/usr/lib/ruby/ is in ruby-rack-attack 4.4.1-1.
This file is owned by root:root, with mode 0o755.
..
/usr/lib/ruby/vendor_ruby/
/usr/lib/ruby/vendor_ruby/rack/
/usr/lib/ruby/vendor_ruby/rack/attack/
/usr/lib/ruby/vendor_ruby/rack/attack/allow2ban.rb
/usr/lib/ruby/vendor_ruby/rack/attack/blacklist.rb
/usr/lib/ruby/vendor_ruby/rack/attack/cache.rb
/usr/lib/ruby/vendor_ruby/rack/attack/check.rb
/usr/lib/ruby/vendor_ruby/rack/attack/fail2ban.rb
/usr/lib/ruby/vendor_ruby/rack/attack/path_normalizer.rb
/usr/lib/ruby/vendor_ruby/rack/attack/request.rb
/usr/lib/ruby/vendor_ruby/rack/attack/store_proxy/
/usr/lib/ruby/vendor_ruby/rack/attack/store_proxy/dalli_proxy.rb
/usr/lib/ruby/vendor_ruby/rack/attack/store_proxy/mem_cache_proxy.rb
/usr/lib/ruby/vendor_ruby/rack/attack/store_proxy/redis_store_proxy.rb
/usr/lib/ruby/vendor_ruby/rack/attack/store_proxy.rb
/usr/lib/ruby/vendor_ruby/rack/attack/throttle.rb
/usr/lib/ruby/vendor_ruby/rack/attack/track.rb
/usr/lib/ruby/vendor_ruby/rack/attack/version.rb
/usr/lib/ruby/vendor_ruby/rack/attack/whitelist.rb
/usr/lib/ruby/vendor_ruby/rack/attack.rb