I had the same problem. It appears that something isn't pointing to the right package.
I got around it as follows:
1. Download gnu-elpa-keyring-update-2022.12.1.tar from https://elpa.gnu.org/packages/gnu-elpa-keyring-update.html
2. In emacs, install the above package directly with the command M-x package-install-file
Uwe Brauer writes:
>>> "PK" == Philip Kaludercic <philipk@posteo.net> writes:
> Eli Zaretskii <eliz@gnu.org> writes:
>> Here's what I get from package-list-packages in "emacs -Q" (in the
>> *Error* buffer):
>>
>> Failed to verify signature archive-contents.sig:
>> Bad signature from 645357D2883A0966 GNU ELPA Signing Agent (2023)
>> <elpasign@elpa.gnu.org>
>> Command output:
>> gpg: Signature made 30/06/2024 12:10:02 Jerusalem Daylight Time
>> gpg: using EDDSA key 0327BE68D64D9A1A66859F15645357D2883A0966
>> gpg: BAD signature from "GNU ELPA Signing Agent (2023)
>> <elpasign@elpa.gnu.org>" [unknown]
>>
>> Stefan, Philip: could you please look into this?
> I believe you can fix this by installing "gnu-elpa-keyring-update".
Well then I obtain
Contacting host: elpa.gnu.org:443
package--with-response-buffer-1:
https://elpa.gnu.org/packages/gnu-elpa-keyring-update-2022.12.tar: Not found
Updating buffer list...done
Catch 22?
Sent from Mail for Windows