We changed nothing on our side.
It's been failing with all kinds of errors.
Verify error:During secondary validation: DNS problem: networking error looking up A for
Verify error:During secondary validation: No valid IP addresses found for
Verify error:During secondary validation: DNS problem: query timed out looking up CAA
It's better to include a randomized delay for renewals. If everybody keeps renewing at xx:00 or yy:01, the peak in load on the Let's Encrypt servers could lead to such things.
Please include a randomized delay between 5 and 55 minutes for the renewal cronjob. (I think it's better to randomize from 5 minutes, as unfortunately most people probably don't include such a delay at all, so it's best to not use the minutes around the whole hour mark at all.)