From ee9e7c35e3f0a253592d8b1e60fd963effd5dfba Mon Sep 17 00:00:00 2001 From: Maricia Alforque Date: Wed, 21 Mar 2018 13:32:12 +0000 Subject: [PATCH] Merged PR 6514: RootCATrustedCertificates CSP - updated --- .../provisioning-csp-rootcacertificate.png | Bin 27086 -> 47074 bytes ...ew-in-windows-mdm-enrollment-management.md | 13 + .../mdm/rootcacertificates-csp.md | 8 +- .../mdm/rootcacertificates-ddf-file.md | 1245 ++++++++++++++++- 4 files changed, 1221 insertions(+), 45 deletions(-) diff --git a/windows/client-management/mdm/images/provisioning-csp-rootcacertificate.png b/windows/client-management/mdm/images/provisioning-csp-rootcacertificate.png index 7a3f67195542f4a8af567f15be2ab413dc43dd1c..68672472c3d6416a371b76d9c12b194b0f326fbe 100644 GIT binary patch literal 47074 zcmeFZ2UL^kx;7kSM#ix)qoa%<#Mz2CDx%U`u#F4~L_t7WQ0X9T)Tm&P-g^lcAoLJIAcR2vClS#7eS4p?XP$>ld z%etD|zZd-;0)cGT`u)5f1hOds0@>{F-6rtK^=C(%!T$t2^fb>xvKsb{gFn8pJ)?65 z0(l+2m2=};@b?zi-;F&WkR27g{{*U#DOM0jp|{rgGgo~OQ!D)*Vx9Ow?s8*SZBbus zQQXt?qS#dT<8$dw1_d>-OTJRX5aJPA%WQlO-mdhuWi;M;r&N4pgxjae?`? zI$->Qc}(D&U++DSx0`(TXnTvN-EZti_vFm>XmJ|GTZNP1g3w#%75}Wj5-0Qvn#Nq@ z&O{B2ZT@Yb^KjiJwie4+0P^?(3`g{!>Xso0Y8od`${VVhi*FCTx_D|ub~NIY3gQak z05e99AoE@rVrpuHBcdidUWUtrh8gTI5-wHXd3eFHcT* zynyLXFkV(@7#a}X#VR7Rva;?Hu0q}#zJ5rOk&&?|^773y><^g0M+>VhwasKJ|8fHz zBQ>y`#@<#Q@CoOTIoBL{X+l;E8zul*HMO9$cMmY(*?3Xa)yaociCz?O*ESOQ3ZXtg znH8v?PnlqpoY%b_ZPkQSkl{6k&G&jx6{yn`X7@dw*wq2gdhKh@?&W)m3?GVW9y*5^(jSJYqxf%Z$ z>TB~wXv!34xHWyK^Bc%psI(aOg9w2b@M$|0iB5`R%+SecBIqHb&5*ad>cs-64fu13 z%S)YZ+G-W;>WbWXYZg-gGJ7V1BqJ@2->31uut|17jXq!$-U%!9rXg4cn;>KUE)*jp zBS+gKjpf{D3?sD)C-Mq&VmyL#XCGuXsF&p-BE?+_l)@AH_LAzhE=xRpBD$4m2!X6f zx3hW+kiVz_Q89les6Em5`IvDK%) zVQR#BneAcLG3fNhChL0DO0Ak<&Ms;~?2NulT-vyZ(7QQL!-(_|=8$~}UB~-nQtpAc zy|2=dd(w8dYz;hD^Ns4tk3|OtO0q0xJe4AaZmo(aU~f7c3nr^1wm!LfP%Pd`i;>&@ z>_YRQ27A9^_>ARC@08B)<86gK$-i2>34y(Ok+X1U;asxUOGT|6&sKiC3oXIKH52f& zRoU1n+105Cd-$Y(r*EBjW2?VJ3O?(pj0EI#KnuTy8&#~!I7i-R7Jn58|a;%DqimHqL5%NrUoYdIZNK+}VSQ108P!tY`#n107 z!(PrfoT8GYMXLKowXP#Yi||P=O;Zb@p4VqPNm4cMyH4qstge!nky5^ugzMb3uXO2} ziJ{t)sKqSWlTJmh7i+|CMV4Xx4P@+GF+GARh0UYgpdx2c;jt0>)lxl;lY17%wg=Xg zQ2Xds4v&40sSk}hSUXBdFB;GKqDQ~W+$MCi@!-)sr&4Ap^9E(fR|(QYoiQ~x&+IrN z#%9VEpLUD8YSV``O-^w5<9=hkd#s#%*Nq6nB6)|oYkq(HEooKU zaJ!N}te$F>J+ce9le*26Zb*r%3eJYiADnc`qdTamj&84CmKu2D%dlCy|Hzz8sebC& zWjvZ`*;MbgOtP#KT+t5Vl9ag z5W>XA5C~?pyw*sA{o(d>1G#@&Yjr7lu=*0z;=8r)fJF(&;a;KAT<(rru{!)9W44Pp zct?Eivd-tv3TUhBF&{~e-X_R=%yJvKxu1JPG%4;JMc^5sKe`c~W_wW?SgS!+O!Mre zEs!SLnUZ;W5by@$oc{U~_&VTL)O@jjTf5!`?YGiCM8y+J_9jIPEl==nqNu32NP1`# zM=W9Nr3P0qtAD~=?WYkn2!%F`p4t0MKlSyC2TGS#LlnUeJz`iw873NW?R9qr_i(QE zbZE5XN1W7r$&FpQ;`s@FXWFOuc;0fU^^R)J$AMv1CiG_~?iAjY;bU`mKG#;}Wb23U z;a(KFio-##?R0;c|6i4!xqU_%Csok)weC+JkbyPC=#FCFENybs{b8Dd;k9I=bN&Zhjbr6!Z)CVfu|!H1TfXlbyn8=YAeEA8)W zV|l~h`<%4){-0rr{X4O=h2jmV7nr!m6YGmRUM+z zcTuL+I$2Sj!O3`%V!wfF4no$nJE&pbP~9ztm`mH){682sKVbX^8$Kf&bqbiFn^ zr6pVT6Xi;)gVeh@yIq)r3v;d*#`pV~Id5Sf$Bx_P+dYLL7u+rc=wj^HMSA|15c{6I zjz8*sr$mLYk~~m^nv7aH1;px?epY*XyTf$bE*hpCn6wJY!579?o+l-pb&QIQEe^Yp zmw|d@UL>};)g9?~D)@%_9n5WWwHL$Nmwk5GV*HI32+Z?P)Ld{|p3lG|N}Ii~p{qst z6Up(;?S71BD>hTXwQ9R3^fc@d=F=dOvj@Zg|q4 zYh~mD3$!mQOftqTW_ZQMeN)({b)TfFnL{TPVh7%@929!sTpB<4ks^HlyCPSk;0icV zfM@n$jkGN9ijEhD{X(>^?(?4Nmt%U-bO?m4-{tf2zQw8Z)|&(eDQac&&XU7yo1Gu7 z_jdgHG&VKQ$58{EfW*Pvk%9TF7R}w-KYSP_CrECMojxyvY+>zxJJf)pwQGt%UzOK_ zgSh=v4(5NSLr9F%-D5EEH%)X3`@th4v4zow@4Qi`CMM5g@;^J;NV(O4GXE;aU|w9t z5b+b*b-uYRy<5w*E7?cyjKMCa_>AlL+6lXt4v)k1FJG3eesAON=<6UMcZ$*PAiX2i zfI`U=a-7gGh5mtgP%RX1k4~pbufAznDQKi*CM)I({WARC9AEdk`5{04;`#PSIYg2B z^jx-PyvOQUi_W|^cT1~V37Xb$F7$?4T&3VG89lzQGf*v0(D#)cm+i;Ktg0RHXLG-+ zxMCqD<)|4Q74<&*XUJ*jC3!?@Ber<5at9UZb@wD=;k8A8g2w@li2!6?v5;O<)tO|m zJo_6}#``X?kHOK$3BtsSz&>VcQ6gojBwz)9q-Ogh)iFR2e5j$Fm7oY2d^n1;Fg8xr zjYIo23N~2GYx847BRJuz#qOa_A;?>yda>+dAf6M|Se;rHRte~rwH9OQ(T2O4LEsr= zu@?e?13&frl!dDPQnwHpwc27^BP%oIpQ7US=&j(b@E4?`>FMdVGTNNpA%bcEQ`Y)P zCk*X&(;@WIJY+Cc0jHQ{PIP~k!$|G7@DP3L)b9JKEPF;>d7hp>K6?}b8B7Qh%|`or zl%K-h1YxoleV6;s!WS^ufW@KH)>D;GD)BpwMF>O#)#GDrZ9T$H?$m7$yM7DM)dgY03ZCsKCrUM55RLIQ45DJhLTG}yk&_C|y%;CMb6RSUe`llzWT zb#=euCP`9Y8X3~#hRSr3PFrEPq`*W$SuN-5FdCKZ{gS;9U>0n9Q zQ!6=w#G;f{u>lZ_L*)=>DIocHPTwgi44DBZ0+wh)*}cCGr8JhaMNbgR?n2#!Ay_vtVsWwGN~>eCL)8-Q zwN3fTf?}McEkZ}VViZaK*l7ppgznoXgHBMT2w~fN63g-i!6D0;i^7ODIi2vTqiT9BW0V)*84H< zVn`Fqa8U7dwftpA;4>DsX?F$|-;q@;t2a(q4%xJ)uI{vZ zbeNrAb%S%o{f-*?u^rnFPR=`=!XcM#J6Zh^-Zo`rWp_NaBp=PVfT_P)rJI?R^)&k+ zmHwkyEM$(QQi)%X`8$vf5p9k`1b#(DTR5Y*V};bH4lK zerJPpq@2^DiWF&f&Q?f6zn8)aF>bnZdQv)uxP?r{gT*}u1CO;pHZVt(;!RayD;7Ph-1AZ*9E0K0C% zt%~7$OrR#Nk_WC`gT{v~{)*Wz?PU#h^?NQ{gTBQkj+dBVzkhnXExc=9urAAHj}3uf z=j(^)T5PIpyS5gwe2LO*b2=vypL`qiD)1+-=k0T2HhoXpdg~g-@OOmUZsvPV{Bdc- zD`iSOB}9zeJfH{tgSoA%HdE7S@wQxVr2pG-!QW-H2vw$zNnTk|LQv#{V7O7k6!F7t zE$AhOzmNVLlGEWd-?vL8y?a**iOMfM{^mf~I~meoZ7MD7l63LF@OkoX+WF4I%L862 zCaIcR4n?X=rp!NeUKo{l(sS_5_%Y;S@fmo!x%CdE*6WU1>7=dUVmkYf-rP^OQFHij zfFiQHF?dd`&*CwKFr7tQqv!GX`K|Y_XMBvYFHASY86_I+@QOWuJYTV2V=^Joel9^$ z(Gql()m@{dG*V!q!Ktvt|73%sWe~rL^EB^7n{QXmN|^Dcl-Yq4L4lF30M3O z^>(}VPnm|bfw8*wIXAW*iqKwp*r9ou7?8|;|V*JFEM_ysfTlu%s% zxg7qZ6#I)1Po|0}43>?hx<>a>^{Qs0dEB{2AlRJ~sy9@tLRo%tC2qvECM3D`C>Rj4hG=KYBqhlF~_b$++)V6sH(_yjL{p_T? zqlNSZSxaa@Iw{#ZD{4}Fv*yleW!Bq3XW3;W>UzhuM!44iY#~;roV6Zi8yXs><=$7_T*GJyQj@cz*NinxTo?Ad|YvbNw~S8fb0+OzsU=sD$7i6>VE5@)iX3W7n7y zQqe|+hVQd?LQaz%TUcFqRqu)0z>>N*5V0qg-Xf2$x^s1VoTWO6*mnHb<`WbK@p(>BzXlzH7YqZr&dP2Z6S^x zwVLjVbmX|JLB4DD(P{*x95NgS4Y21@bc>%b8$gVft{cZMRn=`e9RhxW6y;Ve$?U+* z1UM{q#+jWI6GQ0+lr9YQmv~oDMIbfzNSFMYd?KGGCRT(`7n8T_Zmmxd(Uz(TpIuP9 z^(c}4=sC|Bs`#;gqLquBY@A*hWm!q1p9?&DY*+eXjAQ}Mm%M}97qTm&a|%XBTA=B^ zEHlB=OHDpn3H-RMO?RQffPH(MZIbw7W8b`j?YD3$2$aOc)9=6)A&-S|(LeRD*7VT0 z=W#R6VxQ;~pd_)M9UFhyCk5M3=}* zZgY9CR3rROqY~utHe7V+mF2VYtIY{V8)+pEm*X-F<3Wn28=+tgY<9B4Xx6jtD`}|Z zinu}(iTrn#zQGoKPL{W>TxHQA%VZw)GBDF!qINP9wIwPom zh?^NDq_~_$2PXNMSFtEoMc|p0U1_CRdH}O)>SZH0Zuu(d2xd-(lF48VexnXcUL?{% z=xGP)QykAtr>l9}NUMU!6Ifu$_(RS$d8LN5017YC8%c)-t-S!)K@f}4ON5u72W1ke zx>c$>3J?-m9S*(`v9YQpVYDX%nc-F;$VxbGZ#dxW!*OA}y>SzT#wB$IYu458r`qU^ zxa6yq?tB)FTCUCw2t3}yJ0hQvz7N%esera$!AW!chKr7N9uIDm|9pV` ztX1VmvLB<;-$Gs93+?NxjLs5xhUQDiQ9^y6&vI8b9(J<7@pesv4029a?Uo*pED1S; zvbWn@`w&zmj#2eq$ETyr~FzE{f7zCfo!}{0@ z>X0U%D@ajfo2>?@G_#l=Jsx8%6DP_kP4INfWEXO|I4l`**+mY~QcF4t{uyPNONghZ z$ucEBs)3|WkrO`0I=WYA4Bz_i8H{;ItOiVbioHm^v2PzaU z2GzHH&h%R$C3i|Ck=VAI7vc;WNrS<*aU-#+6CrvteMP%q-jG}0;i8=kDa)gmLZ5zqVqxbX1+1^{QcIOcT7C_P5_z~m_6`_@Q)fboflm8hQ@=vgm~R1z zLNmQ)YD$}Rb<^oPytQS%AqC8hw}T454Af^1l+sm+_MqUz3on|Q12XYhbFvtLF8<>0 z+3`-N=zauJVnt+PV1;L$KqcLFbYduC>$Caw-^6%OxSV$py6I20hx?`GQHP-))gXbq zXGt%T0?^Lvd|?aEBOg4Kk1!^j;_oj&e&U7r1!%E=$&O4=eQ;x6y}S2GR<`tx?N(7# zrC#p<%>4YX*hm;;?RTI;KHt3v_5AdB5fr)HoWh% z1(oVK`~rl(EO#d!n(#X+JK|-Wt(9F?^OM+ts6I1zcGP(c6r(E>`Bzz?f`=v7 zes7^_jsX$BZiM?j%$|XiZ8lLtiATi{Z^Ikg0&_WM$_(6{$=X-x+ObU3AMDxRePn$q zuSa}H7>a2#1f?3CG6U-qZ%Ee-5ww@94b;V8#8W(eJHZX|@;pd~2BIt}npJ7=(nW)0 zttFjF*{S_mSJEQd-=CF|nn|nIA~Gutbahy#{??^tMxLrsyMsD;{d&!CsbRC&Q;lQ` z$zd4pjDd{2x7~O8S6)U{IMU5(z9RK|k#73r(D;IBS?9?Dcq%GHKU%=EsFm8+v2(?> z+9kr7S)pt?E_87r&R6o`B*%_i0gA(4ZnEMuEX#C4FHWZeTiQJGQ!lHny11lIWh)%t z)H`W=KYnGQ*eWE<@6p73L32LawRir0Xx-5eG*xODs_yM}iZd**wtvwYZMa733%YS# zyaYF5E_OZyr6wIa5f4wtCM&`VyNw_9IJ?foW96@#M|2A9AwKz7{^+AOcFi&p)YdlY zN*SArU~?M#;i%^eAa;m5G@|rQlHOL7KjW6ZNMyQ~taLw5?#ZYch(t+1)v~$`rw{hn za{jg-1L<}YTx#g8!ZJRHSll5ff4*V)eh&{1f!5o^9Xc%QY<-=-9WCx-BJOL^fa#%4Q+jLl+C&y)Ow1Ki}#x79$Dg#yNWUqkwRFMOXxik${ ziLekTR9LJT%eYMtTy!%FQH)t$_>5VCH^yCETxdsM?q2M87})S0`=r?f#i<)hCiD-^ zi=PI5rHQ5UIxjD;$rkIc&D}>1pH!^q#RTs1hHTk@#C{V zlHlx*|KwH|5d5s%f3>c%?Pp3Y$8GigY=n>x|5l-;qQqCPT&?B@dDW28C!LyD^f+bf zkd*N35B%FHD_~y~cP@Q9t4(gG6^egBpB4T5m~v2wA5#6iLbP%)slxm7idgPDaKSYG z%XB@(Wq$?)6V$}ItP*9FTCX{#qzZ?>@n$;NsiA>Kl#{q1Bc^e}T)1Zs{Dw|_BK=B8 zV9ee>qmgz6+hs1O?%n(J(u9jNZMw;a6~=q@P=q4Z&2E3L8h5;aE~r1Al|Im@gS?L{ z5MN>MH*iTGNfqk3PLW-Lq>Cv5P;yRI0g^gBGsz+r4u zamjIpkE71wx!AOENqYKre?rVkp~|bMjT0!KvCm^9(E*+EsI%mHwcO>2R$8cf4&x|z z+>ecv#8|pKBPkOl^IntM*HE+IFoXTW!v&Swe&{U4bovM^)UIATFjF#9R7TC^#6m80 zhB$INf1ju@nJ;$)B)NPkyS9M;G!Eu~- zSXC(FPd!Rz`yckJzntG#9J`P{Q)JH`aDDzpTo2G-ALDM`({gM zp}WaI^`YuS#s0`%mQ|x+ZiPmnQ>o}8B|rZ4pemQL9i+QUCkuXF-;m~7lI)7CoJ4sd zFRKb9MSHA2Y%@-Vx_<22L@gQ;=(FPgvbuasr+d=|#DhRwM-;`*L4^6c|Ii2kUeW(! z#^E2>8Sq3}e~F^W)`0FUrLLf2_{AFd%EyzXCp%|Ltp5|$e?}kKke@S@TIDaB<*k}u zW0H7k?AX-u#_pJA(?9b8Y;WAQl*e8#F7L2A*jih0?W@fsPb=}VsPAZ^PaNb%lL{pr z7h1n;HF-ME3EdcOrM@9U*f)!8P>Y?Ncx}x5&{SV~C6)H`Qqz{|B<-{emAB229{S{| zNBG{mB4YaacEX0a_2$j&j@X$4=RAhqvu8c;lY}Op^iQ12>7kYW)b;rDQd5YJ?bRL! zb7x<(FMf2Cz)qU#Uh>n>qM)oND-Lv&bxZo0$iu!v&%3|-KDW%w;sIP9<`i(k?IROL zscMf!vgOh1A_Q_L%=7Y{?#kf-<14$ur#Sao9}R?~BnTMI(sBP`plId$FZXU%#E*3N z21GbAJ8FYw-C~IiW6aO*+-6ZDCsAVwo>*Us<)nOhKvl8(tMQG~vO_l}!OMFawypb) zXY?{rOm{#l*BGs~e%)Wzv^fV3Kvyp~CeD5Y+@BzV+S_w{CpFye0~zB-v?u<{-t`|S z(1xQ9-6zJYlz+>zM4{w4bpjH6Uwt5(l>XMpG4kOAf^=WmL>%By?yPD-HNM{m&f16? zl(w%y=7crdi`Ad=7YxYXD_zM`6YI!BMXmq z06#gTCNU<=7m>%$>D|{&FJrszW zH)(R$*p&6c{3F++5nl3XIRu4davh9{;ykh~2169I3 zgW-{pk+ZU20?+JC02aTH=D$~F)DAT~*B<^JE;0BEKcbv-C{>ZUI^v4eQf@7*poOmm zlz%VaUwf5*ykDX23hVN&y$&fAHm!@sHnLc@W0{iN1M|a&)J$&l&fdH)pGlgG6zljX zvqNp~hNX&VCag4+a6i~<4JBHdK_y;`?9i4M)tC1VQJr+*M2!`zuL~)K z&JpF31N^bOM4>-nT>MOPUIf-oP3P)RZm;q(7zxrI9}R?JSFssE*WEQq0$~Gx56zA+ z@dcoiSuRYizkoiG{~P9wjlxNholi9kJ6^oA|T8lO{mwfS>L;f?Kv6O2)A`_^K zl=}-_X|eJHh5*`#8Lhp2I&p&^MJ^2u0wmi`GwE95W_@HypA9pt-9T%V~vS_+njyZsK zUsC@$fv)RJfaTR+^SH;%V?1pH-AV(*1$z^oDeQ7ZaGkC`;S5xGR@&p3qft}_nkM}?+$Vld%B8e;8 zlOz*7^6Xs9l^<}_Gkuvv2k56LTR+(r1G6@0qt8bij2CM zbaH^>)I+?5n@LV}V(&hStU{T#$<0+F)6>5zI+kMk5wsWP6#dR6X4y)#@A@*=lA&%| zdS}sgna;xU%OHCVhcCv;!I)GiX8^J0&1KXl^>7n@jva{Wu1p3U#C|ACB*7KJ9OrqFOE1)2m*{qU!yApRR+)qhz3@Ri2`z6q%7hoqh)MHek4%T#>jR(NI7zw?wt?;Qw! z8h4G0Y zN$0?eaeUXB_)d zjHCw4NCKooNe*mc^PEpUd-l(=%;LS-QGJov{nTGtXySQh^~XZJ4ALvNe!#~D;h{uh zyN-}(BzoNw+?B!!|4l?1)T1?#EwL(3r-EJr_AzQ+;*sK<&VdStiTYTpYuT0s`O)6! zgY>7>-#dE`bkhsbl`b1^$ZBSR=&sE-vnHV^wWKQpAK*xUtA^wkx0l+nJ^q1_Vg z&a`9RzojE1k?uSY4!6EWQ?N&OS;}UHRVv#s{&e>GU-sc)_5jwROth7Vk{e(zFo*NH z1`gT<O8%(xqcN~LO69R|o`@vIIqi1opvPjgH0l5fju6|9d zHIky#741dF#H_H4ISdM`g_E#S0;q)B>b!nV5Ci??5r%q zDqVH(2D&i-UIe%m&dz4D-eSiQojnWPYRjvE6x$0G$zqV2U_O95-CHPZIN*`frYL(N zQuoco3c%HuN83Vc(AFnRS_mG183;(CL$W&{lIJLrK?{xQQ?HW)162FdD7383MEaB{-m*bj@$rW z(D0l2WCd_89yndCnv9|lK$YGaw&-h3uG~daACya#xj^87%BN~8Uh9&3Gm4fNeFMla zc*lFV6d!Nrd}<1HK)W%xrF6J%1pDT&d$7nvy-vUXGKP(foh~85R1jM<@Sm~%F<%aH zN8BnlAinB;=LD0v#EPA+|Blv&Tqu1-O90f4+14%m*G#MYO!_lhBV8qHVNS9AXPy$9 z(q1lqqAb5@_$0Fe^M@$aG^@IXg_qme0&Mx$}ER-6FAj9Joe-4ULigk0Q|PN z*aS4&6gK~)$f;0zi{=EfWv$JU+n@au_Nq^J_8vo=P(Zh??i8 zN>2^YdqD-Havp}mgTltoP>OC^RC27i2W%T~!SIui$Gd@`KBL#Pv^=U&vt{_!^QfG+ zjb!5AuM;|2eSZ6P9QbumHqjj`i2-`z>Et;KxG@#UyCF3=AgLWbmN#zP;MAq0wWU`y zrkgQ);UAY8RJlwdt!wFH12;Su?V+iD#Q_^I_L7ocu}j|)9U%^>1kzfCQ@r{TvQ%wylt7*V^1w8qoi0>eKcrif1Cs7`!laf1` zObP?NGL)Aq;e2jQaEmOTUC9B410>jh`>N*$*}=c$4^bpGe+C-H`4qBPKJiWHI65A~ zJ!8NQ&(;Zs9|a7Ay|}{N%`8B#jR&n_$hLY%1mG@Xy!(e~roH)XiFXp;kRsZTv<>_feyxOTs_GFBZ1 zo5O7ey(GYpoHqUp`F3qEZ)$um+#MCg6^%Pr*E8ppdTCCvidP+1at;XN z@v6Rn#a%2$tG>*1Kwq_9mh1^@A?!-TxOYLlSb9F})$#1Zo=P-=4`sAI78oHORS3Kk zsBMh-yles%#dZi+bKS=GL~+j0w;YzXx>7B)%~Y~;q5k~t#yn#SsTASxJBopt+Y~?? z7_a5L`&f8Ko2kL(K*w!1BTU2u4UI+3#sJrFcO6VcF3+eg$(I}QD7ZYRxWl&Vj9KDU zsq~;AUEMx|*a+-oNP67US?lw!eBYFJNBVv@dGqbt$JM@>&lTkYbcq)~Vt6d)C3~i* z;Avm})~tB40FcdL1;X2RwTy&@g{hpWL7A8f!wbn1Wnr%|7c(!#6>oc1i-%DQqQ-(R zdBr-VLmRp;YFy5t0zli08iWzn(Z+#7DjzmZyC4T!cuyo>ZX|(9`wyJLbY%nSIW-t6 zXXbce!+U+H`2}|Ob6aBBapUKS@h?=$oINvPeF`goJHWX3H?r^2+lXjb`46BV^>`;w zwtDMTxr;A{8V8i8;~yih>xRZ3nOkA~YX~_)9J>mbEFj3?Bhdy2L@mBSVN)AU;r}8s z4!9+K#i*meWAGQn`Xgl_Ws|Z_jkmT-MTlM+98U?l;*v{kZFbN(BB8s`r`|=qT3>wd z+5LFG{bdGor@M`I`Zn-*Mjb~u?xN3zc~TLbHAnJgmt3{x?$-lQi8p4&a5xT|O!H1azQqL01BS026~1K`sKqlpR_) zC3gup_CBM7p{MV5|T>4PYSxpTgrP@@z%&jZoQ% z40H7>yf{Hj6QOLZ>NWFen5VyhTXc(e?{Mj3#{fwZb<@EKP|7U2F+Lp4l7{%Sj`zJQ z&kPOVZNp0;MMcUJJD&Z@TkeU~#oO?9qxXP1whs{Jp*&(hFr5QiS@r?tc_RPMe=Yg@ zYdAWuJP*2ML3!TVTJnD_&$BxxPx51D9wqH-%&c^nIH<=x9JqcQzP z0eQ=92ULll@+#x^;5w-}`uT%x#^Ec+QLaxX5z>WwdVcBbd|M9yw7gap%K3S?Rob3R zif*fUs?J13z7MkFe6Vv`1~<0+sQKhnRV+ryU+ccJKGdJFp6dK8%pJ01Mn33N<8&0p zMRie1p-@y?<*(W$E(n&&{%bDsr>>FBpB%Ax(^qQtr)qRhr60ceW<=ZaNJCyvB;!xr zqSi|-RC>qLnP3Hj)=Qs2w-Jm_R+ipiC~#b9C}yPVAgBHkfm_7SJaOj^=>8t}Uk1wQ zoKYf_{G9I6(7Jec*N1jv7joN*zEpSWkBV-Acq*E!}eYEpB58nD5O&-BJJyP>)H7~-! z7o6l(IUcp7bTl_qN>H(ahy>loiI%-1pYsK(@4A5ZW(#*Opo@%^W)JL0ROYOSuZ0H%_POPYQLt7==jWj&Nk*92*c{l$Z$|k=?Sed`E?lDPw z9M@_5*9Pz4$O@%h*Bq^E-0a>O6OkK*QME!N#nrbry_q`30fofnI_S~z&r zJR72*@=ugOLKsJL-FVW1IUyzc4nQszIOSsfb+RSdtAqW`nqF7{LxxL5UK1ajw`NQ| z8a%apRl4U~TKB?kpQFR;Bo-+g@-;z6d|fcsu#2)q%3s9XYZYMM&4O~wT3#EVe{K6V4N;1E)!gV6ZN`#8nr&?vwIpg`+e z*I9May*`*t__Dfq#7-CMmMq|^a>W%@H#Fv8etEo&%&AW+i_P#48&YqYLDvr6(7XSt zSNa-s6BW*0=W9h46&0y)00;D^^%83^fbImI+47Qs{}GDk7qo=0nl*sL&i9EP47kPJ zuYy-rP*Bi;L?Mf=#UCgiN?~)B|3#?qaqb4>;ouONf5E!R_)XA;0r%qPKMm#MQS zhnl|!;i_qdy*whj@6`pY+aM^kt?wzhAFUD`&^T$=qjJw#f+R?G4BMd+r(I3o5gl$sVe(p zL$;Fi_`9*qrqPqFT00urDr%>+SYJbjy$Xo3f)wG-xEA=)Lr799hTrOxDH6=E!WZmHBTSR&ZjliQ^tU$r z3cRJG986`ak$ir`hrqX0ZqpNL@gzYE=pq6XTIm)ak0R{J)Hm^0DJZ*_B%z~sIw9|K zxlFl%DGd`HCz z3Ehh48=L=#7yU(P{#_E-e?qSj*|R6?YcjzSU~_$DPXku<9S{UI{?#B5&r1;Nw<&Ga z*H6!oKN8q*mb{^DPD7+g6B*D{B64p_xM3IYNjK|X(cgWKtFw}Lt+AmvP9qE-aS9J9 zbiJO|{3NaWQs4L+diA4)2?m0W^^u8y`I7zkI#b=b7;5w4CT=VPvr- zTO!uLVq1TmSR}i4IZXMN?)heB{_*%^OD78__*3z(xhz_gSXybo=Vd-$)k~sZUabO< zo6%VWW4dtloqhG8a2F4B(Lnj-Y_WY7d4&i1Gw2H_|FQ@#9Ne7Rxwv34YQF}_l5%NO zF9~k?iYETS{JXKfyU~-T7AYV(u1a3!GgzA5<@9J2g!{hg8>%$X_Nk z{xhfbe*=9uaTo_((}3CyR%0ST6f{G=e%wWTvv*rbrg&$&R&qf?XxD@8^^6? zkN%;^uKKN~x?jXVTeFqSv5~7f*@=q}N*^Lc_ZsRW2M$*FiRWgPl~N9bbZQ&gl`tB@ zh$9EQHYny5;UvImdD-A-umd1UA8e*MrpxFat&FnB<VpY$gg+peiP6+9){;yozlrEJ@EPs*qKYdH^qly4(z1JS!xK-Jz^+(qA(K%$ zAIksUS$22H9d&Gt=-e(p&|{jT^`ONEAJ#~Ts8;jC94{vg+yr-n1@H2<-H2OTOHdTX z8be1+tT1DI@kOSwCZ)F&N~n1?;M~G`Rb^u$9^z3q`eW}@X)Xo1^k@HuF1=X}FbYR| zPPR}3X54ix@Bxz_&q#rpW}Y(j=i9ec%_GHeh2L-pju_=;QxOuzAj}{H{$fEUXNn@tG0#kjj~V?3d-zU%VTJ z;rEQrzu_@YL4E&(Njh&HBj{1(m7{r)=Yhsc%TS}nc2H_hp-$K2*MeTwq1-Kym%I*H zCyuSGBIv*(g1#(G?^WsC+r9w*AWHaVo$~qwI`;20{t9_4#s{^*{2Bmsmt&?n)AV!; zL8CaB;)J4AC-9-Hmq^(v17?+l?Xuvc(G62-Dc%XLfawQQ% z|3Dqe-Nwf?ep6fpy{A~IW*Aw0)Tb@| zFw^A7TFZDfabL_8oQz9B89lD`puCrUV6(s_hn`be4)aevT6>?%GhZx>ZZ^n-_IXAn zFYKKrUQ zo|9eJ2wQat?wpvuwS_CnF>&O_xL0 za;+(Z-sO6FwaI!5{aJE2R6~}{8_%Sp*J@6g9#M&jA@x$-AA0EJ~f>fr$L6ghR5vS`l<0LVsCi+%DgR+W& zDi-uW0b?`d@jV~t2GcAObWbDEeq~<8Dk>^|PM%gTiVFiq{gLf$x%AdWxKgd6cUb3+ zbgBdB3!R!eh6Dq*c>DyiPcN8KAi}QZ?qgq57t2QbsF(IbfvFLJSwL>diOO{MkrrdC z$mP%DaTd_n?MOig8<@H#A2Bc*iVuSoHv2$kxBfdHF`vLAtBvjaktC7OHsSre zSyjCLdJ8Z+irzECo1?I#BdZc@qJa@0l3?5ekCg&Q4`Db!vHm%A29@)e0RT67QDAT$#ZHd9 z74W*{Q##nzn(kMF>UsXhGedM8-z}A{;*Anvf_Y|cIgcl|X?NeY;99Zq&J2=6rf^2> z(eK4~&}sxfukAG*7^LJywL!UGtD67ITmpm`_BA3qc!Nq%`q3lSCHM%Ua@n@y{ntSi2+A$F|oKTC;b$6Tnza zUtVAE2JvAtjCECAjHs;OKhDtbR!&Sz)P3NNH|(rvoi6mtwsa!sP3}xSE;#0%+*p(; z$sT&tf2emN*rT9D`0LizQMnPA>HvwyoV8hO5)(Xv|A2v4sPx{Tn#mCg|aX{_UHqAi)Y3Tmb1 z4G;CD3Tdmw;EfMqZi>TelZvUWY2@+xR%frM7hYmv zIff*&sYU2PnZg6wluEfJHeSa3SsNeyKcBC;`{Q42tjEP)Lm+mnPev%;pQa9?3@8|n z7$JEmdwt*&u(CY*o?N*S=owuF14DFU01K~c>?1HUARPHjh~c-`Ypeo&Q+B&qOt6sX z!_pHyHh4KA7x8uy;^L$CFy)^aZH7xPJwEr~|5gIn(*~pWIo_TlPYIaW{$|-^FyIL= zvUo;#3yvm$QV4M1{7kF&R)$Zn_J9$xO8z(gcq{lP|63dw1^{~g2^r$c{lS7CxOz*{ z@;tH+n2OMkLTjR?+UjE!E2MscY~mfCzrDTvcx$5zU^yCq86Ur+klZ>VfxW1>1E;iA z(Hrm|$86IK!8iqXEH++oP{4}!4DvBx)V8h++X^uoCp4C;qlczpt^m@Xt=@EN55Fws zgC%bVC=n3S;6j17LjPw7==S!h3P}Nx+t73#o8s?#?Rktl4)*^7_P{@aKPqGXXIKMd zUq%kEC6_{8!UN(ME2I`=rkYm{{CODf5YpT_9+ z+O*1GiC4aYi7iC+ZZOnoSMz-t>5-S}pvYQ>S<6`VjAWlWpFFw$m+ABBSq_xm;!oz_ z+YVd`uz6+cRfy~N^NRF-Tq^!69Kglh?+-L)u$j^_AovS1YiH_<`F-87jdF>~y`60k zsN83F{K}u1Ww8y|hu8+Si4P;@9=5)8vZ}|4P8)PJvX~r550h{9MR*F+m!@?}>jqAG zPRZH{Pdh6WGu6Js#%ws#u&>DfY;yfc5qUcP`NHLEpq;tJk>>YJp@o1cSDujW8jkX% z!gL18yo}Gi4FUy0*U{FYbKX0rt71U&;x-|zCj4bxP0cI{#q2ivw6$I7hG_;0t^vR- zQcLdKJ({8w<)5Z({KaZAFaZx6dK8zko?ew&H79*f6K}R^$VspZf7z0wO=z0t@3&6- z2ui=er4=)|b*XG%_RBl8KE_FfWFQ?1HC*2^4HSimRWksnVpgPaz5gJP(t4{)2LtQUXyz6Oa9w;KT>#iRc)b!9?GD!NE~H?sV1zaag2vnql28kf9?~8 zt@7(DCYI;H`#Se=UspQ2ap00dRj=j+MfnS^m zuHAu#iA@h_K5zThpy9?CjPFY6jmI{8#7e8b=eFuO;m%^ydT(vdNshj5|6XBmYnVaP zrJG@&)UgLDN^@n8ri}#9BOh2@rJPg2m*2T*F2zt}jVQJf&pGOU;Y=5_)@T#l$m*>= zZnM5UCp4j-*dyF#B2_&6nSmve#?6Mpn9XYafByWrqu`dH`bS84;Y_oHH@Z&Av!$&{H5S0IUk5>&hBgy8p z*U1I(H%z4E$}cW6b1d#9Tf~&`LVp6x+1-6(Qn%A$#n$@sRrHWh86{~$o;__X7LH96 zu!?!kaZwzYJ7T6m4TK>9SIE(oIY+Nm^ouwZDXvYnU(@(bn#BKdbl-O9zy9534|nLG^6k;uifKTF*-@(bhi} zSToJ{iL9B2HWME%D zE&!R6xN(9e;F`{u{3~>waC_V|#Zw|CH#KE(uXkDH(p@<3&i`sSKw|IMGusM;*4`O~kM}KL0}h?B0f#j{Wv3`Cit!rR`>^tWreeRs3Tjy%%RD{C=t=BS zn$0G6>0oW(=KEhFTJN=DRjNm~hAmTMbu@S&96Hat8@-H?G}IN*n5q(M^K^gq4}+H+ ziVQHx>^(S1XY!7=v@;1)wo93AOrnf|PzGZ|#%?eLjjc)XekRLWgu^rx{<7U}joD!O z&HwRm7(KY-l^H!IK>D@Lo)CZLmhsJu`yXr%PQcl+l#x!x zQe!`3tZH0mlBPc;M_H#-&BBbibNSN)_ph!Vd+GnKHhrn~EPWYEh5u$@xhrP-L^J2r z`NOi&)FxRh5PgUg`9^oYWsvCxT@FpZ!{}Mlq|g-UTGsc}MrCcR93@R$`R_7hfnhc^ zYny^ZoFW3TFV^5O%Qb--I?@wFQlXBo0>*oz!b)~0oVO3}dl6Afi@2OaYN9YlEE;u8 z0^*%pn@}@%nJv}5TiZTI@d@zwCMk7-dzpBcZl$@>;I$1aqeg(0flI~BB7tR3{+3I< z`0#}jm2tQo8T1orN*$rK1cU*C+SC{bm4W<&D@P>LknjDJ?3 z@~3cuA_ib~wjc0ti1~n`!uo85jY!G-q5CcH+r5MB%*0GSY&DdflDeIvkMr3oONfxa zf-b~WDP;!LyMF?jE{z_F!uQg1A*7lfVpH}? zzHa>9LsBM?z>ES(;YtyH6<`r@ZgjVsHx(kS0Ip%Bcu*`xDMFpgG1U)blN8Y@u>xqW zkyE;fkqb1{mz26O=$Yz=;9oc)vKqEpa*2-hTiE+9F0H_&)v6oyRH|bwUI%#aABr5%idPA@F+8NNl#I=)ATMHj))+R%x?bU z0F=-n@suc^QhdJPG7?DN#x7DA^>Amw9 z8=QEeb?4CI75A4|=49&{2e%xfr{gzb=WRw)dbma=F`p7CjCQYnjX>HZy8rG=L6Uvm z?_@fI_N{)vTYsq{7HQcS8=y_7hJ9?^H#~KtTHqdM9sGM_vYPD z7;A+wazmU5wBro6CLYx;!EIz69{X%|vht#tu%Q;#*F=dVyM#nO;@2)BKiE;aH({it z0~V`txa(o%&7msFnBv9+*f>e@4#ltR!*K$u?7!VG|BV=+rNBRV#y&sW0(8&tL2!Vs zyz}g{$A2y4<9|i(AKofz;D8)Pk>QDXIbdb{T8I`Li1G4$TNdFC$cT(zaH=RyiAs(6 z$h|dYS;VW;cmo%di2X=5~#8*#6dd&3b!IeROi%BT=6?q@h@5Q`-JSV8KUA+aIraFG@1vtQ1ee-BE z3cLQ@gLIWK48jt%sV!ozKH~alUtsyCC z!?XgzT1Q*wG&3qiSQ^?0U35y??f=4EUF1n{&^RfZsVA@czHrSM;{&OouVO$;j{|yv z(=PDGS(+#5s=>n_hk3po5W{K{Hq8L}&=K7B-;!5((_k$gWBcH6=-$1F*ol%5E|Q3E z4t`yy!oigm8BncV`Q3xpyad#6_q^)S-;_NE;QfB8PR*vTIN zv~rUY>S)ahb3FOL%V87(mhh~Iuok#&RltpoujKG}!K0Ee@4V{4ByAB-`*QK}Z=m#_ z#8CQvqZ9TN458-<+mrKg@7+=ZS4CBd!8-g_H+3p0IYRy6(xAKnl3tVB>s#8t!_{X2 zTzx~s$go$DS25nf&4kQ#bt6>`Stzx7+bZjt;0x-xuDt#;Q-0fHGRF>yf&P$!OCx#r z6yntuk~7$&izYI<&;S{3YeB1Tc%LEkOZRG0Z9ikc7s_`iZ4AeS9W8=;Ru(M>c^FS#%*e6bLgS54Wt#|#M9Le zqzLu7U#$IL0~G-8h_LNNw7`F{;dyIG0v2b+OK~<0Ws<*2q>6f2Jt)tR`E4D*;b7F3_J3)h*S0JV!>gqb#&+{P+qpDKf=B)?7Mw#)S{ z6}jXAwqq>)U(|(v%?1($`#oObb#1q>DC;w zwoL&@Gz4qzP0OETPKgeMO}D*@4K{+@ED>e9OLjyAvtQN)k|#odnHq>Y5(5k2B7w!i z`B%h*Df_)>B8YemXzu_x1(?W4{^ns717t|_Lq@7V4#D`dLKzp)7S!jUwxA0~FmmD@ z8z~n-LPSYr^hj&k3)wT`*Vswp0v-g&d=e!ET093|tSL_=0i?jrcK?eaWLK=J`g-Rf zSeh=5L{><gyHE)J*v+i zBk-sB>WIRbMm-LP1GkRwzste*dy%)O6(K7c?BeFWZSuq317wds@cj2${|47s1yVXh zHwpmxFC$?hY(ahiXe_TY#of@`5*E|>w)^8vg+aR3$k%PCW6%cT-&-$g2ofXu2?c$7`4Ec)!x?GgIOzKt|HE0vDcN z1jKWz$6XQs3<;l!nw-pqqvt#-77rZ3_%TOgC5SOM2EMN_#&HEIEy5=Lhfag^jPT?p z=!jF<7n5fV8!a3c)O1?l{Oyl&N;ejnzp9sKct2C!MD+*#_6(5$oEtv0r@R(+YteEv z20zHs1Fsb1&&(4tJtJ%_R&f)dC)E1}{Q9;T1?+=nf+qQBQ{VlK2EB)0ked!sdP{xC zn!9$1TJ6(%g6UR!eoOH%3Kej^E1oZtCB5 zn5nxv$dah|GNZh2?j2{d^UjAm3^SKPP;_$NRNwyAi)CodYX-!VZZROGAnxmZSZ}l4 z*z0;;E4-jZ;9YCw({PUU(EuZ_Lh()wT+Y-&F8kHwN`Kx}1mjF69)uZ7WfRWd*Q;3n z0HO#Y%6)bpKQfZyU%ca^&nUvcF8%QP((;5NSzg?W)6w%T*ILOx%|D{DiFf3uYLOtY z-tI>0Udi|p0R%w4m;{3Zn)4u@$gzNgNt693;+Z2Z0m)<@*b;%py~80q%s>Y@6*MAN zo^bcY<9D!g*46 zx95n|ku}^W>1kwX%PO!tsI@s+ru-TI(bzL0;@w4M)M zR{RTPA$?Mzjl2jv!6ABxD`2T0vIDaN`r` z7{AKR<$y#1hY4;8ND6bVBv`GeW*X?}>JMyd#@&H6e=6dMHimqL@ll!+s+ zIpes}CYi5u#je7H)?}2bJmB6di2w6napnaF@ITc#7~*l;#H58CQW7c8keoj}rFxY1 z4ga!u|CKAR-|K#^Y4GwhwOYQ#u`o=wwAvmW( zE(*H99fbB+f3f(@Bj{S)I;mAXL(`|P2G)6GZ?fb%^Um?~fHNgO_L#!A{U{MM=o z$N`F(TkU7{D8D8~%h^0+c1~PFykMW@h27epF}4Et`Lu zmj4Gi6Ng!Dk&3u&Ju?)2vDO5rtPo;$ad_)Q6#4$QUVjLF3~0jGIzCCZ zribk?%~N@p(UiIHN#|Uv7;iU4TqA~%57}ioO(1zSFxK270}RwTKsRul{DeIq_aAva z7s;m+3|JJpF3oYT>i(gNGxC;mM^Vmr{c4*Pw)#Z}+>1|Zt;NTZy%puXmy5R%N7zut zWp`$zU&!Hb2D|p6iabYF@(;CQAVz~)*S6LT`XeTVI`H_xYbaQTrY@~t%kBw_i9u=4 zyee<{$imB`VkE|c!$q+lA5{f5_x~_lu2ws=gZcJ;-2^-q|KXRhR#V6-Y5m(fi=?GI z?c4%h`#*{y`BRAFKOm@zHib`i$z!%@YKH$`>DCk%BSt4-z7ua*pUNgGc{^rUs_XBzlGn^pZ^KXyryK3kR>(LFz%)&;k;W$`4qDiUatkX} zw-#nR5-PQ<%ItBt+TAjHGTCqw3|qQ(M~&Wq$A9KN!N>QyqVqGGuqydJh-?e^@R`Vt z?ID#fIbF{=o-t6hZmHhqt_C}Fq%gCsbD}|^7obKj9TOwMfAmi``7S4>`(PN~?g~-SVvT)=*tGm2No-o) zo#7Z?1{$OQbq*AaSqBxN+bNoAt0<8mjU&Ad0NDo>_rOMp2_!7vG_}Y4{`$x4Jpzfy zV9VcbgJ!0(+wKpx^+zjet8AKrl_#-36-w`lf26Sd%SwS@9RaB1)!QAskid3{urUQ` zvYVvmE1;6xDvD85A)EpMa1j4#n0OXjrbbKLI{i}#Xn#?gIRgy<^GT%T)?I`_==!gp z{jxMc1`=KonZHevV)oY+sxUDUR}|$qEvc!=mrg7D*Z)aUqvZ`C@awf=O#7>6er?>y zsZ6xeYpxShz(u&A# z>rdqmF?5R^S||4LfoIyJ1^Ss=CwF6MMt#xNT%p<(np7SHL#7Iw3SPIqc$YHP6`k zP5-anl0bJJ1=0#@8#fvG{Vt13MFuWT-1xgZ{J(}o{JWP52I*gi>B>m;B{SNYpo$3{ zpj(z`Xa2G{VpFhGShhvn zA5~%AX(K__Q7%{-AFYwB3tS^5h?aKo!?=%NVcac#j7x^`jvx^kM&c$Kkb-rxJxAJ> zh1dsZIcXGZ4bTqkp_}z}SiSO>PG#O+nk??m?K+XG8V7#wZy!u#14L8G zu-$|G{#HR*rwxS-Cb+=mUeHdHW7?OF7@92iGUwO8&jJ;}<;nEfDguGF)1QaqpW|g% z*4dVf1vy$x9qFXn9VM*m1t0iO;bW40$Wh&eCloWu>|n&M7}Lz^_mnU8{l#<=<6`@O z^gDsU^L-H_UYi?O&Yh#J{fk#r(^0$i0$l-JcQ1-dtwxUGgu^JoTY2O~-YE0pvYJeBK({j? zkpIlsjY%XQ)eB$UpeUEQTkcMbZH6AGwnmK>_tEOBhZ`Q}_&ZPToV>jkbu7RZExbeI z%GL9PT#WF$=>OnLp!7iN&aS=XK)Xp9DRhdC=JcFbRDH1fVTQ@|ts%blA+R8%Zc4~R zh9Cij;P1=RRYBH1!ae^CndnaJjT5}NI=Ag7(WVTvZ-wo5G#7*q>)!&#Z-2z*mv0@P zDLUJ3&Ix)ls&5#)kw6XnT=wfyNv(DrE+e3FuzVq*i~w~cBKa)A087w^;%62g#+ZPd zA;7)|-)^yBGvbx8a>J%Fcb|*4Ht-P@-)dAfAt-*mav1#4KwySiS+bYoa0NaRhqRF= z`qo6#5X0sH`-BsHnc?|Y1t3cYglcm*9r?1=O{fP@ST-{&s@uPTz5ngz>;%q8@5RTb zPp9YPGHNEhvty|ZX*iQr4XB7$c>IomfsfuUkm~_^ot$;`)oL zjs4+~Mhhq8H3k-u8g(5WhQ3n+@tJdy65@QFPdyJFjn83hN3KJ*JaTRU;RtVKRZlWF z2u+mnr^#2m#qf6gD`%&hlvD?q^%Q!Jb0624`mi?Og{x&7hUQYa zMr=|6*{wR<`L}MU?9z3|)H$XR>lQ-iVsDdDeFIQI7Zf=drg}a9YUO^qo_T<`OA{+3Fx{kZD~^;}yHz$iv9zk7?9mE$ zo1YJ{wuH(wRH{`rkUb%l4M7n<2IN@NHZ&6DwpO?MjTUY4ZK~Iy9%}N26%gquTlJ{k(7kDxY#2EuGNS1CU>W ziWvajf;H!Kysn_=Ly*v+Ms>ZCOeHQIjM(1m3HgkyTi}{8SS*hztIwB-`{5{iK=p`thdY{6Uyjwu3 zG}yO*5R;H#<2HO=1$&JIP0CR)feRdw_D1U~Bf{L=Tp{vAm#^xpV7oBpd+BHd&7C-m*q>>?H&w5jRmzW zc?8oYXd-ln$FHt%8=7DY-DM5GQ({D%R3CSm(CA4?PJpxDE0ikjdFzfK9z#90EmNaS zUL0aW;`{|9w~tzuM4dd|myVts21s*NKwdcGHI4y`8*v;QpKsB9E{JA7mSwNF;tK5G#g8FYD%ew1>^>fmT=PT9dG~&;Y<`n zqsF5VLS^_B(pVx;F9g^@^z>|5>Y7YqnuT@{2DzMe2wCT4II@<(V^q-HAUtX!#zc`O zvuHoPHpLcG`GTa%dl)JIgKY0fq@Ule;yFOXnP>&l-)cix__6v-q|VGk3duv86w#*1 z?nb|AT67-QR>WA;!hQ%su@z8ntFugj1;pSW{c1Cw+kVH=c;qB(?gu5wZx;c|c)*rw z`7G1DlHd91Vu1>vL3W>nDiT3PHweHmG*l8?UXx3*tfDHq8{HPYx_wHS`*gH;!9Fg% zun`XU^pSZO+`}eh3GRx$5+vlT-Fp+nmNq3t48TNPe(_oq@=~-5>00(S2P05L4$}%5 zEa##@j=j~E(H9(W_X6MuR1FLWQWLG_>j=m()X*~ZaeQG5W(&VOtK2YX;Cl5oqrLRw z>%jX0pae{YgX+4N?EN5$MaZ4FanH)_wJ%FS@@!kiNGLEOu;Je!szi5a7~-;@hsS0_ zRPET*i$^GlB1ggP86|9-Uu0>veVD6Sg^rI|gmdQ@PhF&y1SC0pj{OCrTS8jL=SJo@ z>p~R6&=6xL0JrwRfy#jYuDxIw=Y;(>R#(P+lZo0T`ipaU4YCcLt8Oe6 z?PJ{B>igDl45!{t8Ohd*F66?mw)!Mjmng|)o{y4E+^XdC22))ZmNRL~u_@0B)jIxO z%cp^|5ZwNi#FC7T(aD6ql=N$zwXyKj8@AV^NeoWS`s3^eUTs7O6M1DZSC=* zL&27RMvC#s#Mck$z8C5)h(kX3m1o3nsH4h}XI*XyVlc((-V)2VXlQ`3Q42D4%z!ky zIdA)=-d$I=2TjB^**#I+PW8!7NA7k5$CB~{t;`L6%8D#G$@}e%4tI;Y?G0OsOIrm? z|C4bGZFYD~@h60dfkZ4Y zce7$l3jIPaUjM|1{+Z8Cw{#1~KIN4?0e?_zQklEj>+l>+hQOr1{w4si^>Sa)YYG2E`R7mQ11n*Ysv zj7oX+dVlM5bZVi0D9u@0yy9pAK=>A0kRvmK9K!Cm6%vW~-8)0q0{~1HgHiAQ%t_@& zwesWv(Rh>39RmOh`N^(!Ng~3~e#xVz;=u?Ookx<13_gIlOv!ZHt*zpYAtizzV0GIQ zBK`qBFWE-PLZtgK_=*1JB|GaSu$ClCoN+aGm$RV9hFiXMvH0(6 zoB)3L)G6*@-MbagxO2r1ZATLdxU~-kBW>4+N9Q9vu#SFxw>EDp=}xeqB}ZEYlw)l8XVir?f_jr73`K%a#VPZy-2EAuSFtyahN#7pGC@lH2736DfM$=vt$F326ZW%dX}6X(ojfhn3$-n5pknlR z7f0`}Zb~v4?GhJ`z;m>K=-8SFxvJ%Eabxtvh}hjXJSdfN&a(3=(hn`@E0VM7l#9kj z%Uxoez@Ey~vh%(VCpO2}6#1#tZVrMUo-m?;?0_1Qe9uO9>XHy#3_suCWz^KQDYBGa ztBpr9V)T5{LzbBsFaiN9z<+E-oPR1dU3ZyctEVmd>;W%VMQ;s{dRW_~uq>Q$kWfQ@ z%IQCsIRY>PamkX9f@VSrFWDm7YQ1m!0z>cuK0aetu^(PiIS#V->~>T_u1mabS4Tev zfwb{H^XwZ-lj}45JP?5l_~GoPk+`yaiM`?xUf_e6Fm|=hJEQDq6>>IrKi+7P;j>pU zJ^DXV_@~J575?PL1F8jt&CHMB7uTD=Xnw(_VuC*VA_lKE0YfXX{%W2iMp^Vt|7{Y% zw&ExMOpt+ipv6qpI>D@Su9_NuiPMdxfB0ZUDjOWNQ|?Bjin93Htdb!FKL8$BbyGZB z-8Fw#;l3eW=VTiJvF8fd5dF8#>wmCRfL97OE0GM%c$1I>_65Oi;f23D?c0JXO1!|j zqgh5${W@00(~`u@f+cB+z93q2G#TQ$*|!g}0+(u}>8y6Tw0e|3_0K+d644Kz6^I`I z(d20)6x7cnz4qs%=He*Z!48F|-gw&Q>S zR+1^QC&V7luI*l)T%8cPQ5o<_Kz*;c1vcF1GI?wwOBXuzx&5h#0{Pth2TGaMFU@U6 z4n$MQM@!P%<+yU0-QHzuXFS`C>O3Y&qZudSv=$3PJ z9QyKyQ_EYLY7<6`YfF}z{1hVWIhUoPiCp&{{(NQMS8axCS75m0sccVn)l-cSS%rm) z$gV|XJ+vP6j&M!>CU<*S_$}+^Seqbf1v7qO(UDU+at#>Wh6?P0UDO}oo4gcyG3-Oi z{RQ>Q8Y?Q5Yth|1^Z2b3ebAIF8!OZ++wV`wCO=iN?7OJB9c)LU0lnUosO@CBA>y|6 zO7-o5x9wUwM}KZv*1R(CLe}cOCHHmg(x5HNjE_ZbjLi#M9pW2sy&-B2FEATDVRg~x zP4f!Kbth`0hg?s1jZ(5ot$sE*zlk?79AK<_{xs(4?%*8gtHRWB!ZpL|j;GV!Us9W^ z(O_E=QYU<}_$JB>>eAww#o$b6L?=T{c_)Mvq1D)p{QK6NiK`7UfhzkD@2aLRXiC>w zSbJ;HwUxrRFKxX8qH~PY`aim8G$?KG%01=0(~t&Dk9T~M+v=aX{<5k;s9`fz0F5!P zkMChE{JEPMYpiv9`1`7RyY&nYNj6Gk1$2;7(mU&{!l%)j*|F&Zi+s<^sWZ2nRlei2 z`E+9W-a~+q8RQmyIhSE$`aHT!>D1P>Z)t=Jj!!Aj3VR-=XO)$`T3VRgJb5U@rNUIy zp%CrfIQ!`>gn9Qr%tI|YUu9`ed(gb>mngZS+oxnBof3PF-~5DRa$+{7j2JfNP%Zo; zj%BX=xIveHrpLY^@W{}kdmR3e;;}Bw^XSj8A56h+uP2&S5T<&v-Eg}RTGl{vmaK9V zO^w7s(C?e~&E79jQD}=Au|-9uQk+r7&4wU6QM`{d)e%(cwHn>ux_$8*z;zexBHQeY z#XCk2D*#HN-CwwyCfPloyuZCKd=09A>uj9lv%k2A_nF_W`7GPF^7ktQ?_Q%9Ars$^c>XOA4(fcp0s&DCv zF4t<9! za;EwhiRjYcn5-`%dTas>t$18b@M~gyEZ)~IG%dCQB+wy~Y2TEO- z+g)@i?aULHr>9M$(gp_H{lz1676b&hBKgK!)$|K<9-Q{qYHCuuYGLDNi-GpZ{ygwu zpgsyu(dOAheg>5;u{*aqjXwiemK#d8ksjP_ue6$e68l3DeiV?*YJ412#TeHEv z%5a?`E_(OP!>h~>kgx61O~3TLg@&1D_WdF_!XC26&yE2sNAON?T<+ki3hs_S)_e076|Wi!Vz`xxHnkv9T`V`^HedJ2 zFI3vTP!RXi>Rlgw#7|Ik2cWK!{XeCf%p1>w-vJ+_@qZHEl0H0jyk{P>A*=A+(GXhR zEKUiy<(DJPzt_mbxMjzCAUq*}3G%@RU43s+t23(4-X<{MN9?m>+s^-H?X{6#2AdnY z{*$i)+EUf-Vnx4pfNAzUySQ8vJlj+NcYPwwCc@ zeV3G28ILeO2EVRUQp6=cdf&sHuW$B{w@XJ?=}>I?`Sg3fKJW*1PG}C{fjh5Gx!l6u z2$a{=FgakiQA2C+DOU7PNLS173%peW%W>TW*GZ;oJDrRooznu78?VvAb^k{FL{ynN zl|6Gu=zeKf?zO@{3VJ^duG*rAw}8Ec7*Rm1`{-H_>pofriJjUqG-abH>NV7g{+^9( zHfl`I)lRk42(0pX6Y2&#l_cX+_wAf5a}?IH1-$NLa3Tc#SMji&(mws+&g2%sSo`E6M}*-oNVX`8W5dpq2zEsd9s5y}h2?m{})L z+pC#(BUE=^x;b;FeI`2TgZ*zn}+^j1dG@3xt`h25eZ?nY$?S18U$ z5hp7-TpI%&tbjCI&JN+Uff<#6_I(*pU=rW))y%l~Q^IwKlX~6|I0m=Hf=SyX3Nty? z=>NgnW%~wgR9bi8H39UpZE=$S{3k(E&+9f7gH<{Ccl1sX{#0k^{pJgqYoloE9yn6PX%Ejr&YNiM6 zA4Zu-N*iEUqe-T2ZQn?pxJ#yvNlibY^`iTr>i;HpNcX8zZm6Vl#}t7&v`Q^ zLQnt^wx!$xFw8OlOz1ZTpRkT-6J<+}j*6->bKD&|YDBO2gfvk=4lSB0?SOy0x^3z! z7XSFy&o6LnYc241nQy`b_IWjRc%SuBQF*6rtgJLhTzHyN zQ;N=E`qCQ8-+a(;_~QtvailP3ht71BCsbm50V`)S$O{4oyo&8BSE!_4yim>G-1_?3f zi#Flh)FRv(%6l=KFTBaX5{tfW`_H*0A1pA5(6m z@Gbjbh~ei-K$gg-7j{0k678Zg|XTb$=OGsP|{Q%lf6FE5kw&FP*qJ1wY?azwqS~RFC zWUC5$ApB&J6EOd3G1#@?0U+h&%Zs_Y1Vag0;N5k7cqb&{L)?6n7R}u;X}iml(_Nc* zNO)x_t#Co%1}jta6#$ii&hT zrcuw%mBUp{78%s1ubepa3R^ef&oCpeLmzUP`+N>swquL85d=awXw_GZ8B=Z7F{hIQ zpRWRsyCd|H8%VhLcx6@9J4+sc-Nmno?3TC*MHb|psVTt{bE-|4jSGleZk z_2YEs;_zY45jRDl$p+mk6Sc5C5hPnGj3M}FuF_dVh7ssX>Jr&k96}Uv$c+%B4FL?MhN<~$UgVAQT@pNVs3AF;`{b7RgFWucYU47 zB_#W(XMKfVWKKQ?7dxt`ddRoH&l952`V`Z<=7QyKesJaf6>&cXuZMU(eeQaZdvmcY z??71+MXvR5v0HW+r{nzqWbAg4nKe4!r>K>sxmqr3$#bCXDG1aSv?E^)IrK4hG%hZD zof3~CSCeDjC1E}~x$9p#0{-5!`s?SnPdFVn1|ULkg^lPj+*kga;V`$C3Zf6rk{;&P z%(?E7mdlPw?a(#Jv)t{KyxfxZIa0wF(fj7&2~^bmoDjM>xh^1H9o8=gzED~yKYE-( zHMaKM+IBV&6PF_@iOJ z0{D9q!9)CMxjhBJym3p{XPomDg%b&vJzu#OcksCn7Rx4^D{8{mnbYFW59k*@>6m`& zJ*1)x!*xq7EiB&YzEsy%IcCaa^zv^_|EA7?d9OoY$YL|!6~hWCaoIoY|1pFJ5rRgXb8YoHW8#4%Db%Fqn2t z&5qp>9Ji literal 27086 zcmdpeXIN8N+pdniGJ=XoQz6np0YSPIOh9^(CQ6YG5}FW-4G^TrCV)s&3B5@Tp^k+T zsx%QoQE5_=VCaN$)($iC`nKWxQy~@3wazFRl!J6tS2lgJ{yJgFk z1ITMvw6|>8ir=zjhvM#Ez!mo$fY-k5747X3%=Bib)nb?7a`@fhMnYz>Tr3(9kBOl=0la97-O zubF8Xa(b$$`V4JBewlq6<|%wZ(QGzc<=w**N4IjXm|XZGCVXl4$@b-^E{@-)@@uO7 zH`ZI?rR_`l2(#Aex-k*C&#fRxn4Pxqq^o4gV07bUcemcMlD&n+Bc?4USq#vQj@K3M zjr~YX8S}BVZKEprI~xD!HlzA4L{}-@vu#^U9$Y>a9k?=)=iIcxqiy_DtZCySw@9VX zhIMpHs#t5@ljl=YQ$EbQ*@~bJbmiTNCfZqxY7>ZQa5h;!{EA_Y83kkX!9ylKH8Y|TrXr%!f7;SeS!CJaSMlc%6PNrAqnkd|k5fv^OU5?h1M{;3 zLs42yI@apfY946pKItp4oScnU5~D`3ZP^}|xYC{8hSd;l+#<=%{18$=e?_~uwf|x| z-Rq#sWvVDVuv?LDJA!A|sZ`QD{n17!tAw%mZ>I*Hc&F5<1iZA|9a*mt*FnA%!X`GM z?1P?Dc*)B@5nR1SfL&0yaw7nV`gx2=-SEcqRbb4QF~dV`v--YL$^XnJIMDI(%PoGrMVDT7;}}ISUm1aM{w->L`SpEVF=|Lsh8fP^-FU?G9Bu*vu^TB z%_GQrIf4odzRnm+JAYc9c^0Rm-HMT+*Z&Y`)XOm{n7eTb4*<4 z=UzezWmd)tHr=2TQXKj2N>1;5>8}(YP+9n*^VwW*vM3_eZ_$v_5xvjHuVKG{fOJkw zMM3!RtVFut$ID3e6J|;->JwMXrDR&p77gstTi#t6+tJ%KBUR=FYmp{FZ6w1qUqiY>4(rZvTIEX(hIdcnOpoaDk)F@CTVf_EWa)NTO4z` z<+Z289)6zgN)`SK z?Gx+tSEaH+dg$MLDHTgn2jfm6$dpps(9z?_q55;BB5dDz=mTylbMI7+ZDTh$?qnw| zgDxVMTE4U<8=DPaYZl3r8)lf#YuWf@sqogleu!>EPF1#8-8;5j_@_E>t2L$3H>=QO zX6}>XET}<%hxbcI6HacCJ9Y5^7gT zDdKeAbt&4-vwE#!e{W2}b7%o^vHrVTRIjEs*M1=lg@g~O0T1@Mjjg(}4(=maSiah3 zc{_RhBQjcD;$ysic-;QDd&c5(HvHu8r~%`X+Q`u-sn?O2J7&MU4`NzA964d29r!gU zaloUl5-Vd;b04LXK?>NvEqhy()Wf6smJJv}nxy^37w@ImU*TjAf3ywClHgi7mMo6$ zb7j(N^662}LX{8Pr4B`O@DD@Vre|Lwn2yHqy_pp_rIUx-k7{&{Q;BP*_)NZj;b0Wh z(-U`A58FHO=y1FlTlX6b`_-v(3l zZ;kmrmZ7XKc+EiLHjUeYK%WH+v?&4ZT?yP&D<~?DcgWso@vce4Yz+MwjqzHO=995* zp`+r&vp($zcj~!Z%=yw?!wqDuCC0N!+F}v6#`LAT?waY1^r6MqP*TUk7Ma!pndHxz zL^l;9h{Zx)lr$$Kq6MnyJm;Qz*dOfl|jewEwxwvsFNZ$FkHk;U_hH*)^qk)R$CsxxOCosQU z`OM|i%5q}q+kunikhrAnbCvqu3Cg_5u2c;BkFp)PDjePsS2rH*6};0G#r}?K;~D7Y z_JzAqNn75&McXiTOA;t6-o0hr2E={c3%8Nz7YEOG3id`G|Nyi}&2y{nNrc&^@?1!6s4tu&pRArVQI{Ts5!lW>wUJ3Vo z&#$jAWk`+t-?L8&Y@{{TTYdkTdbglV?K0Gy1@TDo z>Ckz%ac!I#gZx!S&2$uHES00NtK*Yo1(kjMawT^5@kP~EGzZoPeKH7&hs!i3PtWF3iN^D2SZNrWsFH;Kk9?-4uXs+>1 z@e5U9&kJiN1cz*k?80U8}rPJi6rN z7mQ!%OgLO>OdUp>^0Kb|Dt;d#FLQV;y!Rn|xHeiGn%cJV#Hy#vY;I&Ep!Swmo~ra!8D9yom1P zvs1U6c?@E#JpwYhGM-ay5jCz0qg5tnuI)xKV|gFHNW4l?FcRC*M|^4a`#0f)OV^T7<(`FaYOqxf&0~v6i)~_0p$%7zl}F98Z=o>X zeIJG7_!t&!m(MEgo6KUK4VpDBnXz>?Z{N6>m}YNc2?f0=pdH9Pg2#aua!} zHXfG-VL<_=!)tfH;`uMkcV-;sx7C7rwYBTUtiA;6^LATT6_3;F^<(ZmJQjBZF=`^l zZHC?X3-|hiCPvUQQblvmwnBD?r0T9xXp%-=U8fj6t&t#V?bAGd(jZqRxlR3CmMaU- zZ<*fe*4NAmUGqK{cdbq67Clpa07cd`oEcqBBZp!49%xgsT252+aB=Z^;3plo2hlRD z+U8HY$AmC_G#xQ@O|viDCV9r>>aMH$ckyEWd0jjt`v=#bHgsPNU>vsL};_PP=uj~d#%(aLykYamWxW%J!N z5~l1V9AS#|;z*IV57jsnheo7|oDg|<2&+r4v3n}!Mi?|Kl{UxMT-q^RnLn#c;Wk%V zD9ki!FODxCcq^A^P$Kh*(tt6Y{}O(6!!C8f_&inH9nZG-^oj#&;C5AcjV_&a|H3z( z4Y4Py8;Cj9&~?tWdcM^~D4)Gyv5?_|Xk#t$H5;oXTd{7T-_bAK*Akdq=}|{ZyP9x>)pfsKQ^NZy0YRU(-=6G~mJ)amIo!Zi61%lDJd2s_6$Rh z7R%~iT6SSCZApBi+_@W-wNEadoE^#D9TOVI9_&E5o+FYO7BV*!6Z#@4#3aZC34)|> zsrp<~`fD|svItZBJ}0~lR>K*8WP(Km*EvvRI62h)5(+uI5`NXxF=b9!&ar?Zb=m(A zJ>MmsCX|Vf4dRIH!n*mn7$6<#z9w3Sg#=vtEl*>McUIl(7^=Qoai?12Ru?)og;lY$ zFR}Z8k2j~nw%EIi-zzIBZjTH+Pi9}2n@sS=jk&Z-q^6Uu{RODW zAfv<(ExvD6wsDFc!jnsPt9auK5g5P4z}HI@IQU=YlCE7W+Y_wQF*(TcL_@Jw;lb`b z1|4XM7{OxQQE@|8X)#vbd-~T{Bm@F<^g1Jd@r=WH4`ln?c61D5Vv4(pKx`1ajgv65 zebwCWw;rjK)vi0`1zLAUh>Wv^q-P%?JfW>!u8G|D4M#rHB-y+qaX8iDWSi#d{JQm` zh~Jyy$_BRs!03xlcG*adytr*E*X(eQ%d^)68h1&S^BZuI{-o6{I=$=zv)8t&^{*oszN3end_zN*Xb`86@mXrzG z#)9_MD3qEjde1#6ihVgU$1mW?E9XA;p|tI00Kr8e%6ei+i|hPFO|&<5_1kn~4d=as z19f!Eq*{yFex1aZBa-}HqbsT8prPN+CDE<{JAL_7)w`6j+g$Z^EbsTAURzq4(PQaJ zgKpQ+-9}A?{dT(JX?Mg`lDaRuLN6`#qp@B$-pjuT48-MH7Cp1yDABbE-Dy?rR5D4x zURZ8_SCO5aoj}}EdBZ>=oZ7Wr+B^|;h1Swte2XRU76 zl)3d(@7A++UXy*0_{)<_O`~e3`DHS5`fWlWmaK?_Tu7p{<6JL$>RX%R-t@Buw%d-E z$oryDM1v~E+Y3dOmuW;m1xQ&rBGV(kmkJf-^Ex6QLTp^Il^$!8pT0F^Qe3Rfh>S=h z9NLa3%Ea|gs5)6hQF__ql^jqHLxs@w-(J}`DYBr%q?tqS-hpXg`QLEs>XGY!}6kGAZnuD^a6 z0`5~e&0}^&MP=}6aY0YMqOUTgk0_(2DL#wpqoTjgefsvaOsZ~WnL-swJm1LKvZU+`6gNdHqY(#$qN@O;jlcYI*?C1366k#8{sVRd|A2 z;^jz};Dk}HjikPM@*8fVqiE{*+n!~Oh^F?XT9tI|`SVU*=C3*U32!?d?P5A_u?N-q z7|Lu}UB;j#OIwFVG{N42!vZi$5E6iYfp7r)3k4X9e|0%LhOTahGw9nD!fpfZY7K#C z50p%E8+yV}su*195wp~9*}gAF!WU_^`qeK$YcegU##r%D_Bh&u*j-pxjc+HDSOlbz zktCmnvm@%)z&ms@aFQoMs2Ed$`7-bXQLh<}+?SxHS`enS-T==z2nk3OjSfF;Bd>_&g;kAY zG!|G<*b!RdB-CJ~p%{ms{mwnJN^3sihW8Ow4+2 z@yYQ#6+{twZ9jz3AZWsdJ~ip*GssiZ57B;g+c0c0VX^1pm3@1Ubvg1=9m=YzURV+j zjh#Y)4&;E)<<>L4ZncglCbh@+q};!MaUgKEb+F)&afxpX$8DL`1UwjdoUV4Bf716I zkca9=aay~&d-+!<`*vH~F|vVS^`z{vk1bBwpF$AxoN^@LPbCI2O%?Wi`QkKnIRnxI zqKTqFecbF(FsdjNmz?1`fZuhu^Wv4!<1<~gt;V?)2|f1?56EvFVBNW&d||q>vd9mk zL&j?!#}QEMS2}0zb|rFRh=*c^o4uYw{Bb4+^{I{ROFP#&e;PM%TQOF@|~Pnut?vRFR5B}u)2_w8g?4< z6~|#L^Ug#s98B6*lXCP|;4SXVu!j)4NU5=+H>-cM4FrGrF*ZVb?Gt&h{j|$QaqVcp z{Jgum1Po0T3agOx<&jofi~MgLeEsIk2rV=Uo#IE1N}+BYJr=|>dhZkaIdu^j{=q&t zKqkhITpcUYM(-cJb_wj!k;7weAMK)vL^84Z$r1BK)Ln@#QS7M3vsfPD#AC24N(k=R zqC;{w0S~%w?OupOGNOJmLq@DV3`2o8EXwkZeqKOcs&I0?$=Z5Na@0neWBtgDA8v*K z;)TnR&U%e;CpJbkVHf)l7+Ni0|KRk19|>m=AfLGMUtNZ8fX#`e1lB?F_&F%Cq3X33 zGXjZ5H6{w|ca1b=vq~-H_EAl;1=ELQ*3))!t2=PENE_tgTY=TNh}_F~VF37}CUlAM z+E>69Vbu!NQmojPku{c|8+&qN5PCu}jP3|VXMf`0?0@kbHLO`^AEz_lznd;$;2>zs zf8=;l#7YF?rqUMyCOi8eLWpR}lirNh1D}lMZszG^RJA`tO_EgLm&D~jr597k)(Pe` zWghPBV2qIF;CbCxiQB^SLw=rPLH?`pudu}=ogzlZ0TEqa z)WJDsjE3MHhsE9+0WV~(O}X)`XSZqB!>Xlc`soYwokQxT%tgn+2#Fa`$O+TnzT}yM z;V3!vsjx=0weQBImhe`ZRN2=mqpOooVr_;4U3fwp(|oAkou_R5yGc-E#KRhA`cTBP zun%+J>9%iDcu|nUeA&5ul}XMS`s;aa_P3U-RuAdSv&~E$pcAQ`W7(iLs)Z^qI#n&>WcA7}ujhv( zZ6P^jtSt9U>%IKg$8B$nBNN>`o8AUbgC6;rjXsennxX8QC#$SK1cTr;Mrr#*umdP+ zgI@rjU<1J}8ekj74+E$Sp7PGeiLJn~Wj%j29J&xuJ|*-hBK1;A(Hs37W&Vkr&cU22)sQ4bHF&RP z&5EV6qfdusC-FNVBcW2A5_9CT?OkL7bTHEN?vcK(Q4hQ<+N2}(<6s)SdZ9_WiVxn* zD=igI@gr)V3)fyJ>`&=>T9Ln6{D#&QG=$VK7C$e3OjiHcD_pX!SMIFA5N(MI|BKVO z@B36`Fr-jbr`9sdid<`f>x3`RF+^_6%>}z^RsYw~x^e@Qh>ni~@Ll|I`{FIyjqeUZ ziX`aJz`{D#Vanv}{363j#2rOg)bsl$&V6(t&NyMxtJnsH7d(H<#hN^X`=+U#+`1s! zw8HFP-`_x*321c@`pqlR#c{2nm)-rH0%y-oU}d0QJ@KmOa4&X-i4(}hHj@~bP_s_` zCXQrWJj?*bKiVjXl#!JcZ!fRR;^LsjE1ZJdOW&sVf;*AwNFv~_sZrA-?I|k%F|;9< zwcmJEs)=J~W3%B#We^0{;^NoIb^eD!)$;C zjE9l_%NGG0jB#O`oxdFfLxzG+JNNsoCb}Aznqi}EW4&D#qgfSicul^iGB#RVR;7OB zN$YoIlfmy|+yrb{(meehsV20dYxnDEkX3{Z$LtMjeP>kA7Xck2!CTUB!o@i;ze(UM zN-uASMy+1tTgR5HW7J59pi8Fvd))lxOb&b1kmvX{FqGZ15i z(94>uF2&>8N-eM8IpKK$=@y%u^28J_C|otrlO#uOS#m*I$AdQZioRy-#!L-sOrn)< zaE*o2h~v_w@v7~mc4H}G^G&+BGF$G`%g5tRupbay3aRgk2VoqCLG zMb(fcivve<)1j6cktA)(HIX>6W>0tXcR7*Qih+2GMmsVkwue(VHiG_gyfh9`VfbN_r zbC>D&>&Ep0nI3Inm22YSpR0}TOq^wvO6M|Uhw zYsFyClNE{T zpL%*=rvU;ymAs$)ZMu3g+$Ev_@OFe6*zACxj3zcQ{PPf4GJFQ?x?NqSo+~$r(-=!q zl!qgm7CmGC^(|$uYwev6FE|m2M{+Lg7(4{;VM`+tBxMcUlIip88~U|A4jib19jlBf zh->7+JDR7+N^4qsJ>imu!8%syk|ApS?#5)z8l{59b?y~sUlUR@twIIc*olQJba_cbI6WL8oVZkC>bnY>zum?8`jE?_2r~l-sn0*=VR~97PxcRJ&D>~SF_P2fT zM%O|}OG&l*EeH6_WaQ{pX~CBBKVzT_3=Hgf3{{|nwhjR=UHewSEM?wdI>4Vhx0X=0TBBa@JNpv37M=Hosb{7>|2e(5GcmxYi z+Bo|>fzJ_P923ci?1Q00*++09(^7nlDLS2l>*Mx}cL2eYo*KPoV3cB4VovmZwc2Z1 zZ_4GvGi3aoXG>(Z0O{<34XA95YCUe@=gGjW;^}f#z`uFEDZCyUq~7F_UJ=kL>u4@Z z`J8`%%1X*EG0PUEx@weX1Ac9V{qsE~IqumChQD=-1vP|RFGO1LMxRr7KvkptC)-Q4 zRaY{%_$w@YFmCZP^F@x-(R-Jl55XRaH)G_}a(M!Citgx2RmZnTq~Js{-NT118>;pU z))lwZ@Nv{$c8y>?m8>O4jts>aJWFH}tFh8+xd3X=8-uPEaC zx@K>M{9H%Z6`y3>Es-;Fqe)tH(}4ZW3c$AHrwnh?ve9scNs>>Y#~;$#ZMv>`pf}ci z!R%kUW&(rvzbjvDQoo?41x(?eHLZWa2meFq>*0S{6Z`w;|F1O+8?WsMWFvNUWh$RN ztgdl_1(c_)Tr<_oT^(w%+uWBYQ+F|O-K}HBCZG|u^*|2Aac+D_X)YdA>S;hgwbZUM zbkBR-LRSqgjGRKc0y25Gq?6@xJ0%tsnd(ln;EY)dy= z9;p>xC?nr2wX!`T@epYYlEq=@{Z%Imo<*B$^V8Rt?ptj6c-XT%nKVB@JNpQb>z1dZ zD_zH1DLmBlMRO!c@jzqil`yu-6~3xOO3%XDl3U5UI54?Us78F~fmxgKntK+r;}u!* z#bFb3Z#(aO9Z}gw&CAP!``L_xm{f^Wqt$(!wi%?6w?>#x@+N9+5IDlN!t<*IMjDHz8VY1M>PM zPHnhhHn-GwL2#4P&dbep`2|c1GlC@JPcSm-R&}fM#`@dmbz{zz5}HoqOE=*rKj?g8C9{~0P6P9icIAv`DIv8X;RK@L&eekE|HfnZl>^z zBX|TPm<@4wb;-M%yuAxVA^cXq@xF0Z1bV`3`w+=dji4r9FO+;zrSYzZ!-Fx6; zby9Kt$(Jbn>&ic@&q&8WJOcGm6@DO>0(F9pNtqu3%TKE`UXzZghNpAr8DYT_V6yw~ zJ(nxicwKtbOy2XWq_r?0sY|1=e4@>O~aO-{)Oas41H97|J z`715_Gl6}*&pd8#l>N^0w!jM(W#MK|(3XiPEkQ})Y^}uEb=fC27q>ntKQNkj0FO6_ z5|()fm{DhND*$<}$1u|_e+48D`iMPm=r6zQbZ2js!_+G~bT1eJ^7g#zAQ=1|ZKRi4 zn0%Xkp@n};WQ0dn=K)XSr|PN_&NYoRy`H!Coji<7^o292pL_2Vnt+ZIEqZ+?UIYfEP^LethQHykZZ!sWVnkb(o?bsBv$)7@ z((h&N{y|pzrjJvPCtu&d!Kv;^Z$b0Egv=IMl6bDbaXI&tMM_nVtgFh~x7VGU05ffb ze%w^Qf3qRl+aDX)l(R7_-@ioeDMgg*v@pSFI_hRkF-f^w6lHi;RrPpa`V)I5)piM| ziGc7hj-0dBQ@7FQFXG(KRVA`)xcr&79>J65bV`qgpPI#|`k z;lwHKEAQPZOZJ?YPha)!ypHx7pE;}IZf-=?3Bq&Bnchn^oOGXwCf{?G{IQRZa1(w3 z2{}?BU1aRDxD))Krz8}uC{Qdzs4gH@QNLWq_v_+z*eknyU5EP3;4Eft_oCqV%~1eK zoaa+$d~l{8CP+GXs?6dg0-pF}b<^D>2y zu!m-La0i2A`%7H%?|BEzJcAbFun-fsVx>kQ3*i7Kh_I3B#QFJo8V%}y_Yb5CaXS|m zGOS>v&JEpzV8m|!6bx?$9&tC~;DjT}kN5@zm?ElK`ofGPOIHx6LuAX&osF)0W!WR1 zK1n#VV4e3_w-mSj zLxkfaWm4PuTA<@l+zrRtuMWpJ16bfn4Sq9%~+1A@uX&F*-sAd_x?S_Lpr7I1xuW|lhcI-dn z^jNDGOXXa1R3PVj8*49X%`7@@&<_Ny<%w*mA{HY!*ZW%*24XB1b|Q$O{A`M%nWiZz`_22BFo&HxIy9Ergx#8-)FeM`Q90rcHda@xdaLk2SDt-_V`OTP5TniBwH z#2D!C5XkQzLYoKzQ^Fu&z*2(sg&7`ZEF8BYk7G@Q#Tu+58n1v7`VMd#lmW4`v!}P| zjXYAZN_FbWhx;=En6UkDa`_*R{kAa!Z7pvUxqXF*0o_ ztiw@sBKN3ZOm{{r1Nc{nnh2I5n7R-T{`WLcIktGu)Pg_BZ%6EOf{;{h2%BuH%|=E= zwfNEvK}p$t_O*78p;lRPOJ4=<`^5Xh;AJ@3jkyU1gf$MA;;tb{nSe%Gl`P{`M+P;B zmhE+%L{}Jd%7{*A+cMd|t@qdDrrcTh5tF zNTp1g(RhCK=nn;_9sRBJKvkG)Iu_fX;6n5;Zqt5&ev3GZG7_np?)HgYzao_BQ9i(( z`ltrgjcSHsZPfdzGpM0q`# zdf!-pu${p&;uI6f?lJR-^>C1C-oXF`Bpp^lS z0YVsg^btG)U^f2>!WejjQLt%oVVXz#rDaO{m!@{M#x?pP2m}DXgVs1f+4C6Oh2j4z zIeS{{?_467NFmhNlzw)SstJ)1nmn*OiU$3(+>7o1JIZgr5W!0hX01-Y@L!n=OxQD= z#kbcO>@P5Iy+PB;`B+k`Q?H+vdZ5;1?SR3$OMRmbw;!J=s_*ec;?Ni7^dgh9m%DZ7 z?Rx`$uWbNQ=Yt2lQHP=UOq`=(?hS3f<0j1MxXZ>p6(%KVS$(ES+1tPDcIEq{#ma`QgGVXyP$Z_IS8Itv`#&OvL_syVv5#l_3||Y}m9m_? zyieCW3QJ2tK^icDkfkW2JO5pE>u216CO6F-qo`XH-T(RXdHN_TdfN^`AwB0V*!BVD zPvODQrhRB7Q9+jZu?MUmhCo5M=#k9;;tv*lll=o2gO~HArR6A$h^NN&uv!!BVt{0K zgd_DuK>z*S9tO{aq<3{ZcHMoK22mJG$NT1f77gZ=Ps`bx+mAh?%X11CdL#F_)Fcffw zA*L`_SRrDhfzUfp(pn*bomjtST4Z5`$-lHq4-9<|D!j_!m24vAJH;c<$Q8L)OFKo% zX(6pCPjO|!-)ug;@5Kv3ymS<7+wY)|8W+x9V^E0dwfqy?nx@kkT)Cz=56Z*%Ve5_C zNS=;STU;rl^a)fiy%aZT`@S>DX*h`!$5L>z27|T_4!*X;&?n1qcs|DB>&y(WS7d&# z;LWJ`7+)H$qfJg?_oBCL6PRde&M<{52@fG#t-k^_u#SxJT!iDWLV~VQ-({=U2cwx1 zWPRZ!1_e;dO@?@cTWZr#@w)yWlFsqDBXxCk6Rt-HE&HRR%e87?U;`IONhk%RCf#L| z_x>%h6L4I)yo<2_f(!sNItoJ7&H6559)dFe?{d!nBG6NFO*bA_Ba34u2|pDxxDoHA z;ngmT?Fo?{Q9EYP;^=?cl;d+bAE5(tpK71BiAu9?=x;tmCgzFP4(#e2vpkU@UVd&JvH{*A*aN47z3@+6OE<-~=`y z6dn2kYSpv|g(gkB(svwJ5}k0+=<*RvlS_aT*~jEhY>* zY0z+sjPlqY@zPHP$e$5)g`4qy&=hP-XL9oM^%6gM|Y21QG_R3GiM21GKD_9@M2hATYb3pF(&T$tU{lkPal5?lLakW)l+jYWKd5DMl$9#mvk}_v)|rs&kJ4`exYG{L0J<;Q1HT#V~0L@bi~WSHQOcRR8m_i+}e# zqhav@)L@N&jed3_5JO+FiVMjH)NexpI1SPY&Sk-RPIUrAld17uLo*Zz)_*%w`|{fq z&<)2}l+YXKs%b9eMqW!ZC&xuD5+`(FU1c3D(o<<;97rp3(>)cH4`}6+=|3KN&4AO8 z3FSbLdY#BVZx2q9E}f5A8L%b*rr5#3;qE5k7tj!Kbnq(v>?fdx9s4k01`k<-jUgN?#^>U$$KzE?%x&F3iYEm%6$mVYqqlM%h0V5r6U|2T9YDIC zJ#W!z_9%Pk_#OL;hzjEdJ^QMcYLSrkuFweTKt=uU`=NrHr%s;~kar#mEEBmhT|@oVYf5Q@I6U?P(Q5e+iqfNT zE0zoUAH$H%6lb%2H$EmqS-aa&eI3gc?^iw*=j9FfQbI9VO}@_Qj&IpgbkFTK=tymx zcopQ(NV?OYXm9+cXKtr;%EC}hn-lSVpieAAl8q}wrwE|b^OAh1?-iqUy4tp{sytV)N+eBSB3T(PeWb%NV$x-?KkQ=keu`@)bekRloIpC-ghuOD z1=6P5{iv)aM>lg46cHfCodSj1S7GPKv$rnq{o#rN8eFI4=WjQs9}v`merF3}p>>K~ z8Dy$yUN`UK+&;13(Pys^9oiSRwH|SKL1rxZLD?FU9+2bn;`N6&7p14ChqXy1P*Z#2 z^>Hub7|~OcmIZWXeC%=YddC3wJM)fprqwLv?1jFb<%9?s$}`_^XW<}_OmI}hvM^@t@UCClhNt*3RVoZf4FVc7|FKr^3% zTRY0C-ZWtUtK+nlnTFrHFJrdgaz4%{G$L0RuCxHdR4=|HEsH1ZuC ztt- z+TbABovTibLi&w*ezXS~Coj8FHzX4k8*_R6H&qQ5yV!a7P63dF7ekqiq*>`vo7H>uR}b#kWGMbC9r#c3@R2u>VyuG%SCypQZm$c~ z=5^3HBTYs=0x*NV5{(sO1xKG_)GQVw7e`;&!a~n(4PpT#w%+6t#nR+zk zwHN&v-%5Oy#!8hh$M&DR8vcp{sjdtEQCqt@z_;Anu6~s?QMpTd%!z|fMLV2tTo9;X z!D)-N57Hq@+se+yaA?2@94JSmV)z}oP2xXTw2PW7LlQ7KPC_+awmsV1X8k55G5eEI z%O$6G)KhI^BY|Y#a(eZ(SNg=ip1BQ;fjW|vdzN{)A^vM+6D*2}{mn9*jH=m@Op zzG5uQ9hY+$9B3~*-YrATfAr+&;WHT|&B5Ng7|b~$#3THtD7!J>BRYDBH>^P~C-ThR z-9RROo;uCRUZ6*^{+sL?i5UHb7JQS_7QbDDhnuXM&Q2*kniz9u&@Xy4JMYoff$35^ zkhKmK6t$R}Vxo&GE7H~kd8oy%C7jPM{9QBI?zF1N;DaiGcp67i`Dd?e_t4qn5wGL< zUee#)f5rJEG1l{wvvbzkQPd+z1KUS7$GO7Gi!8+cy-UiILY_-m+ZDBzs@aFssSkXw!ca?E`?c=g?IfXp`&JOc@fDP@ewTo& zESGYG6?E|h9lhB%yB6F^dd$ye!;}?H#;=4GULoal`psSU!6?}0 zM#@b9V*A)`m^ml-4fjzMMeNZdC)J%wd!l~0r zcjy7q?7V==jc^G*c2HM2&11GNQY=VqPWHLf4UydU+09pkW?R2ngin4b9!x*ztmIKX zgDUEp`XWU7F=+FRRh>2uIB=rF_-7)m&C@@EYNC-b^11QQm?Tg-G~Wd@jOTAl$ABrJ zA5|*DEQ+SH!NnUM*L@o+6Gcy?9(cuz@YS5J+XD;5mm5UxwXoE|pRlmE5SB?&3kYzaXVdZpg4PdLV=q4drXP-&H#y0_ z8m9kF;-jDs(O8W3^Cm0kRf3#99OlD9S?v9ApdVt2eq94=Q{Ac zO?Z;^!wWJf@(m}40c)q;<(B`96r4@vrqJLsiQ6XU@N01o>JSyoB}!j8IifuhKCwrS zwyvxPyx>e6b-eo?Qxej3NUXi?z_9YM=B2@J@=*)f!%9V#f6yFOuK$v!xepe79u} z?H2-TDUKM14xs|WMU(|5j41}-q-3}+(k(*HPRBw^d~R{R$^r+y!obvLnlTYsg5WtG zSlt`{kr3H1HfY%g9rUN%p*yLHV;(`4%Gmwfv0ZuXT075@M-!jA%Q|K!8IZ2j;MNRA z5erEq|1c8Pj5zbQ{$d>>I}2(R%M+Y%wEWT(43kMA(fbKm@+hRI{s-y$Tw&dodD$f8 z!FAUz4*Zc%Y}9#ZhRs8$FpAa_;5U*WV&70IY&{c(~2 zfQbQCFh)kw2ZQ%-Iw{BwK^}ME9%t(@Y+P;vM~+|}<$pjMNBjCd2$1xr%&OouA;QQ1 zZ{EBqC_;WEt`*d{3!MLkN!GuVjdp7OpGv|{1&or&5*J@`qKQ0OvPQl zf!`o42$flmn-tjUHGgzbrmGChN58Fy1#vfo^m(u#<8=Nsh`6f3od)M+-Cnu(F1J2* z>F!^!*2dw;x_@I+Em=(hq}&Mux#1kKZUV*liR%0{+I4C$Ok7^KQFR)yPRkKt<6zs* zDHN*Np^;VjX*t{3%O}EkD}J{6t2Qi?szXRyn-mUwD#E6j+yw_1^i{<$=Y~?1+EH1F zPKzqG-<{yQu+0H21>Z%^J0p`FiBFs`{-{#-yyq(zMrA_nDO6yAtycH`US@d@U)4Dn zN^zmfebGmWUWAu{|DT1uUn*P6O8rKr!(_iEh1)*@2qaDm#towCD-Xa{h=|okjX5$H z(6l0Lm$=O%2LEW9I@3nXy)G(ZbWcyVY!d@%C3J-%Q#Clh``DgjOOl#i);uvQj&?WXOIhM(wp>4Tdo{c=4Y=-2P`Ji_|jPZR-lNNN5( zr+>64!tvc)tMlF9PQ$$CuO>6sYy#f>jxdlrnacrWJ$50s=yv=yK{$5$*H0O(4B@!` zpFnEk!u#*Qa983Ps&7K(Fhnj*>O3cURU}xeL&@4Pe@ur7^zx-;Otfxh2fgq2BLr}X z6V|m@P9ICnkK&RQWgB#)7E2G;BN836h9QBnCk(FopKCdibF#zL^C{0g@X0X@?Il3X zU()C5Ad@7UqVB+5v6PaMassCjd3uQ;T=)+WU$_fI<&?LvDH2#9xq&y|2zDgtLO;uH zVD%O>A-XEsf71+tS^ty!0+tb;2S$mL_(~AY$W8iX|9}SyD*cIiUufnY;Q03}z2SPQ z8^c7f1c)I0zc{wq)k5WG3<`2WmOr15PT0!^#z{Qm<@qBfVb4#83zCm+(n;V67WQt! z1KFl+^JU=HJqi?u2-OwY{|#pTA`ywrjc*F;8z?=Ct{4>bxQ)uHqL$hyMC+dGlBKq4 zrqOxaTf(EsReL#gf%F9M7Yl^}lWyfH6(oXP3qs%uGOVwxH(s=2<$L;uZ+Ehtz1^78 zpqebO3vmJng{`$G978*%uE-rp!7&LJB{QVP7eT$c*Kv=mMF1k~T5Nh`-)0rBD0frf z``!nzs`qdG&Z^2jfym_SVQ4UkvBlNidOA<1z5YjDl?jKFmPqj+!?S@(yZZ0W$8FYw zfUkqC)_U{^vPj5=mYW}ol&6X
~2qxIm-XQGdk~nP)V0P`@wcw^wzB6~ffESCSsm;Cyqd)d9zY_Z_} zpCsd54zxC3x$00oD}0ruJF;iDNGE0 zdiBmJN1|fGQ*G@b>>~3n9?z0$5~Ss9YA?CAzEeukWb^PQajfOC`|mO#D%>M>1Y+P1b#-5Me>5!l!;KrkOZ z%i!U1p^kf%-fOhigf}HiFo8gwNQ}^0>(TJ^rO&Um1wS`SFnwhUN@IJYu}ljE(Wx*^ z&+R*Rpn*Nrk3gNM9o=y}8W6B3Vh|Je@%o5LKtmprj#(kr4?)USRa(Q_!N)hi#}T~e zY$iUmgHL8~0MT{_??z=M6&xK;c+Vg(LsQnK(%ZiE@hS_lMu?nI1~Lu6kO_Nu^)H~%v8jp1QbQU7KJq*}d8Rw$&a3u`nLc0FHi4mIuh$IlcqiSin?Ba@c0D(} zZf92cj*DdZ3bGYs&WsjndJOt`y&2D|yxJv&>2j^8HdefI7nX46K>mw#u^o*CJsYdT zasK_wVkrU>!>2DHjb;5kZw$S#c-HrKG`zz`M)LI?pQx0iPFJRC&>B4pO=t#mGFscV zf5QlyVB+ZIPk(|EOzeMNimSSlBFjoRr<9^DRC4$Rmo$b2f%eo{Uv}{vpC9<-pV_Le z?8pK;@{`h(b#7ZN_1CES)>ZF~qG0}s((P6H#utzqlI2yI&zvy25%hw$Qs>@4w@K4f z%=yt#1T3PDYX)Cjg~?!~K&B}ERj8w?;?e3#GsJtT?sRCSiKh?RhV7TW;`HVNQ5lHE z+2$bHO;nc9QvI)wLVATTDVVMY6_m4)9iSNpCOf|?isbD;p z9ohQQZBKnFt|M29CS_;p)V0TH5#b~)Wy#zt-FmFFrL4*Al+-9WiTitq%twyJEuH-| z>aUBtPVvW0sC!o3UCQlUe^=scf=)mT*+b6KE-wxNT5P1X0w$)+c48Ag)QvZ#f|x{I z;vv)<-anv9`El;O^iU!e@;|>M7Mp)_WIGRlaOObeILP$h z-;r9(KRV^MMS3Ny5q!y2#FLC|-`^?(V);+=G0q%KmIw6@`X>Lc(ylwKsdJ6@y6G)d z5o-|~XrdqpE=Uo%(6CHWricRsy)r}@mnDXPvZHB4O}M%!+07uaV)u9>1K zct%w<73U@lSL@x>-+OEqFL1kY9oPh_t+0dmfU60jISGKu>>-Wz4|N?j=9O#Ak4x^M z$<3!K;&eQ(U2Kwx$S+98B@*!$7Zx3Je+UTs&9a43VsJGn9k$~(s?-h(M}Cx+n|^do z+xDtHMtT**t2ix{T2UaEMJ!RpY*Lmzn?1mWe&cf!I{H-%+FJ;3oK~Vej4A3Q#Ay0( zk1}wLwmvQ?g-JQ}jLNeX*-}K5WlX|$;^~3cFTeQqW_(@N!jxJm5H20(_zecCrsrTT zV*sru7*=zR)8o=?4(+y0-`erQf5E*_q&Bb8RrK`AU-MdQ&SzmzAjrK&-?C~~fyp(M zmHRCLt!D?g%iUcu|5dsQX;T(!+g;P;LE4Q4`qj5gb?drLmgN~=x|qmybRNxqy5E3M zmbVuaL;>CI?A;9x?drXk-72bX>Gs%r%w1#oO4?4+=#BG=#Ppk~)Il?|V@Gwbd{n*) zt~4lc%wl-6e5zbwThZXr)Z7Z@gp_qQ0M@znm(e=rPV)^6oFEork%LQ~+1V=|Sw+HKvMX3fL%YfZ#qDgjaJS8V>` z_6Z2W(^`%L`lbMLwW#tgJ1SZiKnL)2(b>7hO;@Sx_`)Eb&(QZ0Z}XQ);8i(@zq_%c z2$IUQb#yI$X+4l2@lla(HDC|%u7)tFDVW;Bz~&_Oj%A_L4!4TChe#q~JNhAgTl==L zr!ylC$v~+YI%GL`w==y%^*ogr7wFtOA3g?@$-h7RQH~1y)%z9i$|{XO#48-4JYIL@ z%qkdjgxyE((MruzhfNIEWqGZDZ^Um)Immvrmh^f~xTOX3LYfq;2p%JGtyUa0$QYXN}Hn)EfvqN_DV|(xUaUb_) zmu1eT^(p6>_l(H$m{)KvS`3_%5>;dwY)^hURJ=J@HEZ7exXc$ay}xD_iHce>)dT8B zG;6y%)xAzAw&d(&MIVdM_WY7?Ez`YfB>H9Xe}{KL9N~n@^YLQIi+PRPzlq_c%+ZCr zm$#hj@?FD#Y+Y4roVa*ANG&I4lq-U`!F!q!K=JSR?s3Nk^3ASp{lEuvRzpmROrj^= zu=0y^#^Cx9wXWWIl|0;)%4M9a0u_a^@v)YT5Gz;?Yjue7xgh?`p)bc=yoenptCDDR zH_FzD(xjfU_55yG<-ZZ762{uikIkt{XZX1q2l+Nt5$o*pMQ)(PGQHz%cYxXFped7b zfV)b!OB{bA~ zvpC;QVuxLDvbTL><|R&QNu|T4atTJ_Sk zKLdg)t~7Q|1KZ+^ky)#7Zpbx0k^rYi$OoKZN|J--X#`_ZS`3$E%eak5TCOVjaW*I3 znHtyT33c~&MhaYMno}kg(F?@YCLKJe#qTzc4XEraJ)U254CfE}VgK<8kBU&r(VE3c zwl_Xo=2{d|yU$S}NF79=;hcYK5lODhVV9nL)`NowPGe!LtzJsmkr>F6CC`mcGm4nm zizz6g;t|8|RCj33&lwurvbwV(Oe1_)yLp7;$m`PcX5d(@AeX23f%f!KH7!5NT2svH zAL&gQdl+3oes@F)@k12ra5psEqm8|Oq*BJ*DJFix@g0SEzBg)H|B0T>qPJ5oI+t@R zW_n(1lk-CwrlBtPe0Hv8U%>6CtFn%rO57RA4GInQG0EjtYnue#9t+^cm60>J_cwZ- zfQ^h3Sq%@mb-1rnxHzneJX)G*hfSN26ZCCdfwbL+Os=o57t_0qULG(c{jF*;jai;p zS&cIU{~@dk?h-D*TvX#W&Hjg&ASfVo;BWa|7ghh1pPh^7<^1I-&s z3MQ^>pCx{=VY9hBU544C=iaE4hj@_chZ`LRg&Q?}YSRzJ%5lStFt}xlU zep`A!*-E`ECH{yjrox$=_K}2TV3%AO+PwJj={u*i7UO&3)?a)?H6{@=)L%=&-#nJr z=Bil)KWDP^pG}LING6+ypMllifS9lc==uNDPEPWJaE*4h?@a&rxlh1Er#x74*OQr_ zQa03qh?ABY!re_zK8(d zgW>hZ2sW&of>ohV&hO@@l%;1iELL-XHCe#8U5xdZ2e30_2i(Y8XNFD%RCKN+7jyHY zDSPmchq5|hg4EmG3f4C))Zd1_UnQHa? zje0TTUrDha$IF2Ee00?SfAuD!1dDBBFk}S#N53lJA51*5eY9lm_5mpd;f3!sRnviGzj~kn$9L5n}fiigvB9n-gKIa+T z#k0cKUDWGb&{bt@hb;hGF{qF4oIi?B2U|hyD_a4wuqc9sMGycM7O0!ROTqw>Wk4#y zW7#Fv13dyny3uO9xofHSX{crV_VJuHBSNuG=|EvkPp%2WWlu@{M}M{2lLbOl6*M=H zGW^50&T!YIQ4rgw@urg-j@Sblo@zX@a~h-(M$%?1#EQV~3Iy4!=7q3g1UE`IAJW-z zPs)rbK~LJ0+6I(4C)WThptWjlUX>sPE6sflu@%1;g`@K+6zu)_!8K1`bT0nK!OvkA zSTPY|3_=W+<+?8tr3wn0yF63b=1J$Gb%&4qG=5|Fa8E;a^>`Cqe7MEp1OUEM3UBDp zS19E0ll52Sc0362AXHv+XxDnWCH0X*n$5Qr%W04DTq^Q;I3Ljz&J7>rLJtuO`yYvuX`IgcRp9eT+TZi8j_eZFL>cod zUW^Fn*48VM6p8#65w_H+MkO_erTzJrytNP61`o+s6nicBw;&2dhHry0MZ;zv1T)J) zoknwlkn(%l5~AEBKzLst_;eTQeRXA=c9cmv@M2P$R5|SWY=Daqvis@>*EJ#8HCV^~ VtRiCt{12v2NXF(ymx=pB{|_@>rH%jq diff --git a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md index b9bf7dd558..5965974382 100644 --- a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md +++ b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md @@ -1345,6 +1345,12 @@ For details about Microsoft mobile device management protocols for Windows 10 s
  • OS/Mode
    • + +[RootCATrustedCertificates CSP](rootcacertificates-csp.md) +

    Added the following node in Windows 10, version 1803:

    +
      +
    • UntrustedCertificates
      • +
    @@ -1651,6 +1657,13 @@ The DM agent for [push-button reset](https://msdn.microsoft.com/windows/hardware +[RootCATrustedCertificates CSP](rootcacertificates-csp.md) +

    Added the following node in Windows 10, version 1803:

    +
      +
    • UntrustedCertificates
      • +
    + + [Policy CSP](policy-configuration-service-provider.md)

    Added the following new policies for Windows 10, version 1803:

      diff --git a/windows/client-management/mdm/rootcacertificates-csp.md b/windows/client-management/mdm/rootcacertificates-csp.md index 8f5c11db9d..b7fa5a8362 100644 --- a/windows/client-management/mdm/rootcacertificates-csp.md +++ b/windows/client-management/mdm/rootcacertificates-csp.md @@ -7,11 +7,14 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 06/26/2017 +ms.date: 03/06/2018 --- # RootCATrustedCertificates CSP +> [!WARNING] +> Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here. + The RootCATrustedCertificates configuration service provider enables the enterprise to set the Root Certificate Authority (CA) certificates. > [!Note] @@ -44,6 +47,9 @@ Node for trusted publisher certificates. **RootCATrustedCertificates/TrustedPeople** Node for trusted people certificates. +**RootCATrustedCertificates/UntrustedCertificates** +Addeded in Windows 10, version 1803. Node for certificates that are not trusted. IT admin can use this node to immediately flag certificates that have been compromised and no longer usable. + **_CertHash_** Defines the SHA1 hash for the certificate. The 20-byte value of the SHA1 certificate hash is specified as a hexadecimal string value. diff --git a/windows/client-management/mdm/rootcacertificates-ddf-file.md b/windows/client-management/mdm/rootcacertificates-ddf-file.md index 6e6492a240..03c352d150 100644 --- a/windows/client-management/mdm/rootcacertificates-ddf-file.md +++ b/windows/client-management/mdm/rootcacertificates-ddf-file.md @@ -7,17 +7,19 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 12/05/2017 +ms.date: 03/07/2018 --- # RootCATrustedCertificates DDF file +> [!WARNING] +> Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here. This topic shows the OMA DM device description framework (DDF) for the **RootCACertificates** configuration service provider. DDF files are used only with OMA DM provisioning XML. Looking for the DDF XML files? See [CSP DDF files download](configuration-service-provider-reference.md#csp-ddf-files-download). -The XML below is the current version for this CSP. +The XML below is for Windows 10, version 1803. ``` syntax @@ -28,7 +30,7 @@ The XML below is the current version for this CSP. 1.2 RootCATrustedCertificates - ./Vendor/MSFT + ./User/Vendor/MSFT @@ -43,7 +45,7 @@ The XML below is the current version for this CSP. - + com.microsoft/1.1/MDM/RootCATrustedCertificates @@ -74,8 +76,6 @@ The XML below is the current version for this CSP. - - Defines the SHA1 hash for the certificate. The 20-byte value of the SHA1 certificate hash is specified as a hexadecimal string value @@ -100,12 +100,12 @@ The XML below is the current version for this CSP. - + Specifies the X.509 certificate as a Base64-encoded string. The Base-64 string value cannot include extra formatting characters such as embedded linefeeds, etc. - + @@ -117,7 +117,7 @@ The XML below is the current version for this CSP. - text/plain + @@ -271,8 +271,6 @@ The XML below is the current version for this CSP. - - Defines the SHA1 hash for the certificate. The 20-byte value of the SHA1 certificate hash is specified as a hexadecimal string value @@ -297,12 +295,12 @@ The XML below is the current version for this CSP. - + Specifies the X.509 certificate as a Base64-encoded string. The Base-64 string value cannot include extra formatting characters such as embedded linefeeds, etc. - + @@ -311,7 +309,7 @@ The XML below is the current version for this CSP. - text/plain + @@ -363,7 +361,7 @@ The XML below is the current version for this CSP. - Returns the starting date of the certificate's validity. This is equivalent to the NotBefore member in the CERT_INFO structure. + Returns the starting date of the certificate's validity. Supported operation is Get. This is equivalent to the NotBefore member in the CERT_INFO structure. @@ -384,7 +382,7 @@ The XML below is the current version for this CSP. - Returns the expiration date of the certificate. This is equivalent to the NotAfter member in the CERT_INFO structure + Returns the expiration date of the certificate. Supported operation is Get. This is equivalent to the NotAfter member in the CERT_INFO structure @@ -405,7 +403,7 @@ The XML below is the current version for this CSP. - Returns the certificate template name. + Returns the certificate template name. Supported operation is Get. @@ -450,8 +448,6 @@ The XML below is the current version for this CSP. - - Defines the SHA1 hash for the certificate. The 20-byte value of the SHA1 certificate hash is specified as a hexadecimal string value @@ -476,12 +472,12 @@ The XML below is the current version for this CSP. - + Specifies the X.509 certificate as a Base64-encoded string. The Base-64 string value cannot include extra formatting characters such as embedded linefeeds, etc. - + @@ -493,7 +489,7 @@ The XML below is the current version for this CSP. - text/plain + @@ -551,7 +547,7 @@ The XML below is the current version for this CSP. - Returns the starting date of the certificate's validity. This is equivalent to the NotBefore member in the CERT_INFO structure. + Returns the starting date of the certificate's validity. Supported operation is Get. This is equivalent to the NotBefore member in the CERT_INFO structure. @@ -575,7 +571,7 @@ The XML below is the current version for this CSP. - Returns the expiration date of the certificate. This is equivalent to the NotAfter member in the CERT_INFO structure + Returns the expiration date of the certificate. Supported operation is Get. This is equivalent to the NotAfter member in the CERT_INFO structure @@ -599,7 +595,7 @@ The XML below is the current version for this CSP. - Returns the certificate template name. + Returns the certificate template name. Supported operation is Get. @@ -647,8 +643,6 @@ The XML below is the current version for this CSP. - - Defines the SHA1 hash for the certificate. The 20-byte value of the SHA1 certificate hash is specified as a hexadecimal string value @@ -673,12 +667,12 @@ The XML below is the current version for this CSP. - + Specifies the X.509 certificate as a Base64-encoded string. The Base-64 string value cannot include extra formatting characters such as embedded linefeeds, etc. - + @@ -690,7 +684,7 @@ The XML below is the current version for this CSP. - text/plain + @@ -748,7 +742,7 @@ The XML below is the current version for this CSP. - Returns the starting date of the certificate's validity. This is equivalent to the NotBefore member in the CERT_INFO structure. + Returns the starting date of the certificate's validity. Supported operation is Get. This is equivalent to the NotBefore member in the CERT_INFO structure. @@ -772,7 +766,7 @@ The XML below is the current version for this CSP. - Returns the expiration date of the certificate. This is equivalent to the NotAfter member in the CERT_INFO structure + Returns the expiration date of the certificate. Supported operation is Get. This is equivalent to the NotAfter member in the CERT_INFO structure @@ -796,7 +790,1180 @@ The XML below is the current version for this CSP. - Returns the certificate template name. + Returns the certificate template name. Supported operation is Get. + + + + + + + + + + + + + + text/plain + + + + + + + UntrustedCertificates + + + + + + + + + + + + + + + + + + + + + + + + + + + + Defines the SHA1 hash for the certificate. The 20-byte value of the SHA1 certificate hash is specified as a hexadecimal string value + + + + + + + + + + + + + CertHash + + + + + + EncodedCertificate + + + + + + + Specifies the X.509 certificate as a Base64-encoded string. The Base-64 string value cannot include extra formatting characters such as embedded linefeeds, etc. + + + + + + + + + + + + + + + + + + + IssuedBy + + + + + Returns the name of the certificate issuer. This is equivalent to the Issuer member in the CERT_INFO data structure. + + + + + + + + + + + + + + text/plain + + + + + IssuedTo + + + + + Returns the name of the certificate subject. This is equivalent to the Subject member in the CERT_INFO data structure. + + + + + + + + + + + + + + text/plain + + + + + ValidFrom + + + + + Returns the starting date of the certificate's validity. Supported operation is Get. This is equivalent to the NotBefore member in the CERT_INFO structure. + + + + + + + + + + + + + + text/plain + + + + + ValidTo + + + + + Returns the expiration date of the certificate. Supported operation is Get. This is equivalent to the NotAfter member in the CERT_INFO structure + + + + + + + + + + + + + + text/plain + + + + + TemplateName + + + + + Returns the certificate template name. Supported operation is Get. + + + + + + + + + + + + + + text/plain + + + + + + + + RootCATrustedCertificates + ./Device/Vendor/MSFT + + + + + + + + + + + + + + + com.microsoft/1.1/MDM/RootCATrustedCertificates + + + + Root + + + + + + + + + + + + + + + + + + + + + + + + + + + + Defines the SHA1 hash for the certificate. The 20-byte value of the SHA1 certificate hash is specified as a hexadecimal string value + + + + + + + + + + + + + CertHash + + + + + + EncodedCertificate + + + + + + + Specifies the X.509 certificate as a Base64-encoded string. The Base-64 string value cannot include extra formatting characters such as embedded linefeeds, etc. + + + + + + + + + + + + + + + + + + + IssuedBy + + + + + Returns the name of the certificate issuer. This is equivalent to the Issuer member in the CERT_INFO data structure. + + + + + + + + + + + + + + text/plain + + + + + IssuedTo + + + + + Returns the name of the certificate subject. This is equivalent to the Subject member in the CERT_INFO data structure. + + + + + + + + + + + + + + text/plain + + + + + ValidFrom + + + + + Returns the starting date of the certificate's validity. Supported operation is Get. This is equivalent to the NotBefore member in the CERT_INFO structure. + + + + + + + + + + + + + + text/plain + + + + + ValidTo + + + + + Returns the expiration date of the certificate. Supported operation is Get. This is equivalent to the NotAfter member in the CERT_INFO structure + + + + + + + + + + + + + + text/plain + + + + + TemplateName + + + + + Returns the certificate template name. Supported operation is Get. + + + + + + + + + + + + + + text/plain + + + + + + + CA + + + + + + + + + + + + + + + + + + + + + + + + + + + + Defines the SHA1 hash for the certificate. The 20-byte value of the SHA1 certificate hash is specified as a hexadecimal string value + + + + + + + + + + + + + CertHash + + + + + + EncodedCertificate + + + + + + + Specifies the X.509 certificate as a Base64-encoded string. The Base-64 string value cannot include extra formatting characters such as embedded linefeeds, etc. + + + + + + + + + + + + + + + + IssuedBy + + + + + Returns the name of the certificate issuer. This is equivalent to the Issuer member in the CERT_INFO data structure. + + + + + + + + + + + text/plain + + + + + IssuedTo + + + + + Returns the name of the certificate subject. This is equivalent to the Subject member in the CERT_INFO data structure. + + + + + + + + + + + text/plain + + + + + ValidFrom + + + + + Returns the starting date of the certificate's validity. Supported operation is Get. This is equivalent to the NotBefore member in the CERT_INFO structure. + + + + + + + + + + + text/plain + + + + + ValidTo + + + + + Returns the expiration date of the certificate. Supported operation is Get. This is equivalent to the NotAfter member in the CERT_INFO structure + + + + + + + + + + + text/plain + + + + + TemplateName + + + + + Returns the certificate template name. Supported operation is Get. + + + + + + + + + + + text/plain + + + + + + + TrustedPublisher + + + + + + + + + + + + + + + + + + + + + + + + + + + + Defines the SHA1 hash for the certificate. The 20-byte value of the SHA1 certificate hash is specified as a hexadecimal string value + + + + + + + + + + + + + CertHash + + + + + + EncodedCertificate + + + + + + + Specifies the X.509 certificate as a Base64-encoded string. The Base-64 string value cannot include extra formatting characters such as embedded linefeeds, etc. + + + + + + + + + + + + + + + + + + + IssuedBy + + + + + Returns the name of the certificate issuer. This is equivalent to the Issuer member in the CERT_INFO data structure. + + + + + + + + + + + + + + text/plain + + + + + IssuedTo + + + + + Returns the name of the certificate subject. This is equivalent to the Subject member in the CERT_INFO data structure. + + + + + + + + + + + + + + text/plain + + + + + ValidFrom + + + + + Returns the starting date of the certificate's validity. Supported operation is Get. This is equivalent to the NotBefore member in the CERT_INFO structure. + + + + + + + + + + + + + + text/plain + + + + + ValidTo + + + + + Returns the expiration date of the certificate. Supported operation is Get. This is equivalent to the NotAfter member in the CERT_INFO structure + + + + + + + + + + + + + + text/plain + + + + + TemplateName + + + + + Returns the certificate template name. Supported operation is Get. + + + + + + + + + + + + + + text/plain + + + + + + + TrustedPeople + + + + + + + + + + + + + + + + + + + + + + + + + + + + Defines the SHA1 hash for the certificate. The 20-byte value of the SHA1 certificate hash is specified as a hexadecimal string value + + + + + + + + + + + + + CertHash + + + + + + EncodedCertificate + + + + + + + Specifies the X.509 certificate as a Base64-encoded string. The Base-64 string value cannot include extra formatting characters such as embedded linefeeds, etc. + + + + + + + + + + + + + + + + + + + IssuedBy + + + + + Returns the name of the certificate issuer. This is equivalent to the Issuer member in the CERT_INFO data structure. + + + + + + + + + + + + + + text/plain + + + + + IssuedTo + + + + + Returns the name of the certificate subject. This is equivalent to the Subject member in the CERT_INFO data structure. + + + + + + + + + + + + + + text/plain + + + + + ValidFrom + + + + + Returns the starting date of the certificate's validity. Supported operation is Get. This is equivalent to the NotBefore member in the CERT_INFO structure. + + + + + + + + + + + + + + text/plain + + + + + ValidTo + + + + + Returns the expiration date of the certificate. Supported operation is Get. This is equivalent to the NotAfter member in the CERT_INFO structure + + + + + + + + + + + + + + text/plain + + + + + TemplateName + + + + + Returns the certificate template name. Supported operation is Get. + + + + + + + + + + + + + + text/plain + + + + + + + UntrustedCertificates + + + + + + + + + + + + + + + + + + + + + + + + + + + + Defines the SHA1 hash for the certificate. The 20-byte value of the SHA1 certificate hash is specified as a hexadecimal string value + + + + + + + + + + + + + CertHash + + + + + + EncodedCertificate + + + + + + + Specifies the X.509 certificate as a Base64-encoded string. The Base-64 string value cannot include extra formatting characters such as embedded linefeeds, etc. + + + + + + + + + + + + + + + + + + + IssuedBy + + + + + Returns the name of the certificate issuer. This is equivalent to the Issuer member in the CERT_INFO data structure. + + + + + + + + + + + + + + text/plain + + + + + IssuedTo + + + + + Returns the name of the certificate subject. This is equivalent to the Subject member in the CERT_INFO data structure. + + + + + + + + + + + + + + text/plain + + + + + ValidFrom + + + + + Returns the starting date of the certificate's validity. Supported operation is Get. This is equivalent to the NotBefore member in the CERT_INFO structure. + + + + + + + + + + + + + + text/plain + + + + + ValidTo + + + + + Returns the expiration date of the certificate. Supported operation is Get. This is equivalent to the NotAfter member in the CERT_INFO structure + + + + + + + + + + + + + + text/plain + + + + + TemplateName + + + + + Returns the certificate template name. Supported operation is Get. @@ -818,14 +1985,4 @@ The XML below is the current version for this CSP. -``` - -  - -  - - - - - - +``` \ No newline at end of file