Some domains use the Free Universal SSL from Let’s Encrypt Authority, others do not use Let’s Encrypt.
For those that use the Let’s Encrypt one, trying to cURL to them, we get cURL error 60 - expired certificate.
All the other domains do not have this problem.
There seems no way to update those certificates in CloudFlare, to get rid of the expired Let’s encrypt ones and get a fresh ones.
By the way - the browsers do not complain on those websites about the certificate. It seems valid.
So overall, this is somewhat confusing.