From c0855251fe9ce197d4a79259c24ea97400db44a7 Mon Sep 17 00:00:00 2001 From: Vasco Date: Tue, 21 Apr 2026 18:09:25 +0100 Subject: [PATCH] shenanigansf --- VM_CONFIG.sh | 33 +++++++++++------- VM_OPENSSL.sh | 2 +- VM_ROAD_WARRIOR.sh | 16 ++++----- VM_VPN_GATEWAY.sh | 39 ++++++++++----------- ca.crt | 38 ++++++++++----------- ca.csr | 17 --------- ca.key | 52 ++++++++++++++-------------- ca/1000.pem | 74 ++++++++++++++++++++++++++++++++++++++++ ca/1001.pem | 74 ++++++++++++++++++++++++++++++++++++++++ ca/ca.crt | 21 ++++++++++++ ca/ca.key | 28 +++++++++++++++ ca/cheese.cfg | 11 ++++++ ca/create_all_keys.sh | 18 ++++++++++ ca/dh2048.pem | 8 +++++ ca/index.txt | 2 ++ ca/index.txt.attr | 1 + ca/index.txt.attr.old | 1 + ca/index.txt.old | 1 + ca/serial | 1 + ca/serial.old | 1 + ca/ta.key | 21 ++++++++++++ ca/user.crt | 74 ++++++++++++++++++++++++++++++++++++++++ ca/user.csr | 16 +++++++++ ca/user.key | 28 +++++++++++++++ ca/vpn.crt | 74 ++++++++++++++++++++++++++++++++++++++++ ca/vpn.csr | 16 +++++++++ ca/vpn.key | 28 +++++++++++++++ client.conf | 16 ++++++++- dh2048.pem | 8 +++++ relatorio/relatorio.log | 72 +++++++++++++++++++------------------- relatorio/relatorio.pdf | Bin 44498 -> 48079 bytes relatorio/relatorio.tex | 14 +++++++- ta.key | 21 ++++++++++++ user.key | 28 +++++++++++++++ vpn.conf | 7 ++-- vpn.csr | 29 ++++++++-------- vpn.key | 52 ++++++++++++++-------------- 37 files changed, 752 insertions(+), 190 deletions(-) mode change 100644 => 100755 VM_CONFIG.sh delete mode 100644 ca.csr create mode 100644 ca/1000.pem create mode 100644 ca/1001.pem create mode 100644 ca/ca.crt create mode 100644 ca/ca.key create mode 100644 ca/cheese.cfg create mode 100755 ca/create_all_keys.sh create mode 100644 ca/dh2048.pem create mode 100644 ca/index.txt create mode 100644 ca/index.txt.attr create mode 100644 ca/index.txt.attr.old create mode 100644 ca/index.txt.old create mode 100644 ca/serial create mode 100644 ca/serial.old create mode 100644 ca/ta.key create mode 100644 ca/user.crt create mode 100644 ca/user.csr create mode 100644 ca/user.key create mode 100644 ca/vpn.crt create mode 100644 ca/vpn.csr create mode 100644 ca/vpn.key create mode 100644 dh2048.pem create mode 100644 ta.key create mode 100644 user.key diff --git a/VM_CONFIG.sh b/VM_CONFIG.sh old mode 100644 new mode 100755 index 64df36b..b8abecb --- a/VM_CONFIG.sh +++ b/VM_CONFIG.sh @@ -1,18 +1,25 @@ #!/bin/bash -# NOTA(vasco): vamos ter q fazer isto mil vezes -sudo yum install -y epel-release -sudo yum install -y openvpn iptables-services -sudo systemctl stop firewalld -sudo systemctl disable firewalld -sudo systemctl mask firewalld -sudo systemctl enable iptables -sudo iptables -F +# NOTA(vasco): feito para correr como root +if [[ "$USER" != "root" ]]; then + echo "corre o script como root" + exit 1 +fi + +yum install -y epel-release +yum install -y openvpn iptables-services +systemctl stop firewalld +systemctl disable firewalld +systemctl mask firewalld +systemctl enable iptables +iptables -F CA_DIR="/etc/pki/CA" -sudo mkdir -p "${CA_DIR}/newcerts" -sudo touch "${CA_DIR}/serial" -sudo cp ca.crt $CA_DIR +mkdir -p "${CA_DIR}/newcerts" +mkdir -p "${CA_DIR}/private" +touch "${CA_DIR}/index.txt" +echo 01 > "${CA_DIR}/serial" +cp ca.crt $CA_DIR -sudo mkdir -p /etc/openvpn/server -sudo mkdir -p /etc/openvpn/client +mkdir -p /etc/openvpn/server +mkdir -p /etc/openvpn/client diff --git a/VM_OPENSSL.sh b/VM_OPENSSL.sh index f80b7d8..97e1a0b 100644 --- a/VM_OPENSSL.sh +++ b/VM_OPENSSL.sh @@ -7,5 +7,5 @@ source VM_CONFIG.sh if_dentro="enp0s8" ip_dentro="10.60.0.1" -sudo ifconfig $if_dentro $ip_dentro netmask 255.255.255.0 +ifconfig $if_dentro $ip_dentro netmask 255.255.255.0 cp openssl.cnf /etc/pki/tls/ diff --git a/VM_ROAD_WARRIOR.sh b/VM_ROAD_WARRIOR.sh index 331c1de..4429e60 100644 --- a/VM_ROAD_WARRIOR.sh +++ b/VM_ROAD_WARRIOR.sh @@ -10,14 +10,10 @@ bash VM_CONFIG.sh ifconfig enp0s8 193.136.212.10 netmask 255.255.255.0 route add default gw 193.136.212.1 # default gateway LIKE A SHEEP -# certificado -[[ -e "user.key" ]] && echo "user.key ja criado" || sudo openssl genrsa -out user.key -[[ -e "user.csr" ]] && echo "user.csr ja criado" || sudo openssl req -new -key user.key -out user.csr -[[ -e "user.crt" ]] && echo "user.crt ja criado" || sudo openssl ca -in user.csr -cert ca.crt -keyfile ca.key -out user.crt - +# copiar tudo vpn_dir="/etc/openvpn/client/" -sudo cp ca.crt $vpn_dir -sudo cp user.csr $vpn_dir -sudo cp user.crt $vpn_dir -sudo cp client.conf $vpn_dir -openvpn --config /etc/openvpn/client/client.conf +cp ca/ta.key $vpn_dir +cp ca/ca.crt $vpn_dir +cp ca/user.crt $vpn_dir +cp client.conf $vpn_dir +openvpn --config "${vpn_dir}/client.conf" diff --git a/VM_VPN_GATEWAY.sh b/VM_VPN_GATEWAY.sh index b1f2615..fb37221 100644 --- a/VM_VPN_GATEWAY.sh +++ b/VM_VPN_GATEWAY.sh @@ -22,33 +22,30 @@ mega_tunel="tun0" ip_mega_tunel="10.8.0.1/24" # --- interfaces --- # -sudo ifconfig $if_fora $ip_fora netmask 255.255.255.0 -sudo ifconfig $if_dentro $ip_dentro netmask 255.255.255.0 +ifconfig $if_fora $ip_fora netmask 255.255.255.0 +ifconfig $if_dentro $ip_dentro netmask 255.255.255.0 # --- ip forwarding --- # -sudo echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf -sudo sysctl -p /etc/sysctl.conf +echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf +sysctl -p /etc/sysctl.conf # --- nat forwardin de vpn para clientes --- # -sudo iptables -A INPUT -p udp --dport 1194 -j ACCEPT # :O -sudo iptables -A FORWARD -i $mega_tunel -o $if_dentro -j ACCEPT # :P -sudo iptables -A FORWARD -i $if_dentro -o $mega_tunel -j ACCEPT # ;) -sudo iptables -t nat -A POSTROUTING -s $ip_mega_tunel -o $if_fora -j MASQUERADE # :D -sudo iptables-save > /etc/sysconfig/iptables # :3 - -# criar certs -[[ -e "vpn.csr" ]] && echo "vpn.csr ja criado" || sudo openssl req -new -key vpn.key -out vpn.csr -[[ -e "vpn.crt" ]] && echo "vpn.crt ja criado" || sudo openssl ca -in vpn.csr -cert ca.crt -keyfile ca.key -out vpn.crt -[[ -e "dh2048.pem" ]] && echo "dh2048 ja foi criado" || openssl dhparam -out dh2048.pem 2048 +iptables -A INPUT -p udp --dport 1194 -j ACCEPT # :O +iptables -A FORWARD -i $mega_tunel -o $if_dentro -j ACCEPT # :P +iptables -A FORWARD -i $if_dentro -o $mega_tunel -j ACCEPT # ;) +iptables -A FORWARD -i $mega_tunel -o $if_fora -j ACCEPT # faltava isto ? +iptables -A FORWARD -i $if_fora -m state --state ESTABLISHED,RELATED -j ACCEPT # faltava isto ? +iptables -t nat -A POSTROUTING -s $ip_mega_tunel -o $if_fora -j MASQUERADE # :D +iptables-save > /etc/sysconfig/iptables # :3 +# servidor vpn_dir="/etc/openvpn/server" -sudo cp vpn.key $vpn_dir -sudo cp vpn.conf $vpn_dir -sudo cp vpn.csr $vpn_dir -sudo cp vpn.crt $vpn_dir -sudo cp dh2048.pem $vpn_dir -sudo openvpn --config "$vpn_dir/vpn.conf" +cp ca/ta.key $vpn_dir +cp ca/ca.crt $vpn_dir +cp ca/user.crt $vpn_dir +cp vpn.conf $vpn_dir +openvpn --config "${vpn_dir}/vpn.conf" # NOTA(vasco): o ficheiro conf vai ser vpn.conf pq isso é o nome do serviço # o serviço nao funciona ???? -# sudo systemctl enable --now openvpn-server@vpn.service +# systemctl enable --now openvpn-server@vpn.service diff --git a/ca.crt b/ca.crt index e225c4b..957c3f5 100644 --- a/ca.crt +++ b/ca.crt @@ -1,21 +1,21 @@ -----BEGIN CERTIFICATE----- -MIIDaTCCAlGgAwIBAgIUD2JnuJYQPRP/h3PPf1FsiNHLUekwDQYJKoZIhvcNAQEL -BQAwXTELMAkGA1UEBhMCUFQxEDAOBgNVBAgMB0NvaW1icmExETAPBgNVBAcMCENv -aW1icmFhMQswCQYDVQQKDAJVQzEOMAwGA1UECwwFRkNUVUMxDDAKBgNVBAMMA1ZQ -TjAeFw0yNjA0MjAxMTAzMDhaFw0yNzA0MjAxMTAzMDhaMF0xCzAJBgNVBAYTAlBU -MRAwDgYDVQQIDAdDb2ltYnJhMREwDwYDVQQHDAhDb2ltYnJhYTELMAkGA1UECgwC -VUMxDjAMBgNVBAsMBUZDVFVDMQwwCgYDVQQDDANWUE4wggEiMA0GCSqGSIb3DQEB -AQUAA4IBDwAwggEKAoIBAQDaDICRTLW69RpumTHY6kBy6Ip4QPzoB+nCbvFEYtM2 -mdgmn0e1PLg1FwosL0h8BxOyWApGlbqYKV0dBt+rC7IF3gKrLNTNCadjk7+zualG -6wvEK1H7Rteo0/Y5DF24/V+GihEUzktu8K9pPcBXsl8LlIodxVe8P2R02Tubgp/i -mKKHvER6y7FPc0UNkqqTWYhqa8KLpuNqZvDJnNUM3oJF1do9JlnjNJZcI63nb+6K -bvZjj9tqRbdbqE3A7NTDg7agTt298UGER7N4kzKGPzdYO8orKKp8fbkrcwRO98gb -lib4gVEdsY3JBCQLs6QtwW+ehwhVVIqHQMOJuLENM+a5AgMBAAGjITAfMB0GA1Ud -DgQWBBRbBGnllBjk6IPuPY16Xr+4surKuzANBgkqhkiG9w0BAQsFAAOCAQEAGP5/ -rS39yY/rs3yc6KE0ag9gIN2YU34nTNps3MUlGJ5/E6mMBLdlNh5EKIn+Df81wNhG -qETLw/1VScZiZK6waH2svDPPKk76e/4oY6JF+xCnOayOIBwYgYvUqrG1I0KjTmEO -Qg0AlZg84pkyLRzd2vN/opzSz/r6hQJgQQ/kwbiJxX3dpwRwrees4OO18LN31l1Y -Gsna3u6IWLWouc4Q60i6AptW9pzCPI0op7UlZyqezLI/osG9jv4RSr8aq0reH0Zs -TWso/PMtltVgLuTLqE5oU+GW/3r0H2LA0q6qsLHCSbQRHcwNdU2UbuFzXKqn5vgv -5tjt5x4YgUgGSth7Qg== +MIIDhzCCAm+gAwIBAgIUIJ7vLVpspdrCt0ZGary7IZ9A04AwDQYJKoZIhvcNAQEL +BQAwUzELMAkGA1UEBhMCUFQxEDAOBgNVBAgMB0NvaW1icmExEDAOBgNVBAcMB0Nv +aW1icmExCzAJBgNVBAoMAlVDMRMwEQYDVQQDDApDb2ltYnJhVlBOMB4XDTI2MDQy +MTE2NDQzM1oXDTI3MDQyMTE2NDQzM1owUzELMAkGA1UEBhMCUFQxEDAOBgNVBAgM +B0NvaW1icmExEDAOBgNVBAcMB0NvaW1icmExCzAJBgNVBAoMAlVDMRMwEQYDVQQD +DApDb2ltYnJhVlBOMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzPJP +agkW/HrzLO5+G6ZKpX2Skz0tflpFtVAaihRrPEXwWMKKIShElNvskDT50OOIYY2Z +gGRUlVZJN2OiM5aJbvlxooAa/xER8y2pU/dgZN8ibllVYT6gd9yzEfdjUs7/y/aa +DFPSBtrmVveCF3J7tu3H977dAc8u78+MoD5OHzu7Ko8FM5ZyMYoERxyB4H+nUKJO +lXDIo3FZDmYfPbmmqoYfCYCiRIgyjXR+/WFL7vFrylrd39Ntt6JF9PixsMkv1beu +IBkE38m72Am9vW5ljlu7kMmUKFKZEuuHV/uqFINqXS7NJpU89eWde9NdS446NLVG +PL2A04Er7c/h/qM8gwIDAQABo1MwUTAdBgNVHQ4EFgQUCJPlxX9Lb9ZQGLq4CaXS +UQV6OuswHwYDVR0jBBgwFoAUCJPlxX9Lb9ZQGLq4CaXSUQV6OuswDwYDVR0TAQH/ +BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAWvgP1qEwL+z42xis/qjzWrIX2vAF ++NR/d34EzLM5NThARgymMcEfHi+Ozadl0dwp5IyLR/rm2beROeLYal9lpadpNvT1 +eOV8Ck8VtA7a16N5S8sawB8dtkVtfiP/Z6125nTl7aLO1xyQsdbK6XWNLE1GT9I+ +RewJRLtDYJ77se/HSW48tcFL3KsjhALCq6iV0MlmMgLoIrefkClb7hG2Hz9D70Pd +7OY79v0rNerDYQpuzTucIBDjKsHYw3597kxeO376AuO0M49gA2jIzjrHJGOjAirG +PnsDmFjgftwA69kvKjSPuw2feSr0/jNOnKF1LD02M5VMQ3zL6lexP+reOA== -----END CERTIFICATE----- diff --git a/ca.csr b/ca.csr deleted file mode 100644 index 698f26c..0000000 --- a/ca.csr +++ /dev/null @@ -1,17 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIICojCCAYoCAQAwXTELMAkGA1UEBhMCUFQxEDAOBgNVBAgMB0NvaW1icmExETAP -BgNVBAcMCENvaW1icmFhMQswCQYDVQQKDAJVQzEOMAwGA1UECwwFRkNUVUMxDDAK -BgNVBAMMA1ZQTjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANoMgJFM -tbr1Gm6ZMdjqQHLoinhA/OgH6cJu8URi0zaZ2CafR7U8uDUXCiwvSHwHE7JYCkaV -upgpXR0G36sLsgXeAqss1M0Jp2OTv7O5qUbrC8QrUftG16jT9jkMXbj9X4aKERTO -S27wr2k9wFeyXwuUih3FV7w/ZHTZO5uCn+KYooe8RHrLsU9zRQ2SqpNZiGprwoum -42pm8Mmc1QzegkXV2j0mWeM0llwjredv7opu9mOP22pFt1uoTcDs1MODtqBO3b3x -QYRHs3iTMoY/N1g7yisoqnx9uStzBE73yBuWJviBUR2xjckEJAuzpC3Bb56HCFVU -iodAw4m4sQ0z5rkCAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4IBAQARfdJpU+K1v7rR -IOPfHUq4BWApbhrv7bqwykK+YgyWzmEzNSp7jq91Wa4GnokbHruGsp+M0h3C/5fw -EhZakFDwykThVbxRk+iuPp7MpXPKMPGvFVzxIrD9xk7KSBUnhx0+dhwu5r0U+Uqh -A5HP44nUHjnIWQ+nah9IA4Z4ldks6bvl6rBrZf1znLLq/kZSb6bSsg9zLFJyJzeH -v5amC2OKPqREqeKzNQJhUNMAU360zDi8sf+dvDDtcwaevk71g/SEcZbJbw1KMR6g -orORkT5uSi97mTJ8+hZMw+0hNyqBG/Zflq6aMzm97RlBGHBhFL/5ITpYx+S7vcQC -EehlTcbM ------END CERTIFICATE REQUEST----- diff --git a/ca.key b/ca.key index fc230fe..7acbf88 100644 --- a/ca.key +++ b/ca.key @@ -1,28 +1,28 @@ -----BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDaDICRTLW69Rpu -mTHY6kBy6Ip4QPzoB+nCbvFEYtM2mdgmn0e1PLg1FwosL0h8BxOyWApGlbqYKV0d -Bt+rC7IF3gKrLNTNCadjk7+zualG6wvEK1H7Rteo0/Y5DF24/V+GihEUzktu8K9p -PcBXsl8LlIodxVe8P2R02Tubgp/imKKHvER6y7FPc0UNkqqTWYhqa8KLpuNqZvDJ -nNUM3oJF1do9JlnjNJZcI63nb+6KbvZjj9tqRbdbqE3A7NTDg7agTt298UGER7N4 -kzKGPzdYO8orKKp8fbkrcwRO98gblib4gVEdsY3JBCQLs6QtwW+ehwhVVIqHQMOJ -uLENM+a5AgMBAAECggEAAlGgopBGkfvg5DUg8onk4Hv121sd6BX2dSeCzWurdptl -UQgqW28Z/+be8t2YB3P3+wfEkzUs2Ej/U8t9YIdV2ooJV0/unZVufZNQ4MzMNAQp -pRRMsW+yo9mzjC4uxySlqeD+bG0ttZrdvgXRYvVeB/ne9qZWZ/rOGw/Y2mRlxiN8 -9aotelpIFboy1CXyYBRlcVPgqDNCvbvFkJ+uAqWDjvKOzqML45qfhTiTCcPNwZ0v -lZhZtvhIen5hepOII2VSnNoVxdWSIy+p8//1LT5EvSaK7+vyGRS/dLyjAdMTmWUW -92NsuD0hOGZdejy0vzVxowcXEkZ3aDmqAxHZhIY90QKBgQD5ZPtgA2BCdSnnt4lk -nyH0SJqOmLs2NzgzP6jDgLbH5Xd8zQa0Jk41Axttj91d+l31SqKF30+lTfRU6RBq -p6E5kF8LNm0ZA2PgPvmq/a4eS2eEjGl39DHsVMzvCsiN5ic05SP1VKgxM5hD+1U0 -KK8cGwABrc9OIh8sxDmwzdsbUQKBgQDf0vs+DGgLBHwAkenruUGAy/KqFk3wNKG8 -lRzGgvqUqi+XqWLPS7u2FdstCnMTS1L4g/IKkgR15BCi3MkBh1JwQ8MWT/zE0nHQ -3oJHMhXXWLp3ft1PQ74BN2al0TNu/U2h7vrRhlVNg1iLcBfMI4yqqyjV8YEZEBaH -RhsDuNDq6QKBgQCyy/PwNNtpKeh+KLZGvlOwd/DetJ7bUqFnFIegigIAtAGDJtZc -h23gUbbzSIXzH1EHT5fPFHdcUtQNn/3WCRHsXBXXyxBSM30CQwPp0+9l5rdzbtsa -VacJAQ7ffcKlANEw+epas3PVumC6tFC0kUphgvXxPjP2lz30cUXO/PbN0QKBgEq5 -rZexnKrQ/HVUQbypRO0zKfkPKUYgzD6hqdG8uNwZVXpU2uBKcIkCEwKeknzGkRTX -OF+/EC4rzkIRZCpWe3dvqBoy6jjr6YPKRcRvPEuBG//5Ivnrq+vMC0Eg7wMHHnwJ -xUNejewrBczHx6on1DbGngOPdYJglKTlCu/bLCTBAoGAKTHPH1YJPRbn7yEzpdjt -22aoxEjwSVIyQc49Q5Ophuvwit+7CeiJ2bRqHadRmJA65Z/4MJ4O3LupLa0BaGS0 -+F1+sW5ap37qisJrHlSUfVN/IPhonmnULV9DEwj3ronYsmYHaY1TPI/tQaTLN1Q4 -Kcr3D6K2flqH6rmEX3KKLMA= +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDM8k9qCRb8evMs +7n4bpkqlfZKTPS1+WkW1UBqKFGs8RfBYwoohKESU2+yQNPnQ44hhjZmAZFSVVkk3 +Y6Izlolu+XGigBr/ERHzLalT92Bk3yJuWVVhPqB33LMR92NSzv/L9poMU9IG2uZW +94IXcnu27cf3vt0Bzy7vz4ygPk4fO7sqjwUzlnIxigRHHIHgf6dQok6VcMijcVkO +Zh89uaaqhh8JgKJEiDKNdH79YUvu8WvKWt3f0223okX0+LGwyS/Vt64gGQTfybvY +Cb29bmWOW7uQyZQoUpkS64dX+6oUg2pdLs0mlTz15Z17011Ljjo0tUY8vYDTgSvt +z+H+ozyDAgMBAAECggEAHGM32B0i351RekNymPaDV8GOqvG0unqwiyO++VSeDJQ3 +bWP3lA4q1F+ouHTODD69UPM3HuScHq9RUZMYZYLleHH5aSPLbtHOJbEzx3CixnYY +eSZ16r6s+s1JdHn1elk3xJMHgCD1ci5Ml3aNwMetFofVxJ2IU/bUWTKWF6AUXBjq +KEu4nQF7f2Zv1uCplyEegmq/IOqY96BV1VJ0q3YDAOdTxmIAmQ2hy0A7VOHmN/ov +YzetyCZFufHCrL3yF/JoHCyV7VkPLtIXLs8wi3RI1L2SThDuKhNKoX6atlGrsMwd +X0uu1esRPcRfCA6GDRcCXV1F1AVxT/3r1r1p9xGm8QKBgQDmNTOttVO+02gsuiS3 +ZMyRcjHDJMVj9KQnq3SCVEzsj3003L9hvuKwFczlHKOpwTwxyEd0nufhTN6eLcaO +Cn8xnOZTA4e1HegZBLpkxAp0GU1EXqoysXcqhdBBjRlf/LH+LU+nyrNXKj6+4Zrc +UbirMvIN7An/Inb8vjROpOp4yQKBgQDj6JD7l/Vb7cpTyU3Y8mMlQs84GLyjB3Ki +vH4tP05U+DJ5MNAO4veA/q5EsEjoCT3vZT9sdF3jeiEpf5EAv8JhwWBB35225seM +yM8DZNnJlvFexkP/flrthLvL90ybcwkFXRrJmpXmj8Xn4ybgBkKBYA70CDnnTn09 +dxvvuT186wKBgQCPzc4hhfLxcohR4FnNQidT+BzDxTWVEh51NXKLc3O2FpBlNDxN +J/vdeVDMEk7eXPpoMq8IV7eMEwPBleDBnCcGa/epBbyBVFRHRJ/XEGtjSObufaAe +GKPTKVIFkMm4H1dk6xMmQsYy/g3CGZYuaNJOB34TWk6IVRQ1H+/27KgXmQKBgQDP +aWkAv2OZfQgERpClXroiP/IMEF8kU3PdbIO8M//azmJI7sZ6tc4fxCfe9Tv0h+yo +wND+p8yGaDBj7ueM8fc6Nd2fNZ33xYFXu6zCXvbhQpB5+yAJFfo0bPboAjDiy8cq +7XeigB/py3CFv7Eych/2U/Bn4FCqFEFgPdTbzw6JbwKBgEMh1u/WpFJa3QG3WesZ +o7XoL50q9XLFN8LgHVlGv6QJzG4K9D4Rkc7jgEfWzKEsQqmV7+oSx5jTP19KkO5r +xM8j4VTSsBneyBHe9WrKaJpD0zQYRQDrY+8DAdYUMklz8HVB3/kTzedDPYs0fWKN +QnMabRCqnfZCbIwYjTkT9RoU -----END PRIVATE KEY----- diff --git a/ca/1000.pem b/ca/1000.pem new file mode 100644 index 0000000..9c5773e --- /dev/null +++ b/ca/1000.pem @@ -0,0 +1,74 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 4096 (0x1000) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=PT, ST=Coimbra, L=Coimbra, O=UC, CN=CoimbraVPN + Validity + Not Before: Apr 21 16:57:47 2026 GMT + Not After : Apr 21 16:57:47 2027 GMT + Subject: CN=gateway + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:ad:da:52:8d:65:c2:8d:68:5a:32:e2:f3:7e:7e: + cd:13:9e:fc:51:72:f1:80:4c:61:fb:38:b4:87:9a: + 57:92:27:5b:ff:86:1f:95:f6:4b:ec:7c:7e:2f:b9: + 37:36:17:18:b2:db:16:0c:91:f2:d5:f5:4d:49:e8: + 3b:b8:0a:1f:8f:e9:f6:16:7a:15:22:7a:4c:f3:6d: + c2:b1:76:f2:2a:81:4e:56:a6:01:16:16:b5:e5:68: + 74:3b:15:35:f2:88:78:e6:f9:7b:1e:5c:d4:b3:f6: + d1:43:13:1d:8e:82:90:38:2d:43:88:7c:35:cc:c1: + 7c:6d:8e:ed:21:5a:9a:31:0e:5f:3d:dc:7c:5e:46: + 1d:f0:46:41:86:70:48:a2:a9:62:4d:ba:14:d3:5b: + 67:25:bf:d9:46:e6:d7:59:26:99:e2:e0:25:16:a0: + 1b:cd:d1:81:ca:75:d7:d6:bd:c5:7b:25:4b:e9:58: + d2:22:f6:b1:bb:b2:5e:7d:67:9f:fd:1d:44:b4:b5: + d2:b6:ca:9e:e7:53:81:a0:4b:bf:b6:0a:61:e6:ba: + a0:e2:0a:a4:bb:21:16:90:36:c7:95:96:ae:9b:23: + e0:06:47:36:24:0b:ec:23:3d:e0:8c:42:b8:aa:9e: + 38:92:18:d7:6f:19:42:76:fd:0f:42:75:46:e6:86: + e6:75 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 9F:68:08:83:F5:DC:C3:11:2B:69:5D:A4:81:EF:DE:7B:7D:6E:AE:3A + X509v3 Authority Key Identifier: + E9:2F:00:A5:42:63:B5:C8:31:7B:FE:46:45:49:02:A8:55:DF:04:C6 + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 13:0b:5e:3c:0c:dd:e8:e1:04:12:bb:c6:98:e1:52:72:12:b4: + 8f:46:f0:5a:48:b6:f1:69:d3:65:e5:1e:ef:ed:03:fe:9f:ee: + 0f:bc:72:ad:cd:52:b5:18:ca:9c:c0:1c:f1:48:80:64:b6:90: + 33:12:fb:18:4b:e1:a7:c9:0b:1e:16:e5:72:4a:e1:f9:b6:e3: + 5d:b9:06:2d:ed:cc:d7:ee:7d:8c:22:99:69:46:d3:88:64:19: + 1e:3f:02:b7:37:2a:99:6b:ba:07:77:e8:f0:e5:50:41:51:94: + 6e:87:d9:71:5c:47:ef:a9:2a:b5:cf:86:2a:98:a5:c9:bd:01: + 04:f6:81:d3:81:d2:40:c6:83:29:42:2f:ad:d8:4c:ac:6c:df: + 89:93:8c:bb:48:cb:dc:62:a4:55:ed:f7:c9:b6:01:41:48:20: + dd:9f:5f:fa:55:8b:d6:f4:0e:ee:00:63:53:11:19:5a:77:47: + 0e:ec:4b:8d:08:8d:e2:51:3a:d6:97:ee:16:4c:0d:b3:ac:42: + e2:21:18:dd:c0:41:db:95:88:dd:18:cd:61:df:f3:c5:b0:12: + c4:4a:55:75:63:a4:69:44:38:2e:2e:3c:cf:51:6f:b8:36:25: + 24:d2:56:4f:eb:a0:50:93:73:2e:a9:ed:a4:92:41:3b:73:20: + 3f:57:e7:b2 +-----BEGIN CERTIFICATE----- +MIIDIzCCAgugAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwUzELMAkGA1UEBhMCUFQx +EDAOBgNVBAgMB0NvaW1icmExEDAOBgNVBAcMB0NvaW1icmExCzAJBgNVBAoMAlVD +MRMwEQYDVQQDDApDb2ltYnJhVlBOMB4XDTI2MDQyMTE2NTc0N1oXDTI3MDQyMTE2 +NTc0N1owEjEQMA4GA1UEAwwHZ2F0ZXdheTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAK3aUo1lwo1oWjLi835+zROe/FFy8YBMYfs4tIeaV5InW/+GH5X2 +S+x8fi+5NzYXGLLbFgyR8tX1TUnoO7gKH4/p9hZ6FSJ6TPNtwrF28iqBTlamARYW +teVodDsVNfKIeOb5ex5c1LP20UMTHY6CkDgtQ4h8NczBfG2O7SFamjEOXz3cfF5G +HfBGQYZwSKKpYk26FNNbZyW/2Ubm11kmmeLgJRagG83Rgcp119a9xXslS+lY0iL2 +sbuyXn1nn/0dRLS10rbKnudTgaBLv7YKYea6oOIKpLshFpA2x5WWrpsj4AZHNiQL +7CM94IxCuKqeOJIY128ZQnb9D0J1RuaG5nUCAwEAAaNCMEAwHQYDVR0OBBYEFJ9o +CIP13MMRK2ldpIHv3nt9bq46MB8GA1UdIwQYMBaAFOkvAKVCY7XIMXv+RkVJAqhV +3wTGMA0GCSqGSIb3DQEBCwUAA4IBAQATC148DN3o4QQSu8aY4VJyErSPRvBaSLbx +adNl5R7v7QP+n+4PvHKtzVK1GMqcwBzxSIBktpAzEvsYS+GnyQseFuVySuH5tuNd +uQYt7czX7n2MIplpRtOIZBkePwK3NyqZa7oHd+jw5VBBUZRuh9lxXEfvqSq1z4Yq +mKXJvQEE9oHTgdJAxoMpQi+t2EysbN+Jk4y7SMvcYqRV7ffJtgFBSCDdn1/6VYvW +9A7uAGNTERlad0cO7EuNCI3iUTrWl+4WTA2zrELiIRjdwEHblYjdGM1h3/PFsBLE +SlV1Y6RpRDguLjzPUW+4NiUk0lZP66BQk3Muqe2kkkE7cyA/V+ey +-----END CERTIFICATE----- diff --git a/ca/1001.pem b/ca/1001.pem new file mode 100644 index 0000000..e22516a --- /dev/null +++ b/ca/1001.pem @@ -0,0 +1,74 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 4097 (0x1001) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=PT, ST=Coimbra, L=Coimbra, O=UC, CN=CoimbraVPN + Validity + Not Before: Apr 21 16:57:47 2026 GMT + Not After : Apr 21 16:57:47 2027 GMT + Subject: CN=warrior + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:9a:93:a0:1e:45:28:7b:b2:31:7c:06:99:40:ad: + 93:54:ba:14:87:17:f5:23:49:28:85:00:66:7d:94: + 83:79:b0:b9:d7:db:55:12:d0:90:f3:75:51:b8:8e: + 58:47:8c:61:04:23:a1:e4:49:91:b1:99:72:e7:09: + 24:ba:a1:5a:96:4e:b8:c3:c6:51:69:f7:de:15:97: + c4:1e:f2:ac:65:10:43:57:78:c4:0a:f8:9b:23:fa: + 0d:c7:b3:82:90:46:0c:51:48:a4:15:bf:43:92:2c: + b8:ab:ee:b6:8d:17:a4:37:80:45:fe:ab:a6:1c:9c: + cf:73:5f:cb:4d:3c:f7:63:9a:49:d9:96:73:d2:ad: + 0b:7d:ce:13:60:fd:c8:da:35:fd:18:e0:a6:ff:89: + ed:78:22:0f:b2:c8:eb:cb:dc:bd:d9:29:29:7d:e1: + 54:80:83:8b:f1:6b:82:56:2a:1f:18:d0:f8:a5:3c: + 84:79:ad:5b:cf:98:d0:a1:92:33:ca:5d:af:d3:1a: + 04:20:51:e9:0a:81:63:61:12:72:d9:58:3f:dc:a5: + d5:26:7c:a2:7c:fe:67:d2:74:1d:95:22:25:52:02: + 63:bd:0c:fc:10:1d:d6:77:67:5d:a4:48:3d:be:15: + 93:27:b0:17:0d:d5:8e:53:e6:92:3c:76:16:0b:c2: + f1:4b + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + E5:2F:47:65:47:CE:9E:F4:AC:B3:F8:5C:29:34:92:1E:A8:2C:50:86 + X509v3 Authority Key Identifier: + E9:2F:00:A5:42:63:B5:C8:31:7B:FE:46:45:49:02:A8:55:DF:04:C6 + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 73:66:cc:33:e4:34:e2:d5:fb:8c:3e:e9:b7:bb:aa:3f:41:bf: + 9e:f8:db:6d:77:2a:d3:7a:88:69:7a:ee:e7:6c:71:91:a7:7e: + c7:6c:7c:c4:f7:cd:bf:eb:e0:b5:7f:2f:90:59:be:18:c8:72: + 5d:4c:09:6a:5c:9d:5c:73:b0:53:0c:c0:08:fa:fc:d6:7c:bb: + cc:d6:39:b0:50:f2:58:73:f4:2b:d6:87:2b:e1:a5:fc:4e:fe: + 4a:f3:8c:6e:94:47:54:c6:06:55:9e:16:06:2f:bd:df:c3:76: + e8:2b:19:eb:49:81:e2:6d:d1:53:2c:d0:18:2c:77:55:09:31: + 90:73:c0:c8:78:79:89:c0:73:08:96:f0:27:04:8c:27:70:f6: + 6f:a1:75:76:3b:4b:c1:0e:81:85:51:8d:25:23:69:ff:3c:b1: + 3f:98:7a:5f:44:dd:75:77:31:f5:06:dd:34:1f:81:9a:53:3f: + 78:9c:a3:5d:74:de:e5:7a:c6:34:39:9a:6c:ad:97:44:7b:93: + 1b:02:ae:9b:66:5f:62:78:2f:37:20:bc:f1:8a:0a:e8:e6:66: + 8d:0b:7a:d4:14:7c:8b:2e:6b:c7:34:2b:56:85:b5:91:9a:ee: + 20:01:f8:3d:e7:22:6e:18:82:52:5c:71:a4:dc:88:4c:09:d8: + 4b:33:1e:35 +-----BEGIN CERTIFICATE----- +MIIDIzCCAgugAwIBAgICEAEwDQYJKoZIhvcNAQELBQAwUzELMAkGA1UEBhMCUFQx +EDAOBgNVBAgMB0NvaW1icmExEDAOBgNVBAcMB0NvaW1icmExCzAJBgNVBAoMAlVD +MRMwEQYDVQQDDApDb2ltYnJhVlBOMB4XDTI2MDQyMTE2NTc0N1oXDTI3MDQyMTE2 +NTc0N1owEjEQMA4GA1UEAwwHd2FycmlvcjCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAJqToB5FKHuyMXwGmUCtk1S6FIcX9SNJKIUAZn2Ug3mwudfbVRLQ +kPN1UbiOWEeMYQQjoeRJkbGZcucJJLqhWpZOuMPGUWn33hWXxB7yrGUQQ1d4xAr4 +myP6DcezgpBGDFFIpBW/Q5IsuKvuto0XpDeARf6rphycz3Nfy00892OaSdmWc9Kt +C33OE2D9yNo1/Rjgpv+J7XgiD7LI68vcvdkpKX3hVICDi/FrglYqHxjQ+KU8hHmt +W8+Y0KGSM8pdr9MaBCBR6QqBY2ESctlYP9yl1SZ8onz+Z9J0HZUiJVICY70M/BAd +1ndnXaRIPb4VkyewFw3VjlPmkjx2FgvC8UsCAwEAAaNCMEAwHQYDVR0OBBYEFOUv +R2VHzp70rLP4XCk0kh6oLFCGMB8GA1UdIwQYMBaAFOkvAKVCY7XIMXv+RkVJAqhV +3wTGMA0GCSqGSIb3DQEBCwUAA4IBAQBzZswz5DTi1fuMPum3u6o/Qb+e+NttdyrT +eohpeu7nbHGRp37HbHzE982/6+C1fy+QWb4YyHJdTAlqXJ1cc7BTDMAI+vzWfLvM +1jmwUPJYc/Qr1ocr4aX8Tv5K84xulEdUxgZVnhYGL73fw3boKxnrSYHibdFTLNAY +LHdVCTGQc8DIeHmJwHMIlvAnBIwncPZvoXV2O0vBDoGFUY0lI2n/PLE/mHpfRN11 +dzH1Bt00H4GaUz94nKNddN7lesY0OZpsrZdEe5MbAq6bZl9ieC83ILzxigro5maN +C3rUFHyLLmvHNCtWhbWRmu4gAfg95yJuGIJSXHGk3IhMCdhLMx41 +-----END CERTIFICATE----- diff --git a/ca/ca.crt b/ca/ca.crt new file mode 100644 index 0000000..279f88a --- /dev/null +++ b/ca/ca.crt @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDhzCCAm+gAwIBAgIUCDx14n27QIkw70Uvg4zJQAXZvOcwDQYJKoZIhvcNAQEL +BQAwUzELMAkGA1UEBhMCUFQxEDAOBgNVBAgMB0NvaW1icmExEDAOBgNVBAcMB0Nv +aW1icmExCzAJBgNVBAoMAlVDMRMwEQYDVQQDDApDb2ltYnJhVlBOMB4XDTI2MDQy +MTE2NDk1MloXDTI3MDQyMTE2NDk1MlowUzELMAkGA1UEBhMCUFQxEDAOBgNVBAgM +B0NvaW1icmExEDAOBgNVBAcMB0NvaW1icmExCzAJBgNVBAoMAlVDMRMwEQYDVQQD +DApDb2ltYnJhVlBOMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Ssz +Rq3Gz8BQx5OEP/chMv3Y9xShkjW6YPXxP2Yn08MyDbBvPk1U2eI4MLtWiAgwqKFp +MhzbrCv+jstNdDd/3AK9k5VN06VjjGrboWQqX+W55Lb5CrT1CRifGbjL6A6CKbTh +fdY8jP9hh0w7SAvHkfUz0SbskpRPMeaKjj1gDme6ZT8jUNAYWHUxikTHdLGi0Rn5 +h6SXW+/rrQmt+iTsM3eeW61JyC0/SUCixdCeu/amwy/aLMUZ4ZxUYL1doSAFYrd1 +kn/1JJZt9VkRwPES7Tyst5bOGZmdfBVEyj+9V+GSzWFV+yNperLTmN/VBX+sm1NF +Szrtbv7z6tFCGETB3wIDAQABo1MwUTAdBgNVHQ4EFgQU6S8ApUJjtcgxe/5GRUkC +qFXfBMYwHwYDVR0jBBgwFoAU6S8ApUJjtcgxe/5GRUkCqFXfBMYwDwYDVR0TAQH/ +BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAiH/bb7EogzVMiXInLKk+O8SxegZZ +t+rXZRsRqVh/jc0JxEabuAi4yM4Ibdhsbsk7LlKwM7JTh/6kwgvQdUgFRUgV7jTu +HGwPLUhKd1+zfHVzPu/0uJKnY5B9jqzPk1Xp7/T66BEV+Wi3VlOSzwmiz5arj+tn +jAPhdyAmQuXV6MEXT1Oj231JUoDmzgThbvP2MLPmSUy3nRfEY3zaAEoYhu6idK18 +rRnY7ZdZabXaCZsFiMu10eW+iMx2grIeYWrGsqQoAOHI56TlVWUMHbIh1i7GgM/K +QvdpI8G7fh9k3BRePryN8+NN5T+cKOm9LCW0gW9rBjXnlaoqe0pfi2w9Jw== +-----END CERTIFICATE----- diff --git a/ca/ca.key b/ca/ca.key new file mode 100644 index 0000000..0404189 --- /dev/null +++ b/ca/ca.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDdKzNGrcbPwFDH +k4Q/9yEy/dj3FKGSNbpg9fE/ZifTwzINsG8+TVTZ4jgwu1aICDCooWkyHNusK/6O +y010N3/cAr2TlU3TpWOMatuhZCpf5bnktvkKtPUJGJ8ZuMvoDoIptOF91jyM/2GH +TDtIC8eR9TPRJuySlE8x5oqOPWAOZ7plPyNQ0BhYdTGKRMd0saLRGfmHpJdb7+ut +Ca36JOwzd55brUnILT9JQKLF0J679qbDL9osxRnhnFRgvV2hIAVit3WSf/Uklm31 +WRHA8RLtPKy3ls4ZmZ18FUTKP71X4ZLNYVX7I2l6stOY39UFf6ybU0VLOu1u/vPq +0UIYRMHfAgMBAAECggEAN4tg7lA4TPakkurGXPYovVCpS6w/w6OAslcyBlUWjYVJ +LczwsznipHG+4OY7niBIcCFRdQdwV/YYkS4XvqctkkiR6d2mVRAFRz+S9x5b0ge0 +vu8A7qJxo54uXtxdQWNbZzQJKXxDarm8eak4fiiPL2XgZJec9FcQ6JxYkc5yMEt/ +KoAn07ICAyHGqbjQ/DUMazZ/ocdMOBSYgkO3gT24IqiDxVvXUNNtVZeqWS6T6pMV +yoh3SvACW3eo+v/pzhfMVg99Nfua8faBcTappraqgq9nFMNJUtt9A5aSfVLGFhbO +nzyxd8ES/M4E4fFFnMO4yrcUhVXSGGQyvQLSd9goMQKBgQDwzF22apc4gvCqAbD+ +VRSpbi0DSsqfVO6czCZ+bfNRFl76IKXnpPHVhy+lW3/xrzHuw5SR9zqQluiG0MfZ +vENN6gHn2zyzYpEpMamOnUSoNuHeE58wVPweCSM0aH6wQb14NIsVLzhYY7b1gGH5 +RAJ9kUIgtvMMbK+O9nYvCPclWQKBgQDrIZftt9vd/xyiG3HCK6q2x+7sjxXh04Jl +Pzu4t53SylcFaaZNNReDMC/xYQfZ/3xHbQ3+elS3LwQtlMxFAoeJkw9fX66gOQv7 +Ru1LR6EDLkafOt1QPuL2jw7GbNcBuALWvC+RT8ZhHa/8RUi/xiJnMoJDEuImgAbl +ZQDS59Fh9wKBgGi/riB1W9UUeNarp6/rmPJfYCtndJ89FhOVZ0VmVQs4HRbX7vPG +uAC4LwzSseST3rfL0qxwjMRrMTm8RsO79tdE7ZFLuKscPKNb3DOSzFQUk8rEZGJl +BcuXE/5vWnUYE/DfgoUzpmIk9mjzcSs63456CvcqPq5v9SrOofiyALj5AoGASs/h +ey1os3WcMqfwxgsGwilTB8lu+O9HKde4tMkXWh4vGfXHiAFAfekzF+X7jY0QidlU +/ocFtVMsTSRu6fYoEcnMtlfHRAtimIy0q6Maw9xRdBBSolmf9TsHRHMU5eMaZCB0 +MhPj1rqPaADTaNEt2Q/lClpTwlQx3YMJhBFmOXkCgYBk4uIk4fLx04C4UW+5NTps +sJSWwtp3k9yR2v/ptNEbYxhDm7FaL8muyJbASBIRPZH/5CRVfz5hi3ZcuvYxPZxI +d26ENrgY11r2lSij7MdbRVteq6mWt0oxbtPa+fuH+GhfzLS/zlSxOs4+NFHDy/kj +UdzYAqHOYM4ZWcwwN5Lnbw== +-----END PRIVATE KEY----- diff --git a/ca/cheese.cfg b/ca/cheese.cfg new file mode 100644 index 0000000..4b3967a --- /dev/null +++ b/ca/cheese.cfg @@ -0,0 +1,11 @@ +[ ca ] +default_ca = CA_default +[ CA_default ] +default_days = 365 +database = index.txt +serial = serial +new_certs_dir = . +default_md = sha256 +policy = policy_any +[ policy_any ] +commonName = supplied diff --git a/ca/create_all_keys.sh b/ca/create_all_keys.sh new file mode 100755 index 0000000..4350306 --- /dev/null +++ b/ca/create_all_keys.sh @@ -0,0 +1,18 @@ +#!/bin/bash + +cert_ca="/C=PT/ST=Coimbra/L=Coimbra/O=UC/CN=CoimbraVPN" +cert_vpn="/C=PT/ST=Coimbra/L=Coimbra/O=UC/CN=gateway" +cert_user="/C=PT/ST=Coimbra/L=Coimbra/O=UC/CN=warrior" + +echo 1000 > serial + +[[ -e "ca.key" ]] || openssl genrsa -out "ca.key" 2048 +[[ -e "ca.crt" ]] || openssl req -x509 -nodes -days 365 -key "ca.key" -out "ca.crt" -subj "$cert_ca" +[[ -e "vpn.key" ]] || openssl genrsa -out "vpn.key" 2048 +[[ -e "vpn.csr" ]] || openssl req -new -key "vpn.key" -out "vpn.csr" -subj "$cert_vpn" +[[ -e "vpn.crt" ]] || openssl ca -batch -in "vpn.csr" -cert "ca.crt" -keyfile "ca.key" -out "vpn.crt" -config cheese.cfg +[[ -e "dh2048.pem" ]] || openssl dhparam -out "dh2048.pem" 2048 +[[ -e "ta.key" ]] || openvpn --genkey secret "ta.key" +[[ -e "user.key" ]] || openssl genrsa -out user.key +[[ -e "user.csr" ]] || openssl req -new -key user.key -out user.csr -subj "$cert_user" +[[ -e "user.crt" ]] || openssl ca -batch -in "user.csr" -cert "ca.crt" -keyfile "ca.key" -out "user.crt" -config cheese.cfg diff --git a/ca/dh2048.pem b/ca/dh2048.pem new file mode 100644 index 0000000..1e2e8ab --- /dev/null +++ b/ca/dh2048.pem @@ -0,0 +1,8 @@ +-----BEGIN DH PARAMETERS----- +MIIBDAKCAQEAk7rlEA49t+X418jo+PDdouhvha7o5+P4A78GOAirULGZh2sfCWWw +ha90YswleinXvJF/DYR7H6SebcXoXnaJeR4PbB8b9cXUE5a2Bw/bc+tJpSGkuPLF +jHVUqTWehqVvwCFk2ixxA5RAG0ItPemK33fGppc9wlS3MmAPRFwCutsSh4+r96dq +ywKorzgS6WfsTCDTXUqfAwXT1ijtxoscklgB6YuVGyKsiyZLOCCVpBPEVq535dso +0IUJwOdf8Z6eYwnT3COI7zSJkmy5J16s05t07GWslkFcdUyM91CvvfJz/Jd/lAYO +Ge3b6KnJv8YUlLAfzdhIHxlk+dDobJGzRwIBAgICAOE= +-----END DH PARAMETERS----- diff --git a/ca/index.txt b/ca/index.txt new file mode 100644 index 0000000..9a7de2f --- /dev/null +++ b/ca/index.txt @@ -0,0 +1,2 @@ +V 270421165747Z 1000 unknown /CN=gateway +V 270421165747Z 1001 unknown /CN=warrior diff --git a/ca/index.txt.attr b/ca/index.txt.attr new file mode 100644 index 0000000..8f7e63a --- /dev/null +++ b/ca/index.txt.attr @@ -0,0 +1 @@ +unique_subject = yes diff --git a/ca/index.txt.attr.old b/ca/index.txt.attr.old new file mode 100644 index 0000000..8f7e63a --- /dev/null +++ b/ca/index.txt.attr.old @@ -0,0 +1 @@ +unique_subject = yes diff --git a/ca/index.txt.old b/ca/index.txt.old new file mode 100644 index 0000000..e65c804 --- /dev/null +++ b/ca/index.txt.old @@ -0,0 +1 @@ +V 270421165747Z 1000 unknown /CN=gateway diff --git a/ca/serial b/ca/serial new file mode 100644 index 0000000..7d802a3 --- /dev/null +++ b/ca/serial @@ -0,0 +1 @@ +1002 diff --git a/ca/serial.old b/ca/serial.old new file mode 100644 index 0000000..dd11724 --- /dev/null +++ b/ca/serial.old @@ -0,0 +1 @@ +1001 diff --git a/ca/ta.key b/ca/ta.key new file mode 100644 index 0000000..6420f9c --- /dev/null +++ b/ca/ta.key @@ -0,0 +1,21 @@ +# +# 2048 bit OpenVPN static key +# +-----BEGIN OpenVPN Static key V1----- +0acce6a0da9c806f74ffc03625c84d3b +a6120bbfeac829548c5287058179aae4 +09a9738bc7e5d2d57a40cd34dcdfb816 +c52586fa80f959eb31bb5d8d996aaac3 +86fa565c11973811a316d7906cfd39a2 +a4f0f34d8dd53c91cc7a95888970bab5 +c9b39f8879dc2d9f142886a56dda120b +4ac2397f99a8584c03c5cf64cf96b8ba +8a22263975df4314d002f3d6c0e51a27 +92cc8354e43d9981c4e59c6a6798eecf +4052a8ef6d946007b27fb0ee29ab7da1 +7c0dcf85bfd5202f9b65b73212e2716c +d006a1daf0ab5db4c64f0496c08fbb72 +673605654483a44f78b622183346eeb2 +3f5ef0a6a02a33e3c1cf4703a9f449f6 +e8b317d45bc93c4e98a054d014d0f667 +-----END OpenVPN Static key V1----- diff --git a/ca/user.crt b/ca/user.crt new file mode 100644 index 0000000..e22516a --- /dev/null +++ b/ca/user.crt @@ -0,0 +1,74 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 4097 (0x1001) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=PT, ST=Coimbra, L=Coimbra, O=UC, CN=CoimbraVPN + Validity + Not Before: Apr 21 16:57:47 2026 GMT + Not After : Apr 21 16:57:47 2027 GMT + Subject: CN=warrior + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:9a:93:a0:1e:45:28:7b:b2:31:7c:06:99:40:ad: + 93:54:ba:14:87:17:f5:23:49:28:85:00:66:7d:94: + 83:79:b0:b9:d7:db:55:12:d0:90:f3:75:51:b8:8e: + 58:47:8c:61:04:23:a1:e4:49:91:b1:99:72:e7:09: + 24:ba:a1:5a:96:4e:b8:c3:c6:51:69:f7:de:15:97: + c4:1e:f2:ac:65:10:43:57:78:c4:0a:f8:9b:23:fa: + 0d:c7:b3:82:90:46:0c:51:48:a4:15:bf:43:92:2c: + b8:ab:ee:b6:8d:17:a4:37:80:45:fe:ab:a6:1c:9c: + cf:73:5f:cb:4d:3c:f7:63:9a:49:d9:96:73:d2:ad: + 0b:7d:ce:13:60:fd:c8:da:35:fd:18:e0:a6:ff:89: + ed:78:22:0f:b2:c8:eb:cb:dc:bd:d9:29:29:7d:e1: + 54:80:83:8b:f1:6b:82:56:2a:1f:18:d0:f8:a5:3c: + 84:79:ad:5b:cf:98:d0:a1:92:33:ca:5d:af:d3:1a: + 04:20:51:e9:0a:81:63:61:12:72:d9:58:3f:dc:a5: + d5:26:7c:a2:7c:fe:67:d2:74:1d:95:22:25:52:02: + 63:bd:0c:fc:10:1d:d6:77:67:5d:a4:48:3d:be:15: + 93:27:b0:17:0d:d5:8e:53:e6:92:3c:76:16:0b:c2: + f1:4b + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + E5:2F:47:65:47:CE:9E:F4:AC:B3:F8:5C:29:34:92:1E:A8:2C:50:86 + X509v3 Authority Key Identifier: + E9:2F:00:A5:42:63:B5:C8:31:7B:FE:46:45:49:02:A8:55:DF:04:C6 + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 73:66:cc:33:e4:34:e2:d5:fb:8c:3e:e9:b7:bb:aa:3f:41:bf: + 9e:f8:db:6d:77:2a:d3:7a:88:69:7a:ee:e7:6c:71:91:a7:7e: + c7:6c:7c:c4:f7:cd:bf:eb:e0:b5:7f:2f:90:59:be:18:c8:72: + 5d:4c:09:6a:5c:9d:5c:73:b0:53:0c:c0:08:fa:fc:d6:7c:bb: + cc:d6:39:b0:50:f2:58:73:f4:2b:d6:87:2b:e1:a5:fc:4e:fe: + 4a:f3:8c:6e:94:47:54:c6:06:55:9e:16:06:2f:bd:df:c3:76: + e8:2b:19:eb:49:81:e2:6d:d1:53:2c:d0:18:2c:77:55:09:31: + 90:73:c0:c8:78:79:89:c0:73:08:96:f0:27:04:8c:27:70:f6: + 6f:a1:75:76:3b:4b:c1:0e:81:85:51:8d:25:23:69:ff:3c:b1: + 3f:98:7a:5f:44:dd:75:77:31:f5:06:dd:34:1f:81:9a:53:3f: + 78:9c:a3:5d:74:de:e5:7a:c6:34:39:9a:6c:ad:97:44:7b:93: + 1b:02:ae:9b:66:5f:62:78:2f:37:20:bc:f1:8a:0a:e8:e6:66: + 8d:0b:7a:d4:14:7c:8b:2e:6b:c7:34:2b:56:85:b5:91:9a:ee: + 20:01:f8:3d:e7:22:6e:18:82:52:5c:71:a4:dc:88:4c:09:d8: + 4b:33:1e:35 +-----BEGIN CERTIFICATE----- +MIIDIzCCAgugAwIBAgICEAEwDQYJKoZIhvcNAQELBQAwUzELMAkGA1UEBhMCUFQx +EDAOBgNVBAgMB0NvaW1icmExEDAOBgNVBAcMB0NvaW1icmExCzAJBgNVBAoMAlVD +MRMwEQYDVQQDDApDb2ltYnJhVlBOMB4XDTI2MDQyMTE2NTc0N1oXDTI3MDQyMTE2 +NTc0N1owEjEQMA4GA1UEAwwHd2FycmlvcjCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAJqToB5FKHuyMXwGmUCtk1S6FIcX9SNJKIUAZn2Ug3mwudfbVRLQ +kPN1UbiOWEeMYQQjoeRJkbGZcucJJLqhWpZOuMPGUWn33hWXxB7yrGUQQ1d4xAr4 +myP6DcezgpBGDFFIpBW/Q5IsuKvuto0XpDeARf6rphycz3Nfy00892OaSdmWc9Kt +C33OE2D9yNo1/Rjgpv+J7XgiD7LI68vcvdkpKX3hVICDi/FrglYqHxjQ+KU8hHmt +W8+Y0KGSM8pdr9MaBCBR6QqBY2ESctlYP9yl1SZ8onz+Z9J0HZUiJVICY70M/BAd +1ndnXaRIPb4VkyewFw3VjlPmkjx2FgvC8UsCAwEAAaNCMEAwHQYDVR0OBBYEFOUv +R2VHzp70rLP4XCk0kh6oLFCGMB8GA1UdIwQYMBaAFOkvAKVCY7XIMXv+RkVJAqhV +3wTGMA0GCSqGSIb3DQEBCwUAA4IBAQBzZswz5DTi1fuMPum3u6o/Qb+e+NttdyrT +eohpeu7nbHGRp37HbHzE982/6+C1fy+QWb4YyHJdTAlqXJ1cc7BTDMAI+vzWfLvM +1jmwUPJYc/Qr1ocr4aX8Tv5K84xulEdUxgZVnhYGL73fw3boKxnrSYHibdFTLNAY +LHdVCTGQc8DIeHmJwHMIlvAnBIwncPZvoXV2O0vBDoGFUY0lI2n/PLE/mHpfRN11 +dzH1Bt00H4GaUz94nKNddN7lesY0OZpsrZdEe5MbAq6bZl9ieC83ILzxigro5maN +C3rUFHyLLmvHNCtWhbWRmu4gAfg95yJuGIJSXHGk3IhMCdhLMx41 +-----END CERTIFICATE----- diff --git a/ca/user.csr b/ca/user.csr new file mode 100644 index 0000000..b86c638 --- /dev/null +++ b/ca/user.csr @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIClTCCAX0CAQAwUDELMAkGA1UEBhMCUFQxEDAOBgNVBAgMB0NvaW1icmExEDAO +BgNVBAcMB0NvaW1icmExCzAJBgNVBAoMAlVDMRAwDgYDVQQDDAd3YXJyaW9yMIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpOgHkUoe7IxfAaZQK2TVLoU +hxf1I0kohQBmfZSDebC519tVEtCQ83VRuI5YR4xhBCOh5EmRsZly5wkkuqFalk64 +w8ZRaffeFZfEHvKsZRBDV3jECvibI/oNx7OCkEYMUUikFb9Dkiy4q+62jRekN4BF +/qumHJzPc1/LTTz3Y5pJ2ZZz0q0Lfc4TYP3I2jX9GOCm/4nteCIPssjry9y92Skp +feFUgIOL8WuCViofGND4pTyEea1bz5jQoZIzyl2v0xoEIFHpCoFjYRJy2Vg/3KXV +JnyifP5n0nQdlSIlUgJjvQz8EB3Wd2ddpEg9vhWTJ7AXDdWOU+aSPHYWC8LxSwID +AQABoAAwDQYJKoZIhvcNAQELBQADggEBAEiTCmeFqewPqLHD9IMLAvgNQhjXjZuJ +adghY9U7BozVu4oYJbMrfdpduZDXt33eVXhr6rCvdx+PB2WAMHcUaOQLx857FCpX +KeFSrXwcDICViGgQArFAR6fVrMqc5363kRx4o96q6ojUGvDup8w6BnSeAaswXsjg +2rz9a4iAXE/DYKCeNUWblQyDhTpDEyedoTxFFnWNuPR8RDwfH1sahOj/hxgiTRfy +JRm7p9BuGNWaik5WpCZAxe1be07W/nmYzZnzTx/vMfznKy2jmLSdYtEQPlGW8fwb +oZreM9grmJK39YDGTyih/EoBx+hRR0VelBrkj/HdxNK4eJMV8eGdbGU= +-----END CERTIFICATE REQUEST----- diff --git a/ca/user.key b/ca/user.key new file mode 100644 index 0000000..7dea51d --- /dev/null +++ b/ca/user.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCak6AeRSh7sjF8 +BplArZNUuhSHF/UjSSiFAGZ9lIN5sLnX21US0JDzdVG4jlhHjGEEI6HkSZGxmXLn +CSS6oVqWTrjDxlFp994Vl8Qe8qxlEENXeMQK+Jsj+g3Hs4KQRgxRSKQVv0OSLLir +7raNF6Q3gEX+q6YcnM9zX8tNPPdjmknZlnPSrQt9zhNg/cjaNf0Y4Kb/ie14Ig+y +yOvL3L3ZKSl94VSAg4vxa4JWKh8Y0PilPIR5rVvPmNChkjPKXa/TGgQgUekKgWNh +EnLZWD/cpdUmfKJ8/mfSdB2VIiVSAmO9DPwQHdZ3Z12kSD2+FZMnsBcN1Y5T5pI8 +dhYLwvFLAgMBAAECggEAEerPsgKJLUFb7AjlxbH49Ga3T2tu/j6SJEyGFMNctAPQ +nt0tEMe9LYMpTE+vmueCLVUmBEykxyXGxFHygHGIiwin8QVxVWumQfF8CaxOYE6Q +x7hXXQAxF2v6Ie5EUY3VCqz1XBH19qEZbNB4N4WIguhq9JiX4hQpFbICYjsRX+mJ +w331t1a1sjcamH2GZLM6fxx3iQ4hOG/2q1ItiYO1pX3BjnGRwQV7KwRnSQhJjkAk +UFrsCIRfyVD/6leai+hp0dkjW+xMA8ISAoicYCIkYPkm4dSuOMqI0NYtRwNwInpx +0c7Y0OM70UxFB6mEepQjwogbC84jmf3HJXZm15SEWQKBgQDPGitXWoav/Ur1x+Z5 +l/G027HH1zzZa+ZGcOoXrnYxZqBt2G4gPTnGzkyyjbG/7ZRH67ZwvsWSlg/nw/kc +whxF4nxKRfGh+FrOFshHjWc1NF4vGKhwUf6qwiHA67zAeTJlFuu5323CiisQewXw +fOiVr4uUICdldbrPC7NuhWAIGQKBgQC/EqqCnri/dTrAdzOwTnZAk+TLdY1Z7AKp +WdYJqECDV3n83Yn6f5pOWH+R+t2en8w7btIBnlkXVZSHOdmyM8ezF9xiNv6Z3olm +CieyhoLX1ZI/dK2olvsrKkVQ+nQZT9IGBUrXABMDaas62QBhXr5GbGcdyB2f6GLS +vBttEsjBAwKBgDLDd1wyFFGPBJC6LwQe+mAaeblCSOgCSq95fefQG6iAP1KtelDs +sPzKFIKvuKIS2gXHATEhkcwcfEmS/7zM16FJoq2R92h8N8XMT8s6HdIsw+lHYgIm +FwZED4H6RonnKzMcKyukWIMW2vdvMEWCWIBYRx5Hw2BbOy8E7zZn+uIBAoGBAJpM +vJ2XB6K1TKi4mmk6M4ya4hzb5TZEvTF9drd9w/tM3Roy3YYJHdc+6GY+rFG4wfkM +2VKtSUzqs3MwaHjcD9y03CgEOT6Q02wvrzcgIPGjauMLmmGW62ZEUI3Ac5ktOHHc +PD+7s58B6mEvdHstQ4Mjb3JBdIr54zRC6/L9RFl5AoGAUqXySFS3Acrnq2C6W2BK +7LzsvqihjhUJ9jgmTkJiexqYA7T93DDKBrfaZGuRU2YMffcFcNpgFuw2GIZaaHhN +qMcfxBP1Bllt/KE1B0uohYHqVoSEqKcciAnjnOv506Xy5pf0QgwfD7qUPD4hp57U +yzr1Zo9yl9e8RyqhBrHM9BU= +-----END PRIVATE KEY----- diff --git a/ca/vpn.crt b/ca/vpn.crt new file mode 100644 index 0000000..9c5773e --- /dev/null +++ b/ca/vpn.crt @@ -0,0 +1,74 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 4096 (0x1000) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=PT, ST=Coimbra, L=Coimbra, O=UC, CN=CoimbraVPN + Validity + Not Before: Apr 21 16:57:47 2026 GMT + Not After : Apr 21 16:57:47 2027 GMT + Subject: CN=gateway + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:ad:da:52:8d:65:c2:8d:68:5a:32:e2:f3:7e:7e: + cd:13:9e:fc:51:72:f1:80:4c:61:fb:38:b4:87:9a: + 57:92:27:5b:ff:86:1f:95:f6:4b:ec:7c:7e:2f:b9: + 37:36:17:18:b2:db:16:0c:91:f2:d5:f5:4d:49:e8: + 3b:b8:0a:1f:8f:e9:f6:16:7a:15:22:7a:4c:f3:6d: + c2:b1:76:f2:2a:81:4e:56:a6:01:16:16:b5:e5:68: + 74:3b:15:35:f2:88:78:e6:f9:7b:1e:5c:d4:b3:f6: + d1:43:13:1d:8e:82:90:38:2d:43:88:7c:35:cc:c1: + 7c:6d:8e:ed:21:5a:9a:31:0e:5f:3d:dc:7c:5e:46: + 1d:f0:46:41:86:70:48:a2:a9:62:4d:ba:14:d3:5b: + 67:25:bf:d9:46:e6:d7:59:26:99:e2:e0:25:16:a0: + 1b:cd:d1:81:ca:75:d7:d6:bd:c5:7b:25:4b:e9:58: + d2:22:f6:b1:bb:b2:5e:7d:67:9f:fd:1d:44:b4:b5: + d2:b6:ca:9e:e7:53:81:a0:4b:bf:b6:0a:61:e6:ba: + a0:e2:0a:a4:bb:21:16:90:36:c7:95:96:ae:9b:23: + e0:06:47:36:24:0b:ec:23:3d:e0:8c:42:b8:aa:9e: + 38:92:18:d7:6f:19:42:76:fd:0f:42:75:46:e6:86: + e6:75 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 9F:68:08:83:F5:DC:C3:11:2B:69:5D:A4:81:EF:DE:7B:7D:6E:AE:3A + X509v3 Authority Key Identifier: + E9:2F:00:A5:42:63:B5:C8:31:7B:FE:46:45:49:02:A8:55:DF:04:C6 + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 13:0b:5e:3c:0c:dd:e8:e1:04:12:bb:c6:98:e1:52:72:12:b4: + 8f:46:f0:5a:48:b6:f1:69:d3:65:e5:1e:ef:ed:03:fe:9f:ee: + 0f:bc:72:ad:cd:52:b5:18:ca:9c:c0:1c:f1:48:80:64:b6:90: + 33:12:fb:18:4b:e1:a7:c9:0b:1e:16:e5:72:4a:e1:f9:b6:e3: + 5d:b9:06:2d:ed:cc:d7:ee:7d:8c:22:99:69:46:d3:88:64:19: + 1e:3f:02:b7:37:2a:99:6b:ba:07:77:e8:f0:e5:50:41:51:94: + 6e:87:d9:71:5c:47:ef:a9:2a:b5:cf:86:2a:98:a5:c9:bd:01: + 04:f6:81:d3:81:d2:40:c6:83:29:42:2f:ad:d8:4c:ac:6c:df: + 89:93:8c:bb:48:cb:dc:62:a4:55:ed:f7:c9:b6:01:41:48:20: + dd:9f:5f:fa:55:8b:d6:f4:0e:ee:00:63:53:11:19:5a:77:47: + 0e:ec:4b:8d:08:8d:e2:51:3a:d6:97:ee:16:4c:0d:b3:ac:42: + e2:21:18:dd:c0:41:db:95:88:dd:18:cd:61:df:f3:c5:b0:12: + c4:4a:55:75:63:a4:69:44:38:2e:2e:3c:cf:51:6f:b8:36:25: + 24:d2:56:4f:eb:a0:50:93:73:2e:a9:ed:a4:92:41:3b:73:20: + 3f:57:e7:b2 +-----BEGIN CERTIFICATE----- +MIIDIzCCAgugAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwUzELMAkGA1UEBhMCUFQx +EDAOBgNVBAgMB0NvaW1icmExEDAOBgNVBAcMB0NvaW1icmExCzAJBgNVBAoMAlVD +MRMwEQYDVQQDDApDb2ltYnJhVlBOMB4XDTI2MDQyMTE2NTc0N1oXDTI3MDQyMTE2 +NTc0N1owEjEQMA4GA1UEAwwHZ2F0ZXdheTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAK3aUo1lwo1oWjLi835+zROe/FFy8YBMYfs4tIeaV5InW/+GH5X2 +S+x8fi+5NzYXGLLbFgyR8tX1TUnoO7gKH4/p9hZ6FSJ6TPNtwrF28iqBTlamARYW +teVodDsVNfKIeOb5ex5c1LP20UMTHY6CkDgtQ4h8NczBfG2O7SFamjEOXz3cfF5G +HfBGQYZwSKKpYk26FNNbZyW/2Ubm11kmmeLgJRagG83Rgcp119a9xXslS+lY0iL2 +sbuyXn1nn/0dRLS10rbKnudTgaBLv7YKYea6oOIKpLshFpA2x5WWrpsj4AZHNiQL +7CM94IxCuKqeOJIY128ZQnb9D0J1RuaG5nUCAwEAAaNCMEAwHQYDVR0OBBYEFJ9o +CIP13MMRK2ldpIHv3nt9bq46MB8GA1UdIwQYMBaAFOkvAKVCY7XIMXv+RkVJAqhV +3wTGMA0GCSqGSIb3DQEBCwUAA4IBAQATC148DN3o4QQSu8aY4VJyErSPRvBaSLbx +adNl5R7v7QP+n+4PvHKtzVK1GMqcwBzxSIBktpAzEvsYS+GnyQseFuVySuH5tuNd +uQYt7czX7n2MIplpRtOIZBkePwK3NyqZa7oHd+jw5VBBUZRuh9lxXEfvqSq1z4Yq +mKXJvQEE9oHTgdJAxoMpQi+t2EysbN+Jk4y7SMvcYqRV7ffJtgFBSCDdn1/6VYvW +9A7uAGNTERlad0cO7EuNCI3iUTrWl+4WTA2zrELiIRjdwEHblYjdGM1h3/PFsBLE +SlV1Y6RpRDguLjzPUW+4NiUk0lZP66BQk3Muqe2kkkE7cyA/V+ey +-----END CERTIFICATE----- diff --git a/ca/vpn.csr b/ca/vpn.csr new file mode 100644 index 0000000..e0dd728 --- /dev/null +++ b/ca/vpn.csr @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIClTCCAX0CAQAwUDELMAkGA1UEBhMCUFQxEDAOBgNVBAgMB0NvaW1icmExEDAO +BgNVBAcMB0NvaW1icmExCzAJBgNVBAoMAlVDMRAwDgYDVQQDDAdnYXRld2F5MIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdpSjWXCjWhaMuLzfn7NE578 +UXLxgExh+zi0h5pXkidb/4YflfZL7Hx+L7k3NhcYstsWDJHy1fVNSeg7uAofj+n2 +FnoVInpM823CsXbyKoFOVqYBFha15Wh0OxU18oh45vl7HlzUs/bRQxMdjoKQOC1D +iHw1zMF8bY7tIVqaMQ5fPdx8XkYd8EZBhnBIoqliTboU01tnJb/ZRubXWSaZ4uAl +FqAbzdGBynXX1r3FeyVL6VjSIvaxu7JefWef/R1EtLXStsqe51OBoEu/tgph5rqg +4gqkuyEWkDbHlZaumyPgBkc2JAvsIz3gjEK4qp44khjXbxlCdv0PQnVG5obmdQID +AQABoAAwDQYJKoZIhvcNAQELBQADggEBAGk0ZlKtKypPFXkJo9uAtLj6WZ/Q5FAR +HGWGxbJgUNSC760/D4b9Ul0kKY6Pu6aI20+Ugst8jEv4rmuC93p3w9QEAmnHmwZs +5zLKGzrRr8/MeCJMi4bptB0WOr/37F2sDseI9LEjKFQ5XQeU8lrozcCk4ekNc8HD +gyQVXudA1aGPUDAZWaT+10SYSENjF5aRZjDpNti6pLgAFj2wIccWbrR3k9xHZF68 +SXVifN+bmEXc4yKyrZ+sIi1B327qDz2r8VdS8+YSx8EyBO5D9JPM9oiQbJ/9/ifn ++6YTaZj6zsyJbZDRZwkp/kmsz/Klccz9SeNLyJ9vUP6CHqcqxyGg6bk= +-----END CERTIFICATE REQUEST----- diff --git a/ca/vpn.key b/ca/vpn.key new file mode 100644 index 0000000..8a4438c --- /dev/null +++ b/ca/vpn.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCt2lKNZcKNaFoy +4vN+fs0TnvxRcvGATGH7OLSHmleSJ1v/hh+V9kvsfH4vuTc2Fxiy2xYMkfLV9U1J +6Du4Ch+P6fYWehUiekzzbcKxdvIqgU5WpgEWFrXlaHQ7FTXyiHjm+XseXNSz9tFD +Ex2OgpA4LUOIfDXMwXxtju0hWpoxDl893HxeRh3wRkGGcEiiqWJNuhTTW2clv9lG +5tdZJpni4CUWoBvN0YHKddfWvcV7JUvpWNIi9rG7sl59Z5/9HUS0tdK2yp7nU4Gg +S7+2CmHmuqDiCqS7IRaQNseVlq6bI+AGRzYkC+wjPeCMQriqnjiSGNdvGUJ2/Q9C +dUbmhuZ1AgMBAAECggEAAKgBSkWRUR9D1C/YxtFbypvZNcWksxhkbwJOQQLuv59i +V457zq7c3ktGJ/SbEZIYiPNzROSqAWZm54nEkMzksmSzKoHE+JVP0dZssma6y6bH +zppJCNX9d9yenbQNQjBexC5xRMlk/pXrQTxi2BHWvyyvI4rvolczo908E/6MGPXN +lebDIWLGFRzvuJAYw/4tv2o7qsb4U4aSYzhqRRe6+pkeQnPgbAMISfEB+AEi0q1Y +4g3OutUlnmdICYg31ZybmQ5jMJ9v/EaIkyKjdXw6qOB7aecrKBj9DSiTGZmmyB/U +3H+RfRofQP/A6W8UaV2FWP57JWu9a6isy/ap/vqoaQKBgQDXdVI0733kPW7rhgbx ++OfKV5HajasxBOH6g1L/o6NDddIhOUdhz3pbOwU4huq37Ojp2TgYIRM/+eLCT4y4 +IRpDIIJpAACrkNeR9JvpkOzOWN/MbPEOKFkYyUz20nND8p+GtoibFO6HRwG/p5ru +1rCrVZOwNFj8hkttpzjyNBNsfQKBgQDOkNsbj0FnFn6EA3uWgXT95wZTwwPPwyz5 +QVxq3PIY2TzgM69C7FDaPA3bDve1PME3s6+28Vkzw+jzLwg99csh23gCQt8NPvXA +yFRYQLZkB165TVwyVGVPaQ93OEDFi5xGWA8JiBIflrYatlH8luh9cLuOcMn44QlD +0H59DbkbWQKBgQCrBfh0BmpiopUKJQAcUFwFFE+1MODjbyHFTTqzqvusT7i1IJdV +v3A7PHUfcpCb4FTdUswg8xgpnzvsy2JCwhvrjsGVgSgHB1jmBUlBNAWUoZ070nnh +qAtZDmimP1S5abxRHVD/8LSJ8sYjkHH+BbKEvdAWfObpw9vZtXQRZV7JrQKBgB+q +x1xXPuCN60FTw1uUZxoRk7+9ktUEB94CbieXzamPjCyW39RzpAWA1WLyzXjEYp6m +dlamc1VjQFAfsrTE/KopGiHGnKlMMKKoU33gFdYJ5zSjLnIszAc7hPpy7kManw+N +qmh8qsKa+TnpH3KItAWfBbHVirET1rbFvM5xDyKpAoGACI1lpHa565PERYlopV6U +9s7UeSNVwEq0mddzrJT+1YGB1yEKfWOAUzBeq8j1jpL6n3Zl/n33JyWiy6A4V/qH +hQsjxX96jO8fhxOJlx9wiwv/NF4iYoD5f9XYkQw0me8u65rDzPzEoDtngSk7b6xq +xyJenIzC39NgPpZySK4Aewo= +-----END PRIVATE KEY----- diff --git a/client.conf b/client.conf index 2f40a2a..4853b00 100644 --- a/client.conf +++ b/client.conf @@ -1,11 +1,25 @@ client dev tun proto udp -remote 10.60.0.3 1194 +remote 10.60.0.3 1194 # ip da vpn gateway persist-tun persist-key + +# certificados ca ca.crt cert user.crt key user.key +# criamos key +# crismos csr resquest +# -> gateway +# el certificado +# -> user + +# 2FA +auth-user-pass +cipher AES-256-GCM +auth SHA256 + +tls-auth ta.key 1 key-direction 1 diff --git a/dh2048.pem b/dh2048.pem new file mode 100644 index 0000000..9063e44 --- /dev/null +++ b/dh2048.pem @@ -0,0 +1,8 @@ +-----BEGIN DH PARAMETERS----- +MIIBDAKCAQEA3nwUY/Bv8Vb0b6iqb2AKull2IL1MJHn8P40f/mdcAZjB+6BTLL9s +jblzZJaEooE5+WjfaAWghjbEqzYt99/eQA0nDWm3yqlvekNmXjR5TzFS/qV/zbIw +PoXmOSDr39HK7Z2DQz5aVP5j48b+rPAwwAVdkEmnUL49ef0NewYkOYhn9LTBqny+ +l3fDXy1FIE/KJNP/3pV9tHdccxNHDklyW8xRSAKHvYfKeQBm6ZxhB8Wekg3uyUfW +ab81VdZrYY9wTpnOARcZzKt63gNbd+N9er+a4IJ5btA0vn4IODeT1gS9/WUZUbuW +MdQ2Mwkc8O6a/z3cbacXvnyWf/raidN5rwIBAgICAOE= +-----END DH PARAMETERS----- diff --git a/relatorio/relatorio.log b/relatorio/relatorio.log index b45e341..277e452 100644 --- a/relatorio/relatorio.log +++ b/relatorio/relatorio.log @@ -1,9 +1,9 @@ -This is pdfTeX, Version 3.141592653-2.6-1.40.29 (TeX Live 2026/Arch Linux) (preloaded format=pdflatex 2026.4.13) 19 APR 2026 21:36 +This is pdfTeX, Version 3.141592653-2.6-1.40.29 (TeX Live 2026/Arch Linux) (preloaded format=pdflatex 2026.4.13) 21 APR 2026 14:33 entering extended mode \write18 enabled. %&-line parsing enabled. -**/home/raw/uni/fsi/trabalho/relatorio -(/home/raw/uni/fsi/trabalho/relatorio.tex +**/home/raw/uni/fsi/trabalho/relatorio/relatorio +(/home/raw/uni/fsi/trabalho/relatorio/relatorio.tex LaTeX2e <2025-11-01> L3 programming layer <2026-01-19> (/usr/share/texmf-dist/tex/latex/base/article.cls @@ -135,55 +135,55 @@ Package: listings 2025/11/14 1.11b (Carsten Heinz) 2025/11/14 1.11b (Carsten Heinz) so I'm assuming it got fixed. LaTeX Font Info: Trying to load font information for OT1+EBGaramond-LF on in -put line 28. +put line 33. (/usr/share/texmf-dist/tex/latex/ebgaramond/OT1EBGaramond-LF.fd File: OT1EBGaramond-LF.fd 2023/03/19 (autoinst) Font definitions for OT1/EBGara mond-LF. ) LaTeX Font Info: Font shape `OT1/EBGaramond-LF/m/n' will be -(Font) scaled to size 12.0pt on input line 28. +(Font) scaled to size 12.0pt on input line 33. (/usr/share/texmf-dist/tex/latex/l3backend/l3backend-pdftex.def File: l3backend-pdftex.def 2025-10-09 L3 backend support: PDF output (pdfTeX) \l__color_backend_stack_int=\count294 ) -(/home/raw/uni/fsi/trabalho/relatorio.aux +(/home/raw/uni/fsi/trabalho/relatorio/relatorio.aux Package babel Info: 'portuguese' activates 'portuges' shorthands. (babel) Reported on input line 5. ) \openout1 = `relatorio.aux'. -LaTeX Font Info: Checking defaults for OML/cmm/m/it on input line 28. -LaTeX Font Info: ... okay on input line 28. -LaTeX Font Info: Checking defaults for OMS/cmsy/m/n on input line 28. -LaTeX Font Info: ... okay on input line 28. -LaTeX Font Info: Checking defaults for OT1/cmr/m/n on input line 28. -LaTeX Font Info: ... okay on input line 28. -LaTeX Font Info: Checking defaults for T1/cmr/m/n on input line 28. -LaTeX Font Info: ... okay on input line 28. -LaTeX Font Info: Checking defaults for TS1/cmr/m/n on input line 28. -LaTeX Font Info: ... okay on input line 28. -LaTeX Font Info: Checking defaults for OMX/cmex/m/n on input line 28. -LaTeX Font Info: ... okay on input line 28. -LaTeX Font Info: Checking defaults for U/cmr/m/n on input line 28. -LaTeX Font Info: ... okay on input line 28. +LaTeX Font Info: Checking defaults for OML/cmm/m/it on input line 33. +LaTeX Font Info: ... okay on input line 33. +LaTeX Font Info: Checking defaults for OMS/cmsy/m/n on input line 33. +LaTeX Font Info: ... okay on input line 33. +LaTeX Font Info: Checking defaults for OT1/cmr/m/n on input line 33. +LaTeX Font Info: ... okay on input line 33. +LaTeX Font Info: Checking defaults for T1/cmr/m/n on input line 33. +LaTeX Font Info: ... okay on input line 33. +LaTeX Font Info: Checking defaults for TS1/cmr/m/n on input line 33. +LaTeX Font Info: ... okay on input line 33. +LaTeX Font Info: Checking defaults for OMX/cmex/m/n on input line 33. +LaTeX Font Info: ... okay on input line 33. +LaTeX Font Info: Checking defaults for U/cmr/m/n on input line 33. +LaTeX Font Info: ... okay on input line 33. \c@mv@tabular=\count295 \c@mv@boldtabular=\count296 \c@lstlisting=\count297 LaTeX Font Info: Font shape `OT1/EBGaramond-LF/m/n' will be -(Font) scaled to size 20.74pt on input line 29. +(Font) scaled to size 20.74pt on input line 34. LaTeX Font Info: Font shape `OT1/EBGaramond-LF/m/n' will be -(Font) scaled to size 14.4pt on input line 29. +(Font) scaled to size 14.4pt on input line 34. LaTeX Font Info: External font `cmex10' loaded for size -(Font) <14.4> on input line 29. +(Font) <14.4> on input line 34. LaTeX Font Info: External font `cmex10' loaded for size -(Font) <7> on input line 29. +(Font) <7> on input line 34. LaTeX Font Info: Font shape `OT1/EBGaramond-LF/m/n' will be -(Font) scaled to size 17.28pt on input line 30. +(Font) scaled to size 17.28pt on input line 35. LaTeX Font Info: Font shape `OT1/EBGaramond-LF/b/n' will be -(Font) scaled to size 17.28pt on input line 30. +(Font) scaled to size 17.28pt on input line 35. -(/home/raw/uni/fsi/trabalho/relatorio.toc +(/home/raw/uni/fsi/trabalho/relatorio/relatorio.toc LaTeX Font Info: Font shape `OT1/EBGaramond-LF/b/n' will be (Font) scaled to size 12.0pt on input line 2. ) @@ -201,27 +201,27 @@ File: lstlang1.sty 2025/11/14 1.11b listings language file File: lstlang1.sty 2025/11/14 1.11b listings language file ) LaTeX Font Info: Font shape `OT1/EBGaramond-LF/m/n' will be -(Font) scaled to size 10.0pt on input line 37. +(Font) scaled to size 10.0pt on input line 44. [2] -(/home/raw/uni/fsi/trabalho/relatorio.aux) +(/home/raw/uni/fsi/trabalho/relatorio/relatorio.aux) *********** LaTeX2e <2025-11-01> L3 programming layer <2026-01-19> *********** ) Here is how much of TeX's memory you used: - 4333 strings out of 469495 - 71923 string characters out of 5470098 - 655827 words of memory out of 5000000 - 32986 multiletter control sequences out of 15000+600000 + 4339 strings out of 469495 + 72086 string characters out of 5470098 + 672829 words of memory out of 5000000 + 32992 multiletter control sequences out of 15000+600000 638248 words of font info for 53 fonts, out of 8000000 for 9000 16 hyphenation exceptions out of 8191 - 62i,7n,99p,213b,1276s stack positions out of 10000i,1000n,20000p,200000b,200000s + 62i,7n,99p,223b,1274s stack positions out of 10000i,1000n,20000p,200000b,200000s -Output written on /home/raw/uni/fsi/trabalho/relatorio.pdf (2 pages, 44498 byte -s). +Output written on /home/raw/uni/fsi/trabalho/relatorio/relatorio.pdf (2 pages, +48079 bytes). PDF statistics: 27 PDF objects out of 1000 (max. 8388607) 16 compressed objects within 1 object stream diff --git a/relatorio/relatorio.pdf b/relatorio/relatorio.pdf index e2d51ef35c10f95bb099c33765301c0e00982c43..3ff1509fbb6f522771e3b042e2bb9bad32423db4 100644 GIT binary patch delta 33053 zcmV($K;ysC+XBz`0+3LDyH3O~5bWiXFf=iA!D_+nTZa9=3$0_LdxWOg^aAmT9KA3ecOE~ahqm!QjCIK{)p`9y# z#Zygh93c$7@2{XYI6!R!16&)mQhJ_SlEY?p+pfBuiRPnHFZt~;o@A3qX%w}U%HbJ| zF@A>kq20Xy6pF&+2xCy~7llAB=b#dx1I()3sSAz9A^_;~-e9BW(IDwzXR=tZSZ^6Yv)tolA z!#f`9E+3NVrqp`#_cHg#!K>sup_5R*f9m9`xK@jpfyFSd5JJnuXX{f2C z+w4;2{M?n|{X+*Nj=4R?U0AMC55_Xy2<`=YM%0tcS3DYrs3jJ=sVW!v1)gEUAn$2+-r-E9G6M7=ZhmqqS*L5#l|O!l}(J~8lS6hgKGev ze74QUc5?@siUT;aXdEUwr$(?+}AyC&@(IlWJG+3h}^l>CM8r*rWG`?H!>Bo zw{xLoq+{SB5ET+PbTYKHw=?roT05L z0lmDIiiWy8_5X)uVruqpproCdJ%7RfN=+J9s)-np?OKFflN)6R232{?i}9e_IhKIN4j7{-Y}B>SAH<|*F$^O7!xHkQVMcIGyw z1PuR9soI&CI@ws-nJU;jTe|$$zGxYlSpTD@Vqs})ZD;E2Ou+hYn(067|KFCPcECjTtteHdeEvWt_wwW+$LiHpVmsVF35??K>A%f!h*K+DX;Lcqkzz(Bys!Rq^e(~Vu7 zoJ{Rp{&iyh8RfrYGs}PWVruGPY7Di$VsFeHVwLeH)1?kQcVtRLqkp3tbk!7neL()2 z(E1zeG(QX8PHo#vBsEHaw|gVlkVx|>C&lZ;nLp~y}f@)T(; z$kiDyV?1pn1?-3~r{{YW4J!n1-x*{n74V*yYjL&?Hs1lRn%HCz6XHHPmreNMTv33q znf@#80(d?ZP?zDb6Mt#IsX!%FKcZ-BPE?p?(~>o<<9Wa5gEp&w8fJ3vQYc8cGEJP{ z_IB}vXjOEAMAFqoWmktY3q+`ZYNYe#<{`%R>7taK02!%-e6OD`-aJ{HpjRl(V=1BC zQ9q^~hUL_PTtPq~iL~zld|I(dprn3VXczMCDYx55KZ9o@TYp^jz^Kp25nF)tuZ9zb zW69}0ZSJP3d&vXs5|MUSg$_w2l%pmS=|O_KuIEhmn_=Skv#3Ie$uN~zoM+)2O+nSE z2kWu|pvcv5PaTB~N7eBTj-7YBgo&wOXLZFuH`btd0#R1*y1-f_72?wVi~M2`q}V0x9(Yh!v7n);H>@p!1gpEx8}&}o7o?;6MRPJueU z#!5>d?U|p~m!Wp1CP%G0;E(#!pC?Z#t%@_Mu6Mhni%9Ex(q_ zMcXA6iNu&Eo>}}tTank+*h?z$Dpp6{uSExJ8`PfNjx~i(<}=^{1qCZ@>}2sB_(^|P z?_J!QB&iSqF!dO^xp8#-^nv{16xe zBy;w87YrNnd&+)IoY_RRZ$peQKF-Gslu+tnT%x7LUw`|cwq#R(oN{u~ z5Iepae<7bI4cFiV-I5H|(NS(5Rc%1ry1q@?LuVwbH8jIll^zo_GpDU%mlhGP{<0;G z`)xWw=&Y*{#-fv*MW5bMa$2xXZEU(aU4L12DNERCv(G*!UJMpk1U&u-D&O?86N4Lv z|CPe##RgldQL_>nL8NH|{B}9k+onV2gSK$s|M05qoRgOzP80Q@=gDKc<%2?en{O=W z{Sr>$1J9Gg;|rW_fef&0_vo6%N4>@>>AuJrTG5*jqUy2$Xb-@1fbu5vbxWHh6n_(e zL850ZBb}kMx|cLcn|0r*DgMwe-EhRn3Dq2C!68FSyRm{*x?W?lgBk;J>$H<-dxCMn zluMbYB7YV|yiq=+HR>Rkrb48_Vb*Gqc**HkOIlrUD-`8Dr<>#VUBnLn96y%s6{5*& zCH}^V(fw)6H6UUQD-^86fg#aT&wmyiFd|ifM2alYt5I3@szfWq z{OUN67{#>Wy<)$JByG9dV~rl8{ahpT-AZJuse#Q2F^tTv<_yi#Mq^AT zVwTBDv-io{PaE2R0f$Yt-hXvEVg}<_4t}*m@fZ+Nu>&@6WO|Z*)1@hIEcsQIjkUKY ze|fdNZ&*XB>HZT||JJ;a#lqVi#$;pnxle5-QQMWzV*x;`v-@!GaX>6bl-arl(pNX8 z^G&$8oP|?HaoC(YiAyf%=1t@0O0}f`EU6-`vxs{X^=<@e6$#`8c7Kj!vPx0PY%uv! zQqFdI~W1tn|{2lo5nTNqvU6Em& z@wd9BPA&HS&Z2%N2HLX77%>Rfhgh$ed|@3bMgbd?6k=uMrJpM5+|glcy3Od~mrGLj zyr{L(zqQliR~ydiE`McLyR|``pT_%xxoEw^)`pb)(gVk|T$W_i{A4N(3AnehcH7c( ziuTYWiT$lpvvf+QIy3B>)FA!rdZJ-j-ep)NjU7PdtFt57xR@U_V3PoEXfJhbTkL24 zRe^0!ZrW-zwDb9pGLH+(2)2BW-xp#ybdR{G9H6jSt(;jTJbzFcZ7TZcgY7_bL6o;t|L}XHvr%<91ACb)(^OxjJ9~zBtFP&qxNE zKBB?mIsE&_R)0Y=t+BS(8?qaf+bjwixW=bBx?k9~=ubJybJTBhPVk+5L#)xG0dLk- zI1a7ahEEL2d=ls{J6*bc(qN#DKP6Aaj8%7K9xRHNHh<$&v)&eVCN}-LoM)XE?dk-} zZN^!t{bG)y?#Ha{6Fm5Folr%Nb6!hqAevSmK3~LrFID;l4~+xeWZL_>E^i?wE6X#@ zXya*P-!`o^_aO#HL~OGjOPT02@IFnAv;=P#ndbtDVKvE5F8XY8PRrg_Y=A6H!hM5M z;idO^dw;eg07J#jDcEIE}Q_klVRDFUJrR^h51#kxIW<><8{3slK;VKfX8QCoNoV{eTGs@T z8@MaJcO2_M_pqu?V7+;m{APxzZEdl|HMH(}I@E_1>oqK#+fx^*XP_+SpqXi(U>7Ip z2kHV>E8vmt>)`v{Ygg_G8z9l)j&%XF7=PuAtK4tw8QxIa^6d+a1iGK&7IR>33f`|= zVNLO2E1$UmbY%IZ*WGp-&AGJ|^3g#)mn^g&O1;i1J=!pzRrG!N~DP{j5Y#CA_5~ zji|~NM>W46wUJO{y*{plJ(m>njoS-1fj(jLy{4-LA{sh2x{mscMA(iv>;};Ae#f1h zZ)lF+Nk&aJZLh7J%to8KV9^Y}NPnl{t)h`$0i+pu=fpmKY6S|ib3VdeZ-SXbHsDev z4%%oddkhh$&RO07e#OA-3AU{cgE75$xGAfx2xN%+87MptMv)PJhU(*cE|2&Fg{Q~< z8Y8`Z$|zebS0(K=S z-qJtj4j(I)N;)bAkOXvQdE}fCojY$xgKzMsIy5aB8Q3uq48NR3H*;W=3SIr-AtiL< zjQC^yG-Q&u0EHnabtpHxAy2JeF;5zVS`#s}75yYiat55t0O3TOb|H|E9qAF72~Lp zPRR^wsa~Uj@lBoTtP8V&>h%yTD$&F#Nk1G~uFA`#kT2C|i>h%7nYuE-QHzBTzf~%W zb`sVB6t+#bQvjH-10D(C=DKByMjy$q`_8ww3Nr|)x@=H*YPqskXn(gUpMIkhPVC); z4^KD1DRilUqq zDC{gD*DyOgeV)}OD+4)vFIWXl|>6Pe zZ@P!#5TaP{jhn2#dml<04B4voB3y8z0V}DY1NqkjX@43oOt2P>!AC>N_9Zkz`gy34 z%mc=yvWT7oyJ9);XNn?a9U|u}A5nS%mAz}3Sea}Z9uvisY&0WbTU=^9NdrOl802~& zdnGbx*gcty?v9#+ONaEQ?38*k$Q*mGhmZHHvPKG?8jc*YXtS-;Nmg}=RNkMaU&WDK zh(G>fIDg6g^r439ee{cCt=Vu}QD^GMLJVJ2U|+@{D&i5ZMFF}xLfXjr*(@ckcwgwby?Xz6g`8HN5n#-lB=G&-uiT zGTI@(5d}fgR+`kn+9M)1wX#jrtdDd5P|8#%R5yy)-30@V7G`p?wVGZ5H?nK$^=6sY z3RyirfRwP`Nf|bnbQ@=S$8pG4SJ7sp30Zec90s~jD%5V3@W_!Zfbq=(B`qtT^F`Yw zReu)~(0hEBN2LYo6ypOiCoyg~>Qfp_5*6W1faMb0^^N0rMF~`g&RVqjf=7p;#9=7` z(#}?H_R{5+DZsV85m>w|NjbEU=G3Ylue$b; zKJqPRCv%B;(7W0m5}XQSO16J*tp>iip?^7<#q6)!>EkkNs}wiHpQ^jae*E?e=5XJ` zHA-bV+a(FB(hcmqydl_zvftvEpLFC| z9-e2{UP>_Y!DA)UA&@%%25U++oZkQo8c~)h#XVTv-1oKG8{cUC`AL7;b~w`KpLee}qq38!`<_H8nGvO+M(gbM zAy{-`U#xbGGJ*ZhslnP-d1 zocTs9%EcaAk(oMqj{SNL6OE9}b3N-*tZ&I*-+qaC?cv+sF0zP8b#lj@>4?>E5!-n9 zgv}*6tD*!ZTz(7GSbwwaH|Nc?GfRuZFy1Fz@xitvUpS{3Rxi z0t2T2X0-BDS{<1xIP_hKHXo^aY5|8bn3z*t2x)H+9 z??wNipw~VAB!5(MLVx#^C%pu>1)rq%(*=?4{v#BIV`Up%#7(M8IMKj*hEpWxsYLsz zEDoSI%Wi$fd<5fA=xlITG7O%JNuXlzJ7>3%W+PkP4NXCZW(L&{294;1fwEv#-AGTEBdobDoW*-G8H3B#b1h6jTv)+O+N3Wv<1b z;Uuwk%u~rw(SDUPdE~65%r*HqpdMjgE2M_uD8w@0N(aAX3E0;U_iR?Zr37|q`-uo# zKeQ7X1rbdyGmnckF;Uq`RLWs&%JpV1>dluGnD+DAu;~2VV*VMWB*&-`I`YYXTC@mT zh|Q!ljDHGAtYvlhpi${?Styp;%zZJOa@dvjjrF3?EFa&-)np8=ey{K*GvOLu39g|E zoX>bWJ6RQE0lFAdxYq1_D$ScIaO8rDTypQz-K0~ZQCO1zr&`2%8$mf4q%BKtS0%$ zs)(ZXttBmz_YkI%0lV1k=|Bj@_J6KmfSP9JP;=MQKXu&x#*#Pk)BQR$aaA?deizlP zBlBjTKQ5wHhCJNM7OWA)O*AJoW7Qez#K@vk3$;-T^XU!!-VbW&y|tP0pg(FI9gB(; zp&E2-0wB6;Qr6Rhj+@VkR;Z)x3}*mt54T60g|fz03T2Yto-Nx(m1G;Anmi@R4S5TOV%}}V9w&N|Y!E5t-*Vt= zd0*Y97H?JAa&0U)d#96XoPTWi2p3uhJ)z=HZKUYfWc0Q?T1lf_PSF2GQv81AbBWNL zOyWCJH$g&o=&?5~6z!6sZ=4VsB;AyV>Y)nQTG1`X|?1juH8eN2pO4%Evue?5I5 zF2fcz*}j5kWI>q{U(-}uu;cA8DpkjY2`j}Gvv4KWnsL!pGfmjx(_03{guvug=+#z951hIev^QMK;)Ga`%-bdnhMXYSgog6B`yvBN~cxH$FaDUXzLe{$iz zQzqeP0=h>75b=X8`w4Jty3O+GSU&^0?*UB@nkWzzi2H%%(0{uAEK~>utm2PhlAM1J zkg&>CF59i4NgBH0QON3_XP4iHAEtR0F>GmT4?6yY9NX^q#PQcGcbz&p zNlKdpwxoiBJdjr`!96@f%t;Q}YoRQaRrxo&oYRMD7PUnG!?*kJ19tk~_M zA0AV7mzp=Hgnv~L{dm5z_KO-(giqAdj4;}4U#h{-6b?;$P+d>3P?A9ZwyI<&$#Rnd zKyJjT$vfZZQz$4cI1LU;@2%_N_#|`pyq$hD(`u=|FHhpyGV^oH1C&d0Vt*Y*X&f1E zRzqstr5j6>=5lGPmm5$0P>P5obaK7ywj*&fwe!Nx`G1YvO)~s}S#>(BjPiU^sgKDa zx_Hk~I!1tbpebC+A#FUzAqZ4Te+gN{K+HS_<0%l!`>G*rw~6|x6b4aEI`^A~1B-LD z{I#B@JGGuFP0MKP==7{xL3B+V|*SoRP+$ts{0*Ntu|4`hR{^%lZt`C+ z75cQ>f3&lZA$_&&ik>-<3N2S{xI0B$U54H}D}P?QEaa;6trb0W0L_5b+bMr_A|E3$ z_-VQpJ~4PD<+_aykd*XPSdU9y;K?s?4mx_jk81OsYMvW#%RjOuxmrilVuy);GX`}U1sJANt9 z^4Z>w(?sO=wu9TsLy5Y*H`q%gD?_-BRq3)JMwDLGS$KGJNL)PQ1y+yk4AzpS-GA!Z z0Gz;ssx;cu0=|lOuzduYEM>Lpv7zov;6U}+8M6)_TZ?&KFJX<(>4GgE(EUculaAW;&te*B zkbz=eyeG8420_nx-&WN5MR2{yDnwVtID&xu0m-Lu(5QZc-2>-0VjEn3bh*>mKUP_2Z0PQsu&qEZlrtd9|#f{0x3D_pu$e=r!qH%9pmE zf*`aZ3!pf@l1#Mt#EE?&et%9;igZOV2HG2u=Z%I7EQa~cqU+lfkvS+-_X?%6@#ur; z6w$eFV2SO9%OF(4)jrf#Em3Iv6ypfg4Ymy*1;d@kFqgRzZ8m6v)w9#U1(?}OLad9- zbO9kNOsIS{$Fj=eEF8JtoC{$&T2~O08I4LCC}vi%*5E*XxZ`|@)PKzMvkX}yoFJT1 z$(`kivE-Rv{@oLKJ}VC+p@I1aXfPEq06sT!?I zNt-npGBtOB5VF$+ye9}Cgu`2@KNeI^ec+Q0Tev;2+%tNJqrR<2=G9SOpE{E4#538( znypgv^@S`N1iEG-nmJ7Ghy>TKLQa)X8@x`kdW)p_GDpj+LVrRGCl>ZMx(=JhUcjQ! zAUzrq9?uy`nm;gYu$rMtF0C%?u!6c5j`b^zMX6&l$<<-Xr|Y`NA>mk-S-h>@5}EQE z*f6t3d}PPwnvpBeW9S#ar70K^lq@w$53a3YK$Esa?pMAnbGNM#qh)%zR|YSpp+#TN z$K1?5<)%e4h<{p+Csyrp-1f(mM%s%w8pdf6bO?({vH#OS?4miZRm}b4K%D%yxjDoj z8n!E4>6u1*65bD|`>Rt;hV!9@OqPTe{UO$RR}DpBXoBl*Tr(&@5?y*-+SJyG1~=hR zc|6z&4OnhUY;>Y44i>c%%7G~cK%SwEfreunuubduk$+f4!tCryXN}sDBF@1hy|bZa z9zwO8uA?xt^o&|5pvgGhE*pUq?=R^hCMqX-tMLk9^hXXtnH*{@34=-w#H5}616@o8 z*LTHWR|@v)??|)L?t2&4ylyJvjKeHMd-zhj9xke=#~Ntn87m`9O)naGi5wMAWZN{{ zef=@0`hO<~q9bdrXeCk06;o`gaj|_KePKjlR{6|EgaapD-1RYz39}>yLrdwWk=_DO@mZiQne%-Q1Oq3Ucm7UqDFO_E0&r2Fd#Llaxju zx$e|q=FO=W(D$Ny`QfPfH_K|cXt*9IQ}f8^8Up%R?}K}hb>7kpGxU6%u_j1t3`WQ; zDTMTI+a4#R!+L0G-!a&Ic(0dt2yk1?hWFt!X*&#Hlf13+WDw+$v{C?LLB{-33ye0w6CV5gH^ZYKl z*vEAAmM{Zh&!6}blR1UaB`>$}E zrB;Ik-6d8e78-)|eI+!g%m9Vk45!o8-Wi@+d42!U>yj?y+9E*fU7brK{QVr0+KkKn zey4vE!p-poE_SoYJZSqSZ%27N1%H^2yQ2Le_kFfYg3SMW0!dRa;JyWEPMtJz;?xp99gxw&RsGu42t)2CLEA}y?v|wI z{zFElg~R>)`rb_2Vc10|;mXT!*h{x8+)IPL>Rt6_}jF8?yh<_!L267|{ zzU@|Gp%DF%7Ku$pxdH!By^6iX4vSCubXI>|)Mce2BFp{9coc{Lj8RMxParDc=Fgb? z>I;)G^tng~!ydG&p&|FsKIt}Z zt#v%UQrd^KQMOa`^R=I4=YNhfk{?QW{W@=@pFb7zOLf?y6JG5kp|7*j1EGg2RSPmDsn;5(=_wM^atZhhlxnScJSq-; zAQ*(~-avP3gVL?gfT2uPJPAX>lkU`zpF~ zMfgxKu0oY0n=S6>9e?P$4f}%8%LiSmnyS0rL8!K$wXl9fP;-Gw<9uccH1Bpy4kWXW zvf-yLk~)CUGltWa>L=vlkvzI9UjdVi#2}h_Hc8!k_4tL|$x)UyAmY=TSowq$O$=O% zSs~@`sG<$da?QRf^?8nkgbOcXw%&?X8MKN4T_ag<2IOL_b${>l_tk>5c%tDjHSV!K zKn!0okr|rv@Z4eRcXQO;Gyz%Bc(6cThdv~G7S&|*-)B{`U#~~*)9TP!%ku8PMj+qe zlrY_@RoQXeg3XJW2%))b@Msn&mczp=rck}(P<5IIXG}penmOYN=*5|WII~n>9j&Z?mfdtDvTzOySaFM(#sWhJqE9tNaLHXOyA>FNO+LHo zskr(yJ^KTDMFuL5+mS8d!Cq~nxKiIQdqM+|vC}dV-+x&(QCn`kha1G3Jt)xi;Ct$lNY#JWsp2ce zxCEAmhrT&63$B5R($@JzSZ0@XLfwHGwIHPYj&2Y5H|mfHN|rGs0P(|5>A zyy7*AsekE+ZD$!(P}e$e8q>x|kc~U7WIp64Z}y<&*177!D}nmh<&%*#k#q9dTHmNX zZ*a%TL4`BC5{uvp!=A>TgD1oQc{iqzwW?7rzqoL~WB^lw5&2V5sN~8NUeWm= zh7n?*%O49_p4dEazxr6oVxG+7`Z*N0E7M`bWq%R3hDp*Kxu8e*%{@6mSM0@t2#~{3 zPrRPqcdcp%`y2u_I{KSAU|WobHKtAi6&Z_pwHI3puD}zkD3=KtT|9*6V71UT8@ni$ z+uE}M-d|ZuSG3(s?W|BR*DWnzR04~3wZ4C}bk&@6{6(A&o+fronRR5|6a$IE_2v<4 zVt+ACO0xvp<$`>um&0+QNWY^K=SCHjK&x*hcHtcqw}D-$zuVSgP&xQYKt>K#Mtg-h zeUwCGzMXEg=z>nK;5e}?J=>iWa|8XK(@1>fUWum*EF*_g^1e9k5;?DykKDKq28s%6+vkxqUphq*D;<@5`U!Ig(r{wh6n$drGB|E=LkI(`$K@`x2OTwHRLH`z_d?Et;@MFm*$d)WYKP;k<9_}w2Gk&`O{MpZU{1(tJ%{;>& z-k5g%ozz@H9lLykuXiZpdtm=;l^|LkzP)Q6xSyY{KEN&z{lU$BiZTK1K0k%cLw{li zdaDK}9{TirS)@~Iqsf=xA%K|ji%H_1%!!?rc_9lZg&t{lftaQB@#=y>D}0AbO?9~j zvyl*%x7VMX7wwKTcvbPmiaQW+DTM-pJL!PnjsRtMP1T6^tSFEnU2!^Cc{=V&GV}MI zb#a~9MCAm4O;KF~Yn%Jd14I#cNPpdd)W&mq;5ZwkAb8r>mJaN~Ux64asDo2@X5-C* zXm~#f;)GN{WGXBsQePj}4G%{kl}Qor8K8u@*iw9Witn*nmT-Z?2v(J!KAQMs)7I{9<+9ErTmauz%>%f>u=N zFc$ejO6b<1o1PKHF}J7J$b7;z-Rth*8#|9V*IA+wE3bDaMA28b%Ufx9I@^;#0grQl!M@B1iguD-6A;8?f2KKg9;Kyv9jtFx4sg{ZbtVU~JTsVH;+XwUc%ix!pcDFD>#`b%Ez$g8wk z(zg+?X$TK`a?Xm zcBXnmgd$8e^2{{=uYX+`A{HywA^M}+C*k+|-d4i_%$U=j3B8f~&MtcIhUU`pJD^r` zBH7pD791E2vxO&ZrU;gG*;T?G< z6a;yshY3j94T;`)@H(E%u;^e~{2^LwyKD#POp2*LaZyT%l9_l-c_(7SE6tDuD&YeW zbRR$Qx7YaD^ndepCxMLsJ;?Y;Y6TfoRz_*|{8k)e)me5v>$7f@wX3tjMnxtkb363` z-)7$4-5ANDmEs;JSh-$NC-daxyX@MaD1L{{7^?T9-APi0GpMV7rzCj@nMh;pNC^<` z?d^Ouej70WUp=J?+>(-@_KbAfP)36J!3kSEP5&IO zsD{NK4vZ&)rg7vhY(cEShS}Dj-M7^Vrn!*YEJ~c3^y}YMNVPL7 zEkf9LqLabiDH{(Ug@N-xa@GPKp&4ZH=KfJ%`76<6V1z=P#FL|#bP3Ksjd}oT8eLWK z6g*NSVSi&LIpL4qg3_+cfET-eLsE6h^6(n>iFzJ4$KajLt&mT5zzut?A#s3-+RF~L z)kRIVlk7nXzu05jtLDyMnVdWBFU}+ij`J`#(KQ|iw8wE=uIDH>XB?+0E~5e@yBLLq z3bT8y_`5$rsD}3#ZcKZmebfUFjw#IAX9Zx{V}C+H2uV_U6SJSULw(Eg+KKzKU&(^j z$x3>p!_9zaMa|cHXE&nO(AgJYGm~Y$q#)nl@oq7LXOW)$JLj#k*LsMFA~(u+9ZiXn z|8bq8Np?4pKDTCA#4yinSU_mU+$u3)Yn!c)?OA8G!5y%>g)1fbjk?;LJQWr({7}qx z^nd=6W|hNCTE_yAdOAug$E=Ep=!CtcUo1|ST)_pui>FZu9`gmXTinUW{UcG276ZoA z$+dC=wjEH*0=?KxPO1$4vS*6@ zYOQZ9{7$@5T)fo~334%qgG1_xWF^ZWJX-!(0o5HP=C!v zj5;$l!8zXw?TIx_GzXEh<|`o)$}^Wl^jq2`ayF5QwYBA@#h_AiPItN`b4D5D>{jxp zD8^EI1UobTzv)c?&<2CyVN(-~nBsR!;j-~EYc5I|d`-2eGX%UNquRt%K?0=i&+}99Sj~;Qv;TpxvrxEMU*JKvpy6LIs!dRBJ zexZQnN!`Wqp4u4w)EI#kWo(L5U~KM9o@*$>I%wMzJ$F*RH`OxL05tZ2*a8fsNKc1F z6qb#s%!gj&vY$rKPzQNzI4BaeXV(;?3w%vXqTz*6X?CSQF7;;tyld`WKz~HZVq5r9 z;uyVTXrn?_ANF+v1#XXTGRnneVvd&Xw5;_2uGcGH(Bs+)v4+U^>WfeBkQ=5XaL zaghQH`<(~+%#E!q>uWJQt$+O|rV>G0l*<{d9=9QRQ`X)~?nI_WAlV_#l_t2R-Pb*< zWImj%uGHSDac1^DaOa6casVWmE06bRMkaOwQwOM%CE^P$@%lF~M;j>iapbx~{D1tT z%ul0)qhxXVk zX127FVnU59i}>xiehm0Q{{UdDsooIqMh&*8tn1k@cfCM~irx}UaCNlEplqJpM&ij5 zHKqaW$tr+joE+~GuYUpGbkHcpov)$w>NBjyVB)KFVbC;{i#8hnj@y29g#j*&r?(8z z&CAtG>EB5J6^h22Q4SVQwTVAIwkv~Me)T}{z6&Qp2p| zyZAn|jcyVdnCsgBZ}|NE+Oq0orHwK&BXkcjo~Q6_TNPT#OMmLmIc5qx%c-;c&LF^> zrcX3Jn?>MsoY{6f@T7cag;*C@nyxSUGaFo&%989#HxIvH zXxah!?HTXlbF`q!Z$D0(kNZ{6F>52~3ybHv0lOkmYSKRM0zU+1wvLY%7tVYnUdMwG z58Su|5K?|N<9`B@+iFeVl3aoEZHGNIvMiF!wbU00J`cS?gccDDIfghI_z9>N=l+4!)yPvU2kNQ2GT(OD_;Z8HI% zMTT?_LLh4$@Nl+4g{*cPP6-c(yy{Rtv2VXi_f!sE6H;|OLWOt-_bm=x$ML`|)SFqq z=PVmfh$UOkw^BsVXhbuBmENL3e+py7umiP`2Y*#jgbD&dlI6YOo`T~JLrlC&Sd;fB zF^|BL&#YoBE~UeP*rPu1xIa3oOo{?HJ8w`g&Zg(R$RfSehOiCGwDJe`Q zi`Mb_C)^I;6rfl6O?D3Kqhly33 z`n(G$+3YWt4g0H5S~0`r2X-*tEnk`*agrq`Ja_YRe7KF>HD+;!f3dW{+$jE!w9#XH zX2C2X{8U*iWg^C*&CG{$$h{+qEJx>98-Ke$haQ$-=2VXV%YFaUJCt;L0or3zxAaxT zWR+@7Sh?TGO9u#GdX34^n5;OP)!{>R)uws2Q4Exkz8s}rz*x&YC5KqUDAU7@OgtU} z92hff)czl<6IgMJV;Rft$~}u{)LB{6O)|vd)?fPaflK$5nU)72vwP&CBE&(!n}3Li z7M*VlCo0u^eahT>W9YWbx}5t%Ak?lR2nuKw0szmO*)z8zR-|_(g!h1BLr6YGP@|Gq zGkW-_eF^@Bf(5q^|I{YEP!1RYP#6J%^}ctG{&qxLgu84dVDG7;0=Ft;_hAN zV4qD6+j))--feYju+>>xDo7}{d-E`4V-5*F&plV4Gul)g=uTISDD5x%vyMD2;*-<=0#Fl zH&k%>`TZ(ISvGSQZQ&Nc={T2=VpR60$7P8liA;q1(kc)3Et?{;MI1D^iTN~V7A#w@%om@LCw`QOf48(>Yt*P}m4;}Oq zrG|-UB86vjxifFqx&fG}S)MaFi6!lSCb`;`7)>zc9`Zl-7W6E{7aTM>Wgw5eHw$$D zGc(Khy!e(yDvl5EWph|W1b=eJmHkvz3tUV*8BSmVy~LnOUkHjO)13X9_|FAomDMxp zZDXQy*N=U9Iy2UNqI^Ck8oO33eSE6|=a>zzpK-pf7$;@+c}U$gvrOJbaF{K&wlK=~ zMH34BfHf+(qwxCpyR=KstcD`(oW)+7qigTxQ<$t*28P`=0p|mcZ z>H5Upj2pVMGFFsk>eQ1Enc>8oj?x$DfZfhds9?e^SmSV(BqyuF_X4UQ&zFs;wbO$v z;PW-KE2ufm!nXB?ISevNr>G38>wDxFKC0_ufIrctLp=NqT%17wY(SI02aHHO3H!x- zKo_3>Km) z!tfG~nWzBX;p`mjLoONF_58pqERA&2V4K3c4_*U+EvBAWtK`oHxvdM_x7}p4ICBSr zjBxJ`a-M(EA=1@;e>-XA zxh!m@9iEp{8Kc7rl-|Dbo{vA8ELn7|?BDVpangbWVJyntD6Eq6TEfN5>I3J_UgtGU z>&hMU#>x)R=k?O?U9g{d<%j1bOI|c+=UKme*K^%cQPfoloSQ>{X%Pm=TAO8&-3GMn zNMWhQ_GY+RO^qt>EvSFRS@I9qVMiiGo*k93;nGy-?IX{T=Lm5JW2kJ)LQuiP(9I8P zo*)e18Dx?F#;Z8xcf&Uc`+~AVAflNyDCs&huOnBk-Rd!Xhvrtrds)j4r%a!fS=wmz zCk@=3IP))&BxQ8cR9A4X^JDKttu;iqXQ^+?6^p&y)NO}joi=|rhP>|bT!}dF`76?_ zOH0{(r{L32N$h}vEtXATK`xkw!YT`Chqh49{Vf>zPIg(Hk;1dKbvn+Tsb0E0$7S7h z^Ng0ZRyhLs_ncJZf{^oc z{hDP)WEXiXX~S7=gkn4NP8|9ELDkXkd(ZQF<*~NZo#00r_fN3@g}ce{9U1Xnrsqv4 zF0Qv3=9quFG=+75r|U^Jx_|zG5~?zvp-ffvi2&b{=t#+fT1n1Fu>w^Ed_gU+zPg3( zD2@<0d?h8;%wnA=-zsUBsU--ULKv-A|2+U$U?MeA!@ja%!6^Fb52%zPEY11eH z$oPqG@r8SxrO_%yi`V4wQ*&oJ$MS4KFVy0O{d-*+O$5cpk2I&L$eO%0U3G?zn7FvL zgqD9E|3?5v3Apx`q9)*noaBZzY^bw7|MU1k45Co()Fdlgtl#>#>eKU~Ih03#rLmvW ze*h!Sx34c>44f}20}?vOpOz>)di1r9_*ay=uH?T1=5IZP@}NBcGSv0!vD2|daf*n# zytH)W)|v!bHcc$WzS`1eOUlC=mzNRluNy49i_KjMV@S&!vC z0|YW-9xYvwPM`6T@?stD#^FNhr>N3;Kz7t*r!6%|#p;lh?DuE3+TiUVm22pO@frF^ z5-L|l$EGBIe2!o)GK3vOoP%!9%8cjt&}|n0($8rZ^Ao_MMyuB7--TUGp_YCWk2rrD z<2AYsfk7&_d&uF3O!Fxu4C1^1yP38~Tulq^g23<$yRv$W-R5`ay5te}%ND%8S_WxL zmgem%2-*599e(K{42o$dKY-tCm_Z|C6d9iTg0a!!;B>RwaFmB|avI(zaX8a0SEf(+ zw(tZf#06+~)j2{P)23fZ$qFHT0m^&IMr^|91WBHqy01Y$Pz|3Z%nB)DGm9Vgz~#FIT9G)4z)R$NC;922-bfQsi8GS z^0xrR(%X9ghHZ`^DJT>p@f9@@c`?!f9NDb2Q0u)UU%vFM9oZS)-r@>|t%bFU8336V zu_LlllZ2{1xM>J5@Ac8dhHki_1CI5i4f)vh$=|((W$Duv}0KYc@$dX)C4l?d^+%48H(&LmaHg zwTp!vuj5EJY$H^{R+UTtfllTNJVP^&UzMmluebb(4l3XYZDTf3K;VA|KZAze@w?va0Nj1>D$>RIAPPrc2L)#YfH`7irq|XwI*Tu$CB4$pPvgTPx+*VSB-G z6f-T*=tM9N6-T=)fK1j?Hb}&an_Ke}9Ek}OIM~`Co*RfHoYURMdDdoeIR7<}i=GBr zU%_13PTN121Clb}vRHpn*dk-`66bRrZ9PlCVCXuAsQ!rV6GB=4v`LqB!rCTFi-YU- z0}r%?>O}{hwGy&mJaUScTZ!9?H-c$98#s(Oha<2&RG4Y_mk8gnVHf2qscyDNm~xTc zeI@-QT2feoYZKHP>-BMtmjK!CF4`W1n$eagN~)y34h|>o6Iqf*djz)Uc#`q_Rg*%V@!oaTbnKWHaNw%eRY;rdMU6HH4) zhw7vY+?A3e73lJ}pxo!^B>YHqe^8m;qEwE_gNp$1(iela0Vc3jX zLq+v8B*hNz*UW!=clitNN+IWN&U5l$Xn(iAXZtf6!bO)D+D_XaB@yA>@NUsALfpOB znH`^rrOkKsbIM%=K;_Y`8A%~P$distb4R48+< zBm}Sf!1{l2JF>x=Ec-d}{dMB4*y6@2o+=4kECfA*aV@2}lK@m%MFGQcVoMA-*y!C( z@H)KkeJA{M@lqr@#K_gDa$uZ^9s=@Y91q9YJoG2FEp-3%?uJ-}qjZ{WuC=9yvml<; zIsXMYk=k^eqDJz387d6g*VqRsKCO>ZQ4O=Wr@wy-#D?P?vSg85HEXnEvYxVlnIaYe zZvjag-7WN*44)%1(kxiGs(K=%N)QSb8S7v#5`dwswTz zcF;fJ%XrCfXqLxO@RZPK#v$T|x6hJm0i1u*o4qsqst}Cw<;0bwyyXmc>53@AF|&~- zWF<~%Z;e-wj{*yAusIL$0GDDe@Tv+(Ss1n}|e3uN7qP+IUN)RK!A4ivZd z;ImL#i;frN4v0~+_C6#X95C>%#OJ-$zQ(b>r4MTZP>nqy0>Ux%88x5Fjs;ZW}#R(?(ygAK8 zHiT*+T7a~%y$||y#r%(b8wcW_^i$n^qf*yX=1qvhO}S%JPsD}2WcHnTUQcRNq`rJX=WVS+P8&Fz7#<08X#nnax44QmTZZ)aWghK4`F!RGSGjsiGzI60k&|k1x7m z%827}*y7fy${G`b-F`1iVI`tq$n<#P$H&_hI^O^@+tU|#eH$DLrMG8E z(PxkEhI4Y!;`cY$5tw<_X4+*1ABflA4bIbA734&ai^~A=hQ86@THKXuj~Rf#Ve9So z$(m z&#ljwXED>gVY3NK7$ZfA68G9WQ9Gd4I1FHB`_XLM*Y zATSCqOl59obZ8(kF*G$clWj96e~q*SP#oA6Es6z~;0_JJ-QC@t;L<q^x9$(!K_{x`CY_LjPh&yMlnwe`lKv5c*71 zb%Fqt+#LX%+yG8KAx?fF4h{ep2Z!K)h)%9T02!bM*b1P^22gT>fZR}NrJbC;UBNcC z(C0e;`3qpMWCU;u3i7l35e|@a1i6AOfe?Ty5NZo@e6DB-bO2~OS%N`O@Bd1{AYu!J zIt#J0dwP1Z0Uh1goLp_he;8Q+o?xggKnvssa`gaN0e+7RPy;%G{u+%9l@_353wHa{ zq3vW1^#r!dQo~r}26;%N0&LGI2WR*V&EP%fb2f)e3`FFa% zqJJj>L;eT`T3R|eIs+lzV2BOC8tec9sLQFaLA{_X03gKbHxcOIf9CWY5A*g)ZhKdfL%eB z&*$#V{@3N&L!3MzzW+hiV2G9V?=h_0o!NCEU>A3gqRd~MXA|l_HX9HWz{|nGA;8TA z0J#7_UY54(zYFMie>;QzaB}`OKhNOr>+IwVuznr`8t;&_%HCxGMk=kI?e&kD10f;f2p zL;vH7+4WTvb=6-p|26X8PAMrTFMuyA4}g`6n;XE(%@5!cf8+!B|92J*Ao#B?{uQYR zv33Fo{@LvFDgCEmkG~Ya@Yi}U0{%Ofn$xpxK>&t-WNysC%VGKa#rgj%_CG@Y|1|zP z%l}p8|J#wAyMx0Yeuh5@{~tfl5$xdo7vovC?$GBQP<49V1jzqV^+10vt}4h1?C$u# zUPUPIc^4!he>M((A0*gK4(tW8(f~s(ZU4~5pJv_Pd*%R!fHa)kz`tJ>04pa4$N%`A zm&?-r`SoynmgFBU(DUy6cSTum=2;>E_L|vM9vJ?)rs|#(vu8}15WZj++ zouS>f5;xb1-46xHrK^n08=9$_u8{x-m89~ z?CV(g{I=#!HJ>utec2b*Slt-opyFBDJd5{pMAV2-R&rz}oKr8X*^A2=oSexgN~Hv5 zRR5z`?m}O~b*^_eb3UsTI$Unu#5BZ)MC9-nIAhavzEXRsN`wo(B}Fl7q6;557};Rf zf5rwV{YJZ}eh3+Gz?dWN&MmJ2TZeA7U;LF(oLsIkh-Pu?|xG*@pP(J)oH)-TEVr0FEg1U*n(k!(q^AO?U zkEe=A_G?F=+poYbtCXhJx6f|!$a%(Vf5%I^W3XKI*c}rUsURf->m_bMW)nZ{aKc3` zE{`!vwP2eC42p3NqtP(&vYhT$HkY%VN1h*fV}|Jh%6C4Vo@9;Q4#|^6io6y$&6IYQ z2|o<+E8s9QqF9pna|-5%%am({u3t$geYL8Rm~N9hf*n_l*uCm8E6cmH!hU7Le_VHa zDB8Ryb{K^)Yxq6__~uh{njTq{+67*e0o1TmP~41e+8tE8P4<=E_#o64OPd~Mbv%{(xa0xN|@P)$)dw) z+-{u{rWPb?3)Aqw@$XDn>*|{ZUd-FEnLSLz<}QyaP&TeYc4AErt_MBihG$fpXPCSk zKg|*B7*wUf`} zmr`sm+Q^I21`ynr=JGphe|E(3a9F}BWX#U-oVptwVR#yJ^rdEg*nZE|ZUmkBGCY#H z{4u5>Tio_nM${*Z?2SjJC2}~LKvb*2Lh~pZfJPX4Sk_yipqJFaxo4$}?@Il2r%wh; z4`Zwe5pT+IWf}{h*Dq(S(t3+?MJuwhdB=aYzhNeADmb>|@1Z>ee@i^25p3cPVKWlL zPDhUFu)|EbM3U&POv&xnUd6X?CPQT>gTFMd=1X8q=LZsU68C+qlQY#4Pi1|d^8UQH z$b}#j$uyhlE(VT?)5h~^m#aIEhrK8_=M#6AMERz14ZqJom`t8bBObnczf}loanLl*JFF!ffhN6CK1_DJ>H+{ zgx-yP$FQEyD_uE=PTD>=E4nMOwmG8ha?ZOG0iRK-Q!vo`md4H1jbeJ1KWgu2gR7;Wl2C8L1fNts)LD|qv3%{ zM^aO>)pJmhU~;9Ul~pEPD2-rR&HEtu>X+n?4QBDrQin9VE1ww;Boga{iW&6icUa&f zU>>Cg0Z8>D3_(qazATZGFZPYH9rx< zo;Ee7fN5Yzshpulbj-LVM^mQ9Qr?`wpcl)*&X!%*P-78N-Sdso=9cHu!j#}M&RG{{ zJ)JWp(2u1L{JMAXMvj2Z#Wua~#gzeR&iS1~FtDt|e{*a}txDH3Q7@>V(7Pf z&DU*B5qr^fbmA1tAqsCn4&R&du{*{S&);43<(lKHUe0d?r3YRvtODpuD4ZkLFd0M< z$_+SMe|9d*-{$IeO;?n#AF1EI&_Sg&r#m9^4P_uw9uQ)aJ_3&`3+8uuDGadUdTh$x z&+>Sg@lr%?$K@`y-bZEjv;6u{Y_;jYOK&l1vFgH-s&L5$P*1Aa6ByV)QB#9l8TQMc zzd&+vAE#*kTsyCt4A=Rq$L4N-)`}e-jt$A_e@6gQe@80LMr$Y5NEZmt`FgYwmGijH z-w7*F8Rm!~^~6__WXer-i`-lsfQ|m4anzsqr610DHVzCC4XhU14OPSctcxEl%e~(BdOHZ#?&`ZbF`d+V&652pEDayYe549?LL{0E10^X}J8#w{fFD6#soSI$;_)O?uIme_xC^PuRvR z_T)}%s{HPR=FyvR^y132Ld!ilFPY%66pjnI% zBD5G5blz%^GquW;nxL3h(qe$+Gh)?Y`oTk$9Xsu90Ao(C+W5c#k5-9X{bNKGw_HQ= z)u44kpboV)SqwFTIOrWwqU-t7Mnn?+lO5j0wKMWrN`kA;bqX69)KD!j~ zrFF<nbzygmo4PY3534Id4Dv;SR?p2!-f-8OiWpKteprjw@@ z1Y6Tk57;eL*=F&W$kTDx+;eIXT0Iv%^CxeVZ5S#$m$z0V8X+jA^$rN9gc&thZsvq5Vhdp?n?}KJEqa5*8sS z(E})8uLjG(Rdd&`ICQSvyJQ%cibn^CIB~>r%PnSN*vLT`oZ1K4Rxf_R5N#XK9EX`R z7W7tLO!pHl2)&3RIPOZpHbJ}A!ZDeWQ>@al_d3n8v$6P~e~@H_%*G&u+Ov65o=wIU zGXAsH_%d)R&;<%-WYt|;8Q&n?#W6MR}(6h$1pI@xxRi7fTFf^k@_H~1e(Aamx+AT{>6Exx?NXV2T9f1@(yzYk{*a;Zpy7xb?$XqG-KIy zdg{-fb)+(-GlSP>qgetCN8Ow~4~SN;lvFqg#Bo&{hQx8H2eK@R$25B|$xb?3tSy_T zW^!B`e>$qsL~I-aVo%Z%cnzwRCq;v_x6e!ttxzQ*3j)oMc;^({)`RaZR`3T8*v~gx zqsQ!DldZb%*nEGJ{E!ztfBe#)p2s0&DtTMtrn<{aU2(02pEzrh-8bG8!N;4`%5|K` z3&WZ;uVakz7KdMHZF>IfI&@*C`>H|ved!i`e+~($k1uh{p+#fijHSJX1#-Y(5X>Sf zM_z4j-*wTr59yZTOeIw)hEB+*Xst4u8J0qd;F2Tu+&w9nf}_nKI@xqYfu8z|&-bb* zp1N1rM?7hZ%l$0b>)@gY1M{^OCeWgZ0duU&FV%zsrsnqnt)$&PE3G2myn}Riq^Bgp zf71*;hLh&Vn6!?rIl8|OpWwUmSKlX=Wz(@}G{l~33CP4YR zM@~>sH`RD>x`By_QR)<~l=e=qhpr31#ZS+W;U@H8NSYjt)g5OHL@8ix$sEb~7 zI56RyxO%0M@Pm*WAuW;z1rxQZ$QU9;f4cYn!ls>|nxgTG^g-TO+qqRNR^z0oo9`+V z7PI(0EY&vZ5PAXp;rpSo$|@>C64}{sdSUX%FirwM#8!Cr$Qyd%pFqPwfWt0X$xOv1 z{|$BCghimv7l~AAP10mf=Lx$k{G>Tsea@?TVfu@bsTU2VMJ`w(lME+6-`w`_f68~G zg@OcLn#BVrOwmXw%}}h;m>tS>sC_BGd^KhsuCLX<66A*?!^T@9rtanhm)VA_*|2AL zwdK{QP5&62(d809w~;=^(+n!dd*zJkZ=i^zY!rMm5XsUxb0wL6qNOoLiKJl<7P->X zf!$6jh{sqzG>?Q%s7EGh3}!lvf5lzu_%a!D=%9^L&<;s0Z|ADzqSuMP;7Cq$CVu+y zsB+qntlvL&=0KW5HOIXXrMW_}fxt*ll#=r_q$@T=5L>aD4be`p50x)|z0 z>MB0H9wl!m-rlY0ZX3iZbJ)eas3X0}*a8e)m7Ira^I;O)MD3h{3XXfasJLMRk);fD zY+j}#ATA@;`V;8n=>XFwB7-Ay$|vEh@v~-aa*En!A5Zm*%$T9coOxV~lJl6pYbDnw zTb3aUHMt4pB|aKVnxmy@f7%OL+g41JyAEnU2p8ilaP5X8O7Y-4JKW6%is6aKIM#@` z3(dM5`$XZ{_txHMp8cwKxBj)6k9tP0h@ys&-?k|}jO$`oc9y}2I`Zx?bEb~@LsOn4 z&gW_JDcAhXwo*Pig{fp|!Ffm57k+*Gu5~y+duADcwJe=(HX$eZ@|H`E7I zdui+=ng%Lwew!sG>{&OsH3*X#O`^X3luUysZr#jJk+z(<=8xTys6YDMX)kh@`#zg~ zlUXMW$9cEe-vedhlM*e@G7*O;doQ7C@&VXkVzWVD9SHI|qeHxcwv(eB?F^crNvj7PZL~ zM$(lwia+c#20Y=>W*1u+bz!TE_ni$0H7N zSs#wx*eYsI`R13KKUWN~ucjoUCyCMl6iI*m9X^=bJw^+Me;ZCG%Y`?=!jB^0@HSCo zpX;uhpV&guKP)IGgQQSJe^#Au_m2G~J)F4^<>c&H2V6r}LqZ8fD=hw*fK7}dEX{>H zOUl!js=2qn{6SGR;fOe+W#Y<^&T4{3^j$ zM;tEBryZ!8UNF2;4xi>VjO(ft6IS1fX%zLCQGI^ zDQsBgf09c46*)bKRk*7Eq?UnuhJ^-vb8w|c=B}l3Yd_?B#b)mp8xO}LS#n7q3l6QC>K)|~zYe@3X@ClF6jJ7^b-Iv?W1p7O-E~&Gi)?FvI{4x`uLd4TTop>uO{G$r5Z_##4Ic15rY~vLLCbKX{PL?^vy;Ru*i!* zc+vp`3ASm|yjT-sz12O^q=W*4hj%I^7lF zw*y3JjS1N8_ROiscZz>5{f7+FC7X@2$p{gY|3UNzI#|x{!9PywQc|$N% zFDWi4+BF*iOq?Ma^2NKoRUK`MYPzKJSJ{EMzb|@2RLJu+=e5z;Ix}0oS(wE^2@UkJ zJf8D_t;v6Q{_{+a<@9~E@Aq;Mkt~m+tCde{1Y-jCDxuSCc;mO z(p7Q3oI@?)l2Pevh6DBAk*bJYf7KHhXdyLJ&$^C)d>r0kF1u08!|eUxo`!fs_>AP(@pL2M#0u$Kl<_M zl1eqYy*@S2DdG@iW;`7h#DPT_utw8z_k4tcjr;+bGzYh0^9a)>4SBnYe-0j1-WtD_ z?yX{Gj40rPq1dfH)1Kdjr)^;@3k6fF_w~`W1&(lh-zQ+sy*H>(;<3kfYdNK-ab?be zW~4Ru21LG;&3a(k zM8&EhR2{ht7UCzXzOW;4f6PjUM=zslq%T6~!sBl7!s{m$F>(bQe=kQkew#~t2#H@c z&2VcS7RoVAQ}yi=lua6F#+xRC8xxpbmD+-eEbF~Gtk-ke6yhjsEP?c{?FGnp1n(C7=cHThkc{942y|j;I9^A3ym*4NHYIEh$~^YvJ-*c|Z(Vgp70p*1tsSPX zL_~84oj@;Jv>?f|TkkBcTUsEj^kuQM%+|KZIT}gug56)?M3J{`Iim4_L+^v?2Skiy z-&HtQ-s=RxzZ}J?e=u>kDPsu1(M}ApQazU0(`IIw#o5#Up$%8@Zu>Q*T@c00k(TNr*v<$)2=GY8rPRFne(x=JBTb%s?j{@GEXwW;a^9%Dnqrhc+Sq4`4K4!s z&1HIn{y8Endi$;>$QTvS9%YL@f<)0uA zvHk{QTRFG(e?u}@dq27NNuS2fL{!DuTtA2~LEx9&%uG%Mb1AZkh(vfA+rv_nLceec z4awvqbR?v0s2ewlravhiS0zB)(?er^vV#!-X7yxg>V1s?TGcMYmHPTRJuwjnxKm%x zGM`F8@xNxvmsy0mn8gxxaoiZ?KB`=|gTZj% z`AmzGe|s69Uok*OL6p6PM2ck}#LS6vL40frb;f?@=pOl5?{Mf;bsGljJF&Y7vX8i^ z7Qtc}FF{yUKaZ3z&Fu;^AuHE=7%N0`x>g>6%YfngEwBD$c=)#2*AJXi3~h}TB;H!T zzJhF39cHU&ASKZtn{IdNo)0IiAj9Q(*TGI|e^FMLD#ApLpbN;Z=3Xi=oju3SK8jFw zrtwLi*xQRkE<6k_i#h~^3BB`A4B*TEUIgzVm(mni9t!L-Hd?Vm2(A^}pl2=0HBWE^ zt6cW?=6P(Q&TQK~ZH;eZc_hsh%y-$Bylf7v6n(SNZ>wM7%9qD6&{_ypo0!uy<~#SP ze=GDIt9+ZuiF9F&Jxi=T^VC7|?pmU&wR^tCI7SaOPI;FMQW3mV6!A&Ck00ynwAt6< za$`#rzB%I*Jz~1={>tW;Ji>`*O#x`p87m8i4eN1;y*~$=5wGi+NjQeD5<4r1TZ!+9 z`?Gcj2^Y{?6%tNq)~>i`GCvYrsfVURe{3H4Sg8hEtvZd(qkuX!;uC^Lj{z{`2^)=Uq=)f1K5L zj-3Ds?_NM3n{pFu+Fc!&df&t=A`K=4^oHf}s+_Hw#3P+*nrZK=6@aCy8BE2LJgD89 z-!SKM35$-;7ySy)@i?w}hDg)ux2SPeuULN=kO(8*WT~7L-Uf_n!U9Fm?zvV)t-zyC z*(z+vX}Dq+!^k~J-5d)K#83- zYu80J=)4;1$0Czy`x4FHp?UDRgk+h}>%5JvsHa@AIK+Cjy5->!dpZ!WTssfZw^DZN z7foixVpY(@5HUQUV-^#zv^xCi*W`J)SxU+MixgL77%3se5TLnuB&}wUf4LQ6`l93e zpa#W&y36zCII%q!5sU9}#&H%rYWyVEy{|Nkt`=p}f;goIF+@o;O|(WMxVo}M81~Vc znBcDhWIJ^Ve|_*Xdh8_0F`Oid9SOGrD4e%V_jHK1;0I+OAEy!r0TFh}5UR+!VR5-A zAF@{1YDDnkFzA*(Mr`_Be_c~b(8uOc`A7;Xxl-ovO+tNYe*6N5p=b5C!l!~#0f1Lc~=~kf${sVhV zNP}fYZHym~3E4uwU!hKMrJ=i-a%r-5Qtuo3TB@LEEloGBH}MZVqu7!p!;VWVtD+P! zu7OmIb7UtpDaA)Pq~z}+o&JoY0?c^TK(E=!KTqE;n{?ZoQ6OPu%jkI{{kCjESSM$5M*G(IpjG?HxlgTYV(hKAAF}Vi7 zWn{&f);D1)-WhA}(yy(aa$18$k>9HYpum5HMQGD`x!1(me~dJbVaeot*70*+P7+eq zFsGx!TX-cg`fDWND}(x0jNzhqXd~NL;#+^ltn_+5LmTh*I)0ua96s;Sr$D;dkBIIf zeh?e&Xjt46oZ)y1z3bw3fBKvvNofU-^%U`#7_8b7T*MKJ28=XB7D=wk(DxJymlClT zGg`1Y3g<7Me+(>rO#_PFshp)#X$LJprU!$rV%Kd%$3kCft_f}j(JVIzLXNe6eR5gY z+Q!mNIv6GXc{`G*T8H%E?)+M7SqDGq?Cv4U$z$9C8SnQ8wfA?~|k0k{@wtklx+XsvzCE+KF zkJs_NqV2&lOWs2CT4T;@d~e?^17Qconq}0@xT@^fr;+{rHj2Gas^5#(tqjCf<1q=l z`RM5!ui54RE1k}huI`)(9moCi+m#aCu&QlMCiT-YRv5mU1*KPe~ZcQ;qNR69JxqrK+q|E1jQTsaTH1` z-&T%Z%`ifj`aLXI=&6V8JL)Jhn6Z@=$x_`3FD|neXR9tE_-qC%mSTC`swdfdk*(ze zA#`HAUGx2_qv(0_9YVpJ9pkh06oct!;{`CcMAKG`T*6m=f8ij_CZV= ze{#5PH6K_UyR_iLCxMTqlz0A$4^NqK@ZCqmEG1w^+qNi3+)gTO@548~KH0hKBR4FO zn{_n;`tU0%GQ>2=#K>~8Sg97iFGU~UXy&|wUZBZWMs4!g9jjtBF|k{YXYv+WR9{GQ zHX3k*u&iiQNf)v1-UDUMehixJe>V|Ffu!lG&W&dAtZYrs9U|M%57z^;!h0QL zYdy;h!ogS3zxV}cSI1oVkzmhiS&E8>Lw1X)=V9zqeYV0)3Efk3zEc>^nC8cte-=sl zY|Jw)V6u#wu_P?xsLK*IDqhpQ`0knf!Hi^hGrk`BqASd;X`i16*8EsZpD4&MYU}nB zMeB=!G%##FiFh+XyM^6?%6fpRK+t;y1dj}dCGjy7#F*67sN`X<9dCs8yv7lRT)&v) zEjQl@AqCQ@3z|eE2qlL7va6Zme?YPC9qOuF4m$%Q2J8EL4_O5D&_We=s6Qq7&kT&< zRM}V>#GD;y)M?cna`c`Cx-*FVvZeIo+?RG>(pzQk3>PD|-=d^Rfhnlw0p|M={_Z47 zX!U66`bb#r+o7&yvyZYssW5jGj~sx^w%elzSggu9Kt6E~~z!g}vwSi2>nn#zSz6kVsVfvfM;wu+494l_JFzpaIqPf6hmZN39G zAzg#hSExmzJ?&5ypQ=n(NpS!sQK34l7~Gl+AeSaf8$Q?;%T$Cu2C;i z>~fVY8Xp#sB>GO1pRL!hL6ZTt`wKB!N0@3soM`nSGBc$wjoET=r!eM*F4pA-G{Fw~ zO*+eJOb_^ARqRmsx&Wvv9Y|^t*(d1nD<<6kl8UwHb zXEsS;py0xg=&z=Re|q$wEmM<34qyR1Q4xL!=;}3pni%G<@B5otzW9M?G-U?uXAA-G z+y`a6J@oKRAD(QZKYo~aKz;Syb(vC=)|0^`oXpZN`}K(YaYRJ#E0~j!xri8}R1ew4 zMh6xNfvtM#)*7)ihxAy71)7<3>C-Qua*~Y9;CRHXEpxSSf1oZ`Ml^#t1HG~^o;KDC zZR~9&Mcr;&{hKEG?3o`m+1mrK#5OBmPd)?#6HFw!rrN8*~* z*S4}6r=QU4u^xM`OtwsG$Os`5)lZp+k8F+JwJtn>!;F-gSC8SzJI z-mu(ddaq9PKs2r_d;ogq4Z>9=V25K0?N6XDsE^W6$Sop35mu8(R&yyZK45o{sUbls z_Uv(=>ejm_P?1;|cQ#9V0f%VQe=Jo?*9lwSX2?-7Z7kM|<9JG-{mFm)+7Z#3>AuIx zfSu>Vf3V31M!jSD2h5WvFa5caz$v4Ju>@~onP zl$#7fI{2JZ^@EsHqp9zV9nF&Qr^@n_<4p48DN{dc%ugpswQA1vCU_^_z*;=q9+)oY zqJ8!^#?uUQ6~uDudD;0ZG+AAMEPG0oaKlY$_s#^6=z#wS6$>;+^Z6xJAU$Wg)UN)4r+RyB_dLV1c&JP;Rr_ zY5OmP{$)Plk|skIp6I2t9BjZC%c%^upUe;vZ67jL4|X~MsG7r_X7IGh1U;jvDpp53 z?nz-v>2xq${ZFnDrO#MWfD=+ZZ!>s{e_lLpE@!~^EvH{~)*H@cbwnhyG8Q-LtwR?M zE|OVe>@yp)c`3oKSVj{0r^A_fYHy17@P!U9w{SCvw(U=Q$95-Q+yqpcPS`%&&ud^J z@TQs}J)x~wq|CUt=6Tr8_EI`BL}?Wn&RaY&+KrDmCL46=k#kabApM|vBr{FG7_&=$ z6cNo(%o^`wBjiynh?On^ML zND#g2EBZKt!0CMhi~wHZi6@&8D^3u@2S#d3#7Lw;QWto09DW0p>V|Mzfcy ze*NlIu@w_cvglZ3(g_xrvYtuBwAM@-<_tQ^q%ev}EEwyU#8!_rC7BYzj-+Nv8_z6L zP6~zv@394|(Msl-77=rnX=#7dXn%ji$KP)f<7dSzjrdVrb*buFrUB%`h<`|Jy=o?@ z1*$ypHciXou)bxN0uwgc=gK=4jC>yA)d*f1nBx@M{NhFSe*&Luf1mLapf|KapAi7* z6Px&1Q%}xQ$1VZm_=NFsy6xE2#{N-!QtSc@{{_Gesx7Qm5q&=gdue|`>;LVS+STY% zX%B5eD=_>DFEb$MkOu0s7J9`28V;>Mvyl=WHNa(1Dp(wjsz74_K&S;)!!Ifa*=Pc9C53~mL7fG4 z-hv*o^om8$;5~{9))mkhNz|bk38aLW=tUT%?VF+W!(J_NIH`Zv2#>`Tb)b-f^3bED zK8KMS&Z1r!R6iB+S%g~qzIi060}D0)kEC;f6;xZ4NskZ(%+cA@9KvMbD!2oLD-#xA28|Yj*`L&mORE_No$$!Nxi0fQ=>c5J#a@ud+9#7rzSqM&GQPORFDQq zO96+6zbv&#>#%=SRMNpbOwshu?CO;9-!{61k^A!k$)O+Xeh2gm$Qr z2kj)+NTE=0iJp#uDNnrQ3tsV>*HwDHxaJLSdB?lIYZ|P6?~$IA@Q%0)3ii(! zc>iVm`P2I$10T|CwJ4g$NucEJNgyr8V22!tZ4TU!gW#Xwz>5I|*~J|N2bqLF`8$5b zFL=Sff{K3${#lDfktxYWbpKRMi+0Y_?PO6b`8ED>G&|$-%-RyXRjcLK)U@SnK;cbl z%6giaY}20TsIAZPl%{*27ueIQAhD2q_ zWg5O`B8Ds|@sNd=)uf)5)eJDp>+6IE1-(BmW$d+$jNe2QNxlvsiuWL1C=6==D0Lh1 zHz8by?n6@x(D}HoyeloO-Q5e7asRR}aO2V647&c}SCp!eP;-{GfWe4sD5u-m&@Nc2YKN zM=@knGu{-NfkcvhDyQANr5AACx(NVkO+PWNKUO8?z`c50wLb#-qjIr>HSS_nW{6d} zd#v{7SoN=C-OaOYd`j-(GjeXLqSLNqcmMM617Lq$13IXN>oI5adkF*ZXtK{hxw zvov$HQ?PL)pk%V-TJtE`Gdp=39C%zVN>2NIORwWZMyHxbMusX&Q%6`whbGf87XSNY z2@LryQi)q}p}Lii{zn6(3DD~CYj z%Gpi77QdbDj&zbyi}#bOD8d3boYNsw5up=|p`iCWL#&6jN%~zv8+wuE(XyTbI>oZ7 za%6ou^sNB42hccUqRskGsK@ImOD&J6tjmBd{iu-9#Z|rd2DX%n8_CIm7xHXxHB zwJ3j$P&-e=Fbv-NE6kP*F}9O5&I$tQn7bVesHYQ1M=Ra6E5Dtjy@%K?gA>K}_j>A@ z$Jda76AH%w-5!_(RRbhqBv$Blur+KQ6Oq{rmRmC&EsGgt#ija}>|x(3b!X zHH6cB8Pt`-d|Dj(j6&&t=S!2L6d_s!<$&zdMN#QBFJ1EoI5=y13T19&b98cLVQsUc z17a{7GBhv>FHB`_XLM*YATSCqOl59obZ8(kI5#yllOZ%He|clDXx*;mw$8R~+qP}n zwr$(i*|u%lwrv~zy?gsLZg;IeE6KkgG>Rr>F4hK)_zbiRP#pNi7Dmqah9+hfwor8c1(!9jF~O%35L6KoRHgd= zWEq>7{u?M^e`{)o|3CAMUF`px!_~ym$->SSpZp(s3VcTs17kZ|Yma}Y$=W$v7@6Rc z3)$IwI9iyQJL5CbGqB++o16SoAO3$!;mbSPS(^OAD&XR5Zs+KPZ|>}D@5E_l;cV_= zNNZ$gV`t=S;A&xKZ{TQb_rEJ-VEj)xQ5S3Lf3-vYe}A(7&qn?quz`(*wa5Ph|4*2j z$-n9*7qqjp`p=k!lcNMKfr&U|9;c?4>=`g zM>{JMH49^B^Z%1kP|(gD-;0KkgC3uTiIEwfk%gWfpM#yn=l@POa&dGtv335}AM;Nu z|81LE{4*C56L%9MsPz>)Bd%b}^sEf$I<&lze<@-0j&9IZ6SVaKxoZNeb1+n)2Fl6{ zBd^~{mtT`|L=OoqfVOt(PmZyOY<6@OdnT%GX6a5+9zppcTP?^_#I-;dC*1V$)RAPc zBi@{z?^RUHVBCEtkfjvBdmhfk**ciN_OR7N#)B9T_fdJQLKo)>`~=N(U$Ga!^C^Hj zfAoi)hy#uV$|-u`MO$+sLe!fUEU6vO`#m2tnf=qylY^InfkKt3Vth8YizkGuA``?C zF3!rk+8mi6f(4W#oi{fR(Kb&PrEK^}h$Uou{k(BzNn-fDf~oFH@$C+J(e2R8r{-kx z{PKw;eGlN%3Qhba_1l8Gkatgc-G+MUf7~0{Vk!rQeTEKL{3N;Rj_3|0r~5Q{n<{Q4 z4>U`JT3r>|#FbDE8jK_d@oqXEGu>|n3FFTq@+HQ@l%la7g>%#eRj2MO%kqH2SHnGZ zEwZwykM?xQie`q1y z?Ip+OdFnmW8Edxm1j?IQ3{m{pVNZTHT2Gy2lyMgVG-cLTLd)6f-C3?w1Z6{7ckA^u zo>^ZdqMV91n1T3)*3LtUuQ&W(=lpSTkee@e(gYso;TYViVO#ZJlbTHc@x4pFv_dy-I$(TRG; zVdJ`Mf|L>5!`*=CluNIT=!~iBOE$;jpay?p5nVv1@dLeT9L_uW>v$V0Er7IUeqLXO z+8LW1H0yvr>PwT79Q^k<W9(lbM9k6atd2~C}6h4{FfcqB|thBL_#&zH&=C0m5yEaKsA^@Vl zdh`YJqeTWRVw|dS&n{-)e=7j+8rv~0y{OSJK8V;X3k3<-c9H4EnJ08BNtXj!ph|Hq z9KL$*d!&w)dQ8j@ErYNZSdJ;K8tM~hnA4=O{IjNpceG>Ek`uo04E_>1`#cK<4S##e zevO@2MYL{%4beZ&$MhAE@iwv-%HKe@+sJ3PU5(v6PX_&|2P0 z7^cp;?bH;1=#_3bpyz~W3^QYsqNd(h!YE#^G1@|n0l9YCinl#MJ7dTuPgIdTiy+)6 z9nu(f;7?N`P-8P`wuryv^s6SWF1Qwo@SM}m@%b#``2&t0OZ5s;=eH7lV@K=!H0J3O zvV;~2RANIDf9tAc3k(>NC_^Gfl<3wdFMC#^7UHr)PyY_&_!G+YSvG$4q!@iH^5ijt zAeih2CR@4R{*4gH8+x*lx5cRDsgTr8!KP&3y+bAh`j{sFTNE~I&}_OhbQ2t@Nm4oz z6>vXgkFsal_|)r|3fQ6K2`Hsio&Ep^*#N!pWzRTI288W9R% zx@#S^vP!5s43M_lry8IZD9r9%IuijilAl5GX4(1ZWq)b|r_WIw+v+Tj#=ac%YK!bXAgF8$tna}1B=x34UEWyot0WU+XGiw(YIEPPhFH^` z6 zId2k&Ou*HP+Si40OCDH4SxS2m=P2^s5Y#dPf5;Q;9MO1{yp&0Q@}^qN0L!7AE^H(KJL(7%G$Q*&-|-A>z?ei@`SFw0`(^R#LS;EF_ZC(g`sXKQ)gDc?#qTu_Z@@Cf5~K= zPYOonjp4gF!84qvwD*cfAbagebtm-OG3C{bhRfw@{{gt-9N#`e=|6Pg4d%~b-#<2b z3mU17wY^@D-6&k9k$-?|yqlx?g=~tl%8{QVf17iH?(7<33?KD*GOxn0X;e47qmkzm zL4Vn3)9exl1GN1pxGQEXyDRfye~>-37@nGSx3Ds>=+O5&yCzx;3&r0nUa};zw zW^JC}z>n($D{`FjTVeuGHT&>*!|!`3(=NEF?P(`d-`90`3NcuipQ%S1PaFHTX{@*o z(b>aensu4WM5clFscWRfdAdkF7Kjb1iGT9YW|MMS_O@dDWvJut8x#vKf4$Dz{nrnA z9((djQ8#*SDu7-7m@swbdyzfL)oc45^var50JTH|a- zD5BFhT6-9&@G^{ZfF3OjmUj!fMxM|IYEd|`{b5grWmbCK<(%jTaJ9kOr1WES(IGNE z{DdtKM5>>|IW?SfY&=)Ke+_pJooN#noC^()Wz?pU;+jw-)C{8ILd*x0%tKxaLf>Yq`dn_@l2K~4e~H~yvmRi^G^lYB z?&iza`XY2m;g7elLh(vn1A@w`y6E57tZV`T7lbm=rHx5A;Vsd)#0%fRUh%$TTMfE} zR&@gF&O`rgrjOj#5?x$F?XIUqd04Sp!^FNlb(VYv%5(~xnf4BHc9eRcDsZs`9_hXg zy5GHa;hL}p5*hATf9FSyR!YCh`^K8#39%{PzEF>+{W)$i1Lh*<`N|X05F57io*O_z zl3RM+ZMW8#TU#L;O~B7SP4k`|veHFkkH7yx$ZcI&SQ;E8-rVM&H61QZvy=M1a(l3$54e;MZF(h6=L^pyOt{Zo0P zzZ>(#{;q-`saFx_)YD{im}69^PL_@!=Sd3Mo{k!X6nE6mLI_pDQ!3nuqGWzl^ZQX7 z0Y%#D?LyFVNiNs8y>JuY9Xj7@vRWXlu5GR3pvORn<$%qm{|C^IrqzBhx)&EGd9@Xu6k$Idnft*oB0OuTKCb8Th%Z2BdMwun@$FMu$$Yso z;lz%VM8AAV>fJ^CZg6`AdI>JIHX*Khf)5oWS6C zIw@FrBxHzzHweq~Z*a35skpVoUt;Kp)tqYVg@#}$tJd13=`fvHUgE#OC5eH-D&O|w z%cKX0#s{%@`H>0^<^??_yICm4oK^d1?CV71CE->Bva; zf4EW+g;gcBf_K(Kz{mrtGdk@hg^5Q8sHXHN(>@ER33UQ(a8`#F4O)hww<#+j2E=$s z(ZiB2$H!cyw5=) zB^L{$#PRn!B2X+ATU9h-w$`-OI&1Qef23h4yc(+V@Fj5OQHp6((3qr~EciliH=9Ef zNVniHD4HQ-#S)2>+2Osft5DQawDiYhRt-Wwv}e)wQ#yu`k-Pa#y3h6GQFF3w*JL>qA}Jm-!Ed@Ss#&EBdFp@b5|Hb5DmI< zmCZ|C4Z9V2rgkhy|3wM*Wdx!u7XDh~ucIxfh4eR@xug|$j1fB1kvwQ<;dRG{K?PhG$xxds)-9FkKzbtt3_@ z%D6xX*cN*lP0l2e=tGxY67VCI!peGAjwMIQ_u1(is<^BSM(^o9r7DN03>y# zNfoR;JbY6#+gR1=I4_Grx;nnPQP}n_2ynD8gM+ozLVuF52zLT35C5)j9NROJzdB^ryv+wZDik>uQxTA6wsNzVMiAL< zzy`MBsNLk53Vw2@ztf(;c%BhHZ;w(Qw(Sky{AEefzKtZOR^@orrH|y1cR4$WQ`DW# z#pV$IR0u<&{d;RQf8fm()zLJ1f8ACOhkjeRxFPOT%~|H-w_hNK>mIgIGQ-I>QAmY$ zVCUrx-X^%6-!Q8wLwNGU-Koc(D$FFYxq?X_k#EN3p`vROj=T~8f1uXMBbs0k6@^0S9T+hlwuJopv;VRhmSmQ>0+;}%ius64DKnKDp;>~rm@ zY_sw_X{yose+JJ|j*fWUV1yFoN`VvHDLs$dmdMbjG=Q>)&oFG#fqQv)o=s~h-qahH zg;X0~^86dDDaBxZ11xYvNxBs0V0Clf$8v9cqxI(}?P=ToKrgN)ryD92Zs9vh9k^sP ztrO;;(JJA+;PrWo<#ageX`Fj;(D!fJX4Keg2!j4>f9EFPX%>Yy=@q`=?O2hM*~jqq zID?lz(gxJm5_;PS{&v0*WIsEh3)QASeE6sidf0dUUO#XVAcD$nij6sGpv-9v@tZ8k zD&J{f+&nZ6ae!Qk;34~PB^O>s4yf;4SB$Jw`qodfgcGLe=i^#KX=JbZ&&kavy~=Ct zB1({Lf9JVpoNWBR z3i!ooxIX4s>$&HH&Zha9YnI3`aSp0mLrns+Tba|HQR?>gfRJAts_m|LiZF6%x8kQP zs-q9Wt{z%lCIjTxO3za@1aVtU>D+ zN?|68mVIIIj^CjI!!0UWtOV4YF90bC{6Ke+SmqV}vWnzSQ{^-F7NZ%{jcBB^9hL$U zRni>W^&AE&0jbA&=BH@ilAoU464Tnlx1Vi95u?iFjvM0@GIx@CoXu4L-pc$iygVxTe^Ggvw#-^Ff!RobSybKb^-Kg<*Ae! z5@k@xyCThB#OkR5NIv?4;;~Bp=r~d^qS}}5QdhUgoUqe#&eTiQl?RYZS>uh*zS}xh zPV@SWeYiYydcY6|Yel0_By6u6_{bZrznSB(0778rGC7#QRJKu#5Wc=IdJhG?e{OLn zAsQ2UyQkb~B{(g3#J!)+2(!Z}YRT1REE0KJ*E>oaB} z=!b%5gS!%;aGZ?%6@%Y7yN%Qv*>bL^^4iohD8A6BgeUYA1*^($3+?JY#qz9d!2m$t z_X6di&1c#hNh0|37;#d1<=Y(df2_>y?!CgH#F?d_3MkViZP(6oE&2^73AJM$iUtaH zs~kxqXC-AWNyq;6@cWv8EZuTPId{}^KKEDl$&fm@FpOH&)3>*JMJo!zF6k!Rne;SvDQX-1B ztPUSEDjqHi#!#8MErwAHyU@I`TojuA#j|!X9)qplE4;~wzlKwUZKwk0HQLTjQURHl zszffL*WxiYin2)|Vw!E8N}5=cvN`+1QWa>(bt2W|fCVMiO<(}gT9#b-x&P9Ax}g!y z6kuZUiUQRzsWH9s`rRJXf3i8aXac~u*P9}Y>gb@q49KZ~P;>ZLt$Bu%b22~dq1m9> z1sR7uRRh-BO5QxA-P6^5W9%Su(kw2#J6xt^LFM0yZH*h$%OefIibKk|60;a9>5R!u zEEGTJZZ3hdcf;lVv!lwv_YDiV<~~oiQy!gCeu^pXEu2~3H_sP1e_i2)wp=-&E5Tif zh$S=w!pUxnmK?0bBkrJ0Ggf(Y6`Jggyb~EYQ9zlp3OL)$FAFrm;^dE04Gx)A&^#1w?ZzLUtCb+$??VUD<}ty}!mf7bo&j}KGAZL0?pXp2c@ zVASj?H8pTpcrX(u<#gF+ttx{u66lW z2v_GJpbWA?e{0NJe+TLRM%W--P5w5}A)(|6$!hLIrh-JQ{!QaU1`oV!lE3EBcz!8-Yr{hTWv;|nRc8uy*#g%ch!I@!h1&Rj3)FGBu<}P|pTR~*pI;xDkheDK2o)XN{m|kvIiIggDM^|b-Y;UDm z1!jBqe{4f^!QGB@PriD|>oM_t@wG!x+%buJD`2;=vnPo}9-ZhsXpURB-`ahrnb2r) zs8&Vm*6B5buev$ym`N>3$L+jLK68?M`ZW>k!W)ZFQFeFS`pC8 ze+bj_NN)Wrs1=T}yT%JJQ!S{2f{|ZwRDWKV>~?3(=c%NfbL^){Iv_Mak!P(B^0JOL zb0xTO&*FB~_eKRz5e+XTBjafv0({RH7`prEDdKBjKJlIhe5ZM>8_aMb;%=~R(?J=G z0vTv%$cl-#8T)7Bgia6jqA-aQA^szcfBvPJP&SpsDFk9hV;^e7U(wRl&vWXrr))Bo zdS1m^+>fBlL1kyt_#GHF)RVPlck+06qlF5-CxUHn!R6YU2h zBUa!&yJsrqVx)|LLDzl=Uer8v;!OvwjekuFJGRpw^%*i4G7K%*_|sgW;JU&}Ica_W z28$*Nwz^?CBFMbIkz+kd@r2;O6o%w}uDzq`y-6(vnms>@v=mn4a{i1Of8@-*m2MGZ zzdA_)N!E2Pk)2x>nU?A?-Ca4_YESjj_tW_uI?zV;=3umcF zL=G6EqmRd*sTE@9=R{l(COY~4a}9tpzO=sQUO4$vY>c~a3OoK;G@Wd|3EYD;^BE#e z6}3>}o?~uRPtj>)vXN88e|@70myuvQi$*lXAPHS~QRcDnqs6>kvvy|uz90#_hq@j( z)Y7d&exyKe(`fLp7q&K;z~Ulebhr9&Q5Vr5#JU==CuLMo$Eujj@mu(G;!*i9EugpJo&CZo_v-(QV(O`qbwZhwevwxmnEtp~1+Ho%m*)2k{F6X#vJ(6*q z^oIy}>CUU9f|bCFe`wwNxcg-zez&Zm4n+w<0^nE?uA!@wYRK36;K$;aHTA>dc-VfHxQ(Z8)gYNx<ZEqa{i2x_H%w$Tz^Pv!-=lNf0wu?*B=^L3dVmacVZaO z_0lo`P>7+*)+1yr5WcGojQd0OgI^IJ!Eco1<=CDC0(}j9GSEna zQ$RKXtU%Ow(9HN*Hi~;Zt??wJ!?==T^J-IG7&>sKKV`L_mgbh~uU9(D&uL5E)CtW zjN3P^ZsZAE8{DZwqzi2N!n6<5RGMDPdA%loA$E&oR(dJ(w0e`T#Cy*}&6DX&lb17< zGX?z-Cdoi>*qZ%pDo1T>3ya*Bj$8|fr~+bD);&q1vrn+PP7Peujn7ApyjQ;J&q!pV z>{72se;Ip#9P8&&B~BNS7z&r#R1^y|*_)e>A-BG)x9$h5M>n9X9a z`hLr?v!BTE>D{!K_3gXRt=)Bww0P=s#(%ZsW=bc9@3UAoJ$pjGRUzebLh(a=|K3Ty ztZdZLKRYDGJ^fAs1nsQy;$6A2C{FaI}ZJ} zE(K&UyWP`;-t4A9SX#~+*PD^J518roRg?Z#oea=6`AD8`pcY<&Z{!No(Kt77_j1~q zfB$(qG(PE%4f7AFI?&%_*_(+n6eq+wrMM_cw(4rHiO1>3vK|bo zfiplVhd&eG%)o9C0D{ed^Ju?KNSaD}iPTGTN$OVm>43$0uK2U3M#4N-HF=o}AI?zN z+^MIpbRRM}VtZ1g7zp$vYH;n$gsENYf6$NXzGHhB*Rk~j4~2Fz(P>Ws!TG~TYqXD4 z%e=j#X<&e*0%em872qJEwE)aB6lA2w8#c#!M;>v>0`t8k1VkHw?B!DBQKDzr%G3 zq(}>lbZ4z|A^EHj0T*t6e7w~mMOAYF+FFq^dp(#{N+%?7isMBH&Smf}fAR^1UbSoV zck=^^om|5M<1UT9O?*$BUM(eujfud?^9-odDE^aXr9A9rHZN!ugc`gHih>gp`I5Ko zWC0Y*vfFoOJ__0LQl#(dD_1G8BD?gP8K386thOo<1?qOQ`xTc=hiqt}Vo}e7EI&G4 zuC~|2s?LSQg~_BPKl?qDe`tcR=QoR3q>JLoMX&B7jQk=GU%1de!T6e4Qge0aXnWa? z(tw1nzJ0t9SG-7BQp^-k)JfR?y4w4m+)`m9ALaih*Nnq)>+lG;wV2-A1||j#n~Gu| z6G?&VxQqkzOy|s=_Fzz)wkCR>Z5D7bI3}j%{Y<2XCV>X&sF{ZPe@a@jqsc>1q%U#* zl$7<=H)N3>lh}#U$q*od$XA&=)>KAKjfah8{%ZNDcSF8PF+^y@K9e4wGD<0-9;x_= zFdhgg2x%%%EFL60wC#Ll&jtDrDeQJvGZNbwcosdsXn(higFz5?B5g8*RnGA>CRO1R z+;3Rx5v?yEroK=#e;l9{`oh3LX_P?v63%a>u`&N=F{)}3cs-P=!ik^oq(N^MsWqbD z*1YlR@-7Sm{Oq`Abxkh?6XXY!tRDS=U5P#Mb20-Gjx_6pCc5N%Ar=72gMi!Y5A7T^ZUN)g}YEep}F^44yS z=W;7C&`^x6e*%g3V53U(u_;1E`AT-U({B`62AT{59RpYuu9Dz~8-8ED@{d{_FX><+ zqlB6);qnBTQj|%yeFKkte}-kE#O`GOI!>tk!C5k>Wd{hAhRZy?-us+=;Ch$%R9X2; z*|E|(>#Iz6u%?O?DLMw!2!{&WjsG)f-(5aKHgZ`pe;(n3ANJ4sPsn5f^)lH`lN2y1 zq)`_V-+B0~aCMTP*uzdc7~G&#K4H58E2qy6vQ-9i8%doE>WGM|C<_@W^6OH!279WG zoVCl4eNtz%WC|f3AaEyvBVu?VgC_{;uAkDP-w26q7?hD5*pA=O*#iaDxW@*Zs)_|A zz(MT{f4a4HdCyLkfW-X@a>gw^toH6iIJl*ZsAtRI`gyTV+bU>HOhdi^B5Cay>YsQE zd!`h-byPHOx54!|!ZWylkL+aC8x)q-g*IDL0a~@27EX}20l^%OSV9|tZw6rgZ2^Eb za+w|ni>tuyJ*GGFNWQ9Rrc$`ydsIfisnHjFf9Uv3m_fyg+WGb{usdb3Ih4Xx-1f0s zj^v_EsN(h^M$yU@M{{YB+k-8+W(jD?BKOy#dG{5)$_(hWs3D^w7|MKD>^#Nr!gbT+ zl!Y*Y^WOwps~$ZJ(#O)SKO5H3gEjV$EMV#-Qz_bK0rHXR+yg8UX$xO>)<$xgm*7Yn ze|^c?sM(*&%PQhygDKi+Ld`IyX!pSSm zbleek6Di)i@qGpu+Pk=IW#N(Xc3wL`k0hCqjW!u|pT zNFF@h$b(>?X-v@dc+$0_MQhg+X!6ukb3)p+=tI~o?2*PWeOf-F1$@0zanf14*%iK$ zq$M0AF~`}1PI%3JY>GoCZ z%QVG(Dxo9HbvzY5Xyyp;Z$3|<<6poIEe@VJO=59~v*Q4B-+N$i7P6O(&Po#T-jt%SjJ3mT0 zR!GQL>xgA`P|CG#={!=E%BW#FV5aRSOm+HJ2%8P$%)|pys1*K8PFh*+rkOoe*4d$E zkkXG)=XF!-Ii2^~pN3tjGE|K(Fy4%#{(UWTi$7v}jPyKo%#yx_f#pZfe>H9+W`C(~ zzCsCYVSP3=oFMa$@gMMkV4@pTKfw0tYPSb&CR&j?Lul-*tO%DmCQJH z<7dAj|7tHz+%4bxozZZ)=kx!TB|m7hjHp@;ZxOn#E5pX}u#`m*S?TQ_a-g}3GZDzq zN9IIG?Qf0x4bhO)S+@u>Xt38I=fAW#oG;(9L+xaJ@ z_dq*h#XU#$YhI-373agf^PMNsfb(q$Cn3H|*XjtP^C3A`I0d^vC(Sw2c3-C0H>qYY zVXssEqOE3|N&^VE>$lyPJ!Q|5{Gt~w%*|HONKwb8z5 z4Z2bXEteSdWs1`Le|ZPaI`YRjRI%%R|6pNY#ZA+^gE_E4`($%dHTkvsxHp7OC3=fQ zpz}hZL*1=B#_-y4VOtTqz#cVBOVnHHC+lq9R9fldC>6j!faOvL3z$iROxJH3$@YyfY*Nw=f>X@*9bDaa+ZM5xx=?q(U*nh^MhxbQbes>{&Bpu_6AE_q zfK?V)&rcKJe>^|4bsWBsX0b~oHAmj&prC=V0^0SkY_%jWi(oJiPQw3k&AqAi6>pN-<%28Nzlj1U_QL1#yFe@IF9(Qyt>z1cXo9uhEV^^vaDC=L89TB*JhTaY*A5O_(3{HqvJ?s1n2BQ8VPIs3%)4B^le0q$y-8P?bbRxc zMYYN@KhGUT1^MWrC9NXM%@uQd!*1(jauV%Me&EkaTv%Q(et_8?WH$EZiD+p0Arf3! ze=wGo*YHzcNgTq)@s`TwY|OjerA`GgM?48fye}r!W!tEh1ua}nZe6Gz4ju;ThWXal zv(ZID31m}JAKH@IINj#yo5U*Wd5v7As<7O0|1%+6I zy_HQE`d%9Pev8%_FDbEI!xq9t##1i{f5by36}srsomiB;rd=^whlbbYGn`oo1oBwb ze6Wm1w@@jLm>8E^o9X1>xeu@rD}loROkl{@F5g_uIxLEJ6$ESVs)H@rwX&H(FfVizFy--7xg8hJVC*3=7WMHCe;p%2 z?_q^OZk8%`IgzF`I#gd!1~k6F?H6^s+Qf1%2#PfKT_N!C5rDe>Tku8IR;x!6-DQ9asE7cFBu z3kFw19serm@lNUoUcxvovN9JFnwnD`yxH;W*8Y5&Ap1!@K6`%0D_Mb#8ST@0><)2Qnae5ska{2gdr9Cy(+hdzY;4 zLHx>6cM$!Wc{d_;S-TG)7n#*n{n_|;spEyRbYSoaf9})FWvYgK&U+yHgk9yJ?)^0> z3+Lq+Ly1Ks+ct85OaAZIe?ktmMkUz&2cGBCLy=Ak&n5Wa{kWBD_P4`hDVnSzkcw9l-J$bT2z>pUG~K}r^F>#;f8q^%R%}1rdF30- zgSo8YQ+@U_@@&v31c__>1fM6fJsqE303|s)u5268pkdT8QbtIVt?&L_TOl0ELlTOp z(fS#q@AIX|%2dHI*81NU$+CFDl93a?TtfkykeW?R&z>Fyo`~3<;NN*<==73w{QI0j z?ELt~u_@3|`~+BCe`t^j=uu!wh|ja>%-u10GL37nrq%W6=I~y# z(Me&hrHiOA7!-%F0@eIp--SZJI@9oZBdFB52>G1f9_%rK9{NY4C2kjT50SbZvH7nb zicVV|xIRS|-@Oy_aATn2Y70MA%EAgrx(fUPge7w+x5TxQf0hpJS8Bs1h{o&7RuhlM zlA1qx7iOq0fE^5L`TLtNBpnRCkTUKOe6>X~%L!#t zxnz8WIUPjb{j{nhE)JVm#Sy8-n!z8HEod%iaLrygr1OFaQv1>-z|W64Li3&RBE#<5 z|D5)2wxsW1e{HW74Q+?b5&kqQ!ikeKirL585aKgY=*bm<^iX9rl%CZe`6?coChab^ zF@#pE^(BYji;|j~Y4{T&2{;>mnVXl#m^}EcQu|JW&9}{h-cM`~pzXzkuB#@s2Rc7S zk;q>r;X>iU(ZV4DpsA$mR2MSYNwOjeC{>S$i1pZ@e-?Cvx=etLxPfGV!HvD6-pOR< z@cX~q(Xm|S-H_^ZY64R`FQt9pD;Cx4BVmr-CdknCtkoj)V{H@nPkE1j@eLE@rT&V-I!4{@WL?c%iF z2ZotsL8ZGAq;}4CM0?$I2lrb6dAi5(+kP|oN-zw`Vk3ZPeKD>XBof4XJxOpSl@?8x zEOgD<4uVtL^r<}yv483o-i|b?Wyjs%^v+RFnWTreIk2i)MkF=CI??bo_TtgU*FHOr ze@=a`VzMRTS}bq>VrXjk&KIMC;Uz>e3_I&(v3ZDA$Hz>yk^7=`7QH<=;!JrEcX$*b z@OD-~cviof)f(L2&SXZX9Ep7cL9*{rqcbbYQPl8dKAX@Xz0VsLg3sVql=C9RQHC&2 zF(k1VNr<#2dlxSE8E^^WpAEhLN9Yin}jxK>2Cv| zo9~8`ur-1k@aDwH(W-@sTe0clf81shvzGh7q|$m6hs9zI+xSd^7P?ei94QlvOfi+d z^RQ&mFCnjJG{&MnmNox~;mRe`uPnel>J4ILm7w8qwF1t(6C63aI_rP2C2SmTRs;zREbw;(vhJ>{J|(~h1njZ z-t{vp;wMLVR70fux+uECe+#(zeFQ4yn}LQlIg*#594AJ0D-W)}2@r7TGA5=C_re{C zrhok<6B-H9YGXD3s<$2^I!z>!4H34_1Cy#*P2vP1!9q6$zJdYRj`yiy=73HHmwB03 zmO$k5?t2Px8jTPmRBEG6swTIVyI6=!Aq}SdG{?3ZUoL?YLLBV!e;CyGVfMKhvTJg@ zO-i7cQXmU}(X<(EQwV?Wjjp|a)uSb2eEbqr;@a(94e|W(_kL0Z0g}J773BF}_tOV$ zBa~FV@npMlVzB6-jcTEY!G3>YqMJa$t2Z$G*&Nt7(48)wygVptR!Azex0o`v*T&zm zrp$vyaIjS3Arifke=L!0o9t8X&?@usd&a3x$S0MR@pwW3+K#}?swLuU>ZO<$^5-h< zGh&O=FKQ0d3IGl>VaBV4hBlxd%{6*6@r zDBT^8HOGCC)x)r$BT3PvhFQ&9#%Cym$QB7+-boJj(W*uVe`vvq*QR)$)Y$M!)SGC1 z)jgd0w~8nAyeO<@y9s>3F`AD6s4(Ki1JyDs$8mn+G%X_Pjd-fb+^<(xKTldH)#YCB z>AC?FXFfqSZAr8ea=MgFmtZSZF9aFo4GZ)l{z&h#Q#(4un~~eu*>}@m4j3Pj1a&n^ zm%4z#01@8jq4$cmVK*AKdA0ebDDqP?=gk`wcVA<*pSM(OF9mFf#o2)_fCG!` zQ$-Gp{D{Jbh@INN+V_@lu)w&982h!bBh2H-b__(be?@1^_=xDYR+4hgvFF^B+`b^2 zB_F~^VUu5fp?D7scIJ5h#c+z;B3`ZZ%c!0g9iODkM7e-TS9-N)wOo(U#gBfDEJ)5U z{>{3ji?gB_-G7St2KxNu6R8Eh18LC$f+TJ5?Bw@s5)yVqe+N(EP>GQHk!QB(whn7SqQk<#<KgQ5;I+kteVD6V|E{>=H(Y#l20d@f6}O^{i?kR!yapdZ~2BN#i(J0ol|h2O}K7j z+vdb}GI27oC$=WGoiDa++cqb*?M!SN=Rb97*SoKbP-NqEw2_)MYBq`k!tb1bQUx@a7>;aAU?#6P!6-YlUW@T$!FR zX_ z8eE#i{2nXZA+9Z>z5!UtkDx8&%>OJ|X?aU-Su2GkdbaQQ>^J$9t(?po-8*{L34R39 zTrwA*9-r&4n-+NG7hZz}7U?u#sa=bPuu=>AT{A>*U3(rxOd!;;1N~w$JHE( z#{P_dH6Oar(u#rd0rgUE?6vs}f_Qlo|aVoz@yRc{X zf%Wz#tfj-_<*_!0`(ZONEj?R9^Y- zzJgQ&VE<^y3Uowq{uqshjrzJoQKUM{Et#t}CK)%{`& zTghc|sh4L*07A}x-*tTl!?EJ|G3F%8%g}f|+vs|iWUalR>gxIgWlMPNxQWY>STjxF zgiVXrJqU_aH;aQ_N3Gp~*YbHftFE08ie&V97n5_G(AbOY zJu{WC8^e{SzXDCja{^1vMepBZ_0xH}&NNm7@@;=#)ljujS+Gw^1In(;{RZD66aEH3SWd<2Ep zGN#QRi&KQ{^)!_vsLq9Pz}<*^sH_hHvWh`g_Ia5nCLvGTa7Z~MKs=D-;=y}$!1F1T zXE><1E$uD}55@@W<##odlV(F0XN%)b7i!+7_at)-pF>P=f8m4@+g?5sYV7y~( zPDODH1>3rE&RZU9Q6(Y1S&_c1U^U)?Lrz)}QW9#c`VZFbSsD52Js#)expMv0TIoTP zx5hKU+}U7Lgf55_5Y?Y3>t9j2a;#ZnJQqk9KTAbgoxUYsk4g$vVoQznJTaLt-xAQlsNm|pK!Y~s=ljtUj*n`JYTbht; zap#14@6OU#Xm!$dGv*DVMW=&v*1H_F>@9&H|-tq)k&+TDE zUBq;*@LPd=%7Y&Q?OZ2ST(`z#X&%s{y{`tWz8vpvlUq8Z6Qv98rS%n$kJes(7nL|< zo1mX$I7~HPtl=(*1pHqgOXrNaBr2e3oKULC7I|oN;VQ9fy!s7|6Lg*8e>O~1?eBMl z=rizup2n7b@F%wWj|f23a>m=YSD+Q%xEYAR`Ar0JVghQr+NuPS`o_YOwbkh} zlu-!=abMNEzeLP5Uw&@>cj9^)0hcIYqU#S#`6#7g(-#us#71CI&kesktH@f3smpMV zda#LklN+9uR?;q^7`LBDe(NVC3F87IjTN(896*5Xxjrd0`wMJOdQc$PXh_%j&9SI|`o+00q9Z#J)c_@O-8waZrJua*=m zAej_NN#g(V7~%H1ZlPWJ1S29(-A_oaaRqMDZe~q2GmMOIX8ez>sE4QqXwl3sR7?Nq zfMen2D#p~4aqY555U`+INjNL659LT~+v|O6r&RGScaykvj^8$jGL3>G(}H5$7DZ>c zne%i_EIB!_nbe}efHZ?*)|Yz z(F!Xgu$sgXqZoEYH0{M=B{3sJ`Et55wrA&q%Z7$c1l zn$0{ds(;X=c3keyQ9w(iN+Ov6IDnom(^db}-%-0E2Widna#F%w7d4)uV+eQ+;fe;& z;hrTrStz8sixM??;D#k8nzFy$YIw<^vP6o9s8JawH$q#WV`^Vx3A7<_8JKH(+Y&l_ zCMAA2afyNbu6ql$t;pS5^ckdREO|yfgEs*&e!C<*ORXCJZ1Ki!GY*oO-U8UZl`?n+ zZ)=5c+ri4=yhOua;?2uy>d5UTc&jXJ$BfH^a(K@ZIach*s6h^25{^?AzgdKrm0&mq z16zoT9C-3Aql#k*-Zd7!BM3j;W*|FNc`V|HUjsqCbiAWLe>>5bmoJBNhIV93ts9Hs zA|c+@V$@m`BdYQJY2vcyC7#WK0xbg zK}B0(MmEfIeK(6{@!w@@S=tSP(d-fjsuxd8U&S&j`a$4u5v4orKmb4b+*Tw-sgxC; zSvmdEs|Os44U%WwN;Q)Fu`Z9H_d$zrc`i&s#U7?n>P`~!#*-)5;|Te(1KdgHG+{t> zXWj$bHG26L$VGB1m9|FBI&>mg;}fvF-U}N}l1d_$1GxESzHfPW24t{5RO%5M2vb`= zzk+4DCtViEg_MoK05&%+7IC#_k3p4xx)<3FV!9+y#~gKf|LG+en{ zM~LSNN!u->oTq?viL{-hx|S2vJ5I--YCu3`$r>~3Thwb0mTaI@(hu}pKe(`l*}nY8 z4I$Cqyx>a^dioL+7lB7&in?}2B zo>lh)$&TqVaH)Hb>a&yawJo)355$HkoHL{@9)br8s|}M{V^_Af{&`t*J&d2~`ZxA2 z9Xw(wNt&hWpfCgBMg zf}(3U2!DCQ=A4>=!EUN3#dwUh@qsixtcn|+%>{GE++l>1dUmi3r7N-;ddbg2`PybD za)#ShWB}+#;A>c=N}~scnDVzes6nKMG{|%o-E}d|FA3Ukh$x;U+cM}kWgVKCcVWvg%AmTi_00IEcYL$b*amLgvi4_Ju-L8We#0b`L3n zfW+~3uy6bvS7nlg07ypTo4}@JOB7%aw*NkMiWzF0Sd$gFG=FQuRjCi=2?X&`GORKA+b6 ztfxGKL=O@iDL;IUN(@xcBTl=jJP*knva+XR!0l%S17-}cvU`H5v#Ip88(1K%+Ru0X zmzIe;&S+xq1tb$0!;>>_;hqAlp^yD~QVP6Q<6lle@bos324AFZ_t%`UdKq0qzE(}u?B~m*v)FtSs!Q58}%L=QY7M%lrenG0e z!}o!HIB^RxW54Jhe*O8Tg>d@FMyPKJ;^h`5;5Urn6tYU=$0#e$8xDRDas(lbQS0?X z0lctZbOi5&N5k|+uR8Xza{ zGqhSLtGP5^suN*Y5C;4Ii0D!z8|Ohg;wu z0Ok92(l_x4p!%wB@wJ0a)3(0x9n<&$`2y^tK&N#d6Au#F>BhU^DTeOQ^xyX8d(QR- zRU$P9wEz5YQ^AF8UkGR_jQ#|AknI`)?xkP60quy|Wm}Rnt=@ ztQ*^h%{LY&#u;eyV0vbVb_CRhDkQ*H8CT+btV4{NYoN0tV{-VABg)>XhhjicpJE2V zNa`z1_2|Z@p^<3D6Q5Dq{j_aU)(>YR>pt&%>STgd%HOjc#KsGCf;+X9Tys@2T(ZBI zynfT}`s9IiL(mP{tO^9PY^HrF*3oNVvGo9p}fLK2qTyf>pGsi{)|`=7{4# zA1JUMX>_G~O2&pC6!pxAd+!Q!d)zq%a9cg3s8Pfaj<_*JJa@P5u_`>gCaoBSGseo` zLxKnIiCR9O@8>&E+ND?j!Mwx04(J-CxJ{Qup~D`ZSLCXmF#zbcxKPPCOpF}k_>JT> z9K!lr%QJX|deM=2jde#h!>h+FQVotsJDWQ@1NOD2-ntkUqI(oC7MLMAlRLB#QbJ0f zhsOzq!~3to&#qc4l*nsA$`f2NDIpDUW_|8|kB_=lL!nXA+JAQB>dE#EoE zUkV$Gh@5?tV+6cj*FbPy11NtkVtLDd?6D0qV%s(d^>f;qah#Q=sk^_W zPrTay3%S;wjx(%?J1b7@=Vuu>#mgU4$6R;`P7=zbvg3pC|=e zWyOWi-QwHN)Q01#Js#K|9tF8l<$+NjhVI}a#xR>m(EM|~v60LE8jSsjNSA$?T|RAh z(M=0cvVbBNI;sG6%XIQZ=f!#Dn(NjNmh7w2ri0WBd^Q*iWyid36AM%eNh_v4SPDOdRj&PqY>p-gCsMA5w9Uv$D;5)w41 ztnA`+GGqNzZcUe;@Rbq?ukNt4bLUuU8og~Sq5!5(%!jbp@h-;z1<&Q@MK+pEjb8-7l#_-MVtC-~U?HJKIb51ZJ9zvm3BYPPFKWpg+m z4ppApnW1bT&3gOYvH%6zjh_JXdtDqy$L#Uxi?70-Z4n30kq1k-jt%48MSqd1w1jVq zyObx?_f2f9??n=^WA6rR3)|J-B3osUO5lgjuPThPe};h_o7BeBhOs$}Q8d=-Im4WO z=<#=j{<&vZJJNfxy^mDT%FaENznPa(WRJWPACAh%XK+!XOfrPsaKne8S{wwo4lE}2 z{!LFzR~*|U)9P{5pgg=G+^*w7E88^oRQ%JD=Y2s%A-zU5@7r8eckUPStvmgGbO#apygWN7%r7?oau_rsp4XKroQzl05bY>NmfM!81qJ}Rck=4C#MHtB6b z7PF740PkNt!$vvL_UH6kyL2ufk<7_X9-qQYULchjSnC5P=9iC z$uTbH!g$7)lWn(|`-V|q3rz_BZ8mE~B^889W&$zvR7q?|>s?+dYplG*)ieIWOA}$i z@ylv&WMqCvZI!~y#1)ql+f&o6XutB;o#sOt7x%2FlI@=k%*Y#RZq!@R4jzD1N*M$^ zO%Tek4q@b;>jW}W7WqRw;_!4q7di6?A%zKU>X{;JSZ>Nf(NZHpnktQjaGtTuK{Xv# zRh{Z4ouVO(^&qvGo%`2fYuA8_JElhyY!O6MV+sWia)~VHo6_W0ZmawU28hmdOL_LQ zJR)^t4C5s@sTkyys1u%vLN*X`KP4j*tFB)OuWsbaL9SZ=`e#qRH6wuQVXm0YKG7tIg^Uak1Mw6R}{;O3cDpF6*ocAQA&uBY{(kOljZ!_rBL z1Xa)UGLLBpoOr(w!3bj?Y(e4vl|J=;SFM%aMdhhA)>jIVa$9LKh!^5}9%R zy4uk=)n}~7trA{-$LP##4Q*jE)r_l~(APkJ?GIa_I`bn275SdqU1ale;-L#_PAW>3 zKBO;Q-uhr!_X74ZJuodqa+AHtif3e*dkV&@vE6isQ_!3uNkwled6JqmALDiM%Qg>B z(ufA2MGfc5+MkCYQvZWXSv@E&IReHeKS=e~JO%3d@G-hlOWn+6U*4T#2!@L zxkyJha`Cp|Ca_K96lhbb+lFspXJqIz2WYaiL)yWe)B!zfboVOCk&~{6u{x}hY?^rM z1;GQy%f#C{wWhef>*L^^MDvlR zN3<*J`s2tIP;`dyS!{u=J)K%ia-ByscAkWlP@jqRK>kOnto2g^%7*E=*Gx9CcYS%P zF}}Qhgd{x@&DXQKuJAXbl!EoapLu^?z^>0?5a4ud;rA+H=-FjHpvj2)K2Zr!pFT>( zYDO8e{DyCWxT8bGTY{NuNQ@-t)*dGP9Na}m2w77^b&T{iEN#YvRIXfMC1+otU8gSt z6VK|f-g!A;Eg0rURGds-vZ~dbb&$DE1@INAXqFRvH;oC8Yh~=@Fr{KiVfp3S=Vr_z zfEC-*gzK##4w_x1`yJR*5!Aju-lQfIOd~w9e<}Wabx3dNSwa%qFmRRpLIP#V*yk}q zE719#9D%7g5ICb}-b~;RgDHKk=XI*W{!>;VSUu9zmSS=o_Kk`**#kB|Bvu~Bu)2i* z+)94Trgo_HnAZ83$e9_~;|wOxY7rrR0e>T`TwudsJU@(uaGf-o#`GtGvfA4JOKJtp zi(dCkbZ$;wEQ^|sm)xOB|Dq(_JbH^~(FK3otj?am#;PnVX$ zXDD+>)bvK4R7tKoPC=--QwuE3zjp^AyCX@ zZ!ng^aVTPojJy?dzkm3-Tf;wP0NRSqw6du|6G?IrW^0`$5p6P4z_ZWBf?i;g2$w75 zVF#Va9YSW>(=Quv;tL|6VJ0zhw#_m=-~t|U%`~Oy#4D{Z+(|SYwh0gIZ6`;@+Rwj0 z$%(71$hhEhSOw)E(I@gW*t2E&ObP`z+UmC?k_xR!w}qD-;fxcw2>$^AN?% ztSb3nfyqDpjQPh_%bry!%s}==8YAD+M>iCDwA8)AM;RMh|1+kRq(s?-C~Znk9NvGX;Jn9{kaDtl@> zyq0rKR&o};DlP22{d$4L&_3)ON59Ji9_c9pnosCCUM1dH)#AtV`x^)Po%1ugIqly$ zN|uZoz$O9b{q>TdX^|flEjBkF&slTcLz-(2!aoNttFEdLSSp%$xdMFfIqBxS z)pH)oZNpiQVe=E2K!M>(!P95Zp%X*oJCi4vqN#%rPcmV)na6-$lGQkRv2*`Rhwvln zx)=gF!LmNnOXEpG&17()r^~wd$+Qs^<+#J)3+v3S-H-|s;19u{blc{*C zd5x4%7fRD3XAbSwE_QnCzgs*Q*du&y5!^dSc_}dyjBXf%09KjlA_x1i{ztjdu)gBj zBhFyH)EcpB(m9oZ$dzBFU3)Xz%ig7~J`A`RH(MwkZRVXOC*ndS;eiuBh zr)!Pjc|Ra%P6xUTCoR^!7jue8Kvc8y?${te@SckW3GK&Fk7G-Zv5D!7;?{4PubwOo zg)m$E=5IAq11^I&lA^DRpKc`9#T-)U9*Qf3V2Td(Y@-84AgP zAA-1l>7{+{(GWmFYJ&eDys#*L_~AT(TymAeQA+#5_(~b zDaf*9F=7^@vr2GQBL!*5Z?7{yIgwjIg$iE4$H?4~!OV;u)o&1>iML(K-}t&BstkN<+o?DQ03 zc({MP^nTIP>TA`sESMzZA1GHO&MGP4YC(H@1M@2pOBsMYr=)ITZ;$5O@}j85pI#~Z z-(ns)El?M{4BT+bs3ag+p>_m9PQ9(I^S1?WJE<(Q%^q7eK!&UHl1eZ2^X&RC`=h$v8V6F{sg+z-si83 zrO)_rBs3X-Cj(*l9Isq%GO{ESxSAw3+Y`MvdM4Ae&OC0Ai~B3G{%j(owqE#b`IeXg zmYKSVoHjQpW-dX6oH=KyWwj4yj;Az+6l_hFtb{9%!INMcx;Vw}gXwn1Itu+mli?rs zmCtMZ$D5kH7-p)xq-h?{I#F}36(};IuLv7lS+*mh(|}Sn{Bk@26mA42pak&!=9&tc zD6E#frrM7@4b>FRt9U74@=QJdSgSvU(MlO2z`)-u;Ik3>i}uR#z`lFgWj9kysAA zNLb{^JpQCKzZ3c4l5kS4*?1JkjA-jbHR=6#Dt^g^hzQ5CAJP#eGkBv+#&SwRh0_jp z2qFMQBXeG`A9=YFI2L-R#z&0_D1d!=JsaDm1HTWDbHZdxzcazx_>ejtut6i``#I-Z zQ#hwLuGUhc#__n2u>CpZ9JxHm=b{>c5!MQ+!=dXj;P7F=+?6x$Gam95#?|9PJ5D9v zIh3xIaFUnyS`cRsu6k^QSHt%?*#>{!2y3miQo=+wK59J%)Gb@jFa}jzY{`)UwjQ93 zA#uFm)2F2C=@Yw&^rISpO*A2O@&)!XkHN%XDd*K1pYjZpKJl zUlp~!iEe)ifNwhLp9`zS+)GZ5#$57d-W6v$fyOEGPmcG!A)*AY+zeoW!=vXUwfYE2ABD2`A6sq@A*Jw->z zzI`6C?|FWyWMp#XnfeO?XEoeEQMk|rkIa{)tM}aIf%K5b!WB4@)<`TYT<}jN6eC_i ztFCgV$UYBsB7O>gWo!1=&9aQMRAP|$`vaCcK)h_Hv?AzeHzWB?KjPd}KW+1vw{}_i zz%F{DY4mf%wcBpkEvlI9Nz}yt{sY`K)Cm#3+#HH^sUYY00s)u#(!3_rc2gj4Fuy)o ztm^YFg!9e$b9J>fZ`kbaq;(0)O!{pMBWa@s-`X24`KmhA3DJ^(nx&LhC?QN&zDqM1 z&=#%E_aP{0u#(MdO7K7_T?#e*oLf~ILia)!Y5na!Ry>S1OWxLJpLu1N+NS^t zdP#+Stzs~Aqb1|z@W)|%YZ6Ok&2!KVU_)Iu{~sQxjkYTW`TgR9Ca(KTz4V3-H*sD0 z3(~dLGR#kf(WGcXEcMUnzn!2PXO6_xUa+osHzZ^$>!-wrszW0KrRZ|WBEDihCUfP} zzM2ZDqC$yl_a7gm2lOhYeX!JQVBhkOKWFDruboNwpuR7wUMSXAeuQ}P%C{gr16Xx) zqRbM5t_cRm>WG8npyOM9=sp=Z=}$xPubh;ZzjHcp)a|oJvvR5U_c-KFU~$cVW}72H zs;+1#gUy+eu-7xFd1Dm06e;VAT--%h!v>MiZio~9%p>^c4mzK-fy)?+twaH zUhl-aTZSWZ0*=`IAe=T^>;tt)HDgTKS#s%;Gy_#1jY4koy2HY#ImJK-aJfUNQRCS7CD_R z*Zf6Ii9ecHOH$d_{tECZ5R>t7ZXH`oaM!$VSbGU2niB_tlG1~;z+YR?A5y&ev zGEKe`ZbE32O9IjYbE}fqs#|iN18~d^$L~tHQI8)Bc5d%R#ho90Z!0pzrIy6Wcirkbt_*+*DatIg-3180Eh9_cJ>{&-od{e z!<`S`&bFdF;XAc{3KdC1vmZ&Ul$jG^Z&Kv)zG>s?dTj?+8bNL%)yr|pQDh}0h2;DTws+FzvpuN%d}LbQVD z7eDK^P{Y^nOPfkr%98N$E=;K;*|8$VoY>VLYuea7_9lzO9;* z7u;29yQ6=bEZ*k*NAdsFvM;GK3Wn-y*5+zNj)#F@g&NcjzrAH%GmZB!WB&0;2#5S@ zF(#=9R1A|1<>rCU@xcA8HKxV3VmTbscv176KoQte%QjB-6>q)5q>7JTMoDrAR@*z1 zKxh#5E?k%`%|KCcg|GTm?vV>!8G^rebfnnicWntrFW=~{p!vEima#J4?%m1hgBrL34 z|MgV;*XC8Nwqd&=j^eYTK4~1;xAu<645lHURV0P5qO@5MLX2a)%w-^Nb ztk^-1tMy0A3|>E4eB!&Rn&C?ZU1{sKgPikS8m&jZl1fxt&3*#CmzzlJ!!PtrsnF0L z@>QS&e0#mHAg@eF;f<=ipJ`ql5K*aAKPX>YN-L{B6JL_NVVJ*&L0Ze6>V8f=eBxXb zgI5CzQI&JWoFoFm;>Y9E=LTb9QhNAsL;+GTOz6cY6P|VPf8@yU88mCDg;wLxawu5m zk-%~H4J&O(3cb@Aid^U7geiFl4I@Xn@$PI>i# z>+}y$wi)5axu6O}hkldXBDjIMiKq=bVz~mWN$H_-DSSH?EPirQI+NiigpweV|GZ(7 z%qS}$X8bcXgtVx43E2I?1L3m=g;>mWDsXXxPEU6ENEE9mKzLShHYb9?@dtLZjd)h^ z7I_p$n*Xe!H75y)!W8={lKEAq{Y0qrOG0Jqjzi_p2sy+U(5w+09c%RGLn6%>O$Y$) zxbqI%M@PYX+?TN+Ym9G)%H(jwg~&YXcFAt2pWv(V*7MOJBr)nodOX}m5A4+g2tYZ- z;J7A1r}{)(uN{!n9taAJc=~_$;nCw3N@wxm$7Di}j5?5rPnhu#4O*lj{~PaVDIQ2# zobN-m*OzJ@oH49yxAONW%Jc`54=n&npjS3)UwUEliwyr7?BJ;La?Aw3vbrs(eiqxQ zi{|I3$?(0NA9iwK6X$m0_135@HQ1O!|8r#-2p8kH9z~KEDMlo~iL*CgUwuOD{*4za zV819QLmY=ESNwKIxpJRLgf|jz5c_c<1YNcL^xr*;h~r+2k_V0Wy{n7F#NY`y9v-a- z;$%GP~usg=)vHB*%__T7_Z!i_Joc7La9|Jy5SB-ilcd8O2jGSO^=m=c{L*K{p_ zxvPvYBUORd;wX8&FfH{N!|D?;!e>2ywM;j{ZqShnje%I=t|Gmqu_GNAQ1$W2zTN(} za!@QS>RDjkT97Btg_rkz6&Fp^Tx>J(7Bb75!IhE!ZOhTNa3Fse9WhGp5QOz3X70a9 zdJ}?Lda}A7Re+71^p{dSj$EhIC`O;k@?%&|q{$t9Lk>|`#Tz$W4sEZN_*btdJvEFj za5a&@)ql`-=IC(^bS48A6kvdD@^xgQ=h9;pxWig+Z3}$x&)347M=nC3G`Ub4be1tB zTI#*LydL`MaUuPgKX0e<1zKZ4v}*mzXz7cn@|{KP{$7K4d0arCn#h6X8D!iUSyAw> zG4a2>+JP8B48>d9G4jU0s4rWdk z(f>v#yO=mLGdl}2rx=?k`!8Wmu3y|DY@z}re8T^qBZ*j@Tw2Bk1}`&%eZw$=2vG