Hi,
The issue is from your http port listen configuration.
In the config file, you do enable IPV6 for https (ssl port)… However, you should set listen to IPV6 on port 80 too…
Since you are using http-01 validation, let’s encrypt validation server connects to port 80 first… and because the IPv6 of your site is not listened in port 80. The site returns error code of 403.
Please enable Nginx to listen to IPV6 for each http (port 80)
Thank you