AzureADAssessment

2.2.41-preview

AzureADAssessmentPortable.psm1

                                <#

.SYNOPSIS

    Produces the Azure AD Hybrid Component data required by the Azure AD Assesment

.EXAMPLE

    PS C:\> Invoke-AADAssessmentHybridDataCollection

    Collect and package assessment data to "C:\AzureADAssessment".

.EXAMPLE

    PS C:\> Invoke-AADAssessmentHybridDataCollection -OutputDirectory "C:\Temp"

    Collect and package assessment data to "C:\Temp".

#>

function Invoke-AADAssessmentHybridDataCollection {

    [CmdletBinding()]

    param

    (

        # Specify directory to output data.

        [Parameter(Mandatory = $false)]

        [string] $OutputDirectory = (Join-Path $env:SystemDrive 'AzureADAssessment')

    )

    #$OutputDirectory = Join-Path $OutputDirectory "AzureADAssessment"

    $OutputDirectoryData = Join-Path $OutputDirectory "AzureADAssessmentData"

    ## ADFS Data Collection

    $ADFSService = Get-Service adfssrv -ErrorAction SilentlyContinue

    if ($ADFSService) {

        ## Create Output Directory

        $PackagePath = Join-Path $OutputDirectory "AzureADAssessmentData-ADFS-$env:COMPUTERNAME.zip"

        $OutputDirectoryADFS = Join-Path $OutputDirectoryData 'ADFS'

        if (!(Test-Path $OutputDirectoryADFS)) { New-Item $OutputDirectoryADFS -ItemType Container -ErrorAction Stop }

        ## Get ADFS Properties

        Get-AdfsProperties | Out-File (Join-Path $OutputDirectoryADFS 'ADFSProperties.txt')

        Get-AdfsProperties | ConvertTo-Json | Set-Content (Join-Path $OutputDirectoryADFS 'ADFSProperties.json')

        ## Get ADFS Endpoints

        Get-AADAssessADFSEndpoints | Export-Csv -Path (Join-Path $OutputDirectoryADFS 'ADFSEnabledEndpoints.csv') -NoTypeInformation:$false

        ## Get ADFS Configuration

        Export-AADAssessADFSConfiguration -OutputDirectory $OutputDirectoryADFS

        ## Event Data

        Export-AADAssessADFSAdminLog -OutputDirectory $OutputDirectoryADFS -DaysToRetrieve 15

        ## Package Output

        if ($PSVersionTable.PSVersion -ge [version]'5.0') {

            Compress-Archive (Join-Path $OutputDirectoryADFS '\*') -DestinationPath $PackagePath -Force -ErrorAction Stop

        }

        else {

            Add-Type -AssemblyName "System.IO.Compression.FileSystem"

            [System.IO.Compression.ZipFile]::CreateFromDirectory($OutputDirectoryADFS, $PackagePath)

        }

        ## Clean-Up Data Files

        Remove-Item $OutputDirectoryADFS -Recurse -Force

    }

    ## Azure AD Connect Data Collection

    $AADCService = Get-Service ADSync -ErrorAction SilentlyContinue

    if ($AADCService) {

        ## Create Output Directory

        $PackagePath = Join-Path $OutputDirectory "AzureADAssessmentData-AADC-$env:COMPUTERNAME.zip"

        $OutputDirectoryAADC = Join-Path $OutputDirectoryData 'AADC'

        if (!(Test-Path $OutputDirectoryAADC)) { New-Item $OutputDirectoryAADC -ItemType Container -ErrorAction Stop }

        ## AAD Connect Configuration

        Remove-Item (Join-Path $OutputDirectoryAADC 'AzureADConnectSyncConfig') -Recurse -Force -ErrorAction SilentlyContinue

        Get-ADSyncServerConfiguration -Path (Join-Path $OutputDirectoryAADC 'AzureADConnectSyncConfig')

        ## Event Data

        Get-AADAssessPasswordWritebackAgentLog -DaysToRetrieve 7 | Export-Csv -Path (Join-Path $OutputDirectoryAADC "AADPasswriteback-$env:COMPUTERNAME.csv") -NoTypeInformation:$false

        ## Package Output

        if ($PSVersionTable.PSVersion -ge [version]'5.0') {

            Compress-Archive (Join-Path $OutputDirectoryAADC '\*') -DestinationPath $PackagePath -Force -ErrorAction Stop

        }

        else {

            Add-Type -AssemblyName "System.IO.Compression.FileSystem"

            [System.IO.Compression.ZipFile]::CreateFromDirectory($OutputDirectoryAADC, $PackagePath)

        }

        ## Clean-Up Data Files

        Remove-Item $OutputDirectoryAADC -Recurse -Force

    }

    ## Azure AD App Proxy Connector Data Collection

    $AADAPService = Get-Service WAPCSvc -ErrorAction SilentlyContinue

    if ($AADAPService) {

        ## Create Output Directory

        $PackagePath = Join-Path $OutputDirectory "AzureADAssessmentData-AADAP-$env:COMPUTERNAME.zip"

        $OutputDirectoryAADAP = Join-Path $OutputDirectoryData 'AADAP'

        if (!(Test-Path $OutputDirectoryAADAP)) { New-Item $OutputDirectoryAADAP -ItemType Container -ErrorAction Stop }

        ## Event Data

        Get-AADAssessAppProxyConnectorLog -DaysToRetrieve 7 | Export-Csv -Path (Join-Path $OutputDirectoryAADAP "AzureADAppProxyConnectorLog-$env:COMPUTERNAME.csv") -NoTypeInformation:$false

        ## Package Output

        if ($PSVersionTable.PSVersion -ge [version]'5.0') {

            Compress-Archive (Join-Path $OutputDirectoryAADAP '\*') -DestinationPath $PackagePath -Force -ErrorAction Stop

        }

        else {

            Add-Type -AssemblyName "System.IO.Compression.FileSystem"

            [System.IO.Compression.ZipFile]::CreateFromDirectory($OutputDirectoryAADAP, $PackagePath)

        }

        ## Clean-Up Data Files

        Remove-Item $OutputDirectoryAADAP -Recurse -Force

    }

}

<#

.SYNOPSIS

    Exports the configuration of Relying Party Trusts and Claims Provider Trusts

.DESCRIPTION

    Creates and zips a set of files that hold the configuration of AD FS claim providers and relying parties.

    The output files are created under a directory called "ADFS" in the system drive.

.EXAMPLE

    PS C:\> Export-AADAssessADFSConfiguration "C:\AzureADAssessment"

    Export ADFS configuration to "C:\AzureADAssessment".

#>

function Export-AADAssessADFSConfiguration {

    [CmdletBinding()]

    param (

        # Specify directory to output data.

        [Parameter(Mandatory = $true)]

        [string] $OutputDirectory

    )

    $filePathBase = Join-Path $OutputDirectory 'apps'

    #$zipfileBase = Join-Path $OutputDirectory 'zip'

    #$zipfileName = Join-Path $zipfileBase "ADFSApps.zip"

    mkdir $filePathBase -ErrorAction SilentlyContinue

    #mkdir $zipfileBase -ErrorAction SilentlyContinue

    $AdfsRelyingPartyTrusts = Get-AdfsRelyingPartyTrust

    foreach ($AdfsRelyingPartyTrust in $AdfsRelyingPartyTrusts) {

        $RPfileName = $AdfsRelyingPartyTrust.Name.ToString()

        $CleanedRPFileName = Remove-InvalidFileNameCharacters $RPfileName

        $RPName = "RPT - " + $CleanedRPFileName

        $filePath = Join-Path $filePathBase ($RPName + '.xml')

        $AdfsRelyingPartyTrust | Export-Clixml -LiteralPath $filePath -ErrorAction SilentlyContinue

    }

    $AdfsClaimsProviderTrusts = Get-AdfsClaimsProviderTrust

    foreach ($AdfsClaimsProviderTrust in $AdfsClaimsProviderTrusts) {

        $CPfileName = $AdfsClaimsProviderTrust.Name.ToString()

        $CleanedCPFileName = Remove-InvalidFileNameCharacters $CPfileName

        $CPTName = "CPT - " + $CleanedCPFileName

        $filePath = Join-Path $filePathBase ($CPTName + '.xml')

        $AdfsClaimsProviderTrust | Export-Clixml -LiteralPath $filePath -ErrorAction SilentlyContinue

    }

    #If (Test-Path $zipfileName) {

    #    Remove-Item $zipfileName

    #}

    #Add-Type -assembly "system.io.compression.filesystem"

    #[io.compression.zipfile]::CreateFromDirectory($filePathBase, $zipfileName)

    #Invoke-Item $zipfileBase

}

<#

.SYNOPSIS

    Gets the list of all enabled endpoints in ADFS

.DESCRIPTION

    Gets the list of all enabled endpoints in ADFS

.EXAMPLE

    PS C:\> Get-AADAssessADFSEndpoints | Export-Csv -Path ".\ADFSEnabledEndpoints.csv"

    Export ADFS enabled endpoints to CSV.

#>

function Get-AADAssessADFSEndpoints {

    Get-AdfsEndpoint | Where-Object { $_.Enabled -eq "True" }

}

<#

.SYNOPSIS

    Gets the AD FS Admin Log

.DESCRIPTION

    This function exports the events from the AD FS Admin log

.EXAMPLE

    PS C:\> Export-AADAssessADFSAdminLog -DaysToRetrieve 7

    Get the last seven days of logs.

#>

function Export-AADAssessADFSAdminLog {

    [CmdletBinding()]

    param

    (

        # Specify directory to output data.

        [Parameter(Mandatory = $true)]

        [string] $OutputDirectory,

        # Specify how far back in the past will the events be retrieved

        [Parameter(Mandatory = $true)]

        [int] $DaysToRetrieve

    )

    $TimeSpan = New-TimeSpan -Day $DaysToRetrieve

    $XPathQuery = '*[System[TimeCreated[timediff(@SystemTime) <= {0}]]]' -f $TimeSpan.TotalMilliseconds

    #Get-WinEvent -FilterXPath $XPathQuery

    #Get-WinEvent -FilterHashtable @{ LogName = 'AD FS/Admin'; StartTime = ((Get-Date) - $TimeSpan) }

    Export-EventLog -Path (Join-Path $OutputDirectory "ADFS-$env:COMPUTERNAME.evtx") -LogName 'AD FS/Admin' -Query $XPathQuery -Overwrite

}

<#

.SYNOPSIS

    Gets Azure AD Application Proxy Connector Logs

.DESCRIPTION

    This functions returns the events from the Azure AD Application Proxy Connector Admin Log

.EXAMPLE

    PS C:\> $targetGalleryApp = "GalleryAppName"

    PS C:\> $targetGroup = Get-AzureADGroup -SearchString "TestGroupName"

    PS C:\> $targetAzureADRole = "TestRoleName"

    PS C:\> $targetADFSRPId = "ADFSRPIdentifier"

    PS C:\> $RP=Get-AdfsRelyingPartyTrust -Identifier $targetADFSRPId

    PS C:\> $galleryApp = Get-AzureADApplicationTemplate -DisplayNameFilter $targetGalleryApp

    PS C:\> $RP=Get-AdfsRelyingPartyTrust -Identifier $targetADFSRPId

    PS C:\> New-AzureADAppFromADFSRPTrust `

    -AzureADAppTemplateId $galleryApp.id `

    -ADFSRelyingPartyTrust $RP `

    -TestGroupAssignmentObjectId $targetGroup.ObjectId `

    -TestGroupAssignmentRoleName $targetAzureADRole

#>

function Get-AADAssessAppProxyConnectorLog {

    [CmdletBinding()]

    param

    (

        # Indicates how far back in the past will the events be retrieved

        [Parameter(Mandatory = $true)]

        [int] $DaysToRetrieve

    )

    $TimeFilter = $DaysToRetrieve * 86400000

    $EventFilterXml = '<QueryList><Query Id="0" Path="Microsoft-AadApplicationProxy-Connector/Admin"><Select Path="Microsoft-AadApplicationProxy-Connector/Admin">*[System[TimeCreated[timediff(@SystemTime) &lt;= {0}]]]</Select></Query></QueryList>' -f $TimeFilter

    Get-WinEvent -FilterXml $EventFilterXml

}

<#

.SYNOPSIS

    Gets the Azure AD Password Writeback Agent Log

.DESCRIPTION

    This functions returns the events from the Azure AD Password Write Bag source from the application Log

.EXAMPLE

    PS C:\> Get-AADAssessPasswordWritebackAgentLog -DaysToRetrieve 7 | Export-Csv -Path ".\AzureADAppProxyLogs-$env:ComputerName.csv"

    Get the last seven days of logs and saves them on a CSV file

#>

function Get-AADAssessPasswordWritebackAgentLog {

    [CmdletBinding()]

    param

    (

        # Indicates how far back in the past will the events be retrieved

        [Parameter(Mandatory = $true)]

        [int] $DaysToRetrieve

    )

    $TimeFilter = $DaysToRetrieve * 86400000

    $EventFilterXml = "<QueryList><Query Id='0' Path='Application'><Select Path='Application'>*[System[Provider[@Name='PasswordResetService'] and TimeCreated[timediff(@SystemTime) &lt;= {0}]]]</Select></Query></QueryList>" -f $TimeFilter

    Get-WinEvent -FilterXml $EventFilterXml

}

### ==================

###  Helper Functions

### ==================

<#

.SYNOPSIS

    Decompose characters to their base character equivilents and remove diacritics.

.DESCRIPTION

.EXAMPLE

    PS C:\>Remove-Diacritics 'àáâãäåÀÁÂÃÄÅﬁ⁵ẛ'

    Decompose characters to their base character equivilents and remove diacritics.

.EXAMPLE

    PS C:\>Remove-Diacritics 'àáâãäåÀÁÂÃÄÅﬁ⁵ẛ' -CompatibilityDecomposition

    Decompose composite characters to their base character equivilents and remove diacritics.

.INPUTS

    System.String

.LINK

    https://github.com/jasoth/Utility.PS

#>

function Remove-Diacritics {

    [CmdletBinding()]

    param

    (

        # String value to transform.

        [Parameter(Mandatory = $true, Position = 0, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)]

        [AllowEmptyString()]

        [string[]] $InputStrings,

        # Use compatibility decomposition instead of canonical decomposition which further decomposes composite characters and many formatting distinctions are removed.

        [Parameter(Mandatory = $false, ValueFromPipelineByPropertyName = $true)]

        [switch] $CompatibilityDecomposition

    )

    process {

        [System.Text.NormalizationForm] $NormalizationForm = [System.Text.NormalizationForm]::FormD

        if ($CompatibilityDecomposition) { $NormalizationForm = [System.Text.NormalizationForm]::FormKD }

        foreach ($InputString in $InputStrings) {

            $NormalizedString = $InputString.Normalize($NormalizationForm)

            $OutputString = New-Object System.Text.StringBuilder

            foreach ($char in $NormalizedString.ToCharArray()) {

                if ([Globalization.CharUnicodeInfo]::GetUnicodeCategory($char) -ne [Globalization.UnicodeCategory]::NonSpacingMark) {

                    [void] $OutputString.Append($char)

                }

            }

            Write-Output $OutputString.ToString()

        }

    }

}

<#

.SYNOPSIS

    Remove invalid filename characters from string.

.DESCRIPTION

.EXAMPLE

    PS C:\>Remove-InvalidFileNameCharacters 'à/1\b?2|ć*3<đ>4 ē'

    Remove invalid filename characters from string.

.EXAMPLE

    PS C:\>Remove-InvalidFileNameCharacters 'à/1\b?2|ć*3<đ>4 ē' -RemoveDiacritics

    Remove invalid filename characters and diacritics from string.

.INPUTS

    System.String

.LINK

    https://github.com/jasoth/Utility.PS

#>

function Remove-InvalidFileNameCharacters {

    [CmdletBinding()]

    param

    (

        # String value to transform.

        [Parameter(Mandatory = $true, Position = 0, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)]

        [AllowEmptyString()]

        [string[]] $InputStrings,

        # Character used as replacement for invalid characters. Use '' to simply remove.

        [Parameter(Mandatory = $false)]

        [string] $ReplacementCharacter = '-',

        # Replace characters with diacritics to their non-diacritic equivilent.

        [Parameter(Mandatory = $false)]

        [switch] $RemoveDiacritics

    )

    process {

        foreach ($InputString in $InputStrings) {

            [string] $OutputString = $InputString

            if ($RemoveDiacritics) { $OutputString = Remove-Diacritics $OutputString -CompatibilityDecomposition }

            $OutputString = [regex]::Replace($OutputString, ('[{0}]' -f [regex]::Escape([System.IO.Path]::GetInvalidFileNameChars() -join '')), $ReplacementCharacter)

            Write-Output $OutputString

        }

    }

}

<#

.SYNOPSIS

    Exports events from an event log.

.DESCRIPTION

.EXAMPLE

    PS C:\>Export-EventLog 'C:\ADFS-Admin.evtx' -LogName 'AD FS/Admin'

    Export all logs from "AD FS/Admin" event log.

.INPUTS

    System.String

#>

function Export-EventLog {

    [CmdletBinding()]

    param

    (

        # Path to the file where the exported events will be stored

        [Parameter(Mandatory = $true)]

        [string] $Path,

        # Name of log

        [Parameter(Mandatory = $true)]

        [string] $LogName,

        # Defines the XPath query to filter the events that are read or exported.

        [Parameter(Mandatory = $false)]

        [Alias('q')]

        [string] $Query,

        # Specifies that the export file should be overwritten.

        [Parameter(Mandatory = $false)]

        [Alias('ow')]

        [switch] $Overwrite

    )

    $argsWevtutil = New-Object 'System.Collections.Generic.List[System.String]'

    $argsWevtutil.Add('export-log')

    $argsWevtutil.Add($LogName)

    $argsWevtutil.Add($Path)

    if ($Query) { $argsWevtutil.Add(('/q:"{0}"' -f $Query)) }

    if ($PSBoundParameters.ContainsKey('Overwrite')) { $argsWevtutil.Add(('/ow:{0}' -f $Overwrite)) }

    wevtutil $argsWevtutil.ToArray()

}

Export-ModuleMember Invoke-AADAssessmentHybridDataCollection

Export-ModuleMember Export-AADAssessADFSConfiguration

Export-ModuleMember Get-AADAssessADFSEndpoints

Export-ModuleMember Export-AADAssessADFSAdminLog

Export-ModuleMember Get-AADAssessAppProxyConnectorLog

Export-ModuleMember Get-AADAssessPasswordWritebackAgentLog

# SIG # Begin signature block

# MIIntgYJKoZIhvcNAQcCoIInpzCCJ6MCAQExDzANBglghkgBZQMEAgEFADB5Bgor

# BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG

# KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCC31ZVPqaswGiZd

# LGNm3d3T6FHeMgAGKsZp8xM7SdoXhqCCDYEwggX/MIID56ADAgECAhMzAAACUosz

# qviV8znbAAAAAAJSMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNVBAYTAlVTMRMwEQYD

# VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy

# b3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNpZ25p

# bmcgUENBIDIwMTEwHhcNMjEwOTAyMTgzMjU5WhcNMjIwOTAxMTgzMjU5WjB0MQsw

# CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9u

# ZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMR4wHAYDVQQDExVNaWNy

# b3NvZnQgQ29ycG9yYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB

# AQDQ5M+Ps/X7BNuv5B/0I6uoDwj0NJOo1KrVQqO7ggRXccklyTrWL4xMShjIou2I

# sbYnF67wXzVAq5Om4oe+LfzSDOzjcb6ms00gBo0OQaqwQ1BijyJ7NvDf80I1fW9O

# L76Kt0Wpc2zrGhzcHdb7upPrvxvSNNUvxK3sgw7YTt31410vpEp8yfBEl/hd8ZzA

# v47DCgJ5j1zm295s1RVZHNp6MoiQFVOECm4AwK2l28i+YER1JO4IplTH44uvzX9o

# RnJHaMvWzZEpozPy4jNO2DDqbcNs4zh7AWMhE1PWFVA+CHI/En5nASvCvLmuR/t8

# q4bc8XR8QIZJQSp+2U6m2ldNAgMBAAGjggF+MIIBejAfBgNVHSUEGDAWBgorBgEE

# AYI3TAgBBggrBgEFBQcDAzAdBgNVHQ4EFgQUNZJaEUGL2Guwt7ZOAu4efEYXedEw

# UAYDVR0RBEkwR6RFMEMxKTAnBgNVBAsTIE1pY3Jvc29mdCBPcGVyYXRpb25zIFB1

# ZXJ0byBSaWNvMRYwFAYDVQQFEw0yMzAwMTIrNDY3NTk3MB8GA1UdIwQYMBaAFEhu

# ZOVQBdOCqhc3NyK1bajKdQKVMFQGA1UdHwRNMEswSaBHoEWGQ2h0dHA6Ly93d3cu

# bWljcm9zb2Z0LmNvbS9wa2lvcHMvY3JsL01pY0NvZFNpZ1BDQTIwMTFfMjAxMS0w

# Ny0wOC5jcmwwYQYIKwYBBQUHAQEEVTBTMFEGCCsGAQUFBzAChkVodHRwOi8vd3d3

# Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NlcnRzL01pY0NvZFNpZ1BDQTIwMTFfMjAx

# MS0wNy0wOC5jcnQwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQsFAAOCAgEAFkk3

# uSxkTEBh1NtAl7BivIEsAWdgX1qZ+EdZMYbQKasY6IhSLXRMxF1B3OKdR9K/kccp

# kvNcGl8D7YyYS4mhCUMBR+VLrg3f8PUj38A9V5aiY2/Jok7WZFOAmjPRNNGnyeg7

# l0lTiThFqE+2aOs6+heegqAdelGgNJKRHLWRuhGKuLIw5lkgx9Ky+QvZrn/Ddi8u

# TIgWKp+MGG8xY6PBvvjgt9jQShlnPrZ3UY8Bvwy6rynhXBaV0V0TTL0gEx7eh/K1

# o8Miaru6s/7FyqOLeUS4vTHh9TgBL5DtxCYurXbSBVtL1Fj44+Od/6cmC9mmvrti

# yG709Y3Rd3YdJj2f3GJq7Y7KdWq0QYhatKhBeg4fxjhg0yut2g6aM1mxjNPrE48z

# 6HWCNGu9gMK5ZudldRw4a45Z06Aoktof0CqOyTErvq0YjoE4Xpa0+87T/PVUXNqf

# 7Y+qSU7+9LtLQuMYR4w3cSPjuNusvLf9gBnch5RqM7kaDtYWDgLyB42EfsxeMqwK

# WwA+TVi0HrWRqfSx2olbE56hJcEkMjOSKz3sRuupFCX3UroyYf52L+2iVTrda8XW

# esPG62Mnn3T8AuLfzeJFuAbfOSERx7IFZO92UPoXE1uEjL5skl1yTZB3MubgOA4F

# 8KoRNhviFAEST+nG8c8uIsbZeb08SeYQMqjVEmkwggd6MIIFYqADAgECAgphDpDS

# AAAAAAADMA0GCSqGSIb3DQEBCwUAMIGIMQswCQYDVQQGEwJVUzETMBEGA1UECBMK

# V2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0

# IENvcnBvcmF0aW9uMTIwMAYDVQQDEylNaWNyb3NvZnQgUm9vdCBDZXJ0aWZpY2F0

# ZSBBdXRob3JpdHkgMjAxMTAeFw0xMTA3MDgyMDU5MDlaFw0yNjA3MDgyMTA5MDla

# MH4xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdS

# ZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMT

# H01pY3Jvc29mdCBDb2RlIFNpZ25pbmcgUENBIDIwMTEwggIiMA0GCSqGSIb3DQEB

# AQUAA4ICDwAwggIKAoICAQCr8PpyEBwurdhuqoIQTTS68rZYIZ9CGypr6VpQqrgG

# OBoESbp/wwwe3TdrxhLYC/A4wpkGsMg51QEUMULTiQ15ZId+lGAkbK+eSZzpaF7S

# 35tTsgosw6/ZqSuuegmv15ZZymAaBelmdugyUiYSL+erCFDPs0S3XdjELgN1q2jz

# y23zOlyhFvRGuuA4ZKxuZDV4pqBjDy3TQJP4494HDdVceaVJKecNvqATd76UPe/7

# 4ytaEB9NViiienLgEjq3SV7Y7e1DkYPZe7J7hhvZPrGMXeiJT4Qa8qEvWeSQOy2u

# M1jFtz7+MtOzAz2xsq+SOH7SnYAs9U5WkSE1JcM5bmR/U7qcD60ZI4TL9LoDho33

# X/DQUr+MlIe8wCF0JV8YKLbMJyg4JZg5SjbPfLGSrhwjp6lm7GEfauEoSZ1fiOIl

# XdMhSz5SxLVXPyQD8NF6Wy/VI+NwXQ9RRnez+ADhvKwCgl/bwBWzvRvUVUvnOaEP

# 6SNJvBi4RHxF5MHDcnrgcuck379GmcXvwhxX24ON7E1JMKerjt/sW5+v/N2wZuLB

# l4F77dbtS+dJKacTKKanfWeA5opieF+yL4TXV5xcv3coKPHtbcMojyyPQDdPweGF

# RInECUzF1KVDL3SV9274eCBYLBNdYJWaPk8zhNqwiBfenk70lrC8RqBsmNLg1oiM

# CwIDAQABo4IB7TCCAekwEAYJKwYBBAGCNxUBBAMCAQAwHQYDVR0OBBYEFEhuZOVQ

# BdOCqhc3NyK1bajKdQKVMBkGCSsGAQQBgjcUAgQMHgoAUwB1AGIAQwBBMAsGA1Ud

# DwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFHItOgIxkEO5FAVO

# 4eqnxzHRI4k0MFoGA1UdHwRTMFEwT6BNoEuGSWh0dHA6Ly9jcmwubWljcm9zb2Z0

# LmNvbS9wa2kvY3JsL3Byb2R1Y3RzL01pY1Jvb0NlckF1dDIwMTFfMjAxMV8wM18y

# Mi5jcmwwXgYIKwYBBQUHAQEEUjBQME4GCCsGAQUFBzAChkJodHRwOi8vd3d3Lm1p

# Y3Jvc29mdC5jb20vcGtpL2NlcnRzL01pY1Jvb0NlckF1dDIwMTFfMjAxMV8wM18y

# Mi5jcnQwgZ8GA1UdIASBlzCBlDCBkQYJKwYBBAGCNy4DMIGDMD8GCCsGAQUFBwIB

# FjNodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2RvY3MvcHJpbWFyeWNw

# cy5odG0wQAYIKwYBBQUHAgIwNB4yIB0ATABlAGcAYQBsAF8AcABvAGwAaQBjAHkA

# XwBzAHQAYQB0AGUAbQBlAG4AdAAuIB0wDQYJKoZIhvcNAQELBQADggIBAGfyhqWY

# 4FR5Gi7T2HRnIpsLlhHhY5KZQpZ90nkMkMFlXy4sPvjDctFtg/6+P+gKyju/R6mj

# 82nbY78iNaWXXWWEkH2LRlBV2AySfNIaSxzzPEKLUtCw/WvjPgcuKZvmPRul1LUd

# d5Q54ulkyUQ9eHoj8xN9ppB0g430yyYCRirCihC7pKkFDJvtaPpoLpWgKj8qa1hJ

# Yx8JaW5amJbkg/TAj/NGK978O9C9Ne9uJa7lryft0N3zDq+ZKJeYTQ49C/IIidYf

# wzIY4vDFLc5bnrRJOQrGCsLGra7lstnbFYhRRVg4MnEnGn+x9Cf43iw6IGmYslmJ

# aG5vp7d0w0AFBqYBKig+gj8TTWYLwLNN9eGPfxxvFX1Fp3blQCplo8NdUmKGwx1j

# NpeG39rz+PIWoZon4c2ll9DuXWNB41sHnIc+BncG0QaxdR8UvmFhtfDcxhsEvt9B

# xw4o7t5lL+yX9qFcltgA1qFGvVnzl6UJS0gQmYAf0AApxbGbpT9Fdx41xtKiop96

# eiL6SJUfq/tHI4D1nvi/a7dLl+LrdXga7Oo3mXkYS//WsyNodeav+vyL6wuA6mk7

# r/ww7QRMjt/fdW1jkT3RnVZOT7+AVyKheBEyIXrvQQqxP/uozKRdwaGIm1dxVk5I

# RcBCyZt2WwqASGv9eZ/BvW1taslScxMNelDNMYIZizCCGYcCAQEwgZUwfjELMAkG

# A1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQx

# HjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEoMCYGA1UEAxMfTWljcm9z

# b2Z0IENvZGUgU2lnbmluZyBQQ0EgMjAxMQITMwAAAlKLM6r4lfM52wAAAAACUjAN

# BglghkgBZQMEAgEFAKCBrjAZBgkqhkiG9w0BCQMxDAYKKwYBBAGCNwIBBDAcBgor

# BgEEAYI3AgELMQ4wDAYKKwYBBAGCNwIBFTAvBgkqhkiG9w0BCQQxIgQgiuZiLESD

# vi01156lRZs/PSIcpYzvpIV2l/6sgM4bOhswQgYKKwYBBAGCNwIBDDE0MDKgFIAS

# AE0AaQBjAHIAbwBzAG8AZgB0oRqAGGh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbTAN

# BgkqhkiG9w0BAQEFAASCAQC52zwwR/eOcXDU5ICWkYSh1qALUJfwSXz7yTGeRVye

# 9xWnruoknj7ZhzGxRIgz96EU9BShmq7G3WSz1P/Dp9qlRKRsP3OkF+pRWg2jJFpo

# vlkFklTVEgqzSb0c9QwAce+J+PxS3DU70goQg0reWx13P9iebwpINNYm16EaEyko

# 6CXN7Z7oHZJ2b9uY2uIXKkpdl+Rf0rFdB83/3HfDb0tbhvpXen4RInbdND+04dz5

# zi5CQrVntcX295M8Ybla9O35zJvjb8Sv4Vz8hNijylqCDSIQhnZKaJ3V6Xae+ghJ

# h5kW3wMeVVHNxL7msFT/QJJwEGWmbq8DfFBC/OiS0u7soYIXFTCCFxEGCisGAQQB

# gjcDAwExghcBMIIW/QYJKoZIhvcNAQcCoIIW7jCCFuoCAQMxDzANBglghkgBZQME

# AgEFADCCAVgGCyqGSIb3DQEJEAEEoIIBRwSCAUMwggE/AgEBBgorBgEEAYRZCgMB

# MDEwDQYJYIZIAWUDBAIBBQAEIIc3gNVcE4792+vwN2ZvpYIoPZ67Sudk4qGnmmBg

# xzYdAgZihl/zX0sYEjIwMjIwNjA3MTcxNDQ4LjI3WjAEgAIB9KCB2KSB1TCB0jEL

# MAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1v

# bmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEtMCsGA1UECxMkTWlj

# cm9zb2Z0IElyZWxhbmQgT3BlcmF0aW9ucyBMaW1pdGVkMSYwJAYDVQQLEx1UaGFs

# ZXMgVFNTIEVTTjoxNzlFLTRCQjAtODI0NjElMCMGA1UEAxMcTWljcm9zb2Z0IFRp

# bWUtU3RhbXAgU2VydmljZaCCEWUwggcUMIIE/KADAgECAhMzAAABij44jdIOAvro

# AAEAAAGKMA0GCSqGSIb3DQEBCwUAMHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpX

# YXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQg

# Q29ycG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAy

# MDEwMB4XDTIxMTAyODE5Mjc0MloXDTIzMDEyNjE5Mjc0MlowgdIxCzAJBgNVBAYT

# AlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYD

# VQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xLTArBgNVBAsTJE1pY3Jvc29mdCBJ

# cmVsYW5kIE9wZXJhdGlvbnMgTGltaXRlZDEmMCQGA1UECxMdVGhhbGVzIFRTUyBF

# U046MTc5RS00QkIwLTgyNDYxJTAjBgNVBAMTHE1pY3Jvc29mdCBUaW1lLVN0YW1w

# IFNlcnZpY2UwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC3/663oYMD

# IBm96AGFqBZ3QaipPyUUcx6mhY04s88QSgu7Jrhfef4rXgW+VnAWYrCpqnoH7oSQ

# hNKOR5xNIHpBEDiSK90nJ2Uu8quDy520G7rssrKNCrBHMNBNGEQLGlTfS10ET8B7

# I/3mTuqd2Ei786lPhAbIYlSIwOWZkCIM9jkUmSK1SAa/AwEfCiAnPwVUQEWdWIBR

# FMniQEOJTqmlu/g8j3v69CGmykMr7zeBrJqJELeA1MbLeI6J7o+yXTdy9giIVwAl

# E/g7RGR4WW/9JCiibPcm2wx32ihL9c7S9I32HYNUo40yNoU6Cc3lGTmIKrCafqqy

# Z76FqhH9OsIFLTNeNexZOCSWNQG23XtQFtbxEv70s3DdyM8nwRhGCUw1cJgszobM

# INcS8T1P/+wC/6TVzzi2aiJkNkGoGCv9K8v6BWw7PcSgNlDbqpNrVsSf+enEyZdy

# 2hlJ7xJEOqArQlRaGMpeCfJo4AMQH4W18iL6N1xQluk+0AviRa9VJEqKlW/wwS5h

# Et7FcQMQGL5Xi18oClmETiBrSn5AKJrAcsFk2iPdRA3MzlBWYZqLcydAVtmSGptQ

# PKmj29pYR5V47fkl90taPBGC8xfdUpkvnt3uOZGOJWWW5eNkUvH6uEkvslhWm04+

# 0XUwC0xiWno66Cc6kb7hbgwYeqPthh8/RQIDAQABo4IBNjCCATIwHQYDVR0OBBYE

# FCPaQ9j9bBnUl66nSUeEPjGQaSQDMB8GA1UdIwQYMBaAFJ+nFV0AXmJdg/Tl0mWn

# G1M1GelyMF8GA1UdHwRYMFYwVKBSoFCGTmh0dHA6Ly93d3cubWljcm9zb2Z0LmNv

# bS9wa2lvcHMvY3JsL01pY3Jvc29mdCUyMFRpbWUtU3RhbXAlMjBQQ0ElMjAyMDEw

# KDEpLmNybDBsBggrBgEFBQcBAQRgMF4wXAYIKwYBBQUHMAKGUGh0dHA6Ly93d3cu

# bWljcm9zb2Z0LmNvbS9wa2lvcHMvY2VydHMvTWljcm9zb2Z0JTIwVGltZS1TdGFt

# cCUyMFBDQSUyMDIwMTAoMSkuY3J0MAwGA1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYI

# KwYBBQUHAwgwDQYJKoZIhvcNAQELBQADggIBAMX0wRKw9cN5G18WjV/nvmI98X0B

# FZt66418znzch9PF/Nl/Z2/+Z7cM2L8pw00SdHVMptm0bsuyDRzL+kogRA4kbZ9h

# pbAggpjC7IMkjZDiRWLmbNtX/QLn69BCxBwK9+wzwrlfZ9+J8mLu2p4bSvnwKODB

# 7vEFi+C4+aNQ3HBNa8SNkg9+mNVSho8KXqqqzR4VRvttwuHNMQRgGcCPwwQ2GI/k

# gl3g+nmUWodO2l5zrtgWYa47+4gD9OM8F9y0zmRQj67N/KH/Ih20M22QjP57/GZd

# IWGJARHS4GNGhtBlXpz7RM229E0trJTi7sR6R3s5oNfNBHRG5YZpKLC03pdz8+g0

# /St7Mbo69zKjDWoyhSRQRDuqoPRCrxAXArQMoJ1lIm3IEowGmNRgKc1Rlti9NNab

# gNcrlFiB/bdtUElbhejnDj3QcejhONY2rPXs+o/IwJOczwdwCpOc94wTR09i9t3D

# MMyBu6bJ1slqr/ToUiaQnspez2PGoOITY9N5idqPzafpD/8+pse7HEmbBA7h/N06

# BWoASQbVcOamlUpb+snEE3cjHJWvpA/1yFjYxhVrRtsAIjZ29T5HZAmUTkCOgwrL

# rxYjWmYVPckoGutpynLodSMau1X7/VTnZuusSUKVXLkVvz5RlZkunzZy4LO0kwxK

# pb6Q/nPJUFK8sz7gMIIHcTCCBVmgAwIBAgITMwAAABXF52ueAptJmQAAAAAAFTAN

# BgkqhkiG9w0BAQsFADCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0

# b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3Jh

# dGlvbjEyMDAGA1UEAxMpTWljcm9zb2Z0IFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9y

# aXR5IDIwMTAwHhcNMjEwOTMwMTgyMjI1WhcNMzAwOTMwMTgzMjI1WjB8MQswCQYD

# VQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEe

# MBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQDEx1NaWNyb3Nv

# ZnQgVGltZS1TdGFtcCBQQ0EgMjAxMDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCC

# AgoCggIBAOThpkzntHIhC3miy9ckeb0O1YLT/e6cBwfSqWxOdcjKNVf2AX9sSuDi

# vbk+F2Az/1xPx2b3lVNxWuJ+Slr+uDZnhUYjDLWNE893MsAQGOhgfWpSg0S3po5G

# awcU88V29YZQ3MFEyHFcUTE3oAo4bo3t1w/YJlN8OWECesSq/XJprx2rrPY2vjUm

# ZNqYO7oaezOtgFt+jBAcnVL+tuhiJdxqD89d9P6OU8/W7IVWTe/dvI2k45GPsjks

# UZzpcGkNyjYtcI4xyDUoveO0hyTD4MmPfrVUj9z6BVWYbWg7mka97aSueik3rMvr

# g0XnRm7KMtXAhjBcTyziYrLNueKNiOSWrAFKu75xqRdbZ2De+JKRHh09/SDPc31B

# mkZ1zcRfNN0Sidb9pSB9fvzZnkXftnIv231fgLrbqn427DZM9ituqBJR6L8FA6PR

# c6ZNN3SUHDSCD/AQ8rdHGO2n6Jl8P0zbr17C89XYcz1DTsEzOUyOArxCaC4Q6oRR

# RuLRvWoYWmEBc8pnol7XKHYC4jMYctenIPDC+hIK12NvDMk2ZItboKaDIV1fMHSR

# lJTYuVD5C4lh8zYGNRiER9vcG9H9stQcxWv2XFJRXRLbJbqvUAV6bMURHXLvjflS

# xIUXk8A8FdsaN8cIFRg/eKtFtvUeh17aj54WcmnGrnu3tz5q4i6tAgMBAAGjggHd

# MIIB2TASBgkrBgEEAYI3FQEEBQIDAQABMCMGCSsGAQQBgjcVAgQWBBQqp1L+ZMSa

# voKRPEY1Kc8Q/y8E7jAdBgNVHQ4EFgQUn6cVXQBeYl2D9OXSZacbUzUZ6XIwXAYD

# VR0gBFUwUzBRBgwrBgEEAYI3TIN9AQEwQTA/BggrBgEFBQcCARYzaHR0cDovL3d3

# dy5taWNyb3NvZnQuY29tL3BraW9wcy9Eb2NzL1JlcG9zaXRvcnkuaHRtMBMGA1Ud

# JQQMMAoGCCsGAQUFBwMIMBkGCSsGAQQBgjcUAgQMHgoAUwB1AGIAQwBBMAsGA1Ud

# DwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFNX2VsuP6KJcYmjR

# PZSQW9fOmhjEMFYGA1UdHwRPME0wS6BJoEeGRWh0dHA6Ly9jcmwubWljcm9zb2Z0

# LmNvbS9wa2kvY3JsL3Byb2R1Y3RzL01pY1Jvb0NlckF1dF8yMDEwLTA2LTIzLmNy

# bDBaBggrBgEFBQcBAQROMEwwSgYIKwYBBQUHMAKGPmh0dHA6Ly93d3cubWljcm9z

# b2Z0LmNvbS9wa2kvY2VydHMvTWljUm9vQ2VyQXV0XzIwMTAtMDYtMjMuY3J0MA0G

# CSqGSIb3DQEBCwUAA4ICAQCdVX38Kq3hLB9nATEkW+Geckv8qW/qXBS2Pk5HZHix

# BpOXPTEztTnXwnE2P9pkbHzQdTltuw8x5MKP+2zRoZQYIu7pZmc6U03dmLq2HnjY

# Ni6cqYJWAAOwBb6J6Gngugnue99qb74py27YP0h1AdkY3m2CDPVtI1TkeFN1JFe5

# 3Z/zjj3G82jfZfakVqr3lbYoVSfQJL1AoL8ZthISEV09J+BAljis9/kpicO8F7BU

# hUKz/AyeixmJ5/ALaoHCgRlCGVJ1ijbCHcNhcy4sa3tuPywJeBTpkbKpW99Jo3QM

# vOyRgNI95ko+ZjtPu4b6MhrZlvSP9pEB9s7GdP32THJvEKt1MMU0sHrYUP4KWN1A

# PMdUbZ1jdEgssU5HLcEUBHG/ZPkkvnNtyo4JvbMBV0lUZNlz138eW0QBjloZkWsN

# n6Qo3GcZKCS6OEuabvshVGtqRRFHqfG3rsjoiV5PndLQTHa1V1QJsWkBRH58oWFs

# c/4Ku+xBZj1p/cvBQUl+fpO+y/g75LcVv7TOPqUxUYS8vwLBgqJ7Fx0ViY1w/ue1

# 0CgaiQuPNtq6TPmb/wrpNPgkNWcr4A245oyZ1uEi6vAnQj0llOZ0dFtq0Z4+7X6g

# MTN9vMvpe784cETRkPHIqzqKOghif9lwY1NNje6CbaUFEMFxBmoQtB1VM1izoXBm

# 8qGCAtQwggI9AgEBMIIBAKGB2KSB1TCB0jELMAkGA1UEBhMCVVMxEzARBgNVBAgT

# Cldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29m

# dCBDb3Jwb3JhdGlvbjEtMCsGA1UECxMkTWljcm9zb2Z0IElyZWxhbmQgT3BlcmF0

# aW9ucyBMaW1pdGVkMSYwJAYDVQQLEx1UaGFsZXMgVFNTIEVTTjoxNzlFLTRCQjAt

# ODI0NjElMCMGA1UEAxMcTWljcm9zb2Z0IFRpbWUtU3RhbXAgU2VydmljZaIjCgEB

# MAcGBSsOAwIaAxUAgPDzY68bUwUEHaf/jB5WqnNXxKGggYMwgYCkfjB8MQswCQYD

# VQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEe

# MBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQDEx1NaWNyb3Nv

# ZnQgVGltZS1TdGFtcCBQQ0EgMjAxMDANBgkqhkiG9w0BAQUFAAIFAOZJ6iMwIhgP

# MjAyMjA2MDcyMzE1NDdaGA8yMDIyMDYwODIzMTU0N1owdDA6BgorBgEEAYRZCgQB

# MSwwKjAKAgUA5knqIwIBADAHAgEAAgIIezAHAgEAAgIS+jAKAgUA5ks7owIBADA2

# BgorBgEEAYRZCgQCMSgwJjAMBgorBgEEAYRZCgMCoAowCAIBAAIDB6EgoQowCAIB

# AAIDAYagMA0GCSqGSIb3DQEBBQUAA4GBAItkxzaYXVKdSuNwOvI2GshM5SHBahwN

# FJoc+S35bsUtadi9bJujULQBj3FQdiXLMxBWgtrZDeXeCqjiFMakxUZVsmGkYm5v

# 3dfWD6s/OMXhK4n3oOy5n1aT6nIyyxVbcPR6mOUmbIfXz6izmEzXQDHezCVUuN85

# 3HnoT/yANAoXMYIEDTCCBAkCAQEwgZMwfDELMAkGA1UEBhMCVVMxEzARBgNVBAgT

# Cldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29m

# dCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENB

# IDIwMTACEzMAAAGKPjiN0g4C+ugAAQAAAYowDQYJYIZIAWUDBAIBBQCgggFKMBoG

# CSqGSIb3DQEJAzENBgsqhkiG9w0BCRABBDAvBgkqhkiG9w0BCQQxIgQgQSrM57p7

# f3FO+wPzVqK36fUsSIhkJY12I7uarG9ZY7IwgfoGCyqGSIb3DQEJEAIvMYHqMIHn

# MIHkMIG9BCD0veCrdd9Kvn7zv38w+DG1kIUGhO0R5Dh+gJI5TVQpvTCBmDCBgKR+

# MHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdS

# ZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMT

# HU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwAhMzAAABij44jdIOAvroAAEA

# AAGKMCIEIIyiIHFYsVYkEKPjvgPAbR11th2crg21KRthhGEcqrgDMA0GCSqGSIb3

# DQEBCwUABIICAHktIhyxfDygBPqp6It76zcNhTNXAuoQ9gB6pZqLUn7SSRSd0FTX

# vzcKdWM2CeUb6uZ+0hdI6ouc/w73QhIXp+ibvIaSMb0nNa8P2qeMWgqbSVQkMkAH

# S2aPC645o9Yee0Rfuq81ZiyawBEZfr8EA/tbt3zAfazp6JzMvtsT+PlfD2f7CUQi

# em/V2gm/VcpqYpQpX/ilHPILo4TDumxjLzS4Aeo0dxvkOioKG2EKlew/lZ5TMA/f

# KkiL+1d8hPHgPilPQzuotN5rp01tZepUuOLRzc/E4r1G9wFapxtHIQWuj5IucQIX

# 607gRgXGEJDYqJyHPHGYYtlDikSYhhVQbJNlr8ti/Pv+ysnBq4MzgoUOZRZmH5Xa

# 6AFyndd2rK1+d2txie7nASx+JFURfIUBhsS1G22jF00lXhVeVEQWx9DGDLOhc4X3

# RGx0TV9cL5i9voGTQI7YaF+PK6Kt0fSUREruqLFoFkDkFMmUvtOB7ljn7LfGNmL/

# C8WYwAuQd8umzMUaUHCP91pSCuMdNFU9jwqIWghFOByWedPPqlaLVDl1jOPgAWAY

# TNxaZoytj/zOAfGDmF6d4ySY3Fo4oXbAplxE5nOQP+O3UmQR7VDmNUUCRZNXJVDI

# j/IVhComgWSOgvNPqD+uADCTBeDVRzc39p6hvbHWNlaP6ZkOtA1Pz+Cu

# SIG # End signature block