The key question when you interact with a device is whether you trust it or not and a central server may lie to you as to whether you should trust a particular device. Another point a central server has to be maintained whereas once the manufacturer's hash is added to the blockchain then the job is done.

What if you don't need trust. Cryptographic proof that a device's state has not changed should be enough.

If you take a printer manufacturer they would hash the firmware of a device and place it on a blockchain. Then the device itself from within the Firmware (kernel, hardrive and TPM) would merkle tree a hash and the final hash would be added to the blockchain. You would then be able to cross-reference the hash of the device with the hash of the device manufacturer. If they are the same then you can proceed.