How to whitelist CVE for image from private registry

[Doqnach]

Using gitlab CI:

#.gitlab-ci.yml

include:
  - template: Security/Container-Scanning.gitlab-ci.yml

container_scanning:
  before_script:
    - echo ${CI_JOB_TOKEN} | docker login -u gitlab-ci-token --password-stdin ${CI_REGISTRY}
    - |
      apk add --no-cache curl gettext \
      && curl --silent --request GET --header "PRIVATE-TOKEN: ${PRIVATE_TOKEN}" \
          "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/repository/files/clair-whitelist%2Eyml/raw?ref=${CI_COMMIT_SHA}" \
        | envsubst > clair-whitelist.yml

Given the whitelist YML (see https://docs.gitlab.com/ee/ci/variables/ for the variables):

#clair-whitelist.yml
generalwhitelist:
  CVE-2019-1543: openssl
images:
  "${CI_REGISTRY_IMAGE}/${CI_COMMIT_REF_SLUG}:${CI_COMMIT_SHA}":
    CVE-2019-1543: openssl
  "${CI_REGISTRY_IMAGE}/${CI_COMMIT_REF_SLUG}":
    # older openssl from php7.3.2
    CVE-2019-1543: openssl

git.example.com:1234/foo/bar/php/php7.3.2-cli-composer/master: 439df815cff2003e1455f9e08eeaeeb75fc64114

[ERRO] ▶ Image [git.example.com:1234/foo/bar/php/php7.3.2-cli-composer/master: 439df815cff2003e1455f9e08eeaeeb75fc64114] contains 1 unapproved vulnerabilities

Only the entry under the generalwhitelist will be used. If I remove the generalwhitelist section the error will happen.

What would the notation be for images from a private registry?