public/maester/entra/Test-MtHighRiskAppPermissions.ps1
|
<#
.SYNOPSIS Check if any applications or service principals have high risk Graph permissions that can lead to direct or indirect paths to Global Admin and full tenant takeover. The permissions are based on the research published at https://github.com/emiliensocchi/azure-tiering/tree/main. .DESCRIPTION Applications that use Graph API permissions with a risk of having a direct or indirect path to Global Admin and full tenant takeover. .EXAMPLE Test-MtHighRiskAppPermissions Returns true if no application has Tier-0 graph permissions .LINK https://maester.dev/docs/commands/Test-MtHighRiskAppPermissions #> function Test-MtHighRiskAppPermissions { [CmdletBinding()] [Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseSingularNouns', '', Justification = 'This test checks multiple permissions.')] [OutputType([bool])] param( # Check for direct path to Global Admin or indirect path through a combination of permissions. Default is "All". [ValidateSet('All', 'Direct', 'Indirect')] [String] $AttackPath = "All" ) if (-not (Test-MtConnection Graph)) { Add-MtTestResultDetail -SkippedBecause NotConnectedGraph return $null } $allCriticalGraphPermissions = @( [pscustomobject]@{ Id='2f6817f8-7b12-4f0f-bc18-eeaf60705a9e'; Name='PrivilegedAccess.ReadWrite.AzureADGroup'; Type='Application'; Path='Direct' } [pscustomobject]@{ Id='32531c59-1f32-461f-b8df-6f8a3b89f73b'; Name='PrivilegedAccess.ReadWrite.AzureADGroup'; Type='Delegated' Path='Direct' } [pscustomobject]@{ Id='41202f2c-f7ab-45be-b001-85c9728b9d69'; Name='PrivilegedAssignmentSchedule.ReadWrite.AzureADGroup'; Type='Application' Path='Direct' } [pscustomobject]@{ Id='06dbc45d-6708-4ef0-a797-f797ee68bf4b'; Name='PrivilegedAssignmentSchedule.ReadWrite.AzureADGroup'; Type='Delegated' Path='Direct' } [pscustomobject]@{ Id='dd199f4a-f148-40a4-a2ec-f0069cc799ec'; Name='RoleAssignmentSchedule.ReadWrite.Directory'; Type='Application' Path='Direct' } [pscustomobject]@{ Id='8c026be3-8e26-4774-9372-8d5d6f21daff'; Name='RoleAssignmentSchedule.ReadWrite.Directory'; Type='Delegated' Path='Direct' } [pscustomobject]@{ Id='9e3f62cf-ca93-4989-b6ce-bf83c28f9fe8'; Name='RoleManagement.ReadWrite.Directory'; Type='Application' Path='Direct' } [pscustomobject]@{ Id='d01b97e9-cbc0-49fe-810a-750afd5527a3'; Name='RoleManagement.ReadWrite.Directory'; Type='Delegated' Path='Direct' } [pscustomobject]@{ Id='eccc023d-eccf-4e7b-9683-8813ab36cecc'; Name='User.DeleteRestore.All'; Type='Application' Path='Direct' } [pscustomobject]@{ Id='4bb440cd-2cf2-4f90-8004-aa2acd2537c5'; Name='User.DeleteRestore.All'; Type='Delegated' Path='Direct' } [pscustomobject]@{ Id='3011c876-62b7-4ada-afa2-506cbbecc68c'; Name='User.EnableDisableAccount.All'; Type='Application' Path='Direct' } [pscustomobject]@{ Id='f92e74e7-2563-467f-9dd0-902688cb5863'; Name='User.EnableDisableAccount.All'; Type='Delegated' Path='Direct' } [pscustomobject]@{ Id='50483e42-d915-4231-9639-7fdb7fd190e5'; Name='UserAuthenticationMethod.ReadWrite.All'; Type='Application' Path='Direct' } [pscustomobject]@{ Id='b7887744-6746-4312-813d-72daeaee7e2d'; Name='UserAuthenticationMethod.ReadWrite.All'; Type='Delegated' Path='Direct' } [pscustomobject]@{ Id='5eb59dd3-1da2-4329-8733-9dabdc435916'; Name='AdministrativeUnit.ReadWrite.All'; Type='Application' Path='Indirect' } [pscustomobject]@{ Id='7b8a2d34-6b3f-4542-a343-54651608ad81'; Name='AdministrativeUnit.ReadWrite.All'; Type='Delegated' Path='Indirect' } [pscustomobject]@{ Id='1bfefb4e-e0b5-418b-a88f-73c46d2cc8e9'; Name='Application.ReadWrite.All'; Type='Application' Path='Indirect' } [pscustomobject]@{ Id='bdfbf15f-ee85-4955-8675-146e8e5296b5'; Name='Application.ReadWrite.All'; Type='Delegated' Path='Indirect' } [pscustomobject]@{ Id='18a4783c-866b-4cc7-a460-3d5e5662c884'; Name='Application.ReadWrite.OwnedBy'; Type='Application' Path='Indirect' } [pscustomobject]@{ Id='06b708a9-e830-4db3-a914-8e69da51d44f'; Name='AppRoleAssignment.ReadWrite.All'; Type='Application' Path='Indirect' } [pscustomobject]@{ Id='84bccea3-f856-4a8a-967b-dbe0a3d53a64'; Name='AppRoleAssignment.ReadWrite.All'; Type='Delegated' Path='Indirect' } [pscustomobject]@{ Id='9241abd9-d0e6-425a-bd4f-47ba86e767a4'; Name='DeviceManagementConfiguration.ReadWrite.All'; Type='Application' Path='Indirect' } [pscustomobject]@{ Id='0883f392-0a7a-443d-8c76-16a6d39c7b63'; Name='DeviceManagementConfiguration.ReadWrite.All'; Type='Delegated' Path='Indirect' } [pscustomobject]@{ Id='e330c4f0-4170-414e-a55a-2f022ec2b57b'; Name='DeviceManagementRBAC.ReadWrite.All'; Type='Application' Path='Indirect' } [pscustomobject]@{ Id='0c5e8a55-87a6-4556-93ab-adc52c4d862d'; Name='DeviceManagementRBAC.ReadWrite.All'; Type='Delegated' Path='Indirect' } [pscustomobject]@{ Id='19dbc75e-c2e2-444c-a770-ec69d8559fc7'; Name='Directory.ReadWrite.All'; Type='Application' Path='Indirect' } [pscustomobject]@{ Id='c5366453-9fb0-48a5-a156-24f0c49a4b84'; Name='Directory.ReadWrite.All'; Type='Delegated' Path='Indirect' } [pscustomobject]@{ Id='9acd699f-1e81-4958-b001-93b1d2506e19'; Name='EntitlementManagement.ReadWrite.All'; Type='Application' Path='Indirect' } [pscustomobject]@{ Id='ae7a573d-81d7-432b-ad44-4ed5c9d89038'; Name='EntitlementManagement.ReadWrite.All'; Type='Delegated' Path='Indirect' } [pscustomobject]@{ Id='62a82d76-70ea-41e2-9197-370581804d09'; Name='Group.ReadWrite.All'; Type='Application' Path='Indirect' } [pscustomobject]@{ Id='4e46008b-f24c-477d-8fff-7bb4ec7aafe0'; Name='Group.ReadWrite.All'; Type='Delegated' Path='Indirect' } [pscustomobject]@{ Id='dbaae8cf-10b5-4b86-a4a1-f871c94c6695'; Name='GroupMember.ReadWrite.All'; Type='Application' Path='Indirect' } [pscustomobject]@{ Id='f81125ac-d3b7-4573-a3b2-7099cc39df9e'; Name='GroupMember.ReadWrite.All'; Type='Delegated' Path='Indirect' } [pscustomobject]@{ Id='29c18626-4985-4dcd-85c0-193eef327366'; Name='Policy.ReadWrite.AuthenticationMethod'; Type='Application' Path='Indirect' } [pscustomobject]@{ Id='7e823077-d88e-468f-a337-e18f1f0e6c7c'; Name='Policy.ReadWrite.AuthenticationMethod'; Type='Delegated' Path='Indirect' } [pscustomobject]@{ Id='a402ca1c-2696-4531-972d-6e5ee4aa11ea'; Name='Policy.ReadWrite.PermissionGrant'; Type='Application' Path='Indirect' } [pscustomobject]@{ Id='2672f8bb-fd5e-42e0-85e1-ec764dd2614e'; Name='Policy.ReadWrite.PermissionGrant'; Type='Delegated' Path='Indirect' } [pscustomobject]@{ Id='618b6020-bca8-4de6-99f6-ef445fa4d857'; Name='PrivilegedEligibilitySchedule.ReadWrite.AzureADGroup'; Type='Application' Path='Indirect' } [pscustomobject]@{ Id='ba974594-d163-484e-ba39-c330d5897667'; Name='PrivilegedEligibilitySchedule.ReadWrite.AzureADGroup'; Type='Delegated' Path='Indirect' } [pscustomobject]@{ Id='fee28b28-e1f3-4841-818e-2704dc62245f'; Name='RoleEligibilitySchedule.ReadWrite.Directory'; Type='Application' Path='Indirect' } [pscustomobject]@{ Id='62ade113-f8e0-4bf9-a6ba-5acb31db32fd'; Name='RoleEligibilitySchedule.ReadWrite.Directory'; Type='Delegated' Path='Indirect' } [pscustomobject]@{ Id='b38dcc4d-a239-4ed6-aa84-6c65b284f97c'; Name='RoleManagementPolicy.ReadWrite.AzureADGroup'; Type='Application' Path='Indirect' } [pscustomobject]@{ Id='0da165c7-3f15-4236-b733-c0b0f6abe41d'; Name='RoleManagementPolicy.ReadWrite.AzureADGroup'; Type='Delegated' Path='Indirect' } [pscustomobject]@{ Id='31e08e0a-d3f7-4ca2-ac39-7343fb83e8ad'; Name='RoleManagementPolicy.ReadWrite.Directory'; Type='Application' Path='Indirect' } [pscustomobject]@{ Id='1ff1be21-34eb-448c-9ac9-ce1f506b2a68'; Name='RoleManagementPolicy.ReadWrite.Directory'; Type='Delegated' Path='Indirect' } [pscustomobject]@{ Id='741f803b-c850-494e-b5df-cde7c675a1ca'; Name='User.ReadWrite.All'; Type='Application' Path='Indirect' } [pscustomobject]@{ Id='204e0828-b5ca-4ad8-b9f3-f32a958e7cc4'; Name='User.ReadWrite.All'; Type='Delegated' Path='Indirect' } [pscustomobject]@{ Id='cc117bb9-00cf-4eb8-b580-ea2a878fe8f7'; Name='User-PasswordProfile.ReadWrite.All'; Type='Application' Path='Indirect' } [pscustomobject]@{ Id='56760768-b641-451f-8906-e1b8ab31bca7'; Name='User-PasswordProfile.ReadWrite.All'; Type='Delegated' Path='Indirect' } [pscustomobject]@{ Id='9241abd9-d0e6-425a-bd4f-47ba86e767a4'; Name='DeviceManagementConfiguration.ReadWrite.All'; Type='Application' Path='Indirect' } [pscustomobject]@{ Id='0883f392-0a7a-443d-8c76-16a6d39c7b63'; Name='DeviceManagementConfiguration.ReadWrite.All'; Type='Delegated' Path='Indirect' } [pscustomobject]@{ Id='e330c4f0-4170-414e-a55a-2f022ec2b57b'; Name='DeviceManagementRBAC.ReadWrite.All'; Type='Application' Path='Indirect' } [pscustomobject]@{ Id='0c5e8a55-87a6-4556-93ab-adc52c4d862d'; Name='DeviceManagementRBAC.ReadWrite.All'; Type='Delegated' Path='Indirect' } [pscustomobject]@{ Id='7e05723c-0bb0-42da-be95-ae9f08a6e53c'; Name='Domain.ReadWrite.All'; Type='Application' Path='Indirect' } [pscustomobject]@{ Id='0b5d694c-a244-4bde-86e6-eb5cd07730fe'; Name='Domain.ReadWrite.All'; Type='Delegated' Path='Indirect' } [pscustomobject]@{ Id='292d869f-3427-49a8-9dab-8c70152b74e9'; Name='Organization.ReadWrite.All'; Type='Application' Path='Indirect' } [pscustomobject]@{ Id='46ca0847-7e6b-426e-9775-ea810a948356'; Name='Organization.ReadWrite.All'; Type='Delegated' Path='Indirect' } [pscustomobject]@{ Id='01c0a623-fc9b-48e9-b794-0756f8e8f067'; Name='Policy.ReadWrite.ConditionalAccess'; Type='Application' Path='Direct' } [pscustomobject]@{ Id='ad902697-1014-4ef5-81ef-2b4301988e8c'; Name='Policy.ReadWrite.ConditionalAccess'; Type='Delegated' Path='Direct' } ) $return = $true Write-Verbose "Test-MtHighRiskAppPermissions: Checking applications for high-risk permissions" try { $allApiAssignments = [System.Collections.Generic.List[PSCustomObject]]::new() $allServicePrincipals = Invoke-MtGraphRequest -RelativeUri "servicePrincipals" foreach ($sp in $allServicePrincipals) { If (([string]::IsNullOrEmpty($sp.Id))) { Continue } $spUrl = "https://entra.microsoft.com/#view/Microsoft_AAD_IAM/ManagedAppMenuBlade/~/Overview/objectId/$($sp.id)/appId/$($sp.appId)" $spAppRoleAssignments = Invoke-MgGraphRequest -Uri "https://graph.microsoft.com/v1.0/servicePrincipals/$($sp.Id)/appRoleAssignments" -Method GET $spAppRoleAssignments.value | ForEach-Object { $allApiAssignments.Add([PSCustomObject]@{ appDisplayName = $sp.appDisplayName objectId = $sp.Id appId = $sp.appId appUrl = $spUrl permissionId = $_.appRoleId permissionName = $null type = "Application" }) } $spOauth2PermissionGrants = Invoke-MgGraphRequest -Uri "https://graph.microsoft.com/v1.0/servicePrincipals/$($sp.Id)/oauth2PermissionGrants" -Method GET $spOauth2PermissionGrants.value | ForEach-Object { $_.scope.Split(" ") | ForEach-Object { $allApiAssignments.Add([PSCustomObject]@{ appDisplayName = $sp.appDisplayName objectId = $sp.Id appId = $sp.appId appUrl = $spUrl permissionId = $null permissionName = $_.Trim() type = "Delegated" }) } } } if ($attackPath -ne "All") { $allCriticalGraphPermissionsToCheck = $allCriticalGraphPermissions | Where-Object { $_.Path -eq $attackPath } $attackPathStr = $attackPath.ToLower() } else { $attackPathStr = "direct or indirect" $allCriticalGraphPermissionsToCheck = $allCriticalGraphPermissions } $allAssignedCriticalPermissions = [System.Collections.Generic.List[PSCustomObject]]::new() foreach ($apiAssignment in $allApiAssignments) { foreach ($criticalGraphPermission in $allCriticalGraphPermissionsToCheck) { $compareAssignmet = if ($apiAssignment.type -eq "Application") { $apiAssignment.permissionId } else { $apiAssignment.permissionName } $compareGraphPermission = if ($apiAssignment.type -eq "Application") { $criticalGraphPermission.Id } else { $criticalGraphPermission.Name } if (($compareAssignmet -eq $compareGraphPermission) -and ($apiAssignment.type -eq $criticalGraphPermission.Type)) { $allAssignedCriticalPermissions.Add([PSCustomObject]@{ ApplicationName = $apiAssignment.appDisplayName ApplicationId = $apiAssignment.appId ApplicationUrl = $apiAssignment.appUrl PermissionName = $criticalGraphPermission.Name PermissionType = $criticalGraphPermission.Type AttackPath = $criticalGraphPermission.Path }) } } } $return = if (($allAssignedCriticalPermissions | Measure-Object).Count -eq 0) { $true } else { $false } if ($return) { $testResultMarkdown = "Well done. No application has graph permissions with a risk of having a $($attackPathStr) path to Global Admin and full tenant takeover." } else { $testResultMarkdown = "At least one application has graph permissions with a risk of having a $($attackPathStr) path to Global Admin and full tenant takeover.`n`n%TestResult%" $result = "| ApplicationName | ApplicationId | PermissionName | PermissionType | AttackPath |`n" $result += "| --- | --- | --- | --- | --- |`n" foreach ($assignedCriticalPermission in $allAssignedCriticalPermissions) { $appMdLink = "[$($assignedCriticalPermission.ApplicationName)]($($assignedCriticalPermission.ApplicationUrl))" $result += "| $($appMdLink) | $($assignedCriticalPermission.ApplicationId) | $($assignedCriticalPermission.PermissionName) | $($assignedCriticalPermission.PermissionType) | $($assignedCriticalPermission.AttackPath) |`n" } $testResultMarkdown = $testResultMarkdown -replace "%TestResult%", $result } Add-MtTestResultDetail -Result $testResultMarkdown } catch { $return = $false Write-Error $_.Exception.Message } return $return } # SIG # Begin signature block # MIIuqAYJKoZIhvcNAQcCoIIumTCCLpUCAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCCZ3BjbzKMV2DYT # +B2BD5q+kA+4s+0SsOp/zuqcXGP5s6CCE5EwggWQMIIDeKADAgECAhAFmxtXno4h # MuI5B72nd3VcMA0GCSqGSIb3DQEBDAUAMGIxCzAJBgNVBAYTAlVTMRUwEwYDVQQK # EwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xITAfBgNV # BAMTGERpZ2lDZXJ0IFRydXN0ZWQgUm9vdCBHNDAeFw0xMzA4MDExMjAwMDBaFw0z # ODAxMTUxMjAwMDBaMGIxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJ # bmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xITAfBgNVBAMTGERpZ2lDZXJ0 # IFRydXN0ZWQgUm9vdCBHNDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB # AL/mkHNo3rvkXUo8MCIwaTPswqclLskhPfKK2FnC4SmnPVirdprNrnsbhA3EMB/z # G6Q4FutWxpdtHauyefLKEdLkX9YFPFIPUh/GnhWlfr6fqVcWWVVyr2iTcMKyunWZ # anMylNEQRBAu34LzB4TmdDttceItDBvuINXJIB1jKS3O7F5OyJP4IWGbNOsFxl7s # Wxq868nPzaw0QF+xembud8hIqGZXV59UWI4MK7dPpzDZVu7Ke13jrclPXuU15zHL # 2pNe3I6PgNq2kZhAkHnDeMe2scS1ahg4AxCN2NQ3pC4FfYj1gj4QkXCrVYJBMtfb # BHMqbpEBfCFM1LyuGwN1XXhm2ToxRJozQL8I11pJpMLmqaBn3aQnvKFPObURWBf3 # JFxGj2T3wWmIdph2PVldQnaHiZdpekjw4KISG2aadMreSx7nDmOu5tTvkpI6nj3c # AORFJYm2mkQZK37AlLTSYW3rM9nF30sEAMx9HJXDj/chsrIRt7t/8tWMcCxBYKqx # YxhElRp2Yn72gLD76GSmM9GJB+G9t+ZDpBi4pncB4Q+UDCEdslQpJYls5Q5SUUd0 # viastkF13nqsX40/ybzTQRESW+UQUOsxxcpyFiIJ33xMdT9j7CFfxCBRa2+xq4aL # T8LWRV+dIPyhHsXAj6KxfgommfXkaS+YHS312amyHeUbAgMBAAGjQjBAMA8GA1Ud # EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBTs1+OC0nFdZEzf # Lmc/57qYrhwPTzANBgkqhkiG9w0BAQwFAAOCAgEAu2HZfalsvhfEkRvDoaIAjeNk # aA9Wz3eucPn9mkqZucl4XAwMX+TmFClWCzZJXURj4K2clhhmGyMNPXnpbWvWVPjS # PMFDQK4dUPVS/JA7u5iZaWvHwaeoaKQn3J35J64whbn2Z006Po9ZOSJTROvIXQPK # 7VB6fWIhCoDIc2bRoAVgX+iltKevqPdtNZx8WorWojiZ83iL9E3SIAveBO6Mm0eB # cg3AFDLvMFkuruBx8lbkapdvklBtlo1oepqyNhR6BvIkuQkRUNcIsbiJeoQjYUIp # 5aPNoiBB19GcZNnqJqGLFNdMGbJQQXE9P01wI4YMStyB0swylIQNCAmXHE/A7msg # dDDS4Dk0EIUhFQEI6FUy3nFJ2SgXUE3mvk3RdazQyvtBuEOlqtPDBURPLDab4vri # RbgjU2wGb2dVf0a1TD9uKFp5JtKkqGKX0h7i7UqLvBv9R0oN32dmfrJbQdA75PQ7 # 9ARj6e/CVABRoIoqyc54zNXqhwQYs86vSYiv85KZtrPmYQ/ShQDnUBrkG5WdGaG5 # nLGbsQAe79APT0JsyQq87kP6OnGlyE0mpTX9iV28hWIdMtKgK1TtmlfB2/oQzxm3 # i0objwG2J5VT6LaJbVu8aNQj6ItRolb58KaAoNYes7wPD1N1KarqE3fk3oyBIa0H # EEcRrYc9B9F1vM/zZn4wggawMIIEmKADAgECAhAIrUCyYNKcTJ9ezam9k67ZMA0G # CSqGSIb3DQEBDAUAMGIxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJ # bmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xITAfBgNVBAMTGERpZ2lDZXJ0 # IFRydXN0ZWQgUm9vdCBHNDAeFw0yMTA0MjkwMDAwMDBaFw0zNjA0MjgyMzU5NTla # MGkxCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5EaWdpQ2VydCwgSW5jLjFBMD8GA1UE # AxM4RGlnaUNlcnQgVHJ1c3RlZCBHNCBDb2RlIFNpZ25pbmcgUlNBNDA5NiBTSEEz # ODQgMjAyMSBDQTEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDVtC9C # 0CiteLdd1TlZG7GIQvUzjOs9gZdwxbvEhSYwn6SOaNhc9es0JAfhS0/TeEP0F9ce # 2vnS1WcaUk8OoVf8iJnBkcyBAz5NcCRks43iCH00fUyAVxJrQ5qZ8sU7H/Lvy0da # E6ZMswEgJfMQ04uy+wjwiuCdCcBlp/qYgEk1hz1RGeiQIXhFLqGfLOEYwhrMxe6T # SXBCMo/7xuoc82VokaJNTIIRSFJo3hC9FFdd6BgTZcV/sk+FLEikVoQ11vkunKoA # FdE3/hoGlMJ8yOobMubKwvSnowMOdKWvObarYBLj6Na59zHh3K3kGKDYwSNHR7Oh # D26jq22YBoMbt2pnLdK9RBqSEIGPsDsJ18ebMlrC/2pgVItJwZPt4bRc4G/rJvmM # 1bL5OBDm6s6R9b7T+2+TYTRcvJNFKIM2KmYoX7BzzosmJQayg9Rc9hUZTO1i4F4z # 8ujo7AqnsAMrkbI2eb73rQgedaZlzLvjSFDzd5Ea/ttQokbIYViY9XwCFjyDKK05 # huzUtw1T0PhH5nUwjewwk3YUpltLXXRhTT8SkXbev1jLchApQfDVxW0mdmgRQRNY # mtwmKwH0iU1Z23jPgUo+QEdfyYFQc4UQIyFZYIpkVMHMIRroOBl8ZhzNeDhFMJlP # /2NPTLuqDQhTQXxYPUez+rbsjDIJAsxsPAxWEQIDAQABo4IBWTCCAVUwEgYDVR0T # AQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUaDfg67Y7+F8Rhvv+YXsIiGX0TkIwHwYD # VR0jBBgwFoAU7NfjgtJxXWRM3y5nP+e6mK4cD08wDgYDVR0PAQH/BAQDAgGGMBMG # A1UdJQQMMAoGCCsGAQUFBwMDMHcGCCsGAQUFBwEBBGswaTAkBggrBgEFBQcwAYYY # aHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEEGCCsGAQUFBzAChjVodHRwOi8vY2Fj # ZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRUcnVzdGVkUm9vdEc0LmNydDBDBgNV # HR8EPDA6MDigNqA0hjJodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRU # cnVzdGVkUm9vdEc0LmNybDAcBgNVHSAEFTATMAcGBWeBDAEDMAgGBmeBDAEEATAN # BgkqhkiG9w0BAQwFAAOCAgEAOiNEPY0Idu6PvDqZ01bgAhql+Eg08yy25nRm95Ry # sQDKr2wwJxMSnpBEn0v9nqN8JtU3vDpdSG2V1T9J9Ce7FoFFUP2cvbaF4HZ+N3HL # IvdaqpDP9ZNq4+sg0dVQeYiaiorBtr2hSBh+3NiAGhEZGM1hmYFW9snjdufE5Btf # Q/g+lP92OT2e1JnPSt0o618moZVYSNUa/tcnP/2Q0XaG3RywYFzzDaju4ImhvTnh # OE7abrs2nfvlIVNaw8rpavGiPttDuDPITzgUkpn13c5UbdldAhQfQDN8A+KVssIh # dXNSy0bYxDQcoqVLjc1vdjcshT8azibpGL6QB7BDf5WIIIJw8MzK7/0pNVwfiThV # 9zeKiwmhywvpMRr/LhlcOXHhvpynCgbWJme3kuZOX956rEnPLqR0kq3bPKSchh/j # wVYbKyP/j7XqiHtwa+aguv06P0WmxOgWkVKLQcBIhEuWTatEQOON8BUozu3xGFYH # Ki8QxAwIZDwzj64ojDzLj4gLDb879M4ee47vtevLt/B3E+bnKD+sEq6lLyJsQfmC # XBVmzGwOysWGw/YmMwwHS6DTBwJqakAwSEs0qFEgu60bhQjiWQ1tygVQK+pKHJ6l # /aCnHwZ05/LWUpD9r4VIIflXO7ScA+2GRfS0YW6/aOImYIbqyK+p/pQd52MbOoZW # eE4wggdFMIIFLaADAgECAhAP1Kd7fuviGgjvj8ZCqpTVMA0GCSqGSIb3DQEBCwUA # MGkxCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5EaWdpQ2VydCwgSW5jLjFBMD8GA1UE # AxM4RGlnaUNlcnQgVHJ1c3RlZCBHNCBDb2RlIFNpZ25pbmcgUlNBNDA5NiBTSEEz # ODQgMjAyMSBDQTEwHhcNMjUwNDEwMDAwMDAwWhcNMjgwNzA2MjM1OTU5WjBNMQsw # CQYDVQQGEwJERTEQMA4GA1UEBxMHSGFtYnVyZzEVMBMGA1UEChMMRmFiaWFuIEJh # ZGVyMRUwEwYDVQQDEwxGYWJpYW4gQmFkZXIwggIiMA0GCSqGSIb3DQEBAQUAA4IC # DwAwggIKAoICAQCJI0Z1dyHcnutVp/vdHkC2p3oq9xB8JqGYqLRMR/SoBLgI5i+V # 3AWxu45/ue9MKtlBRlV5d7UAgVoFd9E/aB/aExr0Oj69sPmuI+O2zPozn6UMc9ci # tp8L2JRHNpN9KWuA06dmUD/VYPRgqmNtGQFW57XaEJ8klHPDxGuigxzudqJveifK # QjRoRlSileoVhyjlt6tEyorfRgd1VVWFxkso1qVEjn3ucml+DzrA+ZKiDp//C8+N # TMu9qMecEsXWPk4qhCla7MO1XpDJb8NE/4WY+PYFrwpxSwiBisWlpA8cgf7i7dhI # 4P9kTMZz8Cl5OB8/DrsZuv0Fxwmmu88b4uo7nI3HwzfnU/wkNO92g8cywdXHgMDp # IT++srZXnSQG+Pc4TFAQ8dHHBHxabqTSoZpNYQXQySVSvbpavpcAOhgBg4x2gefD # Y7Y+iEoLXxwFMIQE908pFHj6+iLlmiKHWLt5eSXtwXoJ83XykFlUXTQ9WW+eo9YI # lB0GZrwq/4g6nx7mWVG3lIcbfF7oDLUt1d7FhqhWHboYTlRMfkVpOz3TCjma9PY3 # R34n7ejn6cF+kkBK6EX3otlmBtb2sXdPModfceLJbfoU0X1la5tExpQjDHbQ8p/5 # HZLFQ0aGe7BDqBKW3HvIQjw81KMUXBToYvODHXiTNlQl1AZHpZCAf/YnKQIDAQAB # o4ICAzCCAf8wHwYDVR0jBBgwFoAUaDfg67Y7+F8Rhvv+YXsIiGX0TkIwHQYDVR0O # BBYEFM+bqr/hMxUPyRKDe3JjUSSVDqK/MD4GA1UdIAQ3MDUwMwYGZ4EMAQQBMCkw # JwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAOBgNVHQ8B # Af8EBAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwMwgbUGA1UdHwSBrTCBqjBToFGg # T4ZNaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0VHJ1c3RlZEc0Q29k # ZVNpZ25pbmdSU0E0MDk2U0hBMzg0MjAyMUNBMS5jcmwwU6BRoE+GTWh0dHA6Ly9j # cmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFRydXN0ZWRHNENvZGVTaWduaW5nUlNB # NDA5NlNIQTM4NDIwMjFDQTEuY3JsMIGUBggrBgEFBQcBAQSBhzCBhDAkBggrBgEF # BQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMFwGCCsGAQUFBzAChlBodHRw # Oi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRUcnVzdGVkRzRDb2RlU2ln # bmluZ1JTQTQwOTZTSEEzODQyMDIxQ0ExLmNydDAJBgNVHRMEAjAAMA0GCSqGSIb3 # DQEBCwUAA4ICAQBKBhy38Rsh6QNW5pFN6JD9MFjRO9NBJGtwVo1J4/DGrtBVQuyV # wQC9eB1LFgUsKcUWb0hjnS2/J0W3sC9Tt9LHVvhyh+g0Vba+kq3hE284I0C33gaG # P0Orfepx03oSOX/js0OK3+M5f47bSpeOP4t30ms7STRQKK4KQIAN2MBv3uZ0zO/5 # 695DjB9N1chLPEm82Vn6jtdrq3IJTpPBfksd3V8Ex215LiJLeU2E5EuIfiu/PI22 # M8L4zpXkXlZRUXCfppQA7vjQtzFudl2PqqVVb4+4gyAu/bWRNkVx+D6lAN0hMewh # PiFwKDoPwO+cycQ5I6IaFEHONcEEANov6XoaCxQoIoXMd3tm3VEl5Wr9yXEEL+hn # CpcPmGE1d1iloJC0/Uf/TCsf1dSYd2vY4aRdess1GAidk2T27SrkmoHpdvZdYdNA # ts2doFCTyI6sV2c/jYMpL2NJOYWbhq5AxOuu+DLiw1kDsc/KPmrTuSzBGb7nBuJs # 0QHR4toabNeYUGyKzMJGeibhy434gfyXXLKOWaik8NceybN4M1kROqHL/+PtB5zf # Z1me2ygRrKtaP6RJXGvc8EcP5CEdlQOL6tiCg2ARMTYNxnsiLN9mRU9hkzo9BSJ4 # Vm+C6RKABzZj0whAObyqL/PceLKuAqvGoXbhGx8fXhKEgbnSoJ3VsqROFjGCGm0w # ghppAgEBMH0waTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDkRpZ2lDZXJ0LCBJbmMu # MUEwPwYDVQQDEzhEaWdpQ2VydCBUcnVzdGVkIEc0IENvZGUgU2lnbmluZyBSU0E0 # MDk2IFNIQTM4NCAyMDIxIENBMQIQD9Sne37r4hoI74/GQqqU1TANBglghkgBZQME # AgEFAKCBhDAYBgorBgEEAYI3AgEMMQowCKACgAChAoAAMBkGCSqGSIb3DQEJAzEM # BgorBgEEAYI3AgEEMBwGCisGAQQBgjcCAQsxDjAMBgorBgEEAYI3AgEVMC8GCSqG # SIb3DQEJBDEiBCAUTkgsjmXMXHa36gBMSsXX+izc9QpQItqTfPaYM5QmlDANBgkq # hkiG9w0BAQEFAASCAgAGCTHy7OJAobMhA1+0fIOk/fHzMG3dTXRpfvIcnVnVDwsI # yZGs+BKbm+zw3Xtddr+GUVgTVqTBkLax5f4b4yAbLWVsq974f9AwwlfK7aW6K/rs # gGbjGrZMfnPLVnIv+f3ymaIiR0cCFhqGH8GZOv3j8QZfGTU6t8L8FmzXhWd3hwsF # yIO/yvwljzXN3XAzqgxZYBuGYs89B6EKCo+0NIDT10YMM7Ck0W0PAmuEwvd0R5Xb # TseCov7YQJtljtiy26JI74okkPhYxTB6uUjh6rh86R0KkNTsJRD7l+3WIw+k2c9q # TR2ejZV62WFUn0Ji7ofb1mjp2OFgSuQ3c+lQPNZLcfgfpFBQx7BknOUda5VcuS+I # wdDvJ57vLbADPFqr5UhVEB+W/QXTPIlSY5mvyT6B4RWE4WT4pXvW6I0b8FgNsA+F # I2okyYr3VatBCtZ2PFYIq/VLknZm0AHntjZLECrG0kXgPBTWCUytayBrMNoKq7xK # IrgpDMgJSNQt5KIlMvVN+fp+5H+I2KOQDSfGbAlsOkf/4qtQ2mIK9RNnvWKq4Dlr # SuGdxcJ6NPYbaEy5+wE3BkJjrtMV0xFtMcOcttJimAYlMwVmDBI/Q8QfaUMGTNyZ # 7GEVrc3usFTiWm1ijX3CBjKcuGNZ070N0ZtAtDVU25FZHoiKi2yWOBxgvZwFlaGC # Fzowghc2BgorBgEEAYI3AwMBMYIXJjCCFyIGCSqGSIb3DQEHAqCCFxMwghcPAgED # MQ8wDQYJYIZIAWUDBAIBBQAweAYLKoZIhvcNAQkQAQSgaQRnMGUCAQEGCWCGSAGG # /WwHATAxMA0GCWCGSAFlAwQCAQUABCB9OdIdgyGshjN3oKIYI3fBCZ+e1shmJXjp # /GtN8q0XqQIRAN1QT/lIY7SQ3n0dvCWXumQYDzIwMjUwNDI0MDMyMDQ4WqCCEwMw # gga8MIIEpKADAgECAhALrma8Wrp/lYfG+ekE4zMEMA0GCSqGSIb3DQEBCwUAMGMx # CzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5EaWdpQ2VydCwgSW5jLjE7MDkGA1UEAxMy # RGlnaUNlcnQgVHJ1c3RlZCBHNCBSU0E0MDk2IFNIQTI1NiBUaW1lU3RhbXBpbmcg # Q0EwHhcNMjQwOTI2MDAwMDAwWhcNMzUxMTI1MjM1OTU5WjBCMQswCQYDVQQGEwJV # UzERMA8GA1UEChMIRGlnaUNlcnQxIDAeBgNVBAMTF0RpZ2lDZXJ0IFRpbWVzdGFt # cCAyMDI0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvmpzn/aVIauW # MLpbbeZZo7Xo/ZEfGMSIO2qZ46XB/QowIEMSvgjEdEZ3v4vrrTHleW1JWGErrjOL # 0J4L0HqVR1czSzvUQ5xF7z4IQmn7dHY7yijvoQ7ujm0u6yXF2v1CrzZopykD07/9 # fpAT4BxpT9vJoJqAsP8YuhRvflJ9YeHjes4fduksTHulntq9WelRWY++TFPxzZrb # ILRYynyEy7rS1lHQKFpXvo2GePfsMRhNf1F41nyEg5h7iOXv+vjX0K8RhUisfqw3 # TTLHj1uhS66YX2LZPxS4oaf33rp9HlfqSBePejlYeEdU740GKQM7SaVSH3TbBL8R # 6HwX9QVpGnXPlKdE4fBIn5BBFnV+KwPxRNUNK6lYk2y1WSKour4hJN0SMkoaNV8h # yyADiX1xuTxKaXN12HgR+8WulU2d6zhzXomJ2PleI9V2yfmfXSPGYanGgxzqI+Sh # oOGLomMd3mJt92nm7Mheng/TBeSA2z4I78JpwGpTRHiT7yHqBiV2ngUIyCtd0pZ8 # zg3S7bk4QC4RrcnKJ3FbjyPAGogmoiZ33c1HG93Vp6lJ415ERcC7bFQMRbxqrMVA # Niav1k425zYyFMyLNyE1QulQSgDpW9rtvVcIH7WvG9sqYup9j8z9J1XqbBZPJ5XL # ln8mS8wWmdDLnBHXgYly/p1DhoQo5fkCAwEAAaOCAYswggGHMA4GA1UdDwEB/wQE # AwIHgDAMBgNVHRMBAf8EAjAAMBYGA1UdJQEB/wQMMAoGCCsGAQUFBwMIMCAGA1Ud # IAQZMBcwCAYGZ4EMAQQCMAsGCWCGSAGG/WwHATAfBgNVHSMEGDAWgBS6FtltTYUv # cyl2mi91jGogj57IbzAdBgNVHQ4EFgQUn1csA3cOKBWQZqVjXu5Pkh92oFswWgYD # VR0fBFMwUTBPoE2gS4ZJaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0 # VHJ1c3RlZEc0UlNBNDA5NlNIQTI1NlRpbWVTdGFtcGluZ0NBLmNybDCBkAYIKwYB # BQUHAQEEgYMwgYAwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNv # bTBYBggrBgEFBQcwAoZMaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lD # ZXJ0VHJ1c3RlZEc0UlNBNDA5NlNIQTI1NlRpbWVTdGFtcGluZ0NBLmNydDANBgkq # hkiG9w0BAQsFAAOCAgEAPa0eH3aZW+M4hBJH2UOR9hHbm04IHdEoT8/T3HuBSyZe # q3jSi5GXeWP7xCKhVireKCnCs+8GZl2uVYFvQe+pPTScVJeCZSsMo1JCoZN2mMew # /L4tpqVNbSpWO9QGFwfMEy60HofN6V51sMLMXNTLfhVqs+e8haupWiArSozyAmGH # /6oMQAh078qRh6wvJNU6gnh5OruCP1QUAvVSu4kqVOcJVozZR5RRb/zPd++PGE3q # F1P3xWvYViUJLsxtvge/mzA75oBfFZSbdakHJe2BVDGIGVNVjOp8sNt70+kEoMF+ # T6tptMUNlehSR7vM+C13v9+9ZOUKzfRUAYSyyEmYtsnpltD/GWX8eM70ls1V6QG/ # ZOB6b6Yum1HvIiulqJ1Elesj5TMHq8CWT/xrW7twipXTJ5/i5pkU5E16RSBAdOp1 # 2aw8IQhhA/vEbFkEiF2abhuFixUDobZaA0VhqAsMHOmaT3XThZDNi5U2zHKhUs5u # HHdG6BoQau75KiNbh0c+hatSF+02kULkftARjsyEpHKsF7u5zKRbt5oK5YGwFvgc # 4pEVUNytmB3BpIiowOIIuDgP5M9WArHYSAR16gc0dP2XdkMEP5eBsX7bf/MGN4K3 # HP50v/01ZHo/Z5lGLvNwQ7XHBx1yomzLP8lx4Q1zZKDyHcp4VQJLu2kWTsKsOqQw # ggauMIIElqADAgECAhAHNje3JFR82Ees/ShmKl5bMA0GCSqGSIb3DQEBCwUAMGIx # CzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3 # dy5kaWdpY2VydC5jb20xITAfBgNVBAMTGERpZ2lDZXJ0IFRydXN0ZWQgUm9vdCBH # NDAeFw0yMjAzMjMwMDAwMDBaFw0zNzAzMjIyMzU5NTlaMGMxCzAJBgNVBAYTAlVT # MRcwFQYDVQQKEw5EaWdpQ2VydCwgSW5jLjE7MDkGA1UEAxMyRGlnaUNlcnQgVHJ1 # c3RlZCBHNCBSU0E0MDk2IFNIQTI1NiBUaW1lU3RhbXBpbmcgQ0EwggIiMA0GCSqG # SIb3DQEBAQUAA4ICDwAwggIKAoICAQDGhjUGSbPBPXJJUVXHJQPE8pE3qZdRodbS # g9GeTKJtoLDMg/la9hGhRBVCX6SI82j6ffOciQt/nR+eDzMfUBMLJnOWbfhXqAJ9 # /UO0hNoR8XOxs+4rgISKIhjf69o9xBd/qxkrPkLcZ47qUT3w1lbU5ygt69OxtXXn # HwZljZQp09nsad/ZkIdGAHvbREGJ3HxqV3rwN3mfXazL6IRktFLydkf3YYMZ3V+0 # VAshaG43IbtArF+y3kp9zvU5EmfvDqVjbOSmxR3NNg1c1eYbqMFkdECnwHLFuk4f # sbVYTXn+149zk6wsOeKlSNbwsDETqVcplicu9Yemj052FVUmcJgmf6AaRyBD40Nj # gHt1biclkJg6OBGz9vae5jtb7IHeIhTZgirHkr+g3uM+onP65x9abJTyUpURK1h0 # QCirc0PO30qhHGs4xSnzyqqWc0Jon7ZGs506o9UD4L/wojzKQtwYSH8UNM/STKvv # mz3+DrhkKvp1KCRB7UK/BZxmSVJQ9FHzNklNiyDSLFc1eSuo80VgvCONWPfcYd6T # /jnA+bIwpUzX6ZhKWD7TA4j+s4/TXkt2ElGTyYwMO1uKIqjBJgj5FBASA31fI7tk # 42PgpuE+9sJ0sj8eCXbsq11GdeJgo1gJASgADoRU7s7pXcheMBK9Rp6103a50g5r # mQzSM7TNsQIDAQABo4IBXTCCAVkwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4E # FgQUuhbZbU2FL3MpdpovdYxqII+eyG8wHwYDVR0jBBgwFoAU7NfjgtJxXWRM3y5n # P+e6mK4cD08wDgYDVR0PAQH/BAQDAgGGMBMGA1UdJQQMMAoGCCsGAQUFBwMIMHcG # CCsGAQUFBwEBBGswaTAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQu # Y29tMEEGCCsGAQUFBzAChjVodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGln # aUNlcnRUcnVzdGVkUm9vdEc0LmNydDBDBgNVHR8EPDA6MDigNqA0hjJodHRwOi8v # Y3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRUcnVzdGVkUm9vdEc0LmNybDAgBgNV # HSAEGTAXMAgGBmeBDAEEAjALBglghkgBhv1sBwEwDQYJKoZIhvcNAQELBQADggIB # AH1ZjsCTtm+YqUQiAX5m1tghQuGwGC4QTRPPMFPOvxj7x1Bd4ksp+3CKDaopafxp # wc8dB+k+YMjYC+VcW9dth/qEICU0MWfNthKWb8RQTGIdDAiCqBa9qVbPFXONASIl # zpVpP0d3+3J0FNf/q0+KLHqrhc1DX+1gtqpPkWaeLJ7giqzl/Yy8ZCaHbJK9nXzQ # cAp876i8dU+6WvepELJd6f8oVInw1YpxdmXazPByoyP6wCeCRK6ZJxurJB4mwbfe # Kuv2nrF5mYGjVoarCkXJ38SNoOeY+/umnXKvxMfBwWpx2cYTgAnEtp/Nh4cku0+j # Sbl3ZpHxcpzpSwJSpzd+k1OsOx0ISQ+UzTl63f8lY5knLD0/a6fxZsNBzU+2QJsh # IUDQtxMkzdwdeDrknq3lNHGS1yZr5Dhzq6YBT70/O3itTK37xJV77QpfMzmHQXh6 # OOmc4d0j/R0o08f56PGYX/sr2H7yRp11LB4nLCbbbxV7HhmLNriT1ObyF5lZynDw # N7+YAN8gFk8n+2BnFqFmut1VwDophrCYoCvtlUG3OtUVmDG0YgkPCr2B2RP+v6TR # 81fZvAT6gt4y3wSJ8ADNXcL50CN/AAvkdgIm2fBldkKmKYcJRyvmfxqkhQ/8mJb2 # VVQrH4D6wPIOK+XW+6kvRBVK5xMOHds3OBqhK/bt1nz8MIIFjTCCBHWgAwIBAgIQ # DpsYjvnQLefv21DiCEAYWjANBgkqhkiG9w0BAQwFADBlMQswCQYDVQQGEwJVUzEV # MBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29t # MSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgQ0EwHhcNMjIwODAx # MDAwMDAwWhcNMzExMTA5MjM1OTU5WjBiMQswCQYDVQQGEwJVUzEVMBMGA1UEChMM # RGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSEwHwYDVQQD # ExhEaWdpQ2VydCBUcnVzdGVkIFJvb3QgRzQwggIiMA0GCSqGSIb3DQEBAQUAA4IC # DwAwggIKAoICAQC/5pBzaN675F1KPDAiMGkz7MKnJS7JIT3yithZwuEppz1Yq3aa # za57G4QNxDAf8xukOBbrVsaXbR2rsnnyyhHS5F/WBTxSD1Ifxp4VpX6+n6lXFllV # cq9ok3DCsrp1mWpzMpTREEQQLt+C8weE5nQ7bXHiLQwb7iDVySAdYyktzuxeTsiT # +CFhmzTrBcZe7FsavOvJz82sNEBfsXpm7nfISKhmV1efVFiODCu3T6cw2Vbuyntd # 463JT17lNecxy9qTXtyOj4DatpGYQJB5w3jHtrHEtWoYOAMQjdjUN6QuBX2I9YI+ # EJFwq1WCQTLX2wRzKm6RAXwhTNS8rhsDdV14Ztk6MUSaM0C/CNdaSaTC5qmgZ92k # J7yhTzm1EVgX9yRcRo9k98FpiHaYdj1ZXUJ2h4mXaXpI8OCiEhtmmnTK3kse5w5j # rubU75KSOp493ADkRSWJtppEGSt+wJS00mFt6zPZxd9LBADMfRyVw4/3IbKyEbe7 # f/LVjHAsQWCqsWMYRJUadmJ+9oCw++hkpjPRiQfhvbfmQ6QYuKZ3AeEPlAwhHbJU # KSWJbOUOUlFHdL4mrLZBdd56rF+NP8m800ERElvlEFDrMcXKchYiCd98THU/Y+wh # X8QgUWtvsauGi0/C1kVfnSD8oR7FwI+isX4KJpn15GkvmB0t9dmpsh3lGwIDAQAB # o4IBOjCCATYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU7NfjgtJxXWRM3y5n # P+e6mK4cD08wHwYDVR0jBBgwFoAUReuir/SSy4IxLVGLp6chnfNtyA8wDgYDVR0P # AQH/BAQDAgGGMHkGCCsGAQUFBwEBBG0wazAkBggrBgEFBQcwAYYYaHR0cDovL29j # c3AuZGlnaWNlcnQuY29tMEMGCCsGAQUFBzAChjdodHRwOi8vY2FjZXJ0cy5kaWdp # Y2VydC5jb20vRGlnaUNlcnRBc3N1cmVkSURSb290Q0EuY3J0MEUGA1UdHwQ+MDww # OqA4oDaGNGh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFzc3VyZWRJ # RFJvb3RDQS5jcmwwEQYDVR0gBAowCDAGBgRVHSAAMA0GCSqGSIb3DQEBDAUAA4IB # AQBwoL9DXFXnOF+go3QbPbYW1/e/Vwe9mqyhhyzshV6pGrsi+IcaaVQi7aSId229 # GhT0E0p6Ly23OO/0/4C5+KH38nLeJLxSA8hO0Cre+i1Wz/n096wwepqLsl7Uz9FD # RJtDIeuWcqFItJnLnU+nBgMTdydE1Od/6Fmo8L8vC6bp8jQ87PcDx4eo0kxAGTVG # amlUsLihVo7spNU96LHc/RzY9HdaXFSMb++hUD38dglohJ9vytsgjTVgHAIDyyCw # rFigDkBjxZgiwbJZ9VVrzyerbHbObyMt9H5xaiNrIv8SuFQtJ37YOtnwtoeW/VvR # XKwYw02fc7cBqZ9Xql4o4rmUMYIDdjCCA3ICAQEwdzBjMQswCQYDVQQGEwJVUzEX # MBUGA1UEChMORGlnaUNlcnQsIEluYy4xOzA5BgNVBAMTMkRpZ2lDZXJ0IFRydXN0 # ZWQgRzQgUlNBNDA5NiBTSEEyNTYgVGltZVN0YW1waW5nIENBAhALrma8Wrp/lYfG # +ekE4zMEMA0GCWCGSAFlAwQCAQUAoIHRMBoGCSqGSIb3DQEJAzENBgsqhkiG9w0B # CRABBDAcBgkqhkiG9w0BCQUxDxcNMjUwNDI0MDMyMDQ4WjArBgsqhkiG9w0BCRAC # DDEcMBowGDAWBBTb04XuYtvSPnvk9nFIUIck1YZbRTAvBgkqhkiG9w0BCQQxIgQg # SkqUoe+WiDYtqeFdw6wMGtssfLkKvzfTogkwu4EYWsowNwYLKoZIhvcNAQkQAi8x # KDAmMCQwIgQgdnafqPJjLx9DCzojMK7WVnX+13PbBdZluQWTmEOPmtswDQYJKoZI # hvcNAQEBBQAEggIAOOh7kYZCt9TNkykdEdoPd4QXpazHD8/g6MF8MegEXU4ehmui # Dm4DOEbBN6eRN6OeIpthfuXZpg/2RGcKg6xdDhmGX9e2whs2izRu1g4Ak9KNsBiF # dlSIJkDtpW+N8QpcXnJ3CfDuRG9ocPRVAkTs5UsdqQwGks/LVlSczMG+FhOhD28m # X9dDlIXb85t0YR48f1jRW2xmklfQiC5O0S8Pdp30zY5DH0VQBq/i+ZY2xav7kdUV # gvg/F6H7qLavOdQ1kAGVQgC18aVlRMdOx8eISWpn0NEhL12H3kPtuettIOlYi27m # OaJw5ulLOSF1TTT94GfQWLOI8VpS2qvCrgti4lKo0KAQ6uNcip6iYsTHG3V652Et # rvoGDr84FF2N3+fS1xjZCPsSJBQhhWJBsfm7hCGVp1/ZT+MC9RaVor9Pie9nS+Xc # NEzFegiJ9X4PZQWJFt9Dj8nSq/8wmSMU0EuAG83smkYk6rHd5bk0vp8aQSnUBVN9 # 04trSc0it6gzSeZTA6Wu9fXxIpeBR7nqY52PNXCK30+TuHtu9SH02ppPtml/C1uJ # xv0EjGIDcvCxZIu0LWWdVLHwIFQaEK6/NC6kyAvueHFi11PDfeIWJ2iNDkHduT4f # n5owav3KiKgf1YlYe3nQDz2k0YqpPPsP/Dawy6fX6PWx3f0jf2TLlTn+aqg= # SIG # End signature block |