Hi @Soramika,
I notice your domain name also has an IPv6 AAAA record:
$ dig +short AAAA htnk.nl
2001:888:0:18::117:80
Does that happen to belong to the old server as well? Since May Let's Encrypt has preferred IPv6 addresses for dual-homed hosts which means that the validation authority is connecting to this IPv6 address and not one of the two IPv4 addresses you shared.
If this is the old IPv6 address I recommend updating the AAAA to point to the new server's IPv6 address.
If this is the new server's IPv6 address you should check that your webserver is directing the request to the correct webroot that the ACME client configured when the request comes in over IPv6.
If all else fails you could try removing the AAAA record but I would leave that as a last resort since working IPv6 should be everyone's goal in 2017 
I think I've identified the problem above but just to be clear if not - Let's Encrypt doesn't cache DNS data for any considerable time. Our recursive resolver talks directly to one of your authoritative DNS servers and our max TTL is set quite low (sub 1m). It's almost never the case that the problem is stale DNS data.
Hope that helps!