ExoHelper.psm1
|
#region Public commands function Get-ExoDefaultClientId { [CmdletBinding()] param ( ) process { 'fb78d390-0c51-40cd-8e17-fdbfab77341b' } } function Get-ExoToken { <# .SYNOPSIS Retrieves access token for authentication with EXO REST API .DESCRIPTION Retrieves access token for authentication with EXO REST API via authentication factory .OUTPUTS Hash table with authorization header containing access token, ready to be passed as headers to web request .EXAMPLE Get-ExoToken Description ----------- Retieve authorizatin header for calling EXO REST API #> param ( [Parameter()] #Connection context as returned by New-ExoConnection #When not specified, uses most recently created connection context $Connection = $script:ConnectionContext, #Forces reauthentication #Usefiu when want to continue working after PIN JIT re-elevation [switch]$ForceRefresh ) begin { if($null -eq $Connection ) { throw 'Call New-ExoConnection first' } } process { if($Connection.IsIPPS) { $Scopes = "https://ps.compliance.protection.outlook.com/.default" } else { $Scopes = "https://outlook.office365.com/.default" } Get-AadToken -Factory $Connection.AuthenticationFactory -Scopes $scopes -ForceRefresh:$ForceRefresh } } function Invoke-ExoCommand { <# .SYNOPSIS Invokes EXO REST API to execute command provided .DESCRIPTION Invokes EXO REST API to execute command provided along with parameters for the command and optional list of properties to return if full object is not desired .OUTPUTS Data returned by executed command .EXAMPLE Invoke-ExoCommand -Name 'Get-Mailbox' -Parameters @{Identity = 'JohnDoe'} -PropertiesToLoad 'netId' Description ----------- This command retrieves mailbox of user JohnDoe and returns just netId property .EXAMPLE $connection = New-AadAuthenticationFactory -ClientId (Get-ExoDefaultClientId) -TenantId 'mydomain.onmicrosoft.com' -AuthMode Interactive | New-ExoConnection -IPPS Invoke-ExoCommand -Connection $connection -Name 'Get-Label' -PropertiesToLoad 'ImmutableId','DisplayName' -RemoveOdataProperties -ShowWarnings Description ----------- This command creates connection for IPPS REST API, retrieves list of sensitivity labels returning only ImmutableId and DisplayName properties, and shows any warnings returned by IPPS REST API #> param ( [Parameter(Mandatory)] [string] #Name of the command to execute $Name, [Parameter()] [hashtable] #Hashtable with parameters of the command $Parameters = @{}, [Parameter()] [string[]] #List of properties to return if not interested in full object $PropertiesToLoad, [Parameter()] [int] #Max retries when throttling occurs $MaxRetries = 10, [Parameter()] [int] #Max results to return #1000 is a minimum, and min increment is 1000 $ResultSize = [int]::MaxValue, [Parameter()] [int] #Max results to return in single request #Default is 100 $PageSize = 100, [switch] #If we want to write any warnings returned by EXO REST API $ShowWarnings, [switch] #If we want to remove odata type descriptor properties from the output $RemoveOdataProperties, [switch] #If we want to include rate limits reported by REST API to verbose output $ShowRateLimits, [Parameter()] #Connection context as returned by New-ExoConnection #When not specified, uses most recently created connection context $Connection = $script:ConnectionContext ) begin { $body = @{} if($PageSize -gt 1000) { $batchSize = 1000 } if($PageSize -le 0) { $batchSize = 100 } $batchSize = $pageSize $uri = $Connection.ConnectionUri if($PropertiesToLoad.Count -gt 0) { $props = $PropertiesToLoad -join ',' $uri = "$uri`?`$select=$props" } } process { $headers = @{} $headers['X-CmdletName'] = $Name $headers['Prefer'] = "odata.maxpagesize=$batchSize" $headers['connection-id'] = $Connection.connectionId $headers['X-AnchorMailbox'] = $Connection.anchorMailbox $headers['X-ClientApplication'] ='ExoHelper' #make sure that hashTable in parameters is properly decorated $keys = @() $Parameters.Keys | ForEach-Object { $keys += $_ } foreach($key in $Keys) { if($Parameters[$key] -is [hashtable]) { $Parameters[$key]['@odata.type'] = '#Exchange.GenericHashTable' } if($Parameters[$key] -is [System.Security.SecureString]) { $cred = new-object System.Net.NetworkCredential -ArgumentList @($null, $Parameters[$key]) $Parameters[$key] = EncryptValue -UnsecureString $cred.Password } } $body['CmdletInput'] = @{ CmdletName = $Name Parameters = $Parameters } $retries = 0 $resultsRetrieved = 0 $pageUri = $uri $shouldContinue = $true #to support ErrorAction = SilentlyContinue that does not throw do { try { #new request id for each request $headers['client-request-id'] = [Guid]::NewGuid().ToString() #provide up to date token for each request of commands returning paged results that may take long to complete $headers['Authorization'] = (Get-ExoToken -Connection $Connection).CreateAuthorizationHeader() $requestMessage = GetRequestMessage -Uri $pageUri -Headers $headers -Body ($body | ConvertTo-Json -Depth 9) $response = $Connection.HttpClient.SendAsync($requestMessage).GetAwaiter().GetResult() $requestMessage.Dispose() if($null -ne $response.Content -and $response.StatusCode -ne [System.Net.HttpStatusCode]::NoContent) { $payload = $response.Content.ReadAsStringAsync().GetAwaiter().GetResult() if($response.content.Headers.ContentType.MediaType -eq 'application/json') { try { $responseData = $Payload | ConvertFrom-Json } catch { Write-Warning "Received unexpected non-JSON response: $payload" $responseData = $payload } } else { Write-Warning "Received non-JSON response: $($response.content.Headers.ContentType.MediaType)" $responseData = $payload } } else { $responseData = $null } if($response.IsSuccessStatusCode) { if($null -ne $responseData) { if($responseData -is [string]) { #we did not receive JSON response - return it and finish $shouldContinue = $false $responseData } else { #we have parsed json response if($ShowWarnings -and $null -ne $responseData.'@adminapi.warnings') { foreach($warning in $responseData.'@adminapi.warnings') { Write-Warning $warning } } $resultsRetrieved+=$responseData.value.Count if($RemoveOdataProperties) { $responseData.value | RemoveExoOdataProperties } else { $responseData.value } Write-Verbose "$([DateTime]::UtcNow.ToString('o'))`tResults:$resultsRetrieved`tRequestId: $($headers['client-request-id'])`tUri: $pageUri" $pageUri = $responseData.'@odata.nextLink' } } } else { #request failed $ex = $null if($response.StatusCode -ne [System.Net.HttpStatusCode]::TooManyRequests) { $shouldContinue = $false $ex = $responseData | Get-ExoException -httpCode $response.StatusCode } else { if($retries -ge $MaxRetries) { $shouldContinue = $false $ex = New-Object ExoHelper.ExoException($response.StatusCode, 'ExoTooManyRequests', '', 'Max retry count for throttled request exceeded') } } if($null -ne $ex) { switch($ErrorActionPreference) { 'Stop' { throw $ex } 'Continue' { Write-Error -Exception $ex; return } default { return } } } #TooManyRequests --> let's wait and retry $retries++ switch($WarningPreference) { 'Continue' { Write-Warning "Retry #$retries" } 'SilentlyContinue' { Write-Verbose "Retry #$retries" } } #wait some time Start-Sleep -Seconds $retries } } catch { $shouldContinue = $false throw } finally { if($ShowRateLimits) { $val = $null if($response.Headers.TryGetValues('Rate-Limit-Remaining', [ref]$val)) { $rateLimitRemaining = $val if($response.Headers.TryGetValues('Rate-Limit-Reset', [ref]$val)) { $rateLimitReset = $val Write-Verbose "Rate limit remaining: $rateLimitRemaining`tRate limit reset: $rateLimitReset" } } } } }while($null -ne $pageUri -and ($resultsRetrieved -lt $ResultSize) -and $shouldContinue) } } function New-ExoConnection { <# .SYNOPSIS Initializes EXO connection .DESCRIPTION Initializes EXO connection .OUTPUTS None .EXAMPLE New-AadAuthenticationFactory -ClientId (Get-ExoDefaultClientId) -TenantId 'mydomain.onmicrosoft.com' -AuthMode Interactive New-ExoConnection -authenticationfactory $factory Description ----------- This command initializes connection to EXO REST API. It uses instance of AADAuthenticationFactory for authentication with EXO REST API .EXAMPLE New-AadAuthenticationFactory -ClientId (Get-ExoDefaultClientId) -TenantId 'mydomain.onmicrosoft.com' -AuthMode Interactive | New-ExoConnection -IPPS Description ----------- This command initializes connection to IPPS REST API. It uses instance of AADAuthenticationFactory for authentication with IPPS REST API passed via pipeline #> param ( [Parameter(Mandatory, ValueFromPipeline)] #AAD authentication factory created via New-AadAuthenticationFactory #for user context, user factory created with clientId = fb78d390-0c51-40cd-8e17-fdbfab77341b (clientId of ExchangeOnlineManagement module) or your app with appropriate scopes assigned $AuthenticationFactory, [Parameter()] #Tenant ID when not the same as specified for factory - tenant native domain (xxx.onmicrosoft.com, or tenant GUID) [string] $TenantId, [Parameter()] #UPN of anchor mailbox #Default: UPN of caller or static system mailbox (for app-only context) [string] $AnchorMailbox, [switch] #Connection is specialized to call IPPS commands #If not present, connection is specialized to call Exchange Online commands $IPPS ) process { $Connection = [PSCustomObject]@{ PSTypeName = "ExoHelper.Connection" AuthenticationFactory = $AuthenticationFactory ConnectionId = [Guid]::NewGuid().ToString() TenantId = $null AnchorMailbox = $null ConnectionUri = $null IsIPPS = $IPPS.IsPresent HttpClient = new-object System.Net.Http.HttpClient } #explicitly authenticate when establishing connection to catch any authentication problems early Get-ExoToken -Connection $Connection | Out-Null if([string]::IsNullOrEmpty($TenantId)) { $TenantId = $AuthenticationFactory.TenantId } if([string]::IsNullOrEmpty($TenantId)) { throw (new-object ExoHelper.ExoException([System.Net.HttpStatusCode]::BadRequest, 'ExoMissingTenantId', 'ExoInitializationError', 'TenantId is not specified and cannot be determined automatically - please specify TenantId parameter')) } $Connection.TenantId = $TenantId if($IPPS) { $Connection.ConnectionUri = "https://eur02b.ps.compliance.protection.outlook.com/adminapi/beta/$($Connection.TenantId)/InvokeCommand" } else { $Connection.ConnectionUri = "https://outlook.office365.com/adminapi/beta/$($Connection.TenantId)/InvokeCommand" } if([string]::IsNullOrEmpty($AnchorMailbox)) { if($null -ne $claims.upn) { #using caller's mailbox $Connection.AnchorMailbox = "UPN:$($claims.upn)" } else { #likely app-only context - use same static anchor mailbox as ExchangeOnlineManagement module uses $Connection.AnchorMailbox = "UPN:DiscoverySearchMailbox{D919BA05-46A6-415f-80AD-7E09334BB852}@$tenantId" } } else { $Connection.AnchorMailbox = "UPN:$AnchorMailbox" } $script:ConnectionContext = $Connection $script:ConnectionContext } } #endregion Public commands #region Internal commands #encrypts data using MS provided public key #key stored in module private data #MS rotates the key regularly; at least one version back is supported function EncryptValue { [CmdletBinding()] param( [Parameter(Mandatory, ValueFromPipeline)] [AllowEmptyString()] [AllowNull()] $UnsecureString, [Parameter()] [string]$Key = $script:PublicKey ) process { # Handling public key unavailability in client module for protection gracefully if ([string]::IsNullOrWhiteSpace($Key)) { # Error out if we are not in a position to protect the sensitive data before sending it over wire. throw 'Public key not loaded. Cannot encrypt sensitive data.'; } if (-not [string]::IsNullOrWhiteSpace($UnsecureString)) { $RSA = New-Object -TypeName System.Security.Cryptography.RSACryptoServiceProvider; $RSA.FromXmlString($Key); $bytes = [System.Text.Encoding]::UTF8.GetBytes($UnsecureString); $result = [byte[]]$RSA.Encrypt($bytes, $false); $RSA.Dispose(); $result = [System.Convert]::ToBase64String($result); return $result; } return $UnsecureString; } } function Get-ExoException { param ( [Parameter(Mandatory, ValueFromPipeline)] [object] $ErrorRecord, [Parameter()] $httpCode ) process { if($ErrorRecord -is [string]) { return new-object ExoHelper.ExoException -ArgumentList @($httpCode, 'ExoErrorWithPlainText', '', $ErrorRecord) } #structured error if($null -ne $errorRecord.error.details.message) { $message = $errorRecord.error.details.message $errorData = $message.split('|') if($errorData.count -eq 3) { return new-object ExoHelper.ExoException -ArgumentList @($httpCode, $errorData[0], $errorData[1], $errorData[2]) } else { return new-object ExoHelper.ExoException -ArgumentList @($httpCode, 'ExoErrorWithUnknownDetail', '', $message) } } if($null -ne $errorRecord.error.innerError.internalException) { return new-object ExoHelper.ExoException -ArgumentList @($httpCode, 'ExoErrorWithInternalException', $errorRecord.error.innerError.type, $errorRecord.error.innerError.internalException.Message) } if($null -ne $errorRecord.error) { return new-object ExoHelper.ExoException -ArgumentList @($httpCode, 'ExoErrorWithMissingDetail', '', "$($errorRecord.error)") } return new-object ExoHelper.ExoException -ArgumentList @($httpCode, 'ExoUnknownError', '', "$($errorRecord.error)") } } function GetRequestMessage { [CmdletBinding()] param ( [Parameter(Mandatory)] [string] $Uri, [Parameter()] [hashtable] $Headers, [Parameter()] [string] $Body ) begin { $ContentType = 'application/json' $Method = [System.Net.Http.HttpMethod]::Post } process { $request = [System.Net.Http.HttpRequestMessage]::new([System.Net.Http.HttpMethod]::$Method, (new-object System.Uri($Uri))) if($null -ne $Headers) { foreach($header in $Headers.Keys) { $request.Headers.TryAddWithoutValidation($header, $Headers[$header]) | Out-Null } } if($null -ne $Body) { $payload = ([System.Text.Encoding]::UTF8.GetBytes($Body)); $request.Content = [System.Net.Http.ByteArrayContent]::new($payload) $request.Content.headers.Add('Content-Encoding','utf-8') $request.Content.headers.Add('Content-Type','application/json') } $request.Method = $Method $request } } Function Init { param() process { #Add JIT compiled helpers. Load only if not loaded previously $referencedAssemblies=@() $helpers = 'ExoException', 'StringExtensions' foreach($helper in $helpers) { #compiled helpers are in ExoHelper namespace if($null -eq ("ExoHelper.$helper" -as [type])) { $helperDefinition = Get-Content "$PSScriptRoot\Helpers\$helper.cs" -Raw Add-Type -TypeDefinition $helperDefinition -ReferencedAssemblies $referencedAssemblies -WarningAction SilentlyContinue -IgnoreWarnings } } #refresh cached public key, if needed $PublicKeyConfig = $MyInvocation.MyCommand.Module.PrivateData.Configuration.ExoPublicKey $cacheFile = [System.IO.Path]::Combine($env:TEMP, $PublicKeyConfig.LocalFile) $needsRefresh = $false if(-not [System.IO.File]::Exists($cacheFile)) { $needsRefresh = $true } else { # local file exists $fileInfo = [System.IO.FileInfo]::new($cacheFile) if($fileInfo.LastWriteTime -lt (Get-Date).AddDays(-7)) { $needsRefresh = $true } } if($needsRefresh) { try { Invoke-WebRequest -Uri $PublicKeyConfig.Link -OutFile $cacheFile -ErrorAction Stop } catch { write-warning 'Local copy of public key file is ooutdated or does not exist and failed to download public key. Module may not work correctly.' $script:PublicKey = $null return } } $script:PublicKey = [System.IO.File]::ReadAllText($cacheFile) } } #removes odata type descriptor properties from the object function RemoveExoOdataProperties { [CmdletBinding()] param ( [Parameter(Mandatory, ValueFromPipeline)] [PSCustomObject] $Object ) begin { $propsToRemove = $null } process { if($null -eq $propsToRemove) { $propsToRemove = $Object.PSObject.Properties | Where-Object { $_.Name.IndexOf('@') -ge 0 } } foreach($prop in $propsToRemove) { $Object.PSObject.Properties.Remove($prop.Name) } $Object } } #endregion Internal commands #region Module initialization Init #endregion Module initialization # SIG # Begin signature block # MIIt9gYJKoZIhvcNAQcCoIIt5zCCLeMCAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCBX8aehToElCqZo # 1Qb4x7D0fWIDa4Z+KXwXS+xugCymraCCE2AwggWQMIIDeKADAgECAhAFmxtXno4h # MuI5B72nd3VcMA0GCSqGSIb3DQEBDAUAMGIxCzAJBgNVBAYTAlVTMRUwEwYDVQQK # EwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xITAfBgNV # BAMTGERpZ2lDZXJ0IFRydXN0ZWQgUm9vdCBHNDAeFw0xMzA4MDExMjAwMDBaFw0z # ODAxMTUxMjAwMDBaMGIxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJ # bmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xITAfBgNVBAMTGERpZ2lDZXJ0 # IFRydXN0ZWQgUm9vdCBHNDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB # AL/mkHNo3rvkXUo8MCIwaTPswqclLskhPfKK2FnC4SmnPVirdprNrnsbhA3EMB/z # G6Q4FutWxpdtHauyefLKEdLkX9YFPFIPUh/GnhWlfr6fqVcWWVVyr2iTcMKyunWZ # anMylNEQRBAu34LzB4TmdDttceItDBvuINXJIB1jKS3O7F5OyJP4IWGbNOsFxl7s # Wxq868nPzaw0QF+xembud8hIqGZXV59UWI4MK7dPpzDZVu7Ke13jrclPXuU15zHL # 2pNe3I6PgNq2kZhAkHnDeMe2scS1ahg4AxCN2NQ3pC4FfYj1gj4QkXCrVYJBMtfb # BHMqbpEBfCFM1LyuGwN1XXhm2ToxRJozQL8I11pJpMLmqaBn3aQnvKFPObURWBf3 # JFxGj2T3wWmIdph2PVldQnaHiZdpekjw4KISG2aadMreSx7nDmOu5tTvkpI6nj3c # AORFJYm2mkQZK37AlLTSYW3rM9nF30sEAMx9HJXDj/chsrIRt7t/8tWMcCxBYKqx # YxhElRp2Yn72gLD76GSmM9GJB+G9t+ZDpBi4pncB4Q+UDCEdslQpJYls5Q5SUUd0 # viastkF13nqsX40/ybzTQRESW+UQUOsxxcpyFiIJ33xMdT9j7CFfxCBRa2+xq4aL # T8LWRV+dIPyhHsXAj6KxfgommfXkaS+YHS312amyHeUbAgMBAAGjQjBAMA8GA1Ud # EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBTs1+OC0nFdZEzf # Lmc/57qYrhwPTzANBgkqhkiG9w0BAQwFAAOCAgEAu2HZfalsvhfEkRvDoaIAjeNk # aA9Wz3eucPn9mkqZucl4XAwMX+TmFClWCzZJXURj4K2clhhmGyMNPXnpbWvWVPjS # PMFDQK4dUPVS/JA7u5iZaWvHwaeoaKQn3J35J64whbn2Z006Po9ZOSJTROvIXQPK # 7VB6fWIhCoDIc2bRoAVgX+iltKevqPdtNZx8WorWojiZ83iL9E3SIAveBO6Mm0eB # cg3AFDLvMFkuruBx8lbkapdvklBtlo1oepqyNhR6BvIkuQkRUNcIsbiJeoQjYUIp # 5aPNoiBB19GcZNnqJqGLFNdMGbJQQXE9P01wI4YMStyB0swylIQNCAmXHE/A7msg # dDDS4Dk0EIUhFQEI6FUy3nFJ2SgXUE3mvk3RdazQyvtBuEOlqtPDBURPLDab4vri # RbgjU2wGb2dVf0a1TD9uKFp5JtKkqGKX0h7i7UqLvBv9R0oN32dmfrJbQdA75PQ7 # 9ARj6e/CVABRoIoqyc54zNXqhwQYs86vSYiv85KZtrPmYQ/ShQDnUBrkG5WdGaG5 # nLGbsQAe79APT0JsyQq87kP6OnGlyE0mpTX9iV28hWIdMtKgK1TtmlfB2/oQzxm3 # i0objwG2J5VT6LaJbVu8aNQj6ItRolb58KaAoNYes7wPD1N1KarqE3fk3oyBIa0H # EEcRrYc9B9F1vM/zZn4wggawMIIEmKADAgECAhAIrUCyYNKcTJ9ezam9k67ZMA0G # CSqGSIb3DQEBDAUAMGIxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJ # bmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xITAfBgNVBAMTGERpZ2lDZXJ0 # IFRydXN0ZWQgUm9vdCBHNDAeFw0yMTA0MjkwMDAwMDBaFw0zNjA0MjgyMzU5NTla # MGkxCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5EaWdpQ2VydCwgSW5jLjFBMD8GA1UE # AxM4RGlnaUNlcnQgVHJ1c3RlZCBHNCBDb2RlIFNpZ25pbmcgUlNBNDA5NiBTSEEz # ODQgMjAyMSBDQTEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDVtC9C # 0CiteLdd1TlZG7GIQvUzjOs9gZdwxbvEhSYwn6SOaNhc9es0JAfhS0/TeEP0F9ce # 2vnS1WcaUk8OoVf8iJnBkcyBAz5NcCRks43iCH00fUyAVxJrQ5qZ8sU7H/Lvy0da # E6ZMswEgJfMQ04uy+wjwiuCdCcBlp/qYgEk1hz1RGeiQIXhFLqGfLOEYwhrMxe6T # SXBCMo/7xuoc82VokaJNTIIRSFJo3hC9FFdd6BgTZcV/sk+FLEikVoQ11vkunKoA # FdE3/hoGlMJ8yOobMubKwvSnowMOdKWvObarYBLj6Na59zHh3K3kGKDYwSNHR7Oh # D26jq22YBoMbt2pnLdK9RBqSEIGPsDsJ18ebMlrC/2pgVItJwZPt4bRc4G/rJvmM # 1bL5OBDm6s6R9b7T+2+TYTRcvJNFKIM2KmYoX7BzzosmJQayg9Rc9hUZTO1i4F4z # 8ujo7AqnsAMrkbI2eb73rQgedaZlzLvjSFDzd5Ea/ttQokbIYViY9XwCFjyDKK05 # huzUtw1T0PhH5nUwjewwk3YUpltLXXRhTT8SkXbev1jLchApQfDVxW0mdmgRQRNY # mtwmKwH0iU1Z23jPgUo+QEdfyYFQc4UQIyFZYIpkVMHMIRroOBl8ZhzNeDhFMJlP # /2NPTLuqDQhTQXxYPUez+rbsjDIJAsxsPAxWEQIDAQABo4IBWTCCAVUwEgYDVR0T # AQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUaDfg67Y7+F8Rhvv+YXsIiGX0TkIwHwYD # VR0jBBgwFoAU7NfjgtJxXWRM3y5nP+e6mK4cD08wDgYDVR0PAQH/BAQDAgGGMBMG # A1UdJQQMMAoGCCsGAQUFBwMDMHcGCCsGAQUFBwEBBGswaTAkBggrBgEFBQcwAYYY # aHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEEGCCsGAQUFBzAChjVodHRwOi8vY2Fj # ZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRUcnVzdGVkUm9vdEc0LmNydDBDBgNV # HR8EPDA6MDigNqA0hjJodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRU # cnVzdGVkUm9vdEc0LmNybDAcBgNVHSAEFTATMAcGBWeBDAEDMAgGBmeBDAEEATAN # BgkqhkiG9w0BAQwFAAOCAgEAOiNEPY0Idu6PvDqZ01bgAhql+Eg08yy25nRm95Ry # sQDKr2wwJxMSnpBEn0v9nqN8JtU3vDpdSG2V1T9J9Ce7FoFFUP2cvbaF4HZ+N3HL # IvdaqpDP9ZNq4+sg0dVQeYiaiorBtr2hSBh+3NiAGhEZGM1hmYFW9snjdufE5Btf # Q/g+lP92OT2e1JnPSt0o618moZVYSNUa/tcnP/2Q0XaG3RywYFzzDaju4ImhvTnh # OE7abrs2nfvlIVNaw8rpavGiPttDuDPITzgUkpn13c5UbdldAhQfQDN8A+KVssIh # dXNSy0bYxDQcoqVLjc1vdjcshT8azibpGL6QB7BDf5WIIIJw8MzK7/0pNVwfiThV # 9zeKiwmhywvpMRr/LhlcOXHhvpynCgbWJme3kuZOX956rEnPLqR0kq3bPKSchh/j # wVYbKyP/j7XqiHtwa+aguv06P0WmxOgWkVKLQcBIhEuWTatEQOON8BUozu3xGFYH # Ki8QxAwIZDwzj64ojDzLj4gLDb879M4ee47vtevLt/B3E+bnKD+sEq6lLyJsQfmC # XBVmzGwOysWGw/YmMwwHS6DTBwJqakAwSEs0qFEgu60bhQjiWQ1tygVQK+pKHJ6l # /aCnHwZ05/LWUpD9r4VIIflXO7ScA+2GRfS0YW6/aOImYIbqyK+p/pQd52MbOoZW # eE4wggcUMIIE/KADAgECAhAP9xCe9qf4ax3LBs7uih/sMA0GCSqGSIb3DQEBCwUA # MGkxCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5EaWdpQ2VydCwgSW5jLjFBMD8GA1UE # AxM4RGlnaUNlcnQgVHJ1c3RlZCBHNCBDb2RlIFNpZ25pbmcgUlNBNDA5NiBTSEEz # ODQgMjAyMSBDQTEwHhcNMjMxMTA4MDAwMDAwWhcNMjYxMDAxMjM1OTU5WjCBnDET # MBEGCysGAQQBgjc8AgEDEwJDWjEdMBsGA1UEDwwUUHJpdmF0ZSBPcmdhbml6YXRp # b24xETAPBgNVBAUTCDA0OTIzNjkzMQswCQYDVQQGEwJDWjEOMAwGA1UEBxMFUHJh # aGExGjAYBgNVBAoTEUdyZXlDb3JiZWwgcy5yLm8uMRowGAYDVQQDExFHcmV5Q29y # YmVsIHMuci5vLjCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAJ8t/Qga # dJKtGC7EqH4pmIU73fInH+j1scmVnrJtXL8tGlKzWZ7qlWDWOJBR3owF9CVqL4IX # BGImH8Miowj6RKKqhEe9UtxiH5ipV6msnzAjTFkwqR9vjfEm9vrU1JuXWvAWAfYx # qYg92oyCEBDQxpURpZmqAVSBy9U/ScDwE4NykZGzb0oYSPtzStd8RJvtUkc4126w # YKMbVe/kdY1mDbKO9DLfpbSIj3vghrH6XeHwEb7/jAVYI7Vl+jUyyqfmYHD7FldQ # X2fZfwvoGSibY1uWvvP0/vm0yd6uDbDjCDOTQW8Lxl5wvlXEf5ewn2oaPSoa6ov3 # 1XmnxL5iT8c1LM06JFCwfHS9e0NSyNr86IiKaxQO9/MANrYciTicObtD3cBcSRDO # pEUfhc4TvA5DQZaakSduVJWPdMhxQs9iWeYMOzh5NDTB3xAx8eLBn7Uj++hjI3FQ # WGEPw4Ew6WoDsJShU0HemlDJGTPW9EZSWHGdNFr1BxXEPb4F7DbjJZn33QIDAQAB # o4ICAjCCAf4wHwYDVR0jBBgwFoAUaDfg67Y7+F8Rhvv+YXsIiGX0TkIwHQYDVR0O # BBYEFP2yViJvcgO05qXIH6aJSXB/QcEhMD0GA1UdIAQ2MDQwMgYFZ4EMAQMwKTAn # BggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMA4GA1UdDwEB # /wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzCBtQYDVR0fBIGtMIGqMFOgUaBP # hk1odHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRUcnVzdGVkRzRDb2Rl # U2lnbmluZ1JTQTQwOTZTSEEzODQyMDIxQ0ExLmNybDBToFGgT4ZNaHR0cDovL2Ny # bDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0VHJ1c3RlZEc0Q29kZVNpZ25pbmdSU0E0 # MDk2U0hBMzg0MjAyMUNBMS5jcmwwgZQGCCsGAQUFBwEBBIGHMIGEMCQGCCsGAQUF # BzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wXAYIKwYBBQUHMAKGUGh0dHA6 # Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFRydXN0ZWRHNENvZGVTaWdu # aW5nUlNBNDA5NlNIQTM4NDIwMjFDQTEuY3J0MAkGA1UdEwQCMAAwDQYJKoZIhvcN # AQELBQADggIBADCe9Fh40HN9RneCehz5MrBy4O9WYsYCMJ7qJ9DsBT+Hed98UOKB # k/XjgSLfsj5eZRHRmz3HzhGDK1PaRI+yIUVQx96a4qL7adktmrHex3fW39Iq+tPB # rHtiEIp9rwunATeZpk+876u0AXYD1VDRWCtkL8zwZU0oqL6U/mWEIXzkryCB5N3x # xtE54jMmW7MKi1+To4yQcrK3zQ394e2dr50L+aF2fgJ5mo1/YJvzyLLhigbqpoYG # U/gjZonhNJXUaYogpHSTgUaBRlIKZ5xCnrFfJlOsbkhex4QAcdkU6XC+XyYfEQka # 7ERwgxmEoRT3NlZ8/EbrQxJP4S1H8Z29M4D3L6rXNXXmv0IbfA9FQcqEco3Y3tRW # dgdcFEwJmYTo0mCZrYTJHgkKW8xDvQ5BJISAp/ydOX5tSa71ojx1/Kp7qizqjBN/ # W77jdqJ89N1y+N/SOiHOCH9NO5pDLsHpTWW/arvjZT0I8dVYkqK0V39rh95XELI+ # NwBZvV4AsKLirjrkZU3pwCz6O99VmPkBqp9TA5wl13NdTpDHuQ6QyVT7hbC8LF5p # z6x/xO/+tEGxG+1A31UTJPmkxhhUlR+NE3ZXiXhcG72CFHYUUvqwlThPkFYe4Ygf # j9ADmss08k0JhVU5rkbrC2h+549HPlFu/XOSIrps4SXzInjHPEYuBETzMYIZ7DCC # GegCAQEwfTBpMQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4x # QTA/BgNVBAMTOERpZ2lDZXJ0IFRydXN0ZWQgRzQgQ29kZSBTaWduaW5nIFJTQTQw # OTYgU0hBMzg0IDIwMjEgQ0ExAhAP9xCe9qf4ax3LBs7uih/sMA0GCWCGSAFlAwQC # AQUAoIGEMBgGCisGAQQBgjcCAQwxCjAIoAKAAKECgAAwGQYJKoZIhvcNAQkDMQwG # CisGAQQBgjcCAQQwHAYKKwYBBAGCNwIBCzEOMAwGCisGAQQBgjcCARUwLwYJKoZI # hvcNAQkEMSIEICXV4C4RVI22Ommxg4Of6D3zCu8s8Hi0uYPiHjSG2hPuMA0GCSqG # SIb3DQEBAQUABIIBgFjTx56EmFGQDimpC5uXJgLJS5f21iAXNvTfU69Cnqq7tBC3 # iLT9Yw/yEPEfAFh8UnDRQPT7B6tf6ES3l+oq/zdKEwdgQKNDiPlJUCh0KfHlAZ2T # jMAXJEKv3IjD+TwJr4FPaiWCWG58UTTzcJH50ZZGmfEaU9cNJI209N2fpP1tHOnl # Ww/cbR5+puRM9g6z9qAQtEMII8fWfPQ7xPKPv4DafAF2fcB0XXtaij8q9ZyL/sy5 # f8w2G57+A3NQeLDy2vOs7ouB+R7zAvErSYuKreJXhjFlTHQJPLHnKDS2y7zYald2 # J8I7k7xHxfmboCpFpYBnm3sZCFXSD+0ArDbV2B0gqgQZ713NzWkAjmABOZXH9aWs # AwIJJenbrmiRw/vzOD2RWIkJ2Xkf5GBmtgGlNj8vRF1GE85s7I5ekEGSPSVH+I/+ # ue0ihiMMemG+lPUDdFnQj+Lm2NdOR2AwCHEPYvE9E5S9q7o7EZoqYjTbdjzfA+A0 # kMHFtqinaXCqBbbSQqGCFzkwghc1BgorBgEEAYI3AwMBMYIXJTCCFyEGCSqGSIb3 # DQEHAqCCFxIwghcOAgEDMQ8wDQYJYIZIAWUDBAIBBQAwdwYLKoZIhvcNAQkQAQSg # aARmMGQCAQEGCWCGSAGG/WwHATAxMA0GCWCGSAFlAwQCAQUABCBF+LpvUifbI4Q1 # GvjST/4Zr+nD+fvaGPpwhzQEknSGkAIQE8YJ8JF0Mlcg5Qowwn8lGhgPMjAyNDEw # MTkwOTM5MjVaoIITAzCCBrwwggSkoAMCAQICEAuuZrxaun+Vh8b56QTjMwQwDQYJ # KoZIhvcNAQELBQAwYzELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDkRpZ2lDZXJ0LCBJ # bmMuMTswOQYDVQQDEzJEaWdpQ2VydCBUcnVzdGVkIEc0IFJTQTQwOTYgU0hBMjU2 # IFRpbWVTdGFtcGluZyBDQTAeFw0yNDA5MjYwMDAwMDBaFw0zNTExMjUyMzU5NTla # MEIxCzAJBgNVBAYTAlVTMREwDwYDVQQKEwhEaWdpQ2VydDEgMB4GA1UEAxMXRGln # aUNlcnQgVGltZXN0YW1wIDIwMjQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK # AoICAQC+anOf9pUhq5Ywultt5lmjtej9kR8YxIg7apnjpcH9CjAgQxK+CMR0Rne/ # i+utMeV5bUlYYSuuM4vQngvQepVHVzNLO9RDnEXvPghCaft0djvKKO+hDu6ObS7r # JcXa/UKvNminKQPTv/1+kBPgHGlP28mgmoCw/xi6FG9+Un1h4eN6zh926SxMe6We # 2r1Z6VFZj75MU/HNmtsgtFjKfITLutLWUdAoWle+jYZ49+wxGE1/UXjWfISDmHuI # 5e/6+NfQrxGFSKx+rDdNMsePW6FLrphfYtk/FLihp/feun0eV+pIF496OVh4R1Tv # jQYpAztJpVIfdNsEvxHofBf1BWkadc+Up0Th8EifkEEWdX4rA/FE1Q0rqViTbLVZ # Iqi6viEk3RIySho1XyHLIAOJfXG5PEppc3XYeBH7xa6VTZ3rOHNeiYnY+V4j1XbJ # +Z9dI8ZhqcaDHOoj5KGg4YuiYx3eYm33aebsyF6eD9MF5IDbPgjvwmnAalNEeJPv # IeoGJXaeBQjIK13SlnzODdLtuThALhGtyconcVuPI8AaiCaiJnfdzUcb3dWnqUnj # XkRFwLtsVAxFvGqsxUA2Jq/WTjbnNjIUzIs3ITVC6VBKAOlb2u29Vwgfta8b2ypi # 6n2PzP0nVepsFk8nlcuWfyZLzBaZ0MucEdeBiXL+nUOGhCjl+QIDAQABo4IBizCC # AYcwDgYDVR0PAQH/BAQDAgeAMAwGA1UdEwEB/wQCMAAwFgYDVR0lAQH/BAwwCgYI # KwYBBQUHAwgwIAYDVR0gBBkwFzAIBgZngQwBBAIwCwYJYIZIAYb9bAcBMB8GA1Ud # IwQYMBaAFLoW2W1NhS9zKXaaL3WMaiCPnshvMB0GA1UdDgQWBBSfVywDdw4oFZBm # pWNe7k+SH3agWzBaBgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsMy5kaWdpY2Vy # dC5jb20vRGlnaUNlcnRUcnVzdGVkRzRSU0E0MDk2U0hBMjU2VGltZVN0YW1waW5n # Q0EuY3JsMIGQBggrBgEFBQcBAQSBgzCBgDAkBggrBgEFBQcwAYYYaHR0cDovL29j # c3AuZGlnaWNlcnQuY29tMFgGCCsGAQUFBzAChkxodHRwOi8vY2FjZXJ0cy5kaWdp # Y2VydC5jb20vRGlnaUNlcnRUcnVzdGVkRzRSU0E0MDk2U0hBMjU2VGltZVN0YW1w # aW5nQ0EuY3J0MA0GCSqGSIb3DQEBCwUAA4ICAQA9rR4fdplb4ziEEkfZQ5H2Edub # Tggd0ShPz9Pce4FLJl6reNKLkZd5Y/vEIqFWKt4oKcKz7wZmXa5VgW9B76k9NJxU # l4JlKwyjUkKhk3aYx7D8vi2mpU1tKlY71AYXB8wTLrQeh83pXnWwwsxc1Mt+FWqz # 57yFq6laICtKjPICYYf/qgxACHTvypGHrC8k1TqCeHk6u4I/VBQC9VK7iSpU5wlW # jNlHlFFv/M93748YTeoXU/fFa9hWJQkuzG2+B7+bMDvmgF8VlJt1qQcl7YFUMYgZ # U1WM6nyw23vT6QSgwX5Pq2m0xQ2V6FJHu8z4LXe/371k5QrN9FQBhLLISZi2yemW # 0P8ZZfx4zvSWzVXpAb9k4Hpvpi6bUe8iK6WonUSV6yPlMwerwJZP/Gtbu3CKldMn # n+LmmRTkTXpFIEB06nXZrDwhCGED+8RsWQSIXZpuG4WLFQOhtloDRWGoCwwc6ZpP # ddOFkM2LlTbMcqFSzm4cd0boGhBq7vkqI1uHRz6Fq1IX7TaRQuR+0BGOzISkcqwX # u7nMpFu3mgrlgbAW+BzikRVQ3K2YHcGkiKjA4gi4OA/kz1YCsdhIBHXqBzR0/Zd2 # QwQ/l4Gxftt/8wY3grcc/nS//TVkej9nmUYu83BDtccHHXKibMs/yXHhDXNkoPId # ynhVAku7aRZOwqw6pDCCBq4wggSWoAMCAQICEAc2N7ckVHzYR6z9KGYqXlswDQYJ # KoZIhvcNAQELBQAwYjELMAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IElu # YzEZMBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTEhMB8GA1UEAxMYRGlnaUNlcnQg # VHJ1c3RlZCBSb290IEc0MB4XDTIyMDMyMzAwMDAwMFoXDTM3MDMyMjIzNTk1OVow # YzELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDkRpZ2lDZXJ0LCBJbmMuMTswOQYDVQQD # EzJEaWdpQ2VydCBUcnVzdGVkIEc0IFJTQTQwOTYgU0hBMjU2IFRpbWVTdGFtcGlu # ZyBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMaGNQZJs8E9cklR # VcclA8TykTepl1Gh1tKD0Z5Mom2gsMyD+Vr2EaFEFUJfpIjzaPp985yJC3+dH54P # Mx9QEwsmc5Zt+FeoAn39Q7SE2hHxc7Gz7iuAhIoiGN/r2j3EF3+rGSs+QtxnjupR # PfDWVtTnKC3r07G1decfBmWNlCnT2exp39mQh0YAe9tEQYncfGpXevA3eZ9drMvo # hGS0UvJ2R/dhgxndX7RUCyFobjchu0CsX7LeSn3O9TkSZ+8OpWNs5KbFHc02DVzV # 5huowWR0QKfAcsW6Th+xtVhNef7Xj3OTrCw54qVI1vCwMROpVymWJy71h6aPTnYV # VSZwmCZ/oBpHIEPjQ2OAe3VuJyWQmDo4EbP29p7mO1vsgd4iFNmCKseSv6De4z6i # c/rnH1pslPJSlRErWHRAKKtzQ87fSqEcazjFKfPKqpZzQmiftkaznTqj1QPgv/Ci # PMpC3BhIfxQ0z9JMq++bPf4OuGQq+nUoJEHtQr8FnGZJUlD0UfM2SU2LINIsVzV5 # K6jzRWC8I41Y99xh3pP+OcD5sjClTNfpmEpYPtMDiP6zj9NeS3YSUZPJjAw7W4oi # qMEmCPkUEBIDfV8ju2TjY+Cm4T72wnSyPx4JduyrXUZ14mCjWAkBKAAOhFTuzuld # yF4wEr1GnrXTdrnSDmuZDNIztM2xAgMBAAGjggFdMIIBWTASBgNVHRMBAf8ECDAG # AQH/AgEAMB0GA1UdDgQWBBS6FtltTYUvcyl2mi91jGogj57IbzAfBgNVHSMEGDAW # gBTs1+OC0nFdZEzfLmc/57qYrhwPTzAOBgNVHQ8BAf8EBAMCAYYwEwYDVR0lBAww # CgYIKwYBBQUHAwgwdwYIKwYBBQUHAQEEazBpMCQGCCsGAQUFBzABhhhodHRwOi8v # b2NzcC5kaWdpY2VydC5jb20wQQYIKwYBBQUHMAKGNWh0dHA6Ly9jYWNlcnRzLmRp # Z2ljZXJ0LmNvbS9EaWdpQ2VydFRydXN0ZWRSb290RzQuY3J0MEMGA1UdHwQ8MDow # OKA2oDSGMmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFRydXN0ZWRS # b290RzQuY3JsMCAGA1UdIAQZMBcwCAYGZ4EMAQQCMAsGCWCGSAGG/WwHATANBgkq # hkiG9w0BAQsFAAOCAgEAfVmOwJO2b5ipRCIBfmbW2CFC4bAYLhBNE88wU86/GPvH # UF3iSyn7cIoNqilp/GnBzx0H6T5gyNgL5Vxb122H+oQgJTQxZ822EpZvxFBMYh0M # CIKoFr2pVs8Vc40BIiXOlWk/R3f7cnQU1/+rT4osequFzUNf7WC2qk+RZp4snuCK # rOX9jLxkJodskr2dfNBwCnzvqLx1T7pa96kQsl3p/yhUifDVinF2ZdrM8HKjI/rA # J4JErpknG6skHibBt94q6/aesXmZgaNWhqsKRcnfxI2g55j7+6adcq/Ex8HBanHZ # xhOACcS2n82HhyS7T6NJuXdmkfFynOlLAlKnN36TU6w7HQhJD5TNOXrd/yVjmScs # PT9rp/Fmw0HNT7ZAmyEhQNC3EyTN3B14OuSereU0cZLXJmvkOHOrpgFPvT87eK1M # rfvElXvtCl8zOYdBeHo46Zzh3SP9HSjTx/no8Zhf+yvYfvJGnXUsHicsJttvFXse # GYs2uJPU5vIXmVnKcPA3v5gA3yAWTyf7YGcWoWa63VXAOimGsJigK+2VQbc61RWY # MbRiCQ8KvYHZE/6/pNHzV9m8BPqC3jLfBInwAM1dwvnQI38AC+R2AibZ8GV2QqYp # hwlHK+Z/GqSFD/yYlvZVVCsfgPrA8g4r5db7qS9EFUrnEw4d2zc4GqEr9u3WfPww # ggWNMIIEdaADAgECAhAOmxiO+dAt5+/bUOIIQBhaMA0GCSqGSIb3DQEBDAUAMGUx # CzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3 # dy5kaWdpY2VydC5jb20xJDAiBgNVBAMTG0RpZ2lDZXJ0IEFzc3VyZWQgSUQgUm9v # dCBDQTAeFw0yMjA4MDEwMDAwMDBaFw0zMTExMDkyMzU5NTlaMGIxCzAJBgNVBAYT # AlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2Vy # dC5jb20xITAfBgNVBAMTGERpZ2lDZXJ0IFRydXN0ZWQgUm9vdCBHNDCCAiIwDQYJ # KoZIhvcNAQEBBQADggIPADCCAgoCggIBAL/mkHNo3rvkXUo8MCIwaTPswqclLskh # PfKK2FnC4SmnPVirdprNrnsbhA3EMB/zG6Q4FutWxpdtHauyefLKEdLkX9YFPFIP # Uh/GnhWlfr6fqVcWWVVyr2iTcMKyunWZanMylNEQRBAu34LzB4TmdDttceItDBvu # INXJIB1jKS3O7F5OyJP4IWGbNOsFxl7sWxq868nPzaw0QF+xembud8hIqGZXV59U # WI4MK7dPpzDZVu7Ke13jrclPXuU15zHL2pNe3I6PgNq2kZhAkHnDeMe2scS1ahg4 # AxCN2NQ3pC4FfYj1gj4QkXCrVYJBMtfbBHMqbpEBfCFM1LyuGwN1XXhm2ToxRJoz # QL8I11pJpMLmqaBn3aQnvKFPObURWBf3JFxGj2T3wWmIdph2PVldQnaHiZdpekjw # 4KISG2aadMreSx7nDmOu5tTvkpI6nj3cAORFJYm2mkQZK37AlLTSYW3rM9nF30sE # AMx9HJXDj/chsrIRt7t/8tWMcCxBYKqxYxhElRp2Yn72gLD76GSmM9GJB+G9t+ZD # pBi4pncB4Q+UDCEdslQpJYls5Q5SUUd0viastkF13nqsX40/ybzTQRESW+UQUOsx # xcpyFiIJ33xMdT9j7CFfxCBRa2+xq4aLT8LWRV+dIPyhHsXAj6KxfgommfXkaS+Y # HS312amyHeUbAgMBAAGjggE6MIIBNjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQW # BBTs1+OC0nFdZEzfLmc/57qYrhwPTzAfBgNVHSMEGDAWgBRF66Kv9JLLgjEtUYun # pyGd823IDzAOBgNVHQ8BAf8EBAMCAYYweQYIKwYBBQUHAQEEbTBrMCQGCCsGAQUF # BzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wQwYIKwYBBQUHMAKGN2h0dHA6 # Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFzc3VyZWRJRFJvb3RDQS5j # cnQwRQYDVR0fBD4wPDA6oDigNoY0aHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0Rp # Z2lDZXJ0QXNzdXJlZElEUm9vdENBLmNybDARBgNVHSAECjAIMAYGBFUdIAAwDQYJ # KoZIhvcNAQEMBQADggEBAHCgv0NcVec4X6CjdBs9thbX979XB72arKGHLOyFXqka # uyL4hxppVCLtpIh3bb0aFPQTSnovLbc47/T/gLn4offyct4kvFIDyE7QKt76LVbP # +fT3rDB6mouyXtTP0UNEm0Mh65ZyoUi0mcudT6cGAxN3J0TU53/oWajwvy8Lpuny # NDzs9wPHh6jSTEAZNUZqaVSwuKFWjuyk1T3osdz9HNj0d1pcVIxv76FQPfx2CWiE # n2/K2yCNNWAcAgPLILCsWKAOQGPFmCLBsln1VWvPJ6tsds5vIy30fnFqI2si/xK4 # VC0nftg62fC2h5b9W9FcrBjDTZ9ztwGpn1eqXijiuZQxggN2MIIDcgIBATB3MGMx # CzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5EaWdpQ2VydCwgSW5jLjE7MDkGA1UEAxMy # RGlnaUNlcnQgVHJ1c3RlZCBHNCBSU0E0MDk2IFNIQTI1NiBUaW1lU3RhbXBpbmcg # Q0ECEAuuZrxaun+Vh8b56QTjMwQwDQYJYIZIAWUDBAIBBQCggdEwGgYJKoZIhvcN # AQkDMQ0GCyqGSIb3DQEJEAEEMBwGCSqGSIb3DQEJBTEPFw0yNDEwMTkwOTM5MjVa # MCsGCyqGSIb3DQEJEAIMMRwwGjAYMBYEFNvThe5i29I+e+T2cUhQhyTVhltFMC8G # CSqGSIb3DQEJBDEiBCAD4IrTkv1q9wt1tErjwp6bsmcWb6t1RswCmML6ChaZPTA3 # BgsqhkiG9w0BCRACLzEoMCYwJDAiBCB2dp+o8mMvH0MLOiMwrtZWdf7Xc9sF1mW5 # BZOYQ4+a2zANBgkqhkiG9w0BAQEFAASCAgB2uCnCu5/HxphdVL0wa0KBnAN2sGdG # SSKtNbEPxaCVz1Ng3PwW+W82RFkKHAPkxbMq2kBQArcTtCXnOjayjITeG3qzcZYd # V4q8OfWGphkH1vxX4BH1e7eTqmE+OG553ED7jezNxWbWPaZw1a2kGa+6AHPskP5c # 2sPLWSSCIQ1VGyZXOg7s+G53jykM4aA2FmkaZRT9WQHCu+Bp+cd0zhyMFealLylT # fMM8Fb1t61zU4mKqHri1hAN1tqQCyF9RJO/tSaXZDqXye/AYrk0eDDCA+n174nU/ # 5SjYMT7NPKWgoGOeuE3aZK0joxTjvrPal0lA0rzd68Sj5tL8p1OXQcC1kMXtdM1S # mf/q4AGZnSowKeXnrm93bA/K9dOYEnuvj+S0NaKcaxx+ZreuDHCbvTHxBfNCpftV # iffLSRdCGDFi47cCHy1Gnyu8M5QuWeL04FyHYh7U9gs5tPQAxbmkVbDRhxTsYmu2 # yVVb3YFpCLMAViKM6Vl/Jz53eX6bApwtUy5m7V+0iEsi6COeq19EmASv95roVn0a # y1h6YlG6nUUkH7nrNfWGJc3Hbet9wVt8F3MxvUmlpMnBYtRArS1BxEFHQcP/6CUQ # ESBQ4ikAS7mmeLfzenC/ey+8rcn3sVtUS0KWAhOmkgTtBzPw5axP2UBt5Kap984c # TfUM8yxwM6jnjw== # SIG # End signature block |