Maybe this post here?
I’ve found a list of LE domains that are responsible for the challenge process here but unfortunately no IP addresses and no ASN that could be used to open the firewall for those.