If debian generated an onion address like debiandebxwnjx6t.onion (just made that up), how would that help you determine that the .onion address is owned by debian?
All it proves is that someone ran a vanity key/address generator on his GPU for a couple of days to get a nice-looking prefix. I could do the same thing at home and get a different address with the same prefix, and you wouldn't be able to tell the difference without comparing the whole address.
You need a trust path to the Debian sysadmins. The best option right now is the HTTPS on onion.debian.org and the knowledge that Debian uses Lets Encrypt.