Is there any limit on total number of IPs I can add to .htaccess file ?
Nope, however some caution needs to be used in applying ranges, rather than specific IP's down to the Class D, or else the bot will just come back on a different Class C or Class D.
You should also learn to keep the ranges in some type of ascending order for easier control/reference.
Here's the latest AWS ranges as of Dec-2012: Order Deny,Allow deny from 126.96.36.199/14 188.8.131.52/16 184.108.40.206/15 220.127.116.11/17 18.104.22.168/20 22.214.171.124/14 126.96.36.199/14 188.8.131.52/12 184.108.40.206/12 220.127.116.11/18 18.104.22.168/19 22.214.171.124/17 Deny from env=keep_out
Additionally, if you have an htaccess within the sub-domain, than you may require adjustments in that sub-domain htaccess so that the root domain takes precedence (as it should be).
IP ranges are not the only thing you need to block. Think user-agents for the more honest (but unwanted) bot and other header field combinations to block new attacks.
Today I axed some dozen NEW (to me) attack IPs (and I have a LOT of indexed IP ranges!) mostly, but not all, from DSL ranges which are not usually blocked. These hits are almost certainly all from compromised machines and, since it's the weekend, probably from home computers.
There was a recent take-down of a criminal network (again!). Every time this happens there is a new spate of attacks on servers and domestic machines alike trying to regenerate the number of hacked machines. Makes sense but very annoying.