SSL certs don't work that way
SSL certs care only about domain names, not IP addresses.
If have a spoofed DNS server that points you to a different webserver IP than the real one, if your browser DNS matches the SSL cert name given by the webserver , it will be fine -- no warning by you browser, unless your browser is doing additional checks to compare to a registry of known SSL web server IPs.
The whole point of the web of trust around getting an SSL cert is supposed to prevent fraud in obtaining SSL certs for a site. But now there are many cheap SSL cert providers that don't really do much of anything for verification before issuing a cert. So fraud is quite possible, even with a seemingly valid SSL cert, if your DNS server cannot be trusted.
This white paper explains the issue: http://www.us.kpmg.com/RutUS_prod/Documents/12/DC80502.pdf
Biting the hand that feeds IT
