I'm very skeptical these will work. For one, lots of these ransomware malware generate the private key on a server, so you never see it on the wire. When I say "on the wire" I mean some ransomware will generate the private cert client side and transmit it and if your network has network monitoring you can extract the key to decrypt. The only case these descriptors would work is if the authorities had seized the bad guys servers and have access to the private keys.