ADFSToolbox

2.0.10.0

tlsModule/AdfsTlsModule.psm1

                                #Copyright (c) Microsoft Corporation. All rights reserved.

#Licensed under the MIT License.

<#

.SYNOPSIS

Configures ADFS servers for TLS 1.2 security.

.DESCRIPTION

The Get-ADFSTLSConfiguration cmdlet checks the local server's configuration for TLS and SSL and both writes the results to the console and places the results in a text file for review.

.PARAMETER

This cmdlet takes no parameters.

.EXAMPLE

Get-ADFSTLSConfiguration

.NOTES

Registry items detailed in https://support2.microsoft.com/kb/245030/en-us

Offical doc @ https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/manage-ssl-protocols-in-ad-fs

#>

$global:FormatEnumerationLimit = -1

Function Get-ADFSTLSConfiguration

{

    #function to review the current TLS config of the ADFS server and place results to an output file.

    #function should return a boolean response for whether only TLS 1.2 is allowed true, else false

    Write-host "This cmdlet provides a per server test result of what SSL and TLS settings are currently configured per the local servers registry. Each ADFS server in the farm will need the test ran individually." -ForegroundColor Yellow

    $OutputValues = new-object PSObject

    $OutputFile = ($pwd.path + '\') + (($env:COMPUTERNAME) + "_ADFS-TLSConfig.txt")

    $Time = Get-Date

    "ADFS SSL/TLS Configuration" | Out-file -FilePath $OutputFile -Encoding utf8

    (get-wmiobject -class win32_computersystem).Name | Out-file -FilePath $OutputFile -Encoding utf8 -Append

    $Time |  Out-file -FilePath $OutputFile -Encoding utf8 -Append

    "**********************************************************"  |  Out-file -FilePath $OutputFile -Encoding utf8 -Append

    #Read current registry config for SSL and TLS settings.

    if (Test-path -path Registry::"HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\PCT 1.0\Client")

        {$PCT1ClientReg = Get-ItemProperty -Path Registry::"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\PCT 1.0\Client"}

    if (Test-path -path Registry::"HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\PCT 1.0\Server")

        {$PCT1ServerReg = Get-ItemProperty -Path Registry::"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\PCT 1.0\Server"}

    if (Test-path -path Registry::"HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Client")

        {$SSL2ClientReg = Get-ItemProperty -Path Registry::"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Client"}

    if (Test-path -path Registry::"HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server")

        {$SSL2ServerReg = Get-ItemProperty -Path Registry::"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server"}

    if (Test-path -path Registry::"HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client")

        {$SSL3ClientReg = Get-ItemProperty -Path Registry::"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client"}

    if (Test-path -path Registry::"HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server")

        {$SSL3ServerReg = Get-ItemProperty -Path Registry::"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server"}

    if (Test-path -path Registry::"HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client")

         {$TLS1ClientReg = Get-ItemProperty -Path Registry::"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client"}

    if (Test-path -path Registry::"HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server")

        {$TLS1ServerReg = Get-ItemProperty -Path Registry::"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server"}

    if (Test-path -path Registry::"HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client")

        {$TLS11ClientReg = Get-ItemProperty -Path Registry::"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client"}

    if (Test-path -path Registry::"HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Server")

        {$TLS11ServerReg = Get-ItemProperty -Path Registry::"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Server"}

    if (Test-path -path Registry::"HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client")

        {$TLS12ClientReg = Get-ItemProperty -Path Registry::"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client"}

    if (Test-path -path Registry::"HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server")

        {$TLS12ServerReg = Get-ItemProperty -Path Registry::"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server"}

    if (($PCT1ClientReg.Enabled -eq 0) -or ($PCT1ClientReg.Enabled -eq $null))

        {add-member -inputobject $OutputValues -membertype noteproperty -name "PCT1 Client Setting" -value "Disabled (default)"}

        else

        {add-member -inputobject $OutputValues -membertype noteproperty -name "PCT1 Client Setting" -value "Enabled (NOT default)"}

    if (($PCT1ServerReg.Enabled -eq 0) -or ($PCT1ServerReg.Enabled -eq $null))

        {add-member -inputobject $OutputValues -membertype noteproperty -name "PCT1 Server Setting" -value "Disabled (default)"}

        else

        {add-member -inputobject $OutputValues -membertype noteproperty -name "PCT1 Server Setting" -value "Enabled (NOT default)"}

    if (($SSL2ClientReg.Enabled -eq 1) -or ($SSL2ClientReg.Enabled -eq $null))

        {add-member -inputobject $OutputValues -membertype noteproperty -name "SSL2 Client Setting" -value "Enabled (default)"}

        else

        {add-member -inputobject $OutputValues -membertype noteproperty -name "SSL2 Client Setting" -value "Disabled (NOT default)"}

    if (($SSL2ServerReg.Enabled -eq 1) -or ($SSL2ServerReg.Enabled -eq $null))

        {add-member -inputobject $OutputValues -membertype noteproperty -name "SSL2 Server Setting" -value "Enabled (default)"}

        else

        {add-member -inputobject $OutputValues -membertype noteproperty -name "SSL2 Server Setting" -value "Disabled (NOT default)"}

    if (($SSL3ClientReg.Enabled -eq 1) -or ($SSL3ClientReg.Enabled -eq $null))

        {add-member -inputobject $OutputValues -membertype noteproperty -name "SSL3 Client Setting" -value "Enabled (default)"}

        else

        {add-member -inputobject $OutputValues -membertype noteproperty -name "SSL3 Client Setting" -value "Disabled (NOT default) for POODLE"}

    if (($SSL3ServerReg.Enabled -eq 1) -or ($SSL3ServerReg.Enabled -eq $null))

        {add-member -inputobject $OutputValues -membertype noteproperty -name "SSL3 Server Setting" -value "Enabled (default) - POODLE still possible"}

        else

        {add-member -inputobject $OutputValues -membertype noteproperty -name "SSL3 Server Setting" -value "Disabled (NOT Default) for POODLE"}

    if (($TLS1ClientReg.Enabled -eq 1) -or ($TLS1ClientReg.Enabled -eq $null))

        {add-member -inputobject $OutputValues -membertype noteproperty -name "TLS 1.0 Client Setting" -value "Enabled (default)"}

        else

        {add-member -inputobject $OutputValues -membertype noteproperty -name "TLS 1.0 Client Setting" -value "Disabled (NOT default)"}

    if (($TLS1ServerReg.Enabled -eq 1) -or ($TLS1ServerReg.Enabled -eq $null))

        {add-member -inputobject $OutputValues -membertype noteproperty -name "TLS 1.0 Server Setting" -value "Enabled (default)"}

        else

        {add-member -inputobject $OutputValues -membertype noteproperty -name "TLS 1.0 Server Setting" -value "Disabled (NOT Default)"}

    if (($TLS11ClientReg.Enabled -eq 1) -or ($TLS11ClientReg.Enabled -eq $null))

        {add-member -inputobject $OutputValues -membertype noteproperty -name "TLS 1.1 Client Setting" -value "Enabled (default)"}

        else

        {add-member -inputobject $OutputValues -membertype noteproperty -name "TLS 1.1 Client Setting" -value "Disabled (NOT default)"}

    if (($TLS11ServerReg.Enabled -eq 1) -or ($TLS11ServerReg.Enabled -eq $null))

        {add-member -inputobject $OutputValues -membertype noteproperty -name "TLS 1.1 Server Setting" -value "Enabled (default)"}

        else

        {add-member -inputobject $OutputValues -membertype noteproperty -name "TLS 1.1 Server Setting" -value "Disabled (NOT Default)"}

    if (($TLS12ClientReg.Enabled -eq 1) -or ($TLS12ClientReg.Enabled -eq $null))

        {add-member -inputobject $OutputValues -membertype noteproperty -name "TLS 1.2 Client Setting" -value "Enabled (default)"}

        else

        {add-member -inputobject $OutputValues -membertype noteproperty -name "TLS 1.2 Client Setting" -value "Disabled (NOT default)"}

    if (($TLS12ServerReg.Enabled -eq 1) -or ($TLS12ServerReg.Enabled -eq $null))

        {add-member -inputobject $OutputValues -membertype noteproperty -name "TLS 1.2 Server Setting" -value "Enabled (default)"}

        else

        {add-member -inputobject $OutputValues -membertype noteproperty -name "TLS 1.2 Server Setting" -value "Disabled (NOT Default)"}

    if ($TLS12ServerReg.enabled -eq 1)

        {$TLS1dot2 = $true}

        else

        {$TLS1dot2 = $false}

    $OutputValues | Out-file -FilePath $OutputFile -Encoding utf8 -Append

    If ($TLS1dot2 -ne $true)

    {

    Write-host "The computer" ($env:COMPUTERNAME) "is not configured to use only Transport Layer Security 1.2. Run the Set-ADFSTLSConfiguration cmdlet on this server to use TLS 1.2 only." -BackgroundColor Yellow -ForegroundColor Red

    }

If ($TLS1dot2 -eq $true)

    {

    Write-host "This ADFS server is already enabled for TLS 1.2 only." -ForegroundColor Green

    }

}

<#

.SYNOPSIS

Configures ADFS servers for TLS 1.2 security.

.DESCRIPTION

The Set-ADFSTLSConfiguration cmdlet enables TLS 1.2 as client and server (if needed) and turns off TLS SSL, TLS 1.0 and TLS 1.1.

.PARAMETER

This cmdlet takes no parameters.

.EXAMPLE

Set-ADFSTLSConfiguration

.NOTES

Registry items detailed in http://support2.microsoft.com/kb/245030/en-us

Offical doc @ https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/manage-ssl-protocols-in-ad-fs

#>

Function Set-ADFSTLSConfiguration

{

    #enable strong crypto for .Net

    if (Test-path -path Registry::'HKLM\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v2.0.50727')

    {New-ItemProperty -Path Registry::'HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v2.0.50727' -name 'SchUseStrongCrypto' -value '1' -PropertyType 'DWord' -Force | Out-Null}

    if (Test-path -path Registry::"HKLM\SOFTWARE\Microsoft\.NetFramework\v4.0.30319")

    {New-ItemProperty -path 'HKLM:\SOFTWARE\Microsoft\.NetFramework\v4.0.30319' -name 'SchUseStrongCrypto' -value '1' -PropertyType 'DWord' -Force | Out-Null}

    Write-Host '.Net Schannel Use Strong Crypto is enabled.'  -ForegroundColor Green

     #enable TLS 1.2

    New-Item 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server' -Force | Out-Null

    New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server' -name 'Enabled' -value '1' -PropertyType 'DWord' -Force | Out-Null

    New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server' -name 'DisabledByDefault' -value 0 -PropertyType 'DWord' -Force | Out-Null

    New-Item 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client' -Force | Out-Null

    New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client' -name 'Enabled' -value '1' -PropertyType 'DWord' -Force | Out-Null

    New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client' -name 'DisabledByDefault' -value 0 -PropertyType 'DWord' -Force | Out-Null

    Write-Host 'TLS 1.2 is enabled.'  -ForegroundColor Green

    #SSL 2.0

    New-Item 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server' -Force | Out-Null

    New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server' -name 'Enabled' -value '0' -PropertyType 'DWord' -Force | Out-Null

    New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server' -name 'DisabledByDefault' -value 1 -PropertyType 'DWord' -Force | Out-Null

    New-Item 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Client' -Force | Out-Null

    New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Client' -name 'Enabled' -value '0' -PropertyType 'DWord' -Force | Out-Null

    New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Client' -name 'DisabledByDefault' -value 1 -PropertyType 'DWord' -Force | Out-Null

    Write-Host 'SSL 2.0 has been disabled.' -ForegroundColor Green

    #disable SSL 3.0

    New-Item 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server' -Force | Out-Null

    New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server' -name 'Enabled' -value '0' -PropertyType 'DWord' -Force | Out-Null

    New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server' -name 'DisabledByDefault' -value 1 -PropertyType 'DWord' -Force | Out-Null

    New-Item 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client' -Force | Out-Null

    New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client' -name 'Enabled' -value '0' -PropertyType 'DWord' -Force | Out-Null

    New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client' -name 'DisabledByDefault' -value 1 -PropertyType 'DWord' -Force | Out-Null

    Write-Host 'SSL 3.0 has been disabled.' -ForegroundColor Green

    #disable TLS 1.0

    New-Item 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server' -Force | Out-Null

    New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server' -name 'Enabled' -value '0' -PropertyType 'DWord' -Force | Out-Null

    New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server' -name 'DisabledByDefault' -value 1 -PropertyType 'DWord' -Force | Out-Null

    New-Item 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client' -Force | Out-Null

    New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client' -name 'Enabled' -value '0' -PropertyType 'DWord' -Force | Out-Null

    New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client' -name 'DisabledByDefault' -value 1 -PropertyType 'DWord' -Force | Out-Null

    Write-Host 'TLS 1.0 has been disabled.' -ForegroundColor Green

    #disable TLS 1.1

    New-Item 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Server' -Force | Out-Null

    New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Server' -name 'Enabled' -value '0' -PropertyType 'DWord' -Force | Out-Null

    New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Server' -name 'DisabledByDefault' -value 1 -PropertyType 'DWord' -Force | Out-Null

    New-Item 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client' -Force | Out-Null

    New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client' -name 'Enabled' -value '0' -PropertyType 'DWord' -Force | Out-Null

    New-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client' -name 'DisabledByDefault' -value 1 -PropertyType 'DWord' -Force | Out-Null

    Write-Host 'TLS 1.1 has been disabled.' -ForegroundColor Green

    Write-host 'TLS 1.2 is now the sole SSL/TLS setting allowed on this server.'  -ForegroundColor Green

    Write-host 'WARNING: The server must be rebooted for the SSL and TLS settings to take effect.' -BackgroundColor Red

}

#Export the appropriate module functions

Export-ModuleMember -Function Get-ADFSTLSConfiguration

Export-ModuleMember -Function Set-ADFSTLSConfiguration

# SIG # Begin signature block

# MIIjhAYJKoZIhvcNAQcCoIIjdTCCI3ECAQExDzANBglghkgBZQMEAgEFADB5Bgor

# BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG

# KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCDn7eKmJSZFF/5H

# 1IoYXqRkXiBCu9VsYMg8p+ufedZRhKCCDYIwggYAMIID6KADAgECAhMzAAABXFSi

# Z7ZIC9ybAAAAAAFcMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNVBAYTAlVTMRMwEQYD

# VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy

# b3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNpZ25p

# bmcgUENBIDIwMTEwHhcNMTkwNjA1MTczNDU2WhcNMjAwNjAzMTczNDU2WjB0MQsw

# CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9u

# ZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMR4wHAYDVQQDExVNaWNy

# b3NvZnQgQ29ycG9yYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB

# AQC1Bfsypco2wGSeVhv1kfGPga1DJXLSLKz6oDb870Zcez2WOFhcKlcIozpXNwjY

# tKAnHUlDjbkJ+Ejwe/sfKf8B0gEltYzCNHgoRG1JLCCnPm+3jzTItIVDewLi0zGZ

# 4WmeR6k05qBNg9eBfgdc+6PwHNkEy+hmu7ewXTsrUxwjMX2xSC56wawzIYyqr78w

# YhZRL2MfFmH0rBViobUMU3/5MwPCbVGJY05mZMGM1x6QL9WlhA+d0JIT1q3u4jbh

# iK8wScxiDyeIykDxzluGHaa76hgIdFDRidNhTmYBEXn2r1MaLRviiLZyjEt7avi7

# qqkhXefzIZ5c2iV1tb9Kc31zAgMBAAGjggF/MIIBezArBgNVHSUEJDAiBgorBgEE

# AYI3TBMBBgorBgEEAYI3TAgBBggrBgEFBQcDAzAdBgNVHQ4EFgQUtJuPF6DKaOYX

# HqR+uQJbTOBzmX8wRQYDVR0RBD4wPKQ6MDgxHjAcBgNVBAsTFU1pY3Jvc29mdCBD

# b3Jwb3JhdGlvbjEWMBQGA1UEBRMNMjMzMTEwKzQ1NTUwMjAfBgNVHSMEGDAWgBRI

# bmTlUAXTgqoXNzcitW2oynUClTBUBgNVHR8ETTBLMEmgR6BFhkNodHRwOi8vd3d3

# Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NybC9NaWNDb2RTaWdQQ0EyMDExXzIwMTEt

# MDctMDguY3JsMGEGCCsGAQUFBwEBBFUwUzBRBggrBgEFBQcwAoZFaHR0cDovL3d3

# dy5taWNyb3NvZnQuY29tL3BraW9wcy9jZXJ0cy9NaWNDb2RTaWdQQ0EyMDExXzIw

# MTEtMDctMDguY3J0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggIBAEoN

# 39sJSBkqbUsRcN8UdOReYS/hQ0qCkZged24kxOvI1oeHznc8uNljCCyaeeA5bra3

# 55bZbzYBjTxHC+aQI0OUqkYhSXjf1irM08RCjt/NehtYfcnJq7QUDX0ge+qEfOK2

# bW9XMrcomzA69ZMMNRRNh0G81xV1UlTCbBlOsjFG1+mADQwZGWtOWtlScj3OU4HR

# oiXTaF3i064ANwZdebIIdMhzaGfCdWotnSmRiBIOqYhzE+vA4FGNuS20WyUsvCKK

# sXHCtOLI6+eWRX6VHqxQ4lrmCt7e6AjMeQ7dalQMtK7ttJ05lQhjV+eo1ibnqwyh

# UbMOFJBYy5DlSXng+iBLh4VEMiVVOf+hzHJyRDyZ0oladgmYtO2hrRc237HfojsB

# tFZuKF3D2udA9JlkoK9CE1rXjw0ShCoJnvLVaht4XEnQMhvu6BVx8nAtN1o6/BO5

# N3dKqX90ZnJxBKGDVjXMQXLjP8PeWU0zhS8eKiFkCyv/zVuydqH+1wfdBFjMX0EY

# asudfJXcRNlfTASIxeuCCDSNRm/SZiD4wDsRv8bkhTYJ3eFwKHhf+4XTjVJbStOH

# sVIyRaqX7m1EU2W/AdeY9/5wjaCgW4LU72JMsdXtQRpyyJYzB07ofeYcJtDdSa08

# LGIdTlOX8pIXQtsO7WIQvlWuK+RbyKJnEaROThFGMIIHejCCBWKgAwIBAgIKYQ6Q

# 0gAAAAAAAzANBgkqhkiG9w0BAQsFADCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgT

# Cldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29m

# dCBDb3Jwb3JhdGlvbjEyMDAGA1UEAxMpTWljcm9zb2Z0IFJvb3QgQ2VydGlmaWNh

# dGUgQXV0aG9yaXR5IDIwMTEwHhcNMTEwNzA4MjA1OTA5WhcNMjYwNzA4MjEwOTA5

# WjB+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMH

# UmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSgwJgYDVQQD

# Ex9NaWNyb3NvZnQgQ29kZSBTaWduaW5nIFBDQSAyMDExMIICIjANBgkqhkiG9w0B

# AQEFAAOCAg8AMIICCgKCAgEAq/D6chAcLq3YbqqCEE00uvK2WCGfQhsqa+laUKq4

# BjgaBEm6f8MMHt03a8YS2AvwOMKZBrDIOdUBFDFC04kNeWSHfpRgJGyvnkmc6Whe

# 0t+bU7IKLMOv2akrrnoJr9eWWcpgGgXpZnboMlImEi/nqwhQz7NEt13YxC4Ddato

# 88tt8zpcoRb0RrrgOGSsbmQ1eKagYw8t00CT+OPeBw3VXHmlSSnnDb6gE3e+lD3v

# ++MrWhAfTVYoonpy4BI6t0le2O3tQ5GD2Xuye4Yb2T6xjF3oiU+EGvKhL1nkkDst

# rjNYxbc+/jLTswM9sbKvkjh+0p2ALPVOVpEhNSXDOW5kf1O6nA+tGSOEy/S6A4aN

# 91/w0FK/jJSHvMAhdCVfGCi2zCcoOCWYOUo2z3yxkq4cI6epZuxhH2rhKEmdX4ji

# JV3TIUs+UsS1Vz8kA/DRelsv1SPjcF0PUUZ3s/gA4bysAoJf28AVs70b1FVL5zmh

# D+kjSbwYuER8ReTBw3J64HLnJN+/RpnF78IcV9uDjexNSTCnq47f7Fufr/zdsGbi

# wZeBe+3W7UvnSSmnEyimp31ngOaKYnhfsi+E11ecXL93KCjx7W3DKI8sj0A3T8Hh

# hUSJxAlMxdSlQy90lfdu+HggWCwTXWCVmj5PM4TasIgX3p5O9JawvEagbJjS4NaI

# jAsCAwEAAaOCAe0wggHpMBAGCSsGAQQBgjcVAQQDAgEAMB0GA1UdDgQWBBRIbmTl

# UAXTgqoXNzcitW2oynUClTAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTALBgNV

# HQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBRyLToCMZBDuRQF

# TuHqp8cx0SOJNDBaBgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLm1pY3Jvc29m

# dC5jb20vcGtpL2NybC9wcm9kdWN0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFfMDNf

# MjIuY3JsMF4GCCsGAQUFBwEBBFIwUDBOBggrBgEFBQcwAoZCaHR0cDovL3d3dy5t

# aWNyb3NvZnQuY29tL3BraS9jZXJ0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFfMDNf

# MjIuY3J0MIGfBgNVHSAEgZcwgZQwgZEGCSsGAQQBgjcuAzCBgzA/BggrBgEFBQcC

# ARYzaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9kb2NzL3ByaW1hcnlj

# cHMuaHRtMEAGCCsGAQUFBwICMDQeMiAdAEwAZQBnAGEAbABfAHAAbwBsAGkAYwB5

# AF8AcwB0AGEAdABlAG0AZQBuAHQALiAdMA0GCSqGSIb3DQEBCwUAA4ICAQBn8oal

# mOBUeRou09h0ZyKbC5YR4WOSmUKWfdJ5DJDBZV8uLD74w3LRbYP+vj/oCso7v0ep

# o/Np22O/IjWll11lhJB9i0ZQVdgMknzSGksc8zxCi1LQsP1r4z4HLimb5j0bpdS1

# HXeUOeLpZMlEPXh6I/MTfaaQdION9MsmAkYqwooQu6SpBQyb7Wj6aC6VoCo/KmtY

# SWMfCWluWpiW5IP0wI/zRive/DvQvTXvbiWu5a8n7dDd8w6vmSiXmE0OPQvyCInW

# H8MyGOLwxS3OW560STkKxgrCxq2u5bLZ2xWIUUVYODJxJxp/sfQn+N4sOiBpmLJZ

# iWhub6e3dMNABQamASooPoI/E01mC8CzTfXhj38cbxV9Rad25UAqZaPDXVJihsMd

# YzaXht/a8/jyFqGaJ+HNpZfQ7l1jQeNbB5yHPgZ3BtEGsXUfFL5hYbXw3MYbBL7f

# QccOKO7eZS/sl/ahXJbYANahRr1Z85elCUtIEJmAH9AAKcWxm6U/RXceNcbSoqKf

# enoi+kiVH6v7RyOA9Z74v2u3S5fi63V4GuzqN5l5GEv/1rMjaHXmr/r8i+sLgOpp

# O6/8MO0ETI7f33VtY5E90Z1WTk+/gFcioXgRMiF670EKsT/7qMykXcGhiJtXcVZO

# SEXAQsmbdlsKgEhr/Xmfwb1tbWrJUnMTDXpQzTGCFVgwghVUAgEBMIGVMH4xCzAJ

# BgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25k

# MR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jv

# c29mdCBDb2RlIFNpZ25pbmcgUENBIDIwMTECEzMAAAFcVKJntkgL3JsAAAAAAVww

# DQYJYIZIAWUDBAIBBQCgga4wGQYJKoZIhvcNAQkDMQwGCisGAQQBgjcCAQQwHAYK

# KwYBBAGCNwIBCzEOMAwGCisGAQQBgjcCARUwLwYJKoZIhvcNAQkEMSIEIHIlCH9J

# N5ZuRp7Oemusu9hnQmXMSxSKdnfcGGDp/W7TMEIGCisGAQQBgjcCAQwxNDAyoBSA

# EgBNAGkAYwByAG8AcwBvAGYAdKEagBhodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20w

# DQYJKoZIhvcNAQEBBQAEggEASntUP6RwklSrMuYXh7c6FWPOMB3nm5NAZ6tyrmvv

# 4tOek/d7wXGE/zCBU8Wnd7RCzp64lrXoeCqTyqMgXjPJ0IRtJS+IPKL1FuHn+Exe

# +NJjnKd+BSszSt7u/+JckE+N5NZ6wwdFARzcYkJYRTgr1LozKVBuCEcdrPkvxH3V

# bsg5dZnNpj6+57PTGyvGHvESGskwGckN2x9Fat7em29c9Afa1gXiqlhY8iNPusdU

# J9wapdsBWQhDJHy4wG05DalNYhoxg/W7f4YkZQBcugbZ92bjY30fy3HWfCM+k070

# bBd9F0Sra7W+p954+hGIPvNvm039X2c2LrkPioyy6Q6prqGCEuIwghLeBgorBgEE

# AYI3AwMBMYISzjCCEsoGCSqGSIb3DQEHAqCCErswghK3AgEDMQ8wDQYJYIZIAWUD

# BAIBBQAwggFRBgsqhkiG9w0BCRABBKCCAUAEggE8MIIBOAIBAQYKKwYBBAGEWQoD

# ATAxMA0GCWCGSAFlAwQCAQUABCAjehfzOhaSUssAn9UrA90psl9Wj5jKqXm5oIi6

# 7MELRAIGXMtItN5hGBMyMDE5MDczMTE3MjMzOC41MTJaMASAAgH0oIHQpIHNMIHK

# MQswCQYDVQQGEwJVUzELMAkGA1UECBMCV0ExEDAOBgNVBAcTB1JlZG1vbmQxHjAc

# BgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEtMCsGA1UECxMkTWljcm9zb2Z0

# IElyZWxhbmQgT3BlcmF0aW9ucyBMaW1pdGVkMSYwJAYDVQQLEx1UaGFsZXMgVFNT

# IEVTTjpBMjQwLTRCODItMTMwRTElMCMGA1UEAxMcTWljcm9zb2Z0IFRpbWUtU3Rh

# bXAgc2VydmljZaCCDjkwggTxMIID2aADAgECAhMzAAAA4LIYqdTRwrT3AAAAAADg

# MA0GCSqGSIb3DQEBCwUAMHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5n

# dG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9y

# YXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwMB4X

# DTE4MDgyMzIwMjcwMVoXDTE5MTEyMzIwMjcwMVowgcoxCzAJBgNVBAYTAlVTMQsw

# CQYDVQQIEwJXQTEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0

# IENvcnBvcmF0aW9uMS0wKwYDVQQLEyRNaWNyb3NvZnQgSXJlbGFuZCBPcGVyYXRp

# b25zIExpbWl0ZWQxJjAkBgNVBAsTHVRoYWxlcyBUU1MgRVNOOkEyNDAtNEI4Mi0x

# MzBFMSUwIwYDVQQDExxNaWNyb3NvZnQgVGltZS1TdGFtcCBzZXJ2aWNlMIIBIjAN

# BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpf4Zw7HpmycexTEuUbmibIkCQz9

# LYqsngnrbYjZRnDaGuNvKFbW5R+smWrQl2coMoc25wyaH0xyBrXYhM0HOXz4XXX0

# 3eIREIHeXIfwZRiE1xRMCeHfxoR2UNYWy3YgU/4+u0MdeVXrl8uZ/4zPT7yGwZLE

# lsF/L65IUU/66mtcVq5hfkn3GCsPqQvnd7VB64AAqNGGlR7kt45aV4N9wPqbpfMI

# m2QXBsTBdQqsJT9AHzFutA6eKpvyS21sXcf6ToojqzP7cpBQ7RJzdOx10Y1w4Q4X

# yHgQs+Bj4ghBZPeAGhccrBXhZ/b8s+08iicVJLFyYbVhqtouFpj3KYcg8wIDAQAB

# o4IBGzCCARcwHQYDVR0OBBYEFGtB0wq2Oc6s7/6eOK1rkm12gIfoMB8GA1UdIwQY

# MBaAFNVjOlyKMZDzQ3t8RhvFM2hahW1VMFYGA1UdHwRPME0wS6BJoEeGRWh0dHA6

# Ly9jcmwubWljcm9zb2Z0LmNvbS9wa2kvY3JsL3Byb2R1Y3RzL01pY1RpbVN0YVBD

# QV8yMDEwLTA3LTAxLmNybDBaBggrBgEFBQcBAQROMEwwSgYIKwYBBQUHMAKGPmh0

# dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2kvY2VydHMvTWljVGltU3RhUENBXzIw

# MTAtMDctMDEuY3J0MAwGA1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwgw

# DQYJKoZIhvcNAQELBQADggEBAAsf3p3ZkuQ1usYG/HyHRKiPet31AeyKGJWDUFP2

# GcKteebitZcIXB+UdQmlTK/pcjSHw/JfpasvJnaLvmcHK586N5tlBBjtLjRXeHPC

# HsOWePVfugKI0+s+SBiYd8uergwAkM0Wa0fturgsdZy7GIyv1rcUA6tSBx1ngMX6

# xsbAGTtQXUKNuTMd+GbHlYlY/rrH5stJ1Jn72dIRXDHjXeIuCnbNN5GPwsFlWQcO

# trQIzhyv3PNcDu4YrrbvSV+DDY2hLhXYXojcJh8gJm6amJs+ivvSDzO+YlxC284w

# 3OsiyaVTqte4H1QwmsHq8s4FZwtgiMau4AxskzPWn8DLREkwggZxMIIEWaADAgEC

# AgphCYEqAAAAAAACMA0GCSqGSIb3DQEBCwUAMIGIMQswCQYDVQQGEwJVUzETMBEG

# A1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWlj

# cm9zb2Z0IENvcnBvcmF0aW9uMTIwMAYDVQQDEylNaWNyb3NvZnQgUm9vdCBDZXJ0

# aWZpY2F0ZSBBdXRob3JpdHkgMjAxMDAeFw0xMDA3MDEyMTM2NTVaFw0yNTA3MDEy

# MTQ2NTVaMHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYD

# VQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJjAk

# BgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwMIIBIjANBgkqhkiG

# 9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqR0NvHcRijog7PwTl/X6f2mUa3RUENWlCgCC

# hfvtfGhLLF/Fw+Vhwna3PmYrW/AVUycEMR9BGxqVHc4JE458YTBZsTBED/FgiIRU

# QwzXTbg4CLNC3ZOs1nMwVyaCo0UN0Or1R4HNvyRgMlhgRvJYR4YyhB50YWeRX4FU

# sc+TTJLBxKZd0WETbijGGvmGgLvfYfxGwScdJGcSchohiq9LZIlQYrFd/XcfPfBX

# day9ikJNQFHRD5wGPmd/9WbAA5ZEfu/QS/1u5ZrKsajyeioKMfDaTgaRtogINeh4

# HLDpmc085y9Euqf03GS9pAHBIAmTeM38vMDJRF1eFpwBBU8iTQIDAQABo4IB5jCC

# AeIwEAYJKwYBBAGCNxUBBAMCAQAwHQYDVR0OBBYEFNVjOlyKMZDzQ3t8RhvFM2ha

# hW1VMBkGCSsGAQQBgjcUAgQMHgoAUwB1AGIAQwBBMAsGA1UdDwQEAwIBhjAPBgNV

# HRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFNX2VsuP6KJcYmjRPZSQW9fOmhjEMFYG

# A1UdHwRPME0wS6BJoEeGRWh0dHA6Ly9jcmwubWljcm9zb2Z0LmNvbS9wa2kvY3Js

# L3Byb2R1Y3RzL01pY1Jvb0NlckF1dF8yMDEwLTA2LTIzLmNybDBaBggrBgEFBQcB

# AQROMEwwSgYIKwYBBQUHMAKGPmh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2kv

# Y2VydHMvTWljUm9vQ2VyQXV0XzIwMTAtMDYtMjMuY3J0MIGgBgNVHSABAf8EgZUw

# gZIwgY8GCSsGAQQBgjcuAzCBgTA9BggrBgEFBQcCARYxaHR0cDovL3d3dy5taWNy

# b3NvZnQuY29tL1BLSS9kb2NzL0NQUy9kZWZhdWx0Lmh0bTBABggrBgEFBQcCAjA0

# HjIgHQBMAGUAZwBhAGwAXwBQAG8AbABpAGMAeQBfAFMAdABhAHQAZQBtAGUAbgB0

# AC4gHTANBgkqhkiG9w0BAQsFAAOCAgEAB+aIUQ3ixuCYP4FxAz2do6Ehb7Prpsz1

# Mb7PBeKp/vpXbRkws8LFZslq3/Xn8Hi9x6ieJeP5vO1rVFcIK1GCRBL7uVOMzPRg

# Eop2zEBAQZvcXBf/XPleFzWYJFZLdO9CEMivv3/Gf/I3fVo/HPKZeUqRUgCvOA8X

# 9S95gWXZqbVr5MfO9sp6AG9LMEQkIjzP7QOllo9ZKby2/QThcJ8ySif9Va8v/rbl

# jjO7Yl+a21dA6fHOmWaQjP9qYn/dxUoLkSbiOewZSnFjnXshbcOco6I8+n99lmqQ

# eKZt0uGc+R38ONiU9MalCpaGpL2eGq4EQoO4tYCbIjggtSXlZOz39L9+Y1klD3ou

# OVd2onGqBooPiRa6YacRy5rYDkeagMXQzafQ732D8OE7cQnfXXSYIghh2rBQHm+9

# 8eEA3+cxB6STOvdlR3jo+KhIq/fecn5ha293qYHLpwmsObvsxsvYgrRyzR30uIUB

# HoD7G4kqVDmyW9rIDVWZeodzOwjmmC3qjeAzLhIp9cAvVCch98isTtoouLGp25ay

# p0Kiyc8ZQU3ghvkqmqMRZjDTu3QyS99je/WZii8bxyGvWbWu3EQ8l1Bx16HSxVXj

# ad5XwdHeMMD9zOZN+w2/XU/pnR4ZOC+8z1gFLu8NoFA12u8JJxzVs341Hgi62jbb

# 01+P3nSISRKhggLLMIICNAIBATCB+KGB0KSBzTCByjELMAkGA1UEBhMCVVMxCzAJ

# BgNVBAgTAldBMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQg

# Q29ycG9yYXRpb24xLTArBgNVBAsTJE1pY3Jvc29mdCBJcmVsYW5kIE9wZXJhdGlv

# bnMgTGltaXRlZDEmMCQGA1UECxMdVGhhbGVzIFRTUyBFU046QTI0MC00QjgyLTEz

# MEUxJTAjBgNVBAMTHE1pY3Jvc29mdCBUaW1lLVN0YW1wIHNlcnZpY2WiIwoBATAH

# BgUrDgMCGgMVAMZ5pIzl3naash0KpCRp+3sIUgvRoIGDMIGApH4wfDELMAkGA1UE

# BhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAc

# BgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0

# IFRpbWUtU3RhbXAgUENBIDIwMTAwDQYJKoZIhvcNAQEFBQACBQDg68Q3MCIYDzIw

# MTkwNzMxMTUzOTM1WhgPMjAxOTA4MDExNTM5MzVaMHQwOgYKKwYBBAGEWQoEATEs

# MCowCgIFAODrxDcCAQAwBwIBAAICHwMwBwIBAAICEbcwCgIFAODtFbcCAQAwNgYK

# KwYBBAGEWQoEAjEoMCYwDAYKKwYBBAGEWQoDAqAKMAgCAQACAwehIKEKMAgCAQAC

# AwGGoDANBgkqhkiG9w0BAQUFAAOBgQCoehYNQE8/uhZTvQfCDeob+smJ8MNxcGqc

# 08WouZvsVAPU7FAxgxQw5A0Nl613OMgQxTROqjSPumnDlEu1Lyzb3zt75CZpJKOb

# oi/BPI6wJ6zpzpIVaxAfP9R8U9Lh4Fd80em4xOH1DcVmGSApLgS4dKj6DehB/fsx

# L4peQu4/HzGCAw0wggMJAgEBMIGTMHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpX

# YXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQg

# Q29ycG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAy

# MDEwAhMzAAAA4LIYqdTRwrT3AAAAAADgMA0GCWCGSAFlAwQCAQUAoIIBSjAaBgkq

# hkiG9w0BCQMxDQYLKoZIhvcNAQkQAQQwLwYJKoZIhvcNAQkEMSIEIPDj8ZAbNl0V

# FX2WgRexGPbRY4VqmUFDNt/um1tk06aJMIH6BgsqhkiG9w0BCRACLzGB6jCB5zCB

# 5DCBvQQgpYEvVaQzKLJXcoNRkD1VZOcMDTg/j3JdmqC70axCX5AwgZgwgYCkfjB8

# MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVk

# bW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQDEx1N

# aWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMAITMwAAAOCyGKnU0cK09wAAAAAA

# 4DAiBCDwareqXLQmje1ipTFWfWzgifZ10Bl0TEUqKYfhaR39ITANBgkqhkiG9w0B

# AQsFAASCAQCnotySFoQPwXM7w2Z119rnbaX+oT71Ke6U/ooKIgspS6yeXoV1sJzn

# YvaXEKs8fFCQWuEBCgCMxS+X+KctFnQfTKyxkRYjK2xK1NPI0hCVMJ5Ys/+e2oWS

# VL7I5XWNkEMRu4bU2/iHAszSebq98t0+6cFfwCYNEdZxFHpTAV14xtc2xXzCYeVA

# lFgex8O801RCrbRjxicgDPsMHnkL/3LGJzb2QKSnj3kacuyPGOx/fnEbCUfEpdwm

# NGkkXrUOPU+8MpKXKRAdl6VNkGj/UgI7J7rm6QkyxykWYJ1NL7obyYcdaakVlxws

# /CNoAqvKC8nEBXU8MwLP9SJONPddeRmm

# SIG # End signature block