Let's Encrypt does not publish the IP addresses used by its validation servers. See this FAQ: FAQ - Let's Encrypt
Note there are currently 5 of these centers which rotate their IP addresses regularly.
You may also find this helpful: Multi-Perspective Validation & Geoblocking FAQ
It looks like you might be blocking repeated requests from the same IP or origin. I say this because another tool we use succeeds on its first try but fails with a "timeout" for a second try. Another try will succeed and the one after that fails. This pattern repeats. Use https://unboundtest.com and query for an A record for your domain. Repeat that test.
Note that unboundtest is not coming from an LE validation center. It is only a testing tool.
I think you will need to relax your firewall to allow more repeated requests. Even if you were to try using a different Certificate Authority it will also need to make similar requests to your DNS server.