And yes and no at the same time.
(updated, because I suddenly read it and didn’t understand half - apparently I wrote on the "stream")
RSA should only be used to encrypt other keys - the keys of symmetric encryption algorithms. AES, GOST 28147-89, 3DES and others. Why? First, symmetric algorithms are more resistant to hacking with a large known private text, while asymmetric encryption is potentially flawed. In the sense that (almost) any asymmetric encryption uses an NP-class problem (more precisely, an NP-complete problem): number factorization (RSA), decoding of full (general) linear codes (McEliece), calculation of a discrete logarithm on an eleptic curve (GOST R 34.10-2012), or in the final field (Elgamal). Another thing is that any of this problem is potentially solvable. In the case of symmetric encryption, one really should only hope for a miracle (in GOST it is allowed to choose any s-boxes, so there is nothing left for the cryptanalyst, how to pray to the proletariat in the hope of thermorectal cryptanalysis). In the case of an asymmetric cipher, two things come into play - the high complexity of implementing a truly secure algorithm (asymmetric ciphers are very complex and full of nuances, not taking into account which you can easily destroy the system), low speed (due to the fact that you have to use very abstract mathematical functions that are difficult to implement in hardware and fraught with many low-level operations) when requiring very long keys, they force the use of small keys in order not to wait forever.
However. There is a strange paradox here. If the data is very important and several million raccoons can be killed to protect it, then only an asymmetric cipher should be used. Because it potentially gives more durability. The paradox here is that if the classes P and NP are unequal, then we get almost ideal and affordable protection, since there is the possibility of complex organizational protection.
(a lot was sent to the firebox here)
Okay, let's look at the standard scheme with Alice, Bob and Eve:

Алиса -> c = E(m, Eb) -> -------- -> D(c, Db) -> Боб (
                                 |
                                 |
                                 v
                     Ева <- c, E, D, d

here m - text to be transmitted (message)
c - ciphertext
E - encryption function (obtaining the ciphertext from the message)
D - decryption function, otherwise - reverse encryption function (obtaining the ciphertext from the message)
Eb, Db - Bob's private and public keys (different designations are used in the literature, here it is)
Actually, Eve knows everything about the encryption and decryption functions, has access to the ciphertext, and we will assume that she also receives the public key.
Now what does this give us? And this gives us the opportunity to spawn a large number of keys and encrypt each message with a separate key. Potentially, but if there is $$$, then you can buy half of the servers of the country, if not the planet, and enjoy life. Although you can do exactly the same with symmetric encryption, and this is called a one-time pad, they use different encryption modes and still come out more profitable. Where is the profit here?
Firstly, if you need to transmit over the channel, and not store, then you can generate keys on the fly and destroy them after decryption. In fact, it turns out that in order to receive a message of length l, the bean will also need to send keys in the total amount of length l. Lot? Yes. Profitable? Very - because we realize
an asymmetric one-time pad (oops), which, however, makes no sense to use no - too expensive. And it is not always possible - sometimes the return channel is extremely narrow.
Secondly, there is a way to organize protection based on the hierarchy of users. That is, Major Alice wrote a report that she needs to send to Lieutenant Colonel Bob. At the same time, everyone equal to or higher than a lieutenant colonel should have the right to read this report.
Thirdly, as mentioned above, the complexity of hacking is quite high. And not only because P != NP. Even P is quite large, which is why they use an asymmetric cipher to transfer the keys of symmetric keys. But hacking turns out to be very difficult due to heavy mathematical abstractions. Usually. Yes, RSA can be "hacked" by going through all the possible divisors, but it takes a long time due to the astronomical key size. And the ways of bypassing or simplifying are based on such a furious matan that an attempt to somehow implement this will force the use of very difficult operations themselves. So this is when working with banal numbers (and this shows how poorly developed number theory is), but what if we go to an elliptic curve - analytical geometry may be slightly better developed, but abstractions are much harder for computers. And even the use of graphic cards does not help, because there is also a McAleese. I mean, O(2^32) for a symmetric cipher and O(2^32) for an asymmetric cipher are not very equal. They are not equal, just as the day and the month are not equal.
But the most important thing. Today, anything can be hacked. And what cannot be hacked is useless (because it is either completely destroyed, or it provides the same unbearable difficulties for decryption to the recipient). First, the attack may not be on the ciphers themselves, but on organizational methods (which can be improved by using an asymmetric cipher). Secondly, some ciphers do have flaws, it's just that a limited circle of people know about them; hello masons. And finally, the cryptanalyst can be just, well, very lucky.
Therefore, encryption should be used in proportion to the cost of risk. The higher the risk, the stronger the encryption, but most importantly, the more complex and disciplined organizational measures. Agree - it is useless to have a centralized certificate store with one server in a bunker 200 km underground and round-the-clock security from the army of a small country, just one port sticking out to the outside world with a channel of about 200 bits per second and constant monitoring of organizational methods (authorization, access and the like)... Having a password for the superuser - qwerty, and keeping an archive with cats on the hard drive.

RSA in its purest form is not well suited for data encryption (as well as any other encryption algorithm in its purest form). This should not be taken to mean that an encrypted message can be easily decrypted. But two identical messages in encrypted form will match. It is considered bad.
All asymmetric ciphers are very slow. Therefore, they are only used to encrypt the symmetric cipher key that is used to encrypt the message. (The symmetric cipher is also not used in its pure form, see Encryption mode ).

Use a key length of at least 2048 bits.
For what purpose did you need it?

bugtraq.ru/library/crypto/rsa.html The
question is, what do you want to encrypt? if this is super-important data, look at commercial CIPF. That is, how strong the damage can be if the information falls into third hands, but if it is something like notes while studying or cute pictures of girlfriends, then a password-protected archive with a long key is enough.