It’s definitely using the older certificate. That’s definitely a problem, and it might be the only problem.
Apache has a lot of configuration files. Could you provide, in order of most to least important, the files in sites-enabled, the files in conf.d, and ports.conf? And any other important files that they Include
When was the last time Apache was reloaded or restarted? If it was before the 13:55 certificate was issued, that might be all you need to do. (Aside from the redirect configuration.)
Edit: “certbot certificates” looks good, though.