I insert myself between two internet routers, reading and injecting data layer packets. It helps if I am near a CA server.
For each IP address, I make an HTTP-01 ACME challenge. For each IP address, a response from a CA will get routed through my cable. I add the challenge file to my server so the CA can GET request it, and sign my CSR.
I now have a server with an SSL certificate and key for every IP address. This shows up in CA logs.
What stops this happening?