I don't know enough to solve this. However...
Can you check /var/log/letsencrypt/letsencrypt.log or possibly /usr/local/var/log/letsencrypt/letsencrypt.log for the traceback? I'm curious what module it's coming from and, in particular, where it's installed.
I'm 90% sure it's coming from cryptography, but maybe it's pyasn1 or something.
It may be interesting to know what version it is, how it was installed, and whether it's newer or older than Certbot.
That's the extension used by Certificate Transparency, which Let's Encrypt enabled around 29 March.
I'm not sure when it was defined, but it was at least 5 years ago. A lot of software probably only added it quite recently. But I'm surprised, I would have expected either it to be successfully parsed as an unknown extension, or for tons of people to have reported this issue...
If it's this certificate from 1 April, other tools seem to have no problem parsing it. And it would be unusual but not impossible for Let's Encrypt to be issuing syntactically invalid certificates.