diff --git a/xff/fastlyxff/fastly.json b/xff/fastlyxff/fastly.json
new file mode 100644
index 0000000..63bb956
--- /dev/null
+++ b/xff/fastlyxff/fastly.json
@@ -0,0 +1 @@
+{"addresses":["23.235.32.0/20","43.249.72.0/22","103.244.50.0/24","103.245.222.0/23","103.245.224.0/24","104.156.80.0/20","140.248.64.0/18","140.248.128.0/17","146.75.0.0/17","151.101.0.0/16","157.52.64.0/18","167.82.0.0/17","167.82.128.0/20","167.82.160.0/20","167.82.224.0/20","172.111.64.0/18","185.31.16.0/22","199.27.72.0/21","199.232.0.0/16"],"ipv6_addresses":["2a04:4e40::/32","2a04:4e42::/32"]}
\ No newline at end of file
diff --git a/xff/fastlyxff/xff.go b/xff/fastlyxff/xff.go
new file mode 100644
index 0000000..ab3cea8
--- /dev/null
+++ b/xff/fastlyxff/xff.go
@@ -0,0 +1,51 @@
+package fastlyxff
+
+import (
+	"encoding/json"
+	"net"
+	"net/netip"
+	"os"
+
+	"github.com/labstack/echo/v4"
+)
+
+type FastlyXFF struct {
+	IPv4 []string `json:"addresses"`
+	IPv6 []string `json:"ipv6_addresses"`
+}
+
+type TrustedNets struct {
+	prefixes []netip.Prefix
+}
+
+func New(fileName string) (*FastlyXFF, error) {
+	b, err := os.ReadFile(fileName)
+	if err != nil {
+		return nil, err
+	}
+
+	d := FastlyXFF{}
+
+	err = json.Unmarshal(b, &d)
+	if err != nil {
+		return nil, err
+	}
+
+	return &d, nil
+}
+
+func (xff *FastlyXFF) EchoTrustOption() ([]echo.TrustOption, error) {
+	ranges := []echo.TrustOption{}
+
+	for _, s := range append(xff.IPv4, xff.IPv6...) {
+		_, cidr, err := net.ParseCIDR(s)
+		if err != nil {
+			return nil, err
+		}
+
+		trust := echo.TrustIPRange(cidr)
+		ranges = append(ranges, trust)
+	}
+
+	return ranges, nil
+}
diff --git a/xff/fastlyxff/xff_test.go b/xff/fastlyxff/xff_test.go
new file mode 100644
index 0000000..e048e48
--- /dev/null
+++ b/xff/fastlyxff/xff_test.go
@@ -0,0 +1,23 @@
+package fastlyxff
+
+import "testing"
+
+func TestFastlyIPRanges(t *testing.T) {
+
+	fastlyxff, err := New("fastly.json")
+	if err != nil {
+		t.Fatalf("could not load test data: %s", err)
+	}
+
+	data, err := fastlyxff.EchoTrustOption()
+
+	if err != nil {
+		t.Fatalf("could not parse test data: %s", err)
+	}
+
+	if len(data) < 10 {
+		t.Logf("only got %d prefixes, expected more", len(data))
+		t.Fail()
+	}
+
+}