diff --git a/bird.conf b/bird.conf
index aa7f187..948d4d0 100644
--- a/bird.conf
+++ b/bird.conf
@@ -12,7 +12,6 @@ include "/etc/bird/constants.conf";
 include "/etc/bird/passwords.conf";
 include "/etc/bird/communities.conf";
 include "/etc/bird/tables.conf";
-include "/etc/bird/rpki.conf";
 include "/etc/bird/filters/*.conf";
 include "/etc/bird/protocols/*.conf";
 
diff --git a/protocols/rpki.conf b/protocols/rpki.conf
new file mode 100644
index 0000000..fad7722
--- /dev/null
+++ b/protocols/rpki.conf
@@ -0,0 +1,11 @@
+protocol rpki {
+	roa6 {
+		table roa_v6;
+	};
+
+	remote "10.43.141.166" port 3323;
+
+	retry keep 90;
+	refresh keep 900;
+	expire keep 172800;
+}
diff --git a/rpki.conf b/rpki.conf
deleted file mode 100644
index f17165a..0000000
--- a/rpki.conf
+++ /dev/null
@@ -1,65 +0,0 @@
-protocol rpki {
-	roa6 {
-		table roa_v6;
-	};
-
-	remote "10.43.141.166" port 3323;
-
-	retry keep 90;
-	refresh keep 900;
-	expire keep 172800;
-}
-
-function filter_reason(lc rsn) {
-	bgp_large_community.add(rsn);
-}
-
-# RPKI tests
-function is_rpki_invalid_v6() {
-	     if roa_check(roa_v6, net, bgp_path.last_nonaggregated) = ROA_VALID then
-		bgp_large_community.add(informational_rpki_valid);
-	else if roa_check(roa_v6, net, bgp_path.last_nonaggregated) = ROA_UNKNOWN then
-		bgp_large_community.add(informational_rpki_unknown);
-	else if roa_check(roa_v6, net, bgp_path.last_nonaggregated) = ROA_INVALID then {
-		print "Ignore RPKI invalid ", net, " for ASN ", bgp_path.last;
-		bgp_large_community.add(informational_rpki_invalid);
-		return true;
-	}
-	else
-		bgp_large_community.add(informational_rpki_not_checked);
-
-	return false;
-}
-
-function is_rpki_invalid_dn42_v4() {
-	     if roa_check(roa_dn42_v4, net, bgp_path.last_nonaggregated) = ROA_VALID then
-		bgp_large_community.add(informational_rpki_valid);
-	else if roa_check(roa_dn42_v4, net, bgp_path.last_nonaggregated) = ROA_UNKNOWN then
-		bgp_large_community.add(informational_rpki_unknown);
-	else if roa_check(roa_dn42_v4, net, bgp_path.last_nonaggregated) = ROA_INVALID then {
-		print "Ignore RPKI invalid ", net, " for ASN ", bgp_path.last;
-		bgp_large_community.add(informational_rpki_invalid);
-		return true;
-	}
-	else
-		bgp_large_community.add(informational_rpki_not_checked);
-
-	return false;
-}
-
-function is_rpki_invalid_dn42_v6() {
-	     if roa_check(roa_dn42_v6, net, bgp_path.last_nonaggregated) = ROA_VALID then
-		bgp_large_community.add(informational_rpki_valid);
-	else if roa_check(roa_dn42_v6, net, bgp_path.last_nonaggregated) = ROA_UNKNOWN then
-		bgp_large_community.add(informational_rpki_unknown);
-	else if roa_check(roa_dn42_v6, net, bgp_path.last_nonaggregated) = ROA_INVALID then {
-		print "Ignore RPKI invalid ", net, " for ASN ", bgp_path.last;
-		bgp_large_community.add(informational_rpki_invalid);
-		return true;
-	}
-	else
-		bgp_large_community.add(informational_rpki_not_checked);
-
-	return false;
-}
-