RedHat Package Manager file (.rpm)

.rpm file signature | application/x-rpm

Red Hat Package Manager (RPM) is a software package format and package-management system originally developed by Red Hat and maintained by the RPM project and Linux distributions. It is used to distribute, install, upgrade, and verify software on many Linux and Unix-like systems, especially in enterprise repositories and system administration workflows. Because RPM packages can install system-level files and scripts, they should be obtained only from trusted sources; the format remains widely used rather than obsolete.

High

High Risk Format

This file type can contain executable code. Always validate the source and scan with antivirus before opening.

Magic Bytes

Offset 0


              ED AB EE DB

Sources: Apache Tika, Wikipedia, Gary Kessler

Extension

.rpm

MIME Type

application/x-rpm

Byte Offset

Risk Level

High

Validation Code

How to validate .rpm files in Python

Python

def is_rpm(file_path: str) -> bool:
    """Check if file is a valid RPM by magic bytes."""
    signature = bytes([0xED, 0xAB, 0xEE, 0xDB])
    with open(file_path, "rb") as f:
        return f.read(4) == signature

How to validate .rpm files in Node.js

Node.js

function isRPM(buffer: Buffer): boolean {
  const signature = Buffer.from([0xED, 0xAB, 0xEE, 0xDB]);
  return buffer.subarray(0, 4).equals(signature);
}

How to validate .rpm files in Go

func IsRPM(data []byte) bool {
    signature := []byte{0xED, 0xAB, 0xEE, 0xDB}
    if len(data) < 4 {
        return false
    }
    return bytes.Equal(data[:4], signature)
}

API Endpoint

GET /api/v1/rpm


              curl https://filesignature.org/api/v1/rpm

See the full API documentation for all endpoints and parameters.

Frequently Asked Questions

What is a .rpm file?

A .rpm file is a RedHat Package Manager file file. Red Hat Package Manager (RPM) is a software package format and package-management system originally developed by Red Hat and maintained by the RPM project and Linux distributions. It is used to distribute, install, upgrade, and verify software on many Linux and Unix-like systems, especially in enterprise repositories and system administration workflows. Because RPM packages can install system-level files and scripts, they should be obtained only from trusted sources; the format remains widely used rather than obsolete.

What are the magic bytes for .rpm files?

The magic bytes for RedHat Package Manager file files are ED AB EE DB at byte offset 0. These bytes uniquely identify the file format regardless of the file extension.

How do I validate a .rpm file?

To validate a .rpm file, read the first bytes of the file and compare them against the known magic bytes (ED AB EE DB) at offset 0. This is more reliable than checking the file extension alone, as extensions can be renamed.

What is the MIME type for .rpm files?

The primary MIME type for .rpm files is application/x-rpm.

Is it safe to open .rpm files?

RedHat Package Manager file (.rpm) files are high risk because they can contain executable code. Never open .rpm files from untrusted sources. Always scan with antivirus software, verify the source, and consider running in a sandboxed environment.