diff --git a/CHANGELOG.md b/CHANGELOG.md
index 29b968d3..ed428896 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -38,11 +38,17 @@ Forge ChangeLog
     DER parsing may need to adapt to this new behavior and optional flag.
 - [rsa] Add and use a validator to check for proper structure of parsed ASN.1
   `RSASSA-PKCS-v1_5` `DigestInfo` data. Additionally check that the hash
-  algorithm identifier is a known value. An invalid `DigestInfo` or algorithm
-  identifier will now cause an error to be thrown.
+  algorithm identifier is a known value from RFC 8017
+  `PKCS1-v1-5DigestAlgorithms`. An invalid `DigestInfo` or algorithm identifier
+  will now cause an error to be thrown.
 
 ### Added
-- [oid] Added `1.2.840.113549.2.2` / `md2` for hash algorithm checking.
+- [oid] Added missing RFC 8017 PKCS1-v1-5DigestAlgorithms algorithm
+  identifiers:
+  - `1.2.840.113549.2.2` / `md2`
+  - `2.16.840.1.101.3.4.2.4` / `sha224`
+  - `2.16.840.1.101.3.4.2.5` / `sha512-224`
+  - `2.16.840.1.101.3.4.2.6` / `sha512-256`
 
 ## 1.2.1 - 2022-01-11
 
diff --git a/lib/oids.js b/lib/oids.js
index 5483d72c..d1504eb1 100644
--- a/lib/oids.js
+++ b/lib/oids.js
@@ -47,6 +47,9 @@ _IN('1.3.14.3.2.29', 'sha1WithRSASignature');
 _IN('2.16.840.1.101.3.4.2.1', 'sha256');
 _IN('2.16.840.1.101.3.4.2.2', 'sha384');
 _IN('2.16.840.1.101.3.4.2.3', 'sha512');
+_IN('2.16.840.1.101.3.4.2.4', 'sha224');
+_IN('2.16.840.1.101.3.4.2.5', 'sha512-224');
+_IN('2.16.840.1.101.3.4.2.6', 'sha512-256');
 _IN('1.2.840.113549.2.2', 'md2');
 _IN('1.2.840.113549.2.5', 'md5');
 
diff --git a/lib/rsa.js b/lib/rsa.js
index 48a4bd26..f3b32021 100644
--- a/lib/rsa.js
+++ b/lib/rsa.js
@@ -1169,14 +1169,18 @@ pki.setRsaPublicKey = pki.rsa.setPublicKey = function(n, e) {
             throw error;
           }
           // check hash algorithm identifier
+          // see PKCS1-v1-5DigestAlgorithms in RFC 8017
           // FIXME: add support to vaidator for strict value choices
           var oid = asn1.derToOid(capture.algorithmIdentifier);
           if(!(oid === forge.oids.md2 ||
             oid === forge.oids.md5 ||
             oid === forge.oids.sha1 ||
+            oid === forge.oids.sha224 ||
             oid === forge.oids.sha256 ||
             oid === forge.oids.sha384 ||
-            oid === forge.oids.sha512)) {
+            oid === forge.oids.sha512 ||
+            oid === forge.oids['sha512-224'] ||
+            oid === forge.oids['sha512-256'])) {
             var error = new Error(
               'Unknown RSASSA-PKCS1-v1_5 DigestAlgorithm identifier.');
             error.oid = oid;