This page was not yet optimized for use on mobile devices.

Juniper Networks MX2010 and MX2020 3D Universal Edge Routers with REMX2K-X8-64G and RE-MX2000-1800X4-S Routing Engines, MPC9E with MIC-MACSEC-MRATE

Certificate #4387

Webpage information

Status	active
Validation dates	07.12.2022
Sunset date	21-09-2026
Standard	FIPS 140-2
Security level	1
Type	Hardware
Embodiment	Multi-Chip Stand Alone
Caveat	When operated in FIPS mode, installed, initialized and configured as specified in Section 1.2 and 6 of the Security Policy
Exceptions	Roles, Services, and Authentication: Level 3 Design Assurance: Level 3 Mitigation of Other Attacks: N/A
Description	The MX series provides dedicated high-performance processing for flows and sessions and integrates advanced security capabilities that protect the network infrastructure as well as user data.
Version (Hardware)	MX2010 and MX2020 with components identified in Security Policy Table 1
Version (Firmware)	Junos OS 20.3X75
Vendor	Juniper Networks, Inc.
References	This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.

Certificate

Webpage

Security policy

Security target PDF TXT

Symmetric Algorithms

AES, AES128, AES256, CAST, Blowfish, HMAC, HMAC-SHA-256, HMAC-SHA-224, HMAC-SHA-512, CMAC

Asymmetric Algorithms

RSA 2048, ECDH, ECDSA, ECC, DH, Diffie-Hellman, DSA

Hash functions

SHA-1, SHA-256, SHA-512, SHA-224, SHA-384, MD5

Schemes

Key Exchange, Key Agreement

Protocols

SSH, SSHv2

Randomness

DRBG

Libraries

OpenSSL

Elliptic Curves

P-256, P-384, P-521

Block cipher modes

ECB, CBC, CTR, GCM

Security level

Level 1, level 1

Standards

FIPS 140-2, FIPS140-2, FIPS PUB 140-2, SP 800-135, SP 800-90A, SP 800-38D, SP 800-35F, SP 800-108, SP 800-90B, X.509

File metadata

Subject	FIPS 140-2 Security Policy Template
Author	Jennifer Brady
Creation date	D:20221013145148+05'30'
Modification date	D:20221013145148+05'30'
Pages	32
Creator	Microsoft® Word for Microsoft 365
Producer	Microsoft® Word for Microsoft 365

Heuristics

Automated inference - use with caution

All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.

CPE matches

References

No references are available for this certificate.

Updates Feed

16.02.2026

The certificate data changed.
Certificate changed

The computed heuristics were updated.

The cpe_matches property was updated, with the {'_type': 'Set', 'elements': ['cpe:2.3:h:juniper:mpc9e:-:*:*:*:*:*:*:*']} values added.
15.12.2025

The certificate data changed.
Certificate changed

The state was updated.

The following values were inserted: {'policy_json_hash': None}.

The following properties were deleted: ['policy_convert_garbage'].
08.09.2025

The certificate data changed.
Certificate changed

The web extraction data was updated.

The validation_history property was updated.
04.04.2025

The certificate data changed.
Certificate changed

The PDF extraction data was updated.

The keywords property was updated, with the {'crypto_protocol': {'__update__': {'SSH': {'__insert__': {'SSHv2': 2}}}}} data.
09.02.2023

The certificate data changed.
Certificate changed

The cert_id was updated.

The new value is 4387.

The web extraction data was updated.

The following values were inserted: {'validation_history': [{'_type': 'sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry', 'date': '2022-12-07', 'validation_type': 'Initial', 'lab': 'ACUMEN SECURITY, LLC'}], 'vendor_url': 'http://www.juniper.net', 'certificate_pdf_url': 'https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/December 2022_030123_0646_signed.pdf', 'hw_versions': 'MX2010 and MX2020 with components identified in Security Policy Table 1', 'fw_versions': 'Junos OS 20.3X75'}.

The standard property was set to FIPS 140-2.

The status property was set to active.

The level property was set to 1.

The embodiment property was set to Multi-Chip Stand Alone.

The tested_conf property was set to None.

The following properties were deleted: ['date_validation', 'algorithms', 'vendor_www', 'lab', 'lab_nvlap', 'security_policy_www', 'certificate_www', 'hw_version', 'fw_version', 'product_url'].

The PDF extraction data was updated.

The following values were inserted: {'policy_metadata': {'pdf_file_size_bytes': 1033406, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 32, '/Author': 'Jennifer Brady', '/Subject': 'FIPS 140-2 Security Policy Template', '/Creator': 'Microsoft® Word for Microsoft 365', '/CreationDate': "D:20221013145148+05'30'", '/ModDate': "D:20221013145148+05'30'", '/Producer': 'Microsoft® Word for Microsoft 365', 'pdf_hyperlinks': {'_type': 'Set', 'elements': ['https://www.juniper.net/support/downloads/junos.html', 'https://www.juniper.net/content/dam/www/assets/datasheets/us/en/routers/mx2000-universal-routing-platforms-datasheet.pdf', 'http://www.juniper.net/']}}}.

The following properties were deleted: ['cert_id', 'algorithms', 'clean_cert_ids', 'st_metadata'].

The computed heuristics were updated.

The following values were inserted: {'policy_prunned_references': {'_type': 'Set', 'elements': []}, 'module_prunned_references': {'_type': 'Set', 'elements': []}, 'policy_processed_references': {'_type': 'sec_certs.sample.certificate.References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': None, 'indirectly_referencing': None}, 'module_processed_references': {'_type': 'sec_certs.sample.certificate.References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': None, 'indirectly_referencing': None}, 'direct_transitive_cves': None, 'indirect_transitive_cves': None}.

The algorithms property was set to {'_type': 'Set', 'elements': ['AES#A2285', 'DRBG#A2287', 'SHS#A2284', 'AES#A2286', 'DRBG#A2283', 'KBKDF#A2285', 'CVL#A2286', 'RSA#A2286', 'SHS#A2283', 'HMAC#A2283', 'SHS#A2286', 'DRBG#A2286', 'SHS#A2287', 'ECDSA#A2286', 'HMAC#A2286', 'HMAC#A2287', 'KTS#A2286', 'HMAC#A2284', 'AES#4545', 'KAS-SSC#A2286']}.

The following properties were deleted: ['keywords', 'unmatched_algs', 'clean_cert_ids', 'st_references', 'web_references'].

The state was updated.

The following values were inserted: {'module_download_ok': True, 'policy_download_ok': True, 'policy_convert_garbage': False, 'policy_convert_ok': True, 'module_extract_ok': True, 'policy_extract_ok': True, 'policy_pdf_hash': '83bbf8d8f0870a989bf20c0aacb8aebefadb50386a56f6ff18bb2892efad5780', 'policy_txt_hash': '2249823deeda31142e67e91c70acd349086644c37965be0c590ad6b9d0d69000'}.

The following properties were deleted: ['sp_path', 'html_path', 'tables_done', 'file_status', 'txt_state'].
08.12.2022

The certificate was first processed.

Raw data

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 4387,
  "dgst": "9430301e26927415",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "DRBG#A2286",
        "RSA#A2286",
        "AES#A2286",
        "KTS#A2286",
        "HMAC#A2283",
        "SHS#A2284",
        "HMAC#A2286",
        "AES#A2285",
        "SHS#A2287",
        "ECDSA#A2286",
        "AES#4545",
        "CVL#A2286",
        "SHS#A2286",
        "HMAC#A2284",
        "SHS#A2283",
        "HMAC#A2287",
        "DRBG#A2283",
        "DRBG#A2287",
        "KBKDF#A2285",
        "KAS-SSC#A2286"
      ]
    },
    "cpe_matches": {
      "_type": "Set",
      "elements": [
        "cpe:2.3:h:juniper:mpc9e:-:*:*:*:*:*:*:*",
        "cpe:2.3:h:juniper:mx2010:-:*:*:*:*:*:*:*",
        "cpe:2.3:h:juniper:mx2020:-:*:*:*:*:*:*:*"
      ]
    },
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "20.3"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECC": {
            "ECC": 2
          },
          "ECDH": {
            "ECDH": 9
          },
          "ECDSA": {
            "ECDSA": 18
          }
        },
        "FF": {
          "DH": {
            "DH": 3,
            "Diffie-Hellman": 7
          },
          "DSA": {
            "DSA": 2
          }
        },
        "RSA": {
          "RSA 2048": 7
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 4
        },
        "CTR": {
          "CTR": 3
        },
        "ECB": {
          "ECB": 2
        },
        "GCM": {
          "GCM": 4
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {
        "OpenSSL": {
          "OpenSSL": 4
        }
      },
      "crypto_protocol": {
        "SSH": {
          "SSH": 42,
          "SSHv2": 2
        }
      },
      "crypto_scheme": {
        "KA": {
          "Key Agreement": 3
        },
        "KEX": {
          "Key Exchange": 1
        }
      },
      "device_model": {},
      "ecc_curve": {
        "NIST": {
          "P-256": 26,
          "P-384": 10,
          "P-521": 14
        }
      },
      "eval_facility": {},
      "fips_cert_id": {},
      "fips_certlike": {
        "Certlike": {
          "AES (128": 1,
          "AES CBC 128/192/256": 1,
          "AES1": 1,
          "AES128": 1,
          "AES256": 1,
          "HMAC SHA-1": 1,
          "HMAC SHA-256": 4,
          "HMAC-SHA- 256": 2,
          "HMAC-SHA- 512": 2,
          "HMAC-SHA-1": 6,
          "HMAC-SHA-224": 2,
          "HMAC-SHA-256": 6,
          "HMAC-SHA-512": 2,
          "RSA 2048": 7,
          "RSA2": 1,
          "SHA 1, 256": 1,
          "SHA 256": 5,
          "SHA 384": 2,
          "SHA 512": 2,
          "SHA-1": 7,
          "SHA-224": 2,
          "SHA-256": 12,
          "SHA-384": 4,
          "SHA-512": 4
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 1": 3,
          "level 1": 3
        }
      },
      "hash_function": {
        "MD": {
          "MD5": {
            "MD5": 1
          }
        },
        "SHA": {
          "SHA1": {
            "SHA-1": 7
          },
          "SHA2": {
            "SHA-224": 2,
            "SHA-256": 15,
            "SHA-384": 2,
            "SHA-512": 5
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 12
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "FIPS": {
          "FIPS 140-2": 12,
          "FIPS PUB 140-2": 1,
          "FIPS140-2": 1
        },
        "NIST": {
          "SP 800-108": 4,
          "SP 800-135": 2,
          "SP 800-35F": 1,
          "SP 800-38D": 2,
          "SP 800-90A": 4,
          "SP 800-90B": 1
        },
        "X509": {
          "X.509": 2
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 14,
            "AES128": 1,
            "AES256": 1
          },
          "CAST": {
            "CAST": 1
          }
        },
        "constructions": {
          "MAC": {
            "CMAC": 5,
            "HMAC": 18,
            "HMAC-SHA-224": 1,
            "HMAC-SHA-256": 3,
            "HMAC-SHA-512": 1
          }
        },
        "miscellaneous": {
          "Blowfish": {
            "Blowfish": 1
          }
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "Jennifer Brady",
      "/CreationDate": "D:20221013145148+05\u002730\u0027",
      "/Creator": "Microsoft\u00ae Word for Microsoft 365",
      "/ModDate": "D:20221013145148+05\u002730\u0027",
      "/Producer": "Microsoft\u00ae Word for Microsoft 365",
      "/Subject": "FIPS 140-2 Security Policy Template",
      "pdf_file_size_bytes": 1033406,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "https://www.juniper.net/support/downloads/junos.html",
          "https://www.juniper.net/content/dam/www/assets/datasheets/us/en/routers/mx2000-universal-routing-platforms-datasheet.pdf",
          "http://www.juniper.net/"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 32
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_json_hash": null,
    "policy_pdf_hash": "83bbf8d8f0870a989bf20c0aacb8aebefadb50386a56f6ff18bb2892efad5780",
    "policy_txt_hash": "2249823deeda31142e67e91c70acd349086644c37965be0c590ad6b9d0d69000"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 1.2 and 6 of the Security Policy",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/December 2022_030123_0646_signed.pdf",
    "date_sunset": "2026-09-21",
    "description": "The MX series provides dedicated high-performance processing for flows and sessions and integrates advanced security capabilities that protect the network infrastructure as well as user data.",
    "embodiment": "Multi-Chip Stand Alone",
    "exceptions": [
      "Roles, Services, and Authentication: Level 3",
      "Design Assurance: Level 3",
      "Mitigation of Other Attacks: N/A"
    ],
    "fw_versions": "Junos OS 20.3X75",
    "historical_reason": null,
    "hw_versions": "MX2010 and MX2020 with components identified in Security Policy Table 1",
    "level": 1,
    "mentioned_certs": {},
    "module_name": "Juniper Networks MX2010 and MX2020 3D Universal Edge Routers with REMX2K-X8-64G and RE-MX2000-1800X4-S Routing Engines, MPC9E with MIC-MACSEC-MRATE",
    "module_type": "Hardware",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "active",
    "sw_versions": null,
    "tested_conf": null,
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2022-12-07",
        "lab": "Acumen Security",
        "validation_type": "Initial"
      }
    ],
    "vendor": "Juniper Networks, Inc.",
    "vendor_url": "http://www.juniper.net"
  }
}

Sections

Juniper Networks MX2010 and MX2020 3D Universal Edge Routers with REMX2K-X8-64G and RE-MX2000-1800X4-S Routing Engines, MPC9E with MIC-MACSEC-MRATE

Certificate #4387

Webpage information

Security policy

Symmetric Algorithms

Asymmetric Algorithms

Hash functions

Schemes

Protocols

Randomness

Libraries

Elliptic Curves

Block cipher modes

Security level

Standards

File metadata

Heuristics

Automated inference - use with caution

CPE matches

References

Updates Feed

Certificate changed

Certificate changed

Certificate changed

Certificate changed

Certificate changed

New certificate

Raw data

Sections

Juniper Networks MX2010 and MX2020 3D Universal Edge Routers with REMX2K-X8-64G and RE-MX2000-1800X4-S Routing Engines, MPC9E with MIC-MACSEC-MRATE

Certificate #4387

Webpage information

Security policy

Cryptography

Symmetric Algorithms

Asymmetric Algorithms

Hash functions

Schemes

Protocols

Randomness

Libraries

Elliptic Curves

Block cipher modes

Security

Security level

Other

Standards

File metadata

Heuristics

Automated inference - use with caution

CPE matches

References

Updates Feed

Raw data

Toggle raw data