From 81cdb2e1d13b1776b33049eab14bdf8549b921e4 Mon Sep 17 00:00:00 2001 From: scottmakestech <83726258+scottmakestech@users.noreply.github.com> Date: Thu, 12 Mar 2026 11:20:59 -0500 Subject: [PATCH 1/2] Blog: Simplifying Certificate Renewals for Millions of Domains with ACME Renewal Information (ARI) --- ...2026-03-17-acme-renewal-information-ari.md | 75 ++++++++++++++++++ ...7.acme-renewal-information-ari-image-1.png | Bin 0 -> 42264 bytes 2 files changed, 75 insertions(+) create mode 100644 content/en/post/2026-03-17-acme-renewal-information-ari.md create mode 100644 static/images/blog/2026.03.17.acme-renewal-information-ari-image-1.png diff --git a/content/en/post/2026-03-17-acme-renewal-information-ari.md b/content/en/post/2026-03-17-acme-renewal-information-ari.md new file mode 100644 index 000000000..767d3632d --- /dev/null +++ b/content/en/post/2026-03-17-acme-renewal-information-ari.md @@ -0,0 +1,75 @@ +--- +author: Nick Silverman +date: 2026-03-17T00:00:00Z +slug: acme-renewal-information-ari +title: "Simplifying Certificate Renewals for Millions of Domains with ACME Renewal Information (ARI)" +excerpt: "ACME Renewal Information (ARI) helped Shopify make certificate renewals for millions of domains more reliable, scalable, and easier to manage." +display_support_us_footer: true +display_inline_newsletter_embed: false +--- + +> Nick Silverman is a Senior Infrastructure Engineer on the Edge Infrastructure team at Shopify, where he maintains the systems that provision, renew, and publish SSL certificates for millions of merchants' custom domains. He is also a contributor to the Ruby acme-client gem. + +### The challenge + +Shopify's automated certificate management system relied on a static renewal threshold: 30 days before the end of the 90-day lifetime. To spread the load of provisioning and renewing certificates, we implemented a random 0--72 hour delay for each. While this helps evenly distribute certificate management over time, it did not take into account the Certificate Authority's (CA) load. It was also incapable of reacting to a dynamic renewal window based on information provided by the CA. + +However, this approach needed greater resilience to solve what is, in the end, a distributed coordination problem. The weaknesses are: + +- **No rapid revocation response:** The static logic is not aware of revocations at all. + +- **Brittleness to lifetime changes:** The static 30-day threshold is not resilient to changes in certificate lifetime, such as [Let's Encrypt's announced plan to move to 45-day certificates.](/2025/12/02/from-90-to-45) + +- **Imperfect load distribution:** Despite the random jitter, massive renewal bursts could still occur. + +Shopify needed to develop a global coordination system to balance the load and handle regular and urgent renewals. Thankfully, Let's Encrypt has led the charge on a solution for this and other very important aspects of the certificate lifecycle. + +### The journey + +Let's Encrypt and the Internet Engineering Task Force (IETF) published the [ACME Renewal Information (ARI)](/2025/09/16/ari-rfc) standard which makes an endpoint available that provides a recommended window of time for the renewal to occur. The endpoint returns a payload that looks something like this: + +```shell +GET /renewal-info/ACME_KEY_IDENTIFIER +{ + "suggestedWindow": { + "start": "2026-02-03T04:00:00Z", + "end": "2026-02-04T04:00:00Z" + } +} +``` + +Shopify's certificate management system uses the [acme-client](https://github.com/unixcharles/acme-client) Ruby gem originally authored by another Shopify employee. Despite Let's Encrypt enabling support for ARI in their official software, the Ruby gem did not yet support this feature. Rather than building a custom solution, we decided to enable support for the ARI extension directly in the client. + +Let's Encrypt's [guide to integrating ARI](/2024/04/25/guide-to-integrating-ari-into-existing-acme-clients) provided the necessary roadmap, and the implementation was completed with [one PR](https://github.com/unixcharles/acme-client/pull/257). This contribution means that not only Shopify, but also the wider Ruby community, can benefit from the ARI extension. + +### Deployment and ARI at scale + +Once we shipped the gem support, integrating ARI into our certificate management system was straightforward. Instead of checking a static 30-day threshold, we now query the ARI endpoint and use the suggested renewal window as the gate for initiating renewals. Those dates are stored alongside the certificate upon its initial provisioning. + +The updated Ruby gem provides a method for fetching renewal information: + +```ruby +renewal_info = client.renewal_info(certificate: existing_certificate_pem) +``` + +This method generates an ARI certificate identifier that can be used when making the API call. The client also includes a helper method, `suggested_renewal_time`, which chooses a random time between the returned start and end dates. The certificate identifier can be passed to the `new_order` method via the `replaces` key, which can grant a higher priority or bypass rate limits for renewals occurring during the window, depending on the CA's policies. + +Critically, Shopify also regularly polls the ARI endpoint for updated renewal timestamps. This allows our systems to rely on those timestamps as the primary renewal timing logic and removes the need for inflexible hard-coded expiry thresholds. This becomes the mechanism that LetsEncrypt uses to dynamically change the renewal time due to a revocation event. + +### Results and rewards + +![](/images/blog/2026.03.17.acme-renewal-information-ari-image-1.png) + +Since enabling the use of the ARI extension, our certificate management system has become significantly more robust. Shopify now delegates the responsibility of determining renewal timing to Let's Encrypt. The ARI extension has proven to be an impactful infrastructure improvement and the benefits gained are immediate. These benefits, alongside fewer manual interventions, are the operational success story: + +- **Future-proofing:** We gained resilience against any future certificate lifetime changes and mass revocation events without needing code updates---ensuring our renewal logic is flexible. + +- **Optimized load:** We directly benefit from the CA's coordinated load balancing provided by the suggested renewal window, eliminating local randomness issues and the need for complex global coordination. + +- **Revocation readiness:** ARI allows systems to quickly detect and respond to revocation events when an urgent renewal is necessary, well before certificates get close to their due dates. + +- **Simple implementation:** The extension is mature ([RFC 9773](https://datatracker.ietf.org/doc/rfc9773/)) and the implementation is straightforward, providing simplified renewal logic and CA-optimized timing. + +- **Good citizenship:** Anyone using ARI helps the CA optimize its infrastructure, and contributes to better aggregate behavior across the entire ecosystem. + +If you're still relying on static renewal thresholds, give ARI a look---Shopify wholeheartedly encourages all ACME users and client developers to adopt the ARI extension. diff --git a/static/images/blog/2026.03.17.acme-renewal-information-ari-image-1.png b/static/images/blog/2026.03.17.acme-renewal-information-ari-image-1.png new file mode 100644 index 0000000000000000000000000000000000000000..179b0550d4255861801a3a6e458bc32efa29e8b2 GIT binary patch literal 42264 zcmZs@2Rz%~_dkv{9kkWHOSM&_!!AmV+EiP$YQ!eARjm~ik)nz9R&5n6LQy+bV%Mmd zE)=zeO01R`iP$j`iQh}#t z81|gaq#en8L~R-lDQnu4D1P7OXs>_T=h*-MADVGaT!Cen!*=sxC>zHi;eS8AN@|Cm z#qw;+n}nV^|L;@bQ0+U1k7vyc`t+aK|A&~i{(nZG?LyfU@xKP6fO+2D``?h`*MaBz zIn$17v$5~5v<e_lKNujwwC3A=|9NX1?O<8>Mis;0e zCC}w==CxTK$%{jE;9>LRlck{%te|p5_a8qxlBM`$3_sVvY2jC5O1d{sji+&c0=3Dr zO6;m0&wk5}Vo7iL)CxL0BZE~p->r?YY(!t2ZLlG)uAK`R)hZ64s@6;(k1~zFpV$-m z@o%Tt2`|_kM|CH3HnDgsm{6(>tR@!+9n4)8^hdA^*ZMh0}1)U zt3;h|uL+>qsclVuDFz>o823NJqLm%AooYRpkEOq*Xw))NhG>mfpBS+#YszgeT$dTDWEJlH$R{SV@A zy#qq^2F+dLcyZ#ng!WjK+j|6S`_V>UBlkjSgWiuvnaoTqGjrFKJVXDsuzU~x3q~HqV+=Q6A-|CxOO0QOPpc)87p&S^$F;@a-lLDUV%MjAdye_FEB48|raHbX-3McQpe!5~!i+g_+MC@G4NQ zgMZI;OcPv7`aWIgEIT*eDf%jNW>stbJ-y_@wO2d*7N7>yAHRx`Ux zBrP#NcD9{HgmAkLgBMo#uy)mU-x~W`wWf7+_;)GkTB=by>ojGjhI6d#(YmRchJN|M zDZ^RU7Ea!G2>sSOvnifs&A$#LRCkB*m-5>zRGgTv@B#1M3)t0&vzt^I!OrH52Woza z`GP*&^J9A!GEL9YFLusry!4l20IVeJ3P)g-NIS+9Z0iKO~%f!xK~h-2zs z0gHa5wX@ZPFE$&vHR@|^#%9;f<;BU#So{;o@#U6<{Qhk&zpv@JFr#`Nl)V^F>4S^$i`BFJ*MT1u3h`@RT6OA4I#V zYhye{PpKd^Q~;q}=GyLkHR>P~KD{n*1M$>OX#%ksV_9O3kJVz`7%r;>9GiSqSytA^ zjwI>XA;pziH(QDLv<+??=?)RGsX^tJUEb~q(X7ze{4sEVyRoZ-=M*7I2#2HI$%gCg zB$#Mcmf=|a0V9Erz*owYxsfc=BgRymmgf?k@gss;z4Vtu{Yrfr_4&ovsxJGQADdd2 z%MTpgP~3gzb0%CgGSbBXCmB2&hQnU3-}^6@w> zqzk!6ZCDq7NO(W!8_CH#RskixbBlD;Lheq%vG#Cy!$Lo{nkcfJff%aGUnOC)*8ZF_ z@olp#w&^1sR-7MPIaj+)Q+BN8)(V=ChA$jvPAz^_5K=-@Nr1JRmw!PotEeovr))ihpWony9ZlU~JFc>|XldynC-eNehCv zt!fKb=i=mi*{z>GTVhvJ!Rgq$gMzabrco26(6*eVi`LKY6+5&T{q1`8{NwWe`<$jy zL451Uj=p&i1SuxJAxXw{IXqQ)BB*PFfNiE)mNiS;t!t@aJ?trnk;skpbqOn*{8#CO z1%p3WeA* zg_SRgGM7TM>az58=D*vT*iUo@+u_nmE2K)BzmhcWGSYQx|G2VEoQU=HSlXdT^D8~g zqAkE;jZ=3%AQnJAUV3laTgCGG-rrFMwR$ifr@Y zXY^_iNc4KQfm_76ytD(5rN!5^9>ftI&&KstzoE5XekH{1bk9$l6NGNHrTdJ9rZ~05 zx!hP7q9N-MA7!96ijqk*d)ba;2u#K{&yK4>=cJWKs+AqRxV7k^!G52phvc?t!%hne zeuNQ~*>pFHS z#;iV3Q)1GJLzHi`e)Mxph<45M=qaJ#4*%gk6XjrdKI~(>2#zoSm2kGoeQy!6ayjzX@azJh7 z+myhs(uPH{CIKtNd8?R#rT`AtW2L^+{}W!7!Jo4Z&cd3SScv-i9Ea4FPxXBbygZ3}NfE-&7yPnWxMy&;_(yFtZm z2Q&{?air}`U*0rx8mnU^!;@{`T9DSPb|-$J>6&xF-w&6Lo$VQ;crio>&aopK`&1%b zI)3D|?D{$9e6L@te>`GP!{b=?}cdG3VUsWM5wbeHyb~ZIkMxA^5C%))?RFPA|g8A46 zz0*Xwh=o9c}XAMv7URy(ZUt*m5-@lU1?9V!t;|)(<|`%mf&k zH5n?losuOaN!!0na+a8y*k%1_yxm#vKfl<;X#`h;ogdBmgbdiaHx7}#8oU^JW_+-? z4V3&taeQoiUlUs(lMb8F#LSPaz|?e&cB(Ba@&VmhWVvk&aHEdp6%X zU8>>(ggS-~+NgW9P&<({vIyHOw<;n0I60MXcTYP78JJ30ESm8cE`97=6d-HY*c&t3 zpJ!N{16PJH@XB3Gp2kIQ?st4Vr+7+|xP#tLwzp3i!%g^PcKQNFT=+I0KSB)m?KXS% zg|Tya43|jT5gXmWeU+y;i$8WenRQF~d_9_m+n}n}7uVYtYugq%)Iq)7{THjKxwsi$ z&$K`JccH<~Y2;&Ni>Dd$q!C#j0h_s)H(G)>`7d7H3j7k29x^v1ZO?2Gm|0Oj1w<*+ zu@k5LAKAf4)w!SVgs@aFxBpKR!M^{}@c}#|-#CrRSi-&E-FcM3wE=_y3zD*I7VNC_ z6JtLctGrFXXRj=)2LFt--S{!ZEoC^!V|bV>?ko&70vpC8ZtB$xhQo)2pkUvOlQs@n5TRu?dTn zN~5?6`(d84Un`UEo z9%bGO*jXz9_LM8$$H5v zDUPMqQ@k7}>5s1bQaWJ7GaV#6Gw}jnnh>t3gk93K+8AHxZM$P%>)|DYSZ|)SzFT7F z$?q+2(u59cm!09gTcG6aLN^IuJeevcnHCw{%Vs!M5mXi{DmLam9E3>HSFji3Mt+w2 zOyP7}|L~eatndQ%*1hP}Oqaj(HFMv~M+^7eZmGvb3L)vA5Q7Za;GwJO9+J39xYs=6 zLt3Nq5&u{Zd-WHM|8vUQ(x#`qH)&JS^zM;+QLL_Y$Y2j{YtX91jwHR?(mJX*RG&%w zvdF*ooYp+e=^?l-Fz5qoF>g(FLVBe&swr|R_$!;jVVM(xRY}s;-I{#@LsVW@+^L34 z_!~xWN&U$Jn$P@nNXC7-Szbfa27K`c-Y&Cm+=aQ)CN!!}cu>Rlfw>4mT4F4!H=t^D z3%lDrVpjP^w){(DC5`35vIDYX8})PM4dhkI7)zzB>DSDcXX9SjTI^vgbTSZUmV;zxENQZ?(MxlEDjY zI^mPCxwYCU)&66)_9}nDR9o*%#1`!9uw7dSX z1npL?8{DQ5nrE?Us4|=;5oV;*b;>(rsZ-|4nDj{S5~3Kv=w3_)&o*zT&R?H!c_sg% z`c>I%$h<-7X1ktOX+t1oxD4J|?@T$>*xs}`c8^dh^t5ln1A;@QGuSVb6^)Mz>}srk zL*!RdhQ_|s2h4i~Q>$yG9kvo;>M274SA*?&vVz~=-)$Ye+EJ2;uu@hQy0UD?XR%Oe z2=f@2F-nMOb|&oRdyFCxXqwY*P-jQ7thZPo{3Pvh`x0)qo4O{(*+Ij8wufQ`e3$Qy z^Rr7e1u*B9YFxcIe=U8WC=HZJQIf4pyzxU)Zdi@=Wkl&^-u174>ZMyIh!)rs9D|Gs z{LKF1<=b`+xiw+j2K`aqCwMwI4nY}{8``S zqcndhQa-k>p^uoj>Yzfe5TXW)OkS+9vrcVb24_==(BQRC-tRZIC7$dkJ|xt_D5tst zZrj&pzKS~M`+@PC{xgc%)fK0)AtbY;&9sS!5AVt>c{Q^(D6j1gd|0{+UnXQ}380Nc z&Zr6SNwhF*J_PpC7S)Gk_ff2|@bSEQ25I4E?a`MOM;XVz>9E)T`8Ry^;<)%LtJ_#5 z;}XB*p_a-qIl7Vuo<5!9)jAl6Czmd3>lIdUX?9MOA%ArcJ4XuaqJ_=_4#dc&=?RG`Hq7tngootlwH**;Vtg8oNf+xDSd|Kq6UZBDH~a?T zl+s7)P%!GyCz*x57K@(mk1{v7;aX(05*)XDnP1g2l*nR5?aISnJsPGqUL9NYll5dE z%jD-`U3;Q?s=FVh|Lj=s^$J#73hyr6B?w6(cG{z4;$qGC1)sRS>I_+X%?}BPX;*QC z2sExFMs=$(KUbVX=|DZFVxp5^*5CtEnNMu6GV|TdH4<0w&*UQ`Q%52-8s5ex5Ho@Y z{fO7c&fwNpGfFjjzQ3DU-G4_=a5Iz$p9+PBw2CIJ;GomT;osL}yE!joTt{Sep~s9= zof79q7X`*vkUovRBu?c3-|g+;OjOsRNzTqkQLNv>XWWU0`P{X$rp zh#|5%CQaF`LcHB;WC_Pxa!|I|?mgiG>dZSQit4R3AGdV4o_ea@2j_jYn;)`jX$yVC z^%E2+nTDaoGtAfXe2L0lqj#N<%)q-t#ZEHqKWhmGGj=z|P4>FWRo z^7_Kr?Czql%lyO~wHo^46qpBV2S)H*&=ak)g}Y8XnX<&1X6K|o_4V7-wZrXH{*Y-Z z))Q5TQ~DdT)kYrbHQayvIT%1&@034y7_yulY$SAZNY69D)}%QR!ASoy)|Nn98MsPF z|D}1M$*1r0(|JwijlB$b4<__=2wf!Qu(7+##7ZJ0MYG~=^ASIC{udIyaq9MfBgde^ zC$RK?9|Pd%ZGuC*N5}%tq1xZ{-0M_>m2(F^OVv1_s2_V z&;R4WfgL>k0-zw{h{D(nwy<6f&zt{Hcl_Hqc89dy@aFzQrheW=^C$kMHqk0{>Ng_Ve?dDm^;Cf5zq7Aehi2?)<0mlU zOMAJ%-y+!qo)%7KwH$g-4NzspEfk~o&!T&;1`nHpD?x`$6Qqr{|HHzbKKek7=k^y0 za_s&mdDx?>Ulv%oQ7-Gj|B(h;*fn6`sgD;tL=X3#`tPf6iU8LR{ATnB?F;+G_x*=1 zg+s@)^4ZfRPiPC{Kyw=ZDn#2A7||>9m*l?PVYiF<+b`N)29|D#&>Q#*6uw=;R{a;Q z|Jnf4`B>3+qAO86hc!n2?`VU9x&q5xS0ygFI(ujK&S4h(YT<2Vdx z+xWE04#*PYpu&o{cA)OSSigSYfARyq zeX|4jE*4Ndn-RqB{vT%8!X5yH2~luzB_P`XcHayCmNKTB0M^GdIoJS`*F4m#_m8H8 z`2qF4znAEGac^C1QLbL4zhB*c4U7mEmiTAo`19H+ze(G^1Zcw~*VySVZ2;D!&7K5& z4?D8AWy;yJRsP38-Fae^DZ1mMs|7gEDWNoXpdjOYbkp0WO4cXaC3>jz-ACw`s90a(9rX&g z$%lKA{+mO2Na)7iJ~*-8fG0~yZQFwAQPu>h0D(YWg6c(Pxk(5H^=ZSx%jlQ=_DkPk zBRqu}qtiTTS02Bk&5huZ3~13&0r?JUw9*-$spD#MS-RApdW*Gneoiq->CFG>@X&M& zo4`$BBIwsKQz?r=*JOv$;c;ZJefgPVS$5Uw&`;ss(4Qt+Kj0IHseU?*;;;dv#l)PO zT+j~iN$84fGcrg=VsYZ6Yp+MpgncgO@|R#a`o8 zBOB0ir@orW$UBb$8jPE1%hMkw$BO?yHNpoaA8VfRd8M@|K?moA)mFbbdw$ob zB|eMczbLpqU$9$K=QsOf@;s9|6)5zhsLS5&{lkJfXP(AV04I@VBuLvU+sB+$Wa0&8 zAPxR-B6+ZgGV@Tpr6)Ea_7(T* z6jv4t$sb{qAzLP$*!%@UGf<;GAa$T>^9)1q?%x!a65>4jr`yIhO=to`uTyHgi!JIZ z@q}tCJMd-NaG~SXDdK5EtyKwb=cMg8?8mh?D;=dP{XgU$zDnudXYSjxPw-JY&A4^D z^R3*&_G@M4mihPJQ}5Xsy??uJuxWF=Z4d1r0;Q@^**S7@pr!6E|A7(ESTGPc05}0& zW*$H6K2&U31qBKbR;8XQwauO*=0xXBjj>A6gF?Q4K2!=}0R=gCd7oaI(&PRo_8*q@ zC<6=wVx3*J>Bwk}BG#JNFJgFAlexjDeC6%@Of|nNMy_+G&2mzu^NGvw6SsxaS6hu{ z*(K^`+2h_%(?zFtT)v-v|KOcUZg~+ zo43L_BKQ$)`>bjMAodLptJ4XMsG|Z3{X9Q1#_H1WnCi5qCZ_e%0!WyI=0_;3saoRB*HJzkay<=>Pmk*!m%W1h3H# zpT>iis5$G44DW_hyPKUop6&5YC6A{f#>Vi>W3HZQwVo9Xx8lm{VencxcuaM7dVMOA zHoQw38y`P??((j~g7HxFuCndq0n_bC^I)j}!6{ev|;D zmYpGPCoroY$}Eox!OiccDvy)kN-PsHj{VQct} zYNNdva4*OKb&iBd{DTGL8GEaD1bA3{Ip$eg=9VI?=+`P{ES+ulmp6@l7!c^z~4&{vTxF26B-LfLl4sQydC*zY5fSy>j)-HA3_YJ3v67eC9}(nISo`+kFq zA1i(n{KvOCHcLKB&PzO|g%Ne{2K8u`FFvXVUX->U)96n}A1GMtPDf9hfqkDHntNvr zwz}*H)#_rjh)7f9vStOS7x!GJt%$ZWZ~%Dh_m$D6$>#8wZt>aLUOoF*!GiAvIalU1 zYUiVR?1gVEy|L=2@Qq@v#AgObH{o+hgKogkf(A>4VlHpc&*O znn~a@G#5hcAl*x+Q1?|d`vNUOvZ`NIOZU;fnrC=t`RTW^0~M_Mky@tx0g$(dl~E4xY9~#0a!1}WDSlO|=$w{YL&tgo!IU60x$_}eeK={tmfa|6*oH-RG0`=knwvT=ak5WJKeouWE#=a4nhzvpt7EQiZQUrt0-Mek ze}HzAnb1HGQzrGXEH2?>YzqZG!7#>zq(U|Qvr_3&l34)+tDHFYGCGK-Slp-YvAfA#A-pvzdt;kah)`|CJ;6VIVdS1bHci2Rp}m!v zRmPni3B^i-B+7(Fx%xdC0{{N;-b!3;A-452|RA+2E9i15B2S`QDVq7I?S{Rzt%0PTK50vzXqlgBk%aUS8;{n2yr$To3IYq!2u@S~iunn* z{+o?SydURIQ?2>&f+bPFkiZ=!j2G&Jq_K;MQA>Gyw9JCSv z!BV9{2R3fEffm;&M@DC4vBvU)LFz7&AwDmMLQ?j}MNIJFOVF(LTQ1l!)uq8(A_8Sp zRiQ-d&iUK!x$%Tji^iiBB_O+^Ox2Ewd>8Zi{r<6q`*+{<`TF#$qy4Uof!hh>c zd-3ozG&EI0w}?vzq*~#yu+2wfMFyfZ#kE&DEhlq6TEON`3zRYKVnvE#RBr`ZJ_|o0 zEq0;E1TdN+!7g19>KgI5jBsB|B_Tg_aH-6xW~Mn}wQ$^&=Gw68mPsB|cX&CJ;nN24 zvbG;oim|MsS51_Gp%y~S>Evv+{0=^ws3hjp=Mf2$%6KiA-{hmID}zN9eJiTB5Ek)i zH7)i@9pA7#x{pX$PgY$H$wz;YkQ}?FPmBLMiWi3OMdNopnOvW5I4wvVvK*;@Yhk{e zgXUs9X((~_=QAOR3!C2M^*-}yo7Y0zv@f6*ypgm3*P=W2wQ){jHUvOW!~l0IhU8U|sEDTtK{(w>*6HTdaWq?UGH zODW;Z2iZ~IyUbP7GX|9da_(v2!h6J5LHzJ1PLH}ZI6Vuulm?)Gsu@C6bev5;0Euuf z>v%3!BumcC9K^Y{F`zL?vQKc``qkFAI5DX3wLk4QArCM$m~{7si6om&bIl3EHU_Oo z9hJ9Yt;VE&pW-`2;xFZyfG{2>b4a}4;Q5^@zkUQ{i)Z8~>qD)P=F!^3gpzRHsR|58jcVh1I?;mEBV=7VM=m+x^IHb^ms0sN;WKX-hm>u zNM}9CwKrY1x1CcMZJ-%iZOcH}$0=K-fhQe0&Ut~C4{zEeev8n~=jzo2q%OP$B%fCw z81bOzewl_D7IN)Ak)2K$lLlE~bg7(pM=BR8QTd9GS=MPurz$At6aV7OX+G-PNv3M6 ztk}?`lEs;`%24YG1#VQ833DStL*Sxr^?3`{1J5-ICp;E3T$FWl3QOg@^#ENrR1HCx z36>lL+?)ovpjG?{j*x>Ols2a78DLBpijJuVMNxS$yx1e@1Ow4>-#+qN?!<;x)5VHc z_r8Oo+6yZz`=@S8@WP(Cai;C%xA;(K>9i z4-~JdwXKs)pk%^R4<5v@^g>|ogtYeyVyW5j9rysPvLs!RZMTL@r_N6j8Ay;2zuVYS zTsNdzSHhg-IW`*?)~cMLx#gTQ1rz)l|Dce^M5Cju?R9*HR-#2gt4N0Lx9GiS?zI}n z`la7n)YX%>eD1nEpHsc?T3SArT!>1-O#NHSV0`{I;Wx+ z@@_7YF(oE7riikyr%MOpsd142MKLKgQXz#K?rHQKW=DZ0rVPpUbJJ1@fN0$^0guzD zAnUeDJW=Abk|?_mrzL5Pu;|}-(y_9Ji3@u7P2W!hl}ANp_+aRQI%y?77-uocKUXCOt<W)CLcl#p2A}hZ|Hf4+ag7HK;H5+8$(^~C9CT$BWcJmnxJVAO zqDJb9le*B-QT00;XZgo$<3vEJm?g5`-9T35x#E^SYg*PAKbPCGvUA{C(MFjyrr; zJ7&BGeDm`@a^0-9<_l!qOd(*RzkQ50gmzY=AA^OMkIgfyi=nH1ETj4NguI$Rxj328 zk4RwQtj0I-tKt&Z%$!gcNZg~d4RgOBeCuJ1s&hY1mFO9`mu*B*k~do7Eeg7wNtP+( zG(yqd24m<}TQkDJcLP<0rqOlr9Rqba&KCLcf@(oWB%b$I7*q`9`TjD-fZMjHy}t4Z z=UlRyv4D(Om`uB}ily%S=1v`od-AHskt)HrJATHqaUoA9S(7d*7@$N^cXl7DB=Bx9 z2NCTY-ua@Yv}XVCNr$M_8&Xk!#|G26fcriWTQ4)Y6Mbg)g5+R}t*FA7cZ3WNEUW;q z&KWyvtt#08VwqC1Qc>JlHOMli$8M;mKPjzv3id|Op++VZ_PCVlj+<$}qiSNISNO5t zJ9roGnCNH?qAfm`jya{b(sfqgv4MOwCd|Gu*rsxQD zU?q$Rpcd0{DNdymkGk-JA?J3cEFP9O?Vv1@<1?*04bEN^D4>SXwqRce98o7c%*Wi5 z$;r9#L(Uo*Pye!g06k`R&wq8pR1M%C^3F}g6@IIf%wa;s-^`e?>q)A4bg9tRJT*^l zC8F4eue`qejsfXBCq6Kzi_^gWO^J&L4(cAAsYkphLc$}pj`#Uq)~As_J3>v7pcB6R zK&Vnz0`0&~0R)2%NdD|ti?b9$t#6r`^A8G%gfv*-TMSg!StXhauXfU0RgKFFtft4*@p zRE1TMJ=2j(<>Um85sRoAthdOD1wY_r!hcO>=~HPGQwvE#CM6XF$cnwIj+6m@r-$)&n`x)P1Zf=iiE7R><$^RI7llfwEt8g3qPRF_6@!(r` zBZUKG05ufb9TnFfcyK9L1WytJMF6?jYKwXEs#GQcTjQ=`x5~&}vuTsS(Tmq~NJUU2 zGu0z)L&|9~P0Q}@N`6m$ws4LD)jFjwo`7MA zXOaih#}gOhHd~3~HmeNwl-3*0lLvh(`)xXm`@OBG2l>`z0Cz5aG0PblVZYB@RqTN$nhBfj@nDN8Gn8?+&xv*_?Rq6(lz zZYO}^1D6`=!fO={&K!SsY&6Ng)&OeOk+^YV&D5UBrpq^1|9n^ufQanwSgp1he!8wt zUXC*iP&4eW=@-n^oIke;cIz~pS#ig9^Wn4ozHuL_E|xRDTf`JOY_yk9Jxj9859bD* zw;OiQCnowIlak1cUoAXpAgN1TP8i=Yqa(X}@|hiF&XyUm(IOIM@nowB-s5f>NzUyF zPuRCTjwmLn9z<11S16jD1x)?8El}#KrWy-K^0W;J{3P?rd?PUUn5cUlw{^8 z0?Klah@UtHWay0sSR}-QP&QR1NP!^IqcHaEW%lfEhN?|m-k6IC`)y-y#WZ#60AYD! zkDO|3q9{A&rtm=^9`(C>e4c~j5ZYRsZ_%LsHg}_sNdVSL#*T`4t|;u2lJWo@8p7IQ z&mKC7kSS76&qYq2KLkPHc-R6el5F+)-0c(4wZAgS# z^`h0$)12RIXD~OXvMPpE=HjBp6?!%Q;MkVY-UaVfB+fo^-$VWWkjdg=#Pg7yo+qtu z#Sga2rCiMVs2f%oA8sH5x@3?C&Fkn7HtRxcT7Rj`=&VZJ^)RVx63Mgyua`!&*i<^ z--yVh(``B*W2I(XOLKhcTb%YKc9068Y|UKfUAU@`ar zlFBH3s+Bnrf1uilYBrHLc&bE7L_QRpZU7juR1s1{+M|Jd=f-MheC=pN=U@O7EQA-8 zE|4tJq*+UpFS)MzC=d@d7sdOxa~GnvwXUH?kS?l6K#iFQ8*dsKDh90L?J% zEmF%>ZR7bWQ3&p@B%6KAZOFHaP2{<}O%l)KxCD|=jRFkpj6M)i-7s*kjh_gh>FZO? z&0m+W3I%`|kB}DxdwRF&H(AF3vVt!F0ab^2-Rh9~H8*wqBd7^!`0(^kBDM$P6(}*HiX{U!zNrLm(7IH=m4prG0t0fF_CIReOjRwQVTDG zDxg+~lB~xt)@@iv0c?0=<%tNMl2+sZKqNcAd0G*u8dEl%;607;)RMSsVXm2Xmaz!rjY*czItF|{pjA;O zjEgiASfLlHL{nn^bhR-62?#>Dk`wg;furmI9V_6Djh_esHoQPCnuR?Ay?FjLg(FCP zUM|^V_Nm>z!G~g*?t2YRYH*-Ma<9?tV~p-XR>ZODD51KEnQnxlUBK@ahBKF5v+}q2 zUe)&+hIjzwyp_Xqjg~$+XttZ5-f{4VfZzrziG@1`s*Wy2Mq0w=kd?%|sYItZIf#P0 zig`aMk3*7V##D8b$Ou9l6evSiCJr7zQN=*73^>OVS>p^gm#YG~@}mZcFEUMBu+&c@ z)y6PaoDr$$5*VMm;~uvvUN#hwP$LyrLphDR1He%L#Ay??T66@(+j&h~>u{JSPp?X8 zTY{jU>MZR?H_A^F%I*%7!Km@k30htbT#p?lJij2+qjE+mE6}@ z4pvLCV^$8WFXU%`i*r?@ZC&QA+4Ruv5RkY5=VBsH@z>NuC;c{TaX*KoF!)TpD*z1j zN9M_hS39*8BBhfR=AVe*CM3b^8S#Qk$kk3KCPfu2C@|$6?NaKTXacnsT7Q>=R=Wlq zDHw46sztvNJ{N%XhEUdg1CqLw?2cYJ0-uLDYf@F=7*e1j3Ecmb91%}Wh>D-kgUY(q zr3AdA=b@33E_RI7JdMiXsoP8d!;E_@tw;YeV&jpafqiHYP*s7h%}58#&e=OxlKmg@ zsnxYhCV@Uc=Im*)hf!q;M2mb5B@s|G(wwcJ>TdV_P3HI$ifNtu``Ce&3Jz_NCY^jF<+?4* zJp_OZJ5Jg>3%`atB9IHDwWRn<0$9xhL+97x6M3npHD=x4p#~3%)P2*{Z}WfS=zz9%{|Ksn)lc zB|=_9r***{i1MSo?vURNF%MEhWlrNoA>s!P-m>FvEVsCl*Z43=@oKd#!ou7XgU&M7 zDVIsih203`=rl#5veCX(PDF#W9aW3i@4SaPohW(6oNPSB63c_vq>7AaIx^%a^SfCN z{c83|h~9>q=L_IyIBR0gztfC~145%Bc>{v1fT3hcXo#Te5uinhN5e}&$*wz6PTw$; zutZOz61``MqqUC7&PHzIVnQS6_PB2*_Y#hjCP%gib?Yvmud2%4l>r|y+i zf(lav{o4FB1~;@G3aLSRwMOd$Ttn=HqVmpNt%l6EDI*m{Xe#4=c5PA!CAToCTr}wh zW>|JNx#wk^9(uOjm7$PBVbRYj=yXGaIxI3e17Em#xlILiR5; zHn)a3REG_~Ncq^3X^q*!u8RD`gN4CMO>xx9PMI2@|FF*K7hZM?Q^E8;{eaJZDX-W8CoKn&I~T}{;#Hg9}%?EF9=0MTH%S48o7s+P6qbT_2Bk?nHJ za@nh>K_{p;a`sKWy1`0~a>D8^P}Kd)>#8sIDS|FEMK9sOn`su3Hn@o$_SzDA-J9INtd_r(t4?v*T!R>{HMBm+jeB{lJRs*sLUUO zwoP|E?p$XJTj!d)V6M-%X;7bK5`tZ=1+5NW+u~cP|6yHz()dOXmTptFI&TwGlr*K! z^7Ahaiy)lBJjIt$2||WMAlI=r7cO$%tB`TB67}?%gUBx4p&wJ}xl)Vz*bZ#ie`P~an zJu$4vkZW98Tm5pXN)FApiLm00wm+_IQTyaR(InXV0#JE1Qf~)+3wcgIAlEs;C3Qie zKy<{O$)VAOzq5N9e+Kguy0$41g02xSqvr)xog0;ft|fE~0+EolKGYfql-Rc0wPeiv zs?GGN#uh0r#DR2A#kWu0AwGKJCO24sHkM%SB1OR|H`}dVO8@Quq9Z}g+xu9df=^Sb39yPIH+OsX` z6qZjYk>?qm@2((Z!MZG;#fNL5@}_G|{PI3J`#XFfss@$L7gtnK+)X>$lN!*%LJ(JTL@i`vGUhfG7P4)xv!E|-4{xwj^J zp|Vc4YOfvUc48=p0LWX?(ku7w2M?piI$a5t`YyqBUo-){}+_*=ms|nYhx8?M_UmQ}@?8!tAC5 zI9xqFv(lWX5SO^K600EiCbs8K#QwsRE1XsAVLPX?HV+?vP6D}+a`1->Ut9nRJ7J?I zdi@H*<+X&(gtN3Qbuwg@d8fB^Jl%k61{TjcEUy%iCeaAOsm`_P@Y~fUZG~gVG*}}& zmuYt=z*L)b{~s*C95;9jf3nocJ#zyKNqrOqU_P4dN>@JI(Q9DRrz*fi{E*L7HX`L6 zP#FmHcjezRv?%R4zDs@~Y9=jPjKA9rw!qr#FF4plp!l^s4ltmHG(-ibS(e5Vig_q2eI0Qy93iXmCp`~gP~??NzU;Qjm_9fxB3+=+Hvev! z64%!49bC8~ZX9e5yUgy6K^Gm|Q$(e9As_l9+~j278`N~^1Cy019-!m&mNt86{9>Wx zvSF)V{;oRpU{3b(j(YY+Bq3i3+hpMW-n{T>`)Ix@uQ1jrtV|6vz+L`}njCBVXqACh z5;q-G#}}ak+#3j(m0oq?AMEZmF{i0}J)OUf7Y>x?ccw%64wUv8tva%??e{g-4vXMW zp-EkN4Q87@c#-p3wH7gcSM}tR;X6!o0Mq1WE$arMe z^Xx`w>e1XA{CjEk>HYpcb3KFF219fV+M+Q8ZNTxo;>!wi`(rsGPX{-B1n&LX%N`pH_+u{)MR5GIUpS~y2h^gQXb~4c)&_({0F+h|#W9f~ z=6wfoGWe3Uyh||hHOR?1^|gsA8GV)cYtPse1;~SYy^xpmwPhbl+R5HdmD(m&{ncu6 z8yC9USgd_RUwXCHO~pPT`~po^|C3oivRooko18$;k=!@2g%6UCcZxb<$e5|@Fy((w zm5~HGBw~I$s^_7**D-8(+?)iJ%OSS6_vl_2>AZj4p=8pS{m*bA>DdmyYI^qct}D1T zD>>)mPC=eO=Tz)F4~xfNh`*Gz(nrC(G#MJZ4QfXEkcac= z25J7t`5i?7_m6&qiu{dvK7`r!T?I+kLNZ{P;I0dsC@o zFIOXfN}-_CHE7V3S?M)U0j9I$l538zrMC^%llDp03SssUgATRS|AdLp6cg~{81yfk zHAr9oZ$qy73Dd0EgHJfgfAD@2xq6KjbqgNGyM^JV+v5xXB6c(-07snIeHX=Mc~R%O z@IH|1o^Amrx~KVvhs8gFO$)3*2Yl_~l;^vPICKOGgw5E|Nnn&kW;`7os<?~j7P}bjb>=n{XO=l1KNeW+i4(fd z9o|dyHnfM}(_}pNS3J-XLLK(4Jjw1}87U#OCkZunRUm`iqsEJC>(jgNYa%o&0I|3O z%IsQF?^hVE&#ZEqU|5(VLHV5iSI=Lw3=U7=csyo%bRjdGGWqm{qnNgFl{o3I68vi; z_Kx3eo8L~egB}}j{z~NWKcIAn5~j~y6wjfxH^siSN53lR1xi>U&Qh4(wG`?lZR30y zmw)~{h}Gd<8$jte^ z{a<4z2gqiRfE=Kg_m;?oegDdujUz=yn{oVhX{hEe?AdiWr>+DP(8DcaSoe=M_Jr`7 zpJV-k3s4D`$j!e1kg;bge|-q6fz~xFs@2cHO)X0^51Aqk&-`~Fpis9x5ayZ|=zopF zzg3iYBb2TBlKZ&?O?LO+qWOE$u&P5_T8W9@aghe0sY%&+=KJNrp;mv1@wa)rz612k z`jf%RKzxwEhWNK@{rGbL=spX2KK6V45n=5;7xjCi@a;ix_ju<2=DMBd|8e%#aZR@G z-#8#xD43x1ZK33il!Cz28&MHS=}_sG+UT%QkuYcp>25}hQlz^XV*{mQjM@-JJm*Cy z-rvvX`Tm~YKfaK$>pJtu_whcWEw+Y#%`4DH)kQg1?67&U)8z})Np%YG_kPXn7G=)n zYgaG9JXaEFWPi`A=se6CT)+nK++2$alie8L(7#~ZM{bwEUQ=~)1#*QenT9K?t5=(; z%Hzg@WigU|yCL%c0DmUHD=9!S*Ijiox;wQXSnkwDo?N6*L%a>Wd``-P z)E5^0wOTS5JHfFNvU1@<{Pix<15*~Gi@}zw`pTAlAIH+auOIdy(eUM2wDkoZEwudE zs%V9I%_(xYzY(&lw(ix|ab}?Xb}|}w?O~zD7u6}d2^tZ{+a9Ukv1=uy$#sUwawcIj zbiqJ#K|@C2?Yj5^TA1#A06El3Gn6Yr~uSe6uw3;koF{vQtW*Z@f4N zZ@(jFxsn%bG1`%-9wnQ>Q?FL)>=3@uq$WLeP*v2r&w?z{n`xpodm~X06*5!Y9Jv-F z=V+@vYt?=9b|l65-QZu?U25>UH3pr|1tsyt*0UBP^(P_9mer=J(J1#7>u_;|ANk^J zjc%lJctM^~(|tRq{}uMjAxb??^K0v1@cle`CH2BW`tIlI@~gx1Ob7ZiN+usebTwEp zp+$rY8Efy0bz0iLq&WDcas~6|WJCIEgiM!sKg0(@oFb%42Xo=`J^*?FToB({SGspt zBYF62xX`lA(wefHx3CJEht~4^Nc!DCuFxnhwLhH5O;GJbb|ZlMiqYS$lc0C}biPOQ z^ccT>b;$Xl60S#~$hC4!RCkWL(s{xv*8Mg>0u!Qx_|=*rtS?ii_29vEP_vIeOrV?K z>q4x){to>6;u646Wa}i1&U#cD$gOqX2l@Yo0zS+v(hIJ}WvO)Ch-J&hy)`PxcLEI= zc0rq9W&NwE)jYJi#s*>2-$LfD$daz!T1LL92{o+BcN;7UtJEK*;?BWs?|;M-^g4P&wUpgsU6>iB`^|I6=)H2eAf`XNQ(lRK9iY#st55 zk$rqyi2jmq!|||2$`t#T*vqY4A2UrVt&1vG2L7%UvBnv!?bA-z=`Ni60!0PT?)!w0 z5MhZreujGI22gNH0J;ksy{ZH!#d zT3I6-i;I8P(#$aOYV6It>FM7BY5%c@P@zMuidP|(${I&|XoMD8LkFWdmfQSffl#*5 zOvJwkHqyY*@lMO}&vx#m`Mi>0Rr{e~bBRW8va^1LrZ@uJDK!C+7Hyh(Ngpv2J``pZIetf*GDWY* zy%f!Ze#(T4lu?mevfVOjnIr4`F`C;0<~@TIg9Z#LD!_CHW@jS|pz zVRtPjH!;}1RsBz84wKgu!uy{;*fnMFcz|RF#zuEU`_8MjCv^8B%v1Bm6*^gO3WwkG z2ZQ6I1<8;3@pe(_A4fTMuevD%uoM<36hQgbus22NuOcMd>kpTIJjh^P4Lw~`LA|v+ ztkk_bO6}^I3f4}R)3=MgwiKK#^~J4%9Z-@6s=}JX!gfaH^@A#HbLCEevLfEW;c>A~5T1Y0}JEU39<`fWY0m?nwcD-N3Ei@+Oys5h_o2MtIz+zgrU!)XBM9?ofd z!!zu*T>ZaR?qW9VE>-8T0>3?fd>e!jZh;LXdxx>@K8+MqSN{SVaJ=$1=X*|A-R_eb zzy*eYBtO(B}=7Kr+V?R23;(49tFx?MEJ$x6rf@=iVMj04>!b zCA0?|A81th`bY?cDWS%9<=h*px(<5=huu^g)Cf%(jh}4;P z2X5q@JI%gvPL_z#^eBE@VHiN0ieNBvc z<69-tsl!NoCggbDB?G1_?ah zh%ev12@5`S=XmtPUq=F*uv%rWlRgD&p`lo&uG@t$O{&hi4>cH%^@Z0CCIe`|V38zj zYWt>iy*iaNnackUelTYs82wD2ki9}=Ru2~x`v*E=Ie@Tnm#G#IMP+(GLDULoAxc-+ z*Ow<=wZ_^h*e8;!h@hjtO4U++r9(4cvZ%L=Q8#Slx2DS89{>ezw*3ixn)YMSD@>p? z$Hrq{m!9!vK}!IZDvxdFZ!Y@6K+3RP=o6>}feg}GLCWH-+Xrigq~Ge1j_ccxd&LK% zgMRe7cLacso-0Nl-nsEWP_~MKk2r3DTYu_v?aSYS8g}7e>jmhhQwRs&`tbX@L$d!2 z%|-4i$W_~$D7G`?Eu%P`CWv2mB&-|=e=FVjIzO3X(K9ArcZ(5d98f9kg(DF$J3@1N zPIvi$IJXt|yZ5V7c1x1L{GbW_r09^KetevRao6pc0B9{uVEzu2D^QGj>%JZV zWwd7Z?ip+q`KVC#0od#2M@0}^L0tci{MNgns=Y18FF*+_!AD!=(>sqCr2QK*TyoTa zKI_Vu%V+MfU-(CEzrykJcXpMEhMtAVg7xDD*zsK3UK636Z-bFf9FI1let#akk4K~a zw+{*J)(^(osk8eP7My=hT-)^xATX~|)zK>mCT8YsDWRR+hH*TD(CLm(9-A^b{jqFb z+5kn<6!str&TosJ$|3Tb!w^Ef6`aWhzxw>;lgXHahngijNfN|O5I z%M%Pi*6`4_Sc+QXOiK7 zyZ8Vf>PJk>Vz;=RjxJ3Kr|8wH3-?%zC7j{;1MXU8H@)B5l4Iod_Fwr%CpNC&^79?p za;9G`*3eiAtke;XiZj0!3{*=4@0?G4HUdkoFd;9NZx~ybU9E9ncX}smlBHL>{vZ{Z z%d0+{&bvCXk3562*46}kEDe}49b>ILlh1NaW-+|$hS}I_aZwPzpr7Q5V}VrvKL{Ov zu}SstYlcsoLWFs>MYc$1<8FG2?N}sUN(Z5^fSBzQK;l-MKcyKVhQa_fbqM|Z;7P7t zz|@yN(V?3YDqsE>SPVHA^@x*Qmg}N=C)2sru_dOtc;*Ye532ttk-cJhX8ZPvQrUw5 zH?*9tN5FCtuP^SogLqrq0yf-K{+?s!fVRatD3B#RMPG%Y5oAZ)KDgOJPRK9vu0m!41Gg?I(U32cwpT^BPBvvm)srm0)Wm58U*msnxNQuREnd5cv{6C={J zi{_E`6PZ>Lod&!7-;beT(g%{LRrz){w&KE(;H zo|-m19rf(0Q$4j-u9Yu1nVI-9iPki|%rf7yA<7Pfa!-baCB%IN!Y+AGMR4;>f0J2P zUlR_u&Ry0K6>0|299oTOn-C}QhNaGnA`Y{a{sTUJ)9!1T$fr-Km>GsL*KhF#9NH0o zn;HVPpHk!nqk5TRAf^aXVv$L}Pn?w6KsR=|kTk~nun5WVcAeN61cpgevX_K5mckG` zt7r7f5x#7X9HwTh^kL|vBi?FQ)h~5x{>JN;xB>6 zEpw)q3`v8%E@|#-d%H*9(zWH}LSfD}%Ka1nthmic)dCh6a>o{5oI}5Z0f@b`es`Z4WLEhxucc6wD ze6&Dqvcn)U{1K?C`-eFrHt!vb!-nePR^cWr1!x;(-urGlPxm~%7yJn8-tzH3Z~FMJ z4p5q%IdSQC(tzU`wF&UZ0L1~wUHP$W@f>WMT&z@`uVKf)Q$M_tZQFV3)|t3QwHz5t zAw1ARv9d*@u=#87kHIV0`#qh9CeAnQ+OZSHL>o1T(!V6k>lq zo9g2(b88z(m@W!9LMlWk6Lt+?ngixpyypNjB-|_*qj!o5Jz?{k>Y6KgQ(Zp>>UzI) z{pL7o*(sfO)b$;RBZP^UW+%#DLN&Y@kEyi=BV1+kaNd~_pq2ov5>R#x?B376V!VD2 zA(S6R3+j!Jf}y`wh�Vj6!kBF<-EpxI@CMe;PUP6SZ-?AUP|8aKCVmSm% z1)*Q2!qy21fNV;QYmTO-Vu8Eec?zn?iZ@lMrO9Y3U$a7|Ga!n-IgDfHU=ZEK&Snhf zf?-JdOS;K$lv9uYX3T-T1ZIZOPl~o{(BTrNHaWj@Bo&;&8niPjZ3k=WPDa~r&21iJ z4us|RhFR?xIVP0I%^wZ?z&l3Y((rDbN3hj92_YL02&k@--p#smS=tlM5#Rzr8O^)X z0$oxT_wQbZ94*i8L}?C7%E>AT{(Oy=M&z9T{p{27=>a8XA8G6t>Rh*G-GNzCT^@u&BTBF+OYH#N6_w%L(Ge^fqK(vkumFE^{jw zWJZ+`98?qjcDDPsjZjJS!S7l{XgxJ99FaJ4?}m4ZYQ|$gIv9y{+0Y>YR^#468~yZF z+WS*8Wyat7GG?Fl?h2Cogox&gC-34PfaV&V2RTDhKgV@YPPfZrkcjEtDiN!G6I#Y~ z^*mn3&mEyU)58}Md#BO-ea|^-Xb46U!8GGg`uz8{zJUBP7+S>GKC6;W;wzxIf(?$c z2BF{+Gsv!F<({TcaPJ>eU)*)byzU*nZSLs|m^&~uV@o*&IA?66hx@I6J^-R=gAW&^ zX39MJfZg`Wso}q9TJ)m78r&&84LQUNT$1E#5JnK}E|Su77TO;0JsN5J3o zjqd0^5d)RZ5`%4_<#p`flT%wuZhGW4K+i2VW~gRpUj?k=VOW7lcNDpKpN?7gVqOw; zgS(y)y=M4y=a9ETmfUr1(03%8AB3-)cdQ~W& z-k{%((@XVWGg-K$?fw=#0&eCDV611t^Si9HJDOz00g6wv@0Q&k?$M?-c{>AKL0h*= zf6}kKlJnHQ)_kWw_c0<7Lf)y6qYwByr{v*FYJH+cxzF&)!J#QkD>BFt}YApE&fR|wEskHmLXN= zA?71t0LZ>GZ1B@?DlCI0X<5u~@mJ({ORYfSGL8MK3f!}J_d6)OhM_mN1ie4{O5U@7 z_mhgiUPVSx*t2`N9*vIr{mE-a^=!v{Zu^2;!u=(A$AJ_+X#2-jgN?WW0*=SO-u`Rr zTjyjww{y)vy8+F0+WeP_`$DzFlVboG3%3sM^ZhNHWjrIHC7%OZQO$j8yI^K>?0^`I z_DJm=@TgBLs$x6gfz5ZFXB@1x2Qx~Ljdb2|UN!}{m+OgFt;STH`>*_A@PN;5M}SvP zq+i+$TWm(#xy!WcKd8zK_)mqT+3eAe-$@5nYz`?B2X2&re=d^jrbiuimR; z@GL!#weuEV{$nb4zTp2YmFv4p+c|N;3V>mQq5+`+$@$)ANVBHNR}z^DpPxq9D=CLd z;?IXKFLHN}z329sSIgAJj(RLSXe)l&)f6s*DLYK!?qeuvooM7sKxO0_mzx}qWMM1` z|07)lgjM|60DG@vG)dWclO6IKmUd&!*{9Z+@p)Z?VG^a4|~r#~~e%V>?oh zX^$^2CMxVwhAD)sm-R!|+l_|LV$ZQyv}Q$-NhPIbj2ib7BNa zF#U1zd&Ih#UfQKglxBfk5Ag4G-O`PkG^O#qTZ!1_bbc*lC#ly>z96mci#N;X(59%3 z{BZBELoD{Ca-W2741mviWwERso}tRCB2oZYoDL(+x>6eDQ`L;!nRCAg1X>z2=1hGu zEXgr1SyVS_JS7;hFK#$;-?irVQ{itHf(7&&-`nV(&uRo@@u({n%kxr@maJ-r!p7qI zpU&~X(ziXyR4r6Sx=wE2eM?;ZOFAY~2pb*o|B;4?-z=9*Ebjx=8Wz0)z3xO&GcR6XlCLka$w(Z02>vbkxN-VCG!Mn|(}Pg_Os;aX5KRm<9as`g8t_Q(I}DgM_~DnJLc z-rX{eH-*60{U5nthxzP=s(+L>0(#K0!hMj=P>sVzx*eDLDVmpH;{jxj|W z2~t~b<%2oiP@uM@D@PqrPZwB7(b?#uAc3xi~ zRI)3|-vsoekTc8g%u~S9CSTwWNPQUJxwEA{ww?j?zH_rIj@Ooe z<2velV3QqmOVUAVZ(fNbk*c$V<+|98zTSG`FvQX4cgWyi@%59t-{A>Uf}F^D+3$dJ z2nG>G{L%*;un`t8{OuI#_M7h<2dWS=a2=bj=&RIo-BZ)-#=*_^YI)**out=5707)& zH?lnqN6NcfsY{MbFv|tA!U>*j1-^QzViV;CO8^SYsP9!P+s*(u7^%l0c#;AYnE$b8 zo82MQi4)OQ)V2?RVWB1yMIv~!SQ$KG1 zqXeiHHSe0x{m%Pu&PQW2#YzS!r0=8gp&;^m%U}NkFKl`D;swZnS2+pw+MoQDNZp>Y z2KXRUm@N+wJK9Qny8k*8`@ezQHIwM+eVf0D)AC%|IaH!x8|>_~C!jPqumR4W9K5nM zf%Xd^3?bsowT%h$T0I_Jv-v0Qz+#@A$l8oTY|YVy+T;>&^C23_Zu-Aie{Us>W0|Vc z6Lt>dkJM1u&E&xQ`v6$VRb#VzKAVn-A&P=>629N)j}Jh8;N#WY|(6>7LL@I7d%}QYL})M`wafK70}lh#zOr+@K~>pME~ige}J+@ z!h)dht(D75WrNNcS1)`8(cA0~;h!GwsLKw4 ztrQK6Ly_v^jul$R2%I-2`6WR3J(JV3?cr_S7FhHC)}zp{ym%PZi%jyTu1CBS#+Jl= zNIRe~<~IKh>exbFHwEp;&XNjTK>#%VZeXK)Aou@8X;4S)yWaE9zw}07W6sI?@by%c zE#L^(r^hsN<}y8ob|EJQ^udLO2$rq{3LIXnDc1GW`IJlSQ*SM)$ol;`A_ z#-*v=JojflEudqCzHBfL?_Kkfg&zDXoA<($DFaczowbkUudn`Lp+{5b)Ju82J*ZG% z#rsN(YPVZv**tzkSnBjHu>+l2_>tP$!>5l%^Fd&>d`UDQ)$3pli1e^Y0B2_ifNqK` zSCd0wCwCEbLd!hOQ2UBP_^;#&=8dX?^$VaC=_+?MD#D` z3`Pa6^YK@A6u18NoRVkG))Z?+fjo0%wprQH0LQjSsSKjQrQJ(+Q0`Z35(>CL67@U; z%?M?d*){M0HcB&T01<|=mzq^kp*DxMdFr-ryjMG|!VPDd!e?Q+9%j4bn)kz7=XYWO zV3p^kIn1OED8wFn_opKO<2VV{D_(IF0@!X!mhFEyXK^>9`o3lG7mn6utb}sYQc0E7#5EBL7;h~xJi+FEau;21J2eixd;RnBz z-PTtO(!pSnhgmlZ41TYNtqOR)%)TJ2zEQIMu#qbDa!m6(qOUDGmz%oo`gxIrQJDd$$-RJpr5ar0iy1 zc=Oe^@}6waDbhF}ph#)<=+Ws^jZ!1^iuyn<4Pf_H&KU38b!(H4M}yMO+j+2hs?K)> ze#kMS=1W14E7lqHABl7`L5c`I5F%q)A7^Yi|LruX_U7>eDn9n=zt0AYV;{}9lJ3Dc zV9)*!=G^gvD)LsgZ=mjZ&WqEaf(+UDlJ4{f$<($oUlh%TBAD(0JqI$1)@?C{V>;8L zl$Cit|Js}*iLeACc@0lZ&@lx0@Jj)5Hj#ZAMJTf|1zmEQ<3XD%qzM4O%y<5ywc79) zg!rUV)w5$*-4^GpHja9;o92#{n6P`ye|DRzN(4Q;lHnDUzUlWK)rS%KzWh7E?L>9S zXBOmUA96-?b|%QX)EP;xy&)D2*T?8S_@Azqpj%17J@jSL_Zs#S_>I9>L^|l<2FK)+ zNS2MePX%;hbvO(uClf&fy3ytc{b$~b1^#1hP}>yKrm%?7)qlfe(?QD6s-sxgykGl6 zSE`!nC?3<)6naj>^T(gDfD`+{s^bwI!tgQd*?S17ee_e-pb1^U1sv-Gq7Am#LA87x zr)i(ueqX#uJW)1y-AvYFt;$k-w&EF9`@>CoNo_&$a!(Z?J-+lG+^!FRdD|uiF@K|NL&3%Mx+3 zt86>5muJ!t#OomSbXc_n^0~gtHI24x^oanRO1Ow+PPH$cJx1v2&*+<$Q{CxEgSt#j z>|fh(o&On`1a6p`i?S1+v6;@b>Kwu+$Pc{dCRrB`pSv<-6C^#h0LXKB{{}J10ahyH zerBa((HZ|geXJH?H(Uulo`e6Q#AMRYH0UdttM7O9OWEptxfS~+%e9yN0fk=}zW{Zw zkJL&3fzlT8u<{{D7p{a9eSqjcVi6T#RH#+`!&rv9%k)x`Rzx8=$nehHujXZJ)}NBV+>aWCk40R>Hd zqC$U3Jevanry-%vAxNXd5WRx!S(0;*>C&VBWDOE<08z{HL^*q;%e=ccML5;RQvY|P znSzD-9c00YEgkwn?zW<}4Al6ZWQL$41g)DB5%p`G7t zU7K1rFLmeJo=iT+{=}J3QUmr|JIcudJCB^sxONcIrVlcZ)5@(9LgNh@?|R@kUEWeP z7())Z5d7_F{e%V2kNpdtH5#^VA8ghygR^?MIn^Lgqi?^+7zp=0ed79Zf9oGMDyWA6 zeipN>*xRjK-i~Kx5CaqelZ+u~ux6STks^DhA|&u1UbmV!(~|a{?<`570u5!?4ZsPU zK3-eKuy94cF-JannD+vVw@4@1Upv>?A-N&iv-9BJM#)4zOUt)vrZmbPu8RV)ZsAD+ zITZQ~XwKtHmyJTNaJ|EP3y~((eJg#dQ77|)B7YdZ&1?^X!mZ3(nywvU^&h2-cHUNe zwe*zEoAmcbAgFBd(W}3u4*i4 zIEA_4Y4ePj0MC>8^7yy$7e|!WpEx1V@x_7M$`|@)-ePq(i#sw;Bi*2r3Xl>n`^zDu zVNWiK5yRMYXGlHa@5Mq!?pm$aMkzTZ76NOs1{wknLcZO5w-PZi^dRAHqJGr3&#zL) z+dn;vXr4BMSlZLdZjW7GwjHqujzI7QNks-a`uUSsj^VHV6$y_Qv*xPdY1bDGaz_a) z=z2e{3-{4yNSA--D!ZsTT56TjtX?8($3_zzRh#p);Xbi=Rmpkn-Jk%sa!687u4Zxq zzk^%+Rr(<}38-`GrNF$lnIeJeo=TH31CjE`W%uleeD@iauwYOo03qz;LKoBIBCk}k zIhj1ph7k+(@8>}|FwlzWv0y^^<6u4KCc08WTWkTVYwKq#7hv04f_jR=)!fKXOJM5` zBF&WmkG9K?>|`ig24QCU@@|SjvLe)!zv!AT6YDUkCqt*^!Zpbzu*9y5pE)7yLVwxd zoxJrHbL%`R8xY>8dI-_$&;g}QSO_yFZR|v*D6hwBl+Q!JhA_V0d+jPmL;gu zBG$6L+>&6WER?8TjXgOm7ZZ9*jI*TD2ikkOGmLeCx z=&>$-F4d&|+(>ag$77Srf{{ZHbmPVXOj-_zNh&LYEeop2Ae@*a-qRN`8!p9E_q(vR z+bw(f(v#@Xk0QYqCd+64tX|NB$WySwRgMG)<;*C6p6LD3J8%Sl?aiV(sbO~PHBSS- zV8nt2tDtVn8NG!I^Tc~&tIy};F~fIqwV9S?&vh`%eQw6Q$}|=zVM}Sey}7B$)?Sya z_jEF6l-5B}J!Z!RBD{$h>_YfKcq~ePO4Yy)FT6IL80DTN8La!TMRMt_u%&Yft8ML3 zX)-q`8A0502w&*q<};agK?{=z8;!X$jFEQ#Nv`XI3s!+X+A}*FKwjRCE8)vuisojL)}M{#Jw@q zzRc78d}F9p{<6hS5r{7ux{*y*5{@~KDxFacCTuf ztJvaoSCV1}YX;)c%foD@>osF%h-02>OlUsT^y9O)=<;9CdgMWMB?GPt`T1t(zQDk` z5C85GVboH%(A_pdp?0Se(pXj&p##L#)A*m^D~E+??s9SU+1-vC zqh^gtzSO19fX|*1f8ipLs%4B=D*pL?=|as@nt{F&Cw7ghH-W2_JUul$eNLyEL?e50 zats^#uuC}8n=gq4h7Cb|pw})M)P`Ato?|@oB*vHsnKrhDq7}^xQNP5?3ejS_a&Pnp zjZW&udd+3smPHCK!}^-*9$8T z0I_3~+r7W*%Gh7D1a<3Fl=O2w00dW{HvU)SjUy8n9g zfvOcmqny0ginTtY4gunm=^4IGpdpM}+}lRPM?;420XOLiDobJFnjR!9!ei;jB6@7Y zrp9dk#Zt3b{@?73-Rt-60NkHrEMEKZVo z(sg;rY1TH0At2utomUaF@ z+e+M+OzG8OLx&A9`1B7NW@aq2uGKS9v`6`#Y0whHS=I=g0jTKVtiQzgd=QWuL;m8Q z)itcVMGq{ko}O@YQ=6_m>z@r=AeZwY(#~|RNuLG}*0$bB0h_GfV|;MQS!4)p3N>5o zsBtA8&Hr%U!fa!Wuu)Vw|ETdyg!heCqs%Sl=&*cqJm`&^H9yjz2qBaXDS1!7xYogH8Y6Uu}Q`hE? zXBwCNW3f`0Z_`-bYt7hYd&0~! z$@_o1kZ5(o&n_i`rssUHE*p2vsZ!60$6xeXI-LN8mBrf1;i|9#!>Q32@w#<7w++0X z;u1RL0XP2j0e?U_)T=L_6~(YV*d6PKYRI=dX4PK+h)k^wz)k-K@RM5px?{a&1eUiV zl5O?#n2!e*)G=YEL-7K=RW6^>v_R8nW`SNep_%F2;?T01vueH%GG&WR+h`r{ijpz{ z4uvOeXqAfdcr_hdV);zyVTX?&CCwJ@dy_)|{SH&7v4(C{DDec}?8trf;s&kzLG<#C zZ;5`0>d^f!HT(-R&6BBzZhDgthS0u_UHx)0==ukHUyZ^VDp&ks}SwiH+@kBspCpp{(rK zS-X*rN`*tj2QPhb;VxXz>6Krl&_`d!hrLPsy8H8hr{uM}gn36AFR8V+pqwfN0CFTUo?w@Qj<{riBo5DU2#3Yv0K zHP3_i^=5btNm6bex1@|l3g!p#QYylr#n1W$W--S&vWay$r5XmR^jh~gSj!DC*^AlZ zCilho+6&FgqhdmkBE3$~{cW4^B44M#yAe3tIbnOe09oNNfx( zW>gX>T|O$;Ii=x55YzF9h`qkHcSfaa0mE!J7Bce?by(p3{2Gzxg!0^NP8B~EERcuZ zP?>$0JDnbXKn;uCQ?hzgu~tH>3**9!H@2qv7SfDsTrCM1U9D7*Z*iw@(?y;lzXT01nus=LS^ zW}0UgliY*+jv08wZK)ycTkrW|Q>{8zi?=MkySes0ZN0zlfm;8=m5<-dGh5&(p!T5M zS+^In%fiw@`C-LYK?l)=!Dq49p?fW_op08N_cKjnD{vkgdYbl^`kbCX?)*YAF%J|a z7L+c15tkk*dZr)pk60OK$&7W!U=yzWGOWsZ4RJ!iw3^6f_VIIvO=WsW^oD)v>?Gk_ z*iobu_n9pJu~GugzKJN{182K6@4J+5(UIWWJ)b9N(b`lHs=J^S1z_&;!OkRn!9s-7 z;JH4h6Zq^;shNhC>$?Sph|^k2uPdK`tLiGz!MQ(7SfXn$J=^z;E(bN_L|tOvo0HiC z6z%2@3VSLqzgV7gPN>m(Qjei{fS_1>Ccd)32enHE;o`=<^vr{{v0g;idPN*e zItzW#kL8+z@ zdf5;kDd4ZZw7_R8WpufTHZ7n3Lx(v|XK1_Z996EBTF&dx5zYK2Y_-Kh#IC_O${~aK ztnY{QvKSGz<)v7J<8{B`6PEoCj2^y$MD&&Kg~z8W_RtG#P?ZZA(jYHk8`@SPl853& z1r}vpy;)a8T?TPBBzk^NXQOK6nVwuj=l*QY-np8HB+j2m_I(?M;3 z2#J zi%r>2xptq1yZh(L$$$INJ|Jk>wPHYfe?>RUeeS;0_w~t7QvB8SZ{5?998k*r1J@;D zEd|3x+}?;V%36x&Ws%wTZ}^n0+>e>;j4EyOS~-4&RV+U*w;1VQIo%)c>n6NGi_ZZl zP(vax8fu z^qQ`7V~X2~R&{!5&HPzPDXPwqe!2vylOuw_g{o>#Y+LFtt6ccZW+xcs))yu$-UO1d zLuGFUgX5jz76zY2>f8((lVY=XebT-Vu>ox4pP;lCyV%>F8M9*e53r;bKMk@+B`@3_ zdlXZ1&;PKm)5G~F^P9`m<&hIZ@0~47Sx|tfV9_mIqeTwkJ=y?SRGWKvq4R*e--52F zJgD%@PhWEFPPC?{UHbXPo-H};w*QE>JFoHpu%R3!$hgJT6O+KrZt-PrB3Cp|_os|& z>hw$xSZ>f#hQFF`-=%y4(K#qxy*-{{zTcWH;Nur2|FJFz|x)Rzd1Zalm@>$Q$h ze^wA|q~m3mB=U0QU2GTb#gCNzYi%z)CEqKAk>ZAW0ec?d2_;K1tKmUfd|llTz6&p9 zaPkwv;Y8x#>bvgP(3j$zH+=Q(G`#67v&Yl+5ESs2lta)%@eA^o3h_lky6yup#JZNT z7OB-)3DnSix3850O0H}zP715F?=xS3rC43;di^B+!u-|0v{~!=BIWcGvJVK;^|4KV z*bFd!*=u-EcBwx}bgzij#+R(YoM$~iv3+N2_*|U<=*9~!9q*2Pi>8y~0dLh$SieXk zdM&uRk)V|)xxBpUWUAZpRVS5f7;MirITt@iOT0GO^R6k=*qwb|5=Q*%al};Y@fOLA zu}rmUXO?9p?r6fqeNf9r7UWA#5AC~qros_Kl?DCUIO%cZ!O}*PL+P*XcnbKuzI68T zTz|;X$|GuLPvsUC#u(hkTSYP}Pq8M8P<7rGo8HQ$?gY_oimNpqzU%JjqY-54bT$027FZcV1DZrTR?MyHn1wnY@$+ zA^lD6YgopCR`%^cG?cA}0HYamG5O%HU-X(^9tX=Hx6*d!?ynRE_cP;Ru*(P z5yaNr{lrVRurM4RG~=5<16VbLL78rC{d?!>9As(}0VvY|jjDazW(RNtWpOt%o3^?j z{ypX$LT40S0YWVWIfnIdacFRs((mK@E+uoH4pd22L4SO&D6&bG4GppEKSaa+fW3|~i5Xlv>Tj5q!SHE^786fmb2LwBGx!e`rcSB^fT}!=ZKg4t& z;kC|NOL+)Vqj2So&mh$X7>Xh)3%#T4r`j%nz~&P?9@xs_2CTwA*a|YqMH2Ad;K{=$ zxm5Cu6G}~5njD1k(3J?(JmC>OhBc zZir}J|DG-1mn&$5d7!4Pr_wT!n4e$H>Tb~HJp0uFI3BP4iE)R#>#2ekUS=V6p0J_=%xfAl47=ME_2ZuE3# z&l;edq4PtDiwr%Oay3#bK)}lX64CE#NI(gIx;w2!#j-ZUwTEY|iW)A+IacFQ#*3Az zxuY2~r{wHcRS3;*{KEfUzofj}mm$u*u5-pMO%dVCSC*6s*Qk8ytHTTh5@;9@IQJ;6 z9-R>Hn)?@1Foq&_xsbzK?H~T5Z+7wH82%H8Gvc%FLxrV@QMe3sQmo&#YT8~^1`J$- zkZMugkr~n#<1TFFnuW<6ltv788d(;u_l4iXC*^hAhp!53WHD!!YlK%OEVQ6%Q&f_T zvb8_SG%#CwJUMHh__JAjCKn`ZohaLvkw*BwL7qoFYU#R$;!bYYeq@z1j+hQ0V*$vr zOT@BIJ5P@Gd-Gp3{@<&wv@gfQ>6vX^vKQot)EBUKB!PjBkMJlxU07tYocKbjFJ6~| z*sW#fgPdT&I*m<=JRVj6Jx@7Z)~hr`258eX^Uah$a&|uLQ$AKxx@7gRL2dPsppgWA z5=HPrO(QYheLVxNhWZ3{0*z}IemvIS&R?JlHI;!v7kWnuNhCx@t~|vT8B195-Id@g zj2rjMW~-4FFQLJrT?Zp=X6E7+h$(o48Oq7JdVEf&O#3Q-57HyWrL)$h|IJL^#@ee` ztnKV@TMc`Tc}97E*~XkWc`$Zq+FvS212n9a+kh&L-IlPTd{9yr>iaq!9~?z&_HWWH z8^FRnJd_E1gs)NVdHm(;O5Qsi-GEGP=Lt9pfEnm{)j_N;8Zoeje<#D9b=A7$adCtF z@PI$^^#``xNQ_kxu&gz_)DmZuOe-&O7GyPrBMW_cXj{sAK@3qU z{EAHp7O|m&G*8D)zn9HWK|Y=Uje@n}Be*bwT2?utqh)5SE!P?r*S0=x- zkNMW=;KC2}x!Xk1LeyfKhi<=P?8(ptu@#`xFy zz0|k<0-=`KNAgc+uso!G(RWA?7jcv3n?Cy~YhEqnTr=tosaq=(vozpgTq$!%r1Zcn z2qgAKe-SNYvSt^kPEk!AWmDF3#`mGz_Y~-SI4*DUIK9P$ATf%|m0|bjEk)~7A{+^` zRLxAn=6zUws{)Twau7;6)xT46>FXhGt&Ft%D@6N~Lo{po_pDbMBgn;||8=F`Dp{aA z<$-wtzhexNPj^+y{JSrT>W3yye-XU?V6#y$v8Z0e68G3&k~Bz12B;k?s2Bk;fEc4A z|Dp*3a+}TTt7D4glOKB1X*HVa!3PqnK7LfI`KDP@i}6Ma<|b^WENpbMh%=zF0kCMn z5g*pqJlM5jUwZIzO%@Ee+p+hAUn3qMuS{i5TYFoh!r{e;?9yqFlCoO8Ny6>h$f=2P z{00iQr}CVs@qNyeJmsQ+(F@Mrxs+$+tOdC?|$XJw)i7@k6opX5@^r~UQnP9opR%zE#+Bzbh zTd9E@?$NWTnwM($+2S#(0f@S?#AOD|q}FDi@y_$rBQlD88ZzrDzVw7sefwU}|47OO z;g@htSTP(wx)ty2n-u>1ti@~3OEjT;$ykp);ZtkPT|Fn_i;9#t zK`l!&ce%$;3*~|C+3E}_YMG{5r5k$|GKe!=!N8n_P!q?*o#RV}Xx^-tSU^1penbX4 zBXCg*xSyv6@dC=TB{r3}2&+Gvuo|7=EW+lUIRZ=l-`RYime)c1KE);qnSUQy!@e94 zsZEfNvH+*DfLrEx;AY6C;+eh$u3QSveyKZKZr$k(IKG_`xrtUA7w1BOLLF@im-Cv+ z8SoHv>vXDZUFW)BQJf^hF5cfS*c%dYl6Zw@(zdyQPaP%*XwI1QV zRs}Yh0HW^+g^IotU1c9l`{3VKEhDF_tX*Rxdn9M1|5wv z^NHu$ZgSRI1?~}tnOBX&OLYV`!i7c-1TQs`j5T_4TXI1c@;;db$tRfA*VTA+f?s0u zp7;v8i+!iO#miNYlBy|ApkryLDk45A>_iXqNiO4w_VYNonj5LPTCC~Cc^hS9%wB#4 zd+xt3#5;7#=%XA62H0lt4&5a-W=9?=U8|S+#=A)M1nG@^^27u-zTXaS%{k zc622?E5O3#m_%{#=|DAY0$UB!K5WqgSjHNE+0V2!!xraJ$sqUD*Q8~}s3QL#W>J!p zC3UpwpdV=dL@QueOet8(!kJZi<1~0M@uiuz2zhqr;j+h={Py8EBjiGJ7am8RX*auZ z{Kap)>PKxrd6_@l_03}#RQKTB2z2A8E#02^GTIKvFw$Nk zyt~pJKRlxs>kqdg7gV_Hk(Nc^oV2oQhMmR`oklLCq6wTvc~>#~>VRAEqsctWD2gZI zmG|mhtW}cNh@}g<8fELFvM%~FEC@bRojVA5f3bOWmoArk*8PRo!{5X&pqBEaeHb+# zw(9Wg;SS}3p|)K|jv9z$bbx&+)DoR1Y; z?l*BOMaalIeLT^>`hzBSw9;O2@+-oS%t&K0<&Y7q=t!q8D1l{jHAt2 zv}up^zuLS`UN*+DM*WbQkF`ZQ4& zQVZybDs4R{LrjgQx0BaT5Q`mm|4Xz#WL!UgWqb;49A%yo>xQ{MBe!QwUFjjK7ofjQ z`yP?#wxT^DNtKFP)Dc724b-eIN^QU&qyd=3WH%OzMgO0w&Oe&TJ&xmxR5uriaw@jU zxt&`?;t=8?gq!JH6k5imdx-q5`ThIUbt)cL-AHDUA5o_HF+XOsO1sjCX{*gFi8X8^ zX70vzpP}yU-{Wa*Op9HDurftq7B!M` zVkB6v97ND&5i2Tt-KWyAXA<@j~u2$>e}Y*g*NamjMCg4_kbUAr$|C(D7`}@ zCvUniBgSL6qAYD}SIT&vb+ssdD%u5}vFyG$OurRLW3>q1@o>1Y$qrfNRlUG;Pjjf% zl|WY2IS>dY35fTQ*yU0U{Ua7Ll4I1oJrOcte5Re9IEmEe8z>u5KLX4OrFA#`3RO-| zq$H*6DJ$(1gginYucMhDOBdQAS7XkTv=t&Svsr)Ws!igbK!wP7i6h}!0xNR%P%wo;pvs>wAqG4?>3Y?AfOG-hH(D3B)1{C8HLp!Iw zubpjAtP`_Eojt7Ph$tnF%2IIJOi_W7rOU;kzRY5oaJY{2<}61#sNYJt*Eu(-PuGHr z`RwN`?E7anI1X!gXLOMoqdrxtSvqx*UG74#JQ&?pDSBJmuLYzJ{646)<6;1iTdARC ze;KSjf7ocr3o?3{g z&;^VR&Ovz;JpncGrUkV*f;r|x;!jRP&}`G&jM$#*6PQ@sJSQo=x2gme481G;7Vx@= z#nPhsmAf@8Yc#4^K2d~A0ek2~pt^)arM%}g(@lyjOax?V7?j&2A$UVc505s_QxO?4 zU^$*gj0cvg;*DmhP~GywDx}4PFGhTPeLt6dQgd)hlm8$I(Z<_|wUug{(Yh6K+oEVl z7Z%1Ik(RMJ$+OO2xjLD5?So)FJl_C2?5doXp$z*&J6{BHe#1BF9v40_e0|OD z@j`KK&Fdp)2&<-Or~`hc{$z93?X4G5GfTWQ4t=kxyRcm7Bx0O};soit8Q{OxKOCdNcjXzcu{}ssawf7!^B8F>&623TQ+W$|! z-IfE%r$4$~Pyz>z`ezcqb!hF%7?Y8qJFt3@7w&VoyS{~j6OeqW8|=LvO5Cz>>yz~v z0I|@*NB9~%R=HCpCs(N(8|y;5dgl0`_rF8%cihK7Ns|1h3RM_Pp}_SrCSfqxCS`$9 Yg#`ih{hUqwCFlvv-Nn-xe Date: Fri, 13 Mar 2026 11:40:34 -0500 Subject: [PATCH 2/2] Update blog copy --- content/en/post/2026-03-17-acme-renewal-information-ari.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/en/post/2026-03-17-acme-renewal-information-ari.md b/content/en/post/2026-03-17-acme-renewal-information-ari.md index 767d3632d..2fa909239 100644 --- a/content/en/post/2026-03-17-acme-renewal-information-ari.md +++ b/content/en/post/2026-03-17-acme-renewal-information-ari.md @@ -38,7 +38,7 @@ GET /renewal-info/ACME_KEY_IDENTIFIER } ``` -Shopify's certificate management system uses the [acme-client](https://github.com/unixcharles/acme-client) Ruby gem originally authored by another Shopify employee. Despite Let's Encrypt enabling support for ARI in their official software, the Ruby gem did not yet support this feature. Rather than building a custom solution, we decided to enable support for the ARI extension directly in the client. +Shopify's certificate management system uses the [acme-client](https://github.com/unixcharles/acme-client) Ruby gem originally authored by another Shopify employee. A growing number of ACME clients, including [certbot](https://certbot.eff.org/), have enabled support for ARI, but the Ruby gem did not yet support this feature. Rather than building a custom solution, we decided to enable support for the ARI extension directly in the client. Let's Encrypt's [guide to integrating ARI](/2024/04/25/guide-to-integrating-ari-into-existing-acme-clients) provided the necessary roadmap, and the implementation was completed with [one PR](https://github.com/unixcharles/acme-client/pull/257). This contribution means that not only Shopify, but also the wider Ruby community, can benefit from the ARI extension.