From 7f2e4d1186e20b75cba0336aff53d6838453c1d8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20L=C3=A1vi=C4=8Dka?= Date: Thu, 29 Jan 2026 09:43:25 +0100 Subject: [PATCH 1/4] Chapter AWS-CLI S3 plugin Added chapter Set Up Bucket Policies for Sharing (AWS-CLI S3 plugin). --- .../docs/object-storage-s3/s3-features.mdx | 190 +++++++++++++++++- 1 file changed, 189 insertions(+), 1 deletion(-) diff --git a/content/docs/object-storage-s3/s3-features.mdx b/content/docs/object-storage-s3/s3-features.mdx index 960b66f0..6b2b8471 100644 --- a/content/docs/object-storage-s3/s3-features.mdx +++ b/content/docs/object-storage-s3/s3-features.mdx @@ -456,4 +456,192 @@ aws s3api list-object-versions --bucket "bucket name" --profile "profil name" -- ``` ## Set Up Bucket Policies for Sharing (AWS-CLI S3 plugin) -Coming soon... + +The **[aws-plugin-bucket-policy](https://github.com/CESNET/aws-plugin-bucket-policy)** plugin is a cli tool for generating and setting bucket policies. + + +Before installing the plugin, install and configure the **[AWS tool](https://docs.du.cesnet.cz/en/docs/object-storage-s3/aws-cli)**. + + +### Plugin installation aws-plugin-bucket-policy + +```bash +pip install --upgrade pip setuptools awscli aws-plugin-bucket-policy awscli_plugin_endpoint +``` + +### Plugin and endpoint configuration + +In the configuration file `/home/your-username/.aws/config`, add the missing settings to the profile + +```bash +[profile test_user] +output = text +s3 = +endpoint_url = https://s3.cl4.du.cesnet.cz +s3api = +endpoint_url = https://s3.cl4.du.cesnet.cz +s3bucket-policy = +endpoint_url = https://s3.cl4.du.cesnet.cz + +[plugins] +s3bucket-policy = aws_plugin_bucket_policy +endpoint = awscli_plugin_endpoint +``` + +### Creating a bucket policy for sharing a bucket + +Only the bucket owner can modify policies! + + + +The group identifier can be obtained from the Gatekeeper service: **https://access.du.cesnet.cz/**. + + +Before modifying the bucket policy settings, check whether a policy is already configured + +```bash +aws s3bucket-policy --profile test_user get-policy --bucket your-bucket +``` + + +If a bucket policy already exists, it will be overwritten. + + +Creating a shared folder for a tenant + +```bash +aws s3bucket-policy --profile test_user new-policy --bucket your-bucket --newpol-type share-w-tenant --newpol-spec tenant=c6efffff_1581_hhhh_879d_1616agtgtgtg,action=rw +``` + +Command output: + +```bash +Bucket "your-bucket" old policy: No policy defined +--- +Bucket "your-bucket" new policy: +{ + "Id": "policy-260115-150636-1111", + "Version": "2012-10-17", + "Statement": [ + { + "Sid": "statement-260114-150636-6251", + "Effect": "Allow", + "Principal": { + "AWS": [ + "c6efffff_1581_hhhh_879d_1616agtgtgtg" + ] + }, + "Action": [ + "s3:ListBucket", + "s3:GetObject", + "s3:PutObject", + "s3:DeleteObject" + ], + "Resource": [ + "arn:aws:s3:::your-bucket", + "arn:aws:s3:::your-bucket/*" + ] + } + ] +} +.... +``` + +Creating a shared folder with a user + +```bash +aws s3bucket-policy --profile test_user new-policy --bucket your-bucket --newpol-type share-w-user --newpol-spec tenant=c6efffff_1581_hhhh_879d_1616agtgtgtg,user=62cbgbgbgbgbg03aa144c327279eenhnhnhnhnhe,action=rw +``` + +Command output: + +```bash +Bucket "your-bucket" old policy: No policy defined +--- +Bucket "your-bucket" new policy: +{ + "Id": "policy-260114-151333-4614", + "Version": "2012-10-17", + "Statement": [ + { + "Sid": "statement-260114-151333-1193", + "Effect": "Allow", + "Principal": { + "AWS": [ + "arn:aws:iam::c6efffff_1581_hhhh_879d_1616agtgtgtg:user/ahhhhhhhhhha554c0206319caa7mnmnmnmnmn0ea", + "arn:aws:iam::c6efffff_1581_hhhh_879d_1616agtgtgtg:user/62cbgbgbgbgbg03aa144c327279eenhnhnhnhnhe" + ] + }, + "Action": [ + "s3:ListBucket", + "s3:GetObject", + "s3:PutObject", + "s3:DeleteObject" + ], + "Resource": [ + "arn:aws:s3:::your-bucket", + "arn:aws:s3:::your-bucket/*" + ] + } + ] +} +``` + +Creating a shared folder with a user who has write permissions, while also configuring sharing for a second user with read-only access. + +```bash +aws s3bucket-policy --profile test_user new-policy --bucket your-bucket --newpol-type share-w-user --newpol-spec tenant=5fd7687c_9874_497d_bb99_6ebb56987e23,user=62bgtsrdjhrd203aa144c32725dr9v3fldtds79e,action=rw user=62c159778887203rt144c327279ee0854f96d79f,action=ro +``` + +```bash +Bucket "your-bucket" new policy: +{ + "Id": "policy-260128-134711-5519", + "Version": "2012-10-17", + "Statement": [ + { + "Sid": "statement-260128-134711-7294", + "Effect": "Allow", + "Principal": { + "AWS": [ + "arn:aws:iam::5fd7687c_9874_497d_bb99_6ebb56987e23:user/62bgtsrdjhrd203aa144c32725dr9v3fldtds79e", + "arn:aws:iam::5fd7687c_9874_497d_bb99_6ebb56987e23:user/62c159778887203rt144c327279ee0854f96d79e" + ] + }, + "Action": [ + "s3:ListBucket", + "s3:GetObject", + "s3:PutObject", + "s3:DeleteObject" + ], + "Resource": [ + "arn:aws:s3:::your-bucket", + "arn:aws:s3:::your-bucket/*" + ] + }, + { + "Sid": "statement-260128-134711-6339", + "Effect": "Allow", + "Principal": { + "AWS": [ + "arn:aws:iam::5fd7687c_9874_497d_bb99_6ebb56987e23:user/62c159778887203aa144c327279ee0854f96d79f" + ] + }, + "Action": [ + "s3:ListBucket", + "s3:GetObject" + ], + "Resource": [ + "arn:aws:s3:::your-bucket", + "arn:aws:s3:::your-bucket/*" + ] + } + ] +} +``` + +For creating more complex bucket policies, the `--dryrun` switch can be used. It outputs the configuration without applying it. The resulting summarized bucket policy configuration can then be created and applied using JSON. + +Additional **[examples](https://github.com/CESNET/aws-plugin-bucket-policy/blob/main/README.md##examples)** and **[command reference](https://github.com/CESNET/aws-plugin-bucket-policy/blob/main/docs/commands.md)** + +If more advanced bucket policy configuration is required, please contact `du-support@cesnet.cz`. \ No newline at end of file From 5bac9174d946f9ab337592a8b39cdad9deacb848 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20L=C3=A1vi=C4=8Dka?= Date: Thu, 26 Feb 2026 15:46:13 +0100 Subject: [PATCH 2/4] Update s3-features.mdx Pridani obr a identifikatoru tenantu a user ID --- content/docs/object-storage-s3/s3-features.mdx | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/content/docs/object-storage-s3/s3-features.mdx b/content/docs/object-storage-s3/s3-features.mdx index 6b2b8471..68184357 100644 --- a/content/docs/object-storage-s3/s3-features.mdx +++ b/content/docs/object-storage-s3/s3-features.mdx @@ -495,8 +495,15 @@ Only the bucket owner can modify policies! The group identifier can be obtained from the Gatekeeper service: **https://access.du.cesnet.cz/**. +In the following image: +A – Group/Tenant ID +B – User ID + +If access credentials were provided to you, the Tenant ID is included in the user field before the dollar sign ($). +![GK-group_info](/img/data-care/s3-features/GK-group_info.jpg) + Before modifying the bucket policy settings, check whether a policy is already configured ```bash @@ -644,4 +651,4 @@ For creating more complex bucket policies, the `--dryrun` switch can be used. It Additional **[examples](https://github.com/CESNET/aws-plugin-bucket-policy/blob/main/README.md##examples)** and **[command reference](https://github.com/CESNET/aws-plugin-bucket-policy/blob/main/docs/commands.md)** -If more advanced bucket policy configuration is required, please contact `du-support@cesnet.cz`. \ No newline at end of file +If more advanced bucket policy configuration is required, please contact `du-support@cesnet.cz`. From e5135667a8ff4873fcba3988397a1f270a3c9872 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20L=C3=A1vi=C4=8Dka?= Date: Thu, 26 Feb 2026 15:50:58 +0100 Subject: [PATCH 3/4] Create GK-group_info.jpg pridani obrazku --- public/img/data-care/s3-features/GK-group_info.jpg | 1 + 1 file changed, 1 insertion(+) create mode 100644 public/img/data-care/s3-features/GK-group_info.jpg diff --git a/public/img/data-care/s3-features/GK-group_info.jpg b/public/img/data-care/s3-features/GK-group_info.jpg new file mode 100644 index 00000000..8b137891 --- /dev/null +++ b/public/img/data-care/s3-features/GK-group_info.jpg @@ -0,0 +1 @@ + From 7afb23cc98b0d483053cf3ac48bce2f9bafbd301 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20L=C3=A1vi=C4=8Dka?= Date: Thu, 26 Feb 2026 15:51:46 +0100 Subject: [PATCH 4/4] Add files via upload update obr --- .../img/data-care/s3-features/GK-group_info.jpg | Bin 1 -> 40815 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/public/img/data-care/s3-features/GK-group_info.jpg b/public/img/data-care/s3-features/GK-group_info.jpg index 8b137891791fe96927ad78e64b0aad7bded08bdc..5d8d3c8624e1893235e366c0cd53c91825aaade5 100644 GIT binary patch literal 40815 zcmeFZ2UJsAw=fz-EFdZ+qBIqxg`$9fR13WmNQiV15D85}lV;%v(vcE+4G=;CK}x_7 zilQI{0fB^GM0#k_ivlm6d(Qd3aqs=U@!oj%|NrscI5XKhbFVqG=9+V@HP_m6t-TKi z4!;7<>1yg|0*)Lx0=Q5A01m$$8PHKvvo$s`($vw{pc4RqBdq{B9J>wxxVd{HOtkJ^ zzGrT6`NUVi5&GwMu(S7i{2$nVd!}=3_5BBLuf%`L@$VB)IXHUR(^9y(+0E7G zm#km#OS{vK?od1MmWv0JH#if9X%Zrh^9x0Jymc05H7%N7{ol0H7um0Jt#p zkF=|~0KnOo06=xuKhpkTlgD-lyWg`rMn4~Y_z(bCD*^ym%mD!QF8~0O0gxX zGM&UjFP8`X;{!gTD|aRvaLc#M(tINKGe6YLz|c+NW}P`eie z-95nb{L-edhn~p7@^6R)0ht?e@^>NLA$b+=n@(PpHGAOY^IKA-nx^mfL{$F71)-Y` zFGD}{uF_?2(R;xW0K-3*;FpZ!jC7hfE1h(N;n>k%2gC0rJi>aE;R>779q=)r9lNwA zzs%iujy%Q}<%dIn)AUS^vNEs&ZUJbQ|5E2aA1S*=Q|Niskx3qy+DIPb}aP|blNc|dGJlA!&?U3e3Z|Bf8p-n44s^53n;-@4t3vrHiLH#Ib=Q{3m8&9IE z0+_qHPTq5Y_t=i_7CuHr{l*(r|7lmSl=Lj|ad>EVYa7b7oXGQuz|$|xsPVN(1s6Fl zms$7T0{O<&bg|uV5CmQ^7-y2ldYG+fH0_@9P0iO;ViXI|Utf=}*6$D+s*x}X$uclp zW1Iizx$J6Cf3ZvA4WJ$SpDg!3c6sy^MnSGuzJ1hy+%OAc(WgajNk18ic&R=TNwqoE z=R$h@Xq>128Rf&`k=`SpfBbdDy(ExVqG&TA3&l2|Q05P2Mg||+ce9HScO(pR1>gND zAD4jv#@wy|ULGN+Kd3!W$9}2BR`}cT#h3HsAtIqPh>fbhlV0gs-UA|B-)NZtc9~aP zElY^0Fr9RMFbJ1a{GM}ib&mED*9U}3zzISQaq2c(R*@&}9y4p0#=<4NOf21&!bDPd z7P^5vS&ybiXY{cbBx;kFGy-D#pGIKjk*pO$tforwe(n(H$gz;wr!_-@v7k1qPugj4 z0pQ@GobWX&Vzl6G%R;6^oRdqc=47DP6jX3)Z%G5l;<~LApsJlt4H2QT+J15gDSLhD z1Usoo&l zl%k_V2AR3tt;47S7HBm=wEuUU~GUK9=Ye&F`?GIRChE_#w7_ zolUz;^F2`RDO=g9-yvY-al3^Nt#_zWuTb0+CgGYqH!9ue_LRLEItm|I#O{W=Bg;qN zdr)Yt{O7mr@ty8{irqlgpxHD*YFSjl)$?=Pph6icd8HUC@31}S!8$shz3gU}&508V zZLg1&ba{p&j*EY{6e-3!6^CV&w;T6W!-Sr)$zG3$J@t~NT;YsUt{zw_%X`qPj-4As zwgdgJs9DiZB|}HjbBgg+(`5za7IPwn`9-LhH%8e$xD>b9QWywr>4uN&)~}+RyDBAy z{Gp_~w6KZY|0?=g0xn)9gvwnih>$z5h%0)esmuT{J!;MlX5XeE9r0Gqe ze)CH#sOo#`)ntF35l^zL_A7zz@>*b=3z%0>KXQ7(3ib5liG{7qtoRbS*N%BR^ zR6NPRW={;r$rRQzH?)wP#vv6464M~;8bPjSR9KGx5~ zHflfG({t_0fXZI$)-1CqvdZWb$E1D5Wjb|D%csM$b8Oc9)N3PUao!$&O|v{yuT(4r zfdzTIt>3mlpof*KSS? zx|7{o9yeZml8b+9>>^={KsAip*O-i*G+C<$M>>ZVE{Brjf zMMo{QIqu*~S$^__SS5uP1E2)7Qp-gQ!sY&h*9|=_ECbdYLVtcugtGFaS`Sl|I6Km} z15mv`-*h0#5+7VBtz(Z$;ZDznG88jp&qrz4RMcvf$TC}g7W(0M#y5@IYc-|xS>rPk zJ~yae21Y(H}|{yR9IkYzCD~fg)zO= zisa*F)el>nzb*35c8!rA%h&E50vUqyQxDDOW6XH1itV|MuMd z$^LfV^q#(ry19J=cJ~{d@Y?hJ6*dVYXs|_8V;L@X(upkVkP@hxSW=Lf-wuOvPX-A2 z*C=2x4OXBRy)U{Xehls`~jBxXo!`&{v}uZ4$}6!U2R&2+Cfy=<=riEYBuUlUf8Fi-9}&DyEdPG=w)m z`tNycMb>V-RqXGS=Bj$yuf#VQ6q47*D{k|_!vU?m~s|*0~Qes@^EE2TYpBk&P8nt z7n~nl;2I#^|2W-R-rPt<4>cHHZdO2!Ci_*q9gmqL+C;8iD>PWjP~wYu<4i6Fx!vI9 zGQap{)~n~1Xy)XELcsIU=XA}^N%;IYpO=eCBSGd`mRqJjP_42eUv7LKE#*i_H;gf( zHc48{;DNZl=K+e)TN?9L>k2VhcrTZ)lVw*=XmxO;SL2@yR_Fc|5OVsEQNzeA!vROS(Uvni9L+^~O$HOA0pHd0y6$u0p z(QoQdO?QZf^%&Gv@d};gLDokF-)i@3Vs~YdgRVu@!xq*P6tkF*QfmW)gDBdY z zi?bKT>fy(0Lk6Fch6g?A?!u&HYpF;M8y?a3)(pk9&(+_6T5Qd!-Zmj}O&>_lA~M2n za9`Muz!TU^W|fpz2^oNgfWqMJzgDy17;IkX{{GF^y6z7`{)x1uD_bvYWA8^2l`1lt4ElMzoHKUH z_F(L`GDKEBMspr}AMe%>ks$8sBB0f}Xdi(6t~|F9H&cKpNo@yPEDbm0 z->-$EldguTk*?A!})(RAVvg&C7fi za;UWkn`wik0{2_H%(D58I;GMTzVBKn6OLZ2t<6?;Sp4zDp+FDT(ixJTxZr{OUpPhM8&cBrELy)mDzqgkntWe1% ze@1^cWK!ufcz!sEb>oRFi=Jrw_2_%)W$HAoRU@fNf`zl|MqRVCf^UlRO2BlN4Z&C? z_xD~Zo-Aj;{w=_<3{EgD<(N^lS?e@(p>6b`hKusOJCh^J?_oa?JV}UPTa#H~@O5f; zPyf3&W~OSUY^$*k1%?_NM^4C3pMW?=Wv3SthKj-}Ce3E9>Z3!gu%t(I;9HHtMdqJ; zYu0qMj2HwXRzDo`3Ga$-?S6}JUvWBF@GY|4xw_u=j%$7aVi|Ua;T~?_RXG?41WHGq zkPPlm1i2}eTh2LyXgN$37iziMl(LISps7x;@wVD2WSg+?8z~&pwSo{7RfXH1LZ^Rv zgv#pe8Nw9LAV7-R#RL74Po}}rPNQg zLD=MGPm5hS=ds9GzxRfhu=QcJib`iP`sLx))*hi7{TIywKy9d@2aZrEaV5w@PJUG} zg?RpB*|ypU%`oj}eyWGUhfCZSzdGVj1!XVpmllSh1;@%exKwa6#+NssJlX9S%+gk% zfvlV5Xmvu*ovHz;dY;+Glhi~@-%8_g1y?u0mSfq+@^sG2S_vT8eFF{S)Ld(ZFU-(Y zFTOC{o^ebfhO?aMN0wUe{+BuLeHkbF0xyGExq#~O%p-s|l&-dA%y#AD_|8gLy{$VY zU^#}|$O>B+-JA%VeFg5e6t^m9_o5_kK?axO1uT^&hh3%l`91b+n%6{oT}rDsZw>>S zBC|`QeS0mH4dPh?x`8*-gwP?VEa%xU1^WH6eIRQGgx0jokYfOC%Ye^2i?~7jK0G;P=v48sy_t~_ z*pwE*s}H@tNOB_~O?`h(zGBlVn(ZZ2GuPW>5hQq3KYTMM#=3#7Q^&^kP>xT&##0AM zwomQu4I2RUiw^-2vPyi*RQ>GEhmuZd+Jhagi;J%4PQ`M{G5LgBU-uIC7aNC7;P(qq z1vR~eDnRiYUkFf>oA#QrGM^CcGQY;7{~-{tXqpYKk&AatD$8AV$8XpER|=1RU2K%&82Vj8%Z6t0Hcvo{}0A}^(Yuu4y_XOKQ3`;`L4Od>WZOT|!i zZ8L}#-VePjjQIj_=CX*Le+GuV*`I)7sINl(dXShsk=`US($U93$FZSwQvNs8Woz9PyE^HMiOp zheuRo*!H<&=Z9fhDl(a+uHCh=kZ)=FXU>$C-s)B8+Q0tkNwtBIpgxQV_Tjuj8@CL! zr0X>PaTwf!3?CrUbi=U%opRp-6lADL0viE*v61c8E{;~6u>=cz0Lo3Cc}&iinMd*I z=$G8IwMsYJs-I3z6&vy#oNTg+uNh2N0xtTz`yZ-;f18cnyzvv4f&9Wd6J-xxq+SSs z@NsR4{GOKk@HijxL|A>K;_qn}U%dLADfaiYlyXE}n-tk;=E`p-S@562A zeB#D)_#VH{neZ&l-t;>im$@3kv(!++;HsI|UfRdYP{PJ^RyTzLo}MGPzyI{NA^!i` zBIGiA0MgI@?I83w@ox+Kf6W5txM#)Bv)uA8CYTK`XYr@~xMrroMeuV3N^gu{3U(%b z*4GbDl_)(N^ zHZD*pTMdm1SeY69p0Phaqj;S`4JYeUqh%>jMwIib&@qvdK8~ty54B;!q>lD^#4@&L zZKG)xfy#!TeRry}!y9+v#`g_0w_Z>-UWuIVaFNyb9a5Z2NW;uu#l*z8ADm1@tc=vZ z#DpN!?r*cJ-?)Z|@cM0#5C1b8 zz$QG#zi1=T*BuI{Aq~(yO&JKHD*n_aHt#6r5FokE&r{0EsSg*}^XHWf*#;>=gG+9~7+fZ-ET8HVkBy>=XL-Qc!k|>1czZ;6PBs zK=^TVM>{$PA75@YM{~m?4hC!Q4R2!Y#(x%R72t}>3S+SePi8|PLk{so`bt&2@$_C< zJhQb12a?O#RtwTHUDcyq7HcGAjnr71HeJ2^Gt))4o)c65`K`iIP1iM9Q|3d!_e+^> zC_f};Tq5nZY8)d5gNe-O)_eXR&2Uz^jD{Oa&aKvSES)RMhE;3Kr0y4}>jycQj<*@+ z*21lY_7>`4IvCxembd{IRVIPQsc?QjO7tNh>BJtW&=@{SJzpvB(;xsOXKW{S`JHo;IUOx#6 zz?uqT3t4ZIqY}`vzU+c^a~Cy@KXf|k_4;lyToxY^tv-JHUaVv*kWt!H=^b7-`PysL zt*3xiCI|Ev&Z8Z9Rg7O-%9@Tn^?UI;?_sybQvhzP_#L4Pu>zH_eOU;+{W-P`aUreG z2LFyTgyQ)aV2r}h|Av|}1~Gw>QPa2UI9lm>W8X>))1_%~@=q~6|3jUB^}~uc7FXTb zux<)19m*CTh)6CzEhp$PFA>7$q8~Cggc&i}zLeK|% zDPr!xn07v8ORn0N+Jp6rhdC>8iq5FMt{g$tnPZlXCGD}H6~c+4A3mQz;n5(F0=5Vt zCnDe-hoHv`KtV(e7EMzBlKpy(R|%|fKg>yNfO3#eK(q&M3#;qsaF@%r%`VWV%};4u;U|Ko*4lZa)GeJYKDs8T zCw{Kq4D5CG+H_?9tn-<}P1E=tWh5pBlNI*(M3-{)pnZ*tT;Io!E|TX8Vn2mNRjkmO zcDwRouN@dmp>*sM8zT~b0KEAO@tt*ZN>E5FO!xJ=5%e3j*=%+%LZQo_Er66bBMTED z7lUsVKdYO&P2Z;g?3>qetcF^|xKs7(ox6HXYj;xRSOm+S{+^E$gSN4cWK2eIayJk(*6-6U2X&V!+)gncaHCKu#Vk#+ zP9?Dq>=O7<{E|0O%VRl*fRFP(!=A1>9s~++S!nF~^lorKA)M)t5*exIz<0sAA0`wF1QM%nNem(;&uAEmgl5LWU0N{ZFvysT zBBUJZ>N5dZNeZD6n zb^W;w(-mXTubyLEeEZ1lqtvfp<~QJTM>I^9S7UCYkRlLfE7BYPt(2QG#jot8CrfX) zGyA!frIN9%*HdpZrd<>%{+@&f@TcTQYaotmcxvJoQ>o2MI~c}6k>W;Y<>|W~tsKJ= zu=Dt7hzR4Z=<9GGpaM2gyqO~Pl<5L`r+70hJ>xlE&xTY1HAbOL0ah95md%eLIQFNv ziSj@{KsZkh{k6N_MH7f3 z;SeU!^l4qv=g>HVT|lG*JoRoEq8KY~^k%Jz0*ch!3l!=pS@>Z#Jb0+JXLTfTzihLXm{m`tw<(r@h<=NiLXHykSih|`u z`n?e#x7I;+l?^lg9HUINlwj4JWsZOlAyBi7qB1#R)hf*lyYHNI5Y8LhYeFWe@an@O z2XpPaO&cO9rUPD2H8&mPgQeTWd-!3N85Pmcv7O5ARyi=nb)T%uM?MmtVO(&F6bxyQ zqXOjPXc4iGRMJn7zK|szrzsVV_sV>$uKo=h)LwQC-#0X)Bf>TR04A3lU)($w_0m=m zTb6l-zJRazzHL-yBrz3 z7H^d~-5-ydJ*C0dwQzHfV`8MiVw`tq(8uMOeLC<(C(R2cx^HOnPBARR-u{cPX61!B zFn*b!Uwq|q-RrS$q({0I-T~rUKi>;@)w6O+*y1iMns}e!r_Tt^Za_2kf94FTxwJa1 zoVT5=c;<*sN!bfGOX$+;l+V^`6Ke6xe;kqB>+=^q*Z;rksgBb#@+7V9`r_mYB1w;$ zd~+SasO|HK|zr8-$r74=Vax+*C#tbb)$0{-?1dXzVi9lYt}Rdz5jTFxxxH+l9s=7aWa3 za?FvWp)dv0uSI>fY(LL|3hUQ4rBsG*u3S{bPW&*ZhsFDy_*lPfF5W1 z&cL2HAsU~7K8n=zn|y`NK}Kn8{r$~zSR2l-d)1D%*Q`H z>T~N7XL}ae)!E;h3fWkSga`WQrKg%ZgtpH5!yH?)!e4#S#1`qz@3kevalmSS>v~&> ztL}(hDqweSyKM7mErd{`JVL7FZQvAE*jz;vCEi@)Wlub#=kUg`eR?xyelF*YDSv*# z=|jLpSO|$WvH5-eh8d09)r!i(t0M05Q=8v~z5LuJ;CPL(aferL4Hr{zwl6weJFV)i zJ`o#{_;ULUb>H_8aG?0(a`3scSwCLE4@l1r0ldNSBTBH%;X}aA!s3gKJ1FYjgAB9z z`6VBwXs-qi=}G0`-jG88Vi#zrVL#;owOr}j8|-_PUQ`?lTkOQXb%}>@*S!j0m>xh= ztx{;h{IZn9pHMA%I9C||mV$C|y>g_^)by-z155Z)@{E3QOr46Us`}8udM&iuW^41KzUb7;9p-4Mlr`M5| z0U{0_i21o2jD!1jPw#(g|G8zfSTzq|IbYEmO|^J{@0k_2iX<7=Kao=(qwZA_gCdJM zw}#OLQ@!A}aI@s%;&O4|X{bYK=Sr!}dvMS!r6|36R1NVett`I?7xgY%sJ=e(`QyRe z01BH%C1b@nd%y2c{%BmW-0KKhpl=bTAj*`c>d9++P5zQ<#x(@LlgQ_w^P7+NNV7dv zziT1%4=w!QS1K5?)~@`#RJ7jq?0D9>@_7PxdL|TjHs|V;7EDn~;rwq**v6W&iW6U2 zKq;=K#L;^{jdGO!s-r}|d<79oZ6LJU+9iO$_kB%uye{6a$v!<*-v@i7ugB5!>a`u+ zu}Wsqsg?54FyGr#>anVw(Q&M5CQ5t?Xmk^!-%9(^m}$8ZInd!f5GeYmVv+=;r zy*P`!xQwGMXbWg@sIx(^k4#d9ryOP2TVsJp96BGASw@v5;RecrBMC!rEA{Vn`n$XR3au3 zqEWro5*edG{!Ydo0`6%Ju;OgWLsoEN;@%W;dC$kPdCR~82tpRj&cg~dRrnUEbN4wb zxx>J!2A<)TKwikKdNh`>4XHjZWtFCh!bTv`9tmOTOQ~p>c)Osi+Nd;XQjESk z8G6HHRN;Dd3`H9LgM{hbO81%VyD2{{XPU9{*q~%p{96R{Tbm1Jn*Yo0qsxKV%h~2o z^VJc`Lvk6C$+lRuEIk_)Umf9L(*3d1S24ZwL3)NW(A1F?2&H9EAJ;F#WCq^F-spVnxxAjW{fkHeUg@l!Js-oa!Em}d<|m*UWw=dilonkm<4Z*yu~ zU*x-ycoKD+EBJ)UC7pz{;DK!wzC^K6BevG?QZ4*u69@%LxVM2sHGAcj5GaMkKWF6y z&TAmd_)$L@wUh!Y>p26K`6-IH1RA%XW7;*7E;X1~p||NBrD~`r5m%lyprHYUb_H2( zJ`;vOzw{a5B;_wUcLylKr2W}=&_Ig_E{~Q)JcNHJKye8SM&OHkOGqkWf?=XL-uKR@ zalO?nPqohU>SfO}o*m6Fh%eo<_s6pt9qd5LX?j!p|l zUrTNZYjYe0wTX(92@hO^JyFN^6l1hCgy92n$ilV&Z8(%I-$Y?aaXnyd;{Y z*?GqLSp6of-14S569+te=$D`sLm6)H)xYx)EUdnyhjm8JYQF z1Y29c1L&JQEN~oeI_JI(>IWTP4C2}T49hkqDm0i%bKw@Fy^VCPq;vTXUNtg2;}V~d z6va(;Q}K9XRkST#UiBJcq68l#Bn2iO0)QA?Qj@!t5T}S%Zi8ZP8!{pJ;?*$t&My9S z>&Ss!+K$HuFia$hL~c;yt+811anFXQ(BNbmF@Gi*jTg<{s(kOU_$WMWoOsqPCn?sb zBso3MP4+C*gb@9bO4$aDrb73(`!l~f_zCh0+YPE5@M4;b3mJI zm{-gBR#(P)D0C%lQV~UMn~vgD1kRVq7gI|Dd398IB2ytdFTXcfkb-Ly+Mq58v#$6m z*!t3gQBj)76YNNxi3S-f&|gZb{gPodnZ3l5v=vA*hTPsy8$Inwo`M>5Ag-NhSj*hY zFhRH-qbx|45UIT;^_Lh0)ttPgut8SB^2kqtAar2tn<-lLq+nAHbVPz6L*Q1Lvro(1 zVn0z4^KM%$-vw1EgToj_U!(t)GJwk;(t2m=R)_x{={GWnK$6?EdR;C|H_uZ{Z-fE zROogs@>yb@?4no2QTR#NpE&QI)Ki!%)_>xDHeVW)>BHi4q1@0v@fV|kcX!t5H3~=% z;rtW-t9Fk*`rlQN{1B_+N2E}14oFQl0);kfW>*w%tD2Q$l`d)Wu-W~;^(@{|&Nj~P z_Kyw$S%(1ssn1~ujh`2WZp}U$d%Xo6_uyonHozIa*E)C*GY^GgrynS^CD~hyfbdGY z@7Nwca`lT!+Gffyn28k;b50#(v+zNDP~vPDS<%oK!Ju2RS6xfeUiXYR3nyrb4Yba< zAUiagu>6u6or^D)PDCm-<1ME1VyCtDstbRo3EG9 zLp3*tKJhp;+(|8-_GyYJ!`S04Ync#ujmJD?m_UxeF(&(`>l}VK2*Ir&a#nNi6-wbv zwJ&ZYGEGCh(=%q8@2lNBWZo<(N?FIGWR{J$YS?U+``%>qc9-mOeP27TParFn2KOUV z{1_o{EdOrX6Ta^n52ot!-Cb-O>a#C4pe+w?m&&*G4w4B5OO9fXDL+ zs+&)1&tD3k3hKda`6mro@fVqRfP`{aDb}SFf_?$!t;q*d;g4ZD>HQ>{hE*}|8!K6f zNv&aAG3b#s4Aj=uP$6vB8ix>KlXbtzsP}?3WC?3Wg_s5OTL?LHH#qOzFd=knjUSvZ8+r!X>XRh$(@AdM_~j)lKuGj{foSPtZ^J@MX< z99dgDi4HA85Hcrs#8Qf{Kf#p2$SN9oPK|1JH}MfGA#mO*O&lw*1EHicJwgOs{TdBz zD=D^5&!hUDod2e!Vznc*BVn*>`-f)-^f#FLQr0ZP1K_eIV!i#^PqRuLC}Af3fsJ&T=&wq>;jveHUmAdlOUjNH|v zenzO@1brrYG?(c#5MYb}82<{O(NBMTS*CBJj~_7>eGWK%`bc9d;262+2^w~Dgz+}C ziO*uMsHZ3YTg+ADvZfUFtp=hj=&Z3oybV4{F@YI6!({`n$6M&kBip{Gr+M+ku1p4i zxC7ejt49ScT0br<49a1x{M;wjP=f!i^1R1(d9%t0g{tcL1h%AaLKoJ@zHW)p$7L2b z@)_<<6UJ6p;kO=_z3wjQ=`B@f?_Lt%34d#bv%+E;g3jsaBO2|n1tyk#CF#l71wHp% zbZ!w0=e%H|NzrX_63af_DeuTJ+B0&|r^3`qz&_tmUjoUsEJ1c+{LLX6E(BzKT2VKw ze13})AU-qrRsPK?%-T)v6QPD_Pf<%nnu19y$I*+qKISz%;(d0SZ4!*g4Xfo+;#7^- z|A=rbgN|l1f2vAjD+^Y%|J0YW_jdnbQ+j~zkT0Z1k4633PKElEm-X04@!J{74NjM= z)3TIW27^)+H8$<7c;cY-e4@kX9ZXe|v6^RZ^^lS)RUGZ&EZEXi4-1f$_bCRe{9dLq zxh}@~P~A|=H{*;-r`>$7dMQSKN^7hw-0S^*TZK{g%C9GJe}^lX`Gtfch&>(-H461eMY?FJJ;>BQ+BfiQ^s!k5#u3iKMR)Jv%NJ zw>!R_?XkRv=nlR&ia@z`MSatb_2L`nSHMQa32EQ(jU+Wo60_TE1ANHGhkNqma${v( zkUIzb!hx$dYM+L1ozVqJ_U&n>dHIMh&x=3sYP{G+9P#6Syv81-nM1gjAD>JXGF^{K zA%SKa7Z6zNE~U%8x_iiN^$S?7!&EEDHBfhvK8XmxmI1+&N7>v6-OvW^Hzh_iGPwp@j8Mj>tTl`QyKiSWcZjF+w7^eGF>+q?)) z=J6Sx`y`7JN?npE?2euhBgFfQ9;3RxdSbS9*4)$>7OR83kyShXfb`zJrh+SyCa+%V z(!ZslsleUrnG^b{F>8jIFRY@+WEcxC)prY42IJx#5akv5reft;(X$N^pPpEZ-_c{9 z3abrxWI{^Q6epdkj%c>bzS;F;ohEOYQM3@;ADEx#9mq~hBg?{gm-g4Ym!WK<%FOyFM;>g<`uzd9e$C;^<%!8G7~MM0L9Sw%6gYN!1qkq<(Tnsf4V7 zY^}?T#372R-`4h%?X2> z4`F^}rWR>=Ix0y=8>w#lf9bw=gOI&$iK!oq>7{6RA$@se(q9t>%<5Tz*Rk~BUHJ7J z$9D}qBVOgx+TS8DEmAjSS+9q~@#(tF0oZxy)>gY*C%L}N3)n_kLK+n8ttp2;=!c9{ zF=mHV+jyohhk#2RFtG^DIN$be*bXg5UCY0tz;|Z8)CcY$>jOJsm6v=`(Y0=)TsERA zvR`sT!k_SN?8o$eWPdrbLt2(BbKFCzE%1 z1-1g>JE0IG{_}pCqpYK=_nc62NGglV z@K30^#-PTU(}~jRS|Mv&Z|!GYm)P#kL&=RtIF&@wnmlM~-73nm#O z&W|qFzMETRQA?fD)J)Z?*)I`(GQcNN3ZcZeeaZN&yEU1$vuxDYWfzxgRp%qTuly7h z4Jqzffp&T&%f5PW!$n>!@nU=J&a#}_CpkmvfQMIGZ>obyx!eHIlrU{SwY^ z$L?o*evyEU%vz(5P*Vb2QAu~P;dQrBkJnQ;0RK6-!>F7K0AP;(RtGr4#EC1pZ~ydm zG2CMeas-ZNg)#Z#L~~%8F%dsUN)W2@3ep)mA5_))NWF{|nr-~vh8kuHSgN{}``)|X z`l=VK$-v}nJSu*aJqzQ_ftkKHSY8nqn9_i^;$!N)qkH3c%bPI~t9!APc zAII4F?#@!itB)0(+;lg{#D!_ZifNm7kDOSCtscH6f7WcVBszYT z*hZOtfbP$^{G^oaQ^5@@)p?kf$xtv_in8lFWGclx~pr8SRf21HZIaJ$7t@pBsp@ym*WU+-c-3qCSf^atduY^b81CXhF)S&!vMY)xE6z^PPJ0g| zmqOIL`W}|}S2?Xncm3?VwU}2lEwj)2@DLEydk6?$9q{qdKz~qk&(VR)x9c(R2j=HO z;aDMg$tQflYCd>s7s1%X88<41dfTitT~aVJ>0+5VJ-C)$*XQJ97>>8i&!*JI_)4{ zQC0Z!U~gq3PBSBIa;L6q58+Hq1Dt@;JJ7!d1~5)2IYY~)Cb17sDw^i)R86O?5N?T_S*T_I)DUs& z%|CcOH~L}0#k*Qwap+pok`ehI0{-I743?#i!=HlxF3caM|JyQux0(MVz3F{OJ~E5t zDm=`mx3#;8Yw@|I&gc{Wc44o4^SvveoKv0R^5=TCP_#|aAJFM1XOXDL=PKZq)c!idyceKGWVHmmGb zzOjWN?oUr69wm-i5?LiIfD|J^r8yTD^Mf0M#p#Mt{45 zFwi#SL}Tq%*y=dSVDW+_xi4aNY_r}D==UtWgSvN2<;s`Oe&0ijSxp-T3l9PNnw?ag z!ezp$<PMeC2y^VK_3&4bm&Ti=JC{cw|-UqD*>4Ej(Lb1}g+Y0`mAUPlmayL=sLPGhyh-B<)6KX2kq?!X}LGrEZoH$@9-y7as# z>8SbhRA>$AlVQc3??kGLRhcHp6Veq}LY13jsc3U`ROuOgMo@f|#>ml4Ab?R=0We9d zzQaZVE;-G(zG^|fX;g#RMhtc$u#3KSMcKXKN?q^}} z1`Cz%*_B~D@_wzsccB_&!HEjEU`4}|JRhZ;(}p_vniF6gzx#(uqH?_^b14h&E#Yk+ zG)ZoeoDq#Mkd`Wi*E_`UgvactWYi>czHH*PzmGxdhP$%_Nn&+1>jj>khkm7uHZDv| z%d@o(JP0bYl8u2~qu6DmV_&?kMm=#J+AaVKjKpXuJdu?dU%TStpr^v~r6xL_SUh{z z=Hp#~xAXv`tWZhV(rIx1B`|NfvqgD{LDzfOPgkrEBI;wJQSlPQ*FulrqvxE9v*+bf z0CxKJ@S_C4K&apL>jHdV{9ptc`U zoz7G()tw)2HS5L?;^*hb;t$ri0yPe}JL}U#B+q6?NW|DU16%uaIzf{6>Ue*ZtpBQO z`M7uF7|+1{kRh6{D)fT@X3!mhBLcy|b6vdFDxZ?LD@$dscYw^R6~kv zF=6>NLhJ$flN#9<;NFTRW(%6erqc2nP&J7gC+D(|L-1)iq}Tf=Wqo>Ou&sf)xe|)( z^>%MeL`lSYJ=efcL};@9cO&6oKgNeW{YpujHI@dQzEA^KWQ=aLX7sGZ%#x5rMts}& z`!~rG;wf?;4Bv(c=L`DER81d%f^|ME$a;IXx%SF>*CO!DG1R#VMVLO-ToADmKR%MJ zuGY^0nlGNuO$aSt)Q*gu?QR#SnTGi;rnD)^5j-#s?%pCFH3?RDzwIjtS+u=JW1D1R zIJV)zP$(1?ZWI~QU2AS5u{GI?9Z|5>JFaUr@pBLZe zU40Jl)Q`Jq&{h|G8wft4vG<+*TQ2=BXXNOaTpnHj@3022=X0_5%=fS)^KX%`r%TNx z(DoX?capu9RoEOeCOov2GD;G}o8f#DC;g%_GkLR+hC3YgDQ=(r&aY@Js9n-W&nh(d z$W_KNNACwQSm3?OG@xWVPV$rPixQIU3-Kk^XcJNR`5-quUIR)+&ZWR6tWRht{zVyZz<-%g8+Jv9_ za+P?Q=z9(#Py%&iboyRDW!_CskW1l9Yh>w6uhKpBVaS5Aeo-N@G>^))toSwoE$Zw% zY{Xzy=5fs6<&a?^ZRNM7JJ!w(;_DPG+{3~mGErd8m?+?329{wIY0D+T;A)j440b@_Gh$&lk%Z z9d{vL8qgspS<8wd=s|_vQy)Z$?9V7K>*J(&dpql_gbM>VH&v{{`}Dwfc&~Cl%0PBN z;nRwhzsZ%6XfCD!8X&N#aiKm~pkLZRs5c(?xVVBcR`0UOwXhiADOj$9w)Ajorml*s zoZ^bRx4pFFx-vM}iE!K1++S+`xs`M9jk8y^#{!ED06Bx;Xou@98AkETA1tz=veor4 z`+7=k`nXlX=a}J{QSM2vjK1(G{URibmZ*4^_vQ_Hyy6avw=|@+Phd+x!-{A@LbCe8 zm?{4A#g|Jca_Ny-F1$TYthRgaw%TbR#5i37%Sn7Ot3a+#%kkGJtl^rq+XHyM0@0#BYhP_Hndffs1L8CTyneT|o9D{tiwZ!%` z^5D1{&mo{nXODS@(elJcBg|*J-@XY`=r5f7w{e1ZvjIKx&#a%p-wa7E*L*TJsKRRx zZD=|E_+Ct*+}-$nXspdVGL<6 zkX=hXS%1?&p>90r5KzQeH#YAZLwUOAJ;Euk9`#B|Ly3pY)!dy+GKMji1Z=X{*(@WhY6EWreCV$e{nx-E zS-C$s-Z(+Hv^C-$V}s7mo+xyuK+4yVz#B3e?9vfcvr=GoF`|4~&}l`Pf0`mK;|asd zZZ7T|98|Xl)5XdX@!Xq^C#}<$@Jr_vnVq~20`q#cPADvYW*HuU%inC8yg89Lypm)6 zb2NDK1m=`C$M@d51J2(Zq@=F*Nn!d3%Hgllm1MC@RD9&14zDQ^>g2$p!>RoAytHQU zx=Uk5SwrsT*`T47nS~XM%57a2w<=DNVcuXC6-zFni&I1y-2-df#n%`&#E9f*F%(-y z-!7N8yG}IvE!y2g>@T^2v;EKHZG-R7j#{cnsF-LXIac-K>#sW9{OH@B_*EXZWM82DLQnk`O$$muAekA=)DM!SA7b;-WiKe3N!^gU z%TnZzfw0e{@S=ubzjdE&3SZt|LQiSPR)j<>1q-ssDy4V2ofk=`YC0(?C5HKZE&n6m zp?}VouJFR23h(`)upS6AkNfJQ;&=mkjuh=B#YbJ2{6=3+d=g!>w-o3xy`{&JjpU?Z;{E^Q&d+)RMIcu-I*4byT^hKgN0%FQRt$P6$*jK47ABBbKCMa219~0Z9f7epY`wo-yrICwWg4oPJ+tI~*vH>~& zuBG~iS3k(g-Zq&#Q@hC=ZSNbshI?9z`JMMK6_C68L*M+nk?ah*8yw;J2UGrOkg`n8 z|EJ>6-vu>=^P)5K@1p?xb71zUH}kt)`@LKIKcvbtHty7)tp7*xP4%mPGUM1E)Gk}^ zygsY*Z-lK?uI=idJ^fR2d~k&CKW;qzkExWM;{N2%uFj=pBMqJ^hW#euUa@hai^(pb z!(aI`E@ZqfTPORsVszXiwNcfY&6>Z7cx$1tukmjp&b__(LtSXq%EStPf?fTyfrz1k z-=j{hc-RTxnfsdolkJmyM&q}CqxO3znGG3jh)KP64d42H>n|_HcoMU^3qf_eS_jDg zkUa&V6F!M0Rob-v1T?RDFiY3IMM;S`FzH2zy&g>`%1%nDo3Q_ow|{zMCrR08x#(y& zi4;@jg~$oRgfD2MG?+@E^S!|?8Gy~cgRgtWKt;}?|6n7??oSvMW@-ycIrh@vn@EQAnyOW!?pHXre&`t>q*U;mz@15# zYfLaq=wzKwXFZcDod()ZSk<$eGDrJ9NMIdB57t zie6D~KiRi}EbFlRkGo$U+rH$-44sNF!NnuB$dN50VY@TOK=FT!*fo(0|8{b`I{dGS zL}2{%Hvzymff>t7OYs^R$UeSH;p_=5xX#c3PLgfpUb;;>{0=P&x-aN@*TA6k^@FZo zCnP$m(grze;Uy(EU)zbQUYD!X(vUrF@KmYF_DN!Q`4lIa5PI?@iq+x5IBBP!J~Jy% zoK(J937?u7LkGe)r~73IcN(F(zF;W{p9U*g3p@9U`qlSS(~dkl{WELK(CjEyMTL(4 zOh;!vcDk|J=x>GFSVp!qc?_SibfdTI3zM2*T{GTg6Vdy`YqK@u*@SvD4%0??PSzTt4*6B-eDH@^Axvd9eDw8Qj(dqFb_{pY;9VO-<*JgxT3 zVy5x&ilb1Qmg<qIH}v3)=&3Ovu%5^d zSab(MQ63lAX8Ju9v-#9l&MFGoaph@gCHX7X%=1w}y5q=42wG7#%wgFxL+z>AzSEFV zhJDZUOsk<&egW;le3+$UrYuXUrY9|;Za?@GqL7OWshT+%a4-Ditz7h3Z%$D;8{U$f zj$%oFzJzBrj(5H&vUwm;z!U%eI(6>LpvWwd7^5fpRlZo`DDWdSJvngB(_rIgx^`*) zz3|#eXDh9<<$cP4Y1q*anUtZZS0HSP%f926&CY4bcU#WfQpE+r&!I1QW$8cZ;37Pa znG(Dg78kA4ae%az89+bua#>e{Lfi54^f2S0P;bSC(GmOSKg(%5okE6G&z#DL+-LQ6 zdZgyK?sAF23~X}k+S0(n9k^!uYZyW<*5QMi`8!moF$Q`{h>t#8`gk|)h4llOiW#B2 zL{#Hox$sds>`wYQO56d;V%FSp zSg1QU4&(r$-JlRdVp}E4({DU=DBtU3 z{BXEP3sa6PSKDnIWV^w5j?NEj#LZOz>fmwGSMJ5UzADwaFHxgY`DYU8`N3)TpnaUr zc1pg7^g_m{Bs>8S43Km0nM{lBH1SWdW{BWF)jhnpFYN=ipf3%RY+yj|E(Ro4W|m%@ zDkdFJ&>`v&NU-C;n_QXM9>mS5n$9bJ4UXz!GnDP*qC*1oB2{H3AT0T?E|A{WVPE?c=#l{sKUHWlfptPH1 zIe-?8JipolYVDfL9hyGwO^}m}?&tsuy}~-%P#D5P6fZRgMQ11YJU%!szf`tPuv(Rm z9ZFS96o}iaq*_!Mhns|#tuj{wH!}~f$XhwC`Q2B)h{rRUdQ%rqEmSdA!Eo8!GOk1I zTvOG#t`^C6bQC}?c1U-TL%dLPId1PIPi}ng5S5;6bz@LjDc7Prcs22PG&bFQ%w&-S z`Vh#ZPx(~8CXwQrhgfL+tMAgizjT@-HwbKaYXJNLGjZZlQ0vO>nNC>!3YERcZYxjulKiUmfDTcuCi$wT``!j=MfIzty*7|Lj)*P1skc8Ht!54u=nL z@N@=BP&c@Vs-;eQM*QSFd?n5LD_9D#XaJ|dCVEjP!) z<}MU#OFjko%$=Q6D0i-RA!kAoM7g@S(scUMbleA#`|8yd-vmGj8jqVS0iL5J|(u^xuebF}dI_nLV)cbf>I75IR)ZAd(xqYrKGWD2YcJ-x~ z+4!tS@Av=1MmcT_tk&mD!Vg0IiZY)T?D@2Ae0q<;0oLb@L+?TaWG?xA_$*Qsl6~x# z%%?^FzOqI7{2d0Id-bgVLE(Rkmhn%vasNS;BaP^zbgnwYX`!b9rfG|}L@72m$(lVL ziHtcrweKp^2r&?43iUVeXox%enQ+xeIaRJ$P82HH0G9qHAe%J|w&F*R^mK+F^6=I< z8%k|dj*WhY^|_c9hr))*I2t`58Y9a&%&Xj*=j#_DIFpo~tf- z$Qfzo-2>jF)(j}UEFC&GJp~wqfsEXxx)nI8Cr1xKVeCq}G|(lMHJp>xd7DmT(C&E{ zu3qqC!3da(&Do+LFqSc{@C$h|K-((UALAYmGEYpFELBEYNd^v!IGFk%0<>86mlK%M z-ARQh@wwYCVpj%*ikThMxydJY>h`_(?jXG?obEe7N7~7qf)wScg+L`0=Nu7$1%w*t zsnxI|b1KD+T!O>_SJT&6ORW$Bcv`Mkiv zWQr#>Pcra4)ZjNVt8h8VRw@Ir3Ey+L*+!Hq0&$8K&?L;Z9PFf z8POcxGVlmpeS3Cj_1dqDG-Ir$>39aXm234`XzWVT+$`*z4#i>6*-3Jm65DDat~;SB z{fsHDi`?#cB1A8Pd10!ad@c{v4=Er|VR$Jvm1$fbnaoK&4OYm;+0`#Ne()QT_dM3K zz}-8RN-2qG`y^R9I%_l*AHME4Ypu}~TA^b*uozf%la2Ei9rUt}{e;t!p?xlW=DoWw ze1)7(Dnn%Mm$ufrXr55ks-bNkeErdl()(Y=?{1!m6_6FjovrYS@=46Yt|TsC04(wQ zjoQSpncSKM9r2l9Cz40_lfnHst!Uq?iMRVtrnG`vV`L!O?+@;eIn__TCHZrO%Y5&I zT$Q)@KHTN#rdOtNJQ&*e=;Fn)co0%a8g@0HhsngAk1;z)OX7&sdwG#_M3hB4h6TI-O#nai0rCpY3_Rir4symI14Qo`-eKMPIO&cz z1$t#Ptzb6ZFF7>ArTGabMe0z(vL5Ff6v;&!Kd zjn~(_uv*bi&W|~IQ(ImWD<>ROEqSXF>Z06KV{!S1d*bLC`0OH6iwCuD=s63CWKwm0saHf2P*vDgmb`1>n|0s@dLa7Vz$ z62!EZl6}r;Er^heXqycu1N>C95%$DdYzF_;NM)g49zPC~M|v|)boX3kiVW){a~+O3;- z8hA{9BU=($t%~xkC+@_3b{)rwl@t4yG2D;-K&=IRgZ}FEM$jdRFlz(2rIom{@V3h2*nZ@s!nK z=j=IXK4JG!j}uiA^#OB+86ZDmHSr?rgU}c`{Lq$rap`%tUTxx zAPCBs%_z1U2%c-%Ygbe)X}LC>b*g@HpTnSQx$~5hPt`3;PHVv>K1NU@ZQtxjkX~jI zfvAxsZ3fvFeg=m}yAX?Duf3^hF>4VDtvvJx%K?D@(`$^nl=iRKmG$#}bh$Z;tyeuHNTNTCfzy->W zOx{P07;)=ZgKLE!^SgJTD*0bKM(JUq-(3(m$Q~JV0x{-b2VeS8C!wMoElqbGol+7PwB~?WoF1y2?6`8Sjj|CxUbsiT-&q~UG>mJT# z^G<(lj8pdA(oX-{6SnV6a+D04tKEWu2}WO%R{4o}HuRA8fUKT)AXxh29lPUK?4(o> zc^FedVeEx7q3XW~8g}2GvwLgTVE5B)!{t8@_rClmWAj%Zp2v9{`;O)iDO&Q=dW9bF zhKEh0+eh>U@p50t`-htT>&h?U;D&!Ao(x`vhE5_2)2o>Q|Gs ztdXeG;SUK-?_bKOh5qn++4DaR{$1sxx}V1D?YWbjH@{!|*gj2j7qAC^z&Kb8rsE-w zReZ5V+8d41(m8Ycujayk=>LDj0kE#&iHcU>J?H6j3kgusiv-$-CpphUKsu`MsD$r+ z{_RPHWWF>ugbeY0Oac5rEs=udYc3cV%zO~j5y!mIq?@o(Zu9JOhv@ACl{qoNAM+ot za4nm2qN$TDa_+eeYZW`LC{kNrIg?o`$^OgVIc%nHa1H97-_a+vd&kh1aQx!1@KO zY|8m6LOVH+8pCtymNp%8pKdow7i0~8j^zin3ul>zJ>>YVcYhP`GUw-E5m7O$s`9tV zkGaVbDU|xaU*|@ytsuPUdivmDM%NYf#fh{&^Hn>*MNx1^hzcCv6`B)(VblW1r`QWO z7Cn1M&ea01red$UR-p9JjF+|cudoGK6i2p#W~?MjidIrxLS39W!M)~XjJ#1X0DsYi zcn?iVtrKRUlMiO+wUHd|{OVS}3kgz=4Knj-U->4`Dk=F*pdI$fFD$2G>6^g%Lo)Ze zihp1d5=FZa9yx~|)T9;R@u{{3%aoCi*or}N*v?O87H=tAIvQD?X+BN!f_362Kbi-F z0+YjqoP8l{0odZ11cxm%@4TqbcS*2)v!kp75y8HgP{On_4}FWQ1~Sf>eR6TB)+m1l zh?50u{t$oq(sD$ivPVuq;Dd)Ya-Oz6#8bHgfpA($fg7Ci+F-+t6BH5}lQe24*XOkm zN#$oI`tfttH5b?#REuWKh07NB!z6ljT%*w?#mYsCkDn=wK|TiS$>wzp9|uJJR8Ubl z4N}fp2oSBdO0-s$Y`FLt_uNxO^R2;E8~Z6ar}XnS-gxeS$-w)lrUQiTjk%0i_30~i zhoRnOXEQ#@nfPTq;{Xc7?tdLij)K>G)b6`~%|9Psd}~1`C70~m82v1iIx1H#e7hE? zBi72ST`?IL#2}!M#i2NpIU+8Z5*k%Au@g6~EPp@Nna&xtxlJudotfmB#L+;a;6u!e zpguY_xJ*-}C$w;6b?v)EmBmPR^YW5s2(6a>GV*m@&*iihj_HfX=;O}ZJ5_jFpPN-m z!k~Ugy+Q|)E&g%x!HwoX6>`m$HLX-*$5%Ze$9 z>Q15zaeblhfd0=p)S!)^j!qk!Bhs3XvZeBKt~b=RwJt=X6oh}c>pXfC+!{zBTA}^t zRovoeS?HM@Q`RN7evT~T0);R0YIg^w@hZYH_!=7$TAmoqt>Fdu*<;E97h&k5i$v&s zL5U6*FUp{21w{McpvDYTT2@QA!zN3x29k=B(1#n_F3jf>@%sX*fLPNvD8LGuef#G9 zf!Z5JUg4uQ&Fv$~9urn<125Da&{^9kp%NBKYp_dXo4blt+Wz(VW?MF1!bW6gKk}OZ zf9daGEnz=yl=~ti8l#-ipRy^@q{GizhsI_*_)TctZ8aL(1-B-j8~CZqWk#ZP=zL~W z$wcwoVK$|hmv ztI&8H=~WwwZqlfucA`abtfPtSRUm=yf?0r3F*(#S#BP|I-@q6YxcKRajOh8oaWyk% zbfy_NG*aQl97`^GSys)SMThK`hKTlthxk_A?!786R^QSsvFhMW677r^$|iqI@`$?X z44~`3zS0U7${N4ds4EEos9uN|xAys%f^{<#wtdjTE45}Mki#3C!PkALA#t~8qN0xD zD7h4Jw6({@zO3T+%kfUWy=#ad!5!vvdhEQuI40s~uG=CVLK9BXja>A>u*b}PF)FO{e^>7x~6 zfg0<$FCI*0uUa#9x2Q>?2S^oGoZ8Bo2LDRv)mzL<{D9K~xk2-K!netk#C|OGlR?)p zhZK1G0S?YN;_FTb4sY(0a_0zv}Yi=)&zntxC!K& z9vAKBiSNHnP3rOw)6p_q1db*Ekk~Jyh6Mz(U@K(Uh zXF&>@32D!5kZ61JNi^V;L6MtX>AO#}-@Wf@=fq}Lu$sk&k2gU*d6*CH#n-VS5m zPE^EC$HGELks@m)HxU+LiXqSIM?hMc!0PxabYk&BcnH<>T^?{$(q%Xw;!>laG2SA< zT81qc$HjwsTo^}cdtP)Jvi;_YBZAiL5LY+~dN(#kGH1cb(J?2k%dTAd%9ncg z8&g)*UH1hCiID4?C^YO;QI@QpZy!``?D19-Lcjc=gARZ=o+w=u16igL3VTg8*AEj%{9}>bJQ9Q7FbH;!KWOzzMV|kuHf#pSum?t+91A#1uMy-e8itk zekm?e55T8o9TGmS(p+hi2Qe{m_-r$q2)-mg??fNycLQQA5`2^WpUl1>$xcxdY*iTd z!$1$&b#I)Twu3jdD-qsRjq?OF?QB7Kte7RNd5#888Ok)LV^wu!32T|wV_$sxFLA^c zCKgS5e3$PxNl0I>xzq?*xh5^VBZt1e&iy9PAAIRY3Aqi^-nvEpo?^-J{TjYGWEkBh zS7CD)G;huIQ@6aec@FJujLqAXh&3uzRf8q0@oec8#UIHZ{AXOa!_seSPa9?wGo_;c<$LjOV$<)uVm`U@fuc$}Wi590$D~e+(WIdjlEEno_ zyPSQETytE1U4XIaJ~5D1Ft+UGC8LQlhj247}C`bN{H2OdHsWd;rFT(8#=X- zPZgY=O$w%d7}Jw?w+HUpYR)H$N-@k7a7j7POSFBXw%-KyK}J7Ugt=PLB7KRTPj(x~ z7Bg@ zvOD0tx^Ug&Ym_(?^VRjXKDxTWst z6JCH49TR--{pOKF&wfm4Q$x+b=vTaYxD;?uAwEvW$7f(iaW@K#+kCO~ZmltmnF(c$RCf2f4-%r^;_Ov^{W=n-7&4VqsbXUh!+^ViB znDzb?jpaktP7wH(nJtc8e=&CuE90W%#YfI0y9<|lDdLPxP;wa&+(sBaZapgh{Mbyq z*=z5tTnj*RlkyEp>d=hx2)AQ3Y}ym+7Cc28*D&pZsYtEA3+`ob<}NOx)TWuDb-ieo zMQZs`Tjk!q!~QhmH@1$B&xXcLf{vDPf?G8m9`@Kz>F=YKbwjP3t^03gnRj)2OlNj{ z9P&K$%x!-yUpQ{1UqxDhO$Ru*hzXKk;NW?m0dzcFR5!M4{3>wuY{5F#*vs9q=gTSW z#O8=PaZj{l&;1KmH|4WX4m0V;3`@G-a%h6o&m&(7eK<<*$I#}EzJa*G$K9jS?rr3W z)Q)j@?;L^e-NRX0J~SL+U=PsaM-re4tFl^%Iqnrv&ma-}c)LE2&LA!q2wgeDG%>MO z+^1(;U4)$4y!;T7{~$n=RV*hKD}r&X24ss1RVyNTpq2~igB4#8&neofM z1RnPV?46qbc3f1tJIJ~cSwN5-zfH@Whbmp?Z`Z3o{o46W;C-;?-Mf_ho`iey9+mAr zl}J_^S@gL1Z((Loe*8JlRxoo3HGbN{W#QT&z0U_n4S>WLKUWSc!q-5_8NwkGNA74R z_w=Sk4R^QtP^n?BqUDKh*@h`YseJEw+eY)uZaIkD)yYv*V##PFtzmZsU{F89VA?Ob!={Vm4RD)9}^aKNRzb3w@xh(G+Y7NnHg?U8qYoj-pP>s`Ak*SQv_1gJFjP55baTs229Iu zNkxo9IXYOzSp7Ev@#n`cHQ$5Uc~LbH+{^6xa{*CU_W(o`M=|T)jfmbYor2%j4ou zv+y`G1E*^(Blv#dAmRkULp=q8SX!1e^8Kvm({tRw4=IHKF3;EXKABB=s-0W+7R_K9imw&P(C!ULx0#GuO z^*|aEBeiaQxgcjkK?LQo<-wq^D+ilYFtA&PL`BXGr0_!1d6#Ocwm)dfX)joQ?d=wx z(U0Q2>KlmAhhPiHbRc8^1)yR)PmX5)8jlSsm{B#%f($Wy{Z|I!Oj~6cNICd$9(4J` zo$*&^d(<^Xr~L@mchjV*5?bzl@Ylg6hlp%3Fj@Hm9#QbDFG&AZj>(-Z&I76*I$PXU>x`-!d z&QTV}T<3!n-^!{&OF2@$KB5HuEkzB=Bfv! zj92S$#h!~EK2FfPK(0;%f!W+Us(dq1daG4S1ye;VcTylvWF#JQOOH-OzC-yA1+644 zuWk48H~NhD_}%S38eSb{Wo!C_YUc}BDkh;kOD&J*ZeADW+}w0K6Q0ke%WD(HsrVkp zO{e`f2B3vVkW30XnV(fQs4AxV#y5e>Z^N{oZ=b`e-0`7QFZThjSlme)*5uBc@~&o9 ze(qD91E_^ag^br#AD;foa;9tUzoeKHvA7kucAF33db8Nx!a13+9`7MJ3FH9WXK~nC zG%>vb0f0xR5tH=XO{^85WGdFi_oc6xq=DL6RTAck^uB@+iq8>TF$fVk8XGc`YSVAK z*{jJOF<3}@$!ZY%X&?d=T=u@fh7-y6ypZ9i2752?^1uAp@>_-A57GfIXBYZVNDJaj zzgcizeW+1;qR5jS)mtaViB<~^eG~Dx@3RkBqavt>cZyrfh)??{48f2LawifXap8V{{Q@^@nBQ%K>Z(;DJTT@D^fdhT>e8j*m z+VS;DR&~!4P!Q>aHqHR(@^!VnK+C;oJ68@`)MLUj2Z25DK10LJ5wr#v&McT0mTw%qviFL*@;S;lN^kbD4HL@-A9^i` z+&$o2uI@PR|13=&4|yE1!2<<~A4=f(AcBuM0%WC#{i^y;&1`&`V1InFm1LYzdBwRH z&LWl|DS0Gy?(M3BbDpH?lnRL)v?OwUg4EqOlr4+k#UQ0^pV zo@vm2bQpo$giNz zV59E!bQv-?u>xRxLvSX#Drlu3Z~(*hdqSo9Kt4Up5fJG>Y$vu~yvzN96AaNhZJ8wT zIApNnVv0?M=Lf*?kgxk~e4;Czr#}u-(jG6Fw&z*19LbT1!*7Q7-mRZZMNC>vJM*gJ zLK0&bQR$U-(pTM{X5N@rPJgm<7Rd*paGH8Mpij+?PhDMjnGX-*RzX69=dlEXhp}*K z>f&bP=W}C8>6erSBu=S_p$zVQ94%)&v2f>u0J`LdKs6e`IM48SWtCho#EUwBv(NtxG% zrfg36cU9Teo=rOB!*jO3NXhbgZu%h_I-I!!YaMIR7ckSboJlM$tet2~+*v6P)Yd4j zKJ{)xuj6h|k&lmEK}tT*Ur4y7iHN3NisX&4Nj&Md3Ww3#DwFs6@TcF;+D%KXFqZGcdyA}W>|$b%irG-giopJIZZ3#bUZjL=*R?7BM}H(r2f1%edKglHq5F(E9jy$ zw)BReBQhZ>urnAcELc84 zSh?Xk!OHjP9p#7ixj9ZvX=%p=Bq?fVzRg8ij*mR^10ReUYXo=v1W*a3Aqs4|c_$#k zpt-YZg_H4KOC%R58e2r@vpUITzi^e&DWFZxy%}ZRXZ_4BV}vhE73vbXWtFh<14_sa zfV;u{s)x>fS&$3#bEP{;#6&V&zPLnH1F8oqmoxppYZSKGlY4J+nwOJhY6rcx7MDLi zGDLOr&=@hPf(t|PFTAdFdkSzxBMQB+F#z!8k;ogM7!YG=+DESi!)@Yim|pEu9SQd zop?_RBHVd6vSecnrN^+%2Y$4u&($%IuXb4WTYx47YRBMi%AbwQOn3)zn5=84bonMA zvw5r>z6l9`wRkh>ST#As_hyWvVlxeAMf z%ZlS|rB>qSPdS^tM9)b)iS_C&@zPF-)0!=r&=PLu1L%%lB6H#MQlzOguk+<_t9t_v zF&*K-GSQA*Fp3M$w#L`GP=vmB(?l+Q_!yLEUp{%4;$buL@hfGdeg1|A?9^}~6j2!R z)B$z{l)sjhF)mTHO**H9rubZvz8Ont&&}Wkf)G3oz^4&>z~Q?NGtFLoGy9&|yIL`c z?xF$b-nb`}>PhZEeS)a61X7~ti5?ft&T|#BUz0WiD(veB9epa&=i7WQ^s=Z_>ZC8s zt!Dhgh{2B{k87S9jQd%Q1Q^v0il#l!H$IdxEt2V`4FX+UN<12|M;E1aB>V{f-QRo7 z)Xq&a#J_}e~%yRs%iX!{R+tkvO?cc3E8Xy4+M2u<5V4y}U zc^o<0z|XrJv;+idZ{5)YR$iB-bB(_5yCNjj2f7@wmI@0Wmzr}cM6+K9>+ZcB1VmJI zR*8TLNb99-i`O48nWbBU&eyw|5)yp{1ohPMPcMxnTf6wT@9$7lVyExiA{Wh)d;3`K|V*~;L+OEr#=-lZUBB1+~R0jAC z5j~i2lQ`JrFSL9Y$yk~B4QSK8k$@s|Ie59WnHAB=F4sxI!DQkhJ+N`A>q50b*a1V` z_0m!Gp*ipj=0tgVcZq&g+RePqX!Ty}6a@bh!J}UU&CZ1LIP~&2RSs$RaJbRq$H_;7 ztF5DPC1c3u+V8KWPYp|dpVDnp(l)_0#*mzuu^@QMyk5-P~hG4DkXN`+ov4HvX zK>T57j7ij4+svt$C^lPke)N&`lFgg=c)GYVu^)-8>1bK#Q_`MrPz6OMB0OvP!p&Yd zsqp^9kB0PVS}n1ttGl0~59#7z*fpP=p3Jc{k^zdMKZPDFeHznqIH5O9SHY((_Hv^h zt3y;Gg6xO%AZb1IPrGMD!U#KPr-?D6G~3Xk@2~)X@&J28b%tqrZC*Y(FkCw|>? zP2lgFm;dd1?SCr&zvaMpLV;s8bS6seua&*(ofY&0 z#v^4XiEigE`pwT?;h%r6l)^cT*v7s6?Hqqo{h>I&ffWDz#{aq2crvYZTd3;IH`xQ=MjSg+;^xqYiJ$Sh5weNU3iEdgnL>$d{>p1IUt z_VgG@Lj;bdPR+a&@b5H(3VcVz>5~PdHM)401*Wr}{od^9m9d!*AWcz7y!m94V6oc( zVs28;j&`RrvO?jTKm{zU^_zfj_vV2AZggeft_*FfCmCqNPxMqH^jvrQ{a?nPJ%4A5 zc+&5D`bGRCX(MXwlr?w@}PrvoI zd>|VU=_@BNZykb|(Pql2i6$d;d#rA7^_^n13VXI~O-!KgeAedA>KNpw9nrV~1$$3= z$z%Plxf*{z-W31DF1e1)nCbbdQ(afeB#Cd;=-oY=9MzFsP~NhCe|j!N4}24uMARYP z4L;bvs=YSsr|sI)NA#*p{!w6zof_$q)74fEm#yqFc5;l!SaF9yeeOKAmi6iUh@PD* zTdi^lpK9WiLfG&LDv{%6sN>1*wN~wW;_RdS4iGC1gjpAN^xYnP71}=sy*NTITh*SG zt~HaJ9(0LJTx3Ey5w#x1s?XzD3aPZw?dSP4H(-0#3pGDgezc0eM3$!{Vp4NHBVh96 zt7tEjr1d~zIOIX=qeT9;1>3yF;LR7y?RsqZfN7OWB@I%b z32WF*zdK*7R!_-XZi(3jjUL!BdXz2a=fGC)_*(aH)qlE&meqdq1+!~d8IW7>G}HUG z@<6)fkm}t9h-N#18lcWCPxE-7bDknGr9t#wYk6K&YHqQ%G0 zp^g5=CR$Wjdbcn6n*fW(rr9-D84;uD`sGBTa(mJ+kV=_$&7s64r&yfcudZ*#!m`l` zw%^x2i5U&5f;1*DAur~3-@LfE;)mWHaE1Dfz0$n?K}>BUY$GAM-Eb9tQK6!FBU>Kb zO*BsgwLC`1Qg7Ry-UicigOG8a8Fs1|XLvAu|45pkRYDP1Jty|!?aVV5)|NjVdIWxh zSp*LQ$nz^hIVi0g4zIQEOVMq&D<-$%Bgw{$_6n2M999ftFQ%n#o;SM8Pi*;<#Xn8V zS1WbJh;IVNw!69{f35s&QfjXLWph&C|HP!k>egEXu|W=A$^lj4ER@m^FIJQqk%A(f z){{IS#-=b@Lv?bIT^Ydw2bB4lMm_HJmQT0)_iv7PRG;5au~tm|p^Cb4n@)HVL(F#% zKkSEbAib)0i&3wx>O83XO~B4fDiB==E1w+2Z0Gui`MXbi3B0cySiI%fnXMQe{t4zy zo!0a_Z~p=8B`kifCP?)Y=a6>!ScwH^xIL)V6CEIp97d_Gb&_tdJp7|?P}%*!#)VU( zHFaQQ_ZlvaYM7^D;%>fRpfrmp%;1LGWE$POpS-4K(=$I?F*K`!HMUe@k<5pms&WjJ zc4a8Gw!VjM(DRd8fve8xr_$DJd1XkmAZI*6AHJIKJl#UC zd_p$jV;KTSPki08L;R_71@afm7 zsp$6z_{jdIG~8b&F9LtJ@ItMBH~B(s_7&&BN8oX(?FbImJ z)bK){Vs|a;3Pzp!-ScCBt!a3-zePqJ%i*Kdov9{Sr}zhiO0yk?D%UHM)y8OB?Q75P zs9tY@t)X*Uu3-gw6c=C@p8f@- z@w~x8{n}62Z){&1-qF^44L)#my?to7rzb=&uvTHDmq8hh)fE+(Hu(83lfr*hTEF~d zef@WY|K)}6?tj<%FRS}^>{u@UV7j&bR=eZ?v^d>|WFhR14wd&kVW;Ha&~02|sQ~?H zCM7K<^hm7e9O^UF_XJSSA&$IzXda9bXgqvsfQ#OQT()Yw!g!eQ6p&}KO>Y> zUF)I}f4R8z=9635*S@9XIQKigG}-~g(bKe z&ZHVmo-0A64Pd}%?1>z6$bcXX9~Rs_^GC<78lH*4m>g2p{eRhr{R`oLT|fzZk59Js$G9TN`VM{8 zq?n^_>5Yw@VQ7OD-b0HkEzz~%pYA8=ljKEb_CNMYmEqLKd@7k+9L-SB3AU*GG29*- z>>pFot`$g)D^WgAE_>=|Dw|p@1-aRpR;?;|U-_eMnfL{+M>%Y&jS24>i_*;*th=w0W>y}3jhEB literal 1 Icmd-A000XB3jhEB