Now I understand what you are asking. Yes, there’s always a risk that either a domain name, or the underlying IP address, will change hands during the lifetime of a certificate. There are some circumstances that make that more likely, like dynamically assigned IP ranges, and generated DNS namespaces that map to them. That’s one of the many reasons we offer 90-day certificates instead of 1-year or 2-year: it somewhat reduces the risk.
The other mitigation for the risk of reused IP addresses is that it only affects the people who specifically take it on. For instance, if you decided to run a production website on
198.51.100.100.rev.sfr.net, but you know
198.51.100.100 isn’t yours forever, you’re taking on a risk. If someone else later gets assigned
198.51.100.100 and gets a certificate for
198.51.100.100.rev.sfr.net, they would be able to intercept traffic intended for your production website, stealing cookies and so on. However, that just means it’s a bad idea to run a production website using domain names and IP addresses that you don’t fully own.