in order to break bitcoin you would have to break all 3? not just one of them?
Correct. If you use a new keypair for every transaction (as recommended in the original Bitcoin Whitepaper), then your balances are all protected by 3 layers of cryptography. If RIPEMD-160 were completely broken today, my balances would still be protected by both SHA-256
AND ECDSA. If SHA-256 were completely broken today, my balances would still be protected by both RIPEMD-160
AND ECDSA. If ECDSA where completely broken today, my balances would still be protected by both SHA-256
AND RIPEMD-160.
The only way my balances would become vulnerable would be if ALL THREE of RIPEMD-160, SHA-256, and ECDSA were all COMPLETELY broken suddenly and unexpectedly within a very short amount of time.
Any one (or more) of those three algorithms can be swapped out for a newer algorithm in the future if the situation warrants it. So, if RIPEMD-160 were to be considered too weak, it could be replaced with a newer hash algorithm that the cryptography community considers more secure. As you mention, newer algorithms have not stood the test of time as long, but that's ok, because the balance would be protected by BOTH the newer replacement for RIPEMD-160 AND the older algorithms of SHA-256 and ECDSA. By the time one of the other algorithms (SHA-256 or ECDSA) becomes weak, the RIPEMD-160 would have been running for quite a while and would therefore have the test of time behind it.
If you are concerned about SHA or ECDSA, then you don't need to worry much about bitcoin, but you need to worry significantly about the security of everything else on the internet. Because almost everything else does not use this 3-layer system, a sudden complete break of just one algorithm would be devastating to the security of a huge potion of connected systems, while bitcoins would safely and smoothly replace the broken algorithm.