Skip to content

Instantly share code, notes, and snippets.

@leechristensen

leechristensen/Find-MisconfiguredCertificateTemplates.ps1

Last active November 15, 2024 19:12
Show Gist options
  • Save leechristensen/a436013f0b407b9c39d55b939b02d232 to your computer and use it in GitHub Desktop.
Save leechristensen/a436013f0b407b9c39d55b939b02d232 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
Find-MisconfiguredCertificateTemplates.ps1
<#
Author: Lee Christensen (@tifkin_)
License: BSD 3-Clause
Required Dependencies: None
Usage Example:
1. On a Linux or OS X machine with ldapsearch installed, run the following replacing "DC=domain,DC=local" with the DN of the organization's domain:
ldapsearch -o ldif-wrap=no -h dc.domain.local -p 389 -D '[email protected]' -w P@ssw0rd -E 'pr=1000/noprompt' -E '!1.2.840.113556.1.4.801=::MAMCAQc=' -b 'CN=Public Key Services,CN=Services,CN=Configuration,DC=domain,DC=local' > ldap_dump.txt
2. Transfer ldap_dump.txt to a Windows machine
3. Open powershell.exe and import this script with the following command:
PS C:\> Import-Module C:\path\to\Find-MisconfiguredCertificateTemplates.ps1
4. Run this script, supplying the path to the ldap dump.
This script will display certificate templates where an EKU enables authentication, approval is disabled, the ENROLLE_SUPPLIES_SUBJECT flag is enabled.
PS C:\> Find-MisconfiguredCertificateTemplates -Path C:\path\to\ldap_dump.txt
5. Alternatively, run this script hiding permissions granted to any Active Directory admins. This is useful since those users likely are not a misconfiguration.
PS C:\> Find-MisconfiguredCertificateTemplates -Path C:\path\to\ldap_dump.txt -IgnoreADAdmins
#>
$PSTypes = Add-Type -PassThru -TypeDefinition @"
using System;
[Flags]
public enum msPKICertificateNameFlag : uint
{
ENROLLEE_SUPPLIES_SUBJECT = 0x00000001,
ENROLLEE_SUPPLIES_SUBJECT_ALT_NAME = 0x00010000,
SUBJECT_ALT_REQUIRE_DOMAIN_DNS = 0x00400000,
SUBJECT_ALT_REQUIRE_DIRECTORY_GUID = 0x01000000,
SUBJECT_ALT_REQUIRE_UPN = 0x02000000,
SUBJECT_ALT_REQUIRE_EMAIL = 0x04000000,
SUBJECT_ALT_REQUIRE_DNS = 0x08000000,
SUBJECT_REQUIRE_DNS_AS_CN = 0x10000000,
SUBJECT_REQUIRE_EMAIL = 0x20000000,
SUBJECT_REQUIRE_COMMON_NAME = 0x40000000,
SUBJECT_REQUIRE_DIRECTORY_PATH = 0x80000000,
OLD_CERT_SUPPLIES_SUBJECT_AND_ALT_NAME = 0x00000008,
CT_FLAG_SUBJECT_ALT_REQUIRE_SPN = 0x800000
}
[Flags]
public enum msPKIEnrollmentFlag : uint
{
NONE = 0x00000000,
INCLUDE_SYMMETRIC_ALGORITHMS = 0x00000001,
PEND_ALL_REQUESTS = 0x00000002,
PUBLISH_TO_KRA_CONTAINER = 0x00000004,
PUBLISH_TO_DS = 0x00000008,
ENROLLMENT_CHECK_USER_DS_CERTIFICATE = 0x00000010,
AUTO_ENROLLMENT = 0x00000020,
PREVIOUS_APPROVAL_VALIDATE_REENROLLMENT = 0x00000040,
USER_INTERACTION_REQUIRED = 0x00000100,
REMOVE_INVALID_CERTIFICATE_FROM_PERSONAL_STORE = 0x00000400,
ALLOW_ENROLL_ON_BEHALF_OF = 0x00000800,
ADD_OCSP_NOCHECK = 0x00001000,
ENABLE_KEY_REUSE_ON_NT_TOKEN_KEYSET_STORAGE_FULL = 0x00002000,
NOREVOCATIONINFOINISSUEDCERTS = 0x00004000,
INCLUDE_BASIC_CONSTRAINTS_FOR_EE_CERTS = 0x00008000,
ALLOW_PREVIOUS_APPROVAL_KEYBASEDRENEWAL_VALIDATE_REENROLLMENT = 0x00010000,
ISSUANCE_POLICIES_FROM_REQUEST = 0x00020000
}
"@
# Load the Zetetic.Ldap Assembly: https://www.nuget.org/packages/Zetetic.Ldap/
$bytes = [Convert]::FromBase64String('TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4gRE9TIG1vZGUuDQ0KJAAAAAAAAABQRQAATAEDADUIck8AAAAAAAAAAOAAAiELAQgAAMgAAAAGAAAAAAAAfuYAAAAgAAAAAAEAAABAAAAgAAAAAgAABAAAAAAAAAAEAAAAAAAAAABAAQAAAgAAFNkAAAMAQIUAABAAABAAAAAAEAAAEAAAAAAAABAAAAAAAAAAAAAAADDmAABLAAAAAAABAHgDAAAAAAAAAAAAAAAAAAAAAAAAACABAAwAAADA5QAAHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAAAAAAAAAAAAAAACCAAAEgAAAAAAAAAAAAAAC50ZXh0AAAAhMYAAAAgAAAAyAAAAAIAAAAAAAAAAAAAAAAAACAAAGAucnNyYwAAAHgDAAAAAAEAAAQAAADKAAAAAAAAAAAAAAAAAABAAABALnJlbG9jAAAMAAAAACABAAACAAAAzgAAAAAAAAAAAAAAAAAAQAAAQgAAAAAAAAAAAAAAAAAAAABg5gAAAAAAAEgAAAACAAUAiGYAADh/AAAJAAAAAAAAAAAAAAAAAAAAUCAAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAPtEBaS6LJj1q9nJTM5/dZ8BVbPN5LDJJ6VT1w3VDBdBaDXdYLStuzvIbGP19Jjo2pVD3pvUKroO+za90snRrk60JKAAr3T+uB6xXHG04zN60XSrvJRFmHu+dNLasiAV5wxhjyRZfLA/ODPTgJxzhj1oUpCpruCFomLHKVSUh5zgJvEgAACgNvEwAACiwjAm8SAAAKA28UAAAK0DsAAAEoFQAACm8WAAAKdAQAABsWmioUKhswAwB6AAAAAQAAEdAaAAACKBUAAApzFwAACgsDcxgAAAoMBwhvGQAACnQaAAACCt4KCCwGCG8aAAAK3AZ7YgAABG8bAAAKEwQrIRIEKBwAAAoNAnsNAAAEEgN7YwAABBIDe2QAAARvHQAAChIEKB4AAAot1t4OEgT+FgYAABtvGgAACtwqAAABHAAAAgAXAA8mAAoAAAAAAgA9AC5rAA4AAAAAEzAEAHEBAAACAAARAygfAAAKLBByAQAAcHI3AABwcyAAAAp6AyUKOSQBAAD+E35zAAAEOq4AAAAfDXMiAAAKJXJLAABwFigjAAAKJXJbAABwFygjAAAKJXJtAABwGCgjAAAKJXJ/AABwGSgjAAAKJXKPAABwGigjAAAKJXKhAABwGygjAAAKJXKxAABwHCgjAAAKJXLBAABwHSgjAAAKJXLTAABwHigjAAAKJXLjAABwHwkoIwAACiVy8wAAcB8KKCMAAAolcgMBAHAfCygjAAAKJXITAQBwHwwoIwAACv4TgHMAAAT+E35zAAAEBhIBKCQAAAosWQdFDQAAAAIAAAACAAAABAAAAAcAAAAJAAAADAAAAA8AAAASAAAAFAAAABcAAAAZAAAAGwAAAB0AAAArHRYqHw0qHCofCyofCSofCioeKh8MKh0qGCobKhcqAnsNAAAEA28lAAAKLA0Cew0AAAQDbyYAAAoqfgoAAARyIwEAcANvJwAAChYqAAAAEzACADwAAAADAAARKC4AAApvLwAACgJ7dwAABDMVAnt2AAAEH/4zCwIWfXYAAAQCCisTFnPxAAAGCgYCe3gAAAR9eAAABAYqHgIo6gAABiobMAIAlQAAAAQAABECe3YAAAQLB0UDAAAAAgAAAG8AAABVAAAAK20CFX12AAAEAgJ7eAAABHsLAAAEbzAAAApvMQAACn16AAAEAhd9dgAABCsvAgJ8egAABCgyAAAKfXkAAAQCAnt5AAAEfXUAAAQCGH12AAAEFwreJQIXfXYAAAQCfHoAAAQoMwAACi3EAijyAAAGFgreBwIo7wAABtwGKgAAAAEQAAAEAAAAjIwABwAAAAAeAnt1AAAEKhpzNAAACnoAGzACACIAAAAFAAARAnt2AAAECgYXWUUCAAAAAQAAAAEAAAAq3gcCKPIAAAbcKgAAARAAAAIAGAACGgAHAAAAAB4Ce3UAAAQqegIoNQAACgIDfXYAAAQCKC4AAApvLwAACn13AAAEKmYCFX12AAAEAnx6AAAE/hYNAAAbbxoAAAoqAAAAEzACABEAAAADAAARH/5z8QAABgoGAn14AAAEBioAAAATMAIAPAAAAAYAABEoLgAACm8vAAAKAnt9AAAEMxUCe3wAAAQf/jMLAhZ9fAAABAIKKxMWc/oAAAYKBgJ7fgAABH1+AAAEBioeAijzAAAGKhswAgCVAAAABAAAEQJ7fAAABAsHRQMAAAACAAAAbwAAAFUAAAArbQIVfXwAAAQCAnt+AAAEewwAAARvOAAACm85AAAKfYAAAAQCF318AAAEKy8CAnyAAAAEKDoAAAp9fwAABAICe38AAAR9ewAABAIYfXwAAAQXCt4lAhd9fAAABAJ8gAAABCg7AAAKLcQCKPsAAAYWCt4HAij4AAAG3AYqAAAAARAAAAQAAACMjAAHAAAAAB4Ce3sAAAQqGnM0AAAKegAbMAIAIgAAAAUAABECe3wAAAQKBhdZRQIAAAABAAAAAQAAACreBwIo+wAABtwqAAABEAAAAgAYAAIaAAcAAAAAHgJ7ewAABCp6Aig1AAAKAgN9fAAABAIoLgAACm8vAAAKfX0AAAQqZgIVfXwAAAQCfIAAAAT+FhIAABtvGgAACioAAAATMAIAEQAAAAYAABEf/nP6AAAGCgYCfX4AAAQGKv4DKB8AAAosEHJ5AQBwctEBAHBzIAAACnoCewsAAAQDbzwAAApvPQAACiwSAnsLAAAEA288AAAKbz4AAAoqFCoAAAAbMAMAfAAAAAcAABEDKB8AAAosEHLjAQBwctEBAHBzIAAACnoCewwAAAQDbzwAAApvPwAACiwSAnsMAAAEA288AAAKb0AAAAoqAigMAAAGbzYAAAoMKxkIbzcAAAoKBm/SAAAGAyhBAAAKLAQGC94WCG8pAAAKLd/eCggsBghvGgAACtwUKgcqARAAAAIASQAlbgAKAAAAABMwBAA8AgAACAAAEQIEKA0AAAYKBi0Rcj8CAHAEKEIAAApzQwAACnpzRAAACgsDbxIAAAoEbxMAAAo5AgIAAAZvXAAABhMIEQhFDgAAAJoBAACaAQAAmgEAAJoBAACaAQAAgQAAAJoBAACaAQAABQAAAJoBAACaAQAAdwEAANQAAAAnAQAAOJUBAAADbxIAAAoEbxQAAArQOwAAASgVAAAKbxYAAAoTCRYTCitNEQkRCpp0OwAAAQwIcmUCAHBybQIAcG9FAAAKDQkXjTsAAAETCxELFnJvAgBwohELFB9AKEYAAAoTBAcRBIwmAAABb0cAAAoRChdYEwoRChEJjmkyqzg6AQAAA28SAAAKBG8UAAAK0DsAAAEoFQAACm8WAAAKEwwWEw0rJBEMEQ2adDsAAAETBQcRBShIAAAKjEoAAAFvRwAAChENF1gTDRENEQyOaTLUOOcAAAADbxIAAAoEbxQAAArQOwAAASgVAAAKbxYAAAoTDhYTDyskEQ4RD5p0OwAAARMGBxEGKEkAAAqMSwAAAW9HAAAKEQ8XWBMPEQ8RDo5pMtQ4lAAAAANvEgAACgRvFAAACtA7AAABKBUAAApvFgAAChMQFhMRKyQREBERmnQ7AAABEwcHEQcoSgAACoxMAAABb0cAAAoRERdYExEREREQjmky1CtEBwNvEgAACgRvFAAACtAUAAAbKBUAAApvFgAACm9LAAAKKyEHA28SAAAKBG8UAAAK0DsAAAEoFQAACm8WAAAKb0sAAAoHc0wAAAoqLihNAAAKgAoAAAQqogJzTgAACn0LAAAEAnNPAAAKfQwAAAQCc1AAAAp9DQAABAIoNQAACioeAigQAAAGKgAAABMwAgAtAAAACQAAEQMlCiwgBnKNAgBwKEEAAAotDwZynwIAcChBAAAKLQQrBBoqGSoCAygKAAAGKgAAABswBACDAgAACgAAEQIEKA0AAAYKBi0Rcj8CAHAEKEIAAApzQwAACnpzRAAACgsEb1EAAAolEwg5jQEAAP4TfnQAAAQtYR1zIgAACiVysQIAcBYoIwAACiVyxwIAcBcoIwAACiVy5QIAcBgoIwAACiVyBQMAcBkoIwAACiVyHQMAcBooIwAACiVyQwMAcBsoIwAACiVyVwMAcBwoIwAACv4TgHQAAAT+E350AAAEEQgSCSgkAAAKOQ4BAAARCUUHAAAABQAAAAUAAAAFAAAABQAAAAUAAAAFAAAAmAAAADjmAAAAA28SAAAKBG8UAAAK0DsAAAEoFQAACm8WAAAKEwoWEwsrZBEKEQuadDsAAAEMCChKAAAKDQkWai4MCSH/////////fzMNB3JtAwBwb0cAAAorLgcJKFIAAAqMJgAAAW9HAAAK3hsTBH4OAAAEcnkDAHAIEQRvUwAACm9UAAAK3gARCxdYEwsRCxEKjmkylDgSAQAAA28SAAAKBG8UAAAK0BQAABsoFQAACm8WAAAKEwwWEw0rJBEMEQ2adBQAABsTBQcRBXNVAAAKjE4AAAFvRwAAChENF1gTDRENEQyOaTLUOL8AAAAGb1wAAAYTDhEOGVlFAgAAAFEAAAAFAAAAOJgAAAADbxIAAAoEbxQAAArQFAAAGygVAAAKbxYAAAoTDxYTECsgEQ8REJp0FAAAGxMGBxEGFnNWAAAKb0cAAAoREBdYExAREBEPjmky2CtVA28SAAAKBG8UAAAK0BQAABsoFQAACm8WAAAKExEWExIrIBERERKadBQAABsTBwcRBxZzVwAACm9HAAAKERIXWBMSERIREY5pMtgrCQIDBCgPAAAGKgdzTAAACioAARAAAAAAKQETPAEbBgAAARswBwC7BAAACwAAEXJtAgBwFBYXjTsAAAETERERFnLFAwBwohERc1gAAAoKAwZvWQAACnQcAAABCwdvWgAAChZvWwAACnLFAwBwKAgAAAYMG407AAABExIREhZy7QMAcKIREhdyDQQAcKIREhhyKwQAcKIREhlySwQAcKIREhpyYwQAcKIREg1zfwAABhMQERAWb3QAAAYREANvdgAABhEQCW9yAAAGERByewQAcG9sAAAGERAIb3AAAAYREBMEEQRvhwAABm9cAAAKExM49gAAABETb10AAAoTBREFCRaaKAgAAAYTBgJ7CwAABBEGbzwAAApzYQAABhMHEQcRBm9ZAAAGEQdyvQQAcBEFCReaKAgAAAZvXgAAChb+AW9XAAAGEQcCEQUJGJooCAAABm8KAAAGb10AAAYRBxEFCRmaKAgAAAZvWwAABhEHEQUJGpooCAAABiUtBiZyxwQAcChfAAAKb18AAAYRB29gAAAK3lYTCH4OAAAEHI07AAABExQRFBZyywQAcKIRFBcRBqIRFBhy8wQAcKIRFBkRBW9hAAAKohEUGnIDBQBwohEUGxEIb1MAAAqiERQoYgAAChEIb2MAAAreABETbykAAAo6/v7//94MERMsBxETbxoAAArcHo07AAABExURFRZy7QMAcKIRFRdyJQUAcKIRFRhyPQUAcKIRFRlyYQUAcKIRFRpydwUAcKIRFRtymQUAcKIRFRxywQUAcKIRFR1y1wUAcKIRFQ0RBAlvcgAABhEEcusFAHBvbAAABhEEb4cAAAZvXAAAChMWOFACAAARFm9dAAAKEwlz3QAABhMKEQoRCQkWmigIAAAGb9UAAAYRChEJCRyaKAgAAAZv0QAABhEKEQkJHZooCAAABm/TAAAGGI07AAABExcRFxYJF5qiERcXCRiaohEXExgWExkrdBEYERmaEwsRCW8SAAAKEQtvEwAACixXEQlvEgAAChELbxQAAArQOwAAASgVAAAKbxYAAAoTGhYTGysrERoRG5p0OwAAARMMEQoCewsAAAQRDG88AAAKbz4AAApv2gAABhEbF1gTGxEbERqOaTLNERkXWBMZERkRGI5pMoQYjTsAAAETHBEcFgkZmqIRHBcJGpqiERwTHRYTHit0ER0RHpoTDREJbxIAAAoRDW8TAAAKLFcRCW8SAAAKEQ1vFAAACtA7AAABKBUAAApvFgAAChMfFhMgKysRHxEgmnQ7AAABEw4RCgJ7CwAABBEObzwAAApvPgAACm/bAAAGESAXWBMgESARH45pMs0RHhdYEx4RHhEdjmkyhBEJCRuaKAgAAAYlEyEsShEhciUGAHAoQQAACi0eESFyKQYAcChBAAAKLRoRIXItBgBwKEEAAAotFiseEQoWb9cAAAYrHBEKGG/XAAAGKxIRChdv1wAABisIEQoZb9cAAAYCewwAAAQRCm/UAAAGbzwAAAoRCm9kAAAK3lsTD34OAAAEHI07AAABEyIRIhZyMQYAcKIRIhcRCm/UAAAGohEiGHLzBABwohEiGREJb2EAAAqiESIacgMFAHCiESIbEQ9vUwAACqIRIihiAAAKEQ9vYwAACt4AERZvKQAACjqk/f//3gwRFiwHERZvGgAACtwqAEFkAAAAAAAA2wAAAIsAAABmAQAAVgAAAAYAAAECAAAAwQAAAAkBAADKAQAADAAAAAAAAAAAAAAAKgQAABsAAABFBAAAWwAAAAYAAAECAAAASwIAAGMCAACuBAAADAAAAAAAAAAuKE0AAAqADgAABCobMAMAUwAAAAwAABECc2YAAAp9DwAABAIoNQAACgNvZwAACgsrHQdvLAAACnQMAAABCgJ7DwAABAZzOwAABm9oAAAKB28pAAAKLdveEQd1BQAAAQwILAYIbxoAAArcKgABEAAAAgAYAClBABEAAAAANgJ7DwAABANvaQAACioyAnsPAAAEb2oAAAoqABswAgCQAAAABAAAEQJ7ggAABAsHRQMAAAACAAAAagAAAFAAAAAraAIVfYIAAAQCAnuDAAAEew8AAARvbAAACn2FAAAEAhd9ggAABCsvAgJ8hQAABChtAAAKfYQAAAQCAnuEAAAEfYEAAAQCGH2CAAAEFwreJQIXfYIAAAQCfIUAAAQobgAACi3EAigCAQAGFgreBwIo/wAABtwGKgEQAAAEAAAAh4cABwAAAAAeAnuBAAAEKhpzNAAACnoAGzACACIAAAAFAAARAnuCAAAECgYXWUUCAAAAAQAAAAEAAAAq3gcCKAIBAAbcKgAAARAAAAIAGAACGgAHAAAAAB4Ce4EAAAQqOgIoNQAACgIDfYIAAAQqZgIVfYIAAAQCfIUAAAT+FhoAABtvGgAACioAAAATMAIAEAAAAA0AABEWcwEBAAYKBgJ9gwAABAYqRgJ7DwAABG9sAAAKjBoAABsqHgJ7EgAABCoiAgN9EgAABCoeAnsTAAAEKiICA30TAAAEKh4CexQAAAQqIgIDfRQAAAQqHgJ7FQAABCoiAgN9FQAABCqWAihxAAAKc3IAAAp9EAAABAIoNQAACgIDKB0AAAYCAygfAAAGKnoCKHEAAApzcgAACn0QAAAEAig1AAAKAgMoJgAABioAGzAFAJ4AAAAOAAARAgNvYQAACigdAAAGAgNvYQAACigfAAAGAhYoIQAABgIWKCMAAAYCexAAAARvcwAACgNvEgAACm90AAAKbwEAAAoLKz4HbywAAAp0OwAAAQoCexAAAAQGBm9RAAAKA28SAAAKBm8UAAAK0DsAAAEoFQAACm8WAAAKc2kAAAZvdQAACgdvKQAACi263hEHdQUAAAEMCCwGCG8aAAAK3CoAAAEQAAACAEIASowAEQAAAABuAigcAAAGKB8AAAosAhQqAigcAAAGKDMAAAYqJgIDFm81AAAGKgAAEzADADUAAAAJAAARAignAAAGCgZvdgAACgIoHAAABm92AAAKMgIUKgIoHAAABhcGb3YAAApYb3cAAApveAAACioAAAATMAQAbgAAAAkAABECKCcAAAYKBm92AAAKAigcAAAGb3YAAAovPQIoHAAABgZvdgAAChdYb3cAAAoDGW95AAAKLTcCBnJVBgBwAyh6AAAKKB0AAAYCFygjAAAGAhcoIQAABipyWQYAcAIoHAAABihCAAAKc3sAAAp6KgAAGzAEAI0AAAAPAAARA3KPBgBwAigcAAAGb3wAAAoCexAAAARvfQAACm9+AAAKDCtPEgIofwAACgoCexAAAAQGb4AAAApvZAAABm+BAAAKDSsVEgMoggAACgsDcp8GAHAGB2+DAAAKEgMohAAACi3i3g4SA/4WHgAAG28aAAAK3BICKIUAAAotqN4OEgL+Fh0AABtvGgAACtwqAAAAARwAAAIAQwAiZQAOAAAAAAIAIgBcfgAOAAAAABMwBQBRAAAAEAAAEQMoHwAACiwLctEBAHBzhgAACnoCexAAAAQDEgBvhwAACiwNBm9kAAAGBG9HAAAKKgJ7EAAABAMDc0QAAAoLBwRvRwAACgdzagAABm+IAAAKKoYDLQtysQYAcHOGAAAKegJ7EAAABANvYgAABgNviAAACioAEzADABQAAAARAAARAnsQAAAEAxIAb4cAAAosAgYqFCo6AnsQAAAEAwRviAAACioAEzADAB4AAAARAAARAnsQAAAEAxIAb4cAAAosDAZvZAAABm+JAAAKKhYqAAAbMAQAfwAAABIAABECA28yAAAGLHQCexAAAAQDb4AAAApvZAAABm+KAAAKCgaOaY07AAABCxYMK0gGCJoNCXUUAAAbLC8JLCwJdBQAABuOaRYxIQcIfhEAAAQJdBQAABtviwAACqLeFSYHCAkojAAACqLeCQcICSiMAAAKoggXWAwIBo5pMrIHKhQqAAEQAAAAAEcAFVwADAYAAAEuAgMoMAAABhb+AioTMAIATQAAABMAABFybQIAcAoWCwINFhMEKzIJEQRvjQAACgwIH1wzBwcW/gELKwoIHywzAwcsHxYLBgiMYQAAASiOAAAKChEEF1gTBBEECW92AAAKMsQGKgAAABMwAgBRAAAAFAAAEXJtAgBwCnK7BgBwCwINFhMEKzIJEQRvjQAACgwHCG+PAAAKFTEMBnLLBgBwKEIAAAoKBgiMYQAAASiOAAAKChEEF1gTBBEECW92AAAKMsQGKk4ELAgDKDQAAAYQAQIDbzYAAAYqAAAAEzADAEEAAAAVAAARAigcAAAGKDMAAAZvdgAACgoDAigcAAAGBm93AAAKKEIAAAoLBwIoHAAABm9eAAAKLQ4CBygdAAAGAhcoIQAABipaAnsQAAAEb5AAAApvkQAACowgAAAbKh4CKDcAAAYqNhYXc5IAAAqAEQAABCqGAnOVAAAKfRcAAAQCF30YAAAEAgMoJAAABgIXKEEAAAYqagJzlQAACn0XAAAEAhd9GAAABAIDKCUAAAYqABMwAwAtAAAAFgAAEQIoHwAACiwQcs8GAHByBQcAcHMgAAAKegJzOgAABgoGcgsHAHADb04AAAYGKlICKEIAAAYsC3IjBwBwc3sAAAp6Kh4CexgAAAQqIgIDfRgAAAQqHgJ7GQAABCoiAgN9GQAABCoeAnsaAAAEKiICA30aAAAEKjICexcAAARvlgAACioAABMwAgBAAAAAFwAAEQIoPQAABgIoQAAABiwWcmMHAHACKBwAAAYolwAACnN7AAAKegIoHAAABnOYAAAKCgMGb1kAAAomAhcoQwAABiquAig9AAAGAgMoMgAABiwaAnsXAAAEA3K/BwBwKEIAAApvmQAAChb+ASoWKtoELQtyxQcAcHOGAAAKegIDbzIAAAYsHQJ7EAAABANvUQAACm+AAAAKb2QAAAYEb5oAAAoqFioAEzACABEAAAAYAAARAgMoMQAABgoGLQIUKgYWmioAAAATMAUA1wAAABkAABECKD0AAAYDb1EAAAoKAnsXAAAEBm+ZAAAKOY8AAAACexcAAAQGb5sAAAoLAig+AAAGLSQHb5wAAAosHHLRBwBwB2+cAAAKjGUAAAEGKJ0AAApzVAAABnp+FgAABHJuCABwBgdvnAAACoxlAAABBG+eAAAKB3JtAgBwb58AAAosG34WAAAEcuQIAHAGb6AAAAoHcm0CAHBvoQAACgcEb58AAAotMgcEb6IAAAomKnOjAAAKCwcGb6QAAAoHFm+lAAAKBwRvogAACiYCexcAAAQGB2+mAAAKKgATMAMArAAAABoAABECKD0AAAYDb1EAAAoKAihAAAAGLC8CexcAAAQGb5kAAAo5hQAAAAJ7FwAABAZvmwAACgsHBG+fAAAKLG8HBG+hAAAKKgZyvwcAcChCAAAKDAJ7FwAABAhvmQAACiwfAnsXAAAECG+bAAAKDQkEb58AAAotNwkEb6IAAAomKnOjAAAKEwQRBBdvpQAAChEEBm+kAAAKEQQEb6IAAAomAnsXAAAECBEEb6YAAAoqGzACAEQAAAAbAAARc6cAAAoKAnsXAAAEb6gAAApvqQAACgwrEBICKKoAAAoLBgdvqwAACiYSAiisAAAKLefeDhIC/hYjAAAbbxoAAArcBioBEAAAAgAXAB00AA4AAAAAGzAEAOQBAAAcAAARAig9AAAGAiggAAAGOYUAAABzrQAACgoGAigeAAAGb64AAAoGAignAAAGb68AAAp+FgAABHI0CQBwBm+wAAAKb6AAAAoGF2+xAAAKAigiAAAGLCEGAigpAAAGb7IAAAp+FgAABHJeCQBwBm+zAAAKb6AAAAoDBm9ZAAAKJgIWKCEAAAYCFigjAAAGAgIoHAAABigfAAAGAnsXAAAEb5YAAAoWPhQBAAACKEAAAAYsfwIoHAAABhaNOgAAAXO0AAAKCwIoSwAABm+1AAAKEwUrNBEFbywAAAp0FQAAAQwHb7YAAAoIb7cAAAoI0DsAAAEoFQAACm8WAAAKc7gAAApvuQAACiYRBW8pAAAKLcPeFREFdQUAAAETBhEGLAcRBm8aAAAK3AMHb1kAAAomK2UCKBwAAAYWjRUAAAFzugAACg0CKEsAAAZvtQAAChMHKxwRB28sAAAKdBUAAAETBAlvuwAAChEEb6sAAAomEQdvKQAACi3b3hURB3UFAAABEwgRCCwHEQhvGgAACtwDCW9ZAAAKJgJ7FwAABG+8AAAKAhYoQQAABn4WAAAEcpAJAHACKBwAAAZvoAAACip+FgAABHK+CQBwAigcAAAGb6AAAAoCKEAAAAYsC3LwCQBwc3sAAAp6KgEcAAACAM4AQQ8BFQAAAAACAE0BKXYBFQAAAAATMAUAFAAAAB0AABECAxeNAgAAAQoGFgSiBihOAAAGKhMwBAB1AQAAHgAAEQIoPQAABgNvUQAAChABAnsXAAAEA2+ZAAAKLHsCexcAAAQDb5sAAAoKBm+cAAAKGDuTAAAAAig+AAAGLRxyYAoAcAMGb5wAAAqMZQAAASidAAAKc1QAAAZ6fhYAAARy3AoAcAZvnAAACoxlAAABA2+9AAAKc6MAAAoKBgNvpAAACgYYb6UAAAoCexcAAAQDBm+mAAAKKzF+FgAABHI8CwBwA2++AAAKc6MAAAoKBgNvpAAACgYYb6UAAAoCexcAAAQDBm+mAAAKBAwWDTiaAAAACAmaCwYHb58AAAoteAd1FAAAGywPBgd0FAAAG2+/AAAKJitOB3U7AAABLA8GB3Q7AAABb6IAAAomKzcHdWsAAAEsDwYHdGsAAAFvwAAACiYrIHKUCwBwB2/BAAAKb8IAAAooQgAACnK+CwBwcyAAAAp6fhYAAARyzAsAcAMHb8MAAAorEX4WAAAEchYMAHADB2/DAAAKCRdYDQkIjmk/Xf///yoAAAATMAQAfgEAAB8AABECKD0AAAYDb1EAAAoQAQIDKDAAAAYWPmIBAAACexcAAAQDb5kAAAo52gAAAAJ7FwAABANvmwAACgoGb5wAAAoYMxkGb8QAAAotEX4WAAAEcmoMAHADb74AAAoqAig+AAAGLRxy2AwAcAMGb5wAAAqMZQAAASidAAAKc1QAAAZ6fhYAAARycw0AcAZvnAAACoxlAAABA2+9AAAKc6MAAAoLBwNvpAAACgcYb6UAAAoHCgZvxQAACgJ7FwAABAMGb6YAAAoCexcAAAQDcr8HAHAoQgAACm+ZAAAKOZ8AAAB+FgAABHLzDQBwA28nAAAKAnsXAAAEA3K/BwBwKEIAAApvxgAACiYqc6MAAAoMCANvpAAACggYb6UAAAoICgZvxQAACgJ7FwAABAMGb6YAAAp+FgAABHJZDgBwA2++AAAKAnsXAAAEA3K/BwBwKEIAAApvmQAACiwmfhYAAARy8w0AcG/HAAAKAnsXAAAEA3K/BwBwKEIAAApvxgAACiYqIgIXKFEAAAYqKgMsBgIoyAAACioAAAswAgARAAAAAAAAAAIWKFEAAAbeBwIoyQAACtwqAAAAARAAAAIAAAAJCQAHAAAAAC4oTQAACoAWAAAEKiICAyjKAAAKKh4CKDUAAAoqHgJ7MQAABCoiAgN9MQAABCoeAnsyAAAEKiICA30yAAAEKh4CezMAAAQqIgIDfTMAAAQqHgJ7NAAABCoiAgN9NAAABCoeAns1AAAEKiICA301AAAEKgAAEzADAEYAAAAdAAARHI0CAAABCgYWcpUOAHCiBhcCKFgAAAaiBhhyqw4AcKIGGQIoWgAABqIGGnK5DgBwogYbAihWAAAGjEoAAAGiBijLAAAKKh4CKDUAAAoqHgJ7NgAABCoiAgN9NgAABCoeAns3AAAEKiICA303AAAEKh4CezgAAAQqIgIDfTgAAAQqHgIoNQAACipqAig1AAAKAgMoYwAABgIEc8wAAAooZQAABipWAig1AAAKAgMoYwAABgIEKGUAAAYqHgJ7PQAABCoiAgN9PQAABCoeAns+AAAEKiICA30+AAAEKh4Cez8AAAQqIgIDfT8AAAQqHgJ7QAAABCoiAgN9QAAABCoeAntBAAAEKiICA31BAAAEKh4Ce0IAAAQqIgIDfUIAAAQqHgJ7QwAABCoiAgN9QwAABCoeAntEAAAEKiICA31EAAAEKh4Ce0UAAAQqIgIDfUUAAAQqHgJ7RgAABCoiAgN9RgAABCoDMAMASwAAAAAAAAACFnPNAAAKfTsAAAQCc84AAAp9PAAABAIoNQAACgIg6AMAAChuAAAGAhcodAAABgIYKHgAAAYCIwAAAAAAAChAKM8AAAoofAAABioGKgYqAAMwBABrAAAAAAAAAANv0AAACm/RAAAKGjMxAih5AAAGFjEofjkAAARy1w4AcAIoeQAABm/SAAAKAhcofgAABgNv0AAACnQcAAABKn45AAAEcjMPAHADb9AAAApv0QAACoxtAAABA2/QAAAKb9MAAApv1AAAChQqcgJ7OgAABC0TAhd9OgAABAJ7OwAABG/VAAAKJiobMAUAmAAAACAAABF+OQAABHJ9DwBwA2++AAAKAih1AAAGBBYUFG/WAAAKChiNcAAAARMEEQQWAns7AAAEohEEFwZv1wAACqIRBCjYAAAKC345AAAEcrUPAHAHb9kAAAoHLQ4CKHUAAAYGb9oAAAoUKhQMAih1AAAGBm/bAAAKdBwAAAEMAgMIb4AAAAbeEw0CCW+CAAAGDAIDCG+BAAAG3gAIKgEQAAAAAGcAHIMAEx0AAAETMAIAdgAAACEAABECKG0AAAYXLwIUKgNv3AAAChMEFhMFK1IRBBEFmgoGdXEAAAELByw8B2/dAAAKLDQHb90AAAqOaRYxKXPeAAAKDAgHb90AAApv3wAACggCKG0AAAZv4AAACggXb+EAAAoIDd4QEQUXWBMFEQURBI5pMqYUKgkqNgJ7PAAABANv4gAACioTMAIAPAAAACIAABEoLgAACm8vAAAKAnuIAAAEMxUCe4cAAAQf/jMLAhZ9hwAABAIKKxMWcwoBAAYKBgJ7iQAABH2JAAAEBioeAigDAQAGKhswBQDeBAAAIwAAEQJ7hwAABA0JFi4MCRo7RQQAADi6BAAAAhV9hwAABAICc+MAAAp9kQAABAJ7kQAABAJ7iQAABG9vAAAGb+QAAAoCe5EAAAQCe4kAAARvawAABm/lAAAKAnuRAAAEAnuJAAAEb3cAAAZv5gAACgJ7kQAABH2KAAAEAnuJAAAEb3sAAAYTBBIEKOcAAAojAAAAAAAAAAA2FgJ7igAABAJ7iQAABG97AAAGb+gAAAoCe4kAAARveQAABhYxFgJ7igAABAJ7iQAABG95AAAGb+kAAAoCfuoAAAp9iwAABAJ7iQAABG9xAAAGLEYCe4kAAARvcQAABo5pFjE2AnLxDwBwAnuJAAAEb3EAAAYo6wAACn2LAAAEAnuKAAAEb+wAAAoCe4kAAARvcQAABm/tAAAKAgJ7iQAABG9tAAAGc+4AAAp9jAAABAJ7jAAABBZv4QAACn45AAAEcvUPAHACe4kAAARvbQAABoxLAAABAnuJAAAEb3MAAAaMSwAAAW/vAAAKAhZ9jQAABDj9AgAAAnuJAAAEb20AAAYWMVcCe4kAAARvbQAABgJ7iQAABG95AAAGMg0Ce4kAAARveQAABi0yAnuNAAAEFzEQAnuKAAAEb/AAAApvxQAACgJ7igAABG/wAAAKAnuMAAAEb/EAAAomKy9+OQAABHI3EABwAnuJAAAEb20AAAaMSwAAAQJ7iQAABG95AAAGjEsAAAFv7wAACgJ7iQAABHs8AAAEb/IAAAoTBSsaEQVv8wAACgoCe4oAAARv8AAACgZv8QAACiYRBW8pAAAKLd3eDBEFLAcRBW8aAAAK3AIfDY0CAAABEwYRBhYCe4kAAARvbwAABqIRBhdyiRAAcKIRBhgCe4kAAARvdwAABowXAAABb/QAAAqiEQYZco0QAHCiEQYaAnuJAAAEb2sAAAaiEQYbcpUQAHCiEQYcAnuNAAAEjEsAAAGiEQYdcp8QAHCiEQYeAnuJAAAEb20AAAaMSwAAAaIRBh8JcqsQAHCiEQYfCgJ7iQAABG95AAAGjEsAAAGiEQYfC3K3EABwohEGHwwCe4sAAASiEQYoywAACn2OAAAEAgJ7iQAABAJ7jgAABAJ7igAABG+EAAAGfY8AAAQCe48AAAQsH345AAAEcsEQAHACe48AAARvWgAACm/1AAAKb9kAAAreVAsCe4kAAAR7OgAABCweB2/2AAAKH1gzFH45AAAEcuUQAHBv9wAACt0zAQAAfjkAAARyBxEAcAdv+AAACgdv9gAACoxLAAABB29TAAAKb/kAAAr+GgJ7iQAABHs6AAAEOvsAAAACe48AAAQ58AAAAAICe48AAARvWgAACm9nAAAKfZIAAAQCGX2HAAAEK14CAnuSAAAEbywAAAp0DAAAAX2QAAAEAnuJAAAEezoAAAQsGn45AAAEclsRAHBv9wAACgIoCAEABt2UAAAAAgJ7kAAABH2GAAAEAhp9hwAABBcM3YUAAAACGX2HAAAEAnuSAAAEbykAAAotlQIoCwEABgICe4kAAAQCe48AAARvhQAABn2MAAAEAnuJAAAEezoAAAQtPAJ7jAAABCw0AiV7jQAABCUTBxdYfY0AAAQRBwJ7iQAABG9zAAAGP8v8//8Ce4kAAARvcwAABhc/uvz//xYM3gcCKAgBAAbcCCoAAEFMAAACAAAAMQIAACcAAABYAgAADAAAAAAAAAAAAAAALAMAAEYAAAByAwAAVAAAAHUAAAEEAAAAAAAAANUEAADVBAAABwAAAAAAAAAeAnuGAAAEKhpzNAAACnoAGzACACIAAAAkAAARAnuHAAAEDAgZWUUCAAAAAQAAAAEAAAAq3gcCKAsBAAbcKgAAARAAAAIAGAACGgAHAAAAAB4Ce4YAAAQqegIoNQAACgIDfYcAAAQCKC4AAApvLwAACn2IAAAEKrICFX2HAAAEAgJ7kgAABHUFAAABfZMAAAQCe5MAAAQsCwJ7kwAABG8aAAAKKhMwAgARAAAAIgAAER/+cwoBAAYKBgJ9iQAABAYqIgIUKHYAAAYqLihNAAAKgDkAAAQqdgIDfUcAAAQCBH1IAAAEAgV9SQAABAIWfUoAAAQqdgIDfUcAAAQCBH1IAAAEAhR9SQAABAIFfUoAAAQqegIDfUcAAAQCBH1IAAAEAgV9SQAABAIOBH1KAAAEKh4VgEsAAAQqUgJ7TAAABAMEBXOKAAAGb/sAAAoqUgJ7TAAABAMEBXOLAAAGb/sAAAoqTgIDBHKLEQBwKPwAAAookQAABioAGzADAB0AAAAlAAARAwVz/QAACgoCBgQokwAABt4KBiwGBm8aAAAK3CoAAAABEAAAAgAIAAoSAAoAAAAAAzAEAEAAAAAAAAAAAygfAAAKLAEqAwJ7TQAABG/+AAAKLBwCe04AAARyoREAcANyoREAcCh6AAAKb/8AAAoqAntOAAAEA2//AAAKKhswBAALAgAAJgAAEQQsYxYKK0ECe04AAAQCe0wAAAQGbwABAAp7SAAABG//AAAKBhdYAntMAAAEbwEBAAovEQJ7TgAABAJ7TQAABG//AAAKBhdYCgYCe0wAAARvAQEACjKxAntOAAAEcm0CAHBvAgEACgNzsQAABnPeAAAGCwdv4gAABgw4egEAABYNOEsBAAACe0wAAAQJbwABAAoTBBIEe0cAAAQlEwUsbREFcgUHAHAoQQAACi0sEQVypREAcChBAAAKLS8RBXKtEQBwKEEAAAotMhEFcrsRAHAoQQAACi0kKzMCCG8cAAAGKJIAAAY4wQAAAAIIbycAAAYokgAABjiwAAAAAghvKQAABiiSAAAGOJ8AAAAIEgR7RwAABG8yAAAGOY0AAAASBHtJAAAEKB8AAAosYBIEe0oAAAR+SwAABDMlAggSBHtHAAAEbzEAAAYIEgR7RwAABG8wAAAGF1maKJIAAAYrTAgSBHtHAAAEbzAAAAYSBHtKAAAEMTYCCBIEe0cAAARvMQAABhaaKJIAAAYrHwISBHtJAAAECBIEe0cAAARvMQAABijrAAAKKJIAAAYJF1gCe0wAAARvAQEACi8RAntOAAAEAntNAAAEb/8AAAoJF1gNCQJ7TAAABG8BAQAKP6T+//8Ce04AAARybQIAcG8CAQAKB2/iAAAGDAg6gP7//94KBywGB28aAAAK3CoAQRwAAAIAAAByAAAAjgEAAAACAAAKAAAAAAAAAKICcwMBAAp9TAAABAJyzREAcH1NAAAEAigEAQAKfU4AAAQCKDUAAAoqHgJ7TwAABCoiAgN9TwAABCo+AgMoygAACgIEKJYAAAYqHgJ7UAAABCoiAgN9UAAABCo6AigFAQAKAgMopQAABioeAntRAAAEKiICA31RAAAEKh4Ce1IAAAQqIgIDfVIAAAQqVgIoBQEACgIDKKgAAAYCBCiqAAAGKh4Ce1oAAAQqIgIDfVoAAAQqHgJ7WwAABCoiAgN9WwAABCqaAig1AAAKAgMZF3MGAQAKKAcBAApzCAEACn1TAAAEAhd9VAAABCpWAig1AAAKAgN9UwAABAIWfVQAAAQqfgIoNQAACgIDKAcBAApzCAEACn1TAAAEAhZ9VAAABCoAAAATMAMAKQAAACcAABECe1cAAAQKBgsHAygJAQAKdBMAAAIMAnxXAAAECAcoAQAAKwoGBzPfKgAAABMwAwApAAAAJwAAEQJ7VwAABAoGCwcDKAsBAAp0EwAAAgwCfFcAAAQIBygBAAArCgYHM98qAAAAEzADACkAAAAoAAARAntYAAAECgYLBwMoCQEACnQUAAACDAJ8WAAABAgHKAIAACsKBgcz3yoAAAATMAMAKQAAACgAABECe1gAAAQKBgsHAygLAQAKdBQAAAIMAnxYAAAECAcoAgAAKwoGBzPfKgAAABMwAwApAAAAKQAAEQJ7WQAABAoGCwcDKAkBAAp0FQAAAgwCfFkAAAQIBygDAAArCgYHM98qAAAAEzADACkAAAApAAARAntZAAAECgYLBwMoCwEACnQVAAACDAJ8WQAABAgHKAMAACsKBgcz3yoAAAATMAUAXwMAACoAABECe1MAAARvDAEACgoGLDYCJXtWAAAEF2pYfVYAAAQGctERAHBvDQEACiwCFyoCe1UAAAQtEAZy1REAcBlvDgEACi0CFyoGKB8AAAosNgJ7VQAABCwmAhZ9VQAABAJ7VwAABCwXAntXAAAEAgIorAAABnOmAAAGb5kAAAYGFP4BFv4BKgZy1REAcBlvDgEACjkGAQAAAhd9VQAABAYXjWEAAAETCxELFh8gnRELbw8BAApvUQAACnLVEQBwKEEAAAosBxQLOKgAAAAGGW+NAAAKHzr+AQwGCC0DGSsBGm93AAAKFo1hAAABbxABAAoLK14CJXtWAAAEF2pYfVYAAAQCKK4AAAYsLwcCe1MAAARvDAEAChdvdwAACheNYQAAARMMEQwWHyCdEQxvEAEACihCAAAKCysYBwJ7UwAABG8MAQAKF293AAAKKEIAAAoLAntTAAAEbxEBAAofIC6TCCwRKBIBAAoHKBMBAApviwAACgsCByitAAAGAntYAAAEOdoBAAACe1gAAAQCB3OmAAAGb50AAAY4wwEAAAYfOm+PAAAKDQkVMxty3REAcAJ7VgAABIxMAAABKI4AAApzQwAACnoGFglvFAEAChMEFhMGFhMHCRdYBm92AAAKMwgUEwU4xQAAAAYJF1hvjQAACh86/gETBgYJEQYtAxcrARhYb40AAAofPP4BEwcGEQYtBQkXWCsDCRhYb3cAAAoWjWEAAAFvEAEAChMFEQcsbhEFF293AAAKEwUrYgIle1YAAAQXalh9VgAABAIorgAABiwxEQUCe1MAAARvDAEAChdvdwAACheNYQAAARMNEQ0WHyCdEQ1vEAEACihCAAAKEwUrGhEFAntTAAAEbwwBAAoXb3cAAAooQgAAChMFAntTAAAEbxEBAAofIC6PAntZAAAEOagAAAARBS0ZAntZAAAEAhEEFHOrAAAGb6EAAAY4iwAAABEGLE4RBSgTAQAKEwgRBywqKBIBAAoRCG+LAAAKcxUBAAoTCQJ7WQAABAIRBBEJc6sAAAZvoQAABitQAntZAAAEAhEEEQhzqwAABm+hAAAGKzkRBywgEQVzFQEAChMKAntZAAAEAhEEEQpzqwAABm+hAAAGKxUCe1kAAAQCEQQRBXOrAAAGb6EAAAYXKrICe1MAAAQsGgJ7VAAABCwLAntTAAAEbxYBAAoCFH1TAAAEAywGAijIAAAKKiICFyi6AAAGKgAAAAswAgARAAAAAAAAAAIWKLoAAAbeBwIoyQAACtwqAAAAARAAAAIAAAAJCQAHAAAAAB4Ce2EAAAQqIgIDfWEAAAQqngIoNQAACgIDFigHAQAKcxcBAAp9XAAABAIXfV4AAAQCFyi+AAAGKnICKDUAAAoCA31cAAAEAhZ9XgAABAIXKL4AAAYqAAADMAMATgAAAAAAAAACA2/DAAAGAnINEgBwciMSAHAoxwAABgJyMRIAcAQoxwAABgJyPxIAcHIlBgBwKMcAAAYFKB8AAAotDAJyWRIAcAUoxwAABgIozAAABipKAntcAAAEcnESAHADb3wAAAoqAAAAEzADAEMAAAArAAARAntdAAAELAYCKMwAAAYCF31dAAAEAiV7YAAABCUKF2pYfWAAAAQGFmozCwIoGAEACn1fAAAEAnIFBwBwAyjHAAAGKpICe10AAAQtC3J9EgBwc0MAAAp6AntcAAAEcpkSAHBvAgEACioTMAYAQgAAACwAABECe10AAAQtC3J9EgBwc0MAAAp6AnKfBgBwGI0CAAABCgYWA6IGFw8CKBkBAAoLEgFynRIAcCgaAQAKogYoyAAABioAABMwBQBUAAAALQAAEQJ7XQAABC0Lcn0SAHBzQwAACnoELAUEjmktGAJyxRIAcBeNAgAAAQoGFgOiBijIAAAGKgJy0RIAcBiNAgAAAQsHFgOiBxcEKBsBAAqiByjIAAAGKhMwBgCCAAAALgAAEQJ7XQAABC0Lcn0SAHBzQwAACnoEKB8AAAosGAJy5RIAcBeNAgAAAQoGFgOiBijIAAAGKgQoywAABiwcAnKfBgBwGI0CAAABCwcWA6IHFwSiByjIAAAGKgJy0RIAcBiNAgAAAQwIFgOiCBcoEgEACgRvHAEACigbAQAKoggoyAAABio6AgMEKB0BAAooyQAABioAAAATMAQAegAAAAUAABEDb3YAAAofTDFjFworVQYlF1gKFzEQAntcAAAEcu8SAHBv/wAACgNvdgAACh9MMSACe1wAAAQDFh9MbxQBAApvAgEACgMfTG93AAAKEAErEwJ7XAAABANvAgEACnJtAgBwEAEDb3YAAAoWMKIqAntcAAAEA28CAQAKKp4CLBkCHwouFAIfDS4PAh8gLgoCHzouBQIfPDMCFioCH38xAhYqFyoAABMwAgBUAAAALwAAEQIWb40AAAoKBijKAAAGLQIWKgIfCm+PAAAKFTAVAh8Nb48AAAoVMAoCFm+PAAAKFTECFioWCysRAgdvjQAACh9/MQIWKgcXWAsHAm92AAAKMuYXKmICe1wAAARybQIAcG8CAQAKAhZ9XQAABCoAAAATMAUAfwAAADAAABECe1wAAAQsdgJ7XQAABCwGAijMAAAGAii9AAAGLEYCe18AAAQSAP4VJgAAAQYoHgEACiwwAntcAAAEcvMSAHACe2AAAASMTAAAAQJ7XwAABIwmAAABKBgBAAqMJgAAAW8fAQAKAnteAAAELAsCe1wAAARvIAEACgIUfVwAAAQqcgJ7XgAABCwTAntcAAAELAsCe1wAAARvIAEACioeAig1AAAKKh4Ce2wAAAQqIgIDfWwAAAQqHgJ7bQAABCoiAgN9bQAABCoeAntuAAAEKiICA31uAAAEKh4Ce28AAAQqIgIDfW8AAAQqEzACADwAAAAxAAARKC4AAApvLwAACgJ7lgAABDMVAnuVAAAEH/4zCwIWfZUAAAQCCisTFnMTAQAGCgYCe5cAAAR9lwAABAYqHgIoDAEABiobMAIAkAAAAAQAABECe5UAAAQLB0UDAAAAAgAAAGoAAABQAAAAK2gCFX2VAAAEAgJ7lwAABHtqAAAEbyEBAAp9mQAABAIXfZUAAAQrLwICfJkAAAQoIgEACn2YAAAEAgJ7mAAABH2UAAAEAhh9lQAABBcK3iUCF32VAAAEAnyZAAAEKCMBAAotxAIoFAEABhYK3gcCKBEBAAbcBioBEAAABAAAAIeHAAcAAAAAHgJ7lAAABCoaczQAAAp6ABswAgAiAAAABQAAEQJ7lQAABAoGF1lFAgAAAAEAAAABAAAAKt4HAigUAQAG3CoAAAEQAAACABgAAhoABwAAAAAeAnuUAAAEKnoCKDUAAAoCA32VAAAEAiguAAAKby8AAAp9lgAABCpmAhV9lQAABAJ8mQAABP4WKgAAG28aAAAKKgAAABMwAgARAAAAMQAAER/+cxMBAAYKBgJ9lwAABAYqAAAAEzACADwAAAAyAAARKC4AAApvLwAACgJ7nAAABDMVAnubAAAEH/4zCwIWfZsAAAQCCisTFnMcAQAGCgYCe50AAAR9nQAABAYqHgIoFQEABiobMAIAkAAAAAQAABECe5sAAAQLB0UDAAAAAgAAAGoAAABQAAAAK2gCFX2bAAAEAgJ7nQAABHtrAAAEbyEBAAp9nwAABAIXfZsAAAQrLwICfJ8AAAQoIgEACn2eAAAEAgJ7ngAABH2aAAAEAhh9mwAABBcK3iUCF32bAAAEAnyfAAAEKCMBAAotxAIoHQEABhYK3gcCKBoBAAbcBioBEAAABAAAAIeHAAcAAAAAHgJ7mgAABCoaczQAAAp6ABswAgAiAAAABQAAEQJ7mwAABAoGF1lFAgAAAAEAAAABAAAAKt4HAigdAQAG3CoAAAEQAAACABgAAhoABwAAAAAeAnuaAAAEKnoCKDUAAAoCA32bAAAEAiguAAAKby8AAAp9nAAABCpmAhV9mwAABAJ8nwAABP4WKgAAG28aAAAKKgAAABMwAgARAAAAMgAAER/+cxwBAAYKBgJ9nQAABAYqNgJ7agAABANvJAEACio2AntrAAAEA28kAQAKKgAAABMwAwBXAAAAHQAAER6NAgAAAQoGFnJdEwBwogYXAijUAAAGogYYcncTAHCiBhkCKNIAAAaiBhpyhRMAcKIGGwIo0AAABqIGHHKdEwBwogYdAijWAAAGjBwAAAKiBijLAAAKKnYCcyUBAAp9agAABAJzJQEACn1rAAAEAig1AAAKKgAAAAMwBABTAAAAAAAAAAIoNQAACgIDfXAAAAQCe3AAAAQC/gbfAAAGc5wAAAZvtQAABgJ7cAAABAL+BuEAAAZzoAAABm+3AAAGAntwAAAEAv4G4AAABnOYAAAGb7MAAAYqZgIWfXIAAAQCBG+kAAAGcyQAAAZ9cQAABCoiAhd9cgAABCpiAntxAAAEBG+nAAAGBG+pAAAGbywAAAYq9isWAntyAAAELA4CFn1yAAAEAntxAAAEKgJ7cAAABG+5AAAGLd0Ce3IAAAQsDgIWfXIAAAQCe3EAAAQqFCoAAAADMAQAVQAAAAAAAAACe3AAAAQsTAJ7cAAABAL+Bt8AAAZznAAABm+2AAAGAntwAAAEAv4G4QAABnOgAAAGb7gAAAYCe3AAAAQC/gbgAAAGc5gAAAZvtAAABgIUfXAAAAQqAAAACzABABAAAAAAAAAAAijjAAAG3gcCKMkAAArcKgEQAAACAAAACAgABwAAAAATMAIAaAAAAAUAABECe6EAAAQKBkUCAAAAAgAAADEAAAArTwIVfaEAAAQCAnuiAAAEb+IAAAZ9owAABCstAgJ7owAABH2gAAAEAhd9oQAABBcqAhV9oQAABAICe6IAAARv4gAABn2jAAAEAnujAAAELcsWKh4Ce6AAAAQqGnM0AAAKegYqHgJ7oAAABCo6Aig1AAAKAgN9oQAABCoTMAIAEAAAADMAABEWcyMBAAYKBgJ9ogAABAYqHgIo5QAABioTMAIAeAAAADQAABEoLgAACm8vAAAKAnumAAAEMxUCe6UAAAQf/jMLAhZ9pQAABAIKKwcWcysBAAYKBgJ7qAAABH2nAAAEBgJ7qgAABH2pAAAEBgJ7rAAABH2rAAAEBgJ7rgAABH2tAAAEBgJ7sAAABH2vAAAEBgJ7sgAABH2xAAAEBioeAigkAQAGKhswBwCNAQAANQAAEQJ7pQAABAsHRQMAAAAFAAAAZwEAAO4AAAA4YgEAAAIVfaUAAAQCFn2zAAAEAhZ9tAAABAJ8rwAABCgpAQAKLBgCAnyvAAAEKCoBAAoCe60AAARZfbMAAAQCAnunAAAEAnupAAAEAnurAAAEAnutAAAEAnuvAAAEAnuxAAAEKOgAAAZ9tQAABDjpAAAAAhd9pQAABAICe7UAAAR7IQAABH23AAAEAhZ9uAAABCtvAgJ7twAABAJ7uAAABJp9tgAABAJ7swAABBYxJAIle7QAAAQXWCUMfbQAAAQIAnuzAAAEMgsCKCkBAAbdkwAAAAICe7YAAAR9pAAABAIYfaUAAAQXCt2EAAAAAhd9pQAABAICe7gAAAQXWH24AAAEAnu4AAAEAnu3AAAEjmkygQIoLAEABgJ7tQAABHsgAAAELUECAnunAAAEAnupAAAEAnurAAAEAnu1AAAEex8AAAQXWAJ7rwAABAJ7sQAABCjoAAAGfbUAAAQCe7UAAAQ6DP///xYK3gcCKCkBAAbcBioAAABBHAAABAAAAAAAAACEAQAAhAEAAAcAAAAAAAAAHgJ7pAAABCoaczQAAAp6ABMwAgAfAAAABQAAEQJ7pQAABAoGF1lFAgAAAAEAAAABAAAAKgIoLAEABioeAnukAAAEKnoCKDUAAAoCA32lAAAEAiguAAAKby8AAAp9pgAABCoiAhV9pQAABCoAEzACADYAAAA0AAARH/5zKwEABgoGAn2oAAAEBgN9qgAABAYEfawAAAQGBX2uAAAEBg4EfbAAAAQGDgV9sgAABAYqAAAbMAUAtQEAADYAABFz4wAACgoGA2/kAAAKBhZv5gAACgZytxMAcG/lAAAKBm/sAAAKG40CAAABEwkRCRYEohEJF3LdEwBwohEJGAWMSwAAAaIRCRlymRIAcKIRCRoPBCgpAQAKLA8PBP4WLgAAG2/0AAAKKwVy7RMAcKIRCSjLAAAKbysBAAomDgUsEgZv8AAAChdzLAEACm/xAAAKJgIGb1kAAAp0HAAAAQsHb1oAAApv9QAACi0CFCoHb1oAAAoWb1sAAAoMCG8SAAAKb3QAAApvAQAAChMKOLsAAAARCm8sAAAKdDsAAAENCQQZbw4BAAo5oQAAAHNVAAAGEwQIbxIAAAoJbxQAAAoTBREEEQXQOwAAASgVAAAKbxYAAAp0BAAAG30hAAAECXLtEwBwby0BAAosCBEEF30gAAAECR89b48AAAoTBgkfLREGF1hvLgEAChMHEQQJEQYXWBEHEQZZF1lvFAEACihJAAAKfR4AAAQRBHsgAAAELRYRBAkRBxdYb3cAAAooSQAACn0fAAAEEQQTCN4lEQpvKQAACjo5////3hURCnUFAAABEwsRCywHEQtvGgAACtwUKhEIKgAAAAEQAAACAM0AzpsBFQAAAAAeAig1AAAKKkJTSkIBAAEAAAAAAAwAAAB2Mi4wLjUwNzI3AAAAAAUAbAAAAMgzAAAjfgAANDQAAJgpAAAjU3RyaW5ncwAAAADMXQAA9BMAACNVUwDAcQAAEAAAACNHVUlEAAAA0HEAAGgNAAAjQmxvYgAAAAAAAAACAAABVx+2CwkKAAAA+iUzABYAAAEAAACAAAAAKAAAALgAAAAsAQAA3wAAADAAAAAuAQAAHAAAAL4AAAA2AAAAAQAAAAMAAAAWAAAAQAAAAG0AAAA3AAAALgAAAAEAAAAFAAAACQAAAAMAAAAAAAoAAQAAAAAABgAiAhsCBgAnAhsCBgBJAi4CBgBqAlcCBgB2AhsCBgCCAhsCBgCMAhsCBgCWAhsCBgCoAhsCCgA+AxsDBgC0A5UDCgDJAxsDDgARBAwEBgAfBC4CBgB1BC4CCgCFBBsDBgC0BC4CBgDQBFcCBgC0BagFBgAUBgoGCgBfBxsDCgBzCBsDCgBxDBsDBgC5DBsCBgA8DSsNBgBaDS4CCgBiDRsDCgCADRsDCgC6DRsDCgD5DRsDCgAZDhsDBgD7D6gFBgAKEAoGBgAeEBsCBgArEBsCBgBPEAoGBgDAEAoGBgDAERsCBgAgFBsCBgDhFBsCBgDmFdQVBgD9FdQVBgAaFtQVBgA5FtQVBgBSFtQVBgBrFtQVBgCGFtQVBgChFtQVBgDZFroWBgDtFroWBgD7FtQVBgAUF9QVBgBEFzEX1wBYFwAABgCHF2cXBgCnF2cXCgDFFxsDCgDuFxsDBgABGBsCBgAIGBsCBgANGBsCEgBfGEYYPwB5GAAABgCnGBsCBgD+GGcXOwDFGgAACwF5GAAABgBpGzEXBgCBGysNBgC5GxsCBgAvHRsCBgBMHRsCBgBxHVwdBgCyCRsCBgAAChsCBgAGChsCDgChHQwEBgADHhsCBgAiHggeBgBTHjUeCgBpHhsDCgB9HhsDCgCPHhsDBgC/HhsCBgDeHtQVBgD1HlcCEgDBH0YYEgDSH0YYBgDmHxsCBgAUIC4CBgAuIFcCBgBnIBsCBgB4IBsCOwCcIAAAewF5GAAABgCzIBsCBgDlIBsCEgDyIEYYEgAIIUYYCgAiIRsDCgAwIRsDCgB0IRsDCgDrIRsDBgD2IVcCCgAFIhsDCgAiIhsDFgBIIhsCBgBhIhsCCgCOIhsDBgC5IisNCgDNIhsDBgD2IisNCgA5IxsDBgB4Iy4CFgCnJYglCgC+JRsDCgDZJRsDBgAMJroWBgAiJroWBgA5JhsCBgBJJgoGBgBSJgoGBgBnJgoGBgBuJhsCBgB/JisNBgDgJgoGCgBrKRsDCgB9KRsDAAAAAAEAAAAAAAEAAQABAQAAGwAqAAUAAQABAKEAAAA+ACoAAAAKAAEAgQAQAEoAKgAJAAoABwABABAAWQAqABAADgASAAEAEABnAH4ACQAPABcAAQAQAIsAfgAJABAAHAABABAAkQB+ABwAFgA6AAIBAACeAAAABQAbAFQAAQAQAKwAfgAZAB4AVAAAABAAygB+AAkAHgBVAAEBAADWACoABQAiAFYAAQAQAOMAKgAJADEAVgABABAA8wB+AAkANgBiAAEAEAD4AH4ACQA5AGsACQEQAAUBfgAdAEcAigABABAAEQF+AAkATACOAAEAEAAeASoAGQBPAJUAAQEAADgBfgAhAFAAmAABAQAATQF+ACEAUACcAAEBAABkAX4AIQBQAKAAAQAQAHoBfgAlAFAApAABABAAhgF+ACUAUQCnAAEAEACZAX4ACQBTAKwAAQAQAKQBfgAJAFwAvQABABAArwEqAAkAYgDPAAkBEAC/ASoAHQBjANAAAQEAANQBKgAFAGUA0AABABAA5AEqAAkAagDQAAEAEAD2AX4ACQBwAN4AAQAQAAYCfgAJAHMA5wAAAAAAuRgAAAkAcwDqAAMBEABOGQAACQB1AOoAAwEQAM8bAAAJAHsA8wADARAADB8AAAkAgQD8AAMBEACGIwAACQCGAAMBAwEQACsnAAAJAJQADAEDARAAPicAAAkAmgAVAQMBEAAMHwAACQCgAB4BAwEQAOonAAAJAKQAJAEGBrICHwBWgLoCIgBWgL8CIgBWgMUCIgBWgNMCIgBWgOsCIgBWgP0CIgBWgAoDIgBWgBADIgAxABgEoQAEACwEpQAEADMErgAEADgEtwAxABgEoQABAHwE1gAkAKIFEwExAMEFHAEBAJ4GaQEBAMEGaQEBAN0GbAEBAPgGbAExABgEoQAkAH4HfQEBAIcHhgEBANsIbAEBAPcIbAEGBrICHwBWgEcJhgFWgE0JhgEGAFQJHwAGAFoJHwAGAF4JbAEGAGYJvwEGBrICHwBWgG0JwwFWgH0JwwFWgJMJwwFWgJcJwwFWgKwJwwFWgLIJwwFWgLoJwwFWgL0JwwFWgMYJwwFWgNYJwwFWgOYJwwFWgPQJwwFWgAAKwwFWgAYKwwEBAKMKbAEBAMIKaQEBAN8KaQEBAPQKwwEBAA4LHwABAJoLaQEBALALJAIBAMcLwwExABgEoQABACQNbAEhAE0NWQIkAHMNXQIBAFIOaQEBAGoOHwABAJ4GaQEBAIQOvwEBAJsOHwABALUOkQIBANEOlQIBAO4OHwABAAkPmQIBAC8PbAEGAKsPaQEGALIPaQEGAL4PaQEGAL8CHwA2AMUPHwAGANAPxwIGANgPaQEGAOIPzwIBAN8KaQEBAJ4GaQEBAJoLaQEBALALIgMBAFoQKQMBAGIQbAEBAG4QbAEBAHkQLgMBAMsQPwMBAPcQSQMBACkRUwMBAGwRaQEBAIQRbAEBALwRzwIBAG4QbAEBAGIQbAEBAMkRXQMBANIRLgMBAHUSbAEGAKASewMGAJMJaQEGAKgSwwEGBrICHwBWgK8SgwNWgLoSgwNWgMQSgwNWgM0SgwMEANUShwMEANsShwMBAFoTaQEBAN8KaQEBAMIKaQEBAH0TgwMBAMUTpQMEAMsTqQMEANETbAETABkZAAUTANMdAAUBAL0ZSgUBAGgaHwABAHMaHwAGALMaUwUGAL0aSgUGANUaVwUBAL0ZyQUBAGgaHwABAHMaHwAGALMaUwUGAJ0cyQUGAKUc0gUBAL0ZdgcBAGgaHwAGALMafwcGAG4fdgcGANUagwcBAL0ZagoBAGgaHwABAHMaHwAGALMacwoGAGskdwoGAHUkaQEGAIEkewoGAIskHwAGAJ0kaQEGAKckfwoGALIkagoGALskdwoGAMskgwoGANYkhwoBAL0ZSgUBAGgaHwABAHMaHwAGALMayQUGAL0aSgUGANUaHwwBAL0ZSgUBAGgaHwABAHMaHwAGALMayQUGAFAnSgUGAKUcHwwBAL0ZqQMBAGgaHwAGALMaSgwGAJ8nqQMBAL0ZaQEBAGgaHwABAHMaHwAGAEYUkQIGAIMokQIGALYVaQEGAI0oaQEGAEsUaQEGAJooaQEGAL4VHwAGAKgoHwAGAMQVbQwGALMobQwGAMgVbAEGALwobAEGAM0oHwAGAN0oHwAGAOwodQwGAPQoaQEGAAopvwEGABUpHwAAAAAAAADGBU0DVwABAAAAAAAAAMYNWANdAAIAAAAAAAAAxg1nA2YAAgAAAAAAAADGBXkDbwACAAAAAAAAAMYFhgN1AAMAAAAAAAAAxgXbA3sABAAAAAAAAADGBU0DVwAGANAgAAAAAJQASgTAAAcABCEAAAAAxgFXBMcACQCoIQAAAADEAWUEzAAKAMAkAAAAAOYJWANdAAsAeCYAAAAA5glnA2YACwCVJgAAAADmAXkDbwALANgmAAAAAOYBhgN1AAwAcCcAAAAAxgHbA3sADQDEKQAAAACEGG8E0gAPALgpAAAAAJEYmh2EBg8A7SkAAAAAhhhvBNIADwD4KQAAAADEAGUEzAAPADQqAAAAAMYA2wN7ABAA1CwAAAAAxgBNA1cAEgAAMgAAAACRGJodhAYTAAwyAAAAAIYYbwTeABMAfDIAAAAAhgihBOQAFACKMgAAAACGCKoE6gAVAMgzAAAAAOYBwgTuABUA5DMAAAAA4QHcBPcAFQD2MwAAAACGCBQFBgEVAP4zAAAAAIQIKgXHABUABzQAAAAAhghABQYBFgAPNAAAAACECE8FxwAWABg0AAAAAIYIXgUKARcAIDQAAAAAhAhsBQ4BFwApNAAAAACGCHoFCgEYADE0AAAAAIQIjgUOARgAOjQAAAAAhhhvBMcAGQBgNAAAAACGGG8EIAEaAIA0AAAAAIYAzAUgARsAPDUAAAAAhgjcBQYBHABYNQAAAACGCOQFxwAcAGQ1AAAAAIYI7AUGAR0AqDUAAAAAhgj7BccAHQAkNgAAAADGAR8GJgEeANw2AAAAAIUAJAYsAR8AOTcAAAAAhQAxBjIBIQBcNwAAAACGCKEEOAEiAHw3AAAAAIYIOQY+ASMAjDcAAAAAhgBCBkUBJQC4NwAAAACGAFQGSgEmAFQ4AAAAAMYBaAZQAScAYDgAAAAAlgB1BlUBKAC8OAAAAACWAH4GVQEpABk5AAAAAMYBlAZaASoAMDkAAAAAxgGUBscALAB9OQAAAADmAcIEYAEtAJQ5AAAAAOEB3AT3AC0AnDkAAAAAkRiaHYQGLQCqOQAAAACGGG8ExwAtAMw5AAAAAIYYbwQgAS4A6DkAAAAAlgCRB4oBLwAhOgAAAACEAKMH0gAxADY6AAAAAIYItAeSATEAPjoAAAAAhgjFB5cBMQBHOgAAAACGCNYHCgEyAE86AAAAAIQI5QcOATIAWDoAAAAAhgj0BwoBMwBgOgAAAACECAIIDgEzAGk6AAAAAIYIEAjqADQAeDoAAAAAhgAnCFcANADEOgAAAADGAGgGUAE1APA6AAAAAIYALgidATYAKDsAAAAAhgBACKMBOABIOwAAAACGAFMIqAE5ACw8AAAAAIYAYwioATsA5DwAAAAAgwCcCK4BPQBEPQAAAACGAKoIVwA9AFA/AAAAAIYAuAioAT4AcD8AAAAAhgC4CLMBQAD0QAAAAACGAMAIxwBCAH5CAAAAAOYBygjSAEMAh0IAAAAAhADKCA4BQwCUQgAAAADEANII0gBEAMRCAAAAAJEYmh2EBkQA0EIAAAAAhhhvBMcARADZQgAAAACGGG8E0gBFAOFCAAAAAIYIDAoKAUUA6UIAAAAAgwgeCg4BRQDyQgAAAACGCDAKBgFGAPpCAAAAAIMIQArHAEYAA0MAAAAAhghQCgYBRwALQwAAAACDCFgKxwBHABRDAAAAAIYIYAr0AUgAHEMAAAAAgwhtCvkBSAAlQwAAAACGCHoK6gBJAC1DAAAAAIYIigr/AUkAOEMAAAAAxgCaCgYBSgCKQwAAAACGGG8E0gBKAJJDAAAAAIYIWgsGAUoAmkMAAAAAhghjC8cASgCjQwAAAACGCGwLCQJLAKtDAAAAAIYIdgsRAksAtEMAAAAAhgiAC/QBTAC8QwAAAACFCI0L+QFMAMVDAAAAAIYYbwTSAE0AzUMAAAAAhhhvBLMBTQDoQwAAAACGGG8EGgJPAP5DAAAAAIYI9QsGAVEABkQAAAAAhggADMcAUQAPRAAAAACGCAsM6gBSABdEAAAAAIYIGAz/AVIAIEQAAAAAhggUBQYBUwAoRAAAAACGCCoFxwBTADFEAAAAAIYIJQwzAlQAOUQAAAAAhggvDDgCVABCRAAAAACGCDkM6gBVAEpEAAAAAIYIRgz/AVUAU0QAAAAAhghTDD4CVgBbRAAAAACGCGIMVwBWAGREAAAAAIYIfQxDAlcAbEQAAAAAhgiNDEgCVwB1RAAAAACGCJ0M6gBYAH1EAAAAAIYIqwz/AVgAhkQAAAAAhgjCDE4CWQCORAAAAACGCNsMUwJZAJdEAAAAAIYI9AwKAVoAn0QAAAAAhAgMDQ4BWgCoRAAAAACGGG8E0gBbAP9EAAAAAMQBjw1lAlsAAUUAAAAAxAGgDWUCXQAERQAAAADEAdYNbAJfAHtFAAAAAIYA8w3SAGAAmEUAAAAAxAEHDnMCYABMRgAAAACEADIOewJiAM5GAAAAAIYAPA6CAmMACE0AAAAAxgFHDogCZAAlTQAAAADmAcoI0gBkAC5NAAAAAJEYmh2EBmQAOk0AAAAAhhhvBLECZABYTQAAAACGGG8EuAJnAHZNAAAAAIYYbwS/AmoAlU0AAAAAkRiaHYQGbgCdTQAAAACGAOkPsQJuALJNAAAAAIYA6Q+4AnEAx00AAAAAhgDzD1oBdADcTQAAAACGAPMP0wJ2ABhOAAAAAIQABBDHAHkAZE4AAAAAhgDzD9wCegCYUAAAAACGGG8E0gB8AMFQAAAAAIYIUAoGAXwAyVAAAAAAgQhYCscAfADSUAAAAACGGG8EqAF9AAAAAAADAIYYbwTkAn8AAAAAAAMAxgEXEOoCgQAAAAAAAwDGATkQ8QKDAAAAAAADAMYBRRD+AocAAAAAAAMAhhhvBOQCiAAAAAAAAwDGARcQ6gKKAAAAAAADAMYBORDxAowAAAAAAAMAxgFFEP4CkAAAAAAAAwCGGG8E5AKRAAAAAAADAMYBFxAFA5MAAAAAAAMAxgE5EAwDlQAAAAAAAwDGAUUQ/gKZAOJQAAAAAIYIFAUGAZoA6lAAAAAAhAgqBccAmgDzUAAAAACGGG8ExwCbAAJRAAAAAIYIWgsGAZwAClEAAAAAhAhjC8cAnAATUQAAAACGCGwLGQOdABtRAAAAAIQIdgsdA50AJFEAAAAAhhhvBCwBngA6UQAAAACGCIIQBgGgAEJRAAAAAIQIjRDHAKAAS1EAAAAAhgiYEAoBoQBTUQAAAACGCKwQDgGhAFxRAAAAAIYYbwTHAKIAg1EAAAAAhhhvBDEDowCZUQAAAACGGG8EOAOkALxRAAAAAIYI1hBDA6UA9FEAAAAAhgjlEEMDpgAsUgAAAACGCAQRTQOnAGRSAAAAAIYIFRFNA6gAnFIAAAAAhgg6EVcDqQDUUgAAAACGCE8RVwOqAAxTAAAAAIYAZxEKAasAd1YAAAAAhgDKCA4BqwCkVgAAAADmAcoI0gCsALBWAAAAAMQA0gjSAKwA4FYAAAAAhgjeEQoBrADoVgAAAACGCO8RDgGsAPFWAAAAAIYYbwTHAK0AGVcAAAAAhhhvBCYBrgA4VwAAAACGAAASsQKvAJJXAAAAAMYBBxLHALIAqFcAAAAAxgEUEscAswD3VwAAAACGAB8S0gC0ABxYAAAAAIYANBJiA7QAbFgAAAAAhgA0EmoDtgDMWAAAAACGADQSqAG4AFpZAAAAAIQAPhKzAboAbFkAAAAAhAA+EscAvADyWQAAAACUAEoScQO9ABxaAAAAAJQAWRJ2A74AfFoAAAAAhgBmEtIAvwCYWgAAAACGAG8S0gC/ACNbAAAAAOYBygjSAL8AQFsAAAAAhhhvBNIAvwBIWwAAAACGCOASBgG/AFBbAAAAAIYI9hLHAL8AWVsAAAAAhghQCgYBwABhWwAAAACDCFgKxwDAAGpbAAAAAIYIMAoGAcEAclsAAAAAgwhACscAwQB7WwAAAACGCAwTjwPCAINbAAAAAIMIGhOUA8IAHF0AAAAAhggoE10AwwDMXgAAAACGCDUTXQDDAOleAAAAAIMAQROaA8MA914AAAAAgwBOE5oDxAAIXwAAAADGAJoKBgHFAGtfAAAAAIYYbwTSAMUAjF8AAAAAhhhvBK0DxQDrXwAAAACBANsT6gLGAAVgAAAAAIEA7hPqAsgADmAAAAAAgQD/EwUDygAnYAAAAACGABYUswPMAGhgAAAAAOYBygjSAMwAzGAAAAAAxADSCNIAzACUYQAAAADmAcIEuAPMALBhAAAAAOEB3AT3AMwAaGQAAAAAlgArFMEDzACsZAAAAACRADgU1QPSAIBmAAAAAIYYbwTSANgAKCMAAAAA4QFjGTgF2ABwIwAAAADhAdwE9wDYAHgjAAAAAOEBkBgKAdgALCQAAAAA4QnKGU4F2AA0JAAAAADhASIa0gDYADwkAAAAAOEBTRrSANgAfCQAAAAA4QmIGhkD2ACEJAAAAACGGG8E/wHYAKMkAAAAAIEA4BrSANkA4CQAAAAA4QHnG8AF2QAoJQAAAADhAdwE9wDZADAlAAAAAOEBkBgKAdkA5CUAAAAA4QlDHM0F2QDsJQAAAADhASIa0gDZAPQlAAAAAOEBTRrSANkANCYAAAAA4QmIGhkD2QA8JgAAAACGGG8E/wHZAFsmAAAAAIEAsBzSANoAmDIAAAAA4QGQGAoB2gBEMwAAAADhCSAfegfaAEwzAAAAAOEBIhrSANoAVDMAAAAA4QFNGtIA2gCUMwAAAADhCYgaGQPaAJwzAAAAAIYYbwT/AdoAqzMAAAAAgQDgGtIA2wDcRgAAAADhAZcjYQrbACRHAAAAAOEB3AT3ANsALEcAAAAA4QGQGAoB2wBkTAAAAADhCQIkbgrbAGxMAAAAAOEBIhrSANsAdEwAAAAA4QFNGtIA2wC0TAAAAADhCYgaGQPbALxMAAAAAIYYbwT/AdsA20wAAAAAgQDhJNIA3ACMWwAAAADhAWMZOAXcANRbAAAAAOEB3AT3ANwA3FsAAAAA4QGQGAoB3ACIXAAAAADhCcoZTgXcAJBcAAAAAOEBIhrSANwAmFwAAAAA4QFNGtIA3ADYXAAAAADhCYgaGQPcAOBcAAAAAIYYbwT/AdwA/1wAAAAAgQDgGtIA3QA8XQAAAADhAWMZOAXdAIRdAAAAAOEB3AT3AN0AjF0AAAAA4QGQGAoB3QA4XgAAAADhCcoZTgXdAEBeAAAAAOEBIhrSAN0ASF4AAAAA4QFNGtIA3QCIXgAAAADhCYgaGQPdAJBeAAAAAIYYbwT/Ad0Ar14AAAAAgQCwHNIA3gD4YAAAAADhAZAYCgHeAGxhAAAAAOEJWCezA94AdGEAAAAA4QEiGtIA3gB7YQAAAADhAU0a0gDeAH1hAAAAAOEJiBoZA94AhWEAAAAAhhhvBP8B3gC4YQAAAADhAf0nZQzfADxiAAAAAOEB3AT3AN8ARGIAAAAA4QGQGAoB3wD8YwAAAADhCUEoBgHfAARkAAAAAOEBIhrSAN8ADGQAAAAA4QFNGtIA3wA3ZAAAAADhCYgaGQPfAD9kAAAAAIYYbwT/Ad8AXmQAAAAAgQD8KNIA4AAAAAEARhQAAAEASxQAAAEAVBQAAAEAWxQAAAIASxQAAAEARhQAAAEAWxQAAAIASxQAAAEAXhQAAAEAYxQAAAEASxQAAAEAVBQAAAEAWxQAAAIASxQAAAEAYxQAAAEAWxQAAAIASxQAAAEARhQAAAEAbRQAAAEAdRQAAAEAexQAAAEAexQAAAEAexQAAAEAexQAAAEAgRQAAAEAWxQAAAEAWxQAAAEAexQAAAEAexQAAAEAkxQAAAEASxQAAAIAlhQAAAEAoBQAAAEApRQAAAEApRQAAAIAexQAAAEAqRQAAAEASxQAAAEASxQAAAEAshQAAAEAtRQAAAEAxRQAAAIAzBQAAAEAxRQAAAEAshQAAAEAWxQAAAEAshQAAAIA0xQAAAEAexQAAAEAexQAAAEAexQAAAEA9RQAAAEASxQAAAEAqRQAAAIAexQAAAEAqRQAAAEASxQAAAIAexQAAAEASxQAAAIAexQAAAEA9RQAAAEASxQAAAIAexQAAAEASxQAAAIA+hQAAAEASxQAAAEAARUAAAEADRUAAAEAexQAAAEAexQAAAEAexQAAAEAexQAAAEAexQAAAEAexQAAAEAexQAAAEAexQAAAEAFRUAAAIAexQAAAEAFRUAAAIAexQAAAEAexQAAAEAexQAAAEAexQAAAEAexQAAAEAexQAAAEAexQAAAEAexQAAAEAexQAAAEAexQAAAEAexQAAAEApRQAAAIAGhUAAAEApRQAAAIAGhUAAAEAHxUAAAEApRQAAAIAIxUAAAEAGhUAAAEAJxUAAAEALxUAAAIAMxUAAAMAOBUAAAEALxUAAAIAMxUAAAMAdRQAAAEALxUAAAIAMxUAAAMAOBUAAAQAdRQAAAEAPRUAAAIARhUAAAMAOBUAAAEAPRUAAAIARhUAAAMAdRQAAAEAXhQAAAIATBUAAAEAXhQAAAIATBUAAAMAVxUAAAEAYBUAAAEAZBUAAAIATBUAAAEAexQAAAEADRUAAAIAZxUAAAEAaxUAAAIAchUAAAEAeRUAAAIAgBUAAAEAeRUAAAIAgBUAAAMAghUAAAQAaxUAAAEAixUAAAEAaxUAAAIAchUAAAEAeRUAAAIAgBUAAAEAeRUAAAIAgBUAAAMAghUAAAQAaxUAAAEAixUAAAEAaxUAAAIAchUAAAEAeRUAAAIAgBUAAAEAeRUAAAIAgBUAAAMAghUAAAQAaxUAAAEAixUAAAEAexQAAAEAshQAAAEAexQAAAEAexQAAAEASxQAAAIAlhQAAAEAexQAAAEAexQAAAEAXhQAAAEAZBUAAAEAkhUAAAEAexQAAAEAexQAAAEAexQAAAEAexQAAAEAexQAAAEAexQAAAEAARUAAAEAexQAAAEAXhQAAAEAkxQAAAEAshQAAAIAxRQAAAMAlRUAAAEAoRUAAAEAshQAAAEASxQAAAIAexQAAAEASxQAAAIAexQAAAEASxQAAAIAexQAAAEAqRUAAAIA+hQAAAEAexQAAAEArRUAAAEAexQAAAEAexQAAAEAexQAAAEAexQAAAEAexQAAAEArxUAAAEArxUAAAEAsRUAAAEAeRUAAAIAgBUAAAEAeRUAAAIAgBUAAAEAeRUAAAIAgBUAAAEARhQAAAIAthUAAAMASxQAAAQAvhUAAAUAxBUAAAYAyBUAAAEARhQAAAIAthUAAAMASxQAAAQAvhUAAAUAxBUAAAYAyBUAAAEAaBoAAAEAaBoAAAEAaBoAAAEAaBoAAAEAaBoAAAEAaBoAAAEAaBoAAAEAaBoEAAwABgAGAAYAEQAHAAoABwARAAgAFQAPABUAGAAVABkAFQAeABUAHgAOAB4AEQAhACYAIQARACEAKgAhAEkAIQAVACIAOgAiABEAIgA+ACIASQAiABUAIwBmACMASQAjABUAJABaACQAEQAkAF4AJABJACQAFQAlACYAJQARACUAKgAlAEkAJQAVACYAJgAmABEAJgAqACYASQAmABUAJwCuACcASQAnABUAKACyACgAEQAoALYAKABJACgAFQAhAMIE9wBBAW8E0gBJAW8ExwBRAW8ExwBZAW8ExwBhAW8ExwBpAW8ExwBxAW8ExwB5AW8ExwCBAW8ExwCJAW8EDgGRAW8ExwCZAW8ExwChAW8ExwCpAW8E5gO5AW8E/wHBAW8E0gBhAFgDjwTJAeUXUAHJAaEElQThAR8YnATRATEYpQTxAW8EsAQJAW8ExwDxAW0YtwQpAMoI0gAsAMIExQQ0AIQY1wQ8ADkG5AQ0AJAYCgHZAZkYdgMBAm8EqAEJAm8E0gBEAG8E/wFEAC0Z5AREADEZDwU8AD0ZGAU8AKEEHgVpAEkZqAFMAMIEQQWRAJAYCgFUAIQY1wSRAEca0gCRAIQYGQMhAm8E0gApAogbZgUpApob6gBcAK4begVkAMIEjwVsAIQYpAVsAJAYCgExAm8E0gARAG8E0gB0AMIEQQV8AIQY1wSEAK4begWMAMIEjwWUAIQYpAWUAJAYCgHZARQdBgFcAD0ZGAVcAKEEHgWEAD0ZGAWEAKEEHgXZARwdAQbZASgdFAY5Am8ExwCcAG8E0gDZAUQdIAYxAYAdJgacAC0ZNQZRAosddgNZAosdOwZhAosdQAacAJEdSAasAG8EWAZpAqwdiAZcAG8E0gCEAG8E0gA8AG8E0gDZAcIdBgExAecdkQYxAPcdBgFpAEkZmAZxAm8EnwZ5Am8EpQaBAm8EpQbxAG8E0AaJAqAe2gbhAKwe4waBAKEE6Aa0AMIEQQW8AIQY1wTZAbgeUAGhAsceOwZcAC0Z5ARhABQFBgHZASgd/AZpAM8eAgeEAC0Z5ASpAm8ExwDEAG8E0gCxAsIE9wDEAC0ZNQbEAKEEaQfEAKoE6gDMAIQY1wTEAMIExQTUAIQY1wTUAJAYCgG5Am8ExwDBAm8ExwDJAvUf8gfcAG8EAAjcACgg0gDJATogCwjcAC0Z5ATZAU0g6gDZAVggGQjZAWIgBgHZAbgeHgjZASgdJgjpAm8ExwChAJIgLAHcAKogLQjkAMIEQgjsAIQY1wTcAKEEHgWcAMIExQT0AIQY1wShAJIgmAb0AJAYCgHsAJAYCgEBA28ExwDcADEZDwXcADkG5AScAKoE6gCcAMkggAgBAdEghgihApoKjAjZAdsgmgjZASgdnwjZAeogrQjcAK4begX8AMIEjwWZAG8E0QgRA28ExwAZA28E0gAMAW8E0gAMAaoE6gDZARsh9QghA28ExwAMAT0ZGAWcAOUXGAUMAaEEHgWpAEwhBgnZARshDAlpAFohEwnRAeUXGwlpAFohqAHRAV8hHQPRAS0ZRQGpAG8E0gDRAWMLxwCpAGYhIAkMATkG5ASxAG8E0gAMAa4begUUAcIEjwUcAYQYpAWxAC0ZSgkcAZAYCgExA28E0gAxAyoFxwAxA4QhxwAxA5AhBgExA5whDgExA60hxwAxA8whBgE5A28EXwlBA8IE9wA5A1gDaAnRAVoLBgHRAW8EswFJAy0ZbglRA28EdQlRAzAirgEMASgg0gBpAFohmAZpAEIiqAHRAS0ZmgnRAS0ZoAkRAEwipwnhAVQiBgFpAEIimAZBA6oE6gBBAygg0gAMAV8hGAVpAEkZxwBhA2QivwkRANII0gAxAG8ExwDZASgdxAmcAG8ESAbJAG8EDgEkAW8E0gDBAHUi8AnpAIEi9gmRApki/AlpAFohAgqRAqgiBgFpAEcJmAZxA8kiCgFRAOUiCAoRAQEjGAqBAxUjHgppAEIiAgpRAPMN/gJRAB0jJgqRAiwjPgqJA1MjRAr5AG8E0gD5AF4jnwb5ABgM/wHZAGkjDgEsAS0ZNQbxAG8E0gDxACoFxwDxAAAMHQPxAFQlSALBAF4llgrxAG8lUwLxAKsM/wHZAX0laQHZAYMlmgrxAFgDoQqZA5EdOAL5AG8E/wFpALglmAaZAiwjpwqhAy0ZrQo0AcIEQQU8AYQY1wQRAJoKBgGxAqoE6gCpA+cl6gBpAFohxwCpA/UlBgFpAEcJEwmxA28E3wpEAS0ZNQYBAS0m7QoJAW8E9ArZAeUXUAGhAAQQxwBEAaEEaQdEAaoE6gChAJIgxwBEAW8E0gDBA0EmDgtJAG8E0gApAW8EEwsBAV0mHgsJAW8EJAvhA3cmLgvpA4smOgvhA18hLgshAZsmBgHZAaQmUAHZAaQmHgjZAa8mcQvZAbcmcQshAcEm6gABAcYmHguhAs8mdwvZAVggfQtZA28ExwAhAcoI0gDxA28E0wIxAe0mnAsxAfUmpgsxAZoKowGhAgUntAsBARQnwQvZARsh0AsxAR0n3AuhAJIgEwmhAMoI0gBMAcIExQRUAYQY1wRUAZAYCgFMAS0ZNQZMAW8E0gBcAYQY1wRkAcIEQQVsAYQY1wR0AV4pCgF0AWwL1wSZAy0ZRQH5A28EjAzZAYwpUAHZAeogkwwIAAgAJgAIAAwAKwAIABAAMAAIABQANQAIABgAOgAIABwAPwAIACAARAAIACQASQAIAHAAJgAIAHQAKwAIAIwAJgAIAJAAKwAIAJQAMAAIAJgAxwEIAJwANQAIAKAAzAEIAKQA0QEIAKgA1gEIAKwAOgAIALAA2wEIALQA4AEIALgA5QEIALwA6gEIAMAA7wEIAJgBJgAIAJwBKwAIAKABMAAIAKQBxwEuAHsANQ0uAIsARw0uABsAsgwuAHMAKA0uAIMAPg0uADsAsgwuAGMA/gwuACsAxAwuADMAygwuACMAxAwuAEMA2wwuAEsAxAwuAFsAxAzDACsDTwfjACsDTwfjAHsDnwfpAJsE1wgJAaMEKwApAaMEKwBJAaMEKwBpAZsE3wiJAaMEKwABAoMD4wdBAgsBKwBhAgsBKwCBAgsBKwChAgsBKwDpApsEygkJA4MD1AkhAwsBKwApA5sE3wlBAwsBKwBDA3sD7AuAAwsBKwCgAwsBKwDAAwsBKwDgAwsBKwAABAsBKwADBAsBKwAgBAsBKwAjBAsBKwBABAsBKwBDBAsBKwBgBAsBKwBjBAsBKwCDBAsBKwCjBAsBKwDDBAsBKwDjBAsBKwADBQsBKwAEBhMAKwAhBgsBKwBBBgsBKwBhBgsBKwCBBgsBKwChBgsBKwDBBgsBKwDhBgsBKwABBwsBKwChBwsBKwDBBwsBKwDhBwsBKwAACAsBKwABCAsBKwAgCAsBKwAhCAsBKwBACAsBKwBBCAsBKwBgCAsBKwBhCAsBKwCBCAsBKwChCAsBKwDBCAsBKwDhCQsBKwABCgsBKwAhCgsBKwBBCgsBKwDACgsBKwDgCgsBKwAACwsBKwAgCwsBKwBACwsBKwBBCwsBKwBgCwsBKwBhCwsBKwCACwsBKwCgCwsBKwDACwsBKwDgCwsBKwAhDAsBKwBADAsBKwBBDIMDAQxgDAsBKwBhDJsECgyADAsBKwCBDJsEEwygDAsBKwDADAsBKwDgDAsBKwBgDQsBKwCADQsBKwCBDQsBKwCgDQsBKwChDQsBKwDADQsBKwDBDQsBKwDgDQsBKwDhDQsBKwAADgsBKwAgDgsBKwBADgsBKwBgDgsBKwCADgsBKwCgDgsBKwDADgsBKwDgDgsBKwAADwsBKwAgDwsBKwBADwsBKwBgDwsBKwCADwsBKwCgDwsBKwDADwsBKwCgEgsBKwDAEgsBKwCAFAsBKwCgFAsBKwDgFAsBKwAAFQsBKwAgFQsBKwBAFQsBKwCAFQsBKwCgFQsBKwDAFQsBKwDgFQsBKwBkFxMAKwCgFwsBKwDAFwsBKwAAGgsBKwAgGgsBKwBAGgsBKwBgGgsBKwCAGgsBKwCgGgsBKwDAGgsBKwDgGgsBKwBAHWsBKwBgHWsBKwCgHWsBKwDAHWsBKwAAHmsBKwAgHmsBKwBgHmsBKwCAHmsBKwDAHmsBKwDgHmsBKwAgH2sBKwBAH2sBKwCgH2sBKwDAH2sBKwAAIGsBKwAgIGsBKwBgIGsBKwCAIGsBKwDAIGsBKwDgIGsBKwAgIWsBKwBAIWsBKwCAIWsBKwCgIWsBKwDgIWsBKwAAImsBKwBAImsBKwBgImsBKwCgImsBKwDAImsBKwAAI2sBKwAgI2sBKwBgI2sBKwCAI2sBKwDgI2sBKwAAJGsBKwBAJGsBKwBgJGsBKwCAJGsBKwCgJGsBKwDgJGsBKwAAJWsBKwBAJWsBKwBgJWsBKwDsBCUFbAWpBa4F4QUHBmIGjQasBgkHYAeZBxEIXghxCHsIkQilCLIIugjwCPsIAQknCS0JUAl9CZUJrQm2CS8KSQqQCsEK1gr8CgILTAtaC2gLgwuiC6wLugvHC9cL5gsoDD0MUwx5DIYMmQwYAAEAAADLEEwAAAD3EFAAAAApEVQAAwABAAQAAwAGAAUABwAHAAgADgANABIADgAXAA8AGgASACQAFgAlABcAJgAYACgAGQAqAB0AKwAhADEAIgAzACMANQAkADcAJQA5ACYAOwAnAD0AKAA/AAAA8wOGAAAA/gOPAAAA8wOGAAAA/gOPAAAACQX8AAAADgUCAQAAGQdvAQAAKwdvAQAANgdzAQAAQAdzAQAAUAdvAQAAVAdvAQAACQV3AQAAEgm6AQAAHwlzAQAAKglzAQAANAkCAQAAKwtzAQAAOQtvAQAAkwlvAQAARQsEAgAATgsCAQAA4QtvAQAA5gsrAgAA7AsEAgAAVA9vAQAAWw8CAQAAGQdvAQAAogWdAgAAZA8CAQAAbQ+iAgAAcQynAgAAeA8CAQAAgg+sAgAAlw9zAQAAkwlvAQAAGQdvAQAA4QtvAQAA5gslAwAApRFvAQAArBFzAQAAkxJzAQAAmBNvAQAAkwlvAQAAOQtvAQAAqhOgAwAAtBOGAAAAvROGAAAA7hphBQAAQhslAwAAvhzcBQAAQhslAwAAdx+MBwAAQhslAwAA7ySLCgAAQhslAwAA7hphBQAAQhslAwAA7hphBQAAQhslAwAApydODAAAQhslAwAAIClvAQAAQhslAwgAswACABAAtAACAAIAAgADAAgAtQAEABAAtgAEAAIAAwAFAAgAtwAGABAAuAAGAAIACwAHAAIADAAJAAIAGAALAAIAGQANAAEAHQAPAAIAHAAPAAIAHgARAAEAHwARAAIAIAATAAEAIQATAAEAIwAVAAIAIgAVAAIAJwAXAAEAKAAXAAEAKgAZAAIAKQAZAAIALgAbAAEALwAbAAEAPwAdAAIAPgAdAAIAQAAfAAEAQQAfAAIAQgAhAAEAQwAhAAIARAAjAAEAVwAlAAIAVgAlAAIAWAAnAAEAWQAnAAEAWwApAAIAWgApAAIAXAArAAEAXQArAAEAXwAtAAIAXgAtAAIAYgAvAAEAYwAvAAEAZQAxAAIAZAAxAAEAZwAzAAIAZgAzAAEAbAA1AAIAawA1AAIAbQA3AAEAbgA3AAIAbwA5AAEAcAA5AAEAcgA7AAIAcQA7AAIAcwA9AAEAdAA9AAEAdgA/AAIAdQA/AAEAeABBAAIAdwBBAAIAeQBDAAEAegBDAAEAfABFAAIAewBFAAIAfQBHAAEAfgBHAAEAlgBJAAIAlQBJAAEApQBLAAIApABLAAEAqABNAAIApwBNAAIAqQBPAAEAqgBPAAIArABRAAEArQBRAAEArwBTAAIArgBTAAIAvQBVAAEAvgBVAAEA0QBXAAIA0ABXAAEA0wBZAAIA0gBZAAIA1ABbAAEA1QBbAAIA1gBdAAEA1wBdAAIA2ABfAAIA2QBhAAIA7QBjAAIA8ABlAAIA9gBnAAIA+QBpAAIA/QBrAAIAAAFtAAIABgFvAAIACQFxAAIADwFzAAIAEgF1AAIAGAF3AAIAGwF5AAIAHwF7AAIAIgF9AAIAJwF/AAIAKgGBAAYANgADAAcAcAADAB4AzAEDACEA1gEDACEA1AFRACEA2AFTACEA2gFVACEA3AFXACEA3gE1ACEA4AFZACIA5gFtACIA6AEDACIA6gFTACIA7AFvACIA7gFXACIA8AE1ACIA8gFZACMA+AFTACMA+gHXACMA/AFXACMA/gE1ACMAAAJZACQAEAI1ACQACAIDACQACgJTACQADAK7ACQADgJXACQABgK5ACQAEgJZACUAGAJRACUAGgIDACUAHAJTACUAHgJVACUAIAJXACUAIgI1ACUAJAJZACYALgJTACYALAIDACYAKgJRACYAMAJVACYAMgJXACYANAI1ACYANgJZACcAQAJXACcAPgJNAicAPAJTACcAQgI1ACcARAJZACgASgIDACgASAJPAigATAJTACgATgJRAigAUAJXACgAUgI1ACgAVAJZAAoAEQAYAK0EvgTPBNwECAUqBTEFcgWGBZsFsgW5BecF7wX4BRoGRQZSBu4G9QZZB28HkQf4BzkITghXCL8IyAjoCDgJQQnpCVkKswq6CuYKLgw1DEMMWQxfDH8MBIAAAAEAAAABAAAAAQAAAO0DfgAAAAIAAAAAAAAAAAAAAAEAEgIAAAAAAgAAAAAAAAAAAAAATgAbAwAAAAABAAAAAAD5AQAAAACYAAwEAAAAAAIAAAAAAAAAAAAAAAEAOxgAAAAAAgAAAAAAAAAAAAAAAQAbAgAAAAAJAAgAIQAEACIABAAjAAYAJAAPACUAHQAmAB0AJwAeACgAHwAVAkcLFQJVCxUCYwsAAAAAADxNb2R1bGU+AFpldGV0aWMuTGRhcC5kbGwAQWRzU2VhcmNoRmxhZ3MAWmV0ZXRpYy5MZGFwLlNjaGVtYQBJU2NoZW1hSW5mbwBTY2hlbWFJbmZvQmFzZQBBZHNTY2hlbWFJbmZvAE11dGFibGVFbnRyeUNvbGxlY3Rpb24AWmV0ZXRpYy5MZGFwAEVudHJ5AE11dGFibGVFbnRyeQBDb25mbGljdE1vZGVzAEluY29tcGF0aWJsZU11dGF0aW9uRXhjZXB0aW9uAFJhbmdlUmVzdWx0AEF0dHJMYW5nVHlwZQBBdHRyaWJ1dGVTY2hlbWEAQXR0cgBQYWdpbmdIZWxwZXIAUGl2b3RDb2x1bW4ATGRpZkNzdlBpdm90AFVua25vd25TeW50YXhPaWRFeGNlcHRpb24ARW5kRW50cnlFdmVudEhhbmRsZXIAQmVnaW5FbnRyeUV2ZW50SGFuZGxlcgBBdHRyaWJ1dGVFdmVudEhhbmRsZXIARG5FdmVudEFyZ3MAQXR0cmlidXRlRXZlbnRBcmdzAExkaWZSZWFkZXIATGRpZldyaXRlcgBTY2hlbWFFeHRlbnNpb24AU2NoZW1hRXh0ZW5zaW9uRW50cnkAT2JqZWN0Q2xhc3NUeXBlAE9iamVjdENsYXNzU2NoZW1hAExkaWZFbnRyeVJlYWRlcgBSYW5nZUhlbHBlcgBtc2NvcmxpYgBTeXN0ZW0ARW51bQBPYmplY3QAU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMASUVudW1lcmFibGVgMQBTeXN0ZW0uQ29sbGVjdGlvbnMASUVudW1lcmFibGUASURpc3Bvc2FibGUARXhjZXB0aW9uAFZhbHVlVHlwZQBNdWx0aWNhc3REZWxlZ2F0ZQBFdmVudEFyZ3MAdmFsdWVfXwBOb25lAEluZGV4AENvbnRhaW5lcml6ZWQAQW1iaWd1b3VzTmFtZVJlc29sdXRpb24AVG9tYnN0b25lUHJlc2VydmUAQ29weVByZXNlcnZlAFR1cGxlAFZsdlN1YnRyZWUAU3lzdGVtLkRpcmVjdG9yeVNlcnZpY2VzLlByb3RvY29scwBMZGFwQ29ubmVjdGlvbgBJbml0aWFsaXplAGdldF9BdHRyaWJ1dGVzAGdldF9PYmplY3RDbGFzc2VzAEdldEF0dHJpYnV0ZQBHZXRPYmplY3RDbGFzcwBTeXN0ZW0uQ29sbGVjdGlvbnMuT2JqZWN0TW9kZWwAUmVhZE9ubHlDb2xsZWN0aW9uYDEAU2VhcmNoUmVzdWx0RW50cnkAR2V0VmFsdWVzQXNMYW5ndWFnZVR5cGUAQXR0cmlidXRlcwBPYmplY3RDbGFzc2VzAE5Mb2cATG9nZ2VyAGxvZ2dlcgBEaWN0aW9uYXJ5YDIAX2F0dHJzAF9vY3MAX3NjaGVtYUV4dGVuc2lvbnMAU3RyaW5nT3JOdWxsAExvYWRFeHRlbnNpb24ASW5mZXJUeXBlAC5jdG9yAExpc3RgMQBfcmVzdWx0cwBTZWFyY2hSZXN1bHRFbnRyeUNvbGxlY3Rpb24AZ2V0X0l0ZW0AZ2V0X0NvdW50AElFbnVtZXJhdG9yYDEAR2V0RW51bWVyYXRvcgBJRW51bWVyYXRvcgBTeXN0ZW0uQ29sbGVjdGlvbnMuSUVudW1lcmFibGUuR2V0RW51bWVyYXRvcgBJdGVtAENvdW50AGdldF9EaXN0aW5ndWlzaGVkTmFtZQBzZXRfRGlzdGluZ3Vpc2hlZE5hbWUAZ2V0X09yaWdpbmFsRG4Ac2V0X09yaWdpbmFsRG4AZ2V0X0lzRG5EaXJ0eQBzZXRfSXNEbkRpcnR5AGdldF9Jc1N1cGVyaW9yRGlydHkAc2V0X0lzU3VwZXJpb3JEaXJ0eQBBdHRycwBTeXN0ZW0uVGV4dABVVEY4RW5jb2RpbmcAVXRmOEhlbHBlcgBSZWxvYWRGcm9tRW50cnkAZ2V0X1JETgBzZXRfUkROAGdldF9TdXBlcmlvckRuAHNldF9TdXBlcmlvckRuAFN5c3RlbS5JTwBUZXh0V3JpdGVyAER1bXAAQWRkQXR0clZhbHVlAEFkZEF0dHIAc2V0X0l0ZW0AR2V0QXR0clZhbHVlQ291bnQAR2V0QXR0clN0cmluZ1ZhbHVlcwBIYXNBdHRyaWJ1dGUAUGFyc2VSZG4ARXNjYXBlTmFtaW5nQ29tcG9uZW50AE1vZGlmeVJkbgA8RGlzdGluZ3Vpc2hlZE5hbWU+a19fQmFja2luZ0ZpZWxkADxPcmlnaW5hbERuPmtfX0JhY2tpbmdGaWVsZAA8SXNEbkRpcnR5PmtfX0JhY2tpbmdGaWVsZAA8SXNTdXBlcmlvckRpcnR5PmtfX0JhY2tpbmdGaWVsZABEaXN0aW5ndWlzaGVkTmFtZQBPcmlnaW5hbERuAElzRG5EaXJ0eQBJc1N1cGVyaW9yRGlydHkAUkROAFN1cGVyaW9yRG4ARGlyZWN0b3J5QXR0cmlidXRlTW9kaWZpY2F0aW9uAF9jaGFuZ2VzAF9jb25mbGljdABDcmVhdGVVbmNvbW1pdHRlZABDaGVja0ZvckRlbGV0aW9uAGdldF9Db25mbGljdE1vZGUAc2V0X0NvbmZsaWN0TW9kZQBnZXRfSXNOZXdFbnRyeQBzZXRfSXNOZXdFbnRyeQBnZXRfSXNEZWxldGVkAHNldF9Jc0RlbGV0ZWQAZ2V0X1BlbmRpbmdDaGFuZ2VDb3VudABEZWxldGUAQ29udGFpbnNBdHRyVmFsdWUAR2V0QXR0clN0cmluZ1ZhbHVlAEFwcGVuZEF0dHJWYWx1ZQBSZW1vdmVBdHRyVmFsdWUARGlyZWN0b3J5QXR0cmlidXRlTW9kaWZpY2F0aW9uQ29sbGVjdGlvbgBDaGFuZ2VzQXNEQU1DAENvbW1pdENoYW5nZXMAU2V0QXR0cgBDbGVhckF0dHIARGlzcG9zZQBGaW5hbGl6ZQA8SXNOZXdFbnRyeT5rX19CYWNraW5nRmllbGQAPElzRGVsZXRlZD5rX19CYWNraW5nRmllbGQAQ29uZmxpY3RNb2RlAElzTmV3RW50cnkASXNEZWxldGVkAFBlbmRpbmdDaGFuZ2VDb3VudABFcnJvcgBBY2NlcHQAU3RhcnQARW5kAElzRmluYWwAVmFsdWVzAERpcmVjdG9yeVN0cmluZwBDYXNlSW5zZW5zaXRpdmVTdHJpbmcAT0lEAE50U2VjdXJpdHlEZXNjcmlwdG9yAE50U0lEAEJvb2xlYW4ARE4ARE5CaW5hcnkAR2VuZXJhbGl6ZWRUaW1lAFByaW50YWJsZVN0cmluZwBOdW1lcmljU3RyaW5nAE9jdGV0U3RyaW5nAEludDMyAEludDY0AGdldF9Jc011bHRpVmFsdWVkAHNldF9Jc011bHRpVmFsdWVkAGdldF9EaXNwbGF5TmFtZQBzZXRfRGlzcGxheU5hbWUAZ2V0X09JRABzZXRfT0lEAGdldF9MYW5nVHlwZQBzZXRfTGFuZ1R5cGUAZ2V0X1NlYXJjaEZsYWdzAHNldF9TZWFyY2hGbGFncwBUb1N0cmluZwA8SXNNdWx0aVZhbHVlZD5rX19CYWNraW5nRmllbGQAPERpc3BsYXlOYW1lPmtfX0JhY2tpbmdGaWVsZAA8T0lEPmtfX0JhY2tpbmdGaWVsZAA8TGFuZ1R5cGU+a19fQmFja2luZ0ZpZWxkADxTZWFyY2hGbGFncz5rX19CYWNraW5nRmllbGQASXNNdWx0aVZhbHVlZABEaXNwbGF5TmFtZQBMYW5nVHlwZQBTZWFyY2hGbGFncwBnZXRfTmFtZQBzZXRfTmFtZQBnZXRfVmFsdWUAc2V0X1ZhbHVlAGdldF9BdHRyVHlwZQBzZXRfQXR0clR5cGUAPE5hbWU+a19fQmFja2luZ0ZpZWxkADxWYWx1ZT5rX19CYWNraW5nRmllbGQAPEF0dHJUeXBlPmtfX0JhY2tpbmdGaWVsZABOYW1lAFZhbHVlAEF0dHJUeXBlAGdldF9GaWx0ZXIAc2V0X0ZpbHRlcgBnZXRfUGFnZVNpemUAc2V0X1BhZ2VTaXplAGdldF9BdHRycwBzZXRfQXR0cnMAZ2V0X01heFBhZ2VzAHNldF9NYXhQYWdlcwBnZXRfQ29ubmVjdGlvbgBzZXRfQ29ubmVjdGlvbgBTZWFyY2hTY29wZQBnZXRfU2VhcmNoU2NvcGUAc2V0X1NlYXJjaFNjb3BlAGdldF9TaXplTGltaXQAc2V0X1NpemVMaW1pdABUaW1lU3BhbgBnZXRfTWF4U2VhcmNoVGltZVBlclBhZ2UAc2V0X01heFNlYXJjaFRpbWVQZXJQYWdlAGdldF9Jc1NpemVMaW1pdEV4Y2VlZGVkAHNldF9Jc1NpemVMaW1pdEV4Y2VlZGVkAF9hYm9ydABTeXN0ZW0uVGhyZWFkaW5nAE1hbnVhbFJlc2V0RXZlbnQAX2Fib3J0SGFuZGxlAElMaXN0YDEARGlyZWN0b3J5Q29udHJvbABVc2VyQ29udHJvbHMAU2VhcmNoUmVzcG9uc2UAT25TZWFyY2hSZXNwb25zZQBPblRydW5jYXRlZFNlYXJjaFJlc3BvbnNlAERpcmVjdG9yeU9wZXJhdGlvbkV4Y2VwdGlvbgBFeHRyYWN0UmVzcG9uc2VGcm9tRXhjZXB0aW9uAEFib3J0AFNlYXJjaFJlcXVlc3QAR2V0U2VhcmNoUmVzcG9uc2UAUGFnZVJlc3VsdFJlcXVlc3RDb250cm9sAFVwZGF0ZVByYwBBZGRDb250cm9sAEdldFJlc3VsdHMAPEZpbHRlcj5rX19CYWNraW5nRmllbGQAPFBhZ2VTaXplPmtfX0JhY2tpbmdGaWVsZAA8QXR0cnM+a19fQmFja2luZ0ZpZWxkADxNYXhQYWdlcz5rX19CYWNraW5nRmllbGQAPENvbm5lY3Rpb24+a19fQmFja2luZ0ZpZWxkADxTZWFyY2hTY29wZT5rX19CYWNraW5nRmllbGQAPFNpemVMaW1pdD5rX19CYWNraW5nRmllbGQAPE1heFNlYXJjaFRpbWVQZXJQYWdlPmtfX0JhY2tpbmdGaWVsZAA8SXNTaXplTGltaXRFeGNlZWRlZD5rX19CYWNraW5nRmllbGQARmlsdGVyAFBhZ2VTaXplAE1heFBhZ2VzAENvbm5lY3Rpb24AU2l6ZUxpbWl0AE1heFNlYXJjaFRpbWVQZXJQYWdlAElzU2l6ZUxpbWl0RXhjZWVkZWQAU291cmNlAERlc3RpbmF0aW9uAEpvaW5lcgBMQVNUX0lOREVYAENvbHVtbnMAU2VwYXJhdG9yAE91dHB1dABBZGRDb2x1bW4AUHJvY2VzcwBFbmNvZGluZwBXcml0ZQBTdHJlYW1SZWFkZXIASW52b2tlAElBc3luY1Jlc3VsdABBc3luY0NhbGxiYWNrAEJlZ2luSW52b2tlAEVuZEludm9rZQBUZXh0UmVhZGVyAF9zb3VyY2UAX293bnNTdHJlYW0AX29wZW5FbnRyeQBfbGluZU51bQBnZXRfTGFzdERuAHNldF9MYXN0RG4AZ2V0X1RyaW1Gb2xkZWRMaW5lcwBzZXRfVHJpbUZvbGRlZExpbmVzAEZpbGVTdHJlYW0AT25FbmRFbnRyeQBhZGRfT25FbmRFbnRyeQByZW1vdmVfT25FbmRFbnRyeQBPbkJlZ2luRW50cnkAYWRkX09uQmVnaW5FbnRyeQByZW1vdmVfT25CZWdpbkVudHJ5AE9uQXR0cmlidXRlVmFsdWUAYWRkX09uQXR0cmlidXRlVmFsdWUAcmVtb3ZlX09uQXR0cmlidXRlVmFsdWUAUmVhZAA8TGFzdERuPmtfX0JhY2tpbmdGaWVsZAA8VHJpbUZvbGRlZExpbmVzPmtfX0JhY2tpbmdGaWVsZABMYXN0RG4AVHJpbUZvbGRlZExpbmVzAF9zdwBEYXRlVGltZQBfc3RhcnRlZABfZW50cnlDb3VudABnZXRfV3JpdGVTdW1tYXJ5AHNldF9Xcml0ZVN1bW1hcnkATW9kUmRuAFdyaXRlQ29tbWVudABCZWdpbkVudHJ5AFdyaXRlQ2hhbmdlU2VwYXJhdG9yAFdyaXRlQXR0cgBXcml0ZUZvbGRlZABJc1NhZmVJbml0Q2hhcgBJc1NhZmVTdHJpbmcARW5kRW50cnkAQ2xvc2UAPFdyaXRlU3VtbWFyeT5rX19CYWNraW5nRmllbGQAV3JpdGVTdW1tYXJ5AEVudHJpZXMAU3ludGF4AFN0cnVjdHVyYWwAQXV4aWxpYXJ5AEFic3RyYWN0AFVua25vd24AX211c3QAX21heQBnZXRfU3VwZXJpb3JDbGFzc05hbWUAc2V0X1N1cGVyaW9yQ2xhc3NOYW1lAGdldF9DbGFzc1R5cGUAc2V0X0NsYXNzVHlwZQBnZXRfTXVzdEhhdmUAZ2V0X01heUhhdmUAQWRkTWFuZGF0b3J5AEFkZE9wdGlvbmFsADxTdXBlcmlvckNsYXNzTmFtZT5rX19CYWNraW5nRmllbGQAPENsYXNzVHlwZT5rX19CYWNraW5nRmllbGQAU3VwZXJpb3JDbGFzc05hbWUAQ2xhc3NUeXBlAE11c3RIYXZlAE1heUhhdmUAX2xkaWYAX3dvcmsAX2NvbXBsZXRlAF9sZGlmX09uQmVnaW5FbnRyeQBfbGRpZl9PbkVuZEVudHJ5AF9sZGlmX09uQXR0cmlidXRlVmFsdWUAUmVhZEVudHJ5AE51bGxhYmxlYDEAU3RyaW5nVmFsdWVzAEdldFJhbmdlQmxvY2sAY29ubgBhdHRyTmFtZQBvY05hbWUAc2UAcGF0aABzeW50YXhPaWQAcmVzdWx0cwBpbmRleAB2YWx1ZQBkaXN0aW5ndWlzaGVkTmFtZQB0dwBhdHRyVmFsdWUAYXR0cgBrZXkAcHJvcE5hbWUAZG4AbmFtaW5nQ29tcG9uZW50AG5ld1JkbgBlc2NhcGUAb2JqZWN0Q2xhc3NlcwBQYXJhbUFycmF5QXR0cmlidXRlAGxkYXAAdmFsdWVzAGlzRGlzcG9zaW5nAG1lc3NhZ2UAbmFtZQByZXNwAGRvZQByZXEAY29udHJvbABzcmMAZGVzdABqb2luAGxkYXBOYW1lAHRpdGxlAGVtaXRIZWFkZXIAZW5jb2RpbmcAdmFsAHNyAG9pZABvYmplY3QAbWV0aG9kAHNlbmRlcgBlAGNhbGxiYWNrAHJlc3VsdABmcwBuZXdTdXBlcmlvcgBjb21tZW50AGZtdABjAGEAbGRpZgBlbnRyeURuAHN0YXJ0AGVuZABleHRlbmRlZERucwBTeXN0ZW0uUmVmbGVjdGlvbgBBc3NlbWJseVRpdGxlQXR0cmlidXRlAEFzc2VtYmx5RGVzY3JpcHRpb25BdHRyaWJ1dGUAQXNzZW1ibHlDb25maWd1cmF0aW9uQXR0cmlidXRlAEFzc2VtYmx5Q29tcGFueUF0dHJpYnV0ZQBBc3NlbWJseVByb2R1Y3RBdHRyaWJ1dGUAQXNzZW1ibHlDb3B5cmlnaHRBdHRyaWJ1dGUAQXNzZW1ibHlUcmFkZW1hcmtBdHRyaWJ1dGUAQXNzZW1ibHlDdWx0dXJlQXR0cmlidXRlAFN5c3RlbS5SdW50aW1lLkludGVyb3BTZXJ2aWNlcwBDb21WaXNpYmxlQXR0cmlidXRlAEd1aWRBdHRyaWJ1dGUAQXNzZW1ibHlWZXJzaW9uQXR0cmlidXRlAEFzc2VtYmx5RmlsZVZlcnNpb25BdHRyaWJ1dGUAU3lzdGVtLkRpYWdub3N0aWNzAERlYnVnZ2FibGVBdHRyaWJ1dGUARGVidWdnaW5nTW9kZXMAU3lzdGVtLlJ1bnRpbWUuQ29tcGlsZXJTZXJ2aWNlcwBDb21waWxhdGlvblJlbGF4YXRpb25zQXR0cmlidXRlAFJ1bnRpbWVDb21wYXRpYmlsaXR5QXR0cmlidXRlAFNlYXJjaFJlc3VsdEF0dHJpYnV0ZUNvbGxlY3Rpb24AQ29udGFpbnMARGlyZWN0b3J5QXR0cmlidXRlAFN0cmluZwBUeXBlAFJ1bnRpbWVUeXBlSGFuZGxlAEdldFR5cGVGcm9tSGFuZGxlAEdldFZhbHVlcwBTeXN0ZW0uWG1sAFN5c3RlbS5YbWwuU2VyaWFsaXphdGlvbgBYbWxTZXJpYWxpemVyAERlc2VyaWFsaXplAEVudW1lcmF0b3IAZ2V0X0N1cnJlbnQATW92ZU5leHQASXNOdWxsT3JFbXB0eQBBcmd1bWVudEV4Y2VwdGlvbgA8UHJpdmF0ZUltcGxlbWVudGF0aW9uRGV0YWlscz57MTVEMTVERTgtQjI1Ri00OTMxLUJFMkQtQzZFMjZCNjlBMTQ1fQBDb21waWxlckdlbmVyYXRlZEF0dHJpYnV0ZQAkJG1ldGhvZDB4NjAwMDAwYS0xAEFkZABUcnlHZXRWYWx1ZQBDb250YWluc0tleQBXYXJuADxnZXRfQXR0cmlidXRlcz5kX18wAFN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLklFbnVtZXJhYmxlPFpldGV0aWMuTGRhcC5TY2hlbWEuQXR0cmlidXRlU2NoZW1hPi5HZXRFbnVtZXJhdG9yADw+Ml9fY3VycmVudABTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5JRW51bWVyYXRvcjxaZXRldGljLkxkYXAuU2NoZW1hLkF0dHJpYnV0ZVNjaGVtYT4uZ2V0X0N1cnJlbnQAU3lzdGVtLkNvbGxlY3Rpb25zLklFbnVtZXJhdG9yLlJlc2V0AFJlc2V0AFN5c3RlbS5JRGlzcG9zYWJsZS5EaXNwb3NlADw+MV9fc3RhdGUAPD5sX19pbml0aWFsVGhyZWFkSWQAU3lzdGVtLkNvbGxlY3Rpb25zLklFbnVtZXJhdG9yLmdldF9DdXJyZW50ADw+NF9fdGhpcwA8YT41X18xAFZhbHVlQ29sbGVjdGlvbgA8PjdfX3dyYXAyADw+bV9fRmluYWxseTMAU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuSUVudW1lcmF0b3I8WmV0ZXRpYy5MZGFwLlNjaGVtYS5BdHRyaWJ1dGVTY2hlbWE+LkN1cnJlbnQAU3lzdGVtLkNvbGxlY3Rpb25zLklFbnVtZXJhdG9yLkN1cnJlbnQARGVidWdnZXJIaWRkZW5BdHRyaWJ1dGUAVGhyZWFkAGdldF9DdXJyZW50VGhyZWFkAGdldF9NYW5hZ2VkVGhyZWFkSWQAZ2V0X1ZhbHVlcwBOb3RTdXBwb3J0ZWRFeGNlcHRpb24APGdldF9PYmplY3RDbGFzc2VzPmRfXzYAU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuSUVudW1lcmFibGU8WmV0ZXRpYy5MZGFwLlNjaGVtYS5PYmplY3RDbGFzc1NjaGVtYT4uR2V0RW51bWVyYXRvcgBTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5JRW51bWVyYXRvcjxaZXRldGljLkxkYXAuU2NoZW1hLk9iamVjdENsYXNzU2NoZW1hPi5nZXRfQ3VycmVudAA8bz41X183ADw+N19fd3JhcDgAPD5tX19GaW5hbGx5OQBTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5JRW51bWVyYXRvcjxaZXRldGljLkxkYXAuU2NoZW1hLk9iamVjdENsYXNzU2NoZW1hPi5DdXJyZW50AFRvTG93ZXIAb3BfRXF1YWxpdHkAQ29uY2F0AEFwcGxpY2F0aW9uRXhjZXB0aW9uAFJlcGxhY2UASUZvcm1hdFByb3ZpZGVyAFN5c3RlbS5HbG9iYWxpemF0aW9uAERhdGVUaW1lU3R5bGVzAFBhcnNlRXhhY3QAUGFyc2UAQWRkUmFuZ2UALmNjdG9yAExvZ01hbmFnZXIAR2V0Q3VycmVudENsYXNzTG9nZ2VyAFRvTG93ZXJJbnZhcmlhbnQAJCRtZXRob2QweDYwMDAwMTMtMQBGcm9tRmlsZVRpbWVVdGMAZ2V0X01lc3NhZ2UAR3VpZABTeXN0ZW0uU2VjdXJpdHkuUHJpbmNpcGFsAFNlY3VyaXR5SWRlbnRpZmllcgBTeXN0ZW0uU2VjdXJpdHkuQWNjZXNzQ29udHJvbABSYXdTZWN1cml0eURlc2NyaXB0b3IARGlyZWN0b3J5Q29ubmVjdGlvbgBEaXJlY3RvcnlSZXNwb25zZQBEaXJlY3RvcnlSZXF1ZXN0AFNlbmRSZXF1ZXN0AGdldF9FbnRyaWVzAEVxdWFscwBDb252ZXJ0AFRvSW50MzIARXJyb3JFeGNlcHRpb24ARGVmYXVsdE1lbWJlckF0dHJpYnV0ZQBSZWFkT25seUNvbGxlY3Rpb25CYXNlADxHZXRFbnVtZXJhdG9yPmRfXzAAU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuSUVudW1lcmF0b3I8WmV0ZXRpYy5MZGFwLk11dGFibGVFbnRyeT4uZ2V0X0N1cnJlbnQAPHNlPjVfXzEAU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuSUVudW1lcmF0b3I8WmV0ZXRpYy5MZGFwLk11dGFibGVFbnRyeT4uQ3VycmVudABYbWxSb290QXR0cmlidXRlAFhtbEVsZW1lbnRBdHRyaWJ1dGUAU3RyaW5nQ29tcGFyZXIAZ2V0X0ludmFyaWFudEN1bHR1cmVJZ25vcmVDYXNlAElFcXVhbGl0eUNvbXBhcmVyYDEAQ2xlYXIASUNvbGxlY3Rpb24AZ2V0X0F0dHJpYnV0ZU5hbWVzAGdldF9MZW5ndGgAU3Vic3RyaW5nAFRyaW0AU3RyaW5nQ29tcGFyaXNvbgBJbnZhbGlkT3BlcmF0aW9uRXhjZXB0aW9uAFdyaXRlTGluZQBLZXlDb2xsZWN0aW9uAGdldF9LZXlzAEFyZ3VtZW50TnVsbEV4Y2VwdGlvbgBUb0FycmF5AEdldFN0cmluZwBnZXRfQ2hhcnMAQ2hhcgBJbmRleE9mAFhtbEF0dHJpYnV0ZUF0dHJpYnV0ZQBYbWxJZ25vcmVBdHRyaWJ1dGUARm9ybWF0AERlbGV0ZVJlcXVlc3QARGlyZWN0b3J5QXR0cmlidXRlT3BlcmF0aW9uAGdldF9PcGVyYXRpb24ASW5mbwBSZW1vdmUAc2V0X09wZXJhdGlvbgBNb2RpZnlETlJlcXVlc3QAc2V0X05ld05hbWUAZ2V0X05ld05hbWUAc2V0X0RlbGV0ZU9sZFJkbgBzZXRfTmV3UGFyZW50RGlzdGluZ3Vpc2hlZE5hbWUAZ2V0X05ld1BhcmVudERpc3Rpbmd1aXNoZWROYW1lAEFkZFJlcXVlc3QAQ29sbGVjdGlvbkJhc2UARGlyZWN0b3J5QXR0cmlidXRlQ29sbGVjdGlvbgBNb2RpZnlSZXF1ZXN0AGdldF9Nb2RpZmljYXRpb25zAERlYnVnAFVyaQBHZXRUeXBlAGdldF9GdWxsTmFtZQBHQwBTdXBwcmVzc0ZpbmFsaXplAEZyb21TZWNvbmRzAGdldF9SZXNwb25zZQBSZXN1bHRDb2RlAGdldF9SZXN1bHRDb2RlAGdldF9FcnJvck1lc3NhZ2UARXZlbnRXYWl0SGFuZGxlAFNldABQYXJ0aWFsUmVzdWx0UHJvY2Vzc2luZwBCZWdpblNlbmRSZXF1ZXN0AFdhaXRIYW5kbGUAZ2V0X0FzeW5jV2FpdEhhbmRsZQBXYWl0QW55AEVuZFNlbmRSZXF1ZXN0AGdldF9Db250cm9scwBQYWdlUmVzdWx0UmVzcG9uc2VDb250cm9sAGdldF9Db29raWUAc2V0X0Nvb2tpZQBzZXRfSXNDcml0aWNhbABJQ29sbGVjdGlvbmAxADxHZXRSZXN1bHRzPmRfXzIAU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuSUVudW1lcmFibGU8U3lzdGVtLkRpcmVjdG9yeVNlcnZpY2VzLlByb3RvY29scy5TZWFyY2hSZXN1bHRFbnRyeT4uR2V0RW51bWVyYXRvcgBTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5JRW51bWVyYXRvcjxTeXN0ZW0uRGlyZWN0b3J5U2VydmljZXMuUHJvdG9jb2xzLlNlYXJjaFJlc3VsdEVudHJ5Pi5nZXRfQ3VycmVudAA8cmVxPjVfXzMAPGFsaXN0PjVfXzQAPHByYz41X181ADxjdXJyZW50UGFnZT41X182ADxrZXk+NV9fNwA8cmVzcD41X184ADxzZT41X185ADw+Z19faW5pdExvY2FsMQA8PjdfX3dyYXBhADw+N19fd3JhcGIAPD5tX19GaW5hbGx5YwBTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5JRW51bWVyYXRvcjxTeXN0ZW0uRGlyZWN0b3J5U2VydmljZXMuUHJvdG9jb2xzLlNlYXJjaFJlc3VsdEVudHJ5Pi5DdXJyZW50AHNldF9TY29wZQBnZXRfVG90YWxTZWNvbmRzAHNldF9UaW1lTGltaXQARW1wdHkASm9pbgBTeXN0ZW0uQ29sbGVjdGlvbnMuU3BlY2lhbGl6ZWQAU3RyaW5nQ29sbGVjdGlvbgBUcmFjZQBEaXJlY3RvcnlDb250cm9sQ29sbGVjdGlvbgBMZGFwRXhjZXB0aW9uAGdldF9FcnJvckNvZGUAZ2V0X1NlcnZlckVycm9yTWVzc2FnZQBTdHJ1Y3RMYXlvdXRBdHRyaWJ1dGUATGF5b3V0S2luZABHZXRFbmNvZGluZwBDb25zb2xlAGdldF9PdXQARmlsZU1vZGUARmlsZUFjY2VzcwBnZXRfQVNDSUkAU3RyZWFtAERlbGVnYXRlAENvbWJpbmUASW50ZXJsb2NrZWQAQ29tcGFyZUV4Y2hhbmdlAFJlYWRMaW5lAFN0YXJ0c1dpdGgAVHJpbUVuZABUcmltU3RhcnQAUGVlawBnZXRfVVRGOABGcm9tQmFzZTY0U3RyaW5nAFN0cmVhbVdyaXRlcgBnZXRfTm93AFRvVW5pdmVyc2FsVGltZQBUb0Jhc2U2NFN0cmluZwBHZXRCeXRlcwBvcF9JbmVxdWFsaXR5ADxnZXRfTXVzdEhhdmU+ZF9fMAA8Z2V0X01heUhhdmU+ZF9fNgA8YT41X183AFN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLklFbnVtZXJhdG9yPFpldGV0aWMuTGRhcC5FbnRyeT4uZ2V0X0N1cnJlbnQAPGU+NV9fMQBTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5JRW51bWVyYXRvcjxaZXRldGljLkxkYXAuRW50cnk+LkN1cnJlbnQAPFN0cmluZ1ZhbHVlcz5kX18wAFN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLklFbnVtZXJhYmxlPFN5c3RlbS5TdHJpbmc+LkdldEVudW1lcmF0b3IAU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuSUVudW1lcmF0b3I8U3lzdGVtLlN0cmluZz4uZ2V0X0N1cnJlbnQAPD4zX19jb25uADw+M19fZW50cnlEbgA8PjNfX2F0dHJOYW1lADw+M19fc3RhcnQAPD4zX19lbmQAPD4zX19leHRlbmRlZERucwA8cmVxdWVzdGVkPjVfXzEAPHJldHVybmVkPjVfXzIAPHI+NV9fMwA8cz41X180ADw+bV9fRmluYWxseTUAPD43X193cmFwNgA8PjdfX3dyYXA3AFN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLklFbnVtZXJhdG9yPFN5c3RlbS5TdHJpbmc+LkN1cnJlbnQAZ2V0X0hhc1ZhbHVlAEV4dGVuZGVkRE5Db250cm9sAEV4dGVuZGVkRE5GbGFnAEVuZHNXaXRoAAAAAAA1QwBhAG4AbgBvAHQAIABpAG4AdABlAHIAcAByAGUAdAAgAGUAbQBwAHQAeQAgAE8ASQBEAAATcwB5AG4AdABhAHgATwBpAGQAAA8yAC4ANQAuADUALgAzAAARMgAuADUALgA1AC4AMQAyAAARMgAuADUALgA1AC4AMQA2AAAPMgAuADUALgA1AC4AMQAAETIALgA1AC4ANQAuADEAMAAADzIALgA1AC4ANQAuADUAAA8yAC4ANQAuADUALgA2AAARMgAuADUALgA1AC4AMQAxAAAPMgAuADUALgA1AC4AOQAADzIALgA1AC4ANQAuADcAAA8yAC4ANQAuADUALgAyAAAPMgAuADUALgA1AC4AOAAADzIALgA1AC4ANQAuADQAAFVVAG4AawBuAG8AdwBuACAAcwB5AG4AdABhAHgAIABPAEkARAAgAHsAMAB9ADsAIAB0AHIAZQBhAHQAaQBuAGcAIABhAHMAIABzAHQAcgBpAG4AZwAAV1IAZQBxAHUAZQBzAHQAZQBkACAAYQB0AHQAcgBpAGIAdQB0AGUAIABjAGEAbgBuAG8AdAAgAGIAZQAgAG4AdQBsAGwAIABvAHIAIABlAG0AcAB0AHkAABFhAHQAdAByAE4AYQBtAGUAAFtSAGUAcQB1AGUAcwB0AGUAZAAgAG8AYgBqAGUAYwB0AEMAbABhAHMAcwAgAGMAYQBuAG4AbwB0ACAAYgBlACAAbgB1AGwAbAAgAG8AcgAgAGUAbQBwAHQAeQAAJVUAbgBrAG4AbwB3AG4AIABhAHQAdAByAGkAYgB1AHQAZQAgAAAHLgAwAFoAAAEAHXkAeQB5AHkATQBNAGQAZABIAEgAbQBtAHMAcwAAETIALgA1AC4ANQAuADEANwAAETIALgA1AC4ANQAuADEANQAAFXAAdwBkAGwAYQBzAHQAcwBlAHQAAB1hAGMAYwBvAHUAbgB0AGUAeABwAGkAcgBlAHMAAB9iAGEAZABwAGEAcwBzAHcAbwByAGQAdABpAG0AZQAAF2wAbwBjAGsAbwB1AHQAdABpAG0AZQAAJWwAYQBzAHQAbABvAGcAbwBuAHQAaQBtAGUAcwB0AGEAbQBwAAATbABhAHMAdABsAG8AZwBvAG4AABVvAGIAagBlAGMAdABnAHUAaQBkAAALTgBFAFYARQBSAABLQwBvAHUAbABkAG4AJwB0ACAAYwBvAG4AdgBlAHIAdAAgAHsAMAB9ACAAdABvACAARABhAHQAZQBUAGkAbQBlADoAIAB7ADEAfQABJ3MAYwBoAGUAbQBhAE4AYQBtAGkAbgBnAEMAbwBuAHQAZQB4AHQAAB9sAEQAQQBQAEQAaQBzAHAAbABhAHkATgBhAG0AZQAAHWkAcwBTAGkAbgBnAGwAZQBWAGEAbAB1AGUAZAAAH2EAdAB0AHIAaQBiAHUAdABlAFMAeQBuAHQAYQB4AAAXYQB0AHQAcgBpAGIAdQB0AGUASQBEAAAXcwBlAGEAcgBjAGgARgBsAGEAZwBzAABBKAAmACgAbwBiAGoAZQBjAHQAQwBsAGEAcwBzAD0AYQB0AHQAcgBpAGIAdQB0AGUAUwBjAGgAZQBtAGEAKQApAAAJVABSAFUARQAAAzAAACdDAG8AdQBsAGQAbgAnAHQAIABhAGQAZAAgAGEAdAB0AHIAIAAnAAEPJwAgAGYAcgBvAG0AIAABISAAdABvACAAYwBvAGwAbABlAGMAdABpAG8AbgA6ACAAABdtAHUAcwB0AEMAbwBuAHQAYQBpAG4AACNzAHkAcwB0AGUAbQBNAHUAcwB0AEMAbwBuAHQAYQBpAG4AABVtAGEAeQBDAG8AbgB0AGEAaQBuAAAhcwB5AHMAdABlAG0ATQBhAHkAQwBvAG4AdABhAGkAbgAAJ28AYgBqAGUAYwB0AEMAbABhAHMAcwBDAGEAdABlAGcAbwByAHkAABVzAHUAYgBDAGwAYQBzAHMATwBmAAATZwBvAHYAZQByAG4AcwBJAEQAADkoACYAKABvAGIAagBlAGMAdABDAGwAYQBzAHMAPQBjAGwAYQBzAHMAUwBjAGgAZQBtAGEAKQApAAADMQAAAzIAAAMzAAAjQwBvAHUAbABkAG4AJwB0ACAAYQBkAGQAIABPAEMAIAAnAAEDLAAANUMAYQBuAG4AbwB0ACAAYwBoAGEAbgBnAGUAIABzAHUAcABlAHIAaQBvAHIAIABvAGYAIAAAD2QAbgA6ACAAewAwAH0AABF7ADAAfQA6ACAAewAxAH0AAAlhAHQAdAByAAAPLAArACIAXAA8AD4AOwAAA1wAADVkAG4AIABjAGEAbgBuAG8AdAAgAGIAZQAgAG4AdQBsAGwAIABvAHIAIABlAG0AcAB0AHkAAAVkAG4AABdvAGIAagBlAGMAdABDAGwAYQBzAHMAAD9PAGIAagBlAGMAdAAgAGgAYQBzACAAYQBsAHIAZQBhAGQAeQAgAGIAZQBlAG4AIABkAGUAbABlAHQAZQBkAABbRQBuAHQAcgB5ACAAewAwAH0AIAB3AGEAcwAgAG4AZQB2AGUAcgAgAGMAbwBtAG0AaQB0AHQAZQBkACAALQAgAGMAYQBuAG4AbwB0ACAAZABlAGwAZQB0AGUAAQUqAGQAAAt2AGEAbAB1AGUAAICbQwBhAG4AJwB0ACAAcAByAG8AYwBlAHMAcwAgAGEAIAByAGUAcQB1AGUAcwB0ACAAdABvACAAewAwAH0AIABhAG4AZAAgAGEAcABwAGUAbgBkACAAbwBuACAAYQB0AHQAcgAgAHsAMQB9ACAALQAgAGkAbgBkAGUAdABlAHIAbQBpAG4AYQB0AGUAIAByAGUAcwB1AGwAdABzAAF1UgBlAHEAdQBlAHMAdAAgAG8AbgAgAGEAdAB0AHIAIAB7ADAAfQAgAGkAcwAgAHsAMQB9ACwAIABiAHUAdAAgAGEAcABwAGUAbgBkAGkAbgBnACAAdgBhAGwAdQBlACAAewAyAH0AIABhAG4AeQB3AGEAeQAAT1IAZQBtAG8AdgBpAG4AZwAgAGUAbQBwAHQAeQAtAHIAZQBwAGwAYQBjAGUAbQBlAG4AdAAgAHYAYQBsAHUAZQAgAG8AbgAgAHsAMAB9AAEpUgBlAHEAdQBlAHMAdAAgAG4AZQB3ACAAbgBhAG0AZQAgAHsAMAB9AAAxUgBlAHEAdQBlAHMAdAAgAG4AZQB3ACAAcwB1AHAAZQByAGkAbwByACAAewAwAH0AAC1DAG8AbQBtAGkAdAAgAG8AbgAgAHsAMAB9ACAAYwBvAG0AcABsAGUAdABlAAAxTgBvAHQAaABpAG4AZwAgAHQAbwAgAGMAbwBtAG0AaQB0ACAAbwBuACAAewAwAH0AAG9DAGEAbgBuAG8AdAAgAGMAbwBtAG0AaQB0ACAAYQAgAG4AZQB3ACAAZABpAHIAZQBjAHQAbwByAHkAIABvAGIAagBlAGMAdAAgAHcAaQB0AGgAIABuAG8AIABhAHQAdAByAGkAYgB1AHQAZQBzAAB7QwBoAGEAbgBnAGUAIABiAHUAZgBmAGUAcgAgAGEAbAByAGUAYQBkAHkAIABjAG8AbgB0AGEAaQBuAHMAIABhACAAcgBlAHEAdQBlAHMAdAAgAHQAbwAgAG0AbwBkAGkAZgB5ACAAewAwAH0AIABhAHMAIAB7ADEAfQAAX08AdgBlAHIAcgBpAGQAaQBuAGcAIAB7ADAAfQAgAHIAZQBxAHUAZQBzAHQAIABvAG4AIABhAHQAdAByACAAewAxAH0AIAB3AGkAdABoACAAUgBlAHAAbABhAGMAZQAAV1AAcgBlAHAAYQByAGkAbgBnACAAcgBlAHAAbABhAGMAZQBtAGUAbgB0ACAAbwBwAGUAcgBhAHQAaQBvAG4AIABvAG4AIABhAHQAdAByACAAewAwAH0AAClOAG8AIABzAHUAcABwAG8AcgB0ACAAZgBvAHIAIAB0AHkAcABlACAAAA12AGEAbAB1AGUAcwAASUEAZABkAGUAZAAgAHYAYQBsAHUAZQAgAHQAbwAgAGMAbwBsAGwAZQBjAHQAaQBvAG4AIAB7ADAAfQAgAG8AZgAgAHsAMQB9AABTQwBvAGwAbABlAGMAdABpAG8AbgAgAHsAMAB9ACAAYQBsAHIAZQBhAGQAeQAgAGMAbwBuAHQAYQBpAG4AcwAgAHYAYQBsAHUAZQAgAHsAMQB9AABtQQBsAHIAZQBhAGQAeQAgAGMAbwBuAHQAYQBpAG4AcwAgAHIAZQBxAHUAZQBzAHQAIAB0AG8AIABzAGUAdAAgAHsAMAB9ACAAdwBpAHQAaAAgAFIAZQBwAGwAYQBjAGUALwBDAGwAZQBhAHIAAICZQwBoAGEAbgBnAGUAIABiAHUAZgBmAGUAcgAgAGEAbAByAGUAYQBkAHkAIABjAG8AbgB0AGEAaQBuAHMAIABhACAAbgBvAG4ALQBiAGwAYQBuAGsAIAByAGUAcQB1AGUAcwB0ACAAdABvACAAbQBvAGQAaQBmAHkAIABhAHQAdAByACAAewAwAH0AIABhAHMAIAB7ADEAfQABf08AdgBlAHIAcgBpAGQAaQBuAGcAIABuAG8AbgAtAGIAbABhAG4AawAgAHsAMAB9ACAAcgBlAHEAdQBlAHMAdAAgAG8AbgAgAGEAdAB0AHIAIAB7ADEAfQAgAHcAaQB0AGgAIABSAGUAcABsAGEAYwBlAC8AQwBsAGUAYQByAAFlUgBlAG0AbwB2AGkAbgBnACAAdQBzAGUAbABlAHMAcwAgAHMAaQBuAGcAbABlAC0AdgBhAGwAdQBlACAAZABlAGwAZQB0AGkAbwBuACAAbwBuACAAYQB0AHQAcgAgAHsAMAB9AAE7UwBlAHQAIABSAGUAcABsAGEAYwBlAC8AQwBsAGUAYQByACAAbwBuACAAYQB0AHQAcgAgAHsAMAB9AAAVQQB0AHQAcgBpAGIAdQB0AGUAPQAADTsAIABPAEkARAA9AAAdOwAgAE0AdQBsAHQAaQB2AGEAbAB1AGUAZAA9AABbSwBlAGUAcABpAG4AZwAgAFMAaQB6AGUATABpAG0AaQB0AEUAeABjAGUAZQBkAGUAZAAgAHIAZQBzAHUAbAB0AHMALAAgAGMAbwB1AG4AdAA6ACAAewAwAH0AAElPAHAAZQByAGEAdABpAG8AbgAgAGUAeABjAGUAcAB0AGkAbwBuADsAIAByAGMAIAB7ADAAfQAsACAAbQBzAGcAIAB7ADEAfQAAN0QAaQBzAHAAYQB0AGMAaAAgAHMAZQBhAHIAYwBoACAAdABvACAARABTAEEAOgAgAHsAMAB9AAA7RwBlAHQAUwBlAGEAcgBjAGgAUgBlAHMAcABvAG4AcwBlADoAIAB3AGgAbgBkACAAPQAgAHsAMAB9AAADIQAAQUkAbgBpAHQAaQBhAGwAIABwAGcAIABvAGYAIAB7ADAAfQAsACAAbQBhAHgAIABwAGEAZwBlAHMAIAB7ADEAfQAAUVUAbgBwAGEAZwBlAGQAIABzAGUAYQByAGMAaAAgACgAcABnAHMAegAgAHsAMAB9ACwAIABzAGkAegBlAGwAaQBtAGkAdAAgAHsAMQB9ACkAAAM7AAAHOwBmAD0AAAk7AGMAcAA9AAALOwBwAHMAegA9AAALOwBzAHoAbAA9AAAJOwBhAHQAdAAAI3sAMAB9ACAAdABvAHQAYQBsACAAcgBlAHMAdQBsAHQAcwAAIUMAYQBuAGMAZQBsAGUAZAAgAGIAeQAgAHUAcwBlAHIAAFNMAGQAYQBwACAAcwBlAHIAdgBlAHIAIABtAHMAZwAgAHsAMAB9ACwAIABjAG8AZABlACAAewAxAH0ALAAgAGUAeAAgAG0AcwBnACAAewAyAH0AAC9SAGUAcQB1AGUAcwB0ACAAYQBiAG8AcgB0AGUAZAAgAGkAbgAgAGUAbgB1AG0AABVpAHMAbwAtADgAOAA1ADkALQAxAAEDIgAAB3IAZABuAAANcABhAHIAZQBuAHQAABFzAHUAcABlAHIAaQBvAHIAAAMJAAADIwAAB2QAbgA6AAAvTQBhAGwAZgBvAHIAbQBlAGQAIABMAEQASQBGACAAbwBuACAAbABpAG4AZQAgAAAVYwBoAGEAbgBnAGUAdAB5AHAAZQAADW0AbwBkAHIAZABuAAANbgBlAHcAcgBkAG4AABlkAGUAbABlAHQAZQBvAGwAZAByAGQAbgAAF24AZQB3AHMAdQBwAGUAcgBpAG8AcgAACyMAIAB7ADAAfQAAG04AbwAgAG8AcABlAG4AIABlAG4AdAByAHkAAAMtAAEneQB5AHkAeQBNAE0AZABkAEgASABtAG0AcwBzACcALgAwAFoAJwABC3sAMAB9ADoAOgAAE3sAMAB9ADoAOgAgAHsAMQB9AAAJewAwAH0AOgAAAyAAAGkjACAARQB4AHAAbwByAHQAZQBkACAAewAwAH0AIABlAG4AdAByAGkAZQBzADsAIABzAHQAYQByAHQAZQBkACAAYQB0ACAAewAxAH0AOwAgAGUAbgBkAGUAZAAgAGEAdAAgAHsAMgB9AAAZTwBiAGoAZQBjAHQAQwBsAGEAcwBzAD0AAA0sACAATwBJAEQAPQAAFzsAIABTAHUAcABlAHIAaQBvAHIAPQAAGTsAIABDAGwAYQBzAHMAVAB5AHAAZQA9AAAlKAAmACgAbwBiAGoAZQBjAHQAQwBsAGEAcwBzAD0AKgApACkAAA87AHIAYQBuAGcAZQA9AAADKgAAAAAA6F3RFV+yMUm+Lcbia2mhRQAIt3pcVhk04IkGFRINARIgBhUSDQESOAYVEg0BEhwCBggDBhEIBAAAAAAEAQAAAAQCAAAABAQAAAAECAAAAAQQAAAABCAAAAAEQAAAAAiwP19/EdUKOgUgAQESKQggABUSDQESNAggABUSDQESdAUgARI0DgUgARJ0DgogAhUSLQEcEjEOCCgAFRINARI0CCgAFRINARJ0CFEg4UwD0Fk8AwYSNQgGFRI5Ag4SNAgGFRI5Ag4SdAgGFRI5Ag4RMAYAAg4SMQ4EIAEBDgUgAREwDgMgAAEHBhUSPQESIAUgAQESQQUgARIgCAMgAAgIIAAVEkUBEiAEIAASSQUoARIgCAMoAAgDIAAOAyAAAgQgAQECCAYVEjkCDhI4AwYSTQUgAQESMQUgAQESUQUgAgEOHAUgAQESOAUgARI4DgYgAgEOEjgEIAEIDgUgAR0ODgQgAQIOBAABDg4FIAIBDgIIIAAVEkUBEjgCBg4CBgIDKAAOAygAAgUoARI4DggGFRI5Ag4SVQMGESQHAAISIA4dDgQgABEkBSABAREkBSACAg4cBCABDg4FIAIBDg4EIAASWQYgAgEOHRwEKAARJAMGHQ4DBhEwBAMAAAAEBQAAAAQGAAAABAcAAAAECQAAAAQKAAAABAsAAAAEDAAAAAQNAAAABCAAETAFIAEBETAEIAEBCAQoABEwByAAFRI9ARwIIAEBFRI9ARwJIAIBDhUSPQEcBgYVEj0BHAcoABUSPQEcBCAAHQ4FIAEBHQ4EIAASKQQgABFdBSABARFdBCAAEWEFIAEBEWEDBhJlBwYVEmkBEm0GIAIBDhJxBiABEnESdQcgAhJxDhJ5BiABEn0ScQUgAQESbQggABUSDQESMQMGEikDBhFdAwYRYQQoAB0OBCgAEikEKAARXQQoABFhBiADAQ4ODgYgAwEODggHIAQBDg4OCAcGFRI9ARFAAwYSUQggAwEOAhKAgQcgAgESgIUCBSACARwYBiACARwSWAwgBBKAiRwSWBKAjRwGIAEBEoCJBiACARwSXAwgBBKAiRwSXBKAjRwDIAAcBCABARwCBhwDKAAcBAYSgJECBgoGIAEBEoCRBiABARKAlQMGEkwFIAEBEkwDBhJQBSABARJQAwYSVAUgAQESVAQGEYCZByACAQ4RgJkGIAIBDh0FBAABAgMEAAECDgcGFRI9ARFsAwYRcAcGFRI9ARI0BCAAEXAFIAEBEXAFIAEBEjQEKAARcAMGEmADBhIcBSABARJgBCAAEhwIIAAVEkUBEhwTAAYVEg0BDhIpDg4IFRGAnQEIAhAABhIsEikODggVEYCdAQgCBiABARGA2YCgACQAAASAAACUAAAABgIAAAAkAABSU0ExAAQAAAEAAQAjpTviItMxHCafhiVyPX4Iw+dXZVWWl4v8SSzEAmfN7aBwGjrKSRHKrb83DdsWjQEpeYmOmKCkWt7igUZ5ke/KJxLcRy0PImRZ6Z7fpzUOw81c61NMenaXu1PWkv1VNNdxeasN2CglD3dnVNcjUeBSQNImbfeQhD58Vdq1FFV/pAUgABKA5QYgARKA6Q4IAAESgPERgPUHIAEdHBKA8QIdDgYgAQESgPEGIAEcEoCRBhUSPQERbAkgABURgP0BEwAHFRGA/QERbAQgABMABxUSOQIOETAHIAIBEwATARMHBRJoEoD5EoCFEWwVEYD9ARFsBwYVEjkCDggGFRI5Ag4ICCACAhMAEBMBBSABAhMABiABEwETAAQHAg4IBhUSDQESNAYVEkUBEjQIIAAVEkUBEjQIIAAVEkUBEwADBhI0BCAAEjQDBhIQCQYVEYENAg4SNAQoABI0BQAAEoEVBQcBEoCEBxUSOQIOEjQLIAAVEoEJAhMAEwEIFRKBCQIOEjQLIAAVEYENAhMAEwEIFRGBDQIOEjQEIAATAQQHAgIIAwcBCAYVEg0BEnQGFRJFARJ0CCAAFRJFARJ0AwYSdAQgABJ0CQYVEYENAg4SdAQoABJ0BQcBEoCIBxUSOQIOEnQIFRKBCQIOEnQIFRGBDQIOEnQFAAICDg4MBwMSdBJ0FRJFARJ0BQACDg4OBRUSPQEcBSACDg4ODgAEEYCZDh0OEoEhEYElBSABARMABAABCA4EAAEKDgIdBQkgAQEVEg0BEwAFFRItARwJIAEBFRJpARMAIQcSEjQVEj0BHA4OEYCZDg4OETAdHAgdDh0cCB0cCB0cCAMAAAEEAAASNQMHAQ4GAAERgJkKBiADAQ4cHAUgAQEdBQYgAgEdBQgjBxMSNBUSPQEcDgoSGR0FHQUdBQ4IHRwIHRwIETAdHAgdHAgJIAQBDg4RXR0OCCABEoFJEoFNBCAAEkEFIAESMQgGFRINARIxBhUSRQESMQUAAQ4dDgYgAgEOEhlFByMSeRJxDh0OEjwSMQ4SNBIZEjESdA4ODg4SGRI8HQ4dDhUSRQESMR0OHQ4VEkUBEjEdDh0OCB0cCB0OHQ4IHRwIDh0OCQEABEl0ZW0AAAYVEj0BEiAIBwMSMRJJEhUFIAETAAgGFRJFARIgAwYSIAQgABIgAwYSGAgGFRGA/QESIAQoABIgBxURgP0BEiAFBwESgIxDAQAFZW50cnkBAFQOCU5hbWVzcGFjZSxodHRwOi8vemV0ZXRpYy5uZXQvc2NoZW1hL1pldGV0aWMuTGRhcC5FbnRyeQ4BAAlhdHRyaWJ1dGUAAAUAABKBZQcVEjkCDhI4CiABARUSgWkBEwAFIAASgW0HBwMOEkkSFQQgAQ4IByACAg4RgXEGAAMODg4OCyAAFRKBeQITABMBCBUSgXkCDhI4CyAAFRGBfQITABMBCBURgX0CDhI4BhURgP0BHBIHBA4cFRGBfQIOEjgVEYD9ARwJBwISOBUSPQEcBAcBEjgFIAAdEwAFIAEOHQUEAAEOHAgHBB0cHQ4IHAQgAQMIBQACDhwcBwcFDgIDDggEIAEIAwcHBQ4OAw4IBAcCCA4IFRKBCQIOEjgIFRGBDQIOEjgFIAIBAgIHAQACZG4AAAgBAANyZG4AAAcVEjkCDhJVBAcBEiAFAAIODhwFBwESgZEEBwEdDgUgABGBlQYAAw4OHBwHIAQBDhwcHAQgAQIcBiABARGBlQUHAg4SVQoHBQ4SVQ4SVRJVCBUSgQkCDhJVCBURgQ0CDhJVBSABCBJVDgcDElkSVRURgQ0CDhJVCCACAQ4dEoDpBSAAEoGlBiABCBKA6QcgAgEOHRJVFwcJEoGZEoGdElUSgakSVRJJEhUSSRIVBAcBHRwFIAEIHQUGIAEIEoGtBSAAEoDxCAcEElUcHRwICAcDElUSVRJVBAABARwFAAEOHRwJAQAEbmFtZQAACgEABXZhbHVlAAAJAQAEdHlwZQAABhUSPQESbQUAARFhDQUgABKBSQUgABGBtQUgAgEOCA8gBBKAiRKBTRGBvRKAjRwFIAASgcEHAAEIHRKBwQggARKBSRKAiQ4HBRKAiQgScRJ1HRKBwQUgAB0SbQQgAB0FDwcGEm0SgcUSfRJ9HRJtCAcVEoHJARJtCCAAFRJFARIxAwYSMQQgABIxAwYSPAMGEnkDBhJ9AwYScQMGEkkDBhIVBCgAEjEFBwESgJADIAANBgACDg4dDgUgABKBzQUgABKB0QUgAQgSbQYVEg0BEm0GFRJFARJtFAcIEm0SgdUCCBFhFRJFARJtHRwICAcDEm0SgdUIBiABARGB3QYVEj0BEUAGAAESgIEOByACAQ4SgIEFBwESgIULBwYIEngSHAgRQA4EAAASUQogAwEOEYHlEYHpBQAAEoCBCSACARKB7RKAgQsAAhKB8RKB8RKB8QwQAQMeABAeAB4AHgAECgESTAgHAxJMEkwSTAQKARJQCAcDElASUBJQBAoBElQIBwMSVBJUElQFIAEOHQMFAAEdBQ4FIAIOCAgYBw4ODgIIDg4CAh0FEoGtEoGtHQMdAx0DBQAAEYCZAwcBCgUgABGAmQcHAh0cEYCZBQABDh0FBgcCHRwdHAUgAR0FDggHAx0cHRwdHAYAAg4OHRwEBwIDCAkAAgIRgJkRgJkFBwERgJkUAQAPc2NoZW1hRXh0ZW5zaW9uAAAIAQADYWRkAAAIAQADb2lkAAALAQAGc3ludGF4AAAIBhURgP0BEjQFBwESgJQGFRI9ARI0BxURgP0BEjQFBwESgJgGFRJFARIcAwYSeAQoABIcBQcBEoCcBRUSDQEOBRUSRQEOByAAFRJFAQ4HBhURgJ0BCAMGEiwFBwESgKAGFRGAnQEIBQcDAggIBiABARGCAQUgAggDCBgHDBJ5EnESMQ4SLBKA6QgIEiwdHBJJEhURAQAMWmV0ZXRpYy5MZGFwAAAFAQAAAAAQAQALWmV0ZXRpYyBMTEMAACIBAB1Db3B5cmlnaHQgwqkgWmV0ZXRpYyBMTEMgMjAwOQAAKQEAJDUwMmUwOTI4LTZiMjItNGEwYy05NmRiLWE4ZTNjM2ViYjc5MAAADAEABzEuMC4wLjAAAAgBAAIAAAAAAAgBAAgAAAAAAB4BAAEAVAIWV3JhcE5vbkV4Y2VwdGlvblRocm93cwEAAAAAAAA1CHJPAAAAAAIAAABSAAAA3OUAANzHAABSU0RTA/4h55+Lh0+DxlzTjYhyXAEAAABDOlx6ZXRldGljLWxkYXBcWmV0ZXRpYy5MZGFwXG9ialxSZWxlYXNlXFpldGV0aWMuTGRhcC5wZGIAAABY5gAAAAAAAAAAAABu5gAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYOYAAAAAAAAAAF9Db3JEbGxNYWluAG1zY29yZWUuZGxsAAAAAAD/JQAgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAQAAAAGAAAgAAAAAAAAAAAAAAAAAAAAQABAAAAMAAAgAAAAAAAAAAAAAAAAAAAAQAAAAAASAAAAFgAAQAgAwAAAAAAAAAAAAAgAzQAAABWAFMAXwBWAEUAUgBTAEkATwBOAF8ASQBOAEYATwAAAAAAvQTv/gAAAQAAAAEAAAAAAAAAAQAAAAAAPwAAAAAAAAAEAAAAAgAAAAAAAAAAAAAAAAAAAEQAAAABAFYAYQByAEYAaQBsAGUASQBuAGYAbwAAAAAAJAAEAAAAVAByAGEAbgBzAGwAYQB0AGkAbwBuAAAAAAAAALAEgAIAAAEAUwB0AHIAaQBuAGcARgBpAGwAZQBJAG4AZgBvAAAAXAIAAAEAMAAwADAAMAAwADQAYgAwAAAAOAAMAAEAQwBvAG0AcABhAG4AeQBOAGEAbQBlAAAAAABaAGUAdABlAHQAaQBjACAATABMAEMAAABEAA0AAQBGAGkAbABlAEQAZQBzAGMAcgBpAHAAdABpAG8AbgAAAAAAWgBlAHQAZQB0AGkAYwAuAEwAZABhAHAAAAAAADAACAABAEYAaQBsAGUAVgBlAHIAcwBpAG8AbgAAAAAAMQAuADAALgAwAC4AMAAAAEQAEQABAEkAbgB0AGUAcgBuAGEAbABOAGEAbQBlAAAAWgBlAHQAZQB0AGkAYwAuAEwAZABhAHAALgBkAGwAbAAAAAAAYAAdAAEATABlAGcAYQBsAEMAbwBwAHkAcgBpAGcAaAB0AAAAQwBvAHAAeQByAGkAZwBoAHQAIACpACAAWgBlAHQAZQB0AGkAYwAgAEwATABDACAAMgAwADAAOQAAAAAATAARAAEATwByAGkAZwBpAG4AYQBsAEYAaQBsAGUAbgBhAG0AZQAAAFoAZQB0AGUAdABpAGMALgBMAGQAYQBwAC4AZABsAGwAAAAAADwADQABAFAAcgBvAGQAdQBjAHQATgBhAG0AZQAAAAAAWgBlAHQAZQB0AGkAYwAuAEwAZABhAHAAAAAAADQACAABAFAAcgBvAGQAdQBjAHQAVgBlAHIAcwBpAG8AbgAAADEALgAwAC4AMAAuADAAAAA4AAgAAQBBAHMAcwBlAG0AYgBsAHkAIABWAGUAcgBzAGkAbwBuAAAAMQAuADAALgAxAC4AMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4AAADAAAAIA2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==')
$null = [System.Reflection.Assembly]::Load($bytes)
$msPKIEnrollmentFlag = ($PSTypes | ?{$_.name -eq 'msPKIEnrollmentFlag'}).AsType()
$msPKICertificateNameFlagType = ($PSTypes | ?{$_.name -eq 'msPKICertificateNameFlag'}).AsType()
function Get-ADControlRights {
[CmdletBinding()]
Param(
[Parameter(Position=0, Mandatory=$true)]
[System.DirectoryServices.ActiveDirectorySecurity]
$SecurityDescriptor
)
$Access = $SecurityDescriptor.GetAccessRules($true, $true, [System.Security.Principal.SecurityIdentifier])
New-Object psobject -Property @{
Owner = $SecurityDescriptor.GetOwner([System.Security.Principal.SecurityIdentifier]).ToString()
FullControl = $Access | ?{$_.AccessControlType -eq 'Allow' -and ($_.ActiveDirectoryRights -band [System.DirectoryServices.ActiveDirectoryRights]::GenericAll) -eq [System.DirectoryServices.ActiveDirectoryRights]::GenericAll }
WriteDacl = $Access | ?{$_.AccessControlType -eq 'Allow' -and ($_.ActiveDirectoryRights -band [System.DirectoryServices.ActiveDirectoryRights]::WriteDacl) -eq [System.DirectoryServices.ActiveDirectoryRights]::WriteDacl }
WriteOwner = $Access | ?{$_.AccessControlType -eq 'Allow' -and ($_.ActiveDirectoryRights -band [System.DirectoryServices.ActiveDirectoryRights]::WriteOwner) -eq [System.DirectoryServices.ActiveDirectoryRights]::WriteOwner }
GenericWrite = $Access | ?{$_.AccessControlType -eq 'Allow' -and ($_.ActiveDirectoryRights -band [System.DirectoryServices.ActiveDirectoryRights]::GenericWrite) -eq [System.DirectoryServices.ActiveDirectoryRights]::GenericWrite }
}
}
function Get-SidString {
Param(
[Parameter(Position=0, Mandatory=$true, ValueFromPipeline=$true)]
[ValidateNotNull()]
[string]
$Sid,
[Parameter(Mandatory=$false)]
[switch]
$IgnoreADAdmins
)
Process {
# Since we can't resolve(e.g. not on a domain joined machine), try and at least handle some common SIDs
switch -Regex ($Sid.ToString()) {
'^S-1-5-21-.+-498$' { if(!$IgnoreADAdmins) { "{0,-50} {1}" -f $switch.current, "Enterprise Read-only Domain Controllers " }}
'^S-1-5-21-.+-500$' { if(!$IgnoreADAdmins) { "{0,-50} {1}" -f $switch.current, "Administrator" }}
'^S-1-5-21-.+-501$' { "{0,-50} {1}" -f $switch.current, "Guest" }
'^S-1-5-21-.+-502$' { if(!$IgnoreADAdmins) { "{0,-50} {1}" -f $switch.current, "krbtgt" }}
'^S-1-5-21-.+-512$' { if(!$IgnoreADAdmins) { "{0,-50} {1}" -f $switch.current, "Domain Admins" }}
'^S-1-5-21-.+-513$' { "{0,-50} {1}" -f $switch.current, "Domain Users" }
'^S-1-5-21-.+-514$' { "{0,-50} {1}" -f $switch.current, "Domain Guests" }
'^S-1-5-21-.+-515$' { "{0,-50} {1}" -f $switch.current, "Domain Computers" }
'^S-1-5-21-.+-516$' { if(!$IgnoreADAdmins) { "{0,-50} {1}" -f $switch.current, "Domain Controllers" }}
'^S-1-5-21-.+-517$' { "{0,-50} {1}" -f $switch.current, "Cert Publishers" }
'^S-1-5-21-.+-518$' { if(!$IgnoreADAdmins) { "{0,-50} {1}" -f $switch.current, "Schema Admins" }}
'^S-1-5-21-.+-519$' { if(!$IgnoreADAdmins) { "{0,-50} {1}" -f $switch.current, "Enterprise Admins" }}
'^S-1-5-21-.+-521$' { if(!$IgnoreADAdmins) { "{0,-50} {1}" -f $switch.current, "Read-only Domain Controllers " }}
default {
# Try and resolve it - probably will only succeed on a domain joined machine
$UserStr = $null
try {
$objSid = [System.Security.Principal.SecurityIdentifier]$Sid
$user = $objSid.Translate( [System.Security.Principal.NTAccount])
$UserStr = "{0,-50} {1}" -f $Sid, $user
} catch {
$switch.current
}
}
}
}
}
Class NtAuthCertificationAuthority
{
[System.DirectoryServices.ActiveDirectorySecurity]$Security
[System.Security.Cryptography.X509Certificates.X509Certificate2[]]$CaCertificates
NtAuthCertificationAuthority([byte[]] $SecurityDescriptorBytes, [System.Collections.Generic.List[object]] $CACertificates) {
$this.Security = New-Object System.DirectoryServices.ActiveDirectorySecurity
$this.Security.SetSecurityDescriptorBinaryForm($SecurityDescriptorBytes, [System.Security.AccessControl.AccessControlSections]::All)
}
[psobject] GetObjectControllers () {
$Controllers = Get-ADControlRights $this.Security
return New-Object psobject -Property @{
Owner = Get-SidString $Controllers.Owner
FullControl = $Controllers.FullControl | %{ $_.IdentityReference.ToString() }
WriteDacl = $Controllers.WriteDacl | %{ $_.IdentityReference.ToString() }
WriteOwner = $Controllers.WriteOwner | %{ $_.IdentityReference.ToString() }
GenericWrite = $Controllers.GenericWrite | %{ $_.IdentityReference.ToString() }
}
}
}
Class CertificateTemplate
{
[string] $Name
[string] $DisplayName
[string[]] $ExtendedKeyUsages
[System.DirectoryServices.ActiveDirectorySecurity]$Security
[System.Enum]$NameFlags
[System.Enum]$EnrollmentFlags
[int]$RequiresApproval
CertificateTemplate([string] $Name, [string] $DisplayName, [string[]] $EKUs, [string] $NameFlag, [string] $EnrollmentFlag, [byte[]] $SecurityDescriptorBytes) {
$this.Name = $Name
$this.DisplayName = $DisplayName
# Validate OIDs
$null = $EKUs | %{[System.Security.Cryptography.Oid]$_}
$this.ExtendedKeyUsages = $EKUs
$this.NameFlags = [System.BitConverter]::ToUInt32([System.BitConverter]::GetBytes([int]$NameFlag), 0) -as $global:msPKICertificateNameFlagType
$this.EnrollmentFlags = $EnrollmentFlag -as $global:msPKIEnrollmentFlag
$this.Security = New-Object System.DirectoryServices.ActiveDirectorySecurity
$this.Security.SetSecurityDescriptorBinaryForm($SecurityDescriptorBytes, [System.Security.AccessControl.AccessControlSections]::All)
}
[psobject] GetObjectControllers () {
$Controllers = Get-ADControlRights $this.Security
return New-Object psobject -Property @{
Enrollees = $this.Security.GetAccessRules($true, $true, [System.Security.Principal.SecurityIdentifier]) | ?{$_.AccessControlType -eq 'Allow' -and $_.ObjectType -eq '0e10c968-78fb-11d2-90d4-00c04f79dc55'} | %{ $_.IdentityReference.ToString() }
Owner = $Controllers.Owner
FullControl = $Controllers.FullControl | %{ $_.IdentityReference.ToString() }
WriteDacl = $Controllers.WriteDacl | %{ $_.IdentityReference.ToString() }
WriteOwner = $Controllers.WriteOwner | %{ $_.IdentityReference.ToString() }
GenericWrite = $Controllers.GenericWrite | %{ $_.IdentityReference.ToString() }
}
}
}
function Find-MisconfiguredCertificateTemplates {
[CmdletBinding()]
Param(
[Parameter(Mandatory=$true, Position=0)]
[string]
$Path,
[switch]
$IgnoreADAdmins,
[switch]
$ShowAllEKUs
)
$reader = New-Object Zetetic.Ldap.LdifEntryReader -ArgumentList @($Path)
$EnrollmentServers = New-Object System.Collections.ArrayList
$CertificateTemplates = New-Object System.Collections.ArrayList
$NtAuthCertificates = $null
$EnabledTemplates = New-Object System.Collections.Generic.HashSet[string]
$i=0
foreach($e in $reader) {
$i++
if(!$e.HasAttribute('objectClass')) {
Write-Warning "Can't parse due to no objectclass. DN: $($e.distinguishedname)"
continue
}
$objectClass = $e["objectClass"].value
if($objectClass.Contains("pKIEnrollmentService")) {
foreach($template in $e["certificateTemplates"].value) {
$null = $EnabledTemplates.Add($template)
}
$certBytes = [byte[]]$e["cACertificate"].value[0]
$null = $EnrollmentServers.Add((New-Object PSObject -Property @{
Name = $e["name"].value
DnsHostName = $e["dNSHostName"].value
Templates = $e["certificateTemplates"].value
Certificate = (New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 -ArgumentList @(,$certBytes))
}))
} elseif($objectClass.Contains("pKICertificateTemplate")) {
try {
$null = $CertificateTemplates.Add((New-Object CertificateTemplate -ArgumentList @(
$e['name'].value,
$e['displayname'].value,
$e['pkiextendedkeyusage'].value,
$e['mspki-certificate-name-flag'].value,
$e['mspki-enrollment-flag'].value,
[byte[]]($e['ntsecuritydescriptor'].value | %{$_})
)))
} catch {
$_
}
} elseif($objectClass.Contains("certificationAuthority")) {
if($e.DistinguishedName.StartsWith('CN=NTAuthCertificates')) {
$ntauth = $e
$NtAuthCertificates = New-Object NtAuthCertificationAuthority -ArgumentList $e['nTSecurityDescriptor'].value[0], $ntauth['cACertificate'].Value
}
}
}
$reader.Dispose()
$AnyPurposeOid = "2.5.29.37.0"
$ClientAuthenticationOid = "1.3.6.1.5.5.7.3.2"
$SmartcardLogonOid = "1.3.6.1.4.1.311.20.2.2"
$CertificateRequestAgent = '1.3.6.1.4.1.311.20.2.1'
$DangerousEkus = @(
$AnyPurposeOid,
$ClientAuthenticationOid,
$SmartcardLogonOid,
$CertificateRequestAgent
)
$OutputStr = New-Object System.Text.StringBuilder
$CertificateTemplates | Where-Object {
$t = $_
try {
# Ugh, the reflection hacks to get around PS classes....
($ShowAllEKUs -or $t.ExtendedKeyUsages -eq $null -or ($t.ExtendedKeyUsages | ?{$_ -in $DangerousEkus})) `
-and !$t.EnrollmentFlags.HasFlag($msPKIEnrollmentFlag.GetField('PEND_ALL_REQUESTS').GetValue($null)) `
-and $t.NameFlags.HasFlag($msPKICertificateNameFlagType.GetField('ENROLLEE_SUPPLIES_SUBJECT').GetValue($null)) `
-and $t.Name -in $EnabledTemplates
} catch {
Write-Warning "Error checking vulnerable configuration for the template $($t.Name). Template info: $($t | ConvertTo-Json -Compress)"
}
} | ForEach-Object {
$TemplateName = $_.Name
$AffectedCAs = $EnrollmentServers | ?{$TemplateName -in $_.Templates} | %{ "$($_.DnsHostName)\$($_.Name)"}
$Controllers = $_.GetObjectControllers()
$null = $OutputStr.Append(
@"
Affected CAs: $($AffectedCAs -join ', ')
Template Info:
Name: $($_.Name)
DisplayName: $($_.DisplayName)
EKUs: $(($_.ExtendedKeyUsages | %{([System.Security.Cryptography.Oid]$_).FriendlyName} | Sort-Object) -join ', ')
Permissions:
Owner: $(Get-SidString $Controllers.Owner)
Enrollment Rights:
$(($Controllers.Enrollees | Get-SidString -IgnoreADAdmins:$IgnoreADAdmins) -join "`n ")
Object Controllers:
FullControl/GenericAll:
$(($Controllers.FullControl | Get-SidString -IgnoreADAdmins:$IgnoreADAdmins) -join "`n ")
WriteDacl:
$(($Controllers.WriteDacl | Get-SidString -IgnoreADAdmins:$IgnoreADAdmins) -join "`n ")
WriteOwner:
$(($Controllers.WriteOwner | Get-SidString -IgnoreADAdmins:$IgnoreADAdmins) -join "`n ")
GenericWrite:
$(($Controllers.GenericWrite | Get-SidString -IgnoreADAdmins:$IgnoreADAdmins) -join "`n ")
"@)
}
$OutputStr.ToString()
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment