The simplest solution (which is usually good for long-term) should be always keeping the “contents” of the entire /etc/letsencrypt folder; even after the docker container is “destroyed” or even “replaced”.
There may be more than one way to do that.
I suggest using a “common” path (outside of that docker image) that other systems can be allowed access to for all LE/certbot “app” information and files.