diff --git a/cmd/cmd_renew.go b/cmd/cmd_renew.go
index 1d0a0407..496f5a43 100644
--- a/cmd/cmd_renew.go
+++ b/cmd/cmd_renew.go
@@ -20,7 +20,7 @@ import (
 // Flag names.
 const (
 	flgDays                   = "days"
-	flgARIEnable              = "ari-enable"
+	flgARIDisable             = "ari-disable"
 	flgARIWaitToRenewDuration = "ari-wait-to-renew-duration"
 	flgReuseKey               = "reuse-key"
 	flgRenewHook              = "renew-hook"
@@ -61,8 +61,8 @@ func createRenew() *cli.Command {
 				Usage: "The number of days left on a certificate to renew it.",
 			},
 			&cli.BoolFlag{
-				Name:  flgARIEnable,
-				Usage: "Use the renewalInfo endpoint (draft-ietf-acme-ari) to check if a certificate should be renewed.",
+				Name:  flgARIDisable,
+				Usage: "Do not use the renewalInfo endpoint (draft-ietf-acme-ari) to check if a certificate should be renewed.",
 			},
 			&cli.DurationFlag{
 				Name:  flgARIWaitToRenewDuration,
@@ -151,16 +151,24 @@ func renewForDomains(ctx *cli.Context, client *lego.Client, certsStorage *Certif
 	cert := certificates[0]
 
 	var ariRenewalTime *time.Time
-	if ctx.Bool(flgARIEnable) {
+	var replacesCertID string
+
+	if !ctx.Bool(flgARIDisable) {
 		ariRenewalTime = getARIRenewalTime(ctx, cert, domain, client)
 		if ariRenewalTime != nil {
 			now := time.Now().UTC()
+
 			// Figure out if we need to sleep before renewing.
 			if ariRenewalTime.After(now) {
 				log.Infof("[%s] Sleeping %s until renewal time %s", domain, ariRenewalTime.Sub(now), ariRenewalTime)
 				time.Sleep(ariRenewalTime.Sub(now))
 			}
 		}
+
+		replacesCertID, err = certificate.MakeARICertID(cert)
+		if err != nil {
+			log.Fatalf("Error while construction the ARI CertID for domain %s\n\t%v", domain, err)
+		}
 	}
 
 	if ariRenewalTime == nil && !needRenewal(cert, domain, ctx.Int(flgDays)) {
@@ -209,11 +217,8 @@ func renewForDomains(ctx *cli.Context, client *lego.Client, certsStorage *Certif
 		AlwaysDeactivateAuthorizations: ctx.Bool(flgAlwaysDeactivateAuthorizations),
 	}
 
-	if ctx.Bool(flgARIEnable) {
-		request.ReplacesCertID, err = certificate.MakeARICertID(cert)
-		if err != nil {
-			log.Fatalf("Error while construction the ARI CertID for domain %s\n\t%v", domain, err)
-		}
+	if replacesCertID != "" {
+		request.ReplacesCertID = replacesCertID
 	}
 
 	certRes, err := client.Certificate.Obtain(request)
@@ -250,16 +255,24 @@ func renewForCSR(ctx *cli.Context, client *lego.Client, certsStorage *Certificat
 	cert := certificates[0]
 
 	var ariRenewalTime *time.Time
-	if ctx.Bool(flgARIEnable) {
+	var replacesCertID string
+
+	if !ctx.Bool(flgARIDisable) {
 		ariRenewalTime = getARIRenewalTime(ctx, cert, domain, client)
 		if ariRenewalTime != nil {
 			now := time.Now().UTC()
+
 			// Figure out if we need to sleep before renewing.
 			if ariRenewalTime.After(now) {
 				log.Infof("[%s] Sleeping %s until renewal time %s", domain, ariRenewalTime.Sub(now), ariRenewalTime)
 				time.Sleep(ariRenewalTime.Sub(now))
 			}
 		}
+
+		replacesCertID, err = certificate.MakeARICertID(cert)
+		if err != nil {
+			log.Fatalf("Error while construction the ARI CertID for domain %s\n\t%v", domain, err)
+		}
 	}
 
 	if ariRenewalTime == nil && !needRenewal(cert, domain, ctx.Int(flgDays)) {
@@ -279,11 +292,8 @@ func renewForCSR(ctx *cli.Context, client *lego.Client, certsStorage *Certificat
 		AlwaysDeactivateAuthorizations: ctx.Bool(flgAlwaysDeactivateAuthorizations),
 	}
 
-	if ctx.Bool(flgARIEnable) {
-		request.ReplacesCertID, err = certificate.MakeARICertID(cert)
-		if err != nil {
-			log.Fatalf("Error while construction the ARI CertID for domain %s\n\t%v", domain, err)
-		}
+	if replacesCertID != "" {
+		request.ReplacesCertID = replacesCertID
 	}
 
 	certRes, err := client.Certificate.ObtainForCSR(request)
diff --git a/docs/data/zz_cli_help.toml b/docs/data/zz_cli_help.toml
index 9e53c665..ad95fe40 100644
--- a/docs/data/zz_cli_help.toml
+++ b/docs/data/zz_cli_help.toml
@@ -88,7 +88,7 @@ USAGE:
 
 OPTIONS:
    --days value                              The number of days left on a certificate to renew it. (default: 30)
-   --ari-enable                              Use the renewalInfo endpoint (draft-ietf-acme-ari) to check if a certificate should be renewed. (default: false)
+   --ari-disable                             Do not use the renewalInfo endpoint (draft-ietf-acme-ari) to check if a certificate should be renewed. (default: false)
    --ari-wait-to-renew-duration value        The maximum duration you're willing to sleep for a renewal time returned by the renewalInfo endpoint. (default: 0s)
    --reuse-key                               Used to indicate you want to reuse your current private key for the new certificate. (default: false)
    --no-bundle                               Do not create a certificate bundle by adding the issuers certificate to the new certificate. (default: false)