Checks/check-ORCA243.ps1
|
using module "..\ORCA.psm1" class ORCA243 : ORCACheck { <# ARC Trusted Sealers #> ORCA243() { $this.Control=243 $this.Services=[ORCAService]::EOP $this.Area="Transport" $this.Name="Authenticated Receive Chain (ARC)" $this.PassText="Authenticated Receive Chain is set up for domains not pointing to EOP/MDO, or all domains point to EOP/MDO." $this.FailRecommendation="Enable Authenticated Receive Chain (ARC) trusted sealers for domains not pointed at EOP/MDO." $this.Importance="When EOP/MDO is behind a third-party service, sender authentication checks such as DKIM & SPF can fail. This is due to the fact that the service infront may modify the message and break the signature, or send from an IP address that is not a registered sender for the domain. By configuring the third-party to ARC seal the message, and setting up a trusted ARC sealer, the authentication results of the third-party mail relay can be used. IMPORTANT NOTE: This check cannot validate that the third-party service infront of these domains is correctly ARC sealing your emails, nor can it check that the domain portion matches one of the trusted ARC sealers. This check purely validates a trusted ARC sealer exists. Even if this check passes, you should validate your emails are passing ARC seal" $this.ExpandResults=$True $this.CheckType=[CheckType]::ObjectPropertyValue $this.ObjectType="Domain not pointed at service" $this.ItemName="Policy" $this.DataType="Trusted ARC Sealer" $this.ChiValue=[ORCACHI]::High $this.Links= @{ "Improving 'Defense in Depth' with Trusted ARC Sealers for Microsoft Defender for Office 365"="https://techcommunity.microsoft.com/t5/microsoft-defender-for-office/improving-defense-in-depth-with-trusted-arc-sealers-for/ba-p/3440707" "Configuring trusted ARC sealers"="https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/email-authentication-arc-configure?view=o365-worldwide" } } <# RESULTS #> GetResults($Config) { $ArcTrustedSealers = $($Config["ARCConfig"]).ArcTrustedSealers; $HasArcSealer = $ArcTrustedSealers.Length -gt 0 $DomainsNotAtService = @($($Config["MXReports"] | Where-Object {$_.PointsToService -eq $False})) # Loop domains not pointing at service if($DomainsNotAtService.Count -gt 0) { ForEach($Domain in $($DomainsNotAtService | Select -ExpandProperty Domain | Get-Unique)) { $ConfigObject = [ORCACheckConfig]::new() $ConfigObject.Object=$($Domain) $ConfigObject.ConfigItem="Default ARC Config" if($HasArcSealer -eq $True) { $ConfigObject.ConfigData=$($ArcTrustedSealers) $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Pass") } else { $ConfigObject.ConfigData="No Trusted Sealers" $ConfigObject.SetResult([ORCAConfigLevel]::Standard,"Fail") } $this.AddConfig($ConfigObject) } } } } # SIG # Begin signature block # MIImWgYJKoZIhvcNAQcCoIImSzCCJkcCAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCC/xhJPFy2j1hq7 # E4rkWQ/RfYcC4o89Wr1DN/Qb+VjGdqCCC6YwggULMIID86ADAgECAhMzAAAFwlgA # 087+f22BAAEAAAXCMA0GCSqGSIb3DQEBCwUAMHkxCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xIzAhBgNVBAMTGk1pY3Jvc29mdCBUZXN0aW5nIFBD # QSAyMDEwMB4XDTIzMDkyMTE4MTE0M1oXDTI0MDkxODE4MTE0M1owfDELMAkGA1UE # BhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAc # BgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdQ29kZSBTaWdu # IFRlc3QgKERPIE5PVCBUUlVTVCkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK # AoIBAQD5++3gGQURCZ5RFx3f6hxBcryv+l9JDcB/ue8Nf4lxtCZ3BYkCuFTxGzQs # lXh4SBgmfcoDr8X9mqmYlAhGlQn5WdhIlIjY7cyO+Jj9qH6ir7kKmqnxX5UMl2e8 # 1Xd78imtyJHeK3X/mReHaJItcbdObmRrJeq1cJm2qgiadjJK9aFPIGTd/2jgBIMc # G1LVd+lHU7fPU+wlvJshXoo7rj82PhSGoMqTN4s30oaUlIpKwhyn6eO7UIlD77Ez # NikN8J35LSlUGAWR7UW/qBrlVM9JURkIsAFfHUdZbsCu0wB3dHMBru+oDim+X/R9 # ko+B0F3Me40uod5i5D8m8HqIazstAgMBAAGjggGHMIIBgzAOBgNVHQ8BAf8EBAMC # B4AwEwYDVR0lBAwwCgYIKwYBBQUHAwMwHQYDVR0OBBYEFJfRokzB8QH6nZ8MnJQI # ahPRxmYhMEUGA1UdEQQ+MDykOjA4MR4wHAYDVQQLExVNaWNyb3NvZnQgQ29ycG9y # YXRpb24xFjAUBgNVBAUTDTIzMDA3Mis1MDE1NjYwHwYDVR0jBBgwFoAUv2Wiq291 # o05FllcFzzmH9MAVHBwwXAYDVR0fBFUwUzBRoE+gTYZLaHR0cDovL3d3dy5taWNy # b3NvZnQuY29tL3BraW9wcy9jcmwvTWljcm9zb2Z0JTIwVGVzdGluZyUyMFBDQSUy # MDIwMTAoMSkuY3JsMGkGCCsGAQUFBwEBBF0wWzBZBggrBgEFBQcwAoZNaHR0cDov # L3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9jZXJ0cy9NaWNyb3NvZnQlMjBUZXN0 # aW5nJTIwUENBJTIwMjAxMCgxKS5jcnQwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0B # AQsFAAOCAQEAMmCxC2x6fhzNJHnCk9zTlYQo0e/MzR5BHxJul6XfH7L2K+EOr+Wv # wiAvkkA47zgupON7XKs+NQFkTQAAw/tgzpZ95d2KyRUxbwfik44uLSqvgVNlSDSk # Ant8qiTj3+EhxYhcHQJwA4vz4Ow+rLIQOvPIHB0cOj1bJ/Z0olgCXfo/oORtXQe3 # 9M6dO7XvQ2i0SRvnfn95hodbpPWDmSvyHvZU5rHVLTBwyh9oTQ4v30P8eeAONxp6 # Sp6X7hLDy14Q0L4nfBeRFdf9M/DK6LjJ3bUWlYcqRpFwqMjAJQkW8RMtWuV8uSgD # PAR/tnqsaUFRAILpmfqPUwgXIVGT0/89iDCCBpMwggR7oAMCAQICEzMAAAAtNXpG # iMkHcdgAAAAAAC0wDQYJKoZIhvcNAQELBQAwgZAxCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xOjA4BgNVBAMTMU1pY3Jvc29mdCBUZXN0aW5nIFJv # b3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IDIwMTAwHhcNMjAxMjEwMjA0MzIwWhcN # MzUwNjE3MjEwNDExWjB5MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3Rv # bjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0 # aW9uMSMwIQYDVQQDExpNaWNyb3NvZnQgVGVzdGluZyBQQ0EgMjAxMDCCASIwDQYJ # KoZIhvcNAQEBBQADggEPADCCAQoCggEBAL88YIGrvuz/1xdj8qZC0RNinLAXzrpG # GnsiLlVzmlS5xtTRypj+d0cNjp3wXsz4VO/yzyrUYvGpNAoE18UFhvIQ9U3Tlghm # hdsCfRjc4nojp5opXa55GM8MY/Aa/4GpqUM/qQu5UfGzSDr8RC5fEcVWOv/KDs2I # CMH9x9X1Pu/qThtyiyO9RTeeH3DBp8m4IHPt82w9iyEFz3cS/qHcB+kNW3gJbDJV # EEfQN8jH9/pz/kY05FYWqDdkU9Y1+8OAto62hpGhENbBSvbjetQRCrLeLp4Ql+CB # rhJdiAFdzKTEKFKcYPAK5oivS+lXiuyjDzceKfZdIdPX2l0OyU7bjW0CAwEAAaOC # AfowggH2MA4GA1UdDwEB/wQEAwIBhjASBgkrBgEEAYI3FQEEBQIDAQABMCMGCSsG # AQQBgjcVAgQWBBTqn18zttBfnq3rLabBArtAOMvntTAdBgNVHQ4EFgQUv2Wiq291 # o05FllcFzzmH9MAVHBwwVAYDVR0gBE0wSzBJBgRVHSAAMEEwPwYIKwYBBQUHAgEW # M2h0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvRG9jcy9SZXBvc2l0b3J5 # Lmh0bTAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTAPBgNVHRMBAf8EBTADAQH/ # MB8GA1UdIwQYMBaAFKMBBH4wiDPruTGcyuuFdmf8ZbTRMFkGA1UdHwRSMFAwTqBM # oEqGSGh0dHA6Ly9jcmwubWljcm9zb2Z0LmNvbS9wa2kvY3JsL3Byb2R1Y3RzL01p # Y1Rlc1Jvb0NlckF1dF8yMDEwLTA2LTE3LmNybDCBjQYIKwYBBQUHAQEEgYAwfjBN # BggrBgEFBQcwAoZBaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraS9jZXJ0cy9N # aWNUZXNSb29DZXJBdXRfMjAxMC0wNi0xNy5jcnQwLQYIKwYBBQUHMAGGIWh0dHA6 # Ly9vbmVvY3NwLm1pY3Jvc29mdC5jb20vb2NzcDANBgkqhkiG9w0BAQsFAAOCAgEA # J7TQhbKezA+kKlNz1W3a1zEAyPb/Y8j2ARG1GJLa3LT5rybo/Ep5vcFnsIgDeWXP # NTUFWI7igwaW9bp+EllQm+Dw1T2dCfO7Rs2HvXTid9BGBnoiGmkrZCy5izmADOqC # JyKiMFciJNkhP6tpRrfDr8HGXrzZj5FWI5Op8iYuRHb0unIj0ZlvW0VkU+KVlPG2 # SEC/d/CxOJRzkAIsawEIlnrOUs6dlPORNJy3Wg6+cPyNvCf2dfuM1tTWqNaa1Qjq # q6LJ6DVH1X9ZL7MH1txWNpdT4gGKfLBsjuexms7V3QaBDgXAy3nX3D62vfjS3RBd # +jZBNIPvXW6JBWOysYVCfFqTIgpjeMo/SyhS70G3LRjCSWPRMBxYn5tqYGommnyh # dRss/ja7icxBIKcrDKP3/QFQUP6gnT0EBhFqd0AyGnn+LbPUE8fkZgyggQzExS4B # ZpoW7VGNCVoy5Cp+7KM/yyHA1JXv6eU4hQ+FYX2ZwHL2EB137rJZ8qfsroVswEpw # EDZziDun3NSRSMJA5HDPpP07KXwGo8x6KEgMF5Kzlq40Q1esCNGMzFR6xMkNIWeT # ZyF2y95a05Dj439zQbtZ2kjRGsknbkrQ2xVY1d016BDRJ2YroCSmEsJoc6GBzNZ4 # IqTeazXaiYiubpKehPCw84t5ef+13LSUGN/mYBwyaLIxghoKMIIaBgIBATCBkDB5 # MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVk # bW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSMwIQYDVQQDExpN # aWNyb3NvZnQgVGVzdGluZyBQQ0EgMjAxMAITMwAABcJYANPO/n9tgQABAAAFwjAN # BglghkgBZQMEAgEFAKCBsDAZBgkqhkiG9w0BCQMxDAYKKwYBBAGCNwIBBDAcBgor # BgEEAYI3AgELMQ4wDAYKKwYBBAGCNwIBFTAvBgkqhkiG9w0BCQQxIgQg5R5xwhAz # aMHoJZyMwV7NFGBNt++nLXhLKPyBdRkaGw4wRAYKKwYBBAGCNwIBDDE2MDSgFIAS # AE0AaQBjAHIAbwBzAG8AZgB0oRyAGmh0dHBzOi8vd3d3Lm1pY3Jvc29mdC5jb20g # MA0GCSqGSIb3DQEBAQUABIIBAEi/zUJq4x56aV8nSrw5mqMdJE7vsxQn7ZbSfDei # Dsyv3RPvovosuQYYjEySgGZjAud0jll4Ihps/L9juqmkczbMtJlnmLDDUZjK0TWm # dWDD+jDElyjtSev5VrohCLb42lLAXxa3EYnXOQzWfyFb6Z6r+o9SQNy1gzdibRdM # Mv6t7CbNqB1LZfpjTKTGk2+0M65Nry/c3U28Jj3S3hij2FGojFFq+5KyfdunJSAx # OwyiB7W6tz6fBYSSKqIz3hAXXAwnSOiRvrPQ5YCAj5ch1Ysi9PM+SQTtBvlHyKoR # Dxpw9jaG4qEpGiliOBikneEqTgc0LlwpsBer4A/m72ugA+ChgheXMIIXkwYKKwYB # BAGCNwMDATGCF4Mwghd/BgkqhkiG9w0BBwKgghdwMIIXbAIBAzEPMA0GCWCGSAFl # AwQCAQUAMIIBUgYLKoZIhvcNAQkQAQSgggFBBIIBPTCCATkCAQEGCisGAQQBhFkK # AwEwMTANBglghkgBZQMEAgEFAAQgLwSv4I0LISHUmyu+t7EqZg6T//7+WfMVVAj7 # 2VJ4p6kCBmVW1USHaxgTMjAyMzExMjAwMzU5NTAuMzQ3WjAEgAIB9KCB0aSBzjCB # yzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1Jl # ZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjElMCMGA1UECxMc # TWljcm9zb2Z0IEFtZXJpY2EgT3BlcmF0aW9uczEnMCUGA1UECxMeblNoaWVsZCBU # U1MgRVNOOjMzMDMtMDVFMC1EOTQ3MSUwIwYDVQQDExxNaWNyb3NvZnQgVGltZS1T # dGFtcCBTZXJ2aWNloIIR7TCCByAwggUIoAMCAQICEzMAAAHMhqXcN+vZYS0AAQAA # AcwwDQYJKoZIhvcNAQELBQAwfDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hp # bmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jw # b3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBIDIwMTAw # HhcNMjMwNTI1MTkxMjAxWhcNMjQwMjAxMTkxMjAxWjCByzELMAkGA1UEBhMCVVMx # EzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoT # FU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjElMCMGA1UECxMcTWljcm9zb2Z0IEFtZXJp # Y2EgT3BlcmF0aW9uczEnMCUGA1UECxMeblNoaWVsZCBUU1MgRVNOOjMzMDMtMDVF # MC1EOTQ3MSUwIwYDVQQDExxNaWNyb3NvZnQgVGltZS1TdGFtcCBTZXJ2aWNlMIIC # IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzLEiBfHvTZhHPvNzVWRoFlmY # v8AWLfM4cQH0hjO8cOyuwmwP9QOBoaLz75CGPO97Z8s3cmXvumB18fkXetfJUA5p # puV+HromBudy3e1iCvg3focotB/ew+hzOGcxqqL5sAdH2d5YfqYSS6D0/vcq0yxc # 5JCsNlXG+8FzAc4g9DFVWG5sEZUWsqU57Zd/SBDQhIo1vY+jBJU8lz9s63NDrYUD # eUazE2OYmY2tzMhwhZmDBop5h37bGht2HYvBmvAUI3baE5uXVYZ6rNqijRDqmUqJ # 9vEeF339LZSS+VB8iN28sB//s0HibvKp7EgovFRTzrGRG+nGc4Vx2gIkhrXSgG0E # WgCIRMWyFKXicqQu5fsKigtwTvQAxrqQfWYFBW0r+RAhYzA8235vDOc89gOMWDT0 # F6mb9MBli/o072+5BWIgzz3vs0cgW85q0qTmwe16o6s1BTSpcKfjMdeZNRexTLOR # DNrhuvCELHQBgZGW0g5rhpoz22e3bYpvlx7odzUuiZl2D0u64pKQm1LDGTJ+XlsY # lhSJOn9NLJEeES1podDejqvimCNXwOfS8xogGzq3MYL0JEaNzg+KNSVvc9UzTMBG # 5Mz61zKPK6xrLhqMmFnLJvcYXdBlyERxwuuJ82yN3tBuY6hLFkHOLmkHkkcq+9Ck # Yo81clo42H7BLb1TJScCAwEAAaOCAUkwggFFMB0GA1UdDgQWBBSCphxkXTyHS0V7 # bEeV0UsjN/tpDDAfBgNVHSMEGDAWgBSfpxVdAF5iXYP05dJlpxtTNRnpcjBfBgNV # HR8EWDBWMFSgUqBQhk5odHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2Ny # bC9NaWNyb3NvZnQlMjBUaW1lLVN0YW1wJTIwUENBJTIwMjAxMCgxKS5jcmwwbAYI # KwYBBQUHAQEEYDBeMFwGCCsGAQUFBzAChlBodHRwOi8vd3d3Lm1pY3Jvc29mdC5j # b20vcGtpb3BzL2NlcnRzL01pY3Jvc29mdCUyMFRpbWUtU3RhbXAlMjBQQ0ElMjAy # MDEwKDEpLmNydDAMBgNVHRMBAf8EAjAAMBYGA1UdJQEB/wQMMAoGCCsGAQUFBwMI # MA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOCAgEAeRlDKPV74lJd4O9r # vKEE6KyCg6AHYFmeC0PfnQBEApmnrbE4ZMWzZtebHruxpsKWXYTEDfEzXXRpIubO # SHvmgNlRKPb2c99ZZbrBwVwFa0Labn0KrSAPtp57rH2mL4ora+qeZFU+tPSyEzmI # HSkVhKX8f+Mk+UfcjHisaMZJPLchohj2SuNEk+WdeDj3SX1W5GHgr5S0HJbF9flg # WTcf12b2syZl472I07htEG2accOGTt2aH30GMWWEc59M+NVOzAxZV6NooX2rHWx7 # rmupKR8SfQCKFHr4d5s71MWKdLtM98GAz6S7qPjNlWIfFzglAdLu+cRt0ufvfEyp # hW6mWIKYK+j/mCnmqNmKQdYs7POdGEs7sGl+5EcQFEZZjf4+R7+MGm5zn2W9+pg6 # iaeCHhpsD7cCPLRD7LkQJsq3no8oZGVe3X4CeDfN0AYaR1WZQeBZpSUfMhd2gdeU # FurcOAmh/jzCA7nehnjiTuHEBPpU3OqyCZjeHH4tk0xu3uPU74Ql3wUtqczsm/WH # pkptJK5PIyYes4Hhqs7ZO83sHxPt7IUEXO+LFy2OfKb1aM534Hxr8tZZW6uDnsve # iqLsIroQ7cbipU51u6cO8WjT4SDLDsVvHaUqfdeRbSnzqikf3XyTrGxw0iWP4oic # +JligBqMnXizOsy5qIUQj1pP0OYwggdxMIIFWaADAgECAhMzAAAAFcXna54Cm0mZ # AAAAAAAVMA0GCSqGSIb3DQEBCwUAMIGIMQswCQYDVQQGEwJVUzETMBEGA1UECBMK # V2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0 # IENvcnBvcmF0aW9uMTIwMAYDVQQDEylNaWNyb3NvZnQgUm9vdCBDZXJ0aWZpY2F0 # ZSBBdXRob3JpdHkgMjAxMDAeFw0yMTA5MzAxODIyMjVaFw0zMDA5MzAxODMyMjVa # MHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdS # ZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMT # HU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwMIICIjANBgkqhkiG9w0BAQEF # AAOCAg8AMIICCgKCAgEA5OGmTOe0ciELeaLL1yR5vQ7VgtP97pwHB9KpbE51yMo1 # V/YBf2xK4OK9uT4XYDP/XE/HZveVU3Fa4n5KWv64NmeFRiMMtY0Tz3cywBAY6GB9 # alKDRLemjkZrBxTzxXb1hlDcwUTIcVxRMTegCjhuje3XD9gmU3w5YQJ6xKr9cmmv # Haus9ja+NSZk2pg7uhp7M62AW36MEBydUv626GIl3GoPz130/o5Tz9bshVZN7928 # jaTjkY+yOSxRnOlwaQ3KNi1wjjHINSi947SHJMPgyY9+tVSP3PoFVZhtaDuaRr3t # pK56KTesy+uDRedGbsoy1cCGMFxPLOJiss254o2I5JasAUq7vnGpF1tnYN74kpEe # HT39IM9zfUGaRnXNxF803RKJ1v2lIH1+/NmeRd+2ci/bfV+AutuqfjbsNkz2K26o # ElHovwUDo9Fzpk03dJQcNIIP8BDyt0cY7afomXw/TNuvXsLz1dhzPUNOwTM5TI4C # vEJoLhDqhFFG4tG9ahhaYQFzymeiXtcodgLiMxhy16cg8ML6EgrXY28MyTZki1ug # poMhXV8wdJGUlNi5UPkLiWHzNgY1GIRH29wb0f2y1BzFa/ZcUlFdEtsluq9QBXps # xREdcu+N+VLEhReTwDwV2xo3xwgVGD94q0W29R6HXtqPnhZyacaue7e3PmriLq0C # AwEAAaOCAd0wggHZMBIGCSsGAQQBgjcVAQQFAgMBAAEwIwYJKwYBBAGCNxUCBBYE # FCqnUv5kxJq+gpE8RjUpzxD/LwTuMB0GA1UdDgQWBBSfpxVdAF5iXYP05dJlpxtT # NRnpcjBcBgNVHSAEVTBTMFEGDCsGAQQBgjdMg30BATBBMD8GCCsGAQUFBwIBFjNo # dHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL0RvY3MvUmVwb3NpdG9yeS5o # dG0wEwYDVR0lBAwwCgYIKwYBBQUHAwgwGQYJKwYBBAGCNxQCBAweCgBTAHUAYgBD # AEEwCwYDVR0PBAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAU1fZW # y4/oolxiaNE9lJBb186aGMQwVgYDVR0fBE8wTTBLoEmgR4ZFaHR0cDovL2NybC5t # aWNyb3NvZnQuY29tL3BraS9jcmwvcHJvZHVjdHMvTWljUm9vQ2VyQXV0XzIwMTAt # MDYtMjMuY3JsMFoGCCsGAQUFBwEBBE4wTDBKBggrBgEFBQcwAoY+aHR0cDovL3d3 # dy5taWNyb3NvZnQuY29tL3BraS9jZXJ0cy9NaWNSb29DZXJBdXRfMjAxMC0wNi0y # My5jcnQwDQYJKoZIhvcNAQELBQADggIBAJ1VffwqreEsH2cBMSRb4Z5yS/ypb+pc # FLY+TkdkeLEGk5c9MTO1OdfCcTY/2mRsfNB1OW27DzHkwo/7bNGhlBgi7ulmZzpT # Td2YurYeeNg2LpypglYAA7AFvonoaeC6Ce5732pvvinLbtg/SHUB2RjebYIM9W0j # VOR4U3UkV7ndn/OOPcbzaN9l9qRWqveVtihVJ9AkvUCgvxm2EhIRXT0n4ECWOKz3 # +SmJw7wXsFSFQrP8DJ6LGYnn8AtqgcKBGUIZUnWKNsIdw2FzLixre24/LAl4FOmR # sqlb30mjdAy87JGA0j3mSj5mO0+7hvoyGtmW9I/2kQH2zsZ0/fZMcm8Qq3UwxTSw # ethQ/gpY3UA8x1RtnWN0SCyxTkctwRQEcb9k+SS+c23Kjgm9swFXSVRk2XPXfx5b # RAGOWhmRaw2fpCjcZxkoJLo4S5pu+yFUa2pFEUep8beuyOiJXk+d0tBMdrVXVAmx # aQFEfnyhYWxz/gq77EFmPWn9y8FBSX5+k77L+DvktxW/tM4+pTFRhLy/AsGConsX # HRWJjXD+57XQKBqJC4822rpM+Zv/Cuk0+CQ1ZyvgDbjmjJnW4SLq8CdCPSWU5nR0 # W2rRnj7tfqAxM328y+l7vzhwRNGQ8cirOoo6CGJ/2XBjU02N7oJtpQUQwXEGahC0 # HVUzWLOhcGbyoYIDUDCCAjgCAQEwgfmhgdGkgc4wgcsxCzAJBgNVBAYTAlVTMRMw # EQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVN # aWNyb3NvZnQgQ29ycG9yYXRpb24xJTAjBgNVBAsTHE1pY3Jvc29mdCBBbWVyaWNh # IE9wZXJhdGlvbnMxJzAlBgNVBAsTHm5TaGllbGQgVFNTIEVTTjozMzAzLTA1RTAt # RDk0NzElMCMGA1UEAxMcTWljcm9zb2Z0IFRpbWUtU3RhbXAgU2VydmljZaIjCgEB # MAcGBSsOAwIaAxUATk7md7mH4ooUuM0U6MYrA7fZiaSggYMwgYCkfjB8MQswCQYD # VQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEe # MBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQDEx1NaWNyb3Nv # ZnQgVGltZS1TdGFtcCBQQ0EgMjAxMDANBgkqhkiG9w0BAQsFAAIFAOkFSDwwIhgP # MjAyMzExMjAwMjUxNDBaGA8yMDIzMTEyMTAyNTE0MFowdzA9BgorBgEEAYRZCgQB # MS8wLTAKAgUA6QVIPAIBADAKAgEAAgIQ1wIB/zAHAgEAAgIUfDAKAgUA6QaZvAIB # ADA2BgorBgEEAYRZCgQCMSgwJjAMBgorBgEEAYRZCgMCoAowCAIBAAIDB6EgoQow # CAIBAAIDAYagMA0GCSqGSIb3DQEBCwUAA4IBAQBBM7tcMv9YU/qhBXUTrHsMkOBE # odHX7AoEw6rroPaMm1TOK2z5+NFPjfMCgYiq9uPRAp7SsDxHdxJpqUruhb319ODR # 6PhhpOHa8qXMyhw5FD2l0Nt/5bNsnCUKRh7YKI4OSjeRaxufal/sw9BZW0vKRFyN # ZirQqiR8hSYldb6kkvnb9y3tkD2rwQ4sltQYEG5qXTG1be96OEvhGb2BGmC0+hWz # mxpHhVLMo6+APLKchzL5wLaF7g0RgbP7XTvuMQ2VQ7Hvt7V19XqVc2IRXPapL+HL # DWTmp6fUuBriZlfwWU7GgFewD5ZV/j691suFpfCFXt6HR5fj3lq+jyaGid/CMYIE # DTCCBAkCAQEwgZMwfDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24x # EDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlv # bjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBIDIwMTACEzMAAAHM # hqXcN+vZYS0AAQAAAcwwDQYJYIZIAWUDBAIBBQCgggFKMBoGCSqGSIb3DQEJAzEN # BgsqhkiG9w0BCRABBDAvBgkqhkiG9w0BCQQxIgQgfsxWXRw9CACQoBhNKcaC0EJz # nkKig6ffrR6CKz3+LR8wgfoGCyqGSIb3DQEJEAIvMYHqMIHnMIHkMIG9BCDW7mUB # wv7DAhPnIClUpMCqQyAn53nxWWIA2xeB63BY5jCBmDCBgKR+MHwxCzAJBgNVBAYT # AlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYD # VQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBU # aW1lLVN0YW1wIFBDQSAyMDEwAhMzAAABzIal3Dfr2WEtAAEAAAHMMCIEIMYc9IGt # qIZ4T9Kwq7Q0B/XdFBztgOWbsi4jfj0DzdZ4MA0GCSqGSIb3DQEBCwUABIICACRq # jkaLVk2inHRFx0hf8N1jvT0aNZT/ucZ8a3uOyRdW0yeJ0eqajrZy0RoJjHj6L7zm # 24nE1BH4fnlbxib3T8182dEPJFkhqMpJY9QdUm5VfkW6DH1525zopdNZAPmwvtQ0 # qVuBFwFDpFIIfXQEs3cOObnR4ZtcA/nMbLVwPgd2m5xM8EmOoMaB/Uuc+G6bP93y # oGxYzc+9Cgmczj4IWkvNVl32IKc+V6c71sZL2/N6bub1o0baWOoP571T9QCKOHCX # OSLxYh8dhBXzXG1WFD8/Ed5jBEpD48sY9ut7Xv0zPg/pghN1iaU/aFufAaqCSSzs # 5X7ISaujIH65peGyL+Orh9l7vrG+deJTkbRgeU649P1EIv72OTr9v3FsMyTvHmp8 # IDow7YLXfa7aGeTz3gaEBqnUOTB8OUCIhQqM+1o+YOBssXcq8K/67W8w4umtZ/2q # EKnMqEFo88UH0myIScPjZrxHYzwXqvJzAO1Mf+RayvVp6KaKjfU2QQK/fPuT/zpr # 7tbEjslSWoBX101SQU8G+XPlegoNzU+5t+H2vfrE+vcK35w1zuDnqGoCtVNhYpfc # Mq3KOc/UXSBBZDvGFnIBFttbWkACjqDeNcrtQIjC/NlFbKQeFCg5D5YizF5CVnM6 # sNYxxRK/UEwxIiGul1fnTGkeMAdQlzTvhEG5pCkk # SIG # End signature block |