From ac2be8ac28ebe9311400a83bef2a7ed127b8dd18 Mon Sep 17 00:00:00 2001 From: Dmitrii Zolotukhin Date: Fri, 22 May 2026 17:04:20 +0200 Subject: [PATCH 01/13] Prepared Release Notes for MxOK v2.27.0. --- .../private-cloud-cluster/_index.md | 170 ++++++------------ .../networking/_index.md | 31 ++-- ...private-cloud-advanced-ingress-settings.md | 2 +- .../networking/private-cloud-gateway.md | 107 +++++++++++ .../networking/private-cloud-openshift.md | 2 +- .../networking/private-cloud-services-only.md | 2 +- .../private-cloud/private-cloud-monitor.md | 41 +++-- .../private-cloud/private-cloud-operator.md | 55 ++++++ .../private-cloud-supported-environments.md | 32 +++- .../deployment/mendix-for-private-cloud.md | 16 ++ .../configure-gateway-route.png | Bin 0 -> 202703 bytes 11 files changed, 309 insertions(+), 149 deletions(-) create mode 100644 content/en/docs/deployment/private-cloud/private-cloud-cluster/networking/private-cloud-gateway.md create mode 100644 static/attachments/deployment/private-cloud/private-cloud-cluster/private-cloud-networking/configure-gateway-route.png diff --git a/content/en/docs/deployment/private-cloud/private-cloud-cluster/_index.md b/content/en/docs/deployment/private-cloud/private-cloud-cluster/_index.md index 855f60a830e..a14f85f05b7 100644 --- a/content/en/docs/deployment/private-cloud/private-cloud-cluster/_index.md +++ b/content/en/docs/deployment/private-cloud/private-cloud-cluster/_index.md @@ -216,123 +216,7 @@ If an app's MDA was built using a newer Java version, Mendix Operator 2.15.0 (an ### Endpoint (network) Configuration {#advanced-network-settings} -The OperatorConfiguration contains the following user-editable options for network configuration: - -When using **Ingress** for network endpoints: - -```yaml -apiVersion: privatecloud.mendix.com/v1alpha1 -kind: OperatorConfiguration -# ... -# omitted lines for brevity -# ... -spec: - # Endpoint (Network) configuration - endpoint: - # Endpoint type: ingress, openshiftRoute or service - type: ingress - # Optional, can be omitted: Service annotations - serviceAnnotations: - # example: custom AWS CLB configuration - service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp - service.beta.kubernetes.io/aws-load-balancer-ssl-cert: arn:aws:acm:eu-west-1:account:certificate/id - service.beta.kubernetes.io/aws-load-balancer-ssl-ports: "443" - # Ingress configuration: used only when type is set to ingress - ingress: - # Optional, can be omitted: annotations which should be applied to all Ingress Resources - annotations: - # default annotation: allow uploads of files up 500 MB in the NGINX Ingress Controller - nginx.ingress.kubernetes.io/proxy-body-size: 500m - # example: use the specified cert-manager ClusterIssuer to generate TLS certificates with Let's Encrypt - cert-manager.io/cluster-issuer: staging-issuer - # example: deny access to /rest-doc - nginx.ingress.kubernetes.io/configuration-snippet: | - location /rest-doc { - deny all; - return 403; - } - # App URLs will be generated for subdomains of this domain, unless an app is using a custom appURL - domain: mendix.example.com - # Enable or disable TLS - enableTLS: true - # Optional: name of a kubernetes.io/tls secret containing the TLS certificate - # This example is a template which lets cert-manager to generate a unique certificate for each app - tlsSecretName: '{{.Name}}-tls' - # Optional: specify the Ingress class name - ingressClassName: alb - # Optional, can be omitted : specify the Ingress path - path: "/" - # Optional, can be omitted : specify the Ingress pathType - pathType: ImplementationSpecific -# ... -# omitted lines for brevity -# ... -``` - -When using **OpenShift Routes** for network endpoints: - -```yaml -apiVersion: privatecloud.mendix.com/v1alpha1 -kind: OperatorConfiguration -spec: - # Endpoint (Network) configuration - endpoint: - # Endpoint type: ingress, openshiftRoute, or service - type: openshiftRoute - # OpenShift Route configuration: used only when type is set to openshiftRoute - openshiftRoute: - # Optional, can be omitted: annotations which should be applied to all Ingress Resources - annotations: - # example: use HSTS headers - haproxy.router.openshift.io/hsts_header: max-age=31536000;includeSubDomains;preload - # Optional: App URLs will be generated for subdomains of this domain, unless an app is using a custom appURL - domain: mendix.example.com - # Enable or disable TLS - enableTLS: true - # Optional: name of a kubernetes.io/tls secret containing the TLS certificate - # This example is the name of an existing secret, which should be a wildcard matching subdomains of the domain name - tlsSecretName: 'mendixapps-tls' -``` - -When using **Services** for network endpoints (without an Ingress or OpenShift route): - -```yaml -apiVersion: privatecloud.mendix.com/v1alpha1 -kind: OperatorConfiguration -spec: - # Endpoint (Network) configuration - endpoint: - # Endpoint type: ingress, openshiftRoute, or service - type: service - # Optional, can be omitted: the Service type - serviceType: LoadBalancer - # Optional, can be omitted: Service annotations - serviceAnnotations: - # example: annotations required for AWS NLB - service.beta.kubernetes.io/aws-load-balancer-type: external - service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: ip - service.beta.kubernetes.io/aws-load-balancer-scheme: internet-facing - # Optional, can be omitted: Service ports - servicePorts: - - 80 - - 443 -``` - -You can change the following options: - -* **type**: – select the Endpoint type, possible options are `ingress`, `openshiftRoute` and `service`; this parameter is also configured through the **Configuration Tool** -* **ingress**: - specify the Ingress configuration, required when **type** is set to `ingress` -* **openshiftRoute**: - specify the OpenShift Route configuration, required when **type** is set to `openshiftRoute` -* **annotations**: - optional, can be used to specify the Ingress or OpenShift Route annotations, can be a template: `{{.Name}}` will be replaced with the name of the CR for the Mendix app, and {{.Domain}} will be replaced with the application's domain name -* **serviceAnnotations**: - optional, can be used to specify the Service annotations, can be a template: `{{.Name}}` will be replaced with the name of the CR for the Mendix app, and {{.Domain}} will be replaced with the application's domain name -* **ingressClassName**: - optional, can be used to specify the Ingress Class name -* **path**: - optional, can be used to specify the Ingress path; default value is `/` -* **pathType**: - optional, can be used to specify the Ingress pathType; if not set, no pathType will be specified in Ingress objects -* **domain**: - optional for `openshiftRoute`, required for `ingress`, used to generate the app domain in case no app URL is specified; if left empty when using OpenShift Routes, the default OpenShift `apps` domain will be used; this parameter is also configured through the **Configuration Tool** -* **enableTLS**: - allows you to enable or disable TLS for the Mendix App's Ingress or OpenShift Route -* **tlsSecretName**: - optional name of a `kubernetes.io/tls` secret containing the TLS certificate, can be a template: `{{.Name}}` will be replaced with the name of the CR for the Mendix app; if left empty, the default TLS certificate from the Ingress Controller or OpenShift Router will be used -* **serviceType**: - can be used to specify the Service type, possible options are `ClusterIP` and `LoadBalancer`; if not specified, Services will be created with the `ClusterIP` type -* **servicePorts**: - can be used to specify a list of custom ports for the Service; if not specified, Services will use be created with port `8080` +Documentation how to use advanced network configuration settings has moved into the [Network Ingress Settings section](/developerportal/deploy/private-cloud-cluster/private-cloud-ingress-settings/). {{% alert color="info" %}} When switching between Ingress and OpenShift Routes, you need to [restart the Mendix Operator](#restart-after-changing-network-cr) for the changes to be fully applied. @@ -938,6 +822,58 @@ Alternatively, for Standalone clusters, pod labels can be specified in the `Mend The Mendix Operator uses some labels for internal use. To avoid conflicts with these internal pod labels, please avoid using labels starting with the `privatecloud.mendix.com/` prefix. {{% /alert %}} +### Pod annotations {#pod-annotations} + +#### General Pod Annotations + +Mendix Operator version 2.27.0 or above allows you to specify default pod annotations for app-related pods: task pods (build and storage provisioners) and runtime (app) pods. + +To specify default pod annotations for a namespace, specify them in `customPodAnnotations.general` in `OperatorConfiguration`: + +```yaml +apiVersion: privatecloud.mendix.com/v1alpha1 +kind: OperatorConfiguration +spec: + # ... + # Other configuration options values + # Optional: custom pod annotations + customPodAnnotations: + # Optional: general pod annotations (applied to all app-related pods) + general: + # Example: use FQDN instead of IP addresses when communicating with the Kubernetes API server + kubernetes.azure.com/set-kube-service-host-fqdn: "true" +``` + +Alternatively, for Standalone clusters, pod annotations can be specified in the `MendixApp` CR for a specific app. + +{{% alert color="warning" %}} +The Mendix Operator uses some labels for internal use. To avoid conflicts with these internal pod annotations, please avoid using labels starting with the `privatecloud.mendix.com/` prefix. +{{% /alert %}} + +### Node selector {#node-selector} + +#### General Node Selector + +Mendix Operator version 2.27.0 or above allows you to specify default `nodeSelector` for app-related pods: task pods (build and storage provisioners) and runtime (app) pods. + +To specify default pod `nodeSelector` configuration for a namespace, specify them in `customPodNodeSelector.general` in `OperatorConfiguration`: + +```yaml +apiVersion: privatecloud.mendix.com/v1alpha1 +kind: OperatorConfiguration +spec: + # ... + # Other configuration options values + # Optional: custom pod nodeSelector + customPodNodeSelector: + # Optional: general pod nodeSelector (applied to all app-related pods) + general: + # Example: use Amazon EKS Auto Mode + eks.amazonaws.com/compute-type: auto +``` + +Alternatively, for Standalone clusters, pod `nodeSelector` configuration can be specified in the `MendixApp` CR for a specific app. + ### Delaying App Shutdown {#termination-delay} In some situations, shutting down a replica immediately can cause isses. For example, the [Azure Gateway Ingress Controller](https://azure.github.io/application-gateway-kubernetes-ingress/how-tos/minimize-downtime-during-deployments/) needs up to 90 seconds to remove a pod from its routing table. Stopping an app pod immediately would still send traffic to the pod for a few minutes, causing random 502 errors to appear in the client web browser. diff --git a/content/en/docs/deployment/private-cloud/private-cloud-cluster/networking/_index.md b/content/en/docs/deployment/private-cloud/private-cloud-cluster/networking/_index.md index eb53809a173..d67a97beb94 100644 --- a/content/en/docs/deployment/private-cloud/private-cloud-cluster/networking/_index.md +++ b/content/en/docs/deployment/private-cloud/private-cloud-cluster/networking/_index.md @@ -8,7 +8,7 @@ weight: 10 ## Introduction -Based on your organization's networking and security needs, you must configure the available networking components of your Mendix web applications to be accessible to end users, either over a private network or the Internet. This article describes three possible network configurations: Kubernetes Ingress, OpenShift Routes, and Service-Only. Each configuration is tailored to meet specific use cases. +Based on your organization's networking and security needs, you must configure the available networking components of your Mendix web applications to be accessible to end users, either over a private network or the Internet. This article describes three possible network configurations: Kubernetes Ingress, Gateway Routes, OpenShift Routes, and Service-Only. Each configuration is tailored to meet specific use cases. ## Prerequisites @@ -22,6 +22,8 @@ Mendix on Kubernetes supports the following Ingress configurations: {{< figure src="/attachments/deployment/private-cloud/private-cloud-cluster/private-cloud-networking/k8s-ingress.png" class="no-border" >}} +* [Gateway Routes](/developerportal/deploy/private-cloud-cluster/private-cloud-ingress-settings/gateway-route/) - A next generation Kubernetes standard for Ingresses and load balancing. Supported by Mendix Operator v2.27.0 or later versions. + * [OpenShift Routes](/developerportal/deploy/private-cloud-cluster/private-cloud-ingress-settings/openshift/) - The OpenShift-native method for exposing services externally provides a more streamlined setup, though it offers less flexibility compared to Kubernetes Ingress. {{< figure src="/attachments/deployment/private-cloud/private-cloud-cluster/private-cloud-networking/openshift-routes.png" class="no-border" >}} @@ -42,17 +44,17 @@ The following table compares the functionality of the three supported options, i When switching between Ingress, OpenShift Routes, and Service Only, you must restart the Mendix Operator for the changes to be fully applied. {{% /alert %}} -| Feature | Kubernetes Ingress | Openshift Routes | Service Only | -| --- | --- | --- | --- | -| Ease of use | Requires setup, but offers more flexibility. | Simplest option for OpenShift users, built-in. | Fine-grained control over networking and security offers maximum flexibility, but requires significant effort and expertise to configure and maintain. Note that the networking setup beyond the Mendix Operator's scope, up to the service object, is not supported by Mendix. | -| Native cloud integration | Can integrate with cloud-native services like AWS Application Load Balancer. | No direct integration with cloud providers. | Full control over networking setup. | -| Performance and scalability | Scales with cloud load balancers, better supports horizontal scaling. | Limited to OpenShift Router performance. | Full flexibility - scales according to your load balancer and proxy setup. | -| Supported providers | [NGINX Ingress Controller](https://kubernetes.github.io/ingress-nginx/); [Traefik](https://traefik.io/traefik/); [AWS Application Load Balancer](https://docs.aws.amazon.com/eks/latest/userguide/alb-ingress.html); [Ingress for External Application Load Balancer](https://cloud.google.com/kubernetes-engine/docs/concepts/ingress-xlb); [Azure Application Gateway Ingress Controller](https://learn.microsoft.com/en-us/azure/application-gateway/ingress-controller-overview) | [OpenShift Router (HAProxy-based Ingress Controller)](https://docs.openshift.com/container-platform/4.17/networking/networking_operators/ingress-operator.html) | None | -| TLS/SSL termination | Can leverage cloud provider-managed TLS; supports Cert-Manager. | Supported with OpenShift's HAProxy router. | Fully flexible but requires manual setup; TLS can terminate at application load balancer, network load balancer, or app level | -| Security (WAF, ACLs, Auth) | More advanced security integrations (for example AWS Web Application Firewall, authentication). | Basic access control via OpenShift OAuth. | Full control - can integrate with AWS Web Application Firewall, API Gateway, authentication proxies with manual configuration. | -| Traffic splitting | Fully supported through ingress rules. | Supported through HAProxy-based Route annotations. | Depends on external networking setup. | -| External DNS support | Some ingress controllers (for example, application load balancers) support native DNS updates. | Requires ExternalDNS integration. | Fully configurable - can use ExternalDNS, Amazon Route 53, or others. | -| Custom annotations | Supports Kubernetes Ingress annotations, provider-specific features.| Supports OpenShift-specific annotations. | No restrictions - fully customizable in external networking. | +| Feature | Kubernetes Ingress | Gateway Routes | Openshift Routes | Service Only | +| --- | --- | --- | --- | --- | +| Ease of use | Requires setup, but offers more flexibility. | Requires setup, offers flexibility with separation of scope by [roles and personas](https://gateway-api.sigs.k8s.io/docs/concepts/roles-and-personas/) | Simplest option for OpenShift users, built-in. | Fine-grained control over networking and security offers maximum flexibility, but requires significant effort and expertise to configure and maintain. Note that the networking setup beyond the Mendix Operator's scope, up to the service object, is not supported by Mendix. | +| Native cloud integration | Can integrate with cloud-native services like AWS Application Load Balancer. | Can integrate with cloud-native services like AWS Application Load Balancer. | No direct integration with cloud providers. | Full control over networking setup. | +| Performance and scalability | Scales with cloud load balancers, better supports horizontal scaling. | Scales with cloud load balancers, better supports horizontal scaling. | Limited to OpenShift Router performance. | Full flexibility - scales according to your load balancer and proxy setup. | +| Supported providers | [NGINX Ingress Controller](https://kubernetes.github.io/ingress-nginx/); [Traefik](https://traefik.io/traefik/); [AWS Application Load Balancer](https://docs.aws.amazon.com/eks/latest/userguide/alb-ingress.html); [Ingress for External Application Load Balancer](https://cloud.google.com/kubernetes-engine/docs/concepts/ingress-xlb); [Azure Application Gateway Ingress Controller](https://learn.microsoft.com/en-us/azure/application-gateway/ingress-controller-overview) | [Gateway API v1.4 compliant implementations](https://gateway-api.sigs.k8s.io/docs/implementations/versions/v1.4/) | [OpenShift Router (HAProxy-based Ingress Controller)](https://docs.openshift.com/container-platform/4.17/networking/networking_operators/ingress-operator.html) | None | +| TLS/SSL termination | Can leverage cloud provider-managed TLS; supports Cert-Manager. | Configured in the Gateway [listener](https://gateway-api.sigs.k8s.io/guides/user-guides/tls/#listeners-and-tls) by the cluster operator | Supported with OpenShift's HAProxy router. | Fully flexible but requires manual setup; TLS can terminate at application load balancer, network load balancer, or app level | +| Security (WAF, ACLs, Auth) | More advanced security integrations (for example AWS Web Application Firewall, authentication). | Provided by the Gateway implementation | Basic access control via OpenShift OAuth. | Full control - can integrate with AWS Web Application Firewall, API Gateway, authentication proxies with manual configuration. | +| Traffic splitting | Fully supported through ingress rules. | Fully supported. | Supported through HAProxy-based Route annotations. | Depends on external networking setup. | +| External DNS support | Some ingress controllers (for example, application load balancers) support native DNS updates. | Fully configurable - can use ExternalDNS, Amazon Route 53, or others. | Requires ExternalDNS integration. | Fully configurable - can use ExternalDNS, Amazon Route 53, or others. | +| Custom annotations | Supports Kubernetes Ingress annotations, provider-specific features. | Gateway implementations typically use vendor-specific CRDs, annotations are supported as well. | Supports OpenShift-specific annotations. | No restrictions - fully customizable in external networking. | ## Recommended Configuration @@ -75,6 +77,9 @@ While OpenShift Routes are a viable option, we recommend NGINX Ingress Controlle OpenShift Routes remain a suitable choice if meet your current needs and you do not require advanced features. {{% /alert %}} +If your cluster has a configured and working Gateway API implementation, using it might be a preferrable option. +The Gateway API standardized typical use cases, and the Mendix Operator only uses HTTPRoute features defined in the [v1.4 standard](https://gateway-api.sigs.k8s.io/reference/api-spec/1.4/spec/), without relying on any vendor-specific feature. + ## Known Issues * AWS Application Load Balancers do not work correctly with HTTP2 WebSockets. @@ -83,3 +88,5 @@ OpenShift Routes remain a suitable choice if meet your current needs and you do * Some application load balancer firewall rules can block file uploads or other Mendix app features. * Linkerd does not work correctly with AWS Application Load Balancer and Azure Gateway Ingress Controller. +* Some Gateway API implementations don't fully implement the base v1.4 spec, or are experimental (unsupported) + diff --git a/content/en/docs/deployment/private-cloud/private-cloud-cluster/networking/private-cloud-advanced-ingress-settings.md b/content/en/docs/deployment/private-cloud/private-cloud-cluster/networking/private-cloud-advanced-ingress-settings.md index 8a3b96d0d68..7e8bd86b6f5 100644 --- a/content/en/docs/deployment/private-cloud/private-cloud-cluster/networking/private-cloud-advanced-ingress-settings.md +++ b/content/en/docs/deployment/private-cloud/private-cloud-cluster/networking/private-cloud-advanced-ingress-settings.md @@ -3,7 +3,7 @@ title: "Advanced Ingress Settings in Mendix on Kubernetes" linktitle: "Advanced Settings" url: /developerportal/deploy/private-cloud-cluster/private-cloud-ingress-settings/advanced/ description: "Describes how to configure advanced Ingress settings." -weight: 40 +weight: 50 --- ## Introduction diff --git a/content/en/docs/deployment/private-cloud/private-cloud-cluster/networking/private-cloud-gateway.md b/content/en/docs/deployment/private-cloud/private-cloud-cluster/networking/private-cloud-gateway.md new file mode 100644 index 00000000000..679f3ed41e4 --- /dev/null +++ b/content/en/docs/deployment/private-cloud/private-cloud-cluster/networking/private-cloud-gateway.md @@ -0,0 +1,107 @@ +--- +title: "Gateway Routes in Mendix on Kubernetes" +linktitle: "Gateway Routes" +url: /developerportal/deploy/private-cloud-cluster/private-cloud-ingress-settings/gateway-route/ +description: "Describes how to configure Gateway HTTPRoutes for Mendix on Kubernetes." +weight: 20 +--- + +## Introduction + +Gateway API is the successor to the Ingress API. Gateway API splits configuration across different roles: + +* _cluster operators_ manage **Gateway** resources, configuring central rules and policies such as TLS and IP filtering; +* _application developers_ manage **HTTPRoute** resources, specifying confuguration relevant for a specific destination, such as a Mendix app environment. + +{{% alert color="info" %}} +Gateway API is supported by Mendix Operator version 2.27.0 and newer. +{{% /alert %}} + +## What is Kubernetes Gateway? + +In a Mendix environment, the Mendix Operator automatically creates both the Service and HTTPRoute resources based on the app environment's configuration. The Service defines how traffic is routed to application pods within the cluster, while the HTTPRoute links the app to a specific Gateway and configures relevant HTTP options. + +The Gateway resource, and the gateway controller (implementation) needs to be created and configured by the cluster admin, the Mendix Operator will only manage HTTPRoute resources and link them to a Gateway resource via the `parentRefs` field. + +For each app environment, the URL is automatically generated based on the domain name. For example, if the domain name is set to `mendix.example.com`, the apps have URLs such as `myapp1-dev.mendix.example.com`, `myapp1-prod.mendix.example.com`, and so on. + +To ensure proper routing, the DNS server must be configured to direct all subdomains (`*.mendix.example.com`) to the Gateway or Load Balancer. This option is easy to configure, and adding new apps or changing domain names works instantly. Alternatively, you can manage DNS records with Kubernetes External DNS. + +## Basic Installation and Configuration + +Refer to the installation and configuration guide of your Gateway implementation. +Any Gateway [implementations](https://gateway-api.sigs.k8s.io/docs/implementations/list/) that implements support for HTTPRoute resources and Gateway API v1.4 should be compatible with the Mendix Operator. + +### Configuring Gateway HTTPRoute in the Mxpc-cli Tool + +To use the Gateway and configure how Mendix on Kubernetes should use HTTPRoutes, set up the following settings: + +* **Enable TLS** - Enable if the Gateway supports TLS: this will use `https://` in the AppURL by default. TLS options such as HTTP-to-HTTPS redirection, HSTS and certificates will need to be configured on the Gateway level. +* **Domain** - Provide the default domain name which you want to use for new apps. For existing apps, the domain name and HTTP path can be configured on a per-app basis. +* In the **Gateway Route Parent Reference**, specify settings for the HTTPRoute's [parentRefs](https://gateway-api.sigs.k8s.io/reference/api-spec/1.4/spec/#parentreference). This would typically be a Gateway resource configured by a cluster admin. + * **Group** specifies the ParentReference `group` value (usually `gateway.networking.k8s.io`). + * **Kind** specifies the ParentReference `kind` value (usually `Gateway`). + * **Name** and **Namespace** specify the existing ParentReference's Kubernetes name and namespace. + +{{< figure src="/attachments/deployment/private-cloud/private-cloud-cluster/private-cloud-networking/configure-gateway-route.png" class="no-border" >}} + +Additionally, you can set additional settings in the **gatewayRoute** section of your OperatorConfiguration. The following section shows an example configuration. Adjust them as needed based on your specific requirements. + +```text +apiVersion: privatecloud.mendix.com/v1alpha1 +kind: OperatorConfiguration +# ... +# omitted lines for brevity +# ... +spec: + # Endpoint (Network) configuration + endpoint: + type: gatewayRoute + gatewayRoute: + # The following parameters are already configured by mxpc-cli + domain: mendix.example.com + enableTLS: true + gatewayParentReference: + group: gateway.networking.k8s.io + kind: Gateway + name: example-gateway + namespace: kube-ingress + # Additional configuration + # Modify response headers + gatewayRouteResponseHeaderModifiers: + # Specify configuration for a Gateway ResponseHeaderModifier + # For more detauls, see https://gateway-api.sigs.k8s.io/guides/user-guides/http-header-modifier/#http-response-header-modifier + add: + # Add the following headers to all requests + "X-response-header-1": "example-value-1" + "X-response-header-2": "example-value-2" + set: + # Set the following headers to in all requests (overwriting existing values if present) + # This is where security headers such as HSTS would typically be specified + "X-response-header-3": "example-value-3" + "X-response-header-4": "example-value-4" + remove: + # Remove the following headers + - "X-response-header-5" + - "X-response-header-6" + # Modify request headers + gatewayRouteRequestHeaderModifiers: + # Specify configuration for a Gateway RequestHeaderModifier + # For more detauls, see https://gateway-api.sigs.k8s.io/guides/user-guides/http-header-modifier/#http-request-header-modifier + add: + # Add the following headers to all requests + "X-request-header-1": "example-value-1" + "X-request-header-2": "example-value-2" + set: + # Set the following headers to in all requests (overwriting existing values if present) + "X-request-header-3": "example-value-3" + "X-request-header-4": "example-value-4" + remove: + # Remove the following headers + - "X-request-header-5" + - "X-request-header-6" +# ... +# omitted lines for brevity +# ... +``` + diff --git a/content/en/docs/deployment/private-cloud/private-cloud-cluster/networking/private-cloud-openshift.md b/content/en/docs/deployment/private-cloud/private-cloud-cluster/networking/private-cloud-openshift.md index 993f6dab806..a01b4232e46 100644 --- a/content/en/docs/deployment/private-cloud/private-cloud-cluster/networking/private-cloud-openshift.md +++ b/content/en/docs/deployment/private-cloud/private-cloud-cluster/networking/private-cloud-openshift.md @@ -3,7 +3,7 @@ title: "OpenShift Route in Mendix on Kubernetes" linktitle: "OpenShift Route" url: /developerportal/deploy/private-cloud-cluster/private-cloud-ingress-settings/openshift/ description: "Describes how to configure OpenShift routes for Mendix on Kubernetes." -weight: 20 +weight: 30 --- ## Introduction diff --git a/content/en/docs/deployment/private-cloud/private-cloud-cluster/networking/private-cloud-services-only.md b/content/en/docs/deployment/private-cloud/private-cloud-cluster/networking/private-cloud-services-only.md index 45ffa667194..1e16461b619 100644 --- a/content/en/docs/deployment/private-cloud/private-cloud-cluster/networking/private-cloud-services-only.md +++ b/content/en/docs/deployment/private-cloud/private-cloud-cluster/networking/private-cloud-services-only.md @@ -3,7 +3,7 @@ title: "Service without Ingress in Mendix on Kubernetes" linktitle: "Service Only" url: /developerportal/deploy/private-cloud-cluster/private-cloud-ingress-settings/services-only/ description: "Describes how to configure Mendix on Kubernetes to create services without an Ingress." -weight: 30 +weight: 40 --- ## Introduction diff --git a/content/en/docs/deployment/private-cloud/private-cloud-monitor.md b/content/en/docs/deployment/private-cloud/private-cloud-monitor.md index 9e2554a8ede..dda064fac5d 100644 --- a/content/en/docs/deployment/private-cloud/private-cloud-monitor.md +++ b/content/en/docs/deployment/private-cloud/private-cloud-monitor.md @@ -29,15 +29,15 @@ You can customize this solution to match the requirements of your team or organi Mendix Operator v2.4.0 and above offers several modes for collecting and generating metrics. -| Mode | Native | Compatibility | -| ------------------------- | ---------------- | ---------------------- | -| Mendix Operator version | v2.4.0 and above | v2.1.0 and above | -| Supported Mendix versions | 9.7 and above | 7.23 and above | -| Metrics activities | Yes | No | -| Microflow execution times | Yes | No | -| Custom metrics | Yes | No | -| Rigid format | No | Yes | -| Metrics generated by | Mendix Runtime | `m2ee-metrics` sidecar | +| Mode | Native | Compatibility (deprecated) | +| ------------------------- | ---------------- | -------------------------- | +| Mendix Operator version | v2.4.0 and above | v2.1.0 to v2.26.1 | +| Supported Mendix versions | 9.7 and above | 7.23 and above | +| Metrics activities | Yes | No | +| Microflow execution times | Yes | No | +| Custom metrics | Yes | No | +| Rigid format | No | Yes | +| Metrics generated by | Mendix Runtime | `m2ee-metrics` sidecar | Mendix 9.7 and above can generate [Prometheus metrics](/refguide/metrics/) directly in the Runtime, which allows the generation of custom or [app-specific metrics](/refguide/metrics-activities/). Setting the metrics generation of a Mendix on Kubernetes environment to `native` mode will collect Prometheus metrics directly from the Mendix Runtime. @@ -52,6 +52,12 @@ The metrics names and labels generated by the `m2ee-metrics` sidecar are rigid a For backwards compatibility reasons, `native` and `compatibility` metrics use different labels and metrics names. Each mode requires a separate dashboard. +{{% alert color="warning" %}} +Mendix Operator v2.27.0 removed support for `compatibility` metrics. + +If you're planning to upgrade to Mendix Operator v2.27.0 (or a later version), switch environments to `native` mode, and update your dashboards accordingly. +{{% /alert %}} + ## Installing Monitoring Tools{#install-grafana-loki} If you already have installed Prometheus, Loki, and Grafana in your cluster, you can skip this section and go directly to [enable metrics scraping](#enable-metrics-scraping). @@ -391,8 +397,8 @@ The reference dashboards are compatible with Prometheus installed as described i To install the reference dashboard, download the dashboard JSON to a local file using the links below. There are two dashboards available at the moment. If necessary you can install both at the same time: -* [compatibility mode dashboard](https://cdn.mendix.com/mendix-for-private-cloud/grafana-dashboard/mendix_app_dashboard_compatibility-1.1.1.json) for metrics generated in compatibility mode * [native dashboard](https://cdn.mendix.com/mendix-for-private-cloud/grafana-dashboard/mendix_app_dashboard_native-1.2.0.json) for metrics generated in native mode +* (deprecated) [compatibility mode dashboard](https://cdn.mendix.com/mendix-for-private-cloud/grafana-dashboard/mendix_app_dashboard_compatibility-1.1.1.json) for metrics generated in compatibility mode [Import](https://grafana.com/docs/grafana/latest/dashboards/export-import/#import-dashboard) the downloaded JSON into Grafana: @@ -509,15 +515,18 @@ spec: # … ``` -{{% alert color="info" %}}When Mendix Operator v2.4.0 is installed into a new namespace, it will use `native` metrics by default. -However, if Mendix Operator v2.3.\* or below is upgraded to v2.4.0 or above, the upgrade process will set the default metrics mode to `compatibility`. -This way, upgrading an older Mendix Operator will not change the way it generates metrics.{{% /alert %}} +{{% alert color="info" %}}Starting from Mendix Operator v2.27.0, only the `native` mode is supported. +Installing or upgrading to Operator v2.27.0 or a later version will switch the default metrics mode to `native`.{{% /alert %}} -### Compatibility Metrics Mode +{{% alert color="info" %}}This way, upgrading an older Mendix Operator will not change the way it generates metrics.{{% /alert %}} + +### Compatibility Metrics Mode (deprecated) To enable `compatibility` metrics mode, set the `mode` attribute to `compatibility`. In this mode, all other `runtimeMetricsConfiguration` attributes are ignored. +Compatibility mode is removed in Mendix Operator v2.27.0. + #### Enable Compatibility Metrics in Connected Mode 1. Open your app in [Apps](https://sprintr.home.mendix.com/). @@ -632,7 +641,7 @@ It is also possible to add extra tags (Prometheus labels) by specifying them in 1. Open your app in [Apps](https://sprintr.home.mendix.com/). 2. Go to the **Environments** page. -3. Click **Details** next to the environment where compatibility mode should be used. +3. Click **Details** next to the environment where native mode should be used. {{< figure src="/attachments/deployment/private-cloud/private-cloud-monitor/environment-overview.png" class="no-border" >}} @@ -648,7 +657,7 @@ It is also possible to add extra tags (Prometheus labels) by specifying them in {{< figure src="/attachments/deployment/private-cloud/private-cloud-monitor/environment-metrics-default.png" class="no-border" >}} -7. Set **Mode** to **default**, then click **Save**. +7. Set **Mode** to **native**, then click **Save**. {{< figure src="/attachments/deployment/private-cloud/private-cloud-monitor/environment-metrics-mode-native.png" class="no-border" >}} diff --git a/content/en/docs/deployment/private-cloud/private-cloud-operator.md b/content/en/docs/deployment/private-cloud/private-cloud-operator.md index 73b14d43b27..e7840346afe 100644 --- a/content/en/docs/deployment/private-cloud/private-cloud-operator.md +++ b/content/en/docs/deployment/private-cloud/private-cloud-operator.md @@ -150,6 +150,7 @@ spec: pinTo: # Optional, list of web services or domain names where this certificate should be used - "www.example.com" - "service.www.example.com" + - certificateSecret: "example-api-secret" # use the example-api-secret Kubernetes secret as a client certificate for TLS authenticaiton # All custom Mendix Runtime parameters go here, in JSON format; validated and applied by the mx-m2ee-sidecar container customConfiguration: |- { @@ -170,6 +171,9 @@ spec: customPodLabels: # Optional: custom pod labels general: # Optional: general pod labels (applied to all app-related pods) azure.workload.identity/use: "true" # Example: enable Azure Workload Identity + customPodNodeSelector: # Optional: custom pod nodeSelector + general: # Optional: general pod nodeSelector (applied to all app-related pods) + eks.amazonaws.com/compute-type: auto # Example: use Amazon EKS Auto Mode runtimeLicenseProduct: # Optional: Specify the type of product required for the Runtime License. This is applicable when PCLM is used for licensing. By default, the value is set to Standard, if left empty deploymentStrategy: # Optional: Specify a deployment strategy to reduce app downtime switchoverThreshold: 50% @@ -235,6 +239,8 @@ You must make the following changes: * **jettyOptions** and **customConfiguration** - If you have any custom Mendix Runtime parameters, you must add them to this section. Otions for the Mendix runtime must be provided in JSON format. See the examples in the CR for the correct format and the information below for more information on [setting app constants](#set-app-constants) and [configuring scheduled events](#configure-scheduled-events). * **environmentVariables** - Set the environment variables for the Mendix app container, and JVM arguments through the `JAVA_TOOL_OPTIONS` environment variable. * **clientCertificates** - Specify client certificates to be used for TLS calls to Web Services and REST services. + * When **key** and **password** are specified, will use the client TLS certificate specified directly in the **MendixApp** CR. + * When **certificateSecret** is specified without **key** and **password**, will load a client TLS certificate from the specified Kubernetes Secret. This feature requires Mendix Operator 2.27 or newer. * **runtimeMetricsConfiguration** - Specify how metrics should be collected. Any non-empty values override the [default values](/developerportal/deploy/private-cloud-cluster/#customize-runtime-metrics) from `OperatorConfiguration`. Refer to [Monitoring Environments in Mendix on Kubernetes](/developerportal/deploy/private-cloud-monitor/) for details on how to monitor your environment. * **runtimeLeaderSelection** - Specify how the leader replica should be selected. The following options are available: * `assigned` (default mode) - The `master` deployment runs one leader replica, while the `worker` deployment runs all additional replicas. @@ -242,6 +248,8 @@ You must make the following changes: * `leaderless` - A mode where the nodes dynamically choose a leader. This feature is in preview mode. It requires Mendix Runtime 10.24 or newer, and Mendix Operator 2.23 or newer. * **customPodLabels** - Specify additional pod labels. Avoid using labels that start with the `privatecloud.mendix.com/` prefix. * **general** - Specify additional labels for all pods of the app. +* **customPodNodeSelector** - Specify pod `nodeSelector` configuration. + * **general** - Specify `nodeSelector` configuration for all pods of the app. * **deploymentStrategy** - Specify parameters for the deployment strategy. For more information, see the [reduced downtime deployment](/developerportal/deploy/private-cloud-reduced-downtime/#deployment-strategy-in-standalone) documentation. * **podDisruptionBudget** - Specify parameters for the pod disruption budget. For more information, see the [reduced downtime deployment](/developerportal/deploy/private-cloud-reduced-downtime/#pod-disruption-budget-in-standalone) documentation. * **runtimeReadOnlyRootFilesystem** - Specify if the Runtime container should mount the root filesystem in [read-only mode](/developerportal/deploy/private-cloud-cluster/#readonlyrootfs). @@ -299,6 +307,53 @@ spec: The **MyScheduledEvents** value should be removed from **customConfiguration** if **ScheduledEventExecution** is set to `ALL` or `NONE`. +#### Loading client certificates from a Kubernetes secret{#client-cert-from-k8s-secret} + +Instead of providing a client certificate directly in the MendixApp CR, Mendix Operator 2.27.0 (and newer versions) can load the client certificate from an existing Kubernetes secret. + +First, create a Kubernetes secret with the following contents: + +```yaml +kind: Secret +apiVersion: v1 +metadata: + # Specify the secret name + name: example-api-secret + annotations: + # Specify that this secret is safe to use as a Mendix app environment client cert + privatecloud.mendix.com/environment-client-cert: 'true' +stringData: + # base64-encoded PKCS12 certificate + key: Q0VSVElGSUNBVEU= + # base64-encoded password for the certificate, cannot be empty + password: Q2hhbmdlLW1lNDI= + # Optional, list of web services or domain names where this certificate should be used + pinTo: "www.example.com,service.www.example.com" +``` + +To allow an application to use the secret, it needs a `privatecloud.mendix.com/environment-client-cert: true` annotation. For security reasons, any secret referenced by a MendixApp CR but without this annotation cannot be attached to environments. + +{{% alert color="info" %}} +This example provides contents of a Kubernetes secret as a `stringData`, and Kubernetes will base64-encode the contents again when viewing the secret contents. +If you read the secret and see `data` instead of `stringData`, the values of the `key` and `password` fields will be base64-encoded twice. + +This is done on purpose: to ensure a binary PKCS12 file can be safely stored and edited as a plaintext string. +{{% /alert %}} + + +```yaml +apiVersion: privatecloud.mendix.com/v1alpha1 +kind: MendixApp +metadata: + name: example-mendixapp +spec: + runtime: + clientCertificates: + # Specify the name of the secret created above + - certificateSecret: "example-api-secret" +``` + +The **MyScheduledEvents** value should be removed from **customConfiguration** if **ScheduledEventExecution** is set to `ALL` or `NONE`. ### Building and Deploying Your App You now need to supply the CR you have just created to the platform so that the Mendix Operator can use it to build and deploy the app. diff --git a/content/en/docs/deployment/private-cloud/private-cloud-supported-environments.md b/content/en/docs/deployment/private-cloud/private-cloud-supported-environments.md index f4310608221..bf436f1990e 100644 --- a/content/en/docs/deployment/private-cloud/private-cloud-supported-environments.md +++ b/content/en/docs/deployment/private-cloud/private-cloud-supported-environments.md @@ -36,7 +36,7 @@ If deploying to Red Hat OpenShift, you need to specify that specifically when cr Mendix on Kubernetes Operator `v2.*.*` is the latest version which officially supports: -* Kubernetes versions 1.19 through 1.35 +* Kubernetes versions 1.19 through 1.36 * OpenShift 4.6 through 4.21 {{% alert color="warning" %}} @@ -418,6 +418,36 @@ There are multiple ways of managing TLS certificates: Starting from Mendix Operator v1.11.0, Mendix app environments can use a [Linkerd](https://linkerd.io/) Service Mesh. Linkerd can be used to monitor and re-encrypt HTTP (or HTTPs) traffic between the Ingress Controller and the Pod running a Mendix app. +### Gateway API + +Starting from Mendix Operator v2.27.0, the [Gateway API](https://gateway-api.sigs.k8s.io/) is supported. + +For each environment, the Mendix Operator will create and manage an [HTTPRoute](https://gateway-api.sigs.k8s.io/reference/api-types/httproute/) resource. + +Mendix Operator only uses API features that are defined in the official Gateway API [v1.4 standard](https://gateway-api.sigs.k8s.io/reference/api-spec/1.4/spec/), and doesn't rely on any other features. +Any implementation complint with the Gateway API v1.4 spec should be compatible with HTTPRoute objects created and managed by the Mendix Operator. +For more information, refer to the documentation of your Gateway API implementation, or check the status on the [Gateway API Implementations list](https://gateway-api.sigs.k8s.io/docs/implementations/list/). + +When using the Gateway API, it is possible to do the following: + +* Enable TLS (use the `https://` schema in app URLs) +* Add service annotations +* Speficy the HTTPRoute [parentRefs](https://gateway-api.sigs.k8s.io/reference/api-spec/1.4/spec/#httproutespec), to specify which Gateway to use +* Provide a domain name (for example, mendix.example.com) +* Configure request and response [HTTPHeaderFilters](https://gateway-api.sigs.k8s.io/reference/api-spec/1.4/spec/#httpheaderfilter) + +For each environment, the URL will be automatically generated based on the domain name. +For example, if the domain name is set to mendix.example.com, then apps will have URLs such as myapp1-dev.mendix.example.com, myapp1-prod.mendix.example.com and so on. + +The DNS server should be configured to route all subdomains (the `*` subdomain, for example, `*.mendix.example.com`) to the ingress/load balancer. + +{{% alert color="warning" %}} +HTTPRoute resources don't provide any APIs to manage or set TLS configuration. +In the Gateway API resource model, TLS certificates are managed by the _cluster operator_ persona, usually via the Gateway resource. + +This is intentional, allowing Cluster Operators to manage security policies and settings from a central location. +{{% /alert %}} + ### Service Only Mendix on Kubernetes can create Services without an Ingress. diff --git a/content/en/docs/releasenotes/deployment/mendix-for-private-cloud.md b/content/en/docs/releasenotes/deployment/mendix-for-private-cloud.md index 03717d4cf46..505d560a4c1 100644 --- a/content/en/docs/releasenotes/deployment/mendix-for-private-cloud.md +++ b/content/en/docs/releasenotes/deployment/mendix-for-private-cloud.md @@ -12,6 +12,22 @@ For information on the current status of deployment to Mendix on Kubernetes and ## 2026 +### May ???, 2026 + +#### Mendix Operator v2.27.0 {#2.27.0} + +* We have added support for the Kubernetes Gateway API. +* We have added an option to load client certificates from Kubernetes secrets created on the cluster side. +* We have added an option to specify default `nodeSelectors` for pods created and managed by the Operator. +* We have added an option to specify default labels for pods created and managed by the Operator. +* We have addressed and issue where enabling OpenTelemetry auto-instrumentation would show a "processing" spinner on the Runtime status. +* We have updated components to use the latest dependency versions in order to improve security score ratings for container images. +* We have updated the list of supported platforms to include Kubernetes 1.36. + +#### Deprecations + +* We removed support for the **compatibility** Prometheus metrics mode. Any environments still using **compatibility** metrics should be switched into **native** metrics mode. + ### May 21, 2026 #### License Manager CLI v0.10.10 {#0.10.10} diff --git a/static/attachments/deployment/private-cloud/private-cloud-cluster/private-cloud-networking/configure-gateway-route.png b/static/attachments/deployment/private-cloud/private-cloud-cluster/private-cloud-networking/configure-gateway-route.png new file mode 100644 index 0000000000000000000000000000000000000000..bcb89f21e17f08e0193feeb963b04d1f381f38d5 GIT binary patch literal 202703 zcmd42by!=?+CEBYDOO5>;sshLw1q;@P#lUBch}+;+`Ul2-MzRw2@Zvp;O-V$AOr}I zqQNXb7;du!!VjrPQ&o?t`$f z?)l^0$E3u`w_yT;DqBfORXIt?r>d?_R<j@y_s{HlO^D0wXfLecIPP@_xaUhU78P?#$TS!PkpALCRgee!KD(%mfD!K zsGmGP{w8knp}+m6t(^gTJgU=Hm<+iZbX&vteY3Cu>jO4PjCo0eI*Dj_qu1-sr+2Y5 z@0!i&CwAxlGX4a=CmVtnY4yf5W_84Q`E|iTgJ@oNHC_eQhZkJwA@{IkFT%1j2IR%p z;@Tep*Xvq@KQ%n^R8%q=k!hwg4fqin`&-dpf7#20^oD{*`AOn{;-jNwLn|BF1sKU+=6V9a8WB(^P-3fAGwkLSm`j&EOlH{AZ__Jhx6z4f)VfZ7&0aIDgOZp%km z1>ba-Cv$s~DJF3ZB{X(mNL)wE|B*y+EXy4o=R;BXkRp~A;9NAuqfs08kyAhsq_V;J zJ&3ti3 zdGPL1e7k>-(M#n$kso>KRXLYLA9^g|Z-Gd;sSG#}F4gqql4 zuym2wIPAdglrOs~OLJJ?7$5fVAiiRr6dEz<9Oekj>6Zo5Ua#psUHdS@k~ zGpsY5UP9$-muWv0c@zos;rDM+W~7|R?dQ*Q9uaEu0Jy1E&xMv&kusi0F_Y*}?cquu}B=|@&T<*un z4_7mu1JZ*#2UVXweJcJ`B^7s1$1G8*VoR-Wy$IS>Xzy+ z3LRxTl2~Ms@@?`wMf|cl^0_JWDLF}b{b@t@`U?ji4?Ia}VLei$cu~QI^I+N&ZDp01XQ|J1UV3R(t2n+j)($N5Z}v~|FS^q6iN}_g z&36UMGD3S+iy?PiRxGpHwaa z7KIMlSW3d5!ubX-lL4=~3|}|R2XfiFbg!*PqRPIpeqrrqwby!BdR(qpUS8%~eyD{m zH&zWOEB?A!nNp}-?y2lxn4Q00I;sWG605n%VpS>9&?tpZM^57tkrM%k@?@fAa-m7Z zIaX;_)mD+4lI-~uN^HgzniU52Zw-u=RQ$3%6Hi6xLLMr;P_vFzjvd7{5?R4pscLm- z9Xoz}Lgg#qtK>_3JaD0WVS53-XnIh4pZBB1$AJ6SUuyG`P4i8Qei1Rv_b-OoH;&o7 z$F~aKBZVa_GJl6YH*a+*c1b)43l9mek*k)=9AMLMn6jD5E*2?X9j+W!AAXpz!k@~A z29EKeID^bhZMy4A8=EcVAjh@KHVcmDzGV~Yqm$PPC|$M6t4fHzhd}@sQb(c7ZxFj= zv-D$8bK$|%hD~rI<0831R8{1j%n}bIceiqndpBn3+R_P>3ksUQS>W!l%(BEyjTW>K zK)6mW_Vg^UF>`1+40WzLC?^0S}HKYho z_k~qNWWH~yKdm*c&0Z+lb&0uK^67{d_N?>yjb4akPxYq*sgfV{KT-{K9C6Sd2|DT? zlc5_QHZC@{lfsfxH2v*BJGMEm0qI^Y;KiNFnY;c>fubf!R;dsnhqphON);zubzh=64w;vm@^tx$p<+SR9k#p5}Wo_ke1(J%bMU_plG zI!U2yPhe7i(neC${^8P$zC1ho%YY`onf(e&g`slvBQzd5Y%pMG32ld3sY5GBoAvI= zrw*pDCYL*CF`U++iT1rR$T5WjR?4K73bGwQ7p3I}O zSDn)-(>Ck5a^Y)VqlGG4tqc^Jv0j<;{k|#V*X0n@_pLtI?W6KXBmNaf4FH`sEwazPaCbUuOv6^ z&QXUqCHL1#gQjk=f&93#zY7ZlG4^YOrLLTnk`fjxCXR=7?+y(X4kmU7bBo@g{dZjE z&P%Mjf6}qButIII?){TT8590>#bNHh%KRPPP56R^i}^>2xxK$)|10->(AT^Fir@3c zJj0UEkd%|dgc|0qmX?lgHcswu3#y)A67Zd6_1v(qD474c@5re?|Bb1C-d0oBT~|p_ z(A>#^!_>mb%#y>~!TGOxu!Ow@F;NFgchjfd4j@N2L2nVpKRE<3@xPJ*j8Fe$akm#? z)KyY_D(U2E`4q^($-&7eO7QgQQ(;#ND?xQBnSY97{)sT!xVt+G0svlKUL0OL98Rv* z04@Om0RSgAfSa2glY`yO$I;!?o88fk>F-MZRgaXVo4Kp4v%9U6BA?hwsc2$CjGFy*VT)pZUj7|o;@HGx z%TUfsEG%&>IVlNE?>oEMxc-l4PWx0oJhI#B@Uo52Brgo3!x_>5%}dmY`bnzgWOwc9 zss6Zl{T?u{_SjGI(Y<@y9bX>eTi&3TIU9Hk5>}L+1*71JyV*;dqh9;37cQ6Flq1X& z;+|sN!4t>Ae)IwB-v4*>lqUG`z03}14w>ZtEgPn=0#^5z&;PYL?mL*;{O`UI`Cr=m zS1-hCO^N=m9eauu+@XloZ3S4xQYQW{gLnkez5Blp@lTWQ0c7H}3q$-LrvBSF@6pcw zZ^HUl=jVs+Jp!E`68${>FRfxk#`phEk-3tC)Ya9$-uo|-eHw>#r_Y7dhCSqc;v){4 z|028KW&Ee}8>3+q|3xfc#WDFFzcjud`nRN?zx%3~&aIv=g}>11Vefi(yh4}sXD8** z614Ey{~^Bfw^-dQCY;=Oe{0y&Tf8fz$!)?Vs>?(^m4p3zC~+#KvG=pv`__ew3Lh?w zEu4tRc<#~gJHAHb26a{%wQ17_UAd%Tl<$)BP7XTYY}3{DU;TaTgN+B2zM}cK#`zF5(9<^jxsy zDmlKnL@6LfvmLId%QWC;>#?y5o=!TAjw|{XXcWK$Ih!0o&NeujEyR91QSff)czX(c zdQ2)BG*hlsWtrGjU_5nkg1nZ-NdPFLJH)Xz*1y_i&oOq`S{3 zOrz@c7IHqQ4s;=Cp`OH}Y1uXM>H=9q0++6P3PYz_AOd^vU-a{g2{X|GL2*Eb#pgnb zb=zJR*W9l14Tpzwt*?Dt^*3&XdN<#uZHdZ#{W^!ZIc-NJMiycL%B2P#Qy(hf%CYM( zuDxb3*=hpvFNanuZ*#6gct%uufG$Ei~rTbq(wj5Iy)o20Mv*BEa1T z@kv)PzRVypbIKWn-I_}kGYX+}=T-{k62I}C)mU#1r;jQCIyR;&^%}laSG-w9V`>zD zlJ;*eH8};lgn0z5vCp+!pCfWf(60N-Eu$-5t9w)j{G90N>FF@Yeuo&Qsk;vA+23I{ zl&DLEdN&^0=9H-@YMuz9M2i}&%azHpga&gPCdAPV_%sqZLdbSOakJ`=(;@3=S?wJiv(@);q1mWbVp?9CIQGkpM3s%TNWjBs%H+FVIT+Q#NK;IBvvHd7 zXY+bY1BEmhi((wR0ptg$t%-HoC{v#xeZ-L)iC}ZyV^`NG|Ky?I)>jLT2Jy=* zFPM)jMvpeVW5z@;6*<~}_lRdo5{qc^2F9^~w|LglM@)RTiw-fhEc&b6lK&;Sxw@`^ zbr>jYD6Bf!a&2W{-(yrJGf7Na&_&uA|qZONu^PBL)(fgYC0FW9CNeo z5(|%S&(-7>AP2#%X?*r68lC><0c#m#zX}|p-$mcU$AMFZL^_G)hd!1{BVdb7? zv4m8Uz=cfJ*Myk_FQ-|h%)eh9^f3T8Bj$WmWY*#CJJSRDkv6m48XE>{n0HC+sX6Rlm~MrK^;`7romhu zqIM2sIqsu_MS2ZZr>&b~xlZPvb{D~H?PYKh$KJa4-Pn39u0Mw~!G+GyNE%ph=EW2v~_azZP2e*>FCtoTnPdkTTaWV zi(~|*2*-F>4taaLvmjob(YzN1`-=Q~5h)RZTY z_t;a`1NtOZX0-72m1$QR>C@0>a3s^F#8GThp_w>JIi138 z@7Z4%A8ENKw&aRrv?W)NU-`%;I|797`KR7=%B5Vj%6X=vBY$gl%9KyrXpK?;ZrvIz z93P0fX=NtGAN$%uP;0pbeSUHZ{0O9~1S{W5CZXZW9~lBm7VzUOia8=;xh90ZT{HMi zYq@55E=y2QyY?(#Fo^&xuTZhB=r4NYKYT9yJ?ZnBa4Xuh$!DD6x>-#=6TNa_#1=7X zvNV?2Yz$Cyk>TA&Q5iD? zM!hFf{$&2gMtG@;{VOCoXLnjdh1|={*oZRQ|8M~IBp)Bxs%CGd6BYwkX+5Z+J!-Yx zQQ2HV&laVoY=7CqEby=4gO)+RJ(oJp)*{U+1C}LGTKwNUlv!EN6CK;j-?$8O^~p9X z@RG-AhJ~ekc|gs`5OA#4$cntL%wNpcak<~-+DoqEy%z-z_CFfo&(G|lvFR}Hi>Y@o z*rz3hVX1LL7sYb|FScLu#Y_JR33XIQUPZwpN`?4>^qZaYmYu&79bThXFC%+(A^lqu z1$QlLI!-glK{wZ^pvYAsBrb#hd!u9=nit-2neR2a0t46{Y}XQt9LE_^W~g}P48Xj+ zMk*eaFj_RLmgEnLpqC3Y$jF>z0lZ|CC0_+2yVNcl#yvCr9O50 z61An>8%D}F75&~V%H`duL|4XSnat@W)N6>xL9h8y!HLRoB@5k1#e!thz%I_vPy=vi z&uW-Y4d?=1IiX`6P@-d#^WEN6&K%xErcq~FNNzf|@ZhG}um%bTdh-cDO!Zu(ACiZ| z_|}G!6K4mC>FW5SwVtPWIR=zz0S$_1c+49fT(g`lw=|WPkpON)+j2m_BfEn^QlC60 zk8QoCs8Y@%+w_If&SNC_a3FsRg)*`$9#~mnRY3V#3Uja?FaMVOa)mu+W{9H_K?gJ8C3DIW!YxF zvajE0Me$fn){k#CF6o$%!Pib_E)O(o>?ZsAG(I<~P4N#HbycSlwQl7XS~PE12FRqp zeJhP~-Oj(Kp~rC{yi~P`v>uJq$aP>Y8sUMfh(+tOG8mu4cJ&W2a8<@1x0dB4arcyn zmHp=4&q~iXldseS+v>G=YEz<|@W>@@{C+#tWh@=u#hpzeV{qVrmzUgMbTCYLRYRQh zEHaQFg2M=RF8+=RxY41cvr`@R#w%s629&JsdXj4-g;TPJ^cuX54&)6{bY9s4pS0Em z7p9+Vs!YKQnHh|)V?la!qzzhGEiO0DAPb8E21WXjyIne3pL`H&UGT@>wR(^HtIEc>0zw-^mG--@2A~%>?6~r=qxE%LK+AQ< zV9tBAa;>)eqwEVlEPkukJ?R8GPMzn)44;k2FdZT@^0T9cxLI#yZrVL7OnK|5 zz8^Tm0q&oO77XI%K(#lkZf`HFuFd$8V_(~1j1AX0Bd_zw=jjLlr#Lq5#cmmSmVV-^ z0voxi5KYaQ%QJYYiHyBj?wmI}C_!)T22B}&nn2$TieR39etEOTAOtuMfqh%yYK+g$ zah$C9nwL3~kwPPppL0Ijw2+!ABJFyUYQHhFkmrAk70gSaD!^?E?ppSzHDafp zj*w2&?>r84`V3yI#qkRineHez^ms4rSGW#XX;-jIVYBUJB=>F%YNP^!l`_k$r<2Q} zq_X@-1hoQvwv(GVPT{tSTc@KF`_XGNP#$V-f@m<~eD+xWn1;6N$%R;d1t&F_;sS|T zv@U`S<6p6YK*O$uQ41fm)D$#|&kqCJ=28bkI4crHWh&2I#o1MsC+sH$+CU8Ht!j?E zJ<(!txajktqR%bR+*_@8tTb$dZ~-5W6iuGpnR59l%E+dngY}OtpBf!!^-e(7h7I^t zeS;Dji#Y*7;KuFC8~Jk&Ei2F7oYev6iE1L&qy({%fSUK4WwzmZfaC`%*-gd0n`a+% zQe|}Yn1`4bPHbN!_L=-O->5 z3}OZXU%x++B-U3=Fbp4O+Zn)*%K#qBUa_+m1IvEx}9Q2HY?0u+kixczeJM|fm)z+ zT*18^0@-e(0uaM>Bh0~dl5Otx`|y`?9qUg|`tEUi4O^8(e>Mg7ceMU?qYJt^FkaCy z34l|1S$ZzBYL&l%;w0)=cdjtJF*&=E!X|I=jn!AjRUgE)k6gPEyBQjuf;51!> z-2MpzpPgpR^|d*30{`0&UJs*>5;RQA)7Pj78JBJ_M!H87E$5PPx?Lp||7KX7euO{_ z$#}cxA}q}FRFuzgd7eufFNOqZb~<9~cq16}fVLy`MsS2yfy3z`lwDV<12QlqyxxI= z@@1PFjxV%Od3^}>!5prqCip6%qBzM)r_Q%qrv=Rq;9DZo+)VG^)U+Q)csa~e=)`W7 z>>c+-n-+{^8Kg|vbB~!QufsL1U&D9#sMNTsTY72OU{t_?YWv&ENa#F%ZYT+8*W>E< zcjDmIE8ie|F_ZQ_tGjcfY%o6tRI{TH)8jW6N3yZyF)j}9sC}amdi#ZQTuo=zWR72H zN&yC*w|QE^K$&HiVQ2??u3&AoIqtVv-mKA%#pcw(H zy%yt+&fD~Zo~7nK%sFneKG0bbalE;3&=9rs#@ePW0>($hmJ!BfEY$jCuWhUSBF1IO z3TdCrzD;HS*r0PhiMH(7IAG!O>yc7QB#c%BwHQewC@6+r#08iCH1a!=&$}!?@x5Jc zapW`{1*yS|BaO$zzsu^`UiZC_f^}ImZwZ))ux29432EOz%?3s_=5k?V=)jy6ZthM! zZo|WRQKLW~ANDQ83aHSJOJ#p_ciX+KusTuw?Gtm4wc{3Wo{rZntwa0CPvbFL0R4L; z*d+SypwCH%)58-Uj>0)h-Fqp8h+@2dM%_BI&re)_ zkkp%gzu#or*-;MvVsGTW?9#W;ELwLTwc6E1^{ZbS8K7a$803oj*m}lIJD*P>^h=IC z=eW~Gea^tH%KSzO-zlYJU6*5Gx?ZA2jhgmgWVA-7#+W39#P_g$m?!?yQA$PtS=j*c zX9RD#RvAqX4tj(Zk3~Yo4_|onSxV6fc?D&+!d%%sdf5A}u4mv2O8hGpbDEhzfvW&( zLFUV=^RZM}V|M##*ZpXISe$)z3rl=;Fyx?BO2O0Ua@B;iu6CdXo%*ep#aVTHwV6K? z=?SERvNzP($8c3cp|m z_0s_}KY`>H+Fx9rz41)fv6Oo115x1<3bbEWS1^ifku%CtqSGDIZAyx;Gd2H&gM7P( zZN7aJF*f<`vJG)L-TYGMpx`GzV&&ju2JeAuOt@)*izj_ry99;9L%p8!r4|aHzUNdd z_2KWNua=o43>%GB@C~~42#2565(@V`mWpQScIZLHErI-H(nAl-!3AaOv_sK2>L~`y z129~=r+OSr#1)LUqA!h#GkiP)-CFo5M~=DoSEu!NN|Mv>5WWJJy0C*V<1pU87CF0J z9)XUm1VypEF~@sG{tl2pwub;%4}07w*nMF$mSZhoI7(%9 zaOk>ZN#L9v6zJob-X64&^^Na1DE~7R*GP)U@q{m-l`_>?y`3YLTHR2phJn21W`BC~oCzmJ!=F7j9yUa~$T7(+dFfeVvW3&U zuIHYeiwXy~x3#99xJUwpIJNWr=)wts;2^FLrSW9}&btr)L9GQImFoL6De^Fg@|88a zE?A~6PyuN^_UI0WLE}_)^e+lBX9BySUHDbq(3zD)F(MjX+369TX4Rjosxw$f*2c3$ z$K?uHQhM{Z>usfM#nO=!3oYlDHpVOA+bptygh0X5+Z(hP+o%mpsWq?01w_Ee%s6l8 zw+GI51Sh#QSdCOF2;OFm3Lhz+cimo!8DLxlFW7j`k$fnEXFD=`agq<~TtGcb8z=LC z`OjR-^xU@;IHbgWjBOnPB#ZweuQ5*B zT&)^+di)kSTWJKIJnY-{06oe47#&t%E4vhNXfalPryHuv+aJkNJ(RE1R+t`sK$>HS zHs7&hUjZ$*EuEt2)ukQZyfNzJ<8q1N+@I`8WMll)CN-t|{0MiZX+-PkA)$!=S$0urt?G28rV$o`NJSY=|satp%42M9vyl;hi?;`j!BOm1BUZg?~!_$lPodz+~% zY}PbN2>~9@N~$}iEz`tC73$H?0EWtZAyc|c!nPO7&0VSL?jTB^2ZdWwxInAy0x|J@hXB>`rH>Gn=lRR1jzs| z2b!&h8nHv``r{pBN;}%DPFHI&*T84O-bp)~i{$YGt+iGFcB{A(cyML8%~aZ+x+cmyTl6ikd%T@ zJ!8p9>c1tX)(Haz0y*t|;RD(HXi6s4M5U5AgW3y|26Cny8=fJgh|{Rk!1Ut)>~QuE zgofTRZ|y%Ip8e>_W#ceB9d5Ck8RXuJjoq8z>U(0&u4x>!qU*FT7fA_#&`#S)6ktbT zxS~@fvEWXZrOo5Td}+dkR=!KxlmW-ma=y{JK6?9)?e?|k-|m-tO+!Vg#`;e~q8-28 zo-R4%yQuNnV)=;ZNEAuk%QXG|Wner{(wsmq5N3DBY`H{Qaf$qGPgMpZ&1T*=z`PW# z49<&aqoaBASiOT+`k9!Gk)&H@{k$}8zSdNd%W-sfagOh6{^wcghL=<45W5+9djH=N zfPJ+_`+mURQzvWf)zpbei89?e#-V44@%bINhcB{VutJMDa8Sn!#`%r8ONHskn1b4` z{LYEw1l2aV9I?lxq#Cuq3F+-@^LnC--zj~#99q(8taIjNQTA><{N~Qq{)rIiP*FUX z6uj_O+?(On{fn^qn<+ICb*jW$iE*?YT{ldHZ`)6rr%sP1w#MfN8l|4wV3<_dRzqH$6be*uPqz-L5dHE#tO|2f=>HyDU@< zrgKGC@cKRC*n0lGx4AQMHTpy8KvxV%;$c?;JYn}@*pwAt3xfgwH30+)5UiiZ%>LdI>`9kZ|y)*}@>|Ljbd$iI5`6iEF7UOX^{}Ldmx|0+7h%l(S z*?EBnQLZ&O(3tC3`;K+qrq+2SO>6F520aFqRYR+`-~$s`lK+# zU3Iyc?-S=n&a!mRa59NS&%_lKA1@hFkLHS*Xuj5O^K?*_^iB~U_@luuOw9!KFc7Qb z40}d+-Fl0p#^~Tu?qD+83zML0aA|K`u~H^5Je-TkezvksTZKhCksW~7%@U6oQ)Ub| z@g19ft6%aD?|r#o1pk37AXQ?^`nHu_dNT#Ra{0qj=Xoq0J%v=m(ow> zqYWUM=k~Fe^-?&rV0|?txl%>bUP?`>L+S&v`GBLC6<3GQ-7yoKXYEJXEaw>jcG?J>$PJNfLGfxO>L@bcGyhe66}NHqRiKyJWkdTDZ;n8?l9dP-#1>#oBy(_M}i zjNxRn8#_;6` zT@w2!>;!qAY~8ZMgRjIKiN4~AI+61^ioU%f1sx_vj@Fq+Pr4S>n;+X;YRhb8biUid0RQTGwXZHknTLvU7GzCo`avp6RH zEW6Y8W3ig!V}8c`lh<=LQSwD2E_ zy0wgh8=8eWz6b!%l%)CSgX_G4z02hZs7EG=3aMOC6m1V%;P!LAsNcU-Ojf&OJDUSK zyZSdXPpTLx1MND;?Gm6#)Ild=_4ctRX|1wtK5CxA*&&ZW#sVI#!&gsVax*xGgpV9M z3JK*}Un<7qtm2qUFAyBDVRpRsL-#RClzm=h16R#YQg#^aTcN*PVZGVnfvr*+-zjun zyy6Z~+MHw5)2MgSux-doR(~bbb>w7j+{oRz^sZ|w>nAp4PQf_MPanLx--rmpR1vpo zeP*TNfYgrjT>>E3evTqKHjnmpzu1=-vrW5}ek+hOcioa{6f0|<#1KjBeF_}&mp4{b zm3~;p-#4G5V#xT%K^8AmxV71;&tF(vyxI17B-;zN-ST15e%c99@xIXy?KnYX>cs@h zR1~$i$~?fV*>~?hcohAt(Dv;2FK(-0DyRF*@=0-k&a<}<-~7a)<&o)&PB~=!Bt;9* z*K;8Q9n-*qZUc}oMfNfMCP#;^?uxbOLjskZVwIH^TXjkgyZAL0aCHkB=C^0691;zU zQ_p)hHSvzYp(6&?l%JsyWehZb;5E~XQmef9$$gWa|<{^}9XDZdhc z{Mmfzd|owVI(iO{@nCIr0dYp>+SSXSXbUOLTJ9$t5QaGBToH*0)TKPp>xv?et3G$k z78YQC6SD-=>n^rl;XZ_a04YpsvwRs6HhGZxF`DXds4EI_H}O!Rc7Tx5Ef$BvbXNTMF{@dSs>Hx{L7}BBvV9X7sgWG6RSzRe1XfK;KW<~b6=pa-XpjqMGk6^ zqBP(-(E@rhsXCp#=pa^=ihGNfgGz_ZL^W%6L+=Xie;-FIShPHE6K$yBMs*Qh_^5a? z8TF>G(}P%wlwOzNtUA^n*e_R{MBWdIF<@RFP2bkWF&@fDUk9Iw^**UHVxghKL6r9wm&0LqCvgSG|N^1WZC6i`Uz0E=PR7?A^gctA)r z$z5!RDCsYAt6?}XBz{lUNe8)Tr(;|qEs#+j@?T>~K<%O!(}QSw`_{!uV}6!a;fr|o zxpvpw*u8)z#MXG;NAqPK0gSIIQU|@)w0i$yJIyy6I@o+^*M_z{uUey#>vB7P zbNO{FcBn@;sMr4{!DvoU1>J$b5V<^~dcRJ!xLKE&bOnx%iQVpI3yH0oT+L;GV4$Ci zEz~ZY-#8WydM>HEp%V-R$@2$GT5Jxnw^X`wLb(e+AeIHbT1SJ!H!VDfU0=xZy>u^q z9l4Vo4z9f>lMIo4j7QrC?z<1&E^2ROP^ns{%IlrgQDXbm?yE^8lr#Dl;SKw`5fvFw zv2>A433R@gChX{<3GPexQw}gd@4LjK=Jxp*)Y(R8O~$yEhF7ZygZM(C=VpIchTB*h zHZ5ELaMQ;0tsM7NEZyk#!D5pI8-}1RsaXZ%*%CikdppJPkt1+28-sDzi?Jxn-{T?s z4xKgPudx3*iU*8Iv0WuGAodc>(i-Ao{Gd_gqt_Qk4ND7fbfDToSWldXEE)^ZA;gya z1ewvo3^$&RH*5H~K6|kY3&V0XshgUPX`57cdQWG#IBvljKh86bD>s(2XQoa?5PJ|v zr}om}Xc&9wQoVh#my7yP3f^&ri?{&FFf}l!*8H_&mi)<77G?!OEVtB!>UfRo<)JC7 zy!3Y3-C^vpRdz#Pssx8=Z%av{9Tr*`KHa1^PO`Z(xJPN^+QX+sYeTLDJQUfSmMelYGr$n{)w*;lg0YyJe>U zXjeg9{(!Uq!SSzu=;5`Y9~NYjZKsMCnC5y|XtHc5fQ!oPK$!PB5m#p6M5|t^s?6iM zRXZ=*=k}%r*C&~mb!*nm>!EE@Y$l!UY0(B_T`fx-ixv9#&2{|4U+VnN;i+anh!>h& z3XXSXhV;v9#K85<7$V>9BfE+G6!!CU48S~blo1`^bM`CLT-mfYf*hCpUiCCGNz(lKyshEf^UwIuA z8zmSEN)K8=d{SJCnRyD@Lbr+u&d|m&D$8T-|i;~ z8fPWr6g$WjIP-F@Ud$El&s}tOy=BR4CYw-i(zh)Ra=J^t@Y`-lNz_k<4L`Cyb zp3FQIqWHpfR;Mi{^Chal`5v0 z=u9>xd!=Pk@B{UjjLl3Rdb7=zQGOM6l@x_~q{dkK++S92eG0L!QK+G|in9N(e*vG& zqFGK`$;0&5NJ^Zlz2(h4<*H}aF%IkWgNs3s0Van)E)&I*2yAMPb&m-Iu3klscyG=} zBNmovwima|4PpietrD%*uXL36Uu)5%#{WelDZss9%}lZGVtC@>$F%MD&V1=K^p+z& zwmK7eGBrG-A*e6{f#0?Ct(~gm_oyo_d-@u*`%NuSU^C$8^ZHFvi^=EZ?y}EQboOlu z5u%MPg?+=|nha`J>$C@BhRP%jzL?3DmY9$I=R1oCKyd4AS~D+El=KLSaJuY zW2oo8r@OD9Ay0Ry?+gRvA@P0d7JnGP zFmM~~t#p@v{(;i;XCvWPe;6g-5rrXH^)tLS<4@0bDr$N%z57@{l(%tuoFG^_ymm4a zK0hSSoi2jC$n{^-e%B7Po&3=%J%x~4$!Xcfutib~99w!tj*ZCzZrWqytd7sMT*h^; z@5!igsTwhK9#1OF8htfLpSz6PYMnhQpU1d5@MyjIuj{7{;X~4^UB>}$S8EP2c6G;S zdnd*5{e6f64fVvLH#KKS^nND2DzjEpZ`743(4;Lx$ytdKQvGztcV~M$b7RoyBZ{&E znH=xesuf=iuJ2WF=o-L#0T^3+{XKBBmN6m)L*?Ux&9>AVPITsLE;W#}`Xf1f0ynMn z%*@uJcC@rQb=!?%7#Lh#;HOT8bxFd$-dgLkm6c7VH6COsAbySpZnFr!MVYb7B$pXa z?V&^9{n2r!*@31Zh`pASotYH2xsRFjYmdDmj^(TEdQWmV7f)=>uutqk%i1ImdLfy! zr(qP;8&0M0TnO3-)|*YvgkDd)0d&BOo{3TESU3(M17uSoTSMD!$5|(f?QGfFxBZXR zS2NmXU}EIGR|A0gV{hxv4^ZlQF}!O@^;&OR9XZZ@s}%LfUS%+U?-gmP^N+u!fxVk1 zT=AN@vzp$d<#^8ZJu-P6;$`xOQo5bPzc3dP2&2W&Nfo+;bTuDPEnHbI)V^uF?=cz> z%AdmYg)f183OKY*H&QICJ9)+fjgTpCVtv8v?vhy;lgupjy;FG6s^m!F!LQ_^Pb3~Ijc17H!}Gl(CbK1XI(41< z!s*vR<3g0T>|I@rJ$sDMjCUOTE)I5JHb7gntiM+kirHsjR_Tm06cv-qB%=u<0q z3RSDgq#2y>;*Z~Us!Ev~%Q79aehvDe+dhBQmO7k*VYVb-5UIn>df!>?^PhtP7#~BN zZb9;n@;Fnd6<{AHSZ}sOR zVZfPH(go8S6QiQbx0?pS;7%TniJkCD(Fr^u4JN>YZk7am=08hHZ4lXbvN=w+ zg?xW<&YpoC{tf$?a^@w7Lj!GXc%USse|x~TF8}#VxkN8d2eGf1>}LgWoR7!H?wF5q zDk@EKJ4gz8f^VL?iVb3Dz3gA7-&!L^e}1t$BPZWHDnV!;3^cEhWf$m!Z57j`s@eT- zTIgOhRL_*l;cy1zj-U5toEB&arKw-`HZ`q**ITNT=()2D+EI-gk*Z4Vjm*2}1^`vXv~W z8#iyA*tX{@y4{_@mNi+I8*m;Nx`?t?o>+XGidboWoVde2G@xuglT`Qq|6%Vf!?Ns} zuu-K$x|Hq?=?-b>5|BngX{4ki1?ldV?v^e=>Fx%lyF+>}jOWqkt#AL>KfdGGzqq*% zxYk;;X3fl+ne)8rDun%B^AC0@shB>jVu&`B{UCsQlO>hTvT}nSc8pl1*-WKTcS)^G zm&6h!{W!Xmc)F7D;zrHo#qn3WgY|yOCcQ(0n0dp=$lhmK1%7SuodcV!V~?QY5F%dc z6p=A)(lf1QGW}>P6oW9)*uJSpbuF+N6J&XI`7%f^-Cgn*IO#iFPDlqHGX`m0G zU^D7#fS&We;a~a-NOU_h1x&c3&2f405JH9r4;~BwZp^mjNKaT6R!`bc$0GZ@~2vtE5|xx|gO0w_XKN%z$TxH-(MUsyMxeJTY5 zsDuxMq!f9+W;ZGs24rC)V<1^2`kI09IaM4(p23asKVY1`j{q1C z=Dz>$TJmpJBcu=7XKCn%5@G)f6!o@1|C!ib4+HXE>t6!+HQM(HzHae4N6Q`-sbsk^AA?X zh?cfDSEt?YAH6l0t9P^pnFb%Vc0RdE-JZL$t$SZT8Fqw{aI=Rc^E-FV)Y#aViBSAw zFw)z>I%d%+e|ec(L*l`QK@E}~G6@{ALqkJb>HwY-wOLfhm}?b*r4zm#GfXZKc%Njz z{ZZ#HE&v>DTSYn9C10}O(59Pf-gXWZ;XjW!we_v@oMF%x{{857uzFy~^C<$jkFh1b z9mZIy2<&8qX^a}SCFRqv6qBypz4=O+QcA@-{L@QY<^9p%Vm7~W0l>(&(VxZqi{ALC zVbqbI)x}>nhC2Rss1+A|)jx(p^Z-=}KmYsJw&&~F-KX2-mFCk@ z0N7~Qm&knpFiw&dEz)II5LEIDLeH0G99NSnUxE%O0|0MSl%RQ%7YXo;kITx+mH<=_ z^*g4q&^-zu8r`nXvV;0DD#~d_PP#-VjqVWyEgufc3qA(<=S(nq8R&|N6Lf1FZvc5< z>w!nGj_vVJOY}Snv}%;%LE)0$=_r)PZlhzYP;(jdQ&&ER#!Yzp6IYpO*c}}nA5W{C zEmvVP53;Qe!yl~xN;cDGwNDAaoOrJR7utd0kNa_KEFCYjsOVqi-c~|;)WN{32rwR^Wov)3!^T3&9Jwy-(7W9P~i%# z+ild$Q!T`$R%@0he%g=2pl#F3ZVf<~P8NGJ9JJWl0Jg4rWYv9H+<9^s@`&&cqt|h} z*t0ufB)|0Hd$i^Shi^BcsG2xPlk4!_^CLV}q8>D41)CK<)kDpS(6hDlkfo21C`VnR z-WtnYQDU1jY?gC;++aboBAPKWf|l-lFBY)OM$!yts;xZAb6frJ=GzOam%^nD01{>= zH7BzNK)(5K%rsK9@>FusQMFs36M_kNyIf9ZU$!fzN^uGSzy+b@rCG zP@Gv408$OId#;wR%AlF0D(r+3P5*SEVlZ$XI(bePYiekCxR4@bY_r}@hxhf?fCv-C zbU&W^y+00fs2dc5WXT|k2REe+^f?Xlk@5wO1g-&(QduQgltq7^+I{@I(<%xS8~}E| zMSbi2sFU0s6Y62#0}JN?r4qZq3#N8o=)R`wVMbw1X0IgWZh^Lmm) zJoc52(>g`*&a`C{(vfVX?iU*&!ku(bI01=%iieyx+#nZT!7A+YoIV(zOq9C~DfT(N zPJJ!&^ERlqy^tGF9^`2YiYw$S8o=jQO+J4v8Y3ilQxl}HR54sB9%yAN01EQ2k$JZs zWTb|@u_Y5%c5LSQmUZws3<3K1(f5~0_&DiVU6+9>ce_6;z>-t0i z8pqxSq=+9~p6e@_v{Q{8M`^U@WVV6EVdz4zRJ)2$Rr0tph0}qMwNrh9?{vn-8UP2O`Yr)8!*n$h?&dPs zr<08ltf@|_6tm}x_pMqrsB5Bd50~4C+&-vseFeSRcrH)62`lynk3hFsH^}`G=zle! z>n#Qd;f_ce<*n2*E7Rg_JPkX15$Q}9DoS|FI!@9)oiAE@MO@rXmz|_ zH-bt&8dSq3txwfvuA~G>lxp8jGhC}BPp=h#O1OZU_t>3&5npdXSRBD11wuv=>}!0j zOEzK0YA^L~Hm~-F;g%8KcE3X-)tpC8V%1=jOCrZPqjR7F_qhoK%`{lxp+NLJi1k@s)cS!3$%r2zIy+ewc z-u{(=k191z?PcPmSTF$@C>VZ2#cPP5Khb|n2hFjRBJTlW0?Xub-8lGZ9%h~vHNb?6 zh4z1@c=cy(Cs(JlB(*f6dMEt1SCv1buzdkoN_i;>#x`0%K@bX%Qa3H+0^f zOKOxD&y{{n z8P4(?dY4nvu(A%<)=mRY{azKi21Ehc!Mrlrz(o5j{ub2v!F-y7v6(VDD%fq{EsB78TL_V5 zfQrKzuv1r~@XPEkWI?b{Xc&nX^Kz*p>;PD;6)w3R*Wwg^=@0mwitxYP^E{}btgXzk z2cM^4nz1xtcXlC<(PZ|*_C-ofjyD`yhH00&h{JvvU~>P&>mJ}k8tNf^$H)E-4vH8t zWXv7p-8+ng{z5Q}ck$=$YVl!u+|z>Ks(1TFXYULa_c zC|Zd;pEE+hQMlZHv0&wg9ipe4DTNg$;8M$<;xDGAN&*xH5=glEA%UDh1#Mn&#?5xL59Lj-^YWv{!#a=uz&ry*?lQ zU_308)Ys}uP`Tqn6Q!2T*70G&r3kgJ5D}?7?QPkQ-S&7ms~|!1E`|iB222 z!Dw!Yl(O+$po^)PbFK;K@tbuV)162kmp0i~=ATep|DwCO4SY^g*+UB~&|Ws-x5iLM z(P+HDR`1D}UqQ&=l6AQ~kCU!wkcz)&ggh3czktXvQeNQfvyS^@MhqzGuq-@dQ|$yu z2r&k3;3O#937reZR{$KVf?2NKlRD1vaHSJa&k*K3uGG~Fg+ktGys)VG;)!UzHCSb- z8wV&|#@paHSS)6^oC^-eH}|M2_Hl~Gsx++6gm8c&& zbKNmWHiD}0BG$)osoAs!5OhBiCD1jd&bKn{6TEp7$7S^_XJ9GPugouMgjQm=3e65e zHhdfBz8B>0LB9~OB=OT((mvN3&?jEArih6~rH~;DA!tP_;UT~SE~zd3{Z@OfA0Y|< zkedG}E}%DH<&*XYLD%QRi^UK@i|O7Z-f_^1UjI7230xBKE65e4gMj1V61OeE#vRwP z31UF3+8Su;jo8N7w|7b0+#b`kJT6jReXyMk?nHBT>yA9Hx7M^HG}gRQE&vTw)iK}= z^39Q!mbN)cqzn$?eCMbAywD6}Sk1dz7|d>~;|$tqy}b;k^NlW_Yi1lPEM}*e(}K#4 z21$7vr&q!K&9>Hlm#};uaH!xfHuhODSk1VK+ggL(IQKWZt9>!!CH<9FMTXVQLBEH= z9|h`R!bcevws2527q~vQwDFmf|1L93PKdUsn323E(%`m8nXgt{x&LaR=AFSsE9=Re z$#bnRKaKiZPMXGV3y6x{aRmkRll6|}70GdI#^Lv?o*%4dr*w(oXh-f2v$cePnxW9^ z-8lwvuP_i{wb~&!;DF0qxea?-h{1~&*hWp&FxhCohxaE`5LOypqQrjXDT79&wJYkO z2|3SsV4J>TWm`vD{)hcihrBq$9f)Nwin_hYt>jb$xe^XeJZ!s)Rl^~~qg-I^cI`tW z)K77Fic()ycH1>|%Y=0sEKi({3*Fr$s99(FdaOPXD^Kx`%j{ zi)V8UZ1c>0TApRE*d44|`x+Gd%XQPRIp8?ZGHCux2>RpQ z#kde7blze%2L9vo$SB3sZ4v`yPtfcz|IA5VFne%$$G{0&orsk95lh_tT~@>;O{h8Q zrD?!RjcH5+&L3&O{=+04O+Ts2n6l~hN3Il|1T}jPo!KDq3e}9XvJK7F`=4EZ8LSa1K1GiMy#PpYv$xA(6{y*B~`h>uEWrsyIk|B>kV zb2cZC;Jy!vKg}$w=>IjXFP3n}6UkF{P$#tq`HzgjpU)!(vb!C55+#~D2JVlQ{9~%r zQ($2r<#d8z`1-GT{~N)1T)E$l-0ND>QzQDjW%c|`M*UKfjOax z($I(}vh`&%pMIJ*Qb0!`71cGIHql^{ZBU>=d3b#;dmVQku{9GGmA$|Ad!G4UCI3-} zQeg}Fx3Xgfny!*&fPpO9WChpDvd)uk#}VHtgs42Jd5;*Wh8KmIR##I>+2U9hT_qSD|&qI`o!5@CIcK-XLgoyQdGPw0>Q@ULr1=S0l>$qV#{x?H$2g)B2 zRMzGv%NlWe<5H7fmx_+ers|(W zGbJ*m?^bi|91fuV(`KAlLS#xsg@a7}W5BPM3G&`$&sq`AK<~5xD0g3Q#*)4{zQr!& zJ;@jEdC1DD4A?#~73KbN=dFQ2a?S7@ZzcHX*f%(%hl~vuG_crdvpO@cc>J#KX06Ze zUWW_f7%ok5(%IA%=#&X1H+-soP4=(8!kT2D$<592iw7(@|LkYY<4lmU=(6eOr@FoN zZ_PDKt3{lerHcn;fIR3eKjCeHYz}q?MS^RmdeNXKmRYg*4Y>5MI35_(fJBku*}<~n z^j47Y&c)pOKJM=>=lulwcfqZs@uq}r9OFJ-AKHiKFdSA|o~N>pD$A7av{=O5uIbO} zT6ltIt*!a=>9k?*koUn%Qq0m+G|WFO6zG1bKHtc{uaGw*3;{ReXu5$p%4FLugi3c=eLg84m>n9U+#;QzUu&(LxJ^Wqy& za~gx50!*-lQN7>x7b)oIq~-XJRcZh|VQ&nw^z;tkn2iD%?N(gcuhtwp7~A`V(KUc>Tmul1d*rL4eMxrS zDK#XM2#%B>a$!>_hQ*?bpUB^ydfec2EUKN;o50DGRia#|!EQY8-h)7-U10meu;^l8 zqIDOIht(4Y^#&)q_dWbM3aOqSEa!DJD$Qteb8}hjHdM~Q9Y_?K3NXfL(n=O;R7l+t zP3GsR6*Gc7Hg>y1={IoUZ&(3}Q|?G$3MxoCH80R>1WpsX^rt=;dsrR4*Q&98y%V3p zV(8!Sx|b^95@aM}Gyx-*UJjs|RE9z6dmZCC=eXMG1&;x7?DYQhdpDzNm`+{UIY?6& zf2+SzbApO_WrJ>0FcS7Q00TOKYRKg7B^ds3~E zKTXWooF(UEoU0=+s;R{Lnw!ORSv3r^nEFK<0!KG?xAdvjgK{LSf9mC(yLNVCpmKq? zxCC(jeyIGmZ*@55hKGih3ajSO?NV0cH%vDD>55RX6ff7obu4n)qE2?~JDc7@2mEm!xqzJby$L9|sK)LEJiO)V0T99Vwsvli0XKKX$}DO)(MS*k+@XcB z>1n~!yDf-JkpO+vgU36#>3n^*x*YpFxKy|YbT(510N_d6P!IQN;`72-Hn)|ymtCMD z!y9t4HCq<0!iQrbrr^@%cafDljn&#?9jV@6mD?Nv)jUvb2GEg@lGBIZnusA@~)WS2!Uuk1OZkT;sYtfIvslY1W5+dQS_jITjuM{XqnkG{=JWoV`XCPN{YhXQAV9XhG`4l8lFqhY-7Q- ztkWNiBd}s_xgn=pEi2Mm0yN$k0f0_QAR+(M%BV|xpR!m6NSscUf%KL-q0<`40~Q0{ zdqe_Spn|(vLpKc5sg>eSu%RmJO;<6Z7(l?8tNGCGttuc4SKLeina9pTsdIL!X7PTI zUA=F*pH9WKk&|xF7Wm*q3*>olur^0B6KfTf(PUQ(T~v&em?a`KR=+W%g=3j*={dV% z9l4yQ1n~V>_WKENPXa!BWee}RUt=QDAAs3(q#!Tw$+f51qOnZJyWbYOVZ`W_4t)=e=LuU;(&~mlCLUdMOK!zs{wd*fx50#Ym^i#6+=usxc@9di1zkh zG0yrTW-bGc+Jk4KM)=rR5G}(1y-k5ZC3oaM${+1dWMY__aAl!H7sWaMW|%O~nSQ+G zQ=z>s#$@&Q1U2nzquQJ6i)FyDYwuH9%+z#QcCEa7^w%?XHIh_EOD z$FEt)aZHlW}m#rgT{^UH_VF8}|Y$>9!!oOBb+2e79uDa5=#m-DU z24&bjA_uOir1q!WwKTx|r&@%X#ca$bHvlR*+fQ!^&4H^gbF3&(LZoxEcFcngZOgE_ zz^c@X7;q8nRKJMa`O*~l?Vw&>bQKDxde2_f2x*V+ueuh-*Rp1HT1yw+5l#(cKvL11 zl_8nC_1W%|ENMeAjVod(=; zZA=ik)fv$&*BQdnw)o5{ew&voM8N27ZrjXejpyt;u+{7gfLtK?ZF%+v^YQAHr)AQBj>NNj3q8&@QZ2MrG7bgBgfEO(v20wTPL`&MpmIv>Lo1d;2eUMlMZ!s2TQTvT?_TpykT> znW22x>?9tZhX6(1StD^NqX(1Z0Mo}oe)nu?(r*Yc#3-k5jEsI?=(IffX3{~4!8vKg zuCE9Fwr@f)!2h8^ogiMn5~DYqEl;#5PQL)9 zh@kPoh(xn0o=GeAXvU`hwlqiA&vzKeFwDhh;+F;?4}zG&`^?5el5ETbY>F||DiY02JarS{pOT%->mBpFoaPvCs1xtj-Yqi8G}RI^>AC??q)ylIL_7F zCuqjHGrkoDh-6q$XHgE-qK%(8#A3vGR02wcROi>{8*MIbzytDnP?-wmP``#%u@{e(X2L>jk+B)a|!u_yLXw1 ziP0(iJMxHgpfGkA{qIh&``9s;ZG=$!F2(h6%dGBMN>^=o%Vq1G&)Vk6 zx!C3HG#t;`Y&`K94(o^2XO&WOS(Y&7H*@`V)s*ewfvcgRmEos|T!GGpW&SiysLa|C zv&IV*F&SQ;q*?4$*uG&aOom{Ap1wsPh1M5GjnBFz)uS+LF{nhUsaDmbIXFF1KP>ZixBOHRG}L%(Z907t-D5 zbR5K2`p}3rbZXTyE>St}#;5aZB;oKdcB{9|P&te#ZRf79>2ewk@h~_jtXipf_jbk` zec=-zvGi@03Ff7xCx}y^U5W7t*0L<$oGchjc3C|VLIp2_xeIcll5NBM#!eE z!uLa$k-@=1c)Al4!xb<`Pfb7nyk4F zf}}BYr~Xjxe4<@IJf7U+r62OsXoeOTlI|l7E=#wIX)Nvx1o=Y=pOKC2?I(m(NJvOs zHZUYj0@wQ?!{A*38E{w*{%aMMp@vzrusTG7l;TmxZ$r`*@jhVf$#Z6T?G0Sm5zSAdi`cW121voksI@ zGFyrb-$xO_+3};%ociqbGrx@XUg(~3^ zYHmp4Lm0zlD11sJOwCn1TANB=TDUzl6lG+VyWPqwqhHDo&q#?2U)9f>9^1#g$z_KO z1taVe2d_iTIcpoiV+$g`A<(>%Q~5RXAg=$7xOs|I+XGwhriHf8a(w%u%U?YpbK&qp z1&N(Pb*?tlhCz^DP>FHXT+8Kl)~!2|dn#&rUDz;AXEvB zV{c#p~Cz)EsuN_;{hhs#0h zu4zFGBp=E6)RYt)WR=UsYpv+;l1{ZcI18z+}O>ww674F#@`ec?pL8p&TKf)2{7|9(@(i14%Ja)5#(H#w{Gprx>5EW_+3WA$bXJO-hNxiJ>M7`swL~g1b zua79=j=r+y6FEbQR!kj@wA9j0t{Dsh^~99)uxrNJRn^^3wrQrzvA?8B3`hP*2rhyA zV~73^E8!93duNRDHb;}&&@ijaUtn$n@<=q{pKgRvcJaMNS;k!*L9bs_6=F-~=;&xJ z^x9XCFnW-wbET!93X>pw4CkB`F<&l1Bq7O2Zx*uoRXZJn&jz&&X|wVhMh9*vha{8p zWH%fSDM^a5Jb%;*cL5il$q_E!2Kh~=_*LV@>~3C#N9Zbuzt^4TFOvHN=$b$-=EH&K z(*odD!=U=f$-SP5NOG_??AR46n@+}l#*@SWcElKtc~yR|@6k8D0tzqo z;Ls9r)RrzJWMo>coAdD|+J360g1LT)y3MjBwO=+-9Rm)ETw%esw>0tQjIrp=ya!Un zyWZ~k6GD^uV+dLrhSMjkb#;d}tRrU=B1ebdZ4|SC6r8_osvau|u~+X46Z72spC+3H zA}A;bN(qXP1Tz=8G@1xIwEJ`ZP#>@Y> z>0)s9Xh{UcfK0km>mY6tVAw02!WI`kP>zfHlIK8Aq5R`DLW_ozs#Ui}-b(tLg z#|ggmjg(@QE#%`!b(qP)=;amhb=bSTBP z`CJ(9rn{wO6JEb{7=!vK!-)3l7!Q#Wd&z3}E=vY> z$-W0V-{YN<7ib;K`{-)B?#uA{7(R*kKOH;x;lb|r5tqsgRpOZnv(XGPCaCqJWxSMx60_(D~?Z;idUU-qhlP@G9w-!mH^tf=<{7G4uH{3S&GJG0E zb^%9{g1#NvDA9Dzo&>L?#-lqY@Vv*_`_AGw54?kU?~amH&b=JJ-H{_^4G{4oNFmi~4UH@aGYNM}?Do z|M~ICt&TwMPjQYZj}Bhi(Pv-N)hWq^K6vIhS#X|>o97}ea!}>~T9?zEX;`Sr+d3a< z;Jw_KpA;=&&ls%pF}~y_GZiUCDiX`7h^?G2Q64Qj49uqHLwj9hwSH~*VcGvRh2T85 zJU`BsRUaLWCo}~#rU~5OkeOG@^G>Ss@+XzDj;+&DM$>k@Mt<<+4OFayQSAolF9}Ee zu|{3HuT@l(F{j4?RleQO%wo9{=g#;OM#l8xS9(F{9Cd=ObnKS%k0~+@JrvA}7&C|G z_k?Nb1JP~g&z6A=oE!X5c4$-1HgSA!)~R#n!+00;pCb7Cw@?TVd<-Tl3Rrr1AdQ+r zK0o!A2tP?OT|6yi{a}-M75U>`Unki6w9Xu-JFel;S>7f4?qx9c2>ysU2d$$rMPf$h zC=pO7NRMkIh!eb!J}|hsLVIiY8=r?LV-oiA(>!~tFe*5rFuY#K*8cUxiD}A|Y{Rxt z)-nI_#KhVDnog!%~~;xaSAT<`RkhiTcVa8va;VHYi1=-%zh zJ}BK2eSy~IoM)ew9(3ho#Oh;Wp^Pub(Z(I}(loM!`z)9?WuPF?sk3~i`hIASWlh;zsZ+Ylue>lhD@eyGJ)7G1<^_Z< zT(ODLMCC6T_eEci!zQO@u};B}7$Zohm#YTg6B>W3yc_TMinfTq+=`f5Kf*6L)}Ua~ zyE$L?2~IwaZ>S$pFxtMC!z^v{ST_% zxdH;$4T`u|=b>{?n#Af?#1}gmyr5?hqhqYxaR!fWWQRIpU>x{^Ki`vCFS0iIHvWQk zwuvp8s3lPL+S*gRG5(E}qgstR2{zt#%3=l0#=>~kT1|DtN{Un?2ef}jc5+@lWLHiw ze{~mfk;2#5SM)vP&1*>_Y>qcjulZ>(cn=K>Y9O6W`D)^%UPrecK|N(XYrl@HXe%ZsR}O(~jjhLr-hu^={64Zv$6=wU;?h*1{V#BDc6`G*Lu$wlw&57$KvHKaU<2qE6GMjUwd$#?J$7#bpg6-SnoVxj! z4dvda?MR_=0x&vD{l03pK+AQZj4gDoa=M4?bbFl6Fd0?!O+kfuk+#!e^U&% zi?13J^pqKoo_XGviPYNW`J61Pu1qKXtYjSi9CZsH{@mW}+k+5J#pC?VoaD!<JXkn=EIG8p)Jq0~R(R{R)%iU04tD+vHEWgrqoJYbUbvljHOj(_W?> znEB!;3*;o43qnK(QE^0Y7mYR5`I*Ggi+aj39x)WmDAxp?CZ8LOutxO1H009+kt96P z)jf6#{T50g$q%29r=)xiny#wY6s&T5&wbk0mF;gd9LZ^jl`kJje)u{kcfP^Cno%t! z_aCBGPa%z4^I~=OJ#rPtUy}K>-^+H2$u!`yuX93Aoz0Q_L7Y0KZ#c#OB3xTuA-(j= zU6#vM*ZA{of#eCsrPd|W$SPPq(Y9SfrtrFY9dawAtydqTOG-yEFmlXe%+%s#Z}k1& zRlCA{@;Ya4s0yM*E>>B+^a^?!MR}5wd)|)AzVGih(W$$e-kB0i2SGQYB0~&;?Zjm^ zX>H=9i}$1LZo&h!?Nilll_>_^nJ(GdhB-Q+YewEm*Wcr8JTvb0tcVZ4ihINC!g`I8qy zwhhe*7e*Uu7wEazh<+SD0<^~tvK%NI*Vq|+vJ>y$u)EH+EmApedfYE~V^x70F#7HG zZ2)dg?eakZK`!yf9|ngb%V+yk4W|;YJHo_GtP(lpGXF!RQdRyV}(rn z=8zm|7js1-JFC`_nh7|LU*+kxYj5zDJQQsA>eZ<|#2`9I3e*1k8uh1-DiQu}ZWw=< zn@{71d*Kfn5~v)SK4H{fM%iC5;J5h0`#(w^Nm>}tc)>!IBXRBGOL;wAr(Tj=kl^Ib zuOLvq;PGrFtg{kP|9SdL;4qYCr*TJ?-rzJYa0-WEMPd(C;=NY#{p1WyVy4hf{P{_{ zxs2YPfg@=>^IcsRTL#%1<9L{&L#OVMrn{bj4F)SfVevWT;EUh&3!l#GmIuUH<;bRU`5r2>+WB8%YJbIa1~RBpzc<8ogG@uj$<6G z^O>oFcZ_-lG!P19VC|ig7Oq-8(Roy2Y?Bo8=F~^(|(5PI-t93HCksHREeWhUQu z(jw}G{8WNyhcGPg2^N&rGQtQ4FZgQ(j_xs>*r+#R(h%J48yx?HtMUgy+mvpnlOoiY zG$Z?oT{z6Ch!r&bFuzlv@-|KZnW zn5smgdBX zR@zD6e;o)4cm6rZ(XiaEqSo2V4048(3`RmvM82yQzL+?&$bj^`tEUyXzoFWNuHiOenFG63Wl}=;drk#*N5x;x&=x0B%l1mX!|Q9sfo4A!_1e5 z-1YBz(G(95=M>d>4UK6Fu)T|2L~PSu^`dfwl)<)P?GxTlzBWcByuDUWRQQxUe%NS~ zAbFg?^h|hDPg#f3D=5Ilgkaw^J)7obT~cmxZ9VblfX1;)BvKqQGy03Llb+@&*|3MX zp^CyhHvu4U0TL+9}0Gm;^_tAB|N z%X-i6g%<~S$62|c*-@ww2O&q%iSY@6IqzXoed8dsbC2@V>ArW#8gajNI=l4Mwgf9m ze~vTNIa0j>-F2hChCqq;!`CAO!;)MmWqjIYg#8e6^Zd)T0+J*V?#m5VS856_-5iu= zQhZ|BQ;w&mx}UvzJ^V{*4uW?xDa=C0TQ2#6kZp%K1)Qz&3YHW9y>~0AL52Hvy>qwq zdr~-I>Jy9?gfFy%g>7=1e*d=sJ=S%mQ1IUJZ(R&So z5NW=Ib>TGbY4&MG;c}9Ku{G^aY_7#>{cXx|_pW?Qu&hgOrYu6_oM25ANK~+}y?6O8 z)~oj{&uh)DZljXt99}{BF7bBXqsmFJUw@y>)u|8#xeJ^VK$7_=$Nj~m$jdM1ghQf> zEgvDUsxZrE52~HjklSY82)L(~-Rfa7Mb$E7W7;;32H48#UsV z7h&)TXq09BE(Q$X zWADu=AChZU4E8r1cvB_z#EGW6KVrMeHpZ=HWJXJ4)VYp`F8R8twXMUHGT;i|a zJY+q-?=kjWc+8M{uR$%)7(PMxq|4}r&qw4ry20LxK>Ya=+l8_DJDP%}BC;y-*UvoP zHBJ=E)uEGI*PEZ1I$VXmvuDr5eDsYN#A+#x_=mLX^$gh#JVPY8E#g_$>>opPkj-9|pnCSz*z@FV40^{SFAZ$*SvA2$jYHi=g6-kknZcva$kfA|Jq`SM7kVd*g8VTt^x}>|MyJLV+dT6AZ zf#1e+Jn#E{*ZHjVTlqj2d)a~+*lgl68zTKoepwM1f zMZ;UIJl&2W>JPSh9h{XB;pL%;!-EFX#nO)7ke+?bMR(EcKwNflN(VLX3@(IP=U7r_Bw-AzBu1Kh$Bm{a5gBy>C;xRQBbVlow#Ioja zK=dt#&%?^wNkEC7w@vM6seTk!BP<%P`KA8T)&F0l@Bt!1Yn#XSftQCX4Cwp-4qF{4 zcX`A|sQIel_z4}Kt1+Kak#K3K62n|k$Cgb18C_A>kDhMKPo8TkfwVUr($!V|3QpSawuLwaJhT@ zWI?@%$6svty??2rd{B|t#p@Wdmc)rdw3@N zyJ3lOhRN}XEp3v*u{`n@mXKJa?r5c+*}#l1{DxCk;jFRUHYP_(&b2(klj{;;snn%p zO@8I};77vk*WIf-y7wo-!4vL7RN`uI{uEUo#ucG&c;&=xy`<)H8G~!w@7z%BQLz}N z%-CigaK7b=$6{lMF{+9lQe0G90FHs(oixb*>V5^YKGQpOBB$4dDbho|5tC=(c<1CM zLlftPraLPyw0aLoDj8wN51$|*Gw%;K2}@&?>|$u+{^-oBElL}Z4r6Gp78f(wf@lTs zg&#Y@MPUU*t zmzCeAODVi6!gsef2#K+{lfkMAhtaG!uN`X>f|R zsI7NvRaKF(bL7-yW|^@gF=|~c)hNKRCAoDZ@3i3dd&fM*(p>m2a)^TJ&u`?Z8L62g zy%bp)K09aMU<}0n#|rIG`1$VdgWcDYTo2=e(*HpC-$l*_~T>fl>iF2QULW=u()T)u&UR6=qAVFz!6&bAI$kVW-SX;lBO9D0lIv3FD7t&^ zlbz~MY@O7!Q8A-_qeqnHlSZ=&yuj-ykh^tC3vPS0B>emua3V2Gh)0(Xg82}c%U-C; zmhrf7*X;3p6741f$K4H@hm~8cu5<{T?zyFTpAG9UH1{n8#{LN}{{@8quA->Ien%VK ze=>^uN2EvbeO*wPlrr)zcR~+l$%2QMP>AA+5y_A8{xhL_;xklhC&Vzzu!3#;8q1PY z{|*H06>P8NL-t`oJ~8x`W73u@WnmFR8|s)*6!xhfS3!9mqrqG9QK3Lf zQk}~Hlqkv+kuc_<_n!3`XF^x>?%T`4pDg5%HNy)2ElvK8{O0=+T#x#*$;xxgJzv-y zF6buLV!JD>087-Q%?3-nz>8H>!Um_Pg{M)k2I>)MfP7u*5QDK7_GR)Y?gaLXQ6~!R zgYlz3m(?h;?yvnLfr_(vrK>O1p|igKdc6kOP-Pq=l^#EN2ve?NJG4Nzdl5y>f%)|5 z1%hvUYrMu*DSZn3q0%^J)=EI=I_0y+A4!zaKzgtkH4!AGx$)-L7gXavZ1GH4L;hm} zhCiv79DEWtLY*N)S>^xs-}+J+2E7*AK-b+MMi|J=G*~eT-LPwx)a)3~-?XloJ*`C7^fD*?SxZaq<{c=)fE->~^3*8Tm`V{RRW4Y3XGd9DJ5k&PbSNY+8-f#0Q=hpdSJG3@gdO0K{qy0=Ycbg~cemBOL!Cj5qvK;njh(&qyWPy$^c*2K6bB@Xt986apJK zj1irovg_k*!}An(!`LrpL7W3Rfe<=`zY{{~hQh_&?Do{Fw5Ru^0JR%0d;m_KY^99k zg;k`822D$-`dHIStkb@7*f6|Rvu|iC%iajJp3|xf);c|t$NrLO|ty$6XdR}Awv#LCG& zFWaS2tgMRH7HU?TD-_;Xkl}m(t6%HRXl|4Pq4=fzR9jW3<)UVpC5QVtd!&y=SD|{1 z?R&+*-l0y;DIe!V6^c26%JwQ(9W+X5sl;C}$PfX;Lisg`6z6AiUdmMe_QMThXsTL*E%h@$!b=j%C$X!=Wlo`~D zlwt%whbIZMOLrWX^}uJ=8|X1zdCNcG^nGmFXlizbvS-y(mCsFY1UD& z!17QrUCeKE2x@nVVsiO)6F(*$r#!|Nrd1^d2oP~;d=pcE^iexSKPy>SP6CbOteoKm zOOBT?B_UR7V1e2Bl4S%QQa6(7<%;E5PT1H9CEYaPHEWG_I9?RU^|8^a&8ffQL+2m% zUulrsg&Gsr&qv(Y4)(axrbM{}{Hpdh@LqZ92pFvzTUgb?lM3c8YXUq`pDq487mnyJ zVM zGg%1xQKI_2Np$v|IKW@k^g#WV>)muV)*t=m>QThj9k;|I$axoj7?#ky?Ysi{{?!;~ z^=#W$Av?Q9TXVZM7G}1bC@AKq$x#7cz9&C_KxGXattYc@If2M#kN9pT2vfeZ~1fc}#cN@+^}3@qo< z$GxoXj_pzZwA8a!r^mVMIuRL`$z^9#hr)!-5FQ|4RFjs5N{Z<>3 zbG8sx#)j#k&~l>$-Tl;32Rb9plS}WE#ZF2v`@^S}%z0si>dMc3WYJ>1&nmRGo0=Vw zs@0ko=LOEcy=z%3@7K9I z(B>PyF?{OFe%b7dyKsesmgAKZhEkipOJw$VtrvWrNrMsx#GQL>UO{0bs zhds4rsOXRw%!jiWk}?=Ks~CnHZ>K!7@#U~SQFY5462HtHlibPlnHv^NLD^92s8zAo zG|SmtIznw)r61u}a(fs(cS7p}_r=)doKj6wX47a0ld1)kez)&YT07fl<#%pR(KuI$+JI7-`9!(E~lOqR=DjtK>-nY zh(%`3Rye`V~!o;rBdb)nTD*otg)Y(za9 z?j&gA!xUAZd}@2w@sL6n7uFdV+30c|c@6Ni23K#9ue*d#_`P)RX2_uhBkkVK8B-gT zhgK$#TYKztc>zdJ%H=JgT^go)TQ^URy`N21sr!)p$F|c|gxwfI1)fK=xFX;Zn0$LapOLcn?e5cJ)YB%F%5rw9O2wQP~Kph;)a-D(n06qv&5cd?>^OBA>^{qTvob%?*V(e z5TPLWDBDiuz5rNj$m-%+Y3y)FZKSKchO%KPR;nqL59Q}bPIDSm%lGhQpQ}xF{-VAB zPu_3i&;yGJm?4n`P~)BOYUzc$J-yKxp`85&b7LsUzoAQljBI%N?FfjyZiru#@sA^Q zz##47DdR8we9zi3h$$aeapjQB{)jog2JdhCx)H);39xMlDGfe{+iBW$xshMb*rh?) zk0cxtm{w}^NEAL~9*HrUyqrtK28XmgCBK|_PQEty@PVp_tyNUCgHV9ai25UEq|Zn3WlM@qkb)gM>#%Aip25+Z(KkH5 zey!cfk8N_-lUG)wHe;Fvl(~3}Kvy*alAdIYs#sp|7iH+|=MZ8`fs%wUUW4?WHg4%`1ImdeV)*M~Cbw$#S%2pt7Y7<`f{PY?m_Bp~>=k;>eqH zuO&&0refi3a&16K%kJwB zEzU32v*44jkFWqZRBWd^E07O=bEqm@9;MptrIHk!W$d6Cu+p#$GfRlA+rMbJG9g*L zD*1p8vDY6&fjf7{QRg*DkZM$=KbJlPl< zou-*ps)7Bh2a9(j?`Q+r{m-!`Xv)mKUX2H+poQ19E|LIG>txW0b|Z_rPv5FQwH$8g z>UFta7y5W3bn!a{sJ6b~h=WKNZ!0z2q!DhNFNCzB*R(~N2|q$aXm0C;wTcK>gUE~m z`e$dtYkT!$I|UjHG_{_lUMPSvhYfJ?I=*(%6}l?v$|7#|H*{x8Y~LPm+Q(&;I!HL{ zF3`Iauu~>I&?Z|dr@m3v`9YBG*$W^iI1Ib#fv~c=cjyWWVr+fGKtD`#O;KUqgu30^ zKogg!tXMZ~8HL9;wB*W!bUI$6i`;C|X;#?VjamD2n`;77Myyp5v(m@UG<9;1B&G-63=720)w#*V z*d%)A*xvN{_^pD(G~}c+F+P`$$TPqY-|Sd9<_yG+?A%CQG9`aPG!DD1CyvhMc|hkSjM zg-v2Do`-JF_wiNp{oLl+Gdv~`ag(82_VNYruzKn9kA4|_c(fMKuk^!&UFb4YU3Zsn zgpJVZbTurW&YFE;L{Lb~Y?M(WZeg?P1{Oc@5QI80|HL*3Ppi-X=&^it@;#c33kGm5 zi8(~;N1-hrT!%`OpP z)YhuA18lox;714JJ!6D!a%B4@oR9YK!W(C6C{SJs4G9X#m^BSdIfiXZ4nC8v^p4+x z6O86(=EcwqE7Ar=iz%N&i!Z!WjjcPKMd-Zk)6rRD9La^LQ_FIoSg<*PjAeJo^=EW& zvOq}vb|_!tGsrn@;_cV_h}1BJ!I3P$W+paD1t;KZY~83|%7Q+uv}&Nd{|#wSxriR$ z2f^1ZVwgT|zQVHPz0@_eT9Op|b)}<%W7D~JA|qT4Q5LL!cEm%x#A}>2UAz9ApGtW) z133bTXI0Y*1{wXXds+Flgz>hV`W8oISv!{3J4d=pd~Iut7CQ6|3%I|NDBj0LRRIN- z+)Bd|H)t1HH}6+V?1|hk>k)!wnMn#Rt--3im0<+E9aE!hMF(NuyGST1XE9>YeA%7B z-FQr`gx)NKVC@y2O~F^!eGw@U#XQYnDI=CDc-f(J5_+%{*X5s#`o54hO;& z6+uM?1n^k0xGx7?tL(a}jRp*ncZ445a7lBpTB*BvXQ@pO+EPZz;gcOgzZ?aL+3!Mi zUJm(3{%LUN6O4sfNuyhB3cUVEdamMI)O1`NQ0c0`(crVWr9w2)c#AU~&rL<3_~Dw< z{!T`S>N1;|T&XM^e(mvXmrPjUU22ac@M>M?(mAxmr3#i5x zd9tnZqs)`e{E$G5la&Kb)x(bo(h{zg@)h|fLt>Nm`emig2ZIf>HMPWRxmP&R<0@@G zdnupbI|vskQJNHZJF%T-H#NgwtX{MDShG8!FXDL%7ZzoKbuQhoDL-E9*WET63-@)g zl{&URk2}OOTW3n%v*5IU2-n@0WOYq(ofQZ%&C1ux8wS=Ha?Y5#p-=_4zRr+KKdG5> z)gMqDeGQ*E6qJNaoBk$~MS4W({#E4L)88 zD(b=nka%`ye-JHSmY)`3!g#-mDhck{&_>EsVw+=bcej2)==WpmbDmfp8_Q@E?!)@o z)6rk*o&tJzO_O~(!L~U|sla}iT{d_E$)!x@1`ZBH^0Hj~@%q%(R+W144BSQWW^loz z)FF8W=O`H$)JLnwUq2sCXI*_xC`w-ou2Yjkc4ZC_vH3a8j;FoNlS`o@^f57Q;UO4n*dRO; z%GPa8JRw(+7leT&dZuNY*3Su>K)vnaqo1$L9Jl?XNN!}yB&Q?x>pmVzG7H(l=DFX9 zO?EhrG%vb8)?Yw-bvOuVT#D_#NPY{^CFg{Wo?Q-|dawECYxzJoL;xe=u&F(*Pb?75 zaW8Y&!ZN>p&d8>AS5+9-3L+hqN!})|UbKvDU;kh8t$0FHrH)4Gs{E=gL(HWkHAT2| zhwqv}dnH=UdEgwb4&YorR_E`Wv{>6%SCfmu=E9Z40663uvIFl!BE<7ab>W8T*4Yd= z+6Zg>q{{ClNLILP17iBOmk45++07jHXX*3rUVpgh0Hi-PnMmB5V5Gg zDaE~bng}LqKfUO9idTa=yn@ATz8+$u!RsSbdky05nKi`>Ip5^l*s9NRt+2pn#W0ev zGdc8->PAE4`HtRDjHaPG@AweUEnO-0ZQHD|7j|GbM_e&@uK8s!eFvkw(2P=_^W*vG zA<{HDV%eWVq06i>hNzGF`qf5;pw7_UPF4z#$Y1{Tc<3;iNr&ydh3N4-W=&M&nfjv& zbQ(@l0BHx$m0P9SBiN*u9Ll!6%b~H}UTn|A0fw1Edk{9WdLOriU>J)uMIHBX$C(D? z=Nr&n(5T{-9I%S=NT*k-x81i#E`4D(%h4#(m$d#1gM4azw9WBUPH(w9Jc8$?3*rQA zr*ddL1TYudsU>D7Uur!D9I3Ss;7HlxYzz-RV~)Q!$Dkj%$v*ekyeGTAJ(Eb}P|ZYaxfuE#7^S z-5x?Wz?3E|&H%JpCLT$fEH6sB>Wu?5hGdC?J+m z51Ixq;6a&K>CXPggNlrpHM>ktRue)GwISnYyyAmqN2DhW-<`et)mY>BLaqM-r5*kQ zN(0lm6!8aUM$bb~CwK5J+E4I6e3*iz&;YhOukiM3*lBBV8ZXgKGcKGa;z4T;H{ML( zd%pBGSN*8mXvYHtEyL(cDNH>71F2hQ9=ph5GE+_|z#LN`2PCY`b{{IyFh(Q0v(hKF z%IMd7T04!#e^Hp1t9N8#92!I8n)M@+bx%(=Z7YH!wQ5^m%HP?CAq&Ay&p65kouKy~ zvtDrD2n+ign#r@-B~1MvME%d4fIQ?|I`?ph9AO9DTfkk)w4#w}2v!+EK&yx({5q>z zF`-ToQr~-YeHUKww4B9fl=qvaaUXx2t8JeIIITbLu&)~q#VHcK0_A4569FvCm$+Pj znFPzhaPt_hIuPDVOGf<`UZgRlh+%>di)Bha!?w zs>aP?!LQ%6y=BR!t#C6h6p~a4g0hYRP?b!n1L*X#75Q%1-)?+oK~+f}-Qu3fwlSNfpWF}pH`lahU!gi?y)3--(tgI{#gns_<> zg7!-jx~f%`pU#*=#KZ~+?)=aAuz=|W+v^=C6WOI{e+NPCFU+_g_YO6WSKS?%FYQC5 zJloEdcYEFy=1blop7~1*SMbUpA;2Yin2PFjr82=>QX* zMSPE<;i1LVVUB+vG})nolZVWG;_lWRpT*cPe*Ul^D62ia_#9SlPrkAG7~S@rF1i<_9qIN!)KV-Mc{!YV^VRP0^Q5L1{d3%yl zJ)9PRE>eXX_+xi>*TVmrK>i|AKokV{yPCuYt2H~0pGvL93=%gGAeYZI8ooMz-XX)e z=N9%0_I8EmGw&iYkA5jP+K-qD4M$EdKPubvL#=Tfo6M?3oz^G&Svue1u+Tj7!zDqC zB2#bNLEAgFGELFsMMqrPwgJ#%q1k1qa1gZp2w(+#y;d#X$Tn`=CO~w(0f`%F`M=D) zDxaaGt0VwrRKIub=e$WB6Xya~BekyrdNBXZoU&!o>H0Z=xe;hE8x8ne1ou~LH z4+*l3V2p08jpU9t7HfB#SrqO4P_f> zbwF{;JDu@Wq7ZSFi)61*v8+Oq$o=?g$Q7K&SDw`wTKaTQpsDOR-}e0+_UhdD ztXv6#+%CJJcHiUvlCd#Hag_v!3z_wT_be9_GY&|OubiNbUgPT^_zW3JW?UPY_rvHj z+C{h^(>Zhx?N{BKHqd^ZcT4#wUYm5?L_lnGKxut_R7U8@5bR|YTsLD>7C!MaTKDkP zV7VLSOW4q!lY0te-a7U4QLTuX-gUs7HwgZ_19U=UbKM#%Cm3*|Q&P9*5%r}C&b3pg zfAv|8{JyiB>rHVmnBo%sk@U{3#ny3gisJ%XT-zBK)hH7&aPhRKTqu1DCuV(|f1(em;E1 zH9c|zTW{aAt@LlF7JAa#Omiib<>)Y!l&^4nTTnjmr@cG1D|0i4KxT{`n}^Vq!mjdq zz3-_KwA29`v#;PKj+j7bR@iY9%??t7-Ne380JbLTG~&mmam4UC5O`i1z|~4xBX-+r zbzo(;rc}LaIQR}kLE;tr;ZUBQU6E!YDi37pwb*3r#~3?@LlyKGt+AocXL8}|@M%cv z>UktE{Dj#pZ`7$a5*OMj4-3DvTH}OHB?_dIA#_vH4GvYtw*=Md;@Y(7>q9Mm6>1$< zYqLGrL0RG%vEZ!nG-XmF)0Q$hk5I%9(L&=2Qtf*weEVWjZM36^X8WS!R(h}1s`339 z+hheJl|K6neS6kGXzTZB!lTH~MLbc$CuG;iA-01e4ttWG0kq6Rk*@|CBdem!i{Kl` z0BcPti0l=F${~UC*yZPX>WiAi>I~eEhvjG!n5AbOY}(Rgo+U=Be-|hZUd)k<`nw8k zI{P1((HI}HVM;*s{V9;Bf7LeRtF6$@qm&WD(rv4iGTW37ZDZeA~PWJk-UG)0_k9X(o*-FP$IU>CjPT_JBQI zkJ-&@7QtI^{WNWS7yCN^LPSsqR zt6!vvXA*5p36)|k5~jQLw$jh8d*oHP|0(?VqA)?{w%gJ4(={1Ee=wn2tqR@w%lzxl zv|#fVn+%lnlUL}~bL;oWM#C8j5NTDOA8SK4a;>+C3l>SFq0Jja#_Fj%6_j(Tc7pD+ zC;A=xlM3#O`Ek>{`{z1hIDdubrxtZvJon)l=xq-G^2V=6%+k2q>)wA<8F7Z@2|&&q zr-$RKh|Ba&hfJGi8iCOKjyKf+@|RQQ^-0%en|%WtEmM@yi12idIfK9OZeeeW*v)_a z57T5~jLn|P`USucRXo%HtA0n{X-6VjLnkon4Mg^kQABI1dCK+{OA>L^xb6k0 z1lE_Jmd*6Vtu2-Gv<}CuEgs3oS}=wnp`ZvuWvZ|w>Gxm0t=6m8!$A(6>3!Ga%Aa5_ z07ud_nTz$MSFDn)nKgqF?IWit&!;bkwQZN4}( zy2Z7a0lr6qP~p)W5(V~la`Mxp%j2i`>Q9wcrG^p7W7Jd2?e`?tF)-s8#WME8<-kVD zSlp+gbfgxp4~K4d)aiKiU{5uPZ~IY<#G=k(Z996@6kdtsx!7>Y+qvDFt!&OQWUD$d z^lbz>Rd|RHL=xQ#JrLz*Pn-^quKFuP3o@fl_wDO|JsvDsAn|oI=UC22xVoneenn=9 z-oGTTqj;^^Ojww>Uw5I1Al3HO(BsDA#;*&~Liu*7J{d?T-Ms#41VMq;V!gI3&2yRX z&YOtxW<(OYtvXJT;8&+Uan;co)aH~Mr~VfLzsT=P{84cn@2A^W-zT50pW1WCvAXQ> zDa9sS?|B9W+wSBS8c24w8;NEe3VOD&uuw7c2pR%ZAtOAe6$nzIY>z?-)2G8I{);)V zuywK=Zl#JrYCk|M_`AXu7Q{rlv_o_Nx)^5j);m{o|JXF;Xie0p^V}5YyS8a}otBMv z)FF$fGtt&X_2X!%)Afs%H$a`j;bt%no4aj{0FsQxD7;dK@1l^=GcSq3xrk%BGxfa> zkNH06By8}E@E5J)RFRZ%j!il@&kX!O##|-8TOohXR3`6ew&5P+cn=}BbUJne1&5cP7#7+EOxg4udP`J7U5y}Dd=XA$G*q$W^d8LtleQgXHscv*& z6ml8noqsKHzrAGe2fjOi+a@t(NQsUhI(nJEG35r&UpZjJUnGtTIfw+9&&ZY79*?P5 zPO89!dy(OCJB;~*&bL7uebeMGE1z6089lg)_DUrbSnDU`^mDbm93wb2j=Bm8Ayk7a zO6FXSxT&@EWt}tWaAGCexbUh|NV_|H@Yg!{T=vX>wnuGrzV1MytQXXyD$Y+BU!HD% zYVO*Sd$bWx|IE5pcRbVj*=0TgR* z=D4DzdaP!Je4Q~-jcMeS{$S7Us#x{&8)qb5aS=i zf#vsttKGghi4j&os2NtlCeC>qt4n&n zxK!S`jsQvrzlN7#$0{KzW{&u|4%x>V1wvg#@XiIA*0V`5AwtSsaT)uz=!OL#>u~bI zw4YX4HMuU{-Z;>QO;B=d`P2d_aud+N&&s!Io4%U=ogV{EQbgn0X-~5DwBwXCyW6_W&%8Eibv=XiQ0FjzCA<+2%z$Ou}eoLV{r@t*1XGN`9LwLb>i61 zKSFgEj@1VOSUG*b=KJB9Je6;D(9Zb;UKx)od)j}>Il1{M1grThtDwQFSGvPS*UcN% zP-LN`7yngMKeWSq*_Aks;Ix;kFqC5#7&F9>4HKbL)2!K?{@`<}fe?eaBKj+fo=({n zPRw;#48_E2z4qpiU#^hA7y1y~QgT(MfB4!@=t_pqnqFFO-zSA2`Nx2|!Df=Zu?^->?tN8z!q zYF!gzea#wx5$jjknUL1bU+OQ?908b)Y^^%ydzCIQ*V}Ltqm&!oa~(Q*Hw*=6h3Ff2^P=fa8w`j;s&a6}${3V#q`f{zxkjYM!k4tBFzQsZ!7BJuQsUOo^f+ zQ@yR3uJqTsj6If5-^+dU#VuFFh-{Zxt(?3&sn%G}Nnce~aBuvB+r~i$2 z9R735dvLTEDonmtcVStE1AYVGSXEX<*DOv0T|zeYN<^mY-lDDB8A(*IE9z5EC${1J zQz5YeJgtkkey<^zH)4X`!O$9Smzsixs~Vhnu{iCjvyvVxbLUt>x@Mh`2(V2!w(1(A zYWI1yN7g^KoY1E7ZCM@Os-LeTr`&cv#rQFnjn(Vzwug3lNQvo`ejGs`_+gi30iaVf z_E9_W2?V~x@{eA-+1E1%ht>l7WSS4r>(@90dM3=Wakaw%&ScgR)awQMPmv*maMa4u z`b`HLs2+d>&wsIidY8Ii!hnt_A@CPR>4LOy@LVO( z_oT^KB_3e3TzeTRcI#(YBei|I#6ALz|GcYBDi8qxKAroF}w| zx-)UIt^0L!Ake7b(WxSz4deIQMtGq~8i1b#8VU=Zrg?$M+!Q z1)!MURe#`VJ9k!lo-4{W6`z=>|{Y%K%>%e)p+M
8onywfK*3Se_6Ur zs{2IjOcyO8vpCH{_h^e|BjTk_Ihu92F?X>cH|zOFH!ybU7kit@+1JqL(CI3P)k2ok zyb%XB?I4fwHxw#sf|5N^k=BdK+!gzgrjI!EExN&a8;QEGwFZ{nQJc#&HoJ5S)E9{< zUZKJ|zGBvfQYsHuh?5zp98JRtfOa}+6T7AT{?&q_U zyS1ob&S292278tawa;T@{hdW&F2K$H=7VV3Jfct9IKtL2V5Z>M&p?gv&(qzA7wrGh z0togFEp7$m?qd4O} zlWS6<_PM6FxHzO6I3x^$*JD*g5p@?90Vu;B2Gbn*QvNyS9ch1%^0x7wsFtQW(K1mB zPE?a6%V4^WDdMBw#Be`ZYpM*^k+I3#X4!4}$_e2v~cNiRKP|5u8^!|Qi-AAHpMTuK-k}Do`DqbZ_#W*jb>d8KS6Cl1U zKf?=fvBbV0;ftF|;;~@h4#Pnb)DF`B8CsaZK=^HYn%u)oVSnr7{+BM{Z?3)ke?Uq{ zb{Fg%6IUK?wrrvp-hmXdfsaO0H|~S2b>v7`?P7mF@9!tP{dGm=-`E&mH%}yWIib+~ z_cHxiu0NlkRE+xOwx)ZHMON~=6=62&aZqZ7jF*`&;UAVh6X^G3#$0Z5jeo)>HC+8) zmjzh!s#)K`YmcZs7|~t56(;!m zOa6=m{P~>S1T7ui0wT{kftGAhir2bm~t(Z+oBwA^JVqe__twv*}|BG5+Aax_r?jcb5ocZ)>*YL`3|~ouH4zyF;)~ zcd6(sKUuQUkO%@p=IZ;-w}KkHYk2b#)v!@<$8$W4=825sqCLXD^bm_~KJ%k6aAe>P zs7Nuoa#) zg7Fn|0JVzghA4i_i1=ORQ}9Q-N#l+;u#h8HT%pyQSxpddQ23o#mX)$dVL8v!C#*F_XRR+uW8enJAFCAIYgmJ3i% zlVk%*7B2!LWe?2E1j3r;P)q%H+{=G223F$H%%iBR?30iGI*szM!Vic6z&r{t2eq=k zfbhjaY-VX*PGnZKwLn@ftP?NqEQ1u+Wx+qoA9dM)rqg_%%(-=p{}TMEd>LDLz=Iwj z0P~a~UJ^d7l9ha)V|rKlR^&w}=Agq^=Z)mI)QRM1+UT%OMp`qJM9Ig+Efm7HSD9q- zgqG%l&J<`)oQD7rbkGbKUX2fNSl&~0H`K~;)sYJHw8=XiSTCD!1a29B$o%bS1zei; zH88RbE^tX#p)kr7RlimYmrYf7o(3iNl)|0kz4nQoyP{H9E&QH#@ko<#d;craio#@E z_~1CHIyWNuk8}LrPpdBEzrD6inhCE?hk0koz3fpz666bUb3=5VcTIFs*Vo#?c|iZb zm(HglI{3rZD(H}|g#hDNqxyV}{zawl$Lj=D_%@%VKt-}S1vnE>$uOp`Cc``d5>u|U zF3TpiHuKQS|E>d%vl{<>!m6AV=YDMI zQ2UiV4>B{BJSXVA7#@fdOOCUBTqJWHdsqlm+(#fx{HQ#vE`F?b=i`eXXTIf!a=Vb` zT6vs@RQgw?va++xm@LW#4C2fEo6o$I)Zz;@SDFE3wyXyFX7mBV>7aKz^e)(?ozL!8 zz9UrRqvO}%GYP&vJJJ0i^;G};*h@57r6fuL5;NG%FG`##KNo9A5!i2WWecKrr4tr$NXLeN zvHEZqnEqBPQ$uT($K*<1C_)VsHx-$@o-f#bK3&aI`Swx9Zsui+qf!H*y3#SP&91%5 zYq7es$+bJ#g4J8$zd33H0f=3Le{CNT=`+-q7Ru;<{A1pqB4r);Z!T-qc>RWB@;js`dZxY1zNNu zR68*m!QL}-ROan-wP(Yj>s57%u+M5w!P;5v3g=_Hw47l{%6r}fb(C?o^Mg!k>J4<( z9NiMDi92VLM02w>Up^ZEvSgaQsQ2NTy&=9XY8ij}KkCc>6B?XD{|ftwJY21lX<02HAGF0u_47hi2^r`%4y!q82eWfE7g7GuR3H(s}xv0YmXdAHIgIXs!uA5w@y zlt1cfKcK1rMe~6iZ7=?mttl&`g#ib(=qtcom08uKFZMukSf?v zPmzlM{C+CP5I)Fd6vx1NX(@~m8>weS{Le-N3?>dR7$SWoz5l~t68{*?!CwXg482^m zj~=Fgc7tMHBnJjF8BKaEP-t&PxmRy;40$&F*2a=-;V*w9bI-mR#6Dvl(g&IQZy?VY zYi;U%{pFbPQlY!{vt zWR~Cg-u%wi`*WL}pOh7_{vR{QGWQ9&qil26GEunzwe^z@a{%^Mg%9xQ_hxIlsh^Z@ z1Zgw%gp^9XtH%X-EF3?R;9*WlF83b9)K{e_yatk-eQivo+H}a!@~PFt^FZjf=YAX- z+aw-z(kCs;Pa*eg#jeD_p5UZ9`Cv3h!0@M&J89X53VtWL)fuy0K|}vF{kxSA6S6v1 z7sl+!*eKLHlbcs{P6NKwB*e&D01J zgs?`U;A~~nW%^gb@p{dAZ86yq>R%(q)iCQOBMZ|F2#^=G=J2`L3|s9?y(BC1u~6Bq zFD1kysW@)_CHKQkA4NRfw&`8d1{ogcB`+Pfz(&l+!`cK-vElBDV=`qXIzr1Q-BDIv z{x?TmwFB9|_9EZIhOa7mC4QWeQ2M|tGwBsBm;~$en`ldQeFUqNz{wVW!R^^RnR`t7 znhEMCDnfI$h4kfeE_yMm_b9V87Nbl`Gyw6QC4ciIz4z!Km-GT}**u9cq0o{3mnLM~ zz2!B?N&GJ_2=o zrCvbEr^yTAG`VY#cgn!{g7Iq!#6|INCYA^5>13z*?k^*f>yfvzn4~qfHeZ235w$+% zKy8)DT%PtTryurI0A|bPI<|Yg#S_(|Y_Ib&fkIVYM#V_9uS#6XgC^o9r>Myyk-U@C zE|J2;BoNIDyi)IdK^36VJ>_Yhsx6auyqmw;(bFB@^#-|~>Z!Jf7WHri{jg|sMc$K* zIq&1!0jT*+E1)SnO0Do&ofjOu;@z7Wv7Do{V0@Ui(gK;!QUXra(Q z9{KGxko)hw#;r|@A!&keo9OA`=Q7NRR!Vy!fqPMs@>-nxWoL}d-w4%otNgDcDSi*; z{!_kQO8gH%SpNaDBe-}NjMn_C50kNoDeFKp2^ioE>A+hiqT0*Ykb-a1q%3mg(=A)v z3P=RuOH8>cbE;9Om6RTbJmEx3eU2H<<*6eq2j`Q}NPf)=hT&K`EkP-=u1VB8R(bIgL7NMpQ?E@uzCo#NK1! zZ?v3;@R!DM^ApBwC<=zX@{ za}QNSR-9?4=wwWQ4Il^7QEffQ67_hh{#3a@D5uh3)8Oku_!*-D zWt9NLCYQb}5-}EwL4erYA!;wE3{C=E(UOP7Fjce)V}DQS@I zT6DL7AV_zElG5GX-QBV1hDGOH;C7#V&i0(=`|fl9xsQLKvfg)%Ip*l!7;_fa73;qN zU!Bkq^mSVv=53Gc2c*}kFJAfke*@n`0EeXAnNQ;J{==;g3CZQNL_-H7!^b~VUDr!D zF1a`M%8oJhn|BVCd3igTpg~s+cbO$e!nnG8RPO=gdWw%2mI0lbs5DmYND%~W zel#Juaz;0n2BC3Z9CP*1RJe$ctod*%kQ0(H$se|$$@jupvn$UM^cmwC&B#(%2x9#{ zTJF3u^BOO@G8;7h)_UgKYs{F|(w}9rZckox9I;j;P!jT0+%b; zwS@g}(yn86yLA|tH znBQ~t%oGJX+Ipmg>!aroEVr=}C3hqDi}l^OQ$9E$82~8n1#;`NBAn0LD_aI!C#27t zX=bTdJaQX7gGPo?;Z|MHD;63Jnka|UFwB4_%QWZi8X({&z`%ThcmV+=1c3nl z9R$qJe~@IOF(%!s3Tqgz;I!uNggr3&ytCrJcO<7;}r5det4aXo%Vc zcv*Gw@uWaISasP(OJLKozl9G_kMirMV60RG`EuQ;N>)B9!a|_6cs4qrl5+? zdDXJ=pnh^kIi6nwx%=|Te9Go-m(Sl;8Eb*Gf*^o^Z~ohlZU*>L6Go;A*6RLPb$4q` zUu~bBn1vp=dM{2c2$WCI%by0k00N)HlPS+;%sXhE5Fh^!;^(ja_Cx;*H09Eg#`D)9 z#43hdsqzux9&p~sl&TJtxK?n3e?Cw`@W|0|b2%+Q;xQ2)+`kd>7g;QQkdcRnxY(MK zzA0-bK_D6!e96LoX@+G)w?FAew@ zeRQUYl|N2TGvPZinMfOYAaqLU_$iwaUV8mp%-(yHIJZWiGgQ(-bdt!zGVwna_z60G zQ;1_9Hp>An_9{t$t!JpY4Gx12gn{%DTJI+TUQR#PXDO#u?*JsYMEWnR3i*>&S!#*# z8xjmdTt(Mwn94CsS8k14X0Tr{uJZh|Jj5`!NP6c2jW?*%t_rtqbeG~cB5m9{-uha; z`nW}vaIXgFaYFr53?UHm-@-@=EFJTepo`&|!$JMKls<{)$l%j< zX;)Y^uid!%`QpfT#bi<>Z1Ivz=VM2tr>YG9x$QCd@TFG}l^na30O5zkL<$&o#Eh7^5f-&>mX} zV$=R9gA@Ia>iTSu@~mLv_{~y@z+Y7UU2FHAgXP`xi#Bu%SWEGn96COWBsUX2v1EQ( zh=aKKGb`npmsw2p^T zzN8Jp`n9+xbMn(>)U^D1y!lRAkD*o^c~`XQ}Iu>RtJXf0-tU5=#6 zT8HPXW4T37rtlDt@q#uGS?DR^puPU6vj3F;Z3{2~Tgrpb{GHGBVE;)0n9si+XBy4a&S+bW#}B0X zliN8@ix`!Tyq4Q0KGF5~YjuAY<4@3w+}bC1gx<(MnedA=FU%+MorO4ZP*EoriSxa1 znV|nkKLo)$-$$J!ofazg3TJ>N*Py|`b}m_dvMXWuPg-r&nIT|B&sptf-OlCxOX2@T zL$M9l{~~~i6HLGKyk6cVPVFwwJ=wB22Qy-E&S+ zotXuHt?qB$`%y3sf4VuaB0no4_j#J^Vex5xu57@r*f(&a}c{0aw1V4uh* z3X|Gt^QpLiH`9je|1A&Y9yR%b01e=VO~t`MAt{i`c>S?u&9uvtg8$HEoRvj`~d9hfUE~>HI_wa$X_8LE!t0qlHVRKn&|b0%V+hXw;uph>Y`~T7p>(5Hmn_(Vic%XPo1!-5zQo>&cqQd;?A|!u? zPw?l&j%=9# zSYdv};#Hq-S0Mz9U=mlAqva;7Nz;uV2Kd>^OlC(^xk)d&8?brd%jM8+7UxCi^5;pTl!&mFJ$PK-L*J><~dfJ)`nY$HlC9VS-5 z>5xn5klf(4;n<1uI@Xrhrog<>E%jq4b{1U%aSCXhKVKqc`Q!D*WAJY#xuaH#Qw{z1 z+~;43&^s!qKVyGGL$0MQN)Jdka!RJIbi-_yOZ3petsU(?!Df=)+AvT+b7sv~| z%hm8yqoJR)QQFA-wq9nQ`iGlg`4#FnbG)s!Z@jrTAHq zgx5*)S2ItBK|yT5cpRI1BO$OPZwfOu^-z|tzZLXW!MzTTd_2_o`9D1)1XuAaSD2Km zS59(^L1V_ML{cDk83i7`^0a}E@Pb=m@bgKm(f&!?S%(!vvh%etg=%FqcFoz`5cq?6 zX}!If@YexVAx^;VN)y|=GW~&`gcpM10Bn2q#Yxk7qSVwPiMVea4(*H`d-=DcYO~bl zaSH+xh~Hr5oVWksGyf@jE8n4XQp^dx-zc7^7s9$p*dY}hN)WAq6zkQ6h2NWOaLyuUid zHtT9WM3@g1-xY-+h(0Vq?D%<^bE5uTvGbOTM|&Ps3pXRsqNGt%d)D767_E%KC!aIa4eVHFR9UU;Tf^b8Mr;-TWw8HEHiSs@5WsOUX9bQv zSL!GnA4Ig8H?m{B_QfBjwP{jsm@WtQ*{-Ru4X3vz>R6cb4*VgZ%Lh!e|q zo;g(;Q7$y|bzGy;l}(}d)^UEGt@~>QU8@vh_w>bHO*g>AALo0bH1lQtx3Huox)#PE zaH_WnZl-*>wNRZU;lAK5{g88HCCM=thB>Q}40g(p|% zmTn?Yhf-CAXj${6P2cx>6Uiz64MNdLGu#iG^Aa;33j-0Dpr`pfoDR9-*UaW=e4!V{&dEzAD#HVAvfRgv>qrGsgGeJ~UjT1zLkpbNuc+BOabB8UCvaa>cb0#H zt;d@P$gAt4aFjSv>XA4N0+PrChg1_eBZnkEEZM8=Tli{8fqW5m5!t76?161f@Yp6I?uy>Z#>LM+2xj zO>Tnc2=vJOc+uXpchjn=oGp#Fi4KQZm!FVd*^^*JpY@kpxL8;u+&3&?i9Ep&A8-MXmdXPD1cdB(O{ z!`f$^yq96CT)92kkhDgGk&+oT^ddGFxI5jK!BRf4(xJ9@kfR)+MnRU~^d;b1I@Oq) z3$8_|eT(6iCbqj?Jts}bbMpy`6dg5bT^as?y7!;iYZ(4WbSjJ6?X{}x(akVh%9WH+s(_LmJU0Z zl-|W6usSTeENmqsw}|2hR;CQCj-}y*rMECsjgB0Lw&f62~)gzlPsdQ=+poTGFud8_F?iet8OK-#1sPjs$IWw-RC2w>8=#|vH*&iMG z5%j2fRW+m5VR~b3CF|ABMTi_~B5aeNS$n|kA`7Yd$C-?)$Wc?ha||cgE)kU)-K`&$ z-$_=&X6N8I)rl-BF%kCI-JaH(w@`v(8~UO%2Sc^u<5G`=LL-+4Ic|;?*68aX7|bzv zYLg##&72^Zk!ASw#Dk*syOZa_o7iwyWdb~f3a10JylZ34!zf;XaDEO5>TFEq!pmu1 z-wB~`kdgLZR2yp>e`ywh7UqRvzNWvrcN=YdlUOb(jv}=W zi#rJ4B8tz->lcJTPlo-9Wi_TLT5rIL{U|IlLywl1IjJX_{O7rI0%;}otS&zqec?L}b|1E`$q8W=_D z6Lb^4E$(z)I8E)_mLjW8;WExx%DZ5pVjK^@UfCbot7a&H?R?IW#m71j`vjf>FurCA4KXh(}|=8)8=5PcpGmxW60$n7ibRruPAV}7`fZvJEq zRRAKq9dQ&}G|2Z9vw4^%e-%DVLEoLF&DyHgj(n_SUDC5iGz5wpl`XMm5ixQbB=!IEzb1*RXAx7) zT7S$a)ECP-_eRrvzZNRa78 zC`6r*e`p>(Gqx|)*0cApbj;hw-;LPN118rNoo%pNAJWb?z17&fM8STj<#$6xi#|tbC_oSzkV3J6b2rl9x}Fo z80%&wD~7=SOr$;Oi=4IEG+nGJtojuCS+2|;Znzn|}0gW8D@*(!e81ylLIuDY_Auc$j zq|;lgJ}+h9xeL1_FW5>pp#sg36{=ld``hJflkZE~-}2%9s1b0z)lY1^FFG9_wCgyRC%di4!og(NOMY`jFsvCNT)blIz{`J3hkRAP zI_jiKi*=y-wrtKQ=i)0v0`ao|dl5Pdw&HG5ljTYQtRc|`)!QMqR87A*J&j`3<$@Ww z!@cxlF=q)rX)=QGq*h?#l zjj;>!$6An@G0X~mY)K(h+*{G13P4`%yP!?qdDVqTJzMwMorps{;H77xz*N>-vK(6v zKuU0fI0_gYsK}dSzqJ5!5y2%&?$#2w=}K{V|2$N zVhbfUT0K0}zn7l=tfxx8u%iCP^>xrn0D%Kr&@C)+r6wfF;hYkRw3r|}j%^fOQDg9^_#=Uk?DHreQcl}RUQv!&veS~F@i zIUDUf?k0D zosh@}=dpg|BMxqWf(A{%ik3$*Lz*<1@SU82Qv*W@@2i6VC+Yr@Y`^+iamqVe`Gdk* zvHG{Kh=QG{>5i0Scbp8p=oUTR%iU3N-FLmAc%??Xe<|%&^jU+$qaPO?O{6olindPy z9W_|nK1`(j%HJrWfRp|WzWieb2!Vqud~8~5=!}BW&t1QQu4DEX3Rr;8PG{}{qRAkH zD2uki?$Mu>>Q9fWg04_W7A z<8Eax{gy)N3>>W{-C3%I&JbdVfemjL%hghH4GR2qtQi7RD8;1If*79S5ZvLcbUJFt z+DFEbR1p}Z1sAv$xcUF0O`~2y7Afgui82nqXGF-aJwx&i z#&KEJ{4XXK4T=F4Q|$aPmjwzDP$@w}waoJ6^4EDipTx;&UU5n7BHo-9xHvU3&*N#Z zAb|E#c=38OPI7{3JclexGcKcr_u9BJw#wvfuL+FO1bBgz*)>6fkdVLmx^BED^L}Tg z`p8uqu9AcoVaqdD`&WDB7#Y4L&I$YR>(%tOdC#Cu*}uFvvIS4hgr{Ota#Lb-b^Y;C z10nw_cr61vWb7`8zmsAT`KL{rF#2=TApiOhodg(+q3hFmlm6T7&gX(*p{wUQvQpLB zfKBvn3%FH$E8j%^-0sEtz6cu#bHpt+eL$8<5+qLAsGHWxiB5ltA@x9?t5OdM^~*3S zy@mqEAvxgj$`5hFfZr@00!m2x8I0s({u%4s(wS+q_6h8TG4)Rn)y1H#p#I9bRFuGF z{l;wYEmrwFp`8$rzkQX7aPzok*oxZ=z$iy6xZCpA$GTrby#TO0XMFx!87nq@(G4yT zH;)*&zW@+)ufY5jFBQ|FebO$Y`vMyb1@&u1e`8hg>XW6vj(+?`0)Jq8p(sfadup!C z4=T^^p>T(b(yaK|j`oos1i^32BY@18==%)u0ua+9^bPknuY-V5;(C&Vt?EZd4_(ur z@`EQU=9a=kjDoyr`i-rRZ3yW6*_fNdee~%^TNmhPLfOIuzMu8~x`>3-k;-c*0Wc8Z z4^`oesZFGc_;&IXDp*iJ6fqryTfmFqTSTc@*D<7p{Vg}$tUIB^xQqYJqHMk2UE~H! z{+L$6B+J!L^nocU+#|l9JYNDA_xYjkAH~NZxHi8S3Gwf2kcLqQw+jY6mJT|-oD5~k z7iwdm)*;0x_?7KOPCc^;Huo{IuJ&$cJkHi{UaJsh_)-UMe8E7J1s_ujt}!YSC}x5$ zU~&o*^{6CYG|xLw_b`H-@XS?R!JE5E8DjC&eBYlseG}Vv6WwVhKVRSfr9Q^Zw5HJq zTcvo$<|Hsn5pNwdDxLmZT|XCGmqgE}Oij!HA0ei(cH|Ja&DUDHhP)ZHfZRfh5Y_4Ok`dj3eucWiGKj^A}ucvN)K(IZ7X3 z8D!fLyO|Cy;!fMPr-3WR-3b+|^A*?9>{?TAuFS8>nM#BrWkSEefG;UR69^VyD<$Ix zDB%@Jscsqw?7eU4l;D*rQK8Yw0{c|w&-Nxc;eDg_2ppa3y`-^P5)@!AOUxdJR)^ka>o>d9ZA@LOPp~f4>2#r;>zKZSU7bV zq(#y0Rda{@`Yg9ToYR^?Dy=~&3m=o*iD41?by zGa08XWhIWZ?|_i)gY2yIjm#x~Z}(WUp`2CIV`wuDe^gY}QA9HQ)&dqk@~j`k$D$sq zyXn(&tvf0>blDZ})7OZEz)?8$$v`lMHr&&g^%DM{FtX5r6$!YC4Ro#PyIwVB5tq4I zqxscmitB*(wGeQe+(j=xt^JNYd)$`kLbrlHK1$d6_IyMTW$Z`>ZUS53ct;0Xa3V=v z>?+we+|3p{_|AX|d7U8D*B+UPUq;fgEsiR-u6> z#fA)fETykbkeD4falm3S_9nb*lnPTt^KLw~KySbh%S}4| z#H2S}M0gVuTh4|9-AQCsM_?=%ke6F$W(NcD`uvH+iP_&>;f(i+cnMV{=eA#W_dQE7 z#X8K-`s%0{-t>CB$hXILc+#VOU2EdT4E>~I*CnQxk3}_h?}}tMx957b!c$XwD8QB9 zqcKk)QQ*rOjP};Q+zJHD-<-$`97uWBH-1koy|odx-pCKS$qC%ej?*uBxWw*tJ*WM- zIGM!M1S)rZqQKVwcALLEYTAWMKUARW;$>|;CAoRQM~EE!Y(^2eFY z{05?e%|qkx8!x&09In6*wsS_RQl!0RNVrQz95RvqWNgF>f*9)UOj`DK!KPU-jGJ1~ zd3pggY1v?iZKV5-_f&q|$r-Bay32N?T2$0kp>Kg7f; zWK;mY0vc7RzWq{=x+rOT7o?0AAT`e0_nNdhS6 zJV{jX^D?8KT|ltBja7UChRaN?wjPjriZf6fgWM^KSTzSGf*RYyMKG1m-!03T-rQVQ z_Wd;_NXHO}SyJ^uB`Cqo(EGY@F4uA5a@tN{+B-O(cI+WJqm}<_RP~R`9=@qjA-o{6(?WH!N8Q(-uHde`x&#!B^P z&}5iF{5UK@M;1Y13=g=tRD)N#UskCQQ-uYCHnRCGH~ltq4tFdfn9)h!@-1Z` zgWMW-=aKU-r|APd&PE5fk`9&v;NSP*@G25#-Ls0{Y3*k^pPK^dM}BN%@O1D})2D#f zc;K)rmn>#6N#QQwq@g9ZpSm!VFhd*{OZ1l;x*X$F0=^3w(TW>@8akd?gn1 zHtiFO?gl?Ryhm|_%dMJIeTc^vTL5p&zFwOpg3oSDr_hiQ@!Xk25ZaCUUfwoW@f*bo zsZOTF>ar0vjUwJ6YMq4=bMf=V@?@8Impx=gX7N*&dV(@-jLsiBakCj*TTbu6sF2!C0VzT0)VDW4XL82(ux7TK5pYt72Nf+5ON!V44|#DY$f?9=kJW zuHgRTp*k|v_XbmqZs+sriScf{fGB$4YuOvHtCGc)NM>}`Fg7=CGUJqRBD5Fm+A*p5 zE`L_EqD!SEImKERqOcjBXfNJ1yL%mB`mpD*aZ0N@{dNe~JZ1B=Iz9EJ?3XJwRFn&=FpFvYN=WBd)iJ*_`#E!(CCCl^PH=P?~m3F&23f31~;14 zvCUMz<3mBeOVD7cJ&Ot`XqOTQ@Ety%2vhb0xKhrcY>V>+zKZDr4AGhMd&*x%P&2GR zU6M>_?Ud=*iKF6=S!?^`&Z0}r;twUZp0`?+`Nl48zU|7|AMYFMdX-4T0pi_MBtS9a zF+}Aku;xjbIVxseuVAaWRLoTH)QmK}TWg{;K9wP7JDY#o%BA>`Q=aFPh1d=?@j%8R zt)|h~GWDyYvitAQM){ke{};^zC^n%t##iJ`zHHud5BjVOQw)qF^7{bK;Yxe2a5 ztY5M#vYkOyrBNLc1LEQtj8IRz$1kbh61#7m}iq8L(SKRX` z>(e#^_xwq&QcB)%d9b4xO-d*-SH4?ti(pl8AtUKs>SgAZ{vj_qlL1Ctm5Z3oi5=nP*jhMg$+ojof5`l%55A!7f1EsXlU(v^5PDK<6C1 zgtO9lf;qJ`DL!uLxu$Y@lNh_zcyUb$s#leA`>MeNvDs|%RI1QM-1kG%T8^WGOQ;|L z{S^rl-Xk!-S|}Hujx`x zxd%32_2mJfPl*#5;FHV|;_+*r1@u3{@S(wHhE?}u<3muuiIT|>2W&DsO`Th@%X$aH ztGB`)dEr1;qznl-=)Gho{PN>CU`%jMJBa}-M-H=d zFBa_^U6JB&DZ28)`{~QvlZwT9%7Z&_Z1-aqFkjXkTQAA+A1{;g z&Q<+#8qi2@JgMa+hXbKz*PH8CdJLX9f0K>tIDJ+>sdaeMRU387#1N`L;*gvDYUb^) zI_Y{VzEduVXL#E2PckuW-|XrV-Y%3JrN(ZRO{boMD#Zv*E%c!>jDcU%BSiFQGCntnZe5$qaF zlGthzsi>NhI1T38%N4;!gAHVUQmt2swtC5H+_3Ia_kd?^pHP1@ufo6;wxYro!fd6Q znhn8`c0d>1Qch~pN2PVNfM+-DKXY6VhE}$!0ay-VMj20<)V6nX<;+`Yjrm~)>xxO8 zp3E{|Kp#{~X)vCoR8+{RF|kpNttLhZi;ot#cha}0vSKWush2_lH@m7F^;V0uUF0wk zMgYfc_E5#h`Zj3mM9*pxG}HB@ZrY|FD&{uMCcwJJU&}nzKAa!Bz7fX{7{9DR1KehM z9l5=pui`SzcSnDFA4s_4QVWBxr^$NgM9U`Oy|~HVg;3sqRjD?W>+tp4G8{SMg;P9g zmUl1$Gt1^0<8&C##FyJa@1qKRa2JPz%XX7TQN9Q`6LIya7}-CCjb{Wm4eyqCOVI!= zrc$5u4Y!C9EMkFY;|HG7^|g0yQ`Xj3LQxo(TX&t-<2?Sy_QwXWNsvbW$lbKrt$$Wq zB(@n#rfg~akUgEV|AK#7{ssRi&pn?=ngJiDGIAv2I1Elo*3UnjU{tu}M4s$`j16~@ z&X(qd%Wi3M_N1^B+;#b{E>pg{!ket!6MpA=cJEjQt5BbB0h+l>BnIBQXNtk9#GXul zlK?|Na>X3)j#s0mulQEd*vqxu(bzQ>a|hq4hdp+j)ZA|^Z_npUG1t=O#+4v26ph1B`wGrBYMQY|E zZEY(THsOaqkW(#`r0}W>WID01uNY3l0UlY5B6N^Nil{+DPNRO z_HM>0MMRhfY-A>9sle=>_>1693~nRKvmI4vChR9uVBi1PSaYFSDcE_{VG%&Nxo6+A z>q6;Fk;xM}pD&S<4?anYalDVIs3 z(zb2Qd#CAy`a=gIQ(^I+Ez*l4)$xN{PoYw$B40Y~3eLRUd(*5bmSkxaf;{eVMs+b@ zH}GL7Q>{B85Ux62Z^NH-PMR$4U4%!ykOYW*Ux&OT35PrnLA6bgPytH%Qd59wKedM|L-)hP z+}`?hMzYJ*lTV5u1nXU4HE}*7O$)%o4czzM?^|}NF-M5a-AZ-!ZIypQ!QM{lGU})| zb_nF(T?FpSqX+cE+3DV-m0HO z)mDTgmbn{f&;2tD<=5N{e6}p6$*1-o&ejFu5#+J zFW1k5DQuWEBP@7Wv1=T?ixmOLNJOpYIU_E-7p+|~!o%@%JQ_eR9nl^(Z{H~)D++E@ zk_+Bh3Yc$lC%=mXftxaqijLq3bc59+^}kBIcHElUt8a+P<@|t)mIITBc0NBWPjd(2 zL3wi?1O|_&dR|&`uZy6!RiB1|x8Mh;0?L0lJHXGVoIRLU1g1|8HJ#G>QY4$dyW zcyZ<`&t1u{jvhU7R}#$DwW<$TEy(w;l93m6LSv=~SaJUeVx`yG;sICVd#e*qKEed& z0!_ue>*vfBL3fAgy|f*HR4Q~RJ&S=V%Z36+O1`~5GRN|K&AM;3j#n{cqNuT3U5XCC zBkuLkW<$o`z@rp?Z>cvf0aI+qixtW3W?!qk(^H1*$4(!lMAyfbs?D=gxIca&JhEyVGe!ls^#-XBIJgDd zw@Ch~{r>W;U{KF1pJW+4AYM+~EWog|3(L@@R7!gJLqQXaUdubqc%J*KaKO zgUCmfS|jHVKU^Kx@h1fD*Lecal&`zyC~CyBs<#YmkIW-dhiHKyH$#Yz)WBl7*__bS zIXyIsb_t>OUZ>WOIh*=3!k9YkCmC9jV4v5&8neET>ng10oVqazq6d47tuVB|>faDhf3pR{kJaw9 z2}~ZlKkaFvo)(OcGVs{d`o0bFR%KDn~ECMX5)1p7fi+JcdrIK3}Pf7{om zOyhw15{MQ`UaoZP|Ez~Akvw4!{y(t??xcUo zObiA1;h6Q}Z?b(jkO&-oj(}m7|9skk`3WzhWlefSE{^w-yUhl&cQAH(w6@Y)>Z->2 zJGb`~Q+yL_8a!1$y-+VWc|dGEx;ahGV$L(C$KV?wgDGVg#XRj<>- z`&$Kj$pX`qAfKQv)A#=lbkrx*Hs)R@Y&)0dHmi3gFHG#7vG`Hen)Im@Q&T_tAR8`N z+rWI7m5pO;XD6@$IA1(ybVXY@ui)=q4ei5_aZahUu)h!v7it!}cmOn2-_;$hBA;Fg zIv5sVh@0l-K94A$kisKQ&F<;(Jt}DV7D_|w!`3&1PR_g8y1784pa5es#2=VbmL6tk zMDMaO!|bx1DgM!4A-wo?PhD17n8QI*HZndH#-fo8q<8Q$({5;(U;7CG`M3eixkAmE zpH`d69_

3$5$7ni2vP>Pv4BZ!vnmY9q%DMCa9s|J-S6xShk|1&BVP1*69*oR zeYU*h*JF2x9BZ<>!O7s;b&V{)IdjO1Eh2fvr-;#_^b?pL6>1hKBjtmcb#-TXk$rbTEA`yKatVphYFRL1F|sG{OJl9K z$91~9B9^7V2{krWr-ouI7&0jg{?gfS5mfddeDPpIa!>(C0RXzQvs0WhcWE9jn^CTh z#D~5d3ho9O)~=SB89NN7RSt@^ZN~C+4_%C93yg>wB`r#d_>Ool9CZ`8?*Sh&1#g+} zK?}5+nxa!~9`uC8o}W4S8(2>_1yM(g1gn_oR~NO2X8uUMx{cfE^xecBqeblwoXd3e z;1LnL8DOj6fZy7nmB`7=q&RTr`e%OCjr#Hwn-w(g5cvQw`5KHzFTGyH8>u|Gft@D->b0;%-&(;59MQr<1|9@(rC~$ z%GcXwaKc68K;^fB*sm}WA09P6DK!Sz=gb z$!HysEr9MCf4EK-(5AtAI0~s3QPdpwc!rGL2pj>Ta6TwNGA#Lj84xEX&J?^i@S7|` z9wzos5qECc>R;eTJiWd^9c#}Jah(4kYUv66!1T;pitU{f{C^0e&;jYAleFXeC5-Lw znez*x92kO~Zo%h32o(nm1+6=BV6_-tox#!f!a&tDYGxysVUbMVf^uYQS97JT>*^!< z8B#oT$iPC8Bq>rnGDoHMrQv9=WoO(54UoYMPpBdaxj5S|-9@A!(?vMS zJw}V6+7cAuaib1iYVnr0?bmI+Y;2MB+oLXr(Nv<8%&G=~)Pq~O_*yXB|D5b^F!)cs zCBZ>^1e!nfKc?yUix+&(tA758@79Wrtryk2HQqr5V=Jm-^Dyx9+h{Z?3vvul8Nf_^ z*~#%FvE~;jb%RV5xy75%bS8EUIh4O(s0>9mQ`)?6sG2=oq)$>V+;qfNX-Uw&R9C2R zSi1f0vhH!mc+lXG5~qCM(Ga~Ps|_A@D+i~SpU*PK2jh4&s)mX^pKIZUcDT5|IUv7a z1UHZpgm$<-qJ1QKXs=OMn$=`{JHN+(YW94RsfwtVB3vTZ1I>-b8#uCG`uqURhfKR! zT;nLh#nRtJTVG&ZDqhu7B`<8*9}=+EC<(GP6aV% zv0bH?SQJVtnj+X;KH~mm$JL-&5?iJZ;njOicQ$>o8l{@}g~-R(@fEff0!w-~(Y>Iz z09EnDvM<3CbMA5WH|DOd*0kuPo%{2AP#LP6%;=)U7MpgW*C%na+0_m`wUR45+>av+ zqM4UwZbTLyLaHWIT=(O-P{HtK@aW*(`TCXIRuu|wc`MKQ8s)D0VL=(*j`Ka`cDj2o zY@!wSp^H&L9$)5dJ=s3rcDv~AseGcMU}lp;e7qADL1xhjmAjM@JR--6Yve+!r(HHQ(JD?L>vx{mJvbY<@?gvycR1C|q@Hyk|NRy@P=Gv{fqou-T-z2}@9ca7o$eGgsNVEweVuGankAB_e=c}J` z8c5o%BJvmq^8~m%+9l%LZVOmxY7|1!PP*|Qk2vaJv@(;<%PyT#9v)mmiG<0IeeCSa z<*f?Gro=Yx!)5f9#GX$+w>%I9cS4#23xW)tB*;1Pef6g8JnhnFcl?7tuW8NG=v#CV zATQP=Q>Ho`ATOO)RABx<`f+{wP^mE~!irDUbUI!%)3quqXZxNX>p(-YvBP|n9%YW@ zx=RP|zUP~1m3vWr)~Iv?0b>{CU8ILNT>|X=y4gh+r|kYrutGHzuqRF;0smt=D94y@ z-_2&IGO+T)*)uTO=So^~tRX$pzhN?ayx@`G;vv@%dKU^yn#)}ia>6}q`BG-F&f{sG zQ=pTTlBrxHwI3ot1GCOor7s!8V1@1JHWHI9c5 zBJX#wVo$1+bGW4C{011gE6D_pVyf6qK!m3ExtxIy;7$u(&&tl0!Xj|}LeVpBb8!~x zCMp465A`sEaA}(=P|rP+T)Ziv$TX0~bW6;KZ2(la(GSWFE#wpBp+OQRemj%=; zE)1gy&H3KiK(>2uJI#l@z$&EYDMetsK&$1@;bIP~NYm7CYvjF-1b26*7q?UG(T^NF zOh6=CPkN#+{m|gPEq;D|-0(e)CEGS7(PBRM{nzwVw1aCUR1LRnIC|x^BfZVaQL(F{ zd^VoY_NW?vP&YQfWt1P#c+^3E8W36~=b`!P;A^{O%~@rE-GF`K86ZTjh=}9R*^yqu zcH(1hVMxC`wSw+-l0zrr=|jp(`|rQ-l#>OAjvG`vetR_7AL*bMQD@ z*Afz2mk-aJ&%5uAiqSB`{yoBic+qY0vpMN;n*U`)5*nbj^UR3y$6@Vo?EgdBTZcv6 zZSTV>ARsCwAR#Cr($Wp0bV_#!QZj&a&j?6MOLup74I(AoFtl_GJ#@|cL7(TG=bYpB zkKgrPd%PSOX56!5?X~W8uX|7CFInUPxyOiV@CW?9<9<9h=eKaVr0yT}E0r-kbG@%M zFmPMphY;GlkD-*t%Paay6}Ne)3H@0iH$|^Hkjk>m{R6H=eKSALs^Blb5vl+*(&L%5 zRk(}A1MNp7iBym>VNhENX{@qkH4J7*JAKOxpfcPqDS3Wnq;UU3U7B}O4e9_Ly^g*l zrSuB{qV^bP=P6$|^Nd4b4bsfBvM^48ww;jb09NbW$!RhhTi$EGik~yi+$MMo3{SCZ2@7I z?p03TFaDGV0nXBha2M(;_7<`6Sb&2>&0j{Ot|9qIL_>k9nJhj0BBQ2}HBLgwgsW3z zGqTLg5Lc{Cw8icw?dv3?ArLn@u3je`^%amJs9NL5r+h#Al~1ge5h!Xc@^PIk^9tUm ztstV}1k%2Qp~n4ZGS1gbQ#D5LvT1|wF}h`X)7!d=CA`mJjjMb2&WEtycm)eSRK849 z{N}lJG~b-)xQcaHppQLOlRGgYZ=OD&U&jTA9|&^?5&C%W(y_jsyY7ehl=OHq!(c=m zw67_>m>=n0*99L2^H)#S@aQ#Ra7mCUN(ncbQmFbCo}e&N_8~~7e@sK9;*&K~TlFre z9h?*jPBt!CM!e*-wQpZ7mA#!wB)Vo7=}g(Po~j>fq(DOhpLZ0w4Tf9isl9aHYei-Y z?-N?&Q3DxNwq)ck*^{#t-1wzu$SKaOLm0lD{eVLD`WX7%4T&0cQ5!%egg%#w<-cP~ zhC9C)PWN@jYd)Zno{ia$L|JybWn9bz-)ruW(VBFlsVs3qPPm$14k^;Rx?pl9&KEXv zR_iv3&6<*qF9%<;LH7EENFX2;;sfc2Ov>VpXDiUhhJN73R}9vwpN{o^WtvUs{+Rr} zrE`<~E>{nG?0DYXZwaP8U>LKnR<^gF__17YozlLCCUI;H=21h@k+ zhml-wK&40WcNyuna_z@3C)Ujll3=kdoPC)uQ1)5&FQ(Xi2YSa5(vxuMMwzy!49#;y zyXgEI+Z=$WNLF%Xab}ova3}73fcgkh6|*`y?O!9B5g)mkdswxSZ@%#eB4d`yI7y36i|SQZ_u6S|HIbPT4DUQzpCFzvR;91^@Qsl3`s~!c9K*XZk(8%Yl%0 z>;Th#nt7&B-_~KvgxuJTEOVieDFrV})PNw|4NU$1wCaN41h!a1mcuYsE)l$^|5*oD ztJArN+$}6Pj4|w{;5e4Ifr%q0t6!zl!^&9?vsoz{BO3_SA`Wem2b_``o-GIGIrM*K z>3P>QUSH~tt^UaXG1J_+A;Vq1M@oAIpDcUv?llpJkdSeO05R+4npgciB?M`JqPw@@ zsM=iu;g`%wzJ9F|00Hlv&^Escy|NS~I9pgE-3Zdx$O+j!15+d+9}-JXhvPiV(P3#RR#yd@$w_ae+M8|l)nNHq1H3CA_J-pIaaUk0ubbRv#WKp z_k0h_!lcGKq;36TQe)9jSrx~54lc>1iCF>GY-zQ3&Fo~?^zOP;wQA({*!!TYZN|IQ zGFJD?BIcpiohNlreTfO$>4t#)x1R&HxkbUa3H^@G;cv<<92+7rmFjN`=^;T&Yo|*_ zqYyh(1>I8O`k3~p$1Fa98LzdK0?_-SBVkk~Ll#~}4-^q&+ugBacA91h{7u-Du&+&J zUMAJ$HdpMpOZ9W|$^b7ADXp(A4{+ySgi8>&Y8GPBt^!%Jz-7*rtg+S(@)GB5*|rM% zpTs3l(WT;>#p|Vek;E8Q?mscGILBi>nMLb1Lz}$nV(;+--Ve3%3QAJfv%F0e=_OYU z}12M@5%g(c#JOj`RxGR4i*TM zqUj*j*7dl~#&twHrCgyveNw&%DwLu(^-@Yf_{n*hm(I^vj>E`{*LwVA$-MOj_|^qg z1uoO&$_iFWD?t-MU!Snl5r8&fGG}oRs5HT|=|Yc{X#bPE#LJzUlWgwhGU+j@qbz>o zH>J2`t8VkN{9CM<9qXhu))^_+jFm^lU^(GpE*-cVTd&Ey$a@db6eDS6y-( z6GUf6`Cqm7t**z;ZYTtl@3o8GcX4ge;B(wj6}e&E&;!?gCA7{x?dp!Q*Z=|Lcr^7p z*^v5u_PLV%ZTu(<--*?vngJc0sAgW6j+mF#DjOje%IrQo|JGActE{f_vm2YL>! z?%{%bCDJE|NP9?|XT)meiO=5oFvA*mQ3i&oLVX(*wl3PWS3hHO4*wOc!*Vk8NHr=a zo#yfK3o(@FI?MAGO?|P1N78n9*D{b2!b5F$bW3qXenOCV0ZEj^dKdB1^}Fb4+dUyd z$C~Hx)}ie(21f?i`q8W{T`0r+{9n2%2UQZAT%>gzDmh;=00!I z3pGL`4KTJF#iTksY<@%51n*#Th2y4eZyer~y8Uro-C%g@ZoY`34=v(eqcP1@5qEbN zUoBl??eT?#KGjYOa1sMc+_vPsq6rxolt;6;X9h=O#MnF5jIeK=GTEOoXoV(ko$_qp zfexl8sg|c4RmB?559^PXfTNaWqNhx~r6UL@{iZ;A<@7ac%jb6O{H2{)6}zMTNY=&Ax@(%-jBJIpfT5zmt=0vUu)dpRS87kDx=j*8GtA=Dc!7R zqu6(7B5lx8m|<-Qv%1T2dA^I@=vuEna(K{&FMNUyJ5e->1|RfLcu~rAzugQw-oYYh zJ-oT`HG$KXA5cE!*3K|pWPmuQ%3nu6*?Llf(OFjoM~dSI?c0+PJy3WrQ#zEOu1KCa z(Nr8E^wD0hY2$(Fg3PY#E;|6^rVH|K2hCrN>m9Cgt46lrPucA@)6N9;L+5)e3JnlN zZaM1_EMNSB%*+o*QXooF?P5ce_^1glMR{)B`A=Z}srql^r_b1WvlJ}pDr16eUCzGTKD9b1@|Eq>ol@h zqPyV_1i)8BoO54AE@jG!2G{z(QYy~0$KqP-t1x;oMKxLM9=|qvM${;3hiSM9J8|)t zCGZNK>yTmD$g~@$PGr zko;JytK&zO6dI``!Wxq5i4=jYM(P+X9pZON{&UuDVJtKLN^2n5Z&>%OHo_6KJD)UG zDIvk3+M^w$CjV!p`Kw`9*qheP%efsj01i_Fm;q|jmKI}I?Inz=YYg++PoTvo0S_!T z8-b|MfPd4VMO@eV5>&7huNOjAk(#!{1S@*E(A3y2Un|6=M%&0zy=7m`UJa_*ojp`I zr`DhsKqNVrzf3FU)FTPb5d=qs2A4n7IlM-PAAFyfbT00;XmXJ|O`JJnXVZgUHAt!M((!(Ksj$*xE* zPLYY&jk8QEe0R$)@g?w=-Mc2_lMb2REm)SqF#Ik#(bTpz9|R__aR*^Da&FqCAFK!f zXxU{q_9&xfwGddZLwBcYg652IaN-WH6~HcZNHRJStr962z|ucFq8}TGdJii)wO|&W z&p3|*P>E}u^0xgq*klGrjua-d;AwKjME?&mvcy~OG7cn#j;(B#jj%}_uB=1J9yFedjw?^pWP8ESh-;v6_&oA5}u1!h@#!b9v3IIaR((@)Umb=*aM|70_^Q0kBCOx zyMKV4%*ZjT%gFjIdMiW^Ux3A=4mn%Ta$@vt&EiOUj`_zm$&l3bmyhQ*&$f)X5ih2f zo&u2JVBzpYl(tJB>uW-zaYwk;m?&Yk`RN zuf;D(;)$Wsm(~?aDc9hT6ih4M@RGfGD2+EQ|_jAV;Tor zJ9`w8?Gt#yqSk)@$_%K3g1&iD12%rJ&r&$He@yBIWS7c5s)96nHlxjyY;F)xSLe9E zsu73`i<}UrJoHZURB;Xf2jao}Aobq95VqKGM_;TX=Wo6y1hEZkz)ja+8+t1%u5Zdc z51wqs$2?{MiDr$H@~cA8=4{P>1@;_|24f#AtJr-&Im2@2*gr(IYzA9oTK!uKpc>#c z1HzR(B@x|oDk5XFSXmb2L{gvh?6E1}Uc;vvB$dsDwJl?zzX+7O+ ztDxDb-dc!*OI!Mv4?TyzbR<7dr7M~$+P>og)hG%yjc8Gs_U)zN<+9G=zRvNBhVcr! z^OvwYN02PP>|`uUbZVUsjkQr;RU&~zMC}+vc^_E`3R%*#d$h;+C%tUeto_W3g|Ek7 zIg($E^$Bzz^GII6*u(FgFs4s#SB$!e5%q=c%|#>zK75hptH52b$f>-oe@>Zu;CEocjb?K7f`*SSk; z`j2xanm6biKuC4nB#EuAjJa~0HxTg4N{1<$l-XC!=c;Dp-S~^g*Mn<$NxM11Q!%g# ziKeFQW6Q(f>6!@PpG&b!s`f`wmvP;l0|NZ=)eyuBPj9)`g2@>zN-qq=&WV_c;Ww?3Xo_l9rM8 zPBnKnX!WI{2t?wSwzmM8O5rDEK3i^bdYYw*+NoV?X5}$%~;<6{z|OY}8ooy$!Hw*KGTH^~Ed-oF@UZRL9_2%b_)P{fk`^RIPV5N53XfxVX?`4 z?w$e^xdX05SsP5EZvqz3Y(da+41$sz!`c_Zmy4RX*W_-%7D^4dfk_#Ja#h-0!ofcT zB3xb|UeubUJ__j;(2CUvn^u;WQ?FtGyaF$2jARP^)UzkyRdu^lJEdls>Lz?UTUC-` z7e1&S7UPt83bj;MxU3qhhJcX6XO;%Trg2s+)=t0&m-1ct`IB+G0=cxHEepUhuMGPn zd*fgn?cWWb2~$XFNtXunG3*i%GV-l@4-Dy3gkZ?f(A+-XMW9EfO!Q<8Tg>k%oHrwb z+Bz02ht`3502!LgC0}RrXkk+Yo(&h*^?^70%sKY`Dy33tdH%eV_EHf8iw!$7k#oo6 zKkP&r8=dB=f|;+jI-Fz7QkrDeTZGAQppJ`l10%agoGYX7Juz<-To7}eRU*`3{?T@g zX&Bf;0S)c-Ax4bjNt3eu22n>GwO-@c>jSc;Py z>4uBzEoHqXRCjLRUpy6A=s5^FEo{^Y(9%;6 z)K|@Kzw;D*<(+0AlXK_Wxwn+}ZC3nxOvOFrY@P*0AoSTa!baStkG zQH|A49yJ|=(SDCv0e8_-c8R!yr>oZo3KSsuNkT^fTq{)wUv3GvRR7K%OMPvH5?%qy z&7hb*Rdws^l9@_=Rn@y2Uq|#(=P#L;uPCDqqO}hj^mi2yz;ay@Ii-x4Sn&<7AiZ=6iXeZ^h?3a$=(Q9N0)jp4M-entDn;0dt9G1(!!_KfM z)+$H|baVgSH84VP{kX{_#Z?+#*IooYs=PFd7Iz)$Zb#$+=WpU5LKK?K#|*>(NCuH zLi6jW=GARujl=>F;8?bdsCo~(M{ZJtJ`2FrTg4?koS|0MIV|_dIT!)a90#gv+*JYq zOdk3l9KOu~92pRN1$L%EWXHZ>DbE_&*1STZ!)+**dG!!1M^A*&yqtr^~KZ*In?CuMBl zKcA_7rhI}qS5$;nd12LF`K@~_J6L(N$$>BJZAJ}MXwwmo3C@E(c1boxsez?q4FFHW z1OB{yL;l~yIJHN=XmuL@|7mr7z%^5hKgsCIg|8#JYA?37e(>#l-qxOLkQ2ztme3}BdC+<3R1!rWj`#HJrds6d%cO6l**~^fvQHu73t5p z5ib6?bsOjRLsACd`3>7@4dxxv03<<=wY!2Sf4}zoH#GWDBN!Vs#7!#%F}MhA{~zB9 zy7wYl?|B^=Dk+xD`%kwpem^p408XJfFQ6TAj`ztR5^Cq2?D_X=zkh?#^o|sv9%Dwu zBsuU_-v7t9a-ltvVTsgXKJ$`0HWA%XN}r4IXCnzbN5D3g@$AgR6jrnKh>}K|;sIPAQ&*SL=YGN`GH83~{p9eVTQU4xy z$$P-)NVNn?i~R3<41B1<-Y>L&A2D&m0WmIz-Tte`Ps5@Cc4+2GWvcQ&d->P%mzx-{ zM{gOIq-}YDIb6)^`BB)DUXGIgBWWpp)h*^NvJg7T84~?h9}Ox2VkY~P$^9#|zq|CW z^#Z7@Qir{t2naO&TMJ;Joy{y^TcorsjFh)kH&!IeEjn_@`fZQ592JrOp6J=TF_l{5 z@cQW^FgoXKeyST38*My4u9x)sTW=;U8=_V%^;Ct?T53o zb(#(Vj?%Jmi%I{XzBn_^Lcp*GeXcWroYx!$n0$cb)BHdG50d43hG`!vnl#Wz7w;(I zJGEh)t0Tfijy&!fk3Lp$Pu{KnS^CrTb%Vvj6B3`15|G$FX|wz+1ask1ys8`_Ovcna!HgAtiKbk58)%+koIjUO z+yo#BKPvqJLopQcw1gR9X~JP3zP>pY;9lx)u6 z!S4psLIDW70~BSa11PmdfBo?97ythIOBLtM>ap#ASJCt`UUsywj0#r!abWs$oAD#RlQrXiBeS^m$7aA-d^_Pz;0kg|ikV0?3Da(b z#$~3Ka(FDeN_{zMGjKxTeH@YjOrW@tC^Ou zdx#vXx$naBz)9hmQ*{twBER3c=@Bm0v+KuPh>!#^0^knTe)_uQewzZfqFY< z4NZ!f+w0O$MA!s1;k$6m+cVFoQG^3G6Vwn&VzvP#P-!&Et51e>?{buyedu(?$6u(}$=x z3#w0v#RaN+Q^ih-lKvL)v<@+|-2a3yAo^j%;pF4{>*iXeHp2=KbfZRt0*ZX08hK0| zCHq_>|CuvluxH*?yV?g2GxN7al%iw0{30t47|EZ$qr9ZXRF;|pdlTyOg`R^SytLJl zSM{g(Z51*?fmJfZZMx3-w}Jh~d67xwNsYx4{cIX!?E_q6aqs<1`w<6>PZAN5lyy3m zsN6ZuP`6pX5iK@)q=&vz9H}stGp>Z(64Ls3Oy;0~_3WTy+O(9j&v4VV`3)xiS;8Zw zNpKY73{I7B=VBXG%i`z!Z-*HRJ6+PBiKR;O1gywbtW{pU(bfA<559c_o_Mom`{iJq zCG}qQJ-pWJZ0)*%UB^=kh4;c&Q6V4GE_h*FqCuv;8J=iY(y8>bIbQd;Skj;Mr?_od z3&FD%>U+Nj#pTTO&*z49V;8913DeYxbOR12P3qrMuPAxTtM5f3hduHC93Zz)hr>R} z-EJR7P{(M$1IiNlMH$1@Z6MFB1_55(ZiTxV+Z0}=bBq%Gl^dEvhgk}z;RrZUytQWW_C2oix@f<;CL*tC{1YomU;osye@MNu_+5c&T{l z-C=_Vu*)lQ4t06t!xq!0LMUZ-OaG77u|x9PgHUXbdCA==d!JOOH?16nKF_QH?*r5n z)5Wb(#YOf(07K>Xq9D2g)`V5EV}{^{OwV#!laWhylaX%%DeeA~w#L;O?)N*j!}(}7 zPI;Pyj|bC(*3Q_dE=Qx;hX7ULpCVN;+_@y*tBBG*KnkDKQ55SiUVRxAH-ok%(#_R< zJ(ygS=v>3}Fv0Ci-?)NyrdU>gjq||h#9VZKwMwm~5PTx9sJZI$QLA5vyZE<5B941o z1NJ4o>$UnH9F(WQn6OIcvM*1&Rx~2ZIEa~yWHGtU5(t%6hBzy?R=6B1+KX!(8Pi;7 zk@7wedbRY{%MsHNAS?Ld9gz;@T<$I*d(sL$OxDyhcYZFDraWbc(C18V1(VET4I7Q# z!fY}uuxe?WgpwubWjlXVzB>k&iDB*CUw%rd+%2zQOBH9FKWvm&Pw)M*5z&^_LXHJJRiXt7;Ywek2hri!}hWes(MTx=F{%EwWU^Y? zQLb|;o|kIZ5DV2<4KaeWD3l*C%5pJqHV9`ALy&3 z@Fv?%{4ipT$X&U9zUiFBbO;D#{+bg>^gE@cQhu7RDE@F}864u5n(rGDn?>}re|X2f zikgr=(y2VB0Jpo;=-8+{AONZ5 z8g6sUHu}3l*D2Mjwd*Jtgwx}77&j}ga(sY;SY8^i!Qyov*XlHHCCD;!({bBTG822~ zt-LNiIJNnz8j~e0fe&i*xXaY!f$IQSUP|iR8KZZ0-y!2Za-Wn7GQEpR2MBV=@FH-^ zb5;jyvEWyll*4_(8%{_!oxegE+?!B_gLwVk9}cE3hQFei_n_*U?^s+kZeNwV^m`sP zi^UA&%vsluRq+z`%ov#ry`4@?u@Uf++g^FF+~2b|v68nJ@cK>CoA-x-oTRj1&5x@f zf|K@`g^K6IPKtuYkIuWh5mtntwoUN}j0ac)2{L;96LiVoO+G`9v2l8({>LxPa(iTm z#fX=;k8L5k`OQP92`$kg2VY%A5lVjkuOhyPcoQbF``ukVDmXc4WrVdU_3Pi(f3NVa z#kXz~@IJ7mkYT^)Yd8!zcR3Ot*<=1;Q;9#j@yU$eOEKSky*i5(<)e+N?kD3jt&k%u zG%@~YrAa6ON3DI>YSK#vGd(s7HuFnP{2zOGeeZ~LDWAtGFL1T12sH(|HZQdziCg@T zM^5tDU))nL-Z2|N2`6+`q3dqR-Lmxjxe>PNJqRq$VZWVF{=B1k8FN5k+Do>(ZA4+# zq_D*BNZH1jGr;(Z#*`%T?&`53LQv*w*8R?mG#{eA3}}k$rD}pt%#GU;(Hy1RzbPO- zp8i=3xvO(s+`c)c@6VDL%|7vLXSEx#C$Sl|8Q~a)8y3P`sp!Z)v;fBa9FFDs< z6xV+RTz|)k!0DBd^eV!K2#Y*nyPY1kciZ)_?FsG?<=%kF%cN8`r8#q6Iym)?TEzta$6qj)T!=u{YRvJc$5fa$`<3P~^eQorn`up$n?(haKno58)JW zTsZC@J?W=57T-2pL?U{`)b$IUp1};1sjZanSKOy1S8_72k$!?NQ2Hpb}m;D{Uzy91L+emK0zJBfq9p-ugqb5Ll7dPm(1FA=^bGP8# z&STci-B?g9g0kTi)-0KPkI%UG36I9_k9$mG0nF6ku0r9oV!7466U8{wuTi=gseiUt z=S9B`1Z2fDXn?*;bik&|(u&d0Rw~okuAEr5Q%6*npNZBd36-YW{uc4SToiM$Z(X}5 z&ezG31uYru|N8MipI}n`JZuDxKk+bq##TQABN4Cre}OHxJip=qa0gzm*`M%$4uP8v z5rVmpNnr6u=Pr!qkG&8eef9U1V(W z!QYnW+Y6e%;>s^dvg=$JW_J*40~0aM{}IM}vPu|Sp6(l2$v%F250gibMbfrz8H%=SC^>P1M;NXo-jO=PL zC}%hVFhZ4a(TQZ-b+gQyJLJ*{LTOZLz(*CzhN1k8fB+lvr6b0xQeu9)IvsICYUzb9bzSw;%VTbCD6z; zaUjO6Hn-T;FC!6o)l-&e-emvmF)LsV`eI`{R=E9ddhGd!9>0nQh&7s4^z_{rug9n1 zS^fQG<{k$#BNl^q;Y4}+;C*9S%jS_75u?t8!)Gs}Q4>m_6q(%fPg3*n+08nODkxt= zFSD)c&*sP-kf}|!W*u>7xGC)qa3s+@FDQ1i#vNOSM{m2CD4VmQieWwe8y|ahA3%ZH zZefLLVcq~fXpuS(fuZF2=TP2sj3`++JVc;z+zYgj4nE({v2tDTF>(EwCKi2>!MQY^ zkTXOM$y1qy>@Bq0Z*DYy8BhCi1`efZSxuI3-Dr%{t-Mmxv_IkW!Cl+wXmDMZt}YF? zAIdwkUl+Ee6bd4J8g}na!q${@#hMF~T+_7%W|07m##W8M=YMa6T%ez#?cNDgxHssF z`P?7itYMYXIGZkNzW3*~xj*#WGNR;pHcUTQk^7&|nAK{k#ES55y_NUy&~rViQrp}l zNr)EBc*iWhxfJ*UcK^WkasbQYYsy->uyveRTypq}1tARTm~Rp(*l*PpzI|WKW#`ND z);$&}m11@pefVn$l^Oz@v%;{~ZdlwLSUi;}%eDZ-))xLRiw{6-!#brK6nn$T5M(sl z40AjWtDl-aQ_As`1gEj_xz3!x^)epc&gYa7JSIL)F3duIuRd6!)Rzy8xEgK=gdaY5 z8n8#NJ~F!f%Qeyf17pA_d~B4yag)rFRZL!?aMNhghIbu20X{<-KXK(G!W+q{SYeE#G*<^aJol=JDBO6sO~--hdw)RAe8tiTBm0^&52`k272IFn+}wUA zaV4)Hf*LquD-ULS$AYGJhfoa1#H*8IjJ0e&mt{LYg~G6^x)hc#UJ zFPuh#upf=IPdJQ_?j9FBCa07xtnl?K=4p6pxD`TFmsDWAo2_s1Ae?MjK6fBB<6&>w zH8}8btI34-R2{g$0&0p>l?`@iv5?2!Ls$b6p8-9R%lQeWkA_!C?=nac>CB2LG>=LY z$Q}(+)evkLUQe6_HQF!f&K_>^qg1}ni(%UE?_6G}<#nlSnQC#6dd7P>XB(>4z3RQi zo$?~BqGUbYNr)^}Or{YOCGkPNUw|w0Ip^Jz33J|A#Rc2;zS+ZWWBZ!xIv?tJIMI&n)(SzjvG}qnBKvK;Je`-Of6PSx4~f;X%Sxm0If<1N?LmUcWvYif%@yjV+Z=x|WSn+xw18f}VjvqtS*BdtpkP z{MP~fEf9!L`vL`#HladY--EIsf7tLZrO`;s7|*sMALN!(M(TmHd>#s%x(Uy*%Uh&I z%IBUm@4`!{1MBMXyq0CL7YGlA0Y;uVhJ%KJH zG^bOhuFezRsqFKlO-#w<$qJ=+k%OL_3sZIJ{uAn+mg&-7C1b zG-hee|E2MD^>LcS<*R{a9KFM#mA%a`pD?%>EXQ9rHD(7+=4VG1S)6N}hE)Rfw};oX zDAH!@6c3B2zkk-OUEkm|^YfVAFeOxI^LpR?`F`~ysv|u{F45Dv3zC%fm=ZN5zeYG{ zx?7EhxtJj+`P`a<0O4t^pOS`(;!<1)$Y=>_cf$ovaZctW+%{$y8dOxbG{ZU&p1X_B z=kRBmg$uXSLZOfEPp{60YKhwsoj#1oD)oOf++35)n3jj{jfSIowig=7vXv>3vYm0R zRTD^?&ZIDhwEuK0;2y`92tI}yYFUi^e8qzxJb=Crmpp%-m;YU^k4cZ_rBpMEAXUo4 z83xl@g83dLX!AH%5%r1BKGNf5YN76OakXu}VK_VvLQs~9w_XAGVkQ2j)5we@Q60RV zYzH;OTe||0=KkXV?Ta!qyA|HE1GCo=kw=sda%{;Hcl?}JpFJwpZRwyJ7(CvB?!LEZ zusr^N*rk~y+6LXekz;$0E##n3mQ|kuCRMr+X(Pv_fY<79PtaJ+Q(HD^KA-ilRD3Hy zmxC}cC;Q7MWe@=3Plii8f9zjKpkzc3kcz>Pxcj$H_(}`!ah6wbsrzOZr`ghjp!J5` zhINH$aN6GZnDL0)ZefApOt1c+1UkhrN2dpPAXK4>&(GpCP zb)`)cuNY?STRElx-OZz|-h#D3Z)~P)q7?ne%?{HM1nA24g?7vO;W!*V*v+uA-*Sbs z-M;TAno2w{(AQ|lX4#~g$G5C!loV>VF}#59t~+?B)wVMVJ_l1p8L5}zI(;;3LVWWM zf*nxGv>)S^Ne^QoEwkS^Z%GEwrlOJZ`U_r%>F}NH3B=pHA-Y1mOBow`qE0xRa{AH% zxfDHwp7LN=vvXyrY{WxNdpM!TdNVs=cRNkI`bRA?o00}5c|Fa@B`a(mhi5=upXFaY z!(*UGIp0mxA|6qz*RZg7=Nv&%p%QkqrnjN&^~GPDC^169Z_nQ{CE&YRJRLG+P5ySzbW}^n<)ZN;=z5( zft?GP;@#}&-Q6^4LTxbvO=~&qhF8?Ckxa`E`K!F|YOc9$g-}k}dw&DR)H?~+>IURl z6fdUnm(Z)+$z2Z8U@%O?C^l@WIVl!O)8F9*&e|ZQP&L~)ImhFUVXy5dau@WU&?Uj=%u*1KA1ANqC8)nW}Y(PPw^)> zyfxP*_l*(eerQM+Tw*gqtN(D=YGnE>Y)(wSSuwjX$*QTu&nMApg%aL~kGR~nsQ^Q1?b6XsjF{7M@707haoBXDQ`?yJZctpP zj8v(geU5b)N5&E|Zvx|8G3T2yczNb=NL&5I<$4|!%A7Nm$~Jionn@xw1W7H= z^Rk}2Z&P>$?Z?`2)`0`iTCK6x^3U19wLNOs*yh$Qn!EODq9pf03(U+&q zZ1g{{ghpd(IW8zB(jH#YsC|()X;}?Ym&uEmb&reG$oBUM)R>)d)BTndPZ(T1DG<5S z@JvG|>|kPUNN!?g2!EU=z7AX$0w{Z~RT+yoWF-LilXaQA`J_%khlyvjTqh}2h|`Al zRl{n_Hg!OCst22BWRn41Coc~BQuxf8F1X;~Dy3oQq4uzobrc=9t?hPY;@7L@6ZCb8 z&QqO+?VgK*DlPsT^p{fHA#X0vKPHZUoH5(8 z*E|?@&bFwpcuNny-d|CBS=pPT|A5}fTq$L=AacZIaAp7AU$!6~m}I#-B_SBpn$Bg1 zU4Mx5#LEm2y~-AYzNC+a)X9QY2l(Cd_L7};Q2ADW>~pxuvsl&!sFuF${50uYps7R?mC%0ukcm#yudUFh0tsrPXXm2cC3AFw}f@!X5hNWt5*o&Jwqm1hrlp< zK5Y)cW1SSM*O(%tB{6w3$^mB4xy$xVvC|6e0{(A*z87v|$6jUau6hFCU;=NZgOBwL zUj>MTw(-RuiJTr07hf7RqRTIO5Z9+1Rmf=E(p?)UqQ5)76?!KHU4BhuB1ru&@L~{% zIL+{!9Ynune=^MD{{uSmMF~&}o0ijeufH7??Y!O|6Tk8EjmN%Lr2*Bx#rQ=lE#b1Z zrKU6z{82S31*7FT3yb&lZm>gcveBBP);Oyq(yd0fy#N=Uyn!B~e1-#hr=4p98Zd+e+K)=T82O;;zIc&(&%R!{V z+Zq1yu*`s?jsvrikMf3DF--fL3iIZ_{I5O{^zlIg_U8&}y+$V*;$6G$ znE!SXC*>bh$s#=cYS!BzqCihT?&-K{wpo%8@2e~q=}vd8aeH&CVkN=sQWE<=JO zdNW>-m|;0}>v!=Qro|u))b|w&T{74)gOyS(`#kS2zZlWoRMowSRGsJl_EWUHWK|(%=T13I78)Bc5hZ zF_{hAif+-}!>(EwAIyCr+n$6Ag-jNCSv4Ee_?$OlnG69(|If~y)r#^7ea!?lP2Lnj zmW`aM@hgqlAc@i&TySHRG&|2Vgy&oW&}YlKKJHD&LnRfCR)pY&8c=!bTO<&Mq#1sc zje9+1f-pGIEZWvPKkj@+&-igjtKja#%cOf;Q%u_CWkGWg=vOo^15dM>jqSs(7;j7> z5cJ9>%yAjTct7&!5~Uru=Gtwei|ArBHo2)JR@9j-XBSM8X^HF~usdJaX5$2V=r=$j zPJrYMDKm3w^EMf%irSJKVny3^+Uzp229@7r#X>9l8d**OVSP0V!l*p&CXPlqWkODg z3lET_SA-5^7(EOG$=T2KGS?#m^t$^ThveAreT6gR@$1-@>)8wD#ruh3aFz9YlV^ad zs9--T_V-3D+u0x%R`*#M!Dhbdf>!T(o{aX*^4Ln< zaIRtC>+os3LE2h9zuWrebc1T0gf(_swk;p_wXeA zrws)Bi@6kZRIOt8w9A8=1#2Vn{9h{?p3S!)nogK9EBep+LaS4sdJA1Rd(hJ#zO_z? zVK(X^wTV;HSx&3y2W47bF9%^Alw1%E#hD`WyW6Q?vPtnWyNz|l`D+ye{Of^ncI#{U z_2z3&7}mEcNa(mbodyZzOX(PTGG#-p$;8@;uU-2M8Ip+fL23@tAJ1vzuCDjvjP{=T z22;pLvn&#T`l0DTJ8p$BB=DKTpK@Xxc|$pRhleDUYYRQ=0G=T=^Px)wDld+3y}~$HLtj!l)2Hv-t%(|I(yP55oF`5nnUh>V6t-E3>6l!GT~w5? z_=3~V#U+r(nJ5bDsqJ!lQ^wPb^;g}mKoq|+mm96OJ6SR&kle4}B`ayPyZ8JRn)}Gp zi>}AB7guH+{0*^!3YKcUoNqL2 zrWpe#Ehk1!9--Ggw4;Y%klVOCFCL%{z^eA$w;FS_Xb>SS+O6nnzMyiI# z$|tn&uY#9{4_y~HQ+PDBx3kZ+xIIoraCVHVP-0Ix89A^>5md~hH!Bs~Mgco{x3dv%zg z01L0D7Q4r|+aU9y*ie^6i7N{6Q{@E^6H*opsAikI1t(kg`DmxeAEzW^xj3*vrgx`{ z$4mTTF6os8sCP!Gg~F*dSqvT2Ue1_CbqW7MRQMg^&Si1JRcA7)5PbO0RN9~p6MKW~ zCxqzj(ts7HmuvL;&D8qz{8o#2>vy4lr~#-@!Yc`+3*>zTZEr%~}(C&biLs z*LD43w?s$qH!~uuWAx=*tR<3MM)!o`>1chp^X|tZB-_YZ;^ei_l>zJ^zxu!6o{vc) zSGYy2*W$kGQlA)GzUpn~V=SMfoC+g4C~Ldzo0wpGM`*1kDl6E8#GnRw54YJ5Ey0Os0yVinpP$xjh|+O$k&eOVhua?0FsOZ_zRq`=r9pEV zkUTkFIMY5Zu6rr=OEg#(yp7mH?6X3Zl zmEpPkro{vE*AtRO4&?Wvpa8xaRS8M*dWqjZagsOW;6`VITJ6BJOC%I0x z(%vGJ&C&^H4wU0YZ+nMkrxa|`g?{pnECUP7u&H}Heo>CSZJuiHy`X^xf>(zr! zBsy}&NB4|zLP~->bmB+Gu z-Q%0r{T`SlH7L%lI&N*VlEm6b3`PgFpBSt~t^Nc(9(*>!2JmRBF2mN_dkD(oU$*AA zy@;u`MiDaM7LS5oSc$U-v2A!YJ_hkF{6Q7y6?i!0=dI#~^=Cz|APJ!FwC0hW_4myG zXzKqD^IyPm<@g)ayy=+W01NdNP3RNk7K4zxhE4iii>5Au|F+ADl-(3T#5O~xspu7{P!1UvO>j$biUpXXVowSR_{gjAn zdMba1Co1B|V2Czg2QZrL*D%+tq*tvewywwuHCq3G4uP5A=OLtB`$WR_g5^U{7XBc> z{b!oL=ZpXO)A*4uW#T=Zz^I3Y-h~?a4NVi1RF6|9%57pdE0+d;C|6#YHlnf?I*mH8T%uXHSDLRr!pwLhSeo**fnLG2WpVFo zekz`r8_UT|o~LRQFVxz+@g^Dfr4>o-D!?D;W%(?+9VohUHqUMEp0c8kdq|P7^o<8rR}A-`mM9 z1_kjx&B4Np%+SdlQ525yk9cdg3KHU(LJOHLG0b|R76NM*+;p%QI^M4)%IO+Xj6SJW zo%wo46vbTCDVGrb`7TFTuGhTTbA&ET39ygEgpX{#p5G0g&1pKUr<+wC-s8SEUP}p( z&eHLnQ2%XK1iwjVN&x9>`66LeQV^8A7U^(ikffN#|?+_i;#VzIw4p zv7Z?K$!_^`{0*P%zQh;)ZsJ+>lmm>I{dzYjDH!2)(#uGWKQ+qeZ>`8T@1vS^OF%1v zKFX%ct6UL2A5k>iD)<5)nDl@j0&Xv9d<`%IfD9w z0VQ-FGg3NwtzM&sjGDWZ35E4`Svk%v$c-}BkQKJjdXcoZ|Iw1 zy1CH-Uu93~a;I??phE4KEEKF>ZU2w^p1OGFH7saN5xs9&q)R5#r4`~N~`lx zc$%^US_CUDa469c$=)qMb?-jGnjK9#!>nMv;2S8$C}q_z*{W;8c%RbZzubrW+29Iq{v;Z zv{9R;vu@Z&gf2N=a_hdsyE+% z;j^ucm%MQ;^KwALn546T3hd@4cqZC;y|k6%40WNW3Z5pDoG;%rLJ$<+k!_Hhi*4r; zz9ev$#!0O9D=svfGuX<6%A(3-TJQQcn_!0bYAaQg!!kKik#LWn@OKL%I2PrWq8QAq zwHQA;yl!g?(;&5cZQCdJ?!uv8$s5zj z)^~zUmc$kHG`EYpQNaYeb>j#99!ajtdrAO_HW<$ATEE9?RO#$S>aD-c7NMjoR?HcVL z`j#bd%bmf(UIIE~D9XL04cyS-6s;0LH+ANX5l<>Fo!n~UYyql@*C5p>h89n&!4@`e zLjwz9PqMEzjYz91MW{Rz6qo9$ZoR4DRx^XvqSrG@UGP%)4Z20MyZrOPwaeZ=Sa@pX zeqt;C+!lQg(^ZkiPs7L$=@$^oB+W-wae9KbvVS ze|8+HHG0sqBFES{;lg_3TSJuIdn^TKqZq|2ZgNK=F2RS zML#5uoLzgj!@c&BKaQCwCGV`%*sPfdL_#VE!_>S^r4pV8$1kI08ly`?-wXu zWqPxEgoi^}G)jdl3CJ)k+MY42IIF}7X_LArjEAERyCv?iBc!ekl9u`Xb7%i!{7sGg zenIyA4JmwFHK?nM&Nkp4^O`m|VKCyxABN^etyU`2ONr{4c~hQiF6OUK7_YiSKr&< z7dioftD1KPXt}XO)uG4~fkQX+hiuv%QDVfI5XDO6s%n$y$0t7=F3D83B;)lI-HAwl z+5FZP?ZO^y-ITu%MsSDY$@Nt6f%r!9HSy%9TZlc}wtQMw6t6a97T=RPRet-m?yZyy zep45jvF3ejwlCnovL^%U6qFkeSh&%n&1T%$cCAXn2TdZJ5R6?JVz4jN27NgvOV`ep zzYvO7suYVZrc2Yyf!S7C2jPw;6_mD$ZeXHv%xH?F37$cqUJ*&cynTCy3!sDDv$xun z@yeaJ>|H_#{FvuFQ25u8>ACoKyG7rXvJ>j<9C`MFA)uuSEGXoYSnkN=oMM5Cr6Wjo;a(<_w4US_MZbo-+MX(%M@i|sB)zcppDs@ zV78*nM{ViARP_4_0`z=^_}I$S5vT(g-ZG0vpVOE)p7rITxaz{)^P@@wd!H0sE>|Q?`GYye&Z=LVX!hncRc>H9MPe8z1BI-mWqqamndL}0$slE|R_&PwKkkl^_Viky3PJdpG;^^`8QPW zA^&Dath?*%s9o#!Zs3pVl#0^CAD)-qouuBLUzajykTiJ_1pBHqfNW6+@C508ZCc0Y zCuXSYMK}JEt%54}Bzx|ucewLiPYYCJuHh;Jk??Nu%|Z*svRke|!I6#0y3<|H0ISor z%T#DnX4Uq6ZiFM^(rwb{;0tnSSh<=s?DVFj>PAXpZ5F!>pCXzbMd=F zN5I(scWyR5q9s{>l^MO|Hxo}lIS}^?D_qht(acNoNai*j3Gaz!-HSaH@jTD?STA0k zc`Y$1FEZ1?E^*B}32lB|XT?6korx>!h8}CR+WO@t)4uF?2I><~HhK0}HlyJ1SnlAp zFW_G&FqV&kcyP`!#bK(Nh=sVSK~723ku;GT$Eyi;ROD^+GJg-yFYXRXw~?cn<-!<- zNN_r&72Bi;HY})SrMNo=)_6y6KG8=Y`0Ys*jdSqp@~AD_(_!ef;>_AyB~DaR#Zoyo zbGzM?{%pwWv_VelqutufrCuvjL4O8Q!;Zw;bZz*K!b=wh$#jphfSO9?h9a$*s>#eo z^p(f%I)-&yHRAIylyN(ngqy^m86xDO#jKM zzRw~&&#V?WI{afFJ!D8A$S`zYsD*n|Zy%`1DeI+rqP@P=XE7~)s-<@1{8lAP8P)g{ zi}+$_Y@Yx9vP^obx0!E=P$j9Z^Zc-G4%lmB58t~ns*V6GP)_ASs&rS6& z49-;8cC$UG=7;$&IYTF7@4j(`od6E*8+s7R2S{sy*j8L`+Q3pzO+Oo$Se)@lRHBUQ z?+Sa1M_fya8Ry) zzCI#e*8cgI7eHJfcoA9uMG-$xjjUN(_g12)%2qeoJ$KDH@PTqskpx8)V9`wZkti;p zVRw(n?rL0E3{~TP$5E5=(%XjhFQ?^|+HlGxSVzysx2e-1E^?Q{O z%*=q+PnMlJQs*MpH2Ny_>7s%Rf1YeIGeq7L%++@*o=sm{n6@PeQX9;?$LTvaD3dIG zj`mXFB1>7RQMqa$@rtJjm8EbgLUL;-dl06$ z$GLEc+r*-!MWYbiEb5^c~+Q6!AM@j~tv85F{w%Q8l?hW0CupjkEGHT6>{ z$4jfHL~4QPmhSfb(4>GoL(A`a{QYaMUvB;S1?#K)#zv{zi!SK}0wiy5YG`9GVP}ft zXsG6&bg6J`6h9h2Q7Pi-3Z^`1sKM_GEV!w;iVGS$a>gUgHjxAJGD`2L7sJL$9%Nrg zJ#N9)+T+8ag|JXY2jdo+I}Ai6A5r$E^QiV6L87B&NyQ=5z!gW2AN1Y!Y9HP*HGPO+% z9W-3RPKr(_maRr6h$e~u&y?=BO77Kt%al1@Rh$g+_rj2^4jW#uo zCdVejw1l>XGR)^oob^Qc6S6PfTmJ zU2w{4Ep?looWPaX)$){7xlZw6(!LeUXo;9oDNa-l1Ls$g>x!kHTGMQ0WO`x8U)5)w zdG=&3X?D05FaSyaHc7B@PHaOaf7$_2klt%g{@641LcLd`Du3u_6??)S`h96`wO|VA zN#RW$bR-6lzYzPoo;K*o1MBvPmRzCmPQ^|6gbyt3SqVa*%^u*$)6kjQkL`9md-i)B z`0hOFOb6RJhuy_Rc7qgxv<&YC;orJ^23}?&q7n)c|EXC0AFZu0ntSkLFzL5cD4477 zlYHRT@=KFl`HtjW1li|1dD@6)=}nx#?^|d;M6gy~93__etiCjw4KQ{{w>@mFc_;595kD(y zGVOF2rY53Hq$5osKxeOtz6d*|!3(I?=?Pfu3SF0n%JLt&L0-UbLtQ%pcSQX^TF<;# z;uz-j!9}aaf62(5d?vcxq2>nMMEjjrI;K4>aq>$pRI5v)8h*}@TlKcu?Mat`;?eBo zbSVJ2*8KSWe>gS$vEAd}{O)=`_(PMXb!qyYJlm^e7JuKtD^w^{FOKn5R1&WN$~y8Tv2&{%HO)?xD>wg{3yeLTtGl+Z{8zPHU zs_4%^Z-{M)gy~E{ED^|n|2{uO5SLm^f*|e!6;p{qdB?~rdaF8i&uLL{L6+AL#ap~L zL4L$CFS5*7?Q2b{5!7vfPs`+uUQwT>Bo!fCy5WyqV0!2E(PV!swZ&ae7i;pfT$`$T zEKbkEnJweQh^=O*6q2T+WHC?hic?vp?6OY9+U@r#zpW*u+x?HPUY@aEp?U?H^>dtR z)L%S_ZX4MDTX*=+p24>yvcI5=u;9r6q1?C!q+TU@%kQTPO;Y#Ng^4Q~3Tjc!p53>c zm&v0#$XjMsA>tH}pu7ZdmqM^06wFh-ReNC7-(U4}cNJoG*Fc|J>yZY?k}YKozWwQ@9Hjc@q*&Ach^f0)^6yBNG&Ya`@M_I8#yRIdf^0Ha$Y9n zM2oZ!2V1HcXr1)9tQu!^=J=Z`a`vHN&s@jg%bx@3`T=-P2}I<~ta5!v5?oC!mx4M_*co{O8A* zv%5JV{R@2Yj!geQu3y7%Y5#`8Bxvtlzj{Ik{w1f;3;5mX>iYS=gP?yGjsF?^57)2n z5-&avHPh4behr!DX0&K`ML8MWl2V#1q(($|3!?cH_8N#J0{{?z&7tG=7eo8M0*&mq zLODU)`uBZjY$EszDa-u}DT`bW`*ZhU_b)%=E!zT(}Iq>->T$#*LE@RJ;O)H z#>7YT4ewjY>W`%!r!6TJ=H}+EHTy|%xf&~5SX09~``yl#8_TX`K}ki$WK&32m(l+v1C?ym`&~^FXO0zAAU4xDU%eR_XlesGr-Q!$ohTj4XEr>mRlUOj zx{BOv3TPtEv68c^>-d5zRGQUvgtB6~qz3zN76OqVw5ohqS6@E{ujt5#;!&;r-~!Qq z(hU5HF7%eXya0i#ZC0M6Ay)IHt^oZ^b&}*wzCCPencTaZJ&=ACy=Hxwz~#m(o}Jop zv;G(=;1!rGip-!vPoQlI(RW%3!26Oe({#2R%Jiiz@Z*0yW)cLy6&dz_C^EDhSRGVG zs8n5k5e6z3OvQvkBg8s;<2L~pgs1%*tc6$OGAu}8xt$D<)*#x5(tH7zmiqm9Zb?g1 zv0|?HBRslk9COm10i;pCZ%MDCdVPmcsMFpRWcqk0U1RVc{|FitEh8HmUWpXU7~xuZ zrqS#~Q&u;np`Y-U#u%^p=5#Jc;I%KrzK{65ZTp4E1mNSwnhx`xtu=q;5Od-& zA^-lT=U!VPt&#bp4DGtDdpW$cl>TzFAoC3?tD^cu>&cYnG4P)P2qb81YC3Kh$uBM~ zEp5(Dz47cHxBc5wiTm~ddF-mgpU@r2r?i15e?WJc5Yzt)x@#IHsRM``>f^H)q}RpG9oL70 z{!=X!J5K~4r=z3wb2gTx&0EF2TO}1X-%r9h7dJZ2fUqLCxVSLy3La&wrNyomJ7EgQrzIK)uX|bcc7p?;|1-U&Lk|#ttZSwn^0mIOP zB&i{)zwHse;p_YlSS?HZBV!`nxlRmD!LQyg(4KuXEmd(l5E>JPtoZi}^_80Mik&v~ z9<39C6`8HXBDd?gX^)s+AU#ptbU5-BV)un%3z)s;Y&i<)=@O?WW$81W{VNk^B0Utl!AuMKaWoYci8+@%&1~ z9zV)TJWzuK@zxE^(i@|&LD=+CP0dKR+Y_sd<2=7_oQ%nN>PgQqkis3Ahp!w`1ef_^ z)nmoFO!QDjg-C6Q+9HoL!dUi|c5~h=RL(nGUKo_WnY`jpxOv`eJA89Gs+%<0>2JT} zP3PR7a^NyMCne*K6pm(_K>8Wqr{juu^LXz$2=SF}n&)oQfX2Iw)ow|T)#&%WPl=s= z2(cOVK8tsqR95|YGObJMq`N5L^#m8i4Def^WSsE1+TmP&Y(3~0Bd?<)b8>RBl`+u< z%kYc=Yt8_H>ze`V9t(mRFui&6m3>Oh5ByTN9dXnb!~6CEM%(M(gk`?~?uvEL?dghb zR+g6+!hZcx4g~w&uWo3in8_Xl8SbPDXOe+N`qTrc-W}`CY%SC(SZ9Evn6G}mlm*m zY+X($%H{!|uA>bnrT3w=B)rk-=p9=$OLpbwaA#m-RLMN5es8oel+60RsX7iK@Kb?a zD|^z<^FLeUgGc0l?8aIfcbFm`*6zId2&tu#+)AFod*4JNYflbLwyxR(2O3>J&D6d)0n#y34ZI(B7Q0W z_BIaF12B;fy4E`OoTv8Gb@MI$D-Hgtfz<_T3NyFyar`uMP(*v#sf!Nd2?r21!ObZG zDQM{p-bsU9SVqj!NOFdz-J;gk9mDy)ICP3H@9s$EI-NG6nB3ldZDbwWQ^v2%Z^COD zYwIFg3QxWQu-%CPt4CAXtU0j=zpWKq5Vn@(fY05kCf^-y#>cUf_vz|@D@Ga;<>7|I zLXXlr`(CIOoFCOkwKbO?N4#s zpCah%tG~3-*)rXhQLxU;*C_+1`ba$K`?J!x`OoGZokqA}a*mGsdv7s8qJ;!B{1>aS zl;w%S<2Efj;)yyQG?IF5jxmpIxb-+g-vXgVW?eU_vL$!$=`p%oWat~`!+z=#OYXu1 zHA;%D4TmSBUT@ogRrj{okQfSlyvUq&LpqiLgvF1Cm-oiGzXy1H3k(qZPk_x?#J1z6 zUW-TO6|q%K4_e#hR!Ol>awO;mu6tW=WMjN*B-4Wy$6ZwyA2NBk+p?EZV?Hj;smz!~ zsR%}3@ZSs^5xn!_Sq^$7F<@KW|C&cL*rzDP6_kU{D2`>dwY4STk1aW^<%p*3xl<=p z25#1YIJ`%!;#57{@5Z3(TnA&zKD(s&Su-jC$5TBys@i@+W0=wLDw0p(L|0VQF@~MO zvL|hMp<%swTdS|8JnvSmDQS+d2(;wisy0W+a8$1T-E9tuU>G5hAm9q~hL<4R(!YOJTo)7{$32o(_l)ys@jPdzxu{#5v%tf+8Sa z1act_ej`ktKtDEZPyeAGlB)$^><)M)=RJiP6)om~KN$nO&s=;M@gz>3=($zxM%}(I zkfKSsb&4Ow`9a$=J!woeBB~$7*mezmZl}adS_kM7;78)rn7tn^Ds^Mj5I0OkFs$Y> zE%Q!IHJzAGQffR%l<(1WYKr}5b!aiQiJexICpBwhfMs5hPhl7r$f$-($=fDfHxA#x zlEKyIi*6%xMFm%?LQndLCoN2tN5j2~Yv9gr?~}st<4{L}Jdz$`vzh0?&T`X%=@U+d z$L~g65P`1!_x?1l8?Wg4wA1m;R^Ay559kMw;RO+JY*Zk_xP>W43~%4r1s{a35IBG3 zNP6tom{1B}$%#wHUBIWDcOI>S0C=B7KY-t-e5yL`0r|3-BndMdb5=R%TdS$-CW8c3 zY|ld+r>jIXkT9*O1 zPWx1eu~6DXtAE1wIg|~xWyu6x4C?yQ2Z-jn19^|KHw$`IK1+cFKoo^7%x9`qyvMQv z54@wNr(Ezl8g>F$-&d)2)jCt!uG%1CgEh*8MFT2jO-*=(s;>W24vN~|YSLViqw7tN zo-Szwbw{k9(iMdLk*2ppC$nu4rrNwq)jhbHKZsrDvzn>l(4Es8n^TWA+@Hz<9Yc=- zVo${fTT!ES8lV}w?N>H;6Lqzzd-w9<}ox6IV$c+CidBk7eR|`r&wE*Oe%k|_I z%MXK^#DD3=csC=~<;^+&T4`SnvcP$qcc9yz#6rJ{Z?&es|1c}M1~8=z47+7M5X$pV zF&M3s`!zc4t=}oWP{G|W;vg%SqkHjHou60XS!zg*<%FX%r!*T-C*Pc`m#ONpE$)@% z=nYbU+RHo6nT(6Iy0v4`a22l4oQLoTL`+V&y3o`(A&V;EZbZ?W*o%f8CdsZw&&* zizPC}C(sf;pZOrIn6}8}^gA^H-P|&zUDtxE&Q{xWAN1Y#z>rjK!xA)F3Fkab)GxsS zd2ZJaXENEpccOnv+z}u~2_hjCE-}Rryta$)V;s6R&hw^TS?SgReI%=|M=6e6_(0$Y z8&S5_c3+DZI_nCbmLVavy6Wo=ycTjk%&H;x{_%{mJ-j@YLF}1JTi$Nf6|3LEyCP2o zaf5~p7Axx|rdP%ndQ+fC?M%dl*eiNS;niN-S;kt14etz)9@!rb_=bbLcy}9fjGwja zwYLD?Fh{7(dq!-`*y;;twz zW`Sh)LEFJ_=CffhV)%9P;B1>qb9tT*wbsy0%qUCSEtOC7g-#>fZBFXU-IUWSm;jO0m)WsJ%Tflm_OPTbk;bxH0Br zNG7miP;9oP!r4<39(V-X=3Y10PN7p(j}KA~ZOr;0zWf+;V(rF@%Q5CN*ezu~gIXq} zy(FSB04@B~EMOoNO4y~Tv4PJ4K>X&N$?di$NXiBtvFzlj7Qm^fi7tT4VYkYA@BEhS zK%XSjJFjy1@rE-ZPT1i+E5g{F^62filPx11Db$hW_DW+}3We--{^TRo>i697*L7iK zsb9=8)WnjsE}Nwideen8GQc6#G8Y*LucX+-MS<;XNotPf|Ued_NyAsA4R~Ov4 z8w}6{_YV5d$I3^g0Y~#+4$i(mLO+8J+OF zAV1Io4~T1N-T+MjY5}_f;0;g^bn_g1=!v3N9gA-~{=hGY%yn zFV}z2>JE1P1jfc{kV+{5=SFi088DNXPiwp8&Dpd_Ylj-gtEnZ&uG8SY!-^G8WYshS z8|WLB1L16ALpKGNz~$(23M6)s+ui;kC53}gHN>Kc52!txBMq7;y{Lkv-c|W5-;Hj} z3026P`YGvU2v(&$4}Ih4v7T&dc5^aKJp%{b9%T+UTu)aGWp>Dg;mJ(bDKf6_CYOyF zjZl@#=Een`j=3+c9cj~3Q3Yr+VesvLs>Z)Q=p&7%lNhFX%?Q$`Yb&jDmcObXunJgz zS^tdC!T^OFa$^Jzkz?e0Y4;FsI|rby_#jul)%_frEdJ}I)+72M)n5krn2iwuQoNqk z8$K*@9P`Te+zRPgE2gnKefkqL(=hi=@%gusL^wFde2)S|iIldAcN!gHAgCvt(n@0B zof$bPJG~E>td!!zf6?UvIOs9fQZd0tY%QnU6mST*!3(8Dr_&kxtB06UrWAl&={`^*7rx3bdR$DL zenhR~pCStJ`*3Q2nzk^2^%?@MiKI^tWqy@En)qT5*s;mYGP%Oma8U7F5G4Vx=r@No zhLFTT$3;V}*KYIZpV!DC^ozdVEpg(97j7=DrX_qMLdAO2P1EyiBwO*ge@sh);DSn( z>gIXzX6r-ATZ9*vGe4#QX@I769ZpqA-H)yA_DmjUTA&eH;(1tR7u-p9Ktn0J+!#a^ zg3Jf>z&?bzUF|dkYv=!LzuJ|uZ97TmkSSOh{Qg~Tiq*lc!tikwFPkwrWx`9WLV+~0 zbz814s7Iak;H}N=WA8yN(WIfFkH%Td#se>6+}PH0SFS{{B8Q$_8E|*)jw{(a`p^P2 znj;%P-al>9`C5w`vk~mO^@Y$z&LHuEpa3p5orSTRqu#J#n(iQZa=m%md%5*TH0b^n z4R|GD7Yk(l*W7yRIJ-a#LQ!Sb-@{ihqf6O**wK+*ZrW~$jj8X7&C19A*;*+*)f266 zh*xg_!aC{S%MMcF1Jom&#w2ru@*O)GzRx|0hGW8RC{AAI1NrX|I!%%i1-P_M6$tD2 zzP(;? z?Qu14Ezos%l_MyecPSKD(a*Qf>DnKycO-(r&~nG2mQ(&o`%-k~yXZ8B& zi@hd&6H^vRj$|WYj;lr3=j0|wxFo&sa42AV3jf=H3-&Mo(~}=(v+&yWOMo4JB6C&HFF+^!*^W(g_x9(yIl2}1FQ4c z0%4{g&}jpgmmf>wST*uZJIY+5souB^&h3+O+7Q{xxzw+t_y>IPA!;veIr3_4n?mJ4 z#beA>E>Y<(rk~iJZ&GZ2%Ih+8ErJHR=t?gnJk#|)!9gQ><3kQ3SMSMdJyCQgEIc`S zix}BZdN@nVc-g6jV^w;{8aJ)Y1bJIep_5EP+W>1X?Z(bYR79Dyn@gA@WHv>OCZDu# zkq9f9I60G0^qyc9qG0`mYS-zg)ccSR!&q%&^iwEFc(vm%g)afO&l)#=zTsuUNF+KC zNuHnvN(TT>Sd%rq@kkcKe% zhHKQHn=v;z1y3;sTcDND^~CX?A%{{4)|GBp{8R!JcgK$hU-WH&@eKSvTC)m+>5|=% z#CpY|h<(FJUeUpAV3*2xj6Y)nq-xWkqE^}F>kv_m?dq!hAhBJ6@SkH1&BlG?&eM z+3ly{E4eR_rBbpVHz#3a4zl7nQymc3PgEuDmPG>yE{U0yHvz{lYcCFJ~wsA#3y z<5(dC=L{ibgh%y=Mkzz66;hIYR-$=M#ArXA@WyP9a``CYmWE%7oE5i!y%FOG#cO$djlQxU3*L>-JLlY=0>D3FYO{j=75e3e_Xs8aKd%o!9USjFy}0%`ujz{ll|Wu_1)^Y!%+i9X_%dEB=y zr%1M5pz*rOZL(aOmm8`6^x~Hv#)QqaKr^;g;}U=>q~Gq{-O8T+>;Qo_Go*K-7<{;J zpBFG2_Wt1AYt31VSuv_AG9FA|`GRVg_qx7z+1>u7pbuZ$#d_)%gT+K4<_*xoe1V4t zldnYSZMO6~JOCH#VI#MnSKHg3xFh@PtqfjXAa|(D(^ix%XFJo&9PfQOL`Z#ij5h!u zDJQzSgfpQ;E_TJRa@AvZph6I-G&7kSCRVW-ZILma{S2QhUL-Y~3udY?k2vf}4Iq4Q z#+>;qJUind`p%<9GdX;jPoe+oFuQs=#woCy-<%4^>Ri>IB$f<$4n6LsR=Jt1lf(P8!2E)+2l@d{lh|3oc&}27XwH98nUTe^#-@=2lWfuj?u- zLY1W*BOIL@g!VD7SESBZpn-~GbI@7}nWNfkKKX!TFyz5@wU%E)D$Rj4R$cYaI)k{& z3XbSA3jrO~LDlK6r-he?I&F!Bbn@o%vp4>ZF-8KBiq~B_gQ{@Etv4Lk#)9^yjhUI} zdF>pyn4Uds2@@pBtKPD1z3j3-W}hFJ$8Ef1&UdNh4z4rcbK7;M=2S4)>aj3ZY|f(z zH_4>g%hT3W9-Q9V;@(1z+pv2SUTcr4Pfd1np!T?K*QGr3c}Z>4 zG{N+{VC&}v$W_9ajHPk2hJsjYoGPAfXhfI=@vhcGia~Pi~2GkIiO?D=;X*B zAesK1|d#f>XXIv(o(jZ+p zo%7a&ygx5}8G6G^fh=iR1glS%u!yB0fQ}C^G|Xq)wOlg^EM7OLs*#wjxu?}xPOJD! zafl&{4lK5LuJKnDnQh57dX8_QG#DMW2km7CNsBY+UVF^TF+D#5+BR3Urv#{&PsEE9 z@7QSG79p^B-+zBz$UCjvH%r&eW) z;9zXD6Mr}pn&o=99ZiAL#t)&*$&$oshqVu78OSEKg#~-OYVh*C@i|9wh?(QYOijTY zH&+7;LpKQ?28U&W7_V?Cl3LgKZejC@9@cB_&r`Q%uTwazEi5$EAm6V(YY95HwiA^d zrd(C}hWc0m9Pqbe9Y@E;$1s(vk~i@3OwtYv|ELnD%`q|kjN-jSJRP@AFqJpI?&7qE zl|9MoC{5=%y}!W6(Wh?c8Ges{A83uR;@R=pRA3uVtq3OXWpB^wdnEea2D|0vEhUq* z_cQ17E(`v0csG+BoNrF<)_}KJoK5VhR9sA&0xh@BP}z4Uvtb0wfYJNG2a0Z5tqxYk-72U*yQH5NQ0VX2 z+pUtAuYEmT8~r(OeOw;z(h?+1jzC!K@t&LcGo;#FSR@4JKyX4ShG9x{=nCv>=ycf8 ztJ@tqtW$iE^i6ESQ0s$#DtB+dojvWm<{NwY5ZSWe*}|TjOSo5g`3ssDQ~4r!ELWGn zUX{n6Yb&docRO`DEFN3Rf0$N6Q_fSm{t?+k8zJ@tm8M>&R0@@lZe>-bRN(#W18=^n zOP?wpnG(3oiF@TG$uVl8{WAX>`bw??PgWM0R@a`R?qF!B6^<(H;YmMjh6SOp-D`5% z;zUO1&a8AAB=i#o2wL}9?S^m3kiShVY^q@#MRO)-m`8+BQ?XLa*U_NC!pgX_KQ=)6 z!-uE#^G{rgR?_^<-gO6Ja2g#kL1825bSs1SHfhbj8riq&1N-u174tu4-M4&9&pSs6aT&5tcjgAY$hm&Z)`_E1f?%p8Dh!uLqk`;k5}0n`V8qS!Xe`wu&f(oHt_%cf zm&bi>C6dTS$751VMTz+<9e1~M@C-ipF}p~^gX5jK>8JvoRTwN55_D>&k6r4l+P6CR zvp4|lOh150_*)L}h*%QYv#Y4iuR5q?1in*)oHzTFuPfNk*~@@NNny6>!*lRc#xF>A5C2R-9w0yXJmC8&5(;Hk z6Ry?aJ`CmXI-%S~Ae^L1<`IJBv?MWO{=}p#wGZk+SUiS-m)}phCM!8)t2M(0=Axtm zUvFp~1+k#zbLJFM2EHMqYdVia^l$U4PZfQk&n~RIS1g2Lja`TKp**8OK(!H>#{$c8 zB7Y`a_7YT#{RFDgH$b@DL|2n*nYH}Nn6Y_+M);phX+RY5G+ z`31QzA}tEtgJOX~T&fHvt%)LE@ZzJ*<%k90D%3W=l~ei7gw}V?Gz**;&AURnf(IM9 zC*>b#DDo9*)mX*0Yw&i53Sy;LY3haO^R#1k6)LM(WN_3$Jl$F9L9S>7r?n9sVoBAA9fc_RSx3d|Btb^4y$VWzK2OEDM?8I=@O)+ zq?PV&0qO2WI#p6Sr0dY#r6660jzc32((rCD?!DiSzvp@XLOh4P_gZW2Ip>;dj4>Hq zGAY`y(R?buZnH^M<9r2jJ;QEXVJbBRO?-Gff?b zaDL{Fi_mc~91bw70Tr^%hdau&^N4rfE`hPPqEfiTFdAZC*sTP2o}_u-e6Y1o-Y%GI zQ**9j){P{h5LJu+;yMSM4p&-Cv6dEUE=g)=Bsy?+?PkwrlkmAo$oGtU>ZT#!(x~UH zn4Di74d%ikpy4MH^El9y70}Z70|)Q=Js2k))EljSaT?GZepFX_tz7B2 zo}fiE8p@qjAOGf|*VTdeIg?&Zbjiok+FCPMS3$tqp?_xIi0*JgN-iu*yQ^F&r>Igp zTt@yWdJr~&G-lV1kKRrFNta#iuPN|D3`aVH`9q2^I+=T8VfOstN$52zXhaQ)#KUOi zCMenxDoQ;OC(YWGgw+N?0a76*^pC3xLSBc(8HGh5AN1PW>INCm3_?On2pC10KC+_F z1f))`|DZ6)m**; zy%gYxP93#?AvF&OGg`+on|adr=<%ZuK#q*Aleecmi7m9~guNNe4&5zIcjpeLPK{CD zMTBu03IUSbf1Hs2Ll_-ovYdm!w|u(rNuUUQ3fyq#%YAfwAJ~`6f+O%>S*awl&SlnpR(Ud(CpsNJNASgj0_maUvh@bk!9l_N%ld{e5alHwTY7AT#6z&nA~ZT03|$W+-*%mCiznew zD|*ki#Of~cL=jGQJHnB)c0526QH_!}iz+B(OWXnFm|n?Gm33zU{%sb@nb5}hd|pIg zQA2dmC$?oT7h*3V+RED5!)3Q3AzF*_ae`eko=JIt|I>i>%rBY-ahG7;!tm1eXX3 zp%vN&>h}*sGz7ovriHbe-cjA;y$(tOlFCKix2<&wOGKD>`JE|`OP@MP#qADf76|6G zb>nd~w?g9)`RFN{-f#rFpoSs}mVW;HSt*el^2zz&8|3K889LfO^9;oW1^l*Z+iDEm zb*$aLc9RVM>9B+h93ze~+an40`x!t%Kv&l9Z8#qPvrs=TfD;SLfkFdpz0XKGs7jv8 zzu}R;nG}(a2sY5b#3`Yqo1$OaB2zE!krsRUs7v>ylAC|tA}4yvBJSO0`~KaR)5icE zp3ZHpBNd*|Jxsu-`SS@B+|NDvT|j&$*t&Ikicw6>VCJD2V<&Bs99yeLuk~kDG(bivYSY;)7&`}d^&nqov;8nRGYq_Svr59FEgEtDT> ztr1?$5K}Gu|IGcOVAqOIKMXP);Yk|^nQgMBJR|Ezm|>U4vob3+&U-UxPlHvtY1X{v z)vqFP!N1|{BruHlJ%Jwtg8AQZq%YgHN|HSVw}*}2@b*1l zYrwGBA5v)y!Ziq`PUK1-OZDV?J>7XY?jYBB%r!H1B=El zow(8Bj|IAO>87m>C8vYb!|TDDKX3zwF=vZYln_Gl=Cs-Fc(bbc=8 zor}D_yN^KkBFnP}|2qySqC5#Akh&mJLI&WSF?$NTCje)tkvw!Dh`bM-M~fD6F# z2VteL;O#&D%TR8)7qc-QSuAy#dAqT6C)p!%xCCE$2m6pcgZp_yP&y!f&hADwOjX&dhT8fU=kC4E**o2pp!%hLYy z*NZ*^|I7oMBx|bu6Y!ZZ$yit4ANvCh0K=FlgWdBX{>$xw{u*}w*Cg6Mj3r>{O#CuH z9ACgYwvL9jDu!e7{^i|x;__dM2x{vML?g*u02O;z3_Pph!Ji#a0S3pFn-Z!WcXu^l| zbHgR+y?^MrX!PLs@+ScAS9ds)3yjnsYyT&fK_SpR2VAPlgkuq%ICNppN@aP5;-^;; zb&zbdpBIqB{QYVu!x6EF@$UWQCHH|{YX3D4gIi(eObiz70bddjbb5cUN5tJUOoeu< zhvOyxWj$JT(7+7oaNmYH`)m^_9}fa;{`P&QE`6YN7w^pyifb|Q?h2^Rvx5A!(7#9a zPXrKLUGa$*k^lwZ6<)i>nS2A<4=%QqCZqFD5O3d)qjhr~kmnn1dEkNudhpi~WOM>H zXN)7BW~j`Ktj0$b7K@r9NB+3mFP`N0!s)I3@|S^*&r1oPK~w$pLQem75+rQ_{gBl(nG^eDBt_i`0q^JM;UHwywIeIZVMWkyl`Pb_ zdbyW?#?J2)fTj}P>Fphfr*aY@3--_B0ja<~IxurLORAgZn)lJ}30TQZ3>NBl&WZyE ze2nuZMIZ3+ z&n=%k#q`m``q=09atcsvB)nu1LyyJs?GTqVJtVA)Ny!@8==qpuRs5wFNd!KHeWKKl zi6{{D?iMz_z}NB8pY;9Q4@tN7*$RPJfWB(~zBHm?8x;?aUn0A7`b2Rw4L|=!v>Q!9 z@0(AeQ&W^=b=deyHg~tzY8=+=5?oy9$Ufd|hbc%TdFechVQo5umAg7(zPI|d{@N-s zcRi3=-HbYh4ju+CRaT{1h=oPuz!o!ujjuzk-S+w+R_Fanr9UErYRh@VSWT>WqJYTa zNSt}{1e~CP{P<52Ehs^b0r2e|CslI4MkmT^m{mgmNS=MN%+h z!F`K+x3|PN1lAAfoDz8lIxuhF0H*)1(<$6$yiajrdIl0BSxUVgZaMCZp5cpY>)#i< zd)x&E`p*rdeVJh|x`$?K6gvpNKTFoGElCq-_pkrf)gEly_7Udw>+p2?hVH@ z#0`>pCJR!%k9L>1D5*r`Uiu1A=6XG|nd)LW-VLKAqn!4KT;$JoV%|NW+!SC-ic>1Q ztw(n=dqVKnnKky4PMI#NTwXt-d08t+Pp9&BWM!`M?EwoN9YZ#uRo+Wk-ud^-1{5LQ z#NMu_?8k#tJ*BO}c9zd*G%>m6{Q4&aut$7)DmF6FSlFz2;0QJGW&*oA9IuOzu{Z>Y z6r?q}R=a&a9d8#Hm<=<81`5PTXfua@SnmJ0hiv*ijJv%z@~xlEW9N7q;vl$RZ^DzI zyQyW%j4f)yz|oN^TwLWM0|R912Y=pdjE{)^pY)!ay)ks#Z+3gMMJ8M`Ol^<$SZ{Bk z6iu3FL1|6eOCP=IxL3z@fW>OMN|GaHu8BVFhEGYtB>972yhDkQ<94Tlj11Cs_2K6$ z6B-7l0_CubYRiv#>J@OkgUs2)FAg`*F`wst?mXx-^E?N-F63Uj(kjvIUf0n{B1>Fc zvYU0vDPnq4Q)DGnThL;~9-q|ibav91d0Ul#f1y!3ad93m#p9s%9f~|Q%!eLm2%(#? zY>*lAW4Nx4oTygTR^S^#zRSB+{ zI}6Qi*lv8RY*lnmkV@g(ftTj{c2u0*!gw?Q`A9 z!L;>>nPH8#Y`I!q3$L%X%O)lVMQl7Z#lxpdN2Ti{W1oO_$A@Z(2STAU8T;rDBZ=r^ zaV0IPuzP7St{$$Q>s#FWwa`Ey;)GTkka6fR2Vjim30IQ95stnlgZ-zn@(Qk93Uq$f zG2!4k>A+(H@)>Bci3NLbhEg)PSj^47vTzX_nLQ8M{LrSkT7JBx9$_qFZK{?T#m_Br zd!s2KOj0cS;e%1q8(k*e*Qfj-b$UX^X^*qE3pTYF!);>E>8clLfoL;S0oa~i>tUmB zZ*nb-CPd?la)@6LL)VY98j7*!T<#T%YqgAa6^>cdZ?v;%JR6j^{{H;M=4LJdinFkh zpQ2 zY*x_IM1o~7w&KFq?Cid|Wj)gr{>@?}XeU;bL6zD$(}l_Y`2MPp(K#d>w*`}z5? zUJD$-80X7*wF47OzB8rj@U*fwPKheDm&Md8XL!wNVi8;MJM))30+F69_A(?@0`!6N z?o*A>O{apiC(TFx-%n?_mGg`p=X|P$UA*nCL}<0WAV>u|j31jH9l5TpYF*sK3r#nb zDurUKr{YLQr@qEDSKy%b+-_d{dQw!R`((lwc3$Af4(<9-9Fv$2z-oJ?NYo$YxDe1R zcX0IxPBoSKm+Zvnr_rIhKatn4M@@S#EO5(&?XS2Qa)|}+Omwx#Alu%V_m#VHe+H)D zBf+a9lg|pMz72`B0=tvk-1e`%7Zy$`E@roS7I*4!w93nI%se-3&t=qaJ$aOi6$0^2 zU#$1RxOr%CXxmt^F(#=0;4LsT;H7SglU%q_lQ@S*W2x0|k~p`j-5Y=_?b5H}lNG1m z&aGaj7Z`Wrf`Pt^TRuOdC!?v}=Ud35!`-<8h1ajKEoT#ilQ>>*3=W#72}M(}MX%0Ou0`x2PJ5^OY>h`e zuUcXN^PY!oVAhdy%+l?lJDxPC^mgCgux?$oC>NX zv^lp|x_P`_BLmRm>g<*ExBj$Z~EnLaxq6`n&`!$sW-}Ss1 zbyV#dA;cm+FKvn!$I9jAYSC9$E;}G0n|oe`tpbIV+0ZYbnw6*M-m9`!v$khYzcwJX zd|rCPF$c;Rgt#5O<0ZH?V@esNN<8-az+8%Z3sC!zCADp{6P=jNFPP@QebEoJd ziWJUjejfA593$|F8t0crk4Mam7MfuS=;4yzA)v5_B>;evV9`u)f&}gUET0Wlv1U9Y zBQc3<9zQDSgapUY&IrW8b@1t6C~-O06tneg%o0 z7dNKm&lJ}Ev%p{GThglc=ra1Od0rB|NeYNq7pGDTwZV#Ih6uzd+zoc zt^ew2+8N$nqwgF@2m63(dxi7xvyo)s^Q?^q*}~cY4afZPgXFgt%i2e!+bQ(rL+yT& z6vGQerum(Ir~s>(KJ!Lc=C$u~)}*3Q_``t(sx>FmG^~;O6>ocD2tFG_7?;z7T-kYv zY^D^0x8u593NCgxu`T20j&(Qwvr0}l@mZ6^pDLY%S@>QsgzPqt*SazytU|oE0tHkh zr9;wH(_ZD!Ge^XdkCE#mu^zgLhrefuq8>?~=@UU>+M`d^5>IQ?7Vw^2x@dU5d0N%w z;8gfFk)JYv0I@9)D@-veqCZDSpW$c({HA_YqoVfPDwu9@P#H(^@TmN0Lx587|@%2)$9 zjP?nZ)6n(E(O7LmN!0EHBLqopcURvPT- z7=-}=Cq{`5AG2kRqs1eM92#HOl6s#%4lc_?{pqr7?$Y{G@M0t$qCb#W64b>*{Phe0 zHHrTu#KwO81I2g>LPAfQeyn*B+|Du~xkAJa#x4`LsLpQZ0auO4(#^dIpX8dxJ)3jD z+@+npT~aJ#-7+jRZxBXO{e3uhinKCkSM_t4^tgiA>~~dD%(hclGVr&HeO&?$kA~(K zrj%oQ1JkU7v4!lyORv4!{QBL~*7~G9akag$4m84rv#=dK*m`JcTCuh5P@p|}5?D|}c(cXoSWhKv1!}oeK-Q+@@H#QQqOUt% zE8?xsFd>pA-UGoI3{*ebO*jmw`dW=M{yFTK)jPxQ-!WBiDM(~K2VGDDr%i6lQ$z-M zl35Sp>pUxX1f0TtG}=%&FS!o4TdI7*=vsz49aNEO9M)o-V`sW>jdd=;vq;6medw9O zfS>BZq4}-U$Et-tk}8T-L*hI%_ekx|awdF>=?C^ckujQkCFpiNDcW}#b9Ba?IW|;= zCmevJpQ58UyQhAvcy_QnQ+GTv;~JBI@shM9b$Mhwt?)q5=+P7V4eF9tKb!VPVJ3JZaYi(PDdzMa>y&g-MhlJ+j?W zwae}a#?I12H`JfQ+1hL!N`b*6#;;dg%!CzoM%HrB+mP`MLwh(!YcuSd@uK)!tw`ES zB|{|nHoMG@Ifrx?F4P|g&(MW!n^#|h&IgODHdgUEc~eFvg|s%;+bt96z##Jq6cM6i zZ*=aR^37@2tFi~jorb8{Pexb57lMm*jyJ1s$1>w{xGwl>I!GPlIy;xJ5!==#nhD=d zv5NCzR1HctC}qeBSWz%r*PmEx+*Ghc256v(2L<$xM%!&%*PS~|_8)ZOk_~Lq+TOz2 zF2w3Vw5la)3A3hlQ7>iyb>&@%_E(bEYwv0 zIN(VYF~8dj0jD0y05W-#SPWyc)KL4(df{!SR}Ve+3v6LE7NVHfFHmo*B>S1bV3<(G z0PvO=sbUXZ>P6XkxtGf1OKsK2wk(ZTn?30o;w;_fombkF%AkB|t?TPUqk4zZ)q>>2 zTs$hPMk<+ZIek25``lb)%mJeKSH-9UR3!8ciX4jJ@6RFv0PNf*I0OmyS5lM*hv*-oSD{@iBKaD- zMI-fu8P&U2-_x!QKA+7&0@f1qg|3#Um0K(|7z8gn@TgH%Nh(s7^cjuB}I9I-3x?JMAr zZEaY7ip~2KG~bB?IUjh?!nL)`5=1370Ihdlj znP0+shpywzAY<2p9jgmF-oYq+`&JiO<+up4smDUtFzHOU6;XBX`Qz2hDOa&E!sZ zwGFZ<-)Xc0;1W;%3v#fUc2J$4rm+9a^Yw#52p0oG<3N*w8Y7al&FS9SxjnZsXw%-2 zNZNhit-GY{lbgQw`?RKzY8XBTbp`g)N9NR2 z7a)_Svu$wy5kIszJjE(DQD>QDdQilg5xZ9*$Rni|+>cY1H`bYn7H0f?BvMr3MKmWM z%E-W0FKw%l|ZI6UcL=r|LkwU1&YS{igqGu;28LEN9`pg zrmea_gjy&(UU4I$)+4z;SY-sJI|y@QTlS)JCggO(yiTCz{9VjtWM4~#hq^n@Q8=8& zMa#o_NJ#_}y+_M2k=YzwNH3NJuD4_O?&Hd@MucWLbl~p-a)RqAx4DVM#LU}?GHD)Q z4V_DJFz@qfB-Hv`rk!a<1~MilEI+3DXA!vH%;{&g-MR>-E2l68b#_3mMJm6Y_7a2|oeH)gupO@L2C9p z$|Z)e`&{5qb`KkC&{oV*I(?r15=e^lJd&iEnxuTt$4hFS6hz%~U zQd_qw?@7m@D1c@{+X}3$2zbwf=6FLC<2CvE=&CN64*ZZLK~Q#9ckNKdvg14tkBY10 zVZ#-K>lHg(O*5X=RDlXhsN2BFxVbgQ)%d|>y;p&r;cA_7&-(T-GLyB(d-1_0x>;DK z;EeNjp|9Mw-{_rOd-g&}@sx&_6*l`kD~ja0={4%=6Y!bY%b-rTD!#JnBqrj0$+|a* z2X^1yqWs*7e*?-TEQWqWq!@@lPQ8*YQDob?gHA-`e{X>VpM+zAfCU!#lFwooNkR`4 zm0rG_dVp8cckrUxYU^ncYUV~5bJU0@x)q0GZoNp-iv`Sb*MREQ>RUDjmDO2wudOHCi#K|AmHCi4 zt{+?p>v|i8f9i0oWy;;QQj?`uO;t+j97cl1wcyI*L^y2*_M3@ZnNk~aVUY<5!WCG`=Fv$#MXGU68I_^~ zV=VbNezyy*CwRxn3vpAi*%Wvh)_h&|o;SpZ&#Le9NmA%$!0^|@a~pOscI(jz12=0c zXwS1x9SYHNq;^DvvR`M;xoejCFW~*s2CkP0el9so7*L#PT~^=JK)GM?cYue-5C6x* ziy(rpUiOkcP4mbkLv6s~~w5Mg-62I;l(Aamu zaeT9QQu7OkSj5z;=f-g-c(h)@H!aqK87hp?8$(M%W|KGQ#mv?F`jVtFgS<6i^Dg!+ zPNlY4E*extZfzUaXyrkEz!t7Ew5o zZuRu~sn-%oVZ{{@_n~Z- zh*tpG&LDHvwXobV8N?^zQS>9(>NS$#yYE?9B?Isk$$N%Ns%&B788v|?c{3Xxx!yTs z-p+`NLRZ{Clq<;`o+yVA;#r9W*+ zn+Ura`4gpoB^-;D6J&J&Cmx6u-BWa_TLkCzUMdqyq-8G`cH*RHHEgdQuZ8kA@$yCK zxX{P*q>&1zH5*kgE|wPrM3nmVKaR-yJdRLPrT|yha*!IWkp8AHlF+@b=5YBi`Df0k zlBU`7rT6AE&O}QX$HJpcwCl!(ni!SwcI}a4`2f1$UtO3!JXU=8XS5 z;X~wz4XjJ}4TJD~9qiLj`uXZ*rP(;XM%^-RnJqCTY-I}{1d36|F6Qv?b^Z*_CfnJE z2Qlw4Xc-OMw2ttuPgFkDv;5uSdL1S-G!!Grk&^AQ z!+WzOQ>Q<%jLpfx&`fRt^Ry#clFe#;)HTSoK7k_Fw>@CGm~%2_{X1QRb`DvcxDR|% ziu>!lz7y&dF$Zh?09MyGpO7RQu_ZndG^&tq zN)a>;gYc}ybm*1FkuytOsG{BNK7&SOr5r!{MVXFQH28Q+6Qo*rBe;l=qNTyOL%1ypv+9GkecMmjX{9IH*kc zUK&K&=;9&OXpH7QRdh=W|X!yy221=w#({Zgie?noGoOqm^th zK0AY1cc{2^mCdWX62=<$bqeZDZvi~{ASbjMzwaE8qmgrz4pR}-d1_bO2AIKJPgK87 z{&YjO#NOwdv&CGF?71p6*U4 z`~fZxWV9Gl%6`pespi~_EjPxyZWyJr{dT9G)mOa9dz+Dca}{sEVP>Jt8zp~x)tu(& za|dyvhV|iRV+WIk>8<-nMSJ%`x}}lZMr5)XFQ9Ao$=y)-MzWZGoe; zc=m5E#L@7Ci5i<_iX|>iK^;}vJ@$qhlLBE8)%xxi-HUQTuiqmq?fgy?% z&%ss3HEIk*wt|Pu^U_&snW&zLH}a_oSpb{^fx`sae-r{K4>4@CA&U2oQ_X&}1S6St zl|pJw<6OJNMU1KPGMVJ@dqG)#HLr)Uj6x#IsHW`PJ!$es=Wl_0WLu*v8tBjf9H*3Y zlop2O?Fmz_668J=#b^-k!+!Z)y>p4BQh+|O*@L~)yeN|LM8Z}2J zP{;J>r;&hv9%G_yll(-b0RSm>O&0Fo$xAE|bdrDsJdAcE=FxJ@^E`dnpw)NNR6W&? z1@!Sec}_t;P`sMs<8Y)(H#T|VQV4f+STNG z!$x0Kd)^*{Qyi{pr`R8Bu7{IO`dc;U=Tv@QazZ0wNFT%{%IF9R+fcW)h6r#wxSm#d zNalnwNoBzwP4^!41X*Tjip(7au)j~Nw(84TlC{j$RS_(bXR&owf+w6mPCc+C=|6jx zh87%QiMBXk)%9R5RdA-ObSlkz&hb0Wd@IQhEi}&?W#3uBRp|{5#>~y^vR6V6zkXn9 zjT?9sO<1|xZNrciLv>dJzg74gBBB*H7ktvv^+kKYQNFI-4#H(M(BD_6I?a2Js?F(C-XQ~q()n}dpJ_nG}+WwA%z=5?PbF=<}8>r=UW|kB#31q@Rh4}My zKrsCgh29ZDz96|~vBtwHt5_O?Xps>PGUM-a@yxRs@Z|`Gnwy)$F)`Sb98W3U4(jY( zgkqJMC31wsTg`woyA?-JIOg1ovQNC%`{IuFpT+#^S|`EpYZ!=vj4#)G`*p``t9( zB+sRnY0^05Pl9wlgSuI*!P|Y8_Pc{uf&9_ZX&&;6!^NK(%E}zYT)Aosx6Qqt>>nFl zdl08-q#B}^RY{eDD)kGQo+7}gq-x?c=pBToQ8>N)LQdAxYY-pU7`R%8xMGWoloF|( zQD&sw#3R2P1i!V>C-A`Bi}%rf#np)*(%lOv2)aA%x9IFBYWeNn^}A)I5dIti4v_(~ zN2@K%$34>qkH`$(gufpYwZI>bP+SzlNM*dfa>tZTj-%IZFN+tCR;1AH_+v5+sR+j=Vo5_6ECpa7Be(eP4sDX!}Tdzm3nD_~5!?1wq ze#rLwEFB8bp9qG-`#o~qxq+a5hz}h&FB*dX^wxqg;~GIS->nMKjLJZ2Ebl?a%dVao zLzxmGBCRH~SVT?3ZI>4$F(}q>`?G^mN#Lj9~+0{3FM zzn9_4vnmXsR&@|kMutAkpStz^aFh(fhYToB&`T%|3JL{g&~Cd_zQn%{Hog?4PbG8 zM6z63U7Uv@&I!W*0n!Qi z{zf#eK0eY0dJPB)g=Z)=T$y!*x#AeTO|F7hr|i&R9!H zg{usFnrU)Bbtb2nKtjL8sB-r+Hi@hn#d>_`&|qr0PBYH}XCx zMY7T))wO$Pt-5|{E>jf6!Y*j>K^GujsJT1cpUS71uTrehI=S~joaBQiie$V`&CV`m z>c@|nvw#|0@15}6Q%XwL@2Bl3%t}lR-&xQ10PToL8$Uh6Bhp|D51H8mr1M3g?4`R5 zoDMb8rN#BC0fl5S+Ol+)fPa9Rb~dv zzt?#5MyD^1@c^Drgws^1&3LjzyZ25jQOjXiwAZp`E=MZi*~=wfWt$`(N3+(+eFsDi z72ONv0;ORPfM`p+vGLz{{w7v24}nCP1`Y7l1w#71&ho7S=z7-&{J-G8|Hf@EvH`f- zJFs#ouW$Fc7q|n%++G1+Cpx_(i&~mym1DHV^XDf7%itu2Km803qLjQnslnYn1f-l}J`3d3Rp zP`%6n1~5Ejl4eOWU2Uo928a?+GWm5rEs}lvgfNM@?K%PWAR_(a<+AZYRoUe_!yYt16*}5&#$m;A{lr*s}7Eq4K5)H%U#$(Y&FuayZA-_lO=pn$g{di^GLo`J7YoiAJUw67l@Cyz*-}i%- zo1SZ6GLr>Tif5^kEOpI&y4L}WgiR8z?3Gn=P)SM{bF&(K4=#!j;!uflAzJl>EjtHU z0?mTgWpVx$K#ebMJe_xE^#&xn1M8dIPFQ2t@u`G^(3Am6rAh56ptne{b%+lRn7BCE zMqPDDE>ta50e}25&c$v0ADrs?x8XYA=&#nB9sPn#Yw~2 zTH74f=H<+qR)rZyM+cMPqdP6oBu?vz?#~mR+r>3n^_EB2VS(IBXn5-$x{Pdf}FtZZ&@Fd};xV1S~4 zXk@X|T(hTpBA0Duqj4V*llx*Tbb)3~iHaB>rUCk#_wDr-Br}s-UF>?$jIXMh zSzH#EV-`)5l_d_a6l$`M^0znFRcpnIcVcU!fRZc4j2^?7!{N%S6D5-MZ=ZyPp0KW< z;y?2dX?)5URcv@1_uOK~p`U&7?dkbbI=a`9nv6XYYFmlu1Z=@^4C)3nd%Nv;C`o!H zX$=SDq<8)pLk`a3W>r$KC$#%_MgaUT6x=_*Ec_}_Lz-OD6kJ0i-+ns_=Xw?0G36MRBclSXuijM`2rA|J}5juCn=h92c$e7s%^~N0z^TarEaNtypkd8W)()J zWJZf)du$<~jcOkXi`dcuo7JpZw~gt@=a3B9>cAzt_MNzP-;MF=iyu3MRUH#NX3cKN z9F~cVgGVm_CHbmLv+uZ86@V&;Mso|04>S|?Re+YNaT(N}tRLJ7iFcdf;5mBGp|y)9 zXJ`Yss{=qdA|8UVyNA8RFFS#0H5>y-D9ULfkTJMgNY*Nj_D&n=8#>OVtcRKBo~EPk zk?A3PZ}o+;PlxeDYnw)J**VxfIje*5fL-{X?BWT-uW+lHdb8}2mi#=qR65M!2u|wy z{9sj!InTu|BnQvJf82kwZ$Dnwig1D`M`_cK#BU3L0suLK*27b^?@J!ILX9{U z;FCB|HA`jIUMV2XGyOoI0Wz`xIa04M{(9LL&&)aJzL_1r!iOm-jydsk+7maY-eEIS z%WX3o83l2`Qlof%Hj;C49+3l3XRl8V(os7=z;o1UM&|e~b{A$i>pnJYWQJ9;Kf>jp z;vK&^!++RDm9U+gMmTT)eaAJhfZV-R280j1JUH4D_AUMr4WZEd*?z^tw@REtx_#GGi_|iz+NcKwZh4VV zaHpHxIYUrgcSsQ2O*jnzuTMYc0*TOQb~^-|tUN%Pm0}tmyYzUYYB4L&zzQi3LL(ko z;7GP#I9ltEb_G(T2W2yip7oH(7ZSnDBgN{YInw!+l}Zi$Of}u%k10wk%FBa$egIPgs`!{Hc+# zu>#=J$G_V}2_-~BBqSxXR#x6@qFIAM`sJw@;}U9cb(X@298VdtS3DcEGF_XzYFgtwa3DoXPNk@Qd@XyL{T~A2BCtSptaa&9#Xe<0sq95soh_&x*^<^E}v4G zN+L^t_;+WnhXwOxNEk;Z0+-fQUwb-Lo#<5)lNf73N zl0;|I@P)Fhk~xMoToRzh7wXcO`cWrA??XVblvcK%AB+Kg)bg@Hhb5Yu_fbFR=(wt` zH1P|kr%MFV4TH-vgQDjbWKk2Su zeXKdHj0f<@<7^KS@fOSZKFoLvK@Bg5xDa-T)joP&Ma^LG=0&?Q&}PcUner%}N!#p; zYELJNbt6E`Ewa_B&ZzDZN3$B-IS`1<$ZT2P=I-gOTl7PT0YbX0x&8iP+iJCGRVpWh zo;ffAqpPwk5}!qg(EN$b0cBtWsC}fHY<87)czAePjmzmny_o04@$jK`zW_dqMe=2p z{dMwXd)1{g76_VSv6U80?flZJ!dkruHC6WC44;4egg%^=S2oaOzO{KJx zE?g2|i=u_=4Cx#12AQ>LhjzM~Y(l7J_QgQ2WMwBWk^qOF-w!ku(fPz?`jNcI{Nbrf zG@$k_pCk1ta~9|l5a`}+6gQC*9A;Q+QU%b$5~ZaV?8fY=@(c zd=W^7Y~GIML`+mShr2N? zxk5$y%HHk{Z+_1&``1SBJ^{y&x+4!IG`r8trpcN`&=5KKNdrPwu}s?aU%VA_WyU!s zO6#}iKJ_ez+h7{Gd?`Zam}_vJoW?8Z#Kv6I*3SrJbO+Mh%sG2XFsLiarZ_t|fuTIv zCXK3;JL>jRu>DpB#(`a>le&Mtc0)BbvlkedA&E^gj4N-S>_z$dHKT>vcmGB#t0tI zlaQe?FOEerjzQk4ZWULw6Z+$Aa&ZNhE@Oksfk6PH)z(;k79e!M*9#}x5qoj+mo_=>+Tn22X)PNyNfFRJMHP36Tc>}0mE)~I2gbVXzn;@QhS$nEGTP1 zZ;k^_p#MfrMC3rYv-^bx%iTfMHYz{*;FtB%2BVWMgT`rA-2*b(qIXVjo}Tm+(i4>n zY=s*v#QGb79Uicl(p!{BZGryTVU4&+dzC;wy+e`)w4ZeV(z%ZqFC-9Ir}?^#0r%C( zqQpzNj?Y1asG}Ap_vX##88abJI-r@8xQlYC%jUeRwai6V@~Ed6GwJpiXybry^_(g^ zqM`G^#_f3HrBLuQ>@tnPq2PEtvxkJTU9Ks2qIp1vpFjf@TX{mv-LJtA7^E_h{*lPW zZa|%6vgF+Vz;a$|e}vZd>Pci($5-w^X$6Hxmh+9Dqy}RY2|d0hKgvvNG^`>~MO(Z0 z+O{lk=lXn@5zqEdwatGxc%TjQ^dS8|VgmiIn6UbV*_ftJ(M1F`EA(x}@|&%w%hM&i zT3No67-P?Ljh9@cgzRQ-5)?0g>=+SOFYBQYud_TP=24oz-F;#IkhqMy)Futk${L$q z1hWHrGjU|IH5CEUfY3vwgDpw?%|%hg0BeLWF`$=Hj7>I8V-b>BS^;!4iYl`#Y1rj4 znkqL+q>R*1MSO&;X_>e4g0vXeDdjertD5)V(p#`}GA;V2uQ-LzRx4|b*_L$;--&5m z0fN2{w5Vm0-)_Y->HyN3hBQ53r|k*pDUklVZ!JL60n`()o!R<8N+8b`0T-z&!&Yt4 zgyJ@W`SsY1jf0yBPm8c^u`Qt%w5rGXWy!%RFjH;zVe9{wC;w|V`d_*{uxV$r6sAT* z$LNu-TT3*@cB-K&GWtAI00j0|TFpR9lC;&eE1-7Pq zW-b|&h82Uhue)yZ)uefLfJ-?|d;dNiu@9G$hi96Czj2=7(3asz6@LRch-2Q%aQTmJLO`Cn-`osTI70S~i`UwZI z$9>b=5U2;~!84Ck&(aX%y*?gIJZqc4Y`;!$8sz49sPhQtJLM9BIA}u6{NC~M+5n_z zj+z6`|HqUJ+27IoD`gGsy;qUg22RPq8($Y8t|wdLs4v$|px$$;-8CbXl50P-)^WXvcFMxb=DWXXIJMni>Fr7=U!pC6R zyc%dK1V^xb2^333o<@?5<||TXn@^VXQpRg#j+N??qMQ1F*!e`>;?3Suy8r)hwC@mE zJM4fHzbm1z164gtq@Bg=KQ8~Q8yIo(61*2Q^WTD-ugyKtJP(BfvuNYacLCao-R`z2 zA>^YWhb>g0W+K?5p?Nlp@?Uifx!36dnYEN)k<2st;MY+YI9F@4tiKLq?-+@p!FN1Q z6#-ebVpUArt^{Ec=p`Y}m7ZYepQMRDW%EMBu|m~BGvzT@7?Jy$W|Q3t-e~A06L{=K zJD6=J7!9$E%Jqr-mPBTFP;j|P0s-e6wc?(L`vg)an7uCq&G|W77|NfNE8UMA;GsAC ztkTN8W%)iN1}wqeHwaX@3#YPw>6_ z^K?v6_un7gr+FFv0Qf~tBLbN#?v5WO;l?e4$U(L89{SHc{GS3>m}Qdm@OUaJCMIWP z6*9wGD{l)NW+>WDqER5g{Ofu&q`<9I2T+h#%V%ALQ4@K~9(Q$% zj%<{@*ql2>t7i!M7J7%p32kt~=l-{^6+8z{#%W0@V)lIm0bXbhru*NXQlAF=Ia^Fo z$^tHhOJ1t0D-_A;gnt3TS~8N!Jdhbltgu>KwOyVsUg}s9Iu*ycky`Hn9FLp!#qrkf zwe?q@D1IVzq6T9ly~f6&1z^eYpO)HY|C1Neaox@38BFT#k~^(`Lg3@SjSeHwum1;Q z3JonwXg7aD*u0y23-k~BY06PNlz~haeQx{jYM3c=H|TVjT6ZiSGuU`ryWt~ z!$bNr4|l+x2aTZJy6wp6N>6bT?OCI$xjE(DA18j&R;faY^WU;{Z)h?ZU%UpkMM{+H zes0>BlBWx?g3<&4X_i8Cs3cu3BQFmzGz87%=q<*-3%ltb@6LTbVzn-81_4<3#JIm= z;en^$CB{?GvUtkJY0D|??wR($y*RP#_(XLlPi9Arc4XFTT}h2hP`#l#E2+U9zh?a14A$nK<;{!NM zRtP#$SaIWJHxrlW$@bMVyfw^1=D2lTe0qJXiJ1*R6VLQtjb$r7?CQi|ye$9X zWyLX@XA8aItU(qPdtjxddn+daOEQ=l#?v{}xCywjAO;PXf19=*aMa?1;6;X!*&b#p z^H**ZC8mXr>%l`zteiM4zf*oL35wKteT_(`c5MxhMptpKlwkenG+i^g!N)Aam}5G@ zf}-tJ<6G?NhZnQ*@<|-8?odO96Gdn2(ZFUU zfI*K_4Wteb-R9UfK3muiBbbieFl6DNHb^wAHb-~v_JNTDi}hzIod7|f0&$ne7u~vT zR7anMM9I+It(1&YK4Y)0*Y*{%s$CdJk}z6s4bS)h0>S=`SBV@lMZBgZ97l zFG>uH-MR*}2=APH|J&SE>W%6b913ONjfvcZ1jOlvBXZ9;Cw{#lDviT&mK_c6k@ID? z#9LF%Pwe~6{l~qMCST6DFIe}Qz2B!2nBoR+jfZ7T=CbF?tP>W~bD;Q|^bGLUUlf=H z>t`XbwyraPZDtcyjaOVN?dq;_uqs{Mk@)C~taqE)=bwdM-^PuMIop|T9+LBTRK^$t zq>dhjzXeFhA9zv?ah>@u3w)?rb}{zt>~Kt*I>=>r2*ie0Ga9fqA_>DiZF`8!gSMG( zbjgT$S1>RM|3B8=0w}I!3l|PSl3)pLL4rfD!Civ8y9IX$?hptJ!QC}D!QCMQ8Jytm z?(X()&bjB@bMMWo`s>xJnwp|uhVI?HdfE4_)#KsWcDF0FfSAw9}~!HseU@X;^Z(m-DA$e=~VRfyHa4Bz}9&GK2V~&LRUC0 z`4;-?GX&Pxe5uk1K(YGkbJ+}(*Axwwp6f}(oJ4+!0IQ`yxRMcMu-K;1P@_wZ&$;qO zM$LoWsVPRH!zjC~0_V{Xb>6X3-XZbS2rAT_O7udJvZ&$&;VmY|UYK+`cp+X4`oW+m zIllDQc&*9EL@L=x)MiMRyb|@zibc({KUt>bQlyEs`Jds!dvbS6f^yi%IZt%m>BGro z>|cuD#VO}d6Z6Wdgngi;cVKXEd-m)#hPaS`5{Jy+HFvl{vDd}djR__7Op1fv=e65P zSxNE{uK%vNn<2v9-VC$<+txl=`X59`1=1mtgykLR1a zF|V)1$z2vsi1%UGOuPe>Va?sBIOe%Z85OOvsb5)k;{9@~QnLolyq6}e+esj}B9!cr zM+6$qdZgiitc%57MAEg{%$}}1qtZ%~ASbw7#`9WgXQB9e(~CBdFEmROG*eoWe9=#3 zP-x)f&e#*qw>)G4#$HjfNV~!#c{Vvg2I%;F@)FUD-O+Kh#e*T4hrGorH8|sB8W8); z?O^A=BJDZlkKg=Z<3%!C)khTqVew?%dgnbxL@V4~Z=EacxP5D{FqthuZKxW0rFXpg zwYA;o1yWxo*&@aXmFJ1b_mIiTol<=&?tj&kvLY9r?%LhInrUh5Aj@q&=+3Uj3)0qj z-y^X6N4WHtZ2No$+7OU`lv5c5KXr?v1^?F4bOG(N4+R4dwto&5QmMXVTOfV!I}noi z!gMSl6}*AvX^ZK&7a`$o)BVj_wRrr1houRH=S0ra49B)J*1~L+54jM5E`qotbJ2@8 z94I*Vkz__H|B+tyakSEgym(eksx(A0H`$Gg=6jGI)P#@s0JpeoaQ0XXqhtaGam&EF zWw_8{;Us37$|k+wWPm;+CYh|Po2R&+B=R23ksL_Qrk3FgLCc7SLMYzv|ljVHo(b`xw9v<&yOwvS0WZ!DGgE!lzY%POVxxeLxXlaY*3FNkw7Tj-eY}Mq#tTK{{#{Ab2Dtz+drH8EdcF%V z_DGQ(rO1;jwHA3NW)%>=Fc_{~Ag(7ircUOUn3Ok{S#a>HK^s+&u*p1RHv90!=0AK+ zphiak@N7SRDyk}eD)Q5KO%Hk1*5&t>@o#186Cp&@51Xw1lLx0!xR9<$nSK887v{}f zFv&WdKSmqaV4w_v$rG39J80h9h9~;t=>ZpQfl0V|)ykyQj{WH34fTn~S$Egj56`E5 z8WFFw;1F2f+W4=QND(9o)n3|mgiOI^sj8E7k4_)2-;FjdC;vadi+s~)7y(l zPAdac;|zGA2yWh`;Z!(=g#(RK*?1FoCIho$B}b}f|5cMC4kG8E^0jt9%6=oMklj}^ zFe|xL+qs<`#OZy+sL`yJx)=)0v^}ZZd6x2Zb@UMPMag%rs#@|Kxx@GK2!b<9 zw$EYyesU%Dz8YyvxCHND7}J-W`uQ4~1w(gNG_#KgP2~0@-NRXJH4kY7L{8wkDBya+=;ZrV=NV#Wv;8$8)KV~=D#Ad zgdHY0S_|jRA+JrUbFJg^1j~lsyt;dZz-qo1zc6pGUA(EN<&>$B!ENhJ4D>D_>RbD} zE`xF7SP0ie(-$3P9BxK87DWy~K?oa#Re{Uob|-od*@hY`@{IL$Kxowi#QP~uG5 zH}o~iDYYBKS6!PyphN=fNNFCr;G9JIxPirg*Jh|u&SiQ=%cRp%WgM4ojCeoLhv{JN ze=T1fxRQta55JES5Rf8+fTZV8KyL~(m3JDieM8N1{xbrM6)Mx)_3cC$%5^f~U=7xF zHy{j6FPq(unxdUTB%FwV;~U|>;QN>3XGJ583mFaPOOY%GMFJS4(sS>hz5`ggSiio= z8Yx!2WI9cL!??p<57Wn8AeXm*of5m^w7?UABcGLd+FoWz_D zAykp8rjs++OaXrsG5B?cf50CK{5F{;Nsg(c;mjcuuY)bfS45c!csC=0_xSqg&e&hC zc^HU;Tkdirx)5qjPcbomHH3CDdy9N86SAwL7$XOx{X;uHgVKDe2|y@{%^Q9aC4}EL zR#8H21DD&(kov@VjfO>`W*Ht`Xj;$m^U?Bsqm>;04njxUFVhl}4$fTXtBSuA37Hen zO+{5g*ORxs`pSUE9!s~KB67M>6|36PQMUa_2cGuf#8RD}qSi0X(;BN-J6RfV`i7@K z()j|O0kiMJ0^9eAVF`eGAPI>;y4GVDD>Pe+nX0duIEo7S^7oX})5``qXHyB5RHoTq zujpH8iav~w;D478`1XdIjz{JiR%nR(4_^P*(Vsti?%OMKU=i3>#LK1u#adD~-Nt9V zdckX}pk~Xa7*=@NHs=9q5xe=MLCs>dhE0J0VngDj0$MWHbB5)<5)erT3Il|L<1i%# zcOh=q(iEn;znec6i+g)`;F;5L?8t76toiCcJAeM0&-~<* zVgJ@AQz8c7h1TobB5v@ezz>bNgRu+imHVtt1mDJX@ zYo8Z|ei+Ov z{YV+!)x5Q|yP|I9V67PdiwsFvR%4R7eqy_?31vmC9Nq=_Bh(MGI;C9E6=moOMWTCmA_k(7}+bL7%hFPQjyMGSPsGM8oLr)AhIYhM5ZM>YC?CUZE_=d? z$3y&ZtuL#u*-+Da)7J77(K^-ZH(po@bCg5npH^&=H9!n z*qx{;)F7z>7ZW_3V)fa%oVjDaY)+juZE@D1wlmQsT^r$UiUg@iKkCmk~J)@w-ISi*9a&0a&d4k8`#-k zI4W0rM*iIyGWNZ3=5i--F_7uhZr6)c_HMtjW{?v}7SGZ$sO(DzQS4ihU;p*o zpZQN=URoxZ%*XKvBYr5Vch?C2(WOBJ|F6M*NJ2fwqmTC&sK+8Ivo+wpv=pb)8UTy_ z+@{OYo^?0ea7*ua^khs)_W4Eq*T4L={2YcA{{c4N`6dmHexiyvEc!=RRMuaUZ$c+3 zJGN8Dj&TS6HCvan@d+a*3#*;%V3q%{6p8^)lEJrlZy@Lylx)cE`(H!HsNp+^*$ zVHkI@=tqNMbl87w+)~anpV0WepBZxqZ>H)%$Q8mpca*(grTEcC$GMO+6_kIin$HCa zQJGnKwPlYKH6^ZVzT(!;*AY|_GnTh{?ruNlPir&K)cf0Ya{yyJz{ zuzd$nM^a(lxeDIY-ScP99v`7ZR&W1mmbaJs!UcVNwo{gK`&F}qs8Dtg@$*bywFg!h zfj2O)mS2g3x&vTgv!~=NKX%HLf3*1w?>q8T%pj}*zio9oe@R!#l`Otu+zpntJ2;I< zt!Jw3KTON%U-q=&Z=t5lg@J)_(LvgUhv|Y&)P)v6@`+&jyobcUz?XK3!Cg5kbMxx! zv+r7n>|xK;3*j&N?NNz*o^h$3iM6|0>3!y=yT2(CLv^uU1K2S0a2Ez0vJVQ!mgd1EITS7<8&{Kqav|U3lp${PcpV<=mNC^Ls z4aMrib>Wc3WyQ2B0?wl7XR!3TraiCiIxrJ3@Ut>sddhzfDwgpR)^hN3pg8fVz#7tzpmYx^_s2Aiewkl{q!2EsJ%oRr*ok_*hn(N zsaVcZZMJ7up!Jp)>Pvw2`OU+L+iC%;<;kf}(VmA@wm(d~YEX)^_^VIzk`hG@2YF8q z=%*&l-kV6loJ7x>!?j@^yDet;n9som~Q>x5UI zL4@WQOoJyc<0tWCtMyI?DlF$bY~TkE(S5H=J7QErQk-8s4gInx#`=$;W3oG}e>3#b z7~0cTNR7$P4wsb|#W-V>m$&7Y>O4r|FqdIk6KIGMJ|6BYI>OTikPvFt4i^o}-R(i9 z@v~6S_hbTDGjyfr7&7A0);|j*M@DYT_&6PXWW6{TIIEnXWUkgl|Z} z_l31Lor-yYzcmThx>T&BW41J%O2J*XRr>F90Gx~?C@4M_9U9r4KUXBSNq_CA!DVl_ zt3fZz_>Kytcl%~JZ6-^X&6MRdkE1rPSHqPgFHul}#?>PmyxPG^ zla;u;2i<*;9TuvHTh6L*fWrCirHcDDjc#O!U_d49ed7DQk}vh)D`5ysmW+(2k;w=` zqV)sCD>n?fee$zxu!UpBP&%wU(^!{1kke}NLRBPY*>)2MnI~_$bT$k=LYC)?(>EA6 zpWPgNV=jWMQxf+0W6PfTsUF)w1s{B$dcSTpAMBZ6=MV`-LQ1wHRh5bTpVRsoCWvAw z2StCo<4+k;>UrPfxx9FOr$%#ER!#7+!)o?;Z*<^IfzCp5->wZohhLy~V&R!>FeZx2 z@inGtF(RJ*wKmQRRM?T*sPAf(tgxud1~KpHO2LyGRm?Kyn~jHrKU*J-4f^NLQLwkX zaBjC(vg*#m_6aU^>>VAYJeyv9S3x??$7(mZ>b7#@4o9GnIlv!%mL)o_O7Fp=n|7#T zJZ$A`4e1J1sT53_u~MCSE1|Htf75(@gHxwuJE)YaxLecuj)i5&AffGxxxvO+ZbQlA zkAbV>JW|iO^(Hlssvq?S;k-3?k8Ix}S$9La^u3zTPQ0X2Yasb2S5=M31gUqB!09sA z!&Rv!ZhExF%MAh8pl|YDh(d5s!laCt2R%UeliKpIufqe&&gvd@U!=LS;4j{%d}$ZO z?^S})U`6Q4z9s%ukeUb1KF*}CWLSkYLD$f5<3)`=t?p551m{_c%)bq5n^Z0jiBF3x zo%MbYWJM;h!}USheUW*Hp;u=jGa_#Bk2ixGmY2K(*X!6JRO^oJ;DtaIrPWsKpI9vC(bt2bJAR;&a` zkwFMUuRANF=elgwOByX0xsQmRj6-Mukqcn6{!7F2KVMJ$oQ_M6nXNMz4G#6!`cvA9 zEod-3mON~2LWt=f+dn|_5Tk$>8<5hyZTstBQK?Q(E09eyGL^HtMdn|<;`kc=`hr0l z9+wrLOUPhGDbMGV@q1Sv{Ll9Rv=lt=U1+=@p;g-*JIO8KsNO+9x^l)pE>0ZlDO18ODFE(*nPK|lQFeTNv!O zL%<4r#@VxF)5r0nd*b2)lS5jq))_&heUM1Bu7OT%!K0Z`P_HSo+cRWB`wY)gA^d_$ z6GxUye>BmG76Xc$Ow~)drt2bi+FrYP+Gu@$@+YZ6YK8w_ks_7Td+B24r(vgnHBR{e3yS??YYA`ItP*L6(6|_NRlE*2 ze(I3z!L|IaGF!(CWK54wxiUV+W3=jV`B|JDp9%^Q-);}3$XKld*LTe2!-wUqt>o&> zmf6LgdLJZbi7mJuzB$0V%p1;mNV(TSINMhgY~~(TgSKT#kIeH!j^} z#a9=NFrJooWwV2(-i+zSEuA@4(N%`tMSL%omwm2oW?>MUT?;ML#BDBa8)RN8Pz`Pr zu;8KXMnT~D;$+(fihgIpC1<`0e{EgiP1L=s7?nfeYm>)v5>@{u7CdapBY!ZTSCq$PqU7lt~_&YvGI_knhp z#6&;#yMP2mYf^@}UoLuMtFBpwjH#v0z^+D5&JWWGv%JX?MvMoWH@OZ$_!04__=(c`S(3Wi)Q^lt2xh2+_xB?15QPOL%Cm@03ECnB?7HlnegW%@50zU2^*3Y=0 z+V5md&YhOsdd!zf|19BgP2gNGSJMWugyD}=e}L4e%v zb|Tev#&FkLIY9?2a4#?%iGLKWKYPf+MyAUK&u(}lnh)rTn3yzW-B20n)V5;`Hn_PsOZ3 z*$^*>y=7bmiEsN)kG-l zRx`ySC$<<#--5F9qIm2{ef9Sn(6h5$a?vVh2f1tJ4QwWXtF>&M5YFmz!Ct)L!N%MH z)7=dxNsH$?EL|S`U}*s+(Su0J{BMHhyR(fBnwyM+GRF8J<<0l#?Hi%5nLxH~Nvzsl zTIidR&m}J`>oa6C!^SB4%dUlUhB>oGGQ_LIR!8T|I!IS?M~wnGM~wF;kMp%hnR+`C zbj5Y&oF8h114*s?7R;&nYLc^QI>i7fsC=)-DOXC=l?&;Uuj7&tf;*Qna24xMww|5E;`WcFE9 zecu&oC+RTT_zJ?NKDVMcA5y!>Oei6SPot7XeP&R$8`tKE5Wae)gI-ENB#9Mb8mx4Y zqTW=D!+fyYMz4@_UNJ=E#D_QHjt4$O^GfQ$)t&f1U%ki3- z*s?>6*#O}`IuGb&367V_8n#UpcH>izla^i$GwOkb$JL;}Cn$@bT&3X%r%#~2vMJ`Ir zhFJvg!e--Dg_Zp5w55!Cf-DhR-oxV0!U$e`1NDBM4PV{VwJ(!OlpimI%Q*KB#P*bA zU$__ZT;%lI>W&gkmujE8WCWRrFqdp?o5A4Rcjwg(QJD2sfwE_cl)Iz`(9DKI987r{ z{g;Z>2VZh*tBy3V@Ej&AaET2*79uv)z^A$VYES{|Daz(lX&#$#e<;#?S>M3wl9&~) zg*EPj;z(+*`lCE9m$+i}hd(Jg9f%OALG0 zwQnMI_Y-cI?HkFZGnxD9@(HcKaBvK)NgzW!vu`Iai??I-D$VS1`-iz;Z=+5T+&fn9 zoi#9=dK4zJJE_n07w~D(u&_c@b>h2Vr|m9OiLfknKH9nDaZ z_pb|i!vpkoiXNy594%Z$nx{NlT1cYG?X2i>^F2Ml7tXo7fDATs)8eY?tgwPR%FHG@ z-PJ3k7{EBrI|`!_W|rne3eMWeR}y}{$7jO)8xN5>-g=R z1KLw6psN^;Ao71g^$32BKcW&>2|g>)_O1#AveKgq|HmHOr~Xo(+XUxtbFrB`h4&5Y z&y~lU87+AqPq4w^4u|0eXL=9Jc(8mAF@AnRv9AjwqGGpyc)s2{nX(tQMpMiJd^p?b zobgXGd8Qp*by?ISG4=M_7g(##p_=`{(1XwijjFFdWF=>IM}f8H+WmNTIFL78Mn&x(w}(UG4na4b z`Wi_B4vR?|hjxT7n@Zpp0>8-5PenAOB+ap!`l@cPY;&1L4V$i*X-Yo78OD2kkY|b5 zOaW_PgQSW=0hPeYh2Q%4CfpgzXuHZNIj*aa$0KD}dRLh_q&}tp)D!RpyJRGk<+Ho+07kvfknTZ{8$=-~ZiGURSVxY5Zxnp20iS6L=flt63IH zUL6O_K`u79nS0bu6r%^h}pu&R{1{V|Ui6dPx6+?7tcHZ{N>wS}Qd3%235lD6B zV1ZYv^X9rbdw6vvG6mIsKj<)y#P9 zkldyI(Jx2)x3(LSH!kfPT4F+S@>IiX zW<5S`o4SG2H^@$B3166l;&~@0e$@B+iHmi&oh2Te>7G2lj|{*ip{9OWs6y6w;T%~5 zsI6IYlk{{CH}u;1`uXvkd8ZO&nUf#0=S;6F*BYHn9Yshdie&|6S>-vuZ~44xJep|o z9;n?msMI^Xj}n?=Hw=dG*tELBxt%*CsTa@QgR?|aQKX$F+p_HGWjo417s_UGY;X8H z(F5cZ*F>G1cpEOoM~2_Ql33R4bqkk5$tc>)$|^gqeFYUo%190d2bWzxY+BAaIKvwb zVTem(ZY75HZw;PLtKblcqMbNORHn_(QFX3?I}8ID4NlIuXKL(3oqJdUEelXFGl;!T zh6}V`8W%d~>E~DNqHp?I{-Hl0v3l1Y0-gMe3? zf1kS1l`od9&l(^3YL1NI1I*o+OZm~cT^f+D zTx%-K*JMK+NaoPpxo9qdyU|uvWQ%zj6oMGAP`Mr-3yF;1Tr?fQfK&{&{bG7a0P`W=>UX6VgtVqe zAl&RG?#*X9iIs#t)Z^-nb zUOE^O@MK$A^3K*n$C|5g9M{h-Yp!{9s=G3SsW~rA9&X0+NQ<+*w=ZU@bVIYVwNz7W zKeAe8AGE^;fJ_dcJY74E8n81)AmWiqW>Jg-T6;xb>YHmJ`cr!g$pHtGMPDIYA>IYVF+8T%K@9^eiNA=Ow0@ zYKmUv{t&m8hiBAW?k)Bhg%sZVhRg^;wA`HK;_F0HHNH28+=O4qky00-K>9bK++pX* zcJfmXw6)=~Z6=FGB)Xoo1NP1Nx~NVMv3cp9ZSO%_BRy8xFS>{ES&C;KmwWd7 z7n3Lk5>_K@r#*<=mXav{HQX_YmG3d>i>A_9s8DUfRSBi*gx&o9Q|!=h8~GLZ8BS0)W_WdEpnd1#&Z;!`PCo@C zY<(%Jk4^v4>)dHkX|IOKQSbIwn4V&z3gyIuQ%&%`>f+n>GEMkJynFy!m=eMd^Ee}{ z!{MX9l;SgS#)rqts^bJ%W=pwIBiS!F9<-rlFHBDsV0`s{&2?5SvoBa?Cmq&V78(4n zXb~)VrgK8}8qetCi+D85M6C2uM9jMtS1lU9jvgK={n@jPUZ$B#E1EBK-~ zRsLNCBxH|;OA zO}ZY3GJDji3W2xMXSM7KyH(7qWttKHlIm^zu}LDYW(7;OvTLjVfD?Pa`I;FKPd%^x z(CFgoqjEO^`VGGX9+NbJkUYZB zjwx|7PS`1D!j4R3grO?+je2}ZhmSLR4m9eKtBiqb4cRDo6N@<21}(Z$$$_JzWB1cD zrV$qU);bPeFUdo~g!+tu6q}ZAB?wFPwd4f&SJ?W2r|QBzrJ^uOjsRi+8A8!*9iSq3 zP7HB%Jcq7t+rp{WwU{tM6=re0cK>x z@Wd5Oup?X7N?!DzejMHZ!H;`#6mVC_mCa)cP(bYC8jQ5DAJ0Rk?CZgJ{*PR9@O#pYjE z68+a!53trc2Zjzf(I@k42N*0v?5|_QLK!fo^qcYtFI}h??%4~cw%&*nUJOCKAnhe5 zo-;cMd_~&&V4;h9I+dt?tzn~Q-iibA4tgI2Cp}UROQm>R<>vFUbcGcw*urFUriXjc zGdySIUbezPDO~9C$|91-la!M}LU^W|(@hbGd~XS>Z6eGS3&GA-@Vk?`lg(xIahse^ zNMdiL7l-q2&fyW!lS2%7yWY{~I#O01aoQTBDLU4fEsDDvIN)W*XUto#noOuag4mi9 z_MT-HQTg$#^6_dBTB!^tb%FS~b9hNO@8sAoS=QZaPtKM6drpdyw7 z+hNnTqrgF5pOTq(03WKtM3=zrwbaDzbbl&NXdk_bYqwexIZ?q(i2~K)NsI}Hy99bk zb3apO@+AJT2r4D)^C$Ez#y4aN_P;SuKq{_Y{9!l@@2l{U@cJaKb%oD&-l;X8So#HU zJ#IGa5t7K`SDQEJCK0kH-`UWYO-Z z<8+&oEJX;Xnu7#8cri%X3_dUbMh5>6@Kz@EhMn;@(~e>M6ExiZGk(7|5$+o$Il3#t zdzAgT9b0{~GYus^DW^9k9dnw5w(UD^hrBH;U?FG(-!GO!i&u^ZhYw#k> zZ>0CX97{EU=dt1Z0stzHvV<1Rzy9t|a9^G)J?4M>j*OpwAj+SPMx9#NEPpmU_c`X@ znB+c&N45_A&!8#c<*zbO+mc?-tC;iF zTTgBRq~s{c&$NF}PzDwd!#rP3$Qd+njP5?7u>Xf4PDjbmTV<+>%`zawqs08mOArpg zSnTir{`y@MpnqGnFlBl#fzhwhK%)Pog0MRRzf9r0z|c2*`nt&f`>*rEGFkro`5Xlw z-!CP_gOp+uGl-j&6}znsirtAO@7Hco(OX~&=&ggNn1;k4jzzoC2rs>_;Yd|umA?Pj z?H{ecG98zmQ#w~3m;2~1FRvb(PN{wU_h)|4zfxlOBg7nT)s;3hEu<+>y^N&Fib$omY?W)z<_6C-T{v+(VOtO9I`Hzt28*U!4B`9Hv+?UCU+@zx!H zqMzUISwH zP>H#2N6yPCM3mHyTv&&R@Ax)9s;zH#iC&&tC>kwelgbnEPdHb}FM3jg->fgHUcS zj1rR@!m=`bKdJ0erg*urfAEEV=UJ?q?wg|J?C@pRm>>q%ClfJwZS^|I^ZdI}rL1Jw zj0BZh&KUg5ql4iSrML=ajBQl3ed~z0gE0w1zs8cf1ppQ!`7n>C<=b!Ugp^#dmKd2B zu2t=*>=5Jpwm(Fo0hz*LDuxWpbufxIJrODV@63EJ1+W6^_Vahf6HhBJwEa7g`_wLy z@EW@cr_W1j^WMFOsZUw?!0(gNBFRhRsV7^@rGa(^5nUWL6S4f$KPa0ct5yP;Z3ukHdY-*T_b)#m8k^Pe>nBVLAl<^KqEXbd2wh>e@< z9ps5TWVrK#=UT0zX;SSJx+cpZ8*NuhWEN+gz}2EI2jdPNm-fiWgpNc?EH=|L*wF{U z{CQ4ko;@Va&E(>EoUi9ld;*NKm(?<%0k(G#R-W+cL4d;X`fK%>{4HlA>@+XtUSTTn zL|L92QeqmZL@>fCgPsPi*8|H70K+E|>f3T zGaa8aNdXb{3kcF@B(UTtZ6e zK+OybH!S1M#wWyc~Zk(NWJHX z9+nwuQ&%qB01a)W=x=R$B>5a;tn7NF(7<$-9R7UQUk~8tob5G3A)gbpu(umu4LCAf zmy?$m^>zantk2zluuBbctH0}A)SeswhZa^Oe3_;{XkROE*K$7FLJ4@iz@eDl2e%;_ zi$iKG`wynTdqzgcILd2F6b3}Rz}`AbIYy_0!BP6fWES`ljYxZSED(#1d+*K3&4Q@n zF_3)+*wy)$j-X6Um68F0)<{V8yNat~wJNLidXoE=FUVRf%s2sI?4j>mw>@dvpaN4~ zDfzsMCj8nVJ?Y-E$JcD(%Sx!PtR($CsHCUYiTA{n8h=va990)FeGg416I%%EUCZZ%WVD58uHh`U?GIXEW%8;>u%j)Ec$(qaNsF*GZL9j92(j?Q* zx8CP}E0>!rG?OyRi``l>)QL3dx7-sjFA_IrX@bvt#f%W0=9H_}uVO5h3!fC-o$rgn zb2*RcqiKDl)gEQ1ex#0h;7W?2da2SihbD7B;6(y0%Y7JfG22u`y`um8tmOl3BN>qv zQmv;eOEFjD5QWIvBbd~px#*UafF*{tfBiq01Br*rpufDl&yRqbU*)rqr!!dr6ztEA z-znG(@IYpG_{Z%Lp? zSvothx_09)O{yP}M8i23Lz0n_Ww8i5q0yX{uhnUP?XI}+Y=lr;uB1A@UhW&3HC^30 zr4QfE#}Rz-KHgbqRYVyGprzYu^wz%{dYT<&%p`C$7w~#*HVf9-%%zK*U?8a^n*X3Khgj;lcTR5@4($+}KV4h&F1x#%) zlLY#x-$1^uDq!@@ow0fiD~y7|DQIbjf&2Vx-nV5Cl;cXVopcFxehb7yOM%Y&yGdh) zY*bJa{0KPXjKxk1zU69Rd!qSKAF;t1Xm_`0UkydMF(z7Czo~b5-JqN7r|o{ipuAn5 zVe8VlWN0~+5)6R|uWUf2fn%=KU8VlAx=Vyl?h}MFW>)=biog8R@v#e#1np24`1=F# zFw|vwOy+0E9;Zf{RUGf(UmzQQldN^5u2z2bFf*)9-&yU+RxgEGu;u1OV?Ke{2_WnM z)B3wb{oo;Lu<)to?&)%^b^E67+ffJrDJ(6~s%0W(3IN%O0-S-fbJl&;Re)5{@0QDP zb6FU87*D#=^-lAQWqNTV{Csn3wP5sOsebzQto(R&zgEL+Rdj<`o|Ps?_6LI{=Oev* zGF>Sje&_;4KcYcZ&rt4ajw?>x!3hI5+qAi9kw#vonFzaL7Ofi#+zG1pAXlR4BBz>g zaYsWYe#pbxY5X_``xE{i^8vu$CULawHs-IZs54?A&@7v__aAAVhn^a>()$v*0xh?ERD2(J?IY&zB>Czp{OMIoN` z`fi?;87g+Tu1g)MnMZSrDLOd-xSu*qddzu#p0O>M5KSCvPC zdDAByXFLhFGi}63cm|&4RHM0$yJ8)ka3m7@MrZ&p_;?j}r*9-r=uixV$BI9s{pJ3) z@>66`hwI_KikQTpa37QR_+==eGwuP-{EzmsZ95$rUX7)c$vxm4-g5#eL@;7WC_)3I zfLRrp*}Op^Z)+s=ShN7;4S*A)n|;evU0c7pSXV~DSoT_`ho)7JEGAY}_*E{=VCWt3 zvv;+3%vC*+vwDn|Tr>s+4HM2I@8Xgn8RTEhv}32VQ{sSuLM;DIbzw~^_F}-j+;n~< zRYDpOZ#vm%6F#qicpJE6j97l(c{S`H!W3xL8NYM9vS2w?bPd3c(qdlC`Zmzzq2vnp-=!_frIZj00n`NO}h z^ZTdZ$(*Bi(eTN9fBvoco-0GyIPACZPs8dYAydwg-Ki!hR81?6&-~~&uuV&Rv=)-P z<=`|-Pa@e@R$nH{z2Kb}s~TlGq95z_t<;XUJcb$yWND~)VNd6bi&^0<)kaJn7y}R& zk9V;Km7E80FJ-6u))cB=3|?ptvLt0*WZ=xSUOC9?mvld{Md?T=L}AeQR5+J$#^BU zc&yHRF+u*ihI&7@Ue0lhC3(qQ)I{=F2QgX#uC6gF01)kciY(7HB3Y6(eEB zb~L!!O9QCVQz07wa(7PT^e;}I-`wRQ#sTujKZ}e=@Mro)GXa{tFrJ{X2>0LgeD><6 z@KNJo-OJ%AeB}LII7G%^+3{8VM4Jl+7Iq1`I(*>suEkCc10E|1iolhvxI1%x=}!_R zj{?8r3UR~IDFL4 zo#!o$=-knI7C^xMI8C&16LLMNACF5#R`5c!Z+R`4gp~BzsBzxvCE?2PK_*RVjpgWw zOLaiF{bAubHEx%d%*OSTM+5K(zf-1tq;X?W$wQ3EPu|LZW_ia;pqD#lzXAG(vC)0f zLz8YXjnhxY=IFP2$VZQ4E3w zrY`g*gmW0p7{{X09*`<##=^-OSTA^lr6=WPNrTVqMduS{dHzDZD;tqFS|s(Srq=a~ zh92Gge|~#j$7(awNuS=i3-m*z+wY{v`~>+@P+TzMXD@0gCj$LTAd~mLz&!um znf%)i(vgHw-%H%nN%8R&ewmg5YkuwVXwPchzy*75{$gj$&_~!LdURmVF0wn0S`Ui) zgj#oB9o=_YF_Q=^QF!pGZmH=F%{|$R*9#av^6hgdB00w%&fE#UvaLN`hOsL)0E2g` zjtmQ7vn&5=*&8M}g6O}~2cV~IXkuU2Gk@BKm;Z-tczJsZNduP~;MT>pSxzzA5QL@2 zJN=pjK>M~T9QX3mA&0xelbwX4kAi-xwk@HwwCy5rH>Ls>4jl9<;nycA&@M)UUNGOQ zteV}r40;Wu9pG#ESaZHj=HQ+2+{rh>ViL1MlG}-I(_;6kS}PTn zCmllj>5g!H{aQYaQ#`W7&lt8z{;!d5EBHD^e8;=whayex#0GQIi@BqeIz3D)XwGn$O~U*m?$rhV3%`l@F; z9ooZ*k(kZ2`->drx)&;f$E-swP}%G!fO}3vt@KZkWUFTpd0YwD2xKexM|c%ks7 z$Rm<|qchV{a;Q5ca#i7|^HPT7n{_e2m_v6QzN>@*|L2)CAz~{JU;ud%6am^Kxb66Z z+1O>G+e5$iL#92x>_Ehc?@8_u5H8&o3FFuvSn&|9<@pFiEHTEZHv2}hasKAvXwxJR zN+(y`eaRb+?E>b0S5>RKtf2m^F#VfDz0D@B>ep?(EF75aA_vu#$RmT4`WadU7j&qC zvJ&|>Ryp+&Unp*&#H%FJ`*^Yv_v{i+t>MUdVoM-bTH6Jl7I|rg;W*P4A`>5Xhm=tq z^`*~3cOU>2r$nO7$>|U#2kJcI`%}d9dd}?rUS4<$h9Hj8I&f~F5drt?7ekZlv~?3te~h{0TBTuRYX8aMLHD$6#*3m zl^8-mx*G-&X(>Sg>F$!w0V(P3X6PPj7-pDxuc6c}`?>Gu`M&!&-th1bhnaP)IAg6d ze(Su*;6fSo?@)07+IstxrgfG?dXFnUg^VKnSt|Lv0MHu;eMP8(**W#qO@9H)#okF* z@6*+d6?voe>E1JQok>p9C3@qXW<^k@Z?dQ2Yt#j5uwl*pe3Sy8i{?)K~dP-NZJ~gT5TS*{WiH zTo=k|)0a^?GM0(RwP5Cw@LDP^Cn#poyz~XvhOqA(gxRa2g1wWSwYl}l#g!+=uT|Fq=ulH$-XH_lTT)l)2EX4K?a85+ zUSfN8yQ{4V5J+sr4w zQKCyW8xxW6vezZyjRQfg`6$&-OI}qvI3Ld~U;nfs**4iIi{w&F-Y`55NdQ@;)n^R9M@c@?T8>YU7S(e>ZE#~f{&hlHOhTBu`uB^A7%)%gjEUq`o>+oR*qjUYcS-w~C> zLL&*$#(eh1yS^xtU@oXiV@xgXxm;Xh3o+8o3(Y3fAEk_+gkuD}Zc+=?x|2uXB^=d$ zOTKJ?-?M)MJK7l~FQPz`M#v$I{}{L9$j|?gNZ^`dwin|U+&Msh72L0I22H!KJ55>} z3nXH@VGtq*s0Z$HA7)A;`T4p1UW8x1!Cs5@jvyT!nczPSd+nYYr6NOm1$qJ1_+fuC z8QO21JwKf?yL)Z_v0vu!=_M|357`{w|Es=S3ZKk(QF6{tFHyGU=t=3_`5Ip508+49 ze4nQ%=)3fXW;(=@`Sfugo%sgHR_qMLoHuSZ6u>K7l)Do+8uSgurG8{g)JM<~2-}evG;9z>OMGq3}=$LS|RDLLLH>h(t@pqPaQO z#edVdj<*;s;26qu_A)E4BM-FInlEk{4QMPhe|?}H=ol;}Alx0|vPsO|ZpG~L=?76G z<~aaTROxH87cHcGegxyVt-Be^gk+-%^5fZE_}e$YtuV8);nP1J`gsCJu>+u7qSc(~ zYSi%`RcEi>jUOqtYGM=Ir`rgKJY#hVnYd|l(hLeJ9JMwSIHaqD{C%d54U)}07wcKB zS2ThQD9ER=>~w@q1(X|IB8WmCDiaZSb+2%Noq0Zv6SxMZU3(q`lpaVqUIW_#mW7|z(g3i0mB!2K;%CYLjvE)-n@)$mTb%^7c3+j=+H372DLOpuXPoEC z*AM9`Vr+l&aJK-Z$Xx`))1qqI*hH@&cc-JxJb+@G@U3NJ#d_rL909gl9jxkS2KP1S z^Ci>C*aElIzmihcKn;u!CL#mu9-E3I77qKH>#y^;q4U1*i!CE)JPHB6j;6jlxEY|IPpv?BNLSa>@andPw*{%wE#Xzx9KuP@ zxTSsRE?p{Hef2`_(hchGDDsoqC*Ox0eQj`L1q~}s9|;2BI?_MjI?ppS!w%vK{^CC! z;}Dl)w!WmELK7N>(By>P|k_(j=S>fK^1tr>|O+LIOgb|4Sd4y0rujeqq8 zYnWb>+<4xH{lNKTLwql>^vN3ld(`Dk#%@)DwToYbweBMP)P6>L0I~oS#(97U1JrDo zee&c6FrCb1FO~x=LkQ66<5TpaWfHWNx10|Op&UeO=zg)l!eFD(1i+nJszfb><>t`+ zj#QFqJGCJ#51@Pbo*vhI!>Q~ZU{{>NBb1QZDb3<|P?}}m+{Wg_8!}FvK79`WmKhtb z_=beYGpzLVC?7jliI7=bqTO{v0P$$3_zyqOQ{cV+&+ZcUwKRI(fml z(O}NRaDkTxpasZxQ$v?P$(OHI##elLHPu}5#bM_9H?caP@WM^o z2m{a5r@@vyi>}U+JWBjhq5CHHd#uU*(shLwA6svPyCj4jz|`>kimB1)DPFsKTEWH) z-*d|m;bPQW!Y7a+e(%_5I#sCIAdo`D=6}8C_!Id7o?1e>3arY+L9Z|0x^g67?WE}a z47i?EyZ{jAnKx2n+Bd?FasialC*}Wo2P*(=S%(M!7RvvzJ-=Lq1ISzB@Q>~+XMh80o|^_AfVTR?%Fqm#QB$jk%878Z@ATp?!3hGaYi zRO&U4gjZ+y3K+f$zvyJWe%IG`u?$qio?#ZuPUW8*O?*Pr;zO4>g}ro@lfc-MJbi{z zq#zLzt{Exjd3LQh|N6V}Hsa={-&iAx~Pia@W^c^XE za3q}K6Nk?GsP^901dz~~8SO9tLax$2dHc0G&j)#h@XOlGVFcP~Ud6Vdcv9S^Z)lvf zJMXTcKBwQWj;siqfhu@PQ~JO6C`g^ZXev8*Kl=?)WKADZ`dTUGGEo5rW@}y$Si`#5 z6MiPR^7Vo5V{%1s= z@Nq8P_XwZ}PUd{gRZk4$OfV3!fwHbMy$WKO{JNPHZD}|L0^oHu&lTgP7`oCIW16cv zwA#28Xr>rt#=|o0$AaR&XgS`!?j1iK1y={qrc00PykXEU$;oQK<%-8SNmClvFw}L` z%f9^?8hWEP^8bm&n^~u-#-fj>uEV0e7pgImZ(+G-V5j^*VdfADNAk{)V&adK`3VN+-ihF3OeR~_pY?z=R*SIvyIFu4 z!a~na6zUIEXw-jA3S2YY!5f_*;5i#pxR~1JDPSqLgE$Iry<;sVs8Q_W)olO0`c9|V z!-_43X&ccCz%4`vVQHQVjkC0fT_}4}5y&yrtVWDT3-; z@E?O>+h>ofV!`(PK8AMsA5_rH4}i-w8pb~|ZW$uLmP@6r3%!B`eCvR#9d_*xc8O-VtXVWwhKc77ySf7THk{q;n^MzL(&(C5%=b{U2Y00bV7L} zqwCI`%Zdl;P$>p{S|~#dcE7x0l2-VYce2>DuvEOQbfG86Au#Y#M=EjL+_`hcExAzb z@$m#H>GN4CY8@mSi2VX25_A))w@c^Sk}RQ}>>p(G%taHYV>2Gp%UEex3EnJfsA45E zp&6pY1gNY|`vHIwr8uvZ&E<&;Kmvs`lps05eWT=D&Z$hGFh{*1jqMkwOuwhC$ufpqD1lNTLtcd}UL5oR!x?8PHtanAQb6*w6#@>xt>ejynP z#Gg~Oc*s6uQElB}#@^~d&rUJn4S*?u;F!3MTkj<(v;29NNl$?(4O2bC#I&%;{({KO z&1B}v>SGBB>9%^h-|e15ahB`HEG5<&I;PrS--4xB?#DbC>~rY*{_%dWN&g9G_j*D8 z=$9M(h>ZRt{T3|_^3}YOjoa5hUc1Rdg9S4k4_8-h2Ezx`6%uLK+w_2Z7-L*VEUsTB z2IS&(LEB#A#_I+11*0$WT-Vz*wlJb~KGd->3&6%d0zGxWaeQFA*A-SH=E4H$EgXr( z!F^uNp6amxka{nMI0ArE5>&FLp|mdwZxdyO>qKS_+bv1ia$^iL0fawIU-ZNb(S6DK zigjF0kuzVc>z0FnY6GmLH%3c&y9G(upDOPGmP!{w;RK_lM)u^AYw`Rt z!-5gP+dh5r_qaK2z{EF}jrY96!}^4n=a54)ggXxZhFf8f@wW>$ z>+86Io6GvqZs_d#s%T<1DR*|=Gpm;##uiv(VlS9J_Pso*dVyG#8F*t<<#$UJ?enbj zW4EV2qd$7`(Z}3jXbp zE%{~=UEuky7dF4eM@Y6VaW`#+KW&l9eTF#tY-(FzY}}L@0D96x-48#GPm##(eov$X zs5{d1hWdRf-|AY)wh)F5aLqKfPv{3S(Cdg1FiacYq!b><*(-rP`l>p=45^D z8xz^{1e6VT1N7&f)g>H3$kHPkC@#1}7lVb>Gp3Jpx??ZVRfRUy>Gm|(Oo2X7 zKnsuVTey;|SiHF`Zp`g7!HG~>qxSXZ{2DsN9RVfs zx!cb=p|7SeblT9-_4sJB+1smCzrw8Ar*95h+^PWri*eE)Dn0G^!847Xb=;no282 zZ@W=1j@E+r~bjh?k_P~cGT zJ%n|j5Ix?MS@su>HY=?QoH`IM@r5s8PcFE41L75MbrxYDYco)p$Uw>Xwfmt*+9}>T z9pp-q&vzOVUprO2;ZISXIK66O?lDJnt%q)wkbOW5MR}c2l0PoZ|3-2`eE{^dLZiY0 zmL_2TK@b2@5)(E*YJb87AdRJlH|*QnmM2k<^pxFvpJzOJ+&%oXyX2aq10iZt551@VzwhAXJPj36p zgGXZxCnR1hW;P$dcuZ`G7 z1Y=4_iVCfBi;zyL&G7dZ_s; zqgr}r$t>0(3QjHs8EXK^^JQa*qic#u+aUaJ6-hq$mgrrT4CQi`46pyTj5=?zCUr;F zSl=bSRoZLiUQOctNJO~$#pl-H)HmT*j|a!RWlHe}R3rEs!&k3;XE)+1*5`Rox|DMk zsA0*-1{}gKWZi#B(wzftpK&uI(n5!#Ck{nA(Zr=c7_VC)skMfX_pYkPi)4mKM7=V|tdJCwJQ}-IgL9D&%SyP=&ctw-Rsuu-he^dv-?x%4seQ=Hb z4bw#PPo(ax(zA$I01(Be5JQ-y(!L$F-ji8j!e0=d0bE<1H)Kp{j+zCkYrP)+WUftY z)k_xV+!y`2_8a#z&(#m_e9=-}8H{x;KBXS)x|JyfNqI8S#s=kAkV%gUo5>@eE(`Ka z(Ya+X&I}0xURTcY160w@exlGl_zXPiU*;b_&3 zFYA{6QcvD=1PPU3%ceZ?tU1VOngec5riiDW0zlRA@J)Lo)~nPfjvhUZW>N&AO}#x< zkx$gl=WW418x1`U*y@Sv(knvSvIgY=|8c=g4?#o0M@SvrKeyT&~Keg(loG;Bgs z&y+^QS+6Q@*vgCEW}qX9BnsY(u<_>Gio0DfUG9M`-{$sAt6C7ug6BzoEK&}0wM4US zg3L*E(QmOsQOp8Jo=@3hUNwFM&lPmvy0PtKN)<`#%PYq7Wkk3?tm%Hxy0+TZmrjAk z2-+ITH{JDCgCXZwSO$a6Np@MgJOq$ibN*(qSQU1#Hu-Bz*yZiNyjQH2-EKF?k0?IO zj*2pED1I0`l^a@MsRkw;dO6H6OWPYq6fe6~@Li`Vr0+M~O73F4Xul9&8wR=%Nu${uqi zX0oXdowGUIV;=VB*7i=(hf`Mpl{UFptuAm5vpuNv6v@p`t1a(02y;*p2-T3DGl$H4 zzmk|&A=>vmne<&FMYFGn?Y16{^HA|~ntE@akt3*xD`Bs0dt-wQz;!U*ZjK@a1uFj$ zY&FIdU-z$D3{vprBQ z1EzAjx7f`2SCfp*pb)2<-f>9@VF1p#vVgjJJy(F(@b+aIgGP6;X8ka&ymNk3J;efq zKn0vP{dFd+Vo1O3wOEzaHu;Nz{7h8%vv_0lIe3wg`Xbl)_-F=^S4YEf3DU3V0_XgD zC&jR2uJHr`r?*`!j*nS}+70K76wd+IJeY3h$Ugu|=kmO)`YNz*{sS>3?U9(1*uZr| z<6(%NtH67YA@=iH7x>~FbS?r~vN}1sX{B|-PH%AQ{G;GZGCs_s8VqZ?*C|5IdzK_q z9=*UJ@H)bqG`ma8of7hU@r}@pd2dNAAXJ1`AWC*qSC)0jRSZ9Q`eejS_+llY1Thf} z**l_&x%{VjZndioDc@*yW1;>IVOq<8?@*lNF-cK<^T zWNPfQjW^WwmU>#@)$?qUCgPL#LBChum{b$f5Zo)jG1`b`X$uG)lc>;u5AmBqI3G~F zmfQHN3Ml{Kvu4Veh`7MTLjnXRx@0!4(S6Bt_EZcL5u>RgtT!<<@5iD&Nk5_`>p(Uu zhAP8XQyt{O-K*8ftiNc}VRyyaPeKQA+IgVXf?7D0{B@k2TsQVM=-)5hJ$&7BPYh3` z)7>lKiNHNJr``J!3GhxFH-@B%cUPX4291`$WoTng+3p zel}W|R581;4!c&JII-H3NvU9r5St%f8ah8%?BW?)?)H~UUqLChR;`uQ*BTbAtNwXP zJ|?W0vh%fqpR^nGZ0bfIVu}XNA3MZKrX~Mz1?22`&s>3*;bOnVMC2UL<;{`U3sj@8 zKfwBsL6(*pUyR(_gYoV>{X%zbN(cHHz&ZlC<&}>RvwCISfse^&E=*Bi1duD29(=4w zKB9UyRCeh-v7zdF5pl}=`Rdo-H3L_0c(YI4DSefNA8g{Ac(%Iw*oa@ZT5FV>CSUh4 z3CkO{y6(5UDbr-^xW@%ARVjHRMh0J z+6D>*YS+RuOi;T8KBOXvII)06C?ldLu4`uGvWt{fcYe9ssYEa+h$yvGZPAtLqJ+C* z*jGsFNRgM0npmL3Ec-=!$6F1R8N^h!f^1z?-+9Q_O7GKY0j#`KBfYo*6*+Q79#oGaJ!2YZu^#_tpG?i#^PxF@n& zBHPLBhNqvb-&C;`VMe1E#D*rNWUi6PhZ4EfQ0skY3RUaCbXY*1DHX9Emwq(tIKjl< zNIV$1Wz^W&d2=!h?@iZL1@W=_CB^drZ-NPb(j!3=dC7dqZXg^-XtTwY zH`}-QhUnfr8|x*;3U9vf5<&FzJ7|qFtNQolZvl#AG@IWY?%bDYdZ}c#{?^8TVaRzd zKY!sR6LFV+O$kzDqf%Y;$k(3K5adS>X&&28wJ6PHU4~n&D_M4=LzBZRdXW-{;;*c% zwhQYmtP{{>OPCXysBWU9u$6ch|yYfmam5L_~@KBYTr+;{Bc*-OH2g(;3Y zNK$a95u7%qjGzqDENz9^;sjg0u|Eg=c;qOK)#;S4Wg2uD-a=r-5X-SG;0^BAO5r7A zTU7tlHLZtvZjX%aoG5vZ`vAH29jfX&a}(q;pG3xxJw+Ylmt_9AG#&!7xs0 ztxGLNZ$G9)KoQ3{-SP==c8GdO0-)*V{;zEwQYm|0;Ll2L0+VL$>b_4ZT2G4ri zPj(tTg^{XF^t)}Bu_Q4$)#bU{v_R9yZNnO!>@Dx|uc1bpooivXvZ|6e!Ji(Rp4sU* zBlq|*P8}PJ_vSnw!Q+qXX8hr0*ND3BVEJ_Hx(40cKz_FZJsmvdzx(QIZ+hZd2if6R)(m z*z=<2K8nyRmbR^~%~;|D7n{$mEHzZKDH-b7j*n49oiUs=n2;wDoV-i{b%JE`NENjL zwK??B+;&JA<@P+F7S+yTeZt?CU4sbBbh`5bV|yGnwuh)0+og<|q5Q@($c^SIveH|` z!>BIZfocClZj=5(?sfkh;*N&kQ@WFMs0X`5$|gD6ll_TZe}`=h7Kag#ImrfKAG})Q z4bZukf#y{#anD{dyf3UAea`EC1oQ~qOZl2rGnyXV0iv5F9IC@ju4esLICZ_bGniC0 zER54csPt++oe1iq%$z~F_A*`B0NplyVX;THu)neq=%I}%w_K?8L!I7TE!<%sK=FtG z96by=Yz8Q+%~^$XV*@jB=4>W3_SwgS_{q4~hS-z`XG}6D@(6Og?Pr%wW}Cwe@~Gsz zK=#2Rt05buu~R|e&EY8>Z^<9yY766!E8^;vLh`n)q87M0{4MZ%X^_!)`#&Ze1z=IY zA1@R+S~ixJg1qGU?H0PFAPE>;c)Ue+=hT~Gk1Idn4#Ji*I%w;&Cd9fqhB*Fp>56FkBpI)g zE~2Do-c8^McKrzs*7yLi1!rgmX6HI(A=t0>R{dihg{ck?FeMNuV)mtkUoMkwaap0A z18gFBmrzh`fa{#qozCE#$lY&#>f}W*2UhzPZU8k}ABZU=!M1MX8M!68H&5GGM&c1W*YWIap|9LX+}E@W4}JNKg;KAPCs?}|!? zR9KE0Xx?L&u|KUs*{n;r9|FFhhFLmo|VC^*~Gu^OB`$jS36 z(@5Pn7vbbJwsBl)kHo@594(VbWQ@I`jEGgY&vvHJey=~)-}xNZ4{c*#vl{DGKPHft z0eh#U$o2-QCDe%(;O#^}4edAT=IWFZf8$z5*;Op@)T>x;YvngpL4($wI5b{$Z=fs< z+;4neM;O=y6Ns<Dq1d zIQ^)Dr*%TNW3KgKqT_|@pKGAkWv)P8%REGz0TV4FJD`zxJl-)*@fyVv6S*BNIQU^_ zY6<{ZvhGD?8A7k&%Qg)II&->vp_J|J{@hlQ95{!Ey{nrq&t6L}%%s^6`AumutaX&z z?3b1-ORL%g)&Nt)(kOk1EUzRdZ)b#JEaBm3%k3VT-<0+(d7vpiU}15?X+wNe&6RC_cL4^iuB{@#}9eZmYFZ1=`CCmHbJ^mbf`DM z(7emu!hQ&$@_JWU3}$E;X6q5pHWMwQE@#Bk+|%FD(Xp&XVR7$~foD%1yXs)BD}FyM z!MuB5uK=pp3Et<$AQ+&uCG8(2@Y51z!Xw1Js4iJCP2&+OKvI6KB zx3}M*D2=m28Df!Q(Q|!834Z4S|Z z3(v9q11$8l+?I(=fc`<@-Qh}```lYe!D??mn!nXNq^~y1eBQ%u|2Ww>?RTUprHT9v z5)OY0I7sRnf3;8do;UH;NCUC%gM6GzFjA48hAk;47N8WV3Efd?OYTRPa+uA3{ z53-NT;o<~Wv4`f?wz_*Vfo=l_KD6rdut#H9&z^OZ&@CLiwB&~_Pc2o_Ti-K5_F212 ziirNdE5Gt!Y1!t=&eoOSU<54x2?bPJ1k!iN#?eSV%`N;g^Ry&+8oTFf(xss5G_0gN z8=M>*9H^cdGI3pQ`mwKiL^VPjW0hoL^H#EzIb;Mv2BRgp&^l-eM6yy+kQhKLTw%qG zI*FTy?^>|MgzR6bf&ZD{0114$L=bei5Z?SVJ+tO~_mN#x7c z3Cy!BtY)4`jj>-7^71=4k~jnEqK3wvb|>^HT=%f{kWh@)Hc8xTRMN&e*UaoyqGF7w zNEjwdQ69>?hkD8bhR|gIsT8b>0?dJ!h`Z0B@t#!M)nAS2w`E_CUo$IrEz<~+oAl?y z?zQ!4M{xJ-a5t|5ytAAW2>p7|WF{)+PqwI<*yNVl39Hv-|-`7~pL}MZa`}{_pKmfcfLBu{x zjTzXYt?vA<`S-7woH~&|Z)Z~J;4v57ZeCL^aZ9BFQB3#hO1$Il+`d0m{s_3zM@U6? z-M2lCA3K@iDqL}dE+`plgcE#E;lv(AV*!`3UN4hj$6?z&8~|>&@Hu!n22@6m0)dTt zQvb58Gq5=;QF;IF>UxOoP;qxGEIEfxnNk*CrN+m)#m2w7#fP-Ledh7U)mh7s-(7ZQ z_XAGsd{~o;fR50?-f#o%y>I)k?)@QcRo;FKk*k6J9)M7N@~c8bSm02dU~?0%zy>Qq zehpR}(iR`rf4rENy4y}U%SgO(t;^MpkG4zCqbEaPtSrqnXt1_`z$}|ej{3E>NoCwB ztwy?Qk9}*4%HZW)%3EK@Ism>X{#Kc5_16x#vHRik**8e!JFgnRi#846_Iz!y%4R4| zeV=}hk)FF-3PJ5;49ojpiF5XakwY$oZ5kk?MwLb1(OpS)kUDmZGc<#j;eb0kA6}U3 ztXT8Ew_^H?2bE@fqW1Eyle%9ANIkCnx_}bmX>Q90{NznQ+wuL4=pWm@xe#%6suRZT zAbBP2K(c{Db|Ux1`ClhI9V!f{!C0%IAkg-Q7W`9NKnHlzy=qSBo-?A_<+boaB!^%sm$GH=4K;$0@GM zE2O&N?z&BePt`@WdniT3<6s@6+Gb(_^{=|W9#q20r*^kC1-OG`ja&Qu4NeS>#khm% zUM#-%<8J zG?#?;Fd~P9UH%6lnmff^X|5X+k zKB&GOR8^qsny)Kg36u8ZhB*=0gpn96ICb)PX>*)W`WT5{le$Y0ox7;K*j0}N5{;bb-wKu`8hqG6Ij2Mbw$cft`cqUmXC6oi>}TS z-xj`&?xo&KQXWLnyFLQA6=+Nna~#6nq3H8p^#waIbBCNOEu0xaC9JB0wG|KB<2%ro z#f>^8q4wWZ25yYQmtd5&=M?h&<<=2f#t8())YyOj0_C97r_MSyvgpbpsxkUkuoo-K zbqT#~7I%9GWK+`gY^oVoBKT%jN}leGv?j~^#?>2Dj~(mJ){OEg5XhY2$UkF5Sz0lH z{Zhinsj-SkPEg%deLfVyw2vg1Y3CdO-X~lsvdv{%U?~MN*OJt)_LLp_RyCK9bTr-N zpTQP~uqnBAqQ^y4*E%EbUb4BxJsmU|bA8EGt;$H#y;Qi)GiCIY8;A9lRPf)@v~L(j z*mX%AzF>}flxYxMCERF97^XZG!&jxh( zSb2Q*lHh+s7hrS0Wki2vH?oj>$zK6KAZ7arZt`nR9s6XmQiRI#NABB{zrIz`Z1VXWw#nxtBJW>ecKdl|U?{57Yl0cQ z`LwFmI+dlNM04)T>J=NVxJ6eq%-LAG%?HNB*Z-EK-^&_f=b?g>K+*5r&;Yi>F^u?^}{Z5 zCYOE>z4ZIfJKua)6jr9qs4Wpo_1>Y}0qEr5Ly9#3&MnjEBr71k`VTxQIDJz07-vCu z!uqeEk%KXJW|k5j%|JB8Rr!KM-EIbBB9>gyaW({w*P~{^d@L=;l`yn@R^oBK9J( zcmqCtShThO0TcfIA;Z=ow?MSQ$i&2?{#E<4o64<3GBPq1C+4}0$io^0{z0aI`)em~ zsHUhSD%omJ0mznfd&ri*_YQ35SOMKU^G8*FQn~-%R7KmNaee~8WmEU9nrYs9q{rV8 zR&Ygiu}>pM`G1Q1{Pk4-2Y6_xNBtJN2Zx?(e#&S0UAU^O4ppc2g|&vpMo)5qT!W+w z8Pl$biHW1-_++>E6Y{yV6;`hPqmUeNIQ3V`Oqs?;p{p4^p^kL;Qw5c*na3cj&c=cD z3UBWs&4D);|3^U9e{VUTB#b2M%Lj?%l`a^m!iK*Tew$1>?Vfk1Uq-LNR;PlBHcpz~ zbm{*)LiFDPvGR%U!ANzOGZJ&}dHk+Zd*AqYmwn0qHu+wY%)rq+3pNdyb;WdjpGCZB zP){ox@@js!BGf-L(mBU!GfZhTGPaeXg9}@_k0{EdIm63@C`KgK$O2Yd7H4w`cz=W8x@|8h|=fQ#SoaTj zoqlYn```Q@(}j=ZKj1+9qHYlWw5$BO#F6Qfw;LYpm~*8+nR7RI$f?Jv|M4kh66{le zId|@)gXG<)Jtfi(nx>1GqqKxx>`mhX@`Akhs+O&ZzgL!B&%)x9fZcH!T#_|c< zoL{>Q+Cz|>22+{mhyEJ9knej!el8RzI7jJd)80*+AF>J9v%Y|f;x&-rK|62TPYa#z z5C1wH39&;A<=2;h@}^Dt_%}7}Z6TIx-b30q)^ZFsjrrlnF@@tQxr3-1csy_M zq7a-tFBrnN(tLt{Efp4omh|0Vs48Etyp(2NLQ5dL>_8`T5F+{256v z3QK-8z5R`_wf75-8?@BOrhN34<4r!U0M7>n84r$g;=W(Pq@U3hgfDs149H*4cb$J_nbF%WPH6=~1!69IUd6u;4tvqjg zKGv;GdqM%OIX;}=l)Rd;ecS0LQ)BHea7SW_Gv}0U*k*g4XF%z=k|VM8oRBR`*g6vp zzpe4aCq|k+L?HLNSWR_jH{}J}4M{7}hgS0QS&zatQV1)HhHPp_tWIO#Hf+30%OtF) zX_ANSSNluJo2?dIW)+#*^vQb$kj3m{`03Wm%1z<+O+qy^kTtE0h3??*N z{dG|KFj-5F!D}Qv{41k*?!zS`#oShN)sYkaM;l~33K5m@&LZV50@I&i0rnejBd0!x z`#uxI1cX_|2YyMSwiY)^Yi1C%kLTiYkTl4xyL-sy`kD!-17M=lcZ_qcOR`EHjaD(r z;|u5HPNWyuwu4F2oHdl}RGPLJ zy&BTfy5Myl3$OU|as~c*#2(EhL6A=lkGD4pxxjQ_Bpj1ElyhYv&Oy>@qIwQw#gGvc zo?m?KjmnYLHBI|VLj|iJ5%Fixs8$!WFltGt1QVfH-2cjmt|@Fxfs0h`oi6p7Vu7YT z5qR5fz)-|YwAMEtHPAf7sbQ<`twc%)2sV9LS3-N1IWucEm?!st``5@sV(7`D+bO?~WkfZbeS zMUMHVo2ZDgOn1xQ?el*H^aEz12YFN6GB`@@bWq%31(02Hk8X1i>@+&>6 zgOF6G1g@+#(aGLyR}S$~n4ANx`}7zMNfHQcloQ&sqsP((*%PL2F{8TdL1Y-S+D;dm z=29S=F`xGx=P>C5g08hD9+SAiRkCmlrYat)ZjW*sXIuw;fh6avj!TIuo3xJwj9|7G zN?>nYN;uLAwe4@k4P}184Te}xOhMlbmn47-VH;fhwuaB!rb-Rf`Im_dD6CU#k=fy> zOnGrDpgh-931=EBPT~rufWY%(1e#~k&M^uRPJhucxIoTjuUX&#?4^3~BnI+wU=2xx z)s59Wo59s*M=4ypM+PNnK1Lb8H~fS2HiDa>l+gim?`=(5)86^eFplR41GVu z9uiD8WoR}qB|da}tp^oqtt?ZjKE#IJa>0x2K|xEf^=pb)vXl=w40{1<v=8dQjy|muBDsPOd>&CkOiR=&RF|Ftr<>ASXy_d z9$$BoUMSU4Co{{y;-M}NERY+WkDr;d84?J>OcW7NgE!K_3_~kk=}kf$h^)D?Nu?>$ z(N-M-Cvki5s3xA=(N3}_;LmM@gUAo%{gs2W1nD1od&gE{j^`oD;?8_qw8C(mNyC$0 z_6HA=^sMPXQa=CgWeIx$M;)aFovL7l)szjZTfEQ|ZoSet_9(%i*@Q?YrrQ1UR&eL+ zOGjPu(tN< z1ZQ-b_QS9N7Xk-K8uME6Lu7WG1uL`mUbi!NuqSTO@QP~%J-mu-$?b&D?1E!5HGzef z)=6DwmAaO>Oz#3S{&9!?u|~DZKV+w%liYBlE5t;#n zno&Eu7sVO2^l8NR8deHhC1Af&K+Qu9_@^C`x;W+t*QzIZO?!E|<}uXXv5QXkEGWm{&SH z4vlv1c|-;G3XR7ZqeHf}KAFs#FJD%jpM<8uwV zq3KS-?fk3{7{J0YxIU!1NEVJ9RsYbimWUJlh^zYRVP`l{V##kxgX)3u>ew(pSJ>8g zKcQ3#Y62}2W{PA;&u0{p7$@?!(_9InJ$)QF${@?xeATDJZ1Tz@sW)BoYNkq;2c29L zVMu9~rnxFMZVST!_GYm9d_Nbvu@@DbmsSZ=CvxYz@zA-{Gn%ZHLj^`Cz+8#)fRGq~ zZPp8Jt~a|`A&W{$Ao} zvmE4;&Tf_hHk&dPC(xtXd znr2JTzy_zh+EhRFMGDSGHF6%!238}qL!aMM&>IY%pYy1x@Bci;0ujt#z3FIf^{J)^ z1DkU+KTk7Yj3DWz(PrDk&{CTxZ+Zw73`baW+uPDBt;0dC(%@P5^6kOl;%h+$<;&H; z1^8Mcqpnmba(>7eZt(mQO@h7&D<%8wM-8Mps2+$NQ(fNKU)erWn+obg%zWD49E&0#w?9Y%_^ORh`W3Yj`wz<{+J?$~sobEx2P-Tb$k_~2{h zMwpd!Au`NVx{!>mQkyAidE0;*VpA@lW^H|45Q$)d-to5Wk1T*-Fp|MtRi?i0fwcia z;HNXyFt4$!PvCVcjPWKpw3;a8Mh^5dKXYpXbmm_!L-sz;Q@HLfm=P>FrOt#F3fIfvvX>|ss#5UyqDcxhoZ+H8jh;$$H#F+sIj231{_ZaZBfA*>(dlBTSm~vifF{3 zw_E?f*5gahg+>5RAQKkY>LA&_t;3h5Acx3(V_>;1qPjY{zOGKKA8@qWFAOaWYo2kvJ&HSb>SCze@@w%({74XPsdQt-qb9la{(I;s{ z?#tCYxsnYJ7>X?Qk@9MA6)YT)oi#-$u+nT3iiz9YitQv{G6wt_U}noJIDYvxb|4z8 z%@=6|+3>J%1A)6jql&-GxX_@xB5UgSylppA#{$Bw;<;C4<(#eHlj~(Qa>N9@CKM}O#4Q~MbulC+Es>yC! z8&(8qQlv{4q=|F^kt(2wbm=u9z4s1@2#81#q(q8DKzfx90-<*Z(t9sbLJLI*3GeN5 z_SpLy-}mg}{&Buv@5#7-WQ?q=%(d2B*PQd3Gi#mbNEILfH5G@KB5S23z~B8;8UhzE z$1B^Z_mSweQr?@eq~rJxrearPtuW*FEgQ1@0Vc&DkhJel!p_gXjmu#Q!u!f6fOu1S z1;BWAPOoc!<54&QdCtlWl`oX9Eu+ZugLaCJ`r<79`TS;ZF+5q zmqudHN)Vf&S33^dFU|P8S0cMR7Mk!^13QfulWLEM@(WfV>$bPoy?8@ErP1npC+*Cb zhP|7l()TT?PXj_&=X%P&S@`mm-ytlQw;T@cL@Gd+lpyO+f5*5S0nL)cy%m9GpMYjD z&UK@I(`*>1c*wn>6LC+@+!=6{CMLj=#(y(tQ(z-DXnLyxoh1UDsX5ms{9R{}KxdSC z_#ATPe7`#zago&jo6hD5tSJA@8Ghnid-;D0)W0d15EESbjeCD3Di8meQ^0rn#7IKs z@$V`I$XUyYet!!{R1$`@aNhm#k5e7~Wdi<5?$EKbmfyLN{r|3~`RC`Xf;<2N_4VtZ z!oSIp6OjLJ7yp{q|DB8fJLe+A32=TT*>Y>2?ato$=3?CO7I_=r=jp(1237cfla5nT z`eLCjEG}MKeDbe~v6i>JKMq*W{>Ekf$J`dl0pF@ny!fSQ&>iB&^;dKU1rS{NdcZ5I(G-SP? z1aAi1`Vv;sO9D79gx5jPH(qdNs*rIj&z&Zp7N6f&HL@jJM&Tufl$8)lAAh9KSOASZq{_rVra?8f^^%yQW z^YqtcDyvq$a;KOi%{bZE8w* zEKvpr^5tB-AvM71fR7`iY1zx|nMXFChG(LfbD0c{=8BDS#YaSNXxTepN2|O^)GOoW`4eU-)2{S+h@%`O-wyM!3n%#OLbI~N<>N8j0Q(eo^wh=0sk z*gDald_HRiDTvGvWg9--*`!~VSQ(|7ddL;j;*Y;FE&zXgr`+{QC*6Nh`y-G=yUg6` zShZD>5nGfn4w^wEE%IU|2H0v7G*V->R#^H?f{|W~br$hlG-Sv+G|AzGzDbgly^YO% z7x(=iJE|FT<(35~M-La0Jo@u0q%Bjl(&a%2cl&$F*tDoneD*%fuYUL<6%2E95pVez z>4e5}!~-}PEtvSsV}@BoYNT<8+9SVVi{0cScM6+ZIOzBqJ5 zT!pT#tX^pa3GMGV#{`?EF6It)4|Q(5k|kqIe_s>@G59v+{1OD+cAWBPGnqRb2>pi4 zt#ns7Y}%>poE$2n0V&whUd3mE36R;WOFR8I$D&6kIhS`lSB19DA{x3figGP&I(B?N zfAAd3<;XF2r z77`mgCgr3WZGBA=Mm8!hL`u$j%>3f@y?b7Bx(|wi_96P&pN*08$f5bZk9)ERcI4c` z#3FK_S;Uq1cvcHN(JLd#7l&xR549Y+WAJl%2I<-r{p(e3P2`X;%?<^MvJ_+c9TdXL zMyP2)8Oh<1BYhX#kHJ`Ftgc37Uc2@AIoj?<{ueBKI#uoLRrGI@?pntuWHlV-hL#}0T&D@Au z1(u%tP5;`t{)j)RxS4IHYSRz>0T;-@m#5iZRI7#RnJy>$#d`a-ZJ+K%_X0Sx!;=Rx zxhs2_C?U9&bMXn%bgaDwR*ES}v`6HiB%fuJPw}dJ1rb?_gyzA#$Qw3dL)$^NL3{aN zLaxrRZJvn9KJJsLryvKY1S+5>a#O#jQotIr@Hh+dtt|57^))o~^;6>##S3Wf2*r~Pjk${_TfQjg)O@M zPH%&~sYY#r!i%q%CwKgREqE``$vl8GUny%y99O+Kmw6~7j3A$d-M!tk+jB}Aj5i<1 z*N9Ix(`43s*V zErs$TGGOo9HZHYwh9_ttr4{4Y@daG}QsLu~< z>>jddqq->`BY4zDsNxmU2K7f(>O)e6&sJ2aBBnbrs^Mx63zER|_XOrxO3H--mwY7x zcIEunk*Z}WF*<}3wce#9m_3rsL6lEsTUVS)^X|{H+d+1MV}^8=cRiHccPz#yyGjDEm4d>od_qB5q0t z2sues7Pg9D;udI3u8otPb!Q7CtlEh0x zU?!cZj;nB@6u&pV{qHP!*)?uLzl+QM&@AF0LQ7IW}48e(rg+@ufj*CoIZ^k(F|P$c4uiyikQJlU;6@ zzZ`ceQTlS}WkX{CsJP~3!YsEMl!el4R)d7bcx)HWq1ArLWt4C*eC>=VMy?g9oD0 z9;1xYZYALv@{rK^LP}oi(QPPj2We&FMUU#f2ON`WQd-{xQ-xI5ZrY2eav60oYV%rK z^BwJ9CG~d&J~NK|?ns+sY|^+_cHR zG%WCxu)X~DjC7%0yd!8c+srI*;B2k}v(DbJAEnHy79KOdxthAHTt7h?%C0a+gUT?8 z9p~BPGC^z5UdyQ?qZT`aoXB%#m`7I5oYpH;eBu?7CzoN*`1z^-zSSI|Xhrb`;g%B- zgXf^Z%-z1YQT%iHtQQ(;?iG6u#GU-2wZdGqKQR`n!o;?#vT55OtF4N z+>Y2%t&+sez>`t_!Z^sKh=^-nH>{{uO|cYqm!98coI1@ad_DE}qN9@4f3?Z1b0^MJ zviNCnx$;pEbJp_dEi@&9ftyU4I_&Co;EANhz|oPIh5YK0c6L(Y0@>t+0AC1#+i6L< z@@=yhvSQ{%jK?N5%Br_BO-IX!Q{jwZY^WVLh}#C^z$@N2^7wg?u8L^gvW>Rf%JiF; z*Vc!dwyis2PaM|uI0G4V*GojM;v6}R)0ggT67xD?3oP&_4NJ82uxbgUZ2fEN;(^t~ zXzS9}2MOtj-O%+Fg;Y^>pX>*fRteqfmd+5CV7IL50V<-gULO_4@qrS`x;j`}(_g@wsgq8ni>B=~K;5@}7J< zbJsl*|Exkt>j_bFNW^ZSrSUN2iJ1yx1lJd>(;)8i0zue16y-+B))>b2*Tyf2)N9mY zKTNVFe5%@R?)hz+insK~qh{DE8)DjQ5>9CP5*aS%7?eJn^61BW-t_hnLrJo1bJ>F8 zC32(W!rZp`I?eN!z z$|BAa=rd5n#M||lZkyhhg#_pQQNdPgcg_>qaySmwUrsH(I-7_K)rYM{G^QTQ$=-pe zZJ>NE?|OU8-L1y4=;I&F*k6@STNZTa5w(^Y*hRLVI5A5rBW!t{_~G^NbT2>Cv`O-z z>3p+b@%dQ|eyp|^cmCH+ku&#-jfIxx<+c7#15YXB2;ON~Pdd}~g!gf$_fS)|WDgZm z8Baye$nG@+5v5rt+a<$gw*w!U6d(jLmh&m}S%uM@>svEqsVEMkWI4DM>XWd0sZ)hZ zsJP*`%z(+uHS#0D60p522?rsWQDS}&?Wgo9e@Do$+m&UoHMqp}m*(@Ul_M;JOw|*Y z`bQ%72CSMg_944>xwZnS%;a*VPEA+@I=-AoTaTQ+4j%ToeS?vR;k)^@7?bPo_%IU@ zO;%8L;iRRhWQ@v27#o@vP1skQ7AL5DOIJ|q9IK5Dw9JbS9UEr7kcRr_?!rd4L2b6t zMddte{_gg*;im$n$a!5bu<)0GYnLYS`}ThIAaL>(bC7z>chX3UIqFXS5}!m3i_qbB z1o7`YPN}IqHWgC(IH8-PIZW$)&Te1(#x?9phfFxOJdyV!>T1qr1=4tDU1P~ztt-09 zTb+;M>ho^+7C}{%(1;&kE}h<}vRasl=#sj*A1Fq&6HFAq^F>h)^SLa)r%`U=Cg5& z+grhj?!Y|U1UU$!HqQqQGP8$iuH~BMn23z-@6LURCWDr@b>&EZfdn76PCMV#`=K$AZpt~X z%XgHn7t%e9ktv#BJ84E z1R;dUmbP`B_`5sTh9CcHOBkLIYuCZtLspW@92+dhBj$y1zlV8T}Bd?H}O0!hk znxPr?w2ZN_SqSkoSw&p2by1khzHH@O{N_Ai27j_1TqJ z47hrPs+RZ07X;iUlRT}{)E-(S(X4LOcD^OHKB~sL(sir!%}R93()usxX0!w@5h8(W zf1fkvzLw}(wHYGYxsAm2yxDnwwoqv5GZcN(p?#bcKYiK$X6T5wFY{b-MO(Un1GY2B zR-hdvPzqFNC`#{LDnftCwu^Toe&FVpM{ZD5*N}&ktjv|>v?=Ns=3_qgf+$aAUMfW2f9h&R$}SJZI(T252t& zZPJrlposRHljdQ9VPmr!EiE$y?$!EOwd}EcZ?sIezJDg#{KS1L1tm>PtIAngui(=k zOgTYr0)abweXqS!myQ4*vg7~w*?*JZ!I74EC#3g|=u5MO70k^YWEPGM>y@8-yXoHk zh395JbNjZmZ-8WUdOawe;jkG-67GMIRs&y$+Ec8>w6eAsa7|CRCy2H_mYV--d-Pb| z*kMZKZkS)Pz4gpQ$&)igO!YeF>#MenJph3++mW6(-!b z&}eYl9odGu$w>N3BqoVG#Gmr|d=SnMoUT}w+tj%QdVh!wJa}7Qu@!**LOv4bc%iF!Fz4za(Id3E)MOSFM5 zT#cf>yM~U0!R=G!TxQ0yr9#H?#`go^L2RcCbiULh{Ju}H+3qTrbM40Cgn!x*#2jeX zI`H9!)vh;(&V)-zYA9fse$a0V3|T>Z?I8!{erLTu-S$3h z`k@aEGnR*)wJ&<>iiAn{2T|{=Kb}IXU<8e0eO5V{VC=YW#;2`t?(TXunN9YyqJ%@P z3BQ|(Mct~MuQ8R>e{GiX7_h~#&zj*4yyXRpI`6?cf9Jk}SG-QD+zw%Bp+B}V+G%>K zS26xLYip!R*8t05{xH^k-L%9k8Q-2cpV(_45=^*?IMG?QWcyLKM~ih{8Pf2I#EJxY zUNWk^CQ7s8*K#D*no?v!6n{6O{AA|t=w-lMsphLYHFx@@`Lc8<=p3_H;`vavOaA;h z-V#!WJodgamDoGwNJ5rG?x^_hfr zSS^9N1F?-tiJOU}@ENOjhNcI?v28Y4Zx^SXzvE?iCzlwsuH6c&61dXNxV_TvLrWI; zdYU%fi*?mQ2HnZBUgNmOGFd&nFuu_A$5|N z`pw{!ILgv_&&Th)_zHSMy;-H)Jib#xzi}`(As8WUCWs(TIoY(m=y6{?im=CRue#u1 zWLVZAUug0BWbv7YCI7H>aQn{jCLEXM`-Wtt>Ij@_6=SPW&iZu~V8YfO3cK5rX=cf% zyzg~WrD~}dr1E2gUmQGe9pNl4x42p{e))D$X%{pwItsR@5<|iXC&Jd5dkEubRnL|2 zS6sKgmzIfX`$5vkLoCaR<0Nx!-YN;Br}`fPj+fM_qMJ#$+Q+ka$M4l;LdsV!p9lKJ zgWNs?;CMz?WQMbE--t3BCtu|J>SEdi>-Tz18iGl;=gW99yhV$D^LhPL&Uma-_+VJ% zjYiEc(mFaOMko{W6{>x=MDd0F_4R^>tIsAkE9sB~lL=OBb;FyFBN^W~if||gcFS;@ zP)8e+(+oxnIE9v(eqc=OY5!rO(gg$^ELI|vAF=I-OG5XAybbfucFjMJ>Gw_F=5rJ| zN#Dy$$M>1f!7Q7RXWh=E7orVothEVpj8K?8EPryx6K4v+?>-Atkqt?YcXiMqrwX&i zJR?b60MA`TdvjK;CD|g*z_fHBt)cMY6*k28KA0_&=}vf7gx0PYzMl13-ZRqA`d*BJ z2B;1y$L4EJ=SoX&jT4Sf#VDJgBF&N$CK{$acBYZE5c$ zV;!HcV}n9w4)9DzXqr{4K_89T7CR&9+Wy=x?E8$Cs-@y#xOH5d*$b4ql9#_S%!Y5F(JFQH6-Y2p`W2@ zD3y}i{-BBH)O*D+K#8k<7soMiP@MZ?n+};1uao%`Ogq9lL+&OSk0eC5+09THm(5dF z`M-99-B6mZAsgmnBqB!nD&{o*lwvGY%~pGADK+jnB_-*1=gB2CofJY)P=v>1JH~2Y zJ*DdwR-8@w0{W`)Y5bX6z^L|MB+xB%EW3`36j9@=_OB92DJ4RqIu{ZM&&MY{wcWCyJ63E(Xu#zurcpUvwwXD zaY79fRDTrYMNUDL8N_M-+}dxqU0A|c2Z*hVkUe@+Q=64LpB_pbeC@j>fcFo5r}1s0 zo29uh;fhyqlhOWI<-2Pc5&L*~F68K7v{@*MFyfRY=I1s4vZa?eNV0^{xCr3i##~f> zRl%9ew+N`4It1Rh)%IitZHHYls{raA63#@rcaOxA;6o4hn^3w-*?KYS1jREw79V!()1x}!fVw!GFD7~tCU&Hq8}po8fWPPdXier!g2*{ z6L@_}AQ?z^(A?AT>@vsTA2*l!hh9H<;{39)RZlY!yP_CbAJh)wc~{M zpSw8`5Z2n=vbyJ0ODrF7cY4!~MEL;bDvYkkWZ=_r#R0i}JButVd*t;z>({zgcR96~ z)}n%YVCaTk!|4zf>4BV@<+}aO#BT-@>nLjnavcgFJXR?m3O*uT{Lblgci|2&Tl?Xk zu%C)&0=okQ?iQbu)(Z>L5kmpZ5n6!Qyy1XO76r%fBbT=%ZTq+BYcKBl9i&f!vzBHK zQKH4B!IFTNPYVnBt*@P6Hj$lY772=bA>LdW8b6NR2r$-(q8mN7Ec(3Nj6Wk#^KP}R z{-|#`9A}?)gj8tB((diEPx?5PlJ);nQBUgkB7!NCDEu_i&a}kHY|;Kq4WMc$mk@1x z)l7Uz`I8}n1TJrY^=mwsiSvhiUpGgvk2TBuLql)>e>61o+j?56B9j)GYO|IkV=5t@ zb?koQgOF2OKeMd(o2T==WERXDc%fVa;T=L|NPZ;QE%LiK%#3iO7pU>-fV`>Y;Vd@A zu<1@`NGYbn89J0;Vf-L2jq426)yKtR#(Qv0>Um7M`@G;|@L{W=FmSJE`zrRJx(l=W z7Z7h?$;G7m+;-Ae9oO=2Y`-rouUCxeXeGn5pgp|I-mTINrPX6TL6S1xV<}Kd}##i#PFW|T-L=bmww z@1?mz;x6ek?m+@8Ywv&Q8zvQgrMfm*Sy1^|u*{N(!hQ7>)E`)34( zoXQn^b@dsDITkZ)prgUVFj`~C;Io2a0+Wfj2Q>Vv<%+_cE+B#Cg;|w*F3putV*0+d zTZ0yq83dKJk=j63==ochR|t8n8?|d6WCUpaOxJnc@!0e;N`b3Ec49A^qevAKj#avh zNzY^rJtcx&{a>)vP6(@r^G3;d`fSr#% zgQb}JABD>Zzp#9$W{8H{iYP!EWMHNHvT1nR z?p)D>;Bcu)^Ea~fl7VO^1`yFfUom6R6<8Tm2eIN&uSp;yUi-F+$2`9cK$*#=^X`kp>tO+{O zlB_gAsC&%LDr#ZmE2);T^V|}T7^$W!W?s~3M?zoM4oh_vaC;+I9mtY%+Nu^Z{vgxv?X&tukC7=o{l`+Run zG*T(b8Jx{hIzxQ-RNZl4>J^WZ2?Bu655wgY8iNP(ek40cao0G2{n`nx;)(-4i**#R zh{q-4FlcnDP1*PMJm-7d8x+X8JL~MdzgnnsKE7btB4d;3ZLCS3W0G;pJu>jJ4kw;h zLq9}p@5I(g9|tos7U_vAk-L&?EpGO}b}9?-byYoBgIc?2exW_`|0r_h*<@e_g-l`ix@J&3_|fx}tD{gn-v+3jRxIpnaeHRA8Bl z`^Q5NM5@u6#kH%=+Ru2jS4_-7ybW#Y(Q73MkBg9Q17;5SNL z*X|@`*v1Bz)Lcg}E9v$wE}m>ko19gChzXcGC#(eJ?a2;4^+-tr`1AVnsl}HTmZNqc zjX-ld*bneD((NbfK8H2LbT3Q{)p{zi=UKj^;i$$n?}NtI;S*QQD9~7-y+N&G zHyY9Z!xEpU@uBLsB&lUW;YyO^Zblt0Tb7-`JK?7GNTjB(G{E;oR1adgY~Grr7Ym)# zP7Uj46&DavK^#u*yGyg&^ei8Ftvlhkf9w#&9urs|j&H!&b~H@2hB-eFkPT#E@oy+& zgt*w$v8#GH*G^(TaX&bx))yz9^&mkQ?1K_ zh2Z^qZ%o>|!;`9a^{TY@!Dw>7>1;_ofP?=e`Vh@s{YTyv!y2sR3lG!JIPqk8ntNh7 z529+EZJUjd^#x#dkv37EAR^ZHavwbVHFLyBYJD*D1HR|=(^DVmzZCkW9d4XP25gHb z+TF}@$qEr^A$`=JL4MnaZjpoMFFf_%(5g<&9)-v<`s?LL9m<=(BeI@}#l)v?ez|JV{5Vj{lnf=dHH=V(`D@wckousg2y~lNSnppWyMn( z52DH1F@d!8TKZ91JSKDoy(Kdq{bs|3u>FMJVp*ZJe8Rf(&zbl@d>4!@JpG8rsfFaw z_3kJ0kGC?Y04|U{=|sv$N1kptS3JmsU3R#?xLVZA=Jpafmw!cR9}7#p@Q~j*}p|rPd0! z`kXW=-$QNw{J5>M(^L7rn3>vUK2=2>y1WRNbasZ4)j-)f4~VP))}-T&dqxX`q)kTZp=oY=tgbr;1;E z0rhph8sR`$Mexx+PizyM1>2vfXsW;RpvAj8!znwVWH#&*=C^D|_S3Sk=#rMRjkx*j z!)fT|Z|8Skc8x7mt37yf;Dj?fv$2Nq$Fmb8;KI~AZ+BlVILq9iG1f)zjD9FSdF2sm zXkZcQy$hOwf0%+V^}gfhCt^T1y}@2x?%eEANv(DM*2?!r@cvJb=I}FC*EL@I6M;vr zN`33$RmM;(-r45Jg6TT#B*yJ?qzVuZ-j!{Z@~+`RSw#CSlia8pJU;ERJ-9iq)Q-&h z0$cRf(N)hTa)Rnf_T`j+D@nS$NXC+4@4tT(L^BfWRA2p~+rsAZcS0&8!vDDoUzg`+ zMbcK+^_hil0z^{h@$GF?bh9NndcP_+yHGcU(AK~6O~i}eOIVv$Ca@nLDhC6+pcpjt zEFT&rN?XR$WB*3kH=(<)SX>2q8WC)ILAZN%8QdH%wEYgpBX=Vfnd9>frgmi*a5nO` z6wmo;D1u1es-X{6dX&eMiMM*Kkwx&Pk;9=)h==tS$K`n!u+_{UUdg@#;@+gh`)O|9 zx*eel59La~kHR1%2)Jr+McJGO9KnFPdoUn>e%zn2?anmdShp8pISmA&=Y+eqFY=JG zgLwb4AwG$18$Fn9tINm`%~v3Wx>)7Iq#Ak(v(JYTCA9a|J(lf7J*LdSw@#uHj9A*v zMNK3$X%x^`Ey1fYE-rq($+;8u^LP#hzmi4+)l7|EYHYy5+cUiX}c6 zwyD^B3TV9J%2CNoG{NI=_k&-Z7T)0-GU<|+T%{sqA`Y`bJG+t9kM4>N9Gcf3Zyl#N zzn7|%ak!)YcBie94r4x6{j`)f1k7{PY^?9Y8BW6af;`V3J%}M(aGDIBO#}A zbpMXsSuntRM-;V=DaHi6j+4>Cqx{-V+B*}7BK!TfI|8(h$>J=i_8%5Z@^mp$>~N2{T^K-CznOrxrQhy(7Q|jolewPzS!BXd^#eAu-L%up=su~K#3FiofQ^| z=7m6qTwBGn5c;^~rm&UAzqyOMh!o$}i?Y#E*alAhz;CvCE@;=)Ih zBLUW6W5Zt6$<&zcrc{QOtdDlayE@Lx6GZuOeaClq|@jKu&BlLqZA|Q zmhsaq_%q%_^Io@AJQUucvD*11NLtGAgQKVy;!B@RWFLcNP3I9%!f9_%Wh8(t`Sz*% zf?IUx@p$6@ylR8mwSIndu_mXNETQy2nkw}sw51?gMlywi!b;~$SGPF~&Db7AP9gRCzb zGT)G#hDm^GI1-gvq$vrurfU?AdexL}eJpDx-5U-6Z69_g=`L~=FLH)WYl9nIE`t#0 zQG@L2U<=*Hg&^U)Fxt7F*$y*ON&^Ah((yNlEM(||Ern6KUBb#&Z z4Z>4u5^H-4FCpF5;d`f*wPv4`Ax^z>^A(Sg;b=TYC2^P1gx8@nso!+Q`7VZducf-_ zdmlhVEE`!uDFQSUYPufLGK>2>DSbC8Pxtf#70Ke;Lymt-Bt)rIi3TUds5=F0i{gODdqBQ2?KHTlrQ+dGNwZc_i6`FPBCh zhn%kbj#xL6sW1sU_ zbPz&;HVg3kZqqOH6Zb#XX|JfMl@Nt~w%cMu(6T|=jO~iwCUytE5$L*JITq!T8X$1> zsB!>h$Nx-`G}{UHR+=T<(8=ZyRQm0BAS%4bNkoxmyDF~4uNCd!staZlFW_0YjC!`) ziXPxEMN?m-r#Svh#N^dK;`gNd(#9#yf;Kj`uq;#R$$7;q4`kj-e3N!m13;ZK%-<9; zOS--uPA(>Is!DzSl@4fmWtk*$lX6*{)r+;UmA3F+kC=r;X#uY^jDSn0fD-C9DC%;i zskdAvp{-%IhZQX ze5q#lqncTrVinwGsBh1Nqq~(uH@Hz z*ygn^tl8U%oPFS!!hUSqE=3CPM7(lksfBT$`X?|7L`uQd>ZWU+!f?yT8yU>gGk7=c zYAnB2FX%P0CQ4F0S8ZbrOlzz$(EfHGBl&fc3&5Py5`$y4ZASN(ND1Kcbsfr&}OqEfWAwE2L* zWACdwDCQSnk^4?Bu(w%XzoIY*!vP7ohIX@Er}+5{kjp!pr801V=t0RYT=>JZpOWaCDU(^tv9kp?))jpnn#RH+2u^sw{0dLQ_X6fF7B+g zJ2nYEw~1l_?=AOUmqqlkwDs>&I`*E@5>tw^g}mfiD)e)oFC$<0+ZOMkCG~lx7NBub2p^&K|@AWjUqcg!Oy0GU^`@fQYIdA~}tG z)M7c8JE(=I-y;5qKYD#n4hN6I9InGEx3>_F8#f%R%S3*HWFPt3kXF{r54{5GTRG0e zHfHXD`A-GrF|@JX5U1L2g4T=gkld1K6c>PWsP1QAvbA*6DT8E}A(a}q>cOQV&b{Gv zLaz&KWk2QK7ltowxuJ5XhdEDxAGN<6YE+^4`QrB?<$$6lU*MQV0VV#WCxM3!l3dqo zvWL#U9~8a_y*B%grmP_=lt58+6og|Q_3ks^=-Fz=Gmo>KXhbCnaE$9?|#56`WTPXQm3lLy>ZY|fneh3D^XGFw|)r=YvW7_Ij@G=S;&!!t}m&@q;< zrUkFM@g!VL@}9|)KYc?E$B;nNA_4D~e!?}vxc~lbBY;<#wW(aiT=rFlmFRwO*-|*CQt4hQ=HpK#J|^KOR{`w!^9un-qXgS)6#ujDI0l~vThPO43SRD~ zKHakru}y#bB#rt~Fn7X{B%V15n->n-5~JtmQ(p%ENbCtWnTma5`x<%I++wn)Gxzpb zFUSAzyQg0l-Qt_uY22SzEpb`I{CN^zKwH>)Ekq9dNJ48=eSS7gj>XyOV$Wh=?;i%k zf{oD(d$#{SOxwR*hWU6EWIG#4*{m-QA0NFK-xHouCXYQWJ-y^5x4FbW59c}Shl?C0 z*85H~cbADMSg-%#;f@B7C;V`A;m;tYDF`4B(X*Z#e*iuJ7Ue7erj93?<&5)Bzt0-- z2KdXJwxB%opWq(QcOrJ6*45&&PW;a>Nu>(Jhi`5lUHcElMfZDLtKCh?e-z=1InGo4 zDXO5SQvW^n|JSE-K-GESvVCto9{k=P=ixfV^CVy?3Rc!z|11ZqEFkic$O_G$M;CV= zX!^3VKlDGaSYRBTsWsaUzCW7Y=d8Lw)35KL_*{P+SjgpX))w*3_&-paLZGQKwE&s= zpKaSYpf(Ax+qHkxaMlo=-%anEF{l4|_Z({t1*$=M3b$4!uZOJ~l2E3G?sw Date: Tue, 26 May 2026 14:30:18 +0200 Subject: [PATCH 02/13] Addressed an issue found via peer review: Copy-pasting "uses some labels for internal use" when it should've been changed to "uses some annoattions for internal use". --- .../deployment/private-cloud/private-cloud-cluster/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/en/docs/deployment/private-cloud/private-cloud-cluster/_index.md b/content/en/docs/deployment/private-cloud/private-cloud-cluster/_index.md index a14f85f05b7..d25ff39c750 100644 --- a/content/en/docs/deployment/private-cloud/private-cloud-cluster/_index.md +++ b/content/en/docs/deployment/private-cloud/private-cloud-cluster/_index.md @@ -847,7 +847,7 @@ spec: Alternatively, for Standalone clusters, pod annotations can be specified in the `MendixApp` CR for a specific app. {{% alert color="warning" %}} -The Mendix Operator uses some labels for internal use. To avoid conflicts with these internal pod annotations, please avoid using labels starting with the `privatecloud.mendix.com/` prefix. +The Mendix Operator uses some annotations for internal use. To avoid conflicts with these internal pod annotations, please avoid using labels starting with the `privatecloud.mendix.com/` prefix. {{% /alert %}} ### Node selector {#node-selector} From 5451f031283a87731bcfae14fa9f147c16f76c66 Mon Sep 17 00:00:00 2001 From: Dmitrii Zolotukhin Date: Thu, 28 May 2026 12:57:00 +0200 Subject: [PATCH 03/13] Changed release date from May to June. --- .../en/docs/releasenotes/deployment/mendix-for-private-cloud.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/en/docs/releasenotes/deployment/mendix-for-private-cloud.md b/content/en/docs/releasenotes/deployment/mendix-for-private-cloud.md index 505d560a4c1..9a4a2fe8241 100644 --- a/content/en/docs/releasenotes/deployment/mendix-for-private-cloud.md +++ b/content/en/docs/releasenotes/deployment/mendix-for-private-cloud.md @@ -12,7 +12,7 @@ For information on the current status of deployment to Mendix on Kubernetes and ## 2026 -### May ???, 2026 +### June ???, 2026 #### Mendix Operator v2.27.0 {#2.27.0} From 10a36b8bb4323ebfc0f82c820078e3a586b359a2 Mon Sep 17 00:00:00 2001 From: Dmitrii Zolotukhin Date: Thu, 28 May 2026 15:35:59 +0200 Subject: [PATCH 04/13] Addressed review typos. --- .../private-cloud-cluster/networking/private-cloud-gateway.md | 2 +- .../en/docs/releasenotes/deployment/mendix-for-private-cloud.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/content/en/docs/deployment/private-cloud/private-cloud-cluster/networking/private-cloud-gateway.md b/content/en/docs/deployment/private-cloud/private-cloud-cluster/networking/private-cloud-gateway.md index 679f3ed41e4..e9e4fb8f4cd 100644 --- a/content/en/docs/deployment/private-cloud/private-cloud-cluster/networking/private-cloud-gateway.md +++ b/content/en/docs/deployment/private-cloud/private-cloud-cluster/networking/private-cloud-gateway.md @@ -11,7 +11,7 @@ weight: 20 Gateway API is the successor to the Ingress API. Gateway API splits configuration across different roles: * _cluster operators_ manage **Gateway** resources, configuring central rules and policies such as TLS and IP filtering; -* _application developers_ manage **HTTPRoute** resources, specifying confuguration relevant for a specific destination, such as a Mendix app environment. +* _application developers_ manage **HTTPRoute** resources, specifying configuration relevant for a specific destination, such as a Mendix app environment. {{% alert color="info" %}} Gateway API is supported by Mendix Operator version 2.27.0 and newer. diff --git a/content/en/docs/releasenotes/deployment/mendix-for-private-cloud.md b/content/en/docs/releasenotes/deployment/mendix-for-private-cloud.md index 9a4a2fe8241..a2b5d8951e9 100644 --- a/content/en/docs/releasenotes/deployment/mendix-for-private-cloud.md +++ b/content/en/docs/releasenotes/deployment/mendix-for-private-cloud.md @@ -20,7 +20,7 @@ For information on the current status of deployment to Mendix on Kubernetes and * We have added an option to load client certificates from Kubernetes secrets created on the cluster side. * We have added an option to specify default `nodeSelectors` for pods created and managed by the Operator. * We have added an option to specify default labels for pods created and managed by the Operator. -* We have addressed and issue where enabling OpenTelemetry auto-instrumentation would show a "processing" spinner on the Runtime status. +* We have addressed an issue where enabling OpenTelemetry auto-instrumentation would show a "processing" spinner on the Runtime status. * We have updated components to use the latest dependency versions in order to improve security score ratings for container images. * We have updated the list of supported platforms to include Kubernetes 1.36. From 975319cbb38478f7baeb5eb50b5a7aba35966fa1 Mon Sep 17 00:00:00 2001 From: katarzyna-koltun-mx <108737161+katarzyna-koltun-mx@users.noreply.github.com> Date: Fri, 29 May 2026 11:50:01 +0200 Subject: [PATCH 05/13] Update _index.md --- .../private-cloud/private-cloud-cluster/networking/_index.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/content/en/docs/deployment/private-cloud/private-cloud-cluster/networking/_index.md b/content/en/docs/deployment/private-cloud/private-cloud-cluster/networking/_index.md index d67a97beb94..66b7653e857 100644 --- a/content/en/docs/deployment/private-cloud/private-cloud-cluster/networking/_index.md +++ b/content/en/docs/deployment/private-cloud/private-cloud-cluster/networking/_index.md @@ -88,5 +88,4 @@ The Gateway API standardized typical use cases, and the Mendix Operator only use * Some application load balancer firewall rules can block file uploads or other Mendix app features. * Linkerd does not work correctly with AWS Application Load Balancer and Azure Gateway Ingress Controller. -* Some Gateway API implementations don't fully implement the base v1.4 spec, or are experimental (unsupported) - +* Some Gateway API implementations do not fully implement the base v1.4 spec, or are experimental (unsupported). From 6ec2fc756132907c66adb3e4613ad707e69a831b Mon Sep 17 00:00:00 2001 From: katarzyna-koltun-mx <108737161+katarzyna-koltun-mx@users.noreply.github.com> Date: Fri, 29 May 2026 11:56:38 +0200 Subject: [PATCH 06/13] Update _index.md --- .../deployment/private-cloud/private-cloud-cluster/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/en/docs/deployment/private-cloud/private-cloud-cluster/_index.md b/content/en/docs/deployment/private-cloud/private-cloud-cluster/_index.md index d25ff39c750..f32eb85f19c 100644 --- a/content/en/docs/deployment/private-cloud/private-cloud-cluster/_index.md +++ b/content/en/docs/deployment/private-cloud/private-cloud-cluster/_index.md @@ -216,7 +216,7 @@ If an app's MDA was built using a newer Java version, Mendix Operator 2.15.0 (an ### Endpoint (network) Configuration {#advanced-network-settings} -Documentation how to use advanced network configuration settings has moved into the [Network Ingress Settings section](/developerportal/deploy/private-cloud-cluster/private-cloud-ingress-settings/). +For information on using advanced network configuration settings, see [Network Ingress Settings section](/developerportal/deploy/private-cloud-cluster/private-cloud-ingress-settings/). {{% alert color="info" %}} When switching between Ingress and OpenShift Routes, you need to [restart the Mendix Operator](#restart-after-changing-network-cr) for the changes to be fully applied. From cd663421a06839eddb271dfc2b0a1fc142145803 Mon Sep 17 00:00:00 2001 From: katarzyna-koltun-mx <108737161+katarzyna-koltun-mx@users.noreply.github.com> Date: Fri, 29 May 2026 11:59:55 +0200 Subject: [PATCH 07/13] Update _index.md --- .../private-cloud-cluster/_index.md | 18 +++++++----------- 1 file changed, 7 insertions(+), 11 deletions(-) diff --git a/content/en/docs/deployment/private-cloud/private-cloud-cluster/_index.md b/content/en/docs/deployment/private-cloud/private-cloud-cluster/_index.md index f32eb85f19c..aa481df5529 100644 --- a/content/en/docs/deployment/private-cloud/private-cloud-cluster/_index.md +++ b/content/en/docs/deployment/private-cloud/private-cloud-cluster/_index.md @@ -822,13 +822,11 @@ Alternatively, for Standalone clusters, pod labels can be specified in the `Mend The Mendix Operator uses some labels for internal use. To avoid conflicts with these internal pod labels, please avoid using labels starting with the `privatecloud.mendix.com/` prefix. {{% /alert %}} -### Pod annotations {#pod-annotations} +### Pod Annotations (General) {#pod-annotations} -#### General Pod Annotations +Mendix Operator version 2.27.0 or above allows you to specify default pod annotations for task pods (build and storage provisioners) and runtime (app) pods. -Mendix Operator version 2.27.0 or above allows you to specify default pod annotations for app-related pods: task pods (build and storage provisioners) and runtime (app) pods. - -To specify default pod annotations for a namespace, specify them in `customPodAnnotations.general` in `OperatorConfiguration`: +To specify the default pod annotations for a namespace, specify them in `customPodAnnotations.general` in `OperatorConfiguration`: ```yaml apiVersion: privatecloud.mendix.com/v1alpha1 @@ -844,19 +842,17 @@ spec: kubernetes.azure.com/set-kube-service-host-fqdn: "true" ``` -Alternatively, for Standalone clusters, pod annotations can be specified in the `MendixApp` CR for a specific app. +Alternatively, for Standalone clusters, pod annotations for an app can be specified in the `MendixApp` CR. {{% alert color="warning" %}} The Mendix Operator uses some annotations for internal use. To avoid conflicts with these internal pod annotations, please avoid using labels starting with the `privatecloud.mendix.com/` prefix. {{% /alert %}} -### Node selector {#node-selector} - -#### General Node Selector +### Node Selector (General) {#node-selector} -Mendix Operator version 2.27.0 or above allows you to specify default `nodeSelector` for app-related pods: task pods (build and storage provisioners) and runtime (app) pods. +Mendix Operator version 2.27.0 or above allows you to specify the default `nodeSelector` for task pods (build and storage provisioners) and runtime (app) pods. -To specify default pod `nodeSelector` configuration for a namespace, specify them in `customPodNodeSelector.general` in `OperatorConfiguration`: +To configure the default pod `nodeSelector` for a namespace, specify them in `customPodNodeSelector.general` in `OperatorConfiguration`: ```yaml apiVersion: privatecloud.mendix.com/v1alpha1 From c848c30b7bff103b55bb35b21e4c426ab75d5c1d Mon Sep 17 00:00:00 2001 From: katarzyna-koltun-mx <108737161+katarzyna-koltun-mx@users.noreply.github.com> Date: Fri, 29 May 2026 12:01:14 +0200 Subject: [PATCH 08/13] Update private-cloud-monitor.md --- .../en/docs/deployment/private-cloud/private-cloud-monitor.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/en/docs/deployment/private-cloud/private-cloud-monitor.md b/content/en/docs/deployment/private-cloud/private-cloud-monitor.md index dda064fac5d..453f3e826c4 100644 --- a/content/en/docs/deployment/private-cloud/private-cloud-monitor.md +++ b/content/en/docs/deployment/private-cloud/private-cloud-monitor.md @@ -55,7 +55,7 @@ Each mode requires a separate dashboard. {{% alert color="warning" %}} Mendix Operator v2.27.0 removed support for `compatibility` metrics. -If you're planning to upgrade to Mendix Operator v2.27.0 (or a later version), switch environments to `native` mode, and update your dashboards accordingly. +If you are planning to upgrade to Mendix Operator v2.27.0 (or a later version), switch environments to `native` mode, and update your dashboards accordingly. {{% /alert %}} ## Installing Monitoring Tools{#install-grafana-loki} From aa6f57ed5ffefc6e94d760491cd559fdc7b8fd7f Mon Sep 17 00:00:00 2001 From: katarzyna-koltun-mx <108737161+katarzyna-koltun-mx@users.noreply.github.com> Date: Fri, 29 May 2026 12:09:56 +0200 Subject: [PATCH 09/13] Update private-cloud-operator.md --- .../docs/deployment/private-cloud/private-cloud-operator.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/content/en/docs/deployment/private-cloud/private-cloud-operator.md b/content/en/docs/deployment/private-cloud/private-cloud-operator.md index e7840346afe..dcbddada172 100644 --- a/content/en/docs/deployment/private-cloud/private-cloud-operator.md +++ b/content/en/docs/deployment/private-cloud/private-cloud-operator.md @@ -239,8 +239,10 @@ You must make the following changes: * **jettyOptions** and **customConfiguration** - If you have any custom Mendix Runtime parameters, you must add them to this section. Otions for the Mendix runtime must be provided in JSON format. See the examples in the CR for the correct format and the information below for more information on [setting app constants](#set-app-constants) and [configuring scheduled events](#configure-scheduled-events). * **environmentVariables** - Set the environment variables for the Mendix app container, and JVM arguments through the `JAVA_TOOL_OPTIONS` environment variable. * **clientCertificates** - Specify client certificates to be used for TLS calls to Web Services and REST services. + * When **key** and **password** are specified, will use the client TLS certificate specified directly in the **MendixApp** CR. - * When **certificateSecret** is specified without **key** and **password**, will load a client TLS certificate from the specified Kubernetes Secret. This feature requires Mendix Operator 2.27 or newer. + * When **certificateSecret** is specified without a **key** and **password**, will load a client TLS certificate from the specified Kubernetes Secret. This feature requires Mendix Operator 2.27 or newer. + * **runtimeMetricsConfiguration** - Specify how metrics should be collected. Any non-empty values override the [default values](/developerportal/deploy/private-cloud-cluster/#customize-runtime-metrics) from `OperatorConfiguration`. Refer to [Monitoring Environments in Mendix on Kubernetes](/developerportal/deploy/private-cloud-monitor/) for details on how to monitor your environment. * **runtimeLeaderSelection** - Specify how the leader replica should be selected. The following options are available: * `assigned` (default mode) - The `master` deployment runs one leader replica, while the `worker` deployment runs all additional replicas. From 33d9175f6cd61c37a261d5308c098ae290d422b1 Mon Sep 17 00:00:00 2001 From: katarzyna-koltun-mx <108737161+katarzyna-koltun-mx@users.noreply.github.com> Date: Fri, 29 May 2026 12:13:15 +0200 Subject: [PATCH 10/13] Update private-cloud-operator.md --- .../private-cloud/private-cloud-operator.md | 46 ++++++++++--------- 1 file changed, 24 insertions(+), 22 deletions(-) diff --git a/content/en/docs/deployment/private-cloud/private-cloud-operator.md b/content/en/docs/deployment/private-cloud/private-cloud-operator.md index dcbddada172..5adadbc6ca2 100644 --- a/content/en/docs/deployment/private-cloud/private-cloud-operator.md +++ b/content/en/docs/deployment/private-cloud/private-cloud-operator.md @@ -250,7 +250,7 @@ You must make the following changes: * `leaderless` - A mode where the nodes dynamically choose a leader. This feature is in preview mode. It requires Mendix Runtime 10.24 or newer, and Mendix Operator 2.23 or newer. * **customPodLabels** - Specify additional pod labels. Avoid using labels that start with the `privatecloud.mendix.com/` prefix. * **general** - Specify additional labels for all pods of the app. -* **customPodNodeSelector** - Specify pod `nodeSelector` configuration. +* **customPodNodeSelector** - Specify the pod `nodeSelector` configuration. * **general** - Specify `nodeSelector` configuration for all pods of the app. * **deploymentStrategy** - Specify parameters for the deployment strategy. For more information, see the [reduced downtime deployment](/developerportal/deploy/private-cloud-reduced-downtime/#deployment-strategy-in-standalone) documentation. * **podDisruptionBudget** - Specify parameters for the pod disruption budget. For more information, see the [reduced downtime deployment](/developerportal/deploy/private-cloud-reduced-downtime/#pod-disruption-budget-in-standalone) documentation. @@ -309,37 +309,38 @@ spec: The **MyScheduledEvents** value should be removed from **customConfiguration** if **ScheduledEventExecution** is set to `ALL` or `NONE`. -#### Loading client certificates from a Kubernetes secret{#client-cert-from-k8s-secret} +#### Loading Client Certificates from a Kubernetes Secret {#client-cert-from-k8s-secret} Instead of providing a client certificate directly in the MendixApp CR, Mendix Operator 2.27.0 (and newer versions) can load the client certificate from an existing Kubernetes secret. -First, create a Kubernetes secret with the following contents: +1. Create a Kubernetes secret with the following contents: -```yaml -kind: Secret -apiVersion: v1 -metadata: - # Specify the secret name - name: example-api-secret - annotations: - # Specify that this secret is safe to use as a Mendix app environment client cert - privatecloud.mendix.com/environment-client-cert: 'true' -stringData: - # base64-encoded PKCS12 certificate - key: Q0VSVElGSUNBVEU= - # base64-encoded password for the certificate, cannot be empty - password: Q2hhbmdlLW1lNDI= - # Optional, list of web services or domain names where this certificate should be used - pinTo: "www.example.com,service.www.example.com" -``` + ```yaml + kind: Secret + apiVersion: v1 + metadata: + # Specify the secret name + name: example-api-secret + annotations: + # Specify that this secret is safe to use as a Mendix app environment client cert + privatecloud.mendix.com/environment-client-cert: 'true' + stringData: + # base64-encoded PKCS12 certificate + key: Q0VSVElGSUNBVEU= + # base64-encoded password for the certificate, cannot be empty + password: Q2hhbmdlLW1lNDI= + # Optional, list of web services or domain names where this certificate should be used + pinTo: "www.example.com,service.www.example.com" + ``` -To allow an application to use the secret, it needs a `privatecloud.mendix.com/environment-client-cert: true` annotation. For security reasons, any secret referenced by a MendixApp CR but without this annotation cannot be attached to environments. +2. To allow an application to use the secret, ensure that it has the `privatecloud.mendix.com/environment-client-cert: true` annotation. For security reasons, any secret referenced by a MendixApp CR but without this annotation cannot be attached to environments. {{% alert color="info" %}} This example provides contents of a Kubernetes secret as a `stringData`, and Kubernetes will base64-encode the contents again when viewing the secret contents. + If you read the secret and see `data` instead of `stringData`, the values of the `key` and `password` fields will be base64-encoded twice. -This is done on purpose: to ensure a binary PKCS12 file can be safely stored and edited as a plaintext string. +This ensures that a binary PKCS12 file can be safely stored and edited as a plaintext string. {{% /alert %}} @@ -356,6 +357,7 @@ spec: ``` The **MyScheduledEvents** value should be removed from **customConfiguration** if **ScheduledEventExecution** is set to `ALL` or `NONE`. + ### Building and Deploying Your App You now need to supply the CR you have just created to the platform so that the Mendix Operator can use it to build and deploy the app. From cfa4f59979a5fcb09ab30cf8189a5108813cafe9 Mon Sep 17 00:00:00 2001 From: katarzyna-koltun-mx <108737161+katarzyna-koltun-mx@users.noreply.github.com> Date: Fri, 29 May 2026 12:16:44 +0200 Subject: [PATCH 11/13] Update private-cloud-supported-environments.md --- .../private-cloud-supported-environments.md | 31 +++++++++---------- 1 file changed, 15 insertions(+), 16 deletions(-) diff --git a/content/en/docs/deployment/private-cloud/private-cloud-supported-environments.md b/content/en/docs/deployment/private-cloud/private-cloud-supported-environments.md index bf436f1990e..eb2679e0bae 100644 --- a/content/en/docs/deployment/private-cloud/private-cloud-supported-environments.md +++ b/content/en/docs/deployment/private-cloud/private-cloud-supported-environments.md @@ -422,36 +422,35 @@ Starting from Mendix Operator v1.11.0, Mendix app environments can use a [Linker Starting from Mendix Operator v2.27.0, the [Gateway API](https://gateway-api.sigs.k8s.io/) is supported. -For each environment, the Mendix Operator will create and manage an [HTTPRoute](https://gateway-api.sigs.k8s.io/reference/api-types/httproute/) resource. +For each environment, the Mendix Operator creates and manages an [HTTPRoute](https://gateway-api.sigs.k8s.io/reference/api-types/httproute/) resource. + +Mendix Operator only uses API features that are defined in the official Gateway API [v1.4 standard](https://gateway-api.sigs.k8s.io/reference/api-spec/1.4/spec/), and does not rely on any other features. + +Any implementation compliant with the Gateway API v1.4 spec should be compatible with HTTPRoute objects created and managed by the Mendix Operator. -Mendix Operator only uses API features that are defined in the official Gateway API [v1.4 standard](https://gateway-api.sigs.k8s.io/reference/api-spec/1.4/spec/), and doesn't rely on any other features. -Any implementation complint with the Gateway API v1.4 spec should be compatible with HTTPRoute objects created and managed by the Mendix Operator. For more information, refer to the documentation of your Gateway API implementation, or check the status on the [Gateway API Implementations list](https://gateway-api.sigs.k8s.io/docs/implementations/list/). +#### Using the Gateway API + When using the Gateway API, it is possible to do the following: -* Enable TLS (use the `https://` schema in app URLs) -* Add service annotations -* Speficy the HTTPRoute [parentRefs](https://gateway-api.sigs.k8s.io/reference/api-spec/1.4/spec/#httproutespec), to specify which Gateway to use -* Provide a domain name (for example, mendix.example.com) -* Configure request and response [HTTPHeaderFilters](https://gateway-api.sigs.k8s.io/reference/api-spec/1.4/spec/#httpheaderfilter) +* Enable TLS (use the `https://` schema in app URLs). +* Add service annotations. +* Specify the HTTPRoute [parentRefs](https://gateway-api.sigs.k8s.io/reference/api-spec/1.4/spec/#httproutespec), to specify which Gateway to use. +* Provide a domain name (for example, `mendix.example.com`). +* Configure request and response [HTTPHeaderFilters](https://gateway-api.sigs.k8s.io/reference/api-spec/1.4/spec/#httpheaderfilter). -For each environment, the URL will be automatically generated based on the domain name. -For example, if the domain name is set to mendix.example.com, then apps will have URLs such as myapp1-dev.mendix.example.com, myapp1-prod.mendix.example.com and so on. +For each environment, the URL is automatically generated based on the domain name. For example, if the domain name is set to `mendix.example.com`, the apps will have URLs such as `myapp1-dev.mendix.example.com`, `myapp1-prod.mendix.example.com`, and so on. The DNS server should be configured to route all subdomains (the `*` subdomain, for example, `*.mendix.example.com`) to the ingress/load balancer. {{% alert color="warning" %}} -HTTPRoute resources don't provide any APIs to manage or set TLS configuration. -In the Gateway API resource model, TLS certificates are managed by the _cluster operator_ persona, usually via the Gateway resource. - -This is intentional, allowing Cluster Operators to manage security policies and settings from a central location. +HTTPRoute resources do not provide any APIs to manage or set TLS configuration. In the Gateway API resource model, TLS certificates are managed by the *cluster operator* persona, usually through the Gateway resource. This is allows Cluster Operators to manage security policies and settings from a central location. {{% /alert %}} ### Service Only -Mendix on Kubernetes can create Services without an Ingress. -In this way, the Ingress objects can be managed separately from Mendix on Kubernetes. +Mendix on Kubernetes can create Services without an Ingress. In this way, the Ingress objects can be managed separately from Mendix on Kubernetes. Mendix on Kubernetes can create Services that are compatible with: From c2b30605a6907c754f739a94b855db0b855341b5 Mon Sep 17 00:00:00 2001 From: katarzyna-koltun-mx <108737161+katarzyna-koltun-mx@users.noreply.github.com> Date: Fri, 29 May 2026 12:17:44 +0200 Subject: [PATCH 12/13] Update mendix-for-private-cloud.md --- .../releasenotes/deployment/mendix-for-private-cloud.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/content/en/docs/releasenotes/deployment/mendix-for-private-cloud.md b/content/en/docs/releasenotes/deployment/mendix-for-private-cloud.md index a2b5d8951e9..69a0f425405 100644 --- a/content/en/docs/releasenotes/deployment/mendix-for-private-cloud.md +++ b/content/en/docs/releasenotes/deployment/mendix-for-private-cloud.md @@ -12,7 +12,7 @@ For information on the current status of deployment to Mendix on Kubernetes and ## 2026 -### June ???, 2026 +### June 1, 2026 #### Mendix Operator v2.27.0 {#2.27.0} @@ -20,13 +20,13 @@ For information on the current status of deployment to Mendix on Kubernetes and * We have added an option to load client certificates from Kubernetes secrets created on the cluster side. * We have added an option to specify default `nodeSelectors` for pods created and managed by the Operator. * We have added an option to specify default labels for pods created and managed by the Operator. -* We have addressed an issue where enabling OpenTelemetry auto-instrumentation would show a "processing" spinner on the Runtime status. -* We have updated components to use the latest dependency versions in order to improve security score ratings for container images. +* We have addressed an issue where enabling OpenTelemetry auto-instrumentation would show a **processing** spinner on the Runtime status. +* We have updated the components to use the latest dependency versions in order to improve security score ratings for container images. * We have updated the list of supported platforms to include Kubernetes 1.36. #### Deprecations -* We removed support for the **compatibility** Prometheus metrics mode. Any environments still using **compatibility** metrics should be switched into **native** metrics mode. +* We have removed support for the **compatibility** Prometheus metrics mode. Any environments still using **compatibility** metrics should be switched into **native** metrics mode. ### May 21, 2026 From 9935c5b09a79d9e35158877d5a9ed846852f4a5c Mon Sep 17 00:00:00 2001 From: katarzyna-koltun-mx <108737161+katarzyna-koltun-mx@users.noreply.github.com> Date: Fri, 29 May 2026 12:24:29 +0200 Subject: [PATCH 13/13] Update private-cloud-gateway.md --- .../networking/private-cloud-gateway.md | 27 ++++++++++--------- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/content/en/docs/deployment/private-cloud/private-cloud-cluster/networking/private-cloud-gateway.md b/content/en/docs/deployment/private-cloud/private-cloud-cluster/networking/private-cloud-gateway.md index e9e4fb8f4cd..ed40c57b172 100644 --- a/content/en/docs/deployment/private-cloud/private-cloud-cluster/networking/private-cloud-gateway.md +++ b/content/en/docs/deployment/private-cloud/private-cloud-cluster/networking/private-cloud-gateway.md @@ -10,8 +10,8 @@ weight: 20 Gateway API is the successor to the Ingress API. Gateway API splits configuration across different roles: -* _cluster operators_ manage **Gateway** resources, configuring central rules and policies such as TLS and IP filtering; -* _application developers_ manage **HTTPRoute** resources, specifying configuration relevant for a specific destination, such as a Mendix app environment. +* Cluster operators manage **Gateway** resources, configuring central rules and policies such as TLS and IP filtering. +* Application developers manage **HTTPRoute** resources, specifying configuration relevant for a specific destination, such as a Mendix app environment. {{% alert color="info" %}} Gateway API is supported by Mendix Operator version 2.27.0 and newer. @@ -21,7 +21,7 @@ Gateway API is supported by Mendix Operator version 2.27.0 and newer. In a Mendix environment, the Mendix Operator automatically creates both the Service and HTTPRoute resources based on the app environment's configuration. The Service defines how traffic is routed to application pods within the cluster, while the HTTPRoute links the app to a specific Gateway and configures relevant HTTP options. -The Gateway resource, and the gateway controller (implementation) needs to be created and configured by the cluster admin, the Mendix Operator will only manage HTTPRoute resources and link them to a Gateway resource via the `parentRefs` field. +The Gateway resource, and the Gateway controller (implementation) must be created and configured by the cluster admin. The Mendix Operator manages HTTPRoute resources and links them to a Gateway resource through the `parentRefs` field. For each app environment, the URL is automatically generated based on the domain name. For example, if the domain name is set to `mendix.example.com`, the apps have URLs such as `myapp1-dev.mendix.example.com`, `myapp1-prod.mendix.example.com`, and so on. @@ -29,23 +29,25 @@ To ensure proper routing, the DNS server must be configured to direct all subdom ## Basic Installation and Configuration -Refer to the installation and configuration guide of your Gateway implementation. -Any Gateway [implementations](https://gateway-api.sigs.k8s.io/docs/implementations/list/) that implements support for HTTPRoute resources and Gateway API v1.4 should be compatible with the Mendix Operator. +Refer to the installation and configuration guide of your Gateway implementation. Any Gateway [implementation](https://gateway-api.sigs.k8s.io/docs/implementations/list/) that supports HTTPRoute resources and Gateway API v1.4 should be compatible with the Mendix Operator. ### Configuring Gateway HTTPRoute in the Mxpc-cli Tool -To use the Gateway and configure how Mendix on Kubernetes should use HTTPRoutes, set up the following settings: +To use the Gateway and configure how Mendix on Kubernetes should use HTTPRoutes, configure the following settings: -* **Enable TLS** - Enable if the Gateway supports TLS: this will use `https://` in the AppURL by default. TLS options such as HTTP-to-HTTPS redirection, HSTS and certificates will need to be configured on the Gateway level. +* **Enable TLS** - Enable if the Gateway supports TLS. This will use `https://` in the AppURL by default. TLS options such as HTTP-to-HTTPS redirection, HSTS and certificates must be configured on the Gateway level. * **Domain** - Provide the default domain name which you want to use for new apps. For existing apps, the domain name and HTTP path can be configured on a per-app basis. -* In the **Gateway Route Parent Reference**, specify settings for the HTTPRoute's [parentRefs](https://gateway-api.sigs.k8s.io/reference/api-spec/1.4/spec/#parentreference). This would typically be a Gateway resource configured by a cluster admin. - * **Group** specifies the ParentReference `group` value (usually `gateway.networking.k8s.io`). - * **Kind** specifies the ParentReference `kind` value (usually `Gateway`). - * **Name** and **Namespace** specify the existing ParentReference's Kubernetes name and namespace. +* In the **Gateway Route Parent Reference**, specify settings for the HTTPRoute's [parentRefs](https://gateway-api.sigs.k8s.io/reference/api-spec/1.4/spec/#parentreference). This is usually a Gateway resource configured by a cluster admin. + + * **Group** - Specifies the ParentReference `group` value (usually `gateway.networking.k8s.io`). + * **Kind** - Specifies the ParentReference `kind` value (usually `Gateway`). + * **Name** and **Namespace** - Specify the existing ParentReference's Kubernetes name and namespace. {{< figure src="/attachments/deployment/private-cloud/private-cloud-cluster/private-cloud-networking/configure-gateway-route.png" class="no-border" >}} -Additionally, you can set additional settings in the **gatewayRoute** section of your OperatorConfiguration. The following section shows an example configuration. Adjust them as needed based on your specific requirements. +#### Additional Settings + +You can configure additional settings in the **gatewayRoute** section of your OperatorConfiguration. The following section shows an example configuration. Adjust them as needed based on your specific requirements. ```text apiVersion: privatecloud.mendix.com/v1alpha1 @@ -104,4 +106,3 @@ spec: # omitted lines for brevity # ... ``` -