This would depend on the condition of the certificates. Its possible to view each certificate and see if you use the servers anymore or of there is an expiration in their details.

• Configuration Options for Certificates
• Secure Website Certificate

The list of certs that are pre-installled are: https://www.mozilla.org/en-US/about/g.../policy/

There is usually no need to remove certificate or disable trust bits of certificate that show in the Certificate Manager. Entries that have "Software security Device" next to them are intermediate certificates that Firefox stores automatically when you visit a server that sends them. You can remove them if you like, bit this is only necessary if there is an issue with the certificate. This avoids issues if you visit websites that do not send a complete certificate chain.

Certificate that have "Builtin Object Token" are built-in root certificates that Firefox uses to trust certificates that are send by the server and allow to build a certificate chain that ends with a trusted root certificate. You can't remove such built-in root certificates, but you can edit their trust bits to prevent them from being used as a trusted root certificate (intermediate certificate should never have trust bits set).

The two comments proved useful information, thanks.

Follow-up questions. What about the authorities tab? Are a tonne of them there. There is a message that comes up when about to delete one that says "If you delete or distrust a certificate authority (CA) this application will no longer trust any certificates issued by that CA." Looks like one should not delete these. Is that right? Where do these come from and how do they end up in my Firefox?