Hi,
I had downloaded the current manjaro-kde-21.0.7-210614-linux510.iso file. I tried to verify it with sha1 and the codes do not match.
742707d04a9e6297f3d174d3ea0c62e7ad4b39aa manjaro-kde-21.0.7-210614-linux510.iso
The sha1 from website is SHA1: 43f0f573d6c5d089cd280b622f228d1ea2933cf8
Also I tried the gpg verification with the given signature, which gives me the following bad signature error:
$ gpg --verify manjaro-kde-21.0.7-210614-linux510.iso.sig
gpg: assuming signed data in 'manjaro-kde-21.0.7-210614-linux510.iso'
gpg: Signature made Monday 14 June 2021 09:04:23 PM IST
gpg: using RSA key 3B794DE6D4320FCE594F4171279E7CF5D8D56EC8
gpg: BAD signature from "Manjaro Build Server <build@manjaro.org>" [unknown]