From f5ac040c25b43fba84dcc6bb415db52534bfe0f0 Mon Sep 17 00:00:00 2001 From: Cyril PETEL Date: Mon, 15 Dec 2025 09:47:32 +0100 Subject: [PATCH 01/18] test --- pages/iam/concepts.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pages/iam/concepts.mdx b/pages/iam/concepts.mdx index 3e1604c57d..c12e12ab2a 100644 --- a/pages/iam/concepts.mdx +++ b/pages/iam/concepts.mdx @@ -21,7 +21,7 @@ A user account refers to a human who owns a Scaleway account. Your account bears Refer to the [How to create an account](/account/how-to/create-an-account) documentation page for more information. -## Application +## IAM Application An application (also known as an IAM application) is a non-human user in an [Organization](#organization). IAM applications can be used when you want to create an API key that is not linked to a user, to give programmatic access to resources. From 956462425371878a98017638f0bb41c460a37f0e Mon Sep 17 00:00:00 2001 From: Cyril PETEL Date: Mon, 15 Dec 2025 11:26:50 +0100 Subject: [PATCH 02/18] first try on improving structure --- menu/navigation.ts | 2 +- pages/iam/concepts.mdx | 6 +- pages/iam/menu.ts | 20 ----- pages/organization-security/concepts.mdx | 46 ++++++++++++ .../comply-with-sec-requirements-member.mdx | 0 .../how-to/enforce-mfa.mdx | 0 .../enforce-security-requirements-members.mdx | 0 .../how-to/log-in-as-a-member.mdx | 0 .../how-to/set-organization-alias.mdx | 0 .../how-to/set-up-identity-federation.mdx | 0 .../how-to/set-up-sso-with-authentik.mdx | 0 pages/organization-security/menu.ts | 75 +++++++++++++++++++ pages/organizations-and-projects/menu.ts | 4 +- 13 files changed, 125 insertions(+), 28 deletions(-) create mode 100644 pages/organization-security/concepts.mdx rename pages/{iam => organization-security}/how-to/comply-with-sec-requirements-member.mdx (100%) rename pages/{organizations-and-projects => organization-security}/how-to/enforce-mfa.mdx (100%) rename pages/{iam => organization-security}/how-to/enforce-security-requirements-members.mdx (100%) rename pages/{iam => organization-security}/how-to/log-in-as-a-member.mdx (100%) rename pages/{organizations-and-projects => organization-security}/how-to/set-organization-alias.mdx (100%) rename pages/{iam => organization-security}/how-to/set-up-identity-federation.mdx (100%) rename pages/{iam => organization-security}/how-to/set-up-sso-with-authentik.mdx (100%) create mode 100644 pages/organization-security/menu.ts diff --git a/menu/navigation.ts b/menu/navigation.ts index 943cc5f63c..931250e347 100644 --- a/menu/navigation.ts +++ b/menu/navigation.ts @@ -73,6 +73,7 @@ export default [ icon: 'OrganizationDashboardCategoryIcon', items: [ accountMenu, + organizationsAndProjectsMenu, ], label: 'Account', category: 'console', @@ -91,7 +92,6 @@ export default [ items: [ iamMenu, keyManagerMenu, - organizationsAndProjectsMenu, secretManagerMenu, ], label: 'Security & Identity', diff --git a/pages/iam/concepts.mdx b/pages/iam/concepts.mdx index c12e12ab2a..7959006b71 100644 --- a/pages/iam/concepts.mdx +++ b/pages/iam/concepts.mdx @@ -21,7 +21,7 @@ A user account refers to a human who owns a Scaleway account. Your account bears Refer to the [How to create an account](/account/how-to/create-an-account) documentation page for more information. -## IAM Application +## Application An application (also known as an IAM application) is a non-human user in an [Organization](#organization). IAM applications can be used when you want to create an API key that is not linked to a user, to give programmatic access to resources. @@ -45,10 +45,6 @@ The Common Expression Language (CEL) is used to define expressions in [condition A condition is an additional layer of restrictions for your rule. You can allow access to specific user agents or IP addresses, and allow actions to be performed only at certain dates and times. Conditions are defined through [CEL](#common-expression-language-cel) expressions, and can be set up and configured in the Scaleway console. Refer to the [Understanding policy conditions](/iam/reference-content/understanding-policy-conditions) documentation page to learn how they are set up and how you can define them. -## Grace period - -The grace period is the time an [IAM Member](#members) has to comply with the security requirements that are enforced in your Organization before their account is automatically locked. The accounts can be manually unlocked by an Owner or IAM Manager. Upon regaining access, the grace period resets, giving IAM Members another chance to meet security requirements. - ## Group A group (also known as an IAM group) is a grouping of [users](#user) and/or [applications](#application). Creating groups allows you to attach [policies](#policy) to multiple users and/or applications at the same time. diff --git a/pages/iam/menu.ts b/pages/iam/menu.ts index 051720b5e9..675e0b30ae 100644 --- a/pages/iam/menu.ts +++ b/pages/iam/menu.ts @@ -18,14 +18,6 @@ export const iamMenu = { }, { items: [ - { - label: 'Log in as a Member', - slug: 'log-in-as-a-member', - }, - { - label: 'Comply with security requirements as a Member', - slug: 'comply-with-sec-requirements-member', - }, { label: 'Create API keys', slug: 'create-api-keys', @@ -38,18 +30,6 @@ export const iamMenu = { label: 'Manage Members', slug: 'manage-members', }, - { - label: 'Enforce security requirements for Members', - slug: 'enforce-security-requirements-members', - }, - { - label: 'How to set up identity federation', - slug: 'set-up-identity-federation' - }, - { - label: 'How to set up SSO with Authentik', - slug: 'set-up-sso-with-authentik' - }, { label: 'Create an application', slug: 'create-application', diff --git a/pages/organization-security/concepts.mdx b/pages/organization-security/concepts.mdx new file mode 100644 index 0000000000..73b4253b20 --- /dev/null +++ b/pages/organization-security/concepts.mdx @@ -0,0 +1,46 @@ +--- +title: Organizations Security - Concepts +description: This page explains all the concepts related to Organizations Security +tags: authentication saml security +dates: + validation: 2025-12-18 +--- + +## Alias + +Each [Organization](#organization) can have an alias set up by an Organization Manager. Once set-up, all members can log in using a dedicated URL for the Organization using the alias, under the format [alias].account.scaleway.com + +## API key + +TO DO + +## Console session + +TO DO + +## Grace period + +The grace period is the time an [IAM Member](#members) has to comply with the security requirements that are enforced in your Organization before their account is automatically locked. The accounts can be manually unlocked by an Owner or IAM Manager. Upon regaining access, the grace period resets, giving IAM Members another chance to meet security requirements. + +## Identity Provider + +TO DO + + +## Multi-Factor Authentication (MFA) + +Multi-factor authentication (MFA) is a security method that requires users to verify their identity using two or more independent factors, such as something they know, have, or are, before logging into an [Organization](/organizations-and-projects/concepts/#organization). + +## SAML + +TO DO + +## Security requirements + +TO DO + +## Single Sign-On (SSO) + +Single sign-on (SSO) allows users to access multiple applications - including Scaelway - with one set of login credentials through a centralized authentication system. + + diff --git a/pages/iam/how-to/comply-with-sec-requirements-member.mdx b/pages/organization-security/how-to/comply-with-sec-requirements-member.mdx similarity index 100% rename from pages/iam/how-to/comply-with-sec-requirements-member.mdx rename to pages/organization-security/how-to/comply-with-sec-requirements-member.mdx diff --git a/pages/organizations-and-projects/how-to/enforce-mfa.mdx b/pages/organization-security/how-to/enforce-mfa.mdx similarity index 100% rename from pages/organizations-and-projects/how-to/enforce-mfa.mdx rename to pages/organization-security/how-to/enforce-mfa.mdx diff --git a/pages/iam/how-to/enforce-security-requirements-members.mdx b/pages/organization-security/how-to/enforce-security-requirements-members.mdx similarity index 100% rename from pages/iam/how-to/enforce-security-requirements-members.mdx rename to pages/organization-security/how-to/enforce-security-requirements-members.mdx diff --git a/pages/iam/how-to/log-in-as-a-member.mdx b/pages/organization-security/how-to/log-in-as-a-member.mdx similarity index 100% rename from pages/iam/how-to/log-in-as-a-member.mdx rename to pages/organization-security/how-to/log-in-as-a-member.mdx diff --git a/pages/organizations-and-projects/how-to/set-organization-alias.mdx b/pages/organization-security/how-to/set-organization-alias.mdx similarity index 100% rename from pages/organizations-and-projects/how-to/set-organization-alias.mdx rename to pages/organization-security/how-to/set-organization-alias.mdx diff --git a/pages/iam/how-to/set-up-identity-federation.mdx b/pages/organization-security/how-to/set-up-identity-federation.mdx similarity index 100% rename from pages/iam/how-to/set-up-identity-federation.mdx rename to pages/organization-security/how-to/set-up-identity-federation.mdx diff --git a/pages/iam/how-to/set-up-sso-with-authentik.mdx b/pages/organization-security/how-to/set-up-sso-with-authentik.mdx similarity index 100% rename from pages/iam/how-to/set-up-sso-with-authentik.mdx rename to pages/organization-security/how-to/set-up-sso-with-authentik.mdx diff --git a/pages/organization-security/menu.ts b/pages/organization-security/menu.ts new file mode 100644 index 0000000000..8c73f2a876 --- /dev/null +++ b/pages/organization-security/menu.ts @@ -0,0 +1,75 @@ +export const iamMenu = { + items: [ + { + label: 'Overview', + slug: '../iam', + }, + { + label: 'Concepts', + slug: 'concepts', + }, + { + label: 'Quickstart', + slug: 'quickstart', + }, + { + label: 'FAQ', + slug: 'faq', + }, + { + items: [ + { + label: 'Log in as a Member', + slug: 'log-in-as-a-member', + }, + { + label: 'Comply with security requirements as a Member', + slug: 'comply-with-sec-requirements-member', + }, + { + label: 'Enforce security requirements for Members', + slug: 'enforce-security-requirements-members', + }, + { + label: "Set an Organization alias", + slug: "set-organization-alias" + }, + { + label: 'How to set up identity federation', + slug: 'set-up-identity-federation' + }, + { + label: 'How to set up SSO with Authentik', + slug: 'set-up-sso-with-authentik' + }, + { + label: 'Enforce multifactor authentication', + slug: 'enforce-mfa', + }, + ], + label: 'How to', + slug: 'how-to', + }, + + { + items: [ + { + label: 'IAM API Reference', + slug: 'https://www.scaleway.com/en/developers/api/iam/', + }, + { + label: 'Using IAM API keys with Object Storage', + slug: 'using-api-key-object-storage', + }, + ], + label: 'API/CLI', + slug: 'api-cli', + }, + { + label: 'Troubleshooting', + slug: 'troubleshooting', + }, + ], + label: 'Organization Security', + slug: 'organization-security', +} diff --git a/pages/organizations-and-projects/menu.ts b/pages/organizations-and-projects/menu.ts index 55163f64c0..8eef7cbf6a 100644 --- a/pages/organizations-and-projects/menu.ts +++ b/pages/organizations-and-projects/menu.ts @@ -19,8 +19,8 @@ export const organizationsAndProjectsMenu = { slug: 'manage-quotas', }, { - "label": "Set an Organization alias", - "slug": "set-organization-alias" + label: "Set an Organization alias", + slug: "set-organization-alias" }, { label: 'Create a Project', From 76a19261ee75d266bd3b1dcfd69664840c59080b Mon Sep 17 00:00:00 2001 From: Cyril PETEL Date: Mon, 15 Dec 2025 11:29:51 +0100 Subject: [PATCH 03/18] fix assets --- .../assets/scaleway-iam-api-key.webp | Bin 0 -> 29630 bytes .../assets/scaleway-iam-applications.webp | Bin 0 -> 31118 bytes .../assets/scaleway-iam-concepts.webp | Bin 0 -> 62380 bytes .../assets/scaleway-iam-create-app.webp | Bin 0 -> 24738 bytes .../assets/scaleway-iam-create-policy-1.webp | Bin 0 -> 206482 bytes .../assets/scaleway-iam-create-policy-2.webp | Bin 0 -> 332472 bytes .../assets/scaleway-iam-invite-user.webp | Bin 0 -> 14342 bytes .../assets/scaleway-iam-organization.webp | Bin 0 -> 66246 bytes .../assets/scaleway-iam-owners-guests.webp | Bin 0 -> 53002 bytes .../assets/scaleway-iam-policies.webp | Bin 0 -> 30370 bytes .../assets/scaleway-iam-policy-example.webp | Bin 0 -> 70426 bytes .../assets/scaleway-iam-policy.webp | Bin 0 -> 65236 bytes .../assets/scaleway-iam-users-dashboard.webp | Bin 0 -> 27870 bytes 13 files changed, 0 insertions(+), 0 deletions(-) create mode 100644 pages/organization-security/assets/scaleway-iam-api-key.webp create mode 100644 pages/organization-security/assets/scaleway-iam-applications.webp create mode 100644 pages/organization-security/assets/scaleway-iam-concepts.webp create mode 100644 pages/organization-security/assets/scaleway-iam-create-app.webp create mode 100644 pages/organization-security/assets/scaleway-iam-create-policy-1.webp create mode 100644 pages/organization-security/assets/scaleway-iam-create-policy-2.webp create mode 100644 pages/organization-security/assets/scaleway-iam-invite-user.webp create mode 100644 pages/organization-security/assets/scaleway-iam-organization.webp create mode 100644 pages/organization-security/assets/scaleway-iam-owners-guests.webp create mode 100644 pages/organization-security/assets/scaleway-iam-policies.webp create mode 100644 pages/organization-security/assets/scaleway-iam-policy-example.webp create mode 100644 pages/organization-security/assets/scaleway-iam-policy.webp create mode 100644 pages/organization-security/assets/scaleway-iam-users-dashboard.webp diff --git a/pages/organization-security/assets/scaleway-iam-api-key.webp b/pages/organization-security/assets/scaleway-iam-api-key.webp new file mode 100644 index 0000000000000000000000000000000000000000..d32903152abb7a3210c10cb7226cb3cfd696d497 GIT binary patch literal 29630 zcmdS9b9g7+wl4aM-LY-kb~?80bZpyB$7aV)$F^;DY}>l|zP0yW>zuvUz4zSz?yRR~ zjhZ#8CdWJ9F`iPC5EE;31OU`Th2&M`In<#6006<)i3kBG0R~723(F4!ecb|phX2Yz z82|ul8z%?F??MFX8kz(UTL7T13__>v>q1!p*u(WKWhBn7eX1EI2wJa zTz#D+4qugjwF%`*Mlt(`O!1d&_z#)qFWJ?}&gn}>{x8`G3-{1@5C z&fzcps4pEJYb)o!>iR4F)jL=d8x^ImE9BRS18@W=0=@%;{_6kN{a3R61psi|0{|eg z|12|10|1(W0RW8Ef0mKt0s!zq06^o^Kg<3(CUyo627iAJ^eYE8H3a}}iU9yP4FCXn z8UTRS`uo{e_HWuo@bw7it6jEVhZ(>MU;-cjNC0dAMgY1mi3z{}U<9yz%`m~RJph1E z4x9x8?g*cxT*tN4-9Rk`-?$7+>B zbh9<{*0<$8`rY$gtp@)Ao>ouAcasE7`$+zJ2pi`#62?dsuo&8I*(I$9x}pxP0R;>WX`N zeY(8xZSviGZ}&;K_C3y-@mYLHdn-QYKmM%qx%EwcZhD=1g}?OO;@|&tywlrMGST}s3oithR#|L~R9v-&9g{Qg?~!oNl@$^XpX`;ztI`mFcbb>IW=&H1$W z?D}9{%X#oY(v3WWdPjaM{?vQmJKy}{d;h6(Bz5xnk#p(;%AfD+@i}oi^VRCEUjB{h zuj>azpG^Jm*bndR1q02u-vlI}ez8cv0^(3W|34Nn>Zgj={q6FT1&NE5u&5yld}e)d zrldWpSJ7S?*Hxj(1gT00FKiw1i2-KG74FJ&Zuf^^Vc%QD!NA?|)i3zeJc;M@y=w?r z@_)kQmPa5Y;*rcMCRK&jSm{}yO5jJ?;;nOm;`+st6gTz@N;M;=kxj{?? zW|0`&3S-067AvD~M;x@l} z-sh+?u%G+wA}h^be!Ak@AKeD*WSgMx2w_@DC$fcdipHe-HJD5~UI?J4 z#Fyg7NDa@SbaVa)`ke9yO-Ii-ZcW((xI9asyhhO{f178L3R6k5O7G7-%g|0Z*d?aT zdkj?xw!G>8mlfK$%3Z(fx&Z}6Y2b>yJXCvM1wSYjEX=rvN`jOmALvQd$Z&zG2^ zGh)um6P3B!=m_5*$bM!$i$3?aXDJ^*gAy<~PR431>DJhfzY&SA6(yBKT4?ZXRBY*T zMi(u4cUV-8cmK%XHD#M{E1y-GLVPPz8bpE)YHXkg4DmxQ1Xo9UX9gMcs;`upfdC>D z%aV63^+5L?F`j`O;j3Hi5@~}(!CfVkIjXR!PBCk|c4vr}6ll{75c~-t4YI-U@3y;`;R2eK7Xi!$X z{99P^kr?>AUak(?Gh5`76t#B$MSa*Tv7vQ+mNKhh3Wd5^6WfeMZ$RQVX~UsVPsQ~) zJ8~UVn8Z*jMdwVHf-FgQk#NjXzD#Ba!r7zT5j2)kJoahr_d&@j0a+CWn-Y8Mg3M9E zqa{b=sD7BWp@WG~Js62k$@aaN`jMSGST09wL)lr^XCelUycSN;S0c$oDbRs~F@cMI zxOl|2jYXR3ba6osA0eZtD6D5K<4$2#ee0T7=M>Zy{Bim+j_*Xtrg62)%Bdn{y*v#j zA@eQSHlW6KNY?gyE?g-tx+{cItCSMDN~-tLe)#_Y&5TzC!hEgBKT{-=Qdq!+7W5{+ zg&(Vwxk|CRHl^iorM%61-M-s`74qTTeGWCd$ebPsb_=X8Vf88EbF+Kw@Cu2MX6il> zKIQ}wAB99(n+AeR>!NU?IYXDc!2kv+yb64UE;vD2-!t!IT^) zDc9p%u0U|T+}&Q6UQV66f$^XYEwD$06c+T*5-l<@O{`8B3bOfW9mVcltjI@e6n1UM<6zpUJO7-Wz(&DkX-0JZKYH>a_2%c+%dcSVwEI z{r&FWYC(v9tMv;(COj1gh(j)V(AcQZvUFnq=7c(8`cVmyjs(}sPqRSW{7ihlsE4Tf zp&knd9PZOla3DE*V1)_X@N6Vo^Djn*J}OJX>v9`AbJi@f*yjFs-HPlbNlKUB3PWNt z!HX+QZXi-j4ldrL_oCpa2}aC#U&i(ED14xaFQRr#2YZ3u&vFOl@KVPxO2)8?+@>kx zUDjdUOJNm=nL{Ybi*syMseH&H{68pUE#9u_0m7GcD)wlxzNUOfjh;lvOlCUY1~`WE zLqz9`S8gB=r!ayvAZ#XYJMJ9?)TEns-)(@ecVLCyysXfOTS#`d)E&y0S~Wo6XTfd_ z8nMK5WZ?9d8SHuPCJ3G(gR2r6?-q_I;F9~W;J|$F<}mx^m7b*P@Yczj+B`f?7RB?_ zu7$APHn{Dt&f_P?&Qbg0#6cd1;isb`6gfmk5r}cAG%|9A$4NY`)%@06)#uFy{b~xT z^Ck@5xH^nAUvjK@z>qx^<`A)nIhYVvE5I`!C)ioWh_38NZ*V=<`#_+LcFQ>2zsA_` zf7!Faq0ViF`NLovVWS-vatS`6Mxt(IL);0~T)zWcrdVCmeo-jAavhv@d*QU+FM$_vuOD zcc*_@^?g38JA|MTZw6h~_6Pwa9}Js~&0&H_z8JP^|C`CJYTv|`GHeeLXH5M&m48^} zf3vKA)?roW@sWX;JTpb0+C}q!z0+dvs`)iK_n^B@UDCrD8#50brK* z#A(1;6T2K}-pqf*!LExm^(lgf3Dc6mZ+U?Z5(u^Z$sah$IvOF?mPv>Y3-(v!apd=%?U+lk|W1155JR*u}n>@G^`Is1MEMr4ptPD#* z2~hFDF1reDZQiKa-5!!I45zc05@4q6Rq$i8qSTke!is4c8q~0{T;JWh8BUTHj3-Vh zK#Ndt_6lDFl*0Ki6u3Jwrjx|0W%No!byv2nZ1)5aR{Mi>+SHTXfNXVb+a=3)dW;f$ zBpHGwO5;&Hx6OwZQC-UYY_2rQi-Y*Kh%JK==pWaqkhY|qkW@6V%`{_Ra%4&i`?PxN zYMJd~2PC_xK%PiJ-;A4+LQ|Hne`sfKuh5YLu(9Vi%J^oL+0rnrW{psR`*56Ogsurt zr-Qc)6k(QQB61;M%w@AI?gS!?;v!CE8?+C84j2gh=;-Bku;;vZAGHKR^3kc#j&@)Q za39L5uH~}wBVCM07{72MfAKq0Wf}z~N%90igdx1FR+9}>Laj6|*Wk;F%ij8Tbw4VDD=zYF z5s}Yf1Q8mt<}IW-{&r>gdn)2^VGqRd;Zmt;MVy$1j3H4|l^nu1|DSN>--E_NHnnE( zm%Cx`e+Ntd{`J3cO)vLrcaD1ESG6W4I)nXJr{!P#7r$7V&p=*&`nmswPY^}4 zwG+L?0zT$Yaq7?E)w8e#sc4!?5!3(+Gd{=N9eK*`7U;G@dmuhE*y?o zx~>KEcmd@u1Hy&xy-(U{zBS1Q`1~BQU7bw2FuF33x`sT#e__y6z#h3V?LW5?4)WAs zI`bpoQxf&Al5Ok|JLUd?zrzz=`h{u~=;E`B|Kh!XL;i?u#f#nzH_;PeTm)+UV5I!*h=Iz|_q_8kVsk&Fb4#z(`c-Nc zQ7}!i{-{zEl)N!0AV?3Z5YtN8hh3bJWq;l6qCQfBOAr3?dA*%gKu2o zI$E9aXIDHxammxKLfi%{aO^cEL>rLC-AG_Z`zg@S_^WthOdGWByCb2~xl(q=R)nmwvs#dJqq&FM~EU?FqPPu`gg5A-eiRjNd%4tUe zk8)C~mDJuDhhqkePI;0n#lE=snUby{dDt481Ymnj-W+0o1qY&HufR+liOc^Q5{OZS zXI2H>uMT}HhardmB3ttj4gaJvNg=fas~v1hQV{I{bbEqO>SZOt-KTC!L6flwhSZ+X{==`=HO>f(SQtdIu8}t_P_ocg^VUCWROb z4C7AXv|PjBZ$G|Ehf^#I3>~YY32YftIWuWV1bMl)1qI#n2sX+x4a@ihon^=xFPMrV zGM;q8)szl$BDuV5YCOAofnWA^{y& zlzrq4_0U{-L}I&XJ)HJa8HDs?5f^Y~=2(8hk6>Vh1c9#Ih5l^q19#0e)48Zx+XYn6 zXPd?M0)Lfs}C@WiB<%{fjEydqk1N?YPw^KZz*0G>7G@R2T!t5CH`H0Xjc>YpAD)l~YbuJd>mY`sHW zZ8K1Yhm`usa`Lw{66Et`eN*iy{P^1ECO9W!i@O11S@t7PIQ-Y^XRwY#1;lB;gR}=Z zKe(SKYGE&gqJz>62+YVjijO2&_^~3Zfmls=Gsk}!{2JR5rE;gdMcf2$3IJL9gc!<%kKXR44C}qhex8!ZI6@%zuwj%-F~y z6*fkD17x`b0|z7#9(4s1%}g-m?Q@UO9)YDF5j`SeA$z;3WtO*luZs|SyC=8b)G<+8 z;Vhsaal+PepPHutNj!3j?D`97U}T-{W&B9TF-zWbsbyK98N9b(8Btu(-1?0wR!tW} zM%WOTu&}RnUOcbZNx;^yvus0&m`+EAg?YyEsQ|rqQa=jIw0eO~4nw$1!W-G=l?Hn2 z@R=`J7l96_rj!j-5hY#A7rFp-W%H(J;Z5B-%h-T_m`Wqj&$TibhtLu?P5oX*51^Uu zVv@WK{}O}4HLHWrF}>hh4OxLV$~jedCOs=#I6f4BSs8B14A^0{|Fv;F9@IWQw%h;4 z@~cz;;VN*`@%DgURq4PthTZ~y$#LbrhgRss=Z9v? zp3ifvPGflr7XDlf8WC~W}C^67Ax%L{iQUFok;T1Sbr%gze!Jaq|4`Nm6A=Y)R9Jn&t+u2g% zQ6Ry&^E5d!3nOv!np9|JuHHn~P_bm4^kX>|jxD4>9FSSh z>TF&KSBC@w@fHsuF4ie<$jk(~%d90Vt%WyQ+#UGDxg4XQEgGH~$;fuPc^nx}sk*Fv zrs{$+(a<;a(%6Eh^(fCwJdEqh>~}Th7)VP;Py?3ACe}>>r#SX(I{W;&{8%2^u9uZ4 z6t%o81it1Rst7zLyHF!WFycV5-Awb7WdK-dtyP)*Z=+8TmZSYeUL_<+z(b4Yxpzwn z;5h8J*~y9!IJgz-cdQp6>K1-JmGU-Mf3cPy3mz>|+?qtkXPRZ-#eX<+x8e{riWj;f zl^>er-TvvG4CYSD>h?p1%pnOVOyBLgJEqA`KpBc5lFJ8ojYa))`&)#Fi6U>XMPQBR z^UAR_k?>gX$I-?yhp1=YFP*p0Q&vO)OPq?d5M$o-L()H}{(^fO-y>kEBArIG_m+m0 z#}79YZk>4JjQPx#o&!Tz^6bEkZOnSt->Q|P*~_B zfZ^(d*W`0)%w{ya!S3}#C3*wwM<6XmLc4%MK=s*Zv>*1|WoG62(bTa!xv!mJ?91hM zQxR$#r>`mtnn&^#B8?;K4a#b3Jf!@I*4*oSZj#i=F38n$1NRx+ti4p8_=J{MiSi3L zN!Z&h(F%uARaT_)f3?#rA;F|{!)H_mzxjcV6NR7O+X&{?+v8q1u`L#lwtkK2^1_UpOWsX$8u>-2O>-d%w_4hT0yNJ7|O{M^Ou_S=}zbtk=*OZ=*f}$#e@%ne2(y#-yh`hz z;UkfRDMCyzsXWH;(#nxtG|h z+?i}B$vkwmxzmZGB|IZSuT#)rP1s%^#hB*wVcXk8kl;o!sH#Ip|C%nXDn(gzEe zsC903pUt3PYN%s0X&}bq0tg0yWe=a*o7%PG`9lMzjKhHihLXbhX18$RY^x4l346?G z(JYuqyqc6)X?H{Ym=B=v;3U-xuDx)7VkMwgZlqYnIxmZYMz=lV-`R#PEu{o=Sm?Jb z1)P5SB+=6Djl|U^x1!wHR|CPFnM=zd{YX?Q${{?HQ_E`t=Hp~pwnVt}9Z3VVdgn^B zpgS-;>w0CyxG=ANaXs)>G>B*T993%&u2pNSk19(I_VuAW`(<@tIZpDk2wA2vR;?-< zLQM;SJOZEj+fP+tnxArtv$UsVS85B+nous0ciR2_1|tb0kVGhE3Z_p!>YdlbA+??r zjX@i8el7iabNh;S?WOTansj&+flxK6J9wYQjX;ib1&t45g*2t(0Tu^W!45dTq~G)A zJViDIK?+KFt0k6wHga<}7NTkMnf#yAr!o6MVnqlj&;4fhSGlRb3E}$uz_7C4Uh6%k zHLWvAskG)Q@?Z>4To_&z2hX~W=mw}h| zdO=9MS>ERx((JI$om7F+IV;2nO|x2T99?Dfr1_^d&CLj&-DQY(eV!-AP#*>0hvEp$ zT|fB{3~5{$nP;Fm)x&(8Im|`;W_=(xE++ibEm-E+GicYOZSx%DJW6vd&#SohRTK!l z{&-{cFg%rJ>&C0|<1IFr<@hH#bMEiZU;PxBse3yQl031#hJnl9EcR$>t0=(12YS$U z*NYWgBRjxWNKJJz*Q#wVte}diqr!t*kNeR@oG`-l=BH5WloC|XQs2wA)foma;~6pM zebN~|v5Q3#TKp9hF6tC>pJn0=8N1O{QA%0$#|GmSvjtj9{bebm-q)N~pD05`Mox@7 zN)X)7qTzV{^wodp%VP(w~y?QmMjqp-rNae*$zCbO* zUu^@iXdhOdTY=UJ=a7vP%DF6MlmaNU@Yj-$`He`IpypzaUiZ{cj-1|G&2r(@$nr#f z!t|+KM0W*cwKv|A1IpoB3?`PG`TmsiBj(J;B86}`{O26exRJ{R5)5I+M1y#I8eZkM zouc&Rz`|F859U;0y3MKE#_pt&U!&~2H1orPdoalmbnR_?SDV&h7NfuDAcoD+jfXi} zBSS$7;cjjb^LMz2?0rmmjWYR5&LQE_X`G_a|Q#ss9`li>cIM@K6|hIB#ghumnjBCfnqP5HrFzUOYVKnQnzL3;FzXFh(yh$Fe1#I+a-*!LeFK^H`4?z#A8(2+zZW2RqZ zbTfF2ldnAG3-UvVLt44)R|$JuFUl)+ttF2mT~t zQ2lnC6?~sd0^bu}Em{?Gd7{9$0Tx0KHnkgIXvtqJNe02JE46vn!hsbU#OW&mSaw7= zZp5lBcXuojv_?H`9}1q?Fg$3}X40{=rAuDp0fl0U--s>q-s62n_$&#KhFu*!8>bF% zs2&`bnWNanU+!Wd`NB(i&-yYXEn80}y|Ber7c&iZuC`K8`=C~A4=w45%(Gl1(VODW z9Lj^0L>cggvgq!w6wS%yB%`)>ubESB%?cOpfR&Yj_!+pRgQbXV{r9z2C{JawC_C~bPfQc%(z~kcH>7=2NR8M#Yb$D4)_dwqq?M@loZ;mu$1HRBd_r}v zYeXn}`Djfu`qwmie8gD4H|DdyhZBV^P*T%rctO8`$9F4;Rb8J#%_%GEFbWg-g@=oZ zRLazGS~Q_$69Rw)$YV7$e-6BdlbClLbEpTx3DFV0xxe8R|g_q>9=EL1_ z&!C-2;Gl*x|GAt>epxxa+y8m3x37Gr=dglGod_<_CVrw$z1F9;AI>AmHcq;P)>7_l zS0>d8Pacs6+(f6uE-Prj`4jYOLuY4yvlWYR9q-6yRR2!oTDlMA-f?l7m=^U`z1H+^_kH#_ zZPkyVRgZWuO3WJ82X~0RY*g?pE(4mFtb0ZbTLpSGDYK+8Apsr8nXD;l*7(rX5`7{S zyAV@P#cyfZt5_->9TU;JF4v)E8-TmX664XI0ByF@H%&z8d98i}r_3^>T>_w7)G6yL zrlHw^2^?Vs6Z_{xKLfG73sOG3fjZ(7L(9-;7I=%$ zRZ?Pm4s9gc-uG;w`AmYqffbzZhgv~T>>$ZrZP84nk_o!D>W9DGL*KlKm$#9IBni`K zY<`r;7FX5(Aw~&Xn_LU#jTf)x>XME21)JxDr!Q9R7(DJTk-N*dM)~Mk1C491%B4t` z%bJ<>K%XdEOMLgqIopOxG1Ewp&S>YKo;jA0CY#rh65h|ZlPG&y$T(1hzD%B+H@?~t zu%OE{g`#AgHt!2V0Bum!)t;kXCwH)uj(y?=o_MtV%(MozWHhi6mivCkZK%ze{yV>t z1FI{7dWE(5vsT^jB&ZRKeiuS>!S;TSYgPUnvoFTNlKy8!uXXl*Hbl2rv^E#i=JSX? zFCqE2bDI{KHz49~X95M^1Rf5R z2La1EnA9S=zCDKEy9m`pFcM^1J!z2opZFBKJZ@OYXpbYeqxSu2Hk3z4H~d*D6WaU; zFXy=-tBFM_*wfXE*cC#syo9mHK zOodw-e@1l&!eWQe=LI23scW4}>_1oa%#@yeP&P2j30SzCGei}i?f-6*!oi8ca)n5> zO)5xbl518k2agc2c(&XDx;Q~uvyx8bf7~vNrxb#NMyEZaPxgYPDcL#;beKotiJSftU&myAEmrV>!?{ZxxOjV2Am81q>j>nCA%?nw1XxG zYeV27JvhwKY;Za1xI%}Q;fz0Z{V8$9);Ysn2p7U({8YsgKWG!8&pAer zwA%9n?o8abIMhhpOh9Zq5+SiMOlzha(~vT`XR25n%g7b;Bi;QyYoDQnzfrA=J-vW; zTc5$?qbE+;(7(iy)#4@vzrm6@U?A6ixZluY-R$FQ?j&rzkWKAPwupQ zLjYp79#UriZS8;5o@}Ta146-OT#aRpcLHi4{S_FDVpBhafNcTNNtxPS2!D>G!srH| zM{ku4`#S!Ca>Uo=ZAflLQ%*;Ot_@mfU$yA1`ZTyF1}aYD$-y4WM2X&x8`&1BhLH%v zNa&Yw!_<2GB#Hv{k%?;wj{Ti`BnWEb_aDJWddWZ>)YRKYOrcEhNXK7z3HkXYM92+u zn)6LcJCoXJ^y+~=;n5&?ctVLUtslwaS;Bn2Hx<%3r-=h;@q9kJS=<<*zXKeKwNLh& zSk84b4kK}QK?{!E0D#Po`P_W_J}~-uOv%1x_;UZ~WJU8&M6AFEQMqjqDqS1#X*wj0 z{LvZSXaQ^?F-9mbc(P^SXeMD#&G>*uncw)*0a=%LUZgjbo2FT}-c^(|L*t_}`y(Fi zu3r66^$WSj!`H6xh#55jS554z2*g52OS9^cs9l2?&%*eE zn&Ki1)Zqq{2>|%T4YCPZUKqLatg!(aAgiPwzhui*UXe-Hp9Unj!j#klVgc95E5{A; zU3{6?KF?&;Wvt#FCFEmlJ-U3$Lza@+`q$aoTkVDZ!#t-!=JvWG!EPH*#9fFnV9G)=bj9&BjOB^!n5sALE@^h0KE^w#x#GO*}2!t2Z26FwB2>)vVL4Q9H7|GPBCr?gys zO$vuinFHA9r0-$J?nAM4GD{!?1AE)YcLfVfqwi;z zD9=C&Sw|%0zPmy0teh}ZqYjzt_3$t}9O-Uhbvof#j)U zYVfOeKY7?Zz)yaV|JilXI@UNLA~UYci_#9a0mikGQpTo(CVx~gZj{}GCt7g1Y^fjc zLoz9?dX&v$Vy7pr48yps;Djj^9qk}!*8OIT!fA2jOVcs~QLQxUN%@(imI&Xncr)y^ z_hEA>VSa=clllvUESjvDvD_3cnI|xlQ^wPS(YwqM8jfA&IKu||Rgi4<0#2v?oTGio@?Q%&9ho=P(`TS`LkC)XW!m?SxEAC$T{st^ktItqCl%rgk0M{BvpYvLm}!!H=IMb)C2}7YuL8Z zHR8LY9Ls(_TJBEn{#+mP)LeSk zxc7wHM5qNxH!^F@bF(!+_9}6dThG`TmgMtZj?&xiLsa{M;>-Ql+F*~8yJF7az%KX1 z?{+rGMWjZ6{fRIw4KYWK5lZ0vXLt1_U&D-bS-lP;0&U`F*Gx{RZN{~(Lt5ff)hHUS zatNWG%9SxH(w!F-y4cnErhZ%dF4qsqpoIW{l8d32=$~f;S|l{Ve`e9OnnEpk{`?#j zT=W)!KC;@i$iPL)MNOG^Ar@TvKoZfMTCPX)=VO)I2U)$7#w3>5NE z)PrZ`3CQ<*aC(S?x^#xoybpIs7Bf?WLQH8R{stA};~-kA@P;4A<{rY5WMc{iP1YPZ z;>8wBwA;BfnJ1I#4w55^zS3sl$#>B9(~0Ak;>-FVggq?SJ5QeBj!QubL2PdXQLQ9= z@}9?$*4F4B$r-<3@=2duC~ahAPn)PUb4yVyrp-GzG%KV=p{wytvHfuDEq6v`H4BXL!7QjjRQ?gtG8b= zf+#?klWD}NBYlxPy&cLW9-cyLm$_J8e2&lh`xAy(>av)it=t_UdQoi6Cq6QvdZqkh zcl354rBtZ6PP)^!YQN}#(S9C*w_^xj`Rz)XWcW)RRnShWVx{An7?~T^937gFTf7!QY?n`hVDX zWYK6^ii@3?JiD!-$b{S8fA7D`8){$W(gM?CGF_|@K%$f-TUjknKR&+-l2+Y_{;mmD z5@px*X)CC89WHs&6#RYydnk~jrMtIJvs6LP-u(vdH{6&63g64dm(P4S7)NBK>St5#5Ti`>T`08tTG802u@ zX=0&tVC~V`;+@m>qI2V8z~iJph^{W=heN(dc*K(;09sVvjjrc1vWXZv-Gl<{1v#CG zfcpq84QGjrp!~bL!^kE$cZ~0NOUa|! zTN(sOkc#6+dmuuO*LN)+BJU+o|MtozrmBJg`bsdpyV6v1if6{v;8$#5tXYag6x{Z!RZh;_;<>El+NTh%r1p>oEW zNMZEIvVhni&Lm;anVN(B9+jlgWO`ETk*<-0h!=1Tte=duFl%$2xJQoYktP(!JsN6a zxj!vGjY$Y&9sew*5f?G)0!}qo+R0JQAzM0t^3iUQdm_Tp@%^J;3`HQP_KW0sO zC8-mPZqdBx2Y#e%lBIR#nIs6&H_86e$8tgOs^*x^IgB@F+dXrRnC(Q@AFMkzISfL0 zT`-d~mk_W;GEiXEfp{<`X-e^2%-l>WheLy({(Qs0_@==drZl94*&Z)?oagA!gFp0Z zw?zLMZn=)uw@#e887Pv-yy6cNht-}hGzPm+)k=MZiNOxvGBs20tj#ibN8&DP*7g-b z>dIEF=RnGs@q${7xIYa+j~RJjS?G1%5>ptTD$jS@yu;iR?%^1{1RG$36gRSPyQq-m zduw;%F|{%_tSQd5dnrt-oRDqqU(k-}3P_x=rv8m+VWQXfj_`4ywpd7!O@>A&1;@<;DLrWS6?^Srckj;G3rxQ5S z^0)QMD813WmSOhKGn6^3yX`Ie#*FD#nt?Kk{FJ#rd>&{99cCouKoZAMAy7^^IkApm z5MhLeCi9dijMYE-l>>1`0A@_BegHA$bx2ZeGm`rbZ!Q}s+@hA#Mm}4JEjf9$uhRF+ z&sXEOfkxtQY6>G0H32l~B+b2|E~*`akWuOJM_+Lh%X08^`%k2o@4#A_T2q~gWU&|9 z#W0#GVD}MFgcx*a*SErP%n4xzN8}F~IBzlvLU23097YaOPBr>u1gK{~~H z*%g-?tpyoIqdOu*V*G(rQ5R#H#@w{Wq|%LJ=N2$DOOApFfP)&nMPfaZ9(b^5opjb& zDwiQEMN(NZF{2TO{t-WnDc2}-8rM4RPDA%`2>z?xaj*bjMK>#17u}(OwK9(aFia#P zOy^(+-U07vGQ!J_U8@iJalG=dy`XSOG=bc-dA4N%u5SjyL0jA7n%cW|D1>1QyhB4B zgv`5OodLP|X~k+q2rV+?>@tvY_inkV3<@;>Pz`?HJyQ$v;CsZ+QagHuH-jAg7GjWKX2E== z{XN{5yd!lNxt{5*6favvfVqWNkrvXo{xLfFenI@$D(S1 z3D{L2Oc0hMcCUymErr-*i9Xa$mMoFfJLRF@#{+?Nm<8Gkd1s{{vN?0RZSwoz+efaO z5$n8Ke-d^7Xt+{HlnM0&eC+FRHa<^7{Cmd!cQ~s==e3P8t|W7Qtj*;ddT8ve3!Bba z)UHdmnDN$P#kN$&ET8JJnT^;{xRUb0w;d&8#;aPoJ`_G;t`i|>W(z`63nvXHp2!Cw zQ)iZtq6;1a7+Zx=84q|<%f1#&`R9P&KO6L>vkUq!YhBYdKWe&xrMHG4q7(DrkeVd! z`cq?|7S=F-j5c2*rw`Ycc{7}-X)3igNf|9}_YZutR9!k`gpDSF|NfAWYR!!pGTl7- z?INlHsg0VD7smUjiR+2A@9sR@>%ayt!|msJ_fyIUe?L+W@ArAhjg^3J42{6W6@Ly2 z;jbG79o*>|mYq@-gE~;vUEF2SYBm=`} zZ~#X{b;D!I4Ui)vB^T+yd z01tPVmLx9ra_B|!TI){?*AClM-pE?`Z5x-g@C%nR!Dl|q2fv26 z0QNBv(MmLO#LbA)!z}MvJB2;A9}Q!RxgRnm+$XUP_5cQ1yiK2^7i1iGgdNpGB?@cxmUq=Ib(@VjiQDNh-8al0C^^3k%4s_Dcl z2`3^B$upDlH(DHqoig@qzI97EbbTkabHT@hU-w-Qi>MV+Xi04(@$W=5}z) zk)4Tl{#hq;K@rtD@cUld^&!%9CL#4`p+o>6y^gj$vtOR48`<6fB10!j*!N9Z&O7b< z58-S4RH8jJ`4y^&|4bpm;dM(H?ma4Q%G&Y<#G&v{%NA*+npikGeQH_xJsW7bauJ>0 zJRyoi5@@SbAL{yE-IS6kW{SOK68fd8)O-Mz!A4eTdrIt2J< z#ocT!tMnl7DsXweqk37NF#vF0qO*%d>(2Hl0LrqaJBTfYVlZD7U5Ag@SA?W5bl4$f zTH1MK$gDOGg6dmKF?c9iemfb4rwPXo+)cguv!{ugy2?_YzK4pOn;TkzsUC!|J!!&7+JNo_0?!Y+y-xut zSLva|{z{0P2V7#<9rxNYvFSMb>T@>rKsvQ;&I{sir_fwNB0V-6Z$z?DQ;!m#No~p| z&obpD?flvXxyAL0sDEg>M5Tn6>^4|=Y#$tDV6xI_S1F$BAW`z8L~mZqQKt_>X5{%f zAqTf~ByPx9)Pnmbd_BX)P+G~I3n7E*jR{@|SSLRkz-(>bXj$NL$}K7YR~|Zpc~5>U zHrs4i*wk{=lM-aHfnKlM&osJZh3n~)hV3k^M^r{gmLpPDV5lE4gHkx!-S1@hj^zAa z&iuax4pcBC=q#>MP?szS_m1FgoPm@W9d=m!JkJnz#!A@(iN)>*`_l6*Xt+LwW;}Vs zS`xf?yDKKTz_!IObpRIW6!l=rTc=}9shh|F#|4btRO!MMw?VaHEDv14%pZ@ZqS#ZF z)Tg&aP$h+%xff4z3e+hRj`NPXG(Ae|-`u%2Y}mE%;$lSa z@h{J6;YH6doRj1C37KB8h>y}_+!=ZOCJtMX3aVZZ&1Y&UC=q{HI?!;}vuFQ)#=r-W z;xx4ut{{a&Mn1Zn^XE-I+~r-!-k}?L{8c?}MyVHHJb!Yut`LRyvLniRFYnnJCh0tj zsq-f=NNwiSb|cDeK?T7b}U;`F1NK8!8@jnVW_4&`trV9otRbY(k7_f3+MgS6-yx>NOPR~ z8Ee7|5ma@_eMTTpp?Q5`rZJ)AsxqckyWRH1B6lR*!6@H{LqQdrc7~Rp2i3soGIQw} zT0LMUh{{L2S)`UUgl$^cTameuCxkvH+gx`5351N1NVzV&21oL-E0w zDKOEpWAk|J#Kp1cpO9;Og4MeFN`q!1PFl~JxrdMo!{6m4mcz+ju@NXFVoA@u6zaCFe*~;Vn5TuPb*vUaa4U^4fZVL59I`VE6Qc)I@ih5+X-hJRw#=+NSq4gQ-Hcnq_!+<9To98|Z2XyM-oA8;Rz0c|i21#`E!*ObF z1oGQEa~BMDNp2T0FdV6zV*6~ZLkDX<&4QpJtHo}`L7%mttSOu2i69^g*7gKVYVPoR zsK^CeI;-S`Thg(JuGcmM`^2DeYkJqfQHg=mYVn99Ob!}G!BaCcke1J$rt?9yrsDxm zUAAg(_d&_UF|-1sIV;3=^%CF0>?@_rH;iX2Fdu^=Jr2yAW|z<5e|Nai(LZ{Kvh}(2fyv1yh&Mx|#vR_$B;j zm{jWW6$F${2_F+~W3*P; zv_>Nq8cyxclhMmVV8RY;tclrAQQ;S0MfpY4=Y-Btb_dvxYdn zRd#(2{ubMHFr36YQ$a{k#-Hb}w+r1pekJ5l3t8%V1=3(G3C)^zF*F?oF*O<{QmlXb z#=PkC3R-I?BZQ^#N~CD=StTVn3f$2jdTGdo)?3Rf4<)WBE&rQ&lSp+yfC0ce2cjk2 zHL_j6MC1Uq{319iS(%*f`IBwk*Ax1ZJ8||iD+Q04&*>y6tUG+ML(q=RQ8XC(zj$y;t4PxEA{Wb zHD&4LzVDA_8(lAsi;-Rn<&1iFl}H}Q*Pbhb)9Rik4_k^MnzLyJu$v!9n(i>Ld7Z{q zwqZzl46yM^l6VF^o$Rhvq6a3zsK<^!SYulEiHtC+NdBx59{~2nr69ano)k2GLJeea zLDR1$#gh|29nQE}%#Bz4ZiV%R9<<9#Ggb-;`c=G?&1U&@kIFVE&Lv&JerwN3&k$bB zT)s*^;aYl@rzM;ko1HO)UMM|Rn-q3z&Y-#85*n})$DbdklX=i=|4FFHP__Pl15?GIm|MRyn{_YrucHuerge@x;_YCG*Pm=OZiDwFPkAtm-^;x*i8KvEC%?{ykV}GJSa`c?^b=-+JzJ*Kk5Ws!(p8J|x z2P+F}^MW^`=NbQD01Lr~L^TK=F?9Fnv!QKZ_p0$~%G7u_{jkG8in!TZ!dqjvBi3Y9Vev8|r78TeQH6OS0?-j?o^wW6fy%v>q-Pfk%4OMqS|H z`OH%`tpSm+@)mWEt)Ig(|7XUgyY!b(ukmnlFEc6Y-T75w+C~L$RZZMB&%o!$a2IGf zQ77ZM(CY=3vyv&LJ-oYR{7(YJCKatuFP{V{v#Pb{i_=blGhWvF(msN5yL9m-boP2> ze%~z_qRwd{#P!1?aV%G~rDwYJe76`}H_UOtDm{iOFUtB27MM4*t~da^k-z_DS*WfA zEeD?xljBr3K@IAnai2>*fEfAD zH_&b9dmu$i8|@wbj=oTY1FZU67T8wwYM5AcJONUPBkKP+mCOWC1t|Y(tABM=ykYzv zev$qVO>_;szG`Q%IaN1KXU_5g`AD_5dGLG30r$eR$X~Cg4=8l?K`1Y9qQ7{_Lafe4$=2$K8yQ5k_8o zFmTDYX9E5r)9xze*<&EAgAytK=TK;No0rmn6HRJ$DiB)1-c3Z4HlEMrY|*#s4vxd+0c?30MD;g-1vWDN1G)t@yKCt4m!MM#(?->He5ODqGC%+T007FJMwDQa z#E+(n+^CyD%{zN2L0Td@d#r1Rb_wDAH~n9DWOl-1{afjo*jn1 zXzy2-4EhV?&ZGB#B zM}0y4pw^Skh3~F=E=cMWyuBR}KGG#W+n>Bi6I+oe)ZNIQl0aU61?x!T7JI=+ojO>T z{m{NR+|~CPUFPyyX&sh&{T;`6Z!7!~i%@+Q0NdsL3JKp(0p;cBjQNn)A~6a_F43opn#$AwCC z(4s_-z@Aot_m~-OHXGsj^q^zN2&Fnr?Xm#BqdM1>Ldo=B+G97FJOytUMc+WK$Tt|c zqlw}~5jgl@EGqc<`q8F`#stjr_5-4&?jA{gC2pX7#(?f8b~PPlm!qZF&#o(ZD5gc~ z<1W%#Dr^8z-Gofi*ABGc;hVmbH3eCN+d6ACO#xrrpsfZS7LOMz-4zU zhtv&}dhNwwWspKbAbYx`8@}H#%Q{_s@|`-zi4Wgowcte-WzM=*jtk(aS>3%Koe5BoU4MIH2;No^o>R;mAi4^vKLjBM0s#3_ zb@&rI=}?zDEh9$fDERf#r~s+QG5m*}7tx;idl}h$j{LYYW-_(y9&y$YZI})2kkUEz zqr7U>nd*2Ya}ASyM?N3As3%&oPJu4lPzRmd=rP<(S;RG4DaoQzCS{Vj}W8uS!xEM}y0xWlIuV6}Vomnm%B;g^$4~|}B&7J;M9snamjOy>>beO!p zAt^g?(tH>KRbeclxtgr~Q)!oNY+qVo8f>+^O_MI)(H4$dH}c#IM6b3&pM6zRaJ%=U z;~t(F#0L9UB-7NpnK@?V+P=_)$n+g@?WF8)aSlwJSfI8MUy^(Z7BAb8k9Q3Ch>)Jk z7waUmT7BEiB-b5fMbPgY-_U38M^5F^pd#ybqGjqe%w35JZ$uhe?|;@H@4>(12MI+< zN^fvTKHz`=0001*8~^|UZfLApQo2>YipN$@gH0@|Uxs1SbIT%P!WseW^A7VYS`UgW*x1ygW zbK?El@b~YNWdhM7@A+L1QU#nLlNCS+zR#P<+@qy2kR5V#$us8VJ#8#Lp~>!r^y58%h+Ip=5euh}*9q+d#|Fxp4m%|u(f@aV4UUOO6yzU@Of8{DDXRrI*5x#y{ zQ4{tKyE{;RD_GO=f~39#s0iui9mHLh?T=3_fyNG+)d}&F0V}l$q_UeT8%o+9oSZn$ z*RH`0iS_Szpbpq3hV#GtA|n?8x{5xY4u+Qy&BUu32xf6*riV3(Tp4TV3w;A*^@28Z zuQlmxinx-(|7bWgUP<({L$k11s#Y$RLGohA0c2Y}TwR?PFu}-lv=54*#Vy@8-i5|K zR0f>5!1_qvR;`kwI$kv6E9PnKrffMSU{?egLF$&%n){>5i5VGbPt1ZvA9%z9he%z6 z+CF_m7E*1iS@MJygW1W!5IY|5{CQ3!fmahKkCR|o{l)>nj_e%(^FS<$AIdKjx0q?b z5zTuzjzlFhQ%j^@caZX~w-G|={p~v!Jqad-lE0ez?w>}T zw^iZ`j*AjBj2O|{I=DDU-Pl?Y#cEac)G2giWI0!}FE4(8S_Ij{8^DS-n)4^2N&re6 z+TQEdJC>}9Nu1!0{)nJWBQm!kM3IJgKk#Xrlq;z<86Ye|*M*+b|!pJz{J<&;t|1Lfd*Vv#>?>2;~a({ru8jV`M; zBD>Ex(-ajT;a)mA$*ZzJ_IfR^a4O3wA+CE-scYN)DafOF0v5bG0#F*bts8ZrN9Ex(W>AJxmz^NZ8P{Erp8oYA)uek6qGlEgz|0rXCdu}|MRT_8 zT-vtTU=B26l?$=kyu5&joF)=St$PvI1H44=r};MxuIQk;3ZiZvsg|h15n-!1LS(u= zRifjrGtu7>kmBo>okb-n8Hd_XQ_(GN^f(4ZWH9T z!sQ2!Ap+Jv0Y^JpmdrmVoxq4)G6nTy6v-?_FYdaRe-hR73PO&VOp=KN>t?L0h>6TU zq!>%T*}Ei@2`tV{(Q5CuM3^kp6m~3k)*Nyx%dqnt`b62EjS>T!nP)+^E`~Na&K`%) z4kX6XPXKzR)3~emD$?5jqAm?muak8NgHBhsyVpU zz!@TIhRVCGnAB;~6-E#gIyKB@lF7YAbIQm!O^jy@{1R6%_bY@hw<1Q^IH>4yHZ+c39?wi|mORRdRo zu!`4B*K6O?mhRO-U6X%^1LTF5;>`+0sr$+XT0p-#Q1x?irg(16mWGH<&~aONIk5UN z(W8u|cvJdvL}K?)xcMd4`2QLomgOvqT?OsfjX=!2jsT1Bp&^jsg+mm7{h=%>6$GkK zTy>WljOM?RWtzY`lu;^V9QXMqK|1~#(c*xTuOY(glhgO2Olbxb&1bY1&v+l)9~GVd zrET_ytdtzHsm#dBx`M-iDde`;f2_Lv~)yaaS;9{@gftd}-xh2T6-SoA+@lCuRxi=j`%2P5e z?F|RurW@|rT*d;aeF7IKpx@QeR4iUl`u!dnb{3ox-Hiou(T=Qy0nEOx`S~X40?iHq!{~Iu?2wI*G@QiC#D@20;XNLku zTm-5P3tt~9Jkz%-V=3-M`JsbV{b1PfcZ@ijs{s#Wp3&BBpK|jsOa?2%eV0smBKVBi z(}-lI0t`XnhO{7+b{+M{^cG|={i`pYPePP`Dj92Nf(vl5h%tU9%z*CgO{B>!j$P`=%H#-&5BqzAa*~4u|)5? z-K`2t;4ZEkMiBg?EIhOG6jOZ)Zf2NTmwHh!#d8byLtRPx2Aj97i%1khH0Y#PtO*Dj z2~?*7@Y+oQS;Ka2%=5f08>}MFpJReiQrO;3u8h9*|4uMtP##l-C1*hDd@bY^-vY9B z&bR_0boIMX{}<-|INxUQvP*b^(p}{q3;4Hidj`Ptte!K|4lIc=@=fgXQ_ui0Vk$>- zf{-DQN+AFg+UQLF&OUc&U9u;W1@Pd#CW}tlbj3ruSE&Eti~*;_oNwyUalbB^MZ