Yes, the staging server and the production server may contact you from different IP addresses. What's more, whitelisting verification server IP addresses is not a use case supported by Let's Encrypt.
Let's Encrypt is actively pursuing making validation IP addresses more unpredictable:
If you don't want to allow connections to your server from arbitrary addresses during the validation process, you should use the DNS-01 challenge method and prove your control of the domain name by creating a specified DNS record.