You can use your old refresh token again, as long as you have not made calls with the new access token.
So lets say you have Access Token and Refresh token AT1/RT1. At some point you call the refresh URL to get a new set of tokens:
curl https://www.box.com/api/oauth2/token \ -d 'grant_type=refresh_token&refresh_token={RT1}&client_id={your_client_id}&client_secret={your_client_secret}' \ -X POST
And then your network goes dark, and you never get the response. Box sent you back a new set of tokens AT2/RT2 like this:
{ "access_token": "AT2", "expires_in": 3696, "restricted_to": [], "token_type": "bearer", "refresh_token": "RT2" }
But you never got it. Boo :(... But never fear!
You can send the exact same request again, and Box's server will give you back EXACTLY the same response.
The same AT2/RT2
Then when you use AT2 (or RT2), RT1 becomes invalid.