Provided by: sigstore-go_0.7.1-2_amd64 
NAME
sigstore-go-verification - Sigstore verification tool
DESCRIPTION
Usage of /build/sigstore-go-ScqjsI/sigstore-go-0.7.1/debian/tmp/usr/bin/sigstore-go-verification:
-artifact string
Path to artifact to verify
-artifact-digest string
Hex-encoded digest of artifact to verify
-artifact-digest-algorithm string
Digest algorithm (default "sha256")
-expectedIssuer string
The expected OIDC issuer for the signing certificate
-expectedIssuerRegex string
The expected OIDC issuer for the signing certificate
-expectedSAN string
The expected identity in the signing certificate's SAN extension
-expectedSANRegex string
The expected identity in the signing certificate's SAN extension
-minBundleVersion string
Minimum acceptable bundle version (e.g. '0.1')
-publicKey string
Path to trusted public key
-requireCTlog
Require Certificate Transparency log entry (default true)
-requireTimestamp
Require either an RFC3161 signed timestamp or log entry integrated timestamp (default true)
-requireTlog
Require Artifact Transparency log entry (Rekor) (default true)
-trustedrootJSONpath string
Path to trustedroot JSON file (default "../trusted-root-public-good.json")
-tufRootURL string
URL of TUF root containing trusted root JSON file
-tufTrustedRoot string
Path to the trusted TUF root.json to bootstrap trust in the remote TUF repository
sigstore-go-verification 0.7.1-2 April 2025 SIGSTORE-GO-VERIFICATION(1)