Hi,
I think the way URI scheme SIP is similiar to URI HTTPS or HTTP, and according to a tutorial i searched online (I don't have experience with configuring SIP), there should have no problem using a Let's Encrypt certificate with SIP.
So the command should simply be: certbot certonly --manual --preferred-challenges=dns -d thanos.babblevoice.com -d bling.babblevoice.com --duplicate
Tutorial i found: How to Create Certificates for the SIP Proxy | Barracuda Campus
P.S. I might be wrong, but if SIP certificate requires a new URI in SAN, there should be a bunch of commercial CAs selling SIP certificate.