I agree with @MitchellK that you may be able to find out by experiment, but I can clarify from the Certbot side that we don’t expect people to be able to run our Certbot software on versions of CentOS before CentOS 6.
However, Certbot is not the only way to get a Let’s Encrypt certificate. In fact, there are several dozen software tools that can help you do this
and even web-based interfaces (which are convenient if you can’t install software on your server or if some of these tools aren’t compatible with your server software version—but inconvenient because you can’t script automated renewals, and Let’s Encrypt certificates expire every 90 days).
The most widely compatible clients there with the fewest dependencies are probably the bash clients (that are implemented as shell scripts). I would think the bash clients are most likely to be able to run under CentOS 5.
There is nothing about the certificates themselves that limits their use to a particular OS, although (like all current trusted CA certificates) they are signed with SHA-256, not SHA-1, so the server software needs to believe that this is a valid signature algorithm component if it tries to verify the signature for itself.