Hello Marc. 
Continually acquiring duplicate certificates is not a good idea. Unfortunately, certbot does not make things particularly easy to backup and restore certificates... yet. I've made a recommendation for a future release of certbot that could help tremendously for your type of environment. For now, you can create an archive (like a tar) of the entire /etc/letsencrypt directory structure (when it's working properly) then restore that. Adding --keep to your certbot commands will result in your certificates only being updated within 30 days of expiration and thus prevent acquisition of duplicate certificates (and hitting the rate limit below).
By the way, it appears that you originally might have intended to create an apex (example.com) and wildcard (*.example.com) certificate (A&W certificate). To do this, you will need to use either --manual --preferred-challenges dns or a DNS plugin, if possible, as @JuergenAuer mentioned above, and add -d "example.com,*.example.com" to your certbot command. You can generate such a certificate now without worrying about the rate limit, but be certain to add --keep then back everything up. 
Renewals are treated specially: they don’t count against your Certificates per Registered Domain limit, but they are subject to a Duplicate Certificate limit of 5 per week. Note: renewals used to count against your Certificate per Registered Domain limit until March 2019, but they don’t anymore. Exceeding the Duplicate Certificate limit is reported with the error message
too many certificates already issued for exact set of domains.A certificate is considered a renewal (or a duplicate) of an earlier certificate if it contains the exact same set of hostnames, ignoring capitalization and ordering of hostnames. For instance, if you requested a certificate for the names [
www.example.com,example.com], you could request four more certificates for [www.example.com,example.com] during the week. If you changed the set of hostnames by adding [blog.example.com], you would be able to request additional certificates.Renewal handling ignores the public key and extensions requested. A certificate issuance can be considered a renewal even if you are using a new key.
You can find every certificate you've had issued using the link below. This will let you know if you've successfully generated a certificate. If you delete the private key for a certificate, you will be unable to use that certificate in the future.