A false positive in this case though. If the standalone authenticator was being used historically, then it doesn't matter how Apache is configured.
We can infer that the IPv4 and IPv6 address point to the same server because both addresses have the same SSH host key fingerprint.
It sounds from the OP like --pre-hook/post-hook got wiped out of the renewal parameters for some reason.
Encoding it into the cronjob is a fairly safe way to ensure it runs, I guess (if you want to continue using the standalone authenticator).