@cpu, can you see if there’s any reason that this shouldn’t be reachable from the data center? It looks reachable to me…
@JadedDragoon, I assume you didn’t whitelist Let’s Encrypt IP addresses in a firewall or anything?
You could try the real certbot renew and see if you see any difference. There is a rate limit which will prevent you from trying this over and over again, but you’re allowed five attempts per hour under most circumstances so trying a single attempt shouldn’t harm anything. Also, if certbot renew doesn’t manage to get the new certificate, it doesn’t delete the original certificate or change your configuration or anything.