Public/Find-VdcCertificate.ps1
function Find-VdcCertificate { <# .SYNOPSIS Find certificates in TLSPDC based on various attributes .DESCRIPTION Find certificates based on various attributes. Supports standard PS paging parameters First and Skip. If -First not provided, the default return is 1000 records. .PARAMETER Path Starting path to search from. If not provided, the default is \ved\policy. .PARAMETER Guid Guid which represents a starting path. .PARAMETER Recursive Search recursively starting from the search path. .PARAMETER Country Find certificates by Country attribute of Subject DN. .PARAMETER CommonName Find certificates by Common name attribute of Subject DN. .PARAMETER Issuer Find certificates by issuer. Use the CN, O, L, S, and C values from the certificate request. .PARAMETER KeyAlgorithm Find certificates by algorithm for the public key. .PARAMETER KeySize Find certificates by public key size. .PARAMETER KeySizeGreaterThan Find certificates with a key size greater than the specified value. .PARAMETER KeySizeLessThan Find certificates with a key size less than the specified value. .PARAMETER Locale Find certificates by Locality/City attribute of Subject Distinguished Name (DN). .PARAMETER Organization Find certificates by Organization attribute of Subject DN. .PARAMETER OrganizationUnit Find certificates by Organization Unit (OU). .PARAMETER State Find certificates by State/Province attribute of Subject DN. .PARAMETER SanDns Find certificates by Subject Alternate Name (SAN) Distinguished Name Server (DNS). .PARAMETER SanEmail Find certificates by SAN Email RFC822. .PARAMETER SanIP Find certificates by SAN IP Address. .PARAMETER SanUpn Find certificates by SAN User Principal Name (UPN) or OtherName. .PARAMETER SanUri Find certificates by SAN Uniform Resource Identifier (URI). .PARAMETER SerialNumber Find certificates by Serial number. .PARAMETER SignatureAlgorithm Find certificates by the algorithm used to sign the certificate (e.g. SHA1RSA). .PARAMETER Thumbprint Find certificates by one or more SHA-1 thumbprints. .PARAMETER IssueDate Find certificates by the date of issue. .PARAMETER ExpireDate Find certificates by expiration date. .PARAMETER ExpireAfter Find certificates that expire after a certain date. .PARAMETER ExpireBefore Find certificates that expire before a certain date. .PARAMETER Enabled Include only certificates that are enabled or disabled. .PARAMETER InError Only include certificates in an error state. .PARAMETER IsSelfSigned Only include self-signed certificates .PARAMETER IsWildcard Only include wilcard certificates .PARAMETER NetworkValidationEnabled Only include certificates with network validation enabled or disabled. .PARAMETER CreatedDate Find certificates that were created at an exact date and time. .PARAMETER CreatedAfter Find certificate created after this date and time. .PARAMETER CreatedBefore Find certificate created before this date and time. .PARAMETER CertificateType Find certificate by category of usage. Use CodeSigning, Device, Server, and/or User. .PARAMETER ManagementType Find certificates with a Management type of Unassigned, Monitoring, Enrollment, or Provisioning. .PARAMETER PendingWorkflow Only include certificates that have a pending workflow resolution (have an outstanding workflow ticket). .PARAMETER Stage Find certificates by one or more stages in the certificate lifecycle. .PARAMETER StageGreaterThan Find certificates with a stage greater than the specified stage (does not include specified stage). .PARAMETER StageLessThan Find certificates with a stage less than the specified stage (does not include specified stage). .PARAMETER ValidationEnabled Only include certificates with validation enabled or disabled. .PARAMETER ValidationState Find certificates with a validation state of Blank, Success, or Failure. .PARAMETER CountOnly Return the count of certificates found from the query as opposed to the certificates themselves .PARAMETER VenafiSession Authentication for the function. The value defaults to the script session object $VenafiSession created by New-VenafiSession. A TLSPDC token can also be provided. If providing a TLSPDC token, an environment variable named VDC_SERVER must also be set. .INPUTS Path .OUTPUTS TppObject, Int when CountOnly provided .EXAMPLE Find-VdcCertificate Find first 1000 certificates .EXAMPLE Find-VdcCertificate -ExpireBefore [datetime]'2018-01-01' Find certificates expiring before a certain date .EXAMPLE Find-VdcCertificate -ExpireBefore "2018-01-01" -First 5 Find 5 certificates expiring before a certain date .EXAMPLE Find-VdcCertificate -ExpireBefore "2018-01-01" -First 5 -Skip 2 Find 5 certificates expiring before a certain date, starting at the 3rd certificate found. Skip is only supported on TLSPDC. .EXAMPLE Find-VdcCertificate -Path '\VED\Policy\My Policy' Find certificates in a specific path .EXAMPLE Find-VdcCertificate -Issuer 'CN=Example Root CA, O=Venafi,Inc., L=Salt Lake City, S=Utah, C=US' Find certificates by issuer .EXAMPLE Find-VdcCertificate -Path '\VED\Policy\My Policy' -Recursive Find certificates in a specific path and all subfolders .EXAMPLE Find-VdcCertificate | Get-VdcCertificate Get detailed certificate info .EXAMPLE Find-VdcCertificate -ExpireBefore "2019-09-01" | Invoke-VdcCertificateAction -Renew Renew all certificates expiring before a certain date .EXAMPLE Find-VdcCertificate -First 500 Find the first 500 certificates .LINK https://docs.venafi.com/Docs/current/TopNav/Content/SDK/WebSDK/r-SDK-GET-Certificates.php .LINK https://docs.venafi.com/Docs/current/TopNav/Content/SDK/WebSDK/r-SDK-GET-Certificates-guid.php .LINK https://msdn.microsoft.com/en-us/library/system.web.httputility(v=vs.110).aspx #> [CmdletBinding(SupportsPaging)] param ( [Parameter(ValueFromPipeline, ValueFromPipelineByPropertyName)] [ValidateNotNullOrEmpty()] [Alias('DN')] [String] $Path = '\ved\policy', [Parameter()] [ValidateNotNullOrEmpty()] [guid] $Guid, [Parameter()] [Switch] $Recursive, # [Parameter()] # [int] $Limit = 1000, # [Parameter()] # [int] $Offset, [Parameter()] [Alias('C')] [String] $Country, [Parameter()] [Alias('CN')] [String] $CommonName, [Parameter()] [String] $Issuer, [Parameter()] [String[]] $KeyAlgorithm, [Parameter()] [Int[]] $KeySize, [Parameter()] [Int] $KeySizeGreaterThan, [Parameter()] [Int] $KeySizeLessThan, [Parameter()] [Alias('L')] [String[]] $Locale, [Parameter()] [Alias('O')] [String[]] $Organization, [Parameter()] [Alias('OU')] [String[]] $OrganizationUnit, [Parameter()] [Alias('S')] [String[]] $State, [Parameter()] [String] $SanDns, [Parameter()] [String] $SanEmail, [Parameter()] [String] $SanIP, [Parameter()] [String] $SanUpn, [Parameter()] [String] $SanUri, [Parameter()] [String] $SerialNumber, [Parameter()] [String] $SignatureAlgorithm, [Parameter()] [String] $Thumbprint, [Parameter()] [Alias('ValidFrom')] [DateTime] $IssueDate, [Parameter()] [Alias('ValidFromGreater')] [DateTime] $IssueDateAfter, [Parameter()] [Alias('ValidFromLess')] [DateTime] $IssueDateBefore, [Parameter()] [Alias('ValidTo')] [DateTime] $ExpireDate, [Parameter()] [Alias('ValidToGreater')] [DateTime] $ExpireAfter, [Parameter()] [Alias('ValidToLess')] [DateTime] $ExpireBefore, [Parameter()] [Switch] $Enabled, [Parameter()] [switch] $InError, [Parameter()] [switch] $IsSelfSigned, [Parameter()] [switch] $IsWildcard, [Parameter()] [bool] $NetworkValidationEnabled, [Parameter()] [Alias('CreatedOn')] [datetime] $CreatedDate, [Parameter()] [Alias('CreatedOnGreater')] [datetime] $CreatedAfter, [Parameter()] [Alias('CreatedOnLess')] [datetime] $CreatedBefore, [Parameter()] [ValidateSet('CodeSigning', 'Device', 'Server', 'User')] [String[]] $CertificateType, [Parameter()] [TppManagementType[]] $ManagementType, [Parameter()] [Switch] $PendingWorkflow, [Parameter()] [TppCertificateStage[]] $Stage, [Parameter()] [Alias('StageGreater')] [TppCertificateStage] $StageGreaterThan, [Parameter()] [Alias('StageLess')] [TppCertificateStage] $StageLessThan, [Parameter()] [Switch] $ValidationEnabled, [Parameter()] [ValidateSet('Blank', 'Success', 'Failure')] [String[]] $ValidationState, [Parameter()] [Switch] $CountOnly, [Parameter()] [psobject] $VenafiSession ) begin { Test-VenafiSession -VenafiSession $VenafiSession -Platform 'VDC' $params = @{ Method = 'Get' UriLeaf = 'certificates/' Body = @{ Limit = 1000 Offset = 0 } FullResponse = $true } if ($PSCmdlet.PagingParameters.First -ne [uint64]::MaxValue -and $PSCmdlet.PagingParameters.First -le 1000) { $params.Body.Limit = $PSCmdlet.PagingParameters.First } if ($PSCmdlet.PagingParameters.Skip) { $params.Body.Offset = $PSCmdlet.PagingParameters.Skip } if ( $CountOnly.IsPresent ) { $params.Method = 'Head' } switch ($PSBoundParameters.Keys) { 'CreatedDate' { $params.Body.Add( 'CreatedOn', ($CreatedDate | ConvertTo-UtcIso8601) ) } 'CreatedBefore' { $params.Body.Add( 'CreatedOnLess', ($CreatedBefore | ConvertTo-UtcIso8601) ) } 'CreatedAfter' { $params.Body.Add( 'CreatedOnGreater', ($CreatedAfter | ConvertTo-UtcIso8601) ) } 'CertificateType' { $params.Body.Add( 'CertificateType', $CertificateType -join ',' ) } 'Country' { $params.Body.Add( 'C', $Country ) } 'CommonName' { $params.Body.Add( 'CN', $CommonName ) } 'Issuer' { $params.Body.Add( 'Issuer', '"{0}"' -f $Issuer ) } 'KeyAlgorithm' { $params.Body.Add( 'KeyAlgorithm', $KeyAlgorithm -join ',' ) } 'KeySize' { $params.Body.Add( 'KeySize', $KeySize -join ',' ) } 'KeySizeGreaterThan' { $params.Body.Add( 'KeySizeGreater', $KeySizeGreaterThan ) } 'KeySizeLessThan' { $params.Body.Add( 'KeySizeLess', $KeySizeLessThan ) } 'Locale' { $params.Body.Add( 'L', $Locale -join ',' ) } 'Organization' { $params.Body.Add( 'O', $Organization -join ',' ) } 'OrganizationUnit' { $params.Body.Add( 'OU', $OrganizationUnit -join ',' ) } 'State' { $params.Body.Add( 'S', $State -join ',' ) } 'SanDns' { $params.Body.Add( 'SAN-DNS', $SanDns ) } 'SanEmail' { $params.Body.Add( 'SAN-Email', $SanEmail ) } 'SanIP' { $params.Body.Add( 'SAN-IP', $SanIP ) } 'SanUpn' { $params.Body.Add( 'SAN-UPN', $SanUpn ) } 'SanUri' { $params.Body.Add( 'SAN-URI', $SanUri ) } 'SerialNumber' { $params.Body.Add( 'Serial', $SerialNumber ) } 'SignatureAlgorithm' { $params.Body.Add( 'SignatureAlgorithm', $SignatureAlgorithm -join ',' ) } 'Thumbprint' { $params.Body.Add( 'Thumbprint', $Thumbprint ) } 'IssueDateAfter' { $params.Body.Add( 'ValidFromGreater', ($IssueDateAfter | ConvertTo-UtcIso8601) ) } 'IssueDateBefore' { $params.Body.Add( 'ValidFromLess', ($IssueDateBefore | ConvertTo-UtcIso8601) ) } 'IssueDate' { $params.Body.Add( 'ValidFrom', ($IssueDate | ConvertTo-UtcIso8601) ) } 'ExpireDate' { $params.Body.Add( 'ValidTo', ($ExpireDate | ConvertTo-UtcIso8601) ) } 'ExpireAfter' { $params.Body.Add( 'ValidToGreater', ($ExpireAfter | ConvertTo-UtcIso8601) ) } 'ExpireBefore' { $params.Body.Add( 'ValidToLess', ($ExpireBefore | ConvertTo-UtcIso8601) ) } 'Enabled' { $params.Body.Add( 'Disabled', [int] (-not $Enabled) ) } 'InError' { $params.Body.Add( 'InError', [int]$InError.IsPresent ) } 'IsSelfSigned' { $params.Body.Add( 'IsSelfSigned', [int] $IsSelfSigned.IsPresent ) } 'IsWildcard' { $params.Body.Add( 'IsWildcard', [int] $IsWildcard.IsPresent ) } 'NetworkValidationEnabled' { $params.Body.Add( 'NetworkValidationDisabled', [int] (-not $NetworkValidationEnabled) ) } 'ManagementType' { $params.Body.Add( 'ManagementType', $ManagementType -join ',' ) } 'PendingWorkflow' { $params.Body.Add( 'PendingWorkflow', '') } 'Stage' { $params.Body.Add( 'Stage', ($Stage | ForEach-Object { [TppCertificateStage]::$_.value__ }) -join ',' ) } 'StageGreaterThan' { $params.Body.Add( 'StageGreater', [TppCertificateStage]::$StageGreaterThan.value__ ) } 'StageLessThan' { $params.Body.Add( 'StageLess', [TppCertificateStage]::$StageLessThan.value__ ) } 'ValidationEnabled' { $params.Body.Add( 'ValidationDisabled', [int] (-not $ValidationEnabled) ) } 'ValidationState' { $params.Body.Add( 'ValidationState', $ValidationState -join ',' ) } # } } } process { if ( $PSBoundParameters.ContainsKey('Path') ) { $thisPath = $Path | ConvertTo-VdcFullPath } elseif ( $PSBoundParameters.ContainsKey('Guid') ) { # guid provided, get path $thisPath = $Guid | ConvertTo-VdcPath } if ( $thisPath ) { if ( $Recursive.IsPresent ) { $params.Body.ParentDnRecursive = $thisPath } else { $params.Body.ParentDn = $thisPath } } $response = Invoke-VenafiRestMethod @params $totalRecordCount = 0 if ($PSVersionTable.PSVersion.Major -lt 6) { $totalRecordCount = [int]$response.Headers.'X-Record-Count' } else { $totalRecordCount = [int]($response.Headers.'X-Record-Count'[0]) } if ( $CountOnly ) { return $totalRecordCount } Write-Verbose "Total number of records for this query: $totalRecordCount" $content = $response.content | ConvertFrom-Json $content.Certificates.ForEach{ ConvertTo-VdcObject -Path $_.DN -Guid $_.Guid -TypeName $_.SchemaClass } if ($PSBoundParameters.ContainsKey('First')) { $totalRecordCount = $PSCmdlet.PagingParameters.First } $setPoint = $params.Body.Offset + $params.Body.Limit while ($totalRecordCount -gt $setPoint) { # up the offset so we get the next set of records $params.Body.Offset += $params.Body.Limit $setPoint = $params.Body.Offset + $params.Body.Limit $end = if ( $totalRecordCount -lt $setPoint ) { $totalRecordCount } else { $setPoint } Write-Verbose ('getting {0}-{1} of {2}' -f ($params.Body.Offset + 1), $end, $totalRecordCount) try { $response = Invoke-VenafiRestMethod @params -Verbose:$false } catch { $ProgressPreference = $oldProgressPreference throw $_ } $content = $response.content | ConvertFrom-Json $content.Certificates.ForEach{ ConvertTo-VdcObject -Path $_.DN -Guid $_.Guid -TypeName $_.SchemaClass } } } } # SIG # Begin signature block # MIIhigYJKoZIhvcNAQcCoIIhezCCIXcCAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCDzGDYAX4l0cJNk # M8GDx2+mF2Tx2DhrcCe6SaXFX+7rQ6CCGokwggd8MIIFZKADAgECAhAEskBM6tH3 # agmQID1jirpbMA0GCSqGSIb3DQEBCwUAMGkxCzAJBgNVBAYTAlVTMRcwFQYDVQQK # Ew5EaWdpQ2VydCwgSW5jLjFBMD8GA1UEAxM4RGlnaUNlcnQgVHJ1c3RlZCBHNCBD # b2RlIFNpZ25pbmcgUlNBNDA5NiBTSEEzODQgMjAyMSBDQTEwHhcNMjMwOTEzMDAw # MDAwWhcNMjQwOTEyMjM1OTU5WjCBgzELMAkGA1UEBhMCVVMxDTALBgNVBAgTBFV0 # YWgxFzAVBgNVBAcTDlNhbHQgTGFrZSBDaXR5MRUwEwYDVQQKEwxWZW5hZmksIElu # Yy4xHjAcBgNVBAsTFVByb2Zlc3Npb25hbCBTZXJ2aWNlczEVMBMGA1UEAxMMVmVu # YWZpLCBJbmMuMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAz2ga2w0N # HzoqK1Npwmce0q2VZkosMIa4Mw4eFhDZiSlaWWwXbWKBEQVEEnd/mPlmOMv2jwBE # PaBdTzX4bp5A4gr2Nwpw2Hjr9nsfBuuMNVkCCimXdjqbLhiyU0obIYk+5EMH0Lnw # n1AupTbjtj63kqs7ZDfLRVq6jUtGJVdfDKBrIAjymePXi58G1991J6i8og3vKhhO # 97sWciGXLblirUFNMpZpK32UrHr2QklIqhSo1ucvTT7x8EFW5P33z2eniQCDvssE # UsV7vDdc4zll2io+B1j7vVOicLG+P8Jxhjy13seKsmAXSwfID51tWO3V2SfEZE2x # fuxRN9bLOdXyB9808ifIAyxLmz36Kq7kaX/LQ6eGeVDwbnvdAUoUcCKYGK7FPYQh # J0ZnxtXJRKfQU4rLaZItVtnJbPfXGJX1aXJY10fKZSvnEfYRrcb6pMVFxCyAMoZE # U3XSg9bS0oc9fg+FTjknczyXFjMD97PZW8GcLAXWSukbstyzSHvh0Nh3tyGyXPyy # +yGxMqAw6elop3FcG1sq6Ri9gSNA+oCzD2VfwoKpPJnomLDGrYuCYM/U1WG2hi/z # gnhn/Lu/e8FKTkI8ZRhVB1Yfv4VgrxGSx0WBI+4WB6Bwi6LjVmSuasJZ0Oobl7ik # 59nkseYc885U5bjgWZrUbXhfw34lUrVkfMkCAwEAAaOCAgMwggH/MB8GA1UdIwQY # MBaAFGg34Ou2O/hfEYb7/mF7CIhl9E5CMB0GA1UdDgQWBBSoGeI5UP36z1PFpV0W # 4oYJNTGVKDA+BgNVHSAENzA1MDMGBmeBDAEEATApMCcGCCsGAQUFBwIBFhtodHRw # Oi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQM # MAoGCCsGAQUFBwMDMIG1BgNVHR8Ega0wgaowU6BRoE+GTWh0dHA6Ly9jcmwzLmRp # Z2ljZXJ0LmNvbS9EaWdpQ2VydFRydXN0ZWRHNENvZGVTaWduaW5nUlNBNDA5NlNI # QTM4NDIwMjFDQTEuY3JsMFOgUaBPhk1odHRwOi8vY3JsNC5kaWdpY2VydC5jb20v # RGlnaUNlcnRUcnVzdGVkRzRDb2RlU2lnbmluZ1JTQTQwOTZTSEEzODQyMDIxQ0Ex # LmNybDCBlAYIKwYBBQUHAQEEgYcwgYQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3Nw # LmRpZ2ljZXJ0LmNvbTBcBggrBgEFBQcwAoZQaHR0cDovL2NhY2VydHMuZGlnaWNl # cnQuY29tL0RpZ2lDZXJ0VHJ1c3RlZEc0Q29kZVNpZ25pbmdSU0E0MDk2U0hBMzg0 # MjAyMUNBMS5jcnQwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAgEADWd6cY3c # UuXXxFhO4O+VPRPxNituYopOy3rgvLio6YncYfbbfZKRmKBYb79Ae6c/Nsz6K3bP # lhs9UuXs6UVlVwRhHpf8w1ko1I9lZLjZM8gbgvXethyIB3bvDDrLXyESUX4iAL/U # DNyuDjsQBOTe+7WvyXPrZhqlJL0kwO6kaMFffm+V+zaTBrSazco7GLlXVtp6+jWY # EHSdzyaeNgY5N4j3nKlsdVo4LhynuyqC9aTyWfxC9KPKpRNq9tGxkTHyjeCB61Y/ # yA6C63GpDmfoZtD0x46nzr1r7AG5c//Td+g9sKA4raai2RxcmLXwoIEG/5W/60cK # TAU44EnUW4ep/rmPBBLpinY3cg+k2b5UjBIUbYebanRVHiZmgCtLKQYLHdH8yu9L # Zc96I6dGmm08C8zsZPTyiYg9JadKPlAdkI3sB1d8263Ufsa6zvHEvSK3QnutLxHf # dOd/7XRwqSWx/oXrk8jggvAo3IAGEX/S+cRBjFYtmKZuhZUPQSh8LbiUfsRLsG/d # omoKJw1JVZubeFORgByyscqIDAIoAptjyZeoKJal+MF1DhkGnBehUNdZe+q4h43c # r573CZl4XZwY5w3y3ekc4Ahls9kE/VvMqkxGfHoTswmaSVM3EJuZ51FCg054zoka # BEgxZ4/59gvjUKfRNuUYC8FfD5Ldj0oI21QwggWNMIIEdaADAgECAhAOmxiO+dAt # 5+/bUOIIQBhaMA0GCSqGSIb3DQEBDAUAMGUxCzAJBgNVBAYTAlVTMRUwEwYDVQQK # EwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xJDAiBgNV # BAMTG0RpZ2lDZXJ0IEFzc3VyZWQgSUQgUm9vdCBDQTAeFw0yMjA4MDEwMDAwMDBa # Fw0zMTExMDkyMzU5NTlaMGIxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2Vy # dCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xITAfBgNVBAMTGERpZ2lD # ZXJ0IFRydXN0ZWQgUm9vdCBHNDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC # ggIBAL/mkHNo3rvkXUo8MCIwaTPswqclLskhPfKK2FnC4SmnPVirdprNrnsbhA3E # MB/zG6Q4FutWxpdtHauyefLKEdLkX9YFPFIPUh/GnhWlfr6fqVcWWVVyr2iTcMKy # unWZanMylNEQRBAu34LzB4TmdDttceItDBvuINXJIB1jKS3O7F5OyJP4IWGbNOsF # xl7sWxq868nPzaw0QF+xembud8hIqGZXV59UWI4MK7dPpzDZVu7Ke13jrclPXuU1 # 5zHL2pNe3I6PgNq2kZhAkHnDeMe2scS1ahg4AxCN2NQ3pC4FfYj1gj4QkXCrVYJB # MtfbBHMqbpEBfCFM1LyuGwN1XXhm2ToxRJozQL8I11pJpMLmqaBn3aQnvKFPObUR # WBf3JFxGj2T3wWmIdph2PVldQnaHiZdpekjw4KISG2aadMreSx7nDmOu5tTvkpI6 # nj3cAORFJYm2mkQZK37AlLTSYW3rM9nF30sEAMx9HJXDj/chsrIRt7t/8tWMcCxB # YKqxYxhElRp2Yn72gLD76GSmM9GJB+G9t+ZDpBi4pncB4Q+UDCEdslQpJYls5Q5S # UUd0viastkF13nqsX40/ybzTQRESW+UQUOsxxcpyFiIJ33xMdT9j7CFfxCBRa2+x # q4aLT8LWRV+dIPyhHsXAj6KxfgommfXkaS+YHS312amyHeUbAgMBAAGjggE6MIIB # NjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTs1+OC0nFdZEzfLmc/57qYrhwP # TzAfBgNVHSMEGDAWgBRF66Kv9JLLgjEtUYunpyGd823IDzAOBgNVHQ8BAf8EBAMC # AYYweQYIKwYBBQUHAQEEbTBrMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdp # Y2VydC5jb20wQwYIKwYBBQUHMAKGN2h0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNv # bS9EaWdpQ2VydEFzc3VyZWRJRFJvb3RDQS5jcnQwRQYDVR0fBD4wPDA6oDigNoY0 # aHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0QXNzdXJlZElEUm9vdENB # LmNybDARBgNVHSAECjAIMAYGBFUdIAAwDQYJKoZIhvcNAQEMBQADggEBAHCgv0Nc # Vec4X6CjdBs9thbX979XB72arKGHLOyFXqkauyL4hxppVCLtpIh3bb0aFPQTSnov # Lbc47/T/gLn4offyct4kvFIDyE7QKt76LVbP+fT3rDB6mouyXtTP0UNEm0Mh65Zy # oUi0mcudT6cGAxN3J0TU53/oWajwvy8LpunyNDzs9wPHh6jSTEAZNUZqaVSwuKFW # juyk1T3osdz9HNj0d1pcVIxv76FQPfx2CWiEn2/K2yCNNWAcAgPLILCsWKAOQGPF # mCLBsln1VWvPJ6tsds5vIy30fnFqI2si/xK4VC0nftg62fC2h5b9W9FcrBjDTZ9z # twGpn1eqXijiuZQwggauMIIElqADAgECAhAHNje3JFR82Ees/ShmKl5bMA0GCSqG # SIb3DQEBCwUAMGIxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMx # GTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xITAfBgNVBAMTGERpZ2lDZXJ0IFRy # dXN0ZWQgUm9vdCBHNDAeFw0yMjAzMjMwMDAwMDBaFw0zNzAzMjIyMzU5NTlaMGMx # CzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5EaWdpQ2VydCwgSW5jLjE7MDkGA1UEAxMy # RGlnaUNlcnQgVHJ1c3RlZCBHNCBSU0E0MDk2IFNIQTI1NiBUaW1lU3RhbXBpbmcg # Q0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDGhjUGSbPBPXJJUVXH # JQPE8pE3qZdRodbSg9GeTKJtoLDMg/la9hGhRBVCX6SI82j6ffOciQt/nR+eDzMf # UBMLJnOWbfhXqAJ9/UO0hNoR8XOxs+4rgISKIhjf69o9xBd/qxkrPkLcZ47qUT3w # 1lbU5ygt69OxtXXnHwZljZQp09nsad/ZkIdGAHvbREGJ3HxqV3rwN3mfXazL6IRk # tFLydkf3YYMZ3V+0VAshaG43IbtArF+y3kp9zvU5EmfvDqVjbOSmxR3NNg1c1eYb # qMFkdECnwHLFuk4fsbVYTXn+149zk6wsOeKlSNbwsDETqVcplicu9Yemj052FVUm # cJgmf6AaRyBD40NjgHt1biclkJg6OBGz9vae5jtb7IHeIhTZgirHkr+g3uM+onP6 # 5x9abJTyUpURK1h0QCirc0PO30qhHGs4xSnzyqqWc0Jon7ZGs506o9UD4L/wojzK # QtwYSH8UNM/STKvvmz3+DrhkKvp1KCRB7UK/BZxmSVJQ9FHzNklNiyDSLFc1eSuo # 80VgvCONWPfcYd6T/jnA+bIwpUzX6ZhKWD7TA4j+s4/TXkt2ElGTyYwMO1uKIqjB # Jgj5FBASA31fI7tk42PgpuE+9sJ0sj8eCXbsq11GdeJgo1gJASgADoRU7s7pXche # MBK9Rp6103a50g5rmQzSM7TNsQIDAQABo4IBXTCCAVkwEgYDVR0TAQH/BAgwBgEB # /wIBADAdBgNVHQ4EFgQUuhbZbU2FL3MpdpovdYxqII+eyG8wHwYDVR0jBBgwFoAU # 7NfjgtJxXWRM3y5nP+e6mK4cD08wDgYDVR0PAQH/BAQDAgGGMBMGA1UdJQQMMAoG # CCsGAQUFBwMIMHcGCCsGAQUFBwEBBGswaTAkBggrBgEFBQcwAYYYaHR0cDovL29j # c3AuZGlnaWNlcnQuY29tMEEGCCsGAQUFBzAChjVodHRwOi8vY2FjZXJ0cy5kaWdp # Y2VydC5jb20vRGlnaUNlcnRUcnVzdGVkUm9vdEc0LmNydDBDBgNVHR8EPDA6MDig # NqA0hjJodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRUcnVzdGVkUm9v # dEc0LmNybDAgBgNVHSAEGTAXMAgGBmeBDAEEAjALBglghkgBhv1sBwEwDQYJKoZI # hvcNAQELBQADggIBAH1ZjsCTtm+YqUQiAX5m1tghQuGwGC4QTRPPMFPOvxj7x1Bd # 4ksp+3CKDaopafxpwc8dB+k+YMjYC+VcW9dth/qEICU0MWfNthKWb8RQTGIdDAiC # qBa9qVbPFXONASIlzpVpP0d3+3J0FNf/q0+KLHqrhc1DX+1gtqpPkWaeLJ7giqzl # /Yy8ZCaHbJK9nXzQcAp876i8dU+6WvepELJd6f8oVInw1YpxdmXazPByoyP6wCeC # RK6ZJxurJB4mwbfeKuv2nrF5mYGjVoarCkXJ38SNoOeY+/umnXKvxMfBwWpx2cYT # gAnEtp/Nh4cku0+jSbl3ZpHxcpzpSwJSpzd+k1OsOx0ISQ+UzTl63f8lY5knLD0/ # a6fxZsNBzU+2QJshIUDQtxMkzdwdeDrknq3lNHGS1yZr5Dhzq6YBT70/O3itTK37 # xJV77QpfMzmHQXh6OOmc4d0j/R0o08f56PGYX/sr2H7yRp11LB4nLCbbbxV7HhmL # NriT1ObyF5lZynDwN7+YAN8gFk8n+2BnFqFmut1VwDophrCYoCvtlUG3OtUVmDG0 # YgkPCr2B2RP+v6TR81fZvAT6gt4y3wSJ8ADNXcL50CN/AAvkdgIm2fBldkKmKYcJ # RyvmfxqkhQ/8mJb2VVQrH4D6wPIOK+XW+6kvRBVK5xMOHds3OBqhK/bt1nz8MIIG # wjCCBKqgAwIBAgIQBUSv85SdCDmmv9s/X+VhFjANBgkqhkiG9w0BAQsFADBjMQsw # CQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xOzA5BgNVBAMTMkRp # Z2lDZXJ0IFRydXN0ZWQgRzQgUlNBNDA5NiBTSEEyNTYgVGltZVN0YW1waW5nIENB # MB4XDTIzMDcxNDAwMDAwMFoXDTM0MTAxMzIzNTk1OVowSDELMAkGA1UEBhMCVVMx # FzAVBgNVBAoTDkRpZ2lDZXJ0LCBJbmMuMSAwHgYDVQQDExdEaWdpQ2VydCBUaW1l # c3RhbXAgMjAyMzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKNTRYcd # g45brD5UsyPgz5/X5dLnXaEOCdwvSKOXejsqnGfcYhVYwamTEafNqrJq3RApih5i # Y2nTWJw1cb86l+uUUI8cIOrHmjsvlmbjaedp/lvD1isgHMGXlLSlUIHyz8sHpjBo # yoNC2vx/CSSUpIIa2mq62DvKXd4ZGIX7ReoNYWyd/nFexAaaPPDFLnkPG2ZS48jW # Pl/aQ9OE9dDH9kgtXkV1lnX+3RChG4PBuOZSlbVH13gpOWvgeFmX40QrStWVzu8I # F+qCZE3/I+PKhu60pCFkcOvV5aDaY7Mu6QXuqvYk9R28mxyyt1/f8O52fTGZZUdV # nUokL6wrl76f5P17cz4y7lI0+9S769SgLDSb495uZBkHNwGRDxy1Uc2qTGaDiGhi # u7xBG3gZbeTZD+BYQfvYsSzhUa+0rRUGFOpiCBPTaR58ZE2dD9/O0V6MqqtQFcmz # yrzXxDtoRKOlO0L9c33u3Qr/eTQQfqZcClhMAD6FaXXHg2TWdc2PEnZWpST618Rr # IbroHzSYLzrqawGw9/sqhux7UjipmAmhcbJsca8+uG+W1eEQE/5hRwqM/vC2x9XH # 3mwk8L9CgsqgcT2ckpMEtGlwJw1Pt7U20clfCKRwo+wK8REuZODLIivK8SgTIUlR # fgZm0zu++uuRONhRB8qUt+JQofM604qDy0B7AgMBAAGjggGLMIIBhzAOBgNVHQ8B # Af8EBAMCB4AwDAYDVR0TAQH/BAIwADAWBgNVHSUBAf8EDDAKBggrBgEFBQcDCDAg # BgNVHSAEGTAXMAgGBmeBDAEEAjALBglghkgBhv1sBwEwHwYDVR0jBBgwFoAUuhbZ # bU2FL3MpdpovdYxqII+eyG8wHQYDVR0OBBYEFKW27xPn783QZKHVVqllMaPe1eNJ # MFoGA1UdHwRTMFEwT6BNoEuGSWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdp # Q2VydFRydXN0ZWRHNFJTQTQwOTZTSEEyNTZUaW1lU3RhbXBpbmdDQS5jcmwwgZAG # CCsGAQUFBwEBBIGDMIGAMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2Vy # dC5jb20wWAYIKwYBBQUHMAKGTGh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9E # aWdpQ2VydFRydXN0ZWRHNFJTQTQwOTZTSEEyNTZUaW1lU3RhbXBpbmdDQS5jcnQw # DQYJKoZIhvcNAQELBQADggIBAIEa1t6gqbWYF7xwjU+KPGic2CX/yyzkzepdIpLs # jCICqbjPgKjZ5+PF7SaCinEvGN1Ott5s1+FgnCvt7T1IjrhrunxdvcJhN2hJd6Pr # kKoS1yeF844ektrCQDifXcigLiV4JZ0qBXqEKZi2V3mP2yZWK7Dzp703DNiYdk9W # uVLCtp04qYHnbUFcjGnRuSvExnvPnPp44pMadqJpddNQ5EQSviANnqlE0PjlSXcI # WiHFtM+YlRpUurm8wWkZus8W8oM3NG6wQSbd3lqXTzON1I13fXVFoaVYJmoDRd7Z # ULVQjK9WvUzF4UbFKNOt50MAcN7MmJ4ZiQPq1JE3701S88lgIcRWR+3aEUuMMsOI # 5ljitts++V+wQtaP4xeR0arAVeOGv6wnLEHQmjNKqDbUuXKWfpd5OEhfysLcPTLf # ddY2Z1qJ+Panx+VPNTwAvb6cKmx5AdzaROY63jg7B145WPR8czFVoIARyxQMfq68 # /qTreWWqaNYiyjvrmoI1VygWy2nyMpqy0tg6uLFGhmu6F/3Ed2wVbK6rr3M66ElG # t9V/zLY4wNjsHPW2obhDLN9OTH0eaHDAdwrUAuBcYLso/zjlUlrWrBciI0707NMX # +1Br/wd3H3GXREHJuEbTbDJ8WC9nR2XlG3O2mflrLAZG70Ee8PBf4NvZrZCARK+A # EEGKMYIGVzCCBlMCAQEwfTBpMQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNl # cnQsIEluYy4xQTA/BgNVBAMTOERpZ2lDZXJ0IFRydXN0ZWQgRzQgQ29kZSBTaWdu # aW5nIFJTQTQwOTYgU0hBMzg0IDIwMjEgQ0ExAhAEskBM6tH3agmQID1jirpbMA0G # CWCGSAFlAwQCAQUAoIGIMBkGCSqGSIb3DQEJAzEMBgorBgEEAYI3AgEEMBwGCSqG # SIb3DQEJBTEPFw0yNDA4MDgxNTUwMTVaMBwGCisGAQQBgjcCAQsxDjAMBgorBgEE # AYI3AgEVMC8GCSqGSIb3DQEJBDEiBCAETM5QbWMijBpZJSPKHffY5+4GJamQP+h9 # wV75+DfB+TANBgkqhkiG9w0BAQEFAASCAgC8lvNqv6usRaL/lJ4s7O9x6V0klyzG # ctoPhfLfxdrJzEnC2iXqsArrmHODSagx7uMBAADOzWJGxmiM9gB5iaC9HM12MQ8X # 82bM0WbVMRH/rv4j2zoms5GdfpVfDYgqRqnBvTt4MQRXRSX8jHF+XkqdgbKdnAxG # Ef4HHQa7DUc9AB55lSKrRUVg76PLowgMlsHBNxvQIAxvZtDdc+pFXvUKopj8oJ9D # c998wRGQ3jg412Pg2afrUyec5Fs5GMAlRYXxxwxfnqV5mNmj1htCQoaUox/GJ9ik # Cb3ZTN/bgWq+5DB8zA6kNe2Bi+kWrV9CIKEZJ8BiapVXNPBG33RnC8JSUEJXdpRN # vfGS9SXA0K2JkCdvtXNcl2W+UhL8aFKGK05nyS5shvVDS6ESBeGu6J7vAyliMdPi # obaj8kHWGQVBF2s0E5Pag4XhlmG4bZ+/A74X3ySkgUzm+ydHF4QqXxQbGHc9W1LM # GmuqU+dFNC6LUvinPRSLBbwSjn4uxRXizzS4O70PAAwsFKvSfBlb30on5M26+VLX # T1U7dUQ0CYScSFWO2lZ0tCIdJP4o494F901/Ht/YHpO//Oo87JfA5/Cez9J2PtV7 # 99VrE8ioGnbrSjsFh5yoqYslu1DkQzSNqRbZiepZ0r8I5DjZ0LW3z9Q2spSWrHhN # uATlXKL6cOtARKGCAyAwggMcBgkqhkiG9w0BCQYxggMNMIIDCQIBATB3MGMxCzAJ # BgNVBAYTAlVTMRcwFQYDVQQKEw5EaWdpQ2VydCwgSW5jLjE7MDkGA1UEAxMyRGln # aUNlcnQgVHJ1c3RlZCBHNCBSU0E0MDk2IFNIQTI1NiBUaW1lU3RhbXBpbmcgQ0EC # EAVEr/OUnQg5pr/bP1/lYRYwDQYJYIZIAWUDBAIBBQCgaTAYBgkqhkiG9w0BCQMx # CwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0yNDA4MDgxNTUwMTZaMC8GCSqG # SIb3DQEJBDEiBCBfOB80rsDjoFGasJZj2MeK77/bEooc1DXRujxR1n9/IjANBgkq # hkiG9w0BAQEFAASCAgCZcJIxZClQ91TW7dFTTr8v0FV1yxRMTihfmsPWO7N3tnnh # yGjMpVhjGMscABSfa/CvRn/3TPLSP4iuXk/Y4EGP2ECfDvO3rXjDwFXjGLyhg+gd # G7Lvr5I02gfpadVXXDo6pMZQCYcgVsJNYyQnEjF8b6zlZqTJBHz0tyXxbW7Rt4NK # Q+3m+RXHGWQRK2ETP8Y6/8poZdQVJ6FMZYF5jH72lDiy8t5ZHqLH6Oo7pXiE9lJP # 5YshNGyYm7pJLirqNx6Lg04IYtdeN7+BQQrGnmkv3XtaAnvQjYGIVfG/J5JZHPTq # Pt/7pAQ2aKD5FTE80qgFwHbPgzBBLWnwSih1kUUGIdhsH5gShKOyyxZT2C7qdB2W # sNRYJoSMgfuDiVEmxqWHvEUYcm/DKb/qNCm/c2y0yKj2TRUstukhy7JB1LHNEadg # 9klkuFjoxvDPB9VfHAbQaxU3WMDEumbJDp+ZL6jxhQ1yf4/qePBHrjBQQ3gM8nV/ # kN42KGeIqXUaZMaXJzxgPUv3SsXenUyQWRIKrVAqQnmBVmveog+SaCZiPe1y45DZ # AV3zToFymV7E6k0kQYq+xNmUs++AyFPGDKdqpMcmjYGbkQiFv5njQX7GZRkZbRgP # QUeQirnlML6yAxiBrnFXGunrOvlwxgod+IygPpm8z3X7Rx5N0qNLNJeiby972Q== # SIG # End signature block |