This is related to legacy/trac#20055 which would be an important thing to monitor for the health and security of the network. There are multiple things here that can be or should be checked. The `onion-key` field is an RSA key so DocTor will need to keep a persistent database of those over time (only used for TAP handshake). The `ntor-onion-key` field also can be monitored the same as the RSA key. If the `ntor-onion-key-crosscert` field is present, you'll get a timestamp for free in the certificate which should have the `exp_field` set to the last published time + 7 days. In any case, a router SHOULD NOT have either a TAP or ntor onion key _more_ than 7 days as this is hardcoded in Tor. If they do, it could be another implementation but finding them would be good so we can warn/ask them to fix. Or better, detect bugs as well on tor implementation that could keep those for a longer time.