Script para gerar a lista de ips da blacklist https://forum.mikrotik.com/viewtopic.php?t=152632 basta copiar o script abaixo e rodar no terminal.
{
ip firewall address-list
:local update do={
:do {
:local data ([:tool fetch url=$url output=user as-value]->"data")
remove [find list=blacklist comment=$description]
:while ([:len $data]!=0) do={
:if ([:pick $data 0 [:find $data "\n"]]~"^[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}") do={
:do {add list=blacklist address=([:pick $data 0 [:find $data $delimiter]].$cidr) comment=$description} on-error={}
}
:set data [:pick $data ([:find $data "\n"]+1) [:len $data]]
}
} on-error={:log warning "Falha ao atualizar <$description>."}
}
$update url=https://s3.i02.estaleiro.serpro.gov.br/blocklist/blocklist.txt description=SERPRO delimiter=("\n")
$update url=https://feeds.dshield.org/block.txt description=DShield delimiter=("\t") cidr=/24
$update url=https://www.spamhaus.org/drop/drop.txt description="Spamhaus DROP" delimiter=("\_")
$update url=https://www.spamhaus.org/drop/edrop.txt description="Spamhaus EDROP" delimiter=("\_")
$update url=https://sslbl.abuse.ch/blacklist/sslipblacklist.txt description="Abuse.ch SSLBL" delimiter=("\r")
$update url=https://raw.githubusercontent.com/cleytonferrari/Mikrotik-Blacklist/master/blocklist.txt description=GitHub delimiter=("\n")
/ip firewall raw add action=drop chain=prerouting comment="Bloqueia IPs da BlackList" log=yes log-prefix="BlacklistRAW" src-address-list=blacklist
}