NuGet/NuGetFeedClass.ps1
|
#requires -Version 5.0 [NuGetFeed[]] $NuGetFeedCache = @() # PROOF OF CONCEPT PREVIEW: This class holds the connection to a NuGet feed class NuGetFeed { [string] $url [string] $token [string[]] $patterns [string[]] $fingerprints [string] $searchQueryServiceUrl [string] $packagePublishUrl [string] $packageBaseAddressUrl [hashtable] $orgType = @{} [hashtable] $searchResultsCache = @{} [int] $searchResultsCacheRetentionPeriod [string] $cacheFolder NuGetFeed([string] $nuGetServerUrl, [string] $nuGetToken, [string[]] $patterns, [string[]] $fingerprints, [int] $nuGetSearchResultsCacheRetentionPeriod, [string] $nuGetCacheFolder) { $this.url = $nuGetServerUrl $this.token = $nuGetToken $this.patterns = $patterns $this.fingerprints = $fingerprints $this.searchResultsCacheRetentionPeriod = $nuGetSearchResultsCacheRetentionPeriod $this.cacheFolder = $nugetCacheFolder # When trusting nuget.org, you should only trust packages signed by an author or packages matching a specific pattern (like using a registered prefix or a full name) if ($nuGetServerUrl -like 'https://api.nuget.org/*' -and $patterns.Contains('*') -and (!$fingerprints -or $fingerprints.Contains('*'))) { throw "Trusting all packages on nuget.org is not supported" } try { $prev = $global:ProgressPreference; $global:ProgressPreference = "SilentlyContinue" $capabilities = Invoke-RestMethod -UseBasicParsing -Method GET -Headers ($this.GetHeaders()) -Uri $this.url $global:ProgressPreference = $prev $this.searchQueryServiceUrl = $capabilities.resources | Where-Object { $_.'@type' -eq 'SearchQueryService' } | Select-Object -ExpandProperty '@id' | Select-Object -First 1 if (!$this.searchQueryServiceUrl) { # Azure DevOps doesn't support SearchQueryService, but SearchQueryService/3.0.0-beta $this.searchQueryServiceUrl = $capabilities.resources | Where-Object { $_.'@type' -eq 'SearchQueryService/3.0.0-beta' } | Select-Object -ExpandProperty '@id' | Select-Object -First 1 } $this.packagePublishUrl = $capabilities.resources | Where-Object { $_."@type" -eq 'PackagePublish/2.0.0' } | Select-Object -ExpandProperty '@id' | Select-Object -First 1 $this.packageBaseAddressUrl = $capabilities.resources | Where-Object { $_."@type" -eq 'PackageBaseAddress/3.0.0' } | Select-Object -ExpandProperty '@id' | Select-Object -First 1 if (!$this.searchQueryServiceUrl -or !$this.packagePublishUrl -or !$this.packageBaseAddressUrl) { Write-Host "Capabilities of NuGet server $($this.url) are not supported" $capabilities.resources | ForEach-Object { Write-Host "- $($_.'@type')"; Write-Host "-> $($_.'@id')" } } Write-Verbose "Capabilities of NuGet server $($this.url) are:" Write-Verbose "- SearchQueryService=$($this.searchQueryServiceUrl)" Write-Verbose "- PackagePublish=$($this.packagePublishUrl)" Write-Verbose "- PackageBaseAddress=$($this.packageBaseAddressUrl)" } catch { throw (GetExtendedErrorMessage $_) } } static [NuGetFeed] Create([string] $nuGetServerUrl, [string] $nuGetToken, [string[]] $patterns, [string[]] $fingerprints, [int] $nuGetSearchResultsCacheRetentionPeriod, [string] $nuGetCacheFolder) { $nuGetFeed = $script:NuGetFeedCache | Where-Object { $_.url -eq $nuGetServerUrl -and $_.token -eq $nuGetToken -and (-not (Compare-Object $_.patterns $patterns)) -and (-not (Compare-Object $_.fingerprints $fingerprints)) -and $_.searchResultsCacheRetentionPeriod -eq $nuGetSearchResultsCacheRetentionPeriod } if (!$nuGetFeed) { $nuGetFeed = [NuGetFeed]::new($nuGetServerUrl, $nuGetToken, $patterns, $fingerprints, $nuGetSearchResultsCacheRetentionPeriod, $nugetCacheFolder) $script:NuGetFeedCache += $nuGetFeed } return $nuGetFeed } [void] Dump([string] $message) { Write-Host $message } [hashtable] GetHeaders() { $headers = @{ "Content-Type" = "application/json; charset=utf-8" } # nuget.org only support anonymous access if ($this.token -and $this.url -notlike 'https://api.nuget.org/*') { $headers += @{ "Authorization" = "Basic $([Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes("user:$($this.token)")))" } } return $headers } [bool] IsTrusted([string] $packageId) { return ($packageId -and ($this.patterns | Where-Object { $packageId -like $_ })) } [hashtable[]] Search([string] $packageName) { $useCache = $this.searchResultsCacheRetentionPeriod -gt 0 $hasCache = $this.searchResultsCache.ContainsKey($packageName) if ($hasCache) { if ($useCache) { # Clear cache older than the retention period $clearCache = $this.searchResultsCache[$packageName].timestamp.AddSeconds($this.searchResultsCacheRetentionPeriod) -lt (Get-Date) } else { # Clear cache if we are not using it $clearCache = $true } if ($clearCache) { $this.searchResultsCache.Remove($packageName) $hasCache = $false } } if ($useCache -and $hasCache) { Write-Host "Search package using cache" $matching = $this.searchResultsCache[$packageName].matching } elseif ($this.searchQueryServiceUrl -match '^https://nuget.pkg.github.com/(.*)/query$') { # GitHub support for SearchQueryService is unstable and is not usable # use GitHub API instead # GitHub API unfortunately doesn't support filtering, so we need to filter ourselves $organization = $matches[1] $headers = @{ "Accept" = "application/vnd.github+json" "X-GitHub-Api-Version" = "2022-11-28" } if ($this.token) { $headers += @{ "Authorization" = "Bearer $($this.token)" } } if (-not $this.orgType.ContainsKey($organization)) { $orgMetadata = Invoke-RestMethod -Method GET -Headers $headers -Uri "https://api.github.com/users/$organization" if ($orgMetadata.type -eq 'Organization') { $this.orgType[$organization] = 'orgs' } else { $this.orgType[$organization] = 'users' } } $cacheKey = "GitHubPackages:$($this.orgType[$organization])/$organization" $matching = @() if ($this.searchResultsCacheRetentionPeriod -gt 0 -and $this.searchResultsCache.ContainsKey($cacheKey)) { if ($this.searchResultsCache[$cacheKey].timestamp.AddSeconds($this.searchResultsCacheRetentionPeriod) -lt (Get-Date)) { Write-Host "Cache expired, removing cache $cacheKey" $this.searchResultsCache.Remove($cacheKey) } else { Write-Host "Search available packages using cache $cacheKey" $matching = $this.searchResultsCache[$cacheKey].matching Write-Host "$($matching.Count) packages found" } } if (-not $matching) { $per_page = 50 $queryUrl = "https://api.github.com/$($this.orgType[$organization])/$organization/packages?package_type=nuget&per_page=$($per_page)&page=" $page = 1 $matching = @() while ($true) { Write-Host -ForegroundColor Yellow "Search package using $queryUrl$page" $result = Invoke-RestMethod -UseBasicParsing -Method GET -Headers $headers -Uri "$queryUrl$page" Write-Host "$($result.Count) packages found" if ($result.Count -eq 0) { break } $matching += @($result) if ($result.Count -ne $per_page) { break } $page++ } Write-Host "Total of $($matching.Count) packages found" $this.searchResultsCache[$cacheKey] = @{ matching = $matching timestamp = (Get-Date) } } $matching = @($matching | Where-Object { $_.name -like "*$packageName*" -and $this.IsTrusted($_.name) } | Sort-Object { $_.name.replace('.symbols','') } | ForEach-Object { @{ "id" = $_.name; "versions" = @() } } ) } else { # prerelase=true in order to find packages, which not yet has been published as prod $queryUrl = "$($this.searchQueryServiceUrl)?q=$packageName&take=50&prerelease=true" try { Write-Host -ForegroundColor Yellow "Search package using $queryUrl" $prev = $global:ProgressPreference; $global:ProgressPreference = "SilentlyContinue" $searchResult = Invoke-RestMethod -UseBasicParsing -Method GET -Headers ($this.GetHeaders()) -Uri $queryUrl $global:ProgressPreference = $prev } catch { throw (GetExtendedErrorMessage $_) } # Check that the found pattern matches the package name and the trusted patterns $matching = @($searchResult.data | Where-Object { $_.id -like "*$($packageName)*" -and $this.IsTrusted($_.id) } | Sort-Object { $_.id.replace('.symbols','') } | ForEach-Object { @{ "id" = $_.id; "versions" = @($_.versions.version) } } ) } $exact = $matching | Where-Object { $_.id -eq $packageName -or $_.id -eq "$packageName.symbols" } if ($exact) { Write-Host "Exact match found for $packageName" $matching = $exact } else { Write-Host "$($matching.count) matching packages found" } if ($useCache -and !$hasCache) { # Cache the search results $this.searchResultsCache[$packageName] = @{ matching = $matching timestamp = (Get-Date) } } return $matching | ForEach-Object { Write-Host "- $($_.id)"; $_ } } [string[]] GetVersions([hashtable] $package, [bool] $descending, [bool] $allowPrerelease) { if (!$this.IsTrusted($package.id)) { throw "Package $($package.id) is not trusted on $($this.url)" } if ($package.versions.count -eq 0) { $queryUrl = "$($this.packageBaseAddressUrl.TrimEnd('/'))/$($package.Id.ToLowerInvariant())/index.json" try { Write-Host -ForegroundColor Yellow "Get versions using $queryUrl" $prev = $global:ProgressPreference; $global:ProgressPreference = "SilentlyContinue" $versions = Invoke-RestMethod -UseBasicParsing -Method GET -Headers ($this.GetHeaders()) -Uri $queryUrl $global:ProgressPreference = $prev } catch { throw (GetExtendedErrorMessage $_) } $package.versions = @($versions.versions) } $versionsArr = $package.versions Write-Host "$($versionsArr.count) versions found" $versionsArr = @($versionsArr | Where-Object { $allowPrerelease -or !$_.Contains('-') } | Sort-Object { ($_ -replace '-.+$') -as [System.Version] }, { "$($_)z" } -Descending:$descending | ForEach-Object { "$_" }) Write-Host "First version is $($versionsArr[0])" Write-Host "Last version is $($versionsArr[$versionsArr.Count-1])" return $versionsArr } # Normalize name or publisher name to be used in nuget id static [string] Normalize([string] $name) { return $name -replace '[^a-zA-Z0-9_\-]','' } static [string] NormalizeVersionStr([string] $versionStr) { $idx = $versionStr.IndexOf('-') $version = [System.version]($versionStr.Split('-')[0]) if ($version.Build -eq -1) { $version = [System.Version]::new($version.Major, $version.Minor, 0, 0) } if ($version.Revision -eq -1) { $version = [System.Version]::new($version.Major, $version.Minor, $version.Build, 0) } if ($idx -gt 0) { return "$version$($versionStr.Substring($idx))" } else { return "$version" } } static [Int32] CompareVersions([string] $version1, [string] $version2) { $version1 = [NuGetFeed]::NormalizeVersionStr($version1) $version2 = [NuGetFeed]::NormalizeVersionStr($version2) $ver1 = $version1 -replace '-.+$' -as [System.Version] $ver2 = $version2 -replace '-.+$' -as [System.Version] if ($ver1 -eq $ver2) { # add a 'z' to the version to make sure that 5.1.0 is greater than 5.1.0-beta # Tags are sorted alphabetically (alpha, beta, rc, etc.), even though this shouldn't matter # New prerelease versions will always have a new version number return [string]::Compare("$($version1)z", "$($version2)z") } elseif ($ver1 -gt $ver2) { return 1 } else { return -1 } } # Test if version is included in NuGet version range # https://learn.microsoft.com/en-us/nuget/concepts/package-versioning#version-ranges static [bool] IsVersionIncludedInRange([string] $versionStr, [string] $nuGetVersionRange) { $versionStr = [NuGetFeed]::NormalizeVersionStr($versionStr) $version = $versionStr -replace '-.+$' -as [System.Version] if ($nuGetVersionRange -match '^\s*([\[(]?)([\d\.]*)(,?)([\d\.]*)([\])]?)\s*$') { $inclFrom = $matches[1] -ne '(' $range = $matches[3] -eq ',' $inclTo = $matches[5] -eq ']' if ($matches[1] -eq '' -and $matches[5] -eq '') { $range = $true } if ($matches[2]) { $fromver = [System.Version]([NuGetFeed]::NormalizeVersionStr($matches[2])) } else { $fromver = [System.Version]::new(0,0,0,0) if ($inclFrom) { Write-Host "Invalid NuGet version range $nuGetVersionRange" return $false } } if ($matches[4]) { $tover = [System.Version]([NuGetFeed]::NormalizeVersionStr($matches[4])) } elseif ($range) { $tover = [System.Version]::new([int32]::MaxValue,[int32]::MaxValue,[int32]::MaxValue,[int32]::MaxValue) if ($inclTo) { Write-Host "Invalid NuGet version range $nuGetVersionRange" return $false } } else { $tover = $fromver } if (!$range -and (!$inclFrom -or !$inclTo)) { Write-Host "Invalid NuGet version range $nuGetVersionRange" return $false } if ($inclFrom) { if ($inclTo) { return $version -ge $fromver -and $version -le $tover } else { return $version -ge $fromver -and $version -lt $tover } } else { if ($inclTo) { return $version -gt $fromver -and $version -le $tover } else { return $version -gt $fromver -and $version -lt $tover } } } return $false } [string] FindPackageVersion([hashtable] $package, [string] $nuGetVersionRange, [string[]] $excludeVersions, [string] $select, [bool] $allowPrerelease) { $versions = $this.GetVersions($package, !($select -eq 'Earliest' -or $select -eq 'AllAscending'), $allowPrerelease) if ($excludeVersions) { Write-Host "Exclude versions: $($excludeVersions -join ', ')" } $versionList = @() foreach($version in $versions ) { if ($excludeVersions -contains $version) { continue } if (($select -eq 'Exact' -and [NuGetFeed]::NormalizeVersionStr($nuGetVersionRange) -eq [NuGetFeed]::NormalizeVersionStr($version)) -or ($select -ne 'Exact' -and [NuGetFeed]::IsVersionIncludedInRange($version, $nuGetVersionRange))) { if ($select -eq 'AllAscending' -or $select -eq 'AllDescending') { Write-Host "Include $version" } elseif ($nuGetVersionRange -eq '0.0.0.0') { Write-Host "$select version is $version" } else { Write-Host "$select version matching '$nuGetVersionRange' is $version" } $versionList += @($version) } } return ($versionList -join ',') } # Download the specs for the package with id = packageId and version = version # The following properties are returned: # - id: the package id # - name: the package name (either title, description or id from the nuspec) # - version: the package version # - authors: the package authors # - dependencies: the package dependencies (id and version range) [PSCustomObject] DownloadPackageSpec([string] $packageId, [string] $version) { $nuSpecName = "$($packageId.ToLowerInvariant())/$($version.ToLowerInvariant()).json" $nuSpecFileName = Join-Path $this.cacheFolder $nuSpecName $nuSpecMutex = New-Object System.Threading.Mutex($false, $nuSpecName.Replace('/','_').Replace('\','_')) try { try { if (!$nuSpecMutex.WaitOne(1000)) { Write-Host "Waiting for other process downloading nuspec '$($nuSpecName)'" $nuSpecMutex.WaitOne() | Out-Null Write-Host "Other process completed download" } } catch [System.Threading.AbandonedMutexException] { Write-Host "Other process terminated abnormally" } if (Test-Path $nuSpecFileName) { Write-Host "Using cached nuspec for $packageId version $version" (Get-Item $nuSpecFileName).LastWriteTime = Get-Date return (Get-Content -Path $nuSpecFileName | ConvertFrom-Json | ConvertTo-HashTable) } if (!$this.IsTrusted($packageId)) { throw "Package $packageId is not trusted on $($this.url)" } if ($this.packageBaseAddressUrl -like 'https://nuget.pkg.github.com/*') { $queryUrl = "$($this.packageBaseAddressUrl.SubString(0,$this.packageBaseAddressUrl.LastIndexOf('/')))/$($packageId.ToLowerInvariant())/$($version.ToLowerInvariant()).json" Write-Host "Download nuspec using $queryUrl" $response = Invoke-WebRequest -UseBasicParsing -Method GET -Headers ($this.GetHeaders()) -Uri $queryUrl $content = $response.Content | ConvertFrom-Json if (!($content.PSObject.Properties.Name -eq 'catalogEntry') -or ($null -eq $content.catalogEntry)) { throw "Package $packageId version $version not found on" } $returnValue = @{ "id" = $content.catalogEntry.id "name" = $content.catalogEntry.description "version" = $content.catalogEntry.version "authors" = $content.catalogEntry.authors "dependencies" = $content.catalogEntry.dependencyGroups | ForEach-Object { $_.dependencies | ForEach-Object { @{"id" = $_.id; "version" = $_.range.replace(' ','') } } } } } else { $queryUrl = "$($this.packageBaseAddressUrl.TrimEnd('/'))/$($packageId.ToLowerInvariant())/$($version.ToLowerInvariant())/$($packageId.ToLowerInvariant()).nuspec" try { Write-Host "Download nuspec using $queryUrl" $prev = $global:ProgressPreference; $global:ProgressPreference = "SilentlyContinue" $tmpFile = Join-Path ([System.IO.Path]::GetTempPath()) "$([GUID]::NewGuid().ToString()).nuspec" Invoke-RestMethod -UseBasicParsing -Method GET -Headers ($this.GetHeaders()) -Uri $queryUrl -OutFile $tmpFile $nuspec = [xml](Get-Content -Path $tmpfile -Encoding UTF8 -Raw) Remove-Item -Path $tmpFile -Force $global:ProgressPreference = $prev } catch { throw (GetExtendedErrorMessage $_) } if ($nuspec.package.metadata.PSObject.Properties.Name -eq 'title') { $appName = $nuspec.package.metadata.title } elseif ($nuspec.package.metadata.PSObject.Properties.Name -eq 'description') { $appName = $nuspec.package.metadata.description } else { $appName = $nuspec.package.metadata.id } if ($nuspec.package.metadata.PSObject.Properties.Name -eq 'Dependencies') { $dependencies = @($nuspec.package.metadata.Dependencies.GetEnumerator() | ForEach-Object { @{"id" = $_.id; "version" = $_.version } }) } else { $dependencies = @() } $returnValue = @{ "id" = $nuspec.package.metadata.id "name" = $appName "version" = $nuspec.package.metadata.version "authors" = $nuspec.package.metadata.authors "dependencies" = $dependencies } } New-Item -Path $nuSpecFileName -ItemType File -Force -Value ($returnValue | ConvertTo-Json -Depth 99) | Out-Null return $returnValue } finally { $nuSpecMutex.ReleaseMutex() } } [string] DownloadPackage([string] $packageId, [string] $version) { $packageSubFolder = "$($packageId.ToLowerInvariant())/$($version.ToLowerInvariant())" $packageMutex = New-Object System.Threading.Mutex($false, $packageSubFolder.Replace('/','_').Replace('\','_')) try { try { if (!$packageMutex.WaitOne(1000)) { Write-Host "Waiting for other process downloading package '$($packageSubFolder)'" $packageMutex.WaitOne() | Out-Null Write-Host "Other process completed download" } } catch [System.Threading.AbandonedMutexException] { Write-Host "Other process terminated abnormally" } if (!$this.IsTrusted($packageId)) { throw "Package $packageId is not trusted on $($this.url)" } $queryUrl = "$($this.packageBaseAddressUrl.TrimEnd('/'))/$($packageId.ToLowerInvariant())/$($version.ToLowerInvariant())/$($packageId.ToLowerInvariant()).$($version.ToLowerInvariant()).nupkg" $packageCacheFolder = Join-Path $this.cacheFolder $packageSubFolder if (test-Path $packageCacheFolder) { Write-Host "Using cached package for $packageId version $version" (Get-Item $packageCacheFolder).LastWriteTime = Get-Date } else { try { Write-Host -ForegroundColor Green "Download package using $queryUrl" $prev = $global:ProgressPreference; $global:ProgressPreference = "SilentlyContinue" $filename = "$($packageCacheFolder).zip" New-Item -Path $packageCacheFolder -ItemType Container | Out-Null Invoke-RestMethod -UseBasicParsing -Method GET -Headers ($this.GetHeaders()) -Uri $queryUrl -OutFile $filename if ($this.fingerprints) { $arguments = @("nuget", "verify", $filename) if ($this.fingerprints.Count -eq 1 -and $this.fingerprints[0] -eq '*') { Write-Host "Verifying package using any certificate" } else { Write-Host "Verifying package using $($this.fingerprints -join ', ')" $arguments += @("--certificate-fingerprint $($this.fingerprints -join ' --certificate-fingerprint ')") } cmddo -command 'dotnet' -arguments $arguments -silent -messageIfCmdNotFound "dotnet not found. Please install it from https://dotnet.microsoft.com/download" } Expand-Archive -Path $filename -DestinationPath $packageCacheFolder -Force $global:ProgressPreference = $prev Write-Host "Package successfully downloaded" } catch { if (Test-Path $packageCacheFolder) { Remove-Item $packageCacheFolder -Recurse -Force } throw (GetExtendedErrorMessage $_) } finally { if (Test-Path $filename) { Remove-Item $filename -Force } } } $tmpFolder = Join-Path ([System.IO.Path]::GetTempPath()) ([GUID]::NewGuid().ToString()) New-Item -Path $tmpFolder -ItemType Container | Out-Null Copy-Item -Path (Join-Path $packageCacheFolder '*') -Destination $tmpFolder -Recurse -Force return $tmpFolder } finally { $packageMutex.ReleaseMutex() } } [void] PushPackage([string] $package) { if (!($this.token)) { throw "NuGet token is required to push packages" } Write-Host "Preparing NuGet Package for submission" $headers = $this.GetHeaders() $headers += @{ "X-NuGet-ApiKey" = $this.token "X-NuGet-Client-Version" = "6.3.0" } $boundary = [System.Guid]::NewGuid().ToString(); $LF = "`r`n"; $tmpFile = Join-Path ([System.IO.Path]::GetTempPath()) ([GUID]::NewGuid().ToString()) $fs = [System.IO.File]::OpenWrite($tmpFile) $fs | Add-Member -MemberType ScriptMethod -Name WriteBytes -Value { param($bytes) $this.Write($bytes, 0, $bytes.Length) } try { $fs.WriteBytes([System.Text.Encoding]::UTF8.GetBytes("--$boundary$LF")) $fs.WriteBytes([System.Text.Encoding]::UTF8.GetBytes("Content-Type: application/octet-stream$($LF)Content-Disposition: form-data; name=package; filename=""$([System.IO.Path]::GetFileName($package))""$($LF)$($LF)")) $fs.WriteBytes([System.IO.File]::ReadAllBytes($package)) $fs.WriteBytes([System.Text.Encoding]::UTF8.GetBytes("$LF--$boundary--$LF")) } finally { $fs.Close() } Write-Host "Submitting NuGet package" try { Invoke-RestMethod -UseBasicParsing -Uri $this.packagePublishUrl -ContentType "multipart/form-data; boundary=$boundary" -Method Put -Headers $headers -inFile $tmpFile | Out-Host Write-Host -ForegroundColor Green "NuGet package successfully submitted" # Clear matching search results caches @( $this.searchResultsCache.Keys ) | Where-Object { $package -like "*$($_)*" -or $_ -like 'GitHubPackages:*' } | ForEach-Object { $this.searchResultsCache.Remove($_) } } catch [System.Net.WebException] { if ($_.Exception.Status -eq "ProtocolError" -and $_.Exception.Response -is [System.Net.HttpWebResponse]) { $response = [System.Net.HttpWebResponse]($_.Exception.Response) if ($response.StatusCode -eq [System.Net.HttpStatusCode]::Conflict) { Write-Host -ForegroundColor Yellow "NuGet package already exists" } else { throw (GetExtendedErrorMessage $_) } } else { throw (GetExtendedErrorMessage $_) } } catch { throw (GetExtendedErrorMessage $_) } finally { Remove-Item $tmpFile -Force -ErrorAction SilentlyContinue } } } # SIG # Begin signature block # MIIoVQYJKoZIhvcNAQcCoIIoRjCCKEICAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCCVG/MKjJdGqygG # zbJevfEccQ/w1x6qknAwDwI59XsorqCCDYUwggYDMIID66ADAgECAhMzAAAEhJji # EuB4ozFdAAAAAASEMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNpZ25p # bmcgUENBIDIwMTEwHhcNMjUwNjE5MTgyMTM1WhcNMjYwNjE3MTgyMTM1WjB0MQsw # CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9u # ZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMR4wHAYDVQQDExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB # AQDtekqMKDnzfsyc1T1QpHfFtr+rkir8ldzLPKmMXbRDouVXAsvBfd6E82tPj4Yz # aSluGDQoX3NpMKooKeVFjjNRq37yyT/h1QTLMB8dpmsZ/70UM+U/sYxvt1PWWxLj # MNIXqzB8PjG6i7H2YFgk4YOhfGSekvnzW13dLAtfjD0wiwREPvCNlilRz7XoFde5 # KO01eFiWeteh48qUOqUaAkIznC4XB3sFd1LWUmupXHK05QfJSmnei9qZJBYTt8Zh # ArGDh7nQn+Y1jOA3oBiCUJ4n1CMaWdDhrgdMuu026oWAbfC3prqkUn8LWp28H+2S # LetNG5KQZZwvy3Zcn7+PQGl5AgMBAAGjggGCMIIBfjAfBgNVHSUEGDAWBgorBgEE # AYI3TAgBBggrBgEFBQcDAzAdBgNVHQ4EFgQUBN/0b6Fh6nMdE4FAxYG9kWCpbYUw # VAYDVR0RBE0wS6RJMEcxLTArBgNVBAsTJE1pY3Jvc29mdCBJcmVsYW5kIE9wZXJh # dGlvbnMgTGltaXRlZDEWMBQGA1UEBRMNMjMwMDEyKzUwNTM2MjAfBgNVHSMEGDAW # gBRIbmTlUAXTgqoXNzcitW2oynUClTBUBgNVHR8ETTBLMEmgR6BFhkNodHRwOi8v # d3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NybC9NaWNDb2RTaWdQQ0EyMDExXzIw # MTEtMDctMDguY3JsMGEGCCsGAQUFBwEBBFUwUzBRBggrBgEFBQcwAoZFaHR0cDov # L3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9jZXJ0cy9NaWNDb2RTaWdQQ0EyMDEx # XzIwMTEtMDctMDguY3J0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggIB # AGLQps1XU4RTcoDIDLP6QG3NnRE3p/WSMp61Cs8Z+JUv3xJWGtBzYmCINmHVFv6i # 8pYF/e79FNK6P1oKjduxqHSicBdg8Mj0k8kDFA/0eU26bPBRQUIaiWrhsDOrXWdL # m7Zmu516oQoUWcINs4jBfjDEVV4bmgQYfe+4/MUJwQJ9h6mfE+kcCP4HlP4ChIQB # UHoSymakcTBvZw+Qst7sbdt5KnQKkSEN01CzPG1awClCI6zLKf/vKIwnqHw/+Wvc # Ar7gwKlWNmLwTNi807r9rWsXQep1Q8YMkIuGmZ0a1qCd3GuOkSRznz2/0ojeZVYh # ZyohCQi1Bs+xfRkv/fy0HfV3mNyO22dFUvHzBZgqE5FbGjmUnrSr1x8lCrK+s4A+ # bOGp2IejOphWoZEPGOco/HEznZ5Lk6w6W+E2Jy3PHoFE0Y8TtkSE4/80Y2lBJhLj # 27d8ueJ8IdQhSpL/WzTjjnuYH7Dx5o9pWdIGSaFNYuSqOYxrVW7N4AEQVRDZeqDc # fqPG3O6r5SNsxXbd71DCIQURtUKss53ON+vrlV0rjiKBIdwvMNLQ9zK0jy77owDy # XXoYkQxakN2uFIBO1UNAvCYXjs4rw3SRmBX9qiZ5ENxcn/pLMkiyb68QdwHUXz+1 # fI6ea3/jjpNPz6Dlc/RMcXIWeMMkhup/XEbwu73U+uz/MIIHejCCBWKgAwIBAgIK # YQ6Q0gAAAAAAAzANBgkqhkiG9w0BAQsFADCBiDELMAkGA1UEBhMCVVMxEzARBgNV # BAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jv # c29mdCBDb3Jwb3JhdGlvbjEyMDAGA1UEAxMpTWljcm9zb2Z0IFJvb3QgQ2VydGlm # aWNhdGUgQXV0aG9yaXR5IDIwMTEwHhcNMTEwNzA4MjA1OTA5WhcNMjYwNzA4MjEw # OTA5WjB+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UE # BxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSgwJgYD # VQQDEx9NaWNyb3NvZnQgQ29kZSBTaWduaW5nIFBDQSAyMDExMIICIjANBgkqhkiG # 9w0BAQEFAAOCAg8AMIICCgKCAgEAq/D6chAcLq3YbqqCEE00uvK2WCGfQhsqa+la # UKq4BjgaBEm6f8MMHt03a8YS2AvwOMKZBrDIOdUBFDFC04kNeWSHfpRgJGyvnkmc # 6Whe0t+bU7IKLMOv2akrrnoJr9eWWcpgGgXpZnboMlImEi/nqwhQz7NEt13YxC4D # dato88tt8zpcoRb0RrrgOGSsbmQ1eKagYw8t00CT+OPeBw3VXHmlSSnnDb6gE3e+ # lD3v++MrWhAfTVYoonpy4BI6t0le2O3tQ5GD2Xuye4Yb2T6xjF3oiU+EGvKhL1nk # kDstrjNYxbc+/jLTswM9sbKvkjh+0p2ALPVOVpEhNSXDOW5kf1O6nA+tGSOEy/S6 # A4aN91/w0FK/jJSHvMAhdCVfGCi2zCcoOCWYOUo2z3yxkq4cI6epZuxhH2rhKEmd # X4jiJV3TIUs+UsS1Vz8kA/DRelsv1SPjcF0PUUZ3s/gA4bysAoJf28AVs70b1FVL # 5zmhD+kjSbwYuER8ReTBw3J64HLnJN+/RpnF78IcV9uDjexNSTCnq47f7Fufr/zd # sGbiwZeBe+3W7UvnSSmnEyimp31ngOaKYnhfsi+E11ecXL93KCjx7W3DKI8sj0A3 # T8HhhUSJxAlMxdSlQy90lfdu+HggWCwTXWCVmj5PM4TasIgX3p5O9JawvEagbJjS # 4NaIjAsCAwEAAaOCAe0wggHpMBAGCSsGAQQBgjcVAQQDAgEAMB0GA1UdDgQWBBRI # bmTlUAXTgqoXNzcitW2oynUClTAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTAL # BgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBRyLToCMZBD # uRQFTuHqp8cx0SOJNDBaBgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLm1pY3Jv # c29mdC5jb20vcGtpL2NybC9wcm9kdWN0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFf # MDNfMjIuY3JsMF4GCCsGAQUFBwEBBFIwUDBOBggrBgEFBQcwAoZCaHR0cDovL3d3 # dy5taWNyb3NvZnQuY29tL3BraS9jZXJ0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFf # MDNfMjIuY3J0MIGfBgNVHSAEgZcwgZQwgZEGCSsGAQQBgjcuAzCBgzA/BggrBgEF # BQcCARYzaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9kb2NzL3ByaW1h # cnljcHMuaHRtMEAGCCsGAQUFBwICMDQeMiAdAEwAZQBnAGEAbABfAHAAbwBsAGkA # YwB5AF8AcwB0AGEAdABlAG0AZQBuAHQALiAdMA0GCSqGSIb3DQEBCwUAA4ICAQBn # 8oalmOBUeRou09h0ZyKbC5YR4WOSmUKWfdJ5DJDBZV8uLD74w3LRbYP+vj/oCso7 # v0epo/Np22O/IjWll11lhJB9i0ZQVdgMknzSGksc8zxCi1LQsP1r4z4HLimb5j0b # pdS1HXeUOeLpZMlEPXh6I/MTfaaQdION9MsmAkYqwooQu6SpBQyb7Wj6aC6VoCo/ # KmtYSWMfCWluWpiW5IP0wI/zRive/DvQvTXvbiWu5a8n7dDd8w6vmSiXmE0OPQvy # CInWH8MyGOLwxS3OW560STkKxgrCxq2u5bLZ2xWIUUVYODJxJxp/sfQn+N4sOiBp # mLJZiWhub6e3dMNABQamASooPoI/E01mC8CzTfXhj38cbxV9Rad25UAqZaPDXVJi # hsMdYzaXht/a8/jyFqGaJ+HNpZfQ7l1jQeNbB5yHPgZ3BtEGsXUfFL5hYbXw3MYb # BL7fQccOKO7eZS/sl/ahXJbYANahRr1Z85elCUtIEJmAH9AAKcWxm6U/RXceNcbS # oqKfenoi+kiVH6v7RyOA9Z74v2u3S5fi63V4GuzqN5l5GEv/1rMjaHXmr/r8i+sL # gOppO6/8MO0ETI7f33VtY5E90Z1WTk+/gFcioXgRMiF670EKsT/7qMykXcGhiJtX # cVZOSEXAQsmbdlsKgEhr/Xmfwb1tbWrJUnMTDXpQzTGCGiYwghoiAgEBMIGVMH4x # CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRt # b25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01p # Y3Jvc29mdCBDb2RlIFNpZ25pbmcgUENBIDIwMTECEzMAAASEmOIS4HijMV0AAAAA # BIQwDQYJYIZIAWUDBAIBBQCgga4wGQYJKoZIhvcNAQkDMQwGCisGAQQBgjcCAQQw # HAYKKwYBBAGCNwIBCzEOMAwGCisGAQQBgjcCARUwLwYJKoZIhvcNAQkEMSIEIM8R # 2qWvXnCWl+3W1HPZHpRll2pTZ4IogXA/yXFOdUOkMEIGCisGAQQBgjcCAQwxNDAy # oBSAEgBNAGkAYwByAG8AcwBvAGYAdKEagBhodHRwOi8vd3d3Lm1pY3Jvc29mdC5j # b20wDQYJKoZIhvcNAQEBBQAEggEAKeh36eDJ1iy1jun5H8nZJslxjLjo1J9PMt4k # An+ld57ZHXXz+yS2DqAGwiy6Myqduwmfe1EJ0Uncmbt60WlxFrkujeSpSVnwBXNt # T/XkTNUUbTrYpn7ZJnuckFr6vEjebuTjKk6xY0Oyz09LtRnCQliOzctkrCCf2kkm # yVQTrstFu8wBNbc8X97dJrfEcc1l3o0GF3jzbXHdc0OSyoUhnsK/H/yQsJKYVRlx # wLJg4rB2e59/KZ+2YeSDTXDMPO5ARxGX8NETvwaIiaHjnkRGV6o8UCPh8GMJ452q # Lt6bcKesQRQ20eJpgWRkW63orct7zKpvlQF1VWHjekEse8RByqGCF7AwghesBgor # BgEEAYI3AwMBMYIXnDCCF5gGCSqGSIb3DQEHAqCCF4kwgheFAgEDMQ8wDQYJYIZI # AWUDBAIBBQAwggFaBgsqhkiG9w0BCRABBKCCAUkEggFFMIIBQQIBAQYKKwYBBAGE # WQoDATAxMA0GCWCGSAFlAwQCAQUABCCHPpWEu707dmfVK3fvcfyzfJMF1a8Kg5Hc # cEhmsJawfgIGaceuQNTOGBMyMDI2MDQwNzA5MzkzNy42OTlaMASAAgH0oIHZpIHW # MIHTMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMH # UmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMS0wKwYDVQQL # EyRNaWNyb3NvZnQgSXJlbGFuZCBPcGVyYXRpb25zIExpbWl0ZWQxJzAlBgNVBAsT # Hm5TaGllbGQgVFNTIEVTTjo0MDFBLTA1RTAtRDk0NzElMCMGA1UEAxMcTWljcm9z # b2Z0IFRpbWUtU3RhbXAgU2VydmljZaCCEf4wggcoMIIFEKADAgECAhMzAAACGV6y # 2FR19LGNAAEAAAIZMA0GCSqGSIb3DQEBCwUAMHwxCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1w # IFBDQSAyMDEwMB4XDTI1MDgxNDE4NDgyNloXDTI2MTExMzE4NDgyNlowgdMxCzAJ # BgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25k # MR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xLTArBgNVBAsTJE1pY3Jv # c29mdCBJcmVsYW5kIE9wZXJhdGlvbnMgTGltaXRlZDEnMCUGA1UECxMeblNoaWVs # ZCBUU1MgRVNOOjQwMUEtMDVFMC1EOTQ3MSUwIwYDVQQDExxNaWNyb3NvZnQgVGlt # ZS1TdGFtcCBTZXJ2aWNlMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA # pqFIyUkzIyxpL3Q03WmLuy4G9YIUScznhKr+cHOT+/u7ParxI96gxxb1WrWuAxB8 # qjGLfsbImx8V3ouK1nUcf+R/nsnXas5/iTgV/Tl3QTRGT0DeuXBNbpHqc+wC1NiT # yA76gLnirvSBEoBzlrpNQFEnuwdbPLCLpTS3KWSCu5J02b+RFWR/kcFzVxnhoE3g # IaeURtrGKGBZGKLBXvqggkDENtKkvtvRT32xLvAvL/RpReu5z18ZojCs72ZSoa74 # Dy8YbaWsDm3OZOpJRZxZsPKCHZ6xNqgFKf0xNHj0t9v0Q3W+2z5gAVaasJJCvR52 # Sl0XJ2AOf3l0LSetXgUA5gD5IQ1RvEslTmNnSouTrGID3D1njY7mBu0puiIdPK2j # K/1Weef2+YR4cQpWQkeBZmXidh9AuWdlwxKQL15LJ6K2dw8y/t/PBhmLyt6QAf0C # epWRdgZnMytVAUuWHwlZRV9JLY7aX8D55eL9+cOLpX3bGNOmN24UpIW8qtZaqXae # sFvIOW23JNLhaaQVvObr1eu7GE/5Mn43e+/DbtdYl/bLP2IQ1xYEJdSbcUkDFfW3 # KlZEh+nBKDtaRnNRkbgIgxIbKdT38OKQwZ/aA4uSsiAg6nEPiWBHGuytIo5wU75M # 5VdjhEqqTHfXYu8BJi6GTzvWT+9ekfMXezqCkksxaG8CAwEAAaOCAUkwggFFMB0G # A1UdDgQWBBSAaOo5HWatNzqZn1IF1fcD6nr3ITAfBgNVHSMEGDAWgBSfpxVdAF5i # XYP05dJlpxtTNRnpcjBfBgNVHR8EWDBWMFSgUqBQhk5odHRwOi8vd3d3Lm1pY3Jv # c29mdC5jb20vcGtpb3BzL2NybC9NaWNyb3NvZnQlMjBUaW1lLVN0YW1wJTIwUENB # JTIwMjAxMCgxKS5jcmwwbAYIKwYBBQUHAQEEYDBeMFwGCCsGAQUFBzAChlBodHRw # Oi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NlcnRzL01pY3Jvc29mdCUyMFRp # bWUtU3RhbXAlMjBQQ0ElMjAyMDEwKDEpLmNydDAMBgNVHRMBAf8EAjAAMBYGA1Ud # JQEB/wQMMAoGCCsGAQUFBwMIMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsF # AAOCAgEAXxzVZLLXBFfoCCCTiY7MHXdb7civJSTfrHYJC5Ok2NN75NpzTMT9V2Tc # IQjfQ3AFUbh1NBAYtMUuwxC6D4ceEXG5lXAnbvkC9YjeLVDRyImXYYmft7z+Qpl9 # t3C/8a0tiqnOz8Ue8/DYLtMTgvWMnsqLNjILDaImOfnHI36TLCjGFe8RYLXGdCUd # OLlfAdMGePxSTA3TAAOc+GQbmPWjrguLWbxvnl3NVjRvrBZVkxFMoVZH0f7qGwDO # Shjpnv5nYnQ48ufL0uBz52RbPGdX4Fv9+UGOrBprmcHzmIutFtJec2Y4kujNtTK2 # wBGgWscEOVhFiaVdje8VLJ7MVNKE5TmsuGM3jTLr1nuR5AFGs3UKkP7g3cQD4cHK # 7XdLiTm7e606QJ+WqeQsADYE9dvU9wIUbI9Dl4UcIErFw+FHaWSTrkfJ4SvLmhKn # l5khhpJ1sF3z6e1BxepUliXHqzRLiHWihWIWESF8IHElF3POxbP4VJqHBiYvaXMV # 0SyRgwoD6zXddbUnX9WR6JL2BlqAjjHxINwelsp/VhxAWThzuMA58LxvE/VAzjfF # F4Wm7a1ZALmJVw3oL/s/uxo1Op4tcT+hfZ9uN1htC1JN4DuRqFfLttjuoAmUQobO # 5zUFRzvCn8Ck/hiO+bzR15sqkjlxLMyMjpkc/ef4SUUikD468vUwggdxMIIFWaAD # AgECAhMzAAAAFcXna54Cm0mZAAAAAAAVMA0GCSqGSIb3DQEBCwUAMIGIMQswCQYD # VQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEe # MBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMTIwMAYDVQQDEylNaWNyb3Nv # ZnQgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgMjAxMDAeFw0yMTA5MzAxODIy # MjVaFw0zMDA5MzAxODMyMjVaMHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNo # aW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29y # cG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEw # MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5OGmTOe0ciELeaLL1yR5 # vQ7VgtP97pwHB9KpbE51yMo1V/YBf2xK4OK9uT4XYDP/XE/HZveVU3Fa4n5KWv64 # NmeFRiMMtY0Tz3cywBAY6GB9alKDRLemjkZrBxTzxXb1hlDcwUTIcVxRMTegCjhu # je3XD9gmU3w5YQJ6xKr9cmmvHaus9ja+NSZk2pg7uhp7M62AW36MEBydUv626GIl # 3GoPz130/o5Tz9bshVZN7928jaTjkY+yOSxRnOlwaQ3KNi1wjjHINSi947SHJMPg # yY9+tVSP3PoFVZhtaDuaRr3tpK56KTesy+uDRedGbsoy1cCGMFxPLOJiss254o2I # 5JasAUq7vnGpF1tnYN74kpEeHT39IM9zfUGaRnXNxF803RKJ1v2lIH1+/NmeRd+2 # ci/bfV+AutuqfjbsNkz2K26oElHovwUDo9Fzpk03dJQcNIIP8BDyt0cY7afomXw/ # TNuvXsLz1dhzPUNOwTM5TI4CvEJoLhDqhFFG4tG9ahhaYQFzymeiXtcodgLiMxhy # 16cg8ML6EgrXY28MyTZki1ugpoMhXV8wdJGUlNi5UPkLiWHzNgY1GIRH29wb0f2y # 1BzFa/ZcUlFdEtsluq9QBXpsxREdcu+N+VLEhReTwDwV2xo3xwgVGD94q0W29R6H # XtqPnhZyacaue7e3PmriLq0CAwEAAaOCAd0wggHZMBIGCSsGAQQBgjcVAQQFAgMB # AAEwIwYJKwYBBAGCNxUCBBYEFCqnUv5kxJq+gpE8RjUpzxD/LwTuMB0GA1UdDgQW # BBSfpxVdAF5iXYP05dJlpxtTNRnpcjBcBgNVHSAEVTBTMFEGDCsGAQQBgjdMg30B # ATBBMD8GCCsGAQUFBwIBFjNodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3Bz # L0RvY3MvUmVwb3NpdG9yeS5odG0wEwYDVR0lBAwwCgYIKwYBBQUHAwgwGQYJKwYB # BAGCNxQCBAweCgBTAHUAYgBDAEEwCwYDVR0PBAQDAgGGMA8GA1UdEwEB/wQFMAMB # Af8wHwYDVR0jBBgwFoAU1fZWy4/oolxiaNE9lJBb186aGMQwVgYDVR0fBE8wTTBL # oEmgR4ZFaHR0cDovL2NybC5taWNyb3NvZnQuY29tL3BraS9jcmwvcHJvZHVjdHMv # TWljUm9vQ2VyQXV0XzIwMTAtMDYtMjMuY3JsMFoGCCsGAQUFBwEBBE4wTDBKBggr # BgEFBQcwAoY+aHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraS9jZXJ0cy9NaWNS # b29DZXJBdXRfMjAxMC0wNi0yMy5jcnQwDQYJKoZIhvcNAQELBQADggIBAJ1Vffwq # reEsH2cBMSRb4Z5yS/ypb+pcFLY+TkdkeLEGk5c9MTO1OdfCcTY/2mRsfNB1OW27 # DzHkwo/7bNGhlBgi7ulmZzpTTd2YurYeeNg2LpypglYAA7AFvonoaeC6Ce5732pv # vinLbtg/SHUB2RjebYIM9W0jVOR4U3UkV7ndn/OOPcbzaN9l9qRWqveVtihVJ9Ak # vUCgvxm2EhIRXT0n4ECWOKz3+SmJw7wXsFSFQrP8DJ6LGYnn8AtqgcKBGUIZUnWK # NsIdw2FzLixre24/LAl4FOmRsqlb30mjdAy87JGA0j3mSj5mO0+7hvoyGtmW9I/2 # kQH2zsZ0/fZMcm8Qq3UwxTSwethQ/gpY3UA8x1RtnWN0SCyxTkctwRQEcb9k+SS+ # c23Kjgm9swFXSVRk2XPXfx5bRAGOWhmRaw2fpCjcZxkoJLo4S5pu+yFUa2pFEUep # 8beuyOiJXk+d0tBMdrVXVAmxaQFEfnyhYWxz/gq77EFmPWn9y8FBSX5+k77L+Dvk # txW/tM4+pTFRhLy/AsGConsXHRWJjXD+57XQKBqJC4822rpM+Zv/Cuk0+CQ1Zyvg # DbjmjJnW4SLq8CdCPSWU5nR0W2rRnj7tfqAxM328y+l7vzhwRNGQ8cirOoo6CGJ/ # 2XBjU02N7oJtpQUQwXEGahC0HVUzWLOhcGbyoYIDWTCCAkECAQEwggEBoYHZpIHW # MIHTMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMH # UmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMS0wKwYDVQQL # EyRNaWNyb3NvZnQgSXJlbGFuZCBPcGVyYXRpb25zIExpbWl0ZWQxJzAlBgNVBAsT # Hm5TaGllbGQgVFNTIEVTTjo0MDFBLTA1RTAtRDk0NzElMCMGA1UEAxMcTWljcm9z # b2Z0IFRpbWUtU3RhbXAgU2VydmljZaIjCgEBMAcGBSsOAwIaAxUAMXYp/Wqqdyb0 # enigrLfxl0InAz6ggYMwgYCkfjB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2Fz # aGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENv # cnBvcmF0aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAx # MDANBgkqhkiG9w0BAQsFAAIFAO1+snIwIhgPMjAyNjA0MDYyMjMwMTBaGA8yMDI2 # MDQwNzIyMzAxMFowdzA9BgorBgEEAYRZCgQBMS8wLTAKAgUA7X6ycgIBADAKAgEA # AgIK7wIB/zAHAgEAAgISLzAKAgUA7YAD8gIBADA2BgorBgEEAYRZCgQCMSgwJjAM # BgorBgEEAYRZCgMCoAowCAIBAAIDB6EgoQowCAIBAAIDAYagMA0GCSqGSIb3DQEB # CwUAA4IBAQCgQv42Dc8Gs00xe3OdkpDAzlWLUJRxtKEvtqCC6igpgRlD7tMJdc6M # V85kSvAW+geJ8rDW85PlUj1HI8jxlZDJ39gjWqMumkjvD5/ODcRUnPIL0p0m5Bus # NIW2bPf1Q7KmtXBAvNT9ShYEBJIKQVVITRqL2uCTOrMH8xy7qOr93Vur6nyEEU9V # YjhBTplr50enWKeBza1OIRD+pVUQtiisX65ZDTzXn81LAxE8h04Kpeui2dXoCrQT # lyHnec3JmfDpFpETL1iANu125JhsvMHxtOEYOgyt6zCWdvZh+vxfufbzI3ZaQuNU # bkxqhISgqqUth1dr3/tkY1WttJR/sm3jMYIEDTCCBAkCAQEwgZMwfDELMAkGA1UE # BhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAc # BgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0 # IFRpbWUtU3RhbXAgUENBIDIwMTACEzMAAAIZXrLYVHX0sY0AAQAAAhkwDQYJYIZI # AWUDBAIBBQCgggFKMBoGCSqGSIb3DQEJAzENBgsqhkiG9w0BCRABBDAvBgkqhkiG # 9w0BCQQxIgQg5AYcpXDteyEvhY6Tzga0HtPTQLzRIWkdPGBUJXA15ycwgfoGCyqG # SIb3DQEJEAIvMYHqMIHnMIHkMIG9BCDckX633E1y1EF32V18zQcrsgjzI9+3Le7m # lvk2OebthjCBmDCBgKR+MHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5n # dG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9y # YXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwAhMz # AAACGV6y2FR19LGNAAEAAAIZMCIEIMbOnlRy4GKivj48S5X2XIrPl49A0rUJvgjq # VAnILfEvMA0GCSqGSIb3DQEBCwUABIICAEFPY6iJbOYIuSJyrL4mvv8rJePefTuu # vA8/SVh+42hbKal6IfrCoDCx68Q4eEVurC9FmN8pXt7yYFTbImgxR/k8ETmn4PlN # DQ8yd4TYbkwVhOYHVhJ2Z6s9TlwIjn3j79+MP2YJSfMKAFLq/9WOCnBjgZrKkxVP # qeOlOh02gAAH0Pilv8XKa1f06MSiIo8D76+GGaKp/udMT1L7DARsQWiLsc4X4UMM # ZlSi9tfmmn5ZJTzlZLoSW8y9Zwt2DfmC1eo+NK8rIMiM37EQWYYp7fcxlgPgeBlv # CPywWxUOSZq5ytGNBAwsUF2MDQRhsAS7EGqSnlaf/GvawgKsUXwd/9Ks5zZszRll # BjSYZgXlmuBoULNGzqcK7XpbmjnPuMbaaHTOQEx4EaXGsVpXkdA8UHbWJoQ73DPO # Ulqc9Wfm0STvsvj7iMRmAmfk4HpEZGp/0LgTYAxu+9a62AXcKlrSo+tTfLTUdv8e # FSGRC7H/ufybF5UOzAefulFOjwY/IMsaIgXunFoyWcusU01ovszr2WRIIRlFknVm # u2/NDL/VfytZsl5Q7jqdXbBPIfH41jhD8UsounHENzs/OqAPGss5JzDziXX4++95 # aXiY+eYlxy892piQRIXLA6YYwpJ5LESktazFoUozyUhTfEKRmGd7BpvKxF3IvKC2 # tnX7dHnnJhll # SIG # End signature block |