYzqZ4rajO5s0+h7aEJJxXpETp92kbpLMMtb1IWbHL+qWY2plRZKVAbQAAAACABZjZXJ0dW10cnVzdGVkbmV0d29ya2NhAAABcJxX5XgABVguNTA5AAADvzCCA7swggKjoAMCAQICAwREwDANBgkqhkiG9w0BAQUFADB+MQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9sb2dpZXMgUy5BLjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSIwIAYDVQQDExlDZXJ0dW0gVHJ1c3RlZCBOZXR3b3JrIENBMB4XDTA4MTAyMjEyMDczN1oXDTI5MTIzMTEyMDczN1owfjELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMuQS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEiMCAGA1UEAxMZQ2VydHVtIFRydXN0ZWQgTmV0d29yayBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOP7faNyusLwyRSH9WsBTuFuQAe6bSddf/dbLbNax1Ffq6QypmGHtm4PhtIwApf412lXoRg5XWpkecYBWaw8MUo4fNIE0kso6CBfOweizE1z2/OuT8dW1Vqnlon686to1COGWSfPCSe8rG5ygxwwct/gounS4XR1Gb0qnnsVVAQb10M5rVUoxeIau/TA5K44STPMdoWfOUXSpJ7yEoxR+HzkLX/1rF/rFp+xLdG6zJFCd0wlyZA4b9vwzPuOHpdZPtVgTuYFKO1JeRNLukjbL/ly0znK/h/YNHL1tEDPMQHD7N4RLRddH7hQ0V4Zp2neBzMoylCV+adUy1SGUEWp+UkCAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUCHbNywf/JPbFze27kLzihDdGdfcwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQCmqK0izgE9pqP/YtBInYtecrB4ROPcHK8J/SNI+r0qxLlVBLUQo40n3guCY9Du3gw3eUFbIrKwmkFcpnDg1NB3yyPTAOBsVi/haQ0N2aq/IYFQ2QalqP+VN9Cq/uKz9ZktRYSK5UIJ13QCL/eJ2JnpvCfUR426DUYcd88UpBy5pDHEnCh0AzT/MxkmpekNdLc+l8Z26CeWo2bd4a7yQVvKmFaDc3DkhhrSMUG6L74tE1p2b07oToEOP1sDIqASvmZYEUrLA8S0KiotlhfgOVS8SNN2J52aLQamyew50qvbn5oLJwI1KbFAlef56JxViBlG1rc09X7OOZrZOPFR908sAAAAAgAoZ2VvdHJ1c3RwcmltYXJ5Y2VydGlmaWNhdGlvbmF1dGhvcml0eS1nMwAAAXCcV+V4AAVYLjUwOQAABAIwggP+MIIC5qADAgECAhAVrG6UGbJ5S0H2J6nDGA8fMA0GCSqGSIb3DQEBCwUAMIGYMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjE5MDcGA1UECxMwKGMpIDIwMDggR2VvVHJ1c3QgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MTYwNAYDVQQDEy1HZW9UcnVzdCBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzMwHhcNMDgwNDAyMDAwMDAwWhcNMzcxMjAxMjM1OTU5WjCBmDELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsTMChjKSAyMDA4IEdlb1RydXN0IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTE2MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3OJeYlgdM1c5MjP668uHjKfUSt0GiOpkjjGYpTiQHpjPLmMr8Ea8RLKJocAoDElwIZWfZMCmkxICZSaGxqWJ8PrXhKBwr08alz8GRNXJ63IQfeQxKPscYeYoB0RzkiJppwOIbJ1jyFLamCfnCExwPrTJEsHFZ4NdM/MDEexq0FPi0bo2YJSAu2FjbFsXft9AlB6rDcIhKHCI/9YmbGxgBCVOVX5977+USN63Hd1wjQVfiKWb8sLu6tFAQW1iOB1WBsUDR1EgGfx7EAsOYq52Vb9fd74+SQFTPZglA3YkWh2024nqeeW2szs/ukwoQX8GrGqOwdD2BR195kKG46XVRwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUxHnKjqFOAx0c3GvbMVuUPj8wfy0wDQYJKoZIhvcNAQELBQADggEBAC3FE89WgHt6eL2friyZ5+/a35ReCWmn525ojL1yvkepDpcSuErxZNM53yU01MHNToHwDwTEJLM0lsamqjDfaGFz1/mOhYnvDl6VKEoqJ48Qji58hsQCntoMd2UORA2S/f2zFjb6EQ0djA4HiWopVvdy9N0VnHc1ZlerE1PYjsFAxdcTFlpyx7dpAcR6sYMBaH2NQaGUGMElXPzw/oMCh3wNDc8uCFxKQA0+7IFh5iTbyuAOLQeyPlbcjfVBhQdImwwLy0k/fey3/cuNZ4kaq+27HqMACAgXKoJcMV1Gii0Phpt02UX71ECxeqpoLYaymSLhwSvHnPjzX6iCEusZES0AAAACABdkaWdpY2VydGFzc3VyZWRpZHJvb3RnMgAAAXCcV+V4AAVYLjUwOQAAA5owggOWMIICfqADAgECAhALkxw61jln6mcjv8OvmvRLMA0GCSqGSIb3DQEBCwUAMGUxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xJDAiBgNVBAMTG0RpZ2lDZXJ0IEFzc3VyZWQgSUQgUm9vdCBHMjAeFw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGUxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xJDAiBgNVBAMTG0RpZ2lDZXJ0IEFzc3VyZWQgSUQgUm9vdCBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANnnKC9SPzZySYiTNPP4ah4xVICfrVRBtUfflqjUr4AtuQrPdf2JpX0k+uMiDCu8lRcLM78ZTUEGkAC9DE0Q/ge15xxuIlUxZZe90xfSHmLz2+psUIw/hAyWz7fLA+DKbaEUTBuJ3e0AsFJ8r5FssTgT0ekSCMAAsBwrEdp3cDabrs55h9yCcOYJdHBVaa+jaJ+/3bZ5s/KdcClV9Kv/lWHzyUBvHdG+k7vTiCq7nb9yWlZxOz/U89EK/ijvo+7Zma8D049gt/KSobG9iYkfMM3Dpi5iM64WAndEWueBCjynRC55uD8EvFygh+Ebr1GOzews+vj+bfA6fKqL5GeVMY0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0OBBYEFM7DSrmZVfK422C/qX69VrWXNqfWMA0GCSqGSIb3DQEBCwUAA4IBAQDKpVWM48hBbmknp3UR7zyGNm/SncZ4OB1plqKSaS44bJt9BNSJpbExN4rJIcyrbM2LHJrWv0jSMmbBisDzLzrvwOPUkYbRUOMD23N3b0o5U+3eJse1fa8rQtF1YuNKKwLHUEvgaeKWbA5EZhBEj60F6/h5rKYb6Dc0nVPJYaqiUq9KcBaGwjrIsRNwNtjP7vQKNNVbTP0HnKK62QFyXPNNwd0OsRwNxGO+rfQU+4nsokEOTMzIV0DQbgOqzQyOiZmZbPA8MK8432+8o74pICerdP8TInjel1JVHoO1VCAD7q7AT1beN8zDf6oEJ7vTd7hi2xd8nCgiE3Nszyb1iinnAAAAAgAoZ2VvdHJ1c3RwcmltYXJ5Y2VydGlmaWNhdGlvbmF1dGhvcml0eS1nMgAAAXCcV+V4AAVYLjUwOQAAArIwggKuMIICNaADAgECAhA8svRICgDi/uskO15gPsNrMAoGCCqGSM49BAMDMIGYMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjE5MDcGA1UECxMwKGMpIDIwMDcgR2VvVHJ1c3QgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MTYwNAYDVQQDEy1HZW9UcnVzdCBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzIwHhcNMDcxMTA1MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBmDELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsTMChjKSAyMDA3IEdlb1RydXN0IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTE2MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEFbHo/QMVQ+Ws64c3EWLv0oM2Un1FVwtKjXtUOzpuXxUCwFCmzyUvfcpIuMdQYxwqIQh8mjbYC/7RJsVYMTAoJfNdXaO4tqW0ku1sLJ/r3UOJojxLSJEdUOwm39ZgLr0ho0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUFV81V1FV+yWyrQNp/AGj+r4RVdUwCgYIKoZIzj0EAwMDZwAwZAIwZJZZpugJ3ou6+lqIiPAfkdNGqPJKTAJj+2xfONsuQZOpDuad3DEcsqCnGBx54cc2AjA6Vq+adGz2+4PgM9MIX6GcwlufRta2y5EGY6IG5zOsPqiBEtDLutCSC7aelqoED4oAAAACAAppc3Jncm9vdHgxAAABcJxX5XgABVguNTA5AAAFbzCCBWswggNToAMCAQICEQCCEM+w0kDjWURj4LtjgosAMA0GCSqGSIb3DQEBCwUAME8xCzAJBgNVBAYTAlVTMSkwJwYDVQQKEyBJbnRlcm5ldCBTZWN1cml0eSBSZXNlYXJjaCBHcm91cDEVMBMGA1UEAxMMSVNSRyBSb290IFgxMB4XDTE1MDYwNDExMDQzOFoXDTM1MDYwNDExMDQzOFowTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2VhcmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCt6CRz9BQ385ueK1coHIe+3LffOJCMbjzmV6B493XCov71am72AE8o295ohmxEk7axY/0UEmu/H9LqMZshftEzPLpI9d1537O4/xLxIZpLwYqGcWlKZmZsj348cL+tKSIG8+TA5oCu4kuPt5l+lAOf00eXfJlII1PoOK5PCm+DLtFJV4yAdLbaL9A4jXsDcCEbdfIwPPqPrt3aY6vrFk/CjhFLfs8L6P+1dy70sntK4EwSJQxwjQMpoOFTJOwT2e4ZvxCzSow/iaNhUd6shweU9GNx7C7ib1uYgeGJXDR5bHbvO5BieebbpJovJsXQEOEO3tkQjhb7t/eo98flAgeYjzYIlefiN5YNNnWe+w5ysR2bvAP5SQXYgd0FtCrWQemsAXaVCg/Y39W9Eh81LygXbNKYwagJZHduRze6zqxZXmidf3LWicUGQSk+WT7dJvUkyRGnWqNMQB9GoZm1pzpRboY7nn1ypxIFeFntPlF4FQsDj43QLwWyPntKHEtzBRL8xurgUBN8Q5N0s8p0544fAQjQMNRbcTa0B7rBMDBcSLeCO5imfWCKoqMpgsy6vYMEG6KDA0Gh1gXxG8K28Kh8hjtGqEgqiNx2mna/H2qlPRmP6zjzZN7IKw0KKP/32+IVQtQi0Cdd4Xn+GOdwiK1O5tmLOsbdJ1Fu/7xk9TNDTwIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUebRZ5nu25eQBc4AIiMgaWPbpm24wDQYJKoZIhvcNAQELBQADggIBAFUfWKm8sqhQ0Ayx2BppICcpCKxhdVyKbviC5Wkv1fZWS7m4cxBZ0yGXfudMcfuy0mCtOagL6hchVoXxUA5Z687gWem6yRXvhp2PhID25OmRkNwXm2IbRfBmldJ8b8LqO+8fz8vWrifxqbDIrv19fpr6IgTr/9l/6pErIrEXDo/yijRbWNj8AclUubgmzIqIM4lMLYQ8gt/ullcFuiy798S3x047gr4xyCJzc5LRwoCkOTkQMyOCTDyfhrJVmB2+KYaMIpue4ms7VzqCcE3cCceJywoHTWzoXY7J786rx7u1K05F1krQJszlcsoIaqWV4xWh96TtySxfpfv/rCgCLr7Xe7vjcXuQFtMHXkZTfDcHQozTxJac1Zm1KuCVGoBIrkw5B87MR6RSlSu6uPut0jNTfeUdTW3VobHHQm/mQCc1XKMotweN540zkOcjn/tQnHlsRtW0FbOWbn6bDJY6uFItP9Zb4fsIwoT+JKijidqsauEYKrGoQ2Fb0x/cO4128i3ojXXfFzNsPVP7e8tBX//cotBhOOGWuKxdizfXddUzwJkRrp1BwXJ1hL4CQUJfZyRIlNGbJ74HP7m4T4F0UeF6t+2dI+K+4NUoBBM8MQOe3Xpsj8YHGMZ/3keOPyieBAbPpVQ0d73siZvpF0PfW9tf/o4eV6LNQJ1+YiLa3hgnAAAAAgAZdWNhZXh0ZW5kZWR2YWxpZGF0aW9ucm9vdAAAAXCcV+V4AAVYLjUwOQAABV4wggVaMIIDQqADAgECAhBP0iuP9WTIM55PNFhmI3BgMA0GCSqGSIb3DQEBCwUAMEcxCzAJBgNVBAYTAkNOMREwDwYDVQQKDAhVbmlUcnVzdDElMCMGA1UEAwwcVUNBIEV4dGVuZGVkIFZhbGlkYXRpb24gUm9vdDAeFw0xNTAzMTMwMDAwMDBaFw0zODEyMzEwMDAwMDBaMEcxCzAJBgNVBAYTAkNOMREwDwYDVQQKDAhVbmlUcnVzdDElMCMGA1UEAwwcVUNBIEV4dGVuZGVkIFZhbGlkYXRpb24gUm9vdDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKkJBygTArCZ4GSqHkMWenOxkaB1Pqj64zgAeuyJaiAPi8WwmzMDWobGWIbVwYW7T8acQE3Kvu5plritgTCafJIF6wUrmkjQuHY+lsggu9Kw8Y/YrEVG/6pnYLR3fmofPBpSegQ9BzyFDYTQH3YK92oU33LjNHxXTlYBPnnxqik7bPr4j21NyDXfruvcJO55RaeFtgWI3ohdJXyXZGcJ2b9aFQWG8wke7FgyMxHzd2Swdh/kEDUXG/IOsWykKqNz/AkfHjIZUxHn2bMsLnYuoaPefmqICejyB4r4ss0Q5+JzQJO7CNE/4fwLlLMl73ym19Gvn/+WmvWRe5gLd9R+6AfSYrWVOePz8W0PDmWEimNUxYC24J5LfUcmpwEIXdGIntfDMkT6gkoKaFR/OFMDzKQAM2RRWQujgpF6XuwWwvMq5mLaKttZYhAlSiqBC0cHQwZwh9L6kxEpekhN65THcE2vZ9VRsYAgAQG0egimkH9O4O8HQYevaqVei/vPULKaVK/DibpYLfUwmLE2cjl+SQT9KadMeeQFV9uUuRZTjUazHZVhV1Z/r/AWW2FYbzZQEQvYrCuVFhoOHwjNNjRlEGJm1YBfFCBfLQygeApo1izX6W8r0koFk/yeb2tn/4jxTqVpSlI3BerGFo3SxJnRgis7ujV191FRWPPIB93ktAN/AgMBAAGjQjBAMB0GA1UdDgQWBBTZdDrkMD0N9xLcfloFnx40mvfhFDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEANo2XzEIVZCk3myYs1vuuFWksaxoa91+2+QdMWerzyci5rsy6LnrcwPWwLcA7r59wBRFqnyVPASlw4+UM4epafNxJu8EeKoH1FktykciiMbmq2vydH/NdQAIT/E4cBsqzFJBUFxkSGvEf1wxpWvZxePSUfZELjuyQVI68b6FMq/x0ZP1xmvhBB6HNkeQ8muCbMjlzqyrVach4kSYxfeLHMPH8FHh3Eg4T9N0WlL9LZ3twU4XKsLvzOE0skDnADcJda+ni5dWIjdYsv6sbvrUohxIXdG78ffyP0IcmsBv7uWyr4p49FcE7LmcCWJGf7/hCHyy3aPV1rc+19v8RfcLwJKWt0/qgPKn6XdyloO9EpL7W6OXkE5YXewY+Mu3Ht0K8dqPYZTgrODVRIQ4Oby40E0DhK2cMbUpBMBgjWjJVmckX4Dze9ux5rStYGaKtLCIalY6+lpBdQlfE+RQDNSscLVFXCKc63j/kyLQDc8LBJoC7C0IfrQ2vJnLazL6zo4NYDYLFH0ZR45wYzI2bjexJ63VQ1YwoWcp0NNqMCyGrHuob5cf9FT7AF6r7I24mRsv6+bFya2nPIoQLYg+s2RkAlKJ2PNQtmu0Eni0GYhA3UhyFchsn5czGMew37GNZmwsddsx+MpqIlQg2Urvedl92SUmtf71lILLJwSt2GHafVrEAAAACAAZlYy1hY2MAAAFwnFfleAAFWC41MDkAAAVaMIIFVjCCBD6gAwIBAgIQ7is969Qh3hSoYqwE893EATANBgkqhkiG9w0BAQUFADCB8zELMAkGA1UEBhMCRVMxOzA5BgNVBAoTMkFnZW5jaWEgQ2F0YWxhbmEgZGUgQ2VydGlmaWNhY2lvIChOSUYgUS0wODAxMTc2LUkpMSgwJgYDVQQLEx9TZXJ2ZWlzIFB1YmxpY3MgZGUgQ2VydGlmaWNhY2lvMTUwMwYDVQQLEyxWZWdldSBodHRwczovL3d3dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbCAoYykwMzE1MDMGA1UECxMsSmVyYXJxdWlhIEVudGl0YXRzIGRlIENlcnRpZmljYWNpbyBDYXRhbGFuZXMxDzANBgNVBAMTBkVDLUFDQzAeFw0wMzAxMDcyMzAwMDBaFw0zMTAxMDcyMjU5NTlaMIHzMQswCQYDVQQGEwJFUzE7MDkGA1UEChMyQWdlbmNpYSBDYXRhbGFuYSBkZSBDZXJ0aWZpY2FjaW8gKE5JRiBRLTA4MDExNzYtSSkxKDAmBgNVBAsTH1NlcnZlaXMgUHVibGljcyBkZSBDZXJ0aWZpY2FjaW8xNTAzBgNVBAsTLFZlZ2V1IGh0dHBzOi8vd3d3LmNhdGNlcnQubmV0L3ZlcmFycmVsIChjKTAzMTUwMwYDVQQLEyxKZXJhcnF1aWEgRW50aXRhdHMgZGUgQ2VydGlmaWNhY2lvIENhdGFsYW5lczEPMA0GA1UEAxMGRUMtQUNDMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyLHT+KXQpWIR4NA9h0X84NzJB5R85iKw5K4/0CQBXCHYMkAqbWUZRkiFRfCQ2xmRJoNBD45b6VLeqpjt4pEndljkYRm4CgPukLjbo73FCeTae6RDqNfDrHrZqJyTxIThmV6PttPB/SnCWDaOkKZx7J/sxaVHMf5NLWUhdWZXqBIoH7nF2W4onW4HvPlQn2v7fOKSGRdghST2MDk/7NQcvJ29rNdQlB50JQ+awwAvthrDk4q7D7SzIKiGGUzE3eeml0aE9jD2z3Il3rucO2n5nzbcc8tlGLfbdb1OL4/pYUKGbio2Al1QnDE6u/LDsg0qBIimAy4E5S2S+zw0JDnJwIDAQABo4HjMIHgMB0GA1UdEQQWMBSBEmVjX2FjY0BjYXRjZXJ0Lm5ldDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUoMOLRKo3pUW/l4Ba0fF4opvpXY0wfwYDVR0gBHgwdjB0BgsrBgEEAfV4AQMBCjBlMCwGCCsGAQUFBwIBFiBodHRwczovL3d3dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbDA1BggrBgEFBQcCAjApGidWZWdldSBodHRwczovL3d3dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbCAwDQYJKoZIhvcNAQEFBQADggEBAKBIW4IB9k1IuDlVNZyAelOZ1Vr/sXE7zDkJlF7W2u++AVtd0x7Y/X1PzaBB4DSTv8vihpw3kpBWHNzrKQXlxJ7HNd+KDM3FIUPpqojlNcAZQmNaAl6kSBg6hW/cnbw/nZzBh7h6YQjpdwt/cKt63dmXLGQehb+8dJahw3oS7AwaboMMPOhyRp/7SNVel+axofjk70YllJyJ22k4vuxcDlbHZVHlUIiIv0LVKz3l+bqeLrPK9HOSAgu+TGbrIP65y7WZf+a2E/rKS03Z7lNGBjvGTq2TWoF+bCpLagVFjPIhpDGQh2xlnJ2lYJU6Un/10asIbvPuW/mIPX64b24D5EIAAAACACZzc2wuY29tZXZyb290Y2VydGlmaWNhdGlvbmF1dGhvcml0eWVjYwAAAXCcV+V4AAVYLjUwOQAAApgwggKUMIICGqADAgECAggsKZxbFu0FlTAKBggqhkjOPQQDAjB/MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjE0MDIGA1UEAwwrU1NMLmNvbSBFViBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzAeFw0xNjAyMTIxODE1MjNaFw00MTAyMTIxODE1MjNaMH8xCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4GA1UEBwwHSG91c3RvbjEYMBYGA1UECgwPU1NMIENvcnBvcmF0aW9uMTQwMgYDVQQDDCtTU0wuY29tIEVWIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgRUNDMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEqhJHkJgb++/DQAeDIE7xMIKiBtHykoZh8vYhaMoAxMfqQwBUhtz9H98AuEFiXNxwFjLeH5nUzMUHyAgfYRYHUT19XAdT4zU4jN/Nn9kuDUq2GS5acFoG7b7wobDK0Akpo2MwYTAdBgNVHQ4EFgQUW8pe5d7SgarNqC1kUbbZcpuX5k8wDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBRbyl7l3tKBqs2oLWRRttlym5fmTzAOBgNVHQ8BAf8EBAMCAYYwCgYIKoZIzj0EAwIDaAAwZQIxAIrmQIk36+nVE9nK1Gsk87A9h0ZYGuyx32/7Vrpwa8c4zOixjE8P9/Fndg6D0B5RjwIwPfYjKCZMxmCHkyabsjUeutb3PNEczvolPKYagRVb8xIPbO5lismHqPkH4GKajFxKAAAAAgAXY2VydHBsdXNjbGFzczJwcmltYXJ5Y2EAAAFwnFfleAAFWC41MDkAAAOWMIIDkjCCAnqgAwIBAgIRAIW9S/PY2uNp9pTXX8OlRCMwDQYJKoZIhvcNAQEFBQAwPTELMAkGA1UEBhMCRlIxETAPBgNVBAoTCENlcnRwbHVzMRswGQYDVQQDExJDbGFzcyAyIFByaW1hcnkgQ0EwHhcNOTkwNzA3MTcwNTAwWhcNMTkwNzA2MjM1OTU5WjA9MQswCQYDVQQGEwJGUjERMA8GA1UEChMIQ2VydHBsdXMxGzAZBgNVBAMTEkNsYXNzIDIgUHJpbWFyeSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANxQltAS+DXSCHh6tlJw/W/uz7kRy1134ezpfgSN1sxvc0NXYKwzCkTsA18cgCSR5aiRVhKC9+Ar9NuuYS6JEI1rbLqzAr3VNsVINyPi8Fo3UjMXEuLRYE2+L0ER4/YXJQyLkcAbmXuZVg2v7tK8R1fjeUl7NIknJITesezpWE7+Tt9avkGtrAjFGA7v0lPubNCdEgETjdyAYveVqUSISnFOYFWe2yMZeVYHDD9jC1yw4r5+FfyUM1hBOHTE4Y+L3yasH7WLO7dDWWuwJKZtkIvEcupdM5i3y95ee++U8Rs+yskhwcWYAqqi9lt3m/V+llU0HGdpwPFC40es/CgcZlUCAwEAAaOBjDCBiTAPBgNVHRMECDAGAQH/AgEKMAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQU43Mt38sOKAze3bOkynm4jrvoMIkwEQYJYIZIAYb4QgEBBAQDAgEGMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly93d3cuY2VydHBsdXMuY29tL0NSTC9jbGFzczIuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQCnVM+IRBnL39R/AN9WM2K191EBkOvDP9GIROkkXe/nFL0gt5o8AP5tn9uQ3Nf0YtaLcF3n5QRIqWh8yfFC82x/xXp8HVGIutIKPidd3i1RTtMTZGnkLuPT55sJmabglZvOGtd/vjzOUrMRFcEPF80Du5wlFbqidon8BvEY0JNLDnyCt6X09l/+7UCmnYR0ObncHoUW2ikbhiMAybuJfm6AiB4vFLQDJKgybwOaRywwvlbGp0ICcBvqQNi6BQNwB6SW//1IMwrh3KWBkJtN3X3n57LNXMhqlfil9o3EXXgIvnsG1knPGTZQIy4I5p4FTUcY1Rbpsda2ENW7l7+ijrRUAAAAAgAaZ2xvYmFsY2hhbWJlcnNpZ25yb290LTIwMDgAAAFwnFfleAAFWC41MDkAAAdNMIIHSTCCBTGgAwIBAgIJAMnN0+nVfSPOMA0GCSqGSIb3DQEBBQUAMIGsMQswCQYDVQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xJzAlBgNVBAMTHkdsb2JhbCBDaGFtYmVyc2lnbiBSb290IC0gMjAwODAeFw0wODA4MDExMjMxNDBaFw0zODA3MzExMjMxNDBaMIGsMQswCQYDVQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xJzAlBgNVBAMTHkdsb2JhbCBDaGFtYmVyc2lnbiBSb290IC0gMjAwODCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMDfVtPkOpt2RbQT2//BthmLN0EYlVJH6xedKYiONWwGMi5HYvNJBL99RDaxccy9Wglz1dmFRP+RVyXfXjaOcNFccUMd2drvXNL7G706tcuto8xEpw2uIRU/uXpbknXYpBI4iRmKt4DS4jJvVpyR1ogQC7N0ZJJ0YPP2zxhPYLIj0Mc7zmFLmY/CDNBAspjcDahOo7kKrmCgrUVSY7pmvWjg+b4aqIG7HkF4ddPB/gBVsIdU6CeQNR1MM62X/JcumIS/LMmjv9GYERTtY/jKmIhYF5ntRQOXfjyGHoiMvvKRhI9lNNgATH23MRdaKXoKGCQwoze1eqkBfSbW+Q6OWfH9GzO1KTsXO0G2Id3UwD2ln58fQ1DJu7xsepeY7s2MH/ucUa6LcL0nn3HAa6x9kGbo1106DbDVwo3VyJ2dwW3Q0L9R5OP4wzg2rtandeavhENdk5IMagfeOx2YItaswTXbo6Al/3K1dh3ebeksZixShNBFks4c5eUzHdwHU1SjqoI7mjcv3N2gZOnm3b2u/GSFHTynyQbehP9r6GsaPMWis0L7iwk+XwhSx2LE1AVxv8Rk5Pihg+g+EpuoHtQ2TS9x9o0o9oOpE9JhwZG7SMA0j0GMS0zbaRL/UJScIINZc+18ofLx/d33SdNDWKBWY8o9PeU1VlnpDsogzCtLkykPAgMBAAGjggFqMIIBZjASBgNVHRMBAf8ECDAGAQH/AgEMMB0GA1UdDgQWBBS5CcqcHtvTbDprru1U8VuTBjUuXjCB4QYDVR0jBIHZMIHWgBS5CcqcHtvTbDprru1U8VuTBjUuXqGBsqSBrzCBrDELMAkGA1UEBhMCRVUxQzBBBgNVBAcTOk1hZHJpZCAoc2VlIGN1cnJlbnQgYWRkcmVzcyBhdCB3d3cuY2FtZXJmaXJtYS5jb20vYWRkcmVzcykxEjAQBgNVBAUTCUE4Mjc0MzI4NzEbMBkGA1UEChMSQUMgQ2FtZXJmaXJtYSBTLkEuMScwJQYDVQQDEx5HbG9iYWwgQ2hhbWJlcnNpZ24gUm9vdCAtIDIwMDiCCQDJzdPp1X0jzjAOBgNVHQ8BAf8EBAMCAQYwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHA6Ly9wb2xpY3kuY2FtZXJmaXJtYS5jb20wDQYJKoZIhvcNAQEFBQADggIBAICIf3DekijZBZRG/5BXqfEv3xoNa/p8DhxJJHkn2EaqbylZUohwEurdPfWbU1Rv4WCiqAm57OtZfMY18dwY6fFn5a+6ReAJ3spED8IXDneRRXozX1+WLGiLwUePmJs9wOzL9dWCkoQ10b42OFZyMVtHLaoXpGNR6woBrX/sdZ7LoR/xfxKxueRkf2fWIyr0uDldmOghp+G9PUIadJpwr2hsUF1Jz//7Dl3mLEfXgTpZALVza2Mg9jFFCDkO9HB+QHBaP9BrQql0PSgvAm11cpUJjUhjxsYjV5KTXjXBjfkK9yydYhz2rXzdpjEetrHHfoUm+qRqtdpjMNHvkzeyZi99Bffnt0uYlDXA2TopwZ2yUDMdSqlapskD7+3056huirRXhOukP9DuqqqHW2Pok+JrqNS4cnhrG+055F3Lm6qH1U9OAP7Zap88MQ8oAgF9mOinsKJknnn4SPIVqczmyETrP3iZ8ntxPjzxmKfFGBI/5rsoM0LpRQp8bfKGeS/Fghl9CYl8slR2iK7ewfPM4W7bMdaTrpmg7yVqc5iJWzouE4gev8CSlDQb4ye3ix5vQv/n6TebUB0tovkC7stYWDpxvGjjqsGvHCgfotwjZT+B6q6Z09gwzxMNTxXJhLynSC34MCN32EZLeW32jO06f2ARePTpm67VVMB0gNELQp/BAAAAAgAUZGlnaWNlcnRnbG9iYWxyb290Y2EAAAFwnFfleAAFWC41MDkAAAOzMIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBhMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBDQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsBCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7PT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbRTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUwDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/EsrhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJFPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0lsYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQkCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4AAAACABhkLXRydXN0cm9vdGNsYXNzM2NhMjIwMDkAAAFwnFfleAAFWC41MDkAAAQ3MIIEMzCCAxugAwIBAgIDCYPzMA0GCSqGSIb3DQEBCwUAME0xCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxELVRydXN0IEdtYkgxJzAlBgNVBAMMHkQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgMjAwOTAeFw0wOTExMDUwODM1NThaFw0yOTExMDUwODM1NThaME0xCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxELVRydXN0IEdtYkgxJzAlBgNVBAMMHkQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgMjAwOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANOySs96R+91myP6Oi/WUEWJNTrGa9v+2wBoqOADER03UAifTUpolDWzU9GUY6cgVq/eUXjsKj3zSEhQPgrfRlWLJ23DEE0NkVJD2IfgXU42tSHKXzlABF9bfsyjxiupQB7ZNoTWSPOSHjRGICTBpFGOShrvUD9pXRl/RcPHAY9RySPocq60vFYJfxLLHLGvKZAKyVXMD9O0Gu1HNVpK7ZxzBCHQqr0ME7UAyiZsxGsMlFqVlNpQmvH/pStmMaTJOKDfHR+4CS7zp+hnUquVH+BGPtikw8paxTGA6Eian5Rp/hnd2HN8gcqW3o7tszIFZYQ05ub9VxC1X3a/L7AQDcUCAwEAAaOCARowggEWMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFP3aFMSfMN4hvR5COfyrYyNJ4PGEMA4GA1UdDwEB/wQEAwIBBjCB0wYDVR0fBIHLMIHIMIGAoH6gfIZ6bGRhcDovL2RpcmVjdG9yeS5kLXRydXN0Lm5ldC9DTj1ELVRSVVNUJTIwUm9vdCUyMENsYXNzJTIwMyUyMENBJTIwMiUyMDIwMDksTz1ELVRydXN0JTIwR21iSCxDPURFP2NlcnRpZmljYXRlcmV2b2NhdGlvbmxpc3QwQ6BBoD+GPWh0dHA6Ly93d3cuZC10cnVzdC5uZXQvY3JsL2QtdHJ1c3Rfcm9vdF9jbGFzc18zX2NhXzJfMjAwOS5jcmwwDQYJKoZIhvcNAQELBQADggEBAH+X2zDI36ScfSF6gHDOFBJpiBSVYEQBrLLpME+bUMJm2H6NMLVwMeniacfzcNsgFYbQDfC+rAF1hM5+n02/t2A7nPPKHeJeaNijnZflQGDSNiH+0LS4F9p0o3/U37CYAqxva2ssJSRyoWXuJVrl5jLn8t+rSfrzkGkj2wTZ51xY/GXUl77M/C4KzCUqNQT4YJEVdT1B/yMfGchs64JTBKbkTCJNjYy6zltz7GRUUG3RnFX7acM2w4y8PIWmawomDeCTmGCufsYkl4phX5GOZpIJhzbNi5stPvZR1FDUWSi9g/LMKHtThm3YJohw1+qRzT65ysCQblrGXnRl11z+o+IAAAACACxzdGFyZmllbGRzZXJ2aWNlc3Jvb3RjZXJ0aWZpY2F0ZWF1dGhvcml0eS1nMgAAAXCcV+V4AAVYLjUwOQAAA/MwggPvMIIC16ADAgECAgEAMA0GCSqGSIb3DQEBCwUAMIGYMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTElMCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjE7MDkGA1UEAxMyU3RhcmZpZWxkIFNlcnZpY2VzIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwHhcNMDkwOTAxMDAwMDAwWhcNMzcxMjMxMjM1OTU5WjCBmDELMAkGA1UEBhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xOzA5BgNVBAMTMlN0YXJmaWVsZCBTZXJ2aWNlcyBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Qw6xCr5TuL1vhmXX46IU7EfP8vPnyATbSk6yA99PPdrdjhj2TZgqJteXACAsi9Zf/aH+SVDhudpG1KakOFx49gtDU5v9shJ2bbzGlauK7Z0FOvP+ybjGrodli5qO1iUiUdW/yWgk3BTg9qEdBTDZ54EaDrfjkBaHUpOz0ORO+dW1gBwy1Lue32uOue8MflF9sJgzxNZAiuAzDRH37nekGVtAs8skaam596FGEl8Zk6jOm2pte40LroNA7gz30frsWuNJdmbzoHRRUYylnCH3gIOSUOFtmxzu2TqYUGsydRU34cvxyKyJsyfWVRon/y+Ki/EVRx1QGAXhQJVOYt/BQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUnF8A36oB1zArOIiiuG1KnPIRkYMwDQYJKoZIhvcNAQELBQADggEBAEs2poR3ad07GZ9nIwhvDmHJ/YTcX9g2gc3YG0Etn2Ddxxpo2dFuhuGII88T3kPP4jSzBJ0fKdW/+F7I1cG97pJvMnTykYIvvYJCeq0qtyB9Tbx6VRLCFeq992qVLmx0n88ctPLFAaOF0HI+rXOrC5t1DG1Ft46UrJY3taDQjxVHDuPog92P/e9BAXfMJ6lihTPyNwjvcc93Bt7IGR2IQM99Rh3/Hsfhzv8j28b6jVVOqQLnRxFGPvT9vXspJrupYWI3KLYtKvYQhmTJcKfSrbcpcHnqPNpjJZ/9aLcw7HD7dYq3bWBnsh7IuenYqG8Ci2cNTSZXcdog/MFKUI2xKLoAAAACAA5jZXJ0aWduYXJvb3RjYQAAAXCcV+V4AAVYLjUwOQAABl8wggZbMIIEQ6ADAgECAhEAyukbifFVAw2j5kFtxOOm4TANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJGUjESMBAGA1UECgwJRGhpbXlvdGlzMRwwGgYDVQQLDBMwMDAyIDQ4MTQ2MzA4MTAwMDM2MRkwFwYDVQQDDBBDZXJ0aWduYSBSb290IENBMB4XDTEzMTAwMTA4MzIyN1oXDTMzMTAwMTA4MzIyN1owWjELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCURoaW15b3RpczEcMBoGA1UECwwTMDAwMiA0ODE0NjMwODEwMDAzNjEZMBcGA1UEAwwQQ2VydGlnbmEgUm9vdCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAM0YOWUaWbHqZBYOjJQklXyD08U5JtwM7xZXjdfYrKNCf4LK7c1b2w63Le1FCBey2bPL1hdScijbjk6eirYL+Z6Emk123iIpXNKz0gY+MDmpdKOSVhyhb0wKIG2fI3q0xtos5B0s3LMo0BPyTE4CSaFUQJ7m5QWgLYTI/5hs0OuKGoQIHrdoI+4j1XDObVFpEO6hesLRIjHCgoXS8lV2UHwlesmEXAus3UJOK+eCoiSJy5Cy0O4jumZMu2Kk+VNaZHt8mPqjSJ4Pla6nGPRq7C4DRa/wdPgqzXpd0b5EJjIp8fH1bMx+AiELn2+kP76dU+LPfaksfFgal+E9NzcYZijSQMVRiozDLc5TiCRYZDAWxarg1gqmQN949vUEfGkThLzR0acGzwH3aMCoV7s6Ya0EjJPjrfzw20RtWdxJWa6smpk2MEF7djMih6PCkoZu+XDuroeHlRvEer0x89TS5Zn/vkjsdfV4Fh2mcMF/PBuhkvvPyDzWxZMKj/VVOnaVzlmYigmVdzKag7osBDqXvdQvvtdsm6LKfW0myVXVz8N5UggJmQckLWQla6YhaZtq3XRNa5d6Qb2rF/mQF0iPNvkt1cXb7qqFRUH6zTpFsWjmNkybkFfsI7mHCMLECfGXhiooTeJ0wNrEjNvf4qEXWc4kWXQx2n/9MG3Z3OFq4fxfAgMBAAGjggEaMIIBFjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUGIdW4G537iQ1PE5zmh/W4eJ5fiswHwYDVR0jBBgwFoAUGIdW4G537iQ1PE5zmh/W4eJ5fiswRAYDVR0gBD0wOzA5BgRVHSAAMDEwLwYIKwYBBQUHAgEWI2h0dHBzOi8vd3d3dy5jZXJ0aWduYS5mci9hdXRvcml0ZXMvMG0GA1UdHwRmMGQwL6AtoCuGKWh0dHA6Ly9jcmwuY2VydGlnbmEuZnIvY2VydGlnbmFyb290Y2EuY3JsMDGgL6AthitodHRwOi8vY3JsLmRoaW15b3Rpcy5jb20vY2VydGlnbmFyb290Y2EuY3JsMA0GCSqGSIb3DQEBCwUAA4ICAQCUuJ5P8OOVCCLnzWhB9xxV1XwA4i06iV1oOC9RIgtKjcvpu10+u1w9sSj+5FNVE8+hkBsCHV9mRgkzKOENJJdw0xAf6mRXlrtd2ufEjE9MZEYdXIfjWd5C0ZuofqaJ3Y8cyTCC7TuczcDpGeBq2AJ1N6v3NCgokfIECk8142AmAfrQEYz5EWrurz3DUNOPXzN5PIaoc0WQjCC2cnMXI74HZeV4kg26AcDrjBxmv6yGdwGUDZzm6TmNH6ZRjJkMOXfhtJv6HGdXb2pqjqkrTFd5elciz81fY0aNXFk6hvgyR2KjZw0Ykdz7pmv1SGFzI1mOAqe8ROr0SZ3xVFj5YK/aGKQvKEXceqCIhl3zO+f/KTWA/GRDlObjHG++rQ4qY5kryX6F9nHoBgOV/t6PSBxa1JLoK+7nMdu6BGqHmOfFX+99pyL3AdhN+YnQDpoFWaSemNlvK8pwvmTCVaP06a/DkinciBYkmTyNJpi2W7fMzrc3B/0m2ZiFJP9ZIwOa7Z2dqOReOM7XUg1v0j9tsQVrSc6KkUZz9PYv8Khzdw5lrKGNZlJpfktoDMceNyeDpYzHAuQUzUkBsHOz/caQOm/SbO077uyRvqJDXYsASmYlRHDeQA/4fBX3os48114TjIEXGBfRvfF3EDrUZTnBJ6xXLCVU/6LaT4phOV6uPUqMvQAAAAIAE3RoYXd0ZXByaW1hcnlyb290Y2EAAAFwnFfleAAFWC41MDkAAAQkMIIEIDCCAwigAwIBAgIQNE7VVyDV7exJ9C/ON9srbTANBgkqhkiG9w0BAQUFADCBqTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIwMDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNVBAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMDYxMTE3MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCBqTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIwMDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNVBAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsoPD7gFnUnMekz52hWXMJEEUMDSxuaPFsW0hoSVk3/AszGcJ3f8wQLZU0HObrTQmnHNK4yZc2AreJ1CRfBsDMRJSUjQJib+ta3RGNKJpchJAQeg29dGYvajig4tVUROsdB58Hum/u6f1OCyn1PoSgAfGcq/gcfomk6KHYcWUNo1F77rzSImANuVud37r8UVsLr5iy6S7pBOhih94ryNdOwUxkHt3Ph1i6Sk/KaAcdHJ1KxtUvkcx8cXIcxcBn6zL9yZJclNqFwJu/U30rCfSMnZEfl2pSy94JNqR32HuHUETVPm4pafs5SSYeCaWAe0At6+gnhcn+Yf1+5nyXHdWdAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBR7W0XPr87Lev0xkhpqtvNG61dIUDANBgkqhkiG9w0BAQUFAAOCAQEAeRHAS7ORtvzw6WfUDW5FvlXok9LOAz/t2iWwHVfLHjp2oEzsUHboZHIMpKnxuIvW1oeEuzLlQRHAd9mzYJ3rG9XRbkREqaYB7FViHXe4XI5ISXycO1cRrK1zN44veFyQaEfZYGDm/Ac9IiAXxPcW6cTYcvnIc3zfFi8VqT79aie2oetaupgf1eNNZAqdE8hhuvU5HIe6uL17In/2/qxAeeWsEG89jxt5dovEN7MhGITlNgDrYyCZuen+MwS7QcjBAvlEYyCegc5C09Y/LHbTY5xZ3Y+m4Q6gLkH3LpVHz7z9M/P2C2F+fpErgUfCJzDupxBdN49cOSvkBPB7jVaMaAAAAAIAE2F0b3N0cnVzdGVkcm9vdDIwMTEAAAFwnFfleAAFWC41MDkAAAN7MIIDdzCCAl+gAwIBAgIIXDPLYixfszIwDQYJKoZIhvcNAQELBQAwPDEeMBwGA1UEAwwVQXRvcyBUcnVzdGVkUm9vdCAyMDExMQ0wCwYDVQQKDARBdG9zMQswCQYDVQQGEwJERTAeFw0xMTA3MDcxNDU4MzBaFw0zMDEyMzEyMzU5NTlaMDwxHjAcBgNVBAMMFUF0b3MgVHJ1c3RlZFJvb3QgMjAxMTENMAsGA1UECgwEQXRvczELMAkGA1UEBhMCREUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVhTuXbyo7LjvPpvMpNb7PGKw+qtn4TaA+Gke5vJrf8v7MPkfoepbCJI419KkM/IL9bcFyYie96mvr54rMVD6QUM+A1JX76LWC1BTFtqlVJVfbsVD2sGBkWXppzwO3bw2+yj5vdHLqqjAqc2K+SZFhyBH+DgMq92og3AIVDV4VavzjgsG1xZ1kCWyjWZgHJ8cblithdHFsQ/H3NYkQ4J7sVaE3IqKHBAUsR320HLliKWYoyrfhk/WklAOZuXCFteZI6o1Q/NnezG8HDt0Lcp2AMBYHlT8oDv3FdU9T1nSatCQujgKRz3bFmx5VdJx4IbHwLfELn8LVlhgf8FQieowHAgMBAAGjfTB7MB0GA1UdDgQWBBSnpQaxLKYJYO7Rl+lwrrw7GWzbITAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFKelBrEspglg7tGX6XCuvDsZbNshMBgGA1UdIAQRMA8wDQYLKwYBBAGwLQMEAQEwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4IBAQAmdzTblEiGKkGdLD4GkGDEjKwLVLgfuXvTBznk+j57sj1O7Z8jvZfza1zv7v1Apt+hk6EKhqzvINB5Ab149xnYJDE0BAGmuhWawyfc2E8PzBhj/5kPDpFrdRbhIfzYJsdHt6bPWHJxfrrhTZVHO8mvbaG0weyJ9rQPOLXiZNwlz6bb65pcmaHFCN795trV1lpFDMS3wrUU77QR/w4VtfX128a961qn8FYiqTxlVMYVqL2Gns2Dlmh6cYGJ4Qvh6hEbaAjMaZ7snkGeRDImeuKHCnE96+RapNLbxc3G3mB/ufNPRJLvKrcYPqcZ2Qt9sTdBQrC6YB3y/gkRsPCHe6edAAAAAgATbHV4dHJ1c3RnbG9iYWxyb290MgAAAXCcV+V4AAVYLjUwOQAABccwggXDMIIDq6ADAgECAhQKfqbfS0Se2mokhZ7muBXTFn+7sTANBgkqhkiG9w0BAQsFADBGMQswCQYDVQQGEwJMVTEWMBQGA1UECgwNTHV4VHJ1c3QgUy5BLjEfMB0GA1UEAwwWTHV4VHJ1c3QgR2xvYmFsIFJvb3QgMjAeFw0xNTAzMDUxMzIxNTdaFw0zNTAzMDUxMzIxNTdaMEYxCzAJBgNVBAYTAkxVMRYwFAYDVQQKDA1MdXhUcnVzdCBTLkEuMR8wHQYDVQQDDBZMdXhUcnVzdCBHbG9iYWwgUm9vdCAyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA14WXvxGY6fBig0w8h/lTajcL8g88h85v3CYpvcWJusmDPffuylvGbUlztMlGoxs0Ez/BiUVX9Nmx+zZlS/sI4khxEchuO56d34llN6aF9jtEGLbGNzBiRJKXaX1CMCTkDQyJa2PexeHfTqkUbFPgYc72Fy8dPL3mIkwdk/UQxKF27GrexWzflrRWQELAYpIwoS0VlKDSIAYJbmpt5eu3vtTw8RV8i+ZOuhPMSydemTwXXY+BfzM9T9M/G+xcP/A8THVu8qbVndotB2MCxnLplLxMSZVPiFLI2+hpgvjMNFsi8Ianib1ICm1mgW3IyGT7AeH04d7Znt3bW9QqmSYVGx5MkimCntWSgZJBcBn3pOWTS7x3ZzHdHP0xcA0XmQz5DDkZKhe1MHFV1Q+uWOE9LzSbz5/2eIXCk3pyPmaPnBYRYI+eiW9nvuBHWjsMmmeLz0bGrjij8qe85taFazMkcCJLywibu8j4AikdviAMRr9rh5uzKmZCNUZsqrqt+Zh76VBVFDG/sdot7YCtaCT7aavYcRMw5mezh0D9iX7yQ9ER3y9lL2TOXxS5sb8xvYd4WllliKr8WTJIhtZMuSlLldN283clbUIcOINN/aNfm38trHkbDkIxl2Ok+4pp1SINNJAwLqi04G22lKy8i07XcPzFOI5kJeFNOZDOyYeEWHECAwEAAaOBqDCBpTAPBgNVHRMBAf8EBTADAQH/MEIGA1UdIAQ7MDkwNwYHK4ErAQEBCjAsMCoGCCsGAQUFBwIBFh5odHRwczovL3JlcG9zaXRvcnkubHV4dHJ1c3QubHUwDgYDVR0PAQH/BAQDAgEGMB8GA1UdIwQYMBaAFP8YKHb5SAUsoa7xKxsrslP4S3yzMB0GA1UdDgQWBBT/GCh2+UgFLKGu8SsbK7JT+Et8szANBgkqhkiG9w0BAQsFAAOCAgEAahkU7W55wSyH1A1wftf2eMkLBE7Esc6TcP6wVMAyzZkwZBe/D+XiM/0HNkByDhq2alnWAOVoIN0ucg0famQxIIR9SaZaN+tFyYX11McXmQfmm1XkDOiptM6MW7URXM+KDg3WrHeB/jKcJJ5yzlTz0G+iVtbswzcsZVi+VwAa8jX663sxXcLBEj2WgYiWicFZXHrmf3A054PiseHhuFjv1JXkYJzwlpdyjOuEAi5lj6S30n9n3cjTnlyqqaSgJRQGm+xPfi0Lfx118TPY7c64dW0+W7mYHTENVthDDzCRsgRr3Va+lYBVZ77YzYPZGO4uD4Ytkp5wE+zeUclDeAKlTcj5X8SRWEYWd1p0qkC8B58wubH3Ehfd4/8kQB16atFPGAqqkB3rQB7foR5EkhCa8o3h0UtGnuhFQpfqRZnz7GbVAvrypkokqt7Oucr5P5Nv+aO66qU+ma39/3uZ9WXu8FkoZ9eQlaQThKmEwejOznWTYxq8POrVZB8tKhI5xsNaMu1HkRYOvDjBUN6PyiqQNBzuQZScXhku+EVJmXSRsARv4wRasasqq/7H0Ja22uFKZAZuYE29Qk7/eNokyhu015Y5bK7xDqqnfUiLIEzPZNa4l0awTtEqVjqgk72vgCTgCn7nytXK6IVV3DYq4ZRok8dmckQPgCEybCXHI4CDCusAAAACABBnZW90cnVzdGdsb2JhbGNhAAABcJxX5XgABVguNTA5AAADWDCCA1QwggI8oAMCAQICAwI0VjANBgkqhkiG9w0BAQUFADBCMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMSR2VvVHJ1c3QgR2xvYmFsIENBMB4XDTAyMDUyMTA0MDAwMFoXDTIyMDUyMTA0MDAwMFowQjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xGzAZBgNVBAMTEkdlb1RydXN0IEdsb2JhbCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANrMGGMw/fQXIxpWflvfPGw45HG3eJHUvKHYTPioQ7YD6U0hBwiI2lgvZjkpvQV4i5046AW3an5xpObEYKaw74DkiSgPniXW7YPzraaRx5jJQhg1FJ2tmEaSLk/K8YdDwRaVVy1Q74ktgHpXrfLuX2vSAI25FPgUFTXZwEaje3LIkb/JVSvN0Jc+nCZkzN/Ogxlxyk7m1NV7qRnNVd7I7NJeOFPlXE+MLf5QIzb8ZubLjqQ5GQC3lQI5kQsO/jgu0R0FmvZNPm8PBx2vLB6PYDni+jZTEznUXiYr2z2oFL0y6xgDKFIEceWrMz3hOLsHNoRinHnqFjD0X8Ar6HFr5PkCAwEAAaNTMFEwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUwHqYaI2J+6sFZAwRfap9ZbjKzE4wHwYDVR0jBBgwFoAUwHqYaI2J+6sFZAwRfap9ZbjKzE4wDQYJKoZIhvcNAQEFBQADggEBADXjKWrlL11UjilQlJ+ZGhTkj3gqYpSiJ2ee0M8aXkfpwbKkz91BGgVOm0vuSm9VUrMkoTcK62R2Ki4s8/07dZC/+nHYxz030rUFlWK5pt6JPTZ7OHdIl6ymII8upskMwrKZRQDHzhFRIiLgpeq2FUgJZOpeT3T3BT7HilIM2xW0vW2b5caxVGip42mQtpqlD7i5PyB9rkq1uJzkHbar5pSlwceDrdv1J4cOBGzV/92gXe2HUrcrFQKuOaZqdOnaxOe8TTQeqVxNM1+SCS+IZl13l8cddhOp1eXxFgkRNdWs2yRxcCyYVgvZF7TR41ErXnXo1dDcTzTtwgVmgKHL5jMAAAACAA5xdW92YWRpc3Jvb3RjYQAAAXCcV+V4AAVYLjUwOQAABdQwggXQMIIEuKADAgECAgQ6tlCLMA0GCSqGSIb3DQEBBQUAMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMSUwIwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYDVQQDEyVRdW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTAxMDMxOTE4MzMzM1oXDTIxMDMxNzE4MzMzM1owfzELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxJTAjBgNVBAsTHFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxLjAsBgNVBAMTJVF1b1ZhZGlzIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/YbWVU7pX/PryZws6Gt8RgGSVtNG8zXrP9imWLiRUQCQ49xqF3FhMy6QnQpfQn4OKw+QGA1sApVEecAR04sHUOqvXrTsHGAWO/YOs6mbZGBtoivVXGpi69e12PXzZ3pRqO0sXwdWPvWU4OpXQPVU2Tt95VzEqHthZZUlYIJh+q19+n+nWTeyDdKnHbNjuKUqFKgYU+VTm09plB4tjNxLX0OzDeyBBRKPty6AX4XFlzh1mMfd2ARnIfQNYtpVJHaYSJujGDHbg42bL6l2mJu7lzF+9Z6cBJw6iylTFsXqVHXEeSimKA9xqRcGkGV5vNs3DorC3/lw44lK8+ERD5pC7AgMBAAGjggJSMIICTjA9BggrBgEFBQcBAQQxMC8wLQYIKwYBBQUHMAGGIWh0dHBzOi8vb2NzcC5xdW92YWRpc29mZnNob3JlLmNvbTAPBgNVHRMBAf8EBTADAQH/MIIBGgYDVR0gBIIBETCCAQ0wggEJBgkrBgEEAb5YAAEwgfswgdQGCCsGAQUFBwICMIHHGoHEUmVsaWFuY2Ugb24gdGhlIFF1b1ZhZGlzIFJvb3QgQ2VydGlmaWNhdGUgYnkgYW55IHBhcnR5IGFzc3VtZXMgYWNjZXB0YW5jZSBvZiB0aGUgdGhlbiBhcHBsaWNhYmxlIHN0YW5kYXJkIHRlcm1zIGFuZCBjb25kaXRpb25zIG9mIHVzZSwgY2VydGlmaWNhdGlvbiBwcmFjdGljZXMsIGFuZCB0aGUgUXVvVmFkaXMgQ2VydGlmaWNhdGUgUG9saWN5LjAiBggrBgEFBQcCARYWaHR0cDovL3d3dy5xdW92YWRpcy5ibTAdBgNVHQ4EFgQUi0tt7dMpuQYZ7Dk5qfCXhGrL798wga4GA1UdIwSBpjCBo4AUi0tt7dMpuQYZ7Dk5qfCXhGrL79+hgYSkgYEwfzELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxJTAjBgNVBAsTHFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxLjAsBgNVBAMTJVF1b1ZhZGlzIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCBDq2UIswDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQCK1BS1/vSakqcZ1KR+chiP2Wh8UiTdZ285esSqXj3iWLBNcJiEYegb42kYDs77R1CgTv/wJB+9ss71J/zsL1Oqc3sDPXRu5hae66UuxL9WJ1ArYrq+Sxw8VVxBHSS+giBHXdVEfnoWaN99TVFweFcdMx79ApmcDM0KBU/Hu46kdfpKbbGAjglWuZwaYP5dwdd63BF40NZdwbfVrTKZAzqKzFQlOTGBexMiUbpGbKG7nvoEbEkmdI/Sc+vMMKLm6lkih/iX9Q796sySpBbEUhjqIc6x8eaEgeW6qYYo8kNaXRKdrB7ZqOUKaqd/oIcpz/KJTdTsxeLmetA2I4pKdDb5AAAAAgAaaWRlbnRydXN0Y29tbWVyY2lhbHJvb3RjYTEAAAFwnFfleAAFWC41MDkAAAVkMIIFYDCCA0igAwIBAgIQCgFCgAAAAUUjyES1AAAAAjANBgkqhkiG9w0BAQsFADBKMQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MScwJQYDVQQDEx5JZGVuVHJ1c3QgQ29tbWVyY2lhbCBSb290IENBIDEwHhcNMTQwMTE2MTgxMjIzWhcNMzQwMTE2MTgxMjIzWjBKMQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MScwJQYDVQQDEx5JZGVuVHJ1c3QgQ29tbWVyY2lhbCBSb290IENBIDEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCnUBneP5k91DNG8W9RYYKyqU+PZ4ldhNlT3Qwo2dfw/66VQ3KZ+bVdfIrBQuExUHTRgQ18zZshq0PirK1ehm7zCYofWjK9ouuU+ehcCuz/mNKvcbO0U59Oh++SvL3sTzIwiEsXXlfEU8L2ApeN2WIrvyQfYo3fw7gpS0l4PJNgiCL8mdo2yMKi1CxUAGc1bnO/AljwpN3lsKImesrgNqUZFvX9t++uP0D1bVoE/c40yiTcdCMbXTMTEl3EASX2MN0CXZ/g1Ue9tOsbobtJSdifWwLziuQkkORiT0/Br4sOdBeo0XKIanoBScy0RnnGF7HamB4HWfp1IYVl3ZBWzvurpWCdxJ35UrCLvYf5jysjCiN2O/cz4ckA82n5S6LgTrx+kzmEB/dEcH7+B1rlsazRGMzyNeVJSQjKVsk9+w8YfYs7wRPCTY/JTw436R+hDmrfYi7LNQZReSzIJTj0+kuniVyc0uMNOYZKdHzVWYfCP04MXFL0PfdSgvHqo6z9STQaKPNBiDoT7uje/5kdX7rL6B7yuVBgwDHTc+XvvqDtMwt0viAgxGds8AgDelWAf0ZOlqf0Hj7h9tgJ4TNkK2PXMl6f+cB7D3hvl7yTmvmcEpB4eoCHFddydJxVdHixuuFucAS6T6C6aMN7/zHwcz09lCqxC0EOoP5NiGVreTO01wIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU7UQZwNPwBovupHu+QucmVMiONnYwDQYJKoZIhvcNAQELBQADggIBAA2ukDL2pkt8RHYZYR4nKM1eVO8lvOMIkPkp165oCOGUAFjvLi5+U1KMtlwH6oi6mYtQlNeCgN9hCQCTrQ0U5s7B8jeUeLBfnLOic7iPBZM4zY0+sLj7wM+x8uwtLRvM7Kqas6pgghstO8OEPVeKlh6cdbjTMM1gCIOQ045U8U1mwF10A0Cj7oV+wh93nAbowacYXVKV7cndJZ5t+qntozo00Fl72u1Q8zW/7esUTTHHYPTa8Yec4kjixsU3+wYQ+nVZZjFHKdp2mhzpgq7vmrlR94gjmmmVYjzlVYA211QC//G5Xc7UI2/YRYRKW2XviQzdFKcgyxilJbQN+QHwotL0AMh0jqEqSI5l2xPE4iUXfeu+h1sXIFRRk0pTAwvsXcoz7WL9RccvW9xYoIA55vrX/hMUpu09lEpCdNTDd1lzzY9GvlU47/rokTLql1gEIt44w8y8bckzOmoKaT+gyOpyj4xjhiO9bTyWnpXgSUyqorkqG5w2gXjtw+hG4iZZRHUe2XWJUc0QhJ1hYMtd+ZciTY6Y5uN/9lu7rs3KSoFrXgvzUeF0K+l+J6fZmUlO+KWA2yUPHGNiiskzZ2s8EIPGrd6ozRaOjfAHN3Gf8qv8QfXBi+wAN10J5U6A7/qxXDgGpRtK4dw4LTzcqx+QGtVKnO7RcGzM7vRX+Bi6hG6HAAAAAgAbc3RhYXRkZXJuZWRlcmxhbmRlbmV2cm9vdGNhAAABcJxX5XgABVguNTA5AAAFdDCCBXAwggNYoAMCAQICBACYlo0wDQYJKoZIhvcNAQELBQAwWDELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjEpMCcGA1UEAwwgU3RhYXQgZGVyIE5lZGVybGFuZGVuIEVWIFJvb3QgQ0EwHhcNMTAxMjA4MTExOTI5WhcNMjIxMjA4MTExMDI4WjBYMQswCQYDVQQGEwJOTDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSkwJwYDVQQDDCBTdGFhdCBkZXIgTmVkZXJsYW5kZW4gRVYgUm9vdCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAOPHfon5JEs60jODNSxp7NwJpONRqCUrebgIPeCRuoSFxoWkyubJLlOkySQe/VVmcV0sxWBoBLfZwlImOIik1jtApsLNP82Yk7NUFFiWVdVQ/oatpGN/XIf2juYnkmcXkgIDLNzWZnTt3Wf/wWGNY08Pm20XMCbvq9IfEKD5xX8WaYEDR+0eaI1yoU2yJsa6bF9t1q/RsROOqa3zXml1Jhg+QSshf+6LXQcGnUPEKQor/Co+hss8gzr5yQ3axZnivHhBM3bhvy9d5aSYUAwV3eD6nH84aNCypnqn0TG9fopYJ0OzujOR06eYFVya5tMPddn8QZiXPqol24+SLrB7DF/xY6k3+Zt1aUwoJiXa1fIScEVV499zXjf1IWyQjjVaydMj69PAvnisQihYZqVGbXAC1xD5S1T8XYZKh89/ykWsEVq1IFGNL4hHlznAz7rAQgFAmUghC2un0v2W1dG+Rp1J4AumoCJOONDBPDC8cI8sdczQxYxROz2UCGQmYX25w2WPFJwh0Kr9F3IDj72bjOZeU565ne+Cu+G84nJBWyGU00U3lNHfCTld5yOqmh3KbagKhoWKgr5CB9byOIJz2odb5TzTnj6nO570A7P58X0TdAL/u6Hl+gB5HKZmQYhcYFemLgnEuv2az6cfQMO7zFoKVUs7OHZRuGOLhJQW5lbzAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBT+qwCQmJ4k/KnMGor7J7i/MG6oOzANBgkqhkiG9w0BAQsFAAOCAgEAz3csbla+TrO2hACUq0fJDdJ2x4afHQfTtrS7CHivadILSd4zxaytwogCfQa3NQLBYMm/xOiU3tTTqRMlWv5uoq59Bdx982zwfqaN7tnXzlgX6KkprnNIh+ebym4poWRfGRP3rgYQ/1HGm01VJU+TmRABU3XxE87HpkFB0r+IpX9F/Ky4pbUzDILE+wf2auUlhF8GysGGORHbWM13OyzCTA9emuPwqz5hG1AkwsD08RnwESm2pRgCm9djTHCMR6MDQ1y5XUagDW//WY6+3Z9yw1sr34xbzuUMRmySsgqjTFRCGBUSGL3a/Lp0bv/BtqBk2KlfVa6fXGp2lthzZ4f7TX9c7mnKcxD7iqn9nr02OElJh/QOFPDph7g/p096Wo551JPku2hShKxs6fOYcFVyMvk0qytJtc0gYuQ6emdjq5bcba6X7PyfdlaILmbPW7bJpLDXBbrhJy+TuyYqopOwG/OOvh1Ao7k2jz6CGhpeiOpQ+Fnig0YpC+NEXOGVtmmQmhRvl66Bz2jvmZq+tefhf/j6E0cWTMxtCEDni3hvUIJEUD9mBoqrQ4RWSg8gLYYO9dLb0nqKS82l6E7xXiYlAVkjoH7S9n4hV9cnvBVXTKRGweCDHgxMTR9PBhni+aj0OoKhsnlDedatb3onkAOk6iSHP9m92enyX1BJHO7s1y4AAAACACV0dWJpdGFra2FtdXNtc3Nsa29rc2VydGlmaWthc2ktc3VydW0xAAABcJxX5XgABVguNTA5AAAEZzCCBGMwggNLoAMCAQICAQEwDQYJKoZIhvcNAQELBQAwgdIxCzAJBgNVBAYTAlRSMRgwFgYDVQQHEw9HZWJ6ZSAtIEtvY2FlbGkxQjBABgNVBAoTOVR1cmtpeWUgQmlsaW1zZWwgdmUgVGVrbm9sb2ppayBBcmFzdGlybWEgS3VydW11IC0gVFVCSVRBSzEtMCsGA1UECxMkS2FtdSBTZXJ0aWZpa2FzeW9uIE1lcmtlemkgLSBLYW11IFNNMTYwNAYDVQQDEy1UVUJJVEFLIEthbXUgU00gU1NMIEtvayBTZXJ0aWZpa2FzaSAtIFN1cnVtIDEwHhcNMTMxMTI1MDgyNTU1WhcNNDMxMDI1MDgyNTU1WjCB0jELMAkGA1UEBhMCVFIxGDAWBgNVBAcTD0dlYnplIC0gS29jYWVsaTFCMEAGA1UEChM5VHVya2l5ZSBCaWxpbXNlbCB2ZSBUZWtub2xvamlrIEFyYXN0aXJtYSBLdXJ1bXUgLSBUVUJJVEFLMS0wKwYDVQQLEyRLYW11IFNlcnRpZmlrYXN5b24gTWVya2V6aSAtIEthbXUgU00xNjA0BgNVBAMTLVRVQklUQUsgS2FtdSBTTSBTU0wgS29rIFNlcnRpZmlrYXNpIC0gU3VydW0gMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK91MDOqu2vTmSwSN4TZjXuXgNNu5/+bUJU+kJVWQtcZfCaEjZL6AR06D+JkOLeMvOiI+Yskqy6j9TfkQI4YJXmDdR87/2yoxcZW+LTtikSjq2xM/B3Q3O9ovc/kqs7wVfeiNNSDazd8HML+tQPsV868tLXF7QAPUzcqTfRPDIP7hs/L/oxOvYf5p4shV5x63wNniSydl2GnELhVkH8OLSc4dN/n/dpOEuNNFSICyODg/A+titfJVFDMOw/KFoCE0FFWw45Wf4kiMy/mhQq9pagbNt7T3CxtO8cTvVkjLOblpPfYC+3qkEBEqJW7k9XQgDS2RngOHwCTRuHu6fnsTxcCAwEAAaNCMEAwHQYDVR0OBBYEFGU/x4qGxjzdPFRcNfg67VIMR1fIMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAqP+HxMo6u4ZhcS17Pax5qCdIiqRLHXld9c1ZkgIR6k+QJuRDNnyon4QB3vkjINaiBn+S4LMl/DrDSSzdd6rnVC140vfRzKcPtJhWcfghTiliN0Eso38Gz3yDz+ePjOt/MnJTYTk/Daxe393LorWYztSVTq+D4TKmd/fINuq652arGa/mTu66ruJc8Axq6Q8aWuUVyOLOnoZY9kXt+wCFTTIft8gtUlVGT1SKlDYrxkw4+VA6w2MlO3PIxMlbqZPnqtZ0WZkJy83/TsTFD/KSOF/FtI6uUZvit+w8IbiYtfxcHCbKM+1DAn5aNz7b9AJ1aFJq/AkT1wcKfIl6iD6HjAAAAAgANdHJ1c3Rjb3JlY2EtMQAAAXCcV+V4AAVYLjUwOQAABCQwggQgMIIDCKADAgECAgkAhIIsXxxi0EAwDQYJKoZIhvcNAQELBQAwgZwxCzAJBgNVBAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1BhbmFtYSBDaXR5MSQwIgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4xJzAlBgNVBAsMHlRydXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0eTEXMBUGA1UEAwwOVHJ1c3RDb3IgRUNBLTEwHhcNMTYwMjA0MTIzMjMzWhcNMjkxMjMxMTcyODA3WjCBnDELMAkGA1UEBhMCUEExDzANBgNVBAgMBlBhbmFtYTEUMBIGA1UEBwwLUGFuYW1hIENpdHkxJDAiBgNVBAoMG1RydXN0Q29yIFN5c3RlbXMgUy4gZGUgUi5MLjEnMCUGA1UECwweVHJ1c3RDb3IgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MRcwFQYDVQQDDA5UcnVzdENvciBFQ0EtMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM+P4BG1n6h2dtvfD1Tvc2Mpgq1HxqNr7f5fM/hDUekaM5ExF6B0xNSnAeaykj5qne0O+XSYQNM/A4AGgkDoseKnUacdgyZrq976F5Er2MasHrGeGQHVl6bqDbfEVR8nfNII1XYfKRWHQDndOEURddCapzTgv83IUh25R34NuLvGDPZzVxZafkORH1U6xm1EBKqcqZynTIkXg66jBF5SgIseEiURGdcMfX0xREHq26+wHO+B0CzFmiGbPe1CO1Am8uzOcWEGYiFUTn/BnT5/IIyAyyrYl2LIgzORfbCiWg9X6DvM8iWy1Hwv7E3GoToVeue2XTX19khKNkVm1LqYWMECAwEAAaNjMGEwHQYDVR0OBBYEFESeSPXMbUjUoEt//lkkL4OXmZqGMB8GA1UdIwQYMBaAFESeSPXMbUjUoEt//lkkL4OXmZqGMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4IBAQAFPjVcFXCbycdzYW9yK9TCj/JDXQLOxJS5lBGDZ13iZ2x1dr+7DKo2xq1Hk2PcHn7W3i7+6RkyOAN/FPYAcyxZsSEG4fusGJUMo/+ZlvcrJ5vVJMwd3cE64JhEsMTkPnexc6lkLPYcAXw/XUWFwIXnJY+V3BfzPJ8abrDK4x0q6Uxj+iRhYtbafrYcbPUCHdQq3VWQ6yoRRzwuXnSygiKlfVMfRewnkX3nIhbowGg22MbxT4BEMvnh0dEdqt6oq5wEr60gDmSYTaVrwEhYlmlN3AeMUZOi358PPYtgtIKNqghOYkXg+QvS4OA8W95ccSclwuYDgYsQU+PHVaK0n9fmAAAAAgAPZW1zaWducm9vdGNhLWcxAAABcJxX5XgABVguNTA5AAADmDCCA5QwggJ8oAMCAQICCjH15GIMbFjt1tgwDQYJKoZIhvcNAQELBQAwZzELMAkGA1UEBhMCSU4xEzARBgNVBAsTCmVtU2lnbiBQS0kxJTAjBgNVBAoTHGVNdWRocmEgVGVjaG5vbG9naWVzIExpbWl0ZWQxHDAaBgNVBAMTE2VtU2lnbiBSb290IENBIC0gRzEwHhcNMTgwMjE4MTgzMDAwWhcNNDMwMjE4MTgzMDAwWjBnMQswCQYDVQQGEwJJTjETMBEGA1UECxMKZW1TaWduIFBLSTElMCMGA1UEChMcZU11ZGhyYSBUZWNobm9sb2dpZXMgTGltaXRlZDEcMBoGA1UEAxMTZW1TaWduIFJvb3QgQ0EgLSBHMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJNLu+lmiu6dW9U0k9AbHsPnnrhkM39jeGi0zS5xddebIMZNKby2aGCK9yGaVjVa83a92M2a/5NWS6VZBqGTNCndFjR1TvKBtMeWTq0ZFVJK/jxwdXDNryurFZozPKqzi6rNQ/316nD/7c8RO5TOTjIW0yNAKnezrzwBLGztmSyL2U5pmLL3j0GwMnhh1g1fw/qiQJIdXBfmcD4156K3wmLiq6Q4TLU5NW/qA2n6OlRohW3W8i9DVR6RDQ7Y1WqkltETPCx4UOg6ktIXVuU1GkAcPo0s7TnfQuCDQXTfo83ChmBIaONpC1QAi+R2aSENeU40CF4Uwsyxt63XfHCKx4UCAwEAAaNCMEAwHQYDVR0OBBYEFPvvDYaesOPdqbnxIRd/PvzwdysaMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBZ//KM9Yd9cT2jnxtb0dr405xrNr2bqWHr3hYsdD2e5nXa17qnvEIX5z2R6+V93T6c8c+SrGxIzMIiP2k7xbYVL6M1xmgqHFevOe+N0DXDGAx7AFYczYsZdN6+DxLg0KqhPwI0sXDOnRjWCAMJRu5g4H62xEkEUX1wYLyqsv95cnqmHT1fKvjK4v05t0e5637fBCOv+pwGB+n7Y5OAQLXGbAoxKM4Mn8+zIzWAQY1sxDd7gS+AoUBChenZOI3ooVPNAb9p6FoG8kULkPqu4b+d8q5XPKWuslb0i2VA6f0xgSz0OQnY7muntKYdFaWY9wGB2IV981FccYjeuswfgH5KAAAAAgAPdWNhZ2xvYmFsZzJyb290AAABcJxX5XgABVguNTA5AAAFSjCCBUYwggMuoAMCAQICEF3fsdpao+1dvlplIGUDkO8wDQYJKoZIhvcNAQELBQAwPTELMAkGA1UEBhMCQ04xETAPBgNVBAoMCFVuaVRydXN0MRswGQYDVQQDDBJVQ0EgR2xvYmFsIEcyIFJvb3QwHhcNMTYwMzExMDAwMDAwWhcNNDAxMjMxMDAwMDAwWjA9MQswCQYDVQQGEwJDTjERMA8GA1UECgwIVW5pVHJ1c3QxGzAZBgNVBAMMElVDQSBHbG9iYWwgRzIgUm9vdDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMXmK2987yYFJ6OBJNpvywH5mZqpMsIih2FBkTvLw2gbBsVMqSvBZxciHSvt+SmJk6J4vZJroKMNon7Kk7Om0Yw11XX5F/bPRcXleux3k6CPI64OGgN/vtTQ7S57q0YjW/8s5lR6lMAqFfDJjbB6OyTh12jiMTwGM0a2VBGmpS8iVCpYDQEC8foVUWdswPrXtht/0VaILxo6jTu7ghHgRwDQUoer+4Z+DyRrQJ00Z7yNxy2Gb3k+jqk8F0t/sJnjsHFg3Av1ZMPOQ7xtcbnS3idbiujYxq7hWX3PKC01uJVWGvGyWEu3EjfIfLPtS4DhjfoyI7Zvt0iVCLFEToWMOgJUIC/fv1dPOzqQIdfBJjVUIOzHP0fs71q/S3rBrTsXUFxi2A9LStwr+m68c5LN7MdQ6EGW16l+bdjpHY+KtblYkrpKkisMVv2A6wjwXiluGxwMr4+Tia3bvaOeIcqJGezftcMa6xb+eDZM1m7QPhcckBdrJrr7ei+/ERwYDi1zA4+g5TWgWuJMdR1x4Tk4U3hAzIOT1wqenVuPiuTl4EjkSLJHzU4qdSp78iL2yb4JkZZXeoiIrO5wrPncKeMMHDsSTkTWp06wJsjz2RqXkWjq741GBtJWRViaPAwPg7gFJcM5zzukNIm3eRIvR8XnqZdp/KZ3Z7Xfe/F6ZRXkYVZlAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSBxIzM9eQw/6UMCF+MFWchdAHf3zANBgkqhkiG9w0BAQsFAAOCAgEAE2Ui9Y4rrUTky/+5aObDgEg9BHv6Iy967Tbass5t9uae5V9Yj8s3MqHIZbauOD01Gz68O7YE0Lz5SfWb94XFNrbLvPjIOdXkXwe9FVSXdMrK7U+6umR2n4G4hEVJTI1vouuxzNHDlNpEwubi6hjooh8nBbrX5dapzd3vdpiNAA7NG/oDt46AWA4nP1L7lKLKXmXJ1oTauTVx8ybAT3fmgSfSdzuaFG959PbQ4dOUutBXUb0nBQ3B/cgSMO5vjRErCJ3U1L+ARRSaiETaMOq0p+Pu71uC1T7WrXiS21w889it+rhrf8Q2KLYCFYpULJywF3OO0DejFDyYlQAMKQVbnklJsV/H48vPJ2WONRe3V8gw2UFbuRS26MIPlDGnlJjMauu14Sf1EKgB6I4SYuiIzLV/RpfAmxBmOBo2Rl8iaD3fycYTJ6tTBqyiPIYGZW+xfrEpRJqjuklpKGmP1+VfrQSGZG8aoAzFCGLOgKPQ8+xo3r4zxxdbf4DETEyxpoSKwzu4Cc0UgboY41RXNv7bL3xHoTozyPlYO0RPscoCiQSWKGjFS7gmibvWMy9Q1f6aiboYMpJUxlvgnfle5Q0im/ba4sghsmIhqoZAsi5k01/I434RZ0UfBf7jou+zqLPzfY/4DB8iHy1wtLgBNHYwAOUjeKdW11AfivsG9cIZ8NAAAAACABJlbXNpZ25lY2Nyb290Y2EtZzMAAAFwnFfleAAFWC41MDkAAAJSMIICTjCCAdOgAwIBAgIKPPYHqWhwDtqLhDAKBggqhkjOPQQDAzBrMQswCQYDVQQGEwJJTjETMBEGA1UECxMKZW1TaWduIFBLSTElMCMGA1UEChMcZU11ZGhyYSBUZWNobm9sb2dpZXMgTGltaXRlZDEgMB4GA1UEAxMXZW1TaWduIEVDQyBSb290IENBIC0gRzMwHhcNMTgwMjE4MTgzMDAwWhcNNDMwMjE4MTgzMDAwWjBrMQswCQYDVQQGEwJJTjETMBEGA1UECxMKZW1TaWduIFBLSTElMCMGA1UEChMcZU11ZGhyYSBUZWNobm9sb2dpZXMgTGltaXRlZDEgMB4GA1UEAxMXZW1TaWduIEVDQyBSb290IENBIC0gRzMwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQjpQy4LRL1KPOxst3iAhKAnjlfSU2fySU0WXTsuwYc58Byr+iuL+FBVIcUqEqy6HyC5ltqtdyzdc6LBtCGI79G1Y4PPwT01xySfvalY8L1X44uT6EYGQIrMgqCZH0Wk9GjQjBAMB0GA1UdDgQWBBR8XQKEE9TMipuBzhccLikenEhjQjAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAwNpADBmAjEAvvNhzwIQHWSVB7gYboiFBS+DCBeQyh+KTOgNG3qxrdWBCUfvO6wIBHxcmbHtRwfSAjEAnbpV/KlK6O3t5nYBQnvI+GDZjVGLVTv7jHvrZQnD+JbNR6iC8hZVdyR+EhCVBCyjAAAAAgAbc2VjdXJpdHljb21tdW5pY2F0aW9ucm9vdGNhAAABcJxX5XgABVguNTA5AAADXjCCA1owggJCoAMCAQICAQAwDQYJKoZIhvcNAQEFBQAwUDELMAkGA1UEBhMCSlAxGDAWBgNVBAoTD1NFQ09NIFRydXN0Lm5ldDEnMCUGA1UECxMeU2VjdXJpdHkgQ29tbXVuaWNhdGlvbiBSb290Q0ExMB4XDTAzMDkzMDA0MjA0OVoXDTIzMDkzMDA0MjA0OVowUDELMAkGA1UEBhMCSlAxGDAWBgNVBAoTD1NFQ09NIFRydXN0Lm5ldDEnMCUGA1UECxMeU2VjdXJpdHkgQ29tbXVuaWNhdGlvbiBSb290Q0ExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7P+f9Ntse8WfFelDG12ii9Lv2T7TO6K8PMpfPX/7irg6em6W2QimppvLDomaVEFmSbc1RxqccaafR6d3XxsxoxnZ0o++HGwGSepCQymlb9LjAz6VZg72OgioUtxOHmsl5Jps4l+6iFoBpgUlofSYTa8bSdWnlfuwMBW/TLPpNmOwiPXjajz2CWsl+RwOPS2OrSdO5cmQ6OhvElZckwjMIcBWPZOvhxoVmavzUFdyLNNKlVGqx/aHuJAPdvNfbmSgJw33QyWZJ3cIvdki99h3hWUUhWgfVLJS6ghycax7cvDlWDRD/CrcPjfy01+7Nb6q9m9f1Typel5+tnWdiQocwIDAQABoz8wPTAdBgNVHQ4EFgQUoHNJmWjchVtl45soL1efvTO8B0gwCwYDVR0PBAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAGhAqai75E9debMFtRezYBPrxpJd4NHTav77vpttv8cFbVkgxBzwt9qEWAJj+kgW70+lC/dKmPI/nhutR2tjzghH61I/eJyvTa741U/PmpgqEEE5UsTd2ZsO75MBrrIuymhCJEJssLM6Ps3p2kjEFcvp+QcPklBJit0xl1/J6TeqO1lll5QyybOfPjpiWMVJrWIOcaUyqi/GiXZDQBMTZz2iVCUQy/E68tn620lWu6b+p0E1w+CIYcmIx982ECKYWeqwSvtWFnNurE33IqFPrR16LUUn5TDBXvLaE8slQlGVRwOMbCHMdELtU/8zi48PVwEWL8+m7slwIhS9/b5sCwMAAAACABxjb21vZG9jZXJ0aWZpY2F0aW9uYXV0aG9yaXR5AAABcJxX5XgABVguNTA5AAAEITCCBB0wggMFoAMCAQICEE6BLYqCZeALAu4+NQJG5T0wDQYJKoZIhvcNAQEFBQAwgYExCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMScwJQYDVQQDEx5DT01PRE8gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDYxMjAxMDAwMDAwWhcNMjkxMjMxMjM1OTU5WjCBgTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxJzAlBgNVBAMTHkNPTU9ETyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANBAi4ty45Eb91HBG1QEmNOpv8Hmil07h/u7iM4N4y8/BpbwoilQma7bO6FXsHRRcc3tQpFNQf6pyNhqhndEu1lml1BetNQscETP2jeVQmk8MMRxs1LwIU2h2Lo5fByeoySd8oMWmKoWfEObFVu3rjSR/tRiJhhGmj/rwfnxkFfrrHoNi9tyMGpm1eBGo3DcaNn/BEiJd9616ftnbUHpvDm9MtliAvGxqD1uN5ziL+LToiaLxrhVQ4jhIz6l0iQ5akerANShs6kl/g0/px2601HBC6TarDjvVVAkBWVGkzRPLY2txtQhGdKOygVhcQdzR+WKGRK9BE3OTpylSKy7JvcCAwEAAaOBjjCBizAdBgNVHQ4EFgQUC1jli8ZMFTekQKkwqSG+RzZaVv8wDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wSQYDVR0fBEIwQDA+oDygOoY4aHR0cDovL2NybC5jb21vZG9jYS5jb20vQ09NT0RPQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwDQYJKoZIhvcNAQEFBQADggEBAD6Ynpv2G+nXObd4rh1yGEnTh+RDgus/yar1qLXvVXwhUmX51Q3hbPQ+jJNzkS4CxE4HcW/AjzhhCKgegQrALyAvQYuR3EhFvPHG3rp2azPIAC0xRkzt553PiJT/M8BW6CSGJrjYODjfKmvdEszHP0cXTKLCBpYJ1tv+PzxGQd9Y4lYPPDvBHJM12ThSrO7I7C4wTpQ1tCQfS3hp2vICOMyVUpPwcCVZnCBnxO75i1dh9JJ2fT+EjVW36OWs1fH1GVamWvuQHK+T6+Uc1GeXXQQOvguDpheDuTASoMUzFQW5DfvHBXbj2EqN/DQXo8YhKL4wRTEex3i+WGE4rDviAWUAAAACADR2ZXJpc2lnbmNsYXNzM3B1YmxpY3ByaW1hcnljZXJ0aWZpY2F0aW9uYXV0aG9yaXR5LWc1AAABcJxX5XgABVguNTA5AAAE1zCCBNMwggO7oAMCAQICEBja0Z4mfei7SiFYzcxrO0owDQYJKoZIhvcNAQEFBQAwgcoxCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazE6MDgGA1UECxMxKGMpIDIwMDYgVmVyaVNpZ24sIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTFFMEMGA1UEAxM8VmVyaVNpZ24gQ2xhc3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEc1MB4XDTA2MTEwODAwMDAwMFoXDTM2MDcxNjIzNTk1OVowgcoxCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazE6MDgGA1UECxMxKGMpIDIwMDYgVmVyaVNpZ24sIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTFFMEMGA1UEAxM8VmVyaVNpZ24gQ2xhc3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryQICCl6NZ5gDKrnSztO3Hy8PEUcuyvg/ikC+VcIo2SFFSf18a3IMYldIugqqqZCs4/4uVW3sbdLs/6PfgdX7O9D22ZiFWHPYA2k2N744MNiCD1UE+tJyllUhSblK48bn+v1oZHCM0nYQ2NqUkvSj+hwUU3RiWl7x3D2s9wSdNt7XUtW05a/FXehsPSiJfKvHJJnGOX0BgTvkLnkAOTdOrUZ/wK69Dzu4IvrN4vs9Nes8vbwPa/ddZEzGR0cQMt0JBkhk9kU/qwqUseP1QRJ5I1jR4g8aYPL/ke9K35PxZWuDp3U0UPAZ3PjFAh+5T+fc7gzCs9dPzSHloruU+glFQIDAQABo4GyMIGvMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMG0GCCsGAQUFBwEMBGEwX6FdoFswWTBXMFUWCWltYWdlL2dpZjAhMB8wBwYFKw4DAhoEFI/l0xqGrI2Oa8PPgGrUSBgsexkuMCUWI2h0dHA6Ly9sb2dvLnZlcmlzaWduLmNvbS92c2xvZ28uZ2lmMB0GA1UdDgQWBBR/02Wnwt3su/AwCfNDOfoCrzMxMzANBgkqhkiG9w0BAQUFAAOCAQEAkyRKMF9iz9gamC896tyZLb139qV5IjjsxKegeBKtYg5FcGTF55dmLZgJfl+v1swoZfIBqggaR975+XySWghpIA3ZPm1uPA1u2OYGkUAYufjB7d/bQargliDJzWQVOIHJlO6ihCkLE2+O2wzdJQLbpIsZRNJBegVpSlhPYMp+gmoLAqolFzm123/nhGUqlYq9ht5egRaDLRDM3v2ogiptKB8NC8Tl5xomGeH0EW8QtZX850IFMtvOnVFeKLaehdNb76V9RUByjrcOaw4G+zM1SHG4nSeLxGVfDYZ2nER69pVc9l0yCDOkVLYYP2hc8kJKhThUg1/R6CzyrBHWqO1jagAAAAIAEXhyYW1wZ2xvYmFsY2Fyb290AAABcJxX5XgABVguNTA5AAAENDCCBDAwggMYoAMCAQICEFCUbOwY6tWcTdWX73WPoK0wDQYJKoZIhvcNAQEFBQAwgYIxCzAJBgNVBAYTAlVTMR4wHAYDVQQLExV3d3cueHJhbXBzZWN1cml0eS5jb20xJDAiBgNVBAoTG1hSYW1wIFNlY3VyaXR5IFNlcnZpY2VzIEluYzEtMCsGA1UEAxMkWFJhbXAgR2xvYmFsIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA0MTEwMTE3MTQwNFoXDTM1MDEwMTA1MzcxOVowgYIxCzAJBgNVBAYTAlVTMR4wHAYDVQQLExV3d3cueHJhbXBzZWN1cml0eS5jb20xJDAiBgNVBAoTG1hSYW1wIFNlY3VyaXR5IFNlcnZpY2VzIEluYzEtMCsGA1UEAxMkWFJhbXAgR2xvYmFsIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCQevRW0ut/HjKUntjgLafO2TqgsLiEdXETfIV1+I3T+Xn60SremrR+u4AYW4ptb2Wd0a12AjymdhhvZnA2YbXYQKFjkZbB/Sph5n+DDMX6AK7WMwEA7EYbQy6KGNmCk1TCCbdlu0A8SBDOXX09hWvDk+ZGr5x07vOjP9GstNHziSGEcjvNhRMxvoEqplLBN2uepNHpyOKhBzDyUEX3ryKaMt4bLyjM72T03i/t6PoYs53PXClesZJsZ6/QPBAiKrAMXGWT0WiUijTQssvZoHRJt04oeFNrEj6biI4XVeg29auDp7OwXu0IbZ6ol7UWDIfzByXzVYj768sUt0/3UZQIDAQABo4GfMIGcMBMGCSsGAQQBgjcUAgQGHgQAQwBBMAsGA1UdDwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTGT6I9BmOECZzOYuQErI1ctem2GzA2BgNVHR8ELzAtMCugKaAnhiVodHRwOi8vY3JsLnhyYW1wc2VjdXJpdHkuY29tL1hHQ0EuY3JsMBAGCSsGAQQBgjcVAQQDAgEBMA0GCSqGSIb3DQEBBQUAA4IBAQCRFTkDARtn+0oc+QpgW6HaTZdi+SRTJ9eCZE6QLsNJGyua3PyoeGc18R3wEb23SOMQ9g3fP9LJtqpVpEi6AtveWS4VWzudFn1H1zfqX012Eja7H9ehgQRGIKMsbameAX4/Kc4Ak9/9yZJziYlknucr5ByRLNK5zn3ObzGZ0+a+0h6Q8AkUeVwjq03S2iEfTZl5neHPJ58QmxyIDbCKZEExuA5skCSkm1xxj7q7fhwb22qADyG86dumt0D0soupseTvmhrQPWmZ7qgoo+E8s/CyEZzPfEDm3edDfaLYOrWpjfI0mcTUEOEG/QmEEDvuxEz07Cd8QsJ0fIKKCcm0AyW8AAAAAgA0dmVyaXNpZ25jbGFzczNwdWJsaWNwcmltYXJ5Y2VydGlmaWNhdGlvbmF1dGhvcml0eS1nNAAAAXCcV+V4AAVYLjUwOQAAA4gwggOEMIIDCqADAgECAhAvgP4jjA4iD0hnEiiRh6yzMAoGCCqGSM49BAMDMIHKMQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAyMDA3IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWduIENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHNDAeFw0wNzExMDUwMDAwMDBaFw0zODAxMTgyMzU5NTlaMIHKMQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAyMDA3IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWduIENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHNDB2MBAGByqGSM49AgEGBSuBBAAiA2IABKdWenxS2mSbDi1c2F6skj3+AeYZSj0UA0v6YCcg2YOJafpUxpoYXlUqZN4G9o1KO60QPGU9kIgEieAwYbOuXQGne958sr7KZWEAhq7aj3vQia1NHVmaQbG8R4DcnmLD+aOBsjCBrzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjBtBggrBgEFBQcBDARhMF+hXaBbMFkwVzBVFglpbWFnZS9naWYwITAfMAcGBSsOAwIaBBSP5dMahqyNjmvDz4Bq1EgYLHsZLjAlFiNodHRwOi8vbG9nby52ZXJpc2lnbi5jb20vdnNsb2dvLmdpZjAdBgNVHQ4EFgQUsxaR/e6mbuS1LkmPh3iBgOzlsbUwCgYIKoZIzj0EAwMDaAAwZQIwZiEMGCZgWjh7VkLgp/w2hFGRICx2TUM9xB2EI9Cs1nw1Bs7Nab2QDdtsSEIdDqpCAjEAnD1IOSM5WBoVEllqnu/VWbIdUiyZcc3HKd8bKmF7cdHe88DlDTpKqi2n2IYq3S4QAAAAAgARcXVvdmFkaXNyb290Y2EzZzMAAAFwnFfleAAFWC41MDkAAAVkMIIFYDCCA0igAwIBAgIULvWbAiin23r/1aOp7r0DoM8Sah0wDQYJKoZIhvcNAQELBQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAcBgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMyBHMzAeFw0xMjAxMTIyMDI2MzJaFw00MjAxMTIyMDI2MzJaMEgxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDMgRzMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCzyw4QZ47qFJenMioKVjZ/aEzHs286IxSR/xl/pcqs7rN2nXrpixurazHb+gtTTK/FpRp5PIpM/6zfJd5O2YIyC0TeytuMrKNuFoM7pmRLMon7FhY4futD4tN0SsJiCnMK3UmzV9KwCoWdcTzeo8vAMvMBOSBDGzXRU7Ox7sWTaYI+FrUoRqHe6okJ7UO4BUaKhvVZR74bbwEhELn9qdIoyhA5CcoTNs+cra1AdHkrAj80//ogaX3T7mH1urPnMNA3I4ZyYUUpSFlob3emLoG+B01vr87ERRORFHAGjx+f+IdpsQ7vw4kZ6+ocYfx6bIrc1gMLnia6Et3UVDmrJqMz6nWB2i3ND0/kA9HvFZcba5DFApCTZgIhsUfei5pKgLlVj7WiL8DWM2fafsSntARE60f75li59wzweyuxwHApw0BiLTtIadwjPEjrewl5qW3aqDCYz4ByA4imW0aucnl8CAMhZa634RylsSqiMd5mBPfAdOhx3v89WcyWJhKLhZVXGqtrdQtEPREoPHtht+KPZ0/l7DxMYIBpVzgeAVuNVejH38DMdyM0SXV89pgR6y3e7UEuFAUCf+D+IOs15xGsIs5XPd7JMG0QA4XN8f+MFrXBsj6IbGB/kE+V9/YtrQE5BwT6dYB9v0lQ7e/JxHwc64B+27bQ3RP+ydOc17KXqQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUxhfQvKjqAkPyGwaZXSuQILnXnOQwDQYJKoZIhvcNAQELBQADggIBADRh2Va1EodVTd2jNTFGu6QHcrxfYWLopfsLN7E8trP6KZ1/AvWkyaiTt3pxKGmPc+FSkNrVvjrlt3ZqVoAh313m6Tqe5T72omnHKgqwGEfcIHB9UqM+WXzBusnIFUBhynLWcKzSt/Ac5IYp8M7vaGPQtSCKFWGafoaYtMnCdvvMujAWzKNhxnQT5WvvoxXqA/4Ti2Tk08HS6IT7SdEQTXlm66r99I0xHnAUrdzeZxNMgRVhvLfZkXdxGYFgu/BYpbWcC/ePIlUnwEsBbTuZDdQdm2NnL9DuDcpmvJRPpq3t/O5jrFc/ZSXPsoaP0Aj/uHYUbt7lJ+yreLVTubY/6CD50qi+YUbKh4yE8/nxoGibIh6BJpsQBJFxwAYf3KDTuVan45gtf4Od34wrnDKOMpTwATwiKp9Dwi7DmDkHOHv8XgBCH/MyJnmDhPbl8MFREsALHgQjDFSlTC9JxUrRtm5gDWv8a4uFJGS3iQ6rJUdbPM9+Sb3H6QrG2vd+DhcI00iX0HGS8A85PjRqHH3Y8iKuu2n0M7SmSFXRDw4m6Oy2Cy2nhTXN/VnIn9HNPlopNLk9hM6xZdRZkZFWdSHBd575euFgndOtBBj0fOtek49TSiIp+EgrPk2GrFt/ywaZWWDYWGWVjUTR939+J399roD1B0y2PpxxVJkES/1Y+Zj0AAAAAgA0dmVyaXNpZ25jbGFzczNwdWJsaWNwcmltYXJ5Y2VydGlmaWNhdGlvbmF1dGhvcml0eS1nMwAAAXCcV+V4AAVYLjUwOQAABB4wggQaMIIDAgIRAJt+BkmjPmK51e6QSHEp71cwDQYJKoZIhvcNAQEFBQAwgcoxCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazE6MDgGA1UECxMxKGMpIDE5OTkgVmVyaVNpZ24sIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTFFMEMGA1UEAxM8VmVyaVNpZ24gQ2xhc3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEczMB4XDTk5MTAwMTAwMDAwMFoXDTM2MDcxNjIzNTk1OVowgcoxCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazE6MDgGA1UECxMxKGMpIDE5OTkgVmVyaVNpZ24sIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTFFMEMGA1UEAxM8VmVyaVNpZ24gQ2xhc3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7qcUvx4Hxoebxs3c734yWuUEjBP8DZH9dCRCvUXyKVhwRZATfuKYZDldiDBEQZ9qyxupvURQY76La0qYVmkZyZM0Oi8UltwIARY0XrJpGm8gxdkrQWLvNBYzo2M9evwQkkLnZcnZzJu4a6TFRxwvCBNLxjekojobIVXERrpfuMmEVSiRZZVg8owiejc2KPtKoA/f3llVz4VIGYIL5WTv6pHL6hGl/AS4v7CCitR5nbmt0a34g2mzKjDTFlVieboU1wc6p3wYhYLp8lfDPDewnbOr/dq8vpBpqIzFMnlemPTnmI31YVlng7mUyR0G14dElNbxyzng0k7Fa6KaLlXlwIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQARFJbBq5II9z8vybL+5FqfZN7bIU+GmTR2Nlfd0BUvxa1/FR83YnM+1OdfzhcD2zX6K9uuYAlfHl+PbrsLPepaEx4MYG+1wLUjIi4HC8updMtHux3B16VrzC/SQv1J3aeJz1O62gBaKL+C3/i6Ex1QhoL9jjCPKUawHj012jhiFhhKrea2UWzer2LrAdAeJP56jxIaEmi4+2aZFBRFXK7nrmkXgStaN8leKvTG4qFcVJumVADP8PHBx5gwGjs2Ftujbur9rbLC2u8CRxOKwPGzMa1PHOFPnK8PDJ33eA3Y9DVWgNq3bRePnR6BZOH+xUW6rWu5CnpOT0uE7kvxfd0RAAAAAgASc2VjdXJlc2lnbnJvb3RjYTExAAABcJxX5XgABVguNTA5AAADcTCCA20wggJVoAMCAQICAQEwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UEBhMCSlAxKzApBgNVBAoTIkphcGFuIENlcnRpZmljYXRpb24gU2VydmljZXMsIEluYy4xHDAaBgNVBAMTE1NlY3VyZVNpZ24gUm9vdENBMTEwHhcNMDkwNDA4MDQ1NjQ3WhcNMjkwNDA4MDQ1NjQ3WjBYMQswCQYDVQQGEwJKUDErMCkGA1UEChMiSmFwYW4gQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcywgSW5jLjEcMBoGA1UEAxMTU2VjdXJlU2lnbiBSb290Q0ExMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAP13qqUckAU7y0ybM4taFEWk55AW0d9X0iEQpBf936zWH6fk23z37N+4A9qUWP1dcnyMP18BZ3QVluMCPIfbrssBjsLzZsaFRfQCxjq1YrKv+py/pObUgDCY8w22k4+p1Ng28rD8isosoRUzlTHawBvy7mKZhmM/v92TKoOodrkTH7fOTkKFjyLnLhrylQmyBbVETnehIL2p8k4KfVCt9QUNRU9Gcf0oPlP7BNgt12UdShv6zzuwMZo1bsiLBtMAkfKUCGVMsTQGAHqJ4vDHA1nP1dbopzKz5phAhsXNJxKLzHvOtxE8YmAHIz4rQG6UgAlttrNvd281CFD7AofFPokCAwEAAaNCMEAwHQYDVR0OBBYEFFv4TU+ypYbUOtLxY5qgvgn2V7feMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQCgoTgWZi6nVh8hnAb6He25IsU4JthOT+yjf3neRiGhh3ePBwiasqTFrw8ymAt8Zim2m30lUklDq0wuK256cK8WDuMCbPtC5hidRdhVyOg73efh9C4LHDRcbFhK+4yIUF+VHL/tqyK1ZbOFup4PuK3lehuKUDodvQ28e1RQC7lCr1WgGIGtZZnvvuScv8SFq0GyVG/cJc3teOKODI0JSd1je1pplgIhqL1SWel9NcvIUsp/gf7Za9P3Ee0l3/jn+aT6cpeEUw2l0DIYUXZZFGwP6+xfgIx1Q4PDhZj/TJ4tDeR3g5NOtZYHiygTm4wZjUEnSUDu3uYjRDncoSLWugPyAAAAAgASYWZmaXJtdHJ1c3RwcmVtaXVtAAABcJxX5XgABVguNTA5AAAFSjCCBUYwggMuoAMCAQICCG2MFEaxpgruMA0GCSqGSIb3DQEBDAUAMEExCzAJBgNVBAYTAlVTMRQwEgYDVQQKDAtBZmZpcm1UcnVzdDEcMBoGA1UEAwwTQWZmaXJtVHJ1c3QgUHJlbWl1bTAeFw0xMDAxMjkxNDEwMzZaFw00MDEyMzExNDEwMzZaMEExCzAJBgNVBAYTAlVTMRQwEgYDVQQKDAtBZmZpcm1UcnVzdDEcMBoGA1UEAwwTQWZmaXJtVHJ1c3QgUHJlbWl1bTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMQS36lf/kHd3fWfiuP2rOE8eJq82PB/eqAzKtyNIFuuLW/nk9k2cGpoz45Ro4VbZwSgECRvXSiCwZdX2EgpE7bhvpFN34UMUxiaHiSiT4/wooULy/Qpf9KkWO4mTcmqqHua2fo43kRXFeX4jMjZSOINFicdHsiDhSW3uqpVQcwDIkstkY2L5omvZsfp/yvpPKza0rPD4Wicifh6AFbe9FWVbPu6ZN1ii98LdzLrYswmmpu7qmKDTLQGejDIKb/tBk2XuRzEMSvVX7xTEhecmVcpZndhITEHLiVJnRjy7vMrcYy1ujkHSXf87y6SkAWNLS93e+9DvzW7mtj5c6cs8tBX7ihOJl+PkGgJL7j43AbpLpo+UafRIsQKpzhIbLP5/32rhlfjutaFeHe6Q+pIf/bYviNtHr/RNmxYXPHupBlUGvUD0nbm4Yy9PLPTSEviyPh/kqh2RpxCZT6kHsEHA1pGLbiX87fVslUh77rcTACX+xSVJzO/6ENHRtIImRZgO5p+0ubtOOrsAR48SFZJCcdMNwCeiA7Ac+FvZulyRzA+EOULA8maQgBsxZR+YcSK33+CGgtZxFkyd7O8YGlWOf20Bnss1mQ22b1I7YQffqUijyq4QvSCt9RTkHhOLRr9gW9E1zsBdJZC4ADiLmvqxe5yrLu//uqqqPjc9rJ5irZnAgMBAAGjQjBAMB0GA1UdDgQWBBSdwGemDCLZJvVFq6ZlUhEn2EWsYzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQwFAAOCAgEAs1dNEGJOOuSs6rgcrzIjyLNJWlGcdiiNeapXRhfV9VL2t0ToCES/GITSC4DNxRL9AFUFYYdB3LUknjzE2Mj7cJ4veJaDIDbefA9pE4ildTaYCKbG36zO41jWtz7euvPrNEDYooH1eD8v1aX82aLUXgQOF63+QfDlsnL6RIIzQugtWPdWjGI/ukKwnAxcfi5lJlxTTwCyeH6hDZktjbgdjqLEsP1g0DCkjsgEYqnE7TXeepftDjheki+TcKWpnG+nfRMdfsYISLFeZ+tRCCXp5iVrUimRnNI5cwhX3pkGtFudEAbhwgCouBxKAgoU0MFByvuMNSF9gjjyqVSRGTWTlG1qOsWy0LuJhpPom8kPOqd6uKHweEb6/Dcv5YqE89/+BNmhaKAvJOIJlQbVlcrhJJbrfPaTBbvtc+kt0XU51+ck29hOX0OPntAUOb9VcEiZVzG0nO5KmAOWMB9gBu4bI/6BYCMaR2KFpcwZNIBvs6wa45/we0it1QHZZ7apcpPqLWa1srjkPTyy70yM6usHv6s1mlWGvBimtahetINsa2lA05/c8cNpa7nhbQn08apQdgp6fXoXoVWWQpkxCd1gEY0FMH7mjkbRnRTaxxfkBZaMxCS1G88UB7JA+KOeQYa8BNBrlsgqgDT9v+8Go91YxYU9Po/+ningtrgJaBkcGEMAAAACABBnbG9iYWxzaWducm9vdGNhAAABcJxX5XgABVguNTA5AAADeTCCA3UwggJdoAMCAQICCwQAAAAAARVLWsOUMA0GCSqGSIb3DQEBBQUAMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxTaWduIFJvb3QgQ0EwHhcNOTgwOTAxMTIwMDAwWhcNMjgwMTI4MTIwMDAwWjBXMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEQMA4GA1UECxMHUm9vdCBDQTEbMBkGA1UEAxMSR2xvYmFsU2lnbiBSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2g7mmY3Oo+NPin778YuDJWvqSB/xKrC5lREEvfBj0eJnZs8c3c8bSCvujYmOmq8pgGWr6cctEsurHExwB6E9CjDNFY1P+N3UjFAVHO9Q7sQu9/zpUvKRfeBt1TUwjl5Dc/JB6dVq47KJOlY5OG8GPIhpWypNxadUuGyJzJv5PMrl/Yn1EjySeJbW3HRuk0Rh0Y3HRrJ1DoboGYrVbWzVeBaVounICjjr8iQTT3NUkxOFOhu8HjS1iwWMuXeLsdsfIJGrCVNukM57N3S5cEeRIlFjFnmusa5BJgjIGSvRRqpI1mQq14M0/ywqwWwZQ0oHhefTfPYhaO/q8lKff5OQzwIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUYHtmGkUNl8qJUC99BM00qP/8/UswDQYJKoZIhvcNAQEFBQADggEBANZz53xPdtCNv+y6or40xSgytXz8bJwsK70JnlO/a16qEUi25Qijs8o9YU3TRgmzPsOg42NVG/K676054UO5OKPmL4omO++gUFb5xgr9OM3EC3BRlJeYBN/DX5TVFckUQZzEXXVkFQ3/VTDsho//De8suWNG9qr837xp/S4SSGSa4JXwpu8pjwGxFbUMHaX+aSxpJHges6cccWLuysiXrBddisL4R4ZuKsRWMZXQZ4mFK/lspl1GnQyqguSZUd1wt9tWPWHkauFc1vb+Pd5BzAeuY1K/U1P0K+nH/bb3gl+F0kEY24GzBBzFH6SAbxUgyd4MiAod1mZV4vxIySkmaeAAAAACABFxdW92YWRpc3Jvb3RjYTJnMwAAAXCcV+V4AAVYLjUwOQAABWQwggVgMIIDSKADAgECAhREVzQkW4GJmzXyzrgrO1unJvB1KDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJCTTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDEeMBwGA1UEAxMVUXVvVmFkaXMgUm9vdCBDQSAyIEczMB4XDTEyMDExMjE4NTkzMloXDTQyMDExMjE4NTkzMlowSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAcBgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMiBHMzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKGuJbIBGNxXiD9G6/mv4usjceKa0WFmIV+qrydR5W4bFtQtfVCwU3e9eDpg4mQCm3yGm9Yajq3/HxV/1ZUeEsvmFIQEwd82sxafiuPJ25g0ztgzFyhG/KfJ8NK01U0Jckn58ofjqdp9oX1rsjolqW1SRKz4vm773KZzkZBhpgMUIPLnh6OIra2gjP+mCyVSJecWAdXLuDWBDKM78OHh/FpdzoBxbfhJqz47urjXgAH7petbs8VeYCoxoK836CA6n6gyLAzMCR3Tno5dvEyY7sUaaHvsU6bpFDWj382AnwxI+xz08b9KuPrVjHFKxx+t/kGas4Nd8oRW76VXQ84prYyrVb/E+1sB3SMhoVgAjsPQahPtE+MSK4DcZ+aVss0eIm4q+EHU8soUB42KVRLGafW4hmgvU16w0qohwZjmMONnVcebbqwZqFWmRQbQIzrb62VdKhER8DtPym30NMRx5P8AWvZcriNghXPx5BCxJa7VkrsTwQzgOdq0OVe1qzWqciE7gzXnMd96IW64Mgh9HTKRFUpics/jd6G81REbdgFnCOBBC8PrFW74pBnZoquv4idSVisCiiwUJPm/QgK/JsjGj+BuOH1TLeXtmLOVY2h/+TX034jFYDWSwHxpHGGVFtDr3guvPgQQRWVYUDivSPJZthbyPA2QAsZwLgGtPBXXAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBTt5292Wr9g7ElbxqV3u3IWcZvEPTANBgkqhkiG9w0BAQsFAAOCAgEAkd+AP0MJfnHC9+uziI/hUbK8PXX5KF3IvJmbe12q5crhCvfostOf3WcxfroBqsdqQTuQ1AhcsmBqkPDIzgNi+Yvt+24q3AZNPCkPiRaKWExID+iEYeo8cqZ35EKuiKNDWHl+rsqlUw2pPXC9IBlhpGw4/EMy4cFH//js8REiMpacwvZbaZZ7IAxDQZpb9lkZiN5ViDdRC3hcCh6jQv3HnYgPwPJ4AiRUk6+Jh4jJSoAd6tBuPmEuNrs1DieW/WY0O2Fyc/EWXEcGVEkAelgSsArvhf2xuDN1apMcEuZgXm8df8kfI8uEYZ8egkT5X61iVSSaUpjtUeehfpc65i8fEdpTgCyFnqs1ENsiX2rFXpdT8jICCTCjWPANAdVyxrF8aXvD9TZFzGFuXkyUxV6u6A5ei7/3zeDtoQ4bM+5UGP4Pvu9+hGtD43CY2111sg1ZB4UVIznW8d+pJg/WSMezpiL1MzdalUefe7oYFW//1hRkg0nSCmch2w81Y2AoIuOxlYPNhabdLw/nZ1Juuy+FfPVKc+fFPsC9IRIFP/y3A0kCW8gl5uJUOPV5h4wdU7JOhXsGOMcs+Piwco0l5XdS9AMcSKZQX4ggMG7ygkOrPZeE51P7IcFPDyKahrhZKvZHPRmILeiF4Z7shQhqsWw0yR3sSCs7eO1mxI55aYPef4wAAAACACVnZW90cnVzdHByaW1hcnljZXJ0aWZpY2F0aW9uYXV0aG9yaXR5AAABcJxX5XgABVguNTA5AAADgDCCA3wwggJkoAMCAQICEBistWr9abYVOmNsr9r6xKEwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xMTAvBgNVBAMTKEdlb1RydXN0IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDYxMTI3MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjBYMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjExMC8GA1UEAxMoR2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL64FXv/1Hx9Z62DZHvIQlMt3/aECCBh1gFZapxEEa/vdv2Vfs5hMLt6g18CvQFmyu4VjW+hMJy9oYWelDrzVogAMc/Y7mqWAtntA4z7dW3n6rhVFgUWmvTgXrGIwGSFXBVNiMe3uuB16a0FPZ3HiUjguyjIA+Ewk2ReUsBZcCI1V4iK8ZUKg9e8MXMBNO3vRnHgawKoNXJrl5tm4MsceV/YGgRoHkcC5p1g4jaXAd/ONZLfvmfHbXdZO4+d1pAVlLxCNBDBOfmxJz5+1op1xbKvltOi3pvkmL594emBrbZv/NcO2uA0sA0ad+fjCJjvWPqchLc2r8LfrNL0EAZwcTUCAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFCzVUEGXFYvwjzZhW0r7a9mZyTOSMA0GCSqGSIb3DQEBBQUAA4IBAQBacH8s3bc0T/WGUakmvku4qvFxDdxhx6DqNB56dw8ENegnj2yQv5EWJEY+Sk7OKxbVC1Id/B9nogJFMU/O8/oDp3mdU2rZ2mM6+IDX05nhpeG+1FVxmDU6vpPqrq1CspBv4PwhTTVjM4lJ1ptOysfnTgkA99rH75limXe2lSJeiqCr9Lh4mMo4GZnJcp54zUusrxmgcxIt/MJBuoGR2hZaMbf5tHGAEkiZcnNaWVPBY1Iz7afJ0jkCcPrgsUJmKaqbUe0wVCIUX9mrHcHklPD49Sv36sp4Rta4kf2mDSsaFAE+gPBCoJUHXm3NzEukRY2rEuiz3lrloHzoDyIdWulZAAAAAgAVYWZmaXJtdHJ1c3RwcmVtaXVtZWNjAAABcJxX5XgABVguNTA5AAACAjCCAf4wggGFoAMCAQICCHSXJYrHP3pUMAoGCCqGSM49BAMDMEUxCzAJBgNVBAYTAlVTMRQwEgYDVQQKDAtBZmZpcm1UcnVzdDEgMB4GA1UEAwwXQWZmaXJtVHJ1c3QgUHJlbWl1bSBFQ0MwHhcNMTAwMTI5MTQyMDI0WhcNNDAxMjMxMTQyMDI0WjBFMQswCQYDVQQGEwJVUzEUMBIGA1UECgwLQWZmaXJtVHJ1c3QxIDAeBgNVBAMMF0FmZmlybVRydXN0IFByZW1pdW0gRUNDMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEDTBeGxWdA9CheTW3OjySesoVHM1i85wmXAc95VT6o9bMEur0FF/ojhmrLy5I5qwYQ3is0DfDvbLNLOZH4hrmY7g9Li94xE/b9A+kaExVcmuVHU4YQpV4zDc8keKbZSspo0IwQDAdBgNVHQ4EFgQUmq8pesARNTUmUTAAw2r+QNWu1jwwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwCgYIKoZIzj0EAwMDZwAwZAIwFwnzh4hQWq/IwEK/R1/1bGqG4MQndOQ4U9cFfxs048Yvs8oJPDed1+e4RvH9oeJxAjBCWYdD1FHfutMJMlrOiH5XPZxfQmv1By218IKT+VlvrmT6WOWLHuNjvrWBzW8CjHkAAAACABNob25na29uZ3Bvc3Ryb290Y2EzAAABcJxX5XgABVguNTA5AAAF0zCCBc8wggO3oAMCAQICFAgWX4pMpewAyZNA38TGriO4HFqkMA0GCSqGSIb3DQEBCwUAMG8xCzAJBgNVBAYTAkhLMRIwEAYDVQQIEwlIb25nIEtvbmcxEjAQBgNVBAcTCUhvbmcgS29uZzEWMBQGA1UEChMNSG9uZ2tvbmcgUG9zdDEgMB4GA1UEAxMXSG9uZ2tvbmcgUG9zdCBSb290IENBIDMwHhcNMTcwNjAzMDIyOTQ2WhcNNDIwNjAzMDIyOTQ2WjBvMQswCQYDVQQGEwJISzESMBAGA1UECBMJSG9uZyBLb25nMRIwEAYDVQQHEwlIb25nIEtvbmcxFjAUBgNVBAoTDUhvbmdrb25nIFBvc3QxIDAeBgNVBAMTF0hvbmdrb25nIFBvc3QgUm9vdCBDQSAzMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAs4jX6s4PIE6+5tYDbe5Z/MJX3ylooYMOPmjHaFicHGBLiUMMudQVsu7BTnXptafv5ek1meTMHOdLX40zMCAzU9mmu9U+E47pH4dJrVAtUMoYvgFYohNwlruJiFaAXPi9LDzhTFeIu9O5le/Lx/baMXQopuZUifVBMcrlJhrNguBw2jspu9UD9Zm6VfVk0WAOs4lJuIovBdKERSh8j2hQEnj8C7VTy8KYHISjnrC+I6Ta3MgrHtpuRR6JmNr5AC4G6Qw7cNVQJYiZy81zYPfV/zVnxaG8XqvNSrhF68hoHg0NFEYS49JkYopCmLy0xggI+P2oTGScdgG9L6lsMw/YPyi4PGkBQoZ+acHJBsrlekZl6cLWUEEuP7fk7WzXvyYBEaIWKUprNAaQ7BPStvtqdtI87fDWLd3hFeyjmy8syT4r5Gk7/3IlsTaGW8d/a4tVG0rFIGE9rstQ4Qg6vrCPY0FTMAhZPJgdd7pjkXrKEFBgv/DXvJWHj5fF/pdqAZSjfFuFHSo5OtBUodE5cZ39Ifm1e/Di4AKPbpYkJSygHiyoxImn7+2ZBi+2CkxP26LMNxqvR4Util/ENDRMAP0Yk2cT0TfmSLSLBsVXexmGCnnLAMlSr0L/N4/hox56PVCrYwbnFbU/tkU3lDexfvJIw3/Fdf6XjUWPGqcacigaQA8CAwEAAaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHwYDVR0jBBgwFoAUF53NHovWOStw01zUoLgfsAD8xWEwHQYDVR0OBBYEFBedzR6L1jkrcNNc1KC4H7AA/MVhMA0GCSqGSIb3DQEBCwUAA4ICAQBW1Xtu5iIB0kKbGNUO12YjXOP+oMeS0umUrUuixuwSfHTVSNJZFJnA67nR6/RIMFutp1dzmanT5bfRLlkkWNxoLi5i2GrkcAstIFAgpDKV0QCYu9P99zLySa7GeuBHvm7Oy6NyOi1pXcvI6EU51PpCwRFMd12S+2r/WETl64Ger6CZrb6pAWbLOB0830Mf9E1utLoXRvx9/YeBeWoNMw/6L/gUuYCzXU2ql+H55BjF+NU4jCY8/fIo4u5aSYgs33k9jp6QPL1BSjrdW/aatM4/JTB/Mn2iA5TQ3HqhUt5uk40YJv1VrL2Pm9LPr+eGLMsfCW+jb6mE1HO/TaF0G04jYPLMDqp/pJxMJaiyZjs4/9mUMPZyhL5oVRAPxnMsFmmTB/6xRe27olVqsNq1SgIlJ4XXt7eGRBaJbIArPpepnNV+VUzG3kUQHOrpO58DU+7uegECFnjU6MK+RnaIEz8iu0gSHVIAtAJ+IRoenCX08z1eHtIc+bMttvc3XMbLIU6w95lHGIXBK7pVrgbq0Aey3KvQgpZ1ztJQ/pnnzy+f53bRYSr7Ibsx0KqfR6SyIsoWOlBXxFtDZ8VlYgNJAetD2dj4nq3PsWMORfSgWiybLcWmwK2oR/QnTDgNLhtJO1L06IiDK1Qo1PI1UrQyg2JpZAyRnJ+X6nQW/R8RBpqb9AAAAAIAEXF1b3ZhZGlzcm9vdGNhMWczAAABcJxX5XgABVguNTA5AAAFZDCCBWAwggNIoAMCAQICFHhYXy6tLBlL4zcHNTQTKLWW1GWTMA0GCSqGSIb3DQEBCwUAMEgxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDEgRzMwHhcNMTIwMTEyMTcyNzQ0WhcNNDIwMTEyMTcyNzQ0WjBIMQswCQYDVQQGEwJCTTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDEeMBwGA1UEAxMVUXVvVmFkaXMgUm9vdCBDQSAxIEczMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAoL5QEI7p8mxAtASchbkxytwt5BGpBDwbVcHnWDAdJLTD74XejCzhwT3fguZPrUeHbOxbScFK1buP7Iesf4Kahuw9A5lSAdI1nqza8FPJZjzUrAIB2iTTO6gCRq+kHOP4c1h2t/YOkA218M/M+vnGTOXDhjAKjRd+NevF37sOnMCNh+OIOIVn+j7Hq+ATnAUYmM+T9bGStPwj08/VxCdJ4J48mwiji10qIeD8OapT2n1+zxoJU7xdBQTPoUqPi3aCDaH40scUd1uQNgeBmz4G+lJeY8WmAP6l6VIbUrWSOXIDCWK9sGAWbqbdJcIDZt3zBNFA4k6LhvRv5YOgJ4ReBMH1kL0wPcTvqGm8OJukpJbRYtppwAGWrsvEUTTqDKr/IY5Zj0pc5GGap9LpKniNUT06Fe6iWY6pXN7F+ZAi5YhFcd2RmWx6nz09mHxe9r4WaKBergsj/FoPqiJ2LcmhEB3k00QjkIifxirm1/Was1geLzCJCBtUorWYI+wIdxyVXWHRy4mcX6JKkZrvIapJFgiovWEoMcl0rYX22cWxi9HlEDJNX4sgOjxJHzOFWQ3bywl1Q2lz+2txffDfxEx9xqMuyJV5y3Oijk5NJPte5AS+chumJy1JWpl611wJILd/lLlP8Q0cXohCGxG355Hbnmz0at+MBpgDrcwo76VH81MCAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFKOX1vNeohDhq0WfPBdkPO4BcJzMMA0GCSqGSIb3DQEBCwUAA4ICAQAY+lt1/D56x193x8rfz1/DEsRAXdQyqrhq19UVFUaYI6XmkFsYmUzjrUKjgjE2iM3p+8QElkiLAceNAc9bMwaWRmZ0HU/twba5tA1hzGN+1y53jJYcKiNoa4VXdnAzE/7hT6Yjdxj6GozovWXJzz/0yRfc68e8wAQuLUYvaWbDG4/+7D7TypS/dgolDal7Ahyp0DtfC8CBOj1k4b+nLU69TcTYKcYiGNDFrHICgj+qOqI6Ipcx3Qhjw3UUuWAoLVto4BapZoIjUfXrU9gxm3vpt51L64gWz/ldOIpJMI/t8esZ9HcaMRhNZ1RsL29l+ds97CHsXvT0i8pgZVTRcWT0+aajgTM2M3HwpHhfTq2DId40SY3oWayd8nZaNvIT9K/gCcdhKmz34J2uu4ZKKG8u7rR5zZAzw7N2+vXwbJ0BkPqekPaccs9H2sMf5DUgU/JU0d9hg6YC4iU43oUyLV5zkFJdQsTOPUvh+RmEHdWiUMxB+0EUw73WyVqjY2YCgL0FOjtHnOwAJkz1iFG/qCN/GAewC+2LJqFk02FK61yf3rOvZwOzH91tXWloaateOux8abzHO4VOnhW5tBVPw5V6WNfJbOlsufMpY160LPAtPe1aZeCpW0DCSJmBbZ4fBio8ErSLD5uiJPCmjdZ64Eu2ZJZjlYTCSs0cLiSHM2DlwwAAAAIAE2hvbmdrb25ncG9zdHJvb3RjYTEAAAFwnFfleAAFWC41MDkAAAM0MIIDMDCCAhigAwIBAgICA+gwDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UEBhMCSEsxFjAUBgNVBAoTDUhvbmdrb25nIFBvc3QxIDAeBgNVBAMTF0hvbmdrb25nIFBvc3QgUm9vdCBDQSAxMB4XDTAzMDUxNTA1MTMxNFoXDTIzMDUxNTA0NTIyOVowRzELMAkGA1UEBhMCSEsxFjAUBgNVBAoTDUhvbmdrb25nIFBvc3QxIDAeBgNVBAMTF0hvbmdrb25nIFBvc3QgUm9vdCBDQSAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArP84tulmAknjorThkPlAj3n54r15/gK97iSSHSL22oVyaf7XPwnU3ZG1ApzQjVrhVcNQhrkpJsLj2aDxaQMoIIBFIi1WpztUlVYiWR8o3x8gPW2iNr4joLFutbEnPzlTCeqrauh0ssJlXI6/fMN4hM2eFvz1Lk8gKgifd/PFHsSaUmYeSF7jEAaPIpjhZY4bXSNmO7ilMlHIhqqhqZ5/dpTCpmy3QfDVyAY45tQM4vM7TG1QjMSDJ8EThFk9nnV0ttgCXjqQesBCNnLsak3c78QA3xMYV18meMjWCnl3v/evt3a5pQuEF10Q6m/hq5URX208o1xNg1vysxmKgIsLhwIDAQABoyYwJDASBgNVHRMBAf8ECDAGAQH/AgEDMA4GA1UdDwEB/wQEAwIBxjANBgkqhkiG9w0BAQUFAAOCAQEADkbVPK7ih9legYsCmEEIjEy82tvuJxuC52pF7BaLT4Wg87JwvVqWuspube5Gi27nKi6Wsxkz67SfqLI37piol7Yutmcn1KZJ/RyTZXaeQi/cImyaT/JaFTmxcdcrUehtHJjA2Sr0oYJ71clBoiMBdDhViw+5LmeiIAQ32pwL0xch4I+XeTRvhEgCIDMb5jREn5Fw9IBehEPCKdJsEhTkYY2sEJCehFC78JZvRZ+K88psT/oROhUVRsPNH4NbLUES7VBnQRM9IauUiqpOfMGx+6fWtScvl6tu4B3i0RwsH0Ti/L6RoZz71ilTc4afU9hDDl3WY4JxHYB0yvbiAmvZWgAAAAIAInVzZXJ0cnVzdGVjY2NlcnRpZmljYXRpb25hdXRob3JpdHkAAAFwnFfleAAFWC41MDkAAAKTMIICjzCCAhWgAwIBAgIQXIuZxVqUxdJxVt7NiYDMJjAKBggqhkjOPQQDAzCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAwMjAxMDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQarFRaqfloI+d61SRvU8Za2EurxtW20eZzca7dnNYMYf3boIkDuAUU7FfO7l0/4iGzzvfUinngo4N+LZfQYcTxmdwlkWOrfzCjtHDix6EznPO/LlxTsV+zfTJ/ijTjeXmjQjBAMB0GA1UdDgQWBBQ64QmG1M8ZwpZ2dEl23OA1xmNjmjAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjA2Z6EWCNzklwBBHU6+4WMBzzuqQhFkoJ2UOQIReVx7Hfpkue4WQrO/isIJxOzksU0CMQDpKmFHjFJKS04YcPbWRNZu9YO6bVi9JNlWSOrvxKJGgYhqOkbRqZtNyWHa0V1XahgAAAACABRjeWJlcnRydXN0Z2xvYmFscm9vdAAAAXCcV+V4AAVYLjUwOQAAA6UwggOhMIICiaADAgECAgsEAAAAAAEPhaotSDANBgkqhkiG9w0BAQUFADA7MRgwFgYDVQQKEw9DeWJlcnRydXN0LCBJbmMxHzAdBgNVBAMTFkN5YmVydHJ1c3QgR2xvYmFsIFJvb3QwHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1MDgwMDAwWjA7MRgwFgYDVQQKEw9DeWJlcnRydXN0LCBJbmMxHzAdBgNVBAMTFkN5YmVydHJ1c3QgR2xvYmFsIFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD4yLy9FFBmE//w03nsI/K3GseOhfESc6YZqhDbnKJldFp3PlF9VvbcI7bU7V9YsTdN1UkObvVqh9bSjNInxuL/Np+YZaATTsYqZJvVkBLPFAb0O+PUKL7oDvirTkiUbY6VMRBc7aItvdU6bbIcu2DARksB9UmufkaK0HSNoQwCzu7854+4a2bzf0QAv2YlFCvdEDAdB5Y/TfZruI+3ewylOOveR9vVXTn8iKfz1yp08ehaojufULqmjEU1wlBlldxjgu/dv3dNnGLJY3MW0CkPSalI8LOqt2zFpzA5QF2uxOJdJlPwzhwjCGGolBm6BGJA7B84cHcSBnGnMBhdJSelAgMBAAGjgaUwgaIwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFLYIew16zKwgTIZWMl7Pq26FLXBXMD8GA1UdHwQ4MDYwNKAyoDCGLmh0dHA6Ly93d3cyLnB1YmxpYy10cnVzdC5jb20vY3JsL2N0L2N0cm9vdC5jcmwwHwYDVR0jBBgwFoAUtgh7DXrMrCBMhlYyXs+rboUtcFcwDQYJKoZIhvcNAQEFBQADggEBAFbvCiOgVE6Vl8n4idpFwdSjACX0HxOrt6OFWGnCMK3YFYot48nNgVr4cyNap3wF8/0iOw7RBsTbNkxzBI7lsCLkxfMupdkj47hOSiCnbgIknyJgZ3uLHXIJxTFc6XmfgEc9raELBxQ9R/8DaRoMC0TnYyWnf7LJuHaE7SP2fQerRX7T37O/6Yq2zaiiZytS1bdl8DlMY6CReZNSD1Tdg7uf0Y+nU3PDy/8w7HwEuNhEH5NfcQkit24+6hwDTp0aIGH7gTfsXvwKRavX5xdV0KDqYJum9uOMWynCBmAUnS2XTKmTFZ1hxAFfSNZYvVYxEk4RyCHgsxGRZdu0pog4zlUAAAACAA9nb2RhZGR5Y2xhc3MyY2EAAAFwnFfleAAFWC41MDkAAAQEMIIEADCCAuigAwIBAgIBADANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEhMB8GA1UEChMYVGhlIEdvIERhZGR5IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBEYWRkeSBDbGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA0MDYyOTE3MDYyMFoXDTM0MDYyOTE3MDYyMFowYzELMAkGA1UEBhMCVVMxITAfBgNVBAoTGFRoZSBHbyBEYWRkeSBHcm91cCwgSW5jLjExMC8GA1UECxMoR28gRGFkZHkgQ2xhc3MgMiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASAwDQYJKoZIhvcNAQEBBQADggENADCCAQgCggEBAN6d1+pXGEmhW+vXX0iG6r7d/+TvZxz0ZWizV3GgXne77ZtJ6XCAPVYYYwhv2vLM0D9/AlQiVBDYsoHUwHU9S3/Hd8M+eKsaA7Ugay9qK7HFiH7Eux6wwdhFJ2+qN1j3hybX2C32qRe3H3I2TqYXP2WYktsqbl2i/ojgC95/5Y0V4evLOtXiEqITLdiOr18SPaAIBQi2XKVlOARFmR6jYGB0xUGlcmIbYsUfb18aQr4CUWWoriMYavx4A6lNf4DD+qta/KFApMoZFv6yyO9ecw3ud72a9nmYvLEHZ6IVDd2gWMZEewo+YihfukEHU1jPEX44dMX4/7VpkI+EdOqXG68CAQOjgcAwgb0wHQYDVR0OBBYEFNLEsNKR1EwRcbNhyz2h/t2oatTjMIGNBgNVHSMEgYUwgYKAFNLEsNKR1EwRcbNhyz2h/t2oatTjoWekZTBjMQswCQYDVQQGEwJVUzEhMB8GA1UEChMYVGhlIEdvIERhZGR5IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBEYWRkeSBDbGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBADJL87LKPpH8EsahB4yOd6AzBhRckB4Y9wimPQoZ+YeAEW5p5JYXMP80kWNyOO7MHAGjHZQopDH2esRU1/blMVgDoszOYtuURXO1v0XJJLXVggKtI3lpjbi2Tc7PTMozI+gciKqdi0FuFskg5YmezTvacPd+mSYgFFQlq25zheabIZ0KbIIOqPjCDPoQHmyW74cNxA9hi63ugyuV+I6ShHI56yDqg+2DzZduCLzrTia2cyvk0/ZM/iZx4mERdEr/VxqHD3VILs9RaRegAhJhldXRQLIQTO7ErBBDpqWeCtWVYpoNz4iCxTIM5CufReYNnyicsbkqWletNw+vHX/bvZ8AAAACABptaWNyb3NlY2Utc3ppZ25vcm9vdGNhMjAwOQAAAXCcV+V4AAVYLjUwOQAABA4wggQKMIIC8qADAgECAgkAwn5DBE5HPxkwDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEWMBQGA1UECgwNTWljcm9zZWMgTHRkLjEnMCUGA1UEAwweTWljcm9zZWMgZS1Temlnbm8gUm9vdCBDQSAyMDA5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQGUtc3ppZ25vLmh1MB4XDTA5MDYxNjExMzAxOFoXDTI5MTIzMDExMzAxOFowgYIxCzAJBgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEWMBQGA1UECgwNTWljcm9zZWMgTHRkLjEnMCUGA1UEAwweTWljcm9zZWMgZS1Temlnbm8gUm9vdCBDQSAyMDA5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQGUtc3ppZ25vLmh1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6fiP82Ot2obYp+BC+8+R3qYm+JmlY3Ctm67KM0B9bZZuoQ5E7uETnZRCUpq9dYV0LKgOHZO2GLeMLKjP+1xxudrs/uh+j+QvHbKodYfYt6HlO8+ZSkbQgxl9wKESHJVtSvTYx6VNMy6FOUB1fhR8gBKYUMdBZ7iggGFUpmxOH+CdDgfpyboz5/7AVSgsAoCnGfWe3FVTA5d7B0j/mfs3iiTEWcxQEGOOqqkasIQahvlfu7FQbqTRCszVcX4fpxt89VNuIl/LK+bUfF2u1sLGTOUFAdntV/zBI3n8+sgkg5XztWpRAdB31ukSofkag/uCG7mwl/R2BjNDSaD/C7X6tQIDAQABo4GAMH4wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMsPxt9CQ8w9y7VII6EaeqYquzRoMB8GA1UdIwQYMBaAFMsPxt9CQ8w9y7VII6EaeqYquzRoMBsGA1UdEQQUMBKBEGluZm9AZS1zemlnbm8uaHUwDQYJKoZIhvcNAQELBQADggEBAMnRDl4u1cyzfD7L/D3/DSiVkwTIv9rNebhDkPCkvu/y7yGYvNTUXQb27kLsMGygqqnK8a+K+j8Lc2o+6i5Afh+uVGF56y4IN9cj84yfvh2x4aR126DiVBSxuhwppBj2ErqiFBTjMTXIQP+34AV2V8EcWfL4v+TtJWJchPB+fh+zvvm3IRHMAwFWcKcQkh4bNIEerZwawwQ87QJh1h4G8186h/Ir8UWH5T2s0cdXhL1rrtzY+bYbYnALPTbJQvIy13ph5tLbPc/Iqcmb3NtYRNdvOK9/eNOjrRp1uhzBNnyPHm0cw3VGrjUFpvZcPSHuVvDJgiItelSrcMN9ImWCcJYAAAACADFoZWxsZW5pY2FjYWRlbWljYW5kcmVzZWFyY2hpbnN0aXR1dGlvbnNyb290Y2EyMDE1AAABcJxX5XgABVguNTA5AAAGDzCCBgswggPzoAMCAQICAQAwDQYJKoZIhvcNAQELBQAwgaYxCzAJBgNVBAYTAkdSMQ8wDQYDVQQHEwZBdGhlbnMxRDBCBgNVBAoTO0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ2VydC4gQXV0aG9yaXR5MUAwPgYDVQQDEzdIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIFJvb3RDQSAyMDE1MB4XDTE1MDcwNzEwMTEyMVoXDTQwMDYzMDEwMTEyMVowgaYxCzAJBgNVBAYTAkdSMQ8wDQYDVQQHEwZBdGhlbnMxRDBCBgNVBAoTO0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ2VydC4gQXV0aG9yaXR5MUAwPgYDVQQDEzdIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIFJvb3RDQSAyMDE1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwvipPxuJ/Dw8BF09kDawkTp5PGZa7205AUkatLfPf00jU7eQAOMTKiimMfGRAOMo7K4hQc4f2v19ElsBgw+5sF+Z4fISg4BNBj7frK/noYhrMa/wi9AYM7jbRWo09AKAJCgKAhWVXnYqDZk6FFv2y8tTvBNNAYg3lCUbQrwi2I6jll462TLbPujwEGXtdOEvp3yvJzS7KX2bts8JyOXTCvyIZWV0CtxzHFzNQLEc1LaEjExQz2iOqFmuwidOgqI13RT0H/+yd9WHL6pufSQn58bLJubl/mcHY9hFDd06WWU5WHqSmXI9nIReiCG41fQs/NlwUk94uL08K4uVmPWz0WjPIBR+TFxf54vl9TWBGTfXEQi3Zr7TSs6DVwA6w4H4F8uSNl3Ro9h1G+GLJ+p6SEH9RRkGrSeZTsFwR921n4FTEuWxjEhdMUMX44zGemOWSykwToROYhlePM6XkKV/Aeud4PiLid0lmD2Stn7v2fFRUX0tJshpWWHgrGq4KjYRBHpQvTKEvi/cctXXHRZH5EdmID/0lsWvjgF6pQ96ZPUNGIfZrojV+oTBOsBpKC3yDWhRquOld8akkA6hN4sxI0fBCQjrbvd4m9eC/IQgmUkZthJGsftFVRapo2WsnAcP6mvcHy4GcuyGiBLkLdtfBS/k8APTJjPngMLNQqEXNAsCAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFHEVZ8jIyb11XXLQOBhqnfNxJFQLMA0GCSqGSIb3DQEBCwUAA4ICAQB1u21US6oQWEY08mLXFjZdCF7VbMiHvbQuRvIx+HzqQrWTFlXcoQwSoNphfg9YWHNkcsfoRY7cqfImP8Z5jLFTCDOBsFYTvuZRXNibCk9LnFZTAulP9g1g6k1CVeh8GyEh0xs6zHfyuJDxaMf5Wv76LfS/yfVFG844ECo3inmjtOMJbIWGk/+Jlid4gY9n40Z0VI7ZDWniSvRNdAP/snftlWeX5LHFq79qI+jUlOJEKGLES+Lw2OIpaxpwfiRhk3tPAzIlDUUkK5a0Rmq/Sgv3mo/BrBrFZ/NvNNL6c2OM7xawqKRGKvjrEuxytO/4K36MUsCLhFT5Lz7jVajcZrHZ4V/Ys4xZNFmkq09sux8Y23Wr2MuSzZQ4YQ4HBh9LRhDxFb6NhVw7SiuBeQ+0aZ9JUJdN9w5WXcCVasI2wxtoyfUq3EeavrLOxSXo+gO52vkWbpGE9RwoyPwmzNcckFanX286BLzNeIkLjg8vo6pPohsSPRYIQA/xRkzXqnsIwQr1bSfeAo/Kw7UryunryCFTOKXMO9h3NzCiT9lv0fJArUF6F8XWSjWJt0HVfIZ/VU2DSqVzIMA6r5DxmiSO2Y5xynu4htqyj5k+HRMNEhHu1Kvw6RV2AuTg36ogHlthhWRAqZCXDa1T0lodh2oAl2VitL5vaqf1LELtMq22IZ6+vAAAAAIAMWhlbGxlbmljYWNhZGVtaWNhbmRyZXNlYXJjaGluc3RpdHV0aW9uc3Jvb3RjYTIwMTEAAAFwnFfleAAFWC41MDkAAAQ1MIIEMTCCAxmgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBlTELMAkGA1UEBhMCR1IxRDBCBgNVBAoTO0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ2VydC4gQXV0aG9yaXR5MUAwPgYDVQQDEzdIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIFJvb3RDQSAyMDExMB4XDTExMTIwNjEzNDk1MloXDTMxMTIwMTEzNDk1MlowgZUxCzAJBgNVBAYTAkdSMUQwQgYDVQQKEztIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIENlcnQuIEF1dGhvcml0eTFAMD4GA1UEAxM3SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9ucyBSb290Q0EgMjAxMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKlTAOMupvaO+mDYLZU++CwqVE7NuYRhlFhPjz2L5EPzdYmNUeTDN9KKiE15HrcS3UN4SoqS5tdI1Q+kOilENbgH9mgdVc04UfCMJDGFr4PJfel3r+0ae50X+bOdOFAPplp5kYCvN66m0zH7tSYJnTxa71HFK9+WXesyHgLacEnsbgzImjeN9/E2YEsmLIKe0HjzDQ9jpFEw4fkrJxIH2Oq9GGKYsFk3fb7u8yBRQlqD75O6aRXxYp2fmTmCobd0LovUxQt7L/DICto9eQqakxylKHJzkUOap9FNhYS5qXSPFEDH3N6sQWRstBmbAmNtJGSPRLIl6s5ddAxjMlyNh+UCAwEAAaOBiTCBhjAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQUppFC/RNhSiOeCKQp5dgTBCPuQSUwRwYDVR0eBEAwPqA8MAWCAy5ncjAFggMuZXUwBoIELmVkdTAGggQub3JnMAWBAy5ncjAFgQMuZXUwBoEELmVkdTAGgQQub3JnMA0GCSqGSIb3DQEBBQUAA4IBAQAf73lB4XtuP7KMhjdCSk4cNx6NZrokgclPEg8hwAOXhiVtXdMiKahsog2p6z0GW5k6x8zDmjR/qw7IThzh+uTczQ2+vyT+bOdrwg3IBp5OjWEopmr95fZi6hg8TqBTnbI6nOulnJEWtk2C4AwFSKls9cz4y51JtPACpf1wA+2KIaWuE4ZJwzNzvoc7dIsXRSZMFpGD/md9zU1jZ/rzAxKWeAaNsWftjj++n08C9bMJL/NMh98qy5V8AcysNnq/onN694/BtZqhFLKPM58N7yLcZnuEvUUXBj08yrl3NI/K6s8/MT7jiOOASSXIl7WdmplNsDz4SgCbZN2fOUvRJ9e4AAAAAgAiZ29kYWRkeXJvb3RjZXJ0aWZpY2F0ZWF1dGhvcml0eS1nMgAAAXCcV+V4AAVYLjUwOQAAA8kwggPFMIICraADAgECAgEAMA0GCSqGSIb3DQEBCwUAMIGDMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEaMBgGA1UEChMRR29EYWRkeS5jb20sIEluYy4xMTAvBgNVBAMTKEdvIERhZGR5IFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwHhcNMDkwOTAxMDAwMDAwWhcNMzcxMjMxMjM1OTU5WjCBgzELMAkGA1UEBhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoTEUdvRGFkZHkuY29tLCBJbmMuMTEwLwYDVQQDEyhHbyBEYWRkeSBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3FiCPH6WTT3G8kYo/eASVjpIoMTpsUgQwE7hPHmhUmfJ+r2hBtOoLTbcJjHMgGxBT4HTu70+k8vWTAi56sZVmvigAf88xZ1gDlRe+X5NbZ0TqmNghPktj+pA4P6or6KFWp/3gvDthkUBcrqw6gElDtGfDIN8wBmIsiNaW02jBEYt9OyHGC0OPoCjM7T3UYH3go+6118yHz7sCtTpJJiaVElBWEaRIGMLKlDliPfrDqBmg4pxRyp6V0etp6eMAo5zvGIgPtLXcwy7IViQyU0AlYnAZG0O3AqP26x6JyIAX2f1PnbU21gnb8s51iruF9G/M7EGwM8CetJMVxpRrPgRwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUOpqFBxBnKLbv9r0FQW4gwZTaD94wDQYJKoZIhvcNAQELBQADggEBAJnbXXnV+ZdZZwNh8X47BjF1LaEgjk9lh7T3ppy82Okv0Nta7s90jHO0OELaBXv4AnW4/aWx1672194Ty1MQfopG0Zf6ty4rEauQsCeA+eifWuk3n6vk32yzhRedPdkkT3mRNdZfBOuAg6uaAi21EPTYkMcEc0DtciWgqZ/snqtoEplXxo8SOgmkvUT9BhU3wZvkMqPtOOjYZPMsfhT8Auqfzf8HaBfbIpA4LXqN0VTxaeNfM8p6PXsK48p/Xznl4nW6xXYYM84s8C9Mrfex585PqMSbSlQGxX991QgP4hz+fhe4rF721BayQwkMTfana7SZhGXKeoji4kS+XPfqHPUAAAACABB0cnVzdGlzZnBzcm9vdGNhAAABcJxX5XgABVguNTA5AAADazCCA2cwggJPoAMCAQICEBsfrbYg+STTNmv3x/GMoFkwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCR0IxGDAWBgNVBAoTD1RydXN0aXMgTGltaXRlZDEcMBoGA1UECxMTVHJ1c3RpcyBGUFMgUm9vdCBDQTAeFw0wMzEyMjMxMjE0MDZaFw0yNDAxMjExMTM2NTRaMEUxCzAJBgNVBAYTAkdCMRgwFgYDVQQKEw9UcnVzdGlzIExpbWl0ZWQxHDAaBgNVBAsTE1RydXN0aXMgRlBTIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFUHueOzXQ38SMzY6b7aPANpn0QuqnPoCDD6anWYfJkEVDfgDqhnkqA709N5mJZrflilaGk5xoS2gEjJOTAj4w0jc6ImGJHIVOfY/Vr3s19n4oR4kx3A55ZB+Z0lu6/n9gv63r5zw4KWov5ZELVf/sb1jVLcneTGZxjwzXBNoH5h4Y470pAqj6HOFbuYOoQUi8GnGN52LlLbLr33zP26tayjHxTCLzBRP3gvlzeQy+10scwNEVPJNBZNHmviMXIgCJXh9rpaxup0uM7aNy5q9jTS+F0hQ1mi5OjOoymCiGoZEJQTq04ePy+vDJCqJB3anjA8eIFTsc1BqU159kWRJtAgMBAAGjUzBRMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUuvpxJXmLV0ElIYYLceuyZA6LIWcwHQYDVR0OBBYEFLr6cSV5i1dBJSGGC3HrsmQOiyFnMA0GCSqGSIb3DQEBBQUAA4IBAQB+WP/9NRl9nBhPnrArvI6MFP8soNpHW8PvgS2vBep0SFvzPk4Hx23Fs5PPIjVctj91J18Jls2g/r5ADFwSVfiTgsop6V4/VleLODb3RRpMKM2eQbjtVkyEpEDIuLClK2lwBGrD+NQSMvkOw7HcMoRELG/LRg/qZkEPT/FYpaYNDQ9h3qWeXX1loTwX56hVTu+gx+3GRH9U9aPgj/B8VSKPKbaBo+FtTiwbgGfsrSCfDGJh1Zf/Q+0twdpdKSqFP6xl7oYPBY2QX9/un/S/7h37mOR/kCuEeBAObElT7xVbZUZKXa+6+zpyHc32JYgel8whnCkBDWXrV9nzV5a7SM2BAAAAAgAeZXBraXJvb3RjZXJ0aWZpY2F0aW9uYXV0aG9yaXR5AAABcJxX5XgABVguNTA5AAAFtDCCBbAwggOYoAMCAQICEBXIvWVHXK+4lwBe5AbSvJ0wDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVFcxIzAhBgNVBAoMGkNodW5naHdhIFRlbGVjb20gQ28uLCBMdGQuMSowKAYDVQQLDCFlUEtJIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQxMjIwMDIzMTI3WhcNMzQxMjIwMDIzMTI3WjBeMQswCQYDVQQGEwJUVzEjMCEGA1UECgwaQ2h1bmdod2EgVGVsZWNvbSBDby4sIEx0ZC4xKjAoBgNVBAsMIWVQS0kgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAOElD+6N24gzdWfNrR99Ok5tndMvFPNjdMsBIWo36oRQB0smWwlDbCGeasjVA/VgaY/M8CLkH+f3aiIxtywV8uD+AGpD/4dlxrUawadMbSJwIYox8pd0iQkSJhyeytkSopU82ulnvwigZOPWQrdF75f09vXXtUoVAlh9mFhLYLzN1w2aEzNT0WH5etXXeLOaM/cAhs4dTZQ4r6jseFFwilwQg1Eh9xE9NIZe5UjNl4GCNUwZ7GX2a8UFoe5HE9azISeUEArZJDu6vkQTRjA/lzzY19dq7js44yvUlw65G+cHSX83Kvl3eM9U7VtGnaOADpFDwdZbXxS6n6aNJEdAWb9yOLI2bDf/mdFdDlkKq2n3wLIERXpUAK6+U/a15+H4PKMx0qn+IVJkxaZn8HUHBpQUgVXGJ+QBjxfBanHXvkv7lFh9fhEzsUL3YmwY1s8JaD5/bPYej2KtpWPbCacfIkJBHm+Zij7X+T9AenmwpQGS0p09CBWlEAEtszJ2qJUNs3qa+wcQeBFv4Y/Hug8lGnQq5RyYQZnfIYfolQZqCrNqR3Zl9jrPj2IXGXsKKM0a0oMeIccsv77/YWi3Zxu7eE2Nzmfl5MGOtyNm4p2QdTSYqTYripqUuZ3szIqx+CWJXFq2L4wfbXkkp1Jow4Q14maNYw4lTdUZsuZ5N6cinVQxAgMBAAGjajBoMB0GA1UdDgQWBBQeDPe2Z/LhkiYJRcBVOS53P0JKojAMBgNVHRMEBTADAQH/MDkGBGcqBwAEMTAvMC0CAQAwCQYFKw4DAhoFADAHBgVnKgMAAAQURbDCxwpWfO5beAyV+RhTwaYc2BAwDQYJKoZIhvcNAQEFBQADggIBAAmzg1NZAT6VSbnxgbr5diAjtSdgdNRqmTRebABT2Z/yprEkB0RqKsaljngS6EfZWBsTKl55m58KKmemJT8GaVZzw4pmSPspgVd0Bsqc6ijoOGcmK/HVtT9lk/g2XY6NjUAghxnq7yfAPbQ5DyV7aFB0VZwMWX1aPUGUJVII4EcsFTEZ1b8HVca7ErWX9F+DhbpxwdlsgRF2Cgqwv4KX9+o9+vrsLakolDtW3dJRLq7AvQgVjHdSNJbWm6zTHY5hDzV7m645aQtiYEAgNo+v+zbuLQhKHbi/m1z46qUboHOm2Phu4DMEX2iqJ4ft2cGQnO2942o1r2PfqxjZuubpSupQig9hkx7iLRniMJQ1kl0OtgevGYCPR5BRSy5N3YXi0gpSChea/BqwUALlAaNjNyFMRMSbUZkRDnOcBo9ULqcoXkQ5h1YtN72FRJThDEssnMOShTRhyw+4m0pDUv40On246SncdqnIMPgUcYDGHjZIdCJBXIeC6Bhxi0GJROd+WFuouI0T6adsw0ftsxqdYq6NguqUnt1ZEMOt3eJN4zHVx+zo8rD+kh4WChr82fP4J7bJvh20bGSQf/TkxFvXN65CDt2kGm98iFTFFm7hemgu+Dq/DaQ8iTt4p05jgwQhCGeN8oJJ0Fv9sc0Pg4TUPiCF90o9K5z9KgoJTeqB+BGcAAAAAgAkc3RhcmZpZWxkcm9vdGNlcnRpZmljYXRlYXV0aG9yaXR5LWcyAAABcJxX5XgABVguNTA5AAAD4TCCA90wggLFoAMCAQICAQAwDQYJKoZIhvcNAQELBQAwgY8xCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFyZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTIwMAYDVQQDEylTdGFyZmllbGQgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjAeFw0wOTA5MDEwMDAwMDBaFw0zNzEyMzEyMzU5NTlaMIGPMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTElMCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UEAxMpU3RhcmZpZWxkIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC97cED/PaP/AKxb1ufSNmdeeKitwNhVhjDR7bXyj01LolD96Fpm96KGv0TIJy0SXcyKVb9ueyM3SL6ctwnYZfu9lqE7G4ZuYks3IRb1XT7a1/FiaUQUolGVfS4dRzmf+RUrkv4VXJXAhn4F3FZ6x4oB3TFnUi+bLT0pLDzZDd5ksDsRl5/4W1TTGKvzR8LY7s6nfv8eQCYYXTPJoJAY/OycmoZDZnK1A51zDf7i4nBWfFif1+zX2Uw+Ke3TXZaHnZeNMDollaZirPwf6TNvdwyMXyRz+BfEfhrqklc0ZmU0aLjY1sJdrVWYuFLdB2W1CbUCARZ0JgODube/MPsH5DxAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBR8DDIfp9kwf8R9aKNiqKHOqwdbJzANBgkqhkiG9w0BAQsFAAOCAQEAEVn6JU8Db5SZO5ofgoU51HYFlF7hKJNtYl0JwqCo1LB1OPE0ap3kn4qGJlHmLNHGLW6VIEqSAey4imd7MeJnLoyVAyYuQ51KMfYOtQy7t+I3fyK6AKMOe1L7a7s7xNN5UU7NkPRnBxnIPEZ6DQF9xVjnbeaFMBeaJMQQ4AT34PJ/1KoK/0IdN+2U5WRZEiB3ONMyPjiBdZZz+miPscvOH8Xs+px+z36x8Qcttvy/yqS/0JcFSrzqGCgCkL1UeAkhcdPRfR3ZFrCpYT3QCgAi/Md7ywlkRQs7QIH3fXwy9ZjKWI59Ku6QWXNk+TZ0XiWh9WYFLn85Fakq+1CLjoVp9AAAAAIAKHNzbC5jb21ldnJvb3RjZXJ0aWZpY2F0aW9uYXV0aG9yaXR5cnNhcjIAAAFwnFfleAAFWC41MDkAAAXvMIIF6zCCA9OgAwIBAgIIVrYpzTS8ePYwDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4GA1UEBwwHSG91c3RvbjEYMBYGA1UECgwPU1NMIENvcnBvcmF0aW9uMTcwNQYDVQQDDC5TU0wuY29tIEVWIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIyMB4XDTE3MDUzMTE4MTQzN1oXDTQyMDUzMDE4MTQzN1owgYIxCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4GA1UEBwwHSG91c3RvbjEYMBYGA1UECgwPU1NMIENvcnBvcmF0aW9uMTcwNQYDVQQDDC5TU0wuY29tIEVWIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAjzZlQOHWTcDXtOlG2mvqM0fNTPl9fb69LT3w23jhhqXZuglXaO1XPqDQCEGD5yhBJB/jchXQARr7XnAjssufOePPxU7Gkm0mxnu7s9onnQqG6YE3Bf7wcXHswxzpY6IXFJ3vG2fThVUCAtZJycxa4bH3bzKfydQ7iEGonL3Lq9ttewkfokxykNorCPzPPFTOZw+oz12WGQvE43LrrdF9HSfvkusQv1vrO6/PgN3B0pYEW3p+pKk8OHakYo6gOV7qd89dAFmPZiw+B6KjBSYRaZfqhbcPlgtLyEDhULouisv3D5oi53+aNxPN8k0TayHRwMwi8qFG9kRpnMphNQcAb9ZhCBHqurj26bNg5U257J8UZslXWNvNh2n4ioYSA0e/ZhN2rHd9NCSFg83XqpyQGp8hLH94t2S42Oim9HizVcuE0jLEeK6jj2HdzghTreyI/BXkmg3mnxp3zkyPuBQVPWKchjgGAGYS5Fl2WlPAApiiECtoRHuOec4zSnaqW4EWG7WK2NAAe15itAnWhmMOpgWVSbooi4iTsjQc2KRVbrcc0N6ZVTsj9CLg+SlmJuwgUHfbSguPvuUCYHBBXtSuUDkiFCbLsjtzdFVHB3mBOagwE0TlBIqulhMlQg+5U8Sb/M3kHN48+qvWBkofZ6aYMBzdLNvcGJVXZsb/XItW9XcCAwEAAaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBT5YLvU49U09rj1BoAlp3PbRmmonjAdBgNVHQ4EFgQU+WC71OPVNPa49QaAJadz20ZpqJ4wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQBWs47LCp1Jjr+kxJG7ZhcFUZh1++VQLHqe8RT6q9OKPv+RKY9ji9i0qVQBDb6Thi/5Sm3HXvVX+cpVHBK+Rw82xd9qt9t1wkclf7nxY/hoLVUE0fKNsKTPvDxeH3jnpaAgcLAExbf3cqfeIg29MyVGjGSSJuM+LmOW2puMPfgYCdcDzH2GguDKBAdRUNf/ktUM79qGn5nX67evaOI5JpS6aLe/g9Pqemc9YmeuJeVy6OLk7K4S9ksrPJ/psEDzOFSz/bdoyNrGj1E8svuR3Bznm53htw1yj+KkxKl4+esUrMZDBcJlOSgYAsOCsp0FvmXtll9ldDz7CTUue5wT/RsPXcdtgTpWD8w74a8CLyKsRspGPKAcTNZEtF4uXBVmCeEmKf7GUmG6sXP/wwyc5WxqlD8UykAWlYTzWamsX0xhk23RO8yilQwipmdnRC652dKKQbNmC1r7fSOl8hqw/96bg5Qu0T/fkreRrwU7ZcegbLHNYhLDkBvjJc40vG93drEQw/cFGsDWr3RiSBd3kmmQYRzelYB0VI8YHMPzA9C/pEN1hlMYegouCRw2n5H9gooiS9EOUCXdywMMF8mDAAhONU2Ki+3wApRmLER/y5UnlhetCTCstnEXbosX9hwJ1C07mKVx01QT2WDz9UtmT/rx7iASjbSsV7FFY6GsdqnC+5VNXaEQL+lBqbNuYzF1od8slVuv -kind: ConfigMap -metadata: - name: sapor-certs -{{- end -}} -{{- end -}} diff --git a/charts/oes/templates/deployments/oes-sapor-deployment.yaml b/charts/oes/templates/deployments/oes-sapor-deployment.yaml index 19cbb0db..4374c9d3 100644 --- a/charts/oes/templates/deployments/oes-sapor-deployment.yaml +++ b/charts/oes/templates/deployments/oes-sapor-deployment.yaml @@ -104,11 +104,6 @@ spec: path: bootstrap.yml name: bootstrap name: bootstrap-config-volume - {{- if .Values.sapor.config.caCerts.override }} - - name: certs-volume - configMap: - name: sapor-certs - {{- end -}} {{- if .Values.sapor.config.spinnaker.x509.enabled }} - name: certs-x509-volume configMap: From 420cf2edf446afaad2920199aae0a7b457276aa8 Mon Sep 17 00:00:00 2001 From: ksrinimba Date: Sat, 14 Aug 2021 16:43:35 +0530 Subject: [PATCH 04/29] Moved bootstrap from CM to secret --- .../templates/deployments/oes-autopilot-deployment.yaml | 5 ++--- .../templates/deployments/oes-dashboard-deployment.yaml | 5 ++--- charts/oes/templates/deployments/oes-gate-deployment.yaml | 5 ++--- .../templates/deployments/oes-platform-deployment.yaml | 5 ++--- .../oes/templates/deployments/oes-sapor-deployment.yaml | 8 +++++--- .../templates/deployments/oes-visibility-deployment.yaml | 5 ++--- .../templates/{configmaps => secrets}/bootstrap-cm.yaml | 4 ++-- 7 files changed, 17 insertions(+), 20 deletions(-) rename charts/oes/templates/{configmaps => secrets}/bootstrap-cm.yaml (95%) diff --git a/charts/oes/templates/deployments/oes-autopilot-deployment.yaml b/charts/oes/templates/deployments/oes-autopilot-deployment.yaml index ea0af9ab..afbf465d 100644 --- a/charts/oes/templates/deployments/oes-autopilot-deployment.yaml +++ b/charts/oes/templates/deployments/oes-autopilot-deployment.yaml @@ -29,12 +29,11 @@ spec: - name: autopilot-config-volume configMap: name: oes-autopilot-config - - configMap: - defaultMode: 420 + - secret: items: - key: bootstrap.yml path: bootstrap.yml - name: bootstrap + secretName: bootstrap name: bootstrap-config-volume {{- if .Values.global.customCerts.enabled }} - name: cacerts diff --git a/charts/oes/templates/deployments/oes-dashboard-deployment.yaml b/charts/oes/templates/deployments/oes-dashboard-deployment.yaml index f64ffbb1..3616ae1b 100644 --- a/charts/oes/templates/deployments/oes-dashboard-deployment.yaml +++ b/charts/oes/templates/deployments/oes-dashboard-deployment.yaml @@ -72,11 +72,10 @@ spec: - name: dashboard-config configMap: name: oes-dashboard-config - - configMap: - defaultMode: 420 + - secret: items: - key: bootstrap.yml path: bootstrap.yml - name: bootstrap + secretName: bootstrap name: bootstrap-config-volume {{- end -}} diff --git a/charts/oes/templates/deployments/oes-gate-deployment.yaml b/charts/oes/templates/deployments/oes-gate-deployment.yaml index 5cf3d449..af12a3a6 100644 --- a/charts/oes/templates/deployments/oes-gate-deployment.yaml +++ b/charts/oes/templates/deployments/oes-gate-deployment.yaml @@ -114,11 +114,10 @@ spec: configMap: name: oes-gate-config {{- end }} - - configMap: - defaultMode: 420 + - secret: items: - key: bootstrap.yml path: bootstrap.yml - name: bootstrap + secretName: bootstrap name: bootstrap-volume {{- end -}} diff --git a/charts/oes/templates/deployments/oes-platform-deployment.yaml b/charts/oes/templates/deployments/oes-platform-deployment.yaml index 949ea4b4..fd24d7ce 100644 --- a/charts/oes/templates/deployments/oes-platform-deployment.yaml +++ b/charts/oes/templates/deployments/oes-platform-deployment.yaml @@ -79,11 +79,10 @@ spec: - name: platform-config-volume configMap: name: oes-platform-config - - configMap: - defaultMode: 420 + - secret: items: - key: bootstrap.yml path: bootstrap.yml - name: bootstrap + secretName: bootstrap name: bootstrap-config-volume {{- end -}} diff --git a/charts/oes/templates/deployments/oes-sapor-deployment.yaml b/charts/oes/templates/deployments/oes-sapor-deployment.yaml index 4374c9d3..cb03ff3f 100644 --- a/charts/oes/templates/deployments/oes-sapor-deployment.yaml +++ b/charts/oes/templates/deployments/oes-sapor-deployment.yaml @@ -85,6 +85,9 @@ spec: - secret: secretName: oes-control-secret name: certs-volume + - secret: + secretName: ca-secret + name: ca-certs-volume {{- end }} {{- if .Values.global.customCerts.enabled }} - name: cacerts @@ -97,12 +100,11 @@ spec: - configMap: name: oes-sapor-config name: sapor-config-volume - - configMap: - defaultMode: 420 + - secret: items: - key: bootstrap.yml path: bootstrap.yml - name: bootstrap + secretName: bootstrap name: bootstrap-config-volume {{- if .Values.sapor.config.spinnaker.x509.enabled }} - name: certs-x509-volume diff --git a/charts/oes/templates/deployments/oes-visibility-deployment.yaml b/charts/oes/templates/deployments/oes-visibility-deployment.yaml index ab657308..7086a934 100644 --- a/charts/oes/templates/deployments/oes-visibility-deployment.yaml +++ b/charts/oes/templates/deployments/oes-visibility-deployment.yaml @@ -78,11 +78,10 @@ spec: - name: visibility-config configMap: name: oes-visibility-config - - configMap: - defaultMode: 420 + - secret: items: - key: bootstrap.yml path: bootstrap.yml - name: bootstrap + secretName: bootstrap name: bootstrap-config-volume {{- end -}} diff --git a/charts/oes/templates/configmaps/bootstrap-cm.yaml b/charts/oes/templates/secrets/bootstrap-cm.yaml similarity index 95% rename from charts/oes/templates/configmaps/bootstrap-cm.yaml rename to charts/oes/templates/secrets/bootstrap-cm.yaml index e70daf91..7c1ab77d 100644 --- a/charts/oes/templates/configmaps/bootstrap-cm.yaml +++ b/charts/oes/templates/secrets/bootstrap-cm.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -data: +stringData: bootstrap.yml: |- spring: cloud: @@ -20,6 +20,6 @@ data: jasypt: encryptor: password: {{ .Values.sapor.config.encrypt.key }} -kind: ConfigMap +kind: Secret metadata: name: bootstrap From a666d0a523265d0136dcad0abf263b992adf239d Mon Sep 17 00:00:00 2001 From: ksrinimba Date: Mon, 16 Aug 2021 12:25:19 +0530 Subject: [PATCH 05/29] Update halyard for cacerts, oes-ui for nginx-conf --- .../templates/statefulsets/halyard.yaml | 16 +++--- charts/oes/config/oes-ui/nginx.conf | 53 +++++++++++++++++++ .../configmaps/oes-ui-nginxconf.yaml | 13 +++++ .../deployments/oes-ui-deployment.yaml | 7 +++ 4 files changed, 81 insertions(+), 8 deletions(-) create mode 100644 charts/oes/config/oes-ui/nginx.conf create mode 100644 charts/oes/templates/configmaps/oes-ui-nginxconf.yaml diff --git a/charts/oes/charts/spinnaker/templates/statefulsets/halyard.yaml b/charts/oes/charts/spinnaker/templates/statefulsets/halyard.yaml index 200d744d..7f9c7c22 100755 --- a/charts/oes/charts/spinnaker/templates/statefulsets/halyard.yaml +++ b/charts/oes/charts/spinnaker/templates/statefulsets/halyard.yaml @@ -126,8 +126,8 @@ spec: {{- end }} - name: halyard-initscript mountPath: /tmp/initscript - {{- if .Values.halyard.customCerts.enabled }} - - mountPath: /etc/ssl/certs/java/cacerts + {{- if .Values.global.customCerts.enabled }} + - mountPath: /etc/pki/ca-trust/extracted/java/cacerts subPath: cacerts name: cacerts {{- end }} @@ -182,8 +182,8 @@ spec: {{- end }} - name: halyard-initscript mountPath: /tmp/initscript - {{- if .Values.halyard.customCerts.enabled }} - - mountPath: /etc/ssl/certs/java/cacerts + {{- if .Values.global.customCerts.enabled }} + - mountPath: /etc/pki/ca-trust/extracted/java/cacerts subPath: cacerts name: cacerts {{- end }} @@ -279,10 +279,10 @@ spec: - name: halyard-initscript configMap: name: {{ template "spinnaker.fullname" . }}-halyard-init-script - {{- if .Values.halyard.customCerts.enabled }} + {{- if .Values.global.customCerts.enabled }} - name: cacerts secret: - secretName: {{ .Values.halyard.customCerts.secretName }} + secretName: {{ .Values.global.customCerts.secretName }} items: - key: cacerts path: cacerts @@ -336,8 +336,8 @@ spec: mountPath: /opt/halyard/config - name: reg-secrets mountPath: /opt/registry/passwords - {{- if .Values.halyard.customCerts.enabled }} - - mountPath: /etc/ssl/certs/java/cacerts + {{- if .Values.global.customCerts.enabled }} + - mountPath: /etc/pki/ca-trust/extracted/java/cacerts subPath: cacerts name: cacerts {{- end }} diff --git a/charts/oes/config/oes-ui/nginx.conf b/charts/oes/config/oes-ui/nginx.conf new file mode 100644 index 00000000..f9cf810c --- /dev/null +++ b/charts/oes/config/oes-ui/nginx.conf @@ -0,0 +1,53 @@ +# For more information on configuration, see: +# * Official English Documentation: http://nginx.org/en/docs/ +# * Official Russian Documentation: http://nginx.org/ru/docs/ + +user nginx; +worker_processes auto; +error_log /var/log/nginx/error.log; +pid /tmp/nginx.pid; + +# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic. +include /usr/share/nginx/modules/*.conf; + +events { + worker_connections 1024; +} + +http { + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /var/log/nginx/access.log main; + + sendfile on; + tcp_nopush on; + tcp_nodelay on; + keepalive_timeout 65; + types_hash_max_size 2048; + + include /etc/nginx/mime.types; + default_type application/octet-stream; + + # Load modular configuration files from the /etc/nginx/conf.d directory. + # See http://nginx.org/en/docs/ngx_core_module.html#include + # for more information. + include /etc/nginx/conf.d/*.conf; + + server { + listen 8080 default_server; + #listen [::]:8080 default_server; + server_name _; + root /var/www/html; + + # Load configuration files for the default server block. + include /etc/nginx/default.d/*.conf; + + location / { + # First attempt to serve request as file, then + # as directory, then fall back to displaying a 404. + try_files $uri $uri/ /index.html; + } + } +} diff --git a/charts/oes/templates/configmaps/oes-ui-nginxconf.yaml b/charts/oes/templates/configmaps/oes-ui-nginxconf.yaml new file mode 100644 index 00000000..9a5f8069 --- /dev/null +++ b/charts/oes/templates/configmaps/oes-ui-nginxconf.yaml @@ -0,0 +1,13 @@ +{{ if or (eq .Values.installationMode "OES-AP") (eq .Values.installationMode "AP") (eq .Values.installationMode "OES") }} +apiVersion: v1 +data: +{{ (tpl (.Files.Glob "config/oes-ui/nginx.conf").AsConfig . ) | indent 2 }} + +kind: ConfigMap +metadata: + name: oes-ui-nginxconf + labels: + app: oes + component: ui +{{ include "oes.standard-labels" . | indent 4 }} +{{ end }} diff --git a/charts/oes/templates/deployments/oes-ui-deployment.yaml b/charts/oes/templates/deployments/oes-ui-deployment.yaml index 691c0f3d..e784f500 100644 --- a/charts/oes/templates/deployments/oes-ui-deployment.yaml +++ b/charts/oes/templates/deployments/oes-ui-deployment.yaml @@ -48,6 +48,9 @@ spec: volumeMounts: - name: config-dir mountPath: /var/www/html/assets/config + - mountPath: /etc/nginx/nginx.conf + name: nginx-config + subPath: nginx.conf readinessProbe: tcpSocket: port: 8080 @@ -75,4 +78,8 @@ spec: name: oes-ui-config name: config-dir {{- end }} + - configMap: + defaultMode: 420 + name: oes-ui-nginxconf + name: nginx-config {{- end -}} From ad891e48476608d96db45aae5aa8aa3a7a3f9d23 Mon Sep 17 00:00:00 2001 From: ksrinimba Date: Mon, 16 Aug 2021 12:28:49 +0530 Subject: [PATCH 06/29] Bump-up chart-version, nab changes --- charts/oes/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/oes/Chart.yaml b/charts/oes/Chart.yaml index ecb52313..23d374c6 100644 --- a/charts/oes/Chart.yaml +++ b/charts/oes/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: oes -version: 3.9.1 +version: 3.9.2 appVersion: 3.9.0 description: OES is a non-forked version of OSS spinnaker icon: https://raw.githubusercontent.com/OpsMx/enterprise-spinnaker/master/img/opsmx.png From 79f280b5eb3a6c0ba5b4510be2d8221c07a8a7ef Mon Sep 17 00:00:00 2001 From: ksrinimba Date: Mon, 16 Aug 2021 12:29:42 +0530 Subject: [PATCH 07/29] reversed the number for testing --- charts/oes/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/oes/Chart.yaml b/charts/oes/Chart.yaml index 23d374c6..ecb52313 100644 --- a/charts/oes/Chart.yaml +++ b/charts/oes/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: oes -version: 3.9.2 +version: 3.9.1 appVersion: 3.9.0 description: OES is a non-forked version of OSS spinnaker icon: https://raw.githubusercontent.com/OpsMx/enterprise-spinnaker/master/img/opsmx.png From 00e74a51543f92bbc4ff6fcf8699393e1ba1131b Mon Sep 17 00:00:00 2001 From: ksrinimba Date: Wed, 18 Aug 2021 08:28:31 +0530 Subject: [PATCH 08/29] Parameterized image registry --- charts/oes/charts/openldap/templates/deployment.yaml | 6 +++--- .../charts/spinnaker/templates/hooks/install-using-hal.yaml | 2 +- .../charts/spinnaker/templates/statefulsets/halyard.yaml | 6 +++--- .../oes/templates/deployments/oes-autopilot-deployment.yaml | 2 +- .../oes/templates/deployments/oes-platform-deployment.yaml | 2 +- charts/oes/templates/deployments/oes-sapor-deployment.yaml | 2 +- .../templates/deployments/oes-visibility-deployment.yaml | 2 +- .../oes/templates/forwarder/create-controller-secret.yaml | 2 +- charts/oes/templates/hooks/oes-config-job.yaml | 2 +- 9 files changed, 13 insertions(+), 13 deletions(-) diff --git a/charts/oes/charts/openldap/templates/deployment.yaml b/charts/oes/charts/openldap/templates/deployment.yaml index a5847f19..5578295a 100644 --- a/charts/oes/charts/openldap/templates/deployment.yaml +++ b/charts/oes/charts/openldap/templates/deployment.yaml @@ -39,7 +39,7 @@ spec: {{- end }} {{- if .Values.customLdifFiles }} - name: {{ .Chart.Name }}-init-ldif - image: busybox + image: {{ .Values.global.customImages.dockerRegistry }}/busybox:1.28 command: ['sh', '-c', 'cp /customldif/* /ldifworkingdir'] imagePullPolicy: {{ .Values.image.pullPolicy }} volumeMounts: @@ -52,7 +52,7 @@ spec: {{- end }} {{- if .Values.tls.enabled }} - name: {{ .Chart.Name }}-init-tls - image: busybox + image: {{ .Values.global.customImages.dockerRegistry }}/busybox:1.28 command: ['sh', '-c', 'cp /tls/* /certs'] imagePullPolicy: {{ .Values.image.pullPolicy }} volumeMounts: @@ -64,7 +64,7 @@ spec: {{ toYaml .Values.initResources | indent 10 }} {{- if .Values.tls.CA.enabled }} - name: {{ .Chart.Name }}-init-catls - image: busybox + image: {{ .Values.global.customImages.dockerRegistry }}/busybox:1.28 command: ['sh', '-c', 'cp /catls/ca.crt /certs'] volumeMounts: - name: catls diff --git a/charts/oes/charts/spinnaker/templates/hooks/install-using-hal.yaml b/charts/oes/charts/spinnaker/templates/hooks/install-using-hal.yaml index 2797f116..e5c9d26c 100755 --- a/charts/oes/charts/spinnaker/templates/hooks/install-using-hal.yaml +++ b/charts/oes/charts/spinnaker/templates/hooks/install-using-hal.yaml @@ -154,7 +154,7 @@ spec: - bash - /tmp/config/spin-pipeline-import.sh name: sample-pipeline-install - image: quay.io/opsmxpublic/spin-sample-pipeline:1.0 + image: {{ .Values.global.customImages.registry }}/spin-sample-pipeline:1.0 volumeMounts: - name: spin-pipeline-config mountPath: /tmp/config/git diff --git a/charts/oes/charts/spinnaker/templates/statefulsets/halyard.yaml b/charts/oes/charts/spinnaker/templates/statefulsets/halyard.yaml index 7f9c7c22..620ac893 100755 --- a/charts/oes/charts/spinnaker/templates/statefulsets/halyard.yaml +++ b/charts/oes/charts/spinnaker/templates/statefulsets/halyard.yaml @@ -40,7 +40,7 @@ spec: initContainers: - name: "create-halyard-local" {{- if .Values.gitopsHalyard.enabled }} - image: quay.io/opsmxpublic/awsgit:v2 + image: {{ .Values.global.customImages.registry }}/awsgit:v2 {{- else }} image: {{ .Values.halyard.image.repository }}:{{ .Values.halyard.image.tag }} {{- end }} @@ -140,7 +140,7 @@ spec: command: - sh - /tmp/akv2k8s/run.sh - image: quay.io/opsmxpublic/k8s-decoder:hal + image: {{ .Values.global.customImages.registry }}/k8s-decoder:hal imagePullPolicy: IfNotPresent resources: {} volumeMounts: @@ -160,7 +160,7 @@ spec: fieldRef: apiVersion: v1 fieldPath: status.hostIP - image: bitnami/kubectl:1.18.5 + image: {{ .Values.global.customImages.bitnamiRegistry }}/kubectl:1.18.5 imagePullPolicy: IfNotPresent resources: {} volumeMounts: diff --git a/charts/oes/templates/deployments/oes-autopilot-deployment.yaml b/charts/oes/templates/deployments/oes-autopilot-deployment.yaml index afbf465d..32495da5 100644 --- a/charts/oes/templates/deployments/oes-autopilot-deployment.yaml +++ b/charts/oes/templates/deployments/oes-autopilot-deployment.yaml @@ -48,7 +48,7 @@ spec: {{- if (eq .Values.db.enabled true) }} initContainers: - name: db-check - image: postgres:9.6.5 + image: {{ .Values.global.customImages.dockerRegistry }}/postgres:9.6.5 command: ['/bin/bash', '-c', "sleep 30;echo Waiting for oes-db to be up and running; pg_isready -h oes-db -p 5432 && echo PostgreSQL DB is ready to receive connections"] {{- end }} containers: diff --git a/charts/oes/templates/deployments/oes-platform-deployment.yaml b/charts/oes/templates/deployments/oes-platform-deployment.yaml index fd24d7ce..e60548a3 100644 --- a/charts/oes/templates/deployments/oes-platform-deployment.yaml +++ b/charts/oes/templates/deployments/oes-platform-deployment.yaml @@ -30,7 +30,7 @@ spec: {{- if .Values.db.enabled }} initContainers: - name: db-check - image: postgres:9.6.5 + image: {{ .Values.global.customImages.dockerRegistry }}/postgres:9.6.5 command: ['/bin/bash', '-c', "sleep 30;echo Waiting for oes-db to be up and running; pg_isready -h oes-db -p 5432 && echo PostgreSQL DB is ready to receive connections"] {{- end }} containers: diff --git a/charts/oes/templates/deployments/oes-sapor-deployment.yaml b/charts/oes/templates/deployments/oes-sapor-deployment.yaml index cb03ff3f..90e74030 100644 --- a/charts/oes/templates/deployments/oes-sapor-deployment.yaml +++ b/charts/oes/templates/deployments/oes-sapor-deployment.yaml @@ -28,7 +28,7 @@ spec: {{- if (eq .Values.db.enabled true) }} initContainers: - name: db-check - image: postgres:9.6.5 + image: {{ .Values.global.customImages.dockerRegistry }}/postgres:9.6.5 command: ['/bin/bash', '-c', "sleep 30;echo Waiting for oes-db to be up and running; pg_isready -h oes-db -p 5432 && echo PostgreSQL DB is ready to receive connections"] {{- end }} containers: diff --git a/charts/oes/templates/deployments/oes-visibility-deployment.yaml b/charts/oes/templates/deployments/oes-visibility-deployment.yaml index 7086a934..7c12945e 100644 --- a/charts/oes/templates/deployments/oes-visibility-deployment.yaml +++ b/charts/oes/templates/deployments/oes-visibility-deployment.yaml @@ -29,7 +29,7 @@ spec: {{- if (eq .Values.db.enabled true) }} initContainers: - name: db-check - image: postgres:9.6.5 + image: {{ .Values.global.customImages.dockerRegistry }}/postgres:9.6.5 command: ['/bin/bash', '-c', "sleep 30;echo Waiting for oes-db to be up and running; pg_isready -h oes-db -p 5432 && echo PostgreSQL DB is ready to receive connections"] {{- end }} containers: diff --git a/charts/oes/templates/forwarder/create-controller-secret.yaml b/charts/oes/templates/forwarder/create-controller-secret.yaml index a3f5e25e..aeda1ce8 100644 --- a/charts/oes/templates/forwarder/create-controller-secret.yaml +++ b/charts/oes/templates/forwarder/create-controller-secret.yaml @@ -36,7 +36,7 @@ spec: spec: containers: - name: create-secret-container - image: quay.io/opsmxpublic/create-secret:v10 + image: {{ .Values.global.customImages.registry }}/create-secret:v10 env: - name: NAMESPACE valueFrom: diff --git a/charts/oes/templates/hooks/oes-config-job.yaml b/charts/oes/templates/hooks/oes-config-job.yaml index c7423a5a..0ce9e83d 100644 --- a/charts/oes/templates/hooks/oes-config-job.yaml +++ b/charts/oes/templates/hooks/oes-config-job.yaml @@ -22,7 +22,7 @@ spec: containers: - command: ["bash", "/tmp/config/datasource-api.sh" ] name: datasource-creation-api - image: quay.io/opsmxpublic/oes-pre-configure:v2 + image: {{ .Values.global.customImages.registry }}/oes-pre-configure:v2 volumeMounts: - mountPath: /tmp/config name: datasource-creation From 89ba689788a09648e0a7f352858c87f0c9897f30 Mon Sep 17 00:00:00 2001 From: ksrinimba Date: Wed, 18 Aug 2021 14:48:52 +0530 Subject: [PATCH 09/29] added logging to platform and gate --- charts/oes/config/oes-gate/gate.yml | 11 ++++++----- charts/oes/config/oes-platform/platform-local.yml | 7 +++++++ 2 files changed, 13 insertions(+), 5 deletions(-) diff --git a/charts/oes/config/oes-gate/gate.yml b/charts/oes/config/oes-gate/gate.yml index fbecccd0..9ea7b3a5 100644 --- a/charts/oes/config/oes-gate/gate.yml +++ b/charts/oes/config/oes-gate/gate.yml @@ -145,11 +145,6 @@ file: authn: mode: session google: {} -logging: - level: - com.netflix.spinnaker.gate.security: INFO - org.springframework.security: INFO - org.springframework.web: INFO redis: connection: {{ tpl .Values.redis.url . }} server: @@ -160,3 +155,9 @@ server: remoteIpHeader: X-Forwarded-For internalProxies: .* +logging: + level: + com.netflix.spinnaker.gate.security: DEBUG + org.springframework.security: DEBUG + org.springframework.web: DEBUG + diff --git a/charts/oes/config/oes-platform/platform-local.yml b/charts/oes/config/oes-platform/platform-local.yml index f7b5a123..d6514614 100644 --- a/charts/oes/config/oes-platform/platform-local.yml +++ b/charts/oes/config/oes-platform/platform-local.yml @@ -55,3 +55,10 @@ oes: {{- else }} apiUrl: {{ .Values.oesGate.protocol }}://{{ .Values.oesGate.host }}/autopilot/api/v3/registerCanary {{- end }} + +logging: + level: + com.opsmx.platformservice: DEBUG + org.springframework.security: DEBUG + org.springframework.web: DEBUG + From 0c340117cd9beb3eaa034e78b185a004a3cbb73e Mon Sep 17 00:00:00 2001 From: ksrinimba Date: Wed, 18 Aug 2021 18:38:42 +0530 Subject: [PATCH 10/29] Added git-http-verify false --- .../spinnaker/templates/configmap/halyard-init-script.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/oes/charts/spinnaker/templates/configmap/halyard-init-script.yaml b/charts/oes/charts/spinnaker/templates/configmap/halyard-init-script.yaml index 971507aa..942665f6 100755 --- a/charts/oes/charts/spinnaker/templates/configmap/halyard-init-script.yaml +++ b/charts/oes/charts/spinnaker/templates/configmap/halyard-init-script.yaml @@ -50,7 +50,7 @@ data: {{- if or (eq .Values.gitopsHalyard.repo.type "git") (eq .Values.gitopsHalyard.repo.type "stash") }} #!/bin/bash -x rm -rf /tmp/spinnaker/.hal - git clone $GIT_CLONE_PARAM /tmp/spinnaker/test + git -c http.sslVerify=false clone $GIT_CLONE_PARAM /tmp/spinnaker/test cp -pr /tmp/spinnaker/test/{{ .Values.gitopsHalyard.repo.halConfigPath }} /tmp/spinnaker/.hal if [ -d "/tmp/spinnaker/test/pipeline-promotion/" ] then From 1875653b4a3c5dc9bda74c0ff53b90eb92203c7e Mon Sep 17 00:00:00 2001 From: ksrinimba Date: Fri, 20 Aug 2021 16:25:57 +0530 Subject: [PATCH 11/29] Make git clone ignore ssl error --- .../spinnaker/templates/configmap/spin-pipeline-import.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/oes/charts/spinnaker/templates/configmap/spin-pipeline-import.yaml b/charts/oes/charts/spinnaker/templates/configmap/spin-pipeline-import.yaml index 032fd5ea..85857cbe 100644 --- a/charts/oes/charts/spinnaker/templates/configmap/spin-pipeline-import.yaml +++ b/charts/oes/charts/spinnaker/templates/configmap/spin-pipeline-import.yaml @@ -35,7 +35,7 @@ data: then echo \"Spinnaker is Installed and ready\" mkdir -p /tmp/config/git/ - git clone https://github.com/OpsMx/sample-pipelines.git /tmp/config/git/ + git -c http.sslVerify=false clone https://github.com/OpsMx/sample-pipelines.git /tmp/config/git/ cd /tmp/config/git cp -p /tmp/config/spin/config . sed 's/$/ --config config/' create-app.sh >create-app1.sh @@ -45,7 +45,7 @@ data: then echo \"Spinnaker and OES is Installed and ready\" mkdir -p /tmp/config/git/ - git clone https://github.com/OpsMx/sample-pipelines.git /tmp/config/git/ + git -c http.sslVerify=false clone https://github.com/OpsMx/sample-pipelines.git /tmp/config/git/ cd /tmp/config/git cp -p /tmp/config/spin/config . sed 's/$/ --config config/' create-app.sh >create-app1.sh @@ -58,7 +58,7 @@ data: else if [ $wait_period -gt 1800 ]; then - echo \"Script is timed as the Spinnaker is not ready yet.......\" + echo \"Script is timed out as the Spinnaker is not ready in 30 min.......\" break else echo \"Waiting for Spinnaker services to be ready\" From daeb8906e1fd86ee5d66e56081980842bd4bbd56 Mon Sep 17 00:00:00 2001 From: ksrinimba Date: Fri, 20 Aug 2021 16:41:01 +0530 Subject: [PATCH 12/29] Added ssl verify false for git --- .../templates/pipeline-promotion/pipe-promot-scripts-cm.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/oes/templates/pipeline-promotion/pipe-promot-scripts-cm.yaml b/charts/oes/templates/pipeline-promotion/pipe-promot-scripts-cm.yaml index 133a8e17..945360b2 100644 --- a/charts/oes/templates/pipeline-promotion/pipe-promot-scripts-cm.yaml +++ b/charts/oes/templates/pipeline-promotion/pipe-promot-scripts-cm.yaml @@ -67,7 +67,7 @@ data: git.sh: "#!/bin/bash\nsource scripts/spin.sh\n\ngit_repo=$repo_name\ntempdir=\"/tmp/\"\npull_requred=false\nif [[ $git_branch == \"\" ]]\nthen\ngit_branch=\"master\"\nfi\nsetup_git() {\n echo \"Setting up the Git \"\n local name=${git_user:-spinnaker}\n local email=${git_user_email:-spinnaker@symphony.com}\n git config --global user.email - \"$email\"\n git config --global user.name \"$name\"\n}\ngit_clone_http() {\n + \"$email\"\n git config --global user.name \"$name\"\n git config --global http.sslVerify false}\ngit_clone_http() {\n \ echo \"cloning $git_project/$git_repo over https\"\n if [[ $repo_type == \"git\" || $repo_type == \"bitbucket\" ]]; then\n clone_result=$(git clone https://$git_user:${git_secret_token}@${git_url}/${git_project}/${git_repo}.git $tempdir/$git_repo)\n elif [[ $repo_type == \"stash\" ]]; then\n #statements\n From 69971ca1f926ca2d86d46ccdcfb606ab90247808 Mon Sep 17 00:00:00 2001 From: ksrinimba Date: Sat, 21 Aug 2021 12:13:28 +0530 Subject: [PATCH 13/29] Removed angle brackets pipeline-promot bug fix --- charts/oes/Chart.yaml | 2 +- .../pipe-promot-scripts-cm.yaml | 2 +- charts/oes/values.yaml | 28 +++++++++---------- 3 files changed, 16 insertions(+), 16 deletions(-) diff --git a/charts/oes/Chart.yaml b/charts/oes/Chart.yaml index ecb52313..85bbda31 100644 --- a/charts/oes/Chart.yaml +++ b/charts/oes/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: oes -version: 3.9.1 +version: 3.9.3 appVersion: 3.9.0 description: OES is a non-forked version of OSS spinnaker icon: https://raw.githubusercontent.com/OpsMx/enterprise-spinnaker/master/img/opsmx.png diff --git a/charts/oes/templates/pipeline-promotion/pipe-promot-scripts-cm.yaml b/charts/oes/templates/pipeline-promotion/pipe-promot-scripts-cm.yaml index 945360b2..5d001078 100644 --- a/charts/oes/templates/pipeline-promotion/pipe-promot-scripts-cm.yaml +++ b/charts/oes/templates/pipeline-promotion/pipe-promot-scripts-cm.yaml @@ -67,7 +67,7 @@ data: git.sh: "#!/bin/bash\nsource scripts/spin.sh\n\ngit_repo=$repo_name\ntempdir=\"/tmp/\"\npull_requred=false\nif [[ $git_branch == \"\" ]]\nthen\ngit_branch=\"master\"\nfi\nsetup_git() {\n echo \"Setting up the Git \"\n local name=${git_user:-spinnaker}\n local email=${git_user_email:-spinnaker@symphony.com}\n git config --global user.email - \"$email\"\n git config --global user.name \"$name\"\n git config --global http.sslVerify false}\ngit_clone_http() {\n + \"$email\"\n git config --global user.name \"$name\"\n git config --global http.sslVerify false\n}\n git_clone_http() {\n \ echo \"cloning $git_project/$git_repo over https\"\n if [[ $repo_type == \"git\" || $repo_type == \"bitbucket\" ]]; then\n clone_result=$(git clone https://$git_user:${git_secret_token}@${git_url}/${git_project}/${git_repo}.git $tempdir/$git_repo)\n elif [[ $repo_type == \"stash\" ]]; then\n #statements\n diff --git a/charts/oes/values.yaml b/charts/oes/values.yaml index 27fb3492..8e17a70b 100644 --- a/charts/oes/values.yaml +++ b/charts/oes/values.yaml @@ -1065,29 +1065,29 @@ spinnaker: dynamicAccRepository: standard-gitops-repo # Please provide the repo name of the GitOps Dynamic Accounts Directory.Can be same as Hal repo. halConfigPath: / # Any other value is currently not supported dynAccntConfigPath: dynaccount/ #relative path from repository root folder - username: # Username to authenticate with git/stash repo - token: # Token corresponding to above username + username: git/stash_username # Username to authenticate with git/stash repo + token: git/stash_token # Token corresponding to above username ## Configure below fields only if repo type is s3 - s3accesskey: - s3secretkey: - s3bucket: - s3region: + s3accesskey: AWS_ACCESS_KEY_ID + s3secretkey: AWS_SECRET_ACCESS_KEY + s3bucket: bucket name.e.g-testbucket + s3region: regionofbucket secretName: opsmx-gitops-auth # Promote applications and pipelines from one environment to another or take backup pipelinePromotion: # GitHub only, Not supportd on S3 or Stash enabled: true type: git # git, s3, stash - organization: # Also called "project" in some repos - repository: # bucket name in case of S3 + organization: project_name # Also called "project" in some repos + repository: repo_name # bucket name in case of S3 rootFolder: pipeline/ ##### ONLY In case of S3 - AWS_ACCESS_KEY_ID: - AWS_SECRET_ACCESS_KEY: + AWS_ACCESS_KEY_ID: access_key + AWS_SECRET_ACCESS_KEY: secret_key ##### S3 config for pipelinePromotion is complete ##### For non-S3 repos baseUrl: example.repo.com # "git_url" - username: - token: + username: username + token: token branch: samplerepo usermail: krish@company.com #password="K438" ### Token is preferred, Password also might work, try your luck @@ -1101,8 +1101,8 @@ spinnaker: createPR: false autoApprovePR: false targetBranch: master # can be any branch to which PR to be raised - approvingUser: ### user who is going to auto-merge - approverToken: ## Token for the user to auto-merge + approvingUser: approver_user ### user who is going to auto-merge + approverToken: token ## Token for the user to auto-merge ## x509 authentication for Spinnaker Gate gatex509: From fd9ad7aa7aa68b271de5e1088a13e49bad98db30 Mon Sep 17 00:00:00 2001 From: abhinaybyrisetty Date: Mon, 30 Aug 2021 18:23:38 +0530 Subject: [PATCH 14/29] Refactor helm chart --- charts/oes/Chart.yaml | 2 +- .../charts/openldap/templates/deployment.yaml | 4 +-- .../configmap/halyard-init-script.yaml | 2 +- .../configmap/spin-pipeline-import.yaml | 4 +-- .../templates/statefulsets/halyard.yaml | 2 +- charts/oes/config/oes-gate/gate.yml | 9 +++-- .../config/oes-platform/platform-local.yml | 6 ++-- .../configmaps/oes-ui-nginxconf.yaml | 2 +- .../deployments/oes-autopilot-deployment.yaml | 2 +- .../deployments/oes-platform-deployment.yaml | 2 +- .../deployments/oes-sapor-deployment.yaml | 2 +- .../oes-visibility-deployment.yaml | 2 +- .../pipe-promot-scripts-cm.yaml | 2 +- charts/oes/values.yaml | 33 ++++++++++++------- 14 files changed, 43 insertions(+), 31 deletions(-) diff --git a/charts/oes/Chart.yaml b/charts/oes/Chart.yaml index 85bbda31..ecb52313 100644 --- a/charts/oes/Chart.yaml +++ b/charts/oes/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: oes -version: 3.9.3 +version: 3.9.1 appVersion: 3.9.0 description: OES is a non-forked version of OSS spinnaker icon: https://raw.githubusercontent.com/OpsMx/enterprise-spinnaker/master/img/opsmx.png diff --git a/charts/oes/charts/openldap/templates/deployment.yaml b/charts/oes/charts/openldap/templates/deployment.yaml index 5578295a..0ede98e9 100644 --- a/charts/oes/charts/openldap/templates/deployment.yaml +++ b/charts/oes/charts/openldap/templates/deployment.yaml @@ -52,7 +52,7 @@ spec: {{- end }} {{- if .Values.tls.enabled }} - name: {{ .Chart.Name }}-init-tls - image: {{ .Values.global.customImages.dockerRegistry }}/busybox:1.28 + image: {{ .Values.global.customImages.registry }}/busybox:1.28 command: ['sh', '-c', 'cp /tls/* /certs'] imagePullPolicy: {{ .Values.image.pullPolicy }} volumeMounts: @@ -64,7 +64,7 @@ spec: {{ toYaml .Values.initResources | indent 10 }} {{- if .Values.tls.CA.enabled }} - name: {{ .Chart.Name }}-init-catls - image: {{ .Values.global.customImages.dockerRegistry }}/busybox:1.28 + image: {{ .Values.global.customImages.registry }}/busybox:1.28 command: ['sh', '-c', 'cp /catls/ca.crt /certs'] volumeMounts: - name: catls diff --git a/charts/oes/charts/spinnaker/templates/configmap/halyard-init-script.yaml b/charts/oes/charts/spinnaker/templates/configmap/halyard-init-script.yaml index 942665f6..319f74de 100755 --- a/charts/oes/charts/spinnaker/templates/configmap/halyard-init-script.yaml +++ b/charts/oes/charts/spinnaker/templates/configmap/halyard-init-script.yaml @@ -50,7 +50,7 @@ data: {{- if or (eq .Values.gitopsHalyard.repo.type "git") (eq .Values.gitopsHalyard.repo.type "stash") }} #!/bin/bash -x rm -rf /tmp/spinnaker/.hal - git -c http.sslVerify=false clone $GIT_CLONE_PARAM /tmp/spinnaker/test + git -c {{ .Values.gitopsHalyard.repo.configArgs }} clone $GIT_CLONE_PARAM /tmp/spinnaker/test cp -pr /tmp/spinnaker/test/{{ .Values.gitopsHalyard.repo.halConfigPath }} /tmp/spinnaker/.hal if [ -d "/tmp/spinnaker/test/pipeline-promotion/" ] then diff --git a/charts/oes/charts/spinnaker/templates/configmap/spin-pipeline-import.yaml b/charts/oes/charts/spinnaker/templates/configmap/spin-pipeline-import.yaml index 85857cbe..032ac427 100644 --- a/charts/oes/charts/spinnaker/templates/configmap/spin-pipeline-import.yaml +++ b/charts/oes/charts/spinnaker/templates/configmap/spin-pipeline-import.yaml @@ -35,7 +35,7 @@ data: then echo \"Spinnaker is Installed and ready\" mkdir -p /tmp/config/git/ - git -c http.sslVerify=false clone https://github.com/OpsMx/sample-pipelines.git /tmp/config/git/ + git -c {{ .Values.gitopsHalyard.repo.configArgs }} clone https://github.com/OpsMx/sample-pipelines.git /tmp/config/git/ cd /tmp/config/git cp -p /tmp/config/spin/config . sed 's/$/ --config config/' create-app.sh >create-app1.sh @@ -45,7 +45,7 @@ data: then echo \"Spinnaker and OES is Installed and ready\" mkdir -p /tmp/config/git/ - git -c http.sslVerify=false clone https://github.com/OpsMx/sample-pipelines.git /tmp/config/git/ + git -c {{ .Values.gitopsHalyard.repo.configArgs }} clone https://github.com/OpsMx/sample-pipelines.git /tmp/config/git/ cd /tmp/config/git cp -p /tmp/config/spin/config . sed 's/$/ --config config/' create-app.sh >create-app1.sh diff --git a/charts/oes/charts/spinnaker/templates/statefulsets/halyard.yaml b/charts/oes/charts/spinnaker/templates/statefulsets/halyard.yaml index 620ac893..d897945e 100755 --- a/charts/oes/charts/spinnaker/templates/statefulsets/halyard.yaml +++ b/charts/oes/charts/spinnaker/templates/statefulsets/halyard.yaml @@ -160,7 +160,7 @@ spec: fieldRef: apiVersion: v1 fieldPath: status.hostIP - image: {{ .Values.global.customImages.bitnamiRegistry }}/kubectl:1.18.5 + image: {{ .Values.global.customImages.registry }}/bitnami-kubectl:1.18.5 imagePullPolicy: IfNotPresent resources: {} volumeMounts: diff --git a/charts/oes/config/oes-gate/gate.yml b/charts/oes/config/oes-gate/gate.yml index 9ea7b3a5..d8bd502f 100644 --- a/charts/oes/config/oes-gate/gate.yml +++ b/charts/oes/config/oes-gate/gate.yml @@ -157,7 +157,10 @@ server: logging: level: - com.netflix.spinnaker.gate.security: DEBUG - org.springframework.security: DEBUG - org.springframework.web: DEBUG + com.netflix.spinnaker.gate.security: INFO + org.springframework.security: INFO + org.springframework.web: INFO + #com.netflix.spinnaker.gate.security: DEBUG + #org.springframework.security: DEBUG + #org.springframework.web: DEBUG diff --git a/charts/oes/config/oes-platform/platform-local.yml b/charts/oes/config/oes-platform/platform-local.yml index d6514614..46d99240 100644 --- a/charts/oes/config/oes-platform/platform-local.yml +++ b/charts/oes/config/oes-platform/platform-local.yml @@ -58,7 +58,7 @@ oes: logging: level: - com.opsmx.platformservice: DEBUG - org.springframework.security: DEBUG - org.springframework.web: DEBUG + com.opsmx.platformservice: INFO + org.springframework.security: INFO + org.springframework.web: INFO diff --git a/charts/oes/templates/configmaps/oes-ui-nginxconf.yaml b/charts/oes/templates/configmaps/oes-ui-nginxconf.yaml index 9a5f8069..a24a3a08 100644 --- a/charts/oes/templates/configmaps/oes-ui-nginxconf.yaml +++ b/charts/oes/templates/configmaps/oes-ui-nginxconf.yaml @@ -1,4 +1,4 @@ -{{ if or (eq .Values.installationMode "OES-AP") (eq .Values.installationMode "AP") (eq .Values.installationMode "OES") }} +{{ if (eq .Values.installationMode "OES-AP") }} apiVersion: v1 data: {{ (tpl (.Files.Glob "config/oes-ui/nginx.conf").AsConfig . ) | indent 2 }} diff --git a/charts/oes/templates/deployments/oes-autopilot-deployment.yaml b/charts/oes/templates/deployments/oes-autopilot-deployment.yaml index 32495da5..a8022c49 100644 --- a/charts/oes/templates/deployments/oes-autopilot-deployment.yaml +++ b/charts/oes/templates/deployments/oes-autopilot-deployment.yaml @@ -48,7 +48,7 @@ spec: {{- if (eq .Values.db.enabled true) }} initContainers: - name: db-check - image: {{ .Values.global.customImages.dockerRegistry }}/postgres:9.6.5 + image: {{ .Values.global.customImages.registry }}/postgres:9.6.5 command: ['/bin/bash', '-c', "sleep 30;echo Waiting for oes-db to be up and running; pg_isready -h oes-db -p 5432 && echo PostgreSQL DB is ready to receive connections"] {{- end }} containers: diff --git a/charts/oes/templates/deployments/oes-platform-deployment.yaml b/charts/oes/templates/deployments/oes-platform-deployment.yaml index e60548a3..6fb10eeb 100644 --- a/charts/oes/templates/deployments/oes-platform-deployment.yaml +++ b/charts/oes/templates/deployments/oes-platform-deployment.yaml @@ -30,7 +30,7 @@ spec: {{- if .Values.db.enabled }} initContainers: - name: db-check - image: {{ .Values.global.customImages.dockerRegistry }}/postgres:9.6.5 + image: {{ .Values.global.customImages.registry }}/postgres:9.6.5 command: ['/bin/bash', '-c', "sleep 30;echo Waiting for oes-db to be up and running; pg_isready -h oes-db -p 5432 && echo PostgreSQL DB is ready to receive connections"] {{- end }} containers: diff --git a/charts/oes/templates/deployments/oes-sapor-deployment.yaml b/charts/oes/templates/deployments/oes-sapor-deployment.yaml index 90e74030..548346fd 100644 --- a/charts/oes/templates/deployments/oes-sapor-deployment.yaml +++ b/charts/oes/templates/deployments/oes-sapor-deployment.yaml @@ -28,7 +28,7 @@ spec: {{- if (eq .Values.db.enabled true) }} initContainers: - name: db-check - image: {{ .Values.global.customImages.dockerRegistry }}/postgres:9.6.5 + image: {{ .Values.global.customImages.registry }}/postgres:9.6.5 command: ['/bin/bash', '-c', "sleep 30;echo Waiting for oes-db to be up and running; pg_isready -h oes-db -p 5432 && echo PostgreSQL DB is ready to receive connections"] {{- end }} containers: diff --git a/charts/oes/templates/deployments/oes-visibility-deployment.yaml b/charts/oes/templates/deployments/oes-visibility-deployment.yaml index 7c12945e..317f4009 100644 --- a/charts/oes/templates/deployments/oes-visibility-deployment.yaml +++ b/charts/oes/templates/deployments/oes-visibility-deployment.yaml @@ -29,7 +29,7 @@ spec: {{- if (eq .Values.db.enabled true) }} initContainers: - name: db-check - image: {{ .Values.global.customImages.dockerRegistry }}/postgres:9.6.5 + image: {{ .Values.global.customImages.registry }}/postgres:9.6.5 command: ['/bin/bash', '-c', "sleep 30;echo Waiting for oes-db to be up and running; pg_isready -h oes-db -p 5432 && echo PostgreSQL DB is ready to receive connections"] {{- end }} containers: diff --git a/charts/oes/templates/pipeline-promotion/pipe-promot-scripts-cm.yaml b/charts/oes/templates/pipeline-promotion/pipe-promot-scripts-cm.yaml index 5d001078..a304c81d 100644 --- a/charts/oes/templates/pipeline-promotion/pipe-promot-scripts-cm.yaml +++ b/charts/oes/templates/pipeline-promotion/pipe-promot-scripts-cm.yaml @@ -67,7 +67,7 @@ data: git.sh: "#!/bin/bash\nsource scripts/spin.sh\n\ngit_repo=$repo_name\ntempdir=\"/tmp/\"\npull_requred=false\nif [[ $git_branch == \"\" ]]\nthen\ngit_branch=\"master\"\nfi\nsetup_git() {\n echo \"Setting up the Git \"\n local name=${git_user:-spinnaker}\n local email=${git_user_email:-spinnaker@symphony.com}\n git config --global user.email - \"$email\"\n git config --global user.name \"$name\"\n git config --global http.sslVerify false\n}\n git_clone_http() {\n + \"$email\"\n git config --global user.name \"$name\"\n {{ .Values.gitopsHalyard.pipelinePromotion.gitConfig }} \n}\n git_clone_http() {\n \ echo \"cloning $git_project/$git_repo over https\"\n if [[ $repo_type == \"git\" || $repo_type == \"bitbucket\" ]]; then\n clone_result=$(git clone https://$git_user:${git_secret_token}@${git_url}/${git_project}/${git_repo}.git $tempdir/$git_repo)\n elif [[ $repo_type == \"stash\" ]]; then\n #statements\n diff --git a/charts/oes/values.yaml b/charts/oes/values.yaml index 8e17a70b..2f4a3b08 100644 --- a/charts/oes/values.yaml +++ b/charts/oes/values.yaml @@ -52,14 +52,19 @@ k8sServiceType: ClusterIP ## Declare all the global variables under this ## Global variables can be accessed across all the charts including sub-charts global: + ## Custom Images registry where all the OSS and customized images used in the helm chart are stored + ## List of images: busybox:1.28, bitnami-kubectl:1.18, postgres:9.6.5, oes-pre-configure:v2, create-secret:v10 + customImages: + registry: quay.io/opsmxpublic + ## Set this to false if cert-manager is not installed ## If cert-manager is installed, an issuer will be created ## by OES helm chart which generates certs for tls automatically ## If cert-manager is not installed, specify secrets with ## certificates under oesUI.tls.secretName & oesGate.tls.secretName - certManager: installed: true + customCerts: enabled: true secretName: self-signed-certs # Needs two Keys: cacerts and ca # TODO: Document procedure for creating this one @@ -160,6 +165,9 @@ redis: ## url: redis://{{ .Release.Name }}-redis-master:6379 ## url: redis://:password@{{ .Release.Name }}-redis-master:6379 + image: + registry: quay.io/opsmxpublic + repository: bitnami-redis password: password cluster: enabled: false @@ -957,6 +965,9 @@ spinnaker: host: "" port: 6379 # password: "" + image: + registry: quay.io/opsmxpublic + repository: bitnami-redis password: password nodeSelector: {} cluster: @@ -971,11 +982,6 @@ spinnaker: # Disable RDB persistence, AOF persistence already enabled. save 60 1000 - # Use ubi8 custom images - #image: - # registry: docker.io - # repository: devopsmx/ubi8-oes-redis - # tag: 4.0.14 # Uncomment if you don't want to create a PVC for redis # master: # persistence: @@ -985,7 +991,13 @@ spinnaker: # Minio is not exposed publically minio: enabled: true - imageTag: RELEASE.2019-02-13T19-48-27Z + image: + repository: quay.io/opsmxpublic/minio + tag: RELEASE.2019-02-13T19-48-27Z + + mcImage: + repository: quay.io/opsmxpublic/minio-mc + tag: RELEASE.2020-11-25T23-04-07Z serviceType: ClusterIP accessKey: spinnakeradmin secretKey: spinnakeradmin @@ -994,11 +1006,6 @@ spinnaker: persistence: enabled: true size: 10Gi - # Use ubi8 custom images - #image: - # repository: devopsmx/ubi8-oes-minio - # tag: RELEASE.2019-09-18T21-55-05Z - # pullPolicy: IfNotPresent # Google Cloud Storage gcs: @@ -1056,6 +1063,7 @@ spinnaker: enabled: true repo: type: git # git, s3, stash(bitbucket server) use a different sample values file for s3/bitbuck-stash + configArgs: "http.sslVerify=true" ## Configure below fields only if repo type is git/stash. Skip to s3 section if type is s3 baseUrlHostName: github.com # Specify it if git url is something other than github.com organization: OpsMx @@ -1077,6 +1085,7 @@ spinnaker: pipelinePromotion: # GitHub only, Not supportd on S3 or Stash enabled: true type: git # git, s3, stash + gitConfig: git config --global http.sslVerify false organization: project_name # Also called "project" in some repos repository: repo_name # bucket name in case of S3 rootFolder: pipeline/ From bee5f20ee073744f5ad469956fef1f2359bf0831 Mon Sep 17 00:00:00 2001 From: abhinaybyrisetty Date: Mon, 30 Aug 2021 18:31:57 +0530 Subject: [PATCH 15/29] Fix typo --- .../templates/pipeline-promotion/pipe-promot-scripts-cm.yaml | 2 +- charts/oes/values.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/oes/templates/pipeline-promotion/pipe-promot-scripts-cm.yaml b/charts/oes/templates/pipeline-promotion/pipe-promot-scripts-cm.yaml index a304c81d..2eff3b63 100644 --- a/charts/oes/templates/pipeline-promotion/pipe-promot-scripts-cm.yaml +++ b/charts/oes/templates/pipeline-promotion/pipe-promot-scripts-cm.yaml @@ -67,7 +67,7 @@ data: git.sh: "#!/bin/bash\nsource scripts/spin.sh\n\ngit_repo=$repo_name\ntempdir=\"/tmp/\"\npull_requred=false\nif [[ $git_branch == \"\" ]]\nthen\ngit_branch=\"master\"\nfi\nsetup_git() {\n echo \"Setting up the Git \"\n local name=${git_user:-spinnaker}\n local email=${git_user_email:-spinnaker@symphony.com}\n git config --global user.email - \"$email\"\n git config --global user.name \"$name\"\n {{ .Values.gitopsHalyard.pipelinePromotion.gitConfig }} \n}\n git_clone_http() {\n + \"$email\"\n git config --global user.name \"$name\"\n {{ .Values.spinnaker.gitopsHalyard.pipelinePromotion.gitConfig }} \n}\n git_clone_http() {\n \ echo \"cloning $git_project/$git_repo over https\"\n if [[ $repo_type == \"git\" || $repo_type == \"bitbucket\" ]]; then\n clone_result=$(git clone https://$git_user:${git_secret_token}@${git_url}/${git_project}/${git_repo}.git $tempdir/$git_repo)\n elif [[ $repo_type == \"stash\" ]]; then\n #statements\n diff --git a/charts/oes/values.yaml b/charts/oes/values.yaml index 2f4a3b08..3cb76297 100644 --- a/charts/oes/values.yaml +++ b/charts/oes/values.yaml @@ -1085,7 +1085,7 @@ spinnaker: pipelinePromotion: # GitHub only, Not supportd on S3 or Stash enabled: true type: git # git, s3, stash - gitConfig: git config --global http.sslVerify false + gitConfig: "git config --global http.sslVerify false" organization: project_name # Also called "project" in some repos repository: repo_name # bucket name in case of S3 rootFolder: pipeline/ From 4a499f582b4be22594a399d1298bcd0c07e85bbf Mon Sep 17 00:00:00 2001 From: abhinaybyrisetty Date: Mon, 30 Aug 2021 18:47:32 +0530 Subject: [PATCH 16/29] Remove redundant redis sub chart --- .../charts/spinnaker/charts/redis-10.5.3.tgz | Bin 30993 -> 0 bytes charts/oes/charts/spinnaker/requirements.yaml | 4 -- charts/oes/values.yaml | 54 +++++++----------- 3 files changed, 22 insertions(+), 36 deletions(-) delete mode 100644 charts/oes/charts/spinnaker/charts/redis-10.5.3.tgz diff --git a/charts/oes/charts/spinnaker/charts/redis-10.5.3.tgz b/charts/oes/charts/spinnaker/charts/redis-10.5.3.tgz deleted file mode 100644 index 60e9e5fbbd9a76efa5dd1bbaff4e3b6ad701db5b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 30993 zcmV)tK$pKCiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0POvHciT3$I1K;()~DD%Ip@Ugn3C<>I+{t}<2q^Uw~6D&cH8Hy zv@3>4NWz#RSOB!6iSyl`g&PT8MO`eX8FOYe7K!V|#=c?i4Tb~4`$rSRL~n+s;s3dV zXK!zB@5Qrc>fgP+z2d+7d(WTPzxDh5gZ<}E{tw*6SV~XA1!DhaZ*SFhij(_`JSZl= zV#W!L25`OKL2;b^eAe6Rz32p(`;5dwy?Php2sllck9PqD*C_IF09SbCU869;zy)Qv z2gd>k2Rafs0)|JJF&u!PfH)uskU$*(E?DA=gkj*AU1J8EL_U^naqv+DK8*w-kt|1| zG2ev=;uFkwAtYSzUEo-7Kv4jkGJylxA{M;Y!O@sRcmQK6;;=KJQ#^o)5b>bjSGe9I zwBI4VoQ-_V2mSt#hzLzd&!^Kq;N#13O8~`2RSA=m11Wj{AH4&MA)r zM*RN?Fqh3u5fdcpjaXVC_o1WT=~3xLQ+?ZMkBOKhLp5vDx&7A*sDFi-r>kCDgxKHf zJ?lN`+&9WTJZpS3hAVXCcf|mj>HpIg&tJSK(*LJVpFhz5O*~s$@MB1aD1=vP&jXpF zF@_j1G{pil-r3rM(-0$$cOjwzgP0%zVnR6FkT3*#jTs|>e2+_&cY#EHm;@vmLx5u( z1vv7Fq~bn}Mr52A#*lDbf2@b1spr-f93_n5NC3JT4rnMw5L}PpuBF<&A z=g#jAXtF$jPoFz-qK4ALnS5)eW$3Q_%fU-3@r6KWW`tvJ1LP;pNM6t(*;SHMc z$3RBeY^0d-I79+-@pu<-$fYzQRPp1{2^FUda~z4sg;@{!{i|e%S%d{v0!2W5-cLAY z-Z&uv?yC-Xe=BC#i<2-U(b&`P?6l%^r~`1j(mlOX@)ioi8E`wr2oPgv26R+H$ew|Q z{sq&73m9UUq9{>q_zWX~10a#wWl}ESG4gS*Vl^u!CJ?{k{dC8AF%7&_a_P&N=*f98 zBiBe^&mvsk&UQ=9H{Cw+Mbq|?D1WZxKDiXJlxEaCQd*-Wxls~^axNh7G?uFf+lnMv zSxZfpVMV;uq<7@D*iwJKGffQ&oyj)mccj~~uk&pkg$Wl@p2b2)$+hF_7joJ-l0+;R zfM5xhB5R1Q@exfTF@OVA`xkCH1&IwL!Xcy+k#A!f^xz_;z5(HiEXo2?r217dv20ff z*2Kq3OqOkHGyoc9U8n+ZL&OB+-c&n9wv~1+Tg!SU5f@VC=N(%hH>(i}Io3FJhW|_m zleC$0DIfz%#6;Hdkwk5vQNAA{I1Wb@_?Qaqg2u$>eOsdgl53or=2M84DA&0vFJu=v zs#@-;nXY=aV?$sKW~W59j?6X?TF;rw9Gbf{)lK_Yocx*@Hj&`DM0o9Fc%6heonQko zUX~m$Pmu4PB&YK(k>z=W84Qs*$3luU`iI;F5s@VNXoCH#3o^wt5d(PE0r)eaESXB; z1`yDj=x`)3drQKQaO~44-~)Ir#pMpb2$4|I-L(GxxB7z=@4^s==d;M?1K5|ZD3cWP z`I8ra*BkjT2#8)Ivw19NG_@H~mM1q64Gb@CrZ&16yV>=xDT)WW>T5;#fU=YhbAbf$ zvwn_Wan(6S{zMXjkod^-dpxqW0{uCyq$v9sN0>=+jewyjpi>|LAR&8TB8k&B4DsE~ zccI&uNG^cnuqD|RaQsTrUEP^%#xw0GbBrAL@v9sWKeG4*_@iJ5sM-g5MlN;5A%x@_ zN0@7q48tfO>Q~I@uoBP<<8=1kcIBnrc)FYZmQz{1*|F2Jbx!4Ljp;>RoMQ1S93qMI z8aNy!3_I_iDJk5{;Z8@kzr@HC6VI(N z!`g}j4F8#6ZtQO%nG#W4;<<#`r_(r5bjetz6h}?FNQFe(mHiDc#Z$#f51u`LOVYP~ zoD5)pZ*N*T@^d5T#Eiz638GNaNIwHhbL%RJS*%w<{xPuf-SMf0sVRM$qew=*(=XM# zBC}Lvp9WYK(fV#mq~1^ze2+pYXK88f#FpdEh+v5=yZmIu8EiyO+WNHn(Z z`dhM1PmV~^);yE2bF|~IoI=epduhjW%ILL}ol!Icl+k4rMN}Y7KyD_)pTHE&Bv)iw zRJ3xfk0SXt;mR~%8&&c^5jZY9q_iOAJSO|1Q8-&Od~DlZNKxPo%@ABbITKWRy?hs< zAr76N&ghR%jqaf^f?%%Z_j5Wvi)fEIyrNR20m*`UQuQzzg?>E%^RpLHABCNc8NCr` zTt!)Sax=kVA`uHt+;YGtGzkLcBP+hC zD!Xbqq~^l4rXlC)Q^v4w)LlO$I1(CI4(Box0i?*5RZS#*S_zq}(*PWi$QUMQWCkEf z=dLNHT9l2%Lh`~$ioA-AF*;RPs%egHVY@g)2rw5U(t?ESe5aSGwI~ef&FhaEH4MQv z5{dj$?v5(prve}6J^24i=}-bp&tH;(^t;yPa^Dmjx2X|Hv%!#P%rNIC=WmhlCvRND zOFx~`p!l_8F#OQ>l^$A;FXy>}^$4SX<^+igBjieHS%S9El(qo&Qkf>A8X$7=MrkG7 zEGg0r5uQp&0VG^$?-LAVP2C)gbUJK^{My-_eSdhAF`u?`ll+^883#E_Lagvq7gGme zBPtO=Z*E!GXb?sZwv<#>Oa*WcP)vSgG>ILd96Tw6;Ycd4JbRmCn3frWr?3S32_s?_ z%Y90)Q|TJBVX;EOak*7Vaf$`UKJF!v)GJ7c#|kuHCIIjMP$cclnku9Qq{bjcNr69# zjvbWwU1by*aW!|v&ZU6DlIW2C!ZAzVNPaNmz6etzi`p3_1Be7dx>vX0m&m8nsiZVo z7f@AUh~-9A+(Ry#u|!8$^nA*2kJBmoD7Ue(N~c?2kH82fo;iRkS2Gfdsyu-1zSMTQ zsi~*NJklwfHZripOaCA)=jTFjVBSs{ib9ZfjAYn#KHcv1$=C%y<|R_sbPvDG{%8#S~m2nZb+{2QHaPiXR+hpwAd@|O{2Hs z5s9SEdHU;7YTU3kjkM<>9#MwvuoV*?Vi?jSQsguRuNs2{X-YSk=#=DVxgxfNo_qd~ zs-ri;z?J{yc9*k6Y@EnNaEZZDPRva0I<`tkBAnIR)k^$FG>tX6H|79Ub^zTzOQIg1 zbQdy4n4P;GQ-tow5w~*_8HH%P=;T$M>WOb{X@kHIvWOV~c+mB{Df+1OGcVTC;WZ7B zAR+dI2)k}chU3s1BL6C+V~>-6W7yw2csd=*LQdn7r5Ibpbc#HV<)TY8lY*bzW4V=9 z1kYGi>ZfasHHE5jrj|WPy`0m?o~#_%G8T)a`Wj+^!&zp;8OmCc^hINBW04y;0z8ey z%#hfs1DCRaTMuDNH!P_p9eGx2@a%By^i215gmN`J_~Fej=RdvrKKuLd&6|#kC}sya z_#(Nr)>af@aFm&L)|*s|qSsQm!#91SLU~f4_UQ0m*cZI7yXY$$UXT+~V;US5G^mOZ z|AlN2l5e31P^h#6fr0xI93&xTyMTM+9(1{&?5exaDI5x>B$Cvbc}DGXEMwCo6eJF@ zm-fV+Be?YCi57@kn)nRh9}Ik7mw~ThZ=KLUip3%J1!a1n1r0Gn8A?bhfjB2)CDbfP z8FFl}ubWXwAX#94OEE&z`+8fJ7$)?Qmop)6hz0US7>R^Aa=ol_ZiX>{PhDB6m+u@g zf6^U57fplbPrFLyav_y5t-QEGgT8DW&}byrd)7yhAfEkYM__-~QNTrPnT0BimdyC; zFjhtn_Q>V!ks5^V+jGSV&rmd0`h9nQuc!Xk|F-)_CwB_ws13#-Q&u^YsJ}3u&U7G8 zD-#)4bG4ru(rV04F*0Vof<7{pS{x1liCwwIqa=iz369JZ0x}w5<{Sk(NAm`$Wy1sL z8@J}PKb{N&!W0#mS+kevT2S392%7duA_(xct1;RWYPG9qgyHm8ZRIdbK6UTt8QMQQ zRU_$kGenbPRk~z(DU3TBSbwyVZs+>1DTx98>Aw2Tsbj3YU9VeJt=ru-8_dY69Dr63|swQ4)r`5YbY1N|ynW&Pch1?}9&}G&K^M z_OjkF>j7+!;{%`(9R7ALXMv&sF$wsrr5}HOy(>S%e=A4$bAkM;ox)K`&grk~>9x=X z?6;D?X)N{N45Q#TMg)Er`5I594m5yoe<{n{AO+R74M{Y8P!e>=s~JvKyOs zuRq2Nb6yb3e~AMn)C#GOjc2=-P?{AwqsrUDl%fo1^a@LrN$N>v1&rj|Br+y~GJ-h^PpXHn z)-Lj7ugd(ezxTyjMrwv;UN37K(YxXdXFdY!Fc6k|Sk&&aE<43v$X1!Bq5)*)Vg)lT zx-M>6&Kg`uhCd-*iLbP z73!DP5)N7B4*~uJ`&Zr-o~iKPpYd#WI(sK3nEi}r#sS7w$+|DWVveBW3N{+|()}T! z!F`5e$%mv!(5)z-)zI$W_Yd~FTH478PwJHsa#YMW8NrMukC~NoDjdOl$}r{qtRIiY zQsh*m)-dk3G?H7aAh%eL(VS%kIo_~j1QEu8aXQ?}z6@ZhTTGd$Y%Cli|0?wx&IpHP zf=LugUCsDbq^&Bu!8Hn{te&zP*QM@eg2ZF4b#)C8(nX+8duiUUBx?ZKkNVJ zWQgI;2Vr*x*Bx6nu2IQF?*T~4;AJnYW}k3Dr_Mmnk`No8KqGr)Ud!5)M>t^lmm;z% zi;eX!-UUu`%Xe>pt*s#+B)$AFoC(aAgZ($KzqeQDpx@Nt6n$Kwze3C3!Qc1b zcnEubl!{`y}^YL#MInx{qgTZ=b%Jvxkv_J^Z-C<^o)(PK0e*G zEvV3{8^SS!7+qr+hA6tKIIpp%ICBnv%qi({M1+&4%}q8WKWlTsDP~h*tprCC6peKh z3B8FhOOHj3bHA~KDKl71iH?6dOM_fY_>1hm+;~;CjU{#3DTzpchnX@vOt@8UT?JMr zY85xTAPu^X;KJST- zVhy3sU+0U24@h(qsJokdieaC$lSv92rANy*dJj;Kg0x&f!Ege-uf0Jhyy zx%37$Kye4QtH0+0^mk;l9dEr)2Yx#|J2^i2QF~K;pHgxOuxNctJ4#v)U`ft-5wnB)USYC<6TwR zSI!2Ux~;e{$eF9JiAo@f;2MP_$O52g1YP^1n+fK<^)InRRvZNuZ_9sLbhb!nQ*s#e zbP(Q_ut`=~KD3MXWSlR%&%7xt_L3OVGVKIoD|uRHU=S z4H9X4T$-G)Ggp=F$^MNEvv-o(~?ShI4Pji2yxSpoxF}>LHb>dndNHiZ}Zss02$SjEjmyind=oQq^kY3}SUSyS> zZlSemw={gEwebv{S$T;{3(=x)!XK!2~0?-Zu#(ue{>yr3|~LXR*d zf-H%QAFnphz}f3p$LAkT56{nkdw2Hg<)dvW!%F2z)-~x9JTE&_s~b2}Or58qyPiCF z6#m6&6eBTt+5OZDkU$#fX?lmxUAToI;`sSf@Vo%~G{8H#IbTqlCMP{5$k>`%g#8|z zB@rMeu}I2>BpM_f>r)w>NJzuOPMams((^4WwaHWDd29-vC&UaqB7b3(P4DI76MT)? zWB6Tm-?Wn8c{sW*tyKOu{Ql{ag^_B{OU0piqENlKR1$|gPn*2jm{RrhHE))q^PJ&% zS~IKyqWWO*#gn)&>2wZyaAX!eBfNTfkKP;)+A!1%C`~-oo(ag&gEyJK%HYMVIc@VI zBPc9sx}dP7oS;hlaP5OFFu4`RoAO;va4qyLOUIs)iiUCENq6GwQKaDfoemUt z$s+?SNx>eaqb^eP1$IS-C%J{pE8FuI^W@#d>j4}K73w6=6$S(&d}EKrs-wE}DV4-x ztAf~*Pk`T$QgA0aIdG!)$^ahc#IkF@M7==m$LiWB6S{PvZ)lu5t6EX3tncq7Vg5DVIYonQO?w)?A2=NZ)LLjPR`@BYCH6}Pru0B)|{s^F|P$*JL_Su?r&-Vr8P9O0f77Jb-WdYQy%w>Ae0J+uK0gT(0Vfpw}_wJmW%XH?t;H zUiM8n-fH(pMej0^)VWCoZb7gl^5OXt^(UF0C!-Ph2wg90Oi~a}laT!A^r1x@COmih z3v8=X<>AaJq(s)8y1}b5S%)zrkr+Yuzqt2bk}A2A(0`k|6KjTeq*K|V6b$;ZnLiU0 zD)(bRajZt#>->f_091J)!63)NVTgT{aI6lu-CWVyj74x5=$L!uE3c2xmD~2VnYA%_ zsZ5$N_IG-n<53<+DW}r_(#dv38ZxFpsBA5A@Mg3%;LBK*SGIo_FV9KK)D~!k6IM@< zKOU*U4_>xMJ7=6J9CRx=9-WOf_jcg{77;4fn(lXzjZpWu#=bKw5~fX{D2^G88By4k zUI3~yPitjQpJP|7Y(a5ME9cgjni|NI{xq3Cgy=^|LL+Y(yP`Cmkf@pLBmCwrQy*Mc~*r;JB(?>ur?6V*++7>H_1I* zM;?t`G^JL|xpz=fElZ(Pxt{&%mbd;#bv5kwtd2nAazXj>76di7pm~MEn%}C6=57xwwZ7a2N)66UJ1I4Ix7|$n3JdM3Qq{TJt5D-%pFQle zFKM4;8wcgge*tGYzX^oYxXy&v&wkUUJRo$MzTW*vPq_vtL?%WiE|3HQ`edreKqjXcDv?}ZmULWVfLd*^_Y64X-BbI%b@E=Rsoj$ z#XA+|vhKX1HDtAP=%)`+H`&V+=#RM~*vC3qZ1cAnB?h~EV7Ha)KiXLeNDSbQh544#8y0xcq z#uaL8HwRC^gnFkLqz0F7B%_OxBjw>nQQWv$r4`^B;7(Ri*+}hhcR^P9sFi zOvM6J7FJ)qEF;kj^OE0&YG5v$_03|j3f<~)zEZSxE(Z#*J-u$8yjDiqzzI?)~ z`rzvFJpN25OQxl%2lOWL&`6GXO2UwEecNFxP?QSD#tvm$Z{4PfU5*e5={07axnOa* zzHBQOrjcSVF=8kTap>_`^ z35~G1t=Zf>tO210mGZ1X9Zgpy1Y%<>)Q#JwUMm)w>&mlbs{5>Dl%;;NMsgxk{tBg* zE7b`9`^M^rr|nZg|3fkH)@lZrL;qhK>=pBWKYw!YkpFul&-(R$PovOZ#|#jYX#63) zjQm4LeH8Ziq{=4XVj6M$^3k?2cUmFb4ChJ#-)0xpm?HzJ%`SyOSTg@W($uOt8Hg z3i}i47PPNF5@9cKCw3j}efJN`_$4eO{P%xXe0=ln@YV6jk2X;PSGO~z7gQsGI2J%6 zbD_sl*w9MAQV5f!OnpF=)ludA^~uHY$?G?p-uj4foGvBrp_{AJ=F}%~A3pu??w6BS zAC6C7?(5m8i*M8SDq*Jm!jgyt>8G<_PL5yMZ~wPX;#*ns))q1YA|u#NyLh?3lYRg= zK7ILU{~wTk-TR06WWj13Q@5S5Joo>RzHmxr%@rHcBhR;F58Zx`Qq#s&L~o*0 zGnj92`7f^j-`$1d(_J;TU3j!-XQ+EEOtN63EpS}xm9?G?`1bJp;`Q15eOM^>C2YsS zkQUgL`38P^cYaa1J#7c?&MrQj{POnu*Jt;|o*&lyueRp*#>=ZE^baTs3Ron|>pL<( z1cbfpKH3flQvs~qM|<6!ZpXI$K_{ersSh2xkFrYr8fBm>m;3fMSNqZbZ*KK;d=2&0 zWFI*nszuqmoNq~JUTC`IJ-yIu?^^@@&wh&b9}_3y+?u|+1!$iA|M`oO{pZE=XAkzD zO+23}t`)JdLgl;F>=%Y8J7exlDVOrL3;`AbM5f!TEy4Q+q7S;Au7hU1SZ68_{(?hf#l z3p;ngQbam0_oy5Q^lz^=C;T0_F4ociH6H)Yr~l7O=f6)L@_%pUso8suoowwV#M##W zi%`#c+SJoCa5L)&`oCxz&Z}?>k?S1-CHLhy{W^Eo>-zc2?B@={tzQ~T1r66{)`-%=>OA$CnfoR@5#Xf{olk>pfi4F~YctJ7R_G!a9ZM1j4+P4OQ=fvS7(?QLx_ z4R}*mO}{1TF=1oAH%xSz^5 z!#7-4nAICGI$eHQ+Fn~YfNpj<`Tehd#iHbaWpLu;{B1TMcbRIG(z(!@XH-~Z6zK{m z`$A?>Xs|Q511TJhv;)T}4Qj@+IOZ$~i~1p~8yuzm)%0S%N(c^l$qdE7eTHIlMWQP& z*HD^Nfc{c_0fhIYXA}r}v%cXJZVLqz1VjpdD9qT6V<)N) zSJH}2+ioP)Fsy9MXcDJNNA0R=SUz%;9@&I08i%lLN4Nuz98=Y|Uvf~@U+5{(f4!U%;NcK}9Q-3X{>BI(`$9=}bvI7^~K{#d`2nuQ}fPf1kJ zsx?55Xe97Q(KAiD8o(5NY+q$Uxi~&O%El;P7`tEo<>~RO>_u#+8D#GmM!~x%oSjiB zejp*{GcNGd{r+b{7!F=B8oPJnKEI z`uKqx|7D&c|JSapCLID7NZ?Ttax7L63Yz)<)4dnZ3-^B?>^tE*JW@BzZstA=lAO(>*r9N3a#@?1RqjuIwK4HOJxq$7t{SvgCa$(Xn zc|U1Tsh-xAO10K1eQ;5`#+<%O#cDe@z;;|R9I#^liYHSOXsrNduO!;m7ZE?|T^NY> zzDFFNA~At(bzpXPM``Xl(KOHU#N>KPtF-TIiC(m%(7p?EGg5Q=wMcT9_kU@^l*62> zi@RbC=J3T)Xa0z)%eEL&W`QYOURAz##IfT%Z#cEfONFJwyF!5sd#%2*paL?de|?`o z?f}HR8dSisu67k5+nj!suWB1Ww}R|dUFjxiV7D1p8KG*lHoaxmap{xpw?zZpCe+Pa z>2xD#G$IiZ&h1l*tCAPF(cuX*lu<$4z@)~xbhKSX@uyz_kL$E`COC&TXc{IN*P z5<9TBlRv;sIA$maoa{noa1(kHfp?}qv`h|}A6sF%I@a$!cu_GHTm?_UANfE%{VW#s zZl5;M?^$UT@RuLs{{?RZeHx3ty}v_ityuVdCrhOqb7{zaTvc-_NjMI?Vhi&-S$?Eh zw$UXA>NGI7i@ISRp8a_Ka=Yt!a!I<-P1o<;*~RDXP8px)#IfoY|E8KW=Db*CiSHIM zBj0*fOT!i=VluZqojkNqw7wWT`Xop7{(t@`^;lYA zo4br%VKRQhZo21PCmSS_v*FNkaDkaRP)MN*X)LN zVeIAMen|I%O$a? z;aNkq+>N-sIh?y`s)ujhy!-9L>$j&D|64oZ0d!}WcbmE>KYvkL*AGL+j zMUH~7sxirtRG}!X>KDe0R1@~U0u<-_VVVZhn-H8oVFGEa%@?FJ>~#X~KNmWCuvgWLALvJ+~2kc=}cf=oREVO@e42CCQ&6 zF&Wsot{^t#xqeMA^+H1%R;RlNkU-VVFRFv`WZ0&nDONQiZIo_3Sx0rMnVgu$UO`!E zZc>Wyd8?0WBrb;Ev#9j` zfdui7U$t0(>5K&MXj|pwdi2w~^NW+ix3A$AXpAGyL*Ns%54V7BuHf+}Fz0&*@cHr1 zUCcDMF?6o5AF&W58Uu+&luh;3^JqvD0e-^NC4wx8RNAyO8>DL{*n%HbKC-Oxh|wwF zkA#a{rJR(bKW6zQUq0H-rGl#@wOZ^{_fKb+T{x-YJddFp@Fw%k_241smJrK}EBmzp z@AiegT*PMP%%(VZkL{G8|ELU$u0aP$udEDL&c+G1ATX8_SrA9+%s`9LM$ap;*qn9f z!MyWe-bo>s%VFDS=gCL3E@8GZP74+sO*!_UR_35wy*bvPHJMyS@VG{% zeOzgGsWG5z`$#}dLpybfqbl}6w}@H$beQTi{gA1{bnv_^{pHIn4a4Wpiyb^4zBxWT zuaqfUdTdqL9bIi@+s&F%ARjyb0m?!(DZV4J+J=bMXaL1cUK0J&`9b&A=PaIRb)2QPEDbzLlw(yeWkGC1!gT_)mbX%{bZ1&l#K1&-~&&OE#G zPRa3-vf9a{Z7CPwV@2*tbXSUoM*vMhslVcUL96D`R) zyzeSIbddzzYr5%Lv^+Iu4m>aip-a(LF5DYl*6^0jklPWqE2LJ*=J>(x(gOxzDSpSfo|KSS6hhq)Djt$bwT1q zr-�tXM5})HprVEXUfN8(R0A4!$Z7Z*>txBW0u{WRCh0HP!e)An6fmoI1F z728qGgTef{6cT$Dv$8bj|5(o@AoKEnJ$?SPbpQAML;jDAJQV_76-!_LB_My1>>v#! zrS%mcmF4H$0Mgv&!q2K7aqmPA#w&y!B&#?K%nb z4hDR#gq$;#*sDBr_v@fjAG_bC@Rlb_9Fr`^F|CcjgUmDPP`JWH=iub=f+kgI$|8pZxVWYAk z@@>jbufX@!HWc;8{oFP9qthUNsI^yA zAx-dHmNJTkQciRLg}Vzst^FRuhiAE`p8gL>6p(1V1~xE<{_njg-T(Of*^~VT`oD>1 z{q+BPjW=H@8=xUJo-dYOHvpys;PA!vVBpE{U)Yz@xd%B_+aw=rYN{?xSq;st-v6c% zq#Ie41kBt2Phad6_Wz56rw{jkY~(5VXuH@`M+u4+Ad8l*wtOvue({_CYm{1Q_J4@3 z@w(DK&&&V3|9r1#|9$ad@9D$--^BB2?iG@EmmykV*_XfVo%E{?p_F5mv>Gc z>0+Tf%t^dTI_sK&JS4SVcT(#VALeF|t}OYG(z;cal82PmtEaR!__uUM>-zeQ39U;b zST4nMMcrlcJL_haNibcmxqSbNrs>6>n4SBJ$m{KD@5S2AzA9I2>(c1$_1fEBdPU=ey{Edzul-)x=JSe95s6%2tTQup zB{UpzvV6;bx%^typm@mR)i#2y5q^KIsoYOWvW;Yk*W~*SGlf;Oze*;iisqKg!c@`H z@)?*a8e1j%Qblvc3c1$SmUyWyUsnZ6z=GN27X^5o$S|kZ4=4&gSjXXY44`7)>sQTN zsyf42{&-^P6lYaEth}q%liaMTsTKFt8q=CpwYQ<1W~*(j=6v{fwzmr1ZfuUgQDr092> z6ute%xub;M3uV?`EDLy5TF_e2qz18ajG&_Z%oP0}kd52*J6cAC;c%K~4t zY|yRP)!l-0(5)5^x*g3I-^J+91b6HV^QTgS3VU}Ne4v!F;q#|B@?A^$r+dgRt@nR# zg2O2pN0i|^=wsgg-+NZH{~bJe{;>Zy^7O_;bhhB#Zzr$M&S6AC3?s_m=VXXkgazgu z{pl~x<{qA!NALf$*N3m(zV1zfJL#iw|L?zezQ6yhu>bd;J$bnQYa>r*3(k~Y(s{4` z{bPF~L_Fx5oM?phcYts}5uo5&>QDh(;hCqMc75beu#z3PpbYomSjfV3Bya=_k1%66 z06_t9Kp+_ z1A#8YI3t@mr=j@H8a3_7dh^oVKS#aNXV3792++ z{nF`NObFLP4-6?4Trf3%aF>t|`u#BxlVsTQ=`?k;H~)G8^{+7V)F^f!z;Q@tQydAP zk!&cV|0zOTrLTH~?tnQZf`m(0iV24IKjCnibuQ=M{mrgCN8sLAXo9_0*LF1>DE&tU{|EO4aTCy^a3?|}om3F0us zI0AvW(1?0N*_9r{$&be;|1TUzV}?231s^lvnHlWDC`@o90@d#+qf;y+P!OiE1YM3SxqUMMv8z4j@RFhM<~{?xxfE4!-&3g2dl^Gk`aQ z3y@Pa^W>`s~8j!S^z#O`WWG8Mq8j={4qH*VToq z^;6=2IHx{A!fwS31M~ugs)BP|;A4C#%UrCe|a+Ua7+*AD2-rqN5E^(ZEo zuymz0mF#sow^@(S=DCGenEQ;xYVE(2M~+HQY~h-nTksZnV8Qa6d6plQg23fCq(fvJ zug~z9aKUDm_0axN6^B=f_i5K`V5ZutYq{)m3zrcIYX{v_vj_p_+Jx%%iV#TWuC0EG zrgJ5%MSvJXn*qu#T)zL~61D@1x$-zgL0}dqPQuU(j!X8eNgxg&rUBo{LBMq*tcPX_ z0aF}&Sze11Gbxk!88?;GYctRCIH0RLV8~mV>YBVYbT&@yeDoSKMgq*?GOfI`{EU{H z$7)-Fn6QUAWWe^NA#nUf5P@t|ms&9I5xN*0auA3qCxXs_K^_81ocjWvTe!@{1hUfBbNA`1bYZg^<93Ko&zZ2M3NbIveYlqx*ku;qrKN zLd7Y=97kdS7!)AT$P8^?=P~xlXa=c9`~~pD6)B+{^E*S(=QeT+=gQV1`KxkzMqxMu z%MT!bN|PP1DD40lI}L2#5Q#wy$5;#PIX!U+MzSIV?08#2!G(aVxbW=n?>VW=SAbw^75kl#)}45hY@RBSCy+4!JW?am8Jbhkz4Y zSk+<%fh#<-mS_owbkc&tP!a{f2)@Pvj2N9NYF7l=8lM#*;GE{qZ$s08bh=;2vmzZR z#KF#^getl@g@I!IBNAe+%zqdKYKKJEgwaSDo39ZglEmI6!H^scg?tGRCh~Y+uvihWZAXc~H1@t;4TQ z&cR$fqlF*}3BM0z(c$STA^C#3VT8pEWmj4)nkN_C!fRCkPTX2+o63^UigX|k0ThPx z=JiK`SyTnfTX;pI#{x`FUhqRA$(?e~QU)`hMv*>D*`TbnA}`28faue`lk>M(tna1U z*P#SaZla3gQ!&9zYlboMH!CXM!sVyM%mQi61^}GWpaKTB@B?M#*{Wz`7|tN3fpOPU zXEkXN`|?hn6#-C_KdH`OZm58*rKCdqQNZ?)iix?(QtM6H4?^iq+B$t_&x(7XCL>Yp zk%3BAbo@%~d2@oNlS17e5TstTx3`RHR0)AJ^Gmf>pt3rBSpZl!1k8=obvSTt4PkP3 z2lguK`vu5~dQtxF>z+v(&YZIX+&dri4HtjqE%KoD1cd0-OZc^AUqM zbN{lLQJ0;`vd@Y*kk4W}=ls-K2hzEI5ndE4o|_gS(0G1Y1A%)!KrNn|dUkm8&wt7g zm~(zw1A%)!Kwa_Nv@Vx(4Gw&T=cZ){G@PG)mFK3Vgw@Tv;I%9Uh>eq}@}0Ee@Q_4^ z&He!~<(x?E(fD}3pJ0Y7y|ZaZt})x&d*09I*xnk2XuOcjd<&mGFERZh1Y#PL%pnzh zId)Q`@=F-J)s1BIA*LHVOIRNS4zpPKT5jk-zzwaxS1_yz0;ya(Zx@*9+45=jzH*0ePfU(&AVmWp2oCo+qP}nJ#F{2t!dk~ZQJf?+qQn&@B6>I_wJ|N zFDEMUsd^%_A~Lh`iE~a(LD+lTT)b*Kw!w;*^uQ%f^VmLt+Y=hF6n?Yx_XMKD++j^j z;FvnZ=#Kn0YW>{mR1_&1s1hs@n-xdPnriM~6jkuq&zdn*GFM1`pcDLA2co<8>581f z8nMb5$?c6!Evoix+3`sZt^znWgYKLw|57%TX0ov%s=EZ%PTKA9=s? z;Dd|DJqen~>{8|T7sT-FNr<2!rJ-bmsi!RaJSs6k+Jd-9?KDPPgvI^{1DwCCtdS5> z?8I`5e0Gi}jd>Fp%z~&YJi<8m%j#0L)L?%XwOgky6WwbhsAR@ZH;@cAq0Dij=Y9}@ zscJsqCKz^uckyl@Nl{Z*eQG9%sQ3X%J$F>ltIh#`mq3Ht9koD0?(%VsprD?=c@7+Z zhyp>gRS9dy$1LH&&P;^VQ3oqKZ_3(h1uI@@GbgfA;NcyFv()?rnod8^w<-|R`g2sz zk=GGRXR_3Nl6)l}oVG-LP>skIbwBFMzG4)i;c{L3atr|D>lg=WLdZL@7FeOJ>W~3R zlZR~|fMHA-(yJP>;F2i41fX+6OpGz*zd3;MB% zzFpOY%7ix9r{wv4=^|On_Zn0Fxkq;W?E}Uxys;=>i=4Y)8Si-C!mD$cVjr2rLkHq5 zmKOW9l*n2d=5Og>9SY=hf}ud_e7f1w%VIAWR0+SnF3jVLMcH_^0Qj=v30OBR6_Z) zJl_-L9aE_L^mnmr3MicJYDVAXg>(4eP)~0K4hj%Cx zsWjnGOn%25%dUk;3I~-!bsMMG4dK*w2bWji{MFt${+ORpYjtv!j1j&d)IVyIw8V4ZEYU%CaTGm(V^LD8R~ zMuffhIV7+b0=-}o9Ror-HmMAxWq;i0FS$a3U7RrGy&yi4ZwEcex4ikVY>C%yMM7d3 ztV}~I@1~n~jK1p?+pWdJ5hy?o4@*smK1N57<=oMLLW%BygQ^rJ+WP{7lnm3{^oTp1 z2+1z^7C0K+6`I&k*Dyq*Wk22osFfVk#>}u!LQIybar4ax6WAppP!r~Y555QYVwv>s zb?LgW<-cle5@W1 zwH0a%!oJtLy$5JWUB$C6?4Ti99lkZ~HLdJWfhf#8e{Q$GEAkJ+I^?n2k06fXWVjPHx7W-K{w`HsOKrD30V|{0Mms3K2{W+@lR2 zWl0N=Cyx0P`C|=N%rd<}4ewqmxj8MFyHO(3r-%ZAB`F{~%Njn+AVi{LxL=u?T7?4Q zC;>e{OK2c91MZh*VRr{Z;ciJ>_Weff{R~n6v`ywt!p?g>OF%6Te6Rkch7jO-3YlNL zjDg&J{#a%=Lw5n6OCEy2Agq%+k%!>cxk2DiiwuD^X&9&k3IlN6W_q*Z9ehhsTV`sz zUanQ4OP8SQkB6uYlykosWlt&Q3svF|xZB(s17AhX$A;6$rqdf+jtc$Psd6f6>?-E) z)~~X-)VCd5o$rXsgjeHU4L_nm%jI-_QFN?pE_HRo`G+{8w%BLpv{zpqnswZEqEeIP zm4*t4az#8Lt(xe;kV6k8ijedU1b;xE6DXv`?DRHsO=_odY zVAX_$LxNdv6BRGB#K*MC_NC=#_=eTmF(B3Xz7A#N!_EhB~#Tv%8uhfo*V{xpsK40RzaBzc8w~d`L zuUm^yRFz+a1J&q6NqZ4MKUn0v)M^ax?q^=7Y5T1R2aOL`oV?J+oN%kk&*|6nw7bA35_^sN)x*ZdZF9)MlP z#oeZ**T9Ng7J^(S-M5?`POu!zh^^Jg!f2EpzIQR(rxecR!<<=3i!K2HX&Q6yp0?pJ zg<2%vf8}bpRoM}+Wy-E$#+JtfdHhd|6{%F_-{%;~$*SUSy|dQb$B|0q|I^fwtICwk zx#q6q;dscZR;$=wjUnWTufi0 zb=T8fumcq}O}%On=$&dUXiAds*?)SZ@qj1UcX>~Ee!7lp$p7BC!527YiCP#)JV1oQ z#-%66X|tv}sSSNAK`vLkX^%Ar0t9-bElP$@FNZU>!ap%lBWu$=$<^h`=>-~ocjIl1H<06;eQz{Bz?z1twR%R{cg+)E* zHGvNqT`5+1=OyvB-O*a&vLL)M7t)-^$wz3p0hB6P8A)Bn0SO@OVn;$f-+b?keOv_p z!z$(G&ffzX5`;$Sr^PgZCNUC1ebwV+^%Bp{-RsuY778S|2UOI*giIH1ASomUNKq^> zEMg0=<}8=VszaU~N5EfJ0Rl0&U_yi$^EmySgzJA#h>f$!kaX0mKt%c-t~GpBqDOUm zoRTp9=&zj0oTDf#hvHt_v4x-$oC`;Uv%_(fJY+0)Eo6^ZdV;7L~}L z%lqv=B94OzL-zl?gbh61j<%ygl&5wL1b*A}%r$Jzf#n%QiJGrC?rEvTFo1nM56hsIcsxY;-&Rn-%00C02e9VxRv{PNAHF$z_ zUnSik7Y3?|uvSsz`#hB1Ux8&*5usuqxT|`;7h)R#qa}`N!ZiSabGmFwX#GQ_Rz#!^ z!k~`sT_GbkU|Fw_H1Jf{sDD!+cRjW-7~@pz*iPI91F7_hcryy)G+#g`#idYIp>G9K z(SUH4tTdM>KUc-)UdK?kGgnqYkTE~k?k(dG#w`dmY0|(@ua?qdhmJsD46a*4ul9SZ zBP-oGKLY>m1RIKCEdzShFN{gItTx&+LH(ff$@1UKr)>^CFl;3?{gz|5!#`?NW2}mF zY)GM03Jsjz%7c2z{%N9`8Zx_{%1qz*+!?ZD-@)CWk__pcCIJnMJ8x2>!VeV_6sebqK3(A1z znGBBz1Q7$T(6W1Cg00=!17iT6bLC! zwdhUTKT}j3vvovx-%ddukaBe@TR-e{gXwu=je*tOpOo7CyS8NkANwds*yLw-a^Zj< zICB41S358I5EFsF!ipWj+_7;%gS89%mwXR|baJ*H^Q%4DsW zLIcqi$`rd0tl5+}G4}a|Ja8o_aG>kJZ&Tf0XrWO3{exrMeL105;$*QGG|Gx#-r=|7 zi@4qGj|^QmJvhBEqz-(Wh z_k93H!y9tj+evWmS2t!aU|uAeboW)}<~j@gYt{Al#mO1DiiN)Ym_|)JVKOZPT?UWT zPvyG8)YBIwu5l?_{p&}B?58JSOD4)N*WMmOk%(b#ETVcm9Vw+U&^Kx1avfo8#>y;2 z6Bp88MDtz>G~O3c!;*m9ti+)9Omi7f>uRZ#VZF)fPV{gf60q!Hp+m&PXlm)?{>N@) zN;<+R^4UOQ;~htJ1$GbN!9lw}5kYA5kIff-oWq!jP{-e;<9A=c`xgG+AB0AHC(k1y zGVytdBkyaUgFf0NHD@>7l??^zAxzN7@8EqG$sutZOye`> zf&~5c|4gG2!cZ)0@;!Dz`=JPuMtP%#FlRxdf~F`{pl(313)cJV$$$Z4M%VT`R1v#z zZCe9buq$*Rx*++B2`&YI6`457$-rZ#8JV@L8YEH@DXQ6FaA1m?h=z(aCouHGeG9OHNcdlfck@eDZdpK;rVG@SMEj?pBo9I*36fk|7vDE0{3@Eiii(}y z*2B^Wafpc|DYK4Bu}#6mg=%zk7C1|x<%|cRO5!&4;9?Vy7`eeVf7J*SL#+_UrB-~z zigB)s61S0L@6T87zd*#ljWwOSFK2a?bmK^t*#bdk^{96H=9d+lvwr@dv7_jikJ_+h zapYgcvKqa#1c zR=rcuby?p`3See9bKx3^YhNA0#C(Cf4Yv_NC2$T5^CLkaagO|}fFI%!Wk-Yqge5J+ zl3At{Bffzg9Yk`J+NX`0$7seIC`h+waZwAgM>;35Eu;*0sskF)G*rDWv48`u13#7u z0TB}-0vaPgdgii-%UaYKzHvj^BJ(qVOGL~vNH%@og$Ki&5ZV9bhpuQmIHmvL-eOq8 z*C+-w%#uw}>A(_=jhaEUp@<_AEXw(qxceiYgu_GA+jtYk!96+sm!3VuW5jeWN^ALz zpq3Wt>6l0%Dp%Gt;`l=Q#&~u0fb2&&UWJ;#yuXEDTPuJhgy#s!P!qQ!ON=Bd@MRRNY=Q3XB@*M!k#^S`STrg116IJX533`G2q26>-c`qd= zSd?5in?=GNh*&I1Nf6{>*avM?8kmTa$w?2Ht1_h6==6?)n(;3brIx`=z#qvlZVas( z;nx*}VM$7oey!PA&qkB%x062SUn}EmbILH2V;zwz+i(J~Ste9*P?QtVbJC54#BR0P z7{$;SQs&}@VW6#x)>%|xS<{B7qgZi8;`LARO7h(EMg|dF)30GFoJzZr#u4(wa>5%9 z`7LODPWm4LLY4Ydnz16rK63X={1ozn^YQZ81vyy(sW(jYq@7FpO?Q>2EYU6&A{@%8 z1JRvE>yoCZO(NIKyQB*k^=`aEZY<|=*5dxt8$DHQkN?048D24? zYNIAwt3&B7_8yn}KBjDCpnPa~AMgn<*%P)bZ^Y-6(2pCE!dYpjufD(#XnjfM{G1&5=CgcwTyNk%Eyv|zH&79NrOR; z^*qu!S`_FaGzj|U>#QbJIyuEJ)or*I(|80KR>7{qp2CsTIMWJ;C0aU1d_adU;uI>- zU;z6@)zRD6QdbOxLGMxP`iVGNn=g~em7EmF7mRL5mXtQd3@e-djBt-a^+_i&Zu1&R zeI{Xqrm%0%IHOY{mp3XBjkiYGtJCr#in-&_aZ6ugrJuUPrkM@9_`ic82^YBssgBWXF}Cfs91>_NT7}D# z&$Kl~=<@LE``b60GVBvN7)sw5Vq4HE^XeS@T)xByG990Ug_PmlOekFmRmKSACqn(@ z^AqA%a^MRod$Izw*@xo8gTZSN_0B4M$dpPW@)V4n(qZGPl>0Ca+G!$|amj2jSh=P6 z*C}N^cd1`=K!nyZurpd_yJ!6PmT4;};|EPXQI~dpkn^}gU(?hfOT)V}*Y-?he*5`o z4-9GH)n|8Np+Z86;C9{H1C(k=%I|*0`(bEkd;W$vk72Rp?K(BK3=3v4qkPF~$p^9` zNaNqji;StF7E&J%WRlj=#B&;P_$qNCx8DqM7>dMzzcSc(FV%HH(}jL`Br<7yIKl~e zlr`|jj#^96e=TAC-UIiA42niDmmX$0M}Z*3$aQUG=lSJPR{r zs4gnBwLP!}#pm&CP~cAypJ-^%OkFR3a$U#K7J}t7U{X^>1SKj9(P%=@$3N(}!8~9p zmkVI~zo1pZGP0Z~VHstmE1kA2n|vX2P7!&-MX2w-Bd5|Lc0pHP zk_moKc_}dZwOcf2LfcQEs6Dc9ZZL_VmDOw5nx?iBN114pH@E&Jn#QW?#ua)LY-YF|U>kMzm$0qh zF#-P}+wU1y2mj&8(~Dam-|t0Yl^7?lQacDVf{R26!ccHg5@FzEJac#SsW6?~S57f8 zSK$ypADP|zAfW#%+h#i*X|eb6G_ru@)It=`*qcU;cFDS|+%Fq!;7W|1?3 zM2{jy*yT?A-jb=1$(T*s6D28LJn*-a0p$r=2SXma6brGGY&7NZpv{rWl>$n~9apWm zCNWmXgP5RPzrpP5@X7KhugPdf=vm<}E0q~fudYw&W5<(z74e_YoQv2b>;VePJ~$6t z+r7VrVal08DQNb~9O;_ioWh7GZb;Oy^wxd4W4}L;d6+<;nS}K9VZDb9c$Gu((JCrp z7hDPRA%q(_mCMKkLuj_gC4Xy&(qk=+wI(W_B_`;-_Fx` z!H}0xi871x-VKNtHz}T@N-7@X#wI1H;b)NJ40sJqgA9@jM`$RNInV#mF>Y>o){!R0 zzu0l~ED^F{x`@TZ%7gM5MV&@$S6dgq*3T5foAR^bQ=|=)K#g>Dtd(YeWOW z?~FAH4|rH1_VMx>Z;Jv>obxr*w^smDFMy6NPXUI+nJH#5{Crt|PMl}zw-NtqNCc&b z^7=!7!6;RJK2Rp4YE$ac25VO!rnuyQWK0OiYRE#JE1OywaDVXltN!rXW&lPZCII@c zBV}g8u5Q@^ao%Oo0~v_e%hGf&M>-f+Uj6Y9bb_as=gq`Tq8@hD?h3I$W`aYZrSgyU z6Yv!WdS5a}kdC5Ywr2#ag$SKrO@Z)yr_6HT=_n6(1;M`AUBB<&ZayB}NN8g2;G|{daMiB&cZp4Q9!;qZfP4Fh5LcotT?r2C z5nJIJ{<)J#H4qD8)xb>BV*+2Y7UUpC=1KXxX~KFq<>1*NAm&$6mwK7rXQe33$maC2 zvg((&^6iNr`UNI*pfA}d(d6Y@JSZ^s@$E~8tbYqyK79^Oq=@+YPeVM9KsgUPsze!jRg_*Qm@)?YIY8|%R1R)@ib_!AhSE+ z35@bHqD;vlN}4qF+nG6zERFeb|snOqGQi z*0!t=w7LnkXyl8xsa%_X-byE2?;%BEx+D0932(!p%$LhmCppi{dqZ4!S1K!}5LowO zW2kN%6~U)PHl(keTGBNh&AjkDYSX-Kr;;yCbz&L>^SK)a6t>Z&#C-q5F>gh;V^fxrxU7pBabFy~I z(ZV?61gh15YH;LMR_LhcLwgFEBe_ywnaxfPVQ1WpYYfjRqM-Q*OT|lz5Z)TfntHcr z-63Uoy1>1f44CoB>nT5WBa0HZ>wK}V^s#kcWE?W38Y+4(^||IbR3kTV0uKi^m7p4$ zD_p@oI;}Sj${ZJ!LQpp1B)xFTk6f5mFkFTye_UD6OGquO+EM#yNvHME#rt+|$3xx& zf$Gysgioq?wY_}KA?_T@J)9o~r!3m`sM)v7gtN^ygi=}YIrvyG)vlVy_{4>aAIZg_ z+*=hLYrn-yK2f+rN4AJ0eQ4B1+Y>6L?Y;lcB`&@5LWi3EdR3re@t-DUqt^{%=uo} zC;=&#*kbfu$sBNmMU6rb-r+*Ut?PBxU0fEjX<>ySkq>;VfyM}>4HE4Y^)wGNN9L#n zDyvPw8(nB-m?w_p&-k_BbiubNHT}r8yE6Dm11!Aa2boO-LLENuVYQ^2%+=a#1-$Y! zRy_=MEn$rlmU?=r)r3kT?IaKD>g@F5#GHm+#Hh`h{l~fiUWGf*nf2re?;VPQAgRXu zP_wkEPZM+EoShWEIKW&>^o`D#?dDHKwLVrb8j3pLYnZ}78jk3ol9E5?X7>>RN zxJkJx+~2CLD4&)+bsu@`YH0^3hy6s$l_7m%jmlHUcXY9&e_6Yy(KnrE(%@{}r5{qf zz|PQ3(?Ny>RhM%WKk4*fxc*K(WQTEQ=Z3HTJzu&}NL|!a8ZY;snEylfVQf~r z9UVXw_x2IHSshZ|#{r!rW`jHOZL!bp%-akLF;5@`;mHt+xBgq(11@x6x1oUe#f<}p z4S*XHv+=8ypNofQ6%b-e4Ml zNvlmWjgd8wM3WlznQnUOK%L%*p@fHodV1Ug&ghQ5*jv&8km4huEP(6%{zvZ(!)~Tv z0)H_QMR96a+g>n!F{{N>nyZ2N58vFBEWi#nY#(^DEvNm$2meo8wj;pY*B9~>;JtO@ z!);m-lm}se5?~F(0*}>GEK?@Um}00ky^MrOfPO_`8_%fScJU$41cs;SW#^@2@c6-x z6BCnu4|ur=`)13xwd+1fr^~yK%lQ#Xb#!ffvE(lIQLhN z(ntkeymoAQdZFD^XrTV|5KzqJ#s7#Pr+lHBQAc-;a@)errzK!jaNFX%YL{#IdwS+P zoJD8+_-ojPi@nG9PqU4e}_ zKf!dGmmh}J4NuO%IC-9f9Lb0T_2{nR82fBuy`%((6P&PS{k4cDGwa%(&ye;9xMGEf z;&EH_2`qt8W1yQl4pAGv;y@NR>#Dsl3vISqigDPX4fqeTT;FYh0J(jS*?P{dfSq^WCd)|ghC7bh}1Z5pT?s@h%8*g#11v0 z9VwnMa^$GAVxLy&Z5GiarDdn9XQynm4paRny(KB5B_-31p4+wyBLlC%r89=YBeTyBFsBxeVxVSPW7%RK@17Xdu8R0*J4L3B%AEEFMeM|w*)@st z*0OoD!v!M*fQuGQjjjO`(=Ri)ELh`aU*`|9I=2ENi1q%)rh})T9wvGbO;QFD z_}%b0gbBX#Bk-qyH%7CkN+lcR>pz0*Zq6j=TR~p3bqFBincQa#t!K@?{aB5)oSoIK zKQnZ+%SAoV!}FCYc&zC1VEI^|A#{_>N~H=51#~l65$Bkhs$4sFR@H8Cneh7Mx-*`<#VfltaQ7T)vWUFIhN z&0cC1$QE?ch!$354EZSwxMUER3zNlJFBjG`c_y1szP!fE{LS+yhRq#cZ#W3Igb7DY z3Wpyeg&>ev%gp2HMRm;(HL3ff8lU%6!L)tOO%1U_$bUL2xggZepJObt8G*o2)z#Vw zc{7t<{*j@^2e(xihx#Vk$oYH+H%nhGzo@b@EJEZ$Y`9qd_BR-aJ0z_^Grivl^ze$| zfcM0C96C06`RX%vMxR5m!)|lYDyc+HuREvcCro$^FdyoG3DRMK9-E&Li$c_f0>0J| zg-NGGFVI6GDLND6g0q|TL?H4fP0(${rHnlndH?%~RARyrBr_$tvg)|T{m{L{gL#@U zqTnt9nn4d>u5S4dC84qbDfKLE;wWKr*)Oz9PI&D2?Zkl%D`XCw-XjRrdOLoqg zJCsye7Q0FB`jyjqu47~pqY4MgBd()HRMj*nSVLwVv$G!$P|FF7l$|K|jLvv>9@4hT z_F&SBy_15oJIG9k89z%8e=&QEeUu;lx=$mw2S2k&s3RmBp4xDoF zxaa<7=ux&a&26`vJ2+w@(TzYq4(#m0XtIn3h%YNoBv7l2g9f+*kcy%EGPcI8occ4G zQr>dd_D743bj0?3w(<)vGMR;0DQ*5tCP}Mxe^#6+a?5z=XWhV-5eZh=fq?))&WX1> zq8sLCmSnB`+Q4>0!JUjJA?J?hsRp{R{#;YQ1xzW460({q*2}Nte2D?*Sh|G|p2V>p zaBTQz#FB*EZswAMM7HB%WxV!LuqHlkIw9q>j#Cc|Z-1Cib6GGZ7+*+ocGOZ?Xj0%{%}m^KI4zX*pM zeg~e?RK*jan^8RY(%3A#0$yYzNU%3R@= z<%1Wq&6&;NR3Mzip%cF?!1WDTP+6 z=c!F{eJlnMbCmxP1DN$|M-~e&jcUI!gkr_--;Qi`;ued6E4L>+&Y`P32~k6P7OE))!+l1pwXAvt%8{h`kn(u05l0wol`_OCF2p84Zps5jE!$VQA$#e z$4MMH&osyk&3=4cB0WhdG&6DxWJ|#gmYeoTN~{%kOuJ<`sS?XbVcoOA%&GQiB6&U} zqO2$B1AIdKPfY_K3L2FpN=8{{cd_TB&3j2HX!Ff8XOFD(mBeR>?#lI&2t*Sb*H&Of zbTWLy+-h${bwxj0s?wxvfnn+j)BpO1Si~La>bP1L^Jk;&RJHsprW#H@!vyQD?@43o z=a7Iqr#!LnP=XPM*;TBvFY+SaS!cOeqM`Sv8lKL_gW;Z%9Vm~~DVGE?Nv$=#SW!#b z4A5DkiV=sXEMR+i)Rne8S;nD&XANi!tC5Pl8Q6A-Ty`0MzwygMv;NSvjVWBQ=7_O7 zR^epLoM}&&qbX=5=g#0q)|IZ?l>c z!U9?2tIfiCz%sCcgCD;^(RY>qhG9yJn2_bh)4~7;=~p_5tXq%uifySRdUCBovaGnp zfRvsQxbGj=XkXoin44OlQr3NRMKBPK@YM-7-UN`^#osc829$sFWt6gY&&YmZ>DY#( zEnoLK){>!0bea8VTvfGj;Gy4i<%^^famLh(Xv1kJJ3HEP{!&Z2O-i+<34R?k-Ckd( z28*IsurGc+{sn(?QOXFrXoIMwCjiR)V%NwIQ;TRV1Z!uRgpm*WBX@hF?xTnnDxZR0 zRFC@@M*cidmU46G*PYB*!tzgpWjKHP5e5?T-rt4(8oJjKh-^csRaQkP(&RktjVB`H zB+*hV6H2Dfn(NY^q^l3=JgS~Os#V@J%OkLQml7=fb%HDp(Osj`w@-skf3lf%?SYerBl59;^9O-e|KJ=%^ni>|bijmCB z2-xeE)a@x=2fW~9g7Z4^eB$Y?2W#gMSyW>&pbSPXg7^2Q_|4pdN{%c*OH-Pidnfxq zuM)?t_E(*QGRA*1-pWn9^c==lHfCzbY-sVMNj9*(!!m@x&dqlqg*DW^+3vCZy!8Eh z#dh<@*1jAkbH)8f81%NPFodtH2jlR-Zo3Vq7!9rYpKVG!#OHbbbGc1+J7HNmiVJcIAC9oZVy24h4_CU zcF3WD4iGw#e!?I275HD!9WjfJA20fVF9Hz!f5UCln}pU8`kXJ)=Sacxv%(JDoUeim z!4R0zKY;QHN&JR5PxNngykJVXe-r*^k|dPN|5y50c=#yLfdAQt|L)DdS0`HUR{MZe zl*`aAyCVRH)r~LCC1PwCV4v^*8j$VSbw>sO)L4XGZ9JcJB$=g6a*#E{CyuB!Qg-3 z?x4Ui9Qfe8n+5=>WogN@#`QS@|A9ZS+jpWF2-v@QNqynJI;^LbOP7(-n^xS}l#$QV zUwJ^qW>Wqs2J>f@8|iQ7!Y$I4-S(J>Vv2e`9G6{<%Nn+RJ1738Y7XF-l%B5N5^qMS zj`yFV^Y%8s%_Lxd;1e_*@a$mAWv$E?x1~{+;J%3e6v`5gzZrawU*dVf(c9emwmk}X zym(o&F#O!+FMRdIUs)LgxU5|0*Y;@ry~~`I@9N>^y4k*(KvG?eRxzBJRGYI1^AZ(7 zds4|l*-7a~I;1kM6@`DSt%uMxfHl0d!4R2GBv;^&%>wU-rRoZe>pnZy&RT4ZOOv`k ziekWZ>c~cC{KIHO;FS(%0!#EFM%d}X*eNSG8Rmac#_)&NjlsbeR5X-Q>!t&Z9SNu{ zq;bxR8XeL0N!Lg*!DVU59^zJTCbUaW*^&vH*4kLQ`#Eqdz6{b8n@q)$plS4__upc#l)v+5cj4#7i zqTM&cRxVw4x%tW)NYhKiI*QJo$CGE^8ga+u98KpLn!uh7bMSL^E*TempB8xbC>2M1 zEYCPpB!CW@{@@A#GP}u5b3SX75L5#VKa)`H8Q2((tY&g?-DF?#sb%7`QiR6!<+pFB z+Dr4oFALl}HoT=o+(evPRP#Hy%{@jAf#xL89l?MFWC5X8VBG2*7sBX=$_D1b%0PUk zKk~?^XzMS7Vm0Y@RAc;sw1O)ycnU=X^Fa+`;ekTr=<7K$~~uXUTe$6rb}Uw^K3BgS;y^=6G;?-^1g z2Axo|7uV>_ql=tK1jUG)w2}&q94cQ>Dh;w_YOYr?CaCf~wx52|pkX1Ep~;7?i1C{d zr783ngzv^XL{?rgrmX}SBC7hl$drkUKIgJbe0kvpW~EdDgdW`^N!yZ9PsJ3#i97RV z)x0RI9<`|SGh-X_?mbXM|Dqr)M}fj+h^0*w832^1>#92j)x9cvBkoc$c7U?VkFt&% zP=ZqQrX48mq)lm(W`U9N)bB)$6Qn^&LOH;u{1p%Cx#)vG0E?c-vQ~bW^1&#_1|?Ys z_{`5yWxIM-U)lWTL*$>Y&wVBGbk2OGq3w{BGu1W1RSMuM7w^|=v-0;e^dmODXWR3j z(>+B;6G;?(U1Z}*)*Ekxzvv9E3f7#*lhB{K(Oswce2mIxeH+-TYd~Fn;PZ+eQH=-- zn1D^KFI5ufQhg_r+0L=;FFuGldo*k|@XyxHhsD%qbF7+PoS15YI(7d75V7Gyqv0Sb zm@@Br_=tPN#`$ZnLoVKX*e7msAq0qIQ6;h)PHEa_^;)aoU}V-h{ZJ5czA#QMq$Hcb zSW~a(86Tu3ecPpous;;BMaaMmF}RgWF+@K~=7|B7cM&BmXVcrU#l9DH_*%u+5`0lx z9XnQO{^LxlYctoZ{6oz#fi_W7iH@3e#B8$lY4s#wA8DgGIbg31Y+KnqpB|^j+4yY} zutl}O9?8?fqZy2y;I|o08*@hF5CXn;1=qn>f^6ONnI%O#w;NGfOBG6G^@0MO3nI79 zHJuAP+(DZ{Vb!y76HQq+!Qsv0HQ~3kpi2^DM#3YVK(|_RlUAZCmqvBVaD1C6fSeh? zYRX)2>fKk5NwzJeN2}UBe~cL9z$XM?zwegumVayFv1~x&hW+BjU=rj~Lsghyae$D1 z2J)o=`(g2XsT1i;H|o643&961YK>e&6qJ5-ZtH^~is)-AtaN{@+QZt&cJ2+f4|Li;7XSkyZ zs(|gmw_BGg)`uf6ZDaRM^n)SkYYZ;$zwNf5fhgcn;Y z$`;Ow6Yo(ebD~P&rRhmTwcC1LQ|A`1$w_=;R1S3Gxm}4RSnL5hGUuvwrcfI!aA(4O zwSK9t&w3qKEWS&S&}=he#)BaTmfe)En#My5*eOl!1tgF2o%auNu`szCrI5*}F|_!T z7sbF`RQ$_qwVxpx?rlCcHL?8AR?vFv5b-i!n>OCfLax;(V4+P4l6H%DMWaSP!~JCv zS{eIlQ|$q=`RN9Y7nA^Mprv19_lTPLX0A8V^{HR+9;3^tk(F%t4scJ}L}!7+>MPXm zLxJR#XW7ZGeaS9}e|k^4L^@O(Je^s9k^j<0q}tO%%VD18tzoe3mHju>Fpt+Y<8K#_gJJFFYaZ1mv1m7%XIlw( zfzY`m(IX?s%Q`dY9MK8uYnu*!{XwPf5cQo-lQBXT>#TH(krHk$>UQpJ)V5{yo+E=j z(5SwlR^bq28J dq79>KKgmB=Tk!??{`)Z?" + port: 6379 + # password: "" + nodeSelector: {} + + ## Redis config file + ## ref: https://redis.io/topics/config + ## + configmap: |- + # Enable AOF https://redis.io/topics/persistence#append-only-file + appendonly no + # Disable RDB persistence, AOF persistence already enabled. + save 60 1000 + + # Uncomment if you don't want to create a PVC for redis + # master: + # persistence: + # enabled: false + ############################################################################### ## ## Values of OES Database @@ -956,37 +977,6 @@ spinnaker: # nodeSelector to provide to each of the Spinnaker components nodeSelector: {} - # Redis password to use for the in-cluster redis service - # Enable redis to use in-cluster redis - redis: - enabled: true - # External Redis option will be enabled if in-cluster redis is disabled - external: - host: "" - port: 6379 - # password: "" - image: - registry: quay.io/opsmxpublic - repository: bitnami-redis - password: password - nodeSelector: {} - cluster: - enabled: false - - ## Redis config file - ## ref: https://redis.io/topics/config - ## - configmap: |- - # Enable AOF https://redis.io/topics/persistence#append-only-file - appendonly no - # Disable RDB persistence, AOF persistence already enabled. - save 60 1000 - - # Uncomment if you don't want to create a PVC for redis - # master: - # persistence: - # enabled: false - # Minio access/secret keys for the in-cluster S3 usage # Minio is not exposed publically minio: From c8d1940076fbdc081c4b19efa80185abe410916a Mon Sep 17 00:00:00 2001 From: abhinaybyrisetty Date: Mon, 30 Aug 2021 18:54:48 +0530 Subject: [PATCH 17/29] Fix comment --- charts/oes/values.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/oes/values.yaml b/charts/oes/values.yaml index 112938af..69cab6a9 100644 --- a/charts/oes/values.yaml +++ b/charts/oes/values.yaml @@ -179,9 +179,9 @@ redis: # password: "" nodeSelector: {} - ## Redis config file - ## ref: https://redis.io/topics/config - ## + ## Redis config file + ## ref: https://redis.io/topics/config + ## configmap: |- # Enable AOF https://redis.io/topics/persistence#append-only-file appendonly no @@ -399,12 +399,12 @@ gate: ## Regex of OES-UI URL to allow cross origin requests; this is framed using oesUI.host - ## Set it to true to disable LDAP authentication and enable file based authentication - ## Reach out over support@opsmx.com for pre-configured user credentials # common gate for both spin and oes commonGate: enabled: false + ## Set it to true to disable LDAP authentication and enable file based authentication + ## Reach out over support@opsmx.com for pre-configured user credentials fileBasedAuthentication: enabled: false server: From 1dced789dad665007498ca19c88bff195c37d60a Mon Sep 17 00:00:00 2001 From: abhinaybyrisetty Date: Tue, 31 Aug 2021 23:10:37 +0530 Subject: [PATCH 18/29] Handle helm chart for common gate --- .../templates/configmap/halyard-config.yaml | 8 +++- .../spinnaker/templates/ingress/gate.yaml | 2 +- .../templates/statefulsets/halyard.yaml | 4 ++ charts/oes/config/oes-gate/gate.yml | 37 +++++++++++++++++-- charts/oes/values.yaml | 8 ++-- 5 files changed, 49 insertions(+), 10 deletions(-) diff --git a/charts/oes/charts/spinnaker/templates/configmap/halyard-config.yaml b/charts/oes/charts/spinnaker/templates/configmap/halyard-config.yaml index 2be38e31..5d99996a 100755 --- a/charts/oes/charts/spinnaker/templates/configmap/halyard-config.yaml +++ b/charts/oes/charts/spinnaker/templates/configmap/halyard-config.yaml @@ -183,10 +183,14 @@ data: {{- else }} $HAL_COMMAND config security ui edit --no-validate --override-base-url {{ .Values.global.spinDeck.protocol }}://{{ .Values.global.spinDeck.host }} {{- end }} - {{- if .Values.global.spinGate.port }} + {{- if and (.Values.global.spinGate.port) (not .Values.global.commonGate.enabled) }} $HAL_COMMAND config security api edit --no-validate --override-base-url {{ .Values.global.spinGate.protocol }}://{{ .Values.global.spinGate.host }}:{{ .Values.global.spinGate.port }} - {{- else }} + {{- else if (not .Values.global.commonGate.enabled) }} $HAL_COMMAND config security api edit --no-validate --override-base-url {{ .Values.global.spinGate.protocol }}://{{ .Values.global.spinGate.host }} + {{- else if and (.Values.global.commonGate.enabled) (.Values.oesGate.port) }} + $HAL_COMMAND config security api edit --no-validate --override-base-url {{ .Values.oesGate.protocol }}://{{ .Values.oesGate.host }}:{{ .Values.oesGate.port }} + {{- else if (.Values.global.commonGate.enabled) }} + $HAL_COMMAND config security api edit --no-validate --override-base-url {{ .Values.oesGate.protocol }}://{{ .Values.oesGate.host }} {{- end }} {{- end }} {{- range $index, $feature := .Values.spinnakerFeatureFlags }} diff --git a/charts/oes/charts/spinnaker/templates/ingress/gate.yaml b/charts/oes/charts/spinnaker/templates/ingress/gate.yaml index a9cc4d38..d3779540 100755 --- a/charts/oes/charts/spinnaker/templates/ingress/gate.yaml +++ b/charts/oes/charts/spinnaker/templates/ingress/gate.yaml @@ -1,4 +1,4 @@ -{{- if and (.Values.global.createIngress) (not .Values.gitopsHalyard.mTLS.enabled) }} +{{- if and (.Values.global.createIngress) (not .Values.gitopsHalyard.mTLS.enabled) (not .Values.global.commonGate.enabled) }} apiVersion: extensions/v1beta1 kind: Ingress metadata: diff --git a/charts/oes/charts/spinnaker/templates/statefulsets/halyard.yaml b/charts/oes/charts/spinnaker/templates/statefulsets/halyard.yaml index d897945e..bdf6cc60 100755 --- a/charts/oes/charts/spinnaker/templates/statefulsets/halyard.yaml +++ b/charts/oes/charts/spinnaker/templates/statefulsets/halyard.yaml @@ -300,7 +300,11 @@ spec: lifecycle: postStart: exec: + {{- if .Values.global.commonGate.enabled }} + command: ["/bin/sh", "-c", "until hal --ready; do sleep 10 ;done;hal deploy apply --exclude-service-names=gate"] + {{- else }} command: ["/bin/sh", "-c", "until hal --ready; do sleep 10 ;done;hal deploy apply"] + {{- end }} {{- end }} ports: - containerPort: 8064 diff --git a/charts/oes/config/oes-gate/gate.yml b/charts/oes/config/oes-gate/gate.yml index d8bd502f..903869d9 100644 --- a/charts/oes/config/oes-gate/gate.yml +++ b/charts/oes/config/oes-gate/gate.yml @@ -21,7 +21,7 @@ services: {{- else }} externalUrl: {{ .Values.oesUI.protocol }}://{{ .Values.oesUI.host }} {{- end }} -{{- if .Values.gate.config.commonGate.enabled }} +{{- if .Values.global.commonGate.enabled }} keel: enabled: false clouddriver: @@ -52,7 +52,11 @@ services: deck: host: 0.0.0.0 port: 9000 + {{- if .Values.global.spinDeck.port }} + baseUrl: {{ .Values.global.spinDeck.protocol }}://{{ .Values.global.spinDeck.host }}:{{ .Values.global.spinDeck.port }} + {{- else }} baseUrl: {{ .Values.global.spinDeck.protocol }}://{{ .Values.global.spinDeck.host }} + {{- end }} enabled: true echo: host: 0.0.0.0 @@ -82,7 +86,11 @@ services: gate: host: 0.0.0.0 port: 8084 + {{- if .Values.oesGate.port }} + baseUrl: {{ .Values.oesGate.protocol }}://{{ .Values.oesGate.host }}:{{ .Values.oesGate.port }} + {{- else }} baseUrl: {{ .Values.oesGate.protocol }}://{{ .Values.oesGate.host }} + {{- end }} enabled: true igor: host: 0.0.0.0 @@ -102,7 +110,7 @@ services: redis: host: 0.0.0.0 port: 6379 - baseUrl: redis://:password@{{ .Release.Name}}-redis-master:6379 + baseUrl: {{ .Values.redis.url }} enabled: true rosco: host: 0.0.0.0 @@ -112,7 +120,7 @@ services: {{- end }} user: {} cors: - {{- if .Values.gate.config.commonGate.enabled }} + {{- if .Values.global.commonGate.enabled }} allowed-origins-pattern: ^https?://(?:localhost|{{ .Values.oesUI.host }}|{{ .Values.global.spinDeck.host }}|opsmx.com)(?::[1-9]\d*)?/? {{ else }} allowed-origins-pattern: ^https?://(?:localhost|{{ .Values.oesUI.host }}|opsmx.com)(?::[1-9]\d*)?/? @@ -154,6 +162,29 @@ server: protocolHeader: X-Forwarded-Proto remoteIpHeader: X-Forwarded-For internalProxies: .* +{{- if .Values.global.commonGate.enabled }} +spinnaker: + extensibility: + plugins: + deck-proxy: + enabled: true + plugins: + Opsmx.VerificationGatePlugin: + enabled: true + version: 1.0.1 + Opsmx.TestVerificationGatePlugin: + enabled: true + version: 1.0.1 + Opsmx.PolicyGatePlugin: + enabled: true + version: 1.0.1 + Opsmx.VisibilityApprovalPlugin: + enabled: true + version: 1.0.1 + repositories: + opsmx-repo: + url: https://raw.githubusercontent.com/OpsMx/spinnakerPluginRepository/v3.9.0/plugins.json +{{- end }} logging: level: diff --git a/charts/oes/values.yaml b/charts/oes/values.yaml index 69cab6a9..a3f67064 100644 --- a/charts/oes/values.yaml +++ b/charts/oes/values.yaml @@ -65,6 +65,10 @@ global: certManager: installed: true + # common gate for both spin and oes + commonGate: + enabled: true + customCerts: enabled: true secretName: self-signed-certs # Needs two Keys: cacerts and ca # TODO: Document procedure for creating this one @@ -398,10 +402,6 @@ gate: ## ## Regex of OES-UI URL to allow cross origin requests; this is framed using oesUI.host - - # common gate for both spin and oes - commonGate: - enabled: false ## Set it to true to disable LDAP authentication and enable file based authentication ## Reach out over support@opsmx.com for pre-configured user credentials From fc6ddd207b2d15dbf10003ef46616cae470a0792 Mon Sep 17 00:00:00 2001 From: abhinaybyrisetty Date: Wed, 1 Sep 2021 14:49:45 +0530 Subject: [PATCH 19/29] Change cacert secret name and update comment --- charts/oes/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/oes/values.yaml b/charts/oes/values.yaml index a3f67064..acdc520b 100644 --- a/charts/oes/values.yaml +++ b/charts/oes/values.yaml @@ -71,7 +71,7 @@ global: customCerts: enabled: true - secretName: self-signed-certs # Needs two Keys: cacerts and ca # TODO: Document procedure for creating this one + secretName: oes-cacerts #TODO: Document procedure for creating this one and enhance scripts to merge cacerts created by controller and this # Below flag is used to setup tls termination at ingress # when this flag is set to false; spinnaker and oes endpoints From e3b482209eb415d8d2361af20e2d645c9de75efd Mon Sep 17 00:00:00 2001 From: abhinaybyrisetty Date: Wed, 1 Sep 2021 15:52:50 +0530 Subject: [PATCH 20/29] Fix typo --- charts/oes/charts/openldap/templates/deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/oes/charts/openldap/templates/deployment.yaml b/charts/oes/charts/openldap/templates/deployment.yaml index 0ede98e9..217a06d1 100644 --- a/charts/oes/charts/openldap/templates/deployment.yaml +++ b/charts/oes/charts/openldap/templates/deployment.yaml @@ -39,7 +39,7 @@ spec: {{- end }} {{- if .Values.customLdifFiles }} - name: {{ .Chart.Name }}-init-ldif - image: {{ .Values.global.customImages.dockerRegistry }}/busybox:1.28 + image: {{ .Values.global.customImages.registry }}/busybox:1.28 command: ['sh', '-c', 'cp /customldif/* /ldifworkingdir'] imagePullPolicy: {{ .Values.image.pullPolicy }} volumeMounts: From 44cf2d2a8dbaea974180df106c3da55187731298 Mon Sep 17 00:00:00 2001 From: abhinaybyrisetty Date: Wed, 1 Sep 2021 17:56:33 +0530 Subject: [PATCH 21/29] Separate port from redis url --- charts/oes/config/oes-gate/gate.yml | 6 +++--- charts/oes/values.yaml | 10 ++++------ 2 files changed, 7 insertions(+), 9 deletions(-) diff --git a/charts/oes/config/oes-gate/gate.yml b/charts/oes/config/oes-gate/gate.yml index 903869d9..03d98440 100644 --- a/charts/oes/config/oes-gate/gate.yml +++ b/charts/oes/config/oes-gate/gate.yml @@ -109,8 +109,8 @@ services: enabled: true redis: host: 0.0.0.0 - port: 6379 - baseUrl: {{ .Values.redis.url }} + port: {{ .Values.redis.port }} + baseUrl: {{ tpl .Values.redis.url . }}:{{ .Values.redis.port }} enabled: true rosco: host: 0.0.0.0 @@ -154,7 +154,7 @@ authn: mode: session google: {} redis: - connection: {{ tpl .Values.redis.url . }} + connection: {{ tpl .Values.redis.url . }}:{{ .Values.redis.port }} server: session: timeoutInSeconds: {{ .Values.gate.config.server.session.timeoutInSeconds }} diff --git a/charts/oes/values.yaml b/charts/oes/values.yaml index acdc520b..9443bbfc 100644 --- a/charts/oes/values.yaml +++ b/charts/oes/values.yaml @@ -24,16 +24,12 @@ rbac: #################################################### ## Option to skip installation of OpsMx Spinnaker ## Setting this to true, will ensure custom ubi8 images of Spinnaker -## installSpinnaker and installRedis flags are mutually exclusive installSpinnaker: true #################################################### ## Redis configuration #################################################### -## Install a seperate Redis for OES if installSpinnaker is set to false -## If Spinnaker is being installed, redis installed by spinnaker chart can -## be re-used -## installSpinnaker and installRedis flags are mutually exclusive +## Set it to false only if OES needs to be configured with external redis installRedis: true ## Installation mode @@ -54,6 +50,7 @@ k8sServiceType: ClusterIP global: ## Custom Images registry where all the OSS and customized images used in the helm chart are stored ## List of images: busybox:1.28, bitnami-kubectl:1.18, postgres:9.6.5, oes-pre-configure:v2, create-secret:v10 + ## awsgit:v2, k8s-decoder:hal, bitnami-kubectl:1.18.5 customImages: registry: quay.io/opsmxpublic @@ -168,7 +165,8 @@ redis: ## Change this to custom URL if installRedis is set to false ## url: redis://{{ .Release.Name }}-redis-master:6379 ## - url: redis://:password@{{ .Release.Name }}-redis-master:6379 + url: redis://:password@{{ .Release.Name }}-redis-master + port: 6379 image: registry: quay.io/opsmxpublic repository: bitnami-redis From 3f7bfe8049c489c6c83b27002e2de0d3628f8d11 Mon Sep 17 00:00:00 2001 From: abhinaybyrisetty Date: Thu, 2 Sep 2021 00:43:18 +0530 Subject: [PATCH 22/29] Fix issues --- .../spinnaker/templates/configmap/halyard-overrideurl.yaml | 4 ++++ .../oes/charts/spinnaker/templates/statefulsets/halyard.yaml | 4 ---- charts/oes/values.yaml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/oes/charts/spinnaker/templates/configmap/halyard-overrideurl.yaml b/charts/oes/charts/spinnaker/templates/configmap/halyard-overrideurl.yaml index 280b2a4b..36d7dae2 100644 --- a/charts/oes/charts/spinnaker/templates/configmap/halyard-overrideurl.yaml +++ b/charts/oes/charts/spinnaker/templates/configmap/halyard-overrideurl.yaml @@ -164,7 +164,11 @@ data: spin-gate-overrideurl-gitops) ## Configured ingress host url as override url echo "Substituting gate url" + {{- if .Values.global.commonGate.enabled }} + sed -i 's,OVERRIDE_API_URL,{{ tpl .Values.oesGate.host . }},g' /tmp/spinnaker/.hal/config + {{- else }} sed -i 's,OVERRIDE_API_URL,{{ tpl .Values.global.spinGate.host . }},g' /tmp/spinnaker/.hal/config + {{- end }} ;; spin-deck-overrideurl-gitops) diff --git a/charts/oes/charts/spinnaker/templates/statefulsets/halyard.yaml b/charts/oes/charts/spinnaker/templates/statefulsets/halyard.yaml index bdf6cc60..d897945e 100755 --- a/charts/oes/charts/spinnaker/templates/statefulsets/halyard.yaml +++ b/charts/oes/charts/spinnaker/templates/statefulsets/halyard.yaml @@ -300,11 +300,7 @@ spec: lifecycle: postStart: exec: - {{- if .Values.global.commonGate.enabled }} - command: ["/bin/sh", "-c", "until hal --ready; do sleep 10 ;done;hal deploy apply --exclude-service-names=gate"] - {{- else }} command: ["/bin/sh", "-c", "until hal --ready; do sleep 10 ;done;hal deploy apply"] - {{- end }} {{- end }} ports: - containerPort: 8064 diff --git a/charts/oes/values.yaml b/charts/oes/values.yaml index 9443bbfc..3f632781 100644 --- a/charts/oes/values.yaml +++ b/charts/oes/values.yaml @@ -981,7 +981,7 @@ spinnaker: enabled: true image: repository: quay.io/opsmxpublic/minio - tag: RELEASE.2019-02-13T19-48-27Z + tag: RELEASE.2020-01-03T19-12-21Z mcImage: repository: quay.io/opsmxpublic/minio-mc From 7f19b5b4d80fb47ecbc31facc4aaa63635830977 Mon Sep 17 00:00:00 2001 From: abhinaybyrisetty Date: Thu, 2 Sep 2021 14:01:46 +0530 Subject: [PATCH 23/29] Move oes ui and gate urls under global --- charts/oes/README.md | 12 ++-- .../templates/configmap/halyard-config.yaml | 6 +- .../configmap/halyard-overrideurl.yaml | 2 +- .../config/oes-autopilot/autopilot.properties | 12 ++-- charts/oes/config/oes-gate/gate.yml | 16 ++--- .../config/oes-platform/platform-local.yml | 12 ++-- charts/oes/config/oes-ui/app-config.json | 6 +- .../oes-visibility/visibility-local.yml | 6 +- charts/oes/templates/NOTES.txt | 2 +- .../configmaps/datasource-creation.yaml | 2 +- .../templates/ingress/oes-gate-ingress.yaml | 10 ++-- .../oes/templates/ingress/oes-ui-ingress.yaml | 10 ++-- charts/oes/values.yaml | 59 +++++++++---------- 13 files changed, 76 insertions(+), 79 deletions(-) diff --git a/charts/oes/README.md b/charts/oes/README.md index d5b156ed..88d2bfc5 100644 --- a/charts/oes/README.md +++ b/charts/oes/README.md @@ -49,7 +49,7 @@ Install OpsMx Enterprise for Spinnaker - Your Kubernetes cluster shall support persistent volumes -- It is assumed that an nginx ingress controller is installed on the cluster, by default ingress resources are created for oes-ui, oes-gate, spin-deck and spin-gate services. Customize the hosts for OES using the options in the values.yaml under oesUI, oesGate, spinDeck, spinGate. If any other ingress controller is installed, set createIngress flag to false and configure your ingress. +- It is assumed that an nginx ingress controller is installed on the cluster, by default ingress resources are created for oes-ui, oes-gate, spin-deck and spin-gate services. Customize the hosts for OES using the options in the values.yaml under global.oesUI, oesGate, spinDeck, spinGate. If any other ingress controller is installed, set createIngress flag to false and configure your ingress. - To enable mutual TLS for Spinnaker Services and SSL features provided by Spinnaker Life Cycle Management (LCM), it is required to install nginx ingress from kubernetes community and cert-manager before installing OES. Please refer the table below for options to be enabled for LCM Instructions to install nginx ingress @@ -110,10 +110,10 @@ Parameter | Description | Default `global.spinGate.host` | Host using which spinnaker gate needs to be accessed | `gate.spinnaker.example.org` `global.spinGate.ingress.annotations` | Annotations for spinnaker gate ingress resource | `` `global.spinGate.ingress.tls.secretName` | Change this value if your own certificate is put into a specific secret | `gate-authtls` -`oesUI.protocol` | Change this to https if TLS is enabled for ingress endpoint | `http` -`oesUI.host` | Host using which UI needs to be accessed | `oes.domain.com` -`oesGate.protocol` | Change this to https if TLS is enabled for ingress endpoint | `http` -`oesGate.host` | Host using which Gate needs to be accessed | `oes-api.domain.com` +`global.oesUI.protocol` | Change this to https if TLS is enabled for ingress endpoint | `http` +`global.oesUI.host` | Host using which UI needs to be accessed | `oes.domain.com` +`global.oesGate.protocol` | Change this to https if TLS is enabled for ingress endpoint | `http` +`global.oesGate.host` | Host using which Gate needs to be accessed | `oes-api.domain.com` `k8sServiceType` | Service Type of oes-ui, oes-gate, spin-deck-ui, spin-gate | `LoadBalancer` `installRedis` | If true, OES will install its own Redis for caching. This option is mutually exclusive with installSpinnaker | `false` `redis.url` | Set custom URL if installRedis is set to false | `redis://{{ .Release.Name }}-redis-master:6379` @@ -127,7 +127,7 @@ Parameter | Description | Default `autopilot.config.ssl.keyStoreType` | SSL keystore type | `PKCS12` `autopilot.config.ssl.keyAlias` | SSL key alias | `tomcat` `dashboard.spinnakerLink` | Specify if dashboard needs to be configured with a different spinnaker | `{{ .Values.spinnaker.ingress.protocol }}://{{ .Values.spinnaker.ingress.host }}` -`gate.config.oesUIcors` | Regex of OES-UI URL to prevent cross origin attacks | `^https?://(?:localhost|OES_UI_LOADBALANCER_IP|opsmx.com)(?::[1-9]\d*)?/?` +`gate.config.global.oesUIcors` | Regex of OES-UI URL to prevent cross origin attacks | `^https?://(?:localhost|OES_UI_LOADBALANCER_IP|opsmx.com)(?::[1-9]\d*)?/?` `gate.config.fileBasedAuthentication` | Set it to true to disable LDAP authentication and enable file based authentication | `false` `gate.config.saml` | SAML configuration for oes gate authn and authz | `` `gate.config.saml.jksSecretName` | Set this value to use an existing secret in which saml jks exists | `oes-saml-jks` diff --git a/charts/oes/charts/spinnaker/templates/configmap/halyard-config.yaml b/charts/oes/charts/spinnaker/templates/configmap/halyard-config.yaml index 5d99996a..68ef6314 100755 --- a/charts/oes/charts/spinnaker/templates/configmap/halyard-config.yaml +++ b/charts/oes/charts/spinnaker/templates/configmap/halyard-config.yaml @@ -187,10 +187,10 @@ data: $HAL_COMMAND config security api edit --no-validate --override-base-url {{ .Values.global.spinGate.protocol }}://{{ .Values.global.spinGate.host }}:{{ .Values.global.spinGate.port }} {{- else if (not .Values.global.commonGate.enabled) }} $HAL_COMMAND config security api edit --no-validate --override-base-url {{ .Values.global.spinGate.protocol }}://{{ .Values.global.spinGate.host }} - {{- else if and (.Values.global.commonGate.enabled) (.Values.oesGate.port) }} - $HAL_COMMAND config security api edit --no-validate --override-base-url {{ .Values.oesGate.protocol }}://{{ .Values.oesGate.host }}:{{ .Values.oesGate.port }} + {{- else if and (.Values.global.commonGate.enabled) (.Values.global.oesGate.port) }} + $HAL_COMMAND config security api edit --no-validate --override-base-url {{ .Values.global.oesGate.protocol }}://{{ .Values.global.oesGate.host }}:{{ .Values.global.oesGate.port }} {{- else if (.Values.global.commonGate.enabled) }} - $HAL_COMMAND config security api edit --no-validate --override-base-url {{ .Values.oesGate.protocol }}://{{ .Values.oesGate.host }} + $HAL_COMMAND config security api edit --no-validate --override-base-url {{ .Values.global.oesGate.protocol }}://{{ .Values.global.oesGate.host }} {{- end }} {{- end }} {{- range $index, $feature := .Values.spinnakerFeatureFlags }} diff --git a/charts/oes/charts/spinnaker/templates/configmap/halyard-overrideurl.yaml b/charts/oes/charts/spinnaker/templates/configmap/halyard-overrideurl.yaml index 36d7dae2..a3de3c9a 100644 --- a/charts/oes/charts/spinnaker/templates/configmap/halyard-overrideurl.yaml +++ b/charts/oes/charts/spinnaker/templates/configmap/halyard-overrideurl.yaml @@ -165,7 +165,7 @@ data: ## Configured ingress host url as override url echo "Substituting gate url" {{- if .Values.global.commonGate.enabled }} - sed -i 's,OVERRIDE_API_URL,{{ tpl .Values.oesGate.host . }},g' /tmp/spinnaker/.hal/config + sed -i 's,OVERRIDE_API_URL,{{ tpl .Values.global.oesGate.host . }},g' /tmp/spinnaker/.hal/config {{- else }} sed -i 's,OVERRIDE_API_URL,{{ tpl .Values.global.spinGate.host . }},g' /tmp/spinnaker/.hal/config {{- end }} diff --git a/charts/oes/config/oes-autopilot/autopilot.properties b/charts/oes/config/oes-autopilot/autopilot.properties index 83b0a520..fb301996 100644 --- a/charts/oes/config/oes-autopilot/autopilot.properties +++ b/charts/oes/config/oes-autopilot/autopilot.properties @@ -19,14 +19,14 @@ server.ssl.keyStoreType={{ .Values.autopilot.config.ssl.keyStoreType }} server.ssl.keyAlias={{ .Values.autopilot.config.ssl.keyAlias }} {{- end }} -{{- if .Values.oesUI.port }} -server.host.dns.name={{ .Values.oesUI.protocol }}://{{ .Values.oesUI.host }}:{{ .Values.oesUI.port }} +{{- if .Values.global.oesUI.port }} +server.host.dns.name={{ .Values.global.oesUI.protocol }}://{{ .Values.global.oesUI.host }}:{{ .Values.global.oesUI.port }} {{- else }} -server.host.dns.name={{ .Values.oesUI.protocol }}://{{ .Values.oesUI.host }} +server.host.dns.name={{ .Values.global.oesUI.protocol }}://{{ .Values.global.oesUI.host }} {{- end }} -{{- if .Values.oesGate.port }} -gate.url={{ .Values.oesGate.protocol }}://{{ .Values.oesGate.host }}:{{ .Values.oesGate.port }} +{{- if .Values.global.oesGate.port }} +gate.url={{ .Values.global.oesGate.protocol }}://{{ .Values.global.oesGate.host }}:{{ .Values.global.oesGate.port }} {{- else }} -gate.url={{ .Values.oesGate.protocol }}://{{ .Values.oesGate.host }} +gate.url={{ .Values.global.oesGate.protocol }}://{{ .Values.global.oesGate.host }} {{- end }} diff --git a/charts/oes/config/oes-gate/gate.yml b/charts/oes/config/oes-gate/gate.yml index 03d98440..7cd7dd90 100644 --- a/charts/oes/config/oes-gate/gate.yml +++ b/charts/oes/config/oes-gate/gate.yml @@ -16,10 +16,10 @@ services: baseUrl: http://oes-visibility:8096 enabled: true oesui: - {{- if .Values.oesUI.port }} - externalUrl: {{ .Values.oesUI.protocol }}://{{ .Values.oesUI.host }}:{{ .Values.oesUI.port }} + {{- if .Values.global.oesUI.port }} + externalUrl: {{ .Values.global.oesUI.protocol }}://{{ .Values.global.oesUI.host }}:{{ .Values.global.oesUI.port }} {{- else }} - externalUrl: {{ .Values.oesUI.protocol }}://{{ .Values.oesUI.host }} + externalUrl: {{ .Values.global.oesUI.protocol }}://{{ .Values.global.oesUI.host }} {{- end }} {{- if .Values.global.commonGate.enabled }} keel: @@ -86,10 +86,10 @@ services: gate: host: 0.0.0.0 port: 8084 - {{- if .Values.oesGate.port }} - baseUrl: {{ .Values.oesGate.protocol }}://{{ .Values.oesGate.host }}:{{ .Values.oesGate.port }} + {{- if .Values.global.oesGate.port }} + baseUrl: {{ .Values.global.oesGate.protocol }}://{{ .Values.global.oesGate.host }}:{{ .Values.global.oesGate.port }} {{- else }} - baseUrl: {{ .Values.oesGate.protocol }}://{{ .Values.oesGate.host }} + baseUrl: {{ .Values.global.oesGate.protocol }}://{{ .Values.global.oesGate.host }} {{- end }} enabled: true igor: @@ -121,9 +121,9 @@ services: user: {} cors: {{- if .Values.global.commonGate.enabled }} - allowed-origins-pattern: ^https?://(?:localhost|{{ .Values.oesUI.host }}|{{ .Values.global.spinDeck.host }}|opsmx.com)(?::[1-9]\d*)?/? + allowed-origins-pattern: ^https?://(?:localhost|{{ .Values.global.oesUI.host }}|{{ .Values.global.spinDeck.host }}|opsmx.com)(?::[1-9]\d*)?/? {{ else }} - allowed-origins-pattern: ^https?://(?:localhost|{{ .Values.oesUI.host }}|opsmx.com)(?::[1-9]\d*)?/? + allowed-origins-pattern: ^https?://(?:localhost|{{ .Values.global.oesUI.host }}|opsmx.com)(?::[1-9]\d*)?/? {{- end }} ldap: enabled: {{ .Values.global.ldap.enabled }} diff --git a/charts/oes/config/oes-platform/platform-local.yml b/charts/oes/config/oes-platform/platform-local.yml index 46d99240..35bcf507 100644 --- a/charts/oes/config/oes-platform/platform-local.yml +++ b/charts/oes/config/oes-platform/platform-local.yml @@ -43,17 +43,17 @@ oes: visibility: url: http://oes-visibility:8096 approvalGate: -{{- if .Values.oesGate.port }} - apiUrl: {{ .Values.oesGate.protocol }}://{{ .Values.oesGate.host }}:{{ .Values.oesGate.port }}/visibilityservice/v5/approvalGates/{id}/trigger +{{- if .Values.global.oesGate.port }} + apiUrl: {{ .Values.global.oesGate.protocol }}://{{ .Values.global.oesGate.host }}:{{ .Values.global.oesGate.port }}/visibilityservice/v5/approvalGates/{id}/trigger {{- else }} - apiUrl: {{ .Values.oesGate.protocol }}://{{ .Values.oesGate.host }}/visibilityservice/v5/approvalGates/{id}/trigger + apiUrl: {{ .Values.global.oesGate.protocol }}://{{ .Values.global.oesGate.host }}/visibilityservice/v5/approvalGates/{id}/trigger {{- end }} verificationGate: -{{- if .Values.oesGate.port }} - apiUrl: {{ .Values.oesGate.protocol }}://{{ .Values.oesGate.host }}:{{ .Values.oesGate.port }}/autopilot/api/v3/registerCanary +{{- if .Values.global.oesGate.port }} + apiUrl: {{ .Values.global.oesGate.protocol }}://{{ .Values.global.oesGate.host }}:{{ .Values.global.oesGate.port }}/autopilot/api/v3/registerCanary {{- else }} - apiUrl: {{ .Values.oesGate.protocol }}://{{ .Values.oesGate.host }}/autopilot/api/v3/registerCanary + apiUrl: {{ .Values.global.oesGate.protocol }}://{{ .Values.global.oesGate.host }}/autopilot/api/v3/registerCanary {{- end }} logging: diff --git a/charts/oes/config/oes-ui/app-config.json b/charts/oes/config/oes-ui/app-config.json index e0540310..1dfbee09 100644 --- a/charts/oes/config/oes-ui/app-config.json +++ b/charts/oes/config/oes-ui/app-config.json @@ -1,8 +1,8 @@ { -{{- if .Values.oesGate.port }} - "endPointUrl": "{{ .Values.oesGate.protocol }}://{{ .Values.oesGate.host }}:{{ .Values.oesGate.port }}/", +{{- if .Values.global.oesGate.port }} + "endPointUrl": "{{ .Values.global.oesGate.protocol }}://{{ .Values.global.oesGate.host }}:{{ .Values.global.oesGate.port }}/", {{- else }} - "endPointUrl": "{{ .Values.oesGate.protocol }}://{{ .Values.oesGate.host }}/", + "endPointUrl": "{{ .Values.global.oesGate.protocol }}://{{ .Values.global.oesGate.host }}/", {{- end }} "setApplicationInterval": {{ .Values.ui.config.setApplicationRefreshInterval }} } diff --git a/charts/oes/config/oes-visibility/visibility-local.yml b/charts/oes/config/oes-visibility/visibility-local.yml index 3c988466..38d7afd9 100644 --- a/charts/oes/config/oes-visibility/visibility-local.yml +++ b/charts/oes/config/oes-visibility/visibility-local.yml @@ -16,10 +16,10 @@ spring: parameters: AbstractSerializableParameter: ERROR gate: -{{- if .Values.oesGate.port }} - url: {{ .Values.oesGate.protocol }}://{{ .Values.oesGate.host }}:{{ .Values.oesGate.port }} +{{- if .Values.global.oesGate.port }} + url: {{ .Values.global.oesGate.protocol }}://{{ .Values.global.oesGate.host }}:{{ .Values.global.oesGate.port }} {{- else }} - url: {{ .Values.oesGate.protocol }}://{{ .Values.oesGate.host }} + url: {{ .Values.global.oesGate.protocol }}://{{ .Values.global.oesGate.host }} {{- end }} jira: diff --git a/charts/oes/templates/NOTES.txt b/charts/oes/templates/NOTES.txt index 4f8d99c4..9cc75092 100644 --- a/charts/oes/templates/NOTES.txt +++ b/charts/oes/templates/NOTES.txt @@ -36,7 +36,7 @@ To learn more about the release, try: Once the service is up and running, connect using below url - {{ .Values.oesUI.protocol }}://{{ .Values.oesUI.host }} + {{ .Values.global.oesUI.protocol }}://{{ .Values.global.oesUI.host }} {{- else }} diff --git a/charts/oes/templates/configmaps/datasource-creation.yaml b/charts/oes/templates/configmaps/datasource-creation.yaml index 7e0549ce..90b72423 100644 --- a/charts/oes/templates/configmaps/datasource-creation.yaml +++ b/charts/oes/templates/configmaps/datasource-creation.yaml @@ -49,7 +49,7 @@ data: USERNAME={{ .Values.spinnaker.spinCli.auth.basic.username }} PASSWORD={{ .Values.spinnaker.spinCli.auth.basic.password }} TOKEN=$(echo -n "$USERNAME":"$PASSWORD" | base64) - response=$(curl -s {{ .Values.oesGate.protocol }}://{{ .Values.oesGate.host }}/oes/accountsConfig/v1/spinnaker -u $USERNAME:$PASSWORD) + response=$(curl -s {{ .Values.global.oesGate.protocol }}://{{ .Values.global.oesGate.host }}/oes/accountsConfig/v1/spinnaker -u $USERNAME:$PASSWORD) name=$(echo $response | jq '.[].name') if [ -z "$name" ]; then diff --git a/charts/oes/templates/ingress/oes-gate-ingress.yaml b/charts/oes/templates/ingress/oes-gate-ingress.yaml index 02b29a47..5b771e6a 100644 --- a/charts/oes/templates/ingress/oes-gate-ingress.yaml +++ b/charts/oes/templates/ingress/oes-gate-ingress.yaml @@ -10,13 +10,13 @@ metadata: cert-manager.io/issuer: letsencrypt-{{ .Release.Namespace }}-spin kubernetes.io/tls-acme: "true" {{- end }} -{{- if .Values.oesGate.ingress.annotations }} -{{ tpl (toYaml .Values.oesGate.ingress.annotations) . | indent 4 }} +{{- if .Values.global.oesGate.ingress.annotations }} +{{ tpl (toYaml .Values.global.oesGate.ingress.annotations) . | indent 4 }} {{- end }} name: oes-gate-ingress spec: rules: - - host: {{ .Values.oesGate.host }} + - host: {{ .Values.global.oesGate.host }} http: paths: - backend: @@ -26,8 +26,8 @@ spec: {{- if .Values.global.ssl.enabled }} tls: - hosts: - - {{ .Values.oesGate.host }} -{{ toYaml .Values.oesGate.ingress.tls | indent 4 }} + - {{ .Values.global.oesGate.host }} +{{ toYaml .Values.global.oesGate.ingress.tls | indent 4 }} {{- end }} {{- end }} {{- end }} diff --git a/charts/oes/templates/ingress/oes-ui-ingress.yaml b/charts/oes/templates/ingress/oes-ui-ingress.yaml index cb706aa8..7e265e90 100644 --- a/charts/oes/templates/ingress/oes-ui-ingress.yaml +++ b/charts/oes/templates/ingress/oes-ui-ingress.yaml @@ -10,13 +10,13 @@ metadata: cert-manager.io/issuer: letsencrypt-{{ .Release.Namespace }}-spin kubernetes.io/tls-acme: "true" {{- end }} -{{- if .Values.oesUI.ingress.annotations }} -{{ tpl (toYaml .Values.oesUI.ingress.annotations) . | indent 4 }} +{{- if .Values.global.oesUI.ingress.annotations }} +{{ tpl (toYaml .Values.global.oesUI.ingress.annotations) . | indent 4 }} {{- end }} name: oes-ui-ingress spec: rules: - - host: {{ .Values.oesUI.host }} + - host: {{ .Values.global.oesUI.host }} http: paths: - backend: @@ -26,8 +26,8 @@ spec: {{- if .Values.global.ssl.enabled }} tls: - hosts: - - {{ .Values.oesUI.host }} -{{ toYaml .Values.oesUI.ingress.tls | indent 4 }} + - {{ .Values.global.oesUI.host }} +{{ toYaml .Values.global.oesUI.ingress.tls | indent 4 }} {{- end }} {{- end }} {{- end }} diff --git a/charts/oes/values.yaml b/charts/oes/values.yaml index 3f632781..fe233165 100644 --- a/charts/oes/values.yaml +++ b/charts/oes/values.yaml @@ -107,6 +107,34 @@ global: tls: secretName: gate-authtls + ## OES-UI url configuration + oesUI: + protocol: https + host: oes.example.ops.com + # Use below port when hostname above is an external IP instead of a hostname + #port: 80 + + ingress: + annotations: + kubernetes.io/ingress.class: nginx + + tls: + secretName: oes-ui-authtls + + ## OES-Gate url configuration + oesGate: + protocol: https + host: oes-gate.example.ops.com + # Use below port when hostname above is an external IP instead of a hostname + #port: 8084 + + ingress: + annotations: + kubernetes.io/ingress.class: nginx + + tls: + secretName: oes-gate-authtls + ## Set it to false if own LDAP is to be configured ## ldap configuration used in oes-gate, oes-platform and spinnaker gate for authentication ## and authorization @@ -126,37 +154,6 @@ global: ## rendered manifests preDeleteHelmHooks: false - -## OES-UI url configuration -oesUI: - protocol: https - host: oes.example.ops.com - # Use below port when hostname above is an external IP instead of a hostname - #port: 80 - - ingress: - annotations: - kubernetes.io/ingress.class: nginx - - tls: - secretName: oes-ui-authtls - -## OES-Gate url configuration -oesGate: - protocol: https - host: oes-gate.example.ops.com - # Use below port when hostname above is an external IP instead of a hostname - #port: 8084 - - ingress: - annotations: - kubernetes.io/ingress.class: nginx - - tls: - secretName: oes-gate-authtls - - - ############################################################################### ## Details of redis-master image for OES ## From 9761a80d86ea04b53e996424ecc6f8641ad4359d Mon Sep 17 00:00:00 2001 From: abhinaybyrisetty Date: Thu, 2 Sep 2021 14:27:43 +0530 Subject: [PATCH 24/29] Add additional users to openldap by default --- .../charts/openldap/templates/deployment.yaml | 8 +++++ charts/oes/values.yaml | 30 +++++++++++++++++++ 2 files changed, 38 insertions(+) diff --git a/charts/oes/charts/openldap/templates/deployment.yaml b/charts/oes/charts/openldap/templates/deployment.yaml index 217a06d1..4cf8511c 100644 --- a/charts/oes/charts/openldap/templates/deployment.yaml +++ b/charts/oes/charts/openldap/templates/deployment.yaml @@ -78,6 +78,14 @@ spec: containers: - name: {{ .Chart.Name }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + lifecycle: + postStart: + exec: + command: + - /bin/sh + - -c + - until service slapd status; do sleep 10 ;done;ldapadd -x -D 'cn=admin,dc=example,dc=org' + -w opsmxadmin123 -f /container/service/slapd/assets/config/bootstrap/ldif/custom/10-users.ldif imagePullPolicy: {{ .Values.image.pullPolicy }} {{- if .Values.customLdifFiles }} args: [--copy-service] diff --git a/charts/oes/values.yaml b/charts/oes/values.yaml index fe233165..1c48f068 100644 --- a/charts/oes/values.yaml +++ b/charts/oes/values.yaml @@ -754,6 +754,36 @@ openldap: description: read and execute group member: cn=admin,dc=example,dc=org member: cn=ITManager,dc=example,dc=org + 10-users.ldif: |- + dn: cn=user1,dc=example,dc=org + objectClass: simpleSecurityObject + objectClass: organizationalRole + cn: user1 + userpassword: {SSHA}Y9L4AsYL16WLK10qDZ62pTScFnaWb0nz + + dn: cn=user2,dc=example,dc=org + objectClass: simpleSecurityObject + objectClass: organizationalRole + cn: user2 + userpassword: {SSHA}DasTBI0eut1F83Bh1F1HXmDT8juJj3pY + + dn: cn=user3,dc=example,dc=org + objectClass: simpleSecurityObject + objectClass: organizationalRole + cn: user3 + userpassword: {SSHA}Qu1FW7BdLMndwM/Gf+zc3a8VIMAymbuv + + dn: cn=developers,ou=groups,dc=example,dc=org + changetype: modify + add: member + member: cn=user1,dc=example,dc=org + member: cn=user3,dc=example,dc=org + + dn: cn=QA,ou=groups,dc=example,dc=org + changetype: modify + add: member + member: cn=user2,dc=example,dc=org + member: cn=user3,dc=example,dc=org ## ldap configuration used in oes-gate, oes-platform and spinnaker gate for authentication ## and authorization From f1aa5da03d66d684472de4003272c537b4f13955 Mon Sep 17 00:00:00 2001 From: ksrinimba Date: Thu, 2 Sep 2021 17:31:52 +0530 Subject: [PATCH 25/29] updated oes-gate --- charts/oes/templates/configmaps/datasource-creation.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/oes/templates/configmaps/datasource-creation.yaml b/charts/oes/templates/configmaps/datasource-creation.yaml index 90b72423..f42155d1 100644 --- a/charts/oes/templates/configmaps/datasource-creation.yaml +++ b/charts/oes/templates/configmaps/datasource-creation.yaml @@ -56,19 +56,19 @@ data: if [[ "$STORAGE_TYPE" == "git" ]]; then curl --header "Content-Type: application/json" --header "x-spinnaker-user: admin" --request POST http://oes-platform:8095/platformservice/v2/datasources --data '{"datasourceType": "GITHUB", "name": "gitops", "spinEnabled": "false", "configurationFields": {"token": "{{ .Values.spinnaker.gitopsHalyard.repo.token }}", "username": "{{ .Values.spinnaker.gitopsHalyard.repo.username }}" } }' - curl --header "Content-Type: application/json" --header "x-spinnaker-user: admin" --request POST http://oes-sapor:8085/oes/accountsConfig/spinnaker --data '{"name": "preview-saas", "url": "{{ .Values.global.spinGate.protocol }}://{{ .Values.global.spinGate.host }}", "authenticationType": "LDAP", "token": "'"${TOKEN}"'", "externalAccountFlag": "true", "halyardConfigurationFlag": "true", "externalAccountConfiguration": {"accountName": "gitops", "endPoint": "https://github.com/{{ .Values.spinnaker.gitopsHalyard.repo.organization }}/{{ .Values.spinnaker.gitopsHalyard.repo.repository }}.git", "provider": "GITHUB" }, "halConfiguration": {"accountName": "gitops", "endPoint": "https://github.com/{{ .Values.spinnaker.gitopsHalyard.repo.organization }}/{{ .Values.spinnaker.gitopsHalyard.repo.repository }}.git", "accountName": "gitops" , "provider": "GITHUB" } }' + curl --header "Content-Type: application/json" --header "x-spinnaker-user: admin" --request POST http://oes-sapor:8085/oes/accountsConfig/spinnaker --data '{"name": "preview-saas", "url": "{{ .Values.global.oesGate.protocol }}://{{ .Values.global.oesGate.host }}", "authenticationType": "LDAP", "token": "'"${TOKEN}"'", "externalAccountFlag": "true", "halyardConfigurationFlag": "true", "externalAccountConfiguration": {"accountName": "gitops", "endPoint": "https://github.com/{{ .Values.spinnaker.gitopsHalyard.repo.organization }}/{{ .Values.spinnaker.gitopsHalyard.repo.repository }}.git", "provider": "GITHUB" }, "halConfiguration": {"accountName": "gitops", "endPoint": "https://github.com/{{ .Values.spinnaker.gitopsHalyard.repo.organization }}/{{ .Values.spinnaker.gitopsHalyard.repo.repository }}.git", "accountName": "gitops" , "provider": "GITHUB" } }' break fi if [[ "$STORAGE_TYPE" == "stash" ]]; then curl --header "Content-Type: application/json" --header "x-spinnaker-user: admin" --request POST http://oes-platform:8095/platformservice/v2/datasources --data '{"datasourceType": "BITBUCKET", "name": "gitops-bitbucket", "spinEnabled": "false", "configurationFields": {"authType":"bearer","username": "{{ .Values.spinnaker.gitopsHalyard.repo.username }}","token": "{{ .Values.spinnaker.gitopsHalyard.repo.token }}","read":"","write":""} }' - curl --header "Content-Type: application/json" --header "x-spinnaker-user: admin" --request POST http://oes-sapor:8085/oes/accountsConfig/spinnaker --data '{"name": "preview-saas", "url": "{{ .Values.global.spinGate.protocol }}://{{ .Values.global.spinGate.host }}", "authenticationType": "LDAP", "token": "'"${TOKEN}"'", "externalAccountFlag": "true", "halyardConfigurationFlag": "true", "externalAccountConfiguration": {"accountName": "gitops-bitbucket", "endPoint": "https://{{ .Values.spinnaker.gitopsHalyard.repo.baseUrlHostName }}/{{ .Values.spinnaker.gitopsHalyard.repo.organization }}/{{ .Values.spinnaker.gitopsHalyard.repo.projectName }}/{{ .Values.spinnaker.gitopsHalyard.repo.repository }}.git", "provider": "BITBUCKET" }, "halConfiguration": {"accountName": "gitops", "endPoint": "https://{{ .Values.spinnaker.gitopsHalyard.repo.baseUrlHostName }}/{{ .Values.spinnaker.gitopsHalyard.repo.organization }}/{{ .Values.spinnaker.gitopsHalyard.repo.projectName }}/{{ .Values.spinnaker.gitopsHalyard.repo.repository }}.git", "accountName": "gitops-bitbucket" , "provider": "BITBUCKET" } }' + curl --header "Content-Type: application/json" --header "x-spinnaker-user: admin" --request POST http://oes-sapor:8085/oes/accountsConfig/spinnaker --data '{"name": "preview-saas", "url": "{{ .Values.global.oesGate.protocol }}://{{ .Values.global.oesGate.host }}", "authenticationType": "LDAP", "token": "'"${TOKEN}"'", "externalAccountFlag": "true", "halyardConfigurationFlag": "true", "externalAccountConfiguration": {"accountName": "gitops-bitbucket", "endPoint": "https://{{ .Values.spinnaker.gitopsHalyard.repo.baseUrlHostName }}/{{ .Values.spinnaker.gitopsHalyard.repo.organization }}/{{ .Values.spinnaker.gitopsHalyard.repo.projectName }}/{{ .Values.spinnaker.gitopsHalyard.repo.repository }}.git", "provider": "BITBUCKET" }, "halConfiguration": {"accountName": "gitops", "endPoint": "https://{{ .Values.spinnaker.gitopsHalyard.repo.baseUrlHostName }}/{{ .Values.spinnaker.gitopsHalyard.repo.organization }}/{{ .Values.spinnaker.gitopsHalyard.repo.projectName }}/{{ .Values.spinnaker.gitopsHalyard.repo.repository }}.git", "accountName": "gitops-bitbucket" , "provider": "BITBUCKET" } }' break fi if [[ "$STORAGE_TYPE" == "s3" ]]; then curl --header "Content-Type: application/json" --header "x-spinnaker-user: admin" --request POST http://oes-platform:8095/platformservice/v2/datasources --data '{"datasourceType":"AMAZONS3","name":"gitops-s3","configurationFields":{"access_id":"{{ .Values.spinnaker.gitopsHalyard.repo.s3accesskey }}","secret_key":"{{ .Values.spinnaker.gitopsHalyard.repo.s3secretkey }}"},"spinnakerNames":[""],"spinEnabled":false} }' - curl --header "Content-Type: application/json" --header "x-spinnaker-user: admin" --request POST http://oes-sapor:8085/oes/accountsConfig/v1/spinnaker --data '{"name": "preview-saas", "url": "{{ .Values.global.spinGate.protocol }}://{{ .Values.global.spinGate.host }}", "authenticationType": "LDAP", "token": "'"${TOKEN}"'" , "externalAccountFlag": "true", "externalAccountConfiguration": {"accountName": "gitops-s3","config":{"bucketName":"{{ .Values.spinnaker.gitopsHalyard.repo.s3bucket }}","region":"{{ .Values.spinnaker.gitopsHalyard.repo.s3region }}","endPoint":""},"provider": "AMAZONS3"}}' + curl --header "Content-Type: application/json" --header "x-spinnaker-user: admin" --request POST http://oes-sapor:8085/oes/accountsConfig/v1/spinnaker --data '{"name": "preview-saas", "url": "{{ .Values.global.oesGate.protocol }}://{{ .Values.global.oesGate.host }}", "authenticationType": "LDAP", "token": "'"${TOKEN}"'" , "externalAccountFlag": "true", "externalAccountConfiguration": {"accountName": "gitops-s3","config":{"bucketName":"{{ .Values.spinnaker.gitopsHalyard.repo.s3bucket }}","region":"{{ .Values.spinnaker.gitopsHalyard.repo.s3region }}","endPoint":""},"provider": "AMAZONS3"}}' fi else echo "Spinnaker is already Integrated" From 24639916e994e5c5f97b24080a734d1521598c7c Mon Sep 17 00:00:00 2001 From: ksrinimba Date: Fri, 3 Sep 2021 17:09:18 +0530 Subject: [PATCH 26/29] OPA Persistence container added --- .../oes/templates/configmaps/opa-persist.yaml | 27 +++++++++++++++++++ .../templates/deployments/opa-deployment.yaml | 18 +++++++++++++ .../templates/secrets/oes-gate-secret.yaml | 9 +++++++ charts/oes/values.yaml | 2 +- 4 files changed, 55 insertions(+), 1 deletion(-) create mode 100644 charts/oes/templates/configmaps/opa-persist.yaml create mode 100644 charts/oes/templates/secrets/oes-gate-secret.yaml diff --git a/charts/oes/templates/configmaps/opa-persist.yaml b/charts/oes/templates/configmaps/opa-persist.yaml new file mode 100644 index 00000000..db427208 --- /dev/null +++ b/charts/oes/templates/configmaps/opa-persist.yaml @@ -0,0 +1,27 @@ +apiVersion: v1 +data: + opa-persist.sh: | + set -x + sleep 20 + BASEURL=$GATEURL + USERPASS="-u ${GATEUSER}:${GATEPASS}" + curl $USERPASS $BASEURL/oes/v1/policies/list > listofpolicies.json + #Get the policy NAMES + cat listofpolicies.json | jq .[] | jq -r .policyName > policies + #for each NAME + while read -e name; do + #Get content + curl $USERPASS $BASEURL/oes/v1/policy/$name > tmp.json + + #Get Policy ID + ID=`cat tmp.json|jq .response | jq '.policyId'` + #Delete Policy ID + cat tmp.json|jq .response | jq 'del(.policyId)' > update.json + + #update + curl $USERPASS -X PUT -H "Content-Type: application/json" -d @update.json $BASEURL/oes/v1/policy/$ID + done < policies + #endFOR +kind: ConfigMap +metadata: + name: opa-persist diff --git a/charts/oes/templates/deployments/opa-deployment.yaml b/charts/oes/templates/deployments/opa-deployment.yaml index 0318c057..748702ad 100644 --- a/charts/oes/templates/deployments/opa-deployment.yaml +++ b/charts/oes/templates/deployments/opa-deployment.yaml @@ -25,5 +25,23 @@ spec: args: - "run" - "--server" + - name: opa-persist + command: + - /bin/bash + - /tmp/opa-persist.sh + envFrom: + - secretRef: + name: oes-gate-secret + image: quay.io/opsmxpublic/customterraformstage:v1 + imagePullPolicy: IfNotPresent + volumeMounts: + - mountPath: /tmp + name: opa-persist + restartPolicy: Always + volumes: + - configMap: + defaultMode: 420 + name: opa-persist + name: opa-persist {{- end -}} {{- end -}} diff --git a/charts/oes/templates/secrets/oes-gate-secret.yaml b/charts/oes/templates/secrets/oes-gate-secret.yaml new file mode 100644 index 00000000..d54d4b13 --- /dev/null +++ b/charts/oes/templates/secrets/oes-gate-secret.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +stringData: + GATEURL: {{ .Values.spinnaker.spinCli.gate.endpoint }} + GATEUSER: {{ .Values.spinnaker.spinCli.auth.basic.username }} + GATEPASS: {{ .Values.spinnaker.spinCli.auth.basic.password }} +kind: Secret +metadata: + name: oes-gate-secret + diff --git a/charts/oes/values.yaml b/charts/oes/values.yaml index 1c48f068..e1478a4c 100644 --- a/charts/oes/values.yaml +++ b/charts/oes/values.yaml @@ -1142,7 +1142,7 @@ spinnaker: ## Here basic ldap auth is used by default; everything under spinCli will be pasted in ~/.spin/config spinCli: gate: - endpoint: http://spin-gate:8084 # Should same as the spin-gate URL + endpoint: http://oes-gate:8084 # Should same as the spin-gate URL auth: enabled: true basic: From ed9837b9ca215863e8928de1d72f44ca74586766 Mon Sep 17 00:00:00 2001 From: abhinaybyrisetty Date: Mon, 6 Sep 2021 09:17:44 +0530 Subject: [PATCH 27/29] Fix cleanup issue and add condition in opa persist script --- charts/oes/templates/configmaps/opa-persist.yaml | 2 +- charts/oes/values.yaml | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/oes/templates/configmaps/opa-persist.yaml b/charts/oes/templates/configmaps/opa-persist.yaml index db427208..9f956f81 100644 --- a/charts/oes/templates/configmaps/opa-persist.yaml +++ b/charts/oes/templates/configmaps/opa-persist.yaml @@ -7,7 +7,7 @@ data: USERPASS="-u ${GATEUSER}:${GATEPASS}" curl $USERPASS $BASEURL/oes/v1/policies/list > listofpolicies.json #Get the policy NAMES - cat listofpolicies.json | jq .[] | jq -r .policyName > policies + [ -s "listofpolicies.json" ] && cat listofpolicies.json | jq .[] | jq -r .policyName > policies || echo "No policies exist"; sleep 3600 #for each NAME while read -e name; do #Get content diff --git a/charts/oes/values.yaml b/charts/oes/values.yaml index e1478a4c..0606db39 100644 --- a/charts/oes/values.yaml +++ b/charts/oes/values.yaml @@ -152,7 +152,7 @@ global: ## Use the below flag to exclude pre-delete helm hooks to the ## rendered manifests - preDeleteHelmHooks: false + preDeleteHelmHooks: true ############################################################################### ## Details of redis-master image for OES @@ -1146,5 +1146,5 @@ spinnaker: auth: enabled: true basic: - username: admin # Please updated as required - password: opsmxadmin123 # Please updated as required + username: admin # Please update as required + password: opsmxadmin123 # Please update as required From 42dc808049dc8807c43bc84e3b42a7d4276ece55 Mon Sep 17 00:00:00 2001 From: abhinaybyrisetty Date: Mon, 6 Sep 2021 14:12:09 +0530 Subject: [PATCH 28/29] Put sleep infinity so that container doesn't exist --- charts/oes/templates/configmaps/opa-persist.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/oes/templates/configmaps/opa-persist.yaml b/charts/oes/templates/configmaps/opa-persist.yaml index 9f956f81..258e4eec 100644 --- a/charts/oes/templates/configmaps/opa-persist.yaml +++ b/charts/oes/templates/configmaps/opa-persist.yaml @@ -7,7 +7,7 @@ data: USERPASS="-u ${GATEUSER}:${GATEPASS}" curl $USERPASS $BASEURL/oes/v1/policies/list > listofpolicies.json #Get the policy NAMES - [ -s "listofpolicies.json" ] && cat listofpolicies.json | jq .[] | jq -r .policyName > policies || echo "No policies exist"; sleep 3600 + [ -s "listofpolicies.json" ] && cat listofpolicies.json | jq .[] | jq -r .policyName > policies || echo "No policies exist"; sleep infinity #for each NAME while read -e name; do #Get content From 39afe2f2974ae41b48a46f9df773cb18532dbf73 Mon Sep 17 00:00:00 2001 From: abhinaybyrisetty Date: Mon, 6 Sep 2021 14:41:39 +0530 Subject: [PATCH 29/29] Update persistence logic of opa --- charts/oes/templates/configmaps/opa-persist.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/charts/oes/templates/configmaps/opa-persist.yaml b/charts/oes/templates/configmaps/opa-persist.yaml index 258e4eec..95507a39 100644 --- a/charts/oes/templates/configmaps/opa-persist.yaml +++ b/charts/oes/templates/configmaps/opa-persist.yaml @@ -7,7 +7,7 @@ data: USERPASS="-u ${GATEUSER}:${GATEPASS}" curl $USERPASS $BASEURL/oes/v1/policies/list > listofpolicies.json #Get the policy NAMES - [ -s "listofpolicies.json" ] && cat listofpolicies.json | jq .[] | jq -r .policyName > policies || echo "No policies exist"; sleep infinity + [ -s "listofpolicies.json" ] && (cat listofpolicies.json | jq .[] | jq -r .policyName > policies) #for each NAME while read -e name; do #Get content @@ -21,6 +21,7 @@ data: #update curl $USERPASS -X PUT -H "Content-Type: application/json" -d @update.json $BASEURL/oes/v1/policy/$ID done < policies + sleep infinity #endFOR kind: ConfigMap metadata: