Hi @ronancastro, welcome to the community forum.
I recommend that you use the DNS-01 challenge type instead.
Let’s Encrypt explicitly does not recommend source IP firewall policy when using the HTTP-01 or TLS-ALPN-01 challenge types. The source IPs are subject to change without notice and we do not publish a list. You can find many forum threads where this policy has been discussed (e.g. this recent one).